From 48986a51ad8b89573d38fbf3eb129558b8a39fb3 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Thu, 14 Jul 2022 11:49:59 +0200 Subject: [PATCH 0001/2573] Modernize qlpacks and update to CodeQL 2.8.5 --- .codeqlmanifest.json | 2 +- .github/actions/action.yml | 25 ++++++ .../actions/install-codeql-packs/action.yml | 25 ++++++ .github/workflows/code-scanning-pack-gen.yml | 9 ++- .github/workflows/codeql_unit_tests.yml | 20 +++-- .../standard_library_upgrade_tests.yml | 2 +- .../verify-standard-library-dependencies.yml | 79 +++++++++++++++++++ .gitignore | 3 + c/.codeqlmanifest.json | 3 - c/cert/src/codeql-pack.lock.yml | 6 ++ c/cert/src/qlpack.yml | 6 +- c/cert/test/codeql-pack.lock.yml | 6 ++ c/cert/test/qlpack.yml | 7 +- c/common/src/codeql-pack.lock.yml | 6 ++ c/common/src/qlpack.yml | 6 +- c/common/test/codeql-pack.lock.yml | 6 ++ c/common/test/qlpack.yml | 5 +- c/misra/src/codeql-pack.lock.yml | 6 ++ c/misra/src/qlpack.yml | 6 +- c/misra/test/codeql-pack.lock.yml | 6 ++ c/misra/test/qlpack.yml | 7 +- cpp/.codeqlmanifest.json | 3 - cpp/autosar/src/codeql-pack.lock.yml | 6 ++ cpp/autosar/src/qlpack.yml | 6 +- cpp/autosar/test/codeql-pack.lock.yml | 6 ++ cpp/autosar/test/qlpack.yml | 5 +- cpp/cert/src/codeql-pack.lock.yml | 6 ++ cpp/cert/src/qlpack.yml | 6 +- cpp/cert/test/codeql-pack.lock.yml | 6 ++ cpp/cert/test/qlpack.yml | 5 +- cpp/common/src/codeql-pack.lock.yml | 6 ++ cpp/common/src/qlpack.yml | 5 +- cpp/common/test/codeql-pack.lock.yml | 6 ++ cpp/common/test/qlpack.yml | 5 +- cpp/misra/src/codeql-pack.lock.yml | 6 ++ cpp/misra/src/qlpack.yml | 6 +- cpp/misra/test/codeql-pack.lock.yml | 6 ++ cpp/misra/test/qlpack.yml | 5 +- cpp/report/src/codeql-pack.lock.yml | 6 ++ cpp/report/src/qlpack.yml | 5 +- docs/development_handbook.md | 64 ++++++++------- scripts/get_workspace_packs.py | 14 ++++ scripts/install-packs.py | 23 ++++++ scripts/verify-standard-library-version.py | 68 ++++++++++++++++ supported_codeql_configs.json | 6 +- 45 files changed, 435 insertions(+), 86 deletions(-) create mode 100644 .github/actions/action.yml create mode 100644 .github/actions/install-codeql-packs/action.yml create mode 100644 .github/workflows/verify-standard-library-dependencies.yml delete mode 100644 c/.codeqlmanifest.json create mode 100644 c/cert/src/codeql-pack.lock.yml create mode 100644 c/cert/test/codeql-pack.lock.yml create mode 100644 c/common/src/codeql-pack.lock.yml create mode 100644 c/common/test/codeql-pack.lock.yml create mode 100644 c/misra/src/codeql-pack.lock.yml create mode 100644 c/misra/test/codeql-pack.lock.yml delete mode 100644 cpp/.codeqlmanifest.json create mode 100644 cpp/autosar/src/codeql-pack.lock.yml create mode 100644 cpp/autosar/test/codeql-pack.lock.yml create mode 100644 cpp/cert/src/codeql-pack.lock.yml create mode 100644 cpp/cert/test/codeql-pack.lock.yml create mode 100644 cpp/common/src/codeql-pack.lock.yml create mode 100644 cpp/common/test/codeql-pack.lock.yml create mode 100644 cpp/misra/src/codeql-pack.lock.yml create mode 100644 cpp/misra/test/codeql-pack.lock.yml create mode 100644 cpp/report/src/codeql-pack.lock.yml create mode 100644 scripts/get_workspace_packs.py create mode 100644 scripts/install-packs.py create mode 100644 scripts/verify-standard-library-version.py diff --git a/.codeqlmanifest.json b/.codeqlmanifest.json index ac468d9838..d6277f5949 100644 --- a/.codeqlmanifest.json +++ b/.codeqlmanifest.json @@ -1 +1 @@ -{ "provide": [ "codeql_modules/*/.codeqlmanifest.json", "cpp/.codeqlmanifest.json", "c/.codeqlmanifest.json"] } +{ "provide": [ "cpp/*/src/qlpack.yml", "cpp/*/test/qlpack.yml", "c/*/src/qlpack.yml", "c/*/test/qlpack.yml" ] } diff --git a/.github/actions/action.yml b/.github/actions/action.yml new file mode 100644 index 0000000000..2e6d5f1a2e --- /dev/null +++ b/.github/actions/action.yml @@ -0,0 +1,25 @@ +name: Install CodeQL library pack dependencies +description: | + Downloads any necessary CodeQL library packs needed by packs in the repo. +inputs: + cli_path: + description: | + The path to the CodeQL CLI directory. + required: false + + mode: + description: | + The `--mode` option to `codeql pack install`. + required: true + default: verify + +runs: + using: composite + steps: + - name: Install CodeQL library packs + shell: bash + env: + CODEQL_CLI: ${{ inputs.cli_path }} + run: | + PATH=$PATH:$CODEQL_CLI + python scripts/install-packs.py --mode ${{ inputs.mode }} diff --git a/.github/actions/install-codeql-packs/action.yml b/.github/actions/install-codeql-packs/action.yml new file mode 100644 index 0000000000..2e6d5f1a2e --- /dev/null +++ b/.github/actions/install-codeql-packs/action.yml @@ -0,0 +1,25 @@ +name: Install CodeQL library pack dependencies +description: | + Downloads any necessary CodeQL library packs needed by packs in the repo. +inputs: + cli_path: + description: | + The path to the CodeQL CLI directory. + required: false + + mode: + description: | + The `--mode` option to `codeql pack install`. + required: true + default: verify + +runs: + using: composite + steps: + - name: Install CodeQL library packs + shell: bash + env: + CODEQL_CLI: ${{ inputs.cli_path }} + run: | + PATH=$PATH:$CODEQL_CLI + python scripts/install-packs.py --mode ${{ inputs.mode }} diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index 0814e059e8..7ffa250669 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -59,6 +59,11 @@ jobs: codeql-home: ${{ github.workspace }}/codeql_home add-to-path: false + - name: Install CodeQL packs + uses: ./.github/actions/install-codeql-packs + with: + cli_path: ${{ github.workspace }}/codeql_home/codeql + - name: Checkout external help files continue-on-error: true id: checkout-external-help-files @@ -82,8 +87,8 @@ jobs: run: | PATH=$PATH:$CODEQL_HOME/codeql - codeql query compile --search-path cpp --threads 0 cpp - codeql query compile --search-path c --search-path cpp --threads 0 c + codeql query compile --threads 0 cpp + codeql query compile --threads 0 c cd .. zip -r codeql-coding-standards/code-scanning-cpp-query-pack.zip codeql-coding-standards/c/ codeql-coding-standards/cpp/ codeql-coding-standards/.codeqlmanifest.json codeql-coding-standards/supported_codeql_configs.json codeql-coding-standards/scripts/deviations codeql-coding-standards/scripts/reports diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index 1a2374d19d..8fad3c3292 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -66,11 +66,16 @@ jobs: codeql-home: ${{ github.workspace }}/codeql_home add-to-path: false + - name: Install CodeQL packs + uses: ./.github/actions/install-codeql-packs + with: + cli_path: ${{ github.workspace }}/codeql_home/codeql + - name: Pre-Compile Queries id: pre-compile-queries run: | - ${{ github.workspace }}/codeql_home/codeql/codeql query compile --search-path cpp --threads 0 cpp - ${{ github.workspace }}/codeql_home/codeql/codeql query compile --search-path c --search-path cpp --threads 0 c + ${{ github.workspace }}/codeql_home/codeql/codeql query compile --threads 0 cpp + ${{ github.workspace }}/codeql_home/codeql/codeql query compile --threads 0 c - name: Run test suites @@ -122,18 +127,11 @@ jobs: os.makedirs(os.path.dirname(test_report_path), exist_ok=True) test_report_file = open(test_report_path, 'w') files_to_close.append(test_report_file) - if "${{ matrix.language }}".casefold() == "c".casefold(): - # c tests require cpp -- but we don't want c things on the cpp - # path in case of design errors. - cpp_language_root = Path(workspace, 'cpp') - procs.append(subprocess.Popen([codeql_bin, "test", "run", "--failing-exitcode=122", f"--slice={slice}/{num_slices}", "--ram=2048", "--format=json", f'--search-path={cpp_language_root}', f'--search-path={language_root}', *test_roots], stdout=test_report_file, stderr=subprocess.PIPE)) - else: - procs.append(subprocess.Popen([codeql_bin, "test", "run", "--failing-exitcode=122", f"--slice={slice}/{num_slices}", "--ram=2048", "--format=json", f'--search-path={language_root}', f'--search-path={language_root}', *test_roots], stdout=test_report_file, stderr=subprocess.PIPE)) + procs.append(subprocess.Popen([codeql_bin, "test", "run", "--failing-exitcode=122", f"--slice={slice}/{num_slices}", "--ram=2048", "--format=json", *test_roots], stdout=test_report_file, stderr=subprocess.PIPE)) for p in procs: - p.wait() + _, err = p.communicate() if p.returncode != 0: - _, err = p.communicate() if p.returncode == 122: # Failed because a test case failed, so just print the regular output. # This will allow us to proceed to validate-test-results, which will fail if diff --git a/.github/workflows/standard_library_upgrade_tests.yml b/.github/workflows/standard_library_upgrade_tests.yml index 0a4e58dbd3..4f7c2de75c 100644 --- a/.github/workflows/standard_library_upgrade_tests.yml +++ b/.github/workflows/standard_library_upgrade_tests.yml @@ -116,7 +116,7 @@ jobs: stdlib_path = os.path.join(codeql_home, 'codeql-stdlib') cpp_test_root = Path(stdlib_path, 'cpp/ql/test') print(f"Executing tests found (recursively) in the directory '{cpp_test_root}'") - cp = subprocess.run([codeql_bin, "test", "run", "--format=json", f'--search-path={stdlib_path}', cpp_test_root], stdout=test_report_file, stderr=subprocess.PIPE) + cp = subprocess.run([codeql_bin, "test", "run", "--format=json", cpp_test_root], stdout=test_report_file, stderr=subprocess.PIPE) if cp.returncode != 0: print_error_and_fail(f"Failed to run tests with return code {cp.returncode} and error {cp.stderr}") diff --git a/.github/workflows/verify-standard-library-dependencies.yml b/.github/workflows/verify-standard-library-dependencies.yml new file mode 100644 index 0000000000..1be00ef43e --- /dev/null +++ b/.github/workflows/verify-standard-library-dependencies.yml @@ -0,0 +1,79 @@ +name: Verify Standard Library Dependencies + +# Run this workflow every time the "supported_codeql_configs.json" file or a "qlpack.yml" file is changed +on: + pull_request: + branches: + - main + - "rc/**" + - next + paths: + - "supported_codeql_configs.json" + - "qlpack.yml" + workflow_dispatch: + +jobs: + prepare-matrix: + name: Prepare CodeQL configuration matrix + runs-on: ubuntu-latest + outputs: + matrix: ${{ steps.export-matrix.outputs.matrix }} + steps: + - name: Checkout repository + uses: actions/checkout@v2 + + - name: Export unit test matrix + id: export-matrix + run: | + echo "::set-output name=matrix::$( + jq --compact-output \ + '.supported_environment | map([.+{os: "ubuntu-20.04-xl", codeql_standard_library_ident : .codeql_standard_library | sub("\/"; "_")}]) | flatten | {include: .}' \ + supported_codeql_configs.json + )" + + verify-dependencies: + name: Verify dependencies + needs: prepare-matrix + + runs-on: ${{ matrix.os }} + strategy: + fail-fast: false + matrix: ${{fromJSON(needs.prepare-matrix.outputs.matrix)}} + + steps: + - name: Checkout repository + uses: actions/checkout@v2 + + - name: Setup Python 3 + uses: actions/setup-python@v2 + with: + python-version: "3.x" + + - name: Cache CodeQL + id: cache-codeql + uses: actions/cache@v2.1.3 + with: + # A list of files, directories, and wildcard patterns to cache and restore + path: ${{github.workspace}}/codeql_home + # An explicit key for restoring and saving the cache + key: codeql-home-${{matrix.os}}-${{matrix.codeql_cli}}-${{matrix.codeql_standard_library}} + + - name: Install CodeQL + if: steps.cache-codeql.outputs.cache-hit != 'true' + uses: ./.github/actions/install-codeql + with: + codeql-cli-version: ${{matrix.codeql_cli}} + codeql-stdlib-version: ${{matrix.codeql_standard_library}} + codeql-home: ${{ github.workspace }}/codeql_home + + - name: Verify dependencies + shell: bash + env: + CLI_PATH: ${{ github.workspace }}/codeql_home/codeql + STDLIB_PATH: ${{ github.workspace }}/codeql_home/codeql-stdlib + run: | + PATH=$PATH:$CLI_PATH + ls $STDLIB_PATH + pip install -r scripts/requirements.txt + python3 scripts/verify-standard-library-version.py --codeql-repo $STDLIB_PATH --mode verify + diff --git a/.gitignore b/.gitignore index 5466e33c8f..360134b51c 100644 --- a/.gitignore +++ b/.gitignore @@ -20,3 +20,6 @@ # C/C++ build artifacts *.o /databases/ + +# CodeQL build artifacts +**/.codeql/** diff --git a/c/.codeqlmanifest.json b/c/.codeqlmanifest.json deleted file mode 100644 index 384848fdd1..0000000000 --- a/c/.codeqlmanifest.json +++ /dev/null @@ -1,3 +0,0 @@ -{ "provide": [ - "*/src/qlpack.yml", - "*/test/qlpack.yml" ] } diff --git a/c/cert/src/codeql-pack.lock.yml b/c/cert/src/codeql-pack.lock.yml new file mode 100644 index 0000000000..421c52af64 --- /dev/null +++ b/c/cert/src/codeql-pack.lock.yml @@ -0,0 +1,6 @@ +--- +dependencies: + codeql/cpp-all: + version: 0.0.13 +compiled: false +lockVersion: 1.0.0 diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index 910d4d2636..e27e23f122 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,4 +1,6 @@ -name: cert-c-coding-standards +name: codeql/cert-c-coding-standards version: 2.6.0-dev suites: codeql-suites -libraryPathDependencies: common-c-coding-standards \ No newline at end of file +dependencies: + codeql/common-c-coding-standards: '*' + codeql/cpp-all: 0.0.13 diff --git a/c/cert/test/codeql-pack.lock.yml b/c/cert/test/codeql-pack.lock.yml new file mode 100644 index 0000000000..421c52af64 --- /dev/null +++ b/c/cert/test/codeql-pack.lock.yml @@ -0,0 +1,6 @@ +--- +dependencies: + codeql/cpp-all: + version: 0.0.13 +compiled: false +lockVersion: 1.0.0 diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index f07c68d211..891bf564fb 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,4 +1,5 @@ -name: cert-c-coding-standards-tests +name: codeql/cert-c-coding-standards-tests version: 2.6.0-dev -libraryPathDependencies: cert-c-coding-standards -extractor: cpp \ No newline at end of file +extractor: cpp +dependencies: + codeql/cert-c-coding-standards: '*' diff --git a/c/common/src/codeql-pack.lock.yml b/c/common/src/codeql-pack.lock.yml new file mode 100644 index 0000000000..421c52af64 --- /dev/null +++ b/c/common/src/codeql-pack.lock.yml @@ -0,0 +1,6 @@ +--- +dependencies: + codeql/cpp-all: + version: 0.0.13 +compiled: false +lockVersion: 1.0.0 diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index c875247efe..ae2d642c8b 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,3 +1,5 @@ -name: common-c-coding-standards +name: codeql/common-c-coding-standards version: 2.6.0-dev -libraryPathDependencies: common-cpp-coding-standards +dependencies: + codeql/common-cpp-coding-standards: '*' + codeql/cpp-all: 0.0.13 diff --git a/c/common/test/codeql-pack.lock.yml b/c/common/test/codeql-pack.lock.yml new file mode 100644 index 0000000000..421c52af64 --- /dev/null +++ b/c/common/test/codeql-pack.lock.yml @@ -0,0 +1,6 @@ +--- +dependencies: + codeql/cpp-all: + version: 0.0.13 +compiled: false +lockVersion: 1.0.0 diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index 8dac78eb7c..aeedcccf24 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,4 +1,5 @@ -name: common-c-coding-standards-tests +name: codeql/common-c-coding-standards-tests version: 2.6.0-dev -libraryPathDependencies: common-c-coding-standards extractor: cpp +dependencies: + codeql/common-c-coding-standards: '*' diff --git a/c/misra/src/codeql-pack.lock.yml b/c/misra/src/codeql-pack.lock.yml new file mode 100644 index 0000000000..421c52af64 --- /dev/null +++ b/c/misra/src/codeql-pack.lock.yml @@ -0,0 +1,6 @@ +--- +dependencies: + codeql/cpp-all: + version: 0.0.13 +compiled: false +lockVersion: 1.0.0 diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 58fcca96e0..138a5a1266 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,4 +1,6 @@ -name: misra-c-coding-standards +name: codeql/misra-c-coding-standards version: 2.6.0-dev suites: codeql-suites -libraryPathDependencies: common-c-coding-standards +dependencies: + codeql/common-c-coding-standards: '*' + codeql/cpp-all: 0.0.13 diff --git a/c/misra/test/codeql-pack.lock.yml b/c/misra/test/codeql-pack.lock.yml new file mode 100644 index 0000000000..421c52af64 --- /dev/null +++ b/c/misra/test/codeql-pack.lock.yml @@ -0,0 +1,6 @@ +--- +dependencies: + codeql/cpp-all: + version: 0.0.13 +compiled: false +lockVersion: 1.0.0 diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index e278dfbe3d..d4254d97aa 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,4 +1,5 @@ -name: misra-c-coding-standards-tests +name: codeql/misra-c-coding-standards-tests version: 2.6.0-dev -libraryPathDependencies: misra-c-coding-standards -extractor: cpp \ No newline at end of file +extractor: cpp +dependencies: + codeql/misra-c-coding-standards: '*' diff --git a/cpp/.codeqlmanifest.json b/cpp/.codeqlmanifest.json deleted file mode 100644 index 384848fdd1..0000000000 --- a/cpp/.codeqlmanifest.json +++ /dev/null @@ -1,3 +0,0 @@ -{ "provide": [ - "*/src/qlpack.yml", - "*/test/qlpack.yml" ] } diff --git a/cpp/autosar/src/codeql-pack.lock.yml b/cpp/autosar/src/codeql-pack.lock.yml new file mode 100644 index 0000000000..421c52af64 --- /dev/null +++ b/cpp/autosar/src/codeql-pack.lock.yml @@ -0,0 +1,6 @@ +--- +dependencies: + codeql/cpp-all: + version: 0.0.13 +compiled: false +lockVersion: 1.0.0 diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index 9f3aa642fd..df34ff31c7 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,4 +1,6 @@ -name: autosar-cpp-coding-standards +name: codeql/autosar-cpp-coding-standards version: 2.6.0-dev suites: codeql-suites -libraryPathDependencies: common-cpp-coding-standards +dependencies: + codeql/common-cpp-coding-standards: '*' + codeql/cpp-all: 0.0.13 diff --git a/cpp/autosar/test/codeql-pack.lock.yml b/cpp/autosar/test/codeql-pack.lock.yml new file mode 100644 index 0000000000..421c52af64 --- /dev/null +++ b/cpp/autosar/test/codeql-pack.lock.yml @@ -0,0 +1,6 @@ +--- +dependencies: + codeql/cpp-all: + version: 0.0.13 +compiled: false +lockVersion: 1.0.0 diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index f7bb481f68..a53e0f71d1 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,4 +1,5 @@ -name: autosar-cpp-coding-standards-tests +name: codeql/autosar-cpp-coding-standards-tests version: 2.6.0-dev -libraryPathDependencies: autosar-cpp-coding-standards extractor: cpp +dependencies: + codeql/autosar-cpp-coding-standards: '*' diff --git a/cpp/cert/src/codeql-pack.lock.yml b/cpp/cert/src/codeql-pack.lock.yml new file mode 100644 index 0000000000..421c52af64 --- /dev/null +++ b/cpp/cert/src/codeql-pack.lock.yml @@ -0,0 +1,6 @@ +--- +dependencies: + codeql/cpp-all: + version: 0.0.13 +compiled: false +lockVersion: 1.0.0 diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index 18c0e900f7..f82426779a 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,4 +1,6 @@ -name: cert-cpp-coding-standards +name: codeql/cert-cpp-coding-standards version: 2.6.0-dev suites: codeql-suites -libraryPathDependencies: common-cpp-coding-standards +dependencies: + codeql/cpp-all: 0.0.13 + codeql/common-cpp-coding-standards: '*' diff --git a/cpp/cert/test/codeql-pack.lock.yml b/cpp/cert/test/codeql-pack.lock.yml new file mode 100644 index 0000000000..421c52af64 --- /dev/null +++ b/cpp/cert/test/codeql-pack.lock.yml @@ -0,0 +1,6 @@ +--- +dependencies: + codeql/cpp-all: + version: 0.0.13 +compiled: false +lockVersion: 1.0.0 diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index a0b62f9443..914625ea77 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,4 +1,5 @@ -name: cert-cpp-coding-standards-tests +name: codeql/cert-cpp-coding-standards-tests version: 2.6.0-dev -libraryPathDependencies: cert-cpp-coding-standards extractor: cpp +dependencies: + codeql/cert-cpp-coding-standards: '*' diff --git a/cpp/common/src/codeql-pack.lock.yml b/cpp/common/src/codeql-pack.lock.yml new file mode 100644 index 0000000000..421c52af64 --- /dev/null +++ b/cpp/common/src/codeql-pack.lock.yml @@ -0,0 +1,6 @@ +--- +dependencies: + codeql/cpp-all: + version: 0.0.13 +compiled: false +lockVersion: 1.0.0 diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index 79c9793311..d7c8d47f37 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,3 +1,4 @@ -name: common-cpp-coding-standards +name: codeql/common-cpp-coding-standards version: 2.6.0-dev -libraryPathDependencies: codeql-cpp +dependencies: + codeql/cpp-all: 0.0.13 diff --git a/cpp/common/test/codeql-pack.lock.yml b/cpp/common/test/codeql-pack.lock.yml new file mode 100644 index 0000000000..421c52af64 --- /dev/null +++ b/cpp/common/test/codeql-pack.lock.yml @@ -0,0 +1,6 @@ +--- +dependencies: + codeql/cpp-all: + version: 0.0.13 +compiled: false +lockVersion: 1.0.0 diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index a2d68ecf7d..63d98d3368 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,4 +1,5 @@ -name: common-cpp-coding-standards-tests +name: codeql/common-cpp-coding-standards-tests version: 2.6.0-dev -libraryPathDependencies: common-cpp-coding-standards extractor: cpp +dependencies: + codeql/common-cpp-coding-standards: '*' diff --git a/cpp/misra/src/codeql-pack.lock.yml b/cpp/misra/src/codeql-pack.lock.yml new file mode 100644 index 0000000000..421c52af64 --- /dev/null +++ b/cpp/misra/src/codeql-pack.lock.yml @@ -0,0 +1,6 @@ +--- +dependencies: + codeql/cpp-all: + version: 0.0.13 +compiled: false +lockVersion: 1.0.0 diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index a7230efd5d..c0f9bdbc6c 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,3 +1,5 @@ -name: misra-cpp-coding-standards +name: codeql/misra-cpp-coding-standards version: 2.6.0-dev -libraryPathDependencies: common-cpp-coding-standards +dependencies: + codeql/common-cpp-coding-standards: '*' + codeql/cpp-all: 0.0.13 diff --git a/cpp/misra/test/codeql-pack.lock.yml b/cpp/misra/test/codeql-pack.lock.yml new file mode 100644 index 0000000000..421c52af64 --- /dev/null +++ b/cpp/misra/test/codeql-pack.lock.yml @@ -0,0 +1,6 @@ +--- +dependencies: + codeql/cpp-all: + version: 0.0.13 +compiled: false +lockVersion: 1.0.0 diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index 7dd2b62644..dcbc132c3a 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,4 +1,5 @@ -name: misra-cpp-coding-standards-tests +name: codeql/misra-cpp-coding-standards-tests version: 2.6.0-dev -libraryPathDependencies: misra-cpp-coding-standards extractor: cpp +dependencies: + codeql/misra-cpp-coding-standards: '*' \ No newline at end of file diff --git a/cpp/report/src/codeql-pack.lock.yml b/cpp/report/src/codeql-pack.lock.yml new file mode 100644 index 0000000000..421c52af64 --- /dev/null +++ b/cpp/report/src/codeql-pack.lock.yml @@ -0,0 +1,6 @@ +--- +dependencies: + codeql/cpp-all: + version: 0.0.13 +compiled: false +lockVersion: 1.0.0 diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index 5300e54ee4..0781656b00 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,3 +1,4 @@ -name: report-cpp-coding-standards +name: codeql/report-cpp-coding-standards version: 2.6.0-dev -libraryPathDependencies: codeql-cpp +dependencies: + codeql/cpp-all: 0.0.13 diff --git a/docs/development_handbook.md b/docs/development_handbook.md index d00e9f3d2a..00e8bdf113 100644 --- a/docs/development_handbook.md +++ b/docs/development_handbook.md @@ -4,32 +4,33 @@ **Document ID:** codeql-coding-standards/developer-handbook -| Version | Date | Author | Changes | -| ------- | ---------- | --------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| 0.1.0 | 2021-02-02 | Luke Cartey | Initial version. | -| 0.2.0 | 2021-02-19 | Luke Cartey | Add section on Python environment preparation. | -| 0.3.0 | 2021-04-13 | Michael Hohn | Add cookbook section documenting common procedures. | -| 0.4.0 | 2021-04-13 | Mario Campos | Add submodule out of date tip to the cookbook section. | -| 0.5.0 | 2021-04-30 | Luke Cartey | Add query style guide. | -| 0.6.0 | 2021-05-05 | John Singleton | Add task automation files. | -| 0.7.0 | 2021-05-10 | Luke Cartey | Explain non-constant alert messages. | -| 0.8.0 | 2021-05-27 | Luke Cartey | Clarify the `short_name` property. | -| 0.9.0 | 2021-09-06 | Luke Cartey | | -| 0.10.0 | 2021-09-08 | Luke Cartey | Update tool qualification section. | -| 0.11.0 | 2021-09-10 | Luke Cartey | Add reporting and deviations to scope of work. | -| 0.12.0 | 2021-09-18 | Luke Cartey | | -| 0.13.0 | 2021-09-22 | Remco Vermeulen | Document rule package schema. | -| 0.14.0 | 2021-10-11 | Luke Cartey | Document how to update dependencies. | -| 0.15.0 | 2021-10-26 | John Singleton | Document false positive triage process. | -| 0.16.0 | 2021-11-29 | Remco Vermeulen | Add document management section. | -| 0.17.0 | 2021-11-29 | Remco Vermeulen | | -| 0.18.0 | 2022-02-16 | Remco Vermeulen | Address mistake in point 2 in section *Splitting a rule into multiple queries*. | -| 0.19.0 | 2022-06-15 | Remco Vermeulen | Replace references and steps related to Markdown help files. | -| 0.20.0 | 2022-07-05 | Remco Vermeulen | Expand scope of work to include CERT-C and MISRA C. | -| 0.21.0 | 2022-07-05 | Remco Vermeulen | Update architecture section to include the supported languages C90, C99, and C11. | -| 0.22.0 | 2022-07-05 | Remco Vermeulen | Update section `Generation of query templates from rule specifications` to include external help files. | -| 0.23.0 | 2022-07-05 | Remco Vermeulen | Update text to consider both the C++ and the C standards. | -| 0.24.0 | 2022-07-05 | Remco Vermeulen | Update release process to include steps for external help files. | +| Version | Date | Author | Changes | +| ------- | ---------- | ---------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| 0.1.0 | 2021-02-02 | Luke Cartey | Initial version. | +| 0.2.0 | 2021-02-19 | Luke Cartey | Add section on Python environment preparation. | +| 0.3.0 | 2021-04-13 | Michael Hohn | Add cookbook section documenting common procedures. | +| 0.4.0 | 2021-04-13 | Mario Campos | Add submodule out of date tip to the cookbook section. | +| 0.5.0 | 2021-04-30 | Luke Cartey | Add query style guide. | +| 0.6.0 | 2021-05-05 | John Singleton | Add task automation files. | +| 0.7.0 | 2021-05-10 | Luke Cartey | Explain non-constant alert messages. | +| 0.8.0 | 2021-05-27 | Luke Cartey | Clarify the `short_name` property. | +| 0.9.0 | 2021-09-06 | Luke Cartey | | +| 0.10.0 | 2021-09-08 | Luke Cartey | Update tool qualification section. | +| 0.11.0 | 2021-09-10 | Luke Cartey | Add reporting and deviations to scope of work. | +| 0.12.0 | 2021-09-18 | Luke Cartey | | +| 0.13.0 | 2021-09-22 | Remco Vermeulen | Document rule package schema. | +| 0.14.0 | 2021-10-11 | Luke Cartey | Document how to update dependencies. | +| 0.15.0 | 2021-10-26 | John Singleton | Document false positive triage process. | +| 0.16.0 | 2021-11-29 | Remco Vermeulen | Add document management section. | +| 0.17.0 | 2021-11-29 | Remco Vermeulen | | +| 0.18.0 | 2022-02-16 | Remco Vermeulen | Address mistake in point 2 in section *Splitting a rule into multiple queries*. | +| 0.19.0 | 2022-06-15 | Remco Vermeulen | Replace references and steps related to Markdown help files. | +| 0.20.0 | 2022-07-05 | Remco Vermeulen | Expand scope of work to include CERT-C and MISRA C. | +| 0.21.0 | 2022-07-05 | Remco Vermeulen | Update architecture section to include the supported languages C90, C99, and C11. | +| 0.22.0 | 2022-07-05 | Remco Vermeulen | Update section `Generation of query templates from rule specifications` to include external help files. | +| 0.23.0 | 2022-07-05 | Remco Vermeulen | Update text to consider both the C++ and the C standards. | +| 0.24.0 | 2022-07-05 | Remco Vermeulen | Update release process to include steps for external help files. | +| 0.25.0 | 2022-07-14 | David Bartolomeo | Add section on installing QL dependencies and update CLI commands to account for the migration to CodeQL packs. | ## Scope of work @@ -329,6 +330,11 @@ A query **must** include: - Do not try to explain the solution in the message; instead that should be provided in the help for the query. All public predicates, classes, modules and files should be documented with QLDoc. All QLDoc should follow the [QLDoc style guide](https://github.com/github/codeql/blob/main/docs/qldoc-style-guide.md). +### Installing QL dependencies + +All of our query and library packs depend on the standard CodeQL library for C++, `codeql/cpp-all`. This dependency is specified in the `qlpack.yml` file for each of our packs. Before compiling, running, or testing any of our queries or libraries, you must download the proper dependencies by running `python3 scripts/install-packs.py`. This will download the appropriate version of the standard library from the public package registry, installing it in a cache in your `~/.codeql` directory. When compiling queries or running tests, the QL compiler will pick up the appropriate dependencies from this cache without any need to specify an additional library search path on the command line. + +Because the downloaded packs are cached, it is only necessary to run `install-packs.py` once each time we upgrade to a new standard library version. It does not hurt to run it more often; if all necessary packs are already in the download cache, then it will complete quickly without trying to download anything. ### Unit testing @@ -343,11 +349,10 @@ During query development in VS Code, the unit tests can be run using the [testin Unit tests can also be run on the command line using the CodeQL CLI. With an appropriate CodeQL CLI (as specified in the `supported_codeql_configs.json` at the root of the repository), you can run the following from the root of the repository: ``` -codeql test run --show-extractor-output --search-path . path/to/test/directory +codeql test run --show-extractor-output path/to/test/directory ``` * `--show-extractor-output` - this shows the output from the extractor. It is most useful when the test fails because the file is not valid C++, where the extractor output will include the compilation failure. This is not shown in VS Code. -* `--search-path .` - this allows the CodeQL CLI to discover all the QL packs within our repository. * `path/to/test/directory` - this can be a qlref file (like `cpp/autosar/test/rules/A15-2-2/`), a rule directory (`cpp/autosar/test/rules/A15-2-2/`) or a test qlpack (`cpp/autosar/test/`). For more details on running unit tests with the CodeQL CLI see the [Testing custom queries](https://codeql.github.com/docs/codeql-cli/testing-custom-queries/) help topic. @@ -662,7 +667,6 @@ ls cpp/cert/src/$(cat cpp/cert/test/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDecl # Run a test. See # https://github.com/github/codeql-coding-standards/blob/main/development_handbook.md#unit-testing codeql test run --show-extractor-output \ - --search-path . \ cpp/cert/test/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclTypeOperand.qlref # Get a db error? Applying the recommended fix @@ -680,7 +684,7 @@ codeql test run --show-extractor-output \ # If the expected output is not yet present, it is printed as a diff: mv cpp/cert/test/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclTypeOperand.expected foo -codeql test run --show-extractor-output --search-path . \ +codeql test run --show-extractor-output \ cpp/cert/test/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclTypeOperand.qlref # The actual output can be accepted via codeql test accept (which moves some files): diff --git a/scripts/get_workspace_packs.py b/scripts/get_workspace_packs.py new file mode 100644 index 0000000000..fc9054c641 --- /dev/null +++ b/scripts/get_workspace_packs.py @@ -0,0 +1,14 @@ +import glob +import json +import os + +def get_workspace_packs(root): + # Find the packs by globbing using the 'provide' patterns in the manifest. + os.chdir(root) + with open('.codeqlmanifest.json') as manifest_file: + manifest = json.load(manifest_file) + packs = [] + for pattern in manifest['provide']: + packs.extend(glob.glob(pattern, recursive=True)) + + return packs diff --git a/scripts/install-packs.py b/scripts/install-packs.py new file mode 100644 index 0000000000..a0286e2228 --- /dev/null +++ b/scripts/install-packs.py @@ -0,0 +1,23 @@ +import argparse +import os +import subprocess +import get_workspace_packs + +parser = argparse.ArgumentParser(description="Install CodeQL library pack dependencies.") +parser.add_argument('--mode', required=False, choices=['use-lock', 'update', 'verify', 'no-lock'], default="use-lock", help="Installation mode, identical to the `--mode` argument to `codeql pack install`") +parser.add_argument('--codeql', required=False, default='codeql', help="Path to the `codeql` executable.") +args = parser.parse_args() + +# Find the root of the repo +root = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) + +packs = get_workspace_packs.get_workspace_packs(root) + +# Find the CodeQL packs in the repo. This can also return packs outside of the repo, if those packs +# are installed in a sibling directory to the CLI. +for pack in packs: + pack_path = os.path.join(root, pack) + # Run `codeql pack install` to install dependencies. + command = [args.codeql, 'pack', 'install', '--mode', args.mode, pack_path] + print(f'Running `{" ".join(command)}`') + subprocess.check_call(command) diff --git a/scripts/verify-standard-library-version.py b/scripts/verify-standard-library-version.py new file mode 100644 index 0000000000..0b46068e1d --- /dev/null +++ b/scripts/verify-standard-library-version.py @@ -0,0 +1,68 @@ +import argparse +import json +import os +import subprocess +import yaml +import get_workspace_packs + +def get_codeql_packs(codeql_repo, codeql): + command = [codeql, 'resolve', 'qlpacks', '--additional-packs', codeql_repo, '--format', 'json'] + print(f'Running `{" ".join(command)}`') + packs_json = subprocess.check_output(command) + print(packs_json) + packs = json.loads(packs_json) + return packs + +parser = argparse.ArgumentParser(description='Ensure that CodeQL library pack dependency versions match the supported configuration.') +parser.add_argument('--codeql-repo', required=True, help='Path to checkout of `github/codeql` repo at desired branch.') +parser.add_argument('--mode', required=False, choices=['verify', 'update'], default='verify', help="`verify` to fail on mismatch; `update` to change `qlpack.lock.yml` files to use new version.") +parser.add_argument('--codeql', required=False, default='codeql', help='Path to the `codeql` executable.') +args = parser.parse_args() + +# Find the root of the repo +root = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) + +# Get the packs for the repo's workspace. +workspace_packs = get_workspace_packs.get_workspace_packs(root) + +# Get the packs from the `codeql` repo checkout. +codeql_packs = get_codeql_packs(args.codeql_repo, args.codeql) + +failed = False +for pack in workspace_packs: + pack_path = os.path.join(root, pack) + + print(f"Scanning dependencies of '{pack_path}'...") + + # Read our pack's configuration file. + with open(pack_path) as pack_file: + pack_yaml = yaml.safe_load(pack_file) + + updated = False + if 'dependencies' in pack_yaml: + dependencies = pack_yaml['dependencies'] + for ref_name in dependencies: + ref_version = dependencies[ref_name] + if ref_name in codeql_packs: + # Found this reference in the `codeql` repo. The version of the reference should match + # the version of that pack in the `codeql` repo. + lib_path = codeql_packs[ref_name][0] + lib_path = os.path.join(lib_path, 'qlpack.yml') + with open(lib_path) as lib_file: + lib_yaml = yaml.safe_load(lib_file) + lib_version = lib_yaml['version'] + if ref_version != lib_version: + print(f"Mismatched versions for '{ref_name}', referenced from '{pack_path}'. " + + f"referenced version is '{ref_version}', but should be '{lib_version}'.") + if args.mode == 'verify': + failed = True # Report an error at the end. + else: + pack_yaml['dependencies'][ref_name] = lib_version + updated = True # Update our pack in-place. + + if updated: + print(f"Updating '{pack_path}'...") + with open(pack_path, 'w', newline='\n') as pack_file: # Always use LF even on Windows + yaml.safe_dump(pack_yaml, pack_file, sort_keys=False) + +exit(1 if failed else 0) diff --git a/supported_codeql_configs.json b/supported_codeql_configs.json index a0ad42a349..bba3112bae 100644 --- a/supported_codeql_configs.json +++ b/supported_codeql_configs.json @@ -1,9 +1,9 @@ { "supported_environment": [ { - "codeql_cli": "2.7.6", - "codeql_standard_library": "codeql-cli/v2.7.6", - "codeql_cli_bundle": "codeql-bundle-20220120" + "codeql_cli": "2.8.5", + "codeql_standard_library": "codeql-cli/v2.8.5", + "codeql_cli_bundle": "codeql-bundle-20220401" } ], "supported_language" : [ From d514cfbca0a0565538adc440602ea3be7ca11476 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Thu, 14 Jul 2022 13:13:14 +0200 Subject: [PATCH 0002/2573] Update test expectations for new flow paths --- ...OwnedPointerValueStoredInUnrelatedSmartPointer.expected | 7 ------- 1 file changed, 7 deletions(-) diff --git a/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.expected b/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.expected index e291147d15..a4f85ecb72 100644 --- a/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.expected +++ b/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.expected @@ -11,21 +11,14 @@ edges | test.cpp:3:14:3:15 | v1 | test.cpp:6:31:6:33 | call to get | | test.cpp:3:14:3:15 | v1 | test.cpp:7:28:7:29 | v2 | | test.cpp:4:13:4:14 | v1 | test.cpp:7:28:7:29 | v2 | -| test.cpp:5:27:5:28 | v1 | ../../includes/standard-library/memory.h:76:17:76:19 | ptr | | test.cpp:5:27:5:29 | call to shared_ptr | test.cpp:6:31:6:33 | call to get | -| test.cpp:6:31:6:33 | call to get | ../../includes/standard-library/memory.h:76:17:76:19 | ptr | -| test.cpp:6:31:6:33 | call to get | ../../includes/standard-library/memory.h:76:17:76:19 | ptr | -| test.cpp:7:28:7:29 | v2 | ../../includes/standard-library/memory.h:76:17:76:19 | ptr | -| test.cpp:7:28:7:29 | v2 | ../../includes/standard-library/memory.h:76:17:76:19 | ptr | | test.cpp:8:8:8:14 | 0 | test.cpp:9:28:9:29 | v2 | -| test.cpp:9:28:9:29 | v2 | ../../includes/standard-library/memory.h:76:17:76:19 | ptr | | test.cpp:10:8:10:17 | new | test.cpp:11:28:11:29 | v2 | | test.cpp:10:8:10:17 | new | test.cpp:11:28:11:29 | v2 | | test.cpp:10:8:10:17 | new | test.cpp:12:28:12:29 | v2 | | test.cpp:11:28:11:29 | ref arg v2 | test.cpp:12:28:12:29 | v2 | | test.cpp:11:28:11:29 | v2 | ../../includes/standard-library/memory.h:76:17:76:19 | ptr | | test.cpp:11:28:11:29 | v2 | test.cpp:11:28:11:29 | ref arg v2 | -| test.cpp:12:28:12:29 | v2 | ../../includes/standard-library/memory.h:76:17:76:19 | ptr | | test.cpp:16:13:16:22 | new | test.cpp:17:27:17:28 | v1 | | test.cpp:16:13:16:22 | new | test.cpp:17:27:17:28 | v1 | | test.cpp:16:13:16:22 | new | test.cpp:19:6:19:7 | v1 | From cb8814993e92222b6b8b1187ff19987960490909 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Thu, 14 Jul 2022 20:35:21 +0200 Subject: [PATCH 0003/2573] Add missing whitespace in development handbook --- docs/development_handbook.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/development_handbook.md b/docs/development_handbook.md index 00e8bdf113..f6bc93307c 100644 --- a/docs/development_handbook.md +++ b/docs/development_handbook.md @@ -330,6 +330,7 @@ A query **must** include: - Do not try to explain the solution in the message; instead that should be provided in the help for the query. All public predicates, classes, modules and files should be documented with QLDoc. All QLDoc should follow the [QLDoc style guide](https://github.com/github/codeql/blob/main/docs/qldoc-style-guide.md). + ### Installing QL dependencies All of our query and library packs depend on the standard CodeQL library for C++, `codeql/cpp-all`. This dependency is specified in the `qlpack.yml` file for each of our packs. Before compiling, running, or testing any of our queries or libraries, you must download the proper dependencies by running `python3 scripts/install-packs.py`. This will download the appropriate version of the standard library from the public package registry, installing it in a cache in your `~/.codeql` directory. When compiling queries or running tests, the QL compiler will pick up the appropriate dependencies from this cache without any need to specify an additional library search path on the command line. From 2401e86a39015160f24332135c860eb5d30f2072 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Thu, 14 Jul 2022 20:35:49 +0200 Subject: [PATCH 0004/2573] Bump codeql submodule --- codeql_modules/codeql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/codeql_modules/codeql b/codeql_modules/codeql index a1cdf256ad..4551af90f6 160000 --- a/codeql_modules/codeql +++ b/codeql_modules/codeql @@ -1 +1 @@ -Subproject commit a1cdf256ad6b7c3e9984db9069671647e5f47921 +Subproject commit 4551af90f61a8d5f5c1c88a036595b5919a6c98e From 896e289e5de11397734d48d23bd8aa2d32d4babc Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Fri, 15 Jul 2022 19:34:28 +0200 Subject: [PATCH 0005/2573] Standardize on Python 3.9 per the user manual --- .github/actions/action.yml | 25 ------------------- .../verify-standard-library-dependencies.yml | 4 +-- 2 files changed, 2 insertions(+), 27 deletions(-) delete mode 100644 .github/actions/action.yml diff --git a/.github/actions/action.yml b/.github/actions/action.yml deleted file mode 100644 index 2e6d5f1a2e..0000000000 --- a/.github/actions/action.yml +++ /dev/null @@ -1,25 +0,0 @@ -name: Install CodeQL library pack dependencies -description: | - Downloads any necessary CodeQL library packs needed by packs in the repo. -inputs: - cli_path: - description: | - The path to the CodeQL CLI directory. - required: false - - mode: - description: | - The `--mode` option to `codeql pack install`. - required: true - default: verify - -runs: - using: composite - steps: - - name: Install CodeQL library packs - shell: bash - env: - CODEQL_CLI: ${{ inputs.cli_path }} - run: | - PATH=$PATH:$CODEQL_CLI - python scripts/install-packs.py --mode ${{ inputs.mode }} diff --git a/.github/workflows/verify-standard-library-dependencies.yml b/.github/workflows/verify-standard-library-dependencies.yml index 1be00ef43e..0b05736ddb 100644 --- a/.github/workflows/verify-standard-library-dependencies.yml +++ b/.github/workflows/verify-standard-library-dependencies.yml @@ -45,9 +45,9 @@ jobs: uses: actions/checkout@v2 - name: Setup Python 3 - uses: actions/setup-python@v2 + uses: actions/setup-python@v4 with: - python-version: "3.x" + python-version: "3.9" - name: Cache CodeQL id: cache-codeql From 5613669dd405b9f975494aeb58b58b7718dcdf40 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Thu, 14 Jul 2022 15:27:51 +0200 Subject: [PATCH 0006/2573] Update to CodeQL 2.9.4 --- c/cert/src/codeql-pack.lock.yml | 2 +- c/cert/src/qlpack.yml | 2 +- c/cert/test/codeql-pack.lock.yml | 2 +- c/common/src/codeql-pack.lock.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/codeql-pack.lock.yml | 2 +- c/misra/src/codeql-pack.lock.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/codeql-pack.lock.yml | 2 +- cpp/autosar/src/codeql-pack.lock.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/codeql-pack.lock.yml | 2 +- cpp/cert/src/codeql-pack.lock.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/codeql-pack.lock.yml | 2 +- cpp/common/src/codeql-pack.lock.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/codeql-pack.lock.yml | 2 +- cpp/misra/src/codeql-pack.lock.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/codeql-pack.lock.yml | 2 +- cpp/report/src/codeql-pack.lock.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- supported_codeql_configs.json | 6 +++--- 24 files changed, 26 insertions(+), 26 deletions(-) diff --git a/c/cert/src/codeql-pack.lock.yml b/c/cert/src/codeql-pack.lock.yml index 421c52af64..b0f02a9d1f 100644 --- a/c/cert/src/codeql-pack.lock.yml +++ b/c/cert/src/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.0.13 + version: 0.2.3 compiled: false lockVersion: 1.0.0 diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index e27e23f122..2688a6cbe4 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -3,4 +3,4 @@ version: 2.6.0-dev suites: codeql-suites dependencies: codeql/common-c-coding-standards: '*' - codeql/cpp-all: 0.0.13 + codeql/cpp-all: 0.2.3 diff --git a/c/cert/test/codeql-pack.lock.yml b/c/cert/test/codeql-pack.lock.yml index 421c52af64..b0f02a9d1f 100644 --- a/c/cert/test/codeql-pack.lock.yml +++ b/c/cert/test/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.0.13 + version: 0.2.3 compiled: false lockVersion: 1.0.0 diff --git a/c/common/src/codeql-pack.lock.yml b/c/common/src/codeql-pack.lock.yml index 421c52af64..b0f02a9d1f 100644 --- a/c/common/src/codeql-pack.lock.yml +++ b/c/common/src/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.0.13 + version: 0.2.3 compiled: false lockVersion: 1.0.0 diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index ae2d642c8b..60cf5604f0 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/common-c-coding-standards version: 2.6.0-dev dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.0.13 + codeql/cpp-all: 0.2.3 diff --git a/c/common/test/codeql-pack.lock.yml b/c/common/test/codeql-pack.lock.yml index 421c52af64..b0f02a9d1f 100644 --- a/c/common/test/codeql-pack.lock.yml +++ b/c/common/test/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.0.13 + version: 0.2.3 compiled: false lockVersion: 1.0.0 diff --git a/c/misra/src/codeql-pack.lock.yml b/c/misra/src/codeql-pack.lock.yml index 421c52af64..b0f02a9d1f 100644 --- a/c/misra/src/codeql-pack.lock.yml +++ b/c/misra/src/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.0.13 + version: 0.2.3 compiled: false lockVersion: 1.0.0 diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 138a5a1266..223a56f619 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -3,4 +3,4 @@ version: 2.6.0-dev suites: codeql-suites dependencies: codeql/common-c-coding-standards: '*' - codeql/cpp-all: 0.0.13 + codeql/cpp-all: 0.2.3 diff --git a/c/misra/test/codeql-pack.lock.yml b/c/misra/test/codeql-pack.lock.yml index 421c52af64..b0f02a9d1f 100644 --- a/c/misra/test/codeql-pack.lock.yml +++ b/c/misra/test/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.0.13 + version: 0.2.3 compiled: false lockVersion: 1.0.0 diff --git a/cpp/autosar/src/codeql-pack.lock.yml b/cpp/autosar/src/codeql-pack.lock.yml index 421c52af64..b0f02a9d1f 100644 --- a/cpp/autosar/src/codeql-pack.lock.yml +++ b/cpp/autosar/src/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.0.13 + version: 0.2.3 compiled: false lockVersion: 1.0.0 diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index df34ff31c7..59af2d6bd8 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -3,4 +3,4 @@ version: 2.6.0-dev suites: codeql-suites dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.0.13 + codeql/cpp-all: 0.2.3 diff --git a/cpp/autosar/test/codeql-pack.lock.yml b/cpp/autosar/test/codeql-pack.lock.yml index 421c52af64..b0f02a9d1f 100644 --- a/cpp/autosar/test/codeql-pack.lock.yml +++ b/cpp/autosar/test/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.0.13 + version: 0.2.3 compiled: false lockVersion: 1.0.0 diff --git a/cpp/cert/src/codeql-pack.lock.yml b/cpp/cert/src/codeql-pack.lock.yml index 421c52af64..b0f02a9d1f 100644 --- a/cpp/cert/src/codeql-pack.lock.yml +++ b/cpp/cert/src/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.0.13 + version: 0.2.3 compiled: false lockVersion: 1.0.0 diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index f82426779a..4580367052 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -2,5 +2,5 @@ name: codeql/cert-cpp-coding-standards version: 2.6.0-dev suites: codeql-suites dependencies: - codeql/cpp-all: 0.0.13 + codeql/cpp-all: 0.2.3 codeql/common-cpp-coding-standards: '*' diff --git a/cpp/cert/test/codeql-pack.lock.yml b/cpp/cert/test/codeql-pack.lock.yml index 421c52af64..b0f02a9d1f 100644 --- a/cpp/cert/test/codeql-pack.lock.yml +++ b/cpp/cert/test/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.0.13 + version: 0.2.3 compiled: false lockVersion: 1.0.0 diff --git a/cpp/common/src/codeql-pack.lock.yml b/cpp/common/src/codeql-pack.lock.yml index 421c52af64..b0f02a9d1f 100644 --- a/cpp/common/src/codeql-pack.lock.yml +++ b/cpp/common/src/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.0.13 + version: 0.2.3 compiled: false lockVersion: 1.0.0 diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index d7c8d47f37..fe9b103920 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/common-cpp-coding-standards version: 2.6.0-dev dependencies: - codeql/cpp-all: 0.0.13 + codeql/cpp-all: 0.2.3 diff --git a/cpp/common/test/codeql-pack.lock.yml b/cpp/common/test/codeql-pack.lock.yml index 421c52af64..b0f02a9d1f 100644 --- a/cpp/common/test/codeql-pack.lock.yml +++ b/cpp/common/test/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.0.13 + version: 0.2.3 compiled: false lockVersion: 1.0.0 diff --git a/cpp/misra/src/codeql-pack.lock.yml b/cpp/misra/src/codeql-pack.lock.yml index 421c52af64..b0f02a9d1f 100644 --- a/cpp/misra/src/codeql-pack.lock.yml +++ b/cpp/misra/src/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.0.13 + version: 0.2.3 compiled: false lockVersion: 1.0.0 diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index c0f9bdbc6c..b2b60929b0 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/misra-cpp-coding-standards version: 2.6.0-dev dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.0.13 + codeql/cpp-all: 0.2.3 diff --git a/cpp/misra/test/codeql-pack.lock.yml b/cpp/misra/test/codeql-pack.lock.yml index 421c52af64..b0f02a9d1f 100644 --- a/cpp/misra/test/codeql-pack.lock.yml +++ b/cpp/misra/test/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.0.13 + version: 0.2.3 compiled: false lockVersion: 1.0.0 diff --git a/cpp/report/src/codeql-pack.lock.yml b/cpp/report/src/codeql-pack.lock.yml index 421c52af64..b0f02a9d1f 100644 --- a/cpp/report/src/codeql-pack.lock.yml +++ b/cpp/report/src/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.0.13 + version: 0.2.3 compiled: false lockVersion: 1.0.0 diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index 0781656b00..4d8fa75c36 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/report-cpp-coding-standards version: 2.6.0-dev dependencies: - codeql/cpp-all: 0.0.13 + codeql/cpp-all: 0.2.3 diff --git a/supported_codeql_configs.json b/supported_codeql_configs.json index bba3112bae..269af480e3 100644 --- a/supported_codeql_configs.json +++ b/supported_codeql_configs.json @@ -1,9 +1,9 @@ { "supported_environment": [ { - "codeql_cli": "2.8.5", - "codeql_standard_library": "codeql-cli/v2.8.5", - "codeql_cli_bundle": "codeql-bundle-20220401" + "codeql_cli": "2.9.4", + "codeql_standard_library": "codeql-cli/v2.9.4", + "codeql_cli_bundle": "codeql-bundle-20220615" } ], "supported_language" : [ From 65f4e25f7d3dd536d97743856c8a8a0fba98fde7 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Thu, 14 Jul 2022 20:39:03 +0200 Subject: [PATCH 0007/2573] Bump codeql submodule --- codeql_modules/codeql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/codeql_modules/codeql b/codeql_modules/codeql index 4551af90f6..28fe7a7660 160000 --- a/codeql_modules/codeql +++ b/codeql_modules/codeql @@ -1 +1 @@ -Subproject commit 4551af90f61a8d5f5c1c88a036595b5919a6c98e +Subproject commit 28fe7a76603ab7ef884ca35115b63104ecb699a7 From ea338e6df45a4e4f63c911f18b81aa2c6c44c958 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Fri, 15 Jul 2022 17:33:59 +0200 Subject: [PATCH 0008/2573] Fix M0-1-4 to ignore compiler-generated accesses --- change_notes/2022-05-04-compiler-generated-fp-M0-1-4.md | 3 +++ cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll | 9 ++++++--- 2 files changed, 9 insertions(+), 3 deletions(-) create mode 100644 change_notes/2022-05-04-compiler-generated-fp-M0-1-4.md diff --git a/change_notes/2022-05-04-compiler-generated-fp-M0-1-4.md b/change_notes/2022-05-04-compiler-generated-fp-M0-1-4.md new file mode 100644 index 0000000000..8d3a2045f2 --- /dev/null +++ b/change_notes/2022-05-04-compiler-generated-fp-M0-1-4.md @@ -0,0 +1,3 @@ + - `M0-1-4` - `SingleUsePODVariable.ql` + - This rule no longer considers compiler-generated access to a variable when determining if the + variable has a single use. diff --git a/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll b/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll index 765848a63c..c750bb130c 100644 --- a/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll +++ b/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll @@ -10,8 +10,9 @@ int getUseCount(Variable v) { // We enforce that it's a POD type variable, so if it has an initializer it is explicit (if v.hasInitializer() then initializers = 1 else initializers = 0) and result = - initializers + count(v.getAnAccess()) + - count(UserProvidedConstructorFieldInit cfi | cfi.getTarget() = v) + initializers + + count(VariableAccess access | access = v.getAnAccess() and not access.isCompilerGenerated()) + + count(UserProvidedConstructorFieldInit cfi | cfi.getTarget() = v) ) } @@ -23,7 +24,9 @@ Element getSingleUse(Variable v) { or result = any(UserProvidedConstructorFieldInit cfi | cfi.getTarget() = v) or - result = v.getAnAccess() + exists(VariableAccess access | + access = v.getAnAccess() and not access.isCompilerGenerated() and result = access + ) ) } From bac21698fad1848816e129d590c7a18efe9dd418 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Fri, 15 Jul 2022 17:36:22 +0200 Subject: [PATCH 0009/2573] Update symbol location in expected test output --- change_notes/2022-07-15-fix-A7-3-1-location-reporting.md | 2 ++ .../A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.expected | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) create mode 100644 change_notes/2022-07-15-fix-A7-3-1-location-reporting.md diff --git a/change_notes/2022-07-15-fix-A7-3-1-location-reporting.md b/change_notes/2022-07-15-fix-A7-3-1-location-reporting.md new file mode 100644 index 0000000000..b310d1c010 --- /dev/null +++ b/change_notes/2022-07-15-fix-A7-3-1-location-reporting.md @@ -0,0 +1,2 @@ +- `A7-3-1` - `DefinitionNotConsideredForUnqualifiedLookup.ql` + - The locations reported for names occurring in using-declarations has improved in the latest CodeQL versions. diff --git a/cpp/autosar/test/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.expected b/cpp/autosar/test/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.expected index a549240c66..ea0f998533 100644 --- a/cpp/autosar/test/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.expected +++ b/cpp/autosar/test/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.expected @@ -1 +1 @@ -| test.cpp:42:6:42:7 | declaration of f1 | Definition for 'f1' is not available for unqualified lookup because it is declared after $@ | test.cpp:39:1:39:13 | using f1 | using-declaration | +| test.cpp:42:6:42:7 | declaration of f1 | Definition for 'f1' is not available for unqualified lookup because it is declared after $@ | test.cpp:39:12:39:13 | using f1 | using-declaration | From e252fb3db40d93cb0f26d3dd01f5562343aaa993 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Fri, 15 Jul 2022 17:46:05 +0200 Subject: [PATCH 0010/2573] Fix braced initialization detection in A8-5-3 --- ...-fix-A8-5-3-braced-initialization-detection.md | 3 +++ .../A8-5-3/AvoidAutoWithBracedInitialization.ql | 2 +- cpp/autosar/test/rules/A8-5-3/test.cpp | 15 ++++++++------- 3 files changed, 12 insertions(+), 8 deletions(-) create mode 100644 change_notes/2022-06-01-fix-A8-5-3-braced-initialization-detection.md diff --git a/change_notes/2022-06-01-fix-A8-5-3-braced-initialization-detection.md b/change_notes/2022-06-01-fix-A8-5-3-braced-initialization-detection.md new file mode 100644 index 0000000000..ec48fda73a --- /dev/null +++ b/change_notes/2022-06-01-fix-A8-5-3-braced-initialization-detection.md @@ -0,0 +1,3 @@ +- `A8-5-3` - `AvoidAutoWithBracedInitialization.ql`: + - Fix regression where `auto x{0}` was no longer detected as a braced initialization with type `auto` with the latest CodeQL versions. + - No longer falsely detect cases where braced initialization was not used, but where the inferred type would be `std::initializer_list`. diff --git a/cpp/autosar/src/rules/A8-5-3/AvoidAutoWithBracedInitialization.ql b/cpp/autosar/src/rules/A8-5-3/AvoidAutoWithBracedInitialization.ql index b62b8785c3..bcb64dba8d 100644 --- a/cpp/autosar/src/rules/A8-5-3/AvoidAutoWithBracedInitialization.ql +++ b/cpp/autosar/src/rules/A8-5-3/AvoidAutoWithBracedInitialization.ql @@ -21,5 +21,5 @@ from Variable v where not isExcluded(v, InitializationPackage::avoidAutoWithBracedInitializationQuery()) and v.getTypeWithAuto().getUnspecifiedType() instanceof AutoType and - v.getType().getUnspecifiedType().(Class).hasQualifiedName("std", "initializer_list") + v.getInitializer().isBraced() select v, "Variable " + v.getName() + " of type auto uses braced initialization." diff --git a/cpp/autosar/test/rules/A8-5-3/test.cpp b/cpp/autosar/test/rules/A8-5-3/test.cpp index c17c8241a1..7baa9aa487 100644 --- a/cpp/autosar/test/rules/A8-5-3/test.cpp +++ b/cpp/autosar/test/rules/A8-5-3/test.cpp @@ -1,11 +1,12 @@ #include void test() { - auto a1(1); // COMPLIANT - auto a2{1}; // NON_COMPLIANT - auto a3 = 1; // COMPLIANT - auto a4 = {1}; // NON_COMPLIANT - int a5 = {1}; // COMPLIANT - const auto a6(1); // COMPLIANT - const auto a7{1}; // NON_COMPLIANT + auto a1(1); // COMPLIANT + auto a2{1}; // NON_COMPLIANT + auto a3 = 1; // COMPLIANT + auto a4 = {1}; // NON_COMPLIANT + int a5 = {1}; // COMPLIANT + const auto a6(1); // COMPLIANT + const auto a7{1}; // NON_COMPLIANT + auto a8 = std::initializer_list(); // COMPLIANT } \ No newline at end of file From 24d9942cc779fef5127249c59587d00c4a59ced8 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Tue, 19 Jul 2022 20:30:47 +0200 Subject: [PATCH 0011/2573] Update to CodeQL 2.10.1 --- c/cert/src/codeql-pack.lock.yml | 2 +- c/cert/src/qlpack.yml | 2 +- c/cert/test/codeql-pack.lock.yml | 2 +- c/common/src/codeql-pack.lock.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/codeql-pack.lock.yml | 2 +- c/misra/src/codeql-pack.lock.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/codeql-pack.lock.yml | 2 +- cpp/autosar/src/codeql-pack.lock.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/codeql-pack.lock.yml | 2 +- cpp/cert/src/codeql-pack.lock.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/codeql-pack.lock.yml | 2 +- cpp/common/src/codeql-pack.lock.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/codeql-pack.lock.yml | 2 +- cpp/misra/src/codeql-pack.lock.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/codeql-pack.lock.yml | 2 +- cpp/report/src/codeql-pack.lock.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- supported_codeql_configs.json | 6 +++--- 24 files changed, 26 insertions(+), 26 deletions(-) diff --git a/c/cert/src/codeql-pack.lock.yml b/c/cert/src/codeql-pack.lock.yml index b0f02a9d1f..98fd8cb0ea 100644 --- a/c/cert/src/codeql-pack.lock.yml +++ b/c/cert/src/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.2.3 + version: 0.3.1 compiled: false lockVersion: 1.0.0 diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index 2688a6cbe4..ab00bcba8e 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -3,4 +3,4 @@ version: 2.6.0-dev suites: codeql-suites dependencies: codeql/common-c-coding-standards: '*' - codeql/cpp-all: 0.2.3 + codeql/cpp-all: 0.3.1 diff --git a/c/cert/test/codeql-pack.lock.yml b/c/cert/test/codeql-pack.lock.yml index b0f02a9d1f..98fd8cb0ea 100644 --- a/c/cert/test/codeql-pack.lock.yml +++ b/c/cert/test/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.2.3 + version: 0.3.1 compiled: false lockVersion: 1.0.0 diff --git a/c/common/src/codeql-pack.lock.yml b/c/common/src/codeql-pack.lock.yml index b0f02a9d1f..98fd8cb0ea 100644 --- a/c/common/src/codeql-pack.lock.yml +++ b/c/common/src/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.2.3 + version: 0.3.1 compiled: false lockVersion: 1.0.0 diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 60cf5604f0..d821daf3cf 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/common-c-coding-standards version: 2.6.0-dev dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.2.3 + codeql/cpp-all: 0.3.1 diff --git a/c/common/test/codeql-pack.lock.yml b/c/common/test/codeql-pack.lock.yml index b0f02a9d1f..98fd8cb0ea 100644 --- a/c/common/test/codeql-pack.lock.yml +++ b/c/common/test/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.2.3 + version: 0.3.1 compiled: false lockVersion: 1.0.0 diff --git a/c/misra/src/codeql-pack.lock.yml b/c/misra/src/codeql-pack.lock.yml index b0f02a9d1f..98fd8cb0ea 100644 --- a/c/misra/src/codeql-pack.lock.yml +++ b/c/misra/src/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.2.3 + version: 0.3.1 compiled: false lockVersion: 1.0.0 diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 223a56f619..80abbb2dd6 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -3,4 +3,4 @@ version: 2.6.0-dev suites: codeql-suites dependencies: codeql/common-c-coding-standards: '*' - codeql/cpp-all: 0.2.3 + codeql/cpp-all: 0.3.1 diff --git a/c/misra/test/codeql-pack.lock.yml b/c/misra/test/codeql-pack.lock.yml index b0f02a9d1f..98fd8cb0ea 100644 --- a/c/misra/test/codeql-pack.lock.yml +++ b/c/misra/test/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.2.3 + version: 0.3.1 compiled: false lockVersion: 1.0.0 diff --git a/cpp/autosar/src/codeql-pack.lock.yml b/cpp/autosar/src/codeql-pack.lock.yml index b0f02a9d1f..98fd8cb0ea 100644 --- a/cpp/autosar/src/codeql-pack.lock.yml +++ b/cpp/autosar/src/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.2.3 + version: 0.3.1 compiled: false lockVersion: 1.0.0 diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index 59af2d6bd8..8c715d1ab7 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -3,4 +3,4 @@ version: 2.6.0-dev suites: codeql-suites dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.2.3 + codeql/cpp-all: 0.3.1 diff --git a/cpp/autosar/test/codeql-pack.lock.yml b/cpp/autosar/test/codeql-pack.lock.yml index b0f02a9d1f..98fd8cb0ea 100644 --- a/cpp/autosar/test/codeql-pack.lock.yml +++ b/cpp/autosar/test/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.2.3 + version: 0.3.1 compiled: false lockVersion: 1.0.0 diff --git a/cpp/cert/src/codeql-pack.lock.yml b/cpp/cert/src/codeql-pack.lock.yml index b0f02a9d1f..98fd8cb0ea 100644 --- a/cpp/cert/src/codeql-pack.lock.yml +++ b/cpp/cert/src/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.2.3 + version: 0.3.1 compiled: false lockVersion: 1.0.0 diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index 4580367052..0a803153da 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -2,5 +2,5 @@ name: codeql/cert-cpp-coding-standards version: 2.6.0-dev suites: codeql-suites dependencies: - codeql/cpp-all: 0.2.3 + codeql/cpp-all: 0.3.1 codeql/common-cpp-coding-standards: '*' diff --git a/cpp/cert/test/codeql-pack.lock.yml b/cpp/cert/test/codeql-pack.lock.yml index b0f02a9d1f..98fd8cb0ea 100644 --- a/cpp/cert/test/codeql-pack.lock.yml +++ b/cpp/cert/test/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.2.3 + version: 0.3.1 compiled: false lockVersion: 1.0.0 diff --git a/cpp/common/src/codeql-pack.lock.yml b/cpp/common/src/codeql-pack.lock.yml index b0f02a9d1f..98fd8cb0ea 100644 --- a/cpp/common/src/codeql-pack.lock.yml +++ b/cpp/common/src/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.2.3 + version: 0.3.1 compiled: false lockVersion: 1.0.0 diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index fe9b103920..1726a860e3 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/common-cpp-coding-standards version: 2.6.0-dev dependencies: - codeql/cpp-all: 0.2.3 + codeql/cpp-all: 0.3.1 diff --git a/cpp/common/test/codeql-pack.lock.yml b/cpp/common/test/codeql-pack.lock.yml index b0f02a9d1f..98fd8cb0ea 100644 --- a/cpp/common/test/codeql-pack.lock.yml +++ b/cpp/common/test/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.2.3 + version: 0.3.1 compiled: false lockVersion: 1.0.0 diff --git a/cpp/misra/src/codeql-pack.lock.yml b/cpp/misra/src/codeql-pack.lock.yml index b0f02a9d1f..98fd8cb0ea 100644 --- a/cpp/misra/src/codeql-pack.lock.yml +++ b/cpp/misra/src/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.2.3 + version: 0.3.1 compiled: false lockVersion: 1.0.0 diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index b2b60929b0..2156a1d22f 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/misra-cpp-coding-standards version: 2.6.0-dev dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.2.3 + codeql/cpp-all: 0.3.1 diff --git a/cpp/misra/test/codeql-pack.lock.yml b/cpp/misra/test/codeql-pack.lock.yml index b0f02a9d1f..98fd8cb0ea 100644 --- a/cpp/misra/test/codeql-pack.lock.yml +++ b/cpp/misra/test/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.2.3 + version: 0.3.1 compiled: false lockVersion: 1.0.0 diff --git a/cpp/report/src/codeql-pack.lock.yml b/cpp/report/src/codeql-pack.lock.yml index b0f02a9d1f..98fd8cb0ea 100644 --- a/cpp/report/src/codeql-pack.lock.yml +++ b/cpp/report/src/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.2.3 + version: 0.3.1 compiled: false lockVersion: 1.0.0 diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index 4d8fa75c36..c85d14cd4e 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/report-cpp-coding-standards version: 2.6.0-dev dependencies: - codeql/cpp-all: 0.2.3 + codeql/cpp-all: 0.3.1 diff --git a/supported_codeql_configs.json b/supported_codeql_configs.json index 269af480e3..52435c7ac1 100644 --- a/supported_codeql_configs.json +++ b/supported_codeql_configs.json @@ -1,9 +1,9 @@ { "supported_environment": [ { - "codeql_cli": "2.9.4", - "codeql_standard_library": "codeql-cli/v2.9.4", - "codeql_cli_bundle": "codeql-bundle-20220615" + "codeql_cli": "2.10.1", + "codeql_standard_library": "codeql-cli/v2.10.1", + "codeql_cli_bundle": "codeql-bundle-20220714" } ], "supported_language" : [ From 70b684a81b323eec461bf9386ac02327688d2e90 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Tue, 19 Jul 2022 20:31:16 +0200 Subject: [PATCH 0012/2573] Bump codeql submodule --- codeql_modules/codeql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/codeql_modules/codeql b/codeql_modules/codeql index 28fe7a7660..fd7561cf27 160000 --- a/codeql_modules/codeql +++ b/codeql_modules/codeql @@ -1 +1 @@ -Subproject commit 28fe7a76603ab7ef884ca35115b63104ecb699a7 +Subproject commit fd7561cf279f64ee266ccdc6746e8d66d81c6b8e From 5b6e9c28eb1f36322a47b7f99d662ca5b2de3125 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Tue, 19 Jul 2022 20:31:42 +0200 Subject: [PATCH 0013/2573] Fix A2-10-4 and A2-10-5 test results --- change_notes/2022-06-28-detect-static-namespace-members.md | 6 ++++++ ...IdentifierNameOfStaticFunctionReusedInNamespace.expected | 2 ++ ...ierNameOfStaticNonMemberObjectReusedInNamespace.expected | 2 ++ cpp/autosar/test/rules/A2-10-4/test1b.cpp | 5 ++--- ...mberObjectWithExternalOrInternalLinkageIsReused.expected | 6 ++++-- .../IdentifierNameOfAStaticFunctionIsReused.expected | 4 ++-- cpp/autosar/test/rules/A2-10-5/test1b.cpp | 3 +-- 7 files changed, 19 insertions(+), 9 deletions(-) create mode 100644 change_notes/2022-06-28-detect-static-namespace-members.md diff --git a/change_notes/2022-06-28-detect-static-namespace-members.md b/change_notes/2022-06-28-detect-static-namespace-members.md new file mode 100644 index 0000000000..05af4deb79 --- /dev/null +++ b/change_notes/2022-06-28-detect-static-namespace-members.md @@ -0,0 +1,6 @@ +- `A2-10-4` - `IdentifierNameOfStaticFunctionReusedInNamespace.ql`: + - Reuse of an identifier name of a static function in a namespace is now detected. +- `A2-10-4` - `IdentifierNameOfStaticNonMemberObjectReusedInNamespace.ql`: + - Reuse of an identifier name of a static non-member object in a namespace is now detected. +- `A2-10-5` - `IdentifierNameOfStaticNonMemberObjectWithExternalOrInternalLinkageIsReused.ql`: + - Reuse of an identifier name of a static non-member object with internal linkage in a namespace is now detected. diff --git a/cpp/autosar/test/rules/A2-10-4/IdentifierNameOfStaticFunctionReusedInNamespace.expected b/cpp/autosar/test/rules/A2-10-4/IdentifierNameOfStaticFunctionReusedInNamespace.expected index e69de29bb2..180e52c6f1 100644 --- a/cpp/autosar/test/rules/A2-10-4/IdentifierNameOfStaticFunctionReusedInNamespace.expected +++ b/cpp/autosar/test/rules/A2-10-4/IdentifierNameOfStaticFunctionReusedInNamespace.expected @@ -0,0 +1,2 @@ +| test1a.cpp:13:13:13:14 | f1 | Static function $@ reuses identifier of $@ | test1a.cpp:13:13:13:14 | f1 | f1 | test1b.cpp:6:13:6:14 | f1 | f1 | +| test1b.cpp:6:13:6:14 | f1 | Static function $@ reuses identifier of $@ | test1b.cpp:6:13:6:14 | f1 | f1 | test1a.cpp:13:13:13:14 | f1 | f1 | diff --git a/cpp/autosar/test/rules/A2-10-4/IdentifierNameOfStaticNonMemberObjectReusedInNamespace.expected b/cpp/autosar/test/rules/A2-10-4/IdentifierNameOfStaticNonMemberObjectReusedInNamespace.expected index e69de29bb2..9eef8da1b5 100644 --- a/cpp/autosar/test/rules/A2-10-4/IdentifierNameOfStaticNonMemberObjectReusedInNamespace.expected +++ b/cpp/autosar/test/rules/A2-10-4/IdentifierNameOfStaticNonMemberObjectReusedInNamespace.expected @@ -0,0 +1,2 @@ +| test1a.cpp:2:12:2:13 | v1 | Non-member static object $@ reuses identifier name of non-member static object $@ | test1a.cpp:2:12:2:13 | v1 | v1 | test1b.cpp:2:12:2:13 | v1 | v1 | +| test1b.cpp:2:12:2:13 | v1 | Non-member static object $@ reuses identifier name of non-member static object $@ | test1b.cpp:2:12:2:13 | v1 | v1 | test1a.cpp:2:12:2:13 | v1 | v1 | diff --git a/cpp/autosar/test/rules/A2-10-4/test1b.cpp b/cpp/autosar/test/rules/A2-10-4/test1b.cpp index 49a01226c3..c8a0e8a4b5 100644 --- a/cpp/autosar/test/rules/A2-10-4/test1b.cpp +++ b/cpp/autosar/test/rules/A2-10-4/test1b.cpp @@ -3,7 +3,6 @@ static int v1 = 3; // NON_COMPLIANT } // namespace ns1 namespace ns3 { -static void f1() {} // NON_COMPLIANT - Not accepted by Clang linker and - // therefore not alerted upon. +static void f1() {} // NON_COMPLIANT - Not accepted by Clang linker void f2() {} // COMPLIANT - Not accepted by Clang linker -} // namespace ns3 \ No newline at end of file +} // namespace ns3 diff --git a/cpp/autosar/test/rules/A2-10-5/IdentifierNameOfANonMemberObjectWithExternalOrInternalLinkageIsReused.expected b/cpp/autosar/test/rules/A2-10-5/IdentifierNameOfANonMemberObjectWithExternalOrInternalLinkageIsReused.expected index aac4b23463..7667818c63 100644 --- a/cpp/autosar/test/rules/A2-10-5/IdentifierNameOfANonMemberObjectWithExternalOrInternalLinkageIsReused.expected +++ b/cpp/autosar/test/rules/A2-10-5/IdentifierNameOfANonMemberObjectWithExternalOrInternalLinkageIsReused.expected @@ -1,2 +1,4 @@ -| test1a.cpp:6:12:6:13 | g3 | Identifier name of non-member object $@ reuses the identifier name of non-member object $@. | test1a.cpp:6:12:6:13 | g3 | g3 | test1b.cpp:7:12:7:13 | g3 | g3 | -| test1b.cpp:7:12:7:13 | g3 | Identifier name of non-member object $@ reuses the identifier name of non-member object $@. | test1b.cpp:7:12:7:13 | g3 | g3 | test1a.cpp:6:12:6:13 | g3 | g3 | +| test1a.cpp:2:12:2:13 | g1 | Identifier name of non-member object $@ reuses the identifier name of non-member object $@. | test1a.cpp:2:12:2:13 | g1 | g1 | test1b.cpp:2:12:2:13 | g1 | g1 | +| test1a.cpp:6:12:6:13 | g3 | Identifier name of non-member object $@ reuses the identifier name of non-member object $@. | test1a.cpp:6:12:6:13 | g3 | g3 | test1b.cpp:6:12:6:13 | g3 | g3 | +| test1b.cpp:2:12:2:13 | g1 | Identifier name of non-member object $@ reuses the identifier name of non-member object $@. | test1b.cpp:2:12:2:13 | g1 | g1 | test1a.cpp:2:12:2:13 | g1 | g1 | +| test1b.cpp:6:12:6:13 | g3 | Identifier name of non-member object $@ reuses the identifier name of non-member object $@. | test1b.cpp:6:12:6:13 | g3 | g3 | test1a.cpp:6:12:6:13 | g3 | g3 | diff --git a/cpp/autosar/test/rules/A2-10-5/IdentifierNameOfAStaticFunctionIsReused.expected b/cpp/autosar/test/rules/A2-10-5/IdentifierNameOfAStaticFunctionIsReused.expected index d84cdee2b0..c9eea3450b 100644 --- a/cpp/autosar/test/rules/A2-10-5/IdentifierNameOfAStaticFunctionIsReused.expected +++ b/cpp/autosar/test/rules/A2-10-5/IdentifierNameOfAStaticFunctionIsReused.expected @@ -1,2 +1,2 @@ -| test1a.cpp:7:13:7:14 | f1 | Identifier name of static function $@ reuses identifier name of static function $@ | test1a.cpp:7:13:7:14 | f1 | f1 | test1b.cpp:10:13:10:14 | f1 | f1 | -| test1b.cpp:10:13:10:14 | f1 | Identifier name of static function $@ reuses identifier name of static function $@ | test1b.cpp:10:13:10:14 | f1 | f1 | test1a.cpp:7:13:7:14 | f1 | f1 | +| test1a.cpp:7:13:7:14 | f1 | Identifier name of static function $@ reuses identifier name of static function $@ | test1a.cpp:7:13:7:14 | f1 | f1 | test1b.cpp:9:13:9:14 | f1 | f1 | +| test1b.cpp:9:13:9:14 | f1 | Identifier name of static function $@ reuses identifier name of static function $@ | test1b.cpp:9:13:9:14 | f1 | f1 | test1a.cpp:7:13:7:14 | f1 | f1 | diff --git a/cpp/autosar/test/rules/A2-10-5/test1b.cpp b/cpp/autosar/test/rules/A2-10-5/test1b.cpp index 3a42797cc4..4d9d72e9d5 100644 --- a/cpp/autosar/test/rules/A2-10-5/test1b.cpp +++ b/cpp/autosar/test/rules/A2-10-5/test1b.cpp @@ -1,6 +1,5 @@ namespace n1 { -static int g1 = 1; // NON_COMPLIANT[FALSE_NEGATIVE], considered the same as - // n1::g1 in test1a.cpp. +static int g1 = 1; // NON_COMPLIANT } namespace n2 { From 5deb10880f9aabdca220f97d1113064405127b34 Mon Sep 17 00:00:00 2001 From: erik-krogh Date: Thu, 25 Aug 2022 10:43:13 +0200 Subject: [PATCH 0014/2573] use idPod instead of isPOD --- .../src/codingstandards/cpp/HardwareOrProtocolInterface.qll | 2 +- .../src/rules/A11-0-1/NonPodTypeShouldBeDefinedAsClass.ql | 2 +- .../A12-0-2/OperationsAssumingMemoryLayoutPerformedOnObjects.ql | 2 +- ...cingWithHardwareOrProtocolsMustBeTrivialAndStandardLayout.ql | 2 +- .../src/rules/M11-0-1/MemberDataInNonPodClassTypesNotPrivate.ql | 2 +- cpp/common/src/codingstandards/cpp/TrivialType.qll | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/cpp/autosar/src/codingstandards/cpp/HardwareOrProtocolInterface.qll b/cpp/autosar/src/codingstandards/cpp/HardwareOrProtocolInterface.qll index 673d7045ed..d92a28e477 100644 --- a/cpp/autosar/src/codingstandards/cpp/HardwareOrProtocolInterface.qll +++ b/cpp/autosar/src/codingstandards/cpp/HardwareOrProtocolInterface.qll @@ -39,7 +39,7 @@ class DefinedSizeType extends Type { class DefinedSizeClass extends Class { DefinedSizeClass() { - this.isPOD() and + this.isPod() and forall(Field f | f = this.getAField() | f.getType() instanceof DefinedSizeType) } } diff --git a/cpp/autosar/src/rules/A11-0-1/NonPodTypeShouldBeDefinedAsClass.ql b/cpp/autosar/src/rules/A11-0-1/NonPodTypeShouldBeDefinedAsClass.ql index 7867af2fdc..41611c5536 100644 --- a/cpp/autosar/src/rules/A11-0-1/NonPodTypeShouldBeDefinedAsClass.ql +++ b/cpp/autosar/src/rules/A11-0-1/NonPodTypeShouldBeDefinedAsClass.ql @@ -22,5 +22,5 @@ import codingstandards.cpp.Typehelpers from Struct s where not isExcluded(s, ClassesPackage::nonPodTypeShouldBeDefinedAsClassQuery()) and - not s.isPOD() + not s.isPod() select s, "Non-POD type defined as struct instead of class." diff --git a/cpp/autosar/src/rules/A12-0-2/OperationsAssumingMemoryLayoutPerformedOnObjects.ql b/cpp/autosar/src/rules/A12-0-2/OperationsAssumingMemoryLayoutPerformedOnObjects.ql index 865c7189ad..4248b223b0 100644 --- a/cpp/autosar/src/rules/A12-0-2/OperationsAssumingMemoryLayoutPerformedOnObjects.ql +++ b/cpp/autosar/src/rules/A12-0-2/OperationsAssumingMemoryLayoutPerformedOnObjects.ql @@ -19,7 +19,7 @@ import cpp import codingstandards.cpp.autosar class Object extends Class { - Object() { not this.(Struct).isPOD() } + Object() { not this.(Struct).isPod() } } predicate isPointerToObject(Expr e) { diff --git a/cpp/autosar/src/rules/A9-6-1/DataTypesUsedForInterfacingWithHardwareOrProtocolsMustBeTrivialAndStandardLayout.ql b/cpp/autosar/src/rules/A9-6-1/DataTypesUsedForInterfacingWithHardwareOrProtocolsMustBeTrivialAndStandardLayout.ql index 1d89b275f6..0fd09210f7 100644 --- a/cpp/autosar/src/rules/A9-6-1/DataTypesUsedForInterfacingWithHardwareOrProtocolsMustBeTrivialAndStandardLayout.ql +++ b/cpp/autosar/src/rules/A9-6-1/DataTypesUsedForInterfacingWithHardwareOrProtocolsMustBeTrivialAndStandardLayout.ql @@ -23,6 +23,6 @@ from HardwareOrProtocolInterfaceClass c where not isExcluded(c, ClassesPackage::dataTypesUsedForInterfacingWithHardwareOrProtocolsMustBeTrivialAndStandardLayoutQuery()) and - not c.isPOD() + not c.isPod() select c, "Data type used for hardware interface or communication protocol is not standard layout and trivial." diff --git a/cpp/autosar/src/rules/M11-0-1/MemberDataInNonPodClassTypesNotPrivate.ql b/cpp/autosar/src/rules/M11-0-1/MemberDataInNonPodClassTypesNotPrivate.ql index b60594b8a9..a9902a72e0 100644 --- a/cpp/autosar/src/rules/M11-0-1/MemberDataInNonPodClassTypesNotPrivate.ql +++ b/cpp/autosar/src/rules/M11-0-1/MemberDataInNonPodClassTypesNotPrivate.ql @@ -17,7 +17,7 @@ import cpp import codingstandards.cpp.autosar class NonPODType extends Class { - NonPODType() { not this.isPOD() } + NonPODType() { not this.isPod() } } from NonPODType p, Field f diff --git a/cpp/common/src/codingstandards/cpp/TrivialType.qll b/cpp/common/src/codingstandards/cpp/TrivialType.qll index bbbdea852d..71b5f8fd47 100644 --- a/cpp/common/src/codingstandards/cpp/TrivialType.qll +++ b/cpp/common/src/codingstandards/cpp/TrivialType.qll @@ -284,7 +284,7 @@ predicate isTrivialType(Type t) { /** A POD type as defined by [basic.types]/9. */ class PODType extends Type { PODType() { - this.(Class).isPOD() + this.(Class).isPod() or isScalarType(this) or From e9444e1bde6696badfb846f41aeb7502497cabeb Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Tue, 30 Aug 2022 14:23:07 +0200 Subject: [PATCH 0015/2573] Replace `XMLElement` by `XmlElement` and `XMLFile` by `XmlFile` `XMLElement` and `XMLFile` are deprecated from CodeQL 2.10.4 onwards. `XmlElement` and `XmlFile` are their direct replacements. --- .../cpp/deviations/Deviations.qll | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll b/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll index dbc6a240cd..f902fd556c 100644 --- a/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll +++ b/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll @@ -16,7 +16,7 @@ predicate applyDeviationsAtQueryLevel() { } /** A `coding-standards.xml` configuration file (usually generated from an YAML configuration file). */ -class CodingStandardsFile extends XMLFile { +class CodingStandardsFile extends XmlFile { CodingStandardsFile() { this.getBaseName() = "coding-standards.xml" and // Must be within the users source code. @@ -25,7 +25,7 @@ class CodingStandardsFile extends XMLFile { } /** A "Coding Standards" configuration file */ -class CodingStandardsConfig extends XMLElement { +class CodingStandardsConfig extends XmlElement { CodingStandardsConfig() { any(CodingStandardsFile csf).getARootElement() = this and this.getName() = "codingstandards" @@ -36,7 +36,7 @@ class CodingStandardsConfig extends XMLElement { } /** An element which tells the analysis whether to report deviated results. */ -class CodingStandardsReportDeviatedAlerts extends XMLElement { +class CodingStandardsReportDeviatedAlerts extends XmlElement { CodingStandardsReportDeviatedAlerts() { getParent() instanceof CodingStandardsConfig and hasName("report-deviated-alerts") @@ -44,7 +44,7 @@ class CodingStandardsReportDeviatedAlerts extends XMLElement { } /** A container of deviation records. */ -class DeviationRecords extends XMLElement { +class DeviationRecords extends XmlElement { DeviationRecords() { getParent() instanceof CodingStandardsConfig and hasName("deviations") @@ -52,7 +52,7 @@ class DeviationRecords extends XMLElement { } /** A container for the deviation permits records. */ -class DeviationPermits extends XMLElement { +class DeviationPermits extends XmlElement { DeviationPermits() { getParent() instanceof CodingStandardsConfig and hasName("deviation-permits") @@ -60,7 +60,7 @@ class DeviationPermits extends XMLElement { } /** A deviation permit record, that is specified by a permit identifier */ -class DeviationPermit extends XMLElement { +class DeviationPermit extends XmlElement { DeviationPermit() { getParent() instanceof DeviationPermits and hasName("deviation-permits-entry") @@ -143,7 +143,7 @@ class DeviationPermit extends XMLElement { } /** A deviation record, that is a specified rule or query */ -class DeviationRecord extends XMLElement { +class DeviationRecord extends XmlElement { DeviationRecord() { getParent() instanceof DeviationRecords and hasName("deviations-entry") @@ -159,13 +159,13 @@ class DeviationRecord extends XMLElement { private string getRawPermitId() { result = getAChild("permit-id").getTextValue() } - private XMLElement getRawRaisedBy() { result = getAChild("raised-by") } + private XmlElement getRawRaisedBy() { result = getAChild("raised-by") } private string getRawRaisedByName() { result = getRawRaisedBy().getAChild("name").getTextValue() } private string getRawRaisedByDate() { result = getRawRaisedBy().getAChild("date").getTextValue() } - private XMLElement getRawApprovedBy() { result = getAChild("approved-by") } + private XmlElement getRawApprovedBy() { result = getAChild("approved-by") } private string getRawApprovedByName() { result = getRawApprovedBy().getAChild("name").getTextValue() From dfc95c16f9b966cd7f5da7772e74c8933af724dc Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Thu, 14 Jul 2022 11:49:59 +0200 Subject: [PATCH 0016/2573] Modernize qlpacks and update to CodeQL 2.8.5 --- .codeqlmanifest.json | 2 +- .github/actions/action.yml | 25 ++++++ .../actions/install-codeql-packs/action.yml | 25 ++++++ .github/workflows/code-scanning-pack-gen.yml | 9 ++- .github/workflows/codeql_unit_tests.yml | 20 +++-- .../standard_library_upgrade_tests.yml | 2 +- .../verify-standard-library-dependencies.yml | 79 +++++++++++++++++++ .gitignore | 3 + c/.codeqlmanifest.json | 3 - c/cert/src/codeql-pack.lock.yml | 6 ++ c/cert/src/qlpack.yml | 4 +- c/cert/test/codeql-pack.lock.yml | 6 ++ c/cert/test/qlpack.yml | 7 +- c/common/src/codeql-pack.lock.yml | 6 ++ c/common/src/qlpack.yml | 6 +- c/common/test/codeql-pack.lock.yml | 6 ++ c/common/test/qlpack.yml | 5 +- c/misra/src/codeql-pack.lock.yml | 6 ++ c/misra/src/qlpack.yml | 6 +- c/misra/test/codeql-pack.lock.yml | 6 ++ c/misra/test/qlpack.yml | 7 +- cpp/.codeqlmanifest.json | 3 - cpp/autosar/src/codeql-pack.lock.yml | 6 ++ cpp/autosar/src/qlpack.yml | 6 +- cpp/autosar/test/codeql-pack.lock.yml | 6 ++ cpp/autosar/test/qlpack.yml | 5 +- cpp/cert/src/codeql-pack.lock.yml | 6 ++ cpp/cert/src/qlpack.yml | 6 +- cpp/cert/test/codeql-pack.lock.yml | 6 ++ cpp/cert/test/qlpack.yml | 5 +- cpp/common/src/codeql-pack.lock.yml | 6 ++ cpp/common/src/qlpack.yml | 5 +- cpp/common/test/codeql-pack.lock.yml | 6 ++ cpp/common/test/qlpack.yml | 5 +- cpp/misra/src/codeql-pack.lock.yml | 6 ++ cpp/misra/src/qlpack.yml | 6 +- cpp/misra/test/codeql-pack.lock.yml | 6 ++ cpp/misra/test/qlpack.yml | 5 +- cpp/report/src/codeql-pack.lock.yml | 6 ++ cpp/report/src/qlpack.yml | 5 +- docs/development_handbook.md | 13 ++- scripts/get_workspace_packs.py | 14 ++++ scripts/install-packs.py | 23 ++++++ scripts/verify-standard-library-version.py | 68 ++++++++++++++++ supported_codeql_configs.json | 6 +- 45 files changed, 409 insertions(+), 59 deletions(-) create mode 100644 .github/actions/action.yml create mode 100644 .github/actions/install-codeql-packs/action.yml create mode 100644 .github/workflows/verify-standard-library-dependencies.yml delete mode 100644 c/.codeqlmanifest.json create mode 100644 c/cert/src/codeql-pack.lock.yml create mode 100644 c/cert/test/codeql-pack.lock.yml create mode 100644 c/common/src/codeql-pack.lock.yml create mode 100644 c/common/test/codeql-pack.lock.yml create mode 100644 c/misra/src/codeql-pack.lock.yml create mode 100644 c/misra/test/codeql-pack.lock.yml delete mode 100644 cpp/.codeqlmanifest.json create mode 100644 cpp/autosar/src/codeql-pack.lock.yml create mode 100644 cpp/autosar/test/codeql-pack.lock.yml create mode 100644 cpp/cert/src/codeql-pack.lock.yml create mode 100644 cpp/cert/test/codeql-pack.lock.yml create mode 100644 cpp/common/src/codeql-pack.lock.yml create mode 100644 cpp/common/test/codeql-pack.lock.yml create mode 100644 cpp/misra/src/codeql-pack.lock.yml create mode 100644 cpp/misra/test/codeql-pack.lock.yml create mode 100644 cpp/report/src/codeql-pack.lock.yml create mode 100644 scripts/get_workspace_packs.py create mode 100644 scripts/install-packs.py create mode 100644 scripts/verify-standard-library-version.py diff --git a/.codeqlmanifest.json b/.codeqlmanifest.json index ac468d9838..d6277f5949 100644 --- a/.codeqlmanifest.json +++ b/.codeqlmanifest.json @@ -1 +1 @@ -{ "provide": [ "codeql_modules/*/.codeqlmanifest.json", "cpp/.codeqlmanifest.json", "c/.codeqlmanifest.json"] } +{ "provide": [ "cpp/*/src/qlpack.yml", "cpp/*/test/qlpack.yml", "c/*/src/qlpack.yml", "c/*/test/qlpack.yml" ] } diff --git a/.github/actions/action.yml b/.github/actions/action.yml new file mode 100644 index 0000000000..2e6d5f1a2e --- /dev/null +++ b/.github/actions/action.yml @@ -0,0 +1,25 @@ +name: Install CodeQL library pack dependencies +description: | + Downloads any necessary CodeQL library packs needed by packs in the repo. +inputs: + cli_path: + description: | + The path to the CodeQL CLI directory. + required: false + + mode: + description: | + The `--mode` option to `codeql pack install`. + required: true + default: verify + +runs: + using: composite + steps: + - name: Install CodeQL library packs + shell: bash + env: + CODEQL_CLI: ${{ inputs.cli_path }} + run: | + PATH=$PATH:$CODEQL_CLI + python scripts/install-packs.py --mode ${{ inputs.mode }} diff --git a/.github/actions/install-codeql-packs/action.yml b/.github/actions/install-codeql-packs/action.yml new file mode 100644 index 0000000000..2e6d5f1a2e --- /dev/null +++ b/.github/actions/install-codeql-packs/action.yml @@ -0,0 +1,25 @@ +name: Install CodeQL library pack dependencies +description: | + Downloads any necessary CodeQL library packs needed by packs in the repo. +inputs: + cli_path: + description: | + The path to the CodeQL CLI directory. + required: false + + mode: + description: | + The `--mode` option to `codeql pack install`. + required: true + default: verify + +runs: + using: composite + steps: + - name: Install CodeQL library packs + shell: bash + env: + CODEQL_CLI: ${{ inputs.cli_path }} + run: | + PATH=$PATH:$CODEQL_CLI + python scripts/install-packs.py --mode ${{ inputs.mode }} diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index 0814e059e8..7ffa250669 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -59,6 +59,11 @@ jobs: codeql-home: ${{ github.workspace }}/codeql_home add-to-path: false + - name: Install CodeQL packs + uses: ./.github/actions/install-codeql-packs + with: + cli_path: ${{ github.workspace }}/codeql_home/codeql + - name: Checkout external help files continue-on-error: true id: checkout-external-help-files @@ -82,8 +87,8 @@ jobs: run: | PATH=$PATH:$CODEQL_HOME/codeql - codeql query compile --search-path cpp --threads 0 cpp - codeql query compile --search-path c --search-path cpp --threads 0 c + codeql query compile --threads 0 cpp + codeql query compile --threads 0 c cd .. zip -r codeql-coding-standards/code-scanning-cpp-query-pack.zip codeql-coding-standards/c/ codeql-coding-standards/cpp/ codeql-coding-standards/.codeqlmanifest.json codeql-coding-standards/supported_codeql_configs.json codeql-coding-standards/scripts/deviations codeql-coding-standards/scripts/reports diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index 1a2374d19d..8fad3c3292 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -66,11 +66,16 @@ jobs: codeql-home: ${{ github.workspace }}/codeql_home add-to-path: false + - name: Install CodeQL packs + uses: ./.github/actions/install-codeql-packs + with: + cli_path: ${{ github.workspace }}/codeql_home/codeql + - name: Pre-Compile Queries id: pre-compile-queries run: | - ${{ github.workspace }}/codeql_home/codeql/codeql query compile --search-path cpp --threads 0 cpp - ${{ github.workspace }}/codeql_home/codeql/codeql query compile --search-path c --search-path cpp --threads 0 c + ${{ github.workspace }}/codeql_home/codeql/codeql query compile --threads 0 cpp + ${{ github.workspace }}/codeql_home/codeql/codeql query compile --threads 0 c - name: Run test suites @@ -122,18 +127,11 @@ jobs: os.makedirs(os.path.dirname(test_report_path), exist_ok=True) test_report_file = open(test_report_path, 'w') files_to_close.append(test_report_file) - if "${{ matrix.language }}".casefold() == "c".casefold(): - # c tests require cpp -- but we don't want c things on the cpp - # path in case of design errors. - cpp_language_root = Path(workspace, 'cpp') - procs.append(subprocess.Popen([codeql_bin, "test", "run", "--failing-exitcode=122", f"--slice={slice}/{num_slices}", "--ram=2048", "--format=json", f'--search-path={cpp_language_root}', f'--search-path={language_root}', *test_roots], stdout=test_report_file, stderr=subprocess.PIPE)) - else: - procs.append(subprocess.Popen([codeql_bin, "test", "run", "--failing-exitcode=122", f"--slice={slice}/{num_slices}", "--ram=2048", "--format=json", f'--search-path={language_root}', f'--search-path={language_root}', *test_roots], stdout=test_report_file, stderr=subprocess.PIPE)) + procs.append(subprocess.Popen([codeql_bin, "test", "run", "--failing-exitcode=122", f"--slice={slice}/{num_slices}", "--ram=2048", "--format=json", *test_roots], stdout=test_report_file, stderr=subprocess.PIPE)) for p in procs: - p.wait() + _, err = p.communicate() if p.returncode != 0: - _, err = p.communicate() if p.returncode == 122: # Failed because a test case failed, so just print the regular output. # This will allow us to proceed to validate-test-results, which will fail if diff --git a/.github/workflows/standard_library_upgrade_tests.yml b/.github/workflows/standard_library_upgrade_tests.yml index 0a4e58dbd3..4f7c2de75c 100644 --- a/.github/workflows/standard_library_upgrade_tests.yml +++ b/.github/workflows/standard_library_upgrade_tests.yml @@ -116,7 +116,7 @@ jobs: stdlib_path = os.path.join(codeql_home, 'codeql-stdlib') cpp_test_root = Path(stdlib_path, 'cpp/ql/test') print(f"Executing tests found (recursively) in the directory '{cpp_test_root}'") - cp = subprocess.run([codeql_bin, "test", "run", "--format=json", f'--search-path={stdlib_path}', cpp_test_root], stdout=test_report_file, stderr=subprocess.PIPE) + cp = subprocess.run([codeql_bin, "test", "run", "--format=json", cpp_test_root], stdout=test_report_file, stderr=subprocess.PIPE) if cp.returncode != 0: print_error_and_fail(f"Failed to run tests with return code {cp.returncode} and error {cp.stderr}") diff --git a/.github/workflows/verify-standard-library-dependencies.yml b/.github/workflows/verify-standard-library-dependencies.yml new file mode 100644 index 0000000000..1be00ef43e --- /dev/null +++ b/.github/workflows/verify-standard-library-dependencies.yml @@ -0,0 +1,79 @@ +name: Verify Standard Library Dependencies + +# Run this workflow every time the "supported_codeql_configs.json" file or a "qlpack.yml" file is changed +on: + pull_request: + branches: + - main + - "rc/**" + - next + paths: + - "supported_codeql_configs.json" + - "qlpack.yml" + workflow_dispatch: + +jobs: + prepare-matrix: + name: Prepare CodeQL configuration matrix + runs-on: ubuntu-latest + outputs: + matrix: ${{ steps.export-matrix.outputs.matrix }} + steps: + - name: Checkout repository + uses: actions/checkout@v2 + + - name: Export unit test matrix + id: export-matrix + run: | + echo "::set-output name=matrix::$( + jq --compact-output \ + '.supported_environment | map([.+{os: "ubuntu-20.04-xl", codeql_standard_library_ident : .codeql_standard_library | sub("\/"; "_")}]) | flatten | {include: .}' \ + supported_codeql_configs.json + )" + + verify-dependencies: + name: Verify dependencies + needs: prepare-matrix + + runs-on: ${{ matrix.os }} + strategy: + fail-fast: false + matrix: ${{fromJSON(needs.prepare-matrix.outputs.matrix)}} + + steps: + - name: Checkout repository + uses: actions/checkout@v2 + + - name: Setup Python 3 + uses: actions/setup-python@v2 + with: + python-version: "3.x" + + - name: Cache CodeQL + id: cache-codeql + uses: actions/cache@v2.1.3 + with: + # A list of files, directories, and wildcard patterns to cache and restore + path: ${{github.workspace}}/codeql_home + # An explicit key for restoring and saving the cache + key: codeql-home-${{matrix.os}}-${{matrix.codeql_cli}}-${{matrix.codeql_standard_library}} + + - name: Install CodeQL + if: steps.cache-codeql.outputs.cache-hit != 'true' + uses: ./.github/actions/install-codeql + with: + codeql-cli-version: ${{matrix.codeql_cli}} + codeql-stdlib-version: ${{matrix.codeql_standard_library}} + codeql-home: ${{ github.workspace }}/codeql_home + + - name: Verify dependencies + shell: bash + env: + CLI_PATH: ${{ github.workspace }}/codeql_home/codeql + STDLIB_PATH: ${{ github.workspace }}/codeql_home/codeql-stdlib + run: | + PATH=$PATH:$CLI_PATH + ls $STDLIB_PATH + pip install -r scripts/requirements.txt + python3 scripts/verify-standard-library-version.py --codeql-repo $STDLIB_PATH --mode verify + diff --git a/.gitignore b/.gitignore index 5466e33c8f..360134b51c 100644 --- a/.gitignore +++ b/.gitignore @@ -20,3 +20,6 @@ # C/C++ build artifacts *.o /databases/ + +# CodeQL build artifacts +**/.codeql/** diff --git a/c/.codeqlmanifest.json b/c/.codeqlmanifest.json deleted file mode 100644 index 384848fdd1..0000000000 --- a/c/.codeqlmanifest.json +++ /dev/null @@ -1,3 +0,0 @@ -{ "provide": [ - "*/src/qlpack.yml", - "*/test/qlpack.yml" ] } diff --git a/c/cert/src/codeql-pack.lock.yml b/c/cert/src/codeql-pack.lock.yml new file mode 100644 index 0000000000..421c52af64 --- /dev/null +++ b/c/cert/src/codeql-pack.lock.yml @@ -0,0 +1,6 @@ +--- +dependencies: + codeql/cpp-all: + version: 0.0.13 +compiled: false +lockVersion: 1.0.0 diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index eed7d5a341..ce775072e3 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,4 +1,6 @@ name: cert-c-coding-standards version: 2.8.0-dev suites: codeql-suites -libraryPathDependencies: common-c-coding-standards \ No newline at end of file +dependencies: + codeql/common-c-coding-standards: '*' + codeql/cpp-all: 0.0.13 diff --git a/c/cert/test/codeql-pack.lock.yml b/c/cert/test/codeql-pack.lock.yml new file mode 100644 index 0000000000..421c52af64 --- /dev/null +++ b/c/cert/test/codeql-pack.lock.yml @@ -0,0 +1,6 @@ +--- +dependencies: + codeql/cpp-all: + version: 0.0.13 +compiled: false +lockVersion: 1.0.0 diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index c8d8bcc665..bd8995b986 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,4 +1,5 @@ -name: cert-c-coding-standards-tests +name: codeql/cert-c-coding-standards-tests version: 2.8.0-dev -libraryPathDependencies: cert-c-coding-standards -extractor: cpp \ No newline at end of file +extractor: cpp +dependencies: + codeql/cert-c-coding-standards: '*' diff --git a/c/common/src/codeql-pack.lock.yml b/c/common/src/codeql-pack.lock.yml new file mode 100644 index 0000000000..421c52af64 --- /dev/null +++ b/c/common/src/codeql-pack.lock.yml @@ -0,0 +1,6 @@ +--- +dependencies: + codeql/cpp-all: + version: 0.0.13 +compiled: false +lockVersion: 1.0.0 diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 4b9b0fd2e1..b93e61c8ad 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,3 +1,5 @@ -name: common-c-coding-standards +name: codeql/common-c-coding-standards version: 2.8.0-dev -libraryPathDependencies: common-cpp-coding-standards +dependencies: + codeql/common-cpp-coding-standards: '*' + codeql/cpp-all: 0.0.13 diff --git a/c/common/test/codeql-pack.lock.yml b/c/common/test/codeql-pack.lock.yml new file mode 100644 index 0000000000..421c52af64 --- /dev/null +++ b/c/common/test/codeql-pack.lock.yml @@ -0,0 +1,6 @@ +--- +dependencies: + codeql/cpp-all: + version: 0.0.13 +compiled: false +lockVersion: 1.0.0 diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index 15401c7d35..ec7387fb99 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,4 +1,5 @@ -name: common-c-coding-standards-tests +name: codeql/common-c-coding-standards-tests version: 2.8.0-dev -libraryPathDependencies: common-c-coding-standards extractor: cpp +dependencies: + codeql/common-c-coding-standards: '*' diff --git a/c/misra/src/codeql-pack.lock.yml b/c/misra/src/codeql-pack.lock.yml new file mode 100644 index 0000000000..421c52af64 --- /dev/null +++ b/c/misra/src/codeql-pack.lock.yml @@ -0,0 +1,6 @@ +--- +dependencies: + codeql/cpp-all: + version: 0.0.13 +compiled: false +lockVersion: 1.0.0 diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 025314afb2..cb9b81dbc5 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,4 +1,6 @@ -name: misra-c-coding-standards +name: codeql/misra-c-coding-standards version: 2.8.0-dev suites: codeql-suites -libraryPathDependencies: common-c-coding-standards +dependencies: + codeql/common-c-coding-standards: '*' + codeql/cpp-all: 0.0.13 diff --git a/c/misra/test/codeql-pack.lock.yml b/c/misra/test/codeql-pack.lock.yml new file mode 100644 index 0000000000..421c52af64 --- /dev/null +++ b/c/misra/test/codeql-pack.lock.yml @@ -0,0 +1,6 @@ +--- +dependencies: + codeql/cpp-all: + version: 0.0.13 +compiled: false +lockVersion: 1.0.0 diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index e496bada24..642e48fdf8 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,4 +1,5 @@ -name: misra-c-coding-standards-tests +name: codeql/misra-c-coding-standards-tests version: 2.8.0-dev -libraryPathDependencies: misra-c-coding-standards -extractor: cpp \ No newline at end of file +extractor: cpp +dependencies: + codeql/misra-c-coding-standards: '*' diff --git a/cpp/.codeqlmanifest.json b/cpp/.codeqlmanifest.json deleted file mode 100644 index 384848fdd1..0000000000 --- a/cpp/.codeqlmanifest.json +++ /dev/null @@ -1,3 +0,0 @@ -{ "provide": [ - "*/src/qlpack.yml", - "*/test/qlpack.yml" ] } diff --git a/cpp/autosar/src/codeql-pack.lock.yml b/cpp/autosar/src/codeql-pack.lock.yml new file mode 100644 index 0000000000..421c52af64 --- /dev/null +++ b/cpp/autosar/src/codeql-pack.lock.yml @@ -0,0 +1,6 @@ +--- +dependencies: + codeql/cpp-all: + version: 0.0.13 +compiled: false +lockVersion: 1.0.0 diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index 734829a2f5..34949a9d49 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,4 +1,6 @@ -name: autosar-cpp-coding-standards +name: codeql/autosar-cpp-coding-standards version: 2.8.0-dev suites: codeql-suites -libraryPathDependencies: common-cpp-coding-standards +dependencies: + codeql/common-cpp-coding-standards: '*' + codeql/cpp-all: 0.0.13 diff --git a/cpp/autosar/test/codeql-pack.lock.yml b/cpp/autosar/test/codeql-pack.lock.yml new file mode 100644 index 0000000000..421c52af64 --- /dev/null +++ b/cpp/autosar/test/codeql-pack.lock.yml @@ -0,0 +1,6 @@ +--- +dependencies: + codeql/cpp-all: + version: 0.0.13 +compiled: false +lockVersion: 1.0.0 diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index 1cae2388c4..dcc32f21ff 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,4 +1,5 @@ -name: autosar-cpp-coding-standards-tests +name: codeql/autosar-cpp-coding-standards-tests version: 2.8.0-dev -libraryPathDependencies: autosar-cpp-coding-standards extractor: cpp +dependencies: + codeql/autosar-cpp-coding-standards: '*' diff --git a/cpp/cert/src/codeql-pack.lock.yml b/cpp/cert/src/codeql-pack.lock.yml new file mode 100644 index 0000000000..421c52af64 --- /dev/null +++ b/cpp/cert/src/codeql-pack.lock.yml @@ -0,0 +1,6 @@ +--- +dependencies: + codeql/cpp-all: + version: 0.0.13 +compiled: false +lockVersion: 1.0.0 diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index 0eff915b6c..2120913d86 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,4 +1,6 @@ -name: cert-cpp-coding-standards +name: codeql/cert-cpp-coding-standards version: 2.8.0-dev suites: codeql-suites -libraryPathDependencies: common-cpp-coding-standards +dependencies: + codeql/cpp-all: 0.0.13 + codeql/common-cpp-coding-standards: '*' diff --git a/cpp/cert/test/codeql-pack.lock.yml b/cpp/cert/test/codeql-pack.lock.yml new file mode 100644 index 0000000000..421c52af64 --- /dev/null +++ b/cpp/cert/test/codeql-pack.lock.yml @@ -0,0 +1,6 @@ +--- +dependencies: + codeql/cpp-all: + version: 0.0.13 +compiled: false +lockVersion: 1.0.0 diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index 7305b286f2..b65f6e59ec 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,4 +1,5 @@ -name: cert-cpp-coding-standards-tests +name: codeql/cert-cpp-coding-standards-tests version: 2.8.0-dev -libraryPathDependencies: cert-cpp-coding-standards extractor: cpp +dependencies: + codeql/cert-cpp-coding-standards: '*' diff --git a/cpp/common/src/codeql-pack.lock.yml b/cpp/common/src/codeql-pack.lock.yml new file mode 100644 index 0000000000..421c52af64 --- /dev/null +++ b/cpp/common/src/codeql-pack.lock.yml @@ -0,0 +1,6 @@ +--- +dependencies: + codeql/cpp-all: + version: 0.0.13 +compiled: false +lockVersion: 1.0.0 diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index a2dd5bcff1..ac8d433906 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,3 +1,4 @@ -name: common-cpp-coding-standards +name: codeql/common-cpp-coding-standards version: 2.8.0-dev -libraryPathDependencies: codeql-cpp +dependencies: + codeql/cpp-all: 0.0.13 diff --git a/cpp/common/test/codeql-pack.lock.yml b/cpp/common/test/codeql-pack.lock.yml new file mode 100644 index 0000000000..421c52af64 --- /dev/null +++ b/cpp/common/test/codeql-pack.lock.yml @@ -0,0 +1,6 @@ +--- +dependencies: + codeql/cpp-all: + version: 0.0.13 +compiled: false +lockVersion: 1.0.0 diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index ce5b6c0943..fb42d63ab3 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,4 +1,5 @@ -name: common-cpp-coding-standards-tests +name: codeql/common-cpp-coding-standards-tests version: 2.8.0-dev -libraryPathDependencies: common-cpp-coding-standards extractor: cpp +dependencies: + codeql/common-cpp-coding-standards: '*' diff --git a/cpp/misra/src/codeql-pack.lock.yml b/cpp/misra/src/codeql-pack.lock.yml new file mode 100644 index 0000000000..421c52af64 --- /dev/null +++ b/cpp/misra/src/codeql-pack.lock.yml @@ -0,0 +1,6 @@ +--- +dependencies: + codeql/cpp-all: + version: 0.0.13 +compiled: false +lockVersion: 1.0.0 diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index d300163d7d..ce43905c4f 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,3 +1,5 @@ -name: misra-cpp-coding-standards +name: codeql/misra-cpp-coding-standards version: 2.8.0-dev -libraryPathDependencies: common-cpp-coding-standards +dependencies: + codeql/common-cpp-coding-standards: '*' + codeql/cpp-all: 0.0.13 diff --git a/cpp/misra/test/codeql-pack.lock.yml b/cpp/misra/test/codeql-pack.lock.yml new file mode 100644 index 0000000000..421c52af64 --- /dev/null +++ b/cpp/misra/test/codeql-pack.lock.yml @@ -0,0 +1,6 @@ +--- +dependencies: + codeql/cpp-all: + version: 0.0.13 +compiled: false +lockVersion: 1.0.0 diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index f4e8b89b67..e8117d58e9 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,4 +1,5 @@ -name: misra-cpp-coding-standards-tests +name: codeql/misra-cpp-coding-standards-tests version: 2.8.0-dev -libraryPathDependencies: misra-cpp-coding-standards extractor: cpp +dependencies: + codeql/misra-cpp-coding-standards: '*' \ No newline at end of file diff --git a/cpp/report/src/codeql-pack.lock.yml b/cpp/report/src/codeql-pack.lock.yml new file mode 100644 index 0000000000..421c52af64 --- /dev/null +++ b/cpp/report/src/codeql-pack.lock.yml @@ -0,0 +1,6 @@ +--- +dependencies: + codeql/cpp-all: + version: 0.0.13 +compiled: false +lockVersion: 1.0.0 diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index e7ea756cfd..41e6570fd4 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,3 +1,4 @@ -name: report-cpp-coding-standards +name: codeql/report-cpp-coding-standards version: 2.8.0-dev -libraryPathDependencies: codeql-cpp +dependencies: + codeql/cpp-all: 0.0.13 diff --git a/docs/development_handbook.md b/docs/development_handbook.md index 898fed7542..6144ead0d4 100644 --- a/docs/development_handbook.md +++ b/docs/development_handbook.md @@ -32,6 +32,7 @@ | 0.24.0 | 2022-07-05 | Remco Vermeulen | Update release process to include steps for external help files. | | 0.25.0 | 2022-07-22 | Jeroen Ketema | Document the existence and purpose of the `next` branch. | | 0.26.0 | 2022-08-10 | Remco Vermeulen | Address incorrect package file generation command. This was missing the required language argument. | +| 0.27.0 | 2022-08-31 | David Bartolomeo | Add section on installing QL dependencies and update CLI commands to account for the migration to CodeQL packs. ## Scope of work @@ -332,6 +333,12 @@ A query **must** include: All public predicates, classes, modules and files should be documented with QLDoc. All QLDoc should follow the [QLDoc style guide](https://github.com/github/codeql/blob/main/docs/qldoc-style-guide.md). +### Installing QL dependencies + +All of our query and library packs depend on the standard CodeQL library for C++, `codeql/cpp-all`. This dependency is specified in the `qlpack.yml` file for each of our packs. Before compiling, running, or testing any of our queries or libraries, you must download the proper dependencies by running `python3 scripts/install-packs.py`. This will download the appropriate version of the standard library from the public package registry, installing it in a cache in your `~/.codeql` directory. When compiling queries or running tests, the QL compiler will pick up the appropriate dependencies from this cache without any need to specify an additional library search path on the command line. + +Because the downloaded packs are cached, it is only necessary to run `install-packs.py` once each time we upgrade to a new standard library version. It does not hurt to run it more often; if all necessary packs are already in the download cache, then it will complete quickly without trying to download anything. + ### Unit testing Every query which implements a rule **must** include: @@ -345,11 +352,10 @@ During query development in VS Code, the unit tests can be run using the [testin Unit tests can also be run on the command line using the CodeQL CLI. With an appropriate CodeQL CLI (as specified in the `supported_codeql_configs.json` at the root of the repository), you can run the following from the root of the repository: ``` -codeql test run --show-extractor-output --search-path . path/to/test/directory +codeql test run --show-extractor-output path/to/test/directory ``` * `--show-extractor-output` - this shows the output from the extractor. It is most useful when the test fails because the file is not valid C++, where the extractor output will include the compilation failure. This is not shown in VS Code. -* `--search-path .` - this allows the CodeQL CLI to discover all the QL packs within our repository. * `path/to/test/directory` - this can be a qlref file (like `cpp/autosar/test/rules/A15-2-2/`), a rule directory (`cpp/autosar/test/rules/A15-2-2/`) or a test qlpack (`cpp/autosar/test/`). For more details on running unit tests with the CodeQL CLI see the [Testing custom queries](https://codeql.github.com/docs/codeql-cli/testing-custom-queries/) help topic. @@ -668,7 +674,6 @@ ls cpp/cert/src/$(cat cpp/cert/test/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDecl # Run a test. See # https://github.com/github/codeql-coding-standards/blob/main/development_handbook.md#unit-testing codeql test run --show-extractor-output \ - --search-path . \ cpp/cert/test/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclTypeOperand.qlref # Get a db error? Applying the recommended fix @@ -686,7 +691,7 @@ codeql test run --show-extractor-output \ # If the expected output is not yet present, it is printed as a diff: mv cpp/cert/test/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclTypeOperand.expected foo -codeql test run --show-extractor-output --search-path . \ +codeql test run --show-extractor-output \ cpp/cert/test/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclTypeOperand.qlref # The actual output can be accepted via codeql test accept (which moves some files): diff --git a/scripts/get_workspace_packs.py b/scripts/get_workspace_packs.py new file mode 100644 index 0000000000..fc9054c641 --- /dev/null +++ b/scripts/get_workspace_packs.py @@ -0,0 +1,14 @@ +import glob +import json +import os + +def get_workspace_packs(root): + # Find the packs by globbing using the 'provide' patterns in the manifest. + os.chdir(root) + with open('.codeqlmanifest.json') as manifest_file: + manifest = json.load(manifest_file) + packs = [] + for pattern in manifest['provide']: + packs.extend(glob.glob(pattern, recursive=True)) + + return packs diff --git a/scripts/install-packs.py b/scripts/install-packs.py new file mode 100644 index 0000000000..a0286e2228 --- /dev/null +++ b/scripts/install-packs.py @@ -0,0 +1,23 @@ +import argparse +import os +import subprocess +import get_workspace_packs + +parser = argparse.ArgumentParser(description="Install CodeQL library pack dependencies.") +parser.add_argument('--mode', required=False, choices=['use-lock', 'update', 'verify', 'no-lock'], default="use-lock", help="Installation mode, identical to the `--mode` argument to `codeql pack install`") +parser.add_argument('--codeql', required=False, default='codeql', help="Path to the `codeql` executable.") +args = parser.parse_args() + +# Find the root of the repo +root = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) + +packs = get_workspace_packs.get_workspace_packs(root) + +# Find the CodeQL packs in the repo. This can also return packs outside of the repo, if those packs +# are installed in a sibling directory to the CLI. +for pack in packs: + pack_path = os.path.join(root, pack) + # Run `codeql pack install` to install dependencies. + command = [args.codeql, 'pack', 'install', '--mode', args.mode, pack_path] + print(f'Running `{" ".join(command)}`') + subprocess.check_call(command) diff --git a/scripts/verify-standard-library-version.py b/scripts/verify-standard-library-version.py new file mode 100644 index 0000000000..0b46068e1d --- /dev/null +++ b/scripts/verify-standard-library-version.py @@ -0,0 +1,68 @@ +import argparse +import json +import os +import subprocess +import yaml +import get_workspace_packs + +def get_codeql_packs(codeql_repo, codeql): + command = [codeql, 'resolve', 'qlpacks', '--additional-packs', codeql_repo, '--format', 'json'] + print(f'Running `{" ".join(command)}`') + packs_json = subprocess.check_output(command) + print(packs_json) + packs = json.loads(packs_json) + return packs + +parser = argparse.ArgumentParser(description='Ensure that CodeQL library pack dependency versions match the supported configuration.') +parser.add_argument('--codeql-repo', required=True, help='Path to checkout of `github/codeql` repo at desired branch.') +parser.add_argument('--mode', required=False, choices=['verify', 'update'], default='verify', help="`verify` to fail on mismatch; `update` to change `qlpack.lock.yml` files to use new version.") +parser.add_argument('--codeql', required=False, default='codeql', help='Path to the `codeql` executable.') +args = parser.parse_args() + +# Find the root of the repo +root = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) + +# Get the packs for the repo's workspace. +workspace_packs = get_workspace_packs.get_workspace_packs(root) + +# Get the packs from the `codeql` repo checkout. +codeql_packs = get_codeql_packs(args.codeql_repo, args.codeql) + +failed = False +for pack in workspace_packs: + pack_path = os.path.join(root, pack) + + print(f"Scanning dependencies of '{pack_path}'...") + + # Read our pack's configuration file. + with open(pack_path) as pack_file: + pack_yaml = yaml.safe_load(pack_file) + + updated = False + if 'dependencies' in pack_yaml: + dependencies = pack_yaml['dependencies'] + for ref_name in dependencies: + ref_version = dependencies[ref_name] + if ref_name in codeql_packs: + # Found this reference in the `codeql` repo. The version of the reference should match + # the version of that pack in the `codeql` repo. + lib_path = codeql_packs[ref_name][0] + lib_path = os.path.join(lib_path, 'qlpack.yml') + with open(lib_path) as lib_file: + lib_yaml = yaml.safe_load(lib_file) + lib_version = lib_yaml['version'] + if ref_version != lib_version: + print(f"Mismatched versions for '{ref_name}', referenced from '{pack_path}'. " + + f"referenced version is '{ref_version}', but should be '{lib_version}'.") + if args.mode == 'verify': + failed = True # Report an error at the end. + else: + pack_yaml['dependencies'][ref_name] = lib_version + updated = True # Update our pack in-place. + + if updated: + print(f"Updating '{pack_path}'...") + with open(pack_path, 'w', newline='\n') as pack_file: # Always use LF even on Windows + yaml.safe_dump(pack_yaml, pack_file, sort_keys=False) + +exit(1 if failed else 0) diff --git a/supported_codeql_configs.json b/supported_codeql_configs.json index a0ad42a349..bba3112bae 100644 --- a/supported_codeql_configs.json +++ b/supported_codeql_configs.json @@ -1,9 +1,9 @@ { "supported_environment": [ { - "codeql_cli": "2.7.6", - "codeql_standard_library": "codeql-cli/v2.7.6", - "codeql_cli_bundle": "codeql-bundle-20220120" + "codeql_cli": "2.8.5", + "codeql_standard_library": "codeql-cli/v2.8.5", + "codeql_cli_bundle": "codeql-bundle-20220401" } ], "supported_language" : [ From 3b7a5e0702636968061c30ef153051622f49b28c Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Thu, 14 Jul 2022 15:27:51 +0200 Subject: [PATCH 0017/2573] Update to CodeQL 2.9.4 --- c/cert/src/codeql-pack.lock.yml | 2 +- c/cert/src/qlpack.yml | 2 +- c/cert/test/codeql-pack.lock.yml | 2 +- c/common/src/codeql-pack.lock.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/codeql-pack.lock.yml | 2 +- c/misra/src/codeql-pack.lock.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/codeql-pack.lock.yml | 2 +- cpp/autosar/src/codeql-pack.lock.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/codeql-pack.lock.yml | 2 +- cpp/cert/src/codeql-pack.lock.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/codeql-pack.lock.yml | 2 +- cpp/common/src/codeql-pack.lock.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/codeql-pack.lock.yml | 2 +- cpp/misra/src/codeql-pack.lock.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/codeql-pack.lock.yml | 2 +- cpp/report/src/codeql-pack.lock.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- supported_codeql_configs.json | 6 +++--- 24 files changed, 26 insertions(+), 26 deletions(-) diff --git a/c/cert/src/codeql-pack.lock.yml b/c/cert/src/codeql-pack.lock.yml index 421c52af64..b0f02a9d1f 100644 --- a/c/cert/src/codeql-pack.lock.yml +++ b/c/cert/src/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.0.13 + version: 0.2.3 compiled: false lockVersion: 1.0.0 diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index ce775072e3..644ac974d6 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -3,4 +3,4 @@ version: 2.8.0-dev suites: codeql-suites dependencies: codeql/common-c-coding-standards: '*' - codeql/cpp-all: 0.0.13 + codeql/cpp-all: 0.2.3 diff --git a/c/cert/test/codeql-pack.lock.yml b/c/cert/test/codeql-pack.lock.yml index 421c52af64..b0f02a9d1f 100644 --- a/c/cert/test/codeql-pack.lock.yml +++ b/c/cert/test/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.0.13 + version: 0.2.3 compiled: false lockVersion: 1.0.0 diff --git a/c/common/src/codeql-pack.lock.yml b/c/common/src/codeql-pack.lock.yml index 421c52af64..b0f02a9d1f 100644 --- a/c/common/src/codeql-pack.lock.yml +++ b/c/common/src/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.0.13 + version: 0.2.3 compiled: false lockVersion: 1.0.0 diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index b93e61c8ad..2d3953f63a 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/common-c-coding-standards version: 2.8.0-dev dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.0.13 + codeql/cpp-all: 0.2.3 diff --git a/c/common/test/codeql-pack.lock.yml b/c/common/test/codeql-pack.lock.yml index 421c52af64..b0f02a9d1f 100644 --- a/c/common/test/codeql-pack.lock.yml +++ b/c/common/test/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.0.13 + version: 0.2.3 compiled: false lockVersion: 1.0.0 diff --git a/c/misra/src/codeql-pack.lock.yml b/c/misra/src/codeql-pack.lock.yml index 421c52af64..b0f02a9d1f 100644 --- a/c/misra/src/codeql-pack.lock.yml +++ b/c/misra/src/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.0.13 + version: 0.2.3 compiled: false lockVersion: 1.0.0 diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index cb9b81dbc5..17586fc09f 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -3,4 +3,4 @@ version: 2.8.0-dev suites: codeql-suites dependencies: codeql/common-c-coding-standards: '*' - codeql/cpp-all: 0.0.13 + codeql/cpp-all: 0.2.3 diff --git a/c/misra/test/codeql-pack.lock.yml b/c/misra/test/codeql-pack.lock.yml index 421c52af64..b0f02a9d1f 100644 --- a/c/misra/test/codeql-pack.lock.yml +++ b/c/misra/test/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.0.13 + version: 0.2.3 compiled: false lockVersion: 1.0.0 diff --git a/cpp/autosar/src/codeql-pack.lock.yml b/cpp/autosar/src/codeql-pack.lock.yml index 421c52af64..b0f02a9d1f 100644 --- a/cpp/autosar/src/codeql-pack.lock.yml +++ b/cpp/autosar/src/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.0.13 + version: 0.2.3 compiled: false lockVersion: 1.0.0 diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index 34949a9d49..56abc6f259 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -3,4 +3,4 @@ version: 2.8.0-dev suites: codeql-suites dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.0.13 + codeql/cpp-all: 0.2.3 diff --git a/cpp/autosar/test/codeql-pack.lock.yml b/cpp/autosar/test/codeql-pack.lock.yml index 421c52af64..b0f02a9d1f 100644 --- a/cpp/autosar/test/codeql-pack.lock.yml +++ b/cpp/autosar/test/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.0.13 + version: 0.2.3 compiled: false lockVersion: 1.0.0 diff --git a/cpp/cert/src/codeql-pack.lock.yml b/cpp/cert/src/codeql-pack.lock.yml index 421c52af64..b0f02a9d1f 100644 --- a/cpp/cert/src/codeql-pack.lock.yml +++ b/cpp/cert/src/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.0.13 + version: 0.2.3 compiled: false lockVersion: 1.0.0 diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index 2120913d86..f2e265f4a3 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -2,5 +2,5 @@ name: codeql/cert-cpp-coding-standards version: 2.8.0-dev suites: codeql-suites dependencies: - codeql/cpp-all: 0.0.13 + codeql/cpp-all: 0.2.3 codeql/common-cpp-coding-standards: '*' diff --git a/cpp/cert/test/codeql-pack.lock.yml b/cpp/cert/test/codeql-pack.lock.yml index 421c52af64..b0f02a9d1f 100644 --- a/cpp/cert/test/codeql-pack.lock.yml +++ b/cpp/cert/test/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.0.13 + version: 0.2.3 compiled: false lockVersion: 1.0.0 diff --git a/cpp/common/src/codeql-pack.lock.yml b/cpp/common/src/codeql-pack.lock.yml index 421c52af64..b0f02a9d1f 100644 --- a/cpp/common/src/codeql-pack.lock.yml +++ b/cpp/common/src/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.0.13 + version: 0.2.3 compiled: false lockVersion: 1.0.0 diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index ac8d433906..7bcd661037 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/common-cpp-coding-standards version: 2.8.0-dev dependencies: - codeql/cpp-all: 0.0.13 + codeql/cpp-all: 0.2.3 diff --git a/cpp/common/test/codeql-pack.lock.yml b/cpp/common/test/codeql-pack.lock.yml index 421c52af64..b0f02a9d1f 100644 --- a/cpp/common/test/codeql-pack.lock.yml +++ b/cpp/common/test/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.0.13 + version: 0.2.3 compiled: false lockVersion: 1.0.0 diff --git a/cpp/misra/src/codeql-pack.lock.yml b/cpp/misra/src/codeql-pack.lock.yml index 421c52af64..b0f02a9d1f 100644 --- a/cpp/misra/src/codeql-pack.lock.yml +++ b/cpp/misra/src/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.0.13 + version: 0.2.3 compiled: false lockVersion: 1.0.0 diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index ce43905c4f..44d2b10c43 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/misra-cpp-coding-standards version: 2.8.0-dev dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.0.13 + codeql/cpp-all: 0.2.3 diff --git a/cpp/misra/test/codeql-pack.lock.yml b/cpp/misra/test/codeql-pack.lock.yml index 421c52af64..b0f02a9d1f 100644 --- a/cpp/misra/test/codeql-pack.lock.yml +++ b/cpp/misra/test/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.0.13 + version: 0.2.3 compiled: false lockVersion: 1.0.0 diff --git a/cpp/report/src/codeql-pack.lock.yml b/cpp/report/src/codeql-pack.lock.yml index 421c52af64..b0f02a9d1f 100644 --- a/cpp/report/src/codeql-pack.lock.yml +++ b/cpp/report/src/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.0.13 + version: 0.2.3 compiled: false lockVersion: 1.0.0 diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index 41e6570fd4..f34d8fe4cd 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/report-cpp-coding-standards version: 2.8.0-dev dependencies: - codeql/cpp-all: 0.0.13 + codeql/cpp-all: 0.2.3 diff --git a/supported_codeql_configs.json b/supported_codeql_configs.json index bba3112bae..269af480e3 100644 --- a/supported_codeql_configs.json +++ b/supported_codeql_configs.json @@ -1,9 +1,9 @@ { "supported_environment": [ { - "codeql_cli": "2.8.5", - "codeql_standard_library": "codeql-cli/v2.8.5", - "codeql_cli_bundle": "codeql-bundle-20220401" + "codeql_cli": "2.9.4", + "codeql_standard_library": "codeql-cli/v2.9.4", + "codeql_cli_bundle": "codeql-bundle-20220615" } ], "supported_language" : [ From 8c2be2889c8b6eaf6c3a6742120842a6f16a8b38 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Fri, 15 Jul 2022 19:34:28 +0200 Subject: [PATCH 0018/2573] Standardize on Python 3.9 per the user manual --- .github/actions/action.yml | 25 ------------------- .../verify-standard-library-dependencies.yml | 4 +-- 2 files changed, 2 insertions(+), 27 deletions(-) delete mode 100644 .github/actions/action.yml diff --git a/.github/actions/action.yml b/.github/actions/action.yml deleted file mode 100644 index 2e6d5f1a2e..0000000000 --- a/.github/actions/action.yml +++ /dev/null @@ -1,25 +0,0 @@ -name: Install CodeQL library pack dependencies -description: | - Downloads any necessary CodeQL library packs needed by packs in the repo. -inputs: - cli_path: - description: | - The path to the CodeQL CLI directory. - required: false - - mode: - description: | - The `--mode` option to `codeql pack install`. - required: true - default: verify - -runs: - using: composite - steps: - - name: Install CodeQL library packs - shell: bash - env: - CODEQL_CLI: ${{ inputs.cli_path }} - run: | - PATH=$PATH:$CODEQL_CLI - python scripts/install-packs.py --mode ${{ inputs.mode }} diff --git a/.github/workflows/verify-standard-library-dependencies.yml b/.github/workflows/verify-standard-library-dependencies.yml index 1be00ef43e..0b05736ddb 100644 --- a/.github/workflows/verify-standard-library-dependencies.yml +++ b/.github/workflows/verify-standard-library-dependencies.yml @@ -45,9 +45,9 @@ jobs: uses: actions/checkout@v2 - name: Setup Python 3 - uses: actions/setup-python@v2 + uses: actions/setup-python@v4 with: - python-version: "3.x" + python-version: "3.9" - name: Cache CodeQL id: cache-codeql From 4d698bc7d52468b2242a23dc6caed95fd0431257 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Thu, 14 Jul 2022 20:35:49 +0200 Subject: [PATCH 0019/2573] Bump codeql submodule --- codeql_modules/codeql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/codeql_modules/codeql b/codeql_modules/codeql index a1cdf256ad..4551af90f6 160000 --- a/codeql_modules/codeql +++ b/codeql_modules/codeql @@ -1 +1 @@ -Subproject commit a1cdf256ad6b7c3e9984db9069671647e5f47921 +Subproject commit 4551af90f61a8d5f5c1c88a036595b5919a6c98e From a1750a6e97da0b8fd0403cbebc78b1e7216a543d Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Thu, 14 Jul 2022 13:13:14 +0200 Subject: [PATCH 0020/2573] Update test expectations for new flow paths --- ...OwnedPointerValueStoredInUnrelatedSmartPointer.expected | 7 ------- 1 file changed, 7 deletions(-) diff --git a/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.expected b/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.expected index e291147d15..a4f85ecb72 100644 --- a/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.expected +++ b/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.expected @@ -11,21 +11,14 @@ edges | test.cpp:3:14:3:15 | v1 | test.cpp:6:31:6:33 | call to get | | test.cpp:3:14:3:15 | v1 | test.cpp:7:28:7:29 | v2 | | test.cpp:4:13:4:14 | v1 | test.cpp:7:28:7:29 | v2 | -| test.cpp:5:27:5:28 | v1 | ../../includes/standard-library/memory.h:76:17:76:19 | ptr | | test.cpp:5:27:5:29 | call to shared_ptr | test.cpp:6:31:6:33 | call to get | -| test.cpp:6:31:6:33 | call to get | ../../includes/standard-library/memory.h:76:17:76:19 | ptr | -| test.cpp:6:31:6:33 | call to get | ../../includes/standard-library/memory.h:76:17:76:19 | ptr | -| test.cpp:7:28:7:29 | v2 | ../../includes/standard-library/memory.h:76:17:76:19 | ptr | -| test.cpp:7:28:7:29 | v2 | ../../includes/standard-library/memory.h:76:17:76:19 | ptr | | test.cpp:8:8:8:14 | 0 | test.cpp:9:28:9:29 | v2 | -| test.cpp:9:28:9:29 | v2 | ../../includes/standard-library/memory.h:76:17:76:19 | ptr | | test.cpp:10:8:10:17 | new | test.cpp:11:28:11:29 | v2 | | test.cpp:10:8:10:17 | new | test.cpp:11:28:11:29 | v2 | | test.cpp:10:8:10:17 | new | test.cpp:12:28:12:29 | v2 | | test.cpp:11:28:11:29 | ref arg v2 | test.cpp:12:28:12:29 | v2 | | test.cpp:11:28:11:29 | v2 | ../../includes/standard-library/memory.h:76:17:76:19 | ptr | | test.cpp:11:28:11:29 | v2 | test.cpp:11:28:11:29 | ref arg v2 | -| test.cpp:12:28:12:29 | v2 | ../../includes/standard-library/memory.h:76:17:76:19 | ptr | | test.cpp:16:13:16:22 | new | test.cpp:17:27:17:28 | v1 | | test.cpp:16:13:16:22 | new | test.cpp:17:27:17:28 | v1 | | test.cpp:16:13:16:22 | new | test.cpp:19:6:19:7 | v1 | From 487c3712e9c39cca05b5ed63b975690c77f0b7d3 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Fri, 15 Jul 2022 17:46:05 +0200 Subject: [PATCH 0021/2573] Fix braced initialization detection in A8-5-3 --- ...-fix-A8-5-3-braced-initialization-detection.md | 3 +++ .../A8-5-3/AvoidAutoWithBracedInitialization.ql | 2 +- cpp/autosar/test/rules/A8-5-3/test.cpp | 15 ++++++++------- 3 files changed, 12 insertions(+), 8 deletions(-) create mode 100644 change_notes/2022-06-01-fix-A8-5-3-braced-initialization-detection.md diff --git a/change_notes/2022-06-01-fix-A8-5-3-braced-initialization-detection.md b/change_notes/2022-06-01-fix-A8-5-3-braced-initialization-detection.md new file mode 100644 index 0000000000..ec48fda73a --- /dev/null +++ b/change_notes/2022-06-01-fix-A8-5-3-braced-initialization-detection.md @@ -0,0 +1,3 @@ +- `A8-5-3` - `AvoidAutoWithBracedInitialization.ql`: + - Fix regression where `auto x{0}` was no longer detected as a braced initialization with type `auto` with the latest CodeQL versions. + - No longer falsely detect cases where braced initialization was not used, but where the inferred type would be `std::initializer_list`. diff --git a/cpp/autosar/src/rules/A8-5-3/AvoidAutoWithBracedInitialization.ql b/cpp/autosar/src/rules/A8-5-3/AvoidAutoWithBracedInitialization.ql index b62b8785c3..bcb64dba8d 100644 --- a/cpp/autosar/src/rules/A8-5-3/AvoidAutoWithBracedInitialization.ql +++ b/cpp/autosar/src/rules/A8-5-3/AvoidAutoWithBracedInitialization.ql @@ -21,5 +21,5 @@ from Variable v where not isExcluded(v, InitializationPackage::avoidAutoWithBracedInitializationQuery()) and v.getTypeWithAuto().getUnspecifiedType() instanceof AutoType and - v.getType().getUnspecifiedType().(Class).hasQualifiedName("std", "initializer_list") + v.getInitializer().isBraced() select v, "Variable " + v.getName() + " of type auto uses braced initialization." diff --git a/cpp/autosar/test/rules/A8-5-3/test.cpp b/cpp/autosar/test/rules/A8-5-3/test.cpp index c17c8241a1..7baa9aa487 100644 --- a/cpp/autosar/test/rules/A8-5-3/test.cpp +++ b/cpp/autosar/test/rules/A8-5-3/test.cpp @@ -1,11 +1,12 @@ #include void test() { - auto a1(1); // COMPLIANT - auto a2{1}; // NON_COMPLIANT - auto a3 = 1; // COMPLIANT - auto a4 = {1}; // NON_COMPLIANT - int a5 = {1}; // COMPLIANT - const auto a6(1); // COMPLIANT - const auto a7{1}; // NON_COMPLIANT + auto a1(1); // COMPLIANT + auto a2{1}; // NON_COMPLIANT + auto a3 = 1; // COMPLIANT + auto a4 = {1}; // NON_COMPLIANT + int a5 = {1}; // COMPLIANT + const auto a6(1); // COMPLIANT + const auto a7{1}; // NON_COMPLIANT + auto a8 = std::initializer_list(); // COMPLIANT } \ No newline at end of file From 5c63296d7c0707dd44fa21e577f1ff40e3394a44 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Fri, 15 Jul 2022 17:36:22 +0200 Subject: [PATCH 0022/2573] Update symbol location in expected test output --- change_notes/2022-07-15-fix-A7-3-1-location-reporting.md | 2 ++ .../A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.expected | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) create mode 100644 change_notes/2022-07-15-fix-A7-3-1-location-reporting.md diff --git a/change_notes/2022-07-15-fix-A7-3-1-location-reporting.md b/change_notes/2022-07-15-fix-A7-3-1-location-reporting.md new file mode 100644 index 0000000000..b310d1c010 --- /dev/null +++ b/change_notes/2022-07-15-fix-A7-3-1-location-reporting.md @@ -0,0 +1,2 @@ +- `A7-3-1` - `DefinitionNotConsideredForUnqualifiedLookup.ql` + - The locations reported for names occurring in using-declarations has improved in the latest CodeQL versions. diff --git a/cpp/autosar/test/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.expected b/cpp/autosar/test/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.expected index a549240c66..ea0f998533 100644 --- a/cpp/autosar/test/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.expected +++ b/cpp/autosar/test/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.expected @@ -1 +1 @@ -| test.cpp:42:6:42:7 | declaration of f1 | Definition for 'f1' is not available for unqualified lookup because it is declared after $@ | test.cpp:39:1:39:13 | using f1 | using-declaration | +| test.cpp:42:6:42:7 | declaration of f1 | Definition for 'f1' is not available for unqualified lookup because it is declared after $@ | test.cpp:39:12:39:13 | using f1 | using-declaration | From e85a16f5f137f2d1d50fc894bdfff802f53f8b36 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Fri, 15 Jul 2022 17:33:59 +0200 Subject: [PATCH 0023/2573] Fix M0-1-4 to ignore compiler-generated accesses --- change_notes/2022-05-04-compiler-generated-fp-M0-1-4.md | 3 +++ cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll | 9 ++++++--- 2 files changed, 9 insertions(+), 3 deletions(-) create mode 100644 change_notes/2022-05-04-compiler-generated-fp-M0-1-4.md diff --git a/change_notes/2022-05-04-compiler-generated-fp-M0-1-4.md b/change_notes/2022-05-04-compiler-generated-fp-M0-1-4.md new file mode 100644 index 0000000000..8d3a2045f2 --- /dev/null +++ b/change_notes/2022-05-04-compiler-generated-fp-M0-1-4.md @@ -0,0 +1,3 @@ + - `M0-1-4` - `SingleUsePODVariable.ql` + - This rule no longer considers compiler-generated access to a variable when determining if the + variable has a single use. diff --git a/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll b/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll index 765848a63c..c750bb130c 100644 --- a/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll +++ b/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll @@ -10,8 +10,9 @@ int getUseCount(Variable v) { // We enforce that it's a POD type variable, so if it has an initializer it is explicit (if v.hasInitializer() then initializers = 1 else initializers = 0) and result = - initializers + count(v.getAnAccess()) + - count(UserProvidedConstructorFieldInit cfi | cfi.getTarget() = v) + initializers + + count(VariableAccess access | access = v.getAnAccess() and not access.isCompilerGenerated()) + + count(UserProvidedConstructorFieldInit cfi | cfi.getTarget() = v) ) } @@ -23,7 +24,9 @@ Element getSingleUse(Variable v) { or result = any(UserProvidedConstructorFieldInit cfi | cfi.getTarget() = v) or - result = v.getAnAccess() + exists(VariableAccess access | + access = v.getAnAccess() and not access.isCompilerGenerated() and result = access + ) ) } From 498f72c447d37ce526b3db27714fe20041db498b Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Thu, 14 Jul 2022 20:39:03 +0200 Subject: [PATCH 0024/2573] Bump codeql submodule --- codeql_modules/codeql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/codeql_modules/codeql b/codeql_modules/codeql index 4551af90f6..28fe7a7660 160000 --- a/codeql_modules/codeql +++ b/codeql_modules/codeql @@ -1 +1 @@ -Subproject commit 4551af90f61a8d5f5c1c88a036595b5919a6c98e +Subproject commit 28fe7a76603ab7ef884ca35115b63104ecb699a7 From 6bd668aff989872c5c59597fc3f845db5445b8fa Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 31 Aug 2022 17:17:41 +0200 Subject: [PATCH 0025/2573] Update c/cert/src/qlpack.yml Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com> --- c/cert/src/qlpack.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index 644ac974d6..b13e62decc 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,4 +1,4 @@ -name: cert-c-coding-standards +name: codeql/cert-c-coding-standards version: 2.8.0-dev suites: codeql-suites dependencies: From 41ce0199b0a051d603ac87f56bf49b056404c498 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 31 Aug 2022 17:21:20 +0200 Subject: [PATCH 0026/2573] Update change notes --- change_notes/2022-05-04-compiler-generated-fp-M0-1-4.md | 3 --- .../2022-06-01-fix-A8-5-3-braced-initialization-detection.md | 3 --- change_notes/2022-07-15-fix-A7-3-1-location-reporting.md | 2 -- 3 files changed, 8 deletions(-) delete mode 100644 change_notes/2022-05-04-compiler-generated-fp-M0-1-4.md delete mode 100644 change_notes/2022-06-01-fix-A8-5-3-braced-initialization-detection.md delete mode 100644 change_notes/2022-07-15-fix-A7-3-1-location-reporting.md diff --git a/change_notes/2022-05-04-compiler-generated-fp-M0-1-4.md b/change_notes/2022-05-04-compiler-generated-fp-M0-1-4.md deleted file mode 100644 index 8d3a2045f2..0000000000 --- a/change_notes/2022-05-04-compiler-generated-fp-M0-1-4.md +++ /dev/null @@ -1,3 +0,0 @@ - - `M0-1-4` - `SingleUsePODVariable.ql` - - This rule no longer considers compiler-generated access to a variable when determining if the - variable has a single use. diff --git a/change_notes/2022-06-01-fix-A8-5-3-braced-initialization-detection.md b/change_notes/2022-06-01-fix-A8-5-3-braced-initialization-detection.md deleted file mode 100644 index ec48fda73a..0000000000 --- a/change_notes/2022-06-01-fix-A8-5-3-braced-initialization-detection.md +++ /dev/null @@ -1,3 +0,0 @@ -- `A8-5-3` - `AvoidAutoWithBracedInitialization.ql`: - - Fix regression where `auto x{0}` was no longer detected as a braced initialization with type `auto` with the latest CodeQL versions. - - No longer falsely detect cases where braced initialization was not used, but where the inferred type would be `std::initializer_list`. diff --git a/change_notes/2022-07-15-fix-A7-3-1-location-reporting.md b/change_notes/2022-07-15-fix-A7-3-1-location-reporting.md deleted file mode 100644 index b310d1c010..0000000000 --- a/change_notes/2022-07-15-fix-A7-3-1-location-reporting.md +++ /dev/null @@ -1,2 +0,0 @@ -- `A7-3-1` - `DefinitionNotConsideredForUnqualifiedLookup.ql` - - The locations reported for names occurring in using-declarations has improved in the latest CodeQL versions. From b4b935d3f2917b3090c3172bab280a822ba6a5a9 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 31 Aug 2022 18:42:07 +0200 Subject: [PATCH 0027/2573] Update change notes --- change_notes/2022-08-31-update-to-CodeQL-2.9.4.md | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 change_notes/2022-08-31-update-to-CodeQL-2.9.4.md diff --git a/change_notes/2022-08-31-update-to-CodeQL-2.9.4.md b/change_notes/2022-08-31-update-to-CodeQL-2.9.4.md new file mode 100644 index 0000000000..443352baa9 --- /dev/null +++ b/change_notes/2022-08-31-update-to-CodeQL-2.9.4.md @@ -0,0 +1,8 @@ +- `M0-1-4` - `SingleUsePODVariable.ql` + - This rule no longer considers compiler-generated access to a variable when determining if the variable has a single use. +- `A8-5-3` - `AvoidAutoWithBracedInitialization.ql`: + - Fix regression where `auto x{0}` was no longer detected as a braced initialization with type `auto` with the latest CodeQL versions. + - No longer falsely detect cases where braced initialization was not used, but where the inferred type would be `std::initializer_list`. +- `A7-3-1` - `DefinitionNotConsideredForUnqualifiedLookup.ql` + - The locations reported for names occurring in using-declarations has improved in the latest CodeQL versions. +- Updated the CodeQL version to `2.9.4`. \ No newline at end of file From 422bdb3776dd55ecb5a753c45810748cb3f8e448 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Fri, 2 Sep 2022 13:39:20 +0200 Subject: [PATCH 0028/2573] Replace `NULLMacro` by `NullMacro` --- c/common/src/codingstandards/c/Pointers.qll | 2 +- .../src/codingstandards/cpp/enhancements/MacroEnhacements.qll | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/c/common/src/codingstandards/c/Pointers.qll b/c/common/src/codingstandards/c/Pointers.qll index 87ade425e1..3d216e009a 100644 --- a/c/common/src/codingstandards/c/Pointers.qll +++ b/c/common/src/codingstandards/c/Pointers.qll @@ -9,7 +9,7 @@ import codingstandards.cpp.Type * A null pointer constant, which is either in the form `NULL` or `(void *)0`. */ predicate isNullPointerConstant(Expr e) { - e.findRootCause() instanceof NULLMacro + e.findRootCause() instanceof NullMacro or exists(CStyleCast c | not c.isImplicit() and diff --git a/cpp/common/src/codingstandards/cpp/enhancements/MacroEnhacements.qll b/cpp/common/src/codingstandards/cpp/enhancements/MacroEnhacements.qll index ba132f5892..be79397929 100644 --- a/cpp/common/src/codingstandards/cpp/enhancements/MacroEnhacements.qll +++ b/cpp/common/src/codingstandards/cpp/enhancements/MacroEnhacements.qll @@ -29,7 +29,7 @@ module MacroEnhancements { /** A use of the NULL macro. */ class NULL extends StandardLibrary::Literal { NULL() { - exists(StandardLibrary::NULLMacro nm | this = nm.getAnInvocation().getAnExpandedElement()) + exists(StandardLibrary::NullMacro nm | this = nm.getAnInvocation().getAnExpandedElement()) } } } From 1a6a71e4789d7acaa35c3140516b54009a3ede03 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Fri, 9 Sep 2022 21:44:22 +0200 Subject: [PATCH 0029/2573] Bump to 2.9.0-dev --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- 15 files changed, 15 insertions(+), 15 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index b13e62decc..bb55e66e97 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards -version: 2.8.0-dev +version: 2.9.0-dev suites: codeql-suites dependencies: codeql/common-c-coding-standards: '*' diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index bd8995b986..cda136263f 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards-tests -version: 2.8.0-dev +version: 2.9.0-dev extractor: cpp dependencies: codeql/cert-c-coding-standards: '*' diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 2d3953f63a..8fc6422c7c 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards -version: 2.8.0-dev +version: 2.9.0-dev dependencies: codeql/common-cpp-coding-standards: '*' codeql/cpp-all: 0.2.3 diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index ec7387fb99..92b33b0812 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards-tests -version: 2.8.0-dev +version: 2.9.0-dev extractor: cpp dependencies: codeql/common-c-coding-standards: '*' diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 17586fc09f..2e792a47ad 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards -version: 2.8.0-dev +version: 2.9.0-dev suites: codeql-suites dependencies: codeql/common-c-coding-standards: '*' diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index 642e48fdf8..e9ede72bfd 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards-tests -version: 2.8.0-dev +version: 2.9.0-dev extractor: cpp dependencies: codeql/misra-c-coding-standards: '*' diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index 56abc6f259..cd6d21d792 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards -version: 2.8.0-dev +version: 2.9.0-dev suites: codeql-suites dependencies: codeql/common-cpp-coding-standards: '*' diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index dcc32f21ff..e0b0d4f32a 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards-tests -version: 2.8.0-dev +version: 2.9.0-dev extractor: cpp dependencies: codeql/autosar-cpp-coding-standards: '*' diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index f2e265f4a3..6841d1a57a 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards -version: 2.8.0-dev +version: 2.9.0-dev suites: codeql-suites dependencies: codeql/cpp-all: 0.2.3 diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index b65f6e59ec..285f088d6e 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards-tests -version: 2.8.0-dev +version: 2.9.0-dev extractor: cpp dependencies: codeql/cert-cpp-coding-standards: '*' diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index 7bcd661037..d057030b9a 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/common-cpp-coding-standards -version: 2.8.0-dev +version: 2.9.0-dev dependencies: codeql/cpp-all: 0.2.3 diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index fb42d63ab3..3f34374945 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards-tests -version: 2.8.0-dev +version: 2.9.0-dev extractor: cpp dependencies: codeql/common-cpp-coding-standards: '*' diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index 44d2b10c43..7765092418 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards -version: 2.8.0-dev +version: 2.9.0-dev dependencies: codeql/common-cpp-coding-standards: '*' codeql/cpp-all: 0.2.3 diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index e8117d58e9..5e8662f3ba 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards-tests -version: 2.8.0-dev +version: 2.9.0-dev extractor: cpp dependencies: codeql/misra-cpp-coding-standards: '*' \ No newline at end of file diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index f34d8fe4cd..10167f26ce 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/report-cpp-coding-standards -version: 2.8.0-dev +version: 2.9.0-dev dependencies: codeql/cpp-all: 0.2.3 From c5f0a59a2861fbc7d14574c04a6ff98b2e29fa4f Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 12 Oct 2022 12:24:41 -0400 Subject: [PATCH 0030/2573] Preprocessor6: add DIR-4-9 --- .vscode/tasks.json | 1 + .../DIR-4-9/FunctionOverFunctionLikeMacro.ql | 73 +++++++++++++++++++ .../FunctionOverFunctionLikeMacro.expected | 1 + .../FunctionOverFunctionLikeMacro.qlref | 1 + c/misra/test/rules/DIR-4-9/test.c | 24 ++++++ .../cpp/exclusions/c/Preprocessor6.qll | 25 +++++++ .../cpp/exclusions/c/RuleMetadata.qll | 3 + rule_packages/c/Preprocessor6.json | 25 +++++++ rules.csv | 2 +- 9 files changed, 154 insertions(+), 1 deletion(-) create mode 100644 c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql create mode 100644 c/misra/test/rules/DIR-4-9/FunctionOverFunctionLikeMacro.expected create mode 100644 c/misra/test/rules/DIR-4-9/FunctionOverFunctionLikeMacro.qlref create mode 100644 c/misra/test/rules/DIR-4-9/test.c create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor6.qll create mode 100644 rule_packages/c/Preprocessor6.json diff --git a/.vscode/tasks.json b/.vscode/tasks.json index f027524374..2e99861bd3 100644 --- a/.vscode/tasks.json +++ b/.vscode/tasks.json @@ -251,6 +251,7 @@ "Preprocessor3", "Preprocessor4", "Preprocessor5", + "Preprocessor6", "IntegerConversion", "Expressions", "DeadCode", diff --git a/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql b/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql new file mode 100644 index 0000000000..9302a8f96a --- /dev/null +++ b/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql @@ -0,0 +1,73 @@ +/** + * @id c/misra/function-over-function-like-macro + * @name DIR-4-9: A function should be used in preference to a function-like macro where they are interchangeable + * @description Using a function-like macro instead of a function can lead to unexpected program + * behaviour. + * @kind problem + * @precision medium + * @problem.severity recommendation + * @tags external/misra/id/dir-4-9 + * external/cert/audit + * maintainability + * readability + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.FunctionLikeMacro +import codingstandards.cpp.Naming + +predicate isOperator(string possible) { + possible in [ + "+", "-", "*", "/", "%", "^", "&", "|", "~", "!", "=", "<", ">", "+=", "-=", "*=", "/=", "%=", + "^=", "&=", "|=", "<<", ">>", ">>=", "<<=", "==", "!=", "<=", ">=", "<=>", "&&", "||", "++", + "--", "->*", "->", "()", "[]" + ] +} + +//cases where we trust the choice +predicate omission(MacroInvocation i) { + i.getFile() instanceof HeaderFile or + Naming::Cpp14::hasStandardLibraryMacroName(i.getMacroName()) +} + +class UnsafeMacro extends FunctionLikeMacro { + UnsafeMacro() { + //parameter not used - has false positives on args that are not used but are substrings of other args + exists(string p | + p = this.getAParameter() and + not this.getBody().regexpMatch(".*(\\s*|\\(||\\))" + p + "(\\s*||\\)|\\().*") + ) + or + //parameter used more than once + exists(string p | + p = this.getAParameter() and + exists(int i, string newstr | + newstr = this.getBody().replaceAll(p, "") and + i = ((this.getBody().length() - newstr.length()) / p.length()) and + i > 1 + ) + ) + } +} + +from MacroInvocation i +where + not isExcluded(i, Preprocessor6Package::functionOverFunctionLikeMacroQuery()) and + not omission(i) and + i.getMacro() instanceof UnsafeMacro and + //heuristic - macros with one arg only are easier to replace + not exists(i.getUnexpandedArgument(1)) and + //operator as arg omits function applicability + not isOperator(i.getUnexpandedArgument(_)) and + //static storage duration can only be initialized with constant + not exists(StaticStorageDurationVariable v | i.getExpr() = v.getAnAssignedValue()) and + //function call not allowed in a constant expression (where constant expr is parent) + not exists(Expr e | + e.isConstant() and + not i.getExpr() = e and + i.getExpr().getParent+() = e + ) and + forall(string arg | arg = i.getUnexpandedArgument(_) | exists(Expr e | arg = e.toString())) +select i, "Macro invocation used when function call would be preferred." diff --git a/c/misra/test/rules/DIR-4-9/FunctionOverFunctionLikeMacro.expected b/c/misra/test/rules/DIR-4-9/FunctionOverFunctionLikeMacro.expected new file mode 100644 index 0000000000..dfb8eef27d --- /dev/null +++ b/c/misra/test/rules/DIR-4-9/FunctionOverFunctionLikeMacro.expected @@ -0,0 +1 @@ +| test.c:19:12:19:20 | MACRO4(L) | Macro invocation used when function call would be preferred. | diff --git a/c/misra/test/rules/DIR-4-9/FunctionOverFunctionLikeMacro.qlref b/c/misra/test/rules/DIR-4-9/FunctionOverFunctionLikeMacro.qlref new file mode 100644 index 0000000000..831e6e3101 --- /dev/null +++ b/c/misra/test/rules/DIR-4-9/FunctionOverFunctionLikeMacro.qlref @@ -0,0 +1 @@ +rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql \ No newline at end of file diff --git a/c/misra/test/rules/DIR-4-9/test.c b/c/misra/test/rules/DIR-4-9/test.c new file mode 100644 index 0000000000..81ab1e9528 --- /dev/null +++ b/c/misra/test/rules/DIR-4-9/test.c @@ -0,0 +1,24 @@ +#define MACRO(OP, L, R) ((L)OP(R)) +#define MACRO2(L, R) (L + R) +#define MACRO3(L, R) (L + R + L) +#define MACRO4(L) (1 + 1) +#define MACRO5(L, LR) (LR + 1) +#define MACRO6(X, LR) (LR + 1) + +const char a1[MACRO2(1, 1) + 6]; // COMPLIANT + +void f() { + int i = MACRO(+, 1, 1); // COMPLIANT + + int i2 = MACRO2(7, 10); // COMPLIANT - exception + + static i3 = MACRO2(1, 1); // COMPLIANT + + int i4 = MACRO3(7, 10); // COMPLIANT - exception + + int i5 = MACRO4(1); // NON_COMPLIANT + + int i6 = MACRO5(1, 1); // NON_COMPLIANT[FALSE_NEGATIVE] + + int i7 = MACRO6(1, 1); // COMPLIANT - exception +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor6.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor6.qll new file mode 100644 index 0000000000..a9fb45b284 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor6.qll @@ -0,0 +1,25 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype Preprocessor6Query = TFunctionOverFunctionLikeMacroQuery() + +predicate isPreprocessor6QueryMetadata(Query query, string queryId, string ruleId) { + query = + // `Query` instance for the `functionOverFunctionLikeMacro` query + Preprocessor6Package::functionOverFunctionLikeMacroQuery() and + queryId = + // `@id` for the `functionOverFunctionLikeMacro` query + "c/misra/function-over-function-like-macro" and + ruleId = "DIR-4-9" +} + +module Preprocessor6Package { + Query functionOverFunctionLikeMacroQuery() { + //autogenerate `Query` type + result = + // `Query` type for `functionOverFunctionLikeMacro` query + TQueryC(TPreprocessor6PackageQuery(TFunctionOverFunctionLikeMacroQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index 638e68492e..51a21e2281 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -25,6 +25,7 @@ import Preprocessor2 import Preprocessor3 import Preprocessor4 import Preprocessor5 +import Preprocessor6 import SideEffects1 import SideEffects2 import Strings1 @@ -57,6 +58,7 @@ newtype TCQuery = TPreprocessor3PackageQuery(Preprocessor3Query q) or TPreprocessor4PackageQuery(Preprocessor4Query q) or TPreprocessor5PackageQuery(Preprocessor5Query q) or + TPreprocessor6PackageQuery(Preprocessor6Query q) or TSideEffects1PackageQuery(SideEffects1Query q) or TSideEffects2PackageQuery(SideEffects2Query q) or TStrings1PackageQuery(Strings1Query q) or @@ -89,6 +91,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId) { isPreprocessor3QueryMetadata(query, queryId, ruleId) or isPreprocessor4QueryMetadata(query, queryId, ruleId) or isPreprocessor5QueryMetadata(query, queryId, ruleId) or + isPreprocessor6QueryMetadata(query, queryId, ruleId) or isSideEffects1QueryMetadata(query, queryId, ruleId) or isSideEffects2QueryMetadata(query, queryId, ruleId) or isStrings1QueryMetadata(query, queryId, ruleId) or diff --git a/rule_packages/c/Preprocessor6.json b/rule_packages/c/Preprocessor6.json new file mode 100644 index 0000000000..be0ae84851 --- /dev/null +++ b/rule_packages/c/Preprocessor6.json @@ -0,0 +1,25 @@ +{ + "MISRA-C-2012": { + "DIR-4-9": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "Using a function-like macro instead of a function can lead to unexpected program behaviour.", + "kind": "problem", + "name": "A function should be used in preference to a function-like macro where they are interchangeable", + "precision": "medium", + "severity": "recommendation", + "short_name": "FunctionOverFunctionLikeMacro", + "tags": [ + "external/misra/audit", + "maintainability", + "readability" + ] + } + ], + "title": "A function should be used in preference to a function-like macro where they are interchangeable" + } + } +} \ No newline at end of file diff --git a/rules.csv b/rules.csv index cb14aec2c0..9a3a241af3 100755 --- a/rules.csv +++ b/rules.csv @@ -610,7 +610,7 @@ c,MISRA-C-2012,DIR-4-5,Yes,Advisory,,,Identifiers in the same name space with ov c,MISRA-C-2012,RULE-4-6,Yes,Advisory,,,typedefs that indicate size and signedness should be used in place of the basic numerical types,,Types,Hard, c,MISRA-C-2012,RULE-4-7,Yes,Required,,,"If a function returns error information, then that error information shall be tested",M0-3-2,Contracts,Import, c,MISRA-C-2012,RULE-4-8,Yes,Advisory,,,"If a pointer to a structure or union is never dereferenced within a translation unit, then the implementation of the object should be hidden",,Pointers1,Medium, -c,MISRA-C-2012,RULE-4-9,Yes,Advisory,,,A function should be used in preference to a function-like macro where they are interchangeable,,Preprocessor,Medium, +c,MISRA-C-2012,DIR-4-9,Yes,Advisory,,,A function should be used in preference to a function-like macro where they are interchangeable,,Preprocessor6,Medium,Audit c,MISRA-C-2012,RULE-4-10,Yes,Required,,,Precautions shall be taken in order to prevent the contents of a header file being included more than once,M16-2-3,Preprocessor2,Medium, c,MISRA-C-2012,RULE-4-11,Yes,Required,,,The validity of values passed to library functions shall be checked,,Contracts,Hard, c,MISRA-C-2012,RULE-4-12,Yes,Required,,,Dynamic memory allocation shall not be used,,Banned,Medium, From b10990acb17f47518c0b500b572e0585f3155696 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 12 Oct 2022 12:28:40 -0400 Subject: [PATCH 0031/2573] Preprocessor6: fix metadata --- c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql b/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql index 9302a8f96a..ad3096be4f 100644 --- a/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql +++ b/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql @@ -7,7 +7,7 @@ * @precision medium * @problem.severity recommendation * @tags external/misra/id/dir-4-9 - * external/cert/audit + * external/misra/audit * maintainability * readability * external/misra/obligation/advisory From 93a709db6a9a609de5df6376dd126299dbeb4ed6 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Fri, 14 Oct 2022 12:48:15 -0400 Subject: [PATCH 0032/2573] Preprocessor6: simplify DIR-4-9 --- .../src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql b/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql index ad3096be4f..243af8d5dd 100644 --- a/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql +++ b/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql @@ -18,13 +18,7 @@ import codingstandards.c.misra import codingstandards.cpp.FunctionLikeMacro import codingstandards.cpp.Naming -predicate isOperator(string possible) { - possible in [ - "+", "-", "*", "/", "%", "^", "&", "|", "~", "!", "=", "<", ">", "+=", "-=", "*=", "/=", "%=", - "^=", "&=", "|=", "<<", ">>", ">>=", "<<=", "==", "!=", "<=", ">=", "<=>", "&&", "||", "++", - "--", "->*", "->", "()", "[]" - ] -} +predicate isOperator(string possible) { possible = any(Operation op).getOperator() } //cases where we trust the choice predicate omission(MacroInvocation i) { @@ -61,6 +55,8 @@ where not exists(i.getUnexpandedArgument(1)) and //operator as arg omits function applicability not isOperator(i.getUnexpandedArgument(_)) and + not exists(Function f | i.getUnexpandedArgument(_) = f.getName()) and + exists(i.getUnexpandedArgument(0).toInt()) and //static storage duration can only be initialized with constant not exists(StaticStorageDurationVariable v | i.getExpr() = v.getAnAssignedValue()) and //function call not allowed in a constant expression (where constant expr is parent) From 5245fcce84590668c8df3bf1732ef25956e8accc Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 18 Oct 2022 10:30:22 -0400 Subject: [PATCH 0033/2573] Preprocessor6: simplify DIR-4-9 --- .../DIR-4-9/FunctionOverFunctionLikeMacro.ql | 87 +++++++++++++------ .../FunctionOverFunctionLikeMacro.expected | 2 +- c/misra/test/rules/DIR-4-9/test.c | 18 ++-- 3 files changed, 71 insertions(+), 36 deletions(-) diff --git a/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql b/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql index 243af8d5dd..6ed97fde5c 100644 --- a/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql +++ b/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql @@ -18,22 +18,59 @@ import codingstandards.c.misra import codingstandards.cpp.FunctionLikeMacro import codingstandards.cpp.Naming -predicate isOperator(string possible) { possible = any(Operation op).getOperator() } +predicate omission(Macro i) { Naming::Cpp14::hasStandardLibraryMacroName(i.getName()) } -//cases where we trust the choice -predicate omission(MacroInvocation i) { - i.getFile() instanceof HeaderFile or - Naming::Cpp14::hasStandardLibraryMacroName(i.getMacroName()) +abstract class IrreplaceableFunctionLikeMacro extends FunctionLikeMacro { } + +private class AsmArgumentInvoked extends IrreplaceableFunctionLikeMacro { + AsmArgumentInvoked() { + any(AsmStmt s).getLocation().subsumes(this.getAnInvocation().getLocation()) + } +} + +private class OnlyConstantNumericInvoked extends IrreplaceableFunctionLikeMacro { + OnlyConstantNumericInvoked() { + forex(MacroInvocation mi | mi = this.getAnInvocation() | + mi.getUnexpandedArgument(_).regexpMatch("\\d+") + ) + } +} + +private class KnownIrreplaceableFunctionLikeMacro extends IrreplaceableFunctionLikeMacro { + KnownIrreplaceableFunctionLikeMacro() { + this.getName() in ["UNUSED", "__has_builtin", "MIN", "MAX"] + } +} + +private class UsedToStaticInitialize extends IrreplaceableFunctionLikeMacro { + UsedToStaticInitialize() { + any(StaticStorageDurationVariable v).getInitializer().getExpr() = + this.getAnInvocation().getExpr() + } +} + +private class FunctionLikeMacroWithOperatorArgument extends IrreplaceableFunctionLikeMacro { + FunctionLikeMacroWithOperatorArgument() { + exists(MacroInvocation mi | mi.getMacro() = this | + mi.getUnexpandedArgument(_) = any(Operation op).getOperator() + ) + } } -class UnsafeMacro extends FunctionLikeMacro { - UnsafeMacro() { +abstract class UnsafeMacro extends FunctionLikeMacro { } + +class ParameterNotUsedMacro extends UnsafeMacro { + ParameterNotUsedMacro() { //parameter not used - has false positives on args that are not used but are substrings of other args exists(string p | p = this.getAParameter() and - not this.getBody().regexpMatch(".*(\\s*|\\(||\\))" + p + "(\\s*||\\)|\\().*") + not this.getBody().regexpMatch(".*(\\s*|\\(|\\)|\\##)" + p + "(\\s*||\\)|\\(|\\##).*") ) - or + } +} + +class ParameterMoreThanOnceMacro extends UnsafeMacro { + ParameterMoreThanOnceMacro() { //parameter used more than once exists(string p | p = this.getAParameter() and @@ -46,24 +83,20 @@ class UnsafeMacro extends FunctionLikeMacro { } } -from MacroInvocation i -where - not isExcluded(i, Preprocessor6Package::functionOverFunctionLikeMacroQuery()) and - not omission(i) and - i.getMacro() instanceof UnsafeMacro and - //heuristic - macros with one arg only are easier to replace - not exists(i.getUnexpandedArgument(1)) and - //operator as arg omits function applicability - not isOperator(i.getUnexpandedArgument(_)) and - not exists(Function f | i.getUnexpandedArgument(_) = f.getName()) and - exists(i.getUnexpandedArgument(0).toInt()) and - //static storage duration can only be initialized with constant - not exists(StaticStorageDurationVariable v | i.getExpr() = v.getAnAssignedValue()) and - //function call not allowed in a constant expression (where constant expr is parent) - not exists(Expr e | +predicate partOfConstantExpr(MacroInvocation i) { + exists(Expr e | e.isConstant() and not i.getExpr() = e and i.getExpr().getParent+() = e - ) and - forall(string arg | arg = i.getUnexpandedArgument(_) | exists(Expr e | arg = e.toString())) -select i, "Macro invocation used when function call would be preferred." + ) +} + +from FunctionLikeMacro m +where + not isExcluded(m, Preprocessor6Package::functionOverFunctionLikeMacroQuery()) and + not omission(m) and + m instanceof UnsafeMacro and + not m instanceof IrreplaceableFunctionLikeMacro and + //function call not allowed in a constant expression (where constant expr is parent) + forall(MacroInvocation i | i = m.getAnInvocation() | not partOfConstantExpr(i)) +select m, "Macro used when function call would be preferred." diff --git a/c/misra/test/rules/DIR-4-9/FunctionOverFunctionLikeMacro.expected b/c/misra/test/rules/DIR-4-9/FunctionOverFunctionLikeMacro.expected index dfb8eef27d..28fbaa9a7c 100644 --- a/c/misra/test/rules/DIR-4-9/FunctionOverFunctionLikeMacro.expected +++ b/c/misra/test/rules/DIR-4-9/FunctionOverFunctionLikeMacro.expected @@ -1 +1 @@ -| test.c:19:12:19:20 | MACRO4(L) | Macro invocation used when function call would be preferred. | +| test.c:3:1:3:36 | #define MACRO3(L,R) (L " " R " " L) | Macro used when function call would be preferred. | diff --git a/c/misra/test/rules/DIR-4-9/test.c b/c/misra/test/rules/DIR-4-9/test.c index 81ab1e9528..8c38bbaa08 100644 --- a/c/misra/test/rules/DIR-4-9/test.c +++ b/c/misra/test/rules/DIR-4-9/test.c @@ -1,7 +1,9 @@ #define MACRO(OP, L, R) ((L)OP(R)) #define MACRO2(L, R) (L + R) -#define MACRO3(L, R) (L + R + L) -#define MACRO4(L) (1 + 1) +#define MACRO3(L, R) (L " " R " " L) +#define MACRO4(L) \ + (L" " \ + "suffix") #define MACRO5(L, LR) (LR + 1) #define MACRO6(X, LR) (LR + 1) @@ -10,15 +12,15 @@ const char a1[MACRO2(1, 1) + 6]; // COMPLIANT void f() { int i = MACRO(+, 1, 1); // COMPLIANT - int i2 = MACRO2(7, 10); // COMPLIANT - exception + int i2 = MACRO2(7, 10); // COMPLIANT - static i3 = MACRO2(1, 1); // COMPLIANT + static int i3 = MACRO2(1, 1); // COMPLIANT - int i4 = MACRO3(7, 10); // COMPLIANT - exception + char *i4 = MACRO3("prefix", "suffix"); // NON_COMPLIANT - int i5 = MACRO4(1); // NON_COMPLIANT + char *i5 = MACRO4("prefix"); // COMPLIANT - int i6 = MACRO5(1, 1); // NON_COMPLIANT[FALSE_NEGATIVE] + int i6 = MACRO5(1, 1); // COMPLIANT - int i7 = MACRO6(1, 1); // COMPLIANT - exception + int i7 = MACRO6(1, 1); // COMPLIANT } \ No newline at end of file From 9367bd6264bc96f4144b10d867fbfe8e2fffec9e Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 18 Oct 2022 14:14:33 -0400 Subject: [PATCH 0034/2573] Declarations4: add RULE-8-6 and refactor RULE-5-7 for lib mv --- .../src/rules/RULE-5-7/TagNameNotUnique.ql | 2 +- ...ntifierWithExternalLinkageOneDefinition.ql | 38 +++++++++++++++++++ ...rWithExternalLinkageOneDefinition.expected | 2 + ...fierWithExternalLinkageOneDefinition.qlref | 1 + c/misra/test/rules/RULE-8-6/test.c | 6 +++ c/misra/test/rules/RULE-8-6/test1.c | 6 +++ .../src/codingstandards/cpp}/Identifiers.qll | 15 ++++++++ .../cpp/exclusions/c/Declarations4.qll | 25 ++++++++++++ .../cpp/exclusions/c/RuleMetadata.qll | 3 ++ .../NotDistinctIdentifier.qll | 25 ++---------- rule_packages/c/Declarations4.json | 23 +++++++++++ rules.csv | 2 +- 12 files changed, 124 insertions(+), 24 deletions(-) create mode 100644 c/misra/src/rules/RULE-8-6/IdentifierWithExternalLinkageOneDefinition.ql create mode 100644 c/misra/test/rules/RULE-8-6/IdentifierWithExternalLinkageOneDefinition.expected create mode 100644 c/misra/test/rules/RULE-8-6/IdentifierWithExternalLinkageOneDefinition.qlref create mode 100644 c/misra/test/rules/RULE-8-6/test.c create mode 100644 c/misra/test/rules/RULE-8-6/test1.c rename {c/common/src/codingstandards/c => cpp/common/src/codingstandards/cpp}/Identifiers.qll (57%) create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/Declarations4.qll create mode 100644 rule_packages/c/Declarations4.json diff --git a/c/misra/src/rules/RULE-5-7/TagNameNotUnique.ql b/c/misra/src/rules/RULE-5-7/TagNameNotUnique.ql index f7c005d7fa..672e302c92 100644 --- a/c/misra/src/rules/RULE-5-7/TagNameNotUnique.ql +++ b/c/misra/src/rules/RULE-5-7/TagNameNotUnique.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.c.misra -import codingstandards.c.Identifiers +import codingstandards.cpp.Identifiers from Struct s, InterestingIdentifiers s2 where diff --git a/c/misra/src/rules/RULE-8-6/IdentifierWithExternalLinkageOneDefinition.ql b/c/misra/src/rules/RULE-8-6/IdentifierWithExternalLinkageOneDefinition.ql new file mode 100644 index 0000000000..7cc3846687 --- /dev/null +++ b/c/misra/src/rules/RULE-8-6/IdentifierWithExternalLinkageOneDefinition.ql @@ -0,0 +1,38 @@ +/** + * @id c/misra/identifier-with-external-linkage-one-definition + * @name RULE-8-6: An identifier with external linkage shall have exactly one external definition + * @description An identifier with multiple definitions in different translation units leads to + * undefined behavior. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/misra/id/rule-8-6 + * correctness + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.Identifiers + +from ExternalIdentifiers d, DeclarationEntry de1, DeclarationEntry de2 +where + not isExcluded(d, Declarations4Package::identifierWithExternalLinkageOneDefinitionQuery()) and + not isExcluded([de1, de2], Declarations4Package::identifierWithExternalLinkageOneDefinitionQuery()) and + d.isTopLevel() and + d = de1.getDeclaration() and + d = de2.getDeclaration() and + de1 != de2 and + de1.isDefinition() and + de2.isDefinition() and + //exceptions + (d instanceof Function implies not d.(Function).isInline()) and + // Apply an ordering based on location to enforce that (de1, de2) = (de2, de1) and we only report (de1, de2). + ( + de1.getFile().getAbsolutePath() < de2.getFile().getAbsolutePath() + or + de1.getFile().getAbsolutePath() = de2.getFile().getAbsolutePath() and + de1.getLocation().getStartLine() < de2.getLocation().getStartLine() + ) +select de1, "The identifier " + de1.getName() + " has external linkage and is redefined $@.", de2, + "here" diff --git a/c/misra/test/rules/RULE-8-6/IdentifierWithExternalLinkageOneDefinition.expected b/c/misra/test/rules/RULE-8-6/IdentifierWithExternalLinkageOneDefinition.expected new file mode 100644 index 0000000000..8ea6eca50e --- /dev/null +++ b/c/misra/test/rules/RULE-8-6/IdentifierWithExternalLinkageOneDefinition.expected @@ -0,0 +1,2 @@ +| test.c:1:5:1:6 | definition of g1 | The identifier g1 has external linkage and is redefined $@. | test1.c:1:5:1:6 | definition of g1 | here | +| test.c:6:6:6:7 | definition of f2 | The identifier f2 has external linkage and is redefined $@. | test1.c:6:6:6:7 | definition of f2 | here | diff --git a/c/misra/test/rules/RULE-8-6/IdentifierWithExternalLinkageOneDefinition.qlref b/c/misra/test/rules/RULE-8-6/IdentifierWithExternalLinkageOneDefinition.qlref new file mode 100644 index 0000000000..aa86a9534d --- /dev/null +++ b/c/misra/test/rules/RULE-8-6/IdentifierWithExternalLinkageOneDefinition.qlref @@ -0,0 +1 @@ +rules/RULE-8-6/IdentifierWithExternalLinkageOneDefinition.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-6/test.c b/c/misra/test/rules/RULE-8-6/test.c new file mode 100644 index 0000000000..a2e9eeff8d --- /dev/null +++ b/c/misra/test/rules/RULE-8-6/test.c @@ -0,0 +1,6 @@ +int g1 = 1; // NON_COMPLIANT +static int g2 = 1; // COMPLIANT; internal linkage + +inline void f1() {} // COMPLIANT; inline functions are an exception + +void f2() {} // NON_COMPLIANT \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-6/test1.c b/c/misra/test/rules/RULE-8-6/test1.c new file mode 100644 index 0000000000..6882a55800 --- /dev/null +++ b/c/misra/test/rules/RULE-8-6/test1.c @@ -0,0 +1,6 @@ +int g1 = 0; // NON_COMPLIANT +static int g2 = 1; // COMPLIANT; internal linkage + +inline void f1() {} // COMPLIANT; inline functions are an exception + +void f2() {} // NON_COMPLIANT \ No newline at end of file diff --git a/c/common/src/codingstandards/c/Identifiers.qll b/cpp/common/src/codingstandards/cpp/Identifiers.qll similarity index 57% rename from c/common/src/codingstandards/c/Identifiers.qll rename to cpp/common/src/codingstandards/cpp/Identifiers.qll index 580cd8cfdd..d7ba4eee27 100644 --- a/c/common/src/codingstandards/c/Identifiers.qll +++ b/cpp/common/src/codingstandards/cpp/Identifiers.qll @@ -1,4 +1,19 @@ import cpp +import codingstandards.cpp.Linkage + +class ExternalIdentifiers extends InterestingIdentifiers { + ExternalIdentifiers() { + hasExternalLinkage(this) and + getNamespace() instanceof GlobalNamespace + } + + string getSignificantName() { + //C99 states the first 31 characters of external identifiers are significant + //C90 states the first 6 characters of external identifiers are significant and case is not required to be significant + //C90 is not currently considered by this rule + result = this.getName().prefix(31) + } +} //Identifiers that are candidates for checking uniqueness class InterestingIdentifiers extends Declaration { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations4.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations4.qll new file mode 100644 index 0000000000..d4a6b443ef --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations4.qll @@ -0,0 +1,25 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype Declarations4Query = TIdentifierWithExternalLinkageOneDefinitionQuery() + +predicate isDeclarations4QueryMetadata(Query query, string queryId, string ruleId) { + query = + // `Query` instance for the `identifierWithExternalLinkageOneDefinition` query + Declarations4Package::identifierWithExternalLinkageOneDefinitionQuery() and + queryId = + // `@id` for the `identifierWithExternalLinkageOneDefinition` query + "c/misra/identifier-with-external-linkage-one-definition" and + ruleId = "RULE-8-6" +} + +module Declarations4Package { + Query identifierWithExternalLinkageOneDefinitionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `identifierWithExternalLinkageOneDefinition` query + TQueryC(TDeclarations4PackageQuery(TIdentifierWithExternalLinkageOneDefinitionQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index 638e68492e..5c1f45f1ee 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -12,6 +12,7 @@ import Contracts3 import Declarations1 import Declarations2 import Declarations3 +import Declarations4 import Expressions import IO1 import IO2 @@ -44,6 +45,7 @@ newtype TCQuery = TDeclarations1PackageQuery(Declarations1Query q) or TDeclarations2PackageQuery(Declarations2Query q) or TDeclarations3PackageQuery(Declarations3Query q) or + TDeclarations4PackageQuery(Declarations4Query q) or TExpressionsPackageQuery(ExpressionsQuery q) or TIO1PackageQuery(IO1Query q) or TIO2PackageQuery(IO2Query q) or @@ -76,6 +78,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId) { isDeclarations1QueryMetadata(query, queryId, ruleId) or isDeclarations2QueryMetadata(query, queryId, ruleId) or isDeclarations3QueryMetadata(query, queryId, ruleId) or + isDeclarations4QueryMetadata(query, queryId, ruleId) or isExpressionsQueryMetadata(query, queryId, ruleId) or isIO1QueryMetadata(query, queryId, ruleId) or isIO2QueryMetadata(query, queryId, ruleId) or diff --git a/cpp/common/src/codingstandards/cpp/rules/notdistinctidentifier/NotDistinctIdentifier.qll b/cpp/common/src/codingstandards/cpp/rules/notdistinctidentifier/NotDistinctIdentifier.qll index 8e58cbac07..aa2110c5aa 100644 --- a/cpp/common/src/codingstandards/cpp/rules/notdistinctidentifier/NotDistinctIdentifier.qll +++ b/cpp/common/src/codingstandards/cpp/rules/notdistinctidentifier/NotDistinctIdentifier.qll @@ -5,28 +5,7 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -import codingstandards.cpp.Linkage - -class ExternalIdentifiers extends Declaration { - ExternalIdentifiers() { - this.getName().length() >= 31 and - hasExternalLinkage(this) and - getNamespace() instanceof GlobalNamespace and - not this.isFromTemplateInstantiation(_) and - not this.isFromUninstantiatedTemplate(_) and - not this.hasDeclaringType() and - not this instanceof UserType and - not this instanceof Operator and - not this.hasName("main") - } - - string getSignificantName() { - //C99 states the first 31 characters of external identifiers are significant - //C90 states the first 6 characters of external identifiers are significant and case is not required to be significant - //C90 is not currently considered by this rule - result = this.getName().prefix(31) - } -} +import codingstandards.cpp.Identifiers abstract class NotDistinctIdentifierSharedQuery extends Query { } @@ -35,6 +14,8 @@ Query getQuery() { result instanceof NotDistinctIdentifierSharedQuery } query predicate problems(ExternalIdentifiers d, ExternalIdentifiers d2, string message) { not isExcluded(d, getQuery()) and not isExcluded(d, getQuery()) and + d.getName().length() >= 31 and + d2.getName().length() >= 31 and not d = d2 and d.getLocation().getStartLine() >= d2.getLocation().getStartLine() and d.getSignificantName() = d2.getSignificantName() and diff --git a/rule_packages/c/Declarations4.json b/rule_packages/c/Declarations4.json new file mode 100644 index 0000000000..56f79c08e7 --- /dev/null +++ b/rule_packages/c/Declarations4.json @@ -0,0 +1,23 @@ +{ + "MISRA-C-2012": { + "RULE-8-6": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "An identifier with multiple definitions in different translation units leads to undefined behavior.", + "kind": "problem", + "name": "An identifier with external linkage shall have exactly one external definition", + "precision": "high", + "severity": "error", + "short_name": "IdentifierWithExternalLinkageOneDefinition", + "tags": [ + "correctness" + ] + } + ], + "title": "An identifier with external linkage shall have exactly one external definition" + } + } +} \ No newline at end of file diff --git a/rules.csv b/rules.csv index cb14aec2c0..677b2678fa 100755 --- a/rules.csv +++ b/rules.csv @@ -651,7 +651,7 @@ c,MISRA-C-2012,RULE-8-2,Yes,Required,,,Function types shall be in prototype form c,MISRA-C-2012,RULE-8-3,Yes,Required,,,All declarations of an object or function shall use the same names and type qualifiers,M3-2-1,Declarations,Medium, c,MISRA-C-2012,RULE-8-4,Yes,Required,,,A compatible declaration shall be visible when an object or function with external linkage is defined,,Declarations,Medium, c,MISRA-C-2012,RULE-8-5,Yes,Required,,,An external object or function shall be declared once in one and only one file,,Declarations,Medium, -c,MISRA-C-2012,RULE-8-6,Yes,Required,,,An identifier with external linkage shall have exactly one external definition,M3-2-4,Declarations,Import, +c,MISRA-C-2012,RULE-8-6,Yes,Required,,,An identifier with external linkage shall have exactly one external definition,M3-2-4,Declarations4,Import, c,MISRA-C-2012,RULE-8-7,Yes,Advisory,,,Functions and objects should not be defined with external linkage if they are referenced in only one translation unit,,Declarations,Medium, c,MISRA-C-2012,RULE-8-8,Yes,Required,,,The static storage class specifier shall be used in all declarations of objects and functions that have internal linkage,M3-3-2,Declarations,Medium, c,MISRA-C-2012,RULE-8-9,Yes,Advisory,,,An object should be defined at block scope if its identifier only appears in a single function,M3-4-1,Declarations,Medium, From cde7f029049becf5eab22c5395f52318c02811b0 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 18 Oct 2022 15:56:45 -0400 Subject: [PATCH 0035/2573] Declarations4: fix RULE-5-5 for refactored lib loc --- .../src/rules/RULE-5-5/IdentifiersNotDistinctFromMacroNames.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/misra/src/rules/RULE-5-5/IdentifiersNotDistinctFromMacroNames.ql b/c/misra/src/rules/RULE-5-5/IdentifiersNotDistinctFromMacroNames.ql index 2ee6ef26d2..a63d9656b8 100644 --- a/c/misra/src/rules/RULE-5-5/IdentifiersNotDistinctFromMacroNames.ql +++ b/c/misra/src/rules/RULE-5-5/IdentifiersNotDistinctFromMacroNames.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.c.misra -import codingstandards.c.Identifiers +import codingstandards.cpp.Identifiers from Macro m, InterestingIdentifiers i, string mName, string iName where From 5ff892977f836b927f953be3d6239223a5a30e3d Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Thu, 20 Oct 2022 11:43:07 -0400 Subject: [PATCH 0036/2573] Preprocessor6: address review comments DIR-4-9 --- .../DIR-4-9/FunctionOverFunctionLikeMacro.ql | 54 +++++++------------ .../FunctionOverFunctionLikeMacro.expected | 2 +- c/misra/test/rules/DIR-4-9/test.c | 32 ++++++----- 3 files changed, 37 insertions(+), 51 deletions(-) diff --git a/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql b/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql index 6ed97fde5c..2dc0e95c5c 100644 --- a/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql +++ b/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql @@ -18,30 +18,39 @@ import codingstandards.c.misra import codingstandards.cpp.FunctionLikeMacro import codingstandards.cpp.Naming -predicate omission(Macro i) { Naming::Cpp14::hasStandardLibraryMacroName(i.getName()) } - abstract class IrreplaceableFunctionLikeMacro extends FunctionLikeMacro { } +/** A standard library function like macro that contains the use of a stringize or tokenize operator should not be replaced by a function. */ +private class StringizeOrTokenizeMacro extends IrreplaceableFunctionLikeMacro { + StringizeOrTokenizeMacro() { this.getBody().regexpMatch(".*\\#{1,2}?.*") } +} + +/** A standard library function like macro that should not be replaced by a function. */ +private class StandardLibraryFunctionLikeMacro extends IrreplaceableFunctionLikeMacro { + StandardLibraryFunctionLikeMacro() { Naming::Cpp14::hasStandardLibraryMacroName(this.getName()) } +} + +/** A function like macro invocation as an `asm` argument cannot be replaced by a function. */ private class AsmArgumentInvoked extends IrreplaceableFunctionLikeMacro { AsmArgumentInvoked() { any(AsmStmt s).getLocation().subsumes(this.getAnInvocation().getLocation()) } } +/** A macro that is only invoked with constant arguments is more likely to be compile-time evaluated than a function call so do not suggest replacement. */ private class OnlyConstantNumericInvoked extends IrreplaceableFunctionLikeMacro { OnlyConstantNumericInvoked() { forex(MacroInvocation mi | mi = this.getAnInvocation() | + //int/float literals mi.getUnexpandedArgument(_).regexpMatch("\\d+") + or + //char/string literal + mi.getUnexpandedArgument(_).regexpMatch("(\\'|\")+.*") ) } } -private class KnownIrreplaceableFunctionLikeMacro extends IrreplaceableFunctionLikeMacro { - KnownIrreplaceableFunctionLikeMacro() { - this.getName() in ["UNUSED", "__has_builtin", "MIN", "MAX"] - } -} - +/** A function like macro invoked to initialize an object with static storage that cannot be replaced with a function call. */ private class UsedToStaticInitialize extends IrreplaceableFunctionLikeMacro { UsedToStaticInitialize() { any(StaticStorageDurationVariable v).getInitializer().getExpr() = @@ -49,6 +58,7 @@ private class UsedToStaticInitialize extends IrreplaceableFunctionLikeMacro { } } +/** A function like macro that is called with an argument that is an operator that cannot be replaced with a function call. */ private class FunctionLikeMacroWithOperatorArgument extends IrreplaceableFunctionLikeMacro { FunctionLikeMacroWithOperatorArgument() { exists(MacroInvocation mi | mi.getMacro() = this | @@ -57,32 +67,6 @@ private class FunctionLikeMacroWithOperatorArgument extends IrreplaceableFunctio } } -abstract class UnsafeMacro extends FunctionLikeMacro { } - -class ParameterNotUsedMacro extends UnsafeMacro { - ParameterNotUsedMacro() { - //parameter not used - has false positives on args that are not used but are substrings of other args - exists(string p | - p = this.getAParameter() and - not this.getBody().regexpMatch(".*(\\s*|\\(|\\)|\\##)" + p + "(\\s*||\\)|\\(|\\##).*") - ) - } -} - -class ParameterMoreThanOnceMacro extends UnsafeMacro { - ParameterMoreThanOnceMacro() { - //parameter used more than once - exists(string p | - p = this.getAParameter() and - exists(int i, string newstr | - newstr = this.getBody().replaceAll(p, "") and - i = ((this.getBody().length() - newstr.length()) / p.length()) and - i > 1 - ) - ) - } -} - predicate partOfConstantExpr(MacroInvocation i) { exists(Expr e | e.isConstant() and @@ -94,8 +78,6 @@ predicate partOfConstantExpr(MacroInvocation i) { from FunctionLikeMacro m where not isExcluded(m, Preprocessor6Package::functionOverFunctionLikeMacroQuery()) and - not omission(m) and - m instanceof UnsafeMacro and not m instanceof IrreplaceableFunctionLikeMacro and //function call not allowed in a constant expression (where constant expr is parent) forall(MacroInvocation i | i = m.getAnInvocation() | not partOfConstantExpr(i)) diff --git a/c/misra/test/rules/DIR-4-9/FunctionOverFunctionLikeMacro.expected b/c/misra/test/rules/DIR-4-9/FunctionOverFunctionLikeMacro.expected index 28fbaa9a7c..3ba148767c 100644 --- a/c/misra/test/rules/DIR-4-9/FunctionOverFunctionLikeMacro.expected +++ b/c/misra/test/rules/DIR-4-9/FunctionOverFunctionLikeMacro.expected @@ -1 +1 @@ -| test.c:3:1:3:36 | #define MACRO3(L,R) (L " " R " " L) | Macro used when function call would be preferred. | +| test.c:4:1:6:12 | #define MACRO4(L) (L" " "suffix") | Macro used when function call would be preferred. | diff --git a/c/misra/test/rules/DIR-4-9/test.c b/c/misra/test/rules/DIR-4-9/test.c index 8c38bbaa08..b828b31116 100644 --- a/c/misra/test/rules/DIR-4-9/test.c +++ b/c/misra/test/rules/DIR-4-9/test.c @@ -1,26 +1,30 @@ -#define MACRO(OP, L, R) ((L)OP(R)) -#define MACRO2(L, R) (L + R) -#define MACRO3(L, R) (L " " R " " L) +#define MACRO(OP, L, R) ((L)OP(R)) // COMPLIANT +#define MACRO2(L, R) (L + R) // COMPLIANT +#define MACRO3(L, R) (L " " R " " L) // COMPLIANT #define MACRO4(L) \ (L" " \ - "suffix") -#define MACRO5(L, LR) (LR + 1) -#define MACRO6(X, LR) (LR + 1) + "suffix") // NON_COMPLIANT +#define MACRO5(L, LR) (LR + 1) // COMPLIANT +#define MACRO6(X, LR) (LR + 1) // COMPLIANT +#define MACRO7(x, y) x##y // COMPLIANT -const char a1[MACRO2(1, 1) + 6]; // COMPLIANT +const char a1[MACRO2(1, 1) + 6]; void f() { - int i = MACRO(+, 1, 1); // COMPLIANT + int i = MACRO(+, 1, 1); + int i2 = MACRO2(7, 10); - int i2 = MACRO2(7, 10); // COMPLIANT + static int i3 = MACRO2(1, 1); - static int i3 = MACRO2(1, 1); // COMPLIANT + char *i4 = MACRO3("prefix", "suffix"); - char *i4 = MACRO3("prefix", "suffix"); // NON_COMPLIANT + char *i5 = MACRO4("prefix"); - char *i5 = MACRO4("prefix"); // COMPLIANT + char *i6 = MACRO4(MACRO2(1, 1)); - int i6 = MACRO5(1, 1); // COMPLIANT + int i7 = MACRO5(1, 1); - int i7 = MACRO6(1, 1); // COMPLIANT + int i8 = MACRO6(1, 1); + + char *i9 = MACRO7("prefix", "suffix"); } \ No newline at end of file From 30811eba4f0f395ca6cb6fd54c487fc8160e51f3 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Thu, 20 Oct 2022 12:56:09 -0400 Subject: [PATCH 0037/2573] Declarations4: fix RULE-5-6 for refactored lib loc --- c/misra/src/rules/RULE-5-6/TypedefNameNotUnique.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/misra/src/rules/RULE-5-6/TypedefNameNotUnique.ql b/c/misra/src/rules/RULE-5-6/TypedefNameNotUnique.ql index eebdabe956..2e9126d3af 100644 --- a/c/misra/src/rules/RULE-5-6/TypedefNameNotUnique.ql +++ b/c/misra/src/rules/RULE-5-6/TypedefNameNotUnique.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.c.misra -import codingstandards.c.Identifiers +import codingstandards.cpp.Identifiers from TypedefType t, InterestingIdentifiers d where From 13d4deac090858e90c03e1c9a6fc91f6e82f8dde Mon Sep 17 00:00:00 2001 From: jsinglet Date: Thu, 20 Oct 2022 18:49:06 +0000 Subject: [PATCH 0038/2573] Version bump to 2.11.0-dev. --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- 15 files changed, 15 insertions(+), 15 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index 9b8b4c6d56..12bf480b81 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,4 +1,4 @@ name: cert-c-coding-standards -version: 2.9.0 +version: 2.11.0-dev suites: codeql-suites libraryPathDependencies: common-c-coding-standards \ No newline at end of file diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index 69f673f348..3125bf2758 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,4 +1,4 @@ name: cert-c-coding-standards-tests -version: 2.9.0 +version: 2.11.0-dev libraryPathDependencies: cert-c-coding-standards extractor: cpp \ No newline at end of file diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 91e3027719..3062e7b42e 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,3 +1,3 @@ name: common-c-coding-standards -version: 2.9.0 +version: 2.11.0-dev libraryPathDependencies: common-cpp-coding-standards diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index 23ab835710..52a6b04c6f 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,4 +1,4 @@ name: common-c-coding-standards-tests -version: 2.9.0 +version: 2.11.0-dev libraryPathDependencies: common-c-coding-standards extractor: cpp diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 12583f5e2a..69af9c2fb1 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,4 +1,4 @@ name: misra-c-coding-standards -version: 2.9.0 +version: 2.11.0-dev suites: codeql-suites libraryPathDependencies: common-c-coding-standards diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index 2dc188b90c..42c0352cfc 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,4 +1,4 @@ name: misra-c-coding-standards-tests -version: 2.9.0 +version: 2.11.0-dev libraryPathDependencies: misra-c-coding-standards extractor: cpp \ No newline at end of file diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index dfdf8f5ea9..8a8dea0b9d 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,4 +1,4 @@ name: autosar-cpp-coding-standards -version: 2.9.0 +version: 2.11.0-dev suites: codeql-suites libraryPathDependencies: common-cpp-coding-standards diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index b465189500..d88fd5ad4f 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,4 +1,4 @@ name: autosar-cpp-coding-standards-tests -version: 2.9.0 +version: 2.11.0-dev libraryPathDependencies: autosar-cpp-coding-standards extractor: cpp diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index 85e1db0ce7..275fcd2bad 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,4 +1,4 @@ name: cert-cpp-coding-standards -version: 2.9.0 +version: 2.11.0-dev suites: codeql-suites libraryPathDependencies: common-cpp-coding-standards diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index 0fdf27e6e8..aba3f70207 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,4 +1,4 @@ name: cert-cpp-coding-standards-tests -version: 2.9.0 +version: 2.11.0-dev libraryPathDependencies: cert-cpp-coding-standards extractor: cpp diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index fe070599d5..f232dd7262 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,3 +1,3 @@ name: common-cpp-coding-standards -version: 2.9.0 +version: 2.11.0-dev libraryPathDependencies: codeql-cpp diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index 8118155fe2..5f4fbad053 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,4 +1,4 @@ name: common-cpp-coding-standards-tests -version: 2.9.0 +version: 2.11.0-dev libraryPathDependencies: common-cpp-coding-standards extractor: cpp diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index 47cb6677df..cd5b08f788 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,3 +1,3 @@ name: misra-cpp-coding-standards -version: 2.9.0 +version: 2.11.0-dev libraryPathDependencies: common-cpp-coding-standards diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index efcf229ecd..ae195c94fc 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,4 +1,4 @@ name: misra-cpp-coding-standards-tests -version: 2.9.0 +version: 2.11.0-dev libraryPathDependencies: misra-cpp-coding-standards extractor: cpp diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index 01ab377d7b..b01a88afda 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,3 +1,3 @@ name: report-cpp-coding-standards -version: 2.9.0 +version: 2.11.0-dev libraryPathDependencies: codeql-cpp From 1bc9d45f1935014ee162fa022f1f434910c5eed8 Mon Sep 17 00:00:00 2001 From: jsinglet Date: Thu, 20 Oct 2022 18:49:13 +0000 Subject: [PATCH 0039/2573] Version bump to 2.10.0. --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- 15 files changed, 15 insertions(+), 15 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index 9b8b4c6d56..b00f0379ca 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,4 +1,4 @@ name: cert-c-coding-standards -version: 2.9.0 +version: 2.10.0 suites: codeql-suites libraryPathDependencies: common-c-coding-standards \ No newline at end of file diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index 69f673f348..b698c1afb1 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,4 +1,4 @@ name: cert-c-coding-standards-tests -version: 2.9.0 +version: 2.10.0 libraryPathDependencies: cert-c-coding-standards extractor: cpp \ No newline at end of file diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 91e3027719..1233aecd92 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,3 +1,3 @@ name: common-c-coding-standards -version: 2.9.0 +version: 2.10.0 libraryPathDependencies: common-cpp-coding-standards diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index 23ab835710..05be8809b9 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,4 +1,4 @@ name: common-c-coding-standards-tests -version: 2.9.0 +version: 2.10.0 libraryPathDependencies: common-c-coding-standards extractor: cpp diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 12583f5e2a..a1ffe376b3 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,4 +1,4 @@ name: misra-c-coding-standards -version: 2.9.0 +version: 2.10.0 suites: codeql-suites libraryPathDependencies: common-c-coding-standards diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index 2dc188b90c..51a5944f02 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,4 +1,4 @@ name: misra-c-coding-standards-tests -version: 2.9.0 +version: 2.10.0 libraryPathDependencies: misra-c-coding-standards extractor: cpp \ No newline at end of file diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index dfdf8f5ea9..814982ff6a 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,4 +1,4 @@ name: autosar-cpp-coding-standards -version: 2.9.0 +version: 2.10.0 suites: codeql-suites libraryPathDependencies: common-cpp-coding-standards diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index b465189500..04c5c9f600 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,4 +1,4 @@ name: autosar-cpp-coding-standards-tests -version: 2.9.0 +version: 2.10.0 libraryPathDependencies: autosar-cpp-coding-standards extractor: cpp diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index 85e1db0ce7..019bb817a1 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,4 +1,4 @@ name: cert-cpp-coding-standards -version: 2.9.0 +version: 2.10.0 suites: codeql-suites libraryPathDependencies: common-cpp-coding-standards diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index 0fdf27e6e8..805048fe00 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,4 +1,4 @@ name: cert-cpp-coding-standards-tests -version: 2.9.0 +version: 2.10.0 libraryPathDependencies: cert-cpp-coding-standards extractor: cpp diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index fe070599d5..7ffc2046eb 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,3 +1,3 @@ name: common-cpp-coding-standards -version: 2.9.0 +version: 2.10.0 libraryPathDependencies: codeql-cpp diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index 8118155fe2..2dda689369 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,4 +1,4 @@ name: common-cpp-coding-standards-tests -version: 2.9.0 +version: 2.10.0 libraryPathDependencies: common-cpp-coding-standards extractor: cpp diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index 47cb6677df..c16e1c0713 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,3 +1,3 @@ name: misra-cpp-coding-standards -version: 2.9.0 +version: 2.10.0 libraryPathDependencies: common-cpp-coding-standards diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index efcf229ecd..2af6523d71 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,4 +1,4 @@ name: misra-cpp-coding-standards-tests -version: 2.9.0 +version: 2.10.0 libraryPathDependencies: misra-cpp-coding-standards extractor: cpp diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index 01ab377d7b..b6445d1db4 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,3 +1,3 @@ name: report-cpp-coding-standards -version: 2.9.0 +version: 2.10.0 libraryPathDependencies: codeql-cpp From 2809d5c0ee4d0c45a40cf38e88e825e9654e4981 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 21 Oct 2022 11:11:46 +0100 Subject: [PATCH 0040/2573] Update the user manual to reflect 2.10.0 Update the user manual for 2.10.0. --- docs/user_manual.md | 43 +++++++++++++++++++++++++++++++------------ 1 file changed, 31 insertions(+), 12 deletions(-) diff --git a/docs/user_manual.md b/docs/user_manual.md index 339d3e26b0..02328ad9af 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -17,16 +17,17 @@ | 0.9.0 | 2022-02-17 | Remco Vermeulen | Finalize scope deviation records | | 0.10.0 | 2022-02-28 | Remco Vermeulen | Describe database correctness in the Hazard and Risk Analysis (HARA). | | 0.11.0 | 2022-02-28 | Remco Vermeulen | Updated version to 1.1.0 | +| 0.11.0 | 2022-10-21 | Luke Cartey | Updated version to 2.10.0 | ## Release information -This user manual documents release `1.1.0 ` of the coding standards located at https://github.com/github/codeql-coding-standards/releases/tag/v1.1.0 . +This user manual documents release `2.10.0` of the coding standards located at https://github.com/github/codeql-coding-standards/releases/tag/v2.10.0 . The release page documents the release notes and contains the following artifacts part of the release: -- `code-scanning-cpp-query-pack-anon-1.1.0 .zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `lgtm-cpp-query-pack-anon-v1.1.0.zip`: coding standard queries to be used with GitHub LGTM Enterprise as documented in the section _Operating manual_. -- `supported_rules_list_1.1.0 .csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. -- `supported_rules_list_1.1.0 .md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. +- `code-scanning-cpp-query-pack-anon-2.10.0.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. +- `lgtm-cpp-query-pack-anon-v2.10.0.zip`: coding standard queries to be used with GitHub LGTM Enterprise as documented in the section _Operating manual_. +- `supported_rules_list_2.10.0.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. +- `supported_rules_list_2.10.0 .md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. - `user_manual.md`: This user manual. - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards @@ -43,10 +44,13 @@ A _coding standard_ is a set of rules or guidelines which restrict or prohibit t The _CodeQL Coding Standards_ product is a set of CodeQL queries for identifying contraventions of rules in the following coding standards: -| Standard | Version | Total rules | Total supportable rules | Status | -| -------------------------------------------------------------------------------------------------------------------- | ------- | ----------- | ----------------------- | ----------- | -| [AUTOSAR C++](https://www.autosar.org/fileadmin/user_upload/standards/adaptive/20-11/AUTOSAR_RS_CPP14Guidelines.pdf) | 20-11 | 397 | 375 | Implemented | -| [CERT-C++](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-cpp-coding-standard-2016-v01.pdf) | 2016 | 83 | 83 | Implemented | +| Standard | Version | Total rules | Total supportable rules | Status | +| ---------------------------------------------------------------------------------------------------------------------- | ------- | ----------- | ----------------------- | ----------- | +| [AUTOSAR C++](https://www.autosar.org/fileadmin/user_upload/standards/adaptive/20-11/AUTOSAR_RS_CPP14Guidelines.pdf) | 20-11 | 397 | 375 | Implemented | +| [CERT-C++](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-cpp-coding-standard-2016-v01.pdf) | 2016 | 83 | 83 | Implemented | +| [CERT C](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-c-coding-standard-2016-v01.pdf) | 2016 | 99 | 99 | Under development | +| [MISRA C](https://www.misra.org.uk/product/misra-c2012-third-edition-first-revision/) | 2012 | 172 | 169 | Under development | + Not all rules in these standards are amenable to static analysis by CodeQL - some rules require external or domain specific knowledge to validate, or refer to properties which are not present in the our representation of the codebase under analysis. For each rule we therefore identify whether it is supportable or not. Furthermore, a rule can be supported in two ways: @@ -74,7 +78,13 @@ From a functional safety perspective, the use of these two components is only va ### Codebase requirements -The codebase under analysis must: +In all scenarios, the codebase must comply with the language, platform and compiler requirements listed on the [CodeQL: Supported languages and frameworks](https://codeql.github.com/docs/codeql-overview/supported-languages-and-frameworks) in order to be successfully analyzed. + +In addition, the machine which performs the analysis must be able to complete a clean build of the codebase. + +#### C++ + +For C++ the codebase under analysis must: * Comply with C++14 * Use one of the following supported compilers: - Clang version 10 @@ -85,9 +95,18 @@ Use of the queries outside these scenarios is possible, but not validated for fu - When language features are used which have a differing interpretation from C++14. - Use of the queries against codebases which use other compilers or other compiler versions supported by CodeQL (e.g. gcc) is not tested or validated for functional safety. -In all scenarios, the codebase must comply with the language, platform and compiler requirements listed on the [CodeQL: Supported languages and frameworks](https://codeql.github.com/docs/codeql-overview/supported-languages-and-frameworks) in order to be successfully analyzed. +#### C -In addition, the machine which performs the analysis must be able to complete a clean build of the codebase. +For C the codebase under analysis must: + * Comply with C99 or C11. + * Use one of the following supported compilers: + - Clang version 10 + +Use of the queries outside these scenarios is possible, but not validated for functional safety. In particular: + - Use of the queries against codebases written with more recent versions of C (as supported by CodeQL) are not validated in the following circumstances: + - When new language features are used + - When language features are used which have a differing interpretation from C11. + - Use of the queries against codebases which use other compilers or other compiler versions supported by CodeQL (e.g. gcc) is not tested or validated for functional safety. ### Analysis report requirements From f9a2c5e198d30ac03b9f04499f0dadec5712cea1 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 24 Oct 2022 18:04:00 +0200 Subject: [PATCH 0041/2573] Package Contracts4 * Rule ERR30-C --- c/cert/src/rules/ERR30-C/ErrnoNotSetToZero.md | 263 ++++++++++++++++++ c/cert/src/rules/ERR30-C/ErrnoNotSetToZero.ql | 50 ++++ .../rules/ERR30-C/ErrnoReadBeforeReturn.md | 263 ++++++++++++++++++ .../rules/ERR30-C/ErrnoReadBeforeReturn.ql | 52 ++++ .../ERR30-C/FunctionCallBeforeErrnoCheck.md | 263 ++++++++++++++++++ .../ERR30-C/FunctionCallBeforeErrnoCheck.ql | 55 ++++ .../rules/ERR30-C/SetlocaleMightSetErrno.md | 263 ++++++++++++++++++ .../rules/ERR30-C/SetlocaleMightSetErrno.ql | 92 ++++++ .../rules/ERR30-C/ErrnoNotSetToZero.expected | 3 + .../rules/ERR30-C/ErrnoNotSetToZero.qlref | 1 + .../ERR30-C/ErrnoReadBeforeReturn.expected | 3 + .../rules/ERR30-C/ErrnoReadBeforeReturn.qlref | 1 + .../FunctionCallBeforeErrnoCheck.expected | 2 + .../FunctionCallBeforeErrnoCheck.qlref | 1 + .../ERR30-C/SetlocaleMightSetErrno.expected | 2 + .../ERR30-C/SetlocaleMightSetErrno.qlref | 1 + c/cert/test/rules/ERR30-C/test.c | 116 ++++++++ c/common/src/codingstandards/c/Errno.qll | 82 ++++-- ...TestErrnoRightAfterErrnoSettingFunction.ql | 9 +- .../RULE-22-8/ErrnoSetToZeroPriorToCall.ql | 6 +- .../RULE-22-9/ErrnoSetToZeroAfterCall.ql | 11 +- .../cpp/exclusions/c/Contracts4.qll | 74 +++++ .../cpp/exclusions/c/RuleMetadata.qll | 3 + rule_packages/c/Contracts4.json | 46 +++ rules.csv | 2 +- 25 files changed, 1625 insertions(+), 39 deletions(-) create mode 100644 c/cert/src/rules/ERR30-C/ErrnoNotSetToZero.md create mode 100644 c/cert/src/rules/ERR30-C/ErrnoNotSetToZero.ql create mode 100644 c/cert/src/rules/ERR30-C/ErrnoReadBeforeReturn.md create mode 100644 c/cert/src/rules/ERR30-C/ErrnoReadBeforeReturn.ql create mode 100644 c/cert/src/rules/ERR30-C/FunctionCallBeforeErrnoCheck.md create mode 100644 c/cert/src/rules/ERR30-C/FunctionCallBeforeErrnoCheck.ql create mode 100644 c/cert/src/rules/ERR30-C/SetlocaleMightSetErrno.md create mode 100644 c/cert/src/rules/ERR30-C/SetlocaleMightSetErrno.ql create mode 100644 c/cert/test/rules/ERR30-C/ErrnoNotSetToZero.expected create mode 100644 c/cert/test/rules/ERR30-C/ErrnoNotSetToZero.qlref create mode 100644 c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.expected create mode 100644 c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.qlref create mode 100644 c/cert/test/rules/ERR30-C/FunctionCallBeforeErrnoCheck.expected create mode 100644 c/cert/test/rules/ERR30-C/FunctionCallBeforeErrnoCheck.qlref create mode 100644 c/cert/test/rules/ERR30-C/SetlocaleMightSetErrno.expected create mode 100644 c/cert/test/rules/ERR30-C/SetlocaleMightSetErrno.qlref create mode 100644 c/cert/test/rules/ERR30-C/test.c create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/Contracts4.qll create mode 100644 rule_packages/c/Contracts4.json mode change 100755 => 100644 rules.csv diff --git a/c/cert/src/rules/ERR30-C/ErrnoNotSetToZero.md b/c/cert/src/rules/ERR30-C/ErrnoNotSetToZero.md new file mode 100644 index 0000000000..417688d1af --- /dev/null +++ b/c/cert/src/rules/ERR30-C/ErrnoNotSetToZero.md @@ -0,0 +1,263 @@ +# ERR30-C: Errno is not set to zero prior to an errno-setting call + +This query implements the CERT-C rule ERR30-C: + +> Take care when reading errno + + +## Description + +The value of `errno` is initialized to zero at program startup, but it is never subsequently set to zero by any C standard library function. The value of `errno` may be set to nonzero by a C standard library function call whether or not there is an error, provided the use of `errno` is not documented in the description of the function. It is meaningful for a program to inspect the contents of `errno` only after an error might have occurred. More precisely, `errno` is meaningful only after a library function that sets `errno` on error has returned an error code. + +According to Question 20.4 of C-FAQ \[[Summit 2005](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-Summit05)\], + +> In general, you should detect errors by checking return values, and use `errno` only to distinguish among the various causes of an error, such as "File not found" or "Permission denied." (Typically, you use `perror` or `strerror` to print these discriminating error messages.) It's only necessary to detect errors with `errno` when a function does not have a unique, unambiguous, out-of-band error return (that is, because all of its possible return values are valid; one example is `atoi [*sic*]`). In these cases (and in these cases only; check the documentation to be sure whether a function allows this), you can detect errors by setting `errno` to 0, calling the function, and then testing `errno`. (Setting `errno` to 0 first is important, as no library function ever does that for you.) + + +Note that `atoi()` is not required to set the value of `errno`. + +Library functions fall into the following categories: + +* Those that set `errno` and return an [out-of-band error indicator](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-out-of-banderrorindicator) +* Those that set `errno` and return an [in-band error indicator](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-in-banderrorindicator) +* Those that do not promise to set `errno` +* Those with differing standards documentation + +## Library Functions that Set errno and Return an Out-of-Band Error Indicator + +The C Standard specifies that the functions listed in the following table set `errno` and return an [out-of-band error indicator](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-out-of-banderrorindicator). That is, their return value on error can never be returned by a successful call. + +A program may check `errno` after invoking these library functions but is not required to do so. The program should not check the value of `errno` without first verifying that the function returned an error indicator. For example, `errno` should not be checked after calling `signal()` without first ensuring that `signal()` actually returned `SIG_ERR`. + +**Functions That Set `errno` and Return an Out-of-Band Error Indicator** + +
Function Name Return Value errno Value
ftell() -1L Positive
fgetpos() , fsetpos() Nonzero Positive
mbrtowc() , mbsrtowcs() (size_t)(-1) EILSEQ
signal() SIG_ERR Positive
wcrtomb() , wcsrtombs() (size_t)(-1) EILSEQ
mbrtoc16() , mbrtoc32() (size_t)(-1) EILSEQ
c16rtomb() , c32rtomb() (size_t)(-1) EILSEQ
+ + +## Library Functions that Set errno and Return an In-Band Error Indicator + +The C Standard specifies that the functions listed in the following table set `errno` and return an [in-band error indicator](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-in-banderrorindicator). That is, the return value when an error occurs is also a valid return value for successful calls. For example, the `strtoul()` function returns `ULONG_MAX` and sets `errno` to `ERANGE` if an error occurs. Because `ULONG_MAX` is a valid return value, the only way to confirm that an error occurred when LONG_MAX is returned is to check `errno`. + +The `fgetwc()` and `fputwc()` functions return `WEOF` in multiple cases, only one of which results in setting `errno`. The string conversion functions will return the maximum or minimum representable value and set `errno` to `ERANGE` if the converted value cannot be represented by the data type. However, if the conversion cannot happen because the input is invalid, the function will return `0`, and the output pointer parameter will be assigned the value of the input pointer parameter, provided the output parameter is non-null. + +A program that uses `errno` for error checking a function that returns an in-band error indicator must set `errno` to `0` before calling one of these library functions and then inspect `errno` before a subsequent library function call. + +**Functions that Set `errno` and Return an In-Band Error Indicator** + +
Function Name Return Value errno Value
fgetwc() , fputwc() WEOF EILSEQ
strtol() , wcstol() LONG_MIN or LONG_MAX ERANGE
strtoll() , wcstoll() LLONG_MIN or LLONG_MAX ERANGE
strtoul() , wcstoul() ULONG_MAX ERANGE
strtoull() , wcstoull() ULLONG_MAX ERANGE
strtoumax() , wcstoumax() UINTMAX_MAX ERANGE
strtod() , wcstod() 0 or ±HUGE_VAL ERANGE
strtof() , wcstof() 0 or ±HUGE_VALF ERANGE
strtold() , wcstold() 0 or ±HUGE_VALL ERANGE
strtoimax() , wcstoimax() INTMAX_MIN , INTMAX_MAX ERANGE
+ + +## Library Functions that Do Not Promise to Set errno + +The C Standard fails to document the behavior of `errno` for some functions. For example, the `setlocale()` function normally returns a null pointer in the event of an error, but no guarantees are made about setting `errno`. + +After calling one of these functions, a program should not rely solely on the value of `errno` to determine if an error occurred. The function might have altered `errno`, but this does not ensure that `errno` will properly indicate an error condition. If the program does check `errno` after calling one of these functions, it should set `errno` to 0 before the function call. + +## Library Functions with Differing Standards Documentation + +Some functions behave differently regarding `errno` in various standards. The `fopen()` function is one such example. When `fopen()` encounters an error, it returns a null pointer. The C Standard makes no mention of `errno` when describing `fopen()`. However, POSIX.1 declares that when `fopen()` encounters an error, it returns a null pointer and sets `errno` to a value indicating the error \[[IEEE Std 1003.1-2013](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-IEEEStd1003.1-2013)\]. The implication is that a program conforming to C but not to POSIX (such as a Windows program) should not check `errno` after calling `fopen()`, but a POSIX program may check `errno` if `fopen()` returns a null pointer. + +## Library Functions and errno + +The following uses of `errno` are documented in the C Standard: + +* Functions defined in `` may set `errno` but are not required to. +* For numeric conversion functions in the `strtod`, `strtol`, `wcstod`, and `wcstol` families, if the correct result is outside the range of representable values, an appropriate minimum or maximum value is returned and the value `ERANGE` is stored in `errno`. For floating-point conversion functions in the `strtod` and `wcstod` families, if an underflow occurs, whether `errno` acquires the value `ERANGE` is [implementation-defined](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation-definedbehavior). If the conversion fails, `0` is returned and `errno` is not set. +* The numeric conversion function `atof()` and those in the `atoi` family "need not affect the value of" `errno`. +* For mathematical functions in ``, if the integer expression `math_errhandling & MATH_ERRNO` is nonzero, on a domain error, `errno` acquires the value `EDOM`; on an overflow with default rounding or if the mathematical result is an exact infinity from finite arguments, `errno` acquires the value `ERANGE`; and on an underflow, whether `errno` acquires the value `ERANGE` is implementation-defined. +* If a request made by calling `signal()` cannot be honored, a value of `SIG_ERR` is returned and a positive value is stored in `errno`. +* The byte I/O functions, wide-character I/O functions, and multibyte conversion functions store the value of the macro `EILSEQ` in `errno` if and only if an encoding error occurs. +* On failure, `fgetpos()` and `fsetpos()` return nonzero and store an [implementation-defined](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation-definedbehavior) positive value in `errno`. +* On failure, `ftell()` returns `-1L` and stores an [implementation-defined](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation-definedbehavior) positive value in `errno`. +* The `perror()` function maps the error number in `errno` to a message and writes it to `stderr`. +The POSIX.1 standard defines the use of `errno` by many more functions (including the C standard library function). POSIX also has a small set of functions that are exceptions to the rule. These functions have no return value reserved to indicate an error, but they still set `errno` on error. To detect an error, an application must set `errno` to `0` before calling the function and check whether it is nonzero after the call. Affected functions include `strcoll()`, `strxfrm()`, `strerror()`, `wcscoll()`, `wcsxfrm()`, and `fwide()`. The C Standard allows these functions to set `errno` to a nonzero value on success. Consequently, this type of error checking should be performed only on POSIX systems. + +## Noncompliant Code Example (strtoul()) + +This noncompliant code example fails to set `errno` to `0` before invoking `strtoul()`. If an error occurs, `strtoul()` returns a valid value (`ULONG_MAX`), so `errno` is the only means of determining if `strtoul()` ran successfully. + +```cpp +#include +#include +#include + +void func(const char *c_str) { + unsigned long number; + char *endptr; + + number = strtoul(c_str, &endptr, 0); + if (endptr == c_str || (number == ULONG_MAX + && errno == ERANGE)) { + /* Handle error */ + } else { + /* Computation succeeded */ + } +} +``` +Any error detected in this manner may have occurred earlier in the program or may not represent an actual error. + +## Compliant Solution (strtoul()) + +This compliant solution sets `errno` to `0` before the call to `strtoul()` and inspects `errno` after the call: + +```cpp +#include +#include +#include + +void func(const char *c_str) { + unsigned long number; + char *endptr; + + errno = 0; + number = strtoul(c_str, &endptr, 0); + if (endptr == c_str || (number == ULONG_MAX + && errno == ERANGE)) { + /* Handle error */ + } else { + /* Computation succeeded */ + } +} +``` + +## Noncompliant Code Example (ftell()) + +This noncompliant code example, after calling `ftell()`, examines `errno` without first checking whether the out-of-band indicator returned by `ftell() `indicates an error. + +```cpp +#include +#include + +void func(FILE* fp) { + errno=0; + ftell(fp); + if (errno) { + perror("ftell"); + } +} +``` + +## Compliant Solution (ftell()) + +This compliant solution first detects that `ftell() `failed using its out-of-band error indicator. Once an error has been confirmed, reading `errno` (implicitly by using the `perror()` function) is permitted. + +```cpp +#include +#include + +void func(FILE* fp) { + if (ftell(fp) == -1) { + perror("ftell"); + } +} +``` + +## Noncompliant Code Example (fopen()) + +This noncompliant code example may fail to diagnose errors because `fopen()` might not set `errno` even if an error occurs: + +```cpp +#include +#include + +void func(const char *filename) { + FILE *fileptr; + + errno = 0; + fileptr = fopen(filename, "rb"); + if (errno != 0) { + /* Handle error */ + } +} +``` + +## Compliant Solution (fopen(), C) + +The C Standard makes no mention of `errno` when describing `fopen()`. In this compliant solution, the results of the call to `fopen()` are used to determine failure and `errno` is not checked: + +```cpp +#include + +void func(const char *filename) { + FILE *fileptr = fopen(filename, "rb"); + if (fileptr == NULL) { + /* An error occurred in fopen() */ + } +} +``` + +## Compliant Solution (fopen(), POSIX) + +In this compliant solution, `errno` is checked only after an error has already been detected by another means: + +```cpp +#include +#include + +void func(const char *filename) { + FILE *fileptr; + + errno = 0; + fileptr = fopen(filename, "rb"); + if (fileptr == NULL) { + /* + * An error occurred in fopen(); now it's valid + * to examine errno. + */ + perror(filename); + } +} +``` + +## Risk Assessment + +The improper use of `errno` may result in failing to detect an error condition or in incorrectly identifying an error condition when none exists. + +
Rule Severity Likelihood Remediation Cost Priority Level
ERR30-C Medium Probable Medium P8 L2
+ + +## Automated Detection + +
Tool Version Checker Description
Astrée 22.04 errno-reset Partially checked
Axivion Bauhaus Suite 7.2.0 CertC-ERR30 Fully implemented
CodeSonar 7.1p0 LANG.STRUCT.RC Redundant Condition
Compass/ROSE Could detect violations of this rule by ensuring that each library function is accompanied by the proper treatment of errno
Coverity 2017.07 MISRA C 2012 Rule 22.8 MISRA C 2012 Rule 22.9 MISRA C 2012 Rule 22.10 Implemented
Helix QAC 2022.3 C2500, C2501, C2502, C2503 C++3172, C++3173, C++3174, C++3175, C++3176, C++3177, C++3178, C++3179, C++3183, C++3184
Klocwork 2022.3 CXX.ERRNO.NOT_SET CXX.ERRNO.NOT_CHECKED CXX.ERRNO.INCORRECTLY_CHECKED
LDRA tool suite 9.7.1 111 D, 121 D, 122 D, 132 D, 134 D Fully implemented
Parasoft C/C++test 2022.1 CERT_C-ERR30-a CERT_C-ERR30-b Properly use errno value Provide error handling for file opening errors right next to the call to fopen
Polyspace Bug Finder R2022b CERT C: Rule ERR30-C Checks for: Misuse of errnoisuse of errno, errno not resetrrno not reset. Rule fully covered.
PRQA QA-C 9.7 2500, 2501, 2502, 2503
+ + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+ERR30-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
Taxonomy Taxonomy item Relationship
CERT C Secure Coding Standard EXP12-C. Do not ignore values returned by functions Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TS 17961:2013 Incorrectly setting and using errno \[inverrno\] Prior to 2018-01-12: CERT: Unspecified Relationship
CWE 2.11 CWE-456 , Missing Initialization of a Variable 2017-07-05: CERT: Rule subset of CWE
+ + +## CERT-CWE Mapping Notes + +[Key here](https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=87152408#HowthisCodingStandardisOrganized-CERT-CWEMappingNotes) for mapping notes + +**CWE-456 and ERR30-C** + +CWE-456 = EXP33-C + +CWE-456 = Union( ERR30-C, list) where list = + +* Reading potentially uninitialized variables besides errno +**CWE-248 and ERR30-C** + +Intersection( CWE-248, ERR30-C) = Ø + +CWE-248 is only for languages that support exceptions. It lists C++ and Java, but not C. + +## Bibliography + +
\[ Brainbell.com \] Macros and Miscellaneous Pitfalls
\[ Horton 1990 \] Section 11, p. 168 Section 14, p. 254
\[ IEEE Std 1003.1-2013 \] XSH, System Interfaces, fopen
\[ Koenig 1989 \] Section 5.4, p. 73
\[ Summit 2005 \]
+ + +## Implementation notes + +None + +## References + +* CERT-C: [ERR30-C: Take care when reading errno](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/ERR30-C/ErrnoNotSetToZero.ql b/c/cert/src/rules/ERR30-C/ErrnoNotSetToZero.ql new file mode 100644 index 0000000000..cc1dd82bbb --- /dev/null +++ b/c/cert/src/rules/ERR30-C/ErrnoNotSetToZero.ql @@ -0,0 +1,50 @@ +/** + * @id c/cert/errno-not-set-to-zero + * @name ERR30-C: Errno is not set to zero prior to an errno-setting call + * @description Set errno to zero prior to each call to an errno-setting function. Failing to do so + * might end in spurious errno values. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/cert/id/err30-c + * correctness + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import codingstandards.c.Errno + +/** + * CFG nodes preceding a `ErrnoSettingFunctionCall` + */ +ControlFlowNode notZeroedPriorToErrnoSet(InBandErrnoSettingFunctionCall fc) { + result = fc + or + exists(ControlFlowNode mid | + result = mid.getAPredecessor() and + mid = notZeroedPriorToErrnoSet(fc) and + // stop recursion when `errno` is set to zero + not result instanceof ErrnoZeroed and + not result = any(ErrnoGuard g).getZeroedSuccessor() + ) +} + +from InBandErrnoSettingFunctionCall fc, ControlFlowNode cause +where + not isExcluded(cause, Contracts4Package::errnoNotSetToZeroQuery()) and + cause = notZeroedPriorToErrnoSet(fc) and + ( + // `errno` is not reset anywhere in the function + cause = fc.getEnclosingFunction().getBlock() + or + // `errno` is not reset after a call to an errno-setting function + cause = any(InBandErrnoSettingFunctionCall ec | ec != fc) + or + // `errno` is not reset after a call to a function + cause = any(FunctionCall fc2 | fc2 != fc) + or + // `errno` value is known to be != 0 + cause = any(ErrnoGuard g).getNonZeroedSuccessor() + ) +select fc, "The value of `errno` may be different than `0` when this function is called." diff --git a/c/cert/src/rules/ERR30-C/ErrnoReadBeforeReturn.md b/c/cert/src/rules/ERR30-C/ErrnoReadBeforeReturn.md new file mode 100644 index 0000000000..edfe19bfd4 --- /dev/null +++ b/c/cert/src/rules/ERR30-C/ErrnoReadBeforeReturn.md @@ -0,0 +1,263 @@ +# ERR30-C: Do not check errno before the function return value + +This query implements the CERT-C rule ERR30-C: + +> Take care when reading errno + + +## Description + +The value of `errno` is initialized to zero at program startup, but it is never subsequently set to zero by any C standard library function. The value of `errno` may be set to nonzero by a C standard library function call whether or not there is an error, provided the use of `errno` is not documented in the description of the function. It is meaningful for a program to inspect the contents of `errno` only after an error might have occurred. More precisely, `errno` is meaningful only after a library function that sets `errno` on error has returned an error code. + +According to Question 20.4 of C-FAQ \[[Summit 2005](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-Summit05)\], + +> In general, you should detect errors by checking return values, and use `errno` only to distinguish among the various causes of an error, such as "File not found" or "Permission denied." (Typically, you use `perror` or `strerror` to print these discriminating error messages.) It's only necessary to detect errors with `errno` when a function does not have a unique, unambiguous, out-of-band error return (that is, because all of its possible return values are valid; one example is `atoi [*sic*]`). In these cases (and in these cases only; check the documentation to be sure whether a function allows this), you can detect errors by setting `errno` to 0, calling the function, and then testing `errno`. (Setting `errno` to 0 first is important, as no library function ever does that for you.) + + +Note that `atoi()` is not required to set the value of `errno`. + +Library functions fall into the following categories: + +* Those that set `errno` and return an [out-of-band error indicator](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-out-of-banderrorindicator) +* Those that set `errno` and return an [in-band error indicator](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-in-banderrorindicator) +* Those that do not promise to set `errno` +* Those with differing standards documentation + +## Library Functions that Set errno and Return an Out-of-Band Error Indicator + +The C Standard specifies that the functions listed in the following table set `errno` and return an [out-of-band error indicator](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-out-of-banderrorindicator). That is, their return value on error can never be returned by a successful call. + +A program may check `errno` after invoking these library functions but is not required to do so. The program should not check the value of `errno` without first verifying that the function returned an error indicator. For example, `errno` should not be checked after calling `signal()` without first ensuring that `signal()` actually returned `SIG_ERR`. + +**Functions That Set `errno` and Return an Out-of-Band Error Indicator** + +
Function Name Return Value errno Value
ftell() -1L Positive
fgetpos() , fsetpos() Nonzero Positive
mbrtowc() , mbsrtowcs() (size_t)(-1) EILSEQ
signal() SIG_ERR Positive
wcrtomb() , wcsrtombs() (size_t)(-1) EILSEQ
mbrtoc16() , mbrtoc32() (size_t)(-1) EILSEQ
c16rtomb() , c32rtomb() (size_t)(-1) EILSEQ
+ + +## Library Functions that Set errno and Return an In-Band Error Indicator + +The C Standard specifies that the functions listed in the following table set `errno` and return an [in-band error indicator](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-in-banderrorindicator). That is, the return value when an error occurs is also a valid return value for successful calls. For example, the `strtoul()` function returns `ULONG_MAX` and sets `errno` to `ERANGE` if an error occurs. Because `ULONG_MAX` is a valid return value, the only way to confirm that an error occurred when LONG_MAX is returned is to check `errno`. + +The `fgetwc()` and `fputwc()` functions return `WEOF` in multiple cases, only one of which results in setting `errno`. The string conversion functions will return the maximum or minimum representable value and set `errno` to `ERANGE` if the converted value cannot be represented by the data type. However, if the conversion cannot happen because the input is invalid, the function will return `0`, and the output pointer parameter will be assigned the value of the input pointer parameter, provided the output parameter is non-null. + +A program that uses `errno` for error checking a function that returns an in-band error indicator must set `errno` to `0` before calling one of these library functions and then inspect `errno` before a subsequent library function call. + +**Functions that Set `errno` and Return an In-Band Error Indicator** + +
Function Name Return Value errno Value
fgetwc() , fputwc() WEOF EILSEQ
strtol() , wcstol() LONG_MIN or LONG_MAX ERANGE
strtoll() , wcstoll() LLONG_MIN or LLONG_MAX ERANGE
strtoul() , wcstoul() ULONG_MAX ERANGE
strtoull() , wcstoull() ULLONG_MAX ERANGE
strtoumax() , wcstoumax() UINTMAX_MAX ERANGE
strtod() , wcstod() 0 or ±HUGE_VAL ERANGE
strtof() , wcstof() 0 or ±HUGE_VALF ERANGE
strtold() , wcstold() 0 or ±HUGE_VALL ERANGE
strtoimax() , wcstoimax() INTMAX_MIN , INTMAX_MAX ERANGE
+ + +## Library Functions that Do Not Promise to Set errno + +The C Standard fails to document the behavior of `errno` for some functions. For example, the `setlocale()` function normally returns a null pointer in the event of an error, but no guarantees are made about setting `errno`. + +After calling one of these functions, a program should not rely solely on the value of `errno` to determine if an error occurred. The function might have altered `errno`, but this does not ensure that `errno` will properly indicate an error condition. If the program does check `errno` after calling one of these functions, it should set `errno` to 0 before the function call. + +## Library Functions with Differing Standards Documentation + +Some functions behave differently regarding `errno` in various standards. The `fopen()` function is one such example. When `fopen()` encounters an error, it returns a null pointer. The C Standard makes no mention of `errno` when describing `fopen()`. However, POSIX.1 declares that when `fopen()` encounters an error, it returns a null pointer and sets `errno` to a value indicating the error \[[IEEE Std 1003.1-2013](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-IEEEStd1003.1-2013)\]. The implication is that a program conforming to C but not to POSIX (such as a Windows program) should not check `errno` after calling `fopen()`, but a POSIX program may check `errno` if `fopen()` returns a null pointer. + +## Library Functions and errno + +The following uses of `errno` are documented in the C Standard: + +* Functions defined in `` may set `errno` but are not required to. +* For numeric conversion functions in the `strtod`, `strtol`, `wcstod`, and `wcstol` families, if the correct result is outside the range of representable values, an appropriate minimum or maximum value is returned and the value `ERANGE` is stored in `errno`. For floating-point conversion functions in the `strtod` and `wcstod` families, if an underflow occurs, whether `errno` acquires the value `ERANGE` is [implementation-defined](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation-definedbehavior). If the conversion fails, `0` is returned and `errno` is not set. +* The numeric conversion function `atof()` and those in the `atoi` family "need not affect the value of" `errno`. +* For mathematical functions in ``, if the integer expression `math_errhandling & MATH_ERRNO` is nonzero, on a domain error, `errno` acquires the value `EDOM`; on an overflow with default rounding or if the mathematical result is an exact infinity from finite arguments, `errno` acquires the value `ERANGE`; and on an underflow, whether `errno` acquires the value `ERANGE` is implementation-defined. +* If a request made by calling `signal()` cannot be honored, a value of `SIG_ERR` is returned and a positive value is stored in `errno`. +* The byte I/O functions, wide-character I/O functions, and multibyte conversion functions store the value of the macro `EILSEQ` in `errno` if and only if an encoding error occurs. +* On failure, `fgetpos()` and `fsetpos()` return nonzero and store an [implementation-defined](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation-definedbehavior) positive value in `errno`. +* On failure, `ftell()` returns `-1L` and stores an [implementation-defined](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation-definedbehavior) positive value in `errno`. +* The `perror()` function maps the error number in `errno` to a message and writes it to `stderr`. +The POSIX.1 standard defines the use of `errno` by many more functions (including the C standard library function). POSIX also has a small set of functions that are exceptions to the rule. These functions have no return value reserved to indicate an error, but they still set `errno` on error. To detect an error, an application must set `errno` to `0` before calling the function and check whether it is nonzero after the call. Affected functions include `strcoll()`, `strxfrm()`, `strerror()`, `wcscoll()`, `wcsxfrm()`, and `fwide()`. The C Standard allows these functions to set `errno` to a nonzero value on success. Consequently, this type of error checking should be performed only on POSIX systems. + +## Noncompliant Code Example (strtoul()) + +This noncompliant code example fails to set `errno` to `0` before invoking `strtoul()`. If an error occurs, `strtoul()` returns a valid value (`ULONG_MAX`), so `errno` is the only means of determining if `strtoul()` ran successfully. + +```cpp +#include +#include +#include + +void func(const char *c_str) { + unsigned long number; + char *endptr; + + number = strtoul(c_str, &endptr, 0); + if (endptr == c_str || (number == ULONG_MAX + && errno == ERANGE)) { + /* Handle error */ + } else { + /* Computation succeeded */ + } +} +``` +Any error detected in this manner may have occurred earlier in the program or may not represent an actual error. + +## Compliant Solution (strtoul()) + +This compliant solution sets `errno` to `0` before the call to `strtoul()` and inspects `errno` after the call: + +```cpp +#include +#include +#include + +void func(const char *c_str) { + unsigned long number; + char *endptr; + + errno = 0; + number = strtoul(c_str, &endptr, 0); + if (endptr == c_str || (number == ULONG_MAX + && errno == ERANGE)) { + /* Handle error */ + } else { + /* Computation succeeded */ + } +} +``` + +## Noncompliant Code Example (ftell()) + +This noncompliant code example, after calling `ftell()`, examines `errno` without first checking whether the out-of-band indicator returned by `ftell() `indicates an error. + +```cpp +#include +#include + +void func(FILE* fp) { + errno=0; + ftell(fp); + if (errno) { + perror("ftell"); + } +} +``` + +## Compliant Solution (ftell()) + +This compliant solution first detects that `ftell() `failed using its out-of-band error indicator. Once an error has been confirmed, reading `errno` (implicitly by using the `perror()` function) is permitted. + +```cpp +#include +#include + +void func(FILE* fp) { + if (ftell(fp) == -1) { + perror("ftell"); + } +} +``` + +## Noncompliant Code Example (fopen()) + +This noncompliant code example may fail to diagnose errors because `fopen()` might not set `errno` even if an error occurs: + +```cpp +#include +#include + +void func(const char *filename) { + FILE *fileptr; + + errno = 0; + fileptr = fopen(filename, "rb"); + if (errno != 0) { + /* Handle error */ + } +} +``` + +## Compliant Solution (fopen(), C) + +The C Standard makes no mention of `errno` when describing `fopen()`. In this compliant solution, the results of the call to `fopen()` are used to determine failure and `errno` is not checked: + +```cpp +#include + +void func(const char *filename) { + FILE *fileptr = fopen(filename, "rb"); + if (fileptr == NULL) { + /* An error occurred in fopen() */ + } +} +``` + +## Compliant Solution (fopen(), POSIX) + +In this compliant solution, `errno` is checked only after an error has already been detected by another means: + +```cpp +#include +#include + +void func(const char *filename) { + FILE *fileptr; + + errno = 0; + fileptr = fopen(filename, "rb"); + if (fileptr == NULL) { + /* + * An error occurred in fopen(); now it's valid + * to examine errno. + */ + perror(filename); + } +} +``` + +## Risk Assessment + +The improper use of `errno` may result in failing to detect an error condition or in incorrectly identifying an error condition when none exists. + +
Rule Severity Likelihood Remediation Cost Priority Level
ERR30-C Medium Probable Medium P8 L2
+ + +## Automated Detection + +
Tool Version Checker Description
Astrée 22.04 errno-reset Partially checked
Axivion Bauhaus Suite 7.2.0 CertC-ERR30 Fully implemented
CodeSonar 7.1p0 LANG.STRUCT.RC Redundant Condition
Compass/ROSE Could detect violations of this rule by ensuring that each library function is accompanied by the proper treatment of errno
Coverity 2017.07 MISRA C 2012 Rule 22.8 MISRA C 2012 Rule 22.9 MISRA C 2012 Rule 22.10 Implemented
Helix QAC 2022.3 C2500, C2501, C2502, C2503 C++3172, C++3173, C++3174, C++3175, C++3176, C++3177, C++3178, C++3179, C++3183, C++3184
Klocwork 2022.3 CXX.ERRNO.NOT_SET CXX.ERRNO.NOT_CHECKED CXX.ERRNO.INCORRECTLY_CHECKED
LDRA tool suite 9.7.1 111 D, 121 D, 122 D, 132 D, 134 D Fully implemented
Parasoft C/C++test 2022.1 CERT_C-ERR30-a CERT_C-ERR30-b Properly use errno value Provide error handling for file opening errors right next to the call to fopen
Polyspace Bug Finder R2022b CERT C: Rule ERR30-C Checks for: Misuse of errnoisuse of errno, errno not resetrrno not reset. Rule fully covered.
PRQA QA-C 9.7 2500, 2501, 2502, 2503
+ + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+ERR30-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
Taxonomy Taxonomy item Relationship
CERT C Secure Coding Standard EXP12-C. Do not ignore values returned by functions Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TS 17961:2013 Incorrectly setting and using errno \[inverrno\] Prior to 2018-01-12: CERT: Unspecified Relationship
CWE 2.11 CWE-456 , Missing Initialization of a Variable 2017-07-05: CERT: Rule subset of CWE
+ + +## CERT-CWE Mapping Notes + +[Key here](https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=87152408#HowthisCodingStandardisOrganized-CERT-CWEMappingNotes) for mapping notes + +**CWE-456 and ERR30-C** + +CWE-456 = EXP33-C + +CWE-456 = Union( ERR30-C, list) where list = + +* Reading potentially uninitialized variables besides errno +**CWE-248 and ERR30-C** + +Intersection( CWE-248, ERR30-C) = Ø + +CWE-248 is only for languages that support exceptions. It lists C++ and Java, but not C. + +## Bibliography + +
\[ Brainbell.com \] Macros and Miscellaneous Pitfalls
\[ Horton 1990 \] Section 11, p. 168 Section 14, p. 254
\[ IEEE Std 1003.1-2013 \] XSH, System Interfaces, fopen
\[ Koenig 1989 \] Section 5.4, p. 73
\[ Summit 2005 \]
+ + +## Implementation notes + +None + +## References + +* CERT-C: [ERR30-C: Take care when reading errno](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/ERR30-C/ErrnoReadBeforeReturn.ql b/c/cert/src/rules/ERR30-C/ErrnoReadBeforeReturn.ql new file mode 100644 index 0000000000..df8519f13f --- /dev/null +++ b/c/cert/src/rules/ERR30-C/ErrnoReadBeforeReturn.ql @@ -0,0 +1,52 @@ +/** + * @id c/cert/errno-read-before-return + * @name ERR30-C: Do not check errno before the function return value + * @description Do not check errno before the function return value. Failing to do so might + * invalidate the error detection. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/cert/id/err30-c + * correctness + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import codingstandards.c.Errno + +/** + * A call to an `OutOfBandErrnoSettingFunction` + */ +class OutOfBandErrnoSettingFunctionCertCall extends FunctionCall { + OutOfBandErrnoSettingFunctionCertCall() { + this.getTarget() instanceof OutOfBandErrnoSettingFunctionCert + } +} + +/** + * A successor of an ErrnoSettingFunctionCertCall appearing + * before a check of the return value + */ +ControlFlowNode returnNotCheckedAfter(OutOfBandErrnoSettingFunctionCertCall errnoSet) { + result = errnoSet + or + exists(ControlFlowNode mid | + result = mid.getASuccessor() and + mid = returnNotCheckedAfter(errnoSet) and + // stop recursion on a return value check + not ( + any(ControlStructure cs).getControllingExpr() = result and + DataFlow::localExprFlow(errnoSet, result.(Operation).getAnOperand*()) + ) and + // stop recursion on a following errno setting function call + not result instanceof OutOfBandErrnoSettingFunctionCertCall + ) +} + +from OutOfBandErrnoSettingFunctionCertCall errnoSet, ErrnoRead check +where + not isExcluded(check, Contracts4Package::errnoReadBeforeReturnQuery()) and + check = returnNotCheckedAfter(errnoSet) +select check, "Do not read `errno` before checking the return value of function $@.", errnoSet, + errnoSet.toString() diff --git a/c/cert/src/rules/ERR30-C/FunctionCallBeforeErrnoCheck.md b/c/cert/src/rules/ERR30-C/FunctionCallBeforeErrnoCheck.md new file mode 100644 index 0000000000..5ec6577e45 --- /dev/null +++ b/c/cert/src/rules/ERR30-C/FunctionCallBeforeErrnoCheck.md @@ -0,0 +1,263 @@ +# ERR30-C: Do not call a function before checking errno + +This query implements the CERT-C rule ERR30-C: + +> Take care when reading errno + + +## Description + +The value of `errno` is initialized to zero at program startup, but it is never subsequently set to zero by any C standard library function. The value of `errno` may be set to nonzero by a C standard library function call whether or not there is an error, provided the use of `errno` is not documented in the description of the function. It is meaningful for a program to inspect the contents of `errno` only after an error might have occurred. More precisely, `errno` is meaningful only after a library function that sets `errno` on error has returned an error code. + +According to Question 20.4 of C-FAQ \[[Summit 2005](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-Summit05)\], + +> In general, you should detect errors by checking return values, and use `errno` only to distinguish among the various causes of an error, such as "File not found" or "Permission denied." (Typically, you use `perror` or `strerror` to print these discriminating error messages.) It's only necessary to detect errors with `errno` when a function does not have a unique, unambiguous, out-of-band error return (that is, because all of its possible return values are valid; one example is `atoi [*sic*]`). In these cases (and in these cases only; check the documentation to be sure whether a function allows this), you can detect errors by setting `errno` to 0, calling the function, and then testing `errno`. (Setting `errno` to 0 first is important, as no library function ever does that for you.) + + +Note that `atoi()` is not required to set the value of `errno`. + +Library functions fall into the following categories: + +* Those that set `errno` and return an [out-of-band error indicator](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-out-of-banderrorindicator) +* Those that set `errno` and return an [in-band error indicator](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-in-banderrorindicator) +* Those that do not promise to set `errno` +* Those with differing standards documentation + +## Library Functions that Set errno and Return an Out-of-Band Error Indicator + +The C Standard specifies that the functions listed in the following table set `errno` and return an [out-of-band error indicator](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-out-of-banderrorindicator). That is, their return value on error can never be returned by a successful call. + +A program may check `errno` after invoking these library functions but is not required to do so. The program should not check the value of `errno` without first verifying that the function returned an error indicator. For example, `errno` should not be checked after calling `signal()` without first ensuring that `signal()` actually returned `SIG_ERR`. + +**Functions That Set `errno` and Return an Out-of-Band Error Indicator** + +
Function Name Return Value errno Value
ftell() -1L Positive
fgetpos() , fsetpos() Nonzero Positive
mbrtowc() , mbsrtowcs() (size_t)(-1) EILSEQ
signal() SIG_ERR Positive
wcrtomb() , wcsrtombs() (size_t)(-1) EILSEQ
mbrtoc16() , mbrtoc32() (size_t)(-1) EILSEQ
c16rtomb() , c32rtomb() (size_t)(-1) EILSEQ
+ + +## Library Functions that Set errno and Return an In-Band Error Indicator + +The C Standard specifies that the functions listed in the following table set `errno` and return an [in-band error indicator](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-in-banderrorindicator). That is, the return value when an error occurs is also a valid return value for successful calls. For example, the `strtoul()` function returns `ULONG_MAX` and sets `errno` to `ERANGE` if an error occurs. Because `ULONG_MAX` is a valid return value, the only way to confirm that an error occurred when LONG_MAX is returned is to check `errno`. + +The `fgetwc()` and `fputwc()` functions return `WEOF` in multiple cases, only one of which results in setting `errno`. The string conversion functions will return the maximum or minimum representable value and set `errno` to `ERANGE` if the converted value cannot be represented by the data type. However, if the conversion cannot happen because the input is invalid, the function will return `0`, and the output pointer parameter will be assigned the value of the input pointer parameter, provided the output parameter is non-null. + +A program that uses `errno` for error checking a function that returns an in-band error indicator must set `errno` to `0` before calling one of these library functions and then inspect `errno` before a subsequent library function call. + +**Functions that Set `errno` and Return an In-Band Error Indicator** + +
Function Name Return Value errno Value
fgetwc() , fputwc() WEOF EILSEQ
strtol() , wcstol() LONG_MIN or LONG_MAX ERANGE
strtoll() , wcstoll() LLONG_MIN or LLONG_MAX ERANGE
strtoul() , wcstoul() ULONG_MAX ERANGE
strtoull() , wcstoull() ULLONG_MAX ERANGE
strtoumax() , wcstoumax() UINTMAX_MAX ERANGE
strtod() , wcstod() 0 or ±HUGE_VAL ERANGE
strtof() , wcstof() 0 or ±HUGE_VALF ERANGE
strtold() , wcstold() 0 or ±HUGE_VALL ERANGE
strtoimax() , wcstoimax() INTMAX_MIN , INTMAX_MAX ERANGE
+ + +## Library Functions that Do Not Promise to Set errno + +The C Standard fails to document the behavior of `errno` for some functions. For example, the `setlocale()` function normally returns a null pointer in the event of an error, but no guarantees are made about setting `errno`. + +After calling one of these functions, a program should not rely solely on the value of `errno` to determine if an error occurred. The function might have altered `errno`, but this does not ensure that `errno` will properly indicate an error condition. If the program does check `errno` after calling one of these functions, it should set `errno` to 0 before the function call. + +## Library Functions with Differing Standards Documentation + +Some functions behave differently regarding `errno` in various standards. The `fopen()` function is one such example. When `fopen()` encounters an error, it returns a null pointer. The C Standard makes no mention of `errno` when describing `fopen()`. However, POSIX.1 declares that when `fopen()` encounters an error, it returns a null pointer and sets `errno` to a value indicating the error \[[IEEE Std 1003.1-2013](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-IEEEStd1003.1-2013)\]. The implication is that a program conforming to C but not to POSIX (such as a Windows program) should not check `errno` after calling `fopen()`, but a POSIX program may check `errno` if `fopen()` returns a null pointer. + +## Library Functions and errno + +The following uses of `errno` are documented in the C Standard: + +* Functions defined in `` may set `errno` but are not required to. +* For numeric conversion functions in the `strtod`, `strtol`, `wcstod`, and `wcstol` families, if the correct result is outside the range of representable values, an appropriate minimum or maximum value is returned and the value `ERANGE` is stored in `errno`. For floating-point conversion functions in the `strtod` and `wcstod` families, if an underflow occurs, whether `errno` acquires the value `ERANGE` is [implementation-defined](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation-definedbehavior). If the conversion fails, `0` is returned and `errno` is not set. +* The numeric conversion function `atof()` and those in the `atoi` family "need not affect the value of" `errno`. +* For mathematical functions in ``, if the integer expression `math_errhandling & MATH_ERRNO` is nonzero, on a domain error, `errno` acquires the value `EDOM`; on an overflow with default rounding or if the mathematical result is an exact infinity from finite arguments, `errno` acquires the value `ERANGE`; and on an underflow, whether `errno` acquires the value `ERANGE` is implementation-defined. +* If a request made by calling `signal()` cannot be honored, a value of `SIG_ERR` is returned and a positive value is stored in `errno`. +* The byte I/O functions, wide-character I/O functions, and multibyte conversion functions store the value of the macro `EILSEQ` in `errno` if and only if an encoding error occurs. +* On failure, `fgetpos()` and `fsetpos()` return nonzero and store an [implementation-defined](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation-definedbehavior) positive value in `errno`. +* On failure, `ftell()` returns `-1L` and stores an [implementation-defined](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation-definedbehavior) positive value in `errno`. +* The `perror()` function maps the error number in `errno` to a message and writes it to `stderr`. +The POSIX.1 standard defines the use of `errno` by many more functions (including the C standard library function). POSIX also has a small set of functions that are exceptions to the rule. These functions have no return value reserved to indicate an error, but they still set `errno` on error. To detect an error, an application must set `errno` to `0` before calling the function and check whether it is nonzero after the call. Affected functions include `strcoll()`, `strxfrm()`, `strerror()`, `wcscoll()`, `wcsxfrm()`, and `fwide()`. The C Standard allows these functions to set `errno` to a nonzero value on success. Consequently, this type of error checking should be performed only on POSIX systems. + +## Noncompliant Code Example (strtoul()) + +This noncompliant code example fails to set `errno` to `0` before invoking `strtoul()`. If an error occurs, `strtoul()` returns a valid value (`ULONG_MAX`), so `errno` is the only means of determining if `strtoul()` ran successfully. + +```cpp +#include +#include +#include + +void func(const char *c_str) { + unsigned long number; + char *endptr; + + number = strtoul(c_str, &endptr, 0); + if (endptr == c_str || (number == ULONG_MAX + && errno == ERANGE)) { + /* Handle error */ + } else { + /* Computation succeeded */ + } +} +``` +Any error detected in this manner may have occurred earlier in the program or may not represent an actual error. + +## Compliant Solution (strtoul()) + +This compliant solution sets `errno` to `0` before the call to `strtoul()` and inspects `errno` after the call: + +```cpp +#include +#include +#include + +void func(const char *c_str) { + unsigned long number; + char *endptr; + + errno = 0; + number = strtoul(c_str, &endptr, 0); + if (endptr == c_str || (number == ULONG_MAX + && errno == ERANGE)) { + /* Handle error */ + } else { + /* Computation succeeded */ + } +} +``` + +## Noncompliant Code Example (ftell()) + +This noncompliant code example, after calling `ftell()`, examines `errno` without first checking whether the out-of-band indicator returned by `ftell() `indicates an error. + +```cpp +#include +#include + +void func(FILE* fp) { + errno=0; + ftell(fp); + if (errno) { + perror("ftell"); + } +} +``` + +## Compliant Solution (ftell()) + +This compliant solution first detects that `ftell() `failed using its out-of-band error indicator. Once an error has been confirmed, reading `errno` (implicitly by using the `perror()` function) is permitted. + +```cpp +#include +#include + +void func(FILE* fp) { + if (ftell(fp) == -1) { + perror("ftell"); + } +} +``` + +## Noncompliant Code Example (fopen()) + +This noncompliant code example may fail to diagnose errors because `fopen()` might not set `errno` even if an error occurs: + +```cpp +#include +#include + +void func(const char *filename) { + FILE *fileptr; + + errno = 0; + fileptr = fopen(filename, "rb"); + if (errno != 0) { + /* Handle error */ + } +} +``` + +## Compliant Solution (fopen(), C) + +The C Standard makes no mention of `errno` when describing `fopen()`. In this compliant solution, the results of the call to `fopen()` are used to determine failure and `errno` is not checked: + +```cpp +#include + +void func(const char *filename) { + FILE *fileptr = fopen(filename, "rb"); + if (fileptr == NULL) { + /* An error occurred in fopen() */ + } +} +``` + +## Compliant Solution (fopen(), POSIX) + +In this compliant solution, `errno` is checked only after an error has already been detected by another means: + +```cpp +#include +#include + +void func(const char *filename) { + FILE *fileptr; + + errno = 0; + fileptr = fopen(filename, "rb"); + if (fileptr == NULL) { + /* + * An error occurred in fopen(); now it's valid + * to examine errno. + */ + perror(filename); + } +} +``` + +## Risk Assessment + +The improper use of `errno` may result in failing to detect an error condition or in incorrectly identifying an error condition when none exists. + +
Rule Severity Likelihood Remediation Cost Priority Level
ERR30-C Medium Probable Medium P8 L2
+ + +## Automated Detection + +
Tool Version Checker Description
Astrée 22.04 errno-reset Partially checked
Axivion Bauhaus Suite 7.2.0 CertC-ERR30 Fully implemented
CodeSonar 7.1p0 LANG.STRUCT.RC Redundant Condition
Compass/ROSE Could detect violations of this rule by ensuring that each library function is accompanied by the proper treatment of errno
Coverity 2017.07 MISRA C 2012 Rule 22.8 MISRA C 2012 Rule 22.9 MISRA C 2012 Rule 22.10 Implemented
Helix QAC 2022.3 C2500, C2501, C2502, C2503 C++3172, C++3173, C++3174, C++3175, C++3176, C++3177, C++3178, C++3179, C++3183, C++3184
Klocwork 2022.3 CXX.ERRNO.NOT_SET CXX.ERRNO.NOT_CHECKED CXX.ERRNO.INCORRECTLY_CHECKED
LDRA tool suite 9.7.1 111 D, 121 D, 122 D, 132 D, 134 D Fully implemented
Parasoft C/C++test 2022.1 CERT_C-ERR30-a CERT_C-ERR30-b Properly use errno value Provide error handling for file opening errors right next to the call to fopen
Polyspace Bug Finder R2022b CERT C: Rule ERR30-C Checks for: Misuse of errnoisuse of errno, errno not resetrrno not reset. Rule fully covered.
PRQA QA-C 9.7 2500, 2501, 2502, 2503
+ + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+ERR30-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
Taxonomy Taxonomy item Relationship
CERT C Secure Coding Standard EXP12-C. Do not ignore values returned by functions Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TS 17961:2013 Incorrectly setting and using errno \[inverrno\] Prior to 2018-01-12: CERT: Unspecified Relationship
CWE 2.11 CWE-456 , Missing Initialization of a Variable 2017-07-05: CERT: Rule subset of CWE
+ + +## CERT-CWE Mapping Notes + +[Key here](https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=87152408#HowthisCodingStandardisOrganized-CERT-CWEMappingNotes) for mapping notes + +**CWE-456 and ERR30-C** + +CWE-456 = EXP33-C + +CWE-456 = Union( ERR30-C, list) where list = + +* Reading potentially uninitialized variables besides errno +**CWE-248 and ERR30-C** + +Intersection( CWE-248, ERR30-C) = Ø + +CWE-248 is only for languages that support exceptions. It lists C++ and Java, but not C. + +## Bibliography + +
\[ Brainbell.com \] Macros and Miscellaneous Pitfalls
\[ Horton 1990 \] Section 11, p. 168 Section 14, p. 254
\[ IEEE Std 1003.1-2013 \] XSH, System Interfaces, fopen
\[ Koenig 1989 \] Section 5.4, p. 73
\[ Summit 2005 \]
+ + +## Implementation notes + +None + +## References + +* CERT-C: [ERR30-C: Take care when reading errno](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/ERR30-C/FunctionCallBeforeErrnoCheck.ql b/c/cert/src/rules/ERR30-C/FunctionCallBeforeErrnoCheck.ql new file mode 100644 index 0000000000..5203fd9d00 --- /dev/null +++ b/c/cert/src/rules/ERR30-C/FunctionCallBeforeErrnoCheck.ql @@ -0,0 +1,55 @@ +/** + * @id c/cert/function-call-before-errno-check + * @name ERR30-C: Do not call a function before checking errno + * @description After calling an errno-setting function, check errno before calling any other + * function. Failing to do so might end in errno being overwritten. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/cert/id/err30-c + * correctness + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import codingstandards.c.Errno +import semmle.code.cpp.dataflow.DataFlow + +/** + * A call to an `OutOfBandErrnoSettingFunction` + */ +class ErrnoSettingFunctionCall extends FunctionCall { + ErrnoSettingFunctionCall() { this.getTarget() instanceof InBandErrnoSettingFunction } +} + +class ErrnoCheck extends Expr { + ErrnoCheck() { + this = any(MacroInvocation ma | ma.getMacroName() = "errno").getAnExpandedElement() + or + this.(FunctionCall).getTarget().hasName(["perror", "strerror"]) + } +} + +/** + * A successor of an ErrnoSettingFunctionCall appearing + * before a check of errno + */ +ControlFlowNode errnoNotCheckedAfter(ErrnoSettingFunctionCall errnoSet) { + result = errnoSet + or + exists(ControlFlowNode mid | + result = mid.getASuccessor() and + mid = errnoNotCheckedAfter(errnoSet) and + // stop recursion on an error check + not result instanceof ErrnoCheck + ) +} + +from ErrnoSettingFunctionCall errnoSet, FunctionCall fc +where + not isExcluded(fc, Contracts4Package::functionCallBeforeErrnoCheckQuery()) and + fc != errnoSet and + fc = errnoNotCheckedAfter(errnoSet) +select errnoSet, + "The value of `errno` is not checked after this call to `" + errnoSet.getTarget().getName() + "`." diff --git a/c/cert/src/rules/ERR30-C/SetlocaleMightSetErrno.md b/c/cert/src/rules/ERR30-C/SetlocaleMightSetErrno.md new file mode 100644 index 0000000000..e4b0a0e067 --- /dev/null +++ b/c/cert/src/rules/ERR30-C/SetlocaleMightSetErrno.md @@ -0,0 +1,263 @@ +# ERR30-C: Do not rely solely on errno to determine if en error occurred in setlocale + +This query implements the CERT-C rule ERR30-C: + +> Take care when reading errno + + +## Description + +The value of `errno` is initialized to zero at program startup, but it is never subsequently set to zero by any C standard library function. The value of `errno` may be set to nonzero by a C standard library function call whether or not there is an error, provided the use of `errno` is not documented in the description of the function. It is meaningful for a program to inspect the contents of `errno` only after an error might have occurred. More precisely, `errno` is meaningful only after a library function that sets `errno` on error has returned an error code. + +According to Question 20.4 of C-FAQ \[[Summit 2005](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-Summit05)\], + +> In general, you should detect errors by checking return values, and use `errno` only to distinguish among the various causes of an error, such as "File not found" or "Permission denied." (Typically, you use `perror` or `strerror` to print these discriminating error messages.) It's only necessary to detect errors with `errno` when a function does not have a unique, unambiguous, out-of-band error return (that is, because all of its possible return values are valid; one example is `atoi [*sic*]`). In these cases (and in these cases only; check the documentation to be sure whether a function allows this), you can detect errors by setting `errno` to 0, calling the function, and then testing `errno`. (Setting `errno` to 0 first is important, as no library function ever does that for you.) + + +Note that `atoi()` is not required to set the value of `errno`. + +Library functions fall into the following categories: + +* Those that set `errno` and return an [out-of-band error indicator](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-out-of-banderrorindicator) +* Those that set `errno` and return an [in-band error indicator](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-in-banderrorindicator) +* Those that do not promise to set `errno` +* Those with differing standards documentation + +## Library Functions that Set errno and Return an Out-of-Band Error Indicator + +The C Standard specifies that the functions listed in the following table set `errno` and return an [out-of-band error indicator](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-out-of-banderrorindicator). That is, their return value on error can never be returned by a successful call. + +A program may check `errno` after invoking these library functions but is not required to do so. The program should not check the value of `errno` without first verifying that the function returned an error indicator. For example, `errno` should not be checked after calling `signal()` without first ensuring that `signal()` actually returned `SIG_ERR`. + +**Functions That Set `errno` and Return an Out-of-Band Error Indicator** + +
Function Name Return Value errno Value
ftell() -1L Positive
fgetpos() , fsetpos() Nonzero Positive
mbrtowc() , mbsrtowcs() (size_t)(-1) EILSEQ
signal() SIG_ERR Positive
wcrtomb() , wcsrtombs() (size_t)(-1) EILSEQ
mbrtoc16() , mbrtoc32() (size_t)(-1) EILSEQ
c16rtomb() , c32rtomb() (size_t)(-1) EILSEQ
+ + +## Library Functions that Set errno and Return an In-Band Error Indicator + +The C Standard specifies that the functions listed in the following table set `errno` and return an [in-band error indicator](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-in-banderrorindicator). That is, the return value when an error occurs is also a valid return value for successful calls. For example, the `strtoul()` function returns `ULONG_MAX` and sets `errno` to `ERANGE` if an error occurs. Because `ULONG_MAX` is a valid return value, the only way to confirm that an error occurred when LONG_MAX is returned is to check `errno`. + +The `fgetwc()` and `fputwc()` functions return `WEOF` in multiple cases, only one of which results in setting `errno`. The string conversion functions will return the maximum or minimum representable value and set `errno` to `ERANGE` if the converted value cannot be represented by the data type. However, if the conversion cannot happen because the input is invalid, the function will return `0`, and the output pointer parameter will be assigned the value of the input pointer parameter, provided the output parameter is non-null. + +A program that uses `errno` for error checking a function that returns an in-band error indicator must set `errno` to `0` before calling one of these library functions and then inspect `errno` before a subsequent library function call. + +**Functions that Set `errno` and Return an In-Band Error Indicator** + +
Function Name Return Value errno Value
fgetwc() , fputwc() WEOF EILSEQ
strtol() , wcstol() LONG_MIN or LONG_MAX ERANGE
strtoll() , wcstoll() LLONG_MIN or LLONG_MAX ERANGE
strtoul() , wcstoul() ULONG_MAX ERANGE
strtoull() , wcstoull() ULLONG_MAX ERANGE
strtoumax() , wcstoumax() UINTMAX_MAX ERANGE
strtod() , wcstod() 0 or ±HUGE_VAL ERANGE
strtof() , wcstof() 0 or ±HUGE_VALF ERANGE
strtold() , wcstold() 0 or ±HUGE_VALL ERANGE
strtoimax() , wcstoimax() INTMAX_MIN , INTMAX_MAX ERANGE
+ + +## Library Functions that Do Not Promise to Set errno + +The C Standard fails to document the behavior of `errno` for some functions. For example, the `setlocale()` function normally returns a null pointer in the event of an error, but no guarantees are made about setting `errno`. + +After calling one of these functions, a program should not rely solely on the value of `errno` to determine if an error occurred. The function might have altered `errno`, but this does not ensure that `errno` will properly indicate an error condition. If the program does check `errno` after calling one of these functions, it should set `errno` to 0 before the function call. + +## Library Functions with Differing Standards Documentation + +Some functions behave differently regarding `errno` in various standards. The `fopen()` function is one such example. When `fopen()` encounters an error, it returns a null pointer. The C Standard makes no mention of `errno` when describing `fopen()`. However, POSIX.1 declares that when `fopen()` encounters an error, it returns a null pointer and sets `errno` to a value indicating the error \[[IEEE Std 1003.1-2013](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-IEEEStd1003.1-2013)\]. The implication is that a program conforming to C but not to POSIX (such as a Windows program) should not check `errno` after calling `fopen()`, but a POSIX program may check `errno` if `fopen()` returns a null pointer. + +## Library Functions and errno + +The following uses of `errno` are documented in the C Standard: + +* Functions defined in `` may set `errno` but are not required to. +* For numeric conversion functions in the `strtod`, `strtol`, `wcstod`, and `wcstol` families, if the correct result is outside the range of representable values, an appropriate minimum or maximum value is returned and the value `ERANGE` is stored in `errno`. For floating-point conversion functions in the `strtod` and `wcstod` families, if an underflow occurs, whether `errno` acquires the value `ERANGE` is [implementation-defined](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation-definedbehavior). If the conversion fails, `0` is returned and `errno` is not set. +* The numeric conversion function `atof()` and those in the `atoi` family "need not affect the value of" `errno`. +* For mathematical functions in ``, if the integer expression `math_errhandling & MATH_ERRNO` is nonzero, on a domain error, `errno` acquires the value `EDOM`; on an overflow with default rounding or if the mathematical result is an exact infinity from finite arguments, `errno` acquires the value `ERANGE`; and on an underflow, whether `errno` acquires the value `ERANGE` is implementation-defined. +* If a request made by calling `signal()` cannot be honored, a value of `SIG_ERR` is returned and a positive value is stored in `errno`. +* The byte I/O functions, wide-character I/O functions, and multibyte conversion functions store the value of the macro `EILSEQ` in `errno` if and only if an encoding error occurs. +* On failure, `fgetpos()` and `fsetpos()` return nonzero and store an [implementation-defined](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation-definedbehavior) positive value in `errno`. +* On failure, `ftell()` returns `-1L` and stores an [implementation-defined](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation-definedbehavior) positive value in `errno`. +* The `perror()` function maps the error number in `errno` to a message and writes it to `stderr`. +The POSIX.1 standard defines the use of `errno` by many more functions (including the C standard library function). POSIX also has a small set of functions that are exceptions to the rule. These functions have no return value reserved to indicate an error, but they still set `errno` on error. To detect an error, an application must set `errno` to `0` before calling the function and check whether it is nonzero after the call. Affected functions include `strcoll()`, `strxfrm()`, `strerror()`, `wcscoll()`, `wcsxfrm()`, and `fwide()`. The C Standard allows these functions to set `errno` to a nonzero value on success. Consequently, this type of error checking should be performed only on POSIX systems. + +## Noncompliant Code Example (strtoul()) + +This noncompliant code example fails to set `errno` to `0` before invoking `strtoul()`. If an error occurs, `strtoul()` returns a valid value (`ULONG_MAX`), so `errno` is the only means of determining if `strtoul()` ran successfully. + +```cpp +#include +#include +#include + +void func(const char *c_str) { + unsigned long number; + char *endptr; + + number = strtoul(c_str, &endptr, 0); + if (endptr == c_str || (number == ULONG_MAX + && errno == ERANGE)) { + /* Handle error */ + } else { + /* Computation succeeded */ + } +} +``` +Any error detected in this manner may have occurred earlier in the program or may not represent an actual error. + +## Compliant Solution (strtoul()) + +This compliant solution sets `errno` to `0` before the call to `strtoul()` and inspects `errno` after the call: + +```cpp +#include +#include +#include + +void func(const char *c_str) { + unsigned long number; + char *endptr; + + errno = 0; + number = strtoul(c_str, &endptr, 0); + if (endptr == c_str || (number == ULONG_MAX + && errno == ERANGE)) { + /* Handle error */ + } else { + /* Computation succeeded */ + } +} +``` + +## Noncompliant Code Example (ftell()) + +This noncompliant code example, after calling `ftell()`, examines `errno` without first checking whether the out-of-band indicator returned by `ftell() `indicates an error. + +```cpp +#include +#include + +void func(FILE* fp) { + errno=0; + ftell(fp); + if (errno) { + perror("ftell"); + } +} +``` + +## Compliant Solution (ftell()) + +This compliant solution first detects that `ftell() `failed using its out-of-band error indicator. Once an error has been confirmed, reading `errno` (implicitly by using the `perror()` function) is permitted. + +```cpp +#include +#include + +void func(FILE* fp) { + if (ftell(fp) == -1) { + perror("ftell"); + } +} +``` + +## Noncompliant Code Example (fopen()) + +This noncompliant code example may fail to diagnose errors because `fopen()` might not set `errno` even if an error occurs: + +```cpp +#include +#include + +void func(const char *filename) { + FILE *fileptr; + + errno = 0; + fileptr = fopen(filename, "rb"); + if (errno != 0) { + /* Handle error */ + } +} +``` + +## Compliant Solution (fopen(), C) + +The C Standard makes no mention of `errno` when describing `fopen()`. In this compliant solution, the results of the call to `fopen()` are used to determine failure and `errno` is not checked: + +```cpp +#include + +void func(const char *filename) { + FILE *fileptr = fopen(filename, "rb"); + if (fileptr == NULL) { + /* An error occurred in fopen() */ + } +} +``` + +## Compliant Solution (fopen(), POSIX) + +In this compliant solution, `errno` is checked only after an error has already been detected by another means: + +```cpp +#include +#include + +void func(const char *filename) { + FILE *fileptr; + + errno = 0; + fileptr = fopen(filename, "rb"); + if (fileptr == NULL) { + /* + * An error occurred in fopen(); now it's valid + * to examine errno. + */ + perror(filename); + } +} +``` + +## Risk Assessment + +The improper use of `errno` may result in failing to detect an error condition or in incorrectly identifying an error condition when none exists. + +
Rule Severity Likelihood Remediation Cost Priority Level
ERR30-C Medium Probable Medium P8 L2
+ + +## Automated Detection + +
Tool Version Checker Description
Astrée 22.04 errno-reset Partially checked
Axivion Bauhaus Suite 7.2.0 CertC-ERR30 Fully implemented
CodeSonar 7.1p0 LANG.STRUCT.RC Redundant Condition
Compass/ROSE Could detect violations of this rule by ensuring that each library function is accompanied by the proper treatment of errno
Coverity 2017.07 MISRA C 2012 Rule 22.8 MISRA C 2012 Rule 22.9 MISRA C 2012 Rule 22.10 Implemented
Helix QAC 2022.3 C2500, C2501, C2502, C2503 C++3172, C++3173, C++3174, C++3175, C++3176, C++3177, C++3178, C++3179, C++3183, C++3184
Klocwork 2022.3 CXX.ERRNO.NOT_SET CXX.ERRNO.NOT_CHECKED CXX.ERRNO.INCORRECTLY_CHECKED
LDRA tool suite 9.7.1 111 D, 121 D, 122 D, 132 D, 134 D Fully implemented
Parasoft C/C++test 2022.1 CERT_C-ERR30-a CERT_C-ERR30-b Properly use errno value Provide error handling for file opening errors right next to the call to fopen
Polyspace Bug Finder R2022b CERT C: Rule ERR30-C Checks for: Misuse of errnoisuse of errno, errno not resetrrno not reset. Rule fully covered.
PRQA QA-C 9.7 2500, 2501, 2502, 2503
+ + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+ERR30-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
Taxonomy Taxonomy item Relationship
CERT C Secure Coding Standard EXP12-C. Do not ignore values returned by functions Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TS 17961:2013 Incorrectly setting and using errno \[inverrno\] Prior to 2018-01-12: CERT: Unspecified Relationship
CWE 2.11 CWE-456 , Missing Initialization of a Variable 2017-07-05: CERT: Rule subset of CWE
+ + +## CERT-CWE Mapping Notes + +[Key here](https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=87152408#HowthisCodingStandardisOrganized-CERT-CWEMappingNotes) for mapping notes + +**CWE-456 and ERR30-C** + +CWE-456 = EXP33-C + +CWE-456 = Union( ERR30-C, list) where list = + +* Reading potentially uninitialized variables besides errno +**CWE-248 and ERR30-C** + +Intersection( CWE-248, ERR30-C) = Ø + +CWE-248 is only for languages that support exceptions. It lists C++ and Java, but not C. + +## Bibliography + +
\[ Brainbell.com \] Macros and Miscellaneous Pitfalls
\[ Horton 1990 \] Section 11, p. 168 Section 14, p. 254
\[ IEEE Std 1003.1-2013 \] XSH, System Interfaces, fopen
\[ Koenig 1989 \] Section 5.4, p. 73
\[ Summit 2005 \]
+ + +## Implementation notes + +None + +## References + +* CERT-C: [ERR30-C: Take care when reading errno](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/ERR30-C/SetlocaleMightSetErrno.ql b/c/cert/src/rules/ERR30-C/SetlocaleMightSetErrno.ql new file mode 100644 index 0000000000..899fa49e60 --- /dev/null +++ b/c/cert/src/rules/ERR30-C/SetlocaleMightSetErrno.ql @@ -0,0 +1,92 @@ +/** + * @id c/cert/setlocale-might-set-errno + * @name ERR30-C: Do not rely solely on errno to determine if en error occurred in setlocale + * @description Do not rely solely on errno to determine if en error occurred in setlocale. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/cert/id/err30-c + * correctness + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import codingstandards.c.Errno + +class SetlocaleFunctionCall extends FunctionCall { + SetlocaleFunctionCall() { this.getTarget().hasGlobalName("setlocale") } +} + +/** + * An `errno` read after setlocale + */ +ControlFlowNode errnoChecked(SetlocaleFunctionCall setlocale) { + result = setlocale + or + exists(ControlFlowNode mid | + result = mid.getASuccessor() and + mid = errnoChecked(setlocale) and + // stop recursion on a following errno-setting function call + not result instanceof OutOfBandErrnoSettingFunctionCert and + not result instanceof InBandErrnoSettingFunction + ) +} + +/** + * CFG nodes preceding a call to setlocale + */ +ControlFlowNode notZeroedPriorToSetlocale(SetlocaleFunctionCall fc) { + result = fc + or + exists(ControlFlowNode mid | + result = mid.getAPredecessor() and + mid = notZeroedPriorToSetlocale(fc) and + // stop recursion when `errno` is set to zero + not result instanceof ErrnoZeroed and + not result = any(ErrnoGuard g).getZeroedSuccessor() + ) +} + +/** + * A successor of a `setlocale` call appearing + * before a check of the return value + */ +ControlFlowNode returnNotCheckedAfter(SetlocaleFunctionCall setlocale) { + result = setlocale + or + exists(ControlFlowNode mid | + result = mid.getASuccessor() and + mid = returnNotCheckedAfter(setlocale) and + // stop recursion on a return value check + not ( + any(ControlStructure cs).getControllingExpr() = result and + DataFlow::localExprFlow(setlocale, result.(Operation).getAnOperand*()) + ) and + // stop recursion on a following errno setting function call + not result instanceof SetlocaleFunctionCall + ) +} + +from SetlocaleFunctionCall setlocale, ErrnoRead check, string msg +where + not isExcluded(setlocale, Contracts4Package::setlocaleMightSetErrnoQuery()) and + // errno is checked after setlocale + check = errnoChecked(setlocale) and + ( + // errno is not set to zero before the call + exists(ControlFlowNode cause | cause = notZeroedPriorToSetlocale(setlocale) | + // `errno` is not reset anywhere in the function + cause = setlocale.getEnclosingFunction().getBlock() + or + // `errno` is not reset after a call to a function + cause = any(FunctionCall fc2 | fc2 != setlocale) + ) and + msg = + "The value of `errno` may be different than `0` when `setlocale` is called. The following `errno` check might be invalid." + or + //errno is checked before the return value + check = returnNotCheckedAfter(setlocale) and + msg = "Do not read `errno` before checking the return value of a call to `setlocale`." + ) +select setlocale, msg diff --git a/c/cert/test/rules/ERR30-C/ErrnoNotSetToZero.expected b/c/cert/test/rules/ERR30-C/ErrnoNotSetToZero.expected new file mode 100644 index 0000000000..15c6ed77cb --- /dev/null +++ b/c/cert/test/rules/ERR30-C/ErrnoNotSetToZero.expected @@ -0,0 +1,3 @@ +| test.c:11:12:11:18 | call to strtoul | The value of `errno` may be different than `0` when this function is called. | +| test.c:30:12:30:18 | call to strtoul | The value of `errno` may be different than `0` when this function is called. | +| test.c:49:3:49:9 | call to strtoul | The value of `errno` may be different than `0` when this function is called. | diff --git a/c/cert/test/rules/ERR30-C/ErrnoNotSetToZero.qlref b/c/cert/test/rules/ERR30-C/ErrnoNotSetToZero.qlref new file mode 100644 index 0000000000..4edc949520 --- /dev/null +++ b/c/cert/test/rules/ERR30-C/ErrnoNotSetToZero.qlref @@ -0,0 +1 @@ +rules/ERR30-C/ErrnoNotSetToZero.ql \ No newline at end of file diff --git a/c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.expected b/c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.expected new file mode 100644 index 0000000000..b6d7caa513 --- /dev/null +++ b/c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.expected @@ -0,0 +1,3 @@ +| test.c:69:7:69:11 | * ... | Do not read `errno` before checking the return value of function $@. | test.c:68:3:68:7 | call to ftell | call to ftell | +| test.c:69:7:69:11 | call to __errno_location | Do not read `errno` before checking the return value of function $@. | test.c:68:3:68:7 | call to ftell | call to ftell | +| test.c:70:5:70:10 | call to perror | Do not read `errno` before checking the return value of function $@. | test.c:68:3:68:7 | call to ftell | call to ftell | diff --git a/c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.qlref b/c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.qlref new file mode 100644 index 0000000000..8cc224bdb5 --- /dev/null +++ b/c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.qlref @@ -0,0 +1 @@ +rules/ERR30-C/ErrnoReadBeforeReturn.ql \ No newline at end of file diff --git a/c/cert/test/rules/ERR30-C/FunctionCallBeforeErrnoCheck.expected b/c/cert/test/rules/ERR30-C/FunctionCallBeforeErrnoCheck.expected new file mode 100644 index 0000000000..0a4a8f52da --- /dev/null +++ b/c/cert/test/rules/ERR30-C/FunctionCallBeforeErrnoCheck.expected @@ -0,0 +1,2 @@ +| test.c:48:3:48:9 | call to strtoul | The value of `errno` is not checked after this call to `strtoul`. | +| test.c:60:12:60:18 | call to strtoul | The value of `errno` is not checked after this call to `strtoul`. | diff --git a/c/cert/test/rules/ERR30-C/FunctionCallBeforeErrnoCheck.qlref b/c/cert/test/rules/ERR30-C/FunctionCallBeforeErrnoCheck.qlref new file mode 100644 index 0000000000..c11e20831e --- /dev/null +++ b/c/cert/test/rules/ERR30-C/FunctionCallBeforeErrnoCheck.qlref @@ -0,0 +1 @@ +rules/ERR30-C/FunctionCallBeforeErrnoCheck.ql \ No newline at end of file diff --git a/c/cert/test/rules/ERR30-C/SetlocaleMightSetErrno.expected b/c/cert/test/rules/ERR30-C/SetlocaleMightSetErrno.expected new file mode 100644 index 0000000000..9ab88a3395 --- /dev/null +++ b/c/cert/test/rules/ERR30-C/SetlocaleMightSetErrno.expected @@ -0,0 +1,2 @@ +| test.c:98:3:98:11 | call to setlocale | Do not read `errno` before checking the return value of a call to `setlocale`. | +| test.c:104:7:104:15 | call to setlocale | The value of `errno` may be different than `0` when `setlocale` is called. The following `errno` check might be invalid. | diff --git a/c/cert/test/rules/ERR30-C/SetlocaleMightSetErrno.qlref b/c/cert/test/rules/ERR30-C/SetlocaleMightSetErrno.qlref new file mode 100644 index 0000000000..8639ab7764 --- /dev/null +++ b/c/cert/test/rules/ERR30-C/SetlocaleMightSetErrno.qlref @@ -0,0 +1 @@ +rules/ERR30-C/SetlocaleMightSetErrno.ql \ No newline at end of file diff --git a/c/cert/test/rules/ERR30-C/test.c b/c/cert/test/rules/ERR30-C/test.c new file mode 100644 index 0000000000..790e9e78c2 --- /dev/null +++ b/c/cert/test/rules/ERR30-C/test.c @@ -0,0 +1,116 @@ +#include +#include +#include +#include +#include + +void f1(const char *c_str) { + unsigned long number; + char *endptr; + + number = strtoul(c_str, &endptr, 0); // NON_COMPLIANT + if (endptr == c_str || (number == ULONG_MAX && errno == ERANGE)) { + } +} + +void f2(const char *c_str) { + unsigned long number; + char *endptr; + + errno = 0; + number = strtoul(c_str, &endptr, 0); // COMPLIANT + if (endptr == c_str || (number == ULONG_MAX && errno == ERANGE)) { + } +} + +void f1a(const char *c_str) { + unsigned long number; + char *endptr; + + number = strtoul(c_str, &endptr, 0); // NON_COMPLIANT + if (errno == ERANGE) { + } +} + +void f2a(const char *c_str) { + unsigned long number; + char *endptr; + + errno = 0; + number = strtoul(c_str, &endptr, 0); // COMPLIANT + if (errno == ERANGE) { + } +} +void f2b(const char *c_str) { + char *endptr; + + errno = 0; + strtoul(c_str, &endptr, 0); // NON_COMPLIANT + strtoul(c_str, &endptr, 0); // NON_COMPLIANT + if (errno == ERANGE) { + } +} + +void helper() {} +void f2c(const char *c_str) { + unsigned long number; + char *endptr; + + errno = 0; + number = strtoul(c_str, &endptr, 0); // NON_COMPLIANT + helper(); + if (endptr == c_str || (number == ULONG_MAX && errno == ERANGE)) { + } +} + +void f3(FILE *fp) { + errno = 0; + ftell(fp); + if (errno) { // NON_COMPLIANT + perror("ftell"); // NON_COMPLIANT + } +} + +void f4(FILE *fp) { + if (ftell(fp) == -1) { + perror("ftell"); // COMPLIANT + } +} + +void f4b(FILE *fp) { + long l = ftell(fp); + if (l == -1) { + perror("ftell"); // COMPLIANT + } +} + +void f5() { + setlocale(LC_ALL, "en_US.UTF-8"); // COMPLIANT +} + +void f6() { + if (setlocale(LC_ALL, "en_US.UTF-8") == NULL) { // COMPLIANT + } +} + +void f7() { + errno = 0; + setlocale(LC_ALL, "en_US.UTF-8"); // NON_COMPLIANT + if (errno != 0) { + } +} + +void f8() { + if (setlocale(LC_ALL, "en_US.UTF-8") == NULL) { // NON_COMPLIANT + if (errno != 0) { + } + } +} + +void f9() { + errno = 0; + if (setlocale(LC_ALL, "en_US.UTF-8") == NULL) { // COMPLIANT + if (errno != 0) { + } + } +} \ No newline at end of file diff --git a/c/common/src/codingstandards/c/Errno.qll b/c/common/src/codingstandards/c/Errno.qll index 0f0cd7c10d..d606593a1e 100644 --- a/c/common/src/codingstandards/c/Errno.qll +++ b/c/common/src/codingstandards/c/Errno.qll @@ -1,27 +1,39 @@ /** Provides a library for errno-setting functions. */ import cpp +import semmle.code.cpp.dataflow.DataFlow -/* +/** * An errno-setting function */ - abstract class ErrnoSettingFunction extends Function { } -/* +/** * An errno-setting function that return out-of-band errors indicators + * as listed in the MISRA standard */ - -class OutOfBandErrnoSettingFunction extends ErrnoSettingFunction { - OutOfBandErrnoSettingFunction() { +class OutOfBandErrnoSettingFunctionMisra extends ErrnoSettingFunction { + OutOfBandErrnoSettingFunctionMisra() { this.hasGlobalName(["ftell", "fgetpos", "fsetpos", "mbrtowc", "wcrtomb", "wcsrtombs"]) } } -/* - * An errno-setting function that return in-band errors indicators +/** + * An errno-setting function that return out-of-band errors indicators + * as listed in the CERT standard */ +class OutOfBandErrnoSettingFunctionCert extends Function { + OutOfBandErrnoSettingFunctionCert() { + this.hasGlobalName([ + "ftell", "fgetpos", "fsetpos", "mbrtowc", "mbsrtowcs", "signal", "wcrtomb", "wcsrtombs", + "mbrtoc16", "mbrtoc32", "c16rtomb", "c32rtomb" + ]) + } +} +/** + * An errno-setting function that return in-band errors indicators + */ class InBandErrnoSettingFunction extends ErrnoSettingFunction { InBandErrnoSettingFunction() { this.hasGlobalName([ @@ -32,10 +44,27 @@ class InBandErrnoSettingFunction extends ErrnoSettingFunction { } } -/* - * A assignment expression setting `errno` to 0 +/** + * A call to an `InBandErrnoSettingFunction` + */ +class InBandErrnoSettingFunctionCall extends FunctionCall { + InBandErrnoSettingFunctionCall() { this.getTarget() instanceof InBandErrnoSettingFunction } +} + +/** + * An expression reading the value of `errno` */ +class ErrnoRead extends Expr { + ErrnoRead() { + this = any(MacroInvocation ma | ma.getMacroName() = "errno").getAnExpandedElement() + or + this.(FunctionCall).getTarget().hasName(["perror", "strerror"]) + } +} +/** + * A assignment expression setting `errno` to 0 + */ class ErrnoZeroed extends AssignExpr { ErrnoZeroed() { this.getLValue() = any(MacroInvocation ma | ma.getMacroName() = "errno").getExpr() and @@ -43,23 +72,22 @@ class ErrnoZeroed extends AssignExpr { } } -/* +/** * A guard controlled by a errno comparison */ - abstract class ErrnoGuard extends StmtParent { abstract ControlFlowNode getZeroedSuccessor(); abstract ControlFlowNode getNonZeroedSuccessor(); } -class ErrnoIfGuard extends EqualityOperation, ErrnoGuard { +class ErrnoIfGuard extends ErrnoGuard { ControlStructure i; ErrnoIfGuard() { - this.getAnOperand() = any(MacroInvocation ma | ma.getMacroName() = "errno").getExpr() and - this.getAnOperand().getValue() = "0" and - i.getControllingExpr() = this + i.getControllingExpr() = this and + this.(EqualityOperation).getAnOperand*() = + any(MacroInvocation ma | ma.getMacroName() = "errno").getExpr() } Stmt getThenSuccessor() { @@ -77,11 +105,29 @@ class ErrnoIfGuard extends EqualityOperation, ErrnoGuard { } override ControlFlowNode getZeroedSuccessor() { - if this instanceof EQExpr then result = this.getThenSuccessor() else result = getElseSuccessor() + ( + if this instanceof EQExpr + then result = this.getThenSuccessor() + else result = getElseSuccessor() + ) and + ( + this.(EqualityOperation).getAnOperand().getValue() = "0" + or + this = any(MacroInvocation ma | ma.getMacroName() = "errno").getExpr() + ) } override ControlFlowNode getNonZeroedSuccessor() { - if this instanceof NEExpr then result = this.getThenSuccessor() else result = getElseSuccessor() + ( + if this instanceof NEExpr + then result = this.getThenSuccessor() + else result = getElseSuccessor() + ) and + ( + this.(EqualityOperation).getAnOperand().getValue() = "0" + or + this = any(MacroInvocation ma | ma.getMacroName() = "errno").getExpr() + ) } } diff --git a/c/misra/src/rules/RULE-22-10/OnlyTestErrnoRightAfterErrnoSettingFunction.ql b/c/misra/src/rules/RULE-22-10/OnlyTestErrnoRightAfterErrnoSettingFunction.ql index a8b1e312d2..eab5a0c089 100644 --- a/c/misra/src/rules/RULE-22-10/OnlyTestErrnoRightAfterErrnoSettingFunction.ql +++ b/c/misra/src/rules/RULE-22-10/OnlyTestErrnoRightAfterErrnoSettingFunction.ql @@ -16,28 +16,25 @@ import cpp import codingstandards.c.misra import codingstandards.c.Errno -/* +/** * A call to an `ErrnoSettingFunction` */ - class ErrnoSettingFunctionCall extends FunctionCall { ErrnoSettingFunctionCall() { this.getTarget() instanceof ErrnoSettingFunction } } -/* +/** * A function call that is not part of the `errno` macro expansion */ - class MaySetErrnoCall extends FunctionCall { MaySetErrnoCall() { not inmacroexpansion(this, any(MacroInvocation ma | ma.getMacroName() = "errno")) } } -/* +/** * CFG nodes preceding a `errno` test where `errno` is not set */ - ControlFlowNode notSetPriorToErrnoTest(EqualityOperation eg) { result = eg or diff --git a/c/misra/src/rules/RULE-22-8/ErrnoSetToZeroPriorToCall.ql b/c/misra/src/rules/RULE-22-8/ErrnoSetToZeroPriorToCall.ql index 1dee846bb1..de9a083545 100644 --- a/c/misra/src/rules/RULE-22-8/ErrnoSetToZeroPriorToCall.ql +++ b/c/misra/src/rules/RULE-22-8/ErrnoSetToZeroPriorToCall.ql @@ -16,18 +16,16 @@ import cpp import codingstandards.c.misra import codingstandards.c.Errno -/* +/** * A call to an `ErrnoSettingFunction` */ - class ErrnoSettingFunctionCall extends FunctionCall { ErrnoSettingFunctionCall() { this.getTarget() instanceof ErrnoSettingFunction } } -/* +/** * CFG nodes preceding a `ErrnoSettingFunctionCall` */ - ControlFlowNode notZeroedPriorToErrnoSet(ErrnoSettingFunctionCall fc) { result = fc or diff --git a/c/misra/src/rules/RULE-22-9/ErrnoSetToZeroAfterCall.ql b/c/misra/src/rules/RULE-22-9/ErrnoSetToZeroAfterCall.ql index 0a49529d1d..da4504b75b 100644 --- a/c/misra/src/rules/RULE-22-9/ErrnoSetToZeroAfterCall.ql +++ b/c/misra/src/rules/RULE-22-9/ErrnoSetToZeroAfterCall.ql @@ -15,18 +15,9 @@ import cpp import codingstandards.c.misra import codingstandards.c.Errno -/* - * A call to an `ErrnoSettingFunction` - */ - -class InBandErrnoSettingFunctionCall extends FunctionCall { - InBandErrnoSettingFunctionCall() { this.getTarget() instanceof InBandErrnoSettingFunction } -} - -/* +/** * CFG nodes following a `ErrnoSettingFunctionCall` */ - ControlFlowNode notTestedAfterErrnoSet(InBandErrnoSettingFunctionCall fc) { result = fc or diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts4.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts4.qll new file mode 100644 index 0000000000..b0378cd1ec --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts4.qll @@ -0,0 +1,74 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype Contracts4Query = + TSetlocaleMightSetErrnoQuery() or + TErrnoReadBeforeReturnQuery() or + TFunctionCallBeforeErrnoCheckQuery() or + TErrnoNotSetToZeroQuery() + +predicate isContracts4QueryMetadata(Query query, string queryId, string ruleId) { + query = + // `Query` instance for the `setlocaleMightSetErrno` query + Contracts4Package::setlocaleMightSetErrnoQuery() and + queryId = + // `@id` for the `setlocaleMightSetErrno` query + "c/cert/setlocale-might-set-errno" and + ruleId = "ERR30-C" + or + query = + // `Query` instance for the `errnoReadBeforeReturn` query + Contracts4Package::errnoReadBeforeReturnQuery() and + queryId = + // `@id` for the `errnoReadBeforeReturn` query + "c/cert/errno-read-before-return" and + ruleId = "ERR30-C" + or + query = + // `Query` instance for the `functionCallBeforeErrnoCheck` query + Contracts4Package::functionCallBeforeErrnoCheckQuery() and + queryId = + // `@id` for the `functionCallBeforeErrnoCheck` query + "c/cert/function-call-before-errno-check" and + ruleId = "ERR30-C" + or + query = + // `Query` instance for the `errnoNotSetToZero` query + Contracts4Package::errnoNotSetToZeroQuery() and + queryId = + // `@id` for the `errnoNotSetToZero` query + "c/cert/errno-not-set-to-zero" and + ruleId = "ERR30-C" +} + +module Contracts4Package { + Query setlocaleMightSetErrnoQuery() { + //autogenerate `Query` type + result = + // `Query` type for `setlocaleMightSetErrno` query + TQueryC(TContracts4PackageQuery(TSetlocaleMightSetErrnoQuery())) + } + + Query errnoReadBeforeReturnQuery() { + //autogenerate `Query` type + result = + // `Query` type for `errnoReadBeforeReturn` query + TQueryC(TContracts4PackageQuery(TErrnoReadBeforeReturnQuery())) + } + + Query functionCallBeforeErrnoCheckQuery() { + //autogenerate `Query` type + result = + // `Query` type for `functionCallBeforeErrnoCheck` query + TQueryC(TContracts4PackageQuery(TFunctionCallBeforeErrnoCheckQuery())) + } + + Query errnoNotSetToZeroQuery() { + //autogenerate `Query` type + result = + // `Query` type for `errnoNotSetToZero` query + TQueryC(TContracts4PackageQuery(TErrnoNotSetToZeroQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index e3b6352ed2..ad05d9b737 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -11,6 +11,7 @@ import Concurrency5 import Contracts1 import Contracts2 import Contracts3 +import Contracts4 import Declarations1 import Declarations2 import Declarations3 @@ -46,6 +47,7 @@ newtype TCQuery = TContracts1PackageQuery(Contracts1Query q) or TContracts2PackageQuery(Contracts2Query q) or TContracts3PackageQuery(Contracts3Query q) or + TContracts4PackageQuery(Contracts4Query q) or TDeclarations1PackageQuery(Declarations1Query q) or TDeclarations2PackageQuery(Declarations2Query q) or TDeclarations3PackageQuery(Declarations3Query q) or @@ -81,6 +83,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId) { isContracts1QueryMetadata(query, queryId, ruleId) or isContracts2QueryMetadata(query, queryId, ruleId) or isContracts3QueryMetadata(query, queryId, ruleId) or + isContracts4QueryMetadata(query, queryId, ruleId) or isDeclarations1QueryMetadata(query, queryId, ruleId) or isDeclarations2QueryMetadata(query, queryId, ruleId) or isDeclarations3QueryMetadata(query, queryId, ruleId) or diff --git a/rule_packages/c/Contracts4.json b/rule_packages/c/Contracts4.json new file mode 100644 index 0000000000..90568bec98 --- /dev/null +++ b/rule_packages/c/Contracts4.json @@ -0,0 +1,46 @@ +{ + "CERT-C": { + "ERR30-C": { + "properties": { + "obligation": "rule" + }, + "queries": [{ + "description": "Do not rely solely on errno to determine if en error occurred in setlocale.", + "kind": "problem", + "name": "Do not rely solely on errno to determine if en error occurred in setlocale", + "precision": "high", + "severity": "error", + "short_name": "SetlocaleMightSetErrno", + "tags": ["correctness"] + }, { + "description": "Do not check errno before the function return value. Failing to do so might invalidate the error detection.", + "kind": "problem", + "name": "Do not check errno before the function return value", + "precision": "high", + "severity": "error", + "short_name": "ErrnoReadBeforeReturn", + "tags": ["correctness"] + }, + { + "description": "After calling an errno-setting function, check errno before calling any other function. Failing to do so might end in errno being overwritten.", + "kind": "problem", + "name": "Do not call a function before checking errno", + "precision": "high", + "severity": "error", + "short_name": "FunctionCallBeforeErrnoCheck", + "tags": ["correctness"] + }, + { + "description": "Set errno to zero prior to each call to an errno-setting function. Failing to do so might end in spurious errno values.", + "kind": "problem", + "name": "Errno is not set to zero prior to an errno-setting call", + "precision": "high", + "severity": "error", + "short_name": "ErrnoNotSetToZero", + "tags": ["correctness"] + } + ], + "title": "Take care when reading errno" + } + } +} \ No newline at end of file diff --git a/rules.csv b/rules.csv old mode 100755 new mode 100644 index e05422db9e..ec8b29eaf9 --- a/rules.csv +++ b/rules.csv @@ -511,7 +511,7 @@ c,CERT-C,ENV31-C,Yes,Rule,,,Do not rely on an environment pointer following an o c,CERT-C,ENV32-C,Yes,Rule,,,All exit handlers must return normally,,Contracts2,Medium, c,CERT-C,ENV33-C,Yes,Rule,,,Do not call system(),"RULE-21-21, M18-0-3",Banned,Easy, c,CERT-C,ENV34-C,Yes,Rule,,,Do not store pointers returned by certain functions,RULE-21-20,Contracts2,Medium, -c,CERT-C,ERR30-C,Yes,Rule,,,"Set errno to zero before calling a library function known to set errno, and check errno only after the function returns a value indicating failure",M19-3-1,Contracts,Hard, +c,CERT-C,ERR30-C,Yes,Rule,,,"Take care when reading errno",M19-3-1,Contracts4,Hard, c,CERT-C,ERR32-C,Yes,Rule,,,Do not rely on indeterminate values of errno,,Contracts,Hard, c,CERT-C,ERR33-C,Yes,Rule,,,Detect and handle standard library errors,MEM52-CPP,Contracts,Hard, c,CERT-C,ERR34-C,OutOfScope,Rule,,,Detect errors when converting a string to a number,,,, From be0eca902024e567364318804c8e67c898f25771 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Mon, 24 Oct 2022 16:04:40 -0400 Subject: [PATCH 0042/2573] Declarations4: add RULE-8-2 --- .../FunctionTypesNotInPrototypeForm.ql | 46 +++++++++++++++++++ .../FunctionTypesNotInPrototypeForm.expected | 5 ++ .../FunctionTypesNotInPrototypeForm.qlref | 1 + c/misra/test/rules/RULE-8-2/test.c | 9 ++++ .../cpp/exclusions/c/Declarations4.qll | 19 +++++++- rule_packages/c/Declarations4.json | 23 ++++++++++ rules.csv | 2 +- 7 files changed, 103 insertions(+), 2 deletions(-) create mode 100644 c/misra/src/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.ql create mode 100644 c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.expected create mode 100644 c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.qlref create mode 100644 c/misra/test/rules/RULE-8-2/test.c diff --git a/c/misra/src/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.ql b/c/misra/src/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.ql new file mode 100644 index 0000000000..5a89df23d4 --- /dev/null +++ b/c/misra/src/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.ql @@ -0,0 +1,46 @@ +/** + * @id c/misra/function-types-not-in-prototype-form + * @name RULE-8-2: Function types shall be in prototype form with named parameters + * @description Omission of parameter types or names prevents the compiler from doing type checking + * when those functions are used and therefore may result in undefined behaviour. + * @kind problem + * @precision medium + * @problem.severity error + * @tags external/misra/id/rule-8-2 + * correctness + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.Identifiers + +/** + * `Parameter`s without names + */ +class UnnamedParameter extends Parameter { + UnnamedParameter() { not this.isNamed() } +} + +from Function f, string msg +where + not isExcluded(f, Declarations4Package::functionTypesNotInPrototypeFormQuery()) and + f instanceof InterestingIdentifiers and + ( + f.getAParameter() instanceof UnnamedParameter and + msg = "Function " + f + " declares parameter that is unnamed." + or + //void keyword not present in function signature, no way to tell which + not exists(f.getAParameter()) and + msg = + "Function " + f + + " may not specify all parameter types or may not specifiy void for no parameters present." + or + exists(Parameter p | + p.getFunction() = f and + not p.getFile() = f.getFile() and + msg = "Function " + f + " declares parameter in unsupported declaration list." + ) + ) and + not f.isInMacroExpansion() +select f, msg diff --git a/c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.expected b/c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.expected new file mode 100644 index 0000000000..e33bdcfd28 --- /dev/null +++ b/c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.expected @@ -0,0 +1,5 @@ +| test.c:2:6:2:7 | f0 | Function f0 may not specify all parameter types or may not specifiy void for no parameters present. | +| test.c:3:6:3:7 | f1 | Function f1 declares parameter that is unnamed. | +| test.c:4:6:4:7 | f2 | Function f2 may not specify all parameter types or may not specifiy void for no parameters present. | +| test.c:5:6:5:7 | f3 | Function f3 may not specify all parameter types or may not specifiy void for no parameters present. | +| test.c:7:5:7:6 | f5 | Function f5 declares parameter in unsupported declaration list. | diff --git a/c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.qlref b/c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.qlref new file mode 100644 index 0000000000..0a6121b324 --- /dev/null +++ b/c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.qlref @@ -0,0 +1 @@ +rules/RULE-8-2/FunctionTypesNotInPrototypeForm.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-2/test.c b/c/misra/test/rules/RULE-8-2/test.c new file mode 100644 index 0000000000..4f1b3509c6 --- /dev/null +++ b/c/misra/test/rules/RULE-8-2/test.c @@ -0,0 +1,9 @@ +void f(int x); // COMPLIANT +void f0(void); // COMPLIANT[FALSE_POSITIVE] +void f1(int); // NON_COMPLIANT +void f2(); // NON_COMPLIANT +void f3(x); // NON_COMPLIANT +void f4(const x); // NON_COMPLIANT[FALSE_NEGATIVE] +int f5(x) // NON_COMPLIANT +int x; +{ return 1; } \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations4.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations4.qll index d4a6b443ef..29cae700f3 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations4.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations4.qll @@ -3,9 +3,19 @@ import cpp import RuleMetadata import codingstandards.cpp.exclusions.RuleMetadata -newtype Declarations4Query = TIdentifierWithExternalLinkageOneDefinitionQuery() +newtype Declarations4Query = + TFunctionTypesNotInPrototypeFormQuery() or + TIdentifierWithExternalLinkageOneDefinitionQuery() predicate isDeclarations4QueryMetadata(Query query, string queryId, string ruleId) { + query = + // `Query` instance for the `functionTypesNotInPrototypeForm` query + Declarations4Package::functionTypesNotInPrototypeFormQuery() and + queryId = + // `@id` for the `functionTypesNotInPrototypeForm` query + "c/misra/function-types-not-in-prototype-form" and + ruleId = "RULE-8-2" + or query = // `Query` instance for the `identifierWithExternalLinkageOneDefinition` query Declarations4Package::identifierWithExternalLinkageOneDefinitionQuery() and @@ -16,6 +26,13 @@ predicate isDeclarations4QueryMetadata(Query query, string queryId, string ruleI } module Declarations4Package { + Query functionTypesNotInPrototypeFormQuery() { + //autogenerate `Query` type + result = + // `Query` type for `functionTypesNotInPrototypeForm` query + TQueryC(TDeclarations4PackageQuery(TFunctionTypesNotInPrototypeFormQuery())) + } + Query identifierWithExternalLinkageOneDefinitionQuery() { //autogenerate `Query` type result = diff --git a/rule_packages/c/Declarations4.json b/rule_packages/c/Declarations4.json index 56f79c08e7..4efd48d25a 100644 --- a/rule_packages/c/Declarations4.json +++ b/rule_packages/c/Declarations4.json @@ -1,5 +1,28 @@ { "MISRA-C-2012": { + "RULE-8-2": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Omission of parameter types or names prevents the compiler from doing type checking when those functions are used and therefore may result in undefined behaviour.", + "kind": "problem", + "name": "Function types shall be in prototype form with named parameters", + "precision": "medium", + "severity": "error", + "short_name": "FunctionTypesNotInPrototypeForm", + "tags": [ + "correctness" + ], + "implementation_scope": { + "description": "This query does not check for implicitly typed parameters and checks function declarations and definitions but not function pointer types. This query cannot determine when the keyword void is used in place of no parameter.", + "items": [] + } + } + ], + "title": "Function types shall be in prototype form with named parameters" + }, "RULE-8-6": { "properties": { "obligation": "required" diff --git a/rules.csv b/rules.csv index 677b2678fa..ce93dd72e9 100755 --- a/rules.csv +++ b/rules.csv @@ -647,7 +647,7 @@ c,MISRA-C-2012,RULE-7-2,Yes,Required,,,A �u� or �U� suffix shall be appl c,MISRA-C-2012,RULE-7-3,Yes,Required,,,The lowercase character �l� shall not be used in a literal suffix,M2-13-4,Syntax,Easy, c,MISRA-C-2012,RULE-7-4,Yes,Required,,,A string literal shall not be assigned to an object unless the object�s type is �pointer to const-qualified char�,A2-13-4,Types,Easy, c,MISRA-C-2012,RULE-8-1,Yes,Required,,,Types shall be explicitly specified,,Declarations3,Medium, -c,MISRA-C-2012,RULE-8-2,Yes,Required,,,Function types shall be in prototype form with named parameters,,Declarations,Medium, +c,MISRA-C-2012,RULE-8-2,Yes,Required,,,Function types shall be in prototype form with named parameters,,Declarations4,Medium, c,MISRA-C-2012,RULE-8-3,Yes,Required,,,All declarations of an object or function shall use the same names and type qualifiers,M3-2-1,Declarations,Medium, c,MISRA-C-2012,RULE-8-4,Yes,Required,,,A compatible declaration shall be visible when an object or function with external linkage is defined,,Declarations,Medium, c,MISRA-C-2012,RULE-8-5,Yes,Required,,,An external object or function shall be declared once in one and only one file,,Declarations,Medium, From 89738204d01ce50437db2f782961f05cd32dfcfa Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 25 Oct 2022 22:51:50 -0400 Subject: [PATCH 0043/2573] Preprocessor6: improve DIR-4-9 --- .../DIR-4-9/FunctionOverFunctionLikeMacro.ql | 19 +++++++----- .../FunctionOverFunctionLikeMacro.expected | 3 +- c/misra/test/rules/DIR-4-9/test.c | 31 +++++++++++-------- 3 files changed, 32 insertions(+), 21 deletions(-) diff --git a/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql b/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql index 2dc0e95c5c..ea8942a954 100644 --- a/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql +++ b/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql @@ -15,14 +15,17 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.FunctionLikeMacro import codingstandards.cpp.Naming +import codingstandards.cpp.Macro abstract class IrreplaceableFunctionLikeMacro extends FunctionLikeMacro { } /** A standard library function like macro that contains the use of a stringize or tokenize operator should not be replaced by a function. */ private class StringizeOrTokenizeMacro extends IrreplaceableFunctionLikeMacro { - StringizeOrTokenizeMacro() { this.getBody().regexpMatch(".*\\#{1,2}?.*") } + StringizeOrTokenizeMacro() { + exists(TokenPastingOperator t | t.getMacro() = this) or + exists(StringizingOperator s | s.getMacro() = this) + } } /** A standard library function like macro that should not be replaced by a function. */ @@ -38,14 +41,14 @@ private class AsmArgumentInvoked extends IrreplaceableFunctionLikeMacro { } /** A macro that is only invoked with constant arguments is more likely to be compile-time evaluated than a function call so do not suggest replacement. */ -private class OnlyConstantNumericInvoked extends IrreplaceableFunctionLikeMacro { - OnlyConstantNumericInvoked() { +private class OnlyConstantArgsInvoked extends IrreplaceableFunctionLikeMacro { + OnlyConstantArgsInvoked() { forex(MacroInvocation mi | mi = this.getAnInvocation() | //int/float literals mi.getUnexpandedArgument(_).regexpMatch("\\d+") or - //char/string literal - mi.getUnexpandedArgument(_).regexpMatch("(\\'|\")+.*") + //char literal or string literal, which is a literal surrounded by single quotes or double quotes + mi.getUnexpandedArgument(_).regexpMatch("('[^']*'|\"[^\"]*\")") ) } } @@ -79,6 +82,8 @@ from FunctionLikeMacro m where not isExcluded(m, Preprocessor6Package::functionOverFunctionLikeMacroQuery()) and not m instanceof IrreplaceableFunctionLikeMacro and + //macros can have empty body + not m.getBody().length() = 0 and //function call not allowed in a constant expression (where constant expr is parent) forall(MacroInvocation i | i = m.getAnInvocation() | not partOfConstantExpr(i)) -select m, "Macro used when function call would be preferred." +select m, "Macro used when function call would be preferred.", m.getBody().length() diff --git a/c/misra/test/rules/DIR-4-9/FunctionOverFunctionLikeMacro.expected b/c/misra/test/rules/DIR-4-9/FunctionOverFunctionLikeMacro.expected index 3ba148767c..c6eb1d9cc4 100644 --- a/c/misra/test/rules/DIR-4-9/FunctionOverFunctionLikeMacro.expected +++ b/c/misra/test/rules/DIR-4-9/FunctionOverFunctionLikeMacro.expected @@ -1 +1,2 @@ -| test.c:4:1:6:12 | #define MACRO4(L) (L" " "suffix") | Macro used when function call would be preferred. | +| test.c:4:1:4:25 | #define MACRO4(x) (x + 1) | Macro used when function call would be preferred. | 7 | +| test.c:9:1:9:48 | #define MACRO9() printf_custom("output = %d", 7) | Macro used when function call would be preferred. | 31 | diff --git a/c/misra/test/rules/DIR-4-9/test.c b/c/misra/test/rules/DIR-4-9/test.c index b828b31116..bf79b328cd 100644 --- a/c/misra/test/rules/DIR-4-9/test.c +++ b/c/misra/test/rules/DIR-4-9/test.c @@ -1,14 +1,17 @@ -#define MACRO(OP, L, R) ((L)OP(R)) // COMPLIANT -#define MACRO2(L, R) (L + R) // COMPLIANT -#define MACRO3(L, R) (L " " R " " L) // COMPLIANT -#define MACRO4(L) \ - (L" " \ - "suffix") // NON_COMPLIANT -#define MACRO5(L, LR) (LR + 1) // COMPLIANT -#define MACRO6(X, LR) (LR + 1) // COMPLIANT -#define MACRO7(x, y) x##y // COMPLIANT +#define MACRO(OP, L, R) ((L)OP(R)) // COMPLIANT +#define MACRO2(L, R) (L + R) // COMPLIANT +#define MACRO3(L, R) (L " " R " " L) // COMPLIANT +#define MACRO4(x) (x + 1) // NON_COMPLIANT +#define MACRO5(L, LR) (LR + 1) // COMPLIANT +#define MACRO6(x) printf_custom("output = %d", test##x) // COMPLIANT +#define MACRO7(x) #x // COMPLIANT +#define MACRO8(x) "NOP" // COMPLIANT +#define MACRO9() printf_custom("output = %d", 7) // NON_COMPLIANT +#define MACRO10(x) // COMPLIANT const char a1[MACRO2(1, 1) + 6]; +extern printf_custom(); +int test1; void f() { int i = MACRO(+, 1, 1); @@ -18,13 +21,15 @@ void f() { char *i4 = MACRO3("prefix", "suffix"); - char *i5 = MACRO4("prefix"); + int i5 = MACRO4(1); - char *i6 = MACRO4(MACRO2(1, 1)); + int i6 = MACRO4(MACRO2(1, 1)); int i7 = MACRO5(1, 1); - int i8 = MACRO6(1, 1); + MACRO6(1); - char *i9 = MACRO7("prefix", "suffix"); + char *i10 = MACRO7("prefix"); + + asm(MACRO8(1)); } \ No newline at end of file From 2f23fe2a150d782ed8a1bca76ab49fab87965da0 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 26 Oct 2022 11:08:36 -0400 Subject: [PATCH 0044/2573] Declarations4: improve RULE-8-2 --- .../FunctionTypesNotInPrototypeForm.ql | 21 ++++++++++++++----- .../FunctionTypesNotInPrototypeForm.expected | 5 ++--- c/misra/test/rules/RULE-8-2/test.c | 2 +- 3 files changed, 19 insertions(+), 9 deletions(-) diff --git a/c/misra/src/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.ql b/c/misra/src/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.ql index 5a89df23d4..2abeaa2f04 100644 --- a/c/misra/src/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.ql +++ b/c/misra/src/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.ql @@ -22,6 +22,20 @@ class UnnamedParameter extends Parameter { UnnamedParameter() { not this.isNamed() } } +/* + * This is a copy of the private `hasZeroParamDecl` predicate from the standard set of + * queries as of the `codeql-cli/2.11.2` tag in `github/codeql`. + */ + +predicate hasZeroParamDecl(Function f) { + exists(FunctionDeclarationEntry fde | fde = f.getADeclarationEntry() | + not fde.isImplicit() and + not fde.hasVoidParamList() and + fde.getNumberOfParameters() = 0 and + not fde.isDefinition() + ) +} + from Function f, string msg where not isExcluded(f, Declarations4Package::functionTypesNotInPrototypeFormQuery()) and @@ -30,11 +44,8 @@ where f.getAParameter() instanceof UnnamedParameter and msg = "Function " + f + " declares parameter that is unnamed." or - //void keyword not present in function signature, no way to tell which - not exists(f.getAParameter()) and - msg = - "Function " + f + - " may not specify all parameter types or may not specifiy void for no parameters present." + hasZeroParamDecl(f) and + msg = "Function " + f + " does not specifiy void for no parameters present." or exists(Parameter p | p.getFunction() = f and diff --git a/c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.expected b/c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.expected index e33bdcfd28..f33a53174e 100644 --- a/c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.expected +++ b/c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.expected @@ -1,5 +1,4 @@ -| test.c:2:6:2:7 | f0 | Function f0 may not specify all parameter types or may not specifiy void for no parameters present. | | test.c:3:6:3:7 | f1 | Function f1 declares parameter that is unnamed. | -| test.c:4:6:4:7 | f2 | Function f2 may not specify all parameter types or may not specifiy void for no parameters present. | -| test.c:5:6:5:7 | f3 | Function f3 may not specify all parameter types or may not specifiy void for no parameters present. | +| test.c:4:6:4:7 | f2 | Function f2 does not specifiy void for no parameters present. | +| test.c:5:6:5:7 | f3 | Function f3 does not specifiy void for no parameters present. | | test.c:7:5:7:6 | f5 | Function f5 declares parameter in unsupported declaration list. | diff --git a/c/misra/test/rules/RULE-8-2/test.c b/c/misra/test/rules/RULE-8-2/test.c index 4f1b3509c6..c254a221d9 100644 --- a/c/misra/test/rules/RULE-8-2/test.c +++ b/c/misra/test/rules/RULE-8-2/test.c @@ -1,5 +1,5 @@ void f(int x); // COMPLIANT -void f0(void); // COMPLIANT[FALSE_POSITIVE] +void f0(void); // COMPLIANT void f1(int); // NON_COMPLIANT void f2(); // NON_COMPLIANT void f3(x); // NON_COMPLIANT From f15f8f5c14f17b0900f3eb869515ca4ecc52a69e Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Fri, 28 Oct 2022 12:15:34 -0400 Subject: [PATCH 0045/2573] Preprocessor6: improve DIR-4-9 --- .../DIR-4-9/FunctionOverFunctionLikeMacro.ql | 57 +----------------- .../IrreplaceableFunctionLikeMacro.qll | 58 +++++++++++++++++++ .../FunctionOverFunctionLikeMacro.expected | 4 +- c/misra/test/rules/DIR-4-9/test.c | 5 ++ 4 files changed, 67 insertions(+), 57 deletions(-) create mode 100644 c/misra/src/rules/DIR-4-9/IrreplaceableFunctionLikeMacro.qll diff --git a/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql b/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql index ea8942a954..50f8383572 100644 --- a/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql +++ b/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql @@ -15,60 +15,7 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.Naming -import codingstandards.cpp.Macro - -abstract class IrreplaceableFunctionLikeMacro extends FunctionLikeMacro { } - -/** A standard library function like macro that contains the use of a stringize or tokenize operator should not be replaced by a function. */ -private class StringizeOrTokenizeMacro extends IrreplaceableFunctionLikeMacro { - StringizeOrTokenizeMacro() { - exists(TokenPastingOperator t | t.getMacro() = this) or - exists(StringizingOperator s | s.getMacro() = this) - } -} - -/** A standard library function like macro that should not be replaced by a function. */ -private class StandardLibraryFunctionLikeMacro extends IrreplaceableFunctionLikeMacro { - StandardLibraryFunctionLikeMacro() { Naming::Cpp14::hasStandardLibraryMacroName(this.getName()) } -} - -/** A function like macro invocation as an `asm` argument cannot be replaced by a function. */ -private class AsmArgumentInvoked extends IrreplaceableFunctionLikeMacro { - AsmArgumentInvoked() { - any(AsmStmt s).getLocation().subsumes(this.getAnInvocation().getLocation()) - } -} - -/** A macro that is only invoked with constant arguments is more likely to be compile-time evaluated than a function call so do not suggest replacement. */ -private class OnlyConstantArgsInvoked extends IrreplaceableFunctionLikeMacro { - OnlyConstantArgsInvoked() { - forex(MacroInvocation mi | mi = this.getAnInvocation() | - //int/float literals - mi.getUnexpandedArgument(_).regexpMatch("\\d+") - or - //char literal or string literal, which is a literal surrounded by single quotes or double quotes - mi.getUnexpandedArgument(_).regexpMatch("('[^']*'|\"[^\"]*\")") - ) - } -} - -/** A function like macro invoked to initialize an object with static storage that cannot be replaced with a function call. */ -private class UsedToStaticInitialize extends IrreplaceableFunctionLikeMacro { - UsedToStaticInitialize() { - any(StaticStorageDurationVariable v).getInitializer().getExpr() = - this.getAnInvocation().getExpr() - } -} - -/** A function like macro that is called with an argument that is an operator that cannot be replaced with a function call. */ -private class FunctionLikeMacroWithOperatorArgument extends IrreplaceableFunctionLikeMacro { - FunctionLikeMacroWithOperatorArgument() { - exists(MacroInvocation mi | mi.getMacro() = this | - mi.getUnexpandedArgument(_) = any(Operation op).getOperator() - ) - } -} +import IrreplaceableFunctionLikeMacro predicate partOfConstantExpr(MacroInvocation i) { exists(Expr e | @@ -86,4 +33,4 @@ where not m.getBody().length() = 0 and //function call not allowed in a constant expression (where constant expr is parent) forall(MacroInvocation i | i = m.getAnInvocation() | not partOfConstantExpr(i)) -select m, "Macro used when function call would be preferred.", m.getBody().length() +select m, "Macro used instead of a function." diff --git a/c/misra/src/rules/DIR-4-9/IrreplaceableFunctionLikeMacro.qll b/c/misra/src/rules/DIR-4-9/IrreplaceableFunctionLikeMacro.qll new file mode 100644 index 0000000000..f1ec7a609a --- /dev/null +++ b/c/misra/src/rules/DIR-4-9/IrreplaceableFunctionLikeMacro.qll @@ -0,0 +1,58 @@ +import cpp +import codingstandards.cpp.Macro +import codingstandards.cpp.Naming + +/** + * Macros that cannot be replaced by functions + */ +abstract class IrreplaceableFunctionLikeMacro extends FunctionLikeMacro { } + +/** A function like macro that contains the use of a stringize or tokenize operator should not be replaced by a function. */ +private class StringizeOrTokenizeMacro extends IrreplaceableFunctionLikeMacro { + StringizeOrTokenizeMacro() { + exists(TokenPastingOperator t | t.getMacro() = this) or + exists(StringizingOperator s | s.getMacro() = this) + } +} + +/** A standard library function like macro that should not be replaced by a function. */ +private class StandardLibraryFunctionLikeMacro extends IrreplaceableFunctionLikeMacro { + StandardLibraryFunctionLikeMacro() { Naming::Cpp14::hasStandardLibraryMacroName(this.getName()) } +} + +/** A function like macro invocation as an `asm` argument cannot be replaced by a function. */ +private class AsmArgumentInvoked extends IrreplaceableFunctionLikeMacro { + AsmArgumentInvoked() { + any(AsmStmt s).getLocation().subsumes(this.getAnInvocation().getLocation()) + } +} + +/** A macro that is only invoked with constant arguments is more likely to be compile-time evaluated than a function call so do not suggest replacement. */ +private class OnlyConstantArgsInvoked extends IrreplaceableFunctionLikeMacro { + OnlyConstantArgsInvoked() { + forex(MacroInvocation mi | mi = this.getAnInvocation() | + //int/float literals + mi.getUnexpandedArgument(_).regexpMatch("\\d+") + or + //char literal or string literal, which is a literal surrounded by single quotes or double quotes + mi.getUnexpandedArgument(_).regexpMatch("('[^']*'|\"[^\"]*\")") + ) + } +} + +/** A function like macro invoked to initialize an object with static storage that cannot be replaced with a function call. */ +private class UsedToStaticInitialize extends IrreplaceableFunctionLikeMacro { + UsedToStaticInitialize() { + any(StaticStorageDurationVariable v).getInitializer().getExpr() = + this.getAnInvocation().getExpr() + } +} + +/** A function like macro that is called with an argument that is an operator that cannot be replaced with a function call. */ +private class FunctionLikeMacroWithOperatorArgument extends IrreplaceableFunctionLikeMacro { + FunctionLikeMacroWithOperatorArgument() { + exists(MacroInvocation mi | mi.getMacro() = this | + mi.getUnexpandedArgument(_) = any(Operation op).getOperator() + ) + } +} \ No newline at end of file diff --git a/c/misra/test/rules/DIR-4-9/FunctionOverFunctionLikeMacro.expected b/c/misra/test/rules/DIR-4-9/FunctionOverFunctionLikeMacro.expected index c6eb1d9cc4..22d614a183 100644 --- a/c/misra/test/rules/DIR-4-9/FunctionOverFunctionLikeMacro.expected +++ b/c/misra/test/rules/DIR-4-9/FunctionOverFunctionLikeMacro.expected @@ -1,2 +1,2 @@ -| test.c:4:1:4:25 | #define MACRO4(x) (x + 1) | Macro used when function call would be preferred. | 7 | -| test.c:9:1:9:48 | #define MACRO9() printf_custom("output = %d", 7) | Macro used when function call would be preferred. | 31 | +| test.c:6:1:6:25 | #define MACRO4(x) (x + 1) | Macro used instead of a function. | +| test.c:11:1:11:48 | #define MACRO9() printf_custom("output = %d", 7) | Macro used instead of a function. | diff --git a/c/misra/test/rules/DIR-4-9/test.c b/c/misra/test/rules/DIR-4-9/test.c index bf79b328cd..50e6bdb042 100644 --- a/c/misra/test/rules/DIR-4-9/test.c +++ b/c/misra/test/rules/DIR-4-9/test.c @@ -1,3 +1,5 @@ +#include + #define MACRO(OP, L, R) ((L)OP(R)) // COMPLIANT #define MACRO2(L, R) (L + R) // COMPLIANT #define MACRO3(L, R) (L " " R " " L) // COMPLIANT @@ -8,6 +10,7 @@ #define MACRO8(x) "NOP" // COMPLIANT #define MACRO9() printf_custom("output = %d", 7) // NON_COMPLIANT #define MACRO10(x) // COMPLIANT +#define MY_ASSERT(X) assert(X) // NON_COMPLIANT[FALSE_NEGATIVE] const char a1[MACRO2(1, 1) + 6]; extern printf_custom(); @@ -32,4 +35,6 @@ void f() { char *i10 = MACRO7("prefix"); asm(MACRO8(1)); + + MY_ASSERT(1); } \ No newline at end of file From fe0d3e48364e241d5b070a159ad9a7cb2d8563af Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Fri, 28 Oct 2022 12:18:04 -0400 Subject: [PATCH 0046/2573] Preprocessor6: format DIR-4-9 --- c/misra/src/rules/DIR-4-9/IrreplaceableFunctionLikeMacro.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/misra/src/rules/DIR-4-9/IrreplaceableFunctionLikeMacro.qll b/c/misra/src/rules/DIR-4-9/IrreplaceableFunctionLikeMacro.qll index f1ec7a609a..af62cacfd3 100644 --- a/c/misra/src/rules/DIR-4-9/IrreplaceableFunctionLikeMacro.qll +++ b/c/misra/src/rules/DIR-4-9/IrreplaceableFunctionLikeMacro.qll @@ -55,4 +55,4 @@ private class FunctionLikeMacroWithOperatorArgument extends IrreplaceableFunctio mi.getUnexpandedArgument(_) = any(Operation op).getOperator() ) } -} \ No newline at end of file +} From 799fc609d2db30a1969f9c3c8f2c26da0c80b6cd Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Sun, 30 Oct 2022 09:27:31 +0100 Subject: [PATCH 0047/2573] Update to CodeQL 2.11.0 --- c/cert/src/codeql-pack.lock.yml | 4 +++- c/cert/src/qlpack.yml | 2 +- c/cert/test/codeql-pack.lock.yml | 4 +++- c/common/src/codeql-pack.lock.yml | 4 +++- c/common/src/qlpack.yml | 2 +- c/common/test/codeql-pack.lock.yml | 4 +++- c/misra/src/codeql-pack.lock.yml | 4 +++- c/misra/src/qlpack.yml | 2 +- c/misra/test/codeql-pack.lock.yml | 4 +++- codeql_modules/codeql | 2 +- cpp/autosar/src/codeql-pack.lock.yml | 4 +++- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/codeql-pack.lock.yml | 4 +++- cpp/cert/src/codeql-pack.lock.yml | 4 +++- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/codeql-pack.lock.yml | 4 +++- cpp/common/src/codeql-pack.lock.yml | 4 +++- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/codeql-pack.lock.yml | 4 +++- cpp/misra/src/codeql-pack.lock.yml | 4 +++- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/codeql-pack.lock.yml | 4 +++- cpp/report/src/codeql-pack.lock.yml | 4 +++- cpp/report/src/qlpack.yml | 2 +- supported_codeql_configs.json | 6 +++--- 25 files changed, 57 insertions(+), 27 deletions(-) diff --git a/c/cert/src/codeql-pack.lock.yml b/c/cert/src/codeql-pack.lock.yml index 98fd8cb0ea..95e394b2f4 100644 --- a/c/cert/src/codeql-pack.lock.yml +++ b/c/cert/src/codeql-pack.lock.yml @@ -1,6 +1,8 @@ --- dependencies: codeql/cpp-all: - version: 0.3.1 + version: 0.4.0 + codeql/ssa: + version: 0.0.1 compiled: false lockVersion: 1.0.0 diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index ab00bcba8e..0127035965 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -3,4 +3,4 @@ version: 2.6.0-dev suites: codeql-suites dependencies: codeql/common-c-coding-standards: '*' - codeql/cpp-all: 0.3.1 + codeql/cpp-all: 0.4.0 diff --git a/c/cert/test/codeql-pack.lock.yml b/c/cert/test/codeql-pack.lock.yml index 98fd8cb0ea..95e394b2f4 100644 --- a/c/cert/test/codeql-pack.lock.yml +++ b/c/cert/test/codeql-pack.lock.yml @@ -1,6 +1,8 @@ --- dependencies: codeql/cpp-all: - version: 0.3.1 + version: 0.4.0 + codeql/ssa: + version: 0.0.1 compiled: false lockVersion: 1.0.0 diff --git a/c/common/src/codeql-pack.lock.yml b/c/common/src/codeql-pack.lock.yml index 98fd8cb0ea..95e394b2f4 100644 --- a/c/common/src/codeql-pack.lock.yml +++ b/c/common/src/codeql-pack.lock.yml @@ -1,6 +1,8 @@ --- dependencies: codeql/cpp-all: - version: 0.3.1 + version: 0.4.0 + codeql/ssa: + version: 0.0.1 compiled: false lockVersion: 1.0.0 diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index d821daf3cf..0125987fca 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/common-c-coding-standards version: 2.6.0-dev dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.3.1 + codeql/cpp-all: 0.4.0 diff --git a/c/common/test/codeql-pack.lock.yml b/c/common/test/codeql-pack.lock.yml index 98fd8cb0ea..95e394b2f4 100644 --- a/c/common/test/codeql-pack.lock.yml +++ b/c/common/test/codeql-pack.lock.yml @@ -1,6 +1,8 @@ --- dependencies: codeql/cpp-all: - version: 0.3.1 + version: 0.4.0 + codeql/ssa: + version: 0.0.1 compiled: false lockVersion: 1.0.0 diff --git a/c/misra/src/codeql-pack.lock.yml b/c/misra/src/codeql-pack.lock.yml index 98fd8cb0ea..95e394b2f4 100644 --- a/c/misra/src/codeql-pack.lock.yml +++ b/c/misra/src/codeql-pack.lock.yml @@ -1,6 +1,8 @@ --- dependencies: codeql/cpp-all: - version: 0.3.1 + version: 0.4.0 + codeql/ssa: + version: 0.0.1 compiled: false lockVersion: 1.0.0 diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 80abbb2dd6..aaeaed24ab 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -3,4 +3,4 @@ version: 2.6.0-dev suites: codeql-suites dependencies: codeql/common-c-coding-standards: '*' - codeql/cpp-all: 0.3.1 + codeql/cpp-all: 0.4.0 diff --git a/c/misra/test/codeql-pack.lock.yml b/c/misra/test/codeql-pack.lock.yml index 98fd8cb0ea..95e394b2f4 100644 --- a/c/misra/test/codeql-pack.lock.yml +++ b/c/misra/test/codeql-pack.lock.yml @@ -1,6 +1,8 @@ --- dependencies: codeql/cpp-all: - version: 0.3.1 + version: 0.4.0 + codeql/ssa: + version: 0.0.1 compiled: false lockVersion: 1.0.0 diff --git a/codeql_modules/codeql b/codeql_modules/codeql index fd7561cf27..87cc0481a0 160000 --- a/codeql_modules/codeql +++ b/codeql_modules/codeql @@ -1 +1 @@ -Subproject commit fd7561cf279f64ee266ccdc6746e8d66d81c6b8e +Subproject commit 87cc0481a06e389c765fe916ce01e3a1c4329a2c diff --git a/cpp/autosar/src/codeql-pack.lock.yml b/cpp/autosar/src/codeql-pack.lock.yml index 98fd8cb0ea..95e394b2f4 100644 --- a/cpp/autosar/src/codeql-pack.lock.yml +++ b/cpp/autosar/src/codeql-pack.lock.yml @@ -1,6 +1,8 @@ --- dependencies: codeql/cpp-all: - version: 0.3.1 + version: 0.4.0 + codeql/ssa: + version: 0.0.1 compiled: false lockVersion: 1.0.0 diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index 8c715d1ab7..6dba3a5375 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -3,4 +3,4 @@ version: 2.6.0-dev suites: codeql-suites dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.3.1 + codeql/cpp-all: 0.4.0 diff --git a/cpp/autosar/test/codeql-pack.lock.yml b/cpp/autosar/test/codeql-pack.lock.yml index 98fd8cb0ea..95e394b2f4 100644 --- a/cpp/autosar/test/codeql-pack.lock.yml +++ b/cpp/autosar/test/codeql-pack.lock.yml @@ -1,6 +1,8 @@ --- dependencies: codeql/cpp-all: - version: 0.3.1 + version: 0.4.0 + codeql/ssa: + version: 0.0.1 compiled: false lockVersion: 1.0.0 diff --git a/cpp/cert/src/codeql-pack.lock.yml b/cpp/cert/src/codeql-pack.lock.yml index 98fd8cb0ea..95e394b2f4 100644 --- a/cpp/cert/src/codeql-pack.lock.yml +++ b/cpp/cert/src/codeql-pack.lock.yml @@ -1,6 +1,8 @@ --- dependencies: codeql/cpp-all: - version: 0.3.1 + version: 0.4.0 + codeql/ssa: + version: 0.0.1 compiled: false lockVersion: 1.0.0 diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index 0a803153da..b1370255be 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -2,5 +2,5 @@ name: codeql/cert-cpp-coding-standards version: 2.6.0-dev suites: codeql-suites dependencies: - codeql/cpp-all: 0.3.1 + codeql/cpp-all: 0.4.0 codeql/common-cpp-coding-standards: '*' diff --git a/cpp/cert/test/codeql-pack.lock.yml b/cpp/cert/test/codeql-pack.lock.yml index 98fd8cb0ea..95e394b2f4 100644 --- a/cpp/cert/test/codeql-pack.lock.yml +++ b/cpp/cert/test/codeql-pack.lock.yml @@ -1,6 +1,8 @@ --- dependencies: codeql/cpp-all: - version: 0.3.1 + version: 0.4.0 + codeql/ssa: + version: 0.0.1 compiled: false lockVersion: 1.0.0 diff --git a/cpp/common/src/codeql-pack.lock.yml b/cpp/common/src/codeql-pack.lock.yml index 98fd8cb0ea..95e394b2f4 100644 --- a/cpp/common/src/codeql-pack.lock.yml +++ b/cpp/common/src/codeql-pack.lock.yml @@ -1,6 +1,8 @@ --- dependencies: codeql/cpp-all: - version: 0.3.1 + version: 0.4.0 + codeql/ssa: + version: 0.0.1 compiled: false lockVersion: 1.0.0 diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index 1726a860e3..f4d8dffac4 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/common-cpp-coding-standards version: 2.6.0-dev dependencies: - codeql/cpp-all: 0.3.1 + codeql/cpp-all: 0.4.0 diff --git a/cpp/common/test/codeql-pack.lock.yml b/cpp/common/test/codeql-pack.lock.yml index 98fd8cb0ea..95e394b2f4 100644 --- a/cpp/common/test/codeql-pack.lock.yml +++ b/cpp/common/test/codeql-pack.lock.yml @@ -1,6 +1,8 @@ --- dependencies: codeql/cpp-all: - version: 0.3.1 + version: 0.4.0 + codeql/ssa: + version: 0.0.1 compiled: false lockVersion: 1.0.0 diff --git a/cpp/misra/src/codeql-pack.lock.yml b/cpp/misra/src/codeql-pack.lock.yml index 98fd8cb0ea..95e394b2f4 100644 --- a/cpp/misra/src/codeql-pack.lock.yml +++ b/cpp/misra/src/codeql-pack.lock.yml @@ -1,6 +1,8 @@ --- dependencies: codeql/cpp-all: - version: 0.3.1 + version: 0.4.0 + codeql/ssa: + version: 0.0.1 compiled: false lockVersion: 1.0.0 diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index 2156a1d22f..8880350a66 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/misra-cpp-coding-standards version: 2.6.0-dev dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.3.1 + codeql/cpp-all: 0.4.0 diff --git a/cpp/misra/test/codeql-pack.lock.yml b/cpp/misra/test/codeql-pack.lock.yml index 98fd8cb0ea..95e394b2f4 100644 --- a/cpp/misra/test/codeql-pack.lock.yml +++ b/cpp/misra/test/codeql-pack.lock.yml @@ -1,6 +1,8 @@ --- dependencies: codeql/cpp-all: - version: 0.3.1 + version: 0.4.0 + codeql/ssa: + version: 0.0.1 compiled: false lockVersion: 1.0.0 diff --git a/cpp/report/src/codeql-pack.lock.yml b/cpp/report/src/codeql-pack.lock.yml index 98fd8cb0ea..95e394b2f4 100644 --- a/cpp/report/src/codeql-pack.lock.yml +++ b/cpp/report/src/codeql-pack.lock.yml @@ -1,6 +1,8 @@ --- dependencies: codeql/cpp-all: - version: 0.3.1 + version: 0.4.0 + codeql/ssa: + version: 0.0.1 compiled: false lockVersion: 1.0.0 diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index c85d14cd4e..c64d2ae3e6 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,4 +1,4 @@ name: codeql/report-cpp-coding-standards version: 2.6.0-dev dependencies: - codeql/cpp-all: 0.3.1 + codeql/cpp-all: 0.4.0 diff --git a/supported_codeql_configs.json b/supported_codeql_configs.json index 52435c7ac1..da79ca3c10 100644 --- a/supported_codeql_configs.json +++ b/supported_codeql_configs.json @@ -1,9 +1,9 @@ { "supported_environment": [ { - "codeql_cli": "2.10.1", - "codeql_standard_library": "codeql-cli/v2.10.1", - "codeql_cli_bundle": "codeql-bundle-20220714" + "codeql_cli": "2.11.0", + "codeql_standard_library": "codeql-cli/v2.11.0", + "codeql_cli_bundle": "codeql-bundle-20220923" } ], "supported_language" : [ From 422b00b929f92a0bdf48c614974ed0c5b9280884 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 31 Oct 2022 16:30:34 -0400 Subject: [PATCH 0048/2573] language2 --- rules.csv | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rules.csv b/rules.csv index ec8b29eaf9..8cd7a19ed4 100644 --- a/rules.csv +++ b/rules.csv @@ -617,7 +617,7 @@ c,MISRA-C-2012,RULE-4-12,Yes,Required,,,Dynamic memory allocation shall not be u c,MISRA-C-2012,RULE-4-13,Yes,Advisory,,,Functions which are designed to provide operations on a resource should be called in an appropriate sequence,,Contracts,Hard, c,MISRA-C-2012,RULE-4-14,Yes,Required,,,The validity of values received from external sources shall be checked,,Contracts,Hard, c,MISRA-C-2012,RULE-1-1,Yes,Required,,,"The program shall contain no violations of the standard C syntax and constraints, and shall not exceed the implementation�s translation limits",,Language,Easy, -c,MISRA-C-2012,RULE-1-2,Yes,Advisory,,,Language extensions should not be used,,Language,Easy, +c,MISRA-C-2012,RULE-1-2,Yes,Advisory,,,Language extensions should not be used,,Language2,Hard, c,MISRA-C-2012,RULE-1-3,Yes,Required,,,There shall be no occurrence of undefined or critical unspecified behaviour,,Language,Hard, c,MISRA-C-2012,RULE-1-4,Yes,Required,,,Emergent language features shall not be used,,Language,Medium, c,MISRA-C-2012,RULE-2-1,Yes,Required,,,A project shall not contain unreachable code,M0-1-1,DeadCode,Import, From 833f719971739076b2403edc877e6b4c54ac30e8 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Mon, 31 Oct 2022 17:37:42 -0400 Subject: [PATCH 0049/2573] Language2: add test RULE-1-4 --- c/misra/test/rules/RULE-1-4/test.c | 26 ++++++++++++++++++++++++++ c/misra/test/rules/RULE-1-4/test1.c | 1 + rules.csv | 2 +- 3 files changed, 28 insertions(+), 1 deletion(-) create mode 100644 c/misra/test/rules/RULE-1-4/test.c create mode 100644 c/misra/test/rules/RULE-1-4/test1.c diff --git a/c/misra/test/rules/RULE-1-4/test.c b/c/misra/test/rules/RULE-1-4/test.c new file mode 100644 index 0000000000..126801f9e8 --- /dev/null +++ b/c/misra/test/rules/RULE-1-4/test.c @@ -0,0 +1,26 @@ +#include //NON_COMPLIANT +#include //NON_COMPLIANT +#include //NON_COMPLIANT +#include //NON_COMPLIANT + +#define MACRO(x) _Generic((x), int : 0, long : 1) // NON_COMPLIANT +#define __STDC_WANT_LIB_EXT1__ 0 // COMPLIANT + +_Noreturn void f0(); // NON_COMPLIANT + +typedef int new_type; // COMPLIANT +typedef _Atomic new_type atomic_new_type; // NON_COMPLIANT + +void f(int p) { + int i0 = _Generic(p, int : 0, long : 1); // NON_COMPLIANT + + _Atomic int i; // NON_COMPLIANT + + _Alignas(4) int i1; // NON_COMPLIANT + alignas(4) int i2; // NON_COMPLIANT + int a = _Alignof(int); // NON_COMPLIANT + int a1 = alignof(int); // NON_COMPLIANT + + static thread_local int i3; // NON_COMPLIANT + static _Thread_local int i4; // NON_COMPLIANT +} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-1-4/test1.c b/c/misra/test/rules/RULE-1-4/test1.c new file mode 100644 index 0000000000..bb3f3cfe9b --- /dev/null +++ b/c/misra/test/rules/RULE-1-4/test1.c @@ -0,0 +1 @@ +#define __STDC_WANT_LIB_EXT1__ 1 // NON_COMPLIANT \ No newline at end of file diff --git a/rules.csv b/rules.csv index ec8b29eaf9..ff8d4970cc 100644 --- a/rules.csv +++ b/rules.csv @@ -619,7 +619,7 @@ c,MISRA-C-2012,RULE-4-14,Yes,Required,,,The validity of values received from ext c,MISRA-C-2012,RULE-1-1,Yes,Required,,,"The program shall contain no violations of the standard C syntax and constraints, and shall not exceed the implementation�s translation limits",,Language,Easy, c,MISRA-C-2012,RULE-1-2,Yes,Advisory,,,Language extensions should not be used,,Language,Easy, c,MISRA-C-2012,RULE-1-3,Yes,Required,,,There shall be no occurrence of undefined or critical unspecified behaviour,,Language,Hard, -c,MISRA-C-2012,RULE-1-4,Yes,Required,,,Emergent language features shall not be used,,Language,Medium, +c,MISRA-C-2012,RULE-1-4,Yes,Required,,,Emergent language features shall not be used,,Language2,Medium, c,MISRA-C-2012,RULE-2-1,Yes,Required,,,A project shall not contain unreachable code,M0-1-1,DeadCode,Import, c,MISRA-C-2012,RULE-2-2,Yes,Required,,,There shall be no dead code,M0-1-9,DeadCode,Import, c,MISRA-C-2012,RULE-2-3,Yes,Advisory,,,A project should not contain unused type declarations,A0-1-6,DeadCode,Import, From c38fe8c7125f41f2bfde46a04bce924535a31430 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Tue, 1 Nov 2022 02:28:22 +0100 Subject: [PATCH 0050/2573] Rule ERR33-C --- .../DetectAndHandleStandardLibraryErrors.md | 379 ++++++++++++++++++ .../DetectAndHandleStandardLibraryErrors.ql | 207 ++++++++++ ...ectAndHandleStandardLibraryErrors.expected | 12 + ...DetectAndHandleStandardLibraryErrors.qlref | 1 + c/cert/test/rules/ERR33-C/test.c | 137 +++++++ .../cpp/exclusions/c/Contracts5.qll | 42 ++ .../cpp/exclusions/c/RuleMetadata.qll | 3 + rule_packages/c/Contracts5.json | 38 ++ rules.csv | 4 +- 9 files changed, 821 insertions(+), 2 deletions(-) create mode 100644 c/cert/src/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.md create mode 100644 c/cert/src/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.ql create mode 100644 c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected create mode 100644 c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.qlref create mode 100644 c/cert/test/rules/ERR33-C/test.c create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/Contracts5.qll create mode 100644 rule_packages/c/Contracts5.json diff --git a/c/cert/src/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.md b/c/cert/src/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.md new file mode 100644 index 0000000000..6803f83290 --- /dev/null +++ b/c/cert/src/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.md @@ -0,0 +1,379 @@ +# ERR33-C: Detect and handle standard library errors + +This query implements the CERT-C rule ERR33-C: + +> Detect and handle standard library errors + + +## Description + +The majority of the standard library functions, including I/O functions and memory allocation functions, return either a valid value or a value of the correct return type that indicates an error (for example, −1 or a null pointer). Assuming that all calls to such functions will succeed and failing to check the return value for an indication of an error is a dangerous practice that may lead to [unexpected](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-unexpectedbehavior) or [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior) when an error occurs. It is essential that programs detect and appropriately handle all errors in accordance with an error-handling policy. + +The successful completion or failure of each of the standard library functions listed in the following table shall be determined either by comparing the function’s return value with the value listed in the column labeled “Error Return” or by calling one of the library functions mentioned in the footnotes. + +**Standard Library Functions** + +
Function Successful Return Error Return
aligned_alloc() Pointer to space NULL
asctime_s() 0 Nonzero
at_quick_exit() 0 Nonzero
atexit() 0 Nonzero
bsearch() Pointer to matching element NULL
bsearch_s() Pointer to matching element NULL
btowc() Converted wide character WEOF
c16rtomb() Number of bytes (size_t)(-1)
c32rtomb() Number of bytes (size_t)(-1)
calloc() Pointer to space NULL
clock() Processor time (clock_t)(-1)
cnd_broadcast() thrd_success thrd_error
cnd_init() thrd_success thrd_nomem or thrd_error
cnd_signal() thrd_success thrd_error
cnd_timedwait() thrd_success thrd_timedout or thrd_error
cnd_wait() thrd_success thrd_error
ctime_s() 0 Nonzero
fclose() 0 EOF (negative)
fflush() 0 EOF (negative)
fgetc() Character read EOF 1
fgetpos() 0 Nonzero, errno > 0
fgets() Pointer to string NULL
fgetwc() Wide character read WEOF 1
fopen() Pointer to stream NULL
fopen_s() 0 Nonzero
fprintf() Number of characters (nonnegative) Negative
fprintf_s() Number of characters (nonnegative) Negative
fputc() Character written EOF 2
fputs() Nonnegative EOF (negative)
fputwc() Wide character written WEOF
fputws() Nonnegative EOF (negative)
fread() Elements read Elements read
freopen() Pointer to stream NULL
freopen_s() 0 Nonzero
fscanf() Number of conversions (nonnegative) EOF (negative)
fscanf_s() Number of conversions (nonnegative) EOF (negative)
fseek() 0 Nonzero
fsetpos() 0 Nonzero, errno > 0
ftell() File position −1L , errno > 0
fwprintf() Number of wide characters (nonnegative) Negative
fwprintf_s() Number of wide characters (nonnegative) Negative
fwrite() Elements written Elements written
fwscanf() Number of conversions (nonnegative) EOF (negative)
fwscanf_s() Number of conversions (nonnegative) EOF (negative)
getc() Character read EOF 1
getchar() Character read EOF 1
getenv() Pointer to string NULL
getenv_s() Pointer to string NULL
gets_s() Pointer to string NULL
getwc() Wide character read WEOF
getwchar() Wide character read WEOF
gmtime() Pointer to broken-down time NULL
gmtime_s() Pointer to broken-down time NULL
localtime() Pointer to broken-down time NULL
localtime_s() Pointer to broken-down time NULL
malloc() Pointer to space NULL
mblen(), s != NULL Number of bytes −1
mbrlen(), s != NULL Number of bytes or status (size_t)(-1)
mbrtoc16() Number of bytes or status (size_t)(-1) , errno == EILSEQ
mbrtoc32() Number of bytes or status (size_t)(-1) , errno == EILSEQ
mbrtowc(), s != NULL Number of bytes or status (size_t)(-1) , errno == EILSEQ
mbsrtowcs() Number of non-null elements (size_t)(-1) , errno == EILSEQ
mbsrtowcs_s() 0 Nonzero
mbstowcs() Number of non-null elements (size_t)(-1)
mbstowcs_s() 0 Nonzero
mbtowc(), s != NULL Number of bytes −1
memchr() Pointer to located character NULL
mktime() Calendar time (time_t)(-1)
mtx_init() thrd_success thrd_error
mtx_lock() thrd_success thrd_error
mtx_timedlock() thrd_success thrd_timedout or thrd_error
mtx_trylock() thrd_success thrd_busy or thrd_error
mtx_unlock() thrd_success thrd_error
printf_s() Number of characters (nonnegative) Negative
putc() Character written EOF 2
putwc() Wide character written WEOF
raise() 0 Nonzero
realloc() Pointer to space NULL
remove() 0 Nonzero
rename() 0 Nonzero
setlocale() Pointer to string NULL
setvbuf() 0 Nonzero
scanf() Number of conversions (nonnegative) EOF (negative)
scanf_s() Number of conversions (nonnegative) EOF (negative)
signal() Pointer to previous function SIG_ERR , errno > 0
snprintf() Number of characters that would be written (nonnegative) Negative
snprintf_s() Number of characters that would be written (nonnegative) Negative
sprintf() Number of non-null characters written Negative
sprintf_s() Number of non-null characters written Negative
sscanf() Number of conversions (nonnegative) EOF (negative)
sscanf_s() Number of conversions (nonnegative) EOF (negative)
strchr() Pointer to located character NULL
strerror_s() 0 Nonzero
strftime() Number of non-null characters 0
strpbrk() Pointer to located character NULL
strrchr() Pointer to located character NULL
strstr() Pointer to located string NULL
strtod() Converted value 0 , errno == ERANGE
strtof() Converted value 0 , errno == ERANGE
strtoimax() Converted value INTMAX_MAX or INTMAX_MIN , errno == ERANGE
strtok() Pointer to first character of a token NULL
strtok_s() Pointer to first character of a token NULL
strtol() Converted value LONG_MAX or LONG_MIN , errno == ERANGE
strtold() Converted value 0, errno == ERANGE
strtoll() Converted value LLONG_MAX or LLONG_MIN , errno == ERANGE
strtoumax() Converted value UINTMAX_MAX , errno == ERANGE
strtoul() Converted value ULONG_MAX , errno == ERANGE
strtoull() Converted value ULLONG_MAX , errno == ERANGE
strxfrm() Length of transformed string >= n
swprintf() Number of non-null wide characters Negative
swprintf_s() Number of non-null wide characters Negative
swscanf() Number of conversions (nonnegative) EOF (negative)
swscanf_s() Number of conversions (nonnegative) EOF (negative)
thrd_create() thrd_success thrd_nomem or thrd_error
thrd_detach() thrd_success thrd_error
thrd_join() thrd_success thrd_error
thrd_sleep() 0 Negative
time() Calendar time (time_t)(-1)
timespec_get() Base 0
tmpfile() Pointer to stream NULL
tmpfile_s() 0 Nonzero
tmpnam() Non-null pointer NULL
tmpnam_s() 0 Nonzero
tss_create() thrd_success thrd_error
tss_get() Value of thread-specific storage 0
tss_set() thrd_success thrd_error
ungetc() Character pushed back EOF (see below )
ungetwc() Character pushed back WEOF
vfprintf() Number of characters (nonnegative) Negative
vfprintf_s() Number of characters (nonnegative) Negative
vfscanf() Number of conversions (nonnegative) EOF (negative)
vfscanf_s() Number of conversions (nonnegative) EOF (negative)
vfwprintf() Number of wide characters (nonnegative) Negative
vfwprintf_s() Number of wide characters (nonnegative) Negative
vfwscanf() Number of conversions (nonnegative) EOF (negative)
vfwscanf_s() Number of conversions (nonnegative) EOF (negative)
vprintf_s() Number of characters (nonnegative) Negative
vscanf() Number of conversions (nonnegative) EOF (negative)
vscanf_s() Number of conversions (nonnegative) EOF (negative)
vsnprintf() Number of characters that would be written (nonnegative) Negative
vsnprintf_s() Number of characters that would be written (nonnegative) Negative
vsprintf() Number of non-null characters (nonnegative) Negative
vsprintf_s() Number of non-null characters (nonnegative) Negative
vsscanf() Number of conversions (nonnegative) EOF (negative)
vsscanf_s() Number of conversions (nonnegative) EOF (negative)
vswprintf() Number of non-null wide characters Negative
vswprintf_s() Number of non-null wide characters Negative
vswscanf() Number of conversions (nonnegative) EOF (negative)
vswscanf_s() Number of conversions (nonnegative) EOF (negative)
vwprintf_s() Number of wide characters (nonnegative) Negative
vwscanf() Number of conversions (nonnegative) EOF (negative)
vwscanf_s() Number of conversions (nonnegative) EOF (negative)
wcrtomb() Number of bytes stored (size_t)(-1)
wcschr() Pointer to located wide character NULL
wcsftime() Number of non-null wide characters 0
wcspbrk() Pointer to located wide character NULL
wcsrchr() Pointer to located wide character NULL
wcsrtombs() Number of non-null bytes (size_t)(-1) , errno == EILSEQ
wcsrtombs_s() 0 Nonzero
wcsstr() Pointer to located wide string NULL
wcstod() Converted value 0 , errno == ERANGE
wcstof() Converted value 0 , errno == ERANGE
wcstoimax() Converted value INTMAX_MAX or INTMAX_MIN , errno == ERANGE
wcstok() Pointer to first wide character of a token NULL
wcstok_s() Pointer to first wide character of a token NULL
wcstol() Converted value LONG_MAX or LONG_MIN , errno == ERANGE
wcstold() Converted value 0 , errno == ERANGE
wcstoll() Converted value LLONG_MAX or LLONG_MIN , errno == ERANGE
wcstombs() Number of non-null bytes (size_t)(-1)
wcstombs_s() 0 Nonzero
wcstoumax() Converted value UINTMAX_MAX , errno == ERANGE
wcstoul() Converted value ULONG_MAX , errno == ERANGE
wcstoull() Converted value ULLONG_MAX , errno == ERANGE
wcsxfrm() Length of transformed wide string >= n
wctob() Converted character EOF
wctomb(), s != NULL Number of bytes stored −1
wctomb_s(), s != NULL Number of bytes stored −1
wctrans() Valid argument to towctrans 0
wctype() Valid argument to iswctype 0
wmemchr() Pointer to located wide character NULL
wprintf_s() Number of wide characters (nonnegative) Negative
wscanf() Number of conversions (nonnegative) EOF (negative)
wscanf_s() Number of conversions (nonnegative) EOF (negative)
+Note: According to [FIO35-C](https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=87152389)[. Use feof() and ferror() to detect end-of-file and file errors when sizeof(int) == sizeof(char)](https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=87152389), callers should verify end-of-file and file errors for the functions in this table as follows: + + +1 By calling `ferror()` and `feof()`2 By calling `ferror()` + +The `ungetc()` function does not set the error indicator even when it fails, so it is not possible to check for errors reliably unless it is known that the argument is not equal to `EOF`. The C Standard \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\] states that "one character of pushback is guaranteed," so this should not be an issue if, at most, one character is ever pushed back before reading again. (See [FIO13-C](https://wiki.sei.cmu.edu/confluence/display/c/FIO13-C.+Never+push+back+anything+other+than+one+read+character)[. Never push back anything other than one read character](https://wiki.sei.cmu.edu/confluence/display/c/FIO13-C.+Never+push+back+anything+other+than+one+read+character).) + +## Noncompliant Code Example (setlocale()) + +In this noncompliant code example, the function `utf8_to_wcs()` attempts to convert a sequence of UTF-8 characters to wide characters. It first invokes `setlocale()` to set the global locale to the implementation-defined `en_US.UTF-8` but does not check for failure. The `setlocale()` function will fail by returning a null pointer, for example, when the locale is not installed. The function may fail for other reasons as well, such as the lack of resources. Depending on the sequence of characters pointed to by `utf8`, the subsequent call to `mbstowcs()` may fail or result in the function storing an unexpected sequence of wide characters in the supplied buffer `wcs`. + +```cpp +#include +#include + +int utf8_to_wcs(wchar_t *wcs, size_t n, const char *utf8, + size_t *size) { + if (NULL == size) { + return -1; + } + setlocale(LC_CTYPE, "en_US.UTF-8"); + *size = mbstowcs(wcs, utf8, n); + return 0; +} + +``` + +## Compliant Solution (setlocale()) + +This compliant solution checks the value returned by `setlocale()` and avoids calling `mbstowcs()` if the function fails. The function also takes care to restore the locale to its initial setting before returning control to the caller. + +```cpp +#include +#include + +int utf8_to_wcs(wchar_t *wcs, size_t n, const char *utf8, + size_t *size) { + if (NULL == size) { + return -1; + } + const char *save = setlocale(LC_CTYPE, "en_US.UTF-8"); + if (NULL == save) { + return -1; + } + + *size = mbstowcs(wcs, utf8, n); + if (NULL == setlocale(LC_CTYPE, save)) { + return -1; + } + return 0; +} + +``` + +## Noncompliant Code Example (calloc()) + +In this noncompliant code example, `temp_num`,` tmp2`, and `num_of_records` are derived from a [tainted source](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-taintedsource). Consequently, an attacker can easily cause `calloc()` to fail by providing a large value for `num_of_records`. + +```cpp +#include +#include + +enum { SIG_DESC_SIZE = 32 }; + +typedef struct { + char sig_desc[SIG_DESC_SIZE]; +} signal_info; + +void func(size_t num_of_records, size_t temp_num, + const char *tmp2, size_t tmp2_size_bytes) { + signal_info *start = (signal_info *)calloc(num_of_records, + sizeof(signal_info)); + + if (tmp2 == NULL) { + /* Handle error */ + } else if (temp_num > num_of_records) { + /* Handle error */ + } else if (tmp2_size_bytes < SIG_DESC_SIZE) { + /* Handle error */ + } + + signal_info *point = start + temp_num - 1; + memcpy(point->sig_desc, tmp2, SIG_DESC_SIZE); + point->sig_desc[SIG_DESC_SIZE - 1] = '\0'; + /* ... */ + free(start); +} +``` +When `calloc()` fails, it returns a null pointer that is assigned to `start`. If `start` is null, an attacker can provide a value for `temp_num` that, when scaled by `sizeof(signal_info)`, references a writable address to which control is eventually transferred. The contents of the string referenced by `tmp2` can then be used to overwrite the address, resulting in an arbitrary code execution [vulnerability](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability). + +## Compliant Solution (calloc()) + +To correct this error, ensure the pointer returned by `calloc()` is not null: + +```cpp +#include +#include + +enum { SIG_DESC_SIZE = 32 }; + +typedef struct { + char sig_desc[SIG_DESC_SIZE]; +} signal_info; + +void func(size_t num_of_records, size_t temp_num, + const char *tmp2, size_t tmp2_size_bytes) { + signal_info *start = (signal_info *)calloc(num_of_records, + sizeof(signal_info)); + if (start == NULL) { + /* Handle allocation error */ + } else if (tmp2 == NULL) { + /* Handle error */ + } else if (temp_num > num_of_records) { + /* Handle error */ + } else if (tmp2_size_bytes < SIG_DESC_SIZE) { + /* Handle error */ + } + + signal_info *point = start + temp_num - 1; + memcpy(point->sig_desc, tmp2, SIG_DESC_SIZE); + point->sig_desc[SIG_DESC_SIZE - 1] = '\0'; + /* ... */ + free(start); +} +``` + +## Noncompliant Code Example (realloc()) + +This noncompliant code example calls `realloc()` to resize the memory referred to by `p`. However, if `realloc()` fails, it returns a null pointer and the connection between the original block of memory and `p` is lost, resulting in a memory leak. + +```cpp +#include + +void *p; +void func(size_t new_size) { + if (new_size == 0) { + /* Handle error */ + } + p = realloc(p, new_size); + if (p == NULL) { + /* Handle error */ + } +} +``` +This code example complies with [MEM04-C](https://wiki.sei.cmu.edu/confluence/display/c/MEM04-C.+Beware+of+zero-length+allocations)[. Do not perform zero-length allocations](https://wiki.sei.cmu.edu/confluence/display/c/MEM04-C.+Beware+of+zero-length+allocations). + +## Compliant Solution (realloc()) + +In this compliant solution, the result of `realloc()` is assigned to the temporary pointer `q` and validated before it is assigned to the original pointer `p`: + +```cpp +#include + +void *p; +void func(size_t new_size) { + void *q; + + if (new_size == 0) { + /* Handle error */ + } + + q = realloc(p, new_size); + if (q == NULL) { + /* Handle error */ + } else { + p = q; + } +} +``` + +## Noncompliant Code Example (fseek()) + +In this noncompliant code example, the `fseek()` function is used to set the file position to a location `offset` in the file referred to by `file` prior to reading a sequence of bytes from the file. However, if an I/O error occurs during the seek operation, the subsequent read will fill the buffer with the wrong contents. + +```cpp +#include + +size_t read_at(FILE *file, long offset, + void *buf, size_t nbytes) { + fseek(file, offset, SEEK_SET); + return fread(buf, 1, nbytes, file); +} + +``` + +## Compliant Solution (fseek()) + +According to the C Standard, the `fseek()` function returns a nonzero value to indicate that an error occurred. This compliant solution tests for this condition before reading from a file to eliminate the chance of operating on the wrong portion of the file if `fseek()` fails: + +```cpp +#include + +size_t read_at(FILE *file, long offset, + void *buf, size_t nbytes) { + if (fseek(file, offset, SEEK_SET) != 0) { + /* Indicate error to caller */ + return 0; + } + return fread(buf, 1, nbytes, file); +} + +``` + +## Noncompliant Code Example (snprintf()) + +In this noncompliant code example, `snprintf()` is assumed to succeed. However, if the call fails (for example, because of insufficient memory, as described in GNU libc bug [441945](http://bugzilla.redhat.com/show_bug.cgi?id=441945)), the subsequent call to `log_message()` has [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior) because the character buffer is uninitialized and need not be null-terminated. + +```cpp +#include + +extern void log_message(const char *); + +void f(int i, int width, int prec) { + char buf[40]; + snprintf(buf, sizeof(buf), "i = %*.*i", width, prec, i); + log_message(buf); + /* ... */ +} + +``` + +## Compliant Solution (snprintf()) + +This compliant solution does not assume that `snprintf()` will succeed regardless of its arguments. It tests the return value of `snprintf()` before subsequently using the formatted buffer. This compliant solution also treats the case where the static buffer is not large enough for `snprintf()` to append the terminating null character as an error. + +```cpp +#include +#include + +extern void log_message(const char *); + +void f(int i, int width, int prec) { + char buf[40]; + int n; + n = snprintf(buf, sizeof(buf), "i = %*.*i", width, prec, i); + if (n < 0 || n >= sizeof(buf)) { + /* Handle snprintf() error */ + strcpy(buf, "unknown error"); + } + log_message(buf); +} + +``` + +## Compliant Solution (snprintf(null)) + +If unknown, the length of the formatted string can be discovered by invoking `snprintf()` with a null buffer pointer to determine the size required for the output, then dynamically allocating a buffer of sufficient size, and finally calling `snprintf()` again to format the output into the dynamically allocated buffer. Even with this approach, the success of all calls still needs to be tested, and any errors must be appropriately handled. A possible optimization is to first attempt to format the string into a reasonably small buffer allocated on the stack and, only when the buffer turns out to be too small, dynamically allocate one of a sufficient size: + +```cpp +#include +#include +#include + +extern void log_message(const char *); + +void f(int i, int width, int prec) { + char buffer[20]; + char *buf = buffer; + int n = sizeof(buffer); + const char fmt[] = "i = %*.*i"; + + n = snprintf(buf, n, fmt, width, prec, i); + if (n < 0) { + /* Handle snprintf() error */ + strcpy(buffer, "unknown error"); + goto write_log; + } + + if (n < sizeof(buffer)) { + goto write_log; + } + + buf = (char *)malloc(n + 1); + if (NULL == buf) { + /* Handle malloc() error */ + strcpy(buffer, "unknown error"); + goto write_log; + } + + n = snprintf(buf, n, fmt, width, prec, i); + if (n < 0) { + /* Handle snprintf() error */ + strcpy(buffer, "unknown error"); + } + +write_log: + log_message(buf); + + if (buf != buffer) { + free(buf); + } +} + +``` +This solution uses the `goto` statement, as suggested in [MEM12-C](https://wiki.sei.cmu.edu/confluence/display/c/MEM12-C.+Consider+using+a+goto+chain+when+leaving+a+function+on+error+when+using+and+releasing+resources)[. Consider using a goto chain when leaving a function on error when using and releasing resources](https://wiki.sei.cmu.edu/confluence/display/c/MEM12-C.+Consider+using+a+goto+chain+when+leaving+a+function+on+error+when+using+and+releasing+resources). + +## Exceptions + +**ERR33-C-EX1:** It is acceptable to ignore the return value of a function if: + +* that function cannot fail. +* its return value is inconsequential; that is, it does not indicate an error. +* it is one of a handful of functions whose return values are not traditionally checked. These functions are listed in the following table: +**Functions for which Return Values Need Not Be Checked** + +
Function Successful Return Error Return
putchar() Character written EOF
putwchar() Wide character written WEOF
puts() Nonnegative EOF (negative)
printf() , vprintf() Number of characters (nonnegative) Negative
wprintf() , vwprintf() Number of wide characters (nonnegative) Negative
kill_dependency() The input parameter NA
memcpy() , wmemcpy() The destination input parameter NA
memmove() , wmemmove() The destination input parameter NA
strcpy() , wcscpy() The destination input parameter NA
strncpy() , wcsncpy() The destination input parameter NA
strcat() , wcscat() The destination input parameter NA
strncat() , wcsncat() The destination input parameter NA
memset() , wmemset() The destination input parameter NA
+The function's results should be explicitly cast to `void` to signify programmer intent: + + +```cpp +int main() { + (void) printf("Hello, world\n"); // printf() return value safely ignored +} + +``` + +## Risk Assessment + +Failing to detect error conditions can lead to unpredictable results, including [abnormal program termination](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-abnormaltermination) and [denial-of-service attacks](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-denial-of-service) or, in some situations, could even allow an attacker to run arbitrary code. + +
Rule Severity Likelihood Remediation Cost Priority Level
ERR33-C High Likely Medium P18 L1
+ + +## Automated Detection + +
Tool Version Checker Description
Astrée 22.04 error-information-unusederror-information-unused-computed Partially checked
Axivion Bauhaus Suite 7.2.0 CertC-ERR33
CodeSonar 7.1p0 LANG.FUNCS.IRV Ignored return value
Compass/ROSE Can detect violations of this recommendation when checking for violations of EXP12-C. Do not ignore values returned by functions and EXP34-C . Do not dereference null pointers
Coverity 2017.07 MISRA C 2012 Rule 22.8 MISRA C 2012 Rule 22.9 MISRA C 2012 Rule 22.10 Implemented
Helix QAC 2022.3 C3200 C++2820, C++2821, C++2822, C++2823, C++2824, C++2930, C++2931, C++2932, C++2933, C++2934, C++3802, C++3803, C++3804
Klocwork 2022.3 NPD.CHECK.MUST NPD.FUNC.MUST SV.RVT.RETVAL_NOTTESTED
LDRA tool suite 9.7.1 80 D Partially implemented
Parasoft C/C++test 2022.1 CERT_C-ERR33-a CERT_C-ERR33-b CERT_C-ERR33-c CERT_C-ERR33-d The value returned by a function having non-void return type shall be used The value returned by a function having non-void return type shall be used Avoid null pointer dereferencing Always check the returned value of non-void function
Parasoft Insure++ Runtime analysis
PC-lint Plus 1.4 534 Partially supported
Polyspace Bug Finder R2022b CERT C: Rule ERR33-C Checks for: Errno not checkedrrno not checked, return value of a sensitive function not checkedeturn value of a sensitive function not checked, unprotected dynamic memory allocationnprotected dynamic memory allocation. Rule partially covered.
PRQA QA-C 9.7 3200 Partially implemented
PRQA QA-C++ 4.4 2820, 2821, 2822, 2823, 2824, 2930, 2931, 2932, 2933, 2934, 3802, 3803, 3804
RuleChecker 22.04 error-information-unused Partially checked
TrustInSoft Analyzer 1.38 pointer arithmetic Exhaustively verified.
+ + +## Related Vulnerabilities + +The [vulnerability](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) in Adobe Flash \[[VU\#159523](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-VU%23159523)\] arises because Flash neglects to check the return value from `calloc()`. Even when `calloc()` returns a null pointer, Flash writes to an offset from the return value. Dereferencing a null pointer usually results in a program crash, but dereferencing an offset from a null pointer allows an [exploit](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-exploit) to succeed without crashing the program. + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+ERR33-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
Taxonomy Taxonomy item Relationship
CERT C Secure Coding Standard ERR00-C. Adopt and implement a consistent and comprehensive error-handling policy Prior to 2018-01-12: CERT: Unspecified Relationship
CERT C Secure Coding Standard EXP34-C . Do not dereference null pointers Prior to 2018-01-12: CERT: Unspecified Relationship
CERT C Secure Coding Standard FIO13-C . Never push back anything other than one read character Prior to 2018-01-12: CERT: Unspecified Relationship
CERT C Secure Coding Standard MEM04-C . Do not perform zero-length allocations Prior to 2018-01-12: CERT: Unspecified Relationship
CERT C Secure Coding Standard MEM12-C . Consider using a goto chain when leaving a function on error when using and releasing resources Prior to 2018-01-12: CERT: Unspecified Relationship
CERT C ERR10-CPP. Check for error conditions Prior to 2018-01-12: CERT: Unspecified Relationship
CERT C FIO04-CPP. Detect and handle input and output errors Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TS 17961:2013 Failing to detect and handle standard library errors \[liberr\] Prior to 2018-01-12: CERT: Unspecified Relationship
CWE 2.11 CWE-252 , Unchecked Return Value 2017-07-06: CERT: Partial overlap
CWE 2.11 CWE-253 , Incorrect Check of Function Return Value 2017-07-06: CERT: Partial overlap
CWE 2.11 CWE-391 , Unchecked Error Condition 2017-07-06: CERT: Rule subset of CWE
+ + +## CERT-CWE Mapping Notes + +[Key here](https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=87152408#HowthisCodingStandardisOrganized-CERT-CWEMappingNotes) for mapping notes + +**CWE-252/CWE-253/CWE-391 and ERR33-C/POS34-C** + +Independent( ERR33-C, POS54-C, FLP32-C, ERR34-C) Intersection( CWE-252, CWE-253) = Ø CWE-391 = Union( CWE-252, CWE-253) CWE-391 = Union( ERR33-C, POS34-C, list) where list = + +* Ignoring return values of functions outside the C or POSIX standard libraries + +## Bibliography + +
\[ DHS 2006 \] Handle All Errors Safely
\[ Henricson 1997 \] Recommendation 12.1, "Check for All Errors Reported from Functions"
\[ ISO/IEC 9899:2011 \] Subclause 7.21.7.10, "The ungetc Function"
\[ VU\#159523 \]
+ + +## Implementation notes + +None + +## References + +* CERT-C: [ERR33-C: Detect and handle standard library errors](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.ql b/c/cert/src/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.ql new file mode 100644 index 0000000000..03146d6b80 --- /dev/null +++ b/c/cert/src/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.ql @@ -0,0 +1,207 @@ +/** + * @id c/cert/detect-and-handle-standard-library-errors + * @name ERR33-C: Detect and handle standard library errors + * @description Detect and handle standard library errors. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/cert/id/err33-c + * correctness + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import semmle.code.cpp.commons.NULL +import codingstandards.cpp.ReadErrorsAndEOF +import semmle.code.cpp.dataflow.DataFlow + +/** + * Classifies error returning function calls based on the + * type and value of the required checked + */ +class ExpectedErrReturn extends FunctionCall { + Expr errValue; + string errOperator; + + ExpectedErrReturn() { + errOperator = ["==", "!="] and + ( + errValue.(Literal).getValue() = "0" and + this.getTarget() + .hasName([ + "asctime_s", "at_quick_exit", "atexit", "ctime_s", "fgetpos", "fopen_s", "freopen_s", + "fseek", "fsetpos", "mbsrtowcs_s", "mbstowcs_s", "raise", "remove", "rename", + "setvbuf", "strerror_s", "strftime", "strtod", "strtof", "strtold", "timespec_get", + "tmpfile_s", "tmpnam_s", "tss_get", "wcsftime", "wcsrtombs_s", "wcstod", "wcstof", + "wcstold", "wcstombs_s", "wctrans", "wctype" + ]) + or + errValue instanceof NULL and + this.getTarget() + .hasName([ + "aligned_alloc", "bsearch_s", "bsearch", "calloc", "fgets", "fopen", "freopen", + "getenv_s", "getenv", "gets_s", "gmtime_s", "gmtime", "localtime_s", "localtime", + "malloc", "memchr", "realloc", "setlocale", "strchr", "strpbrk", "strrchr", "strstr", + "strtok_s", "strtok", "tmpfile", "tmpnam", "wcschr", "wcspbrk", "wcsrchr", "wcsstr", + "wcstok_s", "wcstok", "wmemchr" + ]) + or + errValue = any(EOFInvocation i).getExpr() and + this.getTarget() + .hasName([ + "fclose", "fflush", "fputs", "fputws", "fscanf_s", "fscanf", "fwscanf_s", "fwscanf", + "scanf_s", "scanf", "sscanf_s", "sscanf", "swscanf_s", "swscanf", "ungetc", + "vfscanf_s", "vfscanf", "vfwscanf_s", "vfwscanf", "vscanf_s", "vscanf", "vsscanf_s", + "vsscanf", "vswscanf_s", "vswscanf", "vwscanf_s", "vwscanf", "wctob", "wscanf_s", + "wscanf", "fgetc", "fputc", "getc", "getchar", "putc", "putchar", "puts" + ]) + or + errValue = any(WEOFInvocation i).getExpr() and + this.getTarget() + .hasName([ + "btowc", "fgetwc", "fputwc", "getwc", "getwchar", "putwc", "ungetwc", "putwchar" + ]) + or + errValue = any(EnumConstantAccess i | i.toString() = "thrd_error") and + this.getTarget() + .hasName([ + "cnd_broadcast", "cnd_init", "cnd_signal", "cnd_timedwait", "cnd_wait", "mtx_init", + "mtx_lock", "mtx_timedlock", "mtx_trylock", "mtx_unlock", "thrd_create", + "thrd_detach", "thrd_join", "tss_create", "tss_set" + ]) + or + errValue = any(EnumConstantAccess i | i.toString() = "thrd_nomem") and + this.getTarget().hasName(["cnd_init", "thrd_create"]) + or + errValue = any(EnumConstantAccess i | i.toString() = "thrd_timedout") and + this.getTarget().hasName(["cnd_timedwait", "mtx_timedlock"]) + or + errValue = any(EnumConstantAccess i | i.toString() = "thrd_busy") and + this.getTarget().hasName(["mtx_trylock"]) + or + errValue = any(MacroInvocation i | i.getMacroName() = "UINTMAX_MAX").getExpr() and + this.getTarget().hasName(["strtoumax", "wcstoumax"]) + or + errValue = any(MacroInvocation i | i.getMacroName() = "ULONG_MAX").getExpr() and + this.getTarget().hasName(["strtoul", "wcstoul"]) + or + errValue = any(MacroInvocation i | i.getMacroName() = "ULLONG_MAX").getExpr() and + this.getTarget().hasName(["strtoull", "wcstoull"]) + or + errValue = any(MacroInvocation i | i.getMacroName() = "SIG_ERR").getExpr() and + this.getTarget().hasName(["signal"]) + or + errValue = any(MacroInvocation i | i.getMacroName() = ["INTMAX_MAX", "INTMAX_MIN"]).getExpr() and + this.getTarget().hasName(["strtoimax", "wcstoimax"]) + or + errValue = any(MacroInvocation i | i.getMacroName() = ["LONG_MAX", "LONG_MIN"]).getExpr() and + this.getTarget().hasName(["strtol", "wcstol"]) + or + errValue = any(MacroInvocation i | i.getMacroName() = ["LLONG_MAX", "LLONG_MIN"]).getExpr() and + this.getTarget().hasName(["strtoll", "wcstoll"]) + or + errValue.(UnaryMinusExpr).getOperand().(Literal).getValue() = "1" and + this.getTarget() + .hasName([ + "c16rtomb", "c32rtomb", "clock", "ftell", "mbrtoc16", "mbrtoc32", "mbsrtowcs", + "mbstowcs", "mktime", "time", "wcrtomb", "wcsrtombs", "wcstombs" + ]) + or + errValue.(UnaryMinusExpr).getOperand().(Literal).getValue() = "1" and + not this.getArgument(0) instanceof NULL and + this.getTarget().hasName(["mblen", "mbrlen", "mbrtowc", "mbtowc", "wctomb_s", "wctomb"]) + or + errValue.getType() instanceof IntType and + this.getTarget().hasName(["fread", "fwrite"]) + ) + or + errOperator = ["<", ">="] and + ( + errValue.(Literal).getValue() = "0" and + this.getTarget() + .hasName([ + "fprintf_s", "fprintf", "fwprintf_s", "fwprintf", "printf_s", "snprintf_s", + "snprintf", "sprintf_s", "sprintf", "swprintf_s", "swprintf", "thrd_sleep", + "vfprintf_s", "vfprintf", "vfwprintf_s", "vfwprintf", "vprintf_s", "vsnprintf_s", + "vsnprintf", "vsprintf_s", "vsprintf", "vswprintf_s", "vswprintf", "vwprintf_s", + "wprintf_s", "printf", "vprintf", "wprintf", "vwprintf" + ]) + or + errValue.getType() instanceof IntType and + this.getTarget().hasName(["strxfrm", "wcsxfrm"]) + ) + or + errOperator = "NA" and + ( + errValue = any(Expr e) and + this.getTarget() + .hasName([ + "kill_dependency", "memcpy", "wmemcpy", "memmove", "wmemmove", "strcpy", "wcscpy", + "strncpy", "wcsncpy", "strcat", "wcscat", "strncat", "wcsncat", "memset", "wmemset" + ]) + ) + } + + Expr getErrValue() { result = errValue } + + string getErrOperator() { result = errOperator } +} + +// Nodes following a file write before a call to `ferror` is performed +ControlFlowNode ferrorNotchecked(FileWriteFunctionCall write) { + result = write + or + exists(ControlFlowNode mid | + mid = ferrorNotchecked(write) and + //do not traverse the short-circuited CFG edge + not isShortCircuitedEdge(mid, result) and + result = mid.getASuccessor() and + //Stop recursion on call to ferror on the correct file + not accessSameTarget(result.(FerrorCall).getArgument(0), write.getFileExpr()) + ) +} + +from ExpectedErrReturn err +where + not isExcluded(err, Contracts5Package::detectAndHandleStandardLibraryErrorsQuery()) and + // calls that must be verified using the return value + not exists(ComparisonOperation op | + DataFlow::localExprFlow(err, op.getAnOperand()) and + (err.getErrOperator() != "NA" implies op.getOperator() = err.getErrOperator()) and + op.getAnOperand() = err.getErrValue() and + // special case for function `realloc` where the returned pointer + // should not be invalidated + not ( + err.getTarget().hasName("realloc") and + op.getAnOperand().(VariableAccess).getTarget() = + err.getArgument(0).(VariableAccess).getTarget() + ) + ) and + // EXCEPTIONS + ( + // calls that can be verified using ferror() && feof() + err.getTarget().hasName(["fgetc", "fgetwc", "getc", "getchar"]) + implies + missingFeofFerrorChecks(err) + ) and + ( + // calls that can be verified using ferror() + err.getTarget().hasName(["fputc", "putc"]) + implies + err.getEnclosingFunction() = ferrorNotchecked(err) + ) and + ( + // ERR33-C-EX1: calls that can be ignored when cast to `void` + err.getTarget() + .hasName([ + "putchar", "putwchar", "puts", "printf", "vprintf", "wprintf", "vwprintf", + "kill_dependency", "memcpy", "wmemcpy", "memmove", "wmemmove", "strcpy", "wcscpy", + "strncpy", "wcsncpy", "strcat", "wcscat", "strncat", "wcsncat", "memset", "wmemset" + ]) + implies + not err.getExplicitlyConverted() instanceof VoidConversion + ) +select err, + "Missing error detection for the call to function `" + err.getTarget() + + "`. Undetected failures can lead to unexpected or undefined behavior." diff --git a/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected b/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected new file mode 100644 index 0000000000..cf6e10e14e --- /dev/null +++ b/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected @@ -0,0 +1,12 @@ +| test.c:18:3:18:11 | call to setlocale | Missing error detection for the call to function `setlocale`. Undetected failures can lead to unexpected or undefined behavior. | +| test.c:24:23:24:31 | call to setlocale | Missing error detection for the call to function `setlocale`. Undetected failures can lead to unexpected or undefined behavior. | +| test.c:29:22:29:27 | call to calloc | Missing error detection for the call to function `calloc`. Undetected failures can lead to unexpected or undefined behavior. | +| test.c:35:7:35:13 | call to realloc | Missing error detection for the call to function `realloc`. Undetected failures can lead to unexpected or undefined behavior. | +| test.c:46:3:46:7 | call to fseek | Missing error detection for the call to function `fseek`. Undetected failures can lead to unexpected or undefined behavior. | +| test.c:52:3:52:10 | call to snprintf | Missing error detection for the call to function `snprintf`. Undetected failures can lead to unexpected or undefined behavior. | +| test.c:60:3:60:9 | call to putchar | Missing error detection for the call to function `putchar`. Undetected failures can lead to unexpected or undefined behavior. | +| test.c:63:3:63:8 | call to printf | Missing error detection for the call to function `printf`. Undetected failures can lead to unexpected or undefined behavior. | +| test.c:74:22:74:30 | call to localtime | Missing error detection for the call to function `localtime`. Undetected failures can lead to unexpected or undefined behavior. | +| test.c:80:3:80:7 | call to mblen | Missing error detection for the call to function `mblen`. Undetected failures can lead to unexpected or undefined behavior. | +| test.c:97:5:97:9 | call to fputc | Missing error detection for the call to function `fputc`. Undetected failures can lead to unexpected or undefined behavior. | +| test.c:105:5:105:11 | call to getchar | Missing error detection for the call to function `getchar`. Undetected failures can lead to unexpected or undefined behavior. | diff --git a/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.qlref b/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.qlref new file mode 100644 index 0000000000..da020bb97b --- /dev/null +++ b/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.qlref @@ -0,0 +1 @@ +rules/ERR33-C/DetectAndHandleStandardLibraryErrors.ql \ No newline at end of file diff --git a/c/cert/test/rules/ERR33-C/test.c b/c/cert/test/rules/ERR33-C/test.c new file mode 100644 index 0000000000..a8e8ab1ffc --- /dev/null +++ b/c/cert/test/rules/ERR33-C/test.c @@ -0,0 +1,137 @@ +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +void *p; +typedef struct { + char sig_desc[32]; +} signal_info; + +void f1(size_t n) { + setlocale(LC_CTYPE, "en_US.UTF-8"); // NON_COMPLIANT + + const char *save1 = setlocale(LC_CTYPE, "en_US.UTF-8"); // COMPLIANT + if (NULL == save1) { + } + + const char *save2 = setlocale(LC_CTYPE, "en_US.UTF-8"); // NON_COMPLIANT + if (save1 == save2) { + } + + signal_info *start = + (signal_info *)calloc(n, sizeof(signal_info)); // NON_COMPLIANT + + start = (signal_info *)calloc(n, sizeof(signal_info)); // COMPLIANT + if (start == NULL) { + } + + p = realloc(p, n); // NON_COMPLIANT + if (p == NULL) { + } + + void *q; + q = realloc(p, n); // COMPLIANT + if (q == NULL) { + } +} + +void f2(FILE *f, long o) { + fseek(f, o, SEEK_SET); // NON_COMPLIANT + + if (fseek(f, o, SEEK_SET) != 0) { // COMPLIANT + } + + char buf[40]; + snprintf(buf, sizeof(buf), ""); // NON_COMPLIANT + + int n = snprintf(buf, sizeof(buf), ""); // COMPLIANT + if (n < 0) { + } +} + +void f3() { + putchar('C'); // NON_COMPLIANT + (void)putchar('C'); // COMPLIANT + + printf(""); // NON_COMPLIANT + (void)printf(""); // COMPLIANT +} +void signal_handler(int signal) {} +void f4() { + FILE *f; + char a[10]; + char b[10]; + time_t time; + if (fprintf(f, "") < 0) { // COMPLIANT + } + struct tm *local = localtime(&time); // NON_COMPLIANT + if (strftime(b, 10, "", local) == 0) { // COMPLIANT + } + if (clock() == (clock_t)(-1)) { // COMPLIANT + } + mblen(NULL, 0); // COMPLIANT + mblen(a, 0); // NON_COMPLIANT + if (mblen(a, 0) == -1) { // COMPLIANT + } + if (ftell(f) == -1L) { // COMPLIANT + } + if (fread(b, 1, 1, f) == 32) { // COMPLIANT + } + if (fwrite("", 1, 1, f) == 32) { // COMPLIANT + } + if (wctob(0) == EOF) { // COMPLIANT + } + if (fputc(0, f) == EOF) { // COMPLIANT + } + do { + fputc(0, f); // COMPLIANT + } while (!ferror(f)); + do { + fputc(0, f); // NON_COMPLIANT + } while (!feof(f)); + if (fgetc(f) == EOF) { // COMPLIANT + } + do { + getchar(); // COMPLIANT + } while ((!feof(stdin) && !ferror(stdin))); + do { + getchar(); // NON_COMPLIANT + } while (!feof(stdin)); + if (aligned_alloc(0, 0) == NULL) { // COMPLIANT + } + if (signal(SIGINT, signal_handler) == SIG_ERR) { // COMPLIANT + } + cnd_t q; + if (cnd_broadcast(&q) == thrd_error) { // COMPLIANT + } + if (cnd_init(&q) == thrd_nomem) { // COMPLIANT + } + if (cnd_init(&q) == thrd_error) { // COMPLIANT + } + mtx_t mutex; + struct timespec ts; + if (cnd_timedwait(&q, &mutex, &ts) == thrd_timedout) { // COMPLIANT + } + if (cnd_timedwait(&q, &mutex, &ts) == thrd_error) { // COMPLIANT + } + char *endptr; + if (strtoumax("", &endptr, 0) == UINTMAX_MAX) { // COMPLIANT + } + if (strtoull("", &endptr, 0) == ULLONG_MAX) { // COMPLIANT + } + if (strtoul("", &endptr, 0) == ULONG_MAX) { // COMPLIANT + } + if (btowc(0) == WEOF) { // COMPLIANT + } + if (fgetwc(f) == WEOF) { // COMPLIANT + } + if (strxfrm(a, b, 10) >= 32) { // COMPLIANT + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts5.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts5.qll new file mode 100644 index 0000000000..6a3ca2126f --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts5.qll @@ -0,0 +1,42 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype Contracts5Query = + TDoNotRelyOnIndeterminateValuesOfErrnoQuery() or + TDetectAndHandleStandardLibraryErrorsQuery() + +predicate isContracts5QueryMetadata(Query query, string queryId, string ruleId) { + query = + // `Query` instance for the `doNotRelyOnIndeterminateValuesOfErrno` query + Contracts5Package::doNotRelyOnIndeterminateValuesOfErrnoQuery() and + queryId = + // `@id` for the `doNotRelyOnIndeterminateValuesOfErrno` query + "c/cert/do-not-rely-on-indeterminate-values-of-errno" and + ruleId = "ERR32-C" + or + query = + // `Query` instance for the `detectAndHandleStandardLibraryErrors` query + Contracts5Package::detectAndHandleStandardLibraryErrorsQuery() and + queryId = + // `@id` for the `detectAndHandleStandardLibraryErrors` query + "c/cert/detect-and-handle-standard-library-errors" and + ruleId = "ERR33-C" +} + +module Contracts5Package { + Query doNotRelyOnIndeterminateValuesOfErrnoQuery() { + //autogenerate `Query` type + result = + // `Query` type for `doNotRelyOnIndeterminateValuesOfErrno` query + TQueryC(TContracts5PackageQuery(TDoNotRelyOnIndeterminateValuesOfErrnoQuery())) + } + + Query detectAndHandleStandardLibraryErrorsQuery() { + //autogenerate `Query` type + result = + // `Query` type for `detectAndHandleStandardLibraryErrors` query + TQueryC(TContracts5PackageQuery(TDetectAndHandleStandardLibraryErrorsQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index ad05d9b737..92ae27ca1b 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -12,6 +12,7 @@ import Contracts1 import Contracts2 import Contracts3 import Contracts4 +import Contracts5 import Declarations1 import Declarations2 import Declarations3 @@ -48,6 +49,7 @@ newtype TCQuery = TContracts2PackageQuery(Contracts2Query q) or TContracts3PackageQuery(Contracts3Query q) or TContracts4PackageQuery(Contracts4Query q) or + TContracts5PackageQuery(Contracts5Query q) or TDeclarations1PackageQuery(Declarations1Query q) or TDeclarations2PackageQuery(Declarations2Query q) or TDeclarations3PackageQuery(Declarations3Query q) or @@ -84,6 +86,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId) { isContracts2QueryMetadata(query, queryId, ruleId) or isContracts3QueryMetadata(query, queryId, ruleId) or isContracts4QueryMetadata(query, queryId, ruleId) or + isContracts5QueryMetadata(query, queryId, ruleId) or isDeclarations1QueryMetadata(query, queryId, ruleId) or isDeclarations2QueryMetadata(query, queryId, ruleId) or isDeclarations3QueryMetadata(query, queryId, ruleId) or diff --git a/rule_packages/c/Contracts5.json b/rule_packages/c/Contracts5.json new file mode 100644 index 0000000000..1b3845961a --- /dev/null +++ b/rule_packages/c/Contracts5.json @@ -0,0 +1,38 @@ +{ + "CERT-C": { + "ERR32-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Do not rely on indeterminate values of errno.", + "kind": "problem", + "name": "Do not rely on indeterminate values of errno", + "precision": "high", + "severity": "error", + "short_name": "DoNotRelyOnIndeterminateValuesOfErrno", + "tags": ["correctness"] + } + ], + "title": "Do not rely on indeterminate values of errno" + }, + "ERR33-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Detect and handle standard library errors.", + "kind": "problem", + "name": "Detect and handle standard library errors", + "precision": "high", + "severity": "error", + "short_name": "DetectAndHandleStandardLibraryErrors", + "tags": ["correctness"] + } + ], + "title": "Detect and handle standard library errors" + } + } +} \ No newline at end of file diff --git a/rules.csv b/rules.csv index ec8b29eaf9..1dd34924a7 100644 --- a/rules.csv +++ b/rules.csv @@ -512,8 +512,8 @@ c,CERT-C,ENV32-C,Yes,Rule,,,All exit handlers must return normally,,Contracts2,M c,CERT-C,ENV33-C,Yes,Rule,,,Do not call system(),"RULE-21-21, M18-0-3",Banned,Easy, c,CERT-C,ENV34-C,Yes,Rule,,,Do not store pointers returned by certain functions,RULE-21-20,Contracts2,Medium, c,CERT-C,ERR30-C,Yes,Rule,,,"Take care when reading errno",M19-3-1,Contracts4,Hard, -c,CERT-C,ERR32-C,Yes,Rule,,,Do not rely on indeterminate values of errno,,Contracts,Hard, -c,CERT-C,ERR33-C,Yes,Rule,,,Detect and handle standard library errors,MEM52-CPP,Contracts,Hard, +c,CERT-C,ERR32-C,Yes,Rule,,,Do not rely on indeterminate values of errno,,Contracts5,Hard, +c,CERT-C,ERR33-C,Yes,Rule,,,Detect and handle standard library errors,MEM52-CPP,Contracts5,Hard, c,CERT-C,ERR34-C,OutOfScope,Rule,,,Detect errors when converting a string to a number,,,, c,CERT-C,EXP30-C,Yes,Rule,,,Do not depend on the order of evaluation for side effects,EXP50-CPP,SideEffects1,Easy, c,CERT-C,EXP32-C,Yes,Rule,,,Do not access a volatile object through a nonvolatile reference,,Pointers3,Easy, From a38938d00b769b2cb3c654d7644568a83b7d7aaf Mon Sep 17 00:00:00 2001 From: Tom Hvitved Date: Tue, 1 Nov 2022 11:28:06 +0100 Subject: [PATCH 0051/2573] Update expected test output --- .../FIO32-C/DoNotPerformFileOperationsOnDevices.expected | 4 ---- 1 file changed, 4 deletions(-) diff --git a/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected b/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected index c9252151d5..b4852b09e7 100644 --- a/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected +++ b/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected @@ -23,18 +23,14 @@ nodes | test.c:20:15:20:23 | file_name | semmle.label | file_name | | test.c:20:15:20:23 | scanf output argument | semmle.label | scanf output argument | | test.c:21:8:21:16 | (const char *)... | semmle.label | (const char *)... | -| test.c:21:8:21:16 | (const char *)... | semmle.label | (const char *)... | | test.c:21:8:21:16 | file_name | semmle.label | file_name | | test.c:21:8:21:16 | file_name indirection | semmle.label | file_name indirection | -| test.c:21:8:21:16 | file_name indirection | semmle.label | file_name indirection | | test.c:45:15:45:23 | array to pointer conversion | semmle.label | array to pointer conversion | | test.c:45:15:45:23 | file_name | semmle.label | file_name | | test.c:45:15:45:23 | scanf output argument | semmle.label | scanf output argument | | test.c:46:29:46:37 | (LPCTSTR)... | semmle.label | (LPCTSTR)... | -| test.c:46:29:46:37 | (LPCTSTR)... | semmle.label | (LPCTSTR)... | | test.c:46:29:46:37 | file_name | semmle.label | file_name | | test.c:46:29:46:37 | file_name indirection | semmle.label | file_name indirection | -| test.c:46:29:46:37 | file_name indirection | semmle.label | file_name indirection | #select | test.c:21:8:21:16 | file_name | test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | file_name | This argument to a file access function is derived from $@ and then passed to func(file_name), which calls fopen((unnamed parameter 0)) | test.c:20:15:20:23 | file_name | user input (scanf) | | test.c:46:29:46:37 | file_name | test.c:45:15:45:23 | file_name | test.c:46:29:46:37 | file_name | This argument to a file access function is derived from $@ and then passed to CreateFile(lpFileName) | test.c:45:15:45:23 | file_name | user input (scanf) | From 315f09b3fd07679b53397cfaa06ff2d6f467f769 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Tue, 1 Nov 2022 19:41:34 +0100 Subject: [PATCH 0052/2573] Addressing review comments --- .../DetectAndHandleStandardLibraryErrors.ql | 246 +++++++++++------- ...ectAndHandleStandardLibraryErrors.expected | 24 +- rule_packages/c/Contracts5.json | 2 +- 3 files changed, 170 insertions(+), 102 deletions(-) diff --git a/c/cert/src/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.ql b/c/cert/src/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.ql index 03146d6b80..b450a62caf 100644 --- a/c/cert/src/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.ql +++ b/c/cert/src/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.ql @@ -1,7 +1,8 @@ /** * @id c/cert/detect-and-handle-standard-library-errors * @name ERR33-C: Detect and handle standard library errors - * @description Detect and handle standard library errors. + * @description Detect and handle standard library errors. Undetected failures can lead to + * unexpected or undefined behavior. * @kind problem * @precision high * @problem.severity error @@ -14,39 +15,54 @@ import cpp import codingstandards.c.cert import semmle.code.cpp.commons.NULL import codingstandards.cpp.ReadErrorsAndEOF -import semmle.code.cpp.dataflow.DataFlow /** * Classifies error returning function calls based on the * type and value of the required checked */ -class ExpectedErrReturn extends FunctionCall { +abstract class ExpectedErrReturn extends FunctionCall { Expr errValue; - string errOperator; + ComparisonOperation errOperator; - ExpectedErrReturn() { - errOperator = ["==", "!="] and + Expr getErrValue() { result = errValue } + + ComparisonOperation getErrOperator() { result = errOperator } +} + +class ExpectedErrReturnEqZero extends ExpectedErrReturn { + ExpectedErrReturnEqZero() { + errOperator instanceof EqualityOperation and + errValue.(Literal).getValue() = "0" and + this.getTarget() + .hasName([ + "asctime_s", "at_quick_exit", "atexit", "ctime_s", "fgetpos", "fopen_s", "freopen_s", + "fseek", "fsetpos", "mbsrtowcs_s", "mbstowcs_s", "raise", "remove", "rename", "setvbuf", + "strerror_s", "strftime", "strtod", "strtof", "strtold", "timespec_get", "tmpfile_s", + "tmpnam_s", "tss_get", "wcsftime", "wcsrtombs_s", "wcstod", "wcstof", "wcstold", + "wcstombs_s", "wctrans", "wctype" + ]) + } +} + +class ExpectedErrReturnEqNull extends ExpectedErrReturn { + ExpectedErrReturnEqNull() { + errOperator instanceof EqualityOperation and + errValue instanceof NULL and + this.getTarget() + .hasName([ + "aligned_alloc", "bsearch_s", "bsearch", "calloc", "fgets", "fopen", "freopen", + "getenv_s", "getenv", "gets_s", "gmtime_s", "gmtime", "localtime_s", "localtime", + "malloc", "memchr", "realloc", "setlocale", "strchr", "strpbrk", "strrchr", "strstr", + "strtok_s", "strtok", "tmpfile", "tmpnam", "wcschr", "wcspbrk", "wcsrchr", "wcsstr", + "wcstok_s", "wcstok", "wmemchr" + ]) + } +} + +class ExpectedErrReturnEqEofWeof extends ExpectedErrReturn { + ExpectedErrReturnEqEofWeof() { + errOperator instanceof EqualityOperation and ( - errValue.(Literal).getValue() = "0" and - this.getTarget() - .hasName([ - "asctime_s", "at_quick_exit", "atexit", "ctime_s", "fgetpos", "fopen_s", "freopen_s", - "fseek", "fsetpos", "mbsrtowcs_s", "mbstowcs_s", "raise", "remove", "rename", - "setvbuf", "strerror_s", "strftime", "strtod", "strtof", "strtold", "timespec_get", - "tmpfile_s", "tmpnam_s", "tss_get", "wcsftime", "wcsrtombs_s", "wcstod", "wcstof", - "wcstold", "wcstombs_s", "wctrans", "wctype" - ]) - or - errValue instanceof NULL and - this.getTarget() - .hasName([ - "aligned_alloc", "bsearch_s", "bsearch", "calloc", "fgets", "fopen", "freopen", - "getenv_s", "getenv", "gets_s", "gmtime_s", "gmtime", "localtime_s", "localtime", - "malloc", "memchr", "realloc", "setlocale", "strchr", "strpbrk", "strrchr", "strstr", - "strtok_s", "strtok", "tmpfile", "tmpnam", "wcschr", "wcspbrk", "wcsrchr", "wcsstr", - "wcstok_s", "wcstok", "wmemchr" - ]) - or errValue = any(EOFInvocation i).getExpr() and this.getTarget() .hasName([ @@ -62,7 +78,14 @@ class ExpectedErrReturn extends FunctionCall { .hasName([ "btowc", "fgetwc", "fputwc", "getwc", "getwchar", "putwc", "ungetwc", "putwchar" ]) - or + ) + } +} + +class ExpectedErrReturnEqEnumConstant extends ExpectedErrReturn { + ExpectedErrReturnEqEnumConstant() { + errOperator instanceof EqualityOperation and + ( errValue = any(EnumConstantAccess i | i.toString() = "thrd_error") and this.getTarget() .hasName([ @@ -79,7 +102,14 @@ class ExpectedErrReturn extends FunctionCall { or errValue = any(EnumConstantAccess i | i.toString() = "thrd_busy") and this.getTarget().hasName(["mtx_trylock"]) - or + ) + } +} + +class ExpectedErrReturnEqMacroInvocation extends ExpectedErrReturn { + ExpectedErrReturnEqMacroInvocation() { + errOperator instanceof EqualityOperation and + ( errValue = any(MacroInvocation i | i.getMacroName() = "UINTMAX_MAX").getExpr() and this.getTarget().hasName(["strtoumax", "wcstoumax"]) or @@ -100,7 +130,14 @@ class ExpectedErrReturn extends FunctionCall { or errValue = any(MacroInvocation i | i.getMacroName() = ["LLONG_MAX", "LLONG_MIN"]).getExpr() and this.getTarget().hasName(["strtoll", "wcstoll"]) - or + ) + } +} + +class ExpectedErrReturnEqMinusOne extends ExpectedErrReturn { + ExpectedErrReturnEqMinusOne() { + errOperator instanceof EqualityOperation and + ( errValue.(UnaryMinusExpr).getOperand().(Literal).getValue() = "1" and this.getTarget() .hasName([ @@ -108,47 +145,99 @@ class ExpectedErrReturn extends FunctionCall { "mbstowcs", "mktime", "time", "wcrtomb", "wcsrtombs", "wcstombs" ]) or + // functions that behave differently when the first argument is NULL errValue.(UnaryMinusExpr).getOperand().(Literal).getValue() = "1" and not this.getArgument(0) instanceof NULL and this.getTarget().hasName(["mblen", "mbrlen", "mbrtowc", "mbtowc", "wctomb_s", "wctomb"]) - or - errValue.getType() instanceof IntType and - this.getTarget().hasName(["fread", "fwrite"]) - ) - or - errOperator = ["<", ">="] and - ( - errValue.(Literal).getValue() = "0" and - this.getTarget() - .hasName([ - "fprintf_s", "fprintf", "fwprintf_s", "fwprintf", "printf_s", "snprintf_s", - "snprintf", "sprintf_s", "sprintf", "swprintf_s", "swprintf", "thrd_sleep", - "vfprintf_s", "vfprintf", "vfwprintf_s", "vfwprintf", "vprintf_s", "vsnprintf_s", - "vsnprintf", "vsprintf_s", "vsprintf", "vswprintf_s", "vswprintf", "vwprintf_s", - "wprintf_s", "printf", "vprintf", "wprintf", "vwprintf" - ]) - or - errValue.getType() instanceof IntType and - this.getTarget().hasName(["strxfrm", "wcsxfrm"]) - ) - or - errOperator = "NA" and - ( - errValue = any(Expr e) and - this.getTarget() - .hasName([ - "kill_dependency", "memcpy", "wmemcpy", "memmove", "wmemmove", "strcpy", "wcscpy", - "strncpy", "wcsncpy", "strcat", "wcscat", "strncat", "wcsncat", "memset", "wmemset" - ]) ) } +} - Expr getErrValue() { result = errValue } +class ExpectedErrReturnEqInt extends ExpectedErrReturn { + ExpectedErrReturnEqInt() { + errOperator instanceof EqualityOperation and + errValue.getType() instanceof IntType and + this.getTarget().hasName(["fread", "fwrite"]) + } +} + +class ExpectedErrReturnLtZero extends ExpectedErrReturn { + ExpectedErrReturnLtZero() { + errOperator.getOperator() = ["<", ">="] and + errValue.(Literal).getValue() = "0" and + this.getTarget() + .hasName([ + "fprintf_s", "fprintf", "fwprintf_s", "fwprintf", "printf_s", "snprintf_s", "snprintf", + "sprintf_s", "sprintf", "swprintf_s", "swprintf", "thrd_sleep", "vfprintf_s", + "vfprintf", "vfwprintf_s", "vfwprintf", "vprintf_s", "vsnprintf_s", "vsnprintf", + "vsprintf_s", "vsprintf", "vswprintf_s", "vswprintf", "vwprintf_s", "wprintf_s", + "printf", "vprintf", "wprintf", "vwprintf" + ]) + } +} + +class ExpectedErrReturnLtInt extends ExpectedErrReturn { + ExpectedErrReturnLtInt() { + errOperator.getOperator() = ["<", ">="] and + errValue.getType() instanceof IntType and + this.getTarget().hasName(["strxfrm", "wcsxfrm"]) + } +} + +class ExpectedErrReturnNA extends ExpectedErrReturn { + ExpectedErrReturnNA() { + errOperator.getOperator() = ["<", ">="] and + errValue = any(Expr e) and + this.getTarget() + .hasName([ + "kill_dependency", "memcpy", "wmemcpy", "memmove", "wmemmove", "strcpy", "wcscpy", + "strncpy", "wcsncpy", "strcat", "wcscat", "strncat", "wcsncat", "memset", "wmemset" + ]) + } +} + +/** + * calls that can be verified using ferror() && feof() + */ +class FerrorFeofException extends FunctionCall { + FerrorFeofException() { + this.getTarget().hasName(["fgetc", "fgetwc", "getc", "getchar"]) + implies + missingFeofFerrorChecks(this) + } +} + +/** + * calls that can be verified using ferror() + */ +class FerrorException extends FunctionCall { + FerrorException() { + this.getTarget().hasName(["fputc", "putc"]) + implies + this.getEnclosingFunction() = ferrorNotchecked(this) + } +} - string getErrOperator() { result = errOperator } +/** + * ERR33-C-EX1: calls that must not be verified if cast to `void` + */ +class VoidCastException extends FunctionCall { + VoidCastException() { + this.getTarget() + .hasName([ + "putchar", "putwchar", "puts", "printf", "vprintf", "wprintf", "vwprintf", + "kill_dependency", "memcpy", "wmemcpy", "memmove", "wmemmove", "strcpy", "wcscpy", + "strncpy", "wcsncpy", "strcat", "wcscat", "strncat", "wcsncat", "memset", "wmemset" + ]) + implies + not this.getExplicitlyConverted() instanceof VoidConversion + } } -// Nodes following a file write before a call to `ferror` is performed +/** + * CFG search: + * Nodes following a file write before a call to `ferror` is performed + */ ControlFlowNode ferrorNotchecked(FileWriteFunctionCall write) { result = write or @@ -168,7 +257,7 @@ where // calls that must be verified using the return value not exists(ComparisonOperation op | DataFlow::localExprFlow(err, op.getAnOperand()) and - (err.getErrOperator() != "NA" implies op.getOperator() = err.getErrOperator()) and + op = err.getErrOperator() and op.getAnOperand() = err.getErrValue() and // special case for function `realloc` where the returned pointer // should not be invalidated @@ -178,30 +267,9 @@ where err.getArgument(0).(VariableAccess).getTarget() ) ) and - // EXCEPTIONS - ( - // calls that can be verified using ferror() && feof() - err.getTarget().hasName(["fgetc", "fgetwc", "getc", "getchar"]) - implies - missingFeofFerrorChecks(err) - ) and - ( - // calls that can be verified using ferror() - err.getTarget().hasName(["fputc", "putc"]) - implies - err.getEnclosingFunction() = ferrorNotchecked(err) - ) and - ( - // ERR33-C-EX1: calls that can be ignored when cast to `void` - err.getTarget() - .hasName([ - "putchar", "putwchar", "puts", "printf", "vprintf", "wprintf", "vwprintf", - "kill_dependency", "memcpy", "wmemcpy", "memmove", "wmemmove", "strcpy", "wcscpy", - "strncpy", "wcsncpy", "strcat", "wcscat", "strncat", "wcsncat", "memset", "wmemset" - ]) - implies - not err.getExplicitlyConverted() instanceof VoidConversion - ) -select err, - "Missing error detection for the call to function `" + err.getTarget() + - "`. Undetected failures can lead to unexpected or undefined behavior." + // ERR33-C-EX1: calls for which it is acceptable + // to ignore the return value + err instanceof FerrorFeofException and + err instanceof FerrorException and + err instanceof VoidCastException +select err, "Missing error detection for the call to function `" + err.getTarget() + "`." diff --git a/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected b/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected index cf6e10e14e..6b9c16974c 100644 --- a/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected +++ b/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected @@ -1,12 +1,12 @@ -| test.c:18:3:18:11 | call to setlocale | Missing error detection for the call to function `setlocale`. Undetected failures can lead to unexpected or undefined behavior. | -| test.c:24:23:24:31 | call to setlocale | Missing error detection for the call to function `setlocale`. Undetected failures can lead to unexpected or undefined behavior. | -| test.c:29:22:29:27 | call to calloc | Missing error detection for the call to function `calloc`. Undetected failures can lead to unexpected or undefined behavior. | -| test.c:35:7:35:13 | call to realloc | Missing error detection for the call to function `realloc`. Undetected failures can lead to unexpected or undefined behavior. | -| test.c:46:3:46:7 | call to fseek | Missing error detection for the call to function `fseek`. Undetected failures can lead to unexpected or undefined behavior. | -| test.c:52:3:52:10 | call to snprintf | Missing error detection for the call to function `snprintf`. Undetected failures can lead to unexpected or undefined behavior. | -| test.c:60:3:60:9 | call to putchar | Missing error detection for the call to function `putchar`. Undetected failures can lead to unexpected or undefined behavior. | -| test.c:63:3:63:8 | call to printf | Missing error detection for the call to function `printf`. Undetected failures can lead to unexpected or undefined behavior. | -| test.c:74:22:74:30 | call to localtime | Missing error detection for the call to function `localtime`. Undetected failures can lead to unexpected or undefined behavior. | -| test.c:80:3:80:7 | call to mblen | Missing error detection for the call to function `mblen`. Undetected failures can lead to unexpected or undefined behavior. | -| test.c:97:5:97:9 | call to fputc | Missing error detection for the call to function `fputc`. Undetected failures can lead to unexpected or undefined behavior. | -| test.c:105:5:105:11 | call to getchar | Missing error detection for the call to function `getchar`. Undetected failures can lead to unexpected or undefined behavior. | +| test.c:18:3:18:11 | call to setlocale | Missing error detection for the call to function `setlocale`. | +| test.c:24:23:24:31 | call to setlocale | Missing error detection for the call to function `setlocale`. | +| test.c:29:22:29:27 | call to calloc | Missing error detection for the call to function `calloc`. | +| test.c:35:7:35:13 | call to realloc | Missing error detection for the call to function `realloc`. | +| test.c:46:3:46:7 | call to fseek | Missing error detection for the call to function `fseek`. | +| test.c:52:3:52:10 | call to snprintf | Missing error detection for the call to function `snprintf`. | +| test.c:60:3:60:9 | call to putchar | Missing error detection for the call to function `putchar`. | +| test.c:63:3:63:8 | call to printf | Missing error detection for the call to function `printf`. | +| test.c:74:22:74:30 | call to localtime | Missing error detection for the call to function `localtime`. | +| test.c:80:3:80:7 | call to mblen | Missing error detection for the call to function `mblen`. | +| test.c:97:5:97:9 | call to fputc | Missing error detection for the call to function `fputc`. | +| test.c:105:5:105:11 | call to getchar | Missing error detection for the call to function `getchar`. | diff --git a/rule_packages/c/Contracts5.json b/rule_packages/c/Contracts5.json index 1b3845961a..6e4b1c2150 100644 --- a/rule_packages/c/Contracts5.json +++ b/rule_packages/c/Contracts5.json @@ -23,7 +23,7 @@ }, "queries": [ { - "description": "Detect and handle standard library errors.", + "description": "Detect and handle standard library errors. Undetected failures can lead to unexpected or undefined behavior.", "kind": "problem", "name": "Detect and handle standard library errors", "precision": "high", From cced8d4b7c9f68939f6cf25c9a2c928d6a918fde Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Tue, 1 Nov 2022 18:49:44 -0400 Subject: [PATCH 0053/2573] Tests for Contracts6 * tests for contracts6 --- .vscode/tasks.json | 5 +++ c/cert/test/rules/EXP40-C/test.c | 52 +++++++++++++++++++++++ c/misra/test/rules/RULE-12-2/test.c | 65 +++++++++++++++++++++++++++++ c/misra/test/rules/RULE-17-5/test.c | 49 ++++++++++++++++++++++ c/misra/test/rules/RULE-17-7/test.c | 18 ++++++++ rules.csv | 8 ++-- 6 files changed, 193 insertions(+), 4 deletions(-) create mode 100644 c/cert/test/rules/EXP40-C/test.c create mode 100644 c/misra/test/rules/RULE-12-2/test.c create mode 100644 c/misra/test/rules/RULE-17-5/test.c create mode 100644 c/misra/test/rules/RULE-17-7/test.c diff --git a/.vscode/tasks.json b/.vscode/tasks.json index d1f141cced..3b5c694798 100644 --- a/.vscode/tasks.json +++ b/.vscode/tasks.json @@ -192,6 +192,11 @@ "Classes", "Comments", "Contracts1", + "Contracts2", + "Contracts3", + "Contracts4", + "Contracts5", + "Contracts6", "Concurrency", "Concurrency", "Concurrency1", diff --git a/c/cert/test/rules/EXP40-C/test.c b/c/cert/test/rules/EXP40-C/test.c new file mode 100644 index 0000000000..5723f72c30 --- /dev/null +++ b/c/cert/test/rules/EXP40-C/test.c @@ -0,0 +1,52 @@ +void f1() { + const int a = 3; + int *aa; + + aa = &a; // NON_COMPLIANT + *aa = 100; +} + +void f1a() { + const int a = 3; + int *aa; + + aa = &a; // COMPLIANT +} + +void f2() { + int a = 3; + int *aa; + a = 3; + + aa = &a; + *aa = a; + *aa = &a; +} + +void f4a(int *a) { + *a = 100; // NON_COMPLAINT +} + +void f4b(int *a) {} + +void f4() { + const int a = 100; + int *p1 = &a; // NON_COMPLIANT + const int **p2; + + *p2 = &a; // NON_COMPLIANT + + f4a(p1); // NON_COMPLIANT + f4a(*p2); // NON_COMPLIANT +} + +void f5() { + const int a = 100; + int *p1 = &a; // COMPLIANT + const int **p2; + + *p2 = &a; // COMPLIANT + + f4b(p1); + f4b(*p2); +} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-12-2/test.c b/c/misra/test/rules/RULE-12-2/test.c new file mode 100644 index 0000000000..b2b88ebda0 --- /dev/null +++ b/c/misra/test/rules/RULE-12-2/test.c @@ -0,0 +1,65 @@ + + +const short int s1 = 15; +const short int s2 = -1; +const short int s3 = 16; +const int s4 = -1; +const int s5 = 32; +const int s6 = 21; + +const long int s7 = 64; +const long int s8 = 63; + +void f1() { + int a; + short b; + long c; + char d; + + a = a << s1; // COMPLIANT + a = a << s2; // NON_COMPLIANT + a = a << s3; // COMPLIANT + a = a << s4; // NON_COMPLIANT + a = a << s5; // NON_COMPLIANT + a = a << s6; // COMPLIANT + a = a << s7; // NON_COMPLIANT + a = a << s8; // NON_COMPLIANT + + b = b << s1; // COMPLIANT + b = b << s2; // NON_COMPLIANT + b = b << s3; // NON_COMPLIANT + b = b << s4; // NON_COMPLIANT + b = b << s5; // NON_COMPLIANT + b = b << s6; // NON_COMPLIANT + b = b << s7; // NON_COMPLIANT + b = b << s8; // NON_COMPLIANT + + c = c << s1; // COMPLIANT + c = c << s2; // NON_COMPLIANT + c = c << s3; // COMPLIANT + c = c << s4; // NON_COMPLIANT + c = c << s5; // COMPLIANT + c = c << s6; // COMPLIANT + c = c << s7; // NON_COMPLIANT + c = c << s8; // COMPLIANT + + d = d << -1; // NON_COMPLIANT + d = d << 8; // NON_COMPLIANT + d = d << 7; // COMPLIANT + d = d << 0; // COMPLIANT +} + +void f2() { + int a; + short b; + char c; + long long d; + + int aa = 10; + aa++; + + a = a << aa; + b = b << aa; + c = c << aa; + d = d << aa; +} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-17-5/test.c b/c/misra/test/rules/RULE-17-5/test.c new file mode 100644 index 0000000000..2488d2d632 --- /dev/null +++ b/c/misra/test/rules/RULE-17-5/test.c @@ -0,0 +1,49 @@ +void f1(int ar[3]); +void f2(int a, int ar[3]); +void f3(int *ar); +void f4(int a, int *ar); + +void t1() { + int *ar; + + int ar2[3] = {1, 2}; + int *ar2p = ar2; + + int ar3[3] = {1, 2, 3}; + int *ar3p = ar3; + + int ar4[4] = {1, 2, 3}; + int *ar4p = ar4; + + f1(0); // NON_COMPLAINT + f1(ar); // NON_COMPLAINT + f1(ar2); // NON_COMPLIANT + f1(ar2p); // NON_COMPLIANT + f1(ar3); // COMPLIANT + f1(ar3p); // COMPLIANT + f1(ar4); // COMPLIANT + + f2(0, 0); // NON_COMPLAINT + f2(0, ar); // NON_COMPLAINT + f2(0, ar2); // NON_COMPLIANT + f2(0, ar2p); // NON_COMPLIANT + f2(0, ar3); // COMPLIANT + f2(0, ar3p); // COMPLIANT + f2(0, ar4); // COMPLIANT + + f3(0); // COMPLAINT + f3(ar); // COMPLAINT + f3(ar2); // COMPLIANT + f3(ar2p); // COMPLIANT + f3(ar3); // COMPLIANT + f3(ar3p); // COMPLIANT + f3(ar4); // COMPLIANT + + f4(0, 0); // COMPLAINT + f4(0, ar); // COMPLAINT + f4(0, ar2); // COMPLIANT + f4(0, ar2p); // COMPLIANT + f4(0, ar3); // COMPLIANT + f4(0, ar3p); // COMPLIANT + f4(0, ar4); // COMPLIANT +} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-17-7/test.c b/c/misra/test/rules/RULE-17-7/test.c new file mode 100644 index 0000000000..bd58fc774e --- /dev/null +++ b/c/misra/test/rules/RULE-17-7/test.c @@ -0,0 +1,18 @@ +void f1() {} +int f2() { return 0; } + +int t1() { + f1(); + f2(); // NON_COMPLAINT + (void)f2(); // COMPLIANT + int a = f2(); // COMPLIANT + a = f2(); // COMPLIANT + + void (*fp1)(void) = &f1; + int (*fp2)(void) = &f2; + + (*f1)(); // COMPLIANT + (*f2)(); // NON_COMPLIANT + (void)(*f2)(); // COMPLIANT + a = (*f2)(); // COMPLIANT +} \ No newline at end of file diff --git a/rules.csv b/rules.csv index ec8b29eaf9..be49c00433 100644 --- a/rules.csv +++ b/rules.csv @@ -523,7 +523,7 @@ c,CERT-C,EXP35-C,Yes,Rule,,,Do not modify objects with temporary lifetime,,Inval c,CERT-C,EXP36-C,Yes,Rule,,,Do not cast pointers into more strictly aligned pointer types,,Pointers3,Medium, c,CERT-C,EXP37-C,Yes,Rule,,,Call functions with the correct number and type of arguments,,Expressions,Easy, c,CERT-C,EXP39-C,Yes,Rule,,,Do not access a variable through a pointer of an incompatible type,,Pointers3,Medium, -c,CERT-C,EXP40-C,Yes,Rule,,,Do not modify constant objects,,Contracts,Medium, +c,CERT-C,EXP40-C,Yes,Rule,,,Do not modify constant objects,,Contracts6,Medium, c,CERT-C,EXP42-C,Yes,Rule,,,Do not compare padding data,,Memory,Medium, c,CERT-C,EXP43-C,Yes,Rule,,,Avoid undefined behavior when using restrict-qualified pointers,,Pointers3,Medium, c,CERT-C,EXP44-C,Yes,Rule,,,"Do not rely on side effects in operands to sizeof, _Alignof, or _Generic",M5-3-4,SideEffects1,Medium, @@ -683,7 +683,7 @@ c,MISRA-C-2012,RULE-11-7,Yes,Required,,,A cast shall not be performed between po c,MISRA-C-2012,RULE-11-8,Yes,Required,,,A cast shall not remove any const or volatile qualification from the type pointed to by a pointer,,Pointers1,Easy, c,MISRA-C-2012,RULE-11-9,Yes,Required,,,The macro NULL shall be the only permitted form of integer null pointer constant,,Pointers1,Easy, c,MISRA-C-2012,RULE-12-1,Yes,Advisory,,,The precedence of operators within expressions should be made explicit,,SideEffects1,Medium, -c,MISRA-C-2012,RULE-12-2,Yes,Required,,,The right hand operand of a shift operator shall lie in the range zero to one less than the width in bits of the essential type of the left hand operand,,Contracts,Hard, +c,MISRA-C-2012,RULE-12-2,Yes,Required,,,The right hand operand of a shift operator shall lie in the range zero to one less than the width in bits of the essential type of the left hand operand,,Contracts6,Hard, c,MISRA-C-2012,RULE-12-3,Yes,Advisory,,,The comma operator should not be used,M5-18-1,Banned,Import, c,MISRA-C-2012,RULE-12-4,Yes,Advisory,,,Evaluation of constant expressions should not lead to unsigned integer wrap-around,INT30-C,Types,Easy, c,MISRA-C-2012,RULE-12-5,Yes,Mandatory,,,The sizeof operator shall not have an operand which is a function parameter declared as �array of type�,,Types,Medium, @@ -715,9 +715,9 @@ c,MISRA-C-2012,RULE-17-1,Yes,Required,,,The features of shall not be c,MISRA-C-2012,RULE-17-2,Yes,Required,,,"Functions shall not call themselves, either directly or indirectly",A7-5-2,Statements,Import, c,MISRA-C-2012,RULE-17-3,Yes,Mandatory,,,A function shall not be declared implicitly,,Declarations,Medium, c,MISRA-C-2012,RULE-17-4,Yes,Mandatory,,,All exit paths from a function with non-void return type shall have an explicit return statement with an expression,MSC52-CPP,Statements,Medium, -c,MISRA-C-2012,RULE-17-5,Yes,Advisory,,,The function argument corresponding to a parameter declared to have an array type shall have an appropriate number of elements,,Contracts,Hard, +c,MISRA-C-2012,RULE-17-5,Yes,Advisory,,,The function argument corresponding to a parameter declared to have an array type shall have an appropriate number of elements,,Contracts6,Hard, c,MISRA-C-2012,RULE-17-6,No,Mandatory,,,The declaration of an array parameter shall not contain the static keyword between the [ ],,,, -c,MISRA-C-2012,RULE-17-7,Yes,Required,,,The value returned by a function having non-void return type shall be used,A0-1-2,Contracts,Import, +c,MISRA-C-2012,RULE-17-7,Yes,Required,,,The value returned by a function having non-void return type shall be used,A0-1-2,Contracts6,Import, c,MISRA-C-2012,RULE-17-8,Yes,Advisory,,,A function parameter should not be modified,,SideEffects2,Medium, c,MISRA-C-2012,RULE-18-1,Yes,Required,,,A pointer resulting from arithmetic on a pointer operand shall address an element of the same array as that pointer operand,M5-0-16,Pointers1,Import, c,MISRA-C-2012,RULE-18-2,Yes,Required,,,Subtraction between pointers shall only be applied to pointers that address elements of the same array,M5-0-17,Pointers1,Import, From 33867bb7d239d4493500bf446552de7a2a755d00 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 2 Nov 2022 10:22:40 -0400 Subject: [PATCH 0054/2573] Language2: rm DIR-2-1 --- rules.csv | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/rules.csv b/rules.csv index ff8d4970cc..fdc8a08639 100644 --- a/rules.csv +++ b/rules.csv @@ -14,7 +14,7 @@ cpp,AUTOSAR,A1-1-2,Yes,Required,Non-Automated,Implementation / Toolchain,A warni cpp,AUTOSAR,A1-1-3,Yes,Required,Non-Automated,Toolchain,An optimization option that disregards strict standard compliance shall not be turned on in the chosen compiler.,,Toolchain,Easy,Note: this is currently only possible for compilations that do not use response files. cpp,AUTOSAR,A1-2-1,No,Required,Non-Automated,Toolchain,"When using a compiler toolchain (including preprocessor, compiler itself, linker, C++ standard libraries) in safety-related software, the tool confidence level (TCL) shall be determined. In case of TCL2 or TCL3, the compiler shall undergo a 'Qualification of a software tool', as per ISO 26262-8.11.4.6 [6].",,,,Allocated target not covered by CodeQL cpp,AUTOSAR,A1-4-1,No,Required,Non-Automated,Implementation / Verification,Code metrics and their valid boundaries shall be defined and code shall comply with defined boundaries of code metrics.,,,,Allocated target not covered by CodeQL -cpp,AUTOSAR,A1-4-3,No,Advisory,Automated,Implementation,All code should compile free of compiler warnings.,,,,"This should be checked via the compiler output, rather than CodeQL, which adds unecessary steps." +cpp,AUTOSAR,A1-4-3,No,Advisory,Automated,Implementation,All code should compile free of compiler warnings.,,,,"This should be checked via the compiler output, rather than CodeQL, which adds unnecessary steps." cpp,AUTOSAR,A10-0-1,Yes,Required,Non-Automated,Design,Public inheritance shall be used to implement 'is-a' relationship.,,Inheritance,Audit,Report a list of Inheritance relationships. cpp,AUTOSAR,A10-0-2,Yes,Required,Non-Automated,Design,Membership or non-public inheritance shall be used to implement 'has-a' relationship.,,Inheritance,Audit,Report a list of membership relationships. cpp,AUTOSAR,A10-1-1,Yes,Required,Automated,Implementation,Class shall not be derived from more than one base class which is not an interface class.,,Inheritance,Easy, @@ -600,7 +600,7 @@ c,CERT-C,STR37-C,Yes,Rule,,,Arguments to character-handling functions must be re c,CERT-C,STR38-C,Yes,Rule,,,Do not confuse narrow and wide character strings and functions,,Strings3,Medium, c,CERT-C,WIN30-C,OutOfScope,Rule,,,Properly pair allocation and deallocation functions,DCL54-CPP,,Easy, c,MISRA-C-2012,RULE-1-1,No,Required,,,Any implementation-defined behaviour on which the output of the program depends shall be documented and understood,,,, -c,MISRA-C-2012,RULE-2-1,Yes,Required,,,All source files shall compile without any compilation errors,A1-4-3,Language,Medium, +c,MISRA-C-2012,DIR-2-1,No,Required,,,All source files shall compile without any compilation errors,A1-4-3,Language,Medium,"This should be checked via the compiler output, rather than CodeQL, which adds unnecessary steps." c,MISRA-C-2012,RULE-3-1,No,Required,,,All code shall be traceable to documented requirements,,,, c,MISRA-C-2012,RULE-4-1,No,Required,,,Run-time failures shall be minimized,,,, c,MISRA-C-2012,RULE-4-2,Yes,Advisory,,,All usage of assembly language should be documented,M7-4-1,Language,Import, From e0398761c37d2bbe9ee3f4ea91e7f1ce243d9f6a Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 2 Nov 2022 22:58:35 +0000 Subject: [PATCH 0055/2573] A5-2-2: Exclude c-style casts generated by library macros casts generated by library macros are not modifiable by the user, so can be excluded from the results of this rule. In addition, this commit improves the query message to specify whether the cast was generated due to the expansion of a macro, and to provide a link to the macro in question. This helps users identify the location in the code where the cast is actually written. --- .../A5-2-2/TraditionalCStyleCastsUsed.ql | 51 +++++++++++++++++-- .../TraditionalCStyleCastsUsed.expected | 10 ++-- cpp/autosar/test/rules/A5-2-2/test.cpp | 21 ++++++++ .../custom-library/macro_c_style_casts.h | 4 ++ cpp/options | 2 +- 5 files changed, 81 insertions(+), 7 deletions(-) create mode 100644 cpp/common/test/includes/custom-library/macro_c_style_casts.h diff --git a/cpp/autosar/src/rules/A5-2-2/TraditionalCStyleCastsUsed.ql b/cpp/autosar/src/rules/A5-2-2/TraditionalCStyleCastsUsed.ql index 0b6962c06e..920da0137e 100644 --- a/cpp/autosar/src/rules/A5-2-2/TraditionalCStyleCastsUsed.ql +++ b/cpp/autosar/src/rules/A5-2-2/TraditionalCStyleCastsUsed.ql @@ -16,9 +16,54 @@ import cpp import codingstandards.cpp.autosar -from CStyleCast c +/** + * Gets the macro (if any) that generated the given `CStyleCast`. + * + * If there are nested macro invocations, we identify the most specific macro that generated the + * cast. + */ +Macro getGeneratedFrom(CStyleCast c) { + exists(MacroInvocation mi | + mi = result.getAnInvocation() and + mi.getAGeneratedElement() = c and + mi.getLocation().getStartColumn() = c.getLocation().getStartColumn() and + not exists(MacroInvocation child | + child.getParentInvocation() = mi and + child.getAGeneratedElement() = c + ) + ) +} + +/** A macro within the source location of this project. */ +class UserProvidedMacro extends Macro { + UserProvidedMacro() { exists(this.getFile().getRelativePath()) } +} + +/** A macro defined within a library used by this project. */ +class LibraryMacro extends Macro { + LibraryMacro() { not this instanceof UserProvidedMacro } +} + +from CStyleCast c, string extraMessage, Locatable l, string supplementary where not isExcluded(c, BannedSyntaxPackage::traditionalCStyleCastsUsedQuery()) and not c.isImplicit() and - not c.getType() instanceof UnknownType -select c, "Use of explicit C-style Cast" + not c.getType() instanceof UnknownType and + // Exclude casts created from macro invocations of macros defined by third parties + not getGeneratedFrom(c) instanceof LibraryMacro and + // If the cast was generated from a user-provided macro, then report the macro that generated the + // cast, as the macro itself may have generated the cast + if getGeneratedFrom(c) instanceof UserProvidedMacro + then + extraMessage = " generated from macro $@" and + // Add macro as explanatory link + l = getGeneratedFrom(c) and + supplementary = getGeneratedFrom(c).getName() + else ( + // No extra message required + extraMessage = "" and + // No explanatory link required, but we still need to set these to valid values + l = c and + supplementary = "" + ) +select c, "Use of explicit c-style cast" + extraMessage, l, supplementary diff --git a/cpp/autosar/test/rules/A5-2-2/TraditionalCStyleCastsUsed.expected b/cpp/autosar/test/rules/A5-2-2/TraditionalCStyleCastsUsed.expected index 1b349cea04..b9a305eb91 100644 --- a/cpp/autosar/test/rules/A5-2-2/TraditionalCStyleCastsUsed.expected +++ b/cpp/autosar/test/rules/A5-2-2/TraditionalCStyleCastsUsed.expected @@ -1,3 +1,7 @@ -| test.cpp:8:22:8:37 | (uint32_t)... | Use of explicit C-style Cast | -| test.cpp:9:22:9:32 | (unsigned int)... | Use of explicit C-style Cast | -| test.cpp:15:3:15:13 | (void)... | Use of explicit C-style Cast | +| test.cpp:8:22:8:37 | (uint32_t)... | Use of explicit c-style cast | test.cpp:8:22:8:37 | (uint32_t)... | | +| test.cpp:9:22:9:32 | (unsigned int)... | Use of explicit c-style cast | test.cpp:9:22:9:32 | (unsigned int)... | | +| test.cpp:15:3:15:13 | (void)... | Use of explicit c-style cast | test.cpp:15:3:15:13 | (void)... | | +| test.cpp:77:3:77:11 | (int)... | Use of explicit c-style cast generated from macro $@ | test.cpp:70:1:70:31 | #define ADD_ONE(x) ((int)x) + 1 | ADD_ONE | +| test.cpp:79:3:79:18 | (int)... | Use of explicit c-style cast generated from macro $@ | test.cpp:71:1:71:36 | #define NESTED_ADD_ONE(x) ADD_ONE(x) | NESTED_ADD_ONE | +| test.cpp:85:19:85:26 | (int)... | Use of explicit c-style cast | test.cpp:85:19:85:26 | (int)... | | +| test.cpp:86:27:86:34 | (int)... | Use of explicit c-style cast | test.cpp:86:27:86:34 | (int)... | | diff --git a/cpp/autosar/test/rules/A5-2-2/test.cpp b/cpp/autosar/test/rules/A5-2-2/test.cpp index 23820114cb..664a10f469 100644 --- a/cpp/autosar/test/rules/A5-2-2/test.cpp +++ b/cpp/autosar/test/rules/A5-2-2/test.cpp @@ -65,4 +65,25 @@ class A5_2_2 final { void a5_2_2_test() { A5_2_2 a; a.f(""); +} + +#define ADD_ONE(x) ((int)x) + 1 +#define NESTED_ADD_ONE(x) ADD_ONE(x) +#define NO_CAST_ADD_ONE(x) x + 1 + +#include "macro_c_style_casts.h" + +void test_macro_cast() { + ADD_ONE(1); // NON_COMPLIANT - expansion of user-defined macro creates + // c-style cast + NESTED_ADD_ONE(1); // NON_COMPLIANT - expansion of user-defined macro creates + // c-style cast + LIBRARY_ADD_TWO(1); // COMPLIANT - macro generating the cast is defined in a + // library, and is not modifiable by the user + LIBRARY_NESTED_ADD_TWO(1); // COMPLIANT - macro generating the cast is defined + // in a library, and is not modifiable by the user + NO_CAST_ADD_ONE((int)1.0); // NON_COMPLIANT - cast in argument to macro + LIBRARY_NO_CAST_ADD_TWO((int)1.0); // NON_COMPLIANT - library macro with + // c-style cast in argument, written by + // user so should be reported } \ No newline at end of file diff --git a/cpp/common/test/includes/custom-library/macro_c_style_casts.h b/cpp/common/test/includes/custom-library/macro_c_style_casts.h new file mode 100644 index 0000000000..31af2a4ead --- /dev/null +++ b/cpp/common/test/includes/custom-library/macro_c_style_casts.h @@ -0,0 +1,4 @@ +// Macros used in test for A5-2-2 +#define LIBRARY_ADD_TWO(x) ((int)x) + 2 +#define LIBRARY_NESTED_ADD_TWO(x) LIBRARY_ADD_TWO(x) +#define LIBRARY_NO_CAST_ADD_TWO(x) x + 1 \ No newline at end of file diff --git a/cpp/options b/cpp/options index f1c6ec672f..1f8961ecda 100644 --- a/cpp/options +++ b/cpp/options @@ -1 +1 @@ -semmle-extractor-options:--clang -std=c++14 -nostdinc++ -I../../../../common/test/includes/standard-library \ No newline at end of file +semmle-extractor-options:--clang -std=c++14 -nostdinc++ -I../../../../common/test/includes/standard-library -I../../../../common/test/includes/custom-library \ No newline at end of file From e185f3756edfd166343c09bba8af3a3f1fef94ce Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 2 Nov 2022 23:03:07 +0000 Subject: [PATCH 0056/2573] A5-2-2: Update message to cite the type Improve result message to cite the type being casted to, to help with validation and remediation. --- .../src/rules/A5-2-2/TraditionalCStyleCastsUsed.ql | 3 ++- .../A5-2-2/TraditionalCStyleCastsUsed.expected | 14 +++++++------- 2 files changed, 9 insertions(+), 8 deletions(-) diff --git a/cpp/autosar/src/rules/A5-2-2/TraditionalCStyleCastsUsed.ql b/cpp/autosar/src/rules/A5-2-2/TraditionalCStyleCastsUsed.ql index 920da0137e..e7f6e96eb5 100644 --- a/cpp/autosar/src/rules/A5-2-2/TraditionalCStyleCastsUsed.ql +++ b/cpp/autosar/src/rules/A5-2-2/TraditionalCStyleCastsUsed.ql @@ -66,4 +66,5 @@ where l = c and supplementary = "" ) -select c, "Use of explicit c-style cast" + extraMessage, l, supplementary +select c, "Use of explicit c-style cast to " + c.getType().getName() + extraMessage + ".", l, + supplementary diff --git a/cpp/autosar/test/rules/A5-2-2/TraditionalCStyleCastsUsed.expected b/cpp/autosar/test/rules/A5-2-2/TraditionalCStyleCastsUsed.expected index b9a305eb91..291eb53348 100644 --- a/cpp/autosar/test/rules/A5-2-2/TraditionalCStyleCastsUsed.expected +++ b/cpp/autosar/test/rules/A5-2-2/TraditionalCStyleCastsUsed.expected @@ -1,7 +1,7 @@ -| test.cpp:8:22:8:37 | (uint32_t)... | Use of explicit c-style cast | test.cpp:8:22:8:37 | (uint32_t)... | | -| test.cpp:9:22:9:32 | (unsigned int)... | Use of explicit c-style cast | test.cpp:9:22:9:32 | (unsigned int)... | | -| test.cpp:15:3:15:13 | (void)... | Use of explicit c-style cast | test.cpp:15:3:15:13 | (void)... | | -| test.cpp:77:3:77:11 | (int)... | Use of explicit c-style cast generated from macro $@ | test.cpp:70:1:70:31 | #define ADD_ONE(x) ((int)x) + 1 | ADD_ONE | -| test.cpp:79:3:79:18 | (int)... | Use of explicit c-style cast generated from macro $@ | test.cpp:71:1:71:36 | #define NESTED_ADD_ONE(x) ADD_ONE(x) | NESTED_ADD_ONE | -| test.cpp:85:19:85:26 | (int)... | Use of explicit c-style cast | test.cpp:85:19:85:26 | (int)... | | -| test.cpp:86:27:86:34 | (int)... | Use of explicit c-style cast | test.cpp:86:27:86:34 | (int)... | | +| test.cpp:8:22:8:37 | (uint32_t)... | Use of explicit c-style cast to uint32_t. | test.cpp:8:22:8:37 | (uint32_t)... | | +| test.cpp:9:22:9:32 | (unsigned int)... | Use of explicit c-style cast to unsigned int. | test.cpp:9:22:9:32 | (unsigned int)... | | +| test.cpp:15:3:15:13 | (void)... | Use of explicit c-style cast to void. | test.cpp:15:3:15:13 | (void)... | | +| test.cpp:77:3:77:11 | (int)... | Use of explicit c-style cast to int generated from macro $@. | test.cpp:70:1:70:31 | #define ADD_ONE(x) ((int)x) + 1 | ADD_ONE | +| test.cpp:79:3:79:18 | (int)... | Use of explicit c-style cast to int generated from macro $@. | test.cpp:71:1:71:36 | #define NESTED_ADD_ONE(x) ADD_ONE(x) | NESTED_ADD_ONE | +| test.cpp:85:19:85:26 | (int)... | Use of explicit c-style cast to int. | test.cpp:85:19:85:26 | (int)... | | +| test.cpp:86:27:86:34 | (int)... | Use of explicit c-style cast to int. | test.cpp:86:27:86:34 | (int)... | | From 3f17a4695b8e2f4bc93a9650636724f8427f04e8 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 2 Nov 2022 23:05:29 +0000 Subject: [PATCH 0057/2573] A5-2-2: Add changenote for c-style cast library macros --- change_notes/2022-11-02-c-style-casts-library-macros.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 change_notes/2022-11-02-c-style-casts-library-macros.md diff --git a/change_notes/2022-11-02-c-style-casts-library-macros.md b/change_notes/2022-11-02-c-style-casts-library-macros.md new file mode 100644 index 0000000000..92bfa4c435 --- /dev/null +++ b/change_notes/2022-11-02-c-style-casts-library-macros.md @@ -0,0 +1,4 @@ + - `A5-2-2` - `TraditionalCStyleCastsUsed.ql` + - Reduced false positives by excluding casts generated by library macros (i.e. macros defined outside the source location) + - Improved the message to cite the macro which generated the c-style cast, if any. + - Improved the message to cite the type being casted to, to aid with identification and remediation. \ No newline at end of file From bb09ae94f57f5e2a0010d87e6516097d3faf826e Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 2 Nov 2022 23:45:45 +0000 Subject: [PATCH 0058/2573] M0-1-4: Exclude constexpr variables whose constant is used in a template argument. --- ...2022-11-02-m0-1-4-single-use-with-templates.md | 2 ++ .../src/rules/M0-1-4/SingleUsePODVariable.qll | 15 ++++++++++++++- .../M0-1-4/SingleUseMemberPODVariable.expected | 1 + cpp/autosar/test/rules/M0-1-4/test.cpp | 12 ++++++++++-- 4 files changed, 27 insertions(+), 3 deletions(-) create mode 100644 change_notes/2022-11-02-m0-1-4-single-use-with-templates.md diff --git a/change_notes/2022-11-02-m0-1-4-single-use-with-templates.md b/change_notes/2022-11-02-m0-1-4-single-use-with-templates.md new file mode 100644 index 0000000000..c6c2c5d99e --- /dev/null +++ b/change_notes/2022-11-02-m0-1-4-single-use-with-templates.md @@ -0,0 +1,2 @@ + - `M0-1-4` - `SingleUseMemberPODVariable.ql` + - Reduce false positives by excluding any constexpr variable whose constant value is used as an argument to a template. \ No newline at end of file diff --git a/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll b/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll index c750bb130c..c4e220549a 100644 --- a/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll +++ b/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll @@ -4,6 +4,12 @@ import cpp import codingstandards.cpp.TrivialType import codingstandards.cpp.deadcode.UnusedVariables +/** Gets the constant value of a constexpr variable. */ +private string getConstExprValue(Variable v) { + result = v.getInitializer().getExpr().getValue() and + v.isConstexpr() +} + /** Gets a "use" count according to rule M0-1-4. */ int getUseCount(Variable v) { exists(int initializers | @@ -12,7 +18,14 @@ int getUseCount(Variable v) { result = initializers + count(VariableAccess access | access = v.getAnAccess() and not access.isCompilerGenerated()) - + count(UserProvidedConstructorFieldInit cfi | cfi.getTarget() = v) + + count(UserProvidedConstructorFieldInit cfi | cfi.getTarget() = v) + + // For constexpr variables used as template arguments, we don't see accesses (just the + // appropriate literals). We therefore take a conservative approach and count the number of + // template instantiations that use the given constant, and consider each one to be a use + // of the variable + count(ClassTemplateInstantiation cti | + cti.getTemplateArgument(_).(Expr).getValue() = getConstExprValue(v) + ) ) } diff --git a/cpp/autosar/test/rules/M0-1-4/SingleUseMemberPODVariable.expected b/cpp/autosar/test/rules/M0-1-4/SingleUseMemberPODVariable.expected index f4309e7a4d..89d048d67a 100644 --- a/cpp/autosar/test/rules/M0-1-4/SingleUseMemberPODVariable.expected +++ b/cpp/autosar/test/rules/M0-1-4/SingleUseMemberPODVariable.expected @@ -1,3 +1,4 @@ +| test.cpp:36:24:36:29 | unused | Member POD variable unused in C1 is only $@. | test.cpp:36:31:36:31 | initializer for unused | used once | | test_global_or_namespace.cpp:16:7:16:7 | x | Member POD variable x in GA is only $@. | test_global_or_namespace.cpp:38:6:38:6 | x | used once | | test_global_or_namespace.cpp:54:7:54:7 | x | Member POD variable x in N1A is only $@. | test_global_or_namespace.cpp:76:6:76:6 | x | used once | | test_member.cpp:5:7:5:8 | m2 | Member POD variable m2 in A is only $@. | test_member.cpp:9:21:9:25 | constructor init of field m2 | used once | diff --git a/cpp/autosar/test/rules/M0-1-4/test.cpp b/cpp/autosar/test/rules/M0-1-4/test.cpp index 81391e444a..1bd8c09f39 100644 --- a/cpp/autosar/test/rules/M0-1-4/test.cpp +++ b/cpp/autosar/test/rules/M0-1-4/test.cpp @@ -1,5 +1,5 @@ /** Test cases for `SingleUseLocalPODVariable.ql` */ - +#include class A {}; class B { @@ -30,4 +30,12 @@ void test_templates() { f1(); // Triggers a NON_COMPLIANT case in f1(), because B is a POD type f1(); // Does not trigger a NON_COMPLIANT case in f1(), because C is not a // POD type -} \ No newline at end of file +} + +class C1 { + static constexpr int unused{1}; // NON_COMPLIANT + static constexpr int used{2}; // COMPLIANT + int test_use() { return used; } + static constexpr int size{3}; // COMPLIANT[FALSE_POSITIVE] + std::array array{false, false}; // size is used here +}; \ No newline at end of file From 8ec3b837cedf520b4dbbd85f01ee246c5cd063d2 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 3 Nov 2022 11:03:45 -0400 Subject: [PATCH 0059/2573] checkpoint --- .vscode/tasks.json | 1 + .../LanguageExtensionsShouldNotBeUsed.ql | 20 + ...LanguageExtensionsShouldNotBeUsed.expected | 1 + .../LanguageExtensionsShouldNotBeUsed.qlref | 1 + c/misra/test/rules/RULE-1-2/test.c | 361 ++++++++++++++++++ .../cpp/exclusions/c/Language2.qll | 25 ++ .../cpp/exclusions/c/RuleMetadata.qll | 3 + rule_packages/c/Language2.json | 24 ++ rules.csv | 2 +- 9 files changed, 437 insertions(+), 1 deletion(-) create mode 100644 c/misra/src/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql create mode 100644 c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.expected create mode 100644 c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.qlref create mode 100644 c/misra/test/rules/RULE-1-2/test.c create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/Language2.qll create mode 100644 rule_packages/c/Language2.json diff --git a/.vscode/tasks.json b/.vscode/tasks.json index d1f141cced..42f15d334a 100644 --- a/.vscode/tasks.json +++ b/.vscode/tasks.json @@ -221,6 +221,7 @@ "Iterators", "Lambdas", "Language1", + "Language2", "Literals", "Loops", "Macros", diff --git a/c/misra/src/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql b/c/misra/src/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql new file mode 100644 index 0000000000..eb676e2280 --- /dev/null +++ b/c/misra/src/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql @@ -0,0 +1,20 @@ +/** + * @id c/misra/language-extensions-should-not-be-used + * @name RULE-1-2: Language extensions should not be used + * @description Language extensions can have inconsistent behavior and should not be used. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/misra/id/rule-1-2 + * maintainability + * readability + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.c.misra + +from +where + not isExcluded(x, Language2Package::languageExtensionsShouldNotBeUsedQuery()) and +select diff --git a/c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.expected b/c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.qlref b/c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.qlref new file mode 100644 index 0000000000..965c95be2c --- /dev/null +++ b/c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.qlref @@ -0,0 +1 @@ +rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-1-2/test.c b/c/misra/test/rules/RULE-1-2/test.c new file mode 100644 index 0000000000..0a2ca37057 --- /dev/null +++ b/c/misra/test/rules/RULE-1-2/test.c @@ -0,0 +1,361 @@ +#include +#include +// Note: Clang aims to support both clang and gcc extensions. +// This test case has been designed using lists compiled from: +// - https://clang.llvm.org/docs/LanguageExtensions.html +// - https://gcc.gnu.org/onlinedocs/gcc/C-Extensions.html + +#ifdef __has_builtin // NON_COMPLIANT +#endif +#ifdef __has_constexpr_builtin // NON_COMPLIANT +#endif +#ifdef __has_feature // NON_COMPLIANT +#endif +#ifdef __has_extension // NON_COMPLIANT +#endif +#ifdef __has_c_attribute // NON_COMPLIANT +#endif +#ifdef __has_attribute // NON_COMPLIANT +#endif +#ifdef __has_declspec_attribute // NON_COMPLIANT +#endif +#ifdef __is_identifier // NON_COMPLIANT +#endif +#ifdef __has_include // NON_COMPLIANT +#endif +#ifdef __has_include_next // NON_COMPLIANT +#endif +#ifdef __has_warning // NON_COMPLIANT +#endif + +#define A __BASE_FILE__ // NON_COMPLIANT +#define B __FILE_NAME__ // NON_COMPLIANT +#define C __COUNTER__ // NON_COMPLIANT +#define D __INCLUDE_LEVEL__ // NON_COMPLIANT +#define E__TIMESTAMP__ // NON_COMPLIANT +#define F __clang__ // NON_COMPLIANT +#define G __clang_major__ // NON_COMPLIANT +#define H __clang_minor__ // NON_COMPLIANT +#define I __clang_patchlevel__ // NON_COMPLIANT +#define J __clang_version__ // NON_COMPLIANT +#define K __clang_literal_encoding__ // NON_COMPLIANT +#define L __clang_wide_literal_encoding__ // NON_COMPLIANT + +typedef float float4 __attribute__((ext_vector_type(4))); // NON_COMPLIANT +typedef float float2 __attribute__((ext_vector_type(2))); // NON_COMPLIANT + +// Requires additional compiler flags to change the architecture +// typedef __attribute__((neon_vector_type(8))) int8_t int8x8_t; +// typedef __attribute__((neon_polyvector_type(16))) poly8_t poly8x16_t; + +typedef int int4 __attribute__((vector_size(4 * sizeof(int)))); // NON_COMPLIANT + +typedef int v4si __attribute__((__vector_size__(16))); // NON_COMPLIANT +typedef float float4 __attribute__((ext_vector_type(4))); // NON_COMPLIANT +typedef float float2 __attribute__((ext_vector_type(2))); // NON_COMPLIANT + +//// GCC features +void gf1() { + ({ + int y = 1; + int z; // NON_COMPLIANT + if (y > 0) + z = y; + else + z = -y; + z; + }); +} + +void gf2() { + // __label__ found; -- local labels not supported by clang +} + +void gf3() { + void *ptr; + // goto *ptr; -- not supported in clang +} + +void gf4() { + // void gf4a(){ -- not supported in clang + // + // } +} + +void gf5() { + __builtin_setjmp(0); // NON_COMPLIANT + __builtin_longjmp(0, 1); // NON_COMPLIANT +} + +void gf6() { + // not supported by clang + + //__builtin_apply_args(); + //__builtin_apply(0, 0, 0); + //__builtin_return(0); + //__builtin_va_arg_pack(); + //__builtin_va_arg_pack_len(); +} + +void gf7() { + int a = 0 ?: 0; // NON_COMPLIANT +} + +void gf8() { + typeof(int *); // NON_COMPLIANT +} + +void gf9() { + __int128 a; // NON_COMPLIANT +} + +void gf10() { + long long int a; // NON_COMPLIANT +} + +void gf11() { + __real__(0); // NON_COMPLIANT + __imag__(0); // NON_COMPLIANT +} + +void gf12() {} + +void gf13() { + // not supported on clang + + //_Decimal32 a; + //_Decimal64 b; + //_Decimal128 c; +} + +void gf14() { + // Not sure how to get this to work. + // typedef _Complex float __attribute__((mode(TC))) _Complex128; + // typedef _Complex float __attribute__((mode(XC))) _Complex80; +} + +void gf15() { + float f = 0x1.fp3; // NON_COMPLIANT +} + +void gf16() { + char contents[0]; // NON_COMPLIANT +} + +void gf17() { + // const __flash char ** p; // not supported in clang +} + +void gf18() { + // not supported by extractor - checked by looking for flags. + + // short _Fract, _Fract; + // long _Fract; +} + +struct gf19 {}; // NON_COMPLIANT + +void gf20(int n) { + // struct S { int x[n]; }; // will never be supported in clang +} + +#define gf21(format, args...) \ + printf(format, args) // NON_COMPLIANT -- note the issue here is explicitly + // naming the arguments. +#define gf21a(format, ...) printf(format, __VA_ARGS__) // COMPLIANT + +#define gf22 \ + "a" \ + \ +"b" // NON_COMPLIANT - additional spaces after a backslash +#define gf22a \ + "a" \ + "b" // COMPLIANT + +struct gf23s { + int a[1]; +}; +struct gf23s gf23f(); +void gf23() { + gf23f().a[0]; // NON_COMPLIANT in C90 +} + +void gf24(int f, int g) { + float beat_freqs[2] = {f - g, f + g}; // NON_COMPLIANT +} + +void gf25t(int N, int M, double out[M][N], const double in[N][M]); +void gf25() { + double x[3][2]; + double y[2][3]; + gf25t(3, 2, y, + x); // NON_COMPLIANT - in ISO C the const qualifier is formally attached + // to the element type of the array and not the array itself +} + +struct gf26t { + int a; + char b[2]; +} gf26v; +void gf26(int x, int y) { + gf26v = ((struct gf26t){x + y, 'z', 0}); // NON_COMPLIANT - compound literal +} + +void gf27() { + int a[6] = {[4] = 29, [2] = 15}; // NON_COMPLIANT in C90. +} + +void gf28() { + int a; + + // switch(a){ + // case: 0 ... 5: // Not supported in clang. + // ;; + // break; + // default: + // ;; + // break; + // } +} + +union gf29u { + int i; + double j; +}; + +void gf29() { + int x; + int y; + union gf29u z; + z = (union gf29u)x; // NON_COMPLIANT + z = (union gf29u)y; // NON_COMPLIANT +} + +__attribute__((access(read_only, 1))) int +gf30(const char *); // NON_COMPLIANT -- attributes are not portable. + +extern int __attribute__((alias("var_target"))) +gf31; // NON_COMPLIANT -- attributes are not portable. + +struct __attribute__((aligned(8))) gf32 { + short f[3]; +}; // NON_COMPLIANT -- attributes are not portable. + +void gf33() { +gf33l: + __attribute__((cold, unused)); // NON_COMPLIANT + return; +} + +enum gf34 { + oldval __attribute__((deprecated)), // NON_COMPLIANT + newval +}; + +void gf35() { + int x; + // __attribute__((assume(x == 42))); - Not supported in clang + + switch (x) { + case 1: + printf(""); + __attribute__((fallthrough)); // NON_COMPLIANT + case 2: + break; + } +} + +// Not supported in clang. +// int gf36 (uid_t); + +// int +// gf36 (int x) +// { +// return x == 0; +// } + +void gf37() { + int a$1; // NON_COMPLIANT +} + +void gf38() { + const char *c = "test\e"; // NON_COMPLIANT +} + +struct gf39s { + int x; + char y; +} gf39v; + +void gf39() { + __alignof__(gf39v.x); // NON_COMPLIANT +} + +// enum gf40 {}; // not supported in clang + +void gf41() { + printf("__FUNCTION__ = %s\n", __FUNCTION__); // NON_COMPLIANT + printf("__PRETTY_FUNCTION__ = %s\n", __PRETTY_FUNCTION__); // NON_COMPLIANT +} + +void gf42() { + __builtin_extract_return_addr(0); + __builtin_frob_return_addr(0); + __builtin_frame_address(0); +} + +struct gf43s { + int x; + char y; +} gf43v; + +void gf43() { + __builtin_offsetof(struct gf43s, x); // NON_COMPLIANT +} + +struct gf44s { + int x; + char y; +} gf44v; + +void gf44() { + int i; + __sync_fetch_and_add(&i, 0); // NON_COMPLIANT + __sync_fetch_and_sub(&i, 0); // NON_COMPLIANT + __sync_fetch_and_or(&i, 0); // NON_COMPLIANT + __sync_fetch_and_and(&i, 0); // NON_COMPLIANT + __sync_fetch_and_xor(&i, 0); // NON_COMPLIANT + __sync_fetch_and_nand(&i, 0); // NON_COMPLIANT + __sync_add_and_fetch(&i, 0); // NON_COMPLIANT + __sync_sub_and_fetch(&i, 0); // NON_COMPLIANT + __sync_or_and_fetch(&i, 0); // NON_COMPLIANT + __sync_and_and_fetch(&i, 0); // NON_COMPLIANT + __sync_xor_and_fetch(&i, 0); // NON_COMPLIANT + __sync_nand_and_fetch(&i, 0); // NON_COMPLIANT + + __sync_bool_compare_and_swap(&i, 0, 0); + __sync_val_compare_and_swap(&i, 0, 0); + __sync_lock_test_and_set(&i, 0, 0); + __sync_lock_release(&i, 0); +} + +void gf45() { + int i = 0b101010; // NON_COMPLIANT +} + +__thread int gf46; // NON_COMPLIANT + +void gf47() { // NON_COMPLIANT in versions < C11. + struct { + int a; + union { + int b; + float c; + }; + int d; + } f; +} + +void gf48(){ + __builtin_alloca(0); // NON_COMPLIANT (all __builtin functions are non-compliant.) +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Language2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Language2.qll new file mode 100644 index 0000000000..a7a3836736 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Language2.qll @@ -0,0 +1,25 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype Language2Query = TLanguageExtensionsShouldNotBeUsedQuery() + +predicate isLanguage2QueryMetadata(Query query, string queryId, string ruleId) { + query = + // `Query` instance for the `languageExtensionsShouldNotBeUsed` query + Language2Package::languageExtensionsShouldNotBeUsedQuery() and + queryId = + // `@id` for the `languageExtensionsShouldNotBeUsed` query + "c/misra/language-extensions-should-not-be-used" and + ruleId = "RULE-1-2" +} + +module Language2Package { + Query languageExtensionsShouldNotBeUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `languageExtensionsShouldNotBeUsed` query + TQueryC(TLanguage2PackageQuery(TLanguageExtensionsShouldNotBeUsedQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index ad05d9b737..69fc7d2d07 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -21,6 +21,7 @@ import IO2 import IO3 import IO4 import Language1 +import Language2 import Misc import Pointers1 import Pointers2 @@ -57,6 +58,7 @@ newtype TCQuery = TIO3PackageQuery(IO3Query q) or TIO4PackageQuery(IO4Query q) or TLanguage1PackageQuery(Language1Query q) or + TLanguage2PackageQuery(Language2Query q) or TMiscPackageQuery(MiscQuery q) or TPointers1PackageQuery(Pointers1Query q) or TPointers2PackageQuery(Pointers2Query q) or @@ -93,6 +95,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId) { isIO3QueryMetadata(query, queryId, ruleId) or isIO4QueryMetadata(query, queryId, ruleId) or isLanguage1QueryMetadata(query, queryId, ruleId) or + isLanguage2QueryMetadata(query, queryId, ruleId) or isMiscQueryMetadata(query, queryId, ruleId) or isPointers1QueryMetadata(query, queryId, ruleId) or isPointers2QueryMetadata(query, queryId, ruleId) or diff --git a/rule_packages/c/Language2.json b/rule_packages/c/Language2.json new file mode 100644 index 0000000000..e1b2ea553b --- /dev/null +++ b/rule_packages/c/Language2.json @@ -0,0 +1,24 @@ +{ + "MISRA-C-2012": { + "RULE-1-2": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "Language extensions can have inconsistent behavior and should not be used.", + "kind": "problem", + "name": "Language extensions should not be used", + "precision": "high", + "severity": "error", + "short_name": "LanguageExtensionsShouldNotBeUsed", + "tags": [ + "maintainability", + "readability" + ] + } + ], + "title": "Language extensions should not be used" + } + } +} \ No newline at end of file diff --git a/rules.csv b/rules.csv index 8cd7a19ed4..2477d5072a 100644 --- a/rules.csv +++ b/rules.csv @@ -600,7 +600,7 @@ c,CERT-C,STR37-C,Yes,Rule,,,Arguments to character-handling functions must be re c,CERT-C,STR38-C,Yes,Rule,,,Do not confuse narrow and wide character strings and functions,,Strings3,Medium, c,CERT-C,WIN30-C,OutOfScope,Rule,,,Properly pair allocation and deallocation functions,DCL54-CPP,,Easy, c,MISRA-C-2012,RULE-1-1,No,Required,,,Any implementation-defined behaviour on which the output of the program depends shall be documented and understood,,,, -c,MISRA-C-2012,RULE-2-1,Yes,Required,,,All source files shall compile without any compilation errors,A1-4-3,Language,Medium, +c,MISRA-C-2012,DIR-2-1,Yes,Required,,,All source files shall compile without any compilation errors,A1-4-3,Language,Medium, c,MISRA-C-2012,RULE-3-1,No,Required,,,All code shall be traceable to documented requirements,,,, c,MISRA-C-2012,RULE-4-1,No,Required,,,Run-time failures shall be minimized,,,, c,MISRA-C-2012,RULE-4-2,Yes,Advisory,,,All usage of assembly language should be documented,M7-4-1,Language,Import, From 9a2090ab80999d137acae4b5522091cc1dc49177 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 3 Nov 2022 11:04:23 -0400 Subject: [PATCH 0060/2573] fix rule --- rules.csv | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rules.csv b/rules.csv index ec8b29eaf9..17560ac168 100644 --- a/rules.csv +++ b/rules.csv @@ -600,7 +600,7 @@ c,CERT-C,STR37-C,Yes,Rule,,,Arguments to character-handling functions must be re c,CERT-C,STR38-C,Yes,Rule,,,Do not confuse narrow and wide character strings and functions,,Strings3,Medium, c,CERT-C,WIN30-C,OutOfScope,Rule,,,Properly pair allocation and deallocation functions,DCL54-CPP,,Easy, c,MISRA-C-2012,RULE-1-1,No,Required,,,Any implementation-defined behaviour on which the output of the program depends shall be documented and understood,,,, -c,MISRA-C-2012,RULE-2-1,Yes,Required,,,All source files shall compile without any compilation errors,A1-4-3,Language,Medium, +c,MISRA-C-2012,DIR-2-1,Yes,Required,,,All source files shall compile without any compilation errors,A1-4-3,Language,Medium, c,MISRA-C-2012,RULE-3-1,No,Required,,,All code shall be traceable to documented requirements,,,, c,MISRA-C-2012,RULE-4-1,No,Required,,,Run-time failures shall be minimized,,,, c,MISRA-C-2012,RULE-4-2,Yes,Advisory,,,All usage of assembly language should be documented,M7-4-1,Language,Import, From 55b5fad5f55e64e322ab67b509f093a34fe3fa34 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 3 Nov 2022 11:56:14 -0400 Subject: [PATCH 0061/2573] scripts to check rules --- .../PSCodingStandards/Get-RulesFromCSV.ps1 | 29 ++++++++++++ scripts/util/Get-DuplicateRules.ps1 | 46 +++++++++++++++++++ 2 files changed, 75 insertions(+) create mode 100644 scripts/PSCodingStandards/Get-RulesFromCSV.ps1 create mode 100644 scripts/util/Get-DuplicateRules.ps1 diff --git a/scripts/PSCodingStandards/Get-RulesFromCSV.ps1 b/scripts/PSCodingStandards/Get-RulesFromCSV.ps1 new file mode 100644 index 0000000000..54c29668e4 --- /dev/null +++ b/scripts/PSCodingStandards/Get-RulesFromCSV.ps1 @@ -0,0 +1,29 @@ +function Get-RulesFromCSV { + param( + [ValidateSet('c', 'cpp', 'all')] + [string] + $Language = 'all') + + + $csvFile = (Join-Path (Get-RepositoryRoot) "rules.csv") + + Write-Host "Loading rules for language=$Language from file $csvFile..." + + $csv = Import-Csv $csvFile + $filteredCSV = @() + # don't filter if not neeeded + if ($Language -eq 'all'){ + $filteredCSV = $csv + }else{ + foreach($rule in $csv){ + if($rule.Language -eq $Language){ + $filteredCSV += $rule + } + } + } + + Write-Host "Loaded $($filteredCSV.Length) rules." + + return $csv + +} \ No newline at end of file diff --git a/scripts/util/Get-DuplicateRules.ps1 b/scripts/util/Get-DuplicateRules.ps1 new file mode 100644 index 0000000000..34ff565587 --- /dev/null +++ b/scripts/util/Get-DuplicateRules.ps1 @@ -0,0 +1,46 @@ +#!/usr/bin/env pwsh +param( + [ValidateSet('c', 'cpp', 'all')] + [string] + $Language = 'all', + [switch] + $CIMode + +) + +Import-Module -Name "$PSScriptRoot\..\PSCodingStandards\CodingStandards" + +# load the rules. +$rules = Get-RulesFromCSV -Language $Language + +# find out duplicates +$counter = @{} + +foreach($rule in $rules){ + if($counter.Contains($rule.ID)){ + $counter[$rule.ID] += $rule + }else{ + $counter[$rule.ID] = @() + $counter[$rule.ID] += $rule + } +} + +$duplicates = @() +$numDuplicates = 0 + +foreach($k in $counter.Keys){ + if($counter[$k].Count -gt 1){ + $numDuplicates = $numDuplicates + 1 + foreach($v in $counter[$k]){ + $duplicates += $v + } + } +} + +$duplicates | Format-Table + +if(($CIMode) -and ($numDuplicates -gt 0)){ + throw "Found $numDuplicates duplicate Rule IDs" +}else{ + Write-Host "Found $numDuplicates duplicate Rule IDs" +} \ No newline at end of file From 0656a18589451b6cb1d6e6503646b6a9ef29c462 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 3 Nov 2022 18:20:32 +0100 Subject: [PATCH 0062/2573] Reformat test files with clang-format v14 --- cpp/autosar/test/rules/A5-1-9/test.cpp | 8 +-- cpp/autosar/test/rules/A5-2-2/test.cpp | 4 +- ...lyingBaseTypeNotExplicitlyDefined.expected | 2 +- cpp/autosar/test/rules/A7-2-2/test.cpp | 16 +++-- ...onsNotDeclaredAsScopedEnumClasses.expected | 2 +- cpp/autosar/test/rules/A7-2-3/test.cpp | 24 +++++-- ...rstOrAllEnumeratorsNotInitialized.expected | 8 +-- cpp/autosar/test/rules/A7-2-4/test.cpp | 68 +++++++++++++------ cpp/autosar/test/rules/A8-4-5/test.cpp | 2 +- cpp/autosar/test/rules/A8-4-6/test.cpp | 4 +- cpp/autosar/test/rules/M6-4-5/test.cpp | 2 +- cpp/autosar/test/rules/M8-4-4/test.cpp | 2 +- 12 files changed, 93 insertions(+), 49 deletions(-) diff --git a/cpp/autosar/test/rules/A5-1-9/test.cpp b/cpp/autosar/test/rules/A5-1-9/test.cpp index 5d1f455d51..466cf14dfa 100644 --- a/cpp/autosar/test/rules/A5-1-9/test.cpp +++ b/cpp/autosar/test/rules/A5-1-9/test.cpp @@ -86,16 +86,16 @@ void test_noncompliant() { #include class Test_issue468 { public: - template static void LogInfo(const As &... rest) { + template static void LogInfo(const As &...rest) { [](const std::string &s) -> void { LogInfo(s); }; // COMPLIANT } - template static void LogWarn(const As &... rest) { + template static void LogWarn(const As &...rest) { [](const std::string &s) -> void { LogWarn(s); }; // COMPLIANT } - template static void LogError(const As &... rest) { + template static void LogError(const As &...rest) { [](const std::string &s) -> void { LogError(s); }; // NON_COMPLIANT } - template static void LogFatal(const As &... rest) { + template static void LogFatal(const As &...rest) { [](const std::string &s) -> void { LogError(s); }; // NON_COMPLIANT } void instantiate() { diff --git a/cpp/autosar/test/rules/A5-2-2/test.cpp b/cpp/autosar/test/rules/A5-2-2/test.cpp index 23820114cb..7a0aef3eb3 100644 --- a/cpp/autosar/test/rules/A5-2-2/test.cpp +++ b/cpp/autosar/test/rules/A5-2-2/test.cpp @@ -45,12 +45,12 @@ void test_cpp_style_cast() { class A5_2_2a { public: template - static void Foo(const std::string &name, As &&... rest) { + static void Foo(const std::string &name, As &&...rest) { Fun(Log( std::forward(rest)...)); // COMPLIANT - reported as a false positive } - template static std::string Log(As &&... tail) { + template static std::string Log(As &&...tail) { return std::string(); } diff --git a/cpp/autosar/test/rules/A7-2-2/EnumerationUnderlyingBaseTypeNotExplicitlyDefined.expected b/cpp/autosar/test/rules/A7-2-2/EnumerationUnderlyingBaseTypeNotExplicitlyDefined.expected index d9c51d2b77..4d4c944f3f 100644 --- a/cpp/autosar/test/rules/A7-2-2/EnumerationUnderlyingBaseTypeNotExplicitlyDefined.expected +++ b/cpp/autosar/test/rules/A7-2-2/EnumerationUnderlyingBaseTypeNotExplicitlyDefined.expected @@ -1,2 +1,2 @@ | test.cpp:1:6:1:6 | C | Base type of enumeration is not explicitly specified. | -| test.cpp:3:12:3:12 | A | Base type of enumeration is not explicitly specified. | +| test.cpp:5:12:5:12 | A | Base type of enumeration is not explicitly specified. | diff --git a/cpp/autosar/test/rules/A7-2-2/test.cpp b/cpp/autosar/test/rules/A7-2-2/test.cpp index e55ab81c6d..5d0170bb93 100644 --- a/cpp/autosar/test/rules/A7-2-2/test.cpp +++ b/cpp/autosar/test/rules/A7-2-2/test.cpp @@ -1,8 +1,16 @@ enum C // NON_COMPLIANT -{ c1 }; +{ + c1 +}; enum class A // NON_COMPLIANT -{ a1 }; +{ + a1 +}; enum class B : int // COMPLIANT -{ b1 }; +{ + b1 +}; enum D : int // COMPLIANT -{ d1 }; +{ + d1 +}; diff --git a/cpp/autosar/test/rules/A7-2-3/EnumerationsNotDeclaredAsScopedEnumClasses.expected b/cpp/autosar/test/rules/A7-2-3/EnumerationsNotDeclaredAsScopedEnumClasses.expected index 3d3d208004..1e7b97e1f0 100644 --- a/cpp/autosar/test/rules/A7-2-3/EnumerationsNotDeclaredAsScopedEnumClasses.expected +++ b/cpp/autosar/test/rules/A7-2-3/EnumerationsNotDeclaredAsScopedEnumClasses.expected @@ -1,2 +1,2 @@ | test.cpp:1:6:1:6 | C | Enum C is not a scoped enum. | -| test.cpp:11:6:11:6 | D | Enum D is not a scoped enum. | +| test.cpp:21:6:21:6 | D | Enum D is not a scoped enum. | diff --git a/cpp/autosar/test/rules/A7-2-3/test.cpp b/cpp/autosar/test/rules/A7-2-3/test.cpp index 3a9dd414a3..76e3a9d78d 100644 --- a/cpp/autosar/test/rules/A7-2-3/test.cpp +++ b/cpp/autosar/test/rules/A7-2-3/test.cpp @@ -1,12 +1,24 @@ enum C // NON_COMPLIANT -{ c1 }; +{ + c1 +}; enum class A // COMPLIANT - Violates a different rule (A7-2-2) -{ a1 }; +{ + a1 +}; enum struct A1 // COMPLIANT - Violates a different rule (A7-2-2) -{ a12 }; +{ + a12 +}; enum class B : int // COMPLIANT -{ b1 }; +{ + b1 +}; enum struct B1 : int // COMPLIANT -{ b12 }; +{ + b12 +}; enum D : int // NON_COMPLIANT -{ d1 }; \ No newline at end of file +{ + d1 +}; \ No newline at end of file diff --git a/cpp/autosar/test/rules/A7-2-4/NoneFirstOrAllEnumeratorsNotInitialized.expected b/cpp/autosar/test/rules/A7-2-4/NoneFirstOrAllEnumeratorsNotInitialized.expected index dd75f69bff..f4ce14aac2 100644 --- a/cpp/autosar/test/rules/A7-2-4/NoneFirstOrAllEnumeratorsNotInitialized.expected +++ b/cpp/autosar/test/rules/A7-2-4/NoneFirstOrAllEnumeratorsNotInitialized.expected @@ -1,4 +1,4 @@ -| test.cpp:9:12:9:13 | A2 | Neither none, the first, or all enumerated constants are initialized in this enumeration. | -| test.cpp:33:14:33:15 | B3 | Neither none, the first, or all enumerated constants are initialized in this enumeration. | -| test.cpp:45:6:45:6 | D | Neither none, the first, or all enumerated constants are initialized in this enumeration. | -| test.cpp:53:6:53:7 | E1 | Neither none, the first, or all enumerated constants are initialized in this enumeration. | +| test.cpp:13:12:13:13 | A2 | Neither none, the first, or all enumerated constants are initialized in this enumeration. | +| test.cpp:47:14:47:15 | B3 | Neither none, the first, or all enumerated constants are initialized in this enumeration. | +| test.cpp:63:6:63:6 | D | Neither none, the first, or all enumerated constants are initialized in this enumeration. | +| test.cpp:75:6:75:7 | E1 | Neither none, the first, or all enumerated constants are initialized in this enumeration. | diff --git a/cpp/autosar/test/rules/A7-2-4/test.cpp b/cpp/autosar/test/rules/A7-2-4/test.cpp index 943a7944cb..51f7df642c 100644 --- a/cpp/autosar/test/rules/A7-2-4/test.cpp +++ b/cpp/autosar/test/rules/A7-2-4/test.cpp @@ -1,55 +1,79 @@ enum class A // COMPLIANT -{ a1 }; +{ + a1 +}; enum class A1 // COMPLIANT -{ a1 = 0, +{ + a1 = 0, a2 = 1, - a3 = 2 }; + a3 = 2 +}; enum class A2 // NON_COMPLIANT -{ a1, +{ + a1, a2 = 0, - a3 }; + a3 +}; enum class A3 // COMPLIANT -{ a1 = 0, +{ + a1 = 0, a2, - a3 }; + a3 +}; enum class B : int // COMPLIANT -{ b1 }; +{ + b1 +}; enum class B1 : int // COMPLIANT -{ b1, +{ + b1, b2, - b3 }; + b3 +}; enum class B2 : int // COMPLIANT -{ b1 = 0, +{ + b1 = 0, b2, - b3 }; + b3 +}; int f() { enum class B3 : int // NON_COMPLIANT - { b1, + { + b1, b2 = 0, - b3 = 0 }; + b3 = 0 + }; return 0; } enum C // COMPLIANT -{ c1, - c2 }; +{ + c1, + c2 +}; enum D // NON_COMPLIANT -{ d1, - d2 = 0 }; +{ + d1, + d2 = 0 +}; enum E : int // COMPLIANT -{ e1, - e2 }; +{ + e1, + e2 +}; enum E1 : int // NON_COMPLIANT -{ e11, - e22 = 0 }; \ No newline at end of file +{ + e11, + e22 = 0 +}; \ No newline at end of file diff --git a/cpp/autosar/test/rules/A8-4-5/test.cpp b/cpp/autosar/test/rules/A8-4-5/test.cpp index 0bb81d7851..65468aab22 100644 --- a/cpp/autosar/test/rules/A8-4-5/test.cpp +++ b/cpp/autosar/test/rules/A8-4-5/test.cpp @@ -48,7 +48,7 @@ class TestClass4 { // template type template -T test_forward(X &&... f) { // forward parameter +T test_forward(X &&...f) { // forward parameter return T{std::forward(f)...}; // COMPLIANT } diff --git a/cpp/autosar/test/rules/A8-4-6/test.cpp b/cpp/autosar/test/rules/A8-4-6/test.cpp index 489ac5d498..bc01e083b0 100644 --- a/cpp/autosar/test/rules/A8-4-6/test.cpp +++ b/cpp/autosar/test/rules/A8-4-6/test.cpp @@ -10,8 +10,8 @@ class TestClass2 { explicit TestClass2(const std::vector &v); }; // template type -template T make(X &&... x) { // forward param - return T{std::forward(x)...}; // COMPLIANT +template T make(X &&...x) { // forward param + return T{std::forward(x)...}; // COMPLIANT } // template type template T make2(U &&x) { // forward param diff --git a/cpp/autosar/test/rules/M6-4-5/test.cpp b/cpp/autosar/test/rules/M6-4-5/test.cpp index 84abf45278..9ba65c8e7b 100644 --- a/cpp/autosar/test/rules/M6-4-5/test.cpp +++ b/cpp/autosar/test/rules/M6-4-5/test.cpp @@ -40,6 +40,6 @@ void test_switchclause_termination2(int expression) { k = i; } default: // NON_COMPLIANT - ; + ; } } diff --git a/cpp/autosar/test/rules/M8-4-4/test.cpp b/cpp/autosar/test/rules/M8-4-4/test.cpp index aaf5ed055f..a1cd147aa8 100644 --- a/cpp/autosar/test/rules/M8-4-4/test.cpp +++ b/cpp/autosar/test/rules/M8-4-4/test.cpp @@ -25,7 +25,7 @@ void test_function_identifier_f2() { template static void Log(const F kF) {} -template static void LogFatal(const As &... rest) { +template static void LogFatal(const As &...rest) { Log([](const std::string &s) -> void {}); // COMPLIANT } From 62900c62987f4b2b4088b45815c1aff3e6ed306b Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 3 Nov 2022 17:35:00 +0000 Subject: [PATCH 0063/2573] Use a fixed Ubuntu version Avoid incidental breakages that can occur when using ubuntu-latest and the version is upgraded (for example, clang-format changing). --- .github/workflows/bump-version.yml | 2 +- .github/workflows/code-scanning-pack-gen.yml | 4 ++-- .github/workflows/codeql_unit_tests.yml | 4 ++-- .github/workflows/create-draft-release.yml | 2 +- .github/workflows/generate-html-docs.yml | 2 +- .github/workflows/standard_library_upgrade_tests.yml | 4 ++-- .github/workflows/upgrade_codeql_dependencies.yml | 2 +- .github/workflows/validate-coding-standards.yml | 10 +++++----- 8 files changed, 15 insertions(+), 15 deletions(-) diff --git a/.github/workflows/bump-version.yml b/.github/workflows/bump-version.yml index aa3bb668ca..dad7061670 100644 --- a/.github/workflows/bump-version.yml +++ b/.github/workflows/bump-version.yml @@ -10,7 +10,7 @@ on: jobs: apply-version-bump: - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 name: Apply Version Bump steps: - name: Checkout diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index 0814e059e8..d277fa45e5 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -19,7 +19,7 @@ env: jobs: prepare-code-scanning-pack-matrix: name: Prepare CodeQL Code Scanning pack matrix - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 outputs: matrix: ${{ steps.export-code-scanning-pack-matrix.outputs.matrix }} steps: @@ -36,7 +36,7 @@ jobs: create-code-scanning-pack: name: Create Code Scanning pack needs: prepare-code-scanning-pack-matrix - runs-on: ubuntu-20.04-xl + runs-on: ubuntu-22.04-xl strategy: fail-fast: false matrix: ${{ fromJSON(needs.prepare-code-scanning-pack-matrix.outputs.matrix) }} diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index 1a2374d19d..b23bc0cc19 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -14,7 +14,7 @@ on: jobs: prepare-unit-test-matrix: name: Prepare CodeQL unit test matrix - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 outputs: matrix: ${{ steps.export-unit-test-matrix.outputs.matrix }} steps: @@ -157,7 +157,7 @@ jobs: validate-test-results: name: Validate test results needs: [run-test-suites] - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Collect test results uses: actions/download-artifact@v2 diff --git a/.github/workflows/create-draft-release.yml b/.github/workflows/create-draft-release.yml index 43bf8cac06..932c1f2abb 100644 --- a/.github/workflows/create-draft-release.yml +++ b/.github/workflows/create-draft-release.yml @@ -21,7 +21,7 @@ on: jobs: create-draft-release: name: Create draft release - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 env: # AWS CONFIGURATION AWS_EC2_INSTANCE_TYPE: ${{ github.event.inputs.aws_ec2_instance_type }} diff --git a/.github/workflows/generate-html-docs.yml b/.github/workflows/generate-html-docs.yml index 0142c2feed..1093715ad4 100644 --- a/.github/workflows/generate-html-docs.yml +++ b/.github/workflows/generate-html-docs.yml @@ -15,7 +15,7 @@ on: jobs: generate-html-doc: name: Generate HTML documentation - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Checkout uses: actions/checkout@v2 diff --git a/.github/workflows/standard_library_upgrade_tests.yml b/.github/workflows/standard_library_upgrade_tests.yml index 0a4e58dbd3..a03b43c36f 100644 --- a/.github/workflows/standard_library_upgrade_tests.yml +++ b/.github/workflows/standard_library_upgrade_tests.yml @@ -14,7 +14,7 @@ on: jobs: prepare-unit-test-matrix: name: Prepare CodeQL unit test matrix - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 outputs: matrix: ${{ steps.export-unit-test-matrix.outputs.matrix }} steps: @@ -154,7 +154,7 @@ jobs: validate-test-results: name: Validate test results needs: [run-test-suites] - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Install Python uses: actions/setup-python@v4 diff --git a/.github/workflows/upgrade_codeql_dependencies.yml b/.github/workflows/upgrade_codeql_dependencies.yml index 01f8bcf339..b06ec6f49c 100644 --- a/.github/workflows/upgrade_codeql_dependencies.yml +++ b/.github/workflows/upgrade_codeql_dependencies.yml @@ -20,7 +20,7 @@ jobs: env: CODEQL_CLI_VERSION: ${{ github.event.inputs.codeql_cli_version }} CODEQL_LIB_COMMIT: ${{ github.event.inputs.codeql_standard_library_commit }} - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Checkout uses: actions/checkout@v2 diff --git a/.github/workflows/validate-coding-standards.yml b/.github/workflows/validate-coding-standards.yml index f7fc7563a1..adc2b32908 100644 --- a/.github/workflows/validate-coding-standards.yml +++ b/.github/workflows/validate-coding-standards.yml @@ -18,7 +18,7 @@ env: jobs: validate-package-files: name: Validate Package Files - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Checkout uses: actions/checkout@v2 @@ -63,7 +63,7 @@ jobs: validate-codeql-format: name: "Validate CodeQL Format" - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Checkout uses: actions/checkout@v2 @@ -94,7 +94,7 @@ jobs: validate-query-help-files: name: Validate Query Help Files - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Checkout uses: actions/checkout@v2 @@ -129,7 +129,7 @@ jobs: validate-cpp-test-files: name: Validate C++ Test Files - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Checkout uses: actions/checkout@v2 @@ -152,7 +152,7 @@ jobs: validate-c-test-files: name: Validate C Test Files - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Checkout uses: actions/checkout@v2 From de1d2167b77ef19257437a13732c16f2b5a763b3 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 3 Nov 2022 13:48:18 -0400 Subject: [PATCH 0064/2573] validate rules --- .github/workflows/validate-rules-csv.yml | 28 ++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 .github/workflows/validate-rules-csv.yml diff --git a/.github/workflows/validate-rules-csv.yml b/.github/workflows/validate-rules-csv.yml new file mode 100644 index 0000000000..df4ec09e6b --- /dev/null +++ b/.github/workflows/validate-rules-csv.yml @@ -0,0 +1,28 @@ +name: ⚙️ Validate Rules CSV + +on: + push: + branches: + - main + - "rc/**" + - next + pull_request: + branches: + - main + - "rc/**" + - next + + +jobs: + validate-rules-csv: + name: Validate Rules CSV + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v2 + + - name: Check Rules + shell: pwsh + run: scripts/util/Get-DuplicateRules.ps1 -Language 'all' -CIMode + + \ No newline at end of file From 5dbfb5245ee15a53e7eb01659b0b20d9cfe58cbd Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 3 Nov 2022 13:55:42 -0400 Subject: [PATCH 0065/2573] make better keys --- scripts/util/Get-DuplicateRules.ps1 | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/scripts/util/Get-DuplicateRules.ps1 b/scripts/util/Get-DuplicateRules.ps1 index 34ff565587..5090f4628c 100644 --- a/scripts/util/Get-DuplicateRules.ps1 +++ b/scripts/util/Get-DuplicateRules.ps1 @@ -17,11 +17,12 @@ $rules = Get-RulesFromCSV -Language $Language $counter = @{} foreach($rule in $rules){ - if($counter.Contains($rule.ID)){ - $counter[$rule.ID] += $rule + $key = "$($rule.Language):$($rule.Standard):$($rule.ID)" + if($counter.Contains($key)){ + $counter[$key] += $rule }else{ - $counter[$rule.ID] = @() - $counter[$rule.ID] += $rule + $counter[$key] = @() + $counter[$key] += $rule } } From f3ec77fa83aa5afb7a67fea3ea58c6f08dc72ce4 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 3 Nov 2022 14:01:13 -0400 Subject: [PATCH 0066/2573] fixes to rules --- rules.csv | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/rules.csv b/rules.csv index 17560ac168..b10e97a9ba 100644 --- a/rules.csv +++ b/rules.csv @@ -599,23 +599,23 @@ c,CERT-C,STR34-C,Yes,Rule,,,Cast characters to unsigned char before converting t c,CERT-C,STR37-C,Yes,Rule,,,Arguments to character-handling functions must be representable as an unsigned char,,Strings2,Medium, c,CERT-C,STR38-C,Yes,Rule,,,Do not confuse narrow and wide character strings and functions,,Strings3,Medium, c,CERT-C,WIN30-C,OutOfScope,Rule,,,Properly pair allocation and deallocation functions,DCL54-CPP,,Easy, -c,MISRA-C-2012,RULE-1-1,No,Required,,,Any implementation-defined behaviour on which the output of the program depends shall be documented and understood,,,, +c,MISRA-C-2012,DIR-1-1,No,Required,,,Any implementation-defined behaviour on which the output of the program depends shall be documented and understood,,,, c,MISRA-C-2012,DIR-2-1,Yes,Required,,,All source files shall compile without any compilation errors,A1-4-3,Language,Medium, -c,MISRA-C-2012,RULE-3-1,No,Required,,,All code shall be traceable to documented requirements,,,, -c,MISRA-C-2012,RULE-4-1,No,Required,,,Run-time failures shall be minimized,,,, -c,MISRA-C-2012,RULE-4-2,Yes,Advisory,,,All usage of assembly language should be documented,M7-4-1,Language,Import, +c,MISRA-C-2012,DIR-3-1,No,Required,,,All code shall be traceable to documented requirements,,,, +c,MISRA-C-2012,DIR-4-1,No,Required,,,Run-time failures shall be minimized,,,, +c,MISRA-C-2012,DIR-4-2,Yes,Advisory,,,All usage of assembly language should be documented,M7-4-1,Language,Import, c,MISRA-C-2012,DIR-4-3,Yes,Required,,,Assembly language shall be encapsulated and isolated,,Language1,Medium, -c,MISRA-C-2012,RULE-4-4,Yes,Advisory,,,Sections of code should not be commented out,A2-7-2,Syntax,Import, +c,MISRA-C-2012,DIR-4-4,Yes,Advisory,,,Sections of code should not be commented out,A2-7-2,Syntax,Import, c,MISRA-C-2012,DIR-4-5,Yes,Advisory,,,Identifiers in the same name space with overlapping visibility should be typographically unambiguous,M2-10-1,Syntax,Easy, -c,MISRA-C-2012,RULE-4-6,Yes,Advisory,,,typedefs that indicate size and signedness should be used in place of the basic numerical types,,Types,Hard, -c,MISRA-C-2012,RULE-4-7,Yes,Required,,,"If a function returns error information, then that error information shall be tested",M0-3-2,Contracts,Import, -c,MISRA-C-2012,RULE-4-8,Yes,Advisory,,,"If a pointer to a structure or union is never dereferenced within a translation unit, then the implementation of the object should be hidden",,Pointers1,Medium, -c,MISRA-C-2012,RULE-4-9,Yes,Advisory,,,A function should be used in preference to a function-like macro where they are interchangeable,,Preprocessor,Medium, -c,MISRA-C-2012,RULE-4-10,Yes,Required,,,Precautions shall be taken in order to prevent the contents of a header file being included more than once,M16-2-3,Preprocessor2,Medium, -c,MISRA-C-2012,RULE-4-11,Yes,Required,,,The validity of values passed to library functions shall be checked,,Contracts,Hard, -c,MISRA-C-2012,RULE-4-12,Yes,Required,,,Dynamic memory allocation shall not be used,,Banned,Medium, -c,MISRA-C-2012,RULE-4-13,Yes,Advisory,,,Functions which are designed to provide operations on a resource should be called in an appropriate sequence,,Contracts,Hard, -c,MISRA-C-2012,RULE-4-14,Yes,Required,,,The validity of values received from external sources shall be checked,,Contracts,Hard, +c,MISRA-C-2012,DIR-4-6,Yes,Advisory,,,typedefs that indicate size and signedness should be used in place of the basic numerical types,,Types,Hard, +c,MISRA-C-2012,DIR-4-7,Yes,Required,,,"If a function returns error information, then that error information shall be tested",M0-3-2,Contracts,Import, +c,MISRA-C-2012,DIR-4-8,Yes,Advisory,,,"If a pointer to a structure or union is never dereferenced within a translation unit, then the implementation of the object should be hidden",,Pointers1,Medium, +c,MISRA-C-2012,DIR-4-9,Yes,Advisory,,,A function should be used in preference to a function-like macro where they are interchangeable,,Preprocessor,Medium, +c,MISRA-C-2012,DIR-4-10,Yes,Required,,,Precautions shall be taken in order to prevent the contents of a header file being included more than once,M16-2-3,Preprocessor2,Medium, +c,MISRA-C-2012,DIR-4-11,Yes,Required,,,The validity of values passed to library functions shall be checked,,Contracts,Hard, +c,MISRA-C-2012,DIR-4-12,Yes,Required,,,Dynamic memory allocation shall not be used,,Banned,Medium, +c,MISRA-C-2012,DIR-4-13,Yes,Advisory,,,Functions which are designed to provide operations on a resource should be called in an appropriate sequence,,Contracts,Hard, +c,MISRA-C-2012,DIR-4-14,Yes,Required,,,The validity of values received from external sources shall be checked,,Contracts,Hard, c,MISRA-C-2012,RULE-1-1,Yes,Required,,,"The program shall contain no violations of the standard C syntax and constraints, and shall not exceed the implementation�s translation limits",,Language,Easy, c,MISRA-C-2012,RULE-1-2,Yes,Advisory,,,Language extensions should not be used,,Language,Easy, c,MISRA-C-2012,RULE-1-3,Yes,Required,,,There shall be no occurrence of undefined or critical unspecified behaviour,,Language,Hard, From 8948215c353cb9f82c6928453d013dc8b3c34226 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 3 Nov 2022 14:04:56 -0400 Subject: [PATCH 0067/2573] fix path for check --- scripts/util/Get-DuplicateRules.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/util/Get-DuplicateRules.ps1 b/scripts/util/Get-DuplicateRules.ps1 index 5090f4628c..a75526179b 100644 --- a/scripts/util/Get-DuplicateRules.ps1 +++ b/scripts/util/Get-DuplicateRules.ps1 @@ -8,7 +8,7 @@ param( ) -Import-Module -Name "$PSScriptRoot\..\PSCodingStandards\CodingStandards" +Import-Module -Name "$PSScriptRoot/../PSCodingStandards\CodingStandards" # load the rules. $rules = Get-RulesFromCSV -Language $Language From 6e46513a05e4ffa6c98a784a0fe5967ea935fc44 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 3 Nov 2022 14:05:19 -0400 Subject: [PATCH 0068/2573] Update .github/workflows/validate-rules-csv.yml Co-authored-by: Luke Cartey <5377966+lcartey@users.noreply.github.com> --- .github/workflows/validate-rules-csv.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/validate-rules-csv.yml b/.github/workflows/validate-rules-csv.yml index df4ec09e6b..1c6418c98f 100644 --- a/.github/workflows/validate-rules-csv.yml +++ b/.github/workflows/validate-rules-csv.yml @@ -16,7 +16,7 @@ on: jobs: validate-rules-csv: name: Validate Rules CSV - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Checkout uses: actions/checkout@v2 From 1c6c8c0b3e8e8cc42996fdc34ecb20dcb16914f3 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 3 Nov 2022 14:10:10 -0400 Subject: [PATCH 0069/2573] fix inconsistent escape --- scripts/util/Get-DuplicateRules.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/util/Get-DuplicateRules.ps1 b/scripts/util/Get-DuplicateRules.ps1 index a75526179b..d90f6fc716 100644 --- a/scripts/util/Get-DuplicateRules.ps1 +++ b/scripts/util/Get-DuplicateRules.ps1 @@ -8,7 +8,7 @@ param( ) -Import-Module -Name "$PSScriptRoot/../PSCodingStandards\CodingStandards" +Import-Module -Name "$PSScriptRoot/../PSCodingStandards/CodingStandards" # load the rules. $rules = Get-RulesFromCSV -Language $Language From 993dd746fb03946190efea26a8ce57b2fa99a398 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 3 Nov 2022 19:56:31 +0100 Subject: [PATCH 0070/2573] Rule ERR32-C --- .../ERR30-C/FunctionCallBeforeErrnoCheck.ql | 10 +- .../DoNotRelyOnIndeterminateValuesOfErrno.md | 207 ++++++++++++++++++ .../DoNotRelyOnIndeterminateValuesOfErrno.ql | 50 +++++ ...tRelyOnIndeterminateValuesOfErrno.expected | 3 + ...oNotRelyOnIndeterminateValuesOfErrno.qlref | 1 + c/cert/test/rules/ERR32-C/test.c | 42 ++++ rule_packages/c/Contracts5.json | 40 ++-- 7 files changed, 322 insertions(+), 31 deletions(-) create mode 100644 c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.md create mode 100644 c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql create mode 100644 c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected create mode 100644 c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.qlref create mode 100644 c/cert/test/rules/ERR32-C/test.c diff --git a/c/cert/src/rules/ERR30-C/FunctionCallBeforeErrnoCheck.ql b/c/cert/src/rules/ERR30-C/FunctionCallBeforeErrnoCheck.ql index 5203fd9d00..dd2e2175f7 100644 --- a/c/cert/src/rules/ERR30-C/FunctionCallBeforeErrnoCheck.ql +++ b/c/cert/src/rules/ERR30-C/FunctionCallBeforeErrnoCheck.ql @@ -23,14 +23,6 @@ class ErrnoSettingFunctionCall extends FunctionCall { ErrnoSettingFunctionCall() { this.getTarget() instanceof InBandErrnoSettingFunction } } -class ErrnoCheck extends Expr { - ErrnoCheck() { - this = any(MacroInvocation ma | ma.getMacroName() = "errno").getAnExpandedElement() - or - this.(FunctionCall).getTarget().hasName(["perror", "strerror"]) - } -} - /** * A successor of an ErrnoSettingFunctionCall appearing * before a check of errno @@ -42,7 +34,7 @@ ControlFlowNode errnoNotCheckedAfter(ErrnoSettingFunctionCall errnoSet) { result = mid.getASuccessor() and mid = errnoNotCheckedAfter(errnoSet) and // stop recursion on an error check - not result instanceof ErrnoCheck + not result instanceof ErrnoRead ) } diff --git a/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.md b/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.md new file mode 100644 index 0000000000..c4260a3337 --- /dev/null +++ b/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.md @@ -0,0 +1,207 @@ +# ERR32-C: Do not rely on indeterminate values of errno + +This query implements the CERT-C rule ERR32-C: + +> Do not rely on indeterminate values of errno + + +## Description + +According to the C Standard \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\], the behavior of a program is [undefined](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior) when + +> the value of `errno` is referred to after a signal occurred other than as the result of calling the `abort` or `raise` function and the corresponding signal handler obtained a `SIG_ERR` return from a call to the `signal` function. + + +See [undefined behavior 133](https://wiki.sei.cmu.edu/confluence/display/c/CC.+Undefined+Behavior#CC.UndefinedBehavior-ub_133). + +A signal handler is allowed to call `signal();` if that fails, `signal()` returns `SIG_ERR` and sets `errno` to a positive value. However, if the event that caused a signal was external (not the result of the program calling `abort()` or `raise()`), the only functions the signal handler may call are `_Exit()` or `abort()`, or it may call `signal()` on the signal currently being handled; if `signal()` fails, the value of `errno` is [indeterminate](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-indeterminatevalue). + +This rule is also a special case of [SIG31-C. Do not access shared objects in signal handlers](https://wiki.sei.cmu.edu/confluence/display/c/SIG31-C.+Do+not+access+shared+objects+in+signal+handlers). The object designated by `errno` is of static storage duration and is not a `volatile sig_atomic_t`. As a result, performing any action that would require `errno` to be set would normally cause [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). The C Standard, 7.14.1.1, paragraph 5, makes a special exception for `errno` in this case, allowing `errno` to take on an indeterminate value but specifying that there is no other [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). This special exception makes it possible to call `signal()` from within a signal handler without risking [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior), but the handler, and any code executed after the handler returns, must not depend on the value of `errno` being meaningful. + +## Noncompliant Code Example + +The `handler()` function in this noncompliant code example attempts to restore default handling for the signal indicated by `signum`. If the request to set the signal to default can be honored, the `signal()` function returns the value of the signal handler for the most recent successful call to the `signal()` function for the specified signal. Otherwise, a value of `SIG_ERR` is returned and a positive value is stored in `errno`. Unfortunately, the value of `errno` is indeterminate because the `handler()` function is called when an external signal is raised, so any attempt to read `errno` (for example, by the `perror()` function) is [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior): + +```cpp +#include +#include +#include + +typedef void (*pfv)(int); + +void handler(int signum) { + pfv old_handler = signal(signum, SIG_DFL); + if (old_handler == SIG_ERR) { + perror("SIGINT handler"); /* Undefined behavior */ + /* Handle error */ + } +} + +int main(void) { + pfv old_handler = signal(SIGINT, handler); + if (old_handler == SIG_ERR) { + perror("SIGINT handler"); + /* Handle error */ + } + + /* Main code loop */ + + return EXIT_SUCCESS; +} + +``` +The call to `perror()` from `handler()` also violates [SIG30-C. Call only asynchronous-safe functions within signal handlers](https://wiki.sei.cmu.edu/confluence/display/c/SIG30-C.+Call+only+asynchronous-safe+functions+within+signal+handlers). + +## Compliant Solution + +This compliant solution does not reference `errno` and does not return from the signal handler if the `signal()` call fails: + +```cpp +#include +#include +#include + +typedef void (*pfv)(int); + +void handler(int signum) { + pfv old_handler = signal(signum, SIG_DFL); + if (old_handler == SIG_ERR) { + abort(); + } +} + +int main(void) { + pfv old_handler = signal(SIGINT, handler); + if (old_handler == SIG_ERR) { + perror("SIGINT handler"); + /* Handle error */ + } + + /* Main code loop */ + + return EXIT_SUCCESS; +} + +``` + +## Noncompliant Code Example (POSIX) + +POSIX is less restrictive than C about what applications can do in signal handlers. It has a long list of [asynchronous-safe](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-asynchronous-safe) functions that can be called. (See [SIG30-C. Call only asynchronous-safe functions within signal handlers](https://wiki.sei.cmu.edu/confluence/display/c/SIG30-C.+Call+only+asynchronous-safe+functions+within+signal+handlers).) Many of these functions set `errno` on error, which can lead to a signal handler being executed between a call to a failed function and the subsequent inspection of `errno`. Consequently, the value inspected is not the one set by that function but the one set by a function call in the signal handler. POSIX applications can avoid this problem by ensuring that signal handlers containing code that might alter `errno`; always save the value of `errno` on entry and restore it before returning. + +The signal handler in this noncompliant code example alters the value of `errno`. As a result, it can cause incorrect error handling if executed between a failed function call and the subsequent inspection of `errno`: + +```cpp +#include +#include +#include +#include + +void reaper(int signum) { + errno = 0; + for (;;) { + int rc = waitpid(-1, NULL, WNOHANG); + if ((0 == rc) || (-1 == rc && EINTR != errno)) { + break; + } + } + if (ECHILD != errno) { + /* Handle error */ + } +} + +int main(void) { + struct sigaction act; + act.sa_handler = reaper; + act.sa_flags = 0; + if (sigemptyset(&act.sa_mask) != 0) { + /* Handle error */ + } + if (sigaction(SIGCHLD, &act, NULL) != 0) { + /* Handle error */ + } + + /* ... */ + + return EXIT_SUCCESS; +} + +``` + +## Compliant Solution (POSIX) + +This compliant solution saves and restores the value of `errno` in the signal handler: + +```cpp +#include +#include +#include +#include + +void reaper(int signum) { + errno_t save_errno = errno; + errno = 0; + for (;;) { + int rc = waitpid(-1, NULL, WNOHANG); + if ((0 == rc) || (-1 == rc && EINTR != errno)) { + break; + } + } + if (ECHILD != errno) { + /* Handle error */ + } + errno = save_errno; +} + +int main(void) { + struct sigaction act; + act.sa_handler = reaper; + act.sa_flags = 0; + if (sigemptyset(&act.sa_mask) != 0) { + /* Handle error */ + } + if (sigaction(SIGCHLD, &act, NULL) != 0) { + /* Handle error */ + } + + /* ... */ + + return EXIT_SUCCESS; +} + +``` + +## Risk Assessment + +Referencing indeterminate values of `errno` is [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). + +
Rule Severity Likelihood Remediation Cost Priority Level
ERR32-C Low Unlikely Low P3 L3
+ + +## Automated Detection + +
Tool Version Checker Description
Axivion Bauhaus Suite 7.2.0 CertC-ERR32
Compass/ROSE Could detect violations of this rule by looking for signal handlers that themselves call signal() . A violation is reported if the call fails and the handler therefore checks errno . A violation also exists if the signal handler modifies errno without first copying its value elsewhere
Coverity 2017.07 MISRA C 2012 Rule 22.8 MISRA C 2012 Rule 22.9 MISRA C 2012 Rule 22.10 Implemented
Helix QAC 2022.3 C2031, C4781, C4782, C4783 C++4781, C++4782, C++4783
Klocwork 2022.3 MISRA.INCL.SIGNAL.2012 MISRA.STDLIB.SIGNAL
LDRA tool suite 9.7.1 44 S Enhanced enforcement
Parasoft C/C++test 2022.1 CERT_C-ERR32-a Properly use errno value
Polyspace Bug Finder R2022b CERT C: Rule ERR32-C Checks for misuse of errno in a signal handler (rule fully covered)
PRQA QA-C 9.7 2031
+ + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+ERR32-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
Taxonomy Taxonomy item Relationship
CERT C Secure Coding Standard SIG30-C. Call only asynchronous-safe functions within signal handlers Prior to 2018-01-12: CERT: Unspecified Relationship
CERT C Secure Coding Standard SIG31-C. Do not access shared objects in signal handlers Prior to 2018-01-12: CERT: Unspecified Relationship
+ + +## Bibliography + +
\[ ISO/IEC 9899:2011 \] Subclause 7.14.1.1, "The signal Function"
+ + +## Implementation notes + +None + +## References + +* CERT-C: [ERR32-C: Do not rely on indeterminate values of errno](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql b/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql new file mode 100644 index 0000000000..3fec9d0836 --- /dev/null +++ b/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql @@ -0,0 +1,50 @@ +/** + * @id c/cert/do-not-rely-on-indeterminate-values-of-errno + * @name ERR32-C: Do not rely on indeterminate values of errno + * @description Do not rely on indeterminate values of errno. This may result in undefined behavior. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/cert/id/err32-c + * correctness + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import codingstandards.c.Errno + +class SignalCall extends FunctionCall { + SignalCall() { this.getTarget().hasGlobalName("signal") } +} + +/** + * Models signal handlers that call signal() + */ +class SignalCallingHandler extends Function { + SignalCall sh; + + SignalCallingHandler() { + // is a signal handler + this = sh.getArgument(1).(FunctionAccess).getTarget() and + // calls signal() + this.calls*(any(SignalCall c).getTarget()) + } + + SignalCall getHandler() { result = sh } +} + +from ErrnoRead errno, SignalCall h +where + not isExcluded(errno, Contracts5Package::doNotRelyOnIndeterminateValuesOfErrnoQuery()) and + // errno read in the handler + exists(SignalCallingHandler sc | + sc.getHandler() = h and + ( + sc.calls*(errno.getEnclosingFunction()) + or + // errno is read after the handle + errno.(ControlFlowNode).getAPredecessor+() = sc.getHandler() + ) + ) +select errno, "`errno` has indeterminate value after this $@.", h, h.toString() diff --git a/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected b/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected new file mode 100644 index 0000000000..94131729b2 --- /dev/null +++ b/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected @@ -0,0 +1,3 @@ +| test.c:12:5:12:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:32:21:32:26 | call to signal | call to signal | +| test.c:26:3:26:8 | call to perror | `errno` has indeterminate value after this $@. | test.c:41:17:41:22 | call to signal | call to signal | +| test.c:34:5:34:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:32:21:32:26 | call to signal | call to signal | diff --git a/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.qlref b/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.qlref new file mode 100644 index 0000000000..96c9e9a246 --- /dev/null +++ b/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.qlref @@ -0,0 +1 @@ +rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql \ No newline at end of file diff --git a/c/cert/test/rules/ERR32-C/test.c b/c/cert/test/rules/ERR32-C/test.c new file mode 100644 index 0000000000..274bfd1967 --- /dev/null +++ b/c/cert/test/rules/ERR32-C/test.c @@ -0,0 +1,42 @@ +#include +#include +#include +#include +#include + +typedef void (*pfv)(int); + +void handler1(int signum) { + pfv old_handler = signal(signum, SIG_DFL); + if (old_handler == SIG_ERR) { + perror(""); // NON_COMPLIANT + } +} + +void handler2(int signum) { + pfv old_handler = signal(signum, SIG_DFL); + if (old_handler == SIG_ERR) { + abort(); // COMPLIANT + } +} + +void handler3(int signum) { pfv old_handler = signal(signum, SIG_DFL); } + +pfv helper4(int signum) { + perror(""); // NON_COMPLIANT + return signal(signum, SIG_DFL); +} +void handler4(int signum) { pfv old_handler = helper4(signum); } + +int main(void) { + pfv old_handler = signal(SIGINT, handler1); + if (old_handler == SIG_ERR) { + perror(""); // NON_COMPLIANT + } + + old_handler = signal(SIGINT, handler2); + + old_handler = signal(SIGINT, handler3); + + old_handler = signal(SIGINT, handler4); +} diff --git a/rule_packages/c/Contracts5.json b/rule_packages/c/Contracts5.json index 6e4b1c2150..b76450d8bb 100644 --- a/rule_packages/c/Contracts5.json +++ b/rule_packages/c/Contracts5.json @@ -4,34 +4,30 @@ "properties": { "obligation": "rule" }, - "queries": [ - { - "description": "Do not rely on indeterminate values of errno.", - "kind": "problem", - "name": "Do not rely on indeterminate values of errno", - "precision": "high", - "severity": "error", - "short_name": "DoNotRelyOnIndeterminateValuesOfErrno", - "tags": ["correctness"] - } - ], + "queries": [{ + "description": "Do not rely on indeterminate values of errno. This may result in undefined behavior.", + "kind": "problem", + "name": "Do not rely on indeterminate values of errno", + "precision": "high", + "severity": "error", + "short_name": "DoNotRelyOnIndeterminateValuesOfErrno", + "tags": ["correctness"] + }], "title": "Do not rely on indeterminate values of errno" }, "ERR33-C": { "properties": { "obligation": "rule" }, - "queries": [ - { - "description": "Detect and handle standard library errors. Undetected failures can lead to unexpected or undefined behavior.", - "kind": "problem", - "name": "Detect and handle standard library errors", - "precision": "high", - "severity": "error", - "short_name": "DetectAndHandleStandardLibraryErrors", - "tags": ["correctness"] - } - ], + "queries": [{ + "description": "Detect and handle standard library errors. Undetected failures can lead to unexpected or undefined behavior.", + "kind": "problem", + "name": "Detect and handle standard library errors", + "precision": "high", + "severity": "error", + "short_name": "DetectAndHandleStandardLibraryErrors", + "tags": ["correctness"] + }], "title": "Detect and handle standard library errors" } } From 13fe4de715b54ed82bf5b4519357dc8acea1e828 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 3 Nov 2022 22:15:20 +0000 Subject: [PATCH 0071/2573] Switch back to 20.04-xl runners 22.04-xl doesn't appear to exist. --- .github/workflows/code-scanning-pack-gen.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index d277fa45e5..5a0ef0fb07 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -36,7 +36,7 @@ jobs: create-code-scanning-pack: name: Create Code Scanning pack needs: prepare-code-scanning-pack-matrix - runs-on: ubuntu-22.04-xl + runs-on: ubuntu-20.04-xl strategy: fail-fast: false matrix: ${{ fromJSON(needs.prepare-code-scanning-pack-matrix.outputs.matrix) }} From dad6bc18769fedad9f877e24150e234e74c7da11 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Fri, 4 Nov 2022 11:06:06 +0000 Subject: [PATCH 0072/2573] Update cpp/autosar/test/rules/M0-1-4/test.cpp --- cpp/autosar/test/rules/M0-1-4/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/M0-1-4/test.cpp b/cpp/autosar/test/rules/M0-1-4/test.cpp index 1bd8c09f39..e6ab55c24a 100644 --- a/cpp/autosar/test/rules/M0-1-4/test.cpp +++ b/cpp/autosar/test/rules/M0-1-4/test.cpp @@ -36,6 +36,6 @@ class C1 { static constexpr int unused{1}; // NON_COMPLIANT static constexpr int used{2}; // COMPLIANT int test_use() { return used; } - static constexpr int size{3}; // COMPLIANT[FALSE_POSITIVE] + static constexpr int size{3}; // COMPLIANT std::array array{false, false}; // size is used here }; \ No newline at end of file From 97f66579fb4581d570a05402125323e16893f33f Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 4 Nov 2022 10:27:53 -0400 Subject: [PATCH 0073/2573] refactor RULE-4-12 -> DIR-4-12 --- .vscode/tasks.json | 1 + .../StdLibDynamicMemoryAllocationUsed.ql | 4 ++-- .../StdLibDynamicMemoryAllocationUsed.expected | 0 .../rules/DIR-4-12/StdLibDynamicMemoryAllocationUsed.qlref | 1 + c/misra/test/rules/{RULE-4-12 => DIR-4-12}/test.c | 0 .../rules/RULE-4-12/StdLibDynamicMemoryAllocationUsed.qlref | 1 - cpp/common/src/codingstandards/cpp/exclusions/c/Banned.qll | 2 +- rule_packages/c/Banned.json | 2 +- 8 files changed, 6 insertions(+), 5 deletions(-) rename c/misra/src/rules/{RULE-4-12 => DIR-4-12}/StdLibDynamicMemoryAllocationUsed.ql (91%) rename c/misra/test/rules/{RULE-4-12 => DIR-4-12}/StdLibDynamicMemoryAllocationUsed.expected (100%) create mode 100644 c/misra/test/rules/DIR-4-12/StdLibDynamicMemoryAllocationUsed.qlref rename c/misra/test/rules/{RULE-4-12 => DIR-4-12}/test.c (100%) delete mode 100644 c/misra/test/rules/RULE-4-12/StdLibDynamicMemoryAllocationUsed.qlref diff --git a/.vscode/tasks.json b/.vscode/tasks.json index d1f141cced..e2b393727f 100644 --- a/.vscode/tasks.json +++ b/.vscode/tasks.json @@ -185,6 +185,7 @@ "type": "pickString", "options": [ "Allocations", + "Banned", "BannedFunctions", "BannedLibraries", "BannedSyntax", diff --git a/c/misra/src/rules/RULE-4-12/StdLibDynamicMemoryAllocationUsed.ql b/c/misra/src/rules/DIR-4-12/StdLibDynamicMemoryAllocationUsed.ql similarity index 91% rename from c/misra/src/rules/RULE-4-12/StdLibDynamicMemoryAllocationUsed.ql rename to c/misra/src/rules/DIR-4-12/StdLibDynamicMemoryAllocationUsed.ql index 84055145e3..a759a631b7 100644 --- a/c/misra/src/rules/RULE-4-12/StdLibDynamicMemoryAllocationUsed.ql +++ b/c/misra/src/rules/DIR-4-12/StdLibDynamicMemoryAllocationUsed.ql @@ -1,13 +1,13 @@ /** * @id c/misra/std-lib-dynamic-memory-allocation-used - * @name RULE-4-12: Dynamic memory allocation shall not be used + * @name DIR-4-12: Dynamic memory allocation shall not be used * @description Using dynamic memory allocation and deallocation can result to undefined behavior. * This query is for the Standard Library Implementation. Any implementation outside it * will require a separate query under the same directive. * @kind problem * @precision very-high * @problem.severity error - * @tags external/misra/id/rule-4-12 + * @tags external/misra/id/dir-4-12 * security * correctness * maintainability diff --git a/c/misra/test/rules/RULE-4-12/StdLibDynamicMemoryAllocationUsed.expected b/c/misra/test/rules/DIR-4-12/StdLibDynamicMemoryAllocationUsed.expected similarity index 100% rename from c/misra/test/rules/RULE-4-12/StdLibDynamicMemoryAllocationUsed.expected rename to c/misra/test/rules/DIR-4-12/StdLibDynamicMemoryAllocationUsed.expected diff --git a/c/misra/test/rules/DIR-4-12/StdLibDynamicMemoryAllocationUsed.qlref b/c/misra/test/rules/DIR-4-12/StdLibDynamicMemoryAllocationUsed.qlref new file mode 100644 index 0000000000..b0cf5247b5 --- /dev/null +++ b/c/misra/test/rules/DIR-4-12/StdLibDynamicMemoryAllocationUsed.qlref @@ -0,0 +1 @@ +rules/DIR-4-12/StdLibDynamicMemoryAllocationUsed.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-4-12/test.c b/c/misra/test/rules/DIR-4-12/test.c similarity index 100% rename from c/misra/test/rules/RULE-4-12/test.c rename to c/misra/test/rules/DIR-4-12/test.c diff --git a/c/misra/test/rules/RULE-4-12/StdLibDynamicMemoryAllocationUsed.qlref b/c/misra/test/rules/RULE-4-12/StdLibDynamicMemoryAllocationUsed.qlref deleted file mode 100644 index a0602b1905..0000000000 --- a/c/misra/test/rules/RULE-4-12/StdLibDynamicMemoryAllocationUsed.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-4-12/StdLibDynamicMemoryAllocationUsed.ql \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Banned.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Banned.qll index 7a9af8467d..615b16c0ca 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Banned.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Banned.qll @@ -159,7 +159,7 @@ predicate isBannedQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `stdLibDynamicMemoryAllocationUsed` query "c/misra/std-lib-dynamic-memory-allocation-used" and - ruleId = "RULE-4-12" + ruleId = "DIR-4-12" or query = // `Query` instance for the `octalConstantsUsed` query diff --git a/rule_packages/c/Banned.json b/rule_packages/c/Banned.json index 46032e3a68..42decbb3e3 100644 --- a/rule_packages/c/Banned.json +++ b/rule_packages/c/Banned.json @@ -304,7 +304,7 @@ ], "title": "The Standard Library functions 'bsearch' and 'qsort' of 'stdlib.h' shall not be used" }, - "RULE-4-12": { + "DIR-4-12": { "properties": { "obligation": "required" }, From feb21ceba0517273653acd35ff1d3f74474d2702 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 4 Nov 2022 11:02:52 -0400 Subject: [PATCH 0074/2573] Fix RULE-4-10 -> DIR-4-10 --- .../PrecautionIncludeGuardsNotProvided.ql | 24 +++++++++++++++++++ ...PrecautionIncludeGuardsNotProvided.testref | 1 + .../RULE-4-10/NonUniqueIncludeGuards.testref | 1 - .../cpp/exclusions/c/Preprocessor2.qll | 2 +- rule_packages/c/Preprocessor2.json | 2 +- 5 files changed, 27 insertions(+), 3 deletions(-) create mode 100644 c/misra/src/rules/DIR-4-10/PrecautionIncludeGuardsNotProvided.ql create mode 100644 c/misra/test/rules/DIR-4-10/PrecautionIncludeGuardsNotProvided.testref delete mode 100644 c/misra/test/rules/RULE-4-10/NonUniqueIncludeGuards.testref diff --git a/c/misra/src/rules/DIR-4-10/PrecautionIncludeGuardsNotProvided.ql b/c/misra/src/rules/DIR-4-10/PrecautionIncludeGuardsNotProvided.ql new file mode 100644 index 0000000000..58ec5c80a9 --- /dev/null +++ b/c/misra/src/rules/DIR-4-10/PrecautionIncludeGuardsNotProvided.ql @@ -0,0 +1,24 @@ +/** + * @id c/misra/precaution-include-guards-not-provided + * @name DIR-4-10: Precautions shall be taken in order to prevent the contents of a header file being included more than once + * @description Using anything other than a standard include guard form can make code confusing and + * can lead to multiple or conflicting definitions. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/misra/id/dir-4-10 + * correctness + * maintainability + * readability + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.rules.includeguardsnotused.IncludeGuardsNotUsed + +class PrecautionIncludeGuardsNotProvidedQuery extends IncludeGuardsNotUsedSharedQuery { + PrecautionIncludeGuardsNotProvidedQuery() { + this = Preprocessor2Package::precautionIncludeGuardsNotProvidedQuery() + } +} diff --git a/c/misra/test/rules/DIR-4-10/PrecautionIncludeGuardsNotProvided.testref b/c/misra/test/rules/DIR-4-10/PrecautionIncludeGuardsNotProvided.testref new file mode 100644 index 0000000000..065354082f --- /dev/null +++ b/c/misra/test/rules/DIR-4-10/PrecautionIncludeGuardsNotProvided.testref @@ -0,0 +1 @@ +c/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-4-10/NonUniqueIncludeGuards.testref b/c/misra/test/rules/RULE-4-10/NonUniqueIncludeGuards.testref deleted file mode 100644 index e38907a2fc..0000000000 --- a/c/misra/test/rules/RULE-4-10/NonUniqueIncludeGuards.testref +++ /dev/null @@ -1 +0,0 @@ -c/common/test/rules/nonuniqueincludeguardsused/NonUniqueIncludeGuardsUsed.ql \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor2.qll index 942f633f45..f8a1c8ba3b 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor2.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor2.qll @@ -40,7 +40,7 @@ predicate isPreprocessor2QueryMetadata(Query query, string queryId, string ruleI queryId = // `@id` for the `precautionIncludeGuardsNotProvided` query "c/misra/precaution-include-guards-not-provided" and - ruleId = "RULE-4-10" + ruleId = "DIR-4-10" } module Preprocessor2Package { diff --git a/rule_packages/c/Preprocessor2.json b/rule_packages/c/Preprocessor2.json index 66e759c5b9..9eeb7beba8 100644 --- a/rule_packages/c/Preprocessor2.json +++ b/rule_packages/c/Preprocessor2.json @@ -63,7 +63,7 @@ ], "title": "#undef should not be used" }, - "RULE-4-10": { + "DIR-4-10": { "properties": { "obligation": "required" }, From f22c1ef0b032b0ba1ddb0d2e75d082b9f726578e Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 4 Nov 2022 11:03:02 -0400 Subject: [PATCH 0075/2573] delete tests --- .../PrecautionIncludeGuardsNotProvided.ql | 24 ------------------- ...PrecautionIncludeGuardsNotProvided.testref | 1 - 2 files changed, 25 deletions(-) delete mode 100644 c/misra/src/rules/RULE-4-10/PrecautionIncludeGuardsNotProvided.ql delete mode 100644 c/misra/test/rules/RULE-4-10/PrecautionIncludeGuardsNotProvided.testref diff --git a/c/misra/src/rules/RULE-4-10/PrecautionIncludeGuardsNotProvided.ql b/c/misra/src/rules/RULE-4-10/PrecautionIncludeGuardsNotProvided.ql deleted file mode 100644 index deea2afa83..0000000000 --- a/c/misra/src/rules/RULE-4-10/PrecautionIncludeGuardsNotProvided.ql +++ /dev/null @@ -1,24 +0,0 @@ -/** - * @id c/misra/precaution-include-guards-not-provided - * @name RULE-4-10: Precautions shall be taken in order to prevent the contents of a header file being included more than once - * @description Using anything other than a standard include guard form can make code confusing and - * can lead to multiple or conflicting definitions. - * @kind problem - * @precision very-high - * @problem.severity warning - * @tags external/misra/id/rule-4-10 - * correctness - * maintainability - * readability - * external/misra/obligation/required - */ - -import cpp -import codingstandards.c.misra -import codingstandards.cpp.rules.includeguardsnotused.IncludeGuardsNotUsed - -class PrecautionIncludeGuardsNotProvidedQuery extends IncludeGuardsNotUsedSharedQuery { - PrecautionIncludeGuardsNotProvidedQuery() { - this = Preprocessor2Package::precautionIncludeGuardsNotProvidedQuery() - } -} diff --git a/c/misra/test/rules/RULE-4-10/PrecautionIncludeGuardsNotProvided.testref b/c/misra/test/rules/RULE-4-10/PrecautionIncludeGuardsNotProvided.testref deleted file mode 100644 index 065354082f..0000000000 --- a/c/misra/test/rules/RULE-4-10/PrecautionIncludeGuardsNotProvided.testref +++ /dev/null @@ -1 +0,0 @@ -c/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql \ No newline at end of file From 63d6bbdfc065dbd5dcf61773946f39ec55b93633 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 4 Nov 2022 12:16:05 -0400 Subject: [PATCH 0076/2573] fix rule-4-4 -> dir-4-4 --- .../SectionsOfCodeShallNotBeCommentedOut.ql | 4 ++-- .../SectionsOfCodeShallNotBeCommentedOut.testref | 0 cpp/common/src/codingstandards/cpp/exclusions/c/Syntax.qll | 2 +- rule_packages/c/Syntax.json | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) rename c/misra/src/rules/{RULE-4-4 => DIR-4-4}/SectionsOfCodeShallNotBeCommentedOut.ql (87%) rename c/misra/test/rules/{RULE-4-4 => DIR-4-4}/SectionsOfCodeShallNotBeCommentedOut.testref (100%) diff --git a/c/misra/src/rules/RULE-4-4/SectionsOfCodeShallNotBeCommentedOut.ql b/c/misra/src/rules/DIR-4-4/SectionsOfCodeShallNotBeCommentedOut.ql similarity index 87% rename from c/misra/src/rules/RULE-4-4/SectionsOfCodeShallNotBeCommentedOut.ql rename to c/misra/src/rules/DIR-4-4/SectionsOfCodeShallNotBeCommentedOut.ql index 52adbac29d..1831f211dd 100644 --- a/c/misra/src/rules/RULE-4-4/SectionsOfCodeShallNotBeCommentedOut.ql +++ b/c/misra/src/rules/DIR-4-4/SectionsOfCodeShallNotBeCommentedOut.ql @@ -1,11 +1,11 @@ /** * @id c/misra/sections-of-code-shall-not-be-commented-out - * @name RULE-4-4: Sections of code should not be commented out + * @name DIR-4-4: Sections of code should not be commented out * @description Commented out code may become out of date leading to developer confusion. * @kind problem * @precision high * @problem.severity warning - * @tags external/misra/id/rule-4-4 + * @tags external/misra/id/dir-4-4 * maintainability * readability * correctness diff --git a/c/misra/test/rules/RULE-4-4/SectionsOfCodeShallNotBeCommentedOut.testref b/c/misra/test/rules/DIR-4-4/SectionsOfCodeShallNotBeCommentedOut.testref similarity index 100% rename from c/misra/test/rules/RULE-4-4/SectionsOfCodeShallNotBeCommentedOut.testref rename to c/misra/test/rules/DIR-4-4/SectionsOfCodeShallNotBeCommentedOut.testref diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Syntax.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Syntax.qll index 8109741e20..901b6393a4 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Syntax.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Syntax.qll @@ -43,7 +43,7 @@ predicate isSyntaxQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `sectionsOfCodeShallNotBeCommentedOut` query "c/misra/sections-of-code-shall-not-be-commented-out" and - ruleId = "RULE-4-4" + ruleId = "DIR-4-4" or query = // `Query` instance for the `identifiersInTheSameNameSpaceUnambiguous` query diff --git a/rule_packages/c/Syntax.json b/rule_packages/c/Syntax.json index 476254130b..d294c44183 100644 --- a/rule_packages/c/Syntax.json +++ b/rule_packages/c/Syntax.json @@ -62,7 +62,7 @@ ], "title": "Octal and hexadecimal escape sequences shall be terminated" }, - "RULE-4-4": { + "DIR-4-4": { "properties": { "obligation": "advisory" }, From 4c6c550b9dc55ba237a0e2cd6bf96b7d3b8dba3c Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 4 Nov 2022 12:18:38 -0400 Subject: [PATCH 0077/2573] 4-8 --- ...tWithNoPointerDereferenceShouldBeOpaque.ql | 4 +- ...oPointerDereferenceShouldBeOpaque.expected | 6 +++ ...thNoPointerDereferenceShouldBeOpaque.qlref | 1 + c/misra/test/rules/DIR-4-8/test.c | 46 +++++++++++++++++++ c/misra/test/rules/DIR-4-8/test.h | 10 ++++ c/misra/test/rules/DIR-4-8/test_2.c | 46 +++++++++++++++++++ c/misra/test/rules/DIR-4-8/test_shared.h | 28 +++++++++++ .../cpp/exclusions/c/Pointers1.qll | 2 +- rule_packages/c/Pointers1.json | 2 +- 9 files changed, 141 insertions(+), 4 deletions(-) rename c/misra/src/rules/{RULE-4-8 => DIR-4-8}/ObjectWithNoPointerDereferenceShouldBeOpaque.ql (89%) create mode 100644 c/misra/test/rules/DIR-4-8/ObjectWithNoPointerDereferenceShouldBeOpaque.expected create mode 100644 c/misra/test/rules/DIR-4-8/ObjectWithNoPointerDereferenceShouldBeOpaque.qlref create mode 100644 c/misra/test/rules/DIR-4-8/test.c create mode 100644 c/misra/test/rules/DIR-4-8/test.h create mode 100644 c/misra/test/rules/DIR-4-8/test_2.c create mode 100644 c/misra/test/rules/DIR-4-8/test_shared.h diff --git a/c/misra/src/rules/RULE-4-8/ObjectWithNoPointerDereferenceShouldBeOpaque.ql b/c/misra/src/rules/DIR-4-8/ObjectWithNoPointerDereferenceShouldBeOpaque.ql similarity index 89% rename from c/misra/src/rules/RULE-4-8/ObjectWithNoPointerDereferenceShouldBeOpaque.ql rename to c/misra/src/rules/DIR-4-8/ObjectWithNoPointerDereferenceShouldBeOpaque.ql index 1521b9602a..56f2dd785d 100644 --- a/c/misra/src/rules/RULE-4-8/ObjectWithNoPointerDereferenceShouldBeOpaque.ql +++ b/c/misra/src/rules/DIR-4-8/ObjectWithNoPointerDereferenceShouldBeOpaque.ql @@ -1,13 +1,13 @@ /** * @id c/misra/object-with-no-pointer-dereference-should-be-opaque - * @name RULE-4-8: The implementation of an object shall be hidden if a pointer to its structure or union is never dereferenced within a translation unit + * @name DIR-4-8: The implementation of an object shall be hidden if a pointer to its structure or union is never dereferenced within a translation unit * @description If a pointer to a structure or union is never dereferenced within a translation * unit, then the implementation of the object should be hidden to prevent * unintentional changes. * @kind problem * @precision very-high * @problem.severity error - * @tags external/misra/id/rule-4-8 + * @tags external/misra/id/dir-4-8 * readability * maintainability * external/misra/obligation/advisory diff --git a/c/misra/test/rules/DIR-4-8/ObjectWithNoPointerDereferenceShouldBeOpaque.expected b/c/misra/test/rules/DIR-4-8/ObjectWithNoPointerDereferenceShouldBeOpaque.expected new file mode 100644 index 0000000000..cdbef7ca60 --- /dev/null +++ b/c/misra/test/rules/DIR-4-8/ObjectWithNoPointerDereferenceShouldBeOpaque.expected @@ -0,0 +1,6 @@ +| test.c:10:8:10:9 | s4 | $@ is not opaque but no pointer to it is dereferenced within the translation unit $@. | test.c:10:8:10:9 | s4 | s4 | test.c:0:0:0:0 | test.c | test.c | +| test.h:3:8:3:9 | s1 | $@ is not opaque but no pointer to it is dereferenced within the translation unit $@. | test.h:3:8:3:9 | s1 | s1 | test.c:0:0:0:0 | test.c | test.c | +| test_2.c:7:8:7:9 | s2 | $@ is not opaque but no pointer to it is dereferenced within the translation unit $@. | test_2.c:7:8:7:9 | s2 | s2 | test_2.c:0:0:0:0 | test_2.c | test_2.c | +| test_shared.h:15:8:15:20 | only_test2_s2 | $@ is not opaque but no pointer to it is dereferenced within the translation unit $@. | test_shared.h:15:8:15:20 | only_test2_s2 | only_test2_s2 | test_2.c:0:0:0:0 | test_2.c | test_2.c | +| test_shared.h:19:7:19:15 | shared_u1 | $@ is not opaque but no pointer to it is dereferenced within the translation unit $@. | test_shared.h:19:7:19:15 | shared_u1 | shared_u1 | test.c:0:0:0:0 | test.c | test.c | +| test_shared.h:19:7:19:15 | shared_u1 | $@ is not opaque but no pointer to it is dereferenced within the translation unit $@. | test_shared.h:19:7:19:15 | shared_u1 | shared_u1 | test_2.c:0:0:0:0 | test_2.c | test_2.c | diff --git a/c/misra/test/rules/DIR-4-8/ObjectWithNoPointerDereferenceShouldBeOpaque.qlref b/c/misra/test/rules/DIR-4-8/ObjectWithNoPointerDereferenceShouldBeOpaque.qlref new file mode 100644 index 0000000000..4a5c410c38 --- /dev/null +++ b/c/misra/test/rules/DIR-4-8/ObjectWithNoPointerDereferenceShouldBeOpaque.qlref @@ -0,0 +1 @@ +rules/RULE-4-8/ObjectWithNoPointerDereferenceShouldBeOpaque.ql \ No newline at end of file diff --git a/c/misra/test/rules/DIR-4-8/test.c b/c/misra/test/rules/DIR-4-8/test.c new file mode 100644 index 0000000000..0b5f4d6639 --- /dev/null +++ b/c/misra/test/rules/DIR-4-8/test.c @@ -0,0 +1,46 @@ +#include "test.h" +#include "test_shared.h" +struct s3 { + int v1; + struct s3_1 { + int a; + } v2; // COMPLIANT +}; // COMPLIANT + +struct s4 { + int v1; +}; // NON_COMPLIANT + +typedef struct s3 s3_t; +typedef struct s4 s4_t; + +void *f1(struct s1 *p1) { return (void *)p1; } + +void *f2(struct s2 *p1) { + int v1 = p1->v1; + return p1; +} + +s3_t *f3(s3_t *p1) { + int v1 = p1[0].v1; + return p1; +} + +void *f4(s4_t *p1) { return p1; } + +void *f5(struct only_test1_s1 *p1) { + int v1 = p1->v1; + return (void *)p1; +} + +void *f6(struct shared_s1 *p1) { + int v1 = p1->v1; + return (void *)p1; +} + +void *f7(union shared_u1 *p1) { return (void *)p1; } + +void *f8(union shared_u2 *p1) { + int v1 = p1->v1; + return (void *)p1; +} \ No newline at end of file diff --git a/c/misra/test/rules/DIR-4-8/test.h b/c/misra/test/rules/DIR-4-8/test.h new file mode 100644 index 0000000000..30ff6ca33e --- /dev/null +++ b/c/misra/test/rules/DIR-4-8/test.h @@ -0,0 +1,10 @@ +#ifndef TEST_H_ +#define TEST_H_ +struct s1 { + int v1; +}; // NON_COMPLIANT + +struct s2 { + int v1; +}; // COMPLIANT +#endif // TEST_H_ \ No newline at end of file diff --git a/c/misra/test/rules/DIR-4-8/test_2.c b/c/misra/test/rules/DIR-4-8/test_2.c new file mode 100644 index 0000000000..84328bb5f5 --- /dev/null +++ b/c/misra/test/rules/DIR-4-8/test_2.c @@ -0,0 +1,46 @@ +#include "test_shared.h" + +struct s1 { + float v1; +}; // COMPLIANT + +struct s2 { + float v1; +}; // NON_COMPLIANT + +struct s3 { + float v1; +}; // COMPLIANT + +void *f1(struct s1 *p1) { + int v1 = p1->v1; + return (void *)p1; +} + +void *f2(struct s2 *p1) { return (void *)p1; } + +void *f3(struct only_test2_s1 *p1) { + int v1 = (*p1).v1; + return (void *)p1; +} + +void *f4(struct only_test2_s1 *p1) { + int v1 = p1->v1; + return (void *)p1; +} + +void *f5(struct only_test2_s2 *p1) { return (void *)p1; } + +void *f6(union shared_u1 *p1) { return (void *)p1; } + +void *f7(union shared_u2 *p1) { + int v1 = p1->v1; + return (void *)p1; +} + +void *f8(void) { + struct s3 v1; + return (void *)0; +} + +void *f9(struct s3 *p1) { return (void *)p1; } \ No newline at end of file diff --git a/c/misra/test/rules/DIR-4-8/test_shared.h b/c/misra/test/rules/DIR-4-8/test_shared.h new file mode 100644 index 0000000000..c3c44fc43b --- /dev/null +++ b/c/misra/test/rules/DIR-4-8/test_shared.h @@ -0,0 +1,28 @@ +#ifndef TEST_SHARED_H_ +#define TEST_SHARED_H_ +struct shared_s1 { + int v1; +}; // COMPLIANT + +struct only_test1_s1 { + int v1; +}; // COMPLIANT + +struct only_test2_s1 { + int v1; +}; // COMPLIANT + +struct only_test2_s2 { + int v1; +}; // NON_COMPLIANT + +union shared_u1 { + int v1; + float v2; +}; // NON_COMPLIANT + +union shared_u2 { + int v1; + float v2; +}; // COMPLIANT +#endif // TEST_SHARED_H_ \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers1.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers1.qll index 506e3a5fba..11daf5543c 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers1.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers1.qll @@ -149,7 +149,7 @@ predicate isPointers1QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `objectWithNoPointerDereferenceShouldBeOpaque` query "c/misra/object-with-no-pointer-dereference-should-be-opaque" and - ruleId = "RULE-4-8" + ruleId = "DIR-4-8" or query = // `Query` instance for the `pointerShouldPointToConstTypeWhenPossible` query diff --git a/rule_packages/c/Pointers1.json b/rule_packages/c/Pointers1.json index 991838e34f..6b2df1595c 100644 --- a/rule_packages/c/Pointers1.json +++ b/rule_packages/c/Pointers1.json @@ -294,7 +294,7 @@ ], "title": "The address of an object with automatic storage shall not be copied to another object that persists after the first object has ceased to exist" }, - "RULE-4-8": { + "DIR-4-8": { "properties": { "obligation": "advisory" }, From fd33c17f10535a5a2b620baafcb262cf87cf2102 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 4 Nov 2022 12:18:47 -0400 Subject: [PATCH 0078/2573] 4-8 --- ...oPointerDereferenceShouldBeOpaque.expected | 6 --- ...thNoPointerDereferenceShouldBeOpaque.qlref | 1 - c/misra/test/rules/RULE-4-8/test.c | 46 ------------------- c/misra/test/rules/RULE-4-8/test.h | 10 ---- c/misra/test/rules/RULE-4-8/test_2.c | 46 ------------------- c/misra/test/rules/RULE-4-8/test_shared.h | 28 ----------- 6 files changed, 137 deletions(-) delete mode 100644 c/misra/test/rules/RULE-4-8/ObjectWithNoPointerDereferenceShouldBeOpaque.expected delete mode 100644 c/misra/test/rules/RULE-4-8/ObjectWithNoPointerDereferenceShouldBeOpaque.qlref delete mode 100644 c/misra/test/rules/RULE-4-8/test.c delete mode 100644 c/misra/test/rules/RULE-4-8/test.h delete mode 100644 c/misra/test/rules/RULE-4-8/test_2.c delete mode 100644 c/misra/test/rules/RULE-4-8/test_shared.h diff --git a/c/misra/test/rules/RULE-4-8/ObjectWithNoPointerDereferenceShouldBeOpaque.expected b/c/misra/test/rules/RULE-4-8/ObjectWithNoPointerDereferenceShouldBeOpaque.expected deleted file mode 100644 index cdbef7ca60..0000000000 --- a/c/misra/test/rules/RULE-4-8/ObjectWithNoPointerDereferenceShouldBeOpaque.expected +++ /dev/null @@ -1,6 +0,0 @@ -| test.c:10:8:10:9 | s4 | $@ is not opaque but no pointer to it is dereferenced within the translation unit $@. | test.c:10:8:10:9 | s4 | s4 | test.c:0:0:0:0 | test.c | test.c | -| test.h:3:8:3:9 | s1 | $@ is not opaque but no pointer to it is dereferenced within the translation unit $@. | test.h:3:8:3:9 | s1 | s1 | test.c:0:0:0:0 | test.c | test.c | -| test_2.c:7:8:7:9 | s2 | $@ is not opaque but no pointer to it is dereferenced within the translation unit $@. | test_2.c:7:8:7:9 | s2 | s2 | test_2.c:0:0:0:0 | test_2.c | test_2.c | -| test_shared.h:15:8:15:20 | only_test2_s2 | $@ is not opaque but no pointer to it is dereferenced within the translation unit $@. | test_shared.h:15:8:15:20 | only_test2_s2 | only_test2_s2 | test_2.c:0:0:0:0 | test_2.c | test_2.c | -| test_shared.h:19:7:19:15 | shared_u1 | $@ is not opaque but no pointer to it is dereferenced within the translation unit $@. | test_shared.h:19:7:19:15 | shared_u1 | shared_u1 | test.c:0:0:0:0 | test.c | test.c | -| test_shared.h:19:7:19:15 | shared_u1 | $@ is not opaque but no pointer to it is dereferenced within the translation unit $@. | test_shared.h:19:7:19:15 | shared_u1 | shared_u1 | test_2.c:0:0:0:0 | test_2.c | test_2.c | diff --git a/c/misra/test/rules/RULE-4-8/ObjectWithNoPointerDereferenceShouldBeOpaque.qlref b/c/misra/test/rules/RULE-4-8/ObjectWithNoPointerDereferenceShouldBeOpaque.qlref deleted file mode 100644 index 4a5c410c38..0000000000 --- a/c/misra/test/rules/RULE-4-8/ObjectWithNoPointerDereferenceShouldBeOpaque.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-4-8/ObjectWithNoPointerDereferenceShouldBeOpaque.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-4-8/test.c b/c/misra/test/rules/RULE-4-8/test.c deleted file mode 100644 index 0b5f4d6639..0000000000 --- a/c/misra/test/rules/RULE-4-8/test.c +++ /dev/null @@ -1,46 +0,0 @@ -#include "test.h" -#include "test_shared.h" -struct s3 { - int v1; - struct s3_1 { - int a; - } v2; // COMPLIANT -}; // COMPLIANT - -struct s4 { - int v1; -}; // NON_COMPLIANT - -typedef struct s3 s3_t; -typedef struct s4 s4_t; - -void *f1(struct s1 *p1) { return (void *)p1; } - -void *f2(struct s2 *p1) { - int v1 = p1->v1; - return p1; -} - -s3_t *f3(s3_t *p1) { - int v1 = p1[0].v1; - return p1; -} - -void *f4(s4_t *p1) { return p1; } - -void *f5(struct only_test1_s1 *p1) { - int v1 = p1->v1; - return (void *)p1; -} - -void *f6(struct shared_s1 *p1) { - int v1 = p1->v1; - return (void *)p1; -} - -void *f7(union shared_u1 *p1) { return (void *)p1; } - -void *f8(union shared_u2 *p1) { - int v1 = p1->v1; - return (void *)p1; -} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-4-8/test.h b/c/misra/test/rules/RULE-4-8/test.h deleted file mode 100644 index 30ff6ca33e..0000000000 --- a/c/misra/test/rules/RULE-4-8/test.h +++ /dev/null @@ -1,10 +0,0 @@ -#ifndef TEST_H_ -#define TEST_H_ -struct s1 { - int v1; -}; // NON_COMPLIANT - -struct s2 { - int v1; -}; // COMPLIANT -#endif // TEST_H_ \ No newline at end of file diff --git a/c/misra/test/rules/RULE-4-8/test_2.c b/c/misra/test/rules/RULE-4-8/test_2.c deleted file mode 100644 index 84328bb5f5..0000000000 --- a/c/misra/test/rules/RULE-4-8/test_2.c +++ /dev/null @@ -1,46 +0,0 @@ -#include "test_shared.h" - -struct s1 { - float v1; -}; // COMPLIANT - -struct s2 { - float v1; -}; // NON_COMPLIANT - -struct s3 { - float v1; -}; // COMPLIANT - -void *f1(struct s1 *p1) { - int v1 = p1->v1; - return (void *)p1; -} - -void *f2(struct s2 *p1) { return (void *)p1; } - -void *f3(struct only_test2_s1 *p1) { - int v1 = (*p1).v1; - return (void *)p1; -} - -void *f4(struct only_test2_s1 *p1) { - int v1 = p1->v1; - return (void *)p1; -} - -void *f5(struct only_test2_s2 *p1) { return (void *)p1; } - -void *f6(union shared_u1 *p1) { return (void *)p1; } - -void *f7(union shared_u2 *p1) { - int v1 = p1->v1; - return (void *)p1; -} - -void *f8(void) { - struct s3 v1; - return (void *)0; -} - -void *f9(struct s3 *p1) { return (void *)p1; } \ No newline at end of file diff --git a/c/misra/test/rules/RULE-4-8/test_shared.h b/c/misra/test/rules/RULE-4-8/test_shared.h deleted file mode 100644 index c3c44fc43b..0000000000 --- a/c/misra/test/rules/RULE-4-8/test_shared.h +++ /dev/null @@ -1,28 +0,0 @@ -#ifndef TEST_SHARED_H_ -#define TEST_SHARED_H_ -struct shared_s1 { - int v1; -}; // COMPLIANT - -struct only_test1_s1 { - int v1; -}; // COMPLIANT - -struct only_test2_s1 { - int v1; -}; // COMPLIANT - -struct only_test2_s2 { - int v1; -}; // NON_COMPLIANT - -union shared_u1 { - int v1; - float v2; -}; // NON_COMPLIANT - -union shared_u2 { - int v1; - float v2; -}; // COMPLIANT -#endif // TEST_SHARED_H_ \ No newline at end of file From 2dede330c9d8e6d1a71665df3de3cefcc3ce134b Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 4 Nov 2022 12:21:57 -0400 Subject: [PATCH 0079/2573] changenotes --- change_notes/2022-11-04-refactor-dir-rules.md | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 change_notes/2022-11-04-refactor-dir-rules.md diff --git a/change_notes/2022-11-04-refactor-dir-rules.md b/change_notes/2022-11-04-refactor-dir-rules.md new file mode 100644 index 0000000000..303f718ddd --- /dev/null +++ b/change_notes/2022-11-04-refactor-dir-rules.md @@ -0,0 +1,9 @@ +- The following rules have been renamed: + - RULE-4-4 has been renamed to DIR-4-4 to reflect correct naming as per + MISRA C:2012 standard. + - RULE-4-8 has been renamed to DIR-4-8 to reflect correct naming as per + MISRA C:2012 standard. + - RULE-4-10 has been renamed to DIR-4-10 to reflect correct naming as per + MISRA C:2012 standard. + - RULE-4-12 has been renamed to DIR-4-12 to reflect correct naming as per + MISRA C:2012 standard. \ No newline at end of file From b303d0ed4ab0cc299eff5c6e7ca7345ce2071e4e Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 4 Nov 2022 12:24:56 -0400 Subject: [PATCH 0080/2573] missed this --- .../DIR-4-8/ObjectWithNoPointerDereferenceShouldBeOpaque.qlref | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/misra/test/rules/DIR-4-8/ObjectWithNoPointerDereferenceShouldBeOpaque.qlref b/c/misra/test/rules/DIR-4-8/ObjectWithNoPointerDereferenceShouldBeOpaque.qlref index 4a5c410c38..dfa03268cf 100644 --- a/c/misra/test/rules/DIR-4-8/ObjectWithNoPointerDereferenceShouldBeOpaque.qlref +++ b/c/misra/test/rules/DIR-4-8/ObjectWithNoPointerDereferenceShouldBeOpaque.qlref @@ -1 +1 @@ -rules/RULE-4-8/ObjectWithNoPointerDereferenceShouldBeOpaque.ql \ No newline at end of file +rules/DIR-4-8/ObjectWithNoPointerDereferenceShouldBeOpaque.ql \ No newline at end of file From efb286df73c616893cd8b267d85e0d6cdc0c94bb Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 7 Nov 2022 09:57:10 +0000 Subject: [PATCH 0081/2573] EXP32-C: Add test case --- c/cert/test/rules/EXP32-C/test.c | 38 ++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 c/cert/test/rules/EXP32-C/test.c diff --git a/c/cert/test/rules/EXP32-C/test.c b/c/cert/test/rules/EXP32-C/test.c new file mode 100644 index 0000000000..d9b07ac84d --- /dev/null +++ b/c/cert/test/rules/EXP32-C/test.c @@ -0,0 +1,38 @@ +volatile int *volatile_f(); + +void test_cast_away_volatile() { + volatile int *l1 = volatile_f(); // COMPLIANT + int *l2 = (int *)l1; // NON_COMPLIANT + int *l3 = (int *)volatile_f(); // NON_COMPLIANT + *l2; // Volatile object is accessed through a non-volatile pointer +} + +void test_volatile_lost_by_assignment() { + static volatile int val = 0; + static int *non_compliant_pointer; + static volatile int **compliant_pointer_to_pointer; + compliant_pointer_to_pointer = &non_compliant_pointer; // NON_COMPLIANT + *compliant_pointer_to_pointer = &val; + *non_compliant_pointer; // Volatile object is accessed through a non-volatile + // pointer +} + +void test_volatile_lost_by_assignment_and_cast() { + static volatile int val = 0; + static int *non_compliant_pointer; + static volatile int **compliant_pointer_to_pointer; + compliant_pointer_to_pointer = + (int **)&non_compliant_pointer; // NON_COMPLIANT + *compliant_pointer_to_pointer = &val; + *non_compliant_pointer; // Volatile object is accessed through a non-volatile + // pointer +} + +void test_volatile_not_lost_by_assignment_and_cast() { + static volatile int val = 0; + static volatile int *compliant_pointer; + static volatile int **compliant_pointer_to_pointer; + compliant_pointer_to_pointer = &compliant_pointer; // COMPLIANT + *compliant_pointer_to_pointer = &val; + *compliant_pointer; // Volatile object is accessed through a volatile pointer +} \ No newline at end of file From ee22665b43cad9b28c16bc02a48ba11835deb5c0 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 7 Nov 2022 09:57:27 +0000 Subject: [PATCH 0082/2573] EXP36-C: Add test case --- c/cert/test/rules/EXP36-C/test.c | 156 +++++++++++++++++++++++++++++++ 1 file changed, 156 insertions(+) create mode 100644 c/cert/test/rules/EXP36-C/test.c diff --git a/c/cert/test/rules/EXP36-C/test.c b/c/cert/test/rules/EXP36-C/test.c new file mode 100644 index 0000000000..7f4230ffa1 --- /dev/null +++ b/c/cert/test/rules/EXP36-C/test.c @@ -0,0 +1,156 @@ +#include +#include + +void test_direct_cast_alignment() { + char c1 = 1; // assuming 1-byte alignment + (char *)&c1; // COMPLIANT + (short *)&c1; // NON_COMPLIANT + (int *)&c1; // NON_COMPLIANT + (long *)&c1; // NON_COMPLIANT + (float *)&c1; // NON_COMPLIANT + (double *)&c1; // NON_COMPLIANT + + short s1 = 1; // assuming 2-byte alignment + (char *)&s1; // COMPLIANT + (short *)&s1; // COMPLIANT + (int *)&s1; // NON_COMPLIANT + (long *)&s1; // NON_COMPLIANT + (float *)&c1; // NON_COMPLIANT + (double *)&c1; // NON_COMPLIANT + + int i1 = 1; // assuming 4-byte alignment + (char *)&i1; // COMPLIANT + (short *)&i1; // COMPLIANT + (int *)&i1; // COMPLIANT + (float *)&c1; // COMPLIANT + (long *)&i1; // NON_COMPLIANT - assuming 8 byte alignment for longs + (double *)&c1; // NON_COMPLIANT + + float f1 = 1; // assuming 4-byte alignment + (char *)&f1; // COMPLIANT + (short *)&f1; // COMPLIANT + (int *)&f1; // COMPLIANT + (float *)&f1; // COMPLIANT + (long *)&f1; // NON_COMPLIANT + (double *)&f1; // NON_COMPLIANT + + long l1 = 1; // assuming 8-byte alignment + (char *)&l1; // COMPLIANT + (short *)&l1; // COMPLIANT + (int *)&l1; // COMPLIANT + (float *)&c1; // COMPLIANT + (long *)&l1; // COMPLIANT + (double *)&c1; // COMPLIANT + + double d1 = 1; // assuming 8-byte alignment + (char *)&d1; // COMPLIANT + (short *)&d1; // COMPLIANT + (int *)&d1; // COMPLIANT + (float *)&d1; // COMPLIANT + (long *)&d1; // COMPLIANT + (double *)&d1; // COMPLIANT +} + +void custom_aligned_types() { + alignas(int) char c1 = 1; + (char *)&c1; // COMPLIANT + (short *)&c1; // COMPLIANT + (int *)&c1; // COMPLIANT + (float *)&c1; // COMPLIANT + (long *)&c1; // NON_COMPLIANT + (double *)&c1; // NON_COMPLIANT + + alignas(32) char c2 = 1; + (char *)&c2; // COMPLIANT + (short *)&c2; // COMPLIANT + (int *)&c2; // COMPLIANT + (float *)&c2; // COMPLIANT + (long *)&c2; // NON_COMPLIANT + (double *)&c2; // NON_COMPLIANT +} + +void test_via_void_direct() { + char c1 = 1; + void *v1 = &c1; + (char *)v1; // COMPLIANT + (short *)v1; // NON_COMPLIANT + (int *)v1; // NON_COMPLIANT + (float *)v1; // NON_COMPLIANT + (long *)v1; // NON_COMPLIANT + (double *)v1; // NON_COMPLIANT + + short s1 = 1; + void *v2 = &s1; + (char *)v2; // COMPLIANT + (short *)v2; // COMPLIANT + (int *)v2; // NON_COMPLIANT + (float *)v2; // NON_COMPLIANT + (long *)v2; // NON_COMPLIANT + (double *)v2; // NON_COMPLIANT + + int i1 = 1; + void *v3 = &i1; + (char *)v3; // COMPLIANT + (short *)v3; // COMPLIANT + (int *)v3; // COMPLIAN + (float *)v3; // COMPLIANT + (long *)v3; // NON_COMPLIANT - assuming 8 byte alignment for longs + (double *)v3; // NON_COMPLIANT - but only on x64 + + float f1 = 1; + void *v4 = &f1; + (char *)v4; // COMPLIANT + (short *)v4; // COMPLIANT + (int *)v4; // COMPLIANT + (float *)v4; // COMPLIANT + (long *)v4; // NON_COMPLIANT - assuming 8 byte alignment for longs + (double *)v4; // NON_COMPLIANT + + long l1 = 1; + void *v5 = &l1; + (char *)v5; // COMPLIANT + (short *)v5; // COMPLIANT + (int *)v5; // COMPLIANT + (float *)v5; // COMPLIANT + (long *)v5; // COMPLIANT + (double *)v5; // COMPLIANT + + double d1 = 1; + void *v6 = &d1; + (char *)v6; // COMPLIANT + (short *)v6; // COMPLIANT + (int *)v6; // COMPLIANT + (float *)v6; // COMPLIANT + (long *)v6; // COMPLIANT + (double *)v6; // COMPLIANT +} + +int *cast_away(void *v) { + return (int *)v; // compliance depends on context +} + +void test_via_void_indirect() { + char c1 = 1; + cast_away((void *)c1); // NON_COMPLIANT + + int i1 = 1; + cast_away((void *)i1); // COMPLIANT +} + +struct S1 { + char c1; + unsigned char data[8]; +}; + +struct S2 { + char c1; + alignas(size_t) unsigned char data[8]; +}; + +void test_struct_alignment() { + S1 s1; + (size_t *)&s1.data; // NON_COMPLIANT + + S2 s2; + (size_t *)&s2.data; // COMPLIANT +} \ No newline at end of file From 94347c4210f0b4a7bed8f6fa5a3ca798d00add3e Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 7 Nov 2022 11:08:52 +0000 Subject: [PATCH 0083/2573] EXP43-C: Add test case --- c/cert/test/rules/EXP39-C/test.c | 81 ++++++++++++++++++++++++++++++++ 1 file changed, 81 insertions(+) create mode 100644 c/cert/test/rules/EXP39-C/test.c diff --git a/c/cert/test/rules/EXP39-C/test.c b/c/cert/test/rules/EXP39-C/test.c new file mode 100644 index 0000000000..c4ccdb45e0 --- /dev/null +++ b/c/cert/test/rules/EXP39-C/test.c @@ -0,0 +1,81 @@ +void test_incompatible_arithmetic() { + float f = 0.0f; + int *p = (int *)&f; // NON_COMPLIANT - arithmetic types are not compatible + // with each other + (*p)++; + + short s[2]; + (int *)&s; // NON_COMPLIANT + + (short(*)[4]) & s; // NON_COMPLIANT - array of size 2 is not compatible with + // array of size 4 (n1570 6.7.6.2 paragraph 7) + (short(*)[2]) & s; // COMPLIANT + + // char may be signed or unsigned, and so is not compatible with either + char c1; + (signed char *)&c1; // NON_COMPLIANT + (unsigned char *)&c1; // NON_COMPLIANT + (char *)&c1; // NON_COMPLIANT + + // int is defined as signed, so is compatible with all the signed versions + // (long, short etc. are similar) + int i1; + (signed int *)&i1; // COMPLIANT + (int *)&i1; // COMPLIANT + (signed *)&i1; // COMPLIANT + (unsigned int *)&i1; // NON_COMPLIANT + (const int *)&i1; // NON_COMPLIANT +} + +struct { + int a; +} * s1; +struct { + int a; +} * s2; +struct S1 { + int a; +} * s3; +struct S1 *s4; + +// TODO test across files +void test_incompatible_structs() { + // s1 and s2 do not have tags, and are therefore not compatible + s1 = s2; // NON_COMPLIANT + // s3 tag is inconsistent with s1 tag + s1 = s3; // NON_COMPLIANT + s3 = s1; // NON_COMPLIANT + // s4 tag is consistent with s3 tag + s3 = s4; // COMPLIANT + s4 = s3; // COMPLIANT +} + +enum E1 { E1A, E1B }; +enum E2 { E2A, E2B }; + +void test_enums() { + enum E1 e1 = E1A; + enum E2 e2 = e1; // COMPLIANT + // Enums are also compatible with one of `char`, a signed integer type or an + // unsigned integer type. It is implementation defined which is used, so + // choose an appropriate type below for this test + (int *)&e1; // COMPLIANT +} + +int *void_cast(void *v) { return (int *)v; } + +void test_indirect_cast() { + float f1 = 0.0f; + void_cast(&f1); // NON_COMPLIANT + int i1 = 0; + void_cast(&i1); // COMPLIANT +} + +signed f(int y) { return y; } +int g(signed int x) { return x; } + +// 6.7.6.3 p15 +void test_compatible_functions() { + signed (*f1)(int) = &g; // COMPLIANT + int (*g1)(signed int) = &f; // COMPLIANT +} \ No newline at end of file From 741ab39798d4945504dfede824c40dd51b9515f9 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 7 Nov 2022 11:12:55 +0000 Subject: [PATCH 0084/2573] EXP39-C: Add malloc/realloc test --- c/cert/test/rules/EXP39-C/test.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/c/cert/test/rules/EXP39-C/test.c b/c/cert/test/rules/EXP39-C/test.c index c4ccdb45e0..1b67ec028e 100644 --- a/c/cert/test/rules/EXP39-C/test.c +++ b/c/cert/test/rules/EXP39-C/test.c @@ -78,4 +78,22 @@ int g(signed int x) { return x; } void test_compatible_functions() { signed (*f1)(int) = &g; // COMPLIANT int (*g1)(signed int) = &f; // COMPLIANT +} + +struct S2 { + int a; + int b; +}; + +struct S3 { + int a; + int b; +}; + +void test_realloc() { + struct S2 *s2 = (struct S2 *)malloc(sizeof(struct S2)); + struct S3 *s3 = (struct S3 *)realloc(s2, sizeof(struct S3)); + s3->a; // NON_COMPLIANT + memset(s3, 0, sizeof(struct S3)); + s3->a; // COMPLIANT } \ No newline at end of file From 84628447c3ff51d30ab4a6b28f731b94f9d917e4 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 7 Nov 2022 11:48:06 +0000 Subject: [PATCH 0085/2573] EXP43-C: Add test cases --- c/cert/test/rules/EXP43-C/test.c | 76 ++++++++++++++++++++++++++++++++ 1 file changed, 76 insertions(+) create mode 100644 c/cert/test/rules/EXP43-C/test.c diff --git a/c/cert/test/rules/EXP43-C/test.c b/c/cert/test/rules/EXP43-C/test.c new file mode 100644 index 0000000000..8527f7ce84 --- /dev/null +++ b/c/cert/test/rules/EXP43-C/test.c @@ -0,0 +1,76 @@ +#include +#include + +int *restrict g1; +int *restrict g2; + +void test_global_local() { + int *restrict i1 = g1; // COMPLIANT + int *restrict i2 = g2; // COMPLIANT + int *restrict i3 = i2; // NON_COMPLIANT + g1 = g2; // NON_COMPLIANT + i1 = i2; // NON_COMPLIANT +} + +void copy(int *restrict p1, int *restrict p2, size_t s) { + for (size_t i = 0; i < s; ++i) { + p2[i] = p1[i]; + } +} + +void test_restrict_params() { + int i1 = 1; + int i2 = 2; + copy(&i1, &i1, 1); // NON_COMPLIANT + copy(&i1, &i2, 1); // COMPLIANT + + int x[10]; + copy(x[0], x[1], 1); // COMPLIANT - non overlapping + copy(x[0], x[1], 2); // NON_COMPLIANT - overlapping +} + +void test_strcpy() { + char s1[] = "my test string"; + char s2[] = "my other string"; + strcpy(&s1, &s1 + 3); // NON_COMPLIANT + strcpy(&s2, &s1); // COMPLIANT +} + +void test_strcpy_s() { + char s1[] = "my test string"; + char s2[] = "my other string"; + strcpy_s(&s1, &s1 + 3); // NON_COMPLIANT + strcpy_s(&s2, sizeof(s2), &s1); // COMPLIANT +} + +void test_memcpy() { + char s1[] = "my test string"; + char s2[] = "my other string"; + memcpy(&s1, &s1 + 3, 5); // NON_COMPLIANT + memcpy(&s2, &s1 + 3, 5); // COMPLIANT +} + +void test_memcpy_s() { + char s1[] = "my test string"; + char s2[] = "my other string"; + memcpy_s(&s1, sizeof(s1), &s1 + 3, 5); // NON_COMPLIANT + memcpy_s(&s2, sizeof(s2), &s1 + 3, 5); // COMPLIANT +} + +void test_memmove() { + char s1[] = "my test string"; + char s2[] = "my other string"; + memmove(&s1, &s1 + 3, 5); // COMPLIANT + memmove(&s2, &s1 + 3, 5); // COMPLIANT +} + +void test_scanf() { + char s1[200] = "%10s"; + scanf(&s2, &s2 + 4); // NON_COMPLIANT +} + +// TODO also consider the following: +// strncpy(), strncpy_s() +// strcat(), strcat_s() +// strncat(), strncat_s() +// strtok_s() \ No newline at end of file From b6acb5227ace80658a3aafe138b9912ca53ca872 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Mon, 7 Nov 2022 14:56:42 -0500 Subject: [PATCH 0086/2573] Preprocessor6: move IrreplaceableFunctionLikeMacro lib location --- .../src/codingstandards/c}/IrreplaceableFunctionLikeMacro.qll | 0 c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql | 2 +- 2 files changed, 1 insertion(+), 1 deletion(-) rename c/{misra/src/rules/DIR-4-9 => common/src/codingstandards/c}/IrreplaceableFunctionLikeMacro.qll (100%) diff --git a/c/misra/src/rules/DIR-4-9/IrreplaceableFunctionLikeMacro.qll b/c/common/src/codingstandards/c/IrreplaceableFunctionLikeMacro.qll similarity index 100% rename from c/misra/src/rules/DIR-4-9/IrreplaceableFunctionLikeMacro.qll rename to c/common/src/codingstandards/c/IrreplaceableFunctionLikeMacro.qll diff --git a/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql b/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql index 50f8383572..e53294fba5 100644 --- a/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql +++ b/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql @@ -15,7 +15,7 @@ import cpp import codingstandards.c.misra -import IrreplaceableFunctionLikeMacro +import codingstandards.c.IrreplaceableFunctionLikeMacro predicate partOfConstantExpr(MacroInvocation i) { exists(Expr e | From d323bb1d38fef3f50f10e24a2dcecfacbcf33bff Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 8 Nov 2022 10:10:49 -0500 Subject: [PATCH 0087/2573] Fix formatting shared query ConstLikeReturnValue --- .../constlikereturnvalue/ConstLikeReturnValue.expected | 6 +++--- .../rules/constlikereturnvalue/ConstLikeReturnValue.qll | 7 ++----- 2 files changed, 5 insertions(+), 8 deletions(-) diff --git a/c/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.expected b/c/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.expected index 76be777469..94e63062c5 100644 --- a/c/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.expected +++ b/c/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.expected @@ -1,7 +1,7 @@ problems -| test.c:8:8:8:12 | c_str | The object returned by the function getenv should not be modified. | test.c:15:16:15:21 | call to getenv | call to getenv | test.c:8:8:8:12 | c_str | c_str | -| test.c:64:5:64:9 | conv4 | The object returned by the function localeconv should not be modified. | test.c:61:11:61:20 | call to localeconv | call to localeconv | test.c:64:5:64:9 | conv4 | conv4 | -| test.c:73:5:73:8 | conv | The object returned by the function localeconv should not be modified. | test.c:69:25:69:34 | call to localeconv | call to localeconv | test.c:73:5:73:8 | conv | conv | +| test.c:8:8:8:12 | c_str | test.c:15:16:15:21 | call to getenv | test.c:8:8:8:12 | c_str | The object returned by the function getenv should not be modified. | +| test.c:64:5:64:9 | conv4 | test.c:61:11:61:20 | call to localeconv | test.c:64:5:64:9 | conv4 | The object returned by the function localeconv should not be modified. | +| test.c:73:5:73:8 | conv | test.c:69:25:69:34 | call to localeconv | test.c:73:5:73:8 | conv | The object returned by the function localeconv should not be modified. | edges | test.c:5:18:5:22 | c_str | test.c:8:8:8:12 | c_str | | test.c:15:16:15:21 | call to getenv | test.c:21:9:21:12 | env1 | diff --git a/cpp/common/src/codingstandards/cpp/rules/constlikereturnvalue/ConstLikeReturnValue.qll b/cpp/common/src/codingstandards/cpp/rules/constlikereturnvalue/ConstLikeReturnValue.qll index dde44214b8..5499e4ae42 100644 --- a/cpp/common/src/codingstandards/cpp/rules/constlikereturnvalue/ConstLikeReturnValue.qll +++ b/cpp/common/src/codingstandards/cpp/rules/constlikereturnvalue/ConstLikeReturnValue.qll @@ -52,8 +52,7 @@ class DFConf extends DataFlow::Configuration { } query predicate problems( - Element e, string message, DataFlow::PathNode source, string sourcetext, DataFlow::PathNode sink, - string sinktext + Element e, DataFlow::PathNode source, DataFlow::PathNode sink, string message ) { not isExcluded(e, getQuery()) and // the modified object comes from a call to one of the ENV functions @@ -61,7 +60,5 @@ query predicate problems( e = sink.getNode().asExpr() and message = "The object returned by the function " + - source.getNode().asExpr().(FunctionCall).getTarget().getName() + " should not be modified." and - sourcetext = source.toString() and - sinktext = sink.toString() + source.getNode().asExpr().(FunctionCall).getTarget().getName() + " should not be modified." } From f215dcc12c183b6ba50d0dce067ff4f516333a18 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Tue, 8 Nov 2022 15:55:51 +0000 Subject: [PATCH 0088/2573] Update developer handbook to exclude C90 --- docs/development_handbook.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/development_handbook.md b/docs/development_handbook.md index 898fed7542..93fe64fc2c 100644 --- a/docs/development_handbook.md +++ b/docs/development_handbook.md @@ -82,7 +82,7 @@ For each supported coding standard we will provide: These packs will be organized by supported language. The current supported languages are: - C++14 standardized by [ISO/IEC 14882:2014](https://www.iso.org/standard/64029.html) located in the directory `cpp`. -- C90 standardized by [ISO/IEC 9899:1990](https://www.iso.org/standard/17782.html), [C99] standardized by [ISO/IEC 9899:1999](https://www.iso.org/standard/29237.html), and C11 standardized by [ISO/IEC 9899:2011](https://www.iso.org/standard/57853.html). All are located in the directory `c`. +- [C99] standardized by [ISO/IEC 9899:1999](https://www.iso.org/standard/29237.html) and C11 standardized by [ISO/IEC 9899:2011](https://www.iso.org/standard/57853.html). All are located in the directory `c`. For each language, we will also include: 1. A CodeQL query pack containing "common" libraries, which provide support. From c472266969ad61f5f94b5708a688cffbe03d408d Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Tue, 8 Nov 2022 16:00:26 +0000 Subject: [PATCH 0089/2573] Add change log entry for C90 removal --- docs/development_handbook.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/development_handbook.md b/docs/development_handbook.md index 93fe64fc2c..d35c03f2d2 100644 --- a/docs/development_handbook.md +++ b/docs/development_handbook.md @@ -32,6 +32,7 @@ | 0.24.0 | 2022-07-05 | Remco Vermeulen | Update release process to include steps for external help files. | | 0.25.0 | 2022-07-22 | Jeroen Ketema | Document the existence and purpose of the `next` branch. | | 0.26.0 | 2022-08-10 | Remco Vermeulen | Address incorrect package file generation command. This was missing the required language argument. | +| 0.27.0 | 2022-11-08 | Luke Cartey | Update the versions of C we intend to support to exclude C90, which reflects the intended scope at the outset of the project. | ## Scope of work From 861347b876b1b55531bc9737a56ec790242d4c7c Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Tue, 8 Nov 2022 17:27:39 +0100 Subject: [PATCH 0090/2573] Init project Contracts6 --- .../EXP40-C/DoNotModifyConstantObjects.md | 96 +++++++++++++++++++ .../EXP40-C/DoNotModifyConstantObjects.ql | 18 ++++ .../DoNotModifyConstantObjects.expected | 1 + .../EXP40-C/DoNotModifyConstantObjects.qlref | 1 + .../RightHandOperandOfAShiftOperatorRange.ql | 19 ++++ .../ArrayFunctionArgumentNumberOfElements.ql | 19 ++++ .../ValueReturnedByAFunctionNotUsed.ql | 18 ++++ ...tHandOperandOfAShiftOperatorRange.expected | 1 + ...ightHandOperandOfAShiftOperatorRange.qlref | 1 + ...yFunctionArgumentNumberOfElements.expected | 1 + ...rrayFunctionArgumentNumberOfElements.qlref | 1 + .../ValueReturnedByAFunctionNotUsed.expected | 1 + .../ValueReturnedByAFunctionNotUsed.qlref | 1 + .../cpp/exclusions/c/Contracts6.qll | 74 ++++++++++++++ .../cpp/exclusions/c/RuleMetadata.qll | 3 + rule_packages/c/Contracts6.json | 74 ++++++++++++++ 16 files changed, 329 insertions(+) create mode 100644 c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.md create mode 100644 c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql create mode 100644 c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.expected create mode 100644 c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.qlref create mode 100644 c/misra/src/rules/RULE-12-2/RightHandOperandOfAShiftOperatorRange.ql create mode 100644 c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql create mode 100644 c/misra/src/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.ql create mode 100644 c/misra/test/rules/RULE-12-2/RightHandOperandOfAShiftOperatorRange.expected create mode 100644 c/misra/test/rules/RULE-12-2/RightHandOperandOfAShiftOperatorRange.qlref create mode 100644 c/misra/test/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.expected create mode 100644 c/misra/test/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.qlref create mode 100644 c/misra/test/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.expected create mode 100644 c/misra/test/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.qlref create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/Contracts6.qll create mode 100644 rule_packages/c/Contracts6.json diff --git a/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.md b/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.md new file mode 100644 index 0000000000..3ddecd6abf --- /dev/null +++ b/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.md @@ -0,0 +1,96 @@ +# EXP40-C: Do not modify constant objects + +This query implements the CERT-C rule EXP40-C: + +> Do not modify constant objects + + + +## Description + +The C Standard, 6.7.3, paragraph 6 \[[IS](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)[O/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\], states + +> If an attempt is made to modify an object defined with a `const`-qualified type through use of an [lvalue](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-lvalue) with non-`const`-qualified type, the behavior is undefined. + + +See also [undefined behavior 64](https://wiki.sei.cmu.edu/confluence/display/c/CC.+Undefined+Behavior#CC.UndefinedBehavior-ub_64). + +There are existing compiler [implementations](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation) that allow `const`-qualified objects to be modified without generating a warning message. + +Avoid casting away `const` qualification because doing so makes it possible to modify `const`-qualified objects without issuing diagnostics. (See [EXP05-C. Do not cast away a const qualification](https://wiki.sei.cmu.edu/confluence/display/c/EXP05-C.+Do+not+cast+away+a+const+qualification) and [STR30-C. Do not attempt to modify string literals](https://wiki.sei.cmu.edu/confluence/display/c/STR30-C.+Do+not+attempt+to+modify+string+literals) for more details.) + +## Noncompliant Code Example + +This noncompliant code example allows a constant object to be modified: + +```cpp +const int **ipp; +int *ip; +const int i = 42; + +void func(void) { + ipp = &ip; /* Constraint violation */ + *ipp = &i; /* Valid */ + *ip = 0; /* Modifies constant i (was 42) */ +} +``` +The first assignment is unsafe because it allows the code that follows it to attempt to change the value of the `const` object `i`. + +**Implementation Details** + +If `ipp`, `ip`, and `i` are declared as automatic variables, this example compiles without warning with Microsoft Visual Studio 2013 when compiled in C mode (`/TC`) and the resulting program changes the value of `i`. GCC 4.8.1 generates a warning but compiles, and the resulting program changes the value of `i`. + +If `ipp`, `ip`, and `i` are declared with static storage duration, this program compiles without warning and terminates abnormally with Microsoft Visual Studio 2013, and compiles with warning and terminates abnormally with GCC 4.8.1. + +## Compliant Solution + +The compliant solution depends on the intent of the programmer. If the intent is that the value of `i` is modifiable, then it should not be declared as a constant, as in this compliant solution: + +```cpp +int **ipp; +int *ip; +int i = 42; + +void func(void) { + ipp = &ip; /* Valid */ + *ipp = &i; /* Valid */ + *ip = 0; /* Valid */ +} +``` +If the intent is that the value of i is not meant to change, then do not write noncompliant code that attempts to modify it. + +## Risk Assessment + +Modifying constant objects through nonconstant references is [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). + +
Rule Severity Likelihood Remediation Cost Priority Level
EXP40-C Low Unlikely Medium P2 L3
+ + +## Automated Detection + +
Tool Version Checker Description
Astrée 22.04 assignment-to-non-modifiable-lvalue pointer-qualifier-cast-const pointer-qualifier-cast-const-implicit write-to-constant-memory Fully checked
Axivion Bauhaus Suite 7.2.0 CertC-EXP40
Coverity 2017.07 PW MISRA C 2004 Rule 11.5 Implemented
Helix QAC 2022.3 C0563
LDRA tool suite 9.7.1 582 S Fully implemented
Parasoft C/C++test 2022.1 CERT_C-EXP40-a A cast shall not remove any 'const' or 'volatile' qualification from the type of a pointer or reference
Polyspace Bug Finder R2022b CERT C: Rule EXP40-C Checks for write operations on const qualified objects (rule fully covered)
PRQA QA-C 9.7 0563 Partially implemented
RuleChecker 22.04 assignment-to-non-modifiable-lvalue pointer-qualifier-cast-const pointer-qualifier-cast-const-implicit Partially checked
TrustInSoft Analyzer 1.38 mem_access Exhaustively verified (see the compliant and the non-compliant example ).
+ + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+EXP40-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
Taxonomy Taxonomy item Relationship
CERT C Secure Coding Standard EXP05-C. Do not cast away a const qualification Prior to 2018-01-12: CERT: Unspecified Relationship
CERT C Secure Coding Standard STR30-C. Do not attempt to modify string literals Prior to 2018-01-12: CERT: Unspecified Relationship
+ + +## Bibliography + +
\[ ISO/IEC 9899:2011 \] Subclause 6.7.3, "Type Qualifiers"
+ + +## Implementation notes + +None + +## References + +* CERT-C: [EXP40-C: Do not modify constant objects](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql b/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql new file mode 100644 index 0000000000..51fcdb422a --- /dev/null +++ b/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql @@ -0,0 +1,18 @@ +/** + * @id c/cert/do-not-modify-constant-objects + * @name EXP40-C: Do not modify constant objects + * @description + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/cert/id/exp40-c + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert + +from +where + not isExcluded(x, Contracts6Package::doNotModifyConstantObjectsQuery()) and +select diff --git a/c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.expected b/c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.qlref b/c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.qlref new file mode 100644 index 0000000000..c07ac22f37 --- /dev/null +++ b/c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.qlref @@ -0,0 +1 @@ +rules/EXP40-C/DoNotModifyConstantObjects.ql \ No newline at end of file diff --git a/c/misra/src/rules/RULE-12-2/RightHandOperandOfAShiftOperatorRange.ql b/c/misra/src/rules/RULE-12-2/RightHandOperandOfAShiftOperatorRange.ql new file mode 100644 index 0000000000..dc3d7b99f9 --- /dev/null +++ b/c/misra/src/rules/RULE-12-2/RightHandOperandOfAShiftOperatorRange.ql @@ -0,0 +1,19 @@ +/** + * @id c/misra/right-hand-operand-of-a-shift-operator-range + * @name RULE-12-2: The right hand operand of a shift operator shall lie in the range zero to one less than the width in + * @description The right hand operand of a shift operator shall lie in the range zero to one less + * than the width in bits of the essential type of the left hand operand + * @kind problem + * @precision high + * @problem.severity error + * @tags external/misra/id/rule-12-2 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +from +where + not isExcluded(x, Contracts6Package::rightHandOperandOfAShiftOperatorRangeQuery()) and +select diff --git a/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql b/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql new file mode 100644 index 0000000000..651027af50 --- /dev/null +++ b/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql @@ -0,0 +1,19 @@ +/** + * @id c/misra/array-function-argument-number-of-elements + * @name RULE-17-5: The function argument corresponding to a parameter declared to have an array type shall have an + * @description The function argument corresponding to a parameter declared to have an array type + * shall have an appropriate number of elements + * @kind problem + * @precision high + * @problem.severity error + * @tags external/misra/id/rule-17-5 + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.c.misra + +from +where + not isExcluded(x, Contracts6Package::arrayFunctionArgumentNumberOfElementsQuery()) and +select diff --git a/c/misra/src/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.ql b/c/misra/src/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.ql new file mode 100644 index 0000000000..face46fcf5 --- /dev/null +++ b/c/misra/src/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.ql @@ -0,0 +1,18 @@ +/** + * @id c/misra/value-returned-by-a-function-not-used + * @name RULE-17-7: The value returned by a function having non-void return type shall be used + * @description + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-17-7 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +from +where + not isExcluded(x, Contracts6Package::valueReturnedByAFunctionNotUsedQuery()) and +select diff --git a/c/misra/test/rules/RULE-12-2/RightHandOperandOfAShiftOperatorRange.expected b/c/misra/test/rules/RULE-12-2/RightHandOperandOfAShiftOperatorRange.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/RULE-12-2/RightHandOperandOfAShiftOperatorRange.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-12-2/RightHandOperandOfAShiftOperatorRange.qlref b/c/misra/test/rules/RULE-12-2/RightHandOperandOfAShiftOperatorRange.qlref new file mode 100644 index 0000000000..d32cc27dcd --- /dev/null +++ b/c/misra/test/rules/RULE-12-2/RightHandOperandOfAShiftOperatorRange.qlref @@ -0,0 +1 @@ +rules/RULE-12-2/RightHandOperandOfAShiftOperatorRange.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.expected b/c/misra/test/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.qlref b/c/misra/test/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.qlref new file mode 100644 index 0000000000..41a893a32c --- /dev/null +++ b/c/misra/test/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.qlref @@ -0,0 +1 @@ +rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.expected b/c/misra/test/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.qlref b/c/misra/test/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.qlref new file mode 100644 index 0000000000..a365eed3d8 --- /dev/null +++ b/c/misra/test/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.qlref @@ -0,0 +1 @@ +rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.ql \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts6.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts6.qll new file mode 100644 index 0000000000..246a7af26b --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts6.qll @@ -0,0 +1,74 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype Contracts6Query = + TDoNotModifyConstantObjectsQuery() or + TRightHandOperandOfAShiftOperatorRangeQuery() or + TArrayFunctionArgumentNumberOfElementsQuery() or + TValueReturnedByAFunctionNotUsedQuery() + +predicate isContracts6QueryMetadata(Query query, string queryId, string ruleId) { + query = + // `Query` instance for the `doNotModifyConstantObjects` query + Contracts6Package::doNotModifyConstantObjectsQuery() and + queryId = + // `@id` for the `doNotModifyConstantObjects` query + "c/cert/do-not-modify-constant-objects" and + ruleId = "EXP40-C" + or + query = + // `Query` instance for the `rightHandOperandOfAShiftOperatorRange` query + Contracts6Package::rightHandOperandOfAShiftOperatorRangeQuery() and + queryId = + // `@id` for the `rightHandOperandOfAShiftOperatorRange` query + "c/misra/right-hand-operand-of-a-shift-operator-range" and + ruleId = "RULE-12-2" + or + query = + // `Query` instance for the `arrayFunctionArgumentNumberOfElements` query + Contracts6Package::arrayFunctionArgumentNumberOfElementsQuery() and + queryId = + // `@id` for the `arrayFunctionArgumentNumberOfElements` query + "c/misra/array-function-argument-number-of-elements" and + ruleId = "RULE-17-5" + or + query = + // `Query` instance for the `valueReturnedByAFunctionNotUsed` query + Contracts6Package::valueReturnedByAFunctionNotUsedQuery() and + queryId = + // `@id` for the `valueReturnedByAFunctionNotUsed` query + "c/misra/value-returned-by-a-function-not-used" and + ruleId = "RULE-17-7" +} + +module Contracts6Package { + Query doNotModifyConstantObjectsQuery() { + //autogenerate `Query` type + result = + // `Query` type for `doNotModifyConstantObjects` query + TQueryC(TContracts6PackageQuery(TDoNotModifyConstantObjectsQuery())) + } + + Query rightHandOperandOfAShiftOperatorRangeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `rightHandOperandOfAShiftOperatorRange` query + TQueryC(TContracts6PackageQuery(TRightHandOperandOfAShiftOperatorRangeQuery())) + } + + Query arrayFunctionArgumentNumberOfElementsQuery() { + //autogenerate `Query` type + result = + // `Query` type for `arrayFunctionArgumentNumberOfElements` query + TQueryC(TContracts6PackageQuery(TArrayFunctionArgumentNumberOfElementsQuery())) + } + + Query valueReturnedByAFunctionNotUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `valueReturnedByAFunctionNotUsed` query + TQueryC(TContracts6PackageQuery(TValueReturnedByAFunctionNotUsedQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index ad05d9b737..33802d7235 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -12,6 +12,7 @@ import Contracts1 import Contracts2 import Contracts3 import Contracts4 +import Contracts6 import Declarations1 import Declarations2 import Declarations3 @@ -48,6 +49,7 @@ newtype TCQuery = TContracts2PackageQuery(Contracts2Query q) or TContracts3PackageQuery(Contracts3Query q) or TContracts4PackageQuery(Contracts4Query q) or + TContracts6PackageQuery(Contracts6Query q) or TDeclarations1PackageQuery(Declarations1Query q) or TDeclarations2PackageQuery(Declarations2Query q) or TDeclarations3PackageQuery(Declarations3Query q) or @@ -84,6 +86,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId) { isContracts2QueryMetadata(query, queryId, ruleId) or isContracts3QueryMetadata(query, queryId, ruleId) or isContracts4QueryMetadata(query, queryId, ruleId) or + isContracts6QueryMetadata(query, queryId, ruleId) or isDeclarations1QueryMetadata(query, queryId, ruleId) or isDeclarations2QueryMetadata(query, queryId, ruleId) or isDeclarations3QueryMetadata(query, queryId, ruleId) or diff --git a/rule_packages/c/Contracts6.json b/rule_packages/c/Contracts6.json new file mode 100644 index 0000000000..0113b16542 --- /dev/null +++ b/rule_packages/c/Contracts6.json @@ -0,0 +1,74 @@ +{ + "CERT-C": { + "EXP40-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "Do not modify constant objects", + "precision": "very-high", + "severity": "error", + "short_name": "DoNotModifyConstantObjects", + "tags": [] + } + ], + "title": "Do not modify constant objects" + } + }, + "MISRA-C-2012": { + "RULE-12-2": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "The right hand operand of a shift operator shall lie in the range zero to one less than the width in bits of the essential type of the left hand operand", + "kind": "problem", + "name": "The right hand operand of a shift operator shall lie in the range zero to one less than the width in", + "precision": "high", + "severity": "error", + "short_name": "RightHandOperandOfAShiftOperatorRange", + "tags": [] + } + ], + "title": "The right hand operand of a shift operator shall lie in the range zero to one less than the width in bits of the essential type of the left hand operand" + }, + "RULE-17-5": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "The function argument corresponding to a parameter declared to have an array type shall have an appropriate number of elements", + "kind": "problem", + "name": "The function argument corresponding to a parameter declared to have an array type shall have an", + "precision": "high", + "severity": "error", + "short_name": "ArrayFunctionArgumentNumberOfElements", + "tags": [] + } + ], + "title": "The function argument corresponding to a parameter declared to have an array type shall have an appropriate number of elements" + }, + "RULE-17-7": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "The value returned by a function having non-void return type shall be used", + "precision": "very-high", + "severity": "error", + "short_name": "ValueReturnedByAFunctionNotUsed", + "tags": [] + } + ], + "title": "The value returned by a function having non-void return type shall be used" + } + } +} \ No newline at end of file From 0358f6ef588eddae03060e097b29ddf2beb2ca08 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Tue, 8 Nov 2022 16:35:17 -0500 Subject: [PATCH 0091/2573] extractor --- c/misra/test/rules/RULE-1-2/test.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/c/misra/test/rules/RULE-1-2/test.c b/c/misra/test/rules/RULE-1-2/test.c index 0a2ca37057..f71fb1ac4f 100644 --- a/c/misra/test/rules/RULE-1-2/test.c +++ b/c/misra/test/rules/RULE-1-2/test.c @@ -1,3 +1,7 @@ +// semmle-extractor-options:--clang -fhonor-infinity -std=c11 --edg --diag_error=implicit_func_decl -nostdinc -I../../../../common/test/includes/standard-library + +// do it on a translation unit -- flag first line + #include #include // Note: Clang aims to support both clang and gcc extensions. @@ -135,7 +139,7 @@ void gf14() { } void gf15() { - float f = 0x1.fp3; // NON_COMPLIANT + float f = 0x1.fp3; // NON_COMPLIANT } void gf16() { From 9be5f17f1acff60b04ecd67c0c1ba56467985ad5 Mon Sep 17 00:00:00 2001 From: jsinglet Date: Wed, 9 Nov 2022 20:44:11 +0000 Subject: [PATCH 0092/2573] Version bump to 2.12.0-dev. --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- 15 files changed, 15 insertions(+), 15 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index 12bf480b81..b4be46887d 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,4 +1,4 @@ name: cert-c-coding-standards -version: 2.11.0-dev +version: 2.12.0-dev suites: codeql-suites libraryPathDependencies: common-c-coding-standards \ No newline at end of file diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index 3125bf2758..9f6fe658b0 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,4 +1,4 @@ name: cert-c-coding-standards-tests -version: 2.11.0-dev +version: 2.12.0-dev libraryPathDependencies: cert-c-coding-standards extractor: cpp \ No newline at end of file diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 3062e7b42e..74e9d7143b 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,3 +1,3 @@ name: common-c-coding-standards -version: 2.11.0-dev +version: 2.12.0-dev libraryPathDependencies: common-cpp-coding-standards diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index 52a6b04c6f..a6cdcc646e 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,4 +1,4 @@ name: common-c-coding-standards-tests -version: 2.11.0-dev +version: 2.12.0-dev libraryPathDependencies: common-c-coding-standards extractor: cpp diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 69af9c2fb1..7bae50d19c 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,4 +1,4 @@ name: misra-c-coding-standards -version: 2.11.0-dev +version: 2.12.0-dev suites: codeql-suites libraryPathDependencies: common-c-coding-standards diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index 42c0352cfc..b994e21301 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,4 +1,4 @@ name: misra-c-coding-standards-tests -version: 2.11.0-dev +version: 2.12.0-dev libraryPathDependencies: misra-c-coding-standards extractor: cpp \ No newline at end of file diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index 8a8dea0b9d..7682226300 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,4 +1,4 @@ name: autosar-cpp-coding-standards -version: 2.11.0-dev +version: 2.12.0-dev suites: codeql-suites libraryPathDependencies: common-cpp-coding-standards diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index d88fd5ad4f..cf27364852 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,4 +1,4 @@ name: autosar-cpp-coding-standards-tests -version: 2.11.0-dev +version: 2.12.0-dev libraryPathDependencies: autosar-cpp-coding-standards extractor: cpp diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index 275fcd2bad..fef3b61c7d 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,4 +1,4 @@ name: cert-cpp-coding-standards -version: 2.11.0-dev +version: 2.12.0-dev suites: codeql-suites libraryPathDependencies: common-cpp-coding-standards diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index aba3f70207..6895747559 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,4 +1,4 @@ name: cert-cpp-coding-standards-tests -version: 2.11.0-dev +version: 2.12.0-dev libraryPathDependencies: cert-cpp-coding-standards extractor: cpp diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index f232dd7262..7e3b49f557 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,3 +1,3 @@ name: common-cpp-coding-standards -version: 2.11.0-dev +version: 2.12.0-dev libraryPathDependencies: codeql-cpp diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index 5f4fbad053..6c966ef8a5 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,4 +1,4 @@ name: common-cpp-coding-standards-tests -version: 2.11.0-dev +version: 2.12.0-dev libraryPathDependencies: common-cpp-coding-standards extractor: cpp diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index cd5b08f788..d73ca3d12f 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,3 +1,3 @@ name: misra-cpp-coding-standards -version: 2.11.0-dev +version: 2.12.0-dev libraryPathDependencies: common-cpp-coding-standards diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index ae195c94fc..d045f6040a 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,4 +1,4 @@ name: misra-cpp-coding-standards-tests -version: 2.11.0-dev +version: 2.12.0-dev libraryPathDependencies: misra-cpp-coding-standards extractor: cpp diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index b01a88afda..8f237a6643 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,3 +1,3 @@ name: report-cpp-coding-standards -version: 2.11.0-dev +version: 2.12.0-dev libraryPathDependencies: codeql-cpp From c173eb552a4bcf6208d7e05162d8fc1d49d0000e Mon Sep 17 00:00:00 2001 From: jsinglet Date: Wed, 9 Nov 2022 20:44:28 +0000 Subject: [PATCH 0093/2573] Version bump to 2.11.0. --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- 15 files changed, 15 insertions(+), 15 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index 12bf480b81..d22e7e463f 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,4 +1,4 @@ name: cert-c-coding-standards -version: 2.11.0-dev +version: 2.11.0 suites: codeql-suites libraryPathDependencies: common-c-coding-standards \ No newline at end of file diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index 3125bf2758..68618ccac4 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,4 +1,4 @@ name: cert-c-coding-standards-tests -version: 2.11.0-dev +version: 2.11.0 libraryPathDependencies: cert-c-coding-standards extractor: cpp \ No newline at end of file diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 3062e7b42e..bf553d1461 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,3 +1,3 @@ name: common-c-coding-standards -version: 2.11.0-dev +version: 2.11.0 libraryPathDependencies: common-cpp-coding-standards diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index 52a6b04c6f..d5136f285f 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,4 +1,4 @@ name: common-c-coding-standards-tests -version: 2.11.0-dev +version: 2.11.0 libraryPathDependencies: common-c-coding-standards extractor: cpp diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 69af9c2fb1..3b829be6a7 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,4 +1,4 @@ name: misra-c-coding-standards -version: 2.11.0-dev +version: 2.11.0 suites: codeql-suites libraryPathDependencies: common-c-coding-standards diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index 42c0352cfc..f6a639baeb 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,4 +1,4 @@ name: misra-c-coding-standards-tests -version: 2.11.0-dev +version: 2.11.0 libraryPathDependencies: misra-c-coding-standards extractor: cpp \ No newline at end of file diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index 8a8dea0b9d..a06e4e3f09 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,4 +1,4 @@ name: autosar-cpp-coding-standards -version: 2.11.0-dev +version: 2.11.0 suites: codeql-suites libraryPathDependencies: common-cpp-coding-standards diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index d88fd5ad4f..aa8b15ef39 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,4 +1,4 @@ name: autosar-cpp-coding-standards-tests -version: 2.11.0-dev +version: 2.11.0 libraryPathDependencies: autosar-cpp-coding-standards extractor: cpp diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index 275fcd2bad..d0f260a256 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,4 +1,4 @@ name: cert-cpp-coding-standards -version: 2.11.0-dev +version: 2.11.0 suites: codeql-suites libraryPathDependencies: common-cpp-coding-standards diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index aba3f70207..54d25e8444 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,4 +1,4 @@ name: cert-cpp-coding-standards-tests -version: 2.11.0-dev +version: 2.11.0 libraryPathDependencies: cert-cpp-coding-standards extractor: cpp diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index f232dd7262..501fe194f1 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,3 +1,3 @@ name: common-cpp-coding-standards -version: 2.11.0-dev +version: 2.11.0 libraryPathDependencies: codeql-cpp diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index 5f4fbad053..6e3867f067 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,4 +1,4 @@ name: common-cpp-coding-standards-tests -version: 2.11.0-dev +version: 2.11.0 libraryPathDependencies: common-cpp-coding-standards extractor: cpp diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index cd5b08f788..ef30500c44 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,3 +1,3 @@ name: misra-cpp-coding-standards -version: 2.11.0-dev +version: 2.11.0 libraryPathDependencies: common-cpp-coding-standards diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index ae195c94fc..65c8e52d7b 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,4 +1,4 @@ name: misra-cpp-coding-standards-tests -version: 2.11.0-dev +version: 2.11.0 libraryPathDependencies: misra-cpp-coding-standards extractor: cpp diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index b01a88afda..b39c9d7ad5 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,3 +1,3 @@ name: report-cpp-coding-standards -version: 2.11.0-dev +version: 2.11.0 libraryPathDependencies: codeql-cpp From ca41ed6734f7acca0940cdef72283cbea5cc5ad8 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 9 Nov 2022 16:03:19 -0500 Subject: [PATCH 0094/2573] refactor query --- .../M7-4-1/UsageOfAssemblerNotDocumented.ql | 12 ++++++------ .../UsageOfAssemblerNotDocumented.qlref | 1 - .../UsageOfAssemblerNotDocumented.testref | 1 + .../UsageOfAssemblerNotDocumented.qll | 19 +++++++++++++++++++ .../UsageOfAssemblerNotDocumented.expected | 0 .../UsageOfAssemblerNotDocumented.ql | 2 ++ .../usageofassemblernotdocumented}/test.cpp | 0 rule_packages/cpp/BannedLibraries.json | 1 + 8 files changed, 29 insertions(+), 7 deletions(-) delete mode 100644 cpp/autosar/test/rules/M7-4-1/UsageOfAssemblerNotDocumented.qlref create mode 100644 cpp/autosar/test/rules/M7-4-1/UsageOfAssemblerNotDocumented.testref create mode 100644 cpp/common/src/codingstandards/cpp/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.qll rename cpp/{autosar/test/rules/M7-4-1 => common/test/rules/usageofassemblernotdocumented}/UsageOfAssemblerNotDocumented.expected (100%) create mode 100644 cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql rename cpp/{autosar/test/rules/M7-4-1 => common/test/rules/usageofassemblernotdocumented}/test.cpp (100%) diff --git a/cpp/autosar/src/rules/M7-4-1/UsageOfAssemblerNotDocumented.ql b/cpp/autosar/src/rules/M7-4-1/UsageOfAssemblerNotDocumented.ql index 418a96ffee..f39b01b7ed 100644 --- a/cpp/autosar/src/rules/M7-4-1/UsageOfAssemblerNotDocumented.ql +++ b/cpp/autosar/src/rules/M7-4-1/UsageOfAssemblerNotDocumented.ql @@ -17,10 +17,10 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.rules.usageofassemblernotdocumented.UsageOfAssemblerNotDocumented -from AsmStmt a -where - not isExcluded(a, BannedLibrariesPackage::usageOfAssemblerNotDocumentedQuery()) and - not exists(Comment c | c.getCommentedElement() = a) and - not a.isAffectedByMacro() -select a, "Use of assembler is not documented." +class UsageOfAssemblerNotDocumentedQuery extends UsageOfAssemblerNotDocumentedSharedQuery { + UsageOfAssemblerNotDocumentedQuery() { + this = BannedLibrariesPackage::usageOfAssemblerNotDocumentedQuery() + } +} diff --git a/cpp/autosar/test/rules/M7-4-1/UsageOfAssemblerNotDocumented.qlref b/cpp/autosar/test/rules/M7-4-1/UsageOfAssemblerNotDocumented.qlref deleted file mode 100644 index 164f0c5b29..0000000000 --- a/cpp/autosar/test/rules/M7-4-1/UsageOfAssemblerNotDocumented.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M7-4-1/UsageOfAssemblerNotDocumented.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M7-4-1/UsageOfAssemblerNotDocumented.testref b/cpp/autosar/test/rules/M7-4-1/UsageOfAssemblerNotDocumented.testref new file mode 100644 index 0000000000..ea9ce384ea --- /dev/null +++ b/cpp/autosar/test/rules/M7-4-1/UsageOfAssemblerNotDocumented.testref @@ -0,0 +1 @@ +cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.qll b/cpp/common/src/codingstandards/cpp/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.qll new file mode 100644 index 0000000000..8cdb9cbbf0 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.qll @@ -0,0 +1,19 @@ +/** + * Provides a library which includes a `problems` predicate for reporting + * undocumented uses of assembly. + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class UsageOfAssemblerNotDocumentedSharedQuery extends Query { } + +Query getQuery() { result instanceof UsageOfAssemblerNotDocumentedSharedQuery } + +query predicate problems(AsmStmt a, string message) { + not isExcluded(a, getQuery()) and + not exists(Comment c | c.getCommentedElement() = a) and + not a.isAffectedByMacro() and + message = "Use of assembler is not documented." +} diff --git a/cpp/autosar/test/rules/M7-4-1/UsageOfAssemblerNotDocumented.expected b/cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.expected similarity index 100% rename from cpp/autosar/test/rules/M7-4-1/UsageOfAssemblerNotDocumented.expected rename to cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.expected diff --git a/cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql b/cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql new file mode 100644 index 0000000000..7f9e1041a2 --- /dev/null +++ b/cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.usageofassemblernotdocumented.UsageOfAssemblerNotDocumented diff --git a/cpp/autosar/test/rules/M7-4-1/test.cpp b/cpp/common/test/rules/usageofassemblernotdocumented/test.cpp similarity index 100% rename from cpp/autosar/test/rules/M7-4-1/test.cpp rename to cpp/common/test/rules/usageofassemblernotdocumented/test.cpp diff --git a/rule_packages/cpp/BannedLibraries.json b/rule_packages/cpp/BannedLibraries.json index 4eb5896cfd..09b5d2f224 100644 --- a/rule_packages/cpp/BannedLibraries.json +++ b/rule_packages/cpp/BannedLibraries.json @@ -229,6 +229,7 @@ "precision": "very-high", "severity": "recommendation", "short_name": "UsageOfAssemblerNotDocumented", + "shared_implementation_short_name": "UsageOfAssemblerNotDocumented", "tags": [ "readability", "maintainability", From d91613ba69e3183cab7dd846d18d81d5c31d803c Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 9 Nov 2022 16:41:35 -0500 Subject: [PATCH 0095/2573] refactor --- .../UsageOfAssemblerNotDocumented.expected | 1 + cpp/autosar/test/rules/M7-4-1/test.cpp | 12 +++++ .../cpp/exclusions/c/Language2.qll | 51 ++++++++++++++++++- 3 files changed, 63 insertions(+), 1 deletion(-) create mode 100644 cpp/autosar/test/rules/M7-4-1/UsageOfAssemblerNotDocumented.expected create mode 100644 cpp/autosar/test/rules/M7-4-1/test.cpp diff --git a/cpp/autosar/test/rules/M7-4-1/UsageOfAssemblerNotDocumented.expected b/cpp/autosar/test/rules/M7-4-1/UsageOfAssemblerNotDocumented.expected new file mode 100644 index 0000000000..aa625dd58a --- /dev/null +++ b/cpp/autosar/test/rules/M7-4-1/UsageOfAssemblerNotDocumented.expected @@ -0,0 +1 @@ +| test.cpp:8:42:8:58 | asm statement | Use of assembler is not documented. | diff --git a/cpp/autosar/test/rules/M7-4-1/test.cpp b/cpp/autosar/test/rules/M7-4-1/test.cpp new file mode 100644 index 0000000000..16e0f9ca91 --- /dev/null +++ b/cpp/autosar/test/rules/M7-4-1/test.cpp @@ -0,0 +1,12 @@ +// COMPLIANT +void test_assembly_is_documented() { + // This comment serves as documentation + __asm__("ret\n"); +} + +// NON_COMPLIANT +void test_assembly_is_not_documented() { __asm__("ret\n"); } + +// COMPLIANT +#define RETURN __asm__("ret\n") +void test_undocumented_assembly_from_macro() { RETURN; } \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Language2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Language2.qll index a7a3836736..d471d09efd 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Language2.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Language2.qll @@ -3,9 +3,21 @@ import cpp import RuleMetadata import codingstandards.cpp.exclusions.RuleMetadata -newtype Language2Query = TLanguageExtensionsShouldNotBeUsedQuery() +newtype Language2Query = + TUsageOfAssemblyLanguageShouldBeDocumentedQuery() or + TLanguageExtensionsShouldNotBeUsedQuery() or + TCriticalUnspecifiedBehaviourQuery() or + TEmergentLanguageFeaturesUsedQuery() predicate isLanguage2QueryMetadata(Query query, string queryId, string ruleId) { + query = + // `Query` instance for the `usageOfAssemblyLanguageShouldBeDocumented` query + Language2Package::usageOfAssemblyLanguageShouldBeDocumentedQuery() and + queryId = + // `@id` for the `usageOfAssemblyLanguageShouldBeDocumented` query + "c/misra/usage-of-assembly-language-should-be-documented" and + ruleId = "DIR-4-2" + or query = // `Query` instance for the `languageExtensionsShouldNotBeUsed` query Language2Package::languageExtensionsShouldNotBeUsedQuery() and @@ -13,13 +25,50 @@ predicate isLanguage2QueryMetadata(Query query, string queryId, string ruleId) { // `@id` for the `languageExtensionsShouldNotBeUsed` query "c/misra/language-extensions-should-not-be-used" and ruleId = "RULE-1-2" + or + query = + // `Query` instance for the `criticalUnspecifiedBehaviour` query + Language2Package::criticalUnspecifiedBehaviourQuery() and + queryId = + // `@id` for the `criticalUnspecifiedBehaviour` query + "c/misra/critical-unspecified-behaviour" and + ruleId = "RULE-1-3" + or + query = + // `Query` instance for the `emergentLanguageFeaturesUsed` query + Language2Package::emergentLanguageFeaturesUsedQuery() and + queryId = + // `@id` for the `emergentLanguageFeaturesUsed` query + "c/misra/emergent-language-features-used" and + ruleId = "RULE-1-4" } module Language2Package { + Query usageOfAssemblyLanguageShouldBeDocumentedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `usageOfAssemblyLanguageShouldBeDocumented` query + TQueryC(TLanguage2PackageQuery(TUsageOfAssemblyLanguageShouldBeDocumentedQuery())) + } + Query languageExtensionsShouldNotBeUsedQuery() { //autogenerate `Query` type result = // `Query` type for `languageExtensionsShouldNotBeUsed` query TQueryC(TLanguage2PackageQuery(TLanguageExtensionsShouldNotBeUsedQuery())) } + + Query criticalUnspecifiedBehaviourQuery() { + //autogenerate `Query` type + result = + // `Query` type for `criticalUnspecifiedBehaviour` query + TQueryC(TLanguage2PackageQuery(TCriticalUnspecifiedBehaviourQuery())) + } + + Query emergentLanguageFeaturesUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `emergentLanguageFeaturesUsed` query + TQueryC(TLanguage2PackageQuery(TEmergentLanguageFeaturesUsedQuery())) + } } From a894b13844f8847112b96c447db7fc9d1c8693af Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 9 Nov 2022 16:41:42 -0500 Subject: [PATCH 0096/2573] refactor --- rule_packages/c/Language2.json | 65 +++++++++++++++++++++++++++++++++- 1 file changed, 64 insertions(+), 1 deletion(-) diff --git a/rule_packages/c/Language2.json b/rule_packages/c/Language2.json index e1b2ea553b..be311f7552 100644 --- a/rule_packages/c/Language2.json +++ b/rule_packages/c/Language2.json @@ -1,5 +1,26 @@ { "MISRA-C-2012": { + "DIR-4-2": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "All usage of assembly language should be documented", + "precision": "very-high", + "severity": "error", + "short_name": "UsageOfAssemblyLanguageShouldBeDocumented", + "shared_implementation_short_name": "UsageOfAssemblerNotDocumented", + "tags": [ + "maintainability", + "readability" + ] + } + ], + "title": "All usage of assembly language should be documented" + }, "RULE-1-2": { "properties": { "obligation": "advisory" @@ -14,11 +35,53 @@ "short_name": "LanguageExtensionsShouldNotBeUsed", "tags": [ "maintainability", - "readability" + "readability", + "correctness" ] } ], "title": "Language extensions should not be used" + }, + "RULE-1-3": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "There shall be no occurrence of undefined or critical unspecified behaviour", + "precision": "high", + "severity": "error", + "short_name": "CriticalUnspecifiedBehaviour", + "tags": [ + "maintainability", + "readability", + "correctness" + ] + } + ], + "title": "There shall be no occurrence of undefined or critical unspecified behaviour" + }, + "RULE-1-4": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "Emergent language features shall not be used", + "precision": "very-high", + "severity": "error", + "short_name": "EmergentLanguageFeaturesUsed", + "tags": [ + "maintainability", + "readability" + ] + } + ], + "title": "Emergent language features shall not be used" } } } \ No newline at end of file From 524cf0b4db1902a4b8360ee9e80ea6f5d60a5134 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 9 Nov 2022 16:41:56 -0500 Subject: [PATCH 0097/2573] refactor --- .../UsageOfAssemblerNotDocumented.expected | 1 + .../UsageOfAssemblerNotDocumented.ql | 2 ++ .../test/rules/usageofassemblernotdocumented/test.c | 12 ++++++++++++ 3 files changed, 15 insertions(+) create mode 100644 c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.expected create mode 100644 c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql create mode 100644 c/common/test/rules/usageofassemblernotdocumented/test.c diff --git a/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.expected b/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.expected new file mode 100644 index 0000000000..8c132cdb91 --- /dev/null +++ b/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.expected @@ -0,0 +1 @@ +| test.c:8:42:8:58 | asm statement | Use of assembler is not documented. | diff --git a/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql b/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql new file mode 100644 index 0000000000..7f9e1041a2 --- /dev/null +++ b/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.usageofassemblernotdocumented.UsageOfAssemblerNotDocumented diff --git a/c/common/test/rules/usageofassemblernotdocumented/test.c b/c/common/test/rules/usageofassemblernotdocumented/test.c new file mode 100644 index 0000000000..16e0f9ca91 --- /dev/null +++ b/c/common/test/rules/usageofassemblernotdocumented/test.c @@ -0,0 +1,12 @@ +// COMPLIANT +void test_assembly_is_documented() { + // This comment serves as documentation + __asm__("ret\n"); +} + +// NON_COMPLIANT +void test_assembly_is_not_documented() { __asm__("ret\n"); } + +// COMPLIANT +#define RETURN __asm__("ret\n") +void test_undocumented_assembly_from_macro() { RETURN; } \ No newline at end of file From b63c28ff5c94cf9b06804d6a23a55958f6d2c7ee Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 9 Nov 2022 16:42:08 -0500 Subject: [PATCH 0098/2573] import --- ...ageOfAssemblyLanguageShouldBeDocumented.ql | 22 +++++++++++++++++++ ...AssemblyLanguageShouldBeDocumented.testref | 1 + 2 files changed, 23 insertions(+) create mode 100644 c/misra/src/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.ql create mode 100644 c/misra/test/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.testref diff --git a/c/misra/src/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.ql b/c/misra/src/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.ql new file mode 100644 index 0000000000..250d98892c --- /dev/null +++ b/c/misra/src/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.ql @@ -0,0 +1,22 @@ +/** + * @id c/misra/usage-of-assembly-language-should-be-documented + * @name DIR-4-2: All usage of assembly language should be documented + * @description + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/dir-4-2 + * maintainability + * readability + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.rules.usageofassemblernotdocumented.UsageOfAssemblerNotDocumented + +class UsageOfAssemblyLanguageShouldBeDocumentedQuery extends UsageOfAssemblerNotDocumentedSharedQuery { + UsageOfAssemblyLanguageShouldBeDocumentedQuery() { + this = Language2Package::usageOfAssemblyLanguageShouldBeDocumentedQuery() + } +} diff --git a/c/misra/test/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.testref b/c/misra/test/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.testref new file mode 100644 index 0000000000..3b0dc2fe5a --- /dev/null +++ b/c/misra/test/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.testref @@ -0,0 +1 @@ +c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql \ No newline at end of file From e31b26c256dc20f68e51e5c839885e3e61f269fe Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 9 Nov 2022 16:47:52 -0500 Subject: [PATCH 0099/2573] fixing rules --- rules.csv | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/rules.csv b/rules.csv index 75d17653e1..5066a86ff2 100644 --- a/rules.csv +++ b/rules.csv @@ -600,10 +600,10 @@ c,CERT-C,STR37-C,Yes,Rule,,,Arguments to character-handling functions must be re c,CERT-C,STR38-C,Yes,Rule,,,Do not confuse narrow and wide character strings and functions,,Strings3,Medium, c,CERT-C,WIN30-C,OutOfScope,Rule,,,Properly pair allocation and deallocation functions,DCL54-CPP,,Easy, c,MISRA-C-2012,DIR-1-1,No,Required,,,Any implementation-defined behaviour on which the output of the program depends shall be documented and understood,,,, -c,MISRA-C-2012,DIR-2-1,Yes,Required,,,All source files shall compile without any compilation errors,A1-4-3,Language,Medium, +c,MISRA-C-2012,DIR-2-1,No,Required,,,All source files shall compile without any compilation errors,A1-4-3,Language,Medium,"This should be checked via the compiler output, rather than CodeQL, which adds unnecessary steps." c,MISRA-C-2012,DIR-3-1,No,Required,,,All code shall be traceable to documented requirements,,,, c,MISRA-C-2012,DIR-4-1,No,Required,,,Run-time failures shall be minimized,,,, -c,MISRA-C-2012,DIR-4-2,Yes,Advisory,,,All usage of assembly language should be documented,M7-4-1,Language,Import, +c,MISRA-C-2012,DIR-4-2,Yes,Advisory,,,All usage of assembly language should be documented,M7-4-1,Language2,Import, c,MISRA-C-2012,DIR-4-3,Yes,Required,,,Assembly language shall be encapsulated and isolated,,Language1,Medium, c,MISRA-C-2012,DIR-4-4,Yes,Advisory,,,Sections of code should not be commented out,A2-7-2,Syntax,Import, c,MISRA-C-2012,DIR-4-5,Yes,Advisory,,,Identifiers in the same name space with overlapping visibility should be typographically unambiguous,M2-10-1,Syntax,Easy, @@ -616,9 +616,9 @@ c,MISRA-C-2012,DIR-4-11,Yes,Required,,,The validity of values passed to library c,MISRA-C-2012,DIR-4-12,Yes,Required,,,Dynamic memory allocation shall not be used,,Banned,Medium, c,MISRA-C-2012,DIR-4-13,Yes,Advisory,,,Functions which are designed to provide operations on a resource should be called in an appropriate sequence,,Contracts,Hard, c,MISRA-C-2012,DIR-4-14,Yes,Required,,,The validity of values received from external sources shall be checked,,Contracts,Hard, -c,MISRA-C-2012,RULE-1-1,Yes,Required,,,"The program shall contain no violations of the standard C syntax and constraints, and shall not exceed the implementation�s translation limits",,Language,Easy, +c,MISRA-C-2012,RULE-1-1,No,Required,,,"The program shall contain no violations of the standard C syntax and constraints, and shall not exceed the implementation's translation limits",,Language,Easy,"This should be checked via the compiler output, rather than CodeQL, which adds unnecessary steps." c,MISRA-C-2012,RULE-1-2,Yes,Advisory,,,Language extensions should not be used,,Language2,Hard, -c,MISRA-C-2012,RULE-1-3,Yes,Required,,,There shall be no occurrence of undefined or critical unspecified behaviour,,Language,Hard, +c,MISRA-C-2012,RULE-1-3,Yes,Required,,,There shall be no occurrence of undefined or critical unspecified behaviour,,Language2,Hard, c,MISRA-C-2012,RULE-1-4,Yes,Required,,,Emergent language features shall not be used,,Language2,Medium, c,MISRA-C-2012,RULE-2-1,Yes,Required,,,A project shall not contain unreachable code,M0-1-1,DeadCode,Import, c,MISRA-C-2012,RULE-2-2,Yes,Required,,,There shall be no dead code,M0-1-9,DeadCode,Import, From 8080bc30a5d439364d00eb7d9c8a5e7a5899be82 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 9 Nov 2022 16:49:52 -0500 Subject: [PATCH 0100/2573] headers --- c/misra/src/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql | 1 + 1 file changed, 1 insertion(+) diff --git a/c/misra/src/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql b/c/misra/src/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql index eb676e2280..8da2c09947 100644 --- a/c/misra/src/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql +++ b/c/misra/src/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql @@ -8,6 +8,7 @@ * @tags external/misra/id/rule-1-2 * maintainability * readability + * correctness * external/misra/obligation/advisory */ From 57d83bc507a97eb3d18ed0985be52fb4eee52329 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 9 Nov 2022 17:06:57 -0500 Subject: [PATCH 0101/2573] Declarations4: add RULE-8-3 --- .vscode/tasks.json | 2 + c/misra/src/rules/RULE-8-3/Compatible.qll | 30 ++++++++++++ .../DeclarationsOfAFunctionSameNameAndType.ql | 48 +++++++++++++++++++ .../DeclarationsOfAnObjectSameNameAndType.ql | 28 +++++++++++ ...rationsOfAFunctionSameNameAndType.expected | 12 +++++ ...clarationsOfAFunctionSameNameAndType.qlref | 1 + ...arationsOfAnObjectSameNameAndType.expected | 16 +++++++ ...eclarationsOfAnObjectSameNameAndType.qlref | 1 + c/misra/test/rules/RULE-8-3/function1.c | 27 +++++++++++ c/misra/test/rules/RULE-8-3/function2.c | 19 ++++++++ c/misra/test/rules/RULE-8-3/object1.c | 17 +++++++ c/misra/test/rules/RULE-8-3/object2.c | 26 ++++++++++ c/misra/test/rules/RULE-8-3/test.c | 0 .../cpp/exclusions/c/Declarations4.qll | 32 +++++++++++++ .../cpp/exclusions/c/RuleMetadata.qll | 3 ++ rule_packages/c/Declarations4.json | 30 ++++++++++++ rules.csv | 2 +- 17 files changed, 293 insertions(+), 1 deletion(-) create mode 100644 c/misra/src/rules/RULE-8-3/Compatible.qll create mode 100644 c/misra/src/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.ql create mode 100644 c/misra/src/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.ql create mode 100644 c/misra/test/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.expected create mode 100644 c/misra/test/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.qlref create mode 100644 c/misra/test/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.expected create mode 100644 c/misra/test/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.qlref create mode 100644 c/misra/test/rules/RULE-8-3/function1.c create mode 100644 c/misra/test/rules/RULE-8-3/function2.c create mode 100644 c/misra/test/rules/RULE-8-3/object1.c create mode 100644 c/misra/test/rules/RULE-8-3/object2.c create mode 100644 c/misra/test/rules/RULE-8-3/test.c diff --git a/.vscode/tasks.json b/.vscode/tasks.json index f027524374..4190ff1d79 100644 --- a/.vscode/tasks.json +++ b/.vscode/tasks.json @@ -205,6 +205,8 @@ "Declarations", "Declarations1", "Declarations2", + "Declarations3", + "Declarations4", "Exceptions1", "Exceptions2", "Expressions", diff --git a/c/misra/src/rules/RULE-8-3/Compatible.qll b/c/misra/src/rules/RULE-8-3/Compatible.qll new file mode 100644 index 0000000000..52e77692c5 --- /dev/null +++ b/c/misra/src/rules/RULE-8-3/Compatible.qll @@ -0,0 +1,30 @@ +import cpp + +/* + * This is a copy of the `arithTypesMatch` predicate from the standard set of + * queries as of the `codeql-cli/2.9.4` tag in `github/codeql`. + */ + +pragma[inline] +predicate arithTypesMatch(Type t1, Type t2) { + t1 = t2 + or + t1.getSize() = t2.getSize() and + ( + t1 instanceof IntegralOrEnumType and + t2 instanceof IntegralOrEnumType + or + t1 instanceof FloatingPointType and + t2 instanceof FloatingPointType + ) +} + +predicate typesCompatible(Type t1, Type t2) { + if t1 instanceof BuiltInType and t2 instanceof BuiltInType + then + //for simple types consider compatible + arithTypesMatch(t1, t2) + else + //otherwise include type qualifiers and typedef names + t1 = t2 +} diff --git a/c/misra/src/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.ql b/c/misra/src/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.ql new file mode 100644 index 0000000000..28f17e30d3 --- /dev/null +++ b/c/misra/src/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.ql @@ -0,0 +1,48 @@ +/** + * @id c/misra/declarations-of-a-function-same-name-and-type + * @name RULE-8-3: All declarations of a function shall use the same names and type qualifiers + * @description Using different types across the same declarations disallows strong type checking + * and can lead to undefined behaviour. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-8-3 + * correctness + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import Compatible + +from FunctionDeclarationEntry f1, FunctionDeclarationEntry f2, string case +where + not isExcluded(f1, Declarations4Package::declarationsOfAFunctionSameNameAndTypeQuery()) and + not isExcluded(f2, Declarations4Package::declarationsOfAFunctionSameNameAndTypeQuery()) and + not f1 = f2 and + f1.getDeclaration() = f2.getDeclaration() and + //return type check + ( + not typesCompatible(f1.getType(), f2.getType()) and + case = "return type" + or + //parameter type check + exists(ParameterDeclarationEntry p1, ParameterDeclarationEntry p2, int i | + p1 = f1.getParameterDeclarationEntry(i) and + p2 = f2.getParameterDeclarationEntry(i) + | + not typesCompatible(p1.getType(), p2.getType()) + ) and + case = "parameter types" + or + //parameter name check + exists(ParameterDeclarationEntry p1, ParameterDeclarationEntry p2, int i | + p1 = f1.getParameterDeclarationEntry(i) and + p2 = f2.getParameterDeclarationEntry(i) + | + not p1.getName() = p2.getName() + ) and + case = "parameter names" + ) +select f1, "The " + case + " of re-declaration of $@ is not compatible with declaration $@", f1, + f1.getName(), f2, f2.getName() diff --git a/c/misra/src/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.ql b/c/misra/src/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.ql new file mode 100644 index 0000000000..b1f437c676 --- /dev/null +++ b/c/misra/src/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.ql @@ -0,0 +1,28 @@ +/** + * @id c/misra/declarations-of-an-object-same-name-and-type + * @name RULE-8-3: All declarations of an object shall use the same names and type qualifiers + * @description Using different types across the same declarations disallows strong type checking + * and can lead to undefined behaviour. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-8-3 + * correctness + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import Compatible + +from VariableDeclarationEntry decl1, VariableDeclarationEntry decl2 +where + not isExcluded(decl1, Declarations4Package::declarationsOfAnObjectSameNameAndTypeQuery()) and + not isExcluded(decl2, Declarations4Package::declarationsOfAnObjectSameNameAndTypeQuery()) and + not decl1 = decl2 and + decl1.getVariable().getQualifiedName() = decl2.getVariable().getQualifiedName() and + not typesCompatible(decl1.getType(), decl2.getType()) +select decl1, + "The object $@ of type " + decl1.getType().toString() + + " is not compatible with re-declaration $@ of type " + decl2.getType().toString(), decl1, + decl1.getName(), decl2, decl2.getName() diff --git a/c/misra/test/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.expected b/c/misra/test/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.expected new file mode 100644 index 0000000000..08e419ef4f --- /dev/null +++ b/c/misra/test/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.expected @@ -0,0 +1,12 @@ +| function1.c:6:6:6:7 | declaration of f3 | The return type of re-declaration of $@ is not compatible with declaration $@ | function1.c:6:6:6:7 | declaration of f3 | f3 | function1.c:8:4:8:5 | declaration of f3 | f3 | +| function1.c:8:4:8:5 | declaration of f3 | The return type of re-declaration of $@ is not compatible with declaration $@ | function1.c:8:4:8:5 | declaration of f3 | f3 | function1.c:6:6:6:7 | declaration of f3 | f3 | +| function1.c:8:4:8:5 | declaration of f3 | The return type of re-declaration of $@ is not compatible with declaration $@ | function1.c:8:4:8:5 | declaration of f3 | f3 | function2.c:4:6:4:7 | declaration of f3 | f3 | +| function1.c:9:6:9:7 | declaration of f4 | The return type of re-declaration of $@ is not compatible with declaration $@ | function1.c:9:6:9:7 | declaration of f4 | f4 | function2.c:5:5:5:6 | declaration of f4 | f4 | +| function1.c:13:5:13:6 | definition of f6 | The return type of re-declaration of $@ is not compatible with declaration $@ | function1.c:13:5:13:6 | definition of f6 | f6 | function2.c:9:6:9:7 | definition of f6 | f6 | +| function1.c:21:3:21:5 | definition of f21 | The parameter types of re-declaration of $@ is not compatible with declaration $@ | function1.c:21:3:21:5 | definition of f21 | f21 | function2.c:17:10:17:12 | declaration of f21 | f21 | +| function1.c:25:6:25:8 | definition of f22 | The parameter names of re-declaration of $@ is not compatible with declaration $@ | function1.c:25:6:25:8 | definition of f22 | f22 | function2.c:19:13:19:15 | declaration of f22 | f22 | +| function2.c:4:6:4:7 | declaration of f3 | The return type of re-declaration of $@ is not compatible with declaration $@ | function2.c:4:6:4:7 | declaration of f3 | f3 | function1.c:8:4:8:5 | declaration of f3 | f3 | +| function2.c:5:5:5:6 | declaration of f4 | The return type of re-declaration of $@ is not compatible with declaration $@ | function2.c:5:5:5:6 | declaration of f4 | f4 | function1.c:9:6:9:7 | declaration of f4 | f4 | +| function2.c:9:6:9:7 | definition of f6 | The return type of re-declaration of $@ is not compatible with declaration $@ | function2.c:9:6:9:7 | definition of f6 | f6 | function1.c:13:5:13:6 | definition of f6 | f6 | +| function2.c:17:10:17:12 | declaration of f21 | The parameter types of re-declaration of $@ is not compatible with declaration $@ | function2.c:17:10:17:12 | declaration of f21 | f21 | function1.c:21:3:21:5 | definition of f21 | f21 | +| function2.c:19:13:19:15 | declaration of f22 | The parameter names of re-declaration of $@ is not compatible with declaration $@ | function2.c:19:13:19:15 | declaration of f22 | f22 | function1.c:25:6:25:8 | definition of f22 | f22 | diff --git a/c/misra/test/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.qlref b/c/misra/test/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.qlref new file mode 100644 index 0000000000..f7c628941f --- /dev/null +++ b/c/misra/test/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.qlref @@ -0,0 +1 @@ +rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.expected b/c/misra/test/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.expected new file mode 100644 index 0000000000..a90e0aa57d --- /dev/null +++ b/c/misra/test/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.expected @@ -0,0 +1,16 @@ +| object1.c:3:6:3:7 | definition of a3 | The object $@ of type long is not compatible with re-declaration $@ of type LL | object1.c:3:6:3:7 | definition of a3 | a3 | object2.c:9:11:9:12 | declaration of a3 | a3 | +| object1.c:4:6:4:7 | definition of a4 | The object $@ of type long is not compatible with re-declaration $@ of type int | object1.c:4:6:4:7 | definition of a4 | a4 | object2.c:11:12:11:13 | declaration of a4 | a4 | +| object1.c:5:5:5:6 | definition of a5 | The object $@ of type int is not compatible with re-declaration $@ of type long | object1.c:5:5:5:6 | definition of a5 | a5 | object2.c:13:13:13:14 | declaration of a5 | a5 | +| object1.c:6:6:6:7 | definition of a6 | The object $@ of type long is not compatible with re-declaration $@ of type int | object1.c:6:6:6:7 | definition of a6 | a6 | object2.c:17:1:17:3 | declaration of a6 | a6 | +| object1.c:7:5:7:6 | definition of a7 | The object $@ of type int is not compatible with re-declaration $@ of type LL | object1.c:7:5:7:6 | definition of a7 | a7 | object2.c:19:11:19:12 | declaration of a7 | a7 | +| object1.c:13:5:13:7 | definition of a10 | The object $@ of type int[100] is not compatible with re-declaration $@ of type LI[100] | object1.c:13:5:13:7 | definition of a10 | a10 | object2.c:22:4:22:6 | definition of a10 | a10 | +| object1.c:14:5:14:7 | definition of a11 | The object $@ of type int[100] is not compatible with re-declaration $@ of type int[101] | object1.c:14:5:14:7 | definition of a11 | a11 | object2.c:23:12:23:14 | declaration of a11 | a11 | +| object1.c:17:12:17:14 | definition of a13 | The object $@ of type int *const is not compatible with re-declaration $@ of type int * | object1.c:17:12:17:14 | definition of a13 | a13 | object2.c:26:13:26:15 | declaration of a13 | a13 | +| object2.c:9:11:9:12 | declaration of a3 | The object $@ of type LL is not compatible with re-declaration $@ of type long | object2.c:9:11:9:12 | declaration of a3 | a3 | object1.c:3:6:3:7 | definition of a3 | a3 | +| object2.c:11:12:11:13 | declaration of a4 | The object $@ of type int is not compatible with re-declaration $@ of type long | object2.c:11:12:11:13 | declaration of a4 | a4 | object1.c:4:6:4:7 | definition of a4 | a4 | +| object2.c:13:13:13:14 | declaration of a5 | The object $@ of type long is not compatible with re-declaration $@ of type int | object2.c:13:13:13:14 | declaration of a5 | a5 | object1.c:5:5:5:6 | definition of a5 | a5 | +| object2.c:17:1:17:3 | declaration of a6 | The object $@ of type int is not compatible with re-declaration $@ of type long | object2.c:17:1:17:3 | declaration of a6 | a6 | object1.c:6:6:6:7 | definition of a6 | a6 | +| object2.c:19:11:19:12 | declaration of a7 | The object $@ of type LL is not compatible with re-declaration $@ of type int | object2.c:19:11:19:12 | declaration of a7 | a7 | object1.c:7:5:7:6 | definition of a7 | a7 | +| object2.c:22:4:22:6 | definition of a10 | The object $@ of type LI[100] is not compatible with re-declaration $@ of type int[100] | object2.c:22:4:22:6 | definition of a10 | a10 | object1.c:13:5:13:7 | definition of a10 | a10 | +| object2.c:23:12:23:14 | declaration of a11 | The object $@ of type int[101] is not compatible with re-declaration $@ of type int[100] | object2.c:23:12:23:14 | declaration of a11 | a11 | object1.c:14:5:14:7 | definition of a11 | a11 | +| object2.c:26:13:26:15 | declaration of a13 | The object $@ of type int * is not compatible with re-declaration $@ of type int *const | object2.c:26:13:26:15 | declaration of a13 | a13 | object1.c:17:12:17:14 | definition of a13 | a13 | diff --git a/c/misra/test/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.qlref b/c/misra/test/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.qlref new file mode 100644 index 0000000000..132b3d8f29 --- /dev/null +++ b/c/misra/test/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.qlref @@ -0,0 +1 @@ +rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-3/function1.c b/c/misra/test/rules/RULE-8-3/function1.c new file mode 100644 index 0000000000..2072748047 --- /dev/null +++ b/c/misra/test/rules/RULE-8-3/function1.c @@ -0,0 +1,27 @@ +typedef long LL; + +int f1(); // COMPLIANT +int f2(int f2a); // COMPLIANT + +long f3(); // NON_COMPLIANT + +LL f3(); // NON_COMPLIANT +long f4(int f4a); // NON_COMPLIANT + +long f5(int f5a) { return 0; } // COMPLIANT + +int f6(int f6a) { return 0; } // NON_COMPLIANT + +int f20(int f20a); // COMPLIANT - overloaded function + +typedef int wi; +typedef int hi; +typedef long a; + +a f21(wi w, wi h) { // NON_COMPLIANT + return (a)w * h; +} + +void f22(int f22b, int f22a) { // NON_COMPLIANT + return; +} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-3/function2.c b/c/misra/test/rules/RULE-8-3/function2.c new file mode 100644 index 0000000000..979e002466 --- /dev/null +++ b/c/misra/test/rules/RULE-8-3/function2.c @@ -0,0 +1,19 @@ +int f1(); // COMPLIANT +int f2(int f2a); // COMPLIANT + +long f3(); // NON_COMPLIANT +int f4(int f4a); // NON_COMPLIANT + +long f5(int f5a) { return 0; } // COMPLIANT + +long f6(int f6a) { return 0; } // NON_COMPLIANT + +int f20(int f20a, int f20b); // COMPLIANT -- overloaded function + +typedef int wi; +typedef int hi; +typedef long a; + +extern a f21(wi w, hi h); // NON_COMPLIANT + +extern void f22(int f22a, int f22b); // NON_COMPLIANT \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-3/object1.c b/c/misra/test/rules/RULE-8-3/object1.c new file mode 100644 index 0000000000..2c79cf6e91 --- /dev/null +++ b/c/misra/test/rules/RULE-8-3/object1.c @@ -0,0 +1,17 @@ +int a1; // COMPLIANT +int a2; // COMPLIANT +long a3; // NON_COMPLIANT +long a4; // NON_COMPLIANT +int a5; // NON_COMPLIANT +long a6; // NON_COMPLIANT +int a7; // NON_COMPLIANT + +int a8; // COMPLIANT +extern int a8; // COMPLIANT + +int a9[100]; // COMPLIANT +int a10[100]; // NON_COMPLIANT +int a11[100]; // NON_COMPLIANT - different sizes +int a12; // COMPLIANT + +int *const a13; // NON_COMPLIANT diff --git a/c/misra/test/rules/RULE-8-3/object2.c b/c/misra/test/rules/RULE-8-3/object2.c new file mode 100644 index 0000000000..c53cbb6176 --- /dev/null +++ b/c/misra/test/rules/RULE-8-3/object2.c @@ -0,0 +1,26 @@ +extern int a1; // COMPLIANT + +#define EE extern int a2 +EE; // COMPLIANT + +typedef long LL; +typedef int LI; + +extern LL a3; // NON_COMPLIANT + +extern int a4; // NON_COMPLIANT + +extern long a5; // NON_COMPLIANT + +#define EE1 extern int a6 + +EE1; // NON_COMPLIANT + +extern LL a7; // NON_COMPLIANT + +extern int a9[100]; // COMPLIANT +LI a10[100]; // NON_COMPLIANT +extern int a11[101]; // NON_COMPLIANT - different sizes +signed a12; // COMPLIANT + +extern int *a13; // NON_COMPLIANT \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-3/test.c b/c/misra/test/rules/RULE-8-3/test.c new file mode 100644 index 0000000000..e69de29bb2 diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations4.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations4.qll index 29cae700f3..97efaccd85 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations4.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations4.qll @@ -5,6 +5,8 @@ import codingstandards.cpp.exclusions.RuleMetadata newtype Declarations4Query = TFunctionTypesNotInPrototypeFormQuery() or + TDeclarationsOfAnObjectSameNameAndTypeQuery() or + TDeclarationsOfAFunctionSameNameAndTypeQuery() or TIdentifierWithExternalLinkageOneDefinitionQuery() predicate isDeclarations4QueryMetadata(Query query, string queryId, string ruleId) { @@ -16,6 +18,22 @@ predicate isDeclarations4QueryMetadata(Query query, string queryId, string ruleI "c/misra/function-types-not-in-prototype-form" and ruleId = "RULE-8-2" or + query = + // `Query` instance for the `declarationsOfAnObjectSameNameAndType` query + Declarations4Package::declarationsOfAnObjectSameNameAndTypeQuery() and + queryId = + // `@id` for the `declarationsOfAnObjectSameNameAndType` query + "c/misra/declarations-of-an-object-same-name-and-type" and + ruleId = "RULE-8-3" + or + query = + // `Query` instance for the `declarationsOfAFunctionSameNameAndType` query + Declarations4Package::declarationsOfAFunctionSameNameAndTypeQuery() and + queryId = + // `@id` for the `declarationsOfAFunctionSameNameAndType` query + "c/misra/declarations-of-a-function-same-name-and-type" and + ruleId = "RULE-8-3" + or query = // `Query` instance for the `identifierWithExternalLinkageOneDefinition` query Declarations4Package::identifierWithExternalLinkageOneDefinitionQuery() and @@ -33,6 +51,20 @@ module Declarations4Package { TQueryC(TDeclarations4PackageQuery(TFunctionTypesNotInPrototypeFormQuery())) } + Query declarationsOfAnObjectSameNameAndTypeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `declarationsOfAnObjectSameNameAndType` query + TQueryC(TDeclarations4PackageQuery(TDeclarationsOfAnObjectSameNameAndTypeQuery())) + } + + Query declarationsOfAFunctionSameNameAndTypeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `declarationsOfAFunctionSameNameAndType` query + TQueryC(TDeclarations4PackageQuery(TDeclarationsOfAFunctionSameNameAndTypeQuery())) + } + Query identifierWithExternalLinkageOneDefinitionQuery() { //autogenerate `Query` type result = diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index 5c1f45f1ee..0a118a6c6f 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -18,6 +18,7 @@ import IO1 import IO2 import IO3 import IO4 +import Language2 import Misc import Pointers1 import Pointers2 @@ -51,6 +52,7 @@ newtype TCQuery = TIO2PackageQuery(IO2Query q) or TIO3PackageQuery(IO3Query q) or TIO4PackageQuery(IO4Query q) or + TLanguage2PackageQuery(Language2Query q) or TMiscPackageQuery(MiscQuery q) or TPointers1PackageQuery(Pointers1Query q) or TPointers2PackageQuery(Pointers2Query q) or @@ -84,6 +86,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId) { isIO2QueryMetadata(query, queryId, ruleId) or isIO3QueryMetadata(query, queryId, ruleId) or isIO4QueryMetadata(query, queryId, ruleId) or + isLanguage2QueryMetadata(query, queryId, ruleId) or isMiscQueryMetadata(query, queryId, ruleId) or isPointers1QueryMetadata(query, queryId, ruleId) or isPointers2QueryMetadata(query, queryId, ruleId) or diff --git a/rule_packages/c/Declarations4.json b/rule_packages/c/Declarations4.json index 4efd48d25a..cb232061ab 100644 --- a/rule_packages/c/Declarations4.json +++ b/rule_packages/c/Declarations4.json @@ -23,6 +23,36 @@ ], "title": "Function types shall be in prototype form with named parameters" }, + "RULE-8-3": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Using different types across the same declarations disallows strong type checking and can lead to undefined behaviour.", + "kind": "problem", + "name": "All declarations of an object shall use the same names and type qualifiers", + "precision": "very-high", + "severity": "error", + "short_name": "DeclarationsOfAnObjectSameNameAndType", + "tags": [ + "correctness" + ] + }, + { + "description": "Using different types across the same declarations disallows strong type checking and can lead to undefined behaviour.", + "kind": "problem", + "name": "All declarations of a function shall use the same names and type qualifiers", + "precision": "very-high", + "severity": "error", + "short_name": "DeclarationsOfAFunctionSameNameAndType", + "tags": [ + "correctness" + ] + } + ], + "title": "All declarations of an object or function shall use the same names and type qualifiers" + }, "RULE-8-6": { "properties": { "obligation": "required" diff --git a/rules.csv b/rules.csv index ce93dd72e9..b91bbdafb5 100755 --- a/rules.csv +++ b/rules.csv @@ -648,7 +648,7 @@ c,MISRA-C-2012,RULE-7-3,Yes,Required,,,The lowercase character �l� shall not c,MISRA-C-2012,RULE-7-4,Yes,Required,,,A string literal shall not be assigned to an object unless the object�s type is �pointer to const-qualified char�,A2-13-4,Types,Easy, c,MISRA-C-2012,RULE-8-1,Yes,Required,,,Types shall be explicitly specified,,Declarations3,Medium, c,MISRA-C-2012,RULE-8-2,Yes,Required,,,Function types shall be in prototype form with named parameters,,Declarations4,Medium, -c,MISRA-C-2012,RULE-8-3,Yes,Required,,,All declarations of an object or function shall use the same names and type qualifiers,M3-2-1,Declarations,Medium, +c,MISRA-C-2012,RULE-8-3,Yes,Required,,,All declarations of an object or function shall use the same names and type qualifiers,M3-2-1,Declarations4,Medium, c,MISRA-C-2012,RULE-8-4,Yes,Required,,,A compatible declaration shall be visible when an object or function with external linkage is defined,,Declarations,Medium, c,MISRA-C-2012,RULE-8-5,Yes,Required,,,An external object or function shall be declared once in one and only one file,,Declarations,Medium, c,MISRA-C-2012,RULE-8-6,Yes,Required,,,An identifier with external linkage shall have exactly one external definition,M3-2-4,Declarations4,Import, From 2224ab5a07a66623465c2cdc35efda5a2260e0cd Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 9 Nov 2022 17:09:54 -0500 Subject: [PATCH 0102/2573] Revert accidental addition to exclusion file after test writing --- .../src/codingstandards/cpp/exclusions/c/RuleMetadata.qll | 3 --- 1 file changed, 3 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index 0a118a6c6f..5c1f45f1ee 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -18,7 +18,6 @@ import IO1 import IO2 import IO3 import IO4 -import Language2 import Misc import Pointers1 import Pointers2 @@ -52,7 +51,6 @@ newtype TCQuery = TIO2PackageQuery(IO2Query q) or TIO3PackageQuery(IO3Query q) or TIO4PackageQuery(IO4Query q) or - TLanguage2PackageQuery(Language2Query q) or TMiscPackageQuery(MiscQuery q) or TPointers1PackageQuery(Pointers1Query q) or TPointers2PackageQuery(Pointers2Query q) or @@ -86,7 +84,6 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId) { isIO2QueryMetadata(query, queryId, ruleId) or isIO3QueryMetadata(query, queryId, ruleId) or isIO4QueryMetadata(query, queryId, ruleId) or - isLanguage2QueryMetadata(query, queryId, ruleId) or isMiscQueryMetadata(query, queryId, ruleId) or isPointers1QueryMetadata(query, queryId, ruleId) or isPointers2QueryMetadata(query, queryId, ruleId) or From e2f6800e32165ed4115b87747a8841c55048e84f Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 10 Nov 2022 09:29:52 -0500 Subject: [PATCH 0103/2573] Edit hint on workflow. --- .github/workflows/create-draft-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/create-draft-release.yml b/.github/workflows/create-draft-release.yml index 932c1f2abb..f2818b15ab 100644 --- a/.github/workflows/create-draft-release.yml +++ b/.github/workflows/create-draft-release.yml @@ -5,7 +5,7 @@ on: inputs: release_version_tag: description: | - The tag for the new draft release, e.g. v0.5.1. + The tag for the new draft release, e.g. 0.5.1 - do not include the `v`. required: true codeql_analysis_threads: description: | From af11e31b9e44b464301d2588c8989dc7d5d034b7 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 10 Nov 2022 10:45:18 -0500 Subject: [PATCH 0104/2573] Delete touch --- .github/touch | 1 - 1 file changed, 1 deletion(-) delete mode 100644 .github/touch diff --git a/.github/touch b/.github/touch deleted file mode 100644 index 8b13789179..0000000000 --- a/.github/touch +++ /dev/null @@ -1 +0,0 @@ - From d7697c353991b77803c67ca8f30288124b940d44 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 10 Nov 2022 17:47:11 +0100 Subject: [PATCH 0105/2573] Fix @kind format for RULE-21-19 --- .../RULE-21-19/ValuesReturnedByLocaleSettingUsedAsPtrToConst.ql | 2 +- rule_packages/c/Contracts2.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/c/misra/src/rules/RULE-21-19/ValuesReturnedByLocaleSettingUsedAsPtrToConst.ql b/c/misra/src/rules/RULE-21-19/ValuesReturnedByLocaleSettingUsedAsPtrToConst.ql index 8643918ab9..0e02cc1d84 100644 --- a/c/misra/src/rules/RULE-21-19/ValuesReturnedByLocaleSettingUsedAsPtrToConst.ql +++ b/c/misra/src/rules/RULE-21-19/ValuesReturnedByLocaleSettingUsedAsPtrToConst.ql @@ -4,7 +4,7 @@ * @description The pointers returned by the Standard Library functions localeconv, getenv, * setlocale or, strerror shall only be used as if they have pointer to const-qualified * type. - * @kind problem + * @kind path-problem * @precision very-high * @problem.severity error * @tags external/misra/id/rule-21-19 diff --git a/rule_packages/c/Contracts2.json b/rule_packages/c/Contracts2.json index f3a1c10d34..b4845fc2be 100644 --- a/rule_packages/c/Contracts2.json +++ b/rule_packages/c/Contracts2.json @@ -60,7 +60,7 @@ "queries": [ { "description": "The pointers returned by the Standard Library functions localeconv, getenv, setlocale or, strerror shall only be used as if they have pointer to const-qualified type.", - "kind": "problem", + "kind": "path-problem", "name": "The pointers returned by environment functions should be treated as const", "precision": "very-high", "severity": "error", From 1e14fe84ef5cfeb1b45c60dcee15db7cf1e09da0 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 10 Nov 2022 11:56:41 -0500 Subject: [PATCH 0106/2573] pr template update --- .github/pull_request_template.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index ae14ef5b59..4d0c170187 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -32,6 +32,12 @@ _**Author:**_ Is a change note required? - [ ] Yes - [ ] No +🚨🚨🚨 +_**Reviewer:**_ Confirm that format of *shared* queries (not the .qll file, the +.ql file that imports it) is valid by running them within VS Code. + - [ ] Confirmed + + _**Reviewer:**_ Confirm that either a change note is not required or the change note is required and has been added. - [ ] Confirmed From ce559bc7b8fcf841a4f88c6021e452216b83422d Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Thu, 10 Nov 2022 12:02:06 -0500 Subject: [PATCH 0107/2573] Declarations4: fix formatting --- c/misra/src/rules/RULE-8-3/Compatible.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/misra/src/rules/RULE-8-3/Compatible.qll b/c/misra/src/rules/RULE-8-3/Compatible.qll index 52e77692c5..407e275032 100644 --- a/c/misra/src/rules/RULE-8-3/Compatible.qll +++ b/c/misra/src/rules/RULE-8-3/Compatible.qll @@ -26,5 +26,5 @@ predicate typesCompatible(Type t1, Type t2) { arithTypesMatch(t1, t2) else //otherwise include type qualifiers and typedef names - t1 = t2 + t1 = t2 } From b3eee97d31f460d4644ed06194272d1446f34a89 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Tue, 15 Nov 2022 08:49:48 +0100 Subject: [PATCH 0108/2573] Prefer `GlobalValueNumbering` over `GlobalValueNumberingImpl` These are different libraries, so using them both means that similar information will need to be computed twice. Moreover, `GlobalValueNumbering` yields higher quality results and `GlobalValueNumberingImpl` is going to be deprecated. --- .../DependenceOnOrderOfFunctionArgumentsForSideEffects.ql | 2 +- change_notes/2022-11-15-consistent-gvn-library0use.md | 4 ++++ ...luationForSideEffectsInFunctionCallsAsFunctionArguments.ql | 2 +- ...nForSideEffectsInFunctionCallsAsFunctionArguments.expected | 4 ++++ 4 files changed, 10 insertions(+), 2 deletions(-) create mode 100644 change_notes/2022-11-15-consistent-gvn-library0use.md diff --git a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql b/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql index 3070f8d310..fb14515c61 100644 --- a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql +++ b/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql @@ -16,7 +16,7 @@ import codingstandards.c.cert import codingstandards.cpp.SideEffect import semmle.code.cpp.dataflow.DataFlow import semmle.code.cpp.dataflow.TaintTracking -import semmle.code.cpp.valuenumbering.GlobalValueNumberingImpl +import semmle.code.cpp.valuenumbering.GlobalValueNumbering /** Holds if the function's return value is derived from the `AliasParamter` p. */ predicate returnValueDependsOnAliasParameter(AliasParameter p) { diff --git a/change_notes/2022-11-15-consistent-gvn-library0use.md b/change_notes/2022-11-15-consistent-gvn-library0use.md new file mode 100644 index 0000000000..cb287a172f --- /dev/null +++ b/change_notes/2022-11-15-consistent-gvn-library0use.md @@ -0,0 +1,4 @@ + - `EXP30-C` - `DependenceOnOrderOfFunctionArgumentsForSideEffects.ql`: + - Prefer the `GlobalValueNumbering` CodeQL library over the `GlobalValueNumberingImpl` library, as the former yields higher quality results and the latter is going to be deprecated. This also improves performance when multiple queries are evaluated, due to more sharing of intermediate computations. +- `EXP50-CPP` - `DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql`: + - Prefer the `GlobalValueNumbering` CodeQL library over the `GlobalValueNumberingImpl` library, as the former yields higher quality results and the latter is going to be deprecated. This also improves performance when multiple queries are evaluated, due to more sharing of intermediate computations. diff --git a/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql b/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql index f4b3d6d710..7bfb298d3d 100644 --- a/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql +++ b/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql @@ -16,7 +16,7 @@ import codingstandards.cpp.cert import codingstandards.cpp.SideEffect import semmle.code.cpp.dataflow.DataFlow import semmle.code.cpp.dataflow.TaintTracking -import semmle.code.cpp.valuenumbering.GlobalValueNumberingImpl +import semmle.code.cpp.valuenumbering.GlobalValueNumbering /** Holds if the function's return value is derived from the `AliasParamter` p. */ predicate returnValueDependsOnAliasParameter(AliasParameter p) { diff --git a/cpp/cert/test/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.expected b/cpp/cert/test/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.expected index 723f3acedb..b432856e8b 100644 --- a/cpp/cert/test/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.expected +++ b/cpp/cert/test/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.expected @@ -2,4 +2,8 @@ | test.cpp:84:3:84:4 | call to f2 | Depending on the order of evaluation for the arguments $@ and $@ for side effects on shared state is unspecified and can result in unexpected behavior. | test.cpp:84:6:84:7 | call to f5 | call to f5 | test.cpp:84:12:84:13 | call to f7 | call to f7 | | test.cpp:87:3:87:4 | call to f2 | Depending on the order of evaluation for the arguments $@ and $@ for side effects on shared state is unspecified and can result in unexpected behavior. | test.cpp:87:9:87:10 | call to m1 | call to m1 | test.cpp:87:18:87:19 | call to m1 | call to m1 | | test.cpp:89:3:89:4 | call to f2 | Depending on the order of evaluation for the arguments $@ and $@ for side effects on shared state is unspecified and can result in unexpected behavior. | test.cpp:89:9:89:10 | call to m2 | call to m2 | test.cpp:89:18:89:19 | call to m2 | call to m2 | +| test.cpp:92:3:92:4 | call to f2 | Depending on the order of evaluation for the arguments $@ and $@ for side effects on shared state is unspecified and can result in unexpected behavior. | test.cpp:92:6:92:7 | call to f8 | call to f8 | test.cpp:92:14:92:15 | call to f9 | call to f9 | +| test.cpp:93:3:93:4 | call to f2 | Depending on the order of evaluation for the arguments $@ and $@ for side effects on shared state is unspecified and can result in unexpected behavior. | test.cpp:93:6:93:7 | call to f8 | call to f8 | test.cpp:93:14:93:16 | call to f11 | call to f11 | +| test.cpp:95:3:95:4 | call to f2 | Depending on the order of evaluation for the arguments $@ and $@ for side effects on shared state is unspecified and can result in unexpected behavior. | test.cpp:95:6:95:7 | call to f8 | call to f8 | test.cpp:95:13:95:14 | call to f9 | call to f9 | +| test.cpp:96:3:96:4 | call to f2 | Depending on the order of evaluation for the arguments $@ and $@ for side effects on shared state is unspecified and can result in unexpected behavior. | test.cpp:96:6:96:7 | call to f8 | call to f8 | test.cpp:96:13:96:15 | call to f11 | call to f11 | | test.cpp:99:3:99:4 | call to f2 | Depending on the order of evaluation for the arguments $@ and $@ for side effects on shared state is unspecified and can result in unexpected behavior. | test.cpp:99:9:99:10 | call to m1 | call to m1 | test.cpp:99:18:99:19 | call to m1 | call to m1 | From e0e4181ce6e2c429d082c991ec1b52cc62069ff9 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Wed, 16 Nov 2022 16:21:01 +0100 Subject: [PATCH 0109/2573] Add Pointers3 package Add rule definition and package files Add Pointers3 to package list in tasks.json --- .vscode/tasks.json | 1 + .../cpp/exclusions/c/Pointers3.qll | 74 +++++++++++++++++ .../cpp/exclusions/c/RuleMetadata.qll | 3 + rule_packages/c/Pointers3.json | 80 +++++++++++++++++++ 4 files changed, 158 insertions(+) create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/Pointers3.qll create mode 100644 rule_packages/c/Pointers3.json diff --git a/.vscode/tasks.json b/.vscode/tasks.json index d1f141cced..2e2941222b 100644 --- a/.vscode/tasks.json +++ b/.vscode/tasks.json @@ -233,6 +233,7 @@ "Pointers", "Pointers1", "Pointers2", + "Pointers3", "Scope", "SideEffects1", "SideEffects2", diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers3.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers3.qll new file mode 100644 index 0000000000..9c4741f620 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers3.qll @@ -0,0 +1,74 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype Pointers3Query = + TDoNotAccessVolatileObjectWithNonVolatileReferenceQuery() or + TDoNotCastPointerToMoreStrictlyAlignedPointerTypeQuery() or + TDoNotAccessVariableViaPointerOfIncompatibleTypeQuery() or + TUndefinedBehaviorWithRestrictQualifiedPointersQuery() + +predicate isPointers3QueryMetadata(Query query, string queryId, string ruleId) { + query = + // `Query` instance for the `doNotAccessVolatileObjectWithNonVolatileReference` query + Pointers3Package::doNotAccessVolatileObjectWithNonVolatileReferenceQuery() and + queryId = + // `@id` for the `doNotAccessVolatileObjectWithNonVolatileReference` query + "c/cert/do-not-access-volatile-object-with-non-volatile-reference" and + ruleId = "EXP32-C" + or + query = + // `Query` instance for the `doNotCastPointerToMoreStrictlyAlignedPointerType` query + Pointers3Package::doNotCastPointerToMoreStrictlyAlignedPointerTypeQuery() and + queryId = + // `@id` for the `doNotCastPointerToMoreStrictlyAlignedPointerType` query + "c/cert/do-not-cast-pointer-to-more-strictly-aligned-pointer-type" and + ruleId = "EXP36-C" + or + query = + // `Query` instance for the `doNotAccessVariableViaPointerOfIncompatibleType` query + Pointers3Package::doNotAccessVariableViaPointerOfIncompatibleTypeQuery() and + queryId = + // `@id` for the `doNotAccessVariableViaPointerOfIncompatibleType` query + "c/cert/do-not-access-variable-via-pointer-of-incompatible-type" and + ruleId = "EXP39-C" + or + query = + // `Query` instance for the `undefinedBehaviorWithRestrictQualifiedPointers` query + Pointers3Package::undefinedBehaviorWithRestrictQualifiedPointersQuery() and + queryId = + // `@id` for the `undefinedBehaviorWithRestrictQualifiedPointers` query + "c/cert/undefined-behavior-with-restrict-qualified-pointers" and + ruleId = "EXP43-C" +} + +module Pointers3Package { + Query doNotAccessVolatileObjectWithNonVolatileReferenceQuery() { + //autogenerate `Query` type + result = + // `Query` type for `doNotAccessVolatileObjectWithNonVolatileReference` query + TQueryC(TPointers3PackageQuery(TDoNotAccessVolatileObjectWithNonVolatileReferenceQuery())) + } + + Query doNotCastPointerToMoreStrictlyAlignedPointerTypeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `doNotCastPointerToMoreStrictlyAlignedPointerType` query + TQueryC(TPointers3PackageQuery(TDoNotCastPointerToMoreStrictlyAlignedPointerTypeQuery())) + } + + Query doNotAccessVariableViaPointerOfIncompatibleTypeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `doNotAccessVariableViaPointerOfIncompatibleType` query + TQueryC(TPointers3PackageQuery(TDoNotAccessVariableViaPointerOfIncompatibleTypeQuery())) + } + + Query undefinedBehaviorWithRestrictQualifiedPointersQuery() { + //autogenerate `Query` type + result = + // `Query` type for `undefinedBehaviorWithRestrictQualifiedPointers` query + TQueryC(TPointers3PackageQuery(TUndefinedBehaviorWithRestrictQualifiedPointersQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index ad05d9b737..1a0ac56434 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -24,6 +24,7 @@ import Language1 import Misc import Pointers1 import Pointers2 +import Pointers3 import Preprocessor1 import Preprocessor2 import Preprocessor3 @@ -60,6 +61,7 @@ newtype TCQuery = TMiscPackageQuery(MiscQuery q) or TPointers1PackageQuery(Pointers1Query q) or TPointers2PackageQuery(Pointers2Query q) or + TPointers3PackageQuery(Pointers3Query q) or TPreprocessor1PackageQuery(Preprocessor1Query q) or TPreprocessor2PackageQuery(Preprocessor2Query q) or TPreprocessor3PackageQuery(Preprocessor3Query q) or @@ -96,6 +98,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId) { isMiscQueryMetadata(query, queryId, ruleId) or isPointers1QueryMetadata(query, queryId, ruleId) or isPointers2QueryMetadata(query, queryId, ruleId) or + isPointers3QueryMetadata(query, queryId, ruleId) or isPreprocessor1QueryMetadata(query, queryId, ruleId) or isPreprocessor2QueryMetadata(query, queryId, ruleId) or isPreprocessor3QueryMetadata(query, queryId, ruleId) or diff --git a/rule_packages/c/Pointers3.json b/rule_packages/c/Pointers3.json new file mode 100644 index 0000000000..e395543690 --- /dev/null +++ b/rule_packages/c/Pointers3.json @@ -0,0 +1,80 @@ +{ + "CERT-C": { + "EXP32-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "If an an object defined with a volatile-qualified type is referred to with an lvalue of a non-volatile-qualified type, the behavior is undefined.", + "kind": "problem", + "name": "Do not access a volatile object through a nonvolatile reference", + "precision": "high", + "severity": "error", + "short_name": "DoNotAccessVolatileObjectWithNonVolatileReference", + "tags": [ + "correctness" + ] + } + ], + "title": "Do not access a volatile object through a nonvolatile reference" + }, + "EXP36-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Converting a pointer to a different type results in undefined behavior if the pointer is not correctly aligned for the new type.", + "kind": "path-problem", + "name": "Do not cast pointers into more strictly aligned pointer types", + "precision": "high", + "severity": "error", + "short_name": "DoNotCastPointerToMoreStrictlyAlignedPointerType", + "tags": [ + "correctness" + ] + } + ], + "title": "Do not cast pointers into more strictly aligned pointer types" + }, + "EXP39-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Modifying underlying pointer data through a pointer of an incompatible type can lead to unpredictable results.", + "kind": "problem", + "name": "Do not access a variable through a pointer of an incompatible type", + "precision": "very-high", + "severity": "error", + "short_name": "DoNotAccessVariableViaPointerOfIncompatibleType", + "tags": [ + "correctness" + ] + } + ], + "title": "Do not access a variable through a pointer of an incompatible type" + }, + "EXP43-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "Avoid undefined behavior when using restrict-qualified pointers", + "precision": "very-high", + "severity": "error", + "short_name": "UndefinedBehaviorWithRestrictQualifiedPointers", + "tags": [ + "correctness" + ] + } + ], + "title": "Avoid undefined behavior when using restrict-qualified pointers" + } + } +} \ No newline at end of file From 1bfa1b125a6a7bc3de43f5f475731ec5f012dc2d Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Wed, 16 Nov 2022 16:22:23 +0100 Subject: [PATCH 0110/2573] Fix RULE-11-7 query output message The previous message referenced a "pointer to void type" rather than "pointer to object type" as specified by the query. --- .../CastBetweenPointerToObjectAndNonIntArithmeticType.ql | 2 +- ...stBetweenPointerToObjectAndNonIntArithmeticType.expected | 6 +++--- change_notes/2022-11-14-fix-RULE-11-7-message.md | 2 ++ 3 files changed, 6 insertions(+), 4 deletions(-) create mode 100644 change_notes/2022-11-14-fix-RULE-11-7-message.md diff --git a/c/misra/src/rules/RULE-11-7/CastBetweenPointerToObjectAndNonIntArithmeticType.ql b/c/misra/src/rules/RULE-11-7/CastBetweenPointerToObjectAndNonIntArithmeticType.ql index 2aa49ae2a0..3be7644b9d 100644 --- a/c/misra/src/rules/RULE-11-7/CastBetweenPointerToObjectAndNonIntArithmeticType.ql +++ b/c/misra/src/rules/RULE-11-7/CastBetweenPointerToObjectAndNonIntArithmeticType.ql @@ -32,4 +32,4 @@ where [typeFrom, typeTo] instanceof MisraNonIntegerArithmeticType and [typeFrom, typeTo] instanceof PointerToObjectType select cast, - "Cast performed between a pointer to void type and a non-integer arithmetic type." \ No newline at end of file + "Cast performed between a pointer to object type and a non-integer arithmetic type." \ No newline at end of file diff --git a/c/misra/test/rules/RULE-11-7/CastBetweenPointerToObjectAndNonIntArithmeticType.expected b/c/misra/test/rules/RULE-11-7/CastBetweenPointerToObjectAndNonIntArithmeticType.expected index 0b96b3c747..133e568499 100644 --- a/c/misra/test/rules/RULE-11-7/CastBetweenPointerToObjectAndNonIntArithmeticType.expected +++ b/c/misra/test/rules/RULE-11-7/CastBetweenPointerToObjectAndNonIntArithmeticType.expected @@ -1,3 +1,3 @@ -| test.c:5:13:5:20 | (bool)... | Cast performed between a pointer to void type and a non-integer arithmetic type. | -| test.c:7:21:7:28 | (bool)... | Cast performed between a pointer to void type and a non-integer arithmetic type. | -| test.c:8:8:8:16 | (int *)... | Cast performed between a pointer to void type and a non-integer arithmetic type. | +| test.c:5:13:5:20 | (bool)... | Cast performed between a pointer to object type and a non-integer arithmetic type. | +| test.c:7:21:7:28 | (bool)... | Cast performed between a pointer to object type and a non-integer arithmetic type. | +| test.c:8:8:8:16 | (int *)... | Cast performed between a pointer to object type and a non-integer arithmetic type. | diff --git a/change_notes/2022-11-14-fix-RULE-11-7-message.md b/change_notes/2022-11-14-fix-RULE-11-7-message.md new file mode 100644 index 0000000000..f1cb253f3b --- /dev/null +++ b/change_notes/2022-11-14-fix-RULE-11-7-message.md @@ -0,0 +1,2 @@ + - `RULE-11-7` - `CastBetweenPointerToObjectAndNonIntArithmeticType.ql` + - Corrected the query output message to describe a cast involving a pointer to an object rather than a void pointer. \ No newline at end of file From 833d834a4aee13bfd01a3c25471f83e89f92292a Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Wed, 16 Nov 2022 16:24:18 +0100 Subject: [PATCH 0111/2573] Implement EXP32-C and EXP36-C Additionally updated the `EXP36-C` test-case and refactored `MEM57-CPP` to move certain classes and predicates to the `Alignment.qll` library for re-use in `EXP36-C`. --- ...sVolatileObjectWithNonVolatileReference.md | 18 ++ ...sVolatileObjectWithNonVolatileReference.ql | 65 ++++ ...PointerToMoreStrictlyAlignedPointerType.md | 18 ++ ...PointerToMoreStrictlyAlignedPointerType.ql | 170 +++++++++++ ...ileObjectWithNonVolatileReference.expected | 4 + ...latileObjectWithNonVolatileReference.qlref | 1 + ...rToMoreStrictlyAlignedPointerType.expected | 282 ++++++++++++++++++ ...nterToMoreStrictlyAlignedPointerType.qlref | 1 + c/cert/test/rules/EXP36-C/test.c | 101 ++++++- ...ngDefaultOperatorNewForOverAlignedTypes.ql | 21 +- .../src/codingstandards/cpp/Alignment.qll | 25 ++ 11 files changed, 672 insertions(+), 34 deletions(-) create mode 100644 c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.md create mode 100644 c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.ql create mode 100644 c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.md create mode 100644 c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql create mode 100644 c/cert/test/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.expected create mode 100644 c/cert/test/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.qlref create mode 100644 c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected create mode 100644 c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.qlref create mode 100644 cpp/common/src/codingstandards/cpp/Alignment.qll diff --git a/c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.md b/c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.md new file mode 100644 index 0000000000..449644423b --- /dev/null +++ b/c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.md @@ -0,0 +1,18 @@ +# EXP32-C: Do not access a volatile object through a nonvolatile reference + +This query implements the CERT-C rule EXP32-C: + +> Do not access a volatile object through a nonvolatile reference + + +## CERT + +** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** + +## Implementation notes + +None + +## References + +* CERT-C: [EXP32-C: Do not access a volatile object through a nonvolatile reference](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.ql b/c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.ql new file mode 100644 index 0000000000..fe6acfb44b --- /dev/null +++ b/c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.ql @@ -0,0 +1,65 @@ +/** + * @id c/cert/do-not-access-volatile-object-with-non-volatile-reference + * @name EXP32-C: Do not access a volatile object through a nonvolatile reference + * @description If an an object defined with a volatile-qualified type is referred to with an lvalue + * of a non-volatile-qualified type, the behavior is undefined. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/cert/id/exp32-c + * correctness + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert + +/** + * A `Cast` which converts from a pointer to a volatile-qualified type + * to a pointer to a non-volatile-qualified type. + */ +class CastFromVolatileToNonVolatileBaseType extends Cast { + CastFromVolatileToNonVolatileBaseType() { + this.getExpr().getType().(PointerType).getBaseType*().isVolatile() and + this.getActualType() instanceof PointerType and + not this.getActualType().(PointerType).getBaseType*().isVolatile() + } +} + +/** + * An `AssignExpr` with an *lvalue* that is a pointer to a volatile base type and + * and *rvalue* that is not also a pointer to a volatile base type. + */ +class NonVolatileObjectAssignedToVolatilePointer extends AssignExpr { + NonVolatileObjectAssignedToVolatilePointer() { + this.getLValue().getType().(DerivedType).getBaseType*().isVolatile() and + not this.getRValue().getUnconverted().getType().(DerivedType).getBaseType*().isVolatile() + } + + /** + * All `VariableAccess` expressions which are transitive successors of + * this `Expr` and which access the variable accessed in the *rvalue* of this `Expr` + */ + Expr getASubsequentAccessOfAssignedObject() { + result = + any(VariableAccess va | + va = this.getRValue().getAChild*().(VariableAccess).getTarget().getAnAccess() and + this.getASuccessor+() = va + | + va + ) + } +} + +from Expr e, string message +where + not isExcluded(e, Pointers3Package::doNotAccessVolatileObjectWithNonVolatileReferenceQuery()) and + ( + e instanceof CastFromVolatileToNonVolatileBaseType and + message = "Cast of object with a volatile-qualified type to a non-volatile-qualified type." + or + exists(e.(NonVolatileObjectAssignedToVolatilePointer).getASubsequentAccessOfAssignedObject()) and + message = + "Non-volatile object referenced via pointer to volatile type and later accessed via its original object of a non-volatile-qualified type." + ) +select e, message diff --git a/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.md b/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.md new file mode 100644 index 0000000000..870ae704aa --- /dev/null +++ b/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.md @@ -0,0 +1,18 @@ +# EXP36-C: Do not cast pointers into more strictly aligned pointer types + +This query implements the CERT-C rule EXP36-C: + +> Do not cast pointers into more strictly aligned pointer types + + +## CERT + +** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** + +## Implementation notes + +None + +## References + +* CERT-C: [EXP36-C: Do not cast pointers into more strictly aligned pointer types](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql b/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql new file mode 100644 index 0000000000..b1c2b6e305 --- /dev/null +++ b/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql @@ -0,0 +1,170 @@ +/** + * @id c/cert/do-not-cast-pointer-to-more-strictly-aligned-pointer-type + * @name EXP36-C: Do not cast pointers into more strictly aligned pointer types + * @description Converting a pointer to a different type results in undefined behavior if the + * pointer is not correctly aligned for the new type. + * @kind path-problem + * @precision high + * @problem.severity error + * @tags external/cert/id/exp36-c + * correctness + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import codingstandards.cpp.Alignment +import semmle.code.cpp.dataflow.DataFlow +import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis +import DataFlow::PathGraph + +/** + * An expression with a type that has defined alignment requirements + */ +abstract class ExprWithAlignment extends Expr { + /** + * Gets the alignment requirements in bytes for the underlying `Expr` + */ + abstract int getAlignment(); + + /** + * Gets a descriptive string describing the type of expression + */ + abstract string getKind(); +} + +/** + * A class extending `AddressOfExpr` and `ExprWithAlignment` to reason about the + * alignment of base types addressed with C address-of expressions + */ +class AddressOfAlignedVariableExpr extends AddressOfExpr, ExprWithAlignment { + AddressOfAlignedVariableExpr() { this.getAddressable() instanceof Variable } + + AlignAs alignAsAttribute() { result = this.getAddressable().(Variable).getAnAttribute() } + + override int getAlignment() { + result = alignAsAttribute().getArgument(0).getValueInt() + or + result = alignAsAttribute().getArgument(0).getValueType().getSize() + or + not exists(alignAsAttribute()) and + result = this.getAddressable().(Variable).getType().getAlignment() + } + + override string getKind() { result = "address-of expression" } +} + +/** + * A class extending `FunctionCall` and `ExprWithAlignment` to reason about the + * alignment of pointers allocated with calls to C standard library allocation functions + */ +class DefinedAlignmentAllocationExpr extends FunctionCall, ExprWithAlignment { + int alignment; + + DefinedAlignmentAllocationExpr() { + this.getTarget().getName() = "aligned_alloc" and + lowerBound(this.getArgument(0)) = upperBound(this.getArgument(0)) and + alignment = upperBound(this.getArgument(0)) + or + this.getTarget().getName() = ["malloc", "calloc", "realloc"] and + alignment = getGlobalMaxAlignT() + } + + override int getAlignment() { result = alignment } + + override string getKind() { result = "call to " + this.getTarget().getName() } +} + +/** + * A class extending `VariableAccess` and `ExprWithAlignment` to reason about the + * alignment of pointers accessed based solely on the pointers' base types. + */ +class DefaultAlignedPointerAccessExpr extends VariableAccess, ExprWithAlignment { + DefaultAlignedPointerAccessExpr() { + this.getTarget().getUnspecifiedType() instanceof PointerType and + not this.getTarget().getUnspecifiedType() instanceof VoidPointerType + } + + override int getAlignment() { + result = this.getTarget().getType().(PointerType).getBaseType().getAlignment() + } + + override string getKind() { result = "pointer base type" } +} + +/** + * A data-flow configuration for analysing the flow of `ExprWithAlignment` pointer expressions + * to casts which perform pointer type conversions and potentially create pointer alignment issues. + */ +class ExprWithAlignmentToCStyleCastConfiguration extends DataFlow::Configuration { + ExprWithAlignmentToCStyleCastConfiguration() { + this = "ExprWithAlignmentToCStyleCastConfiguration" + } + + override predicate isSource(DataFlow::Node source) { + source.asExpr() instanceof ExprWithAlignment + } + + override predicate isSink(DataFlow::Node sink) { + exists(CStyleCast cast | + cast.getUnderlyingType() instanceof PointerType and + cast.getUnconverted() = sink.asExpr() + ) + } +} + +/** + * A data-flow configuration for tracking flow from `AddressOfExpr` which provide + * most reliable or explicitly defined alignment information to the less reliable + * `DefaultAlignedPointerAccessExpr` expressions. + * + * This data-flow configuration is used + * to exclude an `DefaultAlignedPointerAccessExpr` as a source if a preceding source + * defined by this configuration provides more accurate alignment information. + */ +class AllocationOrAddressOfExprToDefaultAlignedPointerAccessConfig extends DataFlow::Configuration { + AllocationOrAddressOfExprToDefaultAlignedPointerAccessConfig() { + this = "AllocationOrAddressOfExprToDefaultAlignedPointerAccessConfig" + } + + override predicate isSource(DataFlow::Node source) { + source.asExpr() instanceof AddressOfAlignedVariableExpr or + source.asExpr() instanceof DefinedAlignmentAllocationExpr + } + + override predicate isSink(DataFlow::Node sink) { + sink.asExpr() instanceof DefaultAlignedPointerAccessExpr + } +} + +from + DataFlow::PathNode source, DataFlow::PathNode sink, ExprWithAlignment expr, CStyleCast cast, + Type toBaseType, int alignmentFrom, int alignmentTo +where + not isExcluded(cast, Pointers3Package::doNotCastPointerToMoreStrictlyAlignedPointerTypeQuery()) and + any(ExprWithAlignmentToCStyleCastConfiguration config).hasFlowPath(source, sink) and + source.getNode().asExpr() = expr and + sink.getNode().asExpr() = cast.getUnconverted() and + ( + // possibility 1: the source node (ExprWithAlignment) is NOT a DefaultAlignedPointerAccessExpr + // meaning that its alignment info is accurate regardless of any preceding ExprWithAlignment nodes + expr instanceof DefaultAlignedPointerAccessExpr + implies + ( + // possibility 2: the source node (ExprWithAlignment) IS a DefaultAlignedPointerAccessExpr + // meaning that its alignment info is only accurate if no preceding ExprWithAlignment nodes exist + not any(AllocationOrAddressOfExprToDefaultAlignedPointerAccessConfig config) + .hasFlowTo(source.getNode()) and + expr instanceof DefaultAlignedPointerAccessExpr and + cast.getUnconverted() instanceof VariableAccess + ) + ) and + toBaseType = cast.getActualType().(PointerType).getBaseType() and + alignmentTo = toBaseType.getAlignment() and + alignmentFrom = expr.getAlignment() and + // only flag cases where the cast's target type has stricter alignment requirements than the source + alignmentFrom < alignmentTo +select sink, source, sink, + "Cast from pointer with " + alignmentFrom + + "-byte alignment (defined by $@) to pointer with base type " + toBaseType.getUnderlyingType() + + " with " + alignmentTo + "-byte alignment.", expr.getUnconverted(), expr.getKind() diff --git a/c/cert/test/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.expected b/c/cert/test/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.expected new file mode 100644 index 0000000000..d8fd01bbae --- /dev/null +++ b/c/cert/test/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.expected @@ -0,0 +1,4 @@ +| test.c:5:13:5:21 | (int *)... | Cast of object with a volatile-qualified type to a non-volatile-qualified type. | +| test.c:6:13:6:31 | (int *)... | Cast of object with a volatile-qualified type to a non-volatile-qualified type. | +| test.c:14:3:14:55 | ... = ... | Non-volatile object referenced via pointer to volatile type and later accessed via its original object of a non-volatile-qualified type. | +| test.c:24:3:25:36 | ... = ... | Non-volatile object referenced via pointer to volatile type and later accessed via its original object of a non-volatile-qualified type. | diff --git a/c/cert/test/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.qlref b/c/cert/test/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.qlref new file mode 100644 index 0000000000..90635c935e --- /dev/null +++ b/c/cert/test/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.qlref @@ -0,0 +1 @@ +rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.ql \ No newline at end of file diff --git a/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected b/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected new file mode 100644 index 0000000000..e523be08fb --- /dev/null +++ b/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected @@ -0,0 +1,282 @@ +edges +| test.c:75:14:75:16 | & ... | test.c:76:11:76:12 | v1 | +| test.c:75:14:75:16 | & ... | test.c:77:12:77:13 | v1 | +| test.c:75:14:75:16 | & ... | test.c:78:10:78:11 | v1 | +| test.c:75:14:75:16 | & ... | test.c:79:12:79:13 | v1 | +| test.c:75:14:75:16 | & ... | test.c:80:11:80:12 | v1 | +| test.c:75:14:75:16 | & ... | test.c:81:13:81:14 | v1 | +| test.c:84:14:84:16 | & ... | test.c:85:11:85:12 | v2 | +| test.c:84:14:84:16 | & ... | test.c:86:12:86:13 | v2 | +| test.c:84:14:84:16 | & ... | test.c:87:10:87:11 | v2 | +| test.c:84:14:84:16 | & ... | test.c:88:12:88:13 | v2 | +| test.c:84:14:84:16 | & ... | test.c:89:11:89:12 | v2 | +| test.c:84:14:84:16 | & ... | test.c:90:13:90:14 | v2 | +| test.c:93:14:93:16 | & ... | test.c:94:11:94:12 | v3 | +| test.c:93:14:93:16 | & ... | test.c:95:12:95:13 | v3 | +| test.c:93:14:93:16 | & ... | test.c:96:10:96:11 | v3 | +| test.c:93:14:93:16 | & ... | test.c:97:12:97:13 | v3 | +| test.c:93:14:93:16 | & ... | test.c:98:11:98:12 | v3 | +| test.c:93:14:93:16 | & ... | test.c:99:13:99:14 | v3 | +| test.c:102:14:102:16 | & ... | test.c:103:11:103:12 | v4 | +| test.c:102:14:102:16 | & ... | test.c:104:12:104:13 | v4 | +| test.c:102:14:102:16 | & ... | test.c:105:10:105:11 | v4 | +| test.c:102:14:102:16 | & ... | test.c:106:12:106:13 | v4 | +| test.c:102:14:102:16 | & ... | test.c:107:11:107:12 | v4 | +| test.c:102:14:102:16 | & ... | test.c:108:13:108:14 | v4 | +| test.c:111:14:111:16 | & ... | test.c:112:11:112:12 | v5 | +| test.c:111:14:111:16 | & ... | test.c:113:12:113:13 | v5 | +| test.c:111:14:111:16 | & ... | test.c:114:10:114:11 | v5 | +| test.c:111:14:111:16 | & ... | test.c:115:12:115:13 | v5 | +| test.c:111:14:111:16 | & ... | test.c:116:11:116:12 | v5 | +| test.c:111:14:111:16 | & ... | test.c:117:13:117:14 | v5 | +| test.c:120:14:120:16 | & ... | test.c:121:11:121:12 | v6 | +| test.c:120:14:120:16 | & ... | test.c:122:12:122:13 | v6 | +| test.c:120:14:120:16 | & ... | test.c:123:10:123:11 | v6 | +| test.c:120:14:120:16 | & ... | test.c:124:12:124:13 | v6 | +| test.c:120:14:120:16 | & ... | test.c:125:11:125:12 | v6 | +| test.c:120:14:120:16 | & ... | test.c:126:13:126:14 | v6 | +| test.c:129:22:129:22 | v | test.c:129:22:129:22 | v | +| test.c:129:22:129:22 | v | test.c:130:17:130:17 | v | +| test.c:135:21:135:23 | & ... | test.c:129:22:129:22 | v | +| test.c:138:21:138:23 | & ... | test.c:129:22:129:22 | v | +| test.c:166:24:166:29 | call to malloc | test.c:167:13:167:15 | & ... | +| test.c:166:24:166:29 | call to malloc | test.c:167:14:167:15 | s1 | +| test.c:166:24:166:29 | call to malloc | test.c:168:16:168:18 | & ... | +| test.c:166:24:166:29 | call to malloc | test.c:168:17:168:18 | s1 | +| test.c:166:24:166:29 | call to malloc | test.c:169:13:169:14 | s1 | +| test.c:166:24:166:29 | call to malloc | test.c:169:13:169:14 | s1 | +| test.c:166:24:166:29 | call to malloc | test.c:169:13:169:14 | s1 | +| test.c:166:24:166:29 | call to malloc | test.c:169:13:169:14 | s1 | +| test.c:166:24:166:29 | call to malloc | test.c:171:15:171:16 | s1 | +| test.c:166:24:166:29 | call to malloc | test.c:176:16:176:17 | s1 | +| test.c:167:14:167:15 | s1 | test.c:167:13:167:15 | & ... | +| test.c:168:17:168:18 | s1 | test.c:168:16:168:18 | & ... | +| test.c:169:13:169:14 | ref arg s1 | test.c:171:15:171:16 | s1 | +| test.c:169:13:169:14 | ref arg s1 | test.c:176:16:176:17 | s1 | +| test.c:169:13:169:14 | s1 | test.c:129:22:129:22 | v | +| test.c:169:13:169:14 | s1 | test.c:129:22:129:22 | v | +| test.c:169:13:169:14 | s1 | test.c:169:13:169:14 | ref arg s1 | +| test.c:172:14:172:15 | s2 | test.c:172:13:172:15 | & ... | +| test.c:173:12:173:13 | s2 | test.c:173:11:173:13 | & ... | +| test.c:174:13:174:14 | s2 | test.c:129:22:129:22 | v | +| test.c:177:14:177:15 | s3 | test.c:177:13:177:15 | & ... | +| test.c:178:12:178:13 | s3 | test.c:178:11:178:13 | & ... | +| test.c:179:13:179:14 | s3 | test.c:129:22:129:22 | v | +| test.c:183:14:183:26 | call to aligned_alloc | test.c:184:11:184:12 | v1 | +| test.c:183:14:183:26 | call to aligned_alloc | test.c:185:10:185:11 | v1 | +| test.c:183:14:183:26 | call to aligned_alloc | test.c:186:13:186:14 | v1 | +| test.c:183:14:183:26 | call to aligned_alloc | test.c:187:13:187:14 | v1 | +| test.c:187:13:187:14 | v1 | test.c:129:22:129:22 | v | +| test.c:189:14:189:26 | call to aligned_alloc | test.c:190:13:190:14 | v2 | +| test.c:190:13:190:14 | v2 | test.c:129:22:129:22 | v | +| test.c:222:8:222:9 | p2 | test.c:223:11:223:12 | v1 | +| test.c:222:8:222:9 | p2 | test.c:224:12:224:13 | v1 | +| test.c:222:8:222:9 | p2 | test.c:225:10:225:11 | v1 | +| test.c:222:8:222:9 | p2 | test.c:226:12:226:13 | v1 | +| test.c:222:8:222:9 | p2 | test.c:227:11:227:12 | v1 | +| test.c:222:8:222:9 | p2 | test.c:228:13:228:14 | v1 | +nodes +| test.c:7:11:7:13 | & ... | semmle.label | & ... | +| test.c:8:12:8:14 | & ... | semmle.label | & ... | +| test.c:9:10:9:12 | & ... | semmle.label | & ... | +| test.c:10:11:10:13 | & ... | semmle.label | & ... | +| test.c:11:12:11:14 | & ... | semmle.label | & ... | +| test.c:12:13:12:15 | & ... | semmle.label | & ... | +| test.c:15:11:15:13 | & ... | semmle.label | & ... | +| test.c:16:12:16:14 | & ... | semmle.label | & ... | +| test.c:17:10:17:12 | & ... | semmle.label | & ... | +| test.c:18:11:18:13 | & ... | semmle.label | & ... | +| test.c:19:12:19:14 | & ... | semmle.label | & ... | +| test.c:20:13:20:15 | & ... | semmle.label | & ... | +| test.c:23:11:23:13 | & ... | semmle.label | & ... | +| test.c:24:12:24:14 | & ... | semmle.label | & ... | +| test.c:25:10:25:12 | & ... | semmle.label | & ... | +| test.c:26:12:26:14 | & ... | semmle.label | & ... | +| test.c:27:11:27:13 | & ... | semmle.label | & ... | +| test.c:28:13:28:15 | & ... | semmle.label | & ... | +| test.c:31:11:31:13 | & ... | semmle.label | & ... | +| test.c:32:12:32:14 | & ... | semmle.label | & ... | +| test.c:33:10:33:12 | & ... | semmle.label | & ... | +| test.c:34:12:34:14 | & ... | semmle.label | & ... | +| test.c:35:11:35:13 | & ... | semmle.label | & ... | +| test.c:36:13:36:15 | & ... | semmle.label | & ... | +| test.c:39:11:39:13 | & ... | semmle.label | & ... | +| test.c:40:12:40:14 | & ... | semmle.label | & ... | +| test.c:41:10:41:12 | & ... | semmle.label | & ... | +| test.c:42:12:42:14 | & ... | semmle.label | & ... | +| test.c:43:11:43:13 | & ... | semmle.label | & ... | +| test.c:44:13:44:15 | & ... | semmle.label | & ... | +| test.c:47:11:47:13 | & ... | semmle.label | & ... | +| test.c:48:12:48:14 | & ... | semmle.label | & ... | +| test.c:49:10:49:12 | & ... | semmle.label | & ... | +| test.c:50:12:50:14 | & ... | semmle.label | & ... | +| test.c:51:11:51:13 | & ... | semmle.label | & ... | +| test.c:52:13:52:15 | & ... | semmle.label | & ... | +| test.c:57:11:57:13 | & ... | semmle.label | & ... | +| test.c:58:12:58:14 | & ... | semmle.label | & ... | +| test.c:59:10:59:12 | & ... | semmle.label | & ... | +| test.c:60:12:60:14 | & ... | semmle.label | & ... | +| test.c:61:11:61:13 | & ... | semmle.label | & ... | +| test.c:62:13:62:15 | & ... | semmle.label | & ... | +| test.c:65:11:65:13 | & ... | semmle.label | & ... | +| test.c:66:12:66:14 | & ... | semmle.label | & ... | +| test.c:67:10:67:12 | & ... | semmle.label | & ... | +| test.c:68:12:68:14 | & ... | semmle.label | & ... | +| test.c:69:11:69:13 | & ... | semmle.label | & ... | +| test.c:70:13:70:15 | & ... | semmle.label | & ... | +| test.c:75:14:75:16 | & ... | semmle.label | & ... | +| test.c:75:14:75:16 | & ... | semmle.label | & ... | +| test.c:76:11:76:12 | v1 | semmle.label | v1 | +| test.c:77:12:77:13 | v1 | semmle.label | v1 | +| test.c:78:10:78:11 | v1 | semmle.label | v1 | +| test.c:79:12:79:13 | v1 | semmle.label | v1 | +| test.c:80:11:80:12 | v1 | semmle.label | v1 | +| test.c:81:13:81:14 | v1 | semmle.label | v1 | +| test.c:84:14:84:16 | & ... | semmle.label | & ... | +| test.c:84:14:84:16 | & ... | semmle.label | & ... | +| test.c:85:11:85:12 | v2 | semmle.label | v2 | +| test.c:86:12:86:13 | v2 | semmle.label | v2 | +| test.c:87:10:87:11 | v2 | semmle.label | v2 | +| test.c:88:12:88:13 | v2 | semmle.label | v2 | +| test.c:89:11:89:12 | v2 | semmle.label | v2 | +| test.c:90:13:90:14 | v2 | semmle.label | v2 | +| test.c:93:14:93:16 | & ... | semmle.label | & ... | +| test.c:93:14:93:16 | & ... | semmle.label | & ... | +| test.c:94:11:94:12 | v3 | semmle.label | v3 | +| test.c:95:12:95:13 | v3 | semmle.label | v3 | +| test.c:96:10:96:11 | v3 | semmle.label | v3 | +| test.c:97:12:97:13 | v3 | semmle.label | v3 | +| test.c:98:11:98:12 | v3 | semmle.label | v3 | +| test.c:99:13:99:14 | v3 | semmle.label | v3 | +| test.c:102:14:102:16 | & ... | semmle.label | & ... | +| test.c:102:14:102:16 | & ... | semmle.label | & ... | +| test.c:103:11:103:12 | v4 | semmle.label | v4 | +| test.c:104:12:104:13 | v4 | semmle.label | v4 | +| test.c:105:10:105:11 | v4 | semmle.label | v4 | +| test.c:106:12:106:13 | v4 | semmle.label | v4 | +| test.c:107:11:107:12 | v4 | semmle.label | v4 | +| test.c:108:13:108:14 | v4 | semmle.label | v4 | +| test.c:111:14:111:16 | & ... | semmle.label | & ... | +| test.c:111:14:111:16 | & ... | semmle.label | & ... | +| test.c:112:11:112:12 | v5 | semmle.label | v5 | +| test.c:113:12:113:13 | v5 | semmle.label | v5 | +| test.c:114:10:114:11 | v5 | semmle.label | v5 | +| test.c:115:12:115:13 | v5 | semmle.label | v5 | +| test.c:116:11:116:12 | v5 | semmle.label | v5 | +| test.c:117:13:117:14 | v5 | semmle.label | v5 | +| test.c:120:14:120:16 | & ... | semmle.label | & ... | +| test.c:120:14:120:16 | & ... | semmle.label | & ... | +| test.c:121:11:121:12 | v6 | semmle.label | v6 | +| test.c:122:12:122:13 | v6 | semmle.label | v6 | +| test.c:123:10:123:11 | v6 | semmle.label | v6 | +| test.c:124:12:124:13 | v6 | semmle.label | v6 | +| test.c:125:11:125:12 | v6 | semmle.label | v6 | +| test.c:126:13:126:14 | v6 | semmle.label | v6 | +| test.c:129:22:129:22 | v | semmle.label | v | +| test.c:129:22:129:22 | v | semmle.label | v | +| test.c:129:22:129:22 | v | semmle.label | v | +| test.c:130:17:130:17 | v | semmle.label | v | +| test.c:135:21:135:23 | & ... | semmle.label | & ... | +| test.c:135:21:135:23 | & ... | semmle.label | & ... | +| test.c:138:21:138:23 | & ... | semmle.label | & ... | +| test.c:138:21:138:23 | & ... | semmle.label | & ... | +| test.c:158:13:158:20 | & ... | semmle.label | & ... | +| test.c:161:13:161:20 | & ... | semmle.label | & ... | +| test.c:162:16:162:18 | & ... | semmle.label | & ... | +| test.c:166:24:166:29 | call to malloc | semmle.label | call to malloc | +| test.c:166:24:166:29 | call to malloc | semmle.label | call to malloc | +| test.c:166:24:166:29 | call to malloc | semmle.label | call to malloc | +| test.c:167:13:167:15 | & ... | semmle.label | & ... | +| test.c:167:14:167:15 | s1 | semmle.label | s1 | +| test.c:167:14:167:15 | s1 | semmle.label | s1 | +| test.c:168:16:168:18 | & ... | semmle.label | & ... | +| test.c:168:17:168:18 | s1 | semmle.label | s1 | +| test.c:168:17:168:18 | s1 | semmle.label | s1 | +| test.c:169:13:169:14 | ref arg s1 | semmle.label | ref arg s1 | +| test.c:169:13:169:14 | s1 | semmle.label | s1 | +| test.c:169:13:169:14 | s1 | semmle.label | s1 | +| test.c:169:13:169:14 | s1 | semmle.label | s1 | +| test.c:169:13:169:14 | s1 | semmle.label | s1 | +| test.c:171:15:171:16 | s1 | semmle.label | s1 | +| test.c:172:13:172:15 | & ... | semmle.label | & ... | +| test.c:172:14:172:15 | s2 | semmle.label | s2 | +| test.c:173:11:173:13 | & ... | semmle.label | & ... | +| test.c:173:12:173:13 | s2 | semmle.label | s2 | +| test.c:174:13:174:14 | s2 | semmle.label | s2 | +| test.c:174:13:174:14 | s2 | semmle.label | s2 | +| test.c:176:16:176:17 | s1 | semmle.label | s1 | +| test.c:177:13:177:15 | & ... | semmle.label | & ... | +| test.c:177:14:177:15 | s3 | semmle.label | s3 | +| test.c:178:11:178:13 | & ... | semmle.label | & ... | +| test.c:178:12:178:13 | s3 | semmle.label | s3 | +| test.c:179:13:179:14 | s3 | semmle.label | s3 | +| test.c:179:13:179:14 | s3 | semmle.label | s3 | +| test.c:183:14:183:26 | call to aligned_alloc | semmle.label | call to aligned_alloc | +| test.c:184:11:184:12 | v1 | semmle.label | v1 | +| test.c:185:10:185:11 | v1 | semmle.label | v1 | +| test.c:186:13:186:14 | v1 | semmle.label | v1 | +| test.c:187:13:187:14 | v1 | semmle.label | v1 | +| test.c:189:14:189:26 | call to aligned_alloc | semmle.label | call to aligned_alloc | +| test.c:190:13:190:14 | v2 | semmle.label | v2 | +| test.c:214:11:214:12 | p2 | semmle.label | p2 | +| test.c:215:12:215:13 | p2 | semmle.label | p2 | +| test.c:216:10:216:11 | p2 | semmle.label | p2 | +| test.c:217:11:217:12 | p2 | semmle.label | p2 | +| test.c:218:12:218:13 | p2 | semmle.label | p2 | +| test.c:219:13:219:14 | p2 | semmle.label | p2 | +| test.c:222:8:222:9 | p2 | semmle.label | p2 | +| test.c:222:8:222:9 | p2 | semmle.label | p2 | +| test.c:223:11:223:12 | v1 | semmle.label | v1 | +| test.c:224:12:224:13 | v1 | semmle.label | v1 | +| test.c:225:10:225:11 | v1 | semmle.label | v1 | +| test.c:226:12:226:13 | v1 | semmle.label | v1 | +| test.c:227:11:227:12 | v1 | semmle.label | v1 | +| test.c:228:13:228:14 | v1 | semmle.label | v1 | +subpaths +| test.c:169:13:169:14 | s1 | test.c:129:22:129:22 | v | test.c:129:22:129:22 | v | test.c:169:13:169:14 | ref arg s1 | +#select +| test.c:8:12:8:14 | & ... | test.c:8:12:8:14 | & ... | test.c:8:12:8:14 | & ... | Cast from pointer with 1-byte alignment (defined by $@) to pointer with base type short with 2-byte alignment. | test.c:8:12:8:14 | & ... | address-of expression | +| test.c:9:10:9:12 | & ... | test.c:9:10:9:12 | & ... | test.c:9:10:9:12 | & ... | Cast from pointer with 1-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:9:10:9:12 | & ... | address-of expression | +| test.c:10:11:10:13 | & ... | test.c:10:11:10:13 | & ... | test.c:10:11:10:13 | & ... | Cast from pointer with 1-byte alignment (defined by $@) to pointer with base type long with 8-byte alignment. | test.c:10:11:10:13 | & ... | address-of expression | +| test.c:11:12:11:14 | & ... | test.c:11:12:11:14 | & ... | test.c:11:12:11:14 | & ... | Cast from pointer with 1-byte alignment (defined by $@) to pointer with base type float with 4-byte alignment. | test.c:11:12:11:14 | & ... | address-of expression | +| test.c:12:13:12:15 | & ... | test.c:12:13:12:15 | & ... | test.c:12:13:12:15 | & ... | Cast from pointer with 1-byte alignment (defined by $@) to pointer with base type double with 8-byte alignment. | test.c:12:13:12:15 | & ... | address-of expression | +| test.c:17:10:17:12 | & ... | test.c:17:10:17:12 | & ... | test.c:17:10:17:12 | & ... | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:17:10:17:12 | & ... | address-of expression | +| test.c:18:11:18:13 | & ... | test.c:18:11:18:13 | & ... | test.c:18:11:18:13 | & ... | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type long with 8-byte alignment. | test.c:18:11:18:13 | & ... | address-of expression | +| test.c:19:12:19:14 | & ... | test.c:19:12:19:14 | & ... | test.c:19:12:19:14 | & ... | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type float with 4-byte alignment. | test.c:19:12:19:14 | & ... | address-of expression | +| test.c:20:13:20:15 | & ... | test.c:20:13:20:15 | & ... | test.c:20:13:20:15 | & ... | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type double with 8-byte alignment. | test.c:20:13:20:15 | & ... | address-of expression | +| test.c:27:11:27:13 | & ... | test.c:27:11:27:13 | & ... | test.c:27:11:27:13 | & ... | Cast from pointer with 4-byte alignment (defined by $@) to pointer with base type long with 8-byte alignment. | test.c:27:11:27:13 | & ... | address-of expression | +| test.c:28:13:28:15 | & ... | test.c:28:13:28:15 | & ... | test.c:28:13:28:15 | & ... | Cast from pointer with 4-byte alignment (defined by $@) to pointer with base type double with 8-byte alignment. | test.c:28:13:28:15 | & ... | address-of expression | +| test.c:35:11:35:13 | & ... | test.c:35:11:35:13 | & ... | test.c:35:11:35:13 | & ... | Cast from pointer with 4-byte alignment (defined by $@) to pointer with base type long with 8-byte alignment. | test.c:35:11:35:13 | & ... | address-of expression | +| test.c:36:13:36:15 | & ... | test.c:36:13:36:15 | & ... | test.c:36:13:36:15 | & ... | Cast from pointer with 4-byte alignment (defined by $@) to pointer with base type double with 8-byte alignment. | test.c:36:13:36:15 | & ... | address-of expression | +| test.c:61:11:61:13 | & ... | test.c:61:11:61:13 | & ... | test.c:61:11:61:13 | & ... | Cast from pointer with 4-byte alignment (defined by $@) to pointer with base type long with 8-byte alignment. | test.c:61:11:61:13 | & ... | address-of expression | +| test.c:62:13:62:15 | & ... | test.c:62:13:62:15 | & ... | test.c:62:13:62:15 | & ... | Cast from pointer with 4-byte alignment (defined by $@) to pointer with base type double with 8-byte alignment. | test.c:62:13:62:15 | & ... | address-of expression | +| test.c:77:12:77:13 | v1 | test.c:75:14:75:16 | & ... | test.c:77:12:77:13 | v1 | Cast from pointer with 1-byte alignment (defined by $@) to pointer with base type short with 2-byte alignment. | test.c:75:14:75:16 | & ... | address-of expression | +| test.c:78:10:78:11 | v1 | test.c:75:14:75:16 | & ... | test.c:78:10:78:11 | v1 | Cast from pointer with 1-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:75:14:75:16 | & ... | address-of expression | +| test.c:79:12:79:13 | v1 | test.c:75:14:75:16 | & ... | test.c:79:12:79:13 | v1 | Cast from pointer with 1-byte alignment (defined by $@) to pointer with base type float with 4-byte alignment. | test.c:75:14:75:16 | & ... | address-of expression | +| test.c:80:11:80:12 | v1 | test.c:75:14:75:16 | & ... | test.c:80:11:80:12 | v1 | Cast from pointer with 1-byte alignment (defined by $@) to pointer with base type long with 8-byte alignment. | test.c:75:14:75:16 | & ... | address-of expression | +| test.c:81:13:81:14 | v1 | test.c:75:14:75:16 | & ... | test.c:81:13:81:14 | v1 | Cast from pointer with 1-byte alignment (defined by $@) to pointer with base type double with 8-byte alignment. | test.c:75:14:75:16 | & ... | address-of expression | +| test.c:87:10:87:11 | v2 | test.c:84:14:84:16 | & ... | test.c:87:10:87:11 | v2 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:84:14:84:16 | & ... | address-of expression | +| test.c:88:12:88:13 | v2 | test.c:84:14:84:16 | & ... | test.c:88:12:88:13 | v2 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type float with 4-byte alignment. | test.c:84:14:84:16 | & ... | address-of expression | +| test.c:89:11:89:12 | v2 | test.c:84:14:84:16 | & ... | test.c:89:11:89:12 | v2 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type long with 8-byte alignment. | test.c:84:14:84:16 | & ... | address-of expression | +| test.c:90:13:90:14 | v2 | test.c:84:14:84:16 | & ... | test.c:90:13:90:14 | v2 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type double with 8-byte alignment. | test.c:84:14:84:16 | & ... | address-of expression | +| test.c:98:11:98:12 | v3 | test.c:93:14:93:16 | & ... | test.c:98:11:98:12 | v3 | Cast from pointer with 4-byte alignment (defined by $@) to pointer with base type long with 8-byte alignment. | test.c:93:14:93:16 | & ... | address-of expression | +| test.c:99:13:99:14 | v3 | test.c:93:14:93:16 | & ... | test.c:99:13:99:14 | v3 | Cast from pointer with 4-byte alignment (defined by $@) to pointer with base type double with 8-byte alignment. | test.c:93:14:93:16 | & ... | address-of expression | +| test.c:107:11:107:12 | v4 | test.c:102:14:102:16 | & ... | test.c:107:11:107:12 | v4 | Cast from pointer with 4-byte alignment (defined by $@) to pointer with base type long with 8-byte alignment. | test.c:102:14:102:16 | & ... | address-of expression | +| test.c:108:13:108:14 | v4 | test.c:102:14:102:16 | & ... | test.c:108:13:108:14 | v4 | Cast from pointer with 4-byte alignment (defined by $@) to pointer with base type double with 8-byte alignment. | test.c:102:14:102:16 | & ... | address-of expression | +| test.c:130:17:130:17 | v | test.c:135:21:135:23 | & ... | test.c:130:17:130:17 | v | Cast from pointer with 1-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:135:21:135:23 | & ... | address-of expression | +| test.c:130:17:130:17 | v | test.c:174:13:174:14 | s2 | test.c:130:17:130:17 | v | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:174:13:174:14 | s2 | pointer base type | +| test.c:130:17:130:17 | v | test.c:179:13:179:14 | s3 | test.c:130:17:130:17 | v | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:179:13:179:14 | s3 | pointer base type | +| test.c:130:17:130:17 | v | test.c:189:14:189:26 | call to aligned_alloc | test.c:130:17:130:17 | v | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:189:14:189:26 | call to aligned_alloc | call to aligned_alloc | +| test.c:158:13:158:20 | & ... | test.c:158:13:158:20 | & ... | test.c:158:13:158:20 | & ... | Cast from pointer with 1-byte alignment (defined by $@) to pointer with base type unsigned long with 8-byte alignment. | test.c:158:13:158:20 | & ... | address-of expression | +| test.c:162:16:162:18 | & ... | test.c:162:16:162:18 | & ... | test.c:162:16:162:18 | & ... | Cast from pointer with 8-byte alignment (defined by $@) to pointer with base type S3 with 64-byte alignment. | test.c:162:16:162:18 | & ... | address-of expression | +| test.c:168:16:168:18 | & ... | test.c:166:24:166:29 | call to malloc | test.c:168:16:168:18 | & ... | Cast from pointer with 16-byte alignment (defined by $@) to pointer with base type S3 with 64-byte alignment. | test.c:166:24:166:29 | call to malloc | call to malloc | +| test.c:168:16:168:18 | & ... | test.c:168:16:168:18 | & ... | test.c:168:16:168:18 | & ... | Cast from pointer with 8-byte alignment (defined by $@) to pointer with base type S3 with 64-byte alignment. | test.c:168:16:168:18 | & ... | address-of expression | +| test.c:186:13:186:14 | v1 | test.c:183:14:183:26 | call to aligned_alloc | test.c:186:13:186:14 | v1 | Cast from pointer with 4-byte alignment (defined by $@) to pointer with base type unsigned long with 8-byte alignment. | test.c:183:14:183:26 | call to aligned_alloc | call to aligned_alloc | +| test.c:216:10:216:11 | p2 | test.c:216:10:216:11 | p2 | test.c:216:10:216:11 | p2 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:216:10:216:11 | p2 | pointer base type | +| test.c:217:11:217:12 | p2 | test.c:217:11:217:12 | p2 | test.c:217:11:217:12 | p2 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type long with 8-byte alignment. | test.c:217:11:217:12 | p2 | pointer base type | +| test.c:218:12:218:13 | p2 | test.c:218:12:218:13 | p2 | test.c:218:12:218:13 | p2 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type float with 4-byte alignment. | test.c:218:12:218:13 | p2 | pointer base type | +| test.c:219:13:219:14 | p2 | test.c:219:13:219:14 | p2 | test.c:219:13:219:14 | p2 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type double with 8-byte alignment. | test.c:219:13:219:14 | p2 | pointer base type | +| test.c:225:10:225:11 | v1 | test.c:222:8:222:9 | p2 | test.c:225:10:225:11 | v1 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:222:8:222:9 | p2 | pointer base type | +| test.c:226:12:226:13 | v1 | test.c:222:8:222:9 | p2 | test.c:226:12:226:13 | v1 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type float with 4-byte alignment. | test.c:222:8:222:9 | p2 | pointer base type | +| test.c:227:11:227:12 | v1 | test.c:222:8:222:9 | p2 | test.c:227:11:227:12 | v1 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type long with 8-byte alignment. | test.c:222:8:222:9 | p2 | pointer base type | +| test.c:228:13:228:14 | v1 | test.c:222:8:222:9 | p2 | test.c:228:13:228:14 | v1 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type double with 8-byte alignment. | test.c:222:8:222:9 | p2 | pointer base type | diff --git a/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.qlref b/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.qlref new file mode 100644 index 0000000000..9e655176f7 --- /dev/null +++ b/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.qlref @@ -0,0 +1 @@ +rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql \ No newline at end of file diff --git a/c/cert/test/rules/EXP36-C/test.c b/c/cert/test/rules/EXP36-C/test.c index 7f4230ffa1..b32e2ab80f 100644 --- a/c/cert/test/rules/EXP36-C/test.c +++ b/c/cert/test/rules/EXP36-C/test.c @@ -1,5 +1,6 @@ #include #include +#include void test_direct_cast_alignment() { char c1 = 1; // assuming 1-byte alignment @@ -15,16 +16,16 @@ void test_direct_cast_alignment() { (short *)&s1; // COMPLIANT (int *)&s1; // NON_COMPLIANT (long *)&s1; // NON_COMPLIANT - (float *)&c1; // NON_COMPLIANT - (double *)&c1; // NON_COMPLIANT + (float *)&s1; // NON_COMPLIANT + (double *)&s1; // NON_COMPLIANT int i1 = 1; // assuming 4-byte alignment (char *)&i1; // COMPLIANT (short *)&i1; // COMPLIANT (int *)&i1; // COMPLIANT - (float *)&c1; // COMPLIANT + (float *)&i1; // COMPLIANT (long *)&i1; // NON_COMPLIANT - assuming 8 byte alignment for longs - (double *)&c1; // NON_COMPLIANT + (double *)&i1; // NON_COMPLIANT float f1 = 1; // assuming 4-byte alignment (char *)&f1; // COMPLIANT @@ -38,9 +39,9 @@ void test_direct_cast_alignment() { (char *)&l1; // COMPLIANT (short *)&l1; // COMPLIANT (int *)&l1; // COMPLIANT - (float *)&c1; // COMPLIANT + (float *)&l1; // COMPLIANT (long *)&l1; // COMPLIANT - (double *)&c1; // COMPLIANT + (double *)&l1; // COMPLIANT double d1 = 1; // assuming 8-byte alignment (char *)&d1; // COMPLIANT @@ -65,11 +66,11 @@ void custom_aligned_types() { (short *)&c2; // COMPLIANT (int *)&c2; // COMPLIANT (float *)&c2; // COMPLIANT - (long *)&c2; // NON_COMPLIANT - (double *)&c2; // NON_COMPLIANT + (long *)&c2; // COMPLIANT + (double *)&c2; // COMPLIANT } -void test_via_void_direct() { +void test_via_void_ptr_var_direct() { char c1 = 1; void *v1 = &c1; (char *)v1; // COMPLIANT @@ -92,7 +93,7 @@ void test_via_void_direct() { void *v3 = &i1; (char *)v3; // COMPLIANT (short *)v3; // COMPLIANT - (int *)v3; // COMPLIAN + (int *)v3; // COMPLIANT (float *)v3; // COMPLIANT (long *)v3; // NON_COMPLIANT - assuming 8 byte alignment for longs (double *)v3; // NON_COMPLIANT - but only on x64 @@ -131,10 +132,10 @@ int *cast_away(void *v) { void test_via_void_indirect() { char c1 = 1; - cast_away((void *)c1); // NON_COMPLIANT + cast_away((void *)&c1); // NON_COMPLIANT int i1 = 1; - cast_away((void *)i1); // COMPLIANT + cast_away((void *)&i1); // COMPLIANT } struct S1 { @@ -147,10 +148,82 @@ struct S2 { alignas(size_t) unsigned char data[8]; }; +struct S3 { + char c1; + alignas(64) unsigned char data[8]; +}; + void test_struct_alignment() { - S1 s1; + struct S1 s1; (size_t *)&s1.data; // NON_COMPLIANT - S2 s2; + struct S2 s2; (size_t *)&s2.data; // COMPLIANT + (struct S3 *)&s2; // NON_COMPLIANT +} + +void test_malloc_alignment_and_pointer_arithmetic() { + short *s1 = (short *)malloc(64); + (size_t *)&s1; // COMPLIANT + (struct S3 *)&s1; // NON_COMPLIANT - over-aligned struct + cast_away(s1); // COMPLIANT + + short *s2 = s1 + 1; + (size_t *)&s2; // NON_COMPLIANT[FALSE_NEGATIVE] + (char *)&s2; // COMPLIANT + cast_away(s2); // NON_COMPLIANT + + short *s3 = &s1[1]; + (size_t *)&s3; // NON_COMPLIANT[FALSE_NEGATIVE] + (char *)&s3; // COMPLIANT + cast_away(s3); // NON_COMPLIANT +} + +void test_aligned_alloc_alignment() { + void *v1 = aligned_alloc(4, 8); + (char *)v1; // COMPLIANT + (int *)v1; // COMPLIANT + (size_t *)v1; // NON_COMPLIANT + cast_away(v1); // COMPLIANT + + void *v2 = aligned_alloc(2, 8); + cast_away(v2); // NON_COMPLIANT +} + +void test_standalone_pointer_cast_alignment(void *p1, short *p2) { + void *v1; + + // void* direct + (char *)p1; // COMPLIANT + (short *)p1; // COMPLIANT + (int *)p1; // COMPLIANT + (float *)p1; // COMPLIANT + (long *)p1; // COMPLIANT + (double *)p1; // COMPLIANT + + // void* indirect via void* + v1 = p1; // COMPLIANT + (char *)v1; // COMPLIANT + (short *)v1; // COMPLIANT + (int *)v1; // COMPLIANT + (float *)v1; // COMPLIANT + (long *)v1; // COMPLIANT + (double *)v1; // COMPLIANT + + // short* direct + (char *)p2; // COMPLIANT + (short *)p2; // COMPLIANT + (int *)p2; // NON_COMPLIANT + (long *)p2; // NON_COMPLIANT + (float *)p2; // NON_COMPLIANT + (double *)p2; // NON_COMPLIANT + + // short* indirect via void* + v1 = p2; // COMPLIANT + (char *)v1; // COMPLIANT + (short *)v1; // COMPLIANT + (int *)v1; // NON_COMPLIANT + (float *)v1; // NON_COMPLIANT + (long *)v1; // NON_COMPLIANT + (double *)v1; // NON_COMPLIANT } \ No newline at end of file diff --git a/cpp/cert/src/rules/MEM57-CPP/UsingDefaultOperatorNewForOverAlignedTypes.ql b/cpp/cert/src/rules/MEM57-CPP/UsingDefaultOperatorNewForOverAlignedTypes.ql index d0210791d4..8fc33f8457 100644 --- a/cpp/cert/src/rules/MEM57-CPP/UsingDefaultOperatorNewForOverAlignedTypes.ql +++ b/cpp/cert/src/rules/MEM57-CPP/UsingDefaultOperatorNewForOverAlignedTypes.ql @@ -14,26 +14,7 @@ import cpp import codingstandards.cpp.cert - -/* - * In theory each compilation of each file can have a different `max_align_t` value (for example, - * if the same file is compiled under different compilers in the same database). We don't have the - * fine-grained data to determine which compilation each operator new call is from, so we instead - * report only in cases where there's a single clear alignment for the whole database. - */ - -class MaxAlignT extends TypedefType { - MaxAlignT() { getName() = "max_align_t" } -} - -/** - * Gets the alignment for `max_align_t`, assuming there is a single consistent alignment for the - * database. - */ -int getGlobalMaxAlignT() { - count(MaxAlignT m | | m.getAlignment()) = 1 and - result = any(MaxAlignT t).getAlignment() -} +import codingstandards.cpp.Alignment from NewOrNewArrayExpr newExpr, Type overAlignedType where diff --git a/cpp/common/src/codingstandards/cpp/Alignment.qll b/cpp/common/src/codingstandards/cpp/Alignment.qll new file mode 100644 index 0000000000..c254d7909a --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/Alignment.qll @@ -0,0 +1,25 @@ +/** + * Provides a library with additional modeling for C and C++ memory alignment constructs. + */ + +import cpp + +/* + * In theory each compilation of each file can have a different `max_align_t` value (for example, + * if the same file is compiled under different compilers in the same database). We don't have the + * fine-grained data to determine which compilation each operator new call is from, so we instead + * report only in cases where there's a single clear alignment for the whole database. + */ + +class MaxAlignT extends TypedefType { + MaxAlignT() { getName() = "max_align_t" } +} + +/** + * Gets the alignment for `max_align_t`, assuming there is a single consistent alignment for the + * database. + */ +int getGlobalMaxAlignT() { + count(MaxAlignT m | | m.getAlignment()) = 1 and + result = any(MaxAlignT t).getAlignment() +} From d483c3c1e6894a3fa47d26cd355879c1e8355f59 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Thu, 17 Nov 2022 14:08:43 +0100 Subject: [PATCH 0112/2573] Update EXP32-C query and test --- ...sVolatileObjectWithNonVolatileReference.ql | 68 +++++++++++-------- ...ileObjectWithNonVolatileReference.expected | 5 +- c/cert/test/rules/EXP32-C/test.c | 7 ++ 3 files changed, 48 insertions(+), 32 deletions(-) diff --git a/c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.ql b/c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.ql index fe6acfb44b..346cd41621 100644 --- a/c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.ql +++ b/c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.ql @@ -13,16 +13,36 @@ import cpp import codingstandards.c.cert +import semmle.code.cpp.controlflow.Dereferenced +import semmle.code.cpp.controlflow.StackVariableReachability + +abstract class UndefinedVolatilePointerExpr extends Expr { + abstract string getMessage(); +} + +/** + * Gets the depth of a pointer's base type's volatile qualifier + */ +int getAVolatileDepth(PointerType pt) { + pt.getBaseType().isVolatile() and result = 1 + or + result = getAVolatileDepth(pt.getBaseType()) + 1 +} /** * A `Cast` which converts from a pointer to a volatile-qualified type * to a pointer to a non-volatile-qualified type. */ -class CastFromVolatileToNonVolatileBaseType extends Cast { +class CastFromVolatileToNonVolatileBaseType extends Cast, UndefinedVolatilePointerExpr { CastFromVolatileToNonVolatileBaseType() { - this.getExpr().getType().(PointerType).getBaseType*().isVolatile() and - this.getActualType() instanceof PointerType and - not this.getActualType().(PointerType).getBaseType*().isVolatile() + exists(int i | + i = getAVolatileDepth(this.getExpr().getType()) and + not i = getAVolatileDepth(this.getActualType()) + ) + } + + override string getMessage() { + result = "Cast of object with a volatile-qualified type to a non-volatile-qualified type." } } @@ -30,36 +50,24 @@ class CastFromVolatileToNonVolatileBaseType extends Cast { * An `AssignExpr` with an *lvalue* that is a pointer to a volatile base type and * and *rvalue* that is not also a pointer to a volatile base type. */ -class NonVolatileObjectAssignedToVolatilePointer extends AssignExpr { +class NonVolatileObjectAssignedToVolatilePointer extends AssignExpr, UndefinedVolatilePointerExpr { NonVolatileObjectAssignedToVolatilePointer() { - this.getLValue().getType().(DerivedType).getBaseType*().isVolatile() and - not this.getRValue().getUnconverted().getType().(DerivedType).getBaseType*().isVolatile() + exists(int i | + not i = getAVolatileDepth(this.getRValue().getType()) and + i = getAVolatileDepth(this.getLValue().(VariableAccess).getTarget().getType()) + ) and + exists(VariableAccess va | + va = this.getRValue().getAChild*().(VariableAccess).getTarget().getAnAccess() and + this.getASuccessor+() = va + ) } - /** - * All `VariableAccess` expressions which are transitive successors of - * this `Expr` and which access the variable accessed in the *rvalue* of this `Expr` - */ - Expr getASubsequentAccessOfAssignedObject() { + override string getMessage() { result = - any(VariableAccess va | - va = this.getRValue().getAChild*().(VariableAccess).getTarget().getAnAccess() and - this.getASuccessor+() = va - | - va - ) + "Assignment indicates a volatile object, but a later access of the object occurs via a non-volatile pointer." } } -from Expr e, string message -where - not isExcluded(e, Pointers3Package::doNotAccessVolatileObjectWithNonVolatileReferenceQuery()) and - ( - e instanceof CastFromVolatileToNonVolatileBaseType and - message = "Cast of object with a volatile-qualified type to a non-volatile-qualified type." - or - exists(e.(NonVolatileObjectAssignedToVolatilePointer).getASubsequentAccessOfAssignedObject()) and - message = - "Non-volatile object referenced via pointer to volatile type and later accessed via its original object of a non-volatile-qualified type." - ) -select e, message +from UndefinedVolatilePointerExpr e +where not isExcluded(e, Pointers3Package::doNotAccessVolatileObjectWithNonVolatileReferenceQuery()) +select e, e.getMessage() diff --git a/c/cert/test/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.expected b/c/cert/test/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.expected index d8fd01bbae..f5ea6e8d4b 100644 --- a/c/cert/test/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.expected +++ b/c/cert/test/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.expected @@ -1,4 +1,5 @@ | test.c:5:13:5:21 | (int *)... | Cast of object with a volatile-qualified type to a non-volatile-qualified type. | | test.c:6:13:6:31 | (int *)... | Cast of object with a volatile-qualified type to a non-volatile-qualified type. | -| test.c:14:3:14:55 | ... = ... | Non-volatile object referenced via pointer to volatile type and later accessed via its original object of a non-volatile-qualified type. | -| test.c:24:3:25:36 | ... = ... | Non-volatile object referenced via pointer to volatile type and later accessed via its original object of a non-volatile-qualified type. | +| test.c:14:3:14:55 | ... = ... | Assignment indicates a volatile object, but a later access of the object occurs via a non-volatile pointer. | +| test.c:24:3:25:36 | ... = ... | Assignment indicates a volatile object, but a later access of the object occurs via a non-volatile pointer. | +| test.c:42:24:42:41 | (int *)... | Cast of object with a volatile-qualified type to a non-volatile-qualified type. | diff --git a/c/cert/test/rules/EXP32-C/test.c b/c/cert/test/rules/EXP32-C/test.c index d9b07ac84d..5a688848a4 100644 --- a/c/cert/test/rules/EXP32-C/test.c +++ b/c/cert/test/rules/EXP32-C/test.c @@ -35,4 +35,11 @@ void test_volatile_not_lost_by_assignment_and_cast() { compliant_pointer_to_pointer = &compliant_pointer; // COMPLIANT *compliant_pointer_to_pointer = &val; *compliant_pointer; // Volatile object is accessed through a volatile pointer +} + +void test_volatile_lost_by_assignment_and_cast_2() { + volatile int *ptr = 0; + int *volatile ptr2 = (int *volatile)ptr; // NON_COMPLIANT + *ptr2; // Volatile object dereferenced through volatile pointer to + // non-volatile object } \ No newline at end of file From 6733786321af7a09079485c01d5c97a137e667b5 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Thu, 17 Nov 2022 14:10:36 +0100 Subject: [PATCH 0113/2573] Add comments to EXP32-C query --- .../DoNotAccessVolatileObjectWithNonVolatileReference.ql | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.ql b/c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.ql index 346cd41621..0bc200bf5e 100644 --- a/c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.ql +++ b/c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.ql @@ -16,7 +16,13 @@ import codingstandards.c.cert import semmle.code.cpp.controlflow.Dereferenced import semmle.code.cpp.controlflow.StackVariableReachability +/** + * An expression involving volatile-qualified types that results in undefined behavior. + */ abstract class UndefinedVolatilePointerExpr extends Expr { + /** + * Gets a descriptive string describing the type of expression and undefined behavior. + */ abstract string getMessage(); } From a15708955de16c9f62638842b6e2aaafdb5a0d37 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Thu, 17 Nov 2022 14:20:52 +0100 Subject: [PATCH 0114/2573] Add comments and implementation scope for EXP32-C --- .../DoNotAccessVolatileObjectWithNonVolatileReference.ql | 8 ++++++-- rule_packages/c/Pointers3.json | 5 ++++- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.ql b/c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.ql index 0bc200bf5e..407561f532 100644 --- a/c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.ql +++ b/c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.ql @@ -14,7 +14,6 @@ import cpp import codingstandards.c.cert import semmle.code.cpp.controlflow.Dereferenced -import semmle.code.cpp.controlflow.StackVariableReachability /** * An expression involving volatile-qualified types that results in undefined behavior. @@ -62,9 +61,14 @@ class NonVolatileObjectAssignedToVolatilePointer extends AssignExpr, UndefinedVo not i = getAVolatileDepth(this.getRValue().getType()) and i = getAVolatileDepth(this.getLValue().(VariableAccess).getTarget().getType()) ) and + // Checks for subsequent accesses to the underlying object via the original non-volatile + // pointer assigned to the volatile pointer. This heuristic can cause false-positives + // in certain instances which require more advanced reachability analysis, e.g. loops and scope + // considerations that this simple forward traversal of the control-flow graph does not account for. exists(VariableAccess va | va = this.getRValue().getAChild*().(VariableAccess).getTarget().getAnAccess() and - this.getASuccessor+() = va + this.getASuccessor+() = va and + dereferenced(va) ) } diff --git a/rule_packages/c/Pointers3.json b/rule_packages/c/Pointers3.json index e395543690..1e9038ebd7 100644 --- a/rule_packages/c/Pointers3.json +++ b/rule_packages/c/Pointers3.json @@ -14,7 +14,10 @@ "short_name": "DoNotAccessVolatileObjectWithNonVolatileReference", "tags": [ "correctness" - ] + ], + "implementation_scope": { + "description": "In limited cases, this query can raise false-positives for assignment of volatile objects and subsequent accesses of those objects via non-volatile pointers." + } } ], "title": "Do not access a volatile object through a nonvolatile reference" From b601c91b2aa6cb8caac21635f5cc75c02c2d0472 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Thu, 17 Nov 2022 12:44:59 -0500 Subject: [PATCH 0115/2573] Declarations4: refactor RULE-8-3 compatible lib and compatible correctness --- c/misra/src/rules/RULE-8-3/Compatible.qll | 30 ---------------- .../DeclarationsOfAFunctionSameNameAndType.ql | 34 ++++++++++++------- .../DeclarationsOfAnObjectSameNameAndType.ql | 2 +- .../src/codingstandards/cpp/Compatible.qll | 8 +++++ 4 files changed, 30 insertions(+), 44 deletions(-) delete mode 100644 c/misra/src/rules/RULE-8-3/Compatible.qll create mode 100644 cpp/common/src/codingstandards/cpp/Compatible.qll diff --git a/c/misra/src/rules/RULE-8-3/Compatible.qll b/c/misra/src/rules/RULE-8-3/Compatible.qll deleted file mode 100644 index 407e275032..0000000000 --- a/c/misra/src/rules/RULE-8-3/Compatible.qll +++ /dev/null @@ -1,30 +0,0 @@ -import cpp - -/* - * This is a copy of the `arithTypesMatch` predicate from the standard set of - * queries as of the `codeql-cli/2.9.4` tag in `github/codeql`. - */ - -pragma[inline] -predicate arithTypesMatch(Type t1, Type t2) { - t1 = t2 - or - t1.getSize() = t2.getSize() and - ( - t1 instanceof IntegralOrEnumType and - t2 instanceof IntegralOrEnumType - or - t1 instanceof FloatingPointType and - t2 instanceof FloatingPointType - ) -} - -predicate typesCompatible(Type t1, Type t2) { - if t1 instanceof BuiltInType and t2 instanceof BuiltInType - then - //for simple types consider compatible - arithTypesMatch(t1, t2) - else - //otherwise include type qualifiers and typedef names - t1 = t2 -} diff --git a/c/misra/src/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.ql b/c/misra/src/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.ql index 28f17e30d3..f02fb78066 100644 --- a/c/misra/src/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.ql +++ b/c/misra/src/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.ql @@ -13,7 +13,25 @@ import cpp import codingstandards.c.misra -import Compatible +import codingstandards.cpp.Compatible + +predicate parameterTypesIncompatible(FunctionDeclarationEntry f1, FunctionDeclarationEntry f2) { + exists(ParameterDeclarationEntry p1, ParameterDeclarationEntry p2, int i | + p1 = f1.getParameterDeclarationEntry(i) and + p2 = f2.getParameterDeclarationEntry(i) + | + not typesCompatible(p1.getType(), p2.getType()) + ) +} + +predicate parameterNamesIncompatible(FunctionDeclarationEntry f1, FunctionDeclarationEntry f2) { + exists(ParameterDeclarationEntry p1, ParameterDeclarationEntry p2, int i | + p1 = f1.getParameterDeclarationEntry(i) and + p2 = f2.getParameterDeclarationEntry(i) + | + not p1.getName() = p2.getName() + ) +} from FunctionDeclarationEntry f1, FunctionDeclarationEntry f2, string case where @@ -27,21 +45,11 @@ where case = "return type" or //parameter type check - exists(ParameterDeclarationEntry p1, ParameterDeclarationEntry p2, int i | - p1 = f1.getParameterDeclarationEntry(i) and - p2 = f2.getParameterDeclarationEntry(i) - | - not typesCompatible(p1.getType(), p2.getType()) - ) and + parameterTypesIncompatible(f1, f2) and case = "parameter types" or //parameter name check - exists(ParameterDeclarationEntry p1, ParameterDeclarationEntry p2, int i | - p1 = f1.getParameterDeclarationEntry(i) and - p2 = f2.getParameterDeclarationEntry(i) - | - not p1.getName() = p2.getName() - ) and + parameterNamesIncompatible(f1, f2) and case = "parameter names" ) select f1, "The " + case + " of re-declaration of $@ is not compatible with declaration $@", f1, diff --git a/c/misra/src/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.ql b/c/misra/src/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.ql index b1f437c676..03acda6dd7 100644 --- a/c/misra/src/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.ql +++ b/c/misra/src/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.misra -import Compatible +import codingstandards.cpp.Compatible from VariableDeclarationEntry decl1, VariableDeclarationEntry decl2 where diff --git a/cpp/common/src/codingstandards/cpp/Compatible.qll b/cpp/common/src/codingstandards/cpp/Compatible.qll new file mode 100644 index 0000000000..da54da3489 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/Compatible.qll @@ -0,0 +1,8 @@ +import cpp + +predicate typesCompatible(Type t1, Type t2) { + t1 = t2 + or + //signed int is same as int ect + t1.(IntegralType).getCanonicalArithmeticType() = t2.(IntegralType).getCanonicalArithmeticType() +} From 3b4443e27bb6757414219e7d1b70bde536ac7622 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Thu, 17 Nov 2022 13:01:04 -0500 Subject: [PATCH 0116/2573] Declarations4: add RULE-8-4 --- .../DeclarationsOfAFunctionSameNameAndType.ql | 18 ------- .../CompatibleDeclarationFunctionDefined.ql | 50 +++++++++++++++++++ .../CompatibleDeclarationObjectDefined.ql | 38 ++++++++++++++ ...patibleDeclarationFunctionDefined.expected | 2 + ...CompatibleDeclarationFunctionDefined.qlref | 1 + ...ompatibleDeclarationObjectDefined.expected | 3 ++ .../CompatibleDeclarationObjectDefined.qlref | 1 + c/misra/test/rules/RULE-8-4/function1.c | 3 ++ c/misra/test/rules/RULE-8-4/function2.c | 9 ++++ c/misra/test/rules/RULE-8-4/object1.c | 10 ++++ c/misra/test/rules/RULE-8-4/object2.c | 3 ++ c/misra/test/rules/RULE-8-4/test.c | 0 .../src/codingstandards/cpp/Compatible.qll | 18 +++++++ .../cpp/exclusions/c/Declarations4.qll | 32 ++++++++++++ rule_packages/c/Declarations4.json | 42 ++++++++++++++++ rules.csv | 2 +- 16 files changed, 213 insertions(+), 19 deletions(-) create mode 100644 c/misra/src/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.ql create mode 100644 c/misra/src/rules/RULE-8-4/CompatibleDeclarationObjectDefined.ql create mode 100644 c/misra/test/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.expected create mode 100644 c/misra/test/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.qlref create mode 100644 c/misra/test/rules/RULE-8-4/CompatibleDeclarationObjectDefined.expected create mode 100644 c/misra/test/rules/RULE-8-4/CompatibleDeclarationObjectDefined.qlref create mode 100644 c/misra/test/rules/RULE-8-4/function1.c create mode 100644 c/misra/test/rules/RULE-8-4/function2.c create mode 100644 c/misra/test/rules/RULE-8-4/object1.c create mode 100644 c/misra/test/rules/RULE-8-4/object2.c create mode 100644 c/misra/test/rules/RULE-8-4/test.c diff --git a/c/misra/src/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.ql b/c/misra/src/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.ql index f02fb78066..6803af9380 100644 --- a/c/misra/src/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.ql +++ b/c/misra/src/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.ql @@ -15,24 +15,6 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.Compatible -predicate parameterTypesIncompatible(FunctionDeclarationEntry f1, FunctionDeclarationEntry f2) { - exists(ParameterDeclarationEntry p1, ParameterDeclarationEntry p2, int i | - p1 = f1.getParameterDeclarationEntry(i) and - p2 = f2.getParameterDeclarationEntry(i) - | - not typesCompatible(p1.getType(), p2.getType()) - ) -} - -predicate parameterNamesIncompatible(FunctionDeclarationEntry f1, FunctionDeclarationEntry f2) { - exists(ParameterDeclarationEntry p1, ParameterDeclarationEntry p2, int i | - p1 = f1.getParameterDeclarationEntry(i) and - p2 = f2.getParameterDeclarationEntry(i) - | - not p1.getName() = p2.getName() - ) -} - from FunctionDeclarationEntry f1, FunctionDeclarationEntry f2, string case where not isExcluded(f1, Declarations4Package::declarationsOfAFunctionSameNameAndTypeQuery()) and diff --git a/c/misra/src/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.ql b/c/misra/src/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.ql new file mode 100644 index 0000000000..c87e5b556c --- /dev/null +++ b/c/misra/src/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.ql @@ -0,0 +1,50 @@ +/** + * @id c/misra/compatible-declaration-function-defined + * @name RULE-8-4: A compatible declaration shall be visible when a function with external linkage is defined + * @description A compatible declaration shall be visible when a function with external linkage is + * defined, otherwise program behaviour may be undefined. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-8-4 + * readability + * maintainability + * correctness + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.Identifiers +import codingstandards.cpp.Compatible + +from FunctionDeclarationEntry f1 +where + not isExcluded(f1, Declarations4Package::compatibleDeclarationFunctionDefinedQuery()) and + f1.isDefinition() and + f1.getDeclaration() instanceof ExternalIdentifiers and + //no declaration matches exactly + ( + not exists(FunctionDeclarationEntry f2 | + not f2.isDefinition() and + f2.getDeclaration() = f1.getDeclaration() + ) + or + //or one exists that is close but incompatible in some way + exists(FunctionDeclarationEntry f2 | + f1.getName() = f2.getName() and + not f2.isDefinition() and + f2.getDeclaration() = f1.getDeclaration() and + //return types differ + ( + not typesCompatible(f1.getType(), f2.getType()) + or + //parameter types differ + parameterTypesIncompatible(f1, f2) + or + //parameter names differ + parameterNamesIncompatible(f1, f2) + ) + ) + ) +select f1, "No separate compatible declaration found for this definition." diff --git a/c/misra/src/rules/RULE-8-4/CompatibleDeclarationObjectDefined.ql b/c/misra/src/rules/RULE-8-4/CompatibleDeclarationObjectDefined.ql new file mode 100644 index 0000000000..7b0e194afb --- /dev/null +++ b/c/misra/src/rules/RULE-8-4/CompatibleDeclarationObjectDefined.ql @@ -0,0 +1,38 @@ +/** + * @id c/misra/compatible-declaration-object-defined + * @name RULE-8-4: A compatible declaration shall be visible when an object with external linkage is defined + * @description A compatible declaration shall be visible when an object with external linkage is + * defined, otherwise program behaviour may be undefined. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-8-4 + * readability + * maintainability + * correctness + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.Identifiers +import codingstandards.cpp.Compatible + +from VariableDeclarationEntry decl1 +where + not isExcluded(decl1, Declarations4Package::compatibleDeclarationObjectDefinedQuery()) and + decl1.isDefinition() and + decl1.getDeclaration() instanceof ExternalIdentifiers and + ( + //no declaration matches exactly + not exists(VariableDeclarationEntry decl2 | + not decl2.isDefinition() and decl2.getDeclaration() = decl1.getDeclaration() + ) and + //and none is close enough + not exists(VariableDeclarationEntry decl2 | + not decl2.isDefinition() and + decl1.getVariable().getQualifiedName() = decl2.getVariable().getQualifiedName() and + typesCompatible(decl1.getType(), decl2.getType()) + ) + ) +select decl1, "No separate compatible declaration found for this definition." diff --git a/c/misra/test/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.expected b/c/misra/test/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.expected new file mode 100644 index 0000000000..6671f904c2 --- /dev/null +++ b/c/misra/test/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.expected @@ -0,0 +1,2 @@ +| function2.c:5:6:5:7 | definition of f3 | | +| function2.c:7:6:7:7 | definition of f4 | | diff --git a/c/misra/test/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.qlref b/c/misra/test/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.qlref new file mode 100644 index 0000000000..d5c5e458c6 --- /dev/null +++ b/c/misra/test/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.qlref @@ -0,0 +1 @@ +rules/RULE-8-4/CompatibleDeclarationFunctionDefined.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-4/CompatibleDeclarationObjectDefined.expected b/c/misra/test/rules/RULE-8-4/CompatibleDeclarationObjectDefined.expected new file mode 100644 index 0000000000..6655c5d6f7 --- /dev/null +++ b/c/misra/test/rules/RULE-8-4/CompatibleDeclarationObjectDefined.expected @@ -0,0 +1,3 @@ +| object1.c:4:12:4:13 | definition of i1 | No separate compatible declaration found for this definition. | +| object1.c:6:5:6:6 | definition of i2 | No separate compatible declaration found for this definition. | +| object2.c:1:7:1:8 | definition of i3 | No separate compatible declaration found for this definition. | diff --git a/c/misra/test/rules/RULE-8-4/CompatibleDeclarationObjectDefined.qlref b/c/misra/test/rules/RULE-8-4/CompatibleDeclarationObjectDefined.qlref new file mode 100644 index 0000000000..a277016125 --- /dev/null +++ b/c/misra/test/rules/RULE-8-4/CompatibleDeclarationObjectDefined.qlref @@ -0,0 +1 @@ +rules/RULE-8-4/CompatibleDeclarationObjectDefined.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-4/function1.c b/c/misra/test/rules/RULE-8-4/function1.c new file mode 100644 index 0000000000..952b6c7d0e --- /dev/null +++ b/c/misra/test/rules/RULE-8-4/function1.c @@ -0,0 +1,3 @@ +extern void f1(); // COMPLIANT +extern void f2(int x, int y); // COMPLIANT +extern void f3(int x, int y); // NON_COMPLIANT diff --git a/c/misra/test/rules/RULE-8-4/function2.c b/c/misra/test/rules/RULE-8-4/function2.c new file mode 100644 index 0000000000..00c7c28200 --- /dev/null +++ b/c/misra/test/rules/RULE-8-4/function2.c @@ -0,0 +1,9 @@ +void f1() {} // COMPLIANT + +void f2(int x, int y) {} // COMPLIANT + +void f3(short x, int y) {} // NON_COMPLIANT + +void f4() {} // NON_COMPLIANT + +static void f5() {} // COMPLIANT \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-4/object1.c b/c/misra/test/rules/RULE-8-4/object1.c new file mode 100644 index 0000000000..3de20eabcc --- /dev/null +++ b/c/misra/test/rules/RULE-8-4/object1.c @@ -0,0 +1,10 @@ +extern int i; +i = 0; // COMPLIANT + +extern int i1 = 0; // NON_COMPLIANT + +int i2 = 0; // NON_COMPLIANT + +extern int i3; // NON_COMPLIANT + +extern int i4; // COMPLIANT \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-4/object2.c b/c/misra/test/rules/RULE-8-4/object2.c new file mode 100644 index 0000000000..78c5bee421 --- /dev/null +++ b/c/misra/test/rules/RULE-8-4/object2.c @@ -0,0 +1,3 @@ +short i3 = 0; // NON_COMPLIANT + +signed int i4 = 0; // COMPLIANT \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-4/test.c b/c/misra/test/rules/RULE-8-4/test.c new file mode 100644 index 0000000000..e69de29bb2 diff --git a/cpp/common/src/codingstandards/cpp/Compatible.qll b/cpp/common/src/codingstandards/cpp/Compatible.qll index da54da3489..12a53965fe 100644 --- a/cpp/common/src/codingstandards/cpp/Compatible.qll +++ b/cpp/common/src/codingstandards/cpp/Compatible.qll @@ -6,3 +6,21 @@ predicate typesCompatible(Type t1, Type t2) { //signed int is same as int ect t1.(IntegralType).getCanonicalArithmeticType() = t2.(IntegralType).getCanonicalArithmeticType() } + +predicate parameterTypesIncompatible(FunctionDeclarationEntry f1, FunctionDeclarationEntry f2) { + exists(ParameterDeclarationEntry p1, ParameterDeclarationEntry p2, int i | + p1 = f1.getParameterDeclarationEntry(i) and + p2 = f2.getParameterDeclarationEntry(i) + | + not typesCompatible(p1.getType(), p2.getType()) + ) +} + +predicate parameterNamesIncompatible(FunctionDeclarationEntry f1, FunctionDeclarationEntry f2) { + exists(ParameterDeclarationEntry p1, ParameterDeclarationEntry p2, int i | + p1 = f1.getParameterDeclarationEntry(i) and + p2 = f2.getParameterDeclarationEntry(i) + | + not p1.getName() = p2.getName() + ) +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations4.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations4.qll index 97efaccd85..5e2b9d0695 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations4.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations4.qll @@ -7,6 +7,8 @@ newtype Declarations4Query = TFunctionTypesNotInPrototypeFormQuery() or TDeclarationsOfAnObjectSameNameAndTypeQuery() or TDeclarationsOfAFunctionSameNameAndTypeQuery() or + TCompatibleDeclarationObjectDefinedQuery() or + TCompatibleDeclarationFunctionDefinedQuery() or TIdentifierWithExternalLinkageOneDefinitionQuery() predicate isDeclarations4QueryMetadata(Query query, string queryId, string ruleId) { @@ -34,6 +36,22 @@ predicate isDeclarations4QueryMetadata(Query query, string queryId, string ruleI "c/misra/declarations-of-a-function-same-name-and-type" and ruleId = "RULE-8-3" or + query = + // `Query` instance for the `compatibleDeclarationObjectDefined` query + Declarations4Package::compatibleDeclarationObjectDefinedQuery() and + queryId = + // `@id` for the `compatibleDeclarationObjectDefined` query + "c/misra/compatible-declaration-object-defined" and + ruleId = "RULE-8-4" + or + query = + // `Query` instance for the `compatibleDeclarationFunctionDefined` query + Declarations4Package::compatibleDeclarationFunctionDefinedQuery() and + queryId = + // `@id` for the `compatibleDeclarationFunctionDefined` query + "c/misra/compatible-declaration-function-defined" and + ruleId = "RULE-8-4" + or query = // `Query` instance for the `identifierWithExternalLinkageOneDefinition` query Declarations4Package::identifierWithExternalLinkageOneDefinitionQuery() and @@ -65,6 +83,20 @@ module Declarations4Package { TQueryC(TDeclarations4PackageQuery(TDeclarationsOfAFunctionSameNameAndTypeQuery())) } + Query compatibleDeclarationObjectDefinedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `compatibleDeclarationObjectDefined` query + TQueryC(TDeclarations4PackageQuery(TCompatibleDeclarationObjectDefinedQuery())) + } + + Query compatibleDeclarationFunctionDefinedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `compatibleDeclarationFunctionDefined` query + TQueryC(TDeclarations4PackageQuery(TCompatibleDeclarationFunctionDefinedQuery())) + } + Query identifierWithExternalLinkageOneDefinitionQuery() { //autogenerate `Query` type result = diff --git a/rule_packages/c/Declarations4.json b/rule_packages/c/Declarations4.json index cb232061ab..7b7a546d9a 100644 --- a/rule_packages/c/Declarations4.json +++ b/rule_packages/c/Declarations4.json @@ -53,6 +53,48 @@ ], "title": "All declarations of an object or function shall use the same names and type qualifiers" }, + "RULE-8-4": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "A compatible declaration shall be visible when an object with external linkage is defined, otherwise program behaviour may be undefined.", + "kind": "problem", + "name": "A compatible declaration shall be visible when an object with external linkage is defined", + "precision": "very-high", + "severity": "error", + "short_name": "CompatibleDeclarationObjectDefined", + "tags": [ + "readability", + "maintainability", + "correctness" + ], + "implementation_scope": { + "description": "This query does not check for the recommendation of declarations in headers.", + "items": [] + } + }, + { + "description": "A compatible declaration shall be visible when a function with external linkage is defined, otherwise program behaviour may be undefined.", + "kind": "problem", + "name": "A compatible declaration shall be visible when a function with external linkage is defined", + "precision": "very-high", + "severity": "error", + "short_name": "CompatibleDeclarationFunctionDefined", + "tags": [ + "readability", + "maintainability", + "correctness" + ], + "implementation_scope": { + "description": "This query does not check for the recommendation of declarations in headers.", + "items": [] + } + } + ], + "title": "A compatible declaration shall be visible when an object or function with external linkage is defined" + }, "RULE-8-6": { "properties": { "obligation": "required" diff --git a/rules.csv b/rules.csv index d8749687d7..f6adf0d196 100644 --- a/rules.csv +++ b/rules.csv @@ -649,7 +649,7 @@ c,MISRA-C-2012,RULE-7-4,Yes,Required,,,A string literal shall not be assigned to c,MISRA-C-2012,RULE-8-1,Yes,Required,,,Types shall be explicitly specified,,Declarations3,Medium, c,MISRA-C-2012,RULE-8-2,Yes,Required,,,Function types shall be in prototype form with named parameters,,Declarations4,Medium, c,MISRA-C-2012,RULE-8-3,Yes,Required,,,All declarations of an object or function shall use the same names and type qualifiers,M3-2-1,Declarations4,Medium, -c,MISRA-C-2012,RULE-8-4,Yes,Required,,,A compatible declaration shall be visible when an object or function with external linkage is defined,,Declarations,Medium, +c,MISRA-C-2012,RULE-8-4,Yes,Required,,,A compatible declaration shall be visible when an object or function with external linkage is defined,,Declarations4,Medium, c,MISRA-C-2012,RULE-8-5,Yes,Required,,,An external object or function shall be declared once in one and only one file,,Declarations,Medium, c,MISRA-C-2012,RULE-8-6,Yes,Required,,,An identifier with external linkage shall have exactly one external definition,M3-2-4,Declarations4,Import, c,MISRA-C-2012,RULE-8-7,Yes,Advisory,,,Functions and objects should not be defined with external linkage if they are referenced in only one translation unit,,Declarations,Medium, From d266292d7c69a212dd5c0d7f7770984de928c080 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Thu, 17 Nov 2022 14:14:08 -0500 Subject: [PATCH 0117/2573] Fix rules.csv accidental revert for rule --- rules.csv | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rules.csv b/rules.csv index b10e97a9ba..7b283db8b0 100644 --- a/rules.csv +++ b/rules.csv @@ -610,7 +610,7 @@ c,MISRA-C-2012,DIR-4-5,Yes,Advisory,,,Identifiers in the same name space with ov c,MISRA-C-2012,DIR-4-6,Yes,Advisory,,,typedefs that indicate size and signedness should be used in place of the basic numerical types,,Types,Hard, c,MISRA-C-2012,DIR-4-7,Yes,Required,,,"If a function returns error information, then that error information shall be tested",M0-3-2,Contracts,Import, c,MISRA-C-2012,DIR-4-8,Yes,Advisory,,,"If a pointer to a structure or union is never dereferenced within a translation unit, then the implementation of the object should be hidden",,Pointers1,Medium, -c,MISRA-C-2012,DIR-4-9,Yes,Advisory,,,A function should be used in preference to a function-like macro where they are interchangeable,,Preprocessor,Medium, +c,MISRA-C-2012,DIR-4-9,Yes,Advisory,,,A function should be used in preference to a function-like macro where they are interchangeable,,Preprocessor6,Medium,Audit c,MISRA-C-2012,DIR-4-10,Yes,Required,,,Precautions shall be taken in order to prevent the contents of a header file being included more than once,M16-2-3,Preprocessor2,Medium, c,MISRA-C-2012,DIR-4-11,Yes,Required,,,The validity of values passed to library functions shall be checked,,Contracts,Hard, c,MISRA-C-2012,DIR-4-12,Yes,Required,,,Dynamic memory allocation shall not be used,,Banned,Medium, From 03bac50cbf5d93c770b02d5c320d6d60d0b765b9 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Thu, 17 Nov 2022 18:34:41 +0100 Subject: [PATCH 0118/2573] Update EXP36-C query and test --- ...PointerToMoreStrictlyAlignedPointerType.ql | 113 ++++++++++-------- ...rToMoreStrictlyAlignedPointerType.expected | 82 ++++++------- c/cert/test/rules/EXP36-C/test.c | 37 +++++- 3 files changed, 132 insertions(+), 100 deletions(-) diff --git a/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql b/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql index b1c2b6e305..32579dd250 100644 --- a/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql +++ b/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql @@ -15,6 +15,7 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.Alignment import semmle.code.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow2 import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis import DataFlow::PathGraph @@ -40,14 +41,14 @@ abstract class ExprWithAlignment extends Expr { class AddressOfAlignedVariableExpr extends AddressOfExpr, ExprWithAlignment { AddressOfAlignedVariableExpr() { this.getAddressable() instanceof Variable } - AlignAs alignAsAttribute() { result = this.getAddressable().(Variable).getAnAttribute() } + AlignAs getAlignAsAttribute() { result = this.getAddressable().(Variable).getAnAttribute() } override int getAlignment() { - result = alignAsAttribute().getArgument(0).getValueInt() + result = getAlignAsAttribute().getArgument(0).getValueInt() or - result = alignAsAttribute().getArgument(0).getValueType().getSize() + result = getAlignAsAttribute().getArgument(0).getValueType().getSize() or - not exists(alignAsAttribute()) and + not exists(getAlignAsAttribute()) and result = this.getAddressable().(Variable).getType().getAlignment() } @@ -76,40 +77,35 @@ class DefinedAlignmentAllocationExpr extends FunctionCall, ExprWithAlignment { } /** - * A class extending `VariableAccess` and `ExprWithAlignment` to reason about the - * alignment of pointers accessed based solely on the pointers' base types. + * An `Expr` of type `PointerType` but not `VoidPointerType` + * which is the unique non-`Conversion` expression of a `Cast`. */ -class DefaultAlignedPointerAccessExpr extends VariableAccess, ExprWithAlignment { - DefaultAlignedPointerAccessExpr() { - this.getTarget().getUnspecifiedType() instanceof PointerType and - not this.getTarget().getUnspecifiedType() instanceof VoidPointerType - } - - override int getAlignment() { - result = this.getTarget().getType().(PointerType).getBaseType().getAlignment() +class UnconvertedCastFromNonVoidPointerExpr extends Expr { + UnconvertedCastFromNonVoidPointerExpr() { + exists(CStyleCast cast | + cast.getUnconverted() = this and + this.getUnspecifiedType() instanceof PointerType and + not this.getUnspecifiedType() instanceof VoidPointerType + ) } - - override string getKind() { result = "pointer base type" } } /** - * A data-flow configuration for analysing the flow of `ExprWithAlignment` pointer expressions - * to casts which perform pointer type conversions and potentially create pointer alignment issues. + * A class extending `UnconvertedCastFromNonVoidPointerExpr` and `ExprWithAlignment` to reason + * about the alignment of pointers accessed based solely on the pointers' base types. */ -class ExprWithAlignmentToCStyleCastConfiguration extends DataFlow::Configuration { - ExprWithAlignmentToCStyleCastConfiguration() { - this = "ExprWithAlignmentToCStyleCastConfiguration" +class DefaultAlignedPointerExpr extends UnconvertedCastFromNonVoidPointerExpr, ExprWithAlignment { + DefaultAlignedPointerExpr() { + not any(AllocationOrAddressOfExprToUnconvertedCastFromNonVoidPointerExprConfig config) + .hasFlowTo(DataFlow::exprNode(this)) } - override predicate isSource(DataFlow::Node source) { - source.asExpr() instanceof ExprWithAlignment - } + override int getAlignment() { result = this.getType().(PointerType).getBaseType().getAlignment() } - override predicate isSink(DataFlow::Node sink) { - exists(CStyleCast cast | - cast.getUnderlyingType() instanceof PointerType and - cast.getUnconverted() = sink.asExpr() - ) + override string getKind() { + result = + "pointer base type " + + this.getType().(PointerType).getBaseType().getUnspecifiedType().getName() } } @@ -122,9 +118,9 @@ class ExprWithAlignmentToCStyleCastConfiguration extends DataFlow::Configuration * to exclude an `DefaultAlignedPointerAccessExpr` as a source if a preceding source * defined by this configuration provides more accurate alignment information. */ -class AllocationOrAddressOfExprToDefaultAlignedPointerAccessConfig extends DataFlow::Configuration { - AllocationOrAddressOfExprToDefaultAlignedPointerAccessConfig() { - this = "AllocationOrAddressOfExprToDefaultAlignedPointerAccessConfig" +class AllocationOrAddressOfExprToUnconvertedCastFromNonVoidPointerExprConfig extends DataFlow2::Configuration { + AllocationOrAddressOfExprToUnconvertedCastFromNonVoidPointerExprConfig() { + this = "AllocationOrAddressOfExprToUnconvertedCastFromNonVoidPointerExprConfig" } override predicate isSource(DataFlow::Node source) { @@ -133,7 +129,42 @@ class AllocationOrAddressOfExprToDefaultAlignedPointerAccessConfig extends DataF } override predicate isSink(DataFlow::Node sink) { - sink.asExpr() instanceof DefaultAlignedPointerAccessExpr + sink.asExpr() instanceof UnconvertedCastFromNonVoidPointerExpr + } +} + +/** + * A data-flow configuration for analysing the flow of `ExprWithAlignment` pointer expressions + * to casts which perform pointer type conversions and potentially create pointer alignment issues. + */ +class ExprWithAlignmentToCStyleCastConfiguration extends DataFlow::Configuration { + ExprWithAlignmentToCStyleCastConfiguration() { + this = "ExprWithAlignmentToCStyleCastConfiguration" + } + + override predicate isSource(DataFlow::Node source) { + source.asExpr() instanceof ExprWithAlignment + } + + override predicate isSink(DataFlow::Node sink) { + exists(CStyleCast cast | + cast.getUnderlyingType() instanceof PointerType and + cast.getUnconverted() = sink.asExpr() + ) + } + + override predicate isBarrierOut(DataFlow::Node node) { + // the default interprocedural data-flow model flows through any array assignment expressions + // to the qualifier (array base or pointer dereferenced) instead of the individual element + // that the assignment modifies. this default behaviour causes false positives for any future + // cast of the array base, so remove the assignment edge at the expense of false-negatives. + exists(AssignExpr a | + node.asExpr() = a.getRValue() and + ( + a.getLValue() instanceof ArrayExpr or + a.getLValue() instanceof PointerDereferenceExpr + ) + ) } } @@ -145,24 +176,10 @@ where any(ExprWithAlignmentToCStyleCastConfiguration config).hasFlowPath(source, sink) and source.getNode().asExpr() = expr and sink.getNode().asExpr() = cast.getUnconverted() and - ( - // possibility 1: the source node (ExprWithAlignment) is NOT a DefaultAlignedPointerAccessExpr - // meaning that its alignment info is accurate regardless of any preceding ExprWithAlignment nodes - expr instanceof DefaultAlignedPointerAccessExpr - implies - ( - // possibility 2: the source node (ExprWithAlignment) IS a DefaultAlignedPointerAccessExpr - // meaning that its alignment info is only accurate if no preceding ExprWithAlignment nodes exist - not any(AllocationOrAddressOfExprToDefaultAlignedPointerAccessConfig config) - .hasFlowTo(source.getNode()) and - expr instanceof DefaultAlignedPointerAccessExpr and - cast.getUnconverted() instanceof VariableAccess - ) - ) and toBaseType = cast.getActualType().(PointerType).getBaseType() and alignmentTo = toBaseType.getAlignment() and alignmentFrom = expr.getAlignment() and - // only flag cases where the cast's target type has stricter alignment requirements than the source + // flag cases where the cast's target type has stricter alignment requirements than the source alignmentFrom < alignmentTo select sink, source, sink, "Cast from pointer with " + alignmentFrom + diff --git a/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected b/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected index e523be08fb..b70d88fe3f 100644 --- a/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected +++ b/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected @@ -35,32 +35,15 @@ edges | test.c:120:14:120:16 | & ... | test.c:124:12:124:13 | v6 | | test.c:120:14:120:16 | & ... | test.c:125:11:125:12 | v6 | | test.c:120:14:120:16 | & ... | test.c:126:13:126:14 | v6 | -| test.c:129:22:129:22 | v | test.c:129:22:129:22 | v | | test.c:129:22:129:22 | v | test.c:130:17:130:17 | v | | test.c:135:21:135:23 | & ... | test.c:129:22:129:22 | v | | test.c:138:21:138:23 | & ... | test.c:129:22:129:22 | v | | test.c:166:24:166:29 | call to malloc | test.c:167:13:167:15 | & ... | -| test.c:166:24:166:29 | call to malloc | test.c:167:14:167:15 | s1 | | test.c:166:24:166:29 | call to malloc | test.c:168:16:168:18 | & ... | -| test.c:166:24:166:29 | call to malloc | test.c:168:17:168:18 | s1 | | test.c:166:24:166:29 | call to malloc | test.c:169:13:169:14 | s1 | | test.c:166:24:166:29 | call to malloc | test.c:169:13:169:14 | s1 | -| test.c:166:24:166:29 | call to malloc | test.c:169:13:169:14 | s1 | -| test.c:166:24:166:29 | call to malloc | test.c:169:13:169:14 | s1 | -| test.c:166:24:166:29 | call to malloc | test.c:171:15:171:16 | s1 | -| test.c:166:24:166:29 | call to malloc | test.c:176:16:176:17 | s1 | -| test.c:167:14:167:15 | s1 | test.c:167:13:167:15 | & ... | -| test.c:168:17:168:18 | s1 | test.c:168:16:168:18 | & ... | -| test.c:169:13:169:14 | ref arg s1 | test.c:171:15:171:16 | s1 | -| test.c:169:13:169:14 | ref arg s1 | test.c:176:16:176:17 | s1 | | test.c:169:13:169:14 | s1 | test.c:129:22:129:22 | v | -| test.c:169:13:169:14 | s1 | test.c:129:22:129:22 | v | -| test.c:169:13:169:14 | s1 | test.c:169:13:169:14 | ref arg s1 | -| test.c:172:14:172:15 | s2 | test.c:172:13:172:15 | & ... | -| test.c:173:12:173:13 | s2 | test.c:173:11:173:13 | & ... | | test.c:174:13:174:14 | s2 | test.c:129:22:129:22 | v | -| test.c:177:14:177:15 | s3 | test.c:177:13:177:15 | & ... | -| test.c:178:12:178:13 | s3 | test.c:178:11:178:13 | & ... | | test.c:179:13:179:14 | s3 | test.c:129:22:129:22 | v | | test.c:183:14:183:26 | call to aligned_alloc | test.c:184:11:184:12 | v1 | | test.c:183:14:183:26 | call to aligned_alloc | test.c:185:10:185:11 | v1 | @@ -75,6 +58,10 @@ edges | test.c:222:8:222:9 | p2 | test.c:226:12:226:13 | v1 | | test.c:222:8:222:9 | p2 | test.c:227:11:227:12 | v1 | | test.c:222:8:222:9 | p2 | test.c:228:13:228:14 | v1 | +| test.c:238:13:238:14 | & ... | test.c:244:12:244:13 | ip | +| test.c:241:15:241:18 | & ... | test.c:247:9:247:12 | & ... | +| test.c:252:16:252:18 | & ... | test.c:254:11:254:13 | ps1 | +| test.c:252:16:252:18 | & ... | test.c:256:10:256:12 | ps1 | nodes | test.c:7:11:7:13 | & ... | semmle.label | & ... | | test.c:8:12:8:14 | & ... | semmle.label | & ... | @@ -173,8 +160,6 @@ nodes | test.c:125:11:125:12 | v6 | semmle.label | v6 | | test.c:126:13:126:14 | v6 | semmle.label | v6 | | test.c:129:22:129:22 | v | semmle.label | v | -| test.c:129:22:129:22 | v | semmle.label | v | -| test.c:129:22:129:22 | v | semmle.label | v | | test.c:130:17:130:17 | v | semmle.label | v | | test.c:135:21:135:23 | & ... | semmle.label | & ... | | test.c:135:21:135:23 | & ... | semmle.label | & ... | @@ -185,30 +170,16 @@ nodes | test.c:162:16:162:18 | & ... | semmle.label | & ... | | test.c:166:24:166:29 | call to malloc | semmle.label | call to malloc | | test.c:166:24:166:29 | call to malloc | semmle.label | call to malloc | -| test.c:166:24:166:29 | call to malloc | semmle.label | call to malloc | | test.c:167:13:167:15 | & ... | semmle.label | & ... | -| test.c:167:14:167:15 | s1 | semmle.label | s1 | -| test.c:167:14:167:15 | s1 | semmle.label | s1 | | test.c:168:16:168:18 | & ... | semmle.label | & ... | -| test.c:168:17:168:18 | s1 | semmle.label | s1 | -| test.c:168:17:168:18 | s1 | semmle.label | s1 | -| test.c:169:13:169:14 | ref arg s1 | semmle.label | ref arg s1 | -| test.c:169:13:169:14 | s1 | semmle.label | s1 | -| test.c:169:13:169:14 | s1 | semmle.label | s1 | | test.c:169:13:169:14 | s1 | semmle.label | s1 | | test.c:169:13:169:14 | s1 | semmle.label | s1 | -| test.c:171:15:171:16 | s1 | semmle.label | s1 | -| test.c:172:13:172:15 | & ... | semmle.label | & ... | -| test.c:172:14:172:15 | s2 | semmle.label | s2 | -| test.c:173:11:173:13 | & ... | semmle.label | & ... | -| test.c:173:12:173:13 | s2 | semmle.label | s2 | +| test.c:172:11:172:12 | s2 | semmle.label | s2 | +| test.c:173:13:173:14 | s2 | semmle.label | s2 | | test.c:174:13:174:14 | s2 | semmle.label | s2 | | test.c:174:13:174:14 | s2 | semmle.label | s2 | -| test.c:176:16:176:17 | s1 | semmle.label | s1 | -| test.c:177:13:177:15 | & ... | semmle.label | & ... | -| test.c:177:14:177:15 | s3 | semmle.label | s3 | -| test.c:178:11:178:13 | & ... | semmle.label | & ... | -| test.c:178:12:178:13 | s3 | semmle.label | s3 | +| test.c:177:11:177:12 | s3 | semmle.label | s3 | +| test.c:178:13:178:14 | s3 | semmle.label | s3 | | test.c:179:13:179:14 | s3 | semmle.label | s3 | | test.c:179:13:179:14 | s3 | semmle.label | s3 | | test.c:183:14:183:26 | call to aligned_alloc | semmle.label | call to aligned_alloc | @@ -232,8 +203,19 @@ nodes | test.c:226:12:226:13 | v1 | semmle.label | v1 | | test.c:227:11:227:12 | v1 | semmle.label | v1 | | test.c:228:13:228:14 | v1 | semmle.label | v1 | +| test.c:238:13:238:14 | & ... | semmle.label | & ... | +| test.c:240:16:240:19 | & ... | semmle.label | & ... | +| test.c:241:15:241:18 | & ... | semmle.label | & ... | +| test.c:241:15:241:18 | & ... | semmle.label | & ... | +| test.c:244:12:244:13 | ip | semmle.label | ip | +| test.c:246:9:246:12 | & ... | semmle.label | & ... | +| test.c:247:9:247:12 | & ... | semmle.label | & ... | +| test.c:252:16:252:18 | & ... | semmle.label | & ... | +| test.c:254:11:254:13 | ps1 | semmle.label | ps1 | +| test.c:255:11:255:13 | & ... | semmle.label | & ... | +| test.c:256:10:256:12 | ps1 | semmle.label | ps1 | +| test.c:257:10:257:12 | & ... | semmle.label | & ... | subpaths -| test.c:169:13:169:14 | s1 | test.c:129:22:129:22 | v | test.c:129:22:129:22 | v | test.c:169:13:169:14 | ref arg s1 | #select | test.c:8:12:8:14 | & ... | test.c:8:12:8:14 | & ... | test.c:8:12:8:14 | & ... | Cast from pointer with 1-byte alignment (defined by $@) to pointer with base type short with 2-byte alignment. | test.c:8:12:8:14 | & ... | address-of expression | | test.c:9:10:9:12 | & ... | test.c:9:10:9:12 | & ... | test.c:9:10:9:12 | & ... | Cast from pointer with 1-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:9:10:9:12 | & ... | address-of expression | @@ -264,19 +246,23 @@ subpaths | test.c:107:11:107:12 | v4 | test.c:102:14:102:16 | & ... | test.c:107:11:107:12 | v4 | Cast from pointer with 4-byte alignment (defined by $@) to pointer with base type long with 8-byte alignment. | test.c:102:14:102:16 | & ... | address-of expression | | test.c:108:13:108:14 | v4 | test.c:102:14:102:16 | & ... | test.c:108:13:108:14 | v4 | Cast from pointer with 4-byte alignment (defined by $@) to pointer with base type double with 8-byte alignment. | test.c:102:14:102:16 | & ... | address-of expression | | test.c:130:17:130:17 | v | test.c:135:21:135:23 | & ... | test.c:130:17:130:17 | v | Cast from pointer with 1-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:135:21:135:23 | & ... | address-of expression | -| test.c:130:17:130:17 | v | test.c:174:13:174:14 | s2 | test.c:130:17:130:17 | v | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:174:13:174:14 | s2 | pointer base type | -| test.c:130:17:130:17 | v | test.c:179:13:179:14 | s3 | test.c:130:17:130:17 | v | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:179:13:179:14 | s3 | pointer base type | +| test.c:130:17:130:17 | v | test.c:174:13:174:14 | s2 | test.c:130:17:130:17 | v | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:174:13:174:14 | s2 | pointer base type short | +| test.c:130:17:130:17 | v | test.c:179:13:179:14 | s3 | test.c:130:17:130:17 | v | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:179:13:179:14 | s3 | pointer base type short | | test.c:130:17:130:17 | v | test.c:189:14:189:26 | call to aligned_alloc | test.c:130:17:130:17 | v | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:189:14:189:26 | call to aligned_alloc | call to aligned_alloc | | test.c:158:13:158:20 | & ... | test.c:158:13:158:20 | & ... | test.c:158:13:158:20 | & ... | Cast from pointer with 1-byte alignment (defined by $@) to pointer with base type unsigned long with 8-byte alignment. | test.c:158:13:158:20 | & ... | address-of expression | | test.c:162:16:162:18 | & ... | test.c:162:16:162:18 | & ... | test.c:162:16:162:18 | & ... | Cast from pointer with 8-byte alignment (defined by $@) to pointer with base type S3 with 64-byte alignment. | test.c:162:16:162:18 | & ... | address-of expression | | test.c:168:16:168:18 | & ... | test.c:166:24:166:29 | call to malloc | test.c:168:16:168:18 | & ... | Cast from pointer with 16-byte alignment (defined by $@) to pointer with base type S3 with 64-byte alignment. | test.c:166:24:166:29 | call to malloc | call to malloc | | test.c:168:16:168:18 | & ... | test.c:168:16:168:18 | & ... | test.c:168:16:168:18 | & ... | Cast from pointer with 8-byte alignment (defined by $@) to pointer with base type S3 with 64-byte alignment. | test.c:168:16:168:18 | & ... | address-of expression | +| test.c:173:13:173:14 | s2 | test.c:173:13:173:14 | s2 | test.c:173:13:173:14 | s2 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type unsigned long with 8-byte alignment. | test.c:173:13:173:14 | s2 | pointer base type short | +| test.c:178:13:178:14 | s3 | test.c:178:13:178:14 | s3 | test.c:178:13:178:14 | s3 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type unsigned long with 8-byte alignment. | test.c:178:13:178:14 | s3 | pointer base type short | | test.c:186:13:186:14 | v1 | test.c:183:14:183:26 | call to aligned_alloc | test.c:186:13:186:14 | v1 | Cast from pointer with 4-byte alignment (defined by $@) to pointer with base type unsigned long with 8-byte alignment. | test.c:183:14:183:26 | call to aligned_alloc | call to aligned_alloc | -| test.c:216:10:216:11 | p2 | test.c:216:10:216:11 | p2 | test.c:216:10:216:11 | p2 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:216:10:216:11 | p2 | pointer base type | -| test.c:217:11:217:12 | p2 | test.c:217:11:217:12 | p2 | test.c:217:11:217:12 | p2 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type long with 8-byte alignment. | test.c:217:11:217:12 | p2 | pointer base type | -| test.c:218:12:218:13 | p2 | test.c:218:12:218:13 | p2 | test.c:218:12:218:13 | p2 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type float with 4-byte alignment. | test.c:218:12:218:13 | p2 | pointer base type | -| test.c:219:13:219:14 | p2 | test.c:219:13:219:14 | p2 | test.c:219:13:219:14 | p2 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type double with 8-byte alignment. | test.c:219:13:219:14 | p2 | pointer base type | -| test.c:225:10:225:11 | v1 | test.c:222:8:222:9 | p2 | test.c:225:10:225:11 | v1 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:222:8:222:9 | p2 | pointer base type | -| test.c:226:12:226:13 | v1 | test.c:222:8:222:9 | p2 | test.c:226:12:226:13 | v1 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type float with 4-byte alignment. | test.c:222:8:222:9 | p2 | pointer base type | -| test.c:227:11:227:12 | v1 | test.c:222:8:222:9 | p2 | test.c:227:11:227:12 | v1 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type long with 8-byte alignment. | test.c:222:8:222:9 | p2 | pointer base type | -| test.c:228:13:228:14 | v1 | test.c:222:8:222:9 | p2 | test.c:228:13:228:14 | v1 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type double with 8-byte alignment. | test.c:222:8:222:9 | p2 | pointer base type | +| test.c:216:10:216:11 | p2 | test.c:216:10:216:11 | p2 | test.c:216:10:216:11 | p2 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:216:10:216:11 | p2 | pointer base type short | +| test.c:217:11:217:12 | p2 | test.c:217:11:217:12 | p2 | test.c:217:11:217:12 | p2 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type long with 8-byte alignment. | test.c:217:11:217:12 | p2 | pointer base type short | +| test.c:218:12:218:13 | p2 | test.c:218:12:218:13 | p2 | test.c:218:12:218:13 | p2 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type float with 4-byte alignment. | test.c:218:12:218:13 | p2 | pointer base type short | +| test.c:219:13:219:14 | p2 | test.c:219:13:219:14 | p2 | test.c:219:13:219:14 | p2 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type double with 8-byte alignment. | test.c:219:13:219:14 | p2 | pointer base type short | +| test.c:225:10:225:11 | v1 | test.c:222:8:222:9 | p2 | test.c:225:10:225:11 | v1 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:222:8:222:9 | p2 | pointer base type short | +| test.c:226:12:226:13 | v1 | test.c:222:8:222:9 | p2 | test.c:226:12:226:13 | v1 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type float with 4-byte alignment. | test.c:222:8:222:9 | p2 | pointer base type short | +| test.c:227:11:227:12 | v1 | test.c:222:8:222:9 | p2 | test.c:227:11:227:12 | v1 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type long with 8-byte alignment. | test.c:222:8:222:9 | p2 | pointer base type short | +| test.c:228:13:228:14 | v1 | test.c:222:8:222:9 | p2 | test.c:228:13:228:14 | v1 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type double with 8-byte alignment. | test.c:222:8:222:9 | p2 | pointer base type short | +| test.c:256:10:256:12 | ps1 | test.c:252:16:252:18 | & ... | test.c:256:10:256:12 | ps1 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:252:16:252:18 | & ... | address-of expression | +| test.c:257:10:257:12 | & ... | test.c:257:10:257:12 | & ... | test.c:257:10:257:12 | & ... | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:257:10:257:12 | & ... | address-of expression | diff --git a/c/cert/test/rules/EXP36-C/test.c b/c/cert/test/rules/EXP36-C/test.c index b32e2ab80f..0d0eef551a 100644 --- a/c/cert/test/rules/EXP36-C/test.c +++ b/c/cert/test/rules/EXP36-C/test.c @@ -169,13 +169,13 @@ void test_malloc_alignment_and_pointer_arithmetic() { cast_away(s1); // COMPLIANT short *s2 = s1 + 1; - (size_t *)&s2; // NON_COMPLIANT[FALSE_NEGATIVE] - (char *)&s2; // COMPLIANT + (char *)s2; // COMPLIANT + (size_t *)s2; // NON_COMPLIANT cast_away(s2); // NON_COMPLIANT short *s3 = &s1[1]; - (size_t *)&s3; // NON_COMPLIANT[FALSE_NEGATIVE] - (char *)&s3; // COMPLIANT + (char *)s3; // COMPLIANT + (size_t *)s3; // NON_COMPLIANT cast_away(s3); // NON_COMPLIANT } @@ -226,4 +226,33 @@ void test_standalone_pointer_cast_alignment(void *p1, short *p2) { (float *)v1; // NON_COMPLIANT (long *)v1; // NON_COMPLIANT (double *)v1; // NON_COMPLIANT +} + +void test_array_element_cast_alignment() { + char *acp[3]; + int *aip[3]; + + int i = 0; + char c = ' '; + char *cp = &c; // COMPLIANT + int *ip = &i; // COMPLIANT + + char **cpp = &acp; // COMPLIANT + int **ipp = &aip; // COMPLIANT + + acp[0] = cp; // COMPLIANT + acp[1] = ip; // NON_COMPLIANT[FALSE_NEGATIVE] + + cpp = &acp; // COMPLIANT + cpp = &ipp; // NON_COMPLIANT[FALSE_NEGATIVE] +} + +void test_pointer_dereference_barrier() { + short s1 = 0; + short *ps1 = &s1; + *ps1 = 1; + (char *)ps1; // COMPLIANT + (char *)&s1; // COMPLIANT + (int *)ps1; // NON_COMPLIANT + (int *)&s1; // NON_COMPLIANT } \ No newline at end of file From 758986867f64e813d153dd6863505405b8eca49a Mon Sep 17 00:00:00 2001 From: s-samadi Date: Fri, 18 Nov 2022 10:56:34 +1100 Subject: [PATCH 0119/2573] moved M-4-4 to common lib --- .../src/rules/M6-4-4/NestedCaseInSwitch.ql | 18 ++--- .../rules/M6-4-4/NestedCaseInSwitch.expected | 3 - .../rules/M6-4-4/NestedCaseInSwitch.qlref | 1 - .../rules/M6-4-4/NestedCaseInSwitch.testref | 1 + cpp/autosar/test/rules/M6-4-4/test.cpp | 79 ------------------ .../NestedLabelInSwitch.qll | 25 ++++++ .../NestedLabelInSwitch.expected | 1 + .../NestedLabelInSwitch.ql | 2 + .../test/rules/nestedlabelinswitch/test.cpp | 80 +++++++++++++++++++ rule_packages/cpp/Conditionals.json | 5 +- 10 files changed, 119 insertions(+), 96 deletions(-) delete mode 100644 cpp/autosar/test/rules/M6-4-4/NestedCaseInSwitch.expected delete mode 100644 cpp/autosar/test/rules/M6-4-4/NestedCaseInSwitch.qlref create mode 100644 cpp/autosar/test/rules/M6-4-4/NestedCaseInSwitch.testref delete mode 100644 cpp/autosar/test/rules/M6-4-4/test.cpp create mode 100644 cpp/common/src/codingstandards/cpp/rules/nestedlabelinswitch/NestedLabelInSwitch.qll create mode 100644 cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.expected create mode 100644 cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql create mode 100644 cpp/common/test/rules/nestedlabelinswitch/test.cpp diff --git a/cpp/autosar/src/rules/M6-4-4/NestedCaseInSwitch.ql b/cpp/autosar/src/rules/M6-4-4/NestedCaseInSwitch.ql index 18c07b8eea..c984053464 100644 --- a/cpp/autosar/src/rules/M6-4-4/NestedCaseInSwitch.ql +++ b/cpp/autosar/src/rules/M6-4-4/NestedCaseInSwitch.ql @@ -1,8 +1,7 @@ /** * @id cpp/autosar/nested-case-in-switch * @name M6-4-4: A switch-label shall only be used when the most closely-enclosing compound statement is the body of a switch statement - * @description By default in C++, the switch structure is weak, which may lead to switch labels - * being placed anywhere in the switch block. This can cause unspecified behaviour. + * @description Nested switch labels cause undefined behaviour. * @kind problem * @precision very-high * @problem.severity recommendation @@ -16,13 +15,10 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.SwitchStatement +import codingstandards.cpp.rules.nestedlabelinswitch.NestedLabelInSwitch -from SwitchCase nestedCase, SwitchStmt switch -where - not isExcluded(nestedCase, ConditionalsPackage::nestedCaseInSwitchQuery()) and - switch.getASwitchCase() = nestedCase and - not nestedCase.getParentStmt() = switch.getChildStmt() -select nestedCase, - "Weak switch structure - the parent statement of this $@ clause does not belong to its $@ statement.", - switch, "switch", nestedCase, "case" +class NestedCaseInSwitchQuery extends NestedLabelInSwitchSharedQuery { + NestedCaseInSwitchQuery() { + this = ConditionalsPackage::nestedCaseInSwitchQuery() + } +} diff --git a/cpp/autosar/test/rules/M6-4-4/NestedCaseInSwitch.expected b/cpp/autosar/test/rules/M6-4-4/NestedCaseInSwitch.expected deleted file mode 100644 index c9fbbdcb35..0000000000 --- a/cpp/autosar/test/rules/M6-4-4/NestedCaseInSwitch.expected +++ /dev/null @@ -1,3 +0,0 @@ -| test.cpp:9:5:9:11 | case ...: | Weak switch structure - the parent statement of this $@ clause does not belong to its $@ statement. | test.cpp:6:3:17:3 | switch (...) ... | switch | test.cpp:9:5:9:11 | case ...: | case | -| test.cpp:36:5:36:11 | case ...: | Weak switch structure - the parent statement of this $@ clause does not belong to its $@ statement. | test.cpp:23:3:43:3 | switch (...) ... | switch | test.cpp:36:5:36:11 | case ...: | case | -| test.cpp:75:5:75:11 | case ...: | Weak switch structure - the parent statement of this $@ clause does not belong to its $@ statement. | test.cpp:73:3:78:3 | switch (...) ... | switch | test.cpp:75:5:75:11 | case ...: | case | diff --git a/cpp/autosar/test/rules/M6-4-4/NestedCaseInSwitch.qlref b/cpp/autosar/test/rules/M6-4-4/NestedCaseInSwitch.qlref deleted file mode 100644 index ad5727e1dc..0000000000 --- a/cpp/autosar/test/rules/M6-4-4/NestedCaseInSwitch.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M6-4-4/NestedCaseInSwitch.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M6-4-4/NestedCaseInSwitch.testref b/cpp/autosar/test/rules/M6-4-4/NestedCaseInSwitch.testref new file mode 100644 index 0000000000..6c5434b0e2 --- /dev/null +++ b/cpp/autosar/test/rules/M6-4-4/NestedCaseInSwitch.testref @@ -0,0 +1 @@ +cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M6-4-4/test.cpp b/cpp/autosar/test/rules/M6-4-4/test.cpp deleted file mode 100644 index 6ccd440de3..0000000000 --- a/cpp/autosar/test/rules/M6-4-4/test.cpp +++ /dev/null @@ -1,79 +0,0 @@ -void f(); - -void test_switch_nested_case_invalid(int expression) { - int i = 5; - int j; - switch (expression) { - case 1: // BAD - if (i > 4) { - case 2: - j = 3; - break; - } - break; - default: - j = 5; - break; - } -} - -void test_switch_nested_case_invalid_2(int expression) { - int i = 5; - int j; - switch (expression) { - case 1: - if (i > 4) { - j = 3; - } - break; - case 2: - if (i % 2 == 0) { - j = 1; - } - case 3: - if (i % 2 == 1) { - j = 8; - case 4: // BAD - j++; - } - break; - default: - j = 5; - break; - } -} - -void test_switch_valid(int expression) { - - int i = 5; - int j; - switch (expression) { - case 1: - if (i > 4) { - j = 3; - } - break; - case 2: - if (i % 2 == 0) { - j = 1; - } - break; - case 3: - if (i % 2 == 1) { - j = 8; - } - break; - default: - j = 5; - break; - } -} - -void test_singlecase_invalid(int expression) { - switch (expression) { - { - case 1: - f(); - } - } -} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/rules/nestedlabelinswitch/NestedLabelInSwitch.qll b/cpp/common/src/codingstandards/cpp/rules/nestedlabelinswitch/NestedLabelInSwitch.qll new file mode 100644 index 0000000000..a149654c5c --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/nestedlabelinswitch/NestedLabelInSwitch.qll @@ -0,0 +1,25 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class NestedLabelInSwitchSharedQuery extends Query { } + +Query getQuery() { result instanceof NestedLabelInSwitchSharedQuery } + +query predicate problems( + SwitchCase nestedCase, string message, SwitchCase case, string caseLabel, SwitchStmt switch, + string switchLabel +) { + not isExcluded(nestedCase, getQuery()) and + switch.getASwitchCase() = nestedCase and + not nestedCase.getParentStmt() = switch.getChildStmt() and + nestedCase = case and + message = + "The switch $@ does not appear at the outermost level of the compound statement forming the body of the $@ statement." and + caseLabel = nestedCase.toString() and + switchLabel = switch.toString() +} diff --git a/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.expected b/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql b/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql new file mode 100644 index 0000000000..a23fe0b2f9 --- /dev/null +++ b/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.nestedlabelinswitch.NestedLabelInSwitch diff --git a/cpp/common/test/rules/nestedlabelinswitch/test.cpp b/cpp/common/test/rules/nestedlabelinswitch/test.cpp new file mode 100644 index 0000000000..5c04578f0b --- /dev/null +++ b/cpp/common/test/rules/nestedlabelinswitch/test.cpp @@ -0,0 +1,80 @@ +void f(); + +void f1(int p1) { + int i; + int j; + switch (p1) { + case 1: // COMPLIANT + if (i) { + case 2: // NON_COMPLIANT + j; + break; + } + break; + default: // COMPLIANT + j; + break; + } +} + +void f2(int p1) { + int i; + int j; + switch (p1) { + case 1: // COMPLIANT + if (i) { + j; + } + break; + case 2: // COMPLIANT + if (i) { + j; + } + case 3: // COMPLIANT + if (i) { + j; + case 4: // NON_COMPLIANT + j; + } + break; + default: // COMPLIANT + j; + break; + } +} + +void f3(int p1) { + + int i; + int j; + switch (p1) { + case 1: // COMPLIANT + if (i) { + j; + } + break; + case 2: // COMPLIANT + if (i) { + j; + } + break; + case 3: // COMPLIANT + if (i) { + j; + } + break; + default: // COMPLIANT + j; + break; + } +} + +void f4(int p1) { + switch (p1) { + int i; + if (i) { + case 1: // NON_COMPLIANT + f(); + } + } +} diff --git a/rule_packages/cpp/Conditionals.json b/rule_packages/cpp/Conditionals.json index 4c382a06e9..5f6a120d16 100644 --- a/rule_packages/cpp/Conditionals.json +++ b/rule_packages/cpp/Conditionals.json @@ -190,12 +190,13 @@ }, "queries": [ { - "description": "By default in C++, the switch structure is weak, which may lead to switch labels being placed anywhere in the switch block. This can cause unspecified behaviour.", + "description": "Nested switch labels cause undefined behaviour.", "kind": "problem", "name": "A switch-label shall only be used when the most closely-enclosing compound statement is the body of a switch statement", "precision": "very-high", "severity": "recommendation", "short_name": "NestedCaseInSwitch", + "shared_implementation_short_name": "NestedLabelInSwitch", "tags": [ "maintainability", "readability" @@ -361,4 +362,4 @@ "title": "The continue statement shall only be used within a well-formed for loop." } } -} \ No newline at end of file +} From 0c2831004346e0b156ccb8ddfd9035e6b885c9f8 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Fri, 18 Nov 2022 05:02:17 +0100 Subject: [PATCH 0120/2573] Update EXP39-C test and implement query --- ...essVariableViaPointerOfIncompatibleType.md | 18 ++ ...essVariableViaPointerOfIncompatibleType.ql | 203 ++++++++++++++++++ ...iableViaPointerOfIncompatibleType.expected | 60 ++++++ ...VariableViaPointerOfIncompatibleType.qlref | 1 + c/cert/test/rules/EXP39-C/test.c | 9 +- 5 files changed, 288 insertions(+), 3 deletions(-) create mode 100644 c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.md create mode 100644 c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql create mode 100644 c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected create mode 100644 c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.qlref diff --git a/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.md b/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.md new file mode 100644 index 0000000000..90d2139747 --- /dev/null +++ b/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.md @@ -0,0 +1,18 @@ +# EXP39-C: Do not access a variable through a pointer of an incompatible type + +This query implements the CERT-C rule EXP39-C: + +> Do not access a variable through a pointer of an incompatible type + + +## CERT + +** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** + +## Implementation notes + +None + +## References + +* CERT-C: [EXP39-C: Do not access a variable through a pointer of an incompatible type](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql b/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql new file mode 100644 index 0000000000..acb835afff --- /dev/null +++ b/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql @@ -0,0 +1,203 @@ +/** + * @id c/cert/do-not-access-variable-via-pointer-of-incompatible-type + * @name EXP39-C: Do not access a variable through a pointer of an incompatible type + * @description Modifying underlying pointer data through a pointer of an incompatible type can lead + * to unpredictable results. + * @kind path-problem + * @precision very-high + * @problem.severity error + * @tags external/cert/id/exp39-c + * correctness + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import semmle.code.cpp.dataflow.DataFlow +import semmle.code.cpp.controlflow.Dominance +import DataFlow::PathGraph + +/** + * The standard function `memset` and its assorted variants + */ +class MemsetFunction extends Function { + MemsetFunction() { + this.hasGlobalOrStdOrBslName("memset") + or + this.hasGlobalOrStdName("wmemset") + or + this.hasGlobalName(["__builtin_memset", "__builtin___memset_chk", "__builtin_memset_chk"]) + } +} + +class IndirectCastAnalysisUnconvertedCastExpr extends Expr { + IndirectCastAnalysisUnconvertedCastExpr() { this = any(Cast c).getUnconverted() } +} + +class IndirectCastAnalysisDereferenceSink extends Expr { + IndirectCastAnalysisDereferenceSink() { dereferenced(this) } +} + +class ReallocationFunction extends AllocationFunction { + ReallocationFunction() { exists(this.getReallocPtrArg()) } +} + +/** + * A data-flow state for a pointer which has not been reallocated. + */ +class IndirectCastDefaultFlowState extends DataFlow::FlowState { + IndirectCastDefaultFlowState() { this = "IndirectCastDefaultFlowState" } +} + +/** + * A data-flow state for a pointer which has been reallocated but + * has not yet been zeroed with a memset call. + */ +class IndirectCastReallocatedFlowState extends DataFlow::FlowState { + IndirectCastReallocatedFlowState() { this = "IndirectCastReallocatedFlowState" } +} + +/** + * A data-flow configuration to track the flow from cast expressions to either + * other cast expressions or to dereferences of pointers reallocated with a call + * to `realloc` but not cleared via a function call to `memset`. + */ +class IndirectCastConfiguration extends DataFlow::Configuration { + IndirectCastConfiguration() { this = "CastToIncompatibleTypeConfiguration" } + + override predicate isSource(DataFlow::Node source, DataFlow::FlowState state) { + state instanceof IndirectCastDefaultFlowState and + source.asExpr() instanceof IndirectCastAnalysisUnconvertedCastExpr + } + + override predicate isSink(DataFlow::Node sink, DataFlow::FlowState state) { + sink.asExpr() instanceof IndirectCastAnalysisUnconvertedCastExpr and + state instanceof IndirectCastDefaultFlowState + or + sink.asExpr() instanceof IndirectCastAnalysisDereferenceSink and + state instanceof IndirectCastReallocatedFlowState and + // The memset call won't always have an edge to subsequent dereferences. + // + // Therefore, check that: + // 1) The memset call dominates the dereference. + // 2) The realloc call dominates the memset call. + // 3) There is no subsequent memset that also dominates the dereference. + // + // Currently, there is no relation between the pointer passed to memset + // and the pointer dereferenced. This unimplemented check might produce + // false-negatives when the memset call is unrelated to the reallocated memory. + not exists(FunctionCall memset, FunctionCall realloc, Expr ptr | + memset.getTarget() instanceof MemsetFunction and + realloc.getTarget() instanceof ReallocationFunction and + ptr = sink.asExpr() and + dominates(memset, ptr) and + not dominates(memset, + any(FunctionCall other | + other.getTarget() instanceof MemsetFunction and + other != memset and + dominates(other, ptr) + | + other + )) and + dominates(realloc, memset) + ) + } + + override predicate isBarrier(DataFlow::Node node, DataFlow::FlowState state) { + state instanceof IndirectCastReallocatedFlowState and + exists(FunctionCall fc | + fc.getTarget() instanceof MemsetFunction and + fc.getArgument(0) = node.asExpr() + ) + } + + override predicate isAdditionalFlowStep( + DataFlow::Node node1, DataFlow::FlowState state1, DataFlow::Node node2, + DataFlow::FlowState state2 + ) { + // track pointer flow through realloc calls and update state to `IndirectCastReallocatedFlowState` + state1 instanceof IndirectCastDefaultFlowState and + state2 instanceof IndirectCastReallocatedFlowState and + exists(FunctionCall fc | + fc.getTarget() instanceof ReallocationFunction and + node1.asExpr() = fc.getArgument(fc.getTarget().(ReallocationFunction).getReallocPtrArg()) and + node2.asExpr() = fc + ) + or + // track pointer flow through memset calls and reset state to `IndirectCastDefaultFlowState` + state1 instanceof IndirectCastReallocatedFlowState and + state2 instanceof IndirectCastDefaultFlowState and + exists(FunctionCall fc | + fc.getTarget() instanceof MemsetFunction and + node1.asExpr() = fc.getArgument(0) and + node2.asExpr() = fc + ) + } +} + +pragma[inline] +predicate areTypesSameExceptForConstSpecifiers(Type a, Type b) { + a.stripType() = b.stripType() and + a.getSize() = b.getSize() and + forall(Specifier s | s = a.getASpecifier() and not s.hasName("const") | + b.hasSpecifier(s.getName()) + ) +} + +pragma[inline] +Type compatibleTypes(Type type) { + not ( + type.isVolatile() and not result.isVolatile() + or + type.isConst() and not result.isConst() + ) and + ( + ( + result instanceof UnsignedCharType or + [result.stripTopLevelSpecifiers(), type.stripTopLevelSpecifiers()] instanceof VoidType + ) + or + not result instanceof UnsignedCharType and + not result instanceof VoidType and + ( + type.stripType() instanceof Struct and + type.getUnspecifiedType() = result.getUnspecifiedType() and + not type.getName() = "struct " and + not result.getName() = "struct " + or + not type.stripType() instanceof Struct and + ( + areTypesSameExceptForConstSpecifiers(type, result) + or + result.getSize() = type.getSize() and + ( + type instanceof Enum and result instanceof IntegralOrEnumType + or + not type instanceof PlainCharType and + ( + result.(IntegralType).isSigned() and type.(IntegralType).isSigned() + or + result.(IntegralType).isUnsigned() and type.(IntegralType).isUnsigned() + ) + or + result.(FloatingPointType).getDomain() = type.(FloatingPointType).getDomain() + ) + or + type instanceof Enum and result instanceof IntegralOrEnumType + ) + ) + ) +} + +from DataFlow::PathNode source, DataFlow::PathNode sink, Cast cast, Type fromType, Type toType +where + not isExcluded(cast, Pointers3Package::doNotAccessVariableViaPointerOfIncompatibleTypeQuery()) and + cast.getFile().compiledAsC() and + any(IndirectCastConfiguration config).hasFlowPath(source, sink) and + // include only sinks which are not a compatible type to the associated source + source.getNode().asExpr() = cast.getUnconverted() and + fromType = cast.getUnconverted().getType().(PointerType).getBaseType() and + toType = sink.getNode().asExpr().getActualType().(PointerType).getBaseType() and + not toType = compatibleTypes(fromType) +select sink.getNode().asExpr().getUnconverted(), source, sink, + "Cast from " + fromType + " to " + toType + " results in an incompatible pointer base type." diff --git a/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected b/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected new file mode 100644 index 0000000000..0ba6202bf1 --- /dev/null +++ b/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected @@ -0,0 +1,60 @@ +edges +| test.c:49:8:49:9 | s3 | test.c:50:8:50:9 | s1 | +| test.c:60:16:60:18 | E1A | test.c:61:16:61:17 | e1 | +| test.c:60:16:60:18 | E1A | test.c:65:10:65:12 | & ... | +| test.c:68:22:68:22 | v | test.c:68:41:68:41 | v | +| test.c:72:13:72:15 | & ... | test.c:68:22:68:22 | v | +| test.c:74:13:74:15 | & ... | test.c:68:22:68:22 | v | +| test.c:97:32:97:37 | call to malloc | test.c:98:40:98:41 | s2 | +| test.c:97:32:97:37 | call to malloc | test.c:98:40:98:41 | s2 | +| test.c:98:32:98:38 | call to realloc | test.c:99:3:99:4 | s3 | +| test.c:98:32:98:38 | call to realloc | test.c:100:10:100:11 | s3 | +| test.c:98:40:98:41 | s2 | test.c:98:32:98:38 | call to realloc | +nodes +| test.c:6:19:6:20 | & ... | semmle.label | & ... | +| test.c:11:10:11:11 | & ... | semmle.label | & ... | +| test.c:13:17:13:19 | & ... | semmle.label | & ... | +| test.c:15:17:15:19 | & ... | semmle.label | & ... | +| test.c:19:18:19:20 | & ... | semmle.label | & ... | +| test.c:20:20:20:22 | & ... | semmle.label | & ... | +| test.c:21:11:21:13 | & ... | semmle.label | & ... | +| test.c:26:17:26:19 | & ... | semmle.label | & ... | +| test.c:27:10:27:12 | & ... | semmle.label | & ... | +| test.c:28:13:28:15 | & ... | semmle.label | & ... | +| test.c:29:19:29:21 | & ... | semmle.label | & ... | +| test.c:30:16:30:18 | & ... | semmle.label | & ... | +| test.c:47:8:47:9 | s2 | semmle.label | s2 | +| test.c:49:8:49:9 | s3 | semmle.label | s3 | +| test.c:49:8:49:9 | s3 | semmle.label | s3 | +| test.c:50:8:50:9 | s1 | semmle.label | s1 | +| test.c:60:16:60:18 | E1A | semmle.label | E1A | +| test.c:60:16:60:18 | E1A | semmle.label | E1A | +| test.c:61:16:61:17 | e1 | semmle.label | e1 | +| test.c:65:10:65:12 | & ... | semmle.label | & ... | +| test.c:68:22:68:22 | v | semmle.label | v | +| test.c:68:41:68:41 | v | semmle.label | v | +| test.c:72:13:72:15 | & ... | semmle.label | & ... | +| test.c:72:13:72:15 | & ... | semmle.label | & ... | +| test.c:74:13:74:15 | & ... | semmle.label | & ... | +| test.c:74:13:74:15 | & ... | semmle.label | & ... | +| test.c:97:32:97:37 | call to malloc | semmle.label | call to malloc | +| test.c:97:32:97:37 | call to malloc | semmle.label | call to malloc | +| test.c:98:32:98:38 | call to realloc | semmle.label | call to realloc | +| test.c:98:32:98:38 | call to realloc | semmle.label | call to realloc | +| test.c:98:32:98:38 | call to realloc | semmle.label | call to realloc | +| test.c:98:40:98:41 | s2 | semmle.label | s2 | +| test.c:98:40:98:41 | s2 | semmle.label | s2 | +| test.c:99:3:99:4 | s3 | semmle.label | s3 | +| test.c:100:10:100:11 | s3 | semmle.label | s3 | +subpaths +#select +| test.c:6:19:6:20 | & ... | test.c:6:19:6:20 | & ... | test.c:6:19:6:20 | & ... | Cast from float to int results in an incompatible pointer base type. | +| test.c:11:10:11:11 | & ... | test.c:11:10:11:11 | & ... | test.c:11:10:11:11 | & ... | Cast from short[2] to int results in an incompatible pointer base type. | +| test.c:13:17:13:19 | & ... | test.c:13:17:13:19 | & ... | test.c:13:17:13:19 | & ... | Cast from short[2] to short[4] results in an incompatible pointer base type. | +| test.c:19:18:19:20 | & ... | test.c:19:18:19:20 | & ... | test.c:19:18:19:20 | & ... | Cast from char to signed char results in an incompatible pointer base type. | +| test.c:29:19:29:21 | & ... | test.c:29:19:29:21 | & ... | test.c:29:19:29:21 | & ... | Cast from int to unsigned int results in an incompatible pointer base type. | +| test.c:47:8:47:9 | s2 | test.c:47:8:47:9 | s2 | test.c:47:8:47:9 | s2 | Cast from struct to struct results in an incompatible pointer base type. | +| test.c:49:8:49:9 | s3 | test.c:49:8:49:9 | s3 | test.c:49:8:49:9 | s3 | Cast from S1 to struct results in an incompatible pointer base type. | +| test.c:50:8:50:9 | s1 | test.c:50:8:50:9 | s1 | test.c:50:8:50:9 | s1 | Cast from struct to S1 results in an incompatible pointer base type. | +| test.c:68:41:68:41 | v | test.c:72:13:72:15 | & ... | test.c:68:41:68:41 | v | Cast from float to int results in an incompatible pointer base type. | +| test.c:99:3:99:4 | s3 | test.c:98:40:98:41 | s2 | test.c:99:3:99:4 | s3 | Cast from S2 to S3 results in an incompatible pointer base type. | diff --git a/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.qlref b/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.qlref new file mode 100644 index 0000000000..41eb7db3b1 --- /dev/null +++ b/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.qlref @@ -0,0 +1 @@ +rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql \ No newline at end of file diff --git a/c/cert/test/rules/EXP39-C/test.c b/c/cert/test/rules/EXP39-C/test.c index 1b67ec028e..8647163ea0 100644 --- a/c/cert/test/rules/EXP39-C/test.c +++ b/c/cert/test/rules/EXP39-C/test.c @@ -1,3 +1,6 @@ +#include +#include + void test_incompatible_arithmetic() { float f = 0.0f; int *p = (int *)&f; // NON_COMPLIANT - arithmetic types are not compatible @@ -14,8 +17,8 @@ void test_incompatible_arithmetic() { // char may be signed or unsigned, and so is not compatible with either char c1; (signed char *)&c1; // NON_COMPLIANT - (unsigned char *)&c1; // NON_COMPLIANT - (char *)&c1; // NON_COMPLIANT + (unsigned char *)&c1; // COMPLIANT - the underlying byte representation is always compatible + (char *)&c1; // COMPLIANT - same type // int is defined as signed, so is compatible with all the signed versions // (long, short etc. are similar) @@ -24,7 +27,7 @@ void test_incompatible_arithmetic() { (int *)&i1; // COMPLIANT (signed *)&i1; // COMPLIANT (unsigned int *)&i1; // NON_COMPLIANT - (const int *)&i1; // NON_COMPLIANT + (const int *)&i1; // COMPLIANT - adding a const specifier is permitted } struct { From 87d52ae702b688a8285f96cf8c9bd95d49aa28d3 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Fri, 18 Nov 2022 05:06:30 +0100 Subject: [PATCH 0121/2573] Update Pointers3.json --- rule_packages/c/Pointers3.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/rule_packages/c/Pointers3.json b/rule_packages/c/Pointers3.json index 1e9038ebd7..41c1496672 100644 --- a/rule_packages/c/Pointers3.json +++ b/rule_packages/c/Pointers3.json @@ -48,9 +48,9 @@ "queries": [ { "description": "Modifying underlying pointer data through a pointer of an incompatible type can lead to unpredictable results.", - "kind": "problem", + "kind": "path-problem", "name": "Do not access a variable through a pointer of an incompatible type", - "precision": "very-high", + "precision": "high", "severity": "error", "short_name": "DoNotAccessVariableViaPointerOfIncompatibleType", "tags": [ From c0f97671fb9af3f7b16954251434bfd09634cb3b Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Fri, 18 Nov 2022 05:27:55 +0100 Subject: [PATCH 0122/2573] Update DoNotAccessVariableViaPointerOfIncompatibleType.ql --- .../DoNotAccessVariableViaPointerOfIncompatibleType.ql | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql b/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql index acb835afff..d9ef7e742c 100644 --- a/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql +++ b/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql @@ -4,7 +4,7 @@ * @description Modifying underlying pointer data through a pointer of an incompatible type can lead * to unpredictable results. * @kind path-problem - * @precision very-high + * @precision high * @problem.severity error * @tags external/cert/id/exp39-c * correctness @@ -191,7 +191,8 @@ Type compatibleTypes(Type type) { from DataFlow::PathNode source, DataFlow::PathNode sink, Cast cast, Type fromType, Type toType where - not isExcluded(cast, Pointers3Package::doNotAccessVariableViaPointerOfIncompatibleTypeQuery()) and + not isExcluded(sink.getNode().asExpr(), + Pointers3Package::doNotAccessVariableViaPointerOfIncompatibleTypeQuery()) and cast.getFile().compiledAsC() and any(IndirectCastConfiguration config).hasFlowPath(source, sink) and // include only sinks which are not a compatible type to the associated source From 32391bb8ecdf33bc03f1d0433cf434142a1732df Mon Sep 17 00:00:00 2001 From: s-samadi Date: Fri, 18 Nov 2022 16:04:54 +1100 Subject: [PATCH 0123/2573] added Statements1 package and generated files --- .../cpp/exclusions/c/Statements1.qll | 74 +++++++++++++++++ rule_packages/c/Statements1.json | 82 +++++++++++++++++++ 2 files changed, 156 insertions(+) create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/Statements1.qll create mode 100644 rule_packages/c/Statements1.json diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Statements1.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Statements1.qll new file mode 100644 index 0000000000..566399fc44 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Statements1.qll @@ -0,0 +1,74 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype Statements1Query = + TNestSwitchLabelInSwitchStatementQuery() or + TBreakShallTerminateSwitchClauseQuery() or + TEverySwitchShallHaveDefaultLabelQuery() or + TDefaultNotFirstOrLastOfSwitchQuery() + +predicate isStatements1QueryMetadata(Query query, string queryId, string ruleId) { + query = + // `Query` instance for the `nestSwitchLabelInSwitchStatement` query + Statements1Package::nestSwitchLabelInSwitchStatementQuery() and + queryId = + // `@id` for the `nestSwitchLabelInSwitchStatement` query + "c/misra/nest-switch-label-in-switch-statement" and + ruleId = "RULE-16-2" + or + query = + // `Query` instance for the `breakShallTerminateSwitchClause` query + Statements1Package::breakShallTerminateSwitchClauseQuery() and + queryId = + // `@id` for the `breakShallTerminateSwitchClause` query + "c/misra/break-shall-terminate-switch-clause" and + ruleId = "RULE-16-3" + or + query = + // `Query` instance for the `everySwitchShallHaveDefaultLabel` query + Statements1Package::everySwitchShallHaveDefaultLabelQuery() and + queryId = + // `@id` for the `everySwitchShallHaveDefaultLabel` query + "c/misra/every-switch-shall-have-default-label" and + ruleId = "RULE-16-4" + or + query = + // `Query` instance for the `defaultNotFirstOrLastOfSwitch` query + Statements1Package::defaultNotFirstOrLastOfSwitchQuery() and + queryId = + // `@id` for the `defaultNotFirstOrLastOfSwitch` query + "c/misra/default-not-first-or-last-of-switch" and + ruleId = "RULE-16-5" +} + +module Statements1Package { + Query nestSwitchLabelInSwitchStatementQuery() { + //autogenerate `Query` type + result = + // `Query` type for `nestSwitchLabelInSwitchStatement` query + TQueryC(TStatements1PackageQuery(TNestSwitchLabelInSwitchStatementQuery())) + } + + Query breakShallTerminateSwitchClauseQuery() { + //autogenerate `Query` type + result = + // `Query` type for `breakShallTerminateSwitchClause` query + TQueryC(TStatements1PackageQuery(TBreakShallTerminateSwitchClauseQuery())) + } + + Query everySwitchShallHaveDefaultLabelQuery() { + //autogenerate `Query` type + result = + // `Query` type for `everySwitchShallHaveDefaultLabel` query + TQueryC(TStatements1PackageQuery(TEverySwitchShallHaveDefaultLabelQuery())) + } + + Query defaultNotFirstOrLastOfSwitchQuery() { + //autogenerate `Query` type + result = + // `Query` type for `defaultNotFirstOrLastOfSwitch` query + TQueryC(TStatements1PackageQuery(TDefaultNotFirstOrLastOfSwitchQuery())) + } +} diff --git a/rule_packages/c/Statements1.json b/rule_packages/c/Statements1.json new file mode 100644 index 0000000000..43c88481cf --- /dev/null +++ b/rule_packages/c/Statements1.json @@ -0,0 +1,82 @@ +{ + "MISRA-C-2012": { + "RULE-16-2": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Nested switch labels cause undefined behaviour.", + "kind": "problem", + "name": "A switch label shall only be used when the most closely-enclosing compound statement is the body of", + "precision": "very-high", + "severity": "error", + "short_name": "NestSwitchLabelInSwitchStatement", + "shared_implementation_short_name": "NestedLabelInSwitch", + "tags": [ + "maintainability", + "readability" + ] + } + ], + "title": "A switch label shall only be used when the most closely-enclosing compound statement is the body of a switch statement" + }, + "RULE-16-3": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "An unterminated switch-clause occurring at the end of a switch statement may fall into switch clauses which are added later.", + "kind": "problem", + "name": "An unconditional break statement shall terminate every switch-clause", + "precision": "very-high", + "severity": "error", + "short_name": "BreakShallTerminateSwitchClause", + "tags": [ + "maintainability", + "readability" + ] + } + ], + "title": "An unconditional break statement shall terminate every switch-clause" + }, + "RULE-16-4": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "The requirement for a default label is defensive programming.", + "kind": "problem", + "name": "Every switch statement shall have a default label", + "precision": "very-high", + "severity": "error", + "short_name": "EverySwitchShallHaveDefaultLabel", + "tags": [ + "maintainability", + "readability" + ] + } + ], + "title": "Every switch statement shall have a default label" + }, + "RULE-16-5": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Locating the default label is easy when it the first of last label.", + "kind": "problem", + "name": "A default label shall appear as either the first or the last switch label of a switch statement", + "precision": "very-high", + "severity": "error", + "short_name": "DefaultNotFirstOrLastOfSwitch", + "tags": [] + } + ], + "title": "A default label shall appear as either the first or the last switch label of a switch statement" + } + } +} From e98102fba319e7e1d6f28faf8128267424cf00f0 Mon Sep 17 00:00:00 2001 From: s-samadi Date: Fri, 18 Nov 2022 16:09:43 +1100 Subject: [PATCH 0124/2573] added RULE-16-2 --- .../NestedLabelInSwitch.expected | 3 + .../NestedLabelInSwitch.ql | 2 + .../test/rules/nestedlabelinswitch/test.c | 80 +++++++++++++++++++ .../NestSwitchLabelInSwitchStatement.ql | 22 +++++ .../NestSwitchLabelInSwitchStatement.testref | 1 + 5 files changed, 108 insertions(+) create mode 100644 c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.expected create mode 100644 c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql create mode 100644 c/common/test/rules/nestedlabelinswitch/test.c create mode 100644 c/misra/src/rules/RULE-16-2/NestSwitchLabelInSwitchStatement.ql create mode 100644 c/misra/test/rules/RULE-16-2/NestSwitchLabelInSwitchStatement.testref diff --git a/c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.expected b/c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.expected new file mode 100644 index 0000000000..dfc375e567 --- /dev/null +++ b/c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.expected @@ -0,0 +1,3 @@ +| test.c:9:5:9:11 | case ...: | The switch $@ does not appear at the outermost level of the compound statement forming the body of the $@ statement. | test.c:9:5:9:11 | case ...: | case ...: | test.c:6:3:17:3 | switch (...) ... | switch (...) ... | +| test.c:36:5:36:11 | case ...: | The switch $@ does not appear at the outermost level of the compound statement forming the body of the $@ statement. | test.c:36:5:36:11 | case ...: | case ...: | test.c:23:3:43:3 | switch (...) ... | switch (...) ... | +| test.c:76:5:76:11 | case ...: | The switch $@ does not appear at the outermost level of the compound statement forming the body of the $@ statement. | test.c:76:5:76:11 | case ...: | case ...: | test.c:73:3:79:3 | switch (...) ... | switch (...) ... | diff --git a/c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql b/c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql new file mode 100644 index 0000000000..a23fe0b2f9 --- /dev/null +++ b/c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.nestedlabelinswitch.NestedLabelInSwitch diff --git a/c/common/test/rules/nestedlabelinswitch/test.c b/c/common/test/rules/nestedlabelinswitch/test.c new file mode 100644 index 0000000000..5c04578f0b --- /dev/null +++ b/c/common/test/rules/nestedlabelinswitch/test.c @@ -0,0 +1,80 @@ +void f(); + +void f1(int p1) { + int i; + int j; + switch (p1) { + case 1: // COMPLIANT + if (i) { + case 2: // NON_COMPLIANT + j; + break; + } + break; + default: // COMPLIANT + j; + break; + } +} + +void f2(int p1) { + int i; + int j; + switch (p1) { + case 1: // COMPLIANT + if (i) { + j; + } + break; + case 2: // COMPLIANT + if (i) { + j; + } + case 3: // COMPLIANT + if (i) { + j; + case 4: // NON_COMPLIANT + j; + } + break; + default: // COMPLIANT + j; + break; + } +} + +void f3(int p1) { + + int i; + int j; + switch (p1) { + case 1: // COMPLIANT + if (i) { + j; + } + break; + case 2: // COMPLIANT + if (i) { + j; + } + break; + case 3: // COMPLIANT + if (i) { + j; + } + break; + default: // COMPLIANT + j; + break; + } +} + +void f4(int p1) { + switch (p1) { + int i; + if (i) { + case 1: // NON_COMPLIANT + f(); + } + } +} diff --git a/c/misra/src/rules/RULE-16-2/NestSwitchLabelInSwitchStatement.ql b/c/misra/src/rules/RULE-16-2/NestSwitchLabelInSwitchStatement.ql new file mode 100644 index 0000000000..2c35b5a185 --- /dev/null +++ b/c/misra/src/rules/RULE-16-2/NestSwitchLabelInSwitchStatement.ql @@ -0,0 +1,22 @@ +/** + * @id c/misra/nest-switch-label-in-switch-statement + * @name RULE-16-2: A switch label shall only be used when the most closely-enclosing compound statement is the body of + * @description Nested switch labels cause undefined behaviour. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-16-2 + * maintainability + * readability + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.rules.nestedlabelinswitch.NestedLabelInSwitch + +class NestSwitchLabelInSwitchStatementQuery extends NestedLabelInSwitchSharedQuery { + NestSwitchLabelInSwitchStatementQuery() { + this = Statements1Package::nestSwitchLabelInSwitchStatementQuery() + } +} diff --git a/c/misra/test/rules/RULE-16-2/NestSwitchLabelInSwitchStatement.testref b/c/misra/test/rules/RULE-16-2/NestSwitchLabelInSwitchStatement.testref new file mode 100644 index 0000000000..329212287e --- /dev/null +++ b/c/misra/test/rules/RULE-16-2/NestSwitchLabelInSwitchStatement.testref @@ -0,0 +1 @@ +c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql \ No newline at end of file From 9e68f0bbdd63d17956c61784cf6c9863ed093208 Mon Sep 17 00:00:00 2001 From: s-samadi Date: Fri, 18 Nov 2022 16:11:23 +1100 Subject: [PATCH 0125/2573] updated rules.csv for Statements1 package and refactored rule 16-2 into common folder --- .../cpp/exclusions/c/RuleMetadata.qll | 3 +++ .../NestedLabelInSwitch.expected | 4 +++- rules.csv | 13 +++++++------ 3 files changed, 13 insertions(+), 7 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index ad05d9b737..7adcb322a9 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -31,6 +31,7 @@ import Preprocessor4 import Preprocessor5 import SideEffects1 import SideEffects2 +import Statements1 import Strings1 import Strings2 import Strings3 @@ -67,6 +68,7 @@ newtype TCQuery = TPreprocessor5PackageQuery(Preprocessor5Query q) or TSideEffects1PackageQuery(SideEffects1Query q) or TSideEffects2PackageQuery(SideEffects2Query q) or + TStatements1PackageQuery(Statements1Query q) or TStrings1PackageQuery(Strings1Query q) or TStrings2PackageQuery(Strings2Query q) or TStrings3PackageQuery(Strings3Query q) or @@ -103,6 +105,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId) { isPreprocessor5QueryMetadata(query, queryId, ruleId) or isSideEffects1QueryMetadata(query, queryId, ruleId) or isSideEffects2QueryMetadata(query, queryId, ruleId) or + isStatements1QueryMetadata(query, queryId, ruleId) or isStrings1QueryMetadata(query, queryId, ruleId) or isStrings2QueryMetadata(query, queryId, ruleId) or isStrings3QueryMetadata(query, queryId, ruleId) or diff --git a/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.expected b/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.expected index 2ec1a0ac6c..79c75b75e3 100644 --- a/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.expected +++ b/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.expected @@ -1 +1,3 @@ -No expected results have yet been specified \ No newline at end of file +| test.cpp:9:5:9:11 | case ...: | The switch $@ does not appear at the outermost level of the compound statement forming the body of the $@ statement. | test.cpp:9:5:9:11 | case ...: | case ...: | test.cpp:6:3:17:3 | switch (...) ... | switch (...) ... | +| test.cpp:36:5:36:11 | case ...: | The switch $@ does not appear at the outermost level of the compound statement forming the body of the $@ statement. | test.cpp:36:5:36:11 | case ...: | case ...: | test.cpp:23:3:43:3 | switch (...) ... | switch (...) ... | +| test.cpp:76:5:76:11 | case ...: | The switch $@ does not appear at the outermost level of the compound statement forming the body of the $@ statement. | test.cpp:76:5:76:11 | case ...: | case ...: | test.cpp:73:3:79:3 | switch (...) ... | switch (...) ... | diff --git a/rules.csv b/rules.csv index ec8b29eaf9..d2f0450b32 100644 --- a/rules.csv +++ b/rules.csv @@ -511,7 +511,7 @@ c,CERT-C,ENV31-C,Yes,Rule,,,Do not rely on an environment pointer following an o c,CERT-C,ENV32-C,Yes,Rule,,,All exit handlers must return normally,,Contracts2,Medium, c,CERT-C,ENV33-C,Yes,Rule,,,Do not call system(),"RULE-21-21, M18-0-3",Banned,Easy, c,CERT-C,ENV34-C,Yes,Rule,,,Do not store pointers returned by certain functions,RULE-21-20,Contracts2,Medium, -c,CERT-C,ERR30-C,Yes,Rule,,,"Take care when reading errno",M19-3-1,Contracts4,Hard, +c,CERT-C,ERR30-C,Yes,Rule,,,Take care when reading errno,M19-3-1,Contracts4,Hard, c,CERT-C,ERR32-C,Yes,Rule,,,Do not rely on indeterminate values of errno,,Contracts,Hard, c,CERT-C,ERR33-C,Yes,Rule,,,Detect and handle standard library errors,MEM52-CPP,Contracts,Hard, c,CERT-C,ERR34-C,OutOfScope,Rule,,,Detect errors when converting a string to a number,,,, @@ -705,10 +705,10 @@ c,MISRA-C-2012,RULE-15-5,Yes,Advisory,,,A function should have a single point of c,MISRA-C-2012,RULE-15-6,Yes,Required,,,The body of an iteration-statement or a selection-statement shall be a compund-statement,M6-3-1,Statements,Import, c,MISRA-C-2012,RULE-15-7,Yes,Required,,,All if / else if constructs shall be terminated with an else statement,M6-4-2,Statements,Import, c,MISRA-C-2012,RULE-16-1,Yes,Required,,,All switch statements shall be well-formed,M6-4-3,Statements,Import, -c,MISRA-C-2012,RULE-16-2,Yes,Required,,,A switch label shall only be used when the most closely-enclosing compound statement is the body of a switch statement,M6-4-4,Statements,Import, -c,MISRA-C-2012,RULE-16-3,Yes,Required,,,An unconditional break statement shall terminate every switch-clause,M6-4-5,Statements,Import, -c,MISRA-C-2012,RULE-16-4,Yes,Required,,,Every switch statement shall have a default label,M6-4-6,Statements,Easy, -c,MISRA-C-2012,RULE-16-5,Yes,Required,,,A default label shall appear as either the first or the last switch label of a switch statement,M6-4-6,Statements,Easy, +c,MISRA-C-2012,RULE-16-2,Yes,Required,,,A switch label shall only be used when the most closely-enclosing compound statement is the body of a switch statement,M6-4-4,Statements1,Import, +c,MISRA-C-2012,RULE-16-3,Yes,Required,,,An unconditional break statement shall terminate every switch-clause,M6-4-5,Statements1,Import, +c,MISRA-C-2012,RULE-16-4,Yes,Required,,,Every switch statement shall have a default label,M6-4-6,Statements1,Easy, +c,MISRA-C-2012,RULE-16-5,Yes,Required,,,A default label shall appear as either the first or the last switch label of a switch statement,M6-4-6,Statements1,Easy, c,MISRA-C-2012,RULE-16-6,Yes,Required,,,Every switch statement shall have at least two switch-clauses,A6-4-1,Statements,Medium, c,MISRA-C-2012,RULE-16-7,Yes,Required,,,A switch-expression shall not have essentially Boolean type,M6-4-7,Statements,Medium, c,MISRA-C-2012,RULE-17-1,Yes,Required,,,The features of shall not be used,,Banned,Easy, @@ -762,7 +762,7 @@ c,MISRA-C-2012,RULE-21-16,Yes,Required,,,"The pointer arguments to the Standard c,MISRA-C-2012,RULE-21-17,Yes,Mandatory,,,Use of the string handling functions from shall not result in accesses beyond the bounds of the objects referenced by their pointer parameters,,Memory,Hard, c,MISRA-C-2012,RULE-21-18,Yes,Mandatory,,,The size_t argument passed to any function in shall have an appropriate value,,OutOfBounds,Hard, c,MISRA-C-2012,RULE-21-19,Yes,Mandatory,,,"The pointers returned by the Standard Library functions localeconv, getenv, setlocale or, strerror shall only be used as if they have pointer to const-qualified type",ENV30-C,Contracts2,Medium, -c,MISRA-C-2012,RULE-21-20,Yes,Mandatory,,,"The pointer returned by the Standard Library functions asctime, ctime, gmtime, localtime, localeconv, getenv, setlocale or strerror shall not be used following a subsequent call to the same function","ENV34-C",Contracts2,Import, +c,MISRA-C-2012,RULE-21-20,Yes,Mandatory,,,"The pointer returned by the Standard Library functions asctime, ctime, gmtime, localtime, localeconv, getenv, setlocale or strerror shall not be used following a subsequent call to the same function",ENV34-C,Contracts2,Import, c,MISRA-C-2012,RULE-21-21,Yes,Required,,,The Standard Library function system of shall not be used,ENV33-C,Banned,Import, c,MISRA-C-2012,RULE-22-1,Yes,Required,,,All resources obtained dynamically by means of Standard Library functions shall be explicitly released,,Memory,Hard, c,MISRA-C-2012,RULE-22-2,Yes,Mandatory,,,A block of memory shall only be freed if it was allocated by means of a Standard Library function,,Memory,Hard, @@ -774,3 +774,4 @@ c,MISRA-C-2012,RULE-22-7,Yes,Required,,,The macro EOF shall only be compared wit c,MISRA-C-2012,RULE-22-8,Yes,Required,,,The value of errno shall be set to zero prior to a call to an errno-setting-function,ERR30-C,Contracts3,Medium, c,MISRA-C-2012,RULE-22-9,Yes,Required,,,The value of errno shall be tested against zero after calling an errno-setting-function,,Contracts3,Medium, c,MISRA-C-2012,RULE-22-10,Yes,Required,,,The value of errno shall only be tested when the last function to be called was an errno-setting-function,,Contracts3,Medium, +,,,,,,,,,,0, \ No newline at end of file From bee4cffcd6bb2984717bfafe2802ff2948165fcf Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 18 Nov 2022 10:02:59 -0500 Subject: [PATCH 0126/2573] remove rule --- rule_packages/c/Language2.json | 25 ++----------------------- rules.csv | 2 +- 2 files changed, 3 insertions(+), 24 deletions(-) diff --git a/rule_packages/c/Language2.json b/rule_packages/c/Language2.json index be311f7552..2fc720b57d 100644 --- a/rule_packages/c/Language2.json +++ b/rule_packages/c/Language2.json @@ -41,35 +41,14 @@ } ], "title": "Language extensions should not be used" - }, - "RULE-1-3": { - "properties": { - "obligation": "required" - }, - "queries": [ - { - "description": "", - "kind": "problem", - "name": "There shall be no occurrence of undefined or critical unspecified behaviour", - "precision": "high", - "severity": "error", - "short_name": "CriticalUnspecifiedBehaviour", - "tags": [ - "maintainability", - "readability", - "correctness" - ] - } - ], - "title": "There shall be no occurrence of undefined or critical unspecified behaviour" - }, + }, "RULE-1-4": { "properties": { "obligation": "required" }, "queries": [ { - "description": "", + "description": "Emergent language features may have unpredictable behavior and should not be used.", "kind": "problem", "name": "Emergent language features shall not be used", "precision": "very-high", diff --git a/rules.csv b/rules.csv index 5066a86ff2..8031503680 100644 --- a/rules.csv +++ b/rules.csv @@ -618,7 +618,7 @@ c,MISRA-C-2012,DIR-4-13,Yes,Advisory,,,Functions which are designed to provide o c,MISRA-C-2012,DIR-4-14,Yes,Required,,,The validity of values received from external sources shall be checked,,Contracts,Hard, c,MISRA-C-2012,RULE-1-1,No,Required,,,"The program shall contain no violations of the standard C syntax and constraints, and shall not exceed the implementation's translation limits",,Language,Easy,"This should be checked via the compiler output, rather than CodeQL, which adds unnecessary steps." c,MISRA-C-2012,RULE-1-2,Yes,Advisory,,,Language extensions should not be used,,Language2,Hard, -c,MISRA-C-2012,RULE-1-3,Yes,Required,,,There shall be no occurrence of undefined or critical unspecified behaviour,,Language2,Hard, +c,MISRA-C-2012,RULE-1-3,Yes,Required,,,There shall be no occurrence of undefined or critical unspecified behaviour,,Language3,Hard, c,MISRA-C-2012,RULE-1-4,Yes,Required,,,Emergent language features shall not be used,,Language2,Medium, c,MISRA-C-2012,RULE-2-1,Yes,Required,,,A project shall not contain unreachable code,M0-1-1,DeadCode,Import, c,MISRA-C-2012,RULE-2-2,Yes,Required,,,There shall be no dead code,M0-1-9,DeadCode,Import, From 38439e3ba821b479b1ab15683bb1cbeca8a6c26a Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 18 Nov 2022 10:44:06 -0500 Subject: [PATCH 0127/2573] adding 1-4 --- .../RULE-1-4/EmergentLanguageFeaturesUsed.ql | 20 +++++++++++++++++++ .../EmergentLanguageFeaturesUsed.expected | 1 + .../EmergentLanguageFeaturesUsed.qlref | 1 + .../cpp/exclusions/c/Language2.qll | 16 --------------- 4 files changed, 22 insertions(+), 16 deletions(-) create mode 100644 c/misra/src/rules/RULE-1-4/EmergentLanguageFeaturesUsed.ql create mode 100644 c/misra/test/rules/RULE-1-4/EmergentLanguageFeaturesUsed.expected create mode 100644 c/misra/test/rules/RULE-1-4/EmergentLanguageFeaturesUsed.qlref diff --git a/c/misra/src/rules/RULE-1-4/EmergentLanguageFeaturesUsed.ql b/c/misra/src/rules/RULE-1-4/EmergentLanguageFeaturesUsed.ql new file mode 100644 index 0000000000..462523de50 --- /dev/null +++ b/c/misra/src/rules/RULE-1-4/EmergentLanguageFeaturesUsed.ql @@ -0,0 +1,20 @@ +/** + * @id c/misra/emergent-language-features-used + * @name RULE-1-4: Emergent language features shall not be used + * @description Emergent language features may have unpredictable behavior and should not be used. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-1-4 + * maintainability + * readability + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +from +where + not isExcluded(x, Language2Package::emergentLanguageFeaturesUsedQuery()) and +select diff --git a/c/misra/test/rules/RULE-1-4/EmergentLanguageFeaturesUsed.expected b/c/misra/test/rules/RULE-1-4/EmergentLanguageFeaturesUsed.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/RULE-1-4/EmergentLanguageFeaturesUsed.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-1-4/EmergentLanguageFeaturesUsed.qlref b/c/misra/test/rules/RULE-1-4/EmergentLanguageFeaturesUsed.qlref new file mode 100644 index 0000000000..6e3737f029 --- /dev/null +++ b/c/misra/test/rules/RULE-1-4/EmergentLanguageFeaturesUsed.qlref @@ -0,0 +1 @@ +rules/RULE-1-4/EmergentLanguageFeaturesUsed.ql \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Language2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Language2.qll index d471d09efd..9d270d34be 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Language2.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Language2.qll @@ -6,7 +6,6 @@ import codingstandards.cpp.exclusions.RuleMetadata newtype Language2Query = TUsageOfAssemblyLanguageShouldBeDocumentedQuery() or TLanguageExtensionsShouldNotBeUsedQuery() or - TCriticalUnspecifiedBehaviourQuery() or TEmergentLanguageFeaturesUsedQuery() predicate isLanguage2QueryMetadata(Query query, string queryId, string ruleId) { @@ -26,14 +25,6 @@ predicate isLanguage2QueryMetadata(Query query, string queryId, string ruleId) { "c/misra/language-extensions-should-not-be-used" and ruleId = "RULE-1-2" or - query = - // `Query` instance for the `criticalUnspecifiedBehaviour` query - Language2Package::criticalUnspecifiedBehaviourQuery() and - queryId = - // `@id` for the `criticalUnspecifiedBehaviour` query - "c/misra/critical-unspecified-behaviour" and - ruleId = "RULE-1-3" - or query = // `Query` instance for the `emergentLanguageFeaturesUsed` query Language2Package::emergentLanguageFeaturesUsedQuery() and @@ -58,13 +49,6 @@ module Language2Package { TQueryC(TLanguage2PackageQuery(TLanguageExtensionsShouldNotBeUsedQuery())) } - Query criticalUnspecifiedBehaviourQuery() { - //autogenerate `Query` type - result = - // `Query` type for `criticalUnspecifiedBehaviour` query - TQueryC(TLanguage2PackageQuery(TCriticalUnspecifiedBehaviourQuery())) - } - Query emergentLanguageFeaturesUsedQuery() { //autogenerate `Query` type result = From aa6742eb0f0c3c8103e2443e5d162ee35b453bb0 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Fri, 18 Nov 2022 12:45:09 -0500 Subject: [PATCH 0128/2573] Declarations4: change RULE-8-6 to share with M3-2-4 --- ...ternalLinkageOneDefinitionShared.expected} | 0 ...rWithExternalLinkageOneDefinitionShared.ql | 2 + .../test.c | 0 .../test1.c | 0 ...ntifierWithExternalLinkageOneDefinition.ql | 30 ++++----------- ...fierWithExternalLinkageOneDefinition.qlref | 1 - ...erWithExternalLinkageOneDefinition.testref | 1 + ...thExternalLinkageShallHaveOneDefinition.ql | 30 +++------------ ...xternalLinkageShallHaveOneDefinition.qlref | 1 - ...ernalLinkageShallHaveOneDefinition.testref | 1 + ...WithExternalLinkageOneDefinitionShared.qll | 37 +++++++++++++++++++ ...ternalLinkageOneDefinitionShared.expected} | 0 ...rWithExternalLinkageOneDefinitionShared.ql | 2 + .../test.cpp | 0 .../test1.cpp | 0 .../test2.cpp | 0 rule_packages/c/Declarations4.json | 3 +- rule_packages/cpp/Scope.json | 1 + 18 files changed, 59 insertions(+), 50 deletions(-) rename c/{misra/test/rules/RULE-8-6/IdentifierWithExternalLinkageOneDefinition.expected => common/test/rules/identifierwithexternallinkageonedefinitionshared/IdentifierWithExternalLinkageOneDefinitionShared.expected} (100%) create mode 100644 c/common/test/rules/identifierwithexternallinkageonedefinitionshared/IdentifierWithExternalLinkageOneDefinitionShared.ql rename c/{misra/test/rules/RULE-8-6 => common/test/rules/identifierwithexternallinkageonedefinitionshared}/test.c (100%) rename c/{misra/test/rules/RULE-8-6 => common/test/rules/identifierwithexternallinkageonedefinitionshared}/test1.c (100%) delete mode 100644 c/misra/test/rules/RULE-8-6/IdentifierWithExternalLinkageOneDefinition.qlref create mode 100644 c/misra/test/rules/RULE-8-6/IdentifierWithExternalLinkageOneDefinition.testref delete mode 100644 cpp/autosar/test/rules/M3-2-4/IdentifierWithExternalLinkageShallHaveOneDefinition.qlref create mode 100644 cpp/autosar/test/rules/M3-2-4/IdentifierWithExternalLinkageShallHaveOneDefinition.testref create mode 100644 cpp/common/src/codingstandards/cpp/rules/identifierwithexternallinkageonedefinitionshared/IdentifierWithExternalLinkageOneDefinitionShared.qll rename cpp/{autosar/test/rules/M3-2-4/IdentifierWithExternalLinkageShallHaveOneDefinition.expected => common/test/rules/identifierwithexternallinkageonedefinitionshared/IdentifierWithExternalLinkageOneDefinitionShared.expected} (100%) create mode 100644 cpp/common/test/rules/identifierwithexternallinkageonedefinitionshared/IdentifierWithExternalLinkageOneDefinitionShared.ql rename cpp/{autosar/test/rules/M3-2-4 => common/test/rules/identifierwithexternallinkageonedefinitionshared}/test.cpp (100%) rename cpp/{autosar/test/rules/M3-2-4 => common/test/rules/identifierwithexternallinkageonedefinitionshared}/test1.cpp (100%) rename cpp/{autosar/test/rules/M3-2-4 => common/test/rules/identifierwithexternallinkageonedefinitionshared}/test2.cpp (100%) diff --git a/c/misra/test/rules/RULE-8-6/IdentifierWithExternalLinkageOneDefinition.expected b/c/common/test/rules/identifierwithexternallinkageonedefinitionshared/IdentifierWithExternalLinkageOneDefinitionShared.expected similarity index 100% rename from c/misra/test/rules/RULE-8-6/IdentifierWithExternalLinkageOneDefinition.expected rename to c/common/test/rules/identifierwithexternallinkageonedefinitionshared/IdentifierWithExternalLinkageOneDefinitionShared.expected diff --git a/c/common/test/rules/identifierwithexternallinkageonedefinitionshared/IdentifierWithExternalLinkageOneDefinitionShared.ql b/c/common/test/rules/identifierwithexternallinkageonedefinitionshared/IdentifierWithExternalLinkageOneDefinitionShared.ql new file mode 100644 index 0000000000..0d540a0fb1 --- /dev/null +++ b/c/common/test/rules/identifierwithexternallinkageonedefinitionshared/IdentifierWithExternalLinkageOneDefinitionShared.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.identifierwithexternallinkageonedefinitionshared.IdentifierWithExternalLinkageOneDefinitionShared diff --git a/c/misra/test/rules/RULE-8-6/test.c b/c/common/test/rules/identifierwithexternallinkageonedefinitionshared/test.c similarity index 100% rename from c/misra/test/rules/RULE-8-6/test.c rename to c/common/test/rules/identifierwithexternallinkageonedefinitionshared/test.c diff --git a/c/misra/test/rules/RULE-8-6/test1.c b/c/common/test/rules/identifierwithexternallinkageonedefinitionshared/test1.c similarity index 100% rename from c/misra/test/rules/RULE-8-6/test1.c rename to c/common/test/rules/identifierwithexternallinkageonedefinitionshared/test1.c diff --git a/c/misra/src/rules/RULE-8-6/IdentifierWithExternalLinkageOneDefinition.ql b/c/misra/src/rules/RULE-8-6/IdentifierWithExternalLinkageOneDefinition.ql index 7cc3846687..2eb5028dba 100644 --- a/c/misra/src/rules/RULE-8-6/IdentifierWithExternalLinkageOneDefinition.ql +++ b/c/misra/src/rules/RULE-8-6/IdentifierWithExternalLinkageOneDefinition.ql @@ -1,6 +1,6 @@ /** * @id c/misra/identifier-with-external-linkage-one-definition - * @name RULE-8-6: An identifier with external linkage shall have exactly one external definition + * @name RULE-8-6: An identifier with external linkage shall have exactly one definition * @description An identifier with multiple definitions in different translation units leads to * undefined behavior. * @kind problem @@ -13,26 +13,10 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.Identifiers +import codingstandards.cpp.rules.identifierwithexternallinkageonedefinitionshared.IdentifierWithExternalLinkageOneDefinitionShared -from ExternalIdentifiers d, DeclarationEntry de1, DeclarationEntry de2 -where - not isExcluded(d, Declarations4Package::identifierWithExternalLinkageOneDefinitionQuery()) and - not isExcluded([de1, de2], Declarations4Package::identifierWithExternalLinkageOneDefinitionQuery()) and - d.isTopLevel() and - d = de1.getDeclaration() and - d = de2.getDeclaration() and - de1 != de2 and - de1.isDefinition() and - de2.isDefinition() and - //exceptions - (d instanceof Function implies not d.(Function).isInline()) and - // Apply an ordering based on location to enforce that (de1, de2) = (de2, de1) and we only report (de1, de2). - ( - de1.getFile().getAbsolutePath() < de2.getFile().getAbsolutePath() - or - de1.getFile().getAbsolutePath() = de2.getFile().getAbsolutePath() and - de1.getLocation().getStartLine() < de2.getLocation().getStartLine() - ) -select de1, "The identifier " + de1.getName() + " has external linkage and is redefined $@.", de2, - "here" +class IdentifierWithExternalLinkageShallHaveOneDefinitionQuery extends IdentifierWithExternalLinkageOneDefinitionSharedSharedQuery { + IdentifierWithExternalLinkageShallHaveOneDefinitionQuery() { + this = Declarations4Package::identifierWithExternalLinkageOneDefinitionQuery() + } +} diff --git a/c/misra/test/rules/RULE-8-6/IdentifierWithExternalLinkageOneDefinition.qlref b/c/misra/test/rules/RULE-8-6/IdentifierWithExternalLinkageOneDefinition.qlref deleted file mode 100644 index aa86a9534d..0000000000 --- a/c/misra/test/rules/RULE-8-6/IdentifierWithExternalLinkageOneDefinition.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-8-6/IdentifierWithExternalLinkageOneDefinition.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-6/IdentifierWithExternalLinkageOneDefinition.testref b/c/misra/test/rules/RULE-8-6/IdentifierWithExternalLinkageOneDefinition.testref new file mode 100644 index 0000000000..4ab2802c0d --- /dev/null +++ b/c/misra/test/rules/RULE-8-6/IdentifierWithExternalLinkageOneDefinition.testref @@ -0,0 +1 @@ +c/common/test/rules/identifierwithexternallinkageonedefinitionshared/IdentifierWithExternalLinkageOneDefinitionShared.ql \ No newline at end of file diff --git a/cpp/autosar/src/rules/M3-2-4/IdentifierWithExternalLinkageShallHaveOneDefinition.ql b/cpp/autosar/src/rules/M3-2-4/IdentifierWithExternalLinkageShallHaveOneDefinition.ql index 150547078c..b7ace226a0 100644 --- a/cpp/autosar/src/rules/M3-2-4/IdentifierWithExternalLinkageShallHaveOneDefinition.ql +++ b/cpp/autosar/src/rules/M3-2-4/IdentifierWithExternalLinkageShallHaveOneDefinition.ql @@ -15,28 +15,10 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.Linkage +import codingstandards.cpp.rules.identifierwithexternallinkageonedefinitionshared.IdentifierWithExternalLinkageOneDefinitionShared -from Declaration d, DeclarationEntry de1, DeclarationEntry de2 -where - not isExcluded(d) and - not isExcluded([de1, de2]) and - hasExternalLinkage(d) and - d.isTopLevel() and - d = de1.getDeclaration() and - d = de2.getDeclaration() and - de1 != de2 and - de1.isDefinition() and - de2.isDefinition() and - // exceptions - not d instanceof TemplateClass and - (d instanceof Function implies not d.(Function).isInline()) and - // Apply an ordering based on location to enforce that (de1, de2) = (de2, de1) and we only report (de1, de2). - ( - de1.getFile().getAbsolutePath() < de2.getFile().getAbsolutePath() - or - de1.getFile().getAbsolutePath() = de2.getFile().getAbsolutePath() and - de1.getLocation().getStartLine() < de2.getLocation().getStartLine() - ) -select de1, "The identifier " + de1.getName() + " has external linkage and is redefined $@.", de2, - "here" +class IdentifierWithExternalLinkageOneDefinitionQuery extends IdentifierWithExternalLinkageOneDefinitionSharedSharedQuery { + IdentifierWithExternalLinkageOneDefinitionQuery() { + this = ScopePackage::identifierWithExternalLinkageShallHaveOneDefinitionQuery() + } +} diff --git a/cpp/autosar/test/rules/M3-2-4/IdentifierWithExternalLinkageShallHaveOneDefinition.qlref b/cpp/autosar/test/rules/M3-2-4/IdentifierWithExternalLinkageShallHaveOneDefinition.qlref deleted file mode 100644 index b202c8c8b4..0000000000 --- a/cpp/autosar/test/rules/M3-2-4/IdentifierWithExternalLinkageShallHaveOneDefinition.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M3-2-4/IdentifierWithExternalLinkageShallHaveOneDefinition.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M3-2-4/IdentifierWithExternalLinkageShallHaveOneDefinition.testref b/cpp/autosar/test/rules/M3-2-4/IdentifierWithExternalLinkageShallHaveOneDefinition.testref new file mode 100644 index 0000000000..6695553885 --- /dev/null +++ b/cpp/autosar/test/rules/M3-2-4/IdentifierWithExternalLinkageShallHaveOneDefinition.testref @@ -0,0 +1 @@ +cpp/common/test/rules/identifierwithexternallinkageonedefinitionshared/IdentifierWithExternalLinkageOneDefinitionShared.ql \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/rules/identifierwithexternallinkageonedefinitionshared/IdentifierWithExternalLinkageOneDefinitionShared.qll b/cpp/common/src/codingstandards/cpp/rules/identifierwithexternallinkageonedefinitionshared/IdentifierWithExternalLinkageOneDefinitionShared.qll new file mode 100644 index 0000000000..17808841eb --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/identifierwithexternallinkageonedefinitionshared/IdentifierWithExternalLinkageOneDefinitionShared.qll @@ -0,0 +1,37 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import codingstandards.cpp.Linkage + +abstract class IdentifierWithExternalLinkageOneDefinitionSharedSharedQuery extends Query { } + +Query getQuery() { result instanceof IdentifierWithExternalLinkageOneDefinitionSharedSharedQuery } + +query predicate problems(DeclarationEntry de1, string message, DeclarationEntry de2, string de2Str) { + exists(Declaration d | + not isExcluded(de1, getQuery()) and + hasExternalLinkage(d) and + d.isTopLevel() and + d = de1.getDeclaration() and + d = de2.getDeclaration() and + de1 != de2 and + de1.isDefinition() and + de2.isDefinition() and + // exceptions + not d instanceof TemplateClass and + (d instanceof Function implies not d.(Function).isInline()) and + // Apply an ordering based on location to enforce that (de1, de2) = (de2, de1) and we only report (de1, de2). + ( + de1.getFile().getAbsolutePath() < de2.getFile().getAbsolutePath() + or + de1.getFile().getAbsolutePath() = de2.getFile().getAbsolutePath() and + de1.getLocation().getStartLine() < de2.getLocation().getStartLine() + ) and + message = "The identifier " + de1.getName() + " has external linkage and is redefined $@." and + de2Str = "here" + ) +} diff --git a/cpp/autosar/test/rules/M3-2-4/IdentifierWithExternalLinkageShallHaveOneDefinition.expected b/cpp/common/test/rules/identifierwithexternallinkageonedefinitionshared/IdentifierWithExternalLinkageOneDefinitionShared.expected similarity index 100% rename from cpp/autosar/test/rules/M3-2-4/IdentifierWithExternalLinkageShallHaveOneDefinition.expected rename to cpp/common/test/rules/identifierwithexternallinkageonedefinitionshared/IdentifierWithExternalLinkageOneDefinitionShared.expected diff --git a/cpp/common/test/rules/identifierwithexternallinkageonedefinitionshared/IdentifierWithExternalLinkageOneDefinitionShared.ql b/cpp/common/test/rules/identifierwithexternallinkageonedefinitionshared/IdentifierWithExternalLinkageOneDefinitionShared.ql new file mode 100644 index 0000000000..0d540a0fb1 --- /dev/null +++ b/cpp/common/test/rules/identifierwithexternallinkageonedefinitionshared/IdentifierWithExternalLinkageOneDefinitionShared.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.identifierwithexternallinkageonedefinitionshared.IdentifierWithExternalLinkageOneDefinitionShared diff --git a/cpp/autosar/test/rules/M3-2-4/test.cpp b/cpp/common/test/rules/identifierwithexternallinkageonedefinitionshared/test.cpp similarity index 100% rename from cpp/autosar/test/rules/M3-2-4/test.cpp rename to cpp/common/test/rules/identifierwithexternallinkageonedefinitionshared/test.cpp diff --git a/cpp/autosar/test/rules/M3-2-4/test1.cpp b/cpp/common/test/rules/identifierwithexternallinkageonedefinitionshared/test1.cpp similarity index 100% rename from cpp/autosar/test/rules/M3-2-4/test1.cpp rename to cpp/common/test/rules/identifierwithexternallinkageonedefinitionshared/test1.cpp diff --git a/cpp/autosar/test/rules/M3-2-4/test2.cpp b/cpp/common/test/rules/identifierwithexternallinkageonedefinitionshared/test2.cpp similarity index 100% rename from cpp/autosar/test/rules/M3-2-4/test2.cpp rename to cpp/common/test/rules/identifierwithexternallinkageonedefinitionshared/test2.cpp diff --git a/rule_packages/c/Declarations4.json b/rule_packages/c/Declarations4.json index 7b7a546d9a..bfd0b18328 100644 --- a/rule_packages/c/Declarations4.json +++ b/rule_packages/c/Declarations4.json @@ -103,10 +103,11 @@ { "description": "An identifier with multiple definitions in different translation units leads to undefined behavior.", "kind": "problem", - "name": "An identifier with external linkage shall have exactly one external definition", + "name": "An identifier with external linkage shall have exactly one definition", "precision": "high", "severity": "error", "short_name": "IdentifierWithExternalLinkageOneDefinition", + "shared_implementation_short_name": "IdentifierWithExternalLinkageOneDefinitionShared", "tags": [ "correctness" ] diff --git a/rule_packages/cpp/Scope.json b/rule_packages/cpp/Scope.json index c169badcbe..6db01eba25 100644 --- a/rule_packages/cpp/Scope.json +++ b/rule_packages/cpp/Scope.json @@ -156,6 +156,7 @@ "precision": "high", "severity": "error", "short_name": "IdentifierWithExternalLinkageShallHaveOneDefinition", + "shared_implementation_short_name": "IdentifierWithExternalLinkageOneDefinitionShared", "tags": [ "correctness" ] From 6309dbcfe18693f55b0be52e379e9a2660e73308 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Fri, 18 Nov 2022 13:09:57 -0500 Subject: [PATCH 0129/2573] Declarations4: address review comments --- .../src/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.ql | 5 +++-- .../RULE-8-4/CompatibleDeclarationFunctionDefined.expected | 4 ++-- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/c/misra/src/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.ql b/c/misra/src/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.ql index 2abeaa2f04..62aade0c0c 100644 --- a/c/misra/src/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.ql +++ b/c/misra/src/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.ql @@ -47,11 +47,12 @@ where hasZeroParamDecl(f) and msg = "Function " + f + " does not specifiy void for no parameters present." or + //parameters declared in declaration list (not in function signature) + //have placeholder file location associated only exists(Parameter p | p.getFunction() = f and not p.getFile() = f.getFile() and msg = "Function " + f + " declares parameter in unsupported declaration list." ) - ) and - not f.isInMacroExpansion() + ) select f, msg diff --git a/c/misra/test/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.expected b/c/misra/test/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.expected index 6671f904c2..9153fafa97 100644 --- a/c/misra/test/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.expected +++ b/c/misra/test/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.expected @@ -1,2 +1,2 @@ -| function2.c:5:6:5:7 | definition of f3 | | -| function2.c:7:6:7:7 | definition of f4 | | +| function2.c:5:6:5:7 | definition of f3 | No separate compatible declaration found for this definition. | +| function2.c:7:6:7:7 | definition of f4 | No separate compatible declaration found for this definition. | From 3d14f979efa6679183e0a997d01a9f3eb7e59fc7 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 18 Nov 2022 17:31:46 -0500 Subject: [PATCH 0130/2573] emergent --- .../RULE-1-4/EmergentLanguageFeaturesUsed.ql | 9 ++-- .../EmergentLanguageFeaturesUsed.expected | 16 +++++- c/misra/test/rules/RULE-1-4/test.c | 4 +- c/misra/test/rules/RULE-1-4/test1.c | 1 - .../src/codingstandards/cpp/Emergent.qll | 49 +++++++++++++++++++ 5 files changed, 71 insertions(+), 8 deletions(-) delete mode 100644 c/misra/test/rules/RULE-1-4/test1.c create mode 100644 cpp/common/src/codingstandards/cpp/Emergent.qll diff --git a/c/misra/src/rules/RULE-1-4/EmergentLanguageFeaturesUsed.ql b/c/misra/src/rules/RULE-1-4/EmergentLanguageFeaturesUsed.ql index 462523de50..e9a5591f61 100644 --- a/c/misra/src/rules/RULE-1-4/EmergentLanguageFeaturesUsed.ql +++ b/c/misra/src/rules/RULE-1-4/EmergentLanguageFeaturesUsed.ql @@ -13,8 +13,9 @@ import cpp import codingstandards.c.misra +import codingstandards.cpp.Emergent + +from C11::EmergentLanguageFeature ef +where not isExcluded(ef, Language2Package::emergentLanguageFeaturesUsedQuery()) +select ef, "Usage of emergent language feature." -from -where - not isExcluded(x, Language2Package::emergentLanguageFeaturesUsedQuery()) and -select diff --git a/c/misra/test/rules/RULE-1-4/EmergentLanguageFeaturesUsed.expected b/c/misra/test/rules/RULE-1-4/EmergentLanguageFeaturesUsed.expected index 2ec1a0ac6c..2745223358 100644 --- a/c/misra/test/rules/RULE-1-4/EmergentLanguageFeaturesUsed.expected +++ b/c/misra/test/rules/RULE-1-4/EmergentLanguageFeaturesUsed.expected @@ -1 +1,15 @@ -No expected results have yet been specified \ No newline at end of file +| test.c:1:1:1:21 | #include | Usage of emergent language feature. | +| test.c:2:1:2:22 | #include | Usage of emergent language feature. | +| test.c:3:1:3:24 | #include | Usage of emergent language feature. | +| test.c:4:1:4:20 | #include | Usage of emergent language feature. | +| test.c:6:1:6:49 | #define MACRO(x) _Generic((x), int : 0, long : 1) | Usage of emergent language feature. | +| test.c:7:1:7:32 | #define __STDC_WANT_LIB_EXT1__ 1 | Usage of emergent language feature. | +| test.c:9:16:9:17 | f0 | Usage of emergent language feature. | +| test.c:12:26:12:40 | atomic_new_type | Usage of emergent language feature. | +| test.c:17:15:17:15 | i | Usage of emergent language feature. | +| test.c:19:3:19:10 | alignas(...) | Usage of emergent language feature. | +| test.c:20:3:20:9 | alignas(...) | Usage of emergent language feature. | +| test.c:21:11:21:23 | alignof(int) | Usage of emergent language feature. | +| test.c:22:12:22:23 | alignof(int) | Usage of emergent language feature. | +| test.c:24:27:24:28 | i3 | Usage of emergent language feature. | +| test.c:25:28:25:29 | i4 | Usage of emergent language feature. | diff --git a/c/misra/test/rules/RULE-1-4/test.c b/c/misra/test/rules/RULE-1-4/test.c index 126801f9e8..7b31e6a555 100644 --- a/c/misra/test/rules/RULE-1-4/test.c +++ b/c/misra/test/rules/RULE-1-4/test.c @@ -4,7 +4,7 @@ #include //NON_COMPLIANT #define MACRO(x) _Generic((x), int : 0, long : 1) // NON_COMPLIANT -#define __STDC_WANT_LIB_EXT1__ 0 // COMPLIANT +#define __STDC_WANT_LIB_EXT1__ 1 // NON_COMPLIANT _Noreturn void f0(); // NON_COMPLIANT @@ -12,7 +12,7 @@ typedef int new_type; // COMPLIANT typedef _Atomic new_type atomic_new_type; // NON_COMPLIANT void f(int p) { - int i0 = _Generic(p, int : 0, long : 1); // NON_COMPLIANT + // int i0 = _Generic(p, int : 0, long : 1); // NON_COMPLIANT[FALSE_NEGATIVE] _Atomic int i; // NON_COMPLIANT diff --git a/c/misra/test/rules/RULE-1-4/test1.c b/c/misra/test/rules/RULE-1-4/test1.c deleted file mode 100644 index bb3f3cfe9b..0000000000 --- a/c/misra/test/rules/RULE-1-4/test1.c +++ /dev/null @@ -1 +0,0 @@ -#define __STDC_WANT_LIB_EXT1__ 1 // NON_COMPLIANT \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/Emergent.qll b/cpp/common/src/codingstandards/cpp/Emergent.qll new file mode 100644 index 0000000000..53f7e5599b --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/Emergent.qll @@ -0,0 +1,49 @@ +import cpp + +/** + * Namespace for containing emergent language features in C11. + */ +module C11 { + abstract class EmergentLanguageFeature extends Element { } + + class AlignAsAttribute extends EmergentLanguageFeature, Attribute { + AlignAsAttribute() { getName() = "_Alignas" } + } + + class AtomicVariableSpecifier extends EmergentLanguageFeature, Variable { + AtomicVariableSpecifier() { + getType().(DerivedType).getBaseType*().getASpecifier().getName() = "atomic" + } + } + + class AtomicDeclaration extends EmergentLanguageFeature, Declaration { + AtomicDeclaration() { getASpecifier().getName() = "atomic" } + } + + class ThreadLocalDeclaration extends EmergentLanguageFeature, Declaration { + ThreadLocalDeclaration() { getASpecifier().getName() = "is_thread_local" } + } + + class EmergentHeader extends EmergentLanguageFeature, Include { + EmergentHeader() { + getIncludedFile().getBaseName() = ["stdalign.h", "stdatomic.h", "stdnoreturn.h", "threads.h"] + } + } + + class LibExt1Macro extends EmergentLanguageFeature, Macro { + LibExt1Macro() { + getName() = "__STDC_WANT_LIB_EXT1__" and + getBody() = "1" + } + } + + class GenericMacro extends EmergentLanguageFeature, Macro { + GenericMacro() { getBody().indexOf("_Generic") = 0 } + } + + class NoReturnSpecificer extends EmergentLanguageFeature, Function { + NoReturnSpecificer() { getASpecifier().getName() = "noreturn" } + } + + class AlignOf extends EmergentLanguageFeature, AlignofTypeOperator { } + } \ No newline at end of file From 0c6aecf9fd2af61a58b87b0937949adc5810826b Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 18 Nov 2022 17:33:32 -0500 Subject: [PATCH 0131/2573] work --- .../LanguageExtensionsShouldNotBeUsed.ql | 21 - ...LanguageExtensionsShouldNotBeUsed.expected | 1 - .../LanguageExtensionsShouldNotBeUsed.qlref | 1 - c/misra/test/rules/RULE-1-2/test.c | 365 ------------------ rule_packages/c/Language2.json | 21 - rules.csv | 2 +- 6 files changed, 1 insertion(+), 410 deletions(-) delete mode 100644 c/misra/src/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql delete mode 100644 c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.expected delete mode 100644 c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.qlref delete mode 100644 c/misra/test/rules/RULE-1-2/test.c diff --git a/c/misra/src/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql b/c/misra/src/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql deleted file mode 100644 index 8da2c09947..0000000000 --- a/c/misra/src/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql +++ /dev/null @@ -1,21 +0,0 @@ -/** - * @id c/misra/language-extensions-should-not-be-used - * @name RULE-1-2: Language extensions should not be used - * @description Language extensions can have inconsistent behavior and should not be used. - * @kind problem - * @precision high - * @problem.severity error - * @tags external/misra/id/rule-1-2 - * maintainability - * readability - * correctness - * external/misra/obligation/advisory - */ - -import cpp -import codingstandards.c.misra - -from -where - not isExcluded(x, Language2Package::languageExtensionsShouldNotBeUsedQuery()) and -select diff --git a/c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.expected b/c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.expected deleted file mode 100644 index 2ec1a0ac6c..0000000000 --- a/c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.expected +++ /dev/null @@ -1 +0,0 @@ -No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.qlref b/c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.qlref deleted file mode 100644 index 965c95be2c..0000000000 --- a/c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-1-2/test.c b/c/misra/test/rules/RULE-1-2/test.c deleted file mode 100644 index f71fb1ac4f..0000000000 --- a/c/misra/test/rules/RULE-1-2/test.c +++ /dev/null @@ -1,365 +0,0 @@ -// semmle-extractor-options:--clang -fhonor-infinity -std=c11 --edg --diag_error=implicit_func_decl -nostdinc -I../../../../common/test/includes/standard-library - -// do it on a translation unit -- flag first line - -#include -#include -// Note: Clang aims to support both clang and gcc extensions. -// This test case has been designed using lists compiled from: -// - https://clang.llvm.org/docs/LanguageExtensions.html -// - https://gcc.gnu.org/onlinedocs/gcc/C-Extensions.html - -#ifdef __has_builtin // NON_COMPLIANT -#endif -#ifdef __has_constexpr_builtin // NON_COMPLIANT -#endif -#ifdef __has_feature // NON_COMPLIANT -#endif -#ifdef __has_extension // NON_COMPLIANT -#endif -#ifdef __has_c_attribute // NON_COMPLIANT -#endif -#ifdef __has_attribute // NON_COMPLIANT -#endif -#ifdef __has_declspec_attribute // NON_COMPLIANT -#endif -#ifdef __is_identifier // NON_COMPLIANT -#endif -#ifdef __has_include // NON_COMPLIANT -#endif -#ifdef __has_include_next // NON_COMPLIANT -#endif -#ifdef __has_warning // NON_COMPLIANT -#endif - -#define A __BASE_FILE__ // NON_COMPLIANT -#define B __FILE_NAME__ // NON_COMPLIANT -#define C __COUNTER__ // NON_COMPLIANT -#define D __INCLUDE_LEVEL__ // NON_COMPLIANT -#define E__TIMESTAMP__ // NON_COMPLIANT -#define F __clang__ // NON_COMPLIANT -#define G __clang_major__ // NON_COMPLIANT -#define H __clang_minor__ // NON_COMPLIANT -#define I __clang_patchlevel__ // NON_COMPLIANT -#define J __clang_version__ // NON_COMPLIANT -#define K __clang_literal_encoding__ // NON_COMPLIANT -#define L __clang_wide_literal_encoding__ // NON_COMPLIANT - -typedef float float4 __attribute__((ext_vector_type(4))); // NON_COMPLIANT -typedef float float2 __attribute__((ext_vector_type(2))); // NON_COMPLIANT - -// Requires additional compiler flags to change the architecture -// typedef __attribute__((neon_vector_type(8))) int8_t int8x8_t; -// typedef __attribute__((neon_polyvector_type(16))) poly8_t poly8x16_t; - -typedef int int4 __attribute__((vector_size(4 * sizeof(int)))); // NON_COMPLIANT - -typedef int v4si __attribute__((__vector_size__(16))); // NON_COMPLIANT -typedef float float4 __attribute__((ext_vector_type(4))); // NON_COMPLIANT -typedef float float2 __attribute__((ext_vector_type(2))); // NON_COMPLIANT - -//// GCC features -void gf1() { - ({ - int y = 1; - int z; // NON_COMPLIANT - if (y > 0) - z = y; - else - z = -y; - z; - }); -} - -void gf2() { - // __label__ found; -- local labels not supported by clang -} - -void gf3() { - void *ptr; - // goto *ptr; -- not supported in clang -} - -void gf4() { - // void gf4a(){ -- not supported in clang - // - // } -} - -void gf5() { - __builtin_setjmp(0); // NON_COMPLIANT - __builtin_longjmp(0, 1); // NON_COMPLIANT -} - -void gf6() { - // not supported by clang - - //__builtin_apply_args(); - //__builtin_apply(0, 0, 0); - //__builtin_return(0); - //__builtin_va_arg_pack(); - //__builtin_va_arg_pack_len(); -} - -void gf7() { - int a = 0 ?: 0; // NON_COMPLIANT -} - -void gf8() { - typeof(int *); // NON_COMPLIANT -} - -void gf9() { - __int128 a; // NON_COMPLIANT -} - -void gf10() { - long long int a; // NON_COMPLIANT -} - -void gf11() { - __real__(0); // NON_COMPLIANT - __imag__(0); // NON_COMPLIANT -} - -void gf12() {} - -void gf13() { - // not supported on clang - - //_Decimal32 a; - //_Decimal64 b; - //_Decimal128 c; -} - -void gf14() { - // Not sure how to get this to work. - // typedef _Complex float __attribute__((mode(TC))) _Complex128; - // typedef _Complex float __attribute__((mode(XC))) _Complex80; -} - -void gf15() { - float f = 0x1.fp3; // NON_COMPLIANT -} - -void gf16() { - char contents[0]; // NON_COMPLIANT -} - -void gf17() { - // const __flash char ** p; // not supported in clang -} - -void gf18() { - // not supported by extractor - checked by looking for flags. - - // short _Fract, _Fract; - // long _Fract; -} - -struct gf19 {}; // NON_COMPLIANT - -void gf20(int n) { - // struct S { int x[n]; }; // will never be supported in clang -} - -#define gf21(format, args...) \ - printf(format, args) // NON_COMPLIANT -- note the issue here is explicitly - // naming the arguments. -#define gf21a(format, ...) printf(format, __VA_ARGS__) // COMPLIANT - -#define gf22 \ - "a" \ - \ -"b" // NON_COMPLIANT - additional spaces after a backslash -#define gf22a \ - "a" \ - "b" // COMPLIANT - -struct gf23s { - int a[1]; -}; -struct gf23s gf23f(); -void gf23() { - gf23f().a[0]; // NON_COMPLIANT in C90 -} - -void gf24(int f, int g) { - float beat_freqs[2] = {f - g, f + g}; // NON_COMPLIANT -} - -void gf25t(int N, int M, double out[M][N], const double in[N][M]); -void gf25() { - double x[3][2]; - double y[2][3]; - gf25t(3, 2, y, - x); // NON_COMPLIANT - in ISO C the const qualifier is formally attached - // to the element type of the array and not the array itself -} - -struct gf26t { - int a; - char b[2]; -} gf26v; -void gf26(int x, int y) { - gf26v = ((struct gf26t){x + y, 'z', 0}); // NON_COMPLIANT - compound literal -} - -void gf27() { - int a[6] = {[4] = 29, [2] = 15}; // NON_COMPLIANT in C90. -} - -void gf28() { - int a; - - // switch(a){ - // case: 0 ... 5: // Not supported in clang. - // ;; - // break; - // default: - // ;; - // break; - // } -} - -union gf29u { - int i; - double j; -}; - -void gf29() { - int x; - int y; - union gf29u z; - z = (union gf29u)x; // NON_COMPLIANT - z = (union gf29u)y; // NON_COMPLIANT -} - -__attribute__((access(read_only, 1))) int -gf30(const char *); // NON_COMPLIANT -- attributes are not portable. - -extern int __attribute__((alias("var_target"))) -gf31; // NON_COMPLIANT -- attributes are not portable. - -struct __attribute__((aligned(8))) gf32 { - short f[3]; -}; // NON_COMPLIANT -- attributes are not portable. - -void gf33() { -gf33l: - __attribute__((cold, unused)); // NON_COMPLIANT - return; -} - -enum gf34 { - oldval __attribute__((deprecated)), // NON_COMPLIANT - newval -}; - -void gf35() { - int x; - // __attribute__((assume(x == 42))); - Not supported in clang - - switch (x) { - case 1: - printf(""); - __attribute__((fallthrough)); // NON_COMPLIANT - case 2: - break; - } -} - -// Not supported in clang. -// int gf36 (uid_t); - -// int -// gf36 (int x) -// { -// return x == 0; -// } - -void gf37() { - int a$1; // NON_COMPLIANT -} - -void gf38() { - const char *c = "test\e"; // NON_COMPLIANT -} - -struct gf39s { - int x; - char y; -} gf39v; - -void gf39() { - __alignof__(gf39v.x); // NON_COMPLIANT -} - -// enum gf40 {}; // not supported in clang - -void gf41() { - printf("__FUNCTION__ = %s\n", __FUNCTION__); // NON_COMPLIANT - printf("__PRETTY_FUNCTION__ = %s\n", __PRETTY_FUNCTION__); // NON_COMPLIANT -} - -void gf42() { - __builtin_extract_return_addr(0); - __builtin_frob_return_addr(0); - __builtin_frame_address(0); -} - -struct gf43s { - int x; - char y; -} gf43v; - -void gf43() { - __builtin_offsetof(struct gf43s, x); // NON_COMPLIANT -} - -struct gf44s { - int x; - char y; -} gf44v; - -void gf44() { - int i; - __sync_fetch_and_add(&i, 0); // NON_COMPLIANT - __sync_fetch_and_sub(&i, 0); // NON_COMPLIANT - __sync_fetch_and_or(&i, 0); // NON_COMPLIANT - __sync_fetch_and_and(&i, 0); // NON_COMPLIANT - __sync_fetch_and_xor(&i, 0); // NON_COMPLIANT - __sync_fetch_and_nand(&i, 0); // NON_COMPLIANT - __sync_add_and_fetch(&i, 0); // NON_COMPLIANT - __sync_sub_and_fetch(&i, 0); // NON_COMPLIANT - __sync_or_and_fetch(&i, 0); // NON_COMPLIANT - __sync_and_and_fetch(&i, 0); // NON_COMPLIANT - __sync_xor_and_fetch(&i, 0); // NON_COMPLIANT - __sync_nand_and_fetch(&i, 0); // NON_COMPLIANT - - __sync_bool_compare_and_swap(&i, 0, 0); - __sync_val_compare_and_swap(&i, 0, 0); - __sync_lock_test_and_set(&i, 0, 0); - __sync_lock_release(&i, 0); -} - -void gf45() { - int i = 0b101010; // NON_COMPLIANT -} - -__thread int gf46; // NON_COMPLIANT - -void gf47() { // NON_COMPLIANT in versions < C11. - struct { - int a; - union { - int b; - float c; - }; - int d; - } f; -} - -void gf48(){ - __builtin_alloca(0); // NON_COMPLIANT (all __builtin functions are non-compliant.) -} \ No newline at end of file diff --git a/rule_packages/c/Language2.json b/rule_packages/c/Language2.json index 2fc720b57d..34afdc2b1b 100644 --- a/rule_packages/c/Language2.json +++ b/rule_packages/c/Language2.json @@ -21,27 +21,6 @@ ], "title": "All usage of assembly language should be documented" }, - "RULE-1-2": { - "properties": { - "obligation": "advisory" - }, - "queries": [ - { - "description": "Language extensions can have inconsistent behavior and should not be used.", - "kind": "problem", - "name": "Language extensions should not be used", - "precision": "high", - "severity": "error", - "short_name": "LanguageExtensionsShouldNotBeUsed", - "tags": [ - "maintainability", - "readability", - "correctness" - ] - } - ], - "title": "Language extensions should not be used" - }, "RULE-1-4": { "properties": { "obligation": "required" diff --git a/rules.csv b/rules.csv index 8031503680..429f9ede8f 100644 --- a/rules.csv +++ b/rules.csv @@ -617,7 +617,7 @@ c,MISRA-C-2012,DIR-4-12,Yes,Required,,,Dynamic memory allocation shall not be us c,MISRA-C-2012,DIR-4-13,Yes,Advisory,,,Functions which are designed to provide operations on a resource should be called in an appropriate sequence,,Contracts,Hard, c,MISRA-C-2012,DIR-4-14,Yes,Required,,,The validity of values received from external sources shall be checked,,Contracts,Hard, c,MISRA-C-2012,RULE-1-1,No,Required,,,"The program shall contain no violations of the standard C syntax and constraints, and shall not exceed the implementation's translation limits",,Language,Easy,"This should be checked via the compiler output, rather than CodeQL, which adds unnecessary steps." -c,MISRA-C-2012,RULE-1-2,Yes,Advisory,,,Language extensions should not be used,,Language2,Hard, +c,MISRA-C-2012,RULE-1-2,Yes,Advisory,,,Language extensions should not be used,,Language3,Hard, c,MISRA-C-2012,RULE-1-3,Yes,Required,,,There shall be no occurrence of undefined or critical unspecified behaviour,,Language3,Hard, c,MISRA-C-2012,RULE-1-4,Yes,Required,,,Emergent language features shall not be used,,Language2,Medium, c,MISRA-C-2012,RULE-2-1,Yes,Required,,,A project shall not contain unreachable code,M0-1-1,DeadCode,Import, From 92356eb47f4b11562ea65749486334c6f7978eb3 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 18 Nov 2022 17:33:52 -0500 Subject: [PATCH 0132/2573] removal --- .../cpp/exclusions/c/Language2.qll | 16 ---------------- 1 file changed, 16 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Language2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Language2.qll index 9d270d34be..0217551e59 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Language2.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Language2.qll @@ -5,7 +5,6 @@ import codingstandards.cpp.exclusions.RuleMetadata newtype Language2Query = TUsageOfAssemblyLanguageShouldBeDocumentedQuery() or - TLanguageExtensionsShouldNotBeUsedQuery() or TEmergentLanguageFeaturesUsedQuery() predicate isLanguage2QueryMetadata(Query query, string queryId, string ruleId) { @@ -17,14 +16,6 @@ predicate isLanguage2QueryMetadata(Query query, string queryId, string ruleId) { "c/misra/usage-of-assembly-language-should-be-documented" and ruleId = "DIR-4-2" or - query = - // `Query` instance for the `languageExtensionsShouldNotBeUsed` query - Language2Package::languageExtensionsShouldNotBeUsedQuery() and - queryId = - // `@id` for the `languageExtensionsShouldNotBeUsed` query - "c/misra/language-extensions-should-not-be-used" and - ruleId = "RULE-1-2" - or query = // `Query` instance for the `emergentLanguageFeaturesUsed` query Language2Package::emergentLanguageFeaturesUsedQuery() and @@ -42,13 +33,6 @@ module Language2Package { TQueryC(TLanguage2PackageQuery(TUsageOfAssemblyLanguageShouldBeDocumentedQuery())) } - Query languageExtensionsShouldNotBeUsedQuery() { - //autogenerate `Query` type - result = - // `Query` type for `languageExtensionsShouldNotBeUsed` query - TQueryC(TLanguage2PackageQuery(TLanguageExtensionsShouldNotBeUsedQuery())) - } - Query emergentLanguageFeaturesUsedQuery() { //autogenerate `Query` type result = From c6b41b3e4da2eaf3a385bc0665dc00d4ed2f9504 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 18 Nov 2022 17:42:49 -0500 Subject: [PATCH 0133/2573] package surgery --- rules.csv | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/rules.csv b/rules.csv index 429f9ede8f..f6b1e42b0b 100644 --- a/rules.csv +++ b/rules.csv @@ -600,7 +600,7 @@ c,CERT-C,STR37-C,Yes,Rule,,,Arguments to character-handling functions must be re c,CERT-C,STR38-C,Yes,Rule,,,Do not confuse narrow and wide character strings and functions,,Strings3,Medium, c,CERT-C,WIN30-C,OutOfScope,Rule,,,Properly pair allocation and deallocation functions,DCL54-CPP,,Easy, c,MISRA-C-2012,DIR-1-1,No,Required,,,Any implementation-defined behaviour on which the output of the program depends shall be documented and understood,,,, -c,MISRA-C-2012,DIR-2-1,No,Required,,,All source files shall compile without any compilation errors,A1-4-3,Language,Medium,"This should be checked via the compiler output, rather than CodeQL, which adds unnecessary steps." +c,MISRA-C-2012,DIR-2-1,No,Required,,,All source files shall compile without any compilation errors,A1-4-3,,Medium,"This should be checked via the compiler output, rather than CodeQL, which adds unnecessary steps." c,MISRA-C-2012,DIR-3-1,No,Required,,,All code shall be traceable to documented requirements,,,, c,MISRA-C-2012,DIR-4-1,No,Required,,,Run-time failures shall be minimized,,,, c,MISRA-C-2012,DIR-4-2,Yes,Advisory,,,All usage of assembly language should be documented,M7-4-1,Language2,Import, @@ -616,7 +616,7 @@ c,MISRA-C-2012,DIR-4-11,Yes,Required,,,The validity of values passed to library c,MISRA-C-2012,DIR-4-12,Yes,Required,,,Dynamic memory allocation shall not be used,,Banned,Medium, c,MISRA-C-2012,DIR-4-13,Yes,Advisory,,,Functions which are designed to provide operations on a resource should be called in an appropriate sequence,,Contracts,Hard, c,MISRA-C-2012,DIR-4-14,Yes,Required,,,The validity of values received from external sources shall be checked,,Contracts,Hard, -c,MISRA-C-2012,RULE-1-1,No,Required,,,"The program shall contain no violations of the standard C syntax and constraints, and shall not exceed the implementation's translation limits",,Language,Easy,"This should be checked via the compiler output, rather than CodeQL, which adds unnecessary steps." +c,MISRA-C-2012,RULE-1-1,No,Required,,,"The program shall contain no violations of the standard C syntax and constraints, and shall not exceed the implementation's translation limits",,,Easy,"This should be checked via the compiler output, rather than CodeQL, which adds unnecessary steps." c,MISRA-C-2012,RULE-1-2,Yes,Advisory,,,Language extensions should not be used,,Language3,Hard, c,MISRA-C-2012,RULE-1-3,Yes,Required,,,There shall be no occurrence of undefined or critical unspecified behaviour,,Language3,Hard, c,MISRA-C-2012,RULE-1-4,Yes,Required,,,Emergent language features shall not be used,,Language2,Medium, From c90f56606dc5081d840d699304a87b90b36e1701 Mon Sep 17 00:00:00 2001 From: s-samadi Date: Sat, 19 Nov 2022 12:24:45 +1100 Subject: [PATCH 0134/2573] Added rules and tests for RULE-16-3, RULE-16-4, RULE-16-5 --- .../BreakShallTerminateSwitchClause.ql | 23 ++++++++ .../EverySwitchShallHaveDefaultLabel.ql | 32 ++++++++++++ .../DefaultNotFirstOrLastOfSwitch.ql | 23 ++++++++ .../BreakShallTerminateSwitchClause.expected | 3 ++ .../BreakShallTerminateSwitchClause.qlref | 1 + c/misra/test/rules/RULE-16-3/test.c | 41 +++++++++++++++ .../EverySwitchShallHaveDefaultLabel.expected | 2 + .../EverySwitchShallHaveDefaultLabel.qlref | 1 + c/misra/test/rules/RULE-16-4/test.c | 52 +++++++++++++++++++ .../DefaultNotFirstOrLastOfSwitch.expected | 1 + .../DefaultNotFirstOrLastOfSwitch.qlref | 1 + c/misra/test/rules/RULE-16-5/test.c | 34 ++++++++++++ 12 files changed, 214 insertions(+) create mode 100644 c/misra/src/rules/RULE-16-3/BreakShallTerminateSwitchClause.ql create mode 100644 c/misra/src/rules/RULE-16-4/EverySwitchShallHaveDefaultLabel.ql create mode 100644 c/misra/src/rules/RULE-16-5/DefaultNotFirstOrLastOfSwitch.ql create mode 100644 c/misra/test/rules/RULE-16-3/BreakShallTerminateSwitchClause.expected create mode 100644 c/misra/test/rules/RULE-16-3/BreakShallTerminateSwitchClause.qlref create mode 100644 c/misra/test/rules/RULE-16-3/test.c create mode 100644 c/misra/test/rules/RULE-16-4/EverySwitchShallHaveDefaultLabel.expected create mode 100644 c/misra/test/rules/RULE-16-4/EverySwitchShallHaveDefaultLabel.qlref create mode 100644 c/misra/test/rules/RULE-16-4/test.c create mode 100644 c/misra/test/rules/RULE-16-5/DefaultNotFirstOrLastOfSwitch.expected create mode 100644 c/misra/test/rules/RULE-16-5/DefaultNotFirstOrLastOfSwitch.qlref create mode 100644 c/misra/test/rules/RULE-16-5/test.c diff --git a/c/misra/src/rules/RULE-16-3/BreakShallTerminateSwitchClause.ql b/c/misra/src/rules/RULE-16-3/BreakShallTerminateSwitchClause.ql new file mode 100644 index 0000000000..04cd95a6fe --- /dev/null +++ b/c/misra/src/rules/RULE-16-3/BreakShallTerminateSwitchClause.ql @@ -0,0 +1,23 @@ +/** + * @id c/misra/break-shall-terminate-switch-clause + * @name RULE-16-3: An unconditional break statement shall terminate every switch-clause + * @description An unterminated switch-clause occurring at the end of a switch statement may fall + * into switch clauses which are added later. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-16-3 + * maintainability + * readability + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +from SwitchCase case +where + not isExcluded(case, Statements1Package::breakShallTerminateSwitchClauseQuery()) and + not case.terminatesInBreakStmt() and + not case.getFollowingStmt() instanceof SwitchCase +select case, "The switch $@ does not terminate with a break statement.", case, "clause" diff --git a/c/misra/src/rules/RULE-16-4/EverySwitchShallHaveDefaultLabel.ql b/c/misra/src/rules/RULE-16-4/EverySwitchShallHaveDefaultLabel.ql new file mode 100644 index 0000000000..c857690e84 --- /dev/null +++ b/c/misra/src/rules/RULE-16-4/EverySwitchShallHaveDefaultLabel.ql @@ -0,0 +1,32 @@ +/** + * @id c/misra/every-switch-shall-have-default-label + * @name RULE-16-4: Every switch statement shall have a default label + * @description The requirement for a default label is defensive programming. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-16-4 + * maintainability + * readability + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +from SwitchStmt switch, string message +where + not isExcluded(switch, Statements1Package::everySwitchShallHaveDefaultLabelQuery()) and + not switch.hasDefaultCase() and + message = "has missing default clause." + or + exists(SwitchCase case, BreakStmt break | + switch.getDefaultCase() = case and + case.getFollowingStmt() = break and + not exists(Comment comment | + break.getLocation().getEndLine() - 1 = comment.getLocation().getEndLine() + ) and + message = + "has default label that does not terminate in a statement or comment before break statement" + ) +select switch, "$@ statement " + message, switch, "Switch" diff --git a/c/misra/src/rules/RULE-16-5/DefaultNotFirstOrLastOfSwitch.ql b/c/misra/src/rules/RULE-16-5/DefaultNotFirstOrLastOfSwitch.ql new file mode 100644 index 0000000000..457fd4ba2f --- /dev/null +++ b/c/misra/src/rules/RULE-16-5/DefaultNotFirstOrLastOfSwitch.ql @@ -0,0 +1,23 @@ +/** + * @id c/misra/default-not-first-or-last-of-switch + * @name RULE-16-5: A default label shall appear as either the first or the last switch label of a switch statement + * @description Locating the default label is easy when it the first of last label. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-16-5 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.SwitchStatement + +from SwitchStmt switch, SwitchCase defaultCase +where + not isExcluded(switch, Statements1Package::defaultNotFirstOrLastOfSwitchQuery()) and + switch.getDefaultCase() = defaultCase and + exists(defaultCase.getPreviousSwitchCase()) and + finalClauseInSwitchNotDefault(switch) +select defaultCase, "$@ statement does not have $@ case as first or last switch label.", switch, + "Switch", defaultCase, "default" diff --git a/c/misra/test/rules/RULE-16-3/BreakShallTerminateSwitchClause.expected b/c/misra/test/rules/RULE-16-3/BreakShallTerminateSwitchClause.expected new file mode 100644 index 0000000000..3a97de439c --- /dev/null +++ b/c/misra/test/rules/RULE-16-3/BreakShallTerminateSwitchClause.expected @@ -0,0 +1,3 @@ +| test.c:11:3:11:9 | case ...: | The switch $@ does not terminate with a break statement. | test.c:11:3:11:9 | case ...: | clause | +| test.c:14:3:14:9 | case ...: | The switch $@ does not terminate with a break statement. | test.c:14:3:14:9 | case ...: | clause | +| test.c:26:3:26:10 | default: | The switch $@ does not terminate with a break statement. | test.c:26:3:26:10 | default: | clause | diff --git a/c/misra/test/rules/RULE-16-3/BreakShallTerminateSwitchClause.qlref b/c/misra/test/rules/RULE-16-3/BreakShallTerminateSwitchClause.qlref new file mode 100644 index 0000000000..9764f620d0 --- /dev/null +++ b/c/misra/test/rules/RULE-16-3/BreakShallTerminateSwitchClause.qlref @@ -0,0 +1 @@ +rules/RULE-16-3/BreakShallTerminateSwitchClause.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-16-3/test.c b/c/misra/test/rules/RULE-16-3/test.c new file mode 100644 index 0000000000..bfd21d9823 --- /dev/null +++ b/c/misra/test/rules/RULE-16-3/test.c @@ -0,0 +1,41 @@ +void f1(int p1) { + int i; + int j; + switch (p1) { + case 1: // COMPLIANT + break; + case 2: // COMPLIANT + case 3: // COMPLIANT + case 4: // COMPLIANT + break; + case 5: // NON_COMPLIANT + i = j; + j++; + case 6: // NON_COMPLIANT + if (i > j) { + j++; + i++; + break; + } + case 7: // COMPLIANT + if (i > j) { + j++; + i++; + } + break; + default: // NON_COMPLIANT + ; + } +} + +void f2(int p1) { + switch (p1) { + case 1: // COMPLIANT + break; + case 2: // COMPLIANT + case 3: // COMPLIANT + case 4: // COMPLIANT + default: // COMPLIANT + break; + } +} diff --git a/c/misra/test/rules/RULE-16-4/EverySwitchShallHaveDefaultLabel.expected b/c/misra/test/rules/RULE-16-4/EverySwitchShallHaveDefaultLabel.expected new file mode 100644 index 0000000000..008b1513e8 --- /dev/null +++ b/c/misra/test/rules/RULE-16-4/EverySwitchShallHaveDefaultLabel.expected @@ -0,0 +1,2 @@ +| test.c:4:3:12:3 | switch (...) ... | $@ statement has missing default clause. | test.c:4:3:12:3 | switch (...) ... | Switch | +| test.c:13:3:22:3 | switch (...) ... | $@ statement has default label that does not terminate in a statement or comment before break statement | test.c:13:3:22:3 | switch (...) ... | Switch | diff --git a/c/misra/test/rules/RULE-16-4/EverySwitchShallHaveDefaultLabel.qlref b/c/misra/test/rules/RULE-16-4/EverySwitchShallHaveDefaultLabel.qlref new file mode 100644 index 0000000000..394a5e941a --- /dev/null +++ b/c/misra/test/rules/RULE-16-4/EverySwitchShallHaveDefaultLabel.qlref @@ -0,0 +1 @@ +rules/RULE-16-4/EverySwitchShallHaveDefaultLabel.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-16-4/test.c b/c/misra/test/rules/RULE-16-4/test.c new file mode 100644 index 0000000000..7c2f2b210d --- /dev/null +++ b/c/misra/test/rules/RULE-16-4/test.c @@ -0,0 +1,52 @@ +void f1(int p1) { + int i; + int j; + switch (p1) { // NON COMPLIANT + case 1: + i++; + j++; + break; + case 2: + case 3: + break; + } + switch (p1) { // NON_COMPLIANT + case 1: + i++; + break; + case 2: + j++; + break; + default: + break; + } + switch (p1) { // COMPLIANT + case 1: + i++; + break; + case 2: + j++; + break; + default: + // codeql + break; + } + + switch (p1) { // COMPLIANT + case 1: + i++; + break; + default: + j++; + break; + } + switch (p1) { // COMPLIANT + case 1: + i++; + break; + default: + j++; + i++; + break; + } +} diff --git a/c/misra/test/rules/RULE-16-5/DefaultNotFirstOrLastOfSwitch.expected b/c/misra/test/rules/RULE-16-5/DefaultNotFirstOrLastOfSwitch.expected new file mode 100644 index 0000000000..a17969c296 --- /dev/null +++ b/c/misra/test/rules/RULE-16-5/DefaultNotFirstOrLastOfSwitch.expected @@ -0,0 +1 @@ +| test.c:16:3:16:10 | default: | $@ statement does not have $@ case as first or last switch label. | test.c:12:3:22:3 | switch (...) ... | Switch | test.c:16:3:16:10 | default: | default | diff --git a/c/misra/test/rules/RULE-16-5/DefaultNotFirstOrLastOfSwitch.qlref b/c/misra/test/rules/RULE-16-5/DefaultNotFirstOrLastOfSwitch.qlref new file mode 100644 index 0000000000..00e2e8aedf --- /dev/null +++ b/c/misra/test/rules/RULE-16-5/DefaultNotFirstOrLastOfSwitch.qlref @@ -0,0 +1 @@ +rules/RULE-16-5/DefaultNotFirstOrLastOfSwitch.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-16-5/test.c b/c/misra/test/rules/RULE-16-5/test.c new file mode 100644 index 0000000000..37d96bb0af --- /dev/null +++ b/c/misra/test/rules/RULE-16-5/test.c @@ -0,0 +1,34 @@ +void f1(int p1) { + int i; + int j; + switch (p1) { + default: // COMPLIANT + i++; + break; + case 1: + j++; + break; + } + switch (p1) { + case 1: + i++; + break; + default: // NON_COMPLIANT + j++; + break; + case 2: + i++; + break; + } + switch (p1) { + case 1: + i++; + break; + case 2: + j++; + break; + default: // COMPLIANT + i++; + break; + } +} From 5745732a4d908e0602d1a91ff508a74b62d8dbed Mon Sep 17 00:00:00 2001 From: s-samadi Date: Sat, 19 Nov 2022 12:33:21 +1100 Subject: [PATCH 0135/2573] Fixed formatting issue for test RULE-16-3 --- c/misra/test/rules/RULE-16-3/test.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/misra/test/rules/RULE-16-3/test.c b/c/misra/test/rules/RULE-16-3/test.c index bfd21d9823..ae009174eb 100644 --- a/c/misra/test/rules/RULE-16-3/test.c +++ b/c/misra/test/rules/RULE-16-3/test.c @@ -24,7 +24,7 @@ void f1(int p1) { } break; default: // NON_COMPLIANT - ; + i++; } } From a10f35c2ae480caed13fa03678aa89908a69ba52 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 21 Nov 2022 09:23:54 +0000 Subject: [PATCH 0136/2573] M27-0-1: Permit elements defined in other headers The `std::size_t` type and the `NULL` macro are both defined in multiple headers, and therefore should not be uniquely considered part of cstdio. --- cpp/autosar/src/rules/M27-0-1/CstdioMacrosUsed.ql | 4 ++-- cpp/autosar/src/rules/M27-0-1/CstdioTypesUsed.ql | 2 +- cpp/autosar/test/rules/M27-0-1/CstdioMacrosUsed.expected | 1 - cpp/autosar/test/rules/M27-0-1/CstdioTypesUsed.expected | 3 --- cpp/autosar/test/rules/M27-0-1/test.cpp | 2 +- 5 files changed, 4 insertions(+), 8 deletions(-) diff --git a/cpp/autosar/src/rules/M27-0-1/CstdioMacrosUsed.ql b/cpp/autosar/src/rules/M27-0-1/CstdioMacrosUsed.ql index eadbc874f9..ccf633488e 100644 --- a/cpp/autosar/src/rules/M27-0-1/CstdioMacrosUsed.ql +++ b/cpp/autosar/src/rules/M27-0-1/CstdioMacrosUsed.ql @@ -22,7 +22,7 @@ from MacroInvocation mi where not isExcluded(mi, BannedLibrariesPackage::cstdioMacrosUsedQuery()) and mi.getMacroName() in [ - "BUFSIZ", "EOF", "FILENAME_MAX", "FOPEN_MAX", "L_tmpnam", "NULL", "TMP_MAX", "_IOFBF", - "IOLBF", "_IONBF", "SEEK_CUR", "SEEK_END", "SEEK_SET" + "BUFSIZ", "EOF", "FILENAME_MAX", "FOPEN_MAX", "L_tmpnam", "TMP_MAX", "_IOFBF", "IOLBF", + "_IONBF", "SEEK_CUR", "SEEK_END", "SEEK_SET" ] select mi, "Use of macro '" + mi.getMacroName() + "'." diff --git a/cpp/autosar/src/rules/M27-0-1/CstdioTypesUsed.ql b/cpp/autosar/src/rules/M27-0-1/CstdioTypesUsed.ql index 442264fad1..6fc2adaffb 100644 --- a/cpp/autosar/src/rules/M27-0-1/CstdioTypesUsed.ql +++ b/cpp/autosar/src/rules/M27-0-1/CstdioTypesUsed.ql @@ -22,5 +22,5 @@ from TypeMention tm, UserType ut where not isExcluded(tm, BannedLibrariesPackage::cstdioTypesUsedQuery()) and ut = tm.getMentionedType() and - ut.hasGlobalOrStdName(["FILE", "fpos_t", "size_t"]) + ut.hasGlobalOrStdName(["FILE", "fpos_t"]) select tm, "Use of type '" + ut.getQualifiedName() + "'." diff --git a/cpp/autosar/test/rules/M27-0-1/CstdioMacrosUsed.expected b/cpp/autosar/test/rules/M27-0-1/CstdioMacrosUsed.expected index 8a48b86902..af67e45903 100644 --- a/cpp/autosar/test/rules/M27-0-1/CstdioMacrosUsed.expected +++ b/cpp/autosar/test/rules/M27-0-1/CstdioMacrosUsed.expected @@ -7,4 +7,3 @@ | test.cpp:30:29:30:37 | FOPEN_MAX | Use of macro 'FOPEN_MAX'. | | test.cpp:41:14:41:16 | EOF | Use of macro 'EOF'. | | test.cpp:50:24:50:31 | SEEK_SET | Use of macro 'SEEK_SET'. | -| test.cpp:60:10:60:13 | NULL | Use of macro 'NULL'. | diff --git a/cpp/autosar/test/rules/M27-0-1/CstdioTypesUsed.expected b/cpp/autosar/test/rules/M27-0-1/CstdioTypesUsed.expected index 8f3971fa2a..037f54c05e 100644 --- a/cpp/autosar/test/rules/M27-0-1/CstdioTypesUsed.expected +++ b/cpp/autosar/test/rules/M27-0-1/CstdioTypesUsed.expected @@ -1,7 +1,4 @@ | test.cpp:4:8:4:11 | type mention | Use of type 'std::FILE'. | | test.cpp:6:8:6:13 | type mention | Use of type 'std::fpos_t'. | -| test.cpp:20:18:20:23 | type mention | Use of type 'size_t'. | -| test.cpp:21:18:21:23 | type mention | Use of type 'size_t'. | | test.cpp:34:3:34:6 | type mention | Use of type 'FILE'. | | test.cpp:36:3:36:8 | type mention | Use of type 'fpos_t'. | -| test.cpp:50:14:50:19 | type mention | Use of type 'size_t'. | diff --git a/cpp/autosar/test/rules/M27-0-1/test.cpp b/cpp/autosar/test/rules/M27-0-1/test.cpp index feb2ed476f..27447ba06a 100644 --- a/cpp/autosar/test/rules/M27-0-1/test.cpp +++ b/cpp/autosar/test/rules/M27-0-1/test.cpp @@ -57,5 +57,5 @@ void *test_cstdio_is_used() { printf("foo"); // NON_COMPLIANT puts("all done!"); // NON_COMPLIANT - return NULL; // NON_COMPLIANT + return NULL; // COMPLIANT - NULL is not uniquely defined by cstdio } \ No newline at end of file From 097092bf636c40b50f0b730446524b331f8eb0c0 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 21 Nov 2022 09:28:00 +0000 Subject: [PATCH 0137/2573] M27-0-1: Add change note Exclusion of `size_t` and `NULL`. --- change_notes/2022-11-21-null-sizet-not-cstdio.md | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 change_notes/2022-11-21-null-sizet-not-cstdio.md diff --git a/change_notes/2022-11-21-null-sizet-not-cstdio.md b/change_notes/2022-11-21-null-sizet-not-cstdio.md new file mode 100644 index 0000000000..8855fa050f --- /dev/null +++ b/change_notes/2022-11-21-null-sizet-not-cstdio.md @@ -0,0 +1,3 @@ + - `M27-0-1` + - `CstdioTypesUsed.ql` - Exclude `size_t` from this rule, as it can be provided by headers other than ``. + - `CstdioMacrosUsed.ql` - Exclude `NULL` from this rule, as it can be provided by headers other than ``. From b144d5cd8293b7aaac88fda435a3a5c37072fa54 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 21 Nov 2022 11:21:46 -0500 Subject: [PATCH 0138/2573] formatting --- .../src/codingstandards/cpp/Emergent.qll | 84 +++++++++---------- 1 file changed, 42 insertions(+), 42 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Emergent.qll b/cpp/common/src/codingstandards/cpp/Emergent.qll index 53f7e5599b..9036c12bd7 100644 --- a/cpp/common/src/codingstandards/cpp/Emergent.qll +++ b/cpp/common/src/codingstandards/cpp/Emergent.qll @@ -1,49 +1,49 @@ -import cpp +import cpp /** - * Namespace for containing emergent language features in C11. + * Namespace for containing emergent language features in C11. */ module C11 { - abstract class EmergentLanguageFeature extends Element { } - - class AlignAsAttribute extends EmergentLanguageFeature, Attribute { - AlignAsAttribute() { getName() = "_Alignas" } - } - - class AtomicVariableSpecifier extends EmergentLanguageFeature, Variable { - AtomicVariableSpecifier() { - getType().(DerivedType).getBaseType*().getASpecifier().getName() = "atomic" - } - } - - class AtomicDeclaration extends EmergentLanguageFeature, Declaration { - AtomicDeclaration() { getASpecifier().getName() = "atomic" } - } - - class ThreadLocalDeclaration extends EmergentLanguageFeature, Declaration { - ThreadLocalDeclaration() { getASpecifier().getName() = "is_thread_local" } - } - - class EmergentHeader extends EmergentLanguageFeature, Include { - EmergentHeader() { - getIncludedFile().getBaseName() = ["stdalign.h", "stdatomic.h", "stdnoreturn.h", "threads.h"] - } - } - - class LibExt1Macro extends EmergentLanguageFeature, Macro { - LibExt1Macro() { - getName() = "__STDC_WANT_LIB_EXT1__" and - getBody() = "1" - } + abstract class EmergentLanguageFeature extends Element { } + + class AlignAsAttribute extends EmergentLanguageFeature, Attribute { + AlignAsAttribute() { getName() = "_Alignas" } + } + + class AtomicVariableSpecifier extends EmergentLanguageFeature, Variable { + AtomicVariableSpecifier() { + getType().(DerivedType).getBaseType*().getASpecifier().getName() = "atomic" } - - class GenericMacro extends EmergentLanguageFeature, Macro { - GenericMacro() { getBody().indexOf("_Generic") = 0 } + } + + class AtomicDeclaration extends EmergentLanguageFeature, Declaration { + AtomicDeclaration() { getASpecifier().getName() = "atomic" } + } + + class ThreadLocalDeclaration extends EmergentLanguageFeature, Declaration { + ThreadLocalDeclaration() { getASpecifier().getName() = "is_thread_local" } + } + + class EmergentHeader extends EmergentLanguageFeature, Include { + EmergentHeader() { + getIncludedFile().getBaseName() = ["stdalign.h", "stdatomic.h", "stdnoreturn.h", "threads.h"] } - - class NoReturnSpecificer extends EmergentLanguageFeature, Function { - NoReturnSpecificer() { getASpecifier().getName() = "noreturn" } + } + + class LibExt1Macro extends EmergentLanguageFeature, Macro { + LibExt1Macro() { + getName() = "__STDC_WANT_LIB_EXT1__" and + getBody() = "1" } - - class AlignOf extends EmergentLanguageFeature, AlignofTypeOperator { } - } \ No newline at end of file + } + + class GenericMacro extends EmergentLanguageFeature, Macro { + GenericMacro() { getBody().indexOf("_Generic") = 0 } + } + + class NoReturnSpecificer extends EmergentLanguageFeature, Function { + NoReturnSpecificer() { getASpecifier().getName() = "noreturn" } + } + + class AlignOf extends EmergentLanguageFeature, AlignofTypeOperator { } +} From cb9596c60606a1a7af486c08cd10e80d27a4e11a Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 21 Nov 2022 16:24:42 -0500 Subject: [PATCH 0139/2573] removed identical test case --- .../UsageOfAssemblerNotDocumented.expected | 1 - .../UsageOfAssemblerNotDocumented.ql | 2 -- .../test/rules/usageofassemblernotdocumented/test.c | 12 ------------ ...UsageOfAssemblyLanguageShouldBeDocumented.testref | 2 +- 4 files changed, 1 insertion(+), 16 deletions(-) delete mode 100644 c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.expected delete mode 100644 c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql delete mode 100644 c/common/test/rules/usageofassemblernotdocumented/test.c diff --git a/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.expected b/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.expected deleted file mode 100644 index 8c132cdb91..0000000000 --- a/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.expected +++ /dev/null @@ -1 +0,0 @@ -| test.c:8:42:8:58 | asm statement | Use of assembler is not documented. | diff --git a/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql b/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql deleted file mode 100644 index 7f9e1041a2..0000000000 --- a/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql +++ /dev/null @@ -1,2 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.usageofassemblernotdocumented.UsageOfAssemblerNotDocumented diff --git a/c/common/test/rules/usageofassemblernotdocumented/test.c b/c/common/test/rules/usageofassemblernotdocumented/test.c deleted file mode 100644 index 16e0f9ca91..0000000000 --- a/c/common/test/rules/usageofassemblernotdocumented/test.c +++ /dev/null @@ -1,12 +0,0 @@ -// COMPLIANT -void test_assembly_is_documented() { - // This comment serves as documentation - __asm__("ret\n"); -} - -// NON_COMPLIANT -void test_assembly_is_not_documented() { __asm__("ret\n"); } - -// COMPLIANT -#define RETURN __asm__("ret\n") -void test_undocumented_assembly_from_macro() { RETURN; } \ No newline at end of file diff --git a/c/misra/test/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.testref b/c/misra/test/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.testref index 3b0dc2fe5a..ea9ce384ea 100644 --- a/c/misra/test/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.testref +++ b/c/misra/test/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.testref @@ -1 +1 @@ -c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql \ No newline at end of file +cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql \ No newline at end of file From 501ecef7e18da6b727b40c776fe18e8591f8a0e1 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 21 Nov 2022 16:45:57 -0500 Subject: [PATCH 0140/2573] fix --- .../DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.ql | 2 +- c/misra/src/rules/RULE-1-4/EmergentLanguageFeaturesUsed.ql | 2 +- rule_packages/c/Language2.json | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/c/misra/src/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.ql b/c/misra/src/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.ql index 250d98892c..95388b46bc 100644 --- a/c/misra/src/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.ql +++ b/c/misra/src/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.ql @@ -1,7 +1,7 @@ /** * @id c/misra/usage-of-assembly-language-should-be-documented * @name DIR-4-2: All usage of assembly language should be documented - * @description + * @description Assembly language is not portable and should be documented. * @kind problem * @precision very-high * @problem.severity error diff --git a/c/misra/src/rules/RULE-1-4/EmergentLanguageFeaturesUsed.ql b/c/misra/src/rules/RULE-1-4/EmergentLanguageFeaturesUsed.ql index e9a5591f61..e5c55d4fc5 100644 --- a/c/misra/src/rules/RULE-1-4/EmergentLanguageFeaturesUsed.ql +++ b/c/misra/src/rules/RULE-1-4/EmergentLanguageFeaturesUsed.ql @@ -4,7 +4,7 @@ * @description Emergent language features may have unpredictable behavior and should not be used. * @kind problem * @precision very-high - * @problem.severity error + * @problem.severity warning * @tags external/misra/id/rule-1-4 * maintainability * readability diff --git a/rule_packages/c/Language2.json b/rule_packages/c/Language2.json index 34afdc2b1b..7f25091ab6 100644 --- a/rule_packages/c/Language2.json +++ b/rule_packages/c/Language2.json @@ -6,7 +6,7 @@ }, "queries": [ { - "description": "", + "description": "Assembly language is not portable and should be documented.", "kind": "problem", "name": "All usage of assembly language should be documented", "precision": "very-high", @@ -31,7 +31,7 @@ "kind": "problem", "name": "Emergent language features shall not be used", "precision": "very-high", - "severity": "error", + "severity": "warning", "short_name": "EmergentLanguageFeaturesUsed", "tags": [ "maintainability", From 0c9c40a81d92e399ab080723e76817f077ea6ffd Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Tue, 22 Nov 2022 11:06:23 -0500 Subject: [PATCH 0141/2573] warning --- .../rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.ql | 2 +- rule_packages/c/Language2.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/c/misra/src/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.ql b/c/misra/src/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.ql index 95388b46bc..d1a8a80046 100644 --- a/c/misra/src/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.ql +++ b/c/misra/src/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.ql @@ -4,7 +4,7 @@ * @description Assembly language is not portable and should be documented. * @kind problem * @precision very-high - * @problem.severity error + * @problem.severity warning * @tags external/misra/id/dir-4-2 * maintainability * readability diff --git a/rule_packages/c/Language2.json b/rule_packages/c/Language2.json index 7f25091ab6..66f219a025 100644 --- a/rule_packages/c/Language2.json +++ b/rule_packages/c/Language2.json @@ -10,7 +10,7 @@ "kind": "problem", "name": "All usage of assembly language should be documented", "precision": "very-high", - "severity": "error", + "severity": "warning", "short_name": "UsageOfAssemblyLanguageShouldBeDocumented", "shared_implementation_short_name": "UsageOfAssemblerNotDocumented", "tags": [ From c48658f12905353576d7092da8d71a4477f13b5f Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Tue, 22 Nov 2022 11:06:41 -0500 Subject: [PATCH 0142/2573] adding back --- c/misra/test/rules/RULE-1-4/test.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/misra/test/rules/RULE-1-4/test.c b/c/misra/test/rules/RULE-1-4/test.c index 7b31e6a555..153c722c94 100644 --- a/c/misra/test/rules/RULE-1-4/test.c +++ b/c/misra/test/rules/RULE-1-4/test.c @@ -12,7 +12,7 @@ typedef int new_type; // COMPLIANT typedef _Atomic new_type atomic_new_type; // NON_COMPLIANT void f(int p) { - // int i0 = _Generic(p, int : 0, long : 1); // NON_COMPLIANT[FALSE_NEGATIVE] + int i0 = _Generic(p, int : 0, long : 1); // NON_COMPLIANT[FALSE_NEGATIVE] _Atomic int i; // NON_COMPLIANT From 798a350543d9b3f9efd19e33b6fcfea20b3372d8 Mon Sep 17 00:00:00 2001 From: Robert Marsh Date: Tue, 22 Nov 2022 11:11:58 -0500 Subject: [PATCH 0143/2573] Use `instanceof` extension with AllocationExpr This prevents a negative recursion issue following a change to how Guards.qll is implemented in the codeql repo --- .../src/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.ql | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/src/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.ql b/cpp/autosar/src/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.ql index bf37fbd8e7..227b5d55aa 100644 --- a/cpp/autosar/src/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.ql +++ b/cpp/autosar/src/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.ql @@ -64,13 +64,13 @@ class MakeSharedOrUnique extends FunctionCall, CandidateFunctionLocalHeapAllocat * An `AllocationExpr` that allocates heap memory, where the memory is freed on at least one path * through the enclosing function. */ -class AllocationExprFunctionLocal extends AllocationExpr, CandidateFunctionLocalHeapAllocationExpr { +class AllocationExprFunctionLocal extends CandidateFunctionLocalHeapAllocationExpr instanceof AllocationExpr { AllocationExprFunctionLocal() { this.getSizeBytes() < 1024 and TaintTracking::localExprTaint(this, any(DeallocationExpr de).getFreedExpr()) } - override int getHeapSizeBytes() { result = this.getSizeBytes() } + override int getHeapSizeBytes() { result = super.getSizeBytes() } DeallocationExpr getADeallocation() { TaintTracking::localExprTaint(this, result.getFreedExpr()) } From d5cfc676291403d89049165273e59e3ae163a0fa Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 22 Nov 2022 10:11:14 -0500 Subject: [PATCH 0144/2573] Declarations5: add RULE-8-5 --- .vscode/tasks.json | 1 + ...nalObjectOrFunctionNotDeclaredInOneFile.ql | 43 +++++++++++++++++++ ...ectOrFunctionNotDeclaredInOneFile.expected | 2 + ...ObjectOrFunctionNotDeclaredInOneFile.qlref | 1 + c/misra/test/rules/RULE-8-5/test.c | 8 ++++ c/misra/test/rules/RULE-8-5/test.h | 3 ++ c/misra/test/rules/RULE-8-5/test1.c | 1 + c/misra/test/rules/RULE-8-5/test1.h | 3 ++ .../cpp/exclusions/c/Declarations5.qll | 25 +++++++++++ .../cpp/exclusions/c/RuleMetadata.qll | 3 ++ rule_packages/c/Declarations5.json | 23 ++++++++++ rules.csv | 2 +- 12 files changed, 114 insertions(+), 1 deletion(-) create mode 100644 c/misra/src/rules/RULE-8-5/ExternalObjectOrFunctionNotDeclaredInOneFile.ql create mode 100644 c/misra/test/rules/RULE-8-5/ExternalObjectOrFunctionNotDeclaredInOneFile.expected create mode 100644 c/misra/test/rules/RULE-8-5/ExternalObjectOrFunctionNotDeclaredInOneFile.qlref create mode 100644 c/misra/test/rules/RULE-8-5/test.c create mode 100644 c/misra/test/rules/RULE-8-5/test.h create mode 100644 c/misra/test/rules/RULE-8-5/test1.c create mode 100644 c/misra/test/rules/RULE-8-5/test1.h create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/Declarations5.qll create mode 100644 rule_packages/c/Declarations5.json diff --git a/.vscode/tasks.json b/.vscode/tasks.json index 5915064e54..823c754920 100644 --- a/.vscode/tasks.json +++ b/.vscode/tasks.json @@ -206,6 +206,7 @@ "Declarations", "Declarations1", "Declarations2", + "Declarations5", "Exceptions1", "Exceptions2", "Expressions", diff --git a/c/misra/src/rules/RULE-8-5/ExternalObjectOrFunctionNotDeclaredInOneFile.ql b/c/misra/src/rules/RULE-8-5/ExternalObjectOrFunctionNotDeclaredInOneFile.ql new file mode 100644 index 0000000000..0c9cfe9cb2 --- /dev/null +++ b/c/misra/src/rules/RULE-8-5/ExternalObjectOrFunctionNotDeclaredInOneFile.ql @@ -0,0 +1,43 @@ +/** + * @id c/misra/external-object-or-function-not-declared-in-one-file + * @name RULE-8-5: An external object or function shall be declared once in one and only one file + * @description Declarations in multiple files can lead to unexpected program behaviour. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/misra/id/rule-8-5 + * correctness + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +from DeclarationEntry de, DeclarationEntry otherDeclaration, string kind +where + not isExcluded(de, Declarations5Package::externalObjectOrFunctionNotDeclaredInOneFileQuery()) and + //this rule applies to non-defining declarations only + not de.isDefinition() and + not otherDeclaration.isDefinition() and + exists(Declaration d | + de.getDeclaration() = d and + otherDeclaration.getDeclaration() = d and + de.getFile() != otherDeclaration.getFile() + ) and + ( + de.getDeclaration() instanceof Function and kind = "function" + or + de.getDeclaration() instanceof Variable and + not de.getDeclaration() instanceof Parameter and + kind = "variable" + ) and + // Apply an ordering based on location to enforce that (de1, de2) = (de2, de1) and we only report (de1, de2). + ( + de.getFile().getAbsolutePath() < otherDeclaration.getFile().getAbsolutePath() + or + de.getFile().getAbsolutePath() = otherDeclaration.getFile().getAbsolutePath() and + de.getLocation().getStartLine() < otherDeclaration.getLocation().getStartLine() + ) +select de, + "The " + kind + " declaration " + de.getName() + + " is declared in multiple files and has an additional $@.", otherDeclaration, "declaration" diff --git a/c/misra/test/rules/RULE-8-5/ExternalObjectOrFunctionNotDeclaredInOneFile.expected b/c/misra/test/rules/RULE-8-5/ExternalObjectOrFunctionNotDeclaredInOneFile.expected new file mode 100644 index 0000000000..63276c3831 --- /dev/null +++ b/c/misra/test/rules/RULE-8-5/ExternalObjectOrFunctionNotDeclaredInOneFile.expected @@ -0,0 +1,2 @@ +| test.c:8:12:8:13 | declaration of g3 | The variable declaration g3 is declared in multiple files and has an additional $@. | test1.c:1:12:1:13 | declaration of g3 | declaration | +| test.h:1:12:1:12 | declaration of g | The variable declaration g is declared in multiple files and has an additional $@. | test1.h:1:12:1:12 | declaration of g | declaration | diff --git a/c/misra/test/rules/RULE-8-5/ExternalObjectOrFunctionNotDeclaredInOneFile.qlref b/c/misra/test/rules/RULE-8-5/ExternalObjectOrFunctionNotDeclaredInOneFile.qlref new file mode 100644 index 0000000000..5359406e92 --- /dev/null +++ b/c/misra/test/rules/RULE-8-5/ExternalObjectOrFunctionNotDeclaredInOneFile.qlref @@ -0,0 +1 @@ +rules/RULE-8-5/ExternalObjectOrFunctionNotDeclaredInOneFile.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-5/test.c b/c/misra/test/rules/RULE-8-5/test.c new file mode 100644 index 0000000000..89f0a0972d --- /dev/null +++ b/c/misra/test/rules/RULE-8-5/test.c @@ -0,0 +1,8 @@ +#include "test.h" +#include "test1.h" + +int g = 1; // COMPLIANT + +extern int g1; // COMPLIANT + +extern int g3; // NON_COMPLIANT \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-5/test.h b/c/misra/test/rules/RULE-8-5/test.h new file mode 100644 index 0000000000..fe5e1e5e2e --- /dev/null +++ b/c/misra/test/rules/RULE-8-5/test.h @@ -0,0 +1,3 @@ +extern int g; // NON_COMPLIANT + +int g2; // COMPLIANT \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-5/test1.c b/c/misra/test/rules/RULE-8-5/test1.c new file mode 100644 index 0000000000..f00c54998e --- /dev/null +++ b/c/misra/test/rules/RULE-8-5/test1.c @@ -0,0 +1 @@ +extern int g3; // NON_COMPLIANT \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-5/test1.h b/c/misra/test/rules/RULE-8-5/test1.h new file mode 100644 index 0000000000..fe5e1e5e2e --- /dev/null +++ b/c/misra/test/rules/RULE-8-5/test1.h @@ -0,0 +1,3 @@ +extern int g; // NON_COMPLIANT + +int g2; // COMPLIANT \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations5.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations5.qll new file mode 100644 index 0000000000..db3fa5e08e --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations5.qll @@ -0,0 +1,25 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype Declarations5Query = TExternalObjectOrFunctionNotDeclaredInOneFileQuery() + +predicate isDeclarations5QueryMetadata(Query query, string queryId, string ruleId) { + query = + // `Query` instance for the `externalObjectOrFunctionNotDeclaredInOneFile` query + Declarations5Package::externalObjectOrFunctionNotDeclaredInOneFileQuery() and + queryId = + // `@id` for the `externalObjectOrFunctionNotDeclaredInOneFile` query + "c/misra/external-object-or-function-not-declared-in-one-file" and + ruleId = "RULE-8-5" +} + +module Declarations5Package { + Query externalObjectOrFunctionNotDeclaredInOneFileQuery() { + //autogenerate `Query` type + result = + // `Query` type for `externalObjectOrFunctionNotDeclaredInOneFile` query + TQueryC(TDeclarations5PackageQuery(TExternalObjectOrFunctionNotDeclaredInOneFileQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index 4dc785d482..699cdc30ca 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -15,6 +15,7 @@ import Contracts4 import Declarations1 import Declarations2 import Declarations3 +import Declarations5 import Expressions import IO1 import IO2 @@ -52,6 +53,7 @@ newtype TCQuery = TDeclarations1PackageQuery(Declarations1Query q) or TDeclarations2PackageQuery(Declarations2Query q) or TDeclarations3PackageQuery(Declarations3Query q) or + TDeclarations5PackageQuery(Declarations5Query q) or TExpressionsPackageQuery(ExpressionsQuery q) or TIO1PackageQuery(IO1Query q) or TIO2PackageQuery(IO2Query q) or @@ -89,6 +91,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId) { isDeclarations1QueryMetadata(query, queryId, ruleId) or isDeclarations2QueryMetadata(query, queryId, ruleId) or isDeclarations3QueryMetadata(query, queryId, ruleId) or + isDeclarations5QueryMetadata(query, queryId, ruleId) or isExpressionsQueryMetadata(query, queryId, ruleId) or isIO1QueryMetadata(query, queryId, ruleId) or isIO2QueryMetadata(query, queryId, ruleId) or diff --git a/rule_packages/c/Declarations5.json b/rule_packages/c/Declarations5.json new file mode 100644 index 0000000000..1680d3e3af --- /dev/null +++ b/rule_packages/c/Declarations5.json @@ -0,0 +1,23 @@ +{ + "MISRA-C-2012": { + "RULE-8-5": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Declarations in multiple files can lead to unexpected program behaviour.", + "kind": "problem", + "name": "An external object or function shall be declared once in one and only one file", + "precision": "very-high", + "severity": "warning", + "short_name": "ExternalObjectOrFunctionNotDeclaredInOneFile", + "tags": [ + "correctness" + ] + } + ], + "title": "An external object or function shall be declared once in one and only one file" + } + } +} \ No newline at end of file diff --git a/rules.csv b/rules.csv index 7b283db8b0..de928dd040 100644 --- a/rules.csv +++ b/rules.csv @@ -650,7 +650,7 @@ c,MISRA-C-2012,RULE-8-1,Yes,Required,,,Types shall be explicitly specified,,Decl c,MISRA-C-2012,RULE-8-2,Yes,Required,,,Function types shall be in prototype form with named parameters,,Declarations,Medium, c,MISRA-C-2012,RULE-8-3,Yes,Required,,,All declarations of an object or function shall use the same names and type qualifiers,M3-2-1,Declarations,Medium, c,MISRA-C-2012,RULE-8-4,Yes,Required,,,A compatible declaration shall be visible when an object or function with external linkage is defined,,Declarations,Medium, -c,MISRA-C-2012,RULE-8-5,Yes,Required,,,An external object or function shall be declared once in one and only one file,,Declarations,Medium, +c,MISRA-C-2012,RULE-8-5,Yes,Required,,,An external object or function shall be declared once in one and only one file,,Declarations5,Medium, c,MISRA-C-2012,RULE-8-6,Yes,Required,,,An identifier with external linkage shall have exactly one external definition,M3-2-4,Declarations,Import, c,MISRA-C-2012,RULE-8-7,Yes,Advisory,,,Functions and objects should not be defined with external linkage if they are referenced in only one translation unit,,Declarations,Medium, c,MISRA-C-2012,RULE-8-8,Yes,Required,,,The static storage class specifier shall be used in all declarations of objects and functions that have internal linkage,M3-3-2,Declarations,Medium, From 0c2f3d54d2c7e1e9db44b5619aed099d2d30c3b2 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 22 Nov 2022 16:30:34 -0500 Subject: [PATCH 0145/2573] Declarations5: add RULE-5-2 --- ...ifiersDeclaredInTheSameScopeNotDistinct.ql | 38 +++++++++++++++++++ ...DeclaredInTheSameScopeNotDistinct.expected | 1 + ...ersDeclaredInTheSameScopeNotDistinct.qlref | 1 + c/misra/test/rules/RULE-5-2/test.c | 26 +++++++++++++ .../cpp/exclusions/c/Declarations5.qll | 19 +++++++++- rule_packages/c/Declarations5.json | 25 ++++++++++++ rules.csv | 2 +- 7 files changed, 110 insertions(+), 2 deletions(-) create mode 100644 c/misra/src/rules/RULE-5-2/IdentifiersDeclaredInTheSameScopeNotDistinct.ql create mode 100644 c/misra/test/rules/RULE-5-2/IdentifiersDeclaredInTheSameScopeNotDistinct.expected create mode 100644 c/misra/test/rules/RULE-5-2/IdentifiersDeclaredInTheSameScopeNotDistinct.qlref create mode 100644 c/misra/test/rules/RULE-5-2/test.c diff --git a/c/misra/src/rules/RULE-5-2/IdentifiersDeclaredInTheSameScopeNotDistinct.ql b/c/misra/src/rules/RULE-5-2/IdentifiersDeclaredInTheSameScopeNotDistinct.ql new file mode 100644 index 0000000000..682d7538c5 --- /dev/null +++ b/c/misra/src/rules/RULE-5-2/IdentifiersDeclaredInTheSameScopeNotDistinct.ql @@ -0,0 +1,38 @@ +/** + * @id c/misra/identifiers-declared-in-the-same-scope-not-distinct + * @name RULE-5-2: Identifiers declared in the same scope and name space shall be distinct + * @description Using nondistinct identifiers results in undefined behaviour. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/misra/id/rule-5-2 + * correctness + * maintainability + * readability + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.Identifiers + +from InterestingIdentifiers d, InterestingIdentifiers d2 +where + not isExcluded(d, Declarations5Package::identifiersDeclaredInTheSameScopeNotDistinctQuery()) and + not isExcluded(d2, Declarations5Package::identifiersDeclaredInTheSameScopeNotDistinctQuery()) and + //this rule does not apply if both are external identifiers + //that is covered by RULE-5-3 + not ( + d instanceof ExternalIdentifiers and + d2 instanceof ExternalIdentifiers + ) and + d.getNamespace() = d2.getNamespace() and + d.getParentScope() = d2.getParentScope() and + not d = d2 and + d.getLocation().getStartLine() >= d2.getLocation().getStartLine() and + //first 63 chars in the name as per C99 + d.getSignificantNameComparedToMacro() = d2.getSignificantNameComparedToMacro() and + not d.getName() = d2.getName() +select d, + "Identifer " + d.getName() + " is nondistinct in characters at or over 63 limit, compared to $@", + d2, d2.getName() diff --git a/c/misra/test/rules/RULE-5-2/IdentifiersDeclaredInTheSameScopeNotDistinct.expected b/c/misra/test/rules/RULE-5-2/IdentifiersDeclaredInTheSameScopeNotDistinct.expected new file mode 100644 index 0000000000..b7d33ba120 --- /dev/null +++ b/c/misra/test/rules/RULE-5-2/IdentifiersDeclaredInTheSameScopeNotDistinct.expected @@ -0,0 +1 @@ +| test.c:8:5:8:68 | iltiqzxgfqsgigwfuyntzghvzltueatcxqnqofnnvjyszmcsylyohvqaosjbqyyB | Identifer iltiqzxgfqsgigwfuyntzghvzltueatcxqnqofnnvjyszmcsylyohvqaosjbqyyB is nondistinct in characters at or over 63 limit, compared to $@ | test.c:2:5:2:68 | iltiqzxgfqsgigwfuyntzghvzltueatcxqnqofnnvjyszmcsylyohvqaosjbqyyA | iltiqzxgfqsgigwfuyntzghvzltueatcxqnqofnnvjyszmcsylyohvqaosjbqyyA | diff --git a/c/misra/test/rules/RULE-5-2/IdentifiersDeclaredInTheSameScopeNotDistinct.qlref b/c/misra/test/rules/RULE-5-2/IdentifiersDeclaredInTheSameScopeNotDistinct.qlref new file mode 100644 index 0000000000..59fc518cf7 --- /dev/null +++ b/c/misra/test/rules/RULE-5-2/IdentifiersDeclaredInTheSameScopeNotDistinct.qlref @@ -0,0 +1 @@ +rules/RULE-5-2/IdentifiersDeclaredInTheSameScopeNotDistinct.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-5-2/test.c b/c/misra/test/rules/RULE-5-2/test.c new file mode 100644 index 0000000000..3f3f8f1e00 --- /dev/null +++ b/c/misra/test/rules/RULE-5-2/test.c @@ -0,0 +1,26 @@ +extern int + iltiqzxgfqsgigwfuyntzghvzltueatcxqnqofnnvjyszmcsylyohvqaosjbqyyA; // NON_COMPLIANT + // - + // length + // 64 + +static int + iltiqzxgfqsgigwfuyntzghvzltueatcxqnqofnnvjyszmcsylyohvqaosjbqyyB; // NON_COMPLIANT + // - + // length + // 64 + +void f() { + int iltiqzxgfqsgigwfuyntzghvzltueatcxqnqofnnvjyszmcsylyohvqaosjbqyyC; // COMPLIANT + // - + // length + // 64 + // but + // diff + // scope +} + +static int + iltiqzxgfqsgigwfuyntzghvzltueatcxqnqofnnvjy_C; // COMPLIANT length <63 +static int + iltiqzxgfqsgigwfuyntzghvzltueatcxqnqofnnvjy_D; // COMPLIANT length <63 \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations5.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations5.qll index db3fa5e08e..55e998b4d4 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations5.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations5.qll @@ -3,9 +3,19 @@ import cpp import RuleMetadata import codingstandards.cpp.exclusions.RuleMetadata -newtype Declarations5Query = TExternalObjectOrFunctionNotDeclaredInOneFileQuery() +newtype Declarations5Query = + TIdentifiersDeclaredInTheSameScopeNotDistinctQuery() or + TExternalObjectOrFunctionNotDeclaredInOneFileQuery() predicate isDeclarations5QueryMetadata(Query query, string queryId, string ruleId) { + query = + // `Query` instance for the `identifiersDeclaredInTheSameScopeNotDistinct` query + Declarations5Package::identifiersDeclaredInTheSameScopeNotDistinctQuery() and + queryId = + // `@id` for the `identifiersDeclaredInTheSameScopeNotDistinct` query + "c/misra/identifiers-declared-in-the-same-scope-not-distinct" and + ruleId = "RULE-5-2" + or query = // `Query` instance for the `externalObjectOrFunctionNotDeclaredInOneFile` query Declarations5Package::externalObjectOrFunctionNotDeclaredInOneFileQuery() and @@ -16,6 +26,13 @@ predicate isDeclarations5QueryMetadata(Query query, string queryId, string ruleI } module Declarations5Package { + Query identifiersDeclaredInTheSameScopeNotDistinctQuery() { + //autogenerate `Query` type + result = + // `Query` type for `identifiersDeclaredInTheSameScopeNotDistinct` query + TQueryC(TDeclarations5PackageQuery(TIdentifiersDeclaredInTheSameScopeNotDistinctQuery())) + } + Query externalObjectOrFunctionNotDeclaredInOneFileQuery() { //autogenerate `Query` type result = diff --git a/rule_packages/c/Declarations5.json b/rule_packages/c/Declarations5.json index 1680d3e3af..da656fa500 100644 --- a/rule_packages/c/Declarations5.json +++ b/rule_packages/c/Declarations5.json @@ -1,5 +1,30 @@ { "MISRA-C-2012": { + "RULE-5-2": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Using nondistinct identifiers results in undefined behaviour.", + "kind": "problem", + "name": "Identifiers declared in the same scope and name space shall be distinct", + "precision": "very-high", + "severity": "warning", + "short_name": "IdentifiersDeclaredInTheSameScopeNotDistinct", + "tags": [ + "correctness", + "maintainability", + "readability" + ], + "implementation_scope": { + "description": "This query considers the first 63 characters of identifiers as significant, as per C99 for nonexternal identifiers and reports the case when names are longer than 63 characters and differ in those characters past the 63 first only. This query does not consider universal or extended source characters.", + "items": [] + } + } + ], + "title": "Identifiers declared in the same scope and name space shall be distinct" + }, "RULE-8-5": { "properties": { "obligation": "required" diff --git a/rules.csv b/rules.csv index de928dd040..83fd1753b9 100644 --- a/rules.csv +++ b/rules.csv @@ -632,7 +632,7 @@ c,MISRA-C-2012,RULE-3-2,Yes,Required,,,Line-splicing shall not be used in // com c,MISRA-C-2012,RULE-4-1,Yes,Required,,,Octal and hexadecimal escape sequences shall be terminated,A2-13-1 M2-13-2,Syntax,Medium, c,MISRA-C-2012,RULE-4-2,No,Advisory,,,Trigraphs should not be used,A2-5-1,,Import, c,MISRA-C-2012,RULE-5-1,Yes,Required,,,External identifiers shall be distinct,,Declarations1,Medium, -c,MISRA-C-2012,RULE-5-2,Yes,Required,,,Identifiers declared in the same scope and name space shall be distinct,,Declarations,Medium, +c,MISRA-C-2012,RULE-5-2,Yes,Required,,,Identifiers declared in the same scope and name space shall be distinct,,Declarations5,Medium, c,MISRA-C-2012,RULE-5-3,Yes,Required,,,An identifier declared in an inner scope shall not hide an identifier declared in an outer scope,A2-10-1,Declarations3,Import, c,MISRA-C-2012,RULE-5-4,Yes,Required,,,Macro identifiers shall be distinct,,Declarations1,Easy, c,MISRA-C-2012,RULE-5-5,Yes,Required,,,Identifiers shall be distinct from macro names,,Declarations3,Easy, From f866dd52b20b4547cdca948f2c23fb155c576e90 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 23 Nov 2022 12:26:32 -0500 Subject: [PATCH 0146/2573] Declarations5: add RULE-8-8 --- ...ngStaticSpecifierFunctionRedeclarationC.ql | 22 ++++++++++++ ...singStaticSpecifierObjectRedeclarationC.ql | 27 +++++++++++++++ ...ticSpecifierFunctionRedeclarationC.testref | 1 + ...aticSpecifierObjectRedeclarationC.expected | 1 + ...gStaticSpecifierObjectRedeclarationC.qlref | 1 + c/misra/test/rules/RULE-8-8/test.c | 8 +++++ ...aticSpecifierOnFunctionRedeclaration.qlref | 1 - ...icSpecifierOnFunctionRedeclaration.testref | 1 + .../cpp/exclusions/c/Declarations5.qll | 34 ++++++++++++++++++- ...icSpecifierFunctionRedeclarationShared.qll | 25 ++++++++++++++ ...ifierFunctionRedeclarationShared.expected} | 0 ...ticSpecifierFunctionRedeclarationShared.ql | 2 ++ .../test.cpp | 0 rule_packages/c/Declarations5.json | 31 +++++++++++++++++ rule_packages/cpp/Scope.json | 1 + rules.csv | 2 +- 16 files changed, 154 insertions(+), 3 deletions(-) create mode 100644 c/misra/src/rules/RULE-8-8/MissingStaticSpecifierFunctionRedeclarationC.ql create mode 100644 c/misra/src/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.ql create mode 100644 c/misra/test/rules/RULE-8-8/MissingStaticSpecifierFunctionRedeclarationC.testref create mode 100644 c/misra/test/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.expected create mode 100644 c/misra/test/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.qlref create mode 100644 c/misra/test/rules/RULE-8-8/test.c delete mode 100644 cpp/autosar/test/rules/M3-3-2/MissingStaticSpecifierOnFunctionRedeclaration.qlref create mode 100644 cpp/autosar/test/rules/M3-3-2/MissingStaticSpecifierOnFunctionRedeclaration.testref create mode 100644 cpp/common/src/codingstandards/cpp/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.qll rename cpp/{autosar/test/rules/M3-3-2/MissingStaticSpecifierOnFunctionRedeclaration.expected => common/test/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.expected} (100%) create mode 100644 cpp/common/test/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.ql rename cpp/{autosar/test/rules/M3-3-2 => common/test/rules/missingstaticspecifierfunctionredeclarationshared}/test.cpp (100%) diff --git a/c/misra/src/rules/RULE-8-8/MissingStaticSpecifierFunctionRedeclarationC.ql b/c/misra/src/rules/RULE-8-8/MissingStaticSpecifierFunctionRedeclarationC.ql new file mode 100644 index 0000000000..a56d4ca426 --- /dev/null +++ b/c/misra/src/rules/RULE-8-8/MissingStaticSpecifierFunctionRedeclarationC.ql @@ -0,0 +1,22 @@ +/** + * @id c/misra/missing-static-specifier-function-redeclaration-c + * @name RULE-8-8: If a function has internal linkage then all re-declarations shall include the static storage class + * @description If a function has internal linkage then all re-declarations shall include the static + * storage class specifier to make the internal linkage explicit. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/misra/id/rule-8-8 + * readability + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.rules.missingstaticspecifierfunctionredeclarationshared.MissingStaticSpecifierFunctionRedeclarationShared + +class MissingStaticSpecifierFunctionRedeclarationCQuery extends MissingStaticSpecifierFunctionRedeclarationSharedSharedQuery { + MissingStaticSpecifierFunctionRedeclarationCQuery() { + this = Declarations5Package::missingStaticSpecifierFunctionRedeclarationCQuery() + } +} diff --git a/c/misra/src/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.ql b/c/misra/src/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.ql new file mode 100644 index 0000000000..9d583623de --- /dev/null +++ b/c/misra/src/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.ql @@ -0,0 +1,27 @@ +/** + * @id c/misra/missing-static-specifier-object-redeclaration-c + * @name RULE-8-8: If an object has internal linkage then all re-declarations shall include the static storage class + * @description If an object has internal linkage then all re-declarations shall include the static + * storage class specifier to make the internal linkage explicit. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/misra/id/rule-8-8 + * readability + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +from VariableDeclarationEntry redeclaration, VariableDeclarationEntry de +where + not isExcluded(redeclaration, + Declarations5Package::missingStaticSpecifierObjectRedeclarationCQuery()) and + de.hasSpecifier("static") and + de.getDeclaration().isTopLevel() and + redeclaration.getDeclaration() = de.getDeclaration() and + not redeclaration.hasSpecifier("static") and + de != redeclaration +select redeclaration, "The redeclaration of $@ with internal linkage misses the static specifier.", + de, de.getName() diff --git a/c/misra/test/rules/RULE-8-8/MissingStaticSpecifierFunctionRedeclarationC.testref b/c/misra/test/rules/RULE-8-8/MissingStaticSpecifierFunctionRedeclarationC.testref new file mode 100644 index 0000000000..5b93ea365a --- /dev/null +++ b/c/misra/test/rules/RULE-8-8/MissingStaticSpecifierFunctionRedeclarationC.testref @@ -0,0 +1 @@ +cpp/common/test/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.expected b/c/misra/test/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.expected new file mode 100644 index 0000000000..34a7723bcd --- /dev/null +++ b/c/misra/test/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.expected @@ -0,0 +1 @@ +| test.c:2:12:2:12 | declaration of g | The redeclaration of $@ with internal linkage misses the static specifier. | test.c:1:12:1:12 | definition of g | g | diff --git a/c/misra/test/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.qlref b/c/misra/test/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.qlref new file mode 100644 index 0000000000..70b6073e14 --- /dev/null +++ b/c/misra/test/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.qlref @@ -0,0 +1 @@ +rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-8/test.c b/c/misra/test/rules/RULE-8-8/test.c new file mode 100644 index 0000000000..d98d71c6f0 --- /dev/null +++ b/c/misra/test/rules/RULE-8-8/test.c @@ -0,0 +1,8 @@ +static int g = 0; +extern int g; // NON_COMPLIANT + +static int g1; +static int g1 = 0; // COMPLIANT + +int g2; +int g2 = 0; // COMPLIANT diff --git a/cpp/autosar/test/rules/M3-3-2/MissingStaticSpecifierOnFunctionRedeclaration.qlref b/cpp/autosar/test/rules/M3-3-2/MissingStaticSpecifierOnFunctionRedeclaration.qlref deleted file mode 100644 index 052000073f..0000000000 --- a/cpp/autosar/test/rules/M3-3-2/MissingStaticSpecifierOnFunctionRedeclaration.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M3-3-2/MissingStaticSpecifierOnFunctionRedeclaration.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M3-3-2/MissingStaticSpecifierOnFunctionRedeclaration.testref b/cpp/autosar/test/rules/M3-3-2/MissingStaticSpecifierOnFunctionRedeclaration.testref new file mode 100644 index 0000000000..5b93ea365a --- /dev/null +++ b/cpp/autosar/test/rules/M3-3-2/MissingStaticSpecifierOnFunctionRedeclaration.testref @@ -0,0 +1 @@ +cpp/common/test/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.ql \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations5.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations5.qll index 55e998b4d4..884038c7c5 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations5.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations5.qll @@ -5,7 +5,9 @@ import codingstandards.cpp.exclusions.RuleMetadata newtype Declarations5Query = TIdentifiersDeclaredInTheSameScopeNotDistinctQuery() or - TExternalObjectOrFunctionNotDeclaredInOneFileQuery() + TExternalObjectOrFunctionNotDeclaredInOneFileQuery() or + TMissingStaticSpecifierFunctionRedeclarationCQuery() or + TMissingStaticSpecifierObjectRedeclarationCQuery() predicate isDeclarations5QueryMetadata(Query query, string queryId, string ruleId) { query = @@ -23,6 +25,22 @@ predicate isDeclarations5QueryMetadata(Query query, string queryId, string ruleI // `@id` for the `externalObjectOrFunctionNotDeclaredInOneFile` query "c/misra/external-object-or-function-not-declared-in-one-file" and ruleId = "RULE-8-5" + or + query = + // `Query` instance for the `missingStaticSpecifierFunctionRedeclarationC` query + Declarations5Package::missingStaticSpecifierFunctionRedeclarationCQuery() and + queryId = + // `@id` for the `missingStaticSpecifierFunctionRedeclarationC` query + "c/misra/missing-static-specifier-function-redeclaration-c" and + ruleId = "RULE-8-8" + or + query = + // `Query` instance for the `missingStaticSpecifierObjectRedeclarationC` query + Declarations5Package::missingStaticSpecifierObjectRedeclarationCQuery() and + queryId = + // `@id` for the `missingStaticSpecifierObjectRedeclarationC` query + "c/misra/missing-static-specifier-object-redeclaration-c" and + ruleId = "RULE-8-8" } module Declarations5Package { @@ -39,4 +57,18 @@ module Declarations5Package { // `Query` type for `externalObjectOrFunctionNotDeclaredInOneFile` query TQueryC(TDeclarations5PackageQuery(TExternalObjectOrFunctionNotDeclaredInOneFileQuery())) } + + Query missingStaticSpecifierFunctionRedeclarationCQuery() { + //autogenerate `Query` type + result = + // `Query` type for `missingStaticSpecifierFunctionRedeclarationC` query + TQueryC(TDeclarations5PackageQuery(TMissingStaticSpecifierFunctionRedeclarationCQuery())) + } + + Query missingStaticSpecifierObjectRedeclarationCQuery() { + //autogenerate `Query` type + result = + // `Query` type for `missingStaticSpecifierObjectRedeclarationC` query + TQueryC(TDeclarations5PackageQuery(TMissingStaticSpecifierObjectRedeclarationCQuery())) + } } diff --git a/cpp/common/src/codingstandards/cpp/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.qll b/cpp/common/src/codingstandards/cpp/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.qll new file mode 100644 index 0000000000..70d498827f --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.qll @@ -0,0 +1,25 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class MissingStaticSpecifierFunctionRedeclarationSharedSharedQuery extends Query { } + +Query getQuery() { result instanceof MissingStaticSpecifierFunctionRedeclarationSharedSharedQuery } + +query predicate problems( + FunctionDeclarationEntry redeclaration, string message, FunctionDeclarationEntry fde, + string msgpiece +) { + not isExcluded(redeclaration, getQuery()) and + fde.hasSpecifier("static") and + fde.getDeclaration().isTopLevel() and + redeclaration.getDeclaration() = fde.getDeclaration() and + not redeclaration.hasSpecifier("static") and + fde != redeclaration and + message = "The redeclaration of $@ with internal linkage misses the static specifier." and + msgpiece = "function" +} diff --git a/cpp/autosar/test/rules/M3-3-2/MissingStaticSpecifierOnFunctionRedeclaration.expected b/cpp/common/test/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.expected similarity index 100% rename from cpp/autosar/test/rules/M3-3-2/MissingStaticSpecifierOnFunctionRedeclaration.expected rename to cpp/common/test/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.expected diff --git a/cpp/common/test/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.ql b/cpp/common/test/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.ql new file mode 100644 index 0000000000..50954b88bf --- /dev/null +++ b/cpp/common/test/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.missingstaticspecifierfunctionredeclarationshared.MissingStaticSpecifierFunctionRedeclarationShared diff --git a/cpp/autosar/test/rules/M3-3-2/test.cpp b/cpp/common/test/rules/missingstaticspecifierfunctionredeclarationshared/test.cpp similarity index 100% rename from cpp/autosar/test/rules/M3-3-2/test.cpp rename to cpp/common/test/rules/missingstaticspecifierfunctionredeclarationshared/test.cpp diff --git a/rule_packages/c/Declarations5.json b/rule_packages/c/Declarations5.json index da656fa500..2d6eeee5c2 100644 --- a/rule_packages/c/Declarations5.json +++ b/rule_packages/c/Declarations5.json @@ -43,6 +43,37 @@ } ], "title": "An external object or function shall be declared once in one and only one file" + }, + "RULE-8-8": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "If a function has internal linkage then all re-declarations shall include the static storage class specifier to make the internal linkage explicit.", + "kind": "problem", + "name": "If a function has internal linkage then all re-declarations shall include the static storage class", + "precision": "very-high", + "severity": "warning", + "short_name": "MissingStaticSpecifierFunctionRedeclarationC", + "shared_implementation_short_name": "MissingStaticSpecifierFunctionRedeclarationShared", + "tags": [ + "readability" + ] + }, + { + "description": "If an object has internal linkage then all re-declarations shall include the static storage class specifier to make the internal linkage explicit.", + "kind": "problem", + "name": "If an object has internal linkage then all re-declarations shall include the static storage class", + "precision": "very-high", + "severity": "warning", + "short_name": "MissingStaticSpecifierObjectRedeclarationC", + "tags": [ + "readability" + ] + } + ], + "title": "The static storage class specifier shall be used in all declarations of objects and functions that have internal linkage" } } } \ No newline at end of file diff --git a/rule_packages/cpp/Scope.json b/rule_packages/cpp/Scope.json index c169badcbe..0d3abcbc0a 100644 --- a/rule_packages/cpp/Scope.json +++ b/rule_packages/cpp/Scope.json @@ -179,6 +179,7 @@ "precision": "very-high", "severity": "warning", "short_name": "MissingStaticSpecifierOnFunctionRedeclaration", + "shared_implementation_short_name": "MissingStaticSpecifierFunctionRedeclarationShared", "tags": [ "readability" ] diff --git a/rules.csv b/rules.csv index 83fd1753b9..a39e8610e2 100644 --- a/rules.csv +++ b/rules.csv @@ -653,7 +653,7 @@ c,MISRA-C-2012,RULE-8-4,Yes,Required,,,A compatible declaration shall be visible c,MISRA-C-2012,RULE-8-5,Yes,Required,,,An external object or function shall be declared once in one and only one file,,Declarations5,Medium, c,MISRA-C-2012,RULE-8-6,Yes,Required,,,An identifier with external linkage shall have exactly one external definition,M3-2-4,Declarations,Import, c,MISRA-C-2012,RULE-8-7,Yes,Advisory,,,Functions and objects should not be defined with external linkage if they are referenced in only one translation unit,,Declarations,Medium, -c,MISRA-C-2012,RULE-8-8,Yes,Required,,,The static storage class specifier shall be used in all declarations of objects and functions that have internal linkage,M3-3-2,Declarations,Medium, +c,MISRA-C-2012,RULE-8-8,Yes,Required,,,The static storage class specifier shall be used in all declarations of objects and functions that have internal linkage,M3-3-2,Declarations5,Medium, c,MISRA-C-2012,RULE-8-9,Yes,Advisory,,,An object should be defined at block scope if its identifier only appears in a single function,M3-4-1,Declarations,Medium, c,MISRA-C-2012,RULE-8-10,Yes,Required,,,An inline function shall be declared with the static storage class,,Declarations,Medium, c,MISRA-C-2012,RULE-8-11,Yes,Advisory,,,"When an array with external linkage is declared, its size should be explicitly specified",,Declarations,Medium, From 8647dd483a5bb342b68cd34034f620a40f12105a Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 19 Aug 2022 16:32:05 -0700 Subject: [PATCH 0147/2573] Add rule category to rule meta data The category information enables evaluation time computation of the effective category of a rule. The effective category is determined by the rule's category and a possible recategorization through a Guideline Recategorization Plan. The effective category will be used to determine how to handle a deviation applied to a query implementing the rule. --- .../cpp/exclusions/RuleMetadata.qll | 13 ++- .../cpp/exclusions/c/Banned.qll | 59 ++++++---- .../cpp/exclusions/c/Concurrency1.qll | 11 +- .../cpp/exclusions/c/Concurrency2.qll | 8 +- .../cpp/exclusions/c/Concurrency3.qll | 14 ++- .../cpp/exclusions/c/Concurrency4.qll | 11 +- .../cpp/exclusions/c/Concurrency5.qll | 8 +- .../cpp/exclusions/c/Contracts1.qll | 8 +- .../cpp/exclusions/c/Contracts2.qll | 20 ++-- .../cpp/exclusions/c/Contracts3.qll | 11 +- .../cpp/exclusions/c/Contracts4.qll | 14 ++- .../cpp/exclusions/c/Declarations1.qll | 20 ++-- .../cpp/exclusions/c/Declarations2.qll | 17 ++- .../cpp/exclusions/c/Declarations3.qll | 17 ++- .../cpp/exclusions/c/Expressions.qll | 14 ++- .../codingstandards/cpp/exclusions/c/IO1.qll | 23 ++-- .../codingstandards/cpp/exclusions/c/IO2.qll | 14 ++- .../codingstandards/cpp/exclusions/c/IO3.qll | 20 ++-- .../codingstandards/cpp/exclusions/c/IO4.qll | 14 ++- .../cpp/exclusions/c/Language1.qll | 5 +- .../cpp/exclusions/c/Language2.qll | 8 +- .../codingstandards/cpp/exclusions/c/Misc.qll | 11 +- .../cpp/exclusions/c/Pointers1.qll | 53 ++++++--- .../cpp/exclusions/c/Pointers2.qll | 5 +- .../cpp/exclusions/c/Preprocessor1.qll | 14 ++- .../cpp/exclusions/c/Preprocessor2.qll | 14 ++- .../cpp/exclusions/c/Preprocessor3.qll | 5 +- .../cpp/exclusions/c/Preprocessor4.qll | 11 +- .../cpp/exclusions/c/Preprocessor5.qll | 11 +- .../cpp/exclusions/c/Preprocessor6.qll | 5 +- .../cpp/exclusions/c/RuleMetadata.qll | 72 ++++++------ .../cpp/exclusions/c/SideEffects1.qll | 32 ++++-- .../cpp/exclusions/c/SideEffects2.qll | 8 +- .../cpp/exclusions/c/Strings1.qll | 11 +- .../cpp/exclusions/c/Strings2.qll | 5 +- .../cpp/exclusions/c/Strings3.qll | 8 +- .../cpp/exclusions/c/Syntax.qll | 23 ++-- .../cpp/exclusions/cpp/Allocations.qll | 65 +++++++---- .../cpp/exclusions/cpp/BannedFunctions.qll | 35 ++++-- .../cpp/exclusions/cpp/BannedLibraries.qll | 38 ++++--- .../cpp/exclusions/cpp/BannedSyntax.qll | 53 ++++++--- .../cpp/exclusions/cpp/BannedTypes.qll | 14 ++- .../cpp/exclusions/cpp/Classes.qll | 56 ++++++---- .../cpp/exclusions/cpp/Comments.qll | 17 ++- .../cpp/exclusions/cpp/Concurrency.qll | 29 +++-- .../cpp/exclusions/cpp/Conditionals.qll | 53 ++++++--- .../cpp/exclusions/cpp/Const.qll | 41 ++++--- .../cpp/exclusions/cpp/DeadCode.qll | 50 ++++++--- .../cpp/exclusions/cpp/Declarations.qll | 53 ++++++--- .../cpp/exclusions/cpp/ExceptionSafety.qll | 17 ++- .../cpp/exclusions/cpp/Exceptions1.qll | 104 ++++++++++++------ .../cpp/exclusions/cpp/Exceptions2.qll | 53 ++++++--- .../cpp/exclusions/cpp/Expressions.qll | 50 ++++++--- .../cpp/exclusions/cpp/Freed.qll | 29 +++-- .../cpp/exclusions/cpp/Functions.qll | 44 +++++--- .../codingstandards/cpp/exclusions/cpp/IO.qll | 11 +- .../cpp/exclusions/cpp/Includes.qll | 20 ++-- .../cpp/exclusions/cpp/Inheritance.qll | 41 ++++--- .../cpp/exclusions/cpp/Initialization.qll | 65 +++++++---- .../cpp/exclusions/cpp/IntegerConversion.qll | 32 ++++-- .../cpp/exclusions/cpp/Invariants.qll | 20 ++-- .../cpp/exclusions/cpp/Iterators.qll | 23 ++-- .../cpp/exclusions/cpp/Lambdas.qll | 35 ++++-- .../cpp/exclusions/cpp/Literals.qll | 35 ++++-- .../cpp/exclusions/cpp/Loops.qll | 41 ++++--- .../cpp/exclusions/cpp/Macros.qll | 38 ++++--- .../cpp/exclusions/cpp/MoveForward.qll | 23 ++-- .../cpp/exclusions/cpp/Naming.qll | 83 +++++++++----- .../cpp/exclusions/cpp/Null.qll | 11 +- .../cpp/exclusions/cpp/OperatorInvariants.qll | 29 +++-- .../cpp/exclusions/cpp/Operators.qll | 47 +++++--- .../cpp/exclusions/cpp/OrderOfEvaluation.qll | 20 ++-- .../cpp/exclusions/cpp/OutOfBounds.qll | 14 ++- .../cpp/exclusions/cpp/Pointers.qll | 71 ++++++++---- .../cpp/exclusions/cpp/Representation.qll | 26 +++-- .../cpp/exclusions/cpp/RuleMetadata.qll | 102 ++++++++--------- .../cpp/exclusions/cpp/Scope.qll | 53 ++++++--- .../cpp/exclusions/cpp/SideEffects1.qll | 32 ++++-- .../cpp/exclusions/cpp/SideEffects2.qll | 29 +++-- .../cpp/exclusions/cpp/SmartPointers1.qll | 29 +++-- .../cpp/exclusions/cpp/SmartPointers2.qll | 8 +- .../cpp/exclusions/cpp/Strings.qll | 26 +++-- .../cpp/exclusions/cpp/Templates.qll | 26 +++-- .../cpp/exclusions/cpp/Toolchain.qll | 35 ++++-- .../cpp/exclusions/cpp/TrustBoundaries.qll | 11 +- .../cpp/exclusions/cpp/TypeRanges.qll | 32 ++++-- .../cpp/exclusions/cpp/Uninitialized.qll | 11 +- .../cpp/exclusions/cpp/VirtualFunctions.qll | 26 +++-- .../templates/rulemetadata.qll.template | 4 +- .../generate_rules/coding_standards_utils.py | 3 +- .../generate_rules/generate_package_files.py | 4 + .../templates/exclusions.qll.template | 5 +- 92 files changed, 1636 insertions(+), 903 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/exclusions/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/RuleMetadata.qll index d6511f61b5..4fece00b92 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/RuleMetadata.qll @@ -8,13 +8,18 @@ newtype TQuery = class Query extends TQuery { string getQueryId() { - CPPRuleMetadata::isQueryMetadata(this, result, _) or - CRuleMetadata::isQueryMetadata(this, result, _) + CPPRuleMetadata::isQueryMetadata(this, result, _, _) or + CRuleMetadata::isQueryMetadata(this, result, _, _) } string getRuleId() { - CPPRuleMetadata::isQueryMetadata(this, _, result) or - CRuleMetadata::isQueryMetadata(this, _, result) + CPPRuleMetadata::isQueryMetadata(this, _, result, _) or + CRuleMetadata::isQueryMetadata(this, _, result, _) + } + + string getCategory() { + CPPRuleMetadata::isQueryMetadata(this, _, _, result) or + CRuleMetadata::isQueryMetadata(this, _, _, result) } string toString() { result = getQueryId() } diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Banned.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Banned.qll index 615b16c0ca..888e0863a3 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Banned.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Banned.qll @@ -24,14 +24,15 @@ newtype BannedQuery = TOctalConstantsUsedQuery() or TRestrictTypeQualifierUsedQuery() -predicate isBannedQueryMetadata(Query query, string queryId, string ruleId) { +predicate isBannedQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `doNotCallSystem` query BannedPackage::doNotCallSystemQuery() and queryId = // `@id` for the `doNotCallSystem` query "c/cert/do-not-call-system" and - ruleId = "ENV33-C" + ruleId = "ENV33-C" and + category = "rule" or query = // `Query` instance for the `commaOperatorShouldNotBeUsed` query @@ -39,7 +40,8 @@ predicate isBannedQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `commaOperatorShouldNotBeUsed` query "c/misra/comma-operator-should-not-be-used" and - ruleId = "RULE-12-3" + ruleId = "RULE-12-3" and + category = "advisory" or query = // `Query` instance for the `featuresOfStdarghUsed` query @@ -47,7 +49,8 @@ predicate isBannedQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `featuresOfStdarghUsed` query "c/misra/features-of-stdargh-used" and - ruleId = "RULE-17-1" + ruleId = "RULE-17-1" and + category = "required" or query = // `Query` instance for the `unionKeywordShouldNotBeUsed` query @@ -55,7 +58,8 @@ predicate isBannedQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `unionKeywordShouldNotBeUsed` query "c/misra/union-keyword-should-not-be-used" and - ruleId = "RULE-19-2" + ruleId = "RULE-19-2" and + category = "advisory" or query = // `Query` instance for the `standardLibraryTimeAndDateFunctionsUsed` query @@ -63,7 +67,8 @@ predicate isBannedQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `standardLibraryTimeAndDateFunctionsUsed` query "c/misra/standard-library-time-and-date-functions-used" and - ruleId = "RULE-21-10" + ruleId = "RULE-21-10" and + category = "required" or query = // `Query` instance for the `standardHeaderFileTgmathhUsed` query @@ -71,7 +76,8 @@ predicate isBannedQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `standardHeaderFileTgmathhUsed` query "c/misra/standard-header-file-tgmathh-used" and - ruleId = "RULE-21-11" + ruleId = "RULE-21-11" and + category = "required" or query = // `Query` instance for the `exceptionHandlingFeaturesOfFenvhUsed` query @@ -79,7 +85,8 @@ predicate isBannedQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `exceptionHandlingFeaturesOfFenvhUsed` query "c/misra/exception-handling-features-of-fenvh-used" and - ruleId = "RULE-21-12" + ruleId = "RULE-21-12" and + category = "advisory" or query = // `Query` instance for the `systemOfStdlibhUsed` query @@ -87,7 +94,8 @@ predicate isBannedQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `systemOfStdlibhUsed` query "c/misra/system-of-stdlibh-used" and - ruleId = "RULE-21-21" + ruleId = "RULE-21-21" and + category = "required" or query = // `Query` instance for the `memoryAllocDeallocFunctionsOfStdlibhUsed` query @@ -95,7 +103,8 @@ predicate isBannedQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `memoryAllocDeallocFunctionsOfStdlibhUsed` query "c/misra/memory-alloc-dealloc-functions-of-stdlibh-used" and - ruleId = "RULE-21-3" + ruleId = "RULE-21-3" and + category = "required" or query = // `Query` instance for the `standardHeaderFileUsedSetjmph` query @@ -103,7 +112,8 @@ predicate isBannedQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `standardHeaderFileUsedSetjmph` query "c/misra/standard-header-file-used-setjmph" and - ruleId = "RULE-21-4" + ruleId = "RULE-21-4" and + category = "required" or query = // `Query` instance for the `standardHeaderFileUsedSignalh` query @@ -111,7 +121,8 @@ predicate isBannedQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `standardHeaderFileUsedSignalh` query "c/misra/standard-header-file-used-signalh" and - ruleId = "RULE-21-5" + ruleId = "RULE-21-5" and + category = "required" or query = // `Query` instance for the `standardLibraryInputoutputFunctionsUsed` query @@ -119,7 +130,8 @@ predicate isBannedQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `standardLibraryInputoutputFunctionsUsed` query "c/misra/standard-library-inputoutput-functions-used" and - ruleId = "RULE-21-6" + ruleId = "RULE-21-6" and + category = "required" or query = // `Query` instance for the `atofAtoiAtolAndAtollOfStdlibhUsed` query @@ -127,7 +139,8 @@ predicate isBannedQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `atofAtoiAtolAndAtollOfStdlibhUsed` query "c/misra/atof-atoi-atol-and-atoll-of-stdlibh-used" and - ruleId = "RULE-21-7" + ruleId = "RULE-21-7" and + category = "required" or query = // `Query` instance for the `terminationFunctionsOfStdlibhUsed` query @@ -135,7 +148,8 @@ predicate isBannedQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `terminationFunctionsOfStdlibhUsed` query "c/misra/termination-functions-of-stdlibh-used" and - ruleId = "RULE-21-8" + ruleId = "RULE-21-8" and + category = "required" or query = // `Query` instance for the `terminationMacrosOfStdlibhUsed` query @@ -143,7 +157,8 @@ predicate isBannedQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `terminationMacrosOfStdlibhUsed` query "c/misra/termination-macros-of-stdlibh-used" and - ruleId = "RULE-21-8" + ruleId = "RULE-21-8" and + category = "required" or query = // `Query` instance for the `bsearchAndQsortOfStdlibhUsed` query @@ -151,7 +166,8 @@ predicate isBannedQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `bsearchAndQsortOfStdlibhUsed` query "c/misra/bsearch-and-qsort-of-stdlibh-used" and - ruleId = "RULE-21-9" + ruleId = "RULE-21-9" and + category = "required" or query = // `Query` instance for the `stdLibDynamicMemoryAllocationUsed` query @@ -159,7 +175,8 @@ predicate isBannedQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `stdLibDynamicMemoryAllocationUsed` query "c/misra/std-lib-dynamic-memory-allocation-used" and - ruleId = "DIR-4-12" + ruleId = "DIR-4-12" and + category = "required" or query = // `Query` instance for the `octalConstantsUsed` query @@ -167,7 +184,8 @@ predicate isBannedQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `octalConstantsUsed` query "c/misra/octal-constants-used" and - ruleId = "RULE-7-1" + ruleId = "RULE-7-1" and + category = "required" or query = // `Query` instance for the `restrictTypeQualifierUsed` query @@ -175,7 +193,8 @@ predicate isBannedQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `restrictTypeQualifierUsed` query "c/misra/restrict-type-qualifier-used" and - ruleId = "RULE-8-14" + ruleId = "RULE-8-14" and + category = "required" } module BannedPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency1.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency1.qll index 7d49962781..ed3a82c28d 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency1.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency1.qll @@ -8,14 +8,15 @@ newtype Concurrency1Query = TRaceConditionsWhenUsingLibraryFunctionsQuery() or TDoNotCallSignalInMultithreadedProgramQuery() -predicate isConcurrency1QueryMetadata(Query query, string queryId, string ruleId) { +predicate isConcurrency1QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `preventDataRacesWithMultipleThreads` query Concurrency1Package::preventDataRacesWithMultipleThreadsQuery() and queryId = // `@id` for the `preventDataRacesWithMultipleThreads` query "c/cert/prevent-data-races-with-multiple-threads" and - ruleId = "CON32-C" + ruleId = "CON32-C" and + category = "rule" or query = // `Query` instance for the `raceConditionsWhenUsingLibraryFunctions` query @@ -23,7 +24,8 @@ predicate isConcurrency1QueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `raceConditionsWhenUsingLibraryFunctions` query "c/cert/race-conditions-when-using-library-functions" and - ruleId = "CON33-C" + ruleId = "CON33-C" and + category = "rule" or query = // `Query` instance for the `doNotCallSignalInMultithreadedProgram` query @@ -31,7 +33,8 @@ predicate isConcurrency1QueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `doNotCallSignalInMultithreadedProgram` query "c/cert/do-not-call-signal-in-multithreaded-program" and - ruleId = "CON37-C" + ruleId = "CON37-C" and + category = "rule" } module Concurrency1Package { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency2.qll index 7e3bbe10a7..38a3eaa513 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency2.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency2.qll @@ -7,14 +7,15 @@ newtype Concurrency2Query = TDeadlockByLockingInPredefinedOrderQuery() or TWrapFunctionsThatCanSpuriouslyWakeUpInLoopQuery() -predicate isConcurrency2QueryMetadata(Query query, string queryId, string ruleId) { +predicate isConcurrency2QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `deadlockByLockingInPredefinedOrder` query Concurrency2Package::deadlockByLockingInPredefinedOrderQuery() and queryId = // `@id` for the `deadlockByLockingInPredefinedOrder` query "c/cert/deadlock-by-locking-in-predefined-order" and - ruleId = "CON35-C" + ruleId = "CON35-C" and + category = "rule" or query = // `Query` instance for the `wrapFunctionsThatCanSpuriouslyWakeUpInLoop` query @@ -22,7 +23,8 @@ predicate isConcurrency2QueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `wrapFunctionsThatCanSpuriouslyWakeUpInLoop` query "c/cert/wrap-functions-that-can-spuriously-wake-up-in-loop" and - ruleId = "CON36-C" + ruleId = "CON36-C" and + category = "rule" } module Concurrency2Package { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency3.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency3.qll index 029d0e16e4..982ea21543 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency3.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency3.qll @@ -9,14 +9,15 @@ newtype Concurrency3Query = TPreserveSafetyWhenUsingConditionVariablesQuery() or TWrapFunctionsThatCanFailSpuriouslyInLoopQuery() -predicate isConcurrency3QueryMetadata(Query query, string queryId, string ruleId) { +predicate isConcurrency3QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `doNotAllowAMutexToGoOutOfScopeWhileLocked` query Concurrency3Package::doNotAllowAMutexToGoOutOfScopeWhileLockedQuery() and queryId = // `@id` for the `doNotAllowAMutexToGoOutOfScopeWhileLocked` query "c/cert/do-not-allow-a-mutex-to-go-out-of-scope-while-locked" and - ruleId = "CON31-C" + ruleId = "CON31-C" and + category = "rule" or query = // `Query` instance for the `doNotDestroyAMutexWhileItIsLocked` query @@ -24,7 +25,8 @@ predicate isConcurrency3QueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `doNotDestroyAMutexWhileItIsLocked` query "c/cert/do-not-destroy-a-mutex-while-it-is-locked" and - ruleId = "CON31-C" + ruleId = "CON31-C" and + category = "rule" or query = // `Query` instance for the `preserveSafetyWhenUsingConditionVariables` query @@ -32,7 +34,8 @@ predicate isConcurrency3QueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `preserveSafetyWhenUsingConditionVariables` query "c/cert/preserve-safety-when-using-condition-variables" and - ruleId = "CON38-C" + ruleId = "CON38-C" and + category = "rule" or query = // `Query` instance for the `wrapFunctionsThatCanFailSpuriouslyInLoop` query @@ -40,7 +43,8 @@ predicate isConcurrency3QueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `wrapFunctionsThatCanFailSpuriouslyInLoop` query "c/cert/wrap-functions-that-can-fail-spuriously-in-loop" and - ruleId = "CON41-C" + ruleId = "CON41-C" and + category = "rule" } module Concurrency3Package { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency4.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency4.qll index 43faee8521..dfe9273563 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency4.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency4.qll @@ -8,14 +8,15 @@ newtype Concurrency4Query = TAppropriateThreadObjectStorageDurationsQuery() or TThreadObjectStorageDurationsNotInitializedQuery() -predicate isConcurrency4QueryMetadata(Query query, string queryId, string ruleId) { +predicate isConcurrency4QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `cleanUpThreadSpecificStorage` query Concurrency4Package::cleanUpThreadSpecificStorageQuery() and queryId = // `@id` for the `cleanUpThreadSpecificStorage` query "c/cert/clean-up-thread-specific-storage" and - ruleId = "CON30-C" + ruleId = "CON30-C" and + category = "rule" or query = // `Query` instance for the `appropriateThreadObjectStorageDurations` query @@ -23,7 +24,8 @@ predicate isConcurrency4QueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `appropriateThreadObjectStorageDurations` query "c/cert/appropriate-thread-object-storage-durations" and - ruleId = "CON34-C" + ruleId = "CON34-C" and + category = "rule" or query = // `Query` instance for the `threadObjectStorageDurationsNotInitialized` query @@ -31,7 +33,8 @@ predicate isConcurrency4QueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `threadObjectStorageDurationsNotInitialized` query "c/cert/thread-object-storage-durations-not-initialized" and - ruleId = "CON34-C" + ruleId = "CON34-C" and + category = "rule" } module Concurrency4Package { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency5.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency5.qll index ebbb3dabe5..6ff1bc60a4 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency5.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency5.qll @@ -7,14 +7,15 @@ newtype Concurrency5Query = TThreadWasPreviouslyJoinedOrDetachedQuery() or TAtomicVariableTwiceInExpressionQuery() -predicate isConcurrency5QueryMetadata(Query query, string queryId, string ruleId) { +predicate isConcurrency5QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `threadWasPreviouslyJoinedOrDetached` query Concurrency5Package::threadWasPreviouslyJoinedOrDetachedQuery() and queryId = // `@id` for the `threadWasPreviouslyJoinedOrDetached` query "c/cert/thread-was-previously-joined-or-detached" and - ruleId = "CON39-C" + ruleId = "CON39-C" and + category = "rule" or query = // `Query` instance for the `atomicVariableTwiceInExpression` query @@ -22,7 +23,8 @@ predicate isConcurrency5QueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `atomicVariableTwiceInExpression` query "c/cert/atomic-variable-twice-in-expression" and - ruleId = "CON40-C" + ruleId = "CON40-C" and + category = "rule" } module Concurrency5Package { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts1.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts1.qll index b7a10673b7..3336438b98 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts1.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts1.qll @@ -7,14 +7,15 @@ newtype Contracts1Query = TDoNotModifyTheReturnValueOfCertainFunctionsQuery() or TEnvPointerIsInvalidAfterCertainOperationsQuery() -predicate isContracts1QueryMetadata(Query query, string queryId, string ruleId) { +predicate isContracts1QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `doNotModifyTheReturnValueOfCertainFunctions` query Contracts1Package::doNotModifyTheReturnValueOfCertainFunctionsQuery() and queryId = // `@id` for the `doNotModifyTheReturnValueOfCertainFunctions` query "c/cert/do-not-modify-the-return-value-of-certain-functions" and - ruleId = "ENV30-C" + ruleId = "ENV30-C" and + category = "rule" or query = // `Query` instance for the `envPointerIsInvalidAfterCertainOperations` query @@ -22,7 +23,8 @@ predicate isContracts1QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `envPointerIsInvalidAfterCertainOperations` query "c/cert/env-pointer-is-invalid-after-certain-operations" and - ruleId = "ENV31-C" + ruleId = "ENV31-C" and + category = "rule" } module Contracts1Package { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts2.qll index ebf2ba3e26..f5cfe21f1a 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts2.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts2.qll @@ -11,14 +11,15 @@ newtype Contracts2Query = TCallToSetlocaleInvalidatesOldPointersQuery() or TCallToSetlocaleInvalidatesOldPointersWarnQuery() -predicate isContracts2QueryMetadata(Query query, string queryId, string ruleId) { +predicate isContracts2QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `exitHandlersMustReturnNormally` query Contracts2Package::exitHandlersMustReturnNormallyQuery() and queryId = // `@id` for the `exitHandlersMustReturnNormally` query "c/cert/exit-handlers-must-return-normally" and - ruleId = "ENV32-C" + ruleId = "ENV32-C" and + category = "rule" or query = // `Query` instance for the `doNotStorePointersReturnedByEnvFunctions` query @@ -26,7 +27,8 @@ predicate isContracts2QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `doNotStorePointersReturnedByEnvFunctions` query "c/cert/do-not-store-pointers-returned-by-env-functions" and - ruleId = "ENV34-C" + ruleId = "ENV34-C" and + category = "rule" or query = // `Query` instance for the `doNotStorePointersReturnedByEnvironmentFunWarn` query @@ -34,7 +36,8 @@ predicate isContracts2QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `doNotStorePointersReturnedByEnvironmentFunWarn` query "c/cert/do-not-store-pointers-returned-by-environment-fun-warn" and - ruleId = "ENV34-C" + ruleId = "ENV34-C" and + category = "rule" or query = // `Query` instance for the `valuesReturnedByLocaleSettingUsedAsPtrToConst` query @@ -42,7 +45,8 @@ predicate isContracts2QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `valuesReturnedByLocaleSettingUsedAsPtrToConst` query "c/misra/values-returned-by-locale-setting-used-as-ptr-to-const" and - ruleId = "RULE-21-19" + ruleId = "RULE-21-19" and + category = "mandatory" or query = // `Query` instance for the `callToSetlocaleInvalidatesOldPointers` query @@ -50,7 +54,8 @@ predicate isContracts2QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `callToSetlocaleInvalidatesOldPointers` query "c/misra/call-to-setlocale-invalidates-old-pointers" and - ruleId = "RULE-21-20" + ruleId = "RULE-21-20" and + category = "mandatory" or query = // `Query` instance for the `callToSetlocaleInvalidatesOldPointersWarn` query @@ -58,7 +63,8 @@ predicate isContracts2QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `callToSetlocaleInvalidatesOldPointersWarn` query "c/misra/call-to-setlocale-invalidates-old-pointers-warn" and - ruleId = "RULE-21-20" + ruleId = "RULE-21-20" and + category = "mandatory" } module Contracts2Package { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts3.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts3.qll index 7b7e1224d0..633907ba8c 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts3.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts3.qll @@ -8,14 +8,15 @@ newtype Contracts3Query = TErrnoSetToZeroPriorToCallQuery() or TErrnoSetToZeroAfterCallQuery() -predicate isContracts3QueryMetadata(Query query, string queryId, string ruleId) { +predicate isContracts3QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `onlyTestErrnoRightAfterErrnoSettingFunction` query Contracts3Package::onlyTestErrnoRightAfterErrnoSettingFunctionQuery() and queryId = // `@id` for the `onlyTestErrnoRightAfterErrnoSettingFunction` query "c/misra/only-test-errno-right-after-errno-setting-function" and - ruleId = "RULE-22-10" + ruleId = "RULE-22-10" and + category = "required" or query = // `Query` instance for the `errnoSetToZeroPriorToCall` query @@ -23,7 +24,8 @@ predicate isContracts3QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `errnoSetToZeroPriorToCall` query "c/misra/errno-set-to-zero-prior-to-call" and - ruleId = "RULE-22-8" + ruleId = "RULE-22-8" and + category = "required" or query = // `Query` instance for the `errnoSetToZeroAfterCall` query @@ -31,7 +33,8 @@ predicate isContracts3QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `errnoSetToZeroAfterCall` query "c/misra/errno-set-to-zero-after-call" and - ruleId = "RULE-22-9" + ruleId = "RULE-22-9" and + category = "required" } module Contracts3Package { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts4.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts4.qll index b0378cd1ec..2603360915 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts4.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts4.qll @@ -9,14 +9,15 @@ newtype Contracts4Query = TFunctionCallBeforeErrnoCheckQuery() or TErrnoNotSetToZeroQuery() -predicate isContracts4QueryMetadata(Query query, string queryId, string ruleId) { +predicate isContracts4QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `setlocaleMightSetErrno` query Contracts4Package::setlocaleMightSetErrnoQuery() and queryId = // `@id` for the `setlocaleMightSetErrno` query "c/cert/setlocale-might-set-errno" and - ruleId = "ERR30-C" + ruleId = "ERR30-C" and + category = "rule" or query = // `Query` instance for the `errnoReadBeforeReturn` query @@ -24,7 +25,8 @@ predicate isContracts4QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `errnoReadBeforeReturn` query "c/cert/errno-read-before-return" and - ruleId = "ERR30-C" + ruleId = "ERR30-C" and + category = "rule" or query = // `Query` instance for the `functionCallBeforeErrnoCheck` query @@ -32,7 +34,8 @@ predicate isContracts4QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `functionCallBeforeErrnoCheck` query "c/cert/function-call-before-errno-check" and - ruleId = "ERR30-C" + ruleId = "ERR30-C" and + category = "rule" or query = // `Query` instance for the `errnoNotSetToZero` query @@ -40,7 +43,8 @@ predicate isContracts4QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `errnoNotSetToZero` query "c/cert/errno-not-set-to-zero" and - ruleId = "ERR30-C" + ruleId = "ERR30-C" and + category = "rule" } module Contracts4Package { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations1.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations1.qll index c52cd567c8..c5ffaa56e3 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations1.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations1.qll @@ -11,14 +11,15 @@ newtype Declarations1Query = TMacroIdentifiersNotDistinctQuery() or TMacroIdentifierNotDistinctFromParameterQuery() -predicate isDeclarations1QueryMetadata(Query query, string queryId, string ruleId) { +predicate isDeclarations1QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `declareIdentifiersBeforeUsingThem` query Declarations1Package::declareIdentifiersBeforeUsingThemQuery() and queryId = // `@id` for the `declareIdentifiersBeforeUsingThem` query "c/cert/declare-identifiers-before-using-them" and - ruleId = "DCL31-C" + ruleId = "DCL31-C" and + category = "rule" or query = // `Query` instance for the `doNotDeclareOrDefineAReservedIdentifier` query @@ -26,7 +27,8 @@ predicate isDeclarations1QueryMetadata(Query query, string queryId, string ruleI queryId = // `@id` for the `doNotDeclareOrDefineAReservedIdentifier` query "c/cert/do-not-declare-or-define-a-reserved-identifier" and - ruleId = "DCL37-C" + ruleId = "DCL37-C" and + category = "rule" or query = // `Query` instance for the `doNotDeclareAReservedIdentifier` query @@ -34,7 +36,8 @@ predicate isDeclarations1QueryMetadata(Query query, string queryId, string ruleI queryId = // `@id` for the `doNotDeclareAReservedIdentifier` query "c/misra/do-not-declare-a-reserved-identifier" and - ruleId = "RULE-21-2" + ruleId = "RULE-21-2" and + category = "required" or query = // `Query` instance for the `externalIdentifiersNotDistinct` query @@ -42,7 +45,8 @@ predicate isDeclarations1QueryMetadata(Query query, string queryId, string ruleI queryId = // `@id` for the `externalIdentifiersNotDistinct` query "c/misra/external-identifiers-not-distinct" and - ruleId = "RULE-5-1" + ruleId = "RULE-5-1" and + category = "required" or query = // `Query` instance for the `macroIdentifiersNotDistinct` query @@ -50,7 +54,8 @@ predicate isDeclarations1QueryMetadata(Query query, string queryId, string ruleI queryId = // `@id` for the `macroIdentifiersNotDistinct` query "c/misra/macro-identifiers-not-distinct" and - ruleId = "RULE-5-4" + ruleId = "RULE-5-4" and + category = "required" or query = // `Query` instance for the `macroIdentifierNotDistinctFromParameter` query @@ -58,7 +63,8 @@ predicate isDeclarations1QueryMetadata(Query query, string queryId, string ruleI queryId = // `@id` for the `macroIdentifierNotDistinctFromParameter` query "c/misra/macro-identifier-not-distinct-from-parameter" and - ruleId = "RULE-5-4" + ruleId = "RULE-5-4" and + category = "required" } module Declarations1Package { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations2.qll index 5314ebc400..a8b7b95d2c 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations2.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations2.qll @@ -10,14 +10,15 @@ newtype Declarations2Query = TIncompatibleFunctionDeclarationsQuery() or TVariablesInsideSwitchStatementQuery() -predicate isDeclarations2QueryMetadata(Query query, string queryId, string ruleId) { +predicate isDeclarations2QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `declaringAFlexibleArrayMember` query Declarations2Package::declaringAFlexibleArrayMemberQuery() and queryId = // `@id` for the `declaringAFlexibleArrayMember` query "c/cert/declaring-a-flexible-array-member" and - ruleId = "DCL38-C" + ruleId = "DCL38-C" and + category = "rule" or query = // `Query` instance for the `excessLengthNamesIdentifiersNotDistinct` query @@ -25,7 +26,8 @@ predicate isDeclarations2QueryMetadata(Query query, string queryId, string ruleI queryId = // `@id` for the `excessLengthNamesIdentifiersNotDistinct` query "c/cert/excess-length-names-identifiers-not-distinct" and - ruleId = "DCL40-C" + ruleId = "DCL40-C" and + category = "rule" or query = // `Query` instance for the `incompatibleObjectDeclarations` query @@ -33,7 +35,8 @@ predicate isDeclarations2QueryMetadata(Query query, string queryId, string ruleI queryId = // `@id` for the `incompatibleObjectDeclarations` query "c/cert/incompatible-object-declarations" and - ruleId = "DCL40-C" + ruleId = "DCL40-C" and + category = "rule" or query = // `Query` instance for the `incompatibleFunctionDeclarations` query @@ -41,7 +44,8 @@ predicate isDeclarations2QueryMetadata(Query query, string queryId, string ruleI queryId = // `@id` for the `incompatibleFunctionDeclarations` query "c/cert/incompatible-function-declarations" and - ruleId = "DCL40-C" + ruleId = "DCL40-C" and + category = "rule" or query = // `Query` instance for the `variablesInsideSwitchStatement` query @@ -49,7 +53,8 @@ predicate isDeclarations2QueryMetadata(Query query, string queryId, string ruleI queryId = // `@id` for the `variablesInsideSwitchStatement` query "c/cert/variables-inside-switch-statement" and - ruleId = "DCL41-C" + ruleId = "DCL41-C" and + category = "rule" } module Declarations2Package { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations3.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations3.qll index 0aa63e6dc5..22ed294ee7 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations3.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations3.qll @@ -10,14 +10,15 @@ newtype Declarations3Query = TTagNameNotUniqueQuery() or TExplicitlyDeclareTypesQuery() -predicate isDeclarations3QueryMetadata(Query query, string queryId, string ruleId) { +predicate isDeclarations3QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `identifierHidingC` query Declarations3Package::identifierHidingCQuery() and queryId = // `@id` for the `identifierHidingC` query "c/misra/identifier-hiding-c" and - ruleId = "RULE-5-3" + ruleId = "RULE-5-3" and + category = "required" or query = // `Query` instance for the `identifiersNotDistinctFromMacroNames` query @@ -25,7 +26,8 @@ predicate isDeclarations3QueryMetadata(Query query, string queryId, string ruleI queryId = // `@id` for the `identifiersNotDistinctFromMacroNames` query "c/misra/identifiers-not-distinct-from-macro-names" and - ruleId = "RULE-5-5" + ruleId = "RULE-5-5" and + category = "required" or query = // `Query` instance for the `typedefNameNotUnique` query @@ -33,7 +35,8 @@ predicate isDeclarations3QueryMetadata(Query query, string queryId, string ruleI queryId = // `@id` for the `typedefNameNotUnique` query "c/misra/typedef-name-not-unique" and - ruleId = "RULE-5-6" + ruleId = "RULE-5-6" and + category = "required" or query = // `Query` instance for the `tagNameNotUnique` query @@ -41,7 +44,8 @@ predicate isDeclarations3QueryMetadata(Query query, string queryId, string ruleI queryId = // `@id` for the `tagNameNotUnique` query "c/misra/tag-name-not-unique" and - ruleId = "RULE-5-7" + ruleId = "RULE-5-7" and + category = "required" or query = // `Query` instance for the `explicitlyDeclareTypes` query @@ -49,7 +53,8 @@ predicate isDeclarations3QueryMetadata(Query query, string queryId, string ruleI queryId = // `@id` for the `explicitlyDeclareTypes` query "c/misra/explicitly-declare-types" and - ruleId = "RULE-8-1" + ruleId = "RULE-8-1" and + category = "required" } module Declarations3Package { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Expressions.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Expressions.qll index 2e18feca23..fab8e21d01 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Expressions.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Expressions.qll @@ -9,14 +9,15 @@ newtype ExpressionsQuery = TCallPOSIXOpenWithCorrectArgumentCountQuery() or TDoNotUseABitwiseOperatorWithABooleanLikeOperandQuery() -predicate isExpressionsQueryMetadata(Query query, string queryId, string ruleId) { +predicate isExpressionsQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `doNotCallFunctionPointerWithIncompatibleType` query ExpressionsPackage::doNotCallFunctionPointerWithIncompatibleTypeQuery() and queryId = // `@id` for the `doNotCallFunctionPointerWithIncompatibleType` query "c/cert/do-not-call-function-pointer-with-incompatible-type" and - ruleId = "EXP37-C" + ruleId = "EXP37-C" and + category = "rule" or query = // `Query` instance for the `doNotCallFunctionsWithIncompatibleArguments` query @@ -24,7 +25,8 @@ predicate isExpressionsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `doNotCallFunctionsWithIncompatibleArguments` query "c/cert/do-not-call-functions-with-incompatible-arguments" and - ruleId = "EXP37-C" + ruleId = "EXP37-C" and + category = "rule" or query = // `Query` instance for the `callPOSIXOpenWithCorrectArgumentCount` query @@ -32,7 +34,8 @@ predicate isExpressionsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `callPOSIXOpenWithCorrectArgumentCount` query "c/cert/call-posix-open-with-correct-argument-count" and - ruleId = "EXP37-C" + ruleId = "EXP37-C" and + category = "rule" or query = // `Query` instance for the `doNotUseABitwiseOperatorWithABooleanLikeOperand` query @@ -40,7 +43,8 @@ predicate isExpressionsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `doNotUseABitwiseOperatorWithABooleanLikeOperand` query "c/cert/do-not-use-a-bitwise-operator-with-a-boolean-like-operand" and - ruleId = "EXP46-C" + ruleId = "EXP46-C" and + category = "rule" } module ExpressionsPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/IO1.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/IO1.qll index f0aa85cd8a..b3c1bdd428 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/IO1.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/IO1.qll @@ -12,14 +12,15 @@ newtype IO1Query = TUndefinedBehaviorAccessingAClosedFileQuery() or TFileUsedAfterClosedQuery() -predicate isIO1QueryMetadata(Query query, string queryId, string ruleId) { +predicate isIO1QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `excludeUserInputFromFormatStrings` query IO1Package::excludeUserInputFromFormatStringsQuery() and queryId = // `@id` for the `excludeUserInputFromFormatStrings` query "c/cert/exclude-user-input-from-format-strings" and - ruleId = "FIO30-C" + ruleId = "FIO30-C" and + category = "rule" or query = // `Query` instance for the `distinguishBetweenCharReadFromAFileAndEofOrWeof` query @@ -27,7 +28,8 @@ predicate isIO1QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `distinguishBetweenCharReadFromAFileAndEofOrWeof` query "c/cert/distinguish-between-char-read-from-a-file-and-eof-or-weof" and - ruleId = "FIO34-C" + ruleId = "FIO34-C" and + category = "rule" or query = // `Query` instance for the `endOfFileCheckPortability` query @@ -35,7 +37,8 @@ predicate isIO1QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `endOfFileCheckPortability` query "c/cert/end-of-file-check-portability" and - ruleId = "FIO34-C" + ruleId = "FIO34-C" and + category = "rule" or query = // `Query` instance for the `doNotAlternatelyIOFromAStreamWithoutPositioning` query @@ -43,7 +46,8 @@ predicate isIO1QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `doNotAlternatelyIOFromAStreamWithoutPositioning` query "c/cert/do-not-alternately-io-from-a-stream-without-positioning" and - ruleId = "FIO39-C" + ruleId = "FIO39-C" and + category = "rule" or query = // `Query` instance for the `closeFilesWhenTheyAreNoLongerNeeded` query @@ -51,7 +55,8 @@ predicate isIO1QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `closeFilesWhenTheyAreNoLongerNeeded` query "c/cert/close-files-when-they-are-no-longer-needed" and - ruleId = "FIO42-C" + ruleId = "FIO42-C" and + category = "rule" or query = // `Query` instance for the `undefinedBehaviorAccessingAClosedFile` query @@ -59,7 +64,8 @@ predicate isIO1QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `undefinedBehaviorAccessingAClosedFile` query "c/cert/undefined-behavior-accessing-a-closed-file" and - ruleId = "FIO46-C" + ruleId = "FIO46-C" and + category = "rule" or query = // `Query` instance for the `fileUsedAfterClosed` query @@ -67,7 +73,8 @@ predicate isIO1QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `fileUsedAfterClosed` query "c/misra/file-used-after-closed" and - ruleId = "RULE-22-6" + ruleId = "RULE-22-6" and + category = "mandatory" } module IO1Package { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/IO2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/IO2.qll index 6eca59ea3c..6208470e24 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/IO2.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/IO2.qll @@ -9,14 +9,15 @@ newtype IO2Query = TDoNotCallGetcAndPutcWithSideEffectsQuery() or TOnlyUseValuesForFsetposThatAreReturnedFromFgetposQuery() -predicate isIO2QueryMetadata(Query query, string queryId, string ruleId) { +predicate isIO2QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `doNotCopyAFileObject` query IO2Package::doNotCopyAFileObjectQuery() and queryId = // `@id` for the `doNotCopyAFileObject` query "c/cert/do-not-copy-a-file-object" and - ruleId = "FIO38-C" + ruleId = "FIO38-C" and + category = "rule" or query = // `Query` instance for the `resetStringsOnFgetsOrFgetwsFailure` query @@ -24,7 +25,8 @@ predicate isIO2QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `resetStringsOnFgetsOrFgetwsFailure` query "c/cert/reset-strings-on-fgets-or-fgetws-failure" and - ruleId = "FIO40-C" + ruleId = "FIO40-C" and + category = "rule" or query = // `Query` instance for the `doNotCallGetcAndPutcWithSideEffects` query @@ -32,7 +34,8 @@ predicate isIO2QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `doNotCallGetcAndPutcWithSideEffects` query "c/cert/do-not-call-getc-and-putc-with-side-effects" and - ruleId = "FIO41-C" + ruleId = "FIO41-C" and + category = "rule" or query = // `Query` instance for the `onlyUseValuesForFsetposThatAreReturnedFromFgetpos` query @@ -40,7 +43,8 @@ predicate isIO2QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `onlyUseValuesForFsetposThatAreReturnedFromFgetpos` query "c/cert/only-use-values-for-fsetpos-that-are-returned-from-fgetpos" and - ruleId = "FIO44-C" + ruleId = "FIO44-C" and + category = "rule" } module IO2Package { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/IO3.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/IO3.qll index b04ecbf420..9aac753c0b 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/IO3.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/IO3.qll @@ -11,14 +11,15 @@ newtype IO3Query = TPointerToAFileObjectDereferencedQuery() or TEofShallBeComparedWithUnmodifiedReturnValuesQuery() -predicate isIO3QueryMetadata(Query query, string queryId, string ruleId) { +predicate isIO3QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `doNotPerformFileOperationsOnDevices` query IO3Package::doNotPerformFileOperationsOnDevicesQuery() and queryId = // `@id` for the `doNotPerformFileOperationsOnDevices` query "c/cert/do-not-perform-file-operations-on-devices" and - ruleId = "FIO32-C" + ruleId = "FIO32-C" and + category = "rule" or query = // `Query` instance for the `successfulFgetsOrFgetwsMayReturnAnEmptyString` query @@ -26,7 +27,8 @@ predicate isIO3QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `successfulFgetsOrFgetwsMayReturnAnEmptyString` query "c/cert/successful-fgets-or-fgetws-may-return-an-empty-string" and - ruleId = "FIO37-C" + ruleId = "FIO37-C" and + category = "rule" or query = // `Query` instance for the `fileOpenForReadAndWriteOnDifferentStreams` query @@ -34,7 +36,8 @@ predicate isIO3QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `fileOpenForReadAndWriteOnDifferentStreams` query "c/misra/file-open-for-read-and-write-on-different-streams" and - ruleId = "RULE-22-3" + ruleId = "RULE-22-3" and + category = "required" or query = // `Query` instance for the `attemptToWriteToAReadOnlyStream` query @@ -42,7 +45,8 @@ predicate isIO3QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `attemptToWriteToAReadOnlyStream` query "c/misra/attempt-to-write-to-a-read-only-stream" and - ruleId = "RULE-22-4" + ruleId = "RULE-22-4" and + category = "mandatory" or query = // `Query` instance for the `pointerToAFileObjectDereferenced` query @@ -50,7 +54,8 @@ predicate isIO3QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `pointerToAFileObjectDereferenced` query "c/misra/pointer-to-a-file-object-dereferenced" and - ruleId = "RULE-22-5" + ruleId = "RULE-22-5" and + category = "mandatory" or query = // `Query` instance for the `eofShallBeComparedWithUnmodifiedReturnValues` query @@ -58,7 +63,8 @@ predicate isIO3QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `eofShallBeComparedWithUnmodifiedReturnValues` query "c/misra/eof-shall-be-compared-with-unmodified-return-values" and - ruleId = "RULE-22-7" + ruleId = "RULE-22-7" and + category = "required" } module IO3Package { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/IO4.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/IO4.qll index a1c3978fc4..872ee2cbcd 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/IO4.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/IO4.qll @@ -9,14 +9,15 @@ newtype IO4Query = TWrongNumberOfFormatArgumentsQuery() or TWrongTypeFormatArgumentsQuery() -predicate isIO4QueryMetadata(Query query, string queryId, string ruleId) { +predicate isIO4QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `toctouRaceConditionsWhileAccessingFiles` query IO4Package::toctouRaceConditionsWhileAccessingFilesQuery() and queryId = // `@id` for the `toctouRaceConditionsWhileAccessingFiles` query "c/cert/toctou-race-conditions-while-accessing-files" and - ruleId = "FIO45-C" + ruleId = "FIO45-C" and + category = "rule" or query = // `Query` instance for the `useValidSpecifiers` query @@ -24,7 +25,8 @@ predicate isIO4QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `useValidSpecifiers` query "c/cert/use-valid-specifiers" and - ruleId = "FIO47-C" + ruleId = "FIO47-C" and + category = "rule" or query = // `Query` instance for the `wrongNumberOfFormatArguments` query @@ -32,7 +34,8 @@ predicate isIO4QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `wrongNumberOfFormatArguments` query "c/cert/wrong-number-of-format-arguments" and - ruleId = "FIO47-C" + ruleId = "FIO47-C" and + category = "rule" or query = // `Query` instance for the `wrongTypeFormatArguments` query @@ -40,7 +43,8 @@ predicate isIO4QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `wrongTypeFormatArguments` query "c/cert/wrong-type-format-arguments" and - ruleId = "FIO47-C" + ruleId = "FIO47-C" and + category = "rule" } module IO4Package { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Language1.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Language1.qll index a2787698cc..0fb03bf6d5 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Language1.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Language1.qll @@ -5,14 +5,15 @@ import codingstandards.cpp.exclusions.RuleMetadata newtype Language1Query = TLanguageNotEncapsulatedAndIsolatedQuery() -predicate isLanguage1QueryMetadata(Query query, string queryId, string ruleId) { +predicate isLanguage1QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `languageNotEncapsulatedAndIsolated` query Language1Package::languageNotEncapsulatedAndIsolatedQuery() and queryId = // `@id` for the `languageNotEncapsulatedAndIsolated` query "c/misra/language-not-encapsulated-and-isolated" and - ruleId = "DIR-4-3" + ruleId = "DIR-4-3" and + category = "required" } module Language1Package { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Language2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Language2.qll index 0217551e59..2a85696cc2 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Language2.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Language2.qll @@ -7,14 +7,15 @@ newtype Language2Query = TUsageOfAssemblyLanguageShouldBeDocumentedQuery() or TEmergentLanguageFeaturesUsedQuery() -predicate isLanguage2QueryMetadata(Query query, string queryId, string ruleId) { +predicate isLanguage2QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `usageOfAssemblyLanguageShouldBeDocumented` query Language2Package::usageOfAssemblyLanguageShouldBeDocumentedQuery() and queryId = // `@id` for the `usageOfAssemblyLanguageShouldBeDocumented` query "c/misra/usage-of-assembly-language-should-be-documented" and - ruleId = "DIR-4-2" + ruleId = "DIR-4-2" and + category = "advisory" or query = // `Query` instance for the `emergentLanguageFeaturesUsed` query @@ -22,7 +23,8 @@ predicate isLanguage2QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `emergentLanguageFeaturesUsed` query "c/misra/emergent-language-features-used" and - ruleId = "RULE-1-4" + ruleId = "RULE-1-4" and + category = "required" } module Language2Package { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Misc.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Misc.qll index c63fe7c7d2..9535c8a6d1 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Misc.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Misc.qll @@ -8,14 +8,15 @@ newtype MiscQuery = TProperlySeedPseudorandomNumberGeneratorsQuery() or TControlFlowReachesTheEndOfANonVoidFunctionQuery() -predicate isMiscQueryMetadata(Query query, string queryId, string ruleId) { +predicate isMiscQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `randUsedForGeneratingPseudorandomNumbers` query MiscPackage::randUsedForGeneratingPseudorandomNumbersQuery() and queryId = // `@id` for the `randUsedForGeneratingPseudorandomNumbers` query "c/cert/rand-used-for-generating-pseudorandom-numbers" and - ruleId = "MSC30-C" + ruleId = "MSC30-C" and + category = "rule" or query = // `Query` instance for the `properlySeedPseudorandomNumberGenerators` query @@ -23,7 +24,8 @@ predicate isMiscQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `properlySeedPseudorandomNumberGenerators` query "c/cert/properly-seed-pseudorandom-number-generators" and - ruleId = "MSC32-C" + ruleId = "MSC32-C" and + category = "rule" or query = // `Query` instance for the `controlFlowReachesTheEndOfANonVoidFunction` query @@ -31,7 +33,8 @@ predicate isMiscQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `controlFlowReachesTheEndOfANonVoidFunction` query "c/cert/control-flow-reaches-the-end-of-a-non-void-function" and - ruleId = "MSC37-C" + ruleId = "MSC37-C" and + category = "rule" } module MiscPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers1.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers1.qll index 11daf5543c..e35f0f3a88 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers1.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers1.qll @@ -22,14 +22,15 @@ newtype Pointers1Query = TObjectWithNoPointerDereferenceShouldBeOpaqueQuery() or TPointerShouldPointToConstTypeWhenPossibleQuery() -predicate isPointers1QueryMetadata(Query query, string queryId, string ruleId) { +predicate isPointers1QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `conversionBetweenFunctionPointerAndOtherType` query Pointers1Package::conversionBetweenFunctionPointerAndOtherTypeQuery() and queryId = // `@id` for the `conversionBetweenFunctionPointerAndOtherType` query "c/misra/conversion-between-function-pointer-and-other-type" and - ruleId = "RULE-11-1" + ruleId = "RULE-11-1" and + category = "required" or query = // `Query` instance for the `conversionBetweenIncompleteTypePointerAndOtherType` query @@ -37,7 +38,8 @@ predicate isPointers1QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `conversionBetweenIncompleteTypePointerAndOtherType` query "c/misra/conversion-between-incomplete-type-pointer-and-other-type" and - ruleId = "RULE-11-2" + ruleId = "RULE-11-2" and + category = "required" or query = // `Query` instance for the `castBetweenObjectPointerAndDifferentObjectType` query @@ -45,7 +47,8 @@ predicate isPointers1QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `castBetweenObjectPointerAndDifferentObjectType` query "c/misra/cast-between-object-pointer-and-different-object-type" and - ruleId = "RULE-11-3" + ruleId = "RULE-11-3" and + category = "required" or query = // `Query` instance for the `conversionBetweenPointerToObjectAndIntegerType` query @@ -53,7 +56,8 @@ predicate isPointers1QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `conversionBetweenPointerToObjectAndIntegerType` query "c/misra/conversion-between-pointer-to-object-and-integer-type" and - ruleId = "RULE-11-4" + ruleId = "RULE-11-4" and + category = "advisory" or query = // `Query` instance for the `conversionFromPointerToVoidIntoPointerToObject` query @@ -61,7 +65,8 @@ predicate isPointers1QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `conversionFromPointerToVoidIntoPointerToObject` query "c/misra/conversion-from-pointer-to-void-into-pointer-to-object" and - ruleId = "RULE-11-5" + ruleId = "RULE-11-5" and + category = "advisory" or query = // `Query` instance for the `castBetweenPointerToVoidAndArithmeticType` query @@ -69,7 +74,8 @@ predicate isPointers1QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `castBetweenPointerToVoidAndArithmeticType` query "c/misra/cast-between-pointer-to-void-and-arithmetic-type" and - ruleId = "RULE-11-6" + ruleId = "RULE-11-6" and + category = "required" or query = // `Query` instance for the `castBetweenPointerToObjectAndNonIntArithmeticType` query @@ -77,7 +83,8 @@ predicate isPointers1QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `castBetweenPointerToObjectAndNonIntArithmeticType` query "c/misra/cast-between-pointer-to-object-and-non-int-arithmetic-type" and - ruleId = "RULE-11-7" + ruleId = "RULE-11-7" and + category = "required" or query = // `Query` instance for the `castRemovesConstOrVolatileQualification` query @@ -85,7 +92,8 @@ predicate isPointers1QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `castRemovesConstOrVolatileQualification` query "c/misra/cast-removes-const-or-volatile-qualification" and - ruleId = "RULE-11-8" + ruleId = "RULE-11-8" and + category = "required" or query = // `Query` instance for the `macroNullNotUsedAsIntegerNullPointerConstant` query @@ -93,7 +101,8 @@ predicate isPointers1QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `macroNullNotUsedAsIntegerNullPointerConstant` query "c/misra/macro-null-not-used-as-integer-null-pointer-constant" and - ruleId = "RULE-11-9" + ruleId = "RULE-11-9" and + category = "required" or query = // `Query` instance for the `pointerAndDerivedPointerMustAddressSameArray` query @@ -101,7 +110,8 @@ predicate isPointers1QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `pointerAndDerivedPointerMustAddressSameArray` query "c/misra/pointer-and-derived-pointer-must-address-same-array" and - ruleId = "RULE-18-1" + ruleId = "RULE-18-1" and + category = "required" or query = // `Query` instance for the `subtractionBetweenPointersMustAddressSameArray` query @@ -109,7 +119,8 @@ predicate isPointers1QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `subtractionBetweenPointersMustAddressSameArray` query "c/misra/subtraction-between-pointers-must-address-same-array" and - ruleId = "RULE-18-2" + ruleId = "RULE-18-2" and + category = "required" or query = // `Query` instance for the `relationalOperatorComparesPointerToDifferentArray` query @@ -117,7 +128,8 @@ predicate isPointers1QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `relationalOperatorComparesPointerToDifferentArray` query "c/misra/relational-operator-compares-pointer-to-different-array" and - ruleId = "RULE-18-3" + ruleId = "RULE-18-3" and + category = "required" or query = // `Query` instance for the `doNotUseAdditionOrSubtractionOperatorsOnPointers` query @@ -125,7 +137,8 @@ predicate isPointers1QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `doNotUseAdditionOrSubtractionOperatorsOnPointers` query "c/misra/do-not-use-addition-or-subtraction-operators-on-pointers" and - ruleId = "RULE-18-4" + ruleId = "RULE-18-4" and + category = "advisory" or query = // `Query` instance for the `noMoreThanTwoLevelsOfPointerNestingInDeclarations` query @@ -133,7 +146,8 @@ predicate isPointers1QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `noMoreThanTwoLevelsOfPointerNestingInDeclarations` query "c/misra/no-more-than-two-levels-of-pointer-nesting-in-declarations" and - ruleId = "RULE-18-5" + ruleId = "RULE-18-5" and + category = "advisory" or query = // `Query` instance for the `automaticStorageObjectAddressCopiedToOtherObject` query @@ -141,7 +155,8 @@ predicate isPointers1QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `automaticStorageObjectAddressCopiedToOtherObject` query "c/misra/automatic-storage-object-address-copied-to-other-object" and - ruleId = "RULE-18-6" + ruleId = "RULE-18-6" and + category = "required" or query = // `Query` instance for the `objectWithNoPointerDereferenceShouldBeOpaque` query @@ -149,7 +164,8 @@ predicate isPointers1QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `objectWithNoPointerDereferenceShouldBeOpaque` query "c/misra/object-with-no-pointer-dereference-should-be-opaque" and - ruleId = "DIR-4-8" + ruleId = "DIR-4-8" and + category = "advisory" or query = // `Query` instance for the `pointerShouldPointToConstTypeWhenPossible` query @@ -157,7 +173,8 @@ predicate isPointers1QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `pointerShouldPointToConstTypeWhenPossible` query "c/misra/pointer-should-point-to-const-type-when-possible" and - ruleId = "RULE-8-13" + ruleId = "RULE-8-13" and + category = "advisory" } module Pointers1Package { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers2.qll index d5ddafd888..476388612e 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers2.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers2.qll @@ -5,14 +5,15 @@ import codingstandards.cpp.exclusions.RuleMetadata newtype Pointers2Query = TDoNotAddOrSubtractAScaledIntegerToAPointerQuery() -predicate isPointers2QueryMetadata(Query query, string queryId, string ruleId) { +predicate isPointers2QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `doNotAddOrSubtractAScaledIntegerToAPointer` query Pointers2Package::doNotAddOrSubtractAScaledIntegerToAPointerQuery() and queryId = // `@id` for the `doNotAddOrSubtractAScaledIntegerToAPointer` query "c/cert/do-not-add-or-subtract-a-scaled-integer-to-a-pointer" and - ruleId = "ARR39-C" + ruleId = "ARR39-C" and + category = "rule" } module Pointers2Package { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor1.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor1.qll index 7037c9f195..1f3c9bba38 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor1.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor1.qll @@ -9,14 +9,15 @@ newtype Preprocessor1Query = TForbiddenCharactersInHeaderFileNameQuery() or TIdentifiersUsedInPreprocessorExpressionQuery() -predicate isPreprocessor1QueryMetadata(Query query, string queryId, string ruleId) { +predicate isPreprocessor1QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `includeDirectivesPrecededByDirectivesOrComments` query Preprocessor1Package::includeDirectivesPrecededByDirectivesOrCommentsQuery() and queryId = // `@id` for the `includeDirectivesPrecededByDirectivesOrComments` query "c/misra/include-directives-preceded-by-directives-or-comments" and - ruleId = "RULE-20-1" + ruleId = "RULE-20-1" and + category = "advisory" or query = // `Query` instance for the `preprocessorHashOperatorsShouldNotBeUsed` query @@ -24,7 +25,8 @@ predicate isPreprocessor1QueryMetadata(Query query, string queryId, string ruleI queryId = // `@id` for the `preprocessorHashOperatorsShouldNotBeUsed` query "c/misra/preprocessor-hash-operators-should-not-be-used" and - ruleId = "RULE-20-10" + ruleId = "RULE-20-10" and + category = "advisory" or query = // `Query` instance for the `forbiddenCharactersInHeaderFileName` query @@ -32,7 +34,8 @@ predicate isPreprocessor1QueryMetadata(Query query, string queryId, string ruleI queryId = // `@id` for the `forbiddenCharactersInHeaderFileName` query "c/misra/forbidden-characters-in-header-file-name" and - ruleId = "RULE-20-2" + ruleId = "RULE-20-2" and + category = "required" or query = // `Query` instance for the `identifiersUsedInPreprocessorExpression` query @@ -40,7 +43,8 @@ predicate isPreprocessor1QueryMetadata(Query query, string queryId, string ruleI queryId = // `@id` for the `identifiersUsedInPreprocessorExpression` query "c/misra/identifiers-used-in-preprocessor-expression" and - ruleId = "RULE-20-9" + ruleId = "RULE-20-9" and + category = "required" } module Preprocessor1Package { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor2.qll index f8a1c8ba3b..bc6fc91da6 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor2.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor2.qll @@ -9,14 +9,15 @@ newtype Preprocessor2Query = TUndefShouldNotBeUsedQuery() or TPrecautionIncludeGuardsNotProvidedQuery() -predicate isPreprocessor2QueryMetadata(Query query, string queryId, string ruleId) { +predicate isPreprocessor2QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `moreThanOneHashOperatorInMacroDefinition` query Preprocessor2Package::moreThanOneHashOperatorInMacroDefinitionQuery() and queryId = // `@id` for the `moreThanOneHashOperatorInMacroDefinition` query "c/misra/more-than-one-hash-operator-in-macro-definition" and - ruleId = "RULE-20-11" + ruleId = "RULE-20-11" and + category = "required" or query = // `Query` instance for the `macroParameterUsedAsHashOperand` query @@ -24,7 +25,8 @@ predicate isPreprocessor2QueryMetadata(Query query, string queryId, string ruleI queryId = // `@id` for the `macroParameterUsedAsHashOperand` query "c/misra/macro-parameter-used-as-hash-operand" and - ruleId = "RULE-20-12" + ruleId = "RULE-20-12" and + category = "required" or query = // `Query` instance for the `undefShouldNotBeUsed` query @@ -32,7 +34,8 @@ predicate isPreprocessor2QueryMetadata(Query query, string queryId, string ruleI queryId = // `@id` for the `undefShouldNotBeUsed` query "c/misra/undef-should-not-be-used" and - ruleId = "RULE-20-5" + ruleId = "RULE-20-5" and + category = "advisory" or query = // `Query` instance for the `precautionIncludeGuardsNotProvided` query @@ -40,7 +43,8 @@ predicate isPreprocessor2QueryMetadata(Query query, string queryId, string ruleI queryId = // `@id` for the `precautionIncludeGuardsNotProvided` query "c/misra/precaution-include-guards-not-provided" and - ruleId = "DIR-4-10" + ruleId = "DIR-4-10" and + category = "required" } module Preprocessor2Package { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor3.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor3.qll index 5894975f2d..1b9ed9374e 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor3.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor3.qll @@ -5,14 +5,15 @@ import codingstandards.cpp.exclusions.RuleMetadata newtype Preprocessor3Query = TControllingExpressionIfDirectiveQuery() -predicate isPreprocessor3QueryMetadata(Query query, string queryId, string ruleId) { +predicate isPreprocessor3QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `controllingExpressionIfDirective` query Preprocessor3Package::controllingExpressionIfDirectiveQuery() and queryId = // `@id` for the `controllingExpressionIfDirective` query "c/misra/controlling-expression-if-directive" and - ruleId = "RULE-20-8" + ruleId = "RULE-20-8" and + category = "required" } module Preprocessor3Package { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor4.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor4.qll index 94ffc1dc8d..8b30501183 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor4.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor4.qll @@ -8,14 +8,15 @@ newtype Preprocessor4Query = TFunctionLikeMacroArgsContainHashTokenCQueryQuery() or TDefineAndUndefUsedOnReservedIdentifierOrMacroNameQuery() -predicate isPreprocessor4QueryMetadata(Query query, string queryId, string ruleId) { +predicate isPreprocessor4QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `macroDefinedWithTheSameNameAsKeyword` query Preprocessor4Package::macroDefinedWithTheSameNameAsKeywordQuery() and queryId = // `@id` for the `macroDefinedWithTheSameNameAsKeyword` query "c/misra/macro-defined-with-the-same-name-as-keyword" and - ruleId = "RULE-20-4" + ruleId = "RULE-20-4" and + category = "required" or query = // `Query` instance for the `functionLikeMacroArgsContainHashTokenCQuery` query @@ -23,7 +24,8 @@ predicate isPreprocessor4QueryMetadata(Query query, string queryId, string ruleI queryId = // `@id` for the `functionLikeMacroArgsContainHashTokenCQuery` query "c/misra/function-like-macro-args-contain-hash-token-c-query" and - ruleId = "RULE-20-6" + ruleId = "RULE-20-6" and + category = "required" or query = // `Query` instance for the `defineAndUndefUsedOnReservedIdentifierOrMacroName` query @@ -31,7 +33,8 @@ predicate isPreprocessor4QueryMetadata(Query query, string queryId, string ruleI queryId = // `@id` for the `defineAndUndefUsedOnReservedIdentifierOrMacroName` query "c/misra/define-and-undef-used-on-reserved-identifier-or-macro-name" and - ruleId = "RULE-21-1" + ruleId = "RULE-21-1" and + category = "required" } module Preprocessor4Package { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor5.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor5.qll index c9498fa549..0d35690408 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor5.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor5.qll @@ -8,14 +8,15 @@ newtype Preprocessor5Query = TMacroOrFunctionArgsContainHashTokenQuery() or TMacroParameterNotEnclosedInParenthesesCQueryQuery() -predicate isPreprocessor5QueryMetadata(Query query, string queryId, string ruleId) { +predicate isPreprocessor5QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `doNotTreatAPredefinedIdentifierAsObject` query Preprocessor5Package::doNotTreatAPredefinedIdentifierAsObjectQuery() and queryId = // `@id` for the `doNotTreatAPredefinedIdentifierAsObject` query "c/cert/do-not-treat-a-predefined-identifier-as-object" and - ruleId = "MSC38-C" + ruleId = "MSC38-C" and + category = "rule" or query = // `Query` instance for the `macroOrFunctionArgsContainHashToken` query @@ -23,7 +24,8 @@ predicate isPreprocessor5QueryMetadata(Query query, string queryId, string ruleI queryId = // `@id` for the `macroOrFunctionArgsContainHashToken` query "c/cert/macro-or-function-args-contain-hash-token" and - ruleId = "PRE32-C" + ruleId = "PRE32-C" and + category = "rule" or query = // `Query` instance for the `macroParameterNotEnclosedInParenthesesCQuery` query @@ -31,7 +33,8 @@ predicate isPreprocessor5QueryMetadata(Query query, string queryId, string ruleI queryId = // `@id` for the `macroParameterNotEnclosedInParenthesesCQuery` query "c/misra/macro-parameter-not-enclosed-in-parentheses-c-query" and - ruleId = "RULE-20-7" + ruleId = "RULE-20-7" and + category = "required" } module Preprocessor5Package { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor6.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor6.qll index a9fb45b284..1f68e30376 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor6.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor6.qll @@ -5,14 +5,15 @@ import codingstandards.cpp.exclusions.RuleMetadata newtype Preprocessor6Query = TFunctionOverFunctionLikeMacroQuery() -predicate isPreprocessor6QueryMetadata(Query query, string queryId, string ruleId) { +predicate isPreprocessor6QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `functionOverFunctionLikeMacro` query Preprocessor6Package::functionOverFunctionLikeMacroQuery() and queryId = // `@id` for the `functionOverFunctionLikeMacro` query "c/misra/function-over-function-like-macro" and - ruleId = "DIR-4-9" + ruleId = "DIR-4-9" and + category = "advisory" } module Preprocessor6Package { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index 5e7a315c46..11994dd9fd 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -77,40 +77,40 @@ newtype TCQuery = TSyntaxPackageQuery(SyntaxQuery q) /** The metadata predicate * */ -predicate isQueryMetadata(Query query, string queryId, string ruleId) { - isBannedQueryMetadata(query, queryId, ruleId) or - isConcurrency1QueryMetadata(query, queryId, ruleId) or - isConcurrency2QueryMetadata(query, queryId, ruleId) or - isConcurrency3QueryMetadata(query, queryId, ruleId) or - isConcurrency4QueryMetadata(query, queryId, ruleId) or - isConcurrency5QueryMetadata(query, queryId, ruleId) or - isContracts1QueryMetadata(query, queryId, ruleId) or - isContracts2QueryMetadata(query, queryId, ruleId) or - isContracts3QueryMetadata(query, queryId, ruleId) or - isContracts4QueryMetadata(query, queryId, ruleId) or - isDeclarations1QueryMetadata(query, queryId, ruleId) or - isDeclarations2QueryMetadata(query, queryId, ruleId) or - isDeclarations3QueryMetadata(query, queryId, ruleId) or - isExpressionsQueryMetadata(query, queryId, ruleId) or - isIO1QueryMetadata(query, queryId, ruleId) or - isIO2QueryMetadata(query, queryId, ruleId) or - isIO3QueryMetadata(query, queryId, ruleId) or - isIO4QueryMetadata(query, queryId, ruleId) or - isLanguage1QueryMetadata(query, queryId, ruleId) or - isLanguage2QueryMetadata(query, queryId, ruleId) or - isMiscQueryMetadata(query, queryId, ruleId) or - isPointers1QueryMetadata(query, queryId, ruleId) or - isPointers2QueryMetadata(query, queryId, ruleId) or - isPreprocessor1QueryMetadata(query, queryId, ruleId) or - isPreprocessor2QueryMetadata(query, queryId, ruleId) or - isPreprocessor3QueryMetadata(query, queryId, ruleId) or - isPreprocessor4QueryMetadata(query, queryId, ruleId) or - isPreprocessor5QueryMetadata(query, queryId, ruleId) or - isPreprocessor6QueryMetadata(query, queryId, ruleId) or - isSideEffects1QueryMetadata(query, queryId, ruleId) or - isSideEffects2QueryMetadata(query, queryId, ruleId) or - isStrings1QueryMetadata(query, queryId, ruleId) or - isStrings2QueryMetadata(query, queryId, ruleId) or - isStrings3QueryMetadata(query, queryId, ruleId) or - isSyntaxQueryMetadata(query, queryId, ruleId) +predicate isQueryMetadata(Query query, string queryId, string ruleId, string category) { + isBannedQueryMetadata(query, queryId, ruleId, category) or + isConcurrency1QueryMetadata(query, queryId, ruleId, category) or + isConcurrency2QueryMetadata(query, queryId, ruleId, category) or + isConcurrency3QueryMetadata(query, queryId, ruleId, category) or + isConcurrency4QueryMetadata(query, queryId, ruleId, category) or + isConcurrency5QueryMetadata(query, queryId, ruleId, category) or + isContracts1QueryMetadata(query, queryId, ruleId, category) or + isContracts2QueryMetadata(query, queryId, ruleId, category) or + isContracts3QueryMetadata(query, queryId, ruleId, category) or + isContracts4QueryMetadata(query, queryId, ruleId, category) or + isDeclarations1QueryMetadata(query, queryId, ruleId, category) or + isDeclarations2QueryMetadata(query, queryId, ruleId, category) or + isDeclarations3QueryMetadata(query, queryId, ruleId, category) or + isExpressionsQueryMetadata(query, queryId, ruleId, category) or + isIO1QueryMetadata(query, queryId, ruleId, category) or + isIO2QueryMetadata(query, queryId, ruleId, category) or + isIO3QueryMetadata(query, queryId, ruleId, category) or + isIO4QueryMetadata(query, queryId, ruleId, category) or + isLanguage1QueryMetadata(query, queryId, ruleId, category) or + isLanguage2QueryMetadata(query, queryId, ruleId, category) or + isMiscQueryMetadata(query, queryId, ruleId, category) or + isPointers1QueryMetadata(query, queryId, ruleId, category) or + isPointers2QueryMetadata(query, queryId, ruleId, category) or + isPreprocessor1QueryMetadata(query, queryId, ruleId, category) or + isPreprocessor2QueryMetadata(query, queryId, ruleId, category) or + isPreprocessor3QueryMetadata(query, queryId, ruleId, category) or + isPreprocessor4QueryMetadata(query, queryId, ruleId, category) or + isPreprocessor5QueryMetadata(query, queryId, ruleId, category) or + isPreprocessor6QueryMetadata(query, queryId, ruleId, category) or + isSideEffects1QueryMetadata(query, queryId, ruleId, category) or + isSideEffects2QueryMetadata(query, queryId, ruleId, category) or + isStrings1QueryMetadata(query, queryId, ruleId, category) or + isStrings2QueryMetadata(query, queryId, ruleId, category) or + isStrings3QueryMetadata(query, queryId, ruleId, category) or + isSyntaxQueryMetadata(query, queryId, ruleId, category) } diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects1.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects1.qll index b3bcac75eb..24175cdfb7 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects1.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects1.qll @@ -15,14 +15,15 @@ newtype SideEffects1Query = TPossibleSuppressedSideEffectInLogicOperatorOperandQuery() or TSizeofOperandWithSideEffectQuery() -predicate isSideEffects1QueryMetadata(Query query, string queryId, string ruleId) { +predicate isSideEffects1QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `dependenceOnOrderOfScalarEvaluationForSideEffects` query SideEffects1Package::dependenceOnOrderOfScalarEvaluationForSideEffectsQuery() and queryId = // `@id` for the `dependenceOnOrderOfScalarEvaluationForSideEffects` query "c/cert/dependence-on-order-of-scalar-evaluation-for-side-effects" and - ruleId = "EXP30-C" + ruleId = "EXP30-C" and + category = "rule" or query = // `Query` instance for the `dependenceOnOrderOfFunctionArgumentsForSideEffects` query @@ -30,7 +31,8 @@ predicate isSideEffects1QueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `dependenceOnOrderOfFunctionArgumentsForSideEffects` query "c/cert/dependence-on-order-of-function-arguments-for-side-effects" and - ruleId = "EXP30-C" + ruleId = "EXP30-C" and + category = "rule" or query = // `Query` instance for the `unevaluatedOperandWithSideEffect` query @@ -38,7 +40,8 @@ predicate isSideEffects1QueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `unevaluatedOperandWithSideEffect` query "c/cert/unevaluated-operand-with-side-effect" and - ruleId = "EXP44-C" + ruleId = "EXP44-C" and + category = "rule" or query = // `Query` instance for the `assignmentsInSelectionStatements` query @@ -46,7 +49,8 @@ predicate isSideEffects1QueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `assignmentsInSelectionStatements` query "c/cert/assignments-in-selection-statements" and - ruleId = "EXP45-C" + ruleId = "EXP45-C" and + category = "rule" or query = // `Query` instance for the `unenclosedSizeofOperand` query @@ -54,7 +58,8 @@ predicate isSideEffects1QueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `unenclosedSizeofOperand` query "c/misra/unenclosed-sizeof-operand" and - ruleId = "RULE-12-1" + ruleId = "RULE-12-1" and + category = "advisory" or query = // `Query` instance for the `implicitPrecedenceOfOperatorsInExpression` query @@ -62,7 +67,8 @@ predicate isSideEffects1QueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `implicitPrecedenceOfOperatorsInExpression` query "c/misra/implicit-precedence-of-operators-in-expression" and - ruleId = "RULE-12-1" + ruleId = "RULE-12-1" and + category = "advisory" or query = // `Query` instance for the `initializerListsContainPersistentSideEffects` query @@ -70,7 +76,8 @@ predicate isSideEffects1QueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `initializerListsContainPersistentSideEffects` query "c/misra/initializer-lists-contain-persistent-side-effects" and - ruleId = "RULE-13-1" + ruleId = "RULE-13-1" and + category = "required" or query = // `Query` instance for the `resultOfAnAssignmentOperatorShouldNotBeUsed` query @@ -78,7 +85,8 @@ predicate isSideEffects1QueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `resultOfAnAssignmentOperatorShouldNotBeUsed` query "c/misra/result-of-an-assignment-operator-should-not-be-used" and - ruleId = "RULE-13-4" + ruleId = "RULE-13-4" and + category = "advisory" or query = // `Query` instance for the `possibleSuppressedSideEffectInLogicOperatorOperand` query @@ -86,7 +94,8 @@ predicate isSideEffects1QueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `possibleSuppressedSideEffectInLogicOperatorOperand` query "c/misra/possible-suppressed-side-effect-in-logic-operator-operand" and - ruleId = "RULE-13-5" + ruleId = "RULE-13-5" and + category = "required" or query = // `Query` instance for the `sizeofOperandWithSideEffect` query @@ -94,7 +103,8 @@ predicate isSideEffects1QueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `sizeofOperandWithSideEffect` query "c/misra/sizeof-operand-with-side-effect" and - ruleId = "RULE-13-6" + ruleId = "RULE-13-6" and + category = "mandatory" } module SideEffects1Package { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects2.qll index c14446ee92..82e5c0c5d2 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects2.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects2.qll @@ -7,14 +7,15 @@ newtype SideEffects2Query = TSideEffectAndCrementInFullExpressionQuery() or TModificationOfFunctionParameterQuery() -predicate isSideEffects2QueryMetadata(Query query, string queryId, string ruleId) { +predicate isSideEffects2QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `sideEffectAndCrementInFullExpression` query SideEffects2Package::sideEffectAndCrementInFullExpressionQuery() and queryId = // `@id` for the `sideEffectAndCrementInFullExpression` query "c/misra/side-effect-and-crement-in-full-expression" and - ruleId = "RULE-13-3" + ruleId = "RULE-13-3" and + category = "advisory" or query = // `Query` instance for the `modificationOfFunctionParameter` query @@ -22,7 +23,8 @@ predicate isSideEffects2QueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `modificationOfFunctionParameter` query "c/misra/modification-of-function-parameter" and - ruleId = "RULE-17-8" + ruleId = "RULE-17-8" and + category = "advisory" } module SideEffects2Package { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Strings1.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Strings1.qll index 7a401ea5b3..e306df55bf 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Strings1.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Strings1.qll @@ -8,14 +8,15 @@ newtype Strings1Query = TStringsHasSufficientSpaceForTheNullTerminatorQuery() or TNonNullTerminatedToFunctionThatExpectsAStringQuery() -predicate isStrings1QueryMetadata(Query query, string queryId, string ruleId) { +predicate isStrings1QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `doNotAttemptToModifyStringLiterals` query Strings1Package::doNotAttemptToModifyStringLiteralsQuery() and queryId = // `@id` for the `doNotAttemptToModifyStringLiterals` query "c/cert/do-not-attempt-to-modify-string-literals" and - ruleId = "STR30-C" + ruleId = "STR30-C" and + category = "rule" or query = // `Query` instance for the `stringsHasSufficientSpaceForTheNullTerminator` query @@ -23,7 +24,8 @@ predicate isStrings1QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `stringsHasSufficientSpaceForTheNullTerminator` query "c/cert/strings-has-sufficient-space-for-the-null-terminator" and - ruleId = "STR31-C" + ruleId = "STR31-C" and + category = "rule" or query = // `Query` instance for the `nonNullTerminatedToFunctionThatExpectsAString` query @@ -31,7 +33,8 @@ predicate isStrings1QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `nonNullTerminatedToFunctionThatExpectsAString` query "c/cert/non-null-terminated-to-function-that-expects-a-string" and - ruleId = "STR32-C" + ruleId = "STR32-C" and + category = "rule" } module Strings1Package { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Strings2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Strings2.qll index 4c5b6b8816..99dd98d68e 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Strings2.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Strings2.qll @@ -5,14 +5,15 @@ import codingstandards.cpp.exclusions.RuleMetadata newtype Strings2Query = TToCharacterHandlingFunctionsRepresentableAsUCharQuery() -predicate isStrings2QueryMetadata(Query query, string queryId, string ruleId) { +predicate isStrings2QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `toCharacterHandlingFunctionsRepresentableAsUChar` query Strings2Package::toCharacterHandlingFunctionsRepresentableAsUCharQuery() and queryId = // `@id` for the `toCharacterHandlingFunctionsRepresentableAsUChar` query "c/cert/to-character-handling-functions-representable-as-u-char" and - ruleId = "STR37-C" + ruleId = "STR37-C" and + category = "rule" } module Strings2Package { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Strings3.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Strings3.qll index ab837108c9..760f54b9fa 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Strings3.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Strings3.qll @@ -7,14 +7,15 @@ newtype Strings3Query = TCastCharBeforeConvertingToLargerSizesQuery() or TDoNotConfuseNarrowAndWideFunctionsQuery() -predicate isStrings3QueryMetadata(Query query, string queryId, string ruleId) { +predicate isStrings3QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `castCharBeforeConvertingToLargerSizes` query Strings3Package::castCharBeforeConvertingToLargerSizesQuery() and queryId = // `@id` for the `castCharBeforeConvertingToLargerSizes` query "c/cert/cast-char-before-converting-to-larger-sizes" and - ruleId = "STR34-C" + ruleId = "STR34-C" and + category = "rule" or query = // `Query` instance for the `doNotConfuseNarrowAndWideFunctions` query @@ -22,7 +23,8 @@ predicate isStrings3QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `doNotConfuseNarrowAndWideFunctions` query "c/cert/do-not-confuse-narrow-and-wide-functions" and - ruleId = "STR38-C" + ruleId = "STR38-C" and + category = "rule" } module Strings3Package { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Syntax.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Syntax.qll index 901b6393a4..3a53cf05c3 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Syntax.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Syntax.qll @@ -12,14 +12,15 @@ newtype SyntaxQuery = TUOrUSuffixRepresentedInUnsignedTypeQuery() or TLowercaseCharacterLUsedInLiteralSuffixQuery() -predicate isSyntaxQueryMetadata(Query query, string queryId, string ruleId) { +predicate isSyntaxQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `characterSequencesAndUsedWithinAComment` query SyntaxPackage::characterSequencesAndUsedWithinACommentQuery() and queryId = // `@id` for the `characterSequencesAndUsedWithinAComment` query "c/misra/character-sequences-and-used-within-a-comment" and - ruleId = "RULE-3-1" + ruleId = "RULE-3-1" and + category = "required" or query = // `Query` instance for the `lineSplicingUsedInComments` query @@ -27,7 +28,8 @@ predicate isSyntaxQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `lineSplicingUsedInComments` query "c/misra/line-splicing-used-in-comments" and - ruleId = "RULE-3-2" + ruleId = "RULE-3-2" and + category = "required" or query = // `Query` instance for the `octalAndHexadecimalEscapeSequencesNotTerminated` query @@ -35,7 +37,8 @@ predicate isSyntaxQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `octalAndHexadecimalEscapeSequencesNotTerminated` query "c/misra/octal-and-hexadecimal-escape-sequences-not-terminated" and - ruleId = "RULE-4-1" + ruleId = "RULE-4-1" and + category = "required" or query = // `Query` instance for the `sectionsOfCodeShallNotBeCommentedOut` query @@ -43,7 +46,8 @@ predicate isSyntaxQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `sectionsOfCodeShallNotBeCommentedOut` query "c/misra/sections-of-code-shall-not-be-commented-out" and - ruleId = "DIR-4-4" + ruleId = "DIR-4-4" and + category = "advisory" or query = // `Query` instance for the `identifiersInTheSameNameSpaceUnambiguous` query @@ -51,7 +55,8 @@ predicate isSyntaxQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `identifiersInTheSameNameSpaceUnambiguous` query "c/misra/identifiers-in-the-same-name-space-unambiguous" and - ruleId = "DIR-4-5" + ruleId = "DIR-4-5" and + category = "advisory" or query = // `Query` instance for the `uOrUSuffixRepresentedInUnsignedType` query @@ -59,7 +64,8 @@ predicate isSyntaxQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `uOrUSuffixRepresentedInUnsignedType` query "c/misra/u-or-u-suffix-represented-in-unsigned-type" and - ruleId = "RULE-7-2" + ruleId = "RULE-7-2" and + category = "required" or query = // `Query` instance for the `lowercaseCharacterLUsedInLiteralSuffix` query @@ -67,7 +73,8 @@ predicate isSyntaxQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `lowercaseCharacterLUsedInLiteralSuffix` query "c/misra/lowercase-character-l-used-in-literal-suffix" and - ruleId = "RULE-7-3" + ruleId = "RULE-7-3" and + category = "required" } module SyntaxPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Allocations.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Allocations.qll index e4550ad95e..56bdf2b954 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Allocations.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Allocations.qll @@ -26,14 +26,15 @@ newtype AllocationsQuery = TOperatorDeleteMissingPartnerCertQuery() or TUsingDefaultOperatorNewForOverAlignedTypesQuery() -predicate isAllocationsQueryMetadata(Query query, string queryId, string ruleId) { +predicate isAllocationsQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `placementNewNotProperlyAlignedAutosar` query AllocationsPackage::placementNewNotProperlyAlignedAutosarQuery() and queryId = // `@id` for the `placementNewNotProperlyAlignedAutosar` query "cpp/autosar/placement-new-not-properly-aligned-autosar" and - ruleId = "A18-5-10" + ruleId = "A18-5-10" and + category = "required" or query = // `Query` instance for the `placementNewInsufficientStorageAutosar` query @@ -41,7 +42,8 @@ predicate isAllocationsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `placementNewInsufficientStorageAutosar` query "cpp/autosar/placement-new-insufficient-storage-autosar" and - ruleId = "A18-5-10" + ruleId = "A18-5-10" and + category = "required" or query = // `Query` instance for the `doNotUseNonPlacementNew` query @@ -49,7 +51,8 @@ predicate isAllocationsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `doNotUseNonPlacementNew` query "cpp/autosar/do-not-use-non-placement-new" and - ruleId = "A18-5-2" + ruleId = "A18-5-2" and + category = "required" or query = // `Query` instance for the `doNotUseNonPlacementDelete` query @@ -57,7 +60,8 @@ predicate isAllocationsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `doNotUseNonPlacementDelete` query "cpp/autosar/do-not-use-non-placement-delete" and - ruleId = "A18-5-2" + ruleId = "A18-5-2" and + category = "required" or query = // `Query` instance for the `dynamicMemoryManagementFailureMode` query @@ -65,7 +69,8 @@ predicate isAllocationsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `dynamicMemoryManagementFailureMode` query "cpp/autosar/dynamic-memory-management-failure-mode" and - ruleId = "A18-5-6" + ruleId = "A18-5-6" and + category = "required" or query = // `Query` instance for the `unnecessaryUseOfDynamicStorage` query @@ -73,7 +78,8 @@ predicate isAllocationsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `unnecessaryUseOfDynamicStorage` query "cpp/autosar/unnecessary-use-of-dynamic-storage" and - ruleId = "A18-5-8" + ruleId = "A18-5-8" and + category = "required" or query = // `Query` instance for the `throwingOperatorNewReturnsNullAutosar` query @@ -81,7 +87,8 @@ predicate isAllocationsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `throwingOperatorNewReturnsNullAutosar` query "cpp/autosar/throwing-operator-new-returns-null-autosar" and - ruleId = "A18-5-9" + ruleId = "A18-5-9" and + category = "required" or query = // `Query` instance for the `throwingOperatorNewThrowsInvalidExceptionAutosar` query @@ -89,7 +96,8 @@ predicate isAllocationsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `throwingOperatorNewThrowsInvalidExceptionAutosar` query "cpp/autosar/throwing-operator-new-throws-invalid-exception-autosar" and - ruleId = "A18-5-9" + ruleId = "A18-5-9" and + category = "required" or query = // `Query` instance for the `throwingNoThrowOperatorNewDeleteAutosar` query @@ -97,7 +105,8 @@ predicate isAllocationsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `throwingNoThrowOperatorNewDeleteAutosar` query "cpp/autosar/throwing-no-throw-operator-new-delete-autosar" and - ruleId = "A18-5-9" + ruleId = "A18-5-9" and + category = "required" or query = // `Query` instance for the `operatorDeleteMissingPartnerAutosar` query @@ -105,7 +114,8 @@ predicate isAllocationsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `operatorDeleteMissingPartnerAutosar` query "cpp/autosar/operator-delete-missing-partner-autosar" and - ruleId = "A18-5-9" + ruleId = "A18-5-9" and + category = "required" or query = // `Query` instance for the `properlyDeallocateDynamicallyAllocatedResources` query @@ -113,7 +123,8 @@ predicate isAllocationsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `properlyDeallocateDynamicallyAllocatedResources` query "cpp/cert/properly-deallocate-dynamically-allocated-resources" and - ruleId = "MEM51-CPP" + ruleId = "MEM51-CPP" and + category = "rule" or query = // `Query` instance for the `detectAndHandleMemoryAllocationErrors` query @@ -121,7 +132,8 @@ predicate isAllocationsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `detectAndHandleMemoryAllocationErrors` query "cpp/cert/detect-and-handle-memory-allocation-errors" and - ruleId = "MEM52-CPP" + ruleId = "MEM52-CPP" and + category = "rule" or query = // `Query` instance for the `missingConstructorCallForManuallyManagedObject` query @@ -129,7 +141,8 @@ predicate isAllocationsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `missingConstructorCallForManuallyManagedObject` query "cpp/cert/missing-constructor-call-for-manually-managed-object" and - ruleId = "MEM53-CPP" + ruleId = "MEM53-CPP" and + category = "rule" or query = // `Query` instance for the `missingDestructorCallForManuallyManagedObject` query @@ -137,7 +150,8 @@ predicate isAllocationsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `missingDestructorCallForManuallyManagedObject` query "cpp/cert/missing-destructor-call-for-manually-managed-object" and - ruleId = "MEM53-CPP" + ruleId = "MEM53-CPP" and + category = "rule" or query = // `Query` instance for the `placementNewNotProperlyAlignedCert` query @@ -145,7 +159,8 @@ predicate isAllocationsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `placementNewNotProperlyAlignedCert` query "cpp/cert/placement-new-not-properly-aligned-cert" and - ruleId = "MEM54-CPP" + ruleId = "MEM54-CPP" and + category = "rule" or query = // `Query` instance for the `placementNewInsufficientStorageCert` query @@ -153,7 +168,8 @@ predicate isAllocationsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `placementNewInsufficientStorageCert` query "cpp/cert/placement-new-insufficient-storage-cert" and - ruleId = "MEM54-CPP" + ruleId = "MEM54-CPP" and + category = "rule" or query = // `Query` instance for the `throwingOperatorNewReturnsNullCert` query @@ -161,7 +177,8 @@ predicate isAllocationsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `throwingOperatorNewReturnsNullCert` query "cpp/cert/throwing-operator-new-returns-null-cert" and - ruleId = "MEM55-CPP" + ruleId = "MEM55-CPP" and + category = "rule" or query = // `Query` instance for the `throwingOperatorNewThrowsInvalidExceptionCert` query @@ -169,7 +186,8 @@ predicate isAllocationsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `throwingOperatorNewThrowsInvalidExceptionCert` query "cpp/cert/throwing-operator-new-throws-invalid-exception-cert" and - ruleId = "MEM55-CPP" + ruleId = "MEM55-CPP" and + category = "rule" or query = // `Query` instance for the `throwingNoThrowOperatorNewDeleteCert` query @@ -177,7 +195,8 @@ predicate isAllocationsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `throwingNoThrowOperatorNewDeleteCert` query "cpp/cert/throwing-no-throw-operator-new-delete-cert" and - ruleId = "MEM55-CPP" + ruleId = "MEM55-CPP" and + category = "rule" or query = // `Query` instance for the `operatorDeleteMissingPartnerCert` query @@ -185,7 +204,8 @@ predicate isAllocationsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `operatorDeleteMissingPartnerCert` query "cpp/cert/operator-delete-missing-partner-cert" and - ruleId = "MEM55-CPP" + ruleId = "MEM55-CPP" and + category = "rule" or query = // `Query` instance for the `usingDefaultOperatorNewForOverAlignedTypes` query @@ -193,7 +213,8 @@ predicate isAllocationsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `usingDefaultOperatorNewForOverAlignedTypes` query "cpp/cert/using-default-operator-new-for-over-aligned-types" and - ruleId = "MEM57-CPP" + ruleId = "MEM57-CPP" and + category = "rule" } module AllocationsPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedFunctions.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedFunctions.qll index bd611a42ec..c17972650b 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedFunctions.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedFunctions.qll @@ -16,14 +16,15 @@ newtype BannedFunctionsQuery = TDoNotUseRandForGeneratingPseudorandomNumbersQuery() or TPreferSpecialMemberFunctionsAndOverloadedOperatorsToCStandardLibraryFunctionsQuery() -predicate isBannedFunctionsQueryMetadata(Query query, string queryId, string ruleId) { +predicate isBannedFunctionsQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `functionsMallocCallocReallocAndFreeUsed` query BannedFunctionsPackage::functionsMallocCallocReallocAndFreeUsedQuery() and queryId = // `@id` for the `functionsMallocCallocReallocAndFreeUsed` query "cpp/autosar/functions-malloc-calloc-realloc-and-free-used" and - ruleId = "A18-5-1" + ruleId = "A18-5-1" and + category = "required" or query = // `Query` instance for the `bindUsed` query @@ -31,7 +32,8 @@ predicate isBannedFunctionsQueryMetadata(Query query, string queryId, string rul queryId = // `@id` for the `bindUsed` query "cpp/autosar/bind-used" and - ruleId = "A18-9-1" + ruleId = "A18-9-1" and + category = "required" or query = // `Query` instance for the `pseudorandomNumbersGeneratedUsingRand` query @@ -39,7 +41,8 @@ predicate isBannedFunctionsQueryMetadata(Query query, string queryId, string rul queryId = // `@id` for the `pseudorandomNumbersGeneratedUsingRand` query "cpp/autosar/pseudorandom-numbers-generated-using-rand" and - ruleId = "A26-5-1" + ruleId = "A26-5-1" and + category = "required" or query = // `Query` instance for the `setjmpMacroAndTheLongjmpFunctionUsed` query @@ -47,7 +50,8 @@ predicate isBannedFunctionsQueryMetadata(Query query, string queryId, string rul queryId = // `@id` for the `setjmpMacroAndTheLongjmpFunctionUsed` query "cpp/autosar/setjmp-macro-and-the-longjmp-function-used" and - ruleId = "M17-0-5" + ruleId = "M17-0-5" and + category = "required" or query = // `Query` instance for the `libraryFunctionsAbortExitGetenvAndSystemFromLibraryCstdlibUsed` query @@ -55,7 +59,8 @@ predicate isBannedFunctionsQueryMetadata(Query query, string queryId, string rul queryId = // `@id` for the `libraryFunctionsAbortExitGetenvAndSystemFromLibraryCstdlibUsed` query "cpp/autosar/library-functions-abort-exit-getenv-and-system-from-library-cstdlib-used" and - ruleId = "M18-0-3" + ruleId = "M18-0-3" and + category = "required" or query = // `Query` instance for the `timeHandlingFunctionsOfLibraryCtimeUsed` query @@ -63,7 +68,8 @@ predicate isBannedFunctionsQueryMetadata(Query query, string queryId, string rul queryId = // `@id` for the `timeHandlingFunctionsOfLibraryCtimeUsed` query "cpp/autosar/time-handling-functions-of-library-ctime-used" and - ruleId = "M18-0-4" + ruleId = "M18-0-4" and + category = "required" or query = // `Query` instance for the `unboundedFunctionsOfLibraryCstringUsed` query @@ -71,7 +77,8 @@ predicate isBannedFunctionsQueryMetadata(Query query, string queryId, string rul queryId = // `@id` for the `unboundedFunctionsOfLibraryCstringUsed` query "cpp/autosar/unbounded-functions-of-library-cstring-used" and - ruleId = "M18-0-5" + ruleId = "M18-0-5" and + category = "required" or query = // `Query` instance for the `macroOffsetofUsed` query @@ -79,7 +86,8 @@ predicate isBannedFunctionsQueryMetadata(Query query, string queryId, string rul queryId = // `@id` for the `macroOffsetofUsed` query "cpp/autosar/macro-offsetof-used" and - ruleId = "M18-2-1" + ruleId = "M18-2-1" and + category = "required" or query = // `Query` instance for the `doNotUseSetjmpOrLongjmp` query @@ -87,7 +95,8 @@ predicate isBannedFunctionsQueryMetadata(Query query, string queryId, string rul queryId = // `@id` for the `doNotUseSetjmpOrLongjmp` query "cpp/cert/do-not-use-setjmp-or-longjmp" and - ruleId = "ERR52-CPP" + ruleId = "ERR52-CPP" and + category = "rule" or query = // `Query` instance for the `doNotUseRandForGeneratingPseudorandomNumbers` query @@ -95,7 +104,8 @@ predicate isBannedFunctionsQueryMetadata(Query query, string queryId, string rul queryId = // `@id` for the `doNotUseRandForGeneratingPseudorandomNumbers` query "cpp/cert/do-not-use-rand-for-generating-pseudorandom-numbers" and - ruleId = "MSC50-CPP" + ruleId = "MSC50-CPP" and + category = "rule" or query = // `Query` instance for the `preferSpecialMemberFunctionsAndOverloadedOperatorsToCStandardLibraryFunctions` query @@ -103,7 +113,8 @@ predicate isBannedFunctionsQueryMetadata(Query query, string queryId, string rul queryId = // `@id` for the `preferSpecialMemberFunctionsAndOverloadedOperatorsToCStandardLibraryFunctions` query "cpp/cert/prefer-special-member-functions-and-overloaded-operators-to-c-standard-library-functions" and - ruleId = "OOP57-CPP" + ruleId = "OOP57-CPP" and + category = "rule" } module BannedFunctionsPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedLibraries.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedLibraries.qll index 0672896465..9a314e79c6 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedLibraries.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedLibraries.qll @@ -17,14 +17,15 @@ newtype BannedLibrariesQuery = TCstdioTypesUsedQuery() or TUsageOfAssemblerNotDocumentedQuery() -predicate isBannedLibrariesQueryMetadata(Query query, string queryId, string ruleId) { +predicate isBannedLibrariesQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `reservedIdentifiersMacrosAndFunctionsAreDefinedRedefinedOrUndefined` query BannedLibrariesPackage::reservedIdentifiersMacrosAndFunctionsAreDefinedRedefinedOrUndefinedQuery() and queryId = // `@id` for the `reservedIdentifiersMacrosAndFunctionsAreDefinedRedefinedOrUndefined` query "cpp/autosar/reserved-identifiers-macros-and-functions-are-defined-redefined-or-undefined" and - ruleId = "A17-0-1" + ruleId = "A17-0-1" and + category = "required" or query = // `Query` instance for the `cLibraryFacilitiesNotAccessedThroughCPPLibraryHeaders` query @@ -32,7 +33,8 @@ predicate isBannedLibrariesQueryMetadata(Query query, string queryId, string rul queryId = // `@id` for the `cLibraryFacilitiesNotAccessedThroughCPPLibraryHeaders` query "cpp/autosar/c-library-facilities-not-accessed-through-cpp-library-headers" and - ruleId = "A18-0-1" + ruleId = "A18-0-1" and + category = "required" or query = // `Query` instance for the `localeFunctionsUsed` query @@ -40,7 +42,8 @@ predicate isBannedLibrariesQueryMetadata(Query query, string queryId, string rul queryId = // `@id` for the `localeFunctionsUsed` query "cpp/autosar/locale-functions-used" and - ruleId = "A18-0-3" + ruleId = "A18-0-3" and + category = "required" or query = // `Query` instance for the `localeMacrosUsed` query @@ -48,7 +51,8 @@ predicate isBannedLibrariesQueryMetadata(Query query, string queryId, string rul queryId = // `@id` for the `localeMacrosUsed` query "cpp/autosar/locale-macros-used" and - ruleId = "A18-0-3" + ruleId = "A18-0-3" and + category = "required" or query = // `Query` instance for the `localeTypeLConvUsed` query @@ -56,7 +60,8 @@ predicate isBannedLibrariesQueryMetadata(Query query, string queryId, string rul queryId = // `@id` for the `localeTypeLConvUsed` query "cpp/autosar/locale-type-l-conv-used" and - ruleId = "A18-0-3" + ruleId = "A18-0-3" and + category = "required" or query = // `Query` instance for the `csignalFunctionsUsed` query @@ -64,7 +69,8 @@ predicate isBannedLibrariesQueryMetadata(Query query, string queryId, string rul queryId = // `@id` for the `csignalFunctionsUsed` query "cpp/autosar/csignal-functions-used" and - ruleId = "M18-7-1" + ruleId = "M18-7-1" and + category = "required" or query = // `Query` instance for the `csignalTypesUsed` query @@ -72,7 +78,8 @@ predicate isBannedLibrariesQueryMetadata(Query query, string queryId, string rul queryId = // `@id` for the `csignalTypesUsed` query "cpp/autosar/csignal-types-used" and - ruleId = "M18-7-1" + ruleId = "M18-7-1" and + category = "required" or query = // `Query` instance for the `errnoUsed` query @@ -80,7 +87,8 @@ predicate isBannedLibrariesQueryMetadata(Query query, string queryId, string rul queryId = // `@id` for the `errnoUsed` query "cpp/autosar/errno-used" and - ruleId = "M19-3-1" + ruleId = "M19-3-1" and + category = "required" or query = // `Query` instance for the `cstdioFunctionsUsed` query @@ -88,7 +96,8 @@ predicate isBannedLibrariesQueryMetadata(Query query, string queryId, string rul queryId = // `@id` for the `cstdioFunctionsUsed` query "cpp/autosar/cstdio-functions-used" and - ruleId = "M27-0-1" + ruleId = "M27-0-1" and + category = "required" or query = // `Query` instance for the `cstdioMacrosUsed` query @@ -96,7 +105,8 @@ predicate isBannedLibrariesQueryMetadata(Query query, string queryId, string rul queryId = // `@id` for the `cstdioMacrosUsed` query "cpp/autosar/cstdio-macros-used" and - ruleId = "M27-0-1" + ruleId = "M27-0-1" and + category = "required" or query = // `Query` instance for the `cstdioTypesUsed` query @@ -104,7 +114,8 @@ predicate isBannedLibrariesQueryMetadata(Query query, string queryId, string rul queryId = // `@id` for the `cstdioTypesUsed` query "cpp/autosar/cstdio-types-used" and - ruleId = "M27-0-1" + ruleId = "M27-0-1" and + category = "required" or query = // `Query` instance for the `usageOfAssemblerNotDocumented` query @@ -112,7 +123,8 @@ predicate isBannedLibrariesQueryMetadata(Query query, string queryId, string rul queryId = // `@id` for the `usageOfAssemblerNotDocumented` query "cpp/autosar/usage-of-assembler-not-documented" and - ruleId = "M7-4-1" + ruleId = "M7-4-1" and + category = "required" } module BannedLibrariesPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedSyntax.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedSyntax.qll index bd9b0d4924..c473616374 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedSyntax.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedSyntax.qll @@ -22,14 +22,15 @@ newtype BannedSyntaxQuery = TUsingDeclarationsUsedInHeaderFilesQuery() or TDoNotDefineACStyleVariadicFunctionQuery() -predicate isBannedSyntaxQueryMetadata(Query query, string queryId, string ruleId) { +predicate isBannedSyntaxQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `friendDeclarationsUsed` query BannedSyntaxPackage::friendDeclarationsUsedQuery() and queryId = // `@id` for the `friendDeclarationsUsed` query "cpp/autosar/friend-declarations-used" and - ruleId = "A11-3-1" + ruleId = "A11-3-1" and + category = "required" or query = // `Query` instance for the `cStyleArraysUsed` query @@ -37,7 +38,8 @@ predicate isBannedSyntaxQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `cStyleArraysUsed` query "cpp/autosar/c-style-arrays-used" and - ruleId = "A18-1-1" + ruleId = "A18-1-1" and + category = "required" or query = // `Query` instance for the `volatileKeywordUsed` query @@ -45,7 +47,8 @@ predicate isBannedSyntaxQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `volatileKeywordUsed` query "cpp/autosar/volatile-keyword-used" and - ruleId = "A2-11-1" + ruleId = "A2-11-1" and + category = "required" or query = // `Query` instance for the `ternaryConditionalOperatorUsedAsSubExpression` query @@ -53,7 +56,8 @@ predicate isBannedSyntaxQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `ternaryConditionalOperatorUsedAsSubExpression` query "cpp/autosar/ternary-conditional-operator-used-as-sub-expression" and - ruleId = "A5-16-1" + ruleId = "A5-16-1" and + category = "required" or query = // `Query` instance for the `dynamicCastShouldNotBeUsed` query @@ -61,7 +65,8 @@ predicate isBannedSyntaxQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `dynamicCastShouldNotBeUsed` query "cpp/autosar/dynamic-cast-should-not-be-used" and - ruleId = "A5-2-1" + ruleId = "A5-2-1" and + category = "advisory" or query = // `Query` instance for the `traditionalCStyleCastsUsed` query @@ -69,7 +74,8 @@ predicate isBannedSyntaxQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `traditionalCStyleCastsUsed` query "cpp/autosar/traditional-c-style-casts-used" and - ruleId = "A5-2-2" + ruleId = "A5-2-2" and + category = "required" or query = // `Query` instance for the `reinterpretCastUsed` query @@ -77,7 +83,8 @@ predicate isBannedSyntaxQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `reinterpretCastUsed` query "cpp/autosar/reinterpret-cast-used" and - ruleId = "A5-2-4" + ruleId = "A5-2-4" and + category = "required" or query = // `Query` instance for the `gotoStatementUsed` query @@ -85,7 +92,8 @@ predicate isBannedSyntaxQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `gotoStatementUsed` query "cpp/autosar/goto-statement-used" and - ruleId = "A6-6-1" + ruleId = "A6-6-1" and + category = "required" or query = // `Query` instance for the `registerKeywordUsed` query @@ -93,7 +101,8 @@ predicate isBannedSyntaxQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `registerKeywordUsed` query "cpp/autosar/register-keyword-used" and - ruleId = "A7-1-4" + ruleId = "A7-1-4" and + category = "required" or query = // `Query` instance for the `typedefSpecifierUsed` query @@ -101,7 +110,8 @@ predicate isBannedSyntaxQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `typedefSpecifierUsed` query "cpp/autosar/typedef-specifier-used" and - ruleId = "A7-1-6" + ruleId = "A7-1-6" and + category = "required" or query = // `Query` instance for the `asmDeclarationUsed` query @@ -109,7 +119,8 @@ predicate isBannedSyntaxQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `asmDeclarationUsed` query "cpp/autosar/asm-declaration-used" and - ruleId = "A7-4-1" + ruleId = "A7-4-1" and + category = "required" or query = // `Query` instance for the `functionsDefinedUsingTheEllipsisNotation` query @@ -117,7 +128,8 @@ predicate isBannedSyntaxQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `functionsDefinedUsingTheEllipsisNotation` query "cpp/autosar/functions-defined-using-the-ellipsis-notation" and - ruleId = "A8-4-1" + ruleId = "A8-4-1" and + category = "required" or query = // `Query` instance for the `unionsUsed` query @@ -125,7 +137,8 @@ predicate isBannedSyntaxQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `unionsUsed` query "cpp/autosar/unions-used" and - ruleId = "A9-5-1" + ruleId = "A9-5-1" and + category = "required" or query = // `Query` instance for the `commaOperatorUsed` query @@ -133,7 +146,8 @@ predicate isBannedSyntaxQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `commaOperatorUsed` query "cpp/autosar/comma-operator-used" and - ruleId = "M5-18-1" + ruleId = "M5-18-1" and + category = "required" or query = // `Query` instance for the `usingDirectivesUsed` query @@ -141,7 +155,8 @@ predicate isBannedSyntaxQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `usingDirectivesUsed` query "cpp/autosar/using-directives-used" and - ruleId = "M7-3-4" + ruleId = "M7-3-4" and + category = "required" or query = // `Query` instance for the `usingDeclarationsUsedInHeaderFiles` query @@ -149,7 +164,8 @@ predicate isBannedSyntaxQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `usingDeclarationsUsedInHeaderFiles` query "cpp/autosar/using-declarations-used-in-header-files" and - ruleId = "M7-3-6" + ruleId = "M7-3-6" and + category = "required" or query = // `Query` instance for the `doNotDefineACStyleVariadicFunction` query @@ -157,7 +173,8 @@ predicate isBannedSyntaxQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `doNotDefineACStyleVariadicFunction` query "cpp/cert/do-not-define-ac-style-variadic-function" and - ruleId = "DCL50-CPP" + ruleId = "DCL50-CPP" and + category = "rule" } module BannedSyntaxPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedTypes.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedTypes.qll index a03f046633..8328a0f4d4 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedTypes.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedTypes.qll @@ -9,14 +9,15 @@ newtype BannedTypesQuery = TAutoPtrTypeUsedQuery() or TTypeWcharTUsedQuery() -predicate isBannedTypesQueryMetadata(Query query, string queryId, string ruleId) { +predicate isBannedTypesQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `typeLongDoubleUsed` query BannedTypesPackage::typeLongDoubleUsedQuery() and queryId = // `@id` for the `typeLongDoubleUsed` query "cpp/autosar/type-long-double-used" and - ruleId = "A0-4-2" + ruleId = "A0-4-2" and + category = "required" or query = // `Query` instance for the `vectorboolSpecializationUsed` query @@ -24,7 +25,8 @@ predicate isBannedTypesQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `vectorboolSpecializationUsed` query "cpp/autosar/vectorbool-specialization-used" and - ruleId = "A18-1-2" + ruleId = "A18-1-2" and + category = "required" or query = // `Query` instance for the `autoPtrTypeUsed` query @@ -32,7 +34,8 @@ predicate isBannedTypesQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `autoPtrTypeUsed` query "cpp/autosar/auto-ptr-type-used" and - ruleId = "A18-1-3" + ruleId = "A18-1-3" and + category = "required" or query = // `Query` instance for the `typeWcharTUsed` query @@ -40,7 +43,8 @@ predicate isBannedTypesQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `typeWcharTUsed` query "cpp/autosar/type-wchar-t-used" and - ruleId = "A2-13-3" + ruleId = "A2-13-3" and + category = "required" } module BannedTypesPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Classes.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Classes.qll index a185b76287..92c7a4280e 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Classes.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Classes.qll @@ -23,14 +23,15 @@ newtype ClassesQuery = TMemberDataInNonPodClassTypesNotPrivateQuery() or TOffsetUsedOnInvalidTypeOrMemberQuery() -predicate isClassesQueryMetadata(Query query, string queryId, string ruleId) { +predicate isClassesQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `nonPodTypeShouldBeDefinedAsClass` query ClassesPackage::nonPodTypeShouldBeDefinedAsClassQuery() and queryId = // `@id` for the `nonPodTypeShouldBeDefinedAsClass` query "cpp/autosar/non-pod-type-should-be-defined-as-class" and - ruleId = "A11-0-1" + ruleId = "A11-0-1" and + category = "advisory" or query = // `Query` instance for the `typeDefinedAsStructHasOnlyPublicDataMembers` query @@ -38,7 +39,8 @@ predicate isClassesQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `typeDefinedAsStructHasOnlyPublicDataMembers` query "cpp/autosar/type-defined-as-struct-has-only-public-data-members" and - ruleId = "A11-0-2" + ruleId = "A11-0-2" and + category = "required" or query = // `Query` instance for the `typeDefinedAsStructHasNoMethods` query @@ -46,7 +48,8 @@ predicate isClassesQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `typeDefinedAsStructHasNoMethods` query "cpp/autosar/type-defined-as-struct-has-no-methods" and - ruleId = "A11-0-2" + ruleId = "A11-0-2" and + category = "required" or query = // `Query` instance for the `typeDefinedAsStructIsNotBaseOfOtherClassOrStruct` query @@ -54,7 +57,8 @@ predicate isClassesQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `typeDefinedAsStructIsNotBaseOfOtherClassOrStruct` query "cpp/autosar/type-defined-as-struct-is-not-base-of-other-class-or-struct" and - ruleId = "A11-0-2" + ruleId = "A11-0-2" and + category = "required" or query = // `Query` instance for the `typeDefinedAsStructIsDoesNotInheritFromStructOrClass` query @@ -62,7 +66,8 @@ predicate isClassesQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `typeDefinedAsStructIsDoesNotInheritFromStructOrClass` query "cpp/autosar/type-defined-as-struct-is-does-not-inherit-from-struct-or-class" and - ruleId = "A11-0-2" + ruleId = "A11-0-2" and + category = "required" or query = // `Query` instance for the `missingSpecialMemberFunction` query @@ -70,7 +75,8 @@ predicate isClassesQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `missingSpecialMemberFunction` query "cpp/autosar/missing-special-member-function" and - ruleId = "A12-0-1" + ruleId = "A12-0-1" and + category = "required" or query = // `Query` instance for the `classDataMembersInitializationCondition` query @@ -78,7 +84,8 @@ predicate isClassesQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `classDataMembersInitializationCondition` query "cpp/autosar/class-data-members-initialization-condition" and - ruleId = "A12-6-1" + ruleId = "A12-6-1" and + category = "required" or query = // `Query` instance for the `redundantMemberFunctionsShouldBeDefaultedOrLeftUndefined` query @@ -86,7 +93,8 @@ predicate isClassesQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `redundantMemberFunctionsShouldBeDefaultedOrLeftUndefined` query "cpp/autosar/redundant-member-functions-should-be-defaulted-or-left-undefined" and - ruleId = "A12-7-1" + ruleId = "A12-7-1" and + category = "required" or query = // `Query` instance for the `nonTemplateMemberDefinedInTemplate` query @@ -94,7 +102,8 @@ predicate isClassesQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `nonTemplateMemberDefinedInTemplate` query "cpp/autosar/non-template-member-defined-in-template" and - ruleId = "A14-5-2" + ruleId = "A14-5-2" and + category = "advisory" or query = // `Query` instance for the `trivialOrTemplateFunctionDefinedOutsideClassDefinition` query @@ -102,7 +111,8 @@ predicate isClassesQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `trivialOrTemplateFunctionDefinedOutsideClassDefinition` query "cpp/autosar/trivial-or-template-function-defined-outside-class-definition" and - ruleId = "A3-1-5" + ruleId = "A3-1-5" and + category = "required" or query = // `Query` instance for the `nonTrivialNonTemplateFunctionDefinedInsideClassDefinition` query @@ -110,7 +120,8 @@ predicate isClassesQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `nonTrivialNonTemplateFunctionDefinedInsideClassDefinition` query "cpp/autosar/non-trivial-non-template-function-defined-inside-class-definition" and - ruleId = "A3-1-5" + ruleId = "A3-1-5" and + category = "required" or query = // `Query` instance for the `inParametersForNotCheapToCopyTypesNotPassedByReference` query @@ -118,7 +129,8 @@ predicate isClassesQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `inParametersForNotCheapToCopyTypesNotPassedByReference` query "cpp/autosar/in-parameters-for-not-cheap-to-copy-types-not-passed-by-reference" and - ruleId = "A8-4-7" + ruleId = "A8-4-7" and + category = "required" or query = // `Query` instance for the `inParametersForCheapToCopyTypesNotPassedByValue` query @@ -126,7 +138,8 @@ predicate isClassesQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `inParametersForCheapToCopyTypesNotPassedByValue` query "cpp/autosar/in-parameters-for-cheap-to-copy-types-not-passed-by-value" and - ruleId = "A8-4-7" + ruleId = "A8-4-7" and + category = "required" or query = // `Query` instance for the `returnsNonConstRawPointersOrReferencesToPrivateOrProtectedData` query @@ -134,7 +147,8 @@ predicate isClassesQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `returnsNonConstRawPointersOrReferencesToPrivateOrProtectedData` query "cpp/autosar/returns-non-const-raw-pointers-or-references-to-private-or-protected-data" and - ruleId = "A9-3-1" + ruleId = "A9-3-1" and + category = "required" or query = // `Query` instance for the `dataTypesUsedForInterfacingWithHardwareOrProtocolsMustBeTrivialAndStandardLayout` query @@ -142,7 +156,8 @@ predicate isClassesQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `dataTypesUsedForInterfacingWithHardwareOrProtocolsMustBeTrivialAndStandardLayout` query "cpp/autosar/data-types-used-for-interfacing-with-hardware-or-protocols-must-be-trivial-and-standard-layout" and - ruleId = "A9-6-1" + ruleId = "A9-6-1" and + category = "required" or query = // `Query` instance for the `dataTypesUsedForInterfacingWithHardwareOrProtocolsMustContainOnlyDefinedDataTypeSizes` query @@ -150,7 +165,8 @@ predicate isClassesQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `dataTypesUsedForInterfacingWithHardwareOrProtocolsMustContainOnlyDefinedDataTypeSizes` query "cpp/autosar/data-types-used-for-interfacing-with-hardware-or-protocols-must-contain-only-defined-data-type-sizes" and - ruleId = "A9-6-1" + ruleId = "A9-6-1" and + category = "required" or query = // `Query` instance for the `memberDataInNonPodClassTypesNotPrivate` query @@ -158,7 +174,8 @@ predicate isClassesQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `memberDataInNonPodClassTypesNotPrivate` query "cpp/autosar/member-data-in-non-pod-class-types-not-private" and - ruleId = "M11-0-1" + ruleId = "M11-0-1" and + category = "required" or query = // `Query` instance for the `offsetUsedOnInvalidTypeOrMember` query @@ -166,7 +183,8 @@ predicate isClassesQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `offsetUsedOnInvalidTypeOrMember` query "cpp/cert/offset-used-on-invalid-type-or-member" and - ruleId = "EXP59-CPP" + ruleId = "EXP59-CPP" and + category = "rule" } module ClassesPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Comments.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Comments.qll index 0c06102ec7..9d4d186122 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Comments.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Comments.qll @@ -10,14 +10,15 @@ newtype CommentsQuery = TSlashStarUsedWithinACStyleCommentQuery() or TNullOnSharedLineQuery() -predicate isCommentsQueryMetadata(Query query, string queryId, string ruleId) { +predicate isCommentsQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `singleLineCommentEndsWithSlash` query CommentsPackage::singleLineCommentEndsWithSlashQuery() and queryId = // `@id` for the `singleLineCommentEndsWithSlash` query "cpp/autosar/single-line-comment-ends-with-slash" and - ruleId = "A2-7-1" + ruleId = "A2-7-1" and + category = "required" or query = // `Query` instance for the `sectionsOfCodeCommentedOut` query @@ -25,7 +26,8 @@ predicate isCommentsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `sectionsOfCodeCommentedOut` query "cpp/autosar/sections-of-code-commented-out" and - ruleId = "A2-7-2" + ruleId = "A2-7-2" and + category = "required" or query = // `Query` instance for the `undocumentedUserDefinedType` query @@ -33,7 +35,8 @@ predicate isCommentsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `undocumentedUserDefinedType` query "cpp/autosar/undocumented-user-defined-type" and - ruleId = "A2-7-3" + ruleId = "A2-7-3" and + category = "required" or query = // `Query` instance for the `slashStarUsedWithinACStyleComment` query @@ -41,7 +44,8 @@ predicate isCommentsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `slashStarUsedWithinACStyleComment` query "cpp/autosar/slash-star-used-within-ac-style-comment" and - ruleId = "M2-7-1" + ruleId = "M2-7-1" and + category = "required" or query = // `Query` instance for the `nullOnSharedLine` query @@ -49,7 +53,8 @@ predicate isCommentsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `nullOnSharedLine` query "cpp/autosar/null-on-shared-line" and - ruleId = "M6-2-3" + ruleId = "M6-2-3" and + category = "required" } module CommentsPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Concurrency.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Concurrency.qll index 3a2696c880..8038d4e51e 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Concurrency.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Concurrency.qll @@ -14,14 +14,15 @@ newtype ConcurrencyQuery = TDoNotSpeculativelyLockALockedNonRecursiveMutexQuery() or TLockedALockedNonRecursiveMutexAuditQuery() -predicate isConcurrencyQueryMetadata(Query query, string queryId, string ruleId) { +predicate isConcurrencyQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `doNotAllowAMutexToGoOutOfScopeWhileLocked` query ConcurrencyPackage::doNotAllowAMutexToGoOutOfScopeWhileLockedQuery() and queryId = // `@id` for the `doNotAllowAMutexToGoOutOfScopeWhileLocked` query "cpp/cert/do-not-allow-a-mutex-to-go-out-of-scope-while-locked" and - ruleId = "CON50-CPP" + ruleId = "CON50-CPP" and + category = "rule" or query = // `Query` instance for the `doNotDestroyAMutexWhileItIsLocked` query @@ -29,7 +30,8 @@ predicate isConcurrencyQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `doNotDestroyAMutexWhileItIsLocked` query "cpp/cert/do-not-destroy-a-mutex-while-it-is-locked" and - ruleId = "CON50-CPP" + ruleId = "CON50-CPP" and + category = "rule" or query = // `Query` instance for the `ensureActivelyHeldLocksAreReleasedOnExceptionalConditions` query @@ -37,7 +39,8 @@ predicate isConcurrencyQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `ensureActivelyHeldLocksAreReleasedOnExceptionalConditions` query "cpp/cert/ensure-actively-held-locks-are-released-on-exceptional-conditions" and - ruleId = "CON51-CPP" + ruleId = "CON51-CPP" and + category = "rule" or query = // `Query` instance for the `preventBitFieldAccessFromMultipleThreads` query @@ -45,7 +48,8 @@ predicate isConcurrencyQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `preventBitFieldAccessFromMultipleThreads` query "cpp/cert/prevent-bit-field-access-from-multiple-threads" and - ruleId = "CON52-CPP" + ruleId = "CON52-CPP" and + category = "rule" or query = // `Query` instance for the `deadlockByLockingInPredefinedOrder` query @@ -53,7 +57,8 @@ predicate isConcurrencyQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `deadlockByLockingInPredefinedOrder` query "cpp/cert/deadlock-by-locking-in-predefined-order" and - ruleId = "CON53-CPP" + ruleId = "CON53-CPP" and + category = "rule" or query = // `Query` instance for the `wrapFunctionsThatCanSpuriouslyWakeUpInLoop` query @@ -61,7 +66,8 @@ predicate isConcurrencyQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `wrapFunctionsThatCanSpuriouslyWakeUpInLoop` query "cpp/cert/wrap-functions-that-can-spuriously-wake-up-in-loop" and - ruleId = "CON54-CPP" + ruleId = "CON54-CPP" and + category = "rule" or query = // `Query` instance for the `preserveSafetyWhenUsingConditionVariables` query @@ -69,7 +75,8 @@ predicate isConcurrencyQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `preserveSafetyWhenUsingConditionVariables` query "cpp/cert/preserve-safety-when-using-condition-variables" and - ruleId = "CON55-CPP" + ruleId = "CON55-CPP" and + category = "rule" or query = // `Query` instance for the `doNotSpeculativelyLockALockedNonRecursiveMutex` query @@ -77,7 +84,8 @@ predicate isConcurrencyQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `doNotSpeculativelyLockALockedNonRecursiveMutex` query "cpp/cert/do-not-speculatively-lock-a-locked-non-recursive-mutex" and - ruleId = "CON56-CPP" + ruleId = "CON56-CPP" and + category = "rule" or query = // `Query` instance for the `lockedALockedNonRecursiveMutexAudit` query @@ -85,7 +93,8 @@ predicate isConcurrencyQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `lockedALockedNonRecursiveMutexAudit` query "cpp/cert/locked-a-locked-non-recursive-mutex-audit" and - ruleId = "CON56-CPP" + ruleId = "CON56-CPP" and + category = "rule" } module ConcurrencyPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Conditionals.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Conditionals.qll index 4ca7053d08..979e51e5c8 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Conditionals.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Conditionals.qll @@ -22,14 +22,15 @@ newtype ConditionalsQuery = TGotoStatementJumpConditionQuery() or TContinueInForLoopConditionQuery() -predicate isConditionalsQueryMetadata(Query query, string queryId, string ruleId) { +predicate isConditionalsQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `nonBooleanIfCondition` query ConditionalsPackage::nonBooleanIfConditionQuery() and queryId = // `@id` for the `nonBooleanIfCondition` query "cpp/autosar/non-boolean-if-condition" and - ruleId = "A5-0-2" + ruleId = "A5-0-2" and + category = "required" or query = // `Query` instance for the `nonBooleanIterationCondition` query @@ -37,7 +38,8 @@ predicate isConditionalsQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `nonBooleanIterationCondition` query "cpp/autosar/non-boolean-iteration-condition" and - ruleId = "A5-0-2" + ruleId = "A5-0-2" and + category = "required" or query = // `Query` instance for the `switchLessThanTwoCases` query @@ -45,7 +47,8 @@ predicate isConditionalsQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `switchLessThanTwoCases` query "cpp/autosar/switch-less-than-two-cases" and - ruleId = "A6-4-1" + ruleId = "A6-4-1" and + category = "required" or query = // `Query` instance for the `switchCompoundCondition` query @@ -53,7 +56,8 @@ predicate isConditionalsQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `switchCompoundCondition` query "cpp/autosar/switch-compound-condition" and - ruleId = "M6-3-1" + ruleId = "M6-3-1" and + category = "required" or query = // `Query` instance for the `loopCompoundCondition` query @@ -61,7 +65,8 @@ predicate isConditionalsQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `loopCompoundCondition` query "cpp/autosar/loop-compound-condition" and - ruleId = "M6-3-1" + ruleId = "M6-3-1" and + category = "required" or query = // `Query` instance for the `ifCompoundCondition` query @@ -69,7 +74,8 @@ predicate isConditionalsQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `ifCompoundCondition` query "cpp/autosar/if-compound-condition" and - ruleId = "M6-4-1" + ruleId = "M6-4-1" and + category = "required" or query = // `Query` instance for the `ifElseTerminationCondition` query @@ -77,7 +83,8 @@ predicate isConditionalsQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `ifElseTerminationCondition` query "cpp/autosar/if-else-termination-condition" and - ruleId = "M6-4-2" + ruleId = "M6-4-2" and + category = "required" or query = // `Query` instance for the `switchDoesNotStartWithCase` query @@ -85,7 +92,8 @@ predicate isConditionalsQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `switchDoesNotStartWithCase` query "cpp/autosar/switch-does-not-start-with-case" and - ruleId = "M6-4-3" + ruleId = "M6-4-3" and + category = "required" or query = // `Query` instance for the `switchStatementNotWellFormed` query @@ -93,7 +101,8 @@ predicate isConditionalsQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `switchStatementNotWellFormed` query "cpp/autosar/switch-statement-not-well-formed" and - ruleId = "M6-4-3" + ruleId = "M6-4-3" and + category = "required" or query = // `Query` instance for the `nestedCaseInSwitch` query @@ -101,7 +110,8 @@ predicate isConditionalsQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `nestedCaseInSwitch` query "cpp/autosar/nested-case-in-switch" and - ruleId = "M6-4-4" + ruleId = "M6-4-4" and + category = "required" or query = // `Query` instance for the `nonEmptySwitchClauseDoesNotTerminate` query @@ -109,7 +119,8 @@ predicate isConditionalsQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `nonEmptySwitchClauseDoesNotTerminate` query "cpp/autosar/non-empty-switch-clause-does-not-terminate" and - ruleId = "M6-4-5" + ruleId = "M6-4-5" and + category = "required" or query = // `Query` instance for the `missingDefaultInSwitch` query @@ -117,7 +128,8 @@ predicate isConditionalsQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `missingDefaultInSwitch` query "cpp/autosar/missing-default-in-switch" and - ruleId = "M6-4-6" + ruleId = "M6-4-6" and + category = "required" or query = // `Query` instance for the `switchFinalClauseNotDefault` query @@ -125,7 +137,8 @@ predicate isConditionalsQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `switchFinalClauseNotDefault` query "cpp/autosar/switch-final-clause-not-default" and - ruleId = "M6-4-6" + ruleId = "M6-4-6" and + category = "required" or query = // `Query` instance for the `booleanInSwitchCondition` query @@ -133,7 +146,8 @@ predicate isConditionalsQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `booleanInSwitchCondition` query "cpp/autosar/boolean-in-switch-condition" and - ruleId = "M6-4-7" + ruleId = "M6-4-7" and + category = "required" or query = // `Query` instance for the `gotoBlockCondition` query @@ -141,7 +155,8 @@ predicate isConditionalsQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `gotoBlockCondition` query "cpp/autosar/goto-block-condition" and - ruleId = "M6-6-1" + ruleId = "M6-6-1" and + category = "required" or query = // `Query` instance for the `gotoStatementJumpCondition` query @@ -149,7 +164,8 @@ predicate isConditionalsQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `gotoStatementJumpCondition` query "cpp/autosar/goto-statement-jump-condition" and - ruleId = "M6-6-2" + ruleId = "M6-6-2" and + category = "required" or query = // `Query` instance for the `continueInForLoopCondition` query @@ -157,7 +173,8 @@ predicate isConditionalsQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `continueInForLoopCondition` query "cpp/autosar/continue-in-for-loop-condition" and - ruleId = "M6-6-3" + ruleId = "M6-6-3" and + category = "required" } module ConditionalsPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Const.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Const.qll index 0b2c492115..1245139eb1 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Const.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Const.qll @@ -18,14 +18,15 @@ newtype ConstQuery = TMemberFunctionConstIfPossibleQuery() or TRemoveConstOrVolatileQualificationCertQuery() -predicate isConstQueryMetadata(Query query, string queryId, string ruleId) { +predicate isConstQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `removeConstOrVolatileQualificationAutosar` query ConstPackage::removeConstOrVolatileQualificationAutosarQuery() and queryId = // `@id` for the `removeConstOrVolatileQualificationAutosar` query "cpp/autosar/remove-const-or-volatile-qualification-autosar" and - ruleId = "A5-2-3" + ruleId = "A5-2-3" and + category = "required" or query = // `Query` instance for the `declarationUnmodifiedParamMissingConstSpecifier` query @@ -33,7 +34,8 @@ predicate isConstQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `declarationUnmodifiedParamMissingConstSpecifier` query "cpp/autosar/declaration-unmodified-param-missing-const-specifier" and - ruleId = "A7-1-1" + ruleId = "A7-1-1" and + category = "required" or query = // `Query` instance for the `declarationUnmodifiedObjectMissingConstSpecifier` query @@ -41,7 +43,8 @@ predicate isConstQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `declarationUnmodifiedObjectMissingConstSpecifier` query "cpp/autosar/declaration-unmodified-object-missing-const-specifier" and - ruleId = "A7-1-1" + ruleId = "A7-1-1" and + category = "required" or query = // `Query` instance for the `variableMissingConstexpr` query @@ -49,7 +52,8 @@ predicate isConstQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `variableMissingConstexpr` query "cpp/autosar/variable-missing-constexpr" and - ruleId = "A7-1-2" + ruleId = "A7-1-2" and + category = "required" or query = // `Query` instance for the `functionMissingConstexpr` query @@ -57,7 +61,8 @@ predicate isConstQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `functionMissingConstexpr` query "cpp/autosar/function-missing-constexpr" and - ruleId = "A7-1-2" + ruleId = "A7-1-2" and + category = "required" or query = // `Query` instance for the `cvQualifiersNotPlacedOnTheRightHandSide` query @@ -65,7 +70,8 @@ predicate isConstQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `cvQualifiersNotPlacedOnTheRightHandSide` query "cpp/autosar/cv-qualifiers-not-placed-on-the-right-hand-side" and - ruleId = "A7-1-3" + ruleId = "A7-1-3" and + category = "required" or query = // `Query` instance for the `outputParametersUsed` query @@ -73,7 +79,8 @@ predicate isConstQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `outputParametersUsed` query "cpp/autosar/output-parameters-used" and - ruleId = "A8-4-8" + ruleId = "A8-4-8" and + category = "required" or query = // `Query` instance for the `inOutParametersDeclaredAsTNotModified` query @@ -81,7 +88,8 @@ predicate isConstQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `inOutParametersDeclaredAsTNotModified` query "cpp/autosar/in-out-parameters-declared-as-t-not-modified" and - ruleId = "A8-4-9" + ruleId = "A8-4-9" and + category = "required" or query = // `Query` instance for the `pointerOrReferenceParameterToConst` query @@ -89,7 +97,8 @@ predicate isConstQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `pointerOrReferenceParameterToConst` query "cpp/autosar/pointer-or-reference-parameter-to-const" and - ruleId = "M7-1-2" + ruleId = "M7-1-2" and + category = "required" or query = // `Query` instance for the `constMemberFunctionReturnsNonConstPointer` query @@ -97,7 +106,8 @@ predicate isConstQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `constMemberFunctionReturnsNonConstPointer` query "cpp/autosar/const-member-function-returns-non-const-pointer" and - ruleId = "M9-3-1" + ruleId = "M9-3-1" and + category = "required" or query = // `Query` instance for the `memberFunctionStaticIfPossible` query @@ -105,7 +115,8 @@ predicate isConstQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `memberFunctionStaticIfPossible` query "cpp/autosar/member-function-static-if-possible" and - ruleId = "M9-3-3" + ruleId = "M9-3-3" and + category = "required" or query = // `Query` instance for the `memberFunctionConstIfPossible` query @@ -113,7 +124,8 @@ predicate isConstQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `memberFunctionConstIfPossible` query "cpp/autosar/member-function-const-if-possible" and - ruleId = "M9-3-3" + ruleId = "M9-3-3" and + category = "required" or query = // `Query` instance for the `removeConstOrVolatileQualificationCert` query @@ -121,7 +133,8 @@ predicate isConstQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `removeConstOrVolatileQualificationCert` query "cpp/cert/remove-const-or-volatile-qualification-cert" and - ruleId = "EXP55-CPP" + ruleId = "EXP55-CPP" and + category = "rule" } module ConstPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/DeadCode.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/DeadCode.qll index d7b456252a..40b8795e5e 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/DeadCode.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/DeadCode.qll @@ -21,14 +21,15 @@ newtype DeadCodeQuery = TSingleUseMemberPODVariableQuery() or TDeadCodeQuery() -predicate isDeadCodeQueryMetadata(Query query, string queryId, string ruleId) { +predicate isDeadCodeQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `uselessAssignment` query DeadCodePackage::uselessAssignmentQuery() and queryId = // `@id` for the `uselessAssignment` query "cpp/autosar/useless-assignment" and - ruleId = "A0-1-1" + ruleId = "A0-1-1" and + category = "required" or query = // `Query` instance for the `unusedReturnValue` query @@ -36,7 +37,8 @@ predicate isDeadCodeQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `unusedReturnValue` query "cpp/autosar/unused-return-value" and - ruleId = "A0-1-2" + ruleId = "A0-1-2" and + category = "required" or query = // `Query` instance for the `unusedLocalFunction` query @@ -44,7 +46,8 @@ predicate isDeadCodeQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `unusedLocalFunction` query "cpp/autosar/unused-local-function" and - ruleId = "A0-1-3" + ruleId = "A0-1-3" and + category = "required" or query = // `Query` instance for the `unusedParameter` query @@ -52,7 +55,8 @@ predicate isDeadCodeQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `unusedParameter` query "cpp/autosar/unused-parameter" and - ruleId = "A0-1-4" + ruleId = "A0-1-4" and + category = "required" or query = // `Query` instance for the `unusedVirtualParameter` query @@ -60,7 +64,8 @@ predicate isDeadCodeQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `unusedVirtualParameter` query "cpp/autosar/unused-virtual-parameter" and - ruleId = "A0-1-5" + ruleId = "A0-1-5" and + category = "required" or query = // `Query` instance for the `unusedTypeDeclarations` query @@ -68,7 +73,8 @@ predicate isDeadCodeQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `unusedTypeDeclarations` query "cpp/autosar/unused-type-declarations" and - ruleId = "A0-1-6" + ruleId = "A0-1-6" and + category = "advisory" or query = // `Query` instance for the `unreachableCode` query @@ -76,7 +82,8 @@ predicate isDeadCodeQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `unreachableCode` query "cpp/autosar/unreachable-code" and - ruleId = "M0-1-1" + ruleId = "M0-1-1" and + category = "required" or query = // `Query` instance for the `unusedFunction` query @@ -84,7 +91,8 @@ predicate isDeadCodeQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `unusedFunction` query "cpp/autosar/unused-function" and - ruleId = "M0-1-10" + ruleId = "M0-1-10" and + category = "advisory" or query = // `Query` instance for the `infeasiblePath` query @@ -92,7 +100,8 @@ predicate isDeadCodeQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `infeasiblePath` query "cpp/autosar/infeasible-path" and - ruleId = "M0-1-2" + ruleId = "M0-1-2" and + category = "required" or query = // `Query` instance for the `unusedLocalVariable` query @@ -100,7 +109,8 @@ predicate isDeadCodeQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `unusedLocalVariable` query "cpp/autosar/unused-local-variable" and - ruleId = "M0-1-3" + ruleId = "M0-1-3" and + category = "required" or query = // `Query` instance for the `unusedGlobalOrNamespaceVariable` query @@ -108,7 +118,8 @@ predicate isDeadCodeQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `unusedGlobalOrNamespaceVariable` query "cpp/autosar/unused-global-or-namespace-variable" and - ruleId = "M0-1-3" + ruleId = "M0-1-3" and + category = "required" or query = // `Query` instance for the `unusedMemberVariable` query @@ -116,7 +127,8 @@ predicate isDeadCodeQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `unusedMemberVariable` query "cpp/autosar/unused-member-variable" and - ruleId = "M0-1-3" + ruleId = "M0-1-3" and + category = "required" or query = // `Query` instance for the `singleUseLocalPODVariable` query @@ -124,7 +136,8 @@ predicate isDeadCodeQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `singleUseLocalPODVariable` query "cpp/autosar/single-use-local-pod-variable" and - ruleId = "M0-1-4" + ruleId = "M0-1-4" and + category = "required" or query = // `Query` instance for the `singleUseGlobalOrNamespacePODVariable` query @@ -132,7 +145,8 @@ predicate isDeadCodeQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `singleUseGlobalOrNamespacePODVariable` query "cpp/autosar/single-use-global-or-namespace-pod-variable" and - ruleId = "M0-1-4" + ruleId = "M0-1-4" and + category = "required" or query = // `Query` instance for the `singleUseMemberPODVariable` query @@ -140,7 +154,8 @@ predicate isDeadCodeQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `singleUseMemberPODVariable` query "cpp/autosar/single-use-member-pod-variable" and - ruleId = "M0-1-4" + ruleId = "M0-1-4" and + category = "required" or query = // `Query` instance for the `deadCode` query @@ -148,7 +163,8 @@ predicate isDeadCodeQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `deadCode` query "cpp/autosar/dead-code" and - ruleId = "M0-1-9" + ruleId = "M0-1-9" and + category = "required" } module DeadCodePackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Declarations.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Declarations.qll index c8fc673e36..5d51fd522f 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Declarations.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Declarations.qll @@ -22,14 +22,15 @@ newtype DeclarationsQuery = TTypesNotIdenticalInObjectDeclarationsQuery() or TTypesNotIdenticalInReturnDeclarationsQuery() -predicate isDeclarationsQueryMetadata(Query query, string queryId, string ruleId) { +predicate isDeclarationsQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `operatorNewAndOperatorDeleteNotDefinedLocally` query DeclarationsPackage::operatorNewAndOperatorDeleteNotDefinedLocallyQuery() and queryId = // `@id` for the `operatorNewAndOperatorDeleteNotDefinedLocally` query "cpp/autosar/operator-new-and-operator-delete-not-defined-locally" and - ruleId = "A18-5-11" + ruleId = "A18-5-11" and + category = "required" or query = // `Query` instance for the `operatorNewAndOperatorDeleteNotDefinedGlobally` query @@ -37,7 +38,8 @@ predicate isDeclarationsQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `operatorNewAndOperatorDeleteNotDefinedGlobally` query "cpp/autosar/operator-new-and-operator-delete-not-defined-globally" and - ruleId = "A18-5-11" + ruleId = "A18-5-11" and + category = "required" or query = // `Query` instance for the `globalSizedOperatorDeleteNotDefined` query @@ -45,7 +47,8 @@ predicate isDeclarationsQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `globalSizedOperatorDeleteNotDefined` query "cpp/autosar/global-sized-operator-delete-not-defined" and - ruleId = "A18-5-4" + ruleId = "A18-5-4" and + category = "required" or query = // `Query` instance for the `globalUnsizedOperatorDeleteNotDefined` query @@ -53,7 +56,8 @@ predicate isDeclarationsQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `globalUnsizedOperatorDeleteNotDefined` query "cpp/autosar/global-unsized-operator-delete-not-defined" and - ruleId = "A18-5-4" + ruleId = "A18-5-4" and + category = "required" or query = // `Query` instance for the `variableWidthIntegerTypesUsed` query @@ -61,7 +65,8 @@ predicate isDeclarationsQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `variableWidthIntegerTypesUsed` query "cpp/autosar/variable-width-integer-types-used" and - ruleId = "A3-9-1" + ruleId = "A3-9-1" and + category = "required" or query = // `Query` instance for the `autoSpecifierNotUsedAppropriatelyInFunctionDefinition` query @@ -69,7 +74,8 @@ predicate isDeclarationsQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `autoSpecifierNotUsedAppropriatelyInFunctionDefinition` query "cpp/autosar/auto-specifier-not-used-appropriately-in-function-definition" and - ruleId = "A7-1-5" + ruleId = "A7-1-5" and + category = "required" or query = // `Query` instance for the `autoSpecifierNotUsedAppropriatelyInVariableDefinition` query @@ -77,7 +83,8 @@ predicate isDeclarationsQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `autoSpecifierNotUsedAppropriatelyInVariableDefinition` query "cpp/autosar/auto-specifier-not-used-appropriately-in-variable-definition" and - ruleId = "A7-1-5" + ruleId = "A7-1-5" and + category = "required" or query = // `Query` instance for the `identifierDeclarationAndInitializationNotOnSeparateLines` query @@ -85,7 +92,8 @@ predicate isDeclarationsQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `identifierDeclarationAndInitializationNotOnSeparateLines` query "cpp/autosar/identifier-declaration-and-initialization-not-on-separate-lines" and - ruleId = "A7-1-7" + ruleId = "A7-1-7" and + category = "required" or query = // `Query` instance for the `classStructEnumDeclaredInDefinition` query @@ -93,7 +101,8 @@ predicate isDeclarationsQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `classStructEnumDeclaredInDefinition` query "cpp/autosar/class-struct-enum-declared-in-definition" and - ruleId = "A7-1-9" + ruleId = "A7-1-9" and + category = "required" or query = // `Query` instance for the `enumerationUnderlyingBaseTypeNotExplicitlyDefined` query @@ -101,7 +110,8 @@ predicate isDeclarationsQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `enumerationUnderlyingBaseTypeNotExplicitlyDefined` query "cpp/autosar/enumeration-underlying-base-type-not-explicitly-defined" and - ruleId = "A7-2-2" + ruleId = "A7-2-2" and + category = "required" or query = // `Query` instance for the `enumerationsNotDeclaredAsScopedEnumClasses` query @@ -109,7 +119,8 @@ predicate isDeclarationsQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `enumerationsNotDeclaredAsScopedEnumClasses` query "cpp/autosar/enumerations-not-declared-as-scoped-enum-classes" and - ruleId = "A7-2-3" + ruleId = "A7-2-3" and + category = "required" or query = // `Query` instance for the `noneFirstOrAllEnumeratorsNotInitialized` query @@ -117,7 +128,8 @@ predicate isDeclarationsQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `noneFirstOrAllEnumeratorsNotInitialized` query "cpp/autosar/none-first-or-all-enumerators-not-initialized" and - ruleId = "A7-2-4" + ruleId = "A7-2-4" and + category = "required" or query = // `Query` instance for the `functionsDeclaredAtBlockScope` query @@ -125,7 +137,8 @@ predicate isDeclarationsQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `functionsDeclaredAtBlockScope` query "cpp/autosar/functions-declared-at-block-scope" and - ruleId = "M3-1-2" + ruleId = "M3-1-2" and + category = "required" or query = // `Query` instance for the `declarationsOfAnObjectShallHaveCompatibleTypes` query @@ -133,7 +146,8 @@ predicate isDeclarationsQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `declarationsOfAnObjectShallHaveCompatibleTypes` query "cpp/autosar/declarations-of-an-object-shall-have-compatible-types" and - ruleId = "M3-2-1" + ruleId = "M3-2-1" and + category = "required" or query = // `Query` instance for the `declarationsOfAFunctionShallHaveCompatibleTypes` query @@ -141,7 +155,8 @@ predicate isDeclarationsQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `declarationsOfAFunctionShallHaveCompatibleTypes` query "cpp/autosar/declarations-of-a-function-shall-have-compatible-types" and - ruleId = "M3-2-1" + ruleId = "M3-2-1" and + category = "required" or query = // `Query` instance for the `typesNotIdenticalInObjectDeclarations` query @@ -149,7 +164,8 @@ predicate isDeclarationsQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `typesNotIdenticalInObjectDeclarations` query "cpp/autosar/types-not-identical-in-object-declarations" and - ruleId = "M3-9-1" + ruleId = "M3-9-1" and + category = "required" or query = // `Query` instance for the `typesNotIdenticalInReturnDeclarations` query @@ -157,7 +173,8 @@ predicate isDeclarationsQueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `typesNotIdenticalInReturnDeclarations` query "cpp/autosar/types-not-identical-in-return-declarations" and - ruleId = "M3-9-1" + ruleId = "M3-9-1" and + category = "required" } module DeclarationsPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/ExceptionSafety.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/ExceptionSafety.qll index 7611aad062..bab954a505 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/ExceptionSafety.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/ExceptionSafety.qll @@ -10,14 +10,15 @@ newtype ExceptionSafetyQuery = TGuaranteeExceptionSafetyQuery() or TDoNotLeakResourcesWhenHandlingExceptionsQuery() -predicate isExceptionSafetyQueryMetadata(Query query, string queryId, string ruleId) { +predicate isExceptionSafetyQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `exceptionSafetyGuaranteesNotProvided` query ExceptionSafetyPackage::exceptionSafetyGuaranteesNotProvidedQuery() and queryId = // `@id` for the `exceptionSafetyGuaranteesNotProvided` query "cpp/autosar/exception-safety-guarantees-not-provided" and - ruleId = "A15-0-2" + ruleId = "A15-0-2" and + category = "required" or query = // `Query` instance for the `exceptionSafetyGuaranteeOfACalledFunction` query @@ -25,7 +26,8 @@ predicate isExceptionSafetyQueryMetadata(Query query, string queryId, string rul queryId = // `@id` for the `exceptionSafetyGuaranteeOfACalledFunction` query "cpp/autosar/exception-safety-guarantee-of-a-called-function" and - ruleId = "A15-0-3" + ruleId = "A15-0-3" and + category = "required" or query = // `Query` instance for the `validResourcesStateBeforeThrow` query @@ -33,7 +35,8 @@ predicate isExceptionSafetyQueryMetadata(Query query, string queryId, string rul queryId = // `@id` for the `validResourcesStateBeforeThrow` query "cpp/autosar/valid-resources-state-before-throw" and - ruleId = "A15-1-4" + ruleId = "A15-1-4" and + category = "required" or query = // `Query` instance for the `guaranteeExceptionSafety` query @@ -41,7 +44,8 @@ predicate isExceptionSafetyQueryMetadata(Query query, string queryId, string rul queryId = // `@id` for the `guaranteeExceptionSafety` query "cpp/cert/guarantee-exception-safety" and - ruleId = "ERR56-CPP" + ruleId = "ERR56-CPP" and + category = "rule" or query = // `Query` instance for the `doNotLeakResourcesWhenHandlingExceptions` query @@ -49,7 +53,8 @@ predicate isExceptionSafetyQueryMetadata(Query query, string queryId, string rul queryId = // `@id` for the `doNotLeakResourcesWhenHandlingExceptions` query "cpp/cert/do-not-leak-resources-when-handling-exceptions" and - ruleId = "ERR57-CPP" + ruleId = "ERR57-CPP" and + category = "rule" } module ExceptionSafetyPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Exceptions1.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Exceptions1.qll index fc77c5e011..c4937348e8 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Exceptions1.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Exceptions1.qll @@ -39,14 +39,15 @@ newtype Exceptions1Query = TExceptionObjectsMustBeNothrowCopyConstructibleQuery() or TCatchExceptionsByLvalueReferenceQuery() -predicate isExceptions1QueryMetadata(Query query, string queryId, string ruleId) { +predicate isExceptions1QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `exceptionThrownOnCompletion` query Exceptions1Package::exceptionThrownOnCompletionQuery() and queryId = // `@id` for the `exceptionThrownOnCompletion` query "cpp/autosar/exception-thrown-on-completion" and - ruleId = "A15-0-1" + ruleId = "A15-0-1" and + category = "required" or query = // `Query` instance for the `recoverableUncheckedExceptions` query @@ -54,7 +55,8 @@ predicate isExceptions1QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `recoverableUncheckedExceptions` query "cpp/autosar/recoverable-unchecked-exceptions" and - ruleId = "A15-0-4" + ruleId = "A15-0-4" and + category = "required" or query = // `Query` instance for the `unrecoverableCheckedExceptions` query @@ -62,7 +64,8 @@ predicate isExceptions1QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `unrecoverableCheckedExceptions` query "cpp/autosar/unrecoverable-checked-exceptions" and - ruleId = "A15-0-5" + ruleId = "A15-0-5" and + category = "required" or query = // `Query` instance for the `pointerExceptionObject` query @@ -70,7 +73,8 @@ predicate isExceptions1QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `pointerExceptionObject` query "cpp/autosar/pointer-exception-object" and - ruleId = "A15-1-2" + ruleId = "A15-1-2" and + category = "required" or query = // `Query` instance for the `thrownExceptionsShouldBeUnique` query @@ -78,7 +82,8 @@ predicate isExceptions1QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `thrownExceptionsShouldBeUnique` query "cpp/autosar/thrown-exceptions-should-be-unique" and - ruleId = "A15-1-3" + ruleId = "A15-1-3" and + category = "advisory" or query = // `Query` instance for the `constructorsThatAreNotNoexceptInvokedBeforeProgramStartup` query @@ -86,7 +91,8 @@ predicate isExceptions1QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `constructorsThatAreNotNoexceptInvokedBeforeProgramStartup` query "cpp/autosar/constructors-that-are-not-noexcept-invoked-before-program-startup" and - ruleId = "A15-2-1" + ruleId = "A15-2-1" and + category = "required" or query = // `Query` instance for the `missingCatchHandlerInMain` query @@ -94,7 +100,8 @@ predicate isExceptions1QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `missingCatchHandlerInMain` query "cpp/autosar/missing-catch-handler-in-main" and - ruleId = "A15-3-3" + ruleId = "A15-3-3" and + category = "required" or query = // `Query` instance for the `catchAllEllipsisUsedInNonMain` query @@ -102,7 +109,8 @@ predicate isExceptions1QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `catchAllEllipsisUsedInNonMain` query "cpp/autosar/catch-all-ellipsis-used-in-non-main" and - ruleId = "A15-3-4" + ruleId = "A15-3-4" and + category = "required" or query = // `Query` instance for the `useOfDynamicExceptionSpecification` query @@ -110,7 +118,8 @@ predicate isExceptions1QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `useOfDynamicExceptionSpecification` query "cpp/autosar/use-of-dynamic-exception-specification" and - ruleId = "A15-4-1" + ruleId = "A15-4-1" and + category = "required" or query = // `Query` instance for the `noExceptFunctionThrows` query @@ -118,7 +127,8 @@ predicate isExceptions1QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `noExceptFunctionThrows` query "cpp/autosar/no-except-function-throws" and - ruleId = "A15-4-2" + ruleId = "A15-4-2" and + category = "required" or query = // `Query` instance for the `missingNoExcept` query @@ -126,7 +136,8 @@ predicate isExceptions1QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `missingNoExcept` query "cpp/autosar/missing-no-except" and - ruleId = "A15-4-4" + ruleId = "A15-4-4" and + category = "required" or query = // `Query` instance for the `explicitAbruptTerminationAutosar` query @@ -134,7 +145,8 @@ predicate isExceptions1QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `explicitAbruptTerminationAutosar` query "cpp/autosar/explicit-abrupt-termination-autosar" and - ruleId = "A15-5-2" + ruleId = "A15-5-2" and + category = "required" or query = // `Query` instance for the `conditionVariablePostConditionFailedAutosar` query @@ -142,7 +154,8 @@ predicate isExceptions1QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `conditionVariablePostConditionFailedAutosar` query "cpp/autosar/condition-variable-post-condition-failed-autosar" and - ruleId = "A15-5-3" + ruleId = "A15-5-3" and + category = "required" or query = // `Query` instance for the `joinableThreadCopiedOrDestroyedAutosar` query @@ -150,7 +163,8 @@ predicate isExceptions1QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `joinableThreadCopiedOrDestroyedAutosar` query "cpp/autosar/joinable-thread-copied-or-destroyed-autosar" and - ruleId = "A15-5-3" + ruleId = "A15-5-3" and + category = "required" or query = // `Query` instance for the `rethrowNestedWithoutCaptureAutosar` query @@ -158,7 +172,8 @@ predicate isExceptions1QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `rethrowNestedWithoutCaptureAutosar` query "cpp/autosar/rethrow-nested-without-capture-autosar" and - ruleId = "A15-5-3" + ruleId = "A15-5-3" and + category = "required" or query = // `Query` instance for the `exitHandlerThrowsExceptionAutosar` query @@ -166,7 +181,8 @@ predicate isExceptions1QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `exitHandlerThrowsExceptionAutosar` query "cpp/autosar/exit-handler-throws-exception-autosar" and - ruleId = "A15-5-3" + ruleId = "A15-5-3" and + category = "required" or query = // `Query` instance for the `gotoToCatchBlock` query @@ -174,7 +190,8 @@ predicate isExceptions1QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `gotoToCatchBlock` query "cpp/autosar/goto-to-catch-block" and - ruleId = "M15-0-3" + ruleId = "M15-0-3" and + category = "required" or query = // `Query` instance for the `switchToCatchBlock` query @@ -182,7 +199,8 @@ predicate isExceptions1QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `switchToCatchBlock` query "cpp/autosar/switch-to-catch-block" and - ruleId = "M15-0-3" + ruleId = "M15-0-3" and + category = "required" or query = // `Query` instance for the `exceptionThrownDuringThrow` query @@ -190,7 +208,8 @@ predicate isExceptions1QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `exceptionThrownDuringThrow` query "cpp/autosar/exception-thrown-during-throw" and - ruleId = "M15-1-1" + ruleId = "M15-1-1" and + category = "required" or query = // `Query` instance for the `nullThrownExplicitly` query @@ -198,7 +217,8 @@ predicate isExceptions1QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `nullThrownExplicitly` query "cpp/autosar/null-thrown-explicitly" and - ruleId = "M15-1-2" + ruleId = "M15-1-2" and + category = "required" or query = // `Query` instance for the `emptyThrowOutsideCatch` query @@ -206,7 +226,8 @@ predicate isExceptions1QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `emptyThrowOutsideCatch` query "cpp/autosar/empty-throw-outside-catch" and - ruleId = "M15-1-3" + ruleId = "M15-1-3" and + category = "required" or query = // `Query` instance for the `catchAllExplicitlyThrownExceptions` query @@ -214,7 +235,8 @@ predicate isExceptions1QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `catchAllExplicitlyThrownExceptions` query "cpp/autosar/catch-all-explicitly-thrown-exceptions" and - ruleId = "M15-3-4" + ruleId = "M15-3-4" and + category = "required" or query = // `Query` instance for the `catchAllHandlerLast` query @@ -222,7 +244,8 @@ predicate isExceptions1QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `catchAllHandlerLast` query "cpp/autosar/catch-all-handler-last" and - ruleId = "M15-3-7" + ruleId = "M15-3-7" and + category = "required" or query = // `Query` instance for the `conditionVariablePostConditionFailedCert` query @@ -230,7 +253,8 @@ predicate isExceptions1QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `conditionVariablePostConditionFailedCert` query "cpp/cert/condition-variable-post-condition-failed-cert" and - ruleId = "ERR50-CPP" + ruleId = "ERR50-CPP" and + category = "rule" or query = // `Query` instance for the `joinableThreadCopiedOrDestroyedCert` query @@ -238,7 +262,8 @@ predicate isExceptions1QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `joinableThreadCopiedOrDestroyedCert` query "cpp/cert/joinable-thread-copied-or-destroyed-cert" and - ruleId = "ERR50-CPP" + ruleId = "ERR50-CPP" and + category = "rule" or query = // `Query` instance for the `rethrowNestedWithoutCaptureCert` query @@ -246,7 +271,8 @@ predicate isExceptions1QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `rethrowNestedWithoutCaptureCert` query "cpp/cert/rethrow-nested-without-capture-cert" and - ruleId = "ERR50-CPP" + ruleId = "ERR50-CPP" and + category = "rule" or query = // `Query` instance for the `explicitAbruptTerminationCert` query @@ -254,7 +280,8 @@ predicate isExceptions1QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `explicitAbruptTerminationCert` query "cpp/cert/explicit-abrupt-termination-cert" and - ruleId = "ERR50-CPP" + ruleId = "ERR50-CPP" and + category = "rule" or query = // `Query` instance for the `exitHandlerThrowsExceptionCert` query @@ -262,7 +289,8 @@ predicate isExceptions1QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `exitHandlerThrowsExceptionCert` query "cpp/cert/exit-handler-throws-exception-cert" and - ruleId = "ERR50-CPP" + ruleId = "ERR50-CPP" and + category = "rule" or query = // `Query` instance for the `handleAllExceptions` query @@ -270,7 +298,8 @@ predicate isExceptions1QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `handleAllExceptions` query "cpp/cert/handle-all-exceptions" and - ruleId = "ERR51-CPP" + ruleId = "ERR51-CPP" and + category = "rule" or query = // `Query` instance for the `destroyedValueReferencedInConstructorDestructorCatchBlock` query @@ -278,7 +307,8 @@ predicate isExceptions1QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `destroyedValueReferencedInConstructorDestructorCatchBlock` query "cpp/cert/destroyed-value-referenced-in-constructor-destructor-catch-block" and - ruleId = "ERR53-CPP" + ruleId = "ERR53-CPP" and + category = "rule" or query = // `Query` instance for the `honorExceptionSpecifications` query @@ -286,7 +316,8 @@ predicate isExceptions1QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `honorExceptionSpecifications` query "cpp/cert/honor-exception-specifications" and - ruleId = "ERR55-CPP" + ruleId = "ERR55-CPP" and + category = "rule" or query = // `Query` instance for the `handleAllExceptionsThrownBeforeMainBeginsExecuting` query @@ -294,7 +325,8 @@ predicate isExceptions1QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `handleAllExceptionsThrownBeforeMainBeginsExecuting` query "cpp/cert/handle-all-exceptions-thrown-before-main-begins-executing" and - ruleId = "ERR58-CPP" + ruleId = "ERR58-CPP" and + category = "rule" or query = // `Query` instance for the `exceptionObjectsMustBeNothrowCopyConstructible` query @@ -302,7 +334,8 @@ predicate isExceptions1QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `exceptionObjectsMustBeNothrowCopyConstructible` query "cpp/cert/exception-objects-must-be-nothrow-copy-constructible" and - ruleId = "ERR60-CPP" + ruleId = "ERR60-CPP" and + category = "rule" or query = // `Query` instance for the `catchExceptionsByLvalueReference` query @@ -310,7 +343,8 @@ predicate isExceptions1QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `catchExceptionsByLvalueReference` query "cpp/cert/catch-exceptions-by-lvalue-reference" and - ruleId = "ERR61-CPP" + ruleId = "ERR61-CPP" and + category = "rule" } module Exceptions1Package { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Exceptions2.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Exceptions2.qll index 6e0a3e1f2b..fa990c8f0f 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Exceptions2.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Exceptions2.qll @@ -22,14 +22,15 @@ newtype Exceptions2Query = TDoNotLetExceptionsEscapeFromDestructorsOrDeallocationFunctionsQuery() or TCatchBlockShadowingCertQuery() -predicate isExceptions2QueryMetadata(Query query, string queryId, string ruleId) { +predicate isExceptions2QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `onlyThrowStdExceptionDerivedTypes` query Exceptions2Package::onlyThrowStdExceptionDerivedTypesQuery() and queryId = // `@id` for the `onlyThrowStdExceptionDerivedTypes` query "cpp/autosar/only-throw-std-exception-derived-types" and - ruleId = "A15-1-1" + ruleId = "A15-1-1" and + category = "advisory" or query = // `Query` instance for the `constructorErrorLeavesObjectInInvalidState` query @@ -37,7 +38,8 @@ predicate isExceptions2QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `constructorErrorLeavesObjectInInvalidState` query "cpp/autosar/constructor-error-leaves-object-in-invalid-state" and - ruleId = "A15-2-2" + ruleId = "A15-2-2" and + category = "required" or query = // `Query` instance for the `classTypeExceptionNotCaughtByReference` query @@ -45,7 +47,8 @@ predicate isExceptions2QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `classTypeExceptionNotCaughtByReference` query "cpp/autosar/class-type-exception-not-caught-by-reference" and - ruleId = "A15-3-5" + ruleId = "A15-3-5" and + category = "required" or query = // `Query` instance for the `incompatibleNoexceptSpecification` query @@ -53,7 +56,8 @@ predicate isExceptions2QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `incompatibleNoexceptSpecification` query "cpp/autosar/incompatible-noexcept-specification" and - ruleId = "A15-4-3" + ruleId = "A15-4-3" and + category = "required" or query = // `Query` instance for the `inconsistentNoexceptFalseSpecification` query @@ -61,7 +65,8 @@ predicate isExceptions2QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `inconsistentNoexceptFalseSpecification` query "cpp/autosar/inconsistent-noexcept-false-specification" and - ruleId = "A15-4-3" + ruleId = "A15-4-3" and + category = "required" or query = // `Query` instance for the `inconsistentNoexceptTrueSpecification` query @@ -69,7 +74,8 @@ predicate isExceptions2QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `inconsistentNoexceptTrueSpecification` query "cpp/autosar/inconsistent-noexcept-true-specification" and - ruleId = "A15-4-3" + ruleId = "A15-4-3" and + category = "required" or query = // `Query` instance for the `incompatibleNoexceptSpecificationForOverriders` query @@ -77,7 +83,8 @@ predicate isExceptions2QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `incompatibleNoexceptSpecificationForOverriders` query "cpp/autosar/incompatible-noexcept-specification-for-overriders" and - ruleId = "A15-4-3" + ruleId = "A15-4-3" and + category = "required" or query = // `Query` instance for the `missingCheckedExceptions` query @@ -85,7 +92,8 @@ predicate isExceptions2QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `missingCheckedExceptions` query "cpp/autosar/missing-checked-exceptions" and - ruleId = "A15-4-5" + ruleId = "A15-4-5" and + category = "required" or query = // `Query` instance for the `inconsistentCheckedExceptions` query @@ -93,7 +101,8 @@ predicate isExceptions2QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `inconsistentCheckedExceptions` query "cpp/autosar/inconsistent-checked-exceptions" and - ruleId = "A15-4-5" + ruleId = "A15-4-5" and + category = "required" or query = // `Query` instance for the `specialFunctionExitsWithException` query @@ -101,7 +110,8 @@ predicate isExceptions2QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `specialFunctionExitsWithException` query "cpp/autosar/special-function-exits-with-exception" and - ruleId = "A15-5-1" + ruleId = "A15-5-1" and + category = "required" or query = // `Query` instance for the `specialFunctionMissingNoExceptSpecification` query @@ -109,7 +119,8 @@ predicate isExceptions2QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `specialFunctionMissingNoExceptSpecification` query "cpp/autosar/special-function-missing-no-except-specification" and - ruleId = "A15-5-1" + ruleId = "A15-5-1" and + category = "required" or query = // `Query` instance for the `exceptionRaisedDuringStartup` query @@ -117,7 +128,8 @@ predicate isExceptions2QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `exceptionRaisedDuringStartup` query "cpp/autosar/exception-raised-during-startup" and - ruleId = "M15-3-1" + ruleId = "M15-3-1" and + category = "required" or query = // `Query` instance for the `exceptionRaisedDuringTermination` query @@ -125,7 +137,8 @@ predicate isExceptions2QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `exceptionRaisedDuringTermination` query "cpp/autosar/exception-raised-during-termination" and - ruleId = "M15-3-1" + ruleId = "M15-3-1" and + category = "required" or query = // `Query` instance for the `destroyedValueReferencedInDestructorCatchBlock` query @@ -133,7 +146,8 @@ predicate isExceptions2QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `destroyedValueReferencedInDestructorCatchBlock` query "cpp/autosar/destroyed-value-referenced-in-destructor-catch-block" and - ruleId = "M15-3-3" + ruleId = "M15-3-3" and + category = "required" or query = // `Query` instance for the `catchBlockShadowingMisra` query @@ -141,7 +155,8 @@ predicate isExceptions2QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `catchBlockShadowingMisra` query "cpp/autosar/catch-block-shadowing-misra" and - ruleId = "M15-3-6" + ruleId = "M15-3-6" and + category = "required" or query = // `Query` instance for the `doNotLetExceptionsEscapeFromDestructorsOrDeallocationFunctions` query @@ -149,7 +164,8 @@ predicate isExceptions2QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `doNotLetExceptionsEscapeFromDestructorsOrDeallocationFunctions` query "cpp/cert/do-not-let-exceptions-escape-from-destructors-or-deallocation-functions" and - ruleId = "DCL57-CPP" + ruleId = "DCL57-CPP" and + category = "rule" or query = // `Query` instance for the `catchBlockShadowingCert` query @@ -157,7 +173,8 @@ predicate isExceptions2QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `catchBlockShadowingCert` query "cpp/cert/catch-block-shadowing-cert" and - ruleId = "ERR54-CPP" + ruleId = "ERR54-CPP" and + category = "rule" } module Exceptions2Package { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Expressions.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Expressions.qll index 049209d3fa..9797b874e5 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Expressions.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Expressions.qll @@ -21,14 +21,15 @@ newtype ExpressionsQuery = TPassReferenceTypeToVaStartQuery() or TPassNonTrivialObjectToVaStartQuery() -predicate isExpressionsQueryMetadata(Query query, string queryId, string ruleId) { +predicate isExpressionsQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `operationsAssumingMemoryLayoutPerformedOnObjects` query ExpressionsPackage::operationsAssumingMemoryLayoutPerformedOnObjectsQuery() and queryId = // `@id` for the `operationsAssumingMemoryLayoutPerformedOnObjects` query "cpp/autosar/operations-assuming-memory-layout-performed-on-objects" and - ruleId = "A12-0-2" + ruleId = "A12-0-2" and + category = "required" or query = // `Query` instance for the `enumUsedInArithmeticContexts` query @@ -36,7 +37,8 @@ predicate isExpressionsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `enumUsedInArithmeticContexts` query "cpp/autosar/enum-used-in-arithmetic-contexts" and - ruleId = "A4-5-1" + ruleId = "A4-5-1" and + category = "required" or query = // `Query` instance for the `divisorEqualToZero` query @@ -44,7 +46,8 @@ predicate isExpressionsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `divisorEqualToZero` query "cpp/autosar/divisor-equal-to-zero" and - ruleId = "A5-6-1" + ruleId = "A5-6-1" and + category = "required" or query = // `Query` instance for the `functionErroneousReturnValueNotTested` query @@ -52,7 +55,8 @@ predicate isExpressionsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `functionErroneousReturnValueNotTested` query "cpp/autosar/function-erroneous-return-value-not-tested" and - ruleId = "M0-3-2" + ruleId = "M0-3-2" and + category = "required" or query = // `Query` instance for the `boolOperandsToDisallowedBuiltInOperators` query @@ -60,7 +64,8 @@ predicate isExpressionsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `boolOperandsToDisallowedBuiltInOperators` query "cpp/autosar/bool-operands-to-disallowed-built-in-operators" and - ruleId = "M4-5-1" + ruleId = "M4-5-1" and + category = "required" or query = // `Query` instance for the `charUsedAsOperandsToDisallowedBuiltInOperators` query @@ -68,7 +73,8 @@ predicate isExpressionsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `charUsedAsOperandsToDisallowedBuiltInOperators` query "cpp/autosar/char-used-as-operands-to-disallowed-built-in-operators" and - ruleId = "M4-5-3" + ruleId = "M4-5-3" and + category = "required" or query = // `Query` instance for the `ternaryOperatorConditionNotTypeBool` query @@ -76,7 +82,8 @@ predicate isExpressionsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `ternaryOperatorConditionNotTypeBool` query "cpp/autosar/ternary-operator-condition-not-type-bool" and - ruleId = "M5-0-14" + ruleId = "M5-0-14" and + category = "required" or query = // `Query` instance for the `bitwiseOperatorOperandsHaveDifferentUnderlyingType` query @@ -84,7 +91,8 @@ predicate isExpressionsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `bitwiseOperatorOperandsHaveDifferentUnderlyingType` query "cpp/autosar/bitwise-operator-operands-have-different-underlying-type" and - ruleId = "M5-0-20" + ruleId = "M5-0-20" and + category = "required" or query = // `Query` instance for the `bitwiseOperatorAppliedToSignedTypes` query @@ -92,7 +100,8 @@ predicate isExpressionsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `bitwiseOperatorAppliedToSignedTypes` query "cpp/autosar/bitwise-operator-applied-to-signed-types" and - ruleId = "M5-0-21" + ruleId = "M5-0-21" and + category = "required" or query = // `Query` instance for the `cvalueExpressionConvertedToDifferentUnderlyingType` query @@ -100,7 +109,8 @@ predicate isExpressionsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `cvalueExpressionConvertedToDifferentUnderlyingType` query "cpp/autosar/cvalue-expression-converted-to-different-underlying-type" and - ruleId = "M5-0-3" + ruleId = "M5-0-3" and + category = "required" or query = // `Query` instance for the `constantUnsignedIntegerExpressionsWrapAround` query @@ -108,7 +118,8 @@ predicate isExpressionsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `constantUnsignedIntegerExpressionsWrapAround` query "cpp/autosar/constant-unsigned-integer-expressions-wrap-around" and - ruleId = "M5-19-1" + ruleId = "M5-19-1" and + category = "required" or query = // `Query` instance for the `rightBitShiftOperandIsNegativeOrTooWide` query @@ -116,7 +127,8 @@ predicate isExpressionsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `rightBitShiftOperandIsNegativeOrTooWide` query "cpp/autosar/right-bit-shift-operand-is-negative-or-too-wide" and - ruleId = "M5-8-1" + ruleId = "M5-8-1" and + category = "required" or query = // `Query` instance for the `floatsTestedForEquality` query @@ -124,7 +136,8 @@ predicate isExpressionsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `floatsTestedForEquality` query "cpp/autosar/floats-tested-for-equality" and - ruleId = "M6-2-2" + ruleId = "M6-2-2" and + category = "required" or query = // `Query` instance for the `passPromotablePrimitiveTypeToVaStart` query @@ -132,7 +145,8 @@ predicate isExpressionsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `passPromotablePrimitiveTypeToVaStart` query "cpp/cert/pass-promotable-primitive-type-to-va-start" and - ruleId = "EXP58-CPP" + ruleId = "EXP58-CPP" and + category = "rule" or query = // `Query` instance for the `passReferenceTypeToVaStart` query @@ -140,7 +154,8 @@ predicate isExpressionsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `passReferenceTypeToVaStart` query "cpp/cert/pass-reference-type-to-va-start" and - ruleId = "EXP58-CPP" + ruleId = "EXP58-CPP" and + category = "rule" or query = // `Query` instance for the `passNonTrivialObjectToVaStart` query @@ -148,7 +163,8 @@ predicate isExpressionsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `passNonTrivialObjectToVaStart` query "cpp/cert/pass-non-trivial-object-to-va-start" and - ruleId = "EXP58-CPP" + ruleId = "EXP58-CPP" and + category = "rule" } module ExpressionsPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Freed.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Freed.qll index a7122cb236..00d3bbdf99 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Freed.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Freed.qll @@ -14,14 +14,15 @@ newtype FreedQuery = TObjectAccessedAfterLifetimeCertQuery() or TUseAfterFreeQuery() -predicate isFreedQueryMetadata(Query query, string queryId, string ruleId) { +predicate isFreedQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `newDeleteArrayMismatch` query FreedPackage::newDeleteArrayMismatchQuery() and queryId = // `@id` for the `newDeleteArrayMismatch` query "cpp/autosar/new-delete-array-mismatch" and - ruleId = "A18-5-3" + ruleId = "A18-5-3" and + category = "required" or query = // `Query` instance for the `newArrayDeleteMismatch` query @@ -29,7 +30,8 @@ predicate isFreedQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `newArrayDeleteMismatch` query "cpp/autosar/new-array-delete-mismatch" and - ruleId = "A18-5-3" + ruleId = "A18-5-3" and + category = "required" or query = // `Query` instance for the `objectAccessedBeforeLifetimeAutosar` query @@ -37,7 +39,8 @@ predicate isFreedQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `objectAccessedBeforeLifetimeAutosar` query "cpp/autosar/object-accessed-before-lifetime-autosar" and - ruleId = "A3-8-1" + ruleId = "A3-8-1" and + category = "required" or query = // `Query` instance for the `objectAccessedAfterLifetimeAutosar` query @@ -45,7 +48,8 @@ predicate isFreedQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `objectAccessedAfterLifetimeAutosar` query "cpp/autosar/object-accessed-after-lifetime-autosar" and - ruleId = "A3-8-1" + ruleId = "A3-8-1" and + category = "required" or query = // `Query` instance for the `assignmentOfEscapingAutoStorage` query @@ -53,7 +57,8 @@ predicate isFreedQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `assignmentOfEscapingAutoStorage` query "cpp/autosar/assignment-of-escaping-auto-storage" and - ruleId = "M7-5-2" + ruleId = "M7-5-2" and + category = "required" or query = // `Query` instance for the `doNotDeleteAnArrayThroughAPointerOfTheIncorrectType` query @@ -61,7 +66,8 @@ predicate isFreedQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `doNotDeleteAnArrayThroughAPointerOfTheIncorrectType` query "cpp/cert/do-not-delete-an-array-through-a-pointer-of-the-incorrect-type" and - ruleId = "EXP51-CPP" + ruleId = "EXP51-CPP" and + category = "rule" or query = // `Query` instance for the `objectAccessedBeforeLifetimeCert` query @@ -69,7 +75,8 @@ predicate isFreedQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `objectAccessedBeforeLifetimeCert` query "cpp/cert/object-accessed-before-lifetime-cert" and - ruleId = "EXP54-CPP" + ruleId = "EXP54-CPP" and + category = "rule" or query = // `Query` instance for the `objectAccessedAfterLifetimeCert` query @@ -77,7 +84,8 @@ predicate isFreedQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `objectAccessedAfterLifetimeCert` query "cpp/cert/object-accessed-after-lifetime-cert" and - ruleId = "EXP54-CPP" + ruleId = "EXP54-CPP" and + category = "rule" or query = // `Query` instance for the `useAfterFree` query @@ -85,7 +93,8 @@ predicate isFreedQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `useAfterFree` query "cpp/cert/use-after-free" and - ruleId = "MEM50-CPP" + ruleId = "MEM50-CPP" and + category = "rule" } module FreedPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Functions.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Functions.qll index 73ef5a2ea3..c83fd189d8 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Functions.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Functions.qll @@ -19,14 +19,15 @@ newtype FunctionsQuery = TNonVoidFunctionDoesNotReturnCertQuery() or TFunctionNoReturnAttributeConditionCertQuery() -predicate isFunctionsQueryMetadata(Query query, string queryId, string ruleId) { +predicate isFunctionsQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `cStandardLibraryFunctionCalls` query FunctionsPackage::cStandardLibraryFunctionCallsQuery() and queryId = // `@id` for the `cStandardLibraryFunctionCalls` query "cpp/autosar/c-standard-library-function-calls" and - ruleId = "A17-1-1" + ruleId = "A17-1-1" and + category = "required" or query = // `Query` instance for the `trivialAccessorAndMutatorFunctionsNotInlined` query @@ -34,7 +35,8 @@ predicate isFunctionsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `trivialAccessorAndMutatorFunctionsNotInlined` query "cpp/autosar/trivial-accessor-and-mutator-functions-not-inlined" and - ruleId = "A3-1-6" + ruleId = "A3-1-6" and + category = "advisory" or query = // `Query` instance for the `invalidFunctionReturnType` query @@ -42,7 +44,8 @@ predicate isFunctionsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `invalidFunctionReturnType` query "cpp/autosar/invalid-function-return-type" and - ruleId = "A7-5-1" + ruleId = "A7-5-1" and + category = "required" or query = // `Query` instance for the `recursiveFunctions` query @@ -50,7 +53,8 @@ predicate isFunctionsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `recursiveFunctions` query "cpp/autosar/recursive-functions" and - ruleId = "A7-5-2" + ruleId = "A7-5-2" and + category = "required" or query = // `Query` instance for the `functionNoReturnAttributeConditionAutosar` query @@ -58,7 +62,8 @@ predicate isFunctionsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `functionNoReturnAttributeConditionAutosar` query "cpp/autosar/function-no-return-attribute-condition-autosar" and - ruleId = "A7-6-1" + ruleId = "A7-6-1" and + category = "required" or query = // `Query` instance for the `nonVoidFunctionDoesNotReturnAutosar` query @@ -66,7 +71,8 @@ predicate isFunctionsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `nonVoidFunctionDoesNotReturnAutosar` query "cpp/autosar/non-void-function-does-not-return-autosar" and - ruleId = "A8-4-2" + ruleId = "A8-4-2" and + category = "required" or query = // `Query` instance for the `functionReturnMultipleValueCondition` query @@ -74,7 +80,8 @@ predicate isFunctionsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `functionReturnMultipleValueCondition` query "cpp/autosar/function-return-multiple-value-condition" and - ruleId = "A8-4-4" + ruleId = "A8-4-4" and + category = "advisory" or query = // `Query` instance for the `assmemblerInstructionsCondition` query @@ -82,7 +89,8 @@ predicate isFunctionsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `assmemblerInstructionsCondition` query "cpp/autosar/assmembler-instructions-condition" and - ruleId = "M7-4-2" + ruleId = "M7-4-2" and + category = "required" or query = // `Query` instance for the `assemblyLanguageCondition` query @@ -90,7 +98,8 @@ predicate isFunctionsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `assemblyLanguageCondition` query "cpp/autosar/assembly-language-condition" and - ruleId = "M7-4-3" + ruleId = "M7-4-3" and + category = "required" or query = // `Query` instance for the `functionReturnAutomaticVarCondition` query @@ -98,7 +107,8 @@ predicate isFunctionsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `functionReturnAutomaticVarCondition` query "cpp/autosar/function-return-automatic-var-condition" and - ruleId = "M7-5-1" + ruleId = "M7-5-1" and + category = "required" or query = // `Query` instance for the `functionIdentifierCondition` query @@ -106,7 +116,8 @@ predicate isFunctionsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `functionIdentifierCondition` query "cpp/autosar/function-identifier-condition" and - ruleId = "M8-4-4" + ruleId = "M8-4-4" and + category = "required" or query = // `Query` instance for the `functionWithMismatchedLanguageLinkage` query @@ -114,7 +125,8 @@ predicate isFunctionsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `functionWithMismatchedLanguageLinkage` query "cpp/cert/function-with-mismatched-language-linkage" and - ruleId = "EXP56-CPP" + ruleId = "EXP56-CPP" and + category = "rule" or query = // `Query` instance for the `nonVoidFunctionDoesNotReturnCert` query @@ -122,7 +134,8 @@ predicate isFunctionsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `nonVoidFunctionDoesNotReturnCert` query "cpp/cert/non-void-function-does-not-return-cert" and - ruleId = "MSC52-CPP" + ruleId = "MSC52-CPP" and + category = "rule" or query = // `Query` instance for the `functionNoReturnAttributeConditionCert` query @@ -130,7 +143,8 @@ predicate isFunctionsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `functionNoReturnAttributeConditionCert` query "cpp/cert/function-no-return-attribute-condition-cert" and - ruleId = "MSC53-CPP" + ruleId = "MSC53-CPP" and + category = "rule" } module FunctionsPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/IO.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/IO.qll index cefa031820..d8cadfc184 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/IO.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/IO.qll @@ -8,14 +8,15 @@ newtype IOQuery = TInterleavedInputOutputWithoutPositionQuery() or TCloseFilesWhenTheyAreNoLongerNeededQuery() -predicate isIOQueryMetadata(Query query, string queryId, string ruleId) { +predicate isIOQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `interleavedInputOutputWithoutFlush` query IOPackage::interleavedInputOutputWithoutFlushQuery() and queryId = // `@id` for the `interleavedInputOutputWithoutFlush` query "cpp/autosar/interleaved-input-output-without-flush" and - ruleId = "A27-0-3" + ruleId = "A27-0-3" and + category = "required" or query = // `Query` instance for the `interleavedInputOutputWithoutPosition` query @@ -23,7 +24,8 @@ predicate isIOQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `interleavedInputOutputWithoutPosition` query "cpp/cert/interleaved-input-output-without-position" and - ruleId = "FIO50-CPP" + ruleId = "FIO50-CPP" and + category = "rule" or query = // `Query` instance for the `closeFilesWhenTheyAreNoLongerNeeded` query @@ -31,7 +33,8 @@ predicate isIOQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `closeFilesWhenTheyAreNoLongerNeeded` query "cpp/cert/close-files-when-they-are-no-longer-needed" and - ruleId = "FIO51-CPP" + ruleId = "FIO51-CPP" and + category = "rule" } module IOPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Includes.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Includes.qll index f446959ac5..f4eb83bc3e 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Includes.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Includes.qll @@ -11,14 +11,15 @@ newtype IncludesQuery = TExternalLinkageNotDeclaredInHeaderFileQuery() or TIncludeGuardsNotProvidedQuery() -predicate isIncludesQueryMetadata(Query query, string queryId, string ruleId) { +predicate isIncludesQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `unusedIncludeDirectives` query IncludesPackage::unusedIncludeDirectivesQuery() and queryId = // `@id` for the `unusedIncludeDirectives` query "cpp/autosar/unused-include-directives" and - ruleId = "A16-2-2" + ruleId = "A16-2-2" and + category = "required" or query = // `Query` instance for the `violationsOfOneDefinitionRule` query @@ -26,7 +27,8 @@ predicate isIncludesQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `violationsOfOneDefinitionRule` query "cpp/autosar/violations-of-one-definition-rule" and - ruleId = "A3-1-1" + ruleId = "A3-1-1" and + category = "required" or query = // `Query` instance for the `headerFileExpectedFileNameExtension` query @@ -34,7 +36,8 @@ predicate isIncludesQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `headerFileExpectedFileNameExtension` query "cpp/autosar/header-file-expected-file-name-extension" and - ruleId = "A3-1-2" + ruleId = "A3-1-2" and + category = "required" or query = // `Query` instance for the `fileNameExtensionCpp` query @@ -42,7 +45,8 @@ predicate isIncludesQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `fileNameExtensionCpp` query "cpp/autosar/file-name-extension-cpp" and - ruleId = "A3-1-3" + ruleId = "A3-1-3" and + category = "advisory" or query = // `Query` instance for the `externalLinkageNotDeclaredInHeaderFile` query @@ -50,7 +54,8 @@ predicate isIncludesQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `externalLinkageNotDeclaredInHeaderFile` query "cpp/autosar/external-linkage-not-declared-in-header-file" and - ruleId = "A3-3-1" + ruleId = "A3-3-1" and + category = "required" or query = // `Query` instance for the `includeGuardsNotProvided` query @@ -58,7 +63,8 @@ predicate isIncludesQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `includeGuardsNotProvided` query "cpp/autosar/include-guards-not-provided" and - ruleId = "M16-2-3" + ruleId = "M16-2-3" and + category = "required" } module IncludesPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Inheritance.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Inheritance.qll index fe8ae3f155..a3775b87d6 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Inheritance.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Inheritance.qll @@ -18,14 +18,15 @@ newtype InheritanceQuery = TDoNotSliceDerivedObjectsQuery() or TDoNotDeleteAPolymorphicObjectWithoutAVirtualDestructorQuery() -predicate isInheritanceQueryMetadata(Query query, string queryId, string ruleId) { +predicate isInheritanceQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `publicInheritanceNotUsedForIsARelationship` query InheritancePackage::publicInheritanceNotUsedForIsARelationshipQuery() and queryId = // `@id` for the `publicInheritanceNotUsedForIsARelationship` query "cpp/autosar/public-inheritance-not-used-for-is-a-relationship" and - ruleId = "A10-0-1" + ruleId = "A10-0-1" and + category = "required" or query = // `Query` instance for the `nonPublicInheritanceNotUsedForHasARelationship` query @@ -33,7 +34,8 @@ predicate isInheritanceQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `nonPublicInheritanceNotUsedForHasARelationship` query "cpp/autosar/non-public-inheritance-not-used-for-has-a-relationship" and - ruleId = "A10-0-2" + ruleId = "A10-0-2" and + category = "required" or query = // `Query` instance for the `classDerivedFromMoreThanOneNonInterfaceBaseClass` query @@ -41,7 +43,8 @@ predicate isInheritanceQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `classDerivedFromMoreThanOneNonInterfaceBaseClass` query "cpp/autosar/class-derived-from-more-than-one-non-interface-base-class" and - ruleId = "A10-1-1" + ruleId = "A10-1-1" and + category = "required" or query = // `Query` instance for the `hierarchiesShouldBeBasedOnInterfaceClasses` query @@ -49,7 +52,8 @@ predicate isInheritanceQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `hierarchiesShouldBeBasedOnInterfaceClasses` query "cpp/autosar/hierarchies-should-be-based-on-interface-classes" and - ruleId = "A10-4-1" + ruleId = "A10-4-1" and + category = "advisory" or query = // `Query` instance for the `classesShouldNotBeDerivedFromVirtualBases` query @@ -57,7 +61,8 @@ predicate isInheritanceQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `classesShouldNotBeDerivedFromVirtualBases` query "cpp/autosar/classes-should-not-be-derived-from-virtual-bases" and - ruleId = "M10-1-1" + ruleId = "M10-1-1" and + category = "advisory" or query = // `Query` instance for the `baseClassCanBeVirtualOnlyInDiamondHierarchy` query @@ -65,7 +70,8 @@ predicate isInheritanceQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `baseClassCanBeVirtualOnlyInDiamondHierarchy` query "cpp/autosar/base-class-can-be-virtual-only-in-diamond-hierarchy" and - ruleId = "M10-1-2" + ruleId = "M10-1-2" and + category = "required" or query = // `Query` instance for the `accessibleBaseClassBothVirtualAndNonVirtualInHierarchy` query @@ -73,7 +79,8 @@ predicate isInheritanceQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `accessibleBaseClassBothVirtualAndNonVirtualInHierarchy` query "cpp/autosar/accessible-base-class-both-virtual-and-non-virtual-in-hierarchy" and - ruleId = "M10-1-3" + ruleId = "M10-1-3" and + category = "required" or query = // `Query` instance for the `uniqueAccessibleEntityNamesInMultipleInheritance` query @@ -81,7 +88,8 @@ predicate isInheritanceQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `uniqueAccessibleEntityNamesInMultipleInheritance` query "cpp/autosar/unique-accessible-entity-names-in-multiple-inheritance" and - ruleId = "M10-2-1" + ruleId = "M10-2-1" and + category = "advisory" or query = // `Query` instance for the `dynamicTypeOfThisUsedFromConstructorOrDestructor` query @@ -89,7 +97,8 @@ predicate isInheritanceQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `dynamicTypeOfThisUsedFromConstructorOrDestructor` query "cpp/autosar/dynamic-type-of-this-used-from-constructor-or-destructor" and - ruleId = "M12-1-1" + ruleId = "M12-1-1" and + category = "required" or query = // `Query` instance for the `downcastingShouldNotBePerformedOnPolymorphicTypes` query @@ -97,7 +106,8 @@ predicate isInheritanceQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `downcastingShouldNotBePerformedOnPolymorphicTypes` query "cpp/autosar/downcasting-should-not-be-performed-on-polymorphic-types" and - ruleId = "M5-2-3" + ruleId = "M5-2-3" and + category = "advisory" or query = // `Query` instance for the `doNotInvokeVirtualFunctionsFromConstructorsOrDestructors` query @@ -105,7 +115,8 @@ predicate isInheritanceQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `doNotInvokeVirtualFunctionsFromConstructorsOrDestructors` query "cpp/cert/do-not-invoke-virtual-functions-from-constructors-or-destructors" and - ruleId = "OOP50-CPP" + ruleId = "OOP50-CPP" and + category = "rule" or query = // `Query` instance for the `doNotSliceDerivedObjects` query @@ -113,7 +124,8 @@ predicate isInheritanceQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `doNotSliceDerivedObjects` query "cpp/cert/do-not-slice-derived-objects" and - ruleId = "OOP51-CPP" + ruleId = "OOP51-CPP" and + category = "rule" or query = // `Query` instance for the `doNotDeleteAPolymorphicObjectWithoutAVirtualDestructor` query @@ -121,7 +133,8 @@ predicate isInheritanceQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `doNotDeleteAPolymorphicObjectWithoutAVirtualDestructor` query "cpp/cert/do-not-delete-a-polymorphic-object-without-a-virtual-destructor" and - ruleId = "OOP52-CPP" + ruleId = "OOP52-CPP" and + category = "rule" } module InheritancePackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Initialization.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Initialization.qll index 45ce339b25..6c8d0f5258 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Initialization.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Initialization.qll @@ -26,14 +26,15 @@ newtype InitializationQuery = TBadlySeededRandomNumberGeneratorQuery() or TUseCanonicalOrderForMemberInitQuery() -predicate isInitializationQueryMetadata(Query query, string queryId, string ruleId) { +predicate isInitializationQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `explicitConstructorBaseClassInitialization` query InitializationPackage::explicitConstructorBaseClassInitializationQuery() and queryId = // `@id` for the `explicitConstructorBaseClassInitialization` query "cpp/autosar/explicit-constructor-base-class-initialization" and - ruleId = "A12-1-1" + ruleId = "A12-1-1" and + category = "required" or query = // `Query` instance for the `nonStaticMemberMultipleInit` query @@ -41,7 +42,8 @@ predicate isInitializationQueryMetadata(Query query, string queryId, string rule queryId = // `@id` for the `nonStaticMemberMultipleInit` query "cpp/autosar/non-static-member-multiple-init" and - ruleId = "A12-1-2" + ruleId = "A12-1-2" and + category = "required" or query = // `Query` instance for the `missedNSDMIOpportunity` query @@ -49,7 +51,8 @@ predicate isInitializationQueryMetadata(Query query, string queryId, string rule queryId = // `@id` for the `missedNSDMIOpportunity` query "cpp/autosar/missed-nsdmi-opportunity" and - ruleId = "A12-1-3" + ruleId = "A12-1-3" and + category = "required" or query = // `Query` instance for the `constructorWithFundamentalArgMissingExplicit` query @@ -57,7 +60,8 @@ predicate isInitializationQueryMetadata(Query query, string queryId, string rule queryId = // `@id` for the `constructorWithFundamentalArgMissingExplicit` query "cpp/autosar/constructor-with-fundamental-arg-missing-explicit" and - ruleId = "A12-1-4" + ruleId = "A12-1-4" and + category = "required" or query = // `Query` instance for the `avoidDuplicationInConstructors` query @@ -65,7 +69,8 @@ predicate isInitializationQueryMetadata(Query query, string queryId, string rule queryId = // `@id` for the `avoidDuplicationInConstructors` query "cpp/autosar/avoid-duplication-in-constructors" and - ruleId = "A12-1-5" + ruleId = "A12-1-5" and + category = "required" or query = // `Query` instance for the `useInheritingConstructors` query @@ -73,7 +78,8 @@ predicate isInitializationQueryMetadata(Query query, string queryId, string rule queryId = // `@id` for the `useInheritingConstructors` query "cpp/autosar/use-inheriting-constructors" and - ruleId = "A12-1-6" + ruleId = "A12-1-6" and + category = "required" or query = // `Query` instance for the `moveConstructorUsesCopySemantics` query @@ -81,7 +87,8 @@ predicate isInitializationQueryMetadata(Query query, string queryId, string rule queryId = // `@id` for the `moveConstructorUsesCopySemantics` query "cpp/autosar/move-constructor-uses-copy-semantics" and - ruleId = "A12-8-4" + ruleId = "A12-8-4" and + category = "required" or query = // `Query` instance for the `randomNumberEnginesDefaultInitialized` query @@ -89,7 +96,8 @@ predicate isInitializationQueryMetadata(Query query, string queryId, string rule queryId = // `@id` for the `randomNumberEnginesDefaultInitialized` query "cpp/autosar/random-number-engines-default-initialized" and - ruleId = "A26-5-2" + ruleId = "A26-5-2" and + category = "required" or query = // `Query` instance for the `staticOrThreadLocalObjectsNonConstantInit` query @@ -97,7 +105,8 @@ predicate isInitializationQueryMetadata(Query query, string queryId, string rule queryId = // `@id` for the `staticOrThreadLocalObjectsNonConstantInit` query "cpp/autosar/static-or-thread-local-objects-non-constant-init" and - ruleId = "A3-3-2" + ruleId = "A3-3-2" and + category = "required" or query = // `Query` instance for the `initializationListOutOfOrder` query @@ -105,7 +114,8 @@ predicate isInitializationQueryMetadata(Query query, string queryId, string rule queryId = // `@id` for the `initializationListOutOfOrder` query "cpp/autosar/initialization-list-out-of-order" and - ruleId = "A8-5-1" + ruleId = "A8-5-1" and + category = "required" or query = // `Query` instance for the `useBracedVariableInitialization` query @@ -113,7 +123,8 @@ predicate isInitializationQueryMetadata(Query query, string queryId, string rule queryId = // `@id` for the `useBracedVariableInitialization` query "cpp/autosar/use-braced-variable-initialization" and - ruleId = "A8-5-2" + ruleId = "A8-5-2" and + category = "required" or query = // `Query` instance for the `avoidAutoWithBracedInitialization` query @@ -121,7 +132,8 @@ predicate isInitializationQueryMetadata(Query query, string queryId, string rule queryId = // `@id` for the `avoidAutoWithBracedInitialization` query "cpp/autosar/avoid-auto-with-braced-initialization" and - ruleId = "A8-5-3" + ruleId = "A8-5-3" and + category = "required" or query = // `Query` instance for the `confusingUseOfInitializerListConstructors` query @@ -129,7 +141,8 @@ predicate isInitializationQueryMetadata(Query query, string queryId, string rule queryId = // `@id` for the `confusingUseOfInitializerListConstructors` query "cpp/autosar/confusing-use-of-initializer-list-constructors" and - ruleId = "A8-5-4" + ruleId = "A8-5-4" and + category = "advisory" or query = // `Query` instance for the `multipleLocalDeclarators` query @@ -137,7 +150,8 @@ predicate isInitializationQueryMetadata(Query query, string queryId, string rule queryId = // `@id` for the `multipleLocalDeclarators` query "cpp/autosar/multiple-local-declarators" and - ruleId = "M8-0-1" + ruleId = "M8-0-1" and + category = "required" or query = // `Query` instance for the `multipleGlobalOrMemberDeclarators` query @@ -145,7 +159,8 @@ predicate isInitializationQueryMetadata(Query query, string queryId, string rule queryId = // `@id` for the `multipleGlobalOrMemberDeclarators` query "cpp/autosar/multiple-global-or-member-declarators" and - ruleId = "M8-0-1" + ruleId = "M8-0-1" and + category = "required" or query = // `Query` instance for the `useInitBracesToMatchTypeStructure` query @@ -153,7 +168,8 @@ predicate isInitializationQueryMetadata(Query query, string queryId, string rule queryId = // `@id` for the `useInitBracesToMatchTypeStructure` query "cpp/autosar/use-init-braces-to-match-type-structure" and - ruleId = "M8-5-2" + ruleId = "M8-5-2" and + category = "required" or query = // `Query` instance for the `missingExplicitInitializers` query @@ -161,7 +177,8 @@ predicate isInitializationQueryMetadata(Query query, string queryId, string rule queryId = // `@id` for the `missingExplicitInitializers` query "cpp/autosar/missing-explicit-initializers" and - ruleId = "M8-5-2" + ruleId = "M8-5-2" and + category = "required" or query = // `Query` instance for the `nestedZeroValueInitialization` query @@ -169,7 +186,8 @@ predicate isInitializationQueryMetadata(Query query, string queryId, string rule queryId = // `@id` for the `nestedZeroValueInitialization` query "cpp/autosar/nested-zero-value-initialization" and - ruleId = "M8-5-2" + ruleId = "M8-5-2" and + category = "required" or query = // `Query` instance for the `cyclesDuringStaticObjectInit` query @@ -177,7 +195,8 @@ predicate isInitializationQueryMetadata(Query query, string queryId, string rule queryId = // `@id` for the `cyclesDuringStaticObjectInit` query "cpp/cert/cycles-during-static-object-init" and - ruleId = "DCL56-CPP" + ruleId = "DCL56-CPP" and + category = "rule" or query = // `Query` instance for the `badlySeededRandomNumberGenerator` query @@ -185,7 +204,8 @@ predicate isInitializationQueryMetadata(Query query, string queryId, string rule queryId = // `@id` for the `badlySeededRandomNumberGenerator` query "cpp/cert/badly-seeded-random-number-generator" and - ruleId = "MSC51-CPP" + ruleId = "MSC51-CPP" and + category = "rule" or query = // `Query` instance for the `useCanonicalOrderForMemberInit` query @@ -193,7 +213,8 @@ predicate isInitializationQueryMetadata(Query query, string queryId, string rule queryId = // `@id` for the `useCanonicalOrderForMemberInit` query "cpp/cert/use-canonical-order-for-member-init" and - ruleId = "OOP53-CPP" + ruleId = "OOP53-CPP" and + category = "rule" } module InitializationPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/IntegerConversion.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/IntegerConversion.qll index 2387f7f4c4..522ddbe31c 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/IntegerConversion.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/IntegerConversion.qll @@ -15,14 +15,15 @@ newtype IntegerConversionQuery = TExplicitWideningConversionOfACValueExprQuery() or TExplicitSignednessConversionOfCValueQuery() -predicate isIntegerConversionQueryMetadata(Query query, string queryId, string ruleId) { +predicate isIntegerConversionQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `integerExpressionLeadToDataLoss` query IntegerConversionPackage::integerExpressionLeadToDataLossQuery() and queryId = // `@id` for the `integerExpressionLeadToDataLoss` query "cpp/autosar/integer-expression-lead-to-data-loss" and - ruleId = "A4-7-1" + ruleId = "A4-7-1" and + category = "required" or query = // `Query` instance for the `intMultToLong` query @@ -30,7 +31,8 @@ predicate isIntegerConversionQueryMetadata(Query query, string queryId, string r queryId = // `@id` for the `intMultToLong` query "cpp/autosar/int-mult-to-long" and - ruleId = "A4-7-1" + ruleId = "A4-7-1" and + category = "required" or query = // `Query` instance for the `implicitChangeOfTheSignednessOfTheUnderlyingType` query @@ -38,7 +40,8 @@ predicate isIntegerConversionQueryMetadata(Query query, string queryId, string r queryId = // `@id` for the `implicitChangeOfTheSignednessOfTheUnderlyingType` query "cpp/autosar/implicit-change-of-the-signedness-of-the-underlying-type" and - ruleId = "M5-0-4" + ruleId = "M5-0-4" and + category = "required" or query = // `Query` instance for the `implicitNonConstFloatingIntegralConversion` query @@ -46,7 +49,8 @@ predicate isIntegerConversionQueryMetadata(Query query, string queryId, string r queryId = // `@id` for the `implicitNonConstFloatingIntegralConversion` query "cpp/autosar/implicit-non-const-floating-integral-conversion" and - ruleId = "M5-0-5" + ruleId = "M5-0-5" and + category = "required" or query = // `Query` instance for the `implicitConstFloatingIntegralConversion` query @@ -54,7 +58,8 @@ predicate isIntegerConversionQueryMetadata(Query query, string queryId, string r queryId = // `@id` for the `implicitConstFloatingIntegralConversion` query "cpp/autosar/implicit-const-floating-integral-conversion" and - ruleId = "M5-0-5" + ruleId = "M5-0-5" and + category = "required" or query = // `Query` instance for the `implicitNonConstConversionToSmallerUnderlyingType` query @@ -62,7 +67,8 @@ predicate isIntegerConversionQueryMetadata(Query query, string queryId, string r queryId = // `@id` for the `implicitNonConstConversionToSmallerUnderlyingType` query "cpp/autosar/implicit-non-const-conversion-to-smaller-underlying-type" and - ruleId = "M5-0-6" + ruleId = "M5-0-6" and + category = "required" or query = // `Query` instance for the `implicitConstConversionToSmallerUnderlyingType` query @@ -70,7 +76,8 @@ predicate isIntegerConversionQueryMetadata(Query query, string queryId, string r queryId = // `@id` for the `implicitConstConversionToSmallerUnderlyingType` query "cpp/autosar/implicit-const-conversion-to-smaller-underlying-type" and - ruleId = "M5-0-6" + ruleId = "M5-0-6" and + category = "required" or query = // `Query` instance for the `explicitFloatingIntegralConversionOfACValueExpr` query @@ -78,7 +85,8 @@ predicate isIntegerConversionQueryMetadata(Query query, string queryId, string r queryId = // `@id` for the `explicitFloatingIntegralConversionOfACValueExpr` query "cpp/autosar/explicit-floating-integral-conversion-of-ac-value-expr" and - ruleId = "M5-0-7" + ruleId = "M5-0-7" and + category = "required" or query = // `Query` instance for the `explicitWideningConversionOfACValueExpr` query @@ -86,7 +94,8 @@ predicate isIntegerConversionQueryMetadata(Query query, string queryId, string r queryId = // `@id` for the `explicitWideningConversionOfACValueExpr` query "cpp/autosar/explicit-widening-conversion-of-ac-value-expr" and - ruleId = "M5-0-8" + ruleId = "M5-0-8" and + category = "required" or query = // `Query` instance for the `explicitSignednessConversionOfCValue` query @@ -94,7 +103,8 @@ predicate isIntegerConversionQueryMetadata(Query query, string queryId, string r queryId = // `@id` for the `explicitSignednessConversionOfCValue` query "cpp/autosar/explicit-signedness-conversion-of-c-value" and - ruleId = "M5-0-9" + ruleId = "M5-0-9" and + category = "required" } module IntegerConversionPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Invariants.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Invariants.qll index a084dfcdf8..7633df480a 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Invariants.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Invariants.qll @@ -11,14 +11,15 @@ newtype InvariantsQuery = THonorTerminationReplacementHandlerRequirementsQuery() or THonorNewReplacementHandlerRequirementsQuery() -predicate isInvariantsQueryMetadata(Query query, string queryId, string ruleId) { +predicate isInvariantsQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `memoryManagementFunctionInvariants` query InvariantsPackage::memoryManagementFunctionInvariantsQuery() and queryId = // `@id` for the `memoryManagementFunctionInvariants` query "cpp/autosar/memory-management-function-invariants" and - ruleId = "A18-5-5" + ruleId = "A18-5-5" and + category = "required" or query = // `Query` instance for the `orderingPredicatesInvariants` query @@ -26,7 +27,8 @@ predicate isInvariantsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `orderingPredicatesInvariants` query "cpp/autosar/ordering-predicates-invariants" and - ruleId = "A25-4-1" + ruleId = "A25-4-1" and + category = "required" or query = // `Query` instance for the `provideAValidOrderingPredicate` query @@ -34,7 +36,8 @@ predicate isInvariantsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `provideAValidOrderingPredicate` query "cpp/cert/provide-a-valid-ordering-predicate" and - ruleId = "CTR57-CPP" + ruleId = "CTR57-CPP" and + category = "rule" or query = // `Query` instance for the `signalHandlerMustBeAPlainOldFunction` query @@ -42,7 +45,8 @@ predicate isInvariantsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `signalHandlerMustBeAPlainOldFunction` query "cpp/cert/signal-handler-must-be-a-plain-old-function" and - ruleId = "MSC54-CPP" + ruleId = "MSC54-CPP" and + category = "rule" or query = // `Query` instance for the `honorTerminationReplacementHandlerRequirements` query @@ -50,7 +54,8 @@ predicate isInvariantsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `honorTerminationReplacementHandlerRequirements` query "cpp/cert/honor-termination-replacement-handler-requirements" and - ruleId = "OOP56-CPP" + ruleId = "OOP56-CPP" and + category = "rule" or query = // `Query` instance for the `honorNewReplacementHandlerRequirements` query @@ -58,7 +63,8 @@ predicate isInvariantsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `honorNewReplacementHandlerRequirements` query "cpp/cert/honor-new-replacement-handler-requirements" and - ruleId = "OOP56-CPP" + ruleId = "OOP56-CPP" and + category = "rule" } module InvariantsPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Iterators.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Iterators.qll index 619e955fd4..5dac989603 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Iterators.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Iterators.qll @@ -12,14 +12,15 @@ newtype IteratorsQuery = TDoNotUseAnAdditiveOperatorOnAnIteratorQuery() or TUseValidReferencesForElementsOfStringQuery() -predicate isIteratorsQueryMetadata(Query query, string queryId, string ruleId) { +predicate isIteratorsQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `iteratorImplicitlyConvertedToConstIterator` query IteratorsPackage::iteratorImplicitlyConvertedToConstIteratorQuery() and queryId = // `@id` for the `iteratorImplicitlyConvertedToConstIterator` query "cpp/autosar/iterator-implicitly-converted-to-const-iterator" and - ruleId = "A23-0-1" + ruleId = "A23-0-1" and + category = "required" or query = // `Query` instance for the `validContainerElementAccess` query @@ -27,7 +28,8 @@ predicate isIteratorsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `validContainerElementAccess` query "cpp/autosar/valid-container-element-access" and - ruleId = "A23-0-2" + ruleId = "A23-0-2" and + category = "required" or query = // `Query` instance for the `usesValidContainerElementAccess` query @@ -35,7 +37,8 @@ predicate isIteratorsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `usesValidContainerElementAccess` query "cpp/cert/uses-valid-container-element-access" and - ruleId = "CTR51-CPP" + ruleId = "CTR51-CPP" and + category = "rule" or query = // `Query` instance for the `useValidIteratorRanges` query @@ -43,7 +46,8 @@ predicate isIteratorsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `useValidIteratorRanges` query "cpp/cert/use-valid-iterator-ranges" and - ruleId = "CTR53-CPP" + ruleId = "CTR53-CPP" and + category = "rule" or query = // `Query` instance for the `doNotSubtractIteratorsForDifferentContainers` query @@ -51,7 +55,8 @@ predicate isIteratorsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `doNotSubtractIteratorsForDifferentContainers` query "cpp/cert/do-not-subtract-iterators-for-different-containers" and - ruleId = "CTR54-CPP" + ruleId = "CTR54-CPP" and + category = "rule" or query = // `Query` instance for the `doNotUseAnAdditiveOperatorOnAnIterator` query @@ -59,7 +64,8 @@ predicate isIteratorsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `doNotUseAnAdditiveOperatorOnAnIterator` query "cpp/cert/do-not-use-an-additive-operator-on-an-iterator" and - ruleId = "CTR55-CPP" + ruleId = "CTR55-CPP" and + category = "rule" or query = // `Query` instance for the `useValidReferencesForElementsOfString` query @@ -67,7 +73,8 @@ predicate isIteratorsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `useValidReferencesForElementsOfString` query "cpp/cert/use-valid-references-for-elements-of-string" and - ruleId = "STR52-CPP" + ruleId = "STR52-CPP" and + category = "rule" } module IteratorsPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Lambdas.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Lambdas.qll index 7d51a5022d..279b39ba9b 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Lambdas.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Lambdas.qll @@ -16,14 +16,15 @@ newtype LambdasQuery = TReturningLambdaObjectWithCaptureByReferenceQuery() or TEscapingLambdaObjectWithCaptureByReferenceQuery() -predicate isLambdasQueryMetadata(Query query, string queryId, string ruleId) { +predicate isLambdasQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `implicitLambdaCapture` query LambdasPackage::implicitLambdaCaptureQuery() and queryId = // `@id` for the `implicitLambdaCapture` query "cpp/autosar/implicit-lambda-capture" and - ruleId = "A5-1-2" + ruleId = "A5-1-2" and + category = "required" or query = // `Query` instance for the `lambdaExpressionWithoutParameterList` query @@ -31,7 +32,8 @@ predicate isLambdasQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `lambdaExpressionWithoutParameterList` query "cpp/autosar/lambda-expression-without-parameter-list" and - ruleId = "A5-1-3" + ruleId = "A5-1-3" and + category = "required" or query = // `Query` instance for the `returnedLambdaObjectOutlivesCaptureByReference` query @@ -39,7 +41,8 @@ predicate isLambdasQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `returnedLambdaObjectOutlivesCaptureByReference` query "cpp/autosar/returned-lambda-object-outlives-capture-by-reference" and - ruleId = "A5-1-4" + ruleId = "A5-1-4" and + category = "required" or query = // `Query` instance for the `movedLambdaObjectOutlivesCaptureByReference` query @@ -47,7 +50,8 @@ predicate isLambdasQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `movedLambdaObjectOutlivesCaptureByReference` query "cpp/autosar/moved-lambda-object-outlives-capture-by-reference" and - ruleId = "A5-1-4" + ruleId = "A5-1-4" and + category = "required" or query = // `Query` instance for the `lambdaWithImplicitNonVoidReturnType` query @@ -55,7 +59,8 @@ predicate isLambdasQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `lambdaWithImplicitNonVoidReturnType` query "cpp/autosar/lambda-with-implicit-non-void-return-type" and - ruleId = "A5-1-6" + ruleId = "A5-1-6" and + category = "advisory" or query = // `Query` instance for the `lambdaPassedToDecltype` query @@ -63,7 +68,8 @@ predicate isLambdasQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `lambdaPassedToDecltype` query "cpp/autosar/lambda-passed-to-decltype" and - ruleId = "A5-1-7" + ruleId = "A5-1-7" and + category = "required" or query = // `Query` instance for the `lambdaPassedToTypeid` query @@ -71,7 +77,8 @@ predicate isLambdasQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `lambdaPassedToTypeid` query "cpp/autosar/lambda-passed-to-typeid" and - ruleId = "A5-1-7" + ruleId = "A5-1-7" and + category = "required" or query = // `Query` instance for the `lambdaExpressionInLambdaExpression` query @@ -79,7 +86,8 @@ predicate isLambdasQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `lambdaExpressionInLambdaExpression` query "cpp/autosar/lambda-expression-in-lambda-expression" and - ruleId = "A5-1-8" + ruleId = "A5-1-8" and + category = "advisory" or query = // `Query` instance for the `identicalLambdaExpressions` query @@ -87,7 +95,8 @@ predicate isLambdasQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `identicalLambdaExpressions` query "cpp/autosar/identical-lambda-expressions" and - ruleId = "A5-1-9" + ruleId = "A5-1-9" and + category = "advisory" or query = // `Query` instance for the `returningLambdaObjectWithCaptureByReference` query @@ -95,7 +104,8 @@ predicate isLambdasQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `returningLambdaObjectWithCaptureByReference` query "cpp/cert/returning-lambda-object-with-capture-by-reference" and - ruleId = "EXP61-CPP" + ruleId = "EXP61-CPP" and + category = "rule" or query = // `Query` instance for the `escapingLambdaObjectWithCaptureByReference` query @@ -103,7 +113,8 @@ predicate isLambdasQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `escapingLambdaObjectWithCaptureByReference` query "cpp/cert/escaping-lambda-object-with-capture-by-reference" and - ruleId = "EXP61-CPP" + ruleId = "EXP61-CPP" and + category = "rule" } module LambdasPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Literals.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Literals.qll index 1413b0a6fc..16befefd32 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Literals.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Literals.qll @@ -16,14 +16,15 @@ newtype LiteralsQuery = TNullUsedAsIntegerValueQuery() or TLiteralZeroUsedAsNullPointerConstantQuery() -predicate isLiteralsQueryMetadata(Query query, string queryId, string ruleId) { +predicate isLiteralsQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `useCorrectIntervalForDigitSequencesSeparators` query LiteralsPackage::useCorrectIntervalForDigitSequencesSeparatorsQuery() and queryId = // `@id` for the `useCorrectIntervalForDigitSequencesSeparators` query "cpp/autosar/use-correct-interval-for-digit-sequences-separators" and - ruleId = "A13-6-1" + ruleId = "A13-6-1" and + category = "required" or query = // `Query` instance for the `escapeSequenceOutsideISO` query @@ -31,7 +32,8 @@ predicate isLiteralsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `escapeSequenceOutsideISO` query "cpp/autosar/escape-sequence-outside-iso" and - ruleId = "A2-13-1" + ruleId = "A2-13-1" and + category = "required" or query = // `Query` instance for the `hexadecimalConstantsShouldBeUpperCase` query @@ -39,7 +41,8 @@ predicate isLiteralsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `hexadecimalConstantsShouldBeUpperCase` query "cpp/autosar/hexadecimal-constants-should-be-upper-case" and - ruleId = "A2-13-5" + ruleId = "A2-13-5" and + category = "advisory" or query = // `Query` instance for the `nullPointerConstantNotNullptr` query @@ -47,7 +50,8 @@ predicate isLiteralsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `nullPointerConstantNotNullptr` query "cpp/autosar/null-pointer-constant-not-nullptr" and - ruleId = "A4-10-1" + ruleId = "A4-10-1" and + category = "required" or query = // `Query` instance for the `literalValueUsedOutsideTypeInit` query @@ -55,7 +59,8 @@ predicate isLiteralsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `literalValueUsedOutsideTypeInit` query "cpp/autosar/literal-value-used-outside-type-init" and - ruleId = "A5-1-1" + ruleId = "A5-1-1" and + category = "required" or query = // `Query` instance for the `useOfNonZeroOctalLiteral` query @@ -63,7 +68,8 @@ predicate isLiteralsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `useOfNonZeroOctalLiteral` query "cpp/autosar/use-of-non-zero-octal-literal" and - ruleId = "M2-13-2" + ruleId = "M2-13-2" and + category = "required" or query = // `Query` instance for the `useOfNonZeroOctalEscape` query @@ -71,7 +77,8 @@ predicate isLiteralsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `useOfNonZeroOctalEscape` query "cpp/autosar/use-of-non-zero-octal-escape" and - ruleId = "M2-13-2" + ruleId = "M2-13-2" and + category = "required" or query = // `Query` instance for the `missingUSuffix` query @@ -79,7 +86,8 @@ predicate isLiteralsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `missingUSuffix` query "cpp/autosar/missing-u-suffix" and - ruleId = "M2-13-3" + ruleId = "M2-13-3" and + category = "required" or query = // `Query` instance for the `literalSuffixNotUpperCase` query @@ -87,7 +95,8 @@ predicate isLiteralsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `literalSuffixNotUpperCase` query "cpp/autosar/literal-suffix-not-upper-case" and - ruleId = "M2-13-4" + ruleId = "M2-13-4" and + category = "required" or query = // `Query` instance for the `nullUsedAsIntegerValue` query @@ -95,7 +104,8 @@ predicate isLiteralsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `nullUsedAsIntegerValue` query "cpp/autosar/null-used-as-integer-value" and - ruleId = "M4-10-1" + ruleId = "M4-10-1" and + category = "required" or query = // `Query` instance for the `literalZeroUsedAsNullPointerConstant` query @@ -103,7 +113,8 @@ predicate isLiteralsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `literalZeroUsedAsNullPointerConstant` query "cpp/autosar/literal-zero-used-as-null-pointer-constant" and - ruleId = "M4-10-2" + ruleId = "M4-10-2" and + category = "required" } module LiteralsPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Loops.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Loops.qll index 65286eed6f..9d9b99989a 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Loops.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Loops.qll @@ -18,14 +18,15 @@ newtype LoopsQuery = TLoopControlVariableModifiedInLoopExpressionQuery() or TNonBooleanLoopControlVariableQuery() -predicate isLoopsQueryMetadata(Query query, string queryId, string ruleId) { +predicate isLoopsQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `unusedLoopCounterForContainerIteration` query LoopsPackage::unusedLoopCounterForContainerIterationQuery() and queryId = // `@id` for the `unusedLoopCounterForContainerIteration` query "cpp/autosar/unused-loop-counter-for-container-iteration" and - ruleId = "A6-5-1" + ruleId = "A6-5-1" and + category = "required" or query = // `Query` instance for the `multipleLoopCounters` query @@ -33,7 +34,8 @@ predicate isLoopsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `multipleLoopCounters` query "cpp/autosar/multiple-loop-counters" and - ruleId = "A6-5-2" + ruleId = "A6-5-2" and + category = "required" or query = // `Query` instance for the `floatingPointLoopCounter` query @@ -41,7 +43,8 @@ predicate isLoopsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `floatingPointLoopCounter` query "cpp/autosar/floating-point-loop-counter" and - ruleId = "A6-5-2" + ruleId = "A6-5-2" and + category = "required" or query = // `Query` instance for the `doStatementsShouldNotBeUsed` query @@ -49,7 +52,8 @@ predicate isLoopsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `doStatementsShouldNotBeUsed` query "cpp/autosar/do-statements-should-not-be-used" and - ruleId = "A6-5-3" + ruleId = "A6-5-3" and + category = "advisory" or query = // `Query` instance for the `forLoopInitializesNonLoopCounter` query @@ -57,7 +61,8 @@ predicate isLoopsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `forLoopInitializesNonLoopCounter` query "cpp/autosar/for-loop-initializes-non-loop-counter" and - ruleId = "A6-5-4" + ruleId = "A6-5-4" and + category = "advisory" or query = // `Query` instance for the `forLoopModifiesNonLoopCounter` query @@ -65,7 +70,8 @@ predicate isLoopsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `forLoopModifiesNonLoopCounter` query "cpp/autosar/for-loop-modifies-non-loop-counter" and - ruleId = "A6-5-4" + ruleId = "A6-5-4" and + category = "advisory" or query = // `Query` instance for the `notEqualsInLoopCondition` query @@ -73,7 +79,8 @@ predicate isLoopsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `notEqualsInLoopCondition` query "cpp/autosar/not-equals-in-loop-condition" and - ruleId = "M6-5-2" + ruleId = "M6-5-2" and + category = "required" or query = // `Query` instance for the `loopCounterModifiedWithinCondition` query @@ -81,7 +88,8 @@ predicate isLoopsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `loopCounterModifiedWithinCondition` query "cpp/autosar/loop-counter-modified-within-condition" and - ruleId = "M6-5-3" + ruleId = "M6-5-3" and + category = "required" or query = // `Query` instance for the `loopCounterModifiedWithinStatement` query @@ -89,7 +97,8 @@ predicate isLoopsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `loopCounterModifiedWithinStatement` query "cpp/autosar/loop-counter-modified-within-statement" and - ruleId = "M6-5-3" + ruleId = "M6-5-3" and + category = "required" or query = // `Query` instance for the `irregularLoopCounterModification` query @@ -97,7 +106,8 @@ predicate isLoopsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `irregularLoopCounterModification` query "cpp/autosar/irregular-loop-counter-modification" and - ruleId = "M6-5-4" + ruleId = "M6-5-4" and + category = "required" or query = // `Query` instance for the `loopControlVariableModifiedInLoopCondition` query @@ -105,7 +115,8 @@ predicate isLoopsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `loopControlVariableModifiedInLoopCondition` query "cpp/autosar/loop-control-variable-modified-in-loop-condition" and - ruleId = "M6-5-5" + ruleId = "M6-5-5" and + category = "required" or query = // `Query` instance for the `loopControlVariableModifiedInLoopExpression` query @@ -113,7 +124,8 @@ predicate isLoopsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `loopControlVariableModifiedInLoopExpression` query "cpp/autosar/loop-control-variable-modified-in-loop-expression" and - ruleId = "M6-5-5" + ruleId = "M6-5-5" and + category = "required" or query = // `Query` instance for the `nonBooleanLoopControlVariable` query @@ -121,7 +133,8 @@ predicate isLoopsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `nonBooleanLoopControlVariable` query "cpp/autosar/non-boolean-loop-control-variable" and - ruleId = "M6-5-6" + ruleId = "M6-5-6" and + category = "required" } module LoopsPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Macros.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Macros.qll index e9055e8083..0753ffeb48 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Macros.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Macros.qll @@ -17,14 +17,15 @@ newtype MacrosQuery = TMoreThanOneOccurrenceHashOperatorInMacroDefinitionQuery() or THashOperatorsShouldNotBeUsedQuery() -predicate isMacrosQueryMetadata(Query query, string queryId, string ruleId) { +predicate isMacrosQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `preProcessorShallOnlyBeUsedForCertainDirectivesPatterns` query MacrosPackage::preProcessorShallOnlyBeUsedForCertainDirectivesPatternsQuery() and queryId = // `@id` for the `preProcessorShallOnlyBeUsedForCertainDirectivesPatterns` query "cpp/autosar/pre-processor-shall-only-be-used-for-certain-directives-patterns" and - ruleId = "A16-0-1" + ruleId = "A16-0-1" and + category = "required" or query = // `Query` instance for the `charactersOccurInHeaderFileNameOrInIncludeDirective` query @@ -32,7 +33,8 @@ predicate isMacrosQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `charactersOccurInHeaderFileNameOrInIncludeDirective` query "cpp/autosar/characters-occur-in-header-file-name-or-in-include-directive" and - ruleId = "A16-2-1" + ruleId = "A16-2-1" and + category = "required" or query = // `Query` instance for the `errorDirectiveUsed` query @@ -40,7 +42,8 @@ predicate isMacrosQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `errorDirectiveUsed` query "cpp/autosar/error-directive-used" and - ruleId = "A16-6-1" + ruleId = "A16-6-1" and + category = "required" or query = // `Query` instance for the `pragmaDirectiveUsed` query @@ -48,7 +51,8 @@ predicate isMacrosQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `pragmaDirectiveUsed` query "cpp/autosar/pragma-directive-used" and - ruleId = "A16-7-1" + ruleId = "A16-7-1" and + category = "required" or query = // `Query` instance for the `includeDirectivesNotPrecededByDirectivesOrComments` query @@ -56,7 +60,8 @@ predicate isMacrosQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `includeDirectivesNotPrecededByDirectivesOrComments` query "cpp/autosar/include-directives-not-preceded-by-directives-or-comments" and - ruleId = "M16-0-1" + ruleId = "M16-0-1" and + category = "required" or query = // `Query` instance for the `macrosShallOnlyBeDefinedOrUndefdInTheGlobalNamespace` query @@ -64,7 +69,8 @@ predicate isMacrosQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `macrosShallOnlyBeDefinedOrUndefdInTheGlobalNamespace` query "cpp/autosar/macros-shall-only-be-defined-or-undefd-in-the-global-namespace" and - ruleId = "M16-0-2" + ruleId = "M16-0-2" and + category = "required" or query = // `Query` instance for the `functionLikeMacroArgsContainHashToken` query @@ -72,7 +78,8 @@ predicate isMacrosQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `functionLikeMacroArgsContainHashToken` query "cpp/autosar/function-like-macro-args-contain-hash-token" and - ruleId = "M16-0-5" + ruleId = "M16-0-5" and + category = "required" or query = // `Query` instance for the `functionLikeMacroParameterNotEnclosedInParentheses` query @@ -80,7 +87,8 @@ predicate isMacrosQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `functionLikeMacroParameterNotEnclosedInParentheses` query "cpp/autosar/function-like-macro-parameter-not-enclosed-in-parentheses" and - ruleId = "M16-0-6" + ruleId = "M16-0-6" and + category = "required" or query = // `Query` instance for the `undefinedMacroIdentifiersUsedIn` query @@ -88,7 +96,8 @@ predicate isMacrosQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `undefinedMacroIdentifiersUsedIn` query "cpp/autosar/undefined-macro-identifiers-used-in" and - ruleId = "M16-0-7" + ruleId = "M16-0-7" and + category = "required" or query = // `Query` instance for the `definedPreProcessorOperatorInOneOfTheTwoStandardForms` query @@ -96,7 +105,8 @@ predicate isMacrosQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `definedPreProcessorOperatorInOneOfTheTwoStandardForms` query "cpp/autosar/defined-pre-processor-operator-in-one-of-the-two-standard-forms" and - ruleId = "M16-1-1" + ruleId = "M16-1-1" and + category = "required" or query = // `Query` instance for the `moreThanOneOccurrenceHashOperatorInMacroDefinition` query @@ -104,7 +114,8 @@ predicate isMacrosQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `moreThanOneOccurrenceHashOperatorInMacroDefinition` query "cpp/autosar/more-than-one-occurrence-hash-operator-in-macro-definition" and - ruleId = "M16-3-1" + ruleId = "M16-3-1" and + category = "required" or query = // `Query` instance for the `hashOperatorsShouldNotBeUsed` query @@ -112,7 +123,8 @@ predicate isMacrosQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `hashOperatorsShouldNotBeUsed` query "cpp/autosar/hash-operators-should-not-be-used" and - ruleId = "M16-3-2" + ruleId = "M16-3-2" and + category = "advisory" } module MacrosPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/MoveForward.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/MoveForward.qll index c79931bf58..4d61136610 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/MoveForward.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/MoveForward.qll @@ -12,14 +12,15 @@ newtype MoveForwardQuery = TForwardForwardingReferencesQuery() or TDoNotRelyOnTheValueOfAMovedFromObjectQuery() -predicate isMoveForwardQueryMetadata(Query query, string queryId, string ruleId) { +predicate isMoveForwardQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `movedFromObjectReadAccessed` query MoveForwardPackage::movedFromObjectReadAccessedQuery() and queryId = // `@id` for the `movedFromObjectReadAccessed` query "cpp/autosar/moved-from-object-read-accessed" and - ruleId = "A12-8-3" + ruleId = "A12-8-3" and + category = "required" or query = // `Query` instance for the `forwardingValuesToOtherFunctions` query @@ -27,7 +28,8 @@ predicate isMoveForwardQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `forwardingValuesToOtherFunctions` query "cpp/autosar/forwarding-values-to-other-functions" and - ruleId = "A18-9-2" + ruleId = "A18-9-2" and + category = "required" or query = // `Query` instance for the `moveUsedOnConstObjects` query @@ -35,7 +37,8 @@ predicate isMoveForwardQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `moveUsedOnConstObjects` query "cpp/autosar/move-used-on-const-objects" and - ruleId = "A18-9-3" + ruleId = "A18-9-3" and + category = "required" or query = // `Query` instance for the `argumentToForwardSubsequentlyUsed` query @@ -43,7 +46,8 @@ predicate isMoveForwardQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `argumentToForwardSubsequentlyUsed` query "cpp/autosar/argument-to-forward-subsequently-used" and - ruleId = "A18-9-4" + ruleId = "A18-9-4" and + category = "required" or query = // `Query` instance for the `moveFromConsumeParametersRvalRef` query @@ -51,7 +55,8 @@ predicate isMoveForwardQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `moveFromConsumeParametersRvalRef` query "cpp/autosar/move-from-consume-parameters-rval-ref" and - ruleId = "A8-4-5" + ruleId = "A8-4-5" and + category = "required" or query = // `Query` instance for the `forwardForwardingReferences` query @@ -59,7 +64,8 @@ predicate isMoveForwardQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `forwardForwardingReferences` query "cpp/autosar/forward-forwarding-references" and - ruleId = "A8-4-6" + ruleId = "A8-4-6" and + category = "required" or query = // `Query` instance for the `doNotRelyOnTheValueOfAMovedFromObject` query @@ -67,7 +73,8 @@ predicate isMoveForwardQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `doNotRelyOnTheValueOfAMovedFromObject` query "cpp/cert/do-not-rely-on-the-value-of-a-moved-from-object" and - ruleId = "EXP63-CPP" + ruleId = "EXP63-CPP" and + category = "rule" } module MoveForwardPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Naming.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Naming.qll index 5ab4fc7647..18f03e9c66 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Naming.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Naming.qll @@ -32,14 +32,15 @@ newtype NamingQuery = TFunctionReusesReservedNameQuery() or TEnumeratorReusesReservedNameQuery() -predicate isNamingQueryMetadata(Query query, string queryId, string ruleId) { +predicate isNamingQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `userDefinedLiteralOperatorSuffixViolation` query NamingPackage::userDefinedLiteralOperatorSuffixViolationQuery() and queryId = // `@id` for the `userDefinedLiteralOperatorSuffixViolation` query "cpp/autosar/user-defined-literal-operator-suffix-violation" and - ruleId = "A13-1-2" + ruleId = "A13-1-2" and + category = "required" or query = // `Query` instance for the `identifierHiding` query @@ -47,7 +48,8 @@ predicate isNamingQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `identifierHiding` query "cpp/autosar/identifier-hiding" and - ruleId = "A2-10-1" + ruleId = "A2-10-1" and + category = "required" or query = // `Query` instance for the `identifierNameOfStaticNonMemberObjectReusedInNamespace` query @@ -55,7 +57,8 @@ predicate isNamingQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `identifierNameOfStaticNonMemberObjectReusedInNamespace` query "cpp/autosar/identifier-name-of-static-non-member-object-reused-in-namespace" and - ruleId = "A2-10-4" + ruleId = "A2-10-4" and + category = "required" or query = // `Query` instance for the `identifierNameOfStaticFunctionReusedInNamespace` query @@ -63,7 +66,8 @@ predicate isNamingQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `identifierNameOfStaticFunctionReusedInNamespace` query "cpp/autosar/identifier-name-of-static-function-reused-in-namespace" and - ruleId = "A2-10-4" + ruleId = "A2-10-4" and + category = "required" or query = // `Query` instance for the `identifierNameOfAStaticFunctionIsReused` query @@ -71,7 +75,8 @@ predicate isNamingQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `identifierNameOfAStaticFunctionIsReused` query "cpp/autosar/identifier-name-of-a-static-function-is-reused" and - ruleId = "A2-10-5" + ruleId = "A2-10-5" and + category = "advisory" or query = // `Query` instance for the `identifierNameOfANonMemberObjectWithExternalOrInternalLinkageIsReused` query @@ -79,7 +84,8 @@ predicate isNamingQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `identifierNameOfANonMemberObjectWithExternalOrInternalLinkageIsReused` query "cpp/autosar/identifier-name-of-a-non-member-object-with-external-or-internal-linkage-is-reused" and - ruleId = "A2-10-5" + ruleId = "A2-10-5" and + category = "advisory" or query = // `Query` instance for the `classOrEnumerationNameHiddenByAVariableInTheSameScope` query @@ -87,7 +93,8 @@ predicate isNamingQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `classOrEnumerationNameHiddenByAVariableInTheSameScope` query "cpp/autosar/class-or-enumeration-name-hidden-by-a-variable-in-the-same-scope" and - ruleId = "A2-10-6" + ruleId = "A2-10-6" and + category = "required" or query = // `Query` instance for the `classOrEnumerationNameHiddenByAFunctionInTheSameScope` query @@ -95,7 +102,8 @@ predicate isNamingQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `classOrEnumerationNameHiddenByAFunctionInTheSameScope` query "cpp/autosar/class-or-enumeration-name-hidden-by-a-function-in-the-same-scope" and - ruleId = "A2-10-6" + ruleId = "A2-10-6" and + category = "required" or query = // `Query` instance for the `classOrEnumerationNameHiddenByAnEnumeratorInTheSameScope` query @@ -103,7 +111,8 @@ predicate isNamingQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `classOrEnumerationNameHiddenByAnEnumeratorInTheSameScope` query "cpp/autosar/class-or-enumeration-name-hidden-by-an-enumerator-in-the-same-scope" and - ruleId = "A2-10-6" + ruleId = "A2-10-6" and + category = "required" or query = // `Query` instance for the `universalCharacterNamesUsedOutsideCharacterOrStringLiterals` query @@ -111,7 +120,8 @@ predicate isNamingQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `universalCharacterNamesUsedOutsideCharacterOrStringLiterals` query "cpp/autosar/universal-character-names-used-outside-character-or-string-literals" and - ruleId = "A2-13-6" + ruleId = "A2-13-6" and + category = "required" or query = // `Query` instance for the `characterOutsideTheLanguageStandardBasicSourceCharacterSetUsedInTheSourceCode` query @@ -119,7 +129,8 @@ predicate isNamingQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `characterOutsideTheLanguageStandardBasicSourceCharacterSetUsedInTheSourceCode` query "cpp/autosar/character-outside-the-language-standard-basic-source-character-set-used-in-the-source-code" and - ruleId = "A2-3-1" + ruleId = "A2-3-1" and + category = "required" or query = // `Query` instance for the `invalidCharacterInStringLiteral` query @@ -127,7 +138,8 @@ predicate isNamingQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `invalidCharacterInStringLiteral` query "cpp/autosar/invalid-character-in-string-literal" and - ruleId = "A2-3-1" + ruleId = "A2-3-1" and + category = "required" or query = // `Query` instance for the `invalidCharacterInComment` query @@ -135,7 +147,8 @@ predicate isNamingQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `invalidCharacterInComment` query "cpp/autosar/invalid-character-in-comment" and - ruleId = "A2-3-1" + ruleId = "A2-3-1" and + category = "required" or query = // `Query` instance for the `nameOfStandardLibraryMacroOrObjectReused` query @@ -143,7 +156,8 @@ predicate isNamingQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `nameOfStandardLibraryMacroOrObjectReused` query "cpp/autosar/name-of-standard-library-macro-or-object-reused" and - ruleId = "M17-0-2" + ruleId = "M17-0-2" and + category = "required" or query = // `Query` instance for the `nameOfStandardLibraryFunctionIsOverridden` query @@ -151,7 +165,8 @@ predicate isNamingQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `nameOfStandardLibraryFunctionIsOverridden` query "cpp/autosar/name-of-standard-library-function-is-overridden" and - ruleId = "M17-0-3" + ruleId = "M17-0-3" and + category = "required" or query = // `Query` instance for the `differentIdentifiersNotTypographicallyUnambiguous` query @@ -159,7 +174,8 @@ predicate isNamingQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `differentIdentifiersNotTypographicallyUnambiguous` query "cpp/autosar/different-identifiers-not-typographically-unambiguous" and - ruleId = "M2-10-1" + ruleId = "M2-10-1" and + category = "required" or query = // `Query` instance for the `identifierMainUsedForAFunctionOtherThanTheGlobalFunctionMain` query @@ -167,7 +183,8 @@ predicate isNamingQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `identifierMainUsedForAFunctionOtherThanTheGlobalFunctionMain` query "cpp/autosar/identifier-main-used-for-a-function-other-than-the-global-function-main" and - ruleId = "M7-3-2" + ruleId = "M7-3-2" and + category = "required" or query = // `Query` instance for the `unnamedNamespacesInHeaderFile` query @@ -175,7 +192,8 @@ predicate isNamingQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `unnamedNamespacesInHeaderFile` query "cpp/autosar/unnamed-namespaces-in-header-file" and - ruleId = "M7-3-3" + ruleId = "M7-3-3" and + category = "required" or query = // `Query` instance for the `nonIdenticalIdentifierUsedForTheParameterInReDeclarationOfAFunction` query @@ -183,7 +201,8 @@ predicate isNamingQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `nonIdenticalIdentifierUsedForTheParameterInReDeclarationOfAFunction` query "cpp/autosar/non-identical-identifier-used-for-the-parameter-in-re-declaration-of-a-function" and - ruleId = "M8-4-2" + ruleId = "M8-4-2" and + category = "required" or query = // `Query` instance for the `redefiningOfStandardLibraryName` query @@ -191,7 +210,8 @@ predicate isNamingQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `redefiningOfStandardLibraryName` query "cpp/cert/redefining-of-standard-library-name" and - ruleId = "DCL51-CPP" + ruleId = "DCL51-CPP" and + category = "rule" or query = // `Query` instance for the `reuseOfReservedIdentifier` query @@ -199,7 +219,8 @@ predicate isNamingQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `reuseOfReservedIdentifier` query "cpp/cert/reuse-of-reserved-identifier" and - ruleId = "DCL51-CPP" + ruleId = "DCL51-CPP" and + category = "rule" or query = // `Query` instance for the `useOfSingleUnderscoreReservedPrefix` query @@ -207,7 +228,8 @@ predicate isNamingQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `useOfSingleUnderscoreReservedPrefix` query "cpp/cert/use-of-single-underscore-reserved-prefix" and - ruleId = "DCL51-CPP" + ruleId = "DCL51-CPP" and + category = "rule" or query = // `Query` instance for the `useOfDoubleUnderscoreReservedPrefix` query @@ -215,7 +237,8 @@ predicate isNamingQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `useOfDoubleUnderscoreReservedPrefix` query "cpp/cert/use-of-double-underscore-reserved-prefix" and - ruleId = "DCL51-CPP" + ruleId = "DCL51-CPP" and + category = "rule" or query = // `Query` instance for the `useOfReservedLiteralSuffixIdentifier` query @@ -223,7 +246,8 @@ predicate isNamingQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `useOfReservedLiteralSuffixIdentifier` query "cpp/cert/use-of-reserved-literal-suffix-identifier" and - ruleId = "DCL51-CPP" + ruleId = "DCL51-CPP" and + category = "rule" or query = // `Query` instance for the `objectReusesReservedName` query @@ -231,7 +255,8 @@ predicate isNamingQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `objectReusesReservedName` query "cpp/cert/object-reuses-reserved-name" and - ruleId = "DCL51-CPP" + ruleId = "DCL51-CPP" and + category = "rule" or query = // `Query` instance for the `functionReusesReservedName` query @@ -239,7 +264,8 @@ predicate isNamingQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `functionReusesReservedName` query "cpp/cert/function-reuses-reserved-name" and - ruleId = "DCL51-CPP" + ruleId = "DCL51-CPP" and + category = "rule" or query = // `Query` instance for the `enumeratorReusesReservedName` query @@ -247,7 +273,8 @@ predicate isNamingQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `enumeratorReusesReservedName` query "cpp/cert/enumerator-reuses-reserved-name" and - ruleId = "DCL51-CPP" + ruleId = "DCL51-CPP" and + category = "rule" } module NamingPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Null.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Null.qll index c0befae569..203bf242a6 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Null.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Null.qll @@ -8,14 +8,15 @@ newtype NullQuery = TParameterNotPassedByReferenceQuery() or TDoNotAttemptToCreateAStringFromANullPointerQuery() -predicate isNullQueryMetadata(Query query, string queryId, string ruleId) { +predicate isNullQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `nullPointersDereferenced` query NullPackage::nullPointersDereferencedQuery() and queryId = // `@id` for the `nullPointersDereferenced` query "cpp/autosar/null-pointers-dereferenced" and - ruleId = "A5-3-2" + ruleId = "A5-3-2" and + category = "required" or query = // `Query` instance for the `parameterNotPassedByReference` query @@ -23,7 +24,8 @@ predicate isNullQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `parameterNotPassedByReference` query "cpp/autosar/parameter-not-passed-by-reference" and - ruleId = "A8-4-10" + ruleId = "A8-4-10" and + category = "required" or query = // `Query` instance for the `doNotAttemptToCreateAStringFromANullPointer` query @@ -31,7 +33,8 @@ predicate isNullQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `doNotAttemptToCreateAStringFromANullPointer` query "cpp/cert/do-not-attempt-to-create-a-string-from-a-null-pointer" and - ruleId = "STR51-CPP" + ruleId = "STR51-CPP" and + category = "rule" } module NullPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/OperatorInvariants.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/OperatorInvariants.qll index 51026ef8b4..052af31dbb 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/OperatorInvariants.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/OperatorInvariants.qll @@ -14,14 +14,15 @@ newtype OperatorInvariantsQuery = TGracefullyHandleSelfCopyAssignmentQuery() or TCopyOperationsMustNotMutateTheSourceObjectQuery() -predicate isOperatorInvariantsQueryMetadata(Query query, string queryId, string ruleId) { +predicate isOperatorInvariantsQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `userDefinedCopyAndMoveUseNoThrowSwapFunction` query OperatorInvariantsPackage::userDefinedCopyAndMoveUseNoThrowSwapFunctionQuery() and queryId = // `@id` for the `userDefinedCopyAndMoveUseNoThrowSwapFunction` query "cpp/autosar/user-defined-copy-and-move-use-no-throw-swap-function" and - ruleId = "A12-8-2" + ruleId = "A12-8-2" and + category = "advisory" or query = // `Query` instance for the `copyAssignmentAndAMoveHandleSelfAssignment` query @@ -29,7 +30,8 @@ predicate isOperatorInvariantsQueryMetadata(Query query, string queryId, string queryId = // `@id` for the `copyAssignmentAndAMoveHandleSelfAssignment` query "cpp/autosar/copy-assignment-and-a-move-handle-self-assignment" and - ruleId = "A12-8-5" + ruleId = "A12-8-5" and + category = "required" or query = // `Query` instance for the `assignmentOperatorReturnThis` query @@ -37,7 +39,8 @@ predicate isOperatorInvariantsQueryMetadata(Query query, string queryId, string queryId = // `@id` for the `assignmentOperatorReturnThis` query "cpp/autosar/assignment-operator-return-this" and - ruleId = "A13-2-1" + ruleId = "A13-2-1" and + category = "required" or query = // `Query` instance for the `binaryOperatorAndBitwiseOperatorReturnAPrvalue` query @@ -45,7 +48,8 @@ predicate isOperatorInvariantsQueryMetadata(Query query, string queryId, string queryId = // `@id` for the `binaryOperatorAndBitwiseOperatorReturnAPrvalue` query "cpp/autosar/binary-operator-and-bitwise-operator-return-a-prvalue" and - ruleId = "A13-2-2" + ruleId = "A13-2-2" and + category = "required" or query = // `Query` instance for the `oppositeOperatorsNotDefinedInTermsOfOther` query @@ -53,7 +57,8 @@ predicate isOperatorInvariantsQueryMetadata(Query query, string queryId, string queryId = // `@id` for the `oppositeOperatorsNotDefinedInTermsOfOther` query "cpp/autosar/opposite-operators-not-defined-in-terms-of-other" and - ruleId = "A13-5-4" + ruleId = "A13-5-4" and + category = "required" or query = // `Query` instance for the `hashSpecializationsHaveANoexceptFunctionCallOperator` query @@ -61,7 +66,8 @@ predicate isOperatorInvariantsQueryMetadata(Query query, string queryId, string queryId = // `@id` for the `hashSpecializationsHaveANoexceptFunctionCallOperator` query "cpp/autosar/hash-specializations-have-a-noexcept-function-call-operator" and - ruleId = "A18-1-6" + ruleId = "A18-1-6" and + category = "required" or query = // `Query` instance for the `semanticEquivalenceBetweenOperatorFormNotPreserved` query @@ -69,7 +75,8 @@ predicate isOperatorInvariantsQueryMetadata(Query query, string queryId, string queryId = // `@id` for the `semanticEquivalenceBetweenOperatorFormNotPreserved` query "cpp/autosar/semantic-equivalence-between-operator-form-not-preserved" and - ruleId = "M5-17-1" + ruleId = "M5-17-1" and + category = "required" or query = // `Query` instance for the `gracefullyHandleSelfCopyAssignment` query @@ -77,7 +84,8 @@ predicate isOperatorInvariantsQueryMetadata(Query query, string queryId, string queryId = // `@id` for the `gracefullyHandleSelfCopyAssignment` query "cpp/cert/gracefully-handle-self-copy-assignment" and - ruleId = "OOP54-CPP" + ruleId = "OOP54-CPP" and + category = "rule" or query = // `Query` instance for the `copyOperationsMustNotMutateTheSourceObject` query @@ -85,7 +93,8 @@ predicate isOperatorInvariantsQueryMetadata(Query query, string queryId, string queryId = // `@id` for the `copyOperationsMustNotMutateTheSourceObject` query "cpp/cert/copy-operations-must-not-mutate-the-source-object" and - ruleId = "OOP58-CPP" + ruleId = "OOP58-CPP" and + category = "rule" } module OperatorInvariantsPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Operators.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Operators.qll index d395d6fd5a..fe71289dbc 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Operators.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Operators.qll @@ -20,14 +20,15 @@ newtype OperatorsQuery = TUnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsignedQuery() or TUnaryOperatorOverloadedQuery() -predicate isOperatorsQueryMetadata(Query query, string queryId, string ruleId) { +predicate isOperatorsQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `userDefinedAssignmentOperatorVirtual` query OperatorsPackage::userDefinedAssignmentOperatorVirtualQuery() and queryId = // `@id` for the `userDefinedAssignmentOperatorVirtual` query "cpp/autosar/user-defined-assignment-operator-virtual" and - ruleId = "A10-3-5" + ruleId = "A10-3-5" and + category = "required" or query = // `Query` instance for the `copyAndMoveNotDeclaredProtected` query @@ -35,7 +36,8 @@ predicate isOperatorsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `copyAndMoveNotDeclaredProtected` query "cpp/autosar/copy-and-move-not-declared-protected" and - ruleId = "A12-8-6" + ruleId = "A12-8-6" and + category = "required" or query = // `Query` instance for the `operatorsShouldBeDeclaredWithTheRefQualifier` query @@ -43,7 +45,8 @@ predicate isOperatorsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `operatorsShouldBeDeclaredWithTheRefQualifier` query "cpp/autosar/operators-should-be-declared-with-the-ref-qualifier" and - ruleId = "A12-8-7" + ruleId = "A12-8-7" and + category = "advisory" or query = // `Query` instance for the `relationalOperatorShallReturnABooleanValue` query @@ -51,7 +54,8 @@ predicate isOperatorsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `relationalOperatorShallReturnABooleanValue` query "cpp/autosar/relational-operator-shall-return-a-boolean-value" and - ruleId = "A13-2-3" + ruleId = "A13-2-3" and + category = "required" or query = // `Query` instance for the `functionThatContainsForwardingReferenceAsItsArgumentOverloaded` query @@ -59,7 +63,8 @@ predicate isOperatorsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `functionThatContainsForwardingReferenceAsItsArgumentOverloaded` query "cpp/autosar/function-that-contains-forwarding-reference-as-its-argument-overloaded" and - ruleId = "A13-3-1" + ruleId = "A13-3-1" and + category = "required" or query = // `Query` instance for the `missingConstOperatorSubscript` query @@ -67,7 +72,8 @@ predicate isOperatorsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `missingConstOperatorSubscript` query "cpp/autosar/missing-const-operator-subscript" and - ruleId = "A13-5-1" + ruleId = "A13-5-1" and + category = "required" or query = // `Query` instance for the `userDefinedConversionOperatorsNotDefinedExplicit` query @@ -75,7 +81,8 @@ predicate isOperatorsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `userDefinedConversionOperatorsNotDefinedExplicit` query "cpp/autosar/user-defined-conversion-operators-not-defined-explicit" and - ruleId = "A13-5-2" + ruleId = "A13-5-2" and + category = "required" or query = // `Query` instance for the `userDefinedConversionOperatorsShouldNotBeUsed` query @@ -83,7 +90,8 @@ predicate isOperatorsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `userDefinedConversionOperatorsShouldNotBeUsed` query "cpp/autosar/user-defined-conversion-operators-should-not-be-used" and - ruleId = "A13-5-3" + ruleId = "A13-5-3" and + category = "advisory" or query = // `Query` instance for the `comparisonOperatorsNotNonMemberFunctionsWithIdenticalParameterTypesAndNoexcept` query @@ -91,7 +99,8 @@ predicate isOperatorsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `comparisonOperatorsNotNonMemberFunctionsWithIdenticalParameterTypesAndNoexcept` query "cpp/autosar/comparison-operators-not-non-member-functions-with-identical-parameter-types-and-noexcept" and - ruleId = "A13-5-5" + ruleId = "A13-5-5" and + category = "required" or query = // `Query` instance for the `nonMemberGenericOperatorCondition` query @@ -99,7 +108,8 @@ predicate isOperatorsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `nonMemberGenericOperatorCondition` query "cpp/autosar/non-member-generic-operator-condition" and - ruleId = "A14-5-3" + ruleId = "A14-5-3" and + category = "advisory" or query = // `Query` instance for the `unsignedBitwiseOperatorWithoutCast` query @@ -107,7 +117,8 @@ predicate isOperatorsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `unsignedBitwiseOperatorWithoutCast` query "cpp/autosar/unsigned-bitwise-operator-without-cast" and - ruleId = "M5-0-10" + ruleId = "M5-0-10" and + category = "required" or query = // `Query` instance for the `commaOperatorAndOperatorAndTheOperatorOverloaded` query @@ -115,7 +126,8 @@ predicate isOperatorsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `commaOperatorAndOperatorAndTheOperatorOverloaded` query "cpp/autosar/comma-operator-and-operator-and-the-operator-overloaded" and - ruleId = "M5-2-11" + ruleId = "M5-2-11" and + category = "required" or query = // `Query` instance for the `eachOperandOfTheOperatorTheLogicalAndOrTheLogicalOperatorsShallHaveTypeBool` query @@ -123,7 +135,8 @@ predicate isOperatorsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `eachOperandOfTheOperatorTheLogicalAndOrTheLogicalOperatorsShallHaveTypeBool` query "cpp/autosar/each-operand-of-the-operator-the-logical-and-or-the-logical-operators-shall-have-type-bool" and - ruleId = "M5-3-1" + ruleId = "M5-3-1" and + category = "required" or query = // `Query` instance for the `unaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsigned` query @@ -131,7 +144,8 @@ predicate isOperatorsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `unaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsigned` query "cpp/autosar/unary-minus-operator-applied-to-an-expression-whose-underlying-type-is-unsigned" and - ruleId = "M5-3-2" + ruleId = "M5-3-2" and + category = "required" or query = // `Query` instance for the `unaryOperatorOverloaded` query @@ -139,7 +153,8 @@ predicate isOperatorsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `unaryOperatorOverloaded` query "cpp/autosar/unary-operator-overloaded" and - ruleId = "M5-3-3" + ruleId = "M5-3-3" and + category = "required" } module OperatorsPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/OrderOfEvaluation.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/OrderOfEvaluation.qll index 2ac5b428da..71464fe027 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/OrderOfEvaluation.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/OrderOfEvaluation.qll @@ -11,14 +11,15 @@ newtype OrderOfEvaluationQuery = TIncrementAndDecrementOperatorsMixedWithOtherOperatorsInExpressionQuery() or TAssignmentInSubExpressionQuery() -predicate isOrderOfEvaluationQueryMetadata(Query query, string queryId, string ruleId) { +predicate isOrderOfEvaluationQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `expressionShouldNotRelyOnOrderOfEvaluation` query OrderOfEvaluationPackage::expressionShouldNotRelyOnOrderOfEvaluationQuery() and queryId = // `@id` for the `expressionShouldNotRelyOnOrderOfEvaluation` query "cpp/autosar/expression-should-not-rely-on-order-of-evaluation" and - ruleId = "A5-0-1" + ruleId = "A5-0-1" and + category = "required" or query = // `Query` instance for the `operandsOfALogicalAndOrNotParenthesized` query @@ -26,7 +27,8 @@ predicate isOrderOfEvaluationQueryMetadata(Query query, string queryId, string r queryId = // `@id` for the `operandsOfALogicalAndOrNotParenthesized` query "cpp/autosar/operands-of-a-logical-and-or-not-parenthesized" and - ruleId = "A5-2-6" + ruleId = "A5-2-6" and + category = "required" or query = // `Query` instance for the `explicitConstructionOfUnnamedTemporary` query @@ -34,7 +36,8 @@ predicate isOrderOfEvaluationQueryMetadata(Query query, string queryId, string r queryId = // `@id` for the `explicitConstructionOfUnnamedTemporary` query "cpp/autosar/explicit-construction-of-unnamed-temporary" and - ruleId = "A6-2-2" + ruleId = "A6-2-2" and + category = "required" or query = // `Query` instance for the `gratuitousUseOfParentheses` query @@ -42,7 +45,8 @@ predicate isOrderOfEvaluationQueryMetadata(Query query, string queryId, string r queryId = // `@id` for the `gratuitousUseOfParentheses` query "cpp/autosar/gratuitous-use-of-parentheses" and - ruleId = "M5-0-2" + ruleId = "M5-0-2" and + category = "advisory" or query = // `Query` instance for the `incrementAndDecrementOperatorsMixedWithOtherOperatorsInExpression` query @@ -50,7 +54,8 @@ predicate isOrderOfEvaluationQueryMetadata(Query query, string queryId, string r queryId = // `@id` for the `incrementAndDecrementOperatorsMixedWithOtherOperatorsInExpression` query "cpp/autosar/increment-and-decrement-operators-mixed-with-other-operators-in-expression" and - ruleId = "M5-2-10" + ruleId = "M5-2-10" and + category = "required" or query = // `Query` instance for the `assignmentInSubExpression` query @@ -58,7 +63,8 @@ predicate isOrderOfEvaluationQueryMetadata(Query query, string queryId, string r queryId = // `@id` for the `assignmentInSubExpression` query "cpp/autosar/assignment-in-sub-expression" and - ruleId = "M6-2-1" + ruleId = "M6-2-1" and + category = "required" } module OrderOfEvaluationPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/OutOfBounds.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/OutOfBounds.qll index c85fa998e1..d1c3087339 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/OutOfBounds.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/OutOfBounds.qll @@ -9,14 +9,15 @@ newtype OutOfBoundsQuery = TGuaranteeGenericCppLibraryFunctionsDoNotOverflowQuery() or TRangeCheckStringElementAccessQuery() -predicate isOutOfBoundsQueryMetadata(Query query, string queryId, string ruleId) { +predicate isOutOfBoundsQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `containerAccessWithoutRangeCheckAutosar` query OutOfBoundsPackage::containerAccessWithoutRangeCheckAutosarQuery() and queryId = // `@id` for the `containerAccessWithoutRangeCheckAutosar` query "cpp/autosar/container-access-without-range-check-autosar" and - ruleId = "A5-2-5" + ruleId = "A5-2-5" and + category = "required" or query = // `Query` instance for the `containerAccessWithoutRangeCheckCert` query @@ -24,7 +25,8 @@ predicate isOutOfBoundsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `containerAccessWithoutRangeCheckCert` query "cpp/cert/container-access-without-range-check-cert" and - ruleId = "CTR50-CPP" + ruleId = "CTR50-CPP" and + category = "rule" or query = // `Query` instance for the `guaranteeGenericCppLibraryFunctionsDoNotOverflow` query @@ -32,7 +34,8 @@ predicate isOutOfBoundsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `guaranteeGenericCppLibraryFunctionsDoNotOverflow` query "cpp/cert/guarantee-generic-cpp-library-functions-do-not-overflow" and - ruleId = "CTR52-CPP" + ruleId = "CTR52-CPP" and + category = "rule" or query = // `Query` instance for the `rangeCheckStringElementAccess` query @@ -40,7 +43,8 @@ predicate isOutOfBoundsQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `rangeCheckStringElementAccess` query "cpp/cert/range-check-string-element-access" and - ruleId = "STR53-CPP" + ruleId = "STR53-CPP" and + category = "rule" } module OutOfBoundsPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Pointers.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Pointers.qll index 07e68a5a9c..1dd5bef4c8 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Pointers.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Pointers.qll @@ -28,14 +28,15 @@ newtype PointersQuery = TMemberAccessWithUninitializedStaticPointerToMemberQuery() or TUseOfPointerToMemberToAccessNonexistentMemberQuery() -predicate isPointersQueryMetadata(Query query, string queryId, string ruleId) { +predicate isPointersQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `pointerToAnElementOfAnArrayPassedToASmartPointer` query PointersPackage::pointerToAnElementOfAnArrayPassedToASmartPointerQuery() and queryId = // `@id` for the `pointerToAnElementOfAnArrayPassedToASmartPointer` query "cpp/autosar/pointer-to-an-element-of-an-array-passed-to-a-smart-pointer" and - ruleId = "A18-1-4" + ruleId = "A18-1-4" and + category = "required" or query = // `Query` instance for the `declarationContainLessThanTwoLevelsOfIndirection` query @@ -43,7 +44,8 @@ predicate isPointersQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `declarationContainLessThanTwoLevelsOfIndirection` query "cpp/autosar/declaration-contain-less-than-two-levels-of-indirection" and - ruleId = "A5-0-3" + ruleId = "A5-0-3" and + category = "required" or query = // `Query` instance for the `pointerArithmeticUsedWithPointersToNonFinalClasses` query @@ -51,7 +53,8 @@ predicate isPointersQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `pointerArithmeticUsedWithPointersToNonFinalClasses` query "cpp/autosar/pointer-arithmetic-used-with-pointers-to-non-final-classes" and - ruleId = "A5-0-4" + ruleId = "A5-0-4" and + category = "required" or query = // `Query` instance for the `pointerToMemberVirtualFunctionWithNullPointerConstant` query @@ -59,7 +62,8 @@ predicate isPointersQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `pointerToMemberVirtualFunctionWithNullPointerConstant` query "cpp/autosar/pointer-to-member-virtual-function-with-null-pointer-constant" and - ruleId = "A5-10-1" + ruleId = "A5-10-1" and + category = "required" or query = // `Query` instance for the `deletingPointerToIncompleteType` query @@ -67,7 +71,8 @@ predicate isPointersQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `deletingPointerToIncompleteType` query "cpp/autosar/deleting-pointer-to-incomplete-type" and - ruleId = "A5-3-3" + ruleId = "A5-3-3" and + category = "required" or query = // `Query` instance for the `pointerToMemberAccessNonExistentClassMembers` query @@ -75,7 +80,8 @@ predicate isPointersQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `pointerToMemberAccessNonExistentClassMembers` query "cpp/autosar/pointer-to-member-access-non-existent-class-members" and - ruleId = "A5-5-1" + ruleId = "A5-5-1" and + category = "required" or query = // `Query` instance for the `nullPointerToMemberAccessNonExistentClassMembers` query @@ -83,7 +89,8 @@ predicate isPointersQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `nullPointerToMemberAccessNonExistentClassMembers` query "cpp/autosar/null-pointer-to-member-access-non-existent-class-members" and - ruleId = "A5-5-1" + ruleId = "A5-5-1" and + category = "required" or query = // `Query` instance for the `uninitializedStaticPointerToMemberUse` query @@ -91,7 +98,8 @@ predicate isPointersQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `uninitializedStaticPointerToMemberUse` query "cpp/autosar/uninitialized-static-pointer-to-member-use" and - ruleId = "A5-5-1" + ruleId = "A5-5-1" and + category = "required" or query = // `Query` instance for the `indexingNotTheOnlyFormOfPointerArithmetic` query @@ -99,7 +107,8 @@ predicate isPointersQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `indexingNotTheOnlyFormOfPointerArithmetic` query "cpp/autosar/indexing-not-the-only-form-of-pointer-arithmetic" and - ruleId = "M5-0-15" + ruleId = "M5-0-15" and + category = "required" or query = // `Query` instance for the `pointerAndDerivedPointerAccessDifferentArray` query @@ -107,7 +116,8 @@ predicate isPointersQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `pointerAndDerivedPointerAccessDifferentArray` query "cpp/autosar/pointer-and-derived-pointer-access-different-array" and - ruleId = "M5-0-16" + ruleId = "M5-0-16" and + category = "required" or query = // `Query` instance for the `pointerSubtractionOnDifferentArrays` query @@ -115,7 +125,8 @@ predicate isPointersQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `pointerSubtractionOnDifferentArrays` query "cpp/autosar/pointer-subtraction-on-different-arrays" and - ruleId = "M5-0-17" + ruleId = "M5-0-17" and + category = "required" or query = // `Query` instance for the `appliedToObjectsOfPointerType` query @@ -123,7 +134,8 @@ predicate isPointersQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `appliedToObjectsOfPointerType` query "cpp/autosar/applied-to-objects-of-pointer-type" and - ruleId = "M5-0-18" + ruleId = "M5-0-18" and + category = "required" or query = // `Query` instance for the `identifierWithArrayTypePassedAsFunctionArgumentDecayToAPointer` query @@ -131,7 +143,8 @@ predicate isPointersQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `identifierWithArrayTypePassedAsFunctionArgumentDecayToAPointer` query "cpp/autosar/identifier-with-array-type-passed-as-function-argument-decay-to-a-pointer" and - ruleId = "M5-2-12" + ruleId = "M5-2-12" and + category = "required" or query = // `Query` instance for the `pointerToAVirtualBaseClassCastToAPointer` query @@ -139,7 +152,8 @@ predicate isPointersQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `pointerToAVirtualBaseClassCastToAPointer` query "cpp/autosar/pointer-to-a-virtual-base-class-cast-to-a-pointer" and - ruleId = "M5-2-2" + ruleId = "M5-2-2" and + category = "required" or query = // `Query` instance for the `castNotConvertPointerToFunction` query @@ -147,7 +161,8 @@ predicate isPointersQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `castNotConvertPointerToFunction` query "cpp/autosar/cast-not-convert-pointer-to-function" and - ruleId = "M5-2-6" + ruleId = "M5-2-6" and + category = "required" or query = // `Query` instance for the `integerOrPointerToVoidConvertedToPointerType` query @@ -155,7 +170,8 @@ predicate isPointersQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `integerOrPointerToVoidConvertedToPointerType` query "cpp/autosar/integer-or-pointer-to-void-converted-to-pointer-type" and - ruleId = "M5-2-8" + ruleId = "M5-2-8" and + category = "required" or query = // `Query` instance for the `castConvertAPointerTypeToAnIntegralType` query @@ -163,7 +179,8 @@ predicate isPointersQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `castConvertAPointerTypeToAnIntegralType` query "cpp/autosar/cast-convert-a-pointer-type-to-an-integral-type" and - ruleId = "M5-2-9" + ruleId = "M5-2-9" and + category = "required" or query = // `Query` instance for the `doNotUsePointerArithmeticOnPolymorphicObjects` query @@ -171,7 +188,8 @@ predicate isPointersQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `doNotUsePointerArithmeticOnPolymorphicObjects` query "cpp/cert/do-not-use-pointer-arithmetic-on-polymorphic-objects" and - ruleId = "CTR56-CPP" + ruleId = "CTR56-CPP" and + category = "rule" or query = // `Query` instance for the `deletingPointerToIncompleteClass` query @@ -179,7 +197,8 @@ predicate isPointersQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `deletingPointerToIncompleteClass` query "cpp/cert/deleting-pointer-to-incomplete-class" and - ruleId = "EXP57-CPP" + ruleId = "EXP57-CPP" and + category = "rule" or query = // `Query` instance for the `castOfPointerToIncompleteClass` query @@ -187,7 +206,8 @@ predicate isPointersQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `castOfPointerToIncompleteClass` query "cpp/cert/cast-of-pointer-to-incomplete-class" and - ruleId = "EXP57-CPP" + ruleId = "EXP57-CPP" and + category = "rule" or query = // `Query` instance for the `useOfPointerToMemberToAccessUndefinedMember` query @@ -195,7 +215,8 @@ predicate isPointersQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `useOfPointerToMemberToAccessUndefinedMember` query "cpp/cert/use-of-pointer-to-member-to-access-undefined-member" and - ruleId = "OOP55-CPP" + ruleId = "OOP55-CPP" and + category = "rule" or query = // `Query` instance for the `memberAccessWithUninitializedStaticPointerToMember` query @@ -203,7 +224,8 @@ predicate isPointersQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `memberAccessWithUninitializedStaticPointerToMember` query "cpp/cert/member-access-with-uninitialized-static-pointer-to-member" and - ruleId = "OOP55-CPP" + ruleId = "OOP55-CPP" and + category = "rule" or query = // `Query` instance for the `useOfPointerToMemberToAccessNonexistentMember` query @@ -211,7 +233,8 @@ predicate isPointersQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `useOfPointerToMemberToAccessNonexistentMember` query "cpp/cert/use-of-pointer-to-member-to-access-nonexistent-member" and - ruleId = "OOP55-CPP" + ruleId = "OOP55-CPP" and + category = "rule" } module PointersPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Representation.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Representation.qll index d9f2850f95..a423cfd4ff 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Representation.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Representation.qll @@ -13,14 +13,15 @@ newtype RepresentationQuery = TMemcmpUsedToAccessObjectRepresentationQuery() or TMemcpyUsedToAccessObjectRepresentationQuery() -predicate isRepresentationQueryMetadata(Query query, string queryId, string ruleId) { +predicate isRepresentationQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `bitFieldsShallBeUsedOnlyWhenInterfacingToHardwareOrConformingToCommunicationProtocols` query RepresentationPackage::bitFieldsShallBeUsedOnlyWhenInterfacingToHardwareOrConformingToCommunicationProtocolsQuery() and queryId = // `@id` for the `bitFieldsShallBeUsedOnlyWhenInterfacingToHardwareOrConformingToCommunicationProtocols` query "cpp/autosar/bit-fields-shall-be-used-only-when-interfacing-to-hardware-or-conforming-to-communication-protocols" and - ruleId = "A9-6-2" + ruleId = "A9-6-2" and + category = "required" or query = // `Query` instance for the `auditPossibleHardwareInterfaceDueToBitFieldUsageInDataTypeDefinition` query @@ -28,7 +29,8 @@ predicate isRepresentationQueryMetadata(Query query, string queryId, string rule queryId = // `@id` for the `auditPossibleHardwareInterfaceDueToBitFieldUsageInDataTypeDefinition` query "cpp/autosar/audit-possible-hardware-interface-due-to-bit-field-usage-in-data-type-definition" and - ruleId = "A9-6-2" + ruleId = "A9-6-2" and + category = "required" or query = // `Query` instance for the `objectAssignedToAnOverlappingObject` query @@ -36,7 +38,8 @@ predicate isRepresentationQueryMetadata(Query query, string queryId, string rule queryId = // `@id` for the `objectAssignedToAnOverlappingObject` query "cpp/autosar/object-assigned-to-an-overlapping-object" and - ruleId = "M0-2-1" + ruleId = "M0-2-1" and + category = "required" or query = // `Query` instance for the `underlyingBitRepresentationsOfFloatingPointValuesUsed` query @@ -44,7 +47,8 @@ predicate isRepresentationQueryMetadata(Query query, string queryId, string rule queryId = // `@id` for the `underlyingBitRepresentationsOfFloatingPointValuesUsed` query "cpp/autosar/underlying-bit-representations-of-floating-point-values-used" and - ruleId = "M3-9-3" + ruleId = "M3-9-3" and + category = "required" or query = // `Query` instance for the `namedBitFieldsWithSignedIntegerTypeShallHaveALengthOfMoreThanOneBit` query @@ -52,7 +56,8 @@ predicate isRepresentationQueryMetadata(Query query, string queryId, string rule queryId = // `@id` for the `namedBitFieldsWithSignedIntegerTypeShallHaveALengthOfMoreThanOneBit` query "cpp/autosar/named-bit-fields-with-signed-integer-type-shall-have-a-length-of-more-than-one-bit" and - ruleId = "M9-6-4" + ruleId = "M9-6-4" and + category = "required" or query = // `Query` instance for the `memsetUsedToAccessObjectRepresentation` query @@ -60,7 +65,8 @@ predicate isRepresentationQueryMetadata(Query query, string queryId, string rule queryId = // `@id` for the `memsetUsedToAccessObjectRepresentation` query "cpp/cert/memset-used-to-access-object-representation" and - ruleId = "EXP62-CPP" + ruleId = "EXP62-CPP" and + category = "rule" or query = // `Query` instance for the `memcmpUsedToAccessObjectRepresentation` query @@ -68,7 +74,8 @@ predicate isRepresentationQueryMetadata(Query query, string queryId, string rule queryId = // `@id` for the `memcmpUsedToAccessObjectRepresentation` query "cpp/cert/memcmp-used-to-access-object-representation" and - ruleId = "EXP62-CPP" + ruleId = "EXP62-CPP" and + category = "rule" or query = // `Query` instance for the `memcpyUsedToAccessObjectRepresentation` query @@ -76,7 +83,8 @@ predicate isRepresentationQueryMetadata(Query query, string queryId, string rule queryId = // `@id` for the `memcpyUsedToAccessObjectRepresentation` query "cpp/cert/memcpy-used-to-access-object-representation" and - ruleId = "EXP62-CPP" + ruleId = "EXP62-CPP" and + category = "rule" } module RepresentationPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/RuleMetadata.qll index 89c804c4ca..8dfbf9feaa 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/RuleMetadata.qll @@ -107,55 +107,55 @@ newtype TCPPQuery = TVirtualFunctionsPackageQuery(VirtualFunctionsQuery q) /** The metadata predicate * */ -predicate isQueryMetadata(Query query, string queryId, string ruleId) { - isAllocationsQueryMetadata(query, queryId, ruleId) or - isBannedFunctionsQueryMetadata(query, queryId, ruleId) or - isBannedLibrariesQueryMetadata(query, queryId, ruleId) or - isBannedSyntaxQueryMetadata(query, queryId, ruleId) or - isBannedTypesQueryMetadata(query, queryId, ruleId) or - isClassesQueryMetadata(query, queryId, ruleId) or - isCommentsQueryMetadata(query, queryId, ruleId) or - isConcurrencyQueryMetadata(query, queryId, ruleId) or - isConditionalsQueryMetadata(query, queryId, ruleId) or - isConstQueryMetadata(query, queryId, ruleId) or - isDeadCodeQueryMetadata(query, queryId, ruleId) or - isDeclarationsQueryMetadata(query, queryId, ruleId) or - isExceptionSafetyQueryMetadata(query, queryId, ruleId) or - isExceptions1QueryMetadata(query, queryId, ruleId) or - isExceptions2QueryMetadata(query, queryId, ruleId) or - isExpressionsQueryMetadata(query, queryId, ruleId) or - isFreedQueryMetadata(query, queryId, ruleId) or - isFunctionsQueryMetadata(query, queryId, ruleId) or - isIOQueryMetadata(query, queryId, ruleId) or - isIncludesQueryMetadata(query, queryId, ruleId) or - isInheritanceQueryMetadata(query, queryId, ruleId) or - isInitializationQueryMetadata(query, queryId, ruleId) or - isIntegerConversionQueryMetadata(query, queryId, ruleId) or - isInvariantsQueryMetadata(query, queryId, ruleId) or - isIteratorsQueryMetadata(query, queryId, ruleId) or - isLambdasQueryMetadata(query, queryId, ruleId) or - isLiteralsQueryMetadata(query, queryId, ruleId) or - isLoopsQueryMetadata(query, queryId, ruleId) or - isMacrosQueryMetadata(query, queryId, ruleId) or - isMoveForwardQueryMetadata(query, queryId, ruleId) or - isNamingQueryMetadata(query, queryId, ruleId) or - isNullQueryMetadata(query, queryId, ruleId) or - isOperatorInvariantsQueryMetadata(query, queryId, ruleId) or - isOperatorsQueryMetadata(query, queryId, ruleId) or - isOrderOfEvaluationQueryMetadata(query, queryId, ruleId) or - isOutOfBoundsQueryMetadata(query, queryId, ruleId) or - isPointersQueryMetadata(query, queryId, ruleId) or - isRepresentationQueryMetadata(query, queryId, ruleId) or - isScopeQueryMetadata(query, queryId, ruleId) or - isSideEffects1QueryMetadata(query, queryId, ruleId) or - isSideEffects2QueryMetadata(query, queryId, ruleId) or - isSmartPointers1QueryMetadata(query, queryId, ruleId) or - isSmartPointers2QueryMetadata(query, queryId, ruleId) or - isStringsQueryMetadata(query, queryId, ruleId) or - isTemplatesQueryMetadata(query, queryId, ruleId) or - isToolchainQueryMetadata(query, queryId, ruleId) or - isTrustBoundariesQueryMetadata(query, queryId, ruleId) or - isTypeRangesQueryMetadata(query, queryId, ruleId) or - isUninitializedQueryMetadata(query, queryId, ruleId) or - isVirtualFunctionsQueryMetadata(query, queryId, ruleId) +predicate isQueryMetadata(Query query, string queryId, string ruleId, string category) { + isAllocationsQueryMetadata(query, queryId, ruleId, category) or + isBannedFunctionsQueryMetadata(query, queryId, ruleId, category) or + isBannedLibrariesQueryMetadata(query, queryId, ruleId, category) or + isBannedSyntaxQueryMetadata(query, queryId, ruleId, category) or + isBannedTypesQueryMetadata(query, queryId, ruleId, category) or + isClassesQueryMetadata(query, queryId, ruleId, category) or + isCommentsQueryMetadata(query, queryId, ruleId, category) or + isConcurrencyQueryMetadata(query, queryId, ruleId, category) or + isConditionalsQueryMetadata(query, queryId, ruleId, category) or + isConstQueryMetadata(query, queryId, ruleId, category) or + isDeadCodeQueryMetadata(query, queryId, ruleId, category) or + isDeclarationsQueryMetadata(query, queryId, ruleId, category) or + isExceptionSafetyQueryMetadata(query, queryId, ruleId, category) or + isExceptions1QueryMetadata(query, queryId, ruleId, category) or + isExceptions2QueryMetadata(query, queryId, ruleId, category) or + isExpressionsQueryMetadata(query, queryId, ruleId, category) or + isFreedQueryMetadata(query, queryId, ruleId, category) or + isFunctionsQueryMetadata(query, queryId, ruleId, category) or + isIOQueryMetadata(query, queryId, ruleId, category) or + isIncludesQueryMetadata(query, queryId, ruleId, category) or + isInheritanceQueryMetadata(query, queryId, ruleId, category) or + isInitializationQueryMetadata(query, queryId, ruleId, category) or + isIntegerConversionQueryMetadata(query, queryId, ruleId, category) or + isInvariantsQueryMetadata(query, queryId, ruleId, category) or + isIteratorsQueryMetadata(query, queryId, ruleId, category) or + isLambdasQueryMetadata(query, queryId, ruleId, category) or + isLiteralsQueryMetadata(query, queryId, ruleId, category) or + isLoopsQueryMetadata(query, queryId, ruleId, category) or + isMacrosQueryMetadata(query, queryId, ruleId, category) or + isMoveForwardQueryMetadata(query, queryId, ruleId, category) or + isNamingQueryMetadata(query, queryId, ruleId, category) or + isNullQueryMetadata(query, queryId, ruleId, category) or + isOperatorInvariantsQueryMetadata(query, queryId, ruleId, category) or + isOperatorsQueryMetadata(query, queryId, ruleId, category) or + isOrderOfEvaluationQueryMetadata(query, queryId, ruleId, category) or + isOutOfBoundsQueryMetadata(query, queryId, ruleId, category) or + isPointersQueryMetadata(query, queryId, ruleId, category) or + isRepresentationQueryMetadata(query, queryId, ruleId, category) or + isScopeQueryMetadata(query, queryId, ruleId, category) or + isSideEffects1QueryMetadata(query, queryId, ruleId, category) or + isSideEffects2QueryMetadata(query, queryId, ruleId, category) or + isSmartPointers1QueryMetadata(query, queryId, ruleId, category) or + isSmartPointers2QueryMetadata(query, queryId, ruleId, category) or + isStringsQueryMetadata(query, queryId, ruleId, category) or + isTemplatesQueryMetadata(query, queryId, ruleId, category) or + isToolchainQueryMetadata(query, queryId, ruleId, category) or + isTrustBoundariesQueryMetadata(query, queryId, ruleId, category) or + isTypeRangesQueryMetadata(query, queryId, ruleId, category) or + isUninitializedQueryMetadata(query, queryId, ruleId, category) or + isVirtualFunctionsQueryMetadata(query, queryId, ruleId, category) } diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Scope.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Scope.qll index 0157347d3b..c4a21040eb 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Scope.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Scope.qll @@ -22,14 +22,15 @@ newtype ScopeQuery = TUnnamedNamespaceInHeaderFileQuery() or TOneDefinitionRuleNotObeyedQuery() -predicate isScopeQueryMetadata(Query query, string queryId, string ruleId) { +predicate isScopeQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `nonStandardEntitiesInStandardNamespaces` query ScopePackage::nonStandardEntitiesInStandardNamespacesQuery() and queryId = // `@id` for the `nonStandardEntitiesInStandardNamespaces` query "cpp/autosar/non-standard-entities-in-standard-namespaces" and - ruleId = "A17-6-1" + ruleId = "A17-6-1" and + category = "required" or query = // `Query` instance for the `externalLinkageArrayWithoutExplicitSize` query @@ -37,7 +38,8 @@ predicate isScopeQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `externalLinkageArrayWithoutExplicitSize` query "cpp/autosar/external-linkage-array-without-explicit-size" and - ruleId = "A3-1-4" + ruleId = "A3-1-4" and + category = "required" or query = // `Query` instance for the `hiddenInheritedNonOverridableMemberFunction` query @@ -45,7 +47,8 @@ predicate isScopeQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `hiddenInheritedNonOverridableMemberFunction` query "cpp/autosar/hidden-inherited-non-overridable-member-function" and - ruleId = "A7-3-1" + ruleId = "A7-3-1" and + category = "required" or query = // `Query` instance for the `hiddenInheritedOverridableMemberFunction` query @@ -53,7 +56,8 @@ predicate isScopeQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `hiddenInheritedOverridableMemberFunction` query "cpp/autosar/hidden-inherited-overridable-member-function" and - ruleId = "A7-3-1" + ruleId = "A7-3-1" and + category = "required" or query = // `Query` instance for the `definitionNotConsideredForUnqualifiedLookup` query @@ -61,7 +65,8 @@ predicate isScopeQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `definitionNotConsideredForUnqualifiedLookup` query "cpp/autosar/definition-not-considered-for-unqualified-lookup" and - ruleId = "A7-3-1" + ruleId = "A7-3-1" and + category = "required" or query = // `Query` instance for the `oneDefinitionRuleViolation` query @@ -69,7 +74,8 @@ predicate isScopeQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `oneDefinitionRuleViolation` query "cpp/autosar/one-definition-rule-violation" and - ruleId = "M3-2-2" + ruleId = "M3-2-2" and + category = "required" or query = // `Query` instance for the `multipleDeclarationViolation` query @@ -77,7 +83,8 @@ predicate isScopeQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `multipleDeclarationViolation` query "cpp/autosar/multiple-declaration-violation" and - ruleId = "M3-2-3" + ruleId = "M3-2-3" and + category = "required" or query = // `Query` instance for the `identifierWithExternalLinkageShallHaveOneDefinition` query @@ -85,7 +92,8 @@ predicate isScopeQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `identifierWithExternalLinkageShallHaveOneDefinition` query "cpp/autosar/identifier-with-external-linkage-shall-have-one-definition" and - ruleId = "M3-2-4" + ruleId = "M3-2-4" and + category = "required" or query = // `Query` instance for the `missingStaticSpecifierOnFunctionRedeclaration` query @@ -93,7 +101,8 @@ predicate isScopeQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `missingStaticSpecifierOnFunctionRedeclaration` query "cpp/autosar/missing-static-specifier-on-function-redeclaration" and - ruleId = "M3-3-2" + ruleId = "M3-3-2" and + category = "required" or query = // `Query` instance for the `unnecessaryExposedIdentifierDeclaration` query @@ -101,7 +110,8 @@ predicate isScopeQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `unnecessaryExposedIdentifierDeclaration` query "cpp/autosar/unnecessary-exposed-identifier-declaration" and - ruleId = "M3-4-1" + ruleId = "M3-4-1" and + category = "required" or query = // `Query` instance for the `globalNamespaceMembershipViolation` query @@ -109,7 +119,8 @@ predicate isScopeQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `globalNamespaceMembershipViolation` query "cpp/autosar/global-namespace-membership-violation" and - ruleId = "M7-3-1" + ruleId = "M7-3-1" and + category = "required" or query = // `Query` instance for the `localFunctionDeclaration` query @@ -117,7 +128,8 @@ predicate isScopeQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `localFunctionDeclaration` query "cpp/cert/local-function-declaration" and - ruleId = "DCL53-CPP" + ruleId = "DCL53-CPP" and + category = "rule" or query = // `Query` instance for the `localConstructorInitializedObjectHidesIdentifier` query @@ -125,7 +137,8 @@ predicate isScopeQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `localConstructorInitializedObjectHidesIdentifier` query "cpp/cert/local-constructor-initialized-object-hides-identifier" and - ruleId = "DCL53-CPP" + ruleId = "DCL53-CPP" and + category = "rule" or query = // `Query` instance for the `singularOverloadOfMemoryFunction` query @@ -133,7 +146,8 @@ predicate isScopeQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `singularOverloadOfMemoryFunction` query "cpp/cert/singular-overload-of-memory-function" and - ruleId = "DCL54-CPP" + ruleId = "DCL54-CPP" and + category = "rule" or query = // `Query` instance for the `modificationOfTheStandardNamespaces` query @@ -141,7 +155,8 @@ predicate isScopeQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `modificationOfTheStandardNamespaces` query "cpp/cert/modification-of-the-standard-namespaces" and - ruleId = "DCL58-CPP" + ruleId = "DCL58-CPP" and + category = "rule" or query = // `Query` instance for the `unnamedNamespaceInHeaderFile` query @@ -149,7 +164,8 @@ predicate isScopeQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `unnamedNamespaceInHeaderFile` query "cpp/cert/unnamed-namespace-in-header-file" and - ruleId = "DCL59-CPP" + ruleId = "DCL59-CPP" and + category = "rule" or query = // `Query` instance for the `oneDefinitionRuleNotObeyed` query @@ -157,7 +173,8 @@ predicate isScopeQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `oneDefinitionRuleNotObeyed` query "cpp/cert/one-definition-rule-not-obeyed" and - ruleId = "DCL60-CPP" + ruleId = "DCL60-CPP" and + category = "rule" } module ScopePackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/SideEffects1.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/SideEffects1.qll index 03a0ea4f70..37f323a6cb 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/SideEffects1.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/SideEffects1.qll @@ -15,14 +15,15 @@ newtype SideEffects1Query = TDoNotRelyOnSideEffectsInDeclTypeOperandQuery() or TDoNotRelyOnSideEffectsInDeclValExpressionQuery() -predicate isSideEffects1QueryMetadata(Query query, string queryId, string ruleId) { +predicate isSideEffects1QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `evaluationOfTheOperandToTheTypeidOperatorContainSideEffects` query SideEffects1Package::evaluationOfTheOperandToTheTypeidOperatorContainSideEffectsQuery() and queryId = // `@id` for the `evaluationOfTheOperandToTheTypeidOperatorContainSideEffects` query "cpp/autosar/evaluation-of-the-operand-to-the-typeid-operator-contain-side-effects" and - ruleId = "A5-3-1" + ruleId = "A5-3-1" and + category = "required" or query = // `Query` instance for the `rightHandOperandOfALogicalAndOperatorsContainSideEffects` query @@ -30,7 +31,8 @@ predicate isSideEffects1QueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `rightHandOperandOfALogicalAndOperatorsContainSideEffects` query "cpp/autosar/right-hand-operand-of-a-logical-and-operators-contain-side-effects" and - ruleId = "M5-14-1" + ruleId = "M5-14-1" and + category = "required" or query = // `Query` instance for the `evaluationOfTheOperandToTheSizeofOperatorContainSideEffects` query @@ -38,7 +40,8 @@ predicate isSideEffects1QueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `evaluationOfTheOperandToTheSizeofOperatorContainSideEffects` query "cpp/autosar/evaluation-of-the-operand-to-the-sizeof-operator-contain-side-effects" and - ruleId = "M5-3-4" + ruleId = "M5-3-4" and + category = "required" or query = // `Query` instance for the `doNotDependOnTheOrderOfScalarObjectEvaluationForSideEffects` query @@ -46,7 +49,8 @@ predicate isSideEffects1QueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `doNotDependOnTheOrderOfScalarObjectEvaluationForSideEffects` query "cpp/cert/do-not-depend-on-the-order-of-scalar-object-evaluation-for-side-effects" and - ruleId = "EXP50-CPP" + ruleId = "EXP50-CPP" and + category = "rule" or query = // `Query` instance for the `doNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments` query @@ -54,7 +58,8 @@ predicate isSideEffects1QueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `doNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments` query "cpp/cert/do-not-depend-on-the-order-of-evaluation-for-side-effects-in-function-calls-as-function-arguments" and - ruleId = "EXP50-CPP" + ruleId = "EXP50-CPP" and + category = "rule" or query = // `Query` instance for the `doNotRelyOnSideEffectsInSizeOfOperand` query @@ -62,7 +67,8 @@ predicate isSideEffects1QueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `doNotRelyOnSideEffectsInSizeOfOperand` query "cpp/cert/do-not-rely-on-side-effects-in-size-of-operand" and - ruleId = "EXP52-CPP" + ruleId = "EXP52-CPP" and + category = "rule" or query = // `Query` instance for the `doNotRelyOnSideEffectsInTypeIdOperand` query @@ -70,7 +76,8 @@ predicate isSideEffects1QueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `doNotRelyOnSideEffectsInTypeIdOperand` query "cpp/cert/do-not-rely-on-side-effects-in-type-id-operand" and - ruleId = "EXP52-CPP" + ruleId = "EXP52-CPP" and + category = "rule" or query = // `Query` instance for the `doNotRelyOnSideEffectsInNoExceptOperand` query @@ -78,7 +85,8 @@ predicate isSideEffects1QueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `doNotRelyOnSideEffectsInNoExceptOperand` query "cpp/cert/do-not-rely-on-side-effects-in-no-except-operand" and - ruleId = "EXP52-CPP" + ruleId = "EXP52-CPP" and + category = "rule" or query = // `Query` instance for the `doNotRelyOnSideEffectsInDeclTypeOperand` query @@ -86,7 +94,8 @@ predicate isSideEffects1QueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `doNotRelyOnSideEffectsInDeclTypeOperand` query "cpp/cert/do-not-rely-on-side-effects-in-decl-type-operand" and - ruleId = "EXP52-CPP" + ruleId = "EXP52-CPP" and + category = "rule" or query = // `Query` instance for the `doNotRelyOnSideEffectsInDeclValExpression` query @@ -94,7 +103,8 @@ predicate isSideEffects1QueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `doNotRelyOnSideEffectsInDeclValExpression` query "cpp/cert/do-not-rely-on-side-effects-in-decl-val-expression" and - ruleId = "EXP52-CPP" + ruleId = "EXP52-CPP" and + category = "rule" } module SideEffects1Package { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/SideEffects2.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/SideEffects2.qll index ba930c214c..7ba094b13e 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/SideEffects2.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/SideEffects2.qll @@ -14,14 +14,15 @@ newtype SideEffects2Query = TFunctionsWithVoidReturnTypeShallHaveExternalSideEffectsQuery() or TPredicateFunctionObjectsShouldNotBeMutableQuery() -predicate isSideEffects2QueryMetadata(Query query, string queryId, string ruleId) { +predicate isSideEffects2QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `moveConstructorShallOnlyMoveObject` query SideEffects2Package::moveConstructorShallOnlyMoveObjectQuery() and queryId = // `@id` for the `moveConstructorShallOnlyMoveObject` query "cpp/autosar/move-constructor-shall-only-move-object" and - ruleId = "A12-8-1" + ruleId = "A12-8-1" and + category = "required" or query = // `Query` instance for the `copyConstructorShallOnlyCopyObject` query @@ -29,7 +30,8 @@ predicate isSideEffects2QueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `copyConstructorShallOnlyCopyObject` query "cpp/autosar/copy-constructor-shall-only-copy-object" and - ruleId = "A12-8-1" + ruleId = "A12-8-1" and + category = "required" or query = // `Query` instance for the `userDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters` query @@ -37,7 +39,8 @@ predicate isSideEffects2QueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `userDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters` query "cpp/autosar/user-defined-literals-operators-shall-only-perform-conversion-of-passed-parameters" and - ruleId = "A13-1-3" + ruleId = "A13-1-3" and + category = "required" or query = // `Query` instance for the `userDefinedLiteralsOperatorsShallNotHaveSideEffects` query @@ -45,7 +48,8 @@ predicate isSideEffects2QueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `userDefinedLiteralsOperatorsShallNotHaveSideEffects` query "cpp/autosar/user-defined-literals-operators-shall-not-have-side-effects" and - ruleId = "A13-1-3" + ruleId = "A13-1-3" and + category = "required" or query = // `Query` instance for the `stateRelatedToFunctionObjectIdentityShallNotBeCopied` query @@ -53,7 +57,8 @@ predicate isSideEffects2QueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `stateRelatedToFunctionObjectIdentityShallNotBeCopied` query "cpp/autosar/state-related-to-function-object-identity-shall-not-be-copied" and - ruleId = "A25-1-1" + ruleId = "A25-1-1" and + category = "required" or query = // `Query` instance for the `moveOperatorShallOnlyMoveObject` query @@ -61,7 +66,8 @@ predicate isSideEffects2QueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `moveOperatorShallOnlyMoveObject` query "cpp/autosar/move-operator-shall-only-move-object" and - ruleId = "A6-2-1" + ruleId = "A6-2-1" and + category = "required" or query = // `Query` instance for the `copyOperatorShallOnlyCopyObject` query @@ -69,7 +75,8 @@ predicate isSideEffects2QueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `copyOperatorShallOnlyCopyObject` query "cpp/autosar/copy-operator-shall-only-copy-object" and - ruleId = "A6-2-1" + ruleId = "A6-2-1" and + category = "required" or query = // `Query` instance for the `functionsWithVoidReturnTypeShallHaveExternalSideEffects` query @@ -77,7 +84,8 @@ predicate isSideEffects2QueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `functionsWithVoidReturnTypeShallHaveExternalSideEffects` query "cpp/autosar/functions-with-void-return-type-shall-have-external-side-effects" and - ruleId = "M0-1-8" + ruleId = "M0-1-8" and + category = "required" or query = // `Query` instance for the `predicateFunctionObjectsShouldNotBeMutable` query @@ -85,7 +93,8 @@ predicate isSideEffects2QueryMetadata(Query query, string queryId, string ruleId queryId = // `@id` for the `predicateFunctionObjectsShouldNotBeMutable` query "cpp/cert/predicate-function-objects-should-not-be-mutable" and - ruleId = "CTR58-CPP" + ruleId = "CTR58-CPP" and + category = "rule" } module SideEffects2Package { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/SmartPointers1.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/SmartPointers1.qll index 7750c2396b..5b11807014 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/SmartPointers1.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/SmartPointers1.qll @@ -14,14 +14,15 @@ newtype SmartPointers1Query = TUniquePtrPassedToFunctionWithImproperSemanticsQuery() or TSharedPtrPassedToFunctionWithImproperSemanticsQuery() -predicate isSmartPointers1QueryMetadata(Query query, string queryId, string ruleId) { +predicate isSmartPointers1QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `ownedPointerValueStoredInUnrelatedSmartPointerAsar` query SmartPointers1Package::ownedPointerValueStoredInUnrelatedSmartPointerAsarQuery() and queryId = // `@id` for the `ownedPointerValueStoredInUnrelatedSmartPointerAsar` query "cpp/autosar/owned-pointer-value-stored-in-unrelated-smart-pointer-asar" and - ruleId = "A20-8-1" + ruleId = "A20-8-1" and + category = "required" or query = // `Query` instance for the `uniquePtrNotUsedToRepresentExclusiveOwnership` query @@ -29,7 +30,8 @@ predicate isSmartPointers1QueryMetadata(Query query, string queryId, string rule queryId = // `@id` for the `uniquePtrNotUsedToRepresentExclusiveOwnership` query "cpp/autosar/unique-ptr-not-used-to-represent-exclusive-ownership" and - ruleId = "A20-8-2" + ruleId = "A20-8-2" and + category = "required" or query = // `Query` instance for the `sharedPtrNotUsedToRepresentSharedOwnership` query @@ -37,7 +39,8 @@ predicate isSmartPointers1QueryMetadata(Query query, string queryId, string rule queryId = // `@id` for the `sharedPtrNotUsedToRepresentSharedOwnership` query "cpp/autosar/shared-ptr-not-used-to-represent-shared-ownership" and - ruleId = "A20-8-3" + ruleId = "A20-8-3" and + category = "required" or query = // `Query` instance for the `sharedPointerUsedWithNoOwnershipSharing` query @@ -45,7 +48,8 @@ predicate isSmartPointers1QueryMetadata(Query query, string queryId, string rule queryId = // `@id` for the `sharedPointerUsedWithNoOwnershipSharing` query "cpp/autosar/shared-pointer-used-with-no-ownership-sharing" and - ruleId = "A20-8-4" + ruleId = "A20-8-4" and + category = "required" or query = // `Query` instance for the `makeUniqueNotUsedToConstructObjectOwnedByUniquePtr` query @@ -53,7 +57,8 @@ predicate isSmartPointers1QueryMetadata(Query query, string queryId, string rule queryId = // `@id` for the `makeUniqueNotUsedToConstructObjectOwnedByUniquePtr` query "cpp/autosar/make-unique-not-used-to-construct-object-owned-by-unique-ptr" and - ruleId = "A20-8-5" + ruleId = "A20-8-5" and + category = "required" or query = // `Query` instance for the `makeSharedNotUsedToConstructObjectOwnedBySharedPtr` query @@ -61,7 +66,8 @@ predicate isSmartPointers1QueryMetadata(Query query, string queryId, string rule queryId = // `@id` for the `makeSharedNotUsedToConstructObjectOwnedBySharedPtr` query "cpp/autosar/make-shared-not-used-to-construct-object-owned-by-shared-ptr" and - ruleId = "A20-8-6" + ruleId = "A20-8-6" and + category = "required" or query = // `Query` instance for the `smartPointerAsParameterWithoutLifetimeSemantics` query @@ -69,7 +75,8 @@ predicate isSmartPointers1QueryMetadata(Query query, string queryId, string rule queryId = // `@id` for the `smartPointerAsParameterWithoutLifetimeSemantics` query "cpp/autosar/smart-pointer-as-parameter-without-lifetime-semantics" and - ruleId = "A8-4-11" + ruleId = "A8-4-11" and + category = "required" or query = // `Query` instance for the `uniquePtrPassedToFunctionWithImproperSemantics` query @@ -77,7 +84,8 @@ predicate isSmartPointers1QueryMetadata(Query query, string queryId, string rule queryId = // `@id` for the `uniquePtrPassedToFunctionWithImproperSemantics` query "cpp/autosar/unique-ptr-passed-to-function-with-improper-semantics" and - ruleId = "A8-4-12" + ruleId = "A8-4-12" and + category = "required" or query = // `Query` instance for the `sharedPtrPassedToFunctionWithImproperSemantics` query @@ -85,7 +93,8 @@ predicate isSmartPointers1QueryMetadata(Query query, string queryId, string rule queryId = // `@id` for the `sharedPtrPassedToFunctionWithImproperSemantics` query "cpp/autosar/shared-ptr-passed-to-function-with-improper-semantics" and - ruleId = "A8-4-13" + ruleId = "A8-4-13" and + category = "required" } module SmartPointers1Package { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/SmartPointers2.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/SmartPointers2.qll index a64b418f2d..aa0755a024 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/SmartPointers2.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/SmartPointers2.qll @@ -7,14 +7,15 @@ newtype SmartPointers2Query = TWeakPtrNotUsedToRepresentTemporarySharedOwnershipQuery() or TOwnedPointerValueStoredInUnrelatedSmartPointerCertQuery() -predicate isSmartPointers2QueryMetadata(Query query, string queryId, string ruleId) { +predicate isSmartPointers2QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `weakPtrNotUsedToRepresentTemporarySharedOwnership` query SmartPointers2Package::weakPtrNotUsedToRepresentTemporarySharedOwnershipQuery() and queryId = // `@id` for the `weakPtrNotUsedToRepresentTemporarySharedOwnership` query "cpp/autosar/weak-ptr-not-used-to-represent-temporary-shared-ownership" and - ruleId = "A20-8-7" + ruleId = "A20-8-7" and + category = "required" or query = // `Query` instance for the `ownedPointerValueStoredInUnrelatedSmartPointerCert` query @@ -22,7 +23,8 @@ predicate isSmartPointers2QueryMetadata(Query query, string queryId, string rule queryId = // `@id` for the `ownedPointerValueStoredInUnrelatedSmartPointerCert` query "cpp/cert/owned-pointer-value-stored-in-unrelated-smart-pointer-cert" and - ruleId = "MEM56-CPP" + ruleId = "MEM56-CPP" and + category = "rule" } module SmartPointers2Package { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Strings.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Strings.qll index 457bac01b7..e40e1e7d7f 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Strings.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Strings.qll @@ -13,14 +13,15 @@ newtype StringsQuery = TBasicStringMayNotBeNullTerminatedCertQuery() or TOperationMayNotNullTerminateCStyleStringCertQuery() -predicate isStringsQueryMetadata(Query query, string queryId, string ruleId) { +predicate isStringsQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `stringLiteralsAssignedToNonConstantPointers` query StringsPackage::stringLiteralsAssignedToNonConstantPointersQuery() and queryId = // `@id` for the `stringLiteralsAssignedToNonConstantPointers` query "cpp/autosar/string-literals-assigned-to-non-constant-pointers" and - ruleId = "A2-13-4" + ruleId = "A2-13-4" and + category = "required" or query = // `Query` instance for the `basicStringMayNotBeNullTerminatedAutosar` query @@ -28,7 +29,8 @@ predicate isStringsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `basicStringMayNotBeNullTerminatedAutosar` query "cpp/autosar/basic-string-may-not-be-null-terminated-autosar" and - ruleId = "A27-0-2" + ruleId = "A27-0-2" and + category = "advisory" or query = // `Query` instance for the `operationMayNotNullTerminateCStyleStringAutosar` query @@ -36,7 +38,8 @@ predicate isStringsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `operationMayNotNullTerminateCStyleStringAutosar` query "cpp/autosar/operation-may-not-null-terminate-c-style-string-autosar" and - ruleId = "A27-0-2" + ruleId = "A27-0-2" and + category = "advisory" or query = // `Query` instance for the `cStyleStringsUsed` query @@ -44,7 +47,8 @@ predicate isStringsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `cStyleStringsUsed` query "cpp/autosar/c-style-strings-used" and - ruleId = "A27-0-4" + ruleId = "A27-0-4" and + category = "required" or query = // `Query` instance for the `plainCharTypeShallOnlyBeUsedForTheStorageAndUseOfCharacterValues` query @@ -52,7 +56,8 @@ predicate isStringsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `plainCharTypeShallOnlyBeUsedForTheStorageAndUseOfCharacterValues` query "cpp/autosar/plain-char-type-shall-only-be-used-for-the-storage-and-use-of-character-values" and - ruleId = "M5-0-11" + ruleId = "M5-0-11" and + category = "required" or query = // `Query` instance for the `signedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues` query @@ -60,7 +65,8 @@ predicate isStringsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `signedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues` query "cpp/autosar/signed-char-and-unsigned-char-type-shall-only-be-used-for-the-storage-and-use-of-numeric-values" and - ruleId = "M5-0-12" + ruleId = "M5-0-12" and + category = "required" or query = // `Query` instance for the `basicStringMayNotBeNullTerminatedCert` query @@ -68,7 +74,8 @@ predicate isStringsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `basicStringMayNotBeNullTerminatedCert` query "cpp/cert/basic-string-may-not-be-null-terminated-cert" and - ruleId = "STR50-CPP" + ruleId = "STR50-CPP" and + category = "rule" or query = // `Query` instance for the `operationMayNotNullTerminateCStyleStringCert` query @@ -76,7 +83,8 @@ predicate isStringsQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `operationMayNotNullTerminateCStyleStringCert` query "cpp/cert/operation-may-not-null-terminate-c-style-string-cert" and - ruleId = "STR50-CPP" + ruleId = "STR50-CPP" and + category = "rule" } module StringsPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Templates.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Templates.qll index 5ad07851ab..d5eeb959a4 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Templates.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Templates.qll @@ -13,14 +13,15 @@ newtype TemplatesQuery = TNameNotReferredUsingAQualifiedIdOrThisQuery() or TNameNotReferredUsingAQualifiedIdOrThisAuditQuery() -predicate isTemplatesQueryMetadata(Query query, string queryId, string ruleId) { +predicate isTemplatesQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `templateShouldCheckArg` query TemplatesPackage::templateShouldCheckArgQuery() and queryId = // `@id` for the `templateShouldCheckArg` query "cpp/autosar/template-should-check-arg" and - ruleId = "A14-1-1" + ruleId = "A14-1-1" and + category = "advisory" or query = // `Query` instance for the `templateConstructorOverloadResolution` query @@ -28,7 +29,8 @@ predicate isTemplatesQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `templateConstructorOverloadResolution` query "cpp/autosar/template-constructor-overload-resolution" and - ruleId = "A14-5-1" + ruleId = "A14-5-1" and + category = "required" or query = // `Query` instance for the `typeUsedAsTemplateArgShallProvideAllMembers` query @@ -36,7 +38,8 @@ predicate isTemplatesQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `typeUsedAsTemplateArgShallProvideAllMembers` query "cpp/autosar/type-used-as-template-arg-shall-provide-all-members" and - ruleId = "A14-7-1" + ruleId = "A14-7-1" and + category = "required" or query = // `Query` instance for the `templateSpecializationNotDeclaredInTheSameFile` query @@ -44,7 +47,8 @@ predicate isTemplatesQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `templateSpecializationNotDeclaredInTheSameFile` query "cpp/autosar/template-specialization-not-declared-in-the-same-file" and - ruleId = "A14-7-2" + ruleId = "A14-7-2" and + category = "required" or query = // `Query` instance for the `explicitSpecializationsOfFunctionTemplatesUsed` query @@ -52,7 +56,8 @@ predicate isTemplatesQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `explicitSpecializationsOfFunctionTemplatesUsed` query "cpp/autosar/explicit-specializations-of-function-templates-used" and - ruleId = "A14-8-2" + ruleId = "A14-8-2" and + category = "required" or query = // `Query` instance for the `copyAssignmentOperatorNotDeclared` query @@ -60,7 +65,8 @@ predicate isTemplatesQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `copyAssignmentOperatorNotDeclared` query "cpp/autosar/copy-assignment-operator-not-declared" and - ruleId = "M14-5-3" + ruleId = "M14-5-3" and + category = "required" or query = // `Query` instance for the `nameNotReferredUsingAQualifiedIdOrThis` query @@ -68,7 +74,8 @@ predicate isTemplatesQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `nameNotReferredUsingAQualifiedIdOrThis` query "cpp/autosar/name-not-referred-using-a-qualified-id-or-this" and - ruleId = "M14-6-1" + ruleId = "M14-6-1" and + category = "required" or query = // `Query` instance for the `nameNotReferredUsingAQualifiedIdOrThisAudit` query @@ -76,7 +83,8 @@ predicate isTemplatesQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `nameNotReferredUsingAQualifiedIdOrThisAudit` query "cpp/autosar/name-not-referred-using-a-qualified-id-or-this-audit" and - ruleId = "M14-6-1" + ruleId = "M14-6-1" and + category = "required" } module TemplatesPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Toolchain.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Toolchain.qll index 969405c785..7dcf9f523a 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Toolchain.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Toolchain.qll @@ -16,14 +16,15 @@ newtype ToolchainQuery = TCompilerWarningLevelNotInComplianceQuery() or TUncompliantOptimizationOptionMustBeDisabledInCompilerQuery() -predicate isToolchainQueryMetadata(Query query, string queryId, string ruleId) { +predicate isToolchainQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `floatingPointImplementationShallComplyWithIeeeStandard` query ToolchainPackage::floatingPointImplementationShallComplyWithIeeeStandardQuery() and queryId = // `@id` for the `floatingPointImplementationShallComplyWithIeeeStandard` query "cpp/autosar/floating-point-implementation-shall-comply-with-ieee-standard" and - ruleId = "A0-4-1" + ruleId = "A0-4-1" and + category = "required" or query = // `Query` instance for the `compilerImplementationShallComplyWithCPP14Standard` query @@ -31,7 +32,8 @@ predicate isToolchainQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `compilerImplementationShallComplyWithCPP14Standard` query "cpp/autosar/compiler-implementation-shall-comply-with-cpp14standard" and - ruleId = "A0-4-3" + ruleId = "A0-4-3" and + category = "required" or query = // `Query` instance for the `incrementOperatorWithBoolOperandIsDeprecated` query @@ -39,7 +41,8 @@ predicate isToolchainQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `incrementOperatorWithBoolOperandIsDeprecated` query "cpp/autosar/increment-operator-with-bool-operand-is-deprecated" and - ruleId = "A1-1-1" + ruleId = "A1-1-1" and + category = "required" or query = // `Query` instance for the `registerKeywordIsDeprecated` query @@ -47,7 +50,8 @@ predicate isToolchainQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `registerKeywordIsDeprecated` query "cpp/autosar/register-keyword-is-deprecated" and - ruleId = "A1-1-1" + ruleId = "A1-1-1" and + category = "required" or query = // `Query` instance for the `implicitCopyConstructorIsDeprecated` query @@ -55,7 +59,8 @@ predicate isToolchainQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `implicitCopyConstructorIsDeprecated` query "cpp/autosar/implicit-copy-constructor-is-deprecated" and - ruleId = "A1-1-1" + ruleId = "A1-1-1" and + category = "required" or query = // `Query` instance for the `implicitCopyAssignmentOperatorIsDeprecated` query @@ -63,7 +68,8 @@ predicate isToolchainQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `implicitCopyAssignmentOperatorIsDeprecated` query "cpp/autosar/implicit-copy-assignment-operator-is-deprecated" and - ruleId = "A1-1-1" + ruleId = "A1-1-1" and + category = "required" or query = // `Query` instance for the `dynamicExceptionsAreDeprecated` query @@ -71,7 +77,8 @@ predicate isToolchainQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `dynamicExceptionsAreDeprecated` query "cpp/autosar/dynamic-exceptions-are-deprecated" and - ruleId = "A1-1-1" + ruleId = "A1-1-1" and + category = "required" or query = // `Query` instance for the `cStandardLibraryHeadersAreDeprecated` query @@ -79,7 +86,8 @@ predicate isToolchainQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `cStandardLibraryHeadersAreDeprecated` query "cpp/autosar/c-standard-library-headers-are-deprecated" and - ruleId = "A1-1-1" + ruleId = "A1-1-1" and + category = "required" or query = // `Query` instance for the `strstreamTypesAreDeprecated` query @@ -87,7 +95,8 @@ predicate isToolchainQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `strstreamTypesAreDeprecated` query "cpp/autosar/strstream-types-are-deprecated" and - ruleId = "A1-1-1" + ruleId = "A1-1-1" and + category = "required" or query = // `Query` instance for the `compilerWarningLevelNotInCompliance` query @@ -95,7 +104,8 @@ predicate isToolchainQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `compilerWarningLevelNotInCompliance` query "cpp/autosar/compiler-warning-level-not-in-compliance" and - ruleId = "A1-1-2" + ruleId = "A1-1-2" and + category = "required" or query = // `Query` instance for the `uncompliantOptimizationOptionMustBeDisabledInCompiler` query @@ -103,7 +113,8 @@ predicate isToolchainQueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `uncompliantOptimizationOptionMustBeDisabledInCompiler` query "cpp/autosar/uncompliant-optimization-option-must-be-disabled-in-compiler" and - ruleId = "A1-1-3" + ruleId = "A1-1-3" and + category = "required" } module ToolchainPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/TrustBoundaries.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/TrustBoundaries.qll index b6135deba8..38014aea5f 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/TrustBoundaries.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/TrustBoundaries.qll @@ -8,14 +8,15 @@ newtype TrustBoundariesQuery = TDoNotThrowAnExceptionAcrossExecutionBoundariesQuery() or TDoNotPassANonstandardObjectAcrossBoundariesQuery() -predicate isTrustBoundariesQueryMetadata(Query query, string queryId, string ruleId) { +predicate isTrustBoundariesQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `exceptionsThrownAcrossExecutionBoundaries` query TrustBoundariesPackage::exceptionsThrownAcrossExecutionBoundariesQuery() and queryId = // `@id` for the `exceptionsThrownAcrossExecutionBoundaries` query "cpp/autosar/exceptions-thrown-across-execution-boundaries" and - ruleId = "A15-1-5" + ruleId = "A15-1-5" and + category = "required" or query = // `Query` instance for the `doNotThrowAnExceptionAcrossExecutionBoundaries` query @@ -23,7 +24,8 @@ predicate isTrustBoundariesQueryMetadata(Query query, string queryId, string rul queryId = // `@id` for the `doNotThrowAnExceptionAcrossExecutionBoundaries` query "cpp/cert/do-not-throw-an-exception-across-execution-boundaries" and - ruleId = "ERR59-CPP" + ruleId = "ERR59-CPP" and + category = "rule" or query = // `Query` instance for the `doNotPassANonstandardObjectAcrossBoundaries` query @@ -31,7 +33,8 @@ predicate isTrustBoundariesQueryMetadata(Query query, string queryId, string rul queryId = // `@id` for the `doNotPassANonstandardObjectAcrossBoundaries` query "cpp/cert/do-not-pass-a-nonstandard-object-across-boundaries" and - ruleId = "EXP60-CPP" + ruleId = "EXP60-CPP" and + category = "rule" } module TrustBoundariesPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/TypeRanges.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/TypeRanges.qll index 5104a03793..4dce9bbfe7 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/TypeRanges.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/TypeRanges.qll @@ -15,14 +15,15 @@ newtype TypeRangesQuery = TDetectErrorsWhenConvertingAStringToANumberQuery() or TDoNotCastToAnOutOfRangeEnumerationValueQuery() -predicate isTypeRangesQueryMetadata(Query query, string queryId, string ruleId) { +predicate isTypeRangesQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `uncheckedRangeDomainPoleErrors` query TypeRangesPackage::uncheckedRangeDomainPoleErrorsQuery() and queryId = // `@id` for the `uncheckedRangeDomainPoleErrors` query "cpp/autosar/unchecked-range-domain-pole-errors" and - ruleId = "A0-4-4" + ruleId = "A0-4-4" and + category = "required" or query = // `Query` instance for the `stringNumberConversionMissingErrorCheck` query @@ -30,7 +31,8 @@ predicate isTypeRangesQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `stringNumberConversionMissingErrorCheck` query "cpp/autosar/string-number-conversion-missing-error-check" and - ruleId = "A18-0-2" + ruleId = "A18-0-2" and + category = "required" or query = // `Query` instance for the `useOfUnsafeCStringToNumberConversion` query @@ -38,7 +40,8 @@ predicate isTypeRangesQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `useOfUnsafeCStringToNumberConversion` query "cpp/autosar/use-of-unsafe-c-string-to-number-conversion" and - ruleId = "A18-0-2" + ruleId = "A18-0-2" and + category = "required" or query = // `Query` instance for the `signedValPassedToChar` query @@ -46,7 +49,8 @@ predicate isTypeRangesQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `signedValPassedToChar` query "cpp/autosar/signed-val-passed-to-char" and - ruleId = "A21-8-1" + ruleId = "A21-8-1" and + category = "required" or query = // `Query` instance for the `inputsFromIndependentComponentsNotValidated` query @@ -54,7 +58,8 @@ predicate isTypeRangesQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `inputsFromIndependentComponentsNotValidated` query "cpp/autosar/inputs-from-independent-components-not-validated" and - ruleId = "A27-0-1" + ruleId = "A27-0-1" and + category = "required" or query = // `Query` instance for the `nonEnumeratorEnumValue` query @@ -62,7 +67,8 @@ predicate isTypeRangesQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `nonEnumeratorEnumValue` query "cpp/autosar/non-enumerator-enum-value" and - ruleId = "A7-2-1" + ruleId = "A7-2-1" and + category = "required" or query = // `Query` instance for the `useOfEnumForRelatedConstants` query @@ -70,7 +76,8 @@ predicate isTypeRangesQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `useOfEnumForRelatedConstants` query "cpp/autosar/use-of-enum-for-related-constants" and - ruleId = "A7-2-5" + ruleId = "A7-2-5" and + category = "advisory" or query = // `Query` instance for the `integerUsedForEnum` query @@ -78,7 +85,8 @@ predicate isTypeRangesQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `integerUsedForEnum` query "cpp/autosar/integer-used-for-enum" and - ruleId = "A7-2-5" + ruleId = "A7-2-5" and + category = "advisory" or query = // `Query` instance for the `detectErrorsWhenConvertingAStringToANumber` query @@ -86,7 +94,8 @@ predicate isTypeRangesQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `detectErrorsWhenConvertingAStringToANumber` query "cpp/cert/detect-errors-when-converting-a-string-to-a-number" and - ruleId = "ERR62-CPP" + ruleId = "ERR62-CPP" and + category = "rule" or query = // `Query` instance for the `doNotCastToAnOutOfRangeEnumerationValue` query @@ -94,7 +103,8 @@ predicate isTypeRangesQueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `doNotCastToAnOutOfRangeEnumerationValue` query "cpp/cert/do-not-cast-to-an-out-of-range-enumeration-value" and - ruleId = "INT50-CPP" + ruleId = "INT50-CPP" and + category = "rule" } module TypeRangesPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Uninitialized.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Uninitialized.qll index ce5e0ad2a0..e5eddf1b04 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Uninitialized.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Uninitialized.qll @@ -8,14 +8,15 @@ newtype UninitializedQuery = TInformationLeakageAcrossTrustBoundariesQuery() or TDoNotReadUninitializedMemoryQuery() -predicate isUninitializedQueryMetadata(Query query, string queryId, string ruleId) { +predicate isUninitializedQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `memoryNotInitializedBeforeItIsRead` query UninitializedPackage::memoryNotInitializedBeforeItIsReadQuery() and queryId = // `@id` for the `memoryNotInitializedBeforeItIsRead` query "cpp/autosar/memory-not-initialized-before-it-is-read" and - ruleId = "A8-5-0" + ruleId = "A8-5-0" and + category = "required" or query = // `Query` instance for the `informationLeakageAcrossTrustBoundaries` query @@ -23,7 +24,8 @@ predicate isUninitializedQueryMetadata(Query query, string queryId, string ruleI queryId = // `@id` for the `informationLeakageAcrossTrustBoundaries` query "cpp/cert/information-leakage-across-trust-boundaries" and - ruleId = "DCL55-CPP" + ruleId = "DCL55-CPP" and + category = "rule" or query = // `Query` instance for the `doNotReadUninitializedMemory` query @@ -31,7 +33,8 @@ predicate isUninitializedQueryMetadata(Query query, string queryId, string ruleI queryId = // `@id` for the `doNotReadUninitializedMemory` query "cpp/cert/do-not-read-uninitialized-memory" and - ruleId = "EXP53-CPP" + ruleId = "EXP53-CPP" and + category = "rule" } module UninitializedPackage { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/VirtualFunctions.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/VirtualFunctions.qll index a55c48d4dd..bce43ef45c 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/VirtualFunctions.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/VirtualFunctions.qll @@ -13,14 +13,15 @@ newtype VirtualFunctionsQuery = TVirtualFunctionOverriddenByAPureVirtualFunctionQuery() or TVirtualFunctionParametersUseTheSameDefaultArgumentsQuery() -predicate isVirtualFunctionsQueryMetadata(Query query, string queryId, string ruleId) { +predicate isVirtualFunctionsQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `nonVirtualPublicOrProtectedFunctionsRedefined` query VirtualFunctionsPackage::nonVirtualPublicOrProtectedFunctionsRedefinedQuery() and queryId = // `@id` for the `nonVirtualPublicOrProtectedFunctionsRedefined` query "cpp/autosar/non-virtual-public-or-protected-functions-redefined" and - ruleId = "A10-2-1" + ruleId = "A10-2-1" and + category = "required" or query = // `Query` instance for the `virtualFunctionsShallContainOneSpecifier` query @@ -28,7 +29,8 @@ predicate isVirtualFunctionsQueryMetadata(Query query, string queryId, string ru queryId = // `@id` for the `virtualFunctionsShallContainOneSpecifier` query "cpp/autosar/virtual-functions-shall-contain-one-specifier" and - ruleId = "A10-3-1" + ruleId = "A10-3-1" and + category = "required" or query = // `Query` instance for the `overridingFunctionNotDeclaredOverrideOrFinal` query @@ -36,7 +38,8 @@ predicate isVirtualFunctionsQueryMetadata(Query query, string queryId, string ru queryId = // `@id` for the `overridingFunctionNotDeclaredOverrideOrFinal` query "cpp/autosar/overriding-function-not-declared-override-or-final" and - ruleId = "A10-3-2" + ruleId = "A10-3-2" and + category = "required" or query = // `Query` instance for the `virtualFunctionsIntroducedInFinalClass` query @@ -44,7 +47,8 @@ predicate isVirtualFunctionsQueryMetadata(Query query, string queryId, string ru queryId = // `@id` for the `virtualFunctionsIntroducedInFinalClass` query "cpp/autosar/virtual-functions-introduced-in-final-class" and - ruleId = "A10-3-3" + ruleId = "A10-3-3" and + category = "required" or query = // `Query` instance for the `destructorOfABaseClassNotPublicVirtual` query @@ -52,7 +56,8 @@ predicate isVirtualFunctionsQueryMetadata(Query query, string queryId, string ru queryId = // `@id` for the `destructorOfABaseClassNotPublicVirtual` query "cpp/autosar/destructor-of-a-base-class-not-public-virtual" and - ruleId = "A12-4-1" + ruleId = "A12-4-1" and + category = "required" or query = // `Query` instance for the `nonVirtualPublicDestructorInNonFinalClass` query @@ -60,7 +65,8 @@ predicate isVirtualFunctionsQueryMetadata(Query query, string queryId, string ru queryId = // `@id` for the `nonVirtualPublicDestructorInNonFinalClass` query "cpp/autosar/non-virtual-public-destructor-in-non-final-class" and - ruleId = "A12-4-2" + ruleId = "A12-4-2" and + category = "advisory" or query = // `Query` instance for the `virtualFunctionOverriddenByAPureVirtualFunction` query @@ -68,7 +74,8 @@ predicate isVirtualFunctionsQueryMetadata(Query query, string queryId, string ru queryId = // `@id` for the `virtualFunctionOverriddenByAPureVirtualFunction` query "cpp/autosar/virtual-function-overridden-by-a-pure-virtual-function" and - ruleId = "M10-3-3" + ruleId = "M10-3-3" and + category = "required" or query = // `Query` instance for the `virtualFunctionParametersUseTheSameDefaultArguments` query @@ -76,7 +83,8 @@ predicate isVirtualFunctionsQueryMetadata(Query query, string queryId, string ru queryId = // `@id` for the `virtualFunctionParametersUseTheSameDefaultArguments` query "cpp/autosar/virtual-function-parameters-use-the-same-default-arguments" and - ruleId = "M8-3-1" + ruleId = "M8-3-1" and + category = "required" } module VirtualFunctionsPackage { diff --git a/scripts/generate_metadata/templates/rulemetadata.qll.template b/scripts/generate_metadata/templates/rulemetadata.qll.template index 802fa44641..64b903f5c2 100644 --- a/scripts/generate_metadata/templates/rulemetadata.qll.template +++ b/scripts/generate_metadata/templates/rulemetadata.qll.template @@ -18,9 +18,9 @@ newtype T{{ language_name.upper() }}Query = {% endif %} /** The metadata predicate * */ -predicate isQueryMetadata(Query query, string queryId, string ruleId) { +predicate isQueryMetadata(Query query, string queryId, string ruleId, string category) { {% for package in packages %} - is{{ package }}QueryMetadata(query, queryId, ruleId){% if not loop.last %} or + is{{ package }}QueryMetadata(query, queryId, ruleId, category){% if not loop.last %} or {% endif %}{% endfor %} } diff --git a/scripts/generate_rules/coding_standards_utils.py b/scripts/generate_rules/coding_standards_utils.py index ca3410c311..06366a5806 100644 --- a/scripts/generate_rules/coding_standards_utils.py +++ b/scripts/generate_rules/coding_standards_utils.py @@ -65,7 +65,7 @@ def write_exclusion_template(template: Type[Template], args: Dict[str, str], pac with open(file, "w", newline="\n") as f: f.write(output) -def extract_metadata_from_query(rule_id, title, q, rule_query_tags, language_name, ql_language_name, standard_name, standard_short_name, standard_metadata, anonymise): +def extract_metadata_from_query(rule_id, title, rule_category, q, rule_query_tags, language_name, ql_language_name, standard_name, standard_short_name, standard_metadata, anonymise): metadata = q.copy() @@ -92,6 +92,7 @@ def extract_metadata_from_query(rule_id, title, q, rule_query_tags, language_nam exclusion_model["queryname"] = metadata["short_name"] exclusion_model["queryname_camelcase"] = metadata["short_name"][0].lower( ) + metadata["short_name"][1:] + exclusion_model["category"] = rule_category if not "kind" in metadata: # default to problem if not specified diff --git a/scripts/generate_rules/generate_package_files.py b/scripts/generate_rules/generate_package_files.py index 8f2f23f025..ecec553fa8 100644 --- a/scripts/generate_rules/generate_package_files.py +++ b/scripts/generate_rules/generate_package_files.py @@ -274,6 +274,9 @@ def write_non_shared_testfiles(query, language_name, query_path, test_src_dir, s test_src_dir = standard_dir.joinpath( "test/rules").joinpath(rule_id) test_src_dir.mkdir(exist_ok=True, parents=True) + # Extract the rule category from the obligation property. + assert("properties" in rule_details and "obligation" in rule_details["properties"]) + rule_category = rule_details["properties"]["obligation"] # Build list of tags for this rule to apply to each query rule_query_tags = [] for key, value in rule_details["properties"].items(): @@ -291,6 +294,7 @@ def write_non_shared_testfiles(query, language_name, query_path, test_src_dir, s query, exclusion_model = extract_metadata_from_query( rule_id, rule_details["title"], + rule_category, q, rule_query_tags, language_name, diff --git a/scripts/generate_rules/templates/exclusions.qll.template b/scripts/generate_rules/templates/exclusions.qll.template index 25d1927722..5d7dc726a3 100644 --- a/scripts/generate_rules/templates/exclusions.qll.template +++ b/scripts/generate_rules/templates/exclusions.qll.template @@ -13,7 +13,7 @@ newtype {{ package_name }}Query = {% endif %} -predicate is{{package_name}}QueryMetadata(Query query, string queryId, string ruleId) { +predicate is{{package_name}}QueryMetadata(Query query, string queryId, string ruleId, string category) { {% for item in data %} query = // `Query` instance for the `{{item['queryname_camelcase']}}` query @@ -21,7 +21,8 @@ predicate is{{package_name}}QueryMetadata(Query query, string queryId, string ru queryId = // `@id` for the `{{item['queryname_camelcase']}}` query "{{ item['queryid'] }}" and - ruleId = "{{ item['ruleid'] }}" + ruleId = "{{ item['ruleid'] }}" and + category = "{{ item['category'] }}" {% if not loop.last %} or {% endif %} From aa0a8352623991c5cb54c866b9080728f34c972f Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 23 Aug 2022 15:08:44 -0700 Subject: [PATCH 0148/2573] Add support for guideline recategorizations This commit adds: - A new section `guideline-recategorizations` to the configuration specification for `coding-standards.yml`. - Two tests to list all the indexed guideline recategorizations and all the invalid guideline recategorizations. This commit does not include the application of the effective category. --- cpp/common/src/codingstandards/cpp/Config.qll | 32 ++++++ .../cpp/deviations/Deviations.qll | 35 +----- .../GuidelineRecategorizations.qll | 105 ++++++++++++++++++ .../InvalidGuidelineRecategorizations.ql | 13 +++ .../ListGuidelineRecategorizations.ql | 12 ++ ...InvalidGuidelineRecategorizations.expected | 5 + .../InvalidGuidelineRecategorizations.qlref | 1 + .../ListGuidelineRecategorizations.expected | 9 ++ .../ListGuidelineRecategorizations.qlref | 1 + .../guideline_recategorizations/dummy.xml | 2 + .../invalid/coding-standards.xml | 26 +++++ .../invalid/coding-standards.yml | 11 ++ .../test/guideline_recategorizations/test.cpp | 0 .../valid/coding-standards.xml | 22 ++++ .../valid/coding-standards.yml | 9 ++ 15 files changed, 253 insertions(+), 30 deletions(-) create mode 100644 cpp/common/src/codingstandards/cpp/Config.qll create mode 100644 cpp/common/src/codingstandards/cpp/guideline_recategorizations/GuidelineRecategorizations.qll create mode 100644 cpp/common/src/codingstandards/cpp/guideline_recategorizations/InvalidGuidelineRecategorizations.ql create mode 100644 cpp/common/src/codingstandards/cpp/guideline_recategorizations/ListGuidelineRecategorizations.ql create mode 100644 cpp/common/test/guideline_recategorizations/InvalidGuidelineRecategorizations.expected create mode 100644 cpp/common/test/guideline_recategorizations/InvalidGuidelineRecategorizations.qlref create mode 100644 cpp/common/test/guideline_recategorizations/ListGuidelineRecategorizations.expected create mode 100644 cpp/common/test/guideline_recategorizations/ListGuidelineRecategorizations.qlref create mode 100644 cpp/common/test/guideline_recategorizations/dummy.xml create mode 100644 cpp/common/test/guideline_recategorizations/invalid/coding-standards.xml create mode 100644 cpp/common/test/guideline_recategorizations/invalid/coding-standards.yml create mode 100644 cpp/common/test/guideline_recategorizations/test.cpp create mode 100644 cpp/common/test/guideline_recategorizations/valid/coding-standards.xml create mode 100644 cpp/common/test/guideline_recategorizations/valid/coding-standards.yml diff --git a/cpp/common/src/codingstandards/cpp/Config.qll b/cpp/common/src/codingstandards/cpp/Config.qll new file mode 100644 index 0000000000..7d12340719 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/Config.qll @@ -0,0 +1,32 @@ +/** + * A module for runtime configuration settings specified in a `conding-standards.yml` file. + */ + +import cpp +import semmle.code.cpp.XML +import codingstandards.cpp.exclusions.RuleMetadata +import codingstandards.cpp.deviations.Deviations + +/** A `coding-standards.xml` configuration file (usually generated from an YAML configuration file). */ +class CodingStandardsFile extends XMLFile { + CodingStandardsFile() { + this.getBaseName() = "coding-standards.xml" and + // Must be within the users source code. + exists(this.getRelativePath()) + } +} + +class CodingStandardsConfigSection extends XMLElement { + CodingStandardsConfigSection() { getParent() instanceof CodingStandardsConfig } +} + +/** A "Coding Standards" configuration file */ +class CodingStandardsConfig extends XMLElement { + CodingStandardsConfig() { + any(CodingStandardsFile csf).getARootElement() = this and + this.getName() = "codingstandards" + } + + /** Get a section in this configuration file. */ + CodingStandardsConfigSection getASection() { result.getParent() = this } +} diff --git a/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll b/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll index dbc6a240cd..18f022cff2 100644 --- a/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll +++ b/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll @@ -7,6 +7,7 @@ import cpp import semmle.code.cpp.XML import codingstandards.cpp.exclusions.RuleMetadata +import codingstandards.cpp.Config predicate applyDeviationsAtQueryLevel() { not exists(CodingStandardsReportDeviatedAlerts reportDeviatedResults | @@ -15,26 +16,6 @@ predicate applyDeviationsAtQueryLevel() { ) } -/** A `coding-standards.xml` configuration file (usually generated from an YAML configuration file). */ -class CodingStandardsFile extends XMLFile { - CodingStandardsFile() { - this.getBaseName() = "coding-standards.xml" and - // Must be within the users source code. - exists(this.getRelativePath()) - } -} - -/** A "Coding Standards" configuration file */ -class CodingStandardsConfig extends XMLElement { - CodingStandardsConfig() { - any(CodingStandardsFile csf).getARootElement() = this and - this.getName() = "codingstandards" - } - - /** Gets a deviation record for this configuration. */ - DeviationRecord getADeviationRecord() { result = getAChild().(DeviationRecords).getAChild() } -} - /** An element which tells the analysis whether to report deviated results. */ class CodingStandardsReportDeviatedAlerts extends XMLElement { CodingStandardsReportDeviatedAlerts() { @@ -44,19 +25,13 @@ class CodingStandardsReportDeviatedAlerts extends XMLElement { } /** A container of deviation records. */ -class DeviationRecords extends XMLElement { - DeviationRecords() { - getParent() instanceof CodingStandardsConfig and - hasName("deviations") - } +class DeviationRecords extends CodingStandardsConfigSection { + DeviationRecords() { hasName("deviations") } } /** A container for the deviation permits records. */ -class DeviationPermits extends XMLElement { - DeviationPermits() { - getParent() instanceof CodingStandardsConfig and - hasName("deviation-permits") - } +class DeviationPermits extends CodingStandardsConfigSection { + DeviationPermits() { hasName("deviation-permits") } } /** A deviation permit record, that is specified by a permit identifier */ diff --git a/cpp/common/src/codingstandards/cpp/guideline_recategorizations/GuidelineRecategorizations.qll b/cpp/common/src/codingstandards/cpp/guideline_recategorizations/GuidelineRecategorizations.qll new file mode 100644 index 0000000000..69eb862ea2 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/guideline_recategorizations/GuidelineRecategorizations.qll @@ -0,0 +1,105 @@ +/** + * A module for identifying guideline recategorizations specified in a `conding-standards.yml` file. + */ + +import cpp +import semmle.code.cpp.XML +import codingstandards.cpp.exclusions.RuleMetadata +import codingstandards.cpp.Config + +/** A container of guideline recategorizations. */ +class GuidelineRecategorizations extends CodingStandardsConfigSection { + GuidelineRecategorizations() { hasName("guideline-recategorizations") } +} + +newtype TEffectiveCategory = + TInvalid(string reason) { + exists(GuidelineRecategorization gr | reason = gr.getAnInvalidReason()) + } or + TDisapplied() or + TAdvisory() or + TRequired() or + TMandatory() + +class EffectiveCategory extends TEffectiveCategory { + string toString() { + this instanceof TInvalid and result = "invalid" + or + this instanceof TDisapplied and result = "disapplied" + or + this instanceof TAdvisory and result = "advisory" + or + this instanceof TRequired and result = "required" + or + this instanceof TMandatory and result = "mandatory" + } + + /** Holds if the effective category permits a deviation */ + predicate permitsDeviation() { not this instanceof TMandatory and not this instanceof TInvalid } +} + +class GuidelineRecategorization extends XMLElement { + GuidelineRecategorization() { + getParent() instanceof GuidelineRecategorizations and + hasName("guideline-recategorizations-entry") + } + + string getRuleId() { result = getAChild("rule-id").getTextValue() } + + string getCategory() { result = getAChild("category").getTextValue() } + + /** Get a query for which a recategorization is specified. */ + Query getQuery() { result.getRuleId() = getRuleId() } + + private EffectiveCategory getValidEffectiveCategory() { + exists(string category, string recategorization | + category = getQuery().getCategory() and + recategorization = getCategory() + | + result = TMandatory() and + category = ["advisory", "required"] and + recategorization = "mandatory" + or + result = TRequired() and + category = "advisory" and + recategorization = "required" + or + result = TDisapplied() and + category = "advisory" and + recategorization = "disapplied" + ) + } + + private predicate isValidRecategorization(string category, string recategorization) { + category = ["advisory", "required"] and + recategorization = "mandatory" + or + category = "advisory" and + recategorization = "required" + or + category = "advisory" and + recategorization = "disapplied" + } + + string getAnInvalidReason() { + not isValidRecategorization(this.getQuery().getCategory(), this.getCategory()) and + if exists(this.getQuery()) + then + result = + "Invalid recategorization from '" + this.getQuery().getCategory() + "' to '" + + this.getCategory() + "'." + else result = "Unknown rule id '" + this.getRuleId() + "'." + } + + predicate isValid() { not isInvalid() } + + predicate isInvalid() { getEffectiveCategory() = TInvalid(_) } + + EffectiveCategory getEffectiveCategory() { + ( + if exists(getValidEffectiveCategory()) + then result = getValidEffectiveCategory() + else result = TInvalid(getAnInvalidReason()) + ) + } +} diff --git a/cpp/common/src/codingstandards/cpp/guideline_recategorizations/InvalidGuidelineRecategorizations.ql b/cpp/common/src/codingstandards/cpp/guideline_recategorizations/InvalidGuidelineRecategorizations.ql new file mode 100644 index 0000000000..6df3f3cf57 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/guideline_recategorizations/InvalidGuidelineRecategorizations.ql @@ -0,0 +1,13 @@ +/** + * @id cpp/coding-standards/invalid-guideline-recategorizations + * @name Invalid guideline recategorizations + * @description Guideline recategorizations marked as invalid will not be applied. + */ + +import cpp +import GuidelineRecategorizations + +from GuidelineRecategorization gr +select gr, + gr.getFile().getRelativePath() + ": '" + gr.getAnInvalidReason() + "' for rule " + gr.getRuleId() + + "." diff --git a/cpp/common/src/codingstandards/cpp/guideline_recategorizations/ListGuidelineRecategorizations.ql b/cpp/common/src/codingstandards/cpp/guideline_recategorizations/ListGuidelineRecategorizations.ql new file mode 100644 index 0000000000..421385e6db --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/guideline_recategorizations/ListGuidelineRecategorizations.ql @@ -0,0 +1,12 @@ +/** + * @id cpp/coding-standards/list-guideline-recategorizations + * @kind table + * @name List all guideline recategorizations observed in a database + * @description Lists all the guideline recategorizations that were indexed in the database. + */ + +import cpp +import GuidelineRecategorizations + +from GuidelineRecategorization gr +select gr.getRuleId(), gr.getCategory() diff --git a/cpp/common/test/guideline_recategorizations/InvalidGuidelineRecategorizations.expected b/cpp/common/test/guideline_recategorizations/InvalidGuidelineRecategorizations.expected new file mode 100644 index 0000000000..971c70a9b6 --- /dev/null +++ b/cpp/common/test/guideline_recategorizations/InvalidGuidelineRecategorizations.expected @@ -0,0 +1,5 @@ +| invalid/coding-standards.xml:5:7:8:43 | guideline-recategorizations-entry | guideline_recategorizations/invalid/coding-standards.xml: 'Invalid recategorization from 'required' to 'advisory'.' for rule A0-1-1. | +| invalid/coding-standards.xml:9:7:12:43 | guideline-recategorizations-entry | guideline_recategorizations/invalid/coding-standards.xml: 'Invalid recategorization from 'required' to 'disapplied'.' for rule A0-1-2. | +| invalid/coding-standards.xml:13:7:16:43 | guideline-recategorizations-entry | guideline_recategorizations/invalid/coding-standards.xml: 'Unknown rule id 'A1-4-3'.' for rule A1-4-3. | +| invalid/coding-standards.xml:17:7:20:43 | guideline-recategorizations-entry | guideline_recategorizations/invalid/coding-standards.xml: 'Invalid recategorization from 'mandatory' to 'required'.' for rule RULE-13-6. | +| invalid/coding-standards.xml:21:7:24:43 | guideline-recategorizations-entry | guideline_recategorizations/invalid/coding-standards.xml: 'Invalid recategorization from 'rule' to 'required'.' for rule CON50-CPP. | diff --git a/cpp/common/test/guideline_recategorizations/InvalidGuidelineRecategorizations.qlref b/cpp/common/test/guideline_recategorizations/InvalidGuidelineRecategorizations.qlref new file mode 100644 index 0000000000..516ca4187e --- /dev/null +++ b/cpp/common/test/guideline_recategorizations/InvalidGuidelineRecategorizations.qlref @@ -0,0 +1 @@ +codingstandards/cpp/guideline_recategorizations/InvalidGuidelineRecategorizations.ql \ No newline at end of file diff --git a/cpp/common/test/guideline_recategorizations/ListGuidelineRecategorizations.expected b/cpp/common/test/guideline_recategorizations/ListGuidelineRecategorizations.expected new file mode 100644 index 0000000000..8718623c80 --- /dev/null +++ b/cpp/common/test/guideline_recategorizations/ListGuidelineRecategorizations.expected @@ -0,0 +1,9 @@ +| A0-1-1 | advisory | +| A0-1-1 | mandatory | +| A0-1-2 | disapplied | +| A0-1-6 | disapplied | +| A1-4-3 | mandatory | +| A10-4-1 | required | +| A11-0-1 | mandatory | +| CON50-CPP | required | +| RULE-13-6 | required | diff --git a/cpp/common/test/guideline_recategorizations/ListGuidelineRecategorizations.qlref b/cpp/common/test/guideline_recategorizations/ListGuidelineRecategorizations.qlref new file mode 100644 index 0000000000..a6720a0ddb --- /dev/null +++ b/cpp/common/test/guideline_recategorizations/ListGuidelineRecategorizations.qlref @@ -0,0 +1 @@ +codingstandards/cpp/guideline_recategorizations/ListGuidelineRecategorizations.ql \ No newline at end of file diff --git a/cpp/common/test/guideline_recategorizations/dummy.xml b/cpp/common/test/guideline_recategorizations/dummy.xml new file mode 100644 index 0000000000..c390fb1e16 --- /dev/null +++ b/cpp/common/test/guideline_recategorizations/dummy.xml @@ -0,0 +1,2 @@ + + \ No newline at end of file diff --git a/cpp/common/test/guideline_recategorizations/invalid/coding-standards.xml b/cpp/common/test/guideline_recategorizations/invalid/coding-standards.xml new file mode 100644 index 0000000000..d89f27050b --- /dev/null +++ b/cpp/common/test/guideline_recategorizations/invalid/coding-standards.xml @@ -0,0 +1,26 @@ + + + + + + A0-1-1 + advisory + + + A0-1-2 + disapplied + + + A1-4-3 + mandatory + + + RULE-13-6 + required + + + CON50-CPP + required + + + diff --git a/cpp/common/test/guideline_recategorizations/invalid/coding-standards.yml b/cpp/common/test/guideline_recategorizations/invalid/coding-standards.yml new file mode 100644 index 0000000000..89e562c05c --- /dev/null +++ b/cpp/common/test/guideline_recategorizations/invalid/coding-standards.yml @@ -0,0 +1,11 @@ +guideline-recategorizations: + - rule-id: "A0-1-1" + category: "advisory" + - rule-id: "A0-1-2" + category: "disapplied" + - rule-id: "A1-4-3" + category: "mandatory" + - rule-id: "RULE-13-6" + category: "required" + - rule-id: "CON50-CPP" + category: "required" diff --git a/cpp/common/test/guideline_recategorizations/test.cpp b/cpp/common/test/guideline_recategorizations/test.cpp new file mode 100644 index 0000000000..e69de29bb2 diff --git a/cpp/common/test/guideline_recategorizations/valid/coding-standards.xml b/cpp/common/test/guideline_recategorizations/valid/coding-standards.xml new file mode 100644 index 0000000000..afc7919a89 --- /dev/null +++ b/cpp/common/test/guideline_recategorizations/valid/coding-standards.xml @@ -0,0 +1,22 @@ + + + + + + A0-1-1 + mandatory + + + A0-1-6 + disapplied + + + A10-4-1 + required + + + A11-0-1 + mandatory + + + diff --git a/cpp/common/test/guideline_recategorizations/valid/coding-standards.yml b/cpp/common/test/guideline_recategorizations/valid/coding-standards.yml new file mode 100644 index 0000000000..ed778a5cc1 --- /dev/null +++ b/cpp/common/test/guideline_recategorizations/valid/coding-standards.yml @@ -0,0 +1,9 @@ +guideline-recategorizations: + - rule-id: "A0-1-1" + category: "mandatory" + - rule-id: "A0-1-6" + category: "disapplied" + - rule-id: "A10-4-1" + category: "required" + - rule-id: "A11-0-1" + category: "mandatory" From ebf64e6cc2be4a46b4146eb0626b640210b7d484 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 24 Aug 2022 16:22:10 -0700 Subject: [PATCH 0149/2573] Move coding standards config processing script With the additional support of a Guideline Recategorization Plan and possible other further configuration options we are moving the script into the generic configuration folder instead of the deviations folder. --- .github/workflows/code-scanning-pack-gen.yml | 2 +- docs/user_manual.md | 6 +++--- integration-tests/deviations/build.sh | 2 +- .../process_coding_standards_config.py | 0 scripts/{deviations => configuration}/requirements.txt | 0 5 files changed, 5 insertions(+), 5 deletions(-) rename scripts/{deviations => configuration}/process_coding_standards_config.py (100%) rename scripts/{deviations => configuration}/requirements.txt (100%) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index 5a0ef0fb07..2c501b541b 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -86,7 +86,7 @@ jobs: codeql query compile --search-path c --search-path cpp --threads 0 c cd .. - zip -r codeql-coding-standards/code-scanning-cpp-query-pack.zip codeql-coding-standards/c/ codeql-coding-standards/cpp/ codeql-coding-standards/.codeqlmanifest.json codeql-coding-standards/supported_codeql_configs.json codeql-coding-standards/scripts/deviations codeql-coding-standards/scripts/reports + zip -r codeql-coding-standards/code-scanning-cpp-query-pack.zip codeql-coding-standards/c/ codeql-coding-standards/cpp/ codeql-coding-standards/.codeqlmanifest.json codeql-coding-standards/supported_codeql_configs.json codeql-coding-standards/scripts/configuration codeql-coding-standards/scripts/reports - name: Upload GHAS Query Pack uses: actions/upload-artifact@v2 diff --git a/docs/user_manual.md b/docs/user_manual.md index 02328ad9af..fe31db6c0f 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -284,16 +284,16 @@ The example describes three ways of scoping a deviation: 3. The deviation for `A0-4-2` applies to any source element that has a comment residing on **the same line** containing the identifier specified in `code-identifier`. The activation of the deviation mechanism requires an extra step in the database creation process. -This extra step is the invocation of the Python script `path/to/codeql-coding-standards/scripts/deviations/process_coding_standards_config.py` that is part of the coding standards code scanning pack. +This extra step is the invocation of the Python script `path/to/codeql-coding-standards/scripts/configuration/process_coding_standards_config.py` that is part of the coding standards code scanning pack. The script should be invoked as follows: ```codeql -codeql database create --language cpp --command 'python3 path/to/codeql-coding-standards/scripts/deviations/process_coding_standards_config.py' --command +codeql database create --language cpp --command 'python3 path/to/codeql-coding-standards/scripts/configuration/process_coding_standards_config.py' --command ``` The `process_coding_standards_config.py` has a dependency on the package `pyyaml` that can be installed using the provided PIP package manifest by running the following command: -`pip install -r path/to/codeql-coding-standards/scripts/deviations/requirements.txt` +`pip install -r path/to/codeql-coding-standards/scripts/configuration/requirements.txt` ##### Deviation permit diff --git a/integration-tests/deviations/build.sh b/integration-tests/deviations/build.sh index 1ca9f8daca..3196e5de54 100755 --- a/integration-tests/deviations/build.sh +++ b/integration-tests/deviations/build.sh @@ -1,3 +1,3 @@ #!/bin/bash -~/codeql-home/codeqls/codeql-2.6.3/codeql database create --overwrite --language cpp --command "clang++ main.cpp" --command "python3 ../../scripts/deviations/process_coding_standards_config.py" ~/codeql-home/databases/deviations-test \ No newline at end of file +~/codeql-home/codeqls/codeql-2.6.3/codeql database create --overwrite --language cpp --command "clang++ main.cpp" --command "python3 ../../scripts/configuration/process_coding_standards_config.py" ~/codeql-home/databases/deviations-test \ No newline at end of file diff --git a/scripts/deviations/process_coding_standards_config.py b/scripts/configuration/process_coding_standards_config.py similarity index 100% rename from scripts/deviations/process_coding_standards_config.py rename to scripts/configuration/process_coding_standards_config.py diff --git a/scripts/deviations/requirements.txt b/scripts/configuration/requirements.txt similarity index 100% rename from scripts/deviations/requirements.txt rename to scripts/configuration/requirements.txt From 86bc3f8af6ceffb35f45857d006a679358214bd4 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 25 Aug 2022 13:05:49 -0700 Subject: [PATCH 0150/2573] Format generated exclusion files The format depends on the length of the package name so we format the generated file with the CLI instead of mirror the formating behavior in the template. --- .../src/codingstandards/cpp/exclusions/c/Banned.qll | 4 +++- .../cpp/exclusions/c/Concurrency1.qll | 4 +++- .../cpp/exclusions/c/Concurrency2.qll | 4 +++- .../cpp/exclusions/c/Concurrency3.qll | 4 +++- .../codingstandards/cpp/exclusions/c/Contracts1.qll | 4 +++- .../cpp/exclusions/c/Declarations1.qll | 4 +++- .../codingstandards/cpp/exclusions/c/Expressions.qll | 4 +++- .../src/codingstandards/cpp/exclusions/c/IO1.qll | 4 +++- .../src/codingstandards/cpp/exclusions/c/IO2.qll | 4 +++- .../src/codingstandards/cpp/exclusions/c/IO3.qll | 4 +++- .../src/codingstandards/cpp/exclusions/c/Misc.qll | 4 +++- .../codingstandards/cpp/exclusions/c/Pointers1.qll | 4 +++- .../codingstandards/cpp/exclusions/c/Pointers2.qll | 4 +++- .../cpp/exclusions/c/Preprocessor1.qll | 4 +++- .../cpp/exclusions/c/Preprocessor2.qll | 4 +++- .../cpp/exclusions/c/Preprocessor3.qll | 4 +++- .../cpp/exclusions/c/Preprocessor4.qll | 4 +++- .../cpp/exclusions/c/Preprocessor5.qll | 4 +++- .../cpp/exclusions/c/SideEffects1.qll | 4 +++- .../cpp/exclusions/c/SideEffects2.qll | 4 +++- .../codingstandards/cpp/exclusions/c/Strings1.qll | 4 +++- .../codingstandards/cpp/exclusions/c/Strings2.qll | 4 +++- .../codingstandards/cpp/exclusions/c/Strings3.qll | 4 +++- .../src/codingstandards/cpp/exclusions/c/Syntax.qll | 4 +++- .../cpp/exclusions/cpp/Allocations.qll | 4 +++- .../cpp/exclusions/cpp/BannedFunctions.qll | 4 +++- .../cpp/exclusions/cpp/BannedLibraries.qll | 4 +++- .../cpp/exclusions/cpp/BannedSyntax.qll | 4 +++- .../cpp/exclusions/cpp/BannedTypes.qll | 4 +++- .../codingstandards/cpp/exclusions/cpp/Classes.qll | 4 +++- .../codingstandards/cpp/exclusions/cpp/Comments.qll | 4 +++- .../cpp/exclusions/cpp/Concurrency.qll | 4 +++- .../cpp/exclusions/cpp/Conditionals.qll | 4 +++- .../src/codingstandards/cpp/exclusions/cpp/Const.qll | 4 +++- .../codingstandards/cpp/exclusions/cpp/DeadCode.qll | 4 +++- .../cpp/exclusions/cpp/Declarations.qll | 4 +++- .../cpp/exclusions/cpp/ExceptionSafety.qll | 4 +++- .../cpp/exclusions/cpp/Exceptions1.qll | 4 +++- .../cpp/exclusions/cpp/Exceptions2.qll | 4 +++- .../cpp/exclusions/cpp/Expressions.qll | 4 +++- .../src/codingstandards/cpp/exclusions/cpp/Freed.qll | 4 +++- .../codingstandards/cpp/exclusions/cpp/Functions.qll | 4 +++- .../src/codingstandards/cpp/exclusions/cpp/IO.qll | 4 +++- .../codingstandards/cpp/exclusions/cpp/Includes.qll | 4 +++- .../cpp/exclusions/cpp/Inheritance.qll | 4 +++- .../cpp/exclusions/cpp/Initialization.qll | 4 +++- .../cpp/exclusions/cpp/IntegerConversion.qll | 4 +++- .../cpp/exclusions/cpp/Invariants.qll | 4 +++- .../codingstandards/cpp/exclusions/cpp/Iterators.qll | 4 +++- .../codingstandards/cpp/exclusions/cpp/Lambdas.qll | 4 +++- .../codingstandards/cpp/exclusions/cpp/Literals.qll | 4 +++- .../src/codingstandards/cpp/exclusions/cpp/Loops.qll | 4 +++- .../codingstandards/cpp/exclusions/cpp/Macros.qll | 4 +++- .../cpp/exclusions/cpp/MoveForward.qll | 4 +++- .../codingstandards/cpp/exclusions/cpp/Naming.qll | 4 +++- .../src/codingstandards/cpp/exclusions/cpp/Null.qll | 4 +++- .../cpp/exclusions/cpp/OperatorInvariants.qll | 4 +++- .../codingstandards/cpp/exclusions/cpp/Operators.qll | 4 +++- .../cpp/exclusions/cpp/OrderOfEvaluation.qll | 4 +++- .../cpp/exclusions/cpp/OutOfBounds.qll | 4 +++- .../codingstandards/cpp/exclusions/cpp/Pointers.qll | 4 +++- .../cpp/exclusions/cpp/Representation.qll | 4 +++- .../src/codingstandards/cpp/exclusions/cpp/Scope.qll | 4 +++- .../cpp/exclusions/cpp/SideEffects1.qll | 4 +++- .../cpp/exclusions/cpp/SideEffects2.qll | 4 +++- .../cpp/exclusions/cpp/SmartPointers1.qll | 4 +++- .../cpp/exclusions/cpp/SmartPointers2.qll | 4 +++- .../codingstandards/cpp/exclusions/cpp/Strings.qll | 4 +++- .../codingstandards/cpp/exclusions/cpp/Templates.qll | 4 +++- .../codingstandards/cpp/exclusions/cpp/Toolchain.qll | 4 +++- .../cpp/exclusions/cpp/TrustBoundaries.qll | 4 +++- .../cpp/exclusions/cpp/TypeRanges.qll | 4 +++- .../cpp/exclusions/cpp/Uninitialized.qll | 4 +++- .../cpp/exclusions/cpp/VirtualFunctions.qll | 4 +++- scripts/generate_rules/coding_standards_utils.py | 12 +++++++++++- scripts/shared/codeql.py | 10 +++++++++- 76 files changed, 242 insertions(+), 76 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Banned.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Banned.qll index 888e0863a3..c8f199ace7 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Banned.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Banned.qll @@ -24,7 +24,9 @@ newtype BannedQuery = TOctalConstantsUsedQuery() or TRestrictTypeQualifierUsedQuery() -predicate isBannedQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isBannedQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `doNotCallSystem` query BannedPackage::doNotCallSystemQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency1.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency1.qll index ed3a82c28d..0821bf38ad 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency1.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency1.qll @@ -8,7 +8,9 @@ newtype Concurrency1Query = TRaceConditionsWhenUsingLibraryFunctionsQuery() or TDoNotCallSignalInMultithreadedProgramQuery() -predicate isConcurrency1QueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isConcurrency1QueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `preventDataRacesWithMultipleThreads` query Concurrency1Package::preventDataRacesWithMultipleThreadsQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency2.qll index 38a3eaa513..4577431951 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency2.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency2.qll @@ -7,7 +7,9 @@ newtype Concurrency2Query = TDeadlockByLockingInPredefinedOrderQuery() or TWrapFunctionsThatCanSpuriouslyWakeUpInLoopQuery() -predicate isConcurrency2QueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isConcurrency2QueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `deadlockByLockingInPredefinedOrder` query Concurrency2Package::deadlockByLockingInPredefinedOrderQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency3.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency3.qll index 982ea21543..ec3ada4552 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency3.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency3.qll @@ -9,7 +9,9 @@ newtype Concurrency3Query = TPreserveSafetyWhenUsingConditionVariablesQuery() or TWrapFunctionsThatCanFailSpuriouslyInLoopQuery() -predicate isConcurrency3QueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isConcurrency3QueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `doNotAllowAMutexToGoOutOfScopeWhileLocked` query Concurrency3Package::doNotAllowAMutexToGoOutOfScopeWhileLockedQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts1.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts1.qll index 3336438b98..75ed7605fb 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts1.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts1.qll @@ -7,7 +7,9 @@ newtype Contracts1Query = TDoNotModifyTheReturnValueOfCertainFunctionsQuery() or TEnvPointerIsInvalidAfterCertainOperationsQuery() -predicate isContracts1QueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isContracts1QueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `doNotModifyTheReturnValueOfCertainFunctions` query Contracts1Package::doNotModifyTheReturnValueOfCertainFunctionsQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations1.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations1.qll index c5ffaa56e3..238c43e511 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations1.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations1.qll @@ -11,7 +11,9 @@ newtype Declarations1Query = TMacroIdentifiersNotDistinctQuery() or TMacroIdentifierNotDistinctFromParameterQuery() -predicate isDeclarations1QueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isDeclarations1QueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `declareIdentifiersBeforeUsingThem` query Declarations1Package::declareIdentifiersBeforeUsingThemQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Expressions.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Expressions.qll index fab8e21d01..58bd9237cc 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Expressions.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Expressions.qll @@ -9,7 +9,9 @@ newtype ExpressionsQuery = TCallPOSIXOpenWithCorrectArgumentCountQuery() or TDoNotUseABitwiseOperatorWithABooleanLikeOperandQuery() -predicate isExpressionsQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isExpressionsQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `doNotCallFunctionPointerWithIncompatibleType` query ExpressionsPackage::doNotCallFunctionPointerWithIncompatibleTypeQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/IO1.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/IO1.qll index b3c1bdd428..bbb1778c86 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/IO1.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/IO1.qll @@ -12,7 +12,9 @@ newtype IO1Query = TUndefinedBehaviorAccessingAClosedFileQuery() or TFileUsedAfterClosedQuery() -predicate isIO1QueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isIO1QueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `excludeUserInputFromFormatStrings` query IO1Package::excludeUserInputFromFormatStringsQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/IO2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/IO2.qll index 6208470e24..f909539540 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/IO2.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/IO2.qll @@ -9,7 +9,9 @@ newtype IO2Query = TDoNotCallGetcAndPutcWithSideEffectsQuery() or TOnlyUseValuesForFsetposThatAreReturnedFromFgetposQuery() -predicate isIO2QueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isIO2QueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `doNotCopyAFileObject` query IO2Package::doNotCopyAFileObjectQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/IO3.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/IO3.qll index 9aac753c0b..16e34ecb27 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/IO3.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/IO3.qll @@ -11,7 +11,9 @@ newtype IO3Query = TPointerToAFileObjectDereferencedQuery() or TEofShallBeComparedWithUnmodifiedReturnValuesQuery() -predicate isIO3QueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isIO3QueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `doNotPerformFileOperationsOnDevices` query IO3Package::doNotPerformFileOperationsOnDevicesQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Misc.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Misc.qll index 9535c8a6d1..fa372c0ffb 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Misc.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Misc.qll @@ -8,7 +8,9 @@ newtype MiscQuery = TProperlySeedPseudorandomNumberGeneratorsQuery() or TControlFlowReachesTheEndOfANonVoidFunctionQuery() -predicate isMiscQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isMiscQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `randUsedForGeneratingPseudorandomNumbers` query MiscPackage::randUsedForGeneratingPseudorandomNumbersQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers1.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers1.qll index e35f0f3a88..35fbcef3fd 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers1.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers1.qll @@ -22,7 +22,9 @@ newtype Pointers1Query = TObjectWithNoPointerDereferenceShouldBeOpaqueQuery() or TPointerShouldPointToConstTypeWhenPossibleQuery() -predicate isPointers1QueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isPointers1QueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `conversionBetweenFunctionPointerAndOtherType` query Pointers1Package::conversionBetweenFunctionPointerAndOtherTypeQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers2.qll index 476388612e..558c57144a 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers2.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers2.qll @@ -5,7 +5,9 @@ import codingstandards.cpp.exclusions.RuleMetadata newtype Pointers2Query = TDoNotAddOrSubtractAScaledIntegerToAPointerQuery() -predicate isPointers2QueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isPointers2QueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `doNotAddOrSubtractAScaledIntegerToAPointer` query Pointers2Package::doNotAddOrSubtractAScaledIntegerToAPointerQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor1.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor1.qll index 1f3c9bba38..9231d99e46 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor1.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor1.qll @@ -9,7 +9,9 @@ newtype Preprocessor1Query = TForbiddenCharactersInHeaderFileNameQuery() or TIdentifiersUsedInPreprocessorExpressionQuery() -predicate isPreprocessor1QueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isPreprocessor1QueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `includeDirectivesPrecededByDirectivesOrComments` query Preprocessor1Package::includeDirectivesPrecededByDirectivesOrCommentsQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor2.qll index bc6fc91da6..0442ccf74c 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor2.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor2.qll @@ -9,7 +9,9 @@ newtype Preprocessor2Query = TUndefShouldNotBeUsedQuery() or TPrecautionIncludeGuardsNotProvidedQuery() -predicate isPreprocessor2QueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isPreprocessor2QueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `moreThanOneHashOperatorInMacroDefinition` query Preprocessor2Package::moreThanOneHashOperatorInMacroDefinitionQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor3.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor3.qll index 1b9ed9374e..51708339a1 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor3.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor3.qll @@ -5,7 +5,9 @@ import codingstandards.cpp.exclusions.RuleMetadata newtype Preprocessor3Query = TControllingExpressionIfDirectiveQuery() -predicate isPreprocessor3QueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isPreprocessor3QueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `controllingExpressionIfDirective` query Preprocessor3Package::controllingExpressionIfDirectiveQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor4.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor4.qll index 8b30501183..3baabc600b 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor4.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor4.qll @@ -8,7 +8,9 @@ newtype Preprocessor4Query = TFunctionLikeMacroArgsContainHashTokenCQueryQuery() or TDefineAndUndefUsedOnReservedIdentifierOrMacroNameQuery() -predicate isPreprocessor4QueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isPreprocessor4QueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `macroDefinedWithTheSameNameAsKeyword` query Preprocessor4Package::macroDefinedWithTheSameNameAsKeywordQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor5.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor5.qll index 0d35690408..e0a7743aaf 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor5.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor5.qll @@ -8,7 +8,9 @@ newtype Preprocessor5Query = TMacroOrFunctionArgsContainHashTokenQuery() or TMacroParameterNotEnclosedInParenthesesCQueryQuery() -predicate isPreprocessor5QueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isPreprocessor5QueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `doNotTreatAPredefinedIdentifierAsObject` query Preprocessor5Package::doNotTreatAPredefinedIdentifierAsObjectQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects1.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects1.qll index 24175cdfb7..af5c529bc3 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects1.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects1.qll @@ -15,7 +15,9 @@ newtype SideEffects1Query = TPossibleSuppressedSideEffectInLogicOperatorOperandQuery() or TSizeofOperandWithSideEffectQuery() -predicate isSideEffects1QueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isSideEffects1QueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `dependenceOnOrderOfScalarEvaluationForSideEffects` query SideEffects1Package::dependenceOnOrderOfScalarEvaluationForSideEffectsQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects2.qll index 82e5c0c5d2..d02b2d16e7 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects2.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects2.qll @@ -7,7 +7,9 @@ newtype SideEffects2Query = TSideEffectAndCrementInFullExpressionQuery() or TModificationOfFunctionParameterQuery() -predicate isSideEffects2QueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isSideEffects2QueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `sideEffectAndCrementInFullExpression` query SideEffects2Package::sideEffectAndCrementInFullExpressionQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Strings1.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Strings1.qll index e306df55bf..9fd719a7fb 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Strings1.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Strings1.qll @@ -8,7 +8,9 @@ newtype Strings1Query = TStringsHasSufficientSpaceForTheNullTerminatorQuery() or TNonNullTerminatedToFunctionThatExpectsAStringQuery() -predicate isStrings1QueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isStrings1QueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `doNotAttemptToModifyStringLiterals` query Strings1Package::doNotAttemptToModifyStringLiteralsQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Strings2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Strings2.qll index 99dd98d68e..44ef427314 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Strings2.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Strings2.qll @@ -5,7 +5,9 @@ import codingstandards.cpp.exclusions.RuleMetadata newtype Strings2Query = TToCharacterHandlingFunctionsRepresentableAsUCharQuery() -predicate isStrings2QueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isStrings2QueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `toCharacterHandlingFunctionsRepresentableAsUChar` query Strings2Package::toCharacterHandlingFunctionsRepresentableAsUCharQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Strings3.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Strings3.qll index 760f54b9fa..0b20b59e90 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Strings3.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Strings3.qll @@ -7,7 +7,9 @@ newtype Strings3Query = TCastCharBeforeConvertingToLargerSizesQuery() or TDoNotConfuseNarrowAndWideFunctionsQuery() -predicate isStrings3QueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isStrings3QueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `castCharBeforeConvertingToLargerSizes` query Strings3Package::castCharBeforeConvertingToLargerSizesQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Syntax.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Syntax.qll index 3a53cf05c3..4c949da3b8 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Syntax.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Syntax.qll @@ -12,7 +12,9 @@ newtype SyntaxQuery = TUOrUSuffixRepresentedInUnsignedTypeQuery() or TLowercaseCharacterLUsedInLiteralSuffixQuery() -predicate isSyntaxQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isSyntaxQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `characterSequencesAndUsedWithinAComment` query SyntaxPackage::characterSequencesAndUsedWithinACommentQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Allocations.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Allocations.qll index 56bdf2b954..b030945851 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Allocations.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Allocations.qll @@ -26,7 +26,9 @@ newtype AllocationsQuery = TOperatorDeleteMissingPartnerCertQuery() or TUsingDefaultOperatorNewForOverAlignedTypesQuery() -predicate isAllocationsQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isAllocationsQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `placementNewNotProperlyAlignedAutosar` query AllocationsPackage::placementNewNotProperlyAlignedAutosarQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedFunctions.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedFunctions.qll index c17972650b..2bd4c25284 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedFunctions.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedFunctions.qll @@ -16,7 +16,9 @@ newtype BannedFunctionsQuery = TDoNotUseRandForGeneratingPseudorandomNumbersQuery() or TPreferSpecialMemberFunctionsAndOverloadedOperatorsToCStandardLibraryFunctionsQuery() -predicate isBannedFunctionsQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isBannedFunctionsQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `functionsMallocCallocReallocAndFreeUsed` query BannedFunctionsPackage::functionsMallocCallocReallocAndFreeUsedQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedLibraries.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedLibraries.qll index 9a314e79c6..4b35ba7d90 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedLibraries.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedLibraries.qll @@ -17,7 +17,9 @@ newtype BannedLibrariesQuery = TCstdioTypesUsedQuery() or TUsageOfAssemblerNotDocumentedQuery() -predicate isBannedLibrariesQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isBannedLibrariesQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `reservedIdentifiersMacrosAndFunctionsAreDefinedRedefinedOrUndefined` query BannedLibrariesPackage::reservedIdentifiersMacrosAndFunctionsAreDefinedRedefinedOrUndefinedQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedSyntax.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedSyntax.qll index c473616374..d78a7a5e3e 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedSyntax.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedSyntax.qll @@ -22,7 +22,9 @@ newtype BannedSyntaxQuery = TUsingDeclarationsUsedInHeaderFilesQuery() or TDoNotDefineACStyleVariadicFunctionQuery() -predicate isBannedSyntaxQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isBannedSyntaxQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `friendDeclarationsUsed` query BannedSyntaxPackage::friendDeclarationsUsedQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedTypes.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedTypes.qll index 8328a0f4d4..b53c0e2381 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedTypes.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedTypes.qll @@ -9,7 +9,9 @@ newtype BannedTypesQuery = TAutoPtrTypeUsedQuery() or TTypeWcharTUsedQuery() -predicate isBannedTypesQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isBannedTypesQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `typeLongDoubleUsed` query BannedTypesPackage::typeLongDoubleUsedQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Classes.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Classes.qll index 92c7a4280e..15bef7ea1a 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Classes.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Classes.qll @@ -23,7 +23,9 @@ newtype ClassesQuery = TMemberDataInNonPodClassTypesNotPrivateQuery() or TOffsetUsedOnInvalidTypeOrMemberQuery() -predicate isClassesQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isClassesQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `nonPodTypeShouldBeDefinedAsClass` query ClassesPackage::nonPodTypeShouldBeDefinedAsClassQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Comments.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Comments.qll index 9d4d186122..1d32994c0c 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Comments.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Comments.qll @@ -10,7 +10,9 @@ newtype CommentsQuery = TSlashStarUsedWithinACStyleCommentQuery() or TNullOnSharedLineQuery() -predicate isCommentsQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isCommentsQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `singleLineCommentEndsWithSlash` query CommentsPackage::singleLineCommentEndsWithSlashQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Concurrency.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Concurrency.qll index 8038d4e51e..936b09705a 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Concurrency.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Concurrency.qll @@ -14,7 +14,9 @@ newtype ConcurrencyQuery = TDoNotSpeculativelyLockALockedNonRecursiveMutexQuery() or TLockedALockedNonRecursiveMutexAuditQuery() -predicate isConcurrencyQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isConcurrencyQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `doNotAllowAMutexToGoOutOfScopeWhileLocked` query ConcurrencyPackage::doNotAllowAMutexToGoOutOfScopeWhileLockedQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Conditionals.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Conditionals.qll index 979e51e5c8..90538feaf6 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Conditionals.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Conditionals.qll @@ -22,7 +22,9 @@ newtype ConditionalsQuery = TGotoStatementJumpConditionQuery() or TContinueInForLoopConditionQuery() -predicate isConditionalsQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isConditionalsQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `nonBooleanIfCondition` query ConditionalsPackage::nonBooleanIfConditionQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Const.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Const.qll index 1245139eb1..74da377047 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Const.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Const.qll @@ -18,7 +18,9 @@ newtype ConstQuery = TMemberFunctionConstIfPossibleQuery() or TRemoveConstOrVolatileQualificationCertQuery() -predicate isConstQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isConstQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `removeConstOrVolatileQualificationAutosar` query ConstPackage::removeConstOrVolatileQualificationAutosarQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/DeadCode.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/DeadCode.qll index 40b8795e5e..d2c2dd31a6 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/DeadCode.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/DeadCode.qll @@ -21,7 +21,9 @@ newtype DeadCodeQuery = TSingleUseMemberPODVariableQuery() or TDeadCodeQuery() -predicate isDeadCodeQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isDeadCodeQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `uselessAssignment` query DeadCodePackage::uselessAssignmentQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Declarations.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Declarations.qll index 5d51fd522f..fc48d7c195 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Declarations.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Declarations.qll @@ -22,7 +22,9 @@ newtype DeclarationsQuery = TTypesNotIdenticalInObjectDeclarationsQuery() or TTypesNotIdenticalInReturnDeclarationsQuery() -predicate isDeclarationsQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isDeclarationsQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `operatorNewAndOperatorDeleteNotDefinedLocally` query DeclarationsPackage::operatorNewAndOperatorDeleteNotDefinedLocallyQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/ExceptionSafety.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/ExceptionSafety.qll index bab954a505..f75670da7d 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/ExceptionSafety.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/ExceptionSafety.qll @@ -10,7 +10,9 @@ newtype ExceptionSafetyQuery = TGuaranteeExceptionSafetyQuery() or TDoNotLeakResourcesWhenHandlingExceptionsQuery() -predicate isExceptionSafetyQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isExceptionSafetyQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `exceptionSafetyGuaranteesNotProvided` query ExceptionSafetyPackage::exceptionSafetyGuaranteesNotProvidedQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Exceptions1.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Exceptions1.qll index c4937348e8..63d77d621b 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Exceptions1.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Exceptions1.qll @@ -39,7 +39,9 @@ newtype Exceptions1Query = TExceptionObjectsMustBeNothrowCopyConstructibleQuery() or TCatchExceptionsByLvalueReferenceQuery() -predicate isExceptions1QueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isExceptions1QueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `exceptionThrownOnCompletion` query Exceptions1Package::exceptionThrownOnCompletionQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Exceptions2.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Exceptions2.qll index fa990c8f0f..d182e0ba06 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Exceptions2.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Exceptions2.qll @@ -22,7 +22,9 @@ newtype Exceptions2Query = TDoNotLetExceptionsEscapeFromDestructorsOrDeallocationFunctionsQuery() or TCatchBlockShadowingCertQuery() -predicate isExceptions2QueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isExceptions2QueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `onlyThrowStdExceptionDerivedTypes` query Exceptions2Package::onlyThrowStdExceptionDerivedTypesQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Expressions.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Expressions.qll index 9797b874e5..97010da072 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Expressions.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Expressions.qll @@ -21,7 +21,9 @@ newtype ExpressionsQuery = TPassReferenceTypeToVaStartQuery() or TPassNonTrivialObjectToVaStartQuery() -predicate isExpressionsQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isExpressionsQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `operationsAssumingMemoryLayoutPerformedOnObjects` query ExpressionsPackage::operationsAssumingMemoryLayoutPerformedOnObjectsQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Freed.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Freed.qll index 00d3bbdf99..2be85fad11 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Freed.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Freed.qll @@ -14,7 +14,9 @@ newtype FreedQuery = TObjectAccessedAfterLifetimeCertQuery() or TUseAfterFreeQuery() -predicate isFreedQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isFreedQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `newDeleteArrayMismatch` query FreedPackage::newDeleteArrayMismatchQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Functions.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Functions.qll index c83fd189d8..41a02da4a1 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Functions.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Functions.qll @@ -19,7 +19,9 @@ newtype FunctionsQuery = TNonVoidFunctionDoesNotReturnCertQuery() or TFunctionNoReturnAttributeConditionCertQuery() -predicate isFunctionsQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isFunctionsQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `cStandardLibraryFunctionCalls` query FunctionsPackage::cStandardLibraryFunctionCallsQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/IO.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/IO.qll index d8cadfc184..c6a5748455 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/IO.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/IO.qll @@ -8,7 +8,9 @@ newtype IOQuery = TInterleavedInputOutputWithoutPositionQuery() or TCloseFilesWhenTheyAreNoLongerNeededQuery() -predicate isIOQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isIOQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `interleavedInputOutputWithoutFlush` query IOPackage::interleavedInputOutputWithoutFlushQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Includes.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Includes.qll index f4eb83bc3e..305d7dbdd7 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Includes.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Includes.qll @@ -11,7 +11,9 @@ newtype IncludesQuery = TExternalLinkageNotDeclaredInHeaderFileQuery() or TIncludeGuardsNotProvidedQuery() -predicate isIncludesQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isIncludesQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `unusedIncludeDirectives` query IncludesPackage::unusedIncludeDirectivesQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Inheritance.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Inheritance.qll index a3775b87d6..8e79ed1ee2 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Inheritance.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Inheritance.qll @@ -18,7 +18,9 @@ newtype InheritanceQuery = TDoNotSliceDerivedObjectsQuery() or TDoNotDeleteAPolymorphicObjectWithoutAVirtualDestructorQuery() -predicate isInheritanceQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isInheritanceQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `publicInheritanceNotUsedForIsARelationship` query InheritancePackage::publicInheritanceNotUsedForIsARelationshipQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Initialization.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Initialization.qll index 6c8d0f5258..ec134439e3 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Initialization.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Initialization.qll @@ -26,7 +26,9 @@ newtype InitializationQuery = TBadlySeededRandomNumberGeneratorQuery() or TUseCanonicalOrderForMemberInitQuery() -predicate isInitializationQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isInitializationQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `explicitConstructorBaseClassInitialization` query InitializationPackage::explicitConstructorBaseClassInitializationQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/IntegerConversion.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/IntegerConversion.qll index 522ddbe31c..56b5f68ce4 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/IntegerConversion.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/IntegerConversion.qll @@ -15,7 +15,9 @@ newtype IntegerConversionQuery = TExplicitWideningConversionOfACValueExprQuery() or TExplicitSignednessConversionOfCValueQuery() -predicate isIntegerConversionQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isIntegerConversionQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `integerExpressionLeadToDataLoss` query IntegerConversionPackage::integerExpressionLeadToDataLossQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Invariants.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Invariants.qll index 7633df480a..c775dc05b9 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Invariants.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Invariants.qll @@ -11,7 +11,9 @@ newtype InvariantsQuery = THonorTerminationReplacementHandlerRequirementsQuery() or THonorNewReplacementHandlerRequirementsQuery() -predicate isInvariantsQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isInvariantsQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `memoryManagementFunctionInvariants` query InvariantsPackage::memoryManagementFunctionInvariantsQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Iterators.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Iterators.qll index 5dac989603..0a6b8ffaba 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Iterators.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Iterators.qll @@ -12,7 +12,9 @@ newtype IteratorsQuery = TDoNotUseAnAdditiveOperatorOnAnIteratorQuery() or TUseValidReferencesForElementsOfStringQuery() -predicate isIteratorsQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isIteratorsQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `iteratorImplicitlyConvertedToConstIterator` query IteratorsPackage::iteratorImplicitlyConvertedToConstIteratorQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Lambdas.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Lambdas.qll index 279b39ba9b..29a6cd5175 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Lambdas.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Lambdas.qll @@ -16,7 +16,9 @@ newtype LambdasQuery = TReturningLambdaObjectWithCaptureByReferenceQuery() or TEscapingLambdaObjectWithCaptureByReferenceQuery() -predicate isLambdasQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isLambdasQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `implicitLambdaCapture` query LambdasPackage::implicitLambdaCaptureQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Literals.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Literals.qll index 16befefd32..ab4cb729c6 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Literals.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Literals.qll @@ -16,7 +16,9 @@ newtype LiteralsQuery = TNullUsedAsIntegerValueQuery() or TLiteralZeroUsedAsNullPointerConstantQuery() -predicate isLiteralsQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isLiteralsQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `useCorrectIntervalForDigitSequencesSeparators` query LiteralsPackage::useCorrectIntervalForDigitSequencesSeparatorsQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Loops.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Loops.qll index 9d9b99989a..7740922b1f 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Loops.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Loops.qll @@ -18,7 +18,9 @@ newtype LoopsQuery = TLoopControlVariableModifiedInLoopExpressionQuery() or TNonBooleanLoopControlVariableQuery() -predicate isLoopsQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isLoopsQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `unusedLoopCounterForContainerIteration` query LoopsPackage::unusedLoopCounterForContainerIterationQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Macros.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Macros.qll index 0753ffeb48..65365eb1f0 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Macros.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Macros.qll @@ -17,7 +17,9 @@ newtype MacrosQuery = TMoreThanOneOccurrenceHashOperatorInMacroDefinitionQuery() or THashOperatorsShouldNotBeUsedQuery() -predicate isMacrosQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isMacrosQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `preProcessorShallOnlyBeUsedForCertainDirectivesPatterns` query MacrosPackage::preProcessorShallOnlyBeUsedForCertainDirectivesPatternsQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/MoveForward.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/MoveForward.qll index 4d61136610..3d4884d6e7 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/MoveForward.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/MoveForward.qll @@ -12,7 +12,9 @@ newtype MoveForwardQuery = TForwardForwardingReferencesQuery() or TDoNotRelyOnTheValueOfAMovedFromObjectQuery() -predicate isMoveForwardQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isMoveForwardQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `movedFromObjectReadAccessed` query MoveForwardPackage::movedFromObjectReadAccessedQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Naming.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Naming.qll index 18f03e9c66..3c64ed08f8 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Naming.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Naming.qll @@ -32,7 +32,9 @@ newtype NamingQuery = TFunctionReusesReservedNameQuery() or TEnumeratorReusesReservedNameQuery() -predicate isNamingQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isNamingQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `userDefinedLiteralOperatorSuffixViolation` query NamingPackage::userDefinedLiteralOperatorSuffixViolationQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Null.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Null.qll index 203bf242a6..5a13a9dab3 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Null.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Null.qll @@ -8,7 +8,9 @@ newtype NullQuery = TParameterNotPassedByReferenceQuery() or TDoNotAttemptToCreateAStringFromANullPointerQuery() -predicate isNullQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isNullQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `nullPointersDereferenced` query NullPackage::nullPointersDereferencedQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/OperatorInvariants.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/OperatorInvariants.qll index 052af31dbb..186b200ba2 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/OperatorInvariants.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/OperatorInvariants.qll @@ -14,7 +14,9 @@ newtype OperatorInvariantsQuery = TGracefullyHandleSelfCopyAssignmentQuery() or TCopyOperationsMustNotMutateTheSourceObjectQuery() -predicate isOperatorInvariantsQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isOperatorInvariantsQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `userDefinedCopyAndMoveUseNoThrowSwapFunction` query OperatorInvariantsPackage::userDefinedCopyAndMoveUseNoThrowSwapFunctionQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Operators.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Operators.qll index fe71289dbc..a71ce704e1 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Operators.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Operators.qll @@ -20,7 +20,9 @@ newtype OperatorsQuery = TUnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsignedQuery() or TUnaryOperatorOverloadedQuery() -predicate isOperatorsQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isOperatorsQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `userDefinedAssignmentOperatorVirtual` query OperatorsPackage::userDefinedAssignmentOperatorVirtualQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/OrderOfEvaluation.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/OrderOfEvaluation.qll index 71464fe027..2c7da3d64a 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/OrderOfEvaluation.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/OrderOfEvaluation.qll @@ -11,7 +11,9 @@ newtype OrderOfEvaluationQuery = TIncrementAndDecrementOperatorsMixedWithOtherOperatorsInExpressionQuery() or TAssignmentInSubExpressionQuery() -predicate isOrderOfEvaluationQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isOrderOfEvaluationQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `expressionShouldNotRelyOnOrderOfEvaluation` query OrderOfEvaluationPackage::expressionShouldNotRelyOnOrderOfEvaluationQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/OutOfBounds.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/OutOfBounds.qll index d1c3087339..7d28b2c2a7 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/OutOfBounds.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/OutOfBounds.qll @@ -9,7 +9,9 @@ newtype OutOfBoundsQuery = TGuaranteeGenericCppLibraryFunctionsDoNotOverflowQuery() or TRangeCheckStringElementAccessQuery() -predicate isOutOfBoundsQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isOutOfBoundsQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `containerAccessWithoutRangeCheckAutosar` query OutOfBoundsPackage::containerAccessWithoutRangeCheckAutosarQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Pointers.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Pointers.qll index 1dd5bef4c8..19c0d5b55d 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Pointers.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Pointers.qll @@ -28,7 +28,9 @@ newtype PointersQuery = TMemberAccessWithUninitializedStaticPointerToMemberQuery() or TUseOfPointerToMemberToAccessNonexistentMemberQuery() -predicate isPointersQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isPointersQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `pointerToAnElementOfAnArrayPassedToASmartPointer` query PointersPackage::pointerToAnElementOfAnArrayPassedToASmartPointerQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Representation.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Representation.qll index a423cfd4ff..be6293d77a 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Representation.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Representation.qll @@ -13,7 +13,9 @@ newtype RepresentationQuery = TMemcmpUsedToAccessObjectRepresentationQuery() or TMemcpyUsedToAccessObjectRepresentationQuery() -predicate isRepresentationQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isRepresentationQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `bitFieldsShallBeUsedOnlyWhenInterfacingToHardwareOrConformingToCommunicationProtocols` query RepresentationPackage::bitFieldsShallBeUsedOnlyWhenInterfacingToHardwareOrConformingToCommunicationProtocolsQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Scope.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Scope.qll index c4a21040eb..b01c79063c 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Scope.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Scope.qll @@ -22,7 +22,9 @@ newtype ScopeQuery = TUnnamedNamespaceInHeaderFileQuery() or TOneDefinitionRuleNotObeyedQuery() -predicate isScopeQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isScopeQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `nonStandardEntitiesInStandardNamespaces` query ScopePackage::nonStandardEntitiesInStandardNamespacesQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/SideEffects1.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/SideEffects1.qll index 37f323a6cb..5442969616 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/SideEffects1.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/SideEffects1.qll @@ -15,7 +15,9 @@ newtype SideEffects1Query = TDoNotRelyOnSideEffectsInDeclTypeOperandQuery() or TDoNotRelyOnSideEffectsInDeclValExpressionQuery() -predicate isSideEffects1QueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isSideEffects1QueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `evaluationOfTheOperandToTheTypeidOperatorContainSideEffects` query SideEffects1Package::evaluationOfTheOperandToTheTypeidOperatorContainSideEffectsQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/SideEffects2.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/SideEffects2.qll index 7ba094b13e..6ae64ce070 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/SideEffects2.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/SideEffects2.qll @@ -14,7 +14,9 @@ newtype SideEffects2Query = TFunctionsWithVoidReturnTypeShallHaveExternalSideEffectsQuery() or TPredicateFunctionObjectsShouldNotBeMutableQuery() -predicate isSideEffects2QueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isSideEffects2QueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `moveConstructorShallOnlyMoveObject` query SideEffects2Package::moveConstructorShallOnlyMoveObjectQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/SmartPointers1.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/SmartPointers1.qll index 5b11807014..f678b53437 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/SmartPointers1.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/SmartPointers1.qll @@ -14,7 +14,9 @@ newtype SmartPointers1Query = TUniquePtrPassedToFunctionWithImproperSemanticsQuery() or TSharedPtrPassedToFunctionWithImproperSemanticsQuery() -predicate isSmartPointers1QueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isSmartPointers1QueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `ownedPointerValueStoredInUnrelatedSmartPointerAsar` query SmartPointers1Package::ownedPointerValueStoredInUnrelatedSmartPointerAsarQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/SmartPointers2.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/SmartPointers2.qll index aa0755a024..a0a93ebca5 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/SmartPointers2.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/SmartPointers2.qll @@ -7,7 +7,9 @@ newtype SmartPointers2Query = TWeakPtrNotUsedToRepresentTemporarySharedOwnershipQuery() or TOwnedPointerValueStoredInUnrelatedSmartPointerCertQuery() -predicate isSmartPointers2QueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isSmartPointers2QueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `weakPtrNotUsedToRepresentTemporarySharedOwnership` query SmartPointers2Package::weakPtrNotUsedToRepresentTemporarySharedOwnershipQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Strings.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Strings.qll index e40e1e7d7f..c267571625 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Strings.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Strings.qll @@ -13,7 +13,9 @@ newtype StringsQuery = TBasicStringMayNotBeNullTerminatedCertQuery() or TOperationMayNotNullTerminateCStyleStringCertQuery() -predicate isStringsQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isStringsQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `stringLiteralsAssignedToNonConstantPointers` query StringsPackage::stringLiteralsAssignedToNonConstantPointersQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Templates.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Templates.qll index d5eeb959a4..2b35c0e7c2 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Templates.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Templates.qll @@ -13,7 +13,9 @@ newtype TemplatesQuery = TNameNotReferredUsingAQualifiedIdOrThisQuery() or TNameNotReferredUsingAQualifiedIdOrThisAuditQuery() -predicate isTemplatesQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isTemplatesQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `templateShouldCheckArg` query TemplatesPackage::templateShouldCheckArgQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Toolchain.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Toolchain.qll index 7dcf9f523a..a9a17f7eb8 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Toolchain.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Toolchain.qll @@ -16,7 +16,9 @@ newtype ToolchainQuery = TCompilerWarningLevelNotInComplianceQuery() or TUncompliantOptimizationOptionMustBeDisabledInCompilerQuery() -predicate isToolchainQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isToolchainQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `floatingPointImplementationShallComplyWithIeeeStandard` query ToolchainPackage::floatingPointImplementationShallComplyWithIeeeStandardQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/TrustBoundaries.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/TrustBoundaries.qll index 38014aea5f..967974a661 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/TrustBoundaries.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/TrustBoundaries.qll @@ -8,7 +8,9 @@ newtype TrustBoundariesQuery = TDoNotThrowAnExceptionAcrossExecutionBoundariesQuery() or TDoNotPassANonstandardObjectAcrossBoundariesQuery() -predicate isTrustBoundariesQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isTrustBoundariesQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `exceptionsThrownAcrossExecutionBoundaries` query TrustBoundariesPackage::exceptionsThrownAcrossExecutionBoundariesQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/TypeRanges.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/TypeRanges.qll index 4dce9bbfe7..96f4e4dfad 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/TypeRanges.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/TypeRanges.qll @@ -15,7 +15,9 @@ newtype TypeRangesQuery = TDetectErrorsWhenConvertingAStringToANumberQuery() or TDoNotCastToAnOutOfRangeEnumerationValueQuery() -predicate isTypeRangesQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isTypeRangesQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `uncheckedRangeDomainPoleErrors` query TypeRangesPackage::uncheckedRangeDomainPoleErrorsQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Uninitialized.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Uninitialized.qll index e5eddf1b04..8c116a8095 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Uninitialized.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Uninitialized.qll @@ -8,7 +8,9 @@ newtype UninitializedQuery = TInformationLeakageAcrossTrustBoundariesQuery() or TDoNotReadUninitializedMemoryQuery() -predicate isUninitializedQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isUninitializedQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `memoryNotInitializedBeforeItIsRead` query UninitializedPackage::memoryNotInitializedBeforeItIsReadQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/VirtualFunctions.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/VirtualFunctions.qll index bce43ef45c..e2c73fc33d 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/VirtualFunctions.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/VirtualFunctions.qll @@ -13,7 +13,9 @@ newtype VirtualFunctionsQuery = TVirtualFunctionOverriddenByAPureVirtualFunctionQuery() or TVirtualFunctionParametersUseTheSameDefaultArgumentsQuery() -predicate isVirtualFunctionsQueryMetadata(Query query, string queryId, string ruleId, string category) { +predicate isVirtualFunctionsQueryMetadata( + Query query, string queryId, string ruleId, string category +) { query = // `Query` instance for the `nonVirtualPublicOrProtectedFunctionsRedefined` query VirtualFunctionsPackage::nonVirtualPublicOrProtectedFunctionsRedefinedQuery() and diff --git a/scripts/generate_rules/coding_standards_utils.py b/scripts/generate_rules/coding_standards_utils.py index 06366a5806..055ea4ba94 100644 --- a/scripts/generate_rules/coding_standards_utils.py +++ b/scripts/generate_rules/coding_standards_utils.py @@ -8,12 +8,15 @@ import tempfile import sys - # Add the shared module to the path script_path = Path(__file__) sys.path.append(str(script_path.parent.parent / 'shared')) +from codeql import CodeQL, CodeQLError from markdown_helpers import HeadingFormatUpdateSpec, update_help_file, HeadingDiffUpdateSpec +# Global holding an instance of CodeQL that can be shared too prevent repeated instantiation costs. +codeql = None + def split_camel_case(short_name : str) -> List[str]: """Split a camel case string to a list.""" matches = re.finditer( @@ -65,6 +68,13 @@ def write_exclusion_template(template: Type[Template], args: Dict[str, str], pac with open(file, "w", newline="\n") as f: f.write(output) + global codeql + if codeql == None: + codeql = CodeQL() + # Format the generated exclusion file because we don't want to handle this in the template. + # The format relies on the length of the package name. + codeql.format(file) + def extract_metadata_from_query(rule_id, title, rule_category, q, rule_query_tags, language_name, ql_language_name, standard_name, standard_short_name, standard_metadata, anonymise): metadata = q.copy() diff --git a/scripts/shared/codeql.py b/scripts/shared/codeql.py index 41100ed6d7..4f23f6d6db 100644 --- a/scripts/shared/codeql.py +++ b/scripts/shared/codeql.py @@ -130,4 +130,12 @@ def generate_query_help(self, query_help_path: Path, output: Path, format : str result = subprocess.run(command, capture_output=True) if not result.returncode == 0: raise CodeQLError( - f"Failed to generate query help file {query_help_path}", stdout=result.stdout, stderr=result.stderr, returncode=result.returncode) \ No newline at end of file + f"Failed to generate query help file {query_help_path}", stdout=result.stdout, stderr=result.stderr, returncode=result.returncode) + + def format(self, path: Path) -> None: + command = ['codeql', 'query', 'format', '--in-place', str(path)] + + result = subprocess.run(command, capture_output=True) + if not result.returncode == 0: + raise CodeQLError( + f"Failed to format file {path}", stdout=result.stdout, stderr=result.stderr, returncode=result.returncode) From 8738fe1f1138b5d4cea7ee25486740389c328376 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 25 Aug 2022 13:07:23 -0700 Subject: [PATCH 0151/2573] Add support for generating files for multiple packages This allows us to reduce the number of CodeQL CLI invocations for performance improvements. --- .../generate_rules/coding_standards_utils.py | 1 - .../generate_rules/generate_package_files.py | 399 +++++++++--------- 2 files changed, 204 insertions(+), 196 deletions(-) diff --git a/scripts/generate_rules/coding_standards_utils.py b/scripts/generate_rules/coding_standards_utils.py index 055ea4ba94..6f96460ef7 100644 --- a/scripts/generate_rules/coding_standards_utils.py +++ b/scripts/generate_rules/coding_standards_utils.py @@ -59,7 +59,6 @@ def render_template(template: Type[Template], args: Dict[str, str], package_name output = template.render(args, package_name=package_name) file.write(output) - def write_exclusion_template(template: Type[Template], args: Dict[str, str], package_name: str, language_name: str, file: TextIO): """Render the template with the given args, and write it to the file using \n newlines.""" output = template.render( diff --git a/scripts/generate_rules/generate_package_files.py b/scripts/generate_rules/generate_package_files.py index ecec553fa8..e34a2c1f3b 100644 --- a/scripts/generate_rules/generate_package_files.py +++ b/scripts/generate_rules/generate_package_files.py @@ -80,8 +80,8 @@ help="create anonymized versions of the queries, without identifying rule information", ) # Skip the generation of tests. This is useful when creating releases -# wherein we should preserve the author's intention to not provide c-specific -# test cases. +# wherein we should preserve the author's intention to not provide c-specific +# test cases. parser.add_argument( "--skip-shared-test-generation", action="store_true", @@ -99,36 +99,33 @@ help="directory containing external help files" ) parser.add_argument( - "package_name", help="the name of the package to generate query files for") + "package_names", help="the name of the package to generate query files for", metavar='FILE', nargs='+') ######################################################## args = parser.parse_args() language_name = args.language_name.lower() -package_name = args.package_name -# validate language +# validate language if not language_name in ql_language_mappings: exit(f"Unsupported language '{language_name}'") else: ql_language_name = ql_language_mappings[language_name] -# set up some basic paths +# set up some basic paths repo_root = Path(__file__).parent.parent.parent rule_packages_file_path = repo_root.joinpath("rule_packages") -rule_package_file_path = rule_packages_file_path.joinpath( - language_name, package_name + ".json") env = Environment(loader=FileSystemLoader(Path(__file__).parent.joinpath( "templates")), trim_blocks=True, lstrip_blocks=True) -def write_shared_implementation(package_name, rule_id, query, language_name, ql_language_name, common_src_pack_dir, common_test_pack_dir, skip_tests=False): +def write_shared_implementation(package_name, rule_id, query, language_name, ql_language_name, common_src_pack_dir, common_test_pack_dir, test_src_dir, skip_tests=False): shared_impl_dir_name = query["shared_implementation_short_name"].lower() shared_impl_dir = common_src_pack_dir.joinpath( - "codingstandards", - ql_language_name, - "rules", + "codingstandards", + ql_language_name, + "rules", shared_impl_dir_name ) @@ -138,33 +135,33 @@ def write_shared_implementation(package_name, rule_id, query, language_name, ql_ # # Write out the implementation. Implementations are - # always stored in the `ql_language_name` directory. + # always stored in the `ql_language_name` directory. # if not shared_impl_query_library_path.exists(): - + if len(query["short_name"]) > 50: exit(f"Error: {query['short_name']} has more than 50 characters.") - + shared_library_template = env.get_template( "shared_library.ql.template" ) print(f"{rule_id}: Writing out shared implementation file to {str(shared_impl_query_library_path)}") - + write_template( - shared_library_template, - query, - package_name, + shared_library_template, + query, + package_name, shared_impl_query_library_path ) else: print(f"{rule_id}: Skipping writing shared implementation file to {str(shared_impl_query_library_path)}") # Write out the test. Test are always stored under the `language_name` - # directory. + # directory. if not skip_tests: shared_impl_test_dir = common_test_pack_dir.joinpath( - "rules", + "rules", shared_impl_dir_name ) @@ -174,7 +171,7 @@ def write_shared_implementation(package_name, rule_id, query, language_name, ql_ shared_impl_test_query_path = shared_impl_test_dir.joinpath( f"{query['shared_implementation_short_name']}.ql" ) - + with open(shared_impl_test_query_path, "w", newline="\n") as f: f.write("// GENERATED FILE - DO NOT MODIFY\n") f.write( @@ -202,13 +199,13 @@ def write_shared_implementation(package_name, rule_id, query, language_name, ql_ test_ref_file = test_src_dir.joinpath( query["short_name"] + ".testref") - # don't write it if it already exists + # don't write it if it already exists if not test_ref_file.exists(): with open(test_ref_file, "w", newline="\n") as f: f.write(str(shared_impl_test_query_path.relative_to( repo_root)).replace("\\", "/")) -def write_non_shared_testfiles(query, language_name, query_path, test_src_dir, src_pack_dir): +def write_non_shared_testfiles(rule_id, query, language_name, query_path, test_src_dir, src_pack_dir): # Add qlref test file print( rule_id + ": Writing out query test files to " + str(test_src_dir)) @@ -221,185 +218,197 @@ def write_non_shared_testfiles(query, language_name, query_path, test_src_dir, s expected_results_file = test_src_dir.joinpath( f"{query['short_name']}.expected" ) - + if not expected_results_file.exists(): with open(expected_results_file, "w", newline="\n") as f: f.write( "No expected results have yet been specified") -try: - rule_package_file = open(rule_package_file_path, "r") -except PermissionError: - print("Error: No permission to read the rule package file located at '" + - str(rule_package_file_path) + "'") - sys.exit(1) -else: - with rule_package_file: - package_definition = json.load(rule_package_file) - - # Initialize exclusion - exclusion_query = [] - - # Check query standard name is unique before proceeding - query_names = [] - for standard_name, rules in package_definition.items(): - for rule_id, rule_details in rules.items(): - for query in rule_details["queries"]: - query_names.append(query["short_name"]) - if len(query_names) > len(set(query_names)): - print( - "Error: " + "Duplicate query name detected, each query must have a unique query name.") - sys.exit(1) - - for standard_name, rules in package_definition.items(): - - # Identify the short name for the standard, used for directory and tag names - standard_short_name = standard_name.split("-")[0].lower() - # Currently assumes that language_name is also the subdirectory name - standard_dir = repo_root.joinpath( - language_name).joinpath(standard_short_name) - # Identify common src and test packs - common_dir = repo_root.joinpath( - ql_language_name).joinpath("common") - common_src_pack_dir = common_dir.joinpath("src") - # The language specific files always live under the commons for that - # language - common_test_pack_dir = repo_root.joinpath(language_name, "common", "test") - # Identify the source pack for this standard - src_pack_dir = standard_dir.joinpath("src") - for rule_id, rule_details in rules.items(): - # Identify and create the directories required for this rule - rule_src_dir = src_pack_dir.joinpath("rules").joinpath(rule_id) - rule_src_dir.mkdir(exist_ok=True, parents=True) - test_src_dir = standard_dir.joinpath( - "test/rules").joinpath(rule_id) - test_src_dir.mkdir(exist_ok=True, parents=True) - # Extract the rule category from the obligation property. - assert("properties" in rule_details and "obligation" in rule_details["properties"]) - rule_category = rule_details["properties"]["obligation"] - # Build list of tags for this rule to apply to each query - rule_query_tags = [] - for key, value in rule_details["properties"].items(): - if isinstance(value, list): - for v in value: - rule_query_tags.append( - standard_tag(standard_short_name, key, v)) - else: - rule_query_tags.append(standard_tag( - standard_short_name, key, value)) - - for q in rule_details["queries"]: - - # extract metadata and model - query, exclusion_model = extract_metadata_from_query( - rule_id, - rule_details["title"], - rule_category, - q, - rule_query_tags, - language_name, - ql_language_name, - standard_name, - standard_short_name, - standard_metadata, - args.anonymise - ) - # add query to each dict - exclusion_query.append(exclusion_model) - - # Path to query file we want to generate or modify - query_path = rule_src_dir.joinpath( - query["short_name"] + ".ql") - if not query_path.exists(): - # Doesn't already exist, generate full template, including imports and select - if len(query["short_name"]) > 50: - print( - "Error: " + query["short_name"] + " has more than 50 characters. Query name should be less than 50 characters. ") - sys.exit(1) - print(rule_id + ": Writing out query file to " + - str(query_path)) - query_template = env.get_template("query.ql.template") - write_template(query_template, query, - package_name, query_path) - else: - # Query file does already exist, so we only re-write the metadata - print( - rule_id + ": Re-writing metadata for query file at " + str(query_path)) - query_metadata_template = env.get_template( - "query.metadata.template") - # Generate the new metadata - new_metadata = query_metadata_template.render(**query) - with open(query_path, "r+", newline="\n") as query_file: - # Read the existing query file contents - existing_contents = query_file.read() - # Move cursor back to the start of the file, so we can write later - query_file.seek(0) - # Confirm that the query file is valid - if not existing_contents.startswith("/**"): - print("Error: " + " cannot modify the metadata for query file at " + str( - query_path) + " - does not start with /**.") - sys.exit(1) - pos_of_comment_end = existing_contents.find("*/") - if pos_of_comment_end == -1: - print("Error: " + " cannot modify the metadata for query file at " + str( - query_path) + " - does not include a */.") - sys.exit(1) - # Write the new contents to the query file - new_contents = new_metadata + \ - existing_contents[pos_of_comment_end + 2:] - # Write the new contents to the file - query_file.writelines(new_contents) - # Ensure any trailing old data is deleted - query_file.truncate() - - # Add some metadata for each supported standard - if standard_name == "CERT-C++": - query["standard_title"] = "CERT-C++" - query["standard_url"] = "https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=88046682" - elif standard_name == "AUTOSAR": - query["standard_title"] = "AUTOSAR: Guidelines for the use of the C++14 language in critical and safety-related systems" - query[ - "standard_url" - ] = "https://www.autosar.org/fileadmin/user_upload/standards/adaptive/19-11/AUTOSAR_RS_CPP14Guidelines.pdf" - - help_dir = None - if standard_name in external_help_file_standards: - if args.external_help_dir.is_dir() and args.external_help_dir.exists(): - help_dir = Path(args.external_help_dir).resolve() / (rule_src_dir.relative_to(repo_root)) - help_dir.mkdir(parents=True, exist_ok=True) +def resolve_package(package_name: str) -> Path: + global rule_packages_file_path, language_name + return rule_packages_file_path.joinpath( + language_name, package_name + ".json") + +def generate_package_files(package_name: str) -> None: + global language_name, env + rule_package_file_path = resolve_package(package_name) + print(str(rule_package_file_path)) + try: + rule_package_file = rule_package_file_path.open("r") + except PermissionError: + print("Error: No permission to read the rule package file located at '" + + str(rule_package_file_path) + "'") + sys.exit(1) + else: + with rule_package_file: + package_definition = json.load(rule_package_file) + + # Initialize exclusion + exclusion_query = [] + + # Check query standard name is unique before proceeding + query_names = [] + for standard_name, rules in package_definition.items(): + for rule_id, rule_details in rules.items(): + for query in rule_details["queries"]: + query_names.append(query["short_name"]) + if len(query_names) > len(set(query_names)): + print( + "Error: " + "Duplicate query name detected, each query must have a unique query name.") + sys.exit(1) + + for standard_name, rules in package_definition.items(): + + # Identify the short name for the standard, used for directory and tag names + standard_short_name = standard_name.split("-")[0].lower() + # Currently assumes that language_name is also the subdirectory name + standard_dir = repo_root.joinpath( + language_name).joinpath(standard_short_name) + # Identify common src and test packs + common_dir = repo_root.joinpath( + ql_language_name).joinpath("common") + common_src_pack_dir = common_dir.joinpath("src") + # The language specific files always live under the commons for that + # language + common_test_pack_dir = repo_root.joinpath(language_name, "common", "test") + # Identify the source pack for this standard + src_pack_dir = standard_dir.joinpath("src") + for rule_id, rule_details in rules.items(): + # Identify and create the directories required for this rule + rule_src_dir = src_pack_dir.joinpath("rules").joinpath(rule_id) + rule_src_dir.mkdir(exist_ok=True, parents=True) + test_src_dir = standard_dir.joinpath( + "test/rules").joinpath(rule_id) + test_src_dir.mkdir(exist_ok=True, parents=True) + # Extract the rule category from the obligation property. + assert("properties" in rule_details and "obligation" in rule_details["properties"]) + rule_category = rule_details["properties"]["obligation"] + # Build list of tags for this rule to apply to each query + rule_query_tags = [] + for key, value in rule_details["properties"].items(): + if isinstance(value, list): + for v in value: + rule_query_tags.append( + standard_tag(standard_short_name, key, v)) else: - print(f"{rule_id} : Skipping writing of help file for {query_path} because no existing external help directory is provided!") - else: - help_dir = rule_src_dir - if help_dir: - write_query_help_file(help_dir, env, query, package_name, rule_id, standard_name) - - if "shared_implementation_short_name" in query: - write_shared_implementation(package_name, rule_id, query, language_name, ql_language_name, common_src_pack_dir, common_test_pack_dir, args.skip_shared_test_generation) - else: - write_non_shared_testfiles(query, language_name, query_path, test_src_dir, src_pack_dir) - # Exclusions - exclusions_template = env.get_template("exclusions.qll.template") - common_exclusions_dir = common_src_pack_dir.joinpath( - "codingstandards", - ql_language_name, - "exclusions") - # assign package and sanitize - package_name = package_name.replace("-", "") - package_name = package_name[:1].upper() + package_name[1:] - exclusion_library_file = common_exclusions_dir.joinpath(language_name, - package_name + ".qll") - # write exclusions file - print(package_name + ": Writing out exclusions file to " + - str(exclusion_library_file)) - - os.makedirs(common_exclusions_dir.joinpath( - language_name), exist_ok=True) - - write_exclusion_template(exclusions_template, exclusion_query, - package_name, language_name, exclusion_library_file) + rule_query_tags.append(standard_tag( + standard_short_name, key, value)) + + for q in rule_details["queries"]: + + # extract metadata and model + query, exclusion_model = extract_metadata_from_query( + rule_id, + rule_details["title"], + rule_category, + q, + rule_query_tags, + language_name, + ql_language_name, + standard_name, + standard_short_name, + standard_metadata, + args.anonymise + ) + # add query to each dict + exclusion_query.append(exclusion_model) + + # Path to query file we want to generate or modify + query_path = rule_src_dir.joinpath( + query["short_name"] + ".ql") + if not query_path.exists(): + # Doesn't already exist, generate full template, including imports and select + if len(query["short_name"]) > 50: + print( + "Error: " + query["short_name"] + " has more than 50 characters. Query name should be less than 50 characters. ") + sys.exit(1) + print(rule_id + ": Writing out query file to " + + str(query_path)) + query_template = env.get_template("query.ql.template") + write_template(query_template, query, + package_name, query_path) + else: + # Query file does already exist, so we only re-write the metadata + print( + rule_id + ": Re-writing metadata for query file at " + str(query_path)) + query_metadata_template = env.get_template( + "query.metadata.template") + # Generate the new metadata + new_metadata = query_metadata_template.render(**query) + with open(query_path, "r+", newline="\n") as query_file: + # Read the existing query file contents + existing_contents = query_file.read() + # Move cursor back to the start of the file, so we can write later + query_file.seek(0) + # Confirm that the query file is valid + if not existing_contents.startswith("/**"): + print("Error: " + " cannot modify the metadata for query file at " + str( + query_path) + " - does not start with /**.") + sys.exit(1) + pos_of_comment_end = existing_contents.find("*/") + if pos_of_comment_end == -1: + print("Error: " + " cannot modify the metadata for query file at " + str( + query_path) + " - does not include a */.") + sys.exit(1) + + # Write the new contents to the query file + new_contents = new_metadata + \ + existing_contents[pos_of_comment_end + 2:] + # Write the new contents to the file + query_file.writelines(new_contents) + # Ensure any trailing old data is deleted + query_file.truncate() + + # Add some metadata for each supported standard + if standard_name == "CERT-C++": + query["standard_title"] = "CERT-C++" + query["standard_url"] = "https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=88046682" + elif standard_name == "AUTOSAR": + query["standard_title"] = "AUTOSAR: Guidelines for the use of the C++14 language in critical and safety-related systems" + query[ + "standard_url" + ] = "https://www.autosar.org/fileadmin/user_upload/standards/adaptive/19-11/AUTOSAR_RS_CPP14Guidelines.pdf" + + help_dir = None + if standard_name in external_help_file_standards: + if args.external_help_dir.is_dir() and args.external_help_dir.exists(): + help_dir = Path(args.external_help_dir).resolve() / (rule_src_dir.relative_to(repo_root)) + help_dir.mkdir(parents=True, exist_ok=True) + else: + print(f"{rule_id} : Skipping writing of help file for {query_path} because no existing external help directory is provided!") + else: + help_dir = rule_src_dir + if help_dir: + write_query_help_file(help_dir, env, query, package_name, rule_id, standard_name) + if "shared_implementation_short_name" in query: + write_shared_implementation(package_name, rule_id, query, language_name, ql_language_name, common_src_pack_dir, common_test_pack_dir, test_src_dir, args.skip_shared_test_generation) + else: + write_non_shared_testfiles(rule_id, query, language_name, query_path, test_src_dir, src_pack_dir) + # Exclusions + exclusions_template = env.get_template("exclusions.qll.template") + common_exclusions_dir = common_src_pack_dir.joinpath( + "codingstandards", + ql_language_name, + "exclusions") + # assign package and sanitize + package_name = package_name.replace("-", "") + package_name = package_name[:1].upper() + package_name[1:] + exclusion_library_file = common_exclusions_dir.joinpath(language_name, + package_name + ".qll") + # write exclusions file + print(package_name + ": Writing out exclusions file to " + + str(exclusion_library_file)) + + os.makedirs(common_exclusions_dir.joinpath( + language_name), exist_ok=True) + + write_exclusion_template(exclusions_template, exclusion_query, + package_name, language_name, exclusion_library_file) + +for package_name in args.package_names: + generate_package_files(package_name) # After updating these files, the metadata should be regenerated print("==========================================================") From 1d4b947eb6ac50202667fff9d74c8a552b624d73 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 25 Aug 2022 13:57:04 -0700 Subject: [PATCH 0152/2573] Address incorrect format exclusion files --- cpp/common/src/codingstandards/cpp/exclusions/c/Banned.qll | 4 +--- .../src/codingstandards/cpp/exclusions/c/Concurrency1.qll | 4 +--- .../src/codingstandards/cpp/exclusions/c/Concurrency2.qll | 4 +--- .../src/codingstandards/cpp/exclusions/c/Concurrency3.qll | 4 +--- .../src/codingstandards/cpp/exclusions/c/Contracts1.qll | 4 +--- .../src/codingstandards/cpp/exclusions/c/Declarations1.qll | 4 +--- .../src/codingstandards/cpp/exclusions/c/Expressions.qll | 4 +--- cpp/common/src/codingstandards/cpp/exclusions/c/IO1.qll | 4 +--- cpp/common/src/codingstandards/cpp/exclusions/c/IO2.qll | 4 +--- cpp/common/src/codingstandards/cpp/exclusions/c/IO3.qll | 4 +--- cpp/common/src/codingstandards/cpp/exclusions/c/Misc.qll | 4 +--- cpp/common/src/codingstandards/cpp/exclusions/c/Pointers1.qll | 4 +--- cpp/common/src/codingstandards/cpp/exclusions/c/Pointers2.qll | 4 +--- .../src/codingstandards/cpp/exclusions/c/Preprocessor1.qll | 4 +--- .../src/codingstandards/cpp/exclusions/c/Preprocessor2.qll | 4 +--- .../src/codingstandards/cpp/exclusions/c/Preprocessor3.qll | 4 +--- .../src/codingstandards/cpp/exclusions/c/Preprocessor4.qll | 4 +--- .../src/codingstandards/cpp/exclusions/c/Preprocessor5.qll | 4 +--- .../src/codingstandards/cpp/exclusions/c/SideEffects1.qll | 4 +--- .../src/codingstandards/cpp/exclusions/c/SideEffects2.qll | 4 +--- cpp/common/src/codingstandards/cpp/exclusions/c/Strings1.qll | 4 +--- cpp/common/src/codingstandards/cpp/exclusions/c/Strings2.qll | 4 +--- cpp/common/src/codingstandards/cpp/exclusions/c/Strings3.qll | 4 +--- cpp/common/src/codingstandards/cpp/exclusions/c/Syntax.qll | 4 +--- 24 files changed, 24 insertions(+), 72 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Banned.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Banned.qll index c8f199ace7..888e0863a3 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Banned.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Banned.qll @@ -24,9 +24,7 @@ newtype BannedQuery = TOctalConstantsUsedQuery() or TRestrictTypeQualifierUsedQuery() -predicate isBannedQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isBannedQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `doNotCallSystem` query BannedPackage::doNotCallSystemQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency1.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency1.qll index 0821bf38ad..ed3a82c28d 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency1.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency1.qll @@ -8,9 +8,7 @@ newtype Concurrency1Query = TRaceConditionsWhenUsingLibraryFunctionsQuery() or TDoNotCallSignalInMultithreadedProgramQuery() -predicate isConcurrency1QueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isConcurrency1QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `preventDataRacesWithMultipleThreads` query Concurrency1Package::preventDataRacesWithMultipleThreadsQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency2.qll index 4577431951..38a3eaa513 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency2.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency2.qll @@ -7,9 +7,7 @@ newtype Concurrency2Query = TDeadlockByLockingInPredefinedOrderQuery() or TWrapFunctionsThatCanSpuriouslyWakeUpInLoopQuery() -predicate isConcurrency2QueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isConcurrency2QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `deadlockByLockingInPredefinedOrder` query Concurrency2Package::deadlockByLockingInPredefinedOrderQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency3.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency3.qll index ec3ada4552..982ea21543 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency3.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency3.qll @@ -9,9 +9,7 @@ newtype Concurrency3Query = TPreserveSafetyWhenUsingConditionVariablesQuery() or TWrapFunctionsThatCanFailSpuriouslyInLoopQuery() -predicate isConcurrency3QueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isConcurrency3QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `doNotAllowAMutexToGoOutOfScopeWhileLocked` query Concurrency3Package::doNotAllowAMutexToGoOutOfScopeWhileLockedQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts1.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts1.qll index 75ed7605fb..3336438b98 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts1.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts1.qll @@ -7,9 +7,7 @@ newtype Contracts1Query = TDoNotModifyTheReturnValueOfCertainFunctionsQuery() or TEnvPointerIsInvalidAfterCertainOperationsQuery() -predicate isContracts1QueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isContracts1QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `doNotModifyTheReturnValueOfCertainFunctions` query Contracts1Package::doNotModifyTheReturnValueOfCertainFunctionsQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations1.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations1.qll index 238c43e511..c5ffaa56e3 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations1.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations1.qll @@ -11,9 +11,7 @@ newtype Declarations1Query = TMacroIdentifiersNotDistinctQuery() or TMacroIdentifierNotDistinctFromParameterQuery() -predicate isDeclarations1QueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isDeclarations1QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `declareIdentifiersBeforeUsingThem` query Declarations1Package::declareIdentifiersBeforeUsingThemQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Expressions.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Expressions.qll index 58bd9237cc..fab8e21d01 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Expressions.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Expressions.qll @@ -9,9 +9,7 @@ newtype ExpressionsQuery = TCallPOSIXOpenWithCorrectArgumentCountQuery() or TDoNotUseABitwiseOperatorWithABooleanLikeOperandQuery() -predicate isExpressionsQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isExpressionsQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `doNotCallFunctionPointerWithIncompatibleType` query ExpressionsPackage::doNotCallFunctionPointerWithIncompatibleTypeQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/IO1.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/IO1.qll index bbb1778c86..b3c1bdd428 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/IO1.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/IO1.qll @@ -12,9 +12,7 @@ newtype IO1Query = TUndefinedBehaviorAccessingAClosedFileQuery() or TFileUsedAfterClosedQuery() -predicate isIO1QueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isIO1QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `excludeUserInputFromFormatStrings` query IO1Package::excludeUserInputFromFormatStringsQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/IO2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/IO2.qll index f909539540..6208470e24 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/IO2.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/IO2.qll @@ -9,9 +9,7 @@ newtype IO2Query = TDoNotCallGetcAndPutcWithSideEffectsQuery() or TOnlyUseValuesForFsetposThatAreReturnedFromFgetposQuery() -predicate isIO2QueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isIO2QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `doNotCopyAFileObject` query IO2Package::doNotCopyAFileObjectQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/IO3.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/IO3.qll index 16e34ecb27..9aac753c0b 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/IO3.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/IO3.qll @@ -11,9 +11,7 @@ newtype IO3Query = TPointerToAFileObjectDereferencedQuery() or TEofShallBeComparedWithUnmodifiedReturnValuesQuery() -predicate isIO3QueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isIO3QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `doNotPerformFileOperationsOnDevices` query IO3Package::doNotPerformFileOperationsOnDevicesQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Misc.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Misc.qll index fa372c0ffb..9535c8a6d1 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Misc.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Misc.qll @@ -8,9 +8,7 @@ newtype MiscQuery = TProperlySeedPseudorandomNumberGeneratorsQuery() or TControlFlowReachesTheEndOfANonVoidFunctionQuery() -predicate isMiscQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isMiscQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `randUsedForGeneratingPseudorandomNumbers` query MiscPackage::randUsedForGeneratingPseudorandomNumbersQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers1.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers1.qll index 35fbcef3fd..e35f0f3a88 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers1.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers1.qll @@ -22,9 +22,7 @@ newtype Pointers1Query = TObjectWithNoPointerDereferenceShouldBeOpaqueQuery() or TPointerShouldPointToConstTypeWhenPossibleQuery() -predicate isPointers1QueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isPointers1QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `conversionBetweenFunctionPointerAndOtherType` query Pointers1Package::conversionBetweenFunctionPointerAndOtherTypeQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers2.qll index 558c57144a..476388612e 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers2.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers2.qll @@ -5,9 +5,7 @@ import codingstandards.cpp.exclusions.RuleMetadata newtype Pointers2Query = TDoNotAddOrSubtractAScaledIntegerToAPointerQuery() -predicate isPointers2QueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isPointers2QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `doNotAddOrSubtractAScaledIntegerToAPointer` query Pointers2Package::doNotAddOrSubtractAScaledIntegerToAPointerQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor1.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor1.qll index 9231d99e46..1f3c9bba38 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor1.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor1.qll @@ -9,9 +9,7 @@ newtype Preprocessor1Query = TForbiddenCharactersInHeaderFileNameQuery() or TIdentifiersUsedInPreprocessorExpressionQuery() -predicate isPreprocessor1QueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isPreprocessor1QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `includeDirectivesPrecededByDirectivesOrComments` query Preprocessor1Package::includeDirectivesPrecededByDirectivesOrCommentsQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor2.qll index 0442ccf74c..bc6fc91da6 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor2.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor2.qll @@ -9,9 +9,7 @@ newtype Preprocessor2Query = TUndefShouldNotBeUsedQuery() or TPrecautionIncludeGuardsNotProvidedQuery() -predicate isPreprocessor2QueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isPreprocessor2QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `moreThanOneHashOperatorInMacroDefinition` query Preprocessor2Package::moreThanOneHashOperatorInMacroDefinitionQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor3.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor3.qll index 51708339a1..1b9ed9374e 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor3.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor3.qll @@ -5,9 +5,7 @@ import codingstandards.cpp.exclusions.RuleMetadata newtype Preprocessor3Query = TControllingExpressionIfDirectiveQuery() -predicate isPreprocessor3QueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isPreprocessor3QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `controllingExpressionIfDirective` query Preprocessor3Package::controllingExpressionIfDirectiveQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor4.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor4.qll index 3baabc600b..8b30501183 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor4.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor4.qll @@ -8,9 +8,7 @@ newtype Preprocessor4Query = TFunctionLikeMacroArgsContainHashTokenCQueryQuery() or TDefineAndUndefUsedOnReservedIdentifierOrMacroNameQuery() -predicate isPreprocessor4QueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isPreprocessor4QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `macroDefinedWithTheSameNameAsKeyword` query Preprocessor4Package::macroDefinedWithTheSameNameAsKeywordQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor5.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor5.qll index e0a7743aaf..0d35690408 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor5.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor5.qll @@ -8,9 +8,7 @@ newtype Preprocessor5Query = TMacroOrFunctionArgsContainHashTokenQuery() or TMacroParameterNotEnclosedInParenthesesCQueryQuery() -predicate isPreprocessor5QueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isPreprocessor5QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `doNotTreatAPredefinedIdentifierAsObject` query Preprocessor5Package::doNotTreatAPredefinedIdentifierAsObjectQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects1.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects1.qll index af5c529bc3..24175cdfb7 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects1.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects1.qll @@ -15,9 +15,7 @@ newtype SideEffects1Query = TPossibleSuppressedSideEffectInLogicOperatorOperandQuery() or TSizeofOperandWithSideEffectQuery() -predicate isSideEffects1QueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isSideEffects1QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `dependenceOnOrderOfScalarEvaluationForSideEffects` query SideEffects1Package::dependenceOnOrderOfScalarEvaluationForSideEffectsQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects2.qll index d02b2d16e7..82e5c0c5d2 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects2.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects2.qll @@ -7,9 +7,7 @@ newtype SideEffects2Query = TSideEffectAndCrementInFullExpressionQuery() or TModificationOfFunctionParameterQuery() -predicate isSideEffects2QueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isSideEffects2QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `sideEffectAndCrementInFullExpression` query SideEffects2Package::sideEffectAndCrementInFullExpressionQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Strings1.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Strings1.qll index 9fd719a7fb..e306df55bf 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Strings1.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Strings1.qll @@ -8,9 +8,7 @@ newtype Strings1Query = TStringsHasSufficientSpaceForTheNullTerminatorQuery() or TNonNullTerminatedToFunctionThatExpectsAStringQuery() -predicate isStrings1QueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isStrings1QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `doNotAttemptToModifyStringLiterals` query Strings1Package::doNotAttemptToModifyStringLiteralsQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Strings2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Strings2.qll index 44ef427314..99dd98d68e 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Strings2.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Strings2.qll @@ -5,9 +5,7 @@ import codingstandards.cpp.exclusions.RuleMetadata newtype Strings2Query = TToCharacterHandlingFunctionsRepresentableAsUCharQuery() -predicate isStrings2QueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isStrings2QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `toCharacterHandlingFunctionsRepresentableAsUChar` query Strings2Package::toCharacterHandlingFunctionsRepresentableAsUCharQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Strings3.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Strings3.qll index 0b20b59e90..760f54b9fa 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Strings3.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Strings3.qll @@ -7,9 +7,7 @@ newtype Strings3Query = TCastCharBeforeConvertingToLargerSizesQuery() or TDoNotConfuseNarrowAndWideFunctionsQuery() -predicate isStrings3QueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isStrings3QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `castCharBeforeConvertingToLargerSizes` query Strings3Package::castCharBeforeConvertingToLargerSizesQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Syntax.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Syntax.qll index 4c949da3b8..3a53cf05c3 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Syntax.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Syntax.qll @@ -12,9 +12,7 @@ newtype SyntaxQuery = TUOrUSuffixRepresentedInUnsignedTypeQuery() or TLowercaseCharacterLUsedInLiteralSuffixQuery() -predicate isSyntaxQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isSyntaxQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `characterSequencesAndUsedWithinAComment` query SyntaxPackage::characterSequencesAndUsedWithinACommentQuery() and From aeab8c3ed583abff8963f878d55f7b0686f2d49d Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 25 Aug 2022 15:44:54 -0700 Subject: [PATCH 0153/2573] Switch to GH managed CodeQL cli --- .../workflows/validate-coding-standards.yml | 22 ++++++++++++++----- 1 file changed, 16 insertions(+), 6 deletions(-) diff --git a/.github/workflows/validate-coding-standards.yml b/.github/workflows/validate-coding-standards.yml index adc2b32908..0346227b7f 100644 --- a/.github/workflows/validate-coding-standards.yml +++ b/.github/workflows/validate-coding-standards.yml @@ -28,6 +28,15 @@ jobs: with: python-version: "3.9" + - name: Install CodeQL + run: | + VERSION="v$( jq -r '.supported_environment | .[0] | .codeql_cli' supported_codeql_configs.json)" + gh extensions install github/gh-codeql + gh codeql set-version "$VERSION" + gh codeql install-stub + env: + GITHUB_TOKEN: ${{ github.token }} + - name: Install generate_package_files.py dependencies run: pip install -r scripts/requirements.txt @@ -68,17 +77,18 @@ jobs: - name: Checkout uses: actions/checkout@v2 - - name: Fetch CodeQL + - name: Install CodeQL run: | - TAG="v$( jq -r '.supported_environment | .[0] | .codeql_cli' supported_codeql_configs.json)" - gh release download $TAG --repo https://github.com/github/codeql-cli-binaries --pattern codeql-linux64.zip - unzip -q codeql-linux64.zip + VERSION="v$( jq -r '.supported_environment | .[0] | .codeql_cli' supported_codeql_configs.json)" + gh extensions install github/gh-codeql + gh codeql set-version "$VERSION" + gh codeql install-stub env: GITHUB_TOKEN: ${{ github.token }} - name: Validate CodeQL Format (CPP) run: | - find cpp -name \*.ql -or -name \*.qll -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql/codeql query format --in-place + find cpp -name \*.ql -or -name \*.qll -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql query format --in-place git diff git diff --compact-summary @@ -86,7 +96,7 @@ jobs: - name: Validate CodeQL Format (C) run: | - find c -name \*.ql -or -name \*.qll -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql/codeql query format --in-place + find c -name \*.ql -or -name \*.qll -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql query format --in-place git diff git diff --compact-summary From acb0ff1a3fa8a5bebb1c9ffb3ed581e3b5de2b9b Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 25 Aug 2022 15:56:56 -0700 Subject: [PATCH 0154/2573] Address race condition in package file generation Each file generation for a package will update the shared meta data value for the language the package belongs to. Running generation in parallel will result in a race condition which may result in inconsistent meta data files. --- .github/workflows/validate-coding-standards.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/validate-coding-standards.yml b/.github/workflows/validate-coding-standards.yml index 0346227b7f..a57634dfc0 100644 --- a/.github/workflows/validate-coding-standards.yml +++ b/.github/workflows/validate-coding-standards.yml @@ -58,14 +58,14 @@ jobs: - name: Validate Package Files (CPP) run: | - find rule_packages/cpp -name \*.json -exec basename {} .json \; | xargs --max-procs "$XARGS_MAX_PROCS" --max-args 1 python scripts/generate_rules/generate_package_files.py cpp + find rule_packages/cpp -name \*.json -exec basename {} .json \; | xargs python scripts/generate_rules/generate_package_files.py cpp git diff git diff --compact-summary git diff --quiet - name: Validate Package Files (C) run: | - find rule_packages/c -name \*.json -exec basename {} .json \; | xargs --max-procs "$XARGS_MAX_PROCS" --max-args 1 python scripts/generate_rules/generate_package_files.py c + find rule_packages/c -name \*.json -exec basename {} .json \; | xargs python scripts/generate_rules/generate_package_files.py c git diff git diff --compact-summary git diff --quiet From 0bdf01120b5b90fda1fc193a39a7502ac3562c5b Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 29 Aug 2022 12:19:28 -0700 Subject: [PATCH 0155/2573] Address incorrect formatting --- .../src/codingstandards/cpp/exclusions/cpp/Allocations.qll | 4 +--- .../codingstandards/cpp/exclusions/cpp/BannedFunctions.qll | 4 +--- .../codingstandards/cpp/exclusions/cpp/BannedLibraries.qll | 4 +--- .../src/codingstandards/cpp/exclusions/cpp/BannedSyntax.qll | 4 +--- .../src/codingstandards/cpp/exclusions/cpp/BannedTypes.qll | 4 +--- cpp/common/src/codingstandards/cpp/exclusions/cpp/Classes.qll | 4 +--- .../src/codingstandards/cpp/exclusions/cpp/Comments.qll | 4 +--- .../src/codingstandards/cpp/exclusions/cpp/Concurrency.qll | 4 +--- .../src/codingstandards/cpp/exclusions/cpp/Conditionals.qll | 4 +--- cpp/common/src/codingstandards/cpp/exclusions/cpp/Const.qll | 4 +--- .../src/codingstandards/cpp/exclusions/cpp/DeadCode.qll | 4 +--- .../src/codingstandards/cpp/exclusions/cpp/Declarations.qll | 4 +--- .../codingstandards/cpp/exclusions/cpp/ExceptionSafety.qll | 4 +--- .../src/codingstandards/cpp/exclusions/cpp/Exceptions1.qll | 4 +--- .../src/codingstandards/cpp/exclusions/cpp/Exceptions2.qll | 4 +--- .../src/codingstandards/cpp/exclusions/cpp/Expressions.qll | 4 +--- cpp/common/src/codingstandards/cpp/exclusions/cpp/Freed.qll | 4 +--- .../src/codingstandards/cpp/exclusions/cpp/Functions.qll | 4 +--- cpp/common/src/codingstandards/cpp/exclusions/cpp/IO.qll | 4 +--- .../src/codingstandards/cpp/exclusions/cpp/Includes.qll | 4 +--- .../src/codingstandards/cpp/exclusions/cpp/Inheritance.qll | 4 +--- .../src/codingstandards/cpp/exclusions/cpp/Initialization.qll | 4 +--- .../src/codingstandards/cpp/exclusions/cpp/Invariants.qll | 4 +--- .../src/codingstandards/cpp/exclusions/cpp/Iterators.qll | 4 +--- cpp/common/src/codingstandards/cpp/exclusions/cpp/Lambdas.qll | 4 +--- .../src/codingstandards/cpp/exclusions/cpp/Literals.qll | 4 +--- cpp/common/src/codingstandards/cpp/exclusions/cpp/Loops.qll | 4 +--- cpp/common/src/codingstandards/cpp/exclusions/cpp/Macros.qll | 4 +--- .../src/codingstandards/cpp/exclusions/cpp/MoveForward.qll | 4 +--- cpp/common/src/codingstandards/cpp/exclusions/cpp/Naming.qll | 4 +--- cpp/common/src/codingstandards/cpp/exclusions/cpp/Null.qll | 4 +--- .../src/codingstandards/cpp/exclusions/cpp/Operators.qll | 4 +--- .../src/codingstandards/cpp/exclusions/cpp/OutOfBounds.qll | 4 +--- .../src/codingstandards/cpp/exclusions/cpp/Pointers.qll | 4 +--- .../src/codingstandards/cpp/exclusions/cpp/Representation.qll | 4 +--- cpp/common/src/codingstandards/cpp/exclusions/cpp/Scope.qll | 4 +--- .../src/codingstandards/cpp/exclusions/cpp/SideEffects1.qll | 4 +--- .../src/codingstandards/cpp/exclusions/cpp/SideEffects2.qll | 4 +--- .../src/codingstandards/cpp/exclusions/cpp/SmartPointers1.qll | 4 +--- .../src/codingstandards/cpp/exclusions/cpp/SmartPointers2.qll | 4 +--- cpp/common/src/codingstandards/cpp/exclusions/cpp/Strings.qll | 4 +--- .../src/codingstandards/cpp/exclusions/cpp/Templates.qll | 4 +--- .../src/codingstandards/cpp/exclusions/cpp/Toolchain.qll | 4 +--- .../codingstandards/cpp/exclusions/cpp/TrustBoundaries.qll | 4 +--- .../src/codingstandards/cpp/exclusions/cpp/TypeRanges.qll | 4 +--- .../src/codingstandards/cpp/exclusions/cpp/Uninitialized.qll | 4 +--- 46 files changed, 46 insertions(+), 138 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Allocations.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Allocations.qll index b030945851..56bdf2b954 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Allocations.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Allocations.qll @@ -26,9 +26,7 @@ newtype AllocationsQuery = TOperatorDeleteMissingPartnerCertQuery() or TUsingDefaultOperatorNewForOverAlignedTypesQuery() -predicate isAllocationsQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isAllocationsQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `placementNewNotProperlyAlignedAutosar` query AllocationsPackage::placementNewNotProperlyAlignedAutosarQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedFunctions.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedFunctions.qll index 2bd4c25284..c17972650b 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedFunctions.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedFunctions.qll @@ -16,9 +16,7 @@ newtype BannedFunctionsQuery = TDoNotUseRandForGeneratingPseudorandomNumbersQuery() or TPreferSpecialMemberFunctionsAndOverloadedOperatorsToCStandardLibraryFunctionsQuery() -predicate isBannedFunctionsQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isBannedFunctionsQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `functionsMallocCallocReallocAndFreeUsed` query BannedFunctionsPackage::functionsMallocCallocReallocAndFreeUsedQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedLibraries.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedLibraries.qll index 4b35ba7d90..9a314e79c6 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedLibraries.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedLibraries.qll @@ -17,9 +17,7 @@ newtype BannedLibrariesQuery = TCstdioTypesUsedQuery() or TUsageOfAssemblerNotDocumentedQuery() -predicate isBannedLibrariesQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isBannedLibrariesQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `reservedIdentifiersMacrosAndFunctionsAreDefinedRedefinedOrUndefined` query BannedLibrariesPackage::reservedIdentifiersMacrosAndFunctionsAreDefinedRedefinedOrUndefinedQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedSyntax.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedSyntax.qll index d78a7a5e3e..c473616374 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedSyntax.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedSyntax.qll @@ -22,9 +22,7 @@ newtype BannedSyntaxQuery = TUsingDeclarationsUsedInHeaderFilesQuery() or TDoNotDefineACStyleVariadicFunctionQuery() -predicate isBannedSyntaxQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isBannedSyntaxQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `friendDeclarationsUsed` query BannedSyntaxPackage::friendDeclarationsUsedQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedTypes.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedTypes.qll index b53c0e2381..8328a0f4d4 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedTypes.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedTypes.qll @@ -9,9 +9,7 @@ newtype BannedTypesQuery = TAutoPtrTypeUsedQuery() or TTypeWcharTUsedQuery() -predicate isBannedTypesQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isBannedTypesQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `typeLongDoubleUsed` query BannedTypesPackage::typeLongDoubleUsedQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Classes.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Classes.qll index 15bef7ea1a..92c7a4280e 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Classes.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Classes.qll @@ -23,9 +23,7 @@ newtype ClassesQuery = TMemberDataInNonPodClassTypesNotPrivateQuery() or TOffsetUsedOnInvalidTypeOrMemberQuery() -predicate isClassesQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isClassesQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `nonPodTypeShouldBeDefinedAsClass` query ClassesPackage::nonPodTypeShouldBeDefinedAsClassQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Comments.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Comments.qll index 1d32994c0c..9d4d186122 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Comments.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Comments.qll @@ -10,9 +10,7 @@ newtype CommentsQuery = TSlashStarUsedWithinACStyleCommentQuery() or TNullOnSharedLineQuery() -predicate isCommentsQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isCommentsQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `singleLineCommentEndsWithSlash` query CommentsPackage::singleLineCommentEndsWithSlashQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Concurrency.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Concurrency.qll index 936b09705a..8038d4e51e 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Concurrency.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Concurrency.qll @@ -14,9 +14,7 @@ newtype ConcurrencyQuery = TDoNotSpeculativelyLockALockedNonRecursiveMutexQuery() or TLockedALockedNonRecursiveMutexAuditQuery() -predicate isConcurrencyQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isConcurrencyQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `doNotAllowAMutexToGoOutOfScopeWhileLocked` query ConcurrencyPackage::doNotAllowAMutexToGoOutOfScopeWhileLockedQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Conditionals.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Conditionals.qll index 90538feaf6..979e51e5c8 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Conditionals.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Conditionals.qll @@ -22,9 +22,7 @@ newtype ConditionalsQuery = TGotoStatementJumpConditionQuery() or TContinueInForLoopConditionQuery() -predicate isConditionalsQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isConditionalsQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `nonBooleanIfCondition` query ConditionalsPackage::nonBooleanIfConditionQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Const.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Const.qll index 74da377047..1245139eb1 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Const.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Const.qll @@ -18,9 +18,7 @@ newtype ConstQuery = TMemberFunctionConstIfPossibleQuery() or TRemoveConstOrVolatileQualificationCertQuery() -predicate isConstQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isConstQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `removeConstOrVolatileQualificationAutosar` query ConstPackage::removeConstOrVolatileQualificationAutosarQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/DeadCode.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/DeadCode.qll index d2c2dd31a6..40b8795e5e 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/DeadCode.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/DeadCode.qll @@ -21,9 +21,7 @@ newtype DeadCodeQuery = TSingleUseMemberPODVariableQuery() or TDeadCodeQuery() -predicate isDeadCodeQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isDeadCodeQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `uselessAssignment` query DeadCodePackage::uselessAssignmentQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Declarations.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Declarations.qll index fc48d7c195..5d51fd522f 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Declarations.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Declarations.qll @@ -22,9 +22,7 @@ newtype DeclarationsQuery = TTypesNotIdenticalInObjectDeclarationsQuery() or TTypesNotIdenticalInReturnDeclarationsQuery() -predicate isDeclarationsQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isDeclarationsQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `operatorNewAndOperatorDeleteNotDefinedLocally` query DeclarationsPackage::operatorNewAndOperatorDeleteNotDefinedLocallyQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/ExceptionSafety.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/ExceptionSafety.qll index f75670da7d..bab954a505 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/ExceptionSafety.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/ExceptionSafety.qll @@ -10,9 +10,7 @@ newtype ExceptionSafetyQuery = TGuaranteeExceptionSafetyQuery() or TDoNotLeakResourcesWhenHandlingExceptionsQuery() -predicate isExceptionSafetyQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isExceptionSafetyQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `exceptionSafetyGuaranteesNotProvided` query ExceptionSafetyPackage::exceptionSafetyGuaranteesNotProvidedQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Exceptions1.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Exceptions1.qll index 63d77d621b..c4937348e8 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Exceptions1.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Exceptions1.qll @@ -39,9 +39,7 @@ newtype Exceptions1Query = TExceptionObjectsMustBeNothrowCopyConstructibleQuery() or TCatchExceptionsByLvalueReferenceQuery() -predicate isExceptions1QueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isExceptions1QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `exceptionThrownOnCompletion` query Exceptions1Package::exceptionThrownOnCompletionQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Exceptions2.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Exceptions2.qll index d182e0ba06..fa990c8f0f 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Exceptions2.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Exceptions2.qll @@ -22,9 +22,7 @@ newtype Exceptions2Query = TDoNotLetExceptionsEscapeFromDestructorsOrDeallocationFunctionsQuery() or TCatchBlockShadowingCertQuery() -predicate isExceptions2QueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isExceptions2QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `onlyThrowStdExceptionDerivedTypes` query Exceptions2Package::onlyThrowStdExceptionDerivedTypesQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Expressions.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Expressions.qll index 97010da072..9797b874e5 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Expressions.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Expressions.qll @@ -21,9 +21,7 @@ newtype ExpressionsQuery = TPassReferenceTypeToVaStartQuery() or TPassNonTrivialObjectToVaStartQuery() -predicate isExpressionsQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isExpressionsQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `operationsAssumingMemoryLayoutPerformedOnObjects` query ExpressionsPackage::operationsAssumingMemoryLayoutPerformedOnObjectsQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Freed.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Freed.qll index 2be85fad11..00d3bbdf99 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Freed.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Freed.qll @@ -14,9 +14,7 @@ newtype FreedQuery = TObjectAccessedAfterLifetimeCertQuery() or TUseAfterFreeQuery() -predicate isFreedQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isFreedQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `newDeleteArrayMismatch` query FreedPackage::newDeleteArrayMismatchQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Functions.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Functions.qll index 41a02da4a1..c83fd189d8 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Functions.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Functions.qll @@ -19,9 +19,7 @@ newtype FunctionsQuery = TNonVoidFunctionDoesNotReturnCertQuery() or TFunctionNoReturnAttributeConditionCertQuery() -predicate isFunctionsQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isFunctionsQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `cStandardLibraryFunctionCalls` query FunctionsPackage::cStandardLibraryFunctionCallsQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/IO.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/IO.qll index c6a5748455..d8cadfc184 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/IO.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/IO.qll @@ -8,9 +8,7 @@ newtype IOQuery = TInterleavedInputOutputWithoutPositionQuery() or TCloseFilesWhenTheyAreNoLongerNeededQuery() -predicate isIOQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isIOQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `interleavedInputOutputWithoutFlush` query IOPackage::interleavedInputOutputWithoutFlushQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Includes.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Includes.qll index 305d7dbdd7..f4eb83bc3e 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Includes.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Includes.qll @@ -11,9 +11,7 @@ newtype IncludesQuery = TExternalLinkageNotDeclaredInHeaderFileQuery() or TIncludeGuardsNotProvidedQuery() -predicate isIncludesQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isIncludesQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `unusedIncludeDirectives` query IncludesPackage::unusedIncludeDirectivesQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Inheritance.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Inheritance.qll index 8e79ed1ee2..a3775b87d6 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Inheritance.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Inheritance.qll @@ -18,9 +18,7 @@ newtype InheritanceQuery = TDoNotSliceDerivedObjectsQuery() or TDoNotDeleteAPolymorphicObjectWithoutAVirtualDestructorQuery() -predicate isInheritanceQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isInheritanceQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `publicInheritanceNotUsedForIsARelationship` query InheritancePackage::publicInheritanceNotUsedForIsARelationshipQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Initialization.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Initialization.qll index ec134439e3..6c8d0f5258 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Initialization.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Initialization.qll @@ -26,9 +26,7 @@ newtype InitializationQuery = TBadlySeededRandomNumberGeneratorQuery() or TUseCanonicalOrderForMemberInitQuery() -predicate isInitializationQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isInitializationQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `explicitConstructorBaseClassInitialization` query InitializationPackage::explicitConstructorBaseClassInitializationQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Invariants.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Invariants.qll index c775dc05b9..7633df480a 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Invariants.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Invariants.qll @@ -11,9 +11,7 @@ newtype InvariantsQuery = THonorTerminationReplacementHandlerRequirementsQuery() or THonorNewReplacementHandlerRequirementsQuery() -predicate isInvariantsQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isInvariantsQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `memoryManagementFunctionInvariants` query InvariantsPackage::memoryManagementFunctionInvariantsQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Iterators.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Iterators.qll index 0a6b8ffaba..5dac989603 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Iterators.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Iterators.qll @@ -12,9 +12,7 @@ newtype IteratorsQuery = TDoNotUseAnAdditiveOperatorOnAnIteratorQuery() or TUseValidReferencesForElementsOfStringQuery() -predicate isIteratorsQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isIteratorsQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `iteratorImplicitlyConvertedToConstIterator` query IteratorsPackage::iteratorImplicitlyConvertedToConstIteratorQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Lambdas.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Lambdas.qll index 29a6cd5175..279b39ba9b 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Lambdas.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Lambdas.qll @@ -16,9 +16,7 @@ newtype LambdasQuery = TReturningLambdaObjectWithCaptureByReferenceQuery() or TEscapingLambdaObjectWithCaptureByReferenceQuery() -predicate isLambdasQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isLambdasQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `implicitLambdaCapture` query LambdasPackage::implicitLambdaCaptureQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Literals.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Literals.qll index ab4cb729c6..16befefd32 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Literals.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Literals.qll @@ -16,9 +16,7 @@ newtype LiteralsQuery = TNullUsedAsIntegerValueQuery() or TLiteralZeroUsedAsNullPointerConstantQuery() -predicate isLiteralsQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isLiteralsQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `useCorrectIntervalForDigitSequencesSeparators` query LiteralsPackage::useCorrectIntervalForDigitSequencesSeparatorsQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Loops.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Loops.qll index 7740922b1f..9d9b99989a 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Loops.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Loops.qll @@ -18,9 +18,7 @@ newtype LoopsQuery = TLoopControlVariableModifiedInLoopExpressionQuery() or TNonBooleanLoopControlVariableQuery() -predicate isLoopsQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isLoopsQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `unusedLoopCounterForContainerIteration` query LoopsPackage::unusedLoopCounterForContainerIterationQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Macros.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Macros.qll index 65365eb1f0..0753ffeb48 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Macros.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Macros.qll @@ -17,9 +17,7 @@ newtype MacrosQuery = TMoreThanOneOccurrenceHashOperatorInMacroDefinitionQuery() or THashOperatorsShouldNotBeUsedQuery() -predicate isMacrosQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isMacrosQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `preProcessorShallOnlyBeUsedForCertainDirectivesPatterns` query MacrosPackage::preProcessorShallOnlyBeUsedForCertainDirectivesPatternsQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/MoveForward.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/MoveForward.qll index 3d4884d6e7..4d61136610 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/MoveForward.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/MoveForward.qll @@ -12,9 +12,7 @@ newtype MoveForwardQuery = TForwardForwardingReferencesQuery() or TDoNotRelyOnTheValueOfAMovedFromObjectQuery() -predicate isMoveForwardQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isMoveForwardQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `movedFromObjectReadAccessed` query MoveForwardPackage::movedFromObjectReadAccessedQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Naming.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Naming.qll index 3c64ed08f8..18f03e9c66 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Naming.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Naming.qll @@ -32,9 +32,7 @@ newtype NamingQuery = TFunctionReusesReservedNameQuery() or TEnumeratorReusesReservedNameQuery() -predicate isNamingQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isNamingQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `userDefinedLiteralOperatorSuffixViolation` query NamingPackage::userDefinedLiteralOperatorSuffixViolationQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Null.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Null.qll index 5a13a9dab3..203bf242a6 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Null.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Null.qll @@ -8,9 +8,7 @@ newtype NullQuery = TParameterNotPassedByReferenceQuery() or TDoNotAttemptToCreateAStringFromANullPointerQuery() -predicate isNullQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isNullQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `nullPointersDereferenced` query NullPackage::nullPointersDereferencedQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Operators.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Operators.qll index a71ce704e1..fe71289dbc 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Operators.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Operators.qll @@ -20,9 +20,7 @@ newtype OperatorsQuery = TUnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsignedQuery() or TUnaryOperatorOverloadedQuery() -predicate isOperatorsQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isOperatorsQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `userDefinedAssignmentOperatorVirtual` query OperatorsPackage::userDefinedAssignmentOperatorVirtualQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/OutOfBounds.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/OutOfBounds.qll index 7d28b2c2a7..d1c3087339 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/OutOfBounds.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/OutOfBounds.qll @@ -9,9 +9,7 @@ newtype OutOfBoundsQuery = TGuaranteeGenericCppLibraryFunctionsDoNotOverflowQuery() or TRangeCheckStringElementAccessQuery() -predicate isOutOfBoundsQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isOutOfBoundsQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `containerAccessWithoutRangeCheckAutosar` query OutOfBoundsPackage::containerAccessWithoutRangeCheckAutosarQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Pointers.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Pointers.qll index 19c0d5b55d..1dd5bef4c8 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Pointers.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Pointers.qll @@ -28,9 +28,7 @@ newtype PointersQuery = TMemberAccessWithUninitializedStaticPointerToMemberQuery() or TUseOfPointerToMemberToAccessNonexistentMemberQuery() -predicate isPointersQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isPointersQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `pointerToAnElementOfAnArrayPassedToASmartPointer` query PointersPackage::pointerToAnElementOfAnArrayPassedToASmartPointerQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Representation.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Representation.qll index be6293d77a..a423cfd4ff 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Representation.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Representation.qll @@ -13,9 +13,7 @@ newtype RepresentationQuery = TMemcmpUsedToAccessObjectRepresentationQuery() or TMemcpyUsedToAccessObjectRepresentationQuery() -predicate isRepresentationQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isRepresentationQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `bitFieldsShallBeUsedOnlyWhenInterfacingToHardwareOrConformingToCommunicationProtocols` query RepresentationPackage::bitFieldsShallBeUsedOnlyWhenInterfacingToHardwareOrConformingToCommunicationProtocolsQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Scope.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Scope.qll index b01c79063c..c4a21040eb 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Scope.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Scope.qll @@ -22,9 +22,7 @@ newtype ScopeQuery = TUnnamedNamespaceInHeaderFileQuery() or TOneDefinitionRuleNotObeyedQuery() -predicate isScopeQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isScopeQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `nonStandardEntitiesInStandardNamespaces` query ScopePackage::nonStandardEntitiesInStandardNamespacesQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/SideEffects1.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/SideEffects1.qll index 5442969616..37f323a6cb 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/SideEffects1.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/SideEffects1.qll @@ -15,9 +15,7 @@ newtype SideEffects1Query = TDoNotRelyOnSideEffectsInDeclTypeOperandQuery() or TDoNotRelyOnSideEffectsInDeclValExpressionQuery() -predicate isSideEffects1QueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isSideEffects1QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `evaluationOfTheOperandToTheTypeidOperatorContainSideEffects` query SideEffects1Package::evaluationOfTheOperandToTheTypeidOperatorContainSideEffectsQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/SideEffects2.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/SideEffects2.qll index 6ae64ce070..7ba094b13e 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/SideEffects2.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/SideEffects2.qll @@ -14,9 +14,7 @@ newtype SideEffects2Query = TFunctionsWithVoidReturnTypeShallHaveExternalSideEffectsQuery() or TPredicateFunctionObjectsShouldNotBeMutableQuery() -predicate isSideEffects2QueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isSideEffects2QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `moveConstructorShallOnlyMoveObject` query SideEffects2Package::moveConstructorShallOnlyMoveObjectQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/SmartPointers1.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/SmartPointers1.qll index f678b53437..5b11807014 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/SmartPointers1.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/SmartPointers1.qll @@ -14,9 +14,7 @@ newtype SmartPointers1Query = TUniquePtrPassedToFunctionWithImproperSemanticsQuery() or TSharedPtrPassedToFunctionWithImproperSemanticsQuery() -predicate isSmartPointers1QueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isSmartPointers1QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `ownedPointerValueStoredInUnrelatedSmartPointerAsar` query SmartPointers1Package::ownedPointerValueStoredInUnrelatedSmartPointerAsarQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/SmartPointers2.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/SmartPointers2.qll index a0a93ebca5..aa0755a024 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/SmartPointers2.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/SmartPointers2.qll @@ -7,9 +7,7 @@ newtype SmartPointers2Query = TWeakPtrNotUsedToRepresentTemporarySharedOwnershipQuery() or TOwnedPointerValueStoredInUnrelatedSmartPointerCertQuery() -predicate isSmartPointers2QueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isSmartPointers2QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `weakPtrNotUsedToRepresentTemporarySharedOwnership` query SmartPointers2Package::weakPtrNotUsedToRepresentTemporarySharedOwnershipQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Strings.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Strings.qll index c267571625..e40e1e7d7f 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Strings.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Strings.qll @@ -13,9 +13,7 @@ newtype StringsQuery = TBasicStringMayNotBeNullTerminatedCertQuery() or TOperationMayNotNullTerminateCStyleStringCertQuery() -predicate isStringsQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isStringsQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `stringLiteralsAssignedToNonConstantPointers` query StringsPackage::stringLiteralsAssignedToNonConstantPointersQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Templates.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Templates.qll index 2b35c0e7c2..d5eeb959a4 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Templates.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Templates.qll @@ -13,9 +13,7 @@ newtype TemplatesQuery = TNameNotReferredUsingAQualifiedIdOrThisQuery() or TNameNotReferredUsingAQualifiedIdOrThisAuditQuery() -predicate isTemplatesQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isTemplatesQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `templateShouldCheckArg` query TemplatesPackage::templateShouldCheckArgQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Toolchain.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Toolchain.qll index a9a17f7eb8..7dcf9f523a 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Toolchain.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Toolchain.qll @@ -16,9 +16,7 @@ newtype ToolchainQuery = TCompilerWarningLevelNotInComplianceQuery() or TUncompliantOptimizationOptionMustBeDisabledInCompilerQuery() -predicate isToolchainQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isToolchainQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `floatingPointImplementationShallComplyWithIeeeStandard` query ToolchainPackage::floatingPointImplementationShallComplyWithIeeeStandardQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/TrustBoundaries.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/TrustBoundaries.qll index 967974a661..38014aea5f 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/TrustBoundaries.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/TrustBoundaries.qll @@ -8,9 +8,7 @@ newtype TrustBoundariesQuery = TDoNotThrowAnExceptionAcrossExecutionBoundariesQuery() or TDoNotPassANonstandardObjectAcrossBoundariesQuery() -predicate isTrustBoundariesQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isTrustBoundariesQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `exceptionsThrownAcrossExecutionBoundaries` query TrustBoundariesPackage::exceptionsThrownAcrossExecutionBoundariesQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/TypeRanges.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/TypeRanges.qll index 96f4e4dfad..4dce9bbfe7 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/TypeRanges.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/TypeRanges.qll @@ -15,9 +15,7 @@ newtype TypeRangesQuery = TDetectErrorsWhenConvertingAStringToANumberQuery() or TDoNotCastToAnOutOfRangeEnumerationValueQuery() -predicate isTypeRangesQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isTypeRangesQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `uncheckedRangeDomainPoleErrors` query TypeRangesPackage::uncheckedRangeDomainPoleErrorsQuery() and diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Uninitialized.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Uninitialized.qll index 8c116a8095..e5eddf1b04 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Uninitialized.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Uninitialized.qll @@ -8,9 +8,7 @@ newtype UninitializedQuery = TInformationLeakageAcrossTrustBoundariesQuery() or TDoNotReadUninitializedMemoryQuery() -predicate isUninitializedQueryMetadata( - Query query, string queryId, string ruleId, string category -) { +predicate isUninitializedQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `memoryNotInitializedBeforeItIsRead` query UninitializedPackage::memoryNotInitializedBeforeItIsReadQuery() and From 9edb1dad7dee39651c73a1df8c1bc4ab97fd8acc Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 29 Aug 2022 15:29:51 -0700 Subject: [PATCH 0156/2573] Use the effective category in the exclusion process In this commit we expand the meta data `Query` class to provide an effective category that is determined by combining a query's category and a possible active Guideline Recategorization Plan. The exclusion process now validates for a query with an associated deviation record whether the effective category allows a deviation. If this is not allowed, then the deviation record is not applied. Any deviation record applied to a query with an effective category not permitting deviation is considered invalid and will be listed in the analysis report. --- .../src/codingstandards/cpp/Exclusions.qll | 3 +- .../cpp/deviations/Deviations.qll | 7 +++ .../cpp/exclusions/RuleMetadata.qll | 45 +++++++++++++++++++ .../GuidelineRecategorizations.qll | 26 ----------- .../InvalidDeviationPermits.expected | 4 +- .../InvalidDeviationRecords.expected | 3 +- .../invalid_deviations/coding-standards.xml | 14 +++--- .../invalid_deviations/coding-standards.yml | 2 + 8 files changed, 69 insertions(+), 35 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Exclusions.qll b/cpp/common/src/codingstandards/cpp/Exclusions.qll index af4b8521d4..6c0078bded 100644 --- a/cpp/common/src/codingstandards/cpp/Exclusions.qll +++ b/cpp/common/src/codingstandards/cpp/Exclusions.qll @@ -32,7 +32,8 @@ predicate isExcluded(Element e, Query query) { or not exists(e.getFile()) or - // There exists a `DeviationRecord` that applies to this element and query + // There exists a `DeviationRecord` that applies to this element and query, and the query's effective category permits deviation. + query.getEffectiveCategory().permitsDeviation() and exists(DeviationRecord dr | applyDeviationsAtQueryLevel() | // The element is in a file which has a deviation for this query exists(string path | diff --git a/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll b/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll index 18f022cff2..9399607e3d 100644 --- a/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll +++ b/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll @@ -332,6 +332,13 @@ class DeviationRecord extends XMLElement { hasPermitId() and not hasADeviationPermit() and result = "There is no deviation permit with id `" + getPermitId() + "`." + or + exists(Query q | q.getQueryId() = getQueryId() | + not q.getEffectiveCategory().permitsDeviation() and + result = + "The deviation is applied to a query with the rule category '" + + q.getEffectiveCategory().toString() + "' that does not permit a deviation." + ) } /** Holds if the deviation record is valid */ diff --git a/cpp/common/src/codingstandards/cpp/exclusions/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/RuleMetadata.qll index 4fece00b92..72b91c3e29 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/RuleMetadata.qll @@ -1,11 +1,47 @@ import cpp private import cpp.RuleMetadata as CPPRuleMetadata private import c.RuleMetadata as CRuleMetadata +private import codingstandards.cpp.guideline_recategorizations.GuidelineRecategorizations newtype TQuery = TQueryCPP(CPPRuleMetadata::TCPPQuery t) or TQueryC(CRuleMetadata::TCQuery t) +private predicate isMisraRuleCategory(string category) { + category = ["disapplied", "advisory", "required", "mandatory"] +} + +newtype TEffectiveCategory = + TInvalid(string reason) { + exists(GuidelineRecategorization gr | reason = gr.getAnInvalidReason()) + } or + TDisapplied() or + TAdvisory() or + TRequired() or + TMandatory() or + TNonMisraRuleCategory(string category) { + exists(Query q | q.getCategory() = category | not isMisraRuleCategory(category)) + } + +class EffectiveCategory extends TEffectiveCategory { + string toString() { + this instanceof TInvalid and result = "invalid" + or + this instanceof TDisapplied and result = "disapplied" + or + this instanceof TAdvisory and result = "advisory" + or + this instanceof TRequired and result = "required" + or + this instanceof TMandatory and result = "mandatory" + or + this = TNonMisraRuleCategory(result) + } + + /** Holds if the effective category permits a deviation */ + predicate permitsDeviation() { not this instanceof TMandatory and not this instanceof TInvalid } +} + class Query extends TQuery { string getQueryId() { CPPRuleMetadata::isQueryMetadata(this, result, _, _) or @@ -22,5 +58,14 @@ class Query extends TQuery { CRuleMetadata::isQueryMetadata(this, _, _, result) } + EffectiveCategory getEffectiveCategory() { + if exists(GuidelineRecategorization gr | gr.getQuery() = this) + then + exists(GuidelineRecategorization gr | gr.getQuery() = this | + result = gr.getEffectiveCategory() + ) + else result.toString() = this.getCategory() + } + string toString() { result = getQueryId() } } diff --git a/cpp/common/src/codingstandards/cpp/guideline_recategorizations/GuidelineRecategorizations.qll b/cpp/common/src/codingstandards/cpp/guideline_recategorizations/GuidelineRecategorizations.qll index 69eb862ea2..ff148a4a72 100644 --- a/cpp/common/src/codingstandards/cpp/guideline_recategorizations/GuidelineRecategorizations.qll +++ b/cpp/common/src/codingstandards/cpp/guideline_recategorizations/GuidelineRecategorizations.qll @@ -12,32 +12,6 @@ class GuidelineRecategorizations extends CodingStandardsConfigSection { GuidelineRecategorizations() { hasName("guideline-recategorizations") } } -newtype TEffectiveCategory = - TInvalid(string reason) { - exists(GuidelineRecategorization gr | reason = gr.getAnInvalidReason()) - } or - TDisapplied() or - TAdvisory() or - TRequired() or - TMandatory() - -class EffectiveCategory extends TEffectiveCategory { - string toString() { - this instanceof TInvalid and result = "invalid" - or - this instanceof TDisapplied and result = "disapplied" - or - this instanceof TAdvisory and result = "advisory" - or - this instanceof TRequired and result = "required" - or - this instanceof TMandatory and result = "mandatory" - } - - /** Holds if the effective category permits a deviation */ - predicate permitsDeviation() { not this instanceof TMandatory and not this instanceof TInvalid } -} - class GuidelineRecategorization extends XMLElement { GuidelineRecategorization() { getParent() instanceof GuidelineRecategorizations and diff --git a/cpp/common/test/deviations/invalid_deviations/InvalidDeviationPermits.expected b/cpp/common/test/deviations/invalid_deviations/InvalidDeviationPermits.expected index f5630aa947..433dc8a342 100644 --- a/cpp/common/test/deviations/invalid_deviations/InvalidDeviationPermits.expected +++ b/cpp/common/test/deviations/invalid_deviations/InvalidDeviationPermits.expected @@ -1,2 +1,2 @@ -| coding-standards.xml:96:7:99:33 | deviation-permits-entry | deviations/invalid_deviations/coding-standards.xml: Deviation permit does not specify a permit identifier. | -| coding-standards.xml:100:7:103:33 | deviation-permits-entry | deviations/invalid_deviations/coding-standards.xml: Deviation permit specifies unknown property `invalid-property`. | +| coding-standards.xml:100:7:103:33 | deviation-permits-entry | deviations/invalid_deviations/coding-standards.xml: Deviation permit does not specify a permit identifier. | +| coding-standards.xml:104:7:107:33 | deviation-permits-entry | deviations/invalid_deviations/coding-standards.xml: Deviation permit specifies unknown property `invalid-property`. | diff --git a/cpp/common/test/deviations/invalid_deviations/InvalidDeviationRecords.expected b/cpp/common/test/deviations/invalid_deviations/InvalidDeviationRecords.expected index f68aa49e43..c4f66eeaf5 100644 --- a/cpp/common/test/deviations/invalid_deviations/InvalidDeviationRecords.expected +++ b/cpp/common/test/deviations/invalid_deviations/InvalidDeviationRecords.expected @@ -1,4 +1,4 @@ -| coding-standards.xml:5:7:5:26 | deviations-entry | deviations/invalid_deviations/coding-standards.xml: No rule-id and query-id specified for this deviation record. | +| coding-standards.xml:5:7:5:27 | deviations-entry | deviations/invalid_deviations/coding-standards.xml: No rule-id and query-id specified for this deviation record. | | coding-standards.xml:6:7:8:26 | deviations-entry | deviations/invalid_deviations/coding-standards.xml: The rule-id `bad rule id` for this deviation matches none of the available queries. | | coding-standards.xml:9:7:11:26 | deviations-entry | deviations/invalid_deviations/coding-standards.xml: A query-id of `bad rule id` is specified for this deviation, but not rule-id is specified. | | coding-standards.xml:15:7:17:26 | deviations-entry | deviations/invalid_deviations/coding-standards.xml: A query-id of `cpp/autosar/useless-assignment` is specified for this deviation, but not rule-id is specified. | @@ -11,3 +11,4 @@ | coding-standards.xml:51:7:61:26 | deviations-entry | deviations/invalid_deviations/coding-standards.xml: A deviation `approved-by` is specified without providing both a `name` and `date`. | | coding-standards.xml:74:7:78:26 | deviations-entry | deviations/invalid_deviations/coding-standards.xml: There is no deviation permit with id `non-existing-permit`. | | coding-standards.xml:79:7:81:26 | deviations-entry | deviations/invalid_deviations/coding-standards.xml: No rule-id and query-id specified for this deviation record. | +| coding-standards.xml:85:7:88:26 | deviations-entry | deviations/invalid_deviations/coding-standards.xml: The deviation is applied to a query with the rule category 'mandatory' that does not permit a deviation. | diff --git a/cpp/common/test/deviations/invalid_deviations/coding-standards.xml b/cpp/common/test/deviations/invalid_deviations/coding-standards.xml index 9667878e0f..179227a13d 100644 --- a/cpp/common/test/deviations/invalid_deviations/coding-standards.xml +++ b/cpp/common/test/deviations/invalid_deviations/coding-standards.xml @@ -1,8 +1,8 @@ - + - + bad rule id @@ -22,7 +22,7 @@ A0-1-1 cpp/autosar/useless-assignment - + A0-1-1 @@ -46,7 +46,7 @@ foo3 1970-01-01Z - + A0-1-1 @@ -82,6 +82,10 @@ DP2 + + RULE-13-6 + c/misra/sizeof-operand-with-side-effect + @@ -102,4 +106,4 @@ invalid-property - + \ No newline at end of file diff --git a/cpp/common/test/deviations/invalid_deviations/coding-standards.yml b/cpp/common/test/deviations/invalid_deviations/coding-standards.yml index 1f0b1b3b09..7b12c7a8c2 100644 --- a/cpp/common/test/deviations/invalid_deviations/coding-standards.yml +++ b/cpp/common/test/deviations/invalid_deviations/coding-standards.yml @@ -44,6 +44,8 @@ deviations: permit-id: non-existing-permit - permit-id: DP1 - permit-id: DP2 + - rule-id: RULE-13-6 + query-id: c/misra/sizeof-operand-with-side-effect deviation-permits: - permit-id: DP1 justification: foo bar baz From c33952eb22bc1ab386025cc4bafbf82e9bcbfad0 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 30 Aug 2022 16:09:18 -0700 Subject: [PATCH 0157/2573] Add `isExcluded/3` that includes the reason for exclusion This is used for debugging and testing purposes and cannot be used in our standard queries due to the required negation and the possible infinite possible values for reason. --- .../src/codingstandards/cpp/Exclusions.qll | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Exclusions.qll b/cpp/common/src/codingstandards/cpp/Exclusions.qll index 6c0078bded..1178120b1c 100644 --- a/cpp/common/src/codingstandards/cpp/Exclusions.qll +++ b/cpp/common/src/codingstandards/cpp/Exclusions.qll @@ -25,12 +25,15 @@ predicate isExcluded(Element e) { } bindingset[e, query] -predicate isExcluded(Element e, Query query) { - e instanceof ExcludedElement +predicate isExcluded(Element e, Query query) { isExcluded(e, query, _) } + +bindingset[e, query] +predicate isExcluded(Element e, Query query, string reason) { + e instanceof ExcludedElement and reason = "Element is an excluded element." or - e.getFile() instanceof ExcludedFile + e.getFile() instanceof ExcludedFile and reason = "Element is part of an excluded file." or - not exists(e.getFile()) + not exists(e.getFile()) and reason = "Element is not part of the source repository." or // There exists a `DeviationRecord` that applies to this element and query, and the query's effective category permits deviation. query.getEffectiveCategory().permitsDeviation() and @@ -39,7 +42,8 @@ predicate isExcluded(Element e, Query query) { exists(string path | dr.isDeviated(query, path) and e.getFile().getRelativePath().prefix(path.length()) = path - ) + ) and + reason = "Query has an associated deviation record for the element's file." or // The element is on the same line as a suppression comment exists(Comment c | @@ -51,6 +55,8 @@ predicate isExcluded(Element e, Query query) { e.getLocation().hasLocationInfo(filepath, _, _, endLine, _) and c.getLocation().hasLocationInfo(filepath, endLine, _, _, _) ) - ) + ) and + reason = + "Query has an associated deviation record with a code identifier that is applied to the element." ) } From 61c33be1ef13f8755d5f674c59ebf8ad0cf40140 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 30 Aug 2022 16:11:08 -0700 Subject: [PATCH 0158/2573] Exclude queries with effective category disapplied. --- cpp/common/src/codingstandards/cpp/Exclusions.qll | 5 +++++ .../src/codingstandards/cpp/exclusions/RuleMetadata.qll | 3 +++ 2 files changed, 8 insertions(+) diff --git a/cpp/common/src/codingstandards/cpp/Exclusions.qll b/cpp/common/src/codingstandards/cpp/Exclusions.qll index 1178120b1c..bdc11eeb43 100644 --- a/cpp/common/src/codingstandards/cpp/Exclusions.qll +++ b/cpp/common/src/codingstandards/cpp/Exclusions.qll @@ -59,4 +59,9 @@ predicate isExcluded(Element e, Query query, string reason) { reason = "Query has an associated deviation record with a code identifier that is applied to the element." ) + or + // The effective category of the query is 'Disapplied'. + // This can occur when a Guideline Recategorization Plan is applied. + query.getEffectiveCategory().isDisapplied() and + reason = "The query is disapplied." } diff --git a/cpp/common/src/codingstandards/cpp/exclusions/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/RuleMetadata.qll index 72b91c3e29..189da2a2e0 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/RuleMetadata.qll @@ -40,6 +40,9 @@ class EffectiveCategory extends TEffectiveCategory { /** Holds if the effective category permits a deviation */ predicate permitsDeviation() { not this instanceof TMandatory and not this instanceof TInvalid } + + /** Holds if the effective category is 'Disapplied'. */ + predicate isDisapplied() { this instanceof TDisapplied } } class Query extends TQuery { From 703c3e96c1a7c7bffa462db8dbe85507250dfac4 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 30 Aug 2022 16:11:56 -0700 Subject: [PATCH 0159/2573] Add test case for disapplied queries. --- .../DisappliedQuery.expected | 1 + .../DisappliedQuery.ql | 25 +++++++++++++++++++ .../guideline_recategorizations/a0-1-6.cpp | 1 + 3 files changed, 27 insertions(+) create mode 100644 cpp/common/test/guideline_recategorizations/DisappliedQuery.expected create mode 100644 cpp/common/test/guideline_recategorizations/DisappliedQuery.ql create mode 100644 cpp/common/test/guideline_recategorizations/a0-1-6.cpp diff --git a/cpp/common/test/guideline_recategorizations/DisappliedQuery.expected b/cpp/common/test/guideline_recategorizations/DisappliedQuery.expected new file mode 100644 index 0000000000..215a334c23 --- /dev/null +++ b/cpp/common/test/guideline_recategorizations/DisappliedQuery.expected @@ -0,0 +1 @@ +| a0-1-6.cpp:1:7:1:7 | A | Unused type declaration A is not reported with reason 'The query is disapplied.'. | diff --git a/cpp/common/test/guideline_recategorizations/DisappliedQuery.ql b/cpp/common/test/guideline_recategorizations/DisappliedQuery.ql new file mode 100644 index 0000000000..0254eca9bd --- /dev/null +++ b/cpp/common/test/guideline_recategorizations/DisappliedQuery.ql @@ -0,0 +1,25 @@ +/** + * @id cpp/guideline-recategorizations/disapplied-query + * @name Query based on A0-1-6 to test disapplied category + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/autosar/id/a0-1-6 + * external/autosar/obligation/advisory + */ + +import cpp +import codingstandards.cpp.CodingStandards +import codingstandards.cpp.TypeUses +import codingstandards.cpp.exclusions.cpp.RuleMetadata + +from UserType ut, string reason +where + isExcluded(ut, DeadCodePackage::unusedTypeDeclarationsQuery(), reason) and + exists(ut.getFile()) and + not ut instanceof TemplateParameter and + not ut instanceof ProxyClass and + not exists(getATypeUse(ut)) and + not ut.isFromUninstantiatedTemplate(_) +select ut, + "Unused type declaration " + ut.getName() + " is not reported with reason '" + reason + "'." diff --git a/cpp/common/test/guideline_recategorizations/a0-1-6.cpp b/cpp/common/test/guideline_recategorizations/a0-1-6.cpp new file mode 100644 index 0000000000..f0dae258ba --- /dev/null +++ b/cpp/common/test/guideline_recategorizations/a0-1-6.cpp @@ -0,0 +1 @@ +class A {}; // Unused type declaration \ No newline at end of file From 87d7d82847169eb2a01af0205c57a1caa492bd93 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 13 Oct 2022 18:29:43 -0700 Subject: [PATCH 0160/2573] Add guideline recategorization post processing script --- schemas/coding-standards-schema-1.0.0.json | 54 + schemas/sarif-schema-2.1.0.json | 3370 +++++++++++++++++ .../recategorize.py | 188 + .../requirements.txt | 6 + 4 files changed, 3618 insertions(+) create mode 100644 schemas/coding-standards-schema-1.0.0.json create mode 100644 schemas/sarif-schema-2.1.0.json create mode 100644 scripts/guideline_recategorization/recategorize.py create mode 100644 scripts/guideline_recategorization/requirements.txt diff --git a/schemas/coding-standards-schema-1.0.0.json b/schemas/coding-standards-schema-1.0.0.json new file mode 100644 index 0000000000..d7ed2fc240 --- /dev/null +++ b/schemas/coding-standards-schema-1.0.0.json @@ -0,0 +1,54 @@ +{ + "$schema": "http://json-schema.org/draft-07/schema", + "$id": "https://raw.githubusercontent.com/github/codeql-coding-standards/main/schemas/coding-standards-schema-1.0.0.json", + "additionalProperties": false, + "definitions": { + "guideline-category": { + "enum": [ + "mandatory", + "required", + "advisory", + "disapplied" + ] + }, + "guideline-recategorization": { + "type": "object", + "properties": { + "rule-id": { + "type": "string" + }, + "category": { + "$ref": "#/definitions/guideline-category" + } + }, + "required": [ + "rule-id", + "category" + ] + } + }, + "properties": { + "report-deviated-alerts": { + "description": "When true includes alerts with an applicable deviation. Used for report generation.", + "type": "boolean" + }, + "deviations": { + "description": "A set of deviation records.", + "type": "array" + }, + "deviation-permits": { + "description": "A set of deviation permits.", + "type": "array" + }, + "guideline-recategorizations": { + "type": "array", + "minProperties": 1, + "uniqueItems": true, + "items": { + "$ref": "#/definitions/guideline-recategorization" + } + } + }, + "required": [], + "type": "object" +} \ No newline at end of file diff --git a/schemas/sarif-schema-2.1.0.json b/schemas/sarif-schema-2.1.0.json new file mode 100644 index 0000000000..e0b6524571 --- /dev/null +++ b/schemas/sarif-schema-2.1.0.json @@ -0,0 +1,3370 @@ +{ + "$schema": "http://json-schema.org/draft-07/schema#", + "title": "Static Analysis Results Format (SARIF) Version 2.1.0 JSON Schema", + "$id": "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json", + "description": "Static Analysis Results Format (SARIF) Version 2.1.0 JSON Schema: a standard format for the output of static analysis tools.", + "additionalProperties": false, + "type": "object", + "properties": { + + "$schema": { + "description": "The URI of the JSON schema corresponding to the version.", + "type": "string", + "format": "uri" + }, + + "version": { + "description": "The SARIF format version of this log file.", + "enum": [ "2.1.0" ] + }, + + "runs": { + "description": "The set of runs contained in this log file.", + "type": "array", + "minItems": 0, + "uniqueItems": false, + "items": { + "$ref": "#/definitions/run" + } + }, + + "inlineExternalProperties": { + "description": "References to external property files that share data between runs.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "items": { + "$ref": "#/definitions/externalProperties" + } + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the log file.", + "$ref": "#/definitions/propertyBag" + } + }, + + "required": [ "version", "runs" ], + + "definitions": { + + "address": { + "description": "A physical or virtual address, or a range of addresses, in an 'addressable region' (memory or a binary file).", + "additionalProperties": false, + "type": "object", + "properties": { + + "absoluteAddress": { + "description": "The address expressed as a byte offset from the start of the addressable region.", + "type": "integer", + "minimum": -1, + "default": -1 + + }, + + "relativeAddress": { + "description": "The address expressed as a byte offset from the absolute address of the top-most parent object.", + "type": "integer" + + }, + + "length": { + "description": "The number of bytes in this range of addresses.", + "type": "integer" + }, + + "kind": { + "description": "An open-ended string that identifies the address kind. 'data', 'function', 'header','instruction', 'module', 'page', 'section', 'segment', 'stack', 'stackFrame', 'table' are well-known values.", + "type": "string" + }, + + "name": { + "description": "A name that is associated with the address, e.g., '.text'.", + "type": "string" + }, + + "fullyQualifiedName": { + "description": "A human-readable fully qualified name that is associated with the address.", + "type": "string" + }, + + "offsetFromParent": { + "description": "The byte offset of this address from the absolute or relative address of the parent object.", + "type": "integer" + }, + + "index": { + "description": "The index within run.addresses of the cached object for this address.", + "type": "integer", + "default": -1, + "minimum": -1 + }, + + "parentIndex": { + "description": "The index within run.addresses of the parent object.", + "type": "integer", + "default": -1, + "minimum": -1 + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the address.", + "$ref": "#/definitions/propertyBag" + } + } + }, + + "artifact": { + "description": "A single artifact. In some cases, this artifact might be nested within another artifact.", + "additionalProperties": false, + "type": "object", + "properties": { + + "description": { + "description": "A short description of the artifact.", + "$ref": "#/definitions/message" + }, + + "location": { + "description": "The location of the artifact.", + "$ref": "#/definitions/artifactLocation" + }, + + "parentIndex": { + "description": "Identifies the index of the immediate parent of the artifact, if this artifact is nested.", + "type": "integer", + "default": -1, + "minimum": -1 + }, + + "offset": { + "description": "The offset in bytes of the artifact within its containing artifact.", + "type": "integer", + "minimum": 0 + }, + + "length": { + "description": "The length of the artifact in bytes.", + "type": "integer", + "default": -1, + "minimum": -1 + }, + + "roles": { + "description": "The role or roles played by the artifact in the analysis.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "enum": [ + "analysisTarget", + "attachment", + "responseFile", + "resultFile", + "standardStream", + "tracedFile", + "unmodified", + "modified", + "added", + "deleted", + "renamed", + "uncontrolled", + "driver", + "extension", + "translation", + "taxonomy", + "policy", + "referencedOnCommandLine", + "memoryContents", + "directory", + "userSpecifiedConfiguration", + "toolSpecifiedConfiguration", + "debugOutputFile" + ] + } + }, + + "mimeType": { + "description": "The MIME type (RFC 2045) of the artifact.", + "type": "string", + "pattern": "[^/]+/.+" + }, + + "contents": { + "description": "The contents of the artifact.", + "$ref": "#/definitions/artifactContent" + }, + + "encoding": { + "description": "Specifies the encoding for an artifact object that refers to a text file.", + "type": "string" + }, + + "sourceLanguage": { + "description": "Specifies the source language for any artifact object that refers to a text file that contains source code.", + "type": "string" + }, + + "hashes": { + "description": "A dictionary, each of whose keys is the name of a hash function and each of whose values is the hashed value of the artifact produced by the specified hash function.", + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + + "lastModifiedTimeUtc": { + "description": "The Coordinated Universal Time (UTC) date and time at which the artifact was most recently modified. See \"Date/time properties\" in the SARIF spec for the required format.", + "type": "string", + "format": "date-time" + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the artifact.", + "$ref": "#/definitions/propertyBag" + } + } + }, + + "artifactChange": { + "description": "A change to a single artifact.", + "additionalProperties": false, + "type": "object", + "properties": { + + "artifactLocation": { + "description": "The location of the artifact to change.", + "$ref": "#/definitions/artifactLocation" + }, + + "replacements": { + "description": "An array of replacement objects, each of which represents the replacement of a single region in a single artifact specified by 'artifactLocation'.", + "type": "array", + "minItems": 1, + "uniqueItems": false, + "items": { + "$ref": "#/definitions/replacement" + } + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the change.", + "$ref": "#/definitions/propertyBag" + } + + }, + + "required": [ "artifactLocation", "replacements" ] + }, + + "artifactContent": { + "description": "Represents the contents of an artifact.", + "type": "object", + "additionalProperties": false, + "properties": { + + "text": { + "description": "UTF-8-encoded content from a text artifact.", + "type": "string" + }, + + "binary": { + "description": "MIME Base64-encoded content from a binary artifact, or from a text artifact in its original encoding.", + "type": "string" + }, + + "rendered": { + "description": "An alternate rendered representation of the artifact (e.g., a decompiled representation of a binary region).", + "$ref": "#/definitions/multiformatMessageString" + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the artifact content.", + "$ref": "#/definitions/propertyBag" + } + } + }, + + "artifactLocation": { + "description": "Specifies the location of an artifact.", + "additionalProperties": false, + "type": "object", + "properties": { + + "uri": { + "description": "A string containing a valid relative or absolute URI.", + "type": "string", + "format": "uri-reference" + }, + + "uriBaseId": { + "description": "A string which indirectly specifies the absolute URI with respect to which a relative URI in the \"uri\" property is interpreted.", + "type": "string" + }, + + "index": { + "description": "The index within the run artifacts array of the artifact object associated with the artifact location.", + "type": "integer", + "default": -1, + "minimum": -1 + }, + + "description": { + "description": "A short description of the artifact location.", + "$ref": "#/definitions/message" + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the artifact location.", + "$ref": "#/definitions/propertyBag" + } + } + }, + + "attachment": { + "description": "An artifact relevant to a result.", + "type": "object", + "additionalProperties": false, + "properties": { + + "description": { + "description": "A message describing the role played by the attachment.", + "$ref": "#/definitions/message" + }, + + "artifactLocation": { + "description": "The location of the attachment.", + "$ref": "#/definitions/artifactLocation" + }, + + "regions": { + "description": "An array of regions of interest within the attachment.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/region" + } + }, + + "rectangles": { + "description": "An array of rectangles specifying areas of interest within the image.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/rectangle" + } + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the attachment.", + "$ref": "#/definitions/propertyBag" + } + }, + + "required": [ "artifactLocation" ] + }, + + "codeFlow": { + "description": "A set of threadFlows which together describe a pattern of code execution relevant to detecting a result.", + "additionalProperties": false, + "type": "object", + "properties": { + + "message": { + "description": "A message relevant to the code flow.", + "$ref": "#/definitions/message" + }, + + "threadFlows": { + "description": "An array of one or more unique threadFlow objects, each of which describes the progress of a program through a thread of execution.", + "type": "array", + "minItems": 1, + "uniqueItems": false, + "items": { + "$ref": "#/definitions/threadFlow" + } + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the code flow.", + "$ref": "#/definitions/propertyBag" + } + }, + + "required": [ "threadFlows" ] + }, + + "configurationOverride": { + "description": "Information about how a specific rule or notification was reconfigured at runtime.", + "type": "object", + "additionalProperties": false, + "properties": { + + "configuration": { + "description": "Specifies how the rule or notification was configured during the scan.", + "$ref": "#/definitions/reportingConfiguration" + }, + + "descriptor": { + "description": "A reference used to locate the descriptor whose configuration was overridden.", + "$ref": "#/definitions/reportingDescriptorReference" + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the configuration override.", + "$ref": "#/definitions/propertyBag" + } + }, + "required": [ "configuration", "descriptor" ] + }, + + "conversion": { + "description": "Describes how a converter transformed the output of a static analysis tool from the analysis tool's native output format into the SARIF format.", + "additionalProperties": false, + "type": "object", + "properties": { + + "tool": { + "description": "A tool object that describes the converter.", + "$ref": "#/definitions/tool" + }, + + "invocation": { + "description": "An invocation object that describes the invocation of the converter.", + "$ref": "#/definitions/invocation" + }, + + "analysisToolLogFiles": { + "description": "The locations of the analysis tool's per-run log files.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/artifactLocation" + } + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the conversion.", + "$ref": "#/definitions/propertyBag" + } + + }, + + "required": [ "tool" ] + }, + + "edge": { + "description": "Represents a directed edge in a graph.", + "type": "object", + "additionalProperties": false, + "properties": { + + "id": { + "description": "A string that uniquely identifies the edge within its graph.", + "type": "string" + }, + + "label": { + "description": "A short description of the edge.", + "$ref": "#/definitions/message" + }, + + "sourceNodeId": { + "description": "Identifies the source node (the node at which the edge starts).", + "type": "string" + }, + + "targetNodeId": { + "description": "Identifies the target node (the node at which the edge ends).", + "type": "string" + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the edge.", + "$ref": "#/definitions/propertyBag" + } + }, + + "required": [ "id", "sourceNodeId", "targetNodeId" ] + }, + + "edgeTraversal": { + "description": "Represents the traversal of a single edge during a graph traversal.", + "type": "object", + "additionalProperties": false, + "properties": { + + "edgeId": { + "description": "Identifies the edge being traversed.", + "type": "string" + }, + + "message": { + "description": "A message to display to the user as the edge is traversed.", + "$ref": "#/definitions/message" + }, + + "finalState": { + "description": "The values of relevant expressions after the edge has been traversed.", + "type": "object", + "additionalProperties": { + "$ref": "#/definitions/multiformatMessageString" + } + }, + + "stepOverEdgeCount": { + "description": "The number of edge traversals necessary to return from a nested graph.", + "type": "integer", + "minimum": 0 + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the edge traversal.", + "$ref": "#/definitions/propertyBag" + } + }, + + "required": [ "edgeId" ] + }, + + "exception": { + "description": "Describes a runtime exception encountered during the execution of an analysis tool.", + "type": "object", + "additionalProperties": false, + "properties": { + + "kind": { + "type": "string", + "description": "A string that identifies the kind of exception, for example, the fully qualified type name of an object that was thrown, or the symbolic name of a signal." + }, + + "message": { + "description": "A message that describes the exception.", + "type": "string" + }, + + "stack": { + "description": "The sequence of function calls leading to the exception.", + "$ref": "#/definitions/stack" + }, + + "innerExceptions": { + "description": "An array of exception objects each of which is considered a cause of this exception.", + "type": "array", + "minItems": 0, + "uniqueItems": false, + "default": [], + "items": { + "$ref": "#/definitions/exception" + } + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the exception.", + "$ref": "#/definitions/propertyBag" + } + } + }, + + "externalProperties": { + "description": "The top-level element of an external property file.", + "type": "object", + "additionalProperties": false, + "properties": { + + "schema": { + "description": "The URI of the JSON schema corresponding to the version of the external property file format.", + "type": "string", + "format": "uri" + }, + + "version": { + "description": "The SARIF format version of this external properties object.", + "enum": [ "2.1.0" ] + }, + + "guid": { + "description": "A stable, unique identifer for this external properties object, in the form of a GUID.", + "type": "string", + "pattern": "^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[1-5][0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}$" + }, + + "runGuid": { + "description": "A stable, unique identifer for the run associated with this external properties object, in the form of a GUID.", + "type": "string", + "pattern": "^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[1-5][0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}$" + }, + + "conversion": { + "description": "A conversion object that will be merged with a separate run.", + "$ref": "#/definitions/conversion" + }, + + "graphs": { + "description": "An array of graph objects that will be merged with a separate run.", + "type": "array", + "minItems": 0, + "default": [], + "uniqueItems": true, + "items": { + "$ref": "#/definitions/graph" + } + }, + + "externalizedProperties": { + "description": "Key/value pairs that provide additional information that will be merged with a separate run.", + "$ref": "#/definitions/propertyBag" + }, + + "artifacts": { + "description": "An array of artifact objects that will be merged with a separate run.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "items": { + "$ref": "#/definitions/artifact" + } + }, + + "invocations": { + "description": "Describes the invocation of the analysis tool that will be merged with a separate run.", + "type": "array", + "minItems": 0, + "uniqueItems": false, + "default": [], + "items": { + "$ref": "#/definitions/invocation" + } + }, + + "logicalLocations": { + "description": "An array of logical locations such as namespaces, types or functions that will be merged with a separate run.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/logicalLocation" + } + }, + + "threadFlowLocations": { + "description": "An array of threadFlowLocation objects that will be merged with a separate run.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/threadFlowLocation" + } + }, + + "results": { + "description": "An array of result objects that will be merged with a separate run.", + "type": "array", + "minItems": 0, + "uniqueItems": false, + "default": [], + "items": { + "$ref": "#/definitions/result" + } + }, + + "taxonomies": { + "description": "Tool taxonomies that will be merged with a separate run.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/toolComponent" + } + }, + + "driver": { + "description": "The analysis tool object that will be merged with a separate run.", + "$ref": "#/definitions/toolComponent" + }, + + "extensions": { + "description": "Tool extensions that will be merged with a separate run.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/toolComponent" + } + }, + + "policies": { + "description": "Tool policies that will be merged with a separate run.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/toolComponent" + } + }, + + "translations": { + "description": "Tool translations that will be merged with a separate run.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/toolComponent" + } + }, + + "addresses": { + "description": "Addresses that will be merged with a separate run.", + "type": "array", + "minItems": 0, + "uniqueItems": false, + "default": [], + "items": { + "$ref": "#/definitions/address" + } + }, + + "webRequests": { + "description": "Requests that will be merged with a separate run.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/webRequest" + } + }, + + "webResponses": { + "description": "Responses that will be merged with a separate run.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/webResponse" + } + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the external properties.", + "$ref": "#/definitions/propertyBag" + } + } + }, + + "externalPropertyFileReference": { + "description": "Contains information that enables a SARIF consumer to locate the external property file that contains the value of an externalized property associated with the run.", + "type": "object", + "additionalProperties": false, + "properties": { + + "location": { + "description": "The location of the external property file.", + "$ref": "#/definitions/artifactLocation" + }, + + "guid": { + "description": "A stable, unique identifer for the external property file in the form of a GUID.", + "type": "string", + "pattern": "^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[1-5][0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}$" + }, + + "itemCount": { + "description": "A non-negative integer specifying the number of items contained in the external property file.", + "type": "integer", + "default": -1, + "minimum": -1 + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the external property file.", + "$ref": "#/definitions/propertyBag" + } + }, + "anyOf": [ + { "required": [ "location" ] }, + { "required": [ "guid" ] } + ] + }, + + "externalPropertyFileReferences": { + "description": "References to external property files that should be inlined with the content of a root log file.", + "additionalProperties": false, + "type": "object", + "properties": { + + "conversion": { + "description": "An external property file containing a run.conversion object to be merged with the root log file.", + "$ref": "#/definitions/externalPropertyFileReference" + }, + + "graphs": { + "description": "An array of external property files containing a run.graphs object to be merged with the root log file.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/externalPropertyFileReference" + } + }, + + "externalizedProperties": { + "description": "An external property file containing a run.properties object to be merged with the root log file.", + "$ref": "#/definitions/externalPropertyFileReference" + }, + + "artifacts": { + "description": "An array of external property files containing run.artifacts arrays to be merged with the root log file.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/externalPropertyFileReference" + } + }, + + "invocations": { + "description": "An array of external property files containing run.invocations arrays to be merged with the root log file.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/externalPropertyFileReference" + } + }, + + "logicalLocations": { + "description": "An array of external property files containing run.logicalLocations arrays to be merged with the root log file.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/externalPropertyFileReference" + } + }, + + "threadFlowLocations": { + "description": "An array of external property files containing run.threadFlowLocations arrays to be merged with the root log file.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/externalPropertyFileReference" + } + }, + + "results": { + "description": "An array of external property files containing run.results arrays to be merged with the root log file.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/externalPropertyFileReference" + } + }, + + "taxonomies": { + "description": "An array of external property files containing run.taxonomies arrays to be merged with the root log file.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/externalPropertyFileReference" + } + }, + + "addresses": { + "description": "An array of external property files containing run.addresses arrays to be merged with the root log file.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/externalPropertyFileReference" + } + }, + + "driver": { + "description": "An external property file containing a run.driver object to be merged with the root log file.", + "$ref": "#/definitions/externalPropertyFileReference" + }, + + "extensions": { + "description": "An array of external property files containing run.extensions arrays to be merged with the root log file.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/externalPropertyFileReference" + } + }, + + "policies": { + "description": "An array of external property files containing run.policies arrays to be merged with the root log file.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/externalPropertyFileReference" + } + }, + + "translations": { + "description": "An array of external property files containing run.translations arrays to be merged with the root log file.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/externalPropertyFileReference" + } + }, + + "webRequests": { + "description": "An array of external property files containing run.requests arrays to be merged with the root log file.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/externalPropertyFileReference" + } + }, + + "webResponses": { + "description": "An array of external property files containing run.responses arrays to be merged with the root log file.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/externalPropertyFileReference" + } + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the external property files.", + "$ref": "#/definitions/propertyBag" + } + } + }, + + "fix": { + "description": "A proposed fix for the problem represented by a result object. A fix specifies a set of artifacts to modify. For each artifact, it specifies a set of bytes to remove, and provides a set of new bytes to replace them.", + "additionalProperties": false, + "type": "object", + "properties": { + + "description": { + "description": "A message that describes the proposed fix, enabling viewers to present the proposed change to an end user.", + "$ref": "#/definitions/message" + }, + + "artifactChanges": { + "description": "One or more artifact changes that comprise a fix for a result.", + "type": "array", + "minItems": 1, + "uniqueItems": true, + "items": { + "$ref": "#/definitions/artifactChange" + } + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the fix.", + "$ref": "#/definitions/propertyBag" + } + }, + "required": [ "artifactChanges" ] + }, + + "graph": { + "description": "A network of nodes and directed edges that describes some aspect of the structure of the code (for example, a call graph).", + "type": "object", + "additionalProperties": false, + "properties": { + + "description": { + "description": "A description of the graph.", + "$ref": "#/definitions/message" + }, + + "nodes": { + "description": "An array of node objects representing the nodes of the graph.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/node" + } + }, + + "edges": { + "description": "An array of edge objects representing the edges of the graph.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/edge" + } + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the graph.", + "$ref": "#/definitions/propertyBag" + } + } + }, + + "graphTraversal": { + "description": "Represents a path through a graph.", + "type": "object", + "additionalProperties": false, + "properties": { + + "runGraphIndex": { + "description": "The index within the run.graphs to be associated with the result.", + "type": "integer", + "default": -1, + "minimum": -1 + }, + + "resultGraphIndex": { + "description": "The index within the result.graphs to be associated with the result.", + "type": "integer", + "default": -1, + "minimum": -1 + }, + + "description": { + "description": "A description of this graph traversal.", + "$ref": "#/definitions/message" + }, + + "initialState": { + "description": "Values of relevant expressions at the start of the graph traversal that may change during graph traversal.", + "type": "object", + "additionalProperties": { + "$ref": "#/definitions/multiformatMessageString" + } + }, + + "immutableState": { + "description": "Values of relevant expressions at the start of the graph traversal that remain constant for the graph traversal.", + "type": "object", + "additionalProperties": { + "$ref": "#/definitions/multiformatMessageString" + } + }, + + "edgeTraversals": { + "description": "The sequences of edges traversed by this graph traversal.", + "type": "array", + "minItems": 0, + "uniqueItems": false, + "default": [], + "items": { + "$ref": "#/definitions/edgeTraversal" + } + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the graph traversal.", + "$ref": "#/definitions/propertyBag" + } + }, + "oneOf": [ + { "required": [ "runGraphIndex" ] }, + { "required": [ "resultGraphIndex" ] } + ] + }, + + "invocation": { + "description": "The runtime environment of the analysis tool run.", + "additionalProperties": false, + "type": "object", + "properties": { + + "commandLine": { + "description": "The command line used to invoke the tool.", + "type": "string" + }, + + "arguments": { + "description": "An array of strings, containing in order the command line arguments passed to the tool from the operating system.", + "type": "array", + "minItems": 0, + "uniqueItems": false, + "items": { + "type": "string" + } + }, + + "responseFiles": { + "description": "The locations of any response files specified on the tool's command line.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "items": { + "$ref": "#/definitions/artifactLocation" + } + }, + + "startTimeUtc": { + "description": "The Coordinated Universal Time (UTC) date and time at which the invocation started. See \"Date/time properties\" in the SARIF spec for the required format.", + "type": "string", + "format": "date-time" + }, + + "endTimeUtc": { + "description": "The Coordinated Universal Time (UTC) date and time at which the invocation ended. See \"Date/time properties\" in the SARIF spec for the required format.", + "type": "string", + "format": "date-time" + }, + + "exitCode": { + "description": "The process exit code.", + "type": "integer" + }, + + "ruleConfigurationOverrides": { + "description": "An array of configurationOverride objects that describe rules related runtime overrides.", + "type": "array", + "minItems": 0, + "default": [], + "uniqueItems": true, + "items": { + "$ref": "#/definitions/configurationOverride" + } + }, + + "notificationConfigurationOverrides": { + "description": "An array of configurationOverride objects that describe notifications related runtime overrides.", + "type": "array", + "minItems": 0, + "default": [], + "uniqueItems": true, + "items": { + "$ref": "#/definitions/configurationOverride" + } + }, + + "toolExecutionNotifications": { + "description": "A list of runtime conditions detected by the tool during the analysis.", + "type": "array", + "minItems": 0, + "uniqueItems": false, + "default": [], + "items": { + "$ref": "#/definitions/notification" + } + }, + + "toolConfigurationNotifications": { + "description": "A list of conditions detected by the tool that are relevant to the tool's configuration.", + "type": "array", + "minItems": 0, + "uniqueItems": false, + "default": [], + "items": { + "$ref": "#/definitions/notification" + } + }, + + "exitCodeDescription": { + "description": "The reason for the process exit.", + "type": "string" + }, + + "exitSignalName": { + "description": "The name of the signal that caused the process to exit.", + "type": "string" + }, + + "exitSignalNumber": { + "description": "The numeric value of the signal that caused the process to exit.", + "type": "integer" + }, + + "processStartFailureMessage": { + "description": "The reason given by the operating system that the process failed to start.", + "type": "string" + }, + + "executionSuccessful": { + "description": "Specifies whether the tool's execution completed successfully.", + "type": "boolean" + }, + + "machine": { + "description": "The machine on which the invocation occurred.", + "type": "string" + }, + + "account": { + "description": "The account under which the invocation occurred.", + "type": "string" + }, + + "processId": { + "description": "The id of the process in which the invocation occurred.", + "type": "integer" + }, + + "executableLocation": { + "description": "An absolute URI specifying the location of the executable that was invoked.", + "$ref": "#/definitions/artifactLocation" + }, + + "workingDirectory": { + "description": "The working directory for the invocation.", + "$ref": "#/definitions/artifactLocation" + }, + + "environmentVariables": { + "description": "The environment variables associated with the analysis tool process, expressed as key/value pairs.", + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + + "stdin": { + "description": "A file containing the standard input stream to the process that was invoked.", + "$ref": "#/definitions/artifactLocation" + }, + + "stdout": { + "description": "A file containing the standard output stream from the process that was invoked.", + "$ref": "#/definitions/artifactLocation" + }, + + "stderr": { + "description": "A file containing the standard error stream from the process that was invoked.", + "$ref": "#/definitions/artifactLocation" + }, + + "stdoutStderr": { + "description": "A file containing the interleaved standard output and standard error stream from the process that was invoked.", + "$ref": "#/definitions/artifactLocation" + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the invocation.", + "$ref": "#/definitions/propertyBag" + } + }, + "required": [ "executionSuccessful" ] + }, + + "location": { + "description": "A location within a programming artifact.", + "additionalProperties": false, + "type": "object", + "properties": { + + "id": { + "description": "Value that distinguishes this location from all other locations within a single result object.", + "type": "integer", + "minimum": -1, + "default": -1 + }, + + "physicalLocation": { + "description": "Identifies the artifact and region.", + "$ref": "#/definitions/physicalLocation" + }, + + "logicalLocations": { + "description": "The logical locations associated with the result.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/logicalLocation" + } + }, + + "message": { + "description": "A message relevant to the location.", + "$ref": "#/definitions/message" + }, + + "annotations": { + "description": "A set of regions relevant to the location.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/region" + } + }, + + "relationships": { + "description": "An array of objects that describe relationships between this location and others.", + "type": "array", + "default": [], + "minItems": 0, + "uniqueItems": true, + "items": { + "$ref": "#/definitions/locationRelationship" + } + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the location.", + "$ref": "#/definitions/propertyBag" + } + } + }, + + "locationRelationship": { + "description": "Information about the relation of one location to another.", + "type": "object", + "additionalProperties": false, + "properties": { + + "target": { + "description": "A reference to the related location.", + "type": "integer", + "minimum": 0 + }, + + "kinds": { + "description": "A set of distinct strings that categorize the relationship. Well-known kinds include 'includes', 'isIncludedBy' and 'relevant'.", + "type": "array", + "default": [ "relevant" ], + "uniqueItems": true, + "items": { + "type": "string" + } + }, + + "description": { + "description": "A description of the location relationship.", + "$ref": "#/definitions/message" + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the location relationship.", + "$ref": "#/definitions/propertyBag" + } + }, + "required": [ "target" ] + }, + + "logicalLocation": { + "description": "A logical location of a construct that produced a result.", + "additionalProperties": false, + "type": "object", + "properties": { + + "name": { + "description": "Identifies the construct in which the result occurred. For example, this property might contain the name of a class or a method.", + "type": "string" + }, + + "index": { + "description": "The index within the logical locations array.", + "type": "integer", + "default": -1, + "minimum": -1 + }, + + "fullyQualifiedName": { + "description": "The human-readable fully qualified name of the logical location.", + "type": "string" + }, + + "decoratedName": { + "description": "The machine-readable name for the logical location, such as a mangled function name provided by a C++ compiler that encodes calling convention, return type and other details along with the function name.", + "type": "string" + }, + + "parentIndex": { + "description": "Identifies the index of the immediate parent of the construct in which the result was detected. For example, this property might point to a logical location that represents the namespace that holds a type.", + "type": "integer", + "default": -1, + "minimum": -1 + }, + + "kind": { + "description": "The type of construct this logical location component refers to. Should be one of 'function', 'member', 'module', 'namespace', 'parameter', 'resource', 'returnType', 'type', 'variable', 'object', 'array', 'property', 'value', 'element', 'text', 'attribute', 'comment', 'declaration', 'dtd' or 'processingInstruction', if any of those accurately describe the construct.", + "type": "string" + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the logical location.", + "$ref": "#/definitions/propertyBag" + } + } + }, + + "message": { + "description": "Encapsulates a message intended to be read by the end user.", + "type": "object", + "additionalProperties": false, + + "properties": { + + "text": { + "description": "A plain text message string.", + "type": "string" + }, + + "markdown": { + "description": "A Markdown message string.", + "type": "string" + }, + + "id": { + "description": "The identifier for this message.", + "type": "string" + }, + + "arguments": { + "description": "An array of strings to substitute into the message string.", + "type": "array", + "minItems": 0, + "uniqueItems": false, + "default": [], + "items": { + "type": "string" + } + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the message.", + "$ref": "#/definitions/propertyBag" + } + }, + "anyOf": [ + { "required": [ "text" ] }, + { "required": [ "id" ] } + ] + }, + + "multiformatMessageString": { + "description": "A message string or message format string rendered in multiple formats.", + "type": "object", + "additionalProperties": false, + + "properties": { + + "text": { + "description": "A plain text message string or format string.", + "type": "string" + }, + + "markdown": { + "description": "A Markdown message string or format string.", + "type": "string" + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the message.", + "$ref": "#/definitions/propertyBag" + } + }, + "required": [ "text" ] + }, + + "node": { + "description": "Represents a node in a graph.", + "type": "object", + "additionalProperties": false, + + "properties": { + + "id": { + "description": "A string that uniquely identifies the node within its graph.", + "type": "string" + }, + + "label": { + "description": "A short description of the node.", + "$ref": "#/definitions/message" + }, + + "location": { + "description": "A code location associated with the node.", + "$ref": "#/definitions/location" + }, + + "children": { + "description": "Array of child nodes.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/node" + } + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the node.", + "$ref": "#/definitions/propertyBag" + } + }, + + "required": [ "id" ] + }, + + "notification": { + "description": "Describes a condition relevant to the tool itself, as opposed to being relevant to a target being analyzed by the tool.", + "type": "object", + "additionalProperties": false, + "properties": { + + "locations": { + "description": "The locations relevant to this notification.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/location" + } + }, + + "message": { + "description": "A message that describes the condition that was encountered.", + "$ref": "#/definitions/message" + }, + + "level": { + "description": "A value specifying the severity level of the notification.", + "default": "warning", + "enum": [ "none", "note", "warning", "error" ] + }, + + "threadId": { + "description": "The thread identifier of the code that generated the notification.", + "type": "integer" + }, + + "timeUtc": { + "description": "The Coordinated Universal Time (UTC) date and time at which the analysis tool generated the notification.", + "type": "string", + "format": "date-time" + }, + + "exception": { + "description": "The runtime exception, if any, relevant to this notification.", + "$ref": "#/definitions/exception" + }, + + "descriptor": { + "description": "A reference used to locate the descriptor relevant to this notification.", + "$ref": "#/definitions/reportingDescriptorReference" + }, + + "associatedRule": { + "description": "A reference used to locate the rule descriptor associated with this notification.", + "$ref": "#/definitions/reportingDescriptorReference" + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the notification.", + "$ref": "#/definitions/propertyBag" + } + }, + + "required": [ "message" ] + }, + + "physicalLocation": { + "description": "A physical location relevant to a result. Specifies a reference to a programming artifact together with a range of bytes or characters within that artifact.", + "additionalProperties": false, + "type": "object", + "properties": { + + "address": { + "description": "The address of the location.", + "$ref": "#/definitions/address" + }, + + "artifactLocation": { + "description": "The location of the artifact.", + "$ref": "#/definitions/artifactLocation" + }, + + "region": { + "description": "Specifies a portion of the artifact.", + "$ref": "#/definitions/region" + }, + + "contextRegion": { + "description": "Specifies a portion of the artifact that encloses the region. Allows a viewer to display additional context around the region.", + "$ref": "#/definitions/region" + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the physical location.", + "$ref": "#/definitions/propertyBag" + } + }, + + "anyOf": [ + { + "required": [ "address" ] + }, + { + "required": [ "artifactLocation" ] + } + ] + }, + + "propertyBag": { + "description": "Key/value pairs that provide additional information about the object.", + "type": "object", + "additionalProperties": true, + "properties": { + "tags": { + + "description": "A set of distinct strings that provide additional information.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "type": "string" + } + } + } + }, + + "rectangle": { + "description": "An area within an image.", + "additionalProperties": false, + "type": "object", + "properties": { + + "top": { + "description": "The Y coordinate of the top edge of the rectangle, measured in the image's natural units.", + "type": "number" + }, + + "left": { + "description": "The X coordinate of the left edge of the rectangle, measured in the image's natural units.", + "type": "number" + }, + + "bottom": { + "description": "The Y coordinate of the bottom edge of the rectangle, measured in the image's natural units.", + "type": "number" + }, + + "right": { + "description": "The X coordinate of the right edge of the rectangle, measured in the image's natural units.", + "type": "number" + }, + + "message": { + "description": "A message relevant to the rectangle.", + "$ref": "#/definitions/message" + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the rectangle.", + "$ref": "#/definitions/propertyBag" + } + } + }, + + "region": { + "description": "A region within an artifact where a result was detected.", + "additionalProperties": false, + "type": "object", + "properties": { + + "startLine": { + "description": "The line number of the first character in the region.", + "type": "integer", + "minimum": 1 + }, + + "startColumn": { + "description": "The column number of the first character in the region.", + "type": "integer", + "minimum": 1 + }, + + "endLine": { + "description": "The line number of the last character in the region.", + "type": "integer", + "minimum": 1 + }, + + "endColumn": { + "description": "The column number of the character following the end of the region.", + "type": "integer", + "minimum": 1 + }, + + "charOffset": { + "description": "The zero-based offset from the beginning of the artifact of the first character in the region.", + "type": "integer", + "default": -1, + "minimum": -1 + }, + + "charLength": { + "description": "The length of the region in characters.", + "type": "integer", + "minimum": 0 + }, + + "byteOffset": { + "description": "The zero-based offset from the beginning of the artifact of the first byte in the region.", + "type": "integer", + "default": -1, + "minimum": -1 + }, + + "byteLength": { + "description": "The length of the region in bytes.", + "type": "integer", + "minimum": 0 + }, + + "snippet": { + "description": "The portion of the artifact contents within the specified region.", + "$ref": "#/definitions/artifactContent" + }, + + "message": { + "description": "A message relevant to the region.", + "$ref": "#/definitions/message" + }, + + "sourceLanguage": { + "description": "Specifies the source language, if any, of the portion of the artifact specified by the region object.", + "type": "string" + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the region.", + "$ref": "#/definitions/propertyBag" + } + } + }, + + "replacement": { + "description": "The replacement of a single region of an artifact.", + "additionalProperties": false, + "type": "object", + "properties": { + + "deletedRegion": { + "description": "The region of the artifact to delete.", + "$ref": "#/definitions/region" + }, + + "insertedContent": { + "description": "The content to insert at the location specified by the 'deletedRegion' property.", + "$ref": "#/definitions/artifactContent" + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the replacement.", + "$ref": "#/definitions/propertyBag" + } + }, + + "required": [ "deletedRegion" ] + }, + + "reportingDescriptor": { + "description": "Metadata that describes a specific report produced by the tool, as part of the analysis it provides or its runtime reporting.", + "additionalProperties": false, + "type": "object", + "properties": { + + "id": { + "description": "A stable, opaque identifier for the report.", + "type": "string" + }, + + "deprecatedIds": { + "description": "An array of stable, opaque identifiers by which this report was known in some previous version of the analysis tool.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "items": { + "type": "string" + } + }, + + "guid": { + "description": "A unique identifer for the reporting descriptor in the form of a GUID.", + "type": "string", + "pattern": "^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[1-5][0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}$" + }, + + "deprecatedGuids": { + "description": "An array of unique identifies in the form of a GUID by which this report was known in some previous version of the analysis tool.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "items": { + "type": "string", + "pattern": "^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[1-5][0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}$" + } + }, + + "name": { + "description": "A report identifier that is understandable to an end user.", + "type": "string" + }, + + "deprecatedNames": { + "description": "An array of readable identifiers by which this report was known in some previous version of the analysis tool.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "items": { + "type": "string" + } + }, + + "shortDescription": { + "description": "A concise description of the report. Should be a single sentence that is understandable when visible space is limited to a single line of text.", + "$ref": "#/definitions/multiformatMessageString" + }, + + "fullDescription": { + "description": "A description of the report. Should, as far as possible, provide details sufficient to enable resolution of any problem indicated by the result.", + "$ref": "#/definitions/multiformatMessageString" + }, + + "messageStrings": { + "description": "A set of name/value pairs with arbitrary names. Each value is a multiformatMessageString object, which holds message strings in plain text and (optionally) Markdown format. The strings can include placeholders, which can be used to construct a message in combination with an arbitrary number of additional string arguments.", + "type": "object", + "additionalProperties": { + "$ref": "#/definitions/multiformatMessageString" + } + }, + + "defaultConfiguration": { + "description": "Default reporting configuration information.", + "$ref": "#/definitions/reportingConfiguration" + }, + + "helpUri": { + "description": "A URI where the primary documentation for the report can be found.", + "type": "string", + "format": "uri" + }, + + "help": { + "description": "Provides the primary documentation for the report, useful when there is no online documentation.", + "$ref": "#/definitions/multiformatMessageString" + }, + + "relationships": { + "description": "An array of objects that describe relationships between this reporting descriptor and others.", + "type": "array", + "default": [], + "minItems": 0, + "uniqueItems": true, + "items": { + "$ref": "#/definitions/reportingDescriptorRelationship" + } + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the report.", + "$ref": "#/definitions/propertyBag" + } + }, + "required": [ "id" ] + }, + + "reportingConfiguration": { + "description": "Information about a rule or notification that can be configured at runtime.", + "type": "object", + "additionalProperties": false, + "properties": { + + "enabled": { + "description": "Specifies whether the report may be produced during the scan.", + "type": "boolean", + "default": true + }, + + "level": { + "description": "Specifies the failure level for the report.", + "default": "warning", + "enum": [ "none", "note", "warning", "error" ] + }, + + "rank": { + "description": "Specifies the relative priority of the report. Used for analysis output only.", + "type": "number", + "default": -1.0, + "minimum": -1.0, + "maximum": 100.0 + }, + + "parameters": { + "description": "Contains configuration information specific to a report.", + "$ref": "#/definitions/propertyBag" + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the reporting configuration.", + "$ref": "#/definitions/propertyBag" + } + } + }, + + "reportingDescriptorReference": { + "description": "Information about how to locate a relevant reporting descriptor.", + "type": "object", + "additionalProperties": false, + "properties": { + + "id": { + "description": "The id of the descriptor.", + "type": "string" + }, + + "index": { + "description": "The index into an array of descriptors in toolComponent.ruleDescriptors, toolComponent.notificationDescriptors, or toolComponent.taxonomyDescriptors, depending on context.", + "type": "integer", + "default": -1, + "minimum": -1 + }, + + "guid": { + "description": "A guid that uniquely identifies the descriptor.", + "type": "string", + "pattern": "^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[1-5][0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}$" + }, + + "toolComponent": { + "description": "A reference used to locate the toolComponent associated with the descriptor.", + "$ref": "#/definitions/toolComponentReference" + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the reporting descriptor reference.", + "$ref": "#/definitions/propertyBag" + } + }, + "anyOf": [ + { "required": [ "index" ] }, + { "required": [ "guid" ] }, + { "required": [ "id" ] } + ] + }, + + "reportingDescriptorRelationship": { + "description": "Information about the relation of one reporting descriptor to another.", + "type": "object", + "additionalProperties": false, + "properties": { + + "target": { + "description": "A reference to the related reporting descriptor.", + "$ref": "#/definitions/reportingDescriptorReference" + }, + + "kinds": { + "description": "A set of distinct strings that categorize the relationship. Well-known kinds include 'canPrecede', 'canFollow', 'willPrecede', 'willFollow', 'superset', 'subset', 'equal', 'disjoint', 'relevant', and 'incomparable'.", + "type": "array", + "default": [ "relevant" ], + "uniqueItems": true, + "items": { + "type": "string" + } + }, + + "description": { + "description": "A description of the reporting descriptor relationship.", + "$ref": "#/definitions/message" + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the reporting descriptor reference.", + "$ref": "#/definitions/propertyBag" + } + }, + "required": [ "target" ] + }, + + "result": { + "description": "A result produced by an analysis tool.", + "additionalProperties": false, + "type": "object", + "properties": { + + "ruleId": { + "description": "The stable, unique identifier of the rule, if any, to which this result is relevant.", + "type": "string" + }, + + "ruleIndex": { + "description": "The index within the tool component rules array of the rule object associated with this result.", + "type": "integer", + "default": -1, + "minimum": -1 + }, + + "rule": { + "description": "A reference used to locate the rule descriptor relevant to this result.", + "$ref": "#/definitions/reportingDescriptorReference" + }, + + "kind": { + "description": "A value that categorizes results by evaluation state.", + "default": "fail", + "enum": [ "notApplicable", "pass", "fail", "review", "open", "informational" ] + }, + + "level": { + "description": "A value specifying the severity level of the result.", + "default": "warning", + "enum": [ "none", "note", "warning", "error" ] + }, + + "message": { + "description": "A message that describes the result. The first sentence of the message only will be displayed when visible space is limited.", + "$ref": "#/definitions/message" + }, + + "analysisTarget": { + "description": "Identifies the artifact that the analysis tool was instructed to scan. This need not be the same as the artifact where the result actually occurred.", + "$ref": "#/definitions/artifactLocation" + }, + + "locations": { + "description": "The set of locations where the result was detected. Specify only one location unless the problem indicated by the result can only be corrected by making a change at every specified location.", + "type": "array", + "minItems": 0, + "uniqueItems": false, + "default": [], + "items": { + "$ref": "#/definitions/location" + } + }, + + "guid": { + "description": "A stable, unique identifer for the result in the form of a GUID.", + "type": "string", + "pattern": "^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[1-5][0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}$" + }, + + "correlationGuid": { + "description": "A stable, unique identifier for the equivalence class of logically identical results to which this result belongs, in the form of a GUID.", + "type": "string", + "pattern": "^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[1-5][0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}$" + }, + + "occurrenceCount": { + "description": "A positive integer specifying the number of times this logically unique result was observed in this run.", + "type": "integer", + "minimum": 1 + }, + + "partialFingerprints": { + "description": "A set of strings that contribute to the stable, unique identity of the result.", + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + + "fingerprints": { + "description": "A set of strings each of which individually defines a stable, unique identity for the result.", + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + + "stacks": { + "description": "An array of 'stack' objects relevant to the result.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/stack" + } + }, + + "codeFlows": { + "description": "An array of 'codeFlow' objects relevant to the result.", + "type": "array", + "minItems": 0, + "uniqueItems": false, + "default": [], + "items": { + "$ref": "#/definitions/codeFlow" + } + }, + + "graphs": { + "description": "An array of zero or more unique graph objects associated with the result.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/graph" + } + }, + + "graphTraversals": { + "description": "An array of one or more unique 'graphTraversal' objects.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/graphTraversal" + } + }, + + "relatedLocations": { + "description": "A set of locations relevant to this result.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/location" + } + }, + + "suppressions": { + "description": "A set of suppressions relevant to this result.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "items": { + "$ref": "#/definitions/suppression" + } + }, + + "baselineState": { + "description": "The state of a result relative to a baseline of a previous run.", + "enum": [ + "new", + "unchanged", + "updated", + "absent" + ] + }, + + "rank": { + "description": "A number representing the priority or importance of the result.", + "type": "number", + "default": -1.0, + "minimum": -1.0, + "maximum": 100.0 + }, + + "attachments": { + "description": "A set of artifacts relevant to the result.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/attachment" + } + }, + + "hostedViewerUri": { + "description": "An absolute URI at which the result can be viewed.", + "type": "string", + "format": "uri" + }, + + "workItemUris": { + "description": "The URIs of the work items associated with this result.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "items": { + "type": "string", + "format": "uri" + } + }, + + "provenance": { + "description": "Information about how and when the result was detected.", + "$ref": "#/definitions/resultProvenance" + }, + + "fixes": { + "description": "An array of 'fix' objects, each of which represents a proposed fix to the problem indicated by the result.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/fix" + } + }, + + "taxa": { + "description": "An array of references to taxonomy reporting descriptors that are applicable to the result.", + "type": "array", + "default": [], + "minItems": 0, + "uniqueItems": true, + "items": { + "$ref": "#/definitions/reportingDescriptorReference" + } + }, + + "webRequest": { + "description": "A web request associated with this result.", + "$ref": "#/definitions/webRequest" + }, + + "webResponse": { + "description": "A web response associated with this result.", + "$ref": "#/definitions/webResponse" + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the result.", + "$ref": "#/definitions/propertyBag" + } + }, + "required": [ "message" ] + }, + + "resultProvenance": { + "description": "Contains information about how and when a result was detected.", + "additionalProperties": false, + "type": "object", + "properties": { + + "firstDetectionTimeUtc": { + "description": "The Coordinated Universal Time (UTC) date and time at which the result was first detected. See \"Date/time properties\" in the SARIF spec for the required format.", + "type": "string", + "format": "date-time" + }, + + "lastDetectionTimeUtc": { + "description": "The Coordinated Universal Time (UTC) date and time at which the result was most recently detected. See \"Date/time properties\" in the SARIF spec for the required format.", + "type": "string", + "format": "date-time" + }, + + "firstDetectionRunGuid": { + "description": "A GUID-valued string equal to the automationDetails.guid property of the run in which the result was first detected.", + "type": "string", + "pattern": "^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[1-5][0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}$" + }, + + "lastDetectionRunGuid": { + "description": "A GUID-valued string equal to the automationDetails.guid property of the run in which the result was most recently detected.", + "type": "string", + "pattern": "^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[1-5][0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}$" + }, + + "invocationIndex": { + "description": "The index within the run.invocations array of the invocation object which describes the tool invocation that detected the result.", + "type": "integer", + "default": -1, + "minimum": -1 + }, + + "conversionSources": { + "description": "An array of physicalLocation objects which specify the portions of an analysis tool's output that a converter transformed into the result.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/physicalLocation" + } + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the result.", + "$ref": "#/definitions/propertyBag" + } + } + }, + + "run": { + "description": "Describes a single run of an analysis tool, and contains the reported output of that run.", + "additionalProperties": false, + "type": "object", + "properties": { + + "tool": { + "description": "Information about the tool or tool pipeline that generated the results in this run. A run can only contain results produced by a single tool or tool pipeline. A run can aggregate results from multiple log files, as long as context around the tool run (tool command-line arguments and the like) is identical for all aggregated files.", + "$ref": "#/definitions/tool" + }, + + "invocations": { + "description": "Describes the invocation of the analysis tool.", + "type": "array", + "minItems": 0, + "uniqueItems": false, + "default": [], + "items": { + "$ref": "#/definitions/invocation" + } + }, + + "conversion": { + "description": "A conversion object that describes how a converter transformed an analysis tool's native reporting format into the SARIF format.", + "$ref": "#/definitions/conversion" + }, + + "language": { + "description": "The language of the messages emitted into the log file during this run (expressed as an ISO 639-1 two-letter lowercase culture code) and an optional region (expressed as an ISO 3166-1 two-letter uppercase subculture code associated with a country or region). The casing is recommended but not required (in order for this data to conform to RFC5646).", + "type": "string", + "default": "en-US", + "pattern": "^[a-zA-Z]{2}|^[a-zA-Z]{2}-[a-zA-Z]{2}]?$" + }, + + "versionControlProvenance": { + "description": "Specifies the revision in version control of the artifacts that were scanned.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/versionControlDetails" + } + }, + + "originalUriBaseIds": { + "description": "The artifact location specified by each uriBaseId symbol on the machine where the tool originally ran.", + "type": "object", + "additionalProperties": { + "$ref": "#/definitions/artifactLocation" + } + }, + + "artifacts": { + "description": "An array of artifact objects relevant to the run.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "items": { + "$ref": "#/definitions/artifact" + } + }, + + "logicalLocations": { + "description": "An array of logical locations such as namespaces, types or functions.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/logicalLocation" + } + }, + + "graphs": { + "description": "An array of zero or more unique graph objects associated with the run.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/graph" + } + }, + + "results": { + "description": "The set of results contained in an SARIF log. The results array can be omitted when a run is solely exporting rules metadata. It must be present (but may be empty) if a log file represents an actual scan.", + "type": "array", + "minItems": 0, + "uniqueItems": false, + "items": { + "$ref": "#/definitions/result" + } + }, + + "automationDetails": { + "description": "Automation details that describe this run.", + "$ref": "#/definitions/runAutomationDetails" + }, + + "runAggregates": { + "description": "Automation details that describe the aggregate of runs to which this run belongs.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/runAutomationDetails" + } + }, + + "baselineGuid": { + "description": "The 'guid' property of a previous SARIF 'run' that comprises the baseline that was used to compute result 'baselineState' properties for the run.", + "type": "string", + "pattern": "^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[1-5][0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}$" + }, + + "redactionTokens": { + "description": "An array of strings used to replace sensitive information in a redaction-aware property.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "type": "string" + } + }, + + "defaultEncoding": { + "description": "Specifies the default encoding for any artifact object that refers to a text file.", + "type": "string" + }, + + "defaultSourceLanguage": { + "description": "Specifies the default source language for any artifact object that refers to a text file that contains source code.", + "type": "string" + }, + + "newlineSequences": { + "description": "An ordered list of character sequences that were treated as line breaks when computing region information for the run.", + "type": "array", + "minItems": 1, + "uniqueItems": true, + "default": [ "\r\n", "\n" ], + "items": { + "type": "string" + } + }, + + "columnKind": { + "description": "Specifies the unit in which the tool measures columns.", + "enum": [ "utf16CodeUnits", "unicodeCodePoints" ] + }, + + "externalPropertyFileReferences": { + "description": "References to external property files that should be inlined with the content of a root log file.", + "$ref": "#/definitions/externalPropertyFileReferences" + }, + + "threadFlowLocations": { + "description": "An array of threadFlowLocation objects cached at run level.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/threadFlowLocation" + } + }, + + "taxonomies": { + "description": "An array of toolComponent objects relevant to a taxonomy in which results are categorized.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/toolComponent" + } + }, + + "addresses": { + "description": "Addresses associated with this run instance, if any.", + "type": "array", + "minItems": 0, + "uniqueItems": false, + "default": [], + "items": { + "$ref": "#/definitions/address" + } + }, + + "translations": { + "description": "The set of available translations of the localized data provided by the tool.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/toolComponent" + } + }, + + "policies": { + "description": "Contains configurations that may potentially override both reportingDescriptor.defaultConfiguration (the tool's default severities) and invocation.configurationOverrides (severities established at run-time from the command line).", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/toolComponent" + } + }, + + "webRequests": { + "description": "An array of request objects cached at run level.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/webRequest" + } + }, + + "webResponses": { + "description": "An array of response objects cached at run level.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/webResponse" + } + }, + + "specialLocations": { + "description": "A specialLocations object that defines locations of special significance to SARIF consumers.", + "$ref": "#/definitions/specialLocations" + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the run.", + "$ref": "#/definitions/propertyBag" + } + }, + + "required": [ "tool" ] + }, + + "runAutomationDetails": { + "description": "Information that describes a run's identity and role within an engineering system process.", + "additionalProperties": false, + "type": "object", + "properties": { + + "description": { + "description": "A description of the identity and role played within the engineering system by this object's containing run object.", + "$ref": "#/definitions/message" + }, + + "id": { + "description": "A hierarchical string that uniquely identifies this object's containing run object.", + "type": "string" + }, + + "guid": { + "description": "A stable, unique identifer for this object's containing run object in the form of a GUID.", + "type": "string", + "pattern": "^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[1-5][0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}$" + }, + + "correlationGuid": { + "description": "A stable, unique identifier for the equivalence class of runs to which this object's containing run object belongs in the form of a GUID.", + "type": "string", + "pattern": "^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[1-5][0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}$" + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the run automation details.", + "$ref": "#/definitions/propertyBag" + } + } + }, + + "specialLocations": { + "description": "Defines locations of special significance to SARIF consumers.", + "type": "object", + "additionalProperties": false, + "properties": { + + "displayBase": { + "description": "Provides a suggestion to SARIF consumers to display file paths relative to the specified location.", + "$ref": "#/definitions/artifactLocation" + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the special locations.", + "$ref": "#/definitions/propertyBag" + } + } + }, + + "stack": { + "description": "A call stack that is relevant to a result.", + "additionalProperties": false, + "type": "object", + "properties": { + + "message": { + "description": "A message relevant to this call stack.", + "$ref": "#/definitions/message" + }, + + "frames": { + "description": "An array of stack frames that represents a sequence of calls, rendered in reverse chronological order, that comprise the call stack.", + "type": "array", + "minItems": 0, + "uniqueItems": false, + "items": { + "$ref": "#/definitions/stackFrame" + } + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the stack.", + "$ref": "#/definitions/propertyBag" + } + }, + "required": [ "frames" ] + }, + + "stackFrame": { + "description": "A function call within a stack trace.", + "additionalProperties": false, + "type": "object", + "properties": { + + "location": { + "description": "The location to which this stack frame refers.", + "$ref": "#/definitions/location" + }, + + "module": { + "description": "The name of the module that contains the code of this stack frame.", + "type": "string" + }, + + "threadId": { + "description": "The thread identifier of the stack frame.", + "type": "integer" + }, + + "parameters": { + "description": "The parameters of the call that is executing.", + "type": "array", + "minItems": 0, + "uniqueItems": false, + "default": [], + "items": { + "type": "string", + "default": [] + } + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the stack frame.", + "$ref": "#/definitions/propertyBag" + } + } + }, + + "suppression": { + "description": "A suppression that is relevant to a result.", + "additionalProperties": false, + "type": "object", + "properties": { + + "guid": { + "description": "A stable, unique identifer for the suprression in the form of a GUID.", + "type": "string", + "pattern": "^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[1-5][0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}$" + }, + + "kind": { + "description": "A string that indicates where the suppression is persisted.", + "enum": [ + "inSource", + "external" + ] + }, + + "status": { + "description": "A string that indicates the review status of the suppression.", + "enum": [ + "accepted", + "underReview", + "rejected" + ] + }, + + "justification": { + "description": "A string representing the justification for the suppression.", + "type": "string" + }, + + "location": { + "description": "Identifies the location associated with the suppression.", + "$ref": "#/definitions/location" + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the suppression.", + "$ref": "#/definitions/propertyBag" + } + }, + "required": [ "kind" ] + }, + + "threadFlow": { + "description": "Describes a sequence of code locations that specify a path through a single thread of execution such as an operating system or fiber.", + "type": "object", + "additionalProperties": false, + "properties": { + + "id": { + "description": "An string that uniquely identifies the threadFlow within the codeFlow in which it occurs.", + "type": "string" + }, + + "message": { + "description": "A message relevant to the thread flow.", + "$ref": "#/definitions/message" + }, + + + "initialState": { + "description": "Values of relevant expressions at the start of the thread flow that may change during thread flow execution.", + "type": "object", + "additionalProperties": { + "$ref": "#/definitions/multiformatMessageString" + } + }, + + "immutableState": { + "description": "Values of relevant expressions at the start of the thread flow that remain constant.", + "type": "object", + "additionalProperties": { + "$ref": "#/definitions/multiformatMessageString" + } + }, + + "locations": { + "description": "A temporally ordered array of 'threadFlowLocation' objects, each of which describes a location visited by the tool while producing the result.", + "type": "array", + "minItems": 1, + "uniqueItems": false, + "items": { + "$ref": "#/definitions/threadFlowLocation" + } + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the thread flow.", + "$ref": "#/definitions/propertyBag" + } + }, + + "required": [ "locations" ] + }, + + "threadFlowLocation": { + "description": "A location visited by an analysis tool while simulating or monitoring the execution of a program.", + "additionalProperties": false, + "type": "object", + "properties": { + + "index": { + "description": "The index within the run threadFlowLocations array.", + "type": "integer", + "default": -1, + "minimum": -1 + }, + + "location": { + "description": "The code location.", + "$ref": "#/definitions/location" + }, + + "stack": { + "description": "The call stack leading to this location.", + "$ref": "#/definitions/stack" + }, + + "kinds": { + "description": "A set of distinct strings that categorize the thread flow location. Well-known kinds include 'acquire', 'release', 'enter', 'exit', 'call', 'return', 'branch', 'implicit', 'false', 'true', 'caution', 'danger', 'unknown', 'unreachable', 'taint', 'function', 'handler', 'lock', 'memory', 'resource', 'scope' and 'value'.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "type": "string" + } + }, + + "taxa": { + "description": "An array of references to rule or taxonomy reporting descriptors that are applicable to the thread flow location.", + "type": "array", + "default": [], + "minItems": 0, + "uniqueItems": true, + "items": { + "$ref": "#/definitions/reportingDescriptorReference" + } + }, + + "module": { + "description": "The name of the module that contains the code that is executing.", + "type": "string" + }, + + "state": { + "description": "A dictionary, each of whose keys specifies a variable or expression, the associated value of which represents the variable or expression value. For an annotation of kind 'continuation', for example, this dictionary might hold the current assumed values of a set of global variables.", + "type": "object", + "additionalProperties": { + "$ref": "#/definitions/multiformatMessageString" + } + }, + + "nestingLevel": { + "description": "An integer representing a containment hierarchy within the thread flow.", + "type": "integer", + "minimum": 0 + }, + + "executionOrder": { + "description": "An integer representing the temporal order in which execution reached this location.", + "type": "integer", + "default": -1, + "minimum": -1 + }, + + "executionTimeUtc": { + "description": "The Coordinated Universal Time (UTC) date and time at which this location was executed.", + "type": "string", + "format": "date-time" + }, + + "importance": { + "description": "Specifies the importance of this location in understanding the code flow in which it occurs. The order from most to least important is \"essential\", \"important\", \"unimportant\". Default: \"important\".", + "enum": [ "important", "essential", "unimportant" ], + "default": "important" + }, + + "webRequest": { + "description": "A web request associated with this thread flow location.", + "$ref": "#/definitions/webRequest" + }, + + "webResponse": { + "description": "A web response associated with this thread flow location.", + "$ref": "#/definitions/webResponse" + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the threadflow location.", + "$ref": "#/definitions/propertyBag" + } + } + }, + + "tool": { + "description": "The analysis tool that was run.", + "additionalProperties": false, + "type": "object", + "properties": { + + "driver": { + "description": "The analysis tool that was run.", + "$ref": "#/definitions/toolComponent" + }, + + "extensions": { + "description": "Tool extensions that contributed to or reconfigured the analysis tool that was run.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/toolComponent" + } + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the tool.", + "$ref": "#/definitions/propertyBag" + } + }, + + "required": [ "driver" ] + }, + + "toolComponent": { + "description": "A component, such as a plug-in or the driver, of the analysis tool that was run.", + "additionalProperties": false, + "type": "object", + "properties": { + + "guid": { + "description": "A unique identifer for the tool component in the form of a GUID.", + "type": "string", + "pattern": "^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[1-5][0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}$" + }, + + "name": { + "description": "The name of the tool component.", + "type": "string" + }, + + "organization": { + "description": "The organization or company that produced the tool component.", + "type": "string" + }, + + "product": { + "description": "A product suite to which the tool component belongs.", + "type": "string" + }, + + "productSuite": { + "description": "A localizable string containing the name of the suite of products to which the tool component belongs.", + "type": "string" + }, + + "shortDescription": { + "description": "A brief description of the tool component.", + "$ref": "#/definitions/multiformatMessageString" + }, + + "fullDescription": { + "description": "A comprehensive description of the tool component.", + "$ref": "#/definitions/multiformatMessageString" + }, + + "fullName": { + "description": "The name of the tool component along with its version and any other useful identifying information, such as its locale.", + "type": "string" + }, + + "version": { + "description": "The tool component version, in whatever format the component natively provides.", + "type": "string" + }, + + "semanticVersion": { + "description": "The tool component version in the format specified by Semantic Versioning 2.0.", + "type": "string" + }, + + "dottedQuadFileVersion": { + "description": "The binary version of the tool component's primary executable file expressed as four non-negative integers separated by a period (for operating systems that express file versions in this way).", + "type": "string", + "pattern": "[0-9]+(\\.[0-9]+){3}" + }, + + "releaseDateUtc": { + "description": "A string specifying the UTC date (and optionally, the time) of the component's release.", + "type": "string" + }, + + "downloadUri": { + "description": "The absolute URI from which the tool component can be downloaded.", + "type": "string", + "format": "uri" + }, + + "informationUri": { + "description": "The absolute URI at which information about this version of the tool component can be found.", + "type": "string", + "format": "uri" + }, + + "globalMessageStrings": { + "description": "A dictionary, each of whose keys is a resource identifier and each of whose values is a multiformatMessageString object, which holds message strings in plain text and (optionally) Markdown format. The strings can include placeholders, which can be used to construct a message in combination with an arbitrary number of additional string arguments.", + "type": "object", + "additionalProperties": { + "$ref": "#/definitions/multiformatMessageString" + } + }, + + "notifications": { + "description": "An array of reportingDescriptor objects relevant to the notifications related to the configuration and runtime execution of the tool component.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/reportingDescriptor" + } + }, + + "rules": { + "description": "An array of reportingDescriptor objects relevant to the analysis performed by the tool component.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/reportingDescriptor" + } + }, + + "taxa": { + "description": "An array of reportingDescriptor objects relevant to the definitions of both standalone and tool-defined taxonomies.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/reportingDescriptor" + } + }, + + "locations": { + "description": "An array of the artifactLocation objects associated with the tool component.", + "type": "array", + "minItems": 0, + "default": [], + "items": { + "$ref": "#/definitions/artifactLocation" + } + }, + + "language": { + "description": "The language of the messages emitted into the log file during this run (expressed as an ISO 639-1 two-letter lowercase language code) and an optional region (expressed as an ISO 3166-1 two-letter uppercase subculture code associated with a country or region). The casing is recommended but not required (in order for this data to conform to RFC5646).", + "type": "string", + "default": "en-US", + "pattern": "^[a-zA-Z]{2}|^[a-zA-Z]{2}-[a-zA-Z]{2}]?$" + }, + + "contents": { + "description": "The kinds of data contained in this object.", + "type": "array", + "uniqueItems": true, + "default": [ "localizedData", "nonLocalizedData" ], + "items": { + "enum": [ + "localizedData", + "nonLocalizedData" + ] + } + }, + + "isComprehensive": { + "description": "Specifies whether this object contains a complete definition of the localizable and/or non-localizable data for this component, as opposed to including only data that is relevant to the results persisted to this log file.", + "type": "boolean", + "default": false + }, + + "localizedDataSemanticVersion": { + "description": "The semantic version of the localized strings defined in this component; maintained by components that provide translations.", + "type": "string" + }, + + "minimumRequiredLocalizedDataSemanticVersion": { + "description": "The minimum value of localizedDataSemanticVersion required in translations consumed by this component; used by components that consume translations.", + "type": "string" + }, + + "associatedComponent": { + "description": "The component which is strongly associated with this component. For a translation, this refers to the component which has been translated. For an extension, this is the driver that provides the extension's plugin model.", + "$ref": "#/definitions/toolComponentReference" + }, + + "translationMetadata": { + "description": "Translation metadata, required for a translation, not populated by other component types.", + "$ref": "#/definitions/translationMetadata" + }, + + "supportedTaxonomies": { + "description": "An array of toolComponentReference objects to declare the taxonomies supported by the tool component.", + "type": "array", + "minItems": 0, + "uniqueItems": true, + "default": [], + "items": { + "$ref": "#/definitions/toolComponentReference" + } + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the tool component.", + "$ref": "#/definitions/propertyBag" + } + }, + + "required": [ "name" ] + }, + + "toolComponentReference": { + "description": "Identifies a particular toolComponent object, either the driver or an extension.", + "type": "object", + "additionalProperties": false, + "properties": { + + "name": { + "description": "The 'name' property of the referenced toolComponent.", + "type": "string" + }, + + "index": { + "description": "An index into the referenced toolComponent in tool.extensions.", + "type": "integer", + "default": -1, + "minimum": -1 + }, + + "guid": { + "description": "The 'guid' property of the referenced toolComponent.", + "type": "string", + "pattern": "^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[1-5][0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}$" + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the toolComponentReference.", + "$ref": "#/definitions/propertyBag" + } + } + }, + + "translationMetadata": { + "description": "Provides additional metadata related to translation.", + "type": "object", + "additionalProperties": false, + "properties": { + + "name": { + "description": "The name associated with the translation metadata.", + "type": "string" + }, + + "fullName": { + "description": "The full name associated with the translation metadata.", + "type": "string" + }, + + "shortDescription": { + "description": "A brief description of the translation metadata.", + "$ref": "#/definitions/multiformatMessageString" + }, + + "fullDescription": { + "description": "A comprehensive description of the translation metadata.", + "$ref": "#/definitions/multiformatMessageString" + }, + + "downloadUri": { + "description": "The absolute URI from which the translation metadata can be downloaded.", + "type": "string", + "format": "uri" + }, + + "informationUri": { + "description": "The absolute URI from which information related to the translation metadata can be downloaded.", + "type": "string", + "format": "uri" + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the translation metadata.", + "$ref": "#/definitions/propertyBag" + } + }, + "required": [ "name" ] + }, + + "versionControlDetails": { + "description": "Specifies the information necessary to retrieve a desired revision from a version control system.", + "type": "object", + "additionalProperties": false, + "properties": { + + "repositoryUri": { + "description": "The absolute URI of the repository.", + "type": "string", + "format": "uri" + }, + + "revisionId": { + "description": "A string that uniquely and permanently identifies the revision within the repository.", + "type": "string" + }, + + "branch": { + "description": "The name of a branch containing the revision.", + "type": "string" + }, + + "revisionTag": { + "description": "A tag that has been applied to the revision.", + "type": "string" + }, + + "asOfTimeUtc": { + "description": "A Coordinated Universal Time (UTC) date and time that can be used to synchronize an enlistment to the state of the repository at that time.", + "type": "string", + "format": "date-time" + }, + + "mappedTo": { + "description": "The location in the local file system to which the root of the repository was mapped at the time of the analysis.", + "$ref": "#/definitions/artifactLocation" + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the version control details.", + "$ref": "#/definitions/propertyBag" + } + }, + + "required": [ "repositoryUri" ] + }, + + "webRequest": { + "description": "Describes an HTTP request.", + "type": "object", + "additionalProperties": false, + "properties": { + + "index": { + "description": "The index within the run.webRequests array of the request object associated with this result.", + "type": "integer", + "default": -1, + "minimum": -1 + + }, + + "protocol": { + "description": "The request protocol. Example: 'http'.", + "type": "string" + }, + + "version": { + "description": "The request version. Example: '1.1'.", + "type": "string" + }, + + "target": { + "description": "The target of the request.", + "type": "string" + }, + + "method": { + "description": "The HTTP method. Well-known values are 'GET', 'PUT', 'POST', 'DELETE', 'PATCH', 'HEAD', 'OPTIONS', 'TRACE', 'CONNECT'.", + "type": "string" + }, + + "headers": { + "description": "The request headers.", + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + + "parameters": { + "description": "The request parameters.", + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + + "body": { + "description": "The body of the request.", + "$ref": "#/definitions/artifactContent" + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the request.", + "$ref": "#/definitions/propertyBag" + } + } + }, + + "webResponse": { + "description": "Describes the response to an HTTP request.", + "type": "object", + "additionalProperties": false, + "properties": { + + "index": { + "description": "The index within the run.webResponses array of the response object associated with this result.", + "type": "integer", + "default": -1, + "minimum": -1 + }, + + "protocol": { + "description": "The response protocol. Example: 'http'.", + "type": "string" + }, + + "version": { + "description": "The response version. Example: '1.1'.", + "type": "string" + }, + + "statusCode": { + "description": "The response status code. Example: 451.", + "type": "integer" + }, + + "reasonPhrase": { + "description": "The response reason. Example: 'Not found'.", + "type": "string" + }, + + "headers": { + "description": "The response headers.", + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + + "body": { + "description": "The body of the response.", + "$ref": "#/definitions/artifactContent" + }, + + "noResponseReceived": { + "description": "Specifies whether a response was received from the server.", + "type": "boolean", + "default": false + }, + + "properties": { + "description": "Key/value pairs that provide additional information about the response.", + "$ref": "#/definitions/propertyBag" + } + } + } + } +} diff --git a/scripts/guideline_recategorization/recategorize.py b/scripts/guideline_recategorization/recategorize.py new file mode 100644 index 0000000000..645b4ef6d8 --- /dev/null +++ b/scripts/guideline_recategorization/recategorize.py @@ -0,0 +1,188 @@ +import argparse +import sys +from dataclasses import asdict, dataclass +from typing import Any, Generator, Iterator, Mapping, Optional, TextIO, TypedDict, Union, cast +from pathlib import Path +import jsonschema +import json +from jsonpath_ng import jsonpath +import jsonpath_ng.ext +import jsonpointer +import yaml +import re +import jsonpatch +from functools import reduce + +CODING_STANDARDS_SCHEMA_ID = 'https://raw.githubusercontent.com/github/codeql-coding-standards/main/schemas/coding-standards-schema-1.0.0.json' +SARIF_SCHEMA_ID = 'https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json' + +script_path = Path(__file__).resolve() +root_path = script_path.parent.parent.parent + +@dataclass(frozen=True) +class GuidelineRecategorization(): + """ + This is a class to represent a guideline recategorization as specified in a + `coding-standard.yml` configuration. + """ + rule_id: str + category: str + +class JsonPatch(TypedDict): + """ + This is a class that represents a JSON Patch as specified in + https://datatracker.ietf.org/doc/html/rfc6902/. + """ + op: str + path: str + value: str + +def json_path_to_pointer(path: Union[str, jsonpath.JSONPath], subject: Mapping[str, Any]) -> Iterator[jsonpointer.JsonPointer]: + """ Convert a JSON Path to, possible multiple, JSON Pointers""" + if isinstance(path, str): + path = jsonpath_ng.ext.parse(path) + + # Convert a resolved JSON Path to Pointer through the following steps: + # 1. Replace the indexing expression `.[i].` with it's pointer equivalent `/i` with `i` being a positive integer. + translate_indexing = lambda path: re.sub(r'\.\[(\d+)\]', '.\\1', path) + # 2. Split the path in to paths + split_into_parts = lambda path: path.split('.') + # 3. Convert the paths into a JSON pointer. + convert_to_pointer = jsonpointer.JsonPointer.from_parts + + def apply(a, f): + return f(a) + path_to_pointer = lambda p: reduce(apply, [str, translate_indexing, split_into_parts, convert_to_pointer], p) + + return map(path_to_pointer, [match.full_path for match in cast(jsonpath.JSONPath, path).find(subject)]) + +def recategorization_to_json_path_for_rule(recategorization: GuidelineRecategorization) -> str: + """ + Compute a JSON path to the rule specified in the guideline recategorization. + To remain composable the path is returned as a string. + """ + return f'$.runs[?(@.tool.driver.name="CodeQL")].tool.driver.rules[?(@.properties.tags[*]=~"external/[^/]+/id/{recategorization.rule_id.lower()}")]' + +def recategorization_to_json_path_for_category(recategorization: GuidelineRecategorization) -> str: + """ + Compute a JSON path to the rule's category tag specified in the guideline recategorization. + To remain composable the path is returned as a string. + """ + return f'{recategorization_to_json_path_for_rule(recategorization)}.properties.tags[?(@=~"external/[^/]+/obligation/")]' + +def generate_json_patches_for_recategorization(recategorization: GuidelineRecategorization, subject: dict) -> Iterator[JsonPatch]: + """ + Compute as set of JSON patches to apply the recategorization to the subject Sarif file. + """ + def to_jsonpatch(pointer:jsonpointer.JsonPointer): + standard = cast(str, pointer.get(subject)).split('/')[1] + return JsonPatch( + op = 'replace', + path = pointer.path, + value = f'external/{standard}/obligation/{recategorization.category}' + ) + return map(to_jsonpatch, json_path_to_pointer(recategorization_to_json_path_for_category(recategorization), subject)) + + +def get_guideline_recategorizations(coding_standards_config: Mapping[str, Any]) -> Generator[GuidelineRecategorization, None, None]: + """ + Return the guideline recategorizations for a given Coding Standards configuration. + """ + for spec in coding_standards_config['guideline-recategorizations']: + yield GuidelineRecategorization(spec['rule-id'], spec['category']) + +def load_schema(path: Path, defaultname: str) -> Optional[Mapping[str, Any]]: + def resolve_path(path : Path) -> Optional[Path]: + if path.is_file(): + return path + + if path.is_dir(): + if (path / defaultname).is_file(): + return (path / defaultname) + + if (path / 'schemas' / defaultname).is_file(): + return (path / 'schemas' / defaultname) + + if path.parent != path: + return resolve_path(path.parent) + else: + return None + resolved_schema_path = resolve_path(path.resolve()) + if resolved_schema_path: + with resolved_schema_path.open(mode='r') as fp: + return json.load(fp) + else: + return None + +def load_config(path: Path) -> Optional[Mapping[str, Any]]: + if path.is_file(): + with path.open('r') as fp: + return yaml.safe_load(fp) + else: + return None + +def validate_against_schema(schema: Mapping[str, Any], instance: Mapping[str, Any]) -> None: + jsonschema.validate(schema=schema, instance=instance) + +def print_warning(*values): + print(*values, file=sys.stderr) + +def print_failure(*values): + print(*values, file=sys.stderr) + exit(1) + +def main(args: argparse.Namespace): + coding_standards_schema = load_schema(args.coding_standards_schema_file, 'coding-standards-schema-1.0.0.json') + if not coding_standards_schema: + print_failure("Failed to load Coding Standards schema!") + + if coding_standards_schema['$id'] != CODING_STANDARDS_SCHEMA_ID: + print_failure(f"Unexpected id for Coding Standards schema, expecting '{CODING_STANDARDS_SCHEMA_ID}'!") + + sarif_schema = load_schema(args.sarif_schema_file, 'sarif-schema-2.1.0.json') + if not sarif_schema: + print("Failed to load Sarif schema!", file=sys.stderr) + sys.exit(1) + sarif_schema = cast(Mapping[str, Any], sarif_schema) + + if sarif_schema['$id'] != SARIF_SCHEMA_ID: + print_failure(f"Unexpected id for Sarif schema, expecting '{SARIF_SCHEMA_ID}'!") + + coding_standards_config = load_config(args.coding_standards_config_file) + if not coding_standards_schema: + print(f"Failed to load Coding Standards configuration file: {args.coding_standards_config_file}!", file=sys.stderr) + sys.exit(1) + + coding_standards_config = cast(Mapping[str, Any], coding_standards_config) + validate_against_schema(coding_standards_schema, coding_standards_config) + + sarif = json.load(args.sarif_in) + validate_against_schema(sarif_schema, sarif) + + recategorizations = get_guideline_recategorizations(coding_standards_config) + patch = jsonpatch.JsonPatch([patch for r in recategorizations for patch in generate_json_patches_for_recategorization(r, sarif)]) + if args.dump_json_patch != None: + dump_json_patch = Path(args.dump_json_patch) + if dump_json_patch.is_dir(): + dump_json_patch /= 'json-patch.json' + + if not dump_json_patch.exists(): + dump_json_patch.write_text(patch.to_string()) + else: + print_warning(f"Skipping dumping of JSON patch to file {dump_json_patch} because it already exists!") + + patched_sarif = patch.apply(sarif) + validate_against_schema(sarif_schema, patched_sarif) + + json.dump(patched_sarif, args.sarif_out) + +if __name__ == '__main__': + parser = argparse.ArgumentParser(description='Apply a guideline re-categorization specification to a Sarif results file.') + parser.add_argument('--coding-standards-schema-file', type=Path, default=Path.cwd()) + parser.add_argument('--sarif-schema-file', type=Path, default=Path.cwd()) + parser.add_argument('--dump-json-patch', type=Path) + parser.add_argument('coding_standards_config_file', type=Path) + parser.add_argument('sarif_in', nargs='?', type=argparse.FileType('r'), default=sys.stdin) + parser.add_argument('sarif_out', nargs='?', type=argparse.FileType('w'), default=sys.stdout) + + main(parser.parse_args()) \ No newline at end of file diff --git a/scripts/guideline_recategorization/requirements.txt b/scripts/guideline_recategorization/requirements.txt new file mode 100644 index 0000000000..a980410d07 --- /dev/null +++ b/scripts/guideline_recategorization/requirements.txt @@ -0,0 +1,6 @@ +jsonpath-ng==1.5.3 +jsonschema==4.9.1 +jsonpatch==1.32 +jsonpointer==2.3 +PyYAML==5.4 + From a4d2e3a161dacda745ecbf5d0ebe36474673110f Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 25 Oct 2022 12:17:12 -0700 Subject: [PATCH 0161/2573] Add tag with original category --- .../guideline_recategorization/recategorize.py | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/scripts/guideline_recategorization/recategorize.py b/scripts/guideline_recategorization/recategorize.py index 645b4ef6d8..5e8dcff57e 100644 --- a/scripts/guideline_recategorization/recategorize.py +++ b/scripts/guideline_recategorization/recategorize.py @@ -1,7 +1,7 @@ import argparse import sys from dataclasses import asdict, dataclass -from typing import Any, Generator, Iterator, Mapping, Optional, TextIO, TypedDict, Union, cast +from typing import Any, Generator, Iterator, List, Mapping, Optional, TextIO, TypedDict, Union, cast from pathlib import Path import jsonschema import json @@ -74,14 +74,15 @@ def generate_json_patches_for_recategorization(recategorization: GuidelineRecate """ Compute as set of JSON patches to apply the recategorization to the subject Sarif file. """ - def to_jsonpatch(pointer:jsonpointer.JsonPointer): - standard = cast(str, pointer.get(subject)).split('/')[1] - return JsonPatch( + def to_jsonpatch(pointer:jsonpointer.JsonPointer) -> Iterator[JsonPatch]: + obligation_tag = cast(str, pointer.get(subject)) + _, standard, _, category = obligation_tag.split('/') + yield JsonPatch( op = 'replace', path = pointer.path, - value = f'external/{standard}/obligation/{recategorization.category}' - ) - return map(to_jsonpatch, json_path_to_pointer(recategorization_to_json_path_for_category(recategorization), subject)) + value = f'external/{standard}/obligation/{recategorization.category}') + yield JsonPatch(op = 'add', path = pointer.path, value = f'external/{standard}/original-obligation/{category}') + return (patch for pointer in json_path_to_pointer(recategorization_to_json_path_for_category(recategorization), subject) for patch in to_jsonpatch(pointer)) def get_guideline_recategorizations(coding_standards_config: Mapping[str, Any]) -> Generator[GuidelineRecategorization, None, None]: From a0a40cd68e37f2f49e843f5e159cc85d9c468b50 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 2 Nov 2022 14:32:53 -0700 Subject: [PATCH 0162/2573] Handle schema validation exception --- scripts/guideline_recategorization/recategorize.py | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/scripts/guideline_recategorization/recategorize.py b/scripts/guideline_recategorization/recategorize.py index 5e8dcff57e..81c43d2104 100644 --- a/scripts/guideline_recategorization/recategorize.py +++ b/scripts/guideline_recategorization/recategorize.py @@ -155,10 +155,18 @@ def main(args: argparse.Namespace): sys.exit(1) coding_standards_config = cast(Mapping[str, Any], coding_standards_config) - validate_against_schema(coding_standards_schema, coding_standards_config) + try: + validate_against_schema(coding_standards_schema, coding_standards_config) + except jsonschema.ValidationError as e: + print(f"Failed to validate the Coding Standards configuration file: {args.coding_standards_config_file} with the message: '{e.message}'!", file=sys.stderr) + sys.exit(1) sarif = json.load(args.sarif_in) - validate_against_schema(sarif_schema, sarif) + try: + validate_against_schema(sarif_schema, sarif) + except jsonschema.ValidationError as e: + print(f"Failed to validate the provided Sarif with the message: '{e.message}'!", file=sys.stderr) + sys.exit(1) recategorizations = get_guideline_recategorizations(coding_standards_config) patch = jsonpatch.JsonPatch([patch for r in recategorizations for patch in generate_json_patches_for_recategorization(r, sarif)]) From 8b7be7562b14ab04cc25fb96b16f2b760ffc3cb3 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 2 Nov 2022 16:41:27 -0700 Subject: [PATCH 0163/2573] Properly handle json and yml decoding errors. --- .../recategorize.py | 21 +++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) diff --git a/scripts/guideline_recategorization/recategorize.py b/scripts/guideline_recategorization/recategorize.py index 81c43d2104..04d619b2a1 100644 --- a/scripts/guideline_recategorization/recategorize.py +++ b/scripts/guideline_recategorization/recategorize.py @@ -9,6 +9,7 @@ import jsonpath_ng.ext import jsonpointer import yaml +import yaml.parser import re import jsonpatch from functools import reduce @@ -111,14 +112,20 @@ def resolve_path(path : Path) -> Optional[Path]: resolved_schema_path = resolve_path(path.resolve()) if resolved_schema_path: with resolved_schema_path.open(mode='r') as fp: - return json.load(fp) + try: + return json.load(fp) + except json.decoder.JSONDecodeError as e: + print_failure(f"Failed to load schema with error \"{e.msg}\" at {resolved_schema_path}:{e.lineno}:{e.colno}!") else: return None def load_config(path: Path) -> Optional[Mapping[str, Any]]: if path.is_file(): with path.open('r') as fp: - return yaml.safe_load(fp) + try: + return yaml.safe_load(fp) + except yaml.parser.ParserError as e: + print_failure(f"Failed to load config with error \"{e.problem}\" at {path}:{e.problem_mark.line}:{e.problem_mark.column}!") else: return None @@ -137,17 +144,23 @@ def main(args: argparse.Namespace): if not coding_standards_schema: print_failure("Failed to load Coding Standards schema!") + if not '$id' in coding_standards_schema: + print_failure(f"Missing id for Coding Standards schema: '{args.coding_standards_schema_file}'") + if coding_standards_schema['$id'] != CODING_STANDARDS_SCHEMA_ID: print_failure(f"Unexpected id for Coding Standards schema, expecting '{CODING_STANDARDS_SCHEMA_ID}'!") sarif_schema = load_schema(args.sarif_schema_file, 'sarif-schema-2.1.0.json') if not sarif_schema: - print("Failed to load Sarif schema!", file=sys.stderr) + print(f"Failed to load Sarif schema: '{args.sarif_schema_file}'!", file=sys.stderr) sys.exit(1) sarif_schema = cast(Mapping[str, Any], sarif_schema) + if not '$id' in sarif_schema: + print_failure(f"Missing id for Sarif schema: '{args.sarif_schema_file}'") + if sarif_schema['$id'] != SARIF_SCHEMA_ID: - print_failure(f"Unexpected id for Sarif schema, expecting '{SARIF_SCHEMA_ID}'!") + print_failure(f"Unexpected id for Sarif schema: '{args.sarif_schema_file}, expecting '{SARIF_SCHEMA_ID}'!") coding_standards_config = load_config(args.coding_standards_config_file) if not coding_standards_schema: From 4f180531f27570b9d274196b70eeccf6ce8f4502 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 2 Nov 2022 16:42:22 -0700 Subject: [PATCH 0164/2573] Add unit tests for the recategorization script. --- .../recategorize_test.py | 101 + .../requirements.txt | 1 + .../empty-coding-standards-config.yml | 0 .../invalid-coding-standards-config.yml | 2 + .../test-data/invalid-json.json | 3 + .../test-data/invalid-sarif.json | 4 + .../test-data/invalid-yaml.yml | 3 + .../test-data/json-patch.expected | 1 + ...pported-coding-standards-schema-0.0.1.json | 54 + .../unsupported-sarif-schema-2.0.0.json | 1769 +++++++++++++++++ .../valid-coding-standards-config.yml | 7 + .../valid-sarif-recategorized.expected | 1 + .../test-data/valid-sarif.json | 115 ++ 13 files changed, 2061 insertions(+) create mode 100644 scripts/guideline_recategorization/recategorize_test.py create mode 100644 scripts/guideline_recategorization/test-data/empty-coding-standards-config.yml create mode 100644 scripts/guideline_recategorization/test-data/invalid-coding-standards-config.yml create mode 100644 scripts/guideline_recategorization/test-data/invalid-json.json create mode 100644 scripts/guideline_recategorization/test-data/invalid-sarif.json create mode 100644 scripts/guideline_recategorization/test-data/invalid-yaml.yml create mode 100644 scripts/guideline_recategorization/test-data/json-patch.expected create mode 100644 scripts/guideline_recategorization/test-data/unsupported-coding-standards-schema-0.0.1.json create mode 100644 scripts/guideline_recategorization/test-data/unsupported-sarif-schema-2.0.0.json create mode 100644 scripts/guideline_recategorization/test-data/valid-coding-standards-config.yml create mode 100644 scripts/guideline_recategorization/test-data/valid-sarif-recategorized.expected create mode 100644 scripts/guideline_recategorization/test-data/valid-sarif.json diff --git a/scripts/guideline_recategorization/recategorize_test.py b/scripts/guideline_recategorization/recategorize_test.py new file mode 100644 index 0000000000..185c92272d --- /dev/null +++ b/scripts/guideline_recategorization/recategorize_test.py @@ -0,0 +1,101 @@ +import pytest +import difflib +import recategorize +import jsonschema +from pathlib import Path +import argparse +import sys + +TEST_DATA_DIR = Path(__file__).resolve().parent / 'test-data' + +class TestsInputs: + def test_invalid_codeql_config(self): + with pytest.raises(SystemExit): + recategorize.main(argparse.Namespace( + coding_standards_schema_file= Path.cwd(), + sarif_schema_file= Path.cwd(), + coding_standards_config_file= TEST_DATA_DIR / 'invalid-coding-standards-config.yml' + )) + + def test_valid_codeql_config(self): + with (TEST_DATA_DIR / 'valid-sarif.json').open(mode='r') as sarif_in: + recategorize.main(argparse.Namespace( + coding_standards_schema_file= Path.cwd(), + sarif_schema_file= Path.cwd(), + coding_standards_config_file= TEST_DATA_DIR / 'valid-coding-standards-config.yml', + sarif_in=sarif_in, + sarif_out=sys.stdout, + dump_json_patch=None + )) + + def test_invalid_sarif_file(self): + with pytest.raises(SystemExit): + with (TEST_DATA_DIR / 'invalid-sarif.json').open(mode='r') as sarif_in: + recategorize.main(argparse.Namespace( + coding_standards_schema_file= Path.cwd(), + sarif_schema_file= Path.cwd(), + coding_standards_config_file= TEST_DATA_DIR / 'valid-coding-standards-config.yml', + sarif_in=sarif_in + )) + + def test_valid_sarif_file(self): + with (TEST_DATA_DIR / 'valid-sarif.json').open(mode='r') as sarif_in: + recategorize.main(argparse.Namespace( + coding_standards_schema_file= Path.cwd(), + sarif_schema_file= Path.cwd(), + coding_standards_config_file= TEST_DATA_DIR / 'valid-coding-standards-config.yml', + sarif_in=sarif_in, + sarif_out=sys.stdout, + dump_json_patch=None + )) + + def test_invalid_yaml(self): + with pytest.raises(SystemExit): + recategorize.main(argparse.Namespace( + coding_standards_schema_file= Path.cwd(), + sarif_schema_file= Path.cwd(), + coding_standards_config_file= TEST_DATA_DIR / 'invalid-yaml.yml' + )) + + def test_invalid_json_for_schema(self): + with pytest.raises(SystemExit): + recategorize.main(argparse.Namespace( + coding_standards_schema_file= TEST_DATA_DIR / 'invalid-json.json' + )) + +class TestUnsupportedSchemas: + def test_unsupported_sarif_schema(self): + with pytest.raises(SystemExit): + recategorize.main(argparse.Namespace( + coding_standards_schema_file= Path.cwd(), + sarif_schema_file= TEST_DATA_DIR / 'unsupported-sarif-schema-2.0.0.json', + coding_standards_config_file= Path.cwd() + )) + def test_unsupported_coding_standards_config_schema(self): + with pytest.raises(SystemExit): + recategorize.main(argparse.Namespace( + coding_standards_schema_file= Path.cwd(), + sarif_schema_file= TEST_DATA_DIR / 'unsupported-coding-standards-schema-0.0.1.json', + coding_standards_config_file= Path.cwd() + )) + +class TestRecategorization: + def test_recategorization(self, tmp_path): + with (TEST_DATA_DIR / 'valid-sarif.json').open(mode='r') as sarif_in: + with (tmp_path / 'sarif.json').open(mode='w') as sarif_out: + recategorize.main(argparse.Namespace( + coding_standards_schema_file= Path.cwd(), + sarif_schema_file= Path.cwd(), + coding_standards_config_file= TEST_DATA_DIR / 'valid-coding-standards-config.yml', + sarif_in=sarif_in, + sarif_out=sarif_out, + dump_json_patch=tmp_path / 'json-patch.json' + )) + + expected_patch = (TEST_DATA_DIR / 'json-patch.expected').read_text() + actual_patch = (tmp_path / 'json-patch.json').read_text() + assert(expected_patch == actual_patch) + + expected_sarif = (TEST_DATA_DIR / 'valid-sarif-recategorized.expected').read_text() + actual_sarif = (tmp_path / 'sarif.json').read_text() + assert(expected_sarif == actual_sarif) \ No newline at end of file diff --git a/scripts/guideline_recategorization/requirements.txt b/scripts/guideline_recategorization/requirements.txt index a980410d07..3fa3a6ceae 100644 --- a/scripts/guideline_recategorization/requirements.txt +++ b/scripts/guideline_recategorization/requirements.txt @@ -3,4 +3,5 @@ jsonschema==4.9.1 jsonpatch==1.32 jsonpointer==2.3 PyYAML==5.4 +pytest==7.2.0 diff --git a/scripts/guideline_recategorization/test-data/empty-coding-standards-config.yml b/scripts/guideline_recategorization/test-data/empty-coding-standards-config.yml new file mode 100644 index 0000000000..e69de29bb2 diff --git a/scripts/guideline_recategorization/test-data/invalid-coding-standards-config.yml b/scripts/guideline_recategorization/test-data/invalid-coding-standards-config.yml new file mode 100644 index 0000000000..16a72ca981 --- /dev/null +++ b/scripts/guideline_recategorization/test-data/invalid-coding-standards-config.yml @@ -0,0 +1,2 @@ +guideline-recategorizations: + - rule-id: "A0-1-1" diff --git a/scripts/guideline_recategorization/test-data/invalid-json.json b/scripts/guideline_recategorization/test-data/invalid-json.json new file mode 100644 index 0000000000..ab61ba76e1 --- /dev/null +++ b/scripts/guideline_recategorization/test-data/invalid-json.json @@ -0,0 +1,3 @@ +{ + "foo": "bar", +} \ No newline at end of file diff --git a/scripts/guideline_recategorization/test-data/invalid-sarif.json b/scripts/guideline_recategorization/test-data/invalid-sarif.json new file mode 100644 index 0000000000..ed161bd6fd --- /dev/null +++ b/scripts/guideline_recategorization/test-data/invalid-sarif.json @@ -0,0 +1,4 @@ +{ + "$schema": "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json", + "version": "2.1.0" +} \ No newline at end of file diff --git a/scripts/guideline_recategorization/test-data/invalid-yaml.yml b/scripts/guideline_recategorization/test-data/invalid-yaml.yml new file mode 100644 index 0000000000..f761ce92ad --- /dev/null +++ b/scripts/guideline_recategorization/test-data/invalid-yaml.yml @@ -0,0 +1,3 @@ +key: + key1: "value" + key2: "value" \ No newline at end of file diff --git a/scripts/guideline_recategorization/test-data/json-patch.expected b/scripts/guideline_recategorization/test-data/json-patch.expected new file mode 100644 index 0000000000..9ca8544d9f --- /dev/null +++ b/scripts/guideline_recategorization/test-data/json-patch.expected @@ -0,0 +1 @@ +[{"op": "replace", "path": "/runs/0/tool/driver/rules/0/properties/tags/5", "value": "external/autosar/obligation/mandatory"}, {"op": "add", "path": "/runs/0/tool/driver/rules/0/properties/tags/5", "value": "external/autosar/original-obligation/required"}, {"op": "replace", "path": "/runs/0/tool/driver/rules/1/properties/tags/5", "value": "external/autosar/obligation/disapplied"}, {"op": "add", "path": "/runs/0/tool/driver/rules/1/properties/tags/5", "value": "external/autosar/original-obligation/advisory"}, {"op": "replace", "path": "/runs/0/tool/driver/rules/2/properties/tags/4", "value": "external/autosar/obligation/mandatory"}, {"op": "add", "path": "/runs/0/tool/driver/rules/2/properties/tags/4", "value": "external/autosar/original-obligation/advisory"}] \ No newline at end of file diff --git a/scripts/guideline_recategorization/test-data/unsupported-coding-standards-schema-0.0.1.json b/scripts/guideline_recategorization/test-data/unsupported-coding-standards-schema-0.0.1.json new file mode 100644 index 0000000000..035f218ed7 --- /dev/null +++ b/scripts/guideline_recategorization/test-data/unsupported-coding-standards-schema-0.0.1.json @@ -0,0 +1,54 @@ +{ + "$schema": "http://json-schema.org/draft-07/schema", + "$id": "https://raw.githubusercontent.com/github/codeql-coding-standards/main/schemas/coding-standards-schema-0.0.1.json", + "additionalProperties": false, + "definitions": { + "guideline-category": { + "enum": [ + "mandatory", + "required", + "advisory", + "disapplied" + ] + }, + "guideline-recategorization": { + "type": "object", + "properties": { + "rule-id": { + "type": "string" + }, + "category": { + "$ref": "#/definitions/guideline-category" + } + }, + "required": [ + "rule-id", + "category" + ] + } + }, + "properties": { + "report-deviated-alerts": { + "description": "When true includes alerts with an applicable deviation. Used for report generation.", + "type": "boolean" + }, + "deviations": { + "description": "A set of deviation records.", + "type": "array" + }, + "deviation-permits": { + "description": "A set of deviation permits.", + "type": "array" + }, + "guideline-recategorizations": { + "type": "array", + "minProperties": 1, + "uniqueItems": true, + "items": { + "$ref": "#/definitions/guideline-recategorization" + } + } + }, + "required": [], + "type": "object" +} \ No newline at end of file diff --git a/scripts/guideline_recategorization/test-data/unsupported-sarif-schema-2.0.0.json b/scripts/guideline_recategorization/test-data/unsupported-sarif-schema-2.0.0.json new file mode 100644 index 0000000000..10ba2ba3c9 --- /dev/null +++ b/scripts/guideline_recategorization/test-data/unsupported-sarif-schema-2.0.0.json @@ -0,0 +1,1769 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "title": "Static Analysis Results Format (SARIF) Version 2.0.0 JSON Schema", + "description": "Static Analysis Results Format (SARIF) Version 2.0.0 JSON Schema: a standard format for the output of static analysis tools.", + "additionalProperties": false, + "type": "object", + "properties": { + "$schema": { + "description": "The URI of the JSON schema corresponding to the version.", + "type": "string", + "format": "uri" + }, + "version": { + "description": "The SARIF format version of this log file.", + "enum": [ + "2.0.0" + ] + }, + "runs": { + "description": "The set of runs contained in this log file.", + "type": "array", + "minItems": 1, + "items": { + "$ref": "#/definitions/run" + } + } + }, + "required": [ + "version", + "runs" + ], + "definitions": { + "attachment": { + "description": "A file relevant to a tool invocation or to a result.", + "type": "object", + "additionalProperties": false, + "properties": { + "description": { + "description": "A message describing the role played by the attachment.", + "$ref": "#/definitions/message" + }, + "fileLocation": { + "description": "The location of the attachment.", + "$ref": "#/definitions/fileLocation" + }, + "regions": { + "description": "An array of regions of interest within the attachment.", + "type": "array", + "minItems": 1, + "uniqueItems": true, + "items": { + "$ref": "#/definitions/region" + } + }, + "rectangles": { + "description": "An array of rectangles specifying areas of interest within the image.", + "type": "array", + "minItems": 1, + "uniqueItems": true, + "items": { + "$ref": "#/definitions/rectangle" + } + } + }, + "required": [ + "fileLocation" + ] + }, + "codeFlow": { + "description": "A set of threadFlows which together describe a pattern of code execution relevant to detecting a result.", + "additionalProperties": false, + "type": "object", + "properties": { + "message": { + "description": "A message relevant to the code flow.", + "$ref": "#/definitions/message" + }, + "threadFlows": { + "description": "An array of one or more unique threadFlow objects, each of which describes the progress of a program through a thread of execution.", + "type": "array", + "minItems": 1, + "uniqueItems": true, + "items": { + "$ref": "#/definitions/threadFlow" + } + }, + "properties": { + "description": "Key/value pairs that provide additional information about the code flow.", + "type": "object", + "additionalProperties": true, + "properties": { + "tags": { + "description": "A set of distinct strings that provide additional information.", + "type": "array", + "uniqueItems": true, + "default": [], + "items": { + "type": "string" + } + } + } + } + }, + "required": [ + "threadFlows" + ] + }, + "threadFlowLocation": { + "description": "A location visited by an analysis tool in the course of simulating or monitoring the execution of a program.", + "additionalProperties": false, + "type": "object", + "properties": { + "step": { + "description": "The 0-based sequence number of the location in the code flow within which it occurs.", + "type": "integer", + "minimum": 0 + }, + "location": { + "description": "The code location.", + "$ref": "#/definitions/location" + }, + "stack": { + "description": "The call stack leading to this location.", + "$ref": "#/definitions/stack" + }, + "kind": { + "description": "A string describing the type of this location.", + "type": "string" + }, + "module": { + "description": "The name of the module that contains the code that is executing.", + "type": "string" + }, + "state": { + "description": "A dictionary, each of whose keys specifies a variable or expression, the associated value of which represents the variable or expression value. For an annotation of kind 'continuation', for example, this dictionary might hold the current assumed values of a set of global variables.", + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "nestingLevel": { + "description": "An integer representing a containment hierarchy within the thread flow", + "type": "integer" + }, + "executionOrder": { + "description": "An integer representing the temporal order in which execution reached this location.", + "type": "integer" + }, + "timestamp": { + "description": "The time at which this location was executed.", + "type": "string", + "format": "date-time" + }, + "importance": { + "description": "Specifies the importance of this location in understanding the code flow in which it occurs. The order from most to least important is \"essential\", \"important\", \"unimportant\". Default: \"important\".", + "enum": [ + "important", + "essential", + "unimportant" + ] + }, + "properties": { + "description": "Key/value pairs that provide additional information about the code location.", + "type": "object", + "additionalProperties": true, + "properties": { + "tags": { + "description": "A set of distinct strings that provide additional information.", + "type": "array", + "uniqueItems": true, + "default": [], + "items": { + "type": "string" + } + } + } + } + } + }, + "conversion": { + "description": "Describes how a converter transformed the output of a static analysis tool from the analysis tool's native output format into the SARIF format.", + "additionalProperties": false, + "type": "object", + "properties": { + "tool": { + "description": "A tool object that describes the converter.", + "$ref": "#/definitions/tool" + }, + "invocation": { + "description": "An invocation object that describes the invocation of the converter.", + "$ref": "#/definitions/invocation" + }, + "analysisToolLogFiles": { + "description": "The locations of the analysis tool's per-run log files.", + "type": "array", + "minItems": 1, + "uniqueItems": true, + "items": { + "$ref": "#/definitions/fileLocation" + } + } + }, + "required": [ + "tool" + ] + }, + "edge": { + "description": "Represents a directed edge in a graph.", + "type": "object", + "additionalProperties": false, + "properties": { + "id": { + "description": "A string that uniquely identifies the edge within its graph.", + "type": "string" + }, + "label": { + "description": "A short description of the edge.", + "$ref": "#/definitions/message" + }, + "sourceNodeId": { + "description": "Identifies the source node (the node at which the edge starts).", + "type": "string" + }, + "targetNodeId": { + "description": "Identifies the target node (the node at which the edge ends).", + "type": "string" + }, + "properties": { + "description": "Key/value pairs that provide additional information about the edge.", + "type": "object", + "additionalProperties": true, + "properties": { + "tags": { + "description": "A set of distinct strings that provide additional information.", + "type": "array", + "uniqueItems": true, + "default": [], + "items": { + "type": "string" + } + } + } + } + }, + "required": [ + "id", + "sourceNodeId", + "targetNodeId" + ] + }, + "edgeTraversal": { + "description": "Represents the traversal of a single edge in the course of a graph traversal.", + "type": "object", + "additionalProperties": false, + "properties": { + "edgeId": { + "description": "Identifies the edge being traversed.", + "type": "string" + }, + "message": { + "description": "A message to display to the user as the edge is traversed.", + "$ref": "#/definitions/message" + }, + "finalState": { + "description": "The values of relevant expressions after the edge has been traversed.", + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "stepOverEdgeCount": { + "description": "The number of edge traversals necessary to return from a nested graph.", + "type": "integer" + }, + "properties": { + "description": "Key/value pairs that provide additional information about the edge traversal.", + "type": "object", + "additionalProperties": true, + "properties": { + "tags": { + "description": "A set of distinct strings that provide additional information.", + "type": "array", + "uniqueItems": true, + "default": [], + "items": { + "type": "string" + } + } + } + } + }, + "required": [ + "edgeId" + ] + }, + "exception": { + "type": "object", + "properties": { + "kind": { + "type": "string", + "description": "A string that identifies the kind of exception, for example, the fully qualified type name of an object that was thrown, or the symbolic name of a signal." + }, + "message": { + "type": "string", + "description": "A plain text message that describes the exception." + }, + "stack": { + "description": "The sequence of function calls leading to the exception.", + "$ref": "#/definitions/stack" + }, + "innerExceptions": { + "type": "array", + "description": "An array of exception objects each of which is considered a cause of this exception.", + "items": { + "$ref": "#/definitions/exception" + } + } + } + }, + "file": { + "description": "A single file. In some cases, this file might be nested within another file.", + "additionalProperties": false, + "type": "object", + "properties": { + "fileLocation": { + "description": "The location of the file.", + "$ref": "#/definitions/fileLocation" + }, + "parentKey": { + "description": "Identifies the key of the immediate parent of the file, if this file is nested.", + "type": "string" + }, + "offset": { + "description": "The offset in bytes of the file within its containing file.", + "type": "integer" + }, + "length": { + "description": "The length of the file in bytes.", + "type": "integer" + }, + "roles": { + "description": "The role or roles played by the file in the analysis.", + "type": "array", + "minItems": 1, + "uniqueItems": true, + "items": { + "enum": [ + "analysisTarget", + "attachment", + "responseFile", + "resultFile", + "standardStream", + "traceFile", + "unmodifiedFile", + "modifiedFile", + "addedFile", + "deletedFile", + "renamedFile", + "uncontrolledFile" + ] + } + }, + "mimeType": { + "description": "The MIME type (RFC 2045) of the file.", + "type": "string", + "pattern": "[^/]+/.+" + }, + "contents": { + "description": "The contents of the file.", + "$ref": "#/definitions/fileContent" + }, + "encoding": { + "description": "Specifies the encoding for a file object that refers to a text file.", + "type": "string" + }, + "hashes": { + "description": "An array of hash objects, each of which specifies a hashed value for the file, along with the name of the hash function used to compute the hash.", + "type": "array", + "minItems": 1, + "uniqueItems": true, + "items": { + "$ref": "#/definitions/hash" + } + }, + "lastModifiedTime": { + "description": "The date and time at which the file was most recently modified. See \"Date/time properties\" in the SARIF spec for the required format.", + "type": "string", + "format": "date-time" + }, + "properties": { + "description": "Key/value pairs that provide additional information about the file.", + "type": "object", + "additionalProperties": true, + "properties": { + "tags": { + "description": "A set of distinct strings that provide additional information.", + "type": "array", + "uniqueItems": true, + "default": [], + "items": { + "type": "string" + } + } + } + } + } + }, + "fileChange": { + "description": "A change to a single file.", + "additionalProperties": false, + "type": "object", + "properties": { + "fileLocation": { + "description": "The location of the file to change.", + "$ref": "#/definitions/fileLocation" + }, + "replacements": { + "description": "An array of replacement objects, each of which represents the replacement of a single range of bytes in a single file specified by 'uri'.", + "type": "array", + "minItems": 1, + "items": { + "$ref": "#/definitions/replacement" + } + } + }, + "required": [ + "fileLocation", + "replacements" + ] + }, + "fileContent": { + "description": "Represents content from an external file.", + "type": "object", + "additionalProperties": false, + "properties": { + "text": { + "description": "UTF-8-encoded content from a text file.", + "type": "string" + }, + "binary": { + "description": "MIME Base64-encoded content from a binary file, or from a text file in its original encoding.", + "type": "string" + } + } + }, + "fileLocation": { + "description": "Specifies the location of a file.", + "additionalProperties": false, + "type": "object", + "properties": { + "uri": { + "description": "A string containing a valid relative or absolute URI.", + "type": "string", + "format": "uri-reference" + }, + "uriBaseId": { + "description": "A string which indirectly specifies the absolute URI with respect to which a relative URI in the \"uri\" property is interpreted.", + "type": "string" + } + }, + "required": [ + "uri" + ] + }, + "fix": { + "description": "A proposed fix for the problem represented by a result object. A fix specifies a set of file to modify. For each file, it specifies a set of bytes to remove, and provides a set of new bytes to replace them.", + "additionalProperties": false, + "type": "object", + "properties": { + "description": { + "description": "A plain text message that describes the proposed fix, enabling viewers to present the proposed change to an end user.", + "$ref": "#/definitions/message" + }, + "fileChanges": { + "description": "One or more file changes that comprise a fix for a result.", + "type": "array", + "items": { + "$ref": "#/definitions/fileChange" + } + } + }, + "required": [ + "fileChanges" + ] + }, + "graph": { + "description": "A network of nodes and directed edges that describes some aspect of the structure of the code (for example, a call graph).", + "type": "object", + "additionalProperties": false, + "properties": { + "id": { + "description": "A string that uniquely identifies the graph within a run.graphs or result.graphs array.", + "type": "string" + }, + "description": { + "description": "A description of the graph.", + "$ref": "#/definitions/message" + }, + "nodes": { + "description": "An array of node objects representing the nodes of the graph.", + "type": "array", + "items": { + "$ref": "#/definitions/node" + } + }, + "edges": { + "description": "An array of edge objects representing the edges of the graph.", + "type": "array", + "items": { + "$ref": "#/definitions/edge" + } + }, + "properties": { + "description": "Key/value pairs that provide additional information about the graph.", + "type": "object", + "additionalProperties": true, + "properties": { + "tags": { + "description": "A set of distinct strings that provide additional information.", + "type": "array", + "uniqueItems": true, + "default": [], + "items": { + "type": "string" + } + } + } + } + }, + "required": [ + "id", + "nodes", + "edges" + ] + }, + "graphTraversal": { + "description": "Represents a path through a graph.", + "type": "object", + "additionalProperties": false, + "properties": { + "graphId": { + "description": "A string that uniquely identifies that graph being traversed.", + "type": "string" + }, + "description": { + "description": "A description of this graph traversal.", + "$ref": "#/definitions/message" + }, + "initialState": { + "description": "Values of relevant expressions at the start of the graph traversal.", + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "edgeTraversals": { + "description": "The sequences of edges traversed by this graph traversal.", + "type": "array", + "items": { + "$ref": "#/definitions/edgeTraversal" + } + }, + "properties": { + "description": "Key/value pairs that provide additional information about the graph traversal.", + "type": "object", + "additionalProperties": true, + "properties": { + "tags": { + "description": "A set of distinct strings that provide additional information.", + "type": "array", + "uniqueItems": true, + "default": [], + "items": { + "type": "string" + } + } + } + } + }, + "required": [ + "graphId", + "edgeTraversals" + ] + }, + "hash": { + "description": "A hash value of some file or collection of files, together with the hash function used to compute the hash.", + "additionalProperties": false, + "type": "object", + "properties": { + "value": { + "description": "The hash value of some file or collection of files, computed by the hash function named in the 'algorithm' property.", + "type": "string" + }, + "algorithm": { + "description": "The name of the hash function used to compute the hash value specified in the 'value' property.", + "type": "string" + } + }, + "required": [ + "value", + "algorithm" + ] + }, + "invocation": { + "description": "The runtime environment of the analysis tool run.", + "additionalProperties": false, + "type": "object", + "properties": { + "commandLine": { + "description": "The command line used to invoke the tool.", + "type": "string" + }, + "arguments": { + "description": "An array of strings, containing in order the command line arguments passed to the tool from the operating system.", + "type": "array", + "items": { + "type": "string" + } + }, + "responseFiles": { + "description": "The locations of any response files specified on the tool's command line.", + "type": "array", + "items": { + "$ref": "#/definitions/fileLocation" + } + }, + "attachments": { + "description": "A set of files relevant to the invocation of the tool.", + "type": "array", + "minItems": 1, + "uniqueItems": true, + "items": { + "$ref": "#/definitions/attachment" + } + }, + "startTime": { + "description": "The date and time at which the run started. See \"Date/time properties\" in the SARIF spec for the required format.", + "type": "string", + "format": "date-time" + }, + "endTime": { + "description": "The date and time at which the run ended. See \"Date/time properties\" in the SARIF spec for the required format.", + "type": "string", + "format": "date-time" + }, + "exitCode": { + "description": "The process exit code.", + "type": "integer" + }, + "toolNotifications": { + "description": "A list of runtime conditions detected by the tool in the course of the analysis.", + "type": "array", + "items": { + "$ref": "#/definitions/notification" + } + }, + "configurationNotifications": { + "description": "A list of conditions detected by the tool that are relevant to the tool's configuration.", + "type": "array", + "items": { + "$ref": "#/definitions/notification" + } + }, + "exitCodeDescription": { + "description": "The reason for the process exit.", + "type": "string" + }, + "exitSignalName": { + "description": "The name of the signal that caused the process to exit.", + "type": "string" + }, + "exitSignalNumber": { + "description": "The numeric value of the signal that caused the process to exit.", + "type": "integer" + }, + "processStartFailureMessage": { + "description": "The reason given by the operating system that the process failed to start.", + "type": "string" + }, + "toolExecutionSuccessful": { + "description": "A value indicating whether the tool's execution completed successfully.", + "type": "boolean" + }, + "machine": { + "description": "The machine that hosted the analysis tool run.", + "type": "string" + }, + "account": { + "description": "The account that ran the analysis tool.", + "type": "string" + }, + "processId": { + "description": "The process id for the analysis tool run.", + "type": "integer" + }, + "executableLocation": { + "description": "An absolute URI specifying the location of the analysis tool's executable.", + "$ref": "#/definitions/fileLocation" + }, + "workingDirectory": { + "description": "The working directory for the analysis rool run.", + "type": "string" + }, + "environmentVariables": { + "description": "The environment variables associated with the analysis tool process, expressed as key/value pairs.", + "type": "object", + "additionalProperties": true, + "default": {} + }, + "stdin": { + "description": "A file containing the standard input stream to the process that was invoked.", + "$ref": "#/definitions/fileLocation" + }, + "stdout": { + "description": "A file containing the standard output stream from the process that was invoked.", + "$ref": "#/definitions/fileLocation" + }, + "stderr": { + "description": "A file containing the standard error stream from the process that was invoked.", + "$ref": "#/definitions/fileLocation" + }, + "stdoutStderr": { + "description": "A file containing the interleaved standard output and standard error stream from the process that was invoked.", + "$ref": "#/definitions/fileLocation" + }, + "properties": { + "description": "Key/value pairs that provide additional information about the invocation.", + "type": "object", + "additionalProperties": true, + "properties": { + "tags": { + "description": "A set of distinct strings that provide additional information.", + "type": "array", + "uniqueItems": true, + "default": [], + "items": { + "type": "string" + } + } + } + } + } + }, + "location": { + "description": "A location within a programming artifact.", + "additionalProperties": false, + "type": "object", + "properties": { + "physicalLocation": { + "description": "Identifies the file and region.", + "$ref": "#/definitions/physicalLocation" + }, + "fullyQualifiedLogicalName": { + "description": "The human-readable fully qualified name of the logical location. If run.logicalLocations is present, this value matches a property name within that object, from which further information about the logical location can be obtained.", + "type": "string" + }, + "message": { + "description": "A message relevant to the location.", + "$ref": "#/definitions/message" + }, + "annotations": { + "description": "A set of regions relevant to the location.", + "type": "array", + "minItems": 1, + "uniqueItems": true, + "items": { + "$ref": "#/definitions/region" + } + }, + "properties": { + "description": "Key/value pairs that provide additional information about the location.", + "type": "object", + "additionalProperties": true, + "properties": { + "tags": { + "description": "A set of distinct strings that provide additional information.", + "type": "array", + "uniqueItems": true, + "default": [], + "items": { + "type": "string" + } + } + } + } + } + }, + "logicalLocation": { + "description": "A logical location of a construct that produced a result.", + "additionalProperties": false, + "type": "object", + "properties": { + "name": { + "description": "Identifies the construct in which the result occurred. For example, this property might contain the name of a class or a method.", + "type": "string" + }, + "fullyQualifiedName": { + "description": "The human-readable fully qualified name of the logical location.", + "type": "string" + }, + "decoratedName": { + "description": "The machine-readable name for the logical location, such as a mangled function name provided by a C++ compiler that encodes calling convention, return type and other details along with the function name.", + "type": "string" + }, + "parentKey": { + "description": "Identifies the key of the immediate parent of the construct in which the result was detected. For example, this property might point to a logical location that represents the namespace that holds a type.", + "type": "string" + }, + "kind": { + "description": "The type of construct this logicalLocationComponent refers to. Should be one of 'function', 'member', 'module', 'namespace', 'package', 'parameter', 'resource', 'returnType', 'type', or 'variable', if any of those accurately describe the construct.", + "type": "string" + } + } + }, + "message": { + "description": "Encapsulates a message intended to be read by the end user.", + "type": "object", + "additionalProperties": false, + "properties": { + "text": { + "description": "A plain text message string.", + "type": "string" + }, + "messageId": { + "description": "The resource id for a plain text message string.", + "type": "string" + }, + "richText": { + "description": "A rich text message string.", + "type": "string" + }, + "richMessageId": { + "description": "The resource id for a rich text message string.", + "type": "string" + }, + "arguments": { + "description": "An array of strings to substitute into the message string.", + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "node": { + "description": "Represents a node in a graph.", + "type": "object", + "additionalProperties": false, + "properties": { + "id": { + "description": "A string that uniquely identifies the node within its graph.", + "type": "string" + }, + "label": { + "description": "A short description of the node.", + "$ref": "#/definitions/message" + }, + "location": { + "description": "A code location associated with the node.", + "$ref": "#/definitions/location" + }, + "children": { + "description": "Array of child nodes.", + "type": "array", + "uniqueItems": true, + "items": { + "$ref": "#/definitions/node" + } + }, + "properties": { + "description": "Key/value pairs that provide additional information about the node.", + "type": "object", + "additionalProperties": true, + "properties": { + "tags": { + "description": "A set of distinct strings that provide additional information.", + "type": "array", + "uniqueItems": true, + "default": [], + "items": { + "type": "string" + } + } + } + } + }, + "required": [ + "id" + ] + }, + "notification": { + "description": "Describes a condition relevant to the tool itself, as opposed to being relevant to a target being analyzed by the tool.", + "type": "object", + "additionalProperties": false, + "properties": { + "id": { + "description": "An identifier for the condition that was encountered.", + "type": "string" + }, + "ruleId": { + "description": "The stable, unique identifier of the rule (if any) to which this notification is relevant. This member can be used to retrieve rule metadata from the rules dictionary, if it exists.", + "type": "string" + }, + "physicalLocation": { + "description": "The file and region relevant to this notification.", + "$ref": "#/definitions/physicalLocation" + }, + "message": { + "description": "A message that describes the condition that was encountered.", + "$ref": "#/definitions/message" + }, + "level": { + "description": "A value specifying the severity level of the notification.", + "default": "warning", + "enum": [ + "note", + "warning", + "error" + ] + }, + "threadId": { + "description": "The thread identifier of the code that generated the notification.", + "type": "integer" + }, + "time": { + "description": "The date and time at which the analysis tool generated the notification.", + "type": "string", + "format": "date-time" + }, + "exception": { + "description": "The runtime exception, if any, relevant to this notification.", + "$ref": "#/definitions/exception" + }, + "properties": { + "description": "Key/value pairs that provide additional information about the notification.", + "type": "object", + "additionalProperties": true, + "properties": { + "tags": { + "description": "A set of distinct strings that provide additional information.", + "type": "array", + "uniqueItems": true, + "default": [], + "items": { + "type": "string" + } + } + } + } + }, + "required": [ + "message" + ] + }, + "physicalLocation": { + "description": "A physical location relevant to a result. Specifies a reference to a programming artifact together with a range of bytes or characters within that artifact.", + "additionalProperties": false, + "type": "object", + "properties": { + "id": { + "description": "Value that distinguishes this physical location from all other physical locations in this run object.", + "type": "integer" + }, + "fileLocation": { + "description": "The location of the file.", + "$ref": "#/definitions/fileLocation" + }, + "region": { + "description": "Specifies a portion of the file.", + "$ref": "#/definitions/region" + }, + "contextRegion": { + "description": "Specifies a portion of the file that encloses the region. Allows a viewer to display additional context around the region.", + "$ref": "#/definitions/region" + } + }, + "required": [ + "fileLocation" + ] + }, + "rectangle": { + "description": "An area within an image.", + "additionalProperties": false, + "type": "object", + "properties": { + "top": { + "description": "The Y coordinate of the top edge of the rectangle, measured in the image's natural units.", + "type": "number" + }, + "left": { + "description": "The X coordinate of the left edge of the rectangle, measured in the image's natural units.", + "type": "number" + }, + "bottom": { + "description": "The Y coordinate of the bottom edge of the rectangle, measured in the image's natural units.", + "type": "number" + }, + "right": { + "description": "The X coordinate of the right edge of the rectangle, measured in the image's natural units.", + "type": "number" + }, + "message": { + "description": "A message relevant to the rectangle.", + "$ref": "#/definitions/message" + } + } + }, + "region": { + "description": "A region within a file where a result was detected.", + "additionalProperties": false, + "type": "object", + "properties": { + "startLine": { + "description": "The line number of the first character in the region.", + "type": "integer", + "minimum": 1 + }, + "startColumn": { + "description": "The column number of the first character in the region.", + "type": "integer", + "minimum": 1 + }, + "endLine": { + "description": "The line number of the last character in the region.", + "type": "integer", + "minimum": 1 + }, + "endColumn": { + "description": "The column number of the character following the end of the region.", + "type": "integer", + "minimum": 1 + }, + "charOffset": { + "description": "The zero-based offset from the beginning of the file of the first character in the region.", + "type": "integer", + "minimum": 0 + }, + "charLength": { + "description": "The length of the region in characters.", + "type": "integer", + "minimum": 0 + }, + "byteOffset": { + "description": "The zero-based offset from the beginning of the file of the first byte in the region.", + "type": "integer", + "minimum": 0 + }, + "byteLength": { + "description": "The length of the region in bytes.", + "type": "integer", + "minimum": 0 + }, + "snippet": { + "description": "The portion of the file contents within the specified region.", + "$ref": "#/definitions/fileContent" + }, + "message": { + "description": "A message relevant to the region.", + "$ref": "#/definitions/message" + } + } + }, + "replacement": { + "description": "The replacement of a single region of a file.", + "additionalProperties": false, + "type": "object", + "properties": { + "deletedRegion": { + "description": "The region of the file to delete.", + "$ref": "#/definitions/region" + }, + "insertedContent": { + "description": "The content to insert at the location specified by the 'deletedRegion' property.", + "$ref": "#/definitions/fileContent" + } + }, + "required": [ + "deletedRegion" + ] + }, + "resources": { + "description": "Container for items that require localization.", + "type": "object", + "properties": { + "messageStrings": { + "description": "A dictionary, each of whose keys is a resource identifier and each of whose values is a localized string.", + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "rules": { + "description": "A dictionary, each of whose keys is a string and each of whose values is a 'rule' object, that describe all rules associated with an analysis tool or a specific run of an analysis tool.", + "type": "object", + "additionalProperties": { + "$ref": "#/definitions/rule" + } + } + } + }, + "result": { + "description": "A result produced by an analysis tool.", + "additionalProperties": false, + "type": "object", + "properties": { + "ruleId": { + "description": "The stable, unique identifier of the rule (if any) to which this notification is relevant. This member can be used to retrieve rule metadata from the rules dictionary, if it exists.", + "type": "string" + }, + "level": { + "description": "A value specifying the severity level of the result.", + "enum": [ + "notApplicable", + "pass", + "note", + "warning", + "error", + "open" + ] + }, + "message": { + "description": "A message that describes the result. The first sentence of the message only will be displayed when visible space is limited.", + "$ref": "#/definitions/message" + }, + "ruleMessageId": { + "description": "A string that identifies the message within the metadata for the rule used in this result.", + "type": "string" + }, + "locations": { + "description": "One or more locations where the result occurred. Specify only one location unless the problem indicated by the result can only be corrected by making a change at every specified location.", + "type": "array", + "minItems": 1, + "uniqueItems": true, + "items": { + "$ref": "#/definitions/location" + } + }, + "analysisTarget": { + "description": "Identifies the file that the analysis tool was instructed to scan. This need not be the same as the file where the result actually occurred.", + "$ref": "#/definitions/fileLocation" + }, + "instanceGuid": { + "description": "A stable, unique identifer for the result in the form of a GUID.", + "type": "string" + }, + "partialFingerprints": { + "description": "A set of strings that contribute to the stable, unique identity of the result.", + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "fingerprints": { + "description": "A set of strings each of which individually defines a stable, unique identity for the result.", + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "stacks": { + "description": "An array of 'stack' objects relevant to the result.", + "type": "array", + "minItems": 1, + "uniqueItems": true, + "items": { + "$ref": "#/definitions/stack" + } + }, + "codeFlows": { + "description": "An array of 'codeFlow' objects relevant to the result.", + "type": "array", + "minItems": 1, + "uniqueItems": true, + "items": { + "$ref": "#/definitions/codeFlow" + } + }, + "graphs": { + "description": "An array of one or more unique 'graph' objects.", + "type": "array", + "minItems": 1, + "uniqueItems": true, + "items": { + "$ref": "#/definitions/graph" + } + }, + "graphTraversals": { + "description": "An array of one or more unique 'graphTraversal' objects.", + "type": "array", + "minItems": 1, + "uniqueItems": true, + "items": { + "$ref": "#/definitions/graphTraversal" + } + }, + "relatedLocations": { + "description": "A set of locations relevant to this result.", + "type": "array", + "minItems": 1, + "uniqueItems": true, + "items": { + "$ref": "#/definitions/location" + } + }, + "suppressionStates": { + "description": "A set of flags indicating one or more suppression conditions.", + "type": "array", + "items": { + "enum": [ + "suppressedInSource", + "suppressedExternally" + ] + } + }, + "baselineState": { + "description": "The state of a result relative to a baseline of a previous run.", + "enum": [ + "new", + "existing", + "absent" + ] + }, + "attachments": { + "description": "A set of files relevant to the result.", + "type": "array", + "minItems": 1, + "uniqueItems": true, + "items": { + "$ref": "#/definitions/attachment" + } + }, + "workItemUris": { + "description": "The URIs of the work items associated with this result", + "type": "array", + "minItems": 1, + "uniqueItems": true, + "items": { + "type": "string", + "format": "uri" + } + }, + "conversionProvenance": { + "description": "An array of physicalLocation objects which specify the portions of an analysis tool's output that a converter transformed into the result object.", + "type": "array", + "minItems": 1, + "uniqueItems": true, + "items": { + "$ref": "#/definitions/physicalLocation" + } + }, + "fixes": { + "description": "An array of 'fix' objects, each of which represents a proposed fix to the problem indicated by the result.", + "type": "array", + "minItems": 1, + "uniqueItems": true, + "items": { + "$ref": "#/definitions/fix" + } + }, + "properties": { + "description": "Key/value pairs that provide additional information about the result.", + "type": "object", + "additionalProperties": true, + "properties": { + "tags": { + "description": "A set of distinct strings that provide additional information.", + "type": "array", + "uniqueItems": true, + "default": [], + "items": { + "type": "string" + } + } + } + } + } + }, + "rule": { + "description": "Describes an analysis rule.", + "additionalProperties": false, + "type": "object", + "properties": { + "id": { + "description": "A stable, opaque identifier for the rule.", + "type": "string" + }, + "name": { + "description": "A rule identifier that is understandable to an end user.", + "$ref": "#/definitions/message" + }, + "shortDescription": { + "description": "A concise description of the rule. Should be a single sentence that is understandable when visible space is limited to a single line of text.", + "$ref": "#/definitions/message" + }, + "fullDescription": { + "description": "A description of the rule. Should, as far as possible, provide details sufficient to enable resolution of any problem indicated by the result.", + "$ref": "#/definitions/message" + }, + "messageStrings": { + "description": "A set of name/value pairs with arbitrary names. The value within each name/value pair consists of plain text interspersed with placeholders, which can be used to construct a message in combination with an arbitrary number of additional string arguments.", + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "richMessageStrings": { + "description": "A set of name/value pairs with arbitrary names. The value within each name/value pair consists of rich text interspersed with placeholders, which can be used to construct a message in combination with an arbitrary number of additional string arguments.", + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "configuration": { + "description": "Information about the rule that can be configured at runtime.", + "$ref": "#/definitions/ruleConfiguration" + }, + "helpUri": { + "description": "A URI where the primary documentation for the rule can be found.", + "type": "string", + "format": "uri" + }, + "help": { + "description": "Provides the primary documentation for the rule, useful when there is no online documentation.", + "$ref": "#/definitions/message" + }, + "properties": { + "description": "Key/value pairs that provide additional information about the rule.", + "type": "object", + "additionalProperties": true, + "properties": { + "tags": { + "description": "A set of distinct strings that provide additional information.", + "type": "array", + "uniqueItems": true, + "default": [], + "items": { + "type": "string" + } + } + } + } + }, + "required": [ + "id" + ] + }, + "ruleConfiguration": { + "description": "Information about a rule that can be configured at runtime.", + "type": "object", + "additionalProperties": false, + "properties": { + "enabled": { + "description": "Specifies whether the rule will be evaluated during the scan.", + "type": "boolean" + }, + "defaultLevel": { + "description": "Specifies the default severity level of the result.", + "enum": [ + "note", + "warning", + "error", + "open" + ] + }, + "parameters": { + "description": "Contains configuration information specific to this rule.", + "type": "object", + "additionalProperties": true, + "properties": { + "tags": { + "description": "A set of distinct strings that provide additional configuration information.", + "type": "array", + "uniqueItems": true, + "default": [], + "items": { + "type": "string" + } + } + } + } + } + }, + "run": { + "description": "Describes a single run of an analysis tool, and contains the output of that run.", + "additionalProperties": false, + "type": "object", + "properties": { + "tool": { + "description": "Information about the tool or tool pipeline that generated the results in this run. A run can only contain results produced by a single tool or tool pipeline. A run can aggregate results from multiple log files, as long as context around the tool run (tool command-line arguments and the like) is identical for all aggregated files.", + "$ref": "#/definitions/tool" + }, + "invocations": { + "description": "Describes the invocation of the analysis tool.", + "type": "array", + "minItems": 1, + "uniqueItems": true, + "items": { + "$ref": "#/definitions/invocation" + } + }, + "conversion": { + "description": "A conversion object that describes how a converter transformed an analysis tool's native output format into the SARIF format.", + "$ref": "#/definitions/conversion" + }, + "versionControlProvenance": { + "description": "Specifies the revision in version control of the files that were scanned.", + "type": "array", + "minItems": 1, + "uniqueItems": true, + "items": { + "$ref": "#/definitions/versionControlDetails" + } + }, + "originalUriBaseIds": { + "description": "The absolute URI specified by each uriBaseId symbol on the machine where the tool originally ran.", + "type": "object", + "additionalProperties": { + "type": "string", + "format": "uri" + } + }, + "files": { + "description": "A dictionary each of whose keys is a URI and each of whose values is a file object.", + "type": "object", + "additionalProperties": { + "$ref": "#/definitions/file" + } + }, + "logicalLocations": { + "description": "A dictionary each of whose keys specifies a logical location such as a namespace, type or function.", + "type": "object", + "additionalProperties": { + "$ref": "#/definitions/logicalLocation" + } + }, + "graphs": { + "description": "An array of one or more unique 'graph' objects.", + "type": "array", + "minItems": 1, + "uniqueItems": true, + "items": { + "$ref": "#/definitions/graph" + } + }, + "results": { + "description": "The set of results contained in an SARIF log. The results array can be omitted when a run is solely exporting rules metadata. It must be present (but may be empty) in the event that a log file represents an actual scan.", + "type": "array", + "minItems": 0, + "items": { + "$ref": "#/definitions/result" + } + }, + "resources": { + "description": "Items that can be localized, such as message strings and rule metadata.", + "$ref": "#/definitions/resources" + }, + "instanceGuid": { + "description": "A stable, unique identifier for the run, in the form of a GUID.", + "type": "string" + }, + "correlationGuid": { + "description": "A stable, unique identifier for the equivalence class of logically identical results to which this result belongs, in the form of a GUID.", + "type": "string" + }, + "logicalId": { + "description": "A logical identifier for a run, for example, 'nightly Clang analyzer run'. Multiple runs of the same type can have the same stableId.", + "type": "string" + }, + "description": { + "description": "A description of the run.", + "$ref": "#/definitions/message" + }, + "automationLogicalId": { + "description": "A global identifier that allows the run to be correlated with other artifacts produced by a larger automation process.", + "type": "string" + }, + "baselineInstanceGuid": { + "description": "The 'instanceGuid' property of a previous SARIF 'run' that comprises the baseline that was used to compute result 'baselineState' properties for the run.", + "type": "string" + }, + "architecture": { + "description": "The hardware architecture for which the run was targeted.", + "type": "string" + }, + "richMessageMimeType": { + "description": "The MIME type of all rich text message properties in the run. Default: \"text/markdown;variant=GFM\"", + "type": "string", + "default": "text/markdown;variant=GFM" + }, + "redactionToken": { + "description": "The string used to replace sensitive information in a redaction-aware property.", + "type": "string" + }, + "defaultFileEncoding": { + "description": "Specifies the default encoding for any file object that refers to a text file.", + "type": "string" + }, + "columnKind": { + "description": "Specifies the unit in which the tool measures columns.", + "enum": [ + "utf16CodeUnits", + "unicodeCodePoints" + ] + }, + "properties": { + "description": "Key/value pairs that provide additional information about the run.", + "type": "object", + "additionalProperties": true, + "properties": { + "tags": { + "description": "A set of distinct strings that provide additional information about the run.", + "type": "array", + "uniqueItems": true, + "default": [], + "items": { + "type": "string" + } + } + } + } + }, + "required": [ + "tool", + "results" + ] + }, + "stack": { + "description": "A call stack that is relevant to a result.", + "additionalProperties": false, + "type": "object", + "properties": { + "message": { + "description": "A message relevant to this call stack.", + "$ref": "#/definitions/message" + }, + "frames": { + "description": "An array of stack frames that represent a sequence of calls, rendered in reverse chronological order, that comprise the call stack.", + "type": "array", + "minItems": 1, + "items": { + "$ref": "#/definitions/stackFrame" + } + }, + "properties": { + "description": "Key/value pairs that provide additional information about the stack.", + "type": "object", + "additionalProperties": true, + "properties": { + "tags": { + "description": "A set of distinct strings that provide additional information.", + "type": "array", + "uniqueItems": true, + "default": [], + "items": { + "type": "string" + } + } + } + } + }, + "required": [ + "frames" + ] + }, + "stackFrame": { + "description": "A function call within a stack trace.", + "additionalProperties": false, + "type": "object", + "properties": { + "location": { + "description": "The location to which this stack frame refers.", + "$ref": "#/definitions/location" + }, + "module": { + "description": "The name of the module that contains the code of this stack frame.", + "type": "string" + }, + "threadId": { + "description": "The thread identifier of the stack frame.", + "type": "integer" + }, + "address": { + "description": "The address of the method or function that is executing.", + "type": "integer" + }, + "offset": { + "description": "The offset from the method or function that is executing.", + "type": "integer" + }, + "parameters": { + "description": "The parameters of the call that is executing.", + "type": "array", + "items": { + "type": "string", + "default": [] + } + }, + "properties": { + "description": "Key/value pairs that provide additional information about the stack frame.", + "type": "object", + "additionalProperties": true, + "properties": { + "tags": { + "description": "A set of distinct strings that provide additional information.", + "type": "array", + "uniqueItems": true, + "default": [], + "items": { + "type": "string" + } + } + } + } + }, + "required": [ + "fullyQualifiedLogicalName" + ] + }, + "threadFlow": { + "type": "object", + "properties": { + "id": { + "description": "An string that uniquely identifies the threadFlow within the codeFlow in which it occurs.", + "type": "string" + }, + "message": { + "description": "A message relevant to the thread flow.", + "$ref": "#/definitions/message" + }, + "locations": { + "description": "A temporally ordered array of 'threadFlowLocation' objects, each of which describes a location visited by the tool in the course of producing the result.", + "type": "array", + "minItems": 1, + "items": { + "$ref": "#/definitions/threadFlowLocation" + } + }, + "properties": { + "description": "Key/value pairs that provide additional information about the thread flow.", + "type": "object", + "additionalProperties": true, + "properties": { + "tags": { + "description": "A set of distinct strings that provide additional information.", + "type": "array", + "uniqueItems": true, + "default": [], + "items": { + "type": "string" + } + } + } + } + }, + "required": [ + "locations" + ] + }, + "tool": { + "description": "The analysis tool that was run.", + "additionalProperties": false, + "type": "object", + "properties": { + "name": { + "description": "The name of the tool.", + "type": "string" + }, + "fullName": { + "description": "The name of the tool along with its version and any other useful identifying information, such as its locale.", + "type": "string" + }, + "version": { + "description": "The tool version, in whatever format the tool natively provides.", + "type": "string" + }, + "semanticVersion": { + "description": "The tool version in the format specified by Semantic Versioning 2.0.", + "type": "string" + }, + "fileVersion": { + "description": "The binary version of the tool's primary executable file (for operating systems such as Windows that provide that information).", + "type": "string", + "pattern": "[0-9]+(\\.[0-9]+){3}" + }, + "downloadUri": { + "description": "The absolute URI from which the tool can be downloaded.", + "type": "string", + "format": "uri" + }, + "sarifLoggerVersion": { + "description": "A version that uniquely identifies the SARIF logging component that generated this file, if it is versioned separately from the tool.", + "type": "string" + }, + "language": { + "description": "The tool language (expressed as an ISO 649 two-letter lowercase culture code) and region (expressed as an ISO 3166 two-letter uppercase subculture code associated with a country or region).", + "type": "string", + "default": "en-US" + }, + "properties": { + "description": "Key/value pairs that provide additional information about the tool.", + "type": "object", + "additionalProperties": true, + "properties": { + "tags": { + "description": "A set of distinct strings that provide additional information.", + "type": "array", + "uniqueItems": true, + "default": [], + "items": { + "type": "string" + } + } + } + } + }, + "required": [ + "name" + ] + }, + "versionControlDetails": { + "descriptipn": "Specifies the information necessary to retrieve a desired revision from a version control system.", + "type": "object", + "additionalProperties": false, + "properties": { + "uri": { + "description": "The absolute URI of the repository.", + "type": "string", + "format": "uri" + }, + "revisionId": { + "description": "A string that uniquely and permanently identifies the revision within the repository.", + "type": "string" + }, + "branch": { + "description": "The name of a branch containing the revision.", + "type": "string" + }, + "tag": { + "description": "A tag that has been applied to the revision.", + "type": "string" + }, + "timestamp": { + "description": "The date and time at which the revision was created.", + "type": "string", + "format": "date-time" + }, + "properties": { + "description": "Key/value pairs that provide additional information about the revision.", + "type": "object", + "additionalProperties": true, + "properties": { + "tags": { + "description": "A set of distinct strings that provide additional information.", + "type": "array", + "uniqueItems": true, + "default": [], + "items": { + "type": "string" + } + } + } + } + }, + "required": [ + "uri" + ] + } + } +} \ No newline at end of file diff --git a/scripts/guideline_recategorization/test-data/valid-coding-standards-config.yml b/scripts/guideline_recategorization/test-data/valid-coding-standards-config.yml new file mode 100644 index 0000000000..6576920696 --- /dev/null +++ b/scripts/guideline_recategorization/test-data/valid-coding-standards-config.yml @@ -0,0 +1,7 @@ +guideline-recategorizations: + - rule-id: "A0-1-1" + category: "mandatory" + - rule-id: "A0-1-6" + category: "disapplied" + - rule-id: "A11-0-1" + category: "mandatory" diff --git a/scripts/guideline_recategorization/test-data/valid-sarif-recategorized.expected b/scripts/guideline_recategorization/test-data/valid-sarif-recategorized.expected new file mode 100644 index 0000000000..6de1af0fbf --- /dev/null +++ b/scripts/guideline_recategorization/test-data/valid-sarif-recategorized.expected @@ -0,0 +1 @@ +{"runs": [{"automationDetails": {"id": ".github/workflows/codeql-analysis.yml:analyze/language:python/"}, "conversion": {"tool": {"driver": {"name": "GitHub Code Scanning"}}}, "tool": {"driver": {"name": "CodeQL", "semanticVersion": "2.10.1", "rules": [{"id": "cpp/autosar/useless-assignment", "name": "cpp/autosar/useless-assignment", "shortDescription": {"text": "A0-1-1: Non-volatile variable assigned a value which is never used"}, "fullDescription": {"text": "A project shall not contain instances of non-volatile variables being given values that are not subsequently used."}, "defaultConfiguration": {"enabled": true, "level": "warning"}, "properties": {"tags": ["external/autosar/id/a0-1-1", "readability", "maintainability", "external/autosar/allocated-target/implementation", "external/autosar/enforcement/automated", "external/autosar/original-obligation/required", "external/autosar/obligation/mandatory"], "description": "A project shall not contain instances of non-volatile variables being given values\n that are not subsequently used.", "id": "cpp/autosar/useless-assignment", "kind": "problem", "name": "A0-1-1: Non-volatile variable assigned a value which is never used", "precision": "very-high", "problem.severity": "warning"}}, {"id": "cpp/autosar/unused-type-declarations", "name": "cpp/autosar/unused-type-declarations", "shortDescription": {"text": "A0-1-6: There should be no unused type declarations"}, "fullDescription": {"text": "Unused type declarations are either redundant or indicate a possible mistake on the part of the programmer."}, "defaultConfiguration": {"enabled": true, "level": "warning"}, "properties": {"tags": ["external/autosar/id/a0-1-6", "readability", "maintainability", "external/autosar/allocated-target/implementation", "external/autosar/enforcement/automated", "external/autosar/original-obligation/advisory", "external/autosar/obligation/disapplied"], "description": "Unused type declarations are either redundant or indicate a possible mistake on the\n part of the programmer.", "id": "cpp/autosar/unused-type-declarations", "kind": "problem", "name": "A0-1-6: There should be no unused type declarations", "precision": "very-high", "problem.severity": "warning"}}, {"id": "cpp/autosar/non-pod-type-should-be-defined-as-class", "name": "cpp/autosar/non-pod-type-should-be-defined-as-class", "shortDescription": {"text": "A11-0-1: A non-POD type should be defined as class"}, "fullDescription": {"text": "The class specifier forces the type to provide private access control for all its members by default. This is consistent with developer expectations, because it is expected that a class has its invariant, interface and could provide custom-defined constructors."}, "defaultConfiguration": {"enabled": true, "level": "note"}, "properties": {"tags": ["external/autosar/id/a11-0-1", "maintainability", "external/autosar/allocated-target/implementation", "external/autosar/enforcement/automated", "external/autosar/original-obligation/advisory", "external/autosar/obligation/mandatory"], "description": "The class specifier forces the type to provide private access control for all its\n members by default. This is consistent with developer expectations, because it is\n expected that a class has its invariant, interface and could provide custom-defined\n constructors.", "id": "cpp/autosar/non-pod-type-should-be-defined-as-class", "kind": "problem", "name": "A11-0-1: A non-POD type should be defined as class", "precision": "very-high", "problem.severity": "recommendation"}}]}}}], "$schema": "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json", "version": "2.1.0"} \ No newline at end of file diff --git a/scripts/guideline_recategorization/test-data/valid-sarif.json b/scripts/guideline_recategorization/test-data/valid-sarif.json new file mode 100644 index 0000000000..d9df2d2c19 --- /dev/null +++ b/scripts/guideline_recategorization/test-data/valid-sarif.json @@ -0,0 +1,115 @@ +{ + "runs": [ + { + "automationDetails": { + "id": ".github/workflows/codeql-analysis.yml:analyze/language:python/" + }, + "conversion": { + "tool": { + "driver": { + "name": "GitHub Code Scanning" + } + } + }, + "tool": { + "driver": { + "name": "CodeQL", + "semanticVersion": "2.10.1", + "rules": [ + { + "id": "cpp/autosar/useless-assignment", + "name": "cpp/autosar/useless-assignment", + "shortDescription": { + "text": "A0-1-1: Non-volatile variable assigned a value which is never used" + }, + "fullDescription": { + "text": "A project shall not contain instances of non-volatile variables being given values that are not subsequently used." + }, + "defaultConfiguration": { + "enabled": true, + "level": "warning" + }, + "properties": { + "tags": [ + "external/autosar/id/a0-1-1", + "readability", + "maintainability", + "external/autosar/allocated-target/implementation", + "external/autosar/enforcement/automated", + "external/autosar/obligation/required" + ], + "description": "A project shall not contain instances of non-volatile variables being given values\n that are not subsequently used.", + "id": "cpp/autosar/useless-assignment", + "kind": "problem", + "name": "A0-1-1: Non-volatile variable assigned a value which is never used", + "precision": "very-high", + "problem.severity": "warning" + } + }, + { + "id": "cpp/autosar/unused-type-declarations", + "name": "cpp/autosar/unused-type-declarations", + "shortDescription": { + "text": "A0-1-6: There should be no unused type declarations" + }, + "fullDescription": { + "text": "Unused type declarations are either redundant or indicate a possible mistake on the part of the programmer." + }, + "defaultConfiguration": { + "enabled": true, + "level": "warning" + }, + "properties": { + "tags": [ + "external/autosar/id/a0-1-6", + "readability", + "maintainability", + "external/autosar/allocated-target/implementation", + "external/autosar/enforcement/automated", + "external/autosar/obligation/advisory" + ], + "description": "Unused type declarations are either redundant or indicate a possible mistake on the\n part of the programmer.", + "id": "cpp/autosar/unused-type-declarations", + "kind": "problem", + "name": "A0-1-6: There should be no unused type declarations", + "precision": "very-high", + "problem.severity": "warning" + } + }, + { + "id": "cpp/autosar/non-pod-type-should-be-defined-as-class", + "name": "cpp/autosar/non-pod-type-should-be-defined-as-class", + "shortDescription": { + "text": "A11-0-1: A non-POD type should be defined as class" + }, + "fullDescription": { + "text": "The class specifier forces the type to provide private access control for all its members by default. This is consistent with developer expectations, because it is expected that a class has its invariant, interface and could provide custom-defined constructors." + }, + "defaultConfiguration": { + "enabled": true, + "level": "note" + }, + "properties": { + "tags": [ + "external/autosar/id/a11-0-1", + "maintainability", + "external/autosar/allocated-target/implementation", + "external/autosar/enforcement/automated", + "external/autosar/obligation/advisory" + ], + "description": "The class specifier forces the type to provide private access control for all its\n members by default. This is consistent with developer expectations, because it is\n expected that a class has its invariant, interface and could provide custom-defined\n constructors.", + "id": "cpp/autosar/non-pod-type-should-be-defined-as-class", + "kind": "problem", + "name": "A11-0-1: A non-POD type should be defined as class", + "precision": "very-high", + "problem.severity": "recommendation" + } + } + ] + } + } + } + ], + "$schema": "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json", + "version": "2.1.0" +} \ No newline at end of file From 4c5407bdd8584ddf7d644f41d904834112dd30a0 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 2 Nov 2022 16:47:55 -0700 Subject: [PATCH 0165/2573] Add workflow to run recategorize tests --- .github/workflows/tooling-unit-tests.yml | 33 ++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 .github/workflows/tooling-unit-tests.yml diff --git a/.github/workflows/tooling-unit-tests.yml b/.github/workflows/tooling-unit-tests.yml new file mode 100644 index 0000000000..89ccde5965 --- /dev/null +++ b/.github/workflows/tooling-unit-tests.yml @@ -0,0 +1,33 @@ +name: Tooling unit tests + +on: + push: + branches: + - main + - "rc/**" + - next + pull_request: + branches: + - main + - "rc/**" + - next + +jobs: + recategorization-tests: + name: Run Guideline Recategorization tests + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v2 + + - name: Install Python + uses: actions/setup-python@v4 + with: + python-version: "3.9" + + - name: Install Python dependencies + run: pip install -r scripts/guideline_recategorization/requirements.txt + + - name: Run PyTest + run: | + pytest scripts/guideline_recategorization/recategorize_test.py From 8e91bccc7660e6e6e55f2d2496eb39d9eb389b2b Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 3 Nov 2022 18:03:39 -0700 Subject: [PATCH 0166/2573] Add missing deviation analysis report tables --- docs/user_manual.md | 30 +++++++++++++++++++++++------- 1 file changed, 23 insertions(+), 7 deletions(-) diff --git a/docs/user_manual.md b/docs/user_manual.md index fe31db6c0f..ecac845690 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -17,7 +17,8 @@ | 0.9.0 | 2022-02-17 | Remco Vermeulen | Finalize scope deviation records | | 0.10.0 | 2022-02-28 | Remco Vermeulen | Describe database correctness in the Hazard and Risk Analysis (HARA). | | 0.11.0 | 2022-02-28 | Remco Vermeulen | Updated version to 1.1.0 | -| 0.11.0 | 2022-10-21 | Luke Cartey | Updated version to 2.10.0 | +| 0.12.0 | 2022-10-21 | Luke Cartey | Updated version to 2.10.0 | +| 0.13.0 | 2022-11-03 | Remco Vermeulen | Add missing deviation analysis report tables to section 'Producing an analysis report'. | ## Release information @@ -44,12 +45,12 @@ A _coding standard_ is a set of rules or guidelines which restrict or prohibit t The _CodeQL Coding Standards_ product is a set of CodeQL queries for identifying contraventions of rules in the following coding standards: -| Standard | Version | Total rules | Total supportable rules | Status | -| ---------------------------------------------------------------------------------------------------------------------- | ------- | ----------- | ----------------------- | ----------- | -| [AUTOSAR C++](https://www.autosar.org/fileadmin/user_upload/standards/adaptive/20-11/AUTOSAR_RS_CPP14Guidelines.pdf) | 20-11 | 397 | 375 | Implemented | -| [CERT-C++](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-cpp-coding-standard-2016-v01.pdf) | 2016 | 83 | 83 | Implemented | -| [CERT C](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-c-coding-standard-2016-v01.pdf) | 2016 | 99 | 99 | Under development | -| [MISRA C](https://www.misra.org.uk/product/misra-c2012-third-edition-first-revision/) | 2012 | 172 | 169 | Under development | +| Standard | Version | Total rules | Total supportable rules | Status | +| -------------------------------------------------------------------------------------------------------------------- | ------- | ----------- | ----------------------- | ----------------- | +| [AUTOSAR C++](https://www.autosar.org/fileadmin/user_upload/standards/adaptive/20-11/AUTOSAR_RS_CPP14Guidelines.pdf) | 20-11 | 397 | 375 | Implemented | +| [CERT-C++](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-cpp-coding-standard-2016-v01.pdf) | 2016 | 83 | 83 | Implemented | +| [CERT C](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-c-coding-standard-2016-v01.pdf) | 2016 | 99 | 99 | Under development | +| [MISRA C](https://www.misra.org.uk/product/misra-c2012-third-edition-first-revision/) | 2012 | 172 | 169 | Under development | Not all rules in these standards are amenable to static analysis by CodeQL - some rules require external or domain specific knowledge to validate, or refer to properties which are not present in the our representation of the codebase under analysis. For each rule we therefore identify whether it is supportable or not. Furthermore, a rule can be supported in two ways: @@ -225,6 +226,21 @@ This will produce a directory (``) containing the following re - A textual justification of the deviation. - A textual description of background information. - A textual description of the requirements which must be satisfied to use the deviation. + - A table of invalid deviation records for which we list: + - The location of the invalid deviation record in the database. + - The reason why it is considered invalid. + - A table of deviation permits for which we list: + - An identifier that identifies the permit. + - An identifier for the coding standards rule the deviation applies to. + - The query identifier that implements the guideline. + - An inferred scope that shows the files or code-identifier the deviation is applied to. + - A textual description of the scope when the deviation can be applied. + - A textual justification of the deviation. + - A textual description of background information. + - A textual description of the requirements which must be satisfied to use the deviation. + - A table of invalid deviation permits for which we list: + - The location of the invalid permit in the database. + - The reason why it is considered invalid. #### Applying deviations From 993e1b2f09ae8d2ea4de9a1f29b6b9e84a58f33a Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 3 Nov 2022 18:04:10 -0700 Subject: [PATCH 0167/2573] Format fixes --- docs/user_manual.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/user_manual.md b/docs/user_manual.md index ecac845690..f19aeaf4fa 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -121,9 +121,11 @@ The environment used to generate these reports requires: - A Python interpreter version 3.9 - A CodeQL CLI version documented in the release artifact `supported_codeql_configs.json` + ## Operating manual This section describes how to operate the "CodeQL Coding Standards". + ### Command line #### Pre-requisite: downloading the CodeQL CLI From a759166b38cbf149204d69ec79341f3b37e1763f Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 3 Nov 2022 18:22:32 -0700 Subject: [PATCH 0168/2573] Add guideline recategorization plan description --- docs/user_manual.md | 63 ++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 57 insertions(+), 6 deletions(-) diff --git a/docs/user_manual.md b/docs/user_manual.md index f19aeaf4fa..b9c9666946 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -19,6 +19,7 @@ | 0.11.0 | 2022-02-28 | Remco Vermeulen | Updated version to 1.1.0 | | 0.12.0 | 2022-10-21 | Luke Cartey | Updated version to 2.10.0 | | 0.13.0 | 2022-11-03 | Remco Vermeulen | Add missing deviation analysis report tables to section 'Producing an analysis report'. | +| 0.14.0 | 2022-11-03 | Remco Vermeulen | Add guideline recategorization plan. | ## Release information @@ -54,10 +55,10 @@ The _CodeQL Coding Standards_ product is a set of CodeQL queries for identifying Not all rules in these standards are amenable to static analysis by CodeQL - some rules require external or domain specific knowledge to validate, or refer to properties which are not present in the our representation of the codebase under analysis. For each rule we therefore identify whether it is supportable or not. Furthermore, a rule can be supported in two ways: - + - **Automated** - the queries for the rule find contraventions directly. - **Audit only** - the queries for the rule does not find contraventions directly, but instead report a list of _candidates_ that can be used as input into a manual audit. For example, `A10-0-1` (_Public inheritance shall be used to implement 'is-a' relationship_) is not directly amenable to static analysis, but CodeQL can be used to produce a list of all the locations that use public inheritance so they can be manually reviewed. - + Each supported rule is implemented as one or more CodeQL queries, with each query covering an aspect of the rule. In many coding standards, the rules cover non-trivial semantic properties of the codebase under analysis. The datasheet _"CodeQL Coding Standards: supported rules"_, provided with each release, lists which rules are supported for that particular release, and the _scope of analysis_ for that rule. @@ -112,7 +113,7 @@ Use of the queries outside these scenarios is possible, but not validated for fu ### Analysis report requirements The Coding Standards ships with scripts to generate reports that summarizes: - + - The integrity and validity of the CodeQL database created for the project. - The findings reported by the default queries for the selected Coding Standards, grouped by categories as specified by MISRA Compliance 2020. - The CodeQL dependencies used for the analysis, and whether they comply with the stated requirements. @@ -133,7 +134,7 @@ This section describes how to operate the "CodeQL Coding Standards". You must download a compatible version of the CodeQL CLI and CodeQL Standard Library for C++. **Option 1:** Use the CodeQL CLI bundle, which includes both required components: - 1. Download the CodeQL CLI bundle from the [`github/codeql-action` releases page](https://github.com/github/codeql-action/releases). + 1. Download the CodeQL CLI bundle from the [`github/codeql-action` releases page](https://github.com/github/codeql-action/releases). 2. Expand the compressed archive to a specified location on your machine. 3. [Optional] Add the CodeQL CLI to your user or system path. @@ -154,7 +155,7 @@ In order to run the Coding Standards queries you must first build a CodeQL datab The database can be created using the CodeQL CLI like so: -```codeql +```bash codeql database create --language cpp --command ``` @@ -249,6 +250,7 @@ This will produce a directory (``) containing the following re The CodeQL Coding Standards supports the following features from the [MISRA Compliance 2020](https://www.misra.org.uk/app/uploads/2021/06/MISRA-Compliance-2020.pdf) document: - _Deviation records_ - an entry that states a particular instance, or set of instances, of a rule should be considered permitted. - _Deviation permit_ - an entry that provides authorization to apply a deviation to a project. + - _Guideline recategorization plan_ - an agreement on how the guidelines are applied. Whether a guideline may be violated, deviated from, or must always be applied. ##### Deviation records @@ -305,7 +307,7 @@ The activation of the deviation mechanism requires an extra step in the database This extra step is the invocation of the Python script `path/to/codeql-coding-standards/scripts/configuration/process_coding_standards_config.py` that is part of the coding standards code scanning pack. The script should be invoked as follows: -```codeql +```bash codeql database create --language cpp --command 'python3 path/to/codeql-coding-standards/scripts/configuration/process_coding_standards_config.py' --command ``` @@ -373,6 +375,55 @@ Unlike _deviation records_ their location in the source directory does not impac This means that _deviation permits_ can be made available at build time by any means available. An example of importing _deviation permits_ is through a [Git Submodule](https://git-scm.com/book/en/v2/Git-Tools-Submodules) that contains a repository of allowed _deviation permits_. + +##### Guideline recategorization plan + +The current implementation supports a _guideline recategorization plan_ as described in the [MISRA Compliance:2020](https://www.misra.org.uk/app/uploads/2021/06/MISRA-Compliance-2020.pdf) section *5 The guideline re-categorization plan*. + +A recategorization plan provides a mechanism to adjust the policy associated with a guideline that determines whether it may be violated or not and if it may be violated whether a deviation is required. +Each guideline recategorization **must** be specified in the `guideline-recategorizations` section of a `coding-standards.yml` file that **must** be anywhere in the source repository. + +A guideline recategorization specification **must** specify a `rule-id`, an identifier for the coding standards rule the recategorization applies to, and a `category`, a category that can be any of `disapplied`, `advisory`, `required`, or `mandatory`. + +An example guideline recategorization section is: + +```yaml +guideline-recategorizations: + - rule-id: "A0-1-1" + category: "mandatory" + - rule-id: "A0-1-6" + category: "disapplied" + - rule-id: "A11-0-1" + category: "mandatory" +``` + +Application of the guideline recategorization plan to the analysis results requires an additional post-processing step. +The post-processing step is implemented by the Python script `path/to/codeql-coding-standards/scripts/guideline_recategorization/recategorize.py`. +The script will update the `external//obligation/` tag for each query implementing a recategorized guideline such that `` is equal to the new category and +add the tag `external//original-obligation/` reflects the orignal category. + +The script should be invoked as follows: + +```bash +python3 path/to/codeql-coding-standards/scripts/guideline_recategorization/recategorize.py coding_standards_config_file +``` + +The `recategorize.py` scripts has a dependencies on the following Python packages that can be installed with the command `pip install -r path/to/codeql-coding-standards/scripts/guideline_recategorization/requirements.txt`: + +- Jsonpath-ng==1.5.3 +- Jsonschema +- Jsonpatch +- Jsonpointer +- PyYAML +- Pytest + +and the schema files: + +- `path/to/codeql-coding-standards/schemas/coding-standards-schema-1.0.0.json` +- `path/to/codeql-coding-standards/schemas/sarif-schema-2.1.0.json` + +The schema files **must** be available in the same directory as the `recategorize.py` file or in any ancestor directory. + ### GitHub Advanced Security and LGTM The only use cases that will be certified under ISO 26262 are those listed above. CodeQL Coding Standards is also compatible with, but not certified for, the following use cases: From ea455ed2fdfe621b190a277a829c360e8b5cac0c Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 4 Nov 2022 14:54:26 -0700 Subject: [PATCH 0169/2573] Address CodeQL module import issues --- scripts/reports/{codeql.py => codeqlvalidation.py} | 2 +- scripts/reports/deviations.py | 9 ++++++++- scripts/reports/diagnostics.py | 7 ++++++- 3 files changed, 15 insertions(+), 3 deletions(-) rename scripts/reports/{codeql.py => codeqlvalidation.py} (91%) diff --git a/scripts/reports/codeql.py b/scripts/reports/codeqlvalidation.py similarity index 91% rename from scripts/reports/codeql.py rename to scripts/reports/codeqlvalidation.py index 29a7d00c0e..e65a1c103f 100644 --- a/scripts/reports/codeql.py +++ b/scripts/reports/codeqlvalidation.py @@ -4,7 +4,7 @@ script_path = Path(__file__) # Add the shared modules to the path so we can import them. -sys.path.append(script_path.parent.parent / 'shared') +sys.path.append(str(script_path.parent.parent / 'shared')) from codeql import CodeQL diff --git a/scripts/reports/deviations.py b/scripts/reports/deviations.py index 29e977c3c0..d7baca5665 100644 --- a/scripts/reports/deviations.py +++ b/scripts/reports/deviations.py @@ -1,8 +1,15 @@ from contextlib import redirect_stdout from pathlib import Path -from codeql import CodeQLError, CodeQLValidationSummary +from codeqlvalidation import CodeQLValidationSummary from error import failure import re +import sys + +script_path = Path(__file__) +# Add the shared modules to the path so we can import them. +sys.path.append(str(script_path.parent.parent / 'shared')) +from codeql import CodeQLError + if __name__ == '__main__': failure("Error: this Python module does not support standalone execution!") diff --git a/scripts/reports/diagnostics.py b/scripts/reports/diagnostics.py index 3b95bef4a8..4cf17ec9a1 100644 --- a/scripts/reports/diagnostics.py +++ b/scripts/reports/diagnostics.py @@ -1,8 +1,13 @@ from contextlib import redirect_stdout from pathlib import Path -from codeql import CodeQLError, CodeQLValidationSummary +from codeqlvalidation import CodeQLValidationSummary from error import failure +import sys +script_path = Path(__file__) +# Add the shared modules to the path so we can import them. +sys.path.append(str(script_path.parent.parent / 'shared')) +from codeql import CodeQLError class DiagnosticsSummary: def __init__(self, database_path, repo_root): From 3a480e965d06e23d0588d9d10fe2e85af624eb3b Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 4 Nov 2022 17:38:34 -0700 Subject: [PATCH 0170/2573] Include the original rule category. --- .../ListGuidelineRecategorizations.ql | 2 +- .../ListGuidelineRecategorizations.expected | 17 ++++++++--------- 2 files changed, 9 insertions(+), 10 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/guideline_recategorizations/ListGuidelineRecategorizations.ql b/cpp/common/src/codingstandards/cpp/guideline_recategorizations/ListGuidelineRecategorizations.ql index 421385e6db..a51c1b5993 100644 --- a/cpp/common/src/codingstandards/cpp/guideline_recategorizations/ListGuidelineRecategorizations.ql +++ b/cpp/common/src/codingstandards/cpp/guideline_recategorizations/ListGuidelineRecategorizations.ql @@ -9,4 +9,4 @@ import cpp import GuidelineRecategorizations from GuidelineRecategorization gr -select gr.getRuleId(), gr.getCategory() +select gr.getRuleId(), gr.getQuery().getCategory(), gr.getCategory() diff --git a/cpp/common/test/guideline_recategorizations/ListGuidelineRecategorizations.expected b/cpp/common/test/guideline_recategorizations/ListGuidelineRecategorizations.expected index 8718623c80..0a8aeb9ba1 100644 --- a/cpp/common/test/guideline_recategorizations/ListGuidelineRecategorizations.expected +++ b/cpp/common/test/guideline_recategorizations/ListGuidelineRecategorizations.expected @@ -1,9 +1,8 @@ -| A0-1-1 | advisory | -| A0-1-1 | mandatory | -| A0-1-2 | disapplied | -| A0-1-6 | disapplied | -| A1-4-3 | mandatory | -| A10-4-1 | required | -| A11-0-1 | mandatory | -| CON50-CPP | required | -| RULE-13-6 | required | +| A0-1-1 | required | advisory | +| A0-1-1 | required | mandatory | +| A0-1-2 | required | disapplied | +| A0-1-6 | advisory | disapplied | +| A10-4-1 | advisory | required | +| A11-0-1 | advisory | mandatory | +| CON50-CPP | rule | required | +| RULE-13-6 | mandatory | required | From 72727449e173f05854cd45fb999da10875c0ea0a Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 4 Nov 2022 17:40:25 -0700 Subject: [PATCH 0171/2573] Remove unused imports --- scripts/guideline_recategorization/recategorize_test.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/scripts/guideline_recategorization/recategorize_test.py b/scripts/guideline_recategorization/recategorize_test.py index 185c92272d..f3efc4f337 100644 --- a/scripts/guideline_recategorization/recategorize_test.py +++ b/scripts/guideline_recategorization/recategorize_test.py @@ -1,7 +1,5 @@ import pytest -import difflib import recategorize -import jsonschema from pathlib import Path import argparse import sys From bc46b7544cdab63ded9cb83c8af7e9155741e03f Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 4 Nov 2022 17:48:16 -0700 Subject: [PATCH 0172/2573] Address incorrect type annotations --- scripts/shared/codeql.py | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/scripts/shared/codeql.py b/scripts/shared/codeql.py index 4f23f6d6db..afea4eaaa0 100644 --- a/scripts/shared/codeql.py +++ b/scripts/shared/codeql.py @@ -20,7 +20,7 @@ def __str__(self): class CodeQL(): - def __init__(self) -> 'CodeQL': + def __init__(self) -> None: codeql_result = subprocess.run( ["codeql", "version", "--format=json"], capture_output=True) if not codeql_result.returncode == 0: @@ -36,7 +36,7 @@ def __init__(self) -> 'CodeQL': raise CodeQLError( f"Failed to retrieve codeql version information with error: {e.msg}") - def __build_command_options(self, **options: Dict[str, str]) -> List[str]: + def __build_command_options(self, **options: str) -> List[str]: command_options = [] for key, value in options.items(): command_options.append(f"--{key.replace('_', '-')}") @@ -59,7 +59,7 @@ def cleanup(self, database_path: Path, mode: str = "normal") -> None: raise CodeQLError( f"Unable to cleanup database {database_path}", stdout=result.stdout, stderr=result.stderr, returncode=result.returncode) - def run_queries(self, database_path: Path, *queries: List[Path], **options: Dict[str, str]) -> None: + def run_queries(self, database_path: Path, *queries: Path, **options: str) -> None: database_path = database_path.resolve() command_options = self.__build_command_options(**options) @@ -91,7 +91,7 @@ def get_qlpack(self, qlpack_path: Path) -> Any: with qlpack_path.open() as f: return yaml.safe_load(f) - def decode_results(self, database_path: Path, query_path: Path, **options: Dict[str, str]) -> Iterator: + def decode_results(self, database_path: Path, query_path: Path, **options: str) -> List: qlpack_path = self.resolve_qlpack_path(query_path) qlpack = self.get_qlpack(qlpack_path) relative_query_path = query_path.relative_to(qlpack_path.parent) @@ -118,7 +118,7 @@ def decode_results(self, database_path: Path, query_path: Path, **options: Dict[ with open(temp_file) as tmp: return csv.reader(tmp) - def generate_query_help(self, query_help_path: Path, output: Path, format : str = "markdown", **options: Dict[str, str]) -> None: + def generate_query_help(self, query_help_path: Path, output: Path, format : str = "markdown", **options: str) -> None: command = ['codeql', 'generate', 'query-help'] options['output'] = str(output) options['format'] = format From c5ea428d598777b1dc4b5888828b5ae370f41460 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 4 Nov 2022 17:48:48 -0700 Subject: [PATCH 0173/2573] Address returning CSV reader on closed file --- scripts/shared/codeql.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/shared/codeql.py b/scripts/shared/codeql.py index afea4eaaa0..3c0fc99995 100644 --- a/scripts/shared/codeql.py +++ b/scripts/shared/codeql.py @@ -116,7 +116,7 @@ def decode_results(self, database_path: Path, query_path: Path, **options: str) raise CodeQLError( f"Could not read the output of the query {query_path}", stdout=result.stdout, stderr=result.stderr, returncode=result.returncode) with open(temp_file) as tmp: - return csv.reader(tmp) + return list(csv.reader(tmp)) def generate_query_help(self, query_help_path: Path, output: Path, format : str = "markdown", **options: str) -> None: command = ['codeql', 'generate', 'query-help'] From 81240ca867c029efe4b08365a6fb63a13de6475d Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 4 Nov 2022 17:49:06 -0700 Subject: [PATCH 0174/2573] Add create database method --- scripts/shared/codeql.py | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/scripts/shared/codeql.py b/scripts/shared/codeql.py index 3c0fc99995..095348c618 100644 --- a/scripts/shared/codeql.py +++ b/scripts/shared/codeql.py @@ -139,3 +139,18 @@ def format(self, path: Path) -> None: if not result.returncode == 0: raise CodeQLError( f"Failed to format file {path}", stdout=result.stdout, stderr=result.stderr, returncode=result.returncode) + + def create_database(self, src_root: Path, language: str, database: Path, *build_commands : str, **options: str) -> None: + command = ['codeql', 'database', 'create'] + options['source-root'] = str(src_root) + options['language'] = language + + command_options = self.__build_command_options(**options) + command.extend(command_options) + command.extend([f'--command={build_command}' for build_command in build_commands]) + command.append(str(database)) + + result = subprocess.run(command, capture_output=True) + if not result.returncode == 0: + raise CodeQLError( + f"Failed to build database {database} from {src_root} with language {language} and commands [{','.join(build_commands)}]", stdout=result.stdout, stderr=result.stderr, returncode=result.returncode) \ No newline at end of file From 30a47e0b8c6f7a8fc1ba3695f80e863b0e9561ca Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 4 Nov 2022 17:50:05 -0700 Subject: [PATCH 0175/2573] Add guideline recategorization report generation --- scripts/reports/analysis_report.py | 3 + .../reports/guideline_recategorizations.py | 114 ++++++++++++++++++ 2 files changed, 117 insertions(+) create mode 100644 scripts/reports/guideline_recategorizations.py diff --git a/scripts/reports/analysis_report.py b/scripts/reports/analysis_report.py index b54237581a..1afc56d89b 100644 --- a/scripts/reports/analysis_report.py +++ b/scripts/reports/analysis_report.py @@ -1,5 +1,6 @@ import diagnostics import deviations +import guideline_recategorizations from pathlib import Path import sys import utils @@ -53,6 +54,8 @@ deviations.generate_deviations_report( database_path, repo_root, output_directory) +guideline_recategorizations.generate_guideline_recategorizations_report(database_path, repo_root, output_directory) + # Load the SARIF file and generate a results summary sarif_results_summary = utils.CodingStandardsResultSummary( sarif_results_file_path) diff --git a/scripts/reports/guideline_recategorizations.py b/scripts/reports/guideline_recategorizations.py new file mode 100644 index 0000000000..cc30182596 --- /dev/null +++ b/scripts/reports/guideline_recategorizations.py @@ -0,0 +1,114 @@ +from contextlib import redirect_stdout +from pathlib import Path +from codeqlvalidation import CodeQLValidationSummary +from error import failure +import sys + +script_path = Path(__file__) +# Add the shared modules to the path so we can import them. +sys.path.append(str(script_path.parent.parent / 'shared')) +from codeql import CodeQLError + + +if __name__ == '__main__': + failure("Error: this Python module does not support standalone execution!") + + +class GuidelineRecategorizationsSummary: + def __init__(self, database_path, repo_root): + if isinstance(database_path, str): + database_path = Path(database_path) + if isinstance(repo_root, str): + repo_root = Path(repo_root) + + self.database_path = database_path + try: + self.codeql_summary = CodeQLValidationSummary() + except CodeQLError as err: + failure("Error: Could not initialize CodeQL", err) + + guideline_recategorizations_path = repo_root.joinpath( + 'cpp', 'common', 'src', 'codingstandards', 'cpp', 'guideline_recategorizations') + + queries = ['ListGuidelineRecategorizations.ql', 'InvalidGuidelineRecategorizations.ql'] + + query_paths = map(guideline_recategorizations_path.joinpath, queries) + + try: + # Cleanup database cache to prevent potential cache issue + self.codeql_summary.codeql.cleanup(database_path, mode="brutal") + # Get a list of guideline recategorizations + print("Running the guideline recategorizations queries...") + self.codeql_summary.codeql.run_queries( + database_path, *query_paths, search_path=str(repo_root), no_rerun=True) + + print("Decoding guideline recategorizations queries results") + + for query in queries: + if query.startswith("List"): + decoded_results = self.codeql_summary.codeql.decode_results( + database_path, guideline_recategorizations_path.joinpath(query), no_titles=True) + self.guideline_recategorizations = decoded_results + elif query.startswith("Invalid"): + decoded_results = self.codeql_summary.codeql.decode_results( + database_path, guideline_recategorizations_path.joinpath(query), entities='url,string', no_titles=True) + self.invalid_guideline_recategorizations = decoded_results + else: + failure( + f"Error: Don't know how to decode query results for {query}") + except CodeQLError as err: + failure("Error: Failed to run guideline recategorizations queries", err) + + +def generate_guideline_recategorizations_report(database_path, repo_root, output_directory): + """Print a "guideline recategorizations report".""" + + guideline_recategorizations_summary = GuidelineRecategorizationsSummary(database_path, repo_root) + guideline_recategorizations_report_path = output_directory.joinpath( + "guideline_recategorizations_report.md") + try: + guideline_recategorizations_report_file = open( + guideline_recategorizations_report_path, "w") + except PermissionError: + failure( + f"Error: No permission to write to the output file located at '{guideline_recategorizations_report_path}'") + else: + with guideline_recategorizations_report_file: + # Print to report file, rather than stdout + with redirect_stdout(guideline_recategorizations_report_file): + print("# Guideline recategorizations report") + print() + print("## Overview") + print() + print( + f" - Report generated with {'supported' if guideline_recategorizations_summary.codeql_summary.supported_cli else 'unsupported'} CodeQL version {guideline_recategorizations_summary.codeql_summary.codeql.version}") + print( + f" - Database path: {str(guideline_recategorizations_summary.database_path.resolve())}") + number_of_guideline_recategorizations = len( + guideline_recategorizations_summary.guideline_recategorizations) + number_of_invalid_guideline_recategorizations = len( + guideline_recategorizations_summary.invalid_guideline_recategorizations) + print( + f" - { number_of_guideline_recategorizations } applicable guideline recategorizations and {number_of_invalid_guideline_recategorizations} invalid guideline recategorizations found in the database") + print() + print("## Guideline recategorizations") + print() + print( + "| Rule ID | Category | Recategorized category") + print( + "| --- | --- | --- |") + for guideline_recategorization in guideline_recategorizations_summary.guideline_recategorizations: + rule_id = guideline_recategorization[0] + category = guideline_recategorization[1] + recategorized_category = guideline_recategorization[2] + print( + f"| { rule_id } | { category } | { recategorized_category } | ") + print() + print("## Invalid guideline recategorizations") + print("| Path | Reason |") + print("| --- | --- |") + for invalid_guideline_recategorization in guideline_recategorizations_summary.invalid_guideline_recategorizations: + location = invalid_guideline_recategorization[1].split(':', 2)[2] + path, reason = map( + str.strip, invalid_guideline_recategorization[2].split(':')) + print(f"| {path}:{location} | {reason} |") From 77b561137d0b8f0d0f571969dddaadfa44fb4764 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 4 Nov 2022 17:51:20 -0700 Subject: [PATCH 0176/2573] Add unit test for guideline recategorization report generation --- scripts/reports/analysis_report_test.py | 37 +++++++++++++++++++ scripts/reports/requirements.txt | 3 +- .../coding-standards.yml | 0 ...eline_recategorizations_report.md.expected | 29 +++++++++++++++ .../invalid/coding-standards.yml | 11 ++++++ .../guideline-recategorizations/test.cpp | 0 .../valid/coding-standards.yml | 9 +++++ 7 files changed, 88 insertions(+), 1 deletion(-) create mode 100644 scripts/reports/analysis_report_test.py create mode 100644 scripts/reports/test-data/guideline-recategorizations/coding-standards.yml create mode 100644 scripts/reports/test-data/guideline-recategorizations/guideline_recategorizations_report.md.expected create mode 100644 scripts/reports/test-data/guideline-recategorizations/invalid/coding-standards.yml create mode 100644 scripts/reports/test-data/guideline-recategorizations/test.cpp create mode 100644 scripts/reports/test-data/guideline-recategorizations/valid/coding-standards.yml diff --git a/scripts/reports/analysis_report_test.py b/scripts/reports/analysis_report_test.py new file mode 100644 index 0000000000..dafa7185a1 --- /dev/null +++ b/scripts/reports/analysis_report_test.py @@ -0,0 +1,37 @@ +import pytest +from pathlib import Path +import sys +from guideline_recategorizations import generate_guideline_recategorizations_report + +script_path = Path(__file__) +# Add the shared modules to the path so we can import them. +sys.path.append(str(script_path.parent.parent / 'shared')) +from codeql import CodeQL, CodeQLError + +REPO_ROOT = Path(__file__).resolve().parent.parent.parent +SCRIPTS_DIR = REPO_ROOT / 'scripts' +TEST_DATA_DIR = Path(__file__).resolve().parent / 'test-data' + +def test_guideline_recategorizations_report(tmp_path): + + db_path = tmp_path / 'test-db' + src_root = TEST_DATA_DIR / 'guideline-recategorizations' + codeql = CodeQL() + + compile_src_command = "clang -fsyntax-only test.cpp" + index_coding_standards_config_command = f"python3 {SCRIPTS_DIR}/configuration/process_coding_standards_config.py" + + try: + codeql.create_database(src_root, 'cpp', db_path, compile_src_command, index_coding_standards_config_command) + except CodeQLError as err: + print(err.stdout) + print(err.stderr) + raise err + + generate_guideline_recategorizations_report(db_path, REPO_ROOT, tmp_path) + + expected = (TEST_DATA_DIR / 'guideline-recategorizations' / 'guideline_recategorizations_report.md.expected').read_text() + expected = expected.replace("$codeql-version$", codeql.version).replace("$database-path$", str(db_path)) + actual = (tmp_path / "guideline_recategorizations_report.md").read_text() + + assert(expected == actual) \ No newline at end of file diff --git a/scripts/reports/requirements.txt b/scripts/reports/requirements.txt index 9d90467955..219271be96 100644 --- a/scripts/reports/requirements.txt +++ b/scripts/reports/requirements.txt @@ -1 +1,2 @@ -pyyaml==5.4 \ No newline at end of file +pyyaml==5.4 +pytest==7.2.0 \ No newline at end of file diff --git a/scripts/reports/test-data/guideline-recategorizations/coding-standards.yml b/scripts/reports/test-data/guideline-recategorizations/coding-standards.yml new file mode 100644 index 0000000000..e69de29bb2 diff --git a/scripts/reports/test-data/guideline-recategorizations/guideline_recategorizations_report.md.expected b/scripts/reports/test-data/guideline-recategorizations/guideline_recategorizations_report.md.expected new file mode 100644 index 0000000000..54fb25ae83 --- /dev/null +++ b/scripts/reports/test-data/guideline-recategorizations/guideline_recategorizations_report.md.expected @@ -0,0 +1,29 @@ +# Guideline recategorizations report + +## Overview + + - Report generated with supported CodeQL version $codeql-version$ + - Database path: $database-path$ + - 8 applicable guideline recategorizations and 5 invalid guideline recategorizations found in the database + +## Guideline recategorizations + +| Rule ID | Category | Recategorized category +| --- | --- | --- | +| A0-1-1 | required | advisory | +| A0-1-1 | required | mandatory | +| A0-1-2 | required | disapplied | +| RULE-13-6 | mandatory | required | +| CON50-CPP | rule | required | +| A0-1-6 | advisory | disapplied | +| A10-4-1 | advisory | required | +| A11-0-1 | advisory | mandatory | + +## Invalid guideline recategorizations +| Path | Reason | +| --- | --- | +| invalid/coding-standards.xml:5:7:8:43 | 'Invalid recategorization from 'required' to 'advisory'.' for rule A0-1-1. | +| invalid/coding-standards.xml:9:7:12:43 | 'Invalid recategorization from 'required' to 'disapplied'.' for rule A0-1-2. | +| invalid/coding-standards.xml:13:7:16:43 | 'Unknown rule id 'A1-4-3'.' for rule A1-4-3. | +| invalid/coding-standards.xml:17:7:20:43 | 'Invalid recategorization from 'mandatory' to 'required'.' for rule RULE-13-6. | +| invalid/coding-standards.xml:21:7:24:43 | 'Invalid recategorization from 'rule' to 'required'.' for rule CON50-CPP. | diff --git a/scripts/reports/test-data/guideline-recategorizations/invalid/coding-standards.yml b/scripts/reports/test-data/guideline-recategorizations/invalid/coding-standards.yml new file mode 100644 index 0000000000..89e562c05c --- /dev/null +++ b/scripts/reports/test-data/guideline-recategorizations/invalid/coding-standards.yml @@ -0,0 +1,11 @@ +guideline-recategorizations: + - rule-id: "A0-1-1" + category: "advisory" + - rule-id: "A0-1-2" + category: "disapplied" + - rule-id: "A1-4-3" + category: "mandatory" + - rule-id: "RULE-13-6" + category: "required" + - rule-id: "CON50-CPP" + category: "required" diff --git a/scripts/reports/test-data/guideline-recategorizations/test.cpp b/scripts/reports/test-data/guideline-recategorizations/test.cpp new file mode 100644 index 0000000000..e69de29bb2 diff --git a/scripts/reports/test-data/guideline-recategorizations/valid/coding-standards.yml b/scripts/reports/test-data/guideline-recategorizations/valid/coding-standards.yml new file mode 100644 index 0000000000..ed778a5cc1 --- /dev/null +++ b/scripts/reports/test-data/guideline-recategorizations/valid/coding-standards.yml @@ -0,0 +1,9 @@ +guideline-recategorizations: + - rule-id: "A0-1-1" + category: "mandatory" + - rule-id: "A0-1-6" + category: "disapplied" + - rule-id: "A10-4-1" + category: "required" + - rule-id: "A11-0-1" + category: "mandatory" From 9e1be4dd073e2dfab179f66a53e2c9d704b8bb3b Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 4 Nov 2022 17:53:29 -0700 Subject: [PATCH 0177/2573] Add distinguishing icon to tooling unit tests workflow --- .github/workflows/tooling-unit-tests.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/tooling-unit-tests.yml b/.github/workflows/tooling-unit-tests.yml index 89ccde5965..3269eefd13 100644 --- a/.github/workflows/tooling-unit-tests.yml +++ b/.github/workflows/tooling-unit-tests.yml @@ -1,4 +1,4 @@ -name: Tooling unit tests +name: 🧰 Tooling unit tests on: push: From 557145332f7f09e2326dea60374c1e6c9d75ca3e Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 4 Nov 2022 17:59:17 -0700 Subject: [PATCH 0178/2573] Add analysis report unit tests to testing workflow --- .github/workflows/tooling-unit-tests.yml | 58 ++++++++++++++++++++++++ 1 file changed, 58 insertions(+) diff --git a/.github/workflows/tooling-unit-tests.yml b/.github/workflows/tooling-unit-tests.yml index 3269eefd13..5531c11d72 100644 --- a/.github/workflows/tooling-unit-tests.yml +++ b/.github/workflows/tooling-unit-tests.yml @@ -13,6 +13,64 @@ on: - next jobs: + prepare-supported-codeql-env-matrix: + name: Prepare supported CodeQL environment matrix + runs-on: ubuntu-latest + outputs: + matrix: ${{ steps.export-supported-codeql-env-matrix.outputs.matrix }} + steps: + - name: Checkout repository + uses: actions/checkout@v2 + + - name: Export supported CodeQL environment matrix + id: export-supported-codeql-env-matrix + run: | + echo "::set-output name=matrix::$( + jq --compact-output '.supported_environment | {include: .}' supported_codeql_configs.json + )" + + analysis-report-tests: + name: Run analysis report tests + needs: prepare-supported-codeql-env-matrix + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: ${{ fromJSON(needs.prepare-supported-codeql-env-matrix.outputs.matrix) }} + steps: + - name: Checkout + uses: actions/checkout@v2 + + - name: Install Python + uses: actions/setup-python@v4 + with: + python-version: "3.9" + + - name: Install Python dependencies + run: pip install -r scripts/reports/requirements.txt + + - name: Cache CodeQL + id: cache-codeql + uses: actions/cache@v2.1.3 + with: + path: ${{ github.workspace }}/codeql_home + key: codeql-home-${{ matrix.os }}-${{ matrix.codeql_cli }}-${{ matrix.codeql_standard_library }} + + - name: Install CodeQL + if: steps.cache-codeql.outputs.cache-hit != 'true' + uses: ./.github/actions/install-codeql + with: + codeql-cli-version: ${{ matrix.codeql_cli }} + codeql-stdlib-version: ${{ matrix.codeql_standard_library }} + codeql-home: ${{ github.workspace }}/codeql_home + add-to-path: false + + - name: Run PyTest + env: + CODEQL_HOME: ${{ github.workspace }}/codeql_home + run: | + PATH=$PATH:$CODEQL_HOME/codeql + pytest scripts/reports/analysis_report_test.py + recategorization-tests: name: Run Guideline Recategorization tests runs-on: ubuntu-latest From 40f8ee6a654e90a141eb7ccdec0384b38d81771b Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 7 Nov 2022 12:30:40 -0800 Subject: [PATCH 0179/2573] Add minimal test case for deviation report generation --- scripts/reports/analysis_report_test.py | 25 ++++++++ .../test-data/deviations/coding-standards.yml | 0 .../deviations/deviations_report.md.expected | 48 +++++++++++++++ .../deviations/invalid/coding-standards.yml | 58 +++++++++++++++++++ scripts/reports/test-data/deviations/test.cpp | 0 .../deviations/valid/coding-standards.yml | 7 +++ 6 files changed, 138 insertions(+) create mode 100644 scripts/reports/test-data/deviations/coding-standards.yml create mode 100644 scripts/reports/test-data/deviations/deviations_report.md.expected create mode 100644 scripts/reports/test-data/deviations/invalid/coding-standards.yml create mode 100644 scripts/reports/test-data/deviations/test.cpp create mode 100644 scripts/reports/test-data/deviations/valid/coding-standards.yml diff --git a/scripts/reports/analysis_report_test.py b/scripts/reports/analysis_report_test.py index dafa7185a1..aaa90cf0e1 100644 --- a/scripts/reports/analysis_report_test.py +++ b/scripts/reports/analysis_report_test.py @@ -2,6 +2,7 @@ from pathlib import Path import sys from guideline_recategorizations import generate_guideline_recategorizations_report +from deviations import generate_deviations_report script_path = Path(__file__) # Add the shared modules to the path so we can import them. @@ -34,4 +35,28 @@ def test_guideline_recategorizations_report(tmp_path): expected = expected.replace("$codeql-version$", codeql.version).replace("$database-path$", str(db_path)) actual = (tmp_path / "guideline_recategorizations_report.md").read_text() + assert(expected == actual) + +def test_deviations_report(tmp_path): + + db_path = tmp_path / 'test-db' + src_root = TEST_DATA_DIR / 'deviations' + codeql = CodeQL() + + compile_src_command = "clang -fsyntax-only test.cpp" + index_coding_standards_config_command = f"python3 {SCRIPTS_DIR}/configuration/process_coding_standards_config.py" + + try: + codeql.create_database(src_root, 'cpp', db_path, compile_src_command, index_coding_standards_config_command) + except CodeQLError as err: + print(err.stdout) + print(err.stderr) + raise err + + generate_deviations_report(db_path, REPO_ROOT, tmp_path) + + expected = (TEST_DATA_DIR / 'deviations' / 'deviations_report.md.expected').read_text() + expected = expected.replace("$codeql-version$", codeql.version).replace("$database-path$", str(db_path)) + actual = (tmp_path / "deviations_report.md").read_text() + assert(expected == actual) \ No newline at end of file diff --git a/scripts/reports/test-data/deviations/coding-standards.yml b/scripts/reports/test-data/deviations/coding-standards.yml new file mode 100644 index 0000000000..e69de29bb2 diff --git a/scripts/reports/test-data/deviations/deviations_report.md.expected b/scripts/reports/test-data/deviations/deviations_report.md.expected new file mode 100644 index 0000000000..e9874023dc --- /dev/null +++ b/scripts/reports/test-data/deviations/deviations_report.md.expected @@ -0,0 +1,48 @@ +# Deviations report + +## Overview + + - Report generated with supported CodeQL version $codeql-version$ + - Database path: $database-path$ + - 3 valid deviation records and 14 invalid deviation records found in the database + - 3 valid deviation permits and 2 invalid deviation permits found in the database + +## Deviation Records + +| Rule ID | Query ID | Automated Scope | Scope | Justification | Background | Requirements +| --- | --- | --- | --- | --- | --- | --- | +| A0-1-1 | cpp/autosar/useless-assignment | Applies to the following file paths: invalid | | | | | +| A0-1-1 | cpp/autosar/useless-assignment | Applies to the following file paths: valid | | This useless assignment is required. | | | +| A0-4-2 | cpp/autosar/type-long-double-used | Identified by the use of the code-identifier: a-0-4-2-deviation | | long double is required for interaction with third-party libraries. | | | + +## Invalid Deviation Records +| Path | Reason | +| --- | --- | +| invalid/coding-standards.xml:5:7:5:26 | No rule-id and query-id specified for this deviation record. | +| invalid/coding-standards.xml:6:7:8:26 | The rule-id `bad rule id` for this deviation matches none of the available queries. | +| invalid/coding-standards.xml:9:7:11:26 | A query-id of `bad rule id` is specified for this deviation, but not rule-id is specified. | +| invalid/coding-standards.xml:15:7:17:26 | A query-id of `cpp/autosar/useless-assignment` is specified for this deviation, but not rule-id is specified. | +| invalid/coding-standards.xml:22:7:26:26 | A deviation `raised-by` is specified without providing an `approved-by`. | +| invalid/coding-standards.xml:22:7:26:26 | A deviation `raised-by` is specified without providing both a `name` and `date`. | +| invalid/coding-standards.xml:27:7:33:26 | A deviation `raised-by` is specified without providing an `approved-by`. | +| invalid/coding-standards.xml:27:7:33:26 | A deviation `raised-by` is specified without providing both a `name` and `date`. | +| invalid/coding-standards.xml:34:7:41:26 | A deviation `raised-by` is specified without providing an `approved-by`. | +| invalid/coding-standards.xml:42:7:50:26 | A deviation `approved-by` is specified without providing both a `name` and `date`. | +| invalid/coding-standards.xml:51:7:61:26 | A deviation `approved-by` is specified without providing both a `name` and `date`. | +| invalid/coding-standards.xml:74:7:78:26 | There is no deviation permit with id `non-existing-permit`. | +| invalid/coding-standards.xml:79:7:81:26 | No rule-id and query-id specified for this deviation record. | +| invalid/coding-standards.xml:85:7:88:26 | The deviation is applied to a query with the rule category 'mandatory' that does not permit a deviation. | + +## Deviation Permits + +| Permit ID | Rule ID | Query ID | Automated Scope | Scope | Justification | Background | Requirements +| --- | --- | --- | --- | --- | --- | --- | --- | +| DP1 | | | Application depends on the associated deviation records | | foo bar baz | | | +| DP2 | A0-1-1 | cpp/autosar/useless-assignment | Application depends on the associated deviation records | | | | | +| DP3 | | | Application depends on the associated deviation records | | | | | + +## Invalid Deviation Permits +| Path | Reason | +| --- | --- | +| invalid/coding-standards.xml:100:7:103:33 | Deviation permit does not specify a permit identifier. | +| invalid/coding-standards.xml:104:7:107:33 | Deviation permit specifies unknown property `invalid-property`. | diff --git a/scripts/reports/test-data/deviations/invalid/coding-standards.yml b/scripts/reports/test-data/deviations/invalid/coding-standards.yml new file mode 100644 index 0000000000..7b12c7a8c2 --- /dev/null +++ b/scripts/reports/test-data/deviations/invalid/coding-standards.yml @@ -0,0 +1,58 @@ +deviations: + - + - rule-id: bad rule id + - query-id: bad rule id + - rule-id: A0-1-1 + - query-id: cpp/autosar/useless-assignment + - rule-id: A0-1-1 + query-id: cpp/autosar/useless-assignment + - rule-id: A0-1-1 + query-id: cpp/autosar/useless-assignment + raised-by: + - rule-id: A0-1-1 + query-id: cpp/autosar/useless-assignment + raised-by: + name: foo1 + - rule-id: A0-1-1 + query-id: cpp/autosar/useless-assignment + raised-by: + name: foo2 + date: 1970-01-01Z + - rule-id: A0-1-1 + query-id: cpp/autosar/useless-assignment + raised-by: + name: foo3 + date: 1970-01-01Z + approved-by: + - rule-id: A0-1-1 + query-id: cpp/autosar/useless-assignment + raised-by: + name: foo4 + date: 1970-01-01Z + approved-by: + name: bar1 + - rule-id: A0-1-1 + query-id: cpp/autosar/useless-assignment + raised-by: + name: foo5 + date: 1970-01-01Z + approved-by: + name: bar2 + date: 1970-01-01Z + - rule-id: A0-1-1 + query-id: cpp/autosar/useless-assignment + permit-id: non-existing-permit + - permit-id: DP1 + - permit-id: DP2 + - rule-id: RULE-13-6 + query-id: c/misra/sizeof-operand-with-side-effect +deviation-permits: + - permit-id: DP1 + justification: foo bar baz + - permit-id: DP2 + rule-id: A0-1-1 + query-id: cpp/autosar/useless-assignment + - rule-id: A0-1-1 + query-id: cpp/autosar/useless-assignment + - permit-id: DP3 + invalid-property: invalid-property diff --git a/scripts/reports/test-data/deviations/test.cpp b/scripts/reports/test-data/deviations/test.cpp new file mode 100644 index 0000000000..e69de29bb2 diff --git a/scripts/reports/test-data/deviations/valid/coding-standards.yml b/scripts/reports/test-data/deviations/valid/coding-standards.yml new file mode 100644 index 0000000000..34b12a3b90 --- /dev/null +++ b/scripts/reports/test-data/deviations/valid/coding-standards.yml @@ -0,0 +1,7 @@ +deviations: + - rule-id: A0-1-1 + query-id: cpp/autosar/useless-assignment + justification: This useless assignment is required. + - rule-id: A0-4-2 + justification: long double is required for interaction with third-party libraries. + code-identifier: a-0-4-2-deviation From cbd2fcfb9a1e8d7d7921dc0d0b3de8f78e6a79f1 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 7 Nov 2022 13:40:40 -0800 Subject: [PATCH 0180/2573] Add shared components to code scanning pack The report relies on a shared components so that should be included in the distribution. --- .github/workflows/code-scanning-pack-gen.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index 2c501b541b..5c1be1f041 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -86,7 +86,7 @@ jobs: codeql query compile --search-path c --search-path cpp --threads 0 c cd .. - zip -r codeql-coding-standards/code-scanning-cpp-query-pack.zip codeql-coding-standards/c/ codeql-coding-standards/cpp/ codeql-coding-standards/.codeqlmanifest.json codeql-coding-standards/supported_codeql_configs.json codeql-coding-standards/scripts/configuration codeql-coding-standards/scripts/reports + zip -r codeql-coding-standards/code-scanning-cpp-query-pack.zip codeql-coding-standards/c/ codeql-coding-standards/cpp/ codeql-coding-standards/.codeqlmanifest.json codeql-coding-standards/supported_codeql_configs.json codeql-coding-standards/scripts/configuration codeql-coding-standards/scripts/reports codeql-coding-standards/scripts/shared - name: Upload GHAS Query Pack uses: actions/upload-artifact@v2 From 79839c416de6dd548e41a21db9b25f228cbfe172 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 7 Nov 2022 14:04:51 -0800 Subject: [PATCH 0181/2573] Add guideline recategorization scripts to code scanning pack --- .github/workflows/code-scanning-pack-gen.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index 5c1be1f041..8c9fa46725 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -86,7 +86,7 @@ jobs: codeql query compile --search-path c --search-path cpp --threads 0 c cd .. - zip -r codeql-coding-standards/code-scanning-cpp-query-pack.zip codeql-coding-standards/c/ codeql-coding-standards/cpp/ codeql-coding-standards/.codeqlmanifest.json codeql-coding-standards/supported_codeql_configs.json codeql-coding-standards/scripts/configuration codeql-coding-standards/scripts/reports codeql-coding-standards/scripts/shared + zip -r codeql-coding-standards/code-scanning-cpp-query-pack.zip codeql-coding-standards/c/ codeql-coding-standards/cpp/ codeql-coding-standards/.codeqlmanifest.json codeql-coding-standards/supported_codeql_configs.json codeql-coding-standards/scripts/configuration codeql-coding-standards/scripts/reports codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/guideline_recategorization codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/schemas - name: Upload GHAS Query Pack uses: actions/upload-artifact@v2 From ea3f1112f4bfef6017a03ebb9faf21f1fdf88f71 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 7 Nov 2022 14:08:35 -0800 Subject: [PATCH 0182/2573] Add changenote for guideline recategorization scripts The changenote is required because we have added new files to coding standards pack. --- .../2022-11-07-add-guideline-recategorization-scripts.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 change_notes/2022-11-07-add-guideline-recategorization-scripts.md diff --git a/change_notes/2022-11-07-add-guideline-recategorization-scripts.md b/change_notes/2022-11-07-add-guideline-recategorization-scripts.md new file mode 100644 index 0000000000..137f21216d --- /dev/null +++ b/change_notes/2022-11-07-add-guideline-recategorization-scripts.md @@ -0,0 +1,2 @@ +- Add the Python scripts under `scripts/guideline_recategorization` and the JSON schemas under `schemas`. +- Add the Python scripts under `scripts/shared` relied upon by the analysis report generation. \ No newline at end of file From fab2b27b637236cf42eea1cd0fc4f62c2ce9a380 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 28 Nov 2022 14:41:05 -0800 Subject: [PATCH 0183/2573] Add guideline recategorization design document. --- docs/design/guideline_recategorization.md | 178 ++++++++++++++++++++++ 1 file changed, 178 insertions(+) create mode 100644 docs/design/guideline_recategorization.md diff --git a/docs/design/guideline_recategorization.md b/docs/design/guideline_recategorization.md new file mode 100644 index 0000000000..c8eb9555c1 --- /dev/null +++ b/docs/design/guideline_recategorization.md @@ -0,0 +1,178 @@ +# Coding Standards: Guideline Recategorization + +- [Coding Standards: Guideline Recategorization](#coding-standards-guideline-recategorization) + - [Document management](#document-management) + - [Introduction](#introduction) + - [Design](#design) + - [Guideline Recategorization Plan specification](#guideline-recategorization-plan-specification) + - [Implementation](#implementation) + - [Specification and deviation](#specification-and-deviation) + - [Specification validation](#specification-validation) + - [SARIF rewriting](#sarif-rewriting) + - [Non-MISRA standards](#non-misra-standards) + +## Document management + +**ID**: codeql-coding-standards/design/grp
+**Status**: Draft + +| Version | Date | Author(s) | Reviewer (s) | +| ------- | ---------- | --------------- | ------------ | +| 0.1 | 08/10/2022 | Remco Vermeulen | \ | +| 0.2 | 10/25/2022 | Remco Vermeulen | | + +## Introduction + +Each MISRA guideline belongs to a category that defines a policy to be followed to determine whether a guideline may be violated or not and whether a deviation is required. +The document [MISRA Compliance:2020](https://www.misra.org.uk/app/uploads/2021/06/MISRA-Compliance-2020.pdf) defines the following guideline categories, and their associated policies, in addition to a mechanism to recategorize guidelines. + +- Mandatory guidelines - guidelines for which violation is never permitted. +- Required guidelines - guidelines which can only be violated when supported by a deviation. +- Advisory guidelines - recommendations for which violations are identified but are not required to be supported by a deviation. + +Guideline recategorization is possible by means of a Guideline Recategorization Plan (GRP). A GRP is a contract between the acquirer and supplier to determine how guidelines are applied. +The GRP defines the additional category Disapplied to be used for Advisory guidelines which are to be ignored. Any other category can be recategorized into stricter categories to ensure that a guideline adheres to the associated policy. +The following table summarizes the possible recategorizations. + +| Category | Recategorizations | +| --------- | ------------------------------- | +| Mandatory | | +| Required | Mandatory | +| Advisory | Disapplied, Required, Mandatory | + +Other recategorizations, from here on denoted as invalid recategorizations, are not applied and are to be reported to the user. + +## Design + +Our design includes a Guideline Recategorization Plan specification, logic to apply the category policy to associated guidelines, and a SARIF result rewriter to reflect the new category in the results. +The application of a policy will modify the behavior of a CodeQL queries implementing guidelines as follows: + +| Category | Effect | +| ---------- | -------------------------------------------------------------------- | +| Mandatory | Violations are reported, even if a deviation is applicable! | +| Required | Violations are reported unless there exists an applicable deviation. | +| Advisory | Violations are reported unless there exists an applicable deviation. | +| Disapplied | Violations are not reported. | + +The SARIF rewriting will update the category of a guideline in a SARIF result file by updating the necessary tag information of a query. + +### Guideline Recategorization Plan specification + +The Guideline Recategorization Plan specification will build upon the configuration specification introduced for deviations by adding the additional primary section `guideline-recategorizations` to the `codeql-standards.yml` configuration file. +The `guideline-recategorizations` section will be a series of compact mappings in YAML with the keys: + +- `rule-id` - the rule identifier that is recategorized. +- `category` - the category assigned to the rule identified by rule-id + +Note: We specify the recategorization based on the rule-id instead of the query-id. This can be revised if feedback requires more fine-grained recategorization. + +For example: + +```yaml +guideline-recategorizations: +- rule-id: “M5-0-17” + category: “mandatory” +``` + +## Implementation + +This section discusses the implementation of the [design](#design). + +### Specification and deviation + +The implementation will rely on the existing rule meta-data and query exclusion mechanisms to apply policies associated with a rule’s category. +The rule meta-data already includes both the `query-id` and `rule-id` associated with a query and is available during query evaluation. +The rule meta-data needs to be extended with a category that contains the guideline’s category. + +For example: + +```ql + query = + // `Query` instance for the `pointerSubtractionOnDifferentArrays` query + PointersPackage::pointerSubtractionOnDifferentArraysQuery() and + queryId = + // `@id` for the `pointerSubtractionOnDifferentArrays` query + "cpp/autosar/pointer-subtraction-on-different-arrays" and + ruleId = "M5-0-17" and + category = “required” +``` + +The category defined by the rule meta-data and the category defined in the `guideline-recategorizations` of the applicable `codeql-standards.yml` configuration file is used to determine the *effective category* of a query. +The *effective category* is the category whose policy is applied during the evaluation of a query. +The policy of a category dictates if a result can be deviated from and implements the effect described in the design section. +The existing exclusion mechanism implemented in the predicate `isExcluded` defined in the `Exclusions.qll` library will be updated to consider the applicable policy of a guideline. + +Note: This will change the behavior of deviations which will no longer have an impact on Mandatory guidelines! This, however, will only impact MISRA C rules because there are no MISRA C++ Guidelines with a Mandatory category. + +### Specification validation + +To assist users with correctly specifying a Guideline Recategorization Plan (GRP) specification we can implement two validations mechanisms that validate the specification at two different points in a GRP life cycle. +The first validation mechanism will perform syntax validation of the specification provided in the guideline-recategorizations section of a `codeql-standards.yml` configuration file and can provide feedback in any editor that supports JSON schemas published at the [JSON schema store](https://www.schemastore.org/json/). +A schema for `codeql-standards.yml` can be extended with the definition of `guideline-category` and the property `guideline-recategorizations`: + +```json +{ + "$schema": "http://json-schema.org/draft-07/schema", + "additionalProperties": false, + "definitions": { + "guideline-category": { + "enum": [ + "mandatory", + "required", + "advisory", + "disapplied" + ] + } + }, + "properties": { + "report-deviated-alerts": {...}, + "deviations": {...}, + "deviation-permits": {...}, + "guideline-recategorizations": { + "description": "A set of guideline recategorizations", + "type": "array", + "items": { + "type": "object", + "properties": { + "rule-id": { + "type": "string" + }, + "category": { + "$ref": "#/definitions/guideline-category" + } + } + } + } + }, + "required": [], + "type": "object" +} +``` + +The second validation mechanism is the generation of a `guideline-recategorization-plan-report.md` containing alerts on semantically incorrect recategorizations. +That is, possible recategorizations that are not described as valid in the introduction. +Semantically invalid recategorizations will be detected by looking at a query’s categorization and its effective categorization (i.e., its applied recategorization). + +In addition, an update to the `deviations_report.md` report’s invalidate deviations table will provide feedback to users that apply deviations to guidelines with an effective category equal to `mandatory` which cannot be deviated from. +The changes to generate the new report and update the existing report will be made in the report generation script `scripts/reports/analysis_report.py`. + +### SARIF rewriting + +The *effective category* of a guideline is a runtime property that is not reflected in the SARIF result file and therefore is not visible in any viewer used to view the results (e.g., [Code Scanning](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning)). +To ensure that users can view the *effective category* we need to rewrite the `@tags` query metadata property in the SARIF result file. +The `@tags` value is a JSON array located at the [JSON path](https://datatracker.ietf.org/wg/jsonpath/about/): + +`$.runs[?(@.tool.driver.name="CodeQL")].tool.driver.rules[*].properties.tags` + +The category tag has the form `external//obligation/` +Each guideline has an `external//id/` tag that can be used to determine if a recategorization is applicable by performing a case insensitive compare on the `` extracted from the query’s tags array and the value of the rule-id key in a `guideline-recategorizations` section. +The rewriting replaces the `` part in `external//obligation/` with the newly specified category and adds a new tag `external//original-obligation/` with the rule’s original category. + +The rewrite process translates each entry in the guideline recategorization specification into a [JSON Patch](https://datatracker.ietf.org/doc/html/rfc6902) specific to the processed SARIF file. The JSON Patch is SARIF file specific due to its reliance on [JSON Pointer](https://www.rfc-editor.org/rfc/rfc6901) to locate the obligation tags. + +A new SARIF file is created by applying the JSON Patch to the processed SARIF file. + +## Non-MISRA standards + +Guideline recategorization applies to rules adhering to the MISRA categorizations. +For standards that deviate from these conventions we assume that the rules have a category equivalent to MISRA’s *required* category. \ No newline at end of file From a85c6fff0b71319603c6db20f42897c890f65412 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 29 Nov 2022 10:59:36 -0800 Subject: [PATCH 0184/2573] Clarify the category of non Misra standard guidelines. --- docs/design/guideline_recategorization.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/design/guideline_recategorization.md b/docs/design/guideline_recategorization.md index c8eb9555c1..34a8c53022 100644 --- a/docs/design/guideline_recategorization.md +++ b/docs/design/guideline_recategorization.md @@ -175,4 +175,4 @@ A new SARIF file is created by applying the JSON Patch to the processed SARIF fi ## Non-MISRA standards Guideline recategorization applies to rules adhering to the MISRA categorizations. -For standards that deviate from these conventions we assume that the rules have a category equivalent to MISRA’s *required* category. \ No newline at end of file +For standards that deviate from these conventions we assume that the rules have an *effective category* equivalent to MISRA’s *required* category. From 654f9fa720496d19d704698699167a2114f9bdf6 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 29 Nov 2022 15:40:32 -0500 Subject: [PATCH 0185/2573] Declarations5: add RULE-8-9 --- ...xposedIdentifierDeclarationShared.expected | 4 + ...ssaryExposedIdentifierDeclarationShared.ql | 2 + .../test.c | 110 +++++++ ...nnecessaryExposedIdentifierDeclarationC.ql | 22 ++ ...ssaryExposedIdentifierDeclarationC.testref | 1 + ...UnnecessaryExposedIdentifierDeclaration.ql | 275 +---------------- ...ecessaryExposedIdentifierDeclaration.qlref | 1 - ...essaryExposedIdentifierDeclaration.testref | 1 + .../cpp/exclusions/c/Declarations5.qll | 18 +- ...saryExposedIdentifierDeclarationShared.qll | 289 ++++++++++++++++++ ...posedIdentifierDeclarationShared.expected} | 0 ...ssaryExposedIdentifierDeclarationShared.ql | 2 + .../test.cpp | 0 rule_packages/c/Declarations5.json | 20 ++ rule_packages/cpp/Scope.json | 1 + rules.csv | 2 +- 16 files changed, 474 insertions(+), 274 deletions(-) create mode 100644 c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.expected create mode 100644 c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql create mode 100644 c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/test.c create mode 100644 c/misra/src/rules/RULE-8-9/UnnecessaryExposedIdentifierDeclarationC.ql create mode 100644 c/misra/test/rules/RULE-8-9/UnnecessaryExposedIdentifierDeclarationC.testref delete mode 100644 cpp/autosar/test/rules/M3-4-1/UnnecessaryExposedIdentifierDeclaration.qlref create mode 100644 cpp/autosar/test/rules/M3-4-1/UnnecessaryExposedIdentifierDeclaration.testref create mode 100644 cpp/common/src/codingstandards/cpp/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.qll rename cpp/{autosar/test/rules/M3-4-1/UnnecessaryExposedIdentifierDeclaration.expected => common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.expected} (100%) create mode 100644 cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql rename cpp/{autosar/test/rules/M3-4-1 => common/test/rules/unnecessaryexposedidentifierdeclarationshared}/test.cpp (100%) diff --git a/c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.expected b/c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.expected new file mode 100644 index 0000000000..e9d863a111 --- /dev/null +++ b/c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.expected @@ -0,0 +1,4 @@ +| test.c:4:12:4:13 | g2 | The declaration g2 should be moved from the global namespace scope$@ into the $@ too minimize its visibility. | file://:0:0:0:0 | (global namespace) | scope | test.c:59:11:59:25 | { ... } | scope | +| test.c:7:7:7:7 | j | The declaration j should be moved from $@ into the $@ too minimize its visibility. | test.c:6:11:13:1 | { ... } | scope | test.c:8:13:12:3 | { ... } | scope | +| test.c:62:7:62:7 | i | The declaration i should be moved from $@ into the $@ too minimize its visibility. | test.c:61:11:71:1 | { ... } | scope | test.c:64:13:70:3 | { ... } | scope | +| test.c:73:8:73:9 | S1 | The declaration S1 should be moved from the global namespace scope$@ into the $@ too minimize its visibility. | file://:0:0:0:0 | (global namespace) | scope | test.c:77:12:77:28 | { ... } | scope | diff --git a/c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql b/c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql new file mode 100644 index 0000000000..9914ad0b1e --- /dev/null +++ b/c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.unnecessaryexposedidentifierdeclarationshared.UnnecessaryExposedIdentifierDeclarationShared diff --git a/c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/test.c b/c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/test.c new file mode 100644 index 0000000000..0ef89369fc --- /dev/null +++ b/c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/test.c @@ -0,0 +1,110 @@ +#include +extern void f1(int i); +extern int g1; // COMPLIANT +extern int g2; // NON_COMPLIANT; single use of a global variable +bool f2() { return g1 == 1; } +void f3() { + int j = g1; // NON_COMPLIANT + if (f2()) { + int k; // COMPLIANT + f1(j); + f1(k); + } +} + +void f4() { + int j = g1; // COMPLIANT; value of g1 changed between + // definition and use + g1 = 1; + if (f2()) { + f1(j); + } +} + +void f5() { + int j = g1; // COMPLIANT; shouldn't be moved inside loop + while (true) { + int i = g1++; + while (f2()) { + i += j; + } + + if (i % 2) + break; + } +} + +void f6() { + int j = g1; // COMPLIANT; can't moved into smaller scope +#ifdef FOO + if (g1) { + g1 = j + 1; + } +#else + if (g1) { + g1 = j + 2; + } +#endif +} + +void f7() { + int j = g1; // COMPLIANT; potentially stores previous value of + // g1 so moving this would be incorrect. + f1(1); // f1 may change the value of g1 + if (f2()) { + f1(j); + } +} + +void f8() { int i = g2; } + +void f9() { + int i; // NON_COMPLIANT + + if (f2()) { + if (f2()) { + i++; + } else { + i--; + } + } +} + +struct S1 { // NON_COMPLIANT + int i; +}; + +void f10() { struct S1 l1; } + +void f11() { + struct S2 { // COMPLIANT + int i; + } l1; +} + +struct S3 { + int i; +}; + +struct S4 { // NON_COMPLIANT; single use in function f13 + int i; +}; + +void f15() { + int i; // COMPLIANT + + if (i == 0) { + i++; + } +} + +void f17() { + int i; // COMPLIANT + int *ptr; + { + // Moving the declaration of i into the reduced scope will result in a + // dangling pointer + ptr = &i; + } + *ptr = 1; +} \ No newline at end of file diff --git a/c/misra/src/rules/RULE-8-9/UnnecessaryExposedIdentifierDeclarationC.ql b/c/misra/src/rules/RULE-8-9/UnnecessaryExposedIdentifierDeclarationC.ql new file mode 100644 index 0000000000..09cad2f08d --- /dev/null +++ b/c/misra/src/rules/RULE-8-9/UnnecessaryExposedIdentifierDeclarationC.ql @@ -0,0 +1,22 @@ +/** + * @id c/misra/unnecessary-exposed-identifier-declaration-c + * @name RULE-8-9: An object should be defined at block scope if its identifier only appears in a single function + * @description An identifier declared to be an object or type shall be defined in a block that + * minimizes its visibility to prevent any accidental use of the identifier. + * @kind problem + * @precision high + * @problem.severity warning + * @tags external/misra/id/rule-8-9 + * correctness + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.rules.unnecessaryexposedidentifierdeclarationshared.UnnecessaryExposedIdentifierDeclarationShared + +class UnnecessaryExposedIdentifierDeclarationCQuery extends UnnecessaryExposedIdentifierDeclarationSharedSharedQuery { + UnnecessaryExposedIdentifierDeclarationCQuery() { + this = Declarations5Package::unnecessaryExposedIdentifierDeclarationCQuery() + } +} diff --git a/c/misra/test/rules/RULE-8-9/UnnecessaryExposedIdentifierDeclarationC.testref b/c/misra/test/rules/RULE-8-9/UnnecessaryExposedIdentifierDeclarationC.testref new file mode 100644 index 0000000000..35c4abc5d4 --- /dev/null +++ b/c/misra/test/rules/RULE-8-9/UnnecessaryExposedIdentifierDeclarationC.testref @@ -0,0 +1 @@ +c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql \ No newline at end of file diff --git a/cpp/autosar/src/rules/M3-4-1/UnnecessaryExposedIdentifierDeclaration.ql b/cpp/autosar/src/rules/M3-4-1/UnnecessaryExposedIdentifierDeclaration.ql index 6a99cb820a..1d84a385e5 100644 --- a/cpp/autosar/src/rules/M3-4-1/UnnecessaryExposedIdentifierDeclaration.ql +++ b/cpp/autosar/src/rules/M3-4-1/UnnecessaryExposedIdentifierDeclaration.ql @@ -15,277 +15,10 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.Scope -import codingstandards.cpp.SideEffect -import codingstandards.cpp.sideeffect.Customizations +import codingstandards.cpp.rules.unnecessaryexposedidentifierdeclarationshared.UnnecessaryExposedIdentifierDeclarationShared -class ExternalCall extends Call { - ExternalCall() { - exists(Function f | this.getTarget() = f | - not f.hasDefinition() and not f.isCompilerGenerated() - ) +class UnnecessaryExposedIdentifierDeclarationQuery extends UnnecessaryExposedIdentifierDeclarationSharedSharedQuery { + UnnecessaryExposedIdentifierDeclarationQuery() { + this = ScopePackage::unnecessaryExposedIdentifierDeclarationQuery() } } - -class LoopOrSwitchBody extends BlockStmt { - LoopOrSwitchBody() { - exists(Loop l | l.getStmt() = this.getParentScope*()) - or - exists(SwitchStmt ss | ss.getStmt() = this) - } -} - -/* Gets a scope for `b` that is an ancestor of `b`, but is not a loop or switch scope. */ -Scope getCandidateScope(Scope b) { - if b instanceof LoopOrSwitchBody or b instanceof ControlStructure - then result = getCandidateScope(b.getStrictParent()) - else - if b.isGenerated() - then result = b.getStrictParent() - else result = b -} - -private predicate getLocationInfo( - CandidateDeclaration d, PreprocessorBranchDirective pbd, int startline, int endline, string path1, - string path2 -) { - d.getLocation().getEndLine() = endline and - pbd.getLocation().getStartLine() = startline and - d.getFile().getAbsolutePath() = path1 and - pbd.getFile().getAbsolutePath() = path2 -} - -predicate isStrictlyBefore(CandidateDeclaration d, PreprocessorBranchDirective branch) { - exists(string path, int startLine, int endLine | - getLocationInfo(d, branch, startLine, endLine, path, path) and - endLine < startLine - ) -} - -Variable getADependentVariable(Variable v) { - exists(VariableAccess va | - va.getTarget() = result and v.getInitializer().getExpr().getAChild*() = va - ) -} - -/** - * Holds if it is assigned a value that is modified in between the declaration of `v` and a use of `v`. - */ -predicate isTempVariable(LocalVariable v) { - exists( - DeclStmt ds, VariableDeclarationEntry vde, Variable dependentVariable, Expr sideEffect, - VariableAccess va - | - v.getAnAccess() = va and - dependentVariable = getADependentVariable(v) and - exists( - BasicBlock declarationStmtBb, BasicBlock sideEffectBb, BasicBlock variableAccessBb, - int declarationStmtPos, int sideEffectPos, int variableAccessPos - | - declarationStmtBb.getNode(declarationStmtPos) = ds and - variableAccessBb.getNode(variableAccessPos) = va - | - ( - ( - sideEffect.(VariableEffect).getTarget() = dependentVariable and - if not sideEffect.getEnclosingFunction() = va.getEnclosingFunction() - then - exists(FunctionCall call | - call.getEnclosingFunction() = va.getEnclosingFunction() and - call.getTarget().calls(sideEffect.getEnclosingFunction()) and - sideEffectBb.getNode(sideEffectPos) = call - ) - else sideEffectBb.getNode(sideEffectPos) = sideEffect - ) - or - dependentVariable instanceof GlobalVariable and - sideEffect instanceof ExternalCall and - ds.getEnclosingFunction() = sideEffect.getEnclosingFunction() and - sideEffectBb.getNode(sideEffectPos) = sideEffect - ) and - ( - declarationStmtBb.getASuccessor+() = sideEffectBb - or - declarationStmtBb = sideEffectBb and declarationStmtPos < sideEffectPos - ) and - ( - sideEffectBb.getASuccessor+() = variableAccessBb - or - sideEffectBb = variableAccessBb and sideEffectPos < variableAccessPos - ) - ) and - vde.getDeclaration() = v and - ds.getDeclarationEntry(_) = vde - ) -} - -private predicate isTypeUse(Type t1, Type t2) { - t1.getUnspecifiedType() = t2 - or - t1.(PointerType).getBaseType().getUnspecifiedType() = t2 - or - t1.(ReferenceType).getBaseType().getUnspecifiedType() = t2 - or - t1.(ArrayType).getBaseType().getUnspecifiedType() = t2 -} - -newtype TDeclarationAccess = - ObjectAccess(Variable v, VariableAccess va) { va = v.getAnAccess() } or - /* Type access can be done in a declaration or an expression (e.g., static member function call) */ - TypeAccess(Type t, Element access) { - isTypeUse(access.(Variable).getUnspecifiedType(), t) - or - exists(ClassTemplateInstantiation cti | - isTypeUse(cti.getATemplateArgument(), t) and - access.(Variable).getUnspecifiedType() = cti - ) - or - exists(FunctionTemplateInstantiation fti | - isTypeUse(fti.getATemplateArgument(), t) and - fti = access - ) - or - exists(FunctionCall call, MemberFunction mf | - call = access and call.getTarget() = mf and mf.isStatic() and mf.getDeclaringType() = t - ) - or - exists(Function f | - isTypeUse(f.getType(), t) and - f = access - ) - } - -class DeclarationAccess extends TDeclarationAccess { - Location getLocation() { - exists(VariableAccess va, Variable v | this = ObjectAccess(v, va) and result = va.getLocation()) - or - exists(Element access | - this = TypeAccess(_, access) and - result = access.getLocation() - ) - } - - string toString() { - exists(Variable v | this = ObjectAccess(v, _) and result = "Object access for " + v.getName()) - or - exists(Type t | - this = TypeAccess(t, _) and - result = "Type access for " + t.getName() - ) - } - - /* Gets the declaration that is being accessed. */ - Declaration getDeclaration() { - this = ObjectAccess(result, _) - or - this = TypeAccess(result, _) - } - - /* Gets the declaration or expression that uses the type being accessed. */ - Element getUnderlyingTypeAccess() { this = TypeAccess(_, result) } - - VariableAccess getUnderlyingObjectAccess() { this = ObjectAccess(_, result) } - - /* Gets the scope of the access. */ - Scope getScope() { - exists(VariableAccess va | - va = getUnderlyingObjectAccess() and - result.getAnExpr() = va - ) - or - exists(Element e | e = getUnderlyingTypeAccess() and result = e.getParentScope()) - } - - /* Holds if a type access is generated from the template instantiation `instantionion` */ - predicate isFromTemplateInstantiation(Element instantiation) { - exists(Element access | - this = TypeAccess(_, access) and access.isFromTemplateInstantiation(instantiation) - ) - } - - predicate isCompilerGenerated() { - exists(VariableAccess va | va = getUnderlyingObjectAccess() and va.isCompilerGenerated()) - or - exists(Element e | - e = getUnderlyingTypeAccess() and - (compgenerated(underlyingElement(e)) or compgenerated(underlyingElement(e.getParentScope()))) - ) - } -} - -class CandidateDeclaration extends Declaration { - CandidateDeclaration() { - this instanceof LocalVariable - or - this instanceof GlobalOrNamespaceVariable - or - this instanceof Type and - not this instanceof ClassTemplateInstantiation and - not this instanceof TemplateParameter - } -} - -/* Gets the scopes that include all the declaration accesses for declaration `d`. */ -Scope possibleScopesForDeclaration(CandidateDeclaration d) { - forex(Scope scope, DeclarationAccess da | - da.getDeclaration() = d and - // Exclude declaration accesses that are compiler generated so we can minimize the visibility of types. - // Otherwise, for example, we cannot reduce the scope of classes with compiler generated member functions based on - // declaration accesses. - not da.isCompilerGenerated() and - not da.isFromTemplateInstantiation(_) and - scope = da.getScope() - | - result = scope.getStrictParent*() - ) and - // Limit the best scope to block statements and namespaces or control structures - (result instanceof BlockStmt or result instanceof Namespace) -} - -/* Gets the smallest scope that includes all the declaration accesses of declaration `d`. */ -Scope bestScopeForDeclarationEntry(CandidateDeclaration d, Scope currentScope) { - result = possibleScopesForDeclaration(d) and - not exists(Scope other | other = possibleScopesForDeclaration(d) | result = other.getAnAncestor()) and - currentScope.getADeclaration() = d and - result.getAnAncestor() = currentScope and - not result instanceof LoopOrSwitchBody and - not result.isGenerated() -} - -/** - * Gets a string suitable for printing a scope in an alert message, that includes an `$@` - * formatting string. - * - * This is necessary because some scopes (e.g. `Namespace`) do not have meaningful - * locations in the database and the alert message will not render the name if that is the case. - */ -string getScopeDescription(Scope s) { - if s instanceof GlobalNamespace then result = "the global namespace scope$@" else result = "$@" -} - -from CandidateDeclaration d, Scope candidateScope, Scope currentScope -where - not isExcluded(d, ScopePackage::unnecessaryExposedIdentifierDeclarationQuery()) and - candidateScope = bestScopeForDeclarationEntry(d, currentScope) and - // We can't reduce the scope if the value stored in the declaration is changed before the declared - // variable is used, because this would change the semantics of the use. - (d instanceof Variable implies not isTempVariable(d)) and - not exists(AddressOfExpr e | e.getAddressable() = d) and - // We can't reduce the scope of the declaration if its minimal scope resides inside a preprocessor - // branch directive while the current scope isn't. This can result in an incorrect program - // where a variable is used but not declared. - not exists(PreprocessorBranchDirective branch | - isStrictlyBefore(d, branch) and - branch = candidateScope.getAnEnclosingPreprocessorBranchDirective() - ) and - // We can't promote a class to a local class if it has static data members (See [class.local] paragraph 4 N3797.) - ( - (d instanceof Class and candidateScope.getStrictParent() instanceof Function) - implies - not exists(Variable member | d.(Class).getAMember() = member and member.isStatic()) - ) and - not candidateScope.isAffectedByMacro() -select d, - "The declaration " + d.getName() + " should be moved from " + getScopeDescription(currentScope) + - " into the " + getScopeDescription(candidateScope) + " too minimize its visibility.", - currentScope, "scope", candidateScope, "scope" diff --git a/cpp/autosar/test/rules/M3-4-1/UnnecessaryExposedIdentifierDeclaration.qlref b/cpp/autosar/test/rules/M3-4-1/UnnecessaryExposedIdentifierDeclaration.qlref deleted file mode 100644 index 6f6edc783a..0000000000 --- a/cpp/autosar/test/rules/M3-4-1/UnnecessaryExposedIdentifierDeclaration.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M3-4-1/UnnecessaryExposedIdentifierDeclaration.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M3-4-1/UnnecessaryExposedIdentifierDeclaration.testref b/cpp/autosar/test/rules/M3-4-1/UnnecessaryExposedIdentifierDeclaration.testref new file mode 100644 index 0000000000..f66784283e --- /dev/null +++ b/cpp/autosar/test/rules/M3-4-1/UnnecessaryExposedIdentifierDeclaration.testref @@ -0,0 +1 @@ +cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations5.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations5.qll index 884038c7c5..a5ec7f311d 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations5.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations5.qll @@ -7,7 +7,8 @@ newtype Declarations5Query = TIdentifiersDeclaredInTheSameScopeNotDistinctQuery() or TExternalObjectOrFunctionNotDeclaredInOneFileQuery() or TMissingStaticSpecifierFunctionRedeclarationCQuery() or - TMissingStaticSpecifierObjectRedeclarationCQuery() + TMissingStaticSpecifierObjectRedeclarationCQuery() or + TUnnecessaryExposedIdentifierDeclarationCQuery() predicate isDeclarations5QueryMetadata(Query query, string queryId, string ruleId) { query = @@ -41,6 +42,14 @@ predicate isDeclarations5QueryMetadata(Query query, string queryId, string ruleI // `@id` for the `missingStaticSpecifierObjectRedeclarationC` query "c/misra/missing-static-specifier-object-redeclaration-c" and ruleId = "RULE-8-8" + or + query = + // `Query` instance for the `unnecessaryExposedIdentifierDeclarationC` query + Declarations5Package::unnecessaryExposedIdentifierDeclarationCQuery() and + queryId = + // `@id` for the `unnecessaryExposedIdentifierDeclarationC` query + "c/misra/unnecessary-exposed-identifier-declaration-c" and + ruleId = "RULE-8-9" } module Declarations5Package { @@ -71,4 +80,11 @@ module Declarations5Package { // `Query` type for `missingStaticSpecifierObjectRedeclarationC` query TQueryC(TDeclarations5PackageQuery(TMissingStaticSpecifierObjectRedeclarationCQuery())) } + + Query unnecessaryExposedIdentifierDeclarationCQuery() { + //autogenerate `Query` type + result = + // `Query` type for `unnecessaryExposedIdentifierDeclarationC` query + TQueryC(TDeclarations5PackageQuery(TUnnecessaryExposedIdentifierDeclarationCQuery())) + } } diff --git a/cpp/common/src/codingstandards/cpp/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.qll b/cpp/common/src/codingstandards/cpp/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.qll new file mode 100644 index 0000000000..7006ef7b38 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.qll @@ -0,0 +1,289 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import codingstandards.cpp.Scope +import codingstandards.cpp.SideEffect +import codingstandards.cpp.sideeffect.Customizations + +class ExternalCall extends Call { + ExternalCall() { + exists(Function f | this.getTarget() = f | + not f.hasDefinition() and not f.isCompilerGenerated() + ) + } +} + +class LoopOrSwitchBody extends BlockStmt { + LoopOrSwitchBody() { + exists(Loop l | l.getStmt() = this.getParentScope*()) + or + exists(SwitchStmt ss | ss.getStmt() = this) + } +} + +/* Gets a scope for `b` that is an ancestor of `b`, but is not a loop or switch scope. */ +Scope getCandidateScope(Scope b) { + if b instanceof LoopOrSwitchBody or b instanceof ControlStructure + then result = getCandidateScope(b.getStrictParent()) + else + if b.isGenerated() + then result = b.getStrictParent() + else result = b +} + +private predicate getLocationInfo( + CandidateDeclaration d, PreprocessorBranchDirective pbd, int startline, int endline, string path1, + string path2 +) { + d.getLocation().getEndLine() = endline and + pbd.getLocation().getStartLine() = startline and + d.getFile().getAbsolutePath() = path1 and + pbd.getFile().getAbsolutePath() = path2 +} + +predicate isStrictlyBefore(CandidateDeclaration d, PreprocessorBranchDirective branch) { + exists(string path, int startLine, int endLine | + getLocationInfo(d, branch, startLine, endLine, path, path) and + endLine < startLine + ) +} + +Variable getADependentVariable(Variable v) { + exists(VariableAccess va | + va.getTarget() = result and v.getInitializer().getExpr().getAChild*() = va + ) +} + +/** + * Holds if it is assigned a value that is modified in between the declaration of `v` and a use of `v`. + */ +predicate isTempVariable(LocalVariable v) { + exists( + DeclStmt ds, VariableDeclarationEntry vde, Variable dependentVariable, Expr sideEffect, + VariableAccess va + | + v.getAnAccess() = va and + dependentVariable = getADependentVariable(v) and + exists( + BasicBlock declarationStmtBb, BasicBlock sideEffectBb, BasicBlock variableAccessBb, + int declarationStmtPos, int sideEffectPos, int variableAccessPos + | + declarationStmtBb.getNode(declarationStmtPos) = ds and + variableAccessBb.getNode(variableAccessPos) = va + | + ( + ( + sideEffect.(VariableEffect).getTarget() = dependentVariable and + if not sideEffect.getEnclosingFunction() = va.getEnclosingFunction() + then + exists(FunctionCall call | + call.getEnclosingFunction() = va.getEnclosingFunction() and + call.getTarget().calls(sideEffect.getEnclosingFunction()) and + sideEffectBb.getNode(sideEffectPos) = call + ) + else sideEffectBb.getNode(sideEffectPos) = sideEffect + ) + or + dependentVariable instanceof GlobalVariable and + sideEffect instanceof ExternalCall and + ds.getEnclosingFunction() = sideEffect.getEnclosingFunction() and + sideEffectBb.getNode(sideEffectPos) = sideEffect + ) and + ( + declarationStmtBb.getASuccessor+() = sideEffectBb + or + declarationStmtBb = sideEffectBb and declarationStmtPos < sideEffectPos + ) and + ( + sideEffectBb.getASuccessor+() = variableAccessBb + or + sideEffectBb = variableAccessBb and sideEffectPos < variableAccessPos + ) + ) and + vde.getDeclaration() = v and + ds.getDeclarationEntry(_) = vde + ) +} + +private predicate isTypeUse(Type t1, Type t2) { + t1.getUnspecifiedType() = t2 + or + t1.(PointerType).getBaseType().getUnspecifiedType() = t2 + or + t1.(ReferenceType).getBaseType().getUnspecifiedType() = t2 + or + t1.(ArrayType).getBaseType().getUnspecifiedType() = t2 +} + +newtype TDeclarationAccess = + ObjectAccess(Variable v, VariableAccess va) { va = v.getAnAccess() } or + /* Type access can be done in a declaration or an expression (e.g., static member function call) */ + TypeAccess(Type t, Element access) { + isTypeUse(access.(Variable).getUnspecifiedType(), t) + or + exists(ClassTemplateInstantiation cti | + isTypeUse(cti.getATemplateArgument(), t) and + access.(Variable).getUnspecifiedType() = cti + ) + or + exists(FunctionTemplateInstantiation fti | + isTypeUse(fti.getATemplateArgument(), t) and + fti = access + ) + or + exists(FunctionCall call, MemberFunction mf | + call = access and call.getTarget() = mf and mf.isStatic() and mf.getDeclaringType() = t + ) + or + exists(Function f | + isTypeUse(f.getType(), t) and + f = access + ) + } + +class DeclarationAccess extends TDeclarationAccess { + Location getLocation() { + exists(VariableAccess va, Variable v | this = ObjectAccess(v, va) and result = va.getLocation()) + or + exists(Element access | + this = TypeAccess(_, access) and + result = access.getLocation() + ) + } + + string toString() { + exists(Variable v | this = ObjectAccess(v, _) and result = "Object access for " + v.getName()) + or + exists(Type t | + this = TypeAccess(t, _) and + result = "Type access for " + t.getName() + ) + } + + /* Gets the declaration that is being accessed. */ + Declaration getDeclaration() { + this = ObjectAccess(result, _) + or + this = TypeAccess(result, _) + } + + /* Gets the declaration or expression that uses the type being accessed. */ + Element getUnderlyingTypeAccess() { this = TypeAccess(_, result) } + + VariableAccess getUnderlyingObjectAccess() { this = ObjectAccess(_, result) } + + /* Gets the scope of the access. */ + Scope getScope() { + exists(VariableAccess va | + va = getUnderlyingObjectAccess() and + result.getAnExpr() = va + ) + or + exists(Element e | e = getUnderlyingTypeAccess() and result = e.getParentScope()) + } + + /* Holds if a type access is generated from the template instantiation `instantionion` */ + predicate isFromTemplateInstantiation(Element instantiation) { + exists(Element access | + this = TypeAccess(_, access) and access.isFromTemplateInstantiation(instantiation) + ) + } + + predicate isCompilerGenerated() { + exists(VariableAccess va | va = getUnderlyingObjectAccess() and va.isCompilerGenerated()) + or + exists(Element e | + e = getUnderlyingTypeAccess() and + (compgenerated(underlyingElement(e)) or compgenerated(underlyingElement(e.getParentScope()))) + ) + } +} + +class CandidateDeclaration extends Declaration { + CandidateDeclaration() { + this instanceof LocalVariable + or + this instanceof GlobalOrNamespaceVariable + or + this instanceof Type and + not this instanceof ClassTemplateInstantiation and + not this instanceof TemplateParameter + } +} + +/* Gets the scopes that include all the declaration accesses for declaration `d`. */ +Scope possibleScopesForDeclaration(CandidateDeclaration d) { + forex(Scope scope, DeclarationAccess da | + da.getDeclaration() = d and + // Exclude declaration accesses that are compiler generated so we can minimize the visibility of types. + // Otherwise, for example, we cannot reduce the scope of classes with compiler generated member functions based on + // declaration accesses. + not da.isCompilerGenerated() and + not da.isFromTemplateInstantiation(_) and + scope = da.getScope() + | + result = scope.getStrictParent*() + ) and + // Limit the best scope to block statements and namespaces or control structures + (result instanceof BlockStmt or result instanceof Namespace) +} + +/* Gets the smallest scope that includes all the declaration accesses of declaration `d`. */ +Scope bestScopeForDeclarationEntry(CandidateDeclaration d, Scope currentScope) { + result = possibleScopesForDeclaration(d) and + not exists(Scope other | other = possibleScopesForDeclaration(d) | result = other.getAnAncestor()) and + currentScope.getADeclaration() = d and + result.getAnAncestor() = currentScope and + not result instanceof LoopOrSwitchBody and + not result.isGenerated() +} + +/** + * Gets a string suitable for printing a scope in an alert message, that includes an `$@` + * formatting string. + * + * This is necessary because some scopes (e.g. `Namespace`) do not have meaningful + * locations in the database and the alert message will not render the name if that is the case. + */ +string getScopeDescription(Scope s) { + if s instanceof GlobalNamespace then result = "the global namespace scope$@" else result = "$@" +} + +abstract class UnnecessaryExposedIdentifierDeclarationSharedSharedQuery extends Query { } + +Query getQuery() { result instanceof UnnecessaryExposedIdentifierDeclarationSharedSharedQuery } + +query predicate problems( + CandidateDeclaration d, string message, Scope currentScope, string msgP1, Scope candidateScope, + string msgP2 +) { + not isExcluded(d, getQuery()) and + candidateScope = bestScopeForDeclarationEntry(d, currentScope) and + // We can't reduce the scope if the value stored in the declaration is changed before the declared + // variable is used, because this would change the semantics of the use. + (d instanceof Variable implies not isTempVariable(d)) and + not exists(AddressOfExpr e | e.getAddressable() = d) and + // We can't reduce the scope of the declaration if its minimal scope resides inside a preprocessor + // branch directive while the current scope isn't. This can result in an incorrect program + // where a variable is used but not declared. + not exists(PreprocessorBranchDirective branch | + isStrictlyBefore(d, branch) and + branch = candidateScope.getAnEnclosingPreprocessorBranchDirective() + ) and + // We can't promote a class to a local class if it has static data members (See [class.local] paragraph 4 N3797.) + ( + (d instanceof Class and candidateScope.getStrictParent() instanceof Function) + implies + not exists(Variable member | d.(Class).getAMember() = member and member.isStatic()) + ) and + not candidateScope.isAffectedByMacro() and + msgP1 = "scope" and + msgP2 = "scope" and + message = + "The declaration " + d.getName() + " should be moved from " + getScopeDescription(currentScope) + + " into the " + getScopeDescription(candidateScope) + " too minimize its visibility." +} diff --git a/cpp/autosar/test/rules/M3-4-1/UnnecessaryExposedIdentifierDeclaration.expected b/cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.expected similarity index 100% rename from cpp/autosar/test/rules/M3-4-1/UnnecessaryExposedIdentifierDeclaration.expected rename to cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.expected diff --git a/cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql b/cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql new file mode 100644 index 0000000000..9914ad0b1e --- /dev/null +++ b/cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.unnecessaryexposedidentifierdeclarationshared.UnnecessaryExposedIdentifierDeclarationShared diff --git a/cpp/autosar/test/rules/M3-4-1/test.cpp b/cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/test.cpp similarity index 100% rename from cpp/autosar/test/rules/M3-4-1/test.cpp rename to cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/test.cpp diff --git a/rule_packages/c/Declarations5.json b/rule_packages/c/Declarations5.json index 2d6eeee5c2..705f72791c 100644 --- a/rule_packages/c/Declarations5.json +++ b/rule_packages/c/Declarations5.json @@ -74,6 +74,26 @@ } ], "title": "The static storage class specifier shall be used in all declarations of objects and functions that have internal linkage" + }, + "RULE-8-9": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "An identifier declared to be an object or type shall be defined in a block that minimizes its visibility to prevent any accidental use of the identifier.", + "kind": "problem", + "name": "An object should be defined at block scope if its identifier only appears in a single function", + "precision": "high", + "severity": "warning", + "short_name": "UnnecessaryExposedIdentifierDeclarationC", + "shared_implementation_short_name": "UnnecessaryExposedIdentifierDeclarationShared", + "tags": [ + "correctness" + ] + } + ], + "title": "An object should be defined at block scope if its identifier only appears in a single function" } } } \ No newline at end of file diff --git a/rule_packages/cpp/Scope.json b/rule_packages/cpp/Scope.json index 0d3abcbc0a..3b3c28067b 100644 --- a/rule_packages/cpp/Scope.json +++ b/rule_packages/cpp/Scope.json @@ -203,6 +203,7 @@ "precision": "high", "severity": "warning", "short_name": "UnnecessaryExposedIdentifierDeclaration", + "shared_implementation_short_name": "UnnecessaryExposedIdentifierDeclarationShared", "tags": [ "correctness" ] diff --git a/rules.csv b/rules.csv index a39e8610e2..d4ef15040c 100644 --- a/rules.csv +++ b/rules.csv @@ -654,7 +654,7 @@ c,MISRA-C-2012,RULE-8-5,Yes,Required,,,An external object or function shall be d c,MISRA-C-2012,RULE-8-6,Yes,Required,,,An identifier with external linkage shall have exactly one external definition,M3-2-4,Declarations,Import, c,MISRA-C-2012,RULE-8-7,Yes,Advisory,,,Functions and objects should not be defined with external linkage if they are referenced in only one translation unit,,Declarations,Medium, c,MISRA-C-2012,RULE-8-8,Yes,Required,,,The static storage class specifier shall be used in all declarations of objects and functions that have internal linkage,M3-3-2,Declarations5,Medium, -c,MISRA-C-2012,RULE-8-9,Yes,Advisory,,,An object should be defined at block scope if its identifier only appears in a single function,M3-4-1,Declarations,Medium, +c,MISRA-C-2012,RULE-8-9,Yes,Advisory,,,An object should be defined at block scope if its identifier only appears in a single function,M3-4-1,Declarations5,Medium, c,MISRA-C-2012,RULE-8-10,Yes,Required,,,An inline function shall be declared with the static storage class,,Declarations,Medium, c,MISRA-C-2012,RULE-8-11,Yes,Advisory,,,"When an array with external linkage is declared, its size should be explicitly specified",,Declarations,Medium, c,MISRA-C-2012,RULE-8-12,Yes,Required,,,"Within an enumerator list, the value of an implicitly-specified enumeration constant shall be unique",,Declarations,Medium, From 60b3115b27a970d17995a7e9217adcb1bae95304 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 30 Nov 2022 13:32:30 -0800 Subject: [PATCH 0186/2573] Apply wording suggestion from code review Co-authored-by: Robert C. Seacord --- docs/design/guideline_recategorization.md | 30 +++++++++++------------ 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/docs/design/guideline_recategorization.md b/docs/design/guideline_recategorization.md index 34a8c53022..55405f4ddd 100644 --- a/docs/design/guideline_recategorization.md +++ b/docs/design/guideline_recategorization.md @@ -30,7 +30,7 @@ The document [MISRA Compliance:2020](https://www.misra.org.uk/app/uploads/2021/0 - Required guidelines - guidelines which can only be violated when supported by a deviation. - Advisory guidelines - recommendations for which violations are identified but are not required to be supported by a deviation. -Guideline recategorization is possible by means of a Guideline Recategorization Plan (GRP). A GRP is a contract between the acquirer and supplier to determine how guidelines are applied. +Guideline recategorization is possible by means of a guideline recategorization plan (GRP). A GRP is a contract between the acquirer and supplier to determine how guidelines are applied. The GRP defines the additional category Disapplied to be used for Advisory guidelines which are to be ignored. Any other category can be recategorized into stricter categories to ensure that a guideline adheres to the associated policy. The following table summarizes the possible recategorizations. @@ -40,11 +40,11 @@ The following table summarizes the possible recategorizations. | Required | Mandatory | | Advisory | Disapplied, Required, Mandatory | -Other recategorizations, from here on denoted as invalid recategorizations, are not applied and are to be reported to the user. +Other recategorizations are invalid, not applied, and reported to the user. ## Design -Our design includes a Guideline Recategorization Plan specification, logic to apply the category policy to associated guidelines, and a SARIF result rewriter to reflect the new category in the results. +CodeQL Coding Standards includes a GRP, logic to apply the category policy to associated guidelines, and a SARIF result rewriter to reflect the new category in the results. The application of a policy will modify the behavior of a CodeQL queries implementing guidelines as follows: | Category | Effect | @@ -54,14 +54,14 @@ The application of a policy will modify the behavior of a CodeQL queries impleme | Advisory | Violations are reported unless there exists an applicable deviation. | | Disapplied | Violations are not reported. | -The SARIF rewriting will update the category of a guideline in a SARIF result file by updating the necessary tag information of a query. +The SARIF rewrite updates the guideline category in a SARIF result file by updating the query's tag information. -### Guideline Recategorization Plan specification +### Guideline Recategorization Plan -The Guideline Recategorization Plan specification will build upon the configuration specification introduced for deviations by adding the additional primary section `guideline-recategorizations` to the `codeql-standards.yml` configuration file. +The GRE builds upon the configuration specification introduced for deviations by adding the additional primary section `guideline-recategorizations` to the `codeql-standards.yml` configuration file. The `guideline-recategorizations` section will be a series of compact mappings in YAML with the keys: -- `rule-id` - the rule identifier that is recategorized. +- `rule-id` - the recategorized rule identifier. - `category` - the category assigned to the rule identified by rule-id Note: We specify the recategorization based on the rule-id instead of the query-id. This can be revised if feedback requires more fine-grained recategorization. @@ -80,9 +80,9 @@ This section discusses the implementation of the [design](#design). ### Specification and deviation -The implementation will rely on the existing rule meta-data and query exclusion mechanisms to apply policies associated with a rule’s category. +The implementation relies on the existing rule meta-data and query exclusion mechanisms to apply policies associated with a rule’s category. The rule meta-data already includes both the `query-id` and `rule-id` associated with a query and is available during query evaluation. -The rule meta-data needs to be extended with a category that contains the guideline’s category. +The rule meta-data must be extended with a category that contains the guideline’s category. For example: @@ -97,17 +97,17 @@ For example: category = “required” ``` -The category defined by the rule meta-data and the category defined in the `guideline-recategorizations` of the applicable `codeql-standards.yml` configuration file is used to determine the *effective category* of a query. +The category defined by the rule meta-data and the category defined in the `guideline-recategorizations` of the applicable `codeql-standards.yml` configuration file specifies the *effective category* of a query. The *effective category* is the category whose policy is applied during the evaluation of a query. The policy of a category dictates if a result can be deviated from and implements the effect described in the design section. The existing exclusion mechanism implemented in the predicate `isExcluded` defined in the `Exclusions.qll` library will be updated to consider the applicable policy of a guideline. -Note: This will change the behavior of deviations which will no longer have an impact on Mandatory guidelines! This, however, will only impact MISRA C rules because there are no MISRA C++ Guidelines with a Mandatory category. +Note: This changes the behavior of deviations which will no longer have an impact on Mandatory guidelines! However, this will only affect MISRA C rules because there are no MISRA C++ Guidelines with a Mandatory category. ### Specification validation -To assist users with correctly specifying a Guideline Recategorization Plan (GRP) specification we can implement two validations mechanisms that validate the specification at two different points in a GRP life cycle. -The first validation mechanism will perform syntax validation of the specification provided in the guideline-recategorizations section of a `codeql-standards.yml` configuration file and can provide feedback in any editor that supports JSON schemas published at the [JSON schema store](https://www.schemastore.org/json/). +To assist users with correctly specifying a GRP specification we can implement two validations mechanisms that validate the specification at two different points in a GRP life cycle. +The first validation mechanism performs syntax validation of the specification provided in the guideline-recategorizations section of a `codeql-standards.yml` configuration file and can provide feedback in any editor that supports JSON schemas published at the [JSON schema store](https://www.schemastore.org/json/). A schema for `codeql-standards.yml` can be extended with the definition of `guideline-category` and the property `guideline-recategorizations`: ```json @@ -151,9 +151,9 @@ A schema for `codeql-standards.yml` can be extended with the definition of `guid The second validation mechanism is the generation of a `guideline-recategorization-plan-report.md` containing alerts on semantically incorrect recategorizations. That is, possible recategorizations that are not described as valid in the introduction. -Semantically invalid recategorizations will be detected by looking at a query’s categorization and its effective categorization (i.e., its applied recategorization). +Semantically invalid recategorizations are detected by examining a query’s categorization and its effective categorization (i.e., its applied recategorization). -In addition, an update to the `deviations_report.md` report’s invalidate deviations table will provide feedback to users that apply deviations to guidelines with an effective category equal to `mandatory` which cannot be deviated from. +In addition, an update to the `deviations_report.md` report’s invalidate deviations table provides feedback to users that apply deviations to guidelines with an effective category equal to `mandatory` which cannot be deviated from. The changes to generate the new report and update the existing report will be made in the report generation script `scripts/reports/analysis_report.py`. ### SARIF rewriting From 36b466e656eadbccd3cfd967a535a7c9d95079bd Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 30 Nov 2022 13:37:20 -0800 Subject: [PATCH 0187/2573] Remove remnant of the GRP proposal Remove the note discussing the granularity options of applying a recategorization. --- docs/design/guideline_recategorization.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/docs/design/guideline_recategorization.md b/docs/design/guideline_recategorization.md index 55405f4ddd..e939d1ca1a 100644 --- a/docs/design/guideline_recategorization.md +++ b/docs/design/guideline_recategorization.md @@ -64,8 +64,6 @@ The `guideline-recategorizations` section will be a series of compact mappings i - `rule-id` - the recategorized rule identifier. - `category` - the category assigned to the rule identified by rule-id -Note: We specify the recategorization based on the rule-id instead of the query-id. This can be revised if feedback requires more fine-grained recategorization. - For example: ```yaml From 097d09189ab74c4557d7423c5a2c4ed46d694784 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 30 Nov 2022 13:38:33 -0800 Subject: [PATCH 0188/2573] Update the TOC --- docs/design/guideline_recategorization.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/design/guideline_recategorization.md b/docs/design/guideline_recategorization.md index e939d1ca1a..f59fdbd58e 100644 --- a/docs/design/guideline_recategorization.md +++ b/docs/design/guideline_recategorization.md @@ -4,7 +4,7 @@ - [Document management](#document-management) - [Introduction](#introduction) - [Design](#design) - - [Guideline Recategorization Plan specification](#guideline-recategorization-plan-specification) + - [Guideline Recategorization Plan](#guideline-recategorization-plan) - [Implementation](#implementation) - [Specification and deviation](#specification-and-deviation) - [Specification validation](#specification-validation) From bdbaa07b9736ebc5f1a4086964ef1fb103bdc067 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 30 Nov 2022 14:01:45 -0800 Subject: [PATCH 0189/2573] Update document management section --- docs/design/guideline_recategorization.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/design/guideline_recategorization.md b/docs/design/guideline_recategorization.md index f59fdbd58e..ffbf5310ef 100644 --- a/docs/design/guideline_recategorization.md +++ b/docs/design/guideline_recategorization.md @@ -19,7 +19,8 @@ | Version | Date | Author(s) | Reviewer (s) | | ------- | ---------- | --------------- | ------------ | | 0.1 | 08/10/2022 | Remco Vermeulen | \ | -| 0.2 | 10/25/2022 | Remco Vermeulen | | +| 0.2 | 10/25/2022 | Remco Vermeulen | Mauro Baludo, John Singleton | +| 0.3 | 11/30/2022 | Remco Vermeulen | Robert C. Seacord | ## Introduction From be60c7ba084e5260b917ad9e08737693f5daf5e1 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 30 Nov 2022 14:22:42 -0800 Subject: [PATCH 0190/2573] Clarify GRP for non-MISRA standards --- docs/design/guideline_recategorization.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/design/guideline_recategorization.md b/docs/design/guideline_recategorization.md index ffbf5310ef..f520869f39 100644 --- a/docs/design/guideline_recategorization.md +++ b/docs/design/guideline_recategorization.md @@ -174,4 +174,6 @@ A new SARIF file is created by applying the JSON Patch to the processed SARIF fi ## Non-MISRA standards Guideline recategorization applies to rules adhering to the MISRA categorizations. -For standards that deviate from these conventions we assume that the rules have an *effective category* equivalent to MISRA’s *required* category. +For standards that deviate from these conventions the rules have an *effective category* equivalent to MISRA’s *required* category. + +CERT rules, for example, are handled in the same way as MISRA's rules recategorized to *required*. From 4b6408670bfa83467f6dd380647ed0d66171420c Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Tue, 6 Dec 2022 12:40:16 +0100 Subject: [PATCH 0191/2573] Separate valid comparison definition --- .../DetectAndHandleStandardLibraryErrors.ql | 436 +++++++++++++----- ...ectAndHandleStandardLibraryErrors.expected | 1 + c/cert/test/rules/ERR33-C/test.c | 3 +- rule_packages/c/Contracts5.json | 10 +- 4 files changed, 326 insertions(+), 124 deletions(-) diff --git a/c/cert/src/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.ql b/c/cert/src/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.ql index b450a62caf..d7ca143519 100644 --- a/c/cert/src/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.ql +++ b/c/cert/src/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.ql @@ -16,23 +16,90 @@ import codingstandards.c.cert import semmle.code.cpp.commons.NULL import codingstandards.cpp.ReadErrorsAndEOF +ComparisonOperation getAValidComparison(string spec) { + spec = "=0" and result.(EqualityOperation).getAnOperand().getValue() = "0" + or + spec = "=NULL" and result.(EqualityOperation).getAnOperand() instanceof NULL + or + spec = "=EOF" and result.(EqualityOperation).getAnOperand() = any(EOFInvocation i).getExpr() + or + spec = "=WEOF" and result.(EqualityOperation).getAnOperand() = any(WEOFInvocation i).getExpr() + or + spec = "=thrd_error" and + result.(EqualityOperation).getAnOperand().(EnumConstantAccess).toString() = "thrd_error" + or + spec = "=thrd_nomem" and + result.(EqualityOperation).getAnOperand().(EnumConstantAccess).toString() = "thrd_nomem" + or + spec = "=thrd_timedout" and + result.(EqualityOperation).getAnOperand().(EnumConstantAccess).toString() = "thrd_timedout" + or + spec = "=thrd_busy" and + result.(EqualityOperation).getAnOperand().(EnumConstantAccess).toString() = "thrd_busy" + or + spec = "=UINTMAX_MAX" and + result.(EqualityOperation).getAnOperand() = + any(MacroInvocation i | i.getMacroName() = "UINTMAX_MAX").getExpr() + or + spec = "=ULONG_MAX" and + result.(EqualityOperation).getAnOperand() = + any(MacroInvocation i | i.getMacroName() = "ULONG_MAX").getExpr() + or + spec = "=ULLONG_MAX" and + result.(EqualityOperation).getAnOperand() = + any(MacroInvocation i | i.getMacroName() = "ULLONG_MAX").getExpr() + or + spec = "=SIG_ERR" and + result.(EqualityOperation).getAnOperand() = + any(MacroInvocation i | i.getMacroName() = "SIG_ERR").getExpr() + or + spec = "=INTMAX_MAX" and + result.(EqualityOperation).getAnOperand() = + any(MacroInvocation i | i.getMacroName() = ["INTMAX_MAX", "INTMAX_MIN"]).getExpr() + or + spec = "=LONG_MAX" and + result.(EqualityOperation).getAnOperand() = + any(MacroInvocation i | i.getMacroName() = ["LONG_MAX", "LONG_MIN"]).getExpr() + or + spec = "=LLONG_MAX" and + result.(EqualityOperation).getAnOperand() = + any(MacroInvocation i | i.getMacroName() = ["LLONG_MAX", "LLONG_MIN"]).getExpr() + or + spec = "=-1" and + result.(EqualityOperation).getAnOperand().(UnaryMinusExpr).getOperand().getValue() = "1" + or + spec = "=int" and + result.(EqualityOperation).getAnOperand().getType() instanceof IntType + or + spec = "<0" and + result.(RelationalOperation).getOperator() = ["<", ">="] and + result.(RelationalOperation).getGreaterOperand().getValue() = "0" + or + spec = "="] and + result.(RelationalOperation).getLesserOperand().getType() instanceof IntType +} + /** - * Classifies error returning function calls based on the - * type and value of the required checked + * Calls whose return value must be checked + * using an `errOperator` against `errValue` */ abstract class ExpectedErrReturn extends FunctionCall { - Expr errValue; ComparisonOperation errOperator; - Expr getErrValue() { result = errValue } - ComparisonOperation getErrOperator() { result = errOperator } } +/** + * Calls that must be checked agains `0`. + * + * example: + * ``` + * if (strftime(b, 10, "", local) == 0) { ... } + * ``` + */ class ExpectedErrReturnEqZero extends ExpectedErrReturn { ExpectedErrReturnEqZero() { - errOperator instanceof EqualityOperation and - errValue.(Literal).getValue() = "0" and this.getTarget() .hasName([ "asctime_s", "at_quick_exit", "atexit", "ctime_s", "fgetpos", "fopen_s", "freopen_s", @@ -42,12 +109,20 @@ class ExpectedErrReturnEqZero extends ExpectedErrReturn { "wcstombs_s", "wctrans", "wctype" ]) } + + override ComparisonOperation getErrOperator() { result = getAValidComparison("=0") } } +/** + * Calls that must be checked agains `NULL`. + * + * example: + * ``` + * if (aligned_alloc(0, 0) == NULL) { ... } + * ``` + */ class ExpectedErrReturnEqNull extends ExpectedErrReturn { ExpectedErrReturnEqNull() { - errOperator instanceof EqualityOperation and - errValue instanceof NULL and this.getTarget() .hasName([ "aligned_alloc", "bsearch_s", "bsearch", "calloc", "fgets", "fopen", "freopen", @@ -57,114 +132,201 @@ class ExpectedErrReturnEqNull extends ExpectedErrReturn { "wcstok_s", "wcstok", "wmemchr" ]) } + + override ComparisonOperation getErrOperator() { result = getAValidComparison("=0") } } -class ExpectedErrReturnEqEofWeof extends ExpectedErrReturn { - ExpectedErrReturnEqEofWeof() { - errOperator instanceof EqualityOperation and - ( - errValue = any(EOFInvocation i).getExpr() and - this.getTarget() - .hasName([ - "fclose", "fflush", "fputs", "fputws", "fscanf_s", "fscanf", "fwscanf_s", "fwscanf", - "scanf_s", "scanf", "sscanf_s", "sscanf", "swscanf_s", "swscanf", "ungetc", - "vfscanf_s", "vfscanf", "vfwscanf_s", "vfwscanf", "vscanf_s", "vscanf", "vsscanf_s", - "vsscanf", "vswscanf_s", "vswscanf", "vwscanf_s", "vwscanf", "wctob", "wscanf_s", - "wscanf", "fgetc", "fputc", "getc", "getchar", "putc", "putchar", "puts" - ]) - or - errValue = any(WEOFInvocation i).getExpr() and - this.getTarget() - .hasName([ - "btowc", "fgetwc", "fputwc", "getwc", "getwchar", "putwc", "ungetwc", "putwchar" - ]) - ) +/** + * Calls that must be checked agains `EOF` or `WEOF`. + * + * example: + * ``` + * if (wctob(0) == EOF) { ... } + * ``` + */ +class ExpectedErrReturnEqEof extends ExpectedErrReturn { + ExpectedErrReturnEqEof() { + this.getTarget() + .hasName([ + "fclose", "fflush", "fputs", "fputws", "fscanf_s", "fscanf", "fwscanf_s", "fwscanf", + "scanf_s", "scanf", "sscanf_s", "sscanf", "swscanf_s", "swscanf", "ungetc", "vfscanf_s", + "vfscanf", "vfwscanf_s", "vfwscanf", "vscanf_s", "vscanf", "vsscanf_s", "vsscanf", + "vswscanf_s", "vswscanf", "vwscanf_s", "vwscanf", "wctob", "wscanf_s", "wscanf", + "fgetc", "fputc", "getc", "getchar", "putc", "putchar", "puts" + ]) } + + override ComparisonOperation getErrOperator() { result = getAValidComparison("=EOF") } } -class ExpectedErrReturnEqEnumConstant extends ExpectedErrReturn { - ExpectedErrReturnEqEnumConstant() { - errOperator instanceof EqualityOperation and - ( - errValue = any(EnumConstantAccess i | i.toString() = "thrd_error") and - this.getTarget() - .hasName([ - "cnd_broadcast", "cnd_init", "cnd_signal", "cnd_timedwait", "cnd_wait", "mtx_init", - "mtx_lock", "mtx_timedlock", "mtx_trylock", "mtx_unlock", "thrd_create", - "thrd_detach", "thrd_join", "tss_create", "tss_set" - ]) - or - errValue = any(EnumConstantAccess i | i.toString() = "thrd_nomem") and - this.getTarget().hasName(["cnd_init", "thrd_create"]) - or - errValue = any(EnumConstantAccess i | i.toString() = "thrd_timedout") and - this.getTarget().hasName(["cnd_timedwait", "mtx_timedlock"]) - or - errValue = any(EnumConstantAccess i | i.toString() = "thrd_busy") and - this.getTarget().hasName(["mtx_trylock"]) - ) +/** + * Calls that must be checked agains`WEOF`. + * + * example: + * ``` + * if (btowc(0) == WEOF) { ... } + * ``` + */ +class ExpectedErrReturnEqWeof extends ExpectedErrReturn { + ExpectedErrReturnEqWeof() { + this.getTarget() + .hasName(["btowc", "fgetwc", "fputwc", "getwc", "getwchar", "putwc", "ungetwc", "putwchar"]) } + + override ComparisonOperation getErrOperator() { result = getAValidComparison("=WEOF") } } -class ExpectedErrReturnEqMacroInvocation extends ExpectedErrReturn { - ExpectedErrReturnEqMacroInvocation() { - errOperator instanceof EqualityOperation and - ( - errValue = any(MacroInvocation i | i.getMacroName() = "UINTMAX_MAX").getExpr() and - this.getTarget().hasName(["strtoumax", "wcstoumax"]) - or - errValue = any(MacroInvocation i | i.getMacroName() = "ULONG_MAX").getExpr() and - this.getTarget().hasName(["strtoul", "wcstoul"]) - or - errValue = any(MacroInvocation i | i.getMacroName() = "ULLONG_MAX").getExpr() and - this.getTarget().hasName(["strtoull", "wcstoull"]) - or - errValue = any(MacroInvocation i | i.getMacroName() = "SIG_ERR").getExpr() and - this.getTarget().hasName(["signal"]) - or - errValue = any(MacroInvocation i | i.getMacroName() = ["INTMAX_MAX", "INTMAX_MIN"]).getExpr() and - this.getTarget().hasName(["strtoimax", "wcstoimax"]) - or - errValue = any(MacroInvocation i | i.getMacroName() = ["LONG_MAX", "LONG_MIN"]).getExpr() and - this.getTarget().hasName(["strtol", "wcstol"]) - or - errValue = any(MacroInvocation i | i.getMacroName() = ["LLONG_MAX", "LLONG_MIN"]).getExpr() and - this.getTarget().hasName(["strtoll", "wcstoll"]) - ) +/** + * Calls that must be checked agains an enun constant. + * + * example: + * ``` + * if (cnd_broadcast(&q) == thrd_error) { ... } + * ``` + */ +class ExpectedErrReturnEqEnumConstant_thrd_error extends ExpectedErrReturn { + ExpectedErrReturnEqEnumConstant_thrd_error() { + this.getTarget() + .hasName([ + "cnd_broadcast", "cnd_init", "cnd_signal", "cnd_timedwait", "cnd_wait", "mtx_init", + "mtx_lock", "mtx_timedlock", "mtx_trylock", "mtx_unlock", "thrd_create", "thrd_detach", + "thrd_join", "tss_create", "tss_set" + ]) } + + override ComparisonOperation getErrOperator() { result = getAValidComparison("=thrd_error") } } +class ExpectedErrReturnEqEnumConstant_thrd_nomem extends ExpectedErrReturn { + ExpectedErrReturnEqEnumConstant_thrd_nomem() { + this.getTarget().hasName(["cnd_init", "thrd_create"]) + } + + override ComparisonOperation getErrOperator() { result = getAValidComparison("=thrd_nomem") } +} + +class ExpectedErrReturnEqEnumConstant_thrd_timedout extends ExpectedErrReturn { + ExpectedErrReturnEqEnumConstant_thrd_timedout() { + this.getTarget().hasName(["cnd_timedwait", "mtx_timedlock"]) + } + + override ComparisonOperation getErrOperator() { result = getAValidComparison("=thrd_timedout") } +} + +class ExpectedErrReturnEqEnumConstant_thrd_busy extends ExpectedErrReturn { + ExpectedErrReturnEqEnumConstant_thrd_busy() { this.getTarget().hasName(["mtx_trylock"]) } + + override ComparisonOperation getErrOperator() { result = getAValidComparison("=thrd_busy") } +} + +/** + * Calls that must be checked agains a macro. + * + * example: + * ``` + * if (strtoumax(str, &endptr, 0) == UINTMAX_MAX) { ... } + * ``` + */ +class ExpectedErrReturnEqMacroInvocation_UINTMAX_MAX extends ExpectedErrReturn { + ExpectedErrReturnEqMacroInvocation_UINTMAX_MAX() { + this.getTarget().hasName(["strtoumax", "wcstoumax"]) + } + + override ComparisonOperation getErrOperator() { result = getAValidComparison("=UINTMAX_MAX") } +} + +class ExpectedErrReturnEqMacroInvocation_ULONG_MAX extends ExpectedErrReturn { + ExpectedErrReturnEqMacroInvocation_ULONG_MAX() { + this.getTarget().hasName(["strtoul", "wcstoul"]) + } + + override ComparisonOperation getErrOperator() { result = getAValidComparison("=ULONG_MAX") } +} + +class ExpectedErrReturnEqMacroInvocation_ULLONG_MAX extends ExpectedErrReturn { + ExpectedErrReturnEqMacroInvocation_ULLONG_MAX() { + this.getTarget().hasName(["strtoull", "wcstoull"]) + } + + override ComparisonOperation getErrOperator() { result = getAValidComparison("=ULLONG_MAX") } +} + +class ExpectedErrReturnEqMacroInvocation_SIG_ERR extends ExpectedErrReturn { + ExpectedErrReturnEqMacroInvocation_SIG_ERR() { this.getTarget().hasName(["signal"]) } + + override ComparisonOperation getErrOperator() { result = getAValidComparison("=SIG_ERR") } +} + +class ExpectedErrReturnEqMacroInvocation_INTMAX_MAX extends ExpectedErrReturn { + ExpectedErrReturnEqMacroInvocation_INTMAX_MAX() { + this.getTarget().hasName(["strtoimax", "wcstoimax"]) + } + + override ComparisonOperation getErrOperator() { result = getAValidComparison("=INTMAX_MAX") } +} + +class ExpectedErrReturnEqMacroInvocation_LONG_MAX extends ExpectedErrReturn { + ExpectedErrReturnEqMacroInvocation_LONG_MAX() { this.getTarget().hasName(["strtol", "wcstol"]) } + + override ComparisonOperation getErrOperator() { result = getAValidComparison("=LONG_MAX") } +} + +class ExpectedErrReturnEqMacroInvocation_LLONG_MAX extends ExpectedErrReturn { + ExpectedErrReturnEqMacroInvocation_LLONG_MAX() { + this.getTarget().hasName(["strtoll", "wcstoll"]) + } + + override ComparisonOperation getErrOperator() { result = getAValidComparison("=LLONG_MAX") } +} + +/** + * Calls that must be checked agains `-1`. + * + * example: + * ``` + * if (clock() == (clock_t)(-1)) { ... } + * ``` + */ class ExpectedErrReturnEqMinusOne extends ExpectedErrReturn { ExpectedErrReturnEqMinusOne() { - errOperator instanceof EqualityOperation and - ( - errValue.(UnaryMinusExpr).getOperand().(Literal).getValue() = "1" and - this.getTarget() - .hasName([ - "c16rtomb", "c32rtomb", "clock", "ftell", "mbrtoc16", "mbrtoc32", "mbsrtowcs", - "mbstowcs", "mktime", "time", "wcrtomb", "wcsrtombs", "wcstombs" - ]) - or - // functions that behave differently when the first argument is NULL - errValue.(UnaryMinusExpr).getOperand().(Literal).getValue() = "1" and - not this.getArgument(0) instanceof NULL and - this.getTarget().hasName(["mblen", "mbrlen", "mbrtowc", "mbtowc", "wctomb_s", "wctomb"]) - ) + this.getTarget() + .hasName([ + "c16rtomb", "c32rtomb", "clock", "ftell", "mbrtoc16", "mbrtoc32", "mbsrtowcs", + "mbstowcs", "mktime", "time", "wcrtomb", "wcsrtombs", "wcstombs" + ]) + or + // functions that behave differently when the first argument is NULL + not this.getArgument(0) instanceof NULL and + this.getTarget().hasName(["mblen", "mbrlen", "mbrtowc", "mbtowc", "wctomb_s", "wctomb"]) } + + override ComparisonOperation getErrOperator() { result = getAValidComparison("=-1") } } +/** + * Calls that must be checked agains an integer value. + * + * example: + * ``` + * if (fread(b, sizeof *b, SIZE, fp) == SIZE) { ... } + * ``` + */ class ExpectedErrReturnEqInt extends ExpectedErrReturn { - ExpectedErrReturnEqInt() { - errOperator instanceof EqualityOperation and - errValue.getType() instanceof IntType and - this.getTarget().hasName(["fread", "fwrite"]) - } + ExpectedErrReturnEqInt() { this.getTarget().hasName(["fread", "fwrite"]) } + + override ComparisonOperation getErrOperator() { result = getAValidComparison("=int") } } +/** + * Calls that must be compared to `0`. + * + * example: + * ``` + * if (snprintf(NULL, 0, fmt, sqrt(2) >= 0) { ... } + * ``` + */ class ExpectedErrReturnLtZero extends ExpectedErrReturn { ExpectedErrReturnLtZero() { - errOperator.getOperator() = ["<", ">="] and - errValue.(Literal).getValue() = "0" and this.getTarget() .hasName([ "fprintf_s", "fprintf", "fwprintf_s", "fwprintf", "printf_s", "snprintf_s", "snprintf", @@ -174,20 +336,34 @@ class ExpectedErrReturnLtZero extends ExpectedErrReturn { "printf", "vprintf", "wprintf", "vwprintf" ]) } + + override ComparisonOperation getErrOperator() { result = getAValidComparison("<0") } } +/** + * Calls that must be compared to an integer value. + * + * example: + * ``` + * if (strxfrm(out, in, sizeof out) >= 10) { ... } + * ``` + */ class ExpectedErrReturnLtInt extends ExpectedErrReturn { - ExpectedErrReturnLtInt() { - errOperator.getOperator() = ["<", ">="] and - errValue.getType() instanceof IntType and - this.getTarget().hasName(["strxfrm", "wcsxfrm"]) - } + ExpectedErrReturnLtInt() { this.getTarget().hasName(["strxfrm", "wcsxfrm"]) } + + override ComparisonOperation getErrOperator() { result = getAValidComparison("="] and - errValue = any(Expr e) and this.getTarget() .hasName([ "kill_dependency", "memcpy", "wmemcpy", "memmove", "wmemmove", "strcpy", "wcscpy", @@ -197,10 +373,17 @@ class ExpectedErrReturnNA extends ExpectedErrReturn { } /** - * calls that can be verified using ferror() && feof() + * Calls not checked using ferror() && feof() + * + * example: + * ``` + * do { + * getchar(); // COMPLIANT + * } while ((!feof(stdin) && !ferror(stdin))); + * ``` */ -class FerrorFeofException extends FunctionCall { - FerrorFeofException() { +class MissingFerrorFeof extends FunctionCall { + MissingFerrorFeof() { this.getTarget().hasName(["fgetc", "fgetwc", "getc", "getchar"]) implies missingFeofFerrorChecks(this) @@ -208,10 +391,17 @@ class FerrorFeofException extends FunctionCall { } /** - * calls that can be verified using ferror() + * Calls not checked using ferror() + * + * example: + * ``` + * do { + * fputc(0, f); + * } while (!ferror(f)); + * ``` */ -class FerrorException extends FunctionCall { - FerrorException() { +class MissingFerror extends FunctionCall { + MissingFerror() { this.getTarget().hasName(["fputc", "putc"]) implies this.getEnclosingFunction() = ferrorNotchecked(this) @@ -219,10 +409,14 @@ class FerrorException extends FunctionCall { } /** - * ERR33-C-EX1: calls that must not be verified if cast to `void` + * ERR33-C-EX1: calls that are not cast to `void` + * + * ``` + * (void)putchar('C'); + * ``` */ -class VoidCastException extends FunctionCall { - VoidCastException() { +class MissingVoidCast extends FunctionCall { + MissingVoidCast() { this.getTarget() .hasName([ "putchar", "putwchar", "puts", "printf", "vprintf", "wprintf", "vwprintf", @@ -254,22 +448,22 @@ ControlFlowNode ferrorNotchecked(FileWriteFunctionCall write) { from ExpectedErrReturn err where not isExcluded(err, Contracts5Package::detectAndHandleStandardLibraryErrorsQuery()) and - // calls that must be verified using the return value + // Function calls were the return value is not checked not exists(ComparisonOperation op | DataFlow::localExprFlow(err, op.getAnOperand()) and op = err.getErrOperator() and - op.getAnOperand() = err.getErrValue() and - // special case for function `realloc` where the returned pointer - // should not be invalidated + // special case for function `realloc`: + // the returned pointer should not be invalidated + // `p = realloc(p, n);` // NON_COMPLIANT + // `if (p == NULL) { ... }` not ( err.getTarget().hasName("realloc") and op.getAnOperand().(VariableAccess).getTarget() = err.getArgument(0).(VariableAccess).getTarget() ) ) and - // ERR33-C-EX1: calls for which it is acceptable - // to ignore the return value - err instanceof FerrorFeofException and - err instanceof FerrorException and - err instanceof VoidCastException + // Functions that could potentially be checked differently + err instanceof MissingFerrorFeof and + err instanceof MissingFerror and + err instanceof MissingVoidCast select err, "Missing error detection for the call to function `" + err.getTarget() + "`." diff --git a/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected b/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected index 6b9c16974c..fbcc44b856 100644 --- a/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected +++ b/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected @@ -10,3 +10,4 @@ | test.c:80:3:80:7 | call to mblen | Missing error detection for the call to function `mblen`. | | test.c:97:5:97:9 | call to fputc | Missing error detection for the call to function `fputc`. | | test.c:105:5:105:11 | call to getchar | Missing error detection for the call to function `getchar`. | +| test.c:127:7:127:14 | call to strtoull | Missing error detection for the call to function `strtoull`. | diff --git a/c/cert/test/rules/ERR33-C/test.c b/c/cert/test/rules/ERR33-C/test.c index a8e8ab1ffc..fff7a53529 100644 --- a/c/cert/test/rules/ERR33-C/test.c +++ b/c/cert/test/rules/ERR33-C/test.c @@ -124,7 +124,8 @@ void f4() { char *endptr; if (strtoumax("", &endptr, 0) == UINTMAX_MAX) { // COMPLIANT } - if (strtoull("", &endptr, 0) == ULLONG_MAX) { // COMPLIANT + if (strtoull("", &endptr, 0) == ULONG_MAX) { // NON_COMPLIANT + // =ULLONG_MAX not present in the test DB } if (strtoul("", &endptr, 0) == ULONG_MAX) { // COMPLIANT } diff --git a/rule_packages/c/Contracts5.json b/rule_packages/c/Contracts5.json index b76450d8bb..1032e0546e 100644 --- a/rule_packages/c/Contracts5.json +++ b/rule_packages/c/Contracts5.json @@ -11,7 +11,10 @@ "precision": "high", "severity": "error", "short_name": "DoNotRelyOnIndeterminateValuesOfErrno", - "tags": ["correctness"] + "tags": ["correctness"], + "implementation_scope": { + "description": "The rule is enforced in the context of a single function." + } }], "title": "Do not rely on indeterminate values of errno" }, @@ -26,7 +29,10 @@ "precision": "high", "severity": "error", "short_name": "DetectAndHandleStandardLibraryErrors", - "tags": ["correctness"] + "tags": ["correctness"], + "implementation_scope": { + "description": "The rule is enforced in the context of a single function." + } }], "title": "Detect and handle standard library errors" } From af13e6f8f9064d16ec158a7dbd8e2d3bb0182b55 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Tue, 6 Dec 2022 12:47:32 +0100 Subject: [PATCH 0192/2573] Update metadata --- .../rules/ERR33-C/DetectAndHandleStandardLibraryErrors.md | 2 +- c/cert/test/rules/ERR33-C/test.c | 2 +- .../src/codingstandards/cpp/exclusions/c/Contracts5.qll | 8 +++++--- .../src/codingstandards/cpp/exclusions/c/RuleMetadata.qll | 2 +- 4 files changed, 8 insertions(+), 6 deletions(-) diff --git a/c/cert/src/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.md b/c/cert/src/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.md index 6803f83290..64c7d0a7f0 100644 --- a/c/cert/src/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.md +++ b/c/cert/src/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.md @@ -372,7 +372,7 @@ Independent( ERR33-C, POS54-C, FLP32-C, ERR34-C) Intersection( CWE-252, CWE-253) ## Implementation notes -None +The rule is enforced in the context of a single function. ## References diff --git a/c/cert/test/rules/ERR33-C/test.c b/c/cert/test/rules/ERR33-C/test.c index fff7a53529..09bd83600c 100644 --- a/c/cert/test/rules/ERR33-C/test.c +++ b/c/cert/test/rules/ERR33-C/test.c @@ -125,7 +125,7 @@ void f4() { if (strtoumax("", &endptr, 0) == UINTMAX_MAX) { // COMPLIANT } if (strtoull("", &endptr, 0) == ULONG_MAX) { // NON_COMPLIANT - // =ULLONG_MAX not present in the test DB + // =ULLONG_MAX not present in the test DB } if (strtoul("", &endptr, 0) == ULONG_MAX) { // COMPLIANT } diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts5.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts5.qll index 6a3ca2126f..53daab0105 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts5.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts5.qll @@ -7,14 +7,15 @@ newtype Contracts5Query = TDoNotRelyOnIndeterminateValuesOfErrnoQuery() or TDetectAndHandleStandardLibraryErrorsQuery() -predicate isContracts5QueryMetadata(Query query, string queryId, string ruleId) { +predicate isContracts5QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `doNotRelyOnIndeterminateValuesOfErrno` query Contracts5Package::doNotRelyOnIndeterminateValuesOfErrnoQuery() and queryId = // `@id` for the `doNotRelyOnIndeterminateValuesOfErrno` query "c/cert/do-not-rely-on-indeterminate-values-of-errno" and - ruleId = "ERR32-C" + ruleId = "ERR32-C" and + category = "rule" or query = // `Query` instance for the `detectAndHandleStandardLibraryErrors` query @@ -22,7 +23,8 @@ predicate isContracts5QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `detectAndHandleStandardLibraryErrors` query "c/cert/detect-and-handle-standard-library-errors" and - ruleId = "ERR33-C" + ruleId = "ERR33-C" and + category = "rule" } module Contracts5Package { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index 01c4d0321a..43266f23c5 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -90,7 +90,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isContracts2QueryMetadata(query, queryId, ruleId, category) or isContracts3QueryMetadata(query, queryId, ruleId, category) or isContracts4QueryMetadata(query, queryId, ruleId, category) or - isContracts5QueryMetadata(query, queryId, ruleId) or + isContracts5QueryMetadata(query, queryId, ruleId, category) or isDeclarations1QueryMetadata(query, queryId, ruleId, category) or isDeclarations2QueryMetadata(query, queryId, ruleId, category) or isDeclarations3QueryMetadata(query, queryId, ruleId, category) or From b3f8d13fbb5022c0485eedc85a62d439e7d16b21 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Tue, 6 Dec 2022 16:24:27 +0100 Subject: [PATCH 0193/2573] C++: Pull in the latest version of `TaintedPath.ql` from CodeQL --- .../DoNotPerformFileOperationsOnDevices.ql | 94 ++++++++++++++++--- ...NotPerformFileOperationsOnDevices.expected | 26 +---- 2 files changed, 86 insertions(+), 34 deletions(-) diff --git a/c/cert/src/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.ql b/c/cert/src/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.ql index 2d16b2ffea..8906e01b8c 100644 --- a/c/cert/src/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.ql +++ b/c/cert/src/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.ql @@ -12,11 +12,11 @@ */ import cpp -import codingstandards.c.cert import semmle.code.cpp.security.FunctionWithWrappers import semmle.code.cpp.security.Security -import semmle.code.cpp.security.TaintTracking -import TaintedWithPath +import semmle.code.cpp.ir.IR +import semmle.code.cpp.ir.dataflow.TaintTracking +import DataFlow::PathGraph // Query TaintedPath.ql from the CodeQL standard library /** @@ -45,20 +45,92 @@ class FileFunction extends FunctionWithWrappers { override predicate interestingArg(int arg) { arg = 0 } } -class TaintedPathConfiguration extends TaintTrackingConfiguration { - override predicate isSink(Element tainted) { - exists(FileFunction fileFunction | fileFunction.outermostWrapperFunctionCall(tainted, _)) +Expr asSourceExpr(DataFlow::Node node) { + result = node.asConvertedExpr() + or + result = node.asDefiningArgument() +} + +Expr asSinkExpr(DataFlow::Node node) { + result = + node.asOperand() + .(SideEffectOperand) + .getUse() + .(ReadSideEffectInstruction) + .getArgumentDef() + .getUnconvertedResultExpression() +} + +/** + * Holds for a variable that has any kind of upper-bound check anywhere in the program. + * This is biased towards being inclusive and being a coarse overapproximation because + * there are a lot of valid ways of doing an upper bounds checks if we don't consider + * where it occurs, for example: + * ```cpp + * if (x < 10) { sink(x); } + * + * if (10 > y) { sink(y); } + * + * if (z > 10) { z = 10; } + * sink(z); + * ``` + */ +predicate hasUpperBoundsCheck(Variable var) { + exists(RelationalOperation oper, VariableAccess access | + oper.getAnOperand() = access and + access.getTarget() = var and + // Comparing to 0 is not an upper bound check + not oper.getAnOperand().getValue() = "0" + ) +} + +class TaintedPathConfiguration extends TaintTracking::Configuration { + TaintedPathConfiguration() { this = "TaintedPathConfiguration" } + + override predicate isSource(DataFlow::Node node) { isUserInput(asSourceExpr(node), _) } + + override predicate isSink(DataFlow::Node node) { + exists(FileFunction fileFunction | + fileFunction.outermostWrapperFunctionCall(asSinkExpr(node), _) + ) + } + + override predicate isSanitizerIn(DataFlow::Node node) { this.isSource(node) } + + override predicate isSanitizer(DataFlow::Node node) { + node.asExpr().(Call).getTarget().getUnspecifiedType() instanceof ArithmeticType + or + exists(LoadInstruction load, Variable checkedVar | + load = node.asInstruction() and + checkedVar = load.getSourceAddress().(VariableAddressInstruction).getAstVariable() and + hasUpperBoundsCheck(checkedVar) + ) + } + + predicate hasFilteredFlowPath(DataFlow::PathNode source, DataFlow::PathNode sink) { + this.hasFlowPath(source, sink) and + // The use of `isUserInput` in `isSink` in combination with `asSourceExpr` causes + // duplicate results. Filter these duplicates. The proper solution is to switch to + // using `LocalFlowSource` and `RemoteFlowSource`, but this currently only supports + // a subset of the cases supported by `isUserInput`. + not exists(DataFlow::PathNode source2 | + this.hasFlowPath(source2, sink) and + asSourceExpr(source.getNode()) = asSourceExpr(source2.getNode()) + | + not exists(source.getNode().asConvertedExpr()) and exists(source2.getNode().asConvertedExpr()) + ) } } from - FileFunction fileFunction, Expr taintedArg, Expr taintSource, PathNode sourceNode, - PathNode sinkNode, string taintCause, string callChain + FileFunction fileFunction, Expr taintedArg, Expr taintSource, TaintedPathConfiguration cfg, + DataFlow::PathNode sourceNode, DataFlow::PathNode sinkNode, string taintCause, string callChain where - not isExcluded(taintedArg, IO3Package::doNotPerformFileOperationsOnDevicesQuery()) and + taintedArg = asSinkExpr(sinkNode.getNode()) and fileFunction.outermostWrapperFunctionCall(taintedArg, callChain) and - taintedWithPath(taintSource, taintedArg, sourceNode, sinkNode) and + cfg.hasFilteredFlowPath(sourceNode, sinkNode) and + taintSource = asSourceExpr(sourceNode.getNode()) and isUserInput(taintSource, taintCause) select taintedArg, sourceNode, sinkNode, - "This argument to a file access function is derived from $@ and then passed to " + callChain, + "This argument to a file access function is derived from $@ and then passed to " + callChain + ".", taintSource, "user input (" + taintCause + ")" diff --git a/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected b/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected index b4852b09e7..b4f07d6ca8 100644 --- a/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected +++ b/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected @@ -1,36 +1,16 @@ edges -| test.c:20:15:20:23 | array to pointer conversion | test.c:21:8:21:16 | (const char *)... | -| test.c:20:15:20:23 | array to pointer conversion | test.c:21:8:21:16 | file_name | -| test.c:20:15:20:23 | array to pointer conversion | test.c:21:8:21:16 | file_name indirection | -| test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | (const char *)... | -| test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | file_name | | test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | file_name indirection | -| test.c:20:15:20:23 | scanf output argument | test.c:21:8:21:16 | (const char *)... | -| test.c:20:15:20:23 | scanf output argument | test.c:21:8:21:16 | file_name | | test.c:20:15:20:23 | scanf output argument | test.c:21:8:21:16 | file_name indirection | -| test.c:45:15:45:23 | array to pointer conversion | test.c:46:29:46:37 | (LPCTSTR)... | -| test.c:45:15:45:23 | array to pointer conversion | test.c:46:29:46:37 | file_name | -| test.c:45:15:45:23 | array to pointer conversion | test.c:46:29:46:37 | file_name indirection | -| test.c:45:15:45:23 | file_name | test.c:46:29:46:37 | (LPCTSTR)... | -| test.c:45:15:45:23 | file_name | test.c:46:29:46:37 | file_name | | test.c:45:15:45:23 | file_name | test.c:46:29:46:37 | file_name indirection | -| test.c:45:15:45:23 | scanf output argument | test.c:46:29:46:37 | (LPCTSTR)... | -| test.c:45:15:45:23 | scanf output argument | test.c:46:29:46:37 | file_name | | test.c:45:15:45:23 | scanf output argument | test.c:46:29:46:37 | file_name indirection | -subpaths nodes -| test.c:20:15:20:23 | array to pointer conversion | semmle.label | array to pointer conversion | | test.c:20:15:20:23 | file_name | semmle.label | file_name | | test.c:20:15:20:23 | scanf output argument | semmle.label | scanf output argument | -| test.c:21:8:21:16 | (const char *)... | semmle.label | (const char *)... | -| test.c:21:8:21:16 | file_name | semmle.label | file_name | | test.c:21:8:21:16 | file_name indirection | semmle.label | file_name indirection | -| test.c:45:15:45:23 | array to pointer conversion | semmle.label | array to pointer conversion | | test.c:45:15:45:23 | file_name | semmle.label | file_name | | test.c:45:15:45:23 | scanf output argument | semmle.label | scanf output argument | -| test.c:46:29:46:37 | (LPCTSTR)... | semmle.label | (LPCTSTR)... | -| test.c:46:29:46:37 | file_name | semmle.label | file_name | | test.c:46:29:46:37 | file_name indirection | semmle.label | file_name indirection | +subpaths #select -| test.c:21:8:21:16 | file_name | test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | file_name | This argument to a file access function is derived from $@ and then passed to func(file_name), which calls fopen((unnamed parameter 0)) | test.c:20:15:20:23 | file_name | user input (scanf) | -| test.c:46:29:46:37 | file_name | test.c:45:15:45:23 | file_name | test.c:46:29:46:37 | file_name | This argument to a file access function is derived from $@ and then passed to CreateFile(lpFileName) | test.c:45:15:45:23 | file_name | user input (scanf) | +| test.c:21:8:21:16 | file_name | test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | file_name indirection | This argument to a file access function is derived from $@ and then passed to func(file_name), which calls fopen((unnamed parameter 0)). | test.c:20:15:20:23 | file_name | user input (scanf) | +| test.c:46:29:46:37 | file_name | test.c:45:15:45:23 | file_name | test.c:46:29:46:37 | file_name indirection | This argument to a file access function is derived from $@ and then passed to CreateFile(lpFileName). | test.c:45:15:45:23 | file_name | user input (scanf) | From 0a7696c2094f5d119c64b61a43c15a445f1bdb07 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Tue, 6 Dec 2022 17:13:10 +0100 Subject: [PATCH 0194/2573] Add change note --- change_notes/2022-12-06-remove-use-of-default-taint-tracking.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 change_notes/2022-12-06-remove-use-of-default-taint-tracking.md diff --git a/change_notes/2022-12-06-remove-use-of-default-taint-tracking.md b/change_notes/2022-12-06-remove-use-of-default-taint-tracking.md new file mode 100644 index 0000000000..2f0c6706fc --- /dev/null +++ b/change_notes/2022-12-06-remove-use-of-default-taint-tracking.md @@ -0,0 +1,2 @@ + - `FIO32-C` - `DoNotPerformFileOperationsOnDevices.ql`: + - The query was rewritten to no longer depend of the `DefaultTaintTracking` library, which will be deprecated. From f29b89be531891f323504fc5b6082ec69706f4bc Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Tue, 6 Dec 2022 17:16:37 +0100 Subject: [PATCH 0195/2573] Add back coding standards specific changes --- c/cert/src/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.ql | 2 ++ 1 file changed, 2 insertions(+) diff --git a/c/cert/src/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.ql b/c/cert/src/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.ql index 8906e01b8c..88cc11ef80 100644 --- a/c/cert/src/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.ql +++ b/c/cert/src/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.ql @@ -12,6 +12,7 @@ */ import cpp +import codingstandards.c.cert import semmle.code.cpp.security.FunctionWithWrappers import semmle.code.cpp.security.Security import semmle.code.cpp.ir.IR @@ -126,6 +127,7 @@ from FileFunction fileFunction, Expr taintedArg, Expr taintSource, TaintedPathConfiguration cfg, DataFlow::PathNode sourceNode, DataFlow::PathNode sinkNode, string taintCause, string callChain where + not isExcluded(taintedArg, IO3Package::doNotPerformFileOperationsOnDevicesQuery()) and taintedArg = asSinkExpr(sinkNode.getNode()) and fileFunction.outermostWrapperFunctionCall(taintedArg, callChain) and cfg.hasFilteredFlowPath(sourceNode, sinkNode) and From d16077dbaf9d7daa41bb9022e32625798ffa3cf1 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Tue, 6 Dec 2022 18:48:15 +0100 Subject: [PATCH 0196/2573] Exclude handlers that terminate the execution on `SIG_ERR` --- .../DoNotRelyOnIndeterminateValuesOfErrno.md | 2 +- .../DoNotRelyOnIndeterminateValuesOfErrno.ql | 52 +++++++++++++++---- ...tRelyOnIndeterminateValuesOfErrno.expected | 8 +-- c/cert/test/rules/ERR32-C/test.c | 23 +++++--- 4 files changed, 64 insertions(+), 21 deletions(-) diff --git a/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.md b/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.md index c4260a3337..614bc9a5f4 100644 --- a/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.md +++ b/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.md @@ -200,7 +200,7 @@ Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+D ## Implementation notes -None +The rule is enforced in the context of a single function. ## References diff --git a/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql b/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql index 3fec9d0836..480f609d92 100644 --- a/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql +++ b/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql @@ -13,13 +13,35 @@ import cpp import codingstandards.c.cert import codingstandards.c.Errno +import semmle.code.cpp.controlflow.Guards class SignalCall extends FunctionCall { SignalCall() { this.getTarget().hasGlobalName("signal") } } /** - * Models signal handlers that call signal() + * A check on `signal` call return value + * `if (signal(SIGINT, handler) == SIG_ERR)` + */ +class SignalCheckOperation extends EqualityOperation, GuardCondition { + ControlFlowNode errorSuccessor; + + SignalCheckOperation() { + this.getAnOperand() = any(MacroInvocation m | m.getMacroName() = "SIG_ERR").getExpr() and + ( + this.getOperator() = "==" and + this.controls(errorSuccessor, true) + or + this.getOperator() = "!=" and + this.controls(errorSuccessor, false) + ) + } + + ControlFlowNode getErrorSuccessor() { result = errorSuccessor } +} + +/** + * Models signal handlers that call signal() and return */ class SignalCallingHandler extends Function { SignalCall sh; @@ -27,8 +49,18 @@ class SignalCallingHandler extends Function { SignalCallingHandler() { // is a signal handler this = sh.getArgument(1).(FunctionAccess).getTarget() and - // calls signal() - this.calls*(any(SignalCall c).getTarget()) + // calls signal() on the handled signal + exists(SignalCall sCall | + sCall.getEnclosingFunction() = this and + DataFlow::localFlow(DataFlow::parameterNode(this.getParameter(0)), + DataFlow::exprNode(sCall.getArgument(0))) and + // does not abort on error + not exists(SignalCheckOperation sCheck, FunctionCall abort | + DataFlow::localExprFlow(sCall, sCheck.getAnOperand()) and + abort.getTarget().hasGlobalName(["abort", "_Exit"]) and + abort.getEnclosingElement*() = sCheck.getErrorSuccessor() + ) + ) } SignalCall getHandler() { result = sh } @@ -37,14 +69,12 @@ class SignalCallingHandler extends Function { from ErrnoRead errno, SignalCall h where not isExcluded(errno, Contracts5Package::doNotRelyOnIndeterminateValuesOfErrnoQuery()) and - // errno read in the handler - exists(SignalCallingHandler sc | + exists(SignalCallingHandler sc | sc.getHandler() = h | + // errno read in the handler + sc.calls*(errno.getEnclosingFunction()) + or + // errno is read after the handle returns sc.getHandler() = h and - ( - sc.calls*(errno.getEnclosingFunction()) - or - // errno is read after the handle - errno.(ControlFlowNode).getAPredecessor+() = sc.getHandler() - ) + errno.getAPredecessor+() = h ) select errno, "`errno` has indeterminate value after this $@.", h, h.toString() diff --git a/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected b/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected index 94131729b2..2f8df8eaf7 100644 --- a/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected +++ b/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected @@ -1,3 +1,5 @@ -| test.c:12:5:12:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:32:21:32:26 | call to signal | call to signal | -| test.c:26:3:26:8 | call to perror | `errno` has indeterminate value after this $@. | test.c:41:17:41:22 | call to signal | call to signal | -| test.c:34:5:34:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:32:21:32:26 | call to signal | call to signal | +| test.c:12:5:12:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:35:21:35:26 | call to signal | call to signal | +| test.c:37:5:37:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:35:21:35:26 | call to signal | call to signal | +| test.c:42:5:42:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:35:21:35:26 | call to signal | call to signal | +| test.c:51:5:51:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:35:21:35:26 | call to signal | call to signal | +| test.c:51:5:51:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:45:17:45:22 | call to signal | call to signal | diff --git a/c/cert/test/rules/ERR32-C/test.c b/c/cert/test/rules/ERR32-C/test.c index 274bfd1967..2f28fbcb06 100644 --- a/c/cert/test/rules/ERR32-C/test.c +++ b/c/cert/test/rules/ERR32-C/test.c @@ -15,18 +15,21 @@ void handler1(int signum) { void handler2(int signum) { pfv old_handler = signal(signum, SIG_DFL); - if (old_handler == SIG_ERR) { - abort(); // COMPLIANT + if (old_handler != SIG_ERR) { + perror(""); // COMPLIANT + } else { + abort(); } } void handler3(int signum) { pfv old_handler = signal(signum, SIG_DFL); } -pfv helper4(int signum) { - perror(""); // NON_COMPLIANT - return signal(signum, SIG_DFL); +void handler4(int signum) { + pfv old_handler = signal(signum, SIG_DFL); + if (old_handler == SIG_ERR) { + _Exit(0); + } } -void handler4(int signum) { pfv old_handler = helper4(signum); } int main(void) { pfv old_handler = signal(SIGINT, handler1); @@ -35,8 +38,16 @@ int main(void) { } old_handler = signal(SIGINT, handler2); + if (old_handler == SIG_ERR) { + perror(""); // NON_COMPLIANT + } old_handler = signal(SIGINT, handler3); old_handler = signal(SIGINT, handler4); + + FILE *fp = fopen("something", "r"); + if (fp == NULL) { + perror("Error: "); // NON_COMPLIANT + } } From 785f29b9fd4cd3013635d8a666cba8ca646069a6 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 7 Dec 2022 11:38:29 +0100 Subject: [PATCH 0197/2573] Covers test case proposed during the review --- .../DoNotRelyOnIndeterminateValuesOfErrno.ql | 43 ++++++++++++++----- ...tRelyOnIndeterminateValuesOfErrno.expected | 10 ++--- c/cert/test/rules/ERR32-C/test.c | 13 +++++- 3 files changed, 49 insertions(+), 17 deletions(-) diff --git a/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql b/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql index 480f609d92..869b67f615 100644 --- a/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql +++ b/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql @@ -37,6 +37,10 @@ class SignalCheckOperation extends EqualityOperation, GuardCondition { ) } + ControlFlowNode getCheckedSuccessor() { + result != errorSuccessor and result = this.getASuccessor() + } + ControlFlowNode getErrorSuccessor() { result = errorSuccessor } } @@ -44,11 +48,11 @@ class SignalCheckOperation extends EqualityOperation, GuardCondition { * Models signal handlers that call signal() and return */ class SignalCallingHandler extends Function { - SignalCall sh; + SignalCall registration; SignalCallingHandler() { // is a signal handler - this = sh.getArgument(1).(FunctionAccess).getTarget() and + this = registration.getArgument(1).(FunctionAccess).getTarget() and // calls signal() on the handled signal exists(SignalCall sCall | sCall.getEnclosingFunction() = this and @@ -63,18 +67,35 @@ class SignalCallingHandler extends Function { ) } - SignalCall getHandler() { result = sh } + SignalCall getCall() { result = registration } +} + +/** + * CFG nodes preceeding `ErrnoRead` + */ +ControlFlowNode preceedErrnoRead(ErrnoRead er) { + result = er + or + exists(ControlFlowNode mid | + result = mid.getAPredecessor() and + mid = preceedErrnoRead(er) and + // stop recursion on calls to `abort` and `_Exit` + not result.(FunctionCall).getTarget().hasGlobalName(["abort", "_Exit"]) and + // stop recursion on successful `SignalCheckOperation` + not result = any(SignalCheckOperation o).getCheckedSuccessor() + ) } -from ErrnoRead errno, SignalCall h +from ErrnoRead errno, SignalCall signal where not isExcluded(errno, Contracts5Package::doNotRelyOnIndeterminateValuesOfErrnoQuery()) and - exists(SignalCallingHandler sc | sc.getHandler() = h | - // errno read in the handler - sc.calls*(errno.getEnclosingFunction()) + exists(SignalCallingHandler handler | + // errno read after the handler returns + handler.getCall() = signal or - // errno is read after the handle returns - sc.getHandler() = h and - errno.getAPredecessor+() = h + // errno read inside the handler + signal.getEnclosingFunction() = handler + | + signal = preceedErrnoRead(errno) ) -select errno, "`errno` has indeterminate value after this $@.", h, h.toString() +select errno, "`errno` has indeterminate value after this $@.", signal, signal.toString() diff --git a/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected b/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected index 2f8df8eaf7..e5cff7e4ce 100644 --- a/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected +++ b/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected @@ -1,5 +1,5 @@ -| test.c:12:5:12:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:35:21:35:26 | call to signal | call to signal | -| test.c:37:5:37:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:35:21:35:26 | call to signal | call to signal | -| test.c:42:5:42:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:35:21:35:26 | call to signal | call to signal | -| test.c:51:5:51:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:35:21:35:26 | call to signal | call to signal | -| test.c:51:5:51:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:45:17:45:22 | call to signal | call to signal | +| test.c:12:5:12:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:10:21:10:26 | call to signal | call to signal | +| test.c:39:5:39:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:35:21:35:26 | call to signal | call to signal | +| test.c:46:5:46:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:44:21:44:26 | call to signal | call to signal | +| test.c:62:5:62:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:54:17:54:22 | call to signal | call to signal | +| test.c:62:5:62:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:58:17:58:22 | call to signal | call to signal | diff --git a/c/cert/test/rules/ERR32-C/test.c b/c/cert/test/rules/ERR32-C/test.c index 2f28fbcb06..2f48ad269e 100644 --- a/c/cert/test/rules/ERR32-C/test.c +++ b/c/cert/test/rules/ERR32-C/test.c @@ -31,6 +31,15 @@ void handler4(int signum) { } } +void handler5(int signum) { + pfv old_handler = signal(signum, SIG_DFL); + if (old_handler != SIG_ERR) { + perror(""); // COMPLIANT + } else { + perror(""); // NON_COMPLIANT + } +} + int main(void) { pfv old_handler = signal(SIGINT, handler1); if (old_handler == SIG_ERR) { @@ -39,13 +48,15 @@ int main(void) { old_handler = signal(SIGINT, handler2); if (old_handler == SIG_ERR) { - perror(""); // NON_COMPLIANT + perror(""); // COMPLIANT } old_handler = signal(SIGINT, handler3); old_handler = signal(SIGINT, handler4); + old_handler = signal(SIGINT, handler5); + FILE *fp = fopen("something", "r"); if (fp == NULL) { perror("Error: "); // NON_COMPLIANT From 4ba5b7b8da3b60c78dad6c0a04d62cc305fc7f2d Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 7 Dec 2022 13:16:28 +0100 Subject: [PATCH 0198/2573] minor improvements --- .../DoNotRelyOnIndeterminateValuesOfErrno.ql | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql b/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql index 869b67f615..631b9c43e0 100644 --- a/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql +++ b/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql @@ -15,10 +15,20 @@ import codingstandards.c.cert import codingstandards.c.Errno import semmle.code.cpp.controlflow.Guards +/** + * A call to function `signal` + */ class SignalCall extends FunctionCall { SignalCall() { this.getTarget().hasGlobalName("signal") } } +/** + * A call to `abort` or `_Exit` + */ +class AbortCall extends FunctionCall { + AbortCall() { this.getTarget().hasGlobalName(["abort", "_Exit"]) } +} + /** * A check on `signal` call return value * `if (signal(SIGINT, handler) == SIG_ERR)` @@ -59,9 +69,8 @@ class SignalCallingHandler extends Function { DataFlow::localFlow(DataFlow::parameterNode(this.getParameter(0)), DataFlow::exprNode(sCall.getArgument(0))) and // does not abort on error - not exists(SignalCheckOperation sCheck, FunctionCall abort | + not exists(SignalCheckOperation sCheck, AbortCall abort | DataFlow::localExprFlow(sCall, sCheck.getAnOperand()) and - abort.getTarget().hasGlobalName(["abort", "_Exit"]) and abort.getEnclosingElement*() = sCheck.getErrorSuccessor() ) ) @@ -80,7 +89,7 @@ ControlFlowNode preceedErrnoRead(ErrnoRead er) { result = mid.getAPredecessor() and mid = preceedErrnoRead(er) and // stop recursion on calls to `abort` and `_Exit` - not result.(FunctionCall).getTarget().hasGlobalName(["abort", "_Exit"]) and + not result instanceof AbortCall and // stop recursion on successful `SignalCheckOperation` not result = any(SignalCheckOperation o).getCheckedSuccessor() ) From 760ccdebfeb28e8eaaa9381f913fd77fef46c1a2 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Thu, 8 Dec 2022 15:52:01 +0100 Subject: [PATCH 0199/2573] C++: Accept test changes after CodeQL `scanf` work --- .../FIO32-C/DoNotPerformFileOperationsOnDevices.expected | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected b/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected index b4f07d6ca8..824149f294 100644 --- a/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected +++ b/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected @@ -1,16 +1,12 @@ edges -| test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | file_name indirection | | test.c:20:15:20:23 | scanf output argument | test.c:21:8:21:16 | file_name indirection | -| test.c:45:15:45:23 | file_name | test.c:46:29:46:37 | file_name indirection | | test.c:45:15:45:23 | scanf output argument | test.c:46:29:46:37 | file_name indirection | nodes -| test.c:20:15:20:23 | file_name | semmle.label | file_name | | test.c:20:15:20:23 | scanf output argument | semmle.label | scanf output argument | | test.c:21:8:21:16 | file_name indirection | semmle.label | file_name indirection | -| test.c:45:15:45:23 | file_name | semmle.label | file_name | | test.c:45:15:45:23 | scanf output argument | semmle.label | scanf output argument | | test.c:46:29:46:37 | file_name indirection | semmle.label | file_name indirection | subpaths #select -| test.c:21:8:21:16 | file_name | test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | file_name indirection | This argument to a file access function is derived from $@ and then passed to func(file_name), which calls fopen((unnamed parameter 0)). | test.c:20:15:20:23 | file_name | user input (scanf) | -| test.c:46:29:46:37 | file_name | test.c:45:15:45:23 | file_name | test.c:46:29:46:37 | file_name indirection | This argument to a file access function is derived from $@ and then passed to CreateFile(lpFileName). | test.c:45:15:45:23 | file_name | user input (scanf) | +| test.c:21:8:21:16 | file_name | test.c:20:15:20:23 | scanf output argument | test.c:21:8:21:16 | file_name indirection | This argument to a file access function is derived from $@ and then passed to func(file_name), which calls fopen((unnamed parameter 0)). | test.c:20:15:20:23 | file_name | user input (scanf) | +| test.c:46:29:46:37 | file_name | test.c:45:15:45:23 | scanf output argument | test.c:46:29:46:37 | file_name indirection | This argument to a file access function is derived from $@ and then passed to CreateFile(lpFileName). | test.c:45:15:45:23 | file_name | user input (scanf) | From d1fe1ad5b22ecb6d75fa6e0e998ad7998163705a Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Thu, 8 Dec 2022 18:54:44 +0100 Subject: [PATCH 0200/2573] Fix references to pack names after pack renaming --- c/cert/src/codeql-suites/cert-default.qls | 4 ++-- c/misra/src/codeql-suites/misra-default.qls | 4 ++-- cpp/autosar/src/codeql-suites/autosar-advisory.qls | 4 ++-- cpp/autosar/src/codeql-suites/autosar-audit.qls | 4 ++-- cpp/autosar/src/codeql-suites/autosar-default.qls | 4 ++-- cpp/autosar/src/codeql-suites/autosar-required.qls | 4 ++-- .../src/codeql-suites/autosar-single-translation-unit.qls | 4 ++-- cpp/cert/src/codeql-suites/cert-default.qls | 4 ++-- cpp/cert/src/codeql-suites/cert-single-translation-unit.qls | 4 ++-- 9 files changed, 18 insertions(+), 18 deletions(-) diff --git a/c/cert/src/codeql-suites/cert-default.qls b/c/cert/src/codeql-suites/cert-default.qls index c8652930e9..1e11a0afca 100644 --- a/c/cert/src/codeql-suites/cert-default.qls +++ b/c/cert/src/codeql-suites/cert-default.qls @@ -1,9 +1,9 @@ - description: CERT C 2016 (Default) -- qlpack: cert-c-coding-standards +- qlpack: codeql/cert-c-coding-standards - include: kind: - problem - path-problem - exclude: tags contain: - - external/cert/default-disabled \ No newline at end of file + - external/cert/default-disabled diff --git a/c/misra/src/codeql-suites/misra-default.qls b/c/misra/src/codeql-suites/misra-default.qls index d32637556d..343379a2b3 100644 --- a/c/misra/src/codeql-suites/misra-default.qls +++ b/c/misra/src/codeql-suites/misra-default.qls @@ -1,5 +1,5 @@ - description: MISRA C 2012 (Default) -- qlpack: misra-c-coding-standards +- qlpack: codeql/misra-c-coding-standards - include: kind: - problem @@ -7,4 +7,4 @@ - exclude: tags contain: - external/misra/audit - - external/misra/default-disabled \ No newline at end of file + - external/misra/default-disabled diff --git a/cpp/autosar/src/codeql-suites/autosar-advisory.qls b/cpp/autosar/src/codeql-suites/autosar-advisory.qls index 163de00856..f7319085dd 100644 --- a/cpp/autosar/src/codeql-suites/autosar-advisory.qls +++ b/cpp/autosar/src/codeql-suites/autosar-advisory.qls @@ -1,5 +1,5 @@ - description: AUTOSAR C++14 Guidelines 20-11 (Advisory) -- qlpack: autosar-cpp-coding-standards +- qlpack: codeql/autosar-cpp-coding-standards - include: kind: - problem @@ -8,4 +8,4 @@ - external/autosar/obligation/advisory - exclude: tags contain: - - external/autosar/audit \ No newline at end of file + - external/autosar/audit diff --git a/cpp/autosar/src/codeql-suites/autosar-audit.qls b/cpp/autosar/src/codeql-suites/autosar-audit.qls index 6e77e82e77..8d45e238cd 100644 --- a/cpp/autosar/src/codeql-suites/autosar-audit.qls +++ b/cpp/autosar/src/codeql-suites/autosar-audit.qls @@ -1,8 +1,8 @@ - description: AUTOSAR C++14 Guidelines 20-11 (Audit) -- qlpack: autosar-cpp-coding-standards +- qlpack: codeql/autosar-cpp-coding-standards - include: kind: - problem - path-problem tags contain: - - external/autosar/audit \ No newline at end of file + - external/autosar/audit diff --git a/cpp/autosar/src/codeql-suites/autosar-default.qls b/cpp/autosar/src/codeql-suites/autosar-default.qls index 0296cc54f8..f6072946ef 100644 --- a/cpp/autosar/src/codeql-suites/autosar-default.qls +++ b/cpp/autosar/src/codeql-suites/autosar-default.qls @@ -1,5 +1,5 @@ - description: AUTOSAR C++14 Guidelines 20-11 (Default) -- qlpack: autosar-cpp-coding-standards +- qlpack: codeql/autosar-cpp-coding-standards - include: kind: - problem @@ -7,4 +7,4 @@ - exclude: tags contain: - external/autosar/audit - - external/autosar/default-disabled \ No newline at end of file + - external/autosar/default-disabled diff --git a/cpp/autosar/src/codeql-suites/autosar-required.qls b/cpp/autosar/src/codeql-suites/autosar-required.qls index b79562c66c..6b93a4cfa6 100644 --- a/cpp/autosar/src/codeql-suites/autosar-required.qls +++ b/cpp/autosar/src/codeql-suites/autosar-required.qls @@ -1,5 +1,5 @@ - description: AUTOSAR C++14 Guidelines 20-11 (Required) -- qlpack: autosar-cpp-coding-standards +- qlpack: codeql/autosar-cpp-coding-standards - include: kind: - problem @@ -8,4 +8,4 @@ - external/autosar/obligation/required - exclude: tags contain: - - external/autosar/audit \ No newline at end of file + - external/autosar/audit diff --git a/cpp/autosar/src/codeql-suites/autosar-single-translation-unit.qls b/cpp/autosar/src/codeql-suites/autosar-single-translation-unit.qls index 6ba3032fa8..d4f28f499b 100644 --- a/cpp/autosar/src/codeql-suites/autosar-single-translation-unit.qls +++ b/cpp/autosar/src/codeql-suites/autosar-single-translation-unit.qls @@ -1,5 +1,5 @@ - description: AUTOSAR C++14 Guidelines 20-11 (Single Translation Unit) -- qlpack: autosar-cpp-coding-standards +- qlpack: codeql/autosar-cpp-coding-standards - include: kind: - problem @@ -9,4 +9,4 @@ - exclude: tags contain: - external/autosar/audit - - external/autosar/default-disabled \ No newline at end of file + - external/autosar/default-disabled diff --git a/cpp/cert/src/codeql-suites/cert-default.qls b/cpp/cert/src/codeql-suites/cert-default.qls index 6ec40af9b9..e9211246b1 100644 --- a/cpp/cert/src/codeql-suites/cert-default.qls +++ b/cpp/cert/src/codeql-suites/cert-default.qls @@ -1,9 +1,9 @@ - description: CERT C++ 2016 (Default) -- qlpack: cert-cpp-coding-standards +- qlpack: codeql/cert-cpp-coding-standards - include: kind: - problem - path-problem - exclude: tags contain: - - external/cert/default-disabled \ No newline at end of file + - external/cert/default-disabled diff --git a/cpp/cert/src/codeql-suites/cert-single-translation-unit.qls b/cpp/cert/src/codeql-suites/cert-single-translation-unit.qls index ca1315d6ff..2f09815e0d 100644 --- a/cpp/cert/src/codeql-suites/cert-single-translation-unit.qls +++ b/cpp/cert/src/codeql-suites/cert-single-translation-unit.qls @@ -1,5 +1,5 @@ - description: CERT C++ 2016 (Single Translation Unit) -- qlpack: cert-cpp-coding-standards +- qlpack: codeql/cert-cpp-coding-standards - include: kind: - problem @@ -8,4 +8,4 @@ - scope/single-translation-unit - exclude: tags contain: - - external/cert/default-disabled \ No newline at end of file + - external/cert/default-disabled From 872ea183e492f63e625fb49d04eee5249ec8625e Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Fri, 16 Dec 2022 10:30:01 -0500 Subject: [PATCH 0201/2573] Declarations5: address review comments --- ...nalObjectOrFunctionNotDeclaredInOneFile.ql | 7 +----- ...singStaticSpecifierObjectRedeclarationC.ql | 6 ++--- c/misra/test/rules/RULE-5-2/test.c | 23 ++++++++++++++++++- ...icSpecifierFunctionRedeclarationShared.qll | 2 +- ...saryExposedIdentifierDeclarationShared.qll | 2 +- 5 files changed, 28 insertions(+), 12 deletions(-) diff --git a/c/misra/src/rules/RULE-8-5/ExternalObjectOrFunctionNotDeclaredInOneFile.ql b/c/misra/src/rules/RULE-8-5/ExternalObjectOrFunctionNotDeclaredInOneFile.ql index 0c9cfe9cb2..56e1d742a6 100644 --- a/c/misra/src/rules/RULE-8-5/ExternalObjectOrFunctionNotDeclaredInOneFile.ql +++ b/c/misra/src/rules/RULE-8-5/ExternalObjectOrFunctionNotDeclaredInOneFile.ql @@ -32,12 +32,7 @@ where kind = "variable" ) and // Apply an ordering based on location to enforce that (de1, de2) = (de2, de1) and we only report (de1, de2). - ( - de.getFile().getAbsolutePath() < otherDeclaration.getFile().getAbsolutePath() - or - de.getFile().getAbsolutePath() = otherDeclaration.getFile().getAbsolutePath() and - de.getLocation().getStartLine() < otherDeclaration.getLocation().getStartLine() - ) + de.getFile().getAbsolutePath() < otherDeclaration.getFile().getAbsolutePath() select de, "The " + kind + " declaration " + de.getName() + " is declared in multiple files and has an additional $@.", otherDeclaration, "declaration" diff --git a/c/misra/src/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.ql b/c/misra/src/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.ql index 9d583623de..2cb65c4fda 100644 --- a/c/misra/src/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.ql +++ b/c/misra/src/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.ql @@ -18,10 +18,10 @@ from VariableDeclarationEntry redeclaration, VariableDeclarationEntry de where not isExcluded(redeclaration, Declarations5Package::missingStaticSpecifierObjectRedeclarationCQuery()) and + //following implies de != redeclaration de.hasSpecifier("static") and - de.getDeclaration().isTopLevel() and - redeclaration.getDeclaration() = de.getDeclaration() and not redeclaration.hasSpecifier("static") and - de != redeclaration + de.getDeclaration().isTopLevel() and + redeclaration.getDeclaration() = de.getDeclaration() select redeclaration, "The redeclaration of $@ with internal linkage misses the static specifier.", de, de.getName() diff --git a/c/misra/test/rules/RULE-5-2/test.c b/c/misra/test/rules/RULE-5-2/test.c index 3f3f8f1e00..e299e514bc 100644 --- a/c/misra/test/rules/RULE-5-2/test.c +++ b/c/misra/test/rules/RULE-5-2/test.c @@ -23,4 +23,25 @@ void f() { static int iltiqzxgfqsgigwfuyntzghvzltueatcxqnqofnnvjy_C; // COMPLIANT length <63 static int - iltiqzxgfqsgigwfuyntzghvzltueatcxqnqofnnvjy_D; // COMPLIANT length <63 \ No newline at end of file + iltiqzxgfqsgigwfuyntzghvzltueatcxqnqofnnvjy_D; // COMPLIANT length <63 + +#define iltiqzxgfqsgigwfuyntzghvzltueatcxqnqofnnvjyszmcsylyohvqaosjbqyyA // COMPLIANT + // - + // this + // rule + // does + // not + // consider + // macros +extern int + iltiqzxgfqsgigwfuyntzghvzltueatcxqnqofnnvjyszmcsylyohvqaosjbqyyA; // COMPLIANT + // - this + // rule + // does + // not + // consider + // when + // both + // identifiers + // are + // external \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.qll b/cpp/common/src/codingstandards/cpp/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.qll index 70d498827f..43c1821e2e 100644 --- a/cpp/common/src/codingstandards/cpp/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.qll @@ -1,5 +1,5 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library which includes a `problems` predicate for reporting missing static specifiers for redeclarations of functions with internal linkage. */ import cpp diff --git a/cpp/common/src/codingstandards/cpp/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.qll b/cpp/common/src/codingstandards/cpp/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.qll index 7006ef7b38..a18ab593bb 100644 --- a/cpp/common/src/codingstandards/cpp/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.qll @@ -1,5 +1,5 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library which includes a `problems` predicate for reporting unnecessarily exposed identifiers due to too broad of a scope. */ import cpp From a08270e525fda638ffe0263fcba1645e1ac099e0 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Fri, 16 Dec 2022 11:49:12 -0500 Subject: [PATCH 0202/2573] Declarations5: finish adding shared rule for RULE-8-8 had previously missed commiting full shared --- ...singStaticSpecifierOnFunctionRedeclaration.ql | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) diff --git a/cpp/autosar/src/rules/M3-3-2/MissingStaticSpecifierOnFunctionRedeclaration.ql b/cpp/autosar/src/rules/M3-3-2/MissingStaticSpecifierOnFunctionRedeclaration.ql index 86823160bd..3904e267b6 100644 --- a/cpp/autosar/src/rules/M3-3-2/MissingStaticSpecifierOnFunctionRedeclaration.ql +++ b/cpp/autosar/src/rules/M3-3-2/MissingStaticSpecifierOnFunctionRedeclaration.ql @@ -15,14 +15,10 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.rules.missingstaticspecifierfunctionredeclarationshared.MissingStaticSpecifierFunctionRedeclarationShared -from FunctionDeclarationEntry fde, FunctionDeclarationEntry redeclaration -where - not isExcluded(redeclaration) and - fde.hasSpecifier("static") and - fde.getDeclaration().isTopLevel() and - redeclaration.getDeclaration() = fde.getDeclaration() and - not redeclaration.hasSpecifier("static") and - fde != redeclaration -select redeclaration, "The redeclaration of $@ with internal linkage misses the static specifier.", - fde, "function" +class MissingStaticSpecifierOnFunctionRedeclarationQuery extends MissingStaticSpecifierFunctionRedeclarationSharedSharedQuery { + MissingStaticSpecifierOnFunctionRedeclarationQuery() { + this = ScopePackage::missingStaticSpecifierOnFunctionRedeclarationQuery() + } +} From a27d650e1e690c04be48c04d2d45a3f5728325be Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 4 Jan 2023 09:54:05 -0500 Subject: [PATCH 0203/2573] Declarations4: fix rule metadata files --- .../cpp/exclusions/c/Declarations4.qll | 20 ++++++++++++------- .../cpp/exclusions/c/RuleMetadata.qll | 2 +- 2 files changed, 14 insertions(+), 8 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations4.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations4.qll index 5e2b9d0695..348fd97309 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations4.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations4.qll @@ -11,14 +11,15 @@ newtype Declarations4Query = TCompatibleDeclarationFunctionDefinedQuery() or TIdentifierWithExternalLinkageOneDefinitionQuery() -predicate isDeclarations4QueryMetadata(Query query, string queryId, string ruleId) { +predicate isDeclarations4QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `functionTypesNotInPrototypeForm` query Declarations4Package::functionTypesNotInPrototypeFormQuery() and queryId = // `@id` for the `functionTypesNotInPrototypeForm` query "c/misra/function-types-not-in-prototype-form" and - ruleId = "RULE-8-2" + ruleId = "RULE-8-2" and + category = "required" or query = // `Query` instance for the `declarationsOfAnObjectSameNameAndType` query @@ -26,7 +27,8 @@ predicate isDeclarations4QueryMetadata(Query query, string queryId, string ruleI queryId = // `@id` for the `declarationsOfAnObjectSameNameAndType` query "c/misra/declarations-of-an-object-same-name-and-type" and - ruleId = "RULE-8-3" + ruleId = "RULE-8-3" and + category = "required" or query = // `Query` instance for the `declarationsOfAFunctionSameNameAndType` query @@ -34,7 +36,8 @@ predicate isDeclarations4QueryMetadata(Query query, string queryId, string ruleI queryId = // `@id` for the `declarationsOfAFunctionSameNameAndType` query "c/misra/declarations-of-a-function-same-name-and-type" and - ruleId = "RULE-8-3" + ruleId = "RULE-8-3" and + category = "required" or query = // `Query` instance for the `compatibleDeclarationObjectDefined` query @@ -42,7 +45,8 @@ predicate isDeclarations4QueryMetadata(Query query, string queryId, string ruleI queryId = // `@id` for the `compatibleDeclarationObjectDefined` query "c/misra/compatible-declaration-object-defined" and - ruleId = "RULE-8-4" + ruleId = "RULE-8-4" and + category = "required" or query = // `Query` instance for the `compatibleDeclarationFunctionDefined` query @@ -50,7 +54,8 @@ predicate isDeclarations4QueryMetadata(Query query, string queryId, string ruleI queryId = // `@id` for the `compatibleDeclarationFunctionDefined` query "c/misra/compatible-declaration-function-defined" and - ruleId = "RULE-8-4" + ruleId = "RULE-8-4" and + category = "required" or query = // `Query` instance for the `identifierWithExternalLinkageOneDefinition` query @@ -58,7 +63,8 @@ predicate isDeclarations4QueryMetadata(Query query, string queryId, string ruleI queryId = // `@id` for the `identifierWithExternalLinkageOneDefinition` query "c/misra/identifier-with-external-linkage-one-definition" and - ruleId = "RULE-8-6" + ruleId = "RULE-8-6" and + category = "required" } module Declarations4Package { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index 1f218804ea..004719516c 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -93,7 +93,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isDeclarations1QueryMetadata(query, queryId, ruleId, category) or isDeclarations2QueryMetadata(query, queryId, ruleId, category) or isDeclarations3QueryMetadata(query, queryId, ruleId, category) or - isDeclarations4QueryMetadata(query, queryId, ruleId) or + isDeclarations4QueryMetadata(query, queryId, ruleId, category) or isExpressionsQueryMetadata(query, queryId, ruleId, category) or isIO1QueryMetadata(query, queryId, ruleId, category) or isIO2QueryMetadata(query, queryId, ruleId, category) or From 6f91612a520340cf204a794da0c58ec7d3540ffc Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Thu, 5 Jan 2023 10:58:59 -0500 Subject: [PATCH 0204/2573] Declarations6: add RULE-17-3 and refactor Identifiers to include new predicate --- .vscode/tasks.json | 1 + .../RULE-17-3/FunctionDeclaredImplicitly.ql | 29 ++++++++++++ .../FunctionDeclaredImplicitly.expected | 2 + .../FunctionDeclaredImplicitly.qlref | 1 + c/misra/test/rules/RULE-17-3/test.c | 13 ++++++ .../src/codingstandards/cpp/Identifiers.qll | 46 +++++++++++++++++++ .../cpp/exclusions/c/Declarations6.qll | 26 +++++++++++ .../cpp/exclusions/c/RuleMetadata.qll | 3 ++ .../cpp/rules/typeomitted/TypeOmitted.qll | 10 +--- rule_packages/c/Declarations6.json | 24 ++++++++++ rules.csv | 2 +- 11 files changed, 148 insertions(+), 9 deletions(-) create mode 100644 c/misra/src/rules/RULE-17-3/FunctionDeclaredImplicitly.ql create mode 100644 c/misra/test/rules/RULE-17-3/FunctionDeclaredImplicitly.expected create mode 100644 c/misra/test/rules/RULE-17-3/FunctionDeclaredImplicitly.qlref create mode 100644 c/misra/test/rules/RULE-17-3/test.c create mode 100644 cpp/common/src/codingstandards/cpp/Identifiers.qll create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/Declarations6.qll create mode 100644 rule_packages/c/Declarations6.json diff --git a/.vscode/tasks.json b/.vscode/tasks.json index 3147f97957..81c4937a26 100644 --- a/.vscode/tasks.json +++ b/.vscode/tasks.json @@ -206,6 +206,7 @@ "Declarations", "Declarations1", "Declarations2", + "Declarations6", "Exceptions1", "Exceptions2", "Expressions", diff --git a/c/misra/src/rules/RULE-17-3/FunctionDeclaredImplicitly.ql b/c/misra/src/rules/RULE-17-3/FunctionDeclaredImplicitly.ql new file mode 100644 index 0000000000..304d0a9bf6 --- /dev/null +++ b/c/misra/src/rules/RULE-17-3/FunctionDeclaredImplicitly.ql @@ -0,0 +1,29 @@ +/** + * @id c/misra/function-declared-implicitly + * @name RULE-17-3: A function shall not be declared implicitly + * @description Omission of type specifiers may not be supported by some compilers. Additionally + * implicit typing can lead to undefined behaviour. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-17-3 + * correctness + * readability + * external/misra/obligation/mandatory + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.Identifiers + +from FunctionDeclarationEntry fde +where + not isExcluded(fde, Declarations6Package::functionDeclaredImplicitlyQuery()) and + ( + //use before declaration + fde.isImplicit() + or + //declared but type not explicit + isDeclaredImplicit(fde.getDeclaration()) + ) +select fde, "Function declaration is implicit." diff --git a/c/misra/test/rules/RULE-17-3/FunctionDeclaredImplicitly.expected b/c/misra/test/rules/RULE-17-3/FunctionDeclaredImplicitly.expected new file mode 100644 index 0000000000..9d7cb66d70 --- /dev/null +++ b/c/misra/test/rules/RULE-17-3/FunctionDeclaredImplicitly.expected @@ -0,0 +1,2 @@ +| test.c:3:1:3:2 | declaration of f2 | Function declaration is implicit. | +| test.c:11:17:11:17 | declaration of f3 | Function declaration is implicit. | diff --git a/c/misra/test/rules/RULE-17-3/FunctionDeclaredImplicitly.qlref b/c/misra/test/rules/RULE-17-3/FunctionDeclaredImplicitly.qlref new file mode 100644 index 0000000000..24df819bf7 --- /dev/null +++ b/c/misra/test/rules/RULE-17-3/FunctionDeclaredImplicitly.qlref @@ -0,0 +1 @@ +rules/RULE-17-3/FunctionDeclaredImplicitly.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-17-3/test.c b/c/misra/test/rules/RULE-17-3/test.c new file mode 100644 index 0000000000..6c9dd64836 --- /dev/null +++ b/c/misra/test/rules/RULE-17-3/test.c @@ -0,0 +1,13 @@ +// semmle-extractor-options:--clang -std=c11 -nostdinc +// -I../../../../common/test/includes/standard-library +double f1(double x); // COMPLIANT +f2(double x); // NON_COMPLIANT + +void f() { + double l = 1; + double l1 = f1(l); + + double l2 = f2(l); + + double l3 = f3(l); // NON_COMPLIANT +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/Identifiers.qll b/cpp/common/src/codingstandards/cpp/Identifiers.qll new file mode 100644 index 0000000000..665acbeb6b --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/Identifiers.qll @@ -0,0 +1,46 @@ +import cpp +import codingstandards.cpp.Linkage + +class ExternalIdentifiers extends InterestingIdentifiers { + ExternalIdentifiers() { + hasExternalLinkage(this) and + getNamespace() instanceof GlobalNamespace + } + + string getSignificantName() { + //C99 states the first 31 characters of external identifiers are significant + //C90 states the first 6 characters of external identifiers are significant and case is not required to be significant + //C90 is not currently considered by this rule + result = this.getName().prefix(31) + } +} + +//Identifiers that are candidates for checking uniqueness +class InterestingIdentifiers extends Declaration { + InterestingIdentifiers() { + not this.isFromTemplateInstantiation(_) and + not this.isFromUninstantiatedTemplate(_) and + not this instanceof TemplateParameter and + not this.hasDeclaringType() and + not this instanceof Operator and + not this.hasName("main") and + exists(this.getADeclarationLocation()) + } + + //this definition of significant relies on the number of significant characters for a macro name (C99) + //this is used on macro name comparisons only + //not necessarily against other types of identifiers + string getSignificantNameComparedToMacro() { result = this.getName().prefix(63) } +} + +//Declarations that omit type - C90 compiler assumes int +predicate isDeclaredImplicit(Declaration d) { + d.hasSpecifier("implicit_int") and + exists(Type t | + (d.(Variable).getType() = t or d.(Function).getType() = t) and + // Exclude "short" or "long", as opposed to "short int" or "long int". + t instanceof IntType and + // Exclude "signed" or "unsigned", as opposed to "signed int" or "unsigned int". + not exists(IntegralType it | it = t | it.isExplicitlySigned() or it.isExplicitlyUnsigned()) + ) +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations6.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations6.qll new file mode 100644 index 0000000000..fe3ec8b508 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations6.qll @@ -0,0 +1,26 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype Declarations6Query = TFunctionDeclaredImplicitlyQuery() + +predicate isDeclarations6QueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `functionDeclaredImplicitly` query + Declarations6Package::functionDeclaredImplicitlyQuery() and + queryId = + // `@id` for the `functionDeclaredImplicitly` query + "c/misra/function-declared-implicitly" and + ruleId = "RULE-17-3" and + category = "mandatory" +} + +module Declarations6Package { + Query functionDeclaredImplicitlyQuery() { + //autogenerate `Query` type + result = + // `Query` type for `functionDeclaredImplicitly` query + TQueryC(TDeclarations6PackageQuery(TFunctionDeclaredImplicitlyQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index 11994dd9fd..a197511e3b 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -15,6 +15,7 @@ import Contracts4 import Declarations1 import Declarations2 import Declarations3 +import Declarations6 import Expressions import IO1 import IO2 @@ -53,6 +54,7 @@ newtype TCQuery = TDeclarations1PackageQuery(Declarations1Query q) or TDeclarations2PackageQuery(Declarations2Query q) or TDeclarations3PackageQuery(Declarations3Query q) or + TDeclarations6PackageQuery(Declarations6Query q) or TExpressionsPackageQuery(ExpressionsQuery q) or TIO1PackageQuery(IO1Query q) or TIO2PackageQuery(IO2Query q) or @@ -91,6 +93,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isDeclarations1QueryMetadata(query, queryId, ruleId, category) or isDeclarations2QueryMetadata(query, queryId, ruleId, category) or isDeclarations3QueryMetadata(query, queryId, ruleId, category) or + isDeclarations6QueryMetadata(query, queryId, ruleId, category) or isExpressionsQueryMetadata(query, queryId, ruleId, category) or isIO1QueryMetadata(query, queryId, ruleId, category) or isIO2QueryMetadata(query, queryId, ruleId, category) or diff --git a/cpp/common/src/codingstandards/cpp/rules/typeomitted/TypeOmitted.qll b/cpp/common/src/codingstandards/cpp/rules/typeomitted/TypeOmitted.qll index 420a384208..8c1cb3b80a 100644 --- a/cpp/common/src/codingstandards/cpp/rules/typeomitted/TypeOmitted.qll +++ b/cpp/common/src/codingstandards/cpp/rules/typeomitted/TypeOmitted.qll @@ -5,6 +5,7 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions +import codingstandards.cpp.Identifiers abstract class TypeOmittedSharedQuery extends Query { } @@ -12,13 +13,6 @@ Query getQuery() { result instanceof TypeOmittedSharedQuery } query predicate problems(Declaration d, string message) { not isExcluded(d, getQuery()) and - d.hasSpecifier("implicit_int") and - exists(Type t | - (d.(Variable).getType() = t or d.(Function).getType() = t) and - // Exclude "short" or "long", as opposed to "short int" or "long int". - t instanceof IntType and - // Exclude "signed" or "unsigned", as opposed to "signed int" or "unsigned int". - not exists(IntegralType it | it = t | it.isExplicitlySigned() or it.isExplicitlyUnsigned()) - ) and + isDeclaredImplicit(d) and message = "Declaration " + d.getName() + " is missing a type specifier." } diff --git a/rule_packages/c/Declarations6.json b/rule_packages/c/Declarations6.json new file mode 100644 index 0000000000..af2b15e868 --- /dev/null +++ b/rule_packages/c/Declarations6.json @@ -0,0 +1,24 @@ +{ + "MISRA-C-2012": { + "RULE-17-3": { + "properties": { + "obligation": "mandatory" + }, + "queries": [ + { + "description": "Omission of type specifiers may not be supported by some compilers. Additionally implicit typing can lead to undefined behaviour.", + "kind": "problem", + "name": "A function shall not be declared implicitly", + "precision": "very-high", + "severity": "error", + "short_name": "FunctionDeclaredImplicitly", + "tags": [ + "correctness", + "readability" + ] + } + ], + "title": "A function shall not be declared implicitly" + } + } +} \ No newline at end of file diff --git a/rules.csv b/rules.csv index bb4456877e..05473821fe 100644 --- a/rules.csv +++ b/rules.csv @@ -713,7 +713,7 @@ c,MISRA-C-2012,RULE-16-6,Yes,Required,,,Every switch statement shall have at lea c,MISRA-C-2012,RULE-16-7,Yes,Required,,,A switch-expression shall not have essentially Boolean type,M6-4-7,Statements,Medium, c,MISRA-C-2012,RULE-17-1,Yes,Required,,,The features of shall not be used,,Banned,Easy, c,MISRA-C-2012,RULE-17-2,Yes,Required,,,"Functions shall not call themselves, either directly or indirectly",A7-5-2,Statements,Import, -c,MISRA-C-2012,RULE-17-3,Yes,Mandatory,,,A function shall not be declared implicitly,,Declarations,Medium, +c,MISRA-C-2012,RULE-17-3,Yes,Mandatory,,,A function shall not be declared implicitly,,Declarations6,Medium, c,MISRA-C-2012,RULE-17-4,Yes,Mandatory,,,All exit paths from a function with non-void return type shall have an explicit return statement with an expression,MSC52-CPP,Statements,Medium, c,MISRA-C-2012,RULE-17-5,Yes,Advisory,,,The function argument corresponding to a parameter declared to have an array type shall have an appropriate number of elements,,Contracts,Hard, c,MISRA-C-2012,RULE-17-6,No,Mandatory,,,The declaration of an array parameter shall not contain the static keyword between the [ ],,,, From 7e8224119f0ac333387cfbf2c032ec16d73d18a8 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 6 Jan 2023 18:00:37 -0500 Subject: [PATCH 0205/2573] skip summary report flag --- scripts/matrix_testing/CreateMatrixTestReport.ps1 | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/scripts/matrix_testing/CreateMatrixTestReport.ps1 b/scripts/matrix_testing/CreateMatrixTestReport.ps1 index 3af69e6353..7789308b0b 100644 --- a/scripts/matrix_testing/CreateMatrixTestReport.ps1 +++ b/scripts/matrix_testing/CreateMatrixTestReport.ps1 @@ -123,6 +123,12 @@ param( [string] $ReportDir = (Get-Location), + # Skip summary report -- used for Linux hosts that don't support + # the OLE database stuff. + [Parameter(Mandatory = $false)] + [switch] + $SkipSummaryReport, + # Tells the script to use the sytem tmp directory instead of the rule # directory. [Parameter(Mandatory = $false)] @@ -245,6 +251,7 @@ else { Write-Host "Loaded $($queriesToCheck.Count) Queries." } + # # Step 2: Verify All the Required CLI Tools are Installed # @@ -420,6 +427,8 @@ foreach ($r in $REPORT) { [PSCustomObject]$r | Export-CSV -Path $reportOutputFile -Append -NoTypeInformation } -# write out a summary -Write-Host "Writing summary report to $summaryReportOutputFile" -Create-Summary-Report -DataFile $reportOutputFile -OutputFile $summaryReportOutputFile \ No newline at end of file +if (-not $SkipSummaryReport){ + # write out a summary + Write-Host "Writing summary report to $summaryReportOutputFile" + Create-Summary-Report -DataFile $reportOutputFile -OutputFile $summaryReportOutputFile +} \ No newline at end of file From 225d24eb86293deed2463861a4eeb7da21b48c75 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Sun, 8 Jan 2023 23:27:00 +0000 Subject: [PATCH 0206/2573] DeadCode: Create shared implementations for the cpp queries Create shared implementations in preparation for the C queries. --- .../src/rules/A0-1-4/UnusedParameter.ql | 11 +- .../rules/A0-1-6/UnusedTypeDeclarations.ql | 13 +- .../src/rules/M0-1-1/UnreachableCode.ql | 39 +----- cpp/autosar/src/rules/M0-1-9/DeadCode.ql | 114 +--------------- .../test/rules/A0-1-4/UnusedParameter.qlref | 1 - .../test/rules/A0-1-4/UnusedParameter.testref | 1 + .../rules/A0-1-6/UnusedTypeDeclarations.qlref | 1 - .../A0-1-6/UnusedTypeDeclarations.testref | 1 + .../test/rules/M0-1-1/UnreachableCode.qlref | 1 - .../test/rules/M0-1-1/UnreachableCode.testref | 1 + cpp/autosar/test/rules/M0-1-9/DeadCode.qlref | 1 - .../test/rules/M0-1-9/DeadCode.testref | 1 + .../cpp/rules/deadcode/DeadCode.qll | 122 ++++++++++++++++++ .../rules/unreachablecode/UnreachableCode.qll | 48 +++++++ .../rules/unusedparameter/UnusedParameter.qll | 21 +++ .../UnusedTypeDeclarations.qll | 21 +++ .../test/rules/deadcode}/DeadCode.expected | 0 cpp/common/test/rules/deadcode/DeadCode.ql | 2 + .../test/rules/deadcode}/test.cpp | 0 .../unreachablecode}/UnreachableCode.expected | 0 .../rules/unreachablecode/UnreachableCode.ql | 2 + .../test/rules/unreachablecode}/test.cpp | 0 .../unusedparameter}/UnusedParameter.expected | 0 .../rules/unusedparameter/UnusedParameter.ql | 2 + .../test/rules/unusedparameter}/test.cpp | 0 .../UnusedTypeDeclarations.expected | 0 .../UnusedTypeDeclarations.ql | 2 + .../rules/unusedtypedeclarations}/test.cpp | 0 rule_packages/cpp/DeadCode.json | 12 +- 29 files changed, 247 insertions(+), 170 deletions(-) delete mode 100644 cpp/autosar/test/rules/A0-1-4/UnusedParameter.qlref create mode 100644 cpp/autosar/test/rules/A0-1-4/UnusedParameter.testref delete mode 100644 cpp/autosar/test/rules/A0-1-6/UnusedTypeDeclarations.qlref create mode 100644 cpp/autosar/test/rules/A0-1-6/UnusedTypeDeclarations.testref delete mode 100644 cpp/autosar/test/rules/M0-1-1/UnreachableCode.qlref create mode 100644 cpp/autosar/test/rules/M0-1-1/UnreachableCode.testref delete mode 100644 cpp/autosar/test/rules/M0-1-9/DeadCode.qlref create mode 100644 cpp/autosar/test/rules/M0-1-9/DeadCode.testref create mode 100644 cpp/common/src/codingstandards/cpp/rules/deadcode/DeadCode.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/unreachablecode/UnreachableCode.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/unusedparameter/UnusedParameter.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/unusedtypedeclarations/UnusedTypeDeclarations.qll rename cpp/{autosar/test/rules/M0-1-9 => common/test/rules/deadcode}/DeadCode.expected (100%) create mode 100644 cpp/common/test/rules/deadcode/DeadCode.ql rename cpp/{autosar/test/rules/M0-1-9 => common/test/rules/deadcode}/test.cpp (100%) rename cpp/{autosar/test/rules/M0-1-1 => common/test/rules/unreachablecode}/UnreachableCode.expected (100%) create mode 100644 cpp/common/test/rules/unreachablecode/UnreachableCode.ql rename cpp/{autosar/test/rules/M0-1-1 => common/test/rules/unreachablecode}/test.cpp (100%) rename cpp/{autosar/test/rules/A0-1-4 => common/test/rules/unusedparameter}/UnusedParameter.expected (100%) create mode 100644 cpp/common/test/rules/unusedparameter/UnusedParameter.ql rename cpp/{autosar/test/rules/A0-1-4 => common/test/rules/unusedparameter}/test.cpp (100%) rename cpp/{autosar/test/rules/A0-1-6 => common/test/rules/unusedtypedeclarations}/UnusedTypeDeclarations.expected (100%) create mode 100644 cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql rename cpp/{autosar/test/rules/A0-1-6 => common/test/rules/unusedtypedeclarations}/test.cpp (100%) diff --git a/cpp/autosar/src/rules/A0-1-4/UnusedParameter.ql b/cpp/autosar/src/rules/A0-1-4/UnusedParameter.ql index dc446318d5..d7359cc795 100644 --- a/cpp/autosar/src/rules/A0-1-4/UnusedParameter.ql +++ b/cpp/autosar/src/rules/A0-1-4/UnusedParameter.ql @@ -16,11 +16,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.deadcode.UnusedParameters +import codingstandards.cpp.rules.unusedparameter.UnusedParameter -from Function f, UnusedParameter p -where - not isExcluded(p, DeadCodePackage::unusedParameterQuery()) and - f = p.getFunction() and - // Virtual functions are covered by a different rule - not f.isVirtual() -select p, "Unused parameter '" + p.getName() + "' for function $@.", f, f.getQualifiedName() +class UnusedParameterQuery extends UnusedParameterSharedQuery { + UnusedParameterQuery() { this = DeadCodePackage::unusedParameterQuery() } +} diff --git a/cpp/autosar/src/rules/A0-1-6/UnusedTypeDeclarations.ql b/cpp/autosar/src/rules/A0-1-6/UnusedTypeDeclarations.ql index 577decb72f..0026e14959 100644 --- a/cpp/autosar/src/rules/A0-1-6/UnusedTypeDeclarations.ql +++ b/cpp/autosar/src/rules/A0-1-6/UnusedTypeDeclarations.ql @@ -16,13 +16,8 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.TypeUses +import codingstandards.cpp.rules.unusedtypedeclarations.UnusedTypeDeclarations -from UserType ut -where - not isExcluded(ut, DeadCodePackage::unusedTypeDeclarationsQuery()) and - not ut instanceof TemplateParameter and - not ut instanceof ProxyClass and - not exists(getATypeUse(ut)) and - not ut.isFromUninstantiatedTemplate(_) -select ut, "Type declaration " + ut.getName() + " is not used." +class UnusedTypeDeclarationsQuery extends UnusedTypeDeclarationsSharedQuery { + UnusedTypeDeclarationsQuery() { this = DeadCodePackage::unusedTypeDeclarationsQuery() } +} diff --git a/cpp/autosar/src/rules/M0-1-1/UnreachableCode.ql b/cpp/autosar/src/rules/M0-1-1/UnreachableCode.ql index 5018313850..5e2cc22d08 100644 --- a/cpp/autosar/src/rules/M0-1-1/UnreachableCode.ql +++ b/cpp/autosar/src/rules/M0-1-1/UnreachableCode.ql @@ -17,39 +17,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.deadcode.UnreachableCode +import codingstandards.cpp.rules.unreachablecode.UnreachableCode -/* - * This query identifies unreachable code at the level of `BasicBlock`. We use `BasicBlock`s for - * this because they represent sequences of statements which, according to the CFG, are either - * all unreachable or all reachable, because control flow cannot escape from the middle of the - * basic block. - * - * We use the `BasicBlock.isUnreachable()` predicate to identify `BasicBlock`s which are unreachable - * according to our calculated control flow graph. In practice, this can resolve expressions used in - * conditions which are constant, accesses of constant values (even across function boundaries), and - * operations, recursively, on such expressions. There is no attempt made to resolve conditional - * expressions which are not statically constant or derived directly from statically constant variables. - * - * One potential problem with using `BasicBlock`s is that for template functions the `BasicBlock` is - * duplicated across multiple `Function` instances, one for uninstantiated templates, and one for - * each instantiation. Rather than considering each template instantiation independently, we instead - * only report a `BasicBlock` in a template as unreachable, if it is unreachable in all template - * instantiations (and in the uninstantiated template). This helps avoid flagging examples such as - * `return 1` as dead code in this example, where `T::isVal()` is statically deducible in some - * template instantiations: - * ``` - * template int f() { - * if (T::isVal()) return 1; - * return 2; - * } - * ``` - */ - -from UnreachableBasicBlock b -where - // None of the basic blocks are excluded - not isExcluded(b.getABasicBlock(), DeadCodePackage::unreachableCodeQuery()) and - // Exclude results where at least one of the basic blocks appears in a macro expansion, as - // macros can easily result in unreachable blocks through no fault of the user of the macro - not inMacroExpansion(b.getABasicBlock()) -select b, "This statement in function $@ is unreachable.", b.getPrimaryFunction() as f, f.getName() +class UnreachableCodeQuery extends UnreachableCodeSharedQuery { + UnreachableCodeQuery() { this = DeadCodePackage::unreachableCodeQuery() } +} diff --git a/cpp/autosar/src/rules/M0-1-9/DeadCode.ql b/cpp/autosar/src/rules/M0-1-9/DeadCode.ql index 6d35a019fd..f1c4f03895 100644 --- a/cpp/autosar/src/rules/M0-1-9/DeadCode.ql +++ b/cpp/autosar/src/rules/M0-1-9/DeadCode.ql @@ -16,116 +16,8 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.deadcode.UselessAssignments -import codingstandards.cpp.deadcode.UnreachableCode +import codingstandards.cpp.rules.deadcode.DeadCode -/* - * This query finds the following kinds of dead code statement: - * - A declaration of a non-static stack variable whose initializing expression is pure and that is never subsequently accessed in live code. - * - A block that contain only dead statements. - * - A do loop whose condition is pure, and whose body contains only dead statements. - * - An if statement whose condition is pure, and whose then and else clauses (where they exist) only contain dead statements. - * - A label statement to which the code never jumps. - * - A while loop whose condition is pure, and whose body contains only dead statements. - * - Expression statements whose expressions are pure. - * - Writes to a non-static stack variable that is never subsequently read in live code. - */ - -/** - * Holds if the `Stmt` `s` is either dead or unreachable. - */ -predicate isDeadOrUnreachableStmt(Stmt s) { - isDeadStmt(s) - or - s.getBasicBlock() = any(UnreachableBasicBlock ubb).getABasicBlock() +class MisraCppDeadCodeQuery extends DeadCodeSharedQuery { + MisraCppDeadCodeQuery() { this = DeadCodePackage::deadCodeQuery() } } - -/** - * Holds if the `Stmt` `s` is dead, i.e. could be executed, but its removal would not meaningfully - * affect the program. - */ -predicate isDeadStmt(Stmt s) { - // A `DeclStmt` is dead code if: - // - All the declarations are variable declarations - // - None of those variables are ever accessed in non-dead code - // - The initializers for each of the variables are pure - exists(DeclStmt ds | - ds = s and - // Use forex so that we don't flag "fake" generated `DeclStmt`s (e.g. those generated by the - // extractor for static_asserts) with no actual declarations - forex(Declaration d | d = ds.getADeclaration() | - exists(LocalScopeVariable v | - d = v and - v.getInitializer().getExpr().isPure() and - not exists(VariableAccess va | - va.getTarget() = v and - not isDeadOrUnreachableStmt(va.getEnclosingStmt()) - ) - ) - ) - ) - or - // A block that only contains dead statements. - exists(BlockStmt b | - b = s and - forall(Stmt child | child = b.getAStmt() | isDeadStmt(child)) and - // If this is a catch block, we should only report it as dead if it is the last catch block. - not exists(TryStmt ts, int i | - ts.getCatchClause(i) = b and - i < (ts.getNumberOfCatchClauses() - 1) - ) - ) - or - // A do statement whose condition is pure, and whose body contains only dead statements. - exists(DoStmt ds | - ds = s and - ds.getCondition().isPure() and - isDeadOrUnreachableStmt(ds.getStmt()) - ) - or - // An if statement whose condition is pure, and whose then and else clauses (where they exist) are dead or unreachable - exists(IfStmt is | - is = s and - is.getCondition().isPure() and - // Then part is either dead or unreachable - isDeadOrUnreachableStmt(is.getThen()) and - (exists(is.getElse()) implies isDeadOrUnreachableStmt(is.getElse())) - ) - or - // A while statement whose condition is pure, and whose body is a dead or unreachable statement - exists(WhileStmt ws | - ws = s and - ws.getCondition().isPure() and - isDeadOrUnreachableStmt(ws.getStmt()) - ) - or - // An expression statement which is pure - s.(ExprStmt).getExpr().isPure() - or - exists(SsaDefinition sd, LocalScopeVariable v | - // A useless definition - isUselessSsaDefinition(sd, v) and - s.(ExprStmt).getExpr() = sd.getDefinition() and - // The defining value is pure - sd.getDefiningValue(v).isPure() - ) - or - // Any TryStmt with a dead body is dead. We ignore the catch blocks, because if the body is dead, - // no exception can be thrown, and so the catch blocks are unreachable - exists(TryStmt ts | s = ts and isDeadStmt(ts.getStmt())) -} - -from Stmt s -where - not isExcluded(s, DeadCodePackage::deadCodeQuery()) and - isDeadStmt(s) and - // Report only the highest level dead statement, to avoid over reporting - not isDeadStmt(s.getParentStmt()) and - // MISRA defines dead code as an "_executed_ statement whose removal would not affect the program - // output". We therefore exclude unreachable statements as they are, by definition, not executed. - not s.getBasicBlock() = any(UnreachableBasicBlock ubb).getABasicBlock() and - // Exclude code generated by macros, because the code may be "live" in other instantiations - not s.isAffectedByMacro() and - // Exclude compiler generated statements - not s.isCompilerGenerated() -select s, "This statement is dead code." diff --git a/cpp/autosar/test/rules/A0-1-4/UnusedParameter.qlref b/cpp/autosar/test/rules/A0-1-4/UnusedParameter.qlref deleted file mode 100644 index 9090eacb41..0000000000 --- a/cpp/autosar/test/rules/A0-1-4/UnusedParameter.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/A0-1-4/UnusedParameter.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A0-1-4/UnusedParameter.testref b/cpp/autosar/test/rules/A0-1-4/UnusedParameter.testref new file mode 100644 index 0000000000..c51267a65f --- /dev/null +++ b/cpp/autosar/test/rules/A0-1-4/UnusedParameter.testref @@ -0,0 +1 @@ +cpp/common/test/rules/unusedparameter/UnusedParameter.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A0-1-6/UnusedTypeDeclarations.qlref b/cpp/autosar/test/rules/A0-1-6/UnusedTypeDeclarations.qlref deleted file mode 100644 index 8ae6ae9563..0000000000 --- a/cpp/autosar/test/rules/A0-1-6/UnusedTypeDeclarations.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/A0-1-6/UnusedTypeDeclarations.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A0-1-6/UnusedTypeDeclarations.testref b/cpp/autosar/test/rules/A0-1-6/UnusedTypeDeclarations.testref new file mode 100644 index 0000000000..b6b5c63301 --- /dev/null +++ b/cpp/autosar/test/rules/A0-1-6/UnusedTypeDeclarations.testref @@ -0,0 +1 @@ +cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M0-1-1/UnreachableCode.qlref b/cpp/autosar/test/rules/M0-1-1/UnreachableCode.qlref deleted file mode 100644 index 449e3bbd42..0000000000 --- a/cpp/autosar/test/rules/M0-1-1/UnreachableCode.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M0-1-1/UnreachableCode.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M0-1-1/UnreachableCode.testref b/cpp/autosar/test/rules/M0-1-1/UnreachableCode.testref new file mode 100644 index 0000000000..7e55dbcd9b --- /dev/null +++ b/cpp/autosar/test/rules/M0-1-1/UnreachableCode.testref @@ -0,0 +1 @@ +cpp/common/test/rules/unreachablecode/UnreachableCode.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M0-1-9/DeadCode.qlref b/cpp/autosar/test/rules/M0-1-9/DeadCode.qlref deleted file mode 100644 index 6ca1df3082..0000000000 --- a/cpp/autosar/test/rules/M0-1-9/DeadCode.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M0-1-9/DeadCode.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M0-1-9/DeadCode.testref b/cpp/autosar/test/rules/M0-1-9/DeadCode.testref new file mode 100644 index 0000000000..86593f7058 --- /dev/null +++ b/cpp/autosar/test/rules/M0-1-9/DeadCode.testref @@ -0,0 +1 @@ +cpp/common/test/rules/deadcode/DeadCode.ql \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/rules/deadcode/DeadCode.qll b/cpp/common/src/codingstandards/cpp/rules/deadcode/DeadCode.qll new file mode 100644 index 0000000000..0bbd87d826 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/deadcode/DeadCode.qll @@ -0,0 +1,122 @@ +/** + * Provides a library which includes a `problems` predicate for reporting DeadCode. + * + * This problems predicate finds the following kinds of dead code statement: + * - A declaration of a non-static stack variable whose initializing expression is pure and that is never subsequently accessed in live code. + * - A block that contain only dead statements. + * - A do loop whose condition is pure, and whose body contains only dead statements. + * - An if statement whose condition is pure, and whose then and else clauses (where they exist) only contain dead statements. + * - A label statement to which the code never jumps. + * - A while loop whose condition is pure, and whose body contains only dead statements. + * - Expression statements whose expressions are pure. + * - Writes to a non-static stack variable that is never subsequently read in live code. + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import codingstandards.cpp.deadcode.UselessAssignments +import codingstandards.cpp.deadcode.UnreachableCode + +abstract class DeadCodeSharedQuery extends Query { } + +Query getQuery() { result instanceof DeadCodeSharedQuery } + +/** + * Holds if the `Stmt` `s` is either dead or unreachable. + */ +predicate isDeadOrUnreachableStmt(Stmt s) { + isDeadStmt(s) + or + s.getBasicBlock() = any(UnreachableBasicBlock ubb).getABasicBlock() +} + +/** + * Holds if the `Stmt` `s` is dead, i.e. could be executed, but its removal would not meaningfully + * affect the program. + */ +predicate isDeadStmt(Stmt s) { + // A `DeclStmt` is dead code if: + // - All the declarations are variable declarations + // - None of those variables are ever accessed in non-dead code + // - The initializers for each of the variables are pure + exists(DeclStmt ds | + ds = s and + // Use forex so that we don't flag "fake" generated `DeclStmt`s (e.g. those generated by the + // extractor for static_asserts) with no actual declarations + forex(Declaration d | d = ds.getADeclaration() | + exists(LocalScopeVariable v | + d = v and + v.getInitializer().getExpr().isPure() and + not exists(VariableAccess va | + va.getTarget() = v and + not isDeadOrUnreachableStmt(va.getEnclosingStmt()) + ) + ) + ) + ) + or + // A block that only contains dead statements. + exists(BlockStmt b | + b = s and + forall(Stmt child | child = b.getAStmt() | isDeadStmt(child)) and + // If this is a catch block, we should only report it as dead if it is the last catch block. + not exists(TryStmt ts, int i | + ts.getCatchClause(i) = b and + i < (ts.getNumberOfCatchClauses() - 1) + ) + ) + or + // A do statement whose condition is pure, and whose body contains only dead statements. + exists(DoStmt ds | + ds = s and + ds.getCondition().isPure() and + isDeadOrUnreachableStmt(ds.getStmt()) + ) + or + // An if statement whose condition is pure, and whose then and else clauses (where they exist) are dead or unreachable + exists(IfStmt is | + is = s and + is.getCondition().isPure() and + // Then part is either dead or unreachable + isDeadOrUnreachableStmt(is.getThen()) and + (exists(is.getElse()) implies isDeadOrUnreachableStmt(is.getElse())) + ) + or + // A while statement whose condition is pure, and whose body is a dead or unreachable statement + exists(WhileStmt ws | + ws = s and + ws.getCondition().isPure() and + isDeadOrUnreachableStmt(ws.getStmt()) + ) + or + // An expression statement which is pure + s.(ExprStmt).getExpr().isPure() + or + exists(SsaDefinition sd, LocalScopeVariable v | + // A useless definition + isUselessSsaDefinition(sd, v) and + s.(ExprStmt).getExpr() = sd.getDefinition() and + // The defining value is pure + sd.getDefiningValue(v).isPure() + ) + or + // Any TryStmt with a dead body is dead. We ignore the catch blocks, because if the body is dead, + // no exception can be thrown, and so the catch blocks are unreachable + exists(TryStmt ts | s = ts and isDeadStmt(ts.getStmt())) +} + +query predicate problems(Stmt s, string message) { + not isExcluded(s, getQuery()) and + message = "This statement is dead code." and + isDeadStmt(s) and + // Report only the highest level dead statement, to avoid over reporting + not isDeadStmt(s.getParentStmt()) and + // MISRA defines dead code as an "_executed_ statement whose removal would not affect the program + // output". We therefore exclude unreachable statements as they are, by definition, not executed. + not s.getBasicBlock() = any(UnreachableBasicBlock ubb).getABasicBlock() and + // Exclude code generated by macros, because the code may be "live" in other instantiations + not s.isAffectedByMacro() and + // Exclude compiler generated statements + not s.isCompilerGenerated() +} diff --git a/cpp/common/src/codingstandards/cpp/rules/unreachablecode/UnreachableCode.qll b/cpp/common/src/codingstandards/cpp/rules/unreachablecode/UnreachableCode.qll new file mode 100644 index 0000000000..6697d14827 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/unreachablecode/UnreachableCode.qll @@ -0,0 +1,48 @@ +/** + * Provides a library which includes a `problems` predicate for reporting unreachable code. + * + * This problems predicate identifies unreachable code at the level of `BasicBlock`. We use + * `BasicBlock`s for this because they represent sequences of statements which, according to the CFG, + * are either all unreachable or all reachable, because control flow cannot escape from the middle + * of the basic block. + * + * We use the `BasicBlock.isUnreachable()` predicate to identify `BasicBlock`s which are unreachable + * according to our calculated control flow graph. In practice, this can resolve expressions used in + * conditions which are constant, accesses of constant values (even across function boundaries), and + * operations, recursively, on such expressions. There is no attempt made to resolve conditional + * expressions which are not statically constant or derived directly from statically constant variables. + * + * One potential problem with using `BasicBlock`s is that for template functions the `BasicBlock` is + * duplicated across multiple `Function` instances, one for uninstantiated templates, and one for + * each instantiation. Rather than considering each template instantiation independently, we instead + * only report a `BasicBlock` in a template as unreachable, if it is unreachable in all template + * instantiations (and in the uninstantiated template). This helps avoid flagging examples such as + * `return 1` as dead code in this example, where `T::isVal()` is statically deducible in some + * template instantiations: + * ``` + * template int f() { + * if (T::isVal()) return 1; + * return 2; + * } + * ``` + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import codingstandards.cpp.deadcode.UnreachableCode + +abstract class UnreachableCodeSharedQuery extends Query { } + +Query getQuery() { result instanceof UnreachableCodeSharedQuery } + +query predicate problems(UnreachableBasicBlock b, string message, Function f, string functionName) { + // None of the basic blocks are excluded + not isExcluded(b.getABasicBlock(), getQuery()) and + message = "This statement in function $@ is unreachable." and + // Exclude results where at least one of the basic blocks appears in a macro expansion, as + // macros can easily result in unreachable blocks through no fault of the user of the macro + not inMacroExpansion(b.getABasicBlock()) and + f = b.getPrimaryFunction() and + functionName = f.getName() +} diff --git a/cpp/common/src/codingstandards/cpp/rules/unusedparameter/UnusedParameter.qll b/cpp/common/src/codingstandards/cpp/rules/unusedparameter/UnusedParameter.qll new file mode 100644 index 0000000000..4258bbf129 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/unusedparameter/UnusedParameter.qll @@ -0,0 +1,21 @@ +/** + * Provides a library which includes a `problems` predicate for reporting unused parameters. + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import codingstandards.cpp.deadcode.UnusedParameters + +abstract class UnusedParameterSharedQuery extends Query { } + +Query getQuery() { result instanceof UnusedParameterSharedQuery } + +query predicate problems(UnusedParameter p, string message, Function f, string fName) { + not isExcluded(p, getQuery()) and + f = p.getFunction() and + // Virtual functions are covered by a different rule + not f.isVirtual() and + message = "Unused parameter '" + p.getName() + "' for function $@." and + fName = f.getQualifiedName() +} diff --git a/cpp/common/src/codingstandards/cpp/rules/unusedtypedeclarations/UnusedTypeDeclarations.qll b/cpp/common/src/codingstandards/cpp/rules/unusedtypedeclarations/UnusedTypeDeclarations.qll new file mode 100644 index 0000000000..85ffb7b992 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/unusedtypedeclarations/UnusedTypeDeclarations.qll @@ -0,0 +1,21 @@ +/** + * Provides a library which includes a `problems` predicate for reporting unused types. + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import codingstandards.cpp.TypeUses + +abstract class UnusedTypeDeclarationsSharedQuery extends Query { } + +Query getQuery() { result instanceof UnusedTypeDeclarationsSharedQuery } + +query predicate problems(UserType ut, string message) { + not isExcluded(ut, getQuery()) and + message = "Type declaration " + ut.getName() + " is not used." and + not ut instanceof TemplateParameter and + not ut instanceof ProxyClass and + not exists(getATypeUse(ut)) and + not ut.isFromUninstantiatedTemplate(_) +} diff --git a/cpp/autosar/test/rules/M0-1-9/DeadCode.expected b/cpp/common/test/rules/deadcode/DeadCode.expected similarity index 100% rename from cpp/autosar/test/rules/M0-1-9/DeadCode.expected rename to cpp/common/test/rules/deadcode/DeadCode.expected diff --git a/cpp/common/test/rules/deadcode/DeadCode.ql b/cpp/common/test/rules/deadcode/DeadCode.ql new file mode 100644 index 0000000000..62f5a924f1 --- /dev/null +++ b/cpp/common/test/rules/deadcode/DeadCode.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.deadcode.DeadCode diff --git a/cpp/autosar/test/rules/M0-1-9/test.cpp b/cpp/common/test/rules/deadcode/test.cpp similarity index 100% rename from cpp/autosar/test/rules/M0-1-9/test.cpp rename to cpp/common/test/rules/deadcode/test.cpp diff --git a/cpp/autosar/test/rules/M0-1-1/UnreachableCode.expected b/cpp/common/test/rules/unreachablecode/UnreachableCode.expected similarity index 100% rename from cpp/autosar/test/rules/M0-1-1/UnreachableCode.expected rename to cpp/common/test/rules/unreachablecode/UnreachableCode.expected diff --git a/cpp/common/test/rules/unreachablecode/UnreachableCode.ql b/cpp/common/test/rules/unreachablecode/UnreachableCode.ql new file mode 100644 index 0000000000..7a105eafa8 --- /dev/null +++ b/cpp/common/test/rules/unreachablecode/UnreachableCode.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.unreachablecode.UnreachableCode diff --git a/cpp/autosar/test/rules/M0-1-1/test.cpp b/cpp/common/test/rules/unreachablecode/test.cpp similarity index 100% rename from cpp/autosar/test/rules/M0-1-1/test.cpp rename to cpp/common/test/rules/unreachablecode/test.cpp diff --git a/cpp/autosar/test/rules/A0-1-4/UnusedParameter.expected b/cpp/common/test/rules/unusedparameter/UnusedParameter.expected similarity index 100% rename from cpp/autosar/test/rules/A0-1-4/UnusedParameter.expected rename to cpp/common/test/rules/unusedparameter/UnusedParameter.expected diff --git a/cpp/common/test/rules/unusedparameter/UnusedParameter.ql b/cpp/common/test/rules/unusedparameter/UnusedParameter.ql new file mode 100644 index 0000000000..0c6d01d515 --- /dev/null +++ b/cpp/common/test/rules/unusedparameter/UnusedParameter.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.unusedparameter.UnusedParameter diff --git a/cpp/autosar/test/rules/A0-1-4/test.cpp b/cpp/common/test/rules/unusedparameter/test.cpp similarity index 100% rename from cpp/autosar/test/rules/A0-1-4/test.cpp rename to cpp/common/test/rules/unusedparameter/test.cpp diff --git a/cpp/autosar/test/rules/A0-1-6/UnusedTypeDeclarations.expected b/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.expected similarity index 100% rename from cpp/autosar/test/rules/A0-1-6/UnusedTypeDeclarations.expected rename to cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.expected diff --git a/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql b/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql new file mode 100644 index 0000000000..83b19da601 --- /dev/null +++ b/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.unusedtypedeclarations.UnusedTypeDeclarations diff --git a/cpp/autosar/test/rules/A0-1-6/test.cpp b/cpp/common/test/rules/unusedtypedeclarations/test.cpp similarity index 100% rename from cpp/autosar/test/rules/A0-1-6/test.cpp rename to cpp/common/test/rules/unusedtypedeclarations/test.cpp diff --git a/rule_packages/cpp/DeadCode.json b/rule_packages/cpp/DeadCode.json index ec17e4b84f..f322f5b0a7 100644 --- a/rule_packages/cpp/DeadCode.json +++ b/rule_packages/cpp/DeadCode.json @@ -91,7 +91,8 @@ "tags": [ "readability", "maintainability" - ] + ], + "shared_implementation_short_name": "UnusedParameter" } ], "title": "There shall be no unused named parameters in non-virtual functions." @@ -139,7 +140,8 @@ "tags": [ "readability", "maintainability" - ] + ], + "shared_implementation_short_name": "UnusedTypeDeclarations" } ], "title": "There should be no unused type declarations." @@ -163,7 +165,8 @@ "tags": [ "readability", "maintainability" - ] + ], + "shared_implementation_short_name": "UnreachableCode" } ], "title": "A project shall not contain unreachable code." @@ -334,7 +337,8 @@ "tags": [ "readability", "maintainability" - ] + ], + "shared_implementation_short_name": "DeadCode" } ], "title": "There shall be no dead code." From 6a06a24264c57d8a74e965c01de6ebf77821b856 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Mon, 9 Jan 2023 15:07:10 -0500 Subject: [PATCH 0207/2573] Declarations6: add RULE-5-8 and RULE-5-9 --- ...IdentifiersWithExternalLinkageNotUnique.ql | 24 +++++++++++ ...IdentifiersWithInternalLinkageNotUnique.ql | 32 +++++++++++++++ ...fiersWithExternalLinkageNotUnique.expected | 2 + ...ntifiersWithExternalLinkageNotUnique.qlref | 1 + c/misra/test/rules/RULE-5-8/test.c | 3 ++ c/misra/test/rules/RULE-5-8/test1.c | 5 +++ ...fiersWithInternalLinkageNotUnique.expected | 4 ++ ...ntifiersWithInternalLinkageNotUnique.qlref | 1 + c/misra/test/rules/RULE-5-9/test.c | 2 + c/misra/test/rules/RULE-5-9/test1.c | 12 ++++++ .../cpp/exclusions/c/Declarations6.qll | 37 ++++++++++++++++- rule_packages/c/Declarations6.json | 40 +++++++++++++++++++ rules.csv | 4 +- 13 files changed, 164 insertions(+), 3 deletions(-) create mode 100644 c/misra/src/rules/RULE-5-8/IdentifiersWithExternalLinkageNotUnique.ql create mode 100644 c/misra/src/rules/RULE-5-9/IdentifiersWithInternalLinkageNotUnique.ql create mode 100644 c/misra/test/rules/RULE-5-8/IdentifiersWithExternalLinkageNotUnique.expected create mode 100644 c/misra/test/rules/RULE-5-8/IdentifiersWithExternalLinkageNotUnique.qlref create mode 100644 c/misra/test/rules/RULE-5-8/test.c create mode 100644 c/misra/test/rules/RULE-5-8/test1.c create mode 100644 c/misra/test/rules/RULE-5-9/IdentifiersWithInternalLinkageNotUnique.expected create mode 100644 c/misra/test/rules/RULE-5-9/IdentifiersWithInternalLinkageNotUnique.qlref create mode 100644 c/misra/test/rules/RULE-5-9/test.c create mode 100644 c/misra/test/rules/RULE-5-9/test1.c diff --git a/c/misra/src/rules/RULE-5-8/IdentifiersWithExternalLinkageNotUnique.ql b/c/misra/src/rules/RULE-5-8/IdentifiersWithExternalLinkageNotUnique.ql new file mode 100644 index 0000000000..ff20ceed18 --- /dev/null +++ b/c/misra/src/rules/RULE-5-8/IdentifiersWithExternalLinkageNotUnique.ql @@ -0,0 +1,24 @@ +/** + * @id c/misra/identifiers-with-external-linkage-not-unique + * @name RULE-5-8: Identifiers that define objects or functions with external linkage shall be unique + * @description Using non-unique identifiers can lead to developer confusion. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-5-8 + * maintainability + * readability + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.Identifiers + +from Declaration de, ExternalIdentifiers e +where + not isExcluded(de, Declarations6Package::identifiersWithExternalLinkageNotUniqueQuery()) and + not isExcluded(e, Declarations6Package::identifiersWithExternalLinkageNotUniqueQuery()) and + not de = e and + de.getName() = e.getName() +select de, "Identifier conflicts with external identifier $@", e, e.getName() diff --git a/c/misra/src/rules/RULE-5-9/IdentifiersWithInternalLinkageNotUnique.ql b/c/misra/src/rules/RULE-5-9/IdentifiersWithInternalLinkageNotUnique.ql new file mode 100644 index 0000000000..45f63a3207 --- /dev/null +++ b/c/misra/src/rules/RULE-5-9/IdentifiersWithInternalLinkageNotUnique.ql @@ -0,0 +1,32 @@ +/** + * @id c/misra/identifiers-with-internal-linkage-not-unique + * @name RULE-5-9: Identifiers that define objects or functions with internal linkage should be unique + * @description Using non-unique identifiers can lead to developer confusion. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-5-9 + * maintainability + * readability + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.c.misra + +from Declaration d1, Declaration d2 +where + not isExcluded(d1, Declarations6Package::identifiersWithInternalLinkageNotUniqueQuery()) and + not isExcluded(d2, Declarations6Package::identifiersWithInternalLinkageNotUniqueQuery()) and + d1.isStatic() and + d1.isTopLevel() and + not d1 = d2 and + d1.getName() = d2.getName() and + // Apply an ordering based on location to enforce that (d1, d2) = (d2, d1) and we only report (d1, d2). + ( + d1.getFile().getAbsolutePath() < d2.getFile().getAbsolutePath() + or + d1.getFile().getAbsolutePath() = d2.getFile().getAbsolutePath() and + d1.getLocation().getStartLine() < d2.getLocation().getStartLine() + ) +select d2, "Identifier conflicts with identifier $@ with internal linkage.", d1, d1.getName() diff --git a/c/misra/test/rules/RULE-5-8/IdentifiersWithExternalLinkageNotUnique.expected b/c/misra/test/rules/RULE-5-8/IdentifiersWithExternalLinkageNotUnique.expected new file mode 100644 index 0000000000..b9f237be3f --- /dev/null +++ b/c/misra/test/rules/RULE-5-8/IdentifiersWithExternalLinkageNotUnique.expected @@ -0,0 +1,2 @@ +| test1.c:1:13:1:13 | f | Identifier conflicts with external identifier $@ | test.c:3:6:3:6 | f | f | +| test1.c:2:7:2:7 | g | Identifier conflicts with external identifier $@ | test.c:1:5:1:5 | g | g | diff --git a/c/misra/test/rules/RULE-5-8/IdentifiersWithExternalLinkageNotUnique.qlref b/c/misra/test/rules/RULE-5-8/IdentifiersWithExternalLinkageNotUnique.qlref new file mode 100644 index 0000000000..1eb56b955d --- /dev/null +++ b/c/misra/test/rules/RULE-5-8/IdentifiersWithExternalLinkageNotUnique.qlref @@ -0,0 +1 @@ +rules/RULE-5-8/IdentifiersWithExternalLinkageNotUnique.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-5-8/test.c b/c/misra/test/rules/RULE-5-8/test.c new file mode 100644 index 0000000000..119c4548c4 --- /dev/null +++ b/c/misra/test/rules/RULE-5-8/test.c @@ -0,0 +1,3 @@ +int g; +extern int g1; // COMPLIANT +void f() { int i; } \ No newline at end of file diff --git a/c/misra/test/rules/RULE-5-8/test1.c b/c/misra/test/rules/RULE-5-8/test1.c new file mode 100644 index 0000000000..027d6ac046 --- /dev/null +++ b/c/misra/test/rules/RULE-5-8/test1.c @@ -0,0 +1,5 @@ +static void f() { // NON_COMPLIANT + int g; // NON_COMPLIANT + int i; // COMPLIANT +} +int g1; //COMPLIANT \ No newline at end of file diff --git a/c/misra/test/rules/RULE-5-9/IdentifiersWithInternalLinkageNotUnique.expected b/c/misra/test/rules/RULE-5-9/IdentifiersWithInternalLinkageNotUnique.expected new file mode 100644 index 0000000000..6fc2c006a2 --- /dev/null +++ b/c/misra/test/rules/RULE-5-9/IdentifiersWithInternalLinkageNotUnique.expected @@ -0,0 +1,4 @@ +| test1.c:3:12:3:13 | g1 | Identifier conflicts with identifier $@ with internal linkage. | test.c:2:12:2:13 | g1 | g1 | +| test1.c:5:13:5:13 | f | Identifier conflicts with identifier $@ with internal linkage. | test.c:3:13:3:13 | f | f | +| test1.c:6:7:6:7 | g | Identifier conflicts with identifier $@ with internal linkage. | test1.c:2:12:2:12 | g | g | +| test1.c:11:7:11:7 | g | Identifier conflicts with identifier $@ with internal linkage. | test1.c:2:12:2:12 | g | g | diff --git a/c/misra/test/rules/RULE-5-9/IdentifiersWithInternalLinkageNotUnique.qlref b/c/misra/test/rules/RULE-5-9/IdentifiersWithInternalLinkageNotUnique.qlref new file mode 100644 index 0000000000..becc4e9e43 --- /dev/null +++ b/c/misra/test/rules/RULE-5-9/IdentifiersWithInternalLinkageNotUnique.qlref @@ -0,0 +1 @@ +rules/RULE-5-9/IdentifiersWithInternalLinkageNotUnique.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-5-9/test.c b/c/misra/test/rules/RULE-5-9/test.c new file mode 100644 index 0000000000..cd5e2ad888 --- /dev/null +++ b/c/misra/test/rules/RULE-5-9/test.c @@ -0,0 +1,2 @@ +static int g1; // NON_COMPLIANT +static void f(); // NON_COMPLIANT \ No newline at end of file diff --git a/c/misra/test/rules/RULE-5-9/test1.c b/c/misra/test/rules/RULE-5-9/test1.c new file mode 100644 index 0000000000..0fa1261614 --- /dev/null +++ b/c/misra/test/rules/RULE-5-9/test1.c @@ -0,0 +1,12 @@ +static int g; // COMPLIANT +static int g1; // NON_COMPLIANT + +static void f() { // NON_COMPLIANT + int g; // NON_COMPLIANT + int g2; // COMPLIANT +} + +void f1() { // COMPLIANT + int g; // NON_COMPLIANT + int g2; // COMPLIANT +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations6.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations6.qll index fe3ec8b508..3cae883ebf 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations6.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations6.qll @@ -3,7 +3,10 @@ import cpp import RuleMetadata import codingstandards.cpp.exclusions.RuleMetadata -newtype Declarations6Query = TFunctionDeclaredImplicitlyQuery() +newtype Declarations6Query = + TFunctionDeclaredImplicitlyQuery() or + TIdentifiersWithExternalLinkageNotUniqueQuery() or + TIdentifiersWithInternalLinkageNotUniqueQuery() predicate isDeclarations6QueryMetadata(Query query, string queryId, string ruleId, string category) { query = @@ -14,6 +17,24 @@ predicate isDeclarations6QueryMetadata(Query query, string queryId, string ruleI "c/misra/function-declared-implicitly" and ruleId = "RULE-17-3" and category = "mandatory" + or + query = + // `Query` instance for the `identifiersWithExternalLinkageNotUnique` query + Declarations6Package::identifiersWithExternalLinkageNotUniqueQuery() and + queryId = + // `@id` for the `identifiersWithExternalLinkageNotUnique` query + "c/misra/identifiers-with-external-linkage-not-unique" and + ruleId = "RULE-5-8" and + category = "required" + or + query = + // `Query` instance for the `identifiersWithInternalLinkageNotUnique` query + Declarations6Package::identifiersWithInternalLinkageNotUniqueQuery() and + queryId = + // `@id` for the `identifiersWithInternalLinkageNotUnique` query + "c/misra/identifiers-with-internal-linkage-not-unique" and + ruleId = "RULE-5-9" and + category = "advisory" } module Declarations6Package { @@ -23,4 +44,18 @@ module Declarations6Package { // `Query` type for `functionDeclaredImplicitly` query TQueryC(TDeclarations6PackageQuery(TFunctionDeclaredImplicitlyQuery())) } + + Query identifiersWithExternalLinkageNotUniqueQuery() { + //autogenerate `Query` type + result = + // `Query` type for `identifiersWithExternalLinkageNotUnique` query + TQueryC(TDeclarations6PackageQuery(TIdentifiersWithExternalLinkageNotUniqueQuery())) + } + + Query identifiersWithInternalLinkageNotUniqueQuery() { + //autogenerate `Query` type + result = + // `Query` type for `identifiersWithInternalLinkageNotUnique` query + TQueryC(TDeclarations6PackageQuery(TIdentifiersWithInternalLinkageNotUniqueQuery())) + } } diff --git a/rule_packages/c/Declarations6.json b/rule_packages/c/Declarations6.json index af2b15e868..8120db9ac5 100644 --- a/rule_packages/c/Declarations6.json +++ b/rule_packages/c/Declarations6.json @@ -19,6 +19,46 @@ } ], "title": "A function shall not be declared implicitly" + }, + "RULE-5-8": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Using non-unique identifiers can lead to developer confusion.", + "kind": "problem", + "name": "Identifiers that define objects or functions with external linkage shall be unique", + "precision": "very-high", + "severity": "error", + "short_name": "IdentifiersWithExternalLinkageNotUnique", + "tags": [ + "maintainability", + "readability" + ] + } + ], + "title": "Identifiers that define objects or functions with external linkage shall be unique" + }, + "RULE-5-9": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "Using non-unique identifiers can lead to developer confusion.", + "kind": "problem", + "name": "Identifiers that define objects or functions with internal linkage should be unique", + "precision": "very-high", + "severity": "error", + "short_name": "IdentifiersWithInternalLinkageNotUnique", + "tags": [ + "maintainability", + "readability" + ] + } + ], + "title": "Identifiers that define objects or functions with internal linkage should be unique" } } } \ No newline at end of file diff --git a/rules.csv b/rules.csv index 05473821fe..20171b1d9c 100644 --- a/rules.csv +++ b/rules.csv @@ -638,8 +638,8 @@ c,MISRA-C-2012,RULE-5-4,Yes,Required,,,Macro identifiers shall be distinct,,Decl c,MISRA-C-2012,RULE-5-5,Yes,Required,,,Identifiers shall be distinct from macro names,,Declarations3,Easy, c,MISRA-C-2012,RULE-5-6,Yes,Required,,,A typedef name shall be a unique identifier,,Declarations3,Easy, c,MISRA-C-2012,RULE-5-7,Yes,Required,,,A tag name shall be a unique identifier,,Declarations3,Easy, -c,MISRA-C-2012,RULE-5-8,Yes,Required,,,Identifiers that define objects or functions with external linkage shall be unique,,Declarations,Easy, -c,MISRA-C-2012,RULE-5-9,Yes,Advisory,,,Identifiers that define objects or functions with internal linkage should be unique,,Declarations,Easy, +c,MISRA-C-2012,RULE-5-8,Yes,Required,,,Identifiers that define objects or functions with external linkage shall be unique,,Declarations6,Easy, +c,MISRA-C-2012,RULE-5-9,Yes,Advisory,,,Identifiers that define objects or functions with internal linkage should be unique,,Declarations6,Easy, c,MISRA-C-2012,RULE-6-1,Yes,Required,,,Bit-fields shall only be declared with an appropriate type,M9-6-4,Types,Medium, c,MISRA-C-2012,RULE-6-2,Yes,Required,,,Single-bit named bit fields shall not be of a signed type,M9-6-4,Types,Import, c,MISRA-C-2012,RULE-7-1,Yes,Required,,,Octal constants shall not be used,M2-13-2,Banned,Import, From 874a5182e8387a27be8faee310c7be61a7be9ecb Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Mon, 9 Jan 2023 15:13:11 -0500 Subject: [PATCH 0208/2573] Declarations6: fix formatting testcase RULE-5-8 --- c/misra/test/rules/RULE-5-8/test1.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/misra/test/rules/RULE-5-8/test1.c b/c/misra/test/rules/RULE-5-8/test1.c index 027d6ac046..8c138f0bb4 100644 --- a/c/misra/test/rules/RULE-5-8/test1.c +++ b/c/misra/test/rules/RULE-5-8/test1.c @@ -2,4 +2,4 @@ static void f() { // NON_COMPLIANT int g; // NON_COMPLIANT int i; // COMPLIANT } -int g1; //COMPLIANT \ No newline at end of file +int g1; // COMPLIANT \ No newline at end of file From e7185594ce1c0b4c36d8c80187e525ce259c12e6 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Mon, 9 Jan 2023 16:01:37 -0500 Subject: [PATCH 0209/2573] Declarations6: fix formatting testcase RULE-17-3 --- .../test/rules/RULE-17-3/FunctionDeclaredImplicitly.expected | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/c/misra/test/rules/RULE-17-3/FunctionDeclaredImplicitly.expected b/c/misra/test/rules/RULE-17-3/FunctionDeclaredImplicitly.expected index 9d7cb66d70..8b53c721bb 100644 --- a/c/misra/test/rules/RULE-17-3/FunctionDeclaredImplicitly.expected +++ b/c/misra/test/rules/RULE-17-3/FunctionDeclaredImplicitly.expected @@ -1,2 +1,2 @@ -| test.c:3:1:3:2 | declaration of f2 | Function declaration is implicit. | -| test.c:11:17:11:17 | declaration of f3 | Function declaration is implicit. | +| test.c:4:1:4:2 | declaration of f2 | Function declaration is implicit. | +| test.c:12:15:12:15 | declaration of f3 | Function declaration is implicit. | From 2a6a85edd30486576a3f7c4983954776b0df5a5a Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 10 Jan 2023 11:16:06 -0500 Subject: [PATCH 0210/2573] Declarations6: add RULE-8-11 --- ...yExternalLinkageSizeExplicitlySpecified.ql | 28 +++++++++++++++++++ ...nalLinkageSizeExplicitlySpecified.expected | 1 + ...ternalLinkageSizeExplicitlySpecified.qlref | 1 + c/misra/test/rules/RULE-8-11/test.c | 6 ++++ .../cpp/exclusions/c/Declarations6.qll | 19 ++++++++++++- rule_packages/c/Declarations6.json | 20 +++++++++++++ rules.csv | 2 +- 7 files changed, 75 insertions(+), 2 deletions(-) create mode 100644 c/misra/src/rules/RULE-8-11/ArrayExternalLinkageSizeExplicitlySpecified.ql create mode 100644 c/misra/test/rules/RULE-8-11/ArrayExternalLinkageSizeExplicitlySpecified.expected create mode 100644 c/misra/test/rules/RULE-8-11/ArrayExternalLinkageSizeExplicitlySpecified.qlref create mode 100644 c/misra/test/rules/RULE-8-11/test.c diff --git a/c/misra/src/rules/RULE-8-11/ArrayExternalLinkageSizeExplicitlySpecified.ql b/c/misra/src/rules/RULE-8-11/ArrayExternalLinkageSizeExplicitlySpecified.ql new file mode 100644 index 0000000000..ada18c805d --- /dev/null +++ b/c/misra/src/rules/RULE-8-11/ArrayExternalLinkageSizeExplicitlySpecified.ql @@ -0,0 +1,28 @@ +/** + * @id c/misra/array-external-linkage-size-explicitly-specified + * @name RULE-8-11: When an array with external linkage is declared, its size should be explicitly specified + * @description Declaring an array without an explicit size disallows the compiler and static + * checkers from doing array bounds analysis and can lead to less readable, unsafe + * code. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-8-11 + * correctness + * readability + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.Identifiers + +from VariableDeclarationEntry v, ArrayType t +where + not isExcluded(v, Declarations6Package::arrayExternalLinkageSizeExplicitlySpecifiedQuery()) and + v.getDeclaration() instanceof ExternalIdentifiers and + v.getType() = t and + not exists(t.getSize()) and + //this rule applies to non-defining declarations only + not v.isDefinition() +select v, "Array declared without explicit size." diff --git a/c/misra/test/rules/RULE-8-11/ArrayExternalLinkageSizeExplicitlySpecified.expected b/c/misra/test/rules/RULE-8-11/ArrayExternalLinkageSizeExplicitlySpecified.expected new file mode 100644 index 0000000000..1ee0702d2b --- /dev/null +++ b/c/misra/test/rules/RULE-8-11/ArrayExternalLinkageSizeExplicitlySpecified.expected @@ -0,0 +1 @@ +| test.c:2:12:2:13 | declaration of a1 | Array declared without explicit size. | diff --git a/c/misra/test/rules/RULE-8-11/ArrayExternalLinkageSizeExplicitlySpecified.qlref b/c/misra/test/rules/RULE-8-11/ArrayExternalLinkageSizeExplicitlySpecified.qlref new file mode 100644 index 0000000000..4f011bfafe --- /dev/null +++ b/c/misra/test/rules/RULE-8-11/ArrayExternalLinkageSizeExplicitlySpecified.qlref @@ -0,0 +1 @@ +rules/RULE-8-11/ArrayExternalLinkageSizeExplicitlySpecified.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-11/test.c b/c/misra/test/rules/RULE-8-11/test.c new file mode 100644 index 0000000000..6b7d8be8c7 --- /dev/null +++ b/c/misra/test/rules/RULE-8-11/test.c @@ -0,0 +1,6 @@ +extern int a[1]; // COMPLIANT +extern int a1[]; // NON_COMPLIANT +extern int a2[] = { + 1}; // COMPLIANT - this rule applies to non-defining declarations only +static int a3[]; // COMPLIANT - not external linkage +int a4[]; // COMPLIANT - is a definition \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations6.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations6.qll index 3cae883ebf..b8556b7089 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations6.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations6.qll @@ -6,7 +6,8 @@ import codingstandards.cpp.exclusions.RuleMetadata newtype Declarations6Query = TFunctionDeclaredImplicitlyQuery() or TIdentifiersWithExternalLinkageNotUniqueQuery() or - TIdentifiersWithInternalLinkageNotUniqueQuery() + TIdentifiersWithInternalLinkageNotUniqueQuery() or + TArrayExternalLinkageSizeExplicitlySpecifiedQuery() predicate isDeclarations6QueryMetadata(Query query, string queryId, string ruleId, string category) { query = @@ -35,6 +36,15 @@ predicate isDeclarations6QueryMetadata(Query query, string queryId, string ruleI "c/misra/identifiers-with-internal-linkage-not-unique" and ruleId = "RULE-5-9" and category = "advisory" + or + query = + // `Query` instance for the `arrayExternalLinkageSizeExplicitlySpecified` query + Declarations6Package::arrayExternalLinkageSizeExplicitlySpecifiedQuery() and + queryId = + // `@id` for the `arrayExternalLinkageSizeExplicitlySpecified` query + "c/misra/array-external-linkage-size-explicitly-specified" and + ruleId = "RULE-8-11" and + category = "advisory" } module Declarations6Package { @@ -58,4 +68,11 @@ module Declarations6Package { // `Query` type for `identifiersWithInternalLinkageNotUnique` query TQueryC(TDeclarations6PackageQuery(TIdentifiersWithInternalLinkageNotUniqueQuery())) } + + Query arrayExternalLinkageSizeExplicitlySpecifiedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `arrayExternalLinkageSizeExplicitlySpecified` query + TQueryC(TDeclarations6PackageQuery(TArrayExternalLinkageSizeExplicitlySpecifiedQuery())) + } } diff --git a/rule_packages/c/Declarations6.json b/rule_packages/c/Declarations6.json index 8120db9ac5..369c7152dc 100644 --- a/rule_packages/c/Declarations6.json +++ b/rule_packages/c/Declarations6.json @@ -59,6 +59,26 @@ } ], "title": "Identifiers that define objects or functions with internal linkage should be unique" + }, + "RULE-8-11": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "Declaring an array without an explicit size disallows the compiler and static checkers from doing array bounds analysis and can lead to less readable, unsafe code.", + "kind": "problem", + "name": "When an array with external linkage is declared, its size should be explicitly specified", + "precision": "very-high", + "severity": "error", + "short_name": "ArrayExternalLinkageSizeExplicitlySpecified", + "tags": [ + "correctness", + "readability" + ] + } + ], + "title": "When an array with external linkage is declared, its size should be explicitly specified" } } } \ No newline at end of file diff --git a/rules.csv b/rules.csv index 0aa41f4992..eb02047df1 100644 --- a/rules.csv +++ b/rules.csv @@ -656,7 +656,7 @@ c,MISRA-C-2012,RULE-8-7,Yes,Advisory,,,Functions and objects should not be defin c,MISRA-C-2012,RULE-8-8,Yes,Required,,,The static storage class specifier shall be used in all declarations of objects and functions that have internal linkage,M3-3-2,Declarations,Medium, c,MISRA-C-2012,RULE-8-9,Yes,Advisory,,,An object should be defined at block scope if its identifier only appears in a single function,M3-4-1,Declarations,Medium, c,MISRA-C-2012,RULE-8-10,Yes,Required,,,An inline function shall be declared with the static storage class,,Declarations,Medium, -c,MISRA-C-2012,RULE-8-11,Yes,Advisory,,,"When an array with external linkage is declared, its size should be explicitly specified",,Declarations,Medium, +c,MISRA-C-2012,RULE-8-11,Yes,Advisory,,,"When an array with external linkage is declared, its size should be explicitly specified",,Declarations6,Medium, c,MISRA-C-2012,RULE-8-12,Yes,Required,,,"Within an enumerator list, the value of an implicitly-specified enumeration constant shall be unique",,Declarations,Medium, c,MISRA-C-2012,RULE-8-13,Yes,Advisory,,,A pointer should point to a const-qualified type whenever possible,,Pointers1,Medium, c,MISRA-C-2012,RULE-8-14,Yes,Required,,,The restrict type qualifier shall not be used,,Banned,Easy, From 7b1024ebc839118d222145e92ad2bf64832e1325 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 10 Jan 2023 12:54:28 -0500 Subject: [PATCH 0211/2573] Declarations6: fix formatting testcase RULE-5-9 --- .../IdentifiersWithInternalLinkageNotUnique.expected | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/c/misra/test/rules/RULE-5-9/IdentifiersWithInternalLinkageNotUnique.expected b/c/misra/test/rules/RULE-5-9/IdentifiersWithInternalLinkageNotUnique.expected index 6fc2c006a2..f5e22f36f3 100644 --- a/c/misra/test/rules/RULE-5-9/IdentifiersWithInternalLinkageNotUnique.expected +++ b/c/misra/test/rules/RULE-5-9/IdentifiersWithInternalLinkageNotUnique.expected @@ -1,4 +1,4 @@ -| test1.c:3:12:3:13 | g1 | Identifier conflicts with identifier $@ with internal linkage. | test.c:2:12:2:13 | g1 | g1 | -| test1.c:5:13:5:13 | f | Identifier conflicts with identifier $@ with internal linkage. | test.c:3:13:3:13 | f | f | -| test1.c:6:7:6:7 | g | Identifier conflicts with identifier $@ with internal linkage. | test1.c:2:12:2:12 | g | g | -| test1.c:11:7:11:7 | g | Identifier conflicts with identifier $@ with internal linkage. | test1.c:2:12:2:12 | g | g | +| test1.c:2:12:2:13 | g1 | Identifier conflicts with identifier $@ with internal linkage. | test.c:1:12:1:13 | g1 | g1 | +| test1.c:4:13:4:13 | f | Identifier conflicts with identifier $@ with internal linkage. | test.c:2:13:2:13 | f | f | +| test1.c:5:7:5:7 | g | Identifier conflicts with identifier $@ with internal linkage. | test1.c:1:12:1:12 | g | g | +| test1.c:10:7:10:7 | g | Identifier conflicts with identifier $@ with internal linkage. | test1.c:1:12:1:12 | g | g | From afc029e92964d21a51a496f0d8c1406f021bd58b Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 10 Jan 2023 13:20:47 -0500 Subject: [PATCH 0212/2573] Declarations6: add RULE-8-7 --- .../ShouldNotBeDefinedWithExternalLinkage.ql | 46 +++++++++++++++++++ ...ldNotBeDefinedWithExternalLinkage.expected | 3 ++ ...houldNotBeDefinedWithExternalLinkage.qlref | 1 + c/misra/test/rules/RULE-8-7/test.c | 9 ++++ c/misra/test/rules/RULE-8-7/test.h | 7 +++ c/misra/test/rules/RULE-8-7/test1.c | 5 ++ .../cpp/exclusions/c/Declarations6.qll | 19 +++++++- rule_packages/c/Declarations6.json | 21 +++++++++ rules.csv | 2 +- 9 files changed, 111 insertions(+), 2 deletions(-) create mode 100644 c/misra/src/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.ql create mode 100644 c/misra/test/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.expected create mode 100644 c/misra/test/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.qlref create mode 100644 c/misra/test/rules/RULE-8-7/test.c create mode 100644 c/misra/test/rules/RULE-8-7/test.h create mode 100644 c/misra/test/rules/RULE-8-7/test1.c diff --git a/c/misra/src/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.ql b/c/misra/src/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.ql new file mode 100644 index 0000000000..e5649400c8 --- /dev/null +++ b/c/misra/src/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.ql @@ -0,0 +1,46 @@ +/** + * @id c/misra/should-not-be-defined-with-external-linkage + * @name RULE-8-7: Functions and objects should not be defined with external linkage if they are referenced in only one + * @description Declarations with external linkage that are referenced in only one translation unit + * can indicate an intention to only have those identifiers accessible in that + * translation unit and accidental future accesses in other translation units can lead + * to confusing program behaviour. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-8-7 + * correctness + * maintainability + * readability + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.Identifiers +import codingstandards.cpp.Scope + +/** + * Re-introduce function calls into access description as + * "any reference" + */ +class Reference extends NameQualifiableElement { + Reference() { + this instanceof Access or + this instanceof FunctionCall + } +} + +from ExternalIdentifiers e, Reference a1, TranslationUnit t1 +where + not isExcluded(e, Declarations6Package::shouldNotBeDefinedWithExternalLinkageQuery()) and + (a1.(Access).getTarget() = e or a1.(FunctionCall).getTarget() = e) and + a1.getFile() = t1 and + //not accessed in any other translation unit + not exists(TranslationUnit t2, Reference a2 | + not t1 = t2 and + (a2.(Access).getTarget() = e or a2.(FunctionCall).getTarget() = e) and + a2.getFile() = t2 + ) +select e, "Declaration with external linkage is accessed in only one translation unit $@.", a1, + a1.toString() diff --git a/c/misra/test/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.expected b/c/misra/test/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.expected new file mode 100644 index 0000000000..e36706411a --- /dev/null +++ b/c/misra/test/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.expected @@ -0,0 +1,3 @@ +| test.h:2:12:2:13 | i1 | Declaration with external linkage is accessed in only one translation unit $@. | test.c:4:5:4:6 | i1 | i1 | +| test.h:3:5:3:6 | i2 | Declaration with external linkage is accessed in only one translation unit $@. | test.c:5:5:5:6 | i2 | i2 | +| test.h:5:13:5:14 | f2 | Declaration with external linkage is accessed in only one translation unit $@. | test.c:7:5:7:6 | call to f2 | call to f2 | diff --git a/c/misra/test/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.qlref b/c/misra/test/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.qlref new file mode 100644 index 0000000000..8b41068eef --- /dev/null +++ b/c/misra/test/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.qlref @@ -0,0 +1 @@ +rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-7/test.c b/c/misra/test/rules/RULE-8-7/test.c new file mode 100644 index 0000000000..02f5e27daf --- /dev/null +++ b/c/misra/test/rules/RULE-8-7/test.c @@ -0,0 +1,9 @@ +#include "test.h" +void f(){ + i = 0; + i1 = 0; + i2 = 0; + f1(); + f2(); + f3(); +} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-7/test.h b/c/misra/test/rules/RULE-8-7/test.h new file mode 100644 index 0000000000..692bb8e3db --- /dev/null +++ b/c/misra/test/rules/RULE-8-7/test.h @@ -0,0 +1,7 @@ +extern int i; // COMPLIANT - accessed multiple translation units +extern int i1; // NON_COMPLIANT - accessed one translation unit +int i2; // NON_COMPLIANT - accessed one translation unit +extern void f1(); // COMPLIANT - accessed multiple translation units +extern void f2(); // NON_COMPLIANT - accessed one translation unit +static void f3(); // COMPLIANT - internal linkage +extern void f3(); // COMPLIANT - internal linkage \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-7/test1.c b/c/misra/test/rules/RULE-8-7/test1.c new file mode 100644 index 0000000000..ff2354db16 --- /dev/null +++ b/c/misra/test/rules/RULE-8-7/test1.c @@ -0,0 +1,5 @@ +#include "test.h" +void f(){ + i = 0; + f1(); +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations6.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations6.qll index b8556b7089..3fbae509f3 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations6.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations6.qll @@ -7,7 +7,8 @@ newtype Declarations6Query = TFunctionDeclaredImplicitlyQuery() or TIdentifiersWithExternalLinkageNotUniqueQuery() or TIdentifiersWithInternalLinkageNotUniqueQuery() or - TArrayExternalLinkageSizeExplicitlySpecifiedQuery() + TArrayExternalLinkageSizeExplicitlySpecifiedQuery() or + TShouldNotBeDefinedWithExternalLinkageQuery() predicate isDeclarations6QueryMetadata(Query query, string queryId, string ruleId, string category) { query = @@ -45,6 +46,15 @@ predicate isDeclarations6QueryMetadata(Query query, string queryId, string ruleI "c/misra/array-external-linkage-size-explicitly-specified" and ruleId = "RULE-8-11" and category = "advisory" + or + query = + // `Query` instance for the `shouldNotBeDefinedWithExternalLinkage` query + Declarations6Package::shouldNotBeDefinedWithExternalLinkageQuery() and + queryId = + // `@id` for the `shouldNotBeDefinedWithExternalLinkage` query + "c/misra/should-not-be-defined-with-external-linkage" and + ruleId = "RULE-8-7" and + category = "advisory" } module Declarations6Package { @@ -75,4 +85,11 @@ module Declarations6Package { // `Query` type for `arrayExternalLinkageSizeExplicitlySpecified` query TQueryC(TDeclarations6PackageQuery(TArrayExternalLinkageSizeExplicitlySpecifiedQuery())) } + + Query shouldNotBeDefinedWithExternalLinkageQuery() { + //autogenerate `Query` type + result = + // `Query` type for `shouldNotBeDefinedWithExternalLinkage` query + TQueryC(TDeclarations6PackageQuery(TShouldNotBeDefinedWithExternalLinkageQuery())) + } } diff --git a/rule_packages/c/Declarations6.json b/rule_packages/c/Declarations6.json index 369c7152dc..84410719b0 100644 --- a/rule_packages/c/Declarations6.json +++ b/rule_packages/c/Declarations6.json @@ -79,6 +79,27 @@ } ], "title": "When an array with external linkage is declared, its size should be explicitly specified" + }, + "RULE-8-7": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "Declarations with external linkage that are referenced in only one translation unit can indicate an intention to only have those identifiers accessible in that translation unit and accidental future accesses in other translation units can lead to confusing program behaviour.", + "kind": "problem", + "name": "Functions and objects should not be defined with external linkage if they are referenced in only one", + "precision": "very-high", + "severity": "error", + "short_name": "ShouldNotBeDefinedWithExternalLinkage", + "tags": [ + "correctness", + "maintainability", + "readability" + ] + } + ], + "title": "Functions and objects should not be defined with external linkage if they are referenced in only one translation unit" } } } \ No newline at end of file diff --git a/rules.csv b/rules.csv index eb02047df1..abb94b1b76 100644 --- a/rules.csv +++ b/rules.csv @@ -652,7 +652,7 @@ c,MISRA-C-2012,RULE-8-3,Yes,Required,,,All declarations of an object or function c,MISRA-C-2012,RULE-8-4,Yes,Required,,,A compatible declaration shall be visible when an object or function with external linkage is defined,,Declarations4,Medium, c,MISRA-C-2012,RULE-8-5,Yes,Required,,,An external object or function shall be declared once in one and only one file,,Declarations,Medium, c,MISRA-C-2012,RULE-8-6,Yes,Required,,,An identifier with external linkage shall have exactly one external definition,M3-2-4,Declarations4,Import, -c,MISRA-C-2012,RULE-8-7,Yes,Advisory,,,Functions and objects should not be defined with external linkage if they are referenced in only one translation unit,,Declarations,Medium, +c,MISRA-C-2012,RULE-8-7,Yes,Advisory,,,Functions and objects should not be defined with external linkage if they are referenced in only one translation unit,,Declarations6,Medium, c,MISRA-C-2012,RULE-8-8,Yes,Required,,,The static storage class specifier shall be used in all declarations of objects and functions that have internal linkage,M3-3-2,Declarations,Medium, c,MISRA-C-2012,RULE-8-9,Yes,Advisory,,,An object should be defined at block scope if its identifier only appears in a single function,M3-4-1,Declarations,Medium, c,MISRA-C-2012,RULE-8-10,Yes,Required,,,An inline function shall be declared with the static storage class,,Declarations,Medium, From 6672156b23fb4ea049800b101c347515858c3c12 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 10 Jan 2023 14:03:58 -0500 Subject: [PATCH 0213/2573] Declarations6: fix formatting testcase RULE-8-7 --- .../ShouldNotBeDefinedWithExternalLinkage.expected | 6 +++--- c/misra/test/rules/RULE-8-7/test.c | 14 +++++++------- c/misra/test/rules/RULE-8-7/test1.c | 6 +++--- 3 files changed, 13 insertions(+), 13 deletions(-) diff --git a/c/misra/test/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.expected b/c/misra/test/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.expected index e36706411a..b6a53071d9 100644 --- a/c/misra/test/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.expected +++ b/c/misra/test/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.expected @@ -1,3 +1,3 @@ -| test.h:2:12:2:13 | i1 | Declaration with external linkage is accessed in only one translation unit $@. | test.c:4:5:4:6 | i1 | i1 | -| test.h:3:5:3:6 | i2 | Declaration with external linkage is accessed in only one translation unit $@. | test.c:5:5:5:6 | i2 | i2 | -| test.h:5:13:5:14 | f2 | Declaration with external linkage is accessed in only one translation unit $@. | test.c:7:5:7:6 | call to f2 | call to f2 | +| test.h:2:12:2:13 | i1 | Declaration with external linkage is accessed in only one translation unit $@. | test.c:4:3:4:4 | i1 | i1 | +| test.h:3:5:3:6 | i2 | Declaration with external linkage is accessed in only one translation unit $@. | test.c:5:3:5:4 | i2 | i2 | +| test.h:5:13:5:14 | f2 | Declaration with external linkage is accessed in only one translation unit $@. | test.c:7:3:7:4 | call to f2 | call to f2 | diff --git a/c/misra/test/rules/RULE-8-7/test.c b/c/misra/test/rules/RULE-8-7/test.c index 02f5e27daf..b2cc2a0684 100644 --- a/c/misra/test/rules/RULE-8-7/test.c +++ b/c/misra/test/rules/RULE-8-7/test.c @@ -1,9 +1,9 @@ #include "test.h" -void f(){ - i = 0; - i1 = 0; - i2 = 0; - f1(); - f2(); - f3(); +void f() { + i = 0; + i1 = 0; + i2 = 0; + f1(); + f2(); + f3(); } \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-7/test1.c b/c/misra/test/rules/RULE-8-7/test1.c index ff2354db16..77377e78df 100644 --- a/c/misra/test/rules/RULE-8-7/test1.c +++ b/c/misra/test/rules/RULE-8-7/test1.c @@ -1,5 +1,5 @@ #include "test.h" -void f(){ - i = 0; - f1(); +void f() { + i = 0; + f1(); } \ No newline at end of file From 67767389aa0c0c00587cb23acb29375861722cb3 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Wed, 11 Jan 2023 11:42:19 +0000 Subject: [PATCH 0214/2573] DeadCode: Add C DeadCode package description and exclusions files --- .../cpp/exclusions/c/DeadCode.qll | 129 +++++++++++++++ rule_packages/c/DeadCode.json | 152 ++++++++++++++++++ 2 files changed, 281 insertions(+) create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/DeadCode.qll create mode 100644 rule_packages/c/DeadCode.json diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/DeadCode.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/DeadCode.qll new file mode 100644 index 0000000000..9117d62321 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/DeadCode.qll @@ -0,0 +1,129 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype DeadCodeQuery = + TUnreachableCodeQuery() or + TDeadCodeQuery() or + TUnusedTypeDeclarationsQuery() or + TUnusedTagDeclarationQuery() or + TUnusedMacroDeclarationQuery() or + TUnusedLabelDeclarationQuery() or + TUnusedParameterQuery() + +predicate isDeadCodeQueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `unreachableCode` query + DeadCodePackage::unreachableCodeQuery() and + queryId = + // `@id` for the `unreachableCode` query + "c/misra/unreachable-code" and + ruleId = "RULE-2-1" and + category = "required" + or + query = + // `Query` instance for the `deadCode` query + DeadCodePackage::deadCodeQuery() and + queryId = + // `@id` for the `deadCode` query + "c/misra/dead-code" and + ruleId = "RULE-2-2" and + category = "required" + or + query = + // `Query` instance for the `unusedTypeDeclarations` query + DeadCodePackage::unusedTypeDeclarationsQuery() and + queryId = + // `@id` for the `unusedTypeDeclarations` query + "c/misra/unused-type-declarations" and + ruleId = "RULE-2-3" and + category = "advisory" + or + query = + // `Query` instance for the `unusedTagDeclaration` query + DeadCodePackage::unusedTagDeclarationQuery() and + queryId = + // `@id` for the `unusedTagDeclaration` query + "c/misra/unused-tag-declaration" and + ruleId = "RULE-2-4" and + category = "advisory" + or + query = + // `Query` instance for the `unusedMacroDeclaration` query + DeadCodePackage::unusedMacroDeclarationQuery() and + queryId = + // `@id` for the `unusedMacroDeclaration` query + "c/misra/unused-macro-declaration" and + ruleId = "RULE-2-5" and + category = "advisory" + or + query = + // `Query` instance for the `unusedLabelDeclaration` query + DeadCodePackage::unusedLabelDeclarationQuery() and + queryId = + // `@id` for the `unusedLabelDeclaration` query + "c/misra/unused-label-declaration" and + ruleId = "RULE-2-6" and + category = "advisory" + or + query = + // `Query` instance for the `unusedParameter` query + DeadCodePackage::unusedParameterQuery() and + queryId = + // `@id` for the `unusedParameter` query + "c/misra/unused-parameter" and + ruleId = "RULE-2-7" and + category = "advisory" +} + +module DeadCodePackage { + Query unreachableCodeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `unreachableCode` query + TQueryC(TDeadCodePackageQuery(TUnreachableCodeQuery())) + } + + Query deadCodeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `deadCode` query + TQueryC(TDeadCodePackageQuery(TDeadCodeQuery())) + } + + Query unusedTypeDeclarationsQuery() { + //autogenerate `Query` type + result = + // `Query` type for `unusedTypeDeclarations` query + TQueryC(TDeadCodePackageQuery(TUnusedTypeDeclarationsQuery())) + } + + Query unusedTagDeclarationQuery() { + //autogenerate `Query` type + result = + // `Query` type for `unusedTagDeclaration` query + TQueryC(TDeadCodePackageQuery(TUnusedTagDeclarationQuery())) + } + + Query unusedMacroDeclarationQuery() { + //autogenerate `Query` type + result = + // `Query` type for `unusedMacroDeclaration` query + TQueryC(TDeadCodePackageQuery(TUnusedMacroDeclarationQuery())) + } + + Query unusedLabelDeclarationQuery() { + //autogenerate `Query` type + result = + // `Query` type for `unusedLabelDeclaration` query + TQueryC(TDeadCodePackageQuery(TUnusedLabelDeclarationQuery())) + } + + Query unusedParameterQuery() { + //autogenerate `Query` type + result = + // `Query` type for `unusedParameter` query + TQueryC(TDeadCodePackageQuery(TUnusedParameterQuery())) + } +} diff --git a/rule_packages/c/DeadCode.json b/rule_packages/c/DeadCode.json new file mode 100644 index 0000000000..a3234b9844 --- /dev/null +++ b/rule_packages/c/DeadCode.json @@ -0,0 +1,152 @@ +{ + "MISRA-C-2012": { + "RULE-2-1": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Unreachable code complicates the program and can indicate a possible mistake on the part of the programmer.", + "kind": "problem", + "name": "A project shall not contain unreachable code", + "precision": "very-high", + "severity": "warning", + "short_name": "UnreachableCode", + "tags": [ + "readability", + "maintainability" + ], + "implementation_scope": { + "description": "This query reports ...", + "items": [] + }, + "shared_implementation_short_name": "UnreachableCode" + } + ], + "title": "A project shall not contain unreachable code" + }, + "RULE-2-2": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Dead code complicates the program and can indicate a possible mistake on the part of the programmer.", + "kind": "problem", + "name": "There shall be no dead code", + "precision": "very-high", + "severity": "warning", + "short_name": "DeadCode", + "tags": [ + "readability", + "maintainability" + ], + "shared_implementation_short_name": "DeadCode" + } + ], + "title": "There shall be no dead code" + }, + "RULE-2-3": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "Unused type declarations are either redundant or indicate a possible mistake on the part of the programmer.", + "kind": "problem", + "name": "A project should not contain unused type declarations", + "precision": "very-high", + "severity": "warning", + "short_name": "UnusedTypeDeclarations", + "tags": [ + "readability", + "maintainability" + ], + "shared_implementation_short_name": "UnusedTypeDeclarations" + } + ], + "title": "A project should not contain unused type declarations" + }, + "RULE-2-4": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "Unused tag declarations are either redundant or indicate a possible mistake on the part of the programmer.", + "kind": "problem", + "name": "A project should not contain unused tag declarations", + "precision": "very-high", + "severity": "warning", + "short_name": "UnusedTagDeclaration", + "tags": [ + "readability", + "maintainability" + ] + } + ], + "title": "A project should not contain unused tag declarations" + }, + "RULE-2-5": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "Unused macro declarations are either redundant or indicate a possible mistake on the part of the programmer.", + "kind": "problem", + "name": "A project should not contain unused macro declarations", + "precision": "very-high", + "severity": "warning", + "short_name": "UnusedMacroDeclaration", + "tags": [ + "readability", + "maintainability" + ] + } + ], + "title": "A project should not contain unused macro declarations" + }, + "RULE-2-6": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "Unused label declarations are either redundant or indicate a possible mistake on the part of the programmer.", + "kind": "problem", + "name": "A function should not contain unused label declarations", + "precision": "very-high", + "severity": "warning", + "short_name": "UnusedLabelDeclaration", + "tags": [ + "readability", + "maintainability" + ] + } + ], + "title": "A function should not contain unused label declarations" + }, + "RULE-2-7": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "Unused parameters can indicate a mistake when implementing the function.", + "kind": "problem", + "name": "There should be no unused parameters in functions", + "precision": "very-high", + "severity": "warning", + "short_name": "UnusedParameter", + "tags": [ + "readability", + "maintainability" + ], + "shared_implementation_short_name": "UnusedParameter" + } + ], + "title": "There should be no unused parameters in functions" + } + } +} \ No newline at end of file From 62181aeb0e9a3f2b034f6a95125c31d68337e8bf Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Wed, 11 Jan 2023 11:52:41 +0000 Subject: [PATCH 0215/2573] DeadCode: Update rule metadata. --- .../src/codingstandards/cpp/exclusions/c/RuleMetadata.qll | 3 +++ 1 file changed, 3 insertions(+) diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index 11994dd9fd..cecf195074 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -12,6 +12,7 @@ import Contracts1 import Contracts2 import Contracts3 import Contracts4 +import DeadCode import Declarations1 import Declarations2 import Declarations3 @@ -50,6 +51,7 @@ newtype TCQuery = TContracts2PackageQuery(Contracts2Query q) or TContracts3PackageQuery(Contracts3Query q) or TContracts4PackageQuery(Contracts4Query q) or + TDeadCodePackageQuery(DeadCodeQuery q) or TDeclarations1PackageQuery(Declarations1Query q) or TDeclarations2PackageQuery(Declarations2Query q) or TDeclarations3PackageQuery(Declarations3Query q) or @@ -88,6 +90,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isContracts2QueryMetadata(query, queryId, ruleId, category) or isContracts3QueryMetadata(query, queryId, ruleId, category) or isContracts4QueryMetadata(query, queryId, ruleId, category) or + isDeadCodeQueryMetadata(query, queryId, ruleId, category) or isDeclarations1QueryMetadata(query, queryId, ruleId, category) or isDeclarations2QueryMetadata(query, queryId, ruleId, category) or isDeclarations3QueryMetadata(query, queryId, ruleId, category) or From 3b31915f071ea9509009d41a3827accd7c4848db Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Wed, 11 Jan 2023 11:53:05 +0000 Subject: [PATCH 0216/2573] DeadCode: Add MISRA Rule 2-1 Add MISRA Rule 2.1 as an import of the UnreachableCode query. --- .../unreachablecode/UnreachableCode.expected | 2 ++ .../rules/unreachablecode/UnreachableCode.ql | 2 ++ c/common/test/rules/unreachablecode/test.c | 26 +++++++++++++++++++ c/misra/src/rules/RULE-2-1/UnreachableCode.ql | 23 ++++++++++++++++ .../rules/RULE-2-1/UnreachableCode.testref | 1 + .../unreachablecode/UnreachableCode.expected | 6 ++--- .../test/rules/unreachablecode/test.cpp | 3 +++ 7 files changed, 60 insertions(+), 3 deletions(-) create mode 100644 c/common/test/rules/unreachablecode/UnreachableCode.expected create mode 100644 c/common/test/rules/unreachablecode/UnreachableCode.ql create mode 100644 c/common/test/rules/unreachablecode/test.c create mode 100644 c/misra/src/rules/RULE-2-1/UnreachableCode.ql create mode 100644 c/misra/test/rules/RULE-2-1/UnreachableCode.testref diff --git a/c/common/test/rules/unreachablecode/UnreachableCode.expected b/c/common/test/rules/unreachablecode/UnreachableCode.expected new file mode 100644 index 0000000000..cf693dcf5c --- /dev/null +++ b/c/common/test/rules/unreachablecode/UnreachableCode.expected @@ -0,0 +1,2 @@ +| test.c:17:3:17:12 | declaration | This statement in function $@ is unreachable. | test.c:15:5:15:21 | test_after_return | test_after_return | +| test.c:21:10:22:12 | { ... } | This statement in function $@ is unreachable. | test.c:20:5:20:27 | test_constant_condition | test_constant_condition | diff --git a/c/common/test/rules/unreachablecode/UnreachableCode.ql b/c/common/test/rules/unreachablecode/UnreachableCode.ql new file mode 100644 index 0000000000..7a105eafa8 --- /dev/null +++ b/c/common/test/rules/unreachablecode/UnreachableCode.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.unreachablecode.UnreachableCode diff --git a/c/common/test/rules/unreachablecode/test.c b/c/common/test/rules/unreachablecode/test.c new file mode 100644 index 0000000000..1d0102cf79 --- /dev/null +++ b/c/common/test/rules/unreachablecode/test.c @@ -0,0 +1,26 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND CHANGES +// SHOULD BE REFLECTED THERE AS WELL. + +void test_switch(int p1) { + int l1 = 0; + switch (p1) { + l1 = p1; // NON_COMPLIANT[FALSE_NEGATIVE] + case 1: + break; + default: + break; + } +} + +int test_after_return() { + return 0; + int l1 = 0; // NON_COMPLIANT - function has returned by this point +} + +int test_constant_condition() { + if (0) { // NON_COMPLIANT + return 1; + } else { // COMPLIANT + return 2; + } +} \ No newline at end of file diff --git a/c/misra/src/rules/RULE-2-1/UnreachableCode.ql b/c/misra/src/rules/RULE-2-1/UnreachableCode.ql new file mode 100644 index 0000000000..886b0ec285 --- /dev/null +++ b/c/misra/src/rules/RULE-2-1/UnreachableCode.ql @@ -0,0 +1,23 @@ +/** + * @id c/misra/unreachable-code + * @name RULE-2-1: A project shall not contain unreachable code + * @description Unreachable code complicates the program and can indicate a possible mistake on the + * part of the programmer. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/misra/id/rule-2-1 + * readability + * maintainability + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.rules.unreachablecode.UnreachableCode + +class UnreachableCodeQuery extends UnreachableCodeSharedQuery { + UnreachableCodeQuery() { + this = DeadCodePackage::unreachableCodeQuery() + } +} diff --git a/c/misra/test/rules/RULE-2-1/UnreachableCode.testref b/c/misra/test/rules/RULE-2-1/UnreachableCode.testref new file mode 100644 index 0000000000..882b3a6e7c --- /dev/null +++ b/c/misra/test/rules/RULE-2-1/UnreachableCode.testref @@ -0,0 +1 @@ +c/common/test/rules/unreachablecode/UnreachableCode.ql \ No newline at end of file diff --git a/cpp/common/test/rules/unreachablecode/UnreachableCode.expected b/cpp/common/test/rules/unreachablecode/UnreachableCode.expected index 4b8ee61b16..59da0e8e82 100644 --- a/cpp/common/test/rules/unreachablecode/UnreachableCode.expected +++ b/cpp/common/test/rules/unreachablecode/UnreachableCode.expected @@ -1,5 +1,5 @@ | test.cpp:14:3:14:12 | declaration | This statement in function $@ is unreachable. | test.cpp:12:5:12:21 | test_after_return | test_after_return | | test.cpp:18:10:19:12 | { ... } | This statement in function $@ is unreachable. | test.cpp:17:5:17:27 | test_constant_condition | test_constant_condition | -| test.cpp:26:10:27:12 | { ... } | This statement in function $@ is unreachable. | test.cpp:25:24:25:24 | f | f | -| test.cpp:47:12:48:14 | { ... } | This statement in function $@ is unreachable. | test.cpp:46:7:46:8 | h1 | h1 | -| test.cpp:52:12:53:14 | { ... } | This statement in function $@ is unreachable. | test.cpp:51:7:51:8 | h2 | h2 | +| test.cpp:29:10:30:12 | { ... } | This statement in function $@ is unreachable. | test.cpp:28:24:28:24 | f | f | +| test.cpp:50:12:51:14 | { ... } | This statement in function $@ is unreachable. | test.cpp:49:7:49:8 | h1 | h1 | +| test.cpp:55:12:56:14 | { ... } | This statement in function $@ is unreachable. | test.cpp:54:7:54:8 | h2 | h2 | diff --git a/cpp/common/test/rules/unreachablecode/test.cpp b/cpp/common/test/rules/unreachablecode/test.cpp index 715947b5be..6ed61b527f 100644 --- a/cpp/common/test/rules/unreachablecode/test.cpp +++ b/cpp/common/test/rules/unreachablecode/test.cpp @@ -22,6 +22,9 @@ int test_constant_condition() { } } +// NOTICE: THE TEST CASES ABOVE ARE ALSO INCLUDED IN THE C TEST CASE AND CHANGES +// SHOULD BE REFLECTED THERE AS WELL. + template int f() { if (0) { // NON_COMPLIANT - block is unreachable in all instances return 3; From 5ee232d96e180f512f8b8865f83f856fc76ef662 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 11 Jan 2023 10:47:09 -0500 Subject: [PATCH 0217/2573] Declarations6: add RULE-8-10 --- .../InlineFunctionNotDeclaredStaticStorage.ql | 24 +++++++++++++++++++ ...eFunctionNotDeclaredStaticStorage.expected | 3 +++ ...lineFunctionNotDeclaredStaticStorage.qlref | 1 + c/misra/test/rules/RULE-8-10/test.c | 5 ++++ .../cpp/exclusions/c/Declarations6.qll | 17 +++++++++++++ rule_packages/c/Declarations6.json | 19 +++++++++++++++ rules.csv | 2 +- 7 files changed, 70 insertions(+), 1 deletion(-) create mode 100644 c/misra/src/rules/RULE-8-10/InlineFunctionNotDeclaredStaticStorage.ql create mode 100644 c/misra/test/rules/RULE-8-10/InlineFunctionNotDeclaredStaticStorage.expected create mode 100644 c/misra/test/rules/RULE-8-10/InlineFunctionNotDeclaredStaticStorage.qlref create mode 100644 c/misra/test/rules/RULE-8-10/test.c diff --git a/c/misra/src/rules/RULE-8-10/InlineFunctionNotDeclaredStaticStorage.ql b/c/misra/src/rules/RULE-8-10/InlineFunctionNotDeclaredStaticStorage.ql new file mode 100644 index 0000000000..47e80912af --- /dev/null +++ b/c/misra/src/rules/RULE-8-10/InlineFunctionNotDeclaredStaticStorage.ql @@ -0,0 +1,24 @@ +/** + * @id c/misra/inline-function-not-declared-static-storage + * @name RULE-8-10: An inline function shall be declared with the static storage class + * @description Declaring an inline function with external linkage can lead to undefined or + * incorrect program behaviour. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-8-10 + * correctness + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.Identifiers + +from FunctionDeclarationEntry f +where + not isExcluded(f, Declarations6Package::inlineFunctionNotDeclaredStaticStorageQuery()) and + f.getFunction() instanceof InterestingIdentifiers and + f.getFunction().isInline() and + not f.hasSpecifier("static") +select f, "Inline function not explicitly declared static." diff --git a/c/misra/test/rules/RULE-8-10/InlineFunctionNotDeclaredStaticStorage.expected b/c/misra/test/rules/RULE-8-10/InlineFunctionNotDeclaredStaticStorage.expected new file mode 100644 index 0000000000..fe6b1799d6 --- /dev/null +++ b/c/misra/test/rules/RULE-8-10/InlineFunctionNotDeclaredStaticStorage.expected @@ -0,0 +1,3 @@ +| test.c:2:20:2:21 | declaration of f1 | Inline function not explicitly declared static. | +| test.c:3:13:3:14 | declaration of f2 | Inline function not explicitly declared static. | +| test.c:4:20:4:20 | declaration of f | Inline function not explicitly declared static. | diff --git a/c/misra/test/rules/RULE-8-10/InlineFunctionNotDeclaredStaticStorage.qlref b/c/misra/test/rules/RULE-8-10/InlineFunctionNotDeclaredStaticStorage.qlref new file mode 100644 index 0000000000..fc081c2570 --- /dev/null +++ b/c/misra/test/rules/RULE-8-10/InlineFunctionNotDeclaredStaticStorage.qlref @@ -0,0 +1 @@ +rules/RULE-8-10/InlineFunctionNotDeclaredStaticStorage.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-10/test.c b/c/misra/test/rules/RULE-8-10/test.c new file mode 100644 index 0000000000..56048b33ec --- /dev/null +++ b/c/misra/test/rules/RULE-8-10/test.c @@ -0,0 +1,5 @@ +static inline void f(); // COMPLIANT +extern inline void f1(); // NON_COMPLIANT +inline void f2(); // NON_COMPLIANT +extern inline void f(); // NON_COMPLIANT -while this will be internal linkage it + // is less clear than explicitly specifying static diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations6.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations6.qll index 3fbae509f3..a6c70d7ddc 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations6.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations6.qll @@ -7,6 +7,7 @@ newtype Declarations6Query = TFunctionDeclaredImplicitlyQuery() or TIdentifiersWithExternalLinkageNotUniqueQuery() or TIdentifiersWithInternalLinkageNotUniqueQuery() or + TInlineFunctionNotDeclaredStaticStorageQuery() or TArrayExternalLinkageSizeExplicitlySpecifiedQuery() or TShouldNotBeDefinedWithExternalLinkageQuery() @@ -38,6 +39,15 @@ predicate isDeclarations6QueryMetadata(Query query, string queryId, string ruleI ruleId = "RULE-5-9" and category = "advisory" or + query = + // `Query` instance for the `inlineFunctionNotDeclaredStaticStorage` query + Declarations6Package::inlineFunctionNotDeclaredStaticStorageQuery() and + queryId = + // `@id` for the `inlineFunctionNotDeclaredStaticStorage` query + "c/misra/inline-function-not-declared-static-storage" and + ruleId = "RULE-8-10" and + category = "required" + or query = // `Query` instance for the `arrayExternalLinkageSizeExplicitlySpecified` query Declarations6Package::arrayExternalLinkageSizeExplicitlySpecifiedQuery() and @@ -79,6 +89,13 @@ module Declarations6Package { TQueryC(TDeclarations6PackageQuery(TIdentifiersWithInternalLinkageNotUniqueQuery())) } + Query inlineFunctionNotDeclaredStaticStorageQuery() { + //autogenerate `Query` type + result = + // `Query` type for `inlineFunctionNotDeclaredStaticStorage` query + TQueryC(TDeclarations6PackageQuery(TInlineFunctionNotDeclaredStaticStorageQuery())) + } + Query arrayExternalLinkageSizeExplicitlySpecifiedQuery() { //autogenerate `Query` type result = diff --git a/rule_packages/c/Declarations6.json b/rule_packages/c/Declarations6.json index 84410719b0..6928bb5820 100644 --- a/rule_packages/c/Declarations6.json +++ b/rule_packages/c/Declarations6.json @@ -60,6 +60,25 @@ ], "title": "Identifiers that define objects or functions with internal linkage should be unique" }, + "RULE-8-10": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Declaring an inline function with external linkage can lead to undefined or incorrect program behaviour.", + "kind": "problem", + "name": "An inline function shall be declared with the static storage class", + "precision": "very-high", + "severity": "error", + "short_name": "InlineFunctionNotDeclaredStaticStorage", + "tags": [ + "correctness" + ] + } + ], + "title": "An inline function shall be declared with the static storage class" + }, "RULE-8-11": { "properties": { "obligation": "advisory" diff --git a/rules.csv b/rules.csv index abb94b1b76..5fb29a1ca4 100644 --- a/rules.csv +++ b/rules.csv @@ -655,7 +655,7 @@ c,MISRA-C-2012,RULE-8-6,Yes,Required,,,An identifier with external linkage shall c,MISRA-C-2012,RULE-8-7,Yes,Advisory,,,Functions and objects should not be defined with external linkage if they are referenced in only one translation unit,,Declarations6,Medium, c,MISRA-C-2012,RULE-8-8,Yes,Required,,,The static storage class specifier shall be used in all declarations of objects and functions that have internal linkage,M3-3-2,Declarations,Medium, c,MISRA-C-2012,RULE-8-9,Yes,Advisory,,,An object should be defined at block scope if its identifier only appears in a single function,M3-4-1,Declarations,Medium, -c,MISRA-C-2012,RULE-8-10,Yes,Required,,,An inline function shall be declared with the static storage class,,Declarations,Medium, +c,MISRA-C-2012,RULE-8-10,Yes,Required,,,An inline function shall be declared with the static storage class,,Declarations6,Medium, c,MISRA-C-2012,RULE-8-11,Yes,Advisory,,,"When an array with external linkage is declared, its size should be explicitly specified",,Declarations6,Medium, c,MISRA-C-2012,RULE-8-12,Yes,Required,,,"Within an enumerator list, the value of an implicitly-specified enumeration constant shall be unique",,Declarations,Medium, c,MISRA-C-2012,RULE-8-13,Yes,Advisory,,,A pointer should point to a const-qualified type whenever possible,,Pointers1,Medium, From 6ed0ebb540ad036e528e0c1c1d4a53e4ccb26cd5 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Wed, 11 Jan 2023 15:59:22 +0000 Subject: [PATCH 0218/2573] DeadCode: Add MISRA C 2012 Rule 2.2 Add support for Rule 2.2 by adoptiing the DeadCode shared query. A small modification has been made to ensure results which include macro expansions are reported, unless the macro fully generates the statement. --- .../test/rules/deadcode/DeadCode.expected | 11 +++ c/common/test/rules/deadcode/DeadCode.ql | 2 + c/common/test/rules/deadcode/test.c | 76 +++++++++++++++++++ c/misra/src/rules/RULE-2-2/DeadCode.ql | 21 +++++ c/misra/test/rules/RULE-2-2/DeadCode.testref | 1 + change_notes/2023-01-11-dead-code-macros.md | 1 + .../cpp/rules/deadcode/DeadCode.qll | 4 +- .../test/rules/deadcode/DeadCode.expected | 28 +++---- cpp/common/test/rules/deadcode/test.cpp | 3 + 9 files changed, 131 insertions(+), 16 deletions(-) create mode 100644 c/common/test/rules/deadcode/DeadCode.expected create mode 100644 c/common/test/rules/deadcode/DeadCode.ql create mode 100644 c/common/test/rules/deadcode/test.c create mode 100644 c/misra/src/rules/RULE-2-2/DeadCode.ql create mode 100644 c/misra/test/rules/RULE-2-2/DeadCode.testref create mode 100644 change_notes/2023-01-11-dead-code-macros.md diff --git a/c/common/test/rules/deadcode/DeadCode.expected b/c/common/test/rules/deadcode/DeadCode.expected new file mode 100644 index 0000000000..c6b48c5e2b --- /dev/null +++ b/c/common/test/rules/deadcode/DeadCode.expected @@ -0,0 +1,11 @@ +| test.c:20:3:20:27 | declaration | This statement is dead code. | +| test.c:21:3:21:12 | ExprStmt | This statement is dead code. | +| test.c:22:3:22:12 | ExprStmt | This statement is dead code. | +| test.c:24:3:26:3 | if (...) ... | This statement is dead code. | +| test.c:36:3:37:3 | if (...) ... | This statement is dead code. | +| test.c:39:3:39:4 | { ... } | This statement is dead code. | +| test.c:40:3:42:3 | { ... } | This statement is dead code. | +| test.c:56:6:57:3 | { ... } | This statement is dead code. | +| test.c:67:46:68:3 | { ... } | This statement is dead code. | +| test.c:71:3:71:8 | ExprStmt | This statement is dead code. | +| test.c:73:3:73:21 | ExprStmt | This statement is dead code. | diff --git a/c/common/test/rules/deadcode/DeadCode.ql b/c/common/test/rules/deadcode/DeadCode.ql new file mode 100644 index 0000000000..62f5a924f1 --- /dev/null +++ b/c/common/test/rules/deadcode/DeadCode.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.deadcode.DeadCode diff --git a/c/common/test/rules/deadcode/test.c b/c/common/test/rules/deadcode/test.c new file mode 100644 index 0000000000..bbebce9f1d --- /dev/null +++ b/c/common/test/rules/deadcode/test.c @@ -0,0 +1,76 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND CHANGES +// SHOULD BE REFLECTED THERE AS WELL. +// Define true/false for compatibility with C++ test cases +#define false 0 +#define true 1 + +int may_have_side_effects(); +int no_side_effects(int x) { return 1 + 2; } +int no_side_effects_nondeterministic(); + +int test_dead_code(int x) { + int live1 = may_have_side_effects(), + live2 = may_have_side_effects(); // COMPLIANT + int live3 = 0, + live4 = may_have_side_effects(); // COMPLIANT + int live5 = 0, live6 = 0; // COMPLIANT + live5 = 1; // COMPLIANT + live6 = 2; // COMPLIANT + + int dead1 = 0, dead2 = 0; // NON_COMPLIANT + dead1 = 1; // NON_COMPLIANT - useless assignment + dead2 = 1; // NON_COMPLIANT - useless assignment + + if (false) { // NON_COMPLIANT + dead2 = 10; // Only used in dead or unreachable code + } + + if (true) { // COMPLIANT + may_have_side_effects(); + } + + if (may_have_side_effects()) { // COMPLIANT + may_have_side_effects(); + } + + if (true) { // NON_COMPLIANT + } + + {} // NON_COMPLIANT + { // NON_COMPLIANT + 1 + 2; + } + + { // COMPLIANT + may_have_side_effects(); + } + + do { // COMPLIANT + may_have_side_effects(); + } while (may_have_side_effects()); + + do { // COMPLIANT + may_have_side_effects(); + } while (may_have_side_effects()); + + do { // NON_COMPLIANT + } while (no_side_effects_nondeterministic()); + + while (may_have_side_effects()) { // COMPLIANT + may_have_side_effects(); + } + + while (may_have_side_effects()) { // COMPLIANT + may_have_side_effects(); + } + + while (no_side_effects_nondeterministic()) { // NON_COMPLIANT + } + + may_have_side_effects(); // COMPLIANT + 1 + 2; // NON_COMPLIANT + + no_side_effects(x); // NON_COMPLIANT + + return live5 + live6; // COMPLIANT +} \ No newline at end of file diff --git a/c/misra/src/rules/RULE-2-2/DeadCode.ql b/c/misra/src/rules/RULE-2-2/DeadCode.ql new file mode 100644 index 0000000000..c9ecb5e934 --- /dev/null +++ b/c/misra/src/rules/RULE-2-2/DeadCode.ql @@ -0,0 +1,21 @@ +/** + * @id c/misra/dead-code + * @name RULE-2-2: There shall be no dead code + * @description Dead code complicates the program and can indicate a possible mistake on the part of + * the programmer. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/misra/id/rule-2-2 + * readability + * maintainability + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.rules.deadcode.DeadCode + +class MisraCDeadCodeQuery extends DeadCodeSharedQuery { + MisraCDeadCodeQuery() { this = DeadCodePackage::deadCodeQuery() } +} diff --git a/c/misra/test/rules/RULE-2-2/DeadCode.testref b/c/misra/test/rules/RULE-2-2/DeadCode.testref new file mode 100644 index 0000000000..f084f30aaa --- /dev/null +++ b/c/misra/test/rules/RULE-2-2/DeadCode.testref @@ -0,0 +1 @@ +c/common/test/rules/deadcode/DeadCode.ql \ No newline at end of file diff --git a/change_notes/2023-01-11-dead-code-macros.md b/change_notes/2023-01-11-dead-code-macros.md new file mode 100644 index 0000000000..515b031c02 --- /dev/null +++ b/change_notes/2023-01-11-dead-code-macros.md @@ -0,0 +1 @@ + - `M0-1-9`: This query previously excluded all results which were affected by a macro expansion. This is because a macro may be expanded multiple times with code that is dead in one expansion but live in another. This query has been modified to exclude results only where the entirety of a statement is generated by a macro. This reduces false negatives where the statements liveness is not affected by the macro expansion. \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/rules/deadcode/DeadCode.qll b/cpp/common/src/codingstandards/cpp/rules/deadcode/DeadCode.qll index 0bbd87d826..547a52bc4d 100644 --- a/cpp/common/src/codingstandards/cpp/rules/deadcode/DeadCode.qll +++ b/cpp/common/src/codingstandards/cpp/rules/deadcode/DeadCode.qll @@ -115,8 +115,8 @@ query predicate problems(Stmt s, string message) { // MISRA defines dead code as an "_executed_ statement whose removal would not affect the program // output". We therefore exclude unreachable statements as they are, by definition, not executed. not s.getBasicBlock() = any(UnreachableBasicBlock ubb).getABasicBlock() and - // Exclude code generated by macros, because the code may be "live" in other instantiations - not s.isAffectedByMacro() and + // Exclude code fully generated by macros, because the code may be "live" in other expansions + not s.isInMacroExpansion() and // Exclude compiler generated statements not s.isCompilerGenerated() } diff --git a/cpp/common/test/rules/deadcode/DeadCode.expected b/cpp/common/test/rules/deadcode/DeadCode.expected index 43d7fd8492..6c111d8a93 100644 --- a/cpp/common/test/rules/deadcode/DeadCode.expected +++ b/cpp/common/test/rules/deadcode/DeadCode.expected @@ -1,14 +1,14 @@ -| test.cpp:14:3:14:27 | declaration | This statement is dead code. | -| test.cpp:15:3:15:12 | ExprStmt | This statement is dead code. | -| test.cpp:16:3:16:12 | ExprStmt | This statement is dead code. | -| test.cpp:18:3:20:3 | if (...) ... | This statement is dead code. | -| test.cpp:30:3:31:3 | if (...) ... | This statement is dead code. | -| test.cpp:33:3:33:4 | { ... } | This statement is dead code. | -| test.cpp:34:3:36:3 | { ... } | This statement is dead code. | -| test.cpp:50:6:51:3 | { ... } | This statement is dead code. | -| test.cpp:61:46:62:3 | { ... } | This statement is dead code. | -| test.cpp:65:3:65:8 | ExprStmt | This statement is dead code. | -| test.cpp:67:3:67:21 | ExprStmt | This statement is dead code. | -| test.cpp:69:3:70:3 | try { ... } | This statement is dead code. | -| test.cpp:70:17:71:3 | { ... } | This statement is dead code. | -| test.cpp:76:17:77:3 | { ... } | This statement is dead code. | +| test.cpp:17:3:17:27 | declaration | This statement is dead code. | +| test.cpp:18:3:18:12 | ExprStmt | This statement is dead code. | +| test.cpp:19:3:19:12 | ExprStmt | This statement is dead code. | +| test.cpp:21:3:23:3 | if (...) ... | This statement is dead code. | +| test.cpp:33:3:34:3 | if (...) ... | This statement is dead code. | +| test.cpp:36:3:36:4 | { ... } | This statement is dead code. | +| test.cpp:37:3:39:3 | { ... } | This statement is dead code. | +| test.cpp:53:6:54:3 | { ... } | This statement is dead code. | +| test.cpp:64:46:65:3 | { ... } | This statement is dead code. | +| test.cpp:68:3:68:8 | ExprStmt | This statement is dead code. | +| test.cpp:70:3:70:21 | ExprStmt | This statement is dead code. | +| test.cpp:72:3:73:3 | try { ... } | This statement is dead code. | +| test.cpp:73:17:74:3 | { ... } | This statement is dead code. | +| test.cpp:79:17:80:3 | { ... } | This statement is dead code. | diff --git a/cpp/common/test/rules/deadcode/test.cpp b/cpp/common/test/rules/deadcode/test.cpp index 8dc51c2114..ba5c59b07c 100644 --- a/cpp/common/test/rules/deadcode/test.cpp +++ b/cpp/common/test/rules/deadcode/test.cpp @@ -1,3 +1,6 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C TEST CASE AND CHANGES +// SHOULD BE REFLECTED THERE AS WELL. + int may_have_side_effects(); int no_side_effects(int x) { return 1 + 2; } int no_side_effects_nondeterministic(); From bfdb8ed874f816d9211dcd4979f4554953f0b224 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 11 Jan 2023 14:38:56 -0500 Subject: [PATCH 0219/2573] Declarations6: add RULE-18-7 --- .../DCL38-C/DeclaringAFlexibleArrayMember.ql | 21 ++---------- c/common/src/codingstandards/c/Variable.qll | 32 +++++++++++++++++++ .../RULE-18-7/FlexibleArrayMembersDeclared.ql | 19 +++++++++++ .../FlexibleArrayMembersDeclared.expected | 1 + .../FlexibleArrayMembersDeclared.qlref | 1 + c/misra/test/rules/RULE-18-7/test.c | 20 ++++++++++++ .../cpp/exclusions/c/Declarations6.qll | 17 ++++++++++ rule_packages/c/Declarations6.json | 19 +++++++++++ rules.csv | 2 +- 9 files changed, 112 insertions(+), 20 deletions(-) create mode 100644 c/misra/src/rules/RULE-18-7/FlexibleArrayMembersDeclared.ql create mode 100644 c/misra/test/rules/RULE-18-7/FlexibleArrayMembersDeclared.expected create mode 100644 c/misra/test/rules/RULE-18-7/FlexibleArrayMembersDeclared.qlref create mode 100644 c/misra/test/rules/RULE-18-7/test.c diff --git a/c/cert/src/rules/DCL38-C/DeclaringAFlexibleArrayMember.ql b/c/cert/src/rules/DCL38-C/DeclaringAFlexibleArrayMember.ql index b5f7087ab0..e9fa3f1017 100644 --- a/c/cert/src/rules/DCL38-C/DeclaringAFlexibleArrayMember.ql +++ b/c/cert/src/rules/DCL38-C/DeclaringAFlexibleArrayMember.ql @@ -15,29 +15,12 @@ import cpp import codingstandards.c.cert - -/** - * A member with the type array that is last in a struct - * includes any sized array (either specified or not) - */ -class FlexibleArrayMember extends MemberVariable { - Struct s; - - FlexibleArrayMember() { - this.getType() instanceof ArrayType and - this.getDeclaringType() = s and - not exists(int i, int j | - s.getAMember(i) = this and - exists(s.getAMember(j)) and - j > i - ) - } -} +import codingstandards.c.Variable from VariableDeclarationEntry m, ArrayType a where not isExcluded(m, Declarations2Package::declaringAFlexibleArrayMemberQuery()) and m.getType() = a and - m.getVariable() instanceof FlexibleArrayMember and + m.getVariable() instanceof FlexibleArrayMemberCandidate and a.getArraySize() = 1 select m, "Incorrect syntax used for declaring this flexible array member." diff --git a/c/common/src/codingstandards/c/Variable.qll b/c/common/src/codingstandards/c/Variable.qll index c6061c99c1..5f4492fdd6 100644 --- a/c/common/src/codingstandards/c/Variable.qll +++ b/c/common/src/codingstandards/c/Variable.qll @@ -6,3 +6,35 @@ class VlaVariable extends Variable { /* Extractor workaround do determine if a VLA array has the specifier volatile.*/ override predicate isVolatile() { this.getType().(ArrayType).getBaseType().isVolatile() } } + +/** + * A flexible array member + * ie member with the type array that is last in a struct + * has no size specified + */ +class FlexibleArrayMember extends FlexibleArrayMemberCandidate { + FlexibleArrayMember() { + exists(ArrayType t | + this.getType() = t and + not exists(t.getSize()) + ) + } +} + +/** + * A member with the type array that is last in a struct + * includes any sized array (either specified or not) + */ +class FlexibleArrayMemberCandidate extends MemberVariable { + Struct s; + + FlexibleArrayMemberCandidate() { + this.getType() instanceof ArrayType and + this.getDeclaringType() = s and + not exists(int i, int j | + s.getAMember(i) = this and + exists(s.getAMember(j)) and + j > i + ) + } +} diff --git a/c/misra/src/rules/RULE-18-7/FlexibleArrayMembersDeclared.ql b/c/misra/src/rules/RULE-18-7/FlexibleArrayMembersDeclared.ql new file mode 100644 index 0000000000..5ae2c9b9c6 --- /dev/null +++ b/c/misra/src/rules/RULE-18-7/FlexibleArrayMembersDeclared.ql @@ -0,0 +1,19 @@ +/** + * @id c/misra/flexible-array-members-declared + * @name RULE-18-7: Flexible array members shall not be declared + * @description The use of flexible array members can lead to unexpected program behaviour. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-18-7 + * correctness + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.c.Variable + +from FlexibleArrayMember f +where not isExcluded(f, Declarations6Package::flexibleArrayMembersDeclaredQuery()) +select f, "Flexible array member declared." diff --git a/c/misra/test/rules/RULE-18-7/FlexibleArrayMembersDeclared.expected b/c/misra/test/rules/RULE-18-7/FlexibleArrayMembersDeclared.expected new file mode 100644 index 0000000000..377a9ca487 --- /dev/null +++ b/c/misra/test/rules/RULE-18-7/FlexibleArrayMembersDeclared.expected @@ -0,0 +1 @@ +| test.c:8:7:8:7 | b | Flexible array member declared. | diff --git a/c/misra/test/rules/RULE-18-7/FlexibleArrayMembersDeclared.qlref b/c/misra/test/rules/RULE-18-7/FlexibleArrayMembersDeclared.qlref new file mode 100644 index 0000000000..b0f0bc00e6 --- /dev/null +++ b/c/misra/test/rules/RULE-18-7/FlexibleArrayMembersDeclared.qlref @@ -0,0 +1 @@ +rules/RULE-18-7/FlexibleArrayMembersDeclared.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-18-7/test.c b/c/misra/test/rules/RULE-18-7/test.c new file mode 100644 index 0000000000..385a947090 --- /dev/null +++ b/c/misra/test/rules/RULE-18-7/test.c @@ -0,0 +1,20 @@ +struct s { + int a; + int b[1]; // COMPLIANT +}; + +struct s1 { + int a; + int b[]; // NON_COMPLIANT +}; + +struct s2 { + int a; + int b[2]; // COMPLIANT +}; + +struct s3 { + int a; + int b[1]; // COMPLIANT + int a1; +}; \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations6.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations6.qll index a6c70d7ddc..b9db9f986f 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations6.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations6.qll @@ -5,6 +5,7 @@ import codingstandards.cpp.exclusions.RuleMetadata newtype Declarations6Query = TFunctionDeclaredImplicitlyQuery() or + TFlexibleArrayMembersDeclaredQuery() or TIdentifiersWithExternalLinkageNotUniqueQuery() or TIdentifiersWithInternalLinkageNotUniqueQuery() or TInlineFunctionNotDeclaredStaticStorageQuery() or @@ -21,6 +22,15 @@ predicate isDeclarations6QueryMetadata(Query query, string queryId, string ruleI ruleId = "RULE-17-3" and category = "mandatory" or + query = + // `Query` instance for the `flexibleArrayMembersDeclared` query + Declarations6Package::flexibleArrayMembersDeclaredQuery() and + queryId = + // `@id` for the `flexibleArrayMembersDeclared` query + "c/misra/flexible-array-members-declared" and + ruleId = "RULE-18-7" and + category = "required" + or query = // `Query` instance for the `identifiersWithExternalLinkageNotUnique` query Declarations6Package::identifiersWithExternalLinkageNotUniqueQuery() and @@ -75,6 +85,13 @@ module Declarations6Package { TQueryC(TDeclarations6PackageQuery(TFunctionDeclaredImplicitlyQuery())) } + Query flexibleArrayMembersDeclaredQuery() { + //autogenerate `Query` type + result = + // `Query` type for `flexibleArrayMembersDeclared` query + TQueryC(TDeclarations6PackageQuery(TFlexibleArrayMembersDeclaredQuery())) + } + Query identifiersWithExternalLinkageNotUniqueQuery() { //autogenerate `Query` type result = diff --git a/rule_packages/c/Declarations6.json b/rule_packages/c/Declarations6.json index 6928bb5820..d25256cc03 100644 --- a/rule_packages/c/Declarations6.json +++ b/rule_packages/c/Declarations6.json @@ -20,6 +20,25 @@ ], "title": "A function shall not be declared implicitly" }, + "RULE-18-7": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "The use of flexible array members can lead to unexpected program behaviour.", + "kind": "problem", + "name": "Flexible array members shall not be declared", + "precision": "very-high", + "severity": "error", + "short_name": "FlexibleArrayMembersDeclared", + "tags": [ + "correctness" + ] + } + ], + "title": "Flexible array members shall not be declared" + }, "RULE-5-8": { "properties": { "obligation": "required" diff --git a/rules.csv b/rules.csv index 5fb29a1ca4..85295275ca 100644 --- a/rules.csv +++ b/rules.csv @@ -725,7 +725,7 @@ c,MISRA-C-2012,RULE-18-3,Yes,Required,,,"The relational operators >, >=, < and < c,MISRA-C-2012,RULE-18-4,Yes,Advisory,,,"The +, -, += and -= operators should not be applied to an expression of pointer type",M5-0-15,Pointers1,Medium, c,MISRA-C-2012,RULE-18-5,Yes,Advisory,,,Declarations should contain no more than two levels of pointer nesting,A5-0-3,Pointers1,Import, c,MISRA-C-2012,RULE-18-6,Yes,Required,,,The address of an object with automatic storage shall not be copied to another object that persists after the first object has ceased to exist,M7-5-2,Pointers1,Import, -c,MISRA-C-2012,RULE-18-7,Yes,Required,,,Flexible array members shall not be declared,,Declarations,Medium, +c,MISRA-C-2012,RULE-18-7,Yes,Required,,,Flexible array members shall not be declared,,Declarations6,Medium, c,MISRA-C-2012,RULE-18-8,Yes,Required,,,Variable-length array types shall not be used,,Declarations,Medium, c,MISRA-C-2012,RULE-19-1,Yes,Mandatory,,,An object shall not be assigned or copied to an overlapping object,M0-2-1,Contracts,Hard, c,MISRA-C-2012,RULE-19-2,Yes,Advisory,,,The union keyword should not be used,A9-5-1,Banned,Import, From 57e164cc22964fd7560216df7f82a4378889f2e2 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Wed, 11 Jan 2023 22:24:24 +0000 Subject: [PATCH 0220/2573] DeadCode: Add MISRA C 2012 Rule 2.3 Adds a query to check for unused type declarations, based on the shared library. Note: the expected results for the C++ test case have been updated to include a compiler generated class. This is because shared queries do not properly apply the exclusion mechanism. See: https://github.com/github/coding-standards-team/issues/1126 --- .../UnusedTypeDeclarations.expected | 5 ++ .../UnusedTypeDeclarations.ql | 2 + .../test/rules/unusedtypedeclarations/test.c | 54 +++++++++++++++++++ .../rules/RULE-2-3/UnusedTypeDeclarations.ql | 21 ++++++++ .../RULE-2-3/UnusedTypeDeclarations.testref | 1 + .../UnusedTypeDeclarations.expected | 13 ++--- .../rules/unusedtypedeclarations/test.cpp | 3 ++ 7 files changed, 93 insertions(+), 6 deletions(-) create mode 100644 c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.expected create mode 100644 c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql create mode 100644 c/common/test/rules/unusedtypedeclarations/test.c create mode 100644 c/misra/src/rules/RULE-2-3/UnusedTypeDeclarations.ql create mode 100644 c/misra/test/rules/RULE-2-3/UnusedTypeDeclarations.testref diff --git a/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.expected b/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.expected new file mode 100644 index 0000000000..49670b572f --- /dev/null +++ b/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.expected @@ -0,0 +1,5 @@ +| file://:0:0:0:0 | __va_list_tag | Type declaration __va_list_tag is not used. | +| test.c:4:8:4:8 | A | Type declaration A is not used. | +| test.c:7:18:7:18 | D | Type declaration D is not used. | +| test.c:30:11:30:11 | R | Type declaration R is not used. | +| test.c:43:12:43:12 | struct | Type declaration struct is not used. | diff --git a/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql b/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql new file mode 100644 index 0000000000..83b19da601 --- /dev/null +++ b/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.unusedtypedeclarations.UnusedTypeDeclarations diff --git a/c/common/test/rules/unusedtypedeclarations/test.c b/c/common/test/rules/unusedtypedeclarations/test.c new file mode 100644 index 0000000000..17d064326a --- /dev/null +++ b/c/common/test/rules/unusedtypedeclarations/test.c @@ -0,0 +1,54 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND CHANGES +// SHOULD BE REFLECTED THERE AS WELL. + +struct A {}; // NON_COMPLIANT - unused + +struct C {}; // COMPLIANT - used in the type def +typedef struct C D; // NON_COMPLIANT - typedef itself not used + +struct F {}; // COMPLIANT - used as a global function return type + +struct F test_return_value() { + struct F f; + return f; +} + +struct G {}; // COMPLIANT - used as a global function parameter type + +void test_global_function(struct G g) {} + +enum M { C1, C2, C3 }; // COMPLIANT - used in an enum type access below + +void test_enum_access() { + int i = C1; +} + +struct O {}; // COMPLIANT - used in typedef below + +typedef struct O P; // COMPLIANT - used in typedef below +typedef P Q; // COMPLIANT - used in function below +typedef Q R; // NON_COMPLIANT - never used + +Q test_type_def() {} + +struct { // COMPLIANT - used in type definition + union { // COMPLIANT - f1 and f3 is accessed + struct { // COMPLIANT - f1 is accessed + int f1; + }; + struct { // COMPLIANT - f3 is accessed + float f2; + float f3; + }; + struct { // NON_COMPLIANT - f4 is never accessed + long f4; + }; + }; + int f5; +} s; + +void test_nested_struct() { + s.f1; + s.f3; + s.f5; +} \ No newline at end of file diff --git a/c/misra/src/rules/RULE-2-3/UnusedTypeDeclarations.ql b/c/misra/src/rules/RULE-2-3/UnusedTypeDeclarations.ql new file mode 100644 index 0000000000..3192ee960f --- /dev/null +++ b/c/misra/src/rules/RULE-2-3/UnusedTypeDeclarations.ql @@ -0,0 +1,21 @@ +/** + * @id c/misra/unused-type-declarations + * @name RULE-2-3: A project should not contain unused type declarations + * @description Unused type declarations are either redundant or indicate a possible mistake on the + * part of the programmer. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/misra/id/rule-2-3 + * readability + * maintainability + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.rules.unusedtypedeclarations.UnusedTypeDeclarations + +class UnusedTypeDeclarationsQuery extends UnusedTypeDeclarationsSharedQuery { + UnusedTypeDeclarationsQuery() { this = DeadCodePackage::unusedTypeDeclarationsQuery() } +} diff --git a/c/misra/test/rules/RULE-2-3/UnusedTypeDeclarations.testref b/c/misra/test/rules/RULE-2-3/UnusedTypeDeclarations.testref new file mode 100644 index 0000000000..d07c9f7df2 --- /dev/null +++ b/c/misra/test/rules/RULE-2-3/UnusedTypeDeclarations.testref @@ -0,0 +1 @@ +c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql \ No newline at end of file diff --git a/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.expected b/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.expected index 4141698a95..77f9c0fda9 100644 --- a/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.expected +++ b/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.expected @@ -1,6 +1,7 @@ -| test.cpp:1:7:1:7 | A | Type declaration A is not used. | -| test.cpp:3:7:3:7 | B | Type declaration B is not used. | -| test.cpp:10:11:10:11 | D | Type declaration D is not used. | -| test.cpp:74:11:74:11 | R | Type declaration R is not used. | -| test.cpp:87:12:87:12 | struct | Type declaration struct is not used. | -| test.cpp:108:29:108:30 | AA | Type declaration AA is not used. | +| file://:0:0:0:0 | __va_list_tag | Type declaration __va_list_tag is not used. | +| test.cpp:4:7:4:7 | A | Type declaration A is not used. | +| test.cpp:6:7:6:7 | B | Type declaration B is not used. | +| test.cpp:13:11:13:11 | D | Type declaration D is not used. | +| test.cpp:77:11:77:11 | R | Type declaration R is not used. | +| test.cpp:90:12:90:12 | struct | Type declaration struct is not used. | +| test.cpp:111:29:111:30 | AA | Type declaration AA is not used. | diff --git a/cpp/common/test/rules/unusedtypedeclarations/test.cpp b/cpp/common/test/rules/unusedtypedeclarations/test.cpp index c14c0359d8..88968b6d95 100644 --- a/cpp/common/test/rules/unusedtypedeclarations/test.cpp +++ b/cpp/common/test/rules/unusedtypedeclarations/test.cpp @@ -1,3 +1,6 @@ +// NOTICE: SOME OF THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C TEST CASE AND CHANGES +// SHOULD BE REFLECTED THERE AS WELL. + class A {}; // NON_COMPLIANT - unused class B { // NON_COMPLIANT - only used within itself From 87a17808dc11d6c3d96eae428bbbc5e2f065e712 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Wed, 11 Jan 2023 23:08:54 +0000 Subject: [PATCH 0221/2573] DeadCode: Add MISRA C 2012 Rule 2.4 Add a query for finding unused tags. This query uses `TypeMention`s to identify tags that are never referenced. Note: this query tries to exclude tags generated from macros, but this is not currently working due to a bug in the CodeQL CLI 2.9.4. --- .../rules/RULE-2-4/UnusedTagDeclaration.ql | 33 ++++++++ .../RULE-2-4/UnusedTagDeclaration.expected | 7 ++ .../rules/RULE-2-4/UnusedTagDeclaration.qlref | 1 + c/misra/test/rules/RULE-2-4/test.c | 80 +++++++++++++++++++ c/misra/test/rules/RULE-2-4/test.ql | 6 ++ 5 files changed, 127 insertions(+) create mode 100644 c/misra/src/rules/RULE-2-4/UnusedTagDeclaration.ql create mode 100644 c/misra/test/rules/RULE-2-4/UnusedTagDeclaration.expected create mode 100644 c/misra/test/rules/RULE-2-4/UnusedTagDeclaration.qlref create mode 100644 c/misra/test/rules/RULE-2-4/test.c create mode 100644 c/misra/test/rules/RULE-2-4/test.ql diff --git a/c/misra/src/rules/RULE-2-4/UnusedTagDeclaration.ql b/c/misra/src/rules/RULE-2-4/UnusedTagDeclaration.ql new file mode 100644 index 0000000000..e3d0d74c31 --- /dev/null +++ b/c/misra/src/rules/RULE-2-4/UnusedTagDeclaration.ql @@ -0,0 +1,33 @@ +/** + * @id c/misra/unused-tag-declaration + * @name RULE-2-4: A project should not contain unused tag declarations + * @description Unused tag declarations are either redundant or indicate a possible mistake on the + * part of the programmer. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/misra/id/rule-2-4 + * readability + * maintainability + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.TypeUses + +from UserType s +where + not isExcluded(s, DeadCodePackage::unusedTagDeclarationQuery()) and + // ignore structs without a tag name + not s.getName() = "struct " and + // typedefs do not have a "tag" name, so this rule does not apply to them + not s instanceof TypedefType and + // Not mentioned anywhere + not exists(TypeMention tm | tm.getMentionedType() = s) and + // Exclude any struct that is fully generated from a macro expansion, as it may be used in other + // expansions of the same macro. + // Note: due to a bug in the CodeQL CLI version 2.9.4, this will currently have no effect, because + // `isInMacroExpansion` is broken for `UserType`s. + not s.isInMacroExpansion() +select s, "struct " + s.getName() + " has an unused tag." diff --git a/c/misra/test/rules/RULE-2-4/UnusedTagDeclaration.expected b/c/misra/test/rules/RULE-2-4/UnusedTagDeclaration.expected new file mode 100644 index 0000000000..abd602e9c8 --- /dev/null +++ b/c/misra/test/rules/RULE-2-4/UnusedTagDeclaration.expected @@ -0,0 +1,7 @@ +| test.c:4:8:4:9 | S2 | struct S2 has an unused tag. | +| test.c:7:16:7:17 | S3 | struct S3 has an unused tag. | +| test.c:17:6:17:7 | E1 | struct E1 has an unused tag. | +| test.c:31:10:31:11 | S7 | struct S7 has an unused tag. | +| test.c:50:8:50:10 | S10 | struct S10 has an unused tag. | +| test.c:66:3:66:14 | S13 | struct S13 has an unused tag. | +| test.c:79:8:79:10 | s14 | struct s14 has an unused tag. | diff --git a/c/misra/test/rules/RULE-2-4/UnusedTagDeclaration.qlref b/c/misra/test/rules/RULE-2-4/UnusedTagDeclaration.qlref new file mode 100644 index 0000000000..26753b3e85 --- /dev/null +++ b/c/misra/test/rules/RULE-2-4/UnusedTagDeclaration.qlref @@ -0,0 +1 @@ +rules/RULE-2-4/UnusedTagDeclaration.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-2-4/test.c b/c/misra/test/rules/RULE-2-4/test.c new file mode 100644 index 0000000000..ae73b17a6e --- /dev/null +++ b/c/misra/test/rules/RULE-2-4/test.c @@ -0,0 +1,80 @@ +struct S1 { // COMPLIANT + int x; +}; +struct S2 { // NON_COMPLIANT + int x; +}; +typedef struct S3 { // NON_COMPLIANT + int x; +} T1; +typedef struct S4 { // COMPLIANT + int x; +} T2; +struct S5 { // COMPLIANT + int x; +}; +typedef struct S5 T3; +enum E1 { state1, state2 }; // NON_COMPLIANT +enum E2 { state3, state4 }; // COMPLIANT +struct { // COMPLIANT - no tag + int x; +} s6; + +void test() { + struct S1 s1; + T1 t1; + t1.x = 0; // Field access on struct S3 + T2 t2; + struct S4 s4; + int x = state1; // enum access on E1 + enum E2 e2; + struct S7 { // NON_COMPLIANT + int x + } s7; + struct S8 { // COMPLIANT + int x + } s8; + struct S8 s8_2; + + struct S11 { // COMPLIANT + int x; + } foo(struct S11 s); +} + +struct S9 { // COMPLIANT + int x; +} test_2() { + return (struct S9){0}; +} + +struct S10 { // NON_COMPLIANT + int x; +} * test_3() { + return 0; +} + +struct S12 { // COMPLIANT + int x; +} foo(struct S12 s); + +#define STRUCT_MACRO \ + struct S13 { \ + int x; \ + }; + +void testMacroNameUsed() { + STRUCT_MACRO // COMPLIANT[FALSE_POSITIVE] - although the struct generated by + // the macro is never used in this expansion, it may be used in + // other expansions, so we don't want to report it as unused +} + +void testMacroNameNotUsed() { + STRUCT_MACRO // COMPLIANT - S13 is used in this expansion + struct S13 s13_2; +} + +#define PARTIAL \ + { int x; } + +struct s14 PARTIAL; // NON_COMPLIANT - affected by macro, but not fully + // generated, so fair to report as unused \ No newline at end of file diff --git a/c/misra/test/rules/RULE-2-4/test.ql b/c/misra/test/rules/RULE-2-4/test.ql new file mode 100644 index 0000000000..162065c1b2 --- /dev/null +++ b/c/misra/test/rules/RULE-2-4/test.ql @@ -0,0 +1,6 @@ +import cpp + +// from UserType ut +// where ut.isAffectedByMacro() +// select ut +select any(Location l).toString() as s, count(Location l | l.toString() = s) From cce11f425b38a68d0d3847cdc90a6dc6d1edffb4 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Wed, 11 Jan 2023 23:12:06 +0000 Subject: [PATCH 0222/2573] DeadCode: Add MISRA C 2012 Rule 2.5 Adds a query to find unused macro declarations. The query is mostly straightforward, however #undefs are not connected in our database schema with the #defines they undefine. This means that we cannot accurately identify unused macros when there is a sequence of defs and undefs. --- .../rules/RULE-2-5/UnusedMacroDeclaration.ql | 28 +++++++++++++++++++ .../RULE-2-5/UnusedMacroDeclaration.expected | 2 ++ .../RULE-2-5/UnusedMacroDeclaration.qlref | 1 + c/misra/test/rules/RULE-2-5/test.c | 16 +++++++++++ c/misra/test/rules/RULE-2-5/test.h | 3 ++ 5 files changed, 50 insertions(+) create mode 100644 c/misra/src/rules/RULE-2-5/UnusedMacroDeclaration.ql create mode 100644 c/misra/test/rules/RULE-2-5/UnusedMacroDeclaration.expected create mode 100644 c/misra/test/rules/RULE-2-5/UnusedMacroDeclaration.qlref create mode 100644 c/misra/test/rules/RULE-2-5/test.c create mode 100644 c/misra/test/rules/RULE-2-5/test.h diff --git a/c/misra/src/rules/RULE-2-5/UnusedMacroDeclaration.ql b/c/misra/src/rules/RULE-2-5/UnusedMacroDeclaration.ql new file mode 100644 index 0000000000..ed2b1f6065 --- /dev/null +++ b/c/misra/src/rules/RULE-2-5/UnusedMacroDeclaration.ql @@ -0,0 +1,28 @@ +/** + * @id c/misra/unused-macro-declaration + * @name RULE-2-5: A project should not contain unused macro declarations + * @description Unused macro declarations are either redundant or indicate a possible mistake on the + * part of the programmer. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/misra/id/rule-2-5 + * readability + * maintainability + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.c.misra + +from Macro m +where + not isExcluded(m, DeadCodePackage::unusedMacroDeclarationQuery()) and + not exists(MacroAccess ma | ma.getMacro() = m) and + // We consider a macro "used" if the name is undef-ed at some point in the same file, or a file + // that includes the file defining the macro. This will over approximate use in the case of a + // macro which is defined, then undefined, then re-defined but not used. + not exists(PreprocessorUndef u | + u.getName() = m.getName() and u.getFile().getAnIncludedFile*() = m.getFile() + ) +select m, "Macro " + m.getName() + " is unused." diff --git a/c/misra/test/rules/RULE-2-5/UnusedMacroDeclaration.expected b/c/misra/test/rules/RULE-2-5/UnusedMacroDeclaration.expected new file mode 100644 index 0000000000..ead04877ec --- /dev/null +++ b/c/misra/test/rules/RULE-2-5/UnusedMacroDeclaration.expected @@ -0,0 +1,2 @@ +| test.c:4:1:4:16 | #define MACRO3 3 | Macro MACRO3 is unused. | +| test.h:3:1:3:21 | #define HEADER_MACRO3 | Macro HEADER_MACRO3 is unused. | diff --git a/c/misra/test/rules/RULE-2-5/UnusedMacroDeclaration.qlref b/c/misra/test/rules/RULE-2-5/UnusedMacroDeclaration.qlref new file mode 100644 index 0000000000..d4ad7325a8 --- /dev/null +++ b/c/misra/test/rules/RULE-2-5/UnusedMacroDeclaration.qlref @@ -0,0 +1 @@ +rules/RULE-2-5/UnusedMacroDeclaration.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-2-5/test.c b/c/misra/test/rules/RULE-2-5/test.c new file mode 100644 index 0000000000..f37acb1509 --- /dev/null +++ b/c/misra/test/rules/RULE-2-5/test.c @@ -0,0 +1,16 @@ +#include "test.h" +#define MACRO1 1 // COMPLIANT +#define MACRO2 2 // COMPLIANT +#define MACRO3 3 // NON_COMPLIANT + +#undef MACRO1 + +// This case is not captured by the query +#define MACRO1 1 // NON_COMPLIANT[FALSE_NEGATIVE] + +#undef HEADER_MACRO1 + +void test() { + MACRO2; + HEADER_MACRO2; +} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-2-5/test.h b/c/misra/test/rules/RULE-2-5/test.h new file mode 100644 index 0000000000..3003ff9498 --- /dev/null +++ b/c/misra/test/rules/RULE-2-5/test.h @@ -0,0 +1,3 @@ +#define HEADER_MACRO1 // COMPLIANT +#define HEADER_MACRO2 // COMPLIANT +#define HEADER_MACRO3 // NON_COMPLIANT \ No newline at end of file From 8bfb9c88c7ebd2ee52beaf643aa090b583154ba7 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Wed, 11 Jan 2023 23:15:01 +0000 Subject: [PATCH 0223/2573] DeadCode: Add MISRA C 2012 Rule 2.6 Adds a query to find unused labels. We consider a label unused if we never "goto" the label and never take the address of the label. --- .../rules/RULE-2-6/UnusedLabelDeclaration.ql | 25 +++++++++++++++++++ .../RULE-2-6/UnusedLabelDeclaration.expected | 3 +++ .../RULE-2-6/UnusedLabelDeclaration.qlref | 1 + c/misra/test/rules/RULE-2-6/test.c | 17 +++++++++++++ 4 files changed, 46 insertions(+) create mode 100644 c/misra/src/rules/RULE-2-6/UnusedLabelDeclaration.ql create mode 100644 c/misra/test/rules/RULE-2-6/UnusedLabelDeclaration.expected create mode 100644 c/misra/test/rules/RULE-2-6/UnusedLabelDeclaration.qlref create mode 100644 c/misra/test/rules/RULE-2-6/test.c diff --git a/c/misra/src/rules/RULE-2-6/UnusedLabelDeclaration.ql b/c/misra/src/rules/RULE-2-6/UnusedLabelDeclaration.ql new file mode 100644 index 0000000000..4ab96707e4 --- /dev/null +++ b/c/misra/src/rules/RULE-2-6/UnusedLabelDeclaration.ql @@ -0,0 +1,25 @@ +/** + * @id c/misra/unused-label-declaration + * @name RULE-2-6: A function should not contain unused label declarations + * @description Unused label declarations are either redundant or indicate a possible mistake on the + * part of the programmer. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/misra/id/rule-2-6 + * readability + * maintainability + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.c.misra + +from LabelStmt label +where + not isExcluded(label, DeadCodePackage::unusedLabelDeclarationQuery()) and + // No GotoStmt jumps to this label + not exists(GotoStmt gs | gs.hasName() and gs.getTarget() = label) and + // The address of the label is never taken + not exists(LabelLiteral literal | literal.getLabel() = label) +select label, "Label " + label.getName() + " is unused." diff --git a/c/misra/test/rules/RULE-2-6/UnusedLabelDeclaration.expected b/c/misra/test/rules/RULE-2-6/UnusedLabelDeclaration.expected new file mode 100644 index 0000000000..1c6d5541ff --- /dev/null +++ b/c/misra/test/rules/RULE-2-6/UnusedLabelDeclaration.expected @@ -0,0 +1,3 @@ +| test.c:2:1:2:13 | label ...: | Label dead_label_1 is unused. | +| test.c:6:1:6:13 | label ...: | Label dead_label_2 is unused. | +| test.c:8:1:8:13 | label ...: | Label dead_label_3 is unused. | diff --git a/c/misra/test/rules/RULE-2-6/UnusedLabelDeclaration.qlref b/c/misra/test/rules/RULE-2-6/UnusedLabelDeclaration.qlref new file mode 100644 index 0000000000..2093fef0fe --- /dev/null +++ b/c/misra/test/rules/RULE-2-6/UnusedLabelDeclaration.qlref @@ -0,0 +1 @@ +rules/RULE-2-6/UnusedLabelDeclaration.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-2-6/test.c b/c/misra/test/rules/RULE-2-6/test.c new file mode 100644 index 0000000000..d3a643c1f1 --- /dev/null +++ b/c/misra/test/rules/RULE-2-6/test.c @@ -0,0 +1,17 @@ +void test1(int p1) { +dead_label_1: // NON_COMPLIANT +live_label_1: // COMPLIANT + int x = 0; +live_label_2: // COMPLIANT +dead_label_2: // NON_COMPLIANT + int y = 0; +dead_label_3: // NON_COMPLIANT + int z = 0; + + if (p1 > 1) { + goto live_label_1; + } + + // Taking the address of a label is sufficient to make it "live" + void *label_ptr = &&live_label_2; +} \ No newline at end of file From 22c9fe0e38d48e184e0e9415569b4970857e9021 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Wed, 11 Jan 2023 23:21:25 +0000 Subject: [PATCH 0224/2573] DeadCode: Add MISRA C 2012 Rule 2.7 Adds a shared implementation query for identifying unused parameters. --- .../unusedparameter/UnusedParameter.expected | 1 + .../rules/unusedparameter/UnusedParameter.ql | 2 ++ c/common/test/rules/unusedparameter/test.c | 8 +++++++ c/misra/src/rules/RULE-2-7/UnusedParameter.ql | 22 +++++++++++++++++++ .../rules/RULE-2-7/UnusedParameter.testref | 1 + .../unusedparameter/UnusedParameter.expected | 4 ++-- .../test/rules/unusedparameter/test.cpp | 3 +++ 7 files changed, 39 insertions(+), 2 deletions(-) create mode 100644 c/common/test/rules/unusedparameter/UnusedParameter.expected create mode 100644 c/common/test/rules/unusedparameter/UnusedParameter.ql create mode 100644 c/common/test/rules/unusedparameter/test.c create mode 100644 c/misra/src/rules/RULE-2-7/UnusedParameter.ql create mode 100644 c/misra/test/rules/RULE-2-7/UnusedParameter.testref diff --git a/c/common/test/rules/unusedparameter/UnusedParameter.expected b/c/common/test/rules/unusedparameter/UnusedParameter.expected new file mode 100644 index 0000000000..09519575c9 --- /dev/null +++ b/c/common/test/rules/unusedparameter/UnusedParameter.expected @@ -0,0 +1 @@ +| test.c:6:22:6:22 | x | Unused parameter 'x' for function $@. | test.c:6:6:6:16 | test_unused | test_unused | diff --git a/c/common/test/rules/unusedparameter/UnusedParameter.ql b/c/common/test/rules/unusedparameter/UnusedParameter.ql new file mode 100644 index 0000000000..0c6d01d515 --- /dev/null +++ b/c/common/test/rules/unusedparameter/UnusedParameter.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.unusedparameter.UnusedParameter diff --git a/c/common/test/rules/unusedparameter/test.c b/c/common/test/rules/unusedparameter/test.c new file mode 100644 index 0000000000..87fb1b5fe7 --- /dev/null +++ b/c/common/test/rules/unusedparameter/test.c @@ -0,0 +1,8 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. + +int test_used(int x) { return x; } // COMPLIANT + +void test_unused(int x) {} // NON_COMPLIANT + +void test_no_def(int x); // COMPLIANT - no definition, so cannot be "unused" \ No newline at end of file diff --git a/c/misra/src/rules/RULE-2-7/UnusedParameter.ql b/c/misra/src/rules/RULE-2-7/UnusedParameter.ql new file mode 100644 index 0000000000..0c47ebf130 --- /dev/null +++ b/c/misra/src/rules/RULE-2-7/UnusedParameter.ql @@ -0,0 +1,22 @@ +/** + * @id c/misra/unused-parameter + * @name RULE-2-7: There should be no unused parameters in functions + * @description Unused parameters can indicate a mistake when implementing the function. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/misra/id/rule-2-7 + * readability + * maintainability + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.rules.unusedparameter.UnusedParameter + +class UnusedParameterQuery extends UnusedParameterSharedQuery { + UnusedParameterQuery() { + this = DeadCodePackage::unusedParameterQuery() + } +} diff --git a/c/misra/test/rules/RULE-2-7/UnusedParameter.testref b/c/misra/test/rules/RULE-2-7/UnusedParameter.testref new file mode 100644 index 0000000000..852d3c4eb2 --- /dev/null +++ b/c/misra/test/rules/RULE-2-7/UnusedParameter.testref @@ -0,0 +1 @@ +c/common/test/rules/unusedparameter/UnusedParameter.ql \ No newline at end of file diff --git a/cpp/common/test/rules/unusedparameter/UnusedParameter.expected b/cpp/common/test/rules/unusedparameter/UnusedParameter.expected index b4d1fe97fa..9264f421f9 100644 --- a/cpp/common/test/rules/unusedparameter/UnusedParameter.expected +++ b/cpp/common/test/rules/unusedparameter/UnusedParameter.expected @@ -1,2 +1,2 @@ -| test.cpp:3:22:3:22 | x | Unused parameter 'x' for function $@. | test.cpp:3:6:3:16 | test_unused | test_unused | -| test.cpp:11:14:11:14 | x | Unused parameter 'x' for function $@. | test.cpp:11:8:11:8 | b | A::b | +| test.cpp:6:22:6:22 | x | Unused parameter 'x' for function $@. | test.cpp:6:6:6:16 | test_unused | test_unused | +| test.cpp:14:14:14:14 | x | Unused parameter 'x' for function $@. | test.cpp:14:8:14:8 | b | A::b | diff --git a/cpp/common/test/rules/unusedparameter/test.cpp b/cpp/common/test/rules/unusedparameter/test.cpp index ef50059107..07d14bfe9e 100644 --- a/cpp/common/test/rules/unusedparameter/test.cpp +++ b/cpp/common/test/rules/unusedparameter/test.cpp @@ -1,3 +1,6 @@ +// NOTICE: SOME OF THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. + int test_used(int x) { return x; } // COMPLIANT void test_unused(int x) {} // NON_COMPLIANT From 0e9f1a2d73dc9949b0acf7a68d04bce27b875518 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Wed, 11 Jan 2023 23:25:44 +0000 Subject: [PATCH 0225/2573] DeadCode: Format test cases --- c/common/test/rules/deadcode/test.c | 4 ++-- c/common/test/rules/unreachablecode/test.c | 4 ++-- .../UnusedTypeDeclarations.expected | 4 ++-- .../test/rules/unusedtypedeclarations/test.c | 16 +++++++--------- .../unreachablecode/UnreachableCode.expected | 10 +++++----- cpp/common/test/rules/unreachablecode/test.cpp | 3 +++ .../test/rules/unusedtypedeclarations/test.cpp | 4 ++-- 7 files changed, 23 insertions(+), 22 deletions(-) diff --git a/c/common/test/rules/deadcode/test.c b/c/common/test/rules/deadcode/test.c index bbebce9f1d..bd18e6aeb5 100644 --- a/c/common/test/rules/deadcode/test.c +++ b/c/common/test/rules/deadcode/test.c @@ -1,5 +1,5 @@ -// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND CHANGES -// SHOULD BE REFLECTED THERE AS WELL. +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. // Define true/false for compatibility with C++ test cases #define false 0 #define true 1 diff --git a/c/common/test/rules/unreachablecode/test.c b/c/common/test/rules/unreachablecode/test.c index 1d0102cf79..7bb37844cb 100644 --- a/c/common/test/rules/unreachablecode/test.c +++ b/c/common/test/rules/unreachablecode/test.c @@ -1,5 +1,5 @@ -// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND CHANGES -// SHOULD BE REFLECTED THERE AS WELL. +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. void test_switch(int p1) { int l1 = 0; diff --git a/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.expected b/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.expected index 49670b572f..b0f416cbe9 100644 --- a/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.expected +++ b/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.expected @@ -1,5 +1,5 @@ | file://:0:0:0:0 | __va_list_tag | Type declaration __va_list_tag is not used. | | test.c:4:8:4:8 | A | Type declaration A is not used. | | test.c:7:18:7:18 | D | Type declaration D is not used. | -| test.c:30:11:30:11 | R | Type declaration R is not used. | -| test.c:43:12:43:12 | struct | Type declaration struct is not used. | +| test.c:28:11:28:11 | R | Type declaration R is not used. | +| test.c:41:12:41:12 | struct | Type declaration struct is not used. | diff --git a/c/common/test/rules/unusedtypedeclarations/test.c b/c/common/test/rules/unusedtypedeclarations/test.c index 17d064326a..aedd16338e 100644 --- a/c/common/test/rules/unusedtypedeclarations/test.c +++ b/c/common/test/rules/unusedtypedeclarations/test.c @@ -1,9 +1,9 @@ -// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND CHANGES -// SHOULD BE REFLECTED THERE AS WELL. +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. struct A {}; // NON_COMPLIANT - unused -struct C {}; // COMPLIANT - used in the type def +struct C {}; // COMPLIANT - used in the type def typedef struct C D; // NON_COMPLIANT - typedef itself not used struct F {}; // COMPLIANT - used as a global function return type @@ -17,17 +17,15 @@ struct G {}; // COMPLIANT - used as a global function parameter type void test_global_function(struct G g) {} -enum M { C1, C2, C3 }; // COMPLIANT - used in an enum type access below +enum M { C1, C2, C3 }; // COMPLIANT - used in an enum type access below -void test_enum_access() { - int i = C1; -} +void test_enum_access() { int i = C1; } struct O {}; // COMPLIANT - used in typedef below typedef struct O P; // COMPLIANT - used in typedef below -typedef P Q; // COMPLIANT - used in function below -typedef Q R; // NON_COMPLIANT - never used +typedef P Q; // COMPLIANT - used in function below +typedef Q R; // NON_COMPLIANT - never used Q test_type_def() {} diff --git a/cpp/common/test/rules/unreachablecode/UnreachableCode.expected b/cpp/common/test/rules/unreachablecode/UnreachableCode.expected index 59da0e8e82..1c8f16611b 100644 --- a/cpp/common/test/rules/unreachablecode/UnreachableCode.expected +++ b/cpp/common/test/rules/unreachablecode/UnreachableCode.expected @@ -1,5 +1,5 @@ -| test.cpp:14:3:14:12 | declaration | This statement in function $@ is unreachable. | test.cpp:12:5:12:21 | test_after_return | test_after_return | -| test.cpp:18:10:19:12 | { ... } | This statement in function $@ is unreachable. | test.cpp:17:5:17:27 | test_constant_condition | test_constant_condition | -| test.cpp:29:10:30:12 | { ... } | This statement in function $@ is unreachable. | test.cpp:28:24:28:24 | f | f | -| test.cpp:50:12:51:14 | { ... } | This statement in function $@ is unreachable. | test.cpp:49:7:49:8 | h1 | h1 | -| test.cpp:55:12:56:14 | { ... } | This statement in function $@ is unreachable. | test.cpp:54:7:54:8 | h2 | h2 | +| test.cpp:17:3:17:12 | declaration | This statement in function $@ is unreachable. | test.cpp:15:5:15:21 | test_after_return | test_after_return | +| test.cpp:21:10:22:12 | { ... } | This statement in function $@ is unreachable. | test.cpp:20:5:20:27 | test_constant_condition | test_constant_condition | +| test.cpp:32:10:33:12 | { ... } | This statement in function $@ is unreachable. | test.cpp:31:24:31:24 | f | f | +| test.cpp:53:12:54:14 | { ... } | This statement in function $@ is unreachable. | test.cpp:52:7:52:8 | h1 | h1 | +| test.cpp:58:12:59:14 | { ... } | This statement in function $@ is unreachable. | test.cpp:57:7:57:8 | h2 | h2 | diff --git a/cpp/common/test/rules/unreachablecode/test.cpp b/cpp/common/test/rules/unreachablecode/test.cpp index 6ed61b527f..749b3a43da 100644 --- a/cpp/common/test/rules/unreachablecode/test.cpp +++ b/cpp/common/test/rules/unreachablecode/test.cpp @@ -1,3 +1,6 @@ +// NOTICE: SOME OF THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. + void test_switch(int p1) { int l1 = 0; switch (p1) { diff --git a/cpp/common/test/rules/unusedtypedeclarations/test.cpp b/cpp/common/test/rules/unusedtypedeclarations/test.cpp index 88968b6d95..f3235f325f 100644 --- a/cpp/common/test/rules/unusedtypedeclarations/test.cpp +++ b/cpp/common/test/rules/unusedtypedeclarations/test.cpp @@ -1,5 +1,5 @@ -// NOTICE: SOME OF THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C TEST CASE AND CHANGES -// SHOULD BE REFLECTED THERE AS WELL. +// NOTICE: SOME OF THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. class A {}; // NON_COMPLIANT - unused From 4a1658655a5fdbe6f87b193aa13b5151e0b80b67 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Wed, 11 Jan 2023 23:35:15 +0000 Subject: [PATCH 0226/2573] DeadCode: Add implementation scopes, correct docs --- rule_packages/c/DeadCode.json | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/rule_packages/c/DeadCode.json b/rule_packages/c/DeadCode.json index a3234b9844..1de7625225 100644 --- a/rule_packages/c/DeadCode.json +++ b/rule_packages/c/DeadCode.json @@ -17,8 +17,7 @@ "maintainability" ], "implementation_scope": { - "description": "This query reports ...", - "items": [] + "description": "This query reports basic blocks in the program which are unreachable. For basic blocks within templates, the block is only consider unreachable if it is unreachable in all templates. Code generated by macros is ignored for this query, because it may be the case that basic blocks are reachable only in some expansions." }, "shared_implementation_short_name": "UnreachableCode" } @@ -41,6 +40,19 @@ "readability", "maintainability" ], + "implementation_scope": { + "description": "This query identifies dead statements in the program of the following kinds:", + "items": [ + "Declarations of a non-static stack variable whose initializing expression is pure (i.e. has no side-effects) and that is never subsequently accessed in live code.", + "Blocks that contain only dead statements.", + "Do loops whose condition is pure, and whose body contains only dead statements.", + "If statements whose condition is pure, and whose then and else clauses (where they exist) only contain dead statements.", + "Label statements to which the code never jumps.", + "While loops whose condition is pure, and whose body contains only dead statements.", + "Expression statements whose expressions are pure.", + "Writes to a non-static stack variable that is never subsequently read in live code." + ] + }, "shared_implementation_short_name": "DeadCode" } ], From b66e9b41be9c4538da28d57df62bc585e6df7fab Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Thu, 12 Jan 2023 14:57:36 +0000 Subject: [PATCH 0227/2573] DeadCode: Remove erroneously committed file. --- c/misra/test/rules/RULE-2-4/test.ql | 6 ------ 1 file changed, 6 deletions(-) delete mode 100644 c/misra/test/rules/RULE-2-4/test.ql diff --git a/c/misra/test/rules/RULE-2-4/test.ql b/c/misra/test/rules/RULE-2-4/test.ql deleted file mode 100644 index 162065c1b2..0000000000 --- a/c/misra/test/rules/RULE-2-4/test.ql +++ /dev/null @@ -1,6 +0,0 @@ -import cpp - -// from UserType ut -// where ut.isAffectedByMacro() -// select ut -select any(Location l).toString() as s, count(Location l | l.toString() = s) From eb97ecb65931b3d9b049d120a333170bbe207d00 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 12 Jan 2023 11:40:57 -0500 Subject: [PATCH 0228/2573] finished check --- .../PSCodingStandards/CodingStandards.psm1 | 4 + scripts/PSCodingStandards/Config.ps1 | 2 + scripts/matrix_testing/Config.ps1 | 1 - ...est-SharedImplementationsHaveTestCases.ps1 | 111 ++++++++++++++++++ 4 files changed, 117 insertions(+), 1 deletion(-) create mode 100644 scripts/PSCodingStandards/Config.ps1 create mode 100644 scripts/util/Test-SharedImplementationsHaveTestCases.ps1 diff --git a/scripts/PSCodingStandards/CodingStandards.psm1 b/scripts/PSCodingStandards/CodingStandards.psm1 index 65d3fe38f6..609b8ebf1f 100644 --- a/scripts/PSCodingStandards/CodingStandards.psm1 +++ b/scripts/PSCodingStandards/CodingStandards.psm1 @@ -8,4 +8,8 @@ foreach($i in $Functions){ Export-ModuleMember -Function $Functions.BaseName +Write-Host "Importing Configuration.... " +Export-ModuleMember -Variable AVAILABLE_SUITES +Export-ModuleMember -Variable AVAILABLE_LANGUAGES + Write-Host "IMPORTING " \ No newline at end of file diff --git a/scripts/PSCodingStandards/Config.ps1 b/scripts/PSCodingStandards/Config.ps1 new file mode 100644 index 0000000000..2dc8d8e5bc --- /dev/null +++ b/scripts/PSCodingStandards/Config.ps1 @@ -0,0 +1,2 @@ +$AVAILABLE_SUITES = @("CERT-C++", "AUTOSAR", "MISRA-C-2012", "CERT-C") +$AVAILABLE_LANGUAGES = @("c", "cpp") \ No newline at end of file diff --git a/scripts/matrix_testing/Config.ps1 b/scripts/matrix_testing/Config.ps1 index 9d64e20452..be09978e6b 100644 --- a/scripts/matrix_testing/Config.ps1 +++ b/scripts/matrix_testing/Config.ps1 @@ -23,7 +23,6 @@ $COMPILER_ARGS = @{ } -$AVAILABLE_SUITES = @("CERT-C++", "AUTOSAR", "MISRA-C-2012", "CERT-C") $REQUIRED_CODEQL_VERSION = "2.6.3" diff --git a/scripts/util/Test-SharedImplementationsHaveTestCases.ps1 b/scripts/util/Test-SharedImplementationsHaveTestCases.ps1 new file mode 100644 index 0000000000..3e207b6712 --- /dev/null +++ b/scripts/util/Test-SharedImplementationsHaveTestCases.ps1 @@ -0,0 +1,111 @@ +#!/usr/bin/env pwsh +param( + [ValidateSet('c', 'cpp')] + [string] + $Language = 'c', + [Parameter(Mandatory = $false)] + [string] + $ReportDir = (Get-Location), + [switch] + $CIMode +) + +Import-Module -Force -Name "$PSScriptRoot/../PSCodingStandards/CodingStandards" + +$allQueries = @() +$queriesToCheck = @() + +# load all the queries +foreach ($s in $AVAILABLE_SUITES) { + $allQueries += Get-RulesInSuite -Suite $s -Language $Language +} + +foreach ($q in $allQueries){ + if($q | Get-Member "shared_implementation_short_name"){ + $queriesToCheck += $q + } +} + +if ($queriesToCheck.Count -eq 0) { + throw "No queries loaded." +} +else { + Write-Host "Loaded $($queriesToCheck.Count) queries with shared implementations." +} + +# What we want to verify is that IF a shared implementation is used, then we +# have a valid test case WITHIN the language that is using it. + +$REPORT = @() + +foreach($q in $queriesToCheck){ + # Get test directory + $testDirectory = Get-TestDirectory -RuleObject $q -Language $Language + Write-Host "Verifying $Language language tests in $testDirectory..." + + + $row = @{ + "SUITE" = $q.__memberof_suite; + "PACKAGE" = $q.__memberof_package; + "RULE" = $q.__memberof_rule; + "QUERY" = $q.short_name; + "SHARED_NAME" = $q.shared_implementation_short_name; + "TEST_DIR_EXISTS" = $false; + "SOURCE_CODE_EXISTS" = $false; + "EXPECTED_EXISTS" = $false; + "REFERENCE_EXISTS" = $false; + } + + # require a .c for language cpp + # require a .expected + # require a .ql + + if(-not (Test-Path $testDirectory)){ + continue + } + + $dirName = (Get-Item $testDirectory).Basename + $dirNameLower = $dirName.ToLower() + + $row["TEST_DIR_EXISTS"] = $true + + if((Test-Path (Join-Path $testDirectory "test.$Language"))){ + $row["SOURCE_CODE_EXISTS"] = $true + } + + if((Test-Path (Join-Path $testDirectory "$dirNameLower.expected"))){ + $row["EXPECTED_EXISTS"] = $true + } + + if((Test-Path (Join-Path $testDirectory "$dirNameLower.ql"))){ + $row["REFERENCE_EXISTS"] = $true + } + + + $REPORT += $row +} + + + +# output a CSV containing the elements that do not contain +$fileTag = "$Language-$(Get-Date -Format "yyyy-MM-dd_HH-mm-ss")" +$reportOutputFile = Join-Path $ReportDir "TestReport-$fileTag.csv" +$missingReportOutputFile = Join-Path $ReportDir "MissingTestReport-$fileTag.csv" + +$failCount = 0 +foreach ($r in $REPORT) { + if(($r["TEST_DIR_EXISTS"] -eq $false) -or ($r["SOURCE_CODE_EXISTS"] -eq $false) -or ($r["EXPECTED_EXISTS"] -eq $false) -or ($r["REFERENCE_EXISTS"] -eq $false)){ + $failCount += 1 + [PSCustomObject]$r | Export-CSV -Path $missingReportOutputFile -Append -NoTypeInformation + + } + [PSCustomObject]$r | Export-CSV -Path $reportOutputFile -Append -NoTypeInformation +} + +Write-Host "Write report to $reportOutputFile" + +if(($CIMode) -and ($failCount -gt 0)){ + throw "Found $failCount/$($queriesToCheck.Count) invalid shared test uses" +}else{ + Write-Host "Found $failCount/$($queriesToCheck.Count) invalid shared test uses" +} From 176e9d3dc4d48816234385390ff04728f2aca2d2 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 12 Jan 2023 11:48:17 -0500 Subject: [PATCH 0229/2573] automation --- .github/workflows/validate-rules-csv.yml | 27 ++++++++++++++++++- ...est-SharedImplementationsHaveTestCases.ps1 | 1 - 2 files changed, 26 insertions(+), 2 deletions(-) diff --git a/.github/workflows/validate-rules-csv.yml b/.github/workflows/validate-rules-csv.yml index 1c6418c98f..97cf0a8542 100644 --- a/.github/workflows/validate-rules-csv.yml +++ b/.github/workflows/validate-rules-csv.yml @@ -25,4 +25,29 @@ jobs: shell: pwsh run: scripts/util/Get-DuplicateRules.ps1 -Language 'all' -CIMode - \ No newline at end of file + + validate-rules-structure: + name: Validate Rules Structure + runs-on: ubuntu-22.04 + steps: + - name: Checkout + uses: actions/checkout@v2 + + - name: Ensure CPP Shared Rules Have Valid Structure + shell: pwsh + run: scripts/util/Test-SharedImplementationsHaveTestCases.ps1 -Language cpp -CIMode + + - name: Ensure C Shared Rules Have Valid Structure + shell: pwsh + run: scripts/util/Test-SharedImplementationsHaveTestCases.ps1 -Language c -CIMode + + - uses: actions/upload-artifact@v3 + with: + name: missing-test-report.csv + path: MissingTestReport* + + - uses: actions/upload-artifact@v3 + with: + name: test-report.csv + path: TestReport* + \ No newline at end of file diff --git a/scripts/util/Test-SharedImplementationsHaveTestCases.ps1 b/scripts/util/Test-SharedImplementationsHaveTestCases.ps1 index 3e207b6712..7a336468d0 100644 --- a/scripts/util/Test-SharedImplementationsHaveTestCases.ps1 +++ b/scripts/util/Test-SharedImplementationsHaveTestCases.ps1 @@ -97,7 +97,6 @@ foreach ($r in $REPORT) { if(($r["TEST_DIR_EXISTS"] -eq $false) -or ($r["SOURCE_CODE_EXISTS"] -eq $false) -or ($r["EXPECTED_EXISTS"] -eq $false) -or ($r["REFERENCE_EXISTS"] -eq $false)){ $failCount += 1 [PSCustomObject]$r | Export-CSV -Path $missingReportOutputFile -Append -NoTypeInformation - } [PSCustomObject]$r | Export-CSV -Path $reportOutputFile -Append -NoTypeInformation } From 0f642735d058ba7cde5f4cf445103f7d6e2acad3 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 12 Jan 2023 11:50:04 -0500 Subject: [PATCH 0230/2573] more automation --- scripts/util/Test-SharedImplementationsHaveTestCases.ps1 | 2 -- 1 file changed, 2 deletions(-) diff --git a/scripts/util/Test-SharedImplementationsHaveTestCases.ps1 b/scripts/util/Test-SharedImplementationsHaveTestCases.ps1 index 7a336468d0..1fa9158f6d 100644 --- a/scripts/util/Test-SharedImplementationsHaveTestCases.ps1 +++ b/scripts/util/Test-SharedImplementationsHaveTestCases.ps1 @@ -85,8 +85,6 @@ foreach($q in $queriesToCheck){ $REPORT += $row } - - # output a CSV containing the elements that do not contain $fileTag = "$Language-$(Get-Date -Format "yyyy-MM-dd_HH-mm-ss")" $reportOutputFile = Join-Path $ReportDir "TestReport-$fileTag.csv" From 2e9417ceb86aca7b12579b3887a76be83f38b1fa Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 12 Jan 2023 11:51:36 -0500 Subject: [PATCH 0231/2573] rename --- .../{validate-rules-csv.yml => extra-rule-validation.yml} | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) rename .github/workflows/{validate-rules-csv.yml => extra-rule-validation.yml} (90%) diff --git a/.github/workflows/validate-rules-csv.yml b/.github/workflows/extra-rule-validation.yml similarity index 90% rename from .github/workflows/validate-rules-csv.yml rename to .github/workflows/extra-rule-validation.yml index 97cf0a8542..1053444697 100644 --- a/.github/workflows/validate-rules-csv.yml +++ b/.github/workflows/extra-rule-validation.yml @@ -1,4 +1,4 @@ -name: ⚙️ Validate Rules CSV +name: ⚙️ Extra Fule Validation on: push: @@ -26,8 +26,8 @@ jobs: run: scripts/util/Get-DuplicateRules.ps1 -Language 'all' -CIMode - validate-rules-structure: - name: Validate Rules Structure + validate-shared-rules-test-structure: + name: Validate Rules Test Structure runs-on: ubuntu-22.04 steps: - name: Checkout From 05728db131e99da3bc76eee94d5e82e66bbb7787 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 12 Jan 2023 11:54:32 -0500 Subject: [PATCH 0232/2573] typo --- .github/workflows/extra-rule-validation.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/extra-rule-validation.yml b/.github/workflows/extra-rule-validation.yml index 1053444697..8ff05a4988 100644 --- a/.github/workflows/extra-rule-validation.yml +++ b/.github/workflows/extra-rule-validation.yml @@ -1,4 +1,4 @@ -name: ⚙️ Extra Fule Validation +name: ⚙️ Extra Rule Validation on: push: From c85ad4efd32cd040ddb71321dbb323bb09881172 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 12 Jan 2023 12:06:06 -0500 Subject: [PATCH 0233/2573] diagnostics --- scripts/util/Test-SharedImplementationsHaveTestCases.ps1 | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/util/Test-SharedImplementationsHaveTestCases.ps1 b/scripts/util/Test-SharedImplementationsHaveTestCases.ps1 index 1fa9158f6d..f555ee5758 100644 --- a/scripts/util/Test-SharedImplementationsHaveTestCases.ps1 +++ b/scripts/util/Test-SharedImplementationsHaveTestCases.ps1 @@ -61,6 +61,7 @@ foreach($q in $queriesToCheck){ # require a .ql if(-not (Test-Path $testDirectory)){ + Write-Host "Test directory $(Resolve-Path $testDirectory) does not exist." continue } From 8a12e4206e584b81a3e399c47a91fa42034dcf8c Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 12 Jan 2023 12:08:39 -0500 Subject: [PATCH 0234/2573] debugging --- scripts/util/Test-SharedImplementationsHaveTestCases.ps1 | 3 +++ 1 file changed, 3 insertions(+) diff --git a/scripts/util/Test-SharedImplementationsHaveTestCases.ps1 b/scripts/util/Test-SharedImplementationsHaveTestCases.ps1 index f555ee5758..4fbbe692d2 100644 --- a/scripts/util/Test-SharedImplementationsHaveTestCases.ps1 +++ b/scripts/util/Test-SharedImplementationsHaveTestCases.ps1 @@ -71,14 +71,17 @@ foreach($q in $queriesToCheck){ $row["TEST_DIR_EXISTS"] = $true if((Test-Path (Join-Path $testDirectory "test.$Language"))){ + Write-Host "Source Code Does not exist $((Join-Path $testDirectory "test.$Language"))" $row["SOURCE_CODE_EXISTS"] = $true } if((Test-Path (Join-Path $testDirectory "$dirNameLower.expected"))){ + Write-Host "expected $((Join-Path $testDirectory "$dirNameLower.expected"))" $row["EXPECTED_EXISTS"] = $true } if((Test-Path (Join-Path $testDirectory "$dirNameLower.ql"))){ + Write-Host "ql $((Join-Path $testDirectory "$dirNameLower.ql"))" $row["REFERENCE_EXISTS"] = $true } From 591b4613537df6898ad57ac04d636afe80427dc7 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 12 Jan 2023 12:14:09 -0500 Subject: [PATCH 0235/2573] failures --- .github/workflows/extra-rule-validation.yml | 2 ++ scripts/util/Test-SharedImplementationsHaveTestCases.ps1 | 9 ++++++--- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/.github/workflows/extra-rule-validation.yml b/.github/workflows/extra-rule-validation.yml index 8ff05a4988..baf8f1329b 100644 --- a/.github/workflows/extra-rule-validation.yml +++ b/.github/workflows/extra-rule-validation.yml @@ -45,9 +45,11 @@ jobs: with: name: missing-test-report.csv path: MissingTestReport* + if-no-files-found: error - uses: actions/upload-artifact@v3 with: name: test-report.csv path: TestReport* + if-no-files-found: error \ No newline at end of file diff --git a/scripts/util/Test-SharedImplementationsHaveTestCases.ps1 b/scripts/util/Test-SharedImplementationsHaveTestCases.ps1 index 4fbbe692d2..6008c87cf2 100644 --- a/scripts/util/Test-SharedImplementationsHaveTestCases.ps1 +++ b/scripts/util/Test-SharedImplementationsHaveTestCases.ps1 @@ -71,18 +71,21 @@ foreach($q in $queriesToCheck){ $row["TEST_DIR_EXISTS"] = $true if((Test-Path (Join-Path $testDirectory "test.$Language"))){ - Write-Host "Source Code Does not exist $((Join-Path $testDirectory "test.$Language"))" $row["SOURCE_CODE_EXISTS"] = $true + }else{ + Write-Host "-SOURCE $((Join-Path $testDirectory "test.$Language")) missing" } if((Test-Path (Join-Path $testDirectory "$dirNameLower.expected"))){ - Write-Host "expected $((Join-Path $testDirectory "$dirNameLower.expected"))" $row["EXPECTED_EXISTS"] = $true + }else{ + Write-Host "-EXPECTED $((Join-Path $testDirectory "$dirNameLower.expected")) missing" } if((Test-Path (Join-Path $testDirectory "$dirNameLower.ql"))){ - Write-Host "ql $((Join-Path $testDirectory "$dirNameLower.ql"))" $row["REFERENCE_EXISTS"] = $true + }else{ + Write-Host "-QL $((Join-Path $testDirectory "$dirNameLower.ql")) missing" } From dee90918ad2a275c7c113459adf89cb9b9feb0db Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 12 Jan 2023 12:18:43 -0500 Subject: [PATCH 0236/2573] fix --- scripts/util/Test-SharedImplementationsHaveTestCases.ps1 | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/scripts/util/Test-SharedImplementationsHaveTestCases.ps1 b/scripts/util/Test-SharedImplementationsHaveTestCases.ps1 index 6008c87cf2..ee816f5b98 100644 --- a/scripts/util/Test-SharedImplementationsHaveTestCases.ps1 +++ b/scripts/util/Test-SharedImplementationsHaveTestCases.ps1 @@ -67,6 +67,7 @@ foreach($q in $queriesToCheck){ $dirName = (Get-Item $testDirectory).Basename $dirNameLower = $dirName.ToLower() + $sharedName = $q.shared_implementation_short_name $row["TEST_DIR_EXISTS"] = $true @@ -76,16 +77,16 @@ foreach($q in $queriesToCheck){ Write-Host "-SOURCE $((Join-Path $testDirectory "test.$Language")) missing" } - if((Test-Path (Join-Path $testDirectory "$dirNameLower.expected"))){ + if((Test-Path (Join-Path $testDirectory "$sharedName.expected"))){ $row["EXPECTED_EXISTS"] = $true }else{ - Write-Host "-EXPECTED $((Join-Path $testDirectory "$dirNameLower.expected")) missing" + Write-Host "-EXPECTED $((Join-Path $testDirectory "$sharedName.expected")) missing" } - if((Test-Path (Join-Path $testDirectory "$dirNameLower.ql"))){ + if((Test-Path (Join-Path $testDirectory "$sharedName.ql"))){ $row["REFERENCE_EXISTS"] = $true }else{ - Write-Host "-QL $((Join-Path $testDirectory "$dirNameLower.ql")) missing" + Write-Host "-QL $((Join-Path $testDirectory "$sharedName.ql")) missing" } From e78b5da39ae7438c5ec3b457616eb18a766754e6 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 12 Jan 2023 12:21:27 -0500 Subject: [PATCH 0237/2573] fix --- .github/workflows/extra-rule-validation.yml | 3 --- scripts/util/Test-SharedImplementationsHaveTestCases.ps1 | 2 +- 2 files changed, 1 insertion(+), 4 deletions(-) diff --git a/.github/workflows/extra-rule-validation.yml b/.github/workflows/extra-rule-validation.yml index baf8f1329b..271a3b3a9b 100644 --- a/.github/workflows/extra-rule-validation.yml +++ b/.github/workflows/extra-rule-validation.yml @@ -37,9 +37,6 @@ jobs: shell: pwsh run: scripts/util/Test-SharedImplementationsHaveTestCases.ps1 -Language cpp -CIMode - - name: Ensure C Shared Rules Have Valid Structure - shell: pwsh - run: scripts/util/Test-SharedImplementationsHaveTestCases.ps1 -Language c -CIMode - uses: actions/upload-artifact@v3 with: diff --git a/scripts/util/Test-SharedImplementationsHaveTestCases.ps1 b/scripts/util/Test-SharedImplementationsHaveTestCases.ps1 index ee816f5b98..b958e7bede 100644 --- a/scripts/util/Test-SharedImplementationsHaveTestCases.ps1 +++ b/scripts/util/Test-SharedImplementationsHaveTestCases.ps1 @@ -61,7 +61,7 @@ foreach($q in $queriesToCheck){ # require a .ql if(-not (Test-Path $testDirectory)){ - Write-Host "Test directory $(Resolve-Path $testDirectory) does not exist." + Write-Host "Test directory $testDirectory does not exist." continue } From aa90e92219d837a74d17cf7227be64676113857c Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 12 Jan 2023 12:24:05 -0500 Subject: [PATCH 0238/2573] paths --- .github/workflows/extra-rule-validation.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/extra-rule-validation.yml b/.github/workflows/extra-rule-validation.yml index 271a3b3a9b..d5d2cb7ebe 100644 --- a/.github/workflows/extra-rule-validation.yml +++ b/.github/workflows/extra-rule-validation.yml @@ -41,12 +41,12 @@ jobs: - uses: actions/upload-artifact@v3 with: name: missing-test-report.csv - path: MissingTestReport* + path: codeql-coding-standards/MissingTestReport*.csv if-no-files-found: error - uses: actions/upload-artifact@v3 with: name: test-report.csv - path: TestReport* + path: codeql-coding-standards/TestReport*.csv if-no-files-found: error \ No newline at end of file From 78d2ccd12fb8afceb7c6799e4c8ea56c7040518b Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 12 Jan 2023 12:26:58 -0500 Subject: [PATCH 0239/2573] paths --- .github/workflows/extra-rule-validation.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/extra-rule-validation.yml b/.github/workflows/extra-rule-validation.yml index d5d2cb7ebe..48f88d9e66 100644 --- a/.github/workflows/extra-rule-validation.yml +++ b/.github/workflows/extra-rule-validation.yml @@ -41,12 +41,12 @@ jobs: - uses: actions/upload-artifact@v3 with: name: missing-test-report.csv - path: codeql-coding-standards/MissingTestReport*.csv + path: /home/runner/work/codeql-coding-standards/codeql-coding-standards/MissingTestReport*.csv if-no-files-found: error - uses: actions/upload-artifact@v3 with: name: test-report.csv - path: codeql-coding-standards/TestReport*.csv + path: /home/runner/work/codeql-coding-standards/codeql-coding-standards/TestReport*.csv if-no-files-found: error \ No newline at end of file From e318e4c590c645b03fd4091190692893f47325e1 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 12 Jan 2023 12:28:47 -0500 Subject: [PATCH 0240/2573] test --- .github/workflows/extra-rule-validation.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/extra-rule-validation.yml b/.github/workflows/extra-rule-validation.yml index 48f88d9e66..53ae2b533b 100644 --- a/.github/workflows/extra-rule-validation.yml +++ b/.github/workflows/extra-rule-validation.yml @@ -41,12 +41,11 @@ jobs: - uses: actions/upload-artifact@v3 with: name: missing-test-report.csv - path: /home/runner/work/codeql-coding-standards/codeql-coding-standards/MissingTestReport*.csv - if-no-files-found: error + path: MissingTestReport*.csv - uses: actions/upload-artifact@v3 with: name: test-report.csv - path: /home/runner/work/codeql-coding-standards/codeql-coding-standards/TestReport*.csv + path: TestReport*.csv if-no-files-found: error \ No newline at end of file From 04fa545f13b7a62cfff567f2eecb9596d89626bc Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 12 Jan 2023 12:30:51 -0500 Subject: [PATCH 0241/2573] failures --- .github/workflows/extra-rule-validation.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/extra-rule-validation.yml b/.github/workflows/extra-rule-validation.yml index 53ae2b533b..771fcc7233 100644 --- a/.github/workflows/extra-rule-validation.yml +++ b/.github/workflows/extra-rule-validation.yml @@ -37,6 +37,10 @@ jobs: shell: pwsh run: scripts/util/Test-SharedImplementationsHaveTestCases.ps1 -Language cpp -CIMode + - name: Ensure C Shared Rules Have Valid Structure + shell: pwsh + run: scripts/util/Test-SharedImplementationsHaveTestCases.ps1 -Language c -CIMode + - uses: actions/upload-artifact@v3 with: From 69587533af7c8249519eb90d1d2f068009a72224 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 12 Jan 2023 12:36:10 -0500 Subject: [PATCH 0242/2573] miss --- scripts/util/Test-SharedImplementationsHaveTestCases.ps1 | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/scripts/util/Test-SharedImplementationsHaveTestCases.ps1 b/scripts/util/Test-SharedImplementationsHaveTestCases.ps1 index b958e7bede..09d2b49a81 100644 --- a/scripts/util/Test-SharedImplementationsHaveTestCases.ps1 +++ b/scripts/util/Test-SharedImplementationsHaveTestCases.ps1 @@ -62,6 +62,8 @@ foreach($q in $queriesToCheck){ if(-not (Test-Path $testDirectory)){ Write-Host "Test directory $testDirectory does not exist." + $REPORT += $row + continue } @@ -89,7 +91,6 @@ foreach($q in $queriesToCheck){ Write-Host "-QL $((Join-Path $testDirectory "$sharedName.ql")) missing" } - $REPORT += $row } From 454833d72681f865b705a7dc95a7c3ed336d7e1b Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 12 Jan 2023 12:38:21 -0500 Subject: [PATCH 0243/2573] failure --- .github/workflows/extra-rule-validation.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/extra-rule-validation.yml b/.github/workflows/extra-rule-validation.yml index 771fcc7233..218d0d171a 100644 --- a/.github/workflows/extra-rule-validation.yml +++ b/.github/workflows/extra-rule-validation.yml @@ -43,13 +43,16 @@ jobs: - uses: actions/upload-artifact@v3 + if: failure() with: name: missing-test-report.csv path: MissingTestReport*.csv - uses: actions/upload-artifact@v3 + if: failure() with: name: test-report.csv path: TestReport*.csv if-no-files-found: error - \ No newline at end of file + + From 5e20f8a0e4be9847ecb68474e1fb841e480f5c86 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Thu, 12 Jan 2023 23:25:35 +0000 Subject: [PATCH 0244/2573] DeadCode: Remove outdated comment --- cpp/common/src/codingstandards/cpp/rules/deadcode/DeadCode.qll | 1 - 1 file changed, 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/deadcode/DeadCode.qll b/cpp/common/src/codingstandards/cpp/rules/deadcode/DeadCode.qll index 547a52bc4d..4a008dc15a 100644 --- a/cpp/common/src/codingstandards/cpp/rules/deadcode/DeadCode.qll +++ b/cpp/common/src/codingstandards/cpp/rules/deadcode/DeadCode.qll @@ -6,7 +6,6 @@ * - A block that contain only dead statements. * - A do loop whose condition is pure, and whose body contains only dead statements. * - An if statement whose condition is pure, and whose then and else clauses (where they exist) only contain dead statements. - * - A label statement to which the code never jumps. * - A while loop whose condition is pure, and whose body contains only dead statements. * - Expression statements whose expressions are pure. * - Writes to a non-static stack variable that is never subsequently read in live code. From a53e650850b43db669c02dc2857c68bc1eac9144 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Thu, 12 Jan 2023 23:46:54 +0000 Subject: [PATCH 0245/2573] EssentialTypes: create a new package Update the rules.csv to identify a new package dealing with the "essential" types identified by MISRA C 2012. --- rules.csv | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/rules.csv b/rules.csv index 1e299ae44c..d6d625bfe2 100644 --- a/rules.csv +++ b/rules.csv @@ -665,14 +665,14 @@ c,MISRA-C-2012,RULE-9-2,Yes,Required,,,The initializer for an aggregate or union c,MISRA-C-2012,RULE-9-3,Yes,Required,,,Arrays shall not be partially initialized,,Memory,Medium, c,MISRA-C-2012,RULE-9-4,Yes,Required,,,An element of an object shall not be initialized more than once,,Memory,Medium, c,MISRA-C-2012,RULE-9-5,Yes,Required,,,Where designated initializers are used to initialize an array object the size of the array shall be specified explicitly,,Memory,Medium, -c,MISRA-C-2012,RULE-10-1,Yes,Required,,,Operands shall not be of an inappropriate essential type,,Types,Hard, -c,MISRA-C-2012,RULE-10-2,Yes,Required,,,Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations,,Types,Medium, -c,MISRA-C-2012,RULE-10-3,Yes,Required,,,The value of an expression shall not be assigned to an object with a narrower essential type or of a different essential type category,,Types,Hard, -c,MISRA-C-2012,RULE-10-4,Yes,Required,,,Both operands of an operator in which the usual arithmetic conversions are performed shall have the same essential type category,,Types,Medium, -c,MISRA-C-2012,RULE-10-5,Yes,Advisory,,,The value of an expression should not be cast to an inappropriate essential type,,Types,Medium, -c,MISRA-C-2012,RULE-10-6,Yes,Required,,,The value of a composite expression shall not be assigned to an object with wider essential type,,Types,Medium, -c,MISRA-C-2012,RULE-10-7,Yes,Required,,,If a composite expression is used as one operand of an operator in which the usual arithmetic conversions are performed then the other operand shall not have wider essential type,,Types,Medium, -c,MISRA-C-2012,RULE-10-8,Yes,Required,,,The value of a composite expression shall not be cast to a different essential type category or a wider essential type,,Types,Medium, +c,MISRA-C-2012,RULE-10-1,Yes,Required,,,Operands shall not be of an inappropriate essential type,,EssentialTypes,Hard, +c,MISRA-C-2012,RULE-10-2,Yes,Required,,,Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations,,EssentialTypes,Medium, +c,MISRA-C-2012,RULE-10-3,Yes,Required,,,The value of an expression shall not be assigned to an object with a narrower essential type or of a different essential type category,,EssentialTypes,Hard, +c,MISRA-C-2012,RULE-10-4,Yes,Required,,,Both operands of an operator in which the usual arithmetic conversions are performed shall have the same essential type category,,EssentialTypes,Medium, +c,MISRA-C-2012,RULE-10-5,Yes,Advisory,,,The value of an expression should not be cast to an inappropriate essential type,,EssentialTypes,Medium, +c,MISRA-C-2012,RULE-10-6,Yes,Required,,,The value of a composite expression shall not be assigned to an object with wider essential type,,EssentialTypes,Medium, +c,MISRA-C-2012,RULE-10-7,Yes,Required,,,If a composite expression is used as one operand of an operator in which the usual arithmetic conversions are performed then the other operand shall not have wider essential type,,EssentialTypes,Medium, +c,MISRA-C-2012,RULE-10-8,Yes,Required,,,The value of a composite expression shall not be cast to a different essential type category or a wider essential type,,EssentialTypes,Medium, c,MISRA-C-2012,RULE-11-1,Yes,Required,,,Conversions shall not be performed between a pointer to a function and any other type,M5-2-6,Pointers1,Import, c,MISRA-C-2012,RULE-11-2,Yes,Required,,,Conversions shall not be performed between a pointer to an incomplete type and any other type,,Pointers1,Easy, c,MISRA-C-2012,RULE-11-3,Yes,Required,,,A cast shall not be performed between a pointer to object type and a pointer to a different object type,,Pointers1,Easy, @@ -693,7 +693,7 @@ c,MISRA-C-2012,RULE-13-3,Yes,Advisory,,,A full expression containing an incremen c,MISRA-C-2012,RULE-13-4,Yes,Advisory,,,The result of an assignment operator should not be used,M6-2-1,SideEffects1,Easy, c,MISRA-C-2012,RULE-13-5,Yes,Required,,,The right hand operand of a logical && or || operator shall not contain persistent side effects,M5-14-1,SideEffects1,Import, c,MISRA-C-2012,RULE-13-6,Yes,Mandatory,,,The operand of the sizeof operator shall not contain any expression which has potential side effects,M5-3-4,SideEffects1,Import, -c,MISRA-C-2012,RULE-14-1,Yes,Required,,,A loop counter shall not have essentially floating type,FLP30-C A6-5-2,Types,Hard, +c,MISRA-C-2012,RULE-14-1,Yes,Required,,,A loop counter shall not have essentially floating type,FLP30-C A6-5-2,EssentialTypes,Hard, c,MISRA-C-2012,RULE-14-2,Yes,Required,,,A for loop shall be well-formed,M6-5-1...M6-5-6,Statements,Medium, c,MISRA-C-2012,RULE-14-3,Yes,Required,,,Controlling expressions shall not be invariant,,Statements,Medium, c,MISRA-C-2012,RULE-14-4,Yes,Required,,,The controlling expression of an if statement and the controlling expression of an iteration-statement shall have essentially Boolean type,A5-0-2,Statements,Medium, @@ -756,7 +756,7 @@ c,MISRA-C-2012,RULE-21-10,Yes,Required,,,The Standard Library time and date func c,MISRA-C-2012,RULE-21-11,Yes,Required,,,The standard header file shall not be used,,Banned,Easy, c,MISRA-C-2012,RULE-21-12,Yes,Advisory,,,The exception handling features of should not be used,,Banned,Easy, c,MISRA-C-2012,RULE-21-13,Yes,Mandatory,,,Any value passed to a function in shall be representable as an unsigned char or be the value EOF,,Types,Medium, -c,MISRA-C-2012,RULE-21-14,Yes,Required,,,The Standard Library function memcmp shall not be used to compare null terminated strings,,Types,Hard, +c,MISRA-C-2012,RULE-21-14,Yes,Required,,,The Standard Library function memcmp shall not be used to compare null terminated strings,,EssentialTypes,Hard, c,MISRA-C-2012,RULE-21-15,Yes,Required,,,"The pointer arguments to the Standard Library functions memcpy, memmove and memcmp shall be pointers to qualified or unqualified versions of compatible types",,Types,Medium, c,MISRA-C-2012,RULE-21-16,Yes,Required,,,"The pointer arguments to the Standard Library function memcmp shall point to either a pointer type, an essentially signed type, an essentially unsigned type, an essentially Boolean type or an essentially enum type",,Types,Medium, c,MISRA-C-2012,RULE-21-17,Yes,Mandatory,,,Use of the string handling functions from shall not result in accesses beyond the bounds of the objects referenced by their pointer parameters,,Memory,Hard, From a1349517e1183e2ad509c820b3da804f76a946a9 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Fri, 13 Jan 2023 18:16:04 +0000 Subject: [PATCH 0246/2573] DeadCode: use stdbool for dead code test case --- .../test/rules/deadcode/DeadCode.expected | 22 +++++++++---------- c/common/test/rules/deadcode/test.c | 4 +--- 2 files changed, 12 insertions(+), 14 deletions(-) diff --git a/c/common/test/rules/deadcode/DeadCode.expected b/c/common/test/rules/deadcode/DeadCode.expected index c6b48c5e2b..7757e2087d 100644 --- a/c/common/test/rules/deadcode/DeadCode.expected +++ b/c/common/test/rules/deadcode/DeadCode.expected @@ -1,11 +1,11 @@ -| test.c:20:3:20:27 | declaration | This statement is dead code. | -| test.c:21:3:21:12 | ExprStmt | This statement is dead code. | -| test.c:22:3:22:12 | ExprStmt | This statement is dead code. | -| test.c:24:3:26:3 | if (...) ... | This statement is dead code. | -| test.c:36:3:37:3 | if (...) ... | This statement is dead code. | -| test.c:39:3:39:4 | { ... } | This statement is dead code. | -| test.c:40:3:42:3 | { ... } | This statement is dead code. | -| test.c:56:6:57:3 | { ... } | This statement is dead code. | -| test.c:67:46:68:3 | { ... } | This statement is dead code. | -| test.c:71:3:71:8 | ExprStmt | This statement is dead code. | -| test.c:73:3:73:21 | ExprStmt | This statement is dead code. | +| test.c:18:3:18:27 | declaration | This statement is dead code. | +| test.c:19:3:19:12 | ExprStmt | This statement is dead code. | +| test.c:20:3:20:12 | ExprStmt | This statement is dead code. | +| test.c:22:3:24:3 | if (...) ... | This statement is dead code. | +| test.c:34:3:35:3 | if (...) ... | This statement is dead code. | +| test.c:37:3:37:4 | { ... } | This statement is dead code. | +| test.c:38:3:40:3 | { ... } | This statement is dead code. | +| test.c:54:6:55:3 | { ... } | This statement is dead code. | +| test.c:65:46:66:3 | { ... } | This statement is dead code. | +| test.c:69:3:69:8 | ExprStmt | This statement is dead code. | +| test.c:71:3:71:21 | ExprStmt | This statement is dead code. | diff --git a/c/common/test/rules/deadcode/test.c b/c/common/test/rules/deadcode/test.c index bd18e6aeb5..f8c10f5c05 100644 --- a/c/common/test/rules/deadcode/test.c +++ b/c/common/test/rules/deadcode/test.c @@ -1,8 +1,6 @@ // NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND // CHANGES SHOULD BE REFLECTED THERE AS WELL. -// Define true/false for compatibility with C++ test cases -#define false 0 -#define true 1 +#include int may_have_side_effects(); int no_side_effects(int x) { return 1 + 2; } From a763128786be880186b488bd860c01f487a901af Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Fri, 13 Jan 2023 18:24:01 +0000 Subject: [PATCH 0247/2573] DeadCode: Format test file --- c/common/test/rules/deadcode/test.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/common/test/rules/deadcode/test.c b/c/common/test/rules/deadcode/test.c index f8c10f5c05..87ec74d924 100644 --- a/c/common/test/rules/deadcode/test.c +++ b/c/common/test/rules/deadcode/test.c @@ -1,6 +1,6 @@ // NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND // CHANGES SHOULD BE REFLECTED THERE AS WELL. -#include +#include int may_have_side_effects(); int no_side_effects(int x) { return 1 + 2; } From 2fc4350eeaa910fcda8ec17f9c6b0a7515c5b6fb Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 13 Jan 2023 16:59:57 -0500 Subject: [PATCH 0248/2573] fix imported rule --- .../UsageOfAssemblerNotDocumented.expected | 1 + .../UsageOfAssemblerNotDocumented.ql | 2 ++ .../test/rules/usageofassemblernotdocumented/test.c | 12 ++++++++++++ 3 files changed, 15 insertions(+) create mode 100644 c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.expected create mode 100644 c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql create mode 100644 c/common/test/rules/usageofassemblernotdocumented/test.c diff --git a/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.expected b/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.expected new file mode 100644 index 0000000000..aa625dd58a --- /dev/null +++ b/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.expected @@ -0,0 +1 @@ +| test.cpp:8:42:8:58 | asm statement | Use of assembler is not documented. | diff --git a/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql b/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql new file mode 100644 index 0000000000..7f9e1041a2 --- /dev/null +++ b/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.usageofassemblernotdocumented.UsageOfAssemblerNotDocumented diff --git a/c/common/test/rules/usageofassemblernotdocumented/test.c b/c/common/test/rules/usageofassemblernotdocumented/test.c new file mode 100644 index 0000000000..16e0f9ca91 --- /dev/null +++ b/c/common/test/rules/usageofassemblernotdocumented/test.c @@ -0,0 +1,12 @@ +// COMPLIANT +void test_assembly_is_documented() { + // This comment serves as documentation + __asm__("ret\n"); +} + +// NON_COMPLIANT +void test_assembly_is_not_documented() { __asm__("ret\n"); } + +// COMPLIANT +#define RETURN __asm__("ret\n") +void test_undocumented_assembly_from_macro() { RETURN; } \ No newline at end of file From 0df6feef7520817d0e6fecf4bd1f0de85d02d933 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 13 Jan 2023 17:03:19 -0500 Subject: [PATCH 0249/2573] fixes --- .../HashOperatorsUsed.expected | 4 ++++ .../hashoperatorsused/HashOperatorsUsed.ql | 2 ++ c/common/test/rules/hashoperatorsused/test.c | 21 +++++++++++++++++++ .../usageofassemblernotdocumented/test.c | 2 ++ .../test/rules/hashoperatorsused/test.cpp | 2 ++ .../usageofassemblernotdocumented/test.cpp | 2 ++ 6 files changed, 33 insertions(+) create mode 100644 c/common/test/rules/hashoperatorsused/HashOperatorsUsed.expected create mode 100644 c/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql create mode 100644 c/common/test/rules/hashoperatorsused/test.c diff --git a/c/common/test/rules/hashoperatorsused/HashOperatorsUsed.expected b/c/common/test/rules/hashoperatorsused/HashOperatorsUsed.expected new file mode 100644 index 0000000000..e36c372d5b --- /dev/null +++ b/c/common/test/rules/hashoperatorsused/HashOperatorsUsed.expected @@ -0,0 +1,4 @@ +| test.cpp:9:1:9:22 | #define MACROFIVE(X) #X | Macro definition uses the # or ## operator. | +| test.cpp:11:1:11:26 | #define MACROSIX(X,Y) X ## Y | Macro definition uses the # or ## operator. | +| test.cpp:13:1:13:29 | #define MACROSEVEN "##'" #"#" | Macro definition uses the # or ## operator. | +| test.cpp:15:1:15:28 | #define MACROEIGHT '##' #"#" | Macro definition uses the # or ## operator. | diff --git a/c/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql b/c/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql new file mode 100644 index 0000000000..d0ead0b289 --- /dev/null +++ b/c/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.hashoperatorsused.HashOperatorsUsed diff --git a/c/common/test/rules/hashoperatorsused/test.c b/c/common/test/rules/hashoperatorsused/test.c new file mode 100644 index 0000000000..f5dee3d536 --- /dev/null +++ b/c/common/test/rules/hashoperatorsused/test.c @@ -0,0 +1,21 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. +#define MACROONE 1 // COMPLIANT + +#define MACROTWO '#' // COMPLIANT + +#define MACROTHREE "##" // COMPLIANT + +#define MACROFOUR "##" + "#" // COMPLIANT + +#define MACROFIVE(X) #X // NON_COMPLIANT + +#define MACROSIX(X, Y) X##Y // NON_COMPLIANT + +#define MACROSEVEN "##'" #"#" // NON_COMPLIANT + +#define MACROEIGHT '##' #"#" // NON_COMPLIANT + +#define MACRONINE "##\"\"" + "#" // COMPLIANT + +#define MACROTEN "##\"\"'" + "#" // COMPLIANT \ No newline at end of file diff --git a/c/common/test/rules/usageofassemblernotdocumented/test.c b/c/common/test/rules/usageofassemblernotdocumented/test.c index 16e0f9ca91..00e0fee68b 100644 --- a/c/common/test/rules/usageofassemblernotdocumented/test.c +++ b/c/common/test/rules/usageofassemblernotdocumented/test.c @@ -1,3 +1,5 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. // COMPLIANT void test_assembly_is_documented() { // This comment serves as documentation diff --git a/cpp/common/test/rules/hashoperatorsused/test.cpp b/cpp/common/test/rules/hashoperatorsused/test.cpp index 422bde164c..1ce4fd9a72 100644 --- a/cpp/common/test/rules/hashoperatorsused/test.cpp +++ b/cpp/common/test/rules/hashoperatorsused/test.cpp @@ -1,3 +1,5 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. #define MACROONE 1 // COMPLIANT #define MACROTWO '#' // COMPLIANT diff --git a/cpp/common/test/rules/usageofassemblernotdocumented/test.cpp b/cpp/common/test/rules/usageofassemblernotdocumented/test.cpp index 16e0f9ca91..08096d26dc 100644 --- a/cpp/common/test/rules/usageofassemblernotdocumented/test.cpp +++ b/cpp/common/test/rules/usageofassemblernotdocumented/test.cpp @@ -1,3 +1,5 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. // COMPLIANT void test_assembly_is_documented() { // This comment serves as documentation From d7936d19dcf5f0d1c073c0d77466a92a1e201005 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 13 Jan 2023 17:04:43 -0500 Subject: [PATCH 0250/2573] fixes --- ...tionsOfCodeShallNotBeCommentedOut.expected | 20 ++ .../SectionsOfCodeShallNotBeCommentedOut.ql | 2 + .../config.h | 0 .../test.c | 172 ++++++++++++++++++ .../test.cpp | 2 + 5 files changed, 196 insertions(+) create mode 100644 c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.expected create mode 100644 c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql create mode 100644 c/common/test/rules/sectionsofcodeshallnotbecommentedout/config.h create mode 100644 c/common/test/rules/sectionsofcodeshallnotbecommentedout/test.c diff --git a/c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.expected b/c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.expected new file mode 100644 index 0000000000..bd67e19880 --- /dev/null +++ b/c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.expected @@ -0,0 +1,20 @@ +| test.cpp:37:1:37:39 | // int myFunction() { return myValue; } | This comment appears to contain commented-out code. | +| test.cpp:39:1:39:45 | // int myFunction() const { return myValue; } | This comment appears to contain commented-out code. | +| test.cpp:41:1:41:54 | // int myFunction() const noexcept { return myValue; } | This comment appears to contain commented-out code. | +| test.cpp:43:1:43:18 | // #define MYMACRO | This comment appears to contain commented-out code. | +| test.cpp:45:1:45:23 | // #include "include.h" | This comment appears to contain commented-out code. | +| test.cpp:47:1:51:2 | /*\n#ifdef\nvoid myFunction();\n#endif\n*/ | This comment appears to contain commented-out code. | +| test.cpp:59:1:59:24 | // #if(defined(MYMACRO)) | This comment appears to contain commented-out code. | +| test.cpp:63:1:63:15 | // #pragma once | This comment appears to contain commented-out code. | +| test.cpp:65:1:65:17 | // # pragma once | This comment appears to contain commented-out code. | +| test.cpp:67:1:67:19 | /*#error"myerror"*/ | This comment appears to contain commented-out code. | +| test.cpp:91:1:95:2 | /*\n#ifdef MYMACRO\n // ...\n#endif // #ifdef MYMACRO\n*/ | This comment appears to contain commented-out code. | +| test.cpp:106:21:106:43 | // #include "config2.h" | This comment appears to contain commented-out code. | +| test.cpp:112:16:112:35 | /* #ifdef MYMACRO */ | This comment appears to contain commented-out code. | +| test.cpp:116:1:116:24 | // commented_out_code(); | This comment appears to contain commented-out code. | +| test.cpp:119:2:119:25 | // commented_out_code(); | This comment appears to contain commented-out code. | +| test.cpp:122:1:122:22 | // commented out code; | This comment appears to contain commented-out code. | +| test.cpp:124:1:127:8 | // some; | This comment appears to contain commented-out code. | +| test.cpp:129:1:133:8 | // also; | This comment appears to contain commented-out code. | +| test.cpp:141:1:146:2 | /*\n some;\n commented;\n out;\n code;\n*/ | This comment appears to contain commented-out code. | +| test.cpp:148:1:154:2 | /*\n also;\n this\n is;\n commented-out\n code;\n*/ | This comment appears to contain commented-out code. | diff --git a/c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql b/c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql new file mode 100644 index 0000000000..c60068c7cc --- /dev/null +++ b/c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.sectionsofcodeshallnotbecommentedout.SectionsOfCodeShallNotBeCommentedOut diff --git a/c/common/test/rules/sectionsofcodeshallnotbecommentedout/config.h b/c/common/test/rules/sectionsofcodeshallnotbecommentedout/config.h new file mode 100644 index 0000000000..e69de29bb2 diff --git a/c/common/test/rules/sectionsofcodeshallnotbecommentedout/test.c b/c/common/test/rules/sectionsofcodeshallnotbecommentedout/test.c new file mode 100644 index 0000000000..cb4d47aa79 --- /dev/null +++ b/c/common/test/rules/sectionsofcodeshallnotbecommentedout/test.c @@ -0,0 +1,172 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. +/* + * This sentence contains a semicolon; + * however, this doesn't make it code. + */ + +// This sentence contains a semicolon; +// however, this doesn't make it code. + +/* Mention a ';' */ + +/* Mention a '{' */ + +/* JSON example: {"foo":"bar"} */ + +/* JSON example in backticks: `{"foo":"bar"}` */ + +/* JSON example in quotes: '{"foo":"bar"}' */ + +/* + * Code example: `return 0;`. + */ + +// Code example: +// +// return 0; + +// Code example: +// +// ``` +// return 0; +// ``` + +// { 1, 2, 3, 4 } + +// Example: { 1, 2, 3, 4 } + +// int myFunction() { return myValue; } + +// int myFunction() const { return myValue; } + +// int myFunction() const noexcept { return myValue; } + +// #define MYMACRO + +// #include "include.h" + +/* +#ifdef +void myFunction(); +#endif +*/ + +// define some constants + +// don't #include anything here + +// #hashtag + +// #if(defined(MYMACRO)) + +// #iffy + +// #pragma once + +// # pragma once + +/*#error"myerror"*/ + +#ifdef MYMACRO + +// ... + +#endif // #ifdef MYMACRO + +#if !defined(MYMACRO) + +// ... + +#else // #if !defined(MYMACRO) + +// ... + +#endif // #else #if !defined(MYMACRO) + +#ifdef MYMACRO + +// ... + +#endif // #ifdef MYMACRO (comment) + +/* +#ifdef MYMACRO + // ... +#endif // #ifdef MYMACRO +*/ + +#ifdef MYMACRO1 +#ifdef MYMACRO2 + +// ... + +// comment at end of block +#endif // #ifdef MYMACRO2 +#endif // #ifdef MYMACRO1 + +#include "config.h" // #include "config2.h" + +#ifdef MYMACRO + +// ... + +#error "error" /* #ifdef MYMACRO */ + +#endif /* #ifdef MYMACRO */ + +// commented_out_code(); + +#if 0 + // commented_out_code(); +#endif + +// commented out code; + +// some; +// commented; +// out; +// code; + +// also; +// this +// is; +// commented-out +// code; + +// this +// is; +// not +// commented-out; +// code + +/* + some; + commented; + out; + code; +*/ + +/* + also; + this + is; + commented-out + code; +*/ + +/* + this + is; + not + commented-out; + code +*/ + +/* + * documentation; + * not; + * commented; + * out; + * code; + */ diff --git a/cpp/common/test/rules/sectionsofcodeshallnotbecommentedout/test.cpp b/cpp/common/test/rules/sectionsofcodeshallnotbecommentedout/test.cpp index 97d40f2353..389bff5f74 100644 --- a/cpp/common/test/rules/sectionsofcodeshallnotbecommentedout/test.cpp +++ b/cpp/common/test/rules/sectionsofcodeshallnotbecommentedout/test.cpp @@ -1,3 +1,5 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. /* * This sentence contains a semicolon; * however, this doesn't make it code. From b5f82c0c36b6359cae00739b337adf9b5d730847 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 13 Jan 2023 17:06:19 -0500 Subject: [PATCH 0251/2573] fixes --- ...iersNotTypographicallyUnambiguous.expected | 31 +++++++++ ...dentifiersNotTypographicallyUnambiguous.ql | 2 + .../test.c | 67 +++++++++++++++++++ .../test.cpp | 2 + 4 files changed, 102 insertions(+) create mode 100644 c/common/test/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.expected create mode 100644 c/common/test/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.ql create mode 100644 c/common/test/rules/differentidentifiersnottypographicallyunambiguous/test.c diff --git a/c/common/test/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.expected b/c/common/test/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.expected new file mode 100644 index 0000000000..85fc9c161a --- /dev/null +++ b/c/common/test/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.expected @@ -0,0 +1,31 @@ +| test.cpp:2:5:2:13 | case1_FOO | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:2:5:2:13 | case1_FOO | case1_FOO | test.cpp:1:5:1:13 | case1_foo | case1_foo | +| test.cpp:2:5:2:13 | case1_FOO | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:2:5:2:13 | case1_FOO | case1_FOO | test.cpp:3:5:3:13 | case1_fOo | case1_fOo | +| test.cpp:3:5:3:13 | case1_fOo | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:3:5:3:13 | case1_fOo | case1_fOo | test.cpp:1:5:1:13 | case1_foo | case1_foo | +| test.cpp:6:5:6:15 | case2_f_o_o | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:6:5:6:15 | case2_f_o_o | case2_f_o_o | test.cpp:5:5:5:13 | case2_foo | case2_foo | +| test.cpp:9:5:9:13 | case3_fO0 | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:9:5:9:13 | case3_fO0 | case3_fO0 | test.cpp:8:5:8:13 | case3_fOO | case3_fOO | +| test.cpp:11:5:11:12 | case4_II | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:11:5:11:12 | case4_II | case4_II | test.cpp:13:5:13:12 | case4_Il | case4_Il | +| test.cpp:12:5:12:12 | case4_I1 | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:12:5:12:12 | case4_I1 | case4_I1 | test.cpp:11:5:11:12 | case4_II | case4_II | +| test.cpp:12:5:12:12 | case4_I1 | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:12:5:12:12 | case4_I1 | case4_I1 | test.cpp:13:5:13:12 | case4_Il | case4_Il | +| test.cpp:16:5:16:11 | case5_5 | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:16:5:16:11 | case5_5 | case5_5 | test.cpp:15:5:15:11 | case5_S | case5_S | +| test.cpp:19:5:19:11 | case6_2 | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:19:5:19:11 | case6_2 | case6_2 | test.cpp:18:5:18:11 | case6_Z | case6_Z | +| test.cpp:22:5:22:11 | case7_h | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:22:5:22:11 | case7_h | case7_h | test.cpp:21:5:21:11 | case7_n | case7_n | +| test.cpp:25:5:25:11 | case8_8 | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:25:5:25:11 | case8_8 | case8_8 | test.cpp:24:5:24:11 | case8_B | case8_B | +| test.cpp:28:5:28:11 | case9_m | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:28:5:28:11 | case9_m | case9_m | test.cpp:27:5:27:12 | case9_rn | case9_rn | +| test.cpp:29:5:29:12 | case9_rh | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:29:5:29:12 | case9_rh | case9_rh | test.cpp:27:5:27:12 | case9_rn | case9_rn | +| test.cpp:32:5:32:15 | case10_xmmx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:32:5:32:15 | case10_xmmx | case10_xmmx | test.cpp:31:5:31:17 | case10_xrnrnx | case10_xrnrnx | +| test.cpp:32:5:32:15 | case10_xmmx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:32:5:32:15 | case10_xmmx | case10_xmmx | test.cpp:33:5:33:16 | case10_xmrnx | case10_xmrnx | +| test.cpp:32:5:32:15 | case10_xmmx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:32:5:32:15 | case10_xmmx | case10_xmmx | test.cpp:34:5:34:16 | case10_xrnmx | case10_xrnmx | +| test.cpp:33:5:33:16 | case10_xmrnx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:33:5:33:16 | case10_xmrnx | case10_xmrnx | test.cpp:31:5:31:17 | case10_xrnrnx | case10_xrnrnx | +| test.cpp:33:5:33:16 | case10_xmrnx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:33:5:33:16 | case10_xmrnx | case10_xmrnx | test.cpp:34:5:34:16 | case10_xrnmx | case10_xrnmx | +| test.cpp:33:5:33:16 | case10_xmrnx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:33:5:33:16 | case10_xmrnx | case10_xmrnx | test.cpp:35:5:35:17 | case10_xrnrhx | case10_xrnrhx | +| test.cpp:34:5:34:16 | case10_xrnmx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:34:5:34:16 | case10_xrnmx | case10_xrnmx | test.cpp:31:5:31:17 | case10_xrnrnx | case10_xrnrnx | +| test.cpp:35:5:35:17 | case10_xrnrhx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:35:5:35:17 | case10_xrnrhx | case10_xrnrhx | test.cpp:31:5:31:17 | case10_xrnrnx | case10_xrnrnx | +| test.cpp:36:5:36:17 | case10_xrhrhx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:36:5:36:17 | case10_xrhrhx | case10_xrhrhx | test.cpp:31:5:31:17 | case10_xrnrnx | case10_xrnrnx | +| test.cpp:36:5:36:17 | case10_xrhrhx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:36:5:36:17 | case10_xrhrhx | case10_xrhrhx | test.cpp:35:5:35:17 | case10_xrnrhx | case10_xrnrhx | +| test.cpp:37:5:37:16 | case10_xmrhx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:37:5:37:16 | case10_xmrhx | case10_xmrhx | test.cpp:31:5:31:17 | case10_xrnrnx | case10_xrnrnx | +| test.cpp:37:5:37:16 | case10_xmrhx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:37:5:37:16 | case10_xmrhx | case10_xmrhx | test.cpp:33:5:33:16 | case10_xmrnx | case10_xmrnx | +| test.cpp:37:5:37:16 | case10_xmrhx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:37:5:37:16 | case10_xmrhx | case10_xmrhx | test.cpp:35:5:35:17 | case10_xrnrhx | case10_xrnrhx | +| test.cpp:38:5:38:16 | case10_xrhmx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:38:5:38:16 | case10_xrhmx | case10_xrhmx | test.cpp:31:5:31:17 | case10_xrnrnx | case10_xrnrnx | +| test.cpp:38:5:38:16 | case10_xrhmx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:38:5:38:16 | case10_xrhmx | case10_xrhmx | test.cpp:34:5:34:16 | case10_xrnmx | case10_xrnmx | +| test.cpp:40:15:40:22 | case11_O | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:40:15:40:22 | case11_O | case11_O | test.cpp:40:5:40:12 | case11_o | case11_o | +| test.cpp:43:5:43:14 | case12_8bB | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:43:5:43:14 | case12_8bB | case12_8bB | test.cpp:42:5:42:14 | case12_BBb | case12_BBb | diff --git a/c/common/test/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.ql b/c/common/test/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.ql new file mode 100644 index 0000000000..17134b9eba --- /dev/null +++ b/c/common/test/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.differentidentifiersnottypographicallyunambiguous.DifferentIdentifiersNotTypographicallyUnambiguous diff --git a/c/common/test/rules/differentidentifiersnottypographicallyunambiguous/test.c b/c/common/test/rules/differentidentifiersnottypographicallyunambiguous/test.c new file mode 100644 index 0000000000..c6bfd9ff9b --- /dev/null +++ b/c/common/test/rules/differentidentifiersnottypographicallyunambiguous/test.c @@ -0,0 +1,67 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. +int case1_foo; +int case1_FOO; // NON_COMPLIANT +int case1_fOo; // NON_COMPLIANT + +int case2_foo; +int case2_f_o_o; // NON_COMPLIANT + +int case3_fOO; +int case3_fO0; // NON_COMPLIANT + +int case4_II; +int case4_I1; // NON_COMPLIANT +int case4_Il; // NON_COMPLIANT + +int case5_S; +int case5_5; // NON_COMPLIANT + +int case6_Z; +int case6_2; // NON_COMPLIANT + +int case7_n; +int case7_h; // NON_COMPLIANT + +int case8_B; +int case8_8; // NON_COMPLIANT + +int case9_rn; +int case9_m; // NON_COMPLIANT +int case9_rh; // NON_COMPLIANT + +int case10_xrnrnx; +int case10_xmmx; // NON_COMPLIANT +int case10_xmrnx; // NON_COMPLIANT +int case10_xrnmx; // NON_COMPLIANT +int case10_xrnrhx; // NON_COMPLIANT +int case10_xrhrhx; // NON_COMPLIANT +int case10_xmrhx; // NON_COMPLIANT +int case10_xrhmx; // NON_COMPLIANT + +int case11_o, case11_O; // NON_COMPLIANT + +int case12_BBb; +int case12_8bB; // NON_COMPLIANT + +// Transitive rules are compliant + +// m -> rn -> rh +int case13_m; +int case13_rh; // COMPLIANT + +// b -> B -> 8 +int case14_b; +int case14_8; // COMPLIANT + +// z -> Z -> 2 +int case15_z; +int case15_2; // COMPLIANT + +// s -> S -> 5 +int case16_s; +int case16_5; // COMPLIANT + +// o -> O -> 0 +int case17_o; +int case17_0; \ No newline at end of file diff --git a/cpp/common/test/rules/differentidentifiersnottypographicallyunambiguous/test.cpp b/cpp/common/test/rules/differentidentifiersnottypographicallyunambiguous/test.cpp index 390d59323f..e65d7f6e80 100644 --- a/cpp/common/test/rules/differentidentifiersnottypographicallyunambiguous/test.cpp +++ b/cpp/common/test/rules/differentidentifiersnottypographicallyunambiguous/test.cpp @@ -1,3 +1,5 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. int case1_foo; int case1_FOO; // NON_COMPLIANT int case1_fOo; // NON_COMPLIANT From a331a62c609ec65ba45ce01dec967e806c70121d Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 13 Jan 2023 17:08:31 -0500 Subject: [PATCH 0252/2573] fixes --- .../DoNotUseRandForGeneratingPseudorandomNumbers.expected | 1 + .../DoNotUseRandForGeneratingPseudorandomNumbers.ql | 2 ++ .../donotuserandforgeneratingpseudorandomnumbers/test.c | 5 +++++ .../donotuserandforgeneratingpseudorandomnumbers/test.cpp | 2 ++ 4 files changed, 10 insertions(+) create mode 100644 c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.expected create mode 100644 c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql create mode 100644 c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/test.c diff --git a/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.expected b/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.expected new file mode 100644 index 0000000000..1a3344c361 --- /dev/null +++ b/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.expected @@ -0,0 +1 @@ +| test.cpp:3:47:3:55 | call to rand | Use of banned function std::rand. | diff --git a/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql b/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql new file mode 100644 index 0000000000..05388363d1 --- /dev/null +++ b/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.donotuserandforgeneratingpseudorandomnumbers.DoNotUseRandForGeneratingPseudorandomNumbers diff --git a/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/test.c b/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/test.c new file mode 100644 index 0000000000..c92da3d2e8 --- /dev/null +++ b/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/test.c @@ -0,0 +1,5 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. +#include + +void test_use_of_rand() { int random_number = rand() % 10; } \ No newline at end of file diff --git a/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/test.cpp b/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/test.cpp index 03d820a15e..8fc837c4d2 100644 --- a/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/test.cpp +++ b/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/test.cpp @@ -1,3 +1,5 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. #include void test_use_of_rand() { int random_number = std::rand() % 10; } \ No newline at end of file From 23f73a9e1643d0cd2ef114a7b875655e9de06e1a Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 13 Jan 2023 17:10:44 -0500 Subject: [PATCH 0253/2573] work --- .../rules/nonvoidfunctiondoesnotreturn/test.c | 27 +++++++++++++++++++ .../nonvoidfunctiondoesnotreturn/test.cpp | 2 ++ 2 files changed, 29 insertions(+) create mode 100644 c/common/test/rules/nonvoidfunctiondoesnotreturn/test.c diff --git a/c/common/test/rules/nonvoidfunctiondoesnotreturn/test.c b/c/common/test/rules/nonvoidfunctiondoesnotreturn/test.c new file mode 100644 index 0000000000..3ec050b772 --- /dev/null +++ b/c/common/test/rules/nonvoidfunctiondoesnotreturn/test.c @@ -0,0 +1,27 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. +#include +int test_return_f1(int i) { // NON_COMPLIANT + if (i > 100) { + return i; + } +} + +int test_return_f2(int i) { // COMPLIANT + if (i > 0) { + return i; + } else { + return -i; + } +} + +int test_return_f3(int i) {} // NON_COMPLIANT + +int test_return_f5(int i) { // NON_COMPLIANT + if (i > 0) { + return i; + } + if (i < 0) { + return -i; + } +} diff --git a/cpp/common/test/rules/nonvoidfunctiondoesnotreturn/test.cpp b/cpp/common/test/rules/nonvoidfunctiondoesnotreturn/test.cpp index 1be558a89c..a47c4030b2 100644 --- a/cpp/common/test/rules/nonvoidfunctiondoesnotreturn/test.cpp +++ b/cpp/common/test/rules/nonvoidfunctiondoesnotreturn/test.cpp @@ -1,3 +1,5 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. #include int test_return_f1(int i) { // NON_COMPLIANT if (i > 100) { From a669ecb33c975f1fb700ada327a6dc973ffa3170 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 13 Jan 2023 17:10:52 -0500 Subject: [PATCH 0254/2573] work --- .../NonVoidFunctionDoesNotReturn.expected | 4 ++++ .../NonVoidFunctionDoesNotReturn.ql | 2 ++ 2 files changed, 6 insertions(+) create mode 100644 c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.expected create mode 100644 c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql diff --git a/c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.expected b/c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.expected new file mode 100644 index 0000000000..10d5ff7976 --- /dev/null +++ b/c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.expected @@ -0,0 +1,4 @@ +| test.cpp:6:1:6:1 | return ... | Function test_return_f1 should return a value of type int but does not return a value here | +| test.cpp:16:27:16:28 | { ... } | Function test_return_f3 should return a value of type int but does not return a value here | +| test.cpp:33:1:33:1 | return ... | Function test_return_f5 should return a value of type int but does not return a value here | +| test.cpp:51:19:52:3 | { ... } | Function test_trycatch_f1 should return a value of type int but does not return a value here | diff --git a/c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql b/c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql new file mode 100644 index 0000000000..9b7236a26f --- /dev/null +++ b/c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.nonvoidfunctiondoesnotreturn.NonVoidFunctionDoesNotReturn From 6befae3ff2adf812fcb08422d594bbd6e7381125 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 13 Jan 2023 17:38:34 -0500 Subject: [PATCH 0255/2573] fixing tests --- ...iersNotTypographicallyUnambiguous.expected | 62 +++++++++---------- ...dForGeneratingPseudorandomNumbers.expected | 2 +- .../test.c | 2 +- .../HashOperatorsUsed.expected | 8 +-- .../NonVoidFunctionDoesNotReturn.expected | 7 +-- .../rules/nonvoidfunctiondoesnotreturn/test.c | 2 +- ...tionsOfCodeShallNotBeCommentedOut.expected | 40 ++++++------ .../UsageOfAssemblerNotDocumented.expected | 2 +- ...iersNotTypographicallyUnambiguous.expected | 62 +++++++++---------- ...dForGeneratingPseudorandomNumbers.expected | 2 +- .../HashOperatorsUsed.expected | 8 +-- .../NonVoidFunctionDoesNotReturn.expected | 8 +-- ...tionsOfCodeShallNotBeCommentedOut.expected | 40 ++++++------ .../UsageOfAssemblerNotDocumented.expected | 2 +- 14 files changed, 123 insertions(+), 124 deletions(-) diff --git a/c/common/test/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.expected b/c/common/test/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.expected index 85fc9c161a..64a72fe3b9 100644 --- a/c/common/test/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.expected +++ b/c/common/test/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.expected @@ -1,31 +1,31 @@ -| test.cpp:2:5:2:13 | case1_FOO | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:2:5:2:13 | case1_FOO | case1_FOO | test.cpp:1:5:1:13 | case1_foo | case1_foo | -| test.cpp:2:5:2:13 | case1_FOO | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:2:5:2:13 | case1_FOO | case1_FOO | test.cpp:3:5:3:13 | case1_fOo | case1_fOo | -| test.cpp:3:5:3:13 | case1_fOo | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:3:5:3:13 | case1_fOo | case1_fOo | test.cpp:1:5:1:13 | case1_foo | case1_foo | -| test.cpp:6:5:6:15 | case2_f_o_o | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:6:5:6:15 | case2_f_o_o | case2_f_o_o | test.cpp:5:5:5:13 | case2_foo | case2_foo | -| test.cpp:9:5:9:13 | case3_fO0 | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:9:5:9:13 | case3_fO0 | case3_fO0 | test.cpp:8:5:8:13 | case3_fOO | case3_fOO | -| test.cpp:11:5:11:12 | case4_II | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:11:5:11:12 | case4_II | case4_II | test.cpp:13:5:13:12 | case4_Il | case4_Il | -| test.cpp:12:5:12:12 | case4_I1 | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:12:5:12:12 | case4_I1 | case4_I1 | test.cpp:11:5:11:12 | case4_II | case4_II | -| test.cpp:12:5:12:12 | case4_I1 | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:12:5:12:12 | case4_I1 | case4_I1 | test.cpp:13:5:13:12 | case4_Il | case4_Il | -| test.cpp:16:5:16:11 | case5_5 | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:16:5:16:11 | case5_5 | case5_5 | test.cpp:15:5:15:11 | case5_S | case5_S | -| test.cpp:19:5:19:11 | case6_2 | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:19:5:19:11 | case6_2 | case6_2 | test.cpp:18:5:18:11 | case6_Z | case6_Z | -| test.cpp:22:5:22:11 | case7_h | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:22:5:22:11 | case7_h | case7_h | test.cpp:21:5:21:11 | case7_n | case7_n | -| test.cpp:25:5:25:11 | case8_8 | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:25:5:25:11 | case8_8 | case8_8 | test.cpp:24:5:24:11 | case8_B | case8_B | -| test.cpp:28:5:28:11 | case9_m | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:28:5:28:11 | case9_m | case9_m | test.cpp:27:5:27:12 | case9_rn | case9_rn | -| test.cpp:29:5:29:12 | case9_rh | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:29:5:29:12 | case9_rh | case9_rh | test.cpp:27:5:27:12 | case9_rn | case9_rn | -| test.cpp:32:5:32:15 | case10_xmmx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:32:5:32:15 | case10_xmmx | case10_xmmx | test.cpp:31:5:31:17 | case10_xrnrnx | case10_xrnrnx | -| test.cpp:32:5:32:15 | case10_xmmx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:32:5:32:15 | case10_xmmx | case10_xmmx | test.cpp:33:5:33:16 | case10_xmrnx | case10_xmrnx | -| test.cpp:32:5:32:15 | case10_xmmx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:32:5:32:15 | case10_xmmx | case10_xmmx | test.cpp:34:5:34:16 | case10_xrnmx | case10_xrnmx | -| test.cpp:33:5:33:16 | case10_xmrnx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:33:5:33:16 | case10_xmrnx | case10_xmrnx | test.cpp:31:5:31:17 | case10_xrnrnx | case10_xrnrnx | -| test.cpp:33:5:33:16 | case10_xmrnx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:33:5:33:16 | case10_xmrnx | case10_xmrnx | test.cpp:34:5:34:16 | case10_xrnmx | case10_xrnmx | -| test.cpp:33:5:33:16 | case10_xmrnx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:33:5:33:16 | case10_xmrnx | case10_xmrnx | test.cpp:35:5:35:17 | case10_xrnrhx | case10_xrnrhx | -| test.cpp:34:5:34:16 | case10_xrnmx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:34:5:34:16 | case10_xrnmx | case10_xrnmx | test.cpp:31:5:31:17 | case10_xrnrnx | case10_xrnrnx | -| test.cpp:35:5:35:17 | case10_xrnrhx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:35:5:35:17 | case10_xrnrhx | case10_xrnrhx | test.cpp:31:5:31:17 | case10_xrnrnx | case10_xrnrnx | -| test.cpp:36:5:36:17 | case10_xrhrhx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:36:5:36:17 | case10_xrhrhx | case10_xrhrhx | test.cpp:31:5:31:17 | case10_xrnrnx | case10_xrnrnx | -| test.cpp:36:5:36:17 | case10_xrhrhx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:36:5:36:17 | case10_xrhrhx | case10_xrhrhx | test.cpp:35:5:35:17 | case10_xrnrhx | case10_xrnrhx | -| test.cpp:37:5:37:16 | case10_xmrhx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:37:5:37:16 | case10_xmrhx | case10_xmrhx | test.cpp:31:5:31:17 | case10_xrnrnx | case10_xrnrnx | -| test.cpp:37:5:37:16 | case10_xmrhx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:37:5:37:16 | case10_xmrhx | case10_xmrhx | test.cpp:33:5:33:16 | case10_xmrnx | case10_xmrnx | -| test.cpp:37:5:37:16 | case10_xmrhx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:37:5:37:16 | case10_xmrhx | case10_xmrhx | test.cpp:35:5:35:17 | case10_xrnrhx | case10_xrnrhx | -| test.cpp:38:5:38:16 | case10_xrhmx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:38:5:38:16 | case10_xrhmx | case10_xrhmx | test.cpp:31:5:31:17 | case10_xrnrnx | case10_xrnrnx | -| test.cpp:38:5:38:16 | case10_xrhmx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:38:5:38:16 | case10_xrhmx | case10_xrhmx | test.cpp:34:5:34:16 | case10_xrnmx | case10_xrnmx | -| test.cpp:40:15:40:22 | case11_O | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:40:15:40:22 | case11_O | case11_O | test.cpp:40:5:40:12 | case11_o | case11_o | -| test.cpp:43:5:43:14 | case12_8bB | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:43:5:43:14 | case12_8bB | case12_8bB | test.cpp:42:5:42:14 | case12_BBb | case12_BBb | +| test.c:4:5:4:13 | case1_FOO | The identifier $@ is not typographically unambiguous from the identifier $@ | test.c:4:5:4:13 | case1_FOO | case1_FOO | test.c:3:5:3:13 | case1_foo | case1_foo | +| test.c:4:5:4:13 | case1_FOO | The identifier $@ is not typographically unambiguous from the identifier $@ | test.c:4:5:4:13 | case1_FOO | case1_FOO | test.c:5:5:5:13 | case1_fOo | case1_fOo | +| test.c:5:5:5:13 | case1_fOo | The identifier $@ is not typographically unambiguous from the identifier $@ | test.c:5:5:5:13 | case1_fOo | case1_fOo | test.c:3:5:3:13 | case1_foo | case1_foo | +| test.c:8:5:8:15 | case2_f_o_o | The identifier $@ is not typographically unambiguous from the identifier $@ | test.c:8:5:8:15 | case2_f_o_o | case2_f_o_o | test.c:7:5:7:13 | case2_foo | case2_foo | +| test.c:11:5:11:13 | case3_fO0 | The identifier $@ is not typographically unambiguous from the identifier $@ | test.c:11:5:11:13 | case3_fO0 | case3_fO0 | test.c:10:5:10:13 | case3_fOO | case3_fOO | +| test.c:13:5:13:12 | case4_II | The identifier $@ is not typographically unambiguous from the identifier $@ | test.c:13:5:13:12 | case4_II | case4_II | test.c:15:5:15:12 | case4_Il | case4_Il | +| test.c:14:5:14:12 | case4_I1 | The identifier $@ is not typographically unambiguous from the identifier $@ | test.c:14:5:14:12 | case4_I1 | case4_I1 | test.c:13:5:13:12 | case4_II | case4_II | +| test.c:14:5:14:12 | case4_I1 | The identifier $@ is not typographically unambiguous from the identifier $@ | test.c:14:5:14:12 | case4_I1 | case4_I1 | test.c:15:5:15:12 | case4_Il | case4_Il | +| test.c:18:5:18:11 | case5_5 | The identifier $@ is not typographically unambiguous from the identifier $@ | test.c:18:5:18:11 | case5_5 | case5_5 | test.c:17:5:17:11 | case5_S | case5_S | +| test.c:21:5:21:11 | case6_2 | The identifier $@ is not typographically unambiguous from the identifier $@ | test.c:21:5:21:11 | case6_2 | case6_2 | test.c:20:5:20:11 | case6_Z | case6_Z | +| test.c:24:5:24:11 | case7_h | The identifier $@ is not typographically unambiguous from the identifier $@ | test.c:24:5:24:11 | case7_h | case7_h | test.c:23:5:23:11 | case7_n | case7_n | +| test.c:27:5:27:11 | case8_8 | The identifier $@ is not typographically unambiguous from the identifier $@ | test.c:27:5:27:11 | case8_8 | case8_8 | test.c:26:5:26:11 | case8_B | case8_B | +| test.c:30:5:30:11 | case9_m | The identifier $@ is not typographically unambiguous from the identifier $@ | test.c:30:5:30:11 | case9_m | case9_m | test.c:29:5:29:12 | case9_rn | case9_rn | +| test.c:31:5:31:12 | case9_rh | The identifier $@ is not typographically unambiguous from the identifier $@ | test.c:31:5:31:12 | case9_rh | case9_rh | test.c:29:5:29:12 | case9_rn | case9_rn | +| test.c:34:5:34:15 | case10_xmmx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.c:34:5:34:15 | case10_xmmx | case10_xmmx | test.c:33:5:33:17 | case10_xrnrnx | case10_xrnrnx | +| test.c:34:5:34:15 | case10_xmmx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.c:34:5:34:15 | case10_xmmx | case10_xmmx | test.c:35:5:35:16 | case10_xmrnx | case10_xmrnx | +| test.c:34:5:34:15 | case10_xmmx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.c:34:5:34:15 | case10_xmmx | case10_xmmx | test.c:36:5:36:16 | case10_xrnmx | case10_xrnmx | +| test.c:35:5:35:16 | case10_xmrnx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.c:35:5:35:16 | case10_xmrnx | case10_xmrnx | test.c:33:5:33:17 | case10_xrnrnx | case10_xrnrnx | +| test.c:35:5:35:16 | case10_xmrnx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.c:35:5:35:16 | case10_xmrnx | case10_xmrnx | test.c:36:5:36:16 | case10_xrnmx | case10_xrnmx | +| test.c:35:5:35:16 | case10_xmrnx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.c:35:5:35:16 | case10_xmrnx | case10_xmrnx | test.c:37:5:37:17 | case10_xrnrhx | case10_xrnrhx | +| test.c:36:5:36:16 | case10_xrnmx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.c:36:5:36:16 | case10_xrnmx | case10_xrnmx | test.c:33:5:33:17 | case10_xrnrnx | case10_xrnrnx | +| test.c:37:5:37:17 | case10_xrnrhx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.c:37:5:37:17 | case10_xrnrhx | case10_xrnrhx | test.c:33:5:33:17 | case10_xrnrnx | case10_xrnrnx | +| test.c:38:5:38:17 | case10_xrhrhx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.c:38:5:38:17 | case10_xrhrhx | case10_xrhrhx | test.c:33:5:33:17 | case10_xrnrnx | case10_xrnrnx | +| test.c:38:5:38:17 | case10_xrhrhx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.c:38:5:38:17 | case10_xrhrhx | case10_xrhrhx | test.c:37:5:37:17 | case10_xrnrhx | case10_xrnrhx | +| test.c:39:5:39:16 | case10_xmrhx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.c:39:5:39:16 | case10_xmrhx | case10_xmrhx | test.c:33:5:33:17 | case10_xrnrnx | case10_xrnrnx | +| test.c:39:5:39:16 | case10_xmrhx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.c:39:5:39:16 | case10_xmrhx | case10_xmrhx | test.c:35:5:35:16 | case10_xmrnx | case10_xmrnx | +| test.c:39:5:39:16 | case10_xmrhx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.c:39:5:39:16 | case10_xmrhx | case10_xmrhx | test.c:37:5:37:17 | case10_xrnrhx | case10_xrnrhx | +| test.c:40:5:40:16 | case10_xrhmx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.c:40:5:40:16 | case10_xrhmx | case10_xrhmx | test.c:33:5:33:17 | case10_xrnrnx | case10_xrnrnx | +| test.c:40:5:40:16 | case10_xrhmx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.c:40:5:40:16 | case10_xrhmx | case10_xrhmx | test.c:36:5:36:16 | case10_xrnmx | case10_xrnmx | +| test.c:42:15:42:22 | case11_O | The identifier $@ is not typographically unambiguous from the identifier $@ | test.c:42:15:42:22 | case11_O | case11_O | test.c:42:5:42:12 | case11_o | case11_o | +| test.c:45:5:45:14 | case12_8bB | The identifier $@ is not typographically unambiguous from the identifier $@ | test.c:45:5:45:14 | case12_8bB | case12_8bB | test.c:44:5:44:14 | case12_BBb | case12_BBb | diff --git a/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.expected b/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.expected index 1a3344c361..3bbffedcca 100644 --- a/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.expected +++ b/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.expected @@ -1 +1 @@ -| test.cpp:3:47:3:55 | call to rand | Use of banned function std::rand. | +| test.c:5:47:5:50 | call to rand | Use of banned function rand. | diff --git a/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/test.c b/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/test.c index c92da3d2e8..a9ce133b6b 100644 --- a/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/test.c +++ b/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/test.c @@ -1,5 +1,5 @@ // NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND // CHANGES SHOULD BE REFLECTED THERE AS WELL. -#include +#include void test_use_of_rand() { int random_number = rand() % 10; } \ No newline at end of file diff --git a/c/common/test/rules/hashoperatorsused/HashOperatorsUsed.expected b/c/common/test/rules/hashoperatorsused/HashOperatorsUsed.expected index e36c372d5b..9bb8ff5249 100644 --- a/c/common/test/rules/hashoperatorsused/HashOperatorsUsed.expected +++ b/c/common/test/rules/hashoperatorsused/HashOperatorsUsed.expected @@ -1,4 +1,4 @@ -| test.cpp:9:1:9:22 | #define MACROFIVE(X) #X | Macro definition uses the # or ## operator. | -| test.cpp:11:1:11:26 | #define MACROSIX(X,Y) X ## Y | Macro definition uses the # or ## operator. | -| test.cpp:13:1:13:29 | #define MACROSEVEN "##'" #"#" | Macro definition uses the # or ## operator. | -| test.cpp:15:1:15:28 | #define MACROEIGHT '##' #"#" | Macro definition uses the # or ## operator. | +| test.c:11:1:11:22 | #define MACROFIVE(X) #X | Macro definition uses the # or ## operator. | +| test.c:13:1:13:26 | #define MACROSIX(X,Y) X ## Y | Macro definition uses the # or ## operator. | +| test.c:15:1:15:29 | #define MACROSEVEN "##'" #"#" | Macro definition uses the # or ## operator. | +| test.c:17:1:17:28 | #define MACROEIGHT '##' #"#" | Macro definition uses the # or ## operator. | diff --git a/c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.expected b/c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.expected index 10d5ff7976..4ebb26f6f7 100644 --- a/c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.expected +++ b/c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.expected @@ -1,4 +1,3 @@ -| test.cpp:6:1:6:1 | return ... | Function test_return_f1 should return a value of type int but does not return a value here | -| test.cpp:16:27:16:28 | { ... } | Function test_return_f3 should return a value of type int but does not return a value here | -| test.cpp:33:1:33:1 | return ... | Function test_return_f5 should return a value of type int but does not return a value here | -| test.cpp:51:19:52:3 | { ... } | Function test_trycatch_f1 should return a value of type int but does not return a value here | +| test.c:8:1:8:1 | return ... | Function test_return_f1 should return a value of type int but does not return a value here | +| test.c:18:27:18:28 | { ... } | Function test_return_f3 should return a value of type int but does not return a value here | +| test.c:27:1:27:1 | return ... | Function test_return_f5 should return a value of type int but does not return a value here | diff --git a/c/common/test/rules/nonvoidfunctiondoesnotreturn/test.c b/c/common/test/rules/nonvoidfunctiondoesnotreturn/test.c index 3ec050b772..b90e2187ec 100644 --- a/c/common/test/rules/nonvoidfunctiondoesnotreturn/test.c +++ b/c/common/test/rules/nonvoidfunctiondoesnotreturn/test.c @@ -1,6 +1,6 @@ // NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND // CHANGES SHOULD BE REFLECTED THERE AS WELL. -#include +#include int test_return_f1(int i) { // NON_COMPLIANT if (i > 100) { return i; diff --git a/c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.expected b/c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.expected index bd67e19880..d3ef31011c 100644 --- a/c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.expected +++ b/c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.expected @@ -1,20 +1,20 @@ -| test.cpp:37:1:37:39 | // int myFunction() { return myValue; } | This comment appears to contain commented-out code. | -| test.cpp:39:1:39:45 | // int myFunction() const { return myValue; } | This comment appears to contain commented-out code. | -| test.cpp:41:1:41:54 | // int myFunction() const noexcept { return myValue; } | This comment appears to contain commented-out code. | -| test.cpp:43:1:43:18 | // #define MYMACRO | This comment appears to contain commented-out code. | -| test.cpp:45:1:45:23 | // #include "include.h" | This comment appears to contain commented-out code. | -| test.cpp:47:1:51:2 | /*\n#ifdef\nvoid myFunction();\n#endif\n*/ | This comment appears to contain commented-out code. | -| test.cpp:59:1:59:24 | // #if(defined(MYMACRO)) | This comment appears to contain commented-out code. | -| test.cpp:63:1:63:15 | // #pragma once | This comment appears to contain commented-out code. | -| test.cpp:65:1:65:17 | // # pragma once | This comment appears to contain commented-out code. | -| test.cpp:67:1:67:19 | /*#error"myerror"*/ | This comment appears to contain commented-out code. | -| test.cpp:91:1:95:2 | /*\n#ifdef MYMACRO\n // ...\n#endif // #ifdef MYMACRO\n*/ | This comment appears to contain commented-out code. | -| test.cpp:106:21:106:43 | // #include "config2.h" | This comment appears to contain commented-out code. | -| test.cpp:112:16:112:35 | /* #ifdef MYMACRO */ | This comment appears to contain commented-out code. | -| test.cpp:116:1:116:24 | // commented_out_code(); | This comment appears to contain commented-out code. | -| test.cpp:119:2:119:25 | // commented_out_code(); | This comment appears to contain commented-out code. | -| test.cpp:122:1:122:22 | // commented out code; | This comment appears to contain commented-out code. | -| test.cpp:124:1:127:8 | // some; | This comment appears to contain commented-out code. | -| test.cpp:129:1:133:8 | // also; | This comment appears to contain commented-out code. | -| test.cpp:141:1:146:2 | /*\n some;\n commented;\n out;\n code;\n*/ | This comment appears to contain commented-out code. | -| test.cpp:148:1:154:2 | /*\n also;\n this\n is;\n commented-out\n code;\n*/ | This comment appears to contain commented-out code. | +| test.c:39:1:39:39 | // int myFunction() { return myValue; } | This comment appears to contain commented-out code. | +| test.c:41:1:41:45 | // int myFunction() const { return myValue; } | This comment appears to contain commented-out code. | +| test.c:43:1:43:54 | // int myFunction() const noexcept { return myValue; } | This comment appears to contain commented-out code. | +| test.c:45:1:45:18 | // #define MYMACRO | This comment appears to contain commented-out code. | +| test.c:47:1:47:23 | // #include "include.h" | This comment appears to contain commented-out code. | +| test.c:49:1:53:2 | /*\n#ifdef\nvoid myFunction();\n#endif\n*/ | This comment appears to contain commented-out code. | +| test.c:61:1:61:24 | // #if(defined(MYMACRO)) | This comment appears to contain commented-out code. | +| test.c:65:1:65:15 | // #pragma once | This comment appears to contain commented-out code. | +| test.c:67:1:67:17 | // # pragma once | This comment appears to contain commented-out code. | +| test.c:69:1:69:19 | /*#error"myerror"*/ | This comment appears to contain commented-out code. | +| test.c:93:1:97:2 | /*\n#ifdef MYMACRO\n // ...\n#endif // #ifdef MYMACRO\n*/ | This comment appears to contain commented-out code. | +| test.c:108:21:108:43 | // #include "config2.h" | This comment appears to contain commented-out code. | +| test.c:114:16:114:35 | /* #ifdef MYMACRO */ | This comment appears to contain commented-out code. | +| test.c:118:1:118:24 | // commented_out_code(); | This comment appears to contain commented-out code. | +| test.c:121:2:121:25 | // commented_out_code(); | This comment appears to contain commented-out code. | +| test.c:124:1:124:22 | // commented out code; | This comment appears to contain commented-out code. | +| test.c:126:1:129:8 | // some; | This comment appears to contain commented-out code. | +| test.c:131:1:135:8 | // also; | This comment appears to contain commented-out code. | +| test.c:143:1:148:2 | /*\n some;\n commented;\n out;\n code;\n*/ | This comment appears to contain commented-out code. | +| test.c:150:1:156:2 | /*\n also;\n this\n is;\n commented-out\n code;\n*/ | This comment appears to contain commented-out code. | diff --git a/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.expected b/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.expected index aa625dd58a..1be3ed8ad2 100644 --- a/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.expected +++ b/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.expected @@ -1 +1 @@ -| test.cpp:8:42:8:58 | asm statement | Use of assembler is not documented. | +| test.c:10:42:10:58 | asm statement | Use of assembler is not documented. | diff --git a/cpp/common/test/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.expected b/cpp/common/test/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.expected index 85fc9c161a..ba9963f735 100644 --- a/cpp/common/test/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.expected +++ b/cpp/common/test/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.expected @@ -1,31 +1,31 @@ -| test.cpp:2:5:2:13 | case1_FOO | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:2:5:2:13 | case1_FOO | case1_FOO | test.cpp:1:5:1:13 | case1_foo | case1_foo | -| test.cpp:2:5:2:13 | case1_FOO | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:2:5:2:13 | case1_FOO | case1_FOO | test.cpp:3:5:3:13 | case1_fOo | case1_fOo | -| test.cpp:3:5:3:13 | case1_fOo | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:3:5:3:13 | case1_fOo | case1_fOo | test.cpp:1:5:1:13 | case1_foo | case1_foo | -| test.cpp:6:5:6:15 | case2_f_o_o | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:6:5:6:15 | case2_f_o_o | case2_f_o_o | test.cpp:5:5:5:13 | case2_foo | case2_foo | -| test.cpp:9:5:9:13 | case3_fO0 | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:9:5:9:13 | case3_fO0 | case3_fO0 | test.cpp:8:5:8:13 | case3_fOO | case3_fOO | -| test.cpp:11:5:11:12 | case4_II | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:11:5:11:12 | case4_II | case4_II | test.cpp:13:5:13:12 | case4_Il | case4_Il | -| test.cpp:12:5:12:12 | case4_I1 | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:12:5:12:12 | case4_I1 | case4_I1 | test.cpp:11:5:11:12 | case4_II | case4_II | -| test.cpp:12:5:12:12 | case4_I1 | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:12:5:12:12 | case4_I1 | case4_I1 | test.cpp:13:5:13:12 | case4_Il | case4_Il | -| test.cpp:16:5:16:11 | case5_5 | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:16:5:16:11 | case5_5 | case5_5 | test.cpp:15:5:15:11 | case5_S | case5_S | -| test.cpp:19:5:19:11 | case6_2 | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:19:5:19:11 | case6_2 | case6_2 | test.cpp:18:5:18:11 | case6_Z | case6_Z | -| test.cpp:22:5:22:11 | case7_h | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:22:5:22:11 | case7_h | case7_h | test.cpp:21:5:21:11 | case7_n | case7_n | -| test.cpp:25:5:25:11 | case8_8 | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:25:5:25:11 | case8_8 | case8_8 | test.cpp:24:5:24:11 | case8_B | case8_B | -| test.cpp:28:5:28:11 | case9_m | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:28:5:28:11 | case9_m | case9_m | test.cpp:27:5:27:12 | case9_rn | case9_rn | -| test.cpp:29:5:29:12 | case9_rh | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:29:5:29:12 | case9_rh | case9_rh | test.cpp:27:5:27:12 | case9_rn | case9_rn | -| test.cpp:32:5:32:15 | case10_xmmx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:32:5:32:15 | case10_xmmx | case10_xmmx | test.cpp:31:5:31:17 | case10_xrnrnx | case10_xrnrnx | -| test.cpp:32:5:32:15 | case10_xmmx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:32:5:32:15 | case10_xmmx | case10_xmmx | test.cpp:33:5:33:16 | case10_xmrnx | case10_xmrnx | -| test.cpp:32:5:32:15 | case10_xmmx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:32:5:32:15 | case10_xmmx | case10_xmmx | test.cpp:34:5:34:16 | case10_xrnmx | case10_xrnmx | -| test.cpp:33:5:33:16 | case10_xmrnx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:33:5:33:16 | case10_xmrnx | case10_xmrnx | test.cpp:31:5:31:17 | case10_xrnrnx | case10_xrnrnx | -| test.cpp:33:5:33:16 | case10_xmrnx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:33:5:33:16 | case10_xmrnx | case10_xmrnx | test.cpp:34:5:34:16 | case10_xrnmx | case10_xrnmx | -| test.cpp:33:5:33:16 | case10_xmrnx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:33:5:33:16 | case10_xmrnx | case10_xmrnx | test.cpp:35:5:35:17 | case10_xrnrhx | case10_xrnrhx | -| test.cpp:34:5:34:16 | case10_xrnmx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:34:5:34:16 | case10_xrnmx | case10_xrnmx | test.cpp:31:5:31:17 | case10_xrnrnx | case10_xrnrnx | -| test.cpp:35:5:35:17 | case10_xrnrhx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:35:5:35:17 | case10_xrnrhx | case10_xrnrhx | test.cpp:31:5:31:17 | case10_xrnrnx | case10_xrnrnx | -| test.cpp:36:5:36:17 | case10_xrhrhx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:36:5:36:17 | case10_xrhrhx | case10_xrhrhx | test.cpp:31:5:31:17 | case10_xrnrnx | case10_xrnrnx | -| test.cpp:36:5:36:17 | case10_xrhrhx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:36:5:36:17 | case10_xrhrhx | case10_xrhrhx | test.cpp:35:5:35:17 | case10_xrnrhx | case10_xrnrhx | -| test.cpp:37:5:37:16 | case10_xmrhx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:37:5:37:16 | case10_xmrhx | case10_xmrhx | test.cpp:31:5:31:17 | case10_xrnrnx | case10_xrnrnx | -| test.cpp:37:5:37:16 | case10_xmrhx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:37:5:37:16 | case10_xmrhx | case10_xmrhx | test.cpp:33:5:33:16 | case10_xmrnx | case10_xmrnx | -| test.cpp:37:5:37:16 | case10_xmrhx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:37:5:37:16 | case10_xmrhx | case10_xmrhx | test.cpp:35:5:35:17 | case10_xrnrhx | case10_xrnrhx | -| test.cpp:38:5:38:16 | case10_xrhmx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:38:5:38:16 | case10_xrhmx | case10_xrhmx | test.cpp:31:5:31:17 | case10_xrnrnx | case10_xrnrnx | -| test.cpp:38:5:38:16 | case10_xrhmx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:38:5:38:16 | case10_xrhmx | case10_xrhmx | test.cpp:34:5:34:16 | case10_xrnmx | case10_xrnmx | -| test.cpp:40:15:40:22 | case11_O | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:40:15:40:22 | case11_O | case11_O | test.cpp:40:5:40:12 | case11_o | case11_o | -| test.cpp:43:5:43:14 | case12_8bB | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:43:5:43:14 | case12_8bB | case12_8bB | test.cpp:42:5:42:14 | case12_BBb | case12_BBb | +| test.cpp:4:5:4:13 | case1_FOO | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:4:5:4:13 | case1_FOO | case1_FOO | test.cpp:3:5:3:13 | case1_foo | case1_foo | +| test.cpp:4:5:4:13 | case1_FOO | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:4:5:4:13 | case1_FOO | case1_FOO | test.cpp:5:5:5:13 | case1_fOo | case1_fOo | +| test.cpp:5:5:5:13 | case1_fOo | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:5:5:5:13 | case1_fOo | case1_fOo | test.cpp:3:5:3:13 | case1_foo | case1_foo | +| test.cpp:8:5:8:15 | case2_f_o_o | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:8:5:8:15 | case2_f_o_o | case2_f_o_o | test.cpp:7:5:7:13 | case2_foo | case2_foo | +| test.cpp:11:5:11:13 | case3_fO0 | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:11:5:11:13 | case3_fO0 | case3_fO0 | test.cpp:10:5:10:13 | case3_fOO | case3_fOO | +| test.cpp:13:5:13:12 | case4_II | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:13:5:13:12 | case4_II | case4_II | test.cpp:15:5:15:12 | case4_Il | case4_Il | +| test.cpp:14:5:14:12 | case4_I1 | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:14:5:14:12 | case4_I1 | case4_I1 | test.cpp:13:5:13:12 | case4_II | case4_II | +| test.cpp:14:5:14:12 | case4_I1 | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:14:5:14:12 | case4_I1 | case4_I1 | test.cpp:15:5:15:12 | case4_Il | case4_Il | +| test.cpp:18:5:18:11 | case5_5 | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:18:5:18:11 | case5_5 | case5_5 | test.cpp:17:5:17:11 | case5_S | case5_S | +| test.cpp:21:5:21:11 | case6_2 | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:21:5:21:11 | case6_2 | case6_2 | test.cpp:20:5:20:11 | case6_Z | case6_Z | +| test.cpp:24:5:24:11 | case7_h | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:24:5:24:11 | case7_h | case7_h | test.cpp:23:5:23:11 | case7_n | case7_n | +| test.cpp:27:5:27:11 | case8_8 | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:27:5:27:11 | case8_8 | case8_8 | test.cpp:26:5:26:11 | case8_B | case8_B | +| test.cpp:30:5:30:11 | case9_m | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:30:5:30:11 | case9_m | case9_m | test.cpp:29:5:29:12 | case9_rn | case9_rn | +| test.cpp:31:5:31:12 | case9_rh | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:31:5:31:12 | case9_rh | case9_rh | test.cpp:29:5:29:12 | case9_rn | case9_rn | +| test.cpp:34:5:34:15 | case10_xmmx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:34:5:34:15 | case10_xmmx | case10_xmmx | test.cpp:33:5:33:17 | case10_xrnrnx | case10_xrnrnx | +| test.cpp:34:5:34:15 | case10_xmmx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:34:5:34:15 | case10_xmmx | case10_xmmx | test.cpp:35:5:35:16 | case10_xmrnx | case10_xmrnx | +| test.cpp:34:5:34:15 | case10_xmmx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:34:5:34:15 | case10_xmmx | case10_xmmx | test.cpp:36:5:36:16 | case10_xrnmx | case10_xrnmx | +| test.cpp:35:5:35:16 | case10_xmrnx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:35:5:35:16 | case10_xmrnx | case10_xmrnx | test.cpp:33:5:33:17 | case10_xrnrnx | case10_xrnrnx | +| test.cpp:35:5:35:16 | case10_xmrnx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:35:5:35:16 | case10_xmrnx | case10_xmrnx | test.cpp:36:5:36:16 | case10_xrnmx | case10_xrnmx | +| test.cpp:35:5:35:16 | case10_xmrnx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:35:5:35:16 | case10_xmrnx | case10_xmrnx | test.cpp:37:5:37:17 | case10_xrnrhx | case10_xrnrhx | +| test.cpp:36:5:36:16 | case10_xrnmx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:36:5:36:16 | case10_xrnmx | case10_xrnmx | test.cpp:33:5:33:17 | case10_xrnrnx | case10_xrnrnx | +| test.cpp:37:5:37:17 | case10_xrnrhx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:37:5:37:17 | case10_xrnrhx | case10_xrnrhx | test.cpp:33:5:33:17 | case10_xrnrnx | case10_xrnrnx | +| test.cpp:38:5:38:17 | case10_xrhrhx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:38:5:38:17 | case10_xrhrhx | case10_xrhrhx | test.cpp:33:5:33:17 | case10_xrnrnx | case10_xrnrnx | +| test.cpp:38:5:38:17 | case10_xrhrhx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:38:5:38:17 | case10_xrhrhx | case10_xrhrhx | test.cpp:37:5:37:17 | case10_xrnrhx | case10_xrnrhx | +| test.cpp:39:5:39:16 | case10_xmrhx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:39:5:39:16 | case10_xmrhx | case10_xmrhx | test.cpp:33:5:33:17 | case10_xrnrnx | case10_xrnrnx | +| test.cpp:39:5:39:16 | case10_xmrhx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:39:5:39:16 | case10_xmrhx | case10_xmrhx | test.cpp:35:5:35:16 | case10_xmrnx | case10_xmrnx | +| test.cpp:39:5:39:16 | case10_xmrhx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:39:5:39:16 | case10_xmrhx | case10_xmrhx | test.cpp:37:5:37:17 | case10_xrnrhx | case10_xrnrhx | +| test.cpp:40:5:40:16 | case10_xrhmx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:40:5:40:16 | case10_xrhmx | case10_xrhmx | test.cpp:33:5:33:17 | case10_xrnrnx | case10_xrnrnx | +| test.cpp:40:5:40:16 | case10_xrhmx | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:40:5:40:16 | case10_xrhmx | case10_xrhmx | test.cpp:36:5:36:16 | case10_xrnmx | case10_xrnmx | +| test.cpp:42:15:42:22 | case11_O | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:42:15:42:22 | case11_O | case11_O | test.cpp:42:5:42:12 | case11_o | case11_o | +| test.cpp:45:5:45:14 | case12_8bB | The identifier $@ is not typographically unambiguous from the identifier $@ | test.cpp:45:5:45:14 | case12_8bB | case12_8bB | test.cpp:44:5:44:14 | case12_BBb | case12_BBb | diff --git a/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.expected b/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.expected index 1a3344c361..2b4bcde88a 100644 --- a/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.expected +++ b/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.expected @@ -1 +1 @@ -| test.cpp:3:47:3:55 | call to rand | Use of banned function std::rand. | +| test.cpp:5:47:5:55 | call to rand | Use of banned function std::rand. | diff --git a/cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.expected b/cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.expected index e36c372d5b..060be8a69d 100644 --- a/cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.expected +++ b/cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.expected @@ -1,4 +1,4 @@ -| test.cpp:9:1:9:22 | #define MACROFIVE(X) #X | Macro definition uses the # or ## operator. | -| test.cpp:11:1:11:26 | #define MACROSIX(X,Y) X ## Y | Macro definition uses the # or ## operator. | -| test.cpp:13:1:13:29 | #define MACROSEVEN "##'" #"#" | Macro definition uses the # or ## operator. | -| test.cpp:15:1:15:28 | #define MACROEIGHT '##' #"#" | Macro definition uses the # or ## operator. | +| test.cpp:11:1:11:22 | #define MACROFIVE(X) #X | Macro definition uses the # or ## operator. | +| test.cpp:13:1:13:26 | #define MACROSIX(X,Y) X ## Y | Macro definition uses the # or ## operator. | +| test.cpp:15:1:15:29 | #define MACROSEVEN "##'" #"#" | Macro definition uses the # or ## operator. | +| test.cpp:17:1:17:28 | #define MACROEIGHT '##' #"#" | Macro definition uses the # or ## operator. | diff --git a/cpp/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.expected b/cpp/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.expected index 10d5ff7976..774d7fa9e4 100644 --- a/cpp/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.expected +++ b/cpp/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.expected @@ -1,4 +1,4 @@ -| test.cpp:6:1:6:1 | return ... | Function test_return_f1 should return a value of type int but does not return a value here | -| test.cpp:16:27:16:28 | { ... } | Function test_return_f3 should return a value of type int but does not return a value here | -| test.cpp:33:1:33:1 | return ... | Function test_return_f5 should return a value of type int but does not return a value here | -| test.cpp:51:19:52:3 | { ... } | Function test_trycatch_f1 should return a value of type int but does not return a value here | +| test.cpp:8:1:8:1 | return ... | Function test_return_f1 should return a value of type int but does not return a value here | +| test.cpp:18:27:18:28 | { ... } | Function test_return_f3 should return a value of type int but does not return a value here | +| test.cpp:35:1:35:1 | return ... | Function test_return_f5 should return a value of type int but does not return a value here | +| test.cpp:53:19:54:3 | { ... } | Function test_trycatch_f1 should return a value of type int but does not return a value here | diff --git a/cpp/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.expected b/cpp/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.expected index bd67e19880..1355eb96f0 100644 --- a/cpp/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.expected +++ b/cpp/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.expected @@ -1,20 +1,20 @@ -| test.cpp:37:1:37:39 | // int myFunction() { return myValue; } | This comment appears to contain commented-out code. | -| test.cpp:39:1:39:45 | // int myFunction() const { return myValue; } | This comment appears to contain commented-out code. | -| test.cpp:41:1:41:54 | // int myFunction() const noexcept { return myValue; } | This comment appears to contain commented-out code. | -| test.cpp:43:1:43:18 | // #define MYMACRO | This comment appears to contain commented-out code. | -| test.cpp:45:1:45:23 | // #include "include.h" | This comment appears to contain commented-out code. | -| test.cpp:47:1:51:2 | /*\n#ifdef\nvoid myFunction();\n#endif\n*/ | This comment appears to contain commented-out code. | -| test.cpp:59:1:59:24 | // #if(defined(MYMACRO)) | This comment appears to contain commented-out code. | -| test.cpp:63:1:63:15 | // #pragma once | This comment appears to contain commented-out code. | -| test.cpp:65:1:65:17 | // # pragma once | This comment appears to contain commented-out code. | -| test.cpp:67:1:67:19 | /*#error"myerror"*/ | This comment appears to contain commented-out code. | -| test.cpp:91:1:95:2 | /*\n#ifdef MYMACRO\n // ...\n#endif // #ifdef MYMACRO\n*/ | This comment appears to contain commented-out code. | -| test.cpp:106:21:106:43 | // #include "config2.h" | This comment appears to contain commented-out code. | -| test.cpp:112:16:112:35 | /* #ifdef MYMACRO */ | This comment appears to contain commented-out code. | -| test.cpp:116:1:116:24 | // commented_out_code(); | This comment appears to contain commented-out code. | -| test.cpp:119:2:119:25 | // commented_out_code(); | This comment appears to contain commented-out code. | -| test.cpp:122:1:122:22 | // commented out code; | This comment appears to contain commented-out code. | -| test.cpp:124:1:127:8 | // some; | This comment appears to contain commented-out code. | -| test.cpp:129:1:133:8 | // also; | This comment appears to contain commented-out code. | -| test.cpp:141:1:146:2 | /*\n some;\n commented;\n out;\n code;\n*/ | This comment appears to contain commented-out code. | -| test.cpp:148:1:154:2 | /*\n also;\n this\n is;\n commented-out\n code;\n*/ | This comment appears to contain commented-out code. | +| test.cpp:39:1:39:39 | // int myFunction() { return myValue; } | This comment appears to contain commented-out code. | +| test.cpp:41:1:41:45 | // int myFunction() const { return myValue; } | This comment appears to contain commented-out code. | +| test.cpp:43:1:43:54 | // int myFunction() const noexcept { return myValue; } | This comment appears to contain commented-out code. | +| test.cpp:45:1:45:18 | // #define MYMACRO | This comment appears to contain commented-out code. | +| test.cpp:47:1:47:23 | // #include "include.h" | This comment appears to contain commented-out code. | +| test.cpp:49:1:53:2 | /*\n#ifdef\nvoid myFunction();\n#endif\n*/ | This comment appears to contain commented-out code. | +| test.cpp:61:1:61:24 | // #if(defined(MYMACRO)) | This comment appears to contain commented-out code. | +| test.cpp:65:1:65:15 | // #pragma once | This comment appears to contain commented-out code. | +| test.cpp:67:1:67:17 | // # pragma once | This comment appears to contain commented-out code. | +| test.cpp:69:1:69:19 | /*#error"myerror"*/ | This comment appears to contain commented-out code. | +| test.cpp:93:1:97:2 | /*\n#ifdef MYMACRO\n // ...\n#endif // #ifdef MYMACRO\n*/ | This comment appears to contain commented-out code. | +| test.cpp:108:21:108:43 | // #include "config2.h" | This comment appears to contain commented-out code. | +| test.cpp:114:16:114:35 | /* #ifdef MYMACRO */ | This comment appears to contain commented-out code. | +| test.cpp:118:1:118:24 | // commented_out_code(); | This comment appears to contain commented-out code. | +| test.cpp:121:2:121:25 | // commented_out_code(); | This comment appears to contain commented-out code. | +| test.cpp:124:1:124:22 | // commented out code; | This comment appears to contain commented-out code. | +| test.cpp:126:1:129:8 | // some; | This comment appears to contain commented-out code. | +| test.cpp:131:1:135:8 | // also; | This comment appears to contain commented-out code. | +| test.cpp:143:1:148:2 | /*\n some;\n commented;\n out;\n code;\n*/ | This comment appears to contain commented-out code. | +| test.cpp:150:1:156:2 | /*\n also;\n this\n is;\n commented-out\n code;\n*/ | This comment appears to contain commented-out code. | diff --git a/cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.expected b/cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.expected index aa625dd58a..bc7343e73a 100644 --- a/cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.expected +++ b/cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.expected @@ -1 +1 @@ -| test.cpp:8:42:8:58 | asm statement | Use of assembler is not documented. | +| test.cpp:10:42:10:58 | asm statement | Use of assembler is not documented. | From c5dcdc734f9d72de360f37dc89eb806e9ff9cb54 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 16 Jan 2023 19:17:50 +0100 Subject: [PATCH 0256/2573] Address review comment --- .../DoNotRelyOnIndeterminateValuesOfErrno.ql | 8 ++++---- ...oNotRelyOnIndeterminateValuesOfErrno.expected | 10 ++++++---- c/cert/test/rules/ERR32-C/test.c | 16 ++++++++++++++-- 3 files changed, 24 insertions(+), 10 deletions(-) diff --git a/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql b/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql index 631b9c43e0..1182b30eab 100644 --- a/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql +++ b/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql @@ -34,7 +34,7 @@ class AbortCall extends FunctionCall { * `if (signal(SIGINT, handler) == SIG_ERR)` */ class SignalCheckOperation extends EqualityOperation, GuardCondition { - ControlFlowNode errorSuccessor; + BasicBlock errorSuccessor; SignalCheckOperation() { this.getAnOperand() = any(MacroInvocation m | m.getMacroName() = "SIG_ERR").getExpr() and @@ -47,11 +47,11 @@ class SignalCheckOperation extends EqualityOperation, GuardCondition { ) } - ControlFlowNode getCheckedSuccessor() { + BasicBlock getCheckedSuccessor() { result != errorSuccessor and result = this.getASuccessor() } - ControlFlowNode getErrorSuccessor() { result = errorSuccessor } + BasicBlock getErrorSuccessor() { result = errorSuccessor } } /** @@ -71,7 +71,7 @@ class SignalCallingHandler extends Function { // does not abort on error not exists(SignalCheckOperation sCheck, AbortCall abort | DataFlow::localExprFlow(sCall, sCheck.getAnOperand()) and - abort.getEnclosingElement*() = sCheck.getErrorSuccessor() + abort = sCheck.getErrorSuccessor().(BlockStmt).getStmt(0).(ExprStmt).getExpr() ) ) } diff --git a/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected b/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected index e5cff7e4ce..da9122cfd4 100644 --- a/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected +++ b/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected @@ -1,5 +1,7 @@ | test.c:12:5:12:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:10:21:10:26 | call to signal | call to signal | -| test.c:39:5:39:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:35:21:35:26 | call to signal | call to signal | -| test.c:46:5:46:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:44:21:44:26 | call to signal | call to signal | -| test.c:62:5:62:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:54:17:54:22 | call to signal | call to signal | -| test.c:62:5:62:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:58:17:58:22 | call to signal | call to signal | +| test.c:30:5:30:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:26:21:26:26 | call to signal | call to signal | +| test.c:49:5:49:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:45:21:45:26 | call to signal | call to signal | +| test.c:56:5:56:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:54:21:54:26 | call to signal | call to signal | +| test.c:74:5:74:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:64:17:64:22 | call to signal | call to signal | +| test.c:74:5:74:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:66:17:66:22 | call to signal | call to signal | +| test.c:74:5:74:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:70:17:70:22 | call to signal | call to signal | diff --git a/c/cert/test/rules/ERR32-C/test.c b/c/cert/test/rules/ERR32-C/test.c index 2f48ad269e..d6ed7eb1f5 100644 --- a/c/cert/test/rules/ERR32-C/test.c +++ b/c/cert/test/rules/ERR32-C/test.c @@ -13,11 +13,21 @@ void handler1(int signum) { } } -void handler2(int signum) { +void handler2a(int signum) { pfv old_handler = signal(signum, SIG_DFL); if (old_handler != SIG_ERR) { perror(""); // COMPLIANT } else { + abort(); // COMPLIANT + } +} + +void handler2b(int signum) { + pfv old_handler = signal(signum, SIG_DFL); + if (old_handler != SIG_ERR) { + perror(""); // COMPLIANT + } else { + perror(""); // NON_COMPLIANT abort(); } } @@ -46,11 +56,13 @@ int main(void) { perror(""); // NON_COMPLIANT } - old_handler = signal(SIGINT, handler2); + old_handler = signal(SIGINT, handler2a); if (old_handler == SIG_ERR) { perror(""); // COMPLIANT } + old_handler = signal(SIGINT, handler2b); + old_handler = signal(SIGINT, handler3); old_handler = signal(SIGINT, handler4); From 63e562296e8ec6b6a4cb34f2cd27f542110ca58d Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Mon, 16 Jan 2023 14:25:49 -0500 Subject: [PATCH 0257/2573] Declarations7: add RULE-8-12 --- .vscode/tasks.json | 1 + ...lueImplicitEnumerationConstantNotUnique.ql | 38 +++++++++++++++++++ ...licitEnumerationConstantNotUnique.expected | 1 + ...ImplicitEnumerationConstantNotUnique.qlref | 1 + c/misra/test/rules/RULE-8-12/test.c | 4 ++ .../cpp/exclusions/c/Declarations7.qll | 26 +++++++++++++ .../cpp/exclusions/c/RuleMetadata.qll | 3 ++ rule_packages/c/Declarations7.json | 24 ++++++++++++ rules.csv | 2 +- 9 files changed, 99 insertions(+), 1 deletion(-) create mode 100644 c/misra/src/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.ql create mode 100644 c/misra/test/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.expected create mode 100644 c/misra/test/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.qlref create mode 100644 c/misra/test/rules/RULE-8-12/test.c create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/Declarations7.qll create mode 100644 rule_packages/c/Declarations7.json diff --git a/.vscode/tasks.json b/.vscode/tasks.json index 97bc7c4800..8763b730cf 100644 --- a/.vscode/tasks.json +++ b/.vscode/tasks.json @@ -208,6 +208,7 @@ "Declarations2", "Declarations3", "Declarations4", + "Declarations7", "Exceptions1", "Exceptions2", "Expressions", diff --git a/c/misra/src/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.ql b/c/misra/src/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.ql new file mode 100644 index 0000000000..0772da9b05 --- /dev/null +++ b/c/misra/src/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.ql @@ -0,0 +1,38 @@ +/** + * @id c/misra/value-implicit-enumeration-constant-not-unique + * @name RULE-8-12: Within an enumerator list, the value of an implicitly-specified enumeration constant shall be unique + * @description Using an implicitly specified enumeration constant that is not unique (with respect + * to an explicitly specified constant) can lead to unexpected program behaviour. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-8-12 + * correctness + * readability + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +/** + * An `EnumConstant` that has an implicitly specified value: + * `enum e { explicit = 1, implicit }` + */ +class ImplicitlySpecifiedEnumConstant extends EnumConstant { + ImplicitlySpecifiedEnumConstant() { + //implicitly specified have an initializer with location: `file://:0:0:0:0` + not this.getInitializer().getLocation().getFile() = this.getFile() + } +} + +from EnumConstant exp, ImplicitlySpecifiedEnumConstant imp +where + not isExcluded(exp, Declarations7Package::valueImplicitEnumerationConstantNotUniqueQuery()) and + not isExcluded(imp, Declarations7Package::valueImplicitEnumerationConstantNotUniqueQuery()) and + not exp = imp and + imp.getValue() = exp.getValue() and + imp.getDeclaringEnum() = exp.getDeclaringEnum() and + //can technically be the same declared enum across multiple headers but those are not relevant to this rule + imp.getFile() = exp.getFile() +select imp, "Nonunique value of enum constant compared to $@", exp, exp.getName() diff --git a/c/misra/test/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.expected b/c/misra/test/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.expected new file mode 100644 index 0000000000..b0e9365975 --- /dev/null +++ b/c/misra/test/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.expected @@ -0,0 +1 @@ +| test.c:3:18:3:19 | c4 | Nonunique value of enum constant compared to $@ | test.c:3:22:3:23 | c5 | c5 | diff --git a/c/misra/test/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.qlref b/c/misra/test/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.qlref new file mode 100644 index 0000000000..e43c765d37 --- /dev/null +++ b/c/misra/test/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.qlref @@ -0,0 +1 @@ +rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-12/test.c b/c/misra/test/rules/RULE-8-12/test.c new file mode 100644 index 0000000000..c4875b0ba2 --- /dev/null +++ b/c/misra/test/rules/RULE-8-12/test.c @@ -0,0 +1,4 @@ +enum e {c = 3}; // COMPLIANT +enum e1 {c1 = 3, c2}; // COMPLIANT +enum e3 {c3 = 3, c4, c5 = 4}; // NON_COMPLIANT +enum e4 {c6 = 3, c7, c8, c9 = 6}; // COMPLIANT \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations7.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations7.qll new file mode 100644 index 0000000000..cbcd0b2550 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations7.qll @@ -0,0 +1,26 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype Declarations7Query = TValueImplicitEnumerationConstantNotUniqueQuery() + +predicate isDeclarations7QueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `valueImplicitEnumerationConstantNotUnique` query + Declarations7Package::valueImplicitEnumerationConstantNotUniqueQuery() and + queryId = + // `@id` for the `valueImplicitEnumerationConstantNotUnique` query + "c/misra/value-implicit-enumeration-constant-not-unique" and + ruleId = "RULE-8-12" and + category = "required" +} + +module Declarations7Package { + Query valueImplicitEnumerationConstantNotUniqueQuery() { + //autogenerate `Query` type + result = + // `Query` type for `valueImplicitEnumerationConstantNotUnique` query + TQueryC(TDeclarations7PackageQuery(TValueImplicitEnumerationConstantNotUniqueQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index d85b3e0407..fcc5e50f05 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -17,6 +17,7 @@ import Declarations1 import Declarations2 import Declarations3 import Declarations4 +import Declarations7 import Expressions import IO1 import IO2 @@ -57,6 +58,7 @@ newtype TCQuery = TDeclarations2PackageQuery(Declarations2Query q) or TDeclarations3PackageQuery(Declarations3Query q) or TDeclarations4PackageQuery(Declarations4Query q) or + TDeclarations7PackageQuery(Declarations7Query q) or TExpressionsPackageQuery(ExpressionsQuery q) or TIO1PackageQuery(IO1Query q) or TIO2PackageQuery(IO2Query q) or @@ -97,6 +99,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isDeclarations2QueryMetadata(query, queryId, ruleId, category) or isDeclarations3QueryMetadata(query, queryId, ruleId, category) or isDeclarations4QueryMetadata(query, queryId, ruleId, category) or + isDeclarations7QueryMetadata(query, queryId, ruleId, category) or isExpressionsQueryMetadata(query, queryId, ruleId, category) or isIO1QueryMetadata(query, queryId, ruleId, category) or isIO2QueryMetadata(query, queryId, ruleId, category) or diff --git a/rule_packages/c/Declarations7.json b/rule_packages/c/Declarations7.json new file mode 100644 index 0000000000..7629709cd5 --- /dev/null +++ b/rule_packages/c/Declarations7.json @@ -0,0 +1,24 @@ +{ + "MISRA-C-2012": { + "RULE-8-12": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Using an implicitly specified enumeration constant that is not unique (with respect to an explicitly specified constant) can lead to unexpected program behaviour.", + "kind": "problem", + "name": "Within an enumerator list, the value of an implicitly-specified enumeration constant shall be unique", + "precision": "very-high", + "severity": "error", + "short_name": "ValueImplicitEnumerationConstantNotUnique", + "tags": [ + "correctness", + "readability" + ] + } + ], + "title": "Within an enumerator list, the value of an implicitly-specified enumeration constant shall be unique" + } + } +} \ No newline at end of file diff --git a/rules.csv b/rules.csv index 1e299ae44c..5f4880955d 100644 --- a/rules.csv +++ b/rules.csv @@ -657,7 +657,7 @@ c,MISRA-C-2012,RULE-8-8,Yes,Required,,,The static storage class specifier shall c,MISRA-C-2012,RULE-8-9,Yes,Advisory,,,An object should be defined at block scope if its identifier only appears in a single function,M3-4-1,Declarations,Medium, c,MISRA-C-2012,RULE-8-10,Yes,Required,,,An inline function shall be declared with the static storage class,,Declarations,Medium, c,MISRA-C-2012,RULE-8-11,Yes,Advisory,,,"When an array with external linkage is declared, its size should be explicitly specified",,Declarations,Medium, -c,MISRA-C-2012,RULE-8-12,Yes,Required,,,"Within an enumerator list, the value of an implicitly-specified enumeration constant shall be unique",,Declarations,Medium, +c,MISRA-C-2012,RULE-8-12,Yes,Required,,,"Within an enumerator list, the value of an implicitly-specified enumeration constant shall be unique",,Declarations7,Medium, c,MISRA-C-2012,RULE-8-13,Yes,Advisory,,,A pointer should point to a const-qualified type whenever possible,,Pointers1,Medium, c,MISRA-C-2012,RULE-8-14,Yes,Required,,,The restrict type qualifier shall not be used,,Banned,Easy, c,MISRA-C-2012,RULE-9-1,Yes,Mandatory,,,The value of an object with automatic storage duration shall not be read before it has been set,,InvalidMemory,Medium, From 2c971a634bfa79dab0930e2433238dd7d56ace0d Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Mon, 16 Jan 2023 14:32:27 -0500 Subject: [PATCH 0258/2573] Declarations7: reformat testcase RULE-8-12 --- .../ValueImplicitEnumerationConstantNotUnique.expected | 2 +- c/misra/test/rules/RULE-8-12/test.c | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/c/misra/test/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.expected b/c/misra/test/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.expected index b0e9365975..55abb72b57 100644 --- a/c/misra/test/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.expected +++ b/c/misra/test/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.expected @@ -1 +1 @@ -| test.c:3:18:3:19 | c4 | Nonunique value of enum constant compared to $@ | test.c:3:22:3:23 | c5 | c5 | +| test.c:3:19:3:20 | c4 | Nonunique value of enum constant compared to $@ | test.c:3:23:3:24 | c5 | c5 | diff --git a/c/misra/test/rules/RULE-8-12/test.c b/c/misra/test/rules/RULE-8-12/test.c index c4875b0ba2..349bb7867c 100644 --- a/c/misra/test/rules/RULE-8-12/test.c +++ b/c/misra/test/rules/RULE-8-12/test.c @@ -1,4 +1,4 @@ -enum e {c = 3}; // COMPLIANT -enum e1 {c1 = 3, c2}; // COMPLIANT -enum e3 {c3 = 3, c4, c5 = 4}; // NON_COMPLIANT -enum e4 {c6 = 3, c7, c8, c9 = 6}; // COMPLIANT \ No newline at end of file +enum e { c = 3 }; // COMPLIANT +enum e1 { c1 = 3, c2 }; // COMPLIANT +enum e3 { c3 = 3, c4, c5 = 4 }; // NON_COMPLIANT +enum e4 { c6 = 3, c7, c8, c9 = 6 }; // COMPLIANT \ No newline at end of file From 0431c73369867089cfb202470082223d29f53726 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Mon, 16 Jan 2023 20:54:35 +0100 Subject: [PATCH 0259/2573] Resolve EXP32-C performance issue --- ...oNotAccessVolatileObjectWithNonVolatileReference.ql | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.ql b/c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.ql index 407561f532..1fece60f44 100644 --- a/c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.ql +++ b/c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.ql @@ -51,6 +51,13 @@ class CastFromVolatileToNonVolatileBaseType extends Cast, UndefinedVolatilePoint } } +/** + * Holds if `va` has a subsequent `VariableAccess` which is dereferenced after access + */ +predicate hasSubsequentDereference(VariableAccess va) { + dereferenced(va.getASuccessor+().(VariableAccess)) +} + /** * An `AssignExpr` with an *lvalue* that is a pointer to a volatile base type and * and *rvalue* that is not also a pointer to a volatile base type. @@ -67,8 +74,7 @@ class NonVolatileObjectAssignedToVolatilePointer extends AssignExpr, UndefinedVo // considerations that this simple forward traversal of the control-flow graph does not account for. exists(VariableAccess va | va = this.getRValue().getAChild*().(VariableAccess).getTarget().getAnAccess() and - this.getASuccessor+() = va and - dereferenced(va) + hasSubsequentDereference(va) ) } From 8633a30bbbb3092bb69270f7c2e757f93dc92d1f Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Mon, 16 Jan 2023 22:11:17 +0100 Subject: [PATCH 0260/2573] Update DoNotAccessVolatileObjectWithNonVolatileReference.ql --- ...ccessVolatileObjectWithNonVolatileReference.ql | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.ql b/c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.ql index 1fece60f44..47b94c5288 100644 --- a/c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.ql +++ b/c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.ql @@ -28,10 +28,10 @@ abstract class UndefinedVolatilePointerExpr extends Expr { /** * Gets the depth of a pointer's base type's volatile qualifier */ -int getAVolatileDepth(PointerType pt) { - pt.getBaseType().isVolatile() and result = 1 +int getAVolatileDepth(Type type) { + type.isVolatile() and result = 1 or - result = getAVolatileDepth(pt.getBaseType()) + 1 + result = getAVolatileDepth(type.(DerivedType).getBaseType()) + 1 } /** @@ -54,8 +54,9 @@ class CastFromVolatileToNonVolatileBaseType extends Cast, UndefinedVolatilePoint /** * Holds if `va` has a subsequent `VariableAccess` which is dereferenced after access */ +bindingset[va] predicate hasSubsequentDereference(VariableAccess va) { - dereferenced(va.getASuccessor+().(VariableAccess)) + dereferenced(pragma[only_bind_out](va).getASuccessor+()) } /** @@ -68,9 +69,9 @@ class NonVolatileObjectAssignedToVolatilePointer extends AssignExpr, UndefinedVo not i = getAVolatileDepth(this.getRValue().getType()) and i = getAVolatileDepth(this.getLValue().(VariableAccess).getTarget().getType()) ) and - // Checks for subsequent accesses to the underlying object via the original non-volatile - // pointer assigned to the volatile pointer. This heuristic can cause false-positives - // in certain instances which require more advanced reachability analysis, e.g. loops and scope + // Checks for subsequent accesses to the underlying object via the original non-volatile + // pointer assigned to the volatile pointer. This heuristic can cause false-positives + // in certain instances which require more advanced reachability analysis, e.g. loops and scope // considerations that this simple forward traversal of the control-flow graph does not account for. exists(VariableAccess va | va = this.getRValue().getAChild*().(VariableAccess).getTarget().getAnAccess() and From 712d76eb8b2e070661d2d1f7ec3436c869d38083 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 17 Jan 2023 11:28:35 -0500 Subject: [PATCH 0261/2573] Declarations7: add RULE-18-8 --- .../RULE-18-8/VariableLengthArrayTypesUsed.ql | 55 +++++++++++++++++++ .../VariableLengthArrayTypesUsed.expected | 6 ++ .../VariableLengthArrayTypesUsed.qlref | 1 + c/misra/test/rules/RULE-18-8/test.c | 15 +++++ .../cpp/exclusions/c/Declarations7.qll | 20 ++++++- rule_packages/c/Declarations7.json | 20 +++++++ rules.csv | 2 +- 7 files changed, 117 insertions(+), 2 deletions(-) create mode 100644 c/misra/src/rules/RULE-18-8/VariableLengthArrayTypesUsed.ql create mode 100644 c/misra/test/rules/RULE-18-8/VariableLengthArrayTypesUsed.expected create mode 100644 c/misra/test/rules/RULE-18-8/VariableLengthArrayTypesUsed.qlref create mode 100644 c/misra/test/rules/RULE-18-8/test.c diff --git a/c/misra/src/rules/RULE-18-8/VariableLengthArrayTypesUsed.ql b/c/misra/src/rules/RULE-18-8/VariableLengthArrayTypesUsed.ql new file mode 100644 index 0000000000..c1930ff70d --- /dev/null +++ b/c/misra/src/rules/RULE-18-8/VariableLengthArrayTypesUsed.ql @@ -0,0 +1,55 @@ +/** + * @id c/misra/variable-length-array-types-used + * @name RULE-18-8: Variable-length array types shall not be used + * @description Using a variable length array can lead to unexpected or undefined program behaviour. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-18-8 + * correctness + * readability + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +predicate partOfConstantExpr(MacroInvocation i) { + exists(Expr e | + e.isConstant() and + not i.getExpr() = e and + i.getExpr().getParent+() = e + ) +} + +/** + * A variable length array (VLA) + * ie an array where the size + * is not an integer constant expression + */ +class VariableLengthArray extends VariableDeclarationEntry { + VariableLengthArray() { + //VLAs will not have: static/extern specifiers (compilation error) + not this.hasSpecifier("static") and + not this.hasSpecifier("extern") and + //VLAs are not allowed to be initialized + not this.getDeclaration().hasInitializer() and + exists(ArrayType a | + //a.hasArraySize() does not catch multidimensional VLAs like a[1][] + a.toString().matches("%[]%") and + this.getUnspecifiedType() = a and + //variable length array is one declared in block or function prototype + ( + this.getDeclaration().getParentScope() instanceof Function or + this.getDeclaration().getParentScope() instanceof BlockStmt + ) + ) + } +} + +from VariableLengthArray v +where + not isExcluded(v, Declarations7Package::variableLengthArrayTypesUsedQuery()) and + //an exception, argv in : int main(int argc, char *argv[]) + not v.getDeclaration().getParentScope().(Function).hasName("main") +select v, "Variable length array declared." diff --git a/c/misra/test/rules/RULE-18-8/VariableLengthArrayTypesUsed.expected b/c/misra/test/rules/RULE-18-8/VariableLengthArrayTypesUsed.expected new file mode 100644 index 0000000000..24bf35a90d --- /dev/null +++ b/c/misra/test/rules/RULE-18-8/VariableLengthArrayTypesUsed.expected @@ -0,0 +1,6 @@ +WARNING: Unused predicate partOfConstantExpr (/Users/knewbury/Desktop/GITHUB/coding-standards/codeql-coding-standards/c/misra/src/rules/RULE-18-8/VariableLengthArrayTypesUsed.ql:17,11-29) +| test.c:3:19:3:20 | definition of pa | Variable length array declared. | +| test.c:6:7:6:8 | definition of a1 | Variable length array declared. | +| test.c:7:7:7:8 | definition of a2 | Variable length array declared. | +| test.c:8:7:8:8 | definition of a3 | Variable length array declared. | +| test.c:14:20:14:21 | definition of pa | Variable length array declared. | diff --git a/c/misra/test/rules/RULE-18-8/VariableLengthArrayTypesUsed.qlref b/c/misra/test/rules/RULE-18-8/VariableLengthArrayTypesUsed.qlref new file mode 100644 index 0000000000..9193742acd --- /dev/null +++ b/c/misra/test/rules/RULE-18-8/VariableLengthArrayTypesUsed.qlref @@ -0,0 +1 @@ +rules/RULE-18-8/VariableLengthArrayTypesUsed.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-18-8/test.c b/c/misra/test/rules/RULE-18-8/test.c new file mode 100644 index 0000000000..3a0a040f6d --- /dev/null +++ b/c/misra/test/rules/RULE-18-8/test.c @@ -0,0 +1,15 @@ +#define TEST 1 + +void f(int n, int pa[1][n]) { // NON_COMPLIANT + int a[1]; // COMPLIANT + int x = 1; + int a1[1 + x]; // NON_COMPLIANT - not integer constant expr + int a2[n]; // NON_COMPLIANT + int a3[1][n]; // NON_COMPLIANT + int a4[] = {1}; // COMPLIANT - not a VLA + int a5[TEST]; // COMPLIANT + int a6[1 + 1]; // COMPLIANT +} + +void f1(int n, int pa[n]) { // NON_COMPLIANT +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations7.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations7.qll index cbcd0b2550..62bd618396 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations7.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations7.qll @@ -3,9 +3,20 @@ import cpp import RuleMetadata import codingstandards.cpp.exclusions.RuleMetadata -newtype Declarations7Query = TValueImplicitEnumerationConstantNotUniqueQuery() +newtype Declarations7Query = + TVariableLengthArrayTypesUsedQuery() or + TValueImplicitEnumerationConstantNotUniqueQuery() predicate isDeclarations7QueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `variableLengthArrayTypesUsed` query + Declarations7Package::variableLengthArrayTypesUsedQuery() and + queryId = + // `@id` for the `variableLengthArrayTypesUsed` query + "c/misra/variable-length-array-types-used" and + ruleId = "RULE-18-8" and + category = "required" + or query = // `Query` instance for the `valueImplicitEnumerationConstantNotUnique` query Declarations7Package::valueImplicitEnumerationConstantNotUniqueQuery() and @@ -17,6 +28,13 @@ predicate isDeclarations7QueryMetadata(Query query, string queryId, string ruleI } module Declarations7Package { + Query variableLengthArrayTypesUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `variableLengthArrayTypesUsed` query + TQueryC(TDeclarations7PackageQuery(TVariableLengthArrayTypesUsedQuery())) + } + Query valueImplicitEnumerationConstantNotUniqueQuery() { //autogenerate `Query` type result = diff --git a/rule_packages/c/Declarations7.json b/rule_packages/c/Declarations7.json index 7629709cd5..c938366a62 100644 --- a/rule_packages/c/Declarations7.json +++ b/rule_packages/c/Declarations7.json @@ -1,5 +1,25 @@ { "MISRA-C-2012": { + "RULE-18-8": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Using a variable length array can lead to unexpected or undefined program behaviour.", + "kind": "problem", + "name": "Variable-length array types shall not be used", + "precision": "very-high", + "severity": "error", + "short_name": "VariableLengthArrayTypesUsed", + "tags": [ + "correctness", + "readability" + ] + } + ], + "title": "Variable-length array types shall not be used" + }, "RULE-8-12": { "properties": { "obligation": "required" diff --git a/rules.csv b/rules.csv index 5f4880955d..e4bb168cd8 100644 --- a/rules.csv +++ b/rules.csv @@ -726,7 +726,7 @@ c,MISRA-C-2012,RULE-18-4,Yes,Advisory,,,"The +, -, += and -= operators should no c,MISRA-C-2012,RULE-18-5,Yes,Advisory,,,Declarations should contain no more than two levels of pointer nesting,A5-0-3,Pointers1,Import, c,MISRA-C-2012,RULE-18-6,Yes,Required,,,The address of an object with automatic storage shall not be copied to another object that persists after the first object has ceased to exist,M7-5-2,Pointers1,Import, c,MISRA-C-2012,RULE-18-7,Yes,Required,,,Flexible array members shall not be declared,,Declarations,Medium, -c,MISRA-C-2012,RULE-18-8,Yes,Required,,,Variable-length array types shall not be used,,Declarations,Medium, +c,MISRA-C-2012,RULE-18-8,Yes,Required,,,Variable-length array types shall not be used,,Declarations7,Medium, c,MISRA-C-2012,RULE-19-1,Yes,Mandatory,,,An object shall not be assigned or copied to an overlapping object,M0-2-1,Contracts,Hard, c,MISRA-C-2012,RULE-19-2,Yes,Advisory,,,The union keyword should not be used,A9-5-1,Banned,Import, c,MISRA-C-2012,RULE-20-1,Yes,Advisory,,,#include directives should only be preceded by preprocessor directives or comments,M16-0-1,Preprocessor1,Import, From 2a1ac4012845463d413b599600bb7e8eaeb00f37 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 17 Jan 2023 12:34:18 -0500 Subject: [PATCH 0262/2573] Declarations7: fix unused leftover predicate RULE-18-8 --- .../src/rules/RULE-18-8/VariableLengthArrayTypesUsed.ql | 8 -------- 1 file changed, 8 deletions(-) diff --git a/c/misra/src/rules/RULE-18-8/VariableLengthArrayTypesUsed.ql b/c/misra/src/rules/RULE-18-8/VariableLengthArrayTypesUsed.ql index c1930ff70d..00d02cdc02 100644 --- a/c/misra/src/rules/RULE-18-8/VariableLengthArrayTypesUsed.ql +++ b/c/misra/src/rules/RULE-18-8/VariableLengthArrayTypesUsed.ql @@ -14,14 +14,6 @@ import cpp import codingstandards.c.misra -predicate partOfConstantExpr(MacroInvocation i) { - exists(Expr e | - e.isConstant() and - not i.getExpr() = e and - i.getExpr().getParent+() = e - ) -} - /** * A variable length array (VLA) * ie an array where the size From 10c3d662ebb2c61827285318bf687f061d7e43df Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Tue, 17 Jan 2023 14:27:53 -0500 Subject: [PATCH 0263/2573] wrk --- .../matrix_testing/CreateMatrixTestReport.ps1 | 25 ++++--------------- scripts/matrix_testing/NewDatabaseForRule.ps1 | 8 ++++-- 2 files changed, 11 insertions(+), 22 deletions(-) diff --git a/scripts/matrix_testing/CreateMatrixTestReport.ps1 b/scripts/matrix_testing/CreateMatrixTestReport.ps1 index 7789308b0b..3a15148066 100644 --- a/scripts/matrix_testing/CreateMatrixTestReport.ps1 +++ b/scripts/matrix_testing/CreateMatrixTestReport.ps1 @@ -297,8 +297,7 @@ $jobRows = $queriesToCheck | ForEach-Object -ThrottleLimit $NumThreads -Parallel "RULE" = $CurrentRuleName; "QUERY" = $CurrentQueryName; "COMPILE_PASS" = $false; - "EXTRACTOR_PASS" = $false; - "EXTRACTOR_ERRORS" = ""; + "COMPILE_ERROR_OUTPUT" = ""; "TEST_PASS" = $false ; "TEST_DIFFERENCE" = ""; } @@ -323,6 +322,7 @@ $jobRows = $queriesToCheck | ForEach-Object -ThrottleLimit $NumThreads -Parallel } catch { Write-Host -ForegroundColor ([ConsoleColor]4) "FAILED" + $row["COMPILE_ERROR_OUTPUT"] = $_ return $row # although it is unlikely to succeed with the next rule skipping to the next rule # ensures all of the rules will be reported in the @@ -330,25 +330,11 @@ $jobRows = $queriesToCheck | ForEach-Object -ThrottleLimit $NumThreads -Parallel } $row["COMPILE_PASS"] = $true - Write-Host "Validating extractor results..." -NoNewline - - try { - $diagnostics = Execute-QueryAndDecodeAsJson -DatabasePath $db -QueryPath $diagnostic_query - }catch { - Write-Host -ForegroundColor ([ConsoleColor]4) $_Exception.Message - return $row - } - - if ( $diagnostics.'#select'.tuples.Length -eq 0 ) { - $row["EXTRACTOR_PASS"] = $true - Write-Host -ForegroundColor ([ConsoleColor]2) "OK" - } else { - Write-Host -ForegroundColor ([ConsoleColor]4) "FAILED" - $row["EXTRACTOR_ERRORS"] = $diagnostics | ConvertTo-Json -Depth 100 - } - + Write-Host "Checking expected output..." + # Dragons below 🐉🐉🐉 + # # Note this technique uses so-called "wizard" settings to make it possible # to compare hand compiled databases using qltest. The relative paths and # other options are required to be set as below (especially the detail about @@ -388,7 +374,6 @@ $jobRows = $queriesToCheck | ForEach-Object -ThrottleLimit $NumThreads -Parallel Write-Host "Standard Out Buffered to: $stdOut" Write-Host "Standard Error Buffered to: $stdErr" - $procDetails = Start-Process -FilePath "codeql" -PassThru -NoNewWindow -Wait -ArgumentList "test run $qlRefFile --dataset=`"$datasetRelPath`"" -RedirectStandardOutput $stdOut -RedirectStandardError $stdErr if (-Not $procDetails.ExitCode -eq 0) { diff --git a/scripts/matrix_testing/NewDatabaseForRule.ps1 b/scripts/matrix_testing/NewDatabaseForRule.ps1 index 6dfd6fa86d..d771afc010 100644 --- a/scripts/matrix_testing/NewDatabaseForRule.ps1 +++ b/scripts/matrix_testing/NewDatabaseForRule.ps1 @@ -39,10 +39,14 @@ function New-Database-For-Rule { Write-Host "codeql database create -l cpp -s $RuleTestDir --command='$BUILD_COMMAND' $DB_PATH" - $procDetails = Start-Process -FilePath "codeql" -PassThru -NoNewWindow -Wait -ArgumentList "database create -l cpp -s $RuleTestDir --command=`"$BUILD_COMMAND`" $DB_PATH" + $stdOut = Join-Path ([System.IO.Path]::GetTempPath()) ([System.Guid]::NewGuid()) + + $procDetails = Start-Process -FilePath "codeql" -RedirectStandardOutput $stdOut -PassThru -NoNewWindow -Wait -ArgumentList "database create -l cpp -s $RuleTestDir --command=`"$BUILD_COMMAND`" $DB_PATH" + + Get-Content $stdOut | Out-String | Write-Host if (-Not $procDetails.ExitCode -eq 0) { - throw "Database creation failed." + throw Get-Content $stdOut | Out-String } return $DB_PATH From 3b9c51d5bedbd4f15faf668539997d1967d3190b Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 17 Jan 2023 15:05:10 -0500 Subject: [PATCH 0264/2573] Declarations5: fix shared query structure now always duplicating testcases even if same --- ...issingStaticSpecifierFunctionRedeclarationShared.expected | 1 + .../MissingStaticSpecifierFunctionRedeclarationShared.ql | 2 ++ .../missingstaticspecifierfunctionredeclarationshared/test.c | 5 +++++ .../MissingStaticSpecifierFunctionRedeclarationC.testref | 2 +- 4 files changed, 9 insertions(+), 1 deletion(-) create mode 100644 c/common/test/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.expected create mode 100644 c/common/test/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.ql create mode 100644 c/common/test/rules/missingstaticspecifierfunctionredeclarationshared/test.c diff --git a/c/common/test/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.expected b/c/common/test/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.expected new file mode 100644 index 0000000000..f6cde5d73b --- /dev/null +++ b/c/common/test/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.expected @@ -0,0 +1 @@ +| test.c:2:6:2:7 | definition of f1 | The redeclaration of $@ with internal linkage misses the static specifier. | test.c:1:13:1:14 | declaration of f1 | function | diff --git a/c/common/test/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.ql b/c/common/test/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.ql new file mode 100644 index 0000000000..50954b88bf --- /dev/null +++ b/c/common/test/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.missingstaticspecifierfunctionredeclarationshared.MissingStaticSpecifierFunctionRedeclarationShared diff --git a/c/common/test/rules/missingstaticspecifierfunctionredeclarationshared/test.c b/c/common/test/rules/missingstaticspecifierfunctionredeclarationshared/test.c new file mode 100644 index 0000000000..85e1aa467d --- /dev/null +++ b/c/common/test/rules/missingstaticspecifierfunctionredeclarationshared/test.c @@ -0,0 +1,5 @@ +static void f1(); +void f1() {} // NON_COMPLIANT + +static void f2(); +static void f2() {} // COMPLIANT \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-8/MissingStaticSpecifierFunctionRedeclarationC.testref b/c/misra/test/rules/RULE-8-8/MissingStaticSpecifierFunctionRedeclarationC.testref index 5b93ea365a..7d9f2ebc04 100644 --- a/c/misra/test/rules/RULE-8-8/MissingStaticSpecifierFunctionRedeclarationC.testref +++ b/c/misra/test/rules/RULE-8-8/MissingStaticSpecifierFunctionRedeclarationC.testref @@ -1 +1 @@ -cpp/common/test/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.ql \ No newline at end of file +c/common/test/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.ql \ No newline at end of file From c5741b485f598f0c5ea5beb41fb0ecf49f0b11e5 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 18 Jan 2023 10:55:55 -0500 Subject: [PATCH 0265/2573] Declarations6: add implementation note to RULE-5-9 --- rule_packages/c/Declarations6.json | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/rule_packages/c/Declarations6.json b/rule_packages/c/Declarations6.json index d25256cc03..166d0c568b 100644 --- a/rule_packages/c/Declarations6.json +++ b/rule_packages/c/Declarations6.json @@ -74,7 +74,10 @@ "tags": [ "maintainability", "readability" - ] + ], + "implementation_scope": { + "description": "This rule does not explicitly check for the exception of inline functions in header files across multiple translation units as the CodeQL database already represents these as the same entity." + } } ], "title": "Identifiers that define objects or functions with internal linkage should be unique" From 6cfa87b62b8e5a034be67ba2397106e3e96cb2d4 Mon Sep 17 00:00:00 2001 From: jsinglet Date: Wed, 18 Jan 2023 19:09:53 +0000 Subject: [PATCH 0266/2573] Version bump to 2.14.0-dev. --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- 15 files changed, 15 insertions(+), 15 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index 746f1c3d84..d3996114ef 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,4 +1,4 @@ name: cert-c-coding-standards -version: 2.13.0-dev +version: 2.14.0-dev suites: codeql-suites libraryPathDependencies: common-c-coding-standards \ No newline at end of file diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index 0bd9b78912..ab83cb6131 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,4 +1,4 @@ name: cert-c-coding-standards-tests -version: 2.13.0-dev +version: 2.14.0-dev libraryPathDependencies: cert-c-coding-standards extractor: cpp \ No newline at end of file diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 6ca9a439e0..f9f349f7d5 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,3 +1,3 @@ name: common-c-coding-standards -version: 2.13.0-dev +version: 2.14.0-dev libraryPathDependencies: common-cpp-coding-standards diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index d50e9ff946..40345cc193 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,4 +1,4 @@ name: common-c-coding-standards-tests -version: 2.13.0-dev +version: 2.14.0-dev libraryPathDependencies: common-c-coding-standards extractor: cpp diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 8397e6062b..38b8fb1ba4 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,4 +1,4 @@ name: misra-c-coding-standards -version: 2.13.0-dev +version: 2.14.0-dev suites: codeql-suites libraryPathDependencies: common-c-coding-standards diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index 1d997a60a3..d05f565aaf 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,4 +1,4 @@ name: misra-c-coding-standards-tests -version: 2.13.0-dev +version: 2.14.0-dev libraryPathDependencies: misra-c-coding-standards extractor: cpp \ No newline at end of file diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index c807587e7e..d1e432185c 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,4 +1,4 @@ name: autosar-cpp-coding-standards -version: 2.13.0-dev +version: 2.14.0-dev suites: codeql-suites libraryPathDependencies: common-cpp-coding-standards diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index 8e4ce61a25..08d5c1da18 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,4 +1,4 @@ name: autosar-cpp-coding-standards-tests -version: 2.13.0-dev +version: 2.14.0-dev libraryPathDependencies: autosar-cpp-coding-standards extractor: cpp diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index 43fc36ae8e..7fe743edac 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,4 +1,4 @@ name: cert-cpp-coding-standards -version: 2.13.0-dev +version: 2.14.0-dev suites: codeql-suites libraryPathDependencies: common-cpp-coding-standards diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index 3d68f359f7..e05b2d007d 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,4 +1,4 @@ name: cert-cpp-coding-standards-tests -version: 2.13.0-dev +version: 2.14.0-dev libraryPathDependencies: cert-cpp-coding-standards extractor: cpp diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index 2bf17bb4d1..dd101e5735 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,3 +1,3 @@ name: common-cpp-coding-standards -version: 2.13.0-dev +version: 2.14.0-dev libraryPathDependencies: codeql-cpp diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index 54337ac6b1..293573fd29 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,4 +1,4 @@ name: common-cpp-coding-standards-tests -version: 2.13.0-dev +version: 2.14.0-dev libraryPathDependencies: common-cpp-coding-standards extractor: cpp diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index 09e0ac17df..f09128b545 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,3 +1,3 @@ name: misra-cpp-coding-standards -version: 2.13.0-dev +version: 2.14.0-dev libraryPathDependencies: common-cpp-coding-standards diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index a01fec91ea..ecea50fee5 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,4 +1,4 @@ name: misra-cpp-coding-standards-tests -version: 2.13.0-dev +version: 2.14.0-dev libraryPathDependencies: misra-cpp-coding-standards extractor: cpp diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index cb0a7c048e..0311e33973 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,3 +1,3 @@ name: report-cpp-coding-standards -version: 2.13.0-dev +version: 2.14.0-dev libraryPathDependencies: codeql-cpp From 0d3088e828a204ae75772f166ab26e3da1a25ecd Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 23 Jan 2023 15:10:25 -0500 Subject: [PATCH 0267/2573] needs to be this way for cross platform reasons --- scripts/matrix_testing/CreateMatrixTestReport.ps1 | 8 ++++---- scripts/matrix_testing/CreateSummaryReport.ps1 | 2 +- scripts/matrix_testing/Get-CompilerArgs.ps1 | 2 +- scripts/matrix_testing/Get-CompilerExecutable.ps1 | 2 +- scripts/matrix_testing/NewDatabaseForRule.ps1 | 6 +++--- 5 files changed, 10 insertions(+), 10 deletions(-) diff --git a/scripts/matrix_testing/CreateMatrixTestReport.ps1 b/scripts/matrix_testing/CreateMatrixTestReport.ps1 index 3a15148066..0adf660e2f 100644 --- a/scripts/matrix_testing/CreateMatrixTestReport.ps1 +++ b/scripts/matrix_testing/CreateMatrixTestReport.ps1 @@ -208,11 +208,11 @@ param( $PackageName ) -Import-Module -Name "$PSScriptRoot\..\PSCodingStandards\CodingStandards" +Import-Module -Name "$PSScriptRoot/../PSCodingStandards/CodingStandards" -. "$PSScriptRoot\CreateSummaryReport.ps1" -. "$PSScriptRoot\Get-CompilerExecutable.ps1" -. "$PSScriptRoot\Config.ps1" +. "$PSScriptRoot/CreateSummaryReport.ps1" +. "$PSScriptRoot/Get-CompilerExecutable.ps1" +. "$PSScriptRoot/Config.ps1" $REPORT = @() $queriesToCheck = @() diff --git a/scripts/matrix_testing/CreateSummaryReport.ps1 b/scripts/matrix_testing/CreateSummaryReport.ps1 index 0106848f13..0aec3eb0d0 100644 --- a/scripts/matrix_testing/CreateSummaryReport.ps1 +++ b/scripts/matrix_testing/CreateSummaryReport.ps1 @@ -1,4 +1,4 @@ -. "$PSScriptRoot\Config.ps1" +. "$PSScriptRoot/Config.ps1" function Create-Summary-Report { param([Parameter(Mandatory)] [string] diff --git a/scripts/matrix_testing/Get-CompilerArgs.ps1 b/scripts/matrix_testing/Get-CompilerArgs.ps1 index 5ce7b52ab8..4bcf46899f 100644 --- a/scripts/matrix_testing/Get-CompilerArgs.ps1 +++ b/scripts/matrix_testing/Get-CompilerArgs.ps1 @@ -1,4 +1,4 @@ -. "$PSScriptRoot\Config.ps1" +. "$PSScriptRoot/Config.ps1" function Get-CompilerArgs { param([Parameter(Mandatory)] [string] diff --git a/scripts/matrix_testing/Get-CompilerExecutable.ps1 b/scripts/matrix_testing/Get-CompilerExecutable.ps1 index 9ca9bce889..45b83ea1fa 100644 --- a/scripts/matrix_testing/Get-CompilerExecutable.ps1 +++ b/scripts/matrix_testing/Get-CompilerExecutable.ps1 @@ -1,4 +1,4 @@ -. "$PSScriptRoot\Config.ps1" +. "$PSScriptRoot/Config.ps1" function Get-CompilerExecutable { param([Parameter(Mandatory)] [string] diff --git a/scripts/matrix_testing/NewDatabaseForRule.ps1 b/scripts/matrix_testing/NewDatabaseForRule.ps1 index d771afc010..7c067ce025 100644 --- a/scripts/matrix_testing/NewDatabaseForRule.ps1 +++ b/scripts/matrix_testing/NewDatabaseForRule.ps1 @@ -1,6 +1,6 @@ -. "$PSScriptRoot\Get-CompilerExecutable.ps1" -. "$PSScriptRoot\Get-CompilerArgs.ps1" -. "$PSScriptRoot\GetNewDBName.ps1" +. "$PSScriptRoot/Get-CompilerExecutable.ps1" +. "$PSScriptRoot/Get-CompilerArgs.ps1" +. "$PSScriptRoot/GetNewDBName.ps1" function New-Database-For-Rule { From 960799adfab45af47acdea5853631adf875e045b Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 23 Jan 2023 16:29:51 -0500 Subject: [PATCH 0268/2573] more backslashes --- scripts/PSCodingStandards/CodingStandards.psm1 | 2 +- scripts/PSCodingStandards/Get-Packages.ps1 | 2 +- scripts/PSCodingStandards/README.md | 4 ++-- scripts/matrix_testing/CompileFixTool.ps1 | 8 ++++---- scripts/matrix_testing/CreateMatrixTestReport.ps1 | 8 ++++---- 5 files changed, 12 insertions(+), 12 deletions(-) diff --git a/scripts/PSCodingStandards/CodingStandards.psm1 b/scripts/PSCodingStandards/CodingStandards.psm1 index 609b8ebf1f..bc1590ae9d 100644 --- a/scripts/PSCodingStandards/CodingStandards.psm1 +++ b/scripts/PSCodingStandards/CodingStandards.psm1 @@ -1,4 +1,4 @@ -$Functions = @( Get-ChildItem -Path $PSScriptRoot\*.ps1 -ErrorAction SilentlyContinue ) +$Functions = @( Get-ChildItem -Path $PSScriptRoot/*.ps1 -ErrorAction SilentlyContinue ) foreach($i in $Functions){ . $i.FullName diff --git a/scripts/PSCodingStandards/Get-Packages.ps1 b/scripts/PSCodingStandards/Get-Packages.ps1 index 980766b78d..db29206272 100644 --- a/scripts/PSCodingStandards/Get-Packages.ps1 +++ b/scripts/PSCodingStandards/Get-Packages.ps1 @@ -4,5 +4,5 @@ function Get-Packages { [string] $Language) - return Get-ChildItem (Join-Path (Get-RepositoryRoot) "\rule_packages\$Language\*.json") + return Get-ChildItem (Join-Path (Get-RepositoryRoot) "/rule_packages/$Language/*.json") } \ No newline at end of file diff --git a/scripts/PSCodingStandards/README.md b/scripts/PSCodingStandards/README.md index 633dd42ee0..954547f4f8 100644 --- a/scripts/PSCodingStandards/README.md +++ b/scripts/PSCodingStandards/README.md @@ -3,13 +3,13 @@ To use this on the command line, do: ``` -Import-Module -Name .\scripts\PSCodingStandards\CodingStandards +Import-Module -Name ./scripts/PSCodingStandards/CodingStandards ``` To use this in your scripts you can do: ``` -Import-Module -Name "$PSScriptRoot\..\PSCodingStandards\CodingStandards" +Import-Module -Name "$PSScriptRoot/../PSCodingStandards/CodingStandards" ``` # Summary of Available Commands diff --git a/scripts/matrix_testing/CompileFixTool.ps1 b/scripts/matrix_testing/CompileFixTool.ps1 index ed4db02840..46b93d9f2d 100755 --- a/scripts/matrix_testing/CompileFixTool.ps1 +++ b/scripts/matrix_testing/CompileFixTool.ps1 @@ -21,11 +21,11 @@ param( $Configuration ) -Import-Module -Name "$PSScriptRoot\..\PSCodingStandards\CodingStandards" +Import-Module -Name "$PSScriptRoot/../PSCodingStandards/CodingStandards" -. "$PSScriptRoot\NewDatabaseForRule.ps1" -. "$PSScriptRoot\Config.ps1" -. "$PSScriptRoot\Get-CompilerExecutable.ps1" +. "$PSScriptRoot/NewDatabaseForRule.ps1" +. "$PSScriptRoot/Config.ps1" +. "$PSScriptRoot/Get-CompilerExecutable.ps1" # # Verify All the Required CLI Tools are Installed diff --git a/scripts/matrix_testing/CreateMatrixTestReport.ps1 b/scripts/matrix_testing/CreateMatrixTestReport.ps1 index 0adf660e2f..1f06db37e4 100644 --- a/scripts/matrix_testing/CreateMatrixTestReport.ps1 +++ b/scripts/matrix_testing/CreateMatrixTestReport.ps1 @@ -278,11 +278,11 @@ Write-Host -ForegroundColor ([ConsoleColor]2) "OK" # $jobRows = $queriesToCheck | ForEach-Object -ThrottleLimit $NumThreads -Parallel { - Import-Module -Name "$using:PSScriptRoot\..\PSCodingStandards\CodingStandards" + Import-Module -Name "$using:PSScriptRoot/../PSCodingStandards/CodingStandards" - #. "$using:PSScriptRoot\GetTestDirectory.ps1" - . "$using:PSScriptRoot\NewDatabaseForRule.ps1" - . "$using:PSScriptRoot\ExecuteQueryAndDecodeAsJson.ps1" + #. "$using:PSScriptRoot/GetTestDirectory.ps1" + . "$using:PSScriptRoot/NewDatabaseForRule.ps1" + . "$using:PSScriptRoot/ExecuteQueryAndDecodeAsJson.ps1" $q = $_ From b7b7ea754883a8acedfb18288efab2a11c50fba6 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 24 Jan 2023 10:26:46 -0500 Subject: [PATCH 0269/2573] Declarations7: omit DCL36-C and add DCL39-C --- ...nformationLeakageAcrossTrustBoundariesC.md | 18 ++ ...nformationLeakageAcrossTrustBoundariesC.ql | 22 +++ ...ationLeakageAcrossTrustBoundariesC.testref | 1 + ...nformationLeakageAcrossBoundaries.expected | 18 ++ .../InformationLeakageAcrossBoundaries.ql | 2 + .../arrays.c | 62 +++++++ .../interprocedural.c | 107 +++++++++++ .../multilayer.c | 36 ++++ .../informationleakageacrossboundaries/test.c | 167 ++++++++++++++++++ ...InformationLeakageAcrossTrustBoundaries.ql | 12 +- ...ormationLeakageAcrossTrustBoundaries.qlref | 1 - ...mationLeakageAcrossTrustBoundaries.testref | 1 + .../cpp/exclusions/c/Declarations7.qll | 17 ++ .../InformationLeakageAcrossBoundaries.qll | 17 ++ ...icSpecifierFunctionRedeclarationShared.qll | 9 +- ...formationLeakageAcrossBoundaries.expected} | 0 .../InformationLeakageAcrossBoundaries.ql | 2 + ...ationLeakageAcrossTrustBoundaries.expected | 20 +++ .../arrays.cpp | 0 .../inheritance.cpp | 0 .../interprocedural.cpp | 0 .../multilayer.cpp | 0 .../test.cpp | 0 rule_packages/c/Declarations7.json | 22 +++ rule_packages/cpp/Uninitialized.json | 1 + rules.csv | 4 +- 26 files changed, 529 insertions(+), 10 deletions(-) create mode 100644 c/cert/src/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.md create mode 100644 c/cert/src/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.ql create mode 100644 c/cert/test/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.testref create mode 100644 c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.expected create mode 100644 c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql create mode 100644 c/common/test/rules/informationleakageacrossboundaries/arrays.c create mode 100644 c/common/test/rules/informationleakageacrossboundaries/interprocedural.c create mode 100644 c/common/test/rules/informationleakageacrossboundaries/multilayer.c create mode 100644 c/common/test/rules/informationleakageacrossboundaries/test.c delete mode 100644 cpp/cert/test/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries.qlref create mode 100644 cpp/cert/test/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries.testref create mode 100644 cpp/common/src/codingstandards/cpp/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.qll rename cpp/{cert/test/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries.expected => common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.expected} (100%) create mode 100644 cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql create mode 100644 cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossTrustBoundaries.expected rename cpp/{cert/test/rules/DCL55-CPP => common/test/rules/informationleakageacrossboundaries}/arrays.cpp (100%) rename cpp/{cert/test/rules/DCL55-CPP => common/test/rules/informationleakageacrossboundaries}/inheritance.cpp (100%) rename cpp/{cert/test/rules/DCL55-CPP => common/test/rules/informationleakageacrossboundaries}/interprocedural.cpp (100%) rename cpp/{cert/test/rules/DCL55-CPP => common/test/rules/informationleakageacrossboundaries}/multilayer.cpp (100%) rename cpp/{cert/test/rules/DCL55-CPP => common/test/rules/informationleakageacrossboundaries}/test.cpp (100%) diff --git a/c/cert/src/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.md b/c/cert/src/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.md new file mode 100644 index 0000000000..58cc3bd15b --- /dev/null +++ b/c/cert/src/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.md @@ -0,0 +1,18 @@ +# DCL39-C: Avoid information leakage when passing a structure across a trust boundary + +This query implements the CERT-C rule DCL39-C: + +> Avoid information leakage when passing a structure across a trust boundary + + +## CERT + +** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** + +## Implementation notes + +None + +## References + +* CERT-C: [DCL39-C: Avoid information leakage when passing a structure across a trust boundary](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.ql b/c/cert/src/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.ql new file mode 100644 index 0000000000..7a8a0e6d46 --- /dev/null +++ b/c/cert/src/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.ql @@ -0,0 +1,22 @@ +/** + * @id c/cert/information-leakage-across-trust-boundaries-c + * @name DCL39-C: Avoid information leakage when passing a structure across a trust boundary + * @description Passing a structure with uninitialized fields or padding bytes can cause information + * to be unintentionally leaked. + * @kind problem + * @precision medium + * @problem.severity error + * @tags external/cert/id/dcl39-c + * security + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import codingstandards.cpp.rules.informationleakageacrossboundaries.InformationLeakageAcrossBoundaries + +class InformationLeakageAcrossTrustBoundariesCQuery extends InformationLeakageAcrossBoundariesSharedQuery { + InformationLeakageAcrossTrustBoundariesCQuery() { + this = Declarations7Package::informationLeakageAcrossTrustBoundariesCQuery() + } +} diff --git a/c/cert/test/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.testref b/c/cert/test/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.testref new file mode 100644 index 0000000000..394150a10b --- /dev/null +++ b/c/cert/test/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.testref @@ -0,0 +1 @@ +c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql \ No newline at end of file diff --git a/c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.expected b/c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.expected new file mode 100644 index 0000000000..e4a9a1cee3 --- /dev/null +++ b/c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.expected @@ -0,0 +1,18 @@ +| arrays.c:11:20:11:21 | wa | 'wa' may leak information from {elements of a[...] (arrays.c:7)}. Path: wa (arrays.c:11) --> & ... (arrays.c:12) | +| arrays.c:33:22:33:23 | wa | 'wa' may leak information from {elements of elements of a[...][...] (arrays.c:29)}. Path: wa (arrays.c:33) --> & ... (arrays.c:34) | +| arrays.c:57:22:57:23 | wa | 'wa' may leak information from {WithPointer (arrays.c:52)}. Path: wa (arrays.c:57) --> & ... (arrays.c:59) | +| interprocedural.c:37:9:37:9 | p | 'p' may leak information from {y (interprocedural.c:8)}. Path: p (interprocedural.c:37) --> past assign_x (interprocedural.c:32) --> & ... (interprocedural.c:39) | +| interprocedural.c:104:9:104:9 | p | 'p' may leak information from {x (interprocedural.c:7), y (interprocedural.c:8)}. Path: p (interprocedural.c:104) --> overwrite_after_leak(...) (interprocedural.c:96) --> p (interprocedural.c:97) | +| multilayer.c:16:10:16:10 | s | 's' may leak information from {b (multilayer.c:12)}. Path: s (multilayer.c:16) --> & ... (multilayer.c:18) | +| multilayer.c:29:10:29:10 | s | 's' may leak information from {b (multilayer.c:12), x (multilayer.c:7)}. Path: s (multilayer.c:29) --> & ... (multilayer.c:30) | +| multilayer.c:34:8:34:8 | s | 's' may leak information from {struct (multilayer.c:6)}. Path: s (multilayer.c:34) --> & ... (multilayer.c:35) | +| test.c:12:12:12:12 | s | 's' may leak information from {y (test.c:8)}. Path: s (test.c:12) --> & ... (test.c:14) | +| test.c:18:12:18:12 | s | 's' may leak information from {x (test.c:7)}. Path: s (test.c:18) --> & ... (test.c:20) | +| test.c:24:12:24:12 | s | 's' may leak information from {x (test.c:7), y (test.c:8)}. Path: s (test.c:24) --> & ... (test.c:25) | +| test.c:36:12:36:12 | s | 's' may leak information from {y (test.c:8)}. Path: s (test.c:36) --> & ... (test.c:38) | +| test.c:43:12:43:12 | s | 's' may leak information from {x (test.c:7)}. Path: s (test.c:43) --> & ... (test.c:47) | +| test.c:58:12:58:12 | s | 's' may leak information from {x (test.c:7), y (test.c:8)}. Path: s (test.c:58) --> & ... (test.c:59) | +| test.c:64:12:64:12 | s | 's' may leak information from {y (test.c:8)}. Path: s (test.c:64) --> & ... (test.c:66) | +| test.c:112:16:112:16 | s | 's' may leak information from {buf (test.c:92)}. Path: s (test.c:112) --> & ... (test.c:115) | +| test.c:128:12:128:12 | s | 's' may leak information from {x (test.c:7), y (test.c:8)}. Path: s (test.c:128) --> & ... (test.c:132) | +| test.c:157:22:157:22 | s | 's' may leak information from {2 to 2 bytes of padding in has_padding (test.c:151)}. Path: s (test.c:157) --> & ... (test.c:160) | diff --git a/c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql b/c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql new file mode 100644 index 0000000000..4e603a2e36 --- /dev/null +++ b/c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.informationleakageacrossboundaries.InformationLeakageAcrossBoundaries diff --git a/c/common/test/rules/informationleakageacrossboundaries/arrays.c b/c/common/test/rules/informationleakageacrossboundaries/arrays.c new file mode 100644 index 0000000000..875af58934 --- /dev/null +++ b/c/common/test/rules/informationleakageacrossboundaries/arrays.c @@ -0,0 +1,62 @@ +#include +#include + +unsigned long copy_to_user(void *to, const void *from, unsigned long n); + +struct WithArray { + int a[2]; +}; + +void forget_array() { + struct WithArray wa; + copy_to_user(0, &wa, sizeof wa); // NON_COMPLIANT +} + +void write_partial_array() { + struct WithArray wa; + wa.a[0] = 1; + copy_to_user(0, &wa, sizeof wa); // NON_COMPLIANT[FALSE NEGATIVE] +} + +void write_full_array() { + struct WithArray wa; + wa.a[0] = 1; + wa.a[1] = 1; + copy_to_user(0, &wa, sizeof wa); // COMPLIANT +} + +struct WithArray2D { + int a[2][1]; +}; + +void forget_array2d() { + struct WithArray2D wa; + copy_to_user(0, &wa, sizeof wa); // NON_COMPLIANT +} + +void write_partial_array2d() { + struct WithArray2D wa; + wa.a[0][0] = 1; + copy_to_user(0, &wa, sizeof wa); // NON_COMPLIANT[FALSE NEGATIVE] +} + +void write_full_array2d() { + struct WithArray2D wa; + wa.a[0][0] = 1; + wa.a[1][0] = 1; + copy_to_user(0, &wa, sizeof wa); // COMPLIANT +} + +// A pointer field allows mostly the same syntactic operations as an array +// field, but the semantics are completely different. +struct WithPointer { + int *a; +}; + +void pointer_array_expression() { + struct WithPointer wa; + wa.a[0] = 1; + copy_to_user(0, &wa, sizeof wa); // NON_COMPLIANT +} + +// TODO: test a struct in an array \ No newline at end of file diff --git a/c/common/test/rules/informationleakageacrossboundaries/interprocedural.c b/c/common/test/rules/informationleakageacrossboundaries/interprocedural.c new file mode 100644 index 0000000000..e03d5fcc6e --- /dev/null +++ b/c/common/test/rules/informationleakageacrossboundaries/interprocedural.c @@ -0,0 +1,107 @@ +#include +#include + +unsigned long copy_to_user(void *to, const void *from, unsigned long n); + +typedef struct _point { + int x; + int y; +} point; + +void callee1(point *p) { + p->y = 1; + copy_to_user(0, p, sizeof(point)); // COMPLIANT +} + +void caller1() { + point p; + p.x = 1; + callee1(&p); +} + +void callee2(point *p) { + memset(p, 0, sizeof(point)); + copy_to_user(0, p, sizeof(point)); // COMPLIANT +} + +void caller2() { + point p; + callee2(&p); +} + +void assign_x(point *p, int value) { p->x = value; } + +void zero_y(point *p) { memset(&p->y, 0, sizeof(p->y)); } + +void call_to_overwrite_x() { + point p; + assign_x(&p, 1); + copy_to_user(0, &p, sizeof p); // NON_COMPLIANT +} + +void call_to_overwrite_both() { + point p; + assign_x(&p, 1); + zero_y(&p); + copy_to_user(0, &p, sizeof p); // COMPLIANT +} + +void zero_y_and_loop(point *p) { + int i; + memset(&p->y, 0, sizeof(p->y)); + for (i = 0; i < 10; i++) { + p->y++; + } +} + +void call_zero_y_and_loop() { + point p; + zero_y_and_loop(&p); + assign_x(&p, 1); + copy_to_user(0, &p, sizeof p); // COMPLIANT +} + +int zero_y_or_fail(point *p) { + if (p->x < 0) { + return 0; + } + p->y = 0; + return 1; +} + +void call_zero_y_or_fail(int i) { + point p; + p.x = i; + if (!zero_y_or_fail(&p)) { + return; + } + copy_to_user(0, &p, sizeof p); // COMPLIANT +} + +int zero_y_proxy(point *p) { + if (p->x) { + zero_y(p); + } else { + zero_y(p); + } +} + +void call_zero_y_proxy() { + point p; + zero_y_proxy(&p); + assign_x(&p, 1); + copy_to_user(0, &p, sizeof p); // COMPLIANT +} + +void overwrite_after_leak(point *p) { + copy_to_user(0, p, sizeof(*p)); // NON_COMPLIANT + + p->x = 0; + p->y = 0; +} + +void call_overwrite_after_leak(void) { + point p; + overwrite_after_leak(&p); + copy_to_user(0, &p, sizeof p); // COMPLIANT +} \ No newline at end of file diff --git a/c/common/test/rules/informationleakageacrossboundaries/multilayer.c b/c/common/test/rules/informationleakageacrossboundaries/multilayer.c new file mode 100644 index 0000000000..7fad75429f --- /dev/null +++ b/c/common/test/rules/informationleakageacrossboundaries/multilayer.c @@ -0,0 +1,36 @@ +#include +#include + +unsigned long copy_to_user(void *to, const void *from, unsigned long n); + +typedef struct { + int x; +} intx; + +typedef struct { + intx a; + intx b; +} intxab; + +void forget_y() { + intxab s; + s.a.x = 1; + copy_to_user(0, &s, sizeof s); // NON_COMPLIANT (y) +} + +void set_both() { + intxab s; + s.a.x = 1; + memset(&s.b, 0, sizeof s.b); + copy_to_user(0, &s, sizeof s); // COMPLIANT +} + +void set_none() { + intxab s; + copy_to_user(0, &s, sizeof s); // NON_COMPLIANT (both) +} + +void set_none_intx() { + intx s; + copy_to_user(0, &s, sizeof s); // NON_COMPLIANT (x) +} \ No newline at end of file diff --git a/c/common/test/rules/informationleakageacrossboundaries/test.c b/c/common/test/rules/informationleakageacrossboundaries/test.c new file mode 100644 index 0000000000..f17ca8fb87 --- /dev/null +++ b/c/common/test/rules/informationleakageacrossboundaries/test.c @@ -0,0 +1,167 @@ +#include +#include + +unsigned long copy_to_user(void *to, const void *from, unsigned long n); + +typedef struct { + int x; + int y; +} MyStruct; + +void forget_y() { + MyStruct s; + s.x = 1; + copy_to_user(0, &s, sizeof s); // NON_COMPLIANT (y) +} + +void forget_x() { + MyStruct s; + s.y = 1; + copy_to_user(0, &s, sizeof s); // NON_COMPLIANT (x) +} + +void forget_both() { + MyStruct s; + copy_to_user(0, &s, sizeof s); // NON_COMPLIANT (x, y) +} + +void init_both() { + MyStruct s; + s.x = 1; + s.y = 1; + copy_to_user(0, &s, sizeof s); // COMPLIANT +} + +void init_after() { + MyStruct s; + s.x = 1; + copy_to_user(0, &s, sizeof s); // NON_COMPLIANT + s.y = 1; +} + +void init_other() { + MyStruct s, t; + s.y = 1; + t.x = 1; + t.y = 1; + copy_to_user(0, &s, sizeof s); // NON_COMPLIANT (x) + copy_to_user(0, &t, sizeof t); // COMPLIANT +} + +void zero_memory() { + MyStruct s; + memset(&s, 0, sizeof s); + copy_to_user(0, &s, sizeof s); // COMPLIANT +} + +void zero_memory_after() { + MyStruct s; + copy_to_user(0, &s, sizeof s); // NON_COMPLIANT + memset(&s, 0, sizeof s); +} + +void zero_field() { + MyStruct s; + memset(&s.x, 0, sizeof s.x); + copy_to_user(0, &s, sizeof s); // NON_COMPLIANT (y) +} + +void overwrite_with_zeroed() { + MyStruct s, t; + memset(&t, 0, sizeof t); + s = t; + copy_to_user(0, &s, sizeof s); // COMPLIANT +} + +void overwrite_struct_with_uninit() { + MyStruct s, t; + s = t; + copy_to_user(0, &s, sizeof s); // NON_COMPLIANT[FALSE NEGATIVE] +} + +void overwrite_field_with_uninit() { + MyStruct s; + int x; + s.x = x; + s.y = 1; + copy_to_user(0, &s, sizeof s); // NON_COMPLIANT[FALSE NEGATIVE] +} + +typedef struct { + size_t length; + char buf[128]; +} PascalString; + +void zero_array() { + PascalString s; + memset(s.buf, 0, sizeof s.buf); + s.length = 0; + copy_to_user(0, &s, sizeof s); // COMPLIANT +} + +void zero_array_by_ref() { + PascalString s; + memset(&s.buf, 0, sizeof s.buf); + s.length = 0; + copy_to_user(0, &s, sizeof s); // COMPLIANT +} + +char *strcpy(char *dst, const char *src); + +void use_strcpy() { + PascalString s; + strcpy(s.buf, "Hello, World"); // does not zero rest of s.buf + s.length = strlen(s.buf); + copy_to_user(0, &s, sizeof s); // NON_COMPLIANT (buf) +} + +void *malloc(size_t size); + +void heap_memory() { + MyStruct *s; + s = (MyStruct *)malloc(sizeof(*s)); + s->x = 1; + copy_to_user(0, s, sizeof(*s)); // NON_COMPLIANT[FALSE NEGATIVE] +} + +void conditional_memset(int b) { + MyStruct s; + if (b) { + memset(&s, 0, sizeof s); + } + copy_to_user(0, &s, sizeof s); // NON_COMPLIANT +} + +void memset_field() { + MyStruct s; + memset(&s.x, 0, sizeof(s.x)); + s.y = 1; + copy_to_user(0, &s, sizeof s); // COMPLIANT +} + +const static int one = 1; +void zero_if_true() { + MyStruct s; + if (one) { + memset(&s, 0, sizeof s); + } + copy_to_user(0, &s, sizeof s); // COMPLIANT +} + +struct has_padding { + short s; + int i; +}; + +void forget_padding() { + struct has_padding s; + s.s = 1; + s.i = 1; + copy_to_user(0, &s, sizeof s); // NON_COMPLIANT +} + +void remember_padding() { + struct has_padding s; + memset(&s, 0, sizeof s); + copy_to_user(0, &s, sizeof s); // COMPLIANT +} \ No newline at end of file diff --git a/cpp/cert/src/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries.ql b/cpp/cert/src/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries.ql index 68b4ae5e3c..e3061a0314 100644 --- a/cpp/cert/src/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries.ql +++ b/cpp/cert/src/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries.ql @@ -13,10 +13,10 @@ import cpp import codingstandards.cpp.cert -import codingstandards.cpp.trustboundary.UninitializedField +import codingstandards.cpp.rules.informationleakageacrossboundaries.InformationLeakageAcrossBoundaries -from Element e, string alertMessage -where - not isExcluded(e, UninitializedPackage::informationLeakageAcrossTrustBoundariesQuery()) and - uninitializedFieldQuery(e, alertMessage) -select e, alertMessage +class InformationLeakageAcrossTrustBoundariesQuery extends InformationLeakageAcrossBoundariesSharedQuery { + InformationLeakageAcrossTrustBoundariesQuery() { + this = UninitializedPackage::informationLeakageAcrossTrustBoundariesQuery() + } +} diff --git a/cpp/cert/test/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries.qlref b/cpp/cert/test/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries.qlref deleted file mode 100644 index 7fd5774344..0000000000 --- a/cpp/cert/test/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries.ql \ No newline at end of file diff --git a/cpp/cert/test/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries.testref b/cpp/cert/test/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries.testref new file mode 100644 index 0000000000..44035e2ee4 --- /dev/null +++ b/cpp/cert/test/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries.testref @@ -0,0 +1 @@ +cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations7.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations7.qll index 62bd618396..facb651573 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations7.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations7.qll @@ -4,10 +4,20 @@ import RuleMetadata import codingstandards.cpp.exclusions.RuleMetadata newtype Declarations7Query = + TInformationLeakageAcrossTrustBoundariesCQuery() or TVariableLengthArrayTypesUsedQuery() or TValueImplicitEnumerationConstantNotUniqueQuery() predicate isDeclarations7QueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `informationLeakageAcrossTrustBoundariesC` query + Declarations7Package::informationLeakageAcrossTrustBoundariesCQuery() and + queryId = + // `@id` for the `informationLeakageAcrossTrustBoundariesC` query + "c/cert/information-leakage-across-trust-boundaries-c" and + ruleId = "DCL39-C" and + category = "rule" + or query = // `Query` instance for the `variableLengthArrayTypesUsed` query Declarations7Package::variableLengthArrayTypesUsedQuery() and @@ -28,6 +38,13 @@ predicate isDeclarations7QueryMetadata(Query query, string queryId, string ruleI } module Declarations7Package { + Query informationLeakageAcrossTrustBoundariesCQuery() { + //autogenerate `Query` type + result = + // `Query` type for `informationLeakageAcrossTrustBoundariesC` query + TQueryC(TDeclarations7PackageQuery(TInformationLeakageAcrossTrustBoundariesCQuery())) + } + Query variableLengthArrayTypesUsedQuery() { //autogenerate `Query` type result = diff --git a/cpp/common/src/codingstandards/cpp/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.qll b/cpp/common/src/codingstandards/cpp/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.qll new file mode 100644 index 0000000000..f33d5ac87c --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.qll @@ -0,0 +1,17 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import codingstandards.cpp.trustboundary.UninitializedField + +abstract class InformationLeakageAcrossBoundariesSharedQuery extends Query { } + +Query getQuery() { result instanceof InformationLeakageAcrossBoundariesSharedQuery } + +query predicate problems(Element e, string message) { + uninitializedFieldQuery(e, message) and + not isExcluded(e, getQuery()) +} diff --git a/cpp/common/src/codingstandards/cpp/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.qll b/cpp/common/src/codingstandards/cpp/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.qll index 43c1821e2e..60889ed86b 100644 --- a/cpp/common/src/codingstandards/cpp/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.qll @@ -21,5 +21,12 @@ query predicate problems( not redeclaration.hasSpecifier("static") and fde != redeclaration and message = "The redeclaration of $@ with internal linkage misses the static specifier." and - msgpiece = "function" + msgpiece = "function" + and + ( + fde.getFile().getAbsolutePath() < redeclaration.getFile().getAbsolutePath() + or + fde.getFile().getAbsolutePath() = redeclaration.getFile().getAbsolutePath() and + fde.getLocation().getStartLine() < redeclaration.getLocation().getStartLine() + ) } diff --git a/cpp/cert/test/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries.expected b/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.expected similarity index 100% rename from cpp/cert/test/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries.expected rename to cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.expected diff --git a/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql b/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql new file mode 100644 index 0000000000..4e603a2e36 --- /dev/null +++ b/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.informationleakageacrossboundaries.InformationLeakageAcrossBoundaries diff --git a/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossTrustBoundaries.expected b/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossTrustBoundaries.expected new file mode 100644 index 0000000000..4f703cff78 --- /dev/null +++ b/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossTrustBoundaries.expected @@ -0,0 +1,20 @@ +cpp/common/test/rules/informationleakageacrossboundaries/| arrays.cpp:11:20:11:21 | wa | 'wa' may leak information from {elements of a[...] (arrays.cpp:7)}. Path: wa (arrays.cpp:11) --> & ... (arrays.cpp:12) | +| arrays.cpp:33:22:33:23 | wa | 'wa' may leak information from {elements of elements of a[...][...] (arrays.cpp:29)}. Path: wa (arrays.cpp:33) --> & ... (arrays.cpp:34) | +| arrays.cpp:57:22:57:23 | wa | 'wa' may leak information from {WithPointer (arrays.cpp:52)}. Path: wa (arrays.cpp:57) --> & ... (arrays.cpp:59) | +| inheritance.cpp:19:14:19:14 | s | 's' may leak information from {i (inheritance.cpp:7)}. Path: s (inheritance.cpp:19) --> & ... (inheritance.cpp:21) | +| inheritance.cpp:32:14:32:14 | s | 's' may leak information from {0 to 4 bytes of padding in ptrDerived (inheritance.cpp:14)}. Path: s (inheritance.cpp:32) --> & ... (inheritance.cpp:35) | +| interprocedural.cpp:37:9:37:9 | p | 'p' may leak information from {y (interprocedural.cpp:8)}. Path: p (interprocedural.cpp:37) --> past assign_x (interprocedural.cpp:32) --> & ... (interprocedural.cpp:39) | +| interprocedural.cpp:104:9:104:9 | p | 'p' may leak information from {x (interprocedural.cpp:7), y (interprocedural.cpp:8)}. Path: p (interprocedural.cpp:104) --> overwrite_after_leak(...) (interprocedural.cpp:96) --> p (interprocedural.cpp:97) | +| multilayer.cpp:16:10:16:10 | s | 's' may leak information from {b (multilayer.cpp:12)}. Path: s (multilayer.cpp:16) --> & ... (multilayer.cpp:18) | +| multilayer.cpp:29:10:29:10 | s | 's' may leak information from {b (multilayer.cpp:12), x (multilayer.cpp:7)}. Path: s (multilayer.cpp:29) --> & ... (multilayer.cpp:30) | +| multilayer.cpp:34:8:34:8 | s | 's' may leak information from {intx (multilayer.cpp:6)}. Path: s (multilayer.cpp:34) --> & ... (multilayer.cpp:35) | +| test.cpp:12:12:12:12 | s | 's' may leak information from {y (test.cpp:8)}. Path: s (test.cpp:12) --> & ... (test.cpp:14) | +| test.cpp:18:12:18:12 | s | 's' may leak information from {x (test.cpp:7)}. Path: s (test.cpp:18) --> & ... (test.cpp:20) | +| test.cpp:24:12:24:12 | s | 's' may leak information from {x (test.cpp:7), y (test.cpp:8)}. Path: s (test.cpp:24) --> & ... (test.cpp:25) | +| test.cpp:36:12:36:12 | s | 's' may leak information from {y (test.cpp:8)}. Path: s (test.cpp:36) --> & ... (test.cpp:38) | +| test.cpp:43:12:43:12 | s | 's' may leak information from {x (test.cpp:7)}. Path: s (test.cpp:43) --> & ... (test.cpp:47) | +| test.cpp:58:12:58:12 | s | 's' may leak information from {x (test.cpp:7), y (test.cpp:8)}. Path: s (test.cpp:58) --> & ... (test.cpp:59) | +| test.cpp:64:12:64:12 | s | 's' may leak information from {y (test.cpp:8)}. Path: s (test.cpp:64) --> & ... (test.cpp:66) | +| test.cpp:112:16:112:16 | s | 's' may leak information from {buf (test.cpp:92)}. Path: s (test.cpp:112) --> & ... (test.cpp:115) | +| test.cpp:128:12:128:12 | s | 's' may leak information from {x (test.cpp:7), y (test.cpp:8)}. Path: s (test.cpp:128) --> & ... (test.cpp:132) | +| test.cpp:157:22:157:22 | s | 's' may leak information from {2 to 2 bytes of padding in has_padding (test.cpp:151)}. Path: s (test.cpp:157) --> & ... (test.cpp:160) | diff --git a/cpp/cert/test/rules/DCL55-CPP/arrays.cpp b/cpp/common/test/rules/informationleakageacrossboundaries/arrays.cpp similarity index 100% rename from cpp/cert/test/rules/DCL55-CPP/arrays.cpp rename to cpp/common/test/rules/informationleakageacrossboundaries/arrays.cpp diff --git a/cpp/cert/test/rules/DCL55-CPP/inheritance.cpp b/cpp/common/test/rules/informationleakageacrossboundaries/inheritance.cpp similarity index 100% rename from cpp/cert/test/rules/DCL55-CPP/inheritance.cpp rename to cpp/common/test/rules/informationleakageacrossboundaries/inheritance.cpp diff --git a/cpp/cert/test/rules/DCL55-CPP/interprocedural.cpp b/cpp/common/test/rules/informationleakageacrossboundaries/interprocedural.cpp similarity index 100% rename from cpp/cert/test/rules/DCL55-CPP/interprocedural.cpp rename to cpp/common/test/rules/informationleakageacrossboundaries/interprocedural.cpp diff --git a/cpp/cert/test/rules/DCL55-CPP/multilayer.cpp b/cpp/common/test/rules/informationleakageacrossboundaries/multilayer.cpp similarity index 100% rename from cpp/cert/test/rules/DCL55-CPP/multilayer.cpp rename to cpp/common/test/rules/informationleakageacrossboundaries/multilayer.cpp diff --git a/cpp/cert/test/rules/DCL55-CPP/test.cpp b/cpp/common/test/rules/informationleakageacrossboundaries/test.cpp similarity index 100% rename from cpp/cert/test/rules/DCL55-CPP/test.cpp rename to cpp/common/test/rules/informationleakageacrossboundaries/test.cpp diff --git a/rule_packages/c/Declarations7.json b/rule_packages/c/Declarations7.json index c938366a62..d02db1e68a 100644 --- a/rule_packages/c/Declarations7.json +++ b/rule_packages/c/Declarations7.json @@ -1,4 +1,26 @@ { + "CERT-C": { + "DCL39-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Passing a structure with uninitialized fields or padding bytes can cause information to be unintentionally leaked.", + "kind": "problem", + "name": "Avoid information leakage when passing a structure across a trust boundary", + "precision": "medium", + "severity": "error", + "short_name": "InformationLeakageAcrossTrustBoundariesC", + "shared_implementation_short_name": "InformationLeakageAcrossBoundaries", + "tags": [ + "security" + ] + } + ], + "title": "Avoid information leakage when passing a structure across a trust boundary" + } + }, "MISRA-C-2012": { "RULE-18-8": { "properties": { diff --git a/rule_packages/cpp/Uninitialized.json b/rule_packages/cpp/Uninitialized.json index 86a5b97115..03b5de5d3b 100644 --- a/rule_packages/cpp/Uninitialized.json +++ b/rule_packages/cpp/Uninitialized.json @@ -39,6 +39,7 @@ "precision": "medium", "severity": "error", "short_name": "InformationLeakageAcrossTrustBoundaries", + "shared_implementation_short_name": "InformationLeakageAcrossBoundaries", "tags": [ "security" ] diff --git a/rules.csv b/rules.csv index 94befb29ae..15625c5fba 100644 --- a/rules.csv +++ b/rules.csv @@ -500,10 +500,10 @@ c,CERT-C,CON41-C,Yes,Rule,,,Wrap functions that can fail spuriously in a loop,CO c,CERT-C,CON43-C,OutOfScope,Rule,,,Do not allow data races in multithreaded code,,,, c,CERT-C,DCL30-C,Yes,Rule,,,Declare objects with appropriate storage durations,,Declarations,Hard, c,CERT-C,DCL31-C,Yes,Rule,,,Declare identifiers before using them,,Declarations1,Medium, -c,CERT-C,DCL36-C,Yes,Rule,,,Do not declare an identifier with conflicting linkage classifications,,Declarations,Medium, +c,CERT-C,DCL36-C,No,Rule,,,Do not declare an identifier with conflicting linkage classifications,,,, c,CERT-C,DCL37-C,Yes,Rule,,,Do not declare or define a reserved identifier,,Declarations1,Easy, c,CERT-C,DCL38-C,Yes,Rule,,,Use the correct syntax when declaring a flexible array member,,Declarations2,Easy, -c,CERT-C,DCL39-C,Yes,Rule,,,Avoid information leakage when passing a structure across a trust boundary,,Declarations,Hard, +c,CERT-C,DCL39-C,Yes,Rule,,,Avoid information leakage when passing a structure across a trust boundary,,Declarations7,Hard, c,CERT-C,DCL40-C,Yes,Rule,,,Do not create incompatible declarations of the same function or object,,Declarations2,Hard, c,CERT-C,DCL41-C,Yes,Rule,,,Do not declare variables inside a switch statement before the first case label,,Declarations2,Medium, c,CERT-C,ENV30-C,Yes,Rule,,,Do not modify the object referenced by the return value of certain functions,RULE-21-19,Contracts1,Medium, From 1fc8306944c4e57395057d6b4bb5c8ff4a4217a3 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 24 Jan 2023 10:33:52 -0500 Subject: [PATCH 0270/2573] Declarations7: add missing help file DCL39-C --- ...nformationLeakageAcrossTrustBoundariesC.md | 279 +++++++++++++++++- 1 file changed, 277 insertions(+), 2 deletions(-) diff --git a/c/cert/src/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.md b/c/cert/src/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.md index 58cc3bd15b..74a1d8d3be 100644 --- a/c/cert/src/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.md +++ b/c/cert/src/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.md @@ -5,9 +5,284 @@ This query implements the CERT-C rule DCL39-C: > Avoid information leakage when passing a structure across a trust boundary -## CERT -** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** +## Description + +The C Standard, 6.7.2.1, discusses the layout of structure fields. It specifies that non-bit-field members are aligned in an [implementation-defined](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation-definedbehavior) manner and that there may be padding within or at the end of a structure. Furthermore, initializing the members of the structure does not guarantee initialization of the padding bytes. The C Standard, 6.2.6.1, paragraph 6 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\], states + +> When a value is stored in an object of structure or union type, including in a member object, the bytes of the object representation that correspond to any padding bytes take unspecified values. + + +Additionally, the storage units in which a bit-field resides may also have padding bits. For an object with automatic storage duration, these padding bits do not take on specific values and can contribute to leaking sensitive information. + +When passing a pointer to a structure across a trust boundary to a different trusted domain, the programmer must ensure that the padding bytes and bit-field storage unit padding bits of such a structure do not contain sensitive information. + +## Noncompliant Code Example + +This noncompliant code example runs in kernel space and copies data from `arg` to user space. However, padding bytes may be used within the structure, for example, to ensure the proper alignment of the structure members. These padding bytes may contain sensitive information, which may then be leaked when the data is copied to user space. + +```cpp +#include + +struct test { + int a; + char b; + int c; +}; + +/* Safely copy bytes to user space */ +extern int copy_to_user(void *dest, void *src, size_t size); + +void do_stuff(void *usr_buf) { + struct test arg = {.a = 1, .b = 2, .c = 3}; + copy_to_user(usr_buf, &arg, sizeof(arg)); +} + +``` + +## Noncompliant Code Example (memset()) + +The padding bytes can be explicitly initialized by calling `memset()`: + +```cpp +#include + +struct test { + int a; + char b; + int c; +}; + +/* Safely copy bytes to user space */ +extern int copy_to_user(void *dest, void *src, size_t size); + +void do_stuff(void *usr_buf) { + struct test arg; + + /* Set all bytes (including padding bytes) to zero */ + memset(&arg, 0, sizeof(arg)); + + arg.a = 1; + arg.b = 2; + arg.c = 3; + + copy_to_user(usr_buf, &arg, sizeof(arg)); +} + +``` +However, a conforming compiler is free to implement `arg.b = 2` by setting the low-order bits of a register to 2, leaving the high-order bits unchanged and containing sensitive information. Then the platform copies all register bits into memory, leaving sensitive information in the padding bits. Consequently, this implementation could leak the high-order bits from the register to a user. + +## Compliant Solution + +This compliant solution serializes the structure data before copying it to an untrusted context: + +```cpp +#include +#include + +struct test { + int a; + char b; + int c; +}; + +/* Safely copy bytes to user space */ +extern int copy_to_user(void *dest, void *src, size_t size); + +void do_stuff(void *usr_buf) { + struct test arg = {.a = 1, .b = 2, .c = 3}; + /* May be larger than strictly needed */ + unsigned char buf[sizeof(arg)]; + size_t offset = 0; + + memcpy(buf + offset, &arg.a, sizeof(arg.a)); + offset += sizeof(arg.a); + memcpy(buf + offset, &arg.b, sizeof(arg.b)); + offset += sizeof(arg.b); + memcpy(buf + offset, &arg.c, sizeof(arg.c)); + offset += sizeof(arg.c); + /* Set all remaining bytes to zero */ + memset(buf + offset, 0, sizeof(arg) - offset); + + copy_to_user(usr_buf, buf, offset /* size of info copied */); +} +``` +This code ensures that no uninitialized padding bytes are copied to unprivileged users. **Important:** The structure copied to user space is now a packed structure and the `copy_to_user()` function (or other eventual user) would need to unpack it to recreate the original padded structure. + +## Compliant Solution (Padding Bytes) + +Padding bytes can be explicitly declared as fields within the structure. This solution is not portable, however, because it depends on the [implementation](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation) and target memory architecture. The following solution is specific to the x86-32 architecture: + +```cpp +#include +#include + +struct test { + int a; + char b; + char padding_1, padding_2, padding_3; + int c; +}; + +/* Safely copy bytes to user space */ +extern int copy_to_user(void *dest, void *src, size_t size); + +void do_stuff(void *usr_buf) { + /* Ensure c is the next byte after the last padding byte */ + static_assert(offsetof(struct test, c) == + offsetof(struct test, padding_3) + 1, + "Structure contains intermediate padding"); + /* Ensure there is no trailing padding */ + static_assert(sizeof(struct test) == + offsetof(struct test, c) + sizeof(int), + "Structure contains trailing padding"); + struct test arg = {.a = 1, .b = 2, .c = 3}; + arg.padding_1 = 0; + arg.padding_2 = 0; + arg.padding_3 = 0; + copy_to_user(usr_buf, &arg, sizeof(arg)); +} + +``` +The C Standard `static_assert()` macro accepts a constant expression and an [error message](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-error). The expression is evaluated at compile time and, if false, the compilation is terminated and the error message is output. (See [DCL03-C. Use a static assertion to test the value of a constant expression](https://wiki.sei.cmu.edu/confluence/display/c/DCL03-C.+Use+a+static+assertion+to+test+the+value+of+a+constant+expression) for more details.) The explicit insertion of the padding bytes into the `struct` should ensure that no additional padding bytes are added by the compiler and consequently both static assertions should be true. However, it is necessary to validate these assumptions to ensure that the solution is correct for a particular implementation. + +## Compliant Solution (Structure Packing—GCC) + +GCC allows specifying declaration attributes using the keyword `__attribute__((__packed__))`. When this attribute is present, the compiler will not add padding bytes for memory alignment unless an explicit alignment specifier for a structure member requires the introduction of padding bytes. + +```cpp +#include + +struct test { + int a; + char b; + int c; +} __attribute__((__packed__)); + +/* Safely copy bytes to user space */ +extern int copy_to_user(void *dest, void *src, size_t size); + +void do_stuff(void *usr_buf) { + struct test arg = {.a = 1, .b = 2, .c = 3}; + copy_to_user(usr_buf, &arg, sizeof(arg)); +} + +``` + +## Compliant Solution (Structure Packing—Microsoft Visual Studio) + +Microsoft Visual Studio supports `#pragma pack()` to suppress padding bytes \[[MSDN](http://msdn.microsoft.com/en-us/library/2e70t5y1(v=vs.110).aspx)\]. The compiler adds padding bytes for memory alignment, depending on the current packing mode, but still honors the alignment specified by `__declspec(align())`. In this compliant solution, the packing mode is set to 1 in an attempt to ensure all fields are given adjacent offsets: + +```cpp +#include + +#pragma pack(push, 1) /* 1 byte */ +struct test { + int a; + char b; + int c; +}; +#pragma pack(pop) + +/* Safely copy bytes to user space */ +extern int copy_to_user(void *dest, void *src, size_t size); + +void do_stuff(void *usr_buf) { + struct test arg = {1, 2, 3}; + copy_to_user(usr_buf, &arg, sizeof(arg)); +} + +``` +The `pack` pragma takes effect at the first `struct` declaration after the pragma is seen. + +## Noncompliant Code Example + +This noncompliant code example also runs in kernel space and copies data from `struct test` to user space. However, padding bits will be used within the structure due to the bit-field member lengths not adding up to the number of bits in an `unsigned` object. Further, there is an unnamed bit-field that causes no further bit-fields to be packed into the same storage unit. These padding bits may contain sensitive information, which may then be leaked when the data is copied to user space. For instance, the uninitialized bits may contain a sensitive kernel space pointer value that can be trivially reconstructed by an attacker in user space. + +```cpp +#include + +struct test { + unsigned a : 1; + unsigned : 0; + unsigned b : 4; +}; + +/* Safely copy bytes to user space */ +extern int copy_to_user(void *dest, void *src, size_t size); + +void do_stuff(void *usr_buf) { + struct test arg = { .a = 1, .b = 10 }; + copy_to_user(usr_buf, &arg, sizeof(arg)); +} +``` + +## Compliant Solution + +Padding bits can be explicitly declared, allowing the programmer to specify the value of those bits. When explicitly declaring all of the padding bits, any unnamed bit-fields of length `0` must be removed from the structure because the explicit padding bits ensure that no further bit-fields will be packed into the same storage unit. + +```cpp +#include +#include +#include + +struct test { + unsigned a : 1; + unsigned padding1 : sizeof(unsigned) * CHAR_BIT - 1; + unsigned b : 4; + unsigned padding2 : sizeof(unsigned) * CHAR_BIT - 4; +}; +/* Ensure that we have added the correct number of padding bits. */ +static_assert(sizeof(struct test) == sizeof(unsigned) * 2, + "Incorrect number of padding bits for type: unsigned"); + +/* Safely copy bytes to user space */ +extern int copy_to_user(void *dest, void *src, size_t size); + +void do_stuff(void *usr_buf) { + struct test arg = { .a = 1, .padding1 = 0, .b = 10, .padding2 = 0 }; + copy_to_user(usr_buf, &arg, sizeof(arg)); +} +``` +This solution is not portable, however, because it depends on the [implementation](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation) and target memory architecture. The explicit insertion of padding bits into the `struct` should ensure that no additional padding bits are added by the compiler. However, it is still necessary to validate these assumptions to ensure that the solution is correct for a particular implementation. For instance, the DEC Alpha is an example of a 64-bit architecture with 32-bit integers that allocates 64 bits to a storage unit. + +In addition, this solution assumes that there are no integer padding bits in an `unsigned int`. The portable version of the width calculation from [INT35-C. Use correct integer precisions](https://wiki.sei.cmu.edu/confluence/display/c/INT35-C.+Use+correct+integer+precisions) cannot be used because the bit-field width must be an integer constant expression. + +From this situation, it can be seen that special care must be taken because no solution to the bit-field padding issue will be 100% portable. + +Risk Assessment + +Padding units might contain sensitive data because the C Standard allows any padding to take [unspecified values](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-unspecifiedvalue). A pointer to such a structure could be passed to other functions, causing information leakage. + +
Rule Severity Likelihood Remediation Cost Priority Level
DCL39-C Low Unlikely High P1 L3
+ + +## Automated Detection + +
Tool Version Checker Description
Astrée 22.04 function-argument-with-padding Partially checked
Axivion Bauhaus Suite 7.2.0 CertC-DCL39 Detects composite structures with padding, in particular those passed to trust boundary routines.
CodeSonar 7.2p0 MISC.PADDING.POTB Padding Passed Across a Trust Boundary
Helix QAC 2022.4 DF4941, DF4942, DF4943
Klocwork 2022.4 PORTING.STORAGE.STRUCT
Parasoft C/C++test 2022.2 CERT_C-DCL39-a A pointer to a structure should not be passed to a function that can copy data to the user space
Polyspace Bug Finder R2022b CERT C: Rule DCL39-C Checks for information leak via structure padding
PRQA QA-C 9.7 4941, 4942, 4943
PRQA QA-C++ 4.4 4941, 4942, 4943
RuleChecker 22.04 function-argument-with-padding Partially checked
+ + +## Related Vulnerabilities + +Numerous vulnerabilities in the Linux Kernel have resulted from violations of this rule. [CVE-2010-4083](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4083) describes a [vulnerability](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) in which the `semctl()` system call allows unprivileged users to read uninitialized kernel stack memory because various fields of a `semid_ds struct` declared on the stack are not altered or zeroed before being copied back to the user. + +[CVE-2010-3881](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3881) describes a vulnerability in which structure padding and reserved fields in certain data structures in `QEMU-KVM` were not initialized properly before being copied to user space. A privileged host user with access to `/dev/kvm` could use this [flaw](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-securityflaw) to leak kernel stack memory to user space. + +[CVE-2010-3477](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3477) describes a kernel information leak in `act_police` where incorrectly initialized structures in the traffic-control dump code may allow the disclosure of kernel memory to user space applications. + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+DCL39-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
Taxonomy Taxonomy item Relationship
CERT C Secure Coding Standard DCL03-C. Use a static assertion to test the value of a constant expression Prior to 2018-01-12: CERT: Unspecified Relationship
+ + +## Bibliography + +
\[ ISO/IEC 9899:2011 \] 6.2.6.1, "General" 6.7.2.1, "Structure and Union Specifiers"
\[ Graff 2003 \]
\[ Sun 1993 \]
+ ## Implementation notes From ea3fb53161aadb90fef7545eac5e334a85483fd6 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 24 Jan 2023 10:39:03 -0500 Subject: [PATCH 0271/2573] Declarations7: fix format help file DCL39-C --- .../rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.md | 1 - 1 file changed, 1 deletion(-) diff --git a/c/cert/src/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.md b/c/cert/src/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.md index 74a1d8d3be..978b6d85d7 100644 --- a/c/cert/src/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.md +++ b/c/cert/src/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.md @@ -5,7 +5,6 @@ This query implements the CERT-C rule DCL39-C: > Avoid information leakage when passing a structure across a trust boundary - ## Description The C Standard, 6.7.2.1, discusses the layout of structure fields. It specifies that non-bit-field members are aligned in an [implementation-defined](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation-definedbehavior) manner and that there may be padding within or at the end of a structure. Furthermore, initializing the members of the structure does not guarantee initialization of the padding bytes. The C Standard, 6.2.6.1, paragraph 6 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\], states From 8b1b21dc3cca22edd4a27549af765eb4a9b54fca Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Tue, 24 Jan 2023 14:48:09 -0500 Subject: [PATCH 0272/2573] adding matrix check --- .github/workflows/dispatch-matrix-check.yml | 36 +++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 .github/workflows/dispatch-matrix-check.yml diff --git a/.github/workflows/dispatch-matrix-check.yml b/.github/workflows/dispatch-matrix-check.yml new file mode 100644 index 0000000000..524af320a1 --- /dev/null +++ b/.github/workflows/dispatch-matrix-check.yml @@ -0,0 +1,36 @@ +name: 🤖 Run Matrix Check + +on: + push: + branches: + - main + - "rc/**" + - next + pull_request: + branches: + - "**" + workflow_dispatch: + +jobs: + example: + runs-on: ubuntu-latest + steps: + + - name: Dispatch Matrix Testing Job + uses: peter-evans/repository-dispatch@v2 + with: + token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} + repository: github/codeql-coding-standards-release-engineering + event-type: matrix-test + client-payload: '{"pr": "${{ github.event.number }}"' + + + - uses: actions/github-script@v6 + with: + script: | + github.rest.issues.createComment({ + issue_number: context.issue.number, + owner: context.repo.owner, + repo: context.repo.repo, + body: '🤖 Bip Boop! Matrix Testing for this PR has been initiated. Please check back later for results.' + }) \ No newline at end of file From 2a0dbaac0c28a06fd0485c8ee82614142f4f5d68 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Tue, 24 Jan 2023 14:49:20 -0500 Subject: [PATCH 0273/2573] fix --- .github/workflows/dispatch-matrix-check.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dispatch-matrix-check.yml b/.github/workflows/dispatch-matrix-check.yml index 524af320a1..c03261f68e 100644 --- a/.github/workflows/dispatch-matrix-check.yml +++ b/.github/workflows/dispatch-matrix-check.yml @@ -22,7 +22,7 @@ jobs: token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} repository: github/codeql-coding-standards-release-engineering event-type: matrix-test - client-payload: '{"pr": "${{ github.event.number }}"' + client-payload: '{"pr": "${{ github.event.number }}"}' - uses: actions/github-script@v6 From f479bda7ecc3af4b3c0b70ddcf90e2c86da2fe19 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Tue, 24 Jan 2023 14:53:09 -0500 Subject: [PATCH 0274/2573] bot work --- .github/workflows/dispatch-matrix-check.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/dispatch-matrix-check.yml b/.github/workflows/dispatch-matrix-check.yml index c03261f68e..1c6233ad7d 100644 --- a/.github/workflows/dispatch-matrix-check.yml +++ b/.github/workflows/dispatch-matrix-check.yml @@ -12,7 +12,7 @@ on: workflow_dispatch: jobs: - example: + dispatch-matrix-check: runs-on: ubuntu-latest steps: @@ -32,5 +32,5 @@ jobs: issue_number: context.issue.number, owner: context.repo.owner, repo: context.repo.repo, - body: '🤖 Bip Boop! Matrix Testing for this PR has been initiated. Please check back later for results.' + body: '🤖 Beep Boop! Matrix Testing for this PR has been initiated. Please check back later for results.

:bulb: If you do not hear back from me please check my status! I will report even if this PR does not contain files eligible for matrix testing.' }) \ No newline at end of file From c37db4f0d4977f81318efbf22ea518004f65f0b8 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Tue, 24 Jan 2023 14:56:21 -0500 Subject: [PATCH 0275/2573] fix --- .github/workflows/dispatch-matrix-check.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dispatch-matrix-check.yml b/.github/workflows/dispatch-matrix-check.yml index 1c6233ad7d..5d3f9f261c 100644 --- a/.github/workflows/dispatch-matrix-check.yml +++ b/.github/workflows/dispatch-matrix-check.yml @@ -32,5 +32,5 @@ jobs: issue_number: context.issue.number, owner: context.repo.owner, repo: context.repo.repo, - body: '🤖 Beep Boop! Matrix Testing for this PR has been initiated. Please check back later for results.

:bulb: If you do not hear back from me please check my status! I will report even if this PR does not contain files eligible for matrix testing.' + body: '🤖 Beep Boop! Matrix Testing for this PR has been initiated. Please check back later for results.

:bulb: If you do not hear back from me please check my status! **I will report even if this PR does not contain files eligible for matrix testing.**' }) \ No newline at end of file From 7b1940f5e0a07bfee26907bec03b3c3dde56aa74 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Wed, 25 Jan 2023 09:27:37 -0800 Subject: [PATCH 0276/2573] Update docs for using generate_package_description.py sys.argv[0] is now the language name, so update the synopsis to reflect it. --- docs/development_handbook.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/development_handbook.md b/docs/development_handbook.md index d35c03f2d2..72836b7fe9 100644 --- a/docs/development_handbook.md +++ b/docs/development_handbook.md @@ -175,10 +175,10 @@ pip install -r scripts/requirements.txt To generate the rule package description file, run the following script from the root of the repository: ``` -python3.9 scripts/generate_rules/generate_package_description.py +python3.9 scripts/generate_rules/generate_package_description.py ``` -This will produce a `.json` file in the `rule_packages` directory with the name of the rule package (e.g. `rule_packages/Literals.json`). +This will produce a `.json` file in the `rule_packages` directory with the name of the rule package (e.g. `rule_packages/Literals.json`). For example, `python3.9 scripts/generate_rules/generate_package_description.py c Types` creates `rule_packages/c/Types.json`. #### Step 2: Review and update the rule package description file From 6fbdbfbf0d894a172d0267d2e32021da0ce3d6a6 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 25 Jan 2023 12:32:14 -0500 Subject: [PATCH 0277/2573] Declarations7: fix RULE-18-8 expected file --- .../test/rules/RULE-18-8/VariableLengthArrayTypesUsed.expected | 1 - 1 file changed, 1 deletion(-) diff --git a/c/misra/test/rules/RULE-18-8/VariableLengthArrayTypesUsed.expected b/c/misra/test/rules/RULE-18-8/VariableLengthArrayTypesUsed.expected index 24bf35a90d..e9721ce642 100644 --- a/c/misra/test/rules/RULE-18-8/VariableLengthArrayTypesUsed.expected +++ b/c/misra/test/rules/RULE-18-8/VariableLengthArrayTypesUsed.expected @@ -1,4 +1,3 @@ -WARNING: Unused predicate partOfConstantExpr (/Users/knewbury/Desktop/GITHUB/coding-standards/codeql-coding-standards/c/misra/src/rules/RULE-18-8/VariableLengthArrayTypesUsed.ql:17,11-29) | test.c:3:19:3:20 | definition of pa | Variable length array declared. | | test.c:6:7:6:8 | definition of a1 | Variable length array declared. | | test.c:7:7:7:8 | definition of a2 | Variable length array declared. | From 1f9e4e7a7cf2959722c80cc6c3a2f98c3ab832e9 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 25 Jan 2023 12:41:20 -0500 Subject: [PATCH 0278/2573] Declarations7: fix accidental addition to unrelated query --- ...MissingStaticSpecifierFunctionRedeclarationShared.qll | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.qll b/cpp/common/src/codingstandards/cpp/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.qll index 60889ed86b..43c1821e2e 100644 --- a/cpp/common/src/codingstandards/cpp/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.qll @@ -21,12 +21,5 @@ query predicate problems( not redeclaration.hasSpecifier("static") and fde != redeclaration and message = "The redeclaration of $@ with internal linkage misses the static specifier." and - msgpiece = "function" - and - ( - fde.getFile().getAbsolutePath() < redeclaration.getFile().getAbsolutePath() - or - fde.getFile().getAbsolutePath() = redeclaration.getFile().getAbsolutePath() and - fde.getLocation().getStartLine() < redeclaration.getLocation().getStartLine() - ) + msgpiece = "function" } From 696111bc2dc8642ba9a03ceaf41ccffb28b682d8 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Wed, 25 Jan 2023 10:30:38 -0800 Subject: [PATCH 0279/2573] Add rule_packages/c/Types.json and add description for RULE-6-1 and RULE-6-2 --- rule_packages/c/Types.json | 516 +++++++++++++++++++++++++++++++++++++ 1 file changed, 516 insertions(+) create mode 100644 rule_packages/c/Types.json diff --git a/rule_packages/c/Types.json b/rule_packages/c/Types.json new file mode 100644 index 0000000000..c7d4e6e2ae --- /dev/null +++ b/rule_packages/c/Types.json @@ -0,0 +1,516 @@ +{ + "CERT-C": { + "FLP32-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "Prevent or detect domain and range errors in math functions", + "precision": "very-high", + "severity": "error", + "short_name": "PreventOrDetectDomainAndRangeErrorsInMathFunctions", + "tags": [] + } + ], + "title": "Prevent or detect domain and range errors in math functions" + }, + "FLP34-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "Ensure that floating-point conversions are within range of the new type", + "precision": "very-high", + "severity": "error", + "short_name": "EnsureThatFloatingPointConversionsAreWithinRangeOfTheNewType", + "tags": [] + } + ], + "title": "Ensure that floating-point conversions are within range of the new type" + }, + "FLP36-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "Preserve precision when converting integral values to floating-point type", + "precision": "very-high", + "severity": "error", + "short_name": "PreservePrecisionWhenConvertingIntegralValuesToFloatingPointType", + "tags": [] + } + ], + "title": "Preserve precision when converting integral values to floating-point type" + }, + "FLP37-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "Do not use object representations to compare floating-point values", + "precision": "very-high", + "severity": "error", + "short_name": "DoNotUseObjectRepresentationsToCompareFloatingPointValues", + "tags": [] + } + ], + "title": "Do not use object representations to compare floating-point values" + }, + "INT30-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "Ensure that unsigned integer operations do not wrap", + "precision": "high", + "severity": "error", + "short_name": "EnsureThatUnsignedIntegerOperationsDoNotWrap", + "tags": [] + } + ], + "title": "Ensure that unsigned integer operations do not wrap" + }, + "INT31-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "Ensure that integer conversions do not result in lost or misinterpreted data", + "precision": "high", + "severity": "error", + "short_name": "EnsureThatIntegerConversionsDoNotResultInLostOrMisinterpretedData", + "tags": [] + } + ], + "title": "Ensure that integer conversions do not result in lost or misinterpreted data" + }, + "INT32-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "Ensure that operations on signed integers do not result in overflow", + "precision": "high", + "severity": "error", + "short_name": "EnsureThatOperationsOnSignedIntegersDoNotResultInOverflow", + "tags": [] + } + ], + "title": "Ensure that operations on signed integers do not result in overflow" + }, + "INT33-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "Ensure that division and remainder operations do not result in divide-by-zero errors", + "precision": "high", + "severity": "error", + "short_name": "EnsureThatDivisionAndRemainderOperationsDoNotResultInDivideByZeroErrors", + "tags": [] + } + ], + "title": "Ensure that division and remainder operations do not result in divide-by-zero errors" + }, + "INT34-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand", + "kind": "problem", + "name": "Do not shift an expression by a negative number of bits or by greater than or equal to the number of", + "precision": "very-high", + "severity": "error", + "short_name": "DoNotShiftAnExpressionByANegativeNumberOfBitsOrByGreaterThanOrEqualToTheNumberOfBitsThatExistInTheOperand", + "tags": [] + } + ], + "title": "Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand" + }, + "INT35-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "Use correct integer precisions", + "precision": "high", + "severity": "error", + "short_name": "UseCorrectIntegerPrecisions", + "tags": [] + } + ], + "title": "Use correct integer precisions" + }, + "INT36-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "Converting a pointer to integer or integer to pointer", + "precision": "very-high", + "severity": "error", + "short_name": "ConvertingAPointerToIntegerOrIntegerToPointer", + "tags": [] + } + ], + "title": "Converting a pointer to integer or integer to pointer" + } + }, + "MISRA-C-2012": { + "DIR-4-6": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "typedefs that indicate size and signedness should be used in place of the basic numerical types", + "precision": "high", + "severity": "error", + "short_name": "TypedefsThatIndicateSizeAndSignednessShouldBeUsedInPlaceOfTheBasicNumericalTypes", + "tags": [] + } + ], + "title": "typedefs that indicate size and signedness should be used in place of the basic numerical types" + }, + "RULE-10-1": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "Operands shall not be of an inappropriate essential type", + "precision": "high", + "severity": "error", + "short_name": "OperandsOfAnInappropriateEssentialType", + "tags": [] + } + ], + "title": "Operands shall not be of an inappropriate essential type" + }, + "RULE-10-2": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations", + "kind": "problem", + "name": "Expressions of essentially character type shall not be used inappropriately in addition and", + "precision": "very-high", + "severity": "error", + "short_name": "ExpressionsOfEssentiallyCharacterTypeUsedInappropriatelyInAdditionAndSubtractionOperations", + "tags": [] + } + ], + "title": "Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations" + }, + "RULE-10-3": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "The value of an expression shall not be assigned to an object with a narrower essential type or of a different essential type category", + "kind": "problem", + "name": "The value of an expression shall not be assigned to an object with a narrower essential type or of a", + "precision": "high", + "severity": "error", + "short_name": "ValueOfAnExpressionAssignedToAnObjectWithANarrowerEssentialTypeOrOfADifferentEssentialTypeCategory", + "tags": [] + } + ], + "title": "The value of an expression shall not be assigned to an object with a narrower essential type or of a different essential type category" + }, + "RULE-10-4": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Both operands of an operator in which the usual arithmetic conversions are performed shall have the same essential type category", + "kind": "problem", + "name": "Both operands of an operator in which the usual arithmetic conversions are performed shall have the", + "precision": "very-high", + "severity": "error", + "short_name": "BothOperandsOfAnOperatorInWhichTheUsualArithmeticConversionsArePerformedShallHaveTheSameEssentialTypeCategory", + "tags": [] + } + ], + "title": "Both operands of an operator in which the usual arithmetic conversions are performed shall have the same essential type category" + }, + "RULE-10-5": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "The value of an expression should not be cast to an inappropriate essential type", + "precision": "very-high", + "severity": "error", + "short_name": "ValueOfAnExpressionShouldNotBeCastToAnInappropriateEssentialType", + "tags": [] + } + ], + "title": "The value of an expression should not be cast to an inappropriate essential type" + }, + "RULE-10-6": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "The value of a composite expression shall not be assigned to an object with wider essential type", + "precision": "very-high", + "severity": "error", + "short_name": "ValueOfACompositeExpressionAssignedToAnObjectWithWiderEssentialType", + "tags": [] + } + ], + "title": "The value of a composite expression shall not be assigned to an object with wider essential type" + }, + "RULE-10-7": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "If a composite expression is used as one operand of an operator in which the usual arithmetic conversions are performed then the other operand shall not have wider essential type", + "kind": "problem", + "name": "If a composite expression is used as one operand of an operator in which the usual arithmetic", + "precision": "very-high", + "severity": "error", + "short_name": "IfACompositeExpressionIsUsedAsOneOperandOfAnOperatorInWhichTheUsualArithmeticConversionsArePerformedThenTheOtherOperandHaveWiderEssentialType", + "tags": [] + } + ], + "title": "If a composite expression is used as one operand of an operator in which the usual arithmetic conversions are performed then the other operand shall not have wider essential type" + }, + "RULE-10-8": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "The value of a composite expression shall not be cast to a different essential type category or a wider essential type", + "kind": "problem", + "name": "The value of a composite expression shall not be cast to a different essential type category or a", + "precision": "very-high", + "severity": "error", + "short_name": "ValueOfACompositeExpressionCastToADifferentEssentialTypeCategoryOrAWiderEssentialType", + "tags": [] + } + ], + "title": "The value of a composite expression shall not be cast to a different essential type category or a wider essential type" + }, + "RULE-12-4": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "Evaluation of constant expressions should not lead to unsigned integer wrap-around", + "precision": "very-high", + "severity": "error", + "short_name": "EvaluationOfConstantExpressionsShouldNotLeadToUnsignedIntegerWrapAround", + "tags": [] + } + ], + "title": "Evaluation of constant expressions should not lead to unsigned integer wrap-around" + }, + "RULE-12-5": { + "properties": { + "obligation": "mandatory" + }, + "queries": [ + { + "description": "The sizeof operator shall not have an operand which is a function parameter declared as \ufffdarray of type\ufffd", + "kind": "problem", + "name": "The sizeof operator shall not have an operand which is a function parameter declared as \ufffdarray of", + "precision": "very-high", + "severity": "error", + "short_name": "SizeofOperatorHaveAnOperandWhichIsAFunctionParameterDeclaredAsArrayOfType", + "tags": [] + } + ], + "title": "The sizeof operator shall not have an operand which is a function parameter declared as \ufffdarray of type\ufffd" + }, + "RULE-14-1": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "A loop counter shall not have essentially floating type", + "precision": "high", + "severity": "error", + "short_name": "LoopCounterHaveEssentiallyFloatingType", + "tags": [] + } + ], + "title": "A loop counter shall not have essentially floating type" + }, + "RULE-21-13": { + "properties": { + "obligation": "mandatory" + }, + "queries": [ + { + "description": "Any value passed to a function in shall be representable as an unsigned char or be the value EOF", + "kind": "problem", + "name": "Any value passed to a function in shall be representable as an unsigned char or be the", + "precision": "very-high", + "severity": "error", + "short_name": "ValuePassedToAFunctionInCtypehNotRepresentableAsUnsignedCharOrBeTheValueEof", + "tags": [] + } + ], + "title": "Any value passed to a function in shall be representable as an unsigned char or be the value EOF" + }, + "RULE-21-14": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "The Standard Library function memcmp shall not be used to compare null terminated strings", + "precision": "high", + "severity": "error", + "short_name": "StandardLibraryFunctionMemcmpUsedToCompareNullTerminatedStrings", + "tags": [] + } + ], + "title": "The Standard Library function memcmp shall not be used to compare null terminated strings" + }, + "RULE-21-15": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "The pointer arguments to the Standard Library functions memcpy, memmove and memcmp shall be pointers to qualified or unqualified versions of compatible types", + "kind": "problem", + "name": "The pointer arguments to the Standard Library functions memcpy, memmove and memcmp shall be pointers", + "precision": "very-high", + "severity": "error", + "short_name": "PointerArgumentsToTheStandardLibraryFunctionsMemcpyMemmoveAndMemcmpNotPointersToQualifiedOrUnqualifiedVersionsOfCompatibleTypes", + "tags": [] + } + ], + "title": "The pointer arguments to the Standard Library functions memcpy, memmove and memcmp shall be pointers to qualified or unqualified versions of compatible types" + }, + "RULE-21-16": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "The pointer arguments to the Standard Library function memcmp shall point to either a pointer type, an essentially signed type, an essentially unsigned type, an essentially Boolean type or an essentially enum type", + "kind": "problem", + "name": "The pointer arguments to the Standard Library function memcmp shall point to either a pointer type,", + "precision": "very-high", + "severity": "error", + "short_name": "PointerArgumentsToTheStandardLibraryFunctionMemcmpShallPointToEitherAPointerTypeAnEssentiallySignedTypeAnEssentiallyUnsignedTypeAnEssentiallyBooleanTypeOrAnEssentiallyEnumType", + "tags": [] + } + ], + "title": "The pointer arguments to the Standard Library function memcmp shall point to either a pointer type, an essentially signed type, an essentially unsigned type, an essentially Boolean type or an essentially enum type" + }, + "RULE-6-1": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Using types other than appropriate ones causes to implementation-specific or undefined behavior.", + "kind": "problem", + "name": "Bit-fields shall only be declared with an appropriate type", + "precision": "very-high", + "severity": "error", + "short_name": "BitFieldsShallOnlyBeDeclaredWithAnAppropriateType", + "tags": [] + } + ], + "title": "Bit-fields shall only be declared with an appropriate type" + }, + "RULE-6-2": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Single-bit named bit fields carry no useful information and therefore should not be declared or used.", + "kind": "problem", + "name": "Single-bit named bit fields shall not be of a signed type", + "precision": "very-high", + "severity": "error", + "short_name": "SingleBitNamedBitFieldsOfASignedType", + "tags": [] + } + ], + "title": "Single-bit named bit fields shall not be of a signed type" + }, + "RULE-7-4": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "A string literal shall not be assigned to an object unless the object\ufffds type is \ufffdpointer to const-qualified char\ufffd", + "kind": "problem", + "name": "A string literal shall not be assigned to an object unless the object\ufffds type is \ufffdpointer to", + "precision": "very-high", + "severity": "error", + "short_name": "StringLiteralAssignedToAnObjectUnlessTheObjectsTypeIsPointerToConstQualifiedChar", + "tags": [] + } + ], + "title": "A string literal shall not be assigned to an object unless the object\ufffds type is \ufffdpointer to const-qualified char\ufffd" + } + } +} From d511157bba5ecb42a54a13b91509874ba0b1664c Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Wed, 25 Jan 2023 10:37:17 -0800 Subject: [PATCH 0280/2573] Better polish description for RULE-6-1 --- rule_packages/c/Types.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rule_packages/c/Types.json b/rule_packages/c/Types.json index c7d4e6e2ae..02135821f9 100644 --- a/rule_packages/c/Types.json +++ b/rule_packages/c/Types.json @@ -467,7 +467,7 @@ }, "queries": [ { - "description": "Using types other than appropriate ones causes to implementation-specific or undefined behavior.", + "description": "Declaring bit-fields on types other than appropriate ones causes implementation-specific or undefined behavior.", "kind": "problem", "name": "Bit-fields shall only be declared with an appropriate type", "precision": "very-high", From 41e755f88c3dcd51934e7a343b295596af1204bc Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Wed, 25 Jan 2023 12:32:26 -0800 Subject: [PATCH 0281/2573] make rule_packages/c/Types.json valid --- rule_packages/c/Types.json | 110 ++++++++++++++++++------------------- 1 file changed, 55 insertions(+), 55 deletions(-) diff --git a/rule_packages/c/Types.json b/rule_packages/c/Types.json index 02135821f9..cefcd6fec5 100644 --- a/rule_packages/c/Types.json +++ b/rule_packages/c/Types.json @@ -6,7 +6,7 @@ }, "queries": [ { - "description": "", + "description": "TODO.", "kind": "problem", "name": "Prevent or detect domain and range errors in math functions", "precision": "very-high", @@ -23,12 +23,12 @@ }, "queries": [ { - "description": "", + "description": "TODO.", "kind": "problem", "name": "Ensure that floating-point conversions are within range of the new type", "precision": "very-high", "severity": "error", - "short_name": "EnsureThatFloatingPointConversionsAreWithinRangeOfTheNewType", + "short_name": "FloatingPointConversionsNotWithinRangeOfNewType", "tags": [] } ], @@ -40,12 +40,12 @@ }, "queries": [ { - "description": "", + "description": "TODO.", "kind": "problem", "name": "Preserve precision when converting integral values to floating-point type", "precision": "very-high", "severity": "error", - "short_name": "PreservePrecisionWhenConvertingIntegralValuesToFloatingPointType", + "short_name": "FloatingPointOfIntegralValuesLosePrecision", "tags": [] } ], @@ -57,12 +57,12 @@ }, "queries": [ { - "description": "", + "description": "TODO.", "kind": "problem", "name": "Do not use object representations to compare floating-point values", "precision": "very-high", "severity": "error", - "short_name": "DoNotUseObjectRepresentationsToCompareFloatingPointValues", + "short_name": "ObjectReprUsedForComparingFloatingPointValues", "tags": [] } ], @@ -74,7 +74,7 @@ }, "queries": [ { - "description": "", + "description": "TODO.", "kind": "problem", "name": "Ensure that unsigned integer operations do not wrap", "precision": "high", @@ -91,12 +91,12 @@ }, "queries": [ { - "description": "", + "description": "TODO.", "kind": "problem", "name": "Ensure that integer conversions do not result in lost or misinterpreted data", "precision": "high", "severity": "error", - "short_name": "EnsureThatIntegerConversionsDoNotResultInLostOrMisinterpretedData", + "short_name": "IntConversionCausesLostOrMisinterpretedData", "tags": [] } ], @@ -108,12 +108,12 @@ }, "queries": [ { - "description": "", + "description": "TODO.", "kind": "problem", "name": "Ensure that operations on signed integers do not result in overflow", "precision": "high", "severity": "error", - "short_name": "EnsureThatOperationsOnSignedIntegersDoNotResultInOverflow", + "short_name": "OperationsOnSignedIntegersResultsInOverflow", "tags": [] } ], @@ -125,12 +125,12 @@ }, "queries": [ { - "description": "", + "description": "TODO.", "kind": "problem", "name": "Ensure that division and remainder operations do not result in divide-by-zero errors", "precision": "high", "severity": "error", - "short_name": "EnsureThatDivisionAndRemainderOperationsDoNotResultInDivideByZeroErrors", + "short_name": "DivAndModOperationResultsInDivByZero", "tags": [] } ], @@ -142,12 +142,12 @@ }, "queries": [ { - "description": "Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand", + "description": "Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand.", "kind": "problem", "name": "Do not shift an expression by a negative number of bits or by greater than or equal to the number of", "precision": "very-high", "severity": "error", - "short_name": "DoNotShiftAnExpressionByANegativeNumberOfBitsOrByGreaterThanOrEqualToTheNumberOfBitsThatExistInTheOperand", + "short_name": "ExprShiftedByNegativeBitsOrGreaterThanOperand", "tags": [] } ], @@ -159,7 +159,7 @@ }, "queries": [ { - "description": "", + "description": "TODO.", "kind": "problem", "name": "Use correct integer precisions", "precision": "high", @@ -176,7 +176,7 @@ }, "queries": [ { - "description": "", + "description": "TODO.", "kind": "problem", "name": "Converting a pointer to integer or integer to pointer", "precision": "very-high", @@ -195,12 +195,12 @@ }, "queries": [ { - "description": "", + "description": "TODO.", "kind": "problem", "name": "typedefs that indicate size and signedness should be used in place of the basic numerical types", "precision": "high", "severity": "error", - "short_name": "TypedefsThatIndicateSizeAndSignednessShouldBeUsedInPlaceOfTheBasicNumericalTypes", + "short_name": "NumericTypedefsNotUsedInPlaceOfBasicNumericalTypes", "tags": [] } ], @@ -212,7 +212,7 @@ }, "queries": [ { - "description": "", + "description": "TODO.", "kind": "problem", "name": "Operands shall not be of an inappropriate essential type", "precision": "high", @@ -229,12 +229,12 @@ }, "queries": [ { - "description": "Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations", + "description": "Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations.", "kind": "problem", "name": "Expressions of essentially character type shall not be used inappropriately in addition and", "precision": "very-high", "severity": "error", - "short_name": "ExpressionsOfEssentiallyCharacterTypeUsedInappropriatelyInAdditionAndSubtractionOperations", + "short_name": "CharTypeExprsUsedInAddOrSub", "tags": [] } ], @@ -246,12 +246,12 @@ }, "queries": [ { - "description": "The value of an expression shall not be assigned to an object with a narrower essential type or of a different essential type category", + "description": "The value of an expression shall not be assigned to an object with a narrower essential type or of a different essential type category.", "kind": "problem", "name": "The value of an expression shall not be assigned to an object with a narrower essential type or of a", "precision": "high", "severity": "error", - "short_name": "ValueOfAnExpressionAssignedToAnObjectWithANarrowerEssentialTypeOrOfADifferentEssentialTypeCategory", + "short_name": "AssignmentToIncompatibleEssentialType", "tags": [] } ], @@ -263,12 +263,12 @@ }, "queries": [ { - "description": "Both operands of an operator in which the usual arithmetic conversions are performed shall have the same essential type category", + "description": "Both operands of an operator in which the usual arithmetic conversions are performed shall have the same essential type category.", "kind": "problem", "name": "Both operands of an operator in which the usual arithmetic conversions are performed shall have the", "precision": "very-high", "severity": "error", - "short_name": "BothOperandsOfAnOperatorInWhichTheUsualArithmeticConversionsArePerformedShallHaveTheSameEssentialTypeCategory", + "short_name": "ArithConversionOperandHasDifferentEssTypeCategory", "tags": [] } ], @@ -280,12 +280,12 @@ }, "queries": [ { - "description": "", + "description": "TODO.", "kind": "problem", "name": "The value of an expression should not be cast to an inappropriate essential type", "precision": "very-high", "severity": "error", - "short_name": "ValueOfAnExpressionShouldNotBeCastToAnInappropriateEssentialType", + "short_name": "ValueCastToInappropriateEssentialType", "tags": [] } ], @@ -297,12 +297,12 @@ }, "queries": [ { - "description": "", + "description": "TODO.", "kind": "problem", "name": "The value of a composite expression shall not be assigned to an object with wider essential type", "precision": "very-high", "severity": "error", - "short_name": "ValueOfACompositeExpressionAssignedToAnObjectWithWiderEssentialType", + "short_name": "CompositeExprValueAssignedToObjWithWiderEssType", "tags": [] } ], @@ -314,12 +314,12 @@ }, "queries": [ { - "description": "If a composite expression is used as one operand of an operator in which the usual arithmetic conversions are performed then the other operand shall not have wider essential type", + "description": "If a composite expression is used as one operand of an operator in which the usual arithmetic conversions are performed then the other operand shall not have wider essential type.", "kind": "problem", "name": "If a composite expression is used as one operand of an operator in which the usual arithmetic", "precision": "very-high", "severity": "error", - "short_name": "IfACompositeExpressionIsUsedAsOneOperandOfAnOperatorInWhichTheUsualArithmeticConversionsArePerformedThenTheOtherOperandHaveWiderEssentialType", + "short_name": "ConvertedCompExprOperandHasWiderEssTypeThanOther", "tags": [] } ], @@ -331,12 +331,12 @@ }, "queries": [ { - "description": "The value of a composite expression shall not be cast to a different essential type category or a wider essential type", + "description": "The value of a composite expression shall not be cast to a different essential type category or a wider essential type.", "kind": "problem", "name": "The value of a composite expression shall not be cast to a different essential type category or a", "precision": "very-high", "severity": "error", - "short_name": "ValueOfACompositeExpressionCastToADifferentEssentialTypeCategoryOrAWiderEssentialType", + "short_name": "CompExprValCastToIncompatEssType", "tags": [] } ], @@ -348,12 +348,12 @@ }, "queries": [ { - "description": "", + "description": "TODO.", "kind": "problem", "name": "Evaluation of constant expressions should not lead to unsigned integer wrap-around", "precision": "very-high", "severity": "error", - "short_name": "EvaluationOfConstantExpressionsShouldNotLeadToUnsignedIntegerWrapAround", + "short_name": "ConstExprEvalCausesUnsignedIntWraparound", "tags": [] } ], @@ -365,16 +365,16 @@ }, "queries": [ { - "description": "The sizeof operator shall not have an operand which is a function parameter declared as \ufffdarray of type\ufffd", + "description": "The sizeof operator shall not have an operand which is a function parameter declared as 'array of type'.", "kind": "problem", - "name": "The sizeof operator shall not have an operand which is a function parameter declared as \ufffdarray of", + "name": "The sizeof operator shall not have an operand which is a function parameter declared as 'array of", "precision": "very-high", "severity": "error", - "short_name": "SizeofOperatorHaveAnOperandWhichIsAFunctionParameterDeclaredAsArrayOfType", + "short_name": "ArrayTypeParamAtSizeofOperand", "tags": [] } ], - "title": "The sizeof operator shall not have an operand which is a function parameter declared as \ufffdarray of type\ufffd" + "title": "The sizeof operator shall not have an operand which is a function parameter declared as 'array of type'" }, "RULE-14-1": { "properties": { @@ -382,7 +382,7 @@ }, "queries": [ { - "description": "", + "description": "TODO.", "kind": "problem", "name": "A loop counter shall not have essentially floating type", "precision": "high", @@ -399,12 +399,12 @@ }, "queries": [ { - "description": "Any value passed to a function in shall be representable as an unsigned char or be the value EOF", + "description": "Any value passed to a function in shall be representable as an unsigned char or be the value EOF.", "kind": "problem", "name": "Any value passed to a function in shall be representable as an unsigned char or be the", "precision": "very-high", "severity": "error", - "short_name": "ValuePassedToAFunctionInCtypehNotRepresentableAsUnsignedCharOrBeTheValueEof", + "short_name": "CtypeFuncNeitherReprAsUnsignedCharNorEOF", "tags": [] } ], @@ -416,12 +416,12 @@ }, "queries": [ { - "description": "", + "description": "TODO.", "kind": "problem", "name": "The Standard Library function memcmp shall not be used to compare null terminated strings", "precision": "high", "severity": "error", - "short_name": "StandardLibraryFunctionMemcmpUsedToCompareNullTerminatedStrings", + "short_name": "MemcmpUsedToCompareNullTerminatedStrings", "tags": [] } ], @@ -433,12 +433,12 @@ }, "queries": [ { - "description": "The pointer arguments to the Standard Library functions memcpy, memmove and memcmp shall be pointers to qualified or unqualified versions of compatible types", + "description": "The pointer arguments to the Standard Library functions memcpy, memmove and memcmp shall be pointers to qualified or unqualified versions of compatible types.", "kind": "problem", "name": "The pointer arguments to the Standard Library functions memcpy, memmove and memcmp shall be pointers", "precision": "very-high", "severity": "error", - "short_name": "PointerArgumentsToTheStandardLibraryFunctionsMemcpyMemmoveAndMemcmpNotPointersToQualifiedOrUnqualifiedVersionsOfCompatibleTypes", + "short_name": "MemcpyMemmoveMemcmpArgNotPointerToCompatTypes", "tags": [] } ], @@ -450,16 +450,16 @@ }, "queries": [ { - "description": "The pointer arguments to the Standard Library function memcmp shall point to either a pointer type, an essentially signed type, an essentially unsigned type, an essentially Boolean type or an essentially enum type", + "description": "The pointer arguments to the Standard Library function memcmp shall point to either a pointer type, an essentially signed type, an essentially unsigned type, an essentially Boolean type or an essentially enum type.", "kind": "problem", "name": "The pointer arguments to the Standard Library function memcmp shall point to either a pointer type,", "precision": "very-high", "severity": "error", - "short_name": "PointerArgumentsToTheStandardLibraryFunctionMemcmpShallPointToEitherAPointerTypeAnEssentiallySignedTypeAnEssentiallyUnsignedTypeAnEssentiallyBooleanTypeOrAnEssentiallyEnumType", + "short_name": "MemcmpArgNotPtsToSignedUnsignedBooleanEnumEssType", "tags": [] } ], - "title": "The pointer arguments to the Standard Library function memcmp shall point to either a pointer type, an essentially signed type, an essentially unsigned type, an essentially Boolean type or an essentially enum type" + "title": "The pointer arguments to the Standard Library function memcmp shall point to either a pointer type, an essentially signed type, an essentially unsigned type, an essentially Boolean type or an essentially enum type." }, "RULE-6-1": { "properties": { @@ -501,16 +501,16 @@ }, "queries": [ { - "description": "A string literal shall not be assigned to an object unless the object\ufffds type is \ufffdpointer to const-qualified char\ufffd", + "description": "A string literal shall not be assigned to an object unless the object's type is 'pointer to const-qualified char'.", "kind": "problem", - "name": "A string literal shall not be assigned to an object unless the object\ufffds type is \ufffdpointer to", + "name": "A string literal shall not be assigned to an object unless the object's type is 'pointer to", "precision": "very-high", "severity": "error", - "short_name": "StringLiteralAssignedToAnObjectUnlessTheObjectsTypeIsPointerToConstQualifiedChar", + "short_name": "StringLiteralAssignedToObjPtrToConstQualifiedChar", "tags": [] } ], - "title": "A string literal shall not be assigned to an object unless the object\ufffds type is \ufffdpointer to const-qualified char\ufffd" + "title": "A string literal shall not be assigned to an object unless the object's type is 'pointer to const-qualified char'" } } } From 82dadd9324fce9511abcb387c1527e6ada0fc7dc Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Wed, 25 Jan 2023 12:37:10 -0800 Subject: [PATCH 0282/2573] generate rule package files for c/Types.json --- ...tectDomainAndRangeErrorsInMathFunctions.md | 18 + ...tectDomainAndRangeErrorsInMathFunctions.ql | 18 + ...PointConversionsNotWithinRangeOfNewType.md | 16 + ...PointConversionsNotWithinRangeOfNewType.ql | 18 + ...atingPointOfIntegralValuesLosePrecision.md | 16 + ...atingPointOfIntegralValuesLosePrecision.ql | 18 + ...ReprUsedForComparingFloatingPointValues.md | 16 + ...ReprUsedForComparingFloatingPointValues.ql | 18 + ...eThatUnsignedIntegerOperationsDoNotWrap.md | 16 + ...eThatUnsignedIntegerOperationsDoNotWrap.ql | 18 + ...onversionCausesLostOrMisinterpretedData.md | 16 + ...onversionCausesLostOrMisinterpretedData.ql | 18 + ...ationsOnSignedIntegersResultsInOverflow.md | 16 + ...ationsOnSignedIntegersResultsInOverflow.ql | 18 + .../DivAndModOperationResultsInDivByZero.md | 16 + .../DivAndModOperationResultsInDivByZero.ql | 18 + ...iftedByNegativeBitsOrGreaterThanOperand.md | 16 + ...iftedByNegativeBitsOrGreaterThanOperand.ql | 19 + .../INT35-C/UseCorrectIntegerPrecisions.md | 16 + .../INT35-C/UseCorrectIntegerPrecisions.ql | 18 + ...tingAPointerToIntegerOrIntegerToPointer.md | 16 + ...tingAPointerToIntegerOrIntegerToPointer.ql | 18 + ...mainAndRangeErrorsInMathFunctions.expected | 1 + ...tDomainAndRangeErrorsInMathFunctions.qlref | 1 + ...onversionsNotWithinRangeOfNewType.expected | 1 + ...ntConversionsNotWithinRangeOfNewType.qlref | 1 + ...ointOfIntegralValuesLosePrecision.expected | 1 + ...ngPointOfIntegralValuesLosePrecision.qlref | 1 + ...edForComparingFloatingPointValues.expected | 1 + ...rUsedForComparingFloatingPointValues.qlref | 1 + ...nsignedIntegerOperationsDoNotWrap.expected | 1 + ...atUnsignedIntegerOperationsDoNotWrap.qlref | 1 + ...ionCausesLostOrMisinterpretedData.expected | 1 + ...ersionCausesLostOrMisinterpretedData.qlref | 1 + ...OnSignedIntegersResultsInOverflow.expected | 1 + ...onsOnSignedIntegersResultsInOverflow.qlref | 1 + ...AndModOperationResultsInDivByZero.expected | 1 + ...DivAndModOperationResultsInDivByZero.qlref | 1 + ...yNegativeBitsOrGreaterThanOperand.expected | 1 + ...edByNegativeBitsOrGreaterThanOperand.qlref | 1 + .../UseCorrectIntegerPrecisions.expected | 1 + .../INT35-C/UseCorrectIntegerPrecisions.qlref | 1 + ...ointerToIntegerOrIntegerToPointer.expected | 1 + ...gAPointerToIntegerOrIntegerToPointer.qlref | 1 + ...defsNotUsedInPlaceOfBasicNumericalTypes.ql | 18 + .../OperandsOfAnInappropriateEssentialType.ql | 18 + .../RULE-10-2/CharTypeExprsUsedInAddOrSub.ql | 19 + .../AssignmentToIncompatibleEssentialType.ql | 19 + ...rsionOperandHasDifferentEssTypeCategory.ql | 19 + .../ValueCastToInappropriateEssentialType.ql | 18 + ...eExprValueAssignedToObjWithWiderEssType.ql | 18 + ...CompExprOperandHasWiderEssTypeThanOther.ql | 20 + .../CompExprValCastToIncompatEssType.ql | 19 + ...onstExprEvalCausesUnsignedIntWraparound.ql | 18 + .../ArrayTypeParamAtSizeofOperand.ql | 19 + .../LoopCounterHaveEssentiallyFloatingType.ql | 18 + ...typeFuncNeitherReprAsUnsignedCharNorEOF.ql | 19 + ...emcmpUsedToCompareNullTerminatedStrings.ql | 18 + ...MemmoveMemcmpArgNotPointerToCompatTypes.ql | 19 + ...otPtsToSignedUnsignedBooleanEnumEssType.ql | 20 + ...hallOnlyBeDeclaredWithAnAppropriateType.ql | 19 + .../SingleBitNamedBitFieldsOfASignedType.ql | 19 + ...ralAssignedToObjPtrToConstQualifiedChar.ql | 19 + ...tUsedInPlaceOfBasicNumericalTypes.expected | 1 + ...sNotUsedInPlaceOfBasicNumericalTypes.qlref | 1 + ...ndsOfAnInappropriateEssentialType.expected | 1 + ...erandsOfAnInappropriateEssentialType.qlref | 1 + .../CharTypeExprsUsedInAddOrSub.expected | 1 + .../CharTypeExprsUsedInAddOrSub.qlref | 1 + ...gnmentToIncompatibleEssentialType.expected | 1 + ...ssignmentToIncompatibleEssentialType.qlref | 1 + ...perandHasDifferentEssTypeCategory.expected | 1 + ...onOperandHasDifferentEssTypeCategory.qlref | 1 + ...eCastToInappropriateEssentialType.expected | 1 + ...alueCastToInappropriateEssentialType.qlref | 1 + ...alueAssignedToObjWithWiderEssType.expected | 1 + ...prValueAssignedToObjWithWiderEssType.qlref | 1 + ...prOperandHasWiderEssTypeThanOther.expected | 1 + ...pExprOperandHasWiderEssTypeThanOther.qlref | 1 + .../CompExprValCastToIncompatEssType.expected | 1 + .../CompExprValCastToIncompatEssType.qlref | 1 + ...prEvalCausesUnsignedIntWraparound.expected | 1 + ...tExprEvalCausesUnsignedIntWraparound.qlref | 1 + .../ArrayTypeParamAtSizeofOperand.expected | 1 + .../ArrayTypeParamAtSizeofOperand.qlref | 1 + ...ounterHaveEssentiallyFloatingType.expected | 1 + ...opCounterHaveEssentiallyFloatingType.qlref | 1 + ...ncNeitherReprAsUnsignedCharNorEOF.expected | 1 + ...eFuncNeitherReprAsUnsignedCharNorEOF.qlref | 1 + ...sedToCompareNullTerminatedStrings.expected | 1 + ...mpUsedToCompareNullTerminatedStrings.qlref | 1 + ...eMemcmpArgNotPointerToCompatTypes.expected | 1 + ...moveMemcmpArgNotPointerToCompatTypes.qlref | 1 + ...oSignedUnsignedBooleanEnumEssType.expected | 1 + ...tsToSignedUnsignedBooleanEnumEssType.qlref | 1 + ...lyBeDeclaredWithAnAppropriateType.expected | 1 + ...lOnlyBeDeclaredWithAnAppropriateType.qlref | 1 + ...gleBitNamedBitFieldsOfASignedType.expected | 1 + ...SingleBitNamedBitFieldsOfASignedType.qlref | 1 + ...ignedToObjPtrToConstQualifiedChar.expected | 1 + ...AssignedToObjPtrToConstQualifiedChar.qlref | 1 + .../cpp/exclusions/c/RuleMetadata.qll | 7 +- .../cpp/exclusions/c/Types.qll | 520 ++++++++++++++++++ 103 files changed, 1318 insertions(+), 2 deletions(-) create mode 100644 c/cert/src/rules/FLP32-C/PreventOrDetectDomainAndRangeErrorsInMathFunctions.md create mode 100644 c/cert/src/rules/FLP32-C/PreventOrDetectDomainAndRangeErrorsInMathFunctions.ql create mode 100644 c/cert/src/rules/FLP34-C/FloatingPointConversionsNotWithinRangeOfNewType.md create mode 100644 c/cert/src/rules/FLP34-C/FloatingPointConversionsNotWithinRangeOfNewType.ql create mode 100644 c/cert/src/rules/FLP36-C/FloatingPointOfIntegralValuesLosePrecision.md create mode 100644 c/cert/src/rules/FLP36-C/FloatingPointOfIntegralValuesLosePrecision.ql create mode 100644 c/cert/src/rules/FLP37-C/ObjectReprUsedForComparingFloatingPointValues.md create mode 100644 c/cert/src/rules/FLP37-C/ObjectReprUsedForComparingFloatingPointValues.ql create mode 100644 c/cert/src/rules/INT30-C/EnsureThatUnsignedIntegerOperationsDoNotWrap.md create mode 100644 c/cert/src/rules/INT30-C/EnsureThatUnsignedIntegerOperationsDoNotWrap.ql create mode 100644 c/cert/src/rules/INT31-C/IntConversionCausesLostOrMisinterpretedData.md create mode 100644 c/cert/src/rules/INT31-C/IntConversionCausesLostOrMisinterpretedData.ql create mode 100644 c/cert/src/rules/INT32-C/OperationsOnSignedIntegersResultsInOverflow.md create mode 100644 c/cert/src/rules/INT32-C/OperationsOnSignedIntegersResultsInOverflow.ql create mode 100644 c/cert/src/rules/INT33-C/DivAndModOperationResultsInDivByZero.md create mode 100644 c/cert/src/rules/INT33-C/DivAndModOperationResultsInDivByZero.ql create mode 100644 c/cert/src/rules/INT34-C/ExprShiftedByNegativeBitsOrGreaterThanOperand.md create mode 100644 c/cert/src/rules/INT34-C/ExprShiftedByNegativeBitsOrGreaterThanOperand.ql create mode 100644 c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.md create mode 100644 c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.ql create mode 100644 c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.md create mode 100644 c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql create mode 100644 c/cert/test/rules/FLP32-C/PreventOrDetectDomainAndRangeErrorsInMathFunctions.expected create mode 100644 c/cert/test/rules/FLP32-C/PreventOrDetectDomainAndRangeErrorsInMathFunctions.qlref create mode 100644 c/cert/test/rules/FLP34-C/FloatingPointConversionsNotWithinRangeOfNewType.expected create mode 100644 c/cert/test/rules/FLP34-C/FloatingPointConversionsNotWithinRangeOfNewType.qlref create mode 100644 c/cert/test/rules/FLP36-C/FloatingPointOfIntegralValuesLosePrecision.expected create mode 100644 c/cert/test/rules/FLP36-C/FloatingPointOfIntegralValuesLosePrecision.qlref create mode 100644 c/cert/test/rules/FLP37-C/ObjectReprUsedForComparingFloatingPointValues.expected create mode 100644 c/cert/test/rules/FLP37-C/ObjectReprUsedForComparingFloatingPointValues.qlref create mode 100644 c/cert/test/rules/INT30-C/EnsureThatUnsignedIntegerOperationsDoNotWrap.expected create mode 100644 c/cert/test/rules/INT30-C/EnsureThatUnsignedIntegerOperationsDoNotWrap.qlref create mode 100644 c/cert/test/rules/INT31-C/IntConversionCausesLostOrMisinterpretedData.expected create mode 100644 c/cert/test/rules/INT31-C/IntConversionCausesLostOrMisinterpretedData.qlref create mode 100644 c/cert/test/rules/INT32-C/OperationsOnSignedIntegersResultsInOverflow.expected create mode 100644 c/cert/test/rules/INT32-C/OperationsOnSignedIntegersResultsInOverflow.qlref create mode 100644 c/cert/test/rules/INT33-C/DivAndModOperationResultsInDivByZero.expected create mode 100644 c/cert/test/rules/INT33-C/DivAndModOperationResultsInDivByZero.qlref create mode 100644 c/cert/test/rules/INT34-C/ExprShiftedByNegativeBitsOrGreaterThanOperand.expected create mode 100644 c/cert/test/rules/INT34-C/ExprShiftedByNegativeBitsOrGreaterThanOperand.qlref create mode 100644 c/cert/test/rules/INT35-C/UseCorrectIntegerPrecisions.expected create mode 100644 c/cert/test/rules/INT35-C/UseCorrectIntegerPrecisions.qlref create mode 100644 c/cert/test/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.expected create mode 100644 c/cert/test/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.qlref create mode 100644 c/misra/src/rules/DIR-4-6/NumericTypedefsNotUsedInPlaceOfBasicNumericalTypes.ql create mode 100644 c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql create mode 100644 c/misra/src/rules/RULE-10-2/CharTypeExprsUsedInAddOrSub.ql create mode 100644 c/misra/src/rules/RULE-10-3/AssignmentToIncompatibleEssentialType.ql create mode 100644 c/misra/src/rules/RULE-10-4/ArithConversionOperandHasDifferentEssTypeCategory.ql create mode 100644 c/misra/src/rules/RULE-10-5/ValueCastToInappropriateEssentialType.ql create mode 100644 c/misra/src/rules/RULE-10-6/CompositeExprValueAssignedToObjWithWiderEssType.ql create mode 100644 c/misra/src/rules/RULE-10-7/ConvertedCompExprOperandHasWiderEssTypeThanOther.ql create mode 100644 c/misra/src/rules/RULE-10-8/CompExprValCastToIncompatEssType.ql create mode 100644 c/misra/src/rules/RULE-12-4/ConstExprEvalCausesUnsignedIntWraparound.ql create mode 100644 c/misra/src/rules/RULE-12-5/ArrayTypeParamAtSizeofOperand.ql create mode 100644 c/misra/src/rules/RULE-14-1/LoopCounterHaveEssentiallyFloatingType.ql create mode 100644 c/misra/src/rules/RULE-21-13/CtypeFuncNeitherReprAsUnsignedCharNorEOF.ql create mode 100644 c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql create mode 100644 c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointerToCompatTypes.ql create mode 100644 c/misra/src/rules/RULE-21-16/MemcmpArgNotPtsToSignedUnsignedBooleanEnumEssType.ql create mode 100644 c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql create mode 100644 c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql create mode 100644 c/misra/src/rules/RULE-7-4/StringLiteralAssignedToObjPtrToConstQualifiedChar.ql create mode 100644 c/misra/test/rules/DIR-4-6/NumericTypedefsNotUsedInPlaceOfBasicNumericalTypes.expected create mode 100644 c/misra/test/rules/DIR-4-6/NumericTypedefsNotUsedInPlaceOfBasicNumericalTypes.qlref create mode 100644 c/misra/test/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.expected create mode 100644 c/misra/test/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.qlref create mode 100644 c/misra/test/rules/RULE-10-2/CharTypeExprsUsedInAddOrSub.expected create mode 100644 c/misra/test/rules/RULE-10-2/CharTypeExprsUsedInAddOrSub.qlref create mode 100644 c/misra/test/rules/RULE-10-3/AssignmentToIncompatibleEssentialType.expected create mode 100644 c/misra/test/rules/RULE-10-3/AssignmentToIncompatibleEssentialType.qlref create mode 100644 c/misra/test/rules/RULE-10-4/ArithConversionOperandHasDifferentEssTypeCategory.expected create mode 100644 c/misra/test/rules/RULE-10-4/ArithConversionOperandHasDifferentEssTypeCategory.qlref create mode 100644 c/misra/test/rules/RULE-10-5/ValueCastToInappropriateEssentialType.expected create mode 100644 c/misra/test/rules/RULE-10-5/ValueCastToInappropriateEssentialType.qlref create mode 100644 c/misra/test/rules/RULE-10-6/CompositeExprValueAssignedToObjWithWiderEssType.expected create mode 100644 c/misra/test/rules/RULE-10-6/CompositeExprValueAssignedToObjWithWiderEssType.qlref create mode 100644 c/misra/test/rules/RULE-10-7/ConvertedCompExprOperandHasWiderEssTypeThanOther.expected create mode 100644 c/misra/test/rules/RULE-10-7/ConvertedCompExprOperandHasWiderEssTypeThanOther.qlref create mode 100644 c/misra/test/rules/RULE-10-8/CompExprValCastToIncompatEssType.expected create mode 100644 c/misra/test/rules/RULE-10-8/CompExprValCastToIncompatEssType.qlref create mode 100644 c/misra/test/rules/RULE-12-4/ConstExprEvalCausesUnsignedIntWraparound.expected create mode 100644 c/misra/test/rules/RULE-12-4/ConstExprEvalCausesUnsignedIntWraparound.qlref create mode 100644 c/misra/test/rules/RULE-12-5/ArrayTypeParamAtSizeofOperand.expected create mode 100644 c/misra/test/rules/RULE-12-5/ArrayTypeParamAtSizeofOperand.qlref create mode 100644 c/misra/test/rules/RULE-14-1/LoopCounterHaveEssentiallyFloatingType.expected create mode 100644 c/misra/test/rules/RULE-14-1/LoopCounterHaveEssentiallyFloatingType.qlref create mode 100644 c/misra/test/rules/RULE-21-13/CtypeFuncNeitherReprAsUnsignedCharNorEOF.expected create mode 100644 c/misra/test/rules/RULE-21-13/CtypeFuncNeitherReprAsUnsignedCharNorEOF.qlref create mode 100644 c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected create mode 100644 c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.qlref create mode 100644 c/misra/test/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointerToCompatTypes.expected create mode 100644 c/misra/test/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointerToCompatTypes.qlref create mode 100644 c/misra/test/rules/RULE-21-16/MemcmpArgNotPtsToSignedUnsignedBooleanEnumEssType.expected create mode 100644 c/misra/test/rules/RULE-21-16/MemcmpArgNotPtsToSignedUnsignedBooleanEnumEssType.qlref create mode 100644 c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.expected create mode 100644 c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.qlref create mode 100644 c/misra/test/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.expected create mode 100644 c/misra/test/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.qlref create mode 100644 c/misra/test/rules/RULE-7-4/StringLiteralAssignedToObjPtrToConstQualifiedChar.expected create mode 100644 c/misra/test/rules/RULE-7-4/StringLiteralAssignedToObjPtrToConstQualifiedChar.qlref create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/Types.qll diff --git a/c/cert/src/rules/FLP32-C/PreventOrDetectDomainAndRangeErrorsInMathFunctions.md b/c/cert/src/rules/FLP32-C/PreventOrDetectDomainAndRangeErrorsInMathFunctions.md new file mode 100644 index 0000000000..4083d3f36b --- /dev/null +++ b/c/cert/src/rules/FLP32-C/PreventOrDetectDomainAndRangeErrorsInMathFunctions.md @@ -0,0 +1,18 @@ +# FLP32-C: Prevent or detect domain and range errors in math functions + +This query implements the CERT-C rule FLP32-C: + +> Prevent or detect domain and range errors in math functions + + +## CERT + +** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** + +## Implementation notes + +None + +## References + +* CERT-C: [FLP32-C: Prevent or detect domain and range errors in math functions](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/FLP32-C/PreventOrDetectDomainAndRangeErrorsInMathFunctions.ql b/c/cert/src/rules/FLP32-C/PreventOrDetectDomainAndRangeErrorsInMathFunctions.ql new file mode 100644 index 0000000000..5b86641326 --- /dev/null +++ b/c/cert/src/rules/FLP32-C/PreventOrDetectDomainAndRangeErrorsInMathFunctions.ql @@ -0,0 +1,18 @@ +/** + * @id c/cert/prevent-or-detect-domain-and-range-errors-in-math-functions + * @name FLP32-C: Prevent or detect domain and range errors in math functions + * @description TODO. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/cert/id/flp32-c + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert + +from +where + not isExcluded(x, TypesPackage::preventOrDetectDomainAndRangeErrorsInMathFunctionsQuery()) and +select diff --git a/c/cert/src/rules/FLP34-C/FloatingPointConversionsNotWithinRangeOfNewType.md b/c/cert/src/rules/FLP34-C/FloatingPointConversionsNotWithinRangeOfNewType.md new file mode 100644 index 0000000000..8b22986f7d --- /dev/null +++ b/c/cert/src/rules/FLP34-C/FloatingPointConversionsNotWithinRangeOfNewType.md @@ -0,0 +1,16 @@ +# FLP34-C: Ensure that floating-point conversions are within range of the new type + +This query implements the CERT-C rule FLP34-C: + +> Ensure that floating-point conversions are within range of the new type +## CERT + +** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** + +## Implementation notes + +None + +## References + +* CERT-C: [FLP34-C: Ensure that floating-point conversions are within range of the new type](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/FLP34-C/FloatingPointConversionsNotWithinRangeOfNewType.ql b/c/cert/src/rules/FLP34-C/FloatingPointConversionsNotWithinRangeOfNewType.ql new file mode 100644 index 0000000000..fe7a1b581a --- /dev/null +++ b/c/cert/src/rules/FLP34-C/FloatingPointConversionsNotWithinRangeOfNewType.ql @@ -0,0 +1,18 @@ +/** + * @id c/cert/floating-point-conversions-not-within-range-of-new-type + * @name FLP34-C: Ensure that floating-point conversions are within range of the new type + * @description TODO. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/cert/id/flp34-c + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert + +from +where + not isExcluded(x, TypesPackage::floatingPointConversionsNotWithinRangeOfNewTypeQuery()) and +select diff --git a/c/cert/src/rules/FLP36-C/FloatingPointOfIntegralValuesLosePrecision.md b/c/cert/src/rules/FLP36-C/FloatingPointOfIntegralValuesLosePrecision.md new file mode 100644 index 0000000000..bac78b4ddd --- /dev/null +++ b/c/cert/src/rules/FLP36-C/FloatingPointOfIntegralValuesLosePrecision.md @@ -0,0 +1,16 @@ +# FLP36-C: Preserve precision when converting integral values to floating-point type + +This query implements the CERT-C rule FLP36-C: + +> Preserve precision when converting integral values to floating-point type +## CERT + +** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** + +## Implementation notes + +None + +## References + +* CERT-C: [FLP36-C: Preserve precision when converting integral values to floating-point type](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/FLP36-C/FloatingPointOfIntegralValuesLosePrecision.ql b/c/cert/src/rules/FLP36-C/FloatingPointOfIntegralValuesLosePrecision.ql new file mode 100644 index 0000000000..6d61c6aff7 --- /dev/null +++ b/c/cert/src/rules/FLP36-C/FloatingPointOfIntegralValuesLosePrecision.ql @@ -0,0 +1,18 @@ +/** + * @id c/cert/floating-point-of-integral-values-lose-precision + * @name FLP36-C: Preserve precision when converting integral values to floating-point type + * @description TODO. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/cert/id/flp36-c + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert + +from +where + not isExcluded(x, TypesPackage::floatingPointOfIntegralValuesLosePrecisionQuery()) and +select diff --git a/c/cert/src/rules/FLP37-C/ObjectReprUsedForComparingFloatingPointValues.md b/c/cert/src/rules/FLP37-C/ObjectReprUsedForComparingFloatingPointValues.md new file mode 100644 index 0000000000..8b738b87cd --- /dev/null +++ b/c/cert/src/rules/FLP37-C/ObjectReprUsedForComparingFloatingPointValues.md @@ -0,0 +1,16 @@ +# FLP37-C: Do not use object representations to compare floating-point values + +This query implements the CERT-C rule FLP37-C: + +> Do not use object representations to compare floating-point values +## CERT + +** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** + +## Implementation notes + +None + +## References + +* CERT-C: [FLP37-C: Do not use object representations to compare floating-point values](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/FLP37-C/ObjectReprUsedForComparingFloatingPointValues.ql b/c/cert/src/rules/FLP37-C/ObjectReprUsedForComparingFloatingPointValues.ql new file mode 100644 index 0000000000..24fdd70dc4 --- /dev/null +++ b/c/cert/src/rules/FLP37-C/ObjectReprUsedForComparingFloatingPointValues.ql @@ -0,0 +1,18 @@ +/** + * @id c/cert/object-repr-used-for-comparing-floating-point-values + * @name FLP37-C: Do not use object representations to compare floating-point values + * @description TODO. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/cert/id/flp37-c + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert + +from +where + not isExcluded(x, TypesPackage::objectReprUsedForComparingFloatingPointValuesQuery()) and +select diff --git a/c/cert/src/rules/INT30-C/EnsureThatUnsignedIntegerOperationsDoNotWrap.md b/c/cert/src/rules/INT30-C/EnsureThatUnsignedIntegerOperationsDoNotWrap.md new file mode 100644 index 0000000000..402fd7f64a --- /dev/null +++ b/c/cert/src/rules/INT30-C/EnsureThatUnsignedIntegerOperationsDoNotWrap.md @@ -0,0 +1,16 @@ +# INT30-C: Ensure that unsigned integer operations do not wrap + +This query implements the CERT-C rule INT30-C: + +> Ensure that unsigned integer operations do not wrap +## CERT + +** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** + +## Implementation notes + +None + +## References + +* CERT-C: [INT30-C: Ensure that unsigned integer operations do not wrap](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/INT30-C/EnsureThatUnsignedIntegerOperationsDoNotWrap.ql b/c/cert/src/rules/INT30-C/EnsureThatUnsignedIntegerOperationsDoNotWrap.ql new file mode 100644 index 0000000000..c6901a73b1 --- /dev/null +++ b/c/cert/src/rules/INT30-C/EnsureThatUnsignedIntegerOperationsDoNotWrap.ql @@ -0,0 +1,18 @@ +/** + * @id c/cert/ensure-that-unsigned-integer-operations-do-not-wrap + * @name INT30-C: Ensure that unsigned integer operations do not wrap + * @description TODO. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/cert/id/int30-c + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert + +from +where + not isExcluded(x, TypesPackage::ensureThatUnsignedIntegerOperationsDoNotWrapQuery()) and +select diff --git a/c/cert/src/rules/INT31-C/IntConversionCausesLostOrMisinterpretedData.md b/c/cert/src/rules/INT31-C/IntConversionCausesLostOrMisinterpretedData.md new file mode 100644 index 0000000000..3c475e4a77 --- /dev/null +++ b/c/cert/src/rules/INT31-C/IntConversionCausesLostOrMisinterpretedData.md @@ -0,0 +1,16 @@ +# INT31-C: Ensure that integer conversions do not result in lost or misinterpreted data + +This query implements the CERT-C rule INT31-C: + +> Ensure that integer conversions do not result in lost or misinterpreted data +## CERT + +** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** + +## Implementation notes + +None + +## References + +* CERT-C: [INT31-C: Ensure that integer conversions do not result in lost or misinterpreted data](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/INT31-C/IntConversionCausesLostOrMisinterpretedData.ql b/c/cert/src/rules/INT31-C/IntConversionCausesLostOrMisinterpretedData.ql new file mode 100644 index 0000000000..0e994c017f --- /dev/null +++ b/c/cert/src/rules/INT31-C/IntConversionCausesLostOrMisinterpretedData.ql @@ -0,0 +1,18 @@ +/** + * @id c/cert/int-conversion-causes-lost-or-misinterpreted-data + * @name INT31-C: Ensure that integer conversions do not result in lost or misinterpreted data + * @description TODO. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/cert/id/int31-c + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert + +from +where + not isExcluded(x, TypesPackage::intConversionCausesLostOrMisinterpretedDataQuery()) and +select diff --git a/c/cert/src/rules/INT32-C/OperationsOnSignedIntegersResultsInOverflow.md b/c/cert/src/rules/INT32-C/OperationsOnSignedIntegersResultsInOverflow.md new file mode 100644 index 0000000000..84dc8fe143 --- /dev/null +++ b/c/cert/src/rules/INT32-C/OperationsOnSignedIntegersResultsInOverflow.md @@ -0,0 +1,16 @@ +# INT32-C: Ensure that operations on signed integers do not result in overflow + +This query implements the CERT-C rule INT32-C: + +> Ensure that operations on signed integers do not result in overflow +## CERT + +** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** + +## Implementation notes + +None + +## References + +* CERT-C: [INT32-C: Ensure that operations on signed integers do not result in overflow](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/INT32-C/OperationsOnSignedIntegersResultsInOverflow.ql b/c/cert/src/rules/INT32-C/OperationsOnSignedIntegersResultsInOverflow.ql new file mode 100644 index 0000000000..2495050987 --- /dev/null +++ b/c/cert/src/rules/INT32-C/OperationsOnSignedIntegersResultsInOverflow.ql @@ -0,0 +1,18 @@ +/** + * @id c/cert/operations-on-signed-integers-results-in-overflow + * @name INT32-C: Ensure that operations on signed integers do not result in overflow + * @description TODO. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/cert/id/int32-c + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert + +from +where + not isExcluded(x, TypesPackage::operationsOnSignedIntegersResultsInOverflowQuery()) and +select diff --git a/c/cert/src/rules/INT33-C/DivAndModOperationResultsInDivByZero.md b/c/cert/src/rules/INT33-C/DivAndModOperationResultsInDivByZero.md new file mode 100644 index 0000000000..6a86d3e88d --- /dev/null +++ b/c/cert/src/rules/INT33-C/DivAndModOperationResultsInDivByZero.md @@ -0,0 +1,16 @@ +# INT33-C: Ensure that division and remainder operations do not result in divide-by-zero errors + +This query implements the CERT-C rule INT33-C: + +> Ensure that division and remainder operations do not result in divide-by-zero errors +## CERT + +** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** + +## Implementation notes + +None + +## References + +* CERT-C: [INT33-C: Ensure that division and remainder operations do not result in divide-by-zero errors](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/INT33-C/DivAndModOperationResultsInDivByZero.ql b/c/cert/src/rules/INT33-C/DivAndModOperationResultsInDivByZero.ql new file mode 100644 index 0000000000..4385d79f2e --- /dev/null +++ b/c/cert/src/rules/INT33-C/DivAndModOperationResultsInDivByZero.ql @@ -0,0 +1,18 @@ +/** + * @id c/cert/div-and-mod-operation-results-in-div-by-zero + * @name INT33-C: Ensure that division and remainder operations do not result in divide-by-zero errors + * @description TODO. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/cert/id/int33-c + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert + +from +where + not isExcluded(x, TypesPackage::divAndModOperationResultsInDivByZeroQuery()) and +select diff --git a/c/cert/src/rules/INT34-C/ExprShiftedByNegativeBitsOrGreaterThanOperand.md b/c/cert/src/rules/INT34-C/ExprShiftedByNegativeBitsOrGreaterThanOperand.md new file mode 100644 index 0000000000..66c3d5a7a0 --- /dev/null +++ b/c/cert/src/rules/INT34-C/ExprShiftedByNegativeBitsOrGreaterThanOperand.md @@ -0,0 +1,16 @@ +# INT34-C: Do not shift an expression by a negative number of bits or by greater than or equal to the number of + +This query implements the CERT-C rule INT34-C: + +> Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand +## CERT + +** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** + +## Implementation notes + +None + +## References + +* CERT-C: [INT34-C: Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/INT34-C/ExprShiftedByNegativeBitsOrGreaterThanOperand.ql b/c/cert/src/rules/INT34-C/ExprShiftedByNegativeBitsOrGreaterThanOperand.ql new file mode 100644 index 0000000000..f7a0759b6c --- /dev/null +++ b/c/cert/src/rules/INT34-C/ExprShiftedByNegativeBitsOrGreaterThanOperand.ql @@ -0,0 +1,19 @@ +/** + * @id c/cert/expr-shifted-by-negative-bits-or-greater-than-operand + * @name INT34-C: Do not shift an expression by a negative number of bits or by greater than or equal to the number of + * @description Do not shift an expression by a negative number of bits or by greater than or equal + * to the number of bits that exist in the operand. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/cert/id/int34-c + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert + +from +where + not isExcluded(x, TypesPackage::exprShiftedByNegativeBitsOrGreaterThanOperandQuery()) and +select diff --git a/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.md b/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.md new file mode 100644 index 0000000000..aaf89abe74 --- /dev/null +++ b/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.md @@ -0,0 +1,16 @@ +# INT35-C: Use correct integer precisions + +This query implements the CERT-C rule INT35-C: + +> Use correct integer precisions +## CERT + +** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** + +## Implementation notes + +None + +## References + +* CERT-C: [INT35-C: Use correct integer precisions](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.ql b/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.ql new file mode 100644 index 0000000000..41c25374e1 --- /dev/null +++ b/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.ql @@ -0,0 +1,18 @@ +/** + * @id c/cert/use-correct-integer-precisions + * @name INT35-C: Use correct integer precisions + * @description TODO. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/cert/id/int35-c + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert + +from +where + not isExcluded(x, TypesPackage::useCorrectIntegerPrecisionsQuery()) and +select diff --git a/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.md b/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.md new file mode 100644 index 0000000000..6df9d2afff --- /dev/null +++ b/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.md @@ -0,0 +1,16 @@ +# INT36-C: Converting a pointer to integer or integer to pointer + +This query implements the CERT-C rule INT36-C: + +> Converting a pointer to integer or integer to pointer +## CERT + +** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** + +## Implementation notes + +None + +## References + +* CERT-C: [INT36-C: Converting a pointer to integer or integer to pointer](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql b/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql new file mode 100644 index 0000000000..8fc0096b6e --- /dev/null +++ b/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql @@ -0,0 +1,18 @@ +/** + * @id c/cert/converting-a-pointer-to-integer-or-integer-to-pointer + * @name INT36-C: Converting a pointer to integer or integer to pointer + * @description TODO. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/cert/id/int36-c + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert + +from +where + not isExcluded(x, TypesPackage::convertingAPointerToIntegerOrIntegerToPointerQuery()) and +select diff --git a/c/cert/test/rules/FLP32-C/PreventOrDetectDomainAndRangeErrorsInMathFunctions.expected b/c/cert/test/rules/FLP32-C/PreventOrDetectDomainAndRangeErrorsInMathFunctions.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/cert/test/rules/FLP32-C/PreventOrDetectDomainAndRangeErrorsInMathFunctions.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/cert/test/rules/FLP32-C/PreventOrDetectDomainAndRangeErrorsInMathFunctions.qlref b/c/cert/test/rules/FLP32-C/PreventOrDetectDomainAndRangeErrorsInMathFunctions.qlref new file mode 100644 index 0000000000..7cd938b44b --- /dev/null +++ b/c/cert/test/rules/FLP32-C/PreventOrDetectDomainAndRangeErrorsInMathFunctions.qlref @@ -0,0 +1 @@ +rules/FLP32-C/PreventOrDetectDomainAndRangeErrorsInMathFunctions.ql \ No newline at end of file diff --git a/c/cert/test/rules/FLP34-C/FloatingPointConversionsNotWithinRangeOfNewType.expected b/c/cert/test/rules/FLP34-C/FloatingPointConversionsNotWithinRangeOfNewType.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/cert/test/rules/FLP34-C/FloatingPointConversionsNotWithinRangeOfNewType.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/cert/test/rules/FLP34-C/FloatingPointConversionsNotWithinRangeOfNewType.qlref b/c/cert/test/rules/FLP34-C/FloatingPointConversionsNotWithinRangeOfNewType.qlref new file mode 100644 index 0000000000..fba8b90bf0 --- /dev/null +++ b/c/cert/test/rules/FLP34-C/FloatingPointConversionsNotWithinRangeOfNewType.qlref @@ -0,0 +1 @@ +rules/FLP34-C/FloatingPointConversionsNotWithinRangeOfNewType.ql \ No newline at end of file diff --git a/c/cert/test/rules/FLP36-C/FloatingPointOfIntegralValuesLosePrecision.expected b/c/cert/test/rules/FLP36-C/FloatingPointOfIntegralValuesLosePrecision.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/cert/test/rules/FLP36-C/FloatingPointOfIntegralValuesLosePrecision.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/cert/test/rules/FLP36-C/FloatingPointOfIntegralValuesLosePrecision.qlref b/c/cert/test/rules/FLP36-C/FloatingPointOfIntegralValuesLosePrecision.qlref new file mode 100644 index 0000000000..7500c056d2 --- /dev/null +++ b/c/cert/test/rules/FLP36-C/FloatingPointOfIntegralValuesLosePrecision.qlref @@ -0,0 +1 @@ +rules/FLP36-C/FloatingPointOfIntegralValuesLosePrecision.ql \ No newline at end of file diff --git a/c/cert/test/rules/FLP37-C/ObjectReprUsedForComparingFloatingPointValues.expected b/c/cert/test/rules/FLP37-C/ObjectReprUsedForComparingFloatingPointValues.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/cert/test/rules/FLP37-C/ObjectReprUsedForComparingFloatingPointValues.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/cert/test/rules/FLP37-C/ObjectReprUsedForComparingFloatingPointValues.qlref b/c/cert/test/rules/FLP37-C/ObjectReprUsedForComparingFloatingPointValues.qlref new file mode 100644 index 0000000000..6c9287e855 --- /dev/null +++ b/c/cert/test/rules/FLP37-C/ObjectReprUsedForComparingFloatingPointValues.qlref @@ -0,0 +1 @@ +rules/FLP37-C/ObjectReprUsedForComparingFloatingPointValues.ql \ No newline at end of file diff --git a/c/cert/test/rules/INT30-C/EnsureThatUnsignedIntegerOperationsDoNotWrap.expected b/c/cert/test/rules/INT30-C/EnsureThatUnsignedIntegerOperationsDoNotWrap.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/cert/test/rules/INT30-C/EnsureThatUnsignedIntegerOperationsDoNotWrap.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/cert/test/rules/INT30-C/EnsureThatUnsignedIntegerOperationsDoNotWrap.qlref b/c/cert/test/rules/INT30-C/EnsureThatUnsignedIntegerOperationsDoNotWrap.qlref new file mode 100644 index 0000000000..c6dde9ace2 --- /dev/null +++ b/c/cert/test/rules/INT30-C/EnsureThatUnsignedIntegerOperationsDoNotWrap.qlref @@ -0,0 +1 @@ +rules/INT30-C/EnsureThatUnsignedIntegerOperationsDoNotWrap.ql \ No newline at end of file diff --git a/c/cert/test/rules/INT31-C/IntConversionCausesLostOrMisinterpretedData.expected b/c/cert/test/rules/INT31-C/IntConversionCausesLostOrMisinterpretedData.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/cert/test/rules/INT31-C/IntConversionCausesLostOrMisinterpretedData.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/cert/test/rules/INT31-C/IntConversionCausesLostOrMisinterpretedData.qlref b/c/cert/test/rules/INT31-C/IntConversionCausesLostOrMisinterpretedData.qlref new file mode 100644 index 0000000000..b95535183b --- /dev/null +++ b/c/cert/test/rules/INT31-C/IntConversionCausesLostOrMisinterpretedData.qlref @@ -0,0 +1 @@ +rules/INT31-C/IntConversionCausesLostOrMisinterpretedData.ql \ No newline at end of file diff --git a/c/cert/test/rules/INT32-C/OperationsOnSignedIntegersResultsInOverflow.expected b/c/cert/test/rules/INT32-C/OperationsOnSignedIntegersResultsInOverflow.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/cert/test/rules/INT32-C/OperationsOnSignedIntegersResultsInOverflow.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/cert/test/rules/INT32-C/OperationsOnSignedIntegersResultsInOverflow.qlref b/c/cert/test/rules/INT32-C/OperationsOnSignedIntegersResultsInOverflow.qlref new file mode 100644 index 0000000000..91ae574c44 --- /dev/null +++ b/c/cert/test/rules/INT32-C/OperationsOnSignedIntegersResultsInOverflow.qlref @@ -0,0 +1 @@ +rules/INT32-C/OperationsOnSignedIntegersResultsInOverflow.ql \ No newline at end of file diff --git a/c/cert/test/rules/INT33-C/DivAndModOperationResultsInDivByZero.expected b/c/cert/test/rules/INT33-C/DivAndModOperationResultsInDivByZero.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/cert/test/rules/INT33-C/DivAndModOperationResultsInDivByZero.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/cert/test/rules/INT33-C/DivAndModOperationResultsInDivByZero.qlref b/c/cert/test/rules/INT33-C/DivAndModOperationResultsInDivByZero.qlref new file mode 100644 index 0000000000..529fa9a43a --- /dev/null +++ b/c/cert/test/rules/INT33-C/DivAndModOperationResultsInDivByZero.qlref @@ -0,0 +1 @@ +rules/INT33-C/DivAndModOperationResultsInDivByZero.ql \ No newline at end of file diff --git a/c/cert/test/rules/INT34-C/ExprShiftedByNegativeBitsOrGreaterThanOperand.expected b/c/cert/test/rules/INT34-C/ExprShiftedByNegativeBitsOrGreaterThanOperand.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/cert/test/rules/INT34-C/ExprShiftedByNegativeBitsOrGreaterThanOperand.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/cert/test/rules/INT34-C/ExprShiftedByNegativeBitsOrGreaterThanOperand.qlref b/c/cert/test/rules/INT34-C/ExprShiftedByNegativeBitsOrGreaterThanOperand.qlref new file mode 100644 index 0000000000..b5349c3054 --- /dev/null +++ b/c/cert/test/rules/INT34-C/ExprShiftedByNegativeBitsOrGreaterThanOperand.qlref @@ -0,0 +1 @@ +rules/INT34-C/ExprShiftedByNegativeBitsOrGreaterThanOperand.ql \ No newline at end of file diff --git a/c/cert/test/rules/INT35-C/UseCorrectIntegerPrecisions.expected b/c/cert/test/rules/INT35-C/UseCorrectIntegerPrecisions.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/cert/test/rules/INT35-C/UseCorrectIntegerPrecisions.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/cert/test/rules/INT35-C/UseCorrectIntegerPrecisions.qlref b/c/cert/test/rules/INT35-C/UseCorrectIntegerPrecisions.qlref new file mode 100644 index 0000000000..c408baf78d --- /dev/null +++ b/c/cert/test/rules/INT35-C/UseCorrectIntegerPrecisions.qlref @@ -0,0 +1 @@ +rules/INT35-C/UseCorrectIntegerPrecisions.ql \ No newline at end of file diff --git a/c/cert/test/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.expected b/c/cert/test/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/cert/test/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/cert/test/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.qlref b/c/cert/test/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.qlref new file mode 100644 index 0000000000..70ae157f74 --- /dev/null +++ b/c/cert/test/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.qlref @@ -0,0 +1 @@ +rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql \ No newline at end of file diff --git a/c/misra/src/rules/DIR-4-6/NumericTypedefsNotUsedInPlaceOfBasicNumericalTypes.ql b/c/misra/src/rules/DIR-4-6/NumericTypedefsNotUsedInPlaceOfBasicNumericalTypes.ql new file mode 100644 index 0000000000..0b9a284e56 --- /dev/null +++ b/c/misra/src/rules/DIR-4-6/NumericTypedefsNotUsedInPlaceOfBasicNumericalTypes.ql @@ -0,0 +1,18 @@ +/** + * @id c/misra/numeric-typedefs-not-used-in-place-of-basic-numerical-types + * @name DIR-4-6: typedefs that indicate size and signedness should be used in place of the basic numerical types + * @description TODO. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/misra/id/dir-4-6 + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.c.misra + +from +where + not isExcluded(x, TypesPackage::numericTypedefsNotUsedInPlaceOfBasicNumericalTypesQuery()) and +select diff --git a/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql b/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql new file mode 100644 index 0000000000..65e515a87d --- /dev/null +++ b/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql @@ -0,0 +1,18 @@ +/** + * @id c/misra/operands-of-an-inappropriate-essential-type + * @name RULE-10-1: Operands shall not be of an inappropriate essential type + * @description TODO. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/misra/id/rule-10-1 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +from +where + not isExcluded(x, TypesPackage::operandsOfAnInappropriateEssentialTypeQuery()) and +select diff --git a/c/misra/src/rules/RULE-10-2/CharTypeExprsUsedInAddOrSub.ql b/c/misra/src/rules/RULE-10-2/CharTypeExprsUsedInAddOrSub.ql new file mode 100644 index 0000000000..f64bdcc980 --- /dev/null +++ b/c/misra/src/rules/RULE-10-2/CharTypeExprsUsedInAddOrSub.ql @@ -0,0 +1,19 @@ +/** + * @id c/misra/char-type-exprs-used-in-add-or-sub + * @name RULE-10-2: Expressions of essentially character type shall not be used inappropriately in addition and + * @description Expressions of essentially character type shall not be used inappropriately in + * addition and subtraction operations. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-10-2 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +from +where + not isExcluded(x, TypesPackage::charTypeExprsUsedInAddOrSubQuery()) and +select diff --git a/c/misra/src/rules/RULE-10-3/AssignmentToIncompatibleEssentialType.ql b/c/misra/src/rules/RULE-10-3/AssignmentToIncompatibleEssentialType.ql new file mode 100644 index 0000000000..6d0a0c5aba --- /dev/null +++ b/c/misra/src/rules/RULE-10-3/AssignmentToIncompatibleEssentialType.ql @@ -0,0 +1,19 @@ +/** + * @id c/misra/assignment-to-incompatible-essential-type + * @name RULE-10-3: The value of an expression shall not be assigned to an object with a narrower essential type or of a + * @description The value of an expression shall not be assigned to an object with a narrower + * essential type or of a different essential type category. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/misra/id/rule-10-3 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +from +where + not isExcluded(x, TypesPackage::assignmentToIncompatibleEssentialTypeQuery()) and +select diff --git a/c/misra/src/rules/RULE-10-4/ArithConversionOperandHasDifferentEssTypeCategory.ql b/c/misra/src/rules/RULE-10-4/ArithConversionOperandHasDifferentEssTypeCategory.ql new file mode 100644 index 0000000000..cc27e5b693 --- /dev/null +++ b/c/misra/src/rules/RULE-10-4/ArithConversionOperandHasDifferentEssTypeCategory.ql @@ -0,0 +1,19 @@ +/** + * @id c/misra/arith-conversion-operand-has-different-ess-type-category + * @name RULE-10-4: Both operands of an operator in which the usual arithmetic conversions are performed shall have the + * @description Both operands of an operator in which the usual arithmetic conversions are performed + * shall have the same essential type category. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-10-4 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +from +where + not isExcluded(x, TypesPackage::arithConversionOperandHasDifferentEssTypeCategoryQuery()) and +select diff --git a/c/misra/src/rules/RULE-10-5/ValueCastToInappropriateEssentialType.ql b/c/misra/src/rules/RULE-10-5/ValueCastToInappropriateEssentialType.ql new file mode 100644 index 0000000000..ebdddc2910 --- /dev/null +++ b/c/misra/src/rules/RULE-10-5/ValueCastToInappropriateEssentialType.ql @@ -0,0 +1,18 @@ +/** + * @id c/misra/value-cast-to-inappropriate-essential-type + * @name RULE-10-5: The value of an expression should not be cast to an inappropriate essential type + * @description TODO. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-10-5 + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.c.misra + +from +where + not isExcluded(x, TypesPackage::valueCastToInappropriateEssentialTypeQuery()) and +select diff --git a/c/misra/src/rules/RULE-10-6/CompositeExprValueAssignedToObjWithWiderEssType.ql b/c/misra/src/rules/RULE-10-6/CompositeExprValueAssignedToObjWithWiderEssType.ql new file mode 100644 index 0000000000..968edd026a --- /dev/null +++ b/c/misra/src/rules/RULE-10-6/CompositeExprValueAssignedToObjWithWiderEssType.ql @@ -0,0 +1,18 @@ +/** + * @id c/misra/composite-expr-value-assigned-to-obj-with-wider-ess-type + * @name RULE-10-6: The value of a composite expression shall not be assigned to an object with wider essential type + * @description TODO. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-10-6 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +from +where + not isExcluded(x, TypesPackage::compositeExprValueAssignedToObjWithWiderEssTypeQuery()) and +select diff --git a/c/misra/src/rules/RULE-10-7/ConvertedCompExprOperandHasWiderEssTypeThanOther.ql b/c/misra/src/rules/RULE-10-7/ConvertedCompExprOperandHasWiderEssTypeThanOther.ql new file mode 100644 index 0000000000..73d5fd0d30 --- /dev/null +++ b/c/misra/src/rules/RULE-10-7/ConvertedCompExprOperandHasWiderEssTypeThanOther.ql @@ -0,0 +1,20 @@ +/** + * @id c/misra/converted-comp-expr-operand-has-wider-ess-type-than-other + * @name RULE-10-7: If a composite expression is used as one operand of an operator in which the usual arithmetic + * @description If a composite expression is used as one operand of an operator in which the usual + * arithmetic conversions are performed then the other operand shall not have wider + * essential type. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-10-7 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +from +where + not isExcluded(x, TypesPackage::convertedCompExprOperandHasWiderEssTypeThanOtherQuery()) and +select diff --git a/c/misra/src/rules/RULE-10-8/CompExprValCastToIncompatEssType.ql b/c/misra/src/rules/RULE-10-8/CompExprValCastToIncompatEssType.ql new file mode 100644 index 0000000000..5937b33bd4 --- /dev/null +++ b/c/misra/src/rules/RULE-10-8/CompExprValCastToIncompatEssType.ql @@ -0,0 +1,19 @@ +/** + * @id c/misra/comp-expr-val-cast-to-incompat-ess-type + * @name RULE-10-8: The value of a composite expression shall not be cast to a different essential type category or a + * @description The value of a composite expression shall not be cast to a different essential type + * category or a wider essential type. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-10-8 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +from +where + not isExcluded(x, TypesPackage::compExprValCastToIncompatEssTypeQuery()) and +select diff --git a/c/misra/src/rules/RULE-12-4/ConstExprEvalCausesUnsignedIntWraparound.ql b/c/misra/src/rules/RULE-12-4/ConstExprEvalCausesUnsignedIntWraparound.ql new file mode 100644 index 0000000000..86001f7cfb --- /dev/null +++ b/c/misra/src/rules/RULE-12-4/ConstExprEvalCausesUnsignedIntWraparound.ql @@ -0,0 +1,18 @@ +/** + * @id c/misra/const-expr-eval-causes-unsigned-int-wraparound + * @name RULE-12-4: Evaluation of constant expressions should not lead to unsigned integer wrap-around + * @description TODO. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-12-4 + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.c.misra + +from +where + not isExcluded(x, TypesPackage::constExprEvalCausesUnsignedIntWraparoundQuery()) and +select diff --git a/c/misra/src/rules/RULE-12-5/ArrayTypeParamAtSizeofOperand.ql b/c/misra/src/rules/RULE-12-5/ArrayTypeParamAtSizeofOperand.ql new file mode 100644 index 0000000000..2c67b24759 --- /dev/null +++ b/c/misra/src/rules/RULE-12-5/ArrayTypeParamAtSizeofOperand.ql @@ -0,0 +1,19 @@ +/** + * @id c/misra/array-type-param-at-sizeof-operand + * @name RULE-12-5: The sizeof operator shall not have an operand which is a function parameter declared as 'array of + * @description The sizeof operator shall not have an operand which is a function parameter declared + * as 'array of type'. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-12-5 + * external/misra/obligation/mandatory + */ + +import cpp +import codingstandards.c.misra + +from +where + not isExcluded(x, TypesPackage::arrayTypeParamAtSizeofOperandQuery()) and +select diff --git a/c/misra/src/rules/RULE-14-1/LoopCounterHaveEssentiallyFloatingType.ql b/c/misra/src/rules/RULE-14-1/LoopCounterHaveEssentiallyFloatingType.ql new file mode 100644 index 0000000000..9b0b57148d --- /dev/null +++ b/c/misra/src/rules/RULE-14-1/LoopCounterHaveEssentiallyFloatingType.ql @@ -0,0 +1,18 @@ +/** + * @id c/misra/loop-counter-have-essentially-floating-type + * @name RULE-14-1: A loop counter shall not have essentially floating type + * @description TODO. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/misra/id/rule-14-1 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +from +where + not isExcluded(x, TypesPackage::loopCounterHaveEssentiallyFloatingTypeQuery()) and +select diff --git a/c/misra/src/rules/RULE-21-13/CtypeFuncNeitherReprAsUnsignedCharNorEOF.ql b/c/misra/src/rules/RULE-21-13/CtypeFuncNeitherReprAsUnsignedCharNorEOF.ql new file mode 100644 index 0000000000..ea070a1aa9 --- /dev/null +++ b/c/misra/src/rules/RULE-21-13/CtypeFuncNeitherReprAsUnsignedCharNorEOF.ql @@ -0,0 +1,19 @@ +/** + * @id c/misra/ctype-func-neither-repr-as-unsigned-char-nor-eof + * @name RULE-21-13: Any value passed to a function in shall be representable as an unsigned char or be the + * @description Any value passed to a function in shall be representable as an unsigned + * char or be the value EOF. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-21-13 + * external/misra/obligation/mandatory + */ + +import cpp +import codingstandards.c.misra + +from +where + not isExcluded(x, TypesPackage::ctypeFuncNeitherReprAsUnsignedCharNorEOFQuery()) and +select diff --git a/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql b/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql new file mode 100644 index 0000000000..362985892f --- /dev/null +++ b/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql @@ -0,0 +1,18 @@ +/** + * @id c/misra/memcmp-used-to-compare-null-terminated-strings + * @name RULE-21-14: The Standard Library function memcmp shall not be used to compare null terminated strings + * @description TODO. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/misra/id/rule-21-14 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +from +where + not isExcluded(x, TypesPackage::memcmpUsedToCompareNullTerminatedStringsQuery()) and +select diff --git a/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointerToCompatTypes.ql b/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointerToCompatTypes.ql new file mode 100644 index 0000000000..857f066615 --- /dev/null +++ b/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointerToCompatTypes.ql @@ -0,0 +1,19 @@ +/** + * @id c/misra/memcpy-memmove-memcmp-arg-not-pointer-to-compat-types + * @name RULE-21-15: The pointer arguments to the Standard Library functions memcpy, memmove and memcmp shall be pointers + * @description The pointer arguments to the Standard Library functions memcpy, memmove and memcmp + * shall be pointers to qualified or unqualified versions of compatible types. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-21-15 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +from +where + not isExcluded(x, TypesPackage::memcpyMemmoveMemcmpArgNotPointerToCompatTypesQuery()) and +select diff --git a/c/misra/src/rules/RULE-21-16/MemcmpArgNotPtsToSignedUnsignedBooleanEnumEssType.ql b/c/misra/src/rules/RULE-21-16/MemcmpArgNotPtsToSignedUnsignedBooleanEnumEssType.ql new file mode 100644 index 0000000000..b78ac3715f --- /dev/null +++ b/c/misra/src/rules/RULE-21-16/MemcmpArgNotPtsToSignedUnsignedBooleanEnumEssType.ql @@ -0,0 +1,20 @@ +/** + * @id c/misra/memcmp-arg-not-pts-to-signed-unsigned-boolean-enum-ess-type + * @name RULE-21-16: The pointer arguments to the Standard Library function memcmp shall point to either a pointer type, + * @description The pointer arguments to the Standard Library function memcmp shall point to either + * a pointer type, an essentially signed type, an essentially unsigned type, an + * essentially Boolean type or an essentially enum type. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-21-16 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +from +where + not isExcluded(x, TypesPackage::memcmpArgNotPtsToSignedUnsignedBooleanEnumEssTypeQuery()) and +select diff --git a/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql b/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql new file mode 100644 index 0000000000..ee3c03d559 --- /dev/null +++ b/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql @@ -0,0 +1,19 @@ +/** + * @id c/misra/bit-fields-shall-only-be-declared-with-an-appropriate-type + * @name RULE-6-1: Bit-fields shall only be declared with an appropriate type + * @description Declaring bit-fields on types other than appropriate ones causes + * implementation-specific or undefined behavior. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-6-1 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +from +where + not isExcluded(x, TypesPackage::bitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery()) and +select diff --git a/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql b/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql new file mode 100644 index 0000000000..436d7efab7 --- /dev/null +++ b/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql @@ -0,0 +1,19 @@ +/** + * @id c/misra/single-bit-named-bit-fields-of-a-signed-type + * @name RULE-6-2: Single-bit named bit fields shall not be of a signed type + * @description Single-bit named bit fields carry no useful information and therefore should not be + * declared or used. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-6-2 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +from +where + not isExcluded(x, TypesPackage::singleBitNamedBitFieldsOfASignedTypeQuery()) and +select diff --git a/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToObjPtrToConstQualifiedChar.ql b/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToObjPtrToConstQualifiedChar.ql new file mode 100644 index 0000000000..54328526d4 --- /dev/null +++ b/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToObjPtrToConstQualifiedChar.ql @@ -0,0 +1,19 @@ +/** + * @id c/misra/string-literal-assigned-to-obj-ptr-to-const-qualified-char + * @name RULE-7-4: A string literal shall not be assigned to an object unless the object's type is 'pointer to + * @description A string literal shall not be assigned to an object unless the object's type is + * 'pointer to const-qualified char'. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-7-4 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +from +where + not isExcluded(x, TypesPackage::stringLiteralAssignedToObjPtrToConstQualifiedCharQuery()) and +select diff --git a/c/misra/test/rules/DIR-4-6/NumericTypedefsNotUsedInPlaceOfBasicNumericalTypes.expected b/c/misra/test/rules/DIR-4-6/NumericTypedefsNotUsedInPlaceOfBasicNumericalTypes.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/DIR-4-6/NumericTypedefsNotUsedInPlaceOfBasicNumericalTypes.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/DIR-4-6/NumericTypedefsNotUsedInPlaceOfBasicNumericalTypes.qlref b/c/misra/test/rules/DIR-4-6/NumericTypedefsNotUsedInPlaceOfBasicNumericalTypes.qlref new file mode 100644 index 0000000000..81fd5998d5 --- /dev/null +++ b/c/misra/test/rules/DIR-4-6/NumericTypedefsNotUsedInPlaceOfBasicNumericalTypes.qlref @@ -0,0 +1 @@ +rules/DIR-4-6/NumericTypedefsNotUsedInPlaceOfBasicNumericalTypes.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.expected b/c/misra/test/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.qlref b/c/misra/test/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.qlref new file mode 100644 index 0000000000..f3120fd81f --- /dev/null +++ b/c/misra/test/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.qlref @@ -0,0 +1 @@ +rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-2/CharTypeExprsUsedInAddOrSub.expected b/c/misra/test/rules/RULE-10-2/CharTypeExprsUsedInAddOrSub.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/RULE-10-2/CharTypeExprsUsedInAddOrSub.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-2/CharTypeExprsUsedInAddOrSub.qlref b/c/misra/test/rules/RULE-10-2/CharTypeExprsUsedInAddOrSub.qlref new file mode 100644 index 0000000000..a0912cc8e9 --- /dev/null +++ b/c/misra/test/rules/RULE-10-2/CharTypeExprsUsedInAddOrSub.qlref @@ -0,0 +1 @@ +rules/RULE-10-2/CharTypeExprsUsedInAddOrSub.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-3/AssignmentToIncompatibleEssentialType.expected b/c/misra/test/rules/RULE-10-3/AssignmentToIncompatibleEssentialType.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/RULE-10-3/AssignmentToIncompatibleEssentialType.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-3/AssignmentToIncompatibleEssentialType.qlref b/c/misra/test/rules/RULE-10-3/AssignmentToIncompatibleEssentialType.qlref new file mode 100644 index 0000000000..d75ee46cd9 --- /dev/null +++ b/c/misra/test/rules/RULE-10-3/AssignmentToIncompatibleEssentialType.qlref @@ -0,0 +1 @@ +rules/RULE-10-3/AssignmentToIncompatibleEssentialType.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-4/ArithConversionOperandHasDifferentEssTypeCategory.expected b/c/misra/test/rules/RULE-10-4/ArithConversionOperandHasDifferentEssTypeCategory.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/RULE-10-4/ArithConversionOperandHasDifferentEssTypeCategory.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-4/ArithConversionOperandHasDifferentEssTypeCategory.qlref b/c/misra/test/rules/RULE-10-4/ArithConversionOperandHasDifferentEssTypeCategory.qlref new file mode 100644 index 0000000000..fdafde4779 --- /dev/null +++ b/c/misra/test/rules/RULE-10-4/ArithConversionOperandHasDifferentEssTypeCategory.qlref @@ -0,0 +1 @@ +rules/RULE-10-4/ArithConversionOperandHasDifferentEssTypeCategory.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-5/ValueCastToInappropriateEssentialType.expected b/c/misra/test/rules/RULE-10-5/ValueCastToInappropriateEssentialType.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/RULE-10-5/ValueCastToInappropriateEssentialType.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-5/ValueCastToInappropriateEssentialType.qlref b/c/misra/test/rules/RULE-10-5/ValueCastToInappropriateEssentialType.qlref new file mode 100644 index 0000000000..226c29d9c0 --- /dev/null +++ b/c/misra/test/rules/RULE-10-5/ValueCastToInappropriateEssentialType.qlref @@ -0,0 +1 @@ +rules/RULE-10-5/ValueCastToInappropriateEssentialType.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-6/CompositeExprValueAssignedToObjWithWiderEssType.expected b/c/misra/test/rules/RULE-10-6/CompositeExprValueAssignedToObjWithWiderEssType.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/RULE-10-6/CompositeExprValueAssignedToObjWithWiderEssType.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-6/CompositeExprValueAssignedToObjWithWiderEssType.qlref b/c/misra/test/rules/RULE-10-6/CompositeExprValueAssignedToObjWithWiderEssType.qlref new file mode 100644 index 0000000000..258caa5497 --- /dev/null +++ b/c/misra/test/rules/RULE-10-6/CompositeExprValueAssignedToObjWithWiderEssType.qlref @@ -0,0 +1 @@ +rules/RULE-10-6/CompositeExprValueAssignedToObjWithWiderEssType.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-7/ConvertedCompExprOperandHasWiderEssTypeThanOther.expected b/c/misra/test/rules/RULE-10-7/ConvertedCompExprOperandHasWiderEssTypeThanOther.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/RULE-10-7/ConvertedCompExprOperandHasWiderEssTypeThanOther.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-7/ConvertedCompExprOperandHasWiderEssTypeThanOther.qlref b/c/misra/test/rules/RULE-10-7/ConvertedCompExprOperandHasWiderEssTypeThanOther.qlref new file mode 100644 index 0000000000..ffcbf37d96 --- /dev/null +++ b/c/misra/test/rules/RULE-10-7/ConvertedCompExprOperandHasWiderEssTypeThanOther.qlref @@ -0,0 +1 @@ +rules/RULE-10-7/ConvertedCompExprOperandHasWiderEssTypeThanOther.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-8/CompExprValCastToIncompatEssType.expected b/c/misra/test/rules/RULE-10-8/CompExprValCastToIncompatEssType.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/RULE-10-8/CompExprValCastToIncompatEssType.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-8/CompExprValCastToIncompatEssType.qlref b/c/misra/test/rules/RULE-10-8/CompExprValCastToIncompatEssType.qlref new file mode 100644 index 0000000000..92e74b5640 --- /dev/null +++ b/c/misra/test/rules/RULE-10-8/CompExprValCastToIncompatEssType.qlref @@ -0,0 +1 @@ +rules/RULE-10-8/CompExprValCastToIncompatEssType.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-12-4/ConstExprEvalCausesUnsignedIntWraparound.expected b/c/misra/test/rules/RULE-12-4/ConstExprEvalCausesUnsignedIntWraparound.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/RULE-12-4/ConstExprEvalCausesUnsignedIntWraparound.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-12-4/ConstExprEvalCausesUnsignedIntWraparound.qlref b/c/misra/test/rules/RULE-12-4/ConstExprEvalCausesUnsignedIntWraparound.qlref new file mode 100644 index 0000000000..8f483e64f3 --- /dev/null +++ b/c/misra/test/rules/RULE-12-4/ConstExprEvalCausesUnsignedIntWraparound.qlref @@ -0,0 +1 @@ +rules/RULE-12-4/ConstExprEvalCausesUnsignedIntWraparound.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-12-5/ArrayTypeParamAtSizeofOperand.expected b/c/misra/test/rules/RULE-12-5/ArrayTypeParamAtSizeofOperand.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/RULE-12-5/ArrayTypeParamAtSizeofOperand.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-12-5/ArrayTypeParamAtSizeofOperand.qlref b/c/misra/test/rules/RULE-12-5/ArrayTypeParamAtSizeofOperand.qlref new file mode 100644 index 0000000000..b083a10d31 --- /dev/null +++ b/c/misra/test/rules/RULE-12-5/ArrayTypeParamAtSizeofOperand.qlref @@ -0,0 +1 @@ +rules/RULE-12-5/ArrayTypeParamAtSizeofOperand.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-14-1/LoopCounterHaveEssentiallyFloatingType.expected b/c/misra/test/rules/RULE-14-1/LoopCounterHaveEssentiallyFloatingType.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/RULE-14-1/LoopCounterHaveEssentiallyFloatingType.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-14-1/LoopCounterHaveEssentiallyFloatingType.qlref b/c/misra/test/rules/RULE-14-1/LoopCounterHaveEssentiallyFloatingType.qlref new file mode 100644 index 0000000000..befc44a33a --- /dev/null +++ b/c/misra/test/rules/RULE-14-1/LoopCounterHaveEssentiallyFloatingType.qlref @@ -0,0 +1 @@ +rules/RULE-14-1/LoopCounterHaveEssentiallyFloatingType.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-13/CtypeFuncNeitherReprAsUnsignedCharNorEOF.expected b/c/misra/test/rules/RULE-21-13/CtypeFuncNeitherReprAsUnsignedCharNorEOF.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/RULE-21-13/CtypeFuncNeitherReprAsUnsignedCharNorEOF.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-13/CtypeFuncNeitherReprAsUnsignedCharNorEOF.qlref b/c/misra/test/rules/RULE-21-13/CtypeFuncNeitherReprAsUnsignedCharNorEOF.qlref new file mode 100644 index 0000000000..60f87891a1 --- /dev/null +++ b/c/misra/test/rules/RULE-21-13/CtypeFuncNeitherReprAsUnsignedCharNorEOF.qlref @@ -0,0 +1 @@ +rules/RULE-21-13/CtypeFuncNeitherReprAsUnsignedCharNorEOF.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected b/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.qlref b/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.qlref new file mode 100644 index 0000000000..99017569aa --- /dev/null +++ b/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.qlref @@ -0,0 +1 @@ +rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointerToCompatTypes.expected b/c/misra/test/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointerToCompatTypes.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointerToCompatTypes.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointerToCompatTypes.qlref b/c/misra/test/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointerToCompatTypes.qlref new file mode 100644 index 0000000000..e0ff446916 --- /dev/null +++ b/c/misra/test/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointerToCompatTypes.qlref @@ -0,0 +1 @@ +rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointerToCompatTypes.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-16/MemcmpArgNotPtsToSignedUnsignedBooleanEnumEssType.expected b/c/misra/test/rules/RULE-21-16/MemcmpArgNotPtsToSignedUnsignedBooleanEnumEssType.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/RULE-21-16/MemcmpArgNotPtsToSignedUnsignedBooleanEnumEssType.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-16/MemcmpArgNotPtsToSignedUnsignedBooleanEnumEssType.qlref b/c/misra/test/rules/RULE-21-16/MemcmpArgNotPtsToSignedUnsignedBooleanEnumEssType.qlref new file mode 100644 index 0000000000..ade809ada5 --- /dev/null +++ b/c/misra/test/rules/RULE-21-16/MemcmpArgNotPtsToSignedUnsignedBooleanEnumEssType.qlref @@ -0,0 +1 @@ +rules/RULE-21-16/MemcmpArgNotPtsToSignedUnsignedBooleanEnumEssType.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.expected b/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.qlref b/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.qlref new file mode 100644 index 0000000000..7000f50ab1 --- /dev/null +++ b/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.qlref @@ -0,0 +1 @@ +rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.expected b/c/misra/test/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.qlref b/c/misra/test/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.qlref new file mode 100644 index 0000000000..50c34f70a7 --- /dev/null +++ b/c/misra/test/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.qlref @@ -0,0 +1 @@ +rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToObjPtrToConstQualifiedChar.expected b/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToObjPtrToConstQualifiedChar.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToObjPtrToConstQualifiedChar.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToObjPtrToConstQualifiedChar.qlref b/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToObjPtrToConstQualifiedChar.qlref new file mode 100644 index 0000000000..d886f5a94a --- /dev/null +++ b/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToObjPtrToConstQualifiedChar.qlref @@ -0,0 +1 @@ +rules/RULE-7-4/StringLiteralAssignedToObjPtrToConstQualifiedChar.ql \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index f06e6c3a49..9ee95dd2dd 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -42,6 +42,7 @@ import Strings1 import Strings2 import Strings3 import Syntax +import Types /** The TQuery type representing this language * */ newtype TCQuery = @@ -84,7 +85,8 @@ newtype TCQuery = TStrings1PackageQuery(Strings1Query q) or TStrings2PackageQuery(Strings2Query q) or TStrings3PackageQuery(Strings3Query q) or - TSyntaxPackageQuery(SyntaxQuery q) + TSyntaxPackageQuery(SyntaxQuery q) or + TTypesPackageQuery(TypesQuery q) /** The metadata predicate * */ predicate isQueryMetadata(Query query, string queryId, string ruleId, string category) { @@ -127,5 +129,6 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isStrings1QueryMetadata(query, queryId, ruleId, category) or isStrings2QueryMetadata(query, queryId, ruleId, category) or isStrings3QueryMetadata(query, queryId, ruleId, category) or - isSyntaxQueryMetadata(query, queryId, ruleId, category) + isSyntaxQueryMetadata(query, queryId, ruleId, category) or + isTypesQueryMetadata(query, queryId, ruleId, category) } diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Types.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Types.qll new file mode 100644 index 0000000000..79cf3550b1 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Types.qll @@ -0,0 +1,520 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype TypesQuery = + TPreventOrDetectDomainAndRangeErrorsInMathFunctionsQuery() or + TFloatingPointConversionsNotWithinRangeOfNewTypeQuery() or + TFloatingPointOfIntegralValuesLosePrecisionQuery() or + TObjectReprUsedForComparingFloatingPointValuesQuery() or + TEnsureThatUnsignedIntegerOperationsDoNotWrapQuery() or + TIntConversionCausesLostOrMisinterpretedDataQuery() or + TOperationsOnSignedIntegersResultsInOverflowQuery() or + TDivAndModOperationResultsInDivByZeroQuery() or + TExprShiftedByNegativeBitsOrGreaterThanOperandQuery() or + TUseCorrectIntegerPrecisionsQuery() or + TConvertingAPointerToIntegerOrIntegerToPointerQuery() or + TNumericTypedefsNotUsedInPlaceOfBasicNumericalTypesQuery() or + TOperandsOfAnInappropriateEssentialTypeQuery() or + TCharTypeExprsUsedInAddOrSubQuery() or + TAssignmentToIncompatibleEssentialTypeQuery() or + TArithConversionOperandHasDifferentEssTypeCategoryQuery() or + TValueCastToInappropriateEssentialTypeQuery() or + TCompositeExprValueAssignedToObjWithWiderEssTypeQuery() or + TConvertedCompExprOperandHasWiderEssTypeThanOtherQuery() or + TCompExprValCastToIncompatEssTypeQuery() or + TConstExprEvalCausesUnsignedIntWraparoundQuery() or + TArrayTypeParamAtSizeofOperandQuery() or + TLoopCounterHaveEssentiallyFloatingTypeQuery() or + TCtypeFuncNeitherReprAsUnsignedCharNorEOFQuery() or + TMemcmpUsedToCompareNullTerminatedStringsQuery() or + TMemcpyMemmoveMemcmpArgNotPointerToCompatTypesQuery() or + TMemcmpArgNotPtsToSignedUnsignedBooleanEnumEssTypeQuery() or + TBitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery() or + TSingleBitNamedBitFieldsOfASignedTypeQuery() or + TStringLiteralAssignedToObjPtrToConstQualifiedCharQuery() + +predicate isTypesQueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `preventOrDetectDomainAndRangeErrorsInMathFunctions` query + TypesPackage::preventOrDetectDomainAndRangeErrorsInMathFunctionsQuery() and + queryId = + // `@id` for the `preventOrDetectDomainAndRangeErrorsInMathFunctions` query + "c/cert/prevent-or-detect-domain-and-range-errors-in-math-functions" and + ruleId = "FLP32-C" and + category = "rule" + or + query = + // `Query` instance for the `floatingPointConversionsNotWithinRangeOfNewType` query + TypesPackage::floatingPointConversionsNotWithinRangeOfNewTypeQuery() and + queryId = + // `@id` for the `floatingPointConversionsNotWithinRangeOfNewType` query + "c/cert/floating-point-conversions-not-within-range-of-new-type" and + ruleId = "FLP34-C" and + category = "rule" + or + query = + // `Query` instance for the `floatingPointOfIntegralValuesLosePrecision` query + TypesPackage::floatingPointOfIntegralValuesLosePrecisionQuery() and + queryId = + // `@id` for the `floatingPointOfIntegralValuesLosePrecision` query + "c/cert/floating-point-of-integral-values-lose-precision" and + ruleId = "FLP36-C" and + category = "rule" + or + query = + // `Query` instance for the `objectReprUsedForComparingFloatingPointValues` query + TypesPackage::objectReprUsedForComparingFloatingPointValuesQuery() and + queryId = + // `@id` for the `objectReprUsedForComparingFloatingPointValues` query + "c/cert/object-repr-used-for-comparing-floating-point-values" and + ruleId = "FLP37-C" and + category = "rule" + or + query = + // `Query` instance for the `ensureThatUnsignedIntegerOperationsDoNotWrap` query + TypesPackage::ensureThatUnsignedIntegerOperationsDoNotWrapQuery() and + queryId = + // `@id` for the `ensureThatUnsignedIntegerOperationsDoNotWrap` query + "c/cert/ensure-that-unsigned-integer-operations-do-not-wrap" and + ruleId = "INT30-C" and + category = "rule" + or + query = + // `Query` instance for the `intConversionCausesLostOrMisinterpretedData` query + TypesPackage::intConversionCausesLostOrMisinterpretedDataQuery() and + queryId = + // `@id` for the `intConversionCausesLostOrMisinterpretedData` query + "c/cert/int-conversion-causes-lost-or-misinterpreted-data" and + ruleId = "INT31-C" and + category = "rule" + or + query = + // `Query` instance for the `operationsOnSignedIntegersResultsInOverflow` query + TypesPackage::operationsOnSignedIntegersResultsInOverflowQuery() and + queryId = + // `@id` for the `operationsOnSignedIntegersResultsInOverflow` query + "c/cert/operations-on-signed-integers-results-in-overflow" and + ruleId = "INT32-C" and + category = "rule" + or + query = + // `Query` instance for the `divAndModOperationResultsInDivByZero` query + TypesPackage::divAndModOperationResultsInDivByZeroQuery() and + queryId = + // `@id` for the `divAndModOperationResultsInDivByZero` query + "c/cert/div-and-mod-operation-results-in-div-by-zero" and + ruleId = "INT33-C" and + category = "rule" + or + query = + // `Query` instance for the `exprShiftedByNegativeBitsOrGreaterThanOperand` query + TypesPackage::exprShiftedByNegativeBitsOrGreaterThanOperandQuery() and + queryId = + // `@id` for the `exprShiftedByNegativeBitsOrGreaterThanOperand` query + "c/cert/expr-shifted-by-negative-bits-or-greater-than-operand" and + ruleId = "INT34-C" and + category = "rule" + or + query = + // `Query` instance for the `useCorrectIntegerPrecisions` query + TypesPackage::useCorrectIntegerPrecisionsQuery() and + queryId = + // `@id` for the `useCorrectIntegerPrecisions` query + "c/cert/use-correct-integer-precisions" and + ruleId = "INT35-C" and + category = "rule" + or + query = + // `Query` instance for the `convertingAPointerToIntegerOrIntegerToPointer` query + TypesPackage::convertingAPointerToIntegerOrIntegerToPointerQuery() and + queryId = + // `@id` for the `convertingAPointerToIntegerOrIntegerToPointer` query + "c/cert/converting-a-pointer-to-integer-or-integer-to-pointer" and + ruleId = "INT36-C" and + category = "rule" + or + query = + // `Query` instance for the `numericTypedefsNotUsedInPlaceOfBasicNumericalTypes` query + TypesPackage::numericTypedefsNotUsedInPlaceOfBasicNumericalTypesQuery() and + queryId = + // `@id` for the `numericTypedefsNotUsedInPlaceOfBasicNumericalTypes` query + "c/misra/numeric-typedefs-not-used-in-place-of-basic-numerical-types" and + ruleId = "DIR-4-6" and + category = "advisory" + or + query = + // `Query` instance for the `operandsOfAnInappropriateEssentialType` query + TypesPackage::operandsOfAnInappropriateEssentialTypeQuery() and + queryId = + // `@id` for the `operandsOfAnInappropriateEssentialType` query + "c/misra/operands-of-an-inappropriate-essential-type" and + ruleId = "RULE-10-1" and + category = "required" + or + query = + // `Query` instance for the `charTypeExprsUsedInAddOrSub` query + TypesPackage::charTypeExprsUsedInAddOrSubQuery() and + queryId = + // `@id` for the `charTypeExprsUsedInAddOrSub` query + "c/misra/char-type-exprs-used-in-add-or-sub" and + ruleId = "RULE-10-2" and + category = "required" + or + query = + // `Query` instance for the `assignmentToIncompatibleEssentialType` query + TypesPackage::assignmentToIncompatibleEssentialTypeQuery() and + queryId = + // `@id` for the `assignmentToIncompatibleEssentialType` query + "c/misra/assignment-to-incompatible-essential-type" and + ruleId = "RULE-10-3" and + category = "required" + or + query = + // `Query` instance for the `arithConversionOperandHasDifferentEssTypeCategory` query + TypesPackage::arithConversionOperandHasDifferentEssTypeCategoryQuery() and + queryId = + // `@id` for the `arithConversionOperandHasDifferentEssTypeCategory` query + "c/misra/arith-conversion-operand-has-different-ess-type-category" and + ruleId = "RULE-10-4" and + category = "required" + or + query = + // `Query` instance for the `valueCastToInappropriateEssentialType` query + TypesPackage::valueCastToInappropriateEssentialTypeQuery() and + queryId = + // `@id` for the `valueCastToInappropriateEssentialType` query + "c/misra/value-cast-to-inappropriate-essential-type" and + ruleId = "RULE-10-5" and + category = "advisory" + or + query = + // `Query` instance for the `compositeExprValueAssignedToObjWithWiderEssType` query + TypesPackage::compositeExprValueAssignedToObjWithWiderEssTypeQuery() and + queryId = + // `@id` for the `compositeExprValueAssignedToObjWithWiderEssType` query + "c/misra/composite-expr-value-assigned-to-obj-with-wider-ess-type" and + ruleId = "RULE-10-6" and + category = "required" + or + query = + // `Query` instance for the `convertedCompExprOperandHasWiderEssTypeThanOther` query + TypesPackage::convertedCompExprOperandHasWiderEssTypeThanOtherQuery() and + queryId = + // `@id` for the `convertedCompExprOperandHasWiderEssTypeThanOther` query + "c/misra/converted-comp-expr-operand-has-wider-ess-type-than-other" and + ruleId = "RULE-10-7" and + category = "required" + or + query = + // `Query` instance for the `compExprValCastToIncompatEssType` query + TypesPackage::compExprValCastToIncompatEssTypeQuery() and + queryId = + // `@id` for the `compExprValCastToIncompatEssType` query + "c/misra/comp-expr-val-cast-to-incompat-ess-type" and + ruleId = "RULE-10-8" and + category = "required" + or + query = + // `Query` instance for the `constExprEvalCausesUnsignedIntWraparound` query + TypesPackage::constExprEvalCausesUnsignedIntWraparoundQuery() and + queryId = + // `@id` for the `constExprEvalCausesUnsignedIntWraparound` query + "c/misra/const-expr-eval-causes-unsigned-int-wraparound" and + ruleId = "RULE-12-4" and + category = "advisory" + or + query = + // `Query` instance for the `arrayTypeParamAtSizeofOperand` query + TypesPackage::arrayTypeParamAtSizeofOperandQuery() and + queryId = + // `@id` for the `arrayTypeParamAtSizeofOperand` query + "c/misra/array-type-param-at-sizeof-operand" and + ruleId = "RULE-12-5" and + category = "mandatory" + or + query = + // `Query` instance for the `loopCounterHaveEssentiallyFloatingType` query + TypesPackage::loopCounterHaveEssentiallyFloatingTypeQuery() and + queryId = + // `@id` for the `loopCounterHaveEssentiallyFloatingType` query + "c/misra/loop-counter-have-essentially-floating-type" and + ruleId = "RULE-14-1" and + category = "required" + or + query = + // `Query` instance for the `ctypeFuncNeitherReprAsUnsignedCharNorEOF` query + TypesPackage::ctypeFuncNeitherReprAsUnsignedCharNorEOFQuery() and + queryId = + // `@id` for the `ctypeFuncNeitherReprAsUnsignedCharNorEOF` query + "c/misra/ctype-func-neither-repr-as-unsigned-char-nor-eof" and + ruleId = "RULE-21-13" and + category = "mandatory" + or + query = + // `Query` instance for the `memcmpUsedToCompareNullTerminatedStrings` query + TypesPackage::memcmpUsedToCompareNullTerminatedStringsQuery() and + queryId = + // `@id` for the `memcmpUsedToCompareNullTerminatedStrings` query + "c/misra/memcmp-used-to-compare-null-terminated-strings" and + ruleId = "RULE-21-14" and + category = "required" + or + query = + // `Query` instance for the `memcpyMemmoveMemcmpArgNotPointerToCompatTypes` query + TypesPackage::memcpyMemmoveMemcmpArgNotPointerToCompatTypesQuery() and + queryId = + // `@id` for the `memcpyMemmoveMemcmpArgNotPointerToCompatTypes` query + "c/misra/memcpy-memmove-memcmp-arg-not-pointer-to-compat-types" and + ruleId = "RULE-21-15" and + category = "required" + or + query = + // `Query` instance for the `memcmpArgNotPtsToSignedUnsignedBooleanEnumEssType` query + TypesPackage::memcmpArgNotPtsToSignedUnsignedBooleanEnumEssTypeQuery() and + queryId = + // `@id` for the `memcmpArgNotPtsToSignedUnsignedBooleanEnumEssType` query + "c/misra/memcmp-arg-not-pts-to-signed-unsigned-boolean-enum-ess-type" and + ruleId = "RULE-21-16" and + category = "required" + or + query = + // `Query` instance for the `bitFieldsShallOnlyBeDeclaredWithAnAppropriateType` query + TypesPackage::bitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery() and + queryId = + // `@id` for the `bitFieldsShallOnlyBeDeclaredWithAnAppropriateType` query + "c/misra/bit-fields-shall-only-be-declared-with-an-appropriate-type" and + ruleId = "RULE-6-1" and + category = "required" + or + query = + // `Query` instance for the `singleBitNamedBitFieldsOfASignedType` query + TypesPackage::singleBitNamedBitFieldsOfASignedTypeQuery() and + queryId = + // `@id` for the `singleBitNamedBitFieldsOfASignedType` query + "c/misra/single-bit-named-bit-fields-of-a-signed-type" and + ruleId = "RULE-6-2" and + category = "required" + or + query = + // `Query` instance for the `stringLiteralAssignedToObjPtrToConstQualifiedChar` query + TypesPackage::stringLiteralAssignedToObjPtrToConstQualifiedCharQuery() and + queryId = + // `@id` for the `stringLiteralAssignedToObjPtrToConstQualifiedChar` query + "c/misra/string-literal-assigned-to-obj-ptr-to-const-qualified-char" and + ruleId = "RULE-7-4" and + category = "required" +} + +module TypesPackage { + Query preventOrDetectDomainAndRangeErrorsInMathFunctionsQuery() { + //autogenerate `Query` type + result = + // `Query` type for `preventOrDetectDomainAndRangeErrorsInMathFunctions` query + TQueryC(TTypesPackageQuery(TPreventOrDetectDomainAndRangeErrorsInMathFunctionsQuery())) + } + + Query floatingPointConversionsNotWithinRangeOfNewTypeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `floatingPointConversionsNotWithinRangeOfNewType` query + TQueryC(TTypesPackageQuery(TFloatingPointConversionsNotWithinRangeOfNewTypeQuery())) + } + + Query floatingPointOfIntegralValuesLosePrecisionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `floatingPointOfIntegralValuesLosePrecision` query + TQueryC(TTypesPackageQuery(TFloatingPointOfIntegralValuesLosePrecisionQuery())) + } + + Query objectReprUsedForComparingFloatingPointValuesQuery() { + //autogenerate `Query` type + result = + // `Query` type for `objectReprUsedForComparingFloatingPointValues` query + TQueryC(TTypesPackageQuery(TObjectReprUsedForComparingFloatingPointValuesQuery())) + } + + Query ensureThatUnsignedIntegerOperationsDoNotWrapQuery() { + //autogenerate `Query` type + result = + // `Query` type for `ensureThatUnsignedIntegerOperationsDoNotWrap` query + TQueryC(TTypesPackageQuery(TEnsureThatUnsignedIntegerOperationsDoNotWrapQuery())) + } + + Query intConversionCausesLostOrMisinterpretedDataQuery() { + //autogenerate `Query` type + result = + // `Query` type for `intConversionCausesLostOrMisinterpretedData` query + TQueryC(TTypesPackageQuery(TIntConversionCausesLostOrMisinterpretedDataQuery())) + } + + Query operationsOnSignedIntegersResultsInOverflowQuery() { + //autogenerate `Query` type + result = + // `Query` type for `operationsOnSignedIntegersResultsInOverflow` query + TQueryC(TTypesPackageQuery(TOperationsOnSignedIntegersResultsInOverflowQuery())) + } + + Query divAndModOperationResultsInDivByZeroQuery() { + //autogenerate `Query` type + result = + // `Query` type for `divAndModOperationResultsInDivByZero` query + TQueryC(TTypesPackageQuery(TDivAndModOperationResultsInDivByZeroQuery())) + } + + Query exprShiftedByNegativeBitsOrGreaterThanOperandQuery() { + //autogenerate `Query` type + result = + // `Query` type for `exprShiftedByNegativeBitsOrGreaterThanOperand` query + TQueryC(TTypesPackageQuery(TExprShiftedByNegativeBitsOrGreaterThanOperandQuery())) + } + + Query useCorrectIntegerPrecisionsQuery() { + //autogenerate `Query` type + result = + // `Query` type for `useCorrectIntegerPrecisions` query + TQueryC(TTypesPackageQuery(TUseCorrectIntegerPrecisionsQuery())) + } + + Query convertingAPointerToIntegerOrIntegerToPointerQuery() { + //autogenerate `Query` type + result = + // `Query` type for `convertingAPointerToIntegerOrIntegerToPointer` query + TQueryC(TTypesPackageQuery(TConvertingAPointerToIntegerOrIntegerToPointerQuery())) + } + + Query numericTypedefsNotUsedInPlaceOfBasicNumericalTypesQuery() { + //autogenerate `Query` type + result = + // `Query` type for `numericTypedefsNotUsedInPlaceOfBasicNumericalTypes` query + TQueryC(TTypesPackageQuery(TNumericTypedefsNotUsedInPlaceOfBasicNumericalTypesQuery())) + } + + Query operandsOfAnInappropriateEssentialTypeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `operandsOfAnInappropriateEssentialType` query + TQueryC(TTypesPackageQuery(TOperandsOfAnInappropriateEssentialTypeQuery())) + } + + Query charTypeExprsUsedInAddOrSubQuery() { + //autogenerate `Query` type + result = + // `Query` type for `charTypeExprsUsedInAddOrSub` query + TQueryC(TTypesPackageQuery(TCharTypeExprsUsedInAddOrSubQuery())) + } + + Query assignmentToIncompatibleEssentialTypeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `assignmentToIncompatibleEssentialType` query + TQueryC(TTypesPackageQuery(TAssignmentToIncompatibleEssentialTypeQuery())) + } + + Query arithConversionOperandHasDifferentEssTypeCategoryQuery() { + //autogenerate `Query` type + result = + // `Query` type for `arithConversionOperandHasDifferentEssTypeCategory` query + TQueryC(TTypesPackageQuery(TArithConversionOperandHasDifferentEssTypeCategoryQuery())) + } + + Query valueCastToInappropriateEssentialTypeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `valueCastToInappropriateEssentialType` query + TQueryC(TTypesPackageQuery(TValueCastToInappropriateEssentialTypeQuery())) + } + + Query compositeExprValueAssignedToObjWithWiderEssTypeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `compositeExprValueAssignedToObjWithWiderEssType` query + TQueryC(TTypesPackageQuery(TCompositeExprValueAssignedToObjWithWiderEssTypeQuery())) + } + + Query convertedCompExprOperandHasWiderEssTypeThanOtherQuery() { + //autogenerate `Query` type + result = + // `Query` type for `convertedCompExprOperandHasWiderEssTypeThanOther` query + TQueryC(TTypesPackageQuery(TConvertedCompExprOperandHasWiderEssTypeThanOtherQuery())) + } + + Query compExprValCastToIncompatEssTypeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `compExprValCastToIncompatEssType` query + TQueryC(TTypesPackageQuery(TCompExprValCastToIncompatEssTypeQuery())) + } + + Query constExprEvalCausesUnsignedIntWraparoundQuery() { + //autogenerate `Query` type + result = + // `Query` type for `constExprEvalCausesUnsignedIntWraparound` query + TQueryC(TTypesPackageQuery(TConstExprEvalCausesUnsignedIntWraparoundQuery())) + } + + Query arrayTypeParamAtSizeofOperandQuery() { + //autogenerate `Query` type + result = + // `Query` type for `arrayTypeParamAtSizeofOperand` query + TQueryC(TTypesPackageQuery(TArrayTypeParamAtSizeofOperandQuery())) + } + + Query loopCounterHaveEssentiallyFloatingTypeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `loopCounterHaveEssentiallyFloatingType` query + TQueryC(TTypesPackageQuery(TLoopCounterHaveEssentiallyFloatingTypeQuery())) + } + + Query ctypeFuncNeitherReprAsUnsignedCharNorEOFQuery() { + //autogenerate `Query` type + result = + // `Query` type for `ctypeFuncNeitherReprAsUnsignedCharNorEOF` query + TQueryC(TTypesPackageQuery(TCtypeFuncNeitherReprAsUnsignedCharNorEOFQuery())) + } + + Query memcmpUsedToCompareNullTerminatedStringsQuery() { + //autogenerate `Query` type + result = + // `Query` type for `memcmpUsedToCompareNullTerminatedStrings` query + TQueryC(TTypesPackageQuery(TMemcmpUsedToCompareNullTerminatedStringsQuery())) + } + + Query memcpyMemmoveMemcmpArgNotPointerToCompatTypesQuery() { + //autogenerate `Query` type + result = + // `Query` type for `memcpyMemmoveMemcmpArgNotPointerToCompatTypes` query + TQueryC(TTypesPackageQuery(TMemcpyMemmoveMemcmpArgNotPointerToCompatTypesQuery())) + } + + Query memcmpArgNotPtsToSignedUnsignedBooleanEnumEssTypeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `memcmpArgNotPtsToSignedUnsignedBooleanEnumEssType` query + TQueryC(TTypesPackageQuery(TMemcmpArgNotPtsToSignedUnsignedBooleanEnumEssTypeQuery())) + } + + Query bitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `bitFieldsShallOnlyBeDeclaredWithAnAppropriateType` query + TQueryC(TTypesPackageQuery(TBitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery())) + } + + Query singleBitNamedBitFieldsOfASignedTypeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `singleBitNamedBitFieldsOfASignedType` query + TQueryC(TTypesPackageQuery(TSingleBitNamedBitFieldsOfASignedTypeQuery())) + } + + Query stringLiteralAssignedToObjPtrToConstQualifiedCharQuery() { + //autogenerate `Query` type + result = + // `Query` type for `stringLiteralAssignedToObjPtrToConstQualifiedChar` query + TQueryC(TTypesPackageQuery(TStringLiteralAssignedToObjPtrToConstQualifiedCharQuery())) + } +} From ea1fa7288786ccc810a57bba093e23948e392a01 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 25 Jan 2023 16:57:16 -0500 Subject: [PATCH 0283/2573] new scripts --- .../PSCodingStandards/Get-LanguageForPath.ps1 | 17 ++++ scripts/PSCodingStandards/Get-RuleForPath.ps1 | 83 +++++++++++++++++++ .../Get-RulesInPackageAndSuite.ps1 | 9 +- .../PSCodingStandards/Get-RulesInSuite.ps1 | 2 +- 4 files changed, 108 insertions(+), 3 deletions(-) create mode 100644 scripts/PSCodingStandards/Get-LanguageForPath.ps1 create mode 100644 scripts/PSCodingStandards/Get-RuleForPath.ps1 diff --git a/scripts/PSCodingStandards/Get-LanguageForPath.ps1 b/scripts/PSCodingStandards/Get-LanguageForPath.ps1 new file mode 100644 index 0000000000..7ffebd0ccb --- /dev/null +++ b/scripts/PSCodingStandards/Get-LanguageForPath.ps1 @@ -0,0 +1,17 @@ +function Get-LanguageForPath { + param([Parameter(Mandatory)] + [string] + $Path) + + $parts = $Path -split '/' + + $Language = $parts[0] + + foreach($L in $AVAILABLE_LANGUAGES){ + if($Language -eq $L){ + return $L + } + } + + throw "Unsupported Language: $Language" +} \ No newline at end of file diff --git a/scripts/PSCodingStandards/Get-RuleForPath.ps1 b/scripts/PSCodingStandards/Get-RuleForPath.ps1 new file mode 100644 index 0000000000..0003b5dc24 --- /dev/null +++ b/scripts/PSCodingStandards/Get-RuleForPath.ps1 @@ -0,0 +1,83 @@ +# takes paths like this: +# c/cert/src/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.ql +# c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.expected +# c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql +# c/common/test/rules/informationleakageacrossboundaries/arrays.c +# c/common/test/rules/informationleakageacrossboundaries/interprocedural.c +# c/common/test/rules/informationleakageacrossboundaries/multilayer.c +# c/common/test/rules/informationleakageacrossboundaries/test.c +# c/misra/src/rules/RULE-18-8/VariableLengthArrayTypesUsed.ql +# c/misra/src/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.ql +# c/misra/test/rules/RULE-18-8/VariableLengthArrayTypesUsed.expected +# c/misra/test/rules/RULE-18-8/test.c +# c/misra/test/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.expected +# c/misra/test/rules/RULE-8-12/test.c +# cpp/cert/src/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries.ql +# cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.expected +# cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql +# cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossTrustBoundaries.expected +# cpp/common/test/rules/informationleakageacrossboundaries/arrays.cpp +# cpp/common/test/rules/informationleakageacrossboundaries/inheritance.cpp +# cpp/common/test/rules/informationleakageacrossboundaries/interprocedural.cpp +# cpp/common/test/rules/informationleakageacrossboundaries/multilayer.cpp +# cpp/common/test/rules/informationleakageacrossboundaries/test.cpp + +# And produces one or more rules for it. It does this by loading every rule +# and computing the test directory for it. This test directory is then +# used to see if a) it is a substring of the supplied path or if b) it +# is a substring of the path once the substitution `/src/` -> `/test/` is +# applied + +function Get-RuleForPath { + param([Parameter(Mandatory)] + [string] + $Path, + [ValidateSet('c', 'cpp')] + [string] + $Language + ) + + # load all the queries for all languages + $allQueries = @() + $queriesToCheck = @() + + # load all the queries + foreach ($s in $AVAILABLE_SUITES) { + $allQueries += Get-RulesInSuite -Suite $s -Language $Language + } + + $modifiedPathWithReplacement = Join-Path (Resolve-Path . -Relative) $Path + # repalce "src" with "test" to make it match up + $sep = [IO.Path]::DirectorySeparatorChar + $modifiedPathWithReplacement = $modifiedPathWithReplacement.Replace( ($sep + "src" + $sep + "rules"), ($sep + "test" + $sep + "rules")) + $modifiedPath = Join-Path (Resolve-Path . -Relative) $Path + + + $matchingRules = @() + + # for each query, create the test directory + foreach($q in $allQueries){ + + # get test directory + $testDirectory = (Get-TestDirectory -RuleObject $q -Language $Language) + # resolve path to be compatible + $testPath = Join-Path (Resolve-Path . -Relative) $testDirectory + + # see if the TEST directory is a substring of the full path + if($modifiedPath.StartsWith($testPath)){ + $matchingRules += $q + continue + } + + if($modifiedPathWithReplacement.StartsWith($testPath)){ + $matchingRules += $q + continue + } + } + + if($matchingRules.Count -gt 0){ + return $matchingRules + } + + throw "Path does not appear to be part of a rule." +} \ No newline at end of file diff --git a/scripts/PSCodingStandards/Get-RulesInPackageAndSuite.ps1 b/scripts/PSCodingStandards/Get-RulesInPackageAndSuite.ps1 index 95c041924e..36643c455c 100644 --- a/scripts/PSCodingStandards/Get-RulesInPackageAndSuite.ps1 +++ b/scripts/PSCodingStandards/Get-RulesInPackageAndSuite.ps1 @@ -6,8 +6,12 @@ function Get-RulesInPackageAndSuite { $Package, [Parameter(Mandatory)] [string] - $Suite - ) + $Suite, + [Parameter(Mandatory)] + [ValidateSet('c', 'cpp')] + [string] + $Language + ) $rulesInPackage = @() @@ -30,6 +34,7 @@ function Get-RulesInPackageAndSuite { $queries | Add-Member -NotePropertyName __memberof_suite -NotePropertyValue $Suite $queries | Add-Member -NotePropertyName __memberof_package -NotePropertyValue $Package.BaseName $queries | Add-Member -NotePropertyName __memberof_rule -NotePropertyValue $n.Name + $queries | Add-Member -NotePropertyName __memberof_language -NotePropertyValue $Language $rulesInPackage += $queries } diff --git a/scripts/PSCodingStandards/Get-RulesInSuite.ps1 b/scripts/PSCodingStandards/Get-RulesInSuite.ps1 index f0683e34a1..ad117f8d8a 100644 --- a/scripts/PSCodingStandards/Get-RulesInSuite.ps1 +++ b/scripts/PSCodingStandards/Get-RulesInSuite.ps1 @@ -13,7 +13,7 @@ function Get-RulesInSuite { foreach ($p in Get-Packages -Language $Language) { Write-Host "Reading package: [$Language/$Suite/$($p.BaseName)]" - $tmpQueries += Get-RulesInPackageAndSuite -Package $p -Suite $Suite + $tmpQueries += Get-RulesInPackageAndSuite -Package $p -Suite $Suite -Language $Language } return $tmpQueries From e36c29b15d35e559baba240ef2dfd980bd0dfb60 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 25 Jan 2023 17:08:24 -0500 Subject: [PATCH 0284/2573] to trigger PR --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index 966d6062bb..0124a8f5cf 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,5 +1,5 @@ -// A POD class +// A POD class. struct A { int f; int f2; From 108012d597e059be70a6ea3d6fa823a7fbf61025 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 25 Jan 2023 17:17:26 -0500 Subject: [PATCH 0285/2573] test --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index 0124a8f5cf..966d6062bb 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,5 +1,5 @@ -// A POD class. +// A POD class struct A { int f; int f2; From 38108b5d15dd3cde75763e639989f137d10bcd59 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 25 Jan 2023 17:20:35 -0500 Subject: [PATCH 0286/2573] work --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index 966d6062bb..0124a8f5cf 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,5 +1,5 @@ -// A POD class +// A POD class. struct A { int f; int f2; From a078e0e753030f561f7865860ba4d1f1d8ca91ff Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 25 Jan 2023 17:22:30 -0500 Subject: [PATCH 0287/2573] work --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index 0124a8f5cf..966d6062bb 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,5 +1,5 @@ -// A POD class. +// A POD class struct A { int f; int f2; From d3405d473333dc1b3ad0b4f0801d1a7012b1fdec Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 25 Jan 2023 17:26:34 -0500 Subject: [PATCH 0288/2573] work --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index 966d6062bb..0124a8f5cf 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,5 +1,5 @@ -// A POD class +// A POD class. struct A { int f; int f2; From 2303f42e1c26be7c49aa0d1f8766122ee8a6feec Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 25 Jan 2023 17:28:23 -0500 Subject: [PATCH 0289/2573] test --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index 0124a8f5cf..966d6062bb 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,5 +1,5 @@ -// A POD class. +// A POD class struct A { int f; int f2; From ed7cb523bf822697afcd56f42ea46f7f0b1ab716 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 25 Jan 2023 17:30:41 -0500 Subject: [PATCH 0290/2573] test aagain --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index 966d6062bb..0124a8f5cf 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,5 +1,5 @@ -// A POD class +// A POD class. struct A { int f; int f2; From f6c460b5a86317f0468dc43ea5ab230132a4eef9 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 26 Jan 2023 11:00:30 -0500 Subject: [PATCH 0291/2573] test --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index 0124a8f5cf..966d6062bb 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,5 +1,5 @@ -// A POD class. +// A POD class struct A { int f; int f2; From 2beed7bfc8a89e6f4060d6e94a96d15fde1b6ef0 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 26 Jan 2023 11:06:45 -0500 Subject: [PATCH 0292/2573] testing --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index 966d6062bb..0124a8f5cf 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,5 +1,5 @@ -// A POD class +// A POD class. struct A { int f; int f2; From fccf8c4971013bada8db6106b213254a9362c869 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 26 Jan 2023 11:10:14 -0500 Subject: [PATCH 0293/2573] test --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index 0124a8f5cf..966d6062bb 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,5 +1,5 @@ -// A POD class. +// A POD class struct A { int f; int f2; From f4ff711da7b2d063378b6f05ef9cc8ab124fa321 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 26 Jan 2023 11:14:22 -0500 Subject: [PATCH 0294/2573] work --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index 966d6062bb..0124a8f5cf 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,5 +1,5 @@ -// A POD class +// A POD class. struct A { int f; int f2; From 2cfafa44197a216447ba34e4224d7c4fd73b09bf Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 26 Jan 2023 11:20:03 -0500 Subject: [PATCH 0295/2573] test --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index 0124a8f5cf..966d6062bb 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,5 +1,5 @@ -// A POD class. +// A POD class struct A { int f; int f2; From 7189b45f2290ff8c24a4430104646efb0b6c627d Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 26 Jan 2023 11:34:21 -0500 Subject: [PATCH 0296/2573] test --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index 966d6062bb..0124a8f5cf 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,5 +1,5 @@ -// A POD class +// A POD class. struct A { int f; int f2; From 56f1835f38b6dbe93b01357e8e9487fe12604670 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 26 Jan 2023 13:40:58 -0500 Subject: [PATCH 0297/2573] work --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index 0124a8f5cf..f8d2b50bd9 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,5 +1,5 @@ -// A POD class. +// A POD class.. struct A { int f; int f2; From 410dbb6e9d15227edf9e40deb558da37fbf6118a Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 26 Jan 2023 13:45:38 -0500 Subject: [PATCH 0298/2573] work --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index f8d2b50bd9..0124a8f5cf 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,5 +1,5 @@ -// A POD class.. +// A POD class. struct A { int f; int f2; From 4fb7b7d86f9ddd7022624cbff4371af50b57ddc6 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 26 Jan 2023 13:53:51 -0500 Subject: [PATCH 0299/2573] test --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index 0124a8f5cf..f8d2b50bd9 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,5 +1,5 @@ -// A POD class. +// A POD class.. struct A { int f; int f2; From 2db165f1bf756d9ea70b8d6156785db412d25fa0 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 26 Jan 2023 13:59:04 -0500 Subject: [PATCH 0300/2573] work --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index f8d2b50bd9..0124a8f5cf 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,5 +1,5 @@ -// A POD class.. +// A POD class. struct A { int f; int f2; From dcda9b626f391017eda2e494c8ff1b19212763bd Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Thu, 26 Jan 2023 11:38:18 -0800 Subject: [PATCH 0301/2573] implement MISRA RULE-6-1 --- ...hallOnlyBeDeclaredWithAnAppropriateType.ql | 26 ++++++++++++++++--- ...lyBeDeclaredWithAnAppropriateType.expected | 5 +++- c/misra/test/rules/RULE-6-1/test.c | 15 +++++++++++ 3 files changed, 42 insertions(+), 4 deletions(-) create mode 100644 c/misra/test/rules/RULE-6-1/test.c diff --git a/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql b/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql index ee3c03d559..52ee55699e 100644 --- a/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql +++ b/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql @@ -13,7 +13,27 @@ import cpp import codingstandards.c.misra -from +predicate isSignedOrUnsignedInt(Type type) { + type instanceof IntType and + (type.(IntegralType).isExplicitlySigned() or + type.(IntegralType).isExplicitlyUnsigned()) +} + +predicate isAppropriatePrimitive(Type type) { + isSignedOrUnsignedInt(type) or type instanceof BoolType +} + +predicate isAppropriateTypedef(Type type) { + type instanceof TypedefType and + isAppropriatePrimitive(type.(TypedefType).resolveTypedefs()) +} + +predicate isInappropriateType(Type type) { + not (isAppropriatePrimitive(type) or isAppropriateTypedef(type)) +} + +from BitField bitField where - not isExcluded(x, TypesPackage::bitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery()) and -select +not isExcluded(bitField, TypesPackage::bitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery()) and + isInappropriateType(bitField.getType()) +select bitField, "Type " + bitField.getType() + " should not have a bit-field declaration at " + bitField + "." \ No newline at end of file diff --git a/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.expected b/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.expected index 2ec1a0ac6c..50f1994c4a 100644 --- a/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.expected +++ b/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.expected @@ -1 +1,4 @@ -No expected results have yet been specified \ No newline at end of file +| test.c:8:7:8:8 | b3 | Type int should not have a bit-field declaration at b3. | +| test.c:11:15:11:16 | b5 | Type signed long should not have a bit-field declaration at b5. | +| test.c:13:15:13:16 | b6 | Type signed char should not have a bit-field declaration at b6. | +| test.c:14:14:14:15 | b7 | Type Color should not have a bit-field declaration at b7. | diff --git a/c/misra/test/rules/RULE-6-1/test.c b/c/misra/test/rules/RULE-6-1/test.c new file mode 100644 index 0000000000..7fbde78b57 --- /dev/null +++ b/c/misra/test/rules/RULE-6-1/test.c @@ -0,0 +1,15 @@ +typedef unsigned int UINT_16; + +enum Color { R, G, B }; + +struct SampleStruct { + unsigned int b1 : 2; // COMPILANT - explicitly unsigned (example in the doc) + signed int b2 : 2; // COMPILANT - explicitly signed + int b3 : 2; // NON_COMPLIANT - plain int not permitted (example in the doc) + UINT_16 b4 : 2; // COMPLIANT - typedef designating unsigned int (example in + // the doc) + signed long b5 : 2; // NON_COMPLIANT - even if long and int are the same size + // (example in the doc) + signed char b6 : 2; // NON_COMPILANT - cannot declare bit field for char + enum Color b7 : 3; // NON_COMPILANT - cannot declare bit field for enum +} sample_struct; \ No newline at end of file From 26c8f62cbdf13ed6c4b4c82881de9acd8d0c57d5 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Thu, 26 Jan 2023 11:45:36 -0800 Subject: [PATCH 0302/2573] Update the alert message in the select statement Using factual statements rather than a modal one, in this case `should`. --- .../BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql b/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql index 52ee55699e..1503b39184 100644 --- a/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql +++ b/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql @@ -36,4 +36,4 @@ from BitField bitField where not isExcluded(bitField, TypesPackage::bitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery()) and isInappropriateType(bitField.getType()) -select bitField, "Type " + bitField.getType() + " should not have a bit-field declaration at " + bitField + "." \ No newline at end of file +select bitField, "Bit-field " + bitField + " is declared on type " + bitField + "." \ No newline at end of file From 17b1ef9e666fe0a54e2bace8b2874a02f1b8a77b Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Thu, 26 Jan 2023 11:55:26 -0800 Subject: [PATCH 0303/2573] Inline isInappropriateType and fix .expected --- .../BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql | 6 +----- ...ieldsShallOnlyBeDeclaredWithAnAppropriateType.expected | 8 ++++---- 2 files changed, 5 insertions(+), 9 deletions(-) diff --git a/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql b/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql index 1503b39184..29c662ca19 100644 --- a/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql +++ b/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql @@ -28,12 +28,8 @@ predicate isAppropriateTypedef(Type type) { isAppropriatePrimitive(type.(TypedefType).resolveTypedefs()) } -predicate isInappropriateType(Type type) { - not (isAppropriatePrimitive(type) or isAppropriateTypedef(type)) -} - from BitField bitField where not isExcluded(bitField, TypesPackage::bitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery()) and - isInappropriateType(bitField.getType()) +not (isAppropriatePrimitive(bitField.getType()) or isAppropriateTypedef(bitField.getType())) select bitField, "Bit-field " + bitField + " is declared on type " + bitField + "." \ No newline at end of file diff --git a/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.expected b/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.expected index 50f1994c4a..cb80395588 100644 --- a/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.expected +++ b/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.expected @@ -1,4 +1,4 @@ -| test.c:8:7:8:8 | b3 | Type int should not have a bit-field declaration at b3. | -| test.c:11:15:11:16 | b5 | Type signed long should not have a bit-field declaration at b5. | -| test.c:13:15:13:16 | b6 | Type signed char should not have a bit-field declaration at b6. | -| test.c:14:14:14:15 | b7 | Type Color should not have a bit-field declaration at b7. | +| test.c:8:7:8:8 | b3 | Bit-field b3 is declared on type b3. | +| test.c:11:15:11:16 | b5 | Bit-field b5 is declared on type b5. | +| test.c:13:15:13:16 | b6 | Bit-field b6 is declared on type b6. | +| test.c:14:14:14:15 | b7 | Bit-field b7 is declared on type b7. | From 863f9058dd95c847e0fef47eee80c538dd8582e3 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 26 Jan 2023 15:15:29 -0500 Subject: [PATCH 0304/2573] work --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index 0124a8f5cf..f8d2b50bd9 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,5 +1,5 @@ -// A POD class. +// A POD class.. struct A { int f; int f2; From d4e4759bb329552c3b33f81d56f5b9985f5dfe24 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 26 Jan 2023 15:22:58 -0500 Subject: [PATCH 0305/2573] work --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index f8d2b50bd9..25cd65d241 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,5 +1,5 @@ -// A POD class.. +// A POD class... struct A { int f; int f2; From 23c7b466c3ce939c5ace24219ce19809965ac0c7 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 26 Jan 2023 15:27:42 -0500 Subject: [PATCH 0306/2573] work --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index 25cd65d241..f8d2b50bd9 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,5 +1,5 @@ -// A POD class... +// A POD class.. struct A { int f; int f2; From 8222effcaefae1cc5651c2d423603cd59f4b8107 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 26 Jan 2023 15:32:46 -0500 Subject: [PATCH 0307/2573] work --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index f8d2b50bd9..0124a8f5cf 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,5 +1,5 @@ -// A POD class.. +// A POD class. struct A { int f; int f2; From 9df9b8a6214ee3f38796107b07bcb7975a858c7f Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 26 Jan 2023 15:35:57 -0500 Subject: [PATCH 0308/2573] test --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index 0124a8f5cf..f8d2b50bd9 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,5 +1,5 @@ -// A POD class. +// A POD class.. struct A { int f; int f2; From 50049bfc3172c946ae999180534d5e43e08dc146 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Thu, 26 Jan 2023 13:10:04 -0800 Subject: [PATCH 0309/2573] Add some inline comments --- .../BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql | 3 +++ 1 file changed, 3 insertions(+) diff --git a/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql b/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql index 29c662ca19..741e1824eb 100644 --- a/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql +++ b/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql @@ -20,16 +20,19 @@ predicate isSignedOrUnsignedInt(Type type) { } predicate isAppropriatePrimitive(Type type) { + /* An appropriate primitive types to which a bit-field can be declared. */ isSignedOrUnsignedInt(type) or type instanceof BoolType } predicate isAppropriateTypedef(Type type) { type instanceof TypedefType and + /* An appropriate typedef should be an alias to an appropriate primitive type. */ isAppropriatePrimitive(type.(TypedefType).resolveTypedefs()) } from BitField bitField where not isExcluded(bitField, TypesPackage::bitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery()) and +/* A violation would neither an appropriate primitive type nor an appropriate typedef. */ not (isAppropriatePrimitive(bitField.getType()) or isAppropriateTypedef(bitField.getType())) select bitField, "Bit-field " + bitField + " is declared on type " + bitField + "." \ No newline at end of file From dbac4ebc9405e473cdade055dc2a48753c79fc2d Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 26 Jan 2023 16:13:32 -0500 Subject: [PATCH 0310/2573] work --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index f8d2b50bd9..0124a8f5cf 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,5 +1,5 @@ -// A POD class.. +// A POD class. struct A { int f; int f2; From 2d9a07ed3ee20684dcc7127ab3c5d57a77bdb755 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 26 Jan 2023 16:17:00 -0500 Subject: [PATCH 0311/2573] work --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index 0124a8f5cf..f8d2b50bd9 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,5 +1,5 @@ -// A POD class. +// A POD class.. struct A { int f; int f2; From fd1feb62f9668c3a0194729e8d11160a9095f04e Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 26 Jan 2023 16:22:37 -0500 Subject: [PATCH 0312/2573] work --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index f8d2b50bd9..25cd65d241 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,5 +1,5 @@ -// A POD class.. +// A POD class... struct A { int f; int f2; From 7ee235e0b40a135fa03d45d63763ad8532638309 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 26 Jan 2023 16:26:13 -0500 Subject: [PATCH 0313/2573] test --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index 25cd65d241..f8d2b50bd9 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,5 +1,5 @@ -// A POD class... +// A POD class.. struct A { int f; int f2; From b119dd1f4661a3d1cd70fc6a76baaa1ff8500f42 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 26 Jan 2023 16:30:36 -0500 Subject: [PATCH 0314/2573] fix --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index f8d2b50bd9..25cd65d241 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,5 +1,5 @@ -// A POD class.. +// A POD class... struct A { int f; int f2; From d26df2676c53b56f105a1528c23bdc264b436221 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 26 Jan 2023 16:45:43 -0500 Subject: [PATCH 0315/2573] work --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index 25cd65d241..0124a8f5cf 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,5 +1,5 @@ -// A POD class... +// A POD class. struct A { int f; int f2; From 7710fb6ed98067ae5e1f687a475327736b637a06 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 26 Jan 2023 16:50:07 -0500 Subject: [PATCH 0316/2573] test --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index 0124a8f5cf..25cd65d241 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,5 +1,5 @@ -// A POD class. +// A POD class... struct A { int f; int f2; From 70911d7225713df18768d2ef40b057850b8c72a2 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 26 Jan 2023 17:14:58 -0500 Subject: [PATCH 0317/2573] work --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index 25cd65d241..f8d2b50bd9 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,5 +1,5 @@ -// A POD class... +// A POD class.. struct A { int f; int f2; From 252f40bfe7ae390c8fd8fc5f1b5d933ddd761cf8 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 26 Jan 2023 17:19:10 -0500 Subject: [PATCH 0318/2573] work --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index f8d2b50bd9..0124a8f5cf 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,5 +1,5 @@ -// A POD class.. +// A POD class. struct A { int f; int f2; From 9d56b45a4426c126ee5c91fcf6860a1614eb993d Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 26 Jan 2023 17:24:18 -0500 Subject: [PATCH 0319/2573] work --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index 0124a8f5cf..f8d2b50bd9 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,5 +1,5 @@ -// A POD class. +// A POD class.. struct A { int f; int f2; From eeb139dd7ba5e3c40d32ea6c45c9bb92a0358f62 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 26 Jan 2023 17:28:45 -0500 Subject: [PATCH 0320/2573] one last test --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index f8d2b50bd9..0124a8f5cf 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,5 +1,5 @@ -// A POD class.. +// A POD class. struct A { int f; int f2; From 326534f3558d9c6fca5426e4c17feae0993e9d48 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Thu, 26 Jan 2023 16:35:11 -0800 Subject: [PATCH 0321/2573] add test.c and sketch query --- .../SingleBitNamedBitFieldsOfASignedType.ql | 35 +++++++++++++++++-- c/misra/test/rules/RULE-6-2/test.c | 17 +++++++++ 2 files changed, 49 insertions(+), 3 deletions(-) create mode 100644 c/misra/test/rules/RULE-6-2/test.c diff --git a/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql b/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql index 436d7efab7..04a66535ad 100644 --- a/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql +++ b/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql @@ -13,7 +13,36 @@ import cpp import codingstandards.c.misra -from +predicate isSigned(Type type) { + /* Check if it's a fixed number type, because declaring fixed number types like int8_t as 1 bit is obviously absurd */ + type instanceof FixedWidthIntegralType or +/* Check if it's EXPLICITLY signed, because according to Rule 6.1, 'int' may be either signed or unsigned depending on the implementation. In the latter case, the query would lead to false positives. */ + type instanceof IntegralType and + type.(IntegralType).isExplicitlySigned() +} + +/* Check if the DECLARED bit-fields is a single bit, because Rule 6.2 also intends to catch confusion on the programmers' part. Consider: + +struct S { + int32_t x: 1; +} + +In this case, field x is essentially of 32 bits, but is declared as 1 bit and its type int32_t is signed. Therefore, it indicates confusion by the programmer, which is exactly what this rule intends to find. */ +predicate isSingleBit(BitField bitField) { + bitField.getDeclaredNumBits() = 1 +} + +// predicate isNamedBitField(BitField bitField) { +// bitField.getName().length() != 0 +// bitField.hasName(_) +// bitField.hasDefinition() +// wat +// } + +from BitField bitField where - not isExcluded(x, TypesPackage::singleBitNamedBitFieldsOfASignedTypeQuery()) and -select + not isExcluded(bitField, TypesPackage::singleBitNamedBitFieldsOfASignedTypeQuery()) and + isSingleBit(bitField) and // Single-bit, + // isNamedBitField(bitField) and // named, + isSigned(bitField.getType()) // but its type is signed. +select bitField, "Single-bit bit-field named " + bitField.toString() + " has a signed type " + bitField.getType() + "." \ No newline at end of file diff --git a/c/misra/test/rules/RULE-6-2/test.c b/c/misra/test/rules/RULE-6-2/test.c new file mode 100644 index 0000000000..9b18e986b9 --- /dev/null +++ b/c/misra/test/rules/RULE-6-2/test.c @@ -0,0 +1,17 @@ +#include + +struct SampleStruct { + int x1 : 1; // compilant: single-bit named field without signed declaration + signed int x2 : 1; // non_compilant: single-bit named field with a signed type + signed char + x3 : 1; // non_compilant: single-bit named field with a signed type + signed short + x4 : 1; // non_compilant: single-bit named field with a signed type + unsigned int + x5 : 1; // compilant: single-bit named field but with an unsigned type + signed int x6 : 2; // compilant: named field with a signed type but declared + // to carry more than 1 bit + int32_t x7 : 1; // non_compilant: single-bit named field that has single-bit + // bit-field, even though technically it has 32 bits + signed char : 1; // compilant: single-bit bit-field but unnamed +} sample_struct; \ No newline at end of file From 469e42cb5eb3f707d241df17f2a96e5d4ae1c995 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Fri, 27 Jan 2023 02:42:18 +0100 Subject: [PATCH 0322/2573] Implement EXP43-C and add help files --- ...otAddOrSubtractAScaledIntegerToAPointer.ql | 42 +-- ...sVolatileObjectWithNonVolatileReference.md | 93 +++++- ...PointerToMoreStrictlyAlignedPointerType.md | 209 +++++++++++- ...essVariableViaPointerOfIncompatibleType.md | 299 +++++++++++++++++- ...essVariableViaPointerOfIncompatibleType.ql | 2 +- ...isedPointerToRestrictQualifiedParameter.md | 297 +++++++++++++++++ ...isedPointerToRestrictQualifiedParameter.ql | 141 +++++++++ ...trictPointerReferencesOverlappingObject.md | 297 +++++++++++++++++ ...trictPointerReferencesOverlappingObject.ql | 75 +++++ ...interToRestrictQualifiedParameter.expected | 5 + ...dPointerToRestrictQualifiedParameter.qlref | 1 + ...ointerReferencesOverlappingObject.expected | 6 + ...ctPointerReferencesOverlappingObject.qlref | 1 + c/cert/test/rules/EXP43-C/test.c | 51 +-- c/common/src/codingstandards/c/Pointers.qll | 41 +++ .../cpp/exclusions/c/Pointers3.qll | 32 +- rule_packages/c/Pointers3.json | 19 +- 17 files changed, 1532 insertions(+), 79 deletions(-) create mode 100644 c/cert/src/rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.md create mode 100644 c/cert/src/rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.ql create mode 100644 c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.md create mode 100644 c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql create mode 100644 c/cert/test/rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.expected create mode 100644 c/cert/test/rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.qlref create mode 100644 c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected create mode 100644 c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.qlref diff --git a/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql b/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql index 5ad9fc7f6e..09ff575e6d 100644 --- a/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql +++ b/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql @@ -13,50 +13,10 @@ import cpp import codingstandards.c.cert +import codingstandards.c.Pointers import semmle.code.cpp.dataflow.TaintTracking import DataFlow::PathGraph -/** - * An expression which performs pointer arithmetic - */ -abstract class PointerArithmeticExpr extends Expr { - abstract Expr getPointer(); - - abstract Expr getOperand(); -} - -/** - * A pointer arithmetic binary operation expression. - */ -class SimplePointerArithmeticExpr extends PointerArithmeticExpr, PointerArithmeticOperation { - override Expr getPointer() { result = this.getLeftOperand() } - - override Expr getOperand() { result = this.getRightOperand() } -} - -/** - * A pointer arithmetic assignment expression. - */ -class AssignPointerArithmeticExpr extends PointerArithmeticExpr, AssignOperation { - AssignPointerArithmeticExpr() { - this instanceof AssignPointerAddExpr or - this instanceof AssignPointerSubExpr - } - - override Expr getPointer() { result = this.getLValue() } - - override Expr getOperand() { result = this.getRValue() } -} - -/** - * A pointer arithmetic array access expression. - */ -class ArrayPointerArithmeticExpr extends PointerArithmeticExpr, ArrayExpr { - override Expr getPointer() { result = this.getArrayBase() } - - override Expr getOperand() { result = this.getArrayOffset() } -} - /** * An expression which invokes the `offsetof` macro or `__builtin_offsetof` operation. */ diff --git a/c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.md b/c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.md index 449644423b..11f8566e5c 100644 --- a/c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.md +++ b/c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.md @@ -5,13 +5,100 @@ This query implements the CERT-C rule EXP32-C: > Do not access a volatile object through a nonvolatile reference -## CERT -** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** +## Description + +An object that has volatile-qualified type may be modified in ways unknown to the [implementation](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation) or have other unknown [side effects](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-sideeffect). Referencing a volatile object by using a non-volatile lvalue is [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). The C Standard, 6.7.3 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\], states + +> If an attempt is made to refer to an object defined with a volatile-qualified type through use of an lvalue with non-volatile-qualified type, the behavior is undefined. + + +See [undefined behavior 65](https://wiki.sei.cmu.edu/confluence/display/c/CC.+Undefined+Behavior#CC.UndefinedBehavior-ub_65). + +## Noncompliant Code Example + +In this noncompliant code example, a volatile object is accessed through a non-volatile-qualified reference, resulting in [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior): + +```cpp +#include + +void func(void) { + static volatile int **ipp; + static int *ip; + static volatile int i = 0; + + printf("i = %d.\n", i); + + ipp = &ip; /* May produce a warning diagnostic */ + ipp = (int**) &ip; /* Constraint violation; may produce a warning diagnostic */ + *ipp = &i; /* Valid */ + if (*ip != 0) { /* Valid */ + /* ... */ + } +} +``` +The assignment `ipp = &ip` is not safe because it allows the valid code that follows to reference the value of the volatile object `i` through the non-volatile-qualified reference `ip`. In this example, the compiler may optimize out the entire `if` block because `*ip != 0` must be false if the object to which `ip` points is not volatile. + +**Implementation Details** + +This example compiles without warning on Microsoft Visual Studio 2013 when compiled in C mode (`/TC`) but causes errors when compiled in C++ mode (`/TP`). + +GCC 4.8.1 generates a warning but compiles successfully. + +## Compliant Solution + +In this compliant solution, `ip` is declared `volatile`: + +```cpp +#include + +void func(void) { + static volatile int **ipp; + static volatile int *ip; + static volatile int i = 0; + + printf("i = %d.\n", i); + + ipp = &ip; + *ipp = &i; + if (*ip != 0) { + /* ... */ + } + +} +``` + +## Risk Assessment + +Accessing an object with a volatile-qualified type through a reference with a non-volatile-qualified type is [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). + +
Rule Severity Likelihood Remediation Cost Priority Level
EXP32-C Low Likely Medium P6 L2
+ + +## Automated Detection + +
Tool Version Checker Description
Astrée 22.04 pointer-qualifier-cast-volatile pointer-qualifier-cast-volatile-implicit Supported indirectly via MISRA C 2012 Rule 11.8
Axivion Bauhaus Suite 7.2.0 CertC-EXP32 Fully implemented
Clang 3.9 -Wincompatible-pointer-types-discards-qualifiers
Compass/ROSE
Coverity 2017.07 MISRA C 2012 Rule 11.8 Implemented
GCC 4.3.5 Can detect violations of this rule when the -Wcast-qual flag is used
Helix QAC 2022.4 C0312, C0562, C0563, C0673, C0674
Klocwork 2022.4 CERT.EXPR.VOLATILE.ADDR CERT.EXPR.VOLATILE.ADDR.PARAM CERT.EXPR.VOLATILE.PTRPTR
LDRA tool suite 9.7.1 344 S Partially implemented
Parasoft C/C++test 2022.2 CERT_C-EXP32-a A cast shall not remove any 'const' or 'volatile' qualification from the type of a pointer or reference
Polyspace Bug Finder CERT C: Rule EXP32-C Checks for cast to pointer that removes const or volatile qualification (rule fully covered)
PRQA QA-C 9.7 0312,562,563,673,674 Fully implemented
RuleChecker 22.04 pointer-qualifier-cast-volatile pointer-qualifier-cast-volatile-implicit Supported indirectly via MISRA C 2012 Rule 11.8
+ + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+EXP32-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
Taxonomy Taxonomy item Relationship
ISO/IEC TR 24772:2013 Pointer Casting and Pointer Type Changes \[HFC\] Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TR 24772:2013 Type System \[IHN\] Prior to 2018-01-12: CERT: Unspecified Relationship
MISRA C:2012 Rule 11.8 (required) Prior to 2018-01-12: CERT: Unspecified Relationship
CERT C EXP55-CPP. Do not access a cv-qualified object through a cv-unqualified type Prior to 2018-01-12: CERT: Unspecified Relationship
+ + +## Bibliography + +
\[ ISO/IEC 9899:2011 \] 6.7.3, "Type Qualifiers"
+ ## Implementation notes -None +In limited cases, this query can raise false-positives for assignment of volatile objects and subsequent accesses of those objects via non-volatile pointers. ## References diff --git a/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.md b/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.md index 870ae704aa..8c56801e01 100644 --- a/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.md +++ b/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.md @@ -5,9 +5,214 @@ This query implements the CERT-C rule EXP36-C: > Do not cast pointers into more strictly aligned pointer types -## CERT -** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** +## Description + +Do not convert a pointer value to a pointer type that is more strictly aligned than the referenced type. Different alignments are possible for different types of objects. If the type-checking system is overridden by an explicit cast or the pointer is converted to a void pointer (`void *`) and then to a different type, the alignment of an object may be changed. + +The C Standard, 6.3.2.3, paragraph 7 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\], states + +> A pointer to an object or incomplete type may be converted to a pointer to a different object or incomplete type. If the resulting pointer is not correctly aligned for the referenced type, the behavior is undefined. + + +See [undefined behavior 25.](https://wiki.sei.cmu.edu/confluence/display/c/CC.+Undefined+Behavior#CC.UndefinedBehavior-ub_25) + +If the misaligned pointer is dereferenced, the program may [terminate abnormally](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-abnormaltermination). On some architectures, the cast alone may cause a loss of information even if the value is not dereferenced if the types involved have differing alignment requirements. + +## Noncompliant Code Example + +In this noncompliant example, the `char` pointer `&c` is converted to the more strictly aligned `int` pointer `ip`. On some [implementations](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation), `cp` will not match `&c`. As a result, if a pointer to one object type is converted to a pointer to a different object type, the second object type must not require stricter alignment than the first. + +```cpp +#include + +void func(void) { + char c = 'x'; + int *ip = (int *)&c; /* This can lose information */ + char *cp = (char *)ip; + + /* Will fail on some conforming implementations */ + assert(cp == &c); +} + +``` + +## Compliant Solution (Intermediate Object) + +In this compliant solution, the `char` value is stored into an object of type `int` so that the pointer's value will be properly aligned: + +```cpp +#include + +void func(void) { + char c = 'x'; + int i = c; + int *ip = &i; + + assert(ip == &i); +} +``` + +## Noncompliant Code Example + +The C Standard allows any object pointer to be cast to and from `void *`. As a result, it is possible to silently convert from one pointer type to another without the compiler diagnosing the problem by storing or casting a pointer to `void *` and then storing or casting it to the final type. In this noncompliant code example, `loop_function()` is passed the `char` pointer `char_ptr` but returns an object of type `int` pointer: + +```cpp +int *loop_function(void *v_pointer) { + /* ... */ + return v_pointer; +} + +void func(char *char_ptr) { + int *int_ptr = loop_function(char_ptr); + + /* ... */ +} +``` +This example compiles without warning using GCC 4.8 on Ubuntu Linux 14.04. However, `int_pointer` can be more strictly aligned than an object of type `char *`. + +## Compliant Solution + +Because the input parameter directly influences the return value, and `loop_function()` returns an object of type `int *`, the formal parameter `v_pointer` is redeclared to accept only an object of type `int *`: + +```cpp +int *loop_function(int *v_pointer) { + /* ... */ + return v_pointer; +} + +void func(int *loop_ptr) { + int *int_ptr = loop_function(loop_ptr); + + /* ... */ +} +``` + +## Noncompliant Code Example + +Some architectures require that pointers are correctly aligned when accessing objects larger than a byte. However, it is common in system code that unaligned data (for example, the network stacks) must be copied to a properly aligned memory location, such as in this noncompliant code example: + +```cpp +#include + +struct foo_header { + int len; + /* ... */ +}; + +void func(char *data, size_t offset) { + struct foo_header *tmp; + struct foo_header header; + + tmp = (struct foo_header *)(data + offset); + memcpy(&header, tmp, sizeof(header)); + + /* ... */ +} +``` +Assigning an unaligned value to a pointer that references a type that needs to be aligned is [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). An [implementation](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation) may notice, for example, that `tmp` and `header` must be aligned and use an inline `memcpy()` that uses instructions that assume aligned data. + +## Compliant Solution + +This compliant solution avoids the use of the `foo_header` pointer: + +```cpp +#include + +struct foo_header { + int len; + /* ... */ +}; + +void func(char *data, size_t offset) { + struct foo_header header; + memcpy(&header, data + offset, sizeof(header)); + + /* ... */ +} +``` + +## Exceptions + +**EXP36-C-EX1:** Some hardware architectures have relaxed requirements with regard to pointer alignment. Using a pointer that is not properly aligned is correctly handled by the architecture, although there might be a performance penalty. On such an architecture, improper pointer alignment is permitted but remains an efficiency problem. + +The x86 32- and 64-bit architectures usually impose only a performance penalty for violations of this rule, but under some circumstances, noncompliant code can still exhibit undefined behavior. Consider the following program: + +```cpp +#include +#include + +#define READ_UINT16(ptr) (*(uint16_t *)(ptr)) +#define WRITE_UINT16(ptr, val) (*(uint16_t *)(ptr) = (val)) + +void compute(unsigned char *b1, unsigned char *b2, + int value, int range) { + int i; + for (i = 0; i < range; i++) { + int newval = (int)READ_UINT16(b1) + value; + WRITE_UINT16(b2, newval); + b1 += 2; + b2 += 2; + } +} + +int main() { + unsigned char buffer1[1024]; + unsigned char buffer2[1024]; + printf("Compute something\n"); + compute(buffer1 + 3, buffer2 + 1, 42, 500); + return 0; +} +``` +This code tries to read short ints (which are 16 bits long) from odd pairs in a character array, which violates this rule. On 32- and 64-bit x86 platforms, this program should run to completion without incident. However, the program aborts with a SIGSEGV due to the unaligned reads on a 64-bit platform running Debian Linux, when compiled with GCC 4.9.4 using the flags `-O3` or `-O2 -ftree-loop-vectorize -fvect-cost-model`. + +If a developer wishes to violate this rule and use undefined behavior, they must not only ensure that the hardware guarantees the behavior of the object code, but they must also ensure that their compiler, along with its optimizer, also respect these guarantees. + +**EXP36-C-EX2**: If a pointer is known to be correctly aligned to the target type, then a cast to that type is permitted. There are several cases where a pointer is known to be correctly aligned to the target type. The pointer could point to an object declared with a suitable alignment specifier. It could point to an object returned by `aligned_alloc()`, `calloc()`, `malloc()`, or `realloc()`, as per the C standard, section 7.22.3, paragraph 1 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\]. + +This compliant solution uses the alignment specifier, which is new to C11, to declare the `char` object `c` with the same alignment as that of an object of type `int`. As a result, the two pointers reference equally aligned pointer types: + +```cpp +#include +#include + +void func(void) { + /* Align c to the alignment of an int */ + alignas(int) char c = 'x'; + int *ip = (int *)&c; + char *cp = (char *)ip; + /* Both cp and &c point to equally aligned objects */ + assert(cp == &c); +} +``` + +## Risk Assessment + +Accessing a pointer or an object that is not properly aligned can cause a program to crash or give erroneous information, or it can cause slow pointer accesses (if the architecture allows misaligned accesses). + +
Rule Severity Likelihood Remediation Cost Priority Level
EXP36-C Low Probable Medium P4 L3
+ + +## Automated Detection + +
Tool Version Checker Description
Astrée 22.04 pointer-cast-alignment Fully checked
Axivion Bauhaus Suite 7.2.0 CertC-EXP36
CodeSonar 7.2p0 LANG.CAST.PC.OBJ Cast: Object Pointers
Compass/ROSE Can detect violations of this rule. However, it does not flag explicit casts to void \* and then back to another pointer type
Coverity 2017.07 MISRA C 2004 Rule 11.4 MISRA C 2012 Rule 11.1 MISRA C 2012 Rule 11.2 MISRA C 2012 Rule 11.5 MISRA C 2012 Rule 11.7 Implemented
ECLAIR 1.2 CC2.EXP36 Fully implemented
EDG
GCC 4.3.5 Can detect some violations of this rule when the -Wcast-align flag is used
Helix QAC 2022.4 C0326, C3305 C++3033, C++3038
Klocwork 2022.4 MISRA.CAST.OBJ_PTR_TO_OBJ_PTR.2012
LDRA tool suite 9.7.1 94 S, 606 S Partially implemented
Parasoft C/C++test 2022.2 CERT_C-EXP36-a A cast should not be performed between a pointer to object type and a different pointer to object type
PC-lint Plus 1.4 2445 Partially supported: reports casts directly from a pointer to a less strictly aligned type to a pointer to a more strictly aligned type
Polyspace Bug Finder R2022b CERT C: Rule EXP36-C Checks for source buffer misaligned with destination buffer (rule fully covered)
PRQA QA-C 9.7 0326, 3305 Fully implemented
PRQA QA-C++ 4.4 3033, 3038
PVS-Studio 7.22 V548 , V641 , V1032
RuleChecker 22.04 pointer-cast-alignment Fully checked
+ + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+EXP36-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
Taxonomy Taxonomy item Relationship
CERT C VOID EXP56-CPP. Do not cast pointers into more strictly aligned pointer types Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TR 24772:2013 Pointer Casting and Pointer Type Changes \[HFC\] Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TS 17961 Converting pointer values to more strictly aligned pointer types \[alignconv\] Prior to 2018-01-12: CERT: Unspecified Relationship
MISRA C:2012 Rule 11.1 (required) Prior to 2018-01-12: CERT: Unspecified Relationship
MISRA C:2012 Rule 11.2 (required) Prior to 2018-01-12: CERT: Unspecified Relationship
MISRA C:2012 Rule 11.5 (advisory) Prior to 2018-01-12: CERT: Unspecified Relationship
MISRA C:2012 Rule 11.7 (required) Prior to 2018-01-12: CERT: Unspecified Relationship
+ + +## Bibliography + +
\[ Bryant 2003 \]
\[ ISO/IEC 9899:2011 \] 6.3.2.3, "Pointers"
\[ Walfridsson 2003 \] Aliasing, Pointer Casts and GCC 3.3
+ ## Implementation notes diff --git a/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.md b/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.md index 90d2139747..8d8b132c4d 100644 --- a/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.md +++ b/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.md @@ -5,9 +5,304 @@ This query implements the CERT-C rule EXP39-C: > Do not access a variable through a pointer of an incompatible type -## CERT -** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** +## Description + +Modifying a variable through a pointer of an incompatible type (other than `unsigned char`) can lead to unpredictable results. Subclause 6.2.7 of the C Standard states that two types may be distinct yet compatible and addresses precisely when two distinct types are compatible. + +This problem is often caused by a violation of aliasing rules. The C Standard, 6.5, paragraph 7 \[ [ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011) \], specifies those circumstances in which an object may or may not be aliased. + +> An object shall have its stored value accessed only by an lvalue expression that has one of the following types: + + +* a type compatible with the effective type of the object, +* a qualified version of a type compatible with the effective type of the object, +* a type that is the signed or unsigned type corresponding to the effective type of the object, +* a type that is the signed or unsigned type corresponding to a qualified version of the effective type of the object, +* an aggregate or union type that includes one of the aforementioned types among its members (including, recursively, a member of a subaggregate or contained union), or +* a character type. +Accessing an object by means of any other [lvalue](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-lvalue) expression (other than `unsigned char`) is [undefined behavior 37](https://wiki.sei.cmu.edu/confluence/display/c/CC.+Undefined+Behavior#CC.UndefinedBehavior-ub_37). + +## Noncompliant Code Example + +In this noncompliant example, an object of type `float` is incremented through an `int *`. The programmer can use the unit in the last place to get the next representable value for a floating-point type. However, accessing an object through a pointer of an incompatible type is undefined behavior. + +```cpp +#include + +void f(void) { + if (sizeof(int) == sizeof(float)) { + float f = 0.0f; + int *ip = (int *)&f; + (*ip)++; + printf("float is %f\n", f); + } +} + +``` + +## Compliant Solution + +In this compliant solution, the standard C function `nextafterf()` is used to round toward the highest representable floating-point value: + +```cpp +#include +#include +#include + +void f(void) { + float f = 0.0f; + f = nextafterf(f, FLT_MAX); + printf("float is %f\n", f); +} + +``` + +## Noncompliant Code Example + +In this noncompliant code example, an array of two values of type `short` is treated as an integer and assigned an integer value. The resulting values are indeterminate. + +```cpp +#include + +void func(void) { + short a[2]; + a[0]=0x1111; + a[1]=0x1111; + + *(int *)a = 0x22222222; + + printf("%x %x\n", a[0], a[1]); +} +``` +When translating this code, an implementation can assume that no access through an integer pointer can change the array `a`, consisting of shorts. Consequently, `printf()` may be called with the original values of `a[0]` and `a[1]`. + +**Implementation Details** + +Recent versions of GCC turn on the option `-fstrict-aliasing,` which allows alias-based optimizations, by default with `-O2`. Some architectures then print "1111 1111" as a result. Without optimization, the executable generates the *expected* output "2222 2222." + +To disable optimizations based on alias analysis for faulty legacy code, the option `-fno-strict-aliasing` can be used as a workaround. The option `-Wstrict-aliasing,` which is included in `-Wall,` warns about some, but not all, violations of aliasing rules when `-fstrict-aliasing` is active. + +When GCC 3.4.6 compiles this code with optimization, the assignment through the aliased pointer is effectively eliminated. + +## Compliant Solution + +This compliant solution uses a `union` type that includes a type compatible with the effective type of the object: + +```cpp +#include + +void func(void) { + union { + short a[2]; + int i; + } u; + + u.a[0]=0x1111; + u.a[1]=0x1111; + u.i = 0x22222222; + + printf("%x %x\n", u.a[0], u.a[1]); + + /* ... */ +} +``` +The C standard states: + +> If the member used to read the contents of a union object is not the same as the member last used to store a value in the object, the appropriate part of the object representation of the value is reinterpreted as an object representation in the new type as described in 6.2.6 (a process sometimes called “type punning”). This might be a trap representation. + + +The call to `printf()` typically outputs "2222 2222". However, there is no guarantee that this will be true; the object representations of `a` and `i` are unspecified and need not be compatible in this way, despite this operation being commonly accepted as an implementation extension. (See [unspecified behavior 11](https://wiki.sei.cmu.edu/confluence/display/c/DD.+Unspecified+Behavior#DD.UnspecifiedBehavior-unspecifiedbehavior11).) + +## Noncompliant Code Example + +In this noncompliant code example, a `gadget` object is allocated, then `realloc()` is called to create a `widget` object using the memory from the `gadget` object. Although reusing memory to change types is acceptable, accessing the memory copied from the original object is undefined behavior. + +```cpp +#include + +struct gadget { + int i; + double d; + char *p; +}; + +struct widget { + char *q; + int j; + double e; +}; + +void func(void) { + struct gadget *gp; + struct widget *wp; + + gp = (struct gadget *)malloc(sizeof(struct gadget)); + if (!gp) { + /* Handle error */ + } + /* ... Initialize gadget ... */ + wp = (struct widget *)realloc(gp, sizeof(struct widget)); + if (!wp) { + free(gp); + /* Handle error */ + } + if (wp->j == 12) { + /* ... */ + } + /* ... */ + free(wp); +} +``` + +## Compliant Solution + +This compliant solution reuses the memory from the `gadget` object but reinitializes the memory to a consistent state before reading from it: + +```cpp +#include +#include + +struct gadget { + int i; + double d; + char *p; +}; + +struct widget { + char *q; + int j; + double e; +}; + +void func(void) { + struct gadget *gp; + struct widget *wp; + + gp = (struct gadget *)malloc(sizeof (struct gadget)); + if (!gp) { + /* Handle error */ + } + /* ... */ + wp = (struct widget *)realloc(gp, sizeof(struct widget)); + if (!wp) { + free(gp); + /* Handle error */ + } + memset(wp, 0, sizeof(struct widget)); + /* ... Initialize widget ... */ + + if (wp->j == 12) { + /* ... */ + } + /* ... */ + free(wp); +} +``` + +## Noncompliant Code Example + +According to the C Standard, 6.7.6.2 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\], using two or more incompatible arrays in an expression is [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). (See also [undefined behavior 76](https://wiki.sei.cmu.edu/confluence/display/c/CC.+Undefined+Behavior#CC.UndefinedBehavior-ub_76).) + +For two array types to be compatible, both should have compatible underlying element types, and both size specifiers should have the same constant value. If either of these properties is violated, the resulting behavior is undefined. + +In this noncompliant code example, the two arrays `a` and `b` fail to satisfy the equal size specifier criterion for array compatibility. Because `a` and `b` are not equal, writing to what is believed to be a valid member of `a` might exceed its defined memory boundary, resulting in an arbitrary memory overwrite. + +```cpp +enum { ROWS = 10, COLS = 15 }; + +void func(void) { + int a[ROWS][COLS]; + int (*b)[ROWS] = a; +} +``` +Most compilers will produce a warning diagnostic if the two array types used in an expression are incompatible. + +## Compliant Solution + +In this compliant solution, `b` is declared to point to an array with the same number of elements as `a`, satisfying the size specifier criterion for array compatibility: + +```cpp +enum { ROWS = 10, COLS = 15 }; + +void func(void) { + int a[ROWS][COLS]; + int (*b)[COLS] = a; +} +``` + +## Risk Assessment + +Optimizing for performance can lead to aliasing errors that can be quite difficult to detect. Furthermore, as in the preceding example, unexpected results can lead to buffer overflow attacks, bypassing security checks, or unexpected execution. + +
Recommendation Severity Likelihood Remediation Cost Priority Level
EXP39-C Medium Unlikely High P2 L3
+ + +## Automated Detection + +
Tool Version Checker Description
Helix QAC 2022.4 C0310, C0751, C3305 C++3017, C++3030, C++3033
Klocwork 2022.4 MISRA.CAST.FUNC_PTR.2012 MISRA.CAST.INCOMPLETE_PTR_TO_ANY.2012 MISRA.CAST.OBJ_PTR_TO_NON_INT.2012 MISRA.CAST.OBJ_PTR_TO_OBJ_PTR.2012
LDRA tool suite 9.7.1 94 S, 554 S Partially implemented
Parasoft C/C++test 2022.2 CERT_C-EXP39-a CERT_C-EXP39-b CERT_C-EXP39-c CERT_C-EXP39-d CERT_C-EXP39-e CERT_C-EXP39-f There shall be no implicit conversions from integral to floating type A cast should not be performed between a pointer to object type and a different pointer to object type Avoid accessing arrays and pointers out of bounds Avoid buffer overflow from tainted data due to defining incorrect format limits Avoid buffer read overflow from tainted data Avoid buffer write overflow from tainted data
Polyspace Bug Finder R2022b CERT C: Rule EXP39-C Checks for cast to pointer pointing to object of different type (rule partially covered)
PRQA QA-C 9.7 0310, 0751, 3305 Partially implemented
PRQA QA-C++ 4.4 3017, 3030, 3033
PVS-Studio 7.22 V580
+ + +## Related Vulnerabilities + +Search for vulnerabilities resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+EXP39-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
Taxonomy Taxonomy item Relationship
ISO/IEC TS 17961 Accessing an object through a pointer to an incompatible type \[ptrcomp\] Prior to 2018-01-12: CERT: Unspecified Relationship
CWE 2.11 CWE-119 , Improper Restriction of Operations within the Bounds of a Memory Buffer 2017-05-18: CERT: Partial overlap
CWE 2.11 CWE-125 , Out-of-bounds Read 2017-05-18: CERT: Partial overlap
CWE 2.11 CWE-704 2017-06-14: CERT: Rule subset of CWE
+ + +## CERT-CWE Mapping Notes + +[Key here](https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=87152408#HowthisCodingStandardisOrganized-CERT-CWEMappingNotes) for mapping notes + +**CWE-119 and EXP39-C** + +Independent( ARR30-C, ARR38-C, ARR32-C, INT30-C, INT31-C, EXP39-C, EXP33-C, FIO37-C) STR31-C = Subset( Union( ARR30-C, ARR38-C)) STR32-C = Subset( ARR38-C) + +Intersection( EXP39-C, CWE-119) = + +* Reading memory assigned to one type, but being accessed through a pointer to a larger type. +EXP39-C – CWE-119 = +* Writing to memory assigned to one type, but accessed through a pointer to a larger type +* Reading memory assigned to one type, but being accessed through a pointer to a smaller (or equal-sized) type +CWE-119 – EXP39-C = +* Reading beyond a buffer using a means other than accessing a variable through an incompatible pointer. +**CWE-123 and EXP39-C** + +Intersection( CWE-123, EXP39-C) = Ø + +EXP39-C allows overflowing a (small) buffer, but not arbitrary memory writes. (Possibly an arbitrary-memory write exploit could be devised using a “perfect storm” of incompatible types, but this would be uncommon in practice.) + +**CWE-125 and EXP39-C** + +Independent( ARR30-C, ARR38-C, EXP39-C, INT30-C) STR31-C = Subset( Union( ARR30-C, ARR38-C)) STR32-C = Subset( ARR38-C) + +Intersection( EXP39-C, CWE-125) = + +* Reading memory assigned to one type, but being accessed through a pointer to a larger type. +ESP39-C – CWE-125 = +* Reading memory assigned to one type, but being accessed through a pointer to a smaller (or equal-sized) type +CWE-125 – EXP39-C = +* Reading beyond a buffer using a means other than accessing a variable through an incompatible pointer. +**CWE-188 and EXP39-C** + +Intersection( CWE-188, EXP39-C) = Ø + +CWE-188 appears to be about making assumptions about the layout of memory between distinct variables (that are not part of a larger struct or array). Such assumptions typically involve pointer arithmetic (which violates ARR30-C). EXP39-C involves only one object in memory being (incorrectly) interpreted as if it were another object. EG a float being treated as an int (usually via pointers and typecasting) + +**CWE-704 and EXP39-C** + +CWE-704 = Union( EXP39-C, list) where list = + +* Incorrect (?) typecast that is not incompatible + +## Bibliography + +
\[ Acton 2006 \] " Understanding Strict Aliasing "
GCC Known Bugs "C Bugs, Aliasing Issues while Casting to Incompatible Types"
\[ ISO/IEC 9899:2011 \] 6.5, "Expressions" 6.7.6.2, "Array Declarators"
\[ Walfridsson 2003 \] Aliasing, Pointer Casts and GCC 3.3
+ ## Implementation notes diff --git a/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql b/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql index d9ef7e742c..760603de6b 100644 --- a/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql +++ b/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.cert -import semmle.code.cpp.dataflow.DataFlow +import semmle.code.cpp.ir.dataflow.DataFlow import semmle.code.cpp.controlflow.Dominance import DataFlow::PathGraph diff --git a/c/cert/src/rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.md b/c/cert/src/rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.md new file mode 100644 index 0000000000..827aad74c0 --- /dev/null +++ b/c/cert/src/rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.md @@ -0,0 +1,297 @@ +# EXP43-C: Do not pass aliased pointers to restrict-qualified parameters + +This query implements the CERT-C rule EXP43-C: + +> Avoid undefined behavior when using restrict-qualified pointers + + + +## Description + +An object that is accessed through a `restrict`-qualified pointer has a special association with that pointer. This association requires that all accesses to that object use, directly or indirectly, the value of that particular pointer. The intended use of the restrict qualifier is to promote optimization, and deleting all instances of the qualifier from a program does not change its meaning (that is, observable behavior). In the absence of this qualifier, other pointers can alias this object. Caching the value in an object designated through a `restrict`-qualified pointer is safe at the beginning of the block in which the pointer is declared because no preexisting aliases may also be used to reference that object. The cached value must be restored to the object by the end of the block, where preexisting aliases again become available. New aliases may be formed within the block, but these must all depend on the value of the `restrict`-qualified pointer so that they can be identified and adjusted to refer to the cached value. For a `restrict`-qualified pointer at file scope, the block is the body of each function in the file \[[Walls 2006](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography)\]. Developers should be aware that C++ does not support the `restrict` qualifier, but some C++ compiler implementations support an equivalent qualifier as an extension. + +The C Standard \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\] identifies the following [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior): + +> A restrict-qualified pointer is assigned a value based on another restricted pointer whose associated block neither began execution before the block associated with this pointer, nor ended before the assignment (6.7.3.1). + + +This is an oversimplification, however, and it is important to review the formal definition of *restrict* in subclause 6.7.3.1 of the C Standard to properly understand undefined behaviors associated with the use of `restrict`-qualified pointers. + +## Overlapping Objects + +The `restrict` qualifier requires that the pointers do not reference overlapping objects. If the objects referenced by arguments to functions overlap (meaning the objects share some common memory addresses), the behavior is undefined. + +**Noncompliant Code Example** + +This code example is noncompliant because an assignment is made between two `restrict`-qualified pointers in the same scope: + +```cpp +int *restrict a; +int *restrict b; + +extern int c[]; + +int main(void) { + c[0] = 17; + c[1] = 18; + a = &c[0]; + b = &c[1]; + a = b; /* Undefined behavior */ + /* ... */ +} +``` +Note that [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior) occurs only when `a` is assigned to `b`. It is valid for `a` and `b` to point into the same array object, provided the range of elements accessed through one of the pointers does not overlap with the range of elements accessed through the other pointer. + +**Compliant Solution** + +One way to eliminate the [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior) is simply to remove the `restrict-`qualification from the affected pointers: + +```cpp +int *a; +int *b; + +extern int c[]; + +int main(void) { + c[0] = 17; + c[1] = 18; + a = &c[0]; + b = &c[1]; + a = b; /* Defined behavior */ + /* ... */ +} +``` + +## restrict-Qualified Function Parameters + +When calling functions that have `restrict`-qualified function parameters, it is important that the pointer arguments do not reference overlapping objects if one or more of the pointers are used to modify memory. Consequently, it is important to understand the semantics of the function being called. + +**Noncompliant Code Example** + +In this noncompliant code example, the function `f()` accepts three parameters. The function copies `n` integers from the `int` array referenced by the `restrict`-qualified pointer `p` to the `int` array referenced by the `restrict`-qualified pointer `q`. Because the destination array is modified during each execution of the function (for which `n` is nonzero), if the array is accessed through one of the pointer parameters, it cannot also be accessed through the other. Declaring these function parameters as `restrict`-qualified pointers allows aggressive optimization by the compiler but can also result in [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior) if these pointers refer to overlapping objects. + +```cpp +#include +void f(size_t n, int *restrict p, const int *restrict q) { + while (n-- > 0) { + *p++ = *q++; + } +} + +void g(void) { + extern int d[100]; + /* ... */ + f(50, d + 1, d); /* Undefined behavior */ +} +``` +The function `g()` declares an array `d` consisting of 100 `int` values and then invokes `f()` to copy memory from one area of the array to another. This call has undefined behavior because each of `d[1]` through `d[49]` is accessed through both `p` and `q`. + +**Compliant Solution** + +In this compliant solution, the function `f()` is unchanged but the programmer has ensured that none of the calls to `f()` result in [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). The call to `f()` in `g()` is valid because the storage allocated to `d` is effectively divided into two disjoint objects. + +```cpp +#include +void f(size_t n, int *restrict p, const int *restrict q) { + while (n-- > 0) { + *p++ = *q++; + } +} + +void g(void) { + extern int d[100]; + /* ... */ + f(50, d + 50, d); /* Defined behavior */ +} +``` +**Noncompliant Code Example** + +In this noncompliant code example, the function `add()` adds the integer array referenced by the `restrict`-qualified pointers lhs to the integer array referenced by the `restrict`-qualified pointer `rhs` and stores the result in the `restrict`-qualified pointer referenced by `res`. The function `f()` declares an array `a` consisting of 100 `int` values and then invokes `add()` to copy memory from one area of the array to another. The call `add(100, a, a, a)` has [undefined behavior ](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior)because the object modified by `res` is accessed by lhs and `rhs`. + +```cpp +#include + +void add(size_t n, int *restrict res, const int *restrict lhs, + const int *restrict rhs) { + for (size_t i = 0; i < n; ++i) { + res[i] = lhs[i] + rhs[i]; + } +} + +void f(void) { + int a[100]; + add(100, a, a, a); /* Undefined behavior */ +} +``` +**Compliant Solution** + +In this compliant solution, an unmodified object is aliased through two restricted pointers. Because `a` and `b` are disjoint arrays, a call of the form `add(100, a, b, b)` has defined behavior, because array `b` is not modified within function `add`. + +```cpp +#include +void add(size_t n, int *restrict res, const int *restrict lhs, + const int *restrict rhs) { + for (size_t i = 0; i < n; ++i) { + res[i] = lhs[i] + rhs[i]; + } +} + +void f(void) { + int a[100]; + int b[100]; + add(100, a, b, b); /* Defined behavior */ +} +``` + +## Invoking Library Functions with restrict-Qualified Pointers + +Ensure that `restrict`-qualified source and destination pointers do not reference overlapping objects when invoking library functions. For example, the following table lists C standard library functions that copy memory from a source object referenced by a `restrict`-qualified pointer to a destination object that is also referenced by a `restrict`-qualified pointer: + +
Standard C Annex K
strcpy() strcpy_s()
strncpy() strncpy_s()
strcat() strcat_s()
strncat() strncat_s()
memcpy() memcpy_s()
strtok_s()
+If the objects referenced by arguments to functions overlap (meaning the objects share some common memory addresses), the behavior is [undefined](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). (See also [undefined behavior 68](https://wiki.sei.cmu.edu/confluence/display/c/CC.+Undefined+Behavior#CC.UndefinedBehavior-ub_68).) The result of the functions is unknown, and data may be corrupted. As a result, these functions must never be passed pointers to overlapping objects. If data must be copied between objects that share common memory addresses, a copy function guaranteed to work on overlapping memory, such as `memmove()`, should be used. + + +**Noncompliant Code Example** + +In this noncompliant code example, the values of objects referenced by `ptr1` and `ptr2` become unpredictable after the call to `memcpy()` because their memory areas overlap: + +```cpp +#include + +void func(void) { + char c_str[]= "test string"; + char *ptr1 = c_str; + char *ptr2; + + ptr2 = ptr1 + 3; + /* Undefined behavior because of overlapping objects */ + memcpy(ptr2, ptr1, 6); + /* ... */ +} +``` +**Compliant Solution** + +In this compliant solution, the call to `memcpy()` is replaced with a call to `memmove()`. The `memmove()` function performs the same operation as `memcpy()` when the memory regions do not overlap. When the memory regions do overlap, the *n* characters from the object pointed to by the source (`ptr1`) are first copied into a temporary array of *n* characters that does not overlap the objects pointed to by the destination (`ptr2`) or the source. The *n* characters from the temporary array are then copied into the object pointed to by the destination. + +```cpp +#include + +void func(void) { + char c_str[]= "test string"; + char *ptr1 = c_str; + char *ptr2; + + ptr2 = ptr1 + 3; + memmove(ptr2, ptr1, 6); /* Replace call to memcpy() */ + /* ... */ +} +``` +Similar solutions using `memmove()` can replace the string functions as long as care is taken regarding the byte size of the characters and proper null-termination of the copied string. + +## Calling Functions with restrict-Qualified Pointer to a const-Qualified Type + +Ensure that functions that accept a `restrict`-qualified pointer to a `const`-qualified type do not modify the object referenced by that pointer. Formatted input and output standard library functions frequently fit this description. The following table lists of some of the common functions for which the format argument is a `restrict`-qualified pointer to a `const`-qualified type. + +
Standard C Annex K
printf() printf_s()
scanf() scanf_s()
sprintf() sprintf_s()
snprintf() snprintf_s()
+For formatted output functions such as `printf()`, it is unlikely that a programmer would modify the format string. However, an attacker may attempt to do so if a program violates [FIO30-C. Exclude user input from format strings](https://wiki.sei.cmu.edu/confluence/display/c/FIO30-C.+Exclude+user+input+from+format+strings) and passes tainted values as part of the format string. + + +**Noncompliant Code Example** + +In this noncompliant code example, the programmer is attempting to overwrite the format string with a string value read in from `stdin` such as `"%d%f 1 3.3"` and use the resulting modified string of `"%s%d%f"` to input the subsequent values of `1` and `3.3`: + +```cpp +#include + +void func(void) { + int i; + float x; + char format[100] = "%s"; + /* Undefined behavior */ + int n = scanf(format, format + 2, &i, &x); + /* ... */ +} +``` +**Compliant Solution** + +The intended results are achieved by this compliant solution: + +```cpp +#include + +void func(void) { + int i; + float x; + int n = scanf("%d%f", &i, &x); /* Defined behavior */ + /* ... */ +} +``` + +## Outer-to-Inner Assignments between Restricted Pointers + +The assignment between `restrict`-qualified pointers declared in an inner nested block from an outer block has defined behavior. + +**Noncompliant Code Example** + +The assignment of `restrict`-qualified pointers to other `restrict`-qualified pointers within the same block has [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior): + +```cpp +void func(void) { + int *restrict p1; + int *restrict q1; + + int *restrict p2 = p1; /* Undefined behavior */ + int *restrict q2 = q1; /* Undefined behavior */ + } +``` +**Compliant Solution** + +The intended results can be achieved using an inner nested block, as shown in this compliant solution: + +```cpp +void func(void) { + int *restrict p1; + int *restrict q1; + { /* Added inner block */ + int *restrict p2 = p1; /* Valid, well-defined behavior */ + int *restrict q2 = q1; /* Valid, well-defined behavior */ + } +} +``` + +## Risk Assessment + +The incorrect use of `restrict`-qualified pointers can result in [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior) that might be [exploited](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) to cause data integrity violations. + +
Rule Severity Likelihood Remediation Cost Priority Level
EXP43-C Medium Probable High P4 L3
+ + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+EXP43-C). + +## Automated Detection + +
Tool Version Checker Description
Astrée 22.04 restrict Supported indirectly via MISRA C 2012 Rule 8.14.
CodeSonar 7.2p0 LANG.TYPE.RESTRICT Restrict qualifier used
Coverity 2017.07 MISRA C 2012 Rule 8.14 Partially implemented
GCC 8.1 -Wrestrict Fully implemented
Helix QAC 2022.4 C1057
Klocwork 2022.4 MISRA.TYPE.RESTRICT.QUAL.2012
LDRA tool suite 9.7.1 480 S, 489 S, 613 S Enhanced enforcement
Parasoft C/C++test 2022.2 CERT_C-EXP43-a The restrict type qualifier shall not be used
PC-lint Plus 1.4 586 Assistance provided: reports use of the restrict keyword
Polyspace Bug Finder R2022b CERT C: Rule EXP43-C Checks for copy of overlapping memory (rule partially covered)
PRQA QA-C 9.7 1057
RuleChecker 22.04 restrict Supported indirectly via MISRA C 2012 Rule 8.14.
SonarQube C/C++ Plugin 3.11 S1836 Implements MISRA C:2012 Rule 8.14 to flag uses of restrict
+ + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
Taxonomy Taxonomy item Relationship
CERT C Secure Coding Standard FIO30-C. Exclude user input from format strings Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TR 24772:2013 Passing Parameters and Return Values \[CSJ\] Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TS 17961 Passing pointers into the same object as arguments to different restrict-qualified parameters \[restrict\] Prior to 2018-01-12: CERT: Unspecified Relationship
MISRA C:2012 Rule 8.14 (required) 1 Prior to 2018-01-12: CERT: Unspecified Relationship
+1. MISRA Rule 8.14 prohibits the use of the restrict keyword except in C standard library functions. + + +## Bibliography + +
\[ ISO/IEC 9899:2011 \] 6.7.3.1, "Formal Definition of restrict "
\[ Walls 2006 \]
+ + +## Implementation notes + +None + +## References + +* CERT-C: [EXP43-C: Avoid undefined behavior when using restrict-qualified pointers](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.ql b/c/cert/src/rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.ql new file mode 100644 index 0000000000..60cbfa7756 --- /dev/null +++ b/c/cert/src/rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.ql @@ -0,0 +1,141 @@ +/** + * @id c/cert/do-not-pass-alised-pointer-to-restrict-qualified-parameter + * @name EXP43-C: Do not pass aliased pointers to restrict-qualified parameters + * @description Passing an aliased pointer to a restrict-qualified parameter is undefined behavior. + * @kind problem + * @precision medium + * @problem.severity error + * @tags external/cert/id/exp43-c + * correctness + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import codingstandards.c.Pointers +import semmle.code.cpp.dataflow.DataFlow +import semmle.code.cpp.pointsto.PointsTo +import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis + +/** + * A type that is a pointer or array type. + */ +class PointerOrArrayType extends DerivedType { + PointerOrArrayType() { + this.stripTopLevelSpecifiers() instanceof PointerType or + this.stripTopLevelSpecifiers() instanceof ArrayType + } +} + +/** + * A function that has a parameter with a restrict-qualified pointer type. + */ +class FunctionWithRestrictParameters extends Function { + Parameter restrictPtrParam; + + FunctionWithRestrictParameters() { + restrictPtrParam = this.getAParameter() and + restrictPtrParam.getUnspecifiedType() instanceof PointerOrArrayType and + restrictPtrParam.getType().hasSpecifier("restrict") + } + + Parameter getARestrictPtrParam() { result = restrictPtrParam } +} + +/** + * A call to a function that has a parameter with a restrict-qualified pointer type. + */ +class CallToFunctionWithRestrictParameters extends FunctionCall { + CallToFunctionWithRestrictParameters() { + this.getTarget() instanceof FunctionWithRestrictParameters + } + + Expr getARestrictPtrArg() { + result = + this.getArgument(this.getTarget() + .(FunctionWithRestrictParameters) + .getARestrictPtrParam() + .getIndex()) + } + + Expr getAPtrArg() { + result = this.getAnArgument() and + pointerValue(result) + } + + Expr getAPossibleSizeArg() { + exists(Parameter param | + param = this.getTarget().(FunctionWithRestrictParameters).getAParameter() and + param.getUnderlyingType() instanceof IntegralType and + // exclude __builtin_object_size + not result.(FunctionCall).getTarget() instanceof BuiltInFunction and + result = this.getArgument(param.getIndex()) + ) + } +} + +/** + * A `PointsToExpr` that is an argument of a pointer-type in a `CallToFunctionWithRestrictParameters` + */ +class ArgPointsToExpr extends PointsToExpr { + override predicate interesting() { + any(CallToFunctionWithRestrictParameters call).getAnArgument() = this and + pointerValue(this) + } +} + +int getStatedValue(Expr e) { + // `upperBound(e)` defaults to `exprMaxVal(e)` when `e` isn't analyzable. So to get a meaningful + // result in this case we pick the minimum value obtainable from dataflow and range analysis. + result = + upperBound(e) + .minimum(min(Expr source | DataFlow::localExprFlow(source, e) | source.getValue().toInt())) +} + +int getPointerArithmeticOperandStatedValue(ArgPointsToExpr expr) { + result = getStatedValue(expr.(PointerArithmeticExpr).getOperand()) + or + // edge-case: &(array[index]) expressions + result = getStatedValue(expr.(AddressOfExpr).getOperand().(PointerArithmeticExpr).getOperand()) + or + // fall-back if `expr` is not a pointer arithmetic expression + not expr instanceof PointerArithmeticExpr and + not expr.(AddressOfExpr).getOperand() instanceof PointerArithmeticExpr and + result = 0 +} + +from + CallToFunctionWithRestrictParameters call, ArgPointsToExpr arg1, ArgPointsToExpr arg2, + int argOffset1, int argOffset2 +where + not isExcluded(call, Pointers3Package::doNotPassAlisedPointerToRestrictQualifiedParameterQuery()) and + arg1 = call.getARestrictPtrArg() and + arg2 = call.getAPtrArg() and + // two arguments that point to the same object + arg1 != arg2 and + arg1.pointsTo() = arg2.pointsTo() and + arg1.confidence() = 1.0 and + arg2.confidence() = 1.0 and + // get the offset of the pointer arithmetic operand (or '0' if there is none) + argOffset1 = getPointerArithmeticOperandStatedValue(arg1) and + argOffset2 = getPointerArithmeticOperandStatedValue(arg2) and + ( + // case 1: the pointer args are the same. + // (definite aliasing) + argOffset1 = argOffset2 + or + // case 2: the pointer args are different, a size arg exists, + // and the size arg is greater than the difference between the offsets. + // (potential aliasing) + exists(Expr sizeArg | + sizeArg = call.getAPossibleSizeArg() and + getStatedValue(sizeArg) > (argOffset1 - argOffset2).abs() + ) + or + // case 3: the pointer args are different, and a size arg does not exist + // (potential aliasing) + not exists(call.getAPossibleSizeArg()) + ) +select call, + "Call to '" + call.getTarget().getName() + + "' passes an aliased pointer to a restrict-qualified parameter." diff --git a/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.md b/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.md new file mode 100644 index 0000000000..3fef1b9e33 --- /dev/null +++ b/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.md @@ -0,0 +1,297 @@ +# EXP43-C: Do not assign the value of a restrict-qualified pointer to another restrict-qualified pointer. + +This query implements the CERT-C rule EXP43-C: + +> Avoid undefined behavior when using restrict-qualified pointers + + + +## Description + +An object that is accessed through a `restrict`-qualified pointer has a special association with that pointer. This association requires that all accesses to that object use, directly or indirectly, the value of that particular pointer. The intended use of the restrict qualifier is to promote optimization, and deleting all instances of the qualifier from a program does not change its meaning (that is, observable behavior). In the absence of this qualifier, other pointers can alias this object. Caching the value in an object designated through a `restrict`-qualified pointer is safe at the beginning of the block in which the pointer is declared because no preexisting aliases may also be used to reference that object. The cached value must be restored to the object by the end of the block, where preexisting aliases again become available. New aliases may be formed within the block, but these must all depend on the value of the `restrict`-qualified pointer so that they can be identified and adjusted to refer to the cached value. For a `restrict`-qualified pointer at file scope, the block is the body of each function in the file \[[Walls 2006](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography)\]. Developers should be aware that C++ does not support the `restrict` qualifier, but some C++ compiler implementations support an equivalent qualifier as an extension. + +The C Standard \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\] identifies the following [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior): + +> A restrict-qualified pointer is assigned a value based on another restricted pointer whose associated block neither began execution before the block associated with this pointer, nor ended before the assignment (6.7.3.1). + + +This is an oversimplification, however, and it is important to review the formal definition of *restrict* in subclause 6.7.3.1 of the C Standard to properly understand undefined behaviors associated with the use of `restrict`-qualified pointers. + +## Overlapping Objects + +The `restrict` qualifier requires that the pointers do not reference overlapping objects. If the objects referenced by arguments to functions overlap (meaning the objects share some common memory addresses), the behavior is undefined. + +**Noncompliant Code Example** + +This code example is noncompliant because an assignment is made between two `restrict`-qualified pointers in the same scope: + +```cpp +int *restrict a; +int *restrict b; + +extern int c[]; + +int main(void) { + c[0] = 17; + c[1] = 18; + a = &c[0]; + b = &c[1]; + a = b; /* Undefined behavior */ + /* ... */ +} +``` +Note that [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior) occurs only when `a` is assigned to `b`. It is valid for `a` and `b` to point into the same array object, provided the range of elements accessed through one of the pointers does not overlap with the range of elements accessed through the other pointer. + +**Compliant Solution** + +One way to eliminate the [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior) is simply to remove the `restrict-`qualification from the affected pointers: + +```cpp +int *a; +int *b; + +extern int c[]; + +int main(void) { + c[0] = 17; + c[1] = 18; + a = &c[0]; + b = &c[1]; + a = b; /* Defined behavior */ + /* ... */ +} +``` + +## restrict-Qualified Function Parameters + +When calling functions that have `restrict`-qualified function parameters, it is important that the pointer arguments do not reference overlapping objects if one or more of the pointers are used to modify memory. Consequently, it is important to understand the semantics of the function being called. + +**Noncompliant Code Example** + +In this noncompliant code example, the function `f()` accepts three parameters. The function copies `n` integers from the `int` array referenced by the `restrict`-qualified pointer `p` to the `int` array referenced by the `restrict`-qualified pointer `q`. Because the destination array is modified during each execution of the function (for which `n` is nonzero), if the array is accessed through one of the pointer parameters, it cannot also be accessed through the other. Declaring these function parameters as `restrict`-qualified pointers allows aggressive optimization by the compiler but can also result in [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior) if these pointers refer to overlapping objects. + +```cpp +#include +void f(size_t n, int *restrict p, const int *restrict q) { + while (n-- > 0) { + *p++ = *q++; + } +} + +void g(void) { + extern int d[100]; + /* ... */ + f(50, d + 1, d); /* Undefined behavior */ +} +``` +The function `g()` declares an array `d` consisting of 100 `int` values and then invokes `f()` to copy memory from one area of the array to another. This call has undefined behavior because each of `d[1]` through `d[49]` is accessed through both `p` and `q`. + +**Compliant Solution** + +In this compliant solution, the function `f()` is unchanged but the programmer has ensured that none of the calls to `f()` result in [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). The call to `f()` in `g()` is valid because the storage allocated to `d` is effectively divided into two disjoint objects. + +```cpp +#include +void f(size_t n, int *restrict p, const int *restrict q) { + while (n-- > 0) { + *p++ = *q++; + } +} + +void g(void) { + extern int d[100]; + /* ... */ + f(50, d + 50, d); /* Defined behavior */ +} +``` +**Noncompliant Code Example** + +In this noncompliant code example, the function `add()` adds the integer array referenced by the `restrict`-qualified pointers lhs to the integer array referenced by the `restrict`-qualified pointer `rhs` and stores the result in the `restrict`-qualified pointer referenced by `res`. The function `f()` declares an array `a` consisting of 100 `int` values and then invokes `add()` to copy memory from one area of the array to another. The call `add(100, a, a, a)` has [undefined behavior ](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior)because the object modified by `res` is accessed by lhs and `rhs`. + +```cpp +#include + +void add(size_t n, int *restrict res, const int *restrict lhs, + const int *restrict rhs) { + for (size_t i = 0; i < n; ++i) { + res[i] = lhs[i] + rhs[i]; + } +} + +void f(void) { + int a[100]; + add(100, a, a, a); /* Undefined behavior */ +} +``` +**Compliant Solution** + +In this compliant solution, an unmodified object is aliased through two restricted pointers. Because `a` and `b` are disjoint arrays, a call of the form `add(100, a, b, b)` has defined behavior, because array `b` is not modified within function `add`. + +```cpp +#include +void add(size_t n, int *restrict res, const int *restrict lhs, + const int *restrict rhs) { + for (size_t i = 0; i < n; ++i) { + res[i] = lhs[i] + rhs[i]; + } +} + +void f(void) { + int a[100]; + int b[100]; + add(100, a, b, b); /* Defined behavior */ +} +``` + +## Invoking Library Functions with restrict-Qualified Pointers + +Ensure that `restrict`-qualified source and destination pointers do not reference overlapping objects when invoking library functions. For example, the following table lists C standard library functions that copy memory from a source object referenced by a `restrict`-qualified pointer to a destination object that is also referenced by a `restrict`-qualified pointer: + +
Standard C Annex K
strcpy() strcpy_s()
strncpy() strncpy_s()
strcat() strcat_s()
strncat() strncat_s()
memcpy() memcpy_s()
strtok_s()
+If the objects referenced by arguments to functions overlap (meaning the objects share some common memory addresses), the behavior is [undefined](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). (See also [undefined behavior 68](https://wiki.sei.cmu.edu/confluence/display/c/CC.+Undefined+Behavior#CC.UndefinedBehavior-ub_68).) The result of the functions is unknown, and data may be corrupted. As a result, these functions must never be passed pointers to overlapping objects. If data must be copied between objects that share common memory addresses, a copy function guaranteed to work on overlapping memory, such as `memmove()`, should be used. + + +**Noncompliant Code Example** + +In this noncompliant code example, the values of objects referenced by `ptr1` and `ptr2` become unpredictable after the call to `memcpy()` because their memory areas overlap: + +```cpp +#include + +void func(void) { + char c_str[]= "test string"; + char *ptr1 = c_str; + char *ptr2; + + ptr2 = ptr1 + 3; + /* Undefined behavior because of overlapping objects */ + memcpy(ptr2, ptr1, 6); + /* ... */ +} +``` +**Compliant Solution** + +In this compliant solution, the call to `memcpy()` is replaced with a call to `memmove()`. The `memmove()` function performs the same operation as `memcpy()` when the memory regions do not overlap. When the memory regions do overlap, the *n* characters from the object pointed to by the source (`ptr1`) are first copied into a temporary array of *n* characters that does not overlap the objects pointed to by the destination (`ptr2`) or the source. The *n* characters from the temporary array are then copied into the object pointed to by the destination. + +```cpp +#include + +void func(void) { + char c_str[]= "test string"; + char *ptr1 = c_str; + char *ptr2; + + ptr2 = ptr1 + 3; + memmove(ptr2, ptr1, 6); /* Replace call to memcpy() */ + /* ... */ +} +``` +Similar solutions using `memmove()` can replace the string functions as long as care is taken regarding the byte size of the characters and proper null-termination of the copied string. + +## Calling Functions with restrict-Qualified Pointer to a const-Qualified Type + +Ensure that functions that accept a `restrict`-qualified pointer to a `const`-qualified type do not modify the object referenced by that pointer. Formatted input and output standard library functions frequently fit this description. The following table lists of some of the common functions for which the format argument is a `restrict`-qualified pointer to a `const`-qualified type. + +
Standard C Annex K
printf() printf_s()
scanf() scanf_s()
sprintf() sprintf_s()
snprintf() snprintf_s()
+For formatted output functions such as `printf()`, it is unlikely that a programmer would modify the format string. However, an attacker may attempt to do so if a program violates [FIO30-C. Exclude user input from format strings](https://wiki.sei.cmu.edu/confluence/display/c/FIO30-C.+Exclude+user+input+from+format+strings) and passes tainted values as part of the format string. + + +**Noncompliant Code Example** + +In this noncompliant code example, the programmer is attempting to overwrite the format string with a string value read in from `stdin` such as `"%d%f 1 3.3"` and use the resulting modified string of `"%s%d%f"` to input the subsequent values of `1` and `3.3`: + +```cpp +#include + +void func(void) { + int i; + float x; + char format[100] = "%s"; + /* Undefined behavior */ + int n = scanf(format, format + 2, &i, &x); + /* ... */ +} +``` +**Compliant Solution** + +The intended results are achieved by this compliant solution: + +```cpp +#include + +void func(void) { + int i; + float x; + int n = scanf("%d%f", &i, &x); /* Defined behavior */ + /* ... */ +} +``` + +## Outer-to-Inner Assignments between Restricted Pointers + +The assignment between `restrict`-qualified pointers declared in an inner nested block from an outer block has defined behavior. + +**Noncompliant Code Example** + +The assignment of `restrict`-qualified pointers to other `restrict`-qualified pointers within the same block has [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior): + +```cpp +void func(void) { + int *restrict p1; + int *restrict q1; + + int *restrict p2 = p1; /* Undefined behavior */ + int *restrict q2 = q1; /* Undefined behavior */ + } +``` +**Compliant Solution** + +The intended results can be achieved using an inner nested block, as shown in this compliant solution: + +```cpp +void func(void) { + int *restrict p1; + int *restrict q1; + { /* Added inner block */ + int *restrict p2 = p1; /* Valid, well-defined behavior */ + int *restrict q2 = q1; /* Valid, well-defined behavior */ + } +} +``` + +## Risk Assessment + +The incorrect use of `restrict`-qualified pointers can result in [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior) that might be [exploited](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) to cause data integrity violations. + +
Rule Severity Likelihood Remediation Cost Priority Level
EXP43-C Medium Probable High P4 L3
+ + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+EXP43-C). + +## Automated Detection + +
Tool Version Checker Description
Astrée 22.04 restrict Supported indirectly via MISRA C 2012 Rule 8.14.
CodeSonar 7.2p0 LANG.TYPE.RESTRICT Restrict qualifier used
Coverity 2017.07 MISRA C 2012 Rule 8.14 Partially implemented
GCC 8.1 -Wrestrict Fully implemented
Helix QAC 2022.4 C1057
Klocwork 2022.4 MISRA.TYPE.RESTRICT.QUAL.2012
LDRA tool suite 9.7.1 480 S, 489 S, 613 S Enhanced enforcement
Parasoft C/C++test 2022.2 CERT_C-EXP43-a The restrict type qualifier shall not be used
PC-lint Plus 1.4 586 Assistance provided: reports use of the restrict keyword
Polyspace Bug Finder R2022b CERT C: Rule EXP43-C Checks for copy of overlapping memory (rule partially covered)
PRQA QA-C 9.7 1057
RuleChecker 22.04 restrict Supported indirectly via MISRA C 2012 Rule 8.14.
SonarQube C/C++ Plugin 3.11 S1836 Implements MISRA C:2012 Rule 8.14 to flag uses of restrict
+ + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
Taxonomy Taxonomy item Relationship
CERT C Secure Coding Standard FIO30-C. Exclude user input from format strings Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TR 24772:2013 Passing Parameters and Return Values \[CSJ\] Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TS 17961 Passing pointers into the same object as arguments to different restrict-qualified parameters \[restrict\] Prior to 2018-01-12: CERT: Unspecified Relationship
MISRA C:2012 Rule 8.14 (required) 1 Prior to 2018-01-12: CERT: Unspecified Relationship
+1. MISRA Rule 8.14 prohibits the use of the restrict keyword except in C standard library functions. + + +## Bibliography + +
\[ ISO/IEC 9899:2011 \] 6.7.3.1, "Formal Definition of restrict "
\[ Walls 2006 \]
+ + +## Implementation notes + +None + +## References + +* CERT-C: [EXP43-C: Avoid undefined behavior when using restrict-qualified pointers](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql b/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql new file mode 100644 index 0000000000..37d2575bfe --- /dev/null +++ b/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql @@ -0,0 +1,75 @@ +/** + * @id c/cert/restrict-pointer-references-overlapping-object + * @name EXP43-C: Do not assign the value of a restrict-qualified pointer to another restrict-qualified pointer. + * @description Restrict qualified pointers referencing overlapping objects is undefined behavior. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/cert/id/exp43-c + * correctness + * external/cert/obligation/rule + */ + +import cpp +import semmle.code.cpp.dataflow.DataFlow +import semmle.code.cpp.controlflow.Dominance +import codingstandards.c.cert + +/** + * An `Expr` that is an assignment or initialization to a restrict-qualified pointer-type variable. + */ +class AssignmentOrInitializationToRestrictPtrValueExpr extends Expr { + Variable v; + + AssignmentOrInitializationToRestrictPtrValueExpr() { + this = v.getAnAssignedValue() and + v.getType().hasSpecifier("restrict") + } + + Variable getVariable() { result = v } +} + +/** + * Returns the target variable of a `VariableAccess`. + * If the access is a field access, then the target is the `Variable` of the qualifier. + */ +Variable getAddressOfExprTargetBase(AddressOfExpr expr) { + result = expr.getOperand().(ValueFieldAccess).getQualifier().(VariableAccess).getTarget() + or + result = expr.getOperand().(VariableAccess).getTarget() +} + +from + AssignmentOrInitializationToRestrictPtrValueExpr source, + AssignmentOrInitializationToRestrictPtrValueExpr expr, + AssignmentOrInitializationToRestrictPtrValueExpr pre_expr +where + not isExcluded(expr, Pointers3Package::restrictPointerReferencesOverlappingObjectQuery()) and + ( + // If the same expressions flows to two unique `AssignmentOrInitializationToRestrictPtrValueExpr` + // in the same block, then the two variables point to the same (overlapping) object + expr.getEnclosingBlock() = pre_expr.getEnclosingBlock() and + strictlyDominates(pre_expr, expr) and + ( + dominates(source, pre_expr) and + DataFlow::localExprFlow(source, expr) and + DataFlow::localExprFlow(source, pre_expr) + or + // Expressions referring to the address of the same variable can also result in aliasing + getAddressOfExprTargetBase(expr) = getAddressOfExprTargetBase(pre_expr) and + source = + any(AddressOfExpr ao | getAddressOfExprTargetBase(ao) = getAddressOfExprTargetBase(expr)) + ) and + // But only if there is no intermediate assignment that could change the value of one of the variables + not exists(AssignmentOrInitializationToRestrictPtrValueExpr mid | + strictlyDominates(mid, expr) and + strictlyDominates(pre_expr, mid) and + not DataFlow::localExprFlow(source, mid) + ) + or + // Two restrict-qualified pointers in the same scope assigned to each other + expr.getVariable().getType().hasSpecifier("restrict") and + expr.(VariableAccess).getTarget().getType().hasSpecifier("restrict") and + expr.(VariableAccess).getTarget().getParentScope() = expr.getVariable().getParentScope() + ) +select expr, "Restrict qualified pointers referencing overlapping objects is undefined behavior." diff --git a/c/cert/test/rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.expected b/c/cert/test/rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.expected new file mode 100644 index 0000000000..61aaf6b4ce --- /dev/null +++ b/c/cert/test/rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.expected @@ -0,0 +1,5 @@ +| test.c:53:3:53:6 | call to copy | Call to 'copy' passes an aliased pointer to a restrict-qualified parameter. | +| test.c:58:3:58:6 | call to copy | Call to 'copy' passes an aliased pointer to a restrict-qualified parameter. | +| test.c:64:3:64:8 | call to strcpy | Call to 'strcpy' passes an aliased pointer to a restrict-qualified parameter. | +| test.c:71:3:71:8 | call to memcpy | Call to 'memcpy' passes an aliased pointer to a restrict-qualified parameter. | +| test.c:84:3:84:7 | call to scanf | Call to 'scanf' passes an aliased pointer to a restrict-qualified parameter. | diff --git a/c/cert/test/rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.qlref b/c/cert/test/rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.qlref new file mode 100644 index 0000000000..937021c550 --- /dev/null +++ b/c/cert/test/rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.qlref @@ -0,0 +1 @@ +rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.ql \ No newline at end of file diff --git a/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected b/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected new file mode 100644 index 0000000000..0254ab7c02 --- /dev/null +++ b/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected @@ -0,0 +1,6 @@ +| test.c:16:22:16:23 | i2 | Restrict qualified pointers referencing overlapping objects is undefined behavior. | +| test.c:17:8:17:9 | g2 | Restrict qualified pointers referencing overlapping objects is undefined behavior. | +| test.c:18:8:18:9 | i2 | Restrict qualified pointers referencing overlapping objects is undefined behavior. | +| test.c:26:10:26:11 | g1 | Restrict qualified pointers referencing overlapping objects is undefined behavior. | +| test.c:33:22:33:26 | & ... | Restrict qualified pointers referencing overlapping objects is undefined behavior. | +| test.c:40:10:40:14 | & ... | Restrict qualified pointers referencing overlapping objects is undefined behavior. | diff --git a/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.qlref b/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.qlref new file mode 100644 index 0000000000..81043b56c2 --- /dev/null +++ b/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.qlref @@ -0,0 +1 @@ +rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql \ No newline at end of file diff --git a/c/cert/test/rules/EXP43-C/test.c b/c/cert/test/rules/EXP43-C/test.c index 8527f7ce84..31f179a64c 100644 --- a/c/cert/test/rules/EXP43-C/test.c +++ b/c/cert/test/rules/EXP43-C/test.c @@ -1,15 +1,44 @@ #include +#include #include int *restrict g1; int *restrict g2; +struct s1 { + int x, y, z; +}; +struct s1 v1; + void test_global_local() { int *restrict i1 = g1; // COMPLIANT int *restrict i2 = g2; // COMPLIANT int *restrict i3 = i2; // NON_COMPLIANT g1 = g2; // NON_COMPLIANT i1 = i2; // NON_COMPLIANT + { + int *restrict i4; + int *restrict i5; + int *restrict i6; + i4 = g1; // COMPLIANT + i4 = (void *)0; // COMPLIANT + i5 = g1; // COMPLIANT + i4 = g1; // NON_COMPLIANT + i6 = g2; // COMPLIANT + } +} + +void test_structs() { + struct s1 *restrict p1 = &v1; + int *restrict px = &v1.x; // NON_COMPLIANT + { + int *restrict py; + int *restrict pz; + py = &v1.y; // COMPLIANT + py = (int *)0; + pz = &v1.z; // COMPLIANT + py = &v1.y; // NON_COMPLIANT + } } void copy(int *restrict p1, int *restrict p2, size_t s) { @@ -25,8 +54,8 @@ void test_restrict_params() { copy(&i1, &i2, 1); // COMPLIANT int x[10]; - copy(x[0], x[1], 1); // COMPLIANT - non overlapping - copy(x[0], x[1], 2); // NON_COMPLIANT - overlapping + copy(&x[0], &x[1], 1); // COMPLIANT - non overlapping + copy(&x[0], &x[1], 2); // NON_COMPLIANT - overlapping } void test_strcpy() { @@ -36,13 +65,6 @@ void test_strcpy() { strcpy(&s2, &s1); // COMPLIANT } -void test_strcpy_s() { - char s1[] = "my test string"; - char s2[] = "my other string"; - strcpy_s(&s1, &s1 + 3); // NON_COMPLIANT - strcpy_s(&s2, sizeof(s2), &s1); // COMPLIANT -} - void test_memcpy() { char s1[] = "my test string"; char s2[] = "my other string"; @@ -50,23 +72,16 @@ void test_memcpy() { memcpy(&s2, &s1 + 3, 5); // COMPLIANT } -void test_memcpy_s() { - char s1[] = "my test string"; - char s2[] = "my other string"; - memcpy_s(&s1, sizeof(s1), &s1 + 3, 5); // NON_COMPLIANT - memcpy_s(&s2, sizeof(s2), &s1 + 3, 5); // COMPLIANT -} - void test_memmove() { char s1[] = "my test string"; char s2[] = "my other string"; - memmove(&s1, &s1 + 3, 5); // COMPLIANT + memmove(&s1, &s1 + 3, 5); // COMPLIANT - memmove is allowed to overlap memmove(&s2, &s1 + 3, 5); // COMPLIANT } void test_scanf() { char s1[200] = "%10s"; - scanf(&s2, &s2 + 4); // NON_COMPLIANT + scanf(&s1, &s1 + 4); // NON_COMPLIANT } // TODO also consider the following: diff --git a/c/common/src/codingstandards/c/Pointers.qll b/c/common/src/codingstandards/c/Pointers.qll index 87ade425e1..4b4e46a138 100644 --- a/c/common/src/codingstandards/c/Pointers.qll +++ b/c/common/src/codingstandards/c/Pointers.qll @@ -5,6 +5,47 @@ import cpp import codingstandards.cpp.Type +/** + * An expression which performs pointer arithmetic + */ +abstract class PointerArithmeticExpr extends Expr { + abstract Expr getPointer(); + + abstract Expr getOperand(); +} + +/** + * A pointer arithmetic binary operation expression. + */ +class SimplePointerArithmeticExpr extends PointerArithmeticExpr, PointerArithmeticOperation { + override Expr getPointer() { result = this.getLeftOperand() } + + override Expr getOperand() { result = this.getRightOperand() } +} + +/** + * A pointer arithmetic assignment expression. + */ +class AssignPointerArithmeticExpr extends PointerArithmeticExpr, AssignOperation { + AssignPointerArithmeticExpr() { + this instanceof AssignPointerAddExpr or + this instanceof AssignPointerSubExpr + } + + override Expr getPointer() { result = this.getLValue() } + + override Expr getOperand() { result = this.getRValue() } +} + +/** + * A pointer arithmetic array access expression. + */ +class ArrayPointerArithmeticExpr extends PointerArithmeticExpr, ArrayExpr { + override Expr getPointer() { result = this.getArrayBase() } + + override Expr getOperand() { result = this.getArrayOffset() } +} + /** * A null pointer constant, which is either in the form `NULL` or `(void *)0`. */ diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers3.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers3.qll index 9c4741f620..0ca6ae2b80 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers3.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers3.qll @@ -7,7 +7,8 @@ newtype Pointers3Query = TDoNotAccessVolatileObjectWithNonVolatileReferenceQuery() or TDoNotCastPointerToMoreStrictlyAlignedPointerTypeQuery() or TDoNotAccessVariableViaPointerOfIncompatibleTypeQuery() or - TUndefinedBehaviorWithRestrictQualifiedPointersQuery() + TDoNotPassAlisedPointerToRestrictQualifiedParameterQuery() or + TRestrictPointerReferencesOverlappingObjectQuery() predicate isPointers3QueryMetadata(Query query, string queryId, string ruleId) { query = @@ -35,11 +36,19 @@ predicate isPointers3QueryMetadata(Query query, string queryId, string ruleId) { ruleId = "EXP39-C" or query = - // `Query` instance for the `undefinedBehaviorWithRestrictQualifiedPointers` query - Pointers3Package::undefinedBehaviorWithRestrictQualifiedPointersQuery() and + // `Query` instance for the `doNotPassAlisedPointerToRestrictQualifiedParameter` query + Pointers3Package::doNotPassAlisedPointerToRestrictQualifiedParameterQuery() and queryId = - // `@id` for the `undefinedBehaviorWithRestrictQualifiedPointers` query - "c/cert/undefined-behavior-with-restrict-qualified-pointers" and + // `@id` for the `doNotPassAlisedPointerToRestrictQualifiedParameter` query + "c/cert/do-not-pass-alised-pointer-to-restrict-qualified-parameter" and + ruleId = "EXP43-C" + or + query = + // `Query` instance for the `restrictPointerReferencesOverlappingObject` query + Pointers3Package::restrictPointerReferencesOverlappingObjectQuery() and + queryId = + // `@id` for the `restrictPointerReferencesOverlappingObject` query + "c/cert/restrict-pointer-references-overlapping-object" and ruleId = "EXP43-C" } @@ -65,10 +74,17 @@ module Pointers3Package { TQueryC(TPointers3PackageQuery(TDoNotAccessVariableViaPointerOfIncompatibleTypeQuery())) } - Query undefinedBehaviorWithRestrictQualifiedPointersQuery() { + Query doNotPassAlisedPointerToRestrictQualifiedParameterQuery() { + //autogenerate `Query` type + result = + // `Query` type for `doNotPassAlisedPointerToRestrictQualifiedParameter` query + TQueryC(TPointers3PackageQuery(TDoNotPassAlisedPointerToRestrictQualifiedParameterQuery())) + } + + Query restrictPointerReferencesOverlappingObjectQuery() { //autogenerate `Query` type result = - // `Query` type for `undefinedBehaviorWithRestrictQualifiedPointers` query - TQueryC(TPointers3PackageQuery(TUndefinedBehaviorWithRestrictQualifiedPointersQuery())) + // `Query` type for `restrictPointerReferencesOverlappingObject` query + TQueryC(TPointers3PackageQuery(TRestrictPointerReferencesOverlappingObjectQuery())) } } diff --git a/rule_packages/c/Pointers3.json b/rule_packages/c/Pointers3.json index 41c1496672..b05faf289c 100644 --- a/rule_packages/c/Pointers3.json +++ b/rule_packages/c/Pointers3.json @@ -66,12 +66,23 @@ }, "queries": [ { - "description": "", + "description": "Passing an aliased pointer to a restrict-qualified parameter is undefined behavior.", "kind": "problem", - "name": "Avoid undefined behavior when using restrict-qualified pointers", - "precision": "very-high", + "name": "Do not pass aliased pointers to restrict-qualified parameters", + "precision": "medium", "severity": "error", - "short_name": "UndefinedBehaviorWithRestrictQualifiedPointers", + "short_name": "DoNotPassAlisedPointerToRestrictQualifiedParameter", + "tags": [ + "correctness" + ] + }, + { + "description": "Restrict qualified pointers referencing overlapping objects is undefined behavior.", + "kind": "problem", + "name": "Do not assign the value of a restrict-qualified pointer to another restrict-qualified pointer.", + "precision": "high", + "severity": "error", + "short_name": "RestrictPointerReferencesOverlappingObject", "tags": [ "correctness" ] From 72e9fd66061ad263906a2b7a6e7f64cba10687ca Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Fri, 27 Jan 2023 02:46:23 +0100 Subject: [PATCH 0323/2573] Update RuleMetadata.qll --- .../src/codingstandards/cpp/exclusions/c/RuleMetadata.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index e97b5722a9..91732455ea 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -118,7 +118,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isMiscQueryMetadata(query, queryId, ruleId, category) or isPointers1QueryMetadata(query, queryId, ruleId, category) or isPointers2QueryMetadata(query, queryId, ruleId, category) or - isPointers3QueryMetadata(query, queryId, ruleId) or + isPointers3QueryMetadata(query, queryId, ruleId, category) or isPreprocessor1QueryMetadata(query, queryId, ruleId, category) or isPreprocessor2QueryMetadata(query, queryId, ruleId, category) or isPreprocessor3QueryMetadata(query, queryId, ruleId, category) or From 0e9df1ea4097081d822a9cb32caef3d557e52317 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Fri, 27 Jan 2023 02:47:37 +0100 Subject: [PATCH 0324/2573] Update test.c --- c/cert/test/rules/EXP39-C/test.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/c/cert/test/rules/EXP39-C/test.c b/c/cert/test/rules/EXP39-C/test.c index 8647163ea0..5ae4bbe35b 100644 --- a/c/cert/test/rules/EXP39-C/test.c +++ b/c/cert/test/rules/EXP39-C/test.c @@ -17,7 +17,8 @@ void test_incompatible_arithmetic() { // char may be signed or unsigned, and so is not compatible with either char c1; (signed char *)&c1; // NON_COMPLIANT - (unsigned char *)&c1; // COMPLIANT - the underlying byte representation is always compatible + (unsigned char *)&c1; // COMPLIANT - the underlying byte representation is + // always compatible (char *)&c1; // COMPLIANT - same type // int is defined as signed, so is compatible with all the signed versions @@ -32,13 +33,13 @@ void test_incompatible_arithmetic() { struct { int a; -} * s1; +} *s1; struct { int a; -} * s2; +} *s2; struct S1 { int a; -} * s3; +} *s3; struct S1 *s4; // TODO test across files From 7bb56655e7be64276660e0c0be7ffcb7c81357c3 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Fri, 27 Jan 2023 02:51:35 +0100 Subject: [PATCH 0325/2573] Regenerate Pointers3 package files --- ...estrictPointerReferencesOverlappingObject.md | 2 +- ...estrictPointerReferencesOverlappingObject.ql | 2 +- .../cpp/exclusions/c/Pointers3.qll | 17 +++++++++++------ rule_packages/c/Pointers3.json | 2 +- 4 files changed, 14 insertions(+), 9 deletions(-) diff --git a/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.md b/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.md index 3fef1b9e33..f5ab3886a0 100644 --- a/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.md +++ b/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.md @@ -1,4 +1,4 @@ -# EXP43-C: Do not assign the value of a restrict-qualified pointer to another restrict-qualified pointer. +# EXP43-C: Do not assign the value of a restrict-qualified pointer to another restrict-qualified pointer This query implements the CERT-C rule EXP43-C: diff --git a/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql b/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql index 37d2575bfe..20f724f7ef 100644 --- a/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql +++ b/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql @@ -1,6 +1,6 @@ /** * @id c/cert/restrict-pointer-references-overlapping-object - * @name EXP43-C: Do not assign the value of a restrict-qualified pointer to another restrict-qualified pointer. + * @name EXP43-C: Do not assign the value of a restrict-qualified pointer to another restrict-qualified pointer * @description Restrict qualified pointers referencing overlapping objects is undefined behavior. * @kind problem * @precision high diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers3.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers3.qll index 0ca6ae2b80..8cfc140f99 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers3.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers3.qll @@ -10,14 +10,15 @@ newtype Pointers3Query = TDoNotPassAlisedPointerToRestrictQualifiedParameterQuery() or TRestrictPointerReferencesOverlappingObjectQuery() -predicate isPointers3QueryMetadata(Query query, string queryId, string ruleId) { +predicate isPointers3QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `doNotAccessVolatileObjectWithNonVolatileReference` query Pointers3Package::doNotAccessVolatileObjectWithNonVolatileReferenceQuery() and queryId = // `@id` for the `doNotAccessVolatileObjectWithNonVolatileReference` query "c/cert/do-not-access-volatile-object-with-non-volatile-reference" and - ruleId = "EXP32-C" + ruleId = "EXP32-C" and + category = "rule" or query = // `Query` instance for the `doNotCastPointerToMoreStrictlyAlignedPointerType` query @@ -25,7 +26,8 @@ predicate isPointers3QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `doNotCastPointerToMoreStrictlyAlignedPointerType` query "c/cert/do-not-cast-pointer-to-more-strictly-aligned-pointer-type" and - ruleId = "EXP36-C" + ruleId = "EXP36-C" and + category = "rule" or query = // `Query` instance for the `doNotAccessVariableViaPointerOfIncompatibleType` query @@ -33,7 +35,8 @@ predicate isPointers3QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `doNotAccessVariableViaPointerOfIncompatibleType` query "c/cert/do-not-access-variable-via-pointer-of-incompatible-type" and - ruleId = "EXP39-C" + ruleId = "EXP39-C" and + category = "rule" or query = // `Query` instance for the `doNotPassAlisedPointerToRestrictQualifiedParameter` query @@ -41,7 +44,8 @@ predicate isPointers3QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `doNotPassAlisedPointerToRestrictQualifiedParameter` query "c/cert/do-not-pass-alised-pointer-to-restrict-qualified-parameter" and - ruleId = "EXP43-C" + ruleId = "EXP43-C" and + category = "rule" or query = // `Query` instance for the `restrictPointerReferencesOverlappingObject` query @@ -49,7 +53,8 @@ predicate isPointers3QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `restrictPointerReferencesOverlappingObject` query "c/cert/restrict-pointer-references-overlapping-object" and - ruleId = "EXP43-C" + ruleId = "EXP43-C" and + category = "rule" } module Pointers3Package { diff --git a/rule_packages/c/Pointers3.json b/rule_packages/c/Pointers3.json index b05faf289c..c8188b38aa 100644 --- a/rule_packages/c/Pointers3.json +++ b/rule_packages/c/Pointers3.json @@ -79,7 +79,7 @@ { "description": "Restrict qualified pointers referencing overlapping objects is undefined behavior.", "kind": "problem", - "name": "Do not assign the value of a restrict-qualified pointer to another restrict-qualified pointer.", + "name": "Do not assign the value of a restrict-qualified pointer to another restrict-qualified pointer", "precision": "high", "severity": "error", "short_name": "RestrictPointerReferencesOverlappingObject", From 6d25cd6c1bc1b7dbe58519b58f7e9c60a906b529 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Fri, 27 Jan 2023 03:05:20 +0100 Subject: [PATCH 0326/2573] Update test.c --- c/cert/test/rules/EXP39-C/test.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/c/cert/test/rules/EXP39-C/test.c b/c/cert/test/rules/EXP39-C/test.c index 5ae4bbe35b..60a0a428c7 100644 --- a/c/cert/test/rules/EXP39-C/test.c +++ b/c/cert/test/rules/EXP39-C/test.c @@ -33,13 +33,13 @@ void test_incompatible_arithmetic() { struct { int a; -} *s1; +} * s1; struct { int a; -} *s2; +} * s2; struct S1 { int a; -} *s3; +} * s3; struct S1 *s4; // TODO test across files From 23961bc3756f8b7688a4d4c76250032f7460a545 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Fri, 27 Jan 2023 03:11:26 +0100 Subject: [PATCH 0327/2573] Correct whitespace in rule help files (regen package) --- .../EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.md | 1 - .../EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.md | 1 - .../EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.md | 1 - .../DoNotPassAlisedPointerToRestrictQualifiedParameter.md | 1 - .../rules/EXP43-C/RestrictPointerReferencesOverlappingObject.md | 1 - 5 files changed, 5 deletions(-) diff --git a/c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.md b/c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.md index 11f8566e5c..aa2dc7036a 100644 --- a/c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.md +++ b/c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.md @@ -5,7 +5,6 @@ This query implements the CERT-C rule EXP32-C: > Do not access a volatile object through a nonvolatile reference - ## Description An object that has volatile-qualified type may be modified in ways unknown to the [implementation](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation) or have other unknown [side effects](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-sideeffect). Referencing a volatile object by using a non-volatile lvalue is [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). The C Standard, 6.7.3 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\], states diff --git a/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.md b/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.md index 8c56801e01..4a682f4afe 100644 --- a/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.md +++ b/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.md @@ -5,7 +5,6 @@ This query implements the CERT-C rule EXP36-C: > Do not cast pointers into more strictly aligned pointer types - ## Description Do not convert a pointer value to a pointer type that is more strictly aligned than the referenced type. Different alignments are possible for different types of objects. If the type-checking system is overridden by an explicit cast or the pointer is converted to a void pointer (`void *`) and then to a different type, the alignment of an object may be changed. diff --git a/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.md b/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.md index 8d8b132c4d..cd01c4282e 100644 --- a/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.md +++ b/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.md @@ -5,7 +5,6 @@ This query implements the CERT-C rule EXP39-C: > Do not access a variable through a pointer of an incompatible type - ## Description Modifying a variable through a pointer of an incompatible type (other than `unsigned char`) can lead to unpredictable results. Subclause 6.2.7 of the C Standard states that two types may be distinct yet compatible and addresses precisely when two distinct types are compatible. diff --git a/c/cert/src/rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.md b/c/cert/src/rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.md index 827aad74c0..855f7ce963 100644 --- a/c/cert/src/rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.md +++ b/c/cert/src/rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.md @@ -5,7 +5,6 @@ This query implements the CERT-C rule EXP43-C: > Avoid undefined behavior when using restrict-qualified pointers - ## Description An object that is accessed through a `restrict`-qualified pointer has a special association with that pointer. This association requires that all accesses to that object use, directly or indirectly, the value of that particular pointer. The intended use of the restrict qualifier is to promote optimization, and deleting all instances of the qualifier from a program does not change its meaning (that is, observable behavior). In the absence of this qualifier, other pointers can alias this object. Caching the value in an object designated through a `restrict`-qualified pointer is safe at the beginning of the block in which the pointer is declared because no preexisting aliases may also be used to reference that object. The cached value must be restored to the object by the end of the block, where preexisting aliases again become available. New aliases may be formed within the block, but these must all depend on the value of the `restrict`-qualified pointer so that they can be identified and adjusted to refer to the cached value. For a `restrict`-qualified pointer at file scope, the block is the body of each function in the file \[[Walls 2006](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography)\]. Developers should be aware that C++ does not support the `restrict` qualifier, but some C++ compiler implementations support an equivalent qualifier as an extension. diff --git a/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.md b/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.md index f5ab3886a0..ce02712b72 100644 --- a/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.md +++ b/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.md @@ -5,7 +5,6 @@ This query implements the CERT-C rule EXP43-C: > Avoid undefined behavior when using restrict-qualified pointers - ## Description An object that is accessed through a `restrict`-qualified pointer has a special association with that pointer. This association requires that all accesses to that object use, directly or indirectly, the value of that particular pointer. The intended use of the restrict qualifier is to promote optimization, and deleting all instances of the qualifier from a program does not change its meaning (that is, observable behavior). In the absence of this qualifier, other pointers can alias this object. Caching the value in an object designated through a `restrict`-qualified pointer is safe at the beginning of the block in which the pointer is declared because no preexisting aliases may also be used to reference that object. The cached value must be restored to the object by the end of the block, where preexisting aliases again become available. New aliases may be formed within the block, but these must all depend on the value of the `restrict`-qualified pointer so that they can be identified and adjusted to refer to the cached value. For a `restrict`-qualified pointer at file scope, the block is the body of each function in the file \[[Walls 2006](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography)\]. Developers should be aware that C++ does not support the `restrict` qualifier, but some C++ compiler implementations support an equivalent qualifier as an extension. From e2e6590865a39417ea58ff0a85fa70fca7ef744b Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Fri, 27 Jan 2023 03:26:11 +0100 Subject: [PATCH 0328/2573] Update EXP43-C message and expected output --- .../RestrictPointerReferencesOverlappingObject.ql | 3 ++- ...strictPointerReferencesOverlappingObject.expected | 12 ++++++------ 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql b/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql index 20f724f7ef..851fbcebaa 100644 --- a/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql +++ b/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql @@ -72,4 +72,5 @@ where expr.(VariableAccess).getTarget().getType().hasSpecifier("restrict") and expr.(VariableAccess).getTarget().getParentScope() = expr.getVariable().getParentScope() ) -select expr, "Restrict qualified pointers referencing overlapping objects is undefined behavior." +select expr, "Assignment to restrict-qualified pointer $@ results in pointer aliasing.", + expr.getVariable(), expr.getVariable().getName() diff --git a/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected b/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected index 0254ab7c02..34fe741bd5 100644 --- a/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected +++ b/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected @@ -1,6 +1,6 @@ -| test.c:16:22:16:23 | i2 | Restrict qualified pointers referencing overlapping objects is undefined behavior. | -| test.c:17:8:17:9 | g2 | Restrict qualified pointers referencing overlapping objects is undefined behavior. | -| test.c:18:8:18:9 | i2 | Restrict qualified pointers referencing overlapping objects is undefined behavior. | -| test.c:26:10:26:11 | g1 | Restrict qualified pointers referencing overlapping objects is undefined behavior. | -| test.c:33:22:33:26 | & ... | Restrict qualified pointers referencing overlapping objects is undefined behavior. | -| test.c:40:10:40:14 | & ... | Restrict qualified pointers referencing overlapping objects is undefined behavior. | +| test.c:16:22:16:23 | i2 | Assignment to restrict-qualified pointer $@ results in pointer aliasing. | test.c:16:17:16:18 | i3 | i3 | +| test.c:17:8:17:9 | g2 | Assignment to restrict-qualified pointer $@ results in pointer aliasing. | test.c:5:15:5:16 | g1 | g1 | +| test.c:18:8:18:9 | i2 | Assignment to restrict-qualified pointer $@ results in pointer aliasing. | test.c:14:17:14:18 | i1 | i1 | +| test.c:26:10:26:11 | g1 | Assignment to restrict-qualified pointer $@ results in pointer aliasing. | test.c:20:19:20:20 | i4 | i4 | +| test.c:33:22:33:26 | & ... | Assignment to restrict-qualified pointer $@ results in pointer aliasing. | test.c:33:17:33:18 | px | px | +| test.c:40:10:40:14 | & ... | Assignment to restrict-qualified pointer $@ results in pointer aliasing. | test.c:35:19:35:20 | py | py | From 5f094084ca4b677f48f6fe8e72343b3f2577a68f Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Fri, 27 Jan 2023 14:11:50 +0100 Subject: [PATCH 0329/2573] Revert accidental change to EXP39-C and update .expected results --- ...essVariableViaPointerOfIncompatibleType.ql | 2 +- ...iableViaPointerOfIncompatibleType.expected | 92 +++++++++---------- 2 files changed, 47 insertions(+), 47 deletions(-) diff --git a/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql b/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql index 760603de6b..d9ef7e742c 100644 --- a/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql +++ b/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.cert -import semmle.code.cpp.ir.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import semmle.code.cpp.controlflow.Dominance import DataFlow::PathGraph diff --git a/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected b/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected index 0ba6202bf1..da5437e3bb 100644 --- a/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected +++ b/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected @@ -1,15 +1,15 @@ edges -| test.c:49:8:49:9 | s3 | test.c:50:8:50:9 | s1 | -| test.c:60:16:60:18 | E1A | test.c:61:16:61:17 | e1 | -| test.c:60:16:60:18 | E1A | test.c:65:10:65:12 | & ... | -| test.c:68:22:68:22 | v | test.c:68:41:68:41 | v | -| test.c:72:13:72:15 | & ... | test.c:68:22:68:22 | v | -| test.c:74:13:74:15 | & ... | test.c:68:22:68:22 | v | -| test.c:97:32:97:37 | call to malloc | test.c:98:40:98:41 | s2 | -| test.c:97:32:97:37 | call to malloc | test.c:98:40:98:41 | s2 | -| test.c:98:32:98:38 | call to realloc | test.c:99:3:99:4 | s3 | -| test.c:98:32:98:38 | call to realloc | test.c:100:10:100:11 | s3 | -| test.c:98:40:98:41 | s2 | test.c:98:32:98:38 | call to realloc | +| test.c:50:8:50:9 | s3 | test.c:51:8:51:9 | s1 | +| test.c:61:16:61:18 | E1A | test.c:62:16:62:17 | e1 | +| test.c:61:16:61:18 | E1A | test.c:66:10:66:12 | & ... | +| test.c:69:22:69:22 | v | test.c:69:41:69:41 | v | +| test.c:73:13:73:15 | & ... | test.c:69:22:69:22 | v | +| test.c:75:13:75:15 | & ... | test.c:69:22:69:22 | v | +| test.c:98:32:98:37 | call to malloc | test.c:99:40:99:41 | s2 | +| test.c:98:32:98:37 | call to malloc | test.c:99:40:99:41 | s2 | +| test.c:99:32:99:38 | call to realloc | test.c:100:3:100:4 | s3 | +| test.c:99:32:99:38 | call to realloc | test.c:101:10:101:11 | s3 | +| test.c:99:40:99:41 | s2 | test.c:99:32:99:38 | call to realloc | nodes | test.c:6:19:6:20 | & ... | semmle.label | & ... | | test.c:11:10:11:11 | & ... | semmle.label | & ... | @@ -17,44 +17,44 @@ nodes | test.c:15:17:15:19 | & ... | semmle.label | & ... | | test.c:19:18:19:20 | & ... | semmle.label | & ... | | test.c:20:20:20:22 | & ... | semmle.label | & ... | -| test.c:21:11:21:13 | & ... | semmle.label | & ... | -| test.c:26:17:26:19 | & ... | semmle.label | & ... | -| test.c:27:10:27:12 | & ... | semmle.label | & ... | -| test.c:28:13:28:15 | & ... | semmle.label | & ... | -| test.c:29:19:29:21 | & ... | semmle.label | & ... | -| test.c:30:16:30:18 | & ... | semmle.label | & ... | -| test.c:47:8:47:9 | s2 | semmle.label | s2 | -| test.c:49:8:49:9 | s3 | semmle.label | s3 | -| test.c:49:8:49:9 | s3 | semmle.label | s3 | -| test.c:50:8:50:9 | s1 | semmle.label | s1 | -| test.c:60:16:60:18 | E1A | semmle.label | E1A | -| test.c:60:16:60:18 | E1A | semmle.label | E1A | -| test.c:61:16:61:17 | e1 | semmle.label | e1 | -| test.c:65:10:65:12 | & ... | semmle.label | & ... | -| test.c:68:22:68:22 | v | semmle.label | v | -| test.c:68:41:68:41 | v | semmle.label | v | -| test.c:72:13:72:15 | & ... | semmle.label | & ... | -| test.c:72:13:72:15 | & ... | semmle.label | & ... | -| test.c:74:13:74:15 | & ... | semmle.label | & ... | -| test.c:74:13:74:15 | & ... | semmle.label | & ... | -| test.c:97:32:97:37 | call to malloc | semmle.label | call to malloc | -| test.c:97:32:97:37 | call to malloc | semmle.label | call to malloc | -| test.c:98:32:98:38 | call to realloc | semmle.label | call to realloc | -| test.c:98:32:98:38 | call to realloc | semmle.label | call to realloc | -| test.c:98:32:98:38 | call to realloc | semmle.label | call to realloc | -| test.c:98:40:98:41 | s2 | semmle.label | s2 | -| test.c:98:40:98:41 | s2 | semmle.label | s2 | -| test.c:99:3:99:4 | s3 | semmle.label | s3 | -| test.c:100:10:100:11 | s3 | semmle.label | s3 | +| test.c:22:11:22:13 | & ... | semmle.label | & ... | +| test.c:27:17:27:19 | & ... | semmle.label | & ... | +| test.c:28:10:28:12 | & ... | semmle.label | & ... | +| test.c:29:13:29:15 | & ... | semmle.label | & ... | +| test.c:30:19:30:21 | & ... | semmle.label | & ... | +| test.c:31:16:31:18 | & ... | semmle.label | & ... | +| test.c:48:8:48:9 | s2 | semmle.label | s2 | +| test.c:50:8:50:9 | s3 | semmle.label | s3 | +| test.c:50:8:50:9 | s3 | semmle.label | s3 | +| test.c:51:8:51:9 | s1 | semmle.label | s1 | +| test.c:61:16:61:18 | E1A | semmle.label | E1A | +| test.c:61:16:61:18 | E1A | semmle.label | E1A | +| test.c:62:16:62:17 | e1 | semmle.label | e1 | +| test.c:66:10:66:12 | & ... | semmle.label | & ... | +| test.c:69:22:69:22 | v | semmle.label | v | +| test.c:69:41:69:41 | v | semmle.label | v | +| test.c:73:13:73:15 | & ... | semmle.label | & ... | +| test.c:73:13:73:15 | & ... | semmle.label | & ... | +| test.c:75:13:75:15 | & ... | semmle.label | & ... | +| test.c:75:13:75:15 | & ... | semmle.label | & ... | +| test.c:98:32:98:37 | call to malloc | semmle.label | call to malloc | +| test.c:98:32:98:37 | call to malloc | semmle.label | call to malloc | +| test.c:99:32:99:38 | call to realloc | semmle.label | call to realloc | +| test.c:99:32:99:38 | call to realloc | semmle.label | call to realloc | +| test.c:99:32:99:38 | call to realloc | semmle.label | call to realloc | +| test.c:99:40:99:41 | s2 | semmle.label | s2 | +| test.c:99:40:99:41 | s2 | semmle.label | s2 | +| test.c:100:3:100:4 | s3 | semmle.label | s3 | +| test.c:101:10:101:11 | s3 | semmle.label | s3 | subpaths #select | test.c:6:19:6:20 | & ... | test.c:6:19:6:20 | & ... | test.c:6:19:6:20 | & ... | Cast from float to int results in an incompatible pointer base type. | | test.c:11:10:11:11 | & ... | test.c:11:10:11:11 | & ... | test.c:11:10:11:11 | & ... | Cast from short[2] to int results in an incompatible pointer base type. | | test.c:13:17:13:19 | & ... | test.c:13:17:13:19 | & ... | test.c:13:17:13:19 | & ... | Cast from short[2] to short[4] results in an incompatible pointer base type. | | test.c:19:18:19:20 | & ... | test.c:19:18:19:20 | & ... | test.c:19:18:19:20 | & ... | Cast from char to signed char results in an incompatible pointer base type. | -| test.c:29:19:29:21 | & ... | test.c:29:19:29:21 | & ... | test.c:29:19:29:21 | & ... | Cast from int to unsigned int results in an incompatible pointer base type. | -| test.c:47:8:47:9 | s2 | test.c:47:8:47:9 | s2 | test.c:47:8:47:9 | s2 | Cast from struct to struct results in an incompatible pointer base type. | -| test.c:49:8:49:9 | s3 | test.c:49:8:49:9 | s3 | test.c:49:8:49:9 | s3 | Cast from S1 to struct results in an incompatible pointer base type. | -| test.c:50:8:50:9 | s1 | test.c:50:8:50:9 | s1 | test.c:50:8:50:9 | s1 | Cast from struct to S1 results in an incompatible pointer base type. | -| test.c:68:41:68:41 | v | test.c:72:13:72:15 | & ... | test.c:68:41:68:41 | v | Cast from float to int results in an incompatible pointer base type. | -| test.c:99:3:99:4 | s3 | test.c:98:40:98:41 | s2 | test.c:99:3:99:4 | s3 | Cast from S2 to S3 results in an incompatible pointer base type. | +| test.c:30:19:30:21 | & ... | test.c:30:19:30:21 | & ... | test.c:30:19:30:21 | & ... | Cast from int to unsigned int results in an incompatible pointer base type. | +| test.c:48:8:48:9 | s2 | test.c:48:8:48:9 | s2 | test.c:48:8:48:9 | s2 | Cast from struct to struct results in an incompatible pointer base type. | +| test.c:50:8:50:9 | s3 | test.c:50:8:50:9 | s3 | test.c:50:8:50:9 | s3 | Cast from S1 to struct results in an incompatible pointer base type. | +| test.c:51:8:51:9 | s1 | test.c:51:8:51:9 | s1 | test.c:51:8:51:9 | s1 | Cast from struct to S1 results in an incompatible pointer base type. | +| test.c:69:41:69:41 | v | test.c:73:13:73:15 | & ... | test.c:69:41:69:41 | v | Cast from float to int results in an incompatible pointer base type. | +| test.c:100:3:100:4 | s3 | test.c:99:40:99:41 | s2 | test.c:100:3:100:4 | s3 | Cast from S2 to S3 results in an incompatible pointer base type. | From d3f362410688dce2167f974284eab0ea184daaef Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Fri, 27 Jan 2023 17:23:30 +0100 Subject: [PATCH 0330/2573] Update qlpack name in query suites --- c/cert/src/codeql-suites/cert-default.qls | 2 +- c/misra/src/codeql-suites/misra-default.qls | 2 +- cpp/autosar/src/codeql-suites/autosar-advisory.qls | 2 +- cpp/autosar/src/codeql-suites/autosar-audit.qls | 2 +- cpp/autosar/src/codeql-suites/autosar-default.qls | 2 +- cpp/autosar/src/codeql-suites/autosar-required.qls | 2 +- .../src/codeql-suites/autosar-single-translation-unit.qls | 2 +- cpp/cert/src/codeql-suites/cert-default.qls | 2 +- cpp/cert/src/codeql-suites/cert-single-translation-unit.qls | 2 +- 9 files changed, 9 insertions(+), 9 deletions(-) diff --git a/c/cert/src/codeql-suites/cert-default.qls b/c/cert/src/codeql-suites/cert-default.qls index c8652930e9..7ad2fc1a99 100644 --- a/c/cert/src/codeql-suites/cert-default.qls +++ b/c/cert/src/codeql-suites/cert-default.qls @@ -1,5 +1,5 @@ - description: CERT C 2016 (Default) -- qlpack: cert-c-coding-standards +- qlpack: codeql/cert-c-coding-standards - include: kind: - problem diff --git a/c/misra/src/codeql-suites/misra-default.qls b/c/misra/src/codeql-suites/misra-default.qls index d32637556d..473232e741 100644 --- a/c/misra/src/codeql-suites/misra-default.qls +++ b/c/misra/src/codeql-suites/misra-default.qls @@ -1,5 +1,5 @@ - description: MISRA C 2012 (Default) -- qlpack: misra-c-coding-standards +- qlpack: codeql/misra-c-coding-standards - include: kind: - problem diff --git a/cpp/autosar/src/codeql-suites/autosar-advisory.qls b/cpp/autosar/src/codeql-suites/autosar-advisory.qls index 163de00856..6460375091 100644 --- a/cpp/autosar/src/codeql-suites/autosar-advisory.qls +++ b/cpp/autosar/src/codeql-suites/autosar-advisory.qls @@ -1,5 +1,5 @@ - description: AUTOSAR C++14 Guidelines 20-11 (Advisory) -- qlpack: autosar-cpp-coding-standards +- qlpack: codeql/autosar-cpp-coding-standards - include: kind: - problem diff --git a/cpp/autosar/src/codeql-suites/autosar-audit.qls b/cpp/autosar/src/codeql-suites/autosar-audit.qls index 6e77e82e77..25f4f1c41c 100644 --- a/cpp/autosar/src/codeql-suites/autosar-audit.qls +++ b/cpp/autosar/src/codeql-suites/autosar-audit.qls @@ -1,5 +1,5 @@ - description: AUTOSAR C++14 Guidelines 20-11 (Audit) -- qlpack: autosar-cpp-coding-standards +- qlpack: codeql/autosar-cpp-coding-standards - include: kind: - problem diff --git a/cpp/autosar/src/codeql-suites/autosar-default.qls b/cpp/autosar/src/codeql-suites/autosar-default.qls index 0296cc54f8..e57d0739d6 100644 --- a/cpp/autosar/src/codeql-suites/autosar-default.qls +++ b/cpp/autosar/src/codeql-suites/autosar-default.qls @@ -1,5 +1,5 @@ - description: AUTOSAR C++14 Guidelines 20-11 (Default) -- qlpack: autosar-cpp-coding-standards +- qlpack: codeql/autosar-cpp-coding-standards - include: kind: - problem diff --git a/cpp/autosar/src/codeql-suites/autosar-required.qls b/cpp/autosar/src/codeql-suites/autosar-required.qls index b79562c66c..aa4173462c 100644 --- a/cpp/autosar/src/codeql-suites/autosar-required.qls +++ b/cpp/autosar/src/codeql-suites/autosar-required.qls @@ -1,5 +1,5 @@ - description: AUTOSAR C++14 Guidelines 20-11 (Required) -- qlpack: autosar-cpp-coding-standards +- qlpack: codeql/autosar-cpp-coding-standards - include: kind: - problem diff --git a/cpp/autosar/src/codeql-suites/autosar-single-translation-unit.qls b/cpp/autosar/src/codeql-suites/autosar-single-translation-unit.qls index 6ba3032fa8..d56a7e306a 100644 --- a/cpp/autosar/src/codeql-suites/autosar-single-translation-unit.qls +++ b/cpp/autosar/src/codeql-suites/autosar-single-translation-unit.qls @@ -1,5 +1,5 @@ - description: AUTOSAR C++14 Guidelines 20-11 (Single Translation Unit) -- qlpack: autosar-cpp-coding-standards +- qlpack: codeql/autosar-cpp-coding-standards - include: kind: - problem diff --git a/cpp/cert/src/codeql-suites/cert-default.qls b/cpp/cert/src/codeql-suites/cert-default.qls index 6ec40af9b9..a003e05ed2 100644 --- a/cpp/cert/src/codeql-suites/cert-default.qls +++ b/cpp/cert/src/codeql-suites/cert-default.qls @@ -1,5 +1,5 @@ - description: CERT C++ 2016 (Default) -- qlpack: cert-cpp-coding-standards +- qlpack: codeql/cert-cpp-coding-standards - include: kind: - problem diff --git a/cpp/cert/src/codeql-suites/cert-single-translation-unit.qls b/cpp/cert/src/codeql-suites/cert-single-translation-unit.qls index ca1315d6ff..0d3f99cbf0 100644 --- a/cpp/cert/src/codeql-suites/cert-single-translation-unit.qls +++ b/cpp/cert/src/codeql-suites/cert-single-translation-unit.qls @@ -1,5 +1,5 @@ - description: CERT C++ 2016 (Single Translation Unit) -- qlpack: cert-cpp-coding-standards +- qlpack: codeql/cert-cpp-coding-standards - include: kind: - problem From abb35fc666be17aee585fff0d95fadbea2e93db0 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Fri, 27 Jan 2023 08:57:53 -0800 Subject: [PATCH 0331/2573] update --- .../RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql | 9 +-------- .../SingleBitNamedBitFieldsOfASignedType.expected | 5 ++++- 2 files changed, 5 insertions(+), 9 deletions(-) diff --git a/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql b/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql index 04a66535ad..07e276b6ef 100644 --- a/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql +++ b/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql @@ -32,17 +32,10 @@ predicate isSingleBit(BitField bitField) { bitField.getDeclaredNumBits() = 1 } -// predicate isNamedBitField(BitField bitField) { -// bitField.getName().length() != 0 -// bitField.hasName(_) -// bitField.hasDefinition() -// wat -// } - from BitField bitField where not isExcluded(bitField, TypesPackage::singleBitNamedBitFieldsOfASignedTypeQuery()) and isSingleBit(bitField) and // Single-bit, - // isNamedBitField(bitField) and // named, + not bitField.isAnonymous() and // named, isSigned(bitField.getType()) // but its type is signed. select bitField, "Single-bit bit-field named " + bitField.toString() + " has a signed type " + bitField.getType() + "." \ No newline at end of file diff --git a/c/misra/test/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.expected b/c/misra/test/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.expected index 2ec1a0ac6c..c54bbafb38 100644 --- a/c/misra/test/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.expected +++ b/c/misra/test/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.expected @@ -1 +1,4 @@ -No expected results have yet been specified \ No newline at end of file +| test.c:5:14:5:15 | x2 | Single-bit bit-field named x2 has a signed type signed int. | +| test.c:7:7:7:8 | x3 | Single-bit bit-field named x3 has a signed type signed char. | +| test.c:9:7:9:8 | x4 | Single-bit bit-field named x4 has a signed type signed short. | +| test.c:14:11:14:12 | x7 | Single-bit bit-field named x7 has a signed type int32_t. | \ No newline at end of file From 6549297d8b69982c27a92786d25013b000d93a53 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Fri, 27 Jan 2023 18:00:16 +0100 Subject: [PATCH 0332/2573] Merge fix --- c/cert/test/qlpack.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index d8e1d54d7b..94d0f1f703 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,6 +1,5 @@ name: codeql/cert-c-coding-standards-tests version: 2.13.0-dev -libraryPathDependencies: cert-c-coding-standards extractor: cpp dependencies: codeql/cert-c-coding-standards: '*' From 77a4c55cb3303d50326d0df988b9ad31f76e555b Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Fri, 27 Jan 2023 09:05:40 -0800 Subject: [PATCH 0333/2573] really minor formatting --- .../src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql b/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql index 07e276b6ef..5950290fb7 100644 --- a/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql +++ b/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql @@ -16,7 +16,7 @@ import codingstandards.c.misra predicate isSigned(Type type) { /* Check if it's a fixed number type, because declaring fixed number types like int8_t as 1 bit is obviously absurd */ type instanceof FixedWidthIntegralType or -/* Check if it's EXPLICITLY signed, because according to Rule 6.1, 'int' may be either signed or unsigned depending on the implementation. In the latter case, the query would lead to false positives. */ + /* Check if it's EXPLICITLY signed, because according to Rule 6.1, 'int' may be either signed or unsigned depending on the implementation. In the latter case, the query would lead to false positives. */ type instanceof IntegralType and type.(IntegralType).isExplicitlySigned() } From cae74a9e9aac2f9f51f738e1f06df7a6080748f2 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Fri, 27 Jan 2023 12:12:06 -0500 Subject: [PATCH 0334/2573] Declarations7: add implementation notes and lib description also rm accidental leftover expected file --- ...nformationLeakageAcrossTrustBoundariesC.md | 2 +- ...InformationLeakageAcrossTrustBoundaries.md | 2 +- .../InformationLeakageAcrossBoundaries.qll | 2 +- ...ationLeakageAcrossTrustBoundaries.expected | 20 ------------------- rule_packages/c/Declarations7.json | 5 ++++- rule_packages/cpp/Uninitialized.json | 5 ++++- 6 files changed, 11 insertions(+), 25 deletions(-) delete mode 100644 cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossTrustBoundaries.expected diff --git a/c/cert/src/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.md b/c/cert/src/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.md index 978b6d85d7..cdc62493a1 100644 --- a/c/cert/src/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.md +++ b/c/cert/src/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.md @@ -285,7 +285,7 @@ Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+D ## Implementation notes -None +The rule does not detect cases where fields may have uninitialized padding but are initialized via an initializer. ## References diff --git a/cpp/cert/src/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries.md b/cpp/cert/src/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries.md index a4f9891f53..29231d4809 100644 --- a/cpp/cert/src/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries.md +++ b/cpp/cert/src/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries.md @@ -310,7 +310,7 @@ Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/cpluspl ## Implementation notes -None +The rule does not detect cases where fields may have uninitialized padding but are initialized via an initializer. ## References diff --git a/cpp/common/src/codingstandards/cpp/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.qll b/cpp/common/src/codingstandards/cpp/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.qll index f33d5ac87c..16d8fd47ec 100644 --- a/cpp/common/src/codingstandards/cpp/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.qll +++ b/cpp/common/src/codingstandards/cpp/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.qll @@ -1,5 +1,5 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library which includes a `problems` predicate for reporting potential information leakage across trust boundaries, relating to uninitialized memory in structs. */ import cpp diff --git a/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossTrustBoundaries.expected b/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossTrustBoundaries.expected deleted file mode 100644 index 4f703cff78..0000000000 --- a/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossTrustBoundaries.expected +++ /dev/null @@ -1,20 +0,0 @@ -cpp/common/test/rules/informationleakageacrossboundaries/| arrays.cpp:11:20:11:21 | wa | 'wa' may leak information from {elements of a[...] (arrays.cpp:7)}. Path: wa (arrays.cpp:11) --> & ... (arrays.cpp:12) | -| arrays.cpp:33:22:33:23 | wa | 'wa' may leak information from {elements of elements of a[...][...] (arrays.cpp:29)}. Path: wa (arrays.cpp:33) --> & ... (arrays.cpp:34) | -| arrays.cpp:57:22:57:23 | wa | 'wa' may leak information from {WithPointer (arrays.cpp:52)}. Path: wa (arrays.cpp:57) --> & ... (arrays.cpp:59) | -| inheritance.cpp:19:14:19:14 | s | 's' may leak information from {i (inheritance.cpp:7)}. Path: s (inheritance.cpp:19) --> & ... (inheritance.cpp:21) | -| inheritance.cpp:32:14:32:14 | s | 's' may leak information from {0 to 4 bytes of padding in ptrDerived (inheritance.cpp:14)}. Path: s (inheritance.cpp:32) --> & ... (inheritance.cpp:35) | -| interprocedural.cpp:37:9:37:9 | p | 'p' may leak information from {y (interprocedural.cpp:8)}. Path: p (interprocedural.cpp:37) --> past assign_x (interprocedural.cpp:32) --> & ... (interprocedural.cpp:39) | -| interprocedural.cpp:104:9:104:9 | p | 'p' may leak information from {x (interprocedural.cpp:7), y (interprocedural.cpp:8)}. Path: p (interprocedural.cpp:104) --> overwrite_after_leak(...) (interprocedural.cpp:96) --> p (interprocedural.cpp:97) | -| multilayer.cpp:16:10:16:10 | s | 's' may leak information from {b (multilayer.cpp:12)}. Path: s (multilayer.cpp:16) --> & ... (multilayer.cpp:18) | -| multilayer.cpp:29:10:29:10 | s | 's' may leak information from {b (multilayer.cpp:12), x (multilayer.cpp:7)}. Path: s (multilayer.cpp:29) --> & ... (multilayer.cpp:30) | -| multilayer.cpp:34:8:34:8 | s | 's' may leak information from {intx (multilayer.cpp:6)}. Path: s (multilayer.cpp:34) --> & ... (multilayer.cpp:35) | -| test.cpp:12:12:12:12 | s | 's' may leak information from {y (test.cpp:8)}. Path: s (test.cpp:12) --> & ... (test.cpp:14) | -| test.cpp:18:12:18:12 | s | 's' may leak information from {x (test.cpp:7)}. Path: s (test.cpp:18) --> & ... (test.cpp:20) | -| test.cpp:24:12:24:12 | s | 's' may leak information from {x (test.cpp:7), y (test.cpp:8)}. Path: s (test.cpp:24) --> & ... (test.cpp:25) | -| test.cpp:36:12:36:12 | s | 's' may leak information from {y (test.cpp:8)}. Path: s (test.cpp:36) --> & ... (test.cpp:38) | -| test.cpp:43:12:43:12 | s | 's' may leak information from {x (test.cpp:7)}. Path: s (test.cpp:43) --> & ... (test.cpp:47) | -| test.cpp:58:12:58:12 | s | 's' may leak information from {x (test.cpp:7), y (test.cpp:8)}. Path: s (test.cpp:58) --> & ... (test.cpp:59) | -| test.cpp:64:12:64:12 | s | 's' may leak information from {y (test.cpp:8)}. Path: s (test.cpp:64) --> & ... (test.cpp:66) | -| test.cpp:112:16:112:16 | s | 's' may leak information from {buf (test.cpp:92)}. Path: s (test.cpp:112) --> & ... (test.cpp:115) | -| test.cpp:128:12:128:12 | s | 's' may leak information from {x (test.cpp:7), y (test.cpp:8)}. Path: s (test.cpp:128) --> & ... (test.cpp:132) | -| test.cpp:157:22:157:22 | s | 's' may leak information from {2 to 2 bytes of padding in has_padding (test.cpp:151)}. Path: s (test.cpp:157) --> & ... (test.cpp:160) | diff --git a/rule_packages/c/Declarations7.json b/rule_packages/c/Declarations7.json index d02db1e68a..cd3b3e6b18 100644 --- a/rule_packages/c/Declarations7.json +++ b/rule_packages/c/Declarations7.json @@ -15,7 +15,10 @@ "shared_implementation_short_name": "InformationLeakageAcrossBoundaries", "tags": [ "security" - ] + ], + "implementation_scope": { + "description": "The rule does not detect cases where fields may have uninitialized padding but are initialized via an initializer." + } } ], "title": "Avoid information leakage when passing a structure across a trust boundary" diff --git a/rule_packages/cpp/Uninitialized.json b/rule_packages/cpp/Uninitialized.json index 03b5de5d3b..019987eef4 100644 --- a/rule_packages/cpp/Uninitialized.json +++ b/rule_packages/cpp/Uninitialized.json @@ -42,7 +42,10 @@ "shared_implementation_short_name": "InformationLeakageAcrossBoundaries", "tags": [ "security" - ] + ], + "implementation_scope": { + "description": "The rule does not detect cases where fields may have uninitialized padding but are initialized via an initializer." + } } ], "title": "Avoid information leakage when passing a class object across a trust boundary" From 55ff60385e7e0d114894dadfef05aed7acd19c5a Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Fri, 27 Jan 2023 18:20:24 +0100 Subject: [PATCH 0335/2573] Fix deprecated libraries --- cpp/common/src/codingstandards/cpp/Config.qll | 6 +++--- .../src/codingstandards/cpp/deviations/Deviations.qll | 10 +++++----- .../GuidelineRecategorizations.qll | 2 +- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Config.qll b/cpp/common/src/codingstandards/cpp/Config.qll index 7d12340719..5ce3f7a035 100644 --- a/cpp/common/src/codingstandards/cpp/Config.qll +++ b/cpp/common/src/codingstandards/cpp/Config.qll @@ -8,7 +8,7 @@ import codingstandards.cpp.exclusions.RuleMetadata import codingstandards.cpp.deviations.Deviations /** A `coding-standards.xml` configuration file (usually generated from an YAML configuration file). */ -class CodingStandardsFile extends XMLFile { +class CodingStandardsFile extends XmlFile { CodingStandardsFile() { this.getBaseName() = "coding-standards.xml" and // Must be within the users source code. @@ -16,12 +16,12 @@ class CodingStandardsFile extends XMLFile { } } -class CodingStandardsConfigSection extends XMLElement { +class CodingStandardsConfigSection extends XmlElement { CodingStandardsConfigSection() { getParent() instanceof CodingStandardsConfig } } /** A "Coding Standards" configuration file */ -class CodingStandardsConfig extends XMLElement { +class CodingStandardsConfig extends XmlElement { CodingStandardsConfig() { any(CodingStandardsFile csf).getARootElement() = this and this.getName() = "codingstandards" diff --git a/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll b/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll index 9399607e3d..4dfadd12eb 100644 --- a/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll +++ b/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll @@ -17,7 +17,7 @@ predicate applyDeviationsAtQueryLevel() { } /** An element which tells the analysis whether to report deviated results. */ -class CodingStandardsReportDeviatedAlerts extends XMLElement { +class CodingStandardsReportDeviatedAlerts extends XmlElement { CodingStandardsReportDeviatedAlerts() { getParent() instanceof CodingStandardsConfig and hasName("report-deviated-alerts") @@ -35,7 +35,7 @@ class DeviationPermits extends CodingStandardsConfigSection { } /** A deviation permit record, that is specified by a permit identifier */ -class DeviationPermit extends XMLElement { +class DeviationPermit extends XmlElement { DeviationPermit() { getParent() instanceof DeviationPermits and hasName("deviation-permits-entry") @@ -118,7 +118,7 @@ class DeviationPermit extends XMLElement { } /** A deviation record, that is a specified rule or query */ -class DeviationRecord extends XMLElement { +class DeviationRecord extends XmlElement { DeviationRecord() { getParent() instanceof DeviationRecords and hasName("deviations-entry") @@ -134,13 +134,13 @@ class DeviationRecord extends XMLElement { private string getRawPermitId() { result = getAChild("permit-id").getTextValue() } - private XMLElement getRawRaisedBy() { result = getAChild("raised-by") } + private XmlElement getRawRaisedBy() { result = getAChild("raised-by") } private string getRawRaisedByName() { result = getRawRaisedBy().getAChild("name").getTextValue() } private string getRawRaisedByDate() { result = getRawRaisedBy().getAChild("date").getTextValue() } - private XMLElement getRawApprovedBy() { result = getAChild("approved-by") } + private XmlElement getRawApprovedBy() { result = getAChild("approved-by") } private string getRawApprovedByName() { result = getRawApprovedBy().getAChild("name").getTextValue() diff --git a/cpp/common/src/codingstandards/cpp/guideline_recategorizations/GuidelineRecategorizations.qll b/cpp/common/src/codingstandards/cpp/guideline_recategorizations/GuidelineRecategorizations.qll index ff148a4a72..ec5731f1bf 100644 --- a/cpp/common/src/codingstandards/cpp/guideline_recategorizations/GuidelineRecategorizations.qll +++ b/cpp/common/src/codingstandards/cpp/guideline_recategorizations/GuidelineRecategorizations.qll @@ -12,7 +12,7 @@ class GuidelineRecategorizations extends CodingStandardsConfigSection { GuidelineRecategorizations() { hasName("guideline-recategorizations") } } -class GuidelineRecategorization extends XMLElement { +class GuidelineRecategorization extends XmlElement { GuidelineRecategorization() { getParent() instanceof GuidelineRecategorizations and hasName("guideline-recategorizations-entry") From 7796fdd27387bd82c54fc0862aff8286586b9b8b Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Fri, 27 Jan 2023 09:47:48 -0800 Subject: [PATCH 0336/2573] separate out BitfieldTypes Update rules.csv, move 6-1 and 6-2 from Types.json to new file BitfieldTypes.json --- rule_packages/c/BitfieldTypes.json | 38 ++++++++++++++++++++++++++++++ rule_packages/c/Types.json | 34 -------------------------- rules.csv | 4 ++-- 3 files changed, 40 insertions(+), 36 deletions(-) create mode 100644 rule_packages/c/BitfieldTypes.json diff --git a/rule_packages/c/BitfieldTypes.json b/rule_packages/c/BitfieldTypes.json new file mode 100644 index 0000000000..4e93f3371a --- /dev/null +++ b/rule_packages/c/BitfieldTypes.json @@ -0,0 +1,38 @@ +{ + "MISRA-C-2012": { + "RULE-6-1": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Declaring bit-fields on types other than appropriate ones causes implementation-specific or undefined behavior.", + "kind": "problem", + "name": "Bit-fields shall only be declared with an appropriate type", + "precision": "very-high", + "severity": "error", + "short_name": "BitFieldsShallOnlyBeDeclaredWithAnAppropriateType", + "tags": [] + } + ], + "title": "Bit-fields shall only be declared with an appropriate type" + }, + "RULE-6-2": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Single-bit named bit fields carry no useful information and therefore should not be declared or used.", + "kind": "problem", + "name": "Single-bit named bit fields shall not be of a signed type", + "precision": "very-high", + "severity": "error", + "short_name": "SingleBitNamedBitFieldsOfASignedType", + "tags": [] + } + ], + "title": "Single-bit named bit fields shall not be of a signed type" + } + } +} \ No newline at end of file diff --git a/rule_packages/c/Types.json b/rule_packages/c/Types.json index cefcd6fec5..68b873dacd 100644 --- a/rule_packages/c/Types.json +++ b/rule_packages/c/Types.json @@ -461,40 +461,6 @@ ], "title": "The pointer arguments to the Standard Library function memcmp shall point to either a pointer type, an essentially signed type, an essentially unsigned type, an essentially Boolean type or an essentially enum type." }, - "RULE-6-1": { - "properties": { - "obligation": "required" - }, - "queries": [ - { - "description": "Declaring bit-fields on types other than appropriate ones causes implementation-specific or undefined behavior.", - "kind": "problem", - "name": "Bit-fields shall only be declared with an appropriate type", - "precision": "very-high", - "severity": "error", - "short_name": "BitFieldsShallOnlyBeDeclaredWithAnAppropriateType", - "tags": [] - } - ], - "title": "Bit-fields shall only be declared with an appropriate type" - }, - "RULE-6-2": { - "properties": { - "obligation": "required" - }, - "queries": [ - { - "description": "Single-bit named bit fields carry no useful information and therefore should not be declared or used.", - "kind": "problem", - "name": "Single-bit named bit fields shall not be of a signed type", - "precision": "very-high", - "severity": "error", - "short_name": "SingleBitNamedBitFieldsOfASignedType", - "tags": [] - } - ], - "title": "Single-bit named bit fields shall not be of a signed type" - }, "RULE-7-4": { "properties": { "obligation": "required" diff --git a/rules.csv b/rules.csv index f9c523c4ba..f5f653c321 100644 --- a/rules.csv +++ b/rules.csv @@ -640,8 +640,8 @@ c,MISRA-C-2012,RULE-5-6,Yes,Required,,,A typedef name shall be a unique identifi c,MISRA-C-2012,RULE-5-7,Yes,Required,,,A tag name shall be a unique identifier,,Declarations3,Easy, c,MISRA-C-2012,RULE-5-8,Yes,Required,,,Identifiers that define objects or functions with external linkage shall be unique,,Declarations6,Easy, c,MISRA-C-2012,RULE-5-9,Yes,Advisory,,,Identifiers that define objects or functions with internal linkage should be unique,,Declarations6,Easy, -c,MISRA-C-2012,RULE-6-1,Yes,Required,,,Bit-fields shall only be declared with an appropriate type,M9-6-4,Types,Medium, -c,MISRA-C-2012,RULE-6-2,Yes,Required,,,Single-bit named bit fields shall not be of a signed type,M9-6-4,Types,Import, +c,MISRA-C-2012,RULE-6-1,Yes,Required,,,Bit-fields shall only be declared with an appropriate type,M9-6-4,BitfieldTypes,Medium, +c,MISRA-C-2012,RULE-6-2,Yes,Required,,,Single-bit named bit fields shall not be of a signed type,M9-6-4,BitfieldTypes,Import, c,MISRA-C-2012,RULE-7-1,Yes,Required,,,Octal constants shall not be used,M2-13-2,Banned,Import, c,MISRA-C-2012,RULE-7-2,Yes,Required,,,A �u� or �U� suffix shall be applied to all integer constants that are represented in an unsigned type,M2-13-3,Syntax,Easy, c,MISRA-C-2012,RULE-7-3,Yes,Required,,,The lowercase character �l� shall not be used in a literal suffix,M2-13-4,Syntax,Easy, From 0e3bd23cf1ed18c28dfec6ee4cbde73a6b69378c Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Fri, 27 Jan 2023 12:34:51 -0800 Subject: [PATCH 0337/2573] Remove previous files for rules in Types.json --- ...tectDomainAndRangeErrorsInMathFunctions.md | 18 -------- ...tectDomainAndRangeErrorsInMathFunctions.ql | 18 -------- ...PointConversionsNotWithinRangeOfNewType.md | 16 ------- ...PointConversionsNotWithinRangeOfNewType.ql | 18 -------- ...atingPointOfIntegralValuesLosePrecision.md | 16 ------- ...atingPointOfIntegralValuesLosePrecision.ql | 18 -------- ...ReprUsedForComparingFloatingPointValues.md | 16 ------- ...ReprUsedForComparingFloatingPointValues.ql | 18 -------- ...eThatUnsignedIntegerOperationsDoNotWrap.md | 16 ------- ...eThatUnsignedIntegerOperationsDoNotWrap.ql | 18 -------- ...onversionCausesLostOrMisinterpretedData.md | 16 ------- ...onversionCausesLostOrMisinterpretedData.ql | 18 -------- ...ationsOnSignedIntegersResultsInOverflow.md | 16 ------- ...ationsOnSignedIntegersResultsInOverflow.ql | 18 -------- .../DivAndModOperationResultsInDivByZero.md | 16 ------- .../DivAndModOperationResultsInDivByZero.ql | 18 -------- ...iftedByNegativeBitsOrGreaterThanOperand.md | 16 ------- ...iftedByNegativeBitsOrGreaterThanOperand.ql | 19 -------- .../INT35-C/UseCorrectIntegerPrecisions.md | 16 ------- .../INT35-C/UseCorrectIntegerPrecisions.ql | 18 -------- ...tingAPointerToIntegerOrIntegerToPointer.md | 16 ------- ...tingAPointerToIntegerOrIntegerToPointer.ql | 18 -------- ...defsNotUsedInPlaceOfBasicNumericalTypes.ql | 18 -------- .../OperandsOfAnInappropriateEssentialType.ql | 18 -------- .../RULE-10-2/CharTypeExprsUsedInAddOrSub.ql | 19 -------- .../AssignmentToIncompatibleEssentialType.ql | 19 -------- ...rsionOperandHasDifferentEssTypeCategory.ql | 19 -------- .../ValueCastToInappropriateEssentialType.ql | 18 -------- ...eExprValueAssignedToObjWithWiderEssType.ql | 18 -------- ...CompExprOperandHasWiderEssTypeThanOther.ql | 20 --------- .../CompExprValCastToIncompatEssType.ql | 19 -------- ...onstExprEvalCausesUnsignedIntWraparound.ql | 18 -------- .../ArrayTypeParamAtSizeofOperand.ql | 19 -------- .../LoopCounterHaveEssentiallyFloatingType.ql | 18 -------- ...typeFuncNeitherReprAsUnsignedCharNorEOF.ql | 19 -------- ...emcmpUsedToCompareNullTerminatedStrings.ql | 18 -------- ...MemmoveMemcmpArgNotPointerToCompatTypes.ql | 19 -------- ...otPtsToSignedUnsignedBooleanEnumEssType.ql | 20 --------- ...ralAssignedToObjPtrToConstQualifiedChar.ql | 19 -------- .../cpp/exclusions/c/BitfieldTypes.qll | 44 +++++++++++++++++++ 40 files changed, 44 insertions(+), 695 deletions(-) delete mode 100644 c/cert/src/rules/FLP32-C/PreventOrDetectDomainAndRangeErrorsInMathFunctions.md delete mode 100644 c/cert/src/rules/FLP32-C/PreventOrDetectDomainAndRangeErrorsInMathFunctions.ql delete mode 100644 c/cert/src/rules/FLP34-C/FloatingPointConversionsNotWithinRangeOfNewType.md delete mode 100644 c/cert/src/rules/FLP34-C/FloatingPointConversionsNotWithinRangeOfNewType.ql delete mode 100644 c/cert/src/rules/FLP36-C/FloatingPointOfIntegralValuesLosePrecision.md delete mode 100644 c/cert/src/rules/FLP36-C/FloatingPointOfIntegralValuesLosePrecision.ql delete mode 100644 c/cert/src/rules/FLP37-C/ObjectReprUsedForComparingFloatingPointValues.md delete mode 100644 c/cert/src/rules/FLP37-C/ObjectReprUsedForComparingFloatingPointValues.ql delete mode 100644 c/cert/src/rules/INT30-C/EnsureThatUnsignedIntegerOperationsDoNotWrap.md delete mode 100644 c/cert/src/rules/INT30-C/EnsureThatUnsignedIntegerOperationsDoNotWrap.ql delete mode 100644 c/cert/src/rules/INT31-C/IntConversionCausesLostOrMisinterpretedData.md delete mode 100644 c/cert/src/rules/INT31-C/IntConversionCausesLostOrMisinterpretedData.ql delete mode 100644 c/cert/src/rules/INT32-C/OperationsOnSignedIntegersResultsInOverflow.md delete mode 100644 c/cert/src/rules/INT32-C/OperationsOnSignedIntegersResultsInOverflow.ql delete mode 100644 c/cert/src/rules/INT33-C/DivAndModOperationResultsInDivByZero.md delete mode 100644 c/cert/src/rules/INT33-C/DivAndModOperationResultsInDivByZero.ql delete mode 100644 c/cert/src/rules/INT34-C/ExprShiftedByNegativeBitsOrGreaterThanOperand.md delete mode 100644 c/cert/src/rules/INT34-C/ExprShiftedByNegativeBitsOrGreaterThanOperand.ql delete mode 100644 c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.md delete mode 100644 c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.ql delete mode 100644 c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.md delete mode 100644 c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql delete mode 100644 c/misra/src/rules/DIR-4-6/NumericTypedefsNotUsedInPlaceOfBasicNumericalTypes.ql delete mode 100644 c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql delete mode 100644 c/misra/src/rules/RULE-10-2/CharTypeExprsUsedInAddOrSub.ql delete mode 100644 c/misra/src/rules/RULE-10-3/AssignmentToIncompatibleEssentialType.ql delete mode 100644 c/misra/src/rules/RULE-10-4/ArithConversionOperandHasDifferentEssTypeCategory.ql delete mode 100644 c/misra/src/rules/RULE-10-5/ValueCastToInappropriateEssentialType.ql delete mode 100644 c/misra/src/rules/RULE-10-6/CompositeExprValueAssignedToObjWithWiderEssType.ql delete mode 100644 c/misra/src/rules/RULE-10-7/ConvertedCompExprOperandHasWiderEssTypeThanOther.ql delete mode 100644 c/misra/src/rules/RULE-10-8/CompExprValCastToIncompatEssType.ql delete mode 100644 c/misra/src/rules/RULE-12-4/ConstExprEvalCausesUnsignedIntWraparound.ql delete mode 100644 c/misra/src/rules/RULE-12-5/ArrayTypeParamAtSizeofOperand.ql delete mode 100644 c/misra/src/rules/RULE-14-1/LoopCounterHaveEssentiallyFloatingType.ql delete mode 100644 c/misra/src/rules/RULE-21-13/CtypeFuncNeitherReprAsUnsignedCharNorEOF.ql delete mode 100644 c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql delete mode 100644 c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointerToCompatTypes.ql delete mode 100644 c/misra/src/rules/RULE-21-16/MemcmpArgNotPtsToSignedUnsignedBooleanEnumEssType.ql delete mode 100644 c/misra/src/rules/RULE-7-4/StringLiteralAssignedToObjPtrToConstQualifiedChar.ql create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/BitfieldTypes.qll diff --git a/c/cert/src/rules/FLP32-C/PreventOrDetectDomainAndRangeErrorsInMathFunctions.md b/c/cert/src/rules/FLP32-C/PreventOrDetectDomainAndRangeErrorsInMathFunctions.md deleted file mode 100644 index 4083d3f36b..0000000000 --- a/c/cert/src/rules/FLP32-C/PreventOrDetectDomainAndRangeErrorsInMathFunctions.md +++ /dev/null @@ -1,18 +0,0 @@ -# FLP32-C: Prevent or detect domain and range errors in math functions - -This query implements the CERT-C rule FLP32-C: - -> Prevent or detect domain and range errors in math functions - - -## CERT - -** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** - -## Implementation notes - -None - -## References - -* CERT-C: [FLP32-C: Prevent or detect domain and range errors in math functions](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/FLP32-C/PreventOrDetectDomainAndRangeErrorsInMathFunctions.ql b/c/cert/src/rules/FLP32-C/PreventOrDetectDomainAndRangeErrorsInMathFunctions.ql deleted file mode 100644 index 5b86641326..0000000000 --- a/c/cert/src/rules/FLP32-C/PreventOrDetectDomainAndRangeErrorsInMathFunctions.ql +++ /dev/null @@ -1,18 +0,0 @@ -/** - * @id c/cert/prevent-or-detect-domain-and-range-errors-in-math-functions - * @name FLP32-C: Prevent or detect domain and range errors in math functions - * @description TODO. - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/cert/id/flp32-c - * external/cert/obligation/rule - */ - -import cpp -import codingstandards.c.cert - -from -where - not isExcluded(x, TypesPackage::preventOrDetectDomainAndRangeErrorsInMathFunctionsQuery()) and -select diff --git a/c/cert/src/rules/FLP34-C/FloatingPointConversionsNotWithinRangeOfNewType.md b/c/cert/src/rules/FLP34-C/FloatingPointConversionsNotWithinRangeOfNewType.md deleted file mode 100644 index 8b22986f7d..0000000000 --- a/c/cert/src/rules/FLP34-C/FloatingPointConversionsNotWithinRangeOfNewType.md +++ /dev/null @@ -1,16 +0,0 @@ -# FLP34-C: Ensure that floating-point conversions are within range of the new type - -This query implements the CERT-C rule FLP34-C: - -> Ensure that floating-point conversions are within range of the new type -## CERT - -** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** - -## Implementation notes - -None - -## References - -* CERT-C: [FLP34-C: Ensure that floating-point conversions are within range of the new type](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/FLP34-C/FloatingPointConversionsNotWithinRangeOfNewType.ql b/c/cert/src/rules/FLP34-C/FloatingPointConversionsNotWithinRangeOfNewType.ql deleted file mode 100644 index fe7a1b581a..0000000000 --- a/c/cert/src/rules/FLP34-C/FloatingPointConversionsNotWithinRangeOfNewType.ql +++ /dev/null @@ -1,18 +0,0 @@ -/** - * @id c/cert/floating-point-conversions-not-within-range-of-new-type - * @name FLP34-C: Ensure that floating-point conversions are within range of the new type - * @description TODO. - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/cert/id/flp34-c - * external/cert/obligation/rule - */ - -import cpp -import codingstandards.c.cert - -from -where - not isExcluded(x, TypesPackage::floatingPointConversionsNotWithinRangeOfNewTypeQuery()) and -select diff --git a/c/cert/src/rules/FLP36-C/FloatingPointOfIntegralValuesLosePrecision.md b/c/cert/src/rules/FLP36-C/FloatingPointOfIntegralValuesLosePrecision.md deleted file mode 100644 index bac78b4ddd..0000000000 --- a/c/cert/src/rules/FLP36-C/FloatingPointOfIntegralValuesLosePrecision.md +++ /dev/null @@ -1,16 +0,0 @@ -# FLP36-C: Preserve precision when converting integral values to floating-point type - -This query implements the CERT-C rule FLP36-C: - -> Preserve precision when converting integral values to floating-point type -## CERT - -** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** - -## Implementation notes - -None - -## References - -* CERT-C: [FLP36-C: Preserve precision when converting integral values to floating-point type](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/FLP36-C/FloatingPointOfIntegralValuesLosePrecision.ql b/c/cert/src/rules/FLP36-C/FloatingPointOfIntegralValuesLosePrecision.ql deleted file mode 100644 index 6d61c6aff7..0000000000 --- a/c/cert/src/rules/FLP36-C/FloatingPointOfIntegralValuesLosePrecision.ql +++ /dev/null @@ -1,18 +0,0 @@ -/** - * @id c/cert/floating-point-of-integral-values-lose-precision - * @name FLP36-C: Preserve precision when converting integral values to floating-point type - * @description TODO. - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/cert/id/flp36-c - * external/cert/obligation/rule - */ - -import cpp -import codingstandards.c.cert - -from -where - not isExcluded(x, TypesPackage::floatingPointOfIntegralValuesLosePrecisionQuery()) and -select diff --git a/c/cert/src/rules/FLP37-C/ObjectReprUsedForComparingFloatingPointValues.md b/c/cert/src/rules/FLP37-C/ObjectReprUsedForComparingFloatingPointValues.md deleted file mode 100644 index 8b738b87cd..0000000000 --- a/c/cert/src/rules/FLP37-C/ObjectReprUsedForComparingFloatingPointValues.md +++ /dev/null @@ -1,16 +0,0 @@ -# FLP37-C: Do not use object representations to compare floating-point values - -This query implements the CERT-C rule FLP37-C: - -> Do not use object representations to compare floating-point values -## CERT - -** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** - -## Implementation notes - -None - -## References - -* CERT-C: [FLP37-C: Do not use object representations to compare floating-point values](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/FLP37-C/ObjectReprUsedForComparingFloatingPointValues.ql b/c/cert/src/rules/FLP37-C/ObjectReprUsedForComparingFloatingPointValues.ql deleted file mode 100644 index 24fdd70dc4..0000000000 --- a/c/cert/src/rules/FLP37-C/ObjectReprUsedForComparingFloatingPointValues.ql +++ /dev/null @@ -1,18 +0,0 @@ -/** - * @id c/cert/object-repr-used-for-comparing-floating-point-values - * @name FLP37-C: Do not use object representations to compare floating-point values - * @description TODO. - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/cert/id/flp37-c - * external/cert/obligation/rule - */ - -import cpp -import codingstandards.c.cert - -from -where - not isExcluded(x, TypesPackage::objectReprUsedForComparingFloatingPointValuesQuery()) and -select diff --git a/c/cert/src/rules/INT30-C/EnsureThatUnsignedIntegerOperationsDoNotWrap.md b/c/cert/src/rules/INT30-C/EnsureThatUnsignedIntegerOperationsDoNotWrap.md deleted file mode 100644 index 402fd7f64a..0000000000 --- a/c/cert/src/rules/INT30-C/EnsureThatUnsignedIntegerOperationsDoNotWrap.md +++ /dev/null @@ -1,16 +0,0 @@ -# INT30-C: Ensure that unsigned integer operations do not wrap - -This query implements the CERT-C rule INT30-C: - -> Ensure that unsigned integer operations do not wrap -## CERT - -** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** - -## Implementation notes - -None - -## References - -* CERT-C: [INT30-C: Ensure that unsigned integer operations do not wrap](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/INT30-C/EnsureThatUnsignedIntegerOperationsDoNotWrap.ql b/c/cert/src/rules/INT30-C/EnsureThatUnsignedIntegerOperationsDoNotWrap.ql deleted file mode 100644 index c6901a73b1..0000000000 --- a/c/cert/src/rules/INT30-C/EnsureThatUnsignedIntegerOperationsDoNotWrap.ql +++ /dev/null @@ -1,18 +0,0 @@ -/** - * @id c/cert/ensure-that-unsigned-integer-operations-do-not-wrap - * @name INT30-C: Ensure that unsigned integer operations do not wrap - * @description TODO. - * @kind problem - * @precision high - * @problem.severity error - * @tags external/cert/id/int30-c - * external/cert/obligation/rule - */ - -import cpp -import codingstandards.c.cert - -from -where - not isExcluded(x, TypesPackage::ensureThatUnsignedIntegerOperationsDoNotWrapQuery()) and -select diff --git a/c/cert/src/rules/INT31-C/IntConversionCausesLostOrMisinterpretedData.md b/c/cert/src/rules/INT31-C/IntConversionCausesLostOrMisinterpretedData.md deleted file mode 100644 index 3c475e4a77..0000000000 --- a/c/cert/src/rules/INT31-C/IntConversionCausesLostOrMisinterpretedData.md +++ /dev/null @@ -1,16 +0,0 @@ -# INT31-C: Ensure that integer conversions do not result in lost or misinterpreted data - -This query implements the CERT-C rule INT31-C: - -> Ensure that integer conversions do not result in lost or misinterpreted data -## CERT - -** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** - -## Implementation notes - -None - -## References - -* CERT-C: [INT31-C: Ensure that integer conversions do not result in lost or misinterpreted data](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/INT31-C/IntConversionCausesLostOrMisinterpretedData.ql b/c/cert/src/rules/INT31-C/IntConversionCausesLostOrMisinterpretedData.ql deleted file mode 100644 index 0e994c017f..0000000000 --- a/c/cert/src/rules/INT31-C/IntConversionCausesLostOrMisinterpretedData.ql +++ /dev/null @@ -1,18 +0,0 @@ -/** - * @id c/cert/int-conversion-causes-lost-or-misinterpreted-data - * @name INT31-C: Ensure that integer conversions do not result in lost or misinterpreted data - * @description TODO. - * @kind problem - * @precision high - * @problem.severity error - * @tags external/cert/id/int31-c - * external/cert/obligation/rule - */ - -import cpp -import codingstandards.c.cert - -from -where - not isExcluded(x, TypesPackage::intConversionCausesLostOrMisinterpretedDataQuery()) and -select diff --git a/c/cert/src/rules/INT32-C/OperationsOnSignedIntegersResultsInOverflow.md b/c/cert/src/rules/INT32-C/OperationsOnSignedIntegersResultsInOverflow.md deleted file mode 100644 index 84dc8fe143..0000000000 --- a/c/cert/src/rules/INT32-C/OperationsOnSignedIntegersResultsInOverflow.md +++ /dev/null @@ -1,16 +0,0 @@ -# INT32-C: Ensure that operations on signed integers do not result in overflow - -This query implements the CERT-C rule INT32-C: - -> Ensure that operations on signed integers do not result in overflow -## CERT - -** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** - -## Implementation notes - -None - -## References - -* CERT-C: [INT32-C: Ensure that operations on signed integers do not result in overflow](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/INT32-C/OperationsOnSignedIntegersResultsInOverflow.ql b/c/cert/src/rules/INT32-C/OperationsOnSignedIntegersResultsInOverflow.ql deleted file mode 100644 index 2495050987..0000000000 --- a/c/cert/src/rules/INT32-C/OperationsOnSignedIntegersResultsInOverflow.ql +++ /dev/null @@ -1,18 +0,0 @@ -/** - * @id c/cert/operations-on-signed-integers-results-in-overflow - * @name INT32-C: Ensure that operations on signed integers do not result in overflow - * @description TODO. - * @kind problem - * @precision high - * @problem.severity error - * @tags external/cert/id/int32-c - * external/cert/obligation/rule - */ - -import cpp -import codingstandards.c.cert - -from -where - not isExcluded(x, TypesPackage::operationsOnSignedIntegersResultsInOverflowQuery()) and -select diff --git a/c/cert/src/rules/INT33-C/DivAndModOperationResultsInDivByZero.md b/c/cert/src/rules/INT33-C/DivAndModOperationResultsInDivByZero.md deleted file mode 100644 index 6a86d3e88d..0000000000 --- a/c/cert/src/rules/INT33-C/DivAndModOperationResultsInDivByZero.md +++ /dev/null @@ -1,16 +0,0 @@ -# INT33-C: Ensure that division and remainder operations do not result in divide-by-zero errors - -This query implements the CERT-C rule INT33-C: - -> Ensure that division and remainder operations do not result in divide-by-zero errors -## CERT - -** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** - -## Implementation notes - -None - -## References - -* CERT-C: [INT33-C: Ensure that division and remainder operations do not result in divide-by-zero errors](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/INT33-C/DivAndModOperationResultsInDivByZero.ql b/c/cert/src/rules/INT33-C/DivAndModOperationResultsInDivByZero.ql deleted file mode 100644 index 4385d79f2e..0000000000 --- a/c/cert/src/rules/INT33-C/DivAndModOperationResultsInDivByZero.ql +++ /dev/null @@ -1,18 +0,0 @@ -/** - * @id c/cert/div-and-mod-operation-results-in-div-by-zero - * @name INT33-C: Ensure that division and remainder operations do not result in divide-by-zero errors - * @description TODO. - * @kind problem - * @precision high - * @problem.severity error - * @tags external/cert/id/int33-c - * external/cert/obligation/rule - */ - -import cpp -import codingstandards.c.cert - -from -where - not isExcluded(x, TypesPackage::divAndModOperationResultsInDivByZeroQuery()) and -select diff --git a/c/cert/src/rules/INT34-C/ExprShiftedByNegativeBitsOrGreaterThanOperand.md b/c/cert/src/rules/INT34-C/ExprShiftedByNegativeBitsOrGreaterThanOperand.md deleted file mode 100644 index 66c3d5a7a0..0000000000 --- a/c/cert/src/rules/INT34-C/ExprShiftedByNegativeBitsOrGreaterThanOperand.md +++ /dev/null @@ -1,16 +0,0 @@ -# INT34-C: Do not shift an expression by a negative number of bits or by greater than or equal to the number of - -This query implements the CERT-C rule INT34-C: - -> Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand -## CERT - -** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** - -## Implementation notes - -None - -## References - -* CERT-C: [INT34-C: Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/INT34-C/ExprShiftedByNegativeBitsOrGreaterThanOperand.ql b/c/cert/src/rules/INT34-C/ExprShiftedByNegativeBitsOrGreaterThanOperand.ql deleted file mode 100644 index f7a0759b6c..0000000000 --- a/c/cert/src/rules/INT34-C/ExprShiftedByNegativeBitsOrGreaterThanOperand.ql +++ /dev/null @@ -1,19 +0,0 @@ -/** - * @id c/cert/expr-shifted-by-negative-bits-or-greater-than-operand - * @name INT34-C: Do not shift an expression by a negative number of bits or by greater than or equal to the number of - * @description Do not shift an expression by a negative number of bits or by greater than or equal - * to the number of bits that exist in the operand. - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/cert/id/int34-c - * external/cert/obligation/rule - */ - -import cpp -import codingstandards.c.cert - -from -where - not isExcluded(x, TypesPackage::exprShiftedByNegativeBitsOrGreaterThanOperandQuery()) and -select diff --git a/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.md b/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.md deleted file mode 100644 index aaf89abe74..0000000000 --- a/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.md +++ /dev/null @@ -1,16 +0,0 @@ -# INT35-C: Use correct integer precisions - -This query implements the CERT-C rule INT35-C: - -> Use correct integer precisions -## CERT - -** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** - -## Implementation notes - -None - -## References - -* CERT-C: [INT35-C: Use correct integer precisions](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.ql b/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.ql deleted file mode 100644 index 41c25374e1..0000000000 --- a/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.ql +++ /dev/null @@ -1,18 +0,0 @@ -/** - * @id c/cert/use-correct-integer-precisions - * @name INT35-C: Use correct integer precisions - * @description TODO. - * @kind problem - * @precision high - * @problem.severity error - * @tags external/cert/id/int35-c - * external/cert/obligation/rule - */ - -import cpp -import codingstandards.c.cert - -from -where - not isExcluded(x, TypesPackage::useCorrectIntegerPrecisionsQuery()) and -select diff --git a/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.md b/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.md deleted file mode 100644 index 6df9d2afff..0000000000 --- a/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.md +++ /dev/null @@ -1,16 +0,0 @@ -# INT36-C: Converting a pointer to integer or integer to pointer - -This query implements the CERT-C rule INT36-C: - -> Converting a pointer to integer or integer to pointer -## CERT - -** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** - -## Implementation notes - -None - -## References - -* CERT-C: [INT36-C: Converting a pointer to integer or integer to pointer](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql b/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql deleted file mode 100644 index 8fc0096b6e..0000000000 --- a/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql +++ /dev/null @@ -1,18 +0,0 @@ -/** - * @id c/cert/converting-a-pointer-to-integer-or-integer-to-pointer - * @name INT36-C: Converting a pointer to integer or integer to pointer - * @description TODO. - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/cert/id/int36-c - * external/cert/obligation/rule - */ - -import cpp -import codingstandards.c.cert - -from -where - not isExcluded(x, TypesPackage::convertingAPointerToIntegerOrIntegerToPointerQuery()) and -select diff --git a/c/misra/src/rules/DIR-4-6/NumericTypedefsNotUsedInPlaceOfBasicNumericalTypes.ql b/c/misra/src/rules/DIR-4-6/NumericTypedefsNotUsedInPlaceOfBasicNumericalTypes.ql deleted file mode 100644 index 0b9a284e56..0000000000 --- a/c/misra/src/rules/DIR-4-6/NumericTypedefsNotUsedInPlaceOfBasicNumericalTypes.ql +++ /dev/null @@ -1,18 +0,0 @@ -/** - * @id c/misra/numeric-typedefs-not-used-in-place-of-basic-numerical-types - * @name DIR-4-6: typedefs that indicate size and signedness should be used in place of the basic numerical types - * @description TODO. - * @kind problem - * @precision high - * @problem.severity error - * @tags external/misra/id/dir-4-6 - * external/misra/obligation/advisory - */ - -import cpp -import codingstandards.c.misra - -from -where - not isExcluded(x, TypesPackage::numericTypedefsNotUsedInPlaceOfBasicNumericalTypesQuery()) and -select diff --git a/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql b/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql deleted file mode 100644 index 65e515a87d..0000000000 --- a/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql +++ /dev/null @@ -1,18 +0,0 @@ -/** - * @id c/misra/operands-of-an-inappropriate-essential-type - * @name RULE-10-1: Operands shall not be of an inappropriate essential type - * @description TODO. - * @kind problem - * @precision high - * @problem.severity error - * @tags external/misra/id/rule-10-1 - * external/misra/obligation/required - */ - -import cpp -import codingstandards.c.misra - -from -where - not isExcluded(x, TypesPackage::operandsOfAnInappropriateEssentialTypeQuery()) and -select diff --git a/c/misra/src/rules/RULE-10-2/CharTypeExprsUsedInAddOrSub.ql b/c/misra/src/rules/RULE-10-2/CharTypeExprsUsedInAddOrSub.ql deleted file mode 100644 index f64bdcc980..0000000000 --- a/c/misra/src/rules/RULE-10-2/CharTypeExprsUsedInAddOrSub.ql +++ /dev/null @@ -1,19 +0,0 @@ -/** - * @id c/misra/char-type-exprs-used-in-add-or-sub - * @name RULE-10-2: Expressions of essentially character type shall not be used inappropriately in addition and - * @description Expressions of essentially character type shall not be used inappropriately in - * addition and subtraction operations. - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/misra/id/rule-10-2 - * external/misra/obligation/required - */ - -import cpp -import codingstandards.c.misra - -from -where - not isExcluded(x, TypesPackage::charTypeExprsUsedInAddOrSubQuery()) and -select diff --git a/c/misra/src/rules/RULE-10-3/AssignmentToIncompatibleEssentialType.ql b/c/misra/src/rules/RULE-10-3/AssignmentToIncompatibleEssentialType.ql deleted file mode 100644 index 6d0a0c5aba..0000000000 --- a/c/misra/src/rules/RULE-10-3/AssignmentToIncompatibleEssentialType.ql +++ /dev/null @@ -1,19 +0,0 @@ -/** - * @id c/misra/assignment-to-incompatible-essential-type - * @name RULE-10-3: The value of an expression shall not be assigned to an object with a narrower essential type or of a - * @description The value of an expression shall not be assigned to an object with a narrower - * essential type or of a different essential type category. - * @kind problem - * @precision high - * @problem.severity error - * @tags external/misra/id/rule-10-3 - * external/misra/obligation/required - */ - -import cpp -import codingstandards.c.misra - -from -where - not isExcluded(x, TypesPackage::assignmentToIncompatibleEssentialTypeQuery()) and -select diff --git a/c/misra/src/rules/RULE-10-4/ArithConversionOperandHasDifferentEssTypeCategory.ql b/c/misra/src/rules/RULE-10-4/ArithConversionOperandHasDifferentEssTypeCategory.ql deleted file mode 100644 index cc27e5b693..0000000000 --- a/c/misra/src/rules/RULE-10-4/ArithConversionOperandHasDifferentEssTypeCategory.ql +++ /dev/null @@ -1,19 +0,0 @@ -/** - * @id c/misra/arith-conversion-operand-has-different-ess-type-category - * @name RULE-10-4: Both operands of an operator in which the usual arithmetic conversions are performed shall have the - * @description Both operands of an operator in which the usual arithmetic conversions are performed - * shall have the same essential type category. - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/misra/id/rule-10-4 - * external/misra/obligation/required - */ - -import cpp -import codingstandards.c.misra - -from -where - not isExcluded(x, TypesPackage::arithConversionOperandHasDifferentEssTypeCategoryQuery()) and -select diff --git a/c/misra/src/rules/RULE-10-5/ValueCastToInappropriateEssentialType.ql b/c/misra/src/rules/RULE-10-5/ValueCastToInappropriateEssentialType.ql deleted file mode 100644 index ebdddc2910..0000000000 --- a/c/misra/src/rules/RULE-10-5/ValueCastToInappropriateEssentialType.ql +++ /dev/null @@ -1,18 +0,0 @@ -/** - * @id c/misra/value-cast-to-inappropriate-essential-type - * @name RULE-10-5: The value of an expression should not be cast to an inappropriate essential type - * @description TODO. - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/misra/id/rule-10-5 - * external/misra/obligation/advisory - */ - -import cpp -import codingstandards.c.misra - -from -where - not isExcluded(x, TypesPackage::valueCastToInappropriateEssentialTypeQuery()) and -select diff --git a/c/misra/src/rules/RULE-10-6/CompositeExprValueAssignedToObjWithWiderEssType.ql b/c/misra/src/rules/RULE-10-6/CompositeExprValueAssignedToObjWithWiderEssType.ql deleted file mode 100644 index 968edd026a..0000000000 --- a/c/misra/src/rules/RULE-10-6/CompositeExprValueAssignedToObjWithWiderEssType.ql +++ /dev/null @@ -1,18 +0,0 @@ -/** - * @id c/misra/composite-expr-value-assigned-to-obj-with-wider-ess-type - * @name RULE-10-6: The value of a composite expression shall not be assigned to an object with wider essential type - * @description TODO. - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/misra/id/rule-10-6 - * external/misra/obligation/required - */ - -import cpp -import codingstandards.c.misra - -from -where - not isExcluded(x, TypesPackage::compositeExprValueAssignedToObjWithWiderEssTypeQuery()) and -select diff --git a/c/misra/src/rules/RULE-10-7/ConvertedCompExprOperandHasWiderEssTypeThanOther.ql b/c/misra/src/rules/RULE-10-7/ConvertedCompExprOperandHasWiderEssTypeThanOther.ql deleted file mode 100644 index 73d5fd0d30..0000000000 --- a/c/misra/src/rules/RULE-10-7/ConvertedCompExprOperandHasWiderEssTypeThanOther.ql +++ /dev/null @@ -1,20 +0,0 @@ -/** - * @id c/misra/converted-comp-expr-operand-has-wider-ess-type-than-other - * @name RULE-10-7: If a composite expression is used as one operand of an operator in which the usual arithmetic - * @description If a composite expression is used as one operand of an operator in which the usual - * arithmetic conversions are performed then the other operand shall not have wider - * essential type. - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/misra/id/rule-10-7 - * external/misra/obligation/required - */ - -import cpp -import codingstandards.c.misra - -from -where - not isExcluded(x, TypesPackage::convertedCompExprOperandHasWiderEssTypeThanOtherQuery()) and -select diff --git a/c/misra/src/rules/RULE-10-8/CompExprValCastToIncompatEssType.ql b/c/misra/src/rules/RULE-10-8/CompExprValCastToIncompatEssType.ql deleted file mode 100644 index 5937b33bd4..0000000000 --- a/c/misra/src/rules/RULE-10-8/CompExprValCastToIncompatEssType.ql +++ /dev/null @@ -1,19 +0,0 @@ -/** - * @id c/misra/comp-expr-val-cast-to-incompat-ess-type - * @name RULE-10-8: The value of a composite expression shall not be cast to a different essential type category or a - * @description The value of a composite expression shall not be cast to a different essential type - * category or a wider essential type. - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/misra/id/rule-10-8 - * external/misra/obligation/required - */ - -import cpp -import codingstandards.c.misra - -from -where - not isExcluded(x, TypesPackage::compExprValCastToIncompatEssTypeQuery()) and -select diff --git a/c/misra/src/rules/RULE-12-4/ConstExprEvalCausesUnsignedIntWraparound.ql b/c/misra/src/rules/RULE-12-4/ConstExprEvalCausesUnsignedIntWraparound.ql deleted file mode 100644 index 86001f7cfb..0000000000 --- a/c/misra/src/rules/RULE-12-4/ConstExprEvalCausesUnsignedIntWraparound.ql +++ /dev/null @@ -1,18 +0,0 @@ -/** - * @id c/misra/const-expr-eval-causes-unsigned-int-wraparound - * @name RULE-12-4: Evaluation of constant expressions should not lead to unsigned integer wrap-around - * @description TODO. - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/misra/id/rule-12-4 - * external/misra/obligation/advisory - */ - -import cpp -import codingstandards.c.misra - -from -where - not isExcluded(x, TypesPackage::constExprEvalCausesUnsignedIntWraparoundQuery()) and -select diff --git a/c/misra/src/rules/RULE-12-5/ArrayTypeParamAtSizeofOperand.ql b/c/misra/src/rules/RULE-12-5/ArrayTypeParamAtSizeofOperand.ql deleted file mode 100644 index 2c67b24759..0000000000 --- a/c/misra/src/rules/RULE-12-5/ArrayTypeParamAtSizeofOperand.ql +++ /dev/null @@ -1,19 +0,0 @@ -/** - * @id c/misra/array-type-param-at-sizeof-operand - * @name RULE-12-5: The sizeof operator shall not have an operand which is a function parameter declared as 'array of - * @description The sizeof operator shall not have an operand which is a function parameter declared - * as 'array of type'. - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/misra/id/rule-12-5 - * external/misra/obligation/mandatory - */ - -import cpp -import codingstandards.c.misra - -from -where - not isExcluded(x, TypesPackage::arrayTypeParamAtSizeofOperandQuery()) and -select diff --git a/c/misra/src/rules/RULE-14-1/LoopCounterHaveEssentiallyFloatingType.ql b/c/misra/src/rules/RULE-14-1/LoopCounterHaveEssentiallyFloatingType.ql deleted file mode 100644 index 9b0b57148d..0000000000 --- a/c/misra/src/rules/RULE-14-1/LoopCounterHaveEssentiallyFloatingType.ql +++ /dev/null @@ -1,18 +0,0 @@ -/** - * @id c/misra/loop-counter-have-essentially-floating-type - * @name RULE-14-1: A loop counter shall not have essentially floating type - * @description TODO. - * @kind problem - * @precision high - * @problem.severity error - * @tags external/misra/id/rule-14-1 - * external/misra/obligation/required - */ - -import cpp -import codingstandards.c.misra - -from -where - not isExcluded(x, TypesPackage::loopCounterHaveEssentiallyFloatingTypeQuery()) and -select diff --git a/c/misra/src/rules/RULE-21-13/CtypeFuncNeitherReprAsUnsignedCharNorEOF.ql b/c/misra/src/rules/RULE-21-13/CtypeFuncNeitherReprAsUnsignedCharNorEOF.ql deleted file mode 100644 index ea070a1aa9..0000000000 --- a/c/misra/src/rules/RULE-21-13/CtypeFuncNeitherReprAsUnsignedCharNorEOF.ql +++ /dev/null @@ -1,19 +0,0 @@ -/** - * @id c/misra/ctype-func-neither-repr-as-unsigned-char-nor-eof - * @name RULE-21-13: Any value passed to a function in shall be representable as an unsigned char or be the - * @description Any value passed to a function in shall be representable as an unsigned - * char or be the value EOF. - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/misra/id/rule-21-13 - * external/misra/obligation/mandatory - */ - -import cpp -import codingstandards.c.misra - -from -where - not isExcluded(x, TypesPackage::ctypeFuncNeitherReprAsUnsignedCharNorEOFQuery()) and -select diff --git a/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql b/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql deleted file mode 100644 index 362985892f..0000000000 --- a/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql +++ /dev/null @@ -1,18 +0,0 @@ -/** - * @id c/misra/memcmp-used-to-compare-null-terminated-strings - * @name RULE-21-14: The Standard Library function memcmp shall not be used to compare null terminated strings - * @description TODO. - * @kind problem - * @precision high - * @problem.severity error - * @tags external/misra/id/rule-21-14 - * external/misra/obligation/required - */ - -import cpp -import codingstandards.c.misra - -from -where - not isExcluded(x, TypesPackage::memcmpUsedToCompareNullTerminatedStringsQuery()) and -select diff --git a/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointerToCompatTypes.ql b/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointerToCompatTypes.ql deleted file mode 100644 index 857f066615..0000000000 --- a/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointerToCompatTypes.ql +++ /dev/null @@ -1,19 +0,0 @@ -/** - * @id c/misra/memcpy-memmove-memcmp-arg-not-pointer-to-compat-types - * @name RULE-21-15: The pointer arguments to the Standard Library functions memcpy, memmove and memcmp shall be pointers - * @description The pointer arguments to the Standard Library functions memcpy, memmove and memcmp - * shall be pointers to qualified or unqualified versions of compatible types. - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/misra/id/rule-21-15 - * external/misra/obligation/required - */ - -import cpp -import codingstandards.c.misra - -from -where - not isExcluded(x, TypesPackage::memcpyMemmoveMemcmpArgNotPointerToCompatTypesQuery()) and -select diff --git a/c/misra/src/rules/RULE-21-16/MemcmpArgNotPtsToSignedUnsignedBooleanEnumEssType.ql b/c/misra/src/rules/RULE-21-16/MemcmpArgNotPtsToSignedUnsignedBooleanEnumEssType.ql deleted file mode 100644 index b78ac3715f..0000000000 --- a/c/misra/src/rules/RULE-21-16/MemcmpArgNotPtsToSignedUnsignedBooleanEnumEssType.ql +++ /dev/null @@ -1,20 +0,0 @@ -/** - * @id c/misra/memcmp-arg-not-pts-to-signed-unsigned-boolean-enum-ess-type - * @name RULE-21-16: The pointer arguments to the Standard Library function memcmp shall point to either a pointer type, - * @description The pointer arguments to the Standard Library function memcmp shall point to either - * a pointer type, an essentially signed type, an essentially unsigned type, an - * essentially Boolean type or an essentially enum type. - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/misra/id/rule-21-16 - * external/misra/obligation/required - */ - -import cpp -import codingstandards.c.misra - -from -where - not isExcluded(x, TypesPackage::memcmpArgNotPtsToSignedUnsignedBooleanEnumEssTypeQuery()) and -select diff --git a/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToObjPtrToConstQualifiedChar.ql b/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToObjPtrToConstQualifiedChar.ql deleted file mode 100644 index 54328526d4..0000000000 --- a/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToObjPtrToConstQualifiedChar.ql +++ /dev/null @@ -1,19 +0,0 @@ -/** - * @id c/misra/string-literal-assigned-to-obj-ptr-to-const-qualified-char - * @name RULE-7-4: A string literal shall not be assigned to an object unless the object's type is 'pointer to - * @description A string literal shall not be assigned to an object unless the object's type is - * 'pointer to const-qualified char'. - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/misra/id/rule-7-4 - * external/misra/obligation/required - */ - -import cpp -import codingstandards.c.misra - -from -where - not isExcluded(x, TypesPackage::stringLiteralAssignedToObjPtrToConstQualifiedCharQuery()) and -select diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/BitfieldTypes.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/BitfieldTypes.qll new file mode 100644 index 0000000000..ef9e94b27a --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/BitfieldTypes.qll @@ -0,0 +1,44 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype BitfieldTypesQuery = + TBitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery() or + TSingleBitNamedBitFieldsOfASignedTypeQuery() + +predicate isBitfieldTypesQueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `bitFieldsShallOnlyBeDeclaredWithAnAppropriateType` query + BitfieldTypesPackage::bitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery() and + queryId = + // `@id` for the `bitFieldsShallOnlyBeDeclaredWithAnAppropriateType` query + "c/misra/bit-fields-shall-only-be-declared-with-an-appropriate-type" and + ruleId = "RULE-6-1" and + category = "required" + or + query = + // `Query` instance for the `singleBitNamedBitFieldsOfASignedType` query + BitfieldTypesPackage::singleBitNamedBitFieldsOfASignedTypeQuery() and + queryId = + // `@id` for the `singleBitNamedBitFieldsOfASignedType` query + "c/misra/single-bit-named-bit-fields-of-a-signed-type" and + ruleId = "RULE-6-2" and + category = "required" +} + +module BitfieldTypesPackage { + Query bitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `bitFieldsShallOnlyBeDeclaredWithAnAppropriateType` query + TQueryC(TBitfieldTypesPackageQuery(TBitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery())) + } + + Query singleBitNamedBitFieldsOfASignedTypeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `singleBitNamedBitFieldsOfASignedType` query + TQueryC(TBitfieldTypesPackageQuery(TSingleBitNamedBitFieldsOfASignedTypeQuery())) + } +} From 1610215b48e025f3169aae673ccf137eb196fbf8 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Fri, 27 Jan 2023 12:40:13 -0800 Subject: [PATCH 0338/2573] update RuleMetadata.qll --- .../src/codingstandards/cpp/exclusions/c/RuleMetadata.qll | 3 +++ 1 file changed, 3 insertions(+) diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index 9ee95dd2dd..e1e89326b8 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -3,6 +3,7 @@ import cpp import codingstandards.cpp.exclusions.RuleMetadata //** Import packages for this language **/ import Banned +import BitfieldTypes import Concurrency1 import Concurrency2 import Concurrency3 @@ -47,6 +48,7 @@ import Types /** The TQuery type representing this language * */ newtype TCQuery = TBannedPackageQuery(BannedQuery q) or + TBitfieldTypesPackageQuery(BitfieldTypesQuery q) or TConcurrency1PackageQuery(Concurrency1Query q) or TConcurrency2PackageQuery(Concurrency2Query q) or TConcurrency3PackageQuery(Concurrency3Query q) or @@ -91,6 +93,7 @@ newtype TCQuery = /** The metadata predicate * */ predicate isQueryMetadata(Query query, string queryId, string ruleId, string category) { isBannedQueryMetadata(query, queryId, ruleId, category) or + isBitfieldTypesQueryMetadata(query, queryId, ruleId, category) or isConcurrency1QueryMetadata(query, queryId, ruleId, category) or isConcurrency2QueryMetadata(query, queryId, ruleId, category) or isConcurrency3QueryMetadata(query, queryId, ruleId, category) or From 5f30b7709c7a548d657e932631950b15e4667438 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Fri, 27 Jan 2023 14:08:22 -0800 Subject: [PATCH 0339/2573] remove remaining occurrences/reference to Types --- .../BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql | 2 +- .../rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql | 2 +- .../src/codingstandards/cpp/exclusions/c/RuleMetadata.qll | 7 ++----- 3 files changed, 4 insertions(+), 7 deletions(-) diff --git a/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql b/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql index 741e1824eb..94a59e9108 100644 --- a/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql +++ b/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql @@ -32,7 +32,7 @@ predicate isAppropriateTypedef(Type type) { from BitField bitField where -not isExcluded(bitField, TypesPackage::bitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery()) and +not isExcluded(bitField, BitfieldTypesPackage::bitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery()) and /* A violation would neither an appropriate primitive type nor an appropriate typedef. */ not (isAppropriatePrimitive(bitField.getType()) or isAppropriateTypedef(bitField.getType())) select bitField, "Bit-field " + bitField + " is declared on type " + bitField + "." \ No newline at end of file diff --git a/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql b/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql index 5950290fb7..bb716692a9 100644 --- a/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql +++ b/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql @@ -34,7 +34,7 @@ predicate isSingleBit(BitField bitField) { from BitField bitField where - not isExcluded(bitField, TypesPackage::singleBitNamedBitFieldsOfASignedTypeQuery()) and + not isExcluded(bitField, BitfieldTypesPackage::singleBitNamedBitFieldsOfASignedTypeQuery()) and isSingleBit(bitField) and // Single-bit, not bitField.isAnonymous() and // named, isSigned(bitField.getType()) // but its type is signed. diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index e1e89326b8..6d0e0445fc 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -43,7 +43,6 @@ import Strings1 import Strings2 import Strings3 import Syntax -import Types /** The TQuery type representing this language * */ newtype TCQuery = @@ -87,8 +86,7 @@ newtype TCQuery = TStrings1PackageQuery(Strings1Query q) or TStrings2PackageQuery(Strings2Query q) or TStrings3PackageQuery(Strings3Query q) or - TSyntaxPackageQuery(SyntaxQuery q) or - TTypesPackageQuery(TypesQuery q) + TSyntaxPackageQuery(SyntaxQuery q) /** The metadata predicate * */ predicate isQueryMetadata(Query query, string queryId, string ruleId, string category) { @@ -132,6 +130,5 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isStrings1QueryMetadata(query, queryId, ruleId, category) or isStrings2QueryMetadata(query, queryId, ruleId, category) or isStrings3QueryMetadata(query, queryId, ruleId, category) or - isSyntaxQueryMetadata(query, queryId, ruleId, category) or - isTypesQueryMetadata(query, queryId, ruleId, category) + isSyntaxQueryMetadata(query, queryId, ruleId, category) } From 1c3570ded7257b18bc7262032e58893f4281ecaf Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Sat, 28 Jan 2023 00:41:35 +0100 Subject: [PATCH 0340/2573] M5-3-2: correct test-case comment typo --- cpp/autosar/test/rules/M5-3-2/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/M5-3-2/test.cpp b/cpp/autosar/test/rules/M5-3-2/test.cpp index a731c3e43f..530e46d567 100644 --- a/cpp/autosar/test/rules/M5-3-2/test.cpp +++ b/cpp/autosar/test/rules/M5-3-2/test.cpp @@ -8,6 +8,6 @@ void f() { std::uint16_t a = -K; // COMPLIANT std::int16_t b = -a; // NON_COMPLIANT - std::uint64_t c = K; // COMPLIANTt + std::uint64_t c = K; // COMPLIANT std::int64_t d = -c; // NON_COMPLIANT } \ No newline at end of file From 2a0429b3c0cec76c18e9c0409b81aeb8360fddb9 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Sat, 28 Jan 2023 00:42:20 +0100 Subject: [PATCH 0341/2573] Implement InvalidMemory1 queries Modify packages and implement EXP33-C, EXP34-C, and MEM30-C --- .vscode/tasks.json | 4 + .../EXP33-C/DoNotReadUninitializedMemory.md | 418 ++++++++++++++++++ .../EXP33-C/DoNotReadUninitializedMemory.ql | 23 + .../EXP34-C/DoNotDereferenceNullPointers.md | 220 +++++++++ .../EXP34-C/DoNotDereferenceNullPointers.ql | 21 + .../rules/MEM30-C/DoNotAccessFreedMemory.md | 258 +++++++++++ .../rules/MEM30-C/DoNotAccessFreedMemory.ql | 63 +++ .../DoNotReadUninitializedMemory.testref | 1 + .../DoNotDereferenceNullPointers.testref | 1 + .../MEM30-C/DoNotAccessFreedMemory.expected | 2 + .../MEM30-C/DoNotAccessFreedMemory.qlref | 1 + c/cert/test/rules/MEM30-C/test.c | 26 ++ .../DereferenceOfNullPointer.expected | 2 + .../DereferenceOfNullPointer.ql | 2 + .../rules/dereferenceofnullpointer/test.c | 31 ++ .../ReadOfUninitializedMemory.expected | 4 + .../ReadOfUninitializedMemory.ql | 2 + .../rules/readofuninitializedmemory/test.c | 97 ++++ ...ctWithAutoStorageDurationReadBeforeInit.ql | 23 + ...hAutoStorageDurationReadBeforeInit.testref | 1 + .../rules/A5-3-2/NullPointersDereferenced.ql | 13 +- .../A5-3-2/NullPointersDereferenced.expected | 3 - .../A5-3-2/NullPointersDereferenced.qlref | 1 - .../A5-3-2/NullPointersDereferenced.testref | 1 + .../cpp/exclusions/c/InvalidMemory1.qll | 78 ++++ .../cpp/exclusions/c/RuleMetadata.qll | 3 + .../DereferenceOfNullPointer.qll | 23 + .../DereferenceOfNullPointer.expected | 1 + .../DereferenceOfNullPointer.ql | 2 + .../rules/dereferenceofnullpointer}/test.cpp | 0 rule_packages/c/InvalidMemory1.json | 88 ++++ rule_packages/cpp/Null.json | 1 + rules.csv | 44 +- 33 files changed, 1425 insertions(+), 33 deletions(-) create mode 100644 c/cert/src/rules/EXP33-C/DoNotReadUninitializedMemory.md create mode 100644 c/cert/src/rules/EXP33-C/DoNotReadUninitializedMemory.ql create mode 100644 c/cert/src/rules/EXP34-C/DoNotDereferenceNullPointers.md create mode 100644 c/cert/src/rules/EXP34-C/DoNotDereferenceNullPointers.ql create mode 100644 c/cert/src/rules/MEM30-C/DoNotAccessFreedMemory.md create mode 100644 c/cert/src/rules/MEM30-C/DoNotAccessFreedMemory.ql create mode 100644 c/cert/test/rules/EXP33-C/DoNotReadUninitializedMemory.testref create mode 100644 c/cert/test/rules/EXP34-C/DoNotDereferenceNullPointers.testref create mode 100644 c/cert/test/rules/MEM30-C/DoNotAccessFreedMemory.expected create mode 100644 c/cert/test/rules/MEM30-C/DoNotAccessFreedMemory.qlref create mode 100644 c/cert/test/rules/MEM30-C/test.c create mode 100644 c/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.expected create mode 100644 c/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql create mode 100644 c/common/test/rules/dereferenceofnullpointer/test.c create mode 100644 c/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.expected create mode 100644 c/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql create mode 100644 c/common/test/rules/readofuninitializedmemory/test.c create mode 100644 c/misra/src/rules/RULE-9-1/ObjectWithAutoStorageDurationReadBeforeInit.ql create mode 100644 c/misra/test/rules/RULE-9-1/ObjectWithAutoStorageDurationReadBeforeInit.testref delete mode 100644 cpp/autosar/test/rules/A5-3-2/NullPointersDereferenced.expected delete mode 100644 cpp/autosar/test/rules/A5-3-2/NullPointersDereferenced.qlref create mode 100644 cpp/autosar/test/rules/A5-3-2/NullPointersDereferenced.testref create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/InvalidMemory1.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/dereferenceofnullpointer/DereferenceOfNullPointer.qll create mode 100644 cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.expected create mode 100644 cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql rename cpp/{autosar/test/rules/A5-3-2 => common/test/rules/dereferenceofnullpointer}/test.cpp (100%) create mode 100644 rule_packages/c/InvalidMemory1.json diff --git a/.vscode/tasks.json b/.vscode/tasks.json index 3735a02e52..7a755abaa1 100644 --- a/.vscode/tasks.json +++ b/.vscode/tasks.json @@ -222,6 +222,8 @@ "Includes", "Initialization", "IntegerConversion", + "InvalidMemory1", + "InvalidMemory2", "Invariants", "Iterators", "Lambdas", @@ -230,6 +232,8 @@ "Literals", "Loops", "Macros", + "Memory1", + "Memory2", "Misc", "MoveForward", "Naming", diff --git a/c/cert/src/rules/EXP33-C/DoNotReadUninitializedMemory.md b/c/cert/src/rules/EXP33-C/DoNotReadUninitializedMemory.md new file mode 100644 index 0000000000..afc3f0a320 --- /dev/null +++ b/c/cert/src/rules/EXP33-C/DoNotReadUninitializedMemory.md @@ -0,0 +1,418 @@ +# EXP33-C: Do not read uninitialized memory + +This query implements the CERT-C rule EXP33-C: + +> Do not read uninitialized memory + + + +## Description + +Local, automatic variables assume unexpected values if they are read before they are initialized. The C Standard, 6.7.9, paragraph 10, specifies \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\] + +> If an object that has automatic storage duration is not initialized explicitly, its value is [indeterminate](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-indeterminatevalue). + + +See [undefined behavior 11](https://wiki.sei.cmu.edu/confluence/display/c/CC.+Undefined+Behavior#CC.UndefinedBehavior-ub_11). + +When local, automatic variables are stored on the program stack, for example, their values default to whichever values are currently stored in stack memory. + +Additionally, some dynamic memory allocation functions do not initialize the contents of the memory they allocate. + +
Function Initialization
aligned_alloc() Does not perform initialization
calloc() Zero-initializes allocated memory
malloc() Does not perform initialization
realloc() Copies contents from original pointer; may not initialize all memory
+Uninitialized automatic variables or dynamically allocated memory has [indeterminate values](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-indeterminatevalue), which for objects of some types, can be a [trap representation](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-traprepresentation). Reading such trap representations is [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior); it can cause a program to behave in an [unexpected](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-unexpectedbehavior) manner and provide an avenue for attack. (See [undefined behavior 10](https://wiki.sei.cmu.edu/confluence/display/c/CC.+Undefined+Behavior#CC.UndefinedBehavior-ub_10) and [undefined behavior 12](https://wiki.sei.cmu.edu/confluence/display/c/CC.+Undefined+Behavior#CC.UndefinedBehavior-ub_12).) In many cases, compilers issue a warning diagnostic message when reading uninitialized variables. (See [MSC00-C. Compile cleanly at high warning levels](https://wiki.sei.cmu.edu/confluence/display/c/MSC00-C.+Compile+cleanly+at+high+warning+levels) for more information.) + + +## Noncompliant Code Example (Return-by-Reference) + +In this noncompliant code example, the `set_flag()` function is intended to set the parameter, `sign_flag`, to the sign of `number`. However, the programmer neglected to account for the case where `number` is equal to `0`. Because the local variable `sign` is uninitialized when calling `set_flag()` and is never written to by `set_flag()`, the comparison operation exhibits [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior) when reading `sign`. + +```cpp +void set_flag(int number, int *sign_flag) { + if (NULL == sign_flag) { + return; + } + + if (number > 0) { + *sign_flag = 1; + } else if (number < 0) { + *sign_flag = -1; + } +} + +int is_negative(int number) { + int sign; + set_flag(number, &sign); + return sign < 0; +} + +``` +Some compilers assume that when the address of an uninitialized variable is passed to a function, the variable is initialized within that function. Because compilers frequently fail to diagnose any resulting failure to initialize the variable, the programmer must apply additional scrutiny to ensure the correctness of the code. + +This defect results from a failure to consider all possible data states. (See [MSC01-C. Strive for logical completeness](https://wiki.sei.cmu.edu/confluence/display/c/MSC01-C.+Strive+for+logical+completeness) for more information.) + +## Compliant Solution (Return-by-Reference) + +This compliant solution trivially repairs the problem by accounting for the possibility that `number` can be equal to 0. + +Although compilers and [static analysis](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-staticanalysis) tools often detect uses of uninitialized variables when they have access to the source code, diagnosing the problem is difficult or impossible when either the initialization or the use takes place in object code for which the source code is inaccessible. Unless doing so is prohibitive for performance reasons, an additional defense-in-depth practice worth considering is to initialize local variables immediately after declaration. + +```cpp +void set_flag(int number, int *sign_flag) { + if (NULL == sign_flag) { + return; + } + + /* Account for number being 0 */ + if (number >= 0) { + *sign_flag = 1; + } else { + *sign_flag = -1; + } +} + +int is_negative(int number) { + int sign = 0; /* Initialize for defense-in-depth */ + set_flag(number, &sign); + return sign < 0; +} + +``` + +## Noncompliant Code Example (Uninitialized Local) + +In this noncompliant code example, the programmer mistakenly fails to set the local variable `error_log` to the `msg` argument in the `report_error()` function \[[Mercy 2006](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-mercy06)\]. Because `error_log` has not been initialized, an [indeterminate value](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-indeterminatevalue) is read. The `sprintf()` call copies data from the arbitrary location pointed to by the indeterminate `error_log` variable until a null byte is reached, which can result in a buffer overflow. + +```cpp +#include + +/* Get username and password from user, return -1 on error */ +extern int do_auth(void); +enum { BUFFERSIZE = 24 }; +void report_error(const char *msg) { + const char *error_log; + char buffer[BUFFERSIZE]; + + sprintf(buffer, "Error: %s", error_log); + printf("%s\n", buffer); +} + +int main(void) { + if (do_auth() == -1) { + report_error("Unable to login"); + } + return 0; +} + +``` + +## Noncompliant Code Example (Uninitialized Local) + +In this noncompliant code example, the `report_error()` function has been modified so that `error_log` is properly initialized: + +```cpp +#include +enum { BUFFERSIZE = 24 }; +void report_error(const char *msg) { + const char *error_log = msg; + char buffer[BUFFERSIZE]; + + sprintf(buffer, "Error: %s", error_log); + printf("%s\n", buffer); +} + +``` +This example remains problematic because a buffer overflow will occur if the null-terminated byte string referenced by `msg` is greater than 17 characters, including the null terminator. (See [STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator](https://wiki.sei.cmu.edu/confluence/display/c/STR31-C.+Guarantee+that+storage+for+strings+has+sufficient+space+for+character+data+and+the+null+terminator) for more information.) + +## Compliant Solution (Uninitialized Local) + +In this compliant solution, the buffer overflow is eliminated by calling the `snprintf()` function: + +```cpp +#include +enum { BUFFERSIZE = 24 }; +void report_error(const char *msg) { + char buffer[BUFFERSIZE]; + + if (0 < snprintf(buffer, BUFFERSIZE, "Error: %s", msg)) + printf("%s\n", buffer); + else + puts("Unknown error"); +} + +``` + +## Compliant Solution (Uninitialized Local) + +A less error-prone compliant solution is to simply print the error message directly instead of using an intermediate buffer: + +```cpp +#include + +void report_error(const char *msg) { + printf("Error: %s\n", msg); +} + +``` + +## Noncompliant Code Example (mbstate_t) + +In this noncompliant code example, the function `mbrlen()` is passed the address of an automatic `mbstate_t` object that has not been properly initialized. This is [undefined behavior 200](https://wiki.sei.cmu.edu/confluence/display/c/CC.+Undefined+Behavior#CC.UndefinedBehavior-ub_200) because `mbrlen()` dereferences and reads its third argument. + +```cpp +#include +#include + +void func(const char *mbs) { + size_t len; + mbstate_t state; + + len = mbrlen(mbs, strlen(mbs), &state); +} + +``` + +## Compliant Solution (mbstate_t) + +Before being passed to a multibyte conversion function, an `mbstate_t` object must be either initialized to the initial conversion state or set to a value that corresponds to the most recent shift state by a prior call to a multibyte conversion function. This compliant solution sets the `mbstate_t` object to the initial conversion state by setting it to all zeros: + +```cpp +#include +#include + +void func(const char *mbs) { + size_t len; + mbstate_t state; + + memset(&state, 0, sizeof(state)); + len = mbrlen(mbs, strlen(mbs), &state); +} + +``` + +## Noncompliant Code Example (POSIX, Entropy) + +In this noncompliant code example described in "[More Randomness or Less](http://kqueue.org/blog/2012/06/25/more-randomness-or-less/)" \[[Wang 2012](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-Wang12)\], the process ID, time of day, and uninitialized memory `junk` is used to seed a random number generator. This behavior is characteristic of some distributions derived from Debian Linux that use uninitialized memory as a source of entropy because the value stored in `junk` is indeterminate. However, because accessing an [indeterminate value](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-indeterminatevalue) is [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior), compilers may optimize out the uninitialized variable access completely, leaving only the time and process ID and resulting in a loss of desired entropy. + +```cpp +#include +#include +#include +#include + +void func(void) { + struct timeval tv; + unsigned long junk; + + gettimeofday(&tv, NULL); + srandom((getpid() << 16) ^ tv.tv_sec ^ tv.tv_usec ^ junk); +} +``` +In security protocols that rely on unpredictability, such as RSA encryption, a loss in entropy results in a less secure system. + +## Compliant Solution (POSIX, Entropy) + +This compliant solution seeds the random number generator by using the CPU clock and the real-time clock instead of reading uninitialized memory: + +```cpp +#include +#include +#include +#include + +void func(void) { + double cpu_time; + struct timeval tv; + + cpu_time = ((double) clock()) / CLOCKS_PER_SEC; + gettimeofday(&tv, NULL); + srandom((getpid() << 16) ^ tv.tv_sec ^ tv.tv_usec ^ cpu_time); +} +``` + +## Noncompliant Code Example (realloc()) + +The `realloc()` function changes the size of a dynamically allocated memory object. The initial `size` bytes of the returned memory object are unchanged, but any newly added space is uninitialized, and its value is [indeterminate](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-indeterminatevalue). As in the case of `malloc()`, accessing memory beyond the size of the original object is [undefined behavior 181](https://wiki.sei.cmu.edu/confluence/display/c/CC.+Undefined+Behavior#CC.UndefinedBehavior-ub_171). + +It is the programmer's responsibility to ensure that any memory allocated with `malloc()` and `realloc()` is properly initialized before it is used. + +In this noncompliant code example, an array is allocated with `malloc()` and properly initialized. At a later point, the array is grown to a larger size but not initialized beyond what the original array contained. Subsequently accessing the uninitialized bytes in the new array is undefined behavior. + +```cpp +#include +#include +enum { OLD_SIZE = 10, NEW_SIZE = 20 }; + +int *resize_array(int *array, size_t count) { + if (0 == count) { + return 0; + } + + int *ret = (int *)realloc(array, count * sizeof(int)); + if (!ret) { + free(array); + return 0; + } + + return ret; +} + +void func(void) { + + int *array = (int *)malloc(OLD_SIZE * sizeof(int)); + if (0 == array) { + /* Handle error */ + } + + for (size_t i = 0; i < OLD_SIZE; ++i) { + array[i] = i; + } + + array = resize_array(array, NEW_SIZE); + if (0 == array) { + /* Handle error */ + } + + for (size_t i = 0; i < NEW_SIZE; ++i) { + printf("%d ", array[i]); + } +} +``` + +## Compliant Solution (realloc()) + +In this compliant solution, the `resize_array()` helper function takes a second parameter for the old size of the array so that it can initialize any newly allocated elements: + +```cpp +#include +#include +#include + +enum { OLD_SIZE = 10, NEW_SIZE = 20 }; + +int *resize_array(int *array, size_t old_count, size_t new_count) { + if (0 == new_count) { + return 0; + } + + int *ret = (int *)realloc(array, new_count * sizeof(int)); + if (!ret) { + free(array); + return 0; + } + + if (new_count > old_count) { + memset(ret + old_count, 0, (new_count - old_count) * sizeof(int)); + } + + return ret; +} + +void func(void) { + + int *array = (int *)malloc(OLD_SIZE * sizeof(int)); + if (0 == array) { + /* Handle error */ + } + + for (size_t i = 0; i < OLD_SIZE; ++i) { + array[i] = i; + } + + array = resize_array(array, OLD_SIZE, NEW_SIZE); + if (0 == array) { + /* Handle error */ + } + + for (size_t i = 0; i < NEW_SIZE; ++i) { + printf("%d ", array[i]); + } +} +``` + +## Exceptions + +**EXP33-C-EX1:** Reading uninitialized memory by an [lvalue](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-lvalue) of type `unsigned char` that could not have been declared with the `register` storage class does not trigger [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). The `unsigned char` type is defined to not have a trap representation, which allows for moving bytes without knowing if they are initialized. (See the C Standard, 6.2.6.1, paragraph 3.) The requirement that `register` could not have been used (not merely that it was not used) is because on some architectures, such as the Intel Itanium, registers have a bit to indicate whether or not they have been initialized. The C Standard, 6.3.2.1, paragraph 2, allows such [implementations](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation) to cause a trap for an object that never had its address taken and is stored in a register if such an object is referred to in any way. + +## Risk Assessment + +Reading uninitialized variables is [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior) and can result in [unexpected program behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-unexpectedbehavior). In some cases, these [security flaws](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-securityflaw) may allow the execution of arbitrary code. + +Reading uninitialized variables for creating entropy is problematic because these memory accesses can be removed by compiler optimization. [VU\#925211](http://www.kb.cert.org/vuls/id/925211) is an example of a [vulnerability](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) caused by this coding error. + +
Rule Severity Likelihood Remediation Cost Priority Level
EXP33-C High Probable Medium P12 L1
+ + +## Automated Detection + +
Tool Version Checker Description
Astrée 22.04 uninitialized-local-read uninitialized-variable-use Fully checked
Axivion Bauhaus Suite 7.2.0 CertC-EXP33
CodeSonar 7.2p0 LANG.MEM.UVAR Uninitialized variable
Compass/ROSE Automatically detects simple violations of this rule, although it may return some false positives. It may not catch more complex violations, such as initialization within functions taking uninitialized variables as arguments. It does catch the second noncompliant code example, and can be extended to catch the first as well
Coverity 2017.07 UNINIT Implemented
Cppcheck 1.66 uninitvaruninitdatauninitstringuninitMemberVaruninitStructMember Detects uninitialized variables, uninitialized pointers, uninitialized struct members, and uninitialized array elements (However, if one element is initialized, then cppcheck assumes the array is initialized.) There are FN compared to some other tools because Cppcheck tries to avoid FP in impossible paths.
GCC 4.3.5 Can detect some violations of this rule when the -Wuninitialized flag is used
Helix QAC 2022.4 DF2726, DF2727, DF2728, DF2961, DF2962, DF2963, DF2966, DF2967, DF2968, DF2971, DF2972, DF2973, DF2976, DF2977, DF2978
Klocwork 2022.4 UNINIT.HEAP.MIGHT UNINIT.HEAP.MUST UNINIT.STACK.ARRAY.MIGHT UNINIT.STACK.ARRAY.MUST UNINIT.STACK.ARRAY.PARTIAL.MUST UNINIT.STACK.MIGHT UNINIT.STACK.MUST UNINIT.CTOR.MIGHT UNINIT.CTOR.MUST
LDRA tool suite 9.7.1 53 D, 69 D, 631 S, 652 S Fully implemented
Parasoft C/C++test 2022.2 CERT_C-EXP33-a Avoid use before initialization
Parasoft Insure++ 2022.2 Runtime analysis
PC-lint Plus 1.4 530, 603, 644, 901 Fully supported
Polyspace Bug Finder R2022b CERT C: Rule EXP33-C Checks for: Non-initialized variableon-initialized variable, non-initialized pointeron-initialized pointer. Rule partially covered
PRQA QA-C 9.7 2726, 2727, 2728, 2961, 2962, 2963, 2966, 2967, 2968, 2971, 2972, 2973, 2976, 2977, 2978 Fully implemented
PRQA QA-C++ 4.4 2961, 2962, 2963, 2966, 2967, 2968, 2971, 2972, 2973, 2976, 2977, 2978
PVS-Studio 7.22 V573 , V614 , V670 , V679 , V1050
RuleChecker 22.04 uninitialized-local-read Partially checked
Splint 3.1.1
TrustInSoft Analyzer 1.38 initialisation Exhaustively verified (see one compliant and one non-compliant example ).
+ + +## Related Vulnerabilities + +[CVE-2009-1888](http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1888) results from a violation of this rule. Some versions of SAMBA (up to 3.3.5) call a function that takes in two potentially uninitialized variables involving access rights. An attacker can [exploit](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-exploit) these coding errors to bypass the access control list and gain access to protected files \[[xorl 2009](http://xorl.wordpress.com/2009/06/26/cve-2009-1888-samba-acls-uninitialized-memory-read/)\]. + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+EXP33-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
Taxonomy Taxonomy item Relationship
CERT C Secure Coding Standard MSC00-C. Compile cleanly at high warning levels Prior to 2018-01-12: CERT: Unspecified Relationship
CERT C Secure Coding Standard MSC01-C. Strive for logical completeness Prior to 2018-01-12: CERT: Unspecified Relationship
CERT C EXP53-CPP. Do not read uninitialized memory Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TR 24772:2013 Initialization of Variables \[LAV\] Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TS 17961 Referencing uninitialized memory \[uninitref\] Prior to 2018-01-12: CERT: Unspecified Relationship
CWE 2.11 CWE-456 2017-07-05: CERT: Exact
CWE 2.11 CWE-457 2017-07-05: CERT: Exact
CWE 2.11 CWE-758 2017-07-05: CERT: Rule subset of CWE
CWE 2.11 CWE-908 2017-07-05: CERT: Rule subset of CWE
+ + +## CERT-CWE Mapping Notes + +[Key here](https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=87152408#HowthisCodingStandardisOrganized-CERT-CWEMappingNotes) for mapping notes + +**CWE-119 and EXP33-C** + +* Intersection( CWE-119, EXP33-C) = Ø +* EXP33-C is about reading uninitialized memory, but this memory is considered part of a valid buffer (on the stack, or returned by a heap function). No buffer overflow is involved. +**CWE-676 and EXP33-C** +* Intersection( CWE-676, EXP33-C) = Ø +* EXP33-C implies that memory allocation functions (e.g., malloc()) are dangerous because they do not initialize the memory they reserve. However, the danger is not in their invocation, but rather reading their returned memory without initializing it. +**CWE-758 and EXP33-C** + +Independent( INT34-C, INT36-C, MSC37-C, FLP32-C, EXP33-C, EXP30-C, ERR34-C, ARR32-C) + +CWE-758 = Union( EXP33-C, list) where list = + +* Undefined behavior that results from anything other than reading uninitialized memory +**CWE-665 and EXP33-C** + +Intersection( CWE-665, EXP33-C) = Ø + +CWE-665 is about correctly initializing items (usually objects), not reading them later. EXP33-C is about reading memory later (that has not been initialized). + +**CWE-908 and EXP33-C** + +CWE-908 = Union( EXP33-C, list) where list = + +* Use of uninitialized items besides raw memory (objects, disk space, etc) +New CWE-CERT mappings: + +**CWE-123 and EXP33-C** + +Intersection( CWE-123, EXP33-C) = Ø + +EXP33-C is only about reading uninitialized memory, not writing, whereas CWE-123 is about writing. + +**CWE-824 and EXP33-C** + +EXP33-C = Union( CWE-824, list) where list = + +* Read of uninitialized memory that does not represent a pointer + +## Bibliography + +
\[ Flake 2006 \]
\[ ISO/IEC 9899:2011 \] Subclause 6.7.9, "Initialization" Subclause 6.2.6.1, "General" Subclause 6.3.2.1, "Lvalues, Arrays, and Function Designators"
\[ Mercy 2006 \]
\[ VU\#925211 \]
\[ Wang 2012 \] "More Randomness or Less"
\[ xorl 2009 \] "CVE-2009-1888: SAMBA ACLs Uninitialized Memory Read"
+ + +## Implementation notes + +None + +## References + +* CERT-C: [EXP33-C: Do not read uninitialized memory](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/EXP33-C/DoNotReadUninitializedMemory.ql b/c/cert/src/rules/EXP33-C/DoNotReadUninitializedMemory.ql new file mode 100644 index 0000000000..ef59be1c10 --- /dev/null +++ b/c/cert/src/rules/EXP33-C/DoNotReadUninitializedMemory.ql @@ -0,0 +1,23 @@ +/** + * @id c/cert/do-not-read-uninitialized-memory + * @name EXP33-C: Do not read uninitialized memory + * @description Using the value of an object with automatic storage duration while it is + * indeterminate is undefined behavior. + * @kind problem + * @precision medium + * @problem.severity error + * @tags external/cert/id/exp33-c + * correctness + * security + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import codingstandards.cpp.rules.readofuninitializedmemory.ReadOfUninitializedMemory + +class DoNotReadUninitializedMemoryQuery extends ReadOfUninitializedMemorySharedQuery { + DoNotReadUninitializedMemoryQuery() { + this = InvalidMemory1Package::doNotReadUninitializedMemoryQuery() + } +} diff --git a/c/cert/src/rules/EXP34-C/DoNotDereferenceNullPointers.md b/c/cert/src/rules/EXP34-C/DoNotDereferenceNullPointers.md new file mode 100644 index 0000000000..568ad8eeab --- /dev/null +++ b/c/cert/src/rules/EXP34-C/DoNotDereferenceNullPointers.md @@ -0,0 +1,220 @@ +# EXP34-C: Do not dereference null pointers + +This query implements the CERT-C rule EXP34-C: + +> Do not dereference null pointers + + + +## Description + +Dereferencing a null pointer is [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). + +On many platforms, dereferencing a null pointer results in [abnormal program termination](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-abnormaltermination), but this is not required by the standard. See "[Clever Attack Exploits Fully-Patched Linux Kernel](http://www.theregister.co.uk/2009/07/17/linux_kernel_exploit/)" \[[Goodin 2009](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-Goodin2009)\] for an example of a code execution [exploit](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-exploit) that resulted from a null pointer dereference. + +## Noncompliant Code Example + +This noncompliant code example is derived from a real-world example taken from a vulnerable version of the `libpng` library as deployed on a popular ARM-based cell phone \[[Jack 2007](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-Jack07)\]. The `libpng` library allows applications to read, create, and manipulate PNG (Portable Network Graphics) raster image files. The `libpng` library implements its own wrapper to `malloc()` that returns a null pointer on error or on being passed a 0-byte-length argument. + +This code also violates [ERR33-C. Detect and handle standard library errors](https://wiki.sei.cmu.edu/confluence/display/c/ERR33-C.+Detect+and+handle+standard+library+errors). + +```cpp +#include /* From libpng */ +#include + +void func(png_structp png_ptr, int length, const void *user_data) { + png_charp chunkdata; + chunkdata = (png_charp)png_malloc(png_ptr, length + 1); + /* ... */ + memcpy(chunkdata, user_data, length); + /* ... */ + } +``` +If `length` has the value `−1`, the addition yields 0, and `png_malloc()` subsequently returns a null pointer, which is assigned to `chunkdata`. The `chunkdata` pointer is later used as a destination argument in a call to `memcpy()`, resulting in user-defined data overwriting memory starting at address 0. In the case of the ARM and XScale architectures, the `0x0` address is mapped in memory and serves as the exception vector table; consequently, dereferencing `0x0` did not cause an [abnormal program termination](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-abnormaltermination). + +## Compliant Solution + +This compliant solution ensures that the pointer returned by `png_malloc()` is not null. It also uses the unsigned type `size_t` to pass the `length` parameter, ensuring that negative values are not passed to `func()`. + +This solution also ensures that the `user_data` pointer is not null. Passing a null pointer to memcpy() would produce undefined behavior, even if the number of bytes to copy were 0. The `user_data` pointer could be invalid in other ways, such as pointing to freed memory. However there is no portable way to verify that the pointer is valid, other than checking for null. + +```cpp +#include /* From libpng */ +#include + + void func(png_structp png_ptr, size_t length, const void *user_data) { + png_charp chunkdata; + if (length == SIZE_MAX) { + /* Handle error */ + } + if (NULL == user_data) { + /* Handle error */ + } + chunkdata = (png_charp)png_malloc(png_ptr, length + 1); + if (NULL == chunkdata) { + /* Handle error */ + } + /* ... */ + memcpy(chunkdata, user_data, length); + /* ... */ + + } +``` + +## Noncompliant Code Example + +In this noncompliant code example, `input_str` is copied into dynamically allocated memory referenced by `c_str`. If `malloc()` fails, it returns a null pointer that is assigned to `c_str`. When `c_str` is dereferenced in `memcpy()`, the program exhibits [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). Additionally, if `input_str` is a null pointer, the call to `strlen()` dereferences a null pointer, also resulting in undefined behavior. This code also violates [ERR33-C. Detect and handle standard library errors](https://wiki.sei.cmu.edu/confluence/display/c/ERR33-C.+Detect+and+handle+standard+library+errors). + +```cpp +#include +#include + +void f(const char *input_str) { + size_t size = strlen(input_str) + 1; + char *c_str = (char *)malloc(size); + memcpy(c_str, input_str, size); + /* ... */ + free(c_str); + c_str = NULL; + /* ... */ +} +``` + +## Compliant Solution + +This compliant solution ensures that both `input_str` and the pointer returned by `malloc()` are not null: + +```cpp +#include +#include + +void f(const char *input_str) { + size_t size; + char *c_str; + + if (NULL == input_str) { + /* Handle error */ + } + + size = strlen(input_str) + 1; + c_str = (char *)malloc(size); + if (NULL == c_str) { + /* Handle error */ + } + memcpy(c_str, input_str, size); + /* ... */ + free(c_str); + c_str = NULL; + /* ... */ +} +``` + +## Noncompliant Code Example + +This noncompliant code example is from a version of `drivers/net/tun.c` and affects Linux kernel 2.6.30 \[[Goodin 2009](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-Goodin2009)\]: + +```cpp +static unsigned int tun_chr_poll(struct file *file, poll_table *wait) { + struct tun_file *tfile = file->private_data; + struct tun_struct *tun = __tun_get(tfile); + struct sock *sk = tun->sk; + unsigned int mask = 0; + + if (!tun) + return POLLERR; + + DBG(KERN_INFO "%s: tun_chr_poll\n", tun->dev->name); + + poll_wait(file, &tun->socket.wait, wait); + + if (!skb_queue_empty(&tun->readq)) + mask |= POLLIN | POLLRDNORM; + + if (sock_writeable(sk) || + (!test_and_set_bit(SOCK_ASYNC_NOSPACE, &sk->sk_socket->flags) && + sock_writeable(sk))) + mask |= POLLOUT | POLLWRNORM; + + if (tun->dev->reg_state != NETREG_REGISTERED) + mask = POLLERR; + + tun_put(tun); + return mask; +} + +``` +The `sk` pointer is initialized to `tun->sk` before checking if `tun` is a null pointer. Because null pointer dereferencing is [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior), the compiler (GCC in this case) can optimize away the `if (!tun)` check because it is performed after `tun->sk` is accessed, implying that `tun` is non-null. As a result, this noncompliant code example is vulnerable to a null pointer dereference exploit, because null pointer dereferencing can be permitted on several platforms, for example, by using `mmap(2)` with the `MAP_FIXED` flag on Linux and Mac OS X, or by using the `shmat()` POSIX function with the `SHM_RND` flag \[[Liu 2009](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-Liu2009)\]. + +## Compliant Solution + +This compliant solution eliminates the null pointer deference by initializing `sk` to `tun->sk` following the null pointer check. It also adds assertions to document that certain other pointers must not be null. + +```cpp +static unsigned int tun_chr_poll(struct file *file, poll_table *wait) { + assert(file); + struct tun_file *tfile = file->private_data; + struct tun_struct *tun = __tun_get(tfile); + struct sock *sk; + unsigned int mask = 0; + + if (!tun) + return POLLERR; + assert(tun->dev); + sk = tun->sk; + assert(sk); + assert(sk->socket); + /* The remaining code is omitted because it is unchanged... */ +} + +``` + +## Risk Assessment + +Dereferencing a null pointer is [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior), typically [abnormal program termination](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-abnormaltermination). In some situations, however, dereferencing a null pointer can lead to the execution of arbitrary code \[[Jack 2007](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-Jack07), [van Sprundel 2006](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-vanSprundel06)\]. The indicated severity is for this more severe case; on platforms where it is not possible to exploit a null pointer dereference to execute arbitrary code, the actual severity is low. + +
Rule Severity Likelihood Remediation Cost Priority Level
EXP34-C High Likely Medium P18 L1
+ + +## Automated Detection + +
Tool Version Checker Description
Astrée 22.04 null-dereferencing Fully checked
Axivion Bauhaus Suite 7.2.0 CertC-EXP34
CodeSonar 7.2p0 LANG.MEM.NPD LANG.STRUCT.NTAD LANG.STRUCT.UPD Null pointer dereference Null test after dereference Unchecked parameter dereference
Compass/ROSE Can detect violations of this rule. In particular, ROSE ensures that any pointer returned by malloc() , calloc() , or realloc() is first checked for NULL before being used (otherwise, it is free() -ed). ROSE does not handle cases where an allocation is assigned to an lvalue that is not a variable (such as a struct member or C++ function call returning a reference)
Coverity 2017.07 CHECKED_RETURN NULL_RETURNS REVERSE_INULL FORWARD_NULL Finds instances where a pointer is checked against NULL and then later dereferenced Identifies functions that can return a null pointer but are not checked Identifies code that dereferences a pointer and then checks the pointer against NULL Can find the instances where NULL is explicitly dereferenced or a pointer is checked against NULL but then dereferenced anyway. Coverity Prevent cannot discover all violations of this rule, so further verification is necessary
Cppcheck 1.66 nullPointer, nullPointerDefaultArg, nullPointerRedundantCheck Context sensitive analysis Detects when NULL is dereferenced (Array of pointers is not checked. Pointer members in structs are not checked.) Finds instances where a pointer is checked against NULL and then later dereferenced Identifies code that dereferences a pointer and then checks the pointer against NULL Does not guess that return values from malloc() , strchr() , etc., can be NULL (The return value from malloc() is NULL only if there is OOMo and the dev might not care to handle that. The return value from strchr() is often NULL , but the dev might know that a specific strchr() function call will not return NULL .)
Helix QAC 2022.4 DF2810, DF2811, DF2812, DF2813
Klocwork 2022.4 NPD.CHECK.CALL.MIGHT NPD.CHECK.CALL.MUST NPD.CHECK.MIGHT NPD.CHECK.MUST NPD.CONST.CALL NPD.CONST.DEREF NPD.FUNC.CALL.MIGHT NPD.FUNC.CALL.MUST NPD.FUNC.MIGHT NPD.FUNC.MUST NPD.GEN.CALL.MIGHT NPD.GEN.CALL.MUST NPD.GEN.MIGHT NPD.GEN.MUST RNPD.CALL RNPD.DEREF
LDRA tool suite 9.7.1 45 D, 123 D, 128 D, 129 D, 130 D, 131 D, 652 S Fully implemented
Parasoft C/C++test 2022.2 CERT_C-EXP34-a Avoid null pointer dereferencing
Parasoft Insure++ Runtime analysis
PC-lint Plus 1.4 413, 418, 444, 613, 668 Partially supported
Polyspace Bug Finder CERT C: Rule EXP34-C Checks for use of null pointers (rule partially covered)
PRQA QA-C 9.7 2810, 2811, 2812, 2813 Fully implemented
PRQA QA-C++ 4.4 2810, 2811, 2812, 2813
PVS-Studio 7.22 V522 , V595 , V664 , V713 , V1004
SonarQube C/C++ Plugin 3.11 S2259
Splint 3.1.1
TrustInSoft Analyzer 1.38 mem_access Exhaustively verified (see one compliant and one non-compliant example ).
+ + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+EXP34-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
Taxonomy Taxonomy item Relationship
CERT Oracle Secure Coding Standard for Java EXP01-J. Do not use a null in a case where an object is required Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TR 24772:2013 Pointer Casting and Pointer Type Changes \[HFC\] Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TR 24772:2013 Null Pointer Dereference \[XYH\] Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TS 17961 Dereferencing an out-of-domain pointer \[nullref\] Prior to 2018-01-12: CERT: Unspecified Relationship
CWE 2.11 CWE-476 , NULL Pointer Dereference 2017-07-06: CERT: Exact
+ + +## CERT-CWE Mapping Notes + +[Key here](https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=87152408#HowthisCodingStandardisOrganized-CERT-CWEMappingNotes) for mapping notes + +**CWE-690 and EXP34-C** + +EXP34-C = Union( CWE-690, list) where list = + +* Dereferencing null pointers that were not returned by a function +**CWE-252 and EXP34-C** + +Intersection( CWE-252, EXP34-C) = Ø + +EXP34-C is a common consequence of ignoring function return values, but it is a distinct error, and can occur in other scenarios too. + +## Bibliography + +
\[ Goodin 2009 \]
\[ Jack 2007 \]
\[ Liu 2009 \]
\[ van Sprundel 2006 \]
\[ Viega 2005 \] Section 5.2.18, "Null-Pointer Dereference"
+ + +## Implementation notes + +None + +## References + +* CERT-C: [EXP34-C: Do not dereference null pointers](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/EXP34-C/DoNotDereferenceNullPointers.ql b/c/cert/src/rules/EXP34-C/DoNotDereferenceNullPointers.ql new file mode 100644 index 0000000000..042e55dbfd --- /dev/null +++ b/c/cert/src/rules/EXP34-C/DoNotDereferenceNullPointers.ql @@ -0,0 +1,21 @@ +/** + * @id c/cert/do-not-dereference-null-pointers + * @name EXP34-C: Do not dereference null pointers + * @description Dereferencing a null pointer leads to undefined behavior. + * @kind problem + * @precision medium + * @problem.severity error + * @tags external/cert/id/exp34-c + * correctness + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import codingstandards.cpp.rules.dereferenceofnullpointer.DereferenceOfNullPointer + +class DoNotDereferenceNullPointersQuery extends DereferenceOfNullPointerSharedQuery { + DoNotDereferenceNullPointersQuery() { + this = InvalidMemory1Package::doNotDereferenceNullPointersQuery() + } +} diff --git a/c/cert/src/rules/MEM30-C/DoNotAccessFreedMemory.md b/c/cert/src/rules/MEM30-C/DoNotAccessFreedMemory.md new file mode 100644 index 0000000000..f5ddbc1f58 --- /dev/null +++ b/c/cert/src/rules/MEM30-C/DoNotAccessFreedMemory.md @@ -0,0 +1,258 @@ +# MEM30-C: Do not access freed memory + +This query implements the CERT-C rule MEM30-C: + +> Do not access freed memory + + +## Description + +Evaluating a pointer—including dereferencing the pointer, using it as an operand of an arithmetic operation, type casting it, and using it as the right-hand side of an assignment—into memory that has been deallocated by a memory management function is [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). Pointers to memory that has been deallocated are called *dangling pointers*. Accessing a dangling pointer can result in exploitable [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability). + +According to the C Standard, using the value of a pointer that refers to space deallocated by a call to the `free()` or `realloc()` function is undefined behavior. (See [undefined behavior 177](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior).) + +Reading a pointer to deallocated memory is undefined behavior because the pointer value is [indeterminate](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-indeterminatevalue) and might be a [trap representation](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-traprepresentation). Fetching a trap representation might perform a hardware trap (but is not required to). + +It is at the memory manager's discretion when to reallocate or recycle the freed memory. When memory is freed, all pointers into it become invalid, and its contents might either be returned to the operating system, making the freed space inaccessible, or remain intact and accessible. As a result, the data at the freed location can appear to be valid but change unexpectedly. Consequently, memory must not be written to or read from once it is freed. + +## Noncompliant Code Example + +This example from Brian Kernighan and Dennis Ritchie \[[Kernighan 1988](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-Kernighan88)\] shows both the incorrect and correct techniques for freeing the memory associated with a linked list. In their (intentionally) incorrect example, `p` is freed before `p->next` is executed, so that `p->next` reads memory that has already been freed. + +```cpp +#include + +struct node { + int value; + struct node *next; +}; + +void free_list(struct node *head) { + for (struct node *p = head; p != NULL; p = p->next) { + free(p); + } +} +``` + +## Compliant Solution + +Kernighan and Ritchie correct this error by storing a reference to `p->next` in `q` before freeing `p`: + +```cpp +#include + +struct node { + int value; + struct node *next; +}; + +void free_list(struct node *head) { + struct node *q; + for (struct node *p = head; p != NULL; p = q) { + q = p->next; + free(p); + } +} +``` + +## Noncompliant Code Example + +In this noncompliant code example, `buf` is written to after it has been freed. Write-after-free vulnerabilities can be [exploited](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-exploit) to run arbitrary code with the permissions of the vulnerable process. Typically, allocations and frees are far removed, making it difficult to recognize and diagnose these problems. + +```cpp +#include +#include + +int main(int argc, char *argv[]) { + char *return_val = 0; + const size_t bufsize = strlen(argv[0]) + 1; + char *buf = (char *)malloc(bufsize); + if (!buf) { + return EXIT_FAILURE; + } + /* ... */ + free(buf); + /* ... */ + strcpy(buf, argv[0]); + /* ... */ + return EXIT_SUCCESS; +} +``` + +## Compliant Solution + +In this compliant solution, the memory is freed after its final use: + +```cpp +#include +#include + +int main(int argc, char *argv[]) { + char *return_val = 0; + const size_t bufsize = strlen(argv[0]) + 1; + char *buf = (char *)malloc(bufsize); + if (!buf) { + return EXIT_FAILURE; + } + /* ... */ + strcpy(buf, argv[0]); + /* ... */ + free(buf); + return EXIT_SUCCESS; +} + +``` + +## Noncompliant Code Example + +In this noncompliant example, `realloc()` may free `c_str1` when it returns a null pointer, resulting in `c_str1` being freed twice. The C Standards Committee's proposed response to [Defect Report \#400](http://www.open-std.org/jtc1/sc22/wg14/www/docs/dr_400.htm) makes it implementation-defined whether or not the old object is deallocated when `size` is zero and memory for the new object is not allocated. The current implementation of `realloc()` in the GNU C Library and Microsoft Visual Studio's Runtime Library will free `c_str1` and return a null pointer for zero byte allocations. Freeing a pointer twice can result in a potentially exploitable vulnerability commonly referred to as a *double-free vulnerability* \[[Seacord 2013b](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-Seacord2013)\]. + +```cpp +#include + +void f(char *c_str1, size_t size) { + char *c_str2 = (char *)realloc(c_str1, size); + if (c_str2 == NULL) { + free(c_str1); + } +} +``` + +## Compliant Solution + +This compliant solution does not pass a size argument of zero to the `realloc()` function, eliminating the possibility of `c_str1` being freed twice: + +```cpp +#include + +void f(char *c_str1, size_t size) { + if (size != 0) { + char *c_str2 = (char *)realloc(c_str1, size); + if (c_str2 == NULL) { + free(c_str1); + } + } + else { + free(c_str1); + } + +} +``` +If the intent of calling `f()` is to reduce the size of the object, then doing nothing when the size is zero would be unexpected; instead, this compliant solution frees the object. + +## Noncompliant Code Example + +In this noncompliant example ([CVE-2009-1364](http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1364)) from `libwmf` version 0.2.8.4, the return value of `gdRealloc` (a simple wrapper around `realloc()` that reallocates space pointed to by `im->clip->list`) is set to `more`. However, the value of `im->clip->list` is used directly afterwards in the code, and the C Standard specifies that if `realloc()` moves the area pointed to, then the original block is freed. An attacker can then execute arbitrary code by forcing a reallocation (with a sufficient `im->clip->count`) and accessing freed memory \[[xorl 2009](http://xorl.wordpress.com/2009/05/05/cve-2009-1364-libwmf-pointer-use-after-free/)\]. + +```cpp +void gdClipSetAdd(gdImagePtr im, gdClipRectanglePtr rect) { + gdClipRectanglePtr more; + if (im->clip == 0) { + /* ... */ + } + if (im->clip->count == im->clip->max) { + more = gdRealloc (im->clip->list,(im->clip->max + 8) * + sizeof (gdClipRectangle)); + /* + * If the realloc fails, then we have not lost the + * im->clip->list value. + */ + if (more == 0) return; + im->clip->max += 8; + } + im->clip->list[im->clip->count] = *rect; + im->clip->count++; + +} +``` + +## Compliant Solution + +This compliant solution simply reassigns `im->clip->list` to the value of `more` after the call to `realloc()`: + +```cpp +void gdClipSetAdd(gdImagePtr im, gdClipRectanglePtr rect) { + gdClipRectanglePtr more; + if (im->clip == 0) { + /* ... */ + } + if (im->clip->count == im->clip->max) { + more = gdRealloc (im->clip->list,(im->clip->max + 8) * + sizeof (gdClipRectangle)); + if (more == 0) return; + im->clip->max += 8; + im->clip->list = more; + } + im->clip->list[im->clip->count] = *rect; + im->clip->count++; + +} +``` + +## Risk Assessment + +Reading memory that has already been freed can lead to abnormal program termination and denial-of-service attacks. Writing memory that has already been freed can additionally lead to the execution of arbitrary code with the permissions of the vulnerable process. + +Freeing memory multiple times has similar consequences to accessing memory after it is freed. Reading a pointer to deallocated memory is [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior) because the pointer value is [indeterminate](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-indeterminatevalue) and might be a [trap representation](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-traprepresentation). When reading from or writing to freed memory does not cause a trap, it may corrupt the underlying data structures that manage the heap in a manner that can be exploited to execute arbitrary code. Alternatively, writing to memory after it has been freed might modify memory that has been reallocated. + +Programmers should be wary when freeing memory in a loop or conditional statement; if coded incorrectly, these constructs can lead to double-free vulnerabilities. It is also a common error to misuse the `realloc()` function in a manner that results in double-free vulnerabilities. (See [MEM04-C. Beware of zero-length allocations](https://wiki.sei.cmu.edu/confluence/display/c/MEM04-C.+Beware+of+zero-length+allocations).) + +
Rule Severity Likelihood Remediation Cost Priority Level
MEM30-C High Likely Medium P18 L1
+ + +## Automated Detection + +
Tool Version Checker Description
Astrée 22.04 dangling_pointer_use Supported Astrée reports all accesses to freed allocated memory.
Axivion Bauhaus Suite 7.2.0 CertC-MEM30 Detects memory accesses after its deallocation and double memory deallocations
CodeSonar 7.2p0 ALLOC.UAF Use after free
Compass/ROSE
Coverity 2017.07 USE_AFTER_FREE Can detect the specific instances where memory is deallocated more than once or read/written to the target of a freed pointer
Helix QAC 2022.4 DF4866, DF4867, DF4868, DF4871, DF4872, DF4873 C++3339, C++4303, C++4304
Klocwork 2022.4 UFM.DEREF.MIGHT UFM.DEREF.MUST UFM.FFM.MIGHT UFM.FFM.MUST UFM.RETURN.MIGHT UFM.RETURN.MUST UFM.USE.MIGHT UFM.USE.MUST
LDRA tool suite 9.7.1 51 D, 484 S, 112 D Partially implemented
Parasoft C/C++test 2022.2 CERT_C-MEM30-a Do not use resources that have been freed
Parasoft Insure++ Runtime analysis
PC-lint Plus 1.4 449, 2434 Fully supported
Polyspace Bug Finder R2022b CERT C: Rule MEM30-C Checks for: Accessing previously freed pointerccessing previously freed pointer, freeing previously freed pointerreeing previously freed pointer. Rule partially covered.
PRQA QA-C 9.7 2731, 2732, 2733
PRQA QA-C++ 4.4 3339, 4303, 4304
PVS-Studio 7.22 V586 , V774
Splint 3.1.1
TrustInSoft Analyzer 1.38 dangling_pointer Exhaustively verified (see one compliant and one non-compliant example ).
+ + +## Related Vulnerabilities + +[VU\#623332](http://www.kb.cert.org/vuls/id/623332) describes a double-free vulnerability in the MIT Kerberos 5 function [krb5_recvauth()](http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2005-003-recvauth.txt). + +Search for [vulnerabilities](https://www.securecoding.cert.org/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+ARR32-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
Taxonomy Taxonomy item Relationship
CERT C Secure Coding Standard MEM01-C. Store a new value in pointers immediately after free() Prior to 2018-01-12: CERT: Unspecified Relationship
CERT C MEM50-CPP. Do not access freed memory Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TR 24772:2013 Dangling References to Stack Frames \[DCM\] Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TR 24772:2013 Dangling Reference to Heap \[XYK\] Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TS 17961 Accessing freed memory \[accfree\] Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TS 17961 Freeing memory multiple times \[dblfree\] Prior to 2018-01-12: CERT: Unspecified Relationship
MISRA C:2012 Rule 18.6 (required) Prior to 2018-01-12: CERT: Unspecified Relationship
CWE 2.11 CWE-416 , Use After Free 2017-07-07: CERT: Exact
CWE 2.11 CWE-672 2017-07-07: CERT: Rule subset of CWE
+ + +## CERT-CWE Mapping Notes + +[Key here](https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=87152408#HowthisCodingStandardisOrganized-CERT-CWEMappingNotes) for mapping notes + +**CWE-672 and MEM30-C** + +Intersection( MEM30-C, FIO46-C) = Ø CWE-672 = Union( MEM30-C, list) where list = + +* Use of a resource, other than memory after it has been released (eg: reusing a closed file, or expired mutex) +**CWE-666 and MEM30-C** + +Intersection( MEM30-C, FIO46-C) = Ø + +CWE-672 = Subset( CWE-666) + +**CWE-758 and MEM30-C** + +CWE-758 = Union( MEM30-C, list) where list = + +* Undefined behavior that is not covered by use-after-free errors +**CWE-415 and MEM30-C** + +MEM30-C = Union( CWE-456, list) where list = + +* Dereference of a pointer after freeing it (besides passing it to free() a second time) + +## Bibliography + +
\[ ISO/IEC 9899:2011 \] 7.22.3, "Memory Management Functions"
\[ Kernighan 1988 \] Section 7.8.5, "Storage Management"
\[ OWASP Freed Memory \]
\[ MIT 2005 \]
\[ Seacord 2013b \] Chapter 4, "Dynamic Memory Management"
\[ Viega 2005 \] Section 5.2.19, "Using Freed Memory"
\[ VU\#623332 \]
\[ xorl 2009 \] CVE-2009-1364: LibWMF Pointer Use after free()
+ + +## Implementation notes + +None + +## References + +* CERT-C: [MEM30-C: Do not access freed memory](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/MEM30-C/DoNotAccessFreedMemory.ql b/c/cert/src/rules/MEM30-C/DoNotAccessFreedMemory.ql new file mode 100644 index 0000000000..28946284d1 --- /dev/null +++ b/c/cert/src/rules/MEM30-C/DoNotAccessFreedMemory.ql @@ -0,0 +1,63 @@ +/** + * @id c/cert/do-not-access-freed-memory + * @name MEM30-C: Do not access freed memory + * @description Accessing memory that has been deallocated is undefined behavior. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/cert/id/mem30-c + * correctness + * security + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import codingstandards.cpp.Allocations +import semmle.code.cpp.controlflow.StackVariableReachability + +/** `e` is an expression that frees the memory pointed to by `v`. */ +predicate isFreeExpr(Expr e, StackVariable v) { + exists(VariableAccess va | va.getTarget() = v and freeExprOrIndirect(e, va, _)) +} + +/** `e` is an expression that (may) dereference `v`. */ +predicate isDerefExpr(Expr e, StackVariable v) { + v.getAnAccess() = e and dereferenced(e) + or + isDerefByCallExpr(_, _, e, v) +} + +/** + * `va` is passed by value as (part of) the `i`th argument in + * call `c`. The target function is either a library function + * or a source code function that dereferences the relevant + * parameter. + */ +predicate isDerefByCallExpr(Call c, int i, VariableAccess va, StackVariable v) { + v.getAnAccess() = va and + va = c.getAnArgumentSubExpr(i) and + not c.passesByReference(i, va) and + (c.getTarget().hasEntryPoint() implies isDerefExpr(_, c.getTarget().getParameter(i))) +} + +class UseAfterFreeReachability extends StackVariableReachability { + UseAfterFreeReachability() { this = "UseAfterFree" } + + override predicate isSource(ControlFlowNode node, StackVariable v) { isFreeExpr(node, v) } + + override predicate isSink(ControlFlowNode node, StackVariable v) { isDerefExpr(node, v) } + + override predicate isBarrier(ControlFlowNode node, StackVariable v) { + definitionBarrier(v, node) or + isFreeExpr(node, v) + } +} + +from UseAfterFreeReachability r, StackVariable v, Expr free, Expr e +where + not isExcluded(e, InvalidMemory1Package::doNotAccessFreedMemoryQuery()) and + r.reaches(free, v, e) +select e, + "Memory pointed to by '" + v.getName().toString() + + "' accessed but may have been previously freed $@.", free, "here" diff --git a/c/cert/test/rules/EXP33-C/DoNotReadUninitializedMemory.testref b/c/cert/test/rules/EXP33-C/DoNotReadUninitializedMemory.testref new file mode 100644 index 0000000000..45f4b5df27 --- /dev/null +++ b/c/cert/test/rules/EXP33-C/DoNotReadUninitializedMemory.testref @@ -0,0 +1 @@ +c/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql \ No newline at end of file diff --git a/c/cert/test/rules/EXP34-C/DoNotDereferenceNullPointers.testref b/c/cert/test/rules/EXP34-C/DoNotDereferenceNullPointers.testref new file mode 100644 index 0000000000..79cbfe9e9d --- /dev/null +++ b/c/cert/test/rules/EXP34-C/DoNotDereferenceNullPointers.testref @@ -0,0 +1 @@ +c/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql \ No newline at end of file diff --git a/c/cert/test/rules/MEM30-C/DoNotAccessFreedMemory.expected b/c/cert/test/rules/MEM30-C/DoNotAccessFreedMemory.expected new file mode 100644 index 0000000000..1c6b00a2bc --- /dev/null +++ b/c/cert/test/rules/MEM30-C/DoNotAccessFreedMemory.expected @@ -0,0 +1,2 @@ +| test.c:11:47:11:47 | p | Memory pointed to by 'p' accessed but may have been previously freed $@. | test.c:12:5:12:8 | call to free | here | +| test.c:25:10:25:12 | buf | Memory pointed to by 'buf' accessed but may have been previously freed $@. | test.c:24:3:24:6 | call to free | here | diff --git a/c/cert/test/rules/MEM30-C/DoNotAccessFreedMemory.qlref b/c/cert/test/rules/MEM30-C/DoNotAccessFreedMemory.qlref new file mode 100644 index 0000000000..514afd57d2 --- /dev/null +++ b/c/cert/test/rules/MEM30-C/DoNotAccessFreedMemory.qlref @@ -0,0 +1 @@ +rules/MEM30-C/DoNotAccessFreedMemory.ql \ No newline at end of file diff --git a/c/cert/test/rules/MEM30-C/test.c b/c/cert/test/rules/MEM30-C/test.c new file mode 100644 index 0000000000..0fee3afe00 --- /dev/null +++ b/c/cert/test/rules/MEM30-C/test.c @@ -0,0 +1,26 @@ +#include +#include + +struct node { + struct node *next; +}; + +void test_freed_loop_var(struct node *list1, struct node *list2) { + struct node *tmp; + + for (struct node *p = list1; p != NULL; p = p->next) { // NON_COMPLIANT + free(p); + } + + for (struct node *p = list2; p != NULL; p = tmp) { // COMPLIANT + tmp = p->next; + free(p); + } +} + +void test_freed_arg(char *input) { + char *buf = (char *)malloc(strlen(input) + 1); + strcpy(buf, input); // COMPLIANT + free(buf); + strcpy(buf, input); // NON_COMPLIANT +} \ No newline at end of file diff --git a/c/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.expected b/c/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.expected new file mode 100644 index 0000000000..51136cfb5d --- /dev/null +++ b/c/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.expected @@ -0,0 +1,2 @@ +| test.c:11:4:11:5 | l1 | Null may be dereferenced here because a null value was assigned $@. | test.c:4:21:4:21 | 0 | here | +| test.c:18:6:18:7 | l1 | Null may be dereferenced here because a null value was assigned $@. | test.c:4:21:4:21 | 0 | here | diff --git a/c/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql b/c/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql new file mode 100644 index 0000000000..94b64d3146 --- /dev/null +++ b/c/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.dereferenceofnullpointer.DereferenceOfNullPointer diff --git a/c/common/test/rules/dereferenceofnullpointer/test.c b/c/common/test/rules/dereferenceofnullpointer/test.c new file mode 100644 index 0000000000..22314a8960 --- /dev/null +++ b/c/common/test/rules/dereferenceofnullpointer/test.c @@ -0,0 +1,31 @@ +#include + +void test_null(int p1) { + int *l1 = (void *)0; + + if (p1 > 10) { + // l1 is only conditionally initialized + l1 = malloc(10 * sizeof(int)); + } + + *l1; // NON_COMPLIANT - dereferenced and still null + + if (l1) { + *l1; // COMPLIANT - null check before dereference + } + + if (!l1) { + *l1; // NON_COMPLIANT - dereferenced and definitely null + } else { + *l1; // COMPLIANT - null check before dereference + } + + free(l1); // COMPLIANT - free of `NULL` is not undefined behavior +} + +void test_default_value_init() { + int *l1; // indeterminate and thus invalid but non-null state + + *l1; // COMPLIANT - considered an uninitialized pointer, + // not a null pointer +} \ No newline at end of file diff --git a/c/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.expected b/c/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.expected new file mode 100644 index 0000000000..a5b472ff9d --- /dev/null +++ b/c/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.expected @@ -0,0 +1,4 @@ +| test.c:33:11:33:12 | l1 | Local variable $@ is read here and may not be initialized on all paths. | test.c:32:7:32:8 | l1 | l1 | +| test.c:35:15:35:16 | l2 | Local variable $@ is read here and may not be initialized on all paths. | test.c:34:8:34:9 | l2 | l2 | +| test.c:37:20:37:21 | l3 | Local variable $@ is read here and may not be initialized on all paths. | test.c:36:13:36:14 | l3 | l3 | +| test.c:84:17:84:24 | arrayPtr | Local variable $@ is read here and may not be initialized on all paths. | test.c:77:8:77:15 | arrayPtr | arrayPtr | diff --git a/c/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql b/c/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql new file mode 100644 index 0000000000..71c2a6cecd --- /dev/null +++ b/c/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.readofuninitializedmemory.ReadOfUninitializedMemory diff --git a/c/common/test/rules/readofuninitializedmemory/test.c b/c/common/test/rules/readofuninitializedmemory/test.c new file mode 100644 index 0000000000..ce2c60484e --- /dev/null +++ b/c/common/test/rules/readofuninitializedmemory/test.c @@ -0,0 +1,97 @@ +#include + +struct A { + int m1; +}; + +void use_int(int a); +void use_struct_A(struct A a); +void use_int_ptr(int *a); +void use_struct_A_ptr(struct A *a); + +void init_by_pointer(int *pointer_param); + +void test_basic_init() { + int l1 = 0; + use_int(l1); // COMPLIANT + struct A l2 = {}; + use_struct_A(l2); // COMPLIANT + int l3; + init_by_pointer(&l3); + use_int(l3); // COMPLIANT + struct A l4; + l4.m1 = 1; // COMPLIANT + use_struct_A(l4); // COMPLIANT + int l5[10] = {1, 0}; + use_int_ptr(l5); // COMPLIANT + struct A l6; + use_struct_A(l6); // COMPLIANT[FALSE_NEGATIVE] +} + +void test_basic_uninit() { + int l1; + use_int(l1); // NON_COMPLIANT + int *l2; + use_int_ptr(l2); // NON_COMPLIANT + struct A *l3; + use_struct_A_ptr(l3); // NON_COMPLIANT + struct A l4; + use_int(l4.m1); // NON_COMPLIANT[FALSE_NEGATIVE] - field is not initialized + int l5[10]; + use_int( + l5[0]); // NON_COMPLIANT[FALSE_NEGATIVE] - array entry is not initialized +} + +int run1(); + +void test_conditional(int x) { + + int l1; // l1 is defined and used only when x is true + if (x) { + l1 = 0; + } + if (x) { + use_int(l1); // COMPLIANT + } + + int l2; // l2 is defined and used only when x is false + if (!x) { + l2 = 0; + } + if (!x) { + use_int(l2); // COMPLIANT + } + + int l3 = 0; + int l4; + if (x) { + l3 = 1; + l4 = 1; + } + + if (l3) { // l3 true indicates l4 is initialized + use_int(l4); // COMPLIANT + } + + int numElements = 0; + int *arrayPtr; + if (x) { + numElements = 5; + arrayPtr = malloc(sizeof(int) * numElements); + } + + if (numElements > 0) { // numElements > 0 indicates arrayPtr is initialized + use_int_ptr(arrayPtr); // COMPLIANT[FALSE_POSITIVE] + } +} + +void test_non_default_init() { + static int sl; + use_int(sl); // COMPLIANT - static int type variables are zero initialized + static int *slp; + use_int_ptr( + slp); // COMPLIANT - static pointer type variables are zero initialized + static struct A ss; + use_struct_A( + ss); // COMPLIANT - static struct type variables are zero initialized +} \ No newline at end of file diff --git a/c/misra/src/rules/RULE-9-1/ObjectWithAutoStorageDurationReadBeforeInit.ql b/c/misra/src/rules/RULE-9-1/ObjectWithAutoStorageDurationReadBeforeInit.ql new file mode 100644 index 0000000000..3a640c11fd --- /dev/null +++ b/c/misra/src/rules/RULE-9-1/ObjectWithAutoStorageDurationReadBeforeInit.ql @@ -0,0 +1,23 @@ +/** + * @id c/misra/object-with-auto-storage-duration-read-before-init + * @name RULE-9-1: The value of an object with automatic storage duration shall not be read before it has been set + * @description Accessing an object before it has been initialized and has an indetermine value can + * lead to undefined behavior. + * @kind problem + * @precision medium + * @problem.severity error + * @tags external/misra/id/rule-9-1 + * correctness + * security + * external/misra/obligation/mandatory + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.rules.readofuninitializedmemory.ReadOfUninitializedMemory + +class ObjectWithAutoStorageDurationReadBeforeInitQuery extends ReadOfUninitializedMemorySharedQuery { + ObjectWithAutoStorageDurationReadBeforeInitQuery() { + this = InvalidMemory1Package::objectWithAutoStorageDurationReadBeforeInitQuery() + } +} diff --git a/c/misra/test/rules/RULE-9-1/ObjectWithAutoStorageDurationReadBeforeInit.testref b/c/misra/test/rules/RULE-9-1/ObjectWithAutoStorageDurationReadBeforeInit.testref new file mode 100644 index 0000000000..45f4b5df27 --- /dev/null +++ b/c/misra/test/rules/RULE-9-1/ObjectWithAutoStorageDurationReadBeforeInit.testref @@ -0,0 +1 @@ +c/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql \ No newline at end of file diff --git a/cpp/autosar/src/rules/A5-3-2/NullPointersDereferenced.ql b/cpp/autosar/src/rules/A5-3-2/NullPointersDereferenced.ql index 5ee527943b..0f00a5de8f 100644 --- a/cpp/autosar/src/rules/A5-3-2/NullPointersDereferenced.ql +++ b/cpp/autosar/src/rules/A5-3-2/NullPointersDereferenced.ql @@ -14,11 +14,10 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.lifetimes.lifetimeprofile.LifetimeProfile +import codingstandards.cpp.rules.dereferenceofnullpointer.DereferenceOfNullPointer -from NullDereference nd, NullReason nr, string message, Element explanation, string explanationDesc -where - not isExcluded(nd, NullPackage::nullPointersDereferencedQuery()) and - nr = nd.getAnInvalidReason() and - nr.hasMessage(message, explanation, explanationDesc) -select nd, "Null may be dereferenced here " + message, explanation, explanationDesc +class NullPointersDereferencedQuery extends DereferenceOfNullPointerSharedQuery { + NullPointersDereferencedQuery() { + this = NullPackage::nullPointersDereferencedQuery() + } +} diff --git a/cpp/autosar/test/rules/A5-3-2/NullPointersDereferenced.expected b/cpp/autosar/test/rules/A5-3-2/NullPointersDereferenced.expected deleted file mode 100644 index 413818e08c..0000000000 --- a/cpp/autosar/test/rules/A5-3-2/NullPointersDereferenced.expected +++ /dev/null @@ -1,3 +0,0 @@ -| test.cpp:9:4:9:5 | l1 | Null may be dereferenced here because a null value was assigned $@. | test.cpp:2:13:2:19 | 0 | here | -| test.cpp:16:6:16:7 | l1 | Null may be dereferenced here because a null value was assigned $@. | test.cpp:2:13:2:19 | 0 | here | -| test.cpp:35:4:35:5 | l2 | Null may be dereferenced here because a null value was assigned $@. | test.cpp:33:11:33:11 | 0 | here | diff --git a/cpp/autosar/test/rules/A5-3-2/NullPointersDereferenced.qlref b/cpp/autosar/test/rules/A5-3-2/NullPointersDereferenced.qlref deleted file mode 100644 index 5cffcd0809..0000000000 --- a/cpp/autosar/test/rules/A5-3-2/NullPointersDereferenced.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/A5-3-2/NullPointersDereferenced.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A5-3-2/NullPointersDereferenced.testref b/cpp/autosar/test/rules/A5-3-2/NullPointersDereferenced.testref new file mode 100644 index 0000000000..610e626032 --- /dev/null +++ b/cpp/autosar/test/rules/A5-3-2/NullPointersDereferenced.testref @@ -0,0 +1 @@ +cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/InvalidMemory1.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/InvalidMemory1.qll new file mode 100644 index 0000000000..e0151592ef --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/InvalidMemory1.qll @@ -0,0 +1,78 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype InvalidMemory1Query = + TDoNotReadUninitializedMemoryQuery() or + TDoNotDereferenceNullPointersQuery() or + TDoNotAccessFreedMemoryQuery() or + TObjectWithAutoStorageDurationReadBeforeInitQuery() + +predicate isInvalidMemory1QueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `doNotReadUninitializedMemory` query + InvalidMemory1Package::doNotReadUninitializedMemoryQuery() and + queryId = + // `@id` for the `doNotReadUninitializedMemory` query + "c/cert/do-not-read-uninitialized-memory" and + ruleId = "EXP33-C" and + category = "rule" + or + query = + // `Query` instance for the `doNotDereferenceNullPointers` query + InvalidMemory1Package::doNotDereferenceNullPointersQuery() and + queryId = + // `@id` for the `doNotDereferenceNullPointers` query + "c/cert/do-not-dereference-null-pointers" and + ruleId = "EXP34-C" and + category = "rule" + or + query = + // `Query` instance for the `doNotAccessFreedMemory` query + InvalidMemory1Package::doNotAccessFreedMemoryQuery() and + queryId = + // `@id` for the `doNotAccessFreedMemory` query + "c/cert/do-not-access-freed-memory" and + ruleId = "MEM30-C" and + category = "rule" + or + query = + // `Query` instance for the `objectWithAutoStorageDurationReadBeforeInit` query + InvalidMemory1Package::objectWithAutoStorageDurationReadBeforeInitQuery() and + queryId = + // `@id` for the `objectWithAutoStorageDurationReadBeforeInit` query + "c/misra/object-with-auto-storage-duration-read-before-init" and + ruleId = "RULE-9-1" and + category = "mandatory" +} + +module InvalidMemory1Package { + Query doNotReadUninitializedMemoryQuery() { + //autogenerate `Query` type + result = + // `Query` type for `doNotReadUninitializedMemory` query + TQueryC(TInvalidMemory1PackageQuery(TDoNotReadUninitializedMemoryQuery())) + } + + Query doNotDereferenceNullPointersQuery() { + //autogenerate `Query` type + result = + // `Query` type for `doNotDereferenceNullPointers` query + TQueryC(TInvalidMemory1PackageQuery(TDoNotDereferenceNullPointersQuery())) + } + + Query doNotAccessFreedMemoryQuery() { + //autogenerate `Query` type + result = + // `Query` type for `doNotAccessFreedMemory` query + TQueryC(TInvalidMemory1PackageQuery(TDoNotAccessFreedMemoryQuery())) + } + + Query objectWithAutoStorageDurationReadBeforeInitQuery() { + //autogenerate `Query` type + result = + // `Query` type for `objectWithAutoStorageDurationReadBeforeInit` query + TQueryC(TInvalidMemory1PackageQuery(TObjectWithAutoStorageDurationReadBeforeInitQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index f06e6c3a49..100c473aec 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -25,6 +25,7 @@ import IO1 import IO2 import IO3 import IO4 +import InvalidMemory1 import Language1 import Language2 import Misc @@ -68,6 +69,7 @@ newtype TCQuery = TIO2PackageQuery(IO2Query q) or TIO3PackageQuery(IO3Query q) or TIO4PackageQuery(IO4Query q) or + TInvalidMemory1PackageQuery(InvalidMemory1Query q) or TLanguage1PackageQuery(Language1Query q) or TLanguage2PackageQuery(Language2Query q) or TMiscPackageQuery(MiscQuery q) or @@ -111,6 +113,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isIO2QueryMetadata(query, queryId, ruleId, category) or isIO3QueryMetadata(query, queryId, ruleId, category) or isIO4QueryMetadata(query, queryId, ruleId, category) or + isInvalidMemory1QueryMetadata(query, queryId, ruleId, category) or isLanguage1QueryMetadata(query, queryId, ruleId, category) or isLanguage2QueryMetadata(query, queryId, ruleId, category) or isMiscQueryMetadata(query, queryId, ruleId, category) or diff --git a/cpp/common/src/codingstandards/cpp/rules/dereferenceofnullpointer/DereferenceOfNullPointer.qll b/cpp/common/src/codingstandards/cpp/rules/dereferenceofnullpointer/DereferenceOfNullPointer.qll new file mode 100644 index 0000000000..5e3328cb63 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/dereferenceofnullpointer/DereferenceOfNullPointer.qll @@ -0,0 +1,23 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import codingstandards.cpp.lifetimes.lifetimeprofile.LifetimeProfile + +abstract class DereferenceOfNullPointerSharedQuery extends Query { } + +Query getQuery() { result instanceof DereferenceOfNullPointerSharedQuery } + +query predicate problems( + NullDereference nd, string message, Element explanation, string explanationDesc +) { + not isExcluded(nd, getQuery()) and + exists(NullReason nr, string nullMessage | + nr = nd.getAnInvalidReason() and + nr.hasMessage(nullMessage, explanation, explanationDesc) and + message = "Null may be dereferenced here " + nullMessage + ) +} diff --git a/cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.expected b/cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql b/cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql new file mode 100644 index 0000000000..94b64d3146 --- /dev/null +++ b/cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.dereferenceofnullpointer.DereferenceOfNullPointer diff --git a/cpp/autosar/test/rules/A5-3-2/test.cpp b/cpp/common/test/rules/dereferenceofnullpointer/test.cpp similarity index 100% rename from cpp/autosar/test/rules/A5-3-2/test.cpp rename to cpp/common/test/rules/dereferenceofnullpointer/test.cpp diff --git a/rule_packages/c/InvalidMemory1.json b/rule_packages/c/InvalidMemory1.json new file mode 100644 index 0000000000..0d84c1c87e --- /dev/null +++ b/rule_packages/c/InvalidMemory1.json @@ -0,0 +1,88 @@ +{ + "CERT-C": { + "EXP33-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Using the value of an object with automatic storage duration while it is indeterminate is undefined behavior.", + "kind": "problem", + "name": "Do not read uninitialized memory", + "precision": "medium", + "severity": "error", + "shared_implementation_short_name": "ReadOfUninitializedMemory", + "short_name": "DoNotReadUninitializedMemory", + "tags": [ + "correctness", + "security" + ] + } + ], + "title": "Do not read uninitialized memory" + }, + "EXP34-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Dereferencing a null pointer leads to undefined behavior.", + "kind": "problem", + "name": "Do not dereference null pointers", + "precision": "medium", + "severity": "error", + "shared_implementation_short_name": "DereferenceOfNullPointer", + "short_name": "DoNotDereferenceNullPointers", + "tags": [ + "correctness" + ] + } + ], + "title": "Do not dereference null pointers" + }, + "MEM30-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Accessing memory that has been deallocated is undefined behavior.", + "kind": "problem", + "name": "Do not access freed memory", + "precision": "high", + "severity": "error", + "short_name": "DoNotAccessFreedMemory", + "tags": [ + "correctness", + "security" + ] + } + ], + "title": "Do not access freed memory" + } + }, + "MISRA-C-2012": { + "RULE-9-1": { + "properties": { + "obligation": "mandatory" + }, + "queries": [ + { + "description": "Accessing an object before it has been initialized can lead to undefined behavior.", + "kind": "problem", + "name": "The value of an object with automatic storage duration shall not be read before it has been set", + "precision": "medium", + "severity": "error", + "shared_implementation_short_name": "ReadOfUninitializedMemory", + "short_name": "ObjectWithAutoStorageDurationReadBeforeInit", + "tags": [ + "correctness", + "security" + ] + } + ], + "title": "The value of an object with automatic storage duration shall not be read before it has been set" + } + } +} \ No newline at end of file diff --git a/rule_packages/cpp/Null.json b/rule_packages/cpp/Null.json index 5e9cbcf4d5..a5410840ce 100644 --- a/rule_packages/cpp/Null.json +++ b/rule_packages/cpp/Null.json @@ -16,6 +16,7 @@ "precision": "medium", "severity": "error", "short_name": "NullPointersDereferenced", + "shared_implementation_short_name": "DereferenceOfNullPointer", "tags": [ "correctness" ] diff --git a/rules.csv b/rules.csv index f9c523c4ba..d2874d3bcc 100644 --- a/rules.csv +++ b/rules.csv @@ -479,10 +479,10 @@ cpp,CERT-C++,STR50-CPP,Yes,Rule,,,Guarantee that storage for strings has suffici cpp,CERT-C++,STR51-CPP,Yes,Rule,,,Do not attempt to create a std::string from a null pointer,,Null,Hard, cpp,CERT-C++,STR52-CPP,Yes,Rule,,,"Use valid references, pointers, and iterators to reference elements of a basic_string",,Iterators,Hard, cpp,CERT-C++,STR53-CPP,Yes,Rule,,,Range check element access,,OutOfBounds,Hard, -c,CERT-C,ARR30-C,Yes,Rule,,,Do not form or use out-of-bounds pointers or array subscripts,,InvalidMemory,Medium, -c,CERT-C,ARR32-C,Yes,Rule,,,Ensure size arguments for variable length arrays are in a valid range,,InvalidMemory,Medium, -c,CERT-C,ARR36-C,Yes,Rule,,,Do not subtract or compare two pointers that do not refer to the same array,,Memory,Medium, -c,CERT-C,ARR37-C,Yes,Rule,,,Do not add or subtract an integer to a pointer to a non-array object,,InvalidMemory,Medium, +c,CERT-C,ARR30-C,Yes,Rule,,,Do not form or use out-of-bounds pointers or array subscripts,,InvalidMemory2,Medium, +c,CERT-C,ARR32-C,Yes,Rule,,,Ensure size arguments for variable length arrays are in a valid range,,InvalidMemory2,Medium, +c,CERT-C,ARR36-C,Yes,Rule,,,Do not subtract or compare two pointers that do not refer to the same array,,Memory2,Medium, +c,CERT-C,ARR37-C,Yes,Rule,,,Do not add or subtract an integer to a pointer to a non-array object,,InvalidMemory2,Medium, c,CERT-C,ARR38-C,Yes,Rule,,,Guarantee that library functions do not form invalid pointers,,OutOfBounds,Very Hard, c,CERT-C,ARR39-C,Yes,Rule,,,Do not add or subtract a scaled integer to a pointer,,Pointers2,Medium, c,CERT-C,CON30-C,Yes,Rule,,,Clean up thread-specific storage,,Concurrency4,Very Hard, @@ -517,14 +517,14 @@ c,CERT-C,ERR33-C,Yes,Rule,,,Detect and handle standard library errors,MEM52-CPP, c,CERT-C,ERR34-C,OutOfScope,Rule,,,Detect errors when converting a string to a number,,,, c,CERT-C,EXP30-C,Yes,Rule,,,Do not depend on the order of evaluation for side effects,EXP50-CPP,SideEffects1,Easy, c,CERT-C,EXP32-C,Yes,Rule,,,Do not access a volatile object through a nonvolatile reference,,Pointers3,Easy, -c,CERT-C,EXP33-C,Yes,Rule,,,Do not read uninitialized memory,EXP53-CPP,InvalidMemory,Easy, -c,CERT-C,EXP34-C,Yes,Rule,,,Do not dereference null pointers,A5-3-2,InvalidMemory,Medium, -c,CERT-C,EXP35-C,Yes,Rule,,,Do not modify objects with temporary lifetime,,InvalidMemory,Hard, +c,CERT-C,EXP33-C,Yes,Rule,,,Do not read uninitialized memory,EXP53-CPP,InvalidMemory1,Import, +c,CERT-C,EXP34-C,Yes,Rule,,,Do not dereference null pointers,A5-3-2,InvalidMemory1,Import, +c,CERT-C,EXP35-C,Yes,Rule,,,Do not modify objects with temporary lifetime,,InvalidMemory2,Hard, c,CERT-C,EXP36-C,Yes,Rule,,,Do not cast pointers into more strictly aligned pointer types,,Pointers3,Medium, c,CERT-C,EXP37-C,Yes,Rule,,,Call functions with the correct number and type of arguments,,Expressions,Easy, c,CERT-C,EXP39-C,Yes,Rule,,,Do not access a variable through a pointer of an incompatible type,,Pointers3,Medium, c,CERT-C,EXP40-C,Yes,Rule,,,Do not modify constant objects,,Contracts,Medium, -c,CERT-C,EXP42-C,Yes,Rule,,,Do not compare padding data,,Memory,Medium, +c,CERT-C,EXP42-C,Yes,Rule,,,Do not compare padding data,,Memory2,Medium, c,CERT-C,EXP43-C,Yes,Rule,,,Avoid undefined behavior when using restrict-qualified pointers,,Pointers3,Medium, c,CERT-C,EXP44-C,Yes,Rule,,,"Do not rely on side effects in operands to sizeof, _Alignof, or _Generic",M5-3-4,SideEffects1,Medium, c,CERT-C,EXP45-C,Yes,Rule,,,Do not perform assignments in selection statements,M6-2-1,SideEffects1,Medium, @@ -555,12 +555,12 @@ c,CERT-C,INT33-C,Yes,Rule,,,Ensure that division and remainder operations do not c,CERT-C,INT34-C,Yes,Rule,,,Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand,M5-8-1,Types,Import, c,CERT-C,INT35-C,Yes,Rule,,,Use correct integer precisions,,Types,Hard, c,CERT-C,INT36-C,Yes,Rule,,,Converting a pointer to integer or integer to pointer,M5-2-9,Types,Easy, -c,CERT-C,MEM30-C,Yes,Rule,,,Do not access freed memory,MEM50-CPP,InvalidMemory,Hard, -c,CERT-C,MEM31-C,Yes,Rule,,,Free dynamically allocated memory when no longer needed,,Memory,Very Hard, -c,CERT-C,MEM33-C,Yes,Rule,,,Allocate and copy structures containing a flexible array member dynamically,,Memory,Very Hard, -c,CERT-C,MEM34-C,Yes,Rule,,,Only free memory allocated dynamically,,Memory,Hard, -c,CERT-C,MEM35-C,Yes,Rule,,,Allocate sufficient memory for an object,,Memory,Very Hard, -c,CERT-C,MEM36-C,Yes,Rule,,,Do not modify the alignment of objects by calling realloc(),,Memory,Medium, +c,CERT-C,MEM30-C,Yes,Rule,,,Do not access freed memory,MEM50-CPP,InvalidMemory1,Import, +c,CERT-C,MEM31-C,Yes,Rule,,,Free dynamically allocated memory when no longer needed,,Memory2,Very Hard, +c,CERT-C,MEM33-C,Yes,Rule,,,Allocate and copy structures containing a flexible array member dynamically,,Memory2,Very Hard, +c,CERT-C,MEM34-C,Yes,Rule,,,Only free memory allocated dynamically,,Memory2,Hard, +c,CERT-C,MEM35-C,Yes,Rule,,,Allocate sufficient memory for an object,,Memory2,Very Hard, +c,CERT-C,MEM36-C,Yes,Rule,,,Do not modify the alignment of objects by calling realloc(),,Memory2,Medium, c,CERT-C,MSC30-C,Yes,Rule,,,Do not use the rand() function for generating pseudorandom numbers,MSC50-CPP,Misc,Easy, c,CERT-C,MSC32-C,Yes,Rule,,,Properly seed pseudorandom number generators,MSC51-CPP,Misc,Easy, c,CERT-C,MSC33-C,Yes,Rule,,,Do not pass invalid data to the asctime() function,,Contracts,Easy, @@ -660,11 +660,11 @@ c,MISRA-C-2012,RULE-8-11,Yes,Advisory,,,"When an array with external linkage is c,MISRA-C-2012,RULE-8-12,Yes,Required,,,"Within an enumerator list, the value of an implicitly-specified enumeration constant shall be unique",,Declarations,Medium, c,MISRA-C-2012,RULE-8-13,Yes,Advisory,,,A pointer should point to a const-qualified type whenever possible,,Pointers1,Medium, c,MISRA-C-2012,RULE-8-14,Yes,Required,,,The restrict type qualifier shall not be used,,Banned,Easy, -c,MISRA-C-2012,RULE-9-1,Yes,Mandatory,,,The value of an object with automatic storage duration shall not be read before it has been set,,InvalidMemory,Medium, -c,MISRA-C-2012,RULE-9-2,Yes,Required,,,The initializer for an aggregate or union shall be enclosed in braces,,Memory,Easy, -c,MISRA-C-2012,RULE-9-3,Yes,Required,,,Arrays shall not be partially initialized,,Memory,Medium, -c,MISRA-C-2012,RULE-9-4,Yes,Required,,,An element of an object shall not be initialized more than once,,Memory,Medium, -c,MISRA-C-2012,RULE-9-5,Yes,Required,,,Where designated initializers are used to initialize an array object the size of the array shall be specified explicitly,,Memory,Medium, +c,MISRA-C-2012,RULE-9-1,Yes,Mandatory,,,The value of an object with automatic storage duration shall not be read before it has been set,,InvalidMemory1,Import, +c,MISRA-C-2012,RULE-9-2,Yes,Required,,,The initializer for an aggregate or union shall be enclosed in braces,,Memory1,Easy, +c,MISRA-C-2012,RULE-9-3,Yes,Required,,,Arrays shall not be partially initialized,,Memory1,Medium, +c,MISRA-C-2012,RULE-9-4,Yes,Required,,,An element of an object shall not be initialized more than once,,Memory1,Medium, +c,MISRA-C-2012,RULE-9-5,Yes,Required,,,Where designated initializers are used to initialize an array object the size of the array shall be specified explicitly,,Memory1,Medium, c,MISRA-C-2012,RULE-10-1,Yes,Required,,,Operands shall not be of an inappropriate essential type,,Types,Hard, c,MISRA-C-2012,RULE-10-2,Yes,Required,,,Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations,,Types,Medium, c,MISRA-C-2012,RULE-10-3,Yes,Required,,,The value of an expression shall not be assigned to an object with a narrower essential type or of a different essential type category,,Types,Hard, @@ -759,13 +759,13 @@ c,MISRA-C-2012,RULE-21-13,Yes,Mandatory,,,Any value passed to a function in shall not result in accesses beyond the bounds of the objects referenced by their pointer parameters,,Memory,Hard, +c,MISRA-C-2012,RULE-21-17,Yes,Mandatory,,,Use of the string handling functions from shall not result in accesses beyond the bounds of the objects referenced by their pointer parameters,,Memory2,Hard, c,MISRA-C-2012,RULE-21-18,Yes,Mandatory,,,The size_t argument passed to any function in shall have an appropriate value,,OutOfBounds,Hard, c,MISRA-C-2012,RULE-21-19,Yes,Mandatory,,,"The pointers returned by the Standard Library functions localeconv, getenv, setlocale or, strerror shall only be used as if they have pointer to const-qualified type",ENV30-C,Contracts2,Medium, c,MISRA-C-2012,RULE-21-20,Yes,Mandatory,,,"The pointer returned by the Standard Library functions asctime, ctime, gmtime, localtime, localeconv, getenv, setlocale or strerror shall not be used following a subsequent call to the same function","ENV34-C",Contracts2,Import, c,MISRA-C-2012,RULE-21-21,Yes,Required,,,The Standard Library function system of shall not be used,ENV33-C,Banned,Import, -c,MISRA-C-2012,RULE-22-1,Yes,Required,,,All resources obtained dynamically by means of Standard Library functions shall be explicitly released,,Memory,Hard, -c,MISRA-C-2012,RULE-22-2,Yes,Mandatory,,,A block of memory shall only be freed if it was allocated by means of a Standard Library function,,Memory,Hard, +c,MISRA-C-2012,RULE-22-1,Yes,Required,,,All resources obtained dynamically by means of Standard Library functions shall be explicitly released,,Memory2,Hard, +c,MISRA-C-2012,RULE-22-2,Yes,Mandatory,,,A block of memory shall only be freed if it was allocated by means of a Standard Library function,,Memory2,Hard, c,MISRA-C-2012,RULE-22-3,Yes,Required,,,The same file shall not be open for read and write access at the same time on different streams,,IO3,Hard, c,MISRA-C-2012,RULE-22-4,Yes,Mandatory,,,There shall be no attempt to write to a stream which has been opened as read-only,,IO3,Medium, c,MISRA-C-2012,RULE-22-5,Yes,Mandatory,,,A pointer to a FILE object shall not be dereferenced,,IO3,Medium, From 7c41fe7e7e22902eaa80fea9b36096ebc8395a65 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Sat, 28 Jan 2023 00:58:25 +0100 Subject: [PATCH 0342/2573] Correct package files --- c/cert/src/rules/EXP33-C/DoNotReadUninitializedMemory.md | 1 - c/cert/src/rules/EXP34-C/DoNotDereferenceNullPointers.md | 1 - .../RULE-9-1/ObjectWithAutoStorageDurationReadBeforeInit.ql | 3 +-- 3 files changed, 1 insertion(+), 4 deletions(-) diff --git a/c/cert/src/rules/EXP33-C/DoNotReadUninitializedMemory.md b/c/cert/src/rules/EXP33-C/DoNotReadUninitializedMemory.md index afc3f0a320..6328cb86d3 100644 --- a/c/cert/src/rules/EXP33-C/DoNotReadUninitializedMemory.md +++ b/c/cert/src/rules/EXP33-C/DoNotReadUninitializedMemory.md @@ -5,7 +5,6 @@ This query implements the CERT-C rule EXP33-C: > Do not read uninitialized memory - ## Description Local, automatic variables assume unexpected values if they are read before they are initialized. The C Standard, 6.7.9, paragraph 10, specifies \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\] diff --git a/c/cert/src/rules/EXP34-C/DoNotDereferenceNullPointers.md b/c/cert/src/rules/EXP34-C/DoNotDereferenceNullPointers.md index 568ad8eeab..40b0d59a4a 100644 --- a/c/cert/src/rules/EXP34-C/DoNotDereferenceNullPointers.md +++ b/c/cert/src/rules/EXP34-C/DoNotDereferenceNullPointers.md @@ -5,7 +5,6 @@ This query implements the CERT-C rule EXP34-C: > Do not dereference null pointers - ## Description Dereferencing a null pointer is [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). diff --git a/c/misra/src/rules/RULE-9-1/ObjectWithAutoStorageDurationReadBeforeInit.ql b/c/misra/src/rules/RULE-9-1/ObjectWithAutoStorageDurationReadBeforeInit.ql index 3a640c11fd..b9960fc886 100644 --- a/c/misra/src/rules/RULE-9-1/ObjectWithAutoStorageDurationReadBeforeInit.ql +++ b/c/misra/src/rules/RULE-9-1/ObjectWithAutoStorageDurationReadBeforeInit.ql @@ -1,8 +1,7 @@ /** * @id c/misra/object-with-auto-storage-duration-read-before-init * @name RULE-9-1: The value of an object with automatic storage duration shall not be read before it has been set - * @description Accessing an object before it has been initialized and has an indetermine value can - * lead to undefined behavior. + * @description Accessing an object before it has been initialized can lead to undefined behavior. * @kind problem * @precision medium * @problem.severity error From 68b3f39e2ae9fe3044eb37442d5be6e77c92b7d8 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Sat, 28 Jan 2023 01:20:49 +0100 Subject: [PATCH 0343/2573] EXP43-C: add test-case and update expected results --- ...lisedPointerToRestrictQualifiedParameter.expected | 10 +++++----- ...strictPointerReferencesOverlappingObject.expected | 12 ++++++------ c/cert/test/rules/EXP43-C/test.c | 6 ++++++ 3 files changed, 17 insertions(+), 11 deletions(-) diff --git a/c/cert/test/rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.expected b/c/cert/test/rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.expected index 61aaf6b4ce..3ad9bc225b 100644 --- a/c/cert/test/rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.expected +++ b/c/cert/test/rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.expected @@ -1,5 +1,5 @@ -| test.c:53:3:53:6 | call to copy | Call to 'copy' passes an aliased pointer to a restrict-qualified parameter. | -| test.c:58:3:58:6 | call to copy | Call to 'copy' passes an aliased pointer to a restrict-qualified parameter. | -| test.c:64:3:64:8 | call to strcpy | Call to 'strcpy' passes an aliased pointer to a restrict-qualified parameter. | -| test.c:71:3:71:8 | call to memcpy | Call to 'memcpy' passes an aliased pointer to a restrict-qualified parameter. | -| test.c:84:3:84:7 | call to scanf | Call to 'scanf' passes an aliased pointer to a restrict-qualified parameter. | +| test.c:59:3:59:6 | call to copy | Call to 'copy' passes an aliased pointer to a restrict-qualified parameter. | +| test.c:64:3:64:6 | call to copy | Call to 'copy' passes an aliased pointer to a restrict-qualified parameter. | +| test.c:70:3:70:8 | call to strcpy | Call to 'strcpy' passes an aliased pointer to a restrict-qualified parameter. | +| test.c:77:3:77:8 | call to memcpy | Call to 'memcpy' passes an aliased pointer to a restrict-qualified parameter. | +| test.c:90:3:90:7 | call to scanf | Call to 'scanf' passes an aliased pointer to a restrict-qualified parameter. | diff --git a/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected b/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected index 34fe741bd5..66aa8ff233 100644 --- a/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected +++ b/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected @@ -1,6 +1,6 @@ -| test.c:16:22:16:23 | i2 | Assignment to restrict-qualified pointer $@ results in pointer aliasing. | test.c:16:17:16:18 | i3 | i3 | -| test.c:17:8:17:9 | g2 | Assignment to restrict-qualified pointer $@ results in pointer aliasing. | test.c:5:15:5:16 | g1 | g1 | -| test.c:18:8:18:9 | i2 | Assignment to restrict-qualified pointer $@ results in pointer aliasing. | test.c:14:17:14:18 | i1 | i1 | -| test.c:26:10:26:11 | g1 | Assignment to restrict-qualified pointer $@ results in pointer aliasing. | test.c:20:19:20:20 | i4 | i4 | -| test.c:33:22:33:26 | & ... | Assignment to restrict-qualified pointer $@ results in pointer aliasing. | test.c:33:17:33:18 | px | px | -| test.c:40:10:40:14 | & ... | Assignment to restrict-qualified pointer $@ results in pointer aliasing. | test.c:35:19:35:20 | py | py | +| test.c:18:22:18:23 | i2 | Assignment to restrict-qualified pointer $@ results in pointer aliasing. | test.c:18:17:18:18 | i3 | i3 | +| test.c:19:8:19:9 | g2 | Assignment to restrict-qualified pointer $@ results in pointer aliasing. | test.c:5:15:5:16 | g1 | g1 | +| test.c:20:8:20:9 | i2 | Assignment to restrict-qualified pointer $@ results in pointer aliasing. | test.c:16:17:16:18 | i1 | i1 | +| test.c:28:10:28:11 | g1 | Assignment to restrict-qualified pointer $@ results in pointer aliasing. | test.c:22:19:22:20 | i4 | i4 | +| test.c:39:22:39:26 | & ... | Assignment to restrict-qualified pointer $@ results in pointer aliasing. | test.c:39:17:39:18 | px | px | +| test.c:46:10:46:14 | & ... | Assignment to restrict-qualified pointer $@ results in pointer aliasing. | test.c:41:19:41:20 | py | py | diff --git a/c/cert/test/rules/EXP43-C/test.c b/c/cert/test/rules/EXP43-C/test.c index 31f179a64c..468aa354d2 100644 --- a/c/cert/test/rules/EXP43-C/test.c +++ b/c/cert/test/rules/EXP43-C/test.c @@ -4,6 +4,8 @@ int *restrict g1; int *restrict g2; +int *restrict g1_1; +int *g2_1; struct s1 { int x, y, z; @@ -28,6 +30,10 @@ void test_global_local() { } } +void test_global_local_1() { + g1_1 = g2_1; // COMPLIANT +} + void test_structs() { struct s1 *restrict p1 = &v1; int *restrict px = &v1.x; // NON_COMPLIANT From 934811dcee8abbe0da03058309db7eecf7691e9b Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Sat, 28 Jan 2023 01:22:17 +0100 Subject: [PATCH 0344/2573] EXP43-C: remove redundant check --- .../rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql | 1 - 1 file changed, 1 deletion(-) diff --git a/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql b/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql index 851fbcebaa..e382814ba1 100644 --- a/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql +++ b/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql @@ -68,7 +68,6 @@ where ) or // Two restrict-qualified pointers in the same scope assigned to each other - expr.getVariable().getType().hasSpecifier("restrict") and expr.(VariableAccess).getTarget().getType().hasSpecifier("restrict") and expr.(VariableAccess).getTarget().getParentScope() = expr.getVariable().getParentScope() ) From de6cd014a0acf4f107e9767af4189025cb40634a Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Sat, 28 Jan 2023 01:22:37 +0100 Subject: [PATCH 0345/2573] Move `PointerOrArrayType` into `Pointers.qll` to deduplicate usage --- ...NotPassAlisedPointerToRestrictQualifiedParameter.ql | 10 ---------- c/common/src/codingstandards/c/Pointers.qll | 10 ++++++++++ .../PointerShouldPointToConstTypeWhenPossible.ql | 8 +------- 3 files changed, 11 insertions(+), 17 deletions(-) diff --git a/c/cert/src/rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.ql b/c/cert/src/rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.ql index 60cbfa7756..08c6cb638f 100644 --- a/c/cert/src/rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.ql +++ b/c/cert/src/rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.ql @@ -17,16 +17,6 @@ import semmle.code.cpp.dataflow.DataFlow import semmle.code.cpp.pointsto.PointsTo import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis -/** - * A type that is a pointer or array type. - */ -class PointerOrArrayType extends DerivedType { - PointerOrArrayType() { - this.stripTopLevelSpecifiers() instanceof PointerType or - this.stripTopLevelSpecifiers() instanceof ArrayType - } -} - /** * A function that has a parameter with a restrict-qualified pointer type. */ diff --git a/c/common/src/codingstandards/c/Pointers.qll b/c/common/src/codingstandards/c/Pointers.qll index 4b4e46a138..6658ec9e81 100644 --- a/c/common/src/codingstandards/c/Pointers.qll +++ b/c/common/src/codingstandards/c/Pointers.qll @@ -5,6 +5,16 @@ import cpp import codingstandards.cpp.Type +/** + * A type that is a pointer or array type. + */ +class PointerOrArrayType extends DerivedType { + PointerOrArrayType() { + this.stripTopLevelSpecifiers() instanceof PointerType or + this.stripTopLevelSpecifiers() instanceof ArrayType + } +} + /** * An expression which performs pointer arithmetic */ diff --git a/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql b/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql index f04721883b..5e63e74e2c 100644 --- a/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql +++ b/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql @@ -15,15 +15,9 @@ import cpp import codingstandards.c.misra +import codingstandards.c.Pointers import codingstandards.cpp.SideEffect -class PointerOrArrayType extends DerivedType { - PointerOrArrayType() { - this.stripTopLevelSpecifiers() instanceof PointerType or - this.stripTopLevelSpecifiers() instanceof ArrayType - } -} - from Variable ptr, PointerOrArrayType type where not isExcluded(ptr, Pointers1Package::pointerShouldPointToConstTypeWhenPossibleQuery()) and From 4ce739133840a3cc93d2ec3c1ba565173a7ce142 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Sat, 28 Jan 2023 12:17:17 +0100 Subject: [PATCH 0346/2573] Update DereferenceOfNullPointer.expected --- .../DereferenceOfNullPointer.expected | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.expected b/cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.expected index 2ec1a0ac6c..413818e08c 100644 --- a/cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.expected +++ b/cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.expected @@ -1 +1,3 @@ -No expected results have yet been specified \ No newline at end of file +| test.cpp:9:4:9:5 | l1 | Null may be dereferenced here because a null value was assigned $@. | test.cpp:2:13:2:19 | 0 | here | +| test.cpp:16:6:16:7 | l1 | Null may be dereferenced here because a null value was assigned $@. | test.cpp:2:13:2:19 | 0 | here | +| test.cpp:35:4:35:5 | l2 | Null may be dereferenced here because a null value was assigned $@. | test.cpp:33:11:33:11 | 0 | here | From 769d263db91f9fe668ef99ef60b4a25f2e817efa Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 30 Jan 2023 13:59:02 -0500 Subject: [PATCH 0347/2573] work --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index 0124a8f5cf..b0e4206f58 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,6 +1,6 @@ // A POD class. -struct A { +structA { int f; int f2; }; From b3f654170bab7961dbb6f8a8ab5e268d1ebccd70 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 30 Jan 2023 14:12:21 -0500 Subject: [PATCH 0348/2573] broken --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index b0e4206f58..c9c5698e2d 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -3,7 +3,7 @@ structA { int f; int f2; -}; +} // A non-POD class, with a trivial compiler generated constructor struct B { int f; From 7462ec89df9c7b0aa529d36f8acae29958122735 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Mon, 30 Jan 2023 11:50:39 -0800 Subject: [PATCH 0349/2573] create test.cpp --- cpp/autosar/test/rules/A0-1-4/test.cpp | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 cpp/autosar/test/rules/A0-1-4/test.cpp diff --git a/cpp/autosar/test/rules/A0-1-4/test.cpp b/cpp/autosar/test/rules/A0-1-4/test.cpp new file mode 100644 index 0000000000..85cb21707e --- /dev/null +++ b/cpp/autosar/test/rules/A0-1-4/test.cpp @@ -0,0 +1,9 @@ + void f( + [[maybe_unused]] int i, // compliant + int j, // compliant + int k // compliant + ) { + static_cast(i); + (void)j; + std::ignore = k; + } \ No newline at end of file From 3bdc76d5e19ea6ebaa8f3fd825789cbf9f8e4c47 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Mon, 30 Jan 2023 11:53:48 -0800 Subject: [PATCH 0350/2573] delete test.cpp It was due to a confusion on my part to create this --- cpp/autosar/test/rules/A0-1-4/test.cpp | 9 --------- 1 file changed, 9 deletions(-) delete mode 100644 cpp/autosar/test/rules/A0-1-4/test.cpp diff --git a/cpp/autosar/test/rules/A0-1-4/test.cpp b/cpp/autosar/test/rules/A0-1-4/test.cpp deleted file mode 100644 index 85cb21707e..0000000000 --- a/cpp/autosar/test/rules/A0-1-4/test.cpp +++ /dev/null @@ -1,9 +0,0 @@ - void f( - [[maybe_unused]] int i, // compliant - int j, // compliant - int k // compliant - ) { - static_cast(i); - (void)j; - std::ignore = k; - } \ No newline at end of file From 47805d8a2ff70025fbdf8cbdabc8a22f0ef5a944 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Mon, 30 Jan 2023 15:40:54 -0800 Subject: [PATCH 0351/2573] update --- cpp/common/test/rules/unusedparameter/test.cpp | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/cpp/common/test/rules/unusedparameter/test.cpp b/cpp/common/test/rules/unusedparameter/test.cpp index 07d14bfe9e..69cda46281 100644 --- a/cpp/common/test/rules/unusedparameter/test.cpp +++ b/cpp/common/test/rules/unusedparameter/test.cpp @@ -1,6 +1,8 @@ // NOTICE: SOME OF THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C TEST CASE AND // CHANGES SHOULD BE REFLECTED THERE AS WELL. +#include + int test_used(int x) { return x; } // COMPLIANT void test_unused(int x) {} // NON_COMPLIANT @@ -16,4 +18,16 @@ class A { virtual void d(int x, int y) {} // virtual, not covered by this rule }; + void f( + int i, + int j, + int k, + [[maybe_unused]] + int l // NON_COMPILANT: maybe_unused parameters should also be considered unused + ) { + static_cast(i); // NON_COMPILANT: static_cast to void should also be considered unused + (void)j; // NON_COMPILANT: C-style void casts should also be considered unused + std::ignore = k; // NON_COMPILANT: Assignment to std::ignore should also be considered unused + } + void test_no_def(int x); // COMPLIANT - no definition, so cannot be "unused" \ No newline at end of file From d7d26dbd32398bde3ac758678c60fcac238de203 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Mon, 30 Jan 2023 22:00:20 -0500 Subject: [PATCH 0352/2573] Fix developer handbook url --- docs/development_handbook.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/development_handbook.md b/docs/development_handbook.md index d35c03f2d2..9821d581fd 100644 --- a/docs/development_handbook.md +++ b/docs/development_handbook.md @@ -40,7 +40,7 @@ A _coding standard_ is a set of rules or guidelines which restrict or prohibit t | Standard | Version | Total rules | Total supportable rules | Status | Notes | | -------------------------------------------------------------------------------------------------------------------- | ------- | ----------- | ----------------------- | -------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | -| [AUTOSAR C++](https://www.autosar.org/fileadmin/user_upload/standards/adaptive/20-11/AUTOSAR_RS_CPP14Guidelines.pdf) | 20-11 | 397 | 375 | Implemented | +| [AUTOSAR C++](https://www.autosar.org/fileadmin/standards/adaptive/20-11/AUTOSAR_RS_CPP14Guidelines.pdf) | 20-11 | 397 | 375 | Implemented | | [CERT-C++](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-cpp-coding-standard-2016-v01.pdf) | 2016 | 83 | 83 | Implemented | AUTOSAR includes a sub-set of rules take from MISRA C++ 2008, which can be purchased for a small fee from [the MISRA website](https://misra.org.uk/shop). | | [CERT-C](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-c-coding-standard-2016-v01.pdf) | 2016 | 120 | 99 | In development | The implementation excludes rules not part of 2016, but that are added to the [CERT-C wiki](https://wiki.sei.cmu.edu/confluence/display/c/) | | [MISRA C](https://www.misra.org.uk/product/misra-c2012-third-edition-first-revision/ ) | 2012 | 172 | 172 | In development | This includes the [MISRA C:2012 Amendment 2](https://www.misra.org.uk/app/uploads/2021/06/MISRA-C-2012-AMD2.pdf) | From aca8fdc8a417e20b949d8dada27cb9b1fc931817 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Tue, 31 Jan 2023 08:35:00 -0800 Subject: [PATCH 0353/2573] checkpoint: A0-1-2 --- .../src/rules/A0-1-2/UnusedReturnValue.ql | 46 +++++++++++-------- 1 file changed, 28 insertions(+), 18 deletions(-) diff --git a/cpp/autosar/src/rules/A0-1-2/UnusedReturnValue.ql b/cpp/autosar/src/rules/A0-1-2/UnusedReturnValue.ql index 8e8a91ae5a..da7f34cf23 100644 --- a/cpp/autosar/src/rules/A0-1-2/UnusedReturnValue.ql +++ b/cpp/autosar/src/rules/A0-1-2/UnusedReturnValue.ql @@ -18,6 +18,16 @@ import cpp import codingstandards.cpp.autosar import semmle.code.cpp.dataflow.DataFlow +// Type isEdgeCase(Expr expr) { +// // 1. c-style casts to void. +// expr.(CStyleCast).getUnderlyingType() +// // 2. Assignment to std::ignore +// } + +from CStyleCast expr +where any() +select expr, expr.getType() + /* * This query performs a simple syntactic check to ensure that the return value of the function is * not completely ignored. This matches the examples given in the rule, although the text itself is @@ -26,21 +36,21 @@ import semmle.code.cpp.dataflow.DataFlow * access of `ret_val`. However, such a case _would_ be flagged by A0-1-1 - Useless assignment. */ -from FunctionCall fc, Function f -where - not isExcluded(fc, DeadCodePackage::unusedReturnValueQuery()) and - // Find function calls in `ExprStmt`s, which indicate the return value is ignored - fc.getParent() instanceof ExprStmt and - // Ignore calls to void functions, which don't return values - not fc.getUnderlyingType() instanceof VoidType and - // Get the function target - f = fc.getTarget() and - // Overloaded (i.e. user defined) operators should behave in the same way as built-in operators, - // so the rule does not require the use of the return value - not f instanceof Operator and - // Exclude cases where the function call is generated within a macro, as the user of the macro is - // not necessarily able to address thoes results - not fc.isAffectedByMacro() and - // Rule allows disabling this rule where a static_cast is applied - not fc.getExplicitlyConverted().(StaticCast).getActualType() instanceof VoidType -select fc, "Return value from call to $@ is unused.", f, f.getName() +// from FunctionCall fc, Function f +// where +// not isExcluded(fc, DeadCodePackage::unusedReturnValueQuery()) and +// // Find function calls in `ExprStmt`s, which indicate the return value is ignored +// fc.getParent() instanceof ExprStmt and +// // Ignore calls to void functions, which don't return values +// not fc.getUnderlyingType() instanceof VoidType and +// // Get the function target +// f = fc.getTarget() and +// // Overloaded (i.e. user defined) operators should behave in the same way as built-in operators, +// // so the rule does not require the use of the return value +// not f instanceof Operator and +// // Exclude cases where the function call is generated within a macro, as the user of the macro is +// // not necessarily able to address thoes results +// not fc.isAffectedByMacro() and +// // Rule allows disabling this rule where a static_cast is applied +// not fc.getExplicitlyConverted().(StaticCast).getActualType() instanceof VoidType +// select fc, "Return value from call to $@ is unused.", f, f.getName() From e49bcd6aae346173a4097beea3dee09d1a2716e1 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Tue, 31 Jan 2023 08:46:13 -0800 Subject: [PATCH 0354/2573] update test.c for RULE-6-1 to differ from given examples --- ...nlyBeDeclaredWithAnAppropriateType.expected | 8 ++++---- c/misra/test/rules/RULE-6-1/test.c | 18 ++++++++---------- 2 files changed, 12 insertions(+), 14 deletions(-) diff --git a/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.expected b/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.expected index cb80395588..fe371a7972 100644 --- a/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.expected +++ b/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.expected @@ -1,4 +1,4 @@ -| test.c:8:7:8:8 | b3 | Bit-field b3 is declared on type b3. | -| test.c:11:15:11:16 | b5 | Bit-field b5 is declared on type b5. | -| test.c:13:15:13:16 | b6 | Bit-field b6 is declared on type b6. | -| test.c:14:14:14:15 | b7 | Bit-field b7 is declared on type b7. | +| test.c:6:7:6:8 | x1 | Bit-field x1 is declared on type x1. | +| test.c:10:15:10:16 | x5 | Bit-field x5 is declared on type x5. | +| test.c:11:15:11:16 | x6 | Bit-field x6 is declared on type x6. | +| test.c:12:14:12:15 | x7 | Bit-field x7 is declared on type x7. | \ No newline at end of file diff --git a/c/misra/test/rules/RULE-6-1/test.c b/c/misra/test/rules/RULE-6-1/test.c index 7fbde78b57..3c1846d956 100644 --- a/c/misra/test/rules/RULE-6-1/test.c +++ b/c/misra/test/rules/RULE-6-1/test.c @@ -1,15 +1,13 @@ -typedef unsigned int UINT_16; +typedef unsigned int UINT16; enum Color { R, G, B }; struct SampleStruct { - unsigned int b1 : 2; // COMPILANT - explicitly unsigned (example in the doc) - signed int b2 : 2; // COMPILANT - explicitly signed - int b3 : 2; // NON_COMPLIANT - plain int not permitted (example in the doc) - UINT_16 b4 : 2; // COMPLIANT - typedef designating unsigned int (example in - // the doc) - signed long b5 : 2; // NON_COMPLIANT - even if long and int are the same size - // (example in the doc) - signed char b6 : 2; // NON_COMPILANT - cannot declare bit field for char - enum Color b7 : 3; // NON_COMPILANT - cannot declare bit field for enum + int x1 : 2; // NON_COMPLIANT - not explicitly signed or unsigned + unsigned int x2 : 2; // COMPILANT - explicitly unsigned (example in the doc) + signed int x3 : 2; // COMPILANT - explicitly signed + UINT16 x4 : 2; // COMPLIANT - type alias resolves to a compliant type + signed long x5 : 2; // NON_COMPLIANT - cannot declare bit field for long, even if it's signed + signed char x6 : 2; // NON_COMPILANT - cannot declare bit field for char, even if it's signed + enum Color x7 : 3; // NON_COMPILANT - cannot declare bit field for enum } sample_struct; \ No newline at end of file From c0ba2620619bce6b36489b03f976da85db79db7d Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Tue, 31 Jan 2023 11:56:39 -0800 Subject: [PATCH 0355/2573] delete remaining tests and delete Types.json --- ...mainAndRangeErrorsInMathFunctions.expected | 1 - ...tDomainAndRangeErrorsInMathFunctions.qlref | 1 - ...onversionsNotWithinRangeOfNewType.expected | 1 - ...ntConversionsNotWithinRangeOfNewType.qlref | 1 - ...ointOfIntegralValuesLosePrecision.expected | 1 - ...ngPointOfIntegralValuesLosePrecision.qlref | 1 - ...edForComparingFloatingPointValues.expected | 1 - ...rUsedForComparingFloatingPointValues.qlref | 1 - ...nsignedIntegerOperationsDoNotWrap.expected | 1 - ...atUnsignedIntegerOperationsDoNotWrap.qlref | 1 - ...ionCausesLostOrMisinterpretedData.expected | 1 - ...ersionCausesLostOrMisinterpretedData.qlref | 1 - ...OnSignedIntegersResultsInOverflow.expected | 1 - ...onsOnSignedIntegersResultsInOverflow.qlref | 1 - ...AndModOperationResultsInDivByZero.expected | 1 - ...DivAndModOperationResultsInDivByZero.qlref | 1 - ...yNegativeBitsOrGreaterThanOperand.expected | 1 - ...edByNegativeBitsOrGreaterThanOperand.qlref | 1 - .../UseCorrectIntegerPrecisions.expected | 1 - .../INT35-C/UseCorrectIntegerPrecisions.qlref | 1 - ...ointerToIntegerOrIntegerToPointer.expected | 1 - ...gAPointerToIntegerOrIntegerToPointer.qlref | 1 - ...tUsedInPlaceOfBasicNumericalTypes.expected | 1 - ...sNotUsedInPlaceOfBasicNumericalTypes.qlref | 1 - ...ndsOfAnInappropriateEssentialType.expected | 1 - ...erandsOfAnInappropriateEssentialType.qlref | 1 - .../CharTypeExprsUsedInAddOrSub.expected | 1 - .../CharTypeExprsUsedInAddOrSub.qlref | 1 - ...gnmentToIncompatibleEssentialType.expected | 1 - ...ssignmentToIncompatibleEssentialType.qlref | 1 - ...perandHasDifferentEssTypeCategory.expected | 1 - ...onOperandHasDifferentEssTypeCategory.qlref | 1 - ...eCastToInappropriateEssentialType.expected | 1 - ...alueCastToInappropriateEssentialType.qlref | 1 - ...alueAssignedToObjWithWiderEssType.expected | 1 - ...prValueAssignedToObjWithWiderEssType.qlref | 1 - ...prOperandHasWiderEssTypeThanOther.expected | 1 - ...pExprOperandHasWiderEssTypeThanOther.qlref | 1 - .../CompExprValCastToIncompatEssType.expected | 1 - .../CompExprValCastToIncompatEssType.qlref | 1 - ...prEvalCausesUnsignedIntWraparound.expected | 1 - ...tExprEvalCausesUnsignedIntWraparound.qlref | 1 - .../ArrayTypeParamAtSizeofOperand.expected | 1 - .../ArrayTypeParamAtSizeofOperand.qlref | 1 - ...ounterHaveEssentiallyFloatingType.expected | 1 - ...opCounterHaveEssentiallyFloatingType.qlref | 1 - ...ncNeitherReprAsUnsignedCharNorEOF.expected | 1 - ...eFuncNeitherReprAsUnsignedCharNorEOF.qlref | 1 - ...sedToCompareNullTerminatedStrings.expected | 1 - ...mpUsedToCompareNullTerminatedStrings.qlref | 1 - ...eMemcmpArgNotPointerToCompatTypes.expected | 1 - ...moveMemcmpArgNotPointerToCompatTypes.qlref | 1 - ...oSignedUnsignedBooleanEnumEssType.expected | 1 - ...tsToSignedUnsignedBooleanEnumEssType.qlref | 1 - ...ignedToObjPtrToConstQualifiedChar.expected | 1 - ...AssignedToObjPtrToConstQualifiedChar.qlref | 1 - rule_packages/c/Types.json | 482 ------------------ 57 files changed, 538 deletions(-) delete mode 100644 c/cert/test/rules/FLP32-C/PreventOrDetectDomainAndRangeErrorsInMathFunctions.expected delete mode 100644 c/cert/test/rules/FLP32-C/PreventOrDetectDomainAndRangeErrorsInMathFunctions.qlref delete mode 100644 c/cert/test/rules/FLP34-C/FloatingPointConversionsNotWithinRangeOfNewType.expected delete mode 100644 c/cert/test/rules/FLP34-C/FloatingPointConversionsNotWithinRangeOfNewType.qlref delete mode 100644 c/cert/test/rules/FLP36-C/FloatingPointOfIntegralValuesLosePrecision.expected delete mode 100644 c/cert/test/rules/FLP36-C/FloatingPointOfIntegralValuesLosePrecision.qlref delete mode 100644 c/cert/test/rules/FLP37-C/ObjectReprUsedForComparingFloatingPointValues.expected delete mode 100644 c/cert/test/rules/FLP37-C/ObjectReprUsedForComparingFloatingPointValues.qlref delete mode 100644 c/cert/test/rules/INT30-C/EnsureThatUnsignedIntegerOperationsDoNotWrap.expected delete mode 100644 c/cert/test/rules/INT30-C/EnsureThatUnsignedIntegerOperationsDoNotWrap.qlref delete mode 100644 c/cert/test/rules/INT31-C/IntConversionCausesLostOrMisinterpretedData.expected delete mode 100644 c/cert/test/rules/INT31-C/IntConversionCausesLostOrMisinterpretedData.qlref delete mode 100644 c/cert/test/rules/INT32-C/OperationsOnSignedIntegersResultsInOverflow.expected delete mode 100644 c/cert/test/rules/INT32-C/OperationsOnSignedIntegersResultsInOverflow.qlref delete mode 100644 c/cert/test/rules/INT33-C/DivAndModOperationResultsInDivByZero.expected delete mode 100644 c/cert/test/rules/INT33-C/DivAndModOperationResultsInDivByZero.qlref delete mode 100644 c/cert/test/rules/INT34-C/ExprShiftedByNegativeBitsOrGreaterThanOperand.expected delete mode 100644 c/cert/test/rules/INT34-C/ExprShiftedByNegativeBitsOrGreaterThanOperand.qlref delete mode 100644 c/cert/test/rules/INT35-C/UseCorrectIntegerPrecisions.expected delete mode 100644 c/cert/test/rules/INT35-C/UseCorrectIntegerPrecisions.qlref delete mode 100644 c/cert/test/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.expected delete mode 100644 c/cert/test/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.qlref delete mode 100644 c/misra/test/rules/DIR-4-6/NumericTypedefsNotUsedInPlaceOfBasicNumericalTypes.expected delete mode 100644 c/misra/test/rules/DIR-4-6/NumericTypedefsNotUsedInPlaceOfBasicNumericalTypes.qlref delete mode 100644 c/misra/test/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.expected delete mode 100644 c/misra/test/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.qlref delete mode 100644 c/misra/test/rules/RULE-10-2/CharTypeExprsUsedInAddOrSub.expected delete mode 100644 c/misra/test/rules/RULE-10-2/CharTypeExprsUsedInAddOrSub.qlref delete mode 100644 c/misra/test/rules/RULE-10-3/AssignmentToIncompatibleEssentialType.expected delete mode 100644 c/misra/test/rules/RULE-10-3/AssignmentToIncompatibleEssentialType.qlref delete mode 100644 c/misra/test/rules/RULE-10-4/ArithConversionOperandHasDifferentEssTypeCategory.expected delete mode 100644 c/misra/test/rules/RULE-10-4/ArithConversionOperandHasDifferentEssTypeCategory.qlref delete mode 100644 c/misra/test/rules/RULE-10-5/ValueCastToInappropriateEssentialType.expected delete mode 100644 c/misra/test/rules/RULE-10-5/ValueCastToInappropriateEssentialType.qlref delete mode 100644 c/misra/test/rules/RULE-10-6/CompositeExprValueAssignedToObjWithWiderEssType.expected delete mode 100644 c/misra/test/rules/RULE-10-6/CompositeExprValueAssignedToObjWithWiderEssType.qlref delete mode 100644 c/misra/test/rules/RULE-10-7/ConvertedCompExprOperandHasWiderEssTypeThanOther.expected delete mode 100644 c/misra/test/rules/RULE-10-7/ConvertedCompExprOperandHasWiderEssTypeThanOther.qlref delete mode 100644 c/misra/test/rules/RULE-10-8/CompExprValCastToIncompatEssType.expected delete mode 100644 c/misra/test/rules/RULE-10-8/CompExprValCastToIncompatEssType.qlref delete mode 100644 c/misra/test/rules/RULE-12-4/ConstExprEvalCausesUnsignedIntWraparound.expected delete mode 100644 c/misra/test/rules/RULE-12-4/ConstExprEvalCausesUnsignedIntWraparound.qlref delete mode 100644 c/misra/test/rules/RULE-12-5/ArrayTypeParamAtSizeofOperand.expected delete mode 100644 c/misra/test/rules/RULE-12-5/ArrayTypeParamAtSizeofOperand.qlref delete mode 100644 c/misra/test/rules/RULE-14-1/LoopCounterHaveEssentiallyFloatingType.expected delete mode 100644 c/misra/test/rules/RULE-14-1/LoopCounterHaveEssentiallyFloatingType.qlref delete mode 100644 c/misra/test/rules/RULE-21-13/CtypeFuncNeitherReprAsUnsignedCharNorEOF.expected delete mode 100644 c/misra/test/rules/RULE-21-13/CtypeFuncNeitherReprAsUnsignedCharNorEOF.qlref delete mode 100644 c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected delete mode 100644 c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.qlref delete mode 100644 c/misra/test/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointerToCompatTypes.expected delete mode 100644 c/misra/test/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointerToCompatTypes.qlref delete mode 100644 c/misra/test/rules/RULE-21-16/MemcmpArgNotPtsToSignedUnsignedBooleanEnumEssType.expected delete mode 100644 c/misra/test/rules/RULE-21-16/MemcmpArgNotPtsToSignedUnsignedBooleanEnumEssType.qlref delete mode 100644 c/misra/test/rules/RULE-7-4/StringLiteralAssignedToObjPtrToConstQualifiedChar.expected delete mode 100644 c/misra/test/rules/RULE-7-4/StringLiteralAssignedToObjPtrToConstQualifiedChar.qlref delete mode 100644 rule_packages/c/Types.json diff --git a/c/cert/test/rules/FLP32-C/PreventOrDetectDomainAndRangeErrorsInMathFunctions.expected b/c/cert/test/rules/FLP32-C/PreventOrDetectDomainAndRangeErrorsInMathFunctions.expected deleted file mode 100644 index 2ec1a0ac6c..0000000000 --- a/c/cert/test/rules/FLP32-C/PreventOrDetectDomainAndRangeErrorsInMathFunctions.expected +++ /dev/null @@ -1 +0,0 @@ -No expected results have yet been specified \ No newline at end of file diff --git a/c/cert/test/rules/FLP32-C/PreventOrDetectDomainAndRangeErrorsInMathFunctions.qlref b/c/cert/test/rules/FLP32-C/PreventOrDetectDomainAndRangeErrorsInMathFunctions.qlref deleted file mode 100644 index 7cd938b44b..0000000000 --- a/c/cert/test/rules/FLP32-C/PreventOrDetectDomainAndRangeErrorsInMathFunctions.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/FLP32-C/PreventOrDetectDomainAndRangeErrorsInMathFunctions.ql \ No newline at end of file diff --git a/c/cert/test/rules/FLP34-C/FloatingPointConversionsNotWithinRangeOfNewType.expected b/c/cert/test/rules/FLP34-C/FloatingPointConversionsNotWithinRangeOfNewType.expected deleted file mode 100644 index 2ec1a0ac6c..0000000000 --- a/c/cert/test/rules/FLP34-C/FloatingPointConversionsNotWithinRangeOfNewType.expected +++ /dev/null @@ -1 +0,0 @@ -No expected results have yet been specified \ No newline at end of file diff --git a/c/cert/test/rules/FLP34-C/FloatingPointConversionsNotWithinRangeOfNewType.qlref b/c/cert/test/rules/FLP34-C/FloatingPointConversionsNotWithinRangeOfNewType.qlref deleted file mode 100644 index fba8b90bf0..0000000000 --- a/c/cert/test/rules/FLP34-C/FloatingPointConversionsNotWithinRangeOfNewType.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/FLP34-C/FloatingPointConversionsNotWithinRangeOfNewType.ql \ No newline at end of file diff --git a/c/cert/test/rules/FLP36-C/FloatingPointOfIntegralValuesLosePrecision.expected b/c/cert/test/rules/FLP36-C/FloatingPointOfIntegralValuesLosePrecision.expected deleted file mode 100644 index 2ec1a0ac6c..0000000000 --- a/c/cert/test/rules/FLP36-C/FloatingPointOfIntegralValuesLosePrecision.expected +++ /dev/null @@ -1 +0,0 @@ -No expected results have yet been specified \ No newline at end of file diff --git a/c/cert/test/rules/FLP36-C/FloatingPointOfIntegralValuesLosePrecision.qlref b/c/cert/test/rules/FLP36-C/FloatingPointOfIntegralValuesLosePrecision.qlref deleted file mode 100644 index 7500c056d2..0000000000 --- a/c/cert/test/rules/FLP36-C/FloatingPointOfIntegralValuesLosePrecision.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/FLP36-C/FloatingPointOfIntegralValuesLosePrecision.ql \ No newline at end of file diff --git a/c/cert/test/rules/FLP37-C/ObjectReprUsedForComparingFloatingPointValues.expected b/c/cert/test/rules/FLP37-C/ObjectReprUsedForComparingFloatingPointValues.expected deleted file mode 100644 index 2ec1a0ac6c..0000000000 --- a/c/cert/test/rules/FLP37-C/ObjectReprUsedForComparingFloatingPointValues.expected +++ /dev/null @@ -1 +0,0 @@ -No expected results have yet been specified \ No newline at end of file diff --git a/c/cert/test/rules/FLP37-C/ObjectReprUsedForComparingFloatingPointValues.qlref b/c/cert/test/rules/FLP37-C/ObjectReprUsedForComparingFloatingPointValues.qlref deleted file mode 100644 index 6c9287e855..0000000000 --- a/c/cert/test/rules/FLP37-C/ObjectReprUsedForComparingFloatingPointValues.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/FLP37-C/ObjectReprUsedForComparingFloatingPointValues.ql \ No newline at end of file diff --git a/c/cert/test/rules/INT30-C/EnsureThatUnsignedIntegerOperationsDoNotWrap.expected b/c/cert/test/rules/INT30-C/EnsureThatUnsignedIntegerOperationsDoNotWrap.expected deleted file mode 100644 index 2ec1a0ac6c..0000000000 --- a/c/cert/test/rules/INT30-C/EnsureThatUnsignedIntegerOperationsDoNotWrap.expected +++ /dev/null @@ -1 +0,0 @@ -No expected results have yet been specified \ No newline at end of file diff --git a/c/cert/test/rules/INT30-C/EnsureThatUnsignedIntegerOperationsDoNotWrap.qlref b/c/cert/test/rules/INT30-C/EnsureThatUnsignedIntegerOperationsDoNotWrap.qlref deleted file mode 100644 index c6dde9ace2..0000000000 --- a/c/cert/test/rules/INT30-C/EnsureThatUnsignedIntegerOperationsDoNotWrap.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/INT30-C/EnsureThatUnsignedIntegerOperationsDoNotWrap.ql \ No newline at end of file diff --git a/c/cert/test/rules/INT31-C/IntConversionCausesLostOrMisinterpretedData.expected b/c/cert/test/rules/INT31-C/IntConversionCausesLostOrMisinterpretedData.expected deleted file mode 100644 index 2ec1a0ac6c..0000000000 --- a/c/cert/test/rules/INT31-C/IntConversionCausesLostOrMisinterpretedData.expected +++ /dev/null @@ -1 +0,0 @@ -No expected results have yet been specified \ No newline at end of file diff --git a/c/cert/test/rules/INT31-C/IntConversionCausesLostOrMisinterpretedData.qlref b/c/cert/test/rules/INT31-C/IntConversionCausesLostOrMisinterpretedData.qlref deleted file mode 100644 index b95535183b..0000000000 --- a/c/cert/test/rules/INT31-C/IntConversionCausesLostOrMisinterpretedData.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/INT31-C/IntConversionCausesLostOrMisinterpretedData.ql \ No newline at end of file diff --git a/c/cert/test/rules/INT32-C/OperationsOnSignedIntegersResultsInOverflow.expected b/c/cert/test/rules/INT32-C/OperationsOnSignedIntegersResultsInOverflow.expected deleted file mode 100644 index 2ec1a0ac6c..0000000000 --- a/c/cert/test/rules/INT32-C/OperationsOnSignedIntegersResultsInOverflow.expected +++ /dev/null @@ -1 +0,0 @@ -No expected results have yet been specified \ No newline at end of file diff --git a/c/cert/test/rules/INT32-C/OperationsOnSignedIntegersResultsInOverflow.qlref b/c/cert/test/rules/INT32-C/OperationsOnSignedIntegersResultsInOverflow.qlref deleted file mode 100644 index 91ae574c44..0000000000 --- a/c/cert/test/rules/INT32-C/OperationsOnSignedIntegersResultsInOverflow.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/INT32-C/OperationsOnSignedIntegersResultsInOverflow.ql \ No newline at end of file diff --git a/c/cert/test/rules/INT33-C/DivAndModOperationResultsInDivByZero.expected b/c/cert/test/rules/INT33-C/DivAndModOperationResultsInDivByZero.expected deleted file mode 100644 index 2ec1a0ac6c..0000000000 --- a/c/cert/test/rules/INT33-C/DivAndModOperationResultsInDivByZero.expected +++ /dev/null @@ -1 +0,0 @@ -No expected results have yet been specified \ No newline at end of file diff --git a/c/cert/test/rules/INT33-C/DivAndModOperationResultsInDivByZero.qlref b/c/cert/test/rules/INT33-C/DivAndModOperationResultsInDivByZero.qlref deleted file mode 100644 index 529fa9a43a..0000000000 --- a/c/cert/test/rules/INT33-C/DivAndModOperationResultsInDivByZero.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/INT33-C/DivAndModOperationResultsInDivByZero.ql \ No newline at end of file diff --git a/c/cert/test/rules/INT34-C/ExprShiftedByNegativeBitsOrGreaterThanOperand.expected b/c/cert/test/rules/INT34-C/ExprShiftedByNegativeBitsOrGreaterThanOperand.expected deleted file mode 100644 index 2ec1a0ac6c..0000000000 --- a/c/cert/test/rules/INT34-C/ExprShiftedByNegativeBitsOrGreaterThanOperand.expected +++ /dev/null @@ -1 +0,0 @@ -No expected results have yet been specified \ No newline at end of file diff --git a/c/cert/test/rules/INT34-C/ExprShiftedByNegativeBitsOrGreaterThanOperand.qlref b/c/cert/test/rules/INT34-C/ExprShiftedByNegativeBitsOrGreaterThanOperand.qlref deleted file mode 100644 index b5349c3054..0000000000 --- a/c/cert/test/rules/INT34-C/ExprShiftedByNegativeBitsOrGreaterThanOperand.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/INT34-C/ExprShiftedByNegativeBitsOrGreaterThanOperand.ql \ No newline at end of file diff --git a/c/cert/test/rules/INT35-C/UseCorrectIntegerPrecisions.expected b/c/cert/test/rules/INT35-C/UseCorrectIntegerPrecisions.expected deleted file mode 100644 index 2ec1a0ac6c..0000000000 --- a/c/cert/test/rules/INT35-C/UseCorrectIntegerPrecisions.expected +++ /dev/null @@ -1 +0,0 @@ -No expected results have yet been specified \ No newline at end of file diff --git a/c/cert/test/rules/INT35-C/UseCorrectIntegerPrecisions.qlref b/c/cert/test/rules/INT35-C/UseCorrectIntegerPrecisions.qlref deleted file mode 100644 index c408baf78d..0000000000 --- a/c/cert/test/rules/INT35-C/UseCorrectIntegerPrecisions.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/INT35-C/UseCorrectIntegerPrecisions.ql \ No newline at end of file diff --git a/c/cert/test/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.expected b/c/cert/test/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.expected deleted file mode 100644 index 2ec1a0ac6c..0000000000 --- a/c/cert/test/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.expected +++ /dev/null @@ -1 +0,0 @@ -No expected results have yet been specified \ No newline at end of file diff --git a/c/cert/test/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.qlref b/c/cert/test/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.qlref deleted file mode 100644 index 70ae157f74..0000000000 --- a/c/cert/test/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql \ No newline at end of file diff --git a/c/misra/test/rules/DIR-4-6/NumericTypedefsNotUsedInPlaceOfBasicNumericalTypes.expected b/c/misra/test/rules/DIR-4-6/NumericTypedefsNotUsedInPlaceOfBasicNumericalTypes.expected deleted file mode 100644 index 2ec1a0ac6c..0000000000 --- a/c/misra/test/rules/DIR-4-6/NumericTypedefsNotUsedInPlaceOfBasicNumericalTypes.expected +++ /dev/null @@ -1 +0,0 @@ -No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/DIR-4-6/NumericTypedefsNotUsedInPlaceOfBasicNumericalTypes.qlref b/c/misra/test/rules/DIR-4-6/NumericTypedefsNotUsedInPlaceOfBasicNumericalTypes.qlref deleted file mode 100644 index 81fd5998d5..0000000000 --- a/c/misra/test/rules/DIR-4-6/NumericTypedefsNotUsedInPlaceOfBasicNumericalTypes.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/DIR-4-6/NumericTypedefsNotUsedInPlaceOfBasicNumericalTypes.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.expected b/c/misra/test/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.expected deleted file mode 100644 index 2ec1a0ac6c..0000000000 --- a/c/misra/test/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.expected +++ /dev/null @@ -1 +0,0 @@ -No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.qlref b/c/misra/test/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.qlref deleted file mode 100644 index f3120fd81f..0000000000 --- a/c/misra/test/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-2/CharTypeExprsUsedInAddOrSub.expected b/c/misra/test/rules/RULE-10-2/CharTypeExprsUsedInAddOrSub.expected deleted file mode 100644 index 2ec1a0ac6c..0000000000 --- a/c/misra/test/rules/RULE-10-2/CharTypeExprsUsedInAddOrSub.expected +++ /dev/null @@ -1 +0,0 @@ -No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-2/CharTypeExprsUsedInAddOrSub.qlref b/c/misra/test/rules/RULE-10-2/CharTypeExprsUsedInAddOrSub.qlref deleted file mode 100644 index a0912cc8e9..0000000000 --- a/c/misra/test/rules/RULE-10-2/CharTypeExprsUsedInAddOrSub.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-10-2/CharTypeExprsUsedInAddOrSub.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-3/AssignmentToIncompatibleEssentialType.expected b/c/misra/test/rules/RULE-10-3/AssignmentToIncompatibleEssentialType.expected deleted file mode 100644 index 2ec1a0ac6c..0000000000 --- a/c/misra/test/rules/RULE-10-3/AssignmentToIncompatibleEssentialType.expected +++ /dev/null @@ -1 +0,0 @@ -No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-3/AssignmentToIncompatibleEssentialType.qlref b/c/misra/test/rules/RULE-10-3/AssignmentToIncompatibleEssentialType.qlref deleted file mode 100644 index d75ee46cd9..0000000000 --- a/c/misra/test/rules/RULE-10-3/AssignmentToIncompatibleEssentialType.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-10-3/AssignmentToIncompatibleEssentialType.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-4/ArithConversionOperandHasDifferentEssTypeCategory.expected b/c/misra/test/rules/RULE-10-4/ArithConversionOperandHasDifferentEssTypeCategory.expected deleted file mode 100644 index 2ec1a0ac6c..0000000000 --- a/c/misra/test/rules/RULE-10-4/ArithConversionOperandHasDifferentEssTypeCategory.expected +++ /dev/null @@ -1 +0,0 @@ -No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-4/ArithConversionOperandHasDifferentEssTypeCategory.qlref b/c/misra/test/rules/RULE-10-4/ArithConversionOperandHasDifferentEssTypeCategory.qlref deleted file mode 100644 index fdafde4779..0000000000 --- a/c/misra/test/rules/RULE-10-4/ArithConversionOperandHasDifferentEssTypeCategory.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-10-4/ArithConversionOperandHasDifferentEssTypeCategory.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-5/ValueCastToInappropriateEssentialType.expected b/c/misra/test/rules/RULE-10-5/ValueCastToInappropriateEssentialType.expected deleted file mode 100644 index 2ec1a0ac6c..0000000000 --- a/c/misra/test/rules/RULE-10-5/ValueCastToInappropriateEssentialType.expected +++ /dev/null @@ -1 +0,0 @@ -No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-5/ValueCastToInappropriateEssentialType.qlref b/c/misra/test/rules/RULE-10-5/ValueCastToInappropriateEssentialType.qlref deleted file mode 100644 index 226c29d9c0..0000000000 --- a/c/misra/test/rules/RULE-10-5/ValueCastToInappropriateEssentialType.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-10-5/ValueCastToInappropriateEssentialType.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-6/CompositeExprValueAssignedToObjWithWiderEssType.expected b/c/misra/test/rules/RULE-10-6/CompositeExprValueAssignedToObjWithWiderEssType.expected deleted file mode 100644 index 2ec1a0ac6c..0000000000 --- a/c/misra/test/rules/RULE-10-6/CompositeExprValueAssignedToObjWithWiderEssType.expected +++ /dev/null @@ -1 +0,0 @@ -No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-6/CompositeExprValueAssignedToObjWithWiderEssType.qlref b/c/misra/test/rules/RULE-10-6/CompositeExprValueAssignedToObjWithWiderEssType.qlref deleted file mode 100644 index 258caa5497..0000000000 --- a/c/misra/test/rules/RULE-10-6/CompositeExprValueAssignedToObjWithWiderEssType.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-10-6/CompositeExprValueAssignedToObjWithWiderEssType.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-7/ConvertedCompExprOperandHasWiderEssTypeThanOther.expected b/c/misra/test/rules/RULE-10-7/ConvertedCompExprOperandHasWiderEssTypeThanOther.expected deleted file mode 100644 index 2ec1a0ac6c..0000000000 --- a/c/misra/test/rules/RULE-10-7/ConvertedCompExprOperandHasWiderEssTypeThanOther.expected +++ /dev/null @@ -1 +0,0 @@ -No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-7/ConvertedCompExprOperandHasWiderEssTypeThanOther.qlref b/c/misra/test/rules/RULE-10-7/ConvertedCompExprOperandHasWiderEssTypeThanOther.qlref deleted file mode 100644 index ffcbf37d96..0000000000 --- a/c/misra/test/rules/RULE-10-7/ConvertedCompExprOperandHasWiderEssTypeThanOther.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-10-7/ConvertedCompExprOperandHasWiderEssTypeThanOther.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-8/CompExprValCastToIncompatEssType.expected b/c/misra/test/rules/RULE-10-8/CompExprValCastToIncompatEssType.expected deleted file mode 100644 index 2ec1a0ac6c..0000000000 --- a/c/misra/test/rules/RULE-10-8/CompExprValCastToIncompatEssType.expected +++ /dev/null @@ -1 +0,0 @@ -No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-8/CompExprValCastToIncompatEssType.qlref b/c/misra/test/rules/RULE-10-8/CompExprValCastToIncompatEssType.qlref deleted file mode 100644 index 92e74b5640..0000000000 --- a/c/misra/test/rules/RULE-10-8/CompExprValCastToIncompatEssType.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-10-8/CompExprValCastToIncompatEssType.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-12-4/ConstExprEvalCausesUnsignedIntWraparound.expected b/c/misra/test/rules/RULE-12-4/ConstExprEvalCausesUnsignedIntWraparound.expected deleted file mode 100644 index 2ec1a0ac6c..0000000000 --- a/c/misra/test/rules/RULE-12-4/ConstExprEvalCausesUnsignedIntWraparound.expected +++ /dev/null @@ -1 +0,0 @@ -No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-12-4/ConstExprEvalCausesUnsignedIntWraparound.qlref b/c/misra/test/rules/RULE-12-4/ConstExprEvalCausesUnsignedIntWraparound.qlref deleted file mode 100644 index 8f483e64f3..0000000000 --- a/c/misra/test/rules/RULE-12-4/ConstExprEvalCausesUnsignedIntWraparound.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-12-4/ConstExprEvalCausesUnsignedIntWraparound.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-12-5/ArrayTypeParamAtSizeofOperand.expected b/c/misra/test/rules/RULE-12-5/ArrayTypeParamAtSizeofOperand.expected deleted file mode 100644 index 2ec1a0ac6c..0000000000 --- a/c/misra/test/rules/RULE-12-5/ArrayTypeParamAtSizeofOperand.expected +++ /dev/null @@ -1 +0,0 @@ -No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-12-5/ArrayTypeParamAtSizeofOperand.qlref b/c/misra/test/rules/RULE-12-5/ArrayTypeParamAtSizeofOperand.qlref deleted file mode 100644 index b083a10d31..0000000000 --- a/c/misra/test/rules/RULE-12-5/ArrayTypeParamAtSizeofOperand.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-12-5/ArrayTypeParamAtSizeofOperand.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-14-1/LoopCounterHaveEssentiallyFloatingType.expected b/c/misra/test/rules/RULE-14-1/LoopCounterHaveEssentiallyFloatingType.expected deleted file mode 100644 index 2ec1a0ac6c..0000000000 --- a/c/misra/test/rules/RULE-14-1/LoopCounterHaveEssentiallyFloatingType.expected +++ /dev/null @@ -1 +0,0 @@ -No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-14-1/LoopCounterHaveEssentiallyFloatingType.qlref b/c/misra/test/rules/RULE-14-1/LoopCounterHaveEssentiallyFloatingType.qlref deleted file mode 100644 index befc44a33a..0000000000 --- a/c/misra/test/rules/RULE-14-1/LoopCounterHaveEssentiallyFloatingType.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-14-1/LoopCounterHaveEssentiallyFloatingType.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-13/CtypeFuncNeitherReprAsUnsignedCharNorEOF.expected b/c/misra/test/rules/RULE-21-13/CtypeFuncNeitherReprAsUnsignedCharNorEOF.expected deleted file mode 100644 index 2ec1a0ac6c..0000000000 --- a/c/misra/test/rules/RULE-21-13/CtypeFuncNeitherReprAsUnsignedCharNorEOF.expected +++ /dev/null @@ -1 +0,0 @@ -No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-13/CtypeFuncNeitherReprAsUnsignedCharNorEOF.qlref b/c/misra/test/rules/RULE-21-13/CtypeFuncNeitherReprAsUnsignedCharNorEOF.qlref deleted file mode 100644 index 60f87891a1..0000000000 --- a/c/misra/test/rules/RULE-21-13/CtypeFuncNeitherReprAsUnsignedCharNorEOF.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-21-13/CtypeFuncNeitherReprAsUnsignedCharNorEOF.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected b/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected deleted file mode 100644 index 2ec1a0ac6c..0000000000 --- a/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected +++ /dev/null @@ -1 +0,0 @@ -No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.qlref b/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.qlref deleted file mode 100644 index 99017569aa..0000000000 --- a/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointerToCompatTypes.expected b/c/misra/test/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointerToCompatTypes.expected deleted file mode 100644 index 2ec1a0ac6c..0000000000 --- a/c/misra/test/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointerToCompatTypes.expected +++ /dev/null @@ -1 +0,0 @@ -No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointerToCompatTypes.qlref b/c/misra/test/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointerToCompatTypes.qlref deleted file mode 100644 index e0ff446916..0000000000 --- a/c/misra/test/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointerToCompatTypes.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointerToCompatTypes.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-16/MemcmpArgNotPtsToSignedUnsignedBooleanEnumEssType.expected b/c/misra/test/rules/RULE-21-16/MemcmpArgNotPtsToSignedUnsignedBooleanEnumEssType.expected deleted file mode 100644 index 2ec1a0ac6c..0000000000 --- a/c/misra/test/rules/RULE-21-16/MemcmpArgNotPtsToSignedUnsignedBooleanEnumEssType.expected +++ /dev/null @@ -1 +0,0 @@ -No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-16/MemcmpArgNotPtsToSignedUnsignedBooleanEnumEssType.qlref b/c/misra/test/rules/RULE-21-16/MemcmpArgNotPtsToSignedUnsignedBooleanEnumEssType.qlref deleted file mode 100644 index ade809ada5..0000000000 --- a/c/misra/test/rules/RULE-21-16/MemcmpArgNotPtsToSignedUnsignedBooleanEnumEssType.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-21-16/MemcmpArgNotPtsToSignedUnsignedBooleanEnumEssType.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToObjPtrToConstQualifiedChar.expected b/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToObjPtrToConstQualifiedChar.expected deleted file mode 100644 index 2ec1a0ac6c..0000000000 --- a/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToObjPtrToConstQualifiedChar.expected +++ /dev/null @@ -1 +0,0 @@ -No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToObjPtrToConstQualifiedChar.qlref b/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToObjPtrToConstQualifiedChar.qlref deleted file mode 100644 index d886f5a94a..0000000000 --- a/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToObjPtrToConstQualifiedChar.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-7-4/StringLiteralAssignedToObjPtrToConstQualifiedChar.ql \ No newline at end of file diff --git a/rule_packages/c/Types.json b/rule_packages/c/Types.json deleted file mode 100644 index 68b873dacd..0000000000 --- a/rule_packages/c/Types.json +++ /dev/null @@ -1,482 +0,0 @@ -{ - "CERT-C": { - "FLP32-C": { - "properties": { - "obligation": "rule" - }, - "queries": [ - { - "description": "TODO.", - "kind": "problem", - "name": "Prevent or detect domain and range errors in math functions", - "precision": "very-high", - "severity": "error", - "short_name": "PreventOrDetectDomainAndRangeErrorsInMathFunctions", - "tags": [] - } - ], - "title": "Prevent or detect domain and range errors in math functions" - }, - "FLP34-C": { - "properties": { - "obligation": "rule" - }, - "queries": [ - { - "description": "TODO.", - "kind": "problem", - "name": "Ensure that floating-point conversions are within range of the new type", - "precision": "very-high", - "severity": "error", - "short_name": "FloatingPointConversionsNotWithinRangeOfNewType", - "tags": [] - } - ], - "title": "Ensure that floating-point conversions are within range of the new type" - }, - "FLP36-C": { - "properties": { - "obligation": "rule" - }, - "queries": [ - { - "description": "TODO.", - "kind": "problem", - "name": "Preserve precision when converting integral values to floating-point type", - "precision": "very-high", - "severity": "error", - "short_name": "FloatingPointOfIntegralValuesLosePrecision", - "tags": [] - } - ], - "title": "Preserve precision when converting integral values to floating-point type" - }, - "FLP37-C": { - "properties": { - "obligation": "rule" - }, - "queries": [ - { - "description": "TODO.", - "kind": "problem", - "name": "Do not use object representations to compare floating-point values", - "precision": "very-high", - "severity": "error", - "short_name": "ObjectReprUsedForComparingFloatingPointValues", - "tags": [] - } - ], - "title": "Do not use object representations to compare floating-point values" - }, - "INT30-C": { - "properties": { - "obligation": "rule" - }, - "queries": [ - { - "description": "TODO.", - "kind": "problem", - "name": "Ensure that unsigned integer operations do not wrap", - "precision": "high", - "severity": "error", - "short_name": "EnsureThatUnsignedIntegerOperationsDoNotWrap", - "tags": [] - } - ], - "title": "Ensure that unsigned integer operations do not wrap" - }, - "INT31-C": { - "properties": { - "obligation": "rule" - }, - "queries": [ - { - "description": "TODO.", - "kind": "problem", - "name": "Ensure that integer conversions do not result in lost or misinterpreted data", - "precision": "high", - "severity": "error", - "short_name": "IntConversionCausesLostOrMisinterpretedData", - "tags": [] - } - ], - "title": "Ensure that integer conversions do not result in lost or misinterpreted data" - }, - "INT32-C": { - "properties": { - "obligation": "rule" - }, - "queries": [ - { - "description": "TODO.", - "kind": "problem", - "name": "Ensure that operations on signed integers do not result in overflow", - "precision": "high", - "severity": "error", - "short_name": "OperationsOnSignedIntegersResultsInOverflow", - "tags": [] - } - ], - "title": "Ensure that operations on signed integers do not result in overflow" - }, - "INT33-C": { - "properties": { - "obligation": "rule" - }, - "queries": [ - { - "description": "TODO.", - "kind": "problem", - "name": "Ensure that division and remainder operations do not result in divide-by-zero errors", - "precision": "high", - "severity": "error", - "short_name": "DivAndModOperationResultsInDivByZero", - "tags": [] - } - ], - "title": "Ensure that division and remainder operations do not result in divide-by-zero errors" - }, - "INT34-C": { - "properties": { - "obligation": "rule" - }, - "queries": [ - { - "description": "Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand.", - "kind": "problem", - "name": "Do not shift an expression by a negative number of bits or by greater than or equal to the number of", - "precision": "very-high", - "severity": "error", - "short_name": "ExprShiftedByNegativeBitsOrGreaterThanOperand", - "tags": [] - } - ], - "title": "Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand" - }, - "INT35-C": { - "properties": { - "obligation": "rule" - }, - "queries": [ - { - "description": "TODO.", - "kind": "problem", - "name": "Use correct integer precisions", - "precision": "high", - "severity": "error", - "short_name": "UseCorrectIntegerPrecisions", - "tags": [] - } - ], - "title": "Use correct integer precisions" - }, - "INT36-C": { - "properties": { - "obligation": "rule" - }, - "queries": [ - { - "description": "TODO.", - "kind": "problem", - "name": "Converting a pointer to integer or integer to pointer", - "precision": "very-high", - "severity": "error", - "short_name": "ConvertingAPointerToIntegerOrIntegerToPointer", - "tags": [] - } - ], - "title": "Converting a pointer to integer or integer to pointer" - } - }, - "MISRA-C-2012": { - "DIR-4-6": { - "properties": { - "obligation": "advisory" - }, - "queries": [ - { - "description": "TODO.", - "kind": "problem", - "name": "typedefs that indicate size and signedness should be used in place of the basic numerical types", - "precision": "high", - "severity": "error", - "short_name": "NumericTypedefsNotUsedInPlaceOfBasicNumericalTypes", - "tags": [] - } - ], - "title": "typedefs that indicate size and signedness should be used in place of the basic numerical types" - }, - "RULE-10-1": { - "properties": { - "obligation": "required" - }, - "queries": [ - { - "description": "TODO.", - "kind": "problem", - "name": "Operands shall not be of an inappropriate essential type", - "precision": "high", - "severity": "error", - "short_name": "OperandsOfAnInappropriateEssentialType", - "tags": [] - } - ], - "title": "Operands shall not be of an inappropriate essential type" - }, - "RULE-10-2": { - "properties": { - "obligation": "required" - }, - "queries": [ - { - "description": "Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations.", - "kind": "problem", - "name": "Expressions of essentially character type shall not be used inappropriately in addition and", - "precision": "very-high", - "severity": "error", - "short_name": "CharTypeExprsUsedInAddOrSub", - "tags": [] - } - ], - "title": "Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations" - }, - "RULE-10-3": { - "properties": { - "obligation": "required" - }, - "queries": [ - { - "description": "The value of an expression shall not be assigned to an object with a narrower essential type or of a different essential type category.", - "kind": "problem", - "name": "The value of an expression shall not be assigned to an object with a narrower essential type or of a", - "precision": "high", - "severity": "error", - "short_name": "AssignmentToIncompatibleEssentialType", - "tags": [] - } - ], - "title": "The value of an expression shall not be assigned to an object with a narrower essential type or of a different essential type category" - }, - "RULE-10-4": { - "properties": { - "obligation": "required" - }, - "queries": [ - { - "description": "Both operands of an operator in which the usual arithmetic conversions are performed shall have the same essential type category.", - "kind": "problem", - "name": "Both operands of an operator in which the usual arithmetic conversions are performed shall have the", - "precision": "very-high", - "severity": "error", - "short_name": "ArithConversionOperandHasDifferentEssTypeCategory", - "tags": [] - } - ], - "title": "Both operands of an operator in which the usual arithmetic conversions are performed shall have the same essential type category" - }, - "RULE-10-5": { - "properties": { - "obligation": "advisory" - }, - "queries": [ - { - "description": "TODO.", - "kind": "problem", - "name": "The value of an expression should not be cast to an inappropriate essential type", - "precision": "very-high", - "severity": "error", - "short_name": "ValueCastToInappropriateEssentialType", - "tags": [] - } - ], - "title": "The value of an expression should not be cast to an inappropriate essential type" - }, - "RULE-10-6": { - "properties": { - "obligation": "required" - }, - "queries": [ - { - "description": "TODO.", - "kind": "problem", - "name": "The value of a composite expression shall not be assigned to an object with wider essential type", - "precision": "very-high", - "severity": "error", - "short_name": "CompositeExprValueAssignedToObjWithWiderEssType", - "tags": [] - } - ], - "title": "The value of a composite expression shall not be assigned to an object with wider essential type" - }, - "RULE-10-7": { - "properties": { - "obligation": "required" - }, - "queries": [ - { - "description": "If a composite expression is used as one operand of an operator in which the usual arithmetic conversions are performed then the other operand shall not have wider essential type.", - "kind": "problem", - "name": "If a composite expression is used as one operand of an operator in which the usual arithmetic", - "precision": "very-high", - "severity": "error", - "short_name": "ConvertedCompExprOperandHasWiderEssTypeThanOther", - "tags": [] - } - ], - "title": "If a composite expression is used as one operand of an operator in which the usual arithmetic conversions are performed then the other operand shall not have wider essential type" - }, - "RULE-10-8": { - "properties": { - "obligation": "required" - }, - "queries": [ - { - "description": "The value of a composite expression shall not be cast to a different essential type category or a wider essential type.", - "kind": "problem", - "name": "The value of a composite expression shall not be cast to a different essential type category or a", - "precision": "very-high", - "severity": "error", - "short_name": "CompExprValCastToIncompatEssType", - "tags": [] - } - ], - "title": "The value of a composite expression shall not be cast to a different essential type category or a wider essential type" - }, - "RULE-12-4": { - "properties": { - "obligation": "advisory" - }, - "queries": [ - { - "description": "TODO.", - "kind": "problem", - "name": "Evaluation of constant expressions should not lead to unsigned integer wrap-around", - "precision": "very-high", - "severity": "error", - "short_name": "ConstExprEvalCausesUnsignedIntWraparound", - "tags": [] - } - ], - "title": "Evaluation of constant expressions should not lead to unsigned integer wrap-around" - }, - "RULE-12-5": { - "properties": { - "obligation": "mandatory" - }, - "queries": [ - { - "description": "The sizeof operator shall not have an operand which is a function parameter declared as 'array of type'.", - "kind": "problem", - "name": "The sizeof operator shall not have an operand which is a function parameter declared as 'array of", - "precision": "very-high", - "severity": "error", - "short_name": "ArrayTypeParamAtSizeofOperand", - "tags": [] - } - ], - "title": "The sizeof operator shall not have an operand which is a function parameter declared as 'array of type'" - }, - "RULE-14-1": { - "properties": { - "obligation": "required" - }, - "queries": [ - { - "description": "TODO.", - "kind": "problem", - "name": "A loop counter shall not have essentially floating type", - "precision": "high", - "severity": "error", - "short_name": "LoopCounterHaveEssentiallyFloatingType", - "tags": [] - } - ], - "title": "A loop counter shall not have essentially floating type" - }, - "RULE-21-13": { - "properties": { - "obligation": "mandatory" - }, - "queries": [ - { - "description": "Any value passed to a function in shall be representable as an unsigned char or be the value EOF.", - "kind": "problem", - "name": "Any value passed to a function in shall be representable as an unsigned char or be the", - "precision": "very-high", - "severity": "error", - "short_name": "CtypeFuncNeitherReprAsUnsignedCharNorEOF", - "tags": [] - } - ], - "title": "Any value passed to a function in shall be representable as an unsigned char or be the value EOF" - }, - "RULE-21-14": { - "properties": { - "obligation": "required" - }, - "queries": [ - { - "description": "TODO.", - "kind": "problem", - "name": "The Standard Library function memcmp shall not be used to compare null terminated strings", - "precision": "high", - "severity": "error", - "short_name": "MemcmpUsedToCompareNullTerminatedStrings", - "tags": [] - } - ], - "title": "The Standard Library function memcmp shall not be used to compare null terminated strings" - }, - "RULE-21-15": { - "properties": { - "obligation": "required" - }, - "queries": [ - { - "description": "The pointer arguments to the Standard Library functions memcpy, memmove and memcmp shall be pointers to qualified or unqualified versions of compatible types.", - "kind": "problem", - "name": "The pointer arguments to the Standard Library functions memcpy, memmove and memcmp shall be pointers", - "precision": "very-high", - "severity": "error", - "short_name": "MemcpyMemmoveMemcmpArgNotPointerToCompatTypes", - "tags": [] - } - ], - "title": "The pointer arguments to the Standard Library functions memcpy, memmove and memcmp shall be pointers to qualified or unqualified versions of compatible types" - }, - "RULE-21-16": { - "properties": { - "obligation": "required" - }, - "queries": [ - { - "description": "The pointer arguments to the Standard Library function memcmp shall point to either a pointer type, an essentially signed type, an essentially unsigned type, an essentially Boolean type or an essentially enum type.", - "kind": "problem", - "name": "The pointer arguments to the Standard Library function memcmp shall point to either a pointer type,", - "precision": "very-high", - "severity": "error", - "short_name": "MemcmpArgNotPtsToSignedUnsignedBooleanEnumEssType", - "tags": [] - } - ], - "title": "The pointer arguments to the Standard Library function memcmp shall point to either a pointer type, an essentially signed type, an essentially unsigned type, an essentially Boolean type or an essentially enum type." - }, - "RULE-7-4": { - "properties": { - "obligation": "required" - }, - "queries": [ - { - "description": "A string literal shall not be assigned to an object unless the object's type is 'pointer to const-qualified char'.", - "kind": "problem", - "name": "A string literal shall not be assigned to an object unless the object's type is 'pointer to", - "precision": "very-high", - "severity": "error", - "short_name": "StringLiteralAssignedToObjPtrToConstQualifiedChar", - "tags": [] - } - ], - "title": "A string literal shall not be assigned to an object unless the object's type is 'pointer to const-qualified char'" - } - } -} From 60f282489f4e949cabf7b197bf9c4324ee860d27 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Tue, 31 Jan 2023 13:36:14 -0800 Subject: [PATCH 0356/2573] update test.c for 6-1 and 6-2 1. `compilant` and `non_compliant` to uppercase 2. mark `int x1` of 6-2 to non_compliant 3. `clang-format` all --- c/misra/test/rules/RULE-6-1/test.c | 14 ++++++++------ c/misra/test/rules/RULE-6-2/test.c | 20 +++++++++++--------- 2 files changed, 19 insertions(+), 15 deletions(-) diff --git a/c/misra/test/rules/RULE-6-1/test.c b/c/misra/test/rules/RULE-6-1/test.c index 3c1846d956..0271ed1e32 100644 --- a/c/misra/test/rules/RULE-6-1/test.c +++ b/c/misra/test/rules/RULE-6-1/test.c @@ -3,11 +3,13 @@ typedef unsigned int UINT16; enum Color { R, G, B }; struct SampleStruct { - int x1 : 2; // NON_COMPLIANT - not explicitly signed or unsigned - unsigned int x2 : 2; // COMPILANT - explicitly unsigned (example in the doc) + int x1 : 2; // NON_COMPLIANT - not explicitly signed or unsigned + unsigned int x2 : 2; // COMPILANT - explicitly unsigned signed int x3 : 2; // COMPILANT - explicitly signed - UINT16 x4 : 2; // COMPLIANT - type alias resolves to a compliant type - signed long x5 : 2; // NON_COMPLIANT - cannot declare bit field for long, even if it's signed - signed char x6 : 2; // NON_COMPILANT - cannot declare bit field for char, even if it's signed + UINT16 x4 : 2; // COMPLIANT - type alias resolves to a compliant type + signed long x5 : 2; // NON_COMPLIANT - cannot declare bit field for long, even + // if it's signed + signed char x6 : 2; // NON_COMPILANT - cannot declare bit field for char, even + // if it's signed enum Color x7 : 3; // NON_COMPILANT - cannot declare bit field for enum -} sample_struct; \ No newline at end of file +} sample_struct; diff --git a/c/misra/test/rules/RULE-6-2/test.c b/c/misra/test/rules/RULE-6-2/test.c index 9b18e986b9..e958203b04 100644 --- a/c/misra/test/rules/RULE-6-2/test.c +++ b/c/misra/test/rules/RULE-6-2/test.c @@ -1,17 +1,19 @@ #include struct SampleStruct { - int x1 : 1; // compilant: single-bit named field without signed declaration - signed int x2 : 1; // non_compilant: single-bit named field with a signed type + int x1 : 1; // NON_COMPILANT: very likely be signed, but if it's not, the + // query will automatically handle it since we use signed(), not + // isExplicitlySigned(). + signed int x2 : 1; // NON_COMPILANT: single-bit named field with a signed type signed char - x3 : 1; // non_compilant: single-bit named field with a signed type + x3 : 1; // NON_COMPILANT: single-bit named field with a signed type signed short - x4 : 1; // non_compilant: single-bit named field with a signed type + x4 : 1; // NON_COMPILANT: single-bit named field with a signed type unsigned int - x5 : 1; // compilant: single-bit named field but with an unsigned type - signed int x6 : 2; // compilant: named field with a signed type but declared + x5 : 1; // COMPILANT: single-bit named field but with an unsigned type + signed int x6 : 2; // COMPILANT: named field with a signed type but declared // to carry more than 1 bit - int32_t x7 : 1; // non_compilant: single-bit named field that has single-bit + int32_t x7 : 1; // NON_COMPILANT: single-bit named field that has single-bit // bit-field, even though technically it has 32 bits - signed char : 1; // compilant: single-bit bit-field but unnamed -} sample_struct; \ No newline at end of file + signed char : 1; // COMPILANT: single-bit bit-field but unnamed +} sample_struct; From 294e49e4fde25c0fcc09246a27ab0727b97b89d1 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Tue, 31 Jan 2023 14:17:21 -0800 Subject: [PATCH 0357/2573] update .expected files to reflect clang-format --- ...ieldsShallOnlyBeDeclaredWithAnAppropriateType.expected | 4 ++-- .../SingleBitNamedBitFieldsOfASignedType.expected | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.expected b/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.expected index fe371a7972..cdcfe74e98 100644 --- a/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.expected +++ b/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.expected @@ -1,4 +1,4 @@ | test.c:6:7:6:8 | x1 | Bit-field x1 is declared on type x1. | | test.c:10:15:10:16 | x5 | Bit-field x5 is declared on type x5. | -| test.c:11:15:11:16 | x6 | Bit-field x6 is declared on type x6. | -| test.c:12:14:12:15 | x7 | Bit-field x7 is declared on type x7. | \ No newline at end of file +| test.c:12:15:12:16 | x6 | Bit-field x6 is declared on type x6. | +| test.c:14:14:14:15 | x7 | Bit-field x7 is declared on type x7. | \ No newline at end of file diff --git a/c/misra/test/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.expected b/c/misra/test/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.expected index c54bbafb38..d78e36f0ed 100644 --- a/c/misra/test/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.expected +++ b/c/misra/test/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.expected @@ -1,4 +1,4 @@ -| test.c:5:14:5:15 | x2 | Single-bit bit-field named x2 has a signed type signed int. | -| test.c:7:7:7:8 | x3 | Single-bit bit-field named x3 has a signed type signed char. | -| test.c:9:7:9:8 | x4 | Single-bit bit-field named x4 has a signed type signed short. | -| test.c:14:11:14:12 | x7 | Single-bit bit-field named x7 has a signed type int32_t. | \ No newline at end of file +| test.c:7:14:7:15 | x2 | Single-bit bit-field named x2 has a signed type signed int. | +| test.c:9:7:9:8 | x3 | Single-bit bit-field named x3 has a signed type signed char. | +| test.c:11:7:11:8 | x4 | Single-bit bit-field named x4 has a signed type signed short. | +| test.c:16:11:16:12 | x7 | Single-bit bit-field named x7 has a signed type int32_t. | From a6e86eb7a50ac829bdb5a431fc7dbe4df93fe962 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Tue, 31 Jan 2023 16:10:04 -0800 Subject: [PATCH 0358/2573] incorporate requested changes for query --- ...hallOnlyBeDeclaredWithAnAppropriateType.ql | 54 +++++++++---------- .../SingleBitNamedBitFieldsOfASignedType.ql | 21 ++------ ...lyBeDeclaredWithAnAppropriateType.expected | 8 +-- ...gleBitNamedBitFieldsOfASignedType.expected | 2 +- c/misra/test/rules/RULE-6-2/test.c | 2 - 5 files changed, 36 insertions(+), 51 deletions(-) diff --git a/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql b/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql index 94a59e9108..82f2c9c89a 100644 --- a/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql +++ b/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql @@ -1,38 +1,36 @@ /** - * @id c/misra/bit-fields-shall-only-be-declared-with-an-appropriate-type - * @name RULE-6-1: Bit-fields shall only be declared with an appropriate type - * @description Declaring bit-fields on types other than appropriate ones causes - * implementation-specific or undefined behavior. - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/misra/id/rule-6-1 - * external/misra/obligation/required - */ +* @id c/misra/bit-fields-shall-only-be-declared-with-an-appropriate-type +* @name RULE-6-1: Bit-fields shall only be declared with an appropriate type +* @description Declaring bit-fields on types other than appropriate ones causes +* implementation-specific or undefined behavior. +* @kind problem +* @precision very-high +* @problem.severity error +* @tags external/misra/id/rule-6-1 +* external/misra/obligation/required +*/ import cpp import codingstandards.c.misra -predicate isSignedOrUnsignedInt(Type type) { - type instanceof IntType and - (type.(IntegralType).isExplicitlySigned() or - type.(IntegralType).isExplicitlyUnsigned()) -} - predicate isAppropriatePrimitive(Type type) { - /* An appropriate primitive types to which a bit-field can be declared. */ - isSignedOrUnsignedInt(type) or type instanceof BoolType -} - -predicate isAppropriateTypedef(Type type) { - type instanceof TypedefType and - /* An appropriate typedef should be an alias to an appropriate primitive type. */ - isAppropriatePrimitive(type.(TypedefType).resolveTypedefs()) + /* An appropriate primitive types to which a bit-field can be declared. */ + type instanceof IntType and + ( + type.(IntegralType).isExplicitlySigned() or + type.(IntegralType).isExplicitlyUnsigned() + ) + or + type instanceof BoolType } from BitField bitField where -not isExcluded(bitField, BitfieldTypesPackage::bitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery()) and -/* A violation would neither an appropriate primitive type nor an appropriate typedef. */ -not (isAppropriatePrimitive(bitField.getType()) or isAppropriateTypedef(bitField.getType())) -select bitField, "Bit-field " + bitField + " is declared on type " + bitField + "." \ No newline at end of file +not isExcluded(bitField, +BitfieldTypesPackage::bitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery()) and + /* A violation would neither an appropriate primitive type nor an appropriate typedef. */ +not ( + isAppropriatePrimitive(bitField.getType()) or + isAppropriatePrimitive(bitField.getType().resolveTypedefs()) + ) +select bitField, "Bit-field " + bitField + " is declared on type " + bitField.getType() + "." diff --git a/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql b/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql index bb716692a9..98d2fcc0ef 100644 --- a/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql +++ b/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql @@ -13,14 +13,6 @@ import cpp import codingstandards.c.misra -predicate isSigned(Type type) { - /* Check if it's a fixed number type, because declaring fixed number types like int8_t as 1 bit is obviously absurd */ - type instanceof FixedWidthIntegralType or - /* Check if it's EXPLICITLY signed, because according to Rule 6.1, 'int' may be either signed or unsigned depending on the implementation. In the latter case, the query would lead to false positives. */ - type instanceof IntegralType and - type.(IntegralType).isExplicitlySigned() -} - /* Check if the DECLARED bit-fields is a single bit, because Rule 6.2 also intends to catch confusion on the programmers' part. Consider: struct S { @@ -28,14 +20,11 @@ struct S { } In this case, field x is essentially of 32 bits, but is declared as 1 bit and its type int32_t is signed. Therefore, it indicates confusion by the programmer, which is exactly what this rule intends to find. */ -predicate isSingleBit(BitField bitField) { - bitField.getDeclaredNumBits() = 1 -} from BitField bitField where - not isExcluded(bitField, BitfieldTypesPackage::singleBitNamedBitFieldsOfASignedTypeQuery()) and - isSingleBit(bitField) and // Single-bit, - not bitField.isAnonymous() and // named, - isSigned(bitField.getType()) // but its type is signed. -select bitField, "Single-bit bit-field named " + bitField.toString() + " has a signed type " + bitField.getType() + "." \ No newline at end of file +not isExcluded(bitField, BitfieldTypesPackage::singleBitNamedBitFieldsOfASignedTypeQuery()) and +bitField.getDeclaredNumBits() = 1 and // Single-bit, +not bitField.isAnonymous() and // named, +bitField.getType().(IntegralType).isSigned() // but its type is signed. +select bitField, "Single-bit bit-field named " + bitField.toString() + " has a signed type " + bitField.getType() + "." diff --git a/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.expected b/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.expected index cdcfe74e98..aaba0ee30c 100644 --- a/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.expected +++ b/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.expected @@ -1,4 +1,4 @@ -| test.c:6:7:6:8 | x1 | Bit-field x1 is declared on type x1. | -| test.c:10:15:10:16 | x5 | Bit-field x5 is declared on type x5. | -| test.c:12:15:12:16 | x6 | Bit-field x6 is declared on type x6. | -| test.c:14:14:14:15 | x7 | Bit-field x7 is declared on type x7. | \ No newline at end of file +| test.c:6:7:6:8 | x1 | Bit-field x1 is declared on type int. | +| test.c:10:15:10:16 | x5 | Bit-field x5 is declared on type signed long. | +| test.c:12:15:12:16 | x6 | Bit-field x6 is declared on type signed char. | +| test.c:14:14:14:15 | x7 | Bit-field x7 is declared on type Color. | diff --git a/c/misra/test/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.expected b/c/misra/test/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.expected index d78e36f0ed..df7677961a 100644 --- a/c/misra/test/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.expected +++ b/c/misra/test/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.expected @@ -1,4 +1,4 @@ +| test.c:4:7:4:8 | x1 | Single-bit bit-field named x1 has a signed type int. | | test.c:7:14:7:15 | x2 | Single-bit bit-field named x2 has a signed type signed int. | | test.c:9:7:9:8 | x3 | Single-bit bit-field named x3 has a signed type signed char. | | test.c:11:7:11:8 | x4 | Single-bit bit-field named x4 has a signed type signed short. | -| test.c:16:11:16:12 | x7 | Single-bit bit-field named x7 has a signed type int32_t. | diff --git a/c/misra/test/rules/RULE-6-2/test.c b/c/misra/test/rules/RULE-6-2/test.c index e958203b04..479e0e7ee2 100644 --- a/c/misra/test/rules/RULE-6-2/test.c +++ b/c/misra/test/rules/RULE-6-2/test.c @@ -13,7 +13,5 @@ struct SampleStruct { x5 : 1; // COMPILANT: single-bit named field but with an unsigned type signed int x6 : 2; // COMPILANT: named field with a signed type but declared // to carry more than 1 bit - int32_t x7 : 1; // NON_COMPILANT: single-bit named field that has single-bit - // bit-field, even though technically it has 32 bits signed char : 1; // COMPILANT: single-bit bit-field but unnamed } sample_struct; From 49674de963cf3a6a4d48b5e1deca67492ab35c79 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Tue, 31 Jan 2023 16:14:57 -0800 Subject: [PATCH 0359/2573] minor format --- c/misra/test/rules/RULE-6-2/test.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/misra/test/rules/RULE-6-2/test.c b/c/misra/test/rules/RULE-6-2/test.c index 479e0e7ee2..b3eaa0dd0e 100644 --- a/c/misra/test/rules/RULE-6-2/test.c +++ b/c/misra/test/rules/RULE-6-2/test.c @@ -13,5 +13,5 @@ struct SampleStruct { x5 : 1; // COMPILANT: single-bit named field but with an unsigned type signed int x6 : 2; // COMPILANT: named field with a signed type but declared // to carry more than 1 bit - signed char : 1; // COMPILANT: single-bit bit-field but unnamed + signed char : 1; // COMPILANT: single-bit bit-field but unnamed } sample_struct; From 831cf033caeeebb1c67fccb67f4b6b93e7f3fcd4 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Tue, 31 Jan 2023 16:21:28 -0800 Subject: [PATCH 0360/2573] format qldoc comment (indentation) --- ...hallOnlyBeDeclaredWithAnAppropriateType.ql | 38 +++++++++---------- .../SingleBitNamedBitFieldsOfASignedType.ql | 28 ++++++++------ 2 files changed, 35 insertions(+), 31 deletions(-) diff --git a/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql b/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql index 82f2c9c89a..86d12aa263 100644 --- a/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql +++ b/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql @@ -1,14 +1,14 @@ /** -* @id c/misra/bit-fields-shall-only-be-declared-with-an-appropriate-type -* @name RULE-6-1: Bit-fields shall only be declared with an appropriate type -* @description Declaring bit-fields on types other than appropriate ones causes -* implementation-specific or undefined behavior. -* @kind problem -* @precision very-high -* @problem.severity error -* @tags external/misra/id/rule-6-1 -* external/misra/obligation/required -*/ + * @id c/misra/bit-fields-shall-only-be-declared-with-an-appropriate-type + * @name RULE-6-1: Bit-fields shall only be declared with an appropriate type + * @description Declaring bit-fields on types other than appropriate ones causes + * implementation-specific or undefined behavior. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-6-1 + * external/misra/obligation/required + */ import cpp import codingstandards.c.misra @@ -17,20 +17,20 @@ predicate isAppropriatePrimitive(Type type) { /* An appropriate primitive types to which a bit-field can be declared. */ type instanceof IntType and ( - type.(IntegralType).isExplicitlySigned() or - type.(IntegralType).isExplicitlyUnsigned() - ) + type.(IntegralType).isExplicitlySigned() or + type.(IntegralType).isExplicitlyUnsigned() + ) or type instanceof BoolType } from BitField bitField where -not isExcluded(bitField, -BitfieldTypesPackage::bitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery()) and + not isExcluded(bitField, + BitfieldTypesPackage::bitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery()) and /* A violation would neither an appropriate primitive type nor an appropriate typedef. */ -not ( - isAppropriatePrimitive(bitField.getType()) or - isAppropriatePrimitive(bitField.getType().resolveTypedefs()) - ) + not ( + isAppropriatePrimitive(bitField.getType()) or + isAppropriatePrimitive(bitField.getType().resolveTypedefs()) + ) select bitField, "Bit-field " + bitField + " is declared on type " + bitField.getType() + "." diff --git a/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql b/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql index 98d2fcc0ef..d4be3d6dd2 100644 --- a/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql +++ b/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql @@ -13,18 +13,22 @@ import cpp import codingstandards.c.misra -/* Check if the DECLARED bit-fields is a single bit, because Rule 6.2 also intends to catch confusion on the programmers' part. Consider: - -struct S { - int32_t x: 1; -} - -In this case, field x is essentially of 32 bits, but is declared as 1 bit and its type int32_t is signed. Therefore, it indicates confusion by the programmer, which is exactly what this rule intends to find. */ +/* + * Check if the DECLARED bit-fields is a single bit, because Rule 6.2 also intends to catch confusion on the programmers' part. Consider: + * + * struct S { + * int32_t x: 1; + * } + * + * In this case, field x is essentially of 32 bits, but is declared as 1 bit and its type int32_t is signed. Therefore, it indicates confusion by the programmer, which is exactly what this rule intends to find. + */ from BitField bitField where -not isExcluded(bitField, BitfieldTypesPackage::singleBitNamedBitFieldsOfASignedTypeQuery()) and -bitField.getDeclaredNumBits() = 1 and // Single-bit, -not bitField.isAnonymous() and // named, -bitField.getType().(IntegralType).isSigned() // but its type is signed. -select bitField, "Single-bit bit-field named " + bitField.toString() + " has a signed type " + bitField.getType() + "." + not isExcluded(bitField, BitfieldTypesPackage::singleBitNamedBitFieldsOfASignedTypeQuery()) and + bitField.getDeclaredNumBits() = 1 and // Single-bit, + not bitField.isAnonymous() and // named, + bitField.getType().(IntegralType).isSigned() // but its type is signed. +select bitField, + "Single-bit bit-field named " + bitField.toString() + " has a signed type " + bitField.getType() + + "." From 2d38acefb011efb3800e2054da0a2d4b8cd83e0c Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 1 Feb 2023 11:16:27 -0500 Subject: [PATCH 0361/2573] context switching --- scripts/matrix_testing/CompileFixTool.ps1 | 2 +- scripts/matrix_testing/Config.ps1 | 5 + .../matrix_testing/CreateMatrixTestReport.ps1 | 169 ++++++++++-------- .../Get-CompilerSpecificFiles.ps1 | 27 +++ .../Pop-CompilerSpecificFiles.ps1 | 22 +++ .../Push-CompilerSpecificFiles.ps1 | 61 +++++++ 6 files changed, 211 insertions(+), 75 deletions(-) create mode 100644 scripts/matrix_testing/Get-CompilerSpecificFiles.ps1 create mode 100644 scripts/matrix_testing/Pop-CompilerSpecificFiles.ps1 create mode 100644 scripts/matrix_testing/Push-CompilerSpecificFiles.ps1 diff --git a/scripts/matrix_testing/CompileFixTool.ps1 b/scripts/matrix_testing/CompileFixTool.ps1 index 46b93d9f2d..1927e981c3 100755 --- a/scripts/matrix_testing/CompileFixTool.ps1 +++ b/scripts/matrix_testing/CompileFixTool.ps1 @@ -16,7 +16,7 @@ param( # The compiler to use. Valid values are 'clang' and 'arm-clang'. [Parameter(Mandatory)] - [ValidateSet('clang', 'armclang', 'tiarmclang')] + [ValidateSet('clang', 'armclang', 'tiarmclang', 'gcc')] [string] $Configuration ) diff --git a/scripts/matrix_testing/Config.ps1 b/scripts/matrix_testing/Config.ps1 index be09978e6b..c19a52f92c 100644 --- a/scripts/matrix_testing/Config.ps1 +++ b/scripts/matrix_testing/Config.ps1 @@ -1,24 +1,29 @@ $COMPILER_MAPPINGS = @{ "cpp" = @{ "clang" = "clang++"; + "gcc" = "g++"; "armclang" = "armclang"; "tiarmclang" = "tiarmclang"; }; "c" = @{ "clang" = "clang"; + "gcc" = "gcc"; }; } $COMPILER_ARGS = @{ "cpp" = @{ "clang" = "-std=c++14 -fsyntax-only"; + "gcc" = "-std=c++14 -fsyntax-only"; "armclang" = "-std=c++14 -fsyntax-only --target=arm-arm-none-eabi"; "tiarmclang" = "-std=c++14 -fsyntax-only --target=arm-arm-none-eabi"; }; "c" = @{ + "gcc" = "-fsyntax-only"; "clang" = "-fsyntax-only"; + }; } diff --git a/scripts/matrix_testing/CreateMatrixTestReport.ps1 b/scripts/matrix_testing/CreateMatrixTestReport.ps1 index 1f06db37e4..e27a097e44 100644 --- a/scripts/matrix_testing/CreateMatrixTestReport.ps1 +++ b/scripts/matrix_testing/CreateMatrixTestReport.ps1 @@ -142,7 +142,7 @@ param( # The compiler to use. Valid values are 'clang' and 'arm-clang'. [Parameter(Mandatory)] - [ValidateSet('clang', 'armclang', 'tiarmclang')] + [ValidateSet('clang', 'armclang', 'tiarmclang', 'gcc')] [string] $Configuration, @@ -283,6 +283,9 @@ $jobRows = $queriesToCheck | ForEach-Object -ThrottleLimit $NumThreads -Parallel #. "$using:PSScriptRoot/GetTestDirectory.ps1" . "$using:PSScriptRoot/NewDatabaseForRule.ps1" . "$using:PSScriptRoot/ExecuteQueryAndDecodeAsJson.ps1" + . "$using:PSScriptRoot/Get-CompilerSpecificFiles.ps1" + . "$using:PSScriptRoot/Pop-CompilerSpecificFiles.ps1" + . "$using:PSScriptRoot/Push-CompilerSpecificFiles.ps1" $q = $_ @@ -314,82 +317,100 @@ $jobRows = $queriesToCheck | ForEach-Object -ThrottleLimit $NumThreads -Parallel $testDirectory = (Get-TestDirectory -RuleObject $q -Language $using:Language) - Write-Host "Compiling database in $testDirectory..." -NoNewline - try { - $db = New-Database-For-Rule -RuleName $CurrentRuleName -RuleTestDir $testDirectory -Configuration $using:Configuration -Language $using:Language - Write-Host -ForegroundColor ([ConsoleColor]2) "OK" - } - catch { - Write-Host -ForegroundColor ([ConsoleColor]4) "FAILED" - $row["COMPILE_ERROR_OUTPUT"] = $_ - - return $row # although it is unlikely to succeed with the next rule skipping to the next rule - # ensures all of the rules will be reported in the - # output. - } - - $row["COMPILE_PASS"] = $true - - Write-Host "Checking expected output..." - - # Dragons below 🐉🐉🐉 - # - # Note this technique uses so-called "wizard" settings to make it possible - # to compare hand compiled databases using qltest. The relative paths and - # other options are required to be set as below (especially the detail about - # the relative path of the dataset and the test). - - # the "dataset" should be the `db-cpp` directory inside the database - # directory. HOWEVER. It should be the path relative to the test directory. - - $rulePath = Resolve-Path $testDirectory - $dbPath = Resolve-Path $db - - Write-Host "Resolving database $dbPath relative to test directory $rulePath" - $dataset = Resolve-Path (Join-Path $dbPath "db-cpp") - - Push-Location $rulePath - $datasetRelPath = Resolve-Path -Relative $dataset - Pop-Location - - Write-Host "Using relative path: $datasetRelPath" - - # Actually do the qltest run. - # codeql test run --dataset "relpath" - - if ($q.shared_implementation_short_name) { - $qlRefFile = Join-Path $rulePath "$($q.shared_implementation_short_name).ql" - } - else { - $qlRefFile = Join-Path $rulePath "$CurrentQueryName.qlref" - } - - Write-Host "codeql test run $qlRefFile --dataset=`"$datasetRelPath`"" - - $stdOut = Join-Path ([System.IO.Path]::GetTempPath()) ([System.Guid]::NewGuid()) - $stdErr = Join-Path ([System.IO.Path]::GetTempPath()) ([System.Guid]::NewGuid()) - - - Write-Host "Standard Out Buffered to: $stdOut" - Write-Host "Standard Error Buffered to: $stdErr" - - $procDetails = Start-Process -FilePath "codeql" -PassThru -NoNewWindow -Wait -ArgumentList "test run $qlRefFile --dataset=`"$datasetRelPath`"" -RedirectStandardOutput $stdOut -RedirectStandardError $stdErr - - if (-Not $procDetails.ExitCode -eq 0) { - - Write-Host -ForegroundColor ([ConsoleColor]4) "FAILED" - Get-Content $stdOut | Out-String | Write-Host - - $row["TEST_DIFFERENCE"] = Get-Content $stdOut | Out-String + ########################################################### + ########################################################### + # Push context + ########################################################### + $context = Push-CompilerSpecificFiles -Configuration $using:Configuration -Language $using:Language -FileSet (Get-CompilerSpecificFiles -TestDirectory $testDirectory) + + Write-Host "Compiling database in $testDirectory..." -NoNewline + + try { + $db = New-Database-For-Rule -RuleName $CurrentRuleName -RuleTestDir $testDirectory -Configuration $using:Configuration -Language $using:Language + Write-Host -ForegroundColor ([ConsoleColor]2) "OK" + } + catch { + Write-Host -ForegroundColor ([ConsoleColor]4) "FAILED" + $row["COMPILE_ERROR_OUTPUT"] = $_ + + return $row # although it is unlikely to succeed with the next rule skipping to the next rule + # ensures all of the rules will be reported in the + # output. + } + + $row["COMPILE_PASS"] = $true + + Write-Host "Checking expected output..." + + # Dragons below 🐉🐉🐉 + # + # Note this technique uses so-called "wizard" settings to make it possible + # to compare hand compiled databases using qltest. The relative paths and + # other options are required to be set as below (especially the detail about + # the relative path of the dataset and the test). + + # the "dataset" should be the `db-cpp` directory inside the database + # directory. HOWEVER. It should be the path relative to the test directory. + + $rulePath = Resolve-Path $testDirectory + $dbPath = Resolve-Path $db + + Write-Host "Resolving database $dbPath relative to test directory $rulePath" + $dataset = Resolve-Path (Join-Path $dbPath "db-cpp") + + Push-Location $rulePath + $datasetRelPath = Resolve-Path -Relative $dataset + Pop-Location + + Write-Host "Using relative path: $datasetRelPath" + + # Actually do the qltest run. + # codeql test run --dataset "relpath" + + if ($q.shared_implementation_short_name) { + $qlRefFile = Join-Path $rulePath "$($q.shared_implementation_short_name).ql" + } + else { + $qlRefFile = Join-Path $rulePath "$CurrentQueryName.qlref" + } + + Write-Host "codeql test run $qlRefFile --dataset=`"$datasetRelPath`"" + + $stdOut = Join-Path ([System.IO.Path]::GetTempPath()) ([System.Guid]::NewGuid()) + $stdErr = Join-Path ([System.IO.Path]::GetTempPath()) ([System.Guid]::NewGuid()) + + + Write-Host "Standard Out Buffered to: $stdOut" + Write-Host "Standard Error Buffered to: $stdErr" + + $procDetails = Start-Process -FilePath "codeql" -PassThru -NoNewWindow -Wait -ArgumentList "test run $qlRefFile --dataset=`"$datasetRelPath`"" -RedirectStandardOutput $stdOut -RedirectStandardError $stdErr + + if (-Not $procDetails.ExitCode -eq 0) { + + Write-Host -ForegroundColor ([ConsoleColor]4) "FAILED" + Get-Content $stdOut | Out-String | Write-Host + + $row["TEST_DIFFERENCE"] = Get-Content $stdOut | Out-String + + } + else { + $row["TEST_PASS"] = $true + Write-Host -ForegroundColor ([ConsoleColor]2) "OK" + } + + return $row + }catch { + Write-Host "Unknown error processing rule." + return $row + }finally { + ########################################################### + ########################################################### + # Context is restored here + ########################################################### + Pop-CompilerSpecificFiles -Context $context } - else { - $row["TEST_PASS"] = $true - Write-Host -ForegroundColor ([ConsoleColor]2) "OK" - } - - return $row } # combine the outputs diff --git a/scripts/matrix_testing/Get-CompilerSpecificFiles.ps1 b/scripts/matrix_testing/Get-CompilerSpecificFiles.ps1 new file mode 100644 index 0000000000..c08cfcb702 --- /dev/null +++ b/scripts/matrix_testing/Get-CompilerSpecificFiles.ps1 @@ -0,0 +1,27 @@ +. "$PSScriptRoot/Config.ps1" +function Get-CompilerSpecificFiles { + param([Parameter(Mandatory)] + [string] + $Configuration, + [Parameter(Mandatory)] + [ValidateSet('c', 'cpp')] + [string] + $TestDirectory + ) + + # + # Convention is as follows: + # + # For test files: + # + # file.c/cpp is used for ALL compilers + # file.c./file.cpp. is used for + # + # file.expected is used for all compilers + # file.expected. is used for + $sourceFiles = Get-ChildItem -Filter "*.$Language.$Configuration" + + $expectedFiles = Get-ChildItem -Filter "*.expected.$Configuration" + + return $sourceFiles + $expectedFiles +} \ No newline at end of file diff --git a/scripts/matrix_testing/Pop-CompilerSpecificFiles.ps1 b/scripts/matrix_testing/Pop-CompilerSpecificFiles.ps1 new file mode 100644 index 0000000000..36e7c0dc62 --- /dev/null +++ b/scripts/matrix_testing/Pop-CompilerSpecificFiles.ps1 @@ -0,0 +1,22 @@ +. "$PSScriptRoot/Config.ps1" +function Pop-CompilerSpecificFiles { + param([Parameter(Mandatory)] + $Context + ) + + foreach($c in $Context){ + + $origin = $context.origin + $temp = $context.temp + + if(-Not $temp -eq $null){ + Write-Host "Restoring $temp -> $origin" + Move-Item -Force -Path $temp $origin + }else { + # otherwise we just need to delete the origin + Write-Host "Removing unneeded context item $origin" + Remove-Item -Force $origin + } + } + +} \ No newline at end of file diff --git a/scripts/matrix_testing/Push-CompilerSpecificFiles.ps1 b/scripts/matrix_testing/Push-CompilerSpecificFiles.ps1 new file mode 100644 index 0000000000..0ce2a6f541 --- /dev/null +++ b/scripts/matrix_testing/Push-CompilerSpecificFiles.ps1 @@ -0,0 +1,61 @@ +. "$PSScriptRoot/Config.ps1" +function Push-CompilerSpecificFiles { + param([Parameter(Mandatory)] + [System.IO.FileSystemInfo[]] + $FileSet, + [string] + $Configuration, + [Parameter(Mandatory)] + [ValidateSet('c', 'cpp')] + $Language + ) + + $context = @() + + + # for each file, move it to a temporary location + foreach($f in $FileSet){ + + # + # Convention is as follows: + # + # For test files: + # + # file.c/cpp is used for ALL compilers + # file.c./file.cpp. is used for + # + # file.expected is used for all compilers + # file.expected. is used for + + $tmp = New-TemporaryFile + + # + # Note -- it is not necessary for the file we are going to replace + # to exist. If it DOES NOT exist, we simply delete the compiler specific + # file afterwards. + + # transform the compiler specific file to the generic one + $originFile = Get-Item $f.FullName.Replace(".$Configuration", "") + + # IF it exists, copy the originFile to a temp location and replace it + # with the specific file. + if($originFile.Exists){ + Write-Host "Moving generic file $originFile to $tmp..." + Move-Item -Force -Path $originFile -Destination $tmp + Write-Host "Copying $f to generic file $originFile" + Copy-Item -Path $f -Destination $originFile + + $context += @{"origin"=$originFile; "temp"=$tmp;} + }else{ + Write-Host "Copying $f to generic file $originFile" + Copy-Item -Path $f -Destination $originFile + + # we set $temp to $null since we don't want to copy anything + # back + $context += @{"origin"=$originFile; "temp"=$null;} + } + } + + return $context + +} \ No newline at end of file From 3e96c5fead7cb5e2eebd435e248aeaa20f96e327 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Wed, 1 Feb 2023 10:59:04 -0800 Subject: [PATCH 0362/2573] refine RULE-6-1 Use the fact that `resolveTypedefs` is an identity operation with types that have no type alias (typedef). --- .../BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql b/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql index 86d12aa263..81c7fb69a3 100644 --- a/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql +++ b/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql @@ -28,9 +28,6 @@ from BitField bitField where not isExcluded(bitField, BitfieldTypesPackage::bitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery()) and - /* A violation would neither an appropriate primitive type nor an appropriate typedef. */ - not ( - isAppropriatePrimitive(bitField.getType()) or - isAppropriatePrimitive(bitField.getType().resolveTypedefs()) - ) + /* A violation would neither be an appropriate primitive type nor an appropriate typedef. */ + not isAppropriatePrimitive(bitField.getType().resolveTypedefs()) select bitField, "Bit-field " + bitField + " is declared on type " + bitField.getType() + "." From 34e47495bc856cf2ef6ad529762844b33eae58ca Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 1 Feb 2023 15:55:21 -0500 Subject: [PATCH 0363/2573] learned a thing or two about powershell return values :) --- .../matrix_testing/CreateMatrixTestReport.ps1 | 13 +++++---- .../Get-CompilerSpecificFiles.ps1 | 19 +++++++++---- scripts/matrix_testing/NewDatabaseForRule.ps1 | 2 +- .../Pop-CompilerSpecificFiles.ps1 | 6 ++--- .../Push-CompilerSpecificFiles.ps1 | 27 +++++++++---------- 5 files changed, 39 insertions(+), 28 deletions(-) diff --git a/scripts/matrix_testing/CreateMatrixTestReport.ps1 b/scripts/matrix_testing/CreateMatrixTestReport.ps1 index e27a097e44..bf7df2e19d 100644 --- a/scripts/matrix_testing/CreateMatrixTestReport.ps1 +++ b/scripts/matrix_testing/CreateMatrixTestReport.ps1 @@ -322,7 +322,11 @@ $jobRows = $queriesToCheck | ForEach-Object -ThrottleLimit $NumThreads -Parallel ########################################################### # Push context ########################################################### - $context = Push-CompilerSpecificFiles -Configuration $using:Configuration -Language $using:Language -FileSet (Get-CompilerSpecificFiles -TestDirectory $testDirectory) + $fileSet = (Get-CompilerSpecificFiles -Configuration $using:Configuration -Language $using:Language -TestDirectory $testDirectory) + + if($fileSet){ + $context = Push-CompilerSpecificFiles -Configuration $using:Configuration -Language $using:Language -FileSet $fileSet + } Write-Host "Compiling database in $testDirectory..." -NoNewline @@ -400,16 +404,15 @@ $jobRows = $queriesToCheck | ForEach-Object -ThrottleLimit $NumThreads -Parallel } return $row - }catch { - Write-Host "Unknown error processing rule." - return $row }finally { ########################################################### ########################################################### # Context is restored here ########################################################### - Pop-CompilerSpecificFiles -Context $context + if($context){ + Pop-CompilerSpecificFiles -Context $context + } } } diff --git a/scripts/matrix_testing/Get-CompilerSpecificFiles.ps1 b/scripts/matrix_testing/Get-CompilerSpecificFiles.ps1 index c08cfcb702..6c06d0a66a 100644 --- a/scripts/matrix_testing/Get-CompilerSpecificFiles.ps1 +++ b/scripts/matrix_testing/Get-CompilerSpecificFiles.ps1 @@ -6,9 +6,11 @@ function Get-CompilerSpecificFiles { [Parameter(Mandatory)] [ValidateSet('c', 'cpp')] [string] + $Language, + [Parameter(Mandatory)] + [string] $TestDirectory - ) - + ) # # Convention is as follows: # @@ -19,9 +21,16 @@ function Get-CompilerSpecificFiles { # # file.expected is used for all compilers # file.expected. is used for - $sourceFiles = Get-ChildItem -Filter "*.$Language.$Configuration" + Write-Host "Scanning for compiler specific files in $TestDirectory" + + foreach($f in (Get-ChildItem -Filter "*.$Language.$Configuration" $TestDirectory)){ + Write-Host "Found file $f..." + $f + } - $expectedFiles = Get-ChildItem -Filter "*.expected.$Configuration" + foreach($f in (Get-ChildItem -Filter "*.expected.$Configuration" $TestDirectory)){ + Write-Host "Found file $f..." + $f + } - return $sourceFiles + $expectedFiles } \ No newline at end of file diff --git a/scripts/matrix_testing/NewDatabaseForRule.ps1 b/scripts/matrix_testing/NewDatabaseForRule.ps1 index 7c067ce025..159be9f9d2 100644 --- a/scripts/matrix_testing/NewDatabaseForRule.ps1 +++ b/scripts/matrix_testing/NewDatabaseForRule.ps1 @@ -21,7 +21,7 @@ function New-Database-For-Rule { Write-Host "Creating Database for Rule $RuleName..." - $cppFiles = Get-ChildItem $RuleTestDir/*.c* + $cppFiles = Get-ChildItem $RuleTestDir/*.$Language $cppFilesString = ([String]::Join(' ', $cppFiles)) Write-Host "Found '.cpp' files $cppFilesString." diff --git a/scripts/matrix_testing/Pop-CompilerSpecificFiles.ps1 b/scripts/matrix_testing/Pop-CompilerSpecificFiles.ps1 index 36e7c0dc62..a0f347d30f 100644 --- a/scripts/matrix_testing/Pop-CompilerSpecificFiles.ps1 +++ b/scripts/matrix_testing/Pop-CompilerSpecificFiles.ps1 @@ -9,13 +9,13 @@ function Pop-CompilerSpecificFiles { $origin = $context.origin $temp = $context.temp - if(-Not $temp -eq $null){ + if($temp){ Write-Host "Restoring $temp -> $origin" - Move-Item -Force -Path $temp $origin + Copy-Item -Force -Path $temp -Destination $origin }else { # otherwise we just need to delete the origin Write-Host "Removing unneeded context item $origin" - Remove-Item -Force $origin + Remove-Item -Force $origin } } diff --git a/scripts/matrix_testing/Push-CompilerSpecificFiles.ps1 b/scripts/matrix_testing/Push-CompilerSpecificFiles.ps1 index 0ce2a6f541..2265dfc2db 100644 --- a/scripts/matrix_testing/Push-CompilerSpecificFiles.ps1 +++ b/scripts/matrix_testing/Push-CompilerSpecificFiles.ps1 @@ -10,12 +10,8 @@ function Push-CompilerSpecificFiles { $Language ) - $context = @() - - # for each file, move it to a temporary location foreach($f in $FileSet){ - # # Convention is as follows: # @@ -35,27 +31,30 @@ function Push-CompilerSpecificFiles { # file afterwards. # transform the compiler specific file to the generic one - $originFile = Get-Item $f.FullName.Replace(".$Configuration", "") + $originFilePath = $f.FullName.Replace(".$Configuration", "") # IF it exists, copy the originFile to a temp location and replace it # with the specific file. - if($originFile.Exists){ + if(Test-Path $originFilePath){ + + $originFile = Get-Item $originFilePath + Write-Host "Moving generic file $originFile to $tmp..." Move-Item -Force -Path $originFile -Destination $tmp Write-Host "Copying $f to generic file $originFile" - Copy-Item -Path $f -Destination $originFile + Copy-Item -Path $f -Destination $originFile - $context += @{"origin"=$originFile; "temp"=$tmp;} + @{"origin"=$originFile; "temp"=$tmp;} }else{ + + $originFile = New-Item $originFilePath + Write-Host "Copying $f to generic file $originFile" - Copy-Item -Path $f -Destination $originFile + Copy-Item -Path $f -Destination $originFile - # we set $temp to $null since we don't want to copy anything + #we set $temp to $null since we don't want to copy anything # back - $context += @{"origin"=$originFile; "temp"=$null;} + @{"origin"=$originFile; "temp"=$null;} } } - - return $context - } \ No newline at end of file From 968b08fd80afc5bcbbb279896eb31554d4ac636b Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 1 Feb 2023 16:19:05 -0500 Subject: [PATCH 0364/2573] whoops --- scripts/matrix_testing/Pop-CompilerSpecificFiles.ps1 | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/scripts/matrix_testing/Pop-CompilerSpecificFiles.ps1 b/scripts/matrix_testing/Pop-CompilerSpecificFiles.ps1 index a0f347d30f..9f78aac381 100644 --- a/scripts/matrix_testing/Pop-CompilerSpecificFiles.ps1 +++ b/scripts/matrix_testing/Pop-CompilerSpecificFiles.ps1 @@ -1,13 +1,14 @@ . "$PSScriptRoot/Config.ps1" function Pop-CompilerSpecificFiles { param([Parameter(Mandatory)] + [hashtable[]] $Context ) foreach($c in $Context){ - $origin = $context.origin - $temp = $context.temp + $origin = $c.origin + $temp = $c.temp if($temp){ Write-Host "Restoring $temp -> $origin" From 59de841d2d3c0404308605ab75a502e80c5d0dcd Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 1 Feb 2023 16:58:14 -0500 Subject: [PATCH 0365/2573] test file --- cpp/autosar/test/rules/A0-1-1/test.cpp | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index c9c5698e2d..90628187d0 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,9 +1,10 @@ // A POD class. -structA { +struct A { int f; int f2; -} +}; + // A non-POD class, with a trivial compiler generated constructor struct B { int f; From 756831b5badd347bd9c60078da871ea5131fca0e Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 1 Feb 2023 16:58:24 -0500 Subject: [PATCH 0366/2573] compiler specific options --- scripts/matrix_testing/Get-CompilerArgs.ps1 | 17 +++++++++++++++-- scripts/matrix_testing/NewDatabaseForRule.ps1 | 3 +-- 2 files changed, 16 insertions(+), 4 deletions(-) diff --git a/scripts/matrix_testing/Get-CompilerArgs.ps1 b/scripts/matrix_testing/Get-CompilerArgs.ps1 index 4bcf46899f..2b970120c2 100644 --- a/scripts/matrix_testing/Get-CompilerArgs.ps1 +++ b/scripts/matrix_testing/Get-CompilerArgs.ps1 @@ -1,12 +1,25 @@ . "$PSScriptRoot/Config.ps1" function Get-CompilerArgs { - param([Parameter(Mandatory)] + param( + [Parameter(Mandatory)] [string] $Configuration, [Parameter(Mandatory)] + [string] + $TestDirectory, + [Parameter(Mandatory)] [ValidateSet('c', 'cpp')] [string] $Language ) - return $COMPILER_ARGS[$Language][$Configuration] + $baseArgs = $COMPILER_ARGS[$Language][$Configuration] + + $optionsFile = (Join-Path $TestDirectory "options.$Configuration") + + # perhaps there is an options file? + if(Test-Path $optionsFile){ + return $baseArgs + " " + (Get-Content $optionsFile) + } + + return $baseArgs } \ No newline at end of file diff --git a/scripts/matrix_testing/NewDatabaseForRule.ps1 b/scripts/matrix_testing/NewDatabaseForRule.ps1 index 159be9f9d2..c7b44a5b0f 100644 --- a/scripts/matrix_testing/NewDatabaseForRule.ps1 +++ b/scripts/matrix_testing/NewDatabaseForRule.ps1 @@ -26,8 +26,7 @@ function New-Database-For-Rule { Write-Host "Found '.cpp' files $cppFilesString." $CompilerExecutable = Get-CompilerExecutable -Configuration $Configuration -Language $Language - $CompilerArgs = Get-CompilerArgs -Configuration $Configuration -Language $Language - + $CompilerArgs = Get-CompilerArgs -Configuration $Configuration -Language $Language -TestDirectory $RuleTestDir $BUILD_COMMAND = "$CompilerExecutable $CompilerArgs $cppFilesString" if ($UseTmpDir) { From 54886efff6155898217cdc594ed698a793a1caa5 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Wed, 1 Feb 2023 15:16:07 -0800 Subject: [PATCH 0367/2573] update test.cpp and tuple.h --- cpp/autosar/test/rules/A0-1-2/test.cpp | 3 ++- cpp/common/test/includes/standard-library/tuple.h | 9 ++++++++- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/test/rules/A0-1-2/test.cpp b/cpp/autosar/test/rules/A0-1-2/test.cpp index 9990687bf4..9c7579a746 100644 --- a/cpp/autosar/test/rules/A0-1-2/test.cpp +++ b/cpp/autosar/test/rules/A0-1-2/test.cpp @@ -17,4 +17,5 @@ void test_return_val() { A a2; a1 + a2; // COMPLIANT - `+` is a call to operator+, but is permitted by the // rule -} \ No newline at end of file + int y = (int)3; +} diff --git a/cpp/common/test/includes/standard-library/tuple.h b/cpp/common/test/includes/standard-library/tuple.h index 8602d4ca1e..93ccc2fa8a 100644 --- a/cpp/common/test/includes/standard-library/tuple.h +++ b/cpp/common/test/includes/standard-library/tuple.h @@ -1,4 +1,11 @@ namespace std { template class tuple {}; template std::tuple make_tuple(Types &&...args); -} // namespace std +// TODO change this to example from cpp standard +struct ignore_t { + template + constexpr // required since C++14 + void operator=(T&&) const noexcept {} +}; +inline constexpr std::ignore_t ignore; // 'const' only until C++17 +} // namespace std \ No newline at end of file From e40d9336dba0726a590ca02785bb22d940ea2ae2 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Thu, 2 Feb 2023 11:03:04 +0100 Subject: [PATCH 0368/2573] Revert "Fix deprecated libraries" This reverts commit 55ff60385e7e0d114894dadfef05aed7acd19c5a. This only applies to CodeQL 2.10.4 and later, while 2.9.4 is being targeted here. --- cpp/common/src/codingstandards/cpp/Config.qll | 6 +++--- .../src/codingstandards/cpp/deviations/Deviations.qll | 10 +++++----- .../GuidelineRecategorizations.qll | 2 +- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Config.qll b/cpp/common/src/codingstandards/cpp/Config.qll index 5ce3f7a035..7d12340719 100644 --- a/cpp/common/src/codingstandards/cpp/Config.qll +++ b/cpp/common/src/codingstandards/cpp/Config.qll @@ -8,7 +8,7 @@ import codingstandards.cpp.exclusions.RuleMetadata import codingstandards.cpp.deviations.Deviations /** A `coding-standards.xml` configuration file (usually generated from an YAML configuration file). */ -class CodingStandardsFile extends XmlFile { +class CodingStandardsFile extends XMLFile { CodingStandardsFile() { this.getBaseName() = "coding-standards.xml" and // Must be within the users source code. @@ -16,12 +16,12 @@ class CodingStandardsFile extends XmlFile { } } -class CodingStandardsConfigSection extends XmlElement { +class CodingStandardsConfigSection extends XMLElement { CodingStandardsConfigSection() { getParent() instanceof CodingStandardsConfig } } /** A "Coding Standards" configuration file */ -class CodingStandardsConfig extends XmlElement { +class CodingStandardsConfig extends XMLElement { CodingStandardsConfig() { any(CodingStandardsFile csf).getARootElement() = this and this.getName() = "codingstandards" diff --git a/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll b/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll index 4dfadd12eb..9399607e3d 100644 --- a/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll +++ b/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll @@ -17,7 +17,7 @@ predicate applyDeviationsAtQueryLevel() { } /** An element which tells the analysis whether to report deviated results. */ -class CodingStandardsReportDeviatedAlerts extends XmlElement { +class CodingStandardsReportDeviatedAlerts extends XMLElement { CodingStandardsReportDeviatedAlerts() { getParent() instanceof CodingStandardsConfig and hasName("report-deviated-alerts") @@ -35,7 +35,7 @@ class DeviationPermits extends CodingStandardsConfigSection { } /** A deviation permit record, that is specified by a permit identifier */ -class DeviationPermit extends XmlElement { +class DeviationPermit extends XMLElement { DeviationPermit() { getParent() instanceof DeviationPermits and hasName("deviation-permits-entry") @@ -118,7 +118,7 @@ class DeviationPermit extends XmlElement { } /** A deviation record, that is a specified rule or query */ -class DeviationRecord extends XmlElement { +class DeviationRecord extends XMLElement { DeviationRecord() { getParent() instanceof DeviationRecords and hasName("deviations-entry") @@ -134,13 +134,13 @@ class DeviationRecord extends XmlElement { private string getRawPermitId() { result = getAChild("permit-id").getTextValue() } - private XmlElement getRawRaisedBy() { result = getAChild("raised-by") } + private XMLElement getRawRaisedBy() { result = getAChild("raised-by") } private string getRawRaisedByName() { result = getRawRaisedBy().getAChild("name").getTextValue() } private string getRawRaisedByDate() { result = getRawRaisedBy().getAChild("date").getTextValue() } - private XmlElement getRawApprovedBy() { result = getAChild("approved-by") } + private XMLElement getRawApprovedBy() { result = getAChild("approved-by") } private string getRawApprovedByName() { result = getRawApprovedBy().getAChild("name").getTextValue() diff --git a/cpp/common/src/codingstandards/cpp/guideline_recategorizations/GuidelineRecategorizations.qll b/cpp/common/src/codingstandards/cpp/guideline_recategorizations/GuidelineRecategorizations.qll index ec5731f1bf..ff148a4a72 100644 --- a/cpp/common/src/codingstandards/cpp/guideline_recategorizations/GuidelineRecategorizations.qll +++ b/cpp/common/src/codingstandards/cpp/guideline_recategorizations/GuidelineRecategorizations.qll @@ -12,7 +12,7 @@ class GuidelineRecategorizations extends CodingStandardsConfigSection { GuidelineRecategorizations() { hasName("guideline-recategorizations") } } -class GuidelineRecategorization extends XmlElement { +class GuidelineRecategorization extends XMLElement { GuidelineRecategorization() { getParent() instanceof GuidelineRecategorizations and hasName("guideline-recategorizations-entry") From 104a317cec0007c850c20d06d965a1d4f2b81af3 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Thu, 2 Feb 2023 11:04:20 +0100 Subject: [PATCH 0369/2573] Modernize the `scripts/generate_modules/queries` qlpack --- scripts/generate_modules/queries/codeql-pack.lock.yml | 6 ++++++ scripts/generate_modules/queries/qlpack.yml | 5 +++-- 2 files changed, 9 insertions(+), 2 deletions(-) create mode 100644 scripts/generate_modules/queries/codeql-pack.lock.yml diff --git a/scripts/generate_modules/queries/codeql-pack.lock.yml b/scripts/generate_modules/queries/codeql-pack.lock.yml new file mode 100644 index 0000000000..b0f02a9d1f --- /dev/null +++ b/scripts/generate_modules/queries/codeql-pack.lock.yml @@ -0,0 +1,6 @@ +--- +dependencies: + codeql/cpp-all: + version: 0.2.3 +compiled: false +lockVersion: 1.0.0 diff --git a/scripts/generate_modules/queries/qlpack.yml b/scripts/generate_modules/queries/qlpack.yml index d165177f23..61cf146c4d 100644 --- a/scripts/generate_modules/queries/qlpack.yml +++ b/scripts/generate_modules/queries/qlpack.yml @@ -1,3 +1,4 @@ -name: standard-library-extraction-cpp-coding-standards +name: codeql/standard-library-extraction-cpp-coding-standards version: 0.0.0 -libraryPathDependencies: codeql-cpp \ No newline at end of file +dependencies: + codeql/cpp-all: 0.2.3 From 8398907c91c275a2b2d3035e7a1caee59e87f930 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Thu, 2 Feb 2023 12:10:28 +0100 Subject: [PATCH 0370/2573] Fix path filter in verify standard library dependencies workflow --- .github/workflows/verify-standard-library-dependencies.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/verify-standard-library-dependencies.yml b/.github/workflows/verify-standard-library-dependencies.yml index 0b05736ddb..91f4a5075b 100644 --- a/.github/workflows/verify-standard-library-dependencies.yml +++ b/.github/workflows/verify-standard-library-dependencies.yml @@ -9,7 +9,7 @@ on: - next paths: - "supported_codeql_configs.json" - - "qlpack.yml" + - "**/qlpack.yml" workflow_dispatch: jobs: From 9cd9638bcc70ff592e54ff4d4f6e7186b1476c35 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Thu, 2 Feb 2023 12:41:32 +0100 Subject: [PATCH 0371/2573] Install codeql packs in "Run analysis report tests" workflow --- .codeqlmanifest.json | 2 +- .github/workflows/tooling-unit-tests.yml | 5 +++++ scripts/reports/deviations.py | 2 +- scripts/reports/diagnostics.py | 2 +- scripts/reports/guideline_recategorizations.py | 2 +- 5 files changed, 9 insertions(+), 4 deletions(-) diff --git a/.codeqlmanifest.json b/.codeqlmanifest.json index d6277f5949..e6aec98053 100644 --- a/.codeqlmanifest.json +++ b/.codeqlmanifest.json @@ -1 +1 @@ -{ "provide": [ "cpp/*/src/qlpack.yml", "cpp/*/test/qlpack.yml", "c/*/src/qlpack.yml", "c/*/test/qlpack.yml" ] } +{ "provide": [ "cpp/*/src/qlpack.yml", "cpp/*/test/qlpack.yml", "c/*/src/qlpack.yml", "c/*/test/qlpack.yml", "scripts/generate_modules/queries/qlpack.yml" ] } diff --git a/.github/workflows/tooling-unit-tests.yml b/.github/workflows/tooling-unit-tests.yml index 5531c11d72..d2ed099a2e 100644 --- a/.github/workflows/tooling-unit-tests.yml +++ b/.github/workflows/tooling-unit-tests.yml @@ -64,6 +64,11 @@ jobs: codeql-home: ${{ github.workspace }}/codeql_home add-to-path: false + - name: Install CodeQL packs + uses: ./.github/actions/install-codeql-packs + with: + cli_path: ${{ github.workspace }}/codeql_home/codeql + - name: Run PyTest env: CODEQL_HOME: ${{ github.workspace }}/codeql_home diff --git a/scripts/reports/deviations.py b/scripts/reports/deviations.py index d7baca5665..d511d35dbb 100644 --- a/scripts/reports/deviations.py +++ b/scripts/reports/deviations.py @@ -42,7 +42,7 @@ def __init__(self, database_path, repo_root): # Get a list of deviations print("Running the deviation query...") self.codeql_summary.codeql.run_queries( - database_path, *query_paths, search_path=str(repo_root), no_rerun=True) + database_path, *query_paths, no_rerun=True) print("Decoding deviation query results") diff --git a/scripts/reports/diagnostics.py b/scripts/reports/diagnostics.py index 4cf17ec9a1..78535a8f9a 100644 --- a/scripts/reports/diagnostics.py +++ b/scripts/reports/diagnostics.py @@ -44,7 +44,7 @@ def __init__(self, database_path, repo_root): # Run all the diagnostics over the database print("Running the diagnostic queries...") self.codeql_summary.codeql.run_queries( - database_path, *queries, search_path=str(repo_root), no_rerun=True) + database_path, *queries, no_rerun=True) print("Decoding diagnostic query results") self.extraction_errors = self.codeql_summary.codeql.decode_results( diff --git a/scripts/reports/guideline_recategorizations.py b/scripts/reports/guideline_recategorizations.py index cc30182596..ebd0fa59de 100644 --- a/scripts/reports/guideline_recategorizations.py +++ b/scripts/reports/guideline_recategorizations.py @@ -40,7 +40,7 @@ def __init__(self, database_path, repo_root): # Get a list of guideline recategorizations print("Running the guideline recategorizations queries...") self.codeql_summary.codeql.run_queries( - database_path, *query_paths, search_path=str(repo_root), no_rerun=True) + database_path, *query_paths, no_rerun=True) print("Decoding guideline recategorizations queries results") From 266c3e58ea697e593d0f4a2abe54a31d2372ebd7 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 2 Feb 2023 14:30:43 +0100 Subject: [PATCH 0372/2573] Misra rules 12-2 17-5 17-7 --- .../RightHandOperandOfAShiftOperatorRange.ql | 11 +++- .../ArrayFunctionArgumentNumberOfElements.ql | 62 ++++++++++++++++++- .../ValueReturnedByAFunctionNotUsed.ql | 16 +++-- ...tHandOperandOfAShiftOperatorRange.expected | 22 ++++++- c/misra/test/rules/RULE-12-2/test.c | 23 +++++-- ...yFunctionArgumentNumberOfElements.expected | 10 ++- c/misra/test/rules/RULE-17-5/test.c | 21 ++++++- .../ValueReturnedByAFunctionNotUsed.expected | 3 +- .../cpp/exclusions/c/Contracts6.qll | 14 +++-- 9 files changed, 158 insertions(+), 24 deletions(-) diff --git a/c/misra/src/rules/RULE-12-2/RightHandOperandOfAShiftOperatorRange.ql b/c/misra/src/rules/RULE-12-2/RightHandOperandOfAShiftOperatorRange.ql index dc3d7b99f9..d69d276745 100644 --- a/c/misra/src/rules/RULE-12-2/RightHandOperandOfAShiftOperatorRange.ql +++ b/c/misra/src/rules/RULE-12-2/RightHandOperandOfAShiftOperatorRange.ql @@ -12,8 +12,15 @@ import cpp import codingstandards.c.misra +import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis -from +from BinaryOperation x, int max_size where not isExcluded(x, Contracts6Package::rightHandOperandOfAShiftOperatorRangeQuery()) and -select + (x instanceof LShiftExpr or x instanceof RShiftExpr) and + max_size = (8 * x.getLeftOperand().getExplicitlyConverted().getUnderlyingType().getSize()) - 1 and + exists(Expr rhs | rhs = x.getRightOperand().getFullyConverted() | + lowerBound(rhs) < 0 or + upperBound(rhs) > max_size + ) +select x, "The right hand operand of the shift operator is not in the range 0 to " + max_size + "." diff --git a/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql b/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql index 651027af50..2081f7b702 100644 --- a/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql +++ b/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql @@ -12,8 +12,64 @@ import cpp import codingstandards.c.misra +import semmle.code.cpp.dataflow.DataFlow -from +/** + * Models a function parameter of type array with specified size + * ``` + * void f1(int ar[3]); + * ``` + */ +class ArrayParameter extends Parameter { + ArrayParameter() { this.getType().(ArrayType).hasArraySize() } + + Expr getAMatchingArgument() { + exists(FunctionCall fc | + this.getFunction() = fc.getTarget() and + result = fc.getArgument(this.getIndex()) + ) + } + + int getArraySize() { result = this.getType().(ArrayType).getArraySize() } +} + +/** + * The number of initialized elements in an ArrayAggregateLiteral. + * In the following examples the result=2 + * ``` + * int arr3[3] = {1, 2}; + * int arr2[2] = {1, 2, 3}; + * ``` + */ +int countElements(ArrayAggregateLiteral l) { result = count(l.getElementExpr(_)) } + +class SmallArrayConfig extends DataFlow::Configuration { + SmallArrayConfig() { this = "SmallArrayConfig" } + + override predicate isSource(DataFlow::Node src) { src.asExpr() instanceof ArrayAggregateLiteral } + + override predicate isSink(DataFlow::Node sink) { + sink.asExpr() = any(ArrayParameter p).getAMatchingArgument() + } +} + +from Expr arg, ArrayParameter p where - not isExcluded(x, Contracts6Package::arrayFunctionArgumentNumberOfElementsQuery()) and -select + not isExcluded(arg, Contracts6Package::arrayFunctionArgumentNumberOfElementsQuery()) and + exists(SmallArrayConfig config | arg = p.getAMatchingArgument() | + // the argument is a value and not an arrey + not arg.getType() instanceof DerivedType + or + // the argument is an array too small + arg.getType().(ArrayType).getArraySize() < p.getArraySize() + or + // the argument is a pointer and its value does not come from a literal of the correct + arg.getType() instanceof PointerType and + not exists(ArrayAggregateLiteral l | + config.hasFlow(DataFlow::exprNode(l), DataFlow::exprNode(arg)) and + countElements(l) >= p.getArraySize() + ) + ) +select arg, + "The function argument does not have a sufficient number or elements declared in the $@.", p, + "parameter" diff --git a/c/misra/src/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.ql b/c/misra/src/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.ql index face46fcf5..4fa1705a23 100644 --- a/c/misra/src/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.ql +++ b/c/misra/src/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.ql @@ -1,7 +1,7 @@ /** * @id c/misra/value-returned-by-a-function-not-used * @name RULE-17-7: The value returned by a function having non-void return type shall be used - * @description + * @description * @kind problem * @precision very-high * @problem.severity error @@ -11,8 +11,16 @@ import cpp import codingstandards.c.misra +import semmle.code.cpp.dataflow.DataFlow -from +from Call c where - not isExcluded(x, Contracts6Package::valueReturnedByAFunctionNotUsedQuery()) and -select + not isExcluded(c, Contracts6Package::valueReturnedByAFunctionNotUsedQuery()) and + // Calls in `ExprStmt`s indicate that the return value is ignored + c.getParent() instanceof ExprStmt and + // Ignore calls to void functions or where the return value is cast to `void` + not c.getActualType() instanceof VoidType and + // Exclude cases where the function call is generated within a macro, as the user of the macro is + // not necessarily able to address thoes results + not c.isAffectedByMacro() +select c, "The value returned by this call shall be used or cast to `void`." diff --git a/c/misra/test/rules/RULE-12-2/RightHandOperandOfAShiftOperatorRange.expected b/c/misra/test/rules/RULE-12-2/RightHandOperandOfAShiftOperatorRange.expected index 2ec1a0ac6c..9f1dea64f3 100644 --- a/c/misra/test/rules/RULE-12-2/RightHandOperandOfAShiftOperatorRange.expected +++ b/c/misra/test/rules/RULE-12-2/RightHandOperandOfAShiftOperatorRange.expected @@ -1 +1,21 @@ -No expected results have yet been specified \ No newline at end of file +| test.c:20:7:20:13 | ... << ... | The right hand operand of the shift operator is not in the range 0 to 31. | +| test.c:22:7:22:13 | ... << ... | The right hand operand of the shift operator is not in the range 0 to 31. | +| test.c:23:7:23:13 | ... << ... | The right hand operand of the shift operator is not in the range 0 to 31. | +| test.c:25:7:25:13 | ... << ... | The right hand operand of the shift operator is not in the range 0 to 31. | +| test.c:26:7:26:13 | ... << ... | The right hand operand of the shift operator is not in the range 0 to 31. | +| test.c:29:7:29:13 | ... << ... | The right hand operand of the shift operator is not in the range 0 to 15. | +| test.c:30:7:30:13 | ... << ... | The right hand operand of the shift operator is not in the range 0 to 15. | +| test.c:31:7:31:13 | ... << ... | The right hand operand of the shift operator is not in the range 0 to 15. | +| test.c:32:7:32:13 | ... << ... | The right hand operand of the shift operator is not in the range 0 to 15. | +| test.c:33:7:33:13 | ... << ... | The right hand operand of the shift operator is not in the range 0 to 15. | +| test.c:34:7:34:13 | ... << ... | The right hand operand of the shift operator is not in the range 0 to 15. | +| test.c:35:7:35:13 | ... << ... | The right hand operand of the shift operator is not in the range 0 to 15. | +| test.c:38:7:38:13 | ... << ... | The right hand operand of the shift operator is not in the range 0 to 63. | +| test.c:40:7:40:13 | ... << ... | The right hand operand of the shift operator is not in the range 0 to 63. | +| test.c:43:7:43:13 | ... << ... | The right hand operand of the shift operator is not in the range 0 to 63. | +| test.c:46:7:46:13 | ... << ... | The right hand operand of the shift operator is not in the range 0 to 7. | +| test.c:47:7:47:12 | ... << ... | The right hand operand of the shift operator is not in the range 0 to 7. | +| test.c:63:7:63:13 | ... << ... | The right hand operand of the shift operator is not in the range 0 to 7. | +| test.c:71:8:71:14 | ... << ... | The right hand operand of the shift operator is not in the range 0 to 7. | +| test.c:75:3:75:19 | ... << ... | The right hand operand of the shift operator is not in the range 0 to 15. | +| test.c:77:3:77:12 | ... >> ... | The right hand operand of the shift operator is not in the range 0 to 63. | diff --git a/c/misra/test/rules/RULE-12-2/test.c b/c/misra/test/rules/RULE-12-2/test.c index b2b88ebda0..563a903503 100644 --- a/c/misra/test/rules/RULE-12-2/test.c +++ b/c/misra/test/rules/RULE-12-2/test.c @@ -1,4 +1,4 @@ - +#include const short int s1 = 15; const short int s2 = -1; @@ -58,8 +58,21 @@ void f2() { int aa = 10; aa++; - a = a << aa; - b = b << aa; - c = c << aa; - d = d << aa; + a = a << aa; // COMPLIANT + b = b << aa; // COMPLIANT + c = c << aa; // NON_COMPLIANT + d = d << aa; // COMPLIANT +} + +void f3() { + uint8_t u8; + uint16_t u16; + u8 = u8 << 7; // COMPLIANT + u8 = u8 << 8; // NON_COMPLIANT + u16 = (uint16_t)u8 << 9; // COMPLIANT +// 0u is essentially unsigned char + 0u << 10; // NON_COMPLIANT[FALSE_NEGATIVE] + (uint16_t)0 << 20; // NON_COMPLIANT + 0UL << 10; // COMPLIANT + 0UL >> 100; // NON_COMPLIANT } \ No newline at end of file diff --git a/c/misra/test/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.expected b/c/misra/test/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.expected index 2ec1a0ac6c..913f6f1c34 100644 --- a/c/misra/test/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.expected +++ b/c/misra/test/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.expected @@ -1 +1,9 @@ -No expected results have yet been specified \ No newline at end of file +| test.c:18:6:18:6 | 0 | The function argument does not have a sufficient number or elements declared in the $@. | test.c:1:13:1:14 | ar | parameter | +| test.c:19:6:19:7 | ar | The function argument does not have a sufficient number or elements declared in the $@. | test.c:1:13:1:14 | ar | parameter | +| test.c:21:6:21:9 | ar2p | The function argument does not have a sufficient number or elements declared in the $@. | test.c:1:13:1:14 | ar | parameter | +| test.c:26:9:26:9 | 0 | The function argument does not have a sufficient number or elements declared in the $@. | test.c:2:20:2:21 | ar | parameter | +| test.c:27:9:27:10 | ar | The function argument does not have a sufficient number or elements declared in the $@. | test.c:2:20:2:21 | ar | parameter | +| test.c:29:9:29:12 | ar2p | The function argument does not have a sufficient number or elements declared in the $@. | test.c:2:20:2:21 | ar | parameter | +| test.c:61:6:61:8 | ar2 | The function argument does not have a sufficient number or elements declared in the $@. | test.c:1:13:1:14 | ar | parameter | +| test.c:62:6:62:9 | ar2b | The function argument does not have a sufficient number or elements declared in the $@. | test.c:1:13:1:14 | ar | parameter | +| test.c:63:6:63:9 | ar2p | The function argument does not have a sufficient number or elements declared in the $@. | test.c:1:13:1:14 | ar | parameter | diff --git a/c/misra/test/rules/RULE-17-5/test.c b/c/misra/test/rules/RULE-17-5/test.c index 2488d2d632..bbac126630 100644 --- a/c/misra/test/rules/RULE-17-5/test.c +++ b/c/misra/test/rules/RULE-17-5/test.c @@ -17,7 +17,7 @@ void t1() { f1(0); // NON_COMPLAINT f1(ar); // NON_COMPLAINT - f1(ar2); // NON_COMPLIANT + f1(ar2); // COMPLIANT f1(ar2p); // NON_COMPLIANT f1(ar3); // COMPLIANT f1(ar3p); // COMPLIANT @@ -25,7 +25,7 @@ void t1() { f2(0, 0); // NON_COMPLAINT f2(0, ar); // NON_COMPLAINT - f2(0, ar2); // NON_COMPLIANT + f2(0, ar2); // COMPLIANT f2(0, ar2p); // NON_COMPLIANT f2(0, ar3); // COMPLIANT f2(0, ar3p); // COMPLIANT @@ -46,4 +46,21 @@ void t1() { f4(0, ar3); // COMPLIANT f4(0, ar3p); // COMPLIANT f4(0, ar4); // COMPLIANT +} + +void t2() { + int ar2[2] = {1, 2}; + int ar2b[2] = {1, 2, 3}; + int *ar2p = ar2; + int ar3[3]; + ar3[0] = 1; + ar3[1] = 2; + ar3[2] = 3; + int ar4[4] = {1, 2, 3, 4}; + + f1(ar2); // NON_COMPLIANT + f1(ar2b); // NON_COMPLIANT + f1(ar2p); // NON_COMPLIANT + f1(ar3); // COMPLIANT + f1(ar4); // COMPLIANT } \ No newline at end of file diff --git a/c/misra/test/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.expected b/c/misra/test/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.expected index 2ec1a0ac6c..95b54ed874 100644 --- a/c/misra/test/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.expected +++ b/c/misra/test/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.expected @@ -1 +1,2 @@ -No expected results have yet been specified \ No newline at end of file +| test.c:6:3:6:4 | call to f2 | The value returned by this call shall be used or cast to `void`. | +| test.c:15:3:15:9 | call to expression | The value returned by this call shall be used or cast to `void`. | diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts6.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts6.qll index 246a7af26b..6aeacb6e7d 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts6.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts6.qll @@ -9,14 +9,15 @@ newtype Contracts6Query = TArrayFunctionArgumentNumberOfElementsQuery() or TValueReturnedByAFunctionNotUsedQuery() -predicate isContracts6QueryMetadata(Query query, string queryId, string ruleId) { +predicate isContracts6QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `doNotModifyConstantObjects` query Contracts6Package::doNotModifyConstantObjectsQuery() and queryId = // `@id` for the `doNotModifyConstantObjects` query "c/cert/do-not-modify-constant-objects" and - ruleId = "EXP40-C" + ruleId = "EXP40-C" and + category = "rule" or query = // `Query` instance for the `rightHandOperandOfAShiftOperatorRange` query @@ -24,7 +25,8 @@ predicate isContracts6QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `rightHandOperandOfAShiftOperatorRange` query "c/misra/right-hand-operand-of-a-shift-operator-range" and - ruleId = "RULE-12-2" + ruleId = "RULE-12-2" and + category = "required" or query = // `Query` instance for the `arrayFunctionArgumentNumberOfElements` query @@ -32,7 +34,8 @@ predicate isContracts6QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `arrayFunctionArgumentNumberOfElements` query "c/misra/array-function-argument-number-of-elements" and - ruleId = "RULE-17-5" + ruleId = "RULE-17-5" and + category = "advisory" or query = // `Query` instance for the `valueReturnedByAFunctionNotUsed` query @@ -40,7 +43,8 @@ predicate isContracts6QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `valueReturnedByAFunctionNotUsed` query "c/misra/value-returned-by-a-function-not-used" and - ruleId = "RULE-17-7" + ruleId = "RULE-17-7" and + category = "required" } module Contracts6Package { From 90fb93b84b367eb2303ce2507a7cfab556322a90 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Thu, 2 Feb 2023 15:29:05 +0100 Subject: [PATCH 0373/2573] Update MEM30-C to include all pointer accesses --- .../src/rules/MEM30-C/DoNotAccessFreedMemory.ql | 17 ++++++++++------- .../MEM30-C/DoNotAccessFreedMemory.expected | 7 +++++-- c/cert/test/rules/MEM30-C/test.c | 12 ++++++++++++ 3 files changed, 27 insertions(+), 9 deletions(-) diff --git a/c/cert/src/rules/MEM30-C/DoNotAccessFreedMemory.ql b/c/cert/src/rules/MEM30-C/DoNotAccessFreedMemory.ql index 28946284d1..800ec103ff 100644 --- a/c/cert/src/rules/MEM30-C/DoNotAccessFreedMemory.ql +++ b/c/cert/src/rules/MEM30-C/DoNotAccessFreedMemory.ql @@ -21,9 +21,10 @@ predicate isFreeExpr(Expr e, StackVariable v) { exists(VariableAccess va | va.getTarget() = v and freeExprOrIndirect(e, va, _)) } -/** `e` is an expression that (may) dereference `v`. */ -predicate isDerefExpr(Expr e, StackVariable v) { - v.getAnAccess() = e and dereferenced(e) +/** `e` is an expression that accesses `v` but is not the lvalue of an assignment. */ +predicate isAccessExpr(Expr e, StackVariable v) { + v.getAnAccess() = e and + not exists(Assignment a | a.getLValue() = e) or isDerefByCallExpr(_, _, e, v) } @@ -38,7 +39,7 @@ predicate isDerefByCallExpr(Call c, int i, VariableAccess va, StackVariable v) { v.getAnAccess() = va and va = c.getAnArgumentSubExpr(i) and not c.passesByReference(i, va) and - (c.getTarget().hasEntryPoint() implies isDerefExpr(_, c.getTarget().getParameter(i))) + (c.getTarget().hasEntryPoint() implies isAccessExpr(_, c.getTarget().getParameter(i))) } class UseAfterFreeReachability extends StackVariableReachability { @@ -46,7 +47,7 @@ class UseAfterFreeReachability extends StackVariableReachability { override predicate isSource(ControlFlowNode node, StackVariable v) { isFreeExpr(node, v) } - override predicate isSink(ControlFlowNode node, StackVariable v) { isDerefExpr(node, v) } + override predicate isSink(ControlFlowNode node, StackVariable v) { isAccessExpr(node, v) } override predicate isBarrier(ControlFlowNode node, StackVariable v) { definitionBarrier(v, node) or @@ -54,10 +55,12 @@ class UseAfterFreeReachability extends StackVariableReachability { } } +// This query is a modified version of the `UseAfterFree.ql` +// (cpp/use-after-free) query from the CodeQL standard library. from UseAfterFreeReachability r, StackVariable v, Expr free, Expr e where not isExcluded(e, InvalidMemory1Package::doNotAccessFreedMemoryQuery()) and r.reaches(free, v, e) select e, - "Memory pointed to by '" + v.getName().toString() + - "' accessed but may have been previously freed $@.", free, "here" + "Pointer '" + v.getName().toString() + "' accessed but may have been previously freed $@.", free, + "here" diff --git a/c/cert/test/rules/MEM30-C/DoNotAccessFreedMemory.expected b/c/cert/test/rules/MEM30-C/DoNotAccessFreedMemory.expected index 1c6b00a2bc..49a91e7935 100644 --- a/c/cert/test/rules/MEM30-C/DoNotAccessFreedMemory.expected +++ b/c/cert/test/rules/MEM30-C/DoNotAccessFreedMemory.expected @@ -1,2 +1,5 @@ -| test.c:11:47:11:47 | p | Memory pointed to by 'p' accessed but may have been previously freed $@. | test.c:12:5:12:8 | call to free | here | -| test.c:25:10:25:12 | buf | Memory pointed to by 'buf' accessed but may have been previously freed $@. | test.c:24:3:24:6 | call to free | here | +| test.c:11:47:11:47 | p | Pointer 'p' accessed but may have been previously freed $@. | test.c:12:5:12:8 | call to free | here | +| test.c:25:10:25:12 | buf | Pointer 'buf' accessed but may have been previously freed $@. | test.c:24:3:24:6 | call to free | here | +| test.c:32:15:32:17 | buf | Pointer 'buf' accessed but may have been previously freed $@. | test.c:31:3:31:6 | call to free | here | +| test.c:33:9:33:11 | buf | Pointer 'buf' accessed but may have been previously freed $@. | test.c:31:3:31:6 | call to free | here | +| test.c:34:16:34:18 | buf | Pointer 'buf' accessed but may have been previously freed $@. | test.c:31:3:31:6 | call to free | here | diff --git a/c/cert/test/rules/MEM30-C/test.c b/c/cert/test/rules/MEM30-C/test.c index 0fee3afe00..a3c7532072 100644 --- a/c/cert/test/rules/MEM30-C/test.c +++ b/c/cert/test/rules/MEM30-C/test.c @@ -23,4 +23,16 @@ void test_freed_arg(char *input) { strcpy(buf, input); // COMPLIANT free(buf); strcpy(buf, input); // NON_COMPLIANT +} + +void test_freed_access_no_deref(char *input) { + char *buf = (char *)malloc(strlen(input) + 1); + strcpy(buf, input); // COMPLIANT + free(buf); + char *tmp = buf; // NON_COMPLIANT + tmp = buf + 1; // NON_COMPLIANT + char *tmp2 = buf; // NON_COMPLIANT + buf = NULL; // COMPLIANT + (char *)buf; // COMPLIANT + tmp2 = buf + 1; // COMPLIANT } \ No newline at end of file From c81cb30ad58bc48106f1664490c46173670349dd Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 2 Feb 2023 10:24:06 -0500 Subject: [PATCH 0374/2573] fix tset --- cpp/autosar/test/rules/A0-1-1/test.cpp | 1 - 1 file changed, 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index 90628187d0..7b35bf5ead 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,4 +1,3 @@ - // A POD class. struct A { int f; From 8240376bba0c3e5e0f2793e4bd1a606b36381a53 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 2 Feb 2023 17:44:45 +0100 Subject: [PATCH 0375/2573] IMplement EXP40-C --- .../EXP40-C/DoNotModifyConstantObjects.md | 3 +- .../EXP40-C/DoNotModifyConstantObjects.ql | 55 +++++++++++++++++-- .../DoNotModifyConstantObjects.expected | 30 +++++++++- c/cert/test/rules/EXP40-C/test.c | 45 +++++++++++++-- .../ArrayFunctionArgumentNumberOfElements.ql | 7 ++- .../ValueReturnedByAFunctionNotUsed.ql | 6 +- .../cpp/exclusions/c/Contracts6.qll | 9 --- rule_packages/c/Contracts6.json | 38 +++++-------- rules.csv | 6 +- 9 files changed, 144 insertions(+), 55 deletions(-) diff --git a/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.md b/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.md index 3ddecd6abf..6effa8e7c4 100644 --- a/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.md +++ b/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.md @@ -5,7 +5,6 @@ This query implements the CERT-C rule EXP40-C: > Do not modify constant objects - ## Description The C Standard, 6.7.3, paragraph 6 \[[IS](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)[O/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\], states @@ -89,7 +88,7 @@ Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+D ## Implementation notes -None +The implementation does not consider pointer aliasing via multiple indirection. ## References diff --git a/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql b/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql index 51fcdb422a..08901f2016 100644 --- a/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql +++ b/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql @@ -1,18 +1,61 @@ /** * @id c/cert/do-not-modify-constant-objects * @name EXP40-C: Do not modify constant objects - * @description - * @kind problem - * @precision very-high + * @description Do not modify constant objects. This may result in undefined behavior. + * @kind path-problem + * @precision high * @problem.severity error * @tags external/cert/id/exp40-c + * correctness * external/cert/obligation/rule */ import cpp import codingstandards.c.cert +import semmle.code.cpp.dataflow.DataFlow +import DataFlow::PathGraph +import codingstandards.cpp.SideEffect -from +class ConstRemovingCast extends Cast { + ConstRemovingCast() { + this.getExpr().getType().(DerivedType).getBaseType*().isConst() and + not this.getType().(DerivedType).getBaseType*().isConst() + } +} + +class MaybeReturnsStringLiteralFunctionCall extends FunctionCall { + MaybeReturnsStringLiteralFunctionCall() { + getTarget().getName() in [ + "strpbrk", "strchr", "strrchr", "strstr", "wcspbrk", "wcschr", "wcsrchr", "wcsstr", + "memchr", "wmemchr" + ] + } +} + +class MyDataFlowConfCast extends DataFlow::Configuration { + MyDataFlowConfCast() { this = "MyDataFlowConfCast" } + + override predicate isSource(DataFlow::Node source) { + source.asExpr().getFullyConverted() instanceof ConstRemovingCast + or + source.asExpr().getFullyConverted() = any(MaybeReturnsStringLiteralFunctionCall c) + } + + override predicate isSink(DataFlow::Node sink) { + sink.asExpr() = any(Assignment a).getLValue().(PointerDereferenceExpr).getOperand() + } +} + +from MyDataFlowConfCast conf, DataFlow::PathNode src, DataFlow::PathNode sink where - not isExcluded(x, Contracts6Package::doNotModifyConstantObjectsQuery()) and -select + conf.hasFlowPath(src, sink) + or + sink.getNode() + .asExpr() + .(VariableEffect) + .getTarget() + .getType() + .(DerivedType) + .getBaseType*() + .isConst() +select sink, src, sink, "Const variable assigned with non const-value." diff --git a/c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.expected b/c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.expected index 2ec1a0ac6c..3211c4fab1 100644 --- a/c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.expected +++ b/c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.expected @@ -1 +1,29 @@ -No expected results have yet been specified \ No newline at end of file +edges +| test.c:5:8:5:9 | & ... | test.c:6:4:6:5 | aa | +| test.c:26:15:26:15 | a | test.c:27:4:27:4 | a | +| test.c:34:13:34:14 | & ... | test.c:39:7:39:8 | p1 | +| test.c:39:7:39:8 | p1 | test.c:26:15:26:15 | a | +| test.c:40:7:40:9 | * ... | test.c:26:15:26:15 | a | +| test.c:59:7:59:8 | & ... | test.c:60:4:60:4 | p | +| test.c:79:11:79:16 | call to strchr | test.c:81:6:81:12 | ... ++ | +nodes +| test.c:5:8:5:9 | & ... | semmle.label | & ... | +| test.c:6:4:6:5 | aa | semmle.label | aa | +| test.c:26:15:26:15 | a | semmle.label | a | +| test.c:27:4:27:4 | a | semmle.label | a | +| test.c:34:13:34:14 | & ... | semmle.label | & ... | +| test.c:39:7:39:8 | p1 | semmle.label | p1 | +| test.c:40:7:40:9 | * ... | semmle.label | * ... | +| test.c:59:7:59:8 | & ... | semmle.label | & ... | +| test.c:60:4:60:4 | p | semmle.label | p | +| test.c:74:12:74:12 | s | semmle.label | s | +| test.c:79:11:79:16 | call to strchr | semmle.label | call to strchr | +| test.c:81:6:81:12 | ... ++ | semmle.label | ... ++ | +subpaths +#select +| test.c:6:4:6:5 | aa | test.c:5:8:5:9 | & ... | test.c:6:4:6:5 | aa | Const variable assigned with non const-value. | +| test.c:27:4:27:4 | a | test.c:34:13:34:14 | & ... | test.c:27:4:27:4 | a | Const variable assigned with non const-value. | +| test.c:27:4:27:4 | a | test.c:40:7:40:9 | * ... | test.c:27:4:27:4 | a | Const variable assigned with non const-value. | +| test.c:60:4:60:4 | p | test.c:59:7:59:8 | & ... | test.c:60:4:60:4 | p | Const variable assigned with non const-value. | +| test.c:74:12:74:12 | s | test.c:74:12:74:12 | s | test.c:74:12:74:12 | s | Const variable assigned with non const-value. | +| test.c:81:6:81:12 | ... ++ | test.c:79:11:79:16 | call to strchr | test.c:81:6:81:12 | ... ++ | Const variable assigned with non const-value. | diff --git a/c/cert/test/rules/EXP40-C/test.c b/c/cert/test/rules/EXP40-C/test.c index 5723f72c30..f8c9b6d545 100644 --- a/c/cert/test/rules/EXP40-C/test.c +++ b/c/cert/test/rules/EXP40-C/test.c @@ -2,8 +2,8 @@ void f1() { const int a = 3; int *aa; - aa = &a; // NON_COMPLIANT - *aa = 100; + aa = &a; + *aa = 100; // NON_COMPLIANT } void f1a() { @@ -31,13 +31,13 @@ void f4b(int *a) {} void f4() { const int a = 100; - int *p1 = &a; // NON_COMPLIANT + int *p1 = &a; // COMPLIANT const int **p2; - *p2 = &a; // NON_COMPLIANT + *p2 = &a; // COMPLIANT - f4a(p1); // NON_COMPLIANT - f4a(*p2); // NON_COMPLIANT + f4a(p1); // COMPLIANT + f4a(*p2); // COMPLIANT } void f5() { @@ -49,4 +49,37 @@ void f5() { f4b(p1); f4b(*p2); +} + +#include + +void f6a() { + char *p; + const char c = 'A'; + p = &c; + *p = 0; // NON_COMPLIANT +} + +void f6b() { + const char **cpp; + char *p; + const char c = 'A'; + cpp = &p; + *cpp = &c; + *p = 0; // NON_COMPLIANT[FALSE_NEGATIVE] +} + +const char s[] = "foo"; // source +void f7() { + *(char *)s = '\0'; // NON_COMPLIANT +} + +const char *f8(const char *pathname) { + char *slash; + slash = strchr(pathname, '/'); + if (slash) { + *slash++ = '\0'; // NON_COMPLIANT + return slash; + } + return pathname; } \ No newline at end of file diff --git a/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql b/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql index 2081f7b702..55dd237e89 100644 --- a/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql +++ b/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql @@ -1,12 +1,13 @@ /** * @id c/misra/array-function-argument-number-of-elements - * @name RULE-17-5: The function argument corresponding to a parameter declared to have an array type shall have an - * @description The function argument corresponding to a parameter declared to have an array type - * shall have an appropriate number of elements + * @name RULE-17-5: An array founction argument shall have an appropriate number of elements + * @description The function argument corresponding to an array parameter shall have an appropriate + * number of elements * @kind problem * @precision high * @problem.severity error * @tags external/misra/id/rule-17-5 + * correctness * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.ql b/c/misra/src/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.ql index 4fa1705a23..906c11add0 100644 --- a/c/misra/src/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.ql +++ b/c/misra/src/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.ql @@ -1,11 +1,13 @@ /** * @id c/misra/value-returned-by-a-function-not-used - * @name RULE-17-7: The value returned by a function having non-void return type shall be used - * @description + * @name RULE-17-7: Return values should be used or cast to void + * @description The value returned by a function having non-void return type shall be used or cast + * to void * @kind problem * @precision very-high * @problem.severity error * @tags external/misra/id/rule-17-7 + * correctness * external/misra/obligation/required */ diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts6.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts6.qll index 6aeacb6e7d..5f55b28b2e 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts6.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts6.qll @@ -19,15 +19,6 @@ predicate isContracts6QueryMetadata(Query query, string queryId, string ruleId, ruleId = "EXP40-C" and category = "rule" or - query = - // `Query` instance for the `rightHandOperandOfAShiftOperatorRange` query - Contracts6Package::rightHandOperandOfAShiftOperatorRangeQuery() and - queryId = - // `@id` for the `rightHandOperandOfAShiftOperatorRange` query - "c/misra/right-hand-operand-of-a-shift-operator-range" and - ruleId = "RULE-12-2" and - category = "required" - or query = // `Query` instance for the `arrayFunctionArgumentNumberOfElements` query Contracts6Package::arrayFunctionArgumentNumberOfElementsQuery() and diff --git a/rule_packages/c/Contracts6.json b/rule_packages/c/Contracts6.json index 0113b16542..8708f9e3af 100644 --- a/rule_packages/c/Contracts6.json +++ b/rule_packages/c/Contracts6.json @@ -6,36 +6,22 @@ }, "queries": [ { - "description": "", - "kind": "problem", + "description": "Do not modify constant objects. This may result in undefined behavior.", + "kind": "path-problem", "name": "Do not modify constant objects", - "precision": "very-high", + "precision": "high", "severity": "error", "short_name": "DoNotModifyConstantObjects", - "tags": [] + "tags": ["correctness"], + "implementation_scope": { + "description": "The implementation does not consider pointer aliasing via multiple indirection." + } } ], "title": "Do not modify constant objects" } }, "MISRA-C-2012": { - "RULE-12-2": { - "properties": { - "obligation": "required" - }, - "queries": [ - { - "description": "The right hand operand of a shift operator shall lie in the range zero to one less than the width in bits of the essential type of the left hand operand", - "kind": "problem", - "name": "The right hand operand of a shift operator shall lie in the range zero to one less than the width in", - "precision": "high", - "severity": "error", - "short_name": "RightHandOperandOfAShiftOperatorRange", - "tags": [] - } - ], - "title": "The right hand operand of a shift operator shall lie in the range zero to one less than the width in bits of the essential type of the left hand operand" - }, "RULE-17-5": { "properties": { "obligation": "advisory" @@ -48,7 +34,10 @@ "precision": "high", "severity": "error", "short_name": "ArrayFunctionArgumentNumberOfElements", - "tags": [] + "tags": ["correctness"], + "implementation_scope": { + "description": "The rule is enforced in the context of a single function." + } } ], "title": "The function argument corresponding to a parameter declared to have an array type shall have an appropriate number of elements" @@ -65,7 +54,10 @@ "precision": "very-high", "severity": "error", "short_name": "ValueReturnedByAFunctionNotUsed", - "tags": [] + "tags": ["correctness"], + "implementation_scope": { + "description": "The rule is enforced in the context of a single function." + } } ], "title": "The value returned by a function having non-void return type shall be used" diff --git a/rules.csv b/rules.csv index 0e010aab04..d5dc6ca5b1 100644 --- a/rules.csv +++ b/rules.csv @@ -523,7 +523,7 @@ c,CERT-C,EXP35-C,Yes,Rule,,,Do not modify objects with temporary lifetime,,Inval c,CERT-C,EXP36-C,Yes,Rule,,,Do not cast pointers into more strictly aligned pointer types,,Pointers3,Medium, c,CERT-C,EXP37-C,Yes,Rule,,,Call functions with the correct number and type of arguments,,Expressions,Easy, c,CERT-C,EXP39-C,Yes,Rule,,,Do not access a variable through a pointer of an incompatible type,,Pointers3,Medium, -c,CERT-C,EXP40-C,Yes,Rule,,,Do not modify constant objects,,Contracts6,Medium, +c,CERT-C,EXP40-C,Yes,Rule,,,Do not modify constant objects,,Contracts6,Hard, c,CERT-C,EXP42-C,Yes,Rule,,,Do not compare padding data,,Memory,Medium, c,CERT-C,EXP43-C,Yes,Rule,,,Avoid undefined behavior when using restrict-qualified pointers,,Pointers3,Medium, c,CERT-C,EXP44-C,Yes,Rule,,,"Do not rely on side effects in operands to sizeof, _Alignof, or _Generic",M5-3-4,SideEffects1,Medium, @@ -683,7 +683,7 @@ c,MISRA-C-2012,RULE-11-7,Yes,Required,,,A cast shall not be performed between po c,MISRA-C-2012,RULE-11-8,Yes,Required,,,A cast shall not remove any const or volatile qualification from the type pointed to by a pointer,,Pointers1,Easy, c,MISRA-C-2012,RULE-11-9,Yes,Required,,,The macro NULL shall be the only permitted form of integer null pointer constant,,Pointers1,Easy, c,MISRA-C-2012,RULE-12-1,Yes,Advisory,,,The precedence of operators within expressions should be made explicit,,SideEffects1,Medium, -c,MISRA-C-2012,RULE-12-2,Yes,Required,,,The right hand operand of a shift operator shall lie in the range zero to one less than the width in bits of the essential type of the left hand operand,,Contracts6,Hard, +c,MISRA-C-2012,RULE-12-2,Yes,Required,,,The right hand operand of a shift operator shall lie in the range zero to one less than the width in bits of the essential type of the left hand operand,,Contracts,Medium, c,MISRA-C-2012,RULE-12-3,Yes,Advisory,,,The comma operator should not be used,M5-18-1,Banned,Import, c,MISRA-C-2012,RULE-12-4,Yes,Advisory,,,Evaluation of constant expressions should not lead to unsigned integer wrap-around,INT30-C,Types,Easy, c,MISRA-C-2012,RULE-12-5,Yes,Mandatory,,,The sizeof operator shall not have an operand which is a function parameter declared as �array of type�,,Types,Medium, @@ -717,7 +717,7 @@ c,MISRA-C-2012,RULE-17-3,Yes,Mandatory,,,A function shall not be declared implic c,MISRA-C-2012,RULE-17-4,Yes,Mandatory,,,All exit paths from a function with non-void return type shall have an explicit return statement with an expression,MSC52-CPP,Statements,Medium, c,MISRA-C-2012,RULE-17-5,Yes,Advisory,,,The function argument corresponding to a parameter declared to have an array type shall have an appropriate number of elements,,Contracts6,Hard, c,MISRA-C-2012,RULE-17-6,No,Mandatory,,,The declaration of an array parameter shall not contain the static keyword between the [ ],,,, -c,MISRA-C-2012,RULE-17-7,Yes,Required,,,The value returned by a function having non-void return type shall be used,A0-1-2,Contracts6,Import, +c,MISRA-C-2012,RULE-17-7,Yes,Required,,,The value returned by a function having non-void return type shall be used,A0-1-2,Contracts6,Easy, c,MISRA-C-2012,RULE-17-8,Yes,Advisory,,,A function parameter should not be modified,,SideEffects2,Medium, c,MISRA-C-2012,RULE-18-1,Yes,Required,,,A pointer resulting from arithmetic on a pointer operand shall address an element of the same array as that pointer operand,M5-0-16,Pointers1,Import, c,MISRA-C-2012,RULE-18-2,Yes,Required,,,Subtraction between pointers shall only be applied to pointers that address elements of the same array,M5-0-17,Pointers1,Import, From 9242d22eb9865b71ce7d21e9e69b4eb663c7bfa9 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 2 Feb 2023 17:50:15 +0100 Subject: [PATCH 0376/2573] Fix for CI/CD --- .../RightHandOperandOfAShiftOperatorRange.ql | 26 ------- ...tHandOperandOfAShiftOperatorRange.expected | 21 ----- ...ightHandOperandOfAShiftOperatorRange.qlref | 1 - c/misra/test/rules/RULE-12-2/test.c | 78 ------------------- rule_packages/c/Contracts6.json | 22 ++---- 5 files changed, 8 insertions(+), 140 deletions(-) delete mode 100644 c/misra/src/rules/RULE-12-2/RightHandOperandOfAShiftOperatorRange.ql delete mode 100644 c/misra/test/rules/RULE-12-2/RightHandOperandOfAShiftOperatorRange.expected delete mode 100644 c/misra/test/rules/RULE-12-2/RightHandOperandOfAShiftOperatorRange.qlref delete mode 100644 c/misra/test/rules/RULE-12-2/test.c diff --git a/c/misra/src/rules/RULE-12-2/RightHandOperandOfAShiftOperatorRange.ql b/c/misra/src/rules/RULE-12-2/RightHandOperandOfAShiftOperatorRange.ql deleted file mode 100644 index d69d276745..0000000000 --- a/c/misra/src/rules/RULE-12-2/RightHandOperandOfAShiftOperatorRange.ql +++ /dev/null @@ -1,26 +0,0 @@ -/** - * @id c/misra/right-hand-operand-of-a-shift-operator-range - * @name RULE-12-2: The right hand operand of a shift operator shall lie in the range zero to one less than the width in - * @description The right hand operand of a shift operator shall lie in the range zero to one less - * than the width in bits of the essential type of the left hand operand - * @kind problem - * @precision high - * @problem.severity error - * @tags external/misra/id/rule-12-2 - * external/misra/obligation/required - */ - -import cpp -import codingstandards.c.misra -import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis - -from BinaryOperation x, int max_size -where - not isExcluded(x, Contracts6Package::rightHandOperandOfAShiftOperatorRangeQuery()) and - (x instanceof LShiftExpr or x instanceof RShiftExpr) and - max_size = (8 * x.getLeftOperand().getExplicitlyConverted().getUnderlyingType().getSize()) - 1 and - exists(Expr rhs | rhs = x.getRightOperand().getFullyConverted() | - lowerBound(rhs) < 0 or - upperBound(rhs) > max_size - ) -select x, "The right hand operand of the shift operator is not in the range 0 to " + max_size + "." diff --git a/c/misra/test/rules/RULE-12-2/RightHandOperandOfAShiftOperatorRange.expected b/c/misra/test/rules/RULE-12-2/RightHandOperandOfAShiftOperatorRange.expected deleted file mode 100644 index 9f1dea64f3..0000000000 --- a/c/misra/test/rules/RULE-12-2/RightHandOperandOfAShiftOperatorRange.expected +++ /dev/null @@ -1,21 +0,0 @@ -| test.c:20:7:20:13 | ... << ... | The right hand operand of the shift operator is not in the range 0 to 31. | -| test.c:22:7:22:13 | ... << ... | The right hand operand of the shift operator is not in the range 0 to 31. | -| test.c:23:7:23:13 | ... << ... | The right hand operand of the shift operator is not in the range 0 to 31. | -| test.c:25:7:25:13 | ... << ... | The right hand operand of the shift operator is not in the range 0 to 31. | -| test.c:26:7:26:13 | ... << ... | The right hand operand of the shift operator is not in the range 0 to 31. | -| test.c:29:7:29:13 | ... << ... | The right hand operand of the shift operator is not in the range 0 to 15. | -| test.c:30:7:30:13 | ... << ... | The right hand operand of the shift operator is not in the range 0 to 15. | -| test.c:31:7:31:13 | ... << ... | The right hand operand of the shift operator is not in the range 0 to 15. | -| test.c:32:7:32:13 | ... << ... | The right hand operand of the shift operator is not in the range 0 to 15. | -| test.c:33:7:33:13 | ... << ... | The right hand operand of the shift operator is not in the range 0 to 15. | -| test.c:34:7:34:13 | ... << ... | The right hand operand of the shift operator is not in the range 0 to 15. | -| test.c:35:7:35:13 | ... << ... | The right hand operand of the shift operator is not in the range 0 to 15. | -| test.c:38:7:38:13 | ... << ... | The right hand operand of the shift operator is not in the range 0 to 63. | -| test.c:40:7:40:13 | ... << ... | The right hand operand of the shift operator is not in the range 0 to 63. | -| test.c:43:7:43:13 | ... << ... | The right hand operand of the shift operator is not in the range 0 to 63. | -| test.c:46:7:46:13 | ... << ... | The right hand operand of the shift operator is not in the range 0 to 7. | -| test.c:47:7:47:12 | ... << ... | The right hand operand of the shift operator is not in the range 0 to 7. | -| test.c:63:7:63:13 | ... << ... | The right hand operand of the shift operator is not in the range 0 to 7. | -| test.c:71:8:71:14 | ... << ... | The right hand operand of the shift operator is not in the range 0 to 7. | -| test.c:75:3:75:19 | ... << ... | The right hand operand of the shift operator is not in the range 0 to 15. | -| test.c:77:3:77:12 | ... >> ... | The right hand operand of the shift operator is not in the range 0 to 63. | diff --git a/c/misra/test/rules/RULE-12-2/RightHandOperandOfAShiftOperatorRange.qlref b/c/misra/test/rules/RULE-12-2/RightHandOperandOfAShiftOperatorRange.qlref deleted file mode 100644 index d32cc27dcd..0000000000 --- a/c/misra/test/rules/RULE-12-2/RightHandOperandOfAShiftOperatorRange.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-12-2/RightHandOperandOfAShiftOperatorRange.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-12-2/test.c b/c/misra/test/rules/RULE-12-2/test.c deleted file mode 100644 index 563a903503..0000000000 --- a/c/misra/test/rules/RULE-12-2/test.c +++ /dev/null @@ -1,78 +0,0 @@ -#include - -const short int s1 = 15; -const short int s2 = -1; -const short int s3 = 16; -const int s4 = -1; -const int s5 = 32; -const int s6 = 21; - -const long int s7 = 64; -const long int s8 = 63; - -void f1() { - int a; - short b; - long c; - char d; - - a = a << s1; // COMPLIANT - a = a << s2; // NON_COMPLIANT - a = a << s3; // COMPLIANT - a = a << s4; // NON_COMPLIANT - a = a << s5; // NON_COMPLIANT - a = a << s6; // COMPLIANT - a = a << s7; // NON_COMPLIANT - a = a << s8; // NON_COMPLIANT - - b = b << s1; // COMPLIANT - b = b << s2; // NON_COMPLIANT - b = b << s3; // NON_COMPLIANT - b = b << s4; // NON_COMPLIANT - b = b << s5; // NON_COMPLIANT - b = b << s6; // NON_COMPLIANT - b = b << s7; // NON_COMPLIANT - b = b << s8; // NON_COMPLIANT - - c = c << s1; // COMPLIANT - c = c << s2; // NON_COMPLIANT - c = c << s3; // COMPLIANT - c = c << s4; // NON_COMPLIANT - c = c << s5; // COMPLIANT - c = c << s6; // COMPLIANT - c = c << s7; // NON_COMPLIANT - c = c << s8; // COMPLIANT - - d = d << -1; // NON_COMPLIANT - d = d << 8; // NON_COMPLIANT - d = d << 7; // COMPLIANT - d = d << 0; // COMPLIANT -} - -void f2() { - int a; - short b; - char c; - long long d; - - int aa = 10; - aa++; - - a = a << aa; // COMPLIANT - b = b << aa; // COMPLIANT - c = c << aa; // NON_COMPLIANT - d = d << aa; // COMPLIANT -} - -void f3() { - uint8_t u8; - uint16_t u16; - u8 = u8 << 7; // COMPLIANT - u8 = u8 << 8; // NON_COMPLIANT - u16 = (uint16_t)u8 << 9; // COMPLIANT -// 0u is essentially unsigned char - 0u << 10; // NON_COMPLIANT[FALSE_NEGATIVE] - (uint16_t)0 << 20; // NON_COMPLIANT - 0UL << 10; // COMPLIANT - 0UL >> 100; // NON_COMPLIANT -} \ No newline at end of file diff --git a/rule_packages/c/Contracts6.json b/rule_packages/c/Contracts6.json index 8708f9e3af..bc707f19f4 100644 --- a/rule_packages/c/Contracts6.json +++ b/rule_packages/c/Contracts6.json @@ -28,19 +28,16 @@ }, "queries": [ { - "description": "The function argument corresponding to a parameter declared to have an array type shall have an appropriate number of elements", + "description": "The function argument corresponding to an array parameter shall have an appropriate number of elements.", "kind": "problem", - "name": "The function argument corresponding to a parameter declared to have an array type shall have an", + "name": "An array founction argument shall have an appropriate number of elements", "precision": "high", "severity": "error", "short_name": "ArrayFunctionArgumentNumberOfElements", - "tags": ["correctness"], - "implementation_scope": { - "description": "The rule is enforced in the context of a single function." - } + "tags": ["correctness"] } ], - "title": "The function argument corresponding to a parameter declared to have an array type shall have an appropriate number of elements" + "title": "The function argument corresponding to an array parameter shall have an appropriate number of elements" }, "RULE-17-7": { "properties": { @@ -48,19 +45,16 @@ }, "queries": [ { - "description": "", + "description": "The value returned by a function having non-void return type shall be used or cast to void.", "kind": "problem", - "name": "The value returned by a function having non-void return type shall be used", + "name": "Return values should be used or cast to void", "precision": "very-high", "severity": "error", "short_name": "ValueReturnedByAFunctionNotUsed", - "tags": ["correctness"], - "implementation_scope": { - "description": "The rule is enforced in the context of a single function." - } + "tags": ["correctness"] } ], - "title": "The value returned by a function having non-void return type shall be used" + "title": "The value returned by a function having non-void return type shall be used or cast to void" } } } \ No newline at end of file From 870215b684d0c75cb02a303d79bc71518303e9c1 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 2 Feb 2023 11:58:15 -0500 Subject: [PATCH 0377/2573] work --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index 7b35bf5ead..3453611146 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -2,7 +2,7 @@ struct A { int f; int f2; -}; +} // A non-POD class, with a trivial compiler generated constructor struct B { From 5b619c54a15da850072e4ac634c0a85755f8b81c Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 2 Feb 2023 18:00:13 +0100 Subject: [PATCH 0378/2573] Regenerate Contracts6.qll --- .../src/codingstandards/cpp/exclusions/c/Contracts6.qll | 8 -------- 1 file changed, 8 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts6.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts6.qll index 5f55b28b2e..bd897bd79f 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts6.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts6.qll @@ -5,7 +5,6 @@ import codingstandards.cpp.exclusions.RuleMetadata newtype Contracts6Query = TDoNotModifyConstantObjectsQuery() or - TRightHandOperandOfAShiftOperatorRangeQuery() or TArrayFunctionArgumentNumberOfElementsQuery() or TValueReturnedByAFunctionNotUsedQuery() @@ -46,13 +45,6 @@ module Contracts6Package { TQueryC(TContracts6PackageQuery(TDoNotModifyConstantObjectsQuery())) } - Query rightHandOperandOfAShiftOperatorRangeQuery() { - //autogenerate `Query` type - result = - // `Query` type for `rightHandOperandOfAShiftOperatorRange` query - TQueryC(TContracts6PackageQuery(TRightHandOperandOfAShiftOperatorRangeQuery())) - } - Query arrayFunctionArgumentNumberOfElementsQuery() { //autogenerate `Query` type result = From 3a71ed25186852061b1a685f8ca490cae9ef5b8e Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 2 Feb 2023 18:01:35 +0100 Subject: [PATCH 0379/2573] Fixing rules description --- .../rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql | 2 +- c/misra/src/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.ql | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql b/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql index 55dd237e89..0b5b95016c 100644 --- a/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql +++ b/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql @@ -2,7 +2,7 @@ * @id c/misra/array-function-argument-number-of-elements * @name RULE-17-5: An array founction argument shall have an appropriate number of elements * @description The function argument corresponding to an array parameter shall have an appropriate - * number of elements + * number of elements. * @kind problem * @precision high * @problem.severity error diff --git a/c/misra/src/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.ql b/c/misra/src/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.ql index 906c11add0..3b224544f2 100644 --- a/c/misra/src/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.ql +++ b/c/misra/src/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.ql @@ -2,7 +2,7 @@ * @id c/misra/value-returned-by-a-function-not-used * @name RULE-17-7: Return values should be used or cast to void * @description The value returned by a function having non-void return type shall be used or cast - * to void + * to void. * @kind problem * @precision very-high * @problem.severity error From 82b698766d66be740ec2f126389dfa387fa7660c Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 2 Feb 2023 16:11:33 -0500 Subject: [PATCH 0380/2573] adding some missing options files --- cpp/autosar/test/rules/A0-1-1/options.clang | 1 + cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- cpp/autosar/test/rules/A1-1-3/options.clang | 1 + 3 files changed, 3 insertions(+), 1 deletion(-) create mode 100644 cpp/autosar/test/rules/A0-1-1/options.clang create mode 100644 cpp/autosar/test/rules/A1-1-3/options.clang diff --git a/cpp/autosar/test/rules/A0-1-1/options.clang b/cpp/autosar/test/rules/A0-1-1/options.clang new file mode 100644 index 0000000000..751f1364f6 --- /dev/null +++ b/cpp/autosar/test/rules/A0-1-1/options.clang @@ -0,0 +1 @@ +-Wall \ No newline at end of file diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index 3453611146..7b35bf5ead 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -2,7 +2,7 @@ struct A { int f; int f2; -} +}; // A non-POD class, with a trivial compiler generated constructor struct B { diff --git a/cpp/autosar/test/rules/A1-1-3/options.clang b/cpp/autosar/test/rules/A1-1-3/options.clang new file mode 100644 index 0000000000..700c89341d --- /dev/null +++ b/cpp/autosar/test/rules/A1-1-3/options.clang @@ -0,0 +1 @@ +-Ofast -ffast-math -fgnu-keywords -fno-signed-zeroes -menable-unsafe-fp-math -menable-no-nans -menable-no-infs -menable-unsafe-fp-math -ffinite-math-only -ffloat-store \ No newline at end of file From 7b93bb84e34d5b871e38570aa54776a204f2cadb Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Thu, 2 Feb 2023 16:08:01 -0800 Subject: [PATCH 0381/2573] First draft of UnusedReturnValue --- .../src/rules/A0-1-2/UnusedReturnValue.ql | 104 +++++++++++------- .../rules/A0-1-2/UnusedReturnValue.expected | 2 +- cpp/autosar/test/rules/A0-1-2/test.cpp | 11 +- .../test/includes/standard-library/tuple.h | 11 +- 4 files changed, 80 insertions(+), 48 deletions(-) diff --git a/cpp/autosar/src/rules/A0-1-2/UnusedReturnValue.ql b/cpp/autosar/src/rules/A0-1-2/UnusedReturnValue.ql index da7f34cf23..cf10709631 100644 --- a/cpp/autosar/src/rules/A0-1-2/UnusedReturnValue.ql +++ b/cpp/autosar/src/rules/A0-1-2/UnusedReturnValue.ql @@ -1,32 +1,48 @@ /** - * @id cpp/autosar/unused-return-value - * @name A0-1-2: Unused return value - * @description The value returned by a function having a non-void return type that is not an - * overloaded operator shall be used. - * @kind problem - * @precision very-high - * @problem.severity warning - * @tags external/autosar/id/a0-1-2 - * readability - * maintainability - * external/autosar/allocated-target/implementation - * external/autosar/enforcement/automated - * external/autosar/obligation/required - */ +* @id cpp/autosar/unused-return-value +* @name A0-1-2: Unused return value +* @description The value returned by a function having a non-void return type that is not an +* overloaded operator shall be used. +* @kind problem +* @precision very-high +* @problem.severity warning +* @tags external/autosar/id/a0-1-2 +* readability +* maintainability +* external/autosar/allocated-target/implementation +* external/autosar/enforcement/automated +* external/autosar/obligation/required +*/ import cpp import codingstandards.cpp.autosar import semmle.code.cpp.dataflow.DataFlow -// Type isEdgeCase(Expr expr) { -// // 1. c-style casts to void. -// expr.(CStyleCast).getUnderlyingType() -// // 2. Assignment to std::ignore -// } +predicate isStdIgnore(Element element) { + exists(NameQualifier nq | + nq.getQualifiedElement().toString() = "ignore" and + nq.toString() = "std::" and + element.toString() = "ignore" + ) +} + +/* The statement std::ignore = f() is not recognized an assignment; therefore, we do some painful acrobatics. */ +predicate isAssignment(FunctionCall assignment) { + exists(Operator operator | + assignment.getTarget() = operator and + operator.getName() = "operator=" and + // check if this is indeed an operator for assignment by checking if there are no overloads + not exists(operator.getAnOverload()) + ) +} + +predicate isAssignmentOperand(Expr operand) { + exists(FunctionCall assignment | isAssignment(assignment) and operand = assignment.getAChild()) +} -from CStyleCast expr -where any() -select expr, expr.getType() +predicate returnValueIsAssignedToStdIgnore(FunctionCall fc) { + isAssignmentOperand(fc) and exists(Element stdIgnore | isStdIgnore(stdIgnore)) +} /* * This query performs a simple syntactic check to ensure that the return value of the function is @@ -36,21 +52,29 @@ select expr, expr.getType() * access of `ret_val`. However, such a case _would_ be flagged by A0-1-1 - Useless assignment. */ -// from FunctionCall fc, Function f -// where -// not isExcluded(fc, DeadCodePackage::unusedReturnValueQuery()) and -// // Find function calls in `ExprStmt`s, which indicate the return value is ignored -// fc.getParent() instanceof ExprStmt and -// // Ignore calls to void functions, which don't return values -// not fc.getUnderlyingType() instanceof VoidType and -// // Get the function target -// f = fc.getTarget() and -// // Overloaded (i.e. user defined) operators should behave in the same way as built-in operators, -// // so the rule does not require the use of the return value -// not f instanceof Operator and -// // Exclude cases where the function call is generated within a macro, as the user of the macro is -// // not necessarily able to address thoes results -// not fc.isAffectedByMacro() and -// // Rule allows disabling this rule where a static_cast is applied -// not fc.getExplicitlyConverted().(StaticCast).getActualType() instanceof VoidType -// select fc, "Return value from call to $@ is unused.", f, f.getName() +from FunctionCall fc, Function f +where + not isExcluded(fc, DeadCodePackage::unusedReturnValueQuery()) and + // Find function calls in `ExprStmt`s, which indicate the return value is ignored + fc.getParent() instanceof ExprStmt and + // Ignore calls to void functions, which don't return values + not fc.getUnderlyingType() instanceof VoidType and + // Get the function target + f = fc.getTarget() and + // Overloaded (i.e. user defined) operators should behave in the same way as built-in operators, + // so the rule does not require the use of the return value + not f instanceof Operator and + // Exclude cases where the function call is generated within a macro, as the user of the macro is + // not necessarily able to address those results + not fc.isAffectedByMacro() and + // Rule allows disabling this rule where a static_cast or a C-style cast to void is applied + not ( + fc.getExplicitlyConverted().(StaticCast).getActualType() instanceof VoidType + or + exists(CStyleCast cast | + not cast.isCompilerGenerated() and + cast.getExpr() = fc + ) + ) and + not returnValueIsAssignedToStdIgnore(fc) +select fc, "Return value from call to $@ is unused.", f, f.getName() diff --git a/cpp/autosar/test/rules/A0-1-2/UnusedReturnValue.expected b/cpp/autosar/test/rules/A0-1-2/UnusedReturnValue.expected index d24d36e070..480b6d75a3 100644 --- a/cpp/autosar/test/rules/A0-1-2/UnusedReturnValue.expected +++ b/cpp/autosar/test/rules/A0-1-2/UnusedReturnValue.expected @@ -1 +1 @@ -| test.cpp:10:3:10:3 | call to f | Return value from call to $@ is unused. | test.cpp:1:5:1:5 | f | f | +| test.cpp:12:3:12:3 | call to f | Return value from call to $@ is unused. | test.cpp:3:5:3:5 | f | f | \ No newline at end of file diff --git a/cpp/autosar/test/rules/A0-1-2/test.cpp b/cpp/autosar/test/rules/A0-1-2/test.cpp index 9c7579a746..2be7122128 100644 --- a/cpp/autosar/test/rules/A0-1-2/test.cpp +++ b/cpp/autosar/test/rules/A0-1-2/test.cpp @@ -1,3 +1,5 @@ +#include + int f(); void g(int x); @@ -8,7 +10,8 @@ class A { void test_return_val() { f(); // NON_COMPLIANT - return value never read - static_cast(f()); // COMPLIANT + static_cast(f()); // COMPLIANT - explicitly ignoring the return value by + // static_cast to void. int x = f(); // COMPLIANT - according to the rule, even though it's not in // practice used because the unused assignment would be flagged // by A0-1-1 @@ -17,5 +20,9 @@ void test_return_val() { A a2; a1 + a2; // COMPLIANT - `+` is a call to operator+, but is permitted by the // rule - int y = (int)3; + + (void)f(); // COMPLIANT - explicitly ignoring the return value by C-style cast + // to void. + std::ignore = f(); // COMPLIANT - explicitly ignoring the return value by + // assigning to std::ignore. } diff --git a/cpp/common/test/includes/standard-library/tuple.h b/cpp/common/test/includes/standard-library/tuple.h index 93ccc2fa8a..21874e6d28 100644 --- a/cpp/common/test/includes/standard-library/tuple.h +++ b/cpp/common/test/includes/standard-library/tuple.h @@ -1,11 +1,12 @@ namespace std { template class tuple {}; template std::tuple make_tuple(Types &&...args); -// TODO change this to example from cpp standard +// TODO change this to example from cpp standard struct ignore_t { - template - constexpr // required since C++14 - void operator=(T&&) const noexcept {} + template + constexpr // required since C++14 + void + operator=(T &&) const noexcept {} }; inline constexpr std::ignore_t ignore; // 'const' only until C++17 -} // namespace std \ No newline at end of file +} // namespace std From c59d66efe0e4780443debe550782b9a60223b06f Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Thu, 2 Feb 2023 16:09:26 -0800 Subject: [PATCH 0382/2573] minor formatting for qldoc --- .../src/rules/A0-1-2/UnusedReturnValue.ql | 28 +++++++++---------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/cpp/autosar/src/rules/A0-1-2/UnusedReturnValue.ql b/cpp/autosar/src/rules/A0-1-2/UnusedReturnValue.ql index cf10709631..3a7309710a 100644 --- a/cpp/autosar/src/rules/A0-1-2/UnusedReturnValue.ql +++ b/cpp/autosar/src/rules/A0-1-2/UnusedReturnValue.ql @@ -1,18 +1,18 @@ /** -* @id cpp/autosar/unused-return-value -* @name A0-1-2: Unused return value -* @description The value returned by a function having a non-void return type that is not an -* overloaded operator shall be used. -* @kind problem -* @precision very-high -* @problem.severity warning -* @tags external/autosar/id/a0-1-2 -* readability -* maintainability -* external/autosar/allocated-target/implementation -* external/autosar/enforcement/automated -* external/autosar/obligation/required -*/ + * @id cpp/autosar/unused-return-value + * @name A0-1-2: Unused return value + * @description The value returned by a function having a non-void return type that is not an + * overloaded operator shall be used. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/autosar/id/a0-1-2 + * readability + * maintainability + * external/autosar/allocated-target/implementation + * external/autosar/enforcement/automated + * external/autosar/obligation/required + */ import cpp import codingstandards.cpp.autosar From b8d2b95e8f1c7fc429b304b64e7d0796624f31e1 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Thu, 2 Feb 2023 18:09:20 -0800 Subject: [PATCH 0383/2573] s/COMPILANT/COMPLIANT/ --- c/misra/test/rules/RULE-6-1/test.c | 8 ++++---- c/misra/test/rules/RULE-6-2/test.c | 14 +++++++------- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/c/misra/test/rules/RULE-6-1/test.c b/c/misra/test/rules/RULE-6-1/test.c index 0271ed1e32..be9d2a13ca 100644 --- a/c/misra/test/rules/RULE-6-1/test.c +++ b/c/misra/test/rules/RULE-6-1/test.c @@ -4,12 +4,12 @@ enum Color { R, G, B }; struct SampleStruct { int x1 : 2; // NON_COMPLIANT - not explicitly signed or unsigned - unsigned int x2 : 2; // COMPILANT - explicitly unsigned - signed int x3 : 2; // COMPILANT - explicitly signed + unsigned int x2 : 2; // COMPLIANT - explicitly unsigned + signed int x3 : 2; // COMPLIANT - explicitly signed UINT16 x4 : 2; // COMPLIANT - type alias resolves to a compliant type signed long x5 : 2; // NON_COMPLIANT - cannot declare bit field for long, even // if it's signed - signed char x6 : 2; // NON_COMPILANT - cannot declare bit field for char, even + signed char x6 : 2; // NON_COMPLIANT - cannot declare bit field for char, even // if it's signed - enum Color x7 : 3; // NON_COMPILANT - cannot declare bit field for enum + enum Color x7 : 3; // NON_COMPLIANT - cannot declare bit field for enum } sample_struct; diff --git a/c/misra/test/rules/RULE-6-2/test.c b/c/misra/test/rules/RULE-6-2/test.c index b3eaa0dd0e..8182dfdb5d 100644 --- a/c/misra/test/rules/RULE-6-2/test.c +++ b/c/misra/test/rules/RULE-6-2/test.c @@ -1,17 +1,17 @@ #include struct SampleStruct { - int x1 : 1; // NON_COMPILANT: very likely be signed, but if it's not, the + int x1 : 1; // NON_COMPLIANT: very likely be signed, but if it's not, the // query will automatically handle it since we use signed(), not // isExplicitlySigned(). - signed int x2 : 1; // NON_COMPILANT: single-bit named field with a signed type + signed int x2 : 1; // NON_COMPLIANT: single-bit named field with a signed type signed char - x3 : 1; // NON_COMPILANT: single-bit named field with a signed type + x3 : 1; // NON_COMPLIANT: single-bit named field with a signed type signed short - x4 : 1; // NON_COMPILANT: single-bit named field with a signed type + x4 : 1; // NON_COMPLIANT: single-bit named field with a signed type unsigned int - x5 : 1; // COMPILANT: single-bit named field but with an unsigned type - signed int x6 : 2; // COMPILANT: named field with a signed type but declared + x5 : 1; // COMPLIANT: single-bit named field but with an unsigned type + signed int x6 : 2; // COMPLIANT: named field with a signed type but declared // to carry more than 1 bit - signed char : 1; // COMPILANT: single-bit bit-field but unnamed + signed char : 1; // COMPLIANT: single-bit bit-field but unnamed } sample_struct; From 9c20bfc065041af4e27e07ff98f251c60d9aeee1 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Fri, 3 Feb 2023 12:52:50 +0100 Subject: [PATCH 0384/2573] Update development_handbook.md --- docs/development_handbook.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/docs/development_handbook.md b/docs/development_handbook.md index 22bb18821c..1d1a9a0584 100644 --- a/docs/development_handbook.md +++ b/docs/development_handbook.md @@ -32,9 +32,7 @@ | 0.24.0 | 2022-07-05 | Remco Vermeulen | Update release process to include steps for external help files. | | 0.25.0 | 2022-07-22 | Jeroen Ketema | Document the existence and purpose of the `next` branch. | | 0.26.0 | 2022-08-10 | Remco Vermeulen | Address incorrect package file generation command. This was missing the required language argument. - | | 0.27.0 | 2022-11-08 | Luke Cartey | Update the versions of C we intend to support to exclude C90, which reflects the intended scope at the outset of the project. - | | 0.28.0 | 2023-01-27 | David Bartolomeo | Add section on installing QL dependencies and update CLI commands to account for the migration to CodeQL packs. ## Scope of work From 714e04c6c6bbb016407b97a2876a7fd97b18713e Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Fri, 3 Feb 2023 09:40:57 -0800 Subject: [PATCH 0385/2573] revise A0-1-2 to also match VoidType --- cpp/autosar/src/rules/A0-1-2/UnusedReturnValue.ql | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/cpp/autosar/src/rules/A0-1-2/UnusedReturnValue.ql b/cpp/autosar/src/rules/A0-1-2/UnusedReturnValue.ql index 3a7309710a..f21bb5f8fc 100644 --- a/cpp/autosar/src/rules/A0-1-2/UnusedReturnValue.ql +++ b/cpp/autosar/src/rules/A0-1-2/UnusedReturnValue.ql @@ -73,7 +73,8 @@ where or exists(CStyleCast cast | not cast.isCompilerGenerated() and - cast.getExpr() = fc + cast.getExpr() = fc and + cast.getActualType() instanceof VoidType ) ) and not returnValueIsAssignedToStdIgnore(fc) From b1e204db0a5bfaaa0fe58bc1c19bc5eca7c0d0df Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Fri, 3 Feb 2023 12:48:43 -0800 Subject: [PATCH 0386/2573] minor comment fix --- cpp/autosar/src/rules/A0-1-2/UnusedReturnValue.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/src/rules/A0-1-2/UnusedReturnValue.ql b/cpp/autosar/src/rules/A0-1-2/UnusedReturnValue.ql index f21bb5f8fc..ed7c7652c7 100644 --- a/cpp/autosar/src/rules/A0-1-2/UnusedReturnValue.ql +++ b/cpp/autosar/src/rules/A0-1-2/UnusedReturnValue.ql @@ -26,7 +26,7 @@ predicate isStdIgnore(Element element) { ) } -/* The statement std::ignore = f() is not recognized an assignment; therefore, we do some painful acrobatics. */ +/* The statement std::ignore = f() is not recognized an assignment; therefore, we do some painful gymnastics. */ predicate isAssignment(FunctionCall assignment) { exists(Operator operator | assignment.getTarget() = operator and From a1eed7505849fbb80a67686298f9f632eae4cbcd Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Fri, 3 Feb 2023 12:49:02 -0800 Subject: [PATCH 0387/2573] add test.cpp for A0-1-4 --- .../test/rules/unusedparameter/test.cpp | 39 ++++++++++++------- 1 file changed, 26 insertions(+), 13 deletions(-) diff --git a/cpp/common/test/rules/unusedparameter/test.cpp b/cpp/common/test/rules/unusedparameter/test.cpp index 69cda46281..da992a1e5a 100644 --- a/cpp/common/test/rules/unusedparameter/test.cpp +++ b/cpp/common/test/rules/unusedparameter/test.cpp @@ -18,16 +18,29 @@ class A { virtual void d(int x, int y) {} // virtual, not covered by this rule }; - void f( - int i, - int j, - int k, - [[maybe_unused]] - int l // NON_COMPILANT: maybe_unused parameters should also be considered unused - ) { - static_cast(i); // NON_COMPILANT: static_cast to void should also be considered unused - (void)j; // NON_COMPILANT: C-style void casts should also be considered unused - std::ignore = k; // NON_COMPILANT: Assignment to std::ignore should also be considered unused - } - -void test_no_def(int x); // COMPLIANT - no definition, so cannot be "unused" \ No newline at end of file +void f( + int i, // COMPLIANT + int j, // COMPLIANT + int k, // COMPLIANT + [[maybe_unused]] int l // COMPLIANT: explicitly stated as [[maybe_unused]] +) { + static_cast(i); // COMPLIANT: explicitly ignored by static_cast to void + (void)j; // COMPLIANT: explicitly ignored by c-style cast to void + std::ignore = k; // COMPLIANT: explicitly ignored by assignment to std::ignore +} + +void test_lambda_expr() { + auto lambda = + [](int x, // COMPLIANT: used + int y, // NON_COMPLIANT: unused without explicit notice + [[maybe_unused]] int z, // COMPLIANT: stdattribute [[maybe_unused]] + int w, // COMPLIANT: static_cast to void + int u, // COMPLIANT: c-style cast to void + int) { // COMPLIANT: unnamed parameter + static_cast(w); + (void)u; + return x; + }; +} + +void test_no_def(int x); // COMPLIANT - no definition, so cannot be "unused" From 09ab74ea7670a0043c396c9e6eef496438033f39 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Fri, 3 Feb 2023 12:49:42 -0800 Subject: [PATCH 0388/2573] checkpoint: attempt to catch unused parameters in lambdaexpr --- .../cpp/deadcode/UnusedParameters.qll | 54 ++++++++++++------- .../rules/unusedparameter/UnusedParameter.qll | 28 ++++++++-- 2 files changed, 59 insertions(+), 23 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/deadcode/UnusedParameters.qll b/cpp/common/src/codingstandards/cpp/deadcode/UnusedParameters.qll index a7cb976307..5415ef0699 100644 --- a/cpp/common/src/codingstandards/cpp/deadcode/UnusedParameters.qll +++ b/cpp/common/src/codingstandards/cpp/deadcode/UnusedParameters.qll @@ -1,40 +1,56 @@ /** - * A library for identifying parameters which may be unused. - */ +* A library for identifying parameters which may be unused. +*/ import cpp /** - * A `Parameter` which is "usable" within the function. - * - * For this to be the case, the `Function` must have a definition, and that definition must include - * a body block, and the parameter must be a named parameter. - */ +* A `Parameter` which is "usable" within the function. +* +* For this to be the case, the `Function` must have a definition, and that definition must include +* a body block, and the parameter must be a named parameter. +*/ class UsableParameter extends Parameter { UsableParameter() { - // Find the function associated with the parameter - exists(Function f | this = f.getAParameter() | - // Must have the definition of the function, not just the declaration - f.hasDefinition() and - // There must be a body block associated with the function, otherwise the parameter cannot - // possibly be used - exists(f.getBlock()) - ) and + ( + /* Regular Function */ + // Find the function associated with the parameter + exists(Function f | this = f.getAParameter() | + // Must have the definition of the function, not just the declaration + f.hasDefinition() and + // There must be a body block associated with the function, otherwise the parameter cannot + // possibly be used + exists(f.getBlock()) + ) + or + /* Lambda Expression */ + // Find the function associated with the parameter + exists(LambdaExpression lambda, Function f | + this = lambda.getLambdaFunction().getParameter(_) + | + // Must have the definition of the function, not just the declaration + lambda.getLambdaFunction() = f and + f.hasDefinition() and + // There must be a body block associated with the function, otherwise the parameter cannot + // possibly be used + exists(f.getBlock()) + ) + ) and // Must be a named parameter, because unnamed parameters cannot be referenced isNamed() } } /** - * A `Parameter` which is usable but not directly used in the local context. - */ +* A `Parameter` which is usable but not directly used in the local context. +*/ class UnusedParameter extends UsableParameter { UnusedParameter() { not this instanceof UsedParameter } } /** - * A `Parameter` which is used in the local context. - */ +* A `Parameter` which is used in the local context. +*/ class UsedParameter extends UsableParameter { UsedParameter() { // An access to the parameter exists in the function body diff --git a/cpp/common/src/codingstandards/cpp/rules/unusedparameter/UnusedParameter.qll b/cpp/common/src/codingstandards/cpp/rules/unusedparameter/UnusedParameter.qll index 4258bbf129..e176887b90 100644 --- a/cpp/common/src/codingstandards/cpp/rules/unusedparameter/UnusedParameter.qll +++ b/cpp/common/src/codingstandards/cpp/rules/unusedparameter/UnusedParameter.qll @@ -1,6 +1,6 @@ /** - * Provides a library which includes a `problems` predicate for reporting unused parameters. - */ +* Provides a library which includes a `problems` predicate for reporting unused parameters. +*/ import cpp import codingstandards.cpp.Customizations @@ -11,11 +11,31 @@ abstract class UnusedParameterSharedQuery extends Query { } Query getQuery() { result instanceof UnusedParameterSharedQuery } +predicate isMaybeUnusedParameter(Parameter parameter) { + parameter.getAnAttribute().toString() = "maybe_unused" +} + +// query +predicate isLambdaParameter(Parameter parameter) { + exists(LambdaExpression lambda | lambda.getLambdaFunction().getParameter(_) = parameter) +} + +// query +predicate isLambdaMaybeUnusedParameter(Parameter parameter) { + exists(LambdaExpression lambda | lambda.getLambdaFunction().getParameter(_) = parameter) and + isMaybeUnusedParameter(parameter) +} + +query predicate lambdaExprParamHasAccess(Parameter parameter) { + exists(VariableAccess va | isLambdaParameter(parameter) and parameter.getAnAccess() = va) +} + query predicate problems(UnusedParameter p, string message, Function f, string fName) { not isExcluded(p, getQuery()) and - f = p.getFunction() and + (not isMaybeUnusedParameter(p) and + f = p.getFunction() and // Virtual functions are covered by a different rule - not f.isVirtual() and + not f.isVirtual()) and message = "Unused parameter '" + p.getName() + "' for function $@." and fName = f.getQualifiedName() } From 23a1bc32b2200aa69e78bf2a18de11d8d4bf9a8b Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Fri, 3 Feb 2023 12:58:08 -0800 Subject: [PATCH 0389/2573] Finalize A0-1-4 except finding a good fName --- .../rules/unusedparameter/UnusedParameter.qll | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/unusedparameter/UnusedParameter.qll b/cpp/common/src/codingstandards/cpp/rules/unusedparameter/UnusedParameter.qll index e176887b90..468d804f14 100644 --- a/cpp/common/src/codingstandards/cpp/rules/unusedparameter/UnusedParameter.qll +++ b/cpp/common/src/codingstandards/cpp/rules/unusedparameter/UnusedParameter.qll @@ -1,6 +1,6 @@ /** -* Provides a library which includes a `problems` predicate for reporting unused parameters. -*/ + * Provides a library which includes a `problems` predicate for reporting unused parameters. + */ import cpp import codingstandards.cpp.Customizations @@ -11,7 +11,7 @@ abstract class UnusedParameterSharedQuery extends Query { } Query getQuery() { result instanceof UnusedParameterSharedQuery } -predicate isMaybeUnusedParameter(Parameter parameter) { +query predicate isMaybeUnusedParameter(Parameter parameter) { parameter.getAnAttribute().toString() = "maybe_unused" } @@ -32,10 +32,13 @@ query predicate lambdaExprParamHasAccess(Parameter parameter) { query predicate problems(UnusedParameter p, string message, Function f, string fName) { not isExcluded(p, getQuery()) and - (not isMaybeUnusedParameter(p) and - f = p.getFunction() and - // Virtual functions are covered by a different rule - not f.isVirtual()) and + ( + not isMaybeUnusedParameter(p) and + f = p.getFunction() and + // Virtual functions are covered by a different rule + not f.isVirtual() + ) and message = "Unused parameter '" + p.getName() + "' for function $@." and - fName = f.getQualifiedName() + // fName = f.getQualifiedName() + fName = "TODO." } From 51ff26cbca2b81ab81a0ae5e908e6b94f62cd645 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Fri, 3 Feb 2023 13:10:34 -0800 Subject: [PATCH 0390/2573] clang-format --- cpp/common/test/rules/unusedparameter/test.cpp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cpp/common/test/rules/unusedparameter/test.cpp b/cpp/common/test/rules/unusedparameter/test.cpp index da992a1e5a..a1c198f3a5 100644 --- a/cpp/common/test/rules/unusedparameter/test.cpp +++ b/cpp/common/test/rules/unusedparameter/test.cpp @@ -19,9 +19,9 @@ class A { }; void f( - int i, // COMPLIANT - int j, // COMPLIANT - int k, // COMPLIANT + int i, // COMPLIANT + int j, // COMPLIANT + int k, // COMPLIANT [[maybe_unused]] int l // COMPLIANT: explicitly stated as [[maybe_unused]] ) { static_cast(i); // COMPLIANT: explicitly ignored by static_cast to void From 1ff8c86f9ce2f1e15addfe45a128294ce9b7be45 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Fri, 3 Feb 2023 13:49:07 -0800 Subject: [PATCH 0391/2573] format UnusedReturnValue.ql --- .../cpp/deadcode/UnusedParameters.qll | 48 +++++++++---------- .../rules/unusedparameter/UnusedParameter.qll | 2 - 2 files changed, 24 insertions(+), 26 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/deadcode/UnusedParameters.qll b/cpp/common/src/codingstandards/cpp/deadcode/UnusedParameters.qll index 5415ef0699..dc2e24f1b1 100644 --- a/cpp/common/src/codingstandards/cpp/deadcode/UnusedParameters.qll +++ b/cpp/common/src/codingstandards/cpp/deadcode/UnusedParameters.qll @@ -1,56 +1,56 @@ /** -* A library for identifying parameters which may be unused. -*/ + * A library for identifying parameters which may be unused. + */ import cpp /** -* A `Parameter` which is "usable" within the function. -* -* For this to be the case, the `Function` must have a definition, and that definition must include -* a body block, and the parameter must be a named parameter. -*/ + * A `Parameter` which is "usable" within the function. + * + * For this to be the case, the `Function` must have a definition, and that definition must include + * a body block, and the parameter must be a named parameter. + */ class UsableParameter extends Parameter { UsableParameter() { ( /* Regular Function */ // Find the function associated with the parameter - exists(Function f | this = f.getAParameter() | + exists(Function f | this = f.getAParameter() | // Must have the definition of the function, not just the declaration - f.hasDefinition() and + f.hasDefinition() and // There must be a body block associated with the function, otherwise the parameter cannot // possibly be used - exists(f.getBlock()) - ) - or + exists(f.getBlock()) + ) + or /* Lambda Expression */ // Find the function associated with the parameter - exists(LambdaExpression lambda, Function f | - this = lambda.getLambdaFunction().getParameter(_) - | + exists(LambdaExpression lambda, Function f | + this = lambda.getLambdaFunction().getParameter(_) + | // Must have the definition of the function, not just the declaration - lambda.getLambdaFunction() = f and - f.hasDefinition() and + lambda.getLambdaFunction() = f and + f.hasDefinition() and // There must be a body block associated with the function, otherwise the parameter cannot // possibly be used - exists(f.getBlock()) - ) - ) and + exists(f.getBlock()) + ) + ) and // Must be a named parameter, because unnamed parameters cannot be referenced isNamed() } } /** -* A `Parameter` which is usable but not directly used in the local context. -*/ + * A `Parameter` which is usable but not directly used in the local context. + */ class UnusedParameter extends UsableParameter { UnusedParameter() { not this instanceof UsedParameter } } /** -* A `Parameter` which is used in the local context. -*/ + * A `Parameter` which is used in the local context. + */ class UsedParameter extends UsableParameter { UsedParameter() { // An access to the parameter exists in the function body diff --git a/cpp/common/src/codingstandards/cpp/rules/unusedparameter/UnusedParameter.qll b/cpp/common/src/codingstandards/cpp/rules/unusedparameter/UnusedParameter.qll index 468d804f14..c20f5785f6 100644 --- a/cpp/common/src/codingstandards/cpp/rules/unusedparameter/UnusedParameter.qll +++ b/cpp/common/src/codingstandards/cpp/rules/unusedparameter/UnusedParameter.qll @@ -15,12 +15,10 @@ query predicate isMaybeUnusedParameter(Parameter parameter) { parameter.getAnAttribute().toString() = "maybe_unused" } -// query predicate isLambdaParameter(Parameter parameter) { exists(LambdaExpression lambda | lambda.getLambdaFunction().getParameter(_) = parameter) } -// query predicate isLambdaMaybeUnusedParameter(Parameter parameter) { exists(LambdaExpression lambda | lambda.getLambdaFunction().getParameter(_) = parameter) and isMaybeUnusedParameter(parameter) From a374f99f283cde35f7dc47ec836c9d9e3d7801f3 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 3 Feb 2023 17:08:20 -0500 Subject: [PATCH 0392/2573] work --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index 7b35bf5ead..2d05d38787 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,4 +1,4 @@ -// A POD class. +// A POD class.. struct A { int f; int f2; From a390e548a8fe6906d349970340a8d9021dcb0439 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Mon, 6 Feb 2023 12:43:57 +0100 Subject: [PATCH 0393/2573] Update EXP43-C query and test Replace local with global data-flow. Modify the query implementation to detect violations of aliasing at block rather than statement scope as defined in the standard. --- ...trictPointerReferencesOverlappingObject.ql | 37 ++++++++++++------- ...ointerReferencesOverlappingObject.expected | 2 + c/cert/test/rules/EXP43-C/test.c | 4 +- 3 files changed, 27 insertions(+), 16 deletions(-) diff --git a/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql b/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql index e382814ba1..8974b835b6 100644 --- a/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql +++ b/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql @@ -39,8 +39,26 @@ Variable getAddressOfExprTargetBase(AddressOfExpr expr) { result = expr.getOperand().(VariableAccess).getTarget() } +/** + * A data-flow configuration for tracking flow from an assignment or initialization to + * an assignment to an `AssignmentOrInitializationToRestrictPtrValueExpr`. + */ +class AssignedValueToRestrictPtrValueConfiguration extends DataFlow::Configuration { + AssignedValueToRestrictPtrValueConfiguration() { + this = "AssignmentOrInitializationToRestrictPtrValueConfiguration" + } + + override predicate isSource(DataFlow::Node source) { + exists(Variable v | source.asExpr() = v.getAnAssignedValue()) + } + + override predicate isSink(DataFlow::Node sink) { + sink.asExpr() instanceof AssignmentOrInitializationToRestrictPtrValueExpr + } +} + from - AssignmentOrInitializationToRestrictPtrValueExpr source, + AssignedValueToRestrictPtrValueConfiguration config, DataFlow::Node sourceValue, AssignmentOrInitializationToRestrictPtrValueExpr expr, AssignmentOrInitializationToRestrictPtrValueExpr pre_expr where @@ -49,23 +67,14 @@ where // If the same expressions flows to two unique `AssignmentOrInitializationToRestrictPtrValueExpr` // in the same block, then the two variables point to the same (overlapping) object expr.getEnclosingBlock() = pre_expr.getEnclosingBlock() and - strictlyDominates(pre_expr, expr) and ( - dominates(source, pre_expr) and - DataFlow::localExprFlow(source, expr) and - DataFlow::localExprFlow(source, pre_expr) + config.hasFlow(sourceValue, DataFlow::exprNode(pre_expr)) and + config.hasFlow(sourceValue, DataFlow::exprNode(expr)) or // Expressions referring to the address of the same variable can also result in aliasing - getAddressOfExprTargetBase(expr) = getAddressOfExprTargetBase(pre_expr) and - source = - any(AddressOfExpr ao | getAddressOfExprTargetBase(ao) = getAddressOfExprTargetBase(expr)) + getAddressOfExprTargetBase(expr) = getAddressOfExprTargetBase(pre_expr) ) and - // But only if there is no intermediate assignment that could change the value of one of the variables - not exists(AssignmentOrInitializationToRestrictPtrValueExpr mid | - strictlyDominates(mid, expr) and - strictlyDominates(pre_expr, mid) and - not DataFlow::localExprFlow(source, mid) - ) + strictlyDominates(pragma[only_bind_out](pre_expr), pragma[only_bind_out](expr)) or // Two restrict-qualified pointers in the same scope assigned to each other expr.(VariableAccess).getTarget().getType().hasSpecifier("restrict") and diff --git a/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected b/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected index 66aa8ff233..cd389fcde3 100644 --- a/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected +++ b/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected @@ -1,6 +1,8 @@ | test.c:18:22:18:23 | i2 | Assignment to restrict-qualified pointer $@ results in pointer aliasing. | test.c:18:17:18:18 | i3 | i3 | | test.c:19:8:19:9 | g2 | Assignment to restrict-qualified pointer $@ results in pointer aliasing. | test.c:5:15:5:16 | g1 | g1 | | test.c:20:8:20:9 | i2 | Assignment to restrict-qualified pointer $@ results in pointer aliasing. | test.c:16:17:16:18 | i1 | i1 | +| test.c:27:10:27:11 | g1 | Assignment to restrict-qualified pointer $@ results in pointer aliasing. | test.c:23:19:23:20 | i5 | i5 | | test.c:28:10:28:11 | g1 | Assignment to restrict-qualified pointer $@ results in pointer aliasing. | test.c:22:19:22:20 | i4 | i4 | | test.c:39:22:39:26 | & ... | Assignment to restrict-qualified pointer $@ results in pointer aliasing. | test.c:39:17:39:18 | px | px | +| test.c:45:10:45:14 | & ... | Assignment to restrict-qualified pointer $@ results in pointer aliasing. | test.c:42:19:42:20 | pz | pz | | test.c:46:10:46:14 | & ... | Assignment to restrict-qualified pointer $@ results in pointer aliasing. | test.c:41:19:41:20 | py | py | diff --git a/c/cert/test/rules/EXP43-C/test.c b/c/cert/test/rules/EXP43-C/test.c index 468aa354d2..705c2a171a 100644 --- a/c/cert/test/rules/EXP43-C/test.c +++ b/c/cert/test/rules/EXP43-C/test.c @@ -24,7 +24,7 @@ void test_global_local() { int *restrict i6; i4 = g1; // COMPLIANT i4 = (void *)0; // COMPLIANT - i5 = g1; // COMPLIANT + i5 = g1; // NON_COMPLIANT - block rather than statement scope matters i4 = g1; // NON_COMPLIANT i6 = g2; // COMPLIANT } @@ -42,7 +42,7 @@ void test_structs() { int *restrict pz; py = &v1.y; // COMPLIANT py = (int *)0; - pz = &v1.z; // COMPLIANT + pz = &v1.z; // NON_COMPLIANT - block rather than statement scope matters py = &v1.y; // NON_COMPLIANT } } From 336e23a3e2c3d7f76e5858851b118d64c6eeb49f Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 6 Feb 2023 09:37:06 -0500 Subject: [PATCH 0394/2573] undo changes to test file --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index 2d05d38787..98c8058219 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,4 +1,4 @@ -// A POD class.. +// A POD class struct A { int f; int f2; From e2e89f8a88fdd18e90cb6ab37e7034e349812952 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 6 Feb 2023 10:51:22 -0500 Subject: [PATCH 0395/2573] dispatch release testing --- .../dispatch-release-performance-check.yml | 36 +++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 .github/workflows/dispatch-release-performance-check.yml diff --git a/.github/workflows/dispatch-release-performance-check.yml b/.github/workflows/dispatch-release-performance-check.yml new file mode 100644 index 0000000000..0afc5aae7c --- /dev/null +++ b/.github/workflows/dispatch-release-performance-check.yml @@ -0,0 +1,36 @@ +name: 🏁 Run Release Performance Check + +on: + push: + branches: + - main + - "rc/**" + - next + pull_request: + branches: + - "**" + workflow_dispatch: + +jobs: + dispatch-matrix-check: + runs-on: ubuntu-latest + steps: + + - name: Dispatch Performance Testing Job + uses: peter-evans/repository-dispatch@v2 + with: + token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} + repository: github/codeql-coding-standards-release-engineering + event-type: performance-test + client-payload: '{"pr": "${{ github.event.number }}"}' + + + - uses: actions/github-script@v6 + with: + script: | + github.rest.issues.createComment({ + issue_number: context.issue.number, + owner: context.repo.owner, + repo: context.repo.repo, + body: '🏁 Beep Boop! Performance testing for this PR has been initiated. Please check back later for results. Note that the query package generation step must complete before testing will start so it might be a minute.

:bulb: If you do not hear back from me please check my status! **I will report even if this PR does not contain files eligible for matrix testing.**' + }) \ No newline at end of file From 78acc97edd5b23eec43345fc514ffa6c9f70a85c Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 6 Feb 2023 16:53:55 +0100 Subject: [PATCH 0396/2573] Add properties to qlpack.yml files --- c/cert/src/qlpack.yml | 3 +++ c/cert/test/qlpack.yml | 1 + c/common/src/qlpack.yml | 1 + c/common/test/qlpack.yml | 1 + c/misra/src/qlpack.yml | 3 +++ c/misra/test/qlpack.yml | 1 + cpp/autosar/src/qlpack.yml | 3 +++ cpp/autosar/test/qlpack.yml | 1 + cpp/cert/src/qlpack.yml | 3 +++ cpp/cert/test/qlpack.yml | 1 + cpp/common/src/qlpack.yml | 1 + cpp/common/test/qlpack.yml | 1 + cpp/misra/src/qlpack.yml | 1 + cpp/misra/test/qlpack.yml | 1 + cpp/report/src/qlpack.yml | 1 + scripts/generate_modules/queries/qlpack.yml | 1 + 16 files changed, 24 insertions(+) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index 4e8696753c..51f0b7642b 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,6 +1,9 @@ name: codeql/cert-c-coding-standards version: 2.13.0-dev +description: CERT C 2016 suites: codeql-suites +defaultSuiteFile: codeql-suites/cert-default.qls +license: MIT dependencies: codeql/common-c-coding-standards: '*' codeql/cpp-all: 0.2.3 diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index 94d0f1f703..a5abfa9649 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,5 +1,6 @@ name: codeql/cert-c-coding-standards-tests version: 2.13.0-dev extractor: cpp +license: MIT dependencies: codeql/cert-c-coding-standards: '*' diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 32d6970588..507b04d9dd 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,5 +1,6 @@ name: codeql/common-c-coding-standards version: 2.13.0-dev +license: MIT dependencies: codeql/common-cpp-coding-standards: '*' codeql/cpp-all: 0.2.3 diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index 1988c80f77..4adc7808cd 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,5 +1,6 @@ name: codeql/common-c-coding-standards-tests version: 2.13.0-dev extractor: cpp +license: MIT dependencies: codeql/common-c-coding-standards: '*' diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index e885ea299c..2f140abac5 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,6 +1,9 @@ name: codeql/misra-c-coding-standards version: 2.13.0-dev +description: MISRA C 2012 suites: codeql-suites +defaultSuiteFile: codeql-suites/misra-default.qls +license: MIT dependencies: codeql/common-c-coding-standards: '*' codeql/cpp-all: 0.2.3 diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index 80f708e69a..8affcf40b0 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,5 +1,6 @@ name: codeql/misra-c-coding-standards-tests version: 2.13.0-dev extractor: cpp +license: MIT dependencies: codeql/misra-c-coding-standards: '*' diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index 2c9e235ac4..f61a1205d1 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,6 +1,9 @@ name: codeql/autosar-cpp-coding-standards version: 2.13.0-dev +description: AUTOSAR C++14 Guidelines 20-11 suites: codeql-suites +defaultSuiteFile: codeql-suites/autosar-default.qls +license: MIT dependencies: codeql/common-cpp-coding-standards: '*' codeql/cpp-all: 0.2.3 diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index 9757b3dc4e..8b07be43ef 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,5 +1,6 @@ name: codeql/autosar-cpp-coding-standards-tests version: 2.13.0-dev extractor: cpp +license: MIT dependencies: codeql/autosar-cpp-coding-standards: '*' diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index b2bfe797ba..e539039367 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,6 +1,9 @@ name: codeql/cert-cpp-coding-standards version: 2.13.0-dev +description: CERT C++ 2016 suites: codeql-suites +defaultSuiteFile: codeql-suites/cert-default.qls +license: MIT dependencies: codeql/cpp-all: 0.2.3 codeql/common-cpp-coding-standards: '*' diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index f5fc44e682..2badf1e20c 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,5 +1,6 @@ name: codeql/cert-cpp-coding-standards-tests version: 2.13.0-dev extractor: cpp +license: MIT dependencies: codeql/cert-cpp-coding-standards: '*' diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index f52cad36f0..d0c449086f 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,4 +1,5 @@ name: codeql/common-cpp-coding-standards version: 2.13.0-dev +license: MIT dependencies: codeql/cpp-all: 0.2.3 diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index ab68ae894e..19e27618e2 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,5 +1,6 @@ name: codeql/common-cpp-coding-standards-tests version: 2.13.0-dev extractor: cpp +license: MIT dependencies: codeql/common-cpp-coding-standards: '*' diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index 98e6234d99..ea3f5cbd5f 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,5 +1,6 @@ name: codeql/misra-cpp-coding-standards version: 2.13.0-dev +license: MIT dependencies: codeql/common-cpp-coding-standards: '*' codeql/cpp-all: 0.2.3 diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index bc07630c8f..f1f98fb65b 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,5 +1,6 @@ name: codeql/misra-cpp-coding-standards-tests version: 2.13.0-dev extractor: cpp +license: MIT dependencies: codeql/misra-cpp-coding-standards: '*' \ No newline at end of file diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index 974b048917..3587858997 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,4 +1,5 @@ name: codeql/report-cpp-coding-standards version: 2.13.0-dev +license: MIT dependencies: codeql/cpp-all: 0.2.3 diff --git a/scripts/generate_modules/queries/qlpack.yml b/scripts/generate_modules/queries/qlpack.yml index 61cf146c4d..29906305c6 100644 --- a/scripts/generate_modules/queries/qlpack.yml +++ b/scripts/generate_modules/queries/qlpack.yml @@ -1,4 +1,5 @@ name: codeql/standard-library-extraction-cpp-coding-standards version: 0.0.0 +license: MIT dependencies: codeql/cpp-all: 0.2.3 From 0a966402a8b48900b8323ed096363b9123f03cc5 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Mon, 6 Feb 2023 08:27:11 -0800 Subject: [PATCH 0397/2573] clean up namespace, distinguish between lambda param and function params --- .../rules/unusedparameter/UnusedParameter.qll | 30 +++++++++---------- 1 file changed, 14 insertions(+), 16 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/unusedparameter/UnusedParameter.qll b/cpp/common/src/codingstandards/cpp/rules/unusedparameter/UnusedParameter.qll index c20f5785f6..908cb90e43 100644 --- a/cpp/common/src/codingstandards/cpp/rules/unusedparameter/UnusedParameter.qll +++ b/cpp/common/src/codingstandards/cpp/rules/unusedparameter/UnusedParameter.qll @@ -11,7 +11,7 @@ abstract class UnusedParameterSharedQuery extends Query { } Query getQuery() { result instanceof UnusedParameterSharedQuery } -query predicate isMaybeUnusedParameter(Parameter parameter) { +predicate isMaybeUnusedParameter(Parameter parameter) { parameter.getAnAttribute().toString() = "maybe_unused" } @@ -19,24 +19,22 @@ predicate isLambdaParameter(Parameter parameter) { exists(LambdaExpression lambda | lambda.getLambdaFunction().getParameter(_) = parameter) } -predicate isLambdaMaybeUnusedParameter(Parameter parameter) { - exists(LambdaExpression lambda | lambda.getLambdaFunction().getParameter(_) = parameter) and - isMaybeUnusedParameter(parameter) -} - -query predicate lambdaExprParamHasAccess(Parameter parameter) { - exists(VariableAccess va | isLambdaParameter(parameter) and parameter.getAnAccess() = va) -} - query predicate problems(UnusedParameter p, string message, Function f, string fName) { not isExcluded(p, getQuery()) and - ( + if isLambdaParameter(p) + then ( + not isMaybeUnusedParameter(p) and + f = p.getFunction() and + // Virtual functions are covered by a different rule + not f.isVirtual() and + message = "Unused parameter '" + p.getName() + "' for function $@." and + fName = "lambda expression" + ) else ( not isMaybeUnusedParameter(p) and f = p.getFunction() and // Virtual functions are covered by a different rule - not f.isVirtual() - ) and - message = "Unused parameter '" + p.getName() + "' for function $@." and - // fName = f.getQualifiedName() - fName = "TODO." + not f.isVirtual() and + message = "Unused parameter '" + p.getName() + "' for function $@." and + fName = f.getQualifiedName() + ) } From 84176bc727ac52ac6c34f54fff126e0fd55843e7 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Mon, 6 Feb 2023 09:47:14 -0800 Subject: [PATCH 0398/2573] factor out duplicate conditions and update .expected for A0-1-4 --- .../rules/unusedparameter/UnusedParameter.qll | 22 +++++-------------- .../unusedparameter/UnusedParameter.expected | 5 +++-- 2 files changed, 9 insertions(+), 18 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/unusedparameter/UnusedParameter.qll b/cpp/common/src/codingstandards/cpp/rules/unusedparameter/UnusedParameter.qll index 908cb90e43..2bdbc3887d 100644 --- a/cpp/common/src/codingstandards/cpp/rules/unusedparameter/UnusedParameter.qll +++ b/cpp/common/src/codingstandards/cpp/rules/unusedparameter/UnusedParameter.qll @@ -21,20 +21,10 @@ predicate isLambdaParameter(Parameter parameter) { query predicate problems(UnusedParameter p, string message, Function f, string fName) { not isExcluded(p, getQuery()) and - if isLambdaParameter(p) - then ( - not isMaybeUnusedParameter(p) and - f = p.getFunction() and - // Virtual functions are covered by a different rule - not f.isVirtual() and - message = "Unused parameter '" + p.getName() + "' for function $@." and - fName = "lambda expression" - ) else ( - not isMaybeUnusedParameter(p) and - f = p.getFunction() and - // Virtual functions are covered by a different rule - not f.isVirtual() and - message = "Unused parameter '" + p.getName() + "' for function $@." and - fName = f.getQualifiedName() - ) + not isMaybeUnusedParameter(p) and + (if isLambdaParameter(p) then fName = "lambda expression" else fName = f.getQualifiedName()) and + f = p.getFunction() and + // Virtual functions are covered by a different rule + not f.isVirtual() and + message = "Unused parameter '" + p.getName() + "' for function $@." } diff --git a/cpp/common/test/rules/unusedparameter/UnusedParameter.expected b/cpp/common/test/rules/unusedparameter/UnusedParameter.expected index 9264f421f9..eaeeeae4ca 100644 --- a/cpp/common/test/rules/unusedparameter/UnusedParameter.expected +++ b/cpp/common/test/rules/unusedparameter/UnusedParameter.expected @@ -1,2 +1,3 @@ -| test.cpp:6:22:6:22 | x | Unused parameter 'x' for function $@. | test.cpp:6:6:6:16 | test_unused | test_unused | -| test.cpp:14:14:14:14 | x | Unused parameter 'x' for function $@. | test.cpp:14:8:14:8 | b | A::b | +| test.cpp:8:22:8:22 | x | Unused parameter 'x' for function $@. | test.cpp:8:6:8:16 | test_unused | test_unused | +| test.cpp:16:14:16:14 | x | Unused parameter 'x' for function $@. | test.cpp:16:8:16:8 | b | A::b | +| test.cpp:35:14:35:14 | y | Unused parameter 'y' for function $@. | test.cpp:34:9:34:9 | operator() | lambda expression | \ No newline at end of file From 74ff65d4ad33c24a88c91b3d4dc401cff56d0620 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 6 Feb 2023 18:48:27 +0100 Subject: [PATCH 0399/2573] Replace .codeqlmanifest.json with codeql-workspace.yml --- .github/workflows/code-scanning-pack-gen.yml | 2 +- codeql-workspace.yml | 6 ++++++ scripts/get_workspace_packs.py | 12 ++++++------ 3 files changed, 13 insertions(+), 7 deletions(-) create mode 100644 codeql-workspace.yml diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index ca03cb01a5..194dbf3a7f 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -91,7 +91,7 @@ jobs: codeql query compile --threads 0 c cd .. - zip -r codeql-coding-standards/code-scanning-cpp-query-pack.zip codeql-coding-standards/c/ codeql-coding-standards/cpp/ codeql-coding-standards/.codeqlmanifest.json codeql-coding-standards/supported_codeql_configs.json codeql-coding-standards/scripts/configuration codeql-coding-standards/scripts/reports codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/guideline_recategorization codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/schemas + zip -r codeql-coding-standards/code-scanning-cpp-query-pack.zip codeql-coding-standards/c/ codeql-coding-standards/cpp/ codeql-coding-standards/codeql-workspace.yml codeql-coding-standards/supported_codeql_configs.json codeql-coding-standards/scripts/configuration codeql-coding-standards/scripts/reports codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/guideline_recategorization codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/schemas - name: Upload GHAS Query Pack uses: actions/upload-artifact@v2 diff --git a/codeql-workspace.yml b/codeql-workspace.yml new file mode 100644 index 0000000000..d51b909203 --- /dev/null +++ b/codeql-workspace.yml @@ -0,0 +1,6 @@ +provide: + - "cpp/*/src/qlpack.yml" + - "cpp/*/test/qlpack.yml" + - "c/*/src/qlpack.yml" + - "c/*/test/qlpack.yml" + - "scripts/generate_modules/queries/qlpack.yml" diff --git a/scripts/get_workspace_packs.py b/scripts/get_workspace_packs.py index fc9054c641..e348f85d57 100644 --- a/scripts/get_workspace_packs.py +++ b/scripts/get_workspace_packs.py @@ -1,14 +1,14 @@ import glob -import json +import yaml import os def get_workspace_packs(root): - # Find the packs by globbing using the 'provide' patterns in the manifest. + # Find the packs by globbing using the 'provide' patterns in the CodeQL workspace file. os.chdir(root) - with open('.codeqlmanifest.json') as manifest_file: - manifest = json.load(manifest_file) + with open('codeql-workspace.yml') as codeql_workspace_file: + codeql_workspace = yaml.load(codeql_workspace_file) packs = [] - for pattern in manifest['provide']: + for pattern in codeql_workspace['provide']: packs.extend(glob.glob(pattern, recursive=True)) - + return packs From 70c41846fe9ad52ab4a73bb7f2b5d7db8a995da6 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 6 Feb 2023 18:48:57 +0100 Subject: [PATCH 0400/2573] remove .codeqlmanifest.json --- .codeqlmanifest.json | 1 - 1 file changed, 1 deletion(-) delete mode 100644 .codeqlmanifest.json diff --git a/.codeqlmanifest.json b/.codeqlmanifest.json deleted file mode 100644 index e6aec98053..0000000000 --- a/.codeqlmanifest.json +++ /dev/null @@ -1 +0,0 @@ -{ "provide": [ "cpp/*/src/qlpack.yml", "cpp/*/test/qlpack.yml", "c/*/src/qlpack.yml", "c/*/test/qlpack.yml", "scripts/generate_modules/queries/qlpack.yml" ] } From 3cf49f12576c497a0bcbbdf09a9d23cf5854fb69 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 6 Feb 2023 19:53:36 +0100 Subject: [PATCH 0401/2573] Update codeql_unit_tests.yml --- .github/workflows/codeql_unit_tests.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index aa47483ee4..84a24238c3 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -47,6 +47,9 @@ jobs: uses: actions/setup-python@v4 with: python-version: "3.9" + + - name: Install Python dependencies + run: pip install -r scripts/requirements.txt - name: Cache CodeQL id: cache-codeql From 00cb4c54418b3c7a50d0ff3243cab510f818b044 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 6 Feb 2023 13:54:44 -0500 Subject: [PATCH 0402/2573] test --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index 98c8058219..7b35bf5ead 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,4 +1,4 @@ -// A POD class +// A POD class. struct A { int f; int f2; From 5a20393e45a88921b87dde5eef240aa0596a9d91 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 6 Feb 2023 13:59:55 -0500 Subject: [PATCH 0403/2573] Fix --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index 7b35bf5ead..2d05d38787 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,4 +1,4 @@ -// A POD class. +// A POD class.. struct A { int f; int f2; From 8c6c5810393e703e27ccf3197b3e6a88830de5af Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Mon, 6 Feb 2023 11:55:29 -0800 Subject: [PATCH 0404/2573] update tuple.h as discussed with @rvermeulen --- cpp/common/test/includes/standard-library/tuple.h | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/cpp/common/test/includes/standard-library/tuple.h b/cpp/common/test/includes/standard-library/tuple.h index 21874e6d28..e4ab473488 100644 --- a/cpp/common/test/includes/standard-library/tuple.h +++ b/cpp/common/test/includes/standard-library/tuple.h @@ -1,12 +1,11 @@ namespace std { template class tuple {}; template std::tuple make_tuple(Types &&...args); -// TODO change this to example from cpp standard struct ignore_t { template constexpr // required since C++14 void operator=(T &&) const noexcept {} }; -inline constexpr std::ignore_t ignore; // 'const' only until C++17 +inline const std::ignore_t ignore; // 'const' only until C++17 } // namespace std From 1080e77bdeb4e9d7f46d90f44975392e32fcd7fa Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 7 Feb 2023 00:15:11 +0000 Subject: [PATCH 0405/2573] Bump wheel from 0.37.0 to 0.38.1 in /scripts Bumps [wheel](https://github.com/pypa/wheel) from 0.37.0 to 0.38.1. - [Release notes](https://github.com/pypa/wheel/releases) - [Changelog](https://github.com/pypa/wheel/blob/main/docs/news.rst) - [Commits](https://github.com/pypa/wheel/compare/0.37.0...0.38.1) --- updated-dependencies: - dependency-name: wheel dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- scripts/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/requirements.txt b/scripts/requirements.txt index 56682f6332..c6aac80ec6 100644 --- a/scripts/requirements.txt +++ b/scripts/requirements.txt @@ -11,6 +11,6 @@ smmap==3.0.5 soupsieve==2.0.1 urllib3==1.26.5 pyyaml==5.4 -wheel==0.37.0 +wheel==0.38.1 jsonschema==4.9.1 marko==1.2.1 \ No newline at end of file From 39768c671ac4fd99db065247e9fbb51e32263739 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 7 Feb 2023 00:15:27 +0000 Subject: [PATCH 0406/2573] Bump gitpython from 3.1.12 to 3.1.30 in /scripts Bumps [gitpython](https://github.com/gitpython-developers/GitPython) from 3.1.12 to 3.1.30. - [Release notes](https://github.com/gitpython-developers/GitPython/releases) - [Changelog](https://github.com/gitpython-developers/GitPython/blob/main/CHANGES) - [Commits](https://github.com/gitpython-developers/GitPython/compare/3.1.12...3.1.30) --- updated-dependencies: - dependency-name: gitpython dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- scripts/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/requirements.txt b/scripts/requirements.txt index 56682f6332..6162562353 100644 --- a/scripts/requirements.txt +++ b/scripts/requirements.txt @@ -2,7 +2,7 @@ beautifulsoup4==4.9.3 certifi==2020.11.8 chardet==3.0.4 gitdb==4.0.5 -GitPython==3.1.12 +GitPython==3.1.30 idna==2.10 Jinja2==2.11.3 MarkupSafe==1.1.1 From 9142a5e84a75366b1ab29f112cc81ed0e9ba27d9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 7 Feb 2023 00:15:42 +0000 Subject: [PATCH 0407/2573] Bump certifi from 2020.11.8 to 2022.12.7 in /scripts Bumps [certifi](https://github.com/certifi/python-certifi) from 2020.11.8 to 2022.12.7. - [Release notes](https://github.com/certifi/python-certifi/releases) - [Commits](https://github.com/certifi/python-certifi/compare/2020.11.08...2022.12.07) --- updated-dependencies: - dependency-name: certifi dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- scripts/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/requirements.txt b/scripts/requirements.txt index 56682f6332..93d5afd1e0 100644 --- a/scripts/requirements.txt +++ b/scripts/requirements.txt @@ -1,5 +1,5 @@ beautifulsoup4==4.9.3 -certifi==2020.11.8 +certifi==2022.12.7 chardet==3.0.4 gitdb==4.0.5 GitPython==3.1.12 From af0d0f506fb7a38c871347b1c9f36a1d681dab45 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Mon, 6 Feb 2023 16:18:21 -0800 Subject: [PATCH 0408/2573] update --- ...edConversionOperatorsNotDefinedExplicit.ql | 5 ++- cpp/autosar/test/rules/A13-5-2/test.cpp | 34 ++++++++++++++++++- 2 files changed, 37 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/src/rules/A13-5-2/UserDefinedConversionOperatorsNotDefinedExplicit.ql b/cpp/autosar/src/rules/A13-5-2/UserDefinedConversionOperatorsNotDefinedExplicit.ql index 5e83d02baa..9eb7b2d38b 100644 --- a/cpp/autosar/src/rules/A13-5-2/UserDefinedConversionOperatorsNotDefinedExplicit.ql +++ b/cpp/autosar/src/rules/A13-5-2/UserDefinedConversionOperatorsNotDefinedExplicit.ql @@ -15,6 +15,7 @@ import cpp import codingstandards.cpp.autosar +// import semmle.code.cpp.PrintAST class ExplicitConversionOperator extends ConversionOperator { ExplicitConversionOperator() { exists(Specifier spec | @@ -27,5 +28,7 @@ class ExplicitConversionOperator extends ConversionOperator { from ConversionOperator op where not isExcluded(op, OperatorsPackage::userDefinedConversionOperatorsNotDefinedExplicitQuery()) and - not op instanceof ExplicitConversionOperator + not op instanceof ExplicitConversionOperator and + not op.isCompilerGenerated() select op, "User-defined conversion operator is not explicit." +// select 1 diff --git a/cpp/autosar/test/rules/A13-5-2/test.cpp b/cpp/autosar/test/rules/A13-5-2/test.cpp index 0f9f7a3b3d..48684cb3e6 100644 --- a/cpp/autosar/test/rules/A13-5-2/test.cpp +++ b/cpp/autosar/test/rules/A13-5-2/test.cpp @@ -8,4 +8,36 @@ class A { operator int() const { return d; } // NON_COMPLIANT private: float d; -}; \ No newline at end of file +}; + +void example() { + + int ref_value{0}; + int other_value{0}; + + // ok + auto dummy_lambda = [&ref_value]() noexcept -> void { ref_value = 42; }; + dummy_lambda(); + + // ok + auto my_lambda_1 = [&ref_value](int param) noexcept -> void { + for (int i{0}; i < param; ++i) { + ++ref_value; + } + }; + my_lambda_1(other_value); + + // error: user-defined-conversion-operators-not-defined-explicit + auto my_lambda_2 = [](int param) noexcept -> void { + for (int i{0}; i < param; ++i) { + // + } + }; + my_lambda_2(other_value); + + // ok + auto my_lambda_3 = [&ref_value](int param) noexcept -> void { + ref_value = param; + }; + my_lambda_3(other_value); +} From f7572edb6c2db512300442107fa83bb0972f0275 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Tue, 7 Feb 2023 12:18:50 +0100 Subject: [PATCH 0409/2573] Build codeql pack --- .github/workflows/code-scanning-pack-gen.yml | 4 ++-- cpp/misra/src/qlpack.yml | 6 ++++++ 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index 194dbf3a7f..27653cf22c 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -87,8 +87,8 @@ jobs: run: | PATH=$PATH:$CODEQL_HOME/codeql - codeql query compile --threads 0 cpp - codeql query compile --threads 0 c + find c -name qlpack.yml -exec codeql pack create --threads=0 {} \; + find cpp -name qlpack.yml -exec codeql pack create --threads=0 {} \; cd .. zip -r codeql-coding-standards/code-scanning-cpp-query-pack.zip codeql-coding-standards/c/ codeql-coding-standards/cpp/ codeql-coding-standards/codeql-workspace.yml codeql-coding-standards/supported_codeql_configs.json codeql-coding-standards/scripts/configuration codeql-coding-standards/scripts/reports codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/guideline_recategorization codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/schemas diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index ea3f5cbd5f..9829f925e5 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,5 +1,11 @@ name: codeql/misra-cpp-coding-standards version: 2.13.0-dev +description: MISRA C++ 2008 +suites: codeql-suites +defaultSuite: + qlpack: codeql/autosar-cpp-coding-standards + include: + tags contains: /^external/autosar/id/m.*/ license: MIT dependencies: codeql/common-cpp-coding-standards: '*' From 871a52c04a7c751caa35b98103583fbd42b91fbf Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Tue, 7 Feb 2023 14:03:14 +0100 Subject: [PATCH 0410/2573] Update code-scanning-pack-gen.yml --- .github/workflows/code-scanning-pack-gen.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index 27653cf22c..194dbf3a7f 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -87,8 +87,8 @@ jobs: run: | PATH=$PATH:$CODEQL_HOME/codeql - find c -name qlpack.yml -exec codeql pack create --threads=0 {} \; - find cpp -name qlpack.yml -exec codeql pack create --threads=0 {} \; + codeql query compile --threads 0 cpp + codeql query compile --threads 0 c cd .. zip -r codeql-coding-standards/code-scanning-cpp-query-pack.zip codeql-coding-standards/c/ codeql-coding-standards/cpp/ codeql-coding-standards/codeql-workspace.yml codeql-coding-standards/supported_codeql_configs.json codeql-coding-standards/scripts/configuration codeql-coding-standards/scripts/reports codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/guideline_recategorization codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/schemas From fae4944cb99bdfe847ce381c5dc4cc04839e47f3 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Tue, 7 Feb 2023 14:50:36 +0100 Subject: [PATCH 0411/2573] Revert "remove .codeqlmanifest.json" This reverts commit 70c41846fe9ad52ab4a73bb7f2b5d7db8a995da6. --- .codeqlmanifest.json | 1 + 1 file changed, 1 insertion(+) create mode 100644 .codeqlmanifest.json diff --git a/.codeqlmanifest.json b/.codeqlmanifest.json new file mode 100644 index 0000000000..e6aec98053 --- /dev/null +++ b/.codeqlmanifest.json @@ -0,0 +1 @@ +{ "provide": [ "cpp/*/src/qlpack.yml", "cpp/*/test/qlpack.yml", "c/*/src/qlpack.yml", "c/*/test/qlpack.yml", "scripts/generate_modules/queries/qlpack.yml" ] } From febe9904f572eaacdb0e2fd2fdfe162de8ff7b9f Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Tue, 7 Feb 2023 14:52:03 +0100 Subject: [PATCH 0412/2573] Revert commit 74ff65d --- .github/workflows/code-scanning-pack-gen.yml | 2 +- codeql-workspace.yml | 6 ------ scripts/get_workspace_packs.py | 12 ++++++------ 3 files changed, 7 insertions(+), 13 deletions(-) delete mode 100644 codeql-workspace.yml diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index 194dbf3a7f..ca03cb01a5 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -91,7 +91,7 @@ jobs: codeql query compile --threads 0 c cd .. - zip -r codeql-coding-standards/code-scanning-cpp-query-pack.zip codeql-coding-standards/c/ codeql-coding-standards/cpp/ codeql-coding-standards/codeql-workspace.yml codeql-coding-standards/supported_codeql_configs.json codeql-coding-standards/scripts/configuration codeql-coding-standards/scripts/reports codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/guideline_recategorization codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/schemas + zip -r codeql-coding-standards/code-scanning-cpp-query-pack.zip codeql-coding-standards/c/ codeql-coding-standards/cpp/ codeql-coding-standards/.codeqlmanifest.json codeql-coding-standards/supported_codeql_configs.json codeql-coding-standards/scripts/configuration codeql-coding-standards/scripts/reports codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/guideline_recategorization codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/schemas - name: Upload GHAS Query Pack uses: actions/upload-artifact@v2 diff --git a/codeql-workspace.yml b/codeql-workspace.yml deleted file mode 100644 index d51b909203..0000000000 --- a/codeql-workspace.yml +++ /dev/null @@ -1,6 +0,0 @@ -provide: - - "cpp/*/src/qlpack.yml" - - "cpp/*/test/qlpack.yml" - - "c/*/src/qlpack.yml" - - "c/*/test/qlpack.yml" - - "scripts/generate_modules/queries/qlpack.yml" diff --git a/scripts/get_workspace_packs.py b/scripts/get_workspace_packs.py index e348f85d57..fc9054c641 100644 --- a/scripts/get_workspace_packs.py +++ b/scripts/get_workspace_packs.py @@ -1,14 +1,14 @@ import glob -import yaml +import json import os def get_workspace_packs(root): - # Find the packs by globbing using the 'provide' patterns in the CodeQL workspace file. + # Find the packs by globbing using the 'provide' patterns in the manifest. os.chdir(root) - with open('codeql-workspace.yml') as codeql_workspace_file: - codeql_workspace = yaml.load(codeql_workspace_file) + with open('.codeqlmanifest.json') as manifest_file: + manifest = json.load(manifest_file) packs = [] - for pattern in codeql_workspace['provide']: + for pattern in manifest['provide']: packs.extend(glob.glob(pattern, recursive=True)) - + return packs From 6609a1d896e60f0cd69b69f766ba5bafb40becd8 Mon Sep 17 00:00:00 2001 From: Henry Gabryjelski Date: Tue, 7 Feb 2023 08:52:27 -0800 Subject: [PATCH 0413/2573] Fix broken link for AUTOSAR C++ Provide a link to archive.org's last copy instead. --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 06668c6676..c9c6b7125e 100644 --- a/README.md +++ b/README.md @@ -9,7 +9,7 @@ _Carnegie Mellon and CERT are registered trademarks of Carnegie Mellon Universit This repository contains CodeQL queries and libraries which support various Coding Standards for the [C++14](https://www.iso.org/standard/64029.html) programming language. The following coding standards are supported: -- [AUTOSAR - Guidelines for the use of C++14 language in critical and safety-related systems Release 20-11](https://www.autosar.org/fileadmin/user_upload/standards/adaptive/20-11/AUTOSAR_RS_CPP14Guidelines.pdf) +- [AUTOSAR - Guidelines for the use of C++14 language in critical and safety-related systems Release 20-11](https://web.archive.org/web/20220111042754/https://www.autosar.org/fileadmin/user_upload/standards/adaptive/20-11/AUTOSAR_RS_CPP14Guidelines.pdf) - [MISRA C++:2008](https://www.misra.org.uk) (support limited to the rules specified in AUTOSAR 20-11). - [SEI CERT C++ Coding Standard: Rules for Developing Safe, Reliable, and Secure Systems (2016 Edition)](https://resources.sei.cmu.edu/library/asset-view.cfm?assetID=494932) From f1ccadeae074fdbff50b514e605a7284df53aa37 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Tue, 7 Feb 2023 18:34:46 +0100 Subject: [PATCH 0414/2573] Update code-scanning-pack-gen.yml --- .github/workflows/code-scanning-pack-gen.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index ca03cb01a5..ea70c04009 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -87,8 +87,8 @@ jobs: run: | PATH=$PATH:$CODEQL_HOME/codeql - codeql query compile --threads 0 cpp - codeql query compile --threads 0 c + find c -name qlpack.yml -exec codeql pack create --threads=0 {} \; + find cpp -name qlpack.yml -exec codeql pack create --threads=0 {} \; cd .. zip -r codeql-coding-standards/code-scanning-cpp-query-pack.zip codeql-coding-standards/c/ codeql-coding-standards/cpp/ codeql-coding-standards/.codeqlmanifest.json codeql-coding-standards/supported_codeql_configs.json codeql-coding-standards/scripts/configuration codeql-coding-standards/scripts/reports codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/guideline_recategorization codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/schemas From 25638c8ddce1448f3aae6ba89fc5642a1c18a0b5 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Tue, 7 Feb 2023 18:49:39 +0100 Subject: [PATCH 0415/2573] Revert "Update code-scanning-pack-gen.yml" This reverts commit f1ccadeae074fdbff50b514e605a7284df53aa37. --- .github/workflows/code-scanning-pack-gen.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index ea70c04009..ca03cb01a5 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -87,8 +87,8 @@ jobs: run: | PATH=$PATH:$CODEQL_HOME/codeql - find c -name qlpack.yml -exec codeql pack create --threads=0 {} \; - find cpp -name qlpack.yml -exec codeql pack create --threads=0 {} \; + codeql query compile --threads 0 cpp + codeql query compile --threads 0 c cd .. zip -r codeql-coding-standards/code-scanning-cpp-query-pack.zip codeql-coding-standards/c/ codeql-coding-standards/cpp/ codeql-coding-standards/.codeqlmanifest.json codeql-coding-standards/supported_codeql_configs.json codeql-coding-standards/scripts/configuration codeql-coding-standards/scripts/reports codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/guideline_recategorization codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/schemas From a1740e7e174d507d3996ef72e2d112db8cadb1d0 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Tue, 7 Feb 2023 10:40:07 -0800 Subject: [PATCH 0416/2573] Add bitwise-shift-left-assignment operator --- cpp/common/src/codingstandards/cpp/Operator.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/Operator.qll b/cpp/common/src/codingstandards/cpp/Operator.qll index 55db1f9da2..98e9706b90 100644 --- a/cpp/common/src/codingstandards/cpp/Operator.qll +++ b/cpp/common/src/codingstandards/cpp/Operator.qll @@ -124,7 +124,7 @@ class AssignmentOperator extends MemberFunction { // operator op, where op is =, +=, -=, *=, /=, %=, ^=, &=, |=, >>= exists(string op | "operator" + op = this.getName() and - op in ["=", "+=", "-=", "*=", "/=", "%=", "^=", "&=", "|=", ">>="] + op in ["=", "+=", "-=", "*=", "/=", "%=", "^=", "&=", "|=", ">>=", "<<="] ) } } From 588efba6140610f894ae844d229e0f94cb0d917d Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Tue, 7 Feb 2023 20:00:12 +0100 Subject: [PATCH 0417/2573] Add .codeqlmanifest.json back --- c/.codeqlmanifest.json | 3 +++ cpp/.codeqlmanifest.json | 3 +++ 2 files changed, 6 insertions(+) create mode 100644 c/.codeqlmanifest.json create mode 100644 cpp/.codeqlmanifest.json diff --git a/c/.codeqlmanifest.json b/c/.codeqlmanifest.json new file mode 100644 index 0000000000..c40bc9cfd5 --- /dev/null +++ b/c/.codeqlmanifest.json @@ -0,0 +1,3 @@ +{ "provide": [ + "*/src/qlpack.yml", + "*/test/qlpack.yml" ] } \ No newline at end of file diff --git a/cpp/.codeqlmanifest.json b/cpp/.codeqlmanifest.json new file mode 100644 index 0000000000..c40bc9cfd5 --- /dev/null +++ b/cpp/.codeqlmanifest.json @@ -0,0 +1,3 @@ +{ "provide": [ + "*/src/qlpack.yml", + "*/test/qlpack.yml" ] } \ No newline at end of file From f235db6d29a43482ef51ef8eba8c45391c10c618 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Tue, 7 Feb 2023 20:08:26 +0100 Subject: [PATCH 0418/2573] Delete .codeqlmanifest.json --- cpp/.codeqlmanifest.json | 3 --- 1 file changed, 3 deletions(-) delete mode 100644 cpp/.codeqlmanifest.json diff --git a/cpp/.codeqlmanifest.json b/cpp/.codeqlmanifest.json deleted file mode 100644 index c40bc9cfd5..0000000000 --- a/cpp/.codeqlmanifest.json +++ /dev/null @@ -1,3 +0,0 @@ -{ "provide": [ - "*/src/qlpack.yml", - "*/test/qlpack.yml" ] } \ No newline at end of file From 1a6d68ecae6381a13f4c221e0234dec4dbac81e3 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Tue, 7 Feb 2023 20:08:36 +0100 Subject: [PATCH 0419/2573] Delete .codeqlmanifest.json --- c/.codeqlmanifest.json | 3 --- 1 file changed, 3 deletions(-) delete mode 100644 c/.codeqlmanifest.json diff --git a/c/.codeqlmanifest.json b/c/.codeqlmanifest.json deleted file mode 100644 index c40bc9cfd5..0000000000 --- a/c/.codeqlmanifest.json +++ /dev/null @@ -1,3 +0,0 @@ -{ "provide": [ - "*/src/qlpack.yml", - "*/test/qlpack.yml" ] } \ No newline at end of file From 2136a35267be34c3b98f18f0dd20cf208eb80387 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Tue, 7 Feb 2023 14:36:49 -0500 Subject: [PATCH 0420/2573] format fixes --- docs/user_manual.md | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/docs/user_manual.md b/docs/user_manual.md index b9c9666946..2548715240 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -27,13 +27,12 @@ This user manual documents release `2.10.0` of the coding standards located at h The release page documents the release notes and contains the following artifacts part of the release: - `code-scanning-cpp-query-pack-anon-2.10.0.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `lgtm-cpp-query-pack-anon-v2.10.0.zip`: coding standard queries to be used with GitHub LGTM Enterprise as documented in the section _Operating manual_. - `supported_rules_list_2.10.0.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. -- `supported_rules_list_2.10.0 .md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. -- `user_manual.md`: This user manual. +- `supported_rules_list_2.10.0.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. +- `user_manual_2.10.0.md`: This user manual. - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards - +- `checksums.txt`: A text file containing sha256 checksums for the aforementioned artifacts. ## Introduction ### Background From 6e172e9975f0fa87168575e73c770877a69996e3 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Tue, 7 Feb 2023 14:39:46 -0500 Subject: [PATCH 0421/2573] version bumper --- scripts/bump_version.sh | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/scripts/bump_version.sh b/scripts/bump_version.sh index ea46f73f72..bea53f8ef4 100644 --- a/scripts/bump_version.sh +++ b/scripts/bump_version.sh @@ -9,6 +9,14 @@ fi echo "Setting Local Branch Version to $1." +# update the qlpacks find . -name 'qlpack.yml' | grep -v './codeql_modules' | grep -v './scripts' | xargs sed -i "s/^version.*$/version: ${1}/" +# update the documentation. + +find docs -name 'user_manual.md' | xargs sed -i "s/code-scanning-cpp-query-pack-anon-.*\.zip\`/code-scanning-cpp-query-pack-anon-${1}.zip\`/" +find docs -name 'user_manual.md' | xargs sed -i "s/supported_rules_list_.*\.csv\`/supported_rules_list_${1}.csv\`/" +find docs -name 'user_manual.md' | xargs sed -i "s/supported_rules_list_.*\.md\`/upported_rules_list_${1}.md\`/" +find docs -name 'user_manual.md' | xargs sed -i "s/user_manual_.*\.md\`/user_manual_${1}.md\`/" + echo "Done." \ No newline at end of file From 058ccb4b85fc2d6f0edb2aeafb12d832186fda09 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Tue, 7 Feb 2023 12:29:55 -0800 Subject: [PATCH 0422/2573] Make query for A0-1-2 more concise --- .../src/rules/A0-1-2/UnusedReturnValue.ql | 38 ++++++------------- 1 file changed, 12 insertions(+), 26 deletions(-) diff --git a/cpp/autosar/src/rules/A0-1-2/UnusedReturnValue.ql b/cpp/autosar/src/rules/A0-1-2/UnusedReturnValue.ql index ed7c7652c7..7886a3a906 100644 --- a/cpp/autosar/src/rules/A0-1-2/UnusedReturnValue.ql +++ b/cpp/autosar/src/rules/A0-1-2/UnusedReturnValue.ql @@ -16,32 +16,14 @@ import cpp import codingstandards.cpp.autosar -import semmle.code.cpp.dataflow.DataFlow - -predicate isStdIgnore(Element element) { - exists(NameQualifier nq | - nq.getQualifiedElement().toString() = "ignore" and - nq.toString() = "std::" and - element.toString() = "ignore" - ) -} - -/* The statement std::ignore = f() is not recognized an assignment; therefore, we do some painful gymnastics. */ -predicate isAssignment(FunctionCall assignment) { - exists(Operator operator | - assignment.getTarget() = operator and - operator.getName() = "operator=" and - // check if this is indeed an operator for assignment by checking if there are no overloads - not exists(operator.getAnOverload()) - ) -} - -predicate isAssignmentOperand(Expr operand) { - exists(FunctionCall assignment | isAssignment(assignment) and operand = assignment.getAChild()) -} +import codingstandards.cpp.Operator +import cpp -predicate returnValueIsAssignedToStdIgnore(FunctionCall fc) { - isAssignmentOperand(fc) and exists(Element stdIgnore | isStdIgnore(stdIgnore)) +class StdIgnoreVariable extends NamespaceVariable { + StdIgnoreVariable() { + this.hasName("ignore") and + this.getNamespace() instanceof StdNamespace + } } /* @@ -77,5 +59,9 @@ where cast.getActualType() instanceof VoidType ) ) and - not returnValueIsAssignedToStdIgnore(fc) + // Exclude assignments to std::ignore. + not ( + fc.getTarget() instanceof AssignmentOperator and + fc.getAChild().(VariableAccess).getTarget() instanceof StdIgnoreVariable + ) select fc, "Return value from call to $@ is unused.", f, f.getName() From b4ca295225b9deaf0cfa99433eb7c8c776b462be Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Tue, 7 Feb 2023 15:42:53 -0500 Subject: [PATCH 0423/2573] pr action --- .../workflows/dispatch-release-performance-check.yml | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/.github/workflows/dispatch-release-performance-check.yml b/.github/workflows/dispatch-release-performance-check.yml index 0afc5aae7c..05ef63c103 100644 --- a/.github/workflows/dispatch-release-performance-check.yml +++ b/.github/workflows/dispatch-release-performance-check.yml @@ -1,15 +1,12 @@ name: 🏁 Run Release Performance Check on: - push: + issue_comment: + types: [created] branches: - main - "rc/**" - next - pull_request: - branches: - - "**" - workflow_dispatch: jobs: dispatch-matrix-check: @@ -17,6 +14,7 @@ jobs: steps: - name: Dispatch Performance Testing Job + if: ${{ github.event.issue.pull_request && contains(github.event.comment.body, '/test-performance') }} uses: peter-evans/repository-dispatch@v2 with: token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} @@ -26,11 +24,12 @@ jobs: - uses: actions/github-script@v6 + if: ${{ github.event.issue.pull_request && contains(github.event.comment.body, '/test-performance') }} with: script: | github.rest.issues.createComment({ issue_number: context.issue.number, owner: context.repo.owner, repo: context.repo.repo, - body: '🏁 Beep Boop! Performance testing for this PR has been initiated. Please check back later for results. Note that the query package generation step must complete before testing will start so it might be a minute.

:bulb: If you do not hear back from me please check my status! **I will report even if this PR does not contain files eligible for matrix testing.**' + body: '🏁 Beep Boop! Performance testing for this PR has been initiated. Please check back later for results. Note that the query package generation step must complete before testing will start so it might be a minute.

:bulb: If you do not hear back from me please check my status! **I will report even if I fail!**' }) \ No newline at end of file From b89c564df3c7168f23934d9634668733d0693f03 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Tue, 7 Feb 2023 12:45:28 -0800 Subject: [PATCH 0424/2573] Remove lambda checks on UnusedParameters.qll This is because the first disjunct (`Function`) already includes the `Operator` created along `LambdaExpression`. --- .../cpp/deadcode/UnusedParameters.qll | 31 +++++-------------- 1 file changed, 8 insertions(+), 23 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/deadcode/UnusedParameters.qll b/cpp/common/src/codingstandards/cpp/deadcode/UnusedParameters.qll index dc2e24f1b1..43eaae9223 100644 --- a/cpp/common/src/codingstandards/cpp/deadcode/UnusedParameters.qll +++ b/cpp/common/src/codingstandards/cpp/deadcode/UnusedParameters.qll @@ -12,29 +12,14 @@ import cpp */ class UsableParameter extends Parameter { UsableParameter() { - ( - /* Regular Function */ - // Find the function associated with the parameter - exists(Function f | this = f.getAParameter() | - // Must have the definition of the function, not just the declaration - f.hasDefinition() and - // There must be a body block associated with the function, otherwise the parameter cannot - // possibly be used - exists(f.getBlock()) - ) - or - /* Lambda Expression */ - // Find the function associated with the parameter - exists(LambdaExpression lambda, Function f | - this = lambda.getLambdaFunction().getParameter(_) - | - // Must have the definition of the function, not just the declaration - lambda.getLambdaFunction() = f and - f.hasDefinition() and - // There must be a body block associated with the function, otherwise the parameter cannot - // possibly be used - exists(f.getBlock()) - ) + /* Regular Function */ + // Find the function associated with the parameter + exists(Function f | this = f.getAParameter() | + // Must have the definition of the function, not just the declaration + f.hasDefinition() and + // There must be a body block associated with the function, otherwise the parameter cannot + // possibly be used + exists(f.getBlock()) ) and // Must be a named parameter, because unnamed parameters cannot be referenced isNamed() From b32f2ebc258dc4df8e0ac8493f32c49c25bdd26f Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Tue, 7 Feb 2023 15:46:14 -0500 Subject: [PATCH 0425/2573] fix --- .github/workflows/dispatch-release-performance-check.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/dispatch-release-performance-check.yml b/.github/workflows/dispatch-release-performance-check.yml index 05ef63c103..37e52bbe4d 100644 --- a/.github/workflows/dispatch-release-performance-check.yml +++ b/.github/workflows/dispatch-release-performance-check.yml @@ -14,7 +14,7 @@ jobs: steps: - name: Dispatch Performance Testing Job - if: ${{ github.event.issue.pull_request && contains(github.event.comment.body, '/test-performance') }} + if: ${{ contains(github.event.comment.body, 'test-performance') }} uses: peter-evans/repository-dispatch@v2 with: token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} @@ -24,7 +24,7 @@ jobs: - uses: actions/github-script@v6 - if: ${{ github.event.issue.pull_request && contains(github.event.comment.body, '/test-performance') }} + if: ${{ contains(github.event.comment.body, 'test-performance') }} with: script: | github.rest.issues.createComment({ From f540401d87c7001be31c9af04f34c773249251e6 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Tue, 7 Feb 2023 16:22:18 -0500 Subject: [PATCH 0426/2573] work --- .github/workflows/dispatch-release-performance-check.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/.github/workflows/dispatch-release-performance-check.yml b/.github/workflows/dispatch-release-performance-check.yml index 37e52bbe4d..727022d9fc 100644 --- a/.github/workflows/dispatch-release-performance-check.yml +++ b/.github/workflows/dispatch-release-performance-check.yml @@ -3,10 +3,6 @@ name: 🏁 Run Release Performance Check on: issue_comment: types: [created] - branches: - - main - - "rc/**" - - next jobs: dispatch-matrix-check: @@ -14,7 +10,6 @@ jobs: steps: - name: Dispatch Performance Testing Job - if: ${{ contains(github.event.comment.body, 'test-performance') }} uses: peter-evans/repository-dispatch@v2 with: token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} @@ -24,7 +19,6 @@ jobs: - uses: actions/github-script@v6 - if: ${{ contains(github.event.comment.body, 'test-performance') }} with: script: | github.rest.issues.createComment({ From e32e82ae4fae040f13d50dd2a5c9fe272f9e0966 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Tue, 7 Feb 2023 16:23:16 -0500 Subject: [PATCH 0427/2573] fix --- .github/workflows/dispatch-release-performance-check.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/dispatch-release-performance-check.yml b/.github/workflows/dispatch-release-performance-check.yml index 727022d9fc..05ef63c103 100644 --- a/.github/workflows/dispatch-release-performance-check.yml +++ b/.github/workflows/dispatch-release-performance-check.yml @@ -3,6 +3,10 @@ name: 🏁 Run Release Performance Check on: issue_comment: types: [created] + branches: + - main + - "rc/**" + - next jobs: dispatch-matrix-check: @@ -10,6 +14,7 @@ jobs: steps: - name: Dispatch Performance Testing Job + if: ${{ github.event.issue.pull_request && contains(github.event.comment.body, '/test-performance') }} uses: peter-evans/repository-dispatch@v2 with: token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} @@ -19,6 +24,7 @@ jobs: - uses: actions/github-script@v6 + if: ${{ github.event.issue.pull_request && contains(github.event.comment.body, '/test-performance') }} with: script: | github.rest.issues.createComment({ From 5a103979b126e57348e6dc269b2edcdc099b9770 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Tue, 7 Feb 2023 13:56:42 -0800 Subject: [PATCH 0428/2573] update test.cpp --- cpp/autosar/test/rules/A13-5-2/test.cpp | 33 ++++++------------------- 1 file changed, 7 insertions(+), 26 deletions(-) diff --git a/cpp/autosar/test/rules/A13-5-2/test.cpp b/cpp/autosar/test/rules/A13-5-2/test.cpp index 48684cb3e6..c8cc4a41cd 100644 --- a/cpp/autosar/test/rules/A13-5-2/test.cpp +++ b/cpp/autosar/test/rules/A13-5-2/test.cpp @@ -10,34 +10,15 @@ class A { float d; }; -void example() { +void test_compiler_generated() { + int x = 0; - int ref_value{0}; - int other_value{0}; - - // ok - auto dummy_lambda = [&ref_value]() noexcept -> void { ref_value = 42; }; - dummy_lambda(); - - // ok - auto my_lambda_1 = [&ref_value](int param) noexcept -> void { - for (int i{0}; i < param; ++i) { - ++ref_value; - } - }; - my_lambda_1(other_value); - - // error: user-defined-conversion-operators-not-defined-explicit - auto my_lambda_2 = [](int param) noexcept -> void { - for (int i{0}; i < param; ++i) { - // - } + auto capture = [x]() -> int { + return x; }; - my_lambda_2(other_value); - // ok - auto my_lambda_3 = [&ref_value](int param) noexcept -> void { - ref_value = param; + auto no_capture = []() -> int { + int x = 1; + return x; }; - my_lambda_3(other_value); } From 0ad2ab362f411290dd6b5752801b027aa28263a8 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Tue, 7 Feb 2023 14:33:10 -0800 Subject: [PATCH 0429/2573] format test.cpp --- cpp/autosar/test/rules/A13-5-2/test.cpp | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/cpp/autosar/test/rules/A13-5-2/test.cpp b/cpp/autosar/test/rules/A13-5-2/test.cpp index c8cc4a41cd..37bc0d0fdb 100644 --- a/cpp/autosar/test/rules/A13-5-2/test.cpp +++ b/cpp/autosar/test/rules/A13-5-2/test.cpp @@ -13,9 +13,7 @@ class A { void test_compiler_generated() { int x = 0; - auto capture = [x]() -> int { - return x; - }; + auto capture = [x]() -> int { return x; }; auto no_capture = []() -> int { int x = 1; From 1212108ef0539604fc70ad58be2ebe62e2797b9a Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Tue, 7 Feb 2023 14:59:26 -0800 Subject: [PATCH 0430/2573] Remove assignment to std::ignore It was already being handled by the above `fc.getParent() instanceof ExprStmt` and `not f instanceof Operator`. --- cpp/autosar/src/rules/A0-1-2/UnusedReturnValue.ql | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/cpp/autosar/src/rules/A0-1-2/UnusedReturnValue.ql b/cpp/autosar/src/rules/A0-1-2/UnusedReturnValue.ql index 7886a3a906..0c4c570814 100644 --- a/cpp/autosar/src/rules/A0-1-2/UnusedReturnValue.ql +++ b/cpp/autosar/src/rules/A0-1-2/UnusedReturnValue.ql @@ -19,13 +19,6 @@ import codingstandards.cpp.autosar import codingstandards.cpp.Operator import cpp -class StdIgnoreVariable extends NamespaceVariable { - StdIgnoreVariable() { - this.hasName("ignore") and - this.getNamespace() instanceof StdNamespace - } -} - /* * This query performs a simple syntactic check to ensure that the return value of the function is * not completely ignored. This matches the examples given in the rule, although the text itself is @@ -58,10 +51,5 @@ where cast.getExpr() = fc and cast.getActualType() instanceof VoidType ) - ) and - // Exclude assignments to std::ignore. - not ( - fc.getTarget() instanceof AssignmentOperator and - fc.getAChild().(VariableAccess).getTarget() instanceof StdIgnoreVariable ) select fc, "Return value from call to $@ is unused.", f, f.getName() From 1c9a91eb402bcb6d3b758db174850b89f88431ed Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 8 Feb 2023 12:33:07 +0100 Subject: [PATCH 0431/2573] Remove defaultSuite property --- c/cert/src/qlpack.yml | 1 - c/misra/src/qlpack.yml | 1 - cpp/autosar/src/qlpack.yml | 1 - cpp/cert/src/qlpack.yml | 1 - cpp/misra/src/qlpack.yml | 4 ---- 5 files changed, 8 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index 51f0b7642b..aa7fe3ba4d 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -2,7 +2,6 @@ name: codeql/cert-c-coding-standards version: 2.13.0-dev description: CERT C 2016 suites: codeql-suites -defaultSuiteFile: codeql-suites/cert-default.qls license: MIT dependencies: codeql/common-c-coding-standards: '*' diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 2f140abac5..7eb3a8b873 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -2,7 +2,6 @@ name: codeql/misra-c-coding-standards version: 2.13.0-dev description: MISRA C 2012 suites: codeql-suites -defaultSuiteFile: codeql-suites/misra-default.qls license: MIT dependencies: codeql/common-c-coding-standards: '*' diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index f61a1205d1..2a74a6bb20 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -2,7 +2,6 @@ name: codeql/autosar-cpp-coding-standards version: 2.13.0-dev description: AUTOSAR C++14 Guidelines 20-11 suites: codeql-suites -defaultSuiteFile: codeql-suites/autosar-default.qls license: MIT dependencies: codeql/common-cpp-coding-standards: '*' diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index e539039367..04c216db95 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -2,7 +2,6 @@ name: codeql/cert-cpp-coding-standards version: 2.13.0-dev description: CERT C++ 2016 suites: codeql-suites -defaultSuiteFile: codeql-suites/cert-default.qls license: MIT dependencies: codeql/cpp-all: 0.2.3 diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index 9829f925e5..2afcad806b 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -2,10 +2,6 @@ name: codeql/misra-cpp-coding-standards version: 2.13.0-dev description: MISRA C++ 2008 suites: codeql-suites -defaultSuite: - qlpack: codeql/autosar-cpp-coding-standards - include: - tags contains: /^external/autosar/id/m.*/ license: MIT dependencies: codeql/common-cpp-coding-standards: '*' From b59bfc0a812eed31387cb3f30fe22bb1f446d4bb Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 8 Feb 2023 09:38:00 -0500 Subject: [PATCH 0432/2573] Update scripts/PSCodingStandards/Get-RuleForPath.ps1 Co-authored-by: Luke Cartey <5377966+lcartey@users.noreply.github.com> --- scripts/PSCodingStandards/Get-RuleForPath.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/PSCodingStandards/Get-RuleForPath.ps1 b/scripts/PSCodingStandards/Get-RuleForPath.ps1 index 0003b5dc24..7636c32ce0 100644 --- a/scripts/PSCodingStandards/Get-RuleForPath.ps1 +++ b/scripts/PSCodingStandards/Get-RuleForPath.ps1 @@ -47,7 +47,7 @@ function Get-RuleForPath { } $modifiedPathWithReplacement = Join-Path (Resolve-Path . -Relative) $Path - # repalce "src" with "test" to make it match up + # replace "src" with "test" to make it match up $sep = [IO.Path]::DirectorySeparatorChar $modifiedPathWithReplacement = $modifiedPathWithReplacement.Replace( ($sep + "src" + $sep + "rules"), ($sep + "test" + $sep + "rules")) $modifiedPath = Join-Path (Resolve-Path . -Relative) $Path From 9d49f3d10623e335578035a5ee69a2dfe2416d51 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 8 Feb 2023 09:39:17 -0500 Subject: [PATCH 0433/2573] fixes --- .github/workflows/dispatch-matrix-check.yml | 5 ----- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 +- 2 files changed, 1 insertion(+), 6 deletions(-) diff --git a/.github/workflows/dispatch-matrix-check.yml b/.github/workflows/dispatch-matrix-check.yml index 5d3f9f261c..7da92294c2 100644 --- a/.github/workflows/dispatch-matrix-check.yml +++ b/.github/workflows/dispatch-matrix-check.yml @@ -1,11 +1,6 @@ name: 🤖 Run Matrix Check on: - push: - branches: - - main - - "rc/**" - - next pull_request: branches: - "**" diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index 2d05d38787..98c8058219 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -1,4 +1,4 @@ -// A POD class.. +// A POD class struct A { int f; int f2; From f515ab5bc19a7625492bd07ceaf88ca8df988cf0 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 8 Feb 2023 16:07:30 +0100 Subject: [PATCH 0434/2573] Replace .codeqlmanifest.json with codeql-workspace.yml --- .codeqlmanifest.json | 1 - .github/workflows/code-scanning-pack-gen.yml | 6 +++--- codeql-workspace.yml | 7 +++++++ scripts/get_workspace_packs.py | 14 +++++++------- 4 files changed, 17 insertions(+), 11 deletions(-) delete mode 100644 .codeqlmanifest.json create mode 100644 codeql-workspace.yml diff --git a/.codeqlmanifest.json b/.codeqlmanifest.json deleted file mode 100644 index e6aec98053..0000000000 --- a/.codeqlmanifest.json +++ /dev/null @@ -1 +0,0 @@ -{ "provide": [ "cpp/*/src/qlpack.yml", "cpp/*/test/qlpack.yml", "c/*/src/qlpack.yml", "c/*/test/qlpack.yml", "scripts/generate_modules/queries/qlpack.yml" ] } diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index ca03cb01a5..27653cf22c 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -87,11 +87,11 @@ jobs: run: | PATH=$PATH:$CODEQL_HOME/codeql - codeql query compile --threads 0 cpp - codeql query compile --threads 0 c + find c -name qlpack.yml -exec codeql pack create --threads=0 {} \; + find cpp -name qlpack.yml -exec codeql pack create --threads=0 {} \; cd .. - zip -r codeql-coding-standards/code-scanning-cpp-query-pack.zip codeql-coding-standards/c/ codeql-coding-standards/cpp/ codeql-coding-standards/.codeqlmanifest.json codeql-coding-standards/supported_codeql_configs.json codeql-coding-standards/scripts/configuration codeql-coding-standards/scripts/reports codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/guideline_recategorization codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/schemas + zip -r codeql-coding-standards/code-scanning-cpp-query-pack.zip codeql-coding-standards/c/ codeql-coding-standards/cpp/ codeql-coding-standards/codeql-workspace.yml codeql-coding-standards/supported_codeql_configs.json codeql-coding-standards/scripts/configuration codeql-coding-standards/scripts/reports codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/guideline_recategorization codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/schemas - name: Upload GHAS Query Pack uses: actions/upload-artifact@v2 diff --git a/codeql-workspace.yml b/codeql-workspace.yml new file mode 100644 index 0000000000..6c88c2e088 --- /dev/null +++ b/codeql-workspace.yml @@ -0,0 +1,7 @@ +provide: + - "cpp/*/src/qlpack.yml" + - "cpp/*/test/qlpack.yml" + - "c/*/src/qlpack.yml" + - "c/*/test/qlpack.yml" + - "scripts/generate_modules/queries/qlpack.yml" + \ No newline at end of file diff --git a/scripts/get_workspace_packs.py b/scripts/get_workspace_packs.py index fc9054c641..1833f1685c 100644 --- a/scripts/get_workspace_packs.py +++ b/scripts/get_workspace_packs.py @@ -1,14 +1,14 @@ import glob -import json +import yaml import os def get_workspace_packs(root): - # Find the packs by globbing using the 'provide' patterns in the manifest. + # Find the packs by globbing using the 'provide' patterns in the CodeQL workspace file. os.chdir(root) - with open('.codeqlmanifest.json') as manifest_file: - manifest = json.load(manifest_file) + with open('codeql-workspace.yml') as codeql_workspace_file: + codeql_workspace = yaml.load(codeql_workspace_file) packs = [] - for pattern in manifest['provide']: + for pattern in codeql_workspace['provide']: packs.extend(glob.glob(pattern, recursive=True)) - - return packs + + return packs \ No newline at end of file From 359d8ca057c42d3a0138c114562dbf9e89c49adc Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 8 Feb 2023 10:53:13 -0500 Subject: [PATCH 0435/2573] I think this is not needed --- c/misra/test/rules/RULE-17-3/test.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/c/misra/test/rules/RULE-17-3/test.c b/c/misra/test/rules/RULE-17-3/test.c index 6c9dd64836..9efc5db85b 100644 --- a/c/misra/test/rules/RULE-17-3/test.c +++ b/c/misra/test/rules/RULE-17-3/test.c @@ -1,5 +1,3 @@ -// semmle-extractor-options:--clang -std=c11 -nostdinc -// -I../../../../common/test/includes/standard-library double f1(double x); // COMPLIANT f2(double x); // NON_COMPLIANT From d3d4bd368ecb31cebd82f32d64e802869dcfe58a Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 8 Feb 2023 17:31:07 +0100 Subject: [PATCH 0436/2573] Revert "Replace .codeqlmanifest.json with codeql-workspace.yml" This reverts commit f515ab5bc19a7625492bd07ceaf88ca8df988cf0. --- .codeqlmanifest.json | 1 + .github/workflows/code-scanning-pack-gen.yml | 6 +++--- codeql-workspace.yml | 7 ------- scripts/get_workspace_packs.py | 14 +++++++------- 4 files changed, 11 insertions(+), 17 deletions(-) create mode 100644 .codeqlmanifest.json delete mode 100644 codeql-workspace.yml diff --git a/.codeqlmanifest.json b/.codeqlmanifest.json new file mode 100644 index 0000000000..e6aec98053 --- /dev/null +++ b/.codeqlmanifest.json @@ -0,0 +1 @@ +{ "provide": [ "cpp/*/src/qlpack.yml", "cpp/*/test/qlpack.yml", "c/*/src/qlpack.yml", "c/*/test/qlpack.yml", "scripts/generate_modules/queries/qlpack.yml" ] } diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index 27653cf22c..ca03cb01a5 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -87,11 +87,11 @@ jobs: run: | PATH=$PATH:$CODEQL_HOME/codeql - find c -name qlpack.yml -exec codeql pack create --threads=0 {} \; - find cpp -name qlpack.yml -exec codeql pack create --threads=0 {} \; + codeql query compile --threads 0 cpp + codeql query compile --threads 0 c cd .. - zip -r codeql-coding-standards/code-scanning-cpp-query-pack.zip codeql-coding-standards/c/ codeql-coding-standards/cpp/ codeql-coding-standards/codeql-workspace.yml codeql-coding-standards/supported_codeql_configs.json codeql-coding-standards/scripts/configuration codeql-coding-standards/scripts/reports codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/guideline_recategorization codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/schemas + zip -r codeql-coding-standards/code-scanning-cpp-query-pack.zip codeql-coding-standards/c/ codeql-coding-standards/cpp/ codeql-coding-standards/.codeqlmanifest.json codeql-coding-standards/supported_codeql_configs.json codeql-coding-standards/scripts/configuration codeql-coding-standards/scripts/reports codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/guideline_recategorization codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/schemas - name: Upload GHAS Query Pack uses: actions/upload-artifact@v2 diff --git a/codeql-workspace.yml b/codeql-workspace.yml deleted file mode 100644 index 6c88c2e088..0000000000 --- a/codeql-workspace.yml +++ /dev/null @@ -1,7 +0,0 @@ -provide: - - "cpp/*/src/qlpack.yml" - - "cpp/*/test/qlpack.yml" - - "c/*/src/qlpack.yml" - - "c/*/test/qlpack.yml" - - "scripts/generate_modules/queries/qlpack.yml" - \ No newline at end of file diff --git a/scripts/get_workspace_packs.py b/scripts/get_workspace_packs.py index 1833f1685c..fc9054c641 100644 --- a/scripts/get_workspace_packs.py +++ b/scripts/get_workspace_packs.py @@ -1,14 +1,14 @@ import glob -import yaml +import json import os def get_workspace_packs(root): - # Find the packs by globbing using the 'provide' patterns in the CodeQL workspace file. + # Find the packs by globbing using the 'provide' patterns in the manifest. os.chdir(root) - with open('codeql-workspace.yml') as codeql_workspace_file: - codeql_workspace = yaml.load(codeql_workspace_file) + with open('.codeqlmanifest.json') as manifest_file: + manifest = json.load(manifest_file) packs = [] - for pattern in codeql_workspace['provide']: + for pattern in manifest['provide']: packs.extend(glob.glob(pattern, recursive=True)) - - return packs \ No newline at end of file + + return packs From 27ca680f23c5995c947b20a450ba08959af6a529 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 8 Feb 2023 17:58:07 +0100 Subject: [PATCH 0437/2573] Typo fix COMPLAINT->COMPLIANT --- c/cert/test/rules/EXP40-C/test.c | 2 +- c/misra/test/rules/RULE-17-5/test.c | 16 ++++++++-------- c/misra/test/rules/RULE-17-7/test.c | 2 +- .../CStandardLibraryHeadersAreDeprecated.cpp | 2 +- .../deleteofpointertoincompleteclass/test.cpp | 4 ++-- .../rules/validcontainerelementaccess/test.cpp | 2 +- 6 files changed, 14 insertions(+), 14 deletions(-) diff --git a/c/cert/test/rules/EXP40-C/test.c b/c/cert/test/rules/EXP40-C/test.c index f8c9b6d545..dca79d3d36 100644 --- a/c/cert/test/rules/EXP40-C/test.c +++ b/c/cert/test/rules/EXP40-C/test.c @@ -24,7 +24,7 @@ void f2() { } void f4a(int *a) { - *a = 100; // NON_COMPLAINT + *a = 100; // NON_COMPLIANT } void f4b(int *a) {} diff --git a/c/misra/test/rules/RULE-17-5/test.c b/c/misra/test/rules/RULE-17-5/test.c index bbac126630..8e76a55642 100644 --- a/c/misra/test/rules/RULE-17-5/test.c +++ b/c/misra/test/rules/RULE-17-5/test.c @@ -15,32 +15,32 @@ void t1() { int ar4[4] = {1, 2, 3}; int *ar4p = ar4; - f1(0); // NON_COMPLAINT - f1(ar); // NON_COMPLAINT + f1(0); // NON_COMPLIANT + f1(ar); // NON_COMPLIANT f1(ar2); // COMPLIANT f1(ar2p); // NON_COMPLIANT f1(ar3); // COMPLIANT f1(ar3p); // COMPLIANT f1(ar4); // COMPLIANT - f2(0, 0); // NON_COMPLAINT - f2(0, ar); // NON_COMPLAINT + f2(0, 0); // NON_COMPLIANT + f2(0, ar); // NON_COMPLIANT f2(0, ar2); // COMPLIANT f2(0, ar2p); // NON_COMPLIANT f2(0, ar3); // COMPLIANT f2(0, ar3p); // COMPLIANT f2(0, ar4); // COMPLIANT - f3(0); // COMPLAINT - f3(ar); // COMPLAINT + f3(0); // COMPLIANT + f3(ar); // COMPLIANT f3(ar2); // COMPLIANT f3(ar2p); // COMPLIANT f3(ar3); // COMPLIANT f3(ar3p); // COMPLIANT f3(ar4); // COMPLIANT - f4(0, 0); // COMPLAINT - f4(0, ar); // COMPLAINT + f4(0, 0); // COMPLIANT + f4(0, ar); // COMPLIANT f4(0, ar2); // COMPLIANT f4(0, ar2p); // COMPLIANT f4(0, ar3); // COMPLIANT diff --git a/c/misra/test/rules/RULE-17-7/test.c b/c/misra/test/rules/RULE-17-7/test.c index bd58fc774e..1d31639275 100644 --- a/c/misra/test/rules/RULE-17-7/test.c +++ b/c/misra/test/rules/RULE-17-7/test.c @@ -3,7 +3,7 @@ int f2() { return 0; } int t1() { f1(); - f2(); // NON_COMPLAINT + f2(); // NON_COMPLIANT (void)f2(); // COMPLIANT int a = f2(); // COMPLIANT a = f2(); // COMPLIANT diff --git a/cpp/autosar/test/rules/A1-1-1/CStandardLibraryHeadersAreDeprecated.cpp b/cpp/autosar/test/rules/A1-1-1/CStandardLibraryHeadersAreDeprecated.cpp index b984336e54..a5149ac02a 100644 --- a/cpp/autosar/test/rules/A1-1-1/CStandardLibraryHeadersAreDeprecated.cpp +++ b/cpp/autosar/test/rules/A1-1-1/CStandardLibraryHeadersAreDeprecated.cpp @@ -1,5 +1,5 @@ #include // NON_COMPLIANT -#include // NON_COMPLAINT +#include // NON_COMPLIANT #include // NON_COMPLIANT #include // NON_COMPLIANT #include // NON_COMPLIANT diff --git a/cpp/common/test/rules/deleteofpointertoincompleteclass/test.cpp b/cpp/common/test/rules/deleteofpointertoincompleteclass/test.cpp index 2a5f002c67..c659a87740 100644 --- a/cpp/common/test/rules/deleteofpointertoincompleteclass/test.cpp +++ b/cpp/common/test/rules/deleteofpointertoincompleteclass/test.cpp @@ -1,7 +1,7 @@ class A { class B *impl; - void test() { delete impl; } // NON_COMPLAINT + void test() { delete impl; } // NON_COMPLIANT }; class D {}; @@ -9,5 +9,5 @@ class D {}; class C { class D *impl1; - void test() { delete impl1; } // COMPLAINT + void test() { delete impl1; } // COMPLIANT }; \ No newline at end of file diff --git a/cpp/common/test/rules/validcontainerelementaccess/test.cpp b/cpp/common/test/rules/validcontainerelementaccess/test.cpp index 45957ec141..55c94cf8f1 100644 --- a/cpp/common/test/rules/validcontainerelementaccess/test.cpp +++ b/cpp/common/test/rules/validcontainerelementaccess/test.cpp @@ -111,7 +111,7 @@ void f11(std::string cs) { const char *cp = cs.c_str(); const char *cpe = cp + 2; - while (cp < cpe) { // COMPLAINT + while (cp < cpe) { // COMPLIANT std::string arg(cp); // COMPLIANT cp += arg.size() + 1; } From f16f671129d9dafae18b458aefbd1c9f86dcd70b Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 8 Feb 2023 15:57:55 -0500 Subject: [PATCH 0438/2573] revert change --- c/misra/test/rules/RULE-17-3/test.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/c/misra/test/rules/RULE-17-3/test.c b/c/misra/test/rules/RULE-17-3/test.c index 9efc5db85b..6c9dd64836 100644 --- a/c/misra/test/rules/RULE-17-3/test.c +++ b/c/misra/test/rules/RULE-17-3/test.c @@ -1,3 +1,5 @@ +// semmle-extractor-options:--clang -std=c11 -nostdinc +// -I../../../../common/test/includes/standard-library double f1(double x); // COMPLIANT f2(double x); // NON_COMPLIANT From c2391975dcbb7bd7970a5482e62a705336fdb068 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Mon, 6 Feb 2023 17:18:37 +0100 Subject: [PATCH 0439/2573] EXP43-C: swap PointsTo with data-flow and fix typo --- ...AliasedPointerToRestrictQualifiedParam.md} | 0 ...AliasedPointerToRestrictQualifiedParam.ql} | 47 +++++++++++++------ ...trictPointerReferencesOverlappingObject.ql | 11 +---- ...dPointerToRestrictQualifiedParam.expected} | 0 ...iasedPointerToRestrictQualifiedParam.qlref | 1 + ...dPointerToRestrictQualifiedParameter.qlref | 1 - c/common/src/codingstandards/c/Variable.qll | 13 +++++ .../cpp/exclusions/c/Pointers3.qll | 16 +++---- rule_packages/c/Pointers3.json | 2 +- 9 files changed, 57 insertions(+), 34 deletions(-) rename c/cert/src/rules/EXP43-C/{DoNotPassAlisedPointerToRestrictQualifiedParameter.md => DoNotPassAliasedPointerToRestrictQualifiedParam.md} (100%) rename c/cert/src/rules/EXP43-C/{DoNotPassAlisedPointerToRestrictQualifiedParameter.ql => DoNotPassAliasedPointerToRestrictQualifiedParam.ql} (69%) rename c/cert/test/rules/EXP43-C/{DoNotPassAlisedPointerToRestrictQualifiedParameter.expected => DoNotPassAliasedPointerToRestrictQualifiedParam.expected} (100%) create mode 100644 c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.qlref delete mode 100644 c/cert/test/rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.qlref diff --git a/c/cert/src/rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.md b/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.md similarity index 100% rename from c/cert/src/rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.md rename to c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.md diff --git a/c/cert/src/rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.ql b/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql similarity index 69% rename from c/cert/src/rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.ql rename to c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql index 08c6cb638f..36bff0b06a 100644 --- a/c/cert/src/rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.ql +++ b/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql @@ -1,5 +1,5 @@ /** - * @id c/cert/do-not-pass-alised-pointer-to-restrict-qualified-parameter + * @id c/cert/do-not-pass-aliased-pointer-to-restrict-qualified-param * @name EXP43-C: Do not pass aliased pointers to restrict-qualified parameters * @description Passing an aliased pointer to a restrict-qualified parameter is undefined behavior. * @kind problem @@ -13,7 +13,8 @@ import cpp import codingstandards.c.cert import codingstandards.c.Pointers -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.c.Variable +import semmle.code.cpp.ir.dataflow.DataFlow import semmle.code.cpp.pointsto.PointsTo import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis @@ -67,10 +68,9 @@ class CallToFunctionWithRestrictParameters extends FunctionCall { /** * A `PointsToExpr` that is an argument of a pointer-type in a `CallToFunctionWithRestrictParameters` */ -class ArgPointsToExpr extends PointsToExpr { - override predicate interesting() { - any(CallToFunctionWithRestrictParameters call).getAnArgument() = this and - pointerValue(this) +class CallToFunctionWithRestrictParametersArgExpr extends Expr { + CallToFunctionWithRestrictParametersArgExpr() { + this = any(CallToFunctionWithRestrictParameters call).getAPtrArg() } } @@ -82,7 +82,7 @@ int getStatedValue(Expr e) { .minimum(min(Expr source | DataFlow::localExprFlow(source, e) | source.getValue().toInt())) } -int getPointerArithmeticOperandStatedValue(ArgPointsToExpr expr) { +int getPointerArithmeticOperandStatedValue(CallToFunctionWithRestrictParametersArgExpr expr) { result = getStatedValue(expr.(PointerArithmeticExpr).getOperand()) or // edge-case: &(array[index]) expressions @@ -94,18 +94,37 @@ int getPointerArithmeticOperandStatedValue(ArgPointsToExpr expr) { result = 0 } +class PointerValueToRestrictArgConfig extends DataFlow::Configuration { + PointerValueToRestrictArgConfig() { this = "PointerValueToRestrictArgConfig" } + + override predicate isSource(DataFlow::Node source) { pointerValue(source.asExpr()) } + + override predicate isSink(DataFlow::Node sink) { + exists(CallToFunctionWithRestrictParameters call | + sink.asExpr() = call.getAPtrArg().getAChild*() + ) + } +} + from - CallToFunctionWithRestrictParameters call, ArgPointsToExpr arg1, ArgPointsToExpr arg2, - int argOffset1, int argOffset2 + CallToFunctionWithRestrictParameters call, CallToFunctionWithRestrictParametersArgExpr arg1, + CallToFunctionWithRestrictParametersArgExpr arg2, int argOffset1, int argOffset2 where - not isExcluded(call, Pointers3Package::doNotPassAlisedPointerToRestrictQualifiedParameterQuery()) and + not isExcluded(call, Pointers3Package::doNotPassAliasedPointerToRestrictQualifiedParamQuery()) and arg1 = call.getARestrictPtrArg() and arg2 = call.getAPtrArg() and - // two arguments that point to the same object arg1 != arg2 and - arg1.pointsTo() = arg2.pointsTo() and - arg1.confidence() = 1.0 and - arg2.confidence() = 1.0 and + exists(PointerValueToRestrictArgConfig config, Expr source1, Expr source2 | + config.hasFlow(DataFlow::exprNode(source1), DataFlow::exprNode(arg1.getAChild*())) and + ( + // one pointer value flows to both args + config.hasFlow(DataFlow::exprNode(source1), DataFlow::exprNode(arg2.getAChild*())) + or + // there are two separate values that flow from an AddressOfExpr of the same target + getAddressOfExprTargetBase(source1) = getAddressOfExprTargetBase(source2) and + config.hasFlow(DataFlow::exprNode(source2), DataFlow::exprNode(arg2.getAChild*())) + ) + ) and // get the offset of the pointer arithmetic operand (or '0' if there is none) argOffset1 = getPointerArithmeticOperandStatedValue(arg1) and argOffset2 = getPointerArithmeticOperandStatedValue(arg2) and diff --git a/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql b/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql index 8974b835b6..212d0b06de 100644 --- a/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql +++ b/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql @@ -14,6 +14,7 @@ import cpp import semmle.code.cpp.dataflow.DataFlow import semmle.code.cpp.controlflow.Dominance import codingstandards.c.cert +import codingstandards.c.Variable /** * An `Expr` that is an assignment or initialization to a restrict-qualified pointer-type variable. @@ -29,16 +30,6 @@ class AssignmentOrInitializationToRestrictPtrValueExpr extends Expr { Variable getVariable() { result = v } } -/** - * Returns the target variable of a `VariableAccess`. - * If the access is a field access, then the target is the `Variable` of the qualifier. - */ -Variable getAddressOfExprTargetBase(AddressOfExpr expr) { - result = expr.getOperand().(ValueFieldAccess).getQualifier().(VariableAccess).getTarget() - or - result = expr.getOperand().(VariableAccess).getTarget() -} - /** * A data-flow configuration for tracking flow from an assignment or initialization to * an assignment to an `AssignmentOrInitializationToRestrictPtrValueExpr`. diff --git a/c/cert/test/rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.expected b/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.expected similarity index 100% rename from c/cert/test/rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.expected rename to c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.expected diff --git a/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.qlref b/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.qlref new file mode 100644 index 0000000000..6121235f17 --- /dev/null +++ b/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.qlref @@ -0,0 +1 @@ +rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql \ No newline at end of file diff --git a/c/cert/test/rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.qlref b/c/cert/test/rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.qlref deleted file mode 100644 index 937021c550..0000000000 --- a/c/cert/test/rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/EXP43-C/DoNotPassAlisedPointerToRestrictQualifiedParameter.ql \ No newline at end of file diff --git a/c/common/src/codingstandards/c/Variable.qll b/c/common/src/codingstandards/c/Variable.qll index 5f4492fdd6..40ec32aec5 100644 --- a/c/common/src/codingstandards/c/Variable.qll +++ b/c/common/src/codingstandards/c/Variable.qll @@ -38,3 +38,16 @@ class FlexibleArrayMemberCandidate extends MemberVariable { ) } } + +/** + * Returns the target variable of a `VariableAccess`. + * If the access is a field access, then the target is the `Variable` of the qualifier. + * If the access is an array access, then the target is the array base. + */ +Variable getAddressOfExprTargetBase(AddressOfExpr expr) { + result = expr.getOperand().(ValueFieldAccess).getQualifier().(VariableAccess).getTarget() + or + result = expr.getOperand().(VariableAccess).getTarget() + or + result = expr.getOperand().(ArrayExpr).getArrayBase().(VariableAccess).getTarget() +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers3.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers3.qll index 8cfc140f99..26a8c43446 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers3.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers3.qll @@ -7,7 +7,7 @@ newtype Pointers3Query = TDoNotAccessVolatileObjectWithNonVolatileReferenceQuery() or TDoNotCastPointerToMoreStrictlyAlignedPointerTypeQuery() or TDoNotAccessVariableViaPointerOfIncompatibleTypeQuery() or - TDoNotPassAlisedPointerToRestrictQualifiedParameterQuery() or + TDoNotPassAliasedPointerToRestrictQualifiedParamQuery() or TRestrictPointerReferencesOverlappingObjectQuery() predicate isPointers3QueryMetadata(Query query, string queryId, string ruleId, string category) { @@ -39,11 +39,11 @@ predicate isPointers3QueryMetadata(Query query, string queryId, string ruleId, s category = "rule" or query = - // `Query` instance for the `doNotPassAlisedPointerToRestrictQualifiedParameter` query - Pointers3Package::doNotPassAlisedPointerToRestrictQualifiedParameterQuery() and + // `Query` instance for the `doNotPassAliasedPointerToRestrictQualifiedParam` query + Pointers3Package::doNotPassAliasedPointerToRestrictQualifiedParamQuery() and queryId = - // `@id` for the `doNotPassAlisedPointerToRestrictQualifiedParameter` query - "c/cert/do-not-pass-alised-pointer-to-restrict-qualified-parameter" and + // `@id` for the `doNotPassAliasedPointerToRestrictQualifiedParam` query + "c/cert/do-not-pass-aliased-pointer-to-restrict-qualified-param" and ruleId = "EXP43-C" and category = "rule" or @@ -79,11 +79,11 @@ module Pointers3Package { TQueryC(TPointers3PackageQuery(TDoNotAccessVariableViaPointerOfIncompatibleTypeQuery())) } - Query doNotPassAlisedPointerToRestrictQualifiedParameterQuery() { + Query doNotPassAliasedPointerToRestrictQualifiedParamQuery() { //autogenerate `Query` type result = - // `Query` type for `doNotPassAlisedPointerToRestrictQualifiedParameter` query - TQueryC(TPointers3PackageQuery(TDoNotPassAlisedPointerToRestrictQualifiedParameterQuery())) + // `Query` type for `doNotPassAliasedPointerToRestrictQualifiedParam` query + TQueryC(TPointers3PackageQuery(TDoNotPassAliasedPointerToRestrictQualifiedParamQuery())) } Query restrictPointerReferencesOverlappingObjectQuery() { diff --git a/rule_packages/c/Pointers3.json b/rule_packages/c/Pointers3.json index c8188b38aa..a694300cd5 100644 --- a/rule_packages/c/Pointers3.json +++ b/rule_packages/c/Pointers3.json @@ -71,7 +71,7 @@ "name": "Do not pass aliased pointers to restrict-qualified parameters", "precision": "medium", "severity": "error", - "short_name": "DoNotPassAlisedPointerToRestrictQualifiedParameter", + "short_name": "DoNotPassAliasedPointerToRestrictQualifiedParam", "tags": [ "correctness" ] From 5f83cb6c3e92927930852858233ab9dab441a43e Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Thu, 9 Feb 2023 14:42:42 +0100 Subject: [PATCH 0440/2573] Update README.md: replace archive.org with live link --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index c9c6b7125e..057877578c 100644 --- a/README.md +++ b/README.md @@ -9,7 +9,7 @@ _Carnegie Mellon and CERT are registered trademarks of Carnegie Mellon Universit This repository contains CodeQL queries and libraries which support various Coding Standards for the [C++14](https://www.iso.org/standard/64029.html) programming language. The following coding standards are supported: -- [AUTOSAR - Guidelines for the use of C++14 language in critical and safety-related systems Release 20-11](https://web.archive.org/web/20220111042754/https://www.autosar.org/fileadmin/user_upload/standards/adaptive/20-11/AUTOSAR_RS_CPP14Guidelines.pdf) +- [AUTOSAR - Guidelines for the use of C++14 language in critical and safety-related systems Release 20-11](https://www.autosar.org/fileadmin/standards/adaptive/20-11/AUTOSAR_RS_CPP14Guidelines.pdf) - [MISRA C++:2008](https://www.misra.org.uk) (support limited to the rules specified in AUTOSAR 20-11). - [SEI CERT C++ Coding Standard: Rules for Developing Safe, Reliable, and Secure Systems (2016 Edition)](https://resources.sei.cmu.edu/library/asset-view.cfm?assetID=494932) From 9ef90871a95683337b69b4198fdfb23b0124c16a Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Thu, 9 Feb 2023 15:14:19 +0100 Subject: [PATCH 0441/2573] Fix broken links and update 19-11 refs to 20-11 --- docs/user_manual.md | 2 +- scripts/generate_rules/generate_package_files.py | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/user_manual.md b/docs/user_manual.md index b9c9666946..e6d54974ca 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -48,7 +48,7 @@ The _CodeQL Coding Standards_ product is a set of CodeQL queries for identifying | Standard | Version | Total rules | Total supportable rules | Status | | -------------------------------------------------------------------------------------------------------------------- | ------- | ----------- | ----------------------- | ----------------- | -| [AUTOSAR C++](https://www.autosar.org/fileadmin/user_upload/standards/adaptive/20-11/AUTOSAR_RS_CPP14Guidelines.pdf) | 20-11 | 397 | 375 | Implemented | +| [AUTOSAR C++](https://www.autosar.org/fileadmin/standards/adaptive/20-11/AUTOSAR_RS_CPP14Guidelines.pdf) | 20-11 | 397 | 375 | Implemented | | [CERT-C++](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-cpp-coding-standard-2016-v01.pdf) | 2016 | 83 | 83 | Implemented | | [CERT C](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-c-coding-standard-2016-v01.pdf) | 2016 | 99 | 99 | Under development | | [MISRA C](https://www.misra.org.uk/product/misra-c2012-third-edition-first-revision/) | 2012 | 172 | 169 | Under development | diff --git a/scripts/generate_rules/generate_package_files.py b/scripts/generate_rules/generate_package_files.py index e34a2c1f3b..daca3cebd1 100644 --- a/scripts/generate_rules/generate_package_files.py +++ b/scripts/generate_rules/generate_package_files.py @@ -49,7 +49,7 @@ }, "AUTOSAR" : { "standard_title" : "AUTOSAR: Guidelines for the use of the C++14 language in critical and safety-related systems", - "standard_url" : "https://www.autosar.org/fileadmin/user_upload/standards/adaptive/19-11/AUTOSAR_RS_CPP14Guidelines.pdf" + "standard_url" : "https://www.autosar.org/fileadmin/standards/adaptive/20-11/AUTOSAR_RS_CPP14Guidelines.pdf" }, "CERT-C" : { "standard_title" : "CERT-C", @@ -368,7 +368,7 @@ def generate_package_files(package_name: str) -> None: query["standard_title"] = "AUTOSAR: Guidelines for the use of the C++14 language in critical and safety-related systems" query[ "standard_url" - ] = "https://www.autosar.org/fileadmin/user_upload/standards/adaptive/19-11/AUTOSAR_RS_CPP14Guidelines.pdf" + ] = "https://www.autosar.org/fileadmin/standards/adaptive/20-11/AUTOSAR_RS_CPP14Guidelines.pdf" help_dir = None if standard_name in external_help_file_standards: From 9cc6fbeab214f5f6bc0ec4c4190640d706ee68b5 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 9 Feb 2023 14:26:51 -0500 Subject: [PATCH 0442/2573] test refactoring --- .../rules/A1-1-2.1/CompilerWarningLevelNotInCompliance.expected | 0 .../rules/A1-1-2.1/CompilerWarningLevelNotInCompliance.qlref | 1 + cpp/autosar/test/rules/{A1-1-2 => A1-1-2.1}/foo | 0 cpp/autosar/test/rules/A1-1-2.1/options.clang | 1 + cpp/autosar/test/rules/A1-1-2.1/options.gcc | 1 + cpp/autosar/test/rules/{A1-1-2 => A1-1-2.1}/responsefile.cpp | 0 .../rules/A1-1-2.2/CompilerWarningLevelNotInCompliance.expected | 0 .../rules/A1-1-2.2/CompilerWarningLevelNotInCompliance.qlref | 1 + .../test/rules/{A1-1-2 => A1-1-2.2}/Wcast-function-type.cpp | 0 cpp/autosar/test/rules/A1-1-2.2/options.clang | 1 + cpp/autosar/test/rules/A1-1-2.2/options.gcc | 1 + .../rules/A1-1-2.3/CompilerWarningLevelNotInCompliance.expected | 1 + .../rules/A1-1-2.3/CompilerWarningLevelNotInCompliance.qlref | 1 + cpp/autosar/test/rules/{A1-1-2 => A1-1-2.3}/test.cpp | 0 .../rules/A1-1-2/CompilerWarningLevelNotInCompliance.expected | 1 - cpp/autosar/test/rules/A1-1-2/Wextra.cpp | 2 -- cpp/autosar/test/rules/A1-1-2/options.clang | 1 + cpp/autosar/test/rules/A1-1-2/options.gcc | 1 + cpp/autosar/test/rules/A1-1-3/options.gcc | 1 + 19 files changed, 11 insertions(+), 3 deletions(-) create mode 100644 cpp/autosar/test/rules/A1-1-2.1/CompilerWarningLevelNotInCompliance.expected create mode 100644 cpp/autosar/test/rules/A1-1-2.1/CompilerWarningLevelNotInCompliance.qlref rename cpp/autosar/test/rules/{A1-1-2 => A1-1-2.1}/foo (100%) create mode 100644 cpp/autosar/test/rules/A1-1-2.1/options.clang create mode 100644 cpp/autosar/test/rules/A1-1-2.1/options.gcc rename cpp/autosar/test/rules/{A1-1-2 => A1-1-2.1}/responsefile.cpp (100%) create mode 100644 cpp/autosar/test/rules/A1-1-2.2/CompilerWarningLevelNotInCompliance.expected create mode 100644 cpp/autosar/test/rules/A1-1-2.2/CompilerWarningLevelNotInCompliance.qlref rename cpp/autosar/test/rules/{A1-1-2 => A1-1-2.2}/Wcast-function-type.cpp (100%) create mode 100644 cpp/autosar/test/rules/A1-1-2.2/options.clang create mode 100644 cpp/autosar/test/rules/A1-1-2.2/options.gcc create mode 100644 cpp/autosar/test/rules/A1-1-2.3/CompilerWarningLevelNotInCompliance.expected create mode 100644 cpp/autosar/test/rules/A1-1-2.3/CompilerWarningLevelNotInCompliance.qlref rename cpp/autosar/test/rules/{A1-1-2 => A1-1-2.3}/test.cpp (100%) delete mode 100644 cpp/autosar/test/rules/A1-1-2/Wextra.cpp create mode 100644 cpp/autosar/test/rules/A1-1-2/options.clang create mode 100644 cpp/autosar/test/rules/A1-1-2/options.gcc create mode 100644 cpp/autosar/test/rules/A1-1-3/options.gcc diff --git a/cpp/autosar/test/rules/A1-1-2.1/CompilerWarningLevelNotInCompliance.expected b/cpp/autosar/test/rules/A1-1-2.1/CompilerWarningLevelNotInCompliance.expected new file mode 100644 index 0000000000..e69de29bb2 diff --git a/cpp/autosar/test/rules/A1-1-2.1/CompilerWarningLevelNotInCompliance.qlref b/cpp/autosar/test/rules/A1-1-2.1/CompilerWarningLevelNotInCompliance.qlref new file mode 100644 index 0000000000..30fb98b639 --- /dev/null +++ b/cpp/autosar/test/rules/A1-1-2.1/CompilerWarningLevelNotInCompliance.qlref @@ -0,0 +1 @@ +rules/A1-1-2/CompilerWarningLevelNotInCompliance.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A1-1-2/foo b/cpp/autosar/test/rules/A1-1-2.1/foo similarity index 100% rename from cpp/autosar/test/rules/A1-1-2/foo rename to cpp/autosar/test/rules/A1-1-2.1/foo diff --git a/cpp/autosar/test/rules/A1-1-2.1/options.clang b/cpp/autosar/test/rules/A1-1-2.1/options.clang new file mode 100644 index 0000000000..d88b8ee03d --- /dev/null +++ b/cpp/autosar/test/rules/A1-1-2.1/options.clang @@ -0,0 +1 @@ +@foo \ No newline at end of file diff --git a/cpp/autosar/test/rules/A1-1-2.1/options.gcc b/cpp/autosar/test/rules/A1-1-2.1/options.gcc new file mode 100644 index 0000000000..d88b8ee03d --- /dev/null +++ b/cpp/autosar/test/rules/A1-1-2.1/options.gcc @@ -0,0 +1 @@ +@foo \ No newline at end of file diff --git a/cpp/autosar/test/rules/A1-1-2/responsefile.cpp b/cpp/autosar/test/rules/A1-1-2.1/responsefile.cpp similarity index 100% rename from cpp/autosar/test/rules/A1-1-2/responsefile.cpp rename to cpp/autosar/test/rules/A1-1-2.1/responsefile.cpp diff --git a/cpp/autosar/test/rules/A1-1-2.2/CompilerWarningLevelNotInCompliance.expected b/cpp/autosar/test/rules/A1-1-2.2/CompilerWarningLevelNotInCompliance.expected new file mode 100644 index 0000000000..e69de29bb2 diff --git a/cpp/autosar/test/rules/A1-1-2.2/CompilerWarningLevelNotInCompliance.qlref b/cpp/autosar/test/rules/A1-1-2.2/CompilerWarningLevelNotInCompliance.qlref new file mode 100644 index 0000000000..30fb98b639 --- /dev/null +++ b/cpp/autosar/test/rules/A1-1-2.2/CompilerWarningLevelNotInCompliance.qlref @@ -0,0 +1 @@ +rules/A1-1-2/CompilerWarningLevelNotInCompliance.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A1-1-2/Wcast-function-type.cpp b/cpp/autosar/test/rules/A1-1-2.2/Wcast-function-type.cpp similarity index 100% rename from cpp/autosar/test/rules/A1-1-2/Wcast-function-type.cpp rename to cpp/autosar/test/rules/A1-1-2.2/Wcast-function-type.cpp diff --git a/cpp/autosar/test/rules/A1-1-2.2/options.clang b/cpp/autosar/test/rules/A1-1-2.2/options.clang new file mode 100644 index 0000000000..7c5542f288 --- /dev/null +++ b/cpp/autosar/test/rules/A1-1-2.2/options.clang @@ -0,0 +1 @@ +-Wcast-function-type \ No newline at end of file diff --git a/cpp/autosar/test/rules/A1-1-2.2/options.gcc b/cpp/autosar/test/rules/A1-1-2.2/options.gcc new file mode 100644 index 0000000000..7c5542f288 --- /dev/null +++ b/cpp/autosar/test/rules/A1-1-2.2/options.gcc @@ -0,0 +1 @@ +-Wcast-function-type \ No newline at end of file diff --git a/cpp/autosar/test/rules/A1-1-2.3/CompilerWarningLevelNotInCompliance.expected b/cpp/autosar/test/rules/A1-1-2.3/CompilerWarningLevelNotInCompliance.expected new file mode 100644 index 0000000000..cf114e0569 --- /dev/null +++ b/cpp/autosar/test/rules/A1-1-2.3/CompilerWarningLevelNotInCompliance.expected @@ -0,0 +1 @@ +| test.cpp:0:0:0:0 | test.cpp | No warning-level options were used in the compilation of 'test.cpp'. | diff --git a/cpp/autosar/test/rules/A1-1-2.3/CompilerWarningLevelNotInCompliance.qlref b/cpp/autosar/test/rules/A1-1-2.3/CompilerWarningLevelNotInCompliance.qlref new file mode 100644 index 0000000000..30fb98b639 --- /dev/null +++ b/cpp/autosar/test/rules/A1-1-2.3/CompilerWarningLevelNotInCompliance.qlref @@ -0,0 +1 @@ +rules/A1-1-2/CompilerWarningLevelNotInCompliance.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A1-1-2/test.cpp b/cpp/autosar/test/rules/A1-1-2.3/test.cpp similarity index 100% rename from cpp/autosar/test/rules/A1-1-2/test.cpp rename to cpp/autosar/test/rules/A1-1-2.3/test.cpp diff --git a/cpp/autosar/test/rules/A1-1-2/CompilerWarningLevelNotInCompliance.expected b/cpp/autosar/test/rules/A1-1-2/CompilerWarningLevelNotInCompliance.expected index cf114e0569..e69de29bb2 100644 --- a/cpp/autosar/test/rules/A1-1-2/CompilerWarningLevelNotInCompliance.expected +++ b/cpp/autosar/test/rules/A1-1-2/CompilerWarningLevelNotInCompliance.expected @@ -1 +0,0 @@ -| test.cpp:0:0:0:0 | test.cpp | No warning-level options were used in the compilation of 'test.cpp'. | diff --git a/cpp/autosar/test/rules/A1-1-2/Wextra.cpp b/cpp/autosar/test/rules/A1-1-2/Wextra.cpp deleted file mode 100644 index fed8af5f45..0000000000 --- a/cpp/autosar/test/rules/A1-1-2/Wextra.cpp +++ /dev/null @@ -1,2 +0,0 @@ -// semmle-extractor-options: --clang -std=c++14 -Wextra -// COMPLIANT \ No newline at end of file diff --git a/cpp/autosar/test/rules/A1-1-2/options.clang b/cpp/autosar/test/rules/A1-1-2/options.clang new file mode 100644 index 0000000000..16bcca5afe --- /dev/null +++ b/cpp/autosar/test/rules/A1-1-2/options.clang @@ -0,0 +1 @@ +-Wall \ No newline at end of file diff --git a/cpp/autosar/test/rules/A1-1-2/options.gcc b/cpp/autosar/test/rules/A1-1-2/options.gcc new file mode 100644 index 0000000000..16bcca5afe --- /dev/null +++ b/cpp/autosar/test/rules/A1-1-2/options.gcc @@ -0,0 +1 @@ +-Wall \ No newline at end of file diff --git a/cpp/autosar/test/rules/A1-1-3/options.gcc b/cpp/autosar/test/rules/A1-1-3/options.gcc new file mode 100644 index 0000000000..700c89341d --- /dev/null +++ b/cpp/autosar/test/rules/A1-1-3/options.gcc @@ -0,0 +1 @@ +-Ofast -ffast-math -fgnu-keywords -fno-signed-zeroes -menable-unsafe-fp-math -menable-no-nans -menable-no-infs -menable-unsafe-fp-math -ffinite-math-only -ffloat-store \ No newline at end of file From 60dc594d7ecbd09521a85b7397c2b7929234fc8f Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Mon, 6 Feb 2023 23:58:47 +0000 Subject: [PATCH 0443/2573] EssentialTypes: Refine set of rules and commit package files. --- .../cpp/exclusions/c/EssentialTypes.qll | 197 ++++++++++++++++++ .../cpp/exclusions/c/RuleMetadata.qll | 3 + rule_packages/c/EssentialTypes.json | 183 ++++++++++++++++ rules.csv | 4 +- 4 files changed, 385 insertions(+), 2 deletions(-) create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/EssentialTypes.qll create mode 100644 rule_packages/c/EssentialTypes.json diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/EssentialTypes.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/EssentialTypes.qll new file mode 100644 index 0000000000..5e3be0cebb --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/EssentialTypes.qll @@ -0,0 +1,197 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype EssentialTypesQuery = + TOperandsOfAnInappropriateEssentialTypeQuery() or + TPointerTypeOnLogicalOperatorQuery() or + TAdditionSubtractionOnEssentiallyCharTypeQuery() or + TAssignmentOfIncompatibleEssentialTypeQuery() or + TOperandsWithMismatchedEssentialTypeCategoryQuery() or + TInappropriateEssentialTypeCastQuery() or + TAssignmentToWiderEssentialTypeQuery() or + TImplicitConversionOfCompositeExpressionQuery() or + TInappropriateCastOfCompositeExpressionQuery() or + TLoopOverEssentiallyFloatTypeQuery() or + TMemcmpOnInappropriateEssentialTypeArgsQuery() + +predicate isEssentialTypesQueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `operandsOfAnInappropriateEssentialType` query + EssentialTypesPackage::operandsOfAnInappropriateEssentialTypeQuery() and + queryId = + // `@id` for the `operandsOfAnInappropriateEssentialType` query + "c/misra/operands-of-an-inappropriate-essential-type" and + ruleId = "RULE-10-1" and + category = "required" + or + query = + // `Query` instance for the `pointerTypeOnLogicalOperator` query + EssentialTypesPackage::pointerTypeOnLogicalOperatorQuery() and + queryId = + // `@id` for the `pointerTypeOnLogicalOperator` query + "c/misra/pointer-type-on-logical-operator" and + ruleId = "RULE-10-1" and + category = "required" + or + query = + // `Query` instance for the `additionSubtractionOnEssentiallyCharType` query + EssentialTypesPackage::additionSubtractionOnEssentiallyCharTypeQuery() and + queryId = + // `@id` for the `additionSubtractionOnEssentiallyCharType` query + "c/misra/addition-subtraction-on-essentially-char-type" and + ruleId = "RULE-10-2" and + category = "required" + or + query = + // `Query` instance for the `assignmentOfIncompatibleEssentialType` query + EssentialTypesPackage::assignmentOfIncompatibleEssentialTypeQuery() and + queryId = + // `@id` for the `assignmentOfIncompatibleEssentialType` query + "c/misra/assignment-of-incompatible-essential-type" and + ruleId = "RULE-10-3" and + category = "required" + or + query = + // `Query` instance for the `operandsWithMismatchedEssentialTypeCategory` query + EssentialTypesPackage::operandsWithMismatchedEssentialTypeCategoryQuery() and + queryId = + // `@id` for the `operandsWithMismatchedEssentialTypeCategory` query + "c/misra/operands-with-mismatched-essential-type-category" and + ruleId = "RULE-10-4" and + category = "required" + or + query = + // `Query` instance for the `inappropriateEssentialTypeCast` query + EssentialTypesPackage::inappropriateEssentialTypeCastQuery() and + queryId = + // `@id` for the `inappropriateEssentialTypeCast` query + "c/misra/inappropriate-essential-type-cast" and + ruleId = "RULE-10-5" and + category = "advisory" + or + query = + // `Query` instance for the `assignmentToWiderEssentialType` query + EssentialTypesPackage::assignmentToWiderEssentialTypeQuery() and + queryId = + // `@id` for the `assignmentToWiderEssentialType` query + "c/misra/assignment-to-wider-essential-type" and + ruleId = "RULE-10-6" and + category = "required" + or + query = + // `Query` instance for the `implicitConversionOfCompositeExpression` query + EssentialTypesPackage::implicitConversionOfCompositeExpressionQuery() and + queryId = + // `@id` for the `implicitConversionOfCompositeExpression` query + "c/misra/implicit-conversion-of-composite-expression" and + ruleId = "RULE-10-7" and + category = "required" + or + query = + // `Query` instance for the `inappropriateCastOfCompositeExpression` query + EssentialTypesPackage::inappropriateCastOfCompositeExpressionQuery() and + queryId = + // `@id` for the `inappropriateCastOfCompositeExpression` query + "c/misra/inappropriate-cast-of-composite-expression" and + ruleId = "RULE-10-8" and + category = "required" + or + query = + // `Query` instance for the `loopOverEssentiallyFloatType` query + EssentialTypesPackage::loopOverEssentiallyFloatTypeQuery() and + queryId = + // `@id` for the `loopOverEssentiallyFloatType` query + "c/misra/loop-over-essentially-float-type" and + ruleId = "RULE-14-1" and + category = "required" + or + query = + // `Query` instance for the `memcmpOnInappropriateEssentialTypeArgs` query + EssentialTypesPackage::memcmpOnInappropriateEssentialTypeArgsQuery() and + queryId = + // `@id` for the `memcmpOnInappropriateEssentialTypeArgs` query + "c/misra/memcmp-on-inappropriate-essential-type-args" and + ruleId = "RULE-21-16" and + category = "required" +} + +module EssentialTypesPackage { + Query operandsOfAnInappropriateEssentialTypeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `operandsOfAnInappropriateEssentialType` query + TQueryC(TEssentialTypesPackageQuery(TOperandsOfAnInappropriateEssentialTypeQuery())) + } + + Query pointerTypeOnLogicalOperatorQuery() { + //autogenerate `Query` type + result = + // `Query` type for `pointerTypeOnLogicalOperator` query + TQueryC(TEssentialTypesPackageQuery(TPointerTypeOnLogicalOperatorQuery())) + } + + Query additionSubtractionOnEssentiallyCharTypeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `additionSubtractionOnEssentiallyCharType` query + TQueryC(TEssentialTypesPackageQuery(TAdditionSubtractionOnEssentiallyCharTypeQuery())) + } + + Query assignmentOfIncompatibleEssentialTypeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `assignmentOfIncompatibleEssentialType` query + TQueryC(TEssentialTypesPackageQuery(TAssignmentOfIncompatibleEssentialTypeQuery())) + } + + Query operandsWithMismatchedEssentialTypeCategoryQuery() { + //autogenerate `Query` type + result = + // `Query` type for `operandsWithMismatchedEssentialTypeCategory` query + TQueryC(TEssentialTypesPackageQuery(TOperandsWithMismatchedEssentialTypeCategoryQuery())) + } + + Query inappropriateEssentialTypeCastQuery() { + //autogenerate `Query` type + result = + // `Query` type for `inappropriateEssentialTypeCast` query + TQueryC(TEssentialTypesPackageQuery(TInappropriateEssentialTypeCastQuery())) + } + + Query assignmentToWiderEssentialTypeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `assignmentToWiderEssentialType` query + TQueryC(TEssentialTypesPackageQuery(TAssignmentToWiderEssentialTypeQuery())) + } + + Query implicitConversionOfCompositeExpressionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `implicitConversionOfCompositeExpression` query + TQueryC(TEssentialTypesPackageQuery(TImplicitConversionOfCompositeExpressionQuery())) + } + + Query inappropriateCastOfCompositeExpressionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `inappropriateCastOfCompositeExpression` query + TQueryC(TEssentialTypesPackageQuery(TInappropriateCastOfCompositeExpressionQuery())) + } + + Query loopOverEssentiallyFloatTypeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `loopOverEssentiallyFloatType` query + TQueryC(TEssentialTypesPackageQuery(TLoopOverEssentiallyFloatTypeQuery())) + } + + Query memcmpOnInappropriateEssentialTypeArgsQuery() { + //autogenerate `Query` type + result = + // `Query` type for `memcmpOnInappropriateEssentialTypeArgs` query + TQueryC(TEssentialTypesPackageQuery(TMemcmpOnInappropriateEssentialTypeArgsQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index 004719516c..ff0142b94d 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -16,6 +16,7 @@ import Declarations1 import Declarations2 import Declarations3 import Declarations4 +import EssentialTypes import Expressions import IO1 import IO2 @@ -55,6 +56,7 @@ newtype TCQuery = TDeclarations2PackageQuery(Declarations2Query q) or TDeclarations3PackageQuery(Declarations3Query q) or TDeclarations4PackageQuery(Declarations4Query q) or + TEssentialTypesPackageQuery(EssentialTypesQuery q) or TExpressionsPackageQuery(ExpressionsQuery q) or TIO1PackageQuery(IO1Query q) or TIO2PackageQuery(IO2Query q) or @@ -94,6 +96,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isDeclarations2QueryMetadata(query, queryId, ruleId, category) or isDeclarations3QueryMetadata(query, queryId, ruleId, category) or isDeclarations4QueryMetadata(query, queryId, ruleId, category) or + isEssentialTypesQueryMetadata(query, queryId, ruleId, category) or isExpressionsQueryMetadata(query, queryId, ruleId, category) or isIO1QueryMetadata(query, queryId, ruleId, category) or isIO2QueryMetadata(query, queryId, ruleId, category) or diff --git a/rule_packages/c/EssentialTypes.json b/rule_packages/c/EssentialTypes.json new file mode 100644 index 0000000000..15c01100b9 --- /dev/null +++ b/rule_packages/c/EssentialTypes.json @@ -0,0 +1,183 @@ +{ + "MISRA-C-2012": { + "RULE-10-1": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "Operands shall not be of an inappropriate essential type", + "precision": "very-high", + "severity": "error", + "short_name": "OperandsOfAnInappropriateEssentialType", + "tags": [] + }, + { + "description": "", + "kind": "problem", + "name": "Logical operators should not be used with pointer types", + "precision": "very-high", + "severity": "error", + "short_name": "PointerTypeOnLogicalOperator", + "tags": [] + } + ], + "title": "Operands shall not be of an inappropriate essential type" + }, + "RULE-10-2": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations", + "kind": "problem", + "name": "Expressions of essentially character type shall not be used inappropriately in addition and", + "precision": "very-high", + "severity": "error", + "short_name": "AdditionSubtractionOnEssentiallyCharType", + "tags": [] + } + ], + "title": "Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations" + }, + "RULE-10-3": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "The value of an expression shall not be assigned to an object with a narrower essential type or of a different essential type category", + "kind": "problem", + "name": "The value of an expression shall not be assigned to an object with a narrower essential type or of a", + "precision": "high", + "severity": "error", + "short_name": "AssignmentOfIncompatibleEssentialType", + "tags": [] + } + ], + "title": "The value of an expression shall not be assigned to an object with a narrower essential type or of a different essential type category" + }, + "RULE-10-4": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Both operands of an operator in which the usual arithmetic conversions are performed shall have the same essential type category", + "kind": "problem", + "name": "Both operands of an operator in which the usual arithmetic conversions are performed shall have the", + "precision": "very-high", + "severity": "error", + "short_name": "OperandsWithMismatchedEssentialTypeCategory", + "tags": [] + } + ], + "title": "Both operands of an operator in which the usual arithmetic conversions are performed shall have the same essential type category" + }, + "RULE-10-5": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "The value of an expression should not be cast to an inappropriate essential type", + "precision": "very-high", + "severity": "error", + "short_name": "InappropriateEssentialTypeCast", + "tags": [] + } + ], + "title": "The value of an expression should not be cast to an inappropriate essential type" + }, + "RULE-10-6": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "The value of a composite expression shall not be assigned to an object with wider essential type", + "precision": "very-high", + "severity": "error", + "short_name": "AssignmentToWiderEssentialType", + "tags": [] + } + ], + "title": "The value of a composite expression shall not be assigned to an object with wider essential type" + }, + "RULE-10-7": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "If a composite expression is used as one operand of an operator in which the usual arithmetic conversions are performed then the other operand shall not have wider essential type", + "kind": "problem", + "name": "If a composite expression is used as one operand of an operator in which the usual arithmetic", + "precision": "very-high", + "severity": "error", + "short_name": "ImplicitConversionOfCompositeExpression", + "tags": [] + } + ], + "title": "If a composite expression is used as one operand of an operator in which the usual arithmetic conversions are performed then the other operand shall not have wider essential type" + }, + "RULE-10-8": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "The value of a composite expression shall not be cast to a different essential type category or a wider essential type", + "kind": "problem", + "name": "The value of a composite expression shall not be cast to a different essential type category or a", + "precision": "very-high", + "severity": "error", + "short_name": "InappropriateCastOfCompositeExpression", + "tags": [] + } + ], + "title": "The value of a composite expression shall not be cast to a different essential type category or a wider essential type" + }, + "RULE-14-1": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "A loop counter shall not have essentially floating type", + "precision": "high", + "severity": "error", + "short_name": "LoopOverEssentiallyFloatType", + "tags": [] + } + ], + "title": "A loop counter shall not have essentially floating type" + }, + "RULE-21-16": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "The pointer arguments to the Standard Library function memcmp shall point to either a pointer type, an essentially signed type, an essentially unsigned type, an essentially Boolean type or an essentially enum type", + "kind": "problem", + "name": "The pointer arguments to the Standard Library function memcmp shall point to either a pointer type,", + "precision": "very-high", + "severity": "error", + "short_name": "MemcmpOnInappropriateEssentialTypeArgs", + "tags": [] + } + ], + "title": "The pointer arguments to the Standard Library function memcmp shall point to either a pointer type, an essentially signed type, an essentially unsigned type, an essentially Boolean type or an essentially enum type" + } + } +} \ No newline at end of file diff --git a/rules.csv b/rules.csv index d6d625bfe2..e89f2bc18b 100644 --- a/rules.csv +++ b/rules.csv @@ -756,9 +756,9 @@ c,MISRA-C-2012,RULE-21-10,Yes,Required,,,The Standard Library time and date func c,MISRA-C-2012,RULE-21-11,Yes,Required,,,The standard header file shall not be used,,Banned,Easy, c,MISRA-C-2012,RULE-21-12,Yes,Advisory,,,The exception handling features of should not be used,,Banned,Easy, c,MISRA-C-2012,RULE-21-13,Yes,Mandatory,,,Any value passed to a function in shall be representable as an unsigned char or be the value EOF,,Types,Medium, -c,MISRA-C-2012,RULE-21-14,Yes,Required,,,The Standard Library function memcmp shall not be used to compare null terminated strings,,EssentialTypes,Hard, +c,MISRA-C-2012,RULE-21-14,Yes,Required,,,The Standard Library function memcmp shall not be used to compare null terminated strings,,Types,Hard, c,MISRA-C-2012,RULE-21-15,Yes,Required,,,"The pointer arguments to the Standard Library functions memcpy, memmove and memcmp shall be pointers to qualified or unqualified versions of compatible types",,Types,Medium, -c,MISRA-C-2012,RULE-21-16,Yes,Required,,,"The pointer arguments to the Standard Library function memcmp shall point to either a pointer type, an essentially signed type, an essentially unsigned type, an essentially Boolean type or an essentially enum type",,Types,Medium, +c,MISRA-C-2012,RULE-21-16,Yes,Required,,,"The pointer arguments to the Standard Library function memcmp shall point to either a pointer type, an essentially signed type, an essentially unsigned type, an essentially Boolean type or an essentially enum type",,EssentialTypes,Medium, c,MISRA-C-2012,RULE-21-17,Yes,Mandatory,,,Use of the string handling functions from shall not result in accesses beyond the bounds of the objects referenced by their pointer parameters,,Memory,Hard, c,MISRA-C-2012,RULE-21-18,Yes,Mandatory,,,The size_t argument passed to any function in shall have an appropriate value,,OutOfBounds,Hard, c,MISRA-C-2012,RULE-21-19,Yes,Mandatory,,,"The pointers returned by the Standard Library functions localeconv, getenv, setlocale or, strerror shall only be used as if they have pointer to const-qualified type",ENV30-C,Contracts2,Medium, From 656497c4758e93f951801d133891bf21449f5e4c Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 10 Feb 2023 09:54:07 -0500 Subject: [PATCH 0444/2573] changelog --- change_notes/2023-02-10-refactor-test-cases.md | 1 + 1 file changed, 1 insertion(+) create mode 100644 change_notes/2023-02-10-refactor-test-cases.md diff --git a/change_notes/2023-02-10-refactor-test-cases.md b/change_notes/2023-02-10-refactor-test-cases.md new file mode 100644 index 0000000000..1563c31b49 --- /dev/null +++ b/change_notes/2023-02-10-refactor-test-cases.md @@ -0,0 +1 @@ + - `A1-1-2`: Refactored this test case to support better cross-compiler testing. \ No newline at end of file From 81c3c267ab24371560dcb3bbf115481b25c780bf Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 10 Feb 2023 11:47:44 -0500 Subject: [PATCH 0445/2573] fixes --- change_notes/2023-02-10-refactor-test-cases.md | 3 ++- .../UncompliantOptimizationOptionMustBeDisabledInCompiler.ql | 2 +- cpp/autosar/test/rules/A1-1-3/options.clang | 2 +- cpp/autosar/test/rules/A1-1-3/options.gcc | 2 +- 4 files changed, 5 insertions(+), 4 deletions(-) diff --git a/change_notes/2023-02-10-refactor-test-cases.md b/change_notes/2023-02-10-refactor-test-cases.md index 1563c31b49..102551c760 100644 --- a/change_notes/2023-02-10-refactor-test-cases.md +++ b/change_notes/2023-02-10-refactor-test-cases.md @@ -1 +1,2 @@ - - `A1-1-2`: Refactored this test case to support better cross-compiler testing. \ No newline at end of file + - `A1-1-2`: Refactored this test case to support better cross-compiler testing. + - `A1-1-3`: Added support for alternate spelling of compiler flag. \ No newline at end of file diff --git a/cpp/autosar/src/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.ql b/cpp/autosar/src/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.ql index 1e9c20713c..18e0326699 100644 --- a/cpp/autosar/src/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.ql +++ b/cpp/autosar/src/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.ql @@ -26,7 +26,7 @@ where c.getAnArgument() = flag and flag = [ - "-Ofast", "-ffast-math", "-fgnu-keywords", "-fno-signed-zeroes", "-menable-unsafe-fp-math", + "-Ofast", "-ffast-math", "-fgnu-keywords", "-fno-signed-zeroes", "-fno-signed-zeroes", "-menable-unsafe-fp-math", "-menable-no-nans", "-menable-no-infs", "-menable-unsafe-fp-math", "-ffinite-math-only", "-ffloat-store" ] diff --git a/cpp/autosar/test/rules/A1-1-3/options.clang b/cpp/autosar/test/rules/A1-1-3/options.clang index 700c89341d..6ca75105ce 100644 --- a/cpp/autosar/test/rules/A1-1-3/options.clang +++ b/cpp/autosar/test/rules/A1-1-3/options.clang @@ -1 +1 @@ --Ofast -ffast-math -fgnu-keywords -fno-signed-zeroes -menable-unsafe-fp-math -menable-no-nans -menable-no-infs -menable-unsafe-fp-math -ffinite-math-only -ffloat-store \ No newline at end of file +-Ofast -ffast-math -fgnu-keywords -fno-signed-zeros -ffinite-math-only -ffloat-store \ No newline at end of file diff --git a/cpp/autosar/test/rules/A1-1-3/options.gcc b/cpp/autosar/test/rules/A1-1-3/options.gcc index 700c89341d..6ca75105ce 100644 --- a/cpp/autosar/test/rules/A1-1-3/options.gcc +++ b/cpp/autosar/test/rules/A1-1-3/options.gcc @@ -1 +1 @@ --Ofast -ffast-math -fgnu-keywords -fno-signed-zeroes -menable-unsafe-fp-math -menable-no-nans -menable-no-infs -menable-unsafe-fp-math -ffinite-math-only -ffloat-store \ No newline at end of file +-Ofast -ffast-math -fgnu-keywords -fno-signed-zeros -ffinite-math-only -ffloat-store \ No newline at end of file From 96202065c27d4a648b20077a2bd5a1d7bf4af748 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 10 Feb 2023 11:59:04 -0500 Subject: [PATCH 0446/2573] new expected files --- ...OptimizationOptionMustBeDisabledInCompiler.expected.clang | 5 +++++ ...ntOptimizationOptionMustBeDisabledInCompiler.expected.gcc | 5 +++++ 2 files changed, 10 insertions(+) create mode 100644 cpp/autosar/test/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.expected.clang create mode 100644 cpp/autosar/test/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.expected.gcc diff --git a/cpp/autosar/test/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.expected.clang b/cpp/autosar/test/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.expected.clang new file mode 100644 index 0000000000..93e1ea2c82 --- /dev/null +++ b/cpp/autosar/test/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.expected.clang @@ -0,0 +1,5 @@ +| test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-Ofast'. | +| test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-ffast-math'. | +| test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-ffinite-math-only'. | +| test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-ffloat-store'. | +| test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-fgnu-keywords'. | diff --git a/cpp/autosar/test/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.expected.gcc b/cpp/autosar/test/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.expected.gcc new file mode 100644 index 0000000000..93e1ea2c82 --- /dev/null +++ b/cpp/autosar/test/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.expected.gcc @@ -0,0 +1,5 @@ +| test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-Ofast'. | +| test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-ffast-math'. | +| test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-ffinite-math-only'. | +| test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-ffloat-store'. | +| test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-fgnu-keywords'. | From 8423344980bbc7b1154e23ed2e7675dde30abe88 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Mon, 13 Feb 2023 14:17:01 +0000 Subject: [PATCH 0447/2573] EssentialTypes: Add a utility module for MISRA definitions The essential types rules refer to a number of shared MISRA definitions which have been represented in this utility module. --- .../c/misra/MisraExpressions.qll | 106 ++++++++++++++++++ 1 file changed, 106 insertions(+) create mode 100644 c/misra/src/codingstandards/c/misra/MisraExpressions.qll diff --git a/c/misra/src/codingstandards/c/misra/MisraExpressions.qll b/c/misra/src/codingstandards/c/misra/MisraExpressions.qll new file mode 100644 index 0000000000..b5f03838cc --- /dev/null +++ b/c/misra/src/codingstandards/c/misra/MisraExpressions.qll @@ -0,0 +1,106 @@ +/** + * A module for representing expressions and related types defined in the MISRA C 2012 standard. + */ + +import codingstandards.c.misra + +/** + * A `bool` type, either `stdbool.h` or a hand-coded bool type acceptable to MISRA C 2012. + */ +class MisraBoolType extends Type { + MisraBoolType() { + this instanceof BoolType + or + exists(Enum e | this = e | + count(e.getAnEnumConstant()) = 2 and + e.getEnumConstant(0).getName().toLowerCase() = ["false", "f"] and + e.getEnumConstant(1).getName().toLowerCase() = ["true", "t"] + ) + or + exists(TypedefType t | this = t | t.getName().toLowerCase() = ["bool", "boolean"]) + } +} + +/** + * A boolean literal as defined by the C standard and acceptable to MISRA C 2012. + */ +class BooleanLiteral extends Literal { + BooleanLiteral() { + exists(MacroInvocation mi, int value, string macroName | + macroName = mi.getMacroName() and mi.getExpr() = this and value = this.getValue().toInt() + | + macroName = "false" and value = 0 + or + macroName = "true" and value = 1 + ) + } +} + +/** + * A composite operator as defined in MISRA C:2012 8.10.3. + */ +class CompositeOperator extends Expr { + CompositeOperator() { + // + - * / % + - + this instanceof BinaryArithmeticOperation and + not this instanceof MaxExpr and + not this instanceof MinExpr + or + // << >> & ^ | + this instanceof BinaryBitwiseOperation + or + // ~ + this instanceof ComplementExpr + or + exists(ConditionalExpr ce | ce = this | + ce.getElse() instanceof CompositeExpression or ce.getThen() instanceof CompositeExpression + ) + } +} + +/** + * A composite expression as defined in MISRA C:2012 8.10.3. + */ +class CompositeExpression extends Expr { + CompositeExpression() { + this instanceof CompositeOperator and + // A non-constant expression that is the result of a composite operator + not exists(this.getValue()) + } +} + +/** + * An operator on which the usual arithmetic conversions apply to the operands, as defined in MISRA + * C:2012 6.3.1.8. + */ +class OperationWithUsualArithmeticConversions extends Expr { + OperationWithUsualArithmeticConversions() { + this instanceof BinaryOperation and + not this instanceof LShiftExpr and + not this instanceof RShiftExpr and + not this instanceof LogicalAndExpr and + not this instanceof LogicalOrExpr + or + this instanceof AssignArithmeticOperation + } + + Expr getLeftOperand() { + result = this.(BinaryOperation).getLeftOperand() + or + result = this.(AssignArithmeticOperation).getLValue() + } + + Expr getRightOperand() { + result = this.(BinaryOperation).getRightOperand() + or + result = this.(AssignArithmeticOperation).getRValue() + } + + Expr getAnOperand() { result = this.getLeftOperand() or result = this.getRightOperand() } + + string getOperator() { + result = this.(BinaryOperation).getOperator() + or + result = this.(AssignArithmeticOperation).getOperator() + } +} From 79e44e31ab2e4de82b046a3657b7cc238512d023 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Mon, 13 Feb 2023 14:18:16 +0000 Subject: [PATCH 0448/2573] EssentialTypes: Add essential types library This module calculates and reports the essential type of each given expression in the program, as defined in the MISRA C:2012 standard. The essential type for an expression is calculated based on the AST type of the expression. Where it differs from the standard type, the calculation is overridden to implement the MISRA definition. Various utility methods related to essential types are included. --- .../c/misra/EssentialTypes.qll | 366 ++++++++++++++++++ 1 file changed, 366 insertions(+) create mode 100644 c/misra/src/codingstandards/c/misra/EssentialTypes.qll diff --git a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll new file mode 100644 index 0000000000..06e1ff20fc --- /dev/null +++ b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll @@ -0,0 +1,366 @@ +/** + * A module for identifying essential types as defined by MISRA C 2012. + */ + +import codingstandards.c.misra +import semmle.code.cpp.rangeanalysis.RangeAnalysisUtils +import MisraExpressions + +newtype TEssentialTypeCategory = + EssentiallyBooleanType() or + EssentiallyCharacterType() or + EssentiallyEnumType() or + EssentiallySignedType() or + EssentiallyUnsignedType() or + EssentiallyFloatingType() + +/** An essential type category, as specified by Appendix D.1. */ +class EssentialTypeCategory extends TEssentialTypeCategory { + string toString() { + this = EssentiallyBooleanType() and result = "essentially Boolean type" + or + this = EssentiallyCharacterType() and result = "essentially Character type" + or + this = EssentiallyEnumType() and result = "essentially Enum Type" + or + this = EssentiallySignedType() and result = "essentially Signed type" + or + this = EssentiallyUnsignedType() and result = "essentially Unsigned type" + or + this = EssentiallyFloatingType() and result = "essentially Floating type" + } +} + +/** + * Gets the unsigned type of lowest rank that can represent the value of the given expression, + * assuming that the expression is essentially unsigned. + */ +private IntegralType utlr(Expr const) { + getEssentialTypeCategory(const.getType()) = EssentiallyUnsignedType() and + getEssentialTypeCategory(result) = EssentiallyUnsignedType() and + exists(float c | c = const.getValue().toFloat() | + // As with range analysis, we assume two's complement representation + typeLowerBound(result) <= c and + typeUpperBound(result) >= c and + forall(IntegralType it | + getEssentialTypeCategory(it) = EssentiallyUnsignedType() and + typeLowerBound(it) <= c and + typeUpperBound(it) >= c + | + result.getSize() <= it.getSize() + ) + ) +} + +/** + * Gets the signed type of lowest rank that can represent the value of the given expression, + * assuming that the expression is essentially signed. + */ +private IntegralType stlr(Expr const) { + getEssentialTypeCategory(const.getType()) = EssentiallySignedType() and + getEssentialTypeCategory(result) = EssentiallySignedType() and + exists(float c | c = const.getValue().toFloat() | + // As with range analysis, we assume two's complement representation + typeLowerBound(result) <= c and + typeUpperBound(result) >= c and + forall(IntegralType it | + getEssentialTypeCategory(it) = EssentiallySignedType() and + typeLowerBound(it) <= c and + typeUpperBound(it) >= c + | + result.getSize() <= it.getSize() + ) + ) +} + +/** + * Define the essential type category for an IntegralOrEnumType. + */ +EssentialTypeCategory getEssentialTypeCategory(Type at) { + result = EssentiallyBooleanType() and at instanceof MisraBoolType + or + result = EssentiallyCharacterType() and at instanceof PlainCharType + or + result = EssentiallySignedType() and + at.(IntegralType).isSigned() and + not at instanceof PlainCharType + or + result = EssentiallyUnsignedType() and + at.(IntegralType).isUnsigned() and + not at instanceof PlainCharType + or + result = EssentiallyEnumType() and at instanceof Enum and not at instanceof MisraBoolType + or + result = EssentiallyFloatingType() and + at instanceof FloatingPointType +} + +/** + * Gets the essential type of the given expression `e`, considering any explicit conversions. + */ +Type getEssentialType(Expr e) { + if e.hasExplicitConversion() + then + if e.getConversion() instanceof ParenthesisExpr + then + if e.getConversion().(ParenthesisExpr).hasExplicitConversion() + then result = e.getConversion().(ParenthesisExpr).getConversion().getType() + else result = e.getConversion().(ParenthesisExpr).getExpr().(EssentialExpr).getEssentialType() + else result = e.getConversion().getType() + else result = e.(EssentialExpr).getEssentialType() +} + +Type getEssentialTypeBeforeConversions(Expr e) { result = e.(EssentialExpr).getEssentialType() } + +class EssentialExpr extends Expr { + Type getEssentialType() { result = this.getType() } + + Type getStandardType() { result = this.getType() } +} + +class EssentialCommaExpr extends EssentialExpr, CommaExpr { + override Type getEssentialType() { result = getEssentialType(getRightOperand()) } +} + +class EssentialRelationalOperationExpr extends EssentialExpr, RelationalOperation { + override Type getEssentialType() { result instanceof BoolType } +} + +class EssentialBinaryLogicalOperationExpr extends EssentialExpr, BinaryLogicalOperation { + override Type getEssentialType() { result instanceof BoolType } +} + +class EssentialEqualityOperationExpr extends EssentialExpr, EqualityOperation { + override Type getEssentialType() { result instanceof BoolType } +} + +class EssentialBinaryBitwiseOperationExpr extends EssentialExpr, BinaryBitwiseOperation { + EssentialBinaryBitwiseOperationExpr() { + this instanceof LShiftExpr or + this instanceof RShiftExpr + } + + override Type getEssentialType() { + exists(Type operandEssentialType, EssentialTypeCategory operandEssentialTypeCategory | + operandEssentialType = getEssentialType(getLeftOperand()) and + operandEssentialTypeCategory = getEssentialTypeCategory(operandEssentialType) + | + if operandEssentialTypeCategory instanceof EssentiallyUnsignedType + then + if exists(this.getValue()) + then result = utlr(this) // If constant and essentially unsigned us the utlr + else result = operandEssentialType + else result = this.getStandardType() + ) + } +} + +class EssentialBitwiseComplementExpr extends EssentialExpr, ComplementExpr { + override Type getEssentialType() { + exists(Type operandEssentialType, EssentialTypeCategory operandEssentialTypeCategory | + operandEssentialType = getEssentialType(getOperand()) and + operandEssentialTypeCategory = getEssentialTypeCategory(operandEssentialType) + | + if operandEssentialTypeCategory instanceof EssentiallyUnsignedType + then + if exists(this.getValue()) + then result = utlr(this) // If constant and essentially unsigned us the utlr + else result = operandEssentialType + else result = this.getStandardType() + ) + } +} + +class EssentialUnaryPlusExpr extends EssentialExpr, UnaryPlusExpr { + override Type getEssentialType() { + exists(Type operandEssentialType, EssentialTypeCategory operandEssentialTypeCategory | + operandEssentialType = getEssentialType(getOperand()) and + operandEssentialTypeCategory = getEssentialTypeCategory(operandEssentialType) + | + if + operandEssentialTypeCategory = + [EssentiallyUnsignedType().(TEssentialTypeCategory), EssentiallySignedType()] + then result = operandEssentialType + else result = getStandardType() + ) + } +} + +class EssentialUnaryMinusExpr extends EssentialExpr, UnaryMinusExpr { + override Type getEssentialType() { + exists(Type operandEssentialType, EssentialTypeCategory operandEssentialTypeCategory | + operandEssentialType = getEssentialType(getOperand()) and + operandEssentialTypeCategory = getEssentialTypeCategory(operandEssentialType) + | + if operandEssentialTypeCategory = EssentiallySignedType() + then if exists(this.getValue()) then result = stlr(this) else result = operandEssentialType + else result = getStandardType() + ) + } +} + +class EssentialConditionalExpr extends EssentialExpr, ConditionalExpr { + override Type getEssentialType() { + exists(Type thenEssentialType, Type elseEssentialType | + thenEssentialType = getEssentialType(getThen()) and + elseEssentialType = getEssentialType(getElse()) + | + if thenEssentialType = elseEssentialType + then result = thenEssentialType + else + if + getEssentialTypeCategory(thenEssentialType) = EssentiallySignedType() and + getEssentialTypeCategory(elseEssentialType) = EssentiallySignedType() + then + if thenEssentialType.getSize() > elseEssentialType.getSize() + then result = thenEssentialType + else result = elseEssentialType + else + if + getEssentialTypeCategory(thenEssentialType) = EssentiallyUnsignedType() and + getEssentialTypeCategory(elseEssentialType) = EssentiallyUnsignedType() + then + if thenEssentialType.getSize() > elseEssentialType.getSize() + then result = thenEssentialType + else result = elseEssentialType + else result = this.getStandardType() + ) + } +} + +class EssentialBinaryArithmeticExpr extends EssentialExpr, BinaryArithmeticOperation { + EssentialBinaryArithmeticExpr() { + // GNU C extension has min/max which we can ignore + not this instanceof MinExpr and + not this instanceof MaxExpr + } + + override Type getEssentialType() { + exists( + Type leftEssentialType, Type rightEssentialType, + EssentialTypeCategory leftEssentialTypeCategory, + EssentialTypeCategory rightEssentialTypeCategory + | + leftEssentialType = getEssentialType(getLeftOperand()) and + rightEssentialType = getEssentialType(getRightOperand()) and + leftEssentialTypeCategory = getEssentialTypeCategory(leftEssentialType) and + rightEssentialTypeCategory = getEssentialTypeCategory(rightEssentialType) + | + if + leftEssentialTypeCategory = EssentiallySignedType() and + rightEssentialTypeCategory = EssentiallySignedType() + then + if exists(getValue()) + then result = stlr(this) + else ( + if leftEssentialType.getSize() > rightEssentialType.getSize() + then result = leftEssentialType + else result = rightEssentialType + ) + else + if + leftEssentialTypeCategory = EssentiallyUnsignedType() and + rightEssentialTypeCategory = EssentiallyUnsignedType() + then + if exists(getValue()) + then result = utlr(this) + else ( + if leftEssentialType.getSize() > rightEssentialType.getSize() + then result = leftEssentialType + else result = rightEssentialType + ) + else + if + this instanceof AddExpr and + ( + leftEssentialTypeCategory = EssentiallyCharacterType() + or + rightEssentialTypeCategory = EssentiallyCharacterType() + ) and + ( + leftEssentialTypeCategory = + [EssentiallySignedType(), EssentiallyUnsignedType().(TEssentialTypeCategory)] + or + rightEssentialTypeCategory = + [EssentiallySignedType(), EssentiallyUnsignedType().(TEssentialTypeCategory)] + ) + or + this instanceof SubExpr and + leftEssentialTypeCategory = EssentiallyCharacterType() and + rightEssentialTypeCategory = + [EssentiallySignedType(), EssentiallyUnsignedType().(TEssentialTypeCategory)] + then result instanceof PlainCharType + else result = this.getStandardType() + ) + } +} + +class EssentialEnumConstantAccess extends EssentialExpr, EnumConstantAccess { + override Type getEssentialType() { result = getTarget().getDeclaringEnum() } +} + +class EssentialLiteral extends EssentialExpr, Literal { + override Type getEssentialType() { + if this instanceof BooleanLiteral + then result instanceof MisraBoolType + else ( + if this.(CharLiteral).getCharacter().length() = 1 + then result instanceof PlainCharType + else ( + getStandardType().(IntegralType).isSigned() and + result = stlr(this) + or + not getStandardType().(IntegralType).isSigned() and + result = utlr(this) + ) + ) + } +} + +/** + * Holds if `rValue` is assigned to an object of type `lValueEssentialType`. + * + * Assignment is according to "Assignment" in Appendix J of MISRA C 2012, with the inclusion of a + * special case for switch statements as specified for Rule 10.3 and Rule 10.6. + */ +predicate isAssignmentToEssentialType(Type lValueEssentialType, Expr rValue) { + // Special case for Rule 10.3/ Rule 10.6. + exists(SwitchCase sc | + lValueEssentialType = sc.getSwitchStmt().getControllingExpr().getType() and + rValue = sc.getExpr() + ) + or + exists(Assignment a | + lValueEssentialType = a.getLValue().getType() and + rValue = a.getRValue() + ) + or + exists(FunctionCall fc, int i | + lValueEssentialType = fc.getTarget().getParameter(i).getType() and + rValue = fc.getArgument(i) + ) + or + exists(Function f, ReturnStmt rs | + lValueEssentialType = f.getType() and + rs.getEnclosingFunction() = f and + rValue = rs.getExpr() + ) + or + // Initializing a non-aggregate type + exists(Initializer i | + lValueEssentialType = i.getDeclaration().(Variable).getType() and + rValue = i.getExpr() + ) + or + // Initializing an array + exists(ArrayAggregateLiteral aal | + lValueEssentialType = aal.getElementType() and + rValue = aal.getElementExpr(_) + ) + or + // Initializing a struct or union + exists(ClassAggregateLiteral cal, Field field | + lValueEssentialType = field.getType() and + rValue = cal.getFieldExpr(field) + ) +} From 7c5fea9fe2300e047b2de2aaa3caa072473a1ff1 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Mon, 13 Feb 2023 14:20:35 +0000 Subject: [PATCH 0449/2573] EssentialTypes: Implement Rule 10.1 Adds queries to identify operators where the operands are of an inappropriate essential type, according to the MISRA specified rules. --- .../OperandsOfAnInappropriateEssentialType.ql | 251 +++++++++ .../RULE-10-1/PointerTypeOnLogicalOperator.ql | 24 + ...ndsOfAnInappropriateEssentialType.expected | 187 +++++++ ...erandsOfAnInappropriateEssentialType.qlref | 1 + .../PointerTypeOnLogicalOperator.expected | 5 + .../PointerTypeOnLogicalOperator.qlref | 1 + c/misra/test/rules/RULE-10-1/test.c | 495 ++++++++++++++++++ 7 files changed, 964 insertions(+) create mode 100644 c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql create mode 100644 c/misra/src/rules/RULE-10-1/PointerTypeOnLogicalOperator.ql create mode 100644 c/misra/test/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.expected create mode 100644 c/misra/test/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.qlref create mode 100644 c/misra/test/rules/RULE-10-1/PointerTypeOnLogicalOperator.expected create mode 100644 c/misra/test/rules/RULE-10-1/PointerTypeOnLogicalOperator.qlref create mode 100644 c/misra/test/rules/RULE-10-1/test.c diff --git a/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql b/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql new file mode 100644 index 0000000000..0245f3cbc5 --- /dev/null +++ b/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql @@ -0,0 +1,251 @@ +/** + * @id c/misra/operands-of-an-inappropriate-essential-type + * @name RULE-10-1: Operands shall not be of an inappropriate essential type + * @description + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-10-1 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.c.misra.EssentialTypes + +/** + * Holds if the operator `operator` has an operand `child` that is of an inappropriate essential type + * according to MISRA C 2012 Rule 10.1. + */ +predicate isInappropriateEssentialType( + Expr operator, Expr child, EssentialTypeCategory etc, int rationaleId +) { + etc = getEssentialTypeCategory(getEssentialType(child)) and + ( + child = operator.(ArrayExpr).getArrayOffset() and + ( + etc = EssentiallyBooleanType() and + rationaleId = 3 + or + etc = EssentiallyCharacterType() and + rationaleId = 4 + or + etc = EssentiallyFloatingType() and + rationaleId = 1 + ) + or + child = operator.(UnaryPlusExpr).getOperand() and + ( + etc = EssentiallyBooleanType() and + rationaleId = 3 + or + etc = EssentiallyCharacterType() and + rationaleId = 4 + or + etc = EssentiallyEnumType() and + rationaleId = 5 + ) + or + child = operator.(UnaryMinusExpr).getOperand() and + ( + etc = EssentiallyBooleanType() and + rationaleId = 3 + or + etc = EssentiallyCharacterType() and + rationaleId = 4 + or + etc = EssentiallyEnumType() and + rationaleId = 5 + or + etc = EssentiallyUnsignedType() and + rationaleId = 8 + ) + or + // The table only talks about + and -, but below it clarifies ++ and -- are also considered to + // be equivalent. + child = + [ + operator.(AddExpr).getAnOperand(), operator.(SubExpr).getAnOperand(), + operator.(IncrementOperation).getAnOperand(), operator.(DecrementOperation).getAnOperand(), + operator.(AssignAddExpr).getAnOperand(), operator.(AssignSubExpr).getAnOperand() + ] and + ( + etc = EssentiallyBooleanType() and + rationaleId = 3 + or + etc = EssentiallyEnumType() and + rationaleId = 5 + ) + or + child = + [ + operator.(DivExpr).getAnOperand(), operator.(MulExpr).getAnOperand(), + operator.(AssignDivExpr).getAnOperand(), operator.(AssignMulExpr).getAnOperand() + ] and + ( + etc = EssentiallyBooleanType() and + rationaleId = 3 + or + etc = EssentiallyCharacterType() and + rationaleId = 4 + or + etc = EssentiallyEnumType() and + rationaleId = 5 + ) + or + child = [operator.(RemExpr).getAnOperand(), operator.(AssignRemExpr).getAnOperand()] and + ( + etc = EssentiallyBooleanType() and + rationaleId = 3 + or + etc = EssentiallyCharacterType() and + rationaleId = 4 + or + etc = EssentiallyEnumType() and + rationaleId = 5 + or + etc = EssentiallyFloatingType() and + rationaleId = 1 + ) + or + child = operator.(RelationalOperation).getAnOperand() and + etc = EssentiallyBooleanType() and + rationaleId = 3 + or + child = [operator.(NotExpr).getAnOperand(), operator.(BinaryLogicalOperation).getAnOperand()] and + rationaleId = 2 and + ( + etc = EssentiallyCharacterType() + or + etc = EssentiallyEnumType() + or + etc = EssentiallySignedType() + or + etc = EssentiallyUnsignedType() + or + etc = EssentiallyFloatingType() + ) + or + child = + [ + operator.(LShiftExpr).getLeftOperand(), operator.(RShiftExpr).getLeftOperand(), + operator.(AssignLShiftExpr).getLValue(), operator.(AssignRShiftExpr).getLValue() + ] and + ( + etc = EssentiallyBooleanType() and + rationaleId = 3 + or + etc = EssentiallyCharacterType() and + rationaleId = 4 + or + etc = EssentiallyEnumType() and + rationaleId = 6 // 5 also applies, but 6 is sufficient explanation + or + etc = EssentiallySignedType() and + rationaleId = 6 + or + etc = EssentiallyFloatingType() and + rationaleId = 1 + ) + or + child = + [ + operator.(LShiftExpr).getRightOperand(), operator.(RShiftExpr).getRightOperand(), + operator.(AssignLShiftExpr).getRValue(), operator.(AssignRShiftExpr).getRValue() + ] and + // Integer constant non negative essentially signed types are allowed by exception + not (child.getValue().toInt() >= 0 and etc = EssentiallySignedType()) and + ( + etc = EssentiallyBooleanType() and + rationaleId = 3 + or + etc = EssentiallyCharacterType() and + rationaleId = 4 + or + etc = EssentiallyEnumType() and + rationaleId = 7 + or + etc = EssentiallySignedType() and + rationaleId = 7 + or + etc = EssentiallyFloatingType() and + rationaleId = 1 + ) + or + child = + [ + operator.(BinaryBitwiseOperation).getAnOperand(), + operator.(AssignBitwiseOperation).getAnOperand() + ] and + not operator instanceof LShiftExpr and + not operator instanceof RShiftExpr and + not operator instanceof AssignLShiftExpr and + not operator instanceof AssignRShiftExpr and + ( + etc = EssentiallyBooleanType() and + rationaleId = 3 + or + etc = EssentiallyCharacterType() and + rationaleId = 4 + or + etc = EssentiallyEnumType() and + rationaleId = 6 + or + etc = EssentiallySignedType() and + rationaleId = 6 + or + etc = EssentiallyFloatingType() and + rationaleId = 1 + ) + or + child = operator.(ConditionalExpr).getCondition() and + ( + etc = EssentiallyCharacterType() and + rationaleId = 2 + or + etc = EssentiallyEnumType() and + rationaleId = 2 + or + etc = EssentiallySignedType() and + rationaleId = 2 + or + etc = EssentiallyUnsignedType() and + rationaleId = 2 + or + etc = EssentiallyFloatingType() and + rationaleId = 2 + ) + ) +} + +string getRationaleMessage(int rationaleId, EssentialTypeCategory etc) { + rationaleId = 1 and + result = "Constraint violation from using an operand of essentially Floating type." + or + rationaleId = 2 and result = "Operand of " + etc + " type interpreted as a Boolean value." + or + rationaleId = 3 and result = "Operand of essentially Boolean type interpreted as a numeric value." + or + rationaleId = 4 and + result = "Operand of essentially Charater type interpreted as a numeric value." + or + rationaleId = 5 and + result = + "Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type." + or + rationaleId = 6 and + result = "Bitwise operator applied to operand of " + etc + " and not essentially unsigned." + or + rationaleId = 7 and + result = "Right hand operatand of shift operator is " + etc + " and not not essentially unsigned." + or + rationaleId = 8 and + result = + "Operand of essentially Unsigned type will be converted to a signed type with the signedness dependent on the implemented size of int." +} + +from Expr operator, Expr child, int rationaleId, EssentialTypeCategory etc +where + not isExcluded(operator, EssentialTypesPackage::operandsOfAnInappropriateEssentialTypeQuery()) and + isInappropriateEssentialType(operator, child, etc, rationaleId) +select operator, getRationaleMessage(rationaleId, etc) diff --git a/c/misra/src/rules/RULE-10-1/PointerTypeOnLogicalOperator.ql b/c/misra/src/rules/RULE-10-1/PointerTypeOnLogicalOperator.ql new file mode 100644 index 0000000000..53d4a79ffc --- /dev/null +++ b/c/misra/src/rules/RULE-10-1/PointerTypeOnLogicalOperator.ql @@ -0,0 +1,24 @@ +/** + * @id c/misra/pointer-type-on-logical-operator + * @name RULE-10-1: Logical operators should not be used with pointer types + * @description + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-10-1 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +from Expr logicalOperator, Expr operand +where + not isExcluded(operand, EssentialTypesPackage::pointerTypeOnLogicalOperatorQuery()) and + ( + operand = logicalOperator.(BinaryLogicalOperation).getAnOperand() + or + operand = logicalOperator.(NotExpr).getOperand() + ) and + operand.getType() instanceof PointerType +select operand, "Logical operators should not be used with pointer types." diff --git a/c/misra/test/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.expected b/c/misra/test/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.expected new file mode 100644 index 0000000000..b04a4ee4aa --- /dev/null +++ b/c/misra/test/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.expected @@ -0,0 +1,187 @@ +| test.c:13:3:13:6 | access to array | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:14:3:14:6 | access to array | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:20:3:20:4 | + ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:21:3:21:4 | + ... | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:22:3:22:5 | + ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:27:3:27:4 | - ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:28:3:28:4 | - ... | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:29:3:29:5 | - ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:31:3:31:4 | - ... | Operand of essentially Unsigned type will be converted to a signed type with the signedness dependent on the implemented size of int. | +| test.c:34:3:34:7 | ... + ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:36:3:36:8 | ... + ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:41:3:41:7 | ... - ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:43:3:43:8 | ... - ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:48:3:48:7 | ... + ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:50:3:50:8 | ... + ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:55:3:55:7 | ... - ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:57:3:57:8 | ... - ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:62:3:62:5 | ... ++ | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:64:3:64:6 | ... ++ | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:69:3:69:5 | ... -- | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:71:3:71:6 | ... -- | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:76:3:76:5 | ++ ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:78:3:78:6 | ++ ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:83:3:83:5 | -- ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:85:3:85:6 | -- ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:90:3:90:7 | ... * ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:91:3:91:7 | ... * ... | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:92:3:92:8 | ... * ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:97:3:97:7 | ... / ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:98:3:98:7 | ... / ... | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:99:3:99:8 | ... / ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:104:3:104:7 | ... * ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:105:3:105:7 | ... * ... | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:106:3:106:8 | ... * ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:111:3:111:7 | ... / ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:112:3:112:7 | ... / ... | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:113:3:113:8 | ... / ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:118:3:118:7 | ... % ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:119:3:119:7 | ... % ... | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:120:3:120:8 | ... % ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:125:3:125:7 | ... % ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:126:3:126:7 | ... % ... | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:127:3:127:8 | ... % ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:132:3:132:7 | ... < ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:139:3:139:7 | ... > ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:146:3:146:8 | ... <= ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:153:3:153:8 | ... >= ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:160:3:160:7 | ... < ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:167:3:167:7 | ... > ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:174:3:174:8 | ... <= ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:181:3:181:8 | ... >= ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:217:3:217:4 | ! ... | Operand of essentially Character type type interpreted as a Boolean value. | +| test.c:218:3:218:5 | ! ... | Operand of essentially Enum Type type interpreted as a Boolean value. | +| test.c:219:3:219:4 | ! ... | Operand of essentially Signed type type interpreted as a Boolean value. | +| test.c:220:3:220:4 | ! ... | Operand of essentially Unsigned type type interpreted as a Boolean value. | +| test.c:221:3:221:4 | ! ... | Operand of essentially Floating type type interpreted as a Boolean value. | +| test.c:224:3:224:11 | ... && ... | Operand of essentially Character type type interpreted as a Boolean value. | +| test.c:225:3:225:12 | ... && ... | Operand of essentially Enum Type type interpreted as a Boolean value. | +| test.c:226:3:226:11 | ... && ... | Operand of essentially Signed type type interpreted as a Boolean value. | +| test.c:227:3:227:11 | ... && ... | Operand of essentially Unsigned type type interpreted as a Boolean value. | +| test.c:228:3:228:11 | ... && ... | Operand of essentially Floating type type interpreted as a Boolean value. | +| test.c:231:3:231:12 | ... \|\| ... | Operand of essentially Character type type interpreted as a Boolean value. | +| test.c:232:3:232:13 | ... \|\| ... | Operand of essentially Enum Type type interpreted as a Boolean value. | +| test.c:233:3:233:12 | ... \|\| ... | Operand of essentially Signed type type interpreted as a Boolean value. | +| test.c:234:3:234:12 | ... \|\| ... | Operand of essentially Unsigned type type interpreted as a Boolean value. | +| test.c:235:3:235:12 | ... \|\| ... | Operand of essentially Floating type type interpreted as a Boolean value. | +| test.c:238:3:238:11 | ... && ... | Operand of essentially Character type type interpreted as a Boolean value. | +| test.c:239:3:239:12 | ... && ... | Operand of essentially Enum Type type interpreted as a Boolean value. | +| test.c:240:3:240:11 | ... && ... | Operand of essentially Signed type type interpreted as a Boolean value. | +| test.c:241:3:241:11 | ... && ... | Operand of essentially Unsigned type type interpreted as a Boolean value. | +| test.c:242:3:242:11 | ... && ... | Operand of essentially Floating type type interpreted as a Boolean value. | +| test.c:245:3:245:12 | ... \|\| ... | Operand of essentially Character type type interpreted as a Boolean value. | +| test.c:246:3:246:13 | ... \|\| ... | Operand of essentially Enum Type type interpreted as a Boolean value. | +| test.c:247:3:247:12 | ... \|\| ... | Operand of essentially Signed type type interpreted as a Boolean value. | +| test.c:248:3:248:12 | ... \|\| ... | Operand of essentially Unsigned type type interpreted as a Boolean value. | +| test.c:249:3:249:12 | ... \|\| ... | Operand of essentially Floating type type interpreted as a Boolean value. | +| test.c:251:3:251:8 | ... << ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:252:3:252:8 | ... << ... | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:253:3:253:9 | ... << ... | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:254:3:254:8 | ... << ... | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:258:3:258:8 | ... >> ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:259:3:259:8 | ... >> ... | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:260:3:260:9 | ... >> ... | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:261:3:261:8 | ... >> ... | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:265:3:265:8 | ... << ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:266:3:266:8 | ... << ... | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:267:3:267:9 | ... << ... | Right hand operatand of shift operator is essentially Enum Type and not not essentially unsigned. | +| test.c:268:3:268:8 | ... << ... | Right hand operatand of shift operator is essentially Signed type and not not essentially unsigned. | +| test.c:272:3:272:8 | ... >> ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:273:3:273:8 | ... >> ... | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:274:3:274:9 | ... >> ... | Right hand operatand of shift operator is essentially Enum Type and not not essentially unsigned. | +| test.c:275:3:275:8 | ... >> ... | Right hand operatand of shift operator is essentially Signed type and not not essentially unsigned. | +| test.c:279:3:279:6 | ... & ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:280:3:280:6 | ... & ... | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:281:3:281:7 | ... & ... | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:282:3:282:6 | ... & ... | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:286:3:286:7 | ... \| ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:287:3:287:7 | ... \| ... | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:288:3:288:8 | ... \| ... | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:289:3:289:7 | ... \| ... | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:293:3:293:7 | ... ^ ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:294:3:294:7 | ... ^ ... | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:295:3:295:8 | ... ^ ... | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:296:3:296:7 | ... ^ ... | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:300:3:300:6 | ... & ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:301:3:301:6 | ... & ... | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:302:3:302:7 | ... & ... | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:303:3:303:6 | ... & ... | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:307:3:307:7 | ... \| ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:308:3:308:7 | ... \| ... | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:309:3:309:8 | ... \| ... | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:310:3:310:7 | ... \| ... | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:314:3:314:7 | ... ^ ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:315:3:315:7 | ... ^ ... | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:316:3:316:8 | ... ^ ... | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:317:3:317:7 | ... ^ ... | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:329:3:329:11 | ... ? ... : ... | Operand of essentially Character type type interpreted as a Boolean value. | +| test.c:330:3:330:12 | ... ? ... : ... | Operand of essentially Enum Type type interpreted as a Boolean value. | +| test.c:331:3:331:11 | ... ? ... : ... | Operand of essentially Signed type type interpreted as a Boolean value. | +| test.c:332:3:332:11 | ... ? ... : ... | Operand of essentially Unsigned type type interpreted as a Boolean value. | +| test.c:333:3:333:11 | ... ? ... : ... | Operand of essentially Floating type type interpreted as a Boolean value. | +| test.c:342:3:342:8 | ... += ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:344:3:344:9 | ... += ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:349:3:349:8 | ... -= ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:351:3:351:9 | ... -= ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:356:3:356:8 | ... += ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:358:3:358:9 | ... += ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:363:3:363:8 | ... -= ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:365:3:365:9 | ... -= ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:370:3:370:8 | ... *= ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:371:3:371:8 | ... *= ... | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:372:3:372:9 | ... *= ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:377:3:377:8 | ... /= ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:378:3:378:8 | ... /= ... | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:379:3:379:9 | ... /= ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:384:3:384:8 | ... *= ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:385:3:385:8 | ... *= ... | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:386:3:386:9 | ... *= ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:391:3:391:8 | ... /= ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:392:3:392:8 | ... /= ... | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:393:3:393:9 | ... /= ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:398:3:398:8 | ... %= ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:399:3:399:8 | ... %= ... | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:400:3:400:9 | ... %= ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:405:3:405:8 | ... %= ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:406:3:406:8 | ... %= ... | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:407:3:407:9 | ... %= ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:412:3:412:9 | ... <<= ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:413:3:413:9 | ... <<= ... | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:414:3:414:10 | ... <<= ... | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:415:3:415:9 | ... <<= ... | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:419:3:419:9 | ... >>= ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:420:3:420:9 | ... >>= ... | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:421:3:421:10 | ... >>= ... | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:422:3:422:9 | ... >>= ... | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:426:3:426:9 | ... <<= ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:427:3:427:9 | ... <<= ... | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:428:3:428:10 | ... <<= ... | Right hand operatand of shift operator is essentially Enum Type and not not essentially unsigned. | +| test.c:429:3:429:9 | ... <<= ... | Right hand operatand of shift operator is essentially Signed type and not not essentially unsigned. | +| test.c:433:3:433:9 | ... >>= ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:434:3:434:9 | ... >>= ... | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:435:3:435:10 | ... >>= ... | Right hand operatand of shift operator is essentially Enum Type and not not essentially unsigned. | +| test.c:436:3:436:9 | ... >>= ... | Right hand operatand of shift operator is essentially Signed type and not not essentially unsigned. | +| test.c:440:3:440:8 | ... &= ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:441:3:441:8 | ... &= ... | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:442:3:442:9 | ... &= ... | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:443:3:443:8 | ... &= ... | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:447:3:447:8 | ... ^= ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:448:3:448:8 | ... ^= ... | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:449:3:449:9 | ... ^= ... | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:450:3:450:8 | ... ^= ... | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:454:3:454:8 | ... \|= ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:455:3:455:8 | ... \|= ... | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:456:3:456:9 | ... \|= ... | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:457:3:457:8 | ... \|= ... | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:461:3:461:8 | ... &= ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:462:3:462:8 | ... &= ... | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:463:3:463:9 | ... &= ... | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:464:3:464:8 | ... &= ... | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:468:3:468:8 | ... ^= ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:469:3:469:8 | ... ^= ... | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:470:3:470:9 | ... ^= ... | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:471:3:471:8 | ... ^= ... | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:475:3:475:8 | ... \|= ... | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:476:3:476:8 | ... \|= ... | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:477:3:477:9 | ... \|= ... | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:478:3:478:8 | ... \|= ... | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | diff --git a/c/misra/test/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.qlref b/c/misra/test/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.qlref new file mode 100644 index 0000000000..f3120fd81f --- /dev/null +++ b/c/misra/test/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.qlref @@ -0,0 +1 @@ +rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-1/PointerTypeOnLogicalOperator.expected b/c/misra/test/rules/RULE-10-1/PointerTypeOnLogicalOperator.expected new file mode 100644 index 0000000000..35a55919fd --- /dev/null +++ b/c/misra/test/rules/RULE-10-1/PointerTypeOnLogicalOperator.expected @@ -0,0 +1,5 @@ +| test.c:488:4:488:4 | p | Logical operators should not be used with pointer types. | +| test.c:490:3:490:3 | p | Logical operators should not be used with pointer types. | +| test.c:491:7:491:7 | p | Logical operators should not be used with pointer types. | +| test.c:493:3:493:3 | p | Logical operators should not be used with pointer types. | +| test.c:494:8:494:8 | p | Logical operators should not be used with pointer types. | diff --git a/c/misra/test/rules/RULE-10-1/PointerTypeOnLogicalOperator.qlref b/c/misra/test/rules/RULE-10-1/PointerTypeOnLogicalOperator.qlref new file mode 100644 index 0000000000..cec5f51a3a --- /dev/null +++ b/c/misra/test/rules/RULE-10-1/PointerTypeOnLogicalOperator.qlref @@ -0,0 +1 @@ +rules/RULE-10-1/PointerTypeOnLogicalOperator.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-1/test.c b/c/misra/test/rules/RULE-10-1/test.c new file mode 100644 index 0000000000..8945890d4c --- /dev/null +++ b/c/misra/test/rules/RULE-10-1/test.c @@ -0,0 +1,495 @@ +#include "stdbool.h" + +void testInappropriateOperands() { + _Bool b = true; + char c = 'c'; + enum E1 { A, B, C } e1 = A; + signed int s = 100; + unsigned int u = 1; + float f = 1.0; + + int a[20]; + + a[b]; // NON_COMPLIANT + a[c]; // NON_COMPLIANT + a[e1]; // COMPLIANT + a[s]; // COMPLIANT + a[u]; // COMPLIANT + // a[f]; // NON_COMPILABLE + + +b; // NON_COMPLIANT + +c; // NON_COMPLIANT + +e1; // NON_COMPLIANT + +s; // COMPLIANT + +u; // COMPLIANT + +f; // COMPLIANT + + -b; // NON_COMPLIANT + -c; // NON_COMPLIANT + -e1; // NON_COMPLIANT + -s; // COMPLIANT + -u; // NON_COMPLIANT + -f; // COMPLIANT + + 1 + b; // NON_COMPLIANT + 1 + c; // COMPLIANT + 1 + e1; // NON_COMPLIANT + 1 + s; // COMPLIANT + 1 + u; // COMPLIANT + 1 + f; // COMPLIANT + + 1 - b; // NON_COMPLIANT + 1 - c; // COMPLIANT + 1 - e1; // NON_COMPLIANT + 1 - s; // COMPLIANT + 1 - u; // COMPLIANT + 1 - f; // COMPLIANT + + b + 1; // NON_COMPLIANT + c + 1; // COMPLIANT + e1 + 1; // NON_COMPLIANT + s + 1; // COMPLIANT + u + 1; // COMPLIANT + f + 1; // COMPLIANT + + b - 1; // NON_COMPLIANT + c - 1; // COMPLIANT + e1 - 1; // NON_COMPLIANT + s - 1; // COMPLIANT + u - 1; // COMPLIANT + f - 1; // COMPLIANT + + b++; // NON_COMPLIANT + c++; // COMPLIANT + e1++; // NON_COMPLIANT + s++; // COMPLIANT + u++; // COMPLIANT + f++; // COMPLIANT + + b--; // NON_COMPLIANT + c--; // COMPLIANT + e1--; // NON_COMPLIANT + s--; // COMPLIANT + u--; // COMPLIANT + f--; // COMPLIANT + + ++b; // NON_COMPLIANT + ++c; // COMPLIANT + ++e1; // NON_COMPLIANT + ++s; // COMPLIANT + ++u; // COMPLIANT + ++f; // COMPLIANT + + --b; // NON_COMPLIANT + --c; // COMPLIANT + --e1; // NON_COMPLIANT + --s; // COMPLIANT + --u; // COMPLIANT + --f; // COMPLIANT + + 1 * b; // NON_COMPLIANT + 1 * c; // NON_COMPLIANT + 1 * e1; // NON_COMPLIANT + 1 * s; // COMPLIANT + 1 * u; // COMPLIANT + 1 * f; // COMPLIANT + + 1 / b; // NON_COMPLIANT + 1 / c; // NON_COMPLIANT + 1 / e1; // NON_COMPLIANT + 1 / s; // COMPLIANT + 1 / u; // COMPLIANT + 1 / f; // COMPLIANT + + b * 1; // NON_COMPLIANT + c * 1; // NON_COMPLIANT + e1 * 1; // NON_COMPLIANT + s * 1; // COMPLIANT + u * 1; // COMPLIANT + f * 1; // COMPLIANT + + b / 1; // NON_COMPLIANT + c / 1; // NON_COMPLIANT + e1 / 1; // NON_COMPLIANT + s / 1; // COMPLIANT + u / 1; // COMPLIANT + f / 1; // COMPLIANT + + b % 1; // NON_COMPLIANT + c % 1; // NON_COMPLIANT + e1 % 1; // NON_COMPLIANT + s % 1; // COMPLIANT + u % 1; // COMPLIANT + // f % 1; // NON_COMPILABLE + + 1 % b; // NON_COMPLIANT + 1 % c; // NON_COMPLIANT + 1 % e1; // NON_COMPLIANT + 1 % s; // COMPLIANT + 1 % u; // COMPLIANT + // 1 % f; // NON_COMPILABLE + + 1 < b; // NON_COMPLIANT + 1 < c; // COMPLIANT + 1 < e1; // COMPLIANT + 1 < s; // COMPLIANT + 1 < u; // COMPLIANT + 1 < f; // COMPLIANT + + 1 > b; // NON_COMPLIANT + 1 > c; // COMPLIANT + 1 > e1; // COMPLIANT + 1 > s; // COMPLIANT + 1 > u; // COMPLIANT + 1 > f; // COMPLIANT + + 1 <= b; // NON_COMPLIANT + 1 <= c; // COMPLIANT + 1 <= e1; // COMPLIANT + 1 <= s; // COMPLIANT + 1 <= u; // COMPLIANT + 1 <= f; // COMPLIANT + + 1 >= b; // NON_COMPLIANT + 1 >= c; // COMPLIANT + 1 >= e1; // COMPLIANT + 1 >= s; // COMPLIANT + 1 >= u; // COMPLIANT + 1 >= f; // COMPLIANT + + b < 1; // NON_COMPLIANT + c < 1; // COMPLIANT + e1 < 1; // COMPLIANT + s < 1; // COMPLIANT + u < 1; // COMPLIANT + f < 1; // COMPLIANT + + b > 1; // NON_COMPLIANT + c > 1; // COMPLIANT + e1 > 1; // COMPLIANT + s > 1; // COMPLIANT + u > 1; // COMPLIANT + f > 1; // COMPLIANT + + b <= 1; // NON_COMPLIANT + c <= 1; // COMPLIANT + e1 <= 1; // COMPLIANT + s <= 1; // COMPLIANT + u <= 1; // COMPLIANT + f <= 1; // COMPLIANT + + b >= 1; // NON_COMPLIANT + c >= 1; // COMPLIANT + e1 >= 1; // COMPLIANT + s >= 1; // COMPLIANT + u >= 1; // COMPLIANT + f >= 1; // COMPLIANT + + b == 1; // COMPLIANT + c == 1; // COMPLIANT + e1 == 1; // COMPLIANT + s == 1; // COMPLIANT + u == 1; // COMPLIANT + f == 1; // COMPLIANT + + b != 1; // COMPLIANT + c != 1; // COMPLIANT + e1 != 1; // COMPLIANT + s != 1; // COMPLIANT + u != 1; // COMPLIANT + f != 1; // COMPLIANT + + 1 == b; // COMPLIANT + 1 == c; // COMPLIANT + 1 == e1; // COMPLIANT + 1 == s; // COMPLIANT + 1 == u; // COMPLIANT + 1 == f; // COMPLIANT + + 1 != b; // COMPLIANT + 1 != c; // COMPLIANT + 1 != e1; // COMPLIANT + 1 != s; // COMPLIANT + 1 != u; // COMPLIANT + 1 != f; // COMPLIANT + + !b; // COMPLIANT + !c; // NON_COMPLIANT + !e1; // NON_COMPLIANT + !s; // NON_COMPLIANT + !u; // NON_COMPLIANT + !f; // NON_COMPLIANT + + b && true; // COMPLIANT + c && true; // NON_COMPLIANT + e1 && true; // NON_COMPLIANT + s && true; // NON_COMPLIANT + u && true; // NON_COMPLIANT + f && true; // NON_COMPLIANT + + b || false; // COMPLIANT + c || false; // NON_COMPLIANT + e1 || false; // NON_COMPLIANT + s || false; // NON_COMPLIANT + u || false; // NON_COMPLIANT + f || false; // NON_COMPLIANT + + true && b; // COMPLIANT + true && c; // NON_COMPLIANT + true && e1; // NON_COMPLIANT + true && s; // NON_COMPLIANT + true && u; // NON_COMPLIANT + true && f; // NON_COMPLIANT + + false || b; // COMPLIANT + false || c; // NON_COMPLIANT + false || e1; // NON_COMPLIANT + false || s; // NON_COMPLIANT + false || u; // NON_COMPLIANT + false || f; // NON_COMPLIANT + + b << u; // NON_COMPLIANT + c << u; // NON_COMPLIANT + e1 << u; // NON_COMPLIANT + s << u; // NON_COMPLIANT + u << u; // COMPLIANT + // f << u; // NON_COMPILABLE + + b >> u; // NON_COMPLIANT + c >> u; // NON_COMPLIANT + e1 >> u; // NON_COMPLIANT + s >> u; // NON_COMPLIANT + u >> u; // COMPLIANT + // f >> u; // NON_COMPILABLE + + u << b; // NON_COMPLIANT + u << c; // NON_COMPLIANT + u << e1; // NON_COMPLIANT + u << s; // NON_COMPLIANT + u << u; // COMPLIANT + // u << f; // NON_COMPILABLE + + u >> b; // NON_COMPLIANT + u >> c; // NON_COMPLIANT + u >> e1; // NON_COMPLIANT + u >> s; // NON_COMPLIANT + u >> u; // COMPLIANT + // u >> f; // NON_COMPILABLE + + b &u; // NON_COMPLIANT + c &u; // NON_COMPLIANT + e1 &u; // NON_COMPLIANT + s &u; // NON_COMPLIANT + u &u; // COMPLIANT + // f &u; // NON_COMPILABLE + + b | u; // NON_COMPLIANT + c | u; // NON_COMPLIANT + e1 | u; // NON_COMPLIANT + s | u; // NON_COMPLIANT + u | u; // COMPLIANT + // f | u; // NON_COMPILABLE + + b ^ u; // NON_COMPLIANT + c ^ u; // NON_COMPLIANT + e1 ^ u; // NON_COMPLIANT + s ^ u; // NON_COMPLIANT + u ^ u; // COMPLIANT + // f ^ u; // NON_COMPILABLE + + u &b; // NON_COMPLIANT + u &c; // NON_COMPLIANT + u &e1; // NON_COMPLIANT + u &s; // NON_COMPLIANT + u &u; // COMPLIANT + // u &f; // NON_COMPILABLE + + u | b; // NON_COMPLIANT + u | c; // NON_COMPLIANT + u | e1; // NON_COMPLIANT + u | s; // NON_COMPLIANT + u | u; // COMPLIANT + // u | f; // NON_COMPILABLE + + u ^ b; // NON_COMPLIANT + u ^ c; // NON_COMPLIANT + u ^ e1; // NON_COMPLIANT + u ^ s; // NON_COMPLIANT + u ^ u; // COMPLIANT + // u ^ f; // NON_COMPILABLE + + ~b; // NON_COMPLIANT + ~c; // NON_COMPLIANT + ~e1; // NON_COMPLIANT + ~s; // NON_COMPLIANT + ~u; // COMPLIANT + //~f; // NON_COMPILABLE + + b ? 1 : 2; // COMPLIANT + c ? 1 : 2; // NON_COMPLIANT + e1 ? 1 : 2; // NON_COMPLIANT + s ? 1 : 2; // NON_COMPLIANT + u ? 1 : 2; // NON_COMPLIANT + f ? 1 : 2; // NON_COMPLIANT + + b ? b : b; // COMPLIANT + b ? c : c; // COMPLIANT + b ? e1 : e1; // COMPLIANT + b ? s : s; // COMPLIANT + b ? u : u; // COMPLIANT + b ? f : f; // COMPLIANT + + b += 1; // NON_COMPLIANT + c += 1; // COMPLIANT + e1 += 1; // NON_COMPLIANT + s += 1; // COMPLIANT + u += 1; // COMPLIANT + f += 1; // COMPLIANT + + b -= 1; // NON_COMPLIANT + c -= 1; // COMPLIANT + e1 -= 1; // NON_COMPLIANT + s -= 1; // COMPLIANT + u -= 1; // COMPLIANT + f -= 1; // COMPLIANT + + u += b; // NON_COMPLIANT + u += c; // COMPLIANT + u += e1; // NON_COMPLIANT + u += s; // COMPLIANT + u += u; // COMPLIANT + u += f; // COMPLIANT + + u -= b; // NON_COMPLIANT + u -= c; // COMPLIANT + u -= e1; // NON_COMPLIANT + u -= s; // COMPLIANT + u -= u; // COMPLIANT + u -= f; // COMPLIANT + + b *= 1; // NON_COMPLIANT + c *= 1; // NON_COMPLIANT + e1 *= 1; // NON_COMPLIANT + s *= 1; // COMPLIANT + u *= 1; // COMPLIANT + f *= 1; // COMPLIANT + + b /= 1; // NON_COMPLIANT + c /= 1; // NON_COMPLIANT + e1 /= 1; // NON_COMPLIANT + s /= 1; // COMPLIANT + u /= 1; // COMPLIANT + f /= 1; // COMPLIANT + + u *= b; // NON_COMPLIANT + u *= c; // NON_COMPLIANT + u *= e1; // NON_COMPLIANT + u *= s; // COMPLIANT + u *= u; // COMPLIANT + u *= f; // COMPLIANT + + u /= b; // NON_COMPLIANT + u /= c; // NON_COMPLIANT + u /= e1; // NON_COMPLIANT + u /= s; // COMPLIANT + u /= u; // COMPLIANT + u /= f; // COMPLIANT + + b %= 1; // NON_COMPLIANT + c %= 1; // NON_COMPLIANT + e1 %= 1; // NON_COMPLIANT + s %= 1; // COMPLIANT + u %= 1; // COMPLIANT + // f %= 1; // NON_COMPILABLE + + u %= b; // NON_COMPLIANT + u %= c; // NON_COMPLIANT + u %= e1; // NON_COMPLIANT + u %= s; // COMPLIANT + u %= u; // COMPLIANT + // u %= f; // NON_COMPILABLE + + b <<= u; // NON_COMPLIANT + c <<= u; // NON_COMPLIANT + e1 <<= u; // NON_COMPLIANT + s <<= u; // NON_COMPLIANT + u <<= u; // COMPLIANT + // f <<= u; // NON_COMPILABLE + + b >>= u; // NON_COMPLIANT + c >>= u; // NON_COMPLIANT + e1 >>= u; // NON_COMPLIANT + s >>= u; // NON_COMPLIANT + u >>= u; // COMPLIANT + // f >>= u; // NON_COMPILABLE + + u <<= b; // NON_COMPLIANT + u <<= c; // NON_COMPLIANT + u <<= e1; // NON_COMPLIANT + u <<= s; // NON_COMPLIANT + u <<= u; // COMPLIANT + // u <<= f; // NON_COMPILABLE + + u >>= b; // NON_COMPLIANT + u >>= c; // NON_COMPLIANT + u >>= e1; // NON_COMPLIANT + u >>= s; // NON_COMPLIANT + u >>= u; // COMPLIANT + // u >>= f; // NON_COMPILABLE + + b &= u; // NON_COMPLIANT + c &= u; // NON_COMPLIANT + e1 &= u; // NON_COMPLIANT + s &= u; // NON_COMPLIANT + u &= u; // COMPLIANT + // f &= u; // NON_COMPILABLE + + b ^= u; // NON_COMPLIANT + c ^= u; // NON_COMPLIANT + e1 ^= u; // NON_COMPLIANT + s ^= u; // NON_COMPLIANT + u ^= u; // COMPLIANT + // f ^= u; // NON_COMPILABLE + + b |= u; // NON_COMPLIANT + c |= u; // NON_COMPLIANT + e1 |= u; // NON_COMPLIANT + s |= u; // NON_COMPLIANT + u |= u; // COMPLIANT + // f |= u; // NON_COMPILABLE + + u &= b; // NON_COMPLIANT + u &= c; // NON_COMPLIANT + u &= e1; // NON_COMPLIANT + u &= s; // NON_COMPLIANT + u &= u; // COMPLIANT + // u &= f; // NON_COMPILABLE + + u ^= b; // NON_COMPLIANT + u ^= c; // NON_COMPLIANT + u ^= e1; // NON_COMPLIANT + u ^= s; // NON_COMPLIANT + u ^= u; // COMPLIANT + // u ^= f; // NON_COMPILABLE + + u |= b; // NON_COMPLIANT + u |= c; // NON_COMPLIANT + u |= e1; // NON_COMPLIANT + u |= s; // NON_COMPLIANT + u |= u; // COMPLIANT + // u |= f; // NON_COMPILABLE +} + +void pointerType() { + _Bool b = true; + int *p; + + !b; // COMPLIANT + !p; // NON_COMPLIANT + b &&b; // COMPLIANT + p &&b; // NON_COMPLIANT + b &&p; // NON_COMPLIANT + b || b; // COMPLIANT + p || b; // NON_COMPLIANT + b || p; // NON_COMPLIANT +} From 2147282a3d82ef91b613ba964006f739149543e6 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Mon, 13 Feb 2023 14:21:59 +0000 Subject: [PATCH 0450/2573] EssentialTypes: Implement Rule 10.2 Adds a query that detects inappropriate addition or subtraction operations on operands of essentially character type. --- ...dditionSubtractionOnEssentiallyCharType.ql | 40 +++++++++++++++++++ ...nSubtractionOnEssentiallyCharType.expected | 15 +++++++ ...tionSubtractionOnEssentiallyCharType.qlref | 1 + c/misra/test/rules/RULE-10-2/test.c | 35 ++++++++++++++++ 4 files changed, 91 insertions(+) create mode 100644 c/misra/src/rules/RULE-10-2/AdditionSubtractionOnEssentiallyCharType.ql create mode 100644 c/misra/test/rules/RULE-10-2/AdditionSubtractionOnEssentiallyCharType.expected create mode 100644 c/misra/test/rules/RULE-10-2/AdditionSubtractionOnEssentiallyCharType.qlref create mode 100644 c/misra/test/rules/RULE-10-2/test.c diff --git a/c/misra/src/rules/RULE-10-2/AdditionSubtractionOnEssentiallyCharType.ql b/c/misra/src/rules/RULE-10-2/AdditionSubtractionOnEssentiallyCharType.ql new file mode 100644 index 0000000000..5e75f44590 --- /dev/null +++ b/c/misra/src/rules/RULE-10-2/AdditionSubtractionOnEssentiallyCharType.ql @@ -0,0 +1,40 @@ +/** + * @id c/misra/addition-subtraction-on-essentially-char-type + * @name RULE-10-2: Expressions of essentially character type shall not be used inappropriately in addition and + * @description Expressions of essentially character type shall not be used inappropriately in + * addition and subtraction operations + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-10-2 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.c.misra.EssentialTypes + +from BinaryArithmeticOperation addOrSub +where + not isExcluded(addOrSub, EssentialTypesPackage::additionSubtractionOnEssentiallyCharTypeQuery()) and + addOrSub.getOperator() = ["+", "-"] and + // At least one operand is essentially character type + ( + getEssentialTypeCategory(getEssentialType(addOrSub.getLeftOperand())) = + EssentiallyCharacterType() or + getEssentialTypeCategory(getEssentialType(addOrSub.getRightOperand())) = + EssentiallyCharacterType() + ) and + not ( + // But the overall essential type is not essentially character type + getEssentialTypeCategory(getEssentialType(addOrSub)) = EssentiallyCharacterType() + or + // Or this is a subtration of one character with another, which is permitted, but produces an integral type + getEssentialTypeCategory(getEssentialType(addOrSub.getLeftOperand())) = + EssentiallyCharacterType() and + getEssentialTypeCategory(getEssentialType(addOrSub.getRightOperand())) = + EssentiallyCharacterType() and + addOrSub instanceof SubExpr + ) +select addOrSub, + "Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations" diff --git a/c/misra/test/rules/RULE-10-2/AdditionSubtractionOnEssentiallyCharType.expected b/c/misra/test/rules/RULE-10-2/AdditionSubtractionOnEssentiallyCharType.expected new file mode 100644 index 0000000000..0a5c7ae0bb --- /dev/null +++ b/c/misra/test/rules/RULE-10-2/AdditionSubtractionOnEssentiallyCharType.expected @@ -0,0 +1,15 @@ +| test.c:15:3:15:11 | ... + ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | +| test.c:16:3:16:9 | ... + ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | +| test.c:17:3:17:9 | ... + ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | +| test.c:18:3:18:9 | ... + ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | +| test.c:19:3:19:9 | ... + ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | +| test.c:20:3:20:10 | ... + ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | +| test.c:21:3:21:10 | ... + ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | +| test.c:27:3:27:9 | ... - ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | +| test.c:28:3:28:9 | ... - ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | +| test.c:29:3:29:9 | ... - ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | +| test.c:30:3:30:9 | ... - ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | +| test.c:31:3:31:9 | ... - ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | +| test.c:32:3:32:9 | ... - ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | +| test.c:33:3:33:10 | ... - ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | +| test.c:34:3:34:10 | ... - ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | diff --git a/c/misra/test/rules/RULE-10-2/AdditionSubtractionOnEssentiallyCharType.qlref b/c/misra/test/rules/RULE-10-2/AdditionSubtractionOnEssentiallyCharType.qlref new file mode 100644 index 0000000000..774874eb62 --- /dev/null +++ b/c/misra/test/rules/RULE-10-2/AdditionSubtractionOnEssentiallyCharType.qlref @@ -0,0 +1 @@ +rules/RULE-10-2/AdditionSubtractionOnEssentiallyCharType.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-2/test.c b/c/misra/test/rules/RULE-10-2/test.c new file mode 100644 index 0000000000..186c49226e --- /dev/null +++ b/c/misra/test/rules/RULE-10-2/test.c @@ -0,0 +1,35 @@ +#include + +void testRules() { + _Bool b = true; + enum E1 { A, B, C } e1 = A; + signed int i = 100; + unsigned int u = 100; + float f = 10.0f; + + // Addition cases + i + 'a'; // COMPLIANT + 'a' + i; // COMPLIANT + u + 'a'; // COMPLIANT + 'a' + u; // COMPLIANT + 'a' + 'a'; // NON_COMPLIANT + 'a' + f; // NON_COMPLIANT + f + 'a'; // NON_COMPLIANT + 'a' + b; // NON_COMPLIANT + b + 'a'; // NON_COMPLIANT + 'a' + e1; // NON_COMPLIANT + e1 + 'a'; // NON_COMPLIANT + + // Subtration cases + 'a' - i; // COMPLIANT + 'a' - u; // COMPLIANT + 'a' - 'a'; // COMPLIANT + 'a' - f; // NON_COMPLIANT + i - 'a'; // NON_COMPLIANT + u - 'a'; // NON_COMPLIANT + f - 'a'; // NON_COMPLIANT + b - 'a'; // NON_COMPLIANT + 'a' - b; // NON_COMPLIANT + e1 - 'a'; // NON_COMPLIANT + 'a' - e1; // NON_COMPLIANT +} \ No newline at end of file From fe01ab84808f447be71884280ef8cfc63e0fb41f Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Mon, 13 Feb 2023 14:22:52 +0000 Subject: [PATCH 0451/2573] EssentialTypes: Implement Rule 10.3 Adds a query that finds "assignments", as defined by MISRA C 2012, to incompatible essential types. --- .../AssignmentOfIncompatibleEssentialType.ql | 49 +++ ...gnmentOfIncompatibleEssentialType.expected | 133 +++++++ ...ssignmentOfIncompatibleEssentialType.qlref | 1 + c/misra/test/rules/RULE-10-3/test.c | 360 ++++++++++++++++++ 4 files changed, 543 insertions(+) create mode 100644 c/misra/src/rules/RULE-10-3/AssignmentOfIncompatibleEssentialType.ql create mode 100644 c/misra/test/rules/RULE-10-3/AssignmentOfIncompatibleEssentialType.expected create mode 100644 c/misra/test/rules/RULE-10-3/AssignmentOfIncompatibleEssentialType.qlref create mode 100644 c/misra/test/rules/RULE-10-3/test.c diff --git a/c/misra/src/rules/RULE-10-3/AssignmentOfIncompatibleEssentialType.ql b/c/misra/src/rules/RULE-10-3/AssignmentOfIncompatibleEssentialType.ql new file mode 100644 index 0000000000..362f0934c2 --- /dev/null +++ b/c/misra/src/rules/RULE-10-3/AssignmentOfIncompatibleEssentialType.ql @@ -0,0 +1,49 @@ +/** + * @id c/misra/assignment-of-incompatible-essential-type + * @name RULE-10-3: The value of an expression shall not be assigned to an object with a narrower essential type or of a + * @description The value of an expression shall not be assigned to an object with a narrower + * essential type or of a different essential type category + * @kind problem + * @precision high + * @problem.severity error + * @tags external/misra/id/rule-10-3 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.c.misra.EssentialTypes +import codingstandards.c.misra.MisraExpressions + +from + Type lValueType, Expr rValue, Type lValueEssentialType, EssentialTypeCategory lValueTypeCategory, + Type rValueEssentialType, EssentialTypeCategory rValueTypeCategory, string message +where + not isExcluded(rValue, EssentialTypesPackage::assignmentOfIncompatibleEssentialTypeQuery()) and + isAssignmentToEssentialType(lValueType, rValue) and + lValueEssentialType = lValueType and + lValueTypeCategory = getEssentialTypeCategory(lValueEssentialType) and + rValueEssentialType = getEssentialType(rValue) and + rValueTypeCategory = getEssentialTypeCategory(rValueEssentialType) and + ( + not lValueTypeCategory = rValueTypeCategory and + message = + "Assignment of " + rValueTypeCategory + " value to an object of " + lValueTypeCategory + "." + or + lValueTypeCategory = rValueTypeCategory and + lValueEssentialType.getSize() < rValueEssentialType.getSize() and + message = + "Assignment of value of " + lValueTypeCategory + " of size " + rValueEssentialType.getSize() + + " bytes to an object narrower essential type of size " + lValueEssentialType.getSize() + + " bytes." + ) and + // Exception 1: Constant signed integers can be assigned to unsigned integers in certain cases + not exists(int const | + const = rValue.getValue().toInt() and + rValueTypeCategory = EssentiallySignedType() and + rValueEssentialType.getSize() <= any(IntType t | t.isSigned()).getSize() and + lValueTypeCategory = EssentiallyUnsignedType() and + const >= 0 and + const <= 2.pow(lValueEssentialType.getSize() * 8) + ) +select rValue, message diff --git a/c/misra/test/rules/RULE-10-3/AssignmentOfIncompatibleEssentialType.expected b/c/misra/test/rules/RULE-10-3/AssignmentOfIncompatibleEssentialType.expected new file mode 100644 index 0000000000..3867abd0ca --- /dev/null +++ b/c/misra/test/rules/RULE-10-3/AssignmentOfIncompatibleEssentialType.expected @@ -0,0 +1,133 @@ +| test.c:11:7:11:8 | e1 | Assignment of essentially Enum Type value to an object of essentially Boolean type. | +| test.c:12:7:12:7 | s | Assignment of essentially Signed type value to an object of essentially Boolean type. | +| test.c:13:7:13:7 | u | Assignment of essentially Unsigned type value to an object of essentially Boolean type. | +| test.c:14:7:14:7 | f | Assignment of essentially Floating type value to an object of essentially Boolean type. | +| test.c:16:8:16:8 | b | Assignment of essentially Boolean type value to an object of essentially Enum Type. | +| test.c:18:8:18:8 | s | Assignment of essentially Signed type value to an object of essentially Enum Type. | +| test.c:19:8:19:8 | u | Assignment of essentially Unsigned type value to an object of essentially Enum Type. | +| test.c:20:8:20:8 | f | Assignment of essentially Floating type value to an object of essentially Enum Type. | +| test.c:22:7:22:7 | b | Assignment of essentially Boolean type value to an object of essentially Signed type. | +| test.c:23:7:23:8 | e1 | Assignment of essentially Enum Type value to an object of essentially Signed type. | +| test.c:25:7:25:7 | u | Assignment of essentially Unsigned type value to an object of essentially Signed type. | +| test.c:26:7:26:7 | f | Assignment of essentially Floating type value to an object of essentially Signed type. | +| test.c:28:7:28:7 | b | Assignment of essentially Boolean type value to an object of essentially Unsigned type. | +| test.c:29:7:29:8 | e1 | Assignment of essentially Enum Type value to an object of essentially Unsigned type. | +| test.c:30:7:30:7 | s | Assignment of essentially Signed type value to an object of essentially Unsigned type. | +| test.c:32:7:32:7 | f | Assignment of essentially Floating type value to an object of essentially Unsigned type. | +| test.c:34:7:34:7 | b | Assignment of essentially Boolean type value to an object of essentially Floating type. | +| test.c:35:7:35:8 | e1 | Assignment of essentially Enum Type value to an object of essentially Floating type. | +| test.c:36:7:36:7 | s | Assignment of essentially Signed type value to an object of essentially Floating type. | +| test.c:37:7:37:7 | u | Assignment of essentially Unsigned type value to an object of essentially Floating type. | +| test.c:49:14:49:15 | e1 | Assignment of essentially Enum Type value to an object of essentially Boolean type. | +| test.c:50:14:50:14 | s | Assignment of essentially Signed type value to an object of essentially Boolean type. | +| test.c:51:14:51:14 | u | Assignment of essentially Unsigned type value to an object of essentially Boolean type. | +| test.c:52:14:52:14 | f | Assignment of essentially Floating type value to an object of essentially Boolean type. | +| test.c:54:17:54:17 | b | Assignment of essentially Boolean type value to an object of essentially Enum Type. | +| test.c:56:17:56:17 | s | Assignment of essentially Signed type value to an object of essentially Enum Type. | +| test.c:57:17:57:17 | u | Assignment of essentially Unsigned type value to an object of essentially Enum Type. | +| test.c:58:17:58:17 | f | Assignment of essentially Floating type value to an object of essentially Enum Type. | +| test.c:60:19:60:19 | b | Assignment of essentially Boolean type value to an object of essentially Signed type. | +| test.c:61:19:61:20 | e1 | Assignment of essentially Enum Type value to an object of essentially Signed type. | +| test.c:63:19:63:19 | u | Assignment of essentially Unsigned type value to an object of essentially Signed type. | +| test.c:64:19:64:19 | f | Assignment of essentially Floating type value to an object of essentially Signed type. | +| test.c:66:21:66:21 | b | Assignment of essentially Boolean type value to an object of essentially Unsigned type. | +| test.c:67:21:67:22 | e1 | Assignment of essentially Enum Type value to an object of essentially Unsigned type. | +| test.c:68:21:68:21 | s | Assignment of essentially Signed type value to an object of essentially Unsigned type. | +| test.c:70:21:70:21 | f | Assignment of essentially Floating type value to an object of essentially Unsigned type. | +| test.c:72:14:72:14 | b | Assignment of essentially Boolean type value to an object of essentially Floating type. | +| test.c:73:14:73:15 | e1 | Assignment of essentially Enum Type value to an object of essentially Floating type. | +| test.c:74:14:74:14 | s | Assignment of essentially Signed type value to an object of essentially Floating type. | +| test.c:75:14:75:14 | u | Assignment of essentially Unsigned type value to an object of essentially Floating type. | +| test.c:80:7:80:8 | e1 | Assignment of essentially Enum Type value to an object of essentially Boolean type. | +| test.c:81:7:81:7 | s | Assignment of essentially Signed type value to an object of essentially Boolean type. | +| test.c:82:7:82:7 | u | Assignment of essentially Unsigned type value to an object of essentially Boolean type. | +| test.c:83:7:83:7 | f | Assignment of essentially Floating type value to an object of essentially Boolean type. | +| test.c:86:7:86:7 | b | Assignment of essentially Boolean type value to an object of essentially Enum Type. | +| test.c:88:7:88:7 | s | Assignment of essentially Signed type value to an object of essentially Enum Type. | +| test.c:89:7:89:7 | u | Assignment of essentially Unsigned type value to an object of essentially Enum Type. | +| test.c:90:7:90:7 | f | Assignment of essentially Floating type value to an object of essentially Enum Type. | +| test.c:93:7:93:7 | b | Assignment of essentially Boolean type value to an object of essentially Signed type. | +| test.c:94:7:94:8 | e1 | Assignment of essentially Enum Type value to an object of essentially Signed type. | +| test.c:96:7:96:7 | u | Assignment of essentially Unsigned type value to an object of essentially Signed type. | +| test.c:97:7:97:7 | f | Assignment of essentially Floating type value to an object of essentially Signed type. | +| test.c:100:7:100:7 | b | Assignment of essentially Boolean type value to an object of essentially Unsigned type. | +| test.c:101:7:101:8 | e1 | Assignment of essentially Enum Type value to an object of essentially Unsigned type. | +| test.c:102:7:102:7 | s | Assignment of essentially Signed type value to an object of essentially Unsigned type. | +| test.c:104:7:104:7 | f | Assignment of essentially Floating type value to an object of essentially Unsigned type. | +| test.c:107:7:107:7 | b | Assignment of essentially Boolean type value to an object of essentially Floating type. | +| test.c:108:7:108:8 | e1 | Assignment of essentially Enum Type value to an object of essentially Floating type. | +| test.c:109:7:109:7 | s | Assignment of essentially Signed type value to an object of essentially Floating type. | +| test.c:110:7:110:7 | u | Assignment of essentially Unsigned type value to an object of essentially Floating type. | +| test.c:118:7:118:8 | - ... | Assignment of essentially Signed type value to an object of essentially Unsigned type. | +| test.c:119:7:119:16 | 4294967296 | Assignment of essentially Signed type value to an object of essentially Unsigned type. | +| test.c:131:8:131:8 | A | Assignment of essentially Enum Type value to an object of essentially Boolean type. | +| test.c:132:8:132:10 | 100 | Assignment of essentially Signed type value to an object of essentially Boolean type. | +| test.c:133:23:133:25 | 200 | Assignment of essentially Unsigned type value to an object of essentially Boolean type. | +| test.c:138:8:138:11 | 1 | Assignment of essentially Boolean type value to an object of essentially Enum Type. | +| test.c:140:8:140:10 | 100 | Assignment of essentially Signed type value to an object of essentially Enum Type. | +| test.c:141:23:141:25 | 200 | Assignment of essentially Unsigned type value to an object of essentially Enum Type. | +| test.c:146:8:146:11 | 1 | Assignment of essentially Boolean type value to an object of essentially Signed type. | +| test.c:147:8:147:8 | A | Assignment of essentially Enum Type value to an object of essentially Signed type. | +| test.c:149:23:149:25 | 200 | Assignment of essentially Unsigned type value to an object of essentially Signed type. | +| test.c:154:8:154:11 | 1 | Assignment of essentially Boolean type value to an object of essentially Unsigned type. | +| test.c:155:8:155:8 | A | Assignment of essentially Enum Type value to an object of essentially Unsigned type. | +| test.c:174:8:174:8 | b | Assignment of essentially Boolean type value to an object of essentially Enum Type. | +| test.c:175:8:175:8 | b | Assignment of essentially Boolean type value to an object of essentially Signed type. | +| test.c:176:8:176:8 | b | Assignment of essentially Boolean type value to an object of essentially Unsigned type. | +| test.c:177:8:177:8 | b | Assignment of essentially Boolean type value to an object of essentially Floating type. | +| test.c:180:8:180:9 | e1 | Assignment of essentially Enum Type value to an object of essentially Boolean type. | +| test.c:182:8:182:9 | e1 | Assignment of essentially Enum Type value to an object of essentially Signed type. | +| test.c:183:8:183:9 | e1 | Assignment of essentially Enum Type value to an object of essentially Unsigned type. | +| test.c:184:8:184:9 | e1 | Assignment of essentially Enum Type value to an object of essentially Floating type. | +| test.c:187:8:187:8 | s | Assignment of essentially Signed type value to an object of essentially Boolean type. | +| test.c:188:8:188:8 | s | Assignment of essentially Signed type value to an object of essentially Enum Type. | +| test.c:190:8:190:8 | s | Assignment of essentially Signed type value to an object of essentially Unsigned type. | +| test.c:191:8:191:8 | s | Assignment of essentially Signed type value to an object of essentially Floating type. | +| test.c:194:8:194:8 | u | Assignment of essentially Unsigned type value to an object of essentially Boolean type. | +| test.c:195:8:195:8 | u | Assignment of essentially Unsigned type value to an object of essentially Enum Type. | +| test.c:196:8:196:8 | u | Assignment of essentially Unsigned type value to an object of essentially Signed type. | +| test.c:198:8:198:8 | u | Assignment of essentially Unsigned type value to an object of essentially Floating type. | +| test.c:201:8:201:8 | f | Assignment of essentially Floating type value to an object of essentially Boolean type. | +| test.c:202:8:202:8 | f | Assignment of essentially Floating type value to an object of essentially Enum Type. | +| test.c:203:8:203:8 | f | Assignment of essentially Floating type value to an object of essentially Signed type. | +| test.c:204:8:204:8 | f | Assignment of essentially Floating type value to an object of essentially Unsigned type. | +| test.c:220:12:220:13 | e1 | Assignment of essentially Enum Type value to an object of essentially Boolean type. | +| test.c:222:12:222:12 | s | Assignment of essentially Signed type value to an object of essentially Boolean type. | +| test.c:224:12:224:12 | u | Assignment of essentially Unsigned type value to an object of essentially Boolean type. | +| test.c:226:12:226:12 | f | Assignment of essentially Floating type value to an object of essentially Boolean type. | +| test.c:239:12:239:12 | b | Assignment of essentially Boolean type value to an object of essentially Enum Type. | +| test.c:243:12:243:12 | s | Assignment of essentially Signed type value to an object of essentially Enum Type. | +| test.c:245:12:245:12 | u | Assignment of essentially Unsigned type value to an object of essentially Enum Type. | +| test.c:247:12:247:12 | f | Assignment of essentially Floating type value to an object of essentially Enum Type. | +| test.c:260:12:260:12 | b | Assignment of essentially Boolean type value to an object of essentially Signed type. | +| test.c:262:12:262:13 | e1 | Assignment of essentially Enum Type value to an object of essentially Signed type. | +| test.c:266:12:266:12 | u | Assignment of essentially Unsigned type value to an object of essentially Signed type. | +| test.c:268:12:268:12 | f | Assignment of essentially Floating type value to an object of essentially Signed type. | +| test.c:281:12:281:12 | b | Assignment of essentially Boolean type value to an object of essentially Unsigned type. | +| test.c:283:12:283:13 | e1 | Assignment of essentially Enum Type value to an object of essentially Unsigned type. | +| test.c:285:12:285:12 | s | Assignment of essentially Signed type value to an object of essentially Unsigned type. | +| test.c:289:12:289:12 | f | Assignment of essentially Floating type value to an object of essentially Unsigned type. | +| test.c:302:12:302:12 | b | Assignment of essentially Boolean type value to an object of essentially Floating type. | +| test.c:304:12:304:13 | e1 | Assignment of essentially Enum Type value to an object of essentially Floating type. | +| test.c:306:12:306:12 | s | Assignment of essentially Signed type value to an object of essentially Floating type. | +| test.c:308:12:308:12 | u | Assignment of essentially Unsigned type value to an object of essentially Floating type. | +| test.c:332:10:332:11 | e1 | Assignment of essentially Enum Type value to an object of essentially Boolean type. | +| test.c:333:10:333:10 | s | Assignment of essentially Signed type value to an object of essentially Boolean type. | +| test.c:334:10:334:10 | u | Assignment of essentially Unsigned type value to an object of essentially Boolean type. | +| test.c:335:10:335:10 | f | Assignment of essentially Floating type value to an object of essentially Boolean type. | +| test.c:337:11:337:11 | b | Assignment of essentially Boolean type value to an object of essentially Enum Type. | +| test.c:339:11:339:11 | s | Assignment of essentially Signed type value to an object of essentially Enum Type. | +| test.c:340:11:340:11 | u | Assignment of essentially Unsigned type value to an object of essentially Enum Type. | +| test.c:341:11:341:11 | f | Assignment of essentially Floating type value to an object of essentially Enum Type. | +| test.c:343:10:343:10 | b | Assignment of essentially Boolean type value to an object of essentially Signed type. | +| test.c:344:10:344:11 | e1 | Assignment of essentially Enum Type value to an object of essentially Signed type. | +| test.c:346:10:346:10 | u | Assignment of essentially Unsigned type value to an object of essentially Signed type. | +| test.c:347:10:347:10 | f | Assignment of essentially Floating type value to an object of essentially Signed type. | +| test.c:349:10:349:10 | b | Assignment of essentially Boolean type value to an object of essentially Unsigned type. | +| test.c:350:10:350:11 | e1 | Assignment of essentially Enum Type value to an object of essentially Unsigned type. | +| test.c:351:10:351:10 | s | Assignment of essentially Signed type value to an object of essentially Unsigned type. | +| test.c:353:10:353:10 | f | Assignment of essentially Floating type value to an object of essentially Unsigned type. | +| test.c:355:10:355:10 | b | Assignment of essentially Boolean type value to an object of essentially Floating type. | +| test.c:356:10:356:11 | e1 | Assignment of essentially Enum Type value to an object of essentially Floating type. | +| test.c:357:10:357:10 | s | Assignment of essentially Signed type value to an object of essentially Floating type. | +| test.c:358:10:358:10 | u | Assignment of essentially Unsigned type value to an object of essentially Floating type. | diff --git a/c/misra/test/rules/RULE-10-3/AssignmentOfIncompatibleEssentialType.qlref b/c/misra/test/rules/RULE-10-3/AssignmentOfIncompatibleEssentialType.qlref new file mode 100644 index 0000000000..32b138eba6 --- /dev/null +++ b/c/misra/test/rules/RULE-10-3/AssignmentOfIncompatibleEssentialType.qlref @@ -0,0 +1 @@ +rules/RULE-10-3/AssignmentOfIncompatibleEssentialType.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-3/test.c b/c/misra/test/rules/RULE-10-3/test.c new file mode 100644 index 0000000000..1eb065e58b --- /dev/null +++ b/c/misra/test/rules/RULE-10-3/test.c @@ -0,0 +1,360 @@ +#include + +void testAssignment() { + _Bool b = true; // COMPLIANT + enum E1 { A, B, C } e1 = A; // COMPLIANT + signed int s = 100; // COMPLIANT + unsigned int u = 100; // COMPLIANT - by exception 1 + float f = 10.0f; // COMPLIANT + + b = false; // COMPLIANT + b = e1; // NON_COMPLIANT + b = s; // NON_COMPLIANT + b = u; // NON_COMPLIANT + b = f; // NON_COMPLIANT + + e1 = b; // NON_COMPLIANT + e1 = e1; // COMPLIANT + e1 = s; // NON_COMPLIANT + e1 = u; // NON_COMPLIANT + e1 = f; // NON_COMPLIANT + + s = b; // NON_COMPLIANT + s = e1; // NON_COMPLIANT + s = s; // COMPLIANT + s = u; // NON_COMPLIANT + s = f; // NON_COMPLIANT + + u = b; // NON_COMPLIANT + u = e1; // NON_COMPLIANT + u = s; // NON_COMPLIANT + u = u; // COMPLIANT + u = f; // NON_COMPLIANT + + f = b; // NON_COMPLIANT + f = e1; // NON_COMPLIANT + f = s; // NON_COMPLIANT + f = u; // NON_COMPLIANT + f = f; // COMPLIANT +} + +void testInitializers() { + _Bool b = true; // COMPLIANT + enum E1 { A, B, C } e1 = A; // COMPLIANT + signed int s = 100; // COMPLIANT + unsigned int u = 100; // COMPLIANT - by exception 1 + float f = 10.0f; // COMPLIANT + + _Bool bb = b; // COMPLIANT + _Bool be = e1; // NON_COMPLIANT + _Bool bs = s; // NON_COMPLIANT + _Bool bu = u; // NON_COMPLIANT + _Bool bf = f; // NON_COMPLIANT + + enum E1 e1b = b; // NON_COMPLIANT + enum E1 e1e = e1; // COMPLIANT + enum E1 e1s = s; // NON_COMPLIANT + enum E1 e1u = u; // NON_COMPLIANT + enum E1 e1f = f; // NON_COMPLIANT + + signed int sb = b; // NON_COMPLIANT + signed int se = e1; // NON_COMPLIANT + signed int ss = s; // COMPLIANT + signed int su = u; // NON_COMPLIANT + signed int sf = f; // NON_COMPLIANT + + unsigned int ub = b; // NON_COMPLIANT + unsigned int ue = e1; // NON_COMPLIANT + unsigned int us = s; // NON_COMPLIANT + unsigned int uu = u; // COMPLIANT + unsigned int uf = f; // NON_COMPLIANT + + float fb = b; // NON_COMPLIANT + float fe = e1; // NON_COMPLIANT + float fs = s; // NON_COMPLIANT + float fu = u; // NON_COMPLIANT + float ff = f; // COMPLIANT + + _Bool ba[5] = { + b, // COMPLIANT + e1, // NON_COMPLIANT + s, // NON_COMPLIANT + u, // NON_COMPLIANT + f // NON_COMPLIANT + }; + enum E1 ea[5] = { + b, // NON_COMPLIANT + e1, // COMPLIANT + s, // NON_COMPLIANT + u, // NON_COMPLIANT + f // NON_COMPLIANT + }; + signed int sa[5] = { + b, // NON_COMPLIANT + e1, // NON_COMPLIANT + s, // COMPLIANT + u, // NON_COMPLIANT + f // NON_COMPLIANT + }; + unsigned int ua[5] = { + b, // NON_COMPLIANT + e1, // NON_COMPLIANT + s, // NON_COMPLIANT + u, // COMPLIANT + f // NON_COMPLIANT + }; + float fa[5] = { + b, // NON_COMPLIANT + e1, // NON_COMPLIANT + s, // NON_COMPLIANT + u, // NON_COMPLIANT + f // COMPLIANT + }; +} + +void testException1() { + unsigned int u = 100; // COMPLIANT - by exception 1 + u = 100; // COMPLIANT - by exception 1 + u = -1; // NON_COMPLIANT - smaller that uint, so exception doesn't apply + u = 4294967296; // NON_COMPLIANT - cannot be stored in an int, so exception + // doesn't apply +} + +void testSwitchCase() { + _Bool b = true; // COMPLIANT + enum E1 { A, B, C } e1 = A; // COMPLIANT + signed int s = 100; // COMPLIANT + unsigned int u = 100; // COMPLIANT - by exception 1 + float f = 10.0f; // COMPLIANT + switch (b) { + case true: // COMPLIANT + case A: // NON_COMPLIANT + case 100: // NON_COMPLIANT + case ((unsigned int)200): // NON_COMPLIANT + // case 1.0f: // NON_COMPILABLE + } + + switch (e1) { + case true: // NON_COMPLIANT + case A: // COMPLIANT + case 100: // NON_COMPLIANT + case ((unsigned int)200): // NON_COMPLIANT + // case 1.0f: // NON_COMPILABLE + } + + switch (s) { + case true: // NON_COMPLIANT + case A: // NON_COMPLIANT + case 100: // COMPLIANT + case ((unsigned int)200): // NON_COMPLIANT + // case 1.0f: // NON_COMPILABLE + } + + switch (u) { + case true: // NON_COMPLIANT + case A: // NON_COMPLIANT + case 100: // COMPLIANT - by exception 1 + case ((unsigned int)200): // COMPLIANT - by exception 1 + // case 1.0f: // NON_COMPILABLE + } +} + +enum EG { EGA, EGB, EGC }; + +void func(_Bool b, enum EG eg, signed int i, unsigned int u, float f); + +void testFunctionCall() { + _Bool b = true; // COMPLIANT + enum EG e1 = EGA; // COMPLIANT + signed int s = 100; // COMPLIANT + unsigned int u = 100; // COMPLIANT - by exception 1 + float f = 10.0f; // COMPLIANT + + func(b, // COMPLIANT + b, // NON_COMPLIANT + b, // NON_COMPLIANT + b, // NON_COMPLIANT + b // NON_COMPLIANT + ); + + func(e1, // NON_COMPLIANT + e1, // COMPLIANT + e1, // NON_COMPLIANT + e1, // NON_COMPLIANT + e1 // NON_COMPLIANT + ); + + func(s, // NON_COMPLIANT + s, // NON_COMPLIANT + s, // COMPLIANT + s, // NON_COMPLIANT + s // NON_COMPLIANT + ); + + func(u, // NON_COMPLIANT + u, // NON_COMPLIANT + u, // NON_COMPLIANT + u, // COMPLIANT + u // NON_COMPLIANT + ); + + func(f, // NON_COMPLIANT + f, // NON_COMPLIANT + f, // NON_COMPLIANT + f, // NON_COMPLIANT + f // COMPLIANT + ); +} + +_Bool testBoolFunctionReturn(int x) { + _Bool b = true; // COMPLIANT + enum EG e1 = EGA; // COMPLIANT + signed int s = 100; // COMPLIANT + unsigned int u = 100; // COMPLIANT - by exception 1 + float f = 10.0f; // COMPLIANT + + switch (x) { + case 0: + return b; // COMPLIANT + case 1: + return e1; // NON_COMPLIANT + case 2: + return s; // NON_COMPLIANT + case 3: + return u; // NON_COMPLIANT + default: + return f; // NON_COMPLIANT + } +} + +enum EG testEnumFunctionReturn(int x) { + _Bool b = true; // COMPLIANT + enum EG e1 = EGA; // COMPLIANT + signed int s = 100; // COMPLIANT + unsigned int u = 100; // COMPLIANT - by exception 1 + float f = 10.0f; // COMPLIANT + + switch (x) { + case 0: + return b; // NON_COMPLIANT + case 1: + return e1; // COMPLIANT + case 2: + return s; // NON_COMPLIANT + case 3: + return u; // NON_COMPLIANT + default: + return f; // NON_COMPLIANT + } +} + +signed int testSignedIntFunctionReturn(int x) { + _Bool b = true; // COMPLIANT + enum EG e1 = EGA; // COMPLIANT + signed int s = 100; // COMPLIANT + unsigned int u = 100; // COMPLIANT - by exception 1 + float f = 10.0f; // COMPLIANT + + switch (x) { + case 0: + return b; // NON_COMPLIANT + case 1: + return e1; // NON_COMPLIANT + case 2: + return s; // COMPLIANT + case 3: + return u; // NON_COMPLIANT + default: + return f; // NON_COMPLIANT + } +} + +unsigned int testUnsignedIntFunctionReturn(int x) { + _Bool b = true; // COMPLIANT + enum EG e1 = EGA; // COMPLIANT + signed int s = 100; // COMPLIANT + unsigned int u = 100; // COMPLIANT - by exception 1 + float f = 10.0f; // COMPLIANT + + switch (x) { + case 0: + return b; // NON_COMPLIANT + case 1: + return e1; // NON_COMPLIANT + case 2: + return s; // NON_COMPLIANT + case 3: + return u; // COMPLIANT + default: + return f; // NON_COMPLIANT + } +} + +float testFloatFunctionReturn(int x) { + _Bool b = true; // COMPLIANT + enum EG e1 = EGA; // COMPLIANT + signed int s = 100; // COMPLIANT + unsigned int u = 100; // COMPLIANT - by exception 1 + float f = 10.0f; // COMPLIANT + + switch (x) { + case 0: + return b; // NON_COMPLIANT + case 1: + return e1; // NON_COMPLIANT + case 2: + return s; // NON_COMPLIANT + case 3: + return u; // NON_COMPLIANT + default: + return f; // COMPLIANT + } +} + +struct S1 { + _Bool b; + enum EG e1; + signed int s; + unsigned int u; + float f; +}; + +void testStructAssignment() { + _Bool b = true; // COMPLIANT + enum EG e1 = EGA; // COMPLIANT + signed int s = 100; // COMPLIANT + unsigned int u = 100; // COMPLIANT - by exception 1 + float f = 10.0f; // COMPLIANT + + struct S1 s1; + + s1.b = b; // COMPLIANT + s1.b = e1; // NON_COMPLIANT + s1.b = s; // NON_COMPLIANT + s1.b = u; // NON_COMPLIANT + s1.b = f; // NON_COMPLIANT + + s1.e1 = b; // NON_COMPLIANT + s1.e1 = e1; // COMPLIANT + s1.e1 = s; // NON_COMPLIANT + s1.e1 = u; // NON_COMPLIANT + s1.e1 = f; // NON_COMPLIANT + + s1.s = b; // NON_COMPLIANT + s1.s = e1; // NON_COMPLIANT + s1.s = s; // COMPLIANT + s1.s = u; // NON_COMPLIANT + s1.s = f; // NON_COMPLIANT + + s1.u = b; // NON_COMPLIANT + s1.u = e1; // NON_COMPLIANT + s1.u = s; // NON_COMPLIANT + s1.u = u; // COMPLIANT + s1.u = f; // NON_COMPLIANT + + s1.f = b; // NON_COMPLIANT + s1.f = e1; // NON_COMPLIANT + s1.f = s; // NON_COMPLIANT + s1.f = u; // NON_COMPLIANT + s1.f = f; // COMPLIANT +} \ No newline at end of file From 810a77591f9da80ceeb566b865279cecb0605e83 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Mon, 13 Feb 2023 14:23:42 +0000 Subject: [PATCH 0452/2573] EssentialTypes: Implement Rule 10.4 Adds a query that finds operands to operators with the usual arithmetic conversions that are incompatible. --- ...andsWithMismatchedEssentialTypeCategory.ql | 57 +++++++++++++++++++ ...thMismatchedEssentialTypeCategory.expected | 10 ++++ ...sWithMismatchedEssentialTypeCategory.qlref | 1 + c/misra/test/rules/RULE-10-4/test.c | 36 ++++++++++++ 4 files changed, 104 insertions(+) create mode 100644 c/misra/src/rules/RULE-10-4/OperandsWithMismatchedEssentialTypeCategory.ql create mode 100644 c/misra/test/rules/RULE-10-4/OperandsWithMismatchedEssentialTypeCategory.expected create mode 100644 c/misra/test/rules/RULE-10-4/OperandsWithMismatchedEssentialTypeCategory.qlref create mode 100644 c/misra/test/rules/RULE-10-4/test.c diff --git a/c/misra/src/rules/RULE-10-4/OperandsWithMismatchedEssentialTypeCategory.ql b/c/misra/src/rules/RULE-10-4/OperandsWithMismatchedEssentialTypeCategory.ql new file mode 100644 index 0000000000..582854e77b --- /dev/null +++ b/c/misra/src/rules/RULE-10-4/OperandsWithMismatchedEssentialTypeCategory.ql @@ -0,0 +1,57 @@ +/** + * @id c/misra/operands-with-mismatched-essential-type-category + * @name RULE-10-4: Both operands of an operator in which the usual arithmetic conversions are performed shall have the + * @description Both operands of an operator in which the usual arithmetic conversions are performed + * shall have the same essential type category + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-10-4 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.c.misra.EssentialTypes +import codingstandards.c.misra.MisraExpressions + +from + OperationWithUsualArithmeticConversions op, Type leftOpEssentialType, Type rightOpEssentialType, + EssentialTypeCategory leftOpTypeCategory, EssentialTypeCategory rightOpTypeCategory, + string message +where + not isExcluded(op, EssentialTypesPackage::operandsWithMismatchedEssentialTypeCategoryQuery()) and + leftOpEssentialType = getEssentialType(op.getLeftOperand()) and + rightOpEssentialType = getEssentialType(op.getRightOperand()) and + leftOpTypeCategory = getEssentialTypeCategory(leftOpEssentialType) and + rightOpTypeCategory = getEssentialTypeCategory(rightOpEssentialType) and + ( + not leftOpTypeCategory = rightOpTypeCategory and + message = + "The operands of this operator with usual arithmetic conversions have mismatched essential types (left operand: " + + leftOpTypeCategory + ", right operand: " + rightOpTypeCategory + ")." + or + // This is not technically covered by the rule, but the examples make it clear that this should + // be reported as non-compliant. + leftOpTypeCategory = EssentiallyEnumType() and + rightOpTypeCategory = EssentiallyEnumType() and + not leftOpEssentialType = rightOpEssentialType and + message = + "The operands of this operator with usual arithmetic conversions have mismatched essentially Enum types (left operand: " + + leftOpEssentialType + ", right operand: " + rightOpEssentialType + ")." + ) and + not ( + // Mismatch is permitted if using "+" or "+=" with one character operand and one integer operand + op.getOperator() = ["+", "+="] and + [leftOpTypeCategory, rightOpTypeCategory] = EssentiallyCharacterType() and + [leftOpTypeCategory, rightOpTypeCategory] = + [EssentiallyUnsignedType().(TEssentialTypeCategory), EssentiallySignedType()] + ) and + not ( + // Mismatch is permitted if using "+" or "+=" with one pointer operand and one integer operand + op.getOperator() = ["-", "-="] and + leftOpTypeCategory = EssentiallyCharacterType() and + rightOpTypeCategory = + [EssentiallyUnsignedType().(TEssentialTypeCategory), EssentiallySignedType()] + ) +select op, message diff --git a/c/misra/test/rules/RULE-10-4/OperandsWithMismatchedEssentialTypeCategory.expected b/c/misra/test/rules/RULE-10-4/OperandsWithMismatchedEssentialTypeCategory.expected new file mode 100644 index 0000000000..333c3ad581 --- /dev/null +++ b/c/misra/test/rules/RULE-10-4/OperandsWithMismatchedEssentialTypeCategory.expected @@ -0,0 +1,10 @@ +| test.c:14:3:14:9 | ... + ... | The operands of this operator with usual arithmetic conversions have mismatched essential types (left operand: essentially Unsigned type, right operand: essentially Signed type). | +| test.c:15:3:15:9 | ... + ... | The operands of this operator with usual arithmetic conversions have mismatched essential types (left operand: essentially Signed type, right operand: essentially Unsigned type). | +| test.c:16:3:16:10 | ... += ... | The operands of this operator with usual arithmetic conversions have mismatched essential types (left operand: essentially Signed type, right operand: essentially Unsigned type). | +| test.c:17:3:17:9 | ... + ... | The operands of this operator with usual arithmetic conversions have mismatched essential types (left operand: essentially Floating type, right operand: essentially Signed type). | +| test.c:18:3:18:9 | ... + ... | The operands of this operator with usual arithmetic conversions have mismatched essential types (left operand: essentially Signed type, right operand: essentially Floating type). | +| test.c:19:3:19:10 | ... += ... | The operands of this operator with usual arithmetic conversions have mismatched essential types (left operand: essentially Signed type, right operand: essentially Floating type). | +| test.c:27:3:27:9 | ... - ... | The operands of this operator with usual arithmetic conversions have mismatched essential types (left operand: essentially Signed type, right operand: essentially Character type). | +| test.c:28:3:28:10 | ... -= ... | The operands of this operator with usual arithmetic conversions have mismatched essential types (left operand: essentially Signed type, right operand: essentially Character type). | +| test.c:34:3:34:11 | ... < ... | The operands of this operator with usual arithmetic conversions have mismatched essentially Enum types (left operand: E1, right operand: E2). | +| test.c:35:3:35:7 | ... < ... | The operands of this operator with usual arithmetic conversions have mismatched essentially Enum types (left operand: E1, right operand: E2). | diff --git a/c/misra/test/rules/RULE-10-4/OperandsWithMismatchedEssentialTypeCategory.qlref b/c/misra/test/rules/RULE-10-4/OperandsWithMismatchedEssentialTypeCategory.qlref new file mode 100644 index 0000000000..3b9a9bc32c --- /dev/null +++ b/c/misra/test/rules/RULE-10-4/OperandsWithMismatchedEssentialTypeCategory.qlref @@ -0,0 +1 @@ +rules/RULE-10-4/OperandsWithMismatchedEssentialTypeCategory.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-4/test.c b/c/misra/test/rules/RULE-10-4/test.c new file mode 100644 index 0000000000..666590a2d5 --- /dev/null +++ b/c/misra/test/rules/RULE-10-4/test.c @@ -0,0 +1,36 @@ +void testOps() { + signed int s32 = 100; + signed long long s64 = 100; + unsigned int u = 100; + float f = 10.0f; + char c = 'A'; + + s32 + s32; // COMPLIANT + s64 + s64; // COMPLIANT + s32 + s64; // COMPLIANT + s64 + s32; // COMPLIANT + s64 += s32; // COMPLIANT + s32 += s64; // COMPLIANT + u + s32; // NON_COMPLIANT + s32 + u; // NON_COMPLIANT + s32 += u; // NON_COMPLIANT + f + s32; // NON_COMPLIANT + s32 + f; // NON_COMPLIANT + s32 += f; // NON_COMPLIANT + + c + s32; // COMPLIANT - by exception + c += s32; // COMPLIANT - by exception + s32 + c; // COMPLIANT - by exception + s32 += c; // COMPLIANT - by exception + c - s32; // COMPLIANT - by exception + c -= s32; // COMPLIANT - by exception + s32 - c; // NON_COMPLIANT + s32 -= c; // NON_COMPLIANT + + enum E1 { A, B, C } e1a; + enum E2 { D, E, F } e2a; + e1a < e1a; // COMPLIANT + A < A; // COMPLIANT + e1a < e2a; // NON_COMPLIANT + A < D; // NON_COMPLIANT +} \ No newline at end of file From 931aa12c7995ff384b19905aa26287ea106275bc Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Mon, 13 Feb 2023 14:24:29 +0000 Subject: [PATCH 0453/2573] EssentialTypes: Implement Rule 10.5 Adds a query that identifies explicit casts to an inappropriate essential type, according to the conditions set by MISRA C 2012. --- .../InappropriateEssentialTypeCast.ql | 74 ++++++++++++++++++ .../InappropriateEssentialTypeCast.expected | 20 +++++ .../InappropriateEssentialTypeCast.qlref | 1 + c/misra/test/rules/RULE-10-5/test.c | 77 +++++++++++++++++++ 4 files changed, 172 insertions(+) create mode 100644 c/misra/src/rules/RULE-10-5/InappropriateEssentialTypeCast.ql create mode 100644 c/misra/test/rules/RULE-10-5/InappropriateEssentialTypeCast.expected create mode 100644 c/misra/test/rules/RULE-10-5/InappropriateEssentialTypeCast.qlref create mode 100644 c/misra/test/rules/RULE-10-5/test.c diff --git a/c/misra/src/rules/RULE-10-5/InappropriateEssentialTypeCast.ql b/c/misra/src/rules/RULE-10-5/InappropriateEssentialTypeCast.ql new file mode 100644 index 0000000000..c7556729c9 --- /dev/null +++ b/c/misra/src/rules/RULE-10-5/InappropriateEssentialTypeCast.ql @@ -0,0 +1,74 @@ +/** + * @id c/misra/inappropriate-essential-type-cast + * @name RULE-10-5: The value of an expression should not be cast to an inappropriate essential type + * @description + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-10-5 + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.c.misra +import codingstandards.c.misra.EssentialTypes +import codingstandards.c.misra.MisraExpressions + +predicate isIncompatibleEssentialTypeCast(EssentialTypeCategory fromCat, EssentialTypeCategory toCat) { + fromCat = EssentiallyBooleanType() and + toCat = + [ + EssentiallyCharacterType(), EssentiallyEnumType(), EssentiallySignedType(), + EssentiallyUnsignedType(), EssentiallyFloatingType().(TEssentialTypeCategory) + ] + or + fromCat = EssentiallyCharacterType() and + toCat = + [ + EssentiallyBooleanType(), EssentiallyEnumType(), + EssentiallyFloatingType().(TEssentialTypeCategory) + ] + or + fromCat = EssentiallyEnumType() and + toCat = [EssentiallyBooleanType(), EssentiallyEnumType().(TEssentialTypeCategory)] // NOTE only if different enum types + or + fromCat = EssentiallySignedType() and + toCat = [EssentiallyBooleanType(), EssentiallyEnumType().(TEssentialTypeCategory)] + or + fromCat = EssentiallyUnsignedType() and + toCat = [EssentiallyBooleanType(), EssentiallyEnumType().(TEssentialTypeCategory)] + or + fromCat = EssentiallyFloatingType() and + toCat = + [ + EssentiallyBooleanType(), EssentiallyCharacterType(), + EssentiallyEnumType().(TEssentialTypeCategory) + ] +} + +from + Cast c, Type essentialFromType, Type essentialToType, EssentialTypeCategory fromCategory, + EssentialTypeCategory toCategory, string message +where + not isExcluded(c, EssentialTypesPackage::inappropriateEssentialTypeCastQuery()) and + not c.isImplicit() and + essentialFromType = getEssentialTypeBeforeConversions(c.getExpr()) and + essentialToType = c.getType() and + fromCategory = getEssentialTypeCategory(essentialFromType) and + toCategory = getEssentialTypeCategory(essentialToType) and + isIncompatibleEssentialTypeCast(fromCategory, toCategory) and + ( + if fromCategory = EssentiallyEnumType() and toCategory = EssentiallyEnumType() + then + // If from/to enum types, then only report if the essential types are different + not essentialToType = essentialFromType and + message = "Incompatible cast from " + essentialFromType + " to " + essentialToType + "." + else message = "Incompatible cast from " + fromCategory + " to " + toCategory + "." + ) and + not ( + // Exception - casting from `0` or `1` to a boolean type is permitted + (fromCategory = EssentiallySignedType() or fromCategory = EssentiallyUnsignedType()) and + toCategory = EssentiallyBooleanType() and + c.getExpr().getValue().toInt() = [0, 1] + ) +select c, message diff --git a/c/misra/test/rules/RULE-10-5/InappropriateEssentialTypeCast.expected b/c/misra/test/rules/RULE-10-5/InappropriateEssentialTypeCast.expected new file mode 100644 index 0000000000..731ad9f312 --- /dev/null +++ b/c/misra/test/rules/RULE-10-5/InappropriateEssentialTypeCast.expected @@ -0,0 +1,20 @@ +| test.c:9:3:9:9 | (char)... | Incompatible cast from essentially Boolean type to essentially Character type. | +| test.c:10:3:10:13 | (E1)... | Incompatible cast from essentially Boolean type to essentially Enum Type. | +| test.c:11:3:11:15 | (signed int)... | Incompatible cast from essentially Boolean type to essentially Signed type. | +| test.c:12:3:12:17 | (unsigned int)... | Incompatible cast from essentially Boolean type to essentially Unsigned type. | +| test.c:13:3:13:10 | (float)... | Incompatible cast from essentially Boolean type to essentially Floating type. | +| test.c:16:3:16:11 | (bool)... | Incompatible cast from essentially Character type to essentially Boolean type. | +| test.c:18:3:18:13 | (E1)... | Incompatible cast from essentially Character type to essentially Enum Type. | +| test.c:21:3:21:10 | (float)... | Incompatible cast from essentially Character type to essentially Floating type. | +| test.c:24:3:24:11 | (bool)... | Incompatible cast from essentially Enum Type to essentially Boolean type. | +| test.c:26:3:26:13 | (E1)... | Incompatible cast from E2 to E1. | +| test.c:33:3:33:11 | (bool)... | Incompatible cast from essentially Signed type to essentially Boolean type. | +| test.c:35:3:35:13 | (E1)... | Incompatible cast from essentially Signed type to essentially Enum Type. | +| test.c:41:3:41:11 | (bool)... | Incompatible cast from essentially Unsigned type to essentially Boolean type. | +| test.c:43:3:43:13 | (E1)... | Incompatible cast from essentially Unsigned type to essentially Enum Type. | +| test.c:49:3:49:11 | (bool)... | Incompatible cast from essentially Floating type to essentially Boolean type. | +| test.c:50:3:50:9 | (char)... | Incompatible cast from essentially Floating type to essentially Character type. | +| test.c:51:3:51:13 | (E1)... | Incompatible cast from essentially Floating type to essentially Enum Type. | +| test.c:68:3:68:10 | (bool)... | Incompatible cast from essentially Signed type to essentially Boolean type. | +| test.c:72:3:72:16 | (MyBool)... | Incompatible cast from essentially Signed type to essentially Boolean type. | +| test.c:76:3:76:12 | (boolean)... | Incompatible cast from essentially Signed type to essentially Boolean type. | diff --git a/c/misra/test/rules/RULE-10-5/InappropriateEssentialTypeCast.qlref b/c/misra/test/rules/RULE-10-5/InappropriateEssentialTypeCast.qlref new file mode 100644 index 0000000000..e871beb36b --- /dev/null +++ b/c/misra/test/rules/RULE-10-5/InappropriateEssentialTypeCast.qlref @@ -0,0 +1 @@ +rules/RULE-10-5/InappropriateEssentialTypeCast.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-5/test.c b/c/misra/test/rules/RULE-10-5/test.c new file mode 100644 index 0000000000..dbc5939f0f --- /dev/null +++ b/c/misra/test/rules/RULE-10-5/test.c @@ -0,0 +1,77 @@ +#include + +void testIncompatibleCasts() { + enum E1 { A, B }; + + _Bool b = true; + + (_Bool) b; // COMPLIANT + (char)b; // NON_COMPLIANT + (enum E1) b; // NON_COMPLIANT + (signed int)b; // NON_COMPLIANT + (unsigned int)b; // NON_COMPLIANT + (float)b; // NON_COMPLIANT + + char c = 100; + (_Bool) c; // NON_COMPLIANT + (char)c; // COMPLIANT + (enum E1) c; // NON_COMPLIANT + (signed int)c; // COMPLIANT + (unsigned int)c; // COMPLIANT + (float)c; // NON_COMPLIANT + + enum E2 { C, D } e = C; + (_Bool) e; // NON_COMPLIANT + (char)e; // COMPLIANT + (enum E1) e; // NON_COMPLIANT + (enum E2) e; // COMPLIANT + (signed int)e; // COMPLIANT + (unsigned int)e; // COMPLIANT + (float)e; // COMPLIANT + + signed int i = 100; + (_Bool) i; // NON_COMPLIANT + (char)i; // COMPLIANT + (enum E1) i; // NON_COMPLIANT + (signed int)i; // COMPLIANT + (unsigned int)i; // COMPLIANT + (float)i; // COMPLIANT + + unsigned int u = 100; + (_Bool) u; // NON_COMPLIANT + (char)u; // COMPLIANT + (enum E1) u; // NON_COMPLIANT + (signed int)u; // COMPLIANT + (unsigned int)u; // COMPLIANT + (float)u; // COMPLIANT + + float f = 100.0; + (_Bool) f; // NON_COMPLIANT + (char)f; // NON_COMPLIANT + (enum E1) f; // NON_COMPLIANT + (signed int)f; // COMPLIANT + (unsigned int)f; // COMPLIANT + (float)f; // COMPLIANT +} + +void testImplicit() { + // Implicit conversions are not checked by this rule. + char c = true; // Not covered by rule + _Bool b = 100; // Not covered by rule + unsigned int u = 100; + _Bool b2 = u; // Not covered by rule +} + +void testIntegerConstantBool() { + (_Bool)0; // COMPLIANT + (_Bool)1; // COMPLIANT + (_Bool)2; // NON_COMPLIANT + enum MyBool { f, t }; + (enum MyBool)0; // COMPLIANT + (enum MyBool)1; // COMPLIANT + (enum MyBool)2; // NON_COMPLIANT + typedef int boolean; + (boolean)0; // COMPLIANT + (boolean)1; // COMPLIANT + (boolean)2; // NON_COMPLIANT +} \ No newline at end of file From 87e701316ab52ce78d947d0ea170527c6875674d Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Mon, 13 Feb 2023 14:25:14 +0000 Subject: [PATCH 0454/2573] EssentialTypes: Implement Rule 10.6 Adds a query which identifies "assignments" (as defined by MISRA C 2012) from composite expressions to objects of a wider essential type. --- .../AssignmentToWiderEssentialType.ql | 26 +++++++++++++++++++ .../AssignmentToWiderEssentialType.expected | 3 +++ .../AssignmentToWiderEssentialType.qlref | 1 + c/misra/test/rules/RULE-10-6/test.c | 11 ++++++++ 4 files changed, 41 insertions(+) create mode 100644 c/misra/src/rules/RULE-10-6/AssignmentToWiderEssentialType.ql create mode 100644 c/misra/test/rules/RULE-10-6/AssignmentToWiderEssentialType.expected create mode 100644 c/misra/test/rules/RULE-10-6/AssignmentToWiderEssentialType.qlref create mode 100644 c/misra/test/rules/RULE-10-6/test.c diff --git a/c/misra/src/rules/RULE-10-6/AssignmentToWiderEssentialType.ql b/c/misra/src/rules/RULE-10-6/AssignmentToWiderEssentialType.ql new file mode 100644 index 0000000000..b62eca3c29 --- /dev/null +++ b/c/misra/src/rules/RULE-10-6/AssignmentToWiderEssentialType.ql @@ -0,0 +1,26 @@ +/** + * @id c/misra/assignment-to-wider-essential-type + * @name RULE-10-6: The value of a composite expression shall not be assigned to an object with wider essential type + * @description + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-10-6 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.c.misra.EssentialTypes +import codingstandards.c.misra.MisraExpressions + +from CompositeExpression ce, Type lValueType, Type compositeEssentialType +where + not isExcluded(ce, EssentialTypesPackage::assignmentToWiderEssentialTypeQuery()) and + isAssignmentToEssentialType(lValueType, ce) and + compositeEssentialType = getEssentialType(ce) and + lValueType.getSize() > compositeEssentialType.getSize() and + // Assignment to a different type category is prohibited by Rule 10.3, so we only report cases + // where the assignment is to the same type category. + getEssentialTypeCategory(lValueType) = getEssentialTypeCategory(compositeEssentialType) +select ce, "Assignment to wider essential type: $@." diff --git a/c/misra/test/rules/RULE-10-6/AssignmentToWiderEssentialType.expected b/c/misra/test/rules/RULE-10-6/AssignmentToWiderEssentialType.expected new file mode 100644 index 0000000000..0813de0e7c --- /dev/null +++ b/c/misra/test/rules/RULE-10-6/AssignmentToWiderEssentialType.expected @@ -0,0 +1,3 @@ +| test.c:5:9:5:17 | ... + ... | Assignment to wider essential type: $@. | +| test.c:7:24:7:32 | ... + ... | Assignment to wider essential type: $@. | +| test.c:8:27:8:35 | ... + ... | Assignment to wider essential type: $@. | diff --git a/c/misra/test/rules/RULE-10-6/AssignmentToWiderEssentialType.qlref b/c/misra/test/rules/RULE-10-6/AssignmentToWiderEssentialType.qlref new file mode 100644 index 0000000000..5b3ab4e556 --- /dev/null +++ b/c/misra/test/rules/RULE-10-6/AssignmentToWiderEssentialType.qlref @@ -0,0 +1 @@ +rules/RULE-10-6/AssignmentToWiderEssentialType.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-6/test.c b/c/misra/test/rules/RULE-10-6/test.c new file mode 100644 index 0000000000..a6ee9da77b --- /dev/null +++ b/c/misra/test/rules/RULE-10-6/test.c @@ -0,0 +1,11 @@ +void testWiderAssignment() { + unsigned int u32 = 100; + unsigned short u16 = 100; + u16 = u16 + u16; // COMPLIANT + u32 = u16 + u16; // NON_COMPLIANT + u32 = (unsigned int)(u16 + u16); // COMPLIANT + unsigned int u32_2 = u16 + u16; // NON_COMPLIANT + unsigned int u32a[1] = {u16 + u16}; // NON_COMPLIANT + + signed int s32 = u16 + u16; // ignored - prohibited by Rule 10.3 +} \ No newline at end of file From 70147d5600166e748eecd24a7de80d459d4510ae Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Mon, 13 Feb 2023 14:26:23 +0000 Subject: [PATCH 0455/2573] EssentialTypes: Implement Rule 10.6. Adds a query which identifies implicit conversions of composite expressions that cause it to be casted to a wider essential type. --- ...ImplicitConversionOfCompositeExpression.ql | 36 +++++++++++++++++++ ...itConversionOfCompositeExpression.expected | 3 ++ ...licitConversionOfCompositeExpression.qlref | 1 + c/misra/test/rules/RULE-10-7/test.c | 14 ++++++++ 4 files changed, 54 insertions(+) create mode 100644 c/misra/src/rules/RULE-10-7/ImplicitConversionOfCompositeExpression.ql create mode 100644 c/misra/test/rules/RULE-10-7/ImplicitConversionOfCompositeExpression.expected create mode 100644 c/misra/test/rules/RULE-10-7/ImplicitConversionOfCompositeExpression.qlref create mode 100644 c/misra/test/rules/RULE-10-7/test.c diff --git a/c/misra/src/rules/RULE-10-7/ImplicitConversionOfCompositeExpression.ql b/c/misra/src/rules/RULE-10-7/ImplicitConversionOfCompositeExpression.ql new file mode 100644 index 0000000000..16cb46ce77 --- /dev/null +++ b/c/misra/src/rules/RULE-10-7/ImplicitConversionOfCompositeExpression.ql @@ -0,0 +1,36 @@ +/** + * @id c/misra/implicit-conversion-of-composite-expression + * @name RULE-10-7: If a composite expression is used as one operand of an operator in which the usual arithmetic + * @description If a composite expression is used as one operand of an operator in which the usual + * arithmetic conversions are performed then the other operand shall not have wider + * essential type + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-10-7 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.c.misra.EssentialTypes +import codingstandards.c.misra.MisraExpressions + +from + OperationWithUsualArithmeticConversions arith, CompositeExpression compositeOp, Expr otherOp, + Type compositeEssentialType, Type otherOpEssentialType +where + not isExcluded(arith, EssentialTypesPackage::implicitConversionOfCompositeExpressionQuery()) and + arith.getAnOperand() = compositeOp and + arith.getAnOperand() = otherOp and + not otherOp = compositeOp and + compositeEssentialType = getEssentialType(compositeOp) and + otherOpEssentialType = getEssentialType(otherOp) and + compositeEssentialType.getSize() < otherOpEssentialType.getSize() and + // Operands of a different type category in an operation with the usual arithmetic conversions is + // prohibited by Rule 10.4, so we only report cases here where the essential type categories are + // the same + getEssentialTypeCategory(compositeEssentialType) = getEssentialTypeCategory(otherOpEssentialType) +select arith, + "Implicit conversion of $@ from " + compositeEssentialType + " to " + otherOpEssentialType, + compositeOp, "composite op" diff --git a/c/misra/test/rules/RULE-10-7/ImplicitConversionOfCompositeExpression.expected b/c/misra/test/rules/RULE-10-7/ImplicitConversionOfCompositeExpression.expected new file mode 100644 index 0000000000..30b5e1efb7 --- /dev/null +++ b/c/misra/test/rules/RULE-10-7/ImplicitConversionOfCompositeExpression.expected @@ -0,0 +1,3 @@ +| test.c:5:3:5:16 | ... + ... | Implicit conversion of $@ from unsigned short to unsigned int | test.c:5:9:5:16 | ... * ... | composite op | +| test.c:6:3:6:18 | ... * ... | Implicit conversion of $@ from unsigned short to unsigned int | test.c:6:9:6:17 | ... + ... | composite op | +| test.c:9:3:9:20 | ... += ... | Implicit conversion of $@ from unsigned short to unsigned int | test.c:9:11:9:19 | ... + ... | composite op | diff --git a/c/misra/test/rules/RULE-10-7/ImplicitConversionOfCompositeExpression.qlref b/c/misra/test/rules/RULE-10-7/ImplicitConversionOfCompositeExpression.qlref new file mode 100644 index 0000000000..fc83fbb902 --- /dev/null +++ b/c/misra/test/rules/RULE-10-7/ImplicitConversionOfCompositeExpression.qlref @@ -0,0 +1 @@ +rules/RULE-10-7/ImplicitConversionOfCompositeExpression.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-7/test.c b/c/misra/test/rules/RULE-10-7/test.c new file mode 100644 index 0000000000..59d0ed1437 --- /dev/null +++ b/c/misra/test/rules/RULE-10-7/test.c @@ -0,0 +1,14 @@ +void testComposite() { + unsigned int u32 = 100; + unsigned short u16 = 100; + u16 + u32 *u16; // COMPLIANT + u32 + u16 *u16; // NON_COMPLIANT + u32 *(u16 + u16); // NON_COMPLIANT + u32 *(unsigned int)(u16 + u16); // COMPLIANT + u32 + u16 + u16; // COMPLIANT + u32 += (u16 + u16); // NON_COMPLIANT + u32 += (u32 + u16); // COMPLIANT + + signed int s32 = 100; + s32 += (u16 + u16); // // ignored - prohibited by Rule 10.4 +} \ No newline at end of file From 46be7be46b2e47e993008bb1ea3783693b9bac5f Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Mon, 13 Feb 2023 14:27:39 +0000 Subject: [PATCH 0456/2573] EssentialTypes: Implement Rule 10.8 Adds a query to check for inappropriate casts of composite expressions to wider essential types. --- .../InappropriateCastOfCompositeExpression.ql | 38 +++++++++++++++++++ ...ropriateCastOfCompositeExpression.expected | 4 ++ ...appropriateCastOfCompositeExpression.qlref | 1 + c/misra/test/rules/RULE-10-8/test.c | 22 +++++++++++ 4 files changed, 65 insertions(+) create mode 100644 c/misra/src/rules/RULE-10-8/InappropriateCastOfCompositeExpression.ql create mode 100644 c/misra/test/rules/RULE-10-8/InappropriateCastOfCompositeExpression.expected create mode 100644 c/misra/test/rules/RULE-10-8/InappropriateCastOfCompositeExpression.qlref create mode 100644 c/misra/test/rules/RULE-10-8/test.c diff --git a/c/misra/src/rules/RULE-10-8/InappropriateCastOfCompositeExpression.ql b/c/misra/src/rules/RULE-10-8/InappropriateCastOfCompositeExpression.ql new file mode 100644 index 0000000000..d371349def --- /dev/null +++ b/c/misra/src/rules/RULE-10-8/InappropriateCastOfCompositeExpression.ql @@ -0,0 +1,38 @@ +/** + * @id c/misra/inappropriate-cast-of-composite-expression + * @name RULE-10-8: The value of a composite expression shall not be cast to a different essential type category or a + * @description The value of a composite expression shall not be cast to a different essential type + * category or a wider essential type + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-10-8 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.c.misra.EssentialTypes +import codingstandards.c.misra.MisraExpressions + +from + Cast c, CompositeExpression ce, Type castEssentialType, Type compositeExprEssentialType, + EssentialTypeCategory castTypeCategory, EssentialTypeCategory compositeTypeCategory, + string message +where + not isExcluded(ce, EssentialTypesPackage::inappropriateCastOfCompositeExpressionQuery()) and + c = ce.getExplicitlyConverted() and + compositeExprEssentialType = getEssentialTypeBeforeConversions(ce) and + castEssentialType = c.getType() and + castTypeCategory = getEssentialTypeCategory(castEssentialType) and + compositeTypeCategory = getEssentialTypeCategory(compositeExprEssentialType) and + ( + not castTypeCategory = compositeTypeCategory and + message = + "Cast from " + compositeTypeCategory + " to " + castTypeCategory + " changes type category." + or + castTypeCategory = compositeTypeCategory and + castEssentialType.getSize() > compositeExprEssentialType.getSize() and + message = "Cast from " + compositeTypeCategory + " to " + castTypeCategory + " widens type." + ) +select ce, message diff --git a/c/misra/test/rules/RULE-10-8/InappropriateCastOfCompositeExpression.expected b/c/misra/test/rules/RULE-10-8/InappropriateCastOfCompositeExpression.expected new file mode 100644 index 0000000000..85e2471a41 --- /dev/null +++ b/c/misra/test/rules/RULE-10-8/InappropriateCastOfCompositeExpression.expected @@ -0,0 +1,4 @@ +| test.c:4:16:4:20 | ... + ... | Cast from essentially Unsigned type to essentially Signed type changes type category. | +| test.c:5:18:5:22 | ... + ... | Cast from essentially Signed type to essentially Unsigned type changes type category. | +| test.c:14:18:14:24 | ... + ... | Cast from essentially Unsigned type to essentially Unsigned type widens type. | +| test.c:20:16:20:22 | ... + ... | Cast from essentially Signed type to essentially Signed type widens type. | diff --git a/c/misra/test/rules/RULE-10-8/InappropriateCastOfCompositeExpression.qlref b/c/misra/test/rules/RULE-10-8/InappropriateCastOfCompositeExpression.qlref new file mode 100644 index 0000000000..58e1592686 --- /dev/null +++ b/c/misra/test/rules/RULE-10-8/InappropriateCastOfCompositeExpression.qlref @@ -0,0 +1 @@ +rules/RULE-10-8/InappropriateCastOfCompositeExpression.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-8/test.c b/c/misra/test/rules/RULE-10-8/test.c new file mode 100644 index 0000000000..41efb6b8d8 --- /dev/null +++ b/c/misra/test/rules/RULE-10-8/test.c @@ -0,0 +1,22 @@ +void testDifferentEssentialType() { + unsigned int u = 1; + signed int s = 1; + (signed int)(u + u); // NON_COMPLIANT + (unsigned int)(s + s); // NON_COMPLIANT + (signed int)(s + s); // COMPLIANT + (unsigned int)(u + u); // COMPLIANT +} + +void testWiderType() { + unsigned short us = 1; + unsigned int u = 1; + + (unsigned int)(us + us); // NON_COMPLIANT + (unsigned short)(u + u); // COMPLIANT + + signed short ss = 1; + signed int s = 1; + + (signed int)(ss + ss); // NON_COMPLIANT + (signed short)(s + s); // COMPLIANT +} \ No newline at end of file From 2d70f7bf061c6b63789408d6a1cdbb76ae09a1d6 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Mon, 13 Feb 2023 14:38:32 +0000 Subject: [PATCH 0457/2573] EssentialTypes: Add basic test case for library. --- c/misra/test/c/misra/EssentialTypes.expected | 0 c/misra/test/c/misra/EssentialTypes.ql | 5 +++++ c/misra/test/c/misra/test.c | 17 +++++++++++++++++ 3 files changed, 22 insertions(+) create mode 100644 c/misra/test/c/misra/EssentialTypes.expected create mode 100644 c/misra/test/c/misra/EssentialTypes.ql create mode 100644 c/misra/test/c/misra/test.c diff --git a/c/misra/test/c/misra/EssentialTypes.expected b/c/misra/test/c/misra/EssentialTypes.expected new file mode 100644 index 0000000000..e69de29bb2 diff --git a/c/misra/test/c/misra/EssentialTypes.ql b/c/misra/test/c/misra/EssentialTypes.ql new file mode 100644 index 0000000000..64b6f30a33 --- /dev/null +++ b/c/misra/test/c/misra/EssentialTypes.ql @@ -0,0 +1,5 @@ +import codingstandards.c.misra.EssentialTypes + +from Expr e +select e, getEssentialType(e) as et, getEssentialTypeBeforeConversions(e), + getEssentialTypeCategory(et) diff --git a/c/misra/test/c/misra/test.c b/c/misra/test/c/misra/test.c new file mode 100644 index 0000000000..ab21afbdc6 --- /dev/null +++ b/c/misra/test/c/misra/test.c @@ -0,0 +1,17 @@ +#include + +void testConditional() { + unsigned int u = 1; + unsigned short us = 1; + signed int s = 1; + signed short ss = 1; + _Bool b = true; + + b ? u : u; // unsigned int + b ? s : s; // signed int + b ? s : ss; // signed int + b ? ss : s; // signed int + b ? us : u; // unsigned int + + b ? s : u; // unsigned int +} \ No newline at end of file From 942e24de240bc5fe637dba3014f31433c1383030 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 13 Feb 2023 17:40:50 -0500 Subject: [PATCH 0458/2573] factoring in the sub dirs --- .../PSCodingStandards/Get-ATestDirectory.ps1 | 20 ++ scripts/PSCodingStandards/Get-RuleForPath.ps1 | 24 +- scripts/matrix_testing/Config.ps1 | 3 +- .../matrix_testing/CreateMatrixTestReport.ps1 | 206 +++++++++--------- 4 files changed, 137 insertions(+), 116 deletions(-) create mode 100644 scripts/PSCodingStandards/Get-ATestDirectory.ps1 diff --git a/scripts/PSCodingStandards/Get-ATestDirectory.ps1 b/scripts/PSCodingStandards/Get-ATestDirectory.ps1 new file mode 100644 index 0000000000..8b7a1517d3 --- /dev/null +++ b/scripts/PSCodingStandards/Get-ATestDirectory.ps1 @@ -0,0 +1,20 @@ +function Get-ATestDirectory { + param( + [Parameter(Mandatory)] + [object] + $RuleObject, + [Parameter(Mandatory)] + [ValidateSet('c', 'cpp')] + [string] + $Language + ) + + $ruleDir = Get-TestDirectory -RuleObject $RuleObject -Language $Language + + # return value MUST include the explicit test directory + $dirs = @($ruleDir) + + $dirs += (Get-Item "$($ruleDir).*" | ForEach-Object { $_.FullName }) + + $dirs +} diff --git a/scripts/PSCodingStandards/Get-RuleForPath.ps1 b/scripts/PSCodingStandards/Get-RuleForPath.ps1 index 7636c32ce0..bcb056a1f8 100644 --- a/scripts/PSCodingStandards/Get-RuleForPath.ps1 +++ b/scripts/PSCodingStandards/Get-RuleForPath.ps1 @@ -59,19 +59,21 @@ function Get-RuleForPath { foreach($q in $allQueries){ # get test directory - $testDirectory = (Get-TestDirectory -RuleObject $q -Language $Language) - # resolve path to be compatible - $testPath = Join-Path (Resolve-Path . -Relative) $testDirectory + $testDirs = (Get-ATestDirectory -RuleObject $q -Language $Language) + foreach($testDirectory in $testDirs){ + # resolve path to be compatible + $testPath = Join-Path (Resolve-Path . -Relative) $testDirectory - # see if the TEST directory is a substring of the full path - if($modifiedPath.StartsWith($testPath)){ - $matchingRules += $q - continue - } + # see if the TEST directory is a substring of the full path + if($modifiedPath.StartsWith($testPath)){ + $matchingRules += $q + continue + } - if($modifiedPathWithReplacement.StartsWith($testPath)){ - $matchingRules += $q - continue + if($modifiedPathWithReplacement.StartsWith($testPath)){ + $matchingRules += $q + continue + } } } diff --git a/scripts/matrix_testing/Config.ps1 b/scripts/matrix_testing/Config.ps1 index c19a52f92c..a0ac180c23 100644 --- a/scripts/matrix_testing/Config.ps1 +++ b/scripts/matrix_testing/Config.ps1 @@ -22,8 +22,7 @@ $COMPILER_ARGS = @{ "c" = @{ "gcc" = "-fsyntax-only"; - "clang" = "-fsyntax-only"; - + "clang" = "-fsyntax-only"; }; } diff --git a/scripts/matrix_testing/CreateMatrixTestReport.ps1 b/scripts/matrix_testing/CreateMatrixTestReport.ps1 index bf7df2e19d..c121514959 100644 --- a/scripts/matrix_testing/CreateMatrixTestReport.ps1 +++ b/scripts/matrix_testing/CreateMatrixTestReport.ps1 @@ -280,7 +280,6 @@ $jobRows = $queriesToCheck | ForEach-Object -ThrottleLimit $NumThreads -Parallel Import-Module -Name "$using:PSScriptRoot/../PSCodingStandards/CodingStandards" - #. "$using:PSScriptRoot/GetTestDirectory.ps1" . "$using:PSScriptRoot/NewDatabaseForRule.ps1" . "$using:PSScriptRoot/ExecuteQueryAndDecodeAsJson.ps1" . "$using:PSScriptRoot/Get-CompilerSpecificFiles.ps1" @@ -293,6 +292,7 @@ $jobRows = $queriesToCheck | ForEach-Object -ThrottleLimit $NumThreads -Parallel $CurrentRuleName = $q.__memberof_rule $CurrentQueryName = $q.short_name $CurrentPackageName = $q.__memberof_package + # for the report $row = @{ "SUITE" = $CurrentSuiteName; @@ -305,115 +305,115 @@ $jobRows = $queriesToCheck | ForEach-Object -ThrottleLimit $NumThreads -Parallel "TEST_DIFFERENCE" = ""; } - Write-Host "Resolving pack 'codeql/cpp-queries'...." -NoNewline - $CODEQL_CPP_QUERIES_PATH = (codeql resolve qlpacks --format json | ConvertFrom-Json)."codeql/cpp-queries" - if ( -Not (Test-Path -Path $CODEQL_CPP_QUERIES_PATH -PathType Container) ) { - Write-Host "Could not resolve pack 'codeql/cpp-queries'. Please install the pack 'codeql/cpp-queries'." - return $row - } - Write-Host -ForegroundColor ([ConsoleColor]2) "OK" + # all the test directories -- there may be more than one for a given rule + $testDirs = (Get-ATestDirectory -RuleObject $q -Language $using:Language) - Write-Host "====================[Rule=$CurrentRuleName,Suite=$CurrentSuiteName/Query=$CurrentQueryName]====================" + foreach($testDirectory in $testDirs){ - $testDirectory = (Get-TestDirectory -RuleObject $q -Language $using:Language) + Write-Host "====================[Rule=$CurrentRuleName,Suite=$CurrentSuiteName/Query=$CurrentQueryName]====================" - try { - ########################################################### - ########################################################### - # Push context - ########################################################### - $fileSet = (Get-CompilerSpecificFiles -Configuration $using:Configuration -Language $using:Language -TestDirectory $testDirectory) - - if($fileSet){ - $context = Push-CompilerSpecificFiles -Configuration $using:Configuration -Language $using:Language -FileSet $fileSet - } - - Write-Host "Compiling database in $testDirectory..." -NoNewline try { - $db = New-Database-For-Rule -RuleName $CurrentRuleName -RuleTestDir $testDirectory -Configuration $using:Configuration -Language $using:Language - Write-Host -ForegroundColor ([ConsoleColor]2) "OK" - } - catch { - Write-Host -ForegroundColor ([ConsoleColor]4) "FAILED" - $row["COMPILE_ERROR_OUTPUT"] = $_ - - return $row # although it is unlikely to succeed with the next rule skipping to the next rule - # ensures all of the rules will be reported in the - # output. - } - - $row["COMPILE_PASS"] = $true - - Write-Host "Checking expected output..." - - # Dragons below 🐉🐉🐉 - # - # Note this technique uses so-called "wizard" settings to make it possible - # to compare hand compiled databases using qltest. The relative paths and - # other options are required to be set as below (especially the detail about - # the relative path of the dataset and the test). - - # the "dataset" should be the `db-cpp` directory inside the database - # directory. HOWEVER. It should be the path relative to the test directory. - - $rulePath = Resolve-Path $testDirectory - $dbPath = Resolve-Path $db - - Write-Host "Resolving database $dbPath relative to test directory $rulePath" - $dataset = Resolve-Path (Join-Path $dbPath "db-cpp") - - Push-Location $rulePath - $datasetRelPath = Resolve-Path -Relative $dataset - Pop-Location - - Write-Host "Using relative path: $datasetRelPath" - - # Actually do the qltest run. - # codeql test run --dataset "relpath" - - if ($q.shared_implementation_short_name) { - $qlRefFile = Join-Path $rulePath "$($q.shared_implementation_short_name).ql" - } - else { - $qlRefFile = Join-Path $rulePath "$CurrentQueryName.qlref" - } - - Write-Host "codeql test run $qlRefFile --dataset=`"$datasetRelPath`"" - - $stdOut = Join-Path ([System.IO.Path]::GetTempPath()) ([System.Guid]::NewGuid()) - $stdErr = Join-Path ([System.IO.Path]::GetTempPath()) ([System.Guid]::NewGuid()) - - - Write-Host "Standard Out Buffered to: $stdOut" - Write-Host "Standard Error Buffered to: $stdErr" - - $procDetails = Start-Process -FilePath "codeql" -PassThru -NoNewWindow -Wait -ArgumentList "test run $qlRefFile --dataset=`"$datasetRelPath`"" -RedirectStandardOutput $stdOut -RedirectStandardError $stdErr - - if (-Not $procDetails.ExitCode -eq 0) { - - Write-Host -ForegroundColor ([ConsoleColor]4) "FAILED" - Get-Content $stdOut | Out-String | Write-Host - - $row["TEST_DIFFERENCE"] = Get-Content $stdOut | Out-String - - } - else { - $row["TEST_PASS"] = $true - Write-Host -ForegroundColor ([ConsoleColor]2) "OK" - } - - return $row - }finally { - - ########################################################### - ########################################################### - # Context is restored here - ########################################################### - if($context){ - Pop-CompilerSpecificFiles -Context $context + ########################################################### + ########################################################### + # Push context + ########################################################### + $fileSet = (Get-CompilerSpecificFiles -Configuration $using:Configuration -Language $using:Language -TestDirectory $testDirectory) + + if($fileSet){ + $context = Push-CompilerSpecificFiles -Configuration $using:Configuration -Language $using:Language -FileSet $fileSet + } + + Write-Host "Compiling database in $testDirectory..." -NoNewline + + try { + $db = New-Database-For-Rule -RuleName $CurrentRuleName -RuleTestDir $testDirectory -Configuration $using:Configuration -Language $using:Language + Write-Host -ForegroundColor ([ConsoleColor]2) "OK" + } + catch { + Write-Host -ForegroundColor ([ConsoleColor]4) "FAILED" + $row["COMPILE_ERROR_OUTPUT"] = $_ + + continue # although it is unlikely to succeed with the next rule skipping to the next rule + # ensures all of the rules will be reported in the + # output. + } + + $row["COMPILE_PASS"] = $true + + Write-Host "Checking expected output..." + + # Dragons below 🐉🐉🐉 + # + # Note this technique uses so-called "wizard" settings to make it possible + # to compare hand compiled databases using qltest. The relative paths and + # other options are required to be set as below (especially the detail about + # the relative path of the dataset and the test). + + # the "dataset" should be the `db-cpp` directory inside the database + # directory. HOWEVER. It should be the path relative to the test directory. + + $rulePath = Resolve-Path $testDirectory + $dbPath = Resolve-Path $db + + Write-Host "Resolving database $dbPath relative to test directory $rulePath" + $dataset = Resolve-Path (Join-Path $dbPath "db-cpp") + + Push-Location $rulePath + $datasetRelPath = Resolve-Path -Relative $dataset + Pop-Location + + Write-Host "Using relative path: $datasetRelPath" + + # Actually do the qltest run. + # codeql test run --dataset "relpath" + + if ($q.shared_implementation_short_name) { + $qlRefFile = Join-Path $rulePath "$($q.shared_implementation_short_name).ql" + } + else { + $qlRefFile = Join-Path $rulePath "$CurrentQueryName.qlref" + } + + Write-Host "codeql test run $qlRefFile --search-path ../../../../../../ --dataset=`"$datasetRelPath`"" + + $stdOut = Join-Path ([System.IO.Path]::GetTempPath()) ([System.Guid]::NewGuid()) + $stdErr = Join-Path ([System.IO.Path]::GetTempPath()) ([System.Guid]::NewGuid()) + + + Write-Host "Standard Out Buffered to: $stdOut" + Write-Host "Standard Error Buffered to: $stdErr" + + $procDetails = Start-Process -FilePath "codeql" -PassThru -NoNewWindow -Wait -ArgumentList "test run $qlRefFile --search-path ../../../../ --dataset=`"$datasetRelPath`"" -RedirectStandardOutput $stdOut -RedirectStandardError $stdErr + + if (-Not $procDetails.ExitCode -eq 0) { + + Write-Host -ForegroundColor ([ConsoleColor]4) "FAILED" + Get-Content $stdOut | Out-String | Write-Host + + $row["TEST_DIFFERENCE"] = Get-Content $stdOut | Out-String + + } + else { + $row["TEST_PASS"] = $true + Write-Host -ForegroundColor ([ConsoleColor]2) "OK" + } + }finally { + + # output current row state + $row + + + ########################################################### + ########################################################### + # Context is restored here + ########################################################### + if($context){ + Pop-CompilerSpecificFiles -Context $context + } } } + # go to next row } # combine the outputs From 2e92e2c231596b867eab126fd5e74c760b762bf9 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 13 Feb 2023 17:43:41 -0500 Subject: [PATCH 0459/2573] fix pathing which for some reason never failed before --- scripts/matrix_testing/CreateMatrixTestReport.ps1 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/matrix_testing/CreateMatrixTestReport.ps1 b/scripts/matrix_testing/CreateMatrixTestReport.ps1 index c121514959..6668f479b7 100644 --- a/scripts/matrix_testing/CreateMatrixTestReport.ps1 +++ b/scripts/matrix_testing/CreateMatrixTestReport.ps1 @@ -375,7 +375,7 @@ $jobRows = $queriesToCheck | ForEach-Object -ThrottleLimit $NumThreads -Parallel $qlRefFile = Join-Path $rulePath "$CurrentQueryName.qlref" } - Write-Host "codeql test run $qlRefFile --search-path ../../../../../../ --dataset=`"$datasetRelPath`"" + Write-Host "codeql test run $qlRefFile --search-path . --dataset=`"$datasetRelPath`"" $stdOut = Join-Path ([System.IO.Path]::GetTempPath()) ([System.Guid]::NewGuid()) $stdErr = Join-Path ([System.IO.Path]::GetTempPath()) ([System.Guid]::NewGuid()) @@ -384,7 +384,7 @@ $jobRows = $queriesToCheck | ForEach-Object -ThrottleLimit $NumThreads -Parallel Write-Host "Standard Out Buffered to: $stdOut" Write-Host "Standard Error Buffered to: $stdErr" - $procDetails = Start-Process -FilePath "codeql" -PassThru -NoNewWindow -Wait -ArgumentList "test run $qlRefFile --search-path ../../../../ --dataset=`"$datasetRelPath`"" -RedirectStandardOutput $stdOut -RedirectStandardError $stdErr + $procDetails = Start-Process -FilePath "codeql" -PassThru -NoNewWindow -Wait -ArgumentList "test run $qlRefFile --search-path . --dataset=`"$datasetRelPath`"" -RedirectStandardOutput $stdOut -RedirectStandardError $stdErr if (-Not $procDetails.ExitCode -eq 0) { From b50ee56868a10ac56f782cb1f63f3ae809e240e8 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 13 Feb 2023 18:09:45 -0500 Subject: [PATCH 0460/2573] format fixing --- .../matrix_testing/CreateMatrixTestReport.ps1 | 25 +++++++++++-------- 1 file changed, 14 insertions(+), 11 deletions(-) diff --git a/scripts/matrix_testing/CreateMatrixTestReport.ps1 b/scripts/matrix_testing/CreateMatrixTestReport.ps1 index 6668f479b7..a2ae220dad 100644 --- a/scripts/matrix_testing/CreateMatrixTestReport.ps1 +++ b/scripts/matrix_testing/CreateMatrixTestReport.ps1 @@ -293,23 +293,26 @@ $jobRows = $queriesToCheck | ForEach-Object -ThrottleLimit $NumThreads -Parallel $CurrentQueryName = $q.short_name $CurrentPackageName = $q.__memberof_package - # for the report - $row = @{ - "SUITE" = $CurrentSuiteName; - "PACKAGE" = $CurrentPackageName; - "RULE" = $CurrentRuleName; - "QUERY" = $CurrentQueryName; - "COMPILE_PASS" = $false; - "COMPILE_ERROR_OUTPUT" = ""; - "TEST_PASS" = $false ; - "TEST_DIFFERENCE" = ""; - } # all the test directories -- there may be more than one for a given rule $testDirs = (Get-ATestDirectory -RuleObject $q -Language $using:Language) foreach($testDirectory in $testDirs){ + # for the report + $row = @{ + "SUITE" = $CurrentSuiteName; + "PACKAGE" = $CurrentPackageName; + "RULE" = $CurrentRuleName; + "QUERY" = $CurrentQueryName; + "COMPILE_PASS" = $false; + "COMPILE_ERROR_OUTPUT" = ""; + "TEST_PASS" = $false ; + "TEST_DIFFERENCE" = ""; + } + + + Write-Host "====================[Rule=$CurrentRuleName,Suite=$CurrentSuiteName/Query=$CurrentQueryName]====================" From 04da4aa17f31a4362ebe5743b141d7f1f0b6026d Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 13 Feb 2023 18:15:31 -0500 Subject: [PATCH 0461/2573] placeholders --- cpp/autosar/test/rules/A1-1-2.3/options.clang | 0 cpp/autosar/test/rules/A1-1-2.3/options.gcc | 0 2 files changed, 0 insertions(+), 0 deletions(-) create mode 100644 cpp/autosar/test/rules/A1-1-2.3/options.clang create mode 100644 cpp/autosar/test/rules/A1-1-2.3/options.gcc diff --git a/cpp/autosar/test/rules/A1-1-2.3/options.clang b/cpp/autosar/test/rules/A1-1-2.3/options.clang new file mode 100644 index 0000000000..e69de29bb2 diff --git a/cpp/autosar/test/rules/A1-1-2.3/options.gcc b/cpp/autosar/test/rules/A1-1-2.3/options.gcc new file mode 100644 index 0000000000..e69de29bb2 From 91d1eb8e8e8a6190a269c1536adeab714c42f5b9 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 13 Feb 2023 18:20:58 -0500 Subject: [PATCH 0462/2573] option to disable gcc warnings --- cpp/autosar/test/rules/A1-1-2.3/options.gcc | 1 + 1 file changed, 1 insertion(+) diff --git a/cpp/autosar/test/rules/A1-1-2.3/options.gcc b/cpp/autosar/test/rules/A1-1-2.3/options.gcc index e69de29bb2..b45da65784 100644 --- a/cpp/autosar/test/rules/A1-1-2.3/options.gcc +++ b/cpp/autosar/test/rules/A1-1-2.3/options.gcc @@ -0,0 +1 @@ +-w \ No newline at end of file From ebc07fe6ccbae91bb5fed6788651498fed42b780 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Tue, 14 Feb 2023 13:17:05 +0000 Subject: [PATCH 0463/2573] EssentialTypes: Handle typedefs When computing EssentialTypeCategories, ensure we resolve any typedefs first. --- .../c/misra/EssentialTypes.qll | 43 +++++++++++-------- 1 file changed, 25 insertions(+), 18 deletions(-) diff --git a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll index 06e1ff20fc..35feb00848 100644 --- a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll +++ b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll @@ -74,25 +74,32 @@ private IntegralType stlr(Expr const) { } /** - * Define the essential type category for an IntegralOrEnumType. + * Define the essential type category for an essentialType or a typedef of an essentialType. */ -EssentialTypeCategory getEssentialTypeCategory(Type at) { - result = EssentiallyBooleanType() and at instanceof MisraBoolType - or - result = EssentiallyCharacterType() and at instanceof PlainCharType - or - result = EssentiallySignedType() and - at.(IntegralType).isSigned() and - not at instanceof PlainCharType - or - result = EssentiallyUnsignedType() and - at.(IntegralType).isUnsigned() and - not at instanceof PlainCharType - or - result = EssentiallyEnumType() and at instanceof Enum and not at instanceof MisraBoolType - or - result = EssentiallyFloatingType() and - at instanceof FloatingPointType +EssentialTypeCategory getEssentialTypeCategory(Type type) { + exists(Type essentialType | + // Resolve typedefs to ensure + essentialType = type.getUnderlyingType() + | + result = EssentiallyBooleanType() and essentialType instanceof MisraBoolType + or + result = EssentiallyCharacterType() and essentialType instanceof PlainCharType + or + result = EssentiallySignedType() and + essentialType.(IntegralType).isSigned() and + not essentialType instanceof PlainCharType + or + result = EssentiallyUnsignedType() and + essentialType.(IntegralType).isUnsigned() and + not essentialType instanceof PlainCharType + or + result = EssentiallyEnumType() and + essentialType instanceof Enum and + not essentialType instanceof MisraBoolType + or + result = EssentiallyFloatingType() and + essentialType instanceof FloatingPointType + ) } /** From ebae3e6d305ec0a54f782566e1c411f0a6f50389 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Tue, 14 Feb 2023 13:19:27 +0000 Subject: [PATCH 0464/2573] EssentialTypes: Implement Rule 14.1 Adds a query that finds loop counters which are essentially floating type. --- .../RULE-14-1/LoopOverEssentiallyFloatType.ql | 23 +++++++++++++++++++ .../LoopOverEssentiallyFloatType.expected | 3 +++ .../LoopOverEssentiallyFloatType.qlref | 1 + c/misra/test/rules/RULE-14-1/test.c | 15 ++++++++++++ 4 files changed, 42 insertions(+) create mode 100644 c/misra/src/rules/RULE-14-1/LoopOverEssentiallyFloatType.ql create mode 100644 c/misra/test/rules/RULE-14-1/LoopOverEssentiallyFloatType.expected create mode 100644 c/misra/test/rules/RULE-14-1/LoopOverEssentiallyFloatType.qlref create mode 100644 c/misra/test/rules/RULE-14-1/test.c diff --git a/c/misra/src/rules/RULE-14-1/LoopOverEssentiallyFloatType.ql b/c/misra/src/rules/RULE-14-1/LoopOverEssentiallyFloatType.ql new file mode 100644 index 0000000000..5bf20709e6 --- /dev/null +++ b/c/misra/src/rules/RULE-14-1/LoopOverEssentiallyFloatType.ql @@ -0,0 +1,23 @@ +/** + * @id c/misra/loop-over-essentially-float-type + * @name RULE-14-1: A loop counter shall not have essentially floating type + * @description + * @kind problem + * @precision high + * @problem.severity error + * @tags external/misra/id/rule-14-1 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.c.misra.EssentialTypes +import codingstandards.cpp.Loops + +from ForStmt forLoop, Variable loopIterationVariable +where + not isExcluded(loopIterationVariable, EssentialTypesPackage::loopOverEssentiallyFloatTypeQuery()) and + getAnIterationVariable(forLoop) = loopIterationVariable and + getEssentialTypeCategory(loopIterationVariable.getType()) = EssentiallyFloatingType() +select loopIterationVariable, + "Loop iteration variable " + loopIterationVariable.getName() + " is essentially Floating type." diff --git a/c/misra/test/rules/RULE-14-1/LoopOverEssentiallyFloatType.expected b/c/misra/test/rules/RULE-14-1/LoopOverEssentiallyFloatType.expected new file mode 100644 index 0000000000..0dc7c13836 --- /dev/null +++ b/c/misra/test/rules/RULE-14-1/LoopOverEssentiallyFloatType.expected @@ -0,0 +1,3 @@ +| test.c:4:14:4:14 | f | Loop iteration variable f is essentially Floating type. | +| test.c:6:15:6:15 | d | Loop iteration variable d is essentially Floating type. | +| test.c:8:18:8:18 | f | Loop iteration variable f is essentially Floating type. | diff --git a/c/misra/test/rules/RULE-14-1/LoopOverEssentiallyFloatType.qlref b/c/misra/test/rules/RULE-14-1/LoopOverEssentiallyFloatType.qlref new file mode 100644 index 0000000000..e488267d22 --- /dev/null +++ b/c/misra/test/rules/RULE-14-1/LoopOverEssentiallyFloatType.qlref @@ -0,0 +1 @@ +rules/RULE-14-1/LoopOverEssentiallyFloatType.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-14-1/test.c b/c/misra/test/rules/RULE-14-1/test.c new file mode 100644 index 0000000000..50c2240735 --- /dev/null +++ b/c/misra/test/rules/RULE-14-1/test.c @@ -0,0 +1,15 @@ +typedef float float32_t; + +void test_floating_point_loop() { + for (float f = 0.0F; f < 10.0F; f += 0.2F) { // NON_COMPLIANT + } + for (double d = 0.0F; d < 10.0F; d += 0.2F) { // NON_COMPLIANT + } + for (float32_t f = 0.0F; f < 10.0F; f += 0.2F) { // NON_COMPLIANT + } +} + +void test_non_floating_point_loop() { + for (int i = 0; i < 10; i++) { // COMPLIANT + } +} \ No newline at end of file From 2c106bcfdf96760d9d990d2c76c804a0da102bde Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Tue, 14 Feb 2023 13:28:46 +0000 Subject: [PATCH 0465/2573] EssentialType: Handle type specifiers Ensure when calculating the essential type category, we strip the type specifiers, otherwise we will not match the correct type category. --- c/misra/src/codingstandards/c/misra/EssentialTypes.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll index 35feb00848..3acb041139 100644 --- a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll +++ b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll @@ -79,7 +79,7 @@ private IntegralType stlr(Expr const) { EssentialTypeCategory getEssentialTypeCategory(Type type) { exists(Type essentialType | // Resolve typedefs to ensure - essentialType = type.getUnderlyingType() + essentialType = type.getUnspecifiedType() | result = EssentiallyBooleanType() and essentialType instanceof MisraBoolType or From c330ed6afbc9ecbfcac5cc8d047aa1ba17c94f77 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Tue, 14 Feb 2023 13:32:07 +0000 Subject: [PATCH 0466/2573] EssentialTypes: Add test cases for library --- c/misra/test/c/misra/EssentialTypes.expected | 40 ++++++++++++++++++++ c/misra/test/c/misra/EssentialTypes.ql | 6 +-- c/misra/test/c/misra/test.c | 12 ++++++ 3 files changed, 55 insertions(+), 3 deletions(-) diff --git a/c/misra/test/c/misra/EssentialTypes.expected b/c/misra/test/c/misra/EssentialTypes.expected index e69de29bb2..8bf299bd63 100644 --- a/c/misra/test/c/misra/EssentialTypes.expected +++ b/c/misra/test/c/misra/EssentialTypes.expected @@ -0,0 +1,40 @@ +| test.c:4:20:4:20 | 1 | signed char | signed char | essentially Signed type | +| test.c:4:20:4:20 | (unsigned int)... | unsigned int | unsigned int | essentially Unsigned type | +| test.c:5:23:5:23 | 1 | signed char | signed char | essentially Signed type | +| test.c:5:23:5:23 | (unsigned short)... | unsigned short | unsigned short | essentially Unsigned type | +| test.c:6:17:6:18 | 1 | signed char | signed char | essentially Signed type | +| test.c:7:21:7:21 | 1 | signed char | signed char | essentially Signed type | +| test.c:7:21:7:21 | (signed short)... | signed short | signed short | essentially Signed type | +| test.c:8:13:8:16 | 1 | bool | bool | essentially Boolean type | +| test.c:8:13:8:16 | (bool)... | bool | bool | essentially Boolean type | +| test.c:10:3:10:3 | b | bool | bool | essentially Boolean type | +| test.c:10:3:10:11 | ... ? ... : ... | unsigned int | unsigned int | essentially Unsigned type | +| test.c:10:7:10:7 | u | unsigned int | unsigned int | essentially Unsigned type | +| test.c:10:11:10:11 | u | unsigned int | unsigned int | essentially Unsigned type | +| test.c:11:3:11:3 | b | bool | bool | essentially Boolean type | +| test.c:11:3:11:11 | ... ? ... : ... | signed int | signed int | essentially Signed type | +| test.c:11:7:11:7 | s | signed int | signed int | essentially Signed type | +| test.c:11:11:11:11 | s | signed int | signed int | essentially Signed type | +| test.c:12:3:12:3 | b | bool | bool | essentially Boolean type | +| test.c:12:3:12:12 | ... ? ... : ... | signed int | signed int | essentially Signed type | +| test.c:12:7:12:7 | s | signed int | signed int | essentially Signed type | +| test.c:12:11:12:12 | (int)... | int | int | essentially Signed type | +| test.c:12:11:12:12 | ss | signed short | signed short | essentially Signed type | +| test.c:13:3:13:3 | b | bool | bool | essentially Boolean type | +| test.c:13:3:13:12 | ... ? ... : ... | signed int | signed int | essentially Signed type | +| test.c:13:7:13:8 | (int)... | int | int | essentially Signed type | +| test.c:13:7:13:8 | ss | signed short | signed short | essentially Signed type | +| test.c:13:12:13:12 | s | signed int | signed int | essentially Signed type | +| test.c:14:3:14:3 | b | bool | bool | essentially Boolean type | +| test.c:14:3:14:12 | ... ? ... : ... | unsigned int | unsigned int | essentially Unsigned type | +| test.c:14:7:14:8 | (unsigned int)... | unsigned int | unsigned int | essentially Unsigned type | +| test.c:14:7:14:8 | us | unsigned short | unsigned short | essentially Unsigned type | +| test.c:14:12:14:12 | u | unsigned int | unsigned int | essentially Unsigned type | +| test.c:16:3:16:3 | b | bool | bool | essentially Boolean type | +| test.c:16:3:16:11 | ... ? ... : ... | unsigned int | unsigned int | essentially Unsigned type | +| test.c:16:7:16:7 | (unsigned int)... | unsigned int | unsigned int | essentially Unsigned type | +| test.c:16:7:16:7 | s | signed int | signed int | essentially Signed type | +| test.c:16:11:16:11 | u | unsigned int | unsigned int | essentially Unsigned type | +| test.c:26:3:26:3 | f | float | float | essentially Floating type | +| test.c:27:3:27:5 | f32 | float32_t | float32_t | essentially Floating type | +| test.c:28:3:28:6 | cf32 | float | float | essentially Floating type | diff --git a/c/misra/test/c/misra/EssentialTypes.ql b/c/misra/test/c/misra/EssentialTypes.ql index 64b6f30a33..f8fe785727 100644 --- a/c/misra/test/c/misra/EssentialTypes.ql +++ b/c/misra/test/c/misra/EssentialTypes.ql @@ -1,5 +1,5 @@ import codingstandards.c.misra.EssentialTypes -from Expr e -select e, getEssentialType(e) as et, getEssentialTypeBeforeConversions(e), - getEssentialTypeCategory(et) +from Expr e, Type et +where et = getEssentialType(e) +select e, et.getName(), getEssentialTypeBeforeConversions(e).getName(), getEssentialTypeCategory(et) diff --git a/c/misra/test/c/misra/test.c b/c/misra/test/c/misra/test.c index ab21afbdc6..8788f7e93a 100644 --- a/c/misra/test/c/misra/test.c +++ b/c/misra/test/c/misra/test.c @@ -14,4 +14,16 @@ void testConditional() { b ? us : u; // unsigned int b ? s : u; // unsigned int +} + +void testCategoriesForComplexTypes() { + typedef float float32_t; + typedef const float cfloat32_t; + const float f; + const float32_t f32; + cfloat32_t cf32; + + f; // Should be essentially Floating type + f32; // Should be essentially Floating type + cf32; // Should be essentially Floating type } \ No newline at end of file From cf12521d6909cdefc0d673b043b5e2dedf45c5d2 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Tue, 14 Feb 2023 13:50:39 +0000 Subject: [PATCH 0467/2573] EssentialTypes: Implement Rule 21.16 Adds a query to find uses of memcmp with pointer types which are prohibited by MISRA C. --- .../MemcmpOnInappropriateEssentialTypeArgs.ql | 44 +++++++++++++++ ...pOnInappropriateEssentialTypeArgs.expected | 10 ++++ ...mcmpOnInappropriateEssentialTypeArgs.qlref | 1 + c/misra/test/rules/RULE-21-16/test.c | 54 +++++++++++++++++++ 4 files changed, 109 insertions(+) create mode 100644 c/misra/src/rules/RULE-21-16/MemcmpOnInappropriateEssentialTypeArgs.ql create mode 100644 c/misra/test/rules/RULE-21-16/MemcmpOnInappropriateEssentialTypeArgs.expected create mode 100644 c/misra/test/rules/RULE-21-16/MemcmpOnInappropriateEssentialTypeArgs.qlref create mode 100644 c/misra/test/rules/RULE-21-16/test.c diff --git a/c/misra/src/rules/RULE-21-16/MemcmpOnInappropriateEssentialTypeArgs.ql b/c/misra/src/rules/RULE-21-16/MemcmpOnInappropriateEssentialTypeArgs.ql new file mode 100644 index 0000000000..0852595d9b --- /dev/null +++ b/c/misra/src/rules/RULE-21-16/MemcmpOnInappropriateEssentialTypeArgs.ql @@ -0,0 +1,44 @@ +/** + * @id c/misra/memcmp-on-inappropriate-essential-type-args + * @name RULE-21-16: The pointer arguments to the Standard Library function memcmp shall point to either a pointer type, + * @description The pointer arguments to the Standard Library function memcmp shall point to either + * a pointer type, an essentially signed type, an essentially unsigned type, an + * essentially Boolean type or an essentially enum type + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-21-16 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.c.misra.EssentialTypes + +from FunctionCall memcmp, Expr arg, Type argBaseType +where + not isExcluded(arg, EssentialTypesPackage::memcmpOnInappropriateEssentialTypeArgsQuery()) and + memcmp.getTarget().hasGlobalName("memcmp") and + // Pointer arguments + arg = memcmp.getArgument([0, 1]) and + exists(DerivedType pt | + // Must be a pointer type or array type + ( + pt instanceof PointerType or + pt instanceof ArrayType + ) and + pt = arg.getType() and + argBaseType = pt.getBaseType() and + // Doesn't point to a pointer type + not argBaseType instanceof PointerType and + // Doesn't point to a type which is essentially signed, unsigned, boolean or enum + not exists(EssentialTypeCategory typeCategory | + typeCategory = getEssentialTypeCategory(argBaseType) + | + typeCategory = EssentiallySignedType() or + typeCategory = EssentiallyUnsignedType() or + typeCategory = EssentiallyBooleanType() or + typeCategory = EssentiallyEnumType() + ) + ) +select arg, "Argument is a pointer to " + argBaseType + "." diff --git a/c/misra/test/rules/RULE-21-16/MemcmpOnInappropriateEssentialTypeArgs.expected b/c/misra/test/rules/RULE-21-16/MemcmpOnInappropriateEssentialTypeArgs.expected new file mode 100644 index 0000000000..d774a833f2 --- /dev/null +++ b/c/misra/test/rules/RULE-21-16/MemcmpOnInappropriateEssentialTypeArgs.expected @@ -0,0 +1,10 @@ +| test.c:23:10:23:10 | p | Argument is a pointer to float. | +| test.c:23:13:23:13 | q | Argument is a pointer to float. | +| test.c:35:10:35:10 | p | Argument is a pointer to S1. | +| test.c:35:13:35:13 | q | Argument is a pointer to S1. | +| test.c:41:10:41:10 | p | Argument is a pointer to U. | +| test.c:41:13:41:13 | q | Argument is a pointer to U. | +| test.c:45:10:45:10 | p | Argument is a pointer to char. | +| test.c:45:13:45:13 | q | Argument is a pointer to char. | +| test.c:49:10:49:10 | p | Argument is a pointer to char. | +| test.c:49:13:49:13 | q | Argument is a pointer to char. | diff --git a/c/misra/test/rules/RULE-21-16/MemcmpOnInappropriateEssentialTypeArgs.qlref b/c/misra/test/rules/RULE-21-16/MemcmpOnInappropriateEssentialTypeArgs.qlref new file mode 100644 index 0000000000..cf550d800a --- /dev/null +++ b/c/misra/test/rules/RULE-21-16/MemcmpOnInappropriateEssentialTypeArgs.qlref @@ -0,0 +1 @@ +rules/RULE-21-16/MemcmpOnInappropriateEssentialTypeArgs.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-16/test.c b/c/misra/test/rules/RULE-21-16/test.c new file mode 100644 index 0000000000..f7c4c96707 --- /dev/null +++ b/c/misra/test/rules/RULE-21-16/test.c @@ -0,0 +1,54 @@ +#include +#include + +void testMemcmpSignedInt(signed int *p, signed int *q, size_t size) { + memcmp(p, q, size); // COMPLIANT +} + +void testMemcmpUnsignedInt(unsigned int *p, unsigned int *q, size_t size) { + memcmp(p, q, size); // COMPLIANT +} + +enum E1 { E1_1, E1_2 }; + +void testMemcmpEnum(enum E1 *p, enum E1 *q, size_t size) { + memcmp(p, q, size); // COMPLIANT +} + +void testMemcmpBool(bool *p, bool *q, size_t size) { + memcmp(p, q, size); // COMPLIANT +} + +void testMemcmpFloat(float *p, float *q, size_t size) { + memcmp(p, q, size); // NON_COMPLIANT +} + +void testMemcmpPointerToPointer(void **p, void **q, size_t size) { + memcmp(p, q, size); // COMPLIANT +} + +struct S1 { + int i; +}; + +void testMemcmpStruct(struct S1 *p, struct S1 *q, size_t size) { + memcmp(p, q, size); // NON_COMPLIANT +} + +union U; + +void testMemcmpUnion(union U *p, union U *q, size_t size) { + memcmp(p, q, size); // NON_COMPLIANT +} + +void testMemcmpChar(char *p, char *q, size_t size) { + memcmp(p, q, size); // NON_COMPLIANT +} + +void testMemcmpCharArray(char p[10], char q[10], size_t size) { + memcmp(p, q, size); // NON_COMPLIANT +} + +void testMemcmpIntArray(int p[10], int q[10], size_t size) { + memcmp(p, q, size); // COMPLIANT +} \ No newline at end of file From c6ce829e8cff79adb82649d7afe50b965ec5967a Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Tue, 14 Feb 2023 14:11:05 +0000 Subject: [PATCH 0468/2573] EssentialTypes: Update metadata --- .../OperandsOfAnInappropriateEssentialType.ql | 6 +- .../RULE-10-1/PointerTypeOnLogicalOperator.ql | 6 +- ...dditionSubtractionOnEssentiallyCharType.ql | 4 +- .../AssignmentOfIncompatibleEssentialType.ql | 8 +- ...andsWithMismatchedEssentialTypeCategory.ql | 6 +- .../InappropriateEssentialTypeCast.ql | 7 +- .../AssignmentToWiderEssentialType.ql | 7 +- ...ImplicitConversionOfCompositeExpression.ql | 6 +- .../InappropriateCastOfCompositeExpression.ql | 6 +- .../RULE-14-1/LoopOverEssentiallyFloatType.ql | 8 +- .../MemcmpOnInappropriateEssentialTypeArgs.ql | 4 +- rule_packages/c/EssentialTypes.json | 97 ++++++++++++------- 12 files changed, 110 insertions(+), 55 deletions(-) diff --git a/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql b/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql index 0245f3cbc5..005b7c6cf5 100644 --- a/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql +++ b/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql @@ -1,11 +1,13 @@ /** * @id c/misra/operands-of-an-inappropriate-essential-type * @name RULE-10-1: Operands shall not be of an inappropriate essential type - * @description + * @description Using an inappropriate essential type operand may lead to confusing or unexpected + * behavior when the operand is converted. * @kind problem * @precision very-high - * @problem.severity error + * @problem.severity warning * @tags external/misra/id/rule-10-1 + * maintainability * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-10-1/PointerTypeOnLogicalOperator.ql b/c/misra/src/rules/RULE-10-1/PointerTypeOnLogicalOperator.ql index 53d4a79ffc..21bfdcb2be 100644 --- a/c/misra/src/rules/RULE-10-1/PointerTypeOnLogicalOperator.ql +++ b/c/misra/src/rules/RULE-10-1/PointerTypeOnLogicalOperator.ql @@ -1,11 +1,13 @@ /** * @id c/misra/pointer-type-on-logical-operator * @name RULE-10-1: Logical operators should not be used with pointer types - * @description + * @description Using pointer types with logical operators should be avoid because it can cause + * confusing behavior. * @kind problem * @precision very-high - * @problem.severity error + * @problem.severity warning * @tags external/misra/id/rule-10-1 + * correctness * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-10-2/AdditionSubtractionOnEssentiallyCharType.ql b/c/misra/src/rules/RULE-10-2/AdditionSubtractionOnEssentiallyCharType.ql index 5e75f44590..7ed86b9210 100644 --- a/c/misra/src/rules/RULE-10-2/AdditionSubtractionOnEssentiallyCharType.ql +++ b/c/misra/src/rules/RULE-10-2/AdditionSubtractionOnEssentiallyCharType.ql @@ -1,12 +1,14 @@ /** * @id c/misra/addition-subtraction-on-essentially-char-type - * @name RULE-10-2: Expressions of essentially character type shall not be used inappropriately in addition and + * @name RULE-10-2: Inappropriate use of essentially character type operands in addition and subtraction operations * @description Expressions of essentially character type shall not be used inappropriately in * addition and subtraction operations * @kind problem * @precision very-high * @problem.severity error * @tags external/misra/id/rule-10-2 + * maintainability + * correctness * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-10-3/AssignmentOfIncompatibleEssentialType.ql b/c/misra/src/rules/RULE-10-3/AssignmentOfIncompatibleEssentialType.ql index 362f0934c2..358c0c1a09 100644 --- a/c/misra/src/rules/RULE-10-3/AssignmentOfIncompatibleEssentialType.ql +++ b/c/misra/src/rules/RULE-10-3/AssignmentOfIncompatibleEssentialType.ql @@ -1,12 +1,14 @@ /** * @id c/misra/assignment-of-incompatible-essential-type - * @name RULE-10-3: The value of an expression shall not be assigned to an object with a narrower essential type or of a + * @name RULE-10-3: Do not assign to an object with a different essential type category or narrower essential type * @description The value of an expression shall not be assigned to an object with a narrower * essential type or of a different essential type category * @kind problem - * @precision high - * @problem.severity error + * @precision very-high + * @problem.severity warning * @tags external/misra/id/rule-10-3 + * maintainability + * correctness * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-10-4/OperandsWithMismatchedEssentialTypeCategory.ql b/c/misra/src/rules/RULE-10-4/OperandsWithMismatchedEssentialTypeCategory.ql index 582854e77b..6619ce31e4 100644 --- a/c/misra/src/rules/RULE-10-4/OperandsWithMismatchedEssentialTypeCategory.ql +++ b/c/misra/src/rules/RULE-10-4/OperandsWithMismatchedEssentialTypeCategory.ql @@ -1,12 +1,14 @@ /** * @id c/misra/operands-with-mismatched-essential-type-category - * @name RULE-10-4: Both operands of an operator in which the usual arithmetic conversions are performed shall have the + * @name RULE-10-4: Operator with usual arithmetic conversions shall have operands with the same essential type category * @description Both operands of an operator in which the usual arithmetic conversions are performed * shall have the same essential type category * @kind problem * @precision very-high - * @problem.severity error + * @problem.severity warning * @tags external/misra/id/rule-10-4 + * maintainability + * correctness * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-10-5/InappropriateEssentialTypeCast.ql b/c/misra/src/rules/RULE-10-5/InappropriateEssentialTypeCast.ql index c7556729c9..10d54c4fff 100644 --- a/c/misra/src/rules/RULE-10-5/InappropriateEssentialTypeCast.ql +++ b/c/misra/src/rules/RULE-10-5/InappropriateEssentialTypeCast.ql @@ -1,11 +1,14 @@ /** * @id c/misra/inappropriate-essential-type-cast * @name RULE-10-5: The value of an expression should not be cast to an inappropriate essential type - * @description + * @description Casting the value of an expression to an inappropriate essential type may lead to + * confusing or unexpected behavior in the way the value is converted. * @kind problem * @precision very-high - * @problem.severity error + * @problem.severity warning * @tags external/misra/id/rule-10-5 + * maintainability + * correctness * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/RULE-10-6/AssignmentToWiderEssentialType.ql b/c/misra/src/rules/RULE-10-6/AssignmentToWiderEssentialType.ql index b62eca3c29..bc1133c784 100644 --- a/c/misra/src/rules/RULE-10-6/AssignmentToWiderEssentialType.ql +++ b/c/misra/src/rules/RULE-10-6/AssignmentToWiderEssentialType.ql @@ -1,11 +1,14 @@ /** * @id c/misra/assignment-to-wider-essential-type * @name RULE-10-6: The value of a composite expression shall not be assigned to an object with wider essential type - * @description + * @description Assigning a composite expression to an object with wider essential type can cause + * some unexpected conversions. * @kind problem * @precision very-high - * @problem.severity error + * @problem.severity warning * @tags external/misra/id/rule-10-6 + * maintainability + * correctness * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-10-7/ImplicitConversionOfCompositeExpression.ql b/c/misra/src/rules/RULE-10-7/ImplicitConversionOfCompositeExpression.ql index 16cb46ce77..c1f8c1c342 100644 --- a/c/misra/src/rules/RULE-10-7/ImplicitConversionOfCompositeExpression.ql +++ b/c/misra/src/rules/RULE-10-7/ImplicitConversionOfCompositeExpression.ql @@ -1,13 +1,15 @@ /** * @id c/misra/implicit-conversion-of-composite-expression - * @name RULE-10-7: If a composite expression is used as one operand of an operator in which the usual arithmetic + * @name RULE-10-7: Implicit conversion of composite expression operand to wider essential type * @description If a composite expression is used as one operand of an operator in which the usual * arithmetic conversions are performed then the other operand shall not have wider * essential type * @kind problem * @precision very-high - * @problem.severity error + * @problem.severity warning * @tags external/misra/id/rule-10-7 + * maintainability + * correctness * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-10-8/InappropriateCastOfCompositeExpression.ql b/c/misra/src/rules/RULE-10-8/InappropriateCastOfCompositeExpression.ql index d371349def..a251feefa2 100644 --- a/c/misra/src/rules/RULE-10-8/InappropriateCastOfCompositeExpression.ql +++ b/c/misra/src/rules/RULE-10-8/InappropriateCastOfCompositeExpression.ql @@ -1,12 +1,14 @@ /** * @id c/misra/inappropriate-cast-of-composite-expression - * @name RULE-10-8: The value of a composite expression shall not be cast to a different essential type category or a + * @name RULE-10-8: Composite expression explicitly casted to wider or different essential type * @description The value of a composite expression shall not be cast to a different essential type * category or a wider essential type * @kind problem * @precision very-high - * @problem.severity error + * @problem.severity warning * @tags external/misra/id/rule-10-8 + * maintainability + * correctness * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-14-1/LoopOverEssentiallyFloatType.ql b/c/misra/src/rules/RULE-14-1/LoopOverEssentiallyFloatType.ql index 5bf20709e6..6a0f772f61 100644 --- a/c/misra/src/rules/RULE-14-1/LoopOverEssentiallyFloatType.ql +++ b/c/misra/src/rules/RULE-14-1/LoopOverEssentiallyFloatType.ql @@ -1,11 +1,13 @@ /** * @id c/misra/loop-over-essentially-float-type * @name RULE-14-1: A loop counter shall not have essentially floating type - * @description + * @description A floating point loop counter can cause confusing behavior when incremented. * @kind problem - * @precision high - * @problem.severity error + * @precision very-high + * @problem.severity warning * @tags external/misra/id/rule-14-1 + * maintainability + * correctness * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-21-16/MemcmpOnInappropriateEssentialTypeArgs.ql b/c/misra/src/rules/RULE-21-16/MemcmpOnInappropriateEssentialTypeArgs.ql index 0852595d9b..88a39dd973 100644 --- a/c/misra/src/rules/RULE-21-16/MemcmpOnInappropriateEssentialTypeArgs.ql +++ b/c/misra/src/rules/RULE-21-16/MemcmpOnInappropriateEssentialTypeArgs.ql @@ -1,6 +1,6 @@ /** * @id c/misra/memcmp-on-inappropriate-essential-type-args - * @name RULE-21-16: The pointer arguments to the Standard Library function memcmp shall point to either a pointer type, + * @name RULE-21-16: Do not use memcmp on pointers to characters or composite types such as structs and unions. * @description The pointer arguments to the Standard Library function memcmp shall point to either * a pointer type, an essentially signed type, an essentially unsigned type, an * essentially Boolean type or an essentially enum type @@ -8,6 +8,8 @@ * @precision very-high * @problem.severity error * @tags external/misra/id/rule-21-16 + * maintainability + * correctness * external/misra/obligation/required */ diff --git a/rule_packages/c/EssentialTypes.json b/rule_packages/c/EssentialTypes.json index 15c01100b9..412aca7fe8 100644 --- a/rule_packages/c/EssentialTypes.json +++ b/rule_packages/c/EssentialTypes.json @@ -6,22 +6,26 @@ }, "queries": [ { - "description": "", + "description": "Using an inappropriate essential type operand may lead to confusing or unexpected behavior when the operand is converted.", "kind": "problem", "name": "Operands shall not be of an inappropriate essential type", "precision": "very-high", - "severity": "error", + "severity": "warning", "short_name": "OperandsOfAnInappropriateEssentialType", - "tags": [] + "tags": [ + "maintainability" + ] }, { - "description": "", + "description": "Using pointer types with logical operators should be avoid because it can cause confusing behavior.", "kind": "problem", "name": "Logical operators should not be used with pointer types", "precision": "very-high", - "severity": "error", + "severity": "warning", "short_name": "PointerTypeOnLogicalOperator", - "tags": [] + "tags": [ + "correctness" + ] } ], "title": "Operands shall not be of an inappropriate essential type" @@ -34,11 +38,14 @@ { "description": "Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations", "kind": "problem", - "name": "Expressions of essentially character type shall not be used inappropriately in addition and", + "name": "Inappropriate use of essentially character type operands in addition and subtraction operations", "precision": "very-high", "severity": "error", "short_name": "AdditionSubtractionOnEssentiallyCharType", - "tags": [] + "tags": [ + "maintainability", + "correctness" + ] } ], "title": "Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations" @@ -51,11 +58,14 @@ { "description": "The value of an expression shall not be assigned to an object with a narrower essential type or of a different essential type category", "kind": "problem", - "name": "The value of an expression shall not be assigned to an object with a narrower essential type or of a", - "precision": "high", - "severity": "error", + "name": "Do not assign to an object with a different essential type category or narrower essential type", + "precision": "very-high", + "severity": "warning", "short_name": "AssignmentOfIncompatibleEssentialType", - "tags": [] + "tags": [ + "maintainability", + "correctness" + ] } ], "title": "The value of an expression shall not be assigned to an object with a narrower essential type or of a different essential type category" @@ -68,11 +78,14 @@ { "description": "Both operands of an operator in which the usual arithmetic conversions are performed shall have the same essential type category", "kind": "problem", - "name": "Both operands of an operator in which the usual arithmetic conversions are performed shall have the", + "name": "Operator with usual arithmetic conversions shall have operands with the same essential type category", "precision": "very-high", - "severity": "error", + "severity": "warning", "short_name": "OperandsWithMismatchedEssentialTypeCategory", - "tags": [] + "tags": [ + "maintainability", + "correctness" + ] } ], "title": "Both operands of an operator in which the usual arithmetic conversions are performed shall have the same essential type category" @@ -83,13 +96,16 @@ }, "queries": [ { - "description": "", + "description": "Casting the value of an expression to an inappropriate essential type may lead to confusing or unexpected behavior in the way the value is converted.", "kind": "problem", "name": "The value of an expression should not be cast to an inappropriate essential type", "precision": "very-high", - "severity": "error", + "severity": "warning", "short_name": "InappropriateEssentialTypeCast", - "tags": [] + "tags": [ + "maintainability", + "correctness" + ] } ], "title": "The value of an expression should not be cast to an inappropriate essential type" @@ -100,13 +116,16 @@ }, "queries": [ { - "description": "", + "description": "Assigning a composite expression to an object with wider essential type can cause some unexpected conversions.", "kind": "problem", "name": "The value of a composite expression shall not be assigned to an object with wider essential type", "precision": "very-high", - "severity": "error", + "severity": "warning", "short_name": "AssignmentToWiderEssentialType", - "tags": [] + "tags": [ + "maintainability", + "correctness" + ] } ], "title": "The value of a composite expression shall not be assigned to an object with wider essential type" @@ -119,11 +138,14 @@ { "description": "If a composite expression is used as one operand of an operator in which the usual arithmetic conversions are performed then the other operand shall not have wider essential type", "kind": "problem", - "name": "If a composite expression is used as one operand of an operator in which the usual arithmetic", + "name": "Implicit conversion of composite expression operand to wider essential type", "precision": "very-high", - "severity": "error", + "severity": "warning", "short_name": "ImplicitConversionOfCompositeExpression", - "tags": [] + "tags": [ + "maintainability", + "correctness" + ] } ], "title": "If a composite expression is used as one operand of an operator in which the usual arithmetic conversions are performed then the other operand shall not have wider essential type" @@ -136,11 +158,14 @@ { "description": "The value of a composite expression shall not be cast to a different essential type category or a wider essential type", "kind": "problem", - "name": "The value of a composite expression shall not be cast to a different essential type category or a", + "name": "Composite expression explicitly casted to wider or different essential type", "precision": "very-high", - "severity": "error", + "severity": "warning", "short_name": "InappropriateCastOfCompositeExpression", - "tags": [] + "tags": [ + "maintainability", + "correctness" + ] } ], "title": "The value of a composite expression shall not be cast to a different essential type category or a wider essential type" @@ -151,13 +176,16 @@ }, "queries": [ { - "description": "", + "description": "A floating point loop counter can cause confusing behavior when incremented.", "kind": "problem", "name": "A loop counter shall not have essentially floating type", - "precision": "high", - "severity": "error", + "precision": "very-high", + "severity": "warning", "short_name": "LoopOverEssentiallyFloatType", - "tags": [] + "tags": [ + "maintainability", + "correctness" + ] } ], "title": "A loop counter shall not have essentially floating type" @@ -170,11 +198,14 @@ { "description": "The pointer arguments to the Standard Library function memcmp shall point to either a pointer type, an essentially signed type, an essentially unsigned type, an essentially Boolean type or an essentially enum type", "kind": "problem", - "name": "The pointer arguments to the Standard Library function memcmp shall point to either a pointer type,", + "name": "Do not use memcmp on pointers to characters or composite types such as structs and unions.", "precision": "very-high", "severity": "error", "short_name": "MemcmpOnInappropriateEssentialTypeArgs", - "tags": [] + "tags": [ + "maintainability", + "correctness" + ] } ], "title": "The pointer arguments to the Standard Library function memcmp shall point to either a pointer type, an essentially signed type, an essentially unsigned type, an essentially Boolean type or an essentially enum type" From 326d7d3d6b70408445fcb6f6c9049483bc7773b7 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Tue, 14 Feb 2023 14:30:31 +0000 Subject: [PATCH 0469/2573] EssentialTypes: add . to descriptions --- .../AdditionSubtractionOnEssentiallyCharType.ql | 2 +- .../AssignmentOfIncompatibleEssentialType.ql | 2 +- .../OperandsWithMismatchedEssentialTypeCategory.ql | 2 +- .../ImplicitConversionOfCompositeExpression.ql | 2 +- .../InappropriateCastOfCompositeExpression.ql | 2 +- .../MemcmpOnInappropriateEssentialTypeArgs.ql | 2 +- rule_packages/c/EssentialTypes.json | 12 ++++++------ 7 files changed, 12 insertions(+), 12 deletions(-) diff --git a/c/misra/src/rules/RULE-10-2/AdditionSubtractionOnEssentiallyCharType.ql b/c/misra/src/rules/RULE-10-2/AdditionSubtractionOnEssentiallyCharType.ql index 7ed86b9210..ad0c630e23 100644 --- a/c/misra/src/rules/RULE-10-2/AdditionSubtractionOnEssentiallyCharType.ql +++ b/c/misra/src/rules/RULE-10-2/AdditionSubtractionOnEssentiallyCharType.ql @@ -2,7 +2,7 @@ * @id c/misra/addition-subtraction-on-essentially-char-type * @name RULE-10-2: Inappropriate use of essentially character type operands in addition and subtraction operations * @description Expressions of essentially character type shall not be used inappropriately in - * addition and subtraction operations + * addition and subtraction operations. * @kind problem * @precision very-high * @problem.severity error diff --git a/c/misra/src/rules/RULE-10-3/AssignmentOfIncompatibleEssentialType.ql b/c/misra/src/rules/RULE-10-3/AssignmentOfIncompatibleEssentialType.ql index 358c0c1a09..353f6a9c8d 100644 --- a/c/misra/src/rules/RULE-10-3/AssignmentOfIncompatibleEssentialType.ql +++ b/c/misra/src/rules/RULE-10-3/AssignmentOfIncompatibleEssentialType.ql @@ -2,7 +2,7 @@ * @id c/misra/assignment-of-incompatible-essential-type * @name RULE-10-3: Do not assign to an object with a different essential type category or narrower essential type * @description The value of an expression shall not be assigned to an object with a narrower - * essential type or of a different essential type category + * essential type or of a different essential type category. * @kind problem * @precision very-high * @problem.severity warning diff --git a/c/misra/src/rules/RULE-10-4/OperandsWithMismatchedEssentialTypeCategory.ql b/c/misra/src/rules/RULE-10-4/OperandsWithMismatchedEssentialTypeCategory.ql index 6619ce31e4..d5ef8b6d26 100644 --- a/c/misra/src/rules/RULE-10-4/OperandsWithMismatchedEssentialTypeCategory.ql +++ b/c/misra/src/rules/RULE-10-4/OperandsWithMismatchedEssentialTypeCategory.ql @@ -2,7 +2,7 @@ * @id c/misra/operands-with-mismatched-essential-type-category * @name RULE-10-4: Operator with usual arithmetic conversions shall have operands with the same essential type category * @description Both operands of an operator in which the usual arithmetic conversions are performed - * shall have the same essential type category + * shall have the same essential type category. * @kind problem * @precision very-high * @problem.severity warning diff --git a/c/misra/src/rules/RULE-10-7/ImplicitConversionOfCompositeExpression.ql b/c/misra/src/rules/RULE-10-7/ImplicitConversionOfCompositeExpression.ql index c1f8c1c342..1cf20378fa 100644 --- a/c/misra/src/rules/RULE-10-7/ImplicitConversionOfCompositeExpression.ql +++ b/c/misra/src/rules/RULE-10-7/ImplicitConversionOfCompositeExpression.ql @@ -3,7 +3,7 @@ * @name RULE-10-7: Implicit conversion of composite expression operand to wider essential type * @description If a composite expression is used as one operand of an operator in which the usual * arithmetic conversions are performed then the other operand shall not have wider - * essential type + * essential type. * @kind problem * @precision very-high * @problem.severity warning diff --git a/c/misra/src/rules/RULE-10-8/InappropriateCastOfCompositeExpression.ql b/c/misra/src/rules/RULE-10-8/InappropriateCastOfCompositeExpression.ql index a251feefa2..8e58ded416 100644 --- a/c/misra/src/rules/RULE-10-8/InappropriateCastOfCompositeExpression.ql +++ b/c/misra/src/rules/RULE-10-8/InappropriateCastOfCompositeExpression.ql @@ -2,7 +2,7 @@ * @id c/misra/inappropriate-cast-of-composite-expression * @name RULE-10-8: Composite expression explicitly casted to wider or different essential type * @description The value of a composite expression shall not be cast to a different essential type - * category or a wider essential type + * category or a wider essential type. * @kind problem * @precision very-high * @problem.severity warning diff --git a/c/misra/src/rules/RULE-21-16/MemcmpOnInappropriateEssentialTypeArgs.ql b/c/misra/src/rules/RULE-21-16/MemcmpOnInappropriateEssentialTypeArgs.ql index 88a39dd973..cfeffe16a0 100644 --- a/c/misra/src/rules/RULE-21-16/MemcmpOnInappropriateEssentialTypeArgs.ql +++ b/c/misra/src/rules/RULE-21-16/MemcmpOnInappropriateEssentialTypeArgs.ql @@ -3,7 +3,7 @@ * @name RULE-21-16: Do not use memcmp on pointers to characters or composite types such as structs and unions. * @description The pointer arguments to the Standard Library function memcmp shall point to either * a pointer type, an essentially signed type, an essentially unsigned type, an - * essentially Boolean type or an essentially enum type + * essentially Boolean type or an essentially enum type. * @kind problem * @precision very-high * @problem.severity error diff --git a/rule_packages/c/EssentialTypes.json b/rule_packages/c/EssentialTypes.json index 412aca7fe8..f24b49f7c2 100644 --- a/rule_packages/c/EssentialTypes.json +++ b/rule_packages/c/EssentialTypes.json @@ -36,7 +36,7 @@ }, "queries": [ { - "description": "Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations", + "description": "Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations.", "kind": "problem", "name": "Inappropriate use of essentially character type operands in addition and subtraction operations", "precision": "very-high", @@ -56,7 +56,7 @@ }, "queries": [ { - "description": "The value of an expression shall not be assigned to an object with a narrower essential type or of a different essential type category", + "description": "The value of an expression shall not be assigned to an object with a narrower essential type or of a different essential type category.", "kind": "problem", "name": "Do not assign to an object with a different essential type category or narrower essential type", "precision": "very-high", @@ -76,7 +76,7 @@ }, "queries": [ { - "description": "Both operands of an operator in which the usual arithmetic conversions are performed shall have the same essential type category", + "description": "Both operands of an operator in which the usual arithmetic conversions are performed shall have the same essential type category.", "kind": "problem", "name": "Operator with usual arithmetic conversions shall have operands with the same essential type category", "precision": "very-high", @@ -136,7 +136,7 @@ }, "queries": [ { - "description": "If a composite expression is used as one operand of an operator in which the usual arithmetic conversions are performed then the other operand shall not have wider essential type", + "description": "If a composite expression is used as one operand of an operator in which the usual arithmetic conversions are performed then the other operand shall not have wider essential type.", "kind": "problem", "name": "Implicit conversion of composite expression operand to wider essential type", "precision": "very-high", @@ -156,7 +156,7 @@ }, "queries": [ { - "description": "The value of a composite expression shall not be cast to a different essential type category or a wider essential type", + "description": "The value of a composite expression shall not be cast to a different essential type category or a wider essential type.", "kind": "problem", "name": "Composite expression explicitly casted to wider or different essential type", "precision": "very-high", @@ -196,7 +196,7 @@ }, "queries": [ { - "description": "The pointer arguments to the Standard Library function memcmp shall point to either a pointer type, an essentially signed type, an essentially unsigned type, an essentially Boolean type or an essentially enum type", + "description": "The pointer arguments to the Standard Library function memcmp shall point to either a pointer type, an essentially signed type, an essentially unsigned type, an essentially Boolean type or an essentially enum type.", "kind": "problem", "name": "Do not use memcmp on pointers to characters or composite types such as structs and unions.", "precision": "very-high", From 58c70437cb7329faf9a898af23710941ef450189 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 14 Feb 2023 12:00:39 -0500 Subject: [PATCH 0470/2573] Declarations8: add rule DCL30-C --- .vscode/tasks.json | 1 + ...eObjectsWithAppropriateStorageDurations.md | 18 ++++++ ...eObjectsWithAppropriateStorageDurations.ql | 58 +++++++++++++++++++ ...tsWithAppropriateStorageDurations.expected | 4 ++ ...jectsWithAppropriateStorageDurations.qlref | 1 + c/cert/test/rules/DCL30-C/test.c | 34 +++++++++++ .../cpp/exclusions/c/Declarations8.qll | 26 +++++++++ .../cpp/exclusions/c/RuleMetadata.qll | 3 + rule_packages/c/Declarations8.json | 26 +++++++++ rules.csv | 2 +- 10 files changed, 172 insertions(+), 1 deletion(-) create mode 100644 c/cert/src/rules/DCL30-C/DeclareObjectsWithAppropriateStorageDurations.md create mode 100644 c/cert/src/rules/DCL30-C/DeclareObjectsWithAppropriateStorageDurations.ql create mode 100644 c/cert/test/rules/DCL30-C/DeclareObjectsWithAppropriateStorageDurations.expected create mode 100644 c/cert/test/rules/DCL30-C/DeclareObjectsWithAppropriateStorageDurations.qlref create mode 100644 c/cert/test/rules/DCL30-C/test.c create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/Declarations8.qll create mode 100644 rule_packages/c/Declarations8.json diff --git a/.vscode/tasks.json b/.vscode/tasks.json index 44b4c4b31e..11cca2a027 100644 --- a/.vscode/tasks.json +++ b/.vscode/tasks.json @@ -211,6 +211,7 @@ "Declarations5", "Declarations6", "Declarations7", + "Declarations8", "Exceptions1", "Exceptions2", "Expressions", diff --git a/c/cert/src/rules/DCL30-C/DeclareObjectsWithAppropriateStorageDurations.md b/c/cert/src/rules/DCL30-C/DeclareObjectsWithAppropriateStorageDurations.md new file mode 100644 index 0000000000..2f43befe14 --- /dev/null +++ b/c/cert/src/rules/DCL30-C/DeclareObjectsWithAppropriateStorageDurations.md @@ -0,0 +1,18 @@ +# DCL30-C: Declare objects with appropriate storage durations + +This query implements the CERT-C rule DCL30-C: + +> Declare objects with appropriate storage durations + + +## CERT + +** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** + +## Implementation notes + +The rule checks specifically for pointers to objects with automatic storage duration with respect to the following cases: returned by functions, assigned to function output parameters and assigned to static storage duration variables. + +## References + +* CERT-C: [DCL30-C: Declare objects with appropriate storage durations](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/DCL30-C/DeclareObjectsWithAppropriateStorageDurations.ql b/c/cert/src/rules/DCL30-C/DeclareObjectsWithAppropriateStorageDurations.ql new file mode 100644 index 0000000000..c278a3a340 --- /dev/null +++ b/c/cert/src/rules/DCL30-C/DeclareObjectsWithAppropriateStorageDurations.ql @@ -0,0 +1,58 @@ +/** + * @id c/cert/declare-objects-with-appropriate-storage-durations + * @name DCL30-C: Declare objects with appropriate storage durations + * @description When storage durations are not compatible between assigned pointers it can lead to + * referring to objects outside of their lifetime, which is undefined behaviour. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/cert/id/dcl30-c + * correctness + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import codingstandards.cpp.FunctionParameter +import semmle.code.cpp.dataflow.DataFlow + +class Source extends StackVariable { + Source() { not this instanceof FunctionParameter } +} + +abstract class Sink extends DataFlow::Node { } + +class FunctionSink extends Sink { + FunctionSink() { + //output parameter + exists(FunctionParameter f | + f.getAnAccess() = this.(DataFlow::PostUpdateNode).getPreUpdateNode().asExpr() and + f.getUnderlyingType() instanceof PointerType + ) + or + //function returns pointer + exists(Function f, ReturnStmt r | + f.getType() instanceof PointerType and + r.getEnclosingFunction() = f and + r.getExpr() = this.asExpr() + ) + } +} + +class StaticSink extends Sink { + StaticSink() { + exists(StaticStorageDurationVariable s | + this.(DataFlow::PostUpdateNode).getPreUpdateNode().asExpr() = s.getAnAccess() and + s.getUnderlyingType() instanceof PointerType + ) + } +} + +from DataFlow::Node src, DataFlow::Node sink +where + not isExcluded(sink.asExpr(), + Declarations8Package::declareObjectsWithAppropriateStorageDurationsQuery()) and + exists(Source s | src.asExpr() = s.getAnAccess()) and + sink instanceof Sink and + DataFlow::localFlow(src, sink) +select sink, "$@ with automatic storage may be accessible outside of its lifetime.", src, src.toString() diff --git a/c/cert/test/rules/DCL30-C/DeclareObjectsWithAppropriateStorageDurations.expected b/c/cert/test/rules/DCL30-C/DeclareObjectsWithAppropriateStorageDurations.expected new file mode 100644 index 0000000000..92a57418e2 --- /dev/null +++ b/c/cert/test/rules/DCL30-C/DeclareObjectsWithAppropriateStorageDurations.expected @@ -0,0 +1,4 @@ +| test.c:3:10:3:10 | a | $@ with automatic storage may be accessible outside of its lifetime. | test.c:3:10:3:10 | a | a | +| test.c:15:4:15:8 | param [inner post update] | $@ with automatic storage may be accessible outside of its lifetime. | test.c:15:12:15:13 | a2 | a2 | +| test.c:21:3:21:3 | g [post update] | $@ with automatic storage may be accessible outside of its lifetime. | test.c:21:7:21:8 | a3 | a3 | +| test.c:32:3:32:3 | g [post update] | $@ with automatic storage may be accessible outside of its lifetime. | test.c:32:7:32:8 | a5 | a5 | diff --git a/c/cert/test/rules/DCL30-C/DeclareObjectsWithAppropriateStorageDurations.qlref b/c/cert/test/rules/DCL30-C/DeclareObjectsWithAppropriateStorageDurations.qlref new file mode 100644 index 0000000000..0c2def1693 --- /dev/null +++ b/c/cert/test/rules/DCL30-C/DeclareObjectsWithAppropriateStorageDurations.qlref @@ -0,0 +1 @@ +rules/DCL30-C/DeclareObjectsWithAppropriateStorageDurations.ql \ No newline at end of file diff --git a/c/cert/test/rules/DCL30-C/test.c b/c/cert/test/rules/DCL30-C/test.c new file mode 100644 index 0000000000..f703f158c0 --- /dev/null +++ b/c/cert/test/rules/DCL30-C/test.c @@ -0,0 +1,34 @@ +char *f(void) { + char a[1]; + return a; // NON_COMPLIANT +} + +char f1(void) { + char a1[1]; + a1[0] = 'a'; + return a1[0]; // COMPLIANT +} + +void f2(char **param) { + char a2[1]; + a2[0] = 'a'; + *param = a2; // NON_COMPLIANT +} + +const char *g; +void f3(void) { + const char a3[] = "test"; + g = a3; // NON_COMPLIANT +} + +void f4(void) { + const char a4[] = "test"; + const char *p = a4; // COMPLIANT +} + +#include +void f5(void) { + const char a5[] = "test"; + g = a5; // COMPLIANT[FALSE_POSITIVE] + g = NULL; +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations8.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations8.qll new file mode 100644 index 0000000000..33cacba73b --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations8.qll @@ -0,0 +1,26 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype Declarations8Query = TDeclareObjectsWithAppropriateStorageDurationsQuery() + +predicate isDeclarations8QueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `declareObjectsWithAppropriateStorageDurations` query + Declarations8Package::declareObjectsWithAppropriateStorageDurationsQuery() and + queryId = + // `@id` for the `declareObjectsWithAppropriateStorageDurations` query + "c/cert/declare-objects-with-appropriate-storage-durations" and + ruleId = "DCL30-C" and + category = "rule" +} + +module Declarations8Package { + Query declareObjectsWithAppropriateStorageDurationsQuery() { + //autogenerate `Query` type + result = + // `Query` type for `declareObjectsWithAppropriateStorageDurations` query + TQueryC(TDeclarations8PackageQuery(TDeclareObjectsWithAppropriateStorageDurationsQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index 3fa8156798..74bd3427b8 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -22,6 +22,7 @@ import Declarations4 import Declarations5 import Declarations6 import Declarations7 +import Declarations8 import Expressions import IO1 import IO2 @@ -67,6 +68,7 @@ newtype TCQuery = TDeclarations5PackageQuery(Declarations5Query q) or TDeclarations6PackageQuery(Declarations6Query q) or TDeclarations7PackageQuery(Declarations7Query q) or + TDeclarations8PackageQuery(Declarations8Query q) or TExpressionsPackageQuery(ExpressionsQuery q) or TIO1PackageQuery(IO1Query q) or TIO2PackageQuery(IO2Query q) or @@ -112,6 +114,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isDeclarations5QueryMetadata(query, queryId, ruleId, category) or isDeclarations6QueryMetadata(query, queryId, ruleId, category) or isDeclarations7QueryMetadata(query, queryId, ruleId, category) or + isDeclarations8QueryMetadata(query, queryId, ruleId, category) or isExpressionsQueryMetadata(query, queryId, ruleId, category) or isIO1QueryMetadata(query, queryId, ruleId, category) or isIO2QueryMetadata(query, queryId, ruleId, category) or diff --git a/rule_packages/c/Declarations8.json b/rule_packages/c/Declarations8.json new file mode 100644 index 0000000000..e92056f2ee --- /dev/null +++ b/rule_packages/c/Declarations8.json @@ -0,0 +1,26 @@ +{ + "CERT-C": { + "DCL30-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "When storage durations are not compatible between assigned pointers it can lead to referring to objects outside of their lifetime, which is undefined behaviour.", + "kind": "problem", + "name": "Declare objects with appropriate storage durations", + "precision": "high", + "severity": "error", + "short_name": "DeclareObjectsWithAppropriateStorageDurations", + "tags": [ + "correctness" + ], + "implementation_scope": { + "description": "The rule checks specifically for pointers to objects with automatic storage duration with respect to the following cases: returned by functions, assigned to function output parameters and assigned to static storage duration variables." + } + } + ], + "title": "Declare objects with appropriate storage durations" + } + } +} \ No newline at end of file diff --git a/rules.csv b/rules.csv index c455e2ca15..6902671f7a 100644 --- a/rules.csv +++ b/rules.csv @@ -498,7 +498,7 @@ c,CERT-C,CON39-C,Yes,Rule,,,Do not join or detach a thread that was previously j c,CERT-C,CON40-C,Yes,Rule,,,Do not refer to an atomic variable twice in an expression,,Concurrency5,Medium, c,CERT-C,CON41-C,Yes,Rule,,,Wrap functions that can fail spuriously in a loop,CON53-CPP,Concurrency3,Medium, c,CERT-C,CON43-C,OutOfScope,Rule,,,Do not allow data races in multithreaded code,,,, -c,CERT-C,DCL30-C,Yes,Rule,,,Declare objects with appropriate storage durations,,Declarations,Hard, +c,CERT-C,DCL30-C,Yes,Rule,,,Declare objects with appropriate storage durations,,Declarations8,Hard, c,CERT-C,DCL31-C,Yes,Rule,,,Declare identifiers before using them,,Declarations1,Medium, c,CERT-C,DCL36-C,No,Rule,,,Do not declare an identifier with conflicting linkage classifications,,,, c,CERT-C,DCL37-C,Yes,Rule,,,Do not declare or define a reserved identifier,,Declarations1,Easy, From 5d78f26c65932474e6f747887a407ae0840c5ee7 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 14 Feb 2023 12:19:14 -0500 Subject: [PATCH 0471/2573] Declarations8: add helpfile DCL30-C --- ...eObjectsWithAppropriateStorageDurations.md | 177 +++++++++++++++++- 1 file changed, 175 insertions(+), 2 deletions(-) diff --git a/c/cert/src/rules/DCL30-C/DeclareObjectsWithAppropriateStorageDurations.md b/c/cert/src/rules/DCL30-C/DeclareObjectsWithAppropriateStorageDurations.md index 2f43befe14..f046dbc056 100644 --- a/c/cert/src/rules/DCL30-C/DeclareObjectsWithAppropriateStorageDurations.md +++ b/c/cert/src/rules/DCL30-C/DeclareObjectsWithAppropriateStorageDurations.md @@ -5,9 +5,182 @@ This query implements the CERT-C rule DCL30-C: > Declare objects with appropriate storage durations -## CERT -** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** +## Description + +Every object has a storage duration that determines its lifetime: *static*, *thread*, *automatic*, or *allocated*. + +According to the C Standard, 6.2.4, paragraph 2 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\], + +> The lifetime of an object is the portion of program execution during which storage is guaranteed to be reserved for it. An object exists, has a constant address, and retains its last-stored value throughout its lifetime. If an object is referred to outside of its lifetime, the behavior is undefined. The value of a pointer becomes indeterminate when the object it points to reaches the end of its lifetime. + + +Do not attempt to access an object outside of its lifetime. Attempting to do so is [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior) and can lead to an exploitable [vulnerability](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability). (See also [undefined behavior 9](https://wiki.sei.cmu.edu/confluence/display/c/CC.+Undefined+Behavior#CC.UndefinedBehavior-ub_9) in the C Standard, Annex J.) + +## Noncompliant Code Example (Differing Storage Durations) + +In this noncompliant code example, the address of the variable `c_str` with automatic storage duration is assigned to the variable `p`, which has static storage duration. The assignment itself is valid, but it is invalid for `c_str` to go out of scope while `p` holds its address, as happens at the end of `dont_do_this``()`. + +```cpp +#include + +const char *p; +void dont_do_this(void) { + const char c_str[] = "This will change"; + p = c_str; /* Dangerous */ +} + +void innocuous(void) { + printf("%s\n", p); +} + +int main(void) { + dont_do_this(); + innocuous(); + return 0; +} +``` + +## Compliant Solution (Same Storage Durations) + +In this compliant solution, `p` is declared with the same storage duration as `c_str`, preventing `p` from taking on an [indeterminate value](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-indeterminatevalue) outside of `this_is_OK()`: + +```cpp +void this_is_OK(void) { + const char c_str[] = "Everything OK"; + const char *p = c_str; + /* ... */ +} +/* p is inaccessible outside the scope of string c_str */ + +``` +Alternatively, both `p` and `c_str` could be declared with static storage duration. + +## Compliant Solution (Differing Storage Durations) + +If it is necessary for `p` to be defined with static storage duration but `c_str` with a more limited duration, then `p` can be set to `NULL` before `c_str` is destroyed. This practice prevents `p` from taking on an [indeterminate value](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-indeterminatevalue), although any references to `p` must check for `NULL`. + +```cpp +const char *p; +void is_this_OK(void) { + const char c_str[] = "Everything OK?"; + p = c_str; + /* ... */ + p = NULL; +} + +``` + +## Noncompliant Code Example (Return Values) + +In this noncompliant code sample, the function `init_array``()` returns a pointer to a character array with automatic storage duration, which is accessible to the caller: + +```cpp +char *init_array(void) { + char array[10]; + /* Initialize array */ + return array; +} + +``` +Some compilers generate a diagnostic message when a pointer to an object with automatic storage duration is returned from a function, as in this example. Programmers should compile code at high warning levels and resolve any diagnostic messages. (See [MSC00-C. Compile cleanly at high warning levels](https://wiki.sei.cmu.edu/confluence/display/c/MSC00-C.+Compile+cleanly+at+high+warning+levels).) + +## Compliant Solution (Return Values) + +The solution, in this case, depends on the intent of the programmer. If the intent is to modify the value of `array` and have that modification persist outside the scope of `init_array()`, the desired behavior can be achieved by declaring `array` elsewhere and passing it as an argument to `init_array()`: + +```cpp +#include +void init_array(char *array, size_t len) { + /* Initialize array */ + return; +} + +int main(void) { + char array[10]; + init_array(array, sizeof(array) / sizeof(array[0])); + /* ... */ + return 0; +} + +``` + +## Noncompliant Code Example (Output Parameter) + +In this noncompliant code example, the function `squirrel_away()` stores a pointer to local variable `local` into a location pointed to by function parameter `ptr_param`. Upon the return of `squirrel_away()`, the pointer `ptr_param` points to a variable that has an expired lifetime. + +```cpp +void squirrel_away(char **ptr_param) { + char local[10]; + /* Initialize array */ + *ptr_param = local; +} + +void rodent(void) { + char *ptr; + squirrel_away(&ptr); + /* ptr is live but invalid here */ +} + +``` + +## Compliant Solution (Output Parameter) + +In this compliant solution, the variable `local` has static storage duration; consequently, `ptr` can be used to reference the `local` array within the `rodent()` function: + +```cpp +char local[10]; + +void squirrel_away(char **ptr_param) { + /* Initialize array */ + *ptr_param = local; +} + +void rodent(void) { + char *ptr; + squirrel_away(&ptr); + /* ptr is valid in this scope */ +} + +``` + +## Risk Assessment + +Referencing an object outside of its lifetime can result in an attacker being able to execute arbitrary code. + +
Rule Severity Likelihood Remediation Cost Priority Level
DCL30-C High Probable High P6 L2
+ + +## Automated Detection + +
Tool Version Checker Description
Astrée 22.04 pointered-deallocation return-reference-local Fully checked
Axivion Bauhaus Suite 7.2.0 CertC-DCL30 Fully implemented
CodeSonar 7.2p0 LANG.STRUCT.RPL Returns pointer to local
Compass/ROSE Can detect violations of this rule. It automatically detects returning pointers to local variables. Detecting more general cases, such as examples where static pointers are set to local variables which then go out of scope, would be difficult
Coverity 2017.07 RETURN_LOCAL Finds many instances where a function will return a pointer to a local stack variable. Coverity Prevent cannot discover all violations of this rule, so further verification is necessary
Helix QAC 2022.4 C3217, C3225, C3230, C4140 C++2515, C++2516, C++2527, C++2528, C++4026, C++4624, C++4629
Klocwork 2022.4 LOCRET.ARGLOCRET.GLOB LOCRET.RET
LDRA tool suite 9.7.1 42 D, 77 D, 71 S, 565 S Enhanced Enforcement
Parasoft C/C++test 2022.2 CERT_C-DCL30-a CERT_C-DCL30-b The address of an object with automatic storage shall not be returned from a function The address of an object with automatic storage shall not be assigned to another object that may persist after the first object has ceased to exist
PC-lint Plus 1.4 604, 674, 733, 789 Partially supported
Polyspace Bug Finder R2022b CERT C: Rule DCL30-C Checks for pointer or reference to stack variable leaving scope (rule fully covered)
PRQA QA-C 9.7 3217, 3225, 3230, 4140 Partially implemented
PRQA QA-C++ 4.4 2515, 2516, 2527, 2528, 4026, 4624, 4629
PVS-Studio 7.23 V506 , V507 , V558 , V623 , V723 , V738
RuleChecker 22.04 return-reference-local Partially checked
Splint 3.1.1
TrustInSoft Analyzer 1.38 dangling_pointer Exhaustively detects undefined behavior (see one compliant and one non-compliant example ).
+ + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+DCL30-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
Taxonomy Taxonomy item Relationship
CERT C Secure Coding Standard MSC00-C. Compile cleanly at high warning levels Prior to 2018-01-12: CERT: Unspecified Relationship
CERT C EXP54-CPP. Do not access an object outside of its lifetime Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TR 24772:2013 Dangling References to Stack Frames \[DCM\] Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TS 17961 Escaping of the address of an automatic object \[addrescape\] Prior to 2018-01-12: CERT: Unspecified Relationship
MISRA C:2012 Rule 18.6 (required) Prior to 2018-01-12: CERT: Unspecified Relationship
+ + +## CERT-CWE Mapping Notes + +[Key here](https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=87152408#HowthisCodingStandardisOrganized-CERT-CWEMappingNotes) for mapping notes + +**CWE-562 and DCL30-C** + +DCL30-C = Union( CWE-562, list) where list = + +* Assigning a stack pointer to an argument (thereby letting it outlive the current function + +## Bibliography + +
\[ Coverity 2007 \]
\[ ISO/IEC 9899:2011 \] 6.2.4, "Storage Durations of Objects"
+ ## Implementation notes From 44d3abd8bc1a1c53337f18e315b420cc9b2fb6a6 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 14 Feb 2023 12:23:04 -0500 Subject: [PATCH 0472/2573] Declarations8: format fix helpfile DCL30-C --- .../DCL30-C/DeclareObjectsWithAppropriateStorageDurations.md | 1 - 1 file changed, 1 deletion(-) diff --git a/c/cert/src/rules/DCL30-C/DeclareObjectsWithAppropriateStorageDurations.md b/c/cert/src/rules/DCL30-C/DeclareObjectsWithAppropriateStorageDurations.md index f046dbc056..d088b49c41 100644 --- a/c/cert/src/rules/DCL30-C/DeclareObjectsWithAppropriateStorageDurations.md +++ b/c/cert/src/rules/DCL30-C/DeclareObjectsWithAppropriateStorageDurations.md @@ -5,7 +5,6 @@ This query implements the CERT-C rule DCL30-C: > Declare objects with appropriate storage durations - ## Description Every object has a storage duration that determines its lifetime: *static*, *thread*, *automatic*, or *allocated*. From 2dd045c746774e6f78144604080f2b7a822ab8be Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Wed, 15 Feb 2023 15:25:40 +0100 Subject: [PATCH 0473/2573] EXP43-C: Revert IR dataflow to AST data-flow --- .../EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql b/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql index 36bff0b06a..070b56d6f2 100644 --- a/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql +++ b/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.c.cert import codingstandards.c.Pointers import codingstandards.c.Variable -import semmle.code.cpp.ir.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import semmle.code.cpp.pointsto.PointsTo import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis From 563e08409243b11b169172c375db9b5389049a8f Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Wed, 15 Feb 2023 16:08:23 +0100 Subject: [PATCH 0474/2573] EXP43-C: Replace `!=` with `not =` Co-authored-by: Luke Cartey <5377966+lcartey@users.noreply.github.com> --- .../EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql b/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql index 070b56d6f2..400c8b871d 100644 --- a/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql +++ b/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql @@ -113,7 +113,7 @@ where not isExcluded(call, Pointers3Package::doNotPassAliasedPointerToRestrictQualifiedParamQuery()) and arg1 = call.getARestrictPtrArg() and arg2 = call.getAPtrArg() and - arg1 != arg2 and + not arg1 = arg2 and exists(PointerValueToRestrictArgConfig config, Expr source1, Expr source2 | config.hasFlow(DataFlow::exprNode(source1), DataFlow::exprNode(arg1.getAChild*())) and ( From 3a3a6a5ca963c062fe53ab3eb9ec44b73097a9ee Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Wed, 15 Feb 2023 16:10:33 +0100 Subject: [PATCH 0475/2573] EXP36-C: Output cast instead of sink node --- ...PointerToMoreStrictlyAlignedPointerType.ql | 2 +- ...rToMoreStrictlyAlignedPointerType.expected | 101 +++++++++--------- c/cert/test/rules/EXP36-C/test.c | 6 +- 3 files changed, 54 insertions(+), 55 deletions(-) diff --git a/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql b/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql index 32579dd250..7dd8489415 100644 --- a/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql +++ b/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql @@ -181,7 +181,7 @@ where alignmentFrom = expr.getAlignment() and // flag cases where the cast's target type has stricter alignment requirements than the source alignmentFrom < alignmentTo -select sink, source, sink, +select cast, source, sink, "Cast from pointer with " + alignmentFrom + "-byte alignment (defined by $@) to pointer with base type " + toBaseType.getUnderlyingType() + " with " + alignmentTo + "-byte alignment.", expr.getUnconverted(), expr.getKind() diff --git a/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected b/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected index b70d88fe3f..a1c9a14fa2 100644 --- a/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected +++ b/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected @@ -39,7 +39,7 @@ edges | test.c:135:21:135:23 | & ... | test.c:129:22:129:22 | v | | test.c:138:21:138:23 | & ... | test.c:129:22:129:22 | v | | test.c:166:24:166:29 | call to malloc | test.c:167:13:167:15 | & ... | -| test.c:166:24:166:29 | call to malloc | test.c:168:16:168:18 | & ... | +| test.c:166:24:166:29 | call to malloc | test.c:168:16:168:17 | s1 | | test.c:166:24:166:29 | call to malloc | test.c:169:13:169:14 | s1 | | test.c:166:24:166:29 | call to malloc | test.c:169:13:169:14 | s1 | | test.c:169:13:169:14 | s1 | test.c:129:22:129:22 | v | @@ -171,7 +171,7 @@ nodes | test.c:166:24:166:29 | call to malloc | semmle.label | call to malloc | | test.c:166:24:166:29 | call to malloc | semmle.label | call to malloc | | test.c:167:13:167:15 | & ... | semmle.label | & ... | -| test.c:168:16:168:18 | & ... | semmle.label | & ... | +| test.c:168:16:168:17 | s1 | semmle.label | s1 | | test.c:169:13:169:14 | s1 | semmle.label | s1 | | test.c:169:13:169:14 | s1 | semmle.label | s1 | | test.c:172:11:172:12 | s2 | semmle.label | s2 | @@ -217,52 +217,51 @@ nodes | test.c:257:10:257:12 | & ... | semmle.label | & ... | subpaths #select -| test.c:8:12:8:14 | & ... | test.c:8:12:8:14 | & ... | test.c:8:12:8:14 | & ... | Cast from pointer with 1-byte alignment (defined by $@) to pointer with base type short with 2-byte alignment. | test.c:8:12:8:14 | & ... | address-of expression | -| test.c:9:10:9:12 | & ... | test.c:9:10:9:12 | & ... | test.c:9:10:9:12 | & ... | Cast from pointer with 1-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:9:10:9:12 | & ... | address-of expression | -| test.c:10:11:10:13 | & ... | test.c:10:11:10:13 | & ... | test.c:10:11:10:13 | & ... | Cast from pointer with 1-byte alignment (defined by $@) to pointer with base type long with 8-byte alignment. | test.c:10:11:10:13 | & ... | address-of expression | -| test.c:11:12:11:14 | & ... | test.c:11:12:11:14 | & ... | test.c:11:12:11:14 | & ... | Cast from pointer with 1-byte alignment (defined by $@) to pointer with base type float with 4-byte alignment. | test.c:11:12:11:14 | & ... | address-of expression | -| test.c:12:13:12:15 | & ... | test.c:12:13:12:15 | & ... | test.c:12:13:12:15 | & ... | Cast from pointer with 1-byte alignment (defined by $@) to pointer with base type double with 8-byte alignment. | test.c:12:13:12:15 | & ... | address-of expression | -| test.c:17:10:17:12 | & ... | test.c:17:10:17:12 | & ... | test.c:17:10:17:12 | & ... | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:17:10:17:12 | & ... | address-of expression | -| test.c:18:11:18:13 | & ... | test.c:18:11:18:13 | & ... | test.c:18:11:18:13 | & ... | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type long with 8-byte alignment. | test.c:18:11:18:13 | & ... | address-of expression | -| test.c:19:12:19:14 | & ... | test.c:19:12:19:14 | & ... | test.c:19:12:19:14 | & ... | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type float with 4-byte alignment. | test.c:19:12:19:14 | & ... | address-of expression | -| test.c:20:13:20:15 | & ... | test.c:20:13:20:15 | & ... | test.c:20:13:20:15 | & ... | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type double with 8-byte alignment. | test.c:20:13:20:15 | & ... | address-of expression | -| test.c:27:11:27:13 | & ... | test.c:27:11:27:13 | & ... | test.c:27:11:27:13 | & ... | Cast from pointer with 4-byte alignment (defined by $@) to pointer with base type long with 8-byte alignment. | test.c:27:11:27:13 | & ... | address-of expression | -| test.c:28:13:28:15 | & ... | test.c:28:13:28:15 | & ... | test.c:28:13:28:15 | & ... | Cast from pointer with 4-byte alignment (defined by $@) to pointer with base type double with 8-byte alignment. | test.c:28:13:28:15 | & ... | address-of expression | -| test.c:35:11:35:13 | & ... | test.c:35:11:35:13 | & ... | test.c:35:11:35:13 | & ... | Cast from pointer with 4-byte alignment (defined by $@) to pointer with base type long with 8-byte alignment. | test.c:35:11:35:13 | & ... | address-of expression | -| test.c:36:13:36:15 | & ... | test.c:36:13:36:15 | & ... | test.c:36:13:36:15 | & ... | Cast from pointer with 4-byte alignment (defined by $@) to pointer with base type double with 8-byte alignment. | test.c:36:13:36:15 | & ... | address-of expression | -| test.c:61:11:61:13 | & ... | test.c:61:11:61:13 | & ... | test.c:61:11:61:13 | & ... | Cast from pointer with 4-byte alignment (defined by $@) to pointer with base type long with 8-byte alignment. | test.c:61:11:61:13 | & ... | address-of expression | -| test.c:62:13:62:15 | & ... | test.c:62:13:62:15 | & ... | test.c:62:13:62:15 | & ... | Cast from pointer with 4-byte alignment (defined by $@) to pointer with base type double with 8-byte alignment. | test.c:62:13:62:15 | & ... | address-of expression | -| test.c:77:12:77:13 | v1 | test.c:75:14:75:16 | & ... | test.c:77:12:77:13 | v1 | Cast from pointer with 1-byte alignment (defined by $@) to pointer with base type short with 2-byte alignment. | test.c:75:14:75:16 | & ... | address-of expression | -| test.c:78:10:78:11 | v1 | test.c:75:14:75:16 | & ... | test.c:78:10:78:11 | v1 | Cast from pointer with 1-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:75:14:75:16 | & ... | address-of expression | -| test.c:79:12:79:13 | v1 | test.c:75:14:75:16 | & ... | test.c:79:12:79:13 | v1 | Cast from pointer with 1-byte alignment (defined by $@) to pointer with base type float with 4-byte alignment. | test.c:75:14:75:16 | & ... | address-of expression | -| test.c:80:11:80:12 | v1 | test.c:75:14:75:16 | & ... | test.c:80:11:80:12 | v1 | Cast from pointer with 1-byte alignment (defined by $@) to pointer with base type long with 8-byte alignment. | test.c:75:14:75:16 | & ... | address-of expression | -| test.c:81:13:81:14 | v1 | test.c:75:14:75:16 | & ... | test.c:81:13:81:14 | v1 | Cast from pointer with 1-byte alignment (defined by $@) to pointer with base type double with 8-byte alignment. | test.c:75:14:75:16 | & ... | address-of expression | -| test.c:87:10:87:11 | v2 | test.c:84:14:84:16 | & ... | test.c:87:10:87:11 | v2 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:84:14:84:16 | & ... | address-of expression | -| test.c:88:12:88:13 | v2 | test.c:84:14:84:16 | & ... | test.c:88:12:88:13 | v2 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type float with 4-byte alignment. | test.c:84:14:84:16 | & ... | address-of expression | -| test.c:89:11:89:12 | v2 | test.c:84:14:84:16 | & ... | test.c:89:11:89:12 | v2 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type long with 8-byte alignment. | test.c:84:14:84:16 | & ... | address-of expression | -| test.c:90:13:90:14 | v2 | test.c:84:14:84:16 | & ... | test.c:90:13:90:14 | v2 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type double with 8-byte alignment. | test.c:84:14:84:16 | & ... | address-of expression | -| test.c:98:11:98:12 | v3 | test.c:93:14:93:16 | & ... | test.c:98:11:98:12 | v3 | Cast from pointer with 4-byte alignment (defined by $@) to pointer with base type long with 8-byte alignment. | test.c:93:14:93:16 | & ... | address-of expression | -| test.c:99:13:99:14 | v3 | test.c:93:14:93:16 | & ... | test.c:99:13:99:14 | v3 | Cast from pointer with 4-byte alignment (defined by $@) to pointer with base type double with 8-byte alignment. | test.c:93:14:93:16 | & ... | address-of expression | -| test.c:107:11:107:12 | v4 | test.c:102:14:102:16 | & ... | test.c:107:11:107:12 | v4 | Cast from pointer with 4-byte alignment (defined by $@) to pointer with base type long with 8-byte alignment. | test.c:102:14:102:16 | & ... | address-of expression | -| test.c:108:13:108:14 | v4 | test.c:102:14:102:16 | & ... | test.c:108:13:108:14 | v4 | Cast from pointer with 4-byte alignment (defined by $@) to pointer with base type double with 8-byte alignment. | test.c:102:14:102:16 | & ... | address-of expression | -| test.c:130:17:130:17 | v | test.c:135:21:135:23 | & ... | test.c:130:17:130:17 | v | Cast from pointer with 1-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:135:21:135:23 | & ... | address-of expression | -| test.c:130:17:130:17 | v | test.c:174:13:174:14 | s2 | test.c:130:17:130:17 | v | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:174:13:174:14 | s2 | pointer base type short | -| test.c:130:17:130:17 | v | test.c:179:13:179:14 | s3 | test.c:130:17:130:17 | v | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:179:13:179:14 | s3 | pointer base type short | -| test.c:130:17:130:17 | v | test.c:189:14:189:26 | call to aligned_alloc | test.c:130:17:130:17 | v | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:189:14:189:26 | call to aligned_alloc | call to aligned_alloc | -| test.c:158:13:158:20 | & ... | test.c:158:13:158:20 | & ... | test.c:158:13:158:20 | & ... | Cast from pointer with 1-byte alignment (defined by $@) to pointer with base type unsigned long with 8-byte alignment. | test.c:158:13:158:20 | & ... | address-of expression | -| test.c:162:16:162:18 | & ... | test.c:162:16:162:18 | & ... | test.c:162:16:162:18 | & ... | Cast from pointer with 8-byte alignment (defined by $@) to pointer with base type S3 with 64-byte alignment. | test.c:162:16:162:18 | & ... | address-of expression | -| test.c:168:16:168:18 | & ... | test.c:166:24:166:29 | call to malloc | test.c:168:16:168:18 | & ... | Cast from pointer with 16-byte alignment (defined by $@) to pointer with base type S3 with 64-byte alignment. | test.c:166:24:166:29 | call to malloc | call to malloc | -| test.c:168:16:168:18 | & ... | test.c:168:16:168:18 | & ... | test.c:168:16:168:18 | & ... | Cast from pointer with 8-byte alignment (defined by $@) to pointer with base type S3 with 64-byte alignment. | test.c:168:16:168:18 | & ... | address-of expression | -| test.c:173:13:173:14 | s2 | test.c:173:13:173:14 | s2 | test.c:173:13:173:14 | s2 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type unsigned long with 8-byte alignment. | test.c:173:13:173:14 | s2 | pointer base type short | -| test.c:178:13:178:14 | s3 | test.c:178:13:178:14 | s3 | test.c:178:13:178:14 | s3 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type unsigned long with 8-byte alignment. | test.c:178:13:178:14 | s3 | pointer base type short | -| test.c:186:13:186:14 | v1 | test.c:183:14:183:26 | call to aligned_alloc | test.c:186:13:186:14 | v1 | Cast from pointer with 4-byte alignment (defined by $@) to pointer with base type unsigned long with 8-byte alignment. | test.c:183:14:183:26 | call to aligned_alloc | call to aligned_alloc | -| test.c:216:10:216:11 | p2 | test.c:216:10:216:11 | p2 | test.c:216:10:216:11 | p2 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:216:10:216:11 | p2 | pointer base type short | -| test.c:217:11:217:12 | p2 | test.c:217:11:217:12 | p2 | test.c:217:11:217:12 | p2 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type long with 8-byte alignment. | test.c:217:11:217:12 | p2 | pointer base type short | -| test.c:218:12:218:13 | p2 | test.c:218:12:218:13 | p2 | test.c:218:12:218:13 | p2 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type float with 4-byte alignment. | test.c:218:12:218:13 | p2 | pointer base type short | -| test.c:219:13:219:14 | p2 | test.c:219:13:219:14 | p2 | test.c:219:13:219:14 | p2 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type double with 8-byte alignment. | test.c:219:13:219:14 | p2 | pointer base type short | -| test.c:225:10:225:11 | v1 | test.c:222:8:222:9 | p2 | test.c:225:10:225:11 | v1 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:222:8:222:9 | p2 | pointer base type short | -| test.c:226:12:226:13 | v1 | test.c:222:8:222:9 | p2 | test.c:226:12:226:13 | v1 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type float with 4-byte alignment. | test.c:222:8:222:9 | p2 | pointer base type short | -| test.c:227:11:227:12 | v1 | test.c:222:8:222:9 | p2 | test.c:227:11:227:12 | v1 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type long with 8-byte alignment. | test.c:222:8:222:9 | p2 | pointer base type short | -| test.c:228:13:228:14 | v1 | test.c:222:8:222:9 | p2 | test.c:228:13:228:14 | v1 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type double with 8-byte alignment. | test.c:222:8:222:9 | p2 | pointer base type short | -| test.c:256:10:256:12 | ps1 | test.c:252:16:252:18 | & ... | test.c:256:10:256:12 | ps1 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:252:16:252:18 | & ... | address-of expression | -| test.c:257:10:257:12 | & ... | test.c:257:10:257:12 | & ... | test.c:257:10:257:12 | & ... | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:257:10:257:12 | & ... | address-of expression | +| test.c:8:3:8:14 | (short *)... | test.c:8:12:8:14 | & ... | test.c:8:12:8:14 | & ... | Cast from pointer with 1-byte alignment (defined by $@) to pointer with base type short with 2-byte alignment. | test.c:8:12:8:14 | & ... | address-of expression | +| test.c:9:3:9:12 | (int *)... | test.c:9:10:9:12 | & ... | test.c:9:10:9:12 | & ... | Cast from pointer with 1-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:9:10:9:12 | & ... | address-of expression | +| test.c:10:3:10:13 | (long *)... | test.c:10:11:10:13 | & ... | test.c:10:11:10:13 | & ... | Cast from pointer with 1-byte alignment (defined by $@) to pointer with base type long with 8-byte alignment. | test.c:10:11:10:13 | & ... | address-of expression | +| test.c:11:3:11:14 | (float *)... | test.c:11:12:11:14 | & ... | test.c:11:12:11:14 | & ... | Cast from pointer with 1-byte alignment (defined by $@) to pointer with base type float with 4-byte alignment. | test.c:11:12:11:14 | & ... | address-of expression | +| test.c:12:3:12:15 | (double *)... | test.c:12:13:12:15 | & ... | test.c:12:13:12:15 | & ... | Cast from pointer with 1-byte alignment (defined by $@) to pointer with base type double with 8-byte alignment. | test.c:12:13:12:15 | & ... | address-of expression | +| test.c:17:3:17:12 | (int *)... | test.c:17:10:17:12 | & ... | test.c:17:10:17:12 | & ... | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:17:10:17:12 | & ... | address-of expression | +| test.c:18:3:18:13 | (long *)... | test.c:18:11:18:13 | & ... | test.c:18:11:18:13 | & ... | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type long with 8-byte alignment. | test.c:18:11:18:13 | & ... | address-of expression | +| test.c:19:3:19:14 | (float *)... | test.c:19:12:19:14 | & ... | test.c:19:12:19:14 | & ... | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type float with 4-byte alignment. | test.c:19:12:19:14 | & ... | address-of expression | +| test.c:20:3:20:15 | (double *)... | test.c:20:13:20:15 | & ... | test.c:20:13:20:15 | & ... | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type double with 8-byte alignment. | test.c:20:13:20:15 | & ... | address-of expression | +| test.c:27:3:27:13 | (long *)... | test.c:27:11:27:13 | & ... | test.c:27:11:27:13 | & ... | Cast from pointer with 4-byte alignment (defined by $@) to pointer with base type long with 8-byte alignment. | test.c:27:11:27:13 | & ... | address-of expression | +| test.c:28:3:28:15 | (double *)... | test.c:28:13:28:15 | & ... | test.c:28:13:28:15 | & ... | Cast from pointer with 4-byte alignment (defined by $@) to pointer with base type double with 8-byte alignment. | test.c:28:13:28:15 | & ... | address-of expression | +| test.c:35:3:35:13 | (long *)... | test.c:35:11:35:13 | & ... | test.c:35:11:35:13 | & ... | Cast from pointer with 4-byte alignment (defined by $@) to pointer with base type long with 8-byte alignment. | test.c:35:11:35:13 | & ... | address-of expression | +| test.c:36:3:36:15 | (double *)... | test.c:36:13:36:15 | & ... | test.c:36:13:36:15 | & ... | Cast from pointer with 4-byte alignment (defined by $@) to pointer with base type double with 8-byte alignment. | test.c:36:13:36:15 | & ... | address-of expression | +| test.c:61:3:61:13 | (long *)... | test.c:61:11:61:13 | & ... | test.c:61:11:61:13 | & ... | Cast from pointer with 4-byte alignment (defined by $@) to pointer with base type long with 8-byte alignment. | test.c:61:11:61:13 | & ... | address-of expression | +| test.c:62:3:62:15 | (double *)... | test.c:62:13:62:15 | & ... | test.c:62:13:62:15 | & ... | Cast from pointer with 4-byte alignment (defined by $@) to pointer with base type double with 8-byte alignment. | test.c:62:13:62:15 | & ... | address-of expression | +| test.c:77:3:77:13 | (short *)... | test.c:75:14:75:16 | & ... | test.c:77:12:77:13 | v1 | Cast from pointer with 1-byte alignment (defined by $@) to pointer with base type short with 2-byte alignment. | test.c:75:14:75:16 | & ... | address-of expression | +| test.c:78:3:78:11 | (int *)... | test.c:75:14:75:16 | & ... | test.c:78:10:78:11 | v1 | Cast from pointer with 1-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:75:14:75:16 | & ... | address-of expression | +| test.c:79:3:79:13 | (float *)... | test.c:75:14:75:16 | & ... | test.c:79:12:79:13 | v1 | Cast from pointer with 1-byte alignment (defined by $@) to pointer with base type float with 4-byte alignment. | test.c:75:14:75:16 | & ... | address-of expression | +| test.c:80:3:80:12 | (long *)... | test.c:75:14:75:16 | & ... | test.c:80:11:80:12 | v1 | Cast from pointer with 1-byte alignment (defined by $@) to pointer with base type long with 8-byte alignment. | test.c:75:14:75:16 | & ... | address-of expression | +| test.c:81:3:81:14 | (double *)... | test.c:75:14:75:16 | & ... | test.c:81:13:81:14 | v1 | Cast from pointer with 1-byte alignment (defined by $@) to pointer with base type double with 8-byte alignment. | test.c:75:14:75:16 | & ... | address-of expression | +| test.c:87:3:87:11 | (int *)... | test.c:84:14:84:16 | & ... | test.c:87:10:87:11 | v2 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:84:14:84:16 | & ... | address-of expression | +| test.c:88:3:88:13 | (float *)... | test.c:84:14:84:16 | & ... | test.c:88:12:88:13 | v2 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type float with 4-byte alignment. | test.c:84:14:84:16 | & ... | address-of expression | +| test.c:89:3:89:12 | (long *)... | test.c:84:14:84:16 | & ... | test.c:89:11:89:12 | v2 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type long with 8-byte alignment. | test.c:84:14:84:16 | & ... | address-of expression | +| test.c:90:3:90:14 | (double *)... | test.c:84:14:84:16 | & ... | test.c:90:13:90:14 | v2 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type double with 8-byte alignment. | test.c:84:14:84:16 | & ... | address-of expression | +| test.c:98:3:98:12 | (long *)... | test.c:93:14:93:16 | & ... | test.c:98:11:98:12 | v3 | Cast from pointer with 4-byte alignment (defined by $@) to pointer with base type long with 8-byte alignment. | test.c:93:14:93:16 | & ... | address-of expression | +| test.c:99:3:99:14 | (double *)... | test.c:93:14:93:16 | & ... | test.c:99:13:99:14 | v3 | Cast from pointer with 4-byte alignment (defined by $@) to pointer with base type double with 8-byte alignment. | test.c:93:14:93:16 | & ... | address-of expression | +| test.c:107:3:107:12 | (long *)... | test.c:102:14:102:16 | & ... | test.c:107:11:107:12 | v4 | Cast from pointer with 4-byte alignment (defined by $@) to pointer with base type long with 8-byte alignment. | test.c:102:14:102:16 | & ... | address-of expression | +| test.c:108:3:108:14 | (double *)... | test.c:102:14:102:16 | & ... | test.c:108:13:108:14 | v4 | Cast from pointer with 4-byte alignment (defined by $@) to pointer with base type double with 8-byte alignment. | test.c:102:14:102:16 | & ... | address-of expression | +| test.c:130:10:130:17 | (int *)... | test.c:135:21:135:23 | & ... | test.c:130:17:130:17 | v | Cast from pointer with 1-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:135:21:135:23 | & ... | address-of expression | +| test.c:130:10:130:17 | (int *)... | test.c:174:13:174:14 | s2 | test.c:130:17:130:17 | v | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:174:13:174:14 | s2 | pointer base type short | +| test.c:130:10:130:17 | (int *)... | test.c:179:13:179:14 | s3 | test.c:130:17:130:17 | v | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:179:13:179:14 | s3 | pointer base type short | +| test.c:130:10:130:17 | (int *)... | test.c:189:14:189:26 | call to aligned_alloc | test.c:130:17:130:17 | v | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:189:14:189:26 | call to aligned_alloc | call to aligned_alloc | +| test.c:158:3:158:20 | (size_t *)... | test.c:158:13:158:20 | & ... | test.c:158:13:158:20 | & ... | Cast from pointer with 1-byte alignment (defined by $@) to pointer with base type unsigned long with 8-byte alignment. | test.c:158:13:158:20 | & ... | address-of expression | +| test.c:162:3:162:18 | (S3 *)... | test.c:162:16:162:18 | & ... | test.c:162:16:162:18 | & ... | Cast from pointer with 8-byte alignment (defined by $@) to pointer with base type S3 with 64-byte alignment. | test.c:162:16:162:18 | & ... | address-of expression | +| test.c:168:3:168:17 | (S3 *)... | test.c:166:24:166:29 | call to malloc | test.c:168:16:168:17 | s1 | Cast from pointer with 16-byte alignment (defined by $@) to pointer with base type S3 with 64-byte alignment. | test.c:166:24:166:29 | call to malloc | call to malloc | +| test.c:173:3:173:14 | (size_t *)... | test.c:173:13:173:14 | s2 | test.c:173:13:173:14 | s2 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type unsigned long with 8-byte alignment. | test.c:173:13:173:14 | s2 | pointer base type short | +| test.c:178:3:178:14 | (size_t *)... | test.c:178:13:178:14 | s3 | test.c:178:13:178:14 | s3 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type unsigned long with 8-byte alignment. | test.c:178:13:178:14 | s3 | pointer base type short | +| test.c:186:3:186:14 | (size_t *)... | test.c:183:14:183:26 | call to aligned_alloc | test.c:186:13:186:14 | v1 | Cast from pointer with 4-byte alignment (defined by $@) to pointer with base type unsigned long with 8-byte alignment. | test.c:183:14:183:26 | call to aligned_alloc | call to aligned_alloc | +| test.c:216:3:216:11 | (int *)... | test.c:216:10:216:11 | p2 | test.c:216:10:216:11 | p2 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:216:10:216:11 | p2 | pointer base type short | +| test.c:217:3:217:12 | (long *)... | test.c:217:11:217:12 | p2 | test.c:217:11:217:12 | p2 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type long with 8-byte alignment. | test.c:217:11:217:12 | p2 | pointer base type short | +| test.c:218:3:218:13 | (float *)... | test.c:218:12:218:13 | p2 | test.c:218:12:218:13 | p2 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type float with 4-byte alignment. | test.c:218:12:218:13 | p2 | pointer base type short | +| test.c:219:3:219:14 | (double *)... | test.c:219:13:219:14 | p2 | test.c:219:13:219:14 | p2 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type double with 8-byte alignment. | test.c:219:13:219:14 | p2 | pointer base type short | +| test.c:225:3:225:11 | (int *)... | test.c:222:8:222:9 | p2 | test.c:225:10:225:11 | v1 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:222:8:222:9 | p2 | pointer base type short | +| test.c:226:3:226:13 | (float *)... | test.c:222:8:222:9 | p2 | test.c:226:12:226:13 | v1 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type float with 4-byte alignment. | test.c:222:8:222:9 | p2 | pointer base type short | +| test.c:227:3:227:12 | (long *)... | test.c:222:8:222:9 | p2 | test.c:227:11:227:12 | v1 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type long with 8-byte alignment. | test.c:222:8:222:9 | p2 | pointer base type short | +| test.c:228:3:228:14 | (double *)... | test.c:222:8:222:9 | p2 | test.c:228:13:228:14 | v1 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type double with 8-byte alignment. | test.c:222:8:222:9 | p2 | pointer base type short | +| test.c:256:3:256:12 | (int *)... | test.c:252:16:252:18 | & ... | test.c:256:10:256:12 | ps1 | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:252:16:252:18 | & ... | address-of expression | +| test.c:257:3:257:12 | (int *)... | test.c:257:10:257:12 | & ... | test.c:257:10:257:12 | & ... | Cast from pointer with 2-byte alignment (defined by $@) to pointer with base type int with 4-byte alignment. | test.c:257:10:257:12 | & ... | address-of expression | diff --git a/c/cert/test/rules/EXP36-C/test.c b/c/cert/test/rules/EXP36-C/test.c index 0d0eef551a..587bc6a183 100644 --- a/c/cert/test/rules/EXP36-C/test.c +++ b/c/cert/test/rules/EXP36-C/test.c @@ -164,9 +164,9 @@ void test_struct_alignment() { void test_malloc_alignment_and_pointer_arithmetic() { short *s1 = (short *)malloc(64); - (size_t *)&s1; // COMPLIANT - (struct S3 *)&s1; // NON_COMPLIANT - over-aligned struct - cast_away(s1); // COMPLIANT + (size_t *)&s1; // COMPLIANT + (struct S3 *)s1; // NON_COMPLIANT - over-aligned struct + cast_away(s1); // COMPLIANT short *s2 = s1 + 1; (char *)s2; // COMPLIANT From 009fc65836aba97a3ab5a2ccb1c3cb45da23cdba Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Wed, 15 Feb 2023 17:07:53 +0100 Subject: [PATCH 0476/2573] EXP39-C: Remove redundant "TODO" comment from test-case --- ...essVariableViaPointerOfIncompatibleType.ql | 1 + ...iableViaPointerOfIncompatibleType.expected | 78 +++++++++---------- c/cert/test/rules/EXP39-C/test.c | 1 - 3 files changed, 40 insertions(+), 40 deletions(-) diff --git a/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql b/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql index d9ef7e742c..88b464f769 100644 --- a/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql +++ b/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql @@ -153,6 +153,7 @@ Type compatibleTypes(Type type) { ) and ( ( + // all types are compatible with void and explicitly-unsigned char types result instanceof UnsignedCharType or [result.stripTopLevelSpecifiers(), type.stripTopLevelSpecifiers()] instanceof VoidType ) diff --git a/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected b/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected index da5437e3bb..4ca3d89b25 100644 --- a/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected +++ b/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected @@ -1,15 +1,15 @@ edges -| test.c:50:8:50:9 | s3 | test.c:51:8:51:9 | s1 | -| test.c:61:16:61:18 | E1A | test.c:62:16:62:17 | e1 | -| test.c:61:16:61:18 | E1A | test.c:66:10:66:12 | & ... | -| test.c:69:22:69:22 | v | test.c:69:41:69:41 | v | -| test.c:73:13:73:15 | & ... | test.c:69:22:69:22 | v | -| test.c:75:13:75:15 | & ... | test.c:69:22:69:22 | v | -| test.c:98:32:98:37 | call to malloc | test.c:99:40:99:41 | s2 | -| test.c:98:32:98:37 | call to malloc | test.c:99:40:99:41 | s2 | -| test.c:99:32:99:38 | call to realloc | test.c:100:3:100:4 | s3 | -| test.c:99:32:99:38 | call to realloc | test.c:101:10:101:11 | s3 | -| test.c:99:40:99:41 | s2 | test.c:99:32:99:38 | call to realloc | +| test.c:49:8:49:9 | s3 | test.c:50:8:50:9 | s1 | +| test.c:60:16:60:18 | E1A | test.c:61:16:61:17 | e1 | +| test.c:60:16:60:18 | E1A | test.c:65:10:65:12 | & ... | +| test.c:68:22:68:22 | v | test.c:68:41:68:41 | v | +| test.c:72:13:72:15 | & ... | test.c:68:22:68:22 | v | +| test.c:74:13:74:15 | & ... | test.c:68:22:68:22 | v | +| test.c:97:32:97:37 | call to malloc | test.c:98:40:98:41 | s2 | +| test.c:97:32:97:37 | call to malloc | test.c:98:40:98:41 | s2 | +| test.c:98:32:98:38 | call to realloc | test.c:99:3:99:4 | s3 | +| test.c:98:32:98:38 | call to realloc | test.c:100:10:100:11 | s3 | +| test.c:98:40:98:41 | s2 | test.c:98:32:98:38 | call to realloc | nodes | test.c:6:19:6:20 | & ... | semmle.label | & ... | | test.c:11:10:11:11 | & ... | semmle.label | & ... | @@ -23,29 +23,29 @@ nodes | test.c:29:13:29:15 | & ... | semmle.label | & ... | | test.c:30:19:30:21 | & ... | semmle.label | & ... | | test.c:31:16:31:18 | & ... | semmle.label | & ... | -| test.c:48:8:48:9 | s2 | semmle.label | s2 | -| test.c:50:8:50:9 | s3 | semmle.label | s3 | -| test.c:50:8:50:9 | s3 | semmle.label | s3 | -| test.c:51:8:51:9 | s1 | semmle.label | s1 | -| test.c:61:16:61:18 | E1A | semmle.label | E1A | -| test.c:61:16:61:18 | E1A | semmle.label | E1A | -| test.c:62:16:62:17 | e1 | semmle.label | e1 | -| test.c:66:10:66:12 | & ... | semmle.label | & ... | -| test.c:69:22:69:22 | v | semmle.label | v | -| test.c:69:41:69:41 | v | semmle.label | v | -| test.c:73:13:73:15 | & ... | semmle.label | & ... | -| test.c:73:13:73:15 | & ... | semmle.label | & ... | -| test.c:75:13:75:15 | & ... | semmle.label | & ... | -| test.c:75:13:75:15 | & ... | semmle.label | & ... | -| test.c:98:32:98:37 | call to malloc | semmle.label | call to malloc | -| test.c:98:32:98:37 | call to malloc | semmle.label | call to malloc | -| test.c:99:32:99:38 | call to realloc | semmle.label | call to realloc | -| test.c:99:32:99:38 | call to realloc | semmle.label | call to realloc | -| test.c:99:32:99:38 | call to realloc | semmle.label | call to realloc | -| test.c:99:40:99:41 | s2 | semmle.label | s2 | -| test.c:99:40:99:41 | s2 | semmle.label | s2 | -| test.c:100:3:100:4 | s3 | semmle.label | s3 | -| test.c:101:10:101:11 | s3 | semmle.label | s3 | +| test.c:47:8:47:9 | s2 | semmle.label | s2 | +| test.c:49:8:49:9 | s3 | semmle.label | s3 | +| test.c:49:8:49:9 | s3 | semmle.label | s3 | +| test.c:50:8:50:9 | s1 | semmle.label | s1 | +| test.c:60:16:60:18 | E1A | semmle.label | E1A | +| test.c:60:16:60:18 | E1A | semmle.label | E1A | +| test.c:61:16:61:17 | e1 | semmle.label | e1 | +| test.c:65:10:65:12 | & ... | semmle.label | & ... | +| test.c:68:22:68:22 | v | semmle.label | v | +| test.c:68:41:68:41 | v | semmle.label | v | +| test.c:72:13:72:15 | & ... | semmle.label | & ... | +| test.c:72:13:72:15 | & ... | semmle.label | & ... | +| test.c:74:13:74:15 | & ... | semmle.label | & ... | +| test.c:74:13:74:15 | & ... | semmle.label | & ... | +| test.c:97:32:97:37 | call to malloc | semmle.label | call to malloc | +| test.c:97:32:97:37 | call to malloc | semmle.label | call to malloc | +| test.c:98:32:98:38 | call to realloc | semmle.label | call to realloc | +| test.c:98:32:98:38 | call to realloc | semmle.label | call to realloc | +| test.c:98:32:98:38 | call to realloc | semmle.label | call to realloc | +| test.c:98:40:98:41 | s2 | semmle.label | s2 | +| test.c:98:40:98:41 | s2 | semmle.label | s2 | +| test.c:99:3:99:4 | s3 | semmle.label | s3 | +| test.c:100:10:100:11 | s3 | semmle.label | s3 | subpaths #select | test.c:6:19:6:20 | & ... | test.c:6:19:6:20 | & ... | test.c:6:19:6:20 | & ... | Cast from float to int results in an incompatible pointer base type. | @@ -53,8 +53,8 @@ subpaths | test.c:13:17:13:19 | & ... | test.c:13:17:13:19 | & ... | test.c:13:17:13:19 | & ... | Cast from short[2] to short[4] results in an incompatible pointer base type. | | test.c:19:18:19:20 | & ... | test.c:19:18:19:20 | & ... | test.c:19:18:19:20 | & ... | Cast from char to signed char results in an incompatible pointer base type. | | test.c:30:19:30:21 | & ... | test.c:30:19:30:21 | & ... | test.c:30:19:30:21 | & ... | Cast from int to unsigned int results in an incompatible pointer base type. | -| test.c:48:8:48:9 | s2 | test.c:48:8:48:9 | s2 | test.c:48:8:48:9 | s2 | Cast from struct to struct results in an incompatible pointer base type. | -| test.c:50:8:50:9 | s3 | test.c:50:8:50:9 | s3 | test.c:50:8:50:9 | s3 | Cast from S1 to struct results in an incompatible pointer base type. | -| test.c:51:8:51:9 | s1 | test.c:51:8:51:9 | s1 | test.c:51:8:51:9 | s1 | Cast from struct to S1 results in an incompatible pointer base type. | -| test.c:69:41:69:41 | v | test.c:73:13:73:15 | & ... | test.c:69:41:69:41 | v | Cast from float to int results in an incompatible pointer base type. | -| test.c:100:3:100:4 | s3 | test.c:99:40:99:41 | s2 | test.c:100:3:100:4 | s3 | Cast from S2 to S3 results in an incompatible pointer base type. | +| test.c:47:8:47:9 | s2 | test.c:47:8:47:9 | s2 | test.c:47:8:47:9 | s2 | Cast from struct to struct results in an incompatible pointer base type. | +| test.c:49:8:49:9 | s3 | test.c:49:8:49:9 | s3 | test.c:49:8:49:9 | s3 | Cast from S1 to struct results in an incompatible pointer base type. | +| test.c:50:8:50:9 | s1 | test.c:50:8:50:9 | s1 | test.c:50:8:50:9 | s1 | Cast from struct to S1 results in an incompatible pointer base type. | +| test.c:68:41:68:41 | v | test.c:72:13:72:15 | & ... | test.c:68:41:68:41 | v | Cast from float to int results in an incompatible pointer base type. | +| test.c:99:3:99:4 | s3 | test.c:98:40:98:41 | s2 | test.c:99:3:99:4 | s3 | Cast from S2 to S3 results in an incompatible pointer base type. | diff --git a/c/cert/test/rules/EXP39-C/test.c b/c/cert/test/rules/EXP39-C/test.c index 60a0a428c7..75d1eed462 100644 --- a/c/cert/test/rules/EXP39-C/test.c +++ b/c/cert/test/rules/EXP39-C/test.c @@ -42,7 +42,6 @@ struct S1 { } * s3; struct S1 *s4; -// TODO test across files void test_incompatible_structs() { // s1 and s2 do not have tags, and are therefore not compatible s1 = s2; // NON_COMPLIANT From 6a554acde75048e840dbe48546ccc1641ea3bee9 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Wed, 15 Feb 2023 22:10:16 +0100 Subject: [PATCH 0477/2573] EXP43-C: Refine data-flow and add context to output --- ...sAliasedPointerToRestrictQualifiedParam.ql | 42 ++++++++++----- ...trictPointerReferencesOverlappingObject.ql | 52 ++++++++++++------- ...edPointerToRestrictQualifiedParam.expected | 11 ++-- ...ointerReferencesOverlappingObject.expected | 17 +++--- c/cert/test/rules/EXP43-C/test.c | 7 ++- c/common/src/codingstandards/c/Variable.qll | 1 + 6 files changed, 85 insertions(+), 45 deletions(-) diff --git a/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql b/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql index 070b56d6f2..04f88897d3 100644 --- a/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql +++ b/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql @@ -49,8 +49,8 @@ class CallToFunctionWithRestrictParameters extends FunctionCall { .getIndex()) } - Expr getAPtrArg() { - result = this.getAnArgument() and + Expr getAPtrArg(int index) { + result = this.getArgument(index) and pointerValue(result) } @@ -69,9 +69,13 @@ class CallToFunctionWithRestrictParameters extends FunctionCall { * A `PointsToExpr` that is an argument of a pointer-type in a `CallToFunctionWithRestrictParameters` */ class CallToFunctionWithRestrictParametersArgExpr extends Expr { + int paramIndex; + CallToFunctionWithRestrictParametersArgExpr() { - this = any(CallToFunctionWithRestrictParameters call).getAPtrArg() + this = any(CallToFunctionWithRestrictParameters call).getAPtrArg(paramIndex) } + + int getParamIndex() { result = paramIndex } } int getStatedValue(Expr e) { @@ -101,28 +105,41 @@ class PointerValueToRestrictArgConfig extends DataFlow::Configuration { override predicate isSink(DataFlow::Node sink) { exists(CallToFunctionWithRestrictParameters call | - sink.asExpr() = call.getAPtrArg().getAChild*() + sink.asExpr() = call.getAPtrArg(_).getAChild*() ) } + + override predicate isBarrierIn(DataFlow::Node node) { + exists(AddressOfExpr a | node.asExpr() = a.getOperand().getAChild*()) + } } from CallToFunctionWithRestrictParameters call, CallToFunctionWithRestrictParametersArgExpr arg1, - CallToFunctionWithRestrictParametersArgExpr arg2, int argOffset1, int argOffset2 + CallToFunctionWithRestrictParametersArgExpr arg2, int argOffset1, int argOffset2, Expr source1, + Expr source2, string sourceMessage1, string sourceMessage2 where not isExcluded(call, Pointers3Package::doNotPassAliasedPointerToRestrictQualifiedParamQuery()) and arg1 = call.getARestrictPtrArg() and - arg2 = call.getAPtrArg() and - arg1 != arg2 and - exists(PointerValueToRestrictArgConfig config, Expr source1, Expr source2 | + arg2 = call.getAPtrArg(_) and + // enforce ordering to remove permutations if multiple restrict-qualified args exist + (not arg2 = call.getARestrictPtrArg() or arg2.getParamIndex() > arg1.getParamIndex()) and + // check if two pointers address the same object + exists(PointerValueToRestrictArgConfig config | config.hasFlow(DataFlow::exprNode(source1), DataFlow::exprNode(arg1.getAChild*())) and ( // one pointer value flows to both args - config.hasFlow(DataFlow::exprNode(source1), DataFlow::exprNode(arg2.getAChild*())) + config.hasFlow(DataFlow::exprNode(source1), DataFlow::exprNode(arg2.getAChild*())) and + sourceMessage1 = "$@" and + sourceMessage2 = "source" and + source1 = source2 or // there are two separate values that flow from an AddressOfExpr of the same target getAddressOfExprTargetBase(source1) = getAddressOfExprTargetBase(source2) and - config.hasFlow(DataFlow::exprNode(source2), DataFlow::exprNode(arg2.getAChild*())) + config.hasFlow(DataFlow::exprNode(source2), DataFlow::exprNode(arg2.getAChild*())) and + sourceMessage1 = "a pair of address-of expressions ($@, $@)" and + sourceMessage2 = "addressof1" and + not source1 = source2 ) ) and // get the offset of the pointer arithmetic operand (or '0' if there is none) @@ -146,5 +163,6 @@ where not exists(call.getAPossibleSizeArg()) ) select call, - "Call to '" + call.getTarget().getName() + - "' passes an aliased pointer to a restrict-qualified parameter." + "Call to '" + call.getTarget().getName() + "' passes an $@ to a $@ (pointer value derived from " + + sourceMessage1 + ".", arg2, "aliased pointer", arg1, "restrict-qualified parameter", source1, + sourceMessage2, source2, "addressof2" diff --git a/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql b/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql index 212d0b06de..6d5ba288af 100644 --- a/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql +++ b/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql @@ -28,6 +28,11 @@ class AssignmentOrInitializationToRestrictPtrValueExpr extends Expr { } Variable getVariable() { result = v } + + predicate isTargetRestrictQualifiedAndInSameScope() { + this.(VariableAccess).getTarget().getType().hasSpecifier("restrict") and + this.(VariableAccess).getTarget().getParentScope() = this.getVariable().getParentScope() + } } /** @@ -46,30 +51,41 @@ class AssignedValueToRestrictPtrValueConfiguration extends DataFlow::Configurati override predicate isSink(DataFlow::Node sink) { sink.asExpr() instanceof AssignmentOrInitializationToRestrictPtrValueExpr } + + override predicate isBarrierIn(DataFlow::Node node) { + isSource(node) + } } from - AssignedValueToRestrictPtrValueConfiguration config, DataFlow::Node sourceValue, - AssignmentOrInitializationToRestrictPtrValueExpr expr, - AssignmentOrInitializationToRestrictPtrValueExpr pre_expr + AssignedValueToRestrictPtrValueConfiguration config, + AssignmentOrInitializationToRestrictPtrValueExpr expr, DataFlow::Node sourceValue, + string sourceMessage where not isExcluded(expr, Pointers3Package::restrictPointerReferencesOverlappingObjectQuery()) and ( + // Two restrict-qualified pointers in the same scope assigned to each other + expr.isTargetRestrictQualifiedAndInSameScope() and + sourceValue.asExpr() = expr and + sourceMessage = "the object pointed to by " + expr.(VariableAccess).getTarget().getName() + or // If the same expressions flows to two unique `AssignmentOrInitializationToRestrictPtrValueExpr` // in the same block, then the two variables point to the same (overlapping) object - expr.getEnclosingBlock() = pre_expr.getEnclosingBlock() and - ( - config.hasFlow(sourceValue, DataFlow::exprNode(pre_expr)) and - config.hasFlow(sourceValue, DataFlow::exprNode(expr)) - or - // Expressions referring to the address of the same variable can also result in aliasing - getAddressOfExprTargetBase(expr) = getAddressOfExprTargetBase(pre_expr) - ) and - strictlyDominates(pragma[only_bind_out](pre_expr), pragma[only_bind_out](expr)) - or - // Two restrict-qualified pointers in the same scope assigned to each other - expr.(VariableAccess).getTarget().getType().hasSpecifier("restrict") and - expr.(VariableAccess).getTarget().getParentScope() = expr.getVariable().getParentScope() + not expr.isTargetRestrictQualifiedAndInSameScope() and + exists(AssignmentOrInitializationToRestrictPtrValueExpr pre_expr | + expr.getEnclosingBlock() = pre_expr.getEnclosingBlock() and + ( + config.hasFlow(sourceValue, DataFlow::exprNode(pre_expr)) and + config.hasFlow(sourceValue, DataFlow::exprNode(expr)) and + sourceMessage = "the same source value" + or + // Expressions referring to the address of the same variable can also result in aliasing + getAddressOfExprTargetBase(expr) = getAddressOfExprTargetBase(pre_expr) and + sourceValue.asExpr() = pre_expr and + sourceMessage = getAddressOfExprTargetBase(expr).getName() + " via address-of" + ) and + strictlyDominates(pragma[only_bind_out](pre_expr), pragma[only_bind_out](expr)) + ) ) -select expr, "Assignment to restrict-qualified pointer $@ results in pointer aliasing.", - expr.getVariable(), expr.getVariable().getName() +select expr, "Assignment to restrict-qualified pointer $@ results in pointers aliasing $@.", + expr.getVariable(), expr.getVariable().getName(), sourceValue, sourceMessage diff --git a/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.expected b/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.expected index 3ad9bc225b..4d4c20a39c 100644 --- a/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.expected +++ b/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.expected @@ -1,5 +1,6 @@ -| test.c:59:3:59:6 | call to copy | Call to 'copy' passes an aliased pointer to a restrict-qualified parameter. | -| test.c:64:3:64:6 | call to copy | Call to 'copy' passes an aliased pointer to a restrict-qualified parameter. | -| test.c:70:3:70:8 | call to strcpy | Call to 'strcpy' passes an aliased pointer to a restrict-qualified parameter. | -| test.c:77:3:77:8 | call to memcpy | Call to 'memcpy' passes an aliased pointer to a restrict-qualified parameter. | -| test.c:90:3:90:7 | call to scanf | Call to 'scanf' passes an aliased pointer to a restrict-qualified parameter. | +| test.c:59:3:59:6 | call to copy | Call to 'copy' passes an $@ to a $@ (pointer value derived from a pair of address-of expressions ($@, $@). | test.c:59:13:59:15 | & ... | aliased pointer | test.c:59:8:59:10 | & ... | restrict-qualified parameter | test.c:59:8:59:10 | & ... | addressof1 | test.c:59:13:59:15 | & ... | addressof2 | +| test.c:65:3:65:6 | call to copy | Call to 'copy' passes an $@ to a $@ (pointer value derived from a pair of address-of expressions ($@, $@). | test.c:65:15:65:19 | & ... | aliased pointer | test.c:65:8:65:12 | & ... | restrict-qualified parameter | test.c:65:8:65:12 | & ... | addressof1 | test.c:65:15:65:19 | & ... | addressof2 | +| test.c:67:3:67:6 | call to copy | Call to 'copy' passes an $@ to a $@ (pointer value derived from a pair of address-of expressions ($@, $@). | test.c:67:15:67:16 | px | aliased pointer | test.c:67:8:67:12 | & ... | restrict-qualified parameter | test.c:67:8:67:12 | & ... | addressof1 | test.c:63:13:63:17 | & ... | addressof2 | +| test.c:73:3:73:8 | call to strcpy | Call to 'strcpy' passes an $@ to a $@ (pointer value derived from a pair of address-of expressions ($@, $@). | test.c:73:15:73:21 | ... + ... | aliased pointer | test.c:73:10:73:12 | & ... | restrict-qualified parameter | test.c:73:10:73:12 | & ... | addressof1 | test.c:73:15:73:17 | & ... | addressof2 | +| test.c:80:3:80:8 | call to memcpy | Call to 'memcpy' passes an $@ to a $@ (pointer value derived from a pair of address-of expressions ($@, $@). | test.c:80:15:80:21 | ... + ... | aliased pointer | test.c:80:10:80:12 | & ... | restrict-qualified parameter | test.c:80:10:80:12 | & ... | addressof1 | test.c:80:15:80:17 | & ... | addressof2 | +| test.c:93:3:93:7 | call to scanf | Call to 'scanf' passes an $@ to a $@ (pointer value derived from a pair of address-of expressions ($@, $@). | test.c:93:14:93:20 | ... + ... | aliased pointer | test.c:93:9:93:11 | & ... | restrict-qualified parameter | test.c:93:9:93:11 | & ... | addressof1 | test.c:93:14:93:16 | & ... | addressof2 | diff --git a/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected b/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected index cd389fcde3..3746991c09 100644 --- a/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected +++ b/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected @@ -1,8 +1,9 @@ -| test.c:18:22:18:23 | i2 | Assignment to restrict-qualified pointer $@ results in pointer aliasing. | test.c:18:17:18:18 | i3 | i3 | -| test.c:19:8:19:9 | g2 | Assignment to restrict-qualified pointer $@ results in pointer aliasing. | test.c:5:15:5:16 | g1 | g1 | -| test.c:20:8:20:9 | i2 | Assignment to restrict-qualified pointer $@ results in pointer aliasing. | test.c:16:17:16:18 | i1 | i1 | -| test.c:27:10:27:11 | g1 | Assignment to restrict-qualified pointer $@ results in pointer aliasing. | test.c:23:19:23:20 | i5 | i5 | -| test.c:28:10:28:11 | g1 | Assignment to restrict-qualified pointer $@ results in pointer aliasing. | test.c:22:19:22:20 | i4 | i4 | -| test.c:39:22:39:26 | & ... | Assignment to restrict-qualified pointer $@ results in pointer aliasing. | test.c:39:17:39:18 | px | px | -| test.c:45:10:45:14 | & ... | Assignment to restrict-qualified pointer $@ results in pointer aliasing. | test.c:42:19:42:20 | pz | pz | -| test.c:46:10:46:14 | & ... | Assignment to restrict-qualified pointer $@ results in pointer aliasing. | test.c:41:19:41:20 | py | py | +| test.c:18:22:18:23 | i2 | Assignment to restrict-qualified pointer $@ results in pointers aliasing $@. | test.c:18:17:18:18 | i3 | i3 | test.c:18:22:18:23 | i2 | the object pointed to by i2 | +| test.c:19:8:19:9 | g2 | Assignment to restrict-qualified pointer $@ results in pointers aliasing $@. | test.c:5:15:5:16 | g1 | g1 | test.c:19:8:19:9 | g2 | the object pointed to by g2 | +| test.c:20:8:20:9 | i2 | Assignment to restrict-qualified pointer $@ results in pointers aliasing $@. | test.c:16:17:16:18 | i1 | i1 | test.c:20:8:20:9 | i2 | the object pointed to by i2 | +| test.c:27:10:27:11 | g1 | Assignment to restrict-qualified pointer $@ results in pointers aliasing $@. | test.c:23:19:23:20 | i5 | i5 | test.c:19:8:19:9 | g2 | the same source value | +| test.c:28:10:28:11 | g1 | Assignment to restrict-qualified pointer $@ results in pointers aliasing $@. | test.c:22:19:22:20 | i4 | i4 | test.c:19:8:19:9 | g2 | the same source value | +| test.c:39:22:39:26 | & ... | Assignment to restrict-qualified pointer $@ results in pointers aliasing $@. | test.c:39:17:39:18 | px | px | test.c:38:28:38:30 | & ... | v1 via address-of | +| test.c:45:10:45:14 | & ... | Assignment to restrict-qualified pointer $@ results in pointers aliasing $@. | test.c:42:19:42:20 | pz | pz | test.c:43:10:43:14 | & ... | v1 via address-of | +| test.c:46:10:46:14 | & ... | Assignment to restrict-qualified pointer $@ results in pointers aliasing $@. | test.c:41:19:41:20 | py | py | test.c:43:10:43:14 | & ... | v1 via address-of | +| test.c:46:10:46:14 | & ... | Assignment to restrict-qualified pointer $@ results in pointers aliasing $@. | test.c:41:19:41:20 | py | py | test.c:45:10:45:14 | & ... | v1 via address-of | diff --git a/c/cert/test/rules/EXP43-C/test.c b/c/cert/test/rules/EXP43-C/test.c index 705c2a171a..3bf7cfa490 100644 --- a/c/cert/test/rules/EXP43-C/test.c +++ b/c/cert/test/rules/EXP43-C/test.c @@ -60,8 +60,11 @@ void test_restrict_params() { copy(&i1, &i2, 1); // COMPLIANT int x[10]; - copy(&x[0], &x[1], 1); // COMPLIANT - non overlapping - copy(&x[0], &x[1], 2); // NON_COMPLIANT - overlapping + int *px = &x[0]; + copy(&x[0], &x[1], 1); // COMPLIANT - non overlapping + copy(&x[0], &x[1], 2); // NON_COMPLIANT - overlapping + copy(&x[0], (int *)x[0], 1); // COMPLIANT - non overlapping + copy(&x[0], px, 1); // NON_COMPLIANT - overlapping } void test_strcpy() { diff --git a/c/common/src/codingstandards/c/Variable.qll b/c/common/src/codingstandards/c/Variable.qll index 40ec32aec5..4231243be2 100644 --- a/c/common/src/codingstandards/c/Variable.qll +++ b/c/common/src/codingstandards/c/Variable.qll @@ -47,6 +47,7 @@ class FlexibleArrayMemberCandidate extends MemberVariable { Variable getAddressOfExprTargetBase(AddressOfExpr expr) { result = expr.getOperand().(ValueFieldAccess).getQualifier().(VariableAccess).getTarget() or + not expr.getOperand() instanceof ValueFieldAccess and result = expr.getOperand().(VariableAccess).getTarget() or result = expr.getOperand().(ArrayExpr).getArrayBase().(VariableAccess).getTarget() From 2f91e33089ac7ca4bd4f1150ba811334037ea10e Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Wed, 15 Feb 2023 22:17:14 +0100 Subject: [PATCH 0478/2573] EXP43-C: Refactor and remove test code Remove an accidental `isBarrier` predicate left in from development --- .../DoNotPassAliasedPointerToRestrictQualifiedParam.ql | 7 ++++--- .../EXP43-C/RestrictPointerReferencesOverlappingObject.ql | 4 ---- 2 files changed, 4 insertions(+), 7 deletions(-) diff --git a/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql b/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql index 04f88897d3..32e50b2112 100644 --- a/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql +++ b/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql @@ -115,7 +115,8 @@ class PointerValueToRestrictArgConfig extends DataFlow::Configuration { } from - CallToFunctionWithRestrictParameters call, CallToFunctionWithRestrictParametersArgExpr arg1, + PointerValueToRestrictArgConfig config, CallToFunctionWithRestrictParameters call, + CallToFunctionWithRestrictParametersArgExpr arg1, CallToFunctionWithRestrictParametersArgExpr arg2, int argOffset1, int argOffset2, Expr source1, Expr source2, string sourceMessage1, string sourceMessage2 where @@ -124,8 +125,8 @@ where arg2 = call.getAPtrArg(_) and // enforce ordering to remove permutations if multiple restrict-qualified args exist (not arg2 = call.getARestrictPtrArg() or arg2.getParamIndex() > arg1.getParamIndex()) and - // check if two pointers address the same object - exists(PointerValueToRestrictArgConfig config | + ( + // check if two pointers address the same object config.hasFlow(DataFlow::exprNode(source1), DataFlow::exprNode(arg1.getAChild*())) and ( // one pointer value flows to both args diff --git a/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql b/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql index 6d5ba288af..88f29d86b1 100644 --- a/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql +++ b/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql @@ -51,10 +51,6 @@ class AssignedValueToRestrictPtrValueConfiguration extends DataFlow::Configurati override predicate isSink(DataFlow::Node sink) { sink.asExpr() instanceof AssignmentOrInitializationToRestrictPtrValueExpr } - - override predicate isBarrierIn(DataFlow::Node node) { - isSource(node) - } } from From a5a8c6eb0459d902aabf5b3edd0124cdc1c341dc Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 15 Feb 2023 17:12:22 -0500 Subject: [PATCH 0479/2573] Declarations8: rework DCL30-C --- ...ropriateStorageDurationsFunctionReturn.md} | 2 +- ...ropriateStorageDurationsFunctionReturn.ql} | 14 +- ...priateStorageDurationsStackAdressEscape.md | 190 ++++++++++++++++++ ...priateStorageDurationsStackAdressEscape.ql | 22 ++ ...ateStorageDurationsFunctionReturn.expected | 2 + ...priateStorageDurationsFunctionReturn.qlref | 1 + ...eStorageDurationsStackAdressEscape.testref | 1 + ...tsWithAppropriateStorageDurations.expected | 4 - ...jectsWithAppropriateStorageDurations.qlref | 1 - .../cpp/exclusions/c/Declarations8.qll | 34 +++- rule_packages/c/Declarations8.json | 19 +- 11 files changed, 263 insertions(+), 27 deletions(-) rename c/cert/src/rules/DCL30-C/{DeclareObjectsWithAppropriateStorageDurations.md => AppropriateStorageDurationsFunctionReturn.md} (98%) rename c/cert/src/rules/DCL30-C/{DeclareObjectsWithAppropriateStorageDurations.ql => AppropriateStorageDurationsFunctionReturn.ql} (80%) create mode 100644 c/cert/src/rules/DCL30-C/AppropriateStorageDurationsStackAdressEscape.md create mode 100644 c/cert/src/rules/DCL30-C/AppropriateStorageDurationsStackAdressEscape.ql create mode 100644 c/cert/test/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.expected create mode 100644 c/cert/test/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.qlref create mode 100644 c/cert/test/rules/DCL30-C/AppropriateStorageDurationsStackAdressEscape.testref delete mode 100644 c/cert/test/rules/DCL30-C/DeclareObjectsWithAppropriateStorageDurations.expected delete mode 100644 c/cert/test/rules/DCL30-C/DeclareObjectsWithAppropriateStorageDurations.qlref diff --git a/c/cert/src/rules/DCL30-C/DeclareObjectsWithAppropriateStorageDurations.md b/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.md similarity index 98% rename from c/cert/src/rules/DCL30-C/DeclareObjectsWithAppropriateStorageDurations.md rename to c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.md index d088b49c41..8124cd49cd 100644 --- a/c/cert/src/rules/DCL30-C/DeclareObjectsWithAppropriateStorageDurations.md +++ b/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.md @@ -183,7 +183,7 @@ DCL30-C = Union( CWE-562, list) where list = ## Implementation notes -The rule checks specifically for pointers to objects with automatic storage duration with respect to the following cases: returned by functions, assigned to function output parameters and assigned to static storage duration variables. +The rule checks specifically for pointers to objects with automatic storage duration that are returned by functions or assigned to function output parameters. ## References diff --git a/c/cert/src/rules/DCL30-C/DeclareObjectsWithAppropriateStorageDurations.ql b/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql similarity index 80% rename from c/cert/src/rules/DCL30-C/DeclareObjectsWithAppropriateStorageDurations.ql rename to c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql index c278a3a340..ab9b70912d 100644 --- a/c/cert/src/rules/DCL30-C/DeclareObjectsWithAppropriateStorageDurations.ql +++ b/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql @@ -39,20 +39,12 @@ class FunctionSink extends Sink { } } -class StaticSink extends Sink { - StaticSink() { - exists(StaticStorageDurationVariable s | - this.(DataFlow::PostUpdateNode).getPreUpdateNode().asExpr() = s.getAnAccess() and - s.getUnderlyingType() instanceof PointerType - ) - } -} - from DataFlow::Node src, DataFlow::Node sink where not isExcluded(sink.asExpr(), - Declarations8Package::declareObjectsWithAppropriateStorageDurationsQuery()) and + Declarations8Package::appropriateStorageDurationsFunctionReturnQuery()) and exists(Source s | src.asExpr() = s.getAnAccess()) and sink instanceof Sink and DataFlow::localFlow(src, sink) -select sink, "$@ with automatic storage may be accessible outside of its lifetime.", src, src.toString() +select sink, "$@ with automatic storage may be accessible outside of its lifetime.", src, + src.toString() diff --git a/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsStackAdressEscape.md b/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsStackAdressEscape.md new file mode 100644 index 0000000000..1926ffd7aa --- /dev/null +++ b/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsStackAdressEscape.md @@ -0,0 +1,190 @@ +# DCL30-C: Declare objects with appropriate storage durations + +This query implements the CERT-C rule DCL30-C: + +> Declare objects with appropriate storage durations + + +## Description + +Every object has a storage duration that determines its lifetime: *static*, *thread*, *automatic*, or *allocated*. + +According to the C Standard, 6.2.4, paragraph 2 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\], + +> The lifetime of an object is the portion of program execution during which storage is guaranteed to be reserved for it. An object exists, has a constant address, and retains its last-stored value throughout its lifetime. If an object is referred to outside of its lifetime, the behavior is undefined. The value of a pointer becomes indeterminate when the object it points to reaches the end of its lifetime. + + +Do not attempt to access an object outside of its lifetime. Attempting to do so is [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior) and can lead to an exploitable [vulnerability](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability). (See also [undefined behavior 9](https://wiki.sei.cmu.edu/confluence/display/c/CC.+Undefined+Behavior#CC.UndefinedBehavior-ub_9) in the C Standard, Annex J.) + +## Noncompliant Code Example (Differing Storage Durations) + +In this noncompliant code example, the address of the variable `c_str` with automatic storage duration is assigned to the variable `p`, which has static storage duration. The assignment itself is valid, but it is invalid for `c_str` to go out of scope while `p` holds its address, as happens at the end of `dont_do_this``()`. + +```cpp +#include + +const char *p; +void dont_do_this(void) { + const char c_str[] = "This will change"; + p = c_str; /* Dangerous */ +} + +void innocuous(void) { + printf("%s\n", p); +} + +int main(void) { + dont_do_this(); + innocuous(); + return 0; +} +``` + +## Compliant Solution (Same Storage Durations) + +In this compliant solution, `p` is declared with the same storage duration as `c_str`, preventing `p` from taking on an [indeterminate value](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-indeterminatevalue) outside of `this_is_OK()`: + +```cpp +void this_is_OK(void) { + const char c_str[] = "Everything OK"; + const char *p = c_str; + /* ... */ +} +/* p is inaccessible outside the scope of string c_str */ + +``` +Alternatively, both `p` and `c_str` could be declared with static storage duration. + +## Compliant Solution (Differing Storage Durations) + +If it is necessary for `p` to be defined with static storage duration but `c_str` with a more limited duration, then `p` can be set to `NULL` before `c_str` is destroyed. This practice prevents `p` from taking on an [indeterminate value](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-indeterminatevalue), although any references to `p` must check for `NULL`. + +```cpp +const char *p; +void is_this_OK(void) { + const char c_str[] = "Everything OK?"; + p = c_str; + /* ... */ + p = NULL; +} + +``` + +## Noncompliant Code Example (Return Values) + +In this noncompliant code sample, the function `init_array``()` returns a pointer to a character array with automatic storage duration, which is accessible to the caller: + +```cpp +char *init_array(void) { + char array[10]; + /* Initialize array */ + return array; +} + +``` +Some compilers generate a diagnostic message when a pointer to an object with automatic storage duration is returned from a function, as in this example. Programmers should compile code at high warning levels and resolve any diagnostic messages. (See [MSC00-C. Compile cleanly at high warning levels](https://wiki.sei.cmu.edu/confluence/display/c/MSC00-C.+Compile+cleanly+at+high+warning+levels).) + +## Compliant Solution (Return Values) + +The solution, in this case, depends on the intent of the programmer. If the intent is to modify the value of `array` and have that modification persist outside the scope of `init_array()`, the desired behavior can be achieved by declaring `array` elsewhere and passing it as an argument to `init_array()`: + +```cpp +#include +void init_array(char *array, size_t len) { + /* Initialize array */ + return; +} + +int main(void) { + char array[10]; + init_array(array, sizeof(array) / sizeof(array[0])); + /* ... */ + return 0; +} + +``` + +## Noncompliant Code Example (Output Parameter) + +In this noncompliant code example, the function `squirrel_away()` stores a pointer to local variable `local` into a location pointed to by function parameter `ptr_param`. Upon the return of `squirrel_away()`, the pointer `ptr_param` points to a variable that has an expired lifetime. + +```cpp +void squirrel_away(char **ptr_param) { + char local[10]; + /* Initialize array */ + *ptr_param = local; +} + +void rodent(void) { + char *ptr; + squirrel_away(&ptr); + /* ptr is live but invalid here */ +} + +``` + +## Compliant Solution (Output Parameter) + +In this compliant solution, the variable `local` has static storage duration; consequently, `ptr` can be used to reference the `local` array within the `rodent()` function: + +```cpp +char local[10]; + +void squirrel_away(char **ptr_param) { + /* Initialize array */ + *ptr_param = local; +} + +void rodent(void) { + char *ptr; + squirrel_away(&ptr); + /* ptr is valid in this scope */ +} + +``` + +## Risk Assessment + +Referencing an object outside of its lifetime can result in an attacker being able to execute arbitrary code. + +
Rule Severity Likelihood Remediation Cost Priority Level
DCL30-C High Probable High P6 L2
+ + +## Automated Detection + +
Tool Version Checker Description
Astrée 22.04 pointered-deallocation return-reference-local Fully checked
Axivion Bauhaus Suite 7.2.0 CertC-DCL30 Fully implemented
CodeSonar 7.2p0 LANG.STRUCT.RPL Returns pointer to local
Compass/ROSE Can detect violations of this rule. It automatically detects returning pointers to local variables. Detecting more general cases, such as examples where static pointers are set to local variables which then go out of scope, would be difficult
Coverity 2017.07 RETURN_LOCAL Finds many instances where a function will return a pointer to a local stack variable. Coverity Prevent cannot discover all violations of this rule, so further verification is necessary
Helix QAC 2022.4 C3217, C3225, C3230, C4140 C++2515, C++2516, C++2527, C++2528, C++4026, C++4624, C++4629
Klocwork 2022.4 LOCRET.ARGLOCRET.GLOB LOCRET.RET
LDRA tool suite 9.7.1 42 D, 77 D, 71 S, 565 S Enhanced Enforcement
Parasoft C/C++test 2022.2 CERT_C-DCL30-a CERT_C-DCL30-b The address of an object with automatic storage shall not be returned from a function The address of an object with automatic storage shall not be assigned to another object that may persist after the first object has ceased to exist
PC-lint Plus 1.4 604, 674, 733, 789 Partially supported
Polyspace Bug Finder R2022b CERT C: Rule DCL30-C Checks for pointer or reference to stack variable leaving scope (rule fully covered)
PRQA QA-C 9.7 3217, 3225, 3230, 4140 Partially implemented
PRQA QA-C++ 4.4 2515, 2516, 2527, 2528, 4026, 4624, 4629
PVS-Studio 7.23 V506 , V507 , V558 , V623 , V723 , V738
RuleChecker 22.04 return-reference-local Partially checked
Splint 3.1.1
TrustInSoft Analyzer 1.38 dangling_pointer Exhaustively detects undefined behavior (see one compliant and one non-compliant example ).
+ + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+DCL30-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
Taxonomy Taxonomy item Relationship
CERT C Secure Coding Standard MSC00-C. Compile cleanly at high warning levels Prior to 2018-01-12: CERT: Unspecified Relationship
CERT C EXP54-CPP. Do not access an object outside of its lifetime Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TR 24772:2013 Dangling References to Stack Frames \[DCM\] Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TS 17961 Escaping of the address of an automatic object \[addrescape\] Prior to 2018-01-12: CERT: Unspecified Relationship
MISRA C:2012 Rule 18.6 (required) Prior to 2018-01-12: CERT: Unspecified Relationship
+ + +## CERT-CWE Mapping Notes + +[Key here](https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=87152408#HowthisCodingStandardisOrganized-CERT-CWEMappingNotes) for mapping notes + +**CWE-562 and DCL30-C** + +DCL30-C = Union( CWE-562, list) where list = + +* Assigning a stack pointer to an argument (thereby letting it outlive the current function + +## Bibliography + +
\[ Coverity 2007 \]
\[ ISO/IEC 9899:2011 \] 6.2.4, "Storage Durations of Objects"
+ + +## Implementation notes + +The rule checks specifically for pointers to objects with automatic storage duration that are assigned to static storage duration variables. + +## References + +* CERT-C: [DCL30-C: Declare objects with appropriate storage durations](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsStackAdressEscape.ql b/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsStackAdressEscape.ql new file mode 100644 index 0000000000..afbc1e62e8 --- /dev/null +++ b/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsStackAdressEscape.ql @@ -0,0 +1,22 @@ +/** + * @id c/cert/appropriate-storage-durations-stack-adress-escape + * @name DCL30-C: Declare objects with appropriate storage durations + * @description When storage durations are not compatible between assigned pointers it can lead to + * referring to objects outside of their lifetime, which is undefined behaviour. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/cert/id/dcl30-c + * correctness + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import codingstandards.cpp.rules.donotcopyaddressofautostorageobjecttootherobject.DoNotCopyAddressOfAutoStorageObjectToOtherObject + +class AppropriateStorageDurationsStackAdressEscapeQuery extends DoNotCopyAddressOfAutoStorageObjectToOtherObjectSharedQuery { + AppropriateStorageDurationsStackAdressEscapeQuery() { + this = Declarations8Package::appropriateStorageDurationsStackAdressEscapeQuery() + } +} diff --git a/c/cert/test/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.expected b/c/cert/test/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.expected new file mode 100644 index 0000000000..ff842ddcad --- /dev/null +++ b/c/cert/test/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.expected @@ -0,0 +1,2 @@ +| test.c:3:10:3:10 | a | $@ with automatic storage may be accessible outside of its lifetime. | test.c:3:10:3:10 | a | a | +| test.c:15:4:15:8 | param [inner post update] | $@ with automatic storage may be accessible outside of its lifetime. | test.c:15:12:15:13 | a2 | a2 | diff --git a/c/cert/test/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.qlref b/c/cert/test/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.qlref new file mode 100644 index 0000000000..6541115217 --- /dev/null +++ b/c/cert/test/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.qlref @@ -0,0 +1 @@ +rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql \ No newline at end of file diff --git a/c/cert/test/rules/DCL30-C/AppropriateStorageDurationsStackAdressEscape.testref b/c/cert/test/rules/DCL30-C/AppropriateStorageDurationsStackAdressEscape.testref new file mode 100644 index 0000000000..e1ff9b5ae0 --- /dev/null +++ b/c/cert/test/rules/DCL30-C/AppropriateStorageDurationsStackAdressEscape.testref @@ -0,0 +1 @@ +c/common/test/rules/donotcopyaddressofautostorageobjecttootherobject/DoNotCopyAddressOfAutoStorageObjectToOtherObject.ql \ No newline at end of file diff --git a/c/cert/test/rules/DCL30-C/DeclareObjectsWithAppropriateStorageDurations.expected b/c/cert/test/rules/DCL30-C/DeclareObjectsWithAppropriateStorageDurations.expected deleted file mode 100644 index 92a57418e2..0000000000 --- a/c/cert/test/rules/DCL30-C/DeclareObjectsWithAppropriateStorageDurations.expected +++ /dev/null @@ -1,4 +0,0 @@ -| test.c:3:10:3:10 | a | $@ with automatic storage may be accessible outside of its lifetime. | test.c:3:10:3:10 | a | a | -| test.c:15:4:15:8 | param [inner post update] | $@ with automatic storage may be accessible outside of its lifetime. | test.c:15:12:15:13 | a2 | a2 | -| test.c:21:3:21:3 | g [post update] | $@ with automatic storage may be accessible outside of its lifetime. | test.c:21:7:21:8 | a3 | a3 | -| test.c:32:3:32:3 | g [post update] | $@ with automatic storage may be accessible outside of its lifetime. | test.c:32:7:32:8 | a5 | a5 | diff --git a/c/cert/test/rules/DCL30-C/DeclareObjectsWithAppropriateStorageDurations.qlref b/c/cert/test/rules/DCL30-C/DeclareObjectsWithAppropriateStorageDurations.qlref deleted file mode 100644 index 0c2def1693..0000000000 --- a/c/cert/test/rules/DCL30-C/DeclareObjectsWithAppropriateStorageDurations.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/DCL30-C/DeclareObjectsWithAppropriateStorageDurations.ql \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations8.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations8.qll index 33cacba73b..767373b1c2 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations8.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations8.qll @@ -3,24 +3,42 @@ import cpp import RuleMetadata import codingstandards.cpp.exclusions.RuleMetadata -newtype Declarations8Query = TDeclareObjectsWithAppropriateStorageDurationsQuery() +newtype Declarations8Query = + TAppropriateStorageDurationsStackAdressEscapeQuery() or + TAppropriateStorageDurationsFunctionReturnQuery() predicate isDeclarations8QueryMetadata(Query query, string queryId, string ruleId, string category) { query = - // `Query` instance for the `declareObjectsWithAppropriateStorageDurations` query - Declarations8Package::declareObjectsWithAppropriateStorageDurationsQuery() and + // `Query` instance for the `appropriateStorageDurationsStackAdressEscape` query + Declarations8Package::appropriateStorageDurationsStackAdressEscapeQuery() and queryId = - // `@id` for the `declareObjectsWithAppropriateStorageDurations` query - "c/cert/declare-objects-with-appropriate-storage-durations" and + // `@id` for the `appropriateStorageDurationsStackAdressEscape` query + "c/cert/appropriate-storage-durations-stack-adress-escape" and + ruleId = "DCL30-C" and + category = "rule" + or + query = + // `Query` instance for the `appropriateStorageDurationsFunctionReturn` query + Declarations8Package::appropriateStorageDurationsFunctionReturnQuery() and + queryId = + // `@id` for the `appropriateStorageDurationsFunctionReturn` query + "c/cert/appropriate-storage-durations-function-return" and ruleId = "DCL30-C" and category = "rule" } module Declarations8Package { - Query declareObjectsWithAppropriateStorageDurationsQuery() { + Query appropriateStorageDurationsStackAdressEscapeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `appropriateStorageDurationsStackAdressEscape` query + TQueryC(TDeclarations8PackageQuery(TAppropriateStorageDurationsStackAdressEscapeQuery())) + } + + Query appropriateStorageDurationsFunctionReturnQuery() { //autogenerate `Query` type result = - // `Query` type for `declareObjectsWithAppropriateStorageDurations` query - TQueryC(TDeclarations8PackageQuery(TDeclareObjectsWithAppropriateStorageDurationsQuery())) + // `Query` type for `appropriateStorageDurationsFunctionReturn` query + TQueryC(TDeclarations8PackageQuery(TAppropriateStorageDurationsFunctionReturnQuery())) } } diff --git a/rule_packages/c/Declarations8.json b/rule_packages/c/Declarations8.json index e92056f2ee..a70523b72f 100644 --- a/rule_packages/c/Declarations8.json +++ b/rule_packages/c/Declarations8.json @@ -9,14 +9,29 @@ "description": "When storage durations are not compatible between assigned pointers it can lead to referring to objects outside of their lifetime, which is undefined behaviour.", "kind": "problem", "name": "Declare objects with appropriate storage durations", + "precision": "very-high", + "severity": "error", + "short_name": "AppropriateStorageDurationsStackAdressEscape", + "shared_implementation_short_name": "DoNotCopyAddressOfAutoStorageObjectToOtherObject", + "tags": [ + "correctness" + ], + "implementation_scope": { + "description": "The rule checks specifically for pointers to objects with automatic storage duration that are assigned to static storage duration variables." + } + }, + { + "description": "When pointers to local variables are returned by a function it can lead to referring to objects outside of their lifetime, which is undefined behaviour.", + "kind": "problem", + "name": "Declare objects with appropriate storage durations", "precision": "high", "severity": "error", - "short_name": "DeclareObjectsWithAppropriateStorageDurations", + "short_name": "AppropriateStorageDurationsFunctionReturn", "tags": [ "correctness" ], "implementation_scope": { - "description": "The rule checks specifically for pointers to objects with automatic storage duration with respect to the following cases: returned by functions, assigned to function output parameters and assigned to static storage duration variables." + "description": "The rule checks specifically for pointers to objects with automatic storage duration that are returned by functions or assigned to function output parameters." } } ], From 28fbabe443f9b4479085c17650e936cf0e7b8570 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 15 Feb 2023 17:19:40 -0500 Subject: [PATCH 0480/2573] Declarations8: fix metadata DCL30-C --- .../DCL30-C/AppropriateStorageDurationsStackAdressEscape.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsStackAdressEscape.ql b/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsStackAdressEscape.ql index afbc1e62e8..95e84a6622 100644 --- a/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsStackAdressEscape.ql +++ b/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsStackAdressEscape.ql @@ -4,7 +4,7 @@ * @description When storage durations are not compatible between assigned pointers it can lead to * referring to objects outside of their lifetime, which is undefined behaviour. * @kind problem - * @precision high + * @precision very-high * @problem.severity error * @tags external/cert/id/dcl30-c * correctness From a9a9fe158d60282726cc04b224e5a52414ea2deb Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 15 Feb 2023 17:23:50 -0500 Subject: [PATCH 0481/2573] Declarations8: fix metadata DCL30-C --- .../DCL30-C/AppropriateStorageDurationsFunctionReturn.ql | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql b/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql index ab9b70912d..595bd2e1d4 100644 --- a/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql +++ b/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql @@ -1,8 +1,8 @@ /** - * @id c/cert/declare-objects-with-appropriate-storage-durations + * @id c/cert/appropriate-storage-durations-function-return * @name DCL30-C: Declare objects with appropriate storage durations - * @description When storage durations are not compatible between assigned pointers it can lead to - * referring to objects outside of their lifetime, which is undefined behaviour. + * @description When pointers to local variables are returned by a function it can lead to referring + * to objects outside of their lifetime, which is undefined behaviour. * @kind problem * @precision high * @problem.severity error From 3eca5d6434bb73af3eb320e132963c1196e0aab9 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Wed, 15 Feb 2023 23:00:53 +0000 Subject: [PATCH 0482/2573] EssentialTypes: Ensure compatibility with C++ This query looks for use of memcmp, but previously it would not have worked if the user was using C++ and specified std::memcmp. Although this rule is targeted at C, it is one that a user might enable for C++ and expect to work. --- .../rules/RULE-21-16/MemcmpOnInappropriateEssentialTypeArgs.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/misra/src/rules/RULE-21-16/MemcmpOnInappropriateEssentialTypeArgs.ql b/c/misra/src/rules/RULE-21-16/MemcmpOnInappropriateEssentialTypeArgs.ql index cfeffe16a0..cebc30d6be 100644 --- a/c/misra/src/rules/RULE-21-16/MemcmpOnInappropriateEssentialTypeArgs.ql +++ b/c/misra/src/rules/RULE-21-16/MemcmpOnInappropriateEssentialTypeArgs.ql @@ -20,7 +20,7 @@ import codingstandards.c.misra.EssentialTypes from FunctionCall memcmp, Expr arg, Type argBaseType where not isExcluded(arg, EssentialTypesPackage::memcmpOnInappropriateEssentialTypeArgsQuery()) and - memcmp.getTarget().hasGlobalName("memcmp") and + memcmp.getTarget().hasGlobalOrStdName("memcmp") and // Pointer arguments arg = memcmp.getArgument([0, 1]) and exists(DerivedType pt | From b38552c78ed7a76ca88b1361bd90479e90d011f0 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Wed, 15 Feb 2023 23:04:40 +0000 Subject: [PATCH 0483/2573] EssentialTypes: Implement Rule 21.14 Adds a query to detect the use of memcmp to compare null-terminated strings, using global data flow from hard-coded string literals or array literals. --- ...emcmpUsedToCompareNullTerminatedStrings.ql | 80 +++++++++++++++++++ ...sedToCompareNullTerminatedStrings.expected | 34 ++++++++ ...mpUsedToCompareNullTerminatedStrings.qlref | 1 + c/misra/test/rules/RULE-21-14/test.c | 28 +++++++ .../cpp/exclusions/c/EssentialTypes.qll | 17 ++++ rule_packages/c/EssentialTypes.json | 20 +++++ rules.csv | 2 +- 7 files changed, 181 insertions(+), 1 deletion(-) create mode 100644 c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql create mode 100644 c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected create mode 100644 c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.qlref create mode 100644 c/misra/test/rules/RULE-21-14/test.c diff --git a/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql b/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql new file mode 100644 index 0000000000..9bbec5c398 --- /dev/null +++ b/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql @@ -0,0 +1,80 @@ +/** + * @id c/misra/memcmp-used-to-compare-null-terminated-strings + * @name RULE-21-14: The Standard Library function memcmp shall not be used to compare null terminated strings + * @description Using memcmp to compare null terminated strings may give unexpected results because + * memcmp compares by size with no consideration for the null terminator. + * @kind path-problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-21-14 + * maintainability + * correctness + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.c.misra.EssentialTypes +import semmle.code.cpp.dataflow.TaintTracking +import DataFlow::PathGraph + +// Data flow from a StringLiteral or from an array of characters, to a memcmp call +class NullTerminatedStringToMemcmpConfiguration extends TaintTracking::Configuration { + NullTerminatedStringToMemcmpConfiguration() { this = "NullTerminatedStringToMemcmpConfiguration" } + + override predicate isSource(DataFlow::Node source) { + source.asExpr() instanceof StringLiteral + or + exists(Variable v, ArrayAggregateLiteral aal | + aal = v.getInitializer().getExpr() and + // The array element type is an essentially character type + getEssentialTypeCategory(aal.getElementType()) = EssentiallyCharacterType() and + // Includes a null terminator somewhere in the array initializer + aal.getElementExpr(_).getValue().toInt() = 0 + | + // For local variables, use the array aggregate literal as the source + aal = source.asExpr() + or + // ArrayAggregateLiterals used as initializers for global variables are not viable sources + // for global data flow, so we instead report variable accesses as sources, where the variable + // is constant or is not assigned in the program + v instanceof GlobalVariable and + source.asExpr() = v.getAnAccess() and + ( + v.isConst() + or + not exists(Expr e | e = v.getAnAssignedValue() and not e = aal) + ) + ) + } + + override predicate isSink(DataFlow::Node sink) { + exists(FunctionCall memcmp | + memcmp.getTarget().hasGlobalOrStdName("memcmp") and + sink.asExpr() = memcmp.getArgument([0, 1]) + ) + } +} + +from + FunctionCall memcmp, DataFlow::PathNode source, DataFlow::PathNode sink, + DataFlow::PathNode source1, DataFlow::PathNode arg1, DataFlow::PathNode source2, + DataFlow::PathNode arg2 +where + not isExcluded(memcmp, EssentialTypesPackage::memcmpUsedToCompareNullTerminatedStringsQuery()) and + memcmp.getTarget().hasGlobalOrStdName("memcmp") and + arg1.getNode().asExpr() = memcmp.getArgument(0) and + arg2.getNode().asExpr() = memcmp.getArgument(1) and + // There is a path from a null-terminated string to each argument + exists(NullTerminatedStringToMemcmpConfiguration cfg | + cfg.hasFlowPath(source1, arg1) and + cfg.hasFlowPath(source2, arg2) + ) and + // Produce multiple paths for each result, one for each source/arg pair + ( + source = source1 and sink = arg1 + or + source = source2 and sink = arg2 + ) +select memcmp, source, sink, "memcmp used to compare $@ with $@.", source1, + "null-terminated string", source2, "null-terminated string" diff --git a/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected b/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected new file mode 100644 index 0000000000..bdfec99b4a --- /dev/null +++ b/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected @@ -0,0 +1,34 @@ +edges +| test.c:12:13:12:15 | a | test.c:14:10:14:10 | a | +| test.c:12:13:12:15 | a | test.c:23:13:23:13 | a | +| test.c:12:13:12:15 | a | test.c:24:10:24:10 | a | +| test.c:13:13:13:15 | b | test.c:14:13:14:13 | b | +| test.c:18:15:18:28 | {...} | test.c:21:10:21:10 | e | +| test.c:19:15:19:28 | {...} | test.c:21:13:21:13 | f | +nodes +| test.c:10:10:10:12 | a | semmle.label | a | +| test.c:10:15:10:17 | b | semmle.label | b | +| test.c:12:13:12:15 | a | semmle.label | a | +| test.c:13:13:13:15 | b | semmle.label | b | +| test.c:14:10:14:10 | a | semmle.label | a | +| test.c:14:13:14:13 | b | semmle.label | b | +| test.c:16:10:16:10 | c | semmle.label | c | +| test.c:16:13:16:13 | d | semmle.label | d | +| test.c:18:15:18:28 | {...} | semmle.label | {...} | +| test.c:19:15:19:28 | {...} | semmle.label | {...} | +| test.c:21:10:21:10 | e | semmle.label | e | +| test.c:21:13:21:13 | f | semmle.label | f | +| test.c:23:13:23:13 | a | semmle.label | a | +| test.c:24:10:24:10 | a | semmle.label | a | +| test.c:26:13:26:13 | c | semmle.label | c | +| test.c:27:10:27:10 | c | semmle.label | c | +subpaths +#select +| test.c:10:3:10:8 | call to memcmp | test.c:10:10:10:12 | a | test.c:10:10:10:12 | a | memcmp used to compare $@ with $@. | test.c:10:10:10:12 | a | null-terminated string | test.c:10:15:10:17 | b | null-terminated string | +| test.c:10:3:10:8 | call to memcmp | test.c:10:15:10:17 | b | test.c:10:15:10:17 | b | memcmp used to compare $@ with $@. | test.c:10:10:10:12 | a | null-terminated string | test.c:10:15:10:17 | b | null-terminated string | +| test.c:14:3:14:8 | call to memcmp | test.c:12:13:12:15 | a | test.c:14:10:14:10 | a | memcmp used to compare $@ with $@. | test.c:12:13:12:15 | a | null-terminated string | test.c:13:13:13:15 | b | null-terminated string | +| test.c:14:3:14:8 | call to memcmp | test.c:13:13:13:15 | b | test.c:14:13:14:13 | b | memcmp used to compare $@ with $@. | test.c:12:13:12:15 | a | null-terminated string | test.c:13:13:13:15 | b | null-terminated string | +| test.c:16:3:16:8 | call to memcmp | test.c:16:10:16:10 | c | test.c:16:10:16:10 | c | memcmp used to compare $@ with $@. | test.c:16:10:16:10 | c | null-terminated string | test.c:16:13:16:13 | d | null-terminated string | +| test.c:16:3:16:8 | call to memcmp | test.c:16:13:16:13 | d | test.c:16:13:16:13 | d | memcmp used to compare $@ with $@. | test.c:16:10:16:10 | c | null-terminated string | test.c:16:13:16:13 | d | null-terminated string | +| test.c:21:3:21:8 | call to memcmp | test.c:18:15:18:28 | {...} | test.c:21:10:21:10 | e | memcmp used to compare $@ with $@. | test.c:18:15:18:28 | {...} | null-terminated string | test.c:19:15:19:28 | {...} | null-terminated string | +| test.c:21:3:21:8 | call to memcmp | test.c:19:15:19:28 | {...} | test.c:21:13:21:13 | f | memcmp used to compare $@ with $@. | test.c:18:15:18:28 | {...} | null-terminated string | test.c:19:15:19:28 | {...} | null-terminated string | diff --git a/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.qlref b/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.qlref new file mode 100644 index 0000000000..99017569aa --- /dev/null +++ b/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.qlref @@ -0,0 +1 @@ +rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-14/test.c b/c/misra/test/rules/RULE-21-14/test.c new file mode 100644 index 0000000000..6ca988242e --- /dev/null +++ b/c/misra/test/rules/RULE-21-14/test.c @@ -0,0 +1,28 @@ +#include + +extern char a[10]; +extern char b[10]; + +char c[10] = {'a', 'b', 0}; +char d[10] = {'a', 'b', 0}; + +void testCmp(int *p) { + memcmp("a", "b", 1); // NON_COMPLIANT + + strcpy(a, "a"); + strcpy(b, "b"); + memcmp(a, b, 1); // NON_COMPLIANT + + memcmp(c, d, 1); // NON_COMPLIANT + + char e[10] = {'a', 'b', 0}; + char f[10] = {'a', 'b', 0}; + + memcmp(e, f, 1); // NON_COMPLIANT + + memcmp(p, a, 1); // COMPLIANT + memcmp(a, p, 1); // COMPLIANT + + memcmp(p, c, 1); // COMPLIANT + memcmp(c, p, 1); // COMPLIANT +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/EssentialTypes.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/EssentialTypes.qll index 5e3be0cebb..a29e113146 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/EssentialTypes.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/EssentialTypes.qll @@ -14,6 +14,7 @@ newtype EssentialTypesQuery = TImplicitConversionOfCompositeExpressionQuery() or TInappropriateCastOfCompositeExpressionQuery() or TLoopOverEssentiallyFloatTypeQuery() or + TMemcmpUsedToCompareNullTerminatedStringsQuery() or TMemcmpOnInappropriateEssentialTypeArgsQuery() predicate isEssentialTypesQueryMetadata(Query query, string queryId, string ruleId, string category) { @@ -107,6 +108,15 @@ predicate isEssentialTypesQueryMetadata(Query query, string queryId, string rule ruleId = "RULE-14-1" and category = "required" or + query = + // `Query` instance for the `memcmpUsedToCompareNullTerminatedStrings` query + EssentialTypesPackage::memcmpUsedToCompareNullTerminatedStringsQuery() and + queryId = + // `@id` for the `memcmpUsedToCompareNullTerminatedStrings` query + "c/misra/memcmp-used-to-compare-null-terminated-strings" and + ruleId = "RULE-21-14" and + category = "required" + or query = // `Query` instance for the `memcmpOnInappropriateEssentialTypeArgs` query EssentialTypesPackage::memcmpOnInappropriateEssentialTypeArgsQuery() and @@ -188,6 +198,13 @@ module EssentialTypesPackage { TQueryC(TEssentialTypesPackageQuery(TLoopOverEssentiallyFloatTypeQuery())) } + Query memcmpUsedToCompareNullTerminatedStringsQuery() { + //autogenerate `Query` type + result = + // `Query` type for `memcmpUsedToCompareNullTerminatedStrings` query + TQueryC(TEssentialTypesPackageQuery(TMemcmpUsedToCompareNullTerminatedStringsQuery())) + } + Query memcmpOnInappropriateEssentialTypeArgsQuery() { //autogenerate `Query` type result = diff --git a/rule_packages/c/EssentialTypes.json b/rule_packages/c/EssentialTypes.json index f24b49f7c2..9bdf0a5fe7 100644 --- a/rule_packages/c/EssentialTypes.json +++ b/rule_packages/c/EssentialTypes.json @@ -190,6 +190,26 @@ ], "title": "A loop counter shall not have essentially floating type" }, + "RULE-21-14": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Using memcmp to compare null terminated strings may give unexpected results because memcmp compares by size with no consideration for the null terminator.", + "kind": "path-problem", + "name": "The Standard Library function memcmp shall not be used to compare null terminated strings", + "precision": "very-high", + "severity": "error", + "short_name": "MemcmpUsedToCompareNullTerminatedStrings", + "tags": [ + "maintainability", + "correctness" + ] + } + ], + "title": "The Standard Library function memcmp shall not be used to compare null terminated strings" + }, "RULE-21-16": { "properties": { "obligation": "required" diff --git a/rules.csv b/rules.csv index b083ee015d..6f34213f54 100644 --- a/rules.csv +++ b/rules.csv @@ -756,7 +756,7 @@ c,MISRA-C-2012,RULE-21-10,Yes,Required,,,The Standard Library time and date func c,MISRA-C-2012,RULE-21-11,Yes,Required,,,The standard header file shall not be used,,Banned,Easy, c,MISRA-C-2012,RULE-21-12,Yes,Advisory,,,The exception handling features of should not be used,,Banned,Easy, c,MISRA-C-2012,RULE-21-13,Yes,Mandatory,,,Any value passed to a function in shall be representable as an unsigned char or be the value EOF,,Types,Medium, -c,MISRA-C-2012,RULE-21-14,Yes,Required,,,The Standard Library function memcmp shall not be used to compare null terminated strings,,Types,Hard, +c,MISRA-C-2012,RULE-21-14,Yes,Required,,,The Standard Library function memcmp shall not be used to compare null terminated strings,,EssentialTypes,Hard, c,MISRA-C-2012,RULE-21-15,Yes,Required,,,"The pointer arguments to the Standard Library functions memcpy, memmove and memcmp shall be pointers to qualified or unqualified versions of compatible types",,Types,Medium, c,MISRA-C-2012,RULE-21-16,Yes,Required,,,"The pointer arguments to the Standard Library function memcmp shall point to either a pointer type, an essentially signed type, an essentially unsigned type, an essentially Boolean type or an essentially enum type",,EssentialTypes,Medium, c,MISRA-C-2012,RULE-21-17,Yes,Mandatory,,,Use of the string handling functions from shall not result in accesses beyond the bounds of the objects referenced by their pointer parameters,,Memory2,Hard, From 9a9c53135bcebee1fbbd98d6d6508c9311641add Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Wed, 15 Feb 2023 16:34:43 -0800 Subject: [PATCH 0484/2573] Incorporating suggestions (1): compressing formulas into one --- cpp/autosar/src/rules/A0-1-2/UnusedReturnValue.ql | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/cpp/autosar/src/rules/A0-1-2/UnusedReturnValue.ql b/cpp/autosar/src/rules/A0-1-2/UnusedReturnValue.ql index 0c4c570814..891a44ed2a 100644 --- a/cpp/autosar/src/rules/A0-1-2/UnusedReturnValue.ql +++ b/cpp/autosar/src/rules/A0-1-2/UnusedReturnValue.ql @@ -43,13 +43,8 @@ where // not necessarily able to address those results not fc.isAffectedByMacro() and // Rule allows disabling this rule where a static_cast or a C-style cast to void is applied - not ( - fc.getExplicitlyConverted().(StaticCast).getActualType() instanceof VoidType - or - exists(CStyleCast cast | - not cast.isCompilerGenerated() and - cast.getExpr() = fc and - cast.getActualType() instanceof VoidType - ) + not exists(Cast cast | cast instanceof StaticCast or cast instanceof CStyleCast | + fc.getExplicitlyConverted() = cast and + cast.getActualType() instanceof VoidType ) select fc, "Return value from call to $@ is unused.", f, f.getName() From b14b55ce95f3318913af528aa1144aaa7c2dd899 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Wed, 15 Feb 2023 16:35:31 -0800 Subject: [PATCH 0485/2573] Incorporating suggestions (2): updating comments As well as adding `<<=` to `AnyAssignOperation` as well --- cpp/common/src/codingstandards/cpp/Operator.qll | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Operator.qll b/cpp/common/src/codingstandards/cpp/Operator.qll index 98e9706b90..72ee04b68f 100644 --- a/cpp/common/src/codingstandards/cpp/Operator.qll +++ b/cpp/common/src/codingstandards/cpp/Operator.qll @@ -8,10 +8,10 @@ class AnyAssignOperation extends Expr { AnyAssignOperation() { this instanceof AssignOperation or - // operator op, where op is +=, -=, *=, /=, %=, ^=, &=, |=, >>= + // operator op, where op is +=, -=, *=, /=, %=, ^=, &=, |=, >>=, <<= exists(string op | "operator" + op = this.(FunctionCall).getTarget().getName() and - op in ["+=", "-=", "*=", "/=", "%=", "^=", "&=", "|=", ">>="] + op in ["+=", "-=", "*=", "/=", "%=", "^=", "&=", "|=", ">>=", "<<="] ) } } @@ -121,7 +121,7 @@ class UserAssignmentOperator extends AssignmentOperator { /** An assignment operator of any sort */ class AssignmentOperator extends MemberFunction { AssignmentOperator() { - // operator op, where op is =, +=, -=, *=, /=, %=, ^=, &=, |=, >>= + // operator op, where op is =, +=, -=, *=, /=, %=, ^=, &=, |=, >>=, <<= exists(string op | "operator" + op = this.getName() and op in ["=", "+=", "-=", "*=", "/=", "%=", "^=", "&=", "|=", ">>=", "<<="] From b59d5e923bdba02bd59ce3594c70170ad211f73e Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Wed, 15 Feb 2023 16:36:27 -0800 Subject: [PATCH 0486/2573] Incorporating suggestions (3): delete redundant comment --- cpp/common/src/codingstandards/cpp/deadcode/UnusedParameters.qll | 1 - 1 file changed, 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/deadcode/UnusedParameters.qll b/cpp/common/src/codingstandards/cpp/deadcode/UnusedParameters.qll index 43eaae9223..a7cb976307 100644 --- a/cpp/common/src/codingstandards/cpp/deadcode/UnusedParameters.qll +++ b/cpp/common/src/codingstandards/cpp/deadcode/UnusedParameters.qll @@ -12,7 +12,6 @@ import cpp */ class UsableParameter extends Parameter { UsableParameter() { - /* Regular Function */ // Find the function associated with the parameter exists(Function f | this = f.getAParameter() | // Must have the definition of the function, not just the declaration From fcc4fc62ea8693cd6712229d232e7eddd347d63c Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Thu, 16 Feb 2023 08:41:52 -0800 Subject: [PATCH 0487/2573] update rules.csv --- rules.csv | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/rules.csv b/rules.csv index ef6fee41d7..fa22eecfc1 100644 --- a/rules.csv +++ b/rules.csv @@ -755,9 +755,9 @@ c,MISRA-C-2012,RULE-21-9,Yes,Required,,,The Standard Library functions bsearch a c,MISRA-C-2012,RULE-21-10,Yes,Required,,,The Standard Library time and date functions shall not be used,,Banned,Easy, c,MISRA-C-2012,RULE-21-11,Yes,Required,,,The standard header file shall not be used,,Banned,Easy, c,MISRA-C-2012,RULE-21-12,Yes,Advisory,,,The exception handling features of should not be used,,Banned,Easy, -c,MISRA-C-2012,RULE-21-13,Yes,Mandatory,,,Any value passed to a function in shall be representable as an unsigned char or be the value EOF,,Types,Medium, +c,MISRA-C-2012,RULE-21-13,Yes,Mandatory,,,Any value passed to a function in shall be representable as an unsigned char or be the value EOF,,StandardLibraryFunctionTypes,Medium, c,MISRA-C-2012,RULE-21-14,Yes,Required,,,The Standard Library function memcmp shall not be used to compare null terminated strings,,Types,Hard, -c,MISRA-C-2012,RULE-21-15,Yes,Required,,,"The pointer arguments to the Standard Library functions memcpy, memmove and memcmp shall be pointers to qualified or unqualified versions of compatible types",,Types,Medium, +c,MISRA-C-2012,RULE-21-15,Yes,Required,,,"The pointer arguments to the Standard Library functions memcpy, memmove and memcmp shall be pointers to qualified or unqualified versions of compatible types",,StandardLibraryFunctionTypes,Medium, c,MISRA-C-2012,RULE-21-16,Yes,Required,,,"The pointer arguments to the Standard Library function memcmp shall point to either a pointer type, an essentially signed type, an essentially unsigned type, an essentially Boolean type or an essentially enum type",,Types,Medium, c,MISRA-C-2012,RULE-21-17,Yes,Mandatory,,,Use of the string handling functions from shall not result in accesses beyond the bounds of the objects referenced by their pointer parameters,,Memory2,Hard, c,MISRA-C-2012,RULE-21-18,Yes,Mandatory,,,The size_t argument passed to any function in shall have an appropriate value,,OutOfBounds,Hard, From 05d577f309e12bba6ffab230faedb3aea765901d Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Thu, 16 Feb 2023 15:43:34 -0800 Subject: [PATCH 0488/2573] Update rule package description file --- .../c/StandardLibraryFunctionTypes.json | 38 +++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 rule_packages/c/StandardLibraryFunctionTypes.json diff --git a/rule_packages/c/StandardLibraryFunctionTypes.json b/rule_packages/c/StandardLibraryFunctionTypes.json new file mode 100644 index 0000000000..274eadbced --- /dev/null +++ b/rule_packages/c/StandardLibraryFunctionTypes.json @@ -0,0 +1,38 @@ +{ + "MISRA-C-2012": { + "RULE-21-13": { + "properties": { + "obligation": "mandatory" + }, + "queries": [ + { + "description": "Passing arguments to functions outside the range of unsigned char or EOF causes undefined behavior.", + "kind": "problem", + "name": " function arguments shall be represented as unsigned char", + "precision": "very-high", + "severity": "error", + "short_name": "CtypeFunctionArgNotUnsignedCharOrEof", + "tags": [] + } + ], + "title": "Any value passed to a function in shall be representable as an unsigned char or be the value EOF" + }, + "RULE-21-15": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Passing pointers to incompatible types as arguments to memcpy, memmove and memcmp indicates programmers' confusion.", + "kind": "problem", + "name": "The pointer arguments to the Standard Library functions memcpy, memmove and memcmp shall be pointers", + "precision": "very-high", + "severity": "error", + "short_name": "MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes", + "tags": [] + } + ], + "title": "The pointer arguments to the Standard Library functions memcpy, memmove and memcmp shall be pointers to qualified or unqualified versions of compatible types" + } + } +} \ No newline at end of file From 13feea82bff0e9f4706ab0a65e27be07a6b45a74 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Thu, 16 Feb 2023 16:31:52 -0800 Subject: [PATCH 0489/2573] Create rule files --- .../CtypeFunctionArgNotUnsignedCharOrEof.ql | 19 ++++++++ ...veMemcmpArgNotPointersToCompatibleTypes.ql | 19 ++++++++ ...peFunctionArgNotUnsignedCharOrEof.expected | 1 + ...CtypeFunctionArgNotUnsignedCharOrEof.qlref | 1 + ...mpArgNotPointersToCompatibleTypes.expected | 1 + ...emcmpArgNotPointersToCompatibleTypes.qlref | 1 + .../cpp/exclusions/c/RuleMetadata.qll | 3 ++ .../c/StandardLibraryFunctionTypes.qll | 46 +++++++++++++++++++ 8 files changed, 91 insertions(+) create mode 100644 c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql create mode 100644 c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql create mode 100644 c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.expected create mode 100644 c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.qlref create mode 100644 c/misra/test/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.expected create mode 100644 c/misra/test/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.qlref create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/StandardLibraryFunctionTypes.qll diff --git a/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql b/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql new file mode 100644 index 0000000000..4e539b0028 --- /dev/null +++ b/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql @@ -0,0 +1,19 @@ +/** + * @id c/misra/ctype-function-arg-not-unsigned-char-or-eof + * @name RULE-21-13: function arguments shall be represented as unsigned char + * @description Passing arguments to functions outside the range of unsigned char or EOF + * causes undefined behavior. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-21-13 + * external/misra/obligation/mandatory + */ + +import cpp +import codingstandards.c.misra + +from +where + not isExcluded(x, StandardLibraryFunctionTypesPackage::ctypeFunctionArgNotUnsignedCharOrEofQuery()) and +select diff --git a/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql b/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql new file mode 100644 index 0000000000..a2f68bedec --- /dev/null +++ b/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql @@ -0,0 +1,19 @@ +/** + * @id c/misra/memcpy-memmove-memcmp-arg-not-pointers-to-compatible-types + * @name RULE-21-15: The pointer arguments to the Standard Library functions memcpy, memmove and memcmp shall be pointers + * @description Passing pointers to incompatible types as arguments to memcpy, memmove and memcmp + * indicates programmers' confusion. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-21-15 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +from +where + not isExcluded(x, StandardLibraryFunctionTypesPackage::memcpyMemmoveMemcmpArgNotPointersToCompatibleTypesQuery()) and +select diff --git a/c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.expected b/c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.qlref b/c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.qlref new file mode 100644 index 0000000000..be454538c7 --- /dev/null +++ b/c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.qlref @@ -0,0 +1 @@ +rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.expected b/c/misra/test/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.qlref b/c/misra/test/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.qlref new file mode 100644 index 0000000000..8acf3deee7 --- /dev/null +++ b/c/misra/test/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.qlref @@ -0,0 +1 @@ +rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index aba37072e5..9f0a816411 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -42,6 +42,7 @@ import Preprocessor5 import Preprocessor6 import SideEffects1 import SideEffects2 +import StandardLibraryFunctionTypes import Strings1 import Strings2 import Strings3 @@ -89,6 +90,7 @@ newtype TCQuery = TPreprocessor6PackageQuery(Preprocessor6Query q) or TSideEffects1PackageQuery(SideEffects1Query q) or TSideEffects2PackageQuery(SideEffects2Query q) or + TStandardLibraryFunctionTypesPackageQuery(StandardLibraryFunctionTypesQuery q) or TStrings1PackageQuery(Strings1Query q) or TStrings2PackageQuery(Strings2Query q) or TStrings3PackageQuery(Strings3Query q) or @@ -136,6 +138,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isPreprocessor6QueryMetadata(query, queryId, ruleId, category) or isSideEffects1QueryMetadata(query, queryId, ruleId, category) or isSideEffects2QueryMetadata(query, queryId, ruleId, category) or + isStandardLibraryFunctionTypesQueryMetadata(query, queryId, ruleId, category) or isStrings1QueryMetadata(query, queryId, ruleId, category) or isStrings2QueryMetadata(query, queryId, ruleId, category) or isStrings3QueryMetadata(query, queryId, ruleId, category) or diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/StandardLibraryFunctionTypes.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/StandardLibraryFunctionTypes.qll new file mode 100644 index 0000000000..0d86bd9014 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/StandardLibraryFunctionTypes.qll @@ -0,0 +1,46 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype StandardLibraryFunctionTypesQuery = + TCtypeFunctionArgNotUnsignedCharOrEofQuery() or + TMemcpyMemmoveMemcmpArgNotPointersToCompatibleTypesQuery() + +predicate isStandardLibraryFunctionTypesQueryMetadata( + Query query, string queryId, string ruleId, string category +) { + query = + // `Query` instance for the `ctypeFunctionArgNotUnsignedCharOrEof` query + StandardLibraryFunctionTypesPackage::ctypeFunctionArgNotUnsignedCharOrEofQuery() and + queryId = + // `@id` for the `ctypeFunctionArgNotUnsignedCharOrEof` query + "c/misra/ctype-function-arg-not-unsigned-char-or-eof" and + ruleId = "RULE-21-13" and + category = "mandatory" + or + query = + // `Query` instance for the `memcpyMemmoveMemcmpArgNotPointersToCompatibleTypes` query + StandardLibraryFunctionTypesPackage::memcpyMemmoveMemcmpArgNotPointersToCompatibleTypesQuery() and + queryId = + // `@id` for the `memcpyMemmoveMemcmpArgNotPointersToCompatibleTypes` query + "c/misra/memcpy-memmove-memcmp-arg-not-pointers-to-compatible-types" and + ruleId = "RULE-21-15" and + category = "required" +} + +module StandardLibraryFunctionTypesPackage { + Query ctypeFunctionArgNotUnsignedCharOrEofQuery() { + //autogenerate `Query` type + result = + // `Query` type for `ctypeFunctionArgNotUnsignedCharOrEof` query + TQueryC(TStandardLibraryFunctionTypesPackageQuery(TCtypeFunctionArgNotUnsignedCharOrEofQuery())) + } + + Query memcpyMemmoveMemcmpArgNotPointersToCompatibleTypesQuery() { + //autogenerate `Query` type + result = + // `Query` type for `memcpyMemmoveMemcmpArgNotPointersToCompatibleTypes` query + TQueryC(TStandardLibraryFunctionTypesPackageQuery(TMemcpyMemmoveMemcmpArgNotPointersToCompatibleTypesQuery())) + } +} From ea40969d4117ca9c3fb7548c8e28c40be271034d Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Thu, 16 Feb 2023 17:10:09 -0800 Subject: [PATCH 0490/2573] update ql files and add test.c for RULE-21-13 --- .../CtypeFunctionArgNotUnsignedCharOrEof.ql | 33 +++++++++++++++++-- ...veMemcmpArgNotPointersToCompatibleTypes.ql | 5 +-- c/misra/test/rules/RULE-21-13/test.c | 11 +++++++ 3 files changed, 45 insertions(+), 4 deletions(-) create mode 100644 c/misra/test/rules/RULE-21-13/test.c diff --git a/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql b/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql index 4e539b0028..b2e1e11fa1 100644 --- a/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql +++ b/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql @@ -12,8 +12,37 @@ import cpp import codingstandards.c.misra +import codingstandards.cpp.ReadErrorsAndEOF +import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis +import semmle.code.cpp.rangeanalysis.RangeAnalysisUtils +import semmle.code.cpp.dataflow.DataFlow // TODO use this... -from +query predicate isCtypeFunction(Function function) { + function.getADeclaration().getAFile().(HeaderFile).getShortName() = "_ctype" // TODO: change it back to `ctype` +} + +query predicate isInUnsignedCharRange(Expr var) { + // TODO: shouldn't be an Expr, instead get it as an argument from a FunctionCall that isCtypeFunction + exists(UnsignedCharType unsignedChar | + // Consider cases where the argument's value is cast to some smaller type, clipping the range. + typeLowerBound(unsignedChar) <= lowerBound(var.getFullyConverted()) and + upperBound(var.getFullyConverted()) <= typeUpperBound(unsignedChar) + ) +} + +// Uh oh, this is empty +query predicate isEOFInvocation(EOFInvocation eof) { + any() +} + +/* very early draft */ +query predicate equivToEOF(FunctionCall fc, EOFInvocation eof) { + // var is a param of ctypefunctioncall + isCtypeFunction(fc.getTarget()) and + DataFlow::localFlow(DataFlow::exprNode(eof.getExpr()), DataFlow::exprNode(fc.getArgument(0))) +} +from Element x where not isExcluded(x, StandardLibraryFunctionTypesPackage::ctypeFunctionArgNotUnsignedCharOrEofQuery()) and -select + any() +select 1 diff --git a/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql b/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql index a2f68bedec..672ba37ae7 100644 --- a/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql +++ b/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql @@ -13,7 +13,8 @@ import cpp import codingstandards.c.misra -from +from Element x where not isExcluded(x, StandardLibraryFunctionTypesPackage::memcpyMemmoveMemcmpArgNotPointersToCompatibleTypesQuery()) and -select + any() +select 1 \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-13/test.c b/c/misra/test/rules/RULE-21-13/test.c new file mode 100644 index 0000000000..2417b7d74a --- /dev/null +++ b/c/misra/test/rules/RULE-21-13/test.c @@ -0,0 +1,11 @@ +#include +#include + +void sample() { + unsigned char c1 = 'c'; + int r1 = isalnum(c1); // compliant + unsigned char c2 = EOF; + int r2 = isalnum(c2); // compliant +} + +int main() { return 0; } From cf324601ae1e59e5958eee8d736e8ce986befc81 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 17 Feb 2023 14:44:20 -0500 Subject: [PATCH 0491/2573] alternate spelling --- .../UncompliantOptimizationOptionMustBeDisabledInCompiler.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/src/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.ql b/cpp/autosar/src/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.ql index 18e0326699..3d8fda8926 100644 --- a/cpp/autosar/src/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.ql +++ b/cpp/autosar/src/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.ql @@ -26,7 +26,7 @@ where c.getAnArgument() = flag and flag = [ - "-Ofast", "-ffast-math", "-fgnu-keywords", "-fno-signed-zeroes", "-fno-signed-zeroes", "-menable-unsafe-fp-math", + "-Ofast", "-ffast-math", "-fgnu-keywords", "-fno-signed-zeroes", "-fno-signed-zeros", "-menable-unsafe-fp-math", "-menable-no-nans", "-menable-no-infs", "-menable-unsafe-fp-math", "-ffinite-math-only", "-ffloat-store" ] From cf0d756d3e6dc950dbb9aed13177cbd0a0e6b31b Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Fri, 17 Feb 2023 12:03:04 -0800 Subject: [PATCH 0492/2573] Implement RULE-21-13 --- .../CtypeFunctionArgNotUnsignedCharOrEof.ql | 44 ++++++++++--------- c/misra/test/rules/RULE-21-13/test.c | 15 +++++-- 2 files changed, 34 insertions(+), 25 deletions(-) diff --git a/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql b/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql index b2e1e11fa1..6269d3dcd3 100644 --- a/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql +++ b/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql @@ -15,34 +15,36 @@ import codingstandards.c.misra import codingstandards.cpp.ReadErrorsAndEOF import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis import semmle.code.cpp.rangeanalysis.RangeAnalysisUtils -import semmle.code.cpp.dataflow.DataFlow // TODO use this... -query predicate isCtypeFunction(Function function) { - function.getADeclaration().getAFile().(HeaderFile).getShortName() = "_ctype" // TODO: change it back to `ctype` +class CtypeFunction extends Function { + CtypeFunction() { this.getADeclaration().getAFile().(HeaderFile).getShortName() = "_ctype" } } -query predicate isInUnsignedCharRange(Expr var) { - // TODO: shouldn't be an Expr, instead get it as an argument from a FunctionCall that isCtypeFunction +predicate unsignedCharRange(int lower, int upper, EOFInvocation eof) { exists(UnsignedCharType unsignedChar | - // Consider cases where the argument's value is cast to some smaller type, clipping the range. - typeLowerBound(unsignedChar) <= lowerBound(var.getFullyConverted()) and - upperBound(var.getFullyConverted()) <= typeUpperBound(unsignedChar) + lower = typeLowerBound(unsignedChar) and + upper = upperBound(eof.getExpr()) and + typeLowerBound(unsignedChar) <= lowerBound(eof.getExpr()) and + upperBound(eof.getExpr()) <= typeUpperBound(unsignedChar) ) } -// Uh oh, this is empty -query predicate isEOFInvocation(EOFInvocation eof) { - any() +predicate isEquivToEOF(Expr expr) { + exists(EOFInvocation eof | DataFlow::localFlow(DataFlow::exprNode(eof.getExpr()), DataFlow::exprNode(expr))) } -/* very early draft */ -query predicate equivToEOF(FunctionCall fc, EOFInvocation eof) { - // var is a param of ctypefunctioncall - isCtypeFunction(fc.getTarget()) and - DataFlow::localFlow(DataFlow::exprNode(eof.getExpr()), DataFlow::exprNode(fc.getArgument(0))) -} -from Element x +from FunctionCall ctypeCall where - not isExcluded(x, StandardLibraryFunctionTypesPackage::ctypeFunctionArgNotUnsignedCharOrEofQuery()) and - any() -select 1 + not isExcluded(ctypeCall, + StandardLibraryFunctionTypesPackage::ctypeFunctionArgNotUnsignedCharOrEofQuery()) and + exists(CtypeFunction ctype, UnsignedCharType unsignedChar | + ctypeCall = ctype.getACallToThisFunction() + | + /* The argument's value should be in the `unsigned char` range. */ + typeLowerBound(unsignedChar) <= lowerBound(ctypeCall.getAnArgument().getExplicitlyConverted()) and // consider casts + upperBound(ctypeCall.getAnArgument().getExplicitlyConverted()) <= typeUpperBound(unsignedChar) + or + /* The argument's value is reachable from EOF. */ + exists(EOFInvocation eof | DataFlow::localFlow(DataFlow::exprNode(eof.getExpr()), DataFlow::exprNode(ctypeCall.getAnArgument()))) + ) +select ctypeCall, ctypeCall.getAnArgument() diff --git a/c/misra/test/rules/RULE-21-13/test.c b/c/misra/test/rules/RULE-21-13/test.c index 2417b7d74a..7b0873cdd1 100644 --- a/c/misra/test/rules/RULE-21-13/test.c +++ b/c/misra/test/rules/RULE-21-13/test.c @@ -3,9 +3,16 @@ void sample() { unsigned char c1 = 'c'; - int r1 = isalnum(c1); // compliant - unsigned char c2 = EOF; - int r2 = isalnum(c2); // compliant + int r1 = isalnum(c1); // COMPLIANT: ASCII 99 is within unsigned char range of [0, 255] + unsigned char x1 = EOF; + unsigned char x2 = x1; + unsigned char c2 = x2 + 1; + int r2 = isdigit(c2); // COMPLIANT: EOF (-1) + + int x3 = 256; + int x4 = x3; + int c3 = x4; + int r3 = islower(c3); // NON_COMPLIANT: is outside unsigned char range of[0, 255] } -int main() { return 0; } +int main() { return 0; } \ No newline at end of file From 5104114cd91e54cb1f254584d7f4c498ac7c72cd Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Fri, 17 Feb 2023 13:06:22 -0800 Subject: [PATCH 0493/2573] Refine RULE-21-13 and its unit test --- .../CtypeFunctionArgNotUnsignedCharOrEof.ql | 28 +++++++------------ c/misra/test/rules/RULE-21-13/test.c | 7 ++++- 2 files changed, 16 insertions(+), 19 deletions(-) diff --git a/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql b/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql index 6269d3dcd3..76dadc9cec 100644 --- a/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql +++ b/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql @@ -20,31 +20,23 @@ class CtypeFunction extends Function { CtypeFunction() { this.getADeclaration().getAFile().(HeaderFile).getShortName() = "_ctype" } } -predicate unsignedCharRange(int lower, int upper, EOFInvocation eof) { - exists(UnsignedCharType unsignedChar | - lower = typeLowerBound(unsignedChar) and - upper = upperBound(eof.getExpr()) and - typeLowerBound(unsignedChar) <= lowerBound(eof.getExpr()) and - upperBound(eof.getExpr()) <= typeUpperBound(unsignedChar) - ) -} - -predicate isEquivToEOF(Expr expr) { - exists(EOFInvocation eof | DataFlow::localFlow(DataFlow::exprNode(eof.getExpr()), DataFlow::exprNode(expr))) -} - from FunctionCall ctypeCall where not isExcluded(ctypeCall, StandardLibraryFunctionTypesPackage::ctypeFunctionArgNotUnsignedCharOrEofQuery()) and - exists(CtypeFunction ctype, UnsignedCharType unsignedChar | + not exists(CtypeFunction ctype, UnsignedCharType unsignedChar | ctypeCall = ctype.getACallToThisFunction() | - /* The argument's value should be in the `unsigned char` range. */ + /* The argument's value should be in the `unsigned char` range. */ typeLowerBound(unsignedChar) <= lowerBound(ctypeCall.getAnArgument().getExplicitlyConverted()) and // consider casts upperBound(ctypeCall.getAnArgument().getExplicitlyConverted()) <= typeUpperBound(unsignedChar) or - /* The argument's value is reachable from EOF. */ - exists(EOFInvocation eof | DataFlow::localFlow(DataFlow::exprNode(eof.getExpr()), DataFlow::exprNode(ctypeCall.getAnArgument()))) + /* The argument's value is reachable from EOF. */ + exists(EOFInvocation eof | + DataFlow::localFlow(DataFlow::exprNode(eof.getExpr()), + DataFlow::exprNode(ctypeCall.getAnArgument())) + ) ) -select ctypeCall, ctypeCall.getAnArgument() +select ctypeCall, + "The function $@ accepts an argument $@ that is not unsigned char nor an EOF.", + ctypeCall, ctypeCall.getTarget(), ctypeCall.getAnArgument(), ctypeCall.getAnArgument().toString() diff --git a/c/misra/test/rules/RULE-21-13/test.c b/c/misra/test/rules/RULE-21-13/test.c index 7b0873cdd1..ef8f0d7487 100644 --- a/c/misra/test/rules/RULE-21-13/test.c +++ b/c/misra/test/rules/RULE-21-13/test.c @@ -6,13 +6,18 @@ void sample() { int r1 = isalnum(c1); // COMPLIANT: ASCII 99 is within unsigned char range of [0, 255] unsigned char x1 = EOF; unsigned char x2 = x1; - unsigned char c2 = x2 + 1; + unsigned char c2 = x2; int r2 = isdigit(c2); // COMPLIANT: EOF (-1) int x3 = 256; int x4 = x3; int c3 = x4; int r3 = islower(c3); // NON_COMPLIANT: is outside unsigned char range of[0, 255] + + unsigned char x5 = EOF; + unsigned char x6 = x5; + int c4 = x6 + 10000; + int r4 = isdigit(c4); // NON_COMPLIANT: is outside unsigned char range of[0, 255] } int main() { return 0; } \ No newline at end of file From e0e01937aa37e7027ced91478869b4ea3b735728 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Fri, 17 Feb 2023 14:54:50 -0800 Subject: [PATCH 0494/2573] Draft of RULE-21-15 --- ...veMemcmpArgNotPointersToCompatibleTypes.ql | 16 +++++++++--- c/misra/test/rules/RULE-21-15/test.c | 25 +++++++++++++++++++ 2 files changed, 37 insertions(+), 4 deletions(-) create mode 100644 c/misra/test/rules/RULE-21-15/test.c diff --git a/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql b/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql index 672ba37ae7..c6a4a45e61 100644 --- a/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql +++ b/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql @@ -12,9 +12,17 @@ import cpp import codingstandards.c.misra +import codingstandards.c.Pointers -from Element x +class MemCmpMoveCpy extends BuiltInFunction { + MemCmpMoveCpy() { this.getName().regexpMatch(".+mem(cmp|cpy|move).+") } +} + +from FunctionCall fc where - not isExcluded(x, StandardLibraryFunctionTypesPackage::memcpyMemmoveMemcmpArgNotPointersToCompatibleTypesQuery()) and - any() -select 1 \ No newline at end of file + not isExcluded(fc, + StandardLibraryFunctionTypesPackage::memcpyMemmoveMemcmpArgNotPointersToCompatibleTypesQuery()) and + exists(MemCmpMoveCpy memfun | fc.getTarget() = memfun | + fc.getArgument(0).getUnspecifiedType() = fc.getArgument(1).getUnspecifiedType() + ) +select fc, fc.getArgument(0).getUnspecifiedType(), fc.getArgument(1).getUnspecifiedType() diff --git a/c/misra/test/rules/RULE-21-15/test.c b/c/misra/test/rules/RULE-21-15/test.c new file mode 100644 index 0000000000..0b9f2dd9a5 --- /dev/null +++ b/c/misra/test/rules/RULE-21-15/test.c @@ -0,0 +1,25 @@ +#include + +void sample() { + int from1 = 1000000; + char to1; + memcpy(&from1, &to1, 1); // NON_COMPLIANT, the types are not compatible + + int from2 = 1000000; + int to2; + memcpy(&from2, &to2, 2); // COMPLIANT + + char from3[] = "string"; + char to3[6]; + memmove(from3, to3, 6); // COMPLIANT + + char from4[] = "sstringg"; + int to4[2]; + memmove(from4, to4, 8); // NON_COMPLIANT, despite being equal in byte counts + + char from5[] = "STRING"; + char to5[] = "string"; + memcmp(from5, to5, 2); // COMPLIANT +} + +int main() { return 0; } \ No newline at end of file From 31858561f32774fc5f784c8f6af601c6ced3f891 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Fri, 17 Feb 2023 15:14:35 -0800 Subject: [PATCH 0495/2573] Refine RULE-21-15 --- ...veMemcmpArgNotPointersToCompatibleTypes.ql | 24 +++++++++++++++++-- c/misra/test/rules/RULE-21-15/test.c | 4 ++-- 2 files changed, 24 insertions(+), 4 deletions(-) diff --git a/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql b/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql index c6a4a45e61..c608d042f2 100644 --- a/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql +++ b/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql @@ -14,8 +14,21 @@ import cpp import codingstandards.c.misra import codingstandards.c.Pointers -class MemCmpMoveCpy extends BuiltInFunction { - MemCmpMoveCpy() { this.getName().regexpMatch(".+mem(cmp|cpy|move).+") } +class MemCmpMoveCpy extends Function { + // Couldn't extend BuiltInFunction because it misses `memcmp` + MemCmpMoveCpy() { this.getName().regexpMatch("mem(cmp|cpy|move)") } +} + +query predicate memfunArgTypes(FunctionCall fc, Type dstType, Type srcType) { + ( + fc.getArgument(0).getUnspecifiedType() instanceof PointerType and + fc.getArgument(1).getUnspecifiedType() instanceof PointerType + or + fc.getArgument(0).getUnspecifiedType() instanceof ArrayType and + fc.getArgument(1).getUnspecifiedType() instanceof ArrayType + ) and + dstType = fc.getArgument(0).getUnspecifiedType() and + srcType = fc.getArgument(1).getUnspecifiedType() } from FunctionCall fc @@ -23,6 +36,13 @@ where not isExcluded(fc, StandardLibraryFunctionTypesPackage::memcpyMemmoveMemcmpArgNotPointersToCompatibleTypesQuery()) and exists(MemCmpMoveCpy memfun | fc.getTarget() = memfun | + ( + fc.getArgument(0).getUnspecifiedType() instanceof PointerType and + fc.getArgument(1).getUnspecifiedType() instanceof PointerType + or + fc.getArgument(0).getUnspecifiedType() instanceof ArrayType and + fc.getArgument(1).getUnspecifiedType() instanceof ArrayType + ) and fc.getArgument(0).getUnspecifiedType() = fc.getArgument(1).getUnspecifiedType() ) select fc, fc.getArgument(0).getUnspecifiedType(), fc.getArgument(1).getUnspecifiedType() diff --git a/c/misra/test/rules/RULE-21-15/test.c b/c/misra/test/rules/RULE-21-15/test.c index 0b9f2dd9a5..4a3f233c11 100644 --- a/c/misra/test/rules/RULE-21-15/test.c +++ b/c/misra/test/rules/RULE-21-15/test.c @@ -10,8 +10,8 @@ void sample() { memcpy(&from2, &to2, 2); // COMPLIANT char from3[] = "string"; - char to3[6]; - memmove(from3, to3, 6); // COMPLIANT + char to3[7]; + memmove(from3, to3, 7); // COMPLIANT char from4[] = "sstringg"; int to4[2]; From f9deae51cba91b3f914c5fcc81db4779f3504a32 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Fri, 17 Feb 2023 15:18:36 -0800 Subject: [PATCH 0496/2573] Refine RULE-21-15 --- ...MemmoveMemcmpArgNotPointersToCompatibleTypes.ql | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql b/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql index c608d042f2..4799b3be28 100644 --- a/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql +++ b/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql @@ -35,14 +35,16 @@ from FunctionCall fc where not isExcluded(fc, StandardLibraryFunctionTypesPackage::memcpyMemmoveMemcmpArgNotPointersToCompatibleTypesQuery()) and - exists(MemCmpMoveCpy memfun | fc.getTarget() = memfun | + exists(MemCmpMoveCpy memfun, Type dstType, Type srcType | fc.getTarget() = memfun | + dstType = fc.getArgument(0).getUnspecifiedType() and + srcType = fc.getArgument(1).getUnspecifiedType() and ( - fc.getArgument(0).getUnspecifiedType() instanceof PointerType and - fc.getArgument(1).getUnspecifiedType() instanceof PointerType + dstType instanceof PointerType and + srcType instanceof PointerType or - fc.getArgument(0).getUnspecifiedType() instanceof ArrayType and - fc.getArgument(1).getUnspecifiedType() instanceof ArrayType + dstType instanceof ArrayType and + srcType instanceof ArrayType ) and - fc.getArgument(0).getUnspecifiedType() = fc.getArgument(1).getUnspecifiedType() + dstType = srcType ) select fc, fc.getArgument(0).getUnspecifiedType(), fc.getArgument(1).getUnspecifiedType() From eca1f2681d2afa88e60709bcd2453fde4f4147dd Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Fri, 17 Feb 2023 15:29:37 -0800 Subject: [PATCH 0497/2573] Refine RULE-21-15 --- .../MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql b/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql index 4799b3be28..53b5920842 100644 --- a/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql +++ b/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql @@ -16,10 +16,13 @@ import codingstandards.c.Pointers class MemCmpMoveCpy extends Function { // Couldn't extend BuiltInFunction because it misses `memcmp` - MemCmpMoveCpy() { this.getName().regexpMatch("mem(cmp|cpy|move)") } + MemCmpMoveCpy() { + this.getName().regexpMatch("mem(cmp|cpy|move)") and + this.getADeclaration().getAFile().(HeaderFile).getBaseName() = "string.h" + } } -query predicate memfunArgTypes(FunctionCall fc, Type dstType, Type srcType) { +predicate memfunArgTypes(FunctionCall fc, Type dstType, Type srcType) { ( fc.getArgument(0).getUnspecifiedType() instanceof PointerType and fc.getArgument(1).getUnspecifiedType() instanceof PointerType From 4064b6bd9a8df6780af6006070e27c13c50cee3b Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Fri, 17 Feb 2023 16:23:36 -0800 Subject: [PATCH 0498/2573] Update `.expected` files --- .../RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.expected | 2 +- ...emcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.expected | 4 +++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.expected b/c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.expected index 2ec1a0ac6c..e33707fca6 100644 --- a/c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.expected +++ b/c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.expected @@ -1 +1 @@ -No expected results have yet been specified \ No newline at end of file +| test.c:15:12:15:22 | call to islower | test.c:15:20:15:21 | c3 | \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.expected b/c/misra/test/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.expected index 2ec1a0ac6c..4713de6d72 100644 --- a/c/misra/test/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.expected +++ b/c/misra/test/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.expected @@ -1 +1,3 @@ -No expected results have yet been specified \ No newline at end of file +| test.c:10:3:10:8 | call to memcpy | file://:0:0:0:0 | int * | file://:0:0:0:0 | int * | +| test.c:14:3:14:9 | call to memmove | file://:0:0:0:0 | char[7] | file://:0:0:0:0 | char[7] | +| test.c:22:3:22:8 | call to memcmp | file://:0:0:0:0 | char[7] | file://:0:0:0:0 | char[7] | \ No newline at end of file From 9adcc3621f4be68d86b170664558b00d86282976 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Fri, 17 Feb 2023 16:57:07 -0800 Subject: [PATCH 0499/2573] Refine analysis messages --- .../CtypeFunctionArgNotUnsignedCharOrEof.ql | 6 +++--- ...moveMemcmpArgNotPointersToCompatibleTypes.ql | 17 ++++------------- ...typeFunctionArgNotUnsignedCharOrEof.expected | 3 ++- ...mcmpArgNotPointersToCompatibleTypes.expected | 6 +++--- 4 files changed, 12 insertions(+), 20 deletions(-) diff --git a/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql b/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql index 76dadc9cec..14f983398e 100644 --- a/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql +++ b/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql @@ -17,7 +17,7 @@ import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis import semmle.code.cpp.rangeanalysis.RangeAnalysisUtils class CtypeFunction extends Function { - CtypeFunction() { this.getADeclaration().getAFile().(HeaderFile).getShortName() = "_ctype" } + CtypeFunction() { this.getADeclaration().getAFile().(HeaderFile).getBaseName() = "ctype.h" } } from FunctionCall ctypeCall @@ -38,5 +38,5 @@ where ) ) select ctypeCall, - "The function $@ accepts an argument $@ that is not unsigned char nor an EOF.", - ctypeCall, ctypeCall.getTarget(), ctypeCall.getAnArgument(), ctypeCall.getAnArgument().toString() + "The function " + ctypeCall + " accepts an argument " + + ctypeCall.getAnArgument().toString() + " that is not an unsigned char nor an EOF." diff --git a/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql b/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql index 53b5920842..783dc8e480 100644 --- a/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql +++ b/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql @@ -22,18 +22,6 @@ class MemCmpMoveCpy extends Function { } } -predicate memfunArgTypes(FunctionCall fc, Type dstType, Type srcType) { - ( - fc.getArgument(0).getUnspecifiedType() instanceof PointerType and - fc.getArgument(1).getUnspecifiedType() instanceof PointerType - or - fc.getArgument(0).getUnspecifiedType() instanceof ArrayType and - fc.getArgument(1).getUnspecifiedType() instanceof ArrayType - ) and - dstType = fc.getArgument(0).getUnspecifiedType() and - srcType = fc.getArgument(1).getUnspecifiedType() -} - from FunctionCall fc where not isExcluded(fc, @@ -50,4 +38,7 @@ where ) and dstType = srcType ) -select fc, fc.getArgument(0).getUnspecifiedType(), fc.getArgument(1).getUnspecifiedType() +select fc, + "The dest type " + fc.getArgument(0).getUnspecifiedType() + " and src type " + + fc.getArgument(1).getUnspecifiedType() + " of function " + fc.getTarget() + + " are not compatible." diff --git a/c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.expected b/c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.expected index e33707fca6..8cc86e042f 100644 --- a/c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.expected +++ b/c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.expected @@ -1 +1,2 @@ -| test.c:15:12:15:22 | call to islower | test.c:15:20:15:21 | c3 | \ No newline at end of file +| test.c:15:12:15:22 | call to islower | The function call to islower accepts an argument c3 that is not an unsigned char nor an EOF. | +| test.c:20:12:20:22 | call to isdigit | The function call to isdigit accepts an argument c4 that is not an unsigned char nor an EOF. | \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.expected b/c/misra/test/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.expected index 4713de6d72..2e706e7f33 100644 --- a/c/misra/test/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.expected +++ b/c/misra/test/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.expected @@ -1,3 +1,3 @@ -| test.c:10:3:10:8 | call to memcpy | file://:0:0:0:0 | int * | file://:0:0:0:0 | int * | -| test.c:14:3:14:9 | call to memmove | file://:0:0:0:0 | char[7] | file://:0:0:0:0 | char[7] | -| test.c:22:3:22:8 | call to memcmp | file://:0:0:0:0 | char[7] | file://:0:0:0:0 | char[7] | \ No newline at end of file +| test.c:10:3:10:8 | call to memcpy | The dest type int * and src type int * of function memcpy are not compatible. | +| test.c:14:3:14:9 | call to memmove | The dest type char[7] and src type char[7] of function memmove are not compatible. | +| test.c:22:3:22:8 | call to memcmp | The dest type char[7] and src type char[7] of function memcmp are not compatible. | \ No newline at end of file From 75ea8ffa025556416175b42d022b99e115e1eebd Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Fri, 17 Feb 2023 17:00:08 -0800 Subject: [PATCH 0500/2573] Format test.c --- .../CtypeFunctionArgNotUnsignedCharOrEof.expected | 4 ++-- c/misra/test/rules/RULE-21-13/test.c | 11 +++++++---- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.expected b/c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.expected index 8cc86e042f..6d3f237ae7 100644 --- a/c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.expected +++ b/c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.expected @@ -1,2 +1,2 @@ -| test.c:15:12:15:22 | call to islower | The function call to islower accepts an argument c3 that is not an unsigned char nor an EOF. | -| test.c:20:12:20:22 | call to isdigit | The function call to isdigit accepts an argument c4 that is not an unsigned char nor an EOF. | \ No newline at end of file +| test.c:17:7:17:17 | call to islower | The function call to islower accepts an argument c3 that is not an unsigned char nor an EOF. | +| test.c:23:7:23:17 | call to isdigit | The function call to isdigit accepts an argument c4 that is not an unsigned char nor an EOF. | \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-13/test.c b/c/misra/test/rules/RULE-21-13/test.c index ef8f0d7487..22ad07abdd 100644 --- a/c/misra/test/rules/RULE-21-13/test.c +++ b/c/misra/test/rules/RULE-21-13/test.c @@ -1,9 +1,10 @@ -#include #include +#include void sample() { unsigned char c1 = 'c'; - int r1 = isalnum(c1); // COMPLIANT: ASCII 99 is within unsigned char range of [0, 255] + int r1 = isalnum( + c1); // COMPLIANT: ASCII 99 is within unsigned char range of [0, 255] unsigned char x1 = EOF; unsigned char x2 = x1; unsigned char c2 = x2; @@ -12,12 +13,14 @@ void sample() { int x3 = 256; int x4 = x3; int c3 = x4; - int r3 = islower(c3); // NON_COMPLIANT: is outside unsigned char range of[0, 255] + int r3 = + islower(c3); // NON_COMPLIANT: is outside unsigned char range of[0, 255] unsigned char x5 = EOF; unsigned char x6 = x5; int c4 = x6 + 10000; - int r4 = isdigit(c4); // NON_COMPLIANT: is outside unsigned char range of[0, 255] + int r4 = + isdigit(c4); // NON_COMPLIANT: is outside unsigned char range of[0, 255] } int main() { return 0; } \ No newline at end of file From 321aee180ae54ab350045710315b0e2ed8379c18 Mon Sep 17 00:00:00 2001 From: Shadi Samadi <68650974+s-samadi@users.noreply.github.com> Date: Tue, 21 Feb 2023 12:09:05 +1100 Subject: [PATCH 0501/2573] Update cpp/common/src/codingstandards/cpp/rules/nestedlabelinswitch/NestedLabelInSwitch.qll Co-authored-by: Remco Vermeulen --- .../cpp/rules/nestedlabelinswitch/NestedLabelInSwitch.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/nestedlabelinswitch/NestedLabelInSwitch.qll b/cpp/common/src/codingstandards/cpp/rules/nestedlabelinswitch/NestedLabelInSwitch.qll index a149654c5c..22e977f2d3 100644 --- a/cpp/common/src/codingstandards/cpp/rules/nestedlabelinswitch/NestedLabelInSwitch.qll +++ b/cpp/common/src/codingstandards/cpp/rules/nestedlabelinswitch/NestedLabelInSwitch.qll @@ -1,5 +1,5 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library which includes a `problems` predicate for reporting nested labels in a switch statement. */ import cpp From c9a7b57b0beaacb89e3e0ff4777da232b36433ca Mon Sep 17 00:00:00 2001 From: Shadi Samadi <68650974+s-samadi@users.noreply.github.com> Date: Tue, 21 Feb 2023 12:09:25 +1100 Subject: [PATCH 0502/2573] Update cpp/common/src/codingstandards/cpp/rules/nestedlabelinswitch/NestedLabelInSwitch.qll Co-authored-by: Remco Vermeulen --- .../cpp/rules/nestedlabelinswitch/NestedLabelInSwitch.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/nestedlabelinswitch/NestedLabelInSwitch.qll b/cpp/common/src/codingstandards/cpp/rules/nestedlabelinswitch/NestedLabelInSwitch.qll index 22e977f2d3..0e0156cb90 100644 --- a/cpp/common/src/codingstandards/cpp/rules/nestedlabelinswitch/NestedLabelInSwitch.qll +++ b/cpp/common/src/codingstandards/cpp/rules/nestedlabelinswitch/NestedLabelInSwitch.qll @@ -11,7 +11,7 @@ abstract class NestedLabelInSwitchSharedQuery extends Query { } Query getQuery() { result instanceof NestedLabelInSwitchSharedQuery } query predicate problems( - SwitchCase nestedCase, string message, SwitchCase case, string caseLabel, SwitchStmt switch, + SwitchCase case, string message, Location caseLocation, string caseLabel, SwitchStmt switch, string switchLabel ) { not isExcluded(nestedCase, getQuery()) and From 21a44326770a8d1b6e7d1fe630fc9dcb7dcbd4b7 Mon Sep 17 00:00:00 2001 From: Shadi Samadi Date: Tue, 21 Feb 2023 13:15:58 +1100 Subject: [PATCH 0503/2573] updated rule metadata based on PR feedback --- .../RULE-16-2/NestSwitchLabelInSwitchStatement.ql | 6 +++--- .../cpp/exclusions/c/RuleMetadata.qll | 1 + .../cpp/exclusions/c/Statements1.qll | 14 +++++++++----- .../nestedlabelinswitch/NestedLabelInSwitch.qll | 4 ++-- rule_packages/c/Statements1.json | 6 +++--- 5 files changed, 18 insertions(+), 13 deletions(-) diff --git a/c/misra/src/rules/RULE-16-2/NestSwitchLabelInSwitchStatement.ql b/c/misra/src/rules/RULE-16-2/NestSwitchLabelInSwitchStatement.ql index 2c35b5a185..1cab75f6bf 100644 --- a/c/misra/src/rules/RULE-16-2/NestSwitchLabelInSwitchStatement.ql +++ b/c/misra/src/rules/RULE-16-2/NestSwitchLabelInSwitchStatement.ql @@ -1,10 +1,10 @@ /** * @id c/misra/nest-switch-label-in-switch-statement - * @name RULE-16-2: A switch label shall only be used when the most closely-enclosing compound statement is the body of - * @description Nested switch labels cause undefined behaviour. + * @name RULE-16-2: Nested switch labels shall not be used. + * @description Nested switch labels can lead to unstructured code. * @kind problem * @precision very-high - * @problem.severity error + * @problem.severity recommendation * @tags external/misra/id/rule-16-2 * maintainability * readability diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index 166e8b3b59..022b57dcbf 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -138,6 +138,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isPreprocessor6QueryMetadata(query, queryId, ruleId, category) or isSideEffects1QueryMetadata(query, queryId, ruleId, category) or isSideEffects2QueryMetadata(query, queryId, ruleId, category) or + isStatements1QueryMetadata(query, queryId, ruleId, category) or isStrings1QueryMetadata(query, queryId, ruleId, category) or isStrings2QueryMetadata(query, queryId, ruleId, category) or isStrings3QueryMetadata(query, queryId, ruleId, category) or diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Statements1.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Statements1.qll index 566399fc44..88ea77c7d4 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Statements1.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Statements1.qll @@ -9,14 +9,15 @@ newtype Statements1Query = TEverySwitchShallHaveDefaultLabelQuery() or TDefaultNotFirstOrLastOfSwitchQuery() -predicate isStatements1QueryMetadata(Query query, string queryId, string ruleId) { +predicate isStatements1QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `nestSwitchLabelInSwitchStatement` query Statements1Package::nestSwitchLabelInSwitchStatementQuery() and queryId = // `@id` for the `nestSwitchLabelInSwitchStatement` query "c/misra/nest-switch-label-in-switch-statement" and - ruleId = "RULE-16-2" + ruleId = "RULE-16-2" and + category = "required" or query = // `Query` instance for the `breakShallTerminateSwitchClause` query @@ -24,7 +25,8 @@ predicate isStatements1QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `breakShallTerminateSwitchClause` query "c/misra/break-shall-terminate-switch-clause" and - ruleId = "RULE-16-3" + ruleId = "RULE-16-3" and + category = "required" or query = // `Query` instance for the `everySwitchShallHaveDefaultLabel` query @@ -32,7 +34,8 @@ predicate isStatements1QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `everySwitchShallHaveDefaultLabel` query "c/misra/every-switch-shall-have-default-label" and - ruleId = "RULE-16-4" + ruleId = "RULE-16-4" and + category = "required" or query = // `Query` instance for the `defaultNotFirstOrLastOfSwitch` query @@ -40,7 +43,8 @@ predicate isStatements1QueryMetadata(Query query, string queryId, string ruleId) queryId = // `@id` for the `defaultNotFirstOrLastOfSwitch` query "c/misra/default-not-first-or-last-of-switch" and - ruleId = "RULE-16-5" + ruleId = "RULE-16-5" and + category = "required" } module Statements1Package { diff --git a/cpp/common/src/codingstandards/cpp/rules/nestedlabelinswitch/NestedLabelInSwitch.qll b/cpp/common/src/codingstandards/cpp/rules/nestedlabelinswitch/NestedLabelInSwitch.qll index 0e0156cb90..a1f06734d0 100644 --- a/cpp/common/src/codingstandards/cpp/rules/nestedlabelinswitch/NestedLabelInSwitch.qll +++ b/cpp/common/src/codingstandards/cpp/rules/nestedlabelinswitch/NestedLabelInSwitch.qll @@ -11,11 +11,11 @@ abstract class NestedLabelInSwitchSharedQuery extends Query { } Query getQuery() { result instanceof NestedLabelInSwitchSharedQuery } query predicate problems( - SwitchCase case, string message, Location caseLocation, string caseLabel, SwitchStmt switch, + SwitchCase nestedCase, string message, SwitchCase case, string caseLabel, SwitchStmt switch, string switchLabel ) { not isExcluded(nestedCase, getQuery()) and - switch.getASwitchCase() = nestedCase and + switch.getASwitchCase() = case and not nestedCase.getParentStmt() = switch.getChildStmt() and nestedCase = case and message = diff --git a/rule_packages/c/Statements1.json b/rule_packages/c/Statements1.json index 43c88481cf..f8a05972c2 100644 --- a/rule_packages/c/Statements1.json +++ b/rule_packages/c/Statements1.json @@ -6,11 +6,11 @@ }, "queries": [ { - "description": "Nested switch labels cause undefined behaviour.", + "description": "Nested switch labels can lead to unstructured code.", "kind": "problem", - "name": "A switch label shall only be used when the most closely-enclosing compound statement is the body of", + "name": "Nested switch labels shall not be used.", "precision": "very-high", - "severity": "error", + "severity": "recommendation", "short_name": "NestSwitchLabelInSwitchStatement", "shared_implementation_short_name": "NestedLabelInSwitch", "tags": [ From 48175e7599a32a57f908777b4d1463a8dfe76575 Mon Sep 17 00:00:00 2001 From: Shadi Samadi Date: Tue, 21 Feb 2023 14:22:19 +1100 Subject: [PATCH 0504/2573] Added test case to 16-3 for non last default labels --- .../RULE-16-3/BreakShallTerminateSwitchClause.expected | 1 + c/misra/test/rules/RULE-16-3/test.c | 9 +++++++++ 2 files changed, 10 insertions(+) diff --git a/c/misra/test/rules/RULE-16-3/BreakShallTerminateSwitchClause.expected b/c/misra/test/rules/RULE-16-3/BreakShallTerminateSwitchClause.expected index 3a97de439c..cac08cc449 100644 --- a/c/misra/test/rules/RULE-16-3/BreakShallTerminateSwitchClause.expected +++ b/c/misra/test/rules/RULE-16-3/BreakShallTerminateSwitchClause.expected @@ -1,3 +1,4 @@ | test.c:11:3:11:9 | case ...: | The switch $@ does not terminate with a break statement. | test.c:11:3:11:9 | case ...: | clause | | test.c:14:3:14:9 | case ...: | The switch $@ does not terminate with a break statement. | test.c:14:3:14:9 | case ...: | clause | | test.c:26:3:26:10 | default: | The switch $@ does not terminate with a break statement. | test.c:26:3:26:10 | default: | clause | +| test.c:45:3:45:10 | default: | The switch $@ does not terminate with a break statement. | test.c:45:3:45:10 | default: | clause | diff --git a/c/misra/test/rules/RULE-16-3/test.c b/c/misra/test/rules/RULE-16-3/test.c index ae009174eb..c7cae7216c 100644 --- a/c/misra/test/rules/RULE-16-3/test.c +++ b/c/misra/test/rules/RULE-16-3/test.c @@ -39,3 +39,12 @@ void f2(int p1) { break; } } + +void f3(int p1) { + switch (p1) { + default: // NON_COMPLIANT + p1++; + case 1: // COMPLIANT + break; + } +} \ No newline at end of file From 0e68e41b94b47e4fa8171413d95e20154508a28d Mon Sep 17 00:00:00 2001 From: Shadi Samadi Date: Tue, 21 Feb 2023 14:23:43 +1100 Subject: [PATCH 0505/2573] updated metadata for 16-3 based on PR feedback --- .../src/rules/RULE-16-3/BreakShallTerminateSwitchClause.ql | 4 ++-- rule_packages/c/Statements1.json | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/c/misra/src/rules/RULE-16-3/BreakShallTerminateSwitchClause.ql b/c/misra/src/rules/RULE-16-3/BreakShallTerminateSwitchClause.ql index 04cd95a6fe..e62fe8c8d4 100644 --- a/c/misra/src/rules/RULE-16-3/BreakShallTerminateSwitchClause.ql +++ b/c/misra/src/rules/RULE-16-3/BreakShallTerminateSwitchClause.ql @@ -4,8 +4,8 @@ * @description An unterminated switch-clause occurring at the end of a switch statement may fall * into switch clauses which are added later. * @kind problem - * @precision very-high - * @problem.severity error + * @precision high + * @problem.severity warning * @tags external/misra/id/rule-16-3 * maintainability * readability diff --git a/rule_packages/c/Statements1.json b/rule_packages/c/Statements1.json index f8a05972c2..13798b1a3f 100644 --- a/rule_packages/c/Statements1.json +++ b/rule_packages/c/Statements1.json @@ -30,8 +30,8 @@ "description": "An unterminated switch-clause occurring at the end of a switch statement may fall into switch clauses which are added later.", "kind": "problem", "name": "An unconditional break statement shall terminate every switch-clause", - "precision": "very-high", - "severity": "error", + "precision": "high", + "severity": "warning", "short_name": "BreakShallTerminateSwitchClause", "tags": [ "maintainability", From 6b575f4a84b53840f0bad3665414557be39ca1ce Mon Sep 17 00:00:00 2001 From: Shadi Samadi Date: Tue, 21 Feb 2023 15:15:27 +1100 Subject: [PATCH 0506/2573] updated metadata for 16-5 --- c/misra/src/rules/RULE-16-5/DefaultNotFirstOrLastOfSwitch.ql | 4 ++-- rule_packages/c/Statements1.json | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/c/misra/src/rules/RULE-16-5/DefaultNotFirstOrLastOfSwitch.ql b/c/misra/src/rules/RULE-16-5/DefaultNotFirstOrLastOfSwitch.ql index 457fd4ba2f..22565b708e 100644 --- a/c/misra/src/rules/RULE-16-5/DefaultNotFirstOrLastOfSwitch.ql +++ b/c/misra/src/rules/RULE-16-5/DefaultNotFirstOrLastOfSwitch.ql @@ -1,10 +1,10 @@ /** * @id c/misra/default-not-first-or-last-of-switch - * @name RULE-16-5: A default label shall appear as either the first or the last switch label of a switch statement + * @name RULE-16-5: A default label shall appear as either the first or the last switch label or a switch statement * @description Locating the default label is easy when it the first of last label. * @kind problem * @precision very-high - * @problem.severity error + * @problem.severity recommendation * @tags external/misra/id/rule-16-5 * external/misra/obligation/required */ diff --git a/rule_packages/c/Statements1.json b/rule_packages/c/Statements1.json index 13798b1a3f..f6e377e592 100644 --- a/rule_packages/c/Statements1.json +++ b/rule_packages/c/Statements1.json @@ -69,9 +69,9 @@ { "description": "Locating the default label is easy when it the first of last label.", "kind": "problem", - "name": "A default label shall appear as either the first or the last switch label of a switch statement", + "name": "A default label shall appear as either the first or the last switch label or a switch statement", "precision": "very-high", - "severity": "error", + "severity": "recommendation", "short_name": "DefaultNotFirstOrLastOfSwitch", "tags": [] } From 9f6b224671cc5634fac6ef4e1915408272a548d3 Mon Sep 17 00:00:00 2001 From: Shadi Samadi Date: Tue, 21 Feb 2023 15:19:57 +1100 Subject: [PATCH 0507/2573] removed full stop from name property of 16-2 --- c/misra/src/rules/RULE-16-2/NestSwitchLabelInSwitchStatement.ql | 2 +- rule_packages/c/Statements1.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/c/misra/src/rules/RULE-16-2/NestSwitchLabelInSwitchStatement.ql b/c/misra/src/rules/RULE-16-2/NestSwitchLabelInSwitchStatement.ql index 1cab75f6bf..df4b6fc93a 100644 --- a/c/misra/src/rules/RULE-16-2/NestSwitchLabelInSwitchStatement.ql +++ b/c/misra/src/rules/RULE-16-2/NestSwitchLabelInSwitchStatement.ql @@ -1,6 +1,6 @@ /** * @id c/misra/nest-switch-label-in-switch-statement - * @name RULE-16-2: Nested switch labels shall not be used. + * @name RULE-16-2: Nested switch labels shall not be used * @description Nested switch labels can lead to unstructured code. * @kind problem * @precision very-high diff --git a/rule_packages/c/Statements1.json b/rule_packages/c/Statements1.json index f6e377e592..903172ae51 100644 --- a/rule_packages/c/Statements1.json +++ b/rule_packages/c/Statements1.json @@ -8,7 +8,7 @@ { "description": "Nested switch labels can lead to unstructured code.", "kind": "problem", - "name": "Nested switch labels shall not be used.", + "name": "Nested switch labels shall not be used", "precision": "very-high", "severity": "recommendation", "short_name": "NestSwitchLabelInSwitchStatement", From 9336a3e51981141cb01fa51c99d58062a77652af Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Tue, 21 Feb 2023 08:43:46 -0800 Subject: [PATCH 0508/2573] Some minor comments --- .../rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql | 4 ++-- .../MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql | 2 ++ 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql b/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql index 14f983398e..b7dc3dfba6 100644 --- a/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql +++ b/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql @@ -27,11 +27,11 @@ where not exists(CtypeFunction ctype, UnsignedCharType unsignedChar | ctypeCall = ctype.getACallToThisFunction() | - /* The argument's value should be in the `unsigned char` range. */ + /* Case 1: The argument's value should be in the `unsigned char` range. */ typeLowerBound(unsignedChar) <= lowerBound(ctypeCall.getAnArgument().getExplicitlyConverted()) and // consider casts upperBound(ctypeCall.getAnArgument().getExplicitlyConverted()) <= typeUpperBound(unsignedChar) or - /* The argument's value is reachable from EOF. */ + /* Case 2: EOF flows to this argument without modifications. */ exists(EOFInvocation eof | DataFlow::localFlow(DataFlow::exprNode(eof.getExpr()), DataFlow::exprNode(ctypeCall.getAnArgument())) diff --git a/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql b/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql index 783dc8e480..d1af922682 100644 --- a/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql +++ b/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql @@ -30,9 +30,11 @@ where dstType = fc.getArgument(0).getUnspecifiedType() and srcType = fc.getArgument(1).getUnspecifiedType() and ( + /* Case 1: dst and src are pointer types */ dstType instanceof PointerType and srcType instanceof PointerType or + /* Case 2: dst and src are array types */ dstType instanceof ArrayType and srcType instanceof ArrayType ) and From f09cc5d4c3087c58103def7f14809e4758d4dd55 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Tue, 21 Feb 2023 09:02:34 -0800 Subject: [PATCH 0509/2573] Minor comment --- .../rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql b/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql index b7dc3dfba6..b302bf7c37 100644 --- a/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql +++ b/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql @@ -28,7 +28,8 @@ where ctypeCall = ctype.getACallToThisFunction() | /* Case 1: The argument's value should be in the `unsigned char` range. */ - typeLowerBound(unsignedChar) <= lowerBound(ctypeCall.getAnArgument().getExplicitlyConverted()) and // consider casts + // Use `.getExplicitlyConverted` to consider inline argument casts. + typeLowerBound(unsignedChar) <= lowerBound(ctypeCall.getAnArgument().getExplicitlyConverted()) and upperBound(ctypeCall.getAnArgument().getExplicitlyConverted()) <= typeUpperBound(unsignedChar) or /* Case 2: EOF flows to this argument without modifications. */ From ddb85d0c38df5912f79277a86127080567936132 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Tue, 21 Feb 2023 09:07:19 -0800 Subject: [PATCH 0510/2573] Oh no --- .../MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql b/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql index d1af922682..2c585d8f10 100644 --- a/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql +++ b/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql @@ -38,7 +38,7 @@ where dstType instanceof ArrayType and srcType instanceof ArrayType ) and - dstType = srcType + not dstType = srcType ) select fc, "The dest type " + fc.getArgument(0).getUnspecifiedType() + " and src type " + From 9be18f2763c6bdfe51ec21b282e4cffe98bbc694 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Tue, 21 Feb 2023 11:20:58 -0800 Subject: [PATCH 0511/2573] Oh no (2) Forgot the test files --- ...mcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.expected | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/c/misra/test/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.expected b/c/misra/test/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.expected index 2e706e7f33..67bb52d079 100644 --- a/c/misra/test/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.expected +++ b/c/misra/test/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.expected @@ -1,3 +1,2 @@ -| test.c:10:3:10:8 | call to memcpy | The dest type int * and src type int * of function memcpy are not compatible. | -| test.c:14:3:14:9 | call to memmove | The dest type char[7] and src type char[7] of function memmove are not compatible. | -| test.c:22:3:22:8 | call to memcmp | The dest type char[7] and src type char[7] of function memcmp are not compatible. | \ No newline at end of file +| test.c:6:3:6:8 | call to memcpy | The dest type int * and src type char * of function memcpy are not compatible. | +| test.c:18:3:18:9 | call to memmove | The dest type char[9] and src type int[2] of function memmove are not compatible. | \ No newline at end of file From 80b891f0472d8151a33a91a49451900e19fafdd5 Mon Sep 17 00:00:00 2001 From: Shadi Samadi Date: Wed, 22 Feb 2023 07:33:10 +1100 Subject: [PATCH 0512/2573] WIP --- .../GotoStatementCondition.expected | 1 + .../GotoStatementCondition.ql | 2 + .../test/rules/gotostatementcondition/test.c | 0 .../RULE-15-2/GotoLabelLocationCondition.ql | 20 ++++ .../RULE-15-3/GotoLabelBlockCondition.ql | 19 ++++ .../rules/RULE-15-4/LoopIterationCondition.ql | 18 ++++ .../RULE-16-6/SwitchClauseNumberCondition.ql | 18 ++++ .../SwitchExpressionBoolCondition.ql | 18 ++++ .../GotoLabelLocationCondition.expected | 1 + .../GotoLabelLocationCondition.qlref | 1 + .../GotoLabelLocationCondition.testref | 1 + .../GotoLabelBlockCondition.expected | 1 + .../RULE-15-3/GotoLabelBlockCondition.qlref | 1 + .../RULE-15-4/LoopIterationCondition.expected | 1 + .../RULE-15-4/LoopIterationCondition.qlref | 1 + .../SwitchClauseNumberCondition.expected | 1 + .../SwitchClauseNumberCondition.qlref | 1 + .../SwitchExpressionBoolCondition.expected | 1 + .../SwitchExpressionBoolCondition.qlref | 1 + .../M6-6-2/GotoStatementJumpCondition.ql | 24 ++--- .../M6-6-2/GotoStatementJumpCondition.testref | 1 + .../cpp/exclusions/c/RuleMetadata.qll | 3 + .../cpp/exclusions/c/Statements2.qll | 95 +++++++++++++++++++ .../GotoStatementCondition.qll | 52 ++++++++++ .../GotoStatementCondition.expected | 1 + .../GotoStatementCondition.ql | 2 + .../rules/gotostatementcondition/test.cpp | 0 rule_packages/c/Statements2.json | 90 ++++++++++++++++++ rule_packages/cpp/Conditionals.json | 1 + rules.csv | 10 +- 30 files changed, 363 insertions(+), 23 deletions(-) create mode 100644 c/common/test/rules/gotostatementcondition/GotoStatementCondition.expected create mode 100644 c/common/test/rules/gotostatementcondition/GotoStatementCondition.ql create mode 100644 c/common/test/rules/gotostatementcondition/test.c create mode 100644 c/misra/src/rules/RULE-15-2/GotoLabelLocationCondition.ql create mode 100644 c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql create mode 100644 c/misra/src/rules/RULE-15-4/LoopIterationCondition.ql create mode 100644 c/misra/src/rules/RULE-16-6/SwitchClauseNumberCondition.ql create mode 100644 c/misra/src/rules/RULE-16-7/SwitchExpressionBoolCondition.ql create mode 100644 c/misra/test/rules/RULE-15-2/GotoLabelLocationCondition.expected create mode 100644 c/misra/test/rules/RULE-15-2/GotoLabelLocationCondition.qlref create mode 100644 c/misra/test/rules/RULE-15-2/GotoLabelLocationCondition.testref create mode 100644 c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.expected create mode 100644 c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.qlref create mode 100644 c/misra/test/rules/RULE-15-4/LoopIterationCondition.expected create mode 100644 c/misra/test/rules/RULE-15-4/LoopIterationCondition.qlref create mode 100644 c/misra/test/rules/RULE-16-6/SwitchClauseNumberCondition.expected create mode 100644 c/misra/test/rules/RULE-16-6/SwitchClauseNumberCondition.qlref create mode 100644 c/misra/test/rules/RULE-16-7/SwitchExpressionBoolCondition.expected create mode 100644 c/misra/test/rules/RULE-16-7/SwitchExpressionBoolCondition.qlref create mode 100644 cpp/autosar/test/rules/M6-6-2/GotoStatementJumpCondition.testref create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/Statements2.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/gotostatementcondition/GotoStatementCondition.qll create mode 100644 cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.expected create mode 100644 cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.ql create mode 100644 cpp/common/test/rules/gotostatementcondition/test.cpp create mode 100644 rule_packages/c/Statements2.json diff --git a/c/common/test/rules/gotostatementcondition/GotoStatementCondition.expected b/c/common/test/rules/gotostatementcondition/GotoStatementCondition.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/common/test/rules/gotostatementcondition/GotoStatementCondition.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/common/test/rules/gotostatementcondition/GotoStatementCondition.ql b/c/common/test/rules/gotostatementcondition/GotoStatementCondition.ql new file mode 100644 index 0000000000..826a161cc6 --- /dev/null +++ b/c/common/test/rules/gotostatementcondition/GotoStatementCondition.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.gotostatementcondition.GotoStatementCondition diff --git a/c/common/test/rules/gotostatementcondition/test.c b/c/common/test/rules/gotostatementcondition/test.c new file mode 100644 index 0000000000..e69de29bb2 diff --git a/c/misra/src/rules/RULE-15-2/GotoLabelLocationCondition.ql b/c/misra/src/rules/RULE-15-2/GotoLabelLocationCondition.ql new file mode 100644 index 0000000000..36d1640d6b --- /dev/null +++ b/c/misra/src/rules/RULE-15-2/GotoLabelLocationCondition.ql @@ -0,0 +1,20 @@ +/** + * @id c/misra/goto-label-location-condition + * @name RULE-15-2: The goto statement shall jump to a label declared later in the same function + * @description Unconstrained use of goto can lead to unstructured code + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-15-2 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.rules.gotostatementcondition.GotoStatementCondition + +class GotoLabelLocationConditionQuery extends GotoStatementConditionSharedQuery { + GotoLabelLocationConditionQuery() { + this = Statements2Package::gotoLabelLocationConditionQuery() + } +} diff --git a/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql b/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql new file mode 100644 index 0000000000..f4388a0818 --- /dev/null +++ b/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql @@ -0,0 +1,19 @@ +/** + * @id c/misra/goto-label-block-condition + * @name RULE-15-3: Any label referenced by a goto statement shall be declared in the same block, or in any block + * @description Any label referenced by a goto statement shall be declared in the same block, or in + * any block enclosing the goto statement + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-15-3 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +from +where + not isExcluded(x, Statements2Package::gotoLabelBlockConditionQuery()) and +select diff --git a/c/misra/src/rules/RULE-15-4/LoopIterationCondition.ql b/c/misra/src/rules/RULE-15-4/LoopIterationCondition.ql new file mode 100644 index 0000000000..c9b49b5f56 --- /dev/null +++ b/c/misra/src/rules/RULE-15-4/LoopIterationCondition.ql @@ -0,0 +1,18 @@ +/** + * @id c/misra/loop-iteration-condition + * @name RULE-15-4: There should be no more than one break or goto statement used to terminate any iteration statement + * @description + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-15-4 + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.c.misra + +from +where + not isExcluded(x, Statements2Package::loopIterationConditionQuery()) and +select diff --git a/c/misra/src/rules/RULE-16-6/SwitchClauseNumberCondition.ql b/c/misra/src/rules/RULE-16-6/SwitchClauseNumberCondition.ql new file mode 100644 index 0000000000..6b2bc9278e --- /dev/null +++ b/c/misra/src/rules/RULE-16-6/SwitchClauseNumberCondition.ql @@ -0,0 +1,18 @@ +/** + * @id c/misra/switch-clause-number-condition + * @name RULE-16-6: Every switch statement shall have at least two switch-clauses + * @description + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-16-6 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +from +where + not isExcluded(x, Statements2Package::switchClauseNumberConditionQuery()) and +select diff --git a/c/misra/src/rules/RULE-16-7/SwitchExpressionBoolCondition.ql b/c/misra/src/rules/RULE-16-7/SwitchExpressionBoolCondition.ql new file mode 100644 index 0000000000..54b143c464 --- /dev/null +++ b/c/misra/src/rules/RULE-16-7/SwitchExpressionBoolCondition.ql @@ -0,0 +1,18 @@ +/** + * @id c/misra/switch-expression-bool-condition + * @name RULE-16-7: A switch-expression shall not have essentially Boolean type + * @description + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-16-7 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +from +where + not isExcluded(x, Statements2Package::switchExpressionBoolConditionQuery()) and +select diff --git a/c/misra/test/rules/RULE-15-2/GotoLabelLocationCondition.expected b/c/misra/test/rules/RULE-15-2/GotoLabelLocationCondition.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/RULE-15-2/GotoLabelLocationCondition.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-15-2/GotoLabelLocationCondition.qlref b/c/misra/test/rules/RULE-15-2/GotoLabelLocationCondition.qlref new file mode 100644 index 0000000000..6a35e05154 --- /dev/null +++ b/c/misra/test/rules/RULE-15-2/GotoLabelLocationCondition.qlref @@ -0,0 +1 @@ +rules/RULE-15-2/GotoLabelLocationCondition.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-15-2/GotoLabelLocationCondition.testref b/c/misra/test/rules/RULE-15-2/GotoLabelLocationCondition.testref new file mode 100644 index 0000000000..0573c85129 --- /dev/null +++ b/c/misra/test/rules/RULE-15-2/GotoLabelLocationCondition.testref @@ -0,0 +1 @@ +c/common/test/rules/gotostatementcondition/GotoStatementCondition.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.expected b/c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.qlref b/c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.qlref new file mode 100644 index 0000000000..5f430f0790 --- /dev/null +++ b/c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.qlref @@ -0,0 +1 @@ +rules/RULE-15-3/GotoLabelBlockCondition.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-15-4/LoopIterationCondition.expected b/c/misra/test/rules/RULE-15-4/LoopIterationCondition.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/RULE-15-4/LoopIterationCondition.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-15-4/LoopIterationCondition.qlref b/c/misra/test/rules/RULE-15-4/LoopIterationCondition.qlref new file mode 100644 index 0000000000..33ff4561da --- /dev/null +++ b/c/misra/test/rules/RULE-15-4/LoopIterationCondition.qlref @@ -0,0 +1 @@ +rules/RULE-15-4/LoopIterationCondition.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-16-6/SwitchClauseNumberCondition.expected b/c/misra/test/rules/RULE-16-6/SwitchClauseNumberCondition.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/RULE-16-6/SwitchClauseNumberCondition.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-16-6/SwitchClauseNumberCondition.qlref b/c/misra/test/rules/RULE-16-6/SwitchClauseNumberCondition.qlref new file mode 100644 index 0000000000..6502b855f9 --- /dev/null +++ b/c/misra/test/rules/RULE-16-6/SwitchClauseNumberCondition.qlref @@ -0,0 +1 @@ +rules/RULE-16-6/SwitchClauseNumberCondition.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-16-7/SwitchExpressionBoolCondition.expected b/c/misra/test/rules/RULE-16-7/SwitchExpressionBoolCondition.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/RULE-16-7/SwitchExpressionBoolCondition.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-16-7/SwitchExpressionBoolCondition.qlref b/c/misra/test/rules/RULE-16-7/SwitchExpressionBoolCondition.qlref new file mode 100644 index 0000000000..dc86fab7e9 --- /dev/null +++ b/c/misra/test/rules/RULE-16-7/SwitchExpressionBoolCondition.qlref @@ -0,0 +1 @@ +rules/RULE-16-7/SwitchExpressionBoolCondition.ql \ No newline at end of file diff --git a/cpp/autosar/src/rules/M6-6-2/GotoStatementJumpCondition.ql b/cpp/autosar/src/rules/M6-6-2/GotoStatementJumpCondition.ql index 89e35990d5..bde6e8ddee 100644 --- a/cpp/autosar/src/rules/M6-6-2/GotoStatementJumpCondition.ql +++ b/cpp/autosar/src/rules/M6-6-2/GotoStatementJumpCondition.ql @@ -15,22 +15,10 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.rules.gotostatementcondition.GotoStatementCondition -from GotoStmt goto, Stmt target -where - not isExcluded(goto, ConditionalsPackage::gotoStatementJumpConditionQuery()) and - target = goto.getTarget() and - exists(Location targetLoc, Location gotoLoc | - targetLoc = target.getLocation() and - gotoLoc = goto.getLocation() and - targetLoc.getFile() = gotoLoc.getFile() - | - // Starts on a previous line - targetLoc.getStartLine() < gotoLoc.getEndLine() - or - // Starts on the same line, but an earlier column - targetLoc.getStartLine() = gotoLoc.getEndLine() and - targetLoc.getEndColumn() < gotoLoc.getStartColumn() - ) -select goto, "The goto jumps to the label $@ that is not declared later in the same function.", - target, goto.getName() +class GotoStatementJumpConditionQuery extends GotoStatementConditionSharedQuery { + GotoStatementJumpConditionQuery() { + this = ConditionalsPackage::gotoStatementJumpConditionQuery() + } +} diff --git a/cpp/autosar/test/rules/M6-6-2/GotoStatementJumpCondition.testref b/cpp/autosar/test/rules/M6-6-2/GotoStatementJumpCondition.testref new file mode 100644 index 0000000000..b4f807e8e2 --- /dev/null +++ b/cpp/autosar/test/rules/M6-6-2/GotoStatementJumpCondition.testref @@ -0,0 +1 @@ +cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.ql \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index 022b57dcbf..e480438be3 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -43,6 +43,7 @@ import Preprocessor6 import SideEffects1 import SideEffects2 import Statements1 +import Statements2 import Strings1 import Strings2 import Strings3 @@ -91,6 +92,7 @@ newtype TCQuery = TSideEffects1PackageQuery(SideEffects1Query q) or TSideEffects2PackageQuery(SideEffects2Query q) or TStatements1PackageQuery(Statements1Query q) or + TStatements2PackageQuery(Statements2Query q) or TStrings1PackageQuery(Strings1Query q) or TStrings2PackageQuery(Strings2Query q) or TStrings3PackageQuery(Strings3Query q) or @@ -139,6 +141,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isSideEffects1QueryMetadata(query, queryId, ruleId, category) or isSideEffects2QueryMetadata(query, queryId, ruleId, category) or isStatements1QueryMetadata(query, queryId, ruleId, category) or + isStatements2QueryMetadata(query, queryId, ruleId, category) or isStrings1QueryMetadata(query, queryId, ruleId, category) or isStrings2QueryMetadata(query, queryId, ruleId, category) or isStrings3QueryMetadata(query, queryId, ruleId, category) or diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Statements2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Statements2.qll new file mode 100644 index 0000000000..49dd38c316 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Statements2.qll @@ -0,0 +1,95 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype Statements2Query = + TGotoLabelLocationConditionQuery() or + TGotoLabelBlockConditionQuery() or + TLoopIterationConditionQuery() or + TSwitchClauseNumberConditionQuery() or + TSwitchExpressionBoolConditionQuery() + +predicate isStatements2QueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `gotoLabelLocationCondition` query + Statements2Package::gotoLabelLocationConditionQuery() and + queryId = + // `@id` for the `gotoLabelLocationCondition` query + "c/misra/goto-label-location-condition" and + ruleId = "RULE-15-2" and + category = "required" + or + query = + // `Query` instance for the `gotoLabelBlockCondition` query + Statements2Package::gotoLabelBlockConditionQuery() and + queryId = + // `@id` for the `gotoLabelBlockCondition` query + "c/misra/goto-label-block-condition" and + ruleId = "RULE-15-3" and + category = "required" + or + query = + // `Query` instance for the `loopIterationCondition` query + Statements2Package::loopIterationConditionQuery() and + queryId = + // `@id` for the `loopIterationCondition` query + "c/misra/loop-iteration-condition" and + ruleId = "RULE-15-4" and + category = "advisory" + or + query = + // `Query` instance for the `switchClauseNumberCondition` query + Statements2Package::switchClauseNumberConditionQuery() and + queryId = + // `@id` for the `switchClauseNumberCondition` query + "c/misra/switch-clause-number-condition" and + ruleId = "RULE-16-6" and + category = "required" + or + query = + // `Query` instance for the `switchExpressionBoolCondition` query + Statements2Package::switchExpressionBoolConditionQuery() and + queryId = + // `@id` for the `switchExpressionBoolCondition` query + "c/misra/switch-expression-bool-condition" and + ruleId = "RULE-16-7" and + category = "required" +} + +module Statements2Package { + Query gotoLabelLocationConditionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `gotoLabelLocationCondition` query + TQueryC(TStatements2PackageQuery(TGotoLabelLocationConditionQuery())) + } + + Query gotoLabelBlockConditionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `gotoLabelBlockCondition` query + TQueryC(TStatements2PackageQuery(TGotoLabelBlockConditionQuery())) + } + + Query loopIterationConditionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `loopIterationCondition` query + TQueryC(TStatements2PackageQuery(TLoopIterationConditionQuery())) + } + + Query switchClauseNumberConditionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `switchClauseNumberCondition` query + TQueryC(TStatements2PackageQuery(TSwitchClauseNumberConditionQuery())) + } + + Query switchExpressionBoolConditionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `switchExpressionBoolCondition` query + TQueryC(TStatements2PackageQuery(TSwitchExpressionBoolConditionQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/rules/gotostatementcondition/GotoStatementCondition.qll b/cpp/common/src/codingstandards/cpp/rules/gotostatementcondition/GotoStatementCondition.qll new file mode 100644 index 0000000000..54a10b5580 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/gotostatementcondition/GotoStatementCondition.qll @@ -0,0 +1,52 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class GotoStatementConditionSharedQuery extends Query { } + +Query getQuery() { result instanceof GotoStatementConditionSharedQuery } + +query predicate problems(GotoStmt goto, string message, Stmt target, string targetLabel) { + not isExcluded(goto, getQuery()) and + target = goto.getTarget() and + exists(Location targetLoc, Location gotoLoc | + targetLoc = target.getLocation() and + gotoLoc = goto.getLocation() and + targetLoc.getFile() = gotoLoc.getFile() + | + // Starts on a previous line + targetLoc.getStartLine() < gotoLoc.getEndLine() + or + // Starts on the same line, but an earlier column + targetLoc.getStartLine() = gotoLoc.getEndLine() and + targetLoc.getEndColumn() < gotoLoc.getStartColumn() + ) + and message = "The goto jumps to the label $@ that is not declared later in the same function." and targetLabel = target.toString() +} + + + + + +// from GotoStmt goto, Stmt target +// where +// not isExcluded(goto, ConditionalsPackage::gotoStatementJumpConditionQuery()) and +// target = goto.getTarget() and +// exists(Location targetLoc, Location gotoLoc | +// targetLoc = target.getLocation() and +// gotoLoc = goto.getLocation() and +// targetLoc.getFile() = gotoLoc.getFile() +// | +// // Starts on a previous line +// targetLoc.getStartLine() < gotoLoc.getEndLine() +// or +// // Starts on the same line, but an earlier column +// targetLoc.getStartLine() = gotoLoc.getEndLine() and +// targetLoc.getEndColumn() < gotoLoc.getStartColumn() +// ) +// select goto, "The goto jumps to the label $@ that is not declared later in the same function.", +// target, goto.getName() diff --git a/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.expected b/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.ql b/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.ql new file mode 100644 index 0000000000..826a161cc6 --- /dev/null +++ b/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.gotostatementcondition.GotoStatementCondition diff --git a/cpp/common/test/rules/gotostatementcondition/test.cpp b/cpp/common/test/rules/gotostatementcondition/test.cpp new file mode 100644 index 0000000000..e69de29bb2 diff --git a/rule_packages/c/Statements2.json b/rule_packages/c/Statements2.json new file mode 100644 index 0000000000..c85c5e4404 --- /dev/null +++ b/rule_packages/c/Statements2.json @@ -0,0 +1,90 @@ +{ + "MISRA-C-2012": { + "RULE-15-2": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Unconstrained use of goto can lead to unstructured code", + "kind": "problem", + "name": "The goto statement shall jump to a label declared later in the same function", + "precision": "very-high", + "severity": "error", + "short_name": "GotoLabelLocationCondition", + "shared_implementation_short_name": "GotoStatementCondition", + "tags": [] + } + ], + "title": "The goto statement shall jump to a label declared later in the same function" + }, + "RULE-15-3": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Any label referenced by a goto statement shall be declared in the same block, or in any block enclosing the goto statement", + "kind": "problem", + "name": "Any label referenced by a goto statement shall be declared in the same block, or in any block", + "precision": "very-high", + "severity": "error", + "short_name": "GotoLabelBlockCondition", + "tags": [] + } + ], + "title": "Any label referenced by a goto statement shall be declared in the same block, or in any block enclosing the goto statement" + }, + "RULE-15-4": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "There should be no more than one break or goto statement used to terminate any iteration statement", + "precision": "very-high", + "severity": "error", + "short_name": "LoopIterationCondition", + "tags": [] + } + ], + "title": "There should be no more than one break or goto statement used to terminate any iteration statement" + }, + "RULE-16-6": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "Every switch statement shall have at least two switch-clauses", + "precision": "very-high", + "severity": "error", + "short_name": "SwitchClauseNumberCondition", + "tags": [] + } + ], + "title": "Every switch statement shall have at least two switch-clauses" + }, + "RULE-16-7": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "A switch-expression shall not have essentially Boolean type", + "precision": "very-high", + "severity": "error", + "short_name": "SwitchExpressionBoolCondition", + "tags": [] + } + ], + "title": "A switch-expression shall not have essentially Boolean type" + } + } +} \ No newline at end of file diff --git a/rule_packages/cpp/Conditionals.json b/rule_packages/cpp/Conditionals.json index 5f6a120d16..755a24d2aa 100644 --- a/rule_packages/cpp/Conditionals.json +++ b/rule_packages/cpp/Conditionals.json @@ -329,6 +329,7 @@ "precision": "very-high", "severity": "recommendation", "short_name": "GotoStatementJumpCondition", + "shared_implementation_short_name": "GotoStatementCondition", "tags": [ "maintainability", "readability" diff --git a/rules.csv b/rules.csv index 37140d4b2a..4029401639 100644 --- a/rules.csv +++ b/rules.csv @@ -698,9 +698,9 @@ c,MISRA-C-2012,RULE-14-2,Yes,Required,,,A for loop shall be well-formed,M6-5-1.. c,MISRA-C-2012,RULE-14-3,Yes,Required,,,Controlling expressions shall not be invariant,,Statements,Medium, c,MISRA-C-2012,RULE-14-4,Yes,Required,,,The controlling expression of an if statement and the controlling expression of an iteration-statement shall have essentially Boolean type,A5-0-2,Statements,Medium, c,MISRA-C-2012,RULE-15-1,No,Advisory,,,The goto statement should not be used,A6-6-1,,Import, -c,MISRA-C-2012,RULE-15-2,Yes,Required,,,The goto statement shall jump to a label declared later in the same function,M6-6-2,Statements,Import, -c,MISRA-C-2012,RULE-15-3,Yes,Required,,,"Any label referenced by a goto statement shall be declared in the same block, or in any block enclosing the goto statement",M6-6-1,Statements,Import, -c,MISRA-C-2012,RULE-15-4,Yes,Advisory,,,There should be no more than one break or goto statement used to terminate any iteration statement,,Statements,Medium, +c,MISRA-C-2012,RULE-15-2,Yes,Required,,,The goto statement shall jump to a label declared later in the same function,M6-6-2,Statements2,Import, +c,MISRA-C-2012,RULE-15-3,Yes,Required,,,"Any label referenced by a goto statement shall be declared in the same block, or in any block enclosing the goto statement",M6-6-1,Statements2,Import, +c,MISRA-C-2012,RULE-15-4,Yes,Advisory,,,There should be no more than one break or goto statement used to terminate any iteration statement,,Statements2,Medium, c,MISRA-C-2012,RULE-15-5,Yes,Advisory,,,A function should have a single point of exit at the end,,Statements,Medium, c,MISRA-C-2012,RULE-15-6,Yes,Required,,,The body of an iteration-statement or a selection-statement shall be a compund-statement,M6-3-1,Statements,Import, c,MISRA-C-2012,RULE-15-7,Yes,Required,,,All if / else if constructs shall be terminated with an else statement,M6-4-2,Statements,Import, @@ -709,8 +709,8 @@ c,MISRA-C-2012,RULE-16-2,Yes,Required,,,A switch label shall only be used when t c,MISRA-C-2012,RULE-16-3,Yes,Required,,,An unconditional break statement shall terminate every switch-clause,M6-4-5,Statements1,Import, c,MISRA-C-2012,RULE-16-4,Yes,Required,,,Every switch statement shall have a default label,M6-4-6,Statements1,Easy, c,MISRA-C-2012,RULE-16-5,Yes,Required,,,A default label shall appear as either the first or the last switch label of a switch statement,M6-4-6,Statements1,Easy, -c,MISRA-C-2012,RULE-16-6,Yes,Required,,,Every switch statement shall have at least two switch-clauses,A6-4-1,Statements,Medium, -c,MISRA-C-2012,RULE-16-7,Yes,Required,,,A switch-expression shall not have essentially Boolean type,M6-4-7,Statements,Medium, +c,MISRA-C-2012,RULE-16-6,Yes,Required,,,Every switch statement shall have at least two switch-clauses,A6-4-1,Statements2,Medium, +c,MISRA-C-2012,RULE-16-7,Yes,Required,,,A switch-expression shall not have essentially Boolean type,M6-4-7,Statements2,Medium, c,MISRA-C-2012,RULE-17-1,Yes,Required,,,The features of shall not be used,,Banned,Easy, c,MISRA-C-2012,RULE-17-2,Yes,Required,,,"Functions shall not call themselves, either directly or indirectly",A7-5-2,Statements,Import, c,MISRA-C-2012,RULE-17-3,Yes,Mandatory,,,A function shall not be declared implicitly,,Declarations6,Medium, From bb0e6a3c08e112ef7f4e71b653a7a26434183abe Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 22 Feb 2023 10:06:30 -0500 Subject: [PATCH 0513/2573] Declarations8: address review comments --- .../AppropriateStorageDurationsFunctionReturn.ql | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql b/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql index 595bd2e1d4..b5d7e5e378 100644 --- a/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql +++ b/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql @@ -13,19 +13,16 @@ import cpp import codingstandards.c.cert -import codingstandards.cpp.FunctionParameter import semmle.code.cpp.dataflow.DataFlow class Source extends StackVariable { - Source() { not this instanceof FunctionParameter } + Source() { not this instanceof Parameter } } -abstract class Sink extends DataFlow::Node { } - -class FunctionSink extends Sink { - FunctionSink() { +class Sink extends DataFlow::Node { + Sink() { //output parameter - exists(FunctionParameter f | + exists(Parameter f | f.getAnAccess() = this.(DataFlow::PostUpdateNode).getPreUpdateNode().asExpr() and f.getUnderlyingType() instanceof PointerType ) From 044350b122e763ae32dd5bedf4400be704934161 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Wed, 22 Feb 2023 18:31:31 -0800 Subject: [PATCH 0514/2573] Add `CtypeGetcharFunctions` modelling class --- .../cpp/SimpleRangeAnalysisCustomizations.qll | 22 +++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/cpp/common/src/codingstandards/cpp/SimpleRangeAnalysisCustomizations.qll b/cpp/common/src/codingstandards/cpp/SimpleRangeAnalysisCustomizations.qll index c06b6584a6..a00186bf46 100644 --- a/cpp/common/src/codingstandards/cpp/SimpleRangeAnalysisCustomizations.qll +++ b/cpp/common/src/codingstandards/cpp/SimpleRangeAnalysisCustomizations.qll @@ -151,6 +151,28 @@ private class CastEnumToIntegerSimpleRange extends SimpleRangeAnalysisExpr, Cast override predicate dependsOnChild(Expr child) { child = getExpr() } } +/** + * functions that reads a character from the STDIN, + * or returns EOF if it fails to do so. + * Their return type is `int` by their signatures, but + * they actually return either an unsigned char or the EOF. + */ +private class CtypeGetcharFunctionsRange extends SimpleRangeAnalysisExpr, FunctionCall { + CtypeGetcharFunctionsRange() { + this.getFile().(HeaderFile).getBaseName() = "stdio.h" and + this.getTarget().getName().regexpMatch("(fgetc|getc|getchar|)") + } + + /* It can return an EOF, which is -1 on most implementations. */ + override float getLowerBounds() { result = -1 } + + /* Otherwise, it can return any unsigned char. */ + override float getUpperBounds() { result = 255 } + + /* No, its call does not depend on any of its child. */ + override predicate dependsOnChild(Expr expr) { none() } +} + /** * Gets the value of the expression `e`, if it is a constant. * From 71f4dc4455633023bae70e3b3ae5d21715009485 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Thu, 23 Feb 2023 09:09:10 -0800 Subject: [PATCH 0515/2573] Minor comments --- .../cpp/SimpleRangeAnalysisCustomizations.qll | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/SimpleRangeAnalysisCustomizations.qll b/cpp/common/src/codingstandards/cpp/SimpleRangeAnalysisCustomizations.qll index a00186bf46..ab6a34584e 100644 --- a/cpp/common/src/codingstandards/cpp/SimpleRangeAnalysisCustomizations.qll +++ b/cpp/common/src/codingstandards/cpp/SimpleRangeAnalysisCustomizations.qll @@ -152,10 +152,10 @@ private class CastEnumToIntegerSimpleRange extends SimpleRangeAnalysisExpr, Cast } /** - * functions that reads a character from the STDIN, - * or returns EOF if it fails to do so. + * functions that read a character from the STDIN, + * or return EOF if it fails to do so. * Their return type is `int` by their signatures, but - * they actually return either an unsigned char or the EOF. + * they actually return either an unsigned char or an EOF. */ private class CtypeGetcharFunctionsRange extends SimpleRangeAnalysisExpr, FunctionCall { CtypeGetcharFunctionsRange() { From 4d55a700ec3ec795306d4ebcb928908e3c7c9b5f Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Thu, 23 Feb 2023 10:24:41 -0800 Subject: [PATCH 0516/2573] Modify/Add test cases to 21-13 --- c/misra/test/rules/RULE-21-13/test.c | 23 +++++++++++++++++------ 1 file changed, 17 insertions(+), 6 deletions(-) diff --git a/c/misra/test/rules/RULE-21-13/test.c b/c/misra/test/rules/RULE-21-13/test.c index 22ad07abdd..ed6dd66fd6 100644 --- a/c/misra/test/rules/RULE-21-13/test.c +++ b/c/misra/test/rules/RULE-21-13/test.c @@ -5,22 +5,33 @@ void sample() { unsigned char c1 = 'c'; int r1 = isalnum( c1); // COMPLIANT: ASCII 99 is within unsigned char range of [0, 255] - unsigned char x1 = EOF; - unsigned char x2 = x1; - unsigned char c2 = x2; - int r2 = isdigit(c2); // COMPLIANT: EOF (-1) + int r2 = isdigit(EOF); // COMPLIANT: EOF (-1) int x3 = 256; int x4 = x3; int c3 = x4; int r3 = - islower(c3); // NON_COMPLIANT: is outside unsigned char range of[0, 255] + islower(c3); // NON_COMPLIANT: is outside unsigned char range of [0, 255] unsigned char x5 = EOF; unsigned char x6 = x5; int c4 = x6 + 10000; int r4 = - isdigit(c4); // NON_COMPLIANT: is outside unsigned char range of[0, 255] + isdigit(c4); // NON_COMPLIANT: is outside unsigned char range of [0, 255] + + int c5 = getchar(); + int r5 = isdigit(c5); // COMPLIANT[FALSE_POSITIVE]: library functions like + // getchar needs to be modelled + + unsigned char x7 = 1; + char c6; + if (x7 == 1) { + c6 = EOF; + } else { + c6 = 'c'; + } + int r6 = + isdigit(c6); // COMPLIANT: either control branch make this call compliant. } int main() { return 0; } \ No newline at end of file From a9f2fbec9f46ca5aa6ca80289a7afcda66fce118 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Thu, 23 Feb 2023 12:08:45 -0800 Subject: [PATCH 0517/2573] checkpoint --- .../CtypeFunctionArgNotUnsignedCharOrEof.ql | 42 ++++++++++--------- 1 file changed, 23 insertions(+), 19 deletions(-) diff --git a/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql b/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql index b302bf7c37..01b8334431 100644 --- a/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql +++ b/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql @@ -14,30 +14,34 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.ReadErrorsAndEOF import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis -import semmle.code.cpp.rangeanalysis.RangeAnalysisUtils +//import semmle.code.cpp.rangeanalysis.RangeAnalysisUtils class CtypeFunction extends Function { CtypeFunction() { this.getADeclaration().getAFile().(HeaderFile).getBaseName() = "ctype.h" } } +/* TODO Under construction */ from FunctionCall ctypeCall where not isExcluded(ctypeCall, - StandardLibraryFunctionTypesPackage::ctypeFunctionArgNotUnsignedCharOrEofQuery()) and - not exists(CtypeFunction ctype, UnsignedCharType unsignedChar | - ctypeCall = ctype.getACallToThisFunction() - | - /* Case 1: The argument's value should be in the `unsigned char` range. */ - // Use `.getExplicitlyConverted` to consider inline argument casts. - typeLowerBound(unsignedChar) <= lowerBound(ctypeCall.getAnArgument().getExplicitlyConverted()) and - upperBound(ctypeCall.getAnArgument().getExplicitlyConverted()) <= typeUpperBound(unsignedChar) - or - /* Case 2: EOF flows to this argument without modifications. */ - exists(EOFInvocation eof | - DataFlow::localFlow(DataFlow::exprNode(eof.getExpr()), - DataFlow::exprNode(ctypeCall.getAnArgument())) - ) - ) -select ctypeCall, - "The function " + ctypeCall + " accepts an argument " + - ctypeCall.getAnArgument().toString() + " that is not an unsigned char nor an EOF." + StandardLibraryFunctionTypesPackage::ctypeFunctionArgNotUnsignedCharOrEofQuery()) +// and +// not exists(CtypeFunction ctype, Expr ctypeCallArgument | +// ctype = ctypeCall.getTarget() and +// ctypeCallArgument = ctypeCall.getAnArgument().getExplicitlyConverted() +// | +// /* Case 1: The argument's value should be in the `unsigned char` range. */ +// // Use `.getExplicitlyConverted` to consider inline argument casts. +// -1 <= lowerBound(ctypeCallArgument) and +// upperBound(ctypeCallArgument) <= 255 +// or +// /* Case 2: EOF flows to this argument without modifications. */ +// exists(EOFInvocation eof | +// DataFlow::localFlow(DataFlow::exprNode(eof.getExpr()), DataFlow::exprNode(ctypeCallArgument)) +// ) +// ) +select ctypeCall.getAnArgument(), lowerBound(ctypeCall.getAnArgument()), + upperBound(ctypeCall.getAnArgument()) +// select ctypeCall, +// "The function " + ctypeCall + " accepts an argument " + +// ctypeCall.getAnArgument().toString() + " that is not an unsigned char nor an EOF." From c76909cd452c4be17bafade3af036baacc380000 Mon Sep 17 00:00:00 2001 From: Shadi Samadi Date: Fri, 24 Feb 2023 10:00:13 +1100 Subject: [PATCH 0518/2573] Implementation for RULE-15-2 --- .../GotoStatementCondition.expected | 4 +- .../test/rules/gotostatementcondition/test.c | 17 +++++ .../RULE-15-2/GotoLabelLocationCondition.ql | 4 +- .../GotoStatementJumpCondition.expected | 8 +-- .../GotoStatementCondition.qll | 64 +++++++------------ rule_packages/c/Statements2.json | 7 +- 6 files changed, 56 insertions(+), 48 deletions(-) diff --git a/c/common/test/rules/gotostatementcondition/GotoStatementCondition.expected b/c/common/test/rules/gotostatementcondition/GotoStatementCondition.expected index 2ec1a0ac6c..e522289c7b 100644 --- a/c/common/test/rules/gotostatementcondition/GotoStatementCondition.expected +++ b/c/common/test/rules/gotostatementcondition/GotoStatementCondition.expected @@ -1 +1,3 @@ -No expected results have yet been specified \ No newline at end of file +| test.c:5:3:5:10 | goto ... | The $@ statement jumps to a $@ that is not declared later in the same function. | test.c:5:3:5:10 | goto ... | L1 | test.c:2:1:2:3 | label ...: | label ...: | +| test.c:14:3:14:10 | goto ... | The $@ statement jumps to a $@ that is not declared later in the same function. | test.c:14:3:14:10 | goto ... | L2 | test.c:12:1:12:3 | label ...: | label ...: | +| test.c:16:3:16:10 | goto ... | The $@ statement jumps to a $@ that is not declared later in the same function. | test.c:16:3:16:10 | goto ... | L1 | test.c:11:1:11:3 | label ...: | label ...: | diff --git a/c/common/test/rules/gotostatementcondition/test.c b/c/common/test/rules/gotostatementcondition/test.c index e69de29bb2..2c189cd433 100644 --- a/c/common/test/rules/gotostatementcondition/test.c +++ b/c/common/test/rules/gotostatementcondition/test.c @@ -0,0 +1,17 @@ +void f1() { +L1:; + goto L2; // COMPLIANT + ; + goto L1; // NON_COMPLIANT + +L2:; +} + +void f2() { +L1:; +L2: + goto L3; // COMPLIANT + goto L2; // NON_COMPLIANT +L3: + goto L1; // NON_COMPLIANT +} diff --git a/c/misra/src/rules/RULE-15-2/GotoLabelLocationCondition.ql b/c/misra/src/rules/RULE-15-2/GotoLabelLocationCondition.ql index 36d1640d6b..99940dbff2 100644 --- a/c/misra/src/rules/RULE-15-2/GotoLabelLocationCondition.ql +++ b/c/misra/src/rules/RULE-15-2/GotoLabelLocationCondition.ql @@ -4,8 +4,10 @@ * @description Unconstrained use of goto can lead to unstructured code * @kind problem * @precision very-high - * @problem.severity error + * @problem.severity recommendation * @tags external/misra/id/rule-15-2 + * maintainability + * readability * external/misra/obligation/required */ diff --git a/cpp/autosar/test/rules/M6-6-2/GotoStatementJumpCondition.expected b/cpp/autosar/test/rules/M6-6-2/GotoStatementJumpCondition.expected index 58df2b5ec1..dba183caaf 100644 --- a/cpp/autosar/test/rules/M6-6-2/GotoStatementJumpCondition.expected +++ b/cpp/autosar/test/rules/M6-6-2/GotoStatementJumpCondition.expected @@ -1,4 +1,4 @@ -| test.cpp:7:3:7:11 | goto ... | The goto jumps to the label $@ that is not declared later in the same function. | test.cpp:3:1:3:4 | label ...: | bad | -| test.cpp:21:3:21:11 | goto ... | The goto jumps to the label $@ that is not declared later in the same function. | test.cpp:17:1:17:4 | label ...: | bad | -| test.cpp:24:3:24:13 | goto ... | The goto jumps to the label $@ that is not declared later in the same function. | test.cpp:15:1:15:6 | label ...: | sobad | -| test.cpp:31:3:31:11 | goto ... | The goto jumps to the label $@ that is not declared later in the same function. | test.cpp:29:1:29:4 | label ...: | bad | +| test.cpp:7:3:7:11 | goto ... | The $@ statement jumps to a $@ that is not declared later in the same function. | test.cpp:7:3:7:11 | goto ... | bad | test.cpp:3:1:3:4 | label ...: | label ...: | +| test.cpp:21:3:21:11 | goto ... | The $@ statement jumps to a $@ that is not declared later in the same function. | test.cpp:21:3:21:11 | goto ... | bad | test.cpp:17:1:17:4 | label ...: | label ...: | +| test.cpp:24:3:24:13 | goto ... | The $@ statement jumps to a $@ that is not declared later in the same function. | test.cpp:24:3:24:13 | goto ... | sobad | test.cpp:15:1:15:6 | label ...: | label ...: | +| test.cpp:31:3:31:11 | goto ... | The $@ statement jumps to a $@ that is not declared later in the same function. | test.cpp:31:3:31:11 | goto ... | bad | test.cpp:29:1:29:4 | label ...: | label ...: | diff --git a/cpp/common/src/codingstandards/cpp/rules/gotostatementcondition/GotoStatementCondition.qll b/cpp/common/src/codingstandards/cpp/rules/gotostatementcondition/GotoStatementCondition.qll index 54a10b5580..74c6abbade 100644 --- a/cpp/common/src/codingstandards/cpp/rules/gotostatementcondition/GotoStatementCondition.qll +++ b/cpp/common/src/codingstandards/cpp/rules/gotostatementcondition/GotoStatementCondition.qll @@ -1,5 +1,6 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library which includes a `problems` predicate for reporting goto statements that jump to labels + * declared later in the same funciton. */ import cpp @@ -10,43 +11,26 @@ abstract class GotoStatementConditionSharedQuery extends Query { } Query getQuery() { result instanceof GotoStatementConditionSharedQuery } -query predicate problems(GotoStmt goto, string message, Stmt target, string targetLabel) { - not isExcluded(goto, getQuery()) and - target = goto.getTarget() and - exists(Location targetLoc, Location gotoLoc | - targetLoc = target.getLocation() and - gotoLoc = goto.getLocation() and - targetLoc.getFile() = gotoLoc.getFile() - | - // Starts on a previous line - targetLoc.getStartLine() < gotoLoc.getEndLine() - or - // Starts on the same line, but an earlier column - targetLoc.getStartLine() = gotoLoc.getEndLine() and - targetLoc.getEndColumn() < gotoLoc.getStartColumn() - ) - and message = "The goto jumps to the label $@ that is not declared later in the same function." and targetLabel = target.toString() +query predicate problems( + GotoStmt goto, string message, GotoStmt gotoLocation, string gotoLabel, Stmt target, + string targetLabel +) { + not isExcluded(goto, getQuery()) and + target = goto.getTarget() and + exists(Location targetLoc, Location gotoLoc | + targetLoc = target.getLocation() and + gotoLoc = goto.getLocation() and + targetLoc.getFile() = gotoLoc.getFile() + | + // Starts on a previous line + targetLoc.getStartLine() < gotoLoc.getEndLine() + or + // Starts on the same line, but an earlier column + targetLoc.getStartLine() = gotoLoc.getEndLine() and + targetLoc.getEndColumn() < gotoLoc.getStartColumn() + ) and + goto = gotoLocation and + message = "The $@ statement jumps to a $@ that is not declared later in the same function." and + gotoLabel = goto.getName() and + targetLabel = target.toString() } - - - - - -// from GotoStmt goto, Stmt target -// where -// not isExcluded(goto, ConditionalsPackage::gotoStatementJumpConditionQuery()) and -// target = goto.getTarget() and -// exists(Location targetLoc, Location gotoLoc | -// targetLoc = target.getLocation() and -// gotoLoc = goto.getLocation() and -// targetLoc.getFile() = gotoLoc.getFile() -// | -// // Starts on a previous line -// targetLoc.getStartLine() < gotoLoc.getEndLine() -// or -// // Starts on the same line, but an earlier column -// targetLoc.getStartLine() = gotoLoc.getEndLine() and -// targetLoc.getEndColumn() < gotoLoc.getStartColumn() -// ) -// select goto, "The goto jumps to the label $@ that is not declared later in the same function.", -// target, goto.getName() diff --git a/rule_packages/c/Statements2.json b/rule_packages/c/Statements2.json index c85c5e4404..b1fcf55926 100644 --- a/rule_packages/c/Statements2.json +++ b/rule_packages/c/Statements2.json @@ -10,10 +10,13 @@ "kind": "problem", "name": "The goto statement shall jump to a label declared later in the same function", "precision": "very-high", - "severity": "error", + "severity": "recommendation", "short_name": "GotoLabelLocationCondition", "shared_implementation_short_name": "GotoStatementCondition", - "tags": [] + "tags": [ + "maintainability", + "readability" + ] } ], "title": "The goto statement shall jump to a label declared later in the same function" From b6abb97c45d0ba53ebfe2a6a7d5a9af4fdb4d93d Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Thu, 23 Feb 2023 15:36:13 -0800 Subject: [PATCH 0519/2573] Add missing change note --- .../2022-02-23-fix-reported-fp-for-a0-1-2-and-a0-1-4.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 change_notes/2022-02-23-fix-reported-fp-for-a0-1-2-and-a0-1-4.md diff --git a/change_notes/2022-02-23-fix-reported-fp-for-a0-1-2-and-a0-1-4.md b/change_notes/2022-02-23-fix-reported-fp-for-a0-1-2-and-a0-1-4.md new file mode 100644 index 0000000000..f10f4acf0b --- /dev/null +++ b/change_notes/2022-02-23-fix-reported-fp-for-a0-1-2-and-a0-1-4.md @@ -0,0 +1,4 @@ +- `A0-1-2` + - Addressed false positives where the return values are cast to `void` in C-style or assigned to `std::ignore`. +- `A0-1-4` + - Addressed false positives where the parameters are marked with attribute `[[maybe_unused]]`, or either cast to `void` in C-style or assigned to `std::ignore` in the function body. \ No newline at end of file From 2fb5f48cfafd887b87df28224393caed664a4234 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Thu, 23 Feb 2023 15:49:18 -0800 Subject: [PATCH 0520/2573] Clean up commented code --- .../A13-5-2/UserDefinedConversionOperatorsNotDefinedExplicit.ql | 2 -- 1 file changed, 2 deletions(-) diff --git a/cpp/autosar/src/rules/A13-5-2/UserDefinedConversionOperatorsNotDefinedExplicit.ql b/cpp/autosar/src/rules/A13-5-2/UserDefinedConversionOperatorsNotDefinedExplicit.ql index 9eb7b2d38b..ced94c5bdd 100644 --- a/cpp/autosar/src/rules/A13-5-2/UserDefinedConversionOperatorsNotDefinedExplicit.ql +++ b/cpp/autosar/src/rules/A13-5-2/UserDefinedConversionOperatorsNotDefinedExplicit.ql @@ -15,7 +15,6 @@ import cpp import codingstandards.cpp.autosar -// import semmle.code.cpp.PrintAST class ExplicitConversionOperator extends ConversionOperator { ExplicitConversionOperator() { exists(Specifier spec | @@ -31,4 +30,3 @@ where not op instanceof ExplicitConversionOperator and not op.isCompilerGenerated() select op, "User-defined conversion operator is not explicit." -// select 1 From e9749e400420d5991b7139cc96ae6acb146882b3 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Thu, 23 Feb 2023 15:54:41 -0800 Subject: [PATCH 0521/2573] Add missing change note --- change_notes/2022-02-23-a13-5-2-fix-reported-fp-for-a13-5-2.md | 1 + 1 file changed, 1 insertion(+) create mode 100644 change_notes/2022-02-23-a13-5-2-fix-reported-fp-for-a13-5-2.md diff --git a/change_notes/2022-02-23-a13-5-2-fix-reported-fp-for-a13-5-2.md b/change_notes/2022-02-23-a13-5-2-fix-reported-fp-for-a13-5-2.md new file mode 100644 index 0000000000..736d559ce3 --- /dev/null +++ b/change_notes/2022-02-23-a13-5-2-fix-reported-fp-for-a13-5-2.md @@ -0,0 +1 @@ +- Address a false positive on `a13-5-2` where lambda expressions with empty captures were being flagged as having a non-compliant conversion operator. \ No newline at end of file From e71e36d67b1956e68e466e30af74fc2d21ebb9c0 Mon Sep 17 00:00:00 2001 From: Shadi Samadi Date: Fri, 24 Feb 2023 11:42:14 +1100 Subject: [PATCH 0522/2573] added fullstop to 15-2 description --- c/misra/src/rules/RULE-15-2/GotoLabelLocationCondition.ql | 2 +- rule_packages/c/Statements2.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/c/misra/src/rules/RULE-15-2/GotoLabelLocationCondition.ql b/c/misra/src/rules/RULE-15-2/GotoLabelLocationCondition.ql index 99940dbff2..7ad9963d14 100644 --- a/c/misra/src/rules/RULE-15-2/GotoLabelLocationCondition.ql +++ b/c/misra/src/rules/RULE-15-2/GotoLabelLocationCondition.ql @@ -1,7 +1,7 @@ /** * @id c/misra/goto-label-location-condition * @name RULE-15-2: The goto statement shall jump to a label declared later in the same function - * @description Unconstrained use of goto can lead to unstructured code + * @description Unconstrained use of goto can lead to unstructured code. * @kind problem * @precision very-high * @problem.severity recommendation diff --git a/rule_packages/c/Statements2.json b/rule_packages/c/Statements2.json index b1fcf55926..dbf2ebb102 100644 --- a/rule_packages/c/Statements2.json +++ b/rule_packages/c/Statements2.json @@ -6,7 +6,7 @@ }, "queries": [ { - "description": "Unconstrained use of goto can lead to unstructured code", + "description": "Unconstrained use of goto can lead to unstructured code.", "kind": "problem", "name": "The goto statement shall jump to a label declared later in the same function", "precision": "very-high", From 2dc3ba324573fe76209707176e5fe9fec9aaa968 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Fri, 24 Feb 2023 15:44:02 -0800 Subject: [PATCH 0523/2573] Initialize Types package --- .../INT34-C/DoNotShiftAnExpressionByANegat.md | 16 + .../INT34-C/DoNotShiftAnExpressionByANegat.ql | 19 + ...ftedbyNegativeOrGreaterPrecisionOperand.md | 16 + ...ftedbyNegativeOrGreaterPrecisionOperand.ql | 19 + ...tingAPointerToIntegerOrIntegerToPointer.md | 18 + ...tingAPointerToIntegerOrIntegerToPointer.ql | 19 + .../DoNotShiftAnExpressionByANegat.expected | 1 + .../DoNotShiftAnExpressionByANegat.qlref | 1 + ...NegativeOrGreaterPrecisionOperand.expected | 1 + ...dbyNegativeOrGreaterPrecisionOperand.qlref | 1 + ...ointerToIntegerOrIntegerToPointer.expected | 1 + ...gAPointerToIntegerOrIntegerToPointer.qlref | 1 + ...ainNumericalTypeUsedOverExplicitTypedef.ql | 19 + .../DIR-4-6/TypedefsThatIndicateSizeAndSig.ql | 18 + .../RULE-12-5/SizeofOperatorHaveAnOperan.ql | 19 + .../SizeofOperatorUsedOnArrayTypeParam.ql | 19 + .../StringLiteralAssignedToAnObject.ql | 19 + .../StringLiteralAssignedToNonConstChar.ql | 19 + ...ericalTypeUsedOverExplicitTypedef.expected | 1 + ...NumericalTypeUsedOverExplicitTypedef.qlref | 1 + .../TypedefsThatIndicateSizeAndSig.expected | 1 + .../TypedefsThatIndicateSizeAndSig.qlref | 1 + .../SizeofOperatorHaveAnOperan.expected | 1 + .../SizeofOperatorHaveAnOperan.qlref | 1 + ...izeofOperatorUsedOnArrayTypeParam.expected | 1 + .../SizeofOperatorUsedOnArrayTypeParam.qlref | 1 + .../StringLiteralAssignedToAnObject.expected | 1 + .../StringLiteralAssignedToAnObject.qlref | 1 + ...ringLiteralAssignedToNonConstChar.expected | 1 + .../StringLiteralAssignedToNonConstChar.qlref | 1 + .../cpp/exclusions/c/RuleMetadata.qll | 7 +- .../cpp/exclusions/c/Types.qll | 519 ++---------------- rule_packages/c/Types.json | 482 ++++++++++++++++ 33 files changed, 772 insertions(+), 474 deletions(-) create mode 100644 c/cert/src/rules/INT34-C/DoNotShiftAnExpressionByANegat.md create mode 100644 c/cert/src/rules/INT34-C/DoNotShiftAnExpressionByANegat.ql create mode 100644 c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.md create mode 100644 c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql create mode 100644 c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.md create mode 100644 c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql create mode 100644 c/cert/test/rules/INT34-C/DoNotShiftAnExpressionByANegat.expected create mode 100644 c/cert/test/rules/INT34-C/DoNotShiftAnExpressionByANegat.qlref create mode 100644 c/cert/test/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.expected create mode 100644 c/cert/test/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.qlref create mode 100644 c/cert/test/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.expected create mode 100644 c/cert/test/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.qlref create mode 100644 c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql create mode 100644 c/misra/src/rules/DIR-4-6/TypedefsThatIndicateSizeAndSig.ql create mode 100644 c/misra/src/rules/RULE-12-5/SizeofOperatorHaveAnOperan.ql create mode 100644 c/misra/src/rules/RULE-12-5/SizeofOperatorUsedOnArrayTypeParam.ql create mode 100644 c/misra/src/rules/RULE-7-4/StringLiteralAssignedToAnObject.ql create mode 100644 c/misra/src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql create mode 100644 c/misra/test/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.expected create mode 100644 c/misra/test/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.qlref create mode 100644 c/misra/test/rules/DIR-4-6/TypedefsThatIndicateSizeAndSig.expected create mode 100644 c/misra/test/rules/DIR-4-6/TypedefsThatIndicateSizeAndSig.qlref create mode 100644 c/misra/test/rules/RULE-12-5/SizeofOperatorHaveAnOperan.expected create mode 100644 c/misra/test/rules/RULE-12-5/SizeofOperatorHaveAnOperan.qlref create mode 100644 c/misra/test/rules/RULE-12-5/SizeofOperatorUsedOnArrayTypeParam.expected create mode 100644 c/misra/test/rules/RULE-12-5/SizeofOperatorUsedOnArrayTypeParam.qlref create mode 100644 c/misra/test/rules/RULE-7-4/StringLiteralAssignedToAnObject.expected create mode 100644 c/misra/test/rules/RULE-7-4/StringLiteralAssignedToAnObject.qlref create mode 100644 c/misra/test/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.expected create mode 100644 c/misra/test/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.qlref create mode 100644 rule_packages/c/Types.json diff --git a/c/cert/src/rules/INT34-C/DoNotShiftAnExpressionByANegat.md b/c/cert/src/rules/INT34-C/DoNotShiftAnExpressionByANegat.md new file mode 100644 index 0000000000..66c3d5a7a0 --- /dev/null +++ b/c/cert/src/rules/INT34-C/DoNotShiftAnExpressionByANegat.md @@ -0,0 +1,16 @@ +# INT34-C: Do not shift an expression by a negative number of bits or by greater than or equal to the number of + +This query implements the CERT-C rule INT34-C: + +> Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand +## CERT + +** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** + +## Implementation notes + +None + +## References + +* CERT-C: [INT34-C: Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/INT34-C/DoNotShiftAnExpressionByANegat.ql b/c/cert/src/rules/INT34-C/DoNotShiftAnExpressionByANegat.ql new file mode 100644 index 0000000000..ac5def1e01 --- /dev/null +++ b/c/cert/src/rules/INT34-C/DoNotShiftAnExpressionByANegat.ql @@ -0,0 +1,19 @@ +/** + * @id c/cert/do-not-shift-an-expression-by-a-negat + * @name INT34-C: Do not shift an expression by a negative number of bits or by greater than or equal to the number of + * @description Do not shift an expression by a negative number of bits or by greater than or equal + * to the number of bits that exist in the operand.. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/cert/id/int34-c + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert + +from +where + not isExcluded(x, TypesPackage::doNotShiftAnExpressionByANegatQuery()) and +select diff --git a/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.md b/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.md new file mode 100644 index 0000000000..601dea39c0 --- /dev/null +++ b/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.md @@ -0,0 +1,16 @@ +# INT34-C: Bit shift should not be done by a negative operand or an operand of greater-or-equal precision than that of another + +This query implements the CERT-C rule INT34-C: + +> Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand +## CERT + +** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** + +## Implementation notes + +None + +## References + +* CERT-C: [INT34-C: Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql b/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql new file mode 100644 index 0000000000..63de22a8cb --- /dev/null +++ b/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql @@ -0,0 +1,19 @@ +/** + * @id c/cert/expr-shiftedby-negative-or-greater-precision-operand + * @name INT34-C: Bit shift should not be done by a negative operand or an operand of greater-or-equal precision than that of another + * @description Shifting an expression by an operand that is negative or of precision greater or + * equal to that or the another causes representational error. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/cert/id/int34-c + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert + +from +where + not isExcluded(x, TypesPackage::exprShiftedbyNegativeOrGreaterPrecisionOperandQuery()) and +select diff --git a/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.md b/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.md new file mode 100644 index 0000000000..f2fd9caa6e --- /dev/null +++ b/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.md @@ -0,0 +1,18 @@ +# INT36-C: Do not convert pointers to integers and back + +This query implements the CERT-C rule INT36-C: + +> Converting a pointer to integer or integer to pointer + + +## CERT + +** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** + +## Implementation notes + +None + +## References + +* CERT-C: [INT36-C: Converting a pointer to integer or integer to pointer](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql b/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql new file mode 100644 index 0000000000..f63fa16f68 --- /dev/null +++ b/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql @@ -0,0 +1,19 @@ +/** + * @id c/cert/converting-a-pointer-to-integer-or-integer-to-pointer + * @name INT36-C: Do not convert pointers to integers and back + * @description Converting between pointers and integers is not portable and might cause invalid + * memory access. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/cert/id/int36-c + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert + +from +where + not isExcluded(x, TypesPackage::convertingAPointerToIntegerOrIntegerToPointerQuery()) and +select diff --git a/c/cert/test/rules/INT34-C/DoNotShiftAnExpressionByANegat.expected b/c/cert/test/rules/INT34-C/DoNotShiftAnExpressionByANegat.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/cert/test/rules/INT34-C/DoNotShiftAnExpressionByANegat.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/cert/test/rules/INT34-C/DoNotShiftAnExpressionByANegat.qlref b/c/cert/test/rules/INT34-C/DoNotShiftAnExpressionByANegat.qlref new file mode 100644 index 0000000000..2c0ac34aa2 --- /dev/null +++ b/c/cert/test/rules/INT34-C/DoNotShiftAnExpressionByANegat.qlref @@ -0,0 +1 @@ +rules/INT34-C/DoNotShiftAnExpressionByANegat.ql \ No newline at end of file diff --git a/c/cert/test/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.expected b/c/cert/test/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/cert/test/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/cert/test/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.qlref b/c/cert/test/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.qlref new file mode 100644 index 0000000000..9ed91335c9 --- /dev/null +++ b/c/cert/test/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.qlref @@ -0,0 +1 @@ +rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql \ No newline at end of file diff --git a/c/cert/test/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.expected b/c/cert/test/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/cert/test/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/cert/test/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.qlref b/c/cert/test/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.qlref new file mode 100644 index 0000000000..70ae157f74 --- /dev/null +++ b/c/cert/test/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.qlref @@ -0,0 +1 @@ +rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql \ No newline at end of file diff --git a/c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql b/c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql new file mode 100644 index 0000000000..7e420aa1a3 --- /dev/null +++ b/c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql @@ -0,0 +1,19 @@ +/** + * @id c/misra/plain-numerical-type-used-over-explicit-typedef + * @name DIR-4-6: Do not use plain numerical types over typedefs named after their explicit bit layout + * @description Using plain numerical types over typedefs with explicit sign and bit counts may lead + * to confusion on how much bits are allocated for a value. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/misra/id/dir-4-6 + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.c.misra + +from +where + not isExcluded(x, TypesPackage::plainNumericalTypeUsedOverExplicitTypedefQuery()) and +select diff --git a/c/misra/src/rules/DIR-4-6/TypedefsThatIndicateSizeAndSig.ql b/c/misra/src/rules/DIR-4-6/TypedefsThatIndicateSizeAndSig.ql new file mode 100644 index 0000000000..32f6f10a9a --- /dev/null +++ b/c/misra/src/rules/DIR-4-6/TypedefsThatIndicateSizeAndSig.ql @@ -0,0 +1,18 @@ +/** + * @id c/misra/typedefs-that-indicate-size-and-sig + * @name DIR-4-6: typedefs that indicate size and signedness should be used in place of the basic numerical types + * @description TODO. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/misra/id/dir-4-6 + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.c.misra + +from +where + not isExcluded(x, TypesPackage::typedefsThatIndicateSizeAndSigQuery()) and +select diff --git a/c/misra/src/rules/RULE-12-5/SizeofOperatorHaveAnOperan.ql b/c/misra/src/rules/RULE-12-5/SizeofOperatorHaveAnOperan.ql new file mode 100644 index 0000000000..46b1ffc740 --- /dev/null +++ b/c/misra/src/rules/RULE-12-5/SizeofOperatorHaveAnOperan.ql @@ -0,0 +1,19 @@ +/** + * @id c/misra/sizeof-operator-have-an-operan + * @name RULE-12-5: The sizeof operator shall not have an operand which is a function parameter declared as 'array of + * @description The sizeof operator shall not have an operand which is a function parameter declared + * as 'array of type'. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-12-5 + * external/misra/obligation/mandatory + */ + +import cpp +import codingstandards.c.misra + +from +where + not isExcluded(x, TypesPackage::sizeofOperatorHaveAnOperanQuery()) and +select diff --git a/c/misra/src/rules/RULE-12-5/SizeofOperatorUsedOnArrayTypeParam.ql b/c/misra/src/rules/RULE-12-5/SizeofOperatorUsedOnArrayTypeParam.ql new file mode 100644 index 0000000000..e5a212b033 --- /dev/null +++ b/c/misra/src/rules/RULE-12-5/SizeofOperatorUsedOnArrayTypeParam.ql @@ -0,0 +1,19 @@ +/** + * @id c/misra/sizeof-operator-used-on-array-type-param + * @name RULE-12-5: The sizeof operator should not be used on an array type function parameter. + * @description Using sizeof operator on an array type function parameter leads to unintended + * results. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-12-5 + * external/misra/obligation/mandatory + */ + +import cpp +import codingstandards.c.misra + +from +where + not isExcluded(x, TypesPackage::sizeofOperatorUsedOnArrayTypeParamQuery()) and +select diff --git a/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToAnObject.ql b/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToAnObject.ql new file mode 100644 index 0000000000..5842903f79 --- /dev/null +++ b/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToAnObject.ql @@ -0,0 +1,19 @@ +/** + * @id c/misra/string-literal-assigned-to-an-object + * @name RULE-7-4: A string literal shall not be assigned to an object unless the object's type is 'pointer to + * @description A string literal shall not be assigned to an object unless the object's type is + * 'pointer to const-qualified char'. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-7-4 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +from +where + not isExcluded(x, TypesPackage::stringLiteralAssignedToAnObjectQuery()) and +select diff --git a/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql b/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql new file mode 100644 index 0000000000..cf92446bca --- /dev/null +++ b/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql @@ -0,0 +1,19 @@ +/** + * @id c/misra/string-literal-assigned-to-non-const-char + * @name RULE-7-4: A string literal shall only be assigned to a pointer to const char. + * @description Assigning string literal to a variable with type other than a pointer to const char + * and modifying it causes undefined behavior . + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-7-4 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +from +where + not isExcluded(x, TypesPackage::stringLiteralAssignedToNonConstCharQuery()) and +select diff --git a/c/misra/test/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.expected b/c/misra/test/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.qlref b/c/misra/test/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.qlref new file mode 100644 index 0000000000..283e88209c --- /dev/null +++ b/c/misra/test/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.qlref @@ -0,0 +1 @@ +rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql \ No newline at end of file diff --git a/c/misra/test/rules/DIR-4-6/TypedefsThatIndicateSizeAndSig.expected b/c/misra/test/rules/DIR-4-6/TypedefsThatIndicateSizeAndSig.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/DIR-4-6/TypedefsThatIndicateSizeAndSig.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/DIR-4-6/TypedefsThatIndicateSizeAndSig.qlref b/c/misra/test/rules/DIR-4-6/TypedefsThatIndicateSizeAndSig.qlref new file mode 100644 index 0000000000..9a6e2990cd --- /dev/null +++ b/c/misra/test/rules/DIR-4-6/TypedefsThatIndicateSizeAndSig.qlref @@ -0,0 +1 @@ +rules/DIR-4-6/TypedefsThatIndicateSizeAndSig.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-12-5/SizeofOperatorHaveAnOperan.expected b/c/misra/test/rules/RULE-12-5/SizeofOperatorHaveAnOperan.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/RULE-12-5/SizeofOperatorHaveAnOperan.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-12-5/SizeofOperatorHaveAnOperan.qlref b/c/misra/test/rules/RULE-12-5/SizeofOperatorHaveAnOperan.qlref new file mode 100644 index 0000000000..2986a9fda3 --- /dev/null +++ b/c/misra/test/rules/RULE-12-5/SizeofOperatorHaveAnOperan.qlref @@ -0,0 +1 @@ +rules/RULE-12-5/SizeofOperatorHaveAnOperan.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-12-5/SizeofOperatorUsedOnArrayTypeParam.expected b/c/misra/test/rules/RULE-12-5/SizeofOperatorUsedOnArrayTypeParam.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/RULE-12-5/SizeofOperatorUsedOnArrayTypeParam.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-12-5/SizeofOperatorUsedOnArrayTypeParam.qlref b/c/misra/test/rules/RULE-12-5/SizeofOperatorUsedOnArrayTypeParam.qlref new file mode 100644 index 0000000000..6b6424aad4 --- /dev/null +++ b/c/misra/test/rules/RULE-12-5/SizeofOperatorUsedOnArrayTypeParam.qlref @@ -0,0 +1 @@ +rules/RULE-12-5/SizeofOperatorUsedOnArrayTypeParam.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToAnObject.expected b/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToAnObject.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToAnObject.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToAnObject.qlref b/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToAnObject.qlref new file mode 100644 index 0000000000..b48e298e04 --- /dev/null +++ b/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToAnObject.qlref @@ -0,0 +1 @@ +rules/RULE-7-4/StringLiteralAssignedToAnObject.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.expected b/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.qlref b/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.qlref new file mode 100644 index 0000000000..2a430a0c42 --- /dev/null +++ b/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.qlref @@ -0,0 +1 @@ +rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index 3f52afac5f..0a75bef10e 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -47,6 +47,7 @@ import Strings1 import Strings2 import Strings3 import Syntax +import Types /** The TQuery type representing this language * */ newtype TCQuery = @@ -94,7 +95,8 @@ newtype TCQuery = TStrings1PackageQuery(Strings1Query q) or TStrings2PackageQuery(Strings2Query q) or TStrings3PackageQuery(Strings3Query q) or - TSyntaxPackageQuery(SyntaxQuery q) + TSyntaxPackageQuery(SyntaxQuery q) or + TTypesPackageQuery(TypesQuery q) /** The metadata predicate * */ predicate isQueryMetadata(Query query, string queryId, string ruleId, string category) { @@ -142,5 +144,6 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isStrings1QueryMetadata(query, queryId, ruleId, category) or isStrings2QueryMetadata(query, queryId, ruleId, category) or isStrings3QueryMetadata(query, queryId, ruleId, category) or - isSyntaxQueryMetadata(query, queryId, ruleId, category) + isSyntaxQueryMetadata(query, queryId, ruleId, category) or + isTypesQueryMetadata(query, queryId, ruleId, category) } diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Types.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Types.qll index 79cf3550b1..f50d30d5f0 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Types.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Types.qll @@ -4,517 +4,92 @@ import RuleMetadata import codingstandards.cpp.exclusions.RuleMetadata newtype TypesQuery = - TPreventOrDetectDomainAndRangeErrorsInMathFunctionsQuery() or - TFloatingPointConversionsNotWithinRangeOfNewTypeQuery() or - TFloatingPointOfIntegralValuesLosePrecisionQuery() or - TObjectReprUsedForComparingFloatingPointValuesQuery() or - TEnsureThatUnsignedIntegerOperationsDoNotWrapQuery() or - TIntConversionCausesLostOrMisinterpretedDataQuery() or - TOperationsOnSignedIntegersResultsInOverflowQuery() or - TDivAndModOperationResultsInDivByZeroQuery() or - TExprShiftedByNegativeBitsOrGreaterThanOperandQuery() or - TUseCorrectIntegerPrecisionsQuery() or - TConvertingAPointerToIntegerOrIntegerToPointerQuery() or - TNumericTypedefsNotUsedInPlaceOfBasicNumericalTypesQuery() or - TOperandsOfAnInappropriateEssentialTypeQuery() or - TCharTypeExprsUsedInAddOrSubQuery() or - TAssignmentToIncompatibleEssentialTypeQuery() or - TArithConversionOperandHasDifferentEssTypeCategoryQuery() or - TValueCastToInappropriateEssentialTypeQuery() or - TCompositeExprValueAssignedToObjWithWiderEssTypeQuery() or - TConvertedCompExprOperandHasWiderEssTypeThanOtherQuery() or - TCompExprValCastToIncompatEssTypeQuery() or - TConstExprEvalCausesUnsignedIntWraparoundQuery() or - TArrayTypeParamAtSizeofOperandQuery() or - TLoopCounterHaveEssentiallyFloatingTypeQuery() or - TCtypeFuncNeitherReprAsUnsignedCharNorEOFQuery() or - TMemcmpUsedToCompareNullTerminatedStringsQuery() or - TMemcpyMemmoveMemcmpArgNotPointerToCompatTypesQuery() or - TMemcmpArgNotPtsToSignedUnsignedBooleanEnumEssTypeQuery() or - TBitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery() or - TSingleBitNamedBitFieldsOfASignedTypeQuery() or - TStringLiteralAssignedToObjPtrToConstQualifiedCharQuery() +TExprShiftedbyNegativeOrGreaterPrecisionOperandQuery() or +TConvertingAPointerToIntegerOrIntegerToPointerQuery() or +TPlainNumericalTypeUsedOverExplicitTypedefQuery() or +TSizeofOperatorUsedOnArrayTypeParamQuery() or +TStringLiteralAssignedToNonConstCharQuery() predicate isTypesQueryMetadata(Query query, string queryId, string ruleId, string category) { query = - // `Query` instance for the `preventOrDetectDomainAndRangeErrorsInMathFunctions` query - TypesPackage::preventOrDetectDomainAndRangeErrorsInMathFunctionsQuery() and + // `Query` instance for the `exprShiftedbyNegativeOrGreaterPrecisionOperand` query + TypesPackage::exprShiftedbyNegativeOrGreaterPrecisionOperandQuery() and queryId = - // `@id` for the `preventOrDetectDomainAndRangeErrorsInMathFunctions` query - "c/cert/prevent-or-detect-domain-and-range-errors-in-math-functions" and - ruleId = "FLP32-C" and - category = "rule" - or - query = - // `Query` instance for the `floatingPointConversionsNotWithinRangeOfNewType` query - TypesPackage::floatingPointConversionsNotWithinRangeOfNewTypeQuery() and - queryId = - // `@id` for the `floatingPointConversionsNotWithinRangeOfNewType` query - "c/cert/floating-point-conversions-not-within-range-of-new-type" and - ruleId = "FLP34-C" and - category = "rule" - or - query = - // `Query` instance for the `floatingPointOfIntegralValuesLosePrecision` query - TypesPackage::floatingPointOfIntegralValuesLosePrecisionQuery() and - queryId = - // `@id` for the `floatingPointOfIntegralValuesLosePrecision` query - "c/cert/floating-point-of-integral-values-lose-precision" and - ruleId = "FLP36-C" and - category = "rule" - or - query = - // `Query` instance for the `objectReprUsedForComparingFloatingPointValues` query - TypesPackage::objectReprUsedForComparingFloatingPointValuesQuery() and - queryId = - // `@id` for the `objectReprUsedForComparingFloatingPointValues` query - "c/cert/object-repr-used-for-comparing-floating-point-values" and - ruleId = "FLP37-C" and - category = "rule" - or - query = - // `Query` instance for the `ensureThatUnsignedIntegerOperationsDoNotWrap` query - TypesPackage::ensureThatUnsignedIntegerOperationsDoNotWrapQuery() and - queryId = - // `@id` for the `ensureThatUnsignedIntegerOperationsDoNotWrap` query - "c/cert/ensure-that-unsigned-integer-operations-do-not-wrap" and - ruleId = "INT30-C" and - category = "rule" - or - query = - // `Query` instance for the `intConversionCausesLostOrMisinterpretedData` query - TypesPackage::intConversionCausesLostOrMisinterpretedDataQuery() and - queryId = - // `@id` for the `intConversionCausesLostOrMisinterpretedData` query - "c/cert/int-conversion-causes-lost-or-misinterpreted-data" and - ruleId = "INT31-C" and - category = "rule" - or - query = - // `Query` instance for the `operationsOnSignedIntegersResultsInOverflow` query - TypesPackage::operationsOnSignedIntegersResultsInOverflowQuery() and - queryId = - // `@id` for the `operationsOnSignedIntegersResultsInOverflow` query - "c/cert/operations-on-signed-integers-results-in-overflow" and - ruleId = "INT32-C" and - category = "rule" - or - query = - // `Query` instance for the `divAndModOperationResultsInDivByZero` query - TypesPackage::divAndModOperationResultsInDivByZeroQuery() and - queryId = - // `@id` for the `divAndModOperationResultsInDivByZero` query - "c/cert/div-and-mod-operation-results-in-div-by-zero" and - ruleId = "INT33-C" and - category = "rule" - or - query = - // `Query` instance for the `exprShiftedByNegativeBitsOrGreaterThanOperand` query - TypesPackage::exprShiftedByNegativeBitsOrGreaterThanOperandQuery() and - queryId = - // `@id` for the `exprShiftedByNegativeBitsOrGreaterThanOperand` query - "c/cert/expr-shifted-by-negative-bits-or-greater-than-operand" and + // `@id` for the `exprShiftedbyNegativeOrGreaterPrecisionOperand` query + "c/cert/expr-shiftedby-negative-or-greater-precision-operand" and ruleId = "INT34-C" and category = "rule" or - query = - // `Query` instance for the `useCorrectIntegerPrecisions` query - TypesPackage::useCorrectIntegerPrecisionsQuery() and - queryId = - // `@id` for the `useCorrectIntegerPrecisions` query - "c/cert/use-correct-integer-precisions" and - ruleId = "INT35-C" and - category = "rule" - or query = // `Query` instance for the `convertingAPointerToIntegerOrIntegerToPointer` query - TypesPackage::convertingAPointerToIntegerOrIntegerToPointerQuery() and + TypesPackage::convertingAPointerToIntegerOrIntegerToPointerQuery() and queryId = // `@id` for the `convertingAPointerToIntegerOrIntegerToPointer` query - "c/cert/converting-a-pointer-to-integer-or-integer-to-pointer" and + "c/cert/converting-a-pointer-to-integer-or-integer-to-pointer" and ruleId = "INT36-C" and category = "rule" or query = - // `Query` instance for the `numericTypedefsNotUsedInPlaceOfBasicNumericalTypes` query - TypesPackage::numericTypedefsNotUsedInPlaceOfBasicNumericalTypesQuery() and + // `Query` instance for the `plainNumericalTypeUsedOverExplicitTypedef` query + TypesPackage::plainNumericalTypeUsedOverExplicitTypedefQuery() and queryId = - // `@id` for the `numericTypedefsNotUsedInPlaceOfBasicNumericalTypes` query - "c/misra/numeric-typedefs-not-used-in-place-of-basic-numerical-types" and + // `@id` for the `plainNumericalTypeUsedOverExplicitTypedef` query + "c/misra/plain-numerical-type-used-over-explicit-typedef" and ruleId = "DIR-4-6" and category = "advisory" or query = - // `Query` instance for the `operandsOfAnInappropriateEssentialType` query - TypesPackage::operandsOfAnInappropriateEssentialTypeQuery() and - queryId = - // `@id` for the `operandsOfAnInappropriateEssentialType` query - "c/misra/operands-of-an-inappropriate-essential-type" and - ruleId = "RULE-10-1" and - category = "required" - or - query = - // `Query` instance for the `charTypeExprsUsedInAddOrSub` query - TypesPackage::charTypeExprsUsedInAddOrSubQuery() and - queryId = - // `@id` for the `charTypeExprsUsedInAddOrSub` query - "c/misra/char-type-exprs-used-in-add-or-sub" and - ruleId = "RULE-10-2" and - category = "required" - or - query = - // `Query` instance for the `assignmentToIncompatibleEssentialType` query - TypesPackage::assignmentToIncompatibleEssentialTypeQuery() and - queryId = - // `@id` for the `assignmentToIncompatibleEssentialType` query - "c/misra/assignment-to-incompatible-essential-type" and - ruleId = "RULE-10-3" and - category = "required" - or - query = - // `Query` instance for the `arithConversionOperandHasDifferentEssTypeCategory` query - TypesPackage::arithConversionOperandHasDifferentEssTypeCategoryQuery() and - queryId = - // `@id` for the `arithConversionOperandHasDifferentEssTypeCategory` query - "c/misra/arith-conversion-operand-has-different-ess-type-category" and - ruleId = "RULE-10-4" and - category = "required" - or - query = - // `Query` instance for the `valueCastToInappropriateEssentialType` query - TypesPackage::valueCastToInappropriateEssentialTypeQuery() and - queryId = - // `@id` for the `valueCastToInappropriateEssentialType` query - "c/misra/value-cast-to-inappropriate-essential-type" and - ruleId = "RULE-10-5" and - category = "advisory" - or - query = - // `Query` instance for the `compositeExprValueAssignedToObjWithWiderEssType` query - TypesPackage::compositeExprValueAssignedToObjWithWiderEssTypeQuery() and + // `Query` instance for the `sizeofOperatorUsedOnArrayTypeParam` query + TypesPackage::sizeofOperatorUsedOnArrayTypeParamQuery() and queryId = - // `@id` for the `compositeExprValueAssignedToObjWithWiderEssType` query - "c/misra/composite-expr-value-assigned-to-obj-with-wider-ess-type" and - ruleId = "RULE-10-6" and - category = "required" - or - query = - // `Query` instance for the `convertedCompExprOperandHasWiderEssTypeThanOther` query - TypesPackage::convertedCompExprOperandHasWiderEssTypeThanOtherQuery() and - queryId = - // `@id` for the `convertedCompExprOperandHasWiderEssTypeThanOther` query - "c/misra/converted-comp-expr-operand-has-wider-ess-type-than-other" and - ruleId = "RULE-10-7" and - category = "required" - or - query = - // `Query` instance for the `compExprValCastToIncompatEssType` query - TypesPackage::compExprValCastToIncompatEssTypeQuery() and - queryId = - // `@id` for the `compExprValCastToIncompatEssType` query - "c/misra/comp-expr-val-cast-to-incompat-ess-type" and - ruleId = "RULE-10-8" and - category = "required" - or - query = - // `Query` instance for the `constExprEvalCausesUnsignedIntWraparound` query - TypesPackage::constExprEvalCausesUnsignedIntWraparoundQuery() and - queryId = - // `@id` for the `constExprEvalCausesUnsignedIntWraparound` query - "c/misra/const-expr-eval-causes-unsigned-int-wraparound" and - ruleId = "RULE-12-4" and - category = "advisory" - or - query = - // `Query` instance for the `arrayTypeParamAtSizeofOperand` query - TypesPackage::arrayTypeParamAtSizeofOperandQuery() and - queryId = - // `@id` for the `arrayTypeParamAtSizeofOperand` query - "c/misra/array-type-param-at-sizeof-operand" and + // `@id` for the `sizeofOperatorUsedOnArrayTypeParam` query + "c/misra/sizeof-operator-used-on-array-type-param" and ruleId = "RULE-12-5" and category = "mandatory" or query = - // `Query` instance for the `loopCounterHaveEssentiallyFloatingType` query - TypesPackage::loopCounterHaveEssentiallyFloatingTypeQuery() and + // `Query` instance for the `stringLiteralAssignedToNonConstChar` query + TypesPackage::stringLiteralAssignedToNonConstCharQuery() and queryId = - // `@id` for the `loopCounterHaveEssentiallyFloatingType` query - "c/misra/loop-counter-have-essentially-floating-type" and - ruleId = "RULE-14-1" and - category = "required" - or - query = - // `Query` instance for the `ctypeFuncNeitherReprAsUnsignedCharNorEOF` query - TypesPackage::ctypeFuncNeitherReprAsUnsignedCharNorEOFQuery() and - queryId = - // `@id` for the `ctypeFuncNeitherReprAsUnsignedCharNorEOF` query - "c/misra/ctype-func-neither-repr-as-unsigned-char-nor-eof" and - ruleId = "RULE-21-13" and - category = "mandatory" - or - query = - // `Query` instance for the `memcmpUsedToCompareNullTerminatedStrings` query - TypesPackage::memcmpUsedToCompareNullTerminatedStringsQuery() and - queryId = - // `@id` for the `memcmpUsedToCompareNullTerminatedStrings` query - "c/misra/memcmp-used-to-compare-null-terminated-strings" and - ruleId = "RULE-21-14" and - category = "required" - or - query = - // `Query` instance for the `memcpyMemmoveMemcmpArgNotPointerToCompatTypes` query - TypesPackage::memcpyMemmoveMemcmpArgNotPointerToCompatTypesQuery() and - queryId = - // `@id` for the `memcpyMemmoveMemcmpArgNotPointerToCompatTypes` query - "c/misra/memcpy-memmove-memcmp-arg-not-pointer-to-compat-types" and - ruleId = "RULE-21-15" and - category = "required" - or - query = - // `Query` instance for the `memcmpArgNotPtsToSignedUnsignedBooleanEnumEssType` query - TypesPackage::memcmpArgNotPtsToSignedUnsignedBooleanEnumEssTypeQuery() and - queryId = - // `@id` for the `memcmpArgNotPtsToSignedUnsignedBooleanEnumEssType` query - "c/misra/memcmp-arg-not-pts-to-signed-unsigned-boolean-enum-ess-type" and - ruleId = "RULE-21-16" and - category = "required" - or - query = - // `Query` instance for the `bitFieldsShallOnlyBeDeclaredWithAnAppropriateType` query - TypesPackage::bitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery() and - queryId = - // `@id` for the `bitFieldsShallOnlyBeDeclaredWithAnAppropriateType` query - "c/misra/bit-fields-shall-only-be-declared-with-an-appropriate-type" and - ruleId = "RULE-6-1" and - category = "required" - or - query = - // `Query` instance for the `singleBitNamedBitFieldsOfASignedType` query - TypesPackage::singleBitNamedBitFieldsOfASignedTypeQuery() and - queryId = - // `@id` for the `singleBitNamedBitFieldsOfASignedType` query - "c/misra/single-bit-named-bit-fields-of-a-signed-type" and - ruleId = "RULE-6-2" and - category = "required" - or - query = - // `Query` instance for the `stringLiteralAssignedToObjPtrToConstQualifiedChar` query - TypesPackage::stringLiteralAssignedToObjPtrToConstQualifiedCharQuery() and - queryId = - // `@id` for the `stringLiteralAssignedToObjPtrToConstQualifiedChar` query - "c/misra/string-literal-assigned-to-obj-ptr-to-const-qualified-char" and + // `@id` for the `stringLiteralAssignedToNonConstChar` query + "c/misra/string-literal-assigned-to-non-const-char" and ruleId = "RULE-7-4" and category = "required" } module TypesPackage { - Query preventOrDetectDomainAndRangeErrorsInMathFunctionsQuery() { - //autogenerate `Query` type - result = - // `Query` type for `preventOrDetectDomainAndRangeErrorsInMathFunctions` query - TQueryC(TTypesPackageQuery(TPreventOrDetectDomainAndRangeErrorsInMathFunctionsQuery())) - } - - Query floatingPointConversionsNotWithinRangeOfNewTypeQuery() { - //autogenerate `Query` type - result = - // `Query` type for `floatingPointConversionsNotWithinRangeOfNewType` query - TQueryC(TTypesPackageQuery(TFloatingPointConversionsNotWithinRangeOfNewTypeQuery())) - } - - Query floatingPointOfIntegralValuesLosePrecisionQuery() { - //autogenerate `Query` type - result = - // `Query` type for `floatingPointOfIntegralValuesLosePrecision` query - TQueryC(TTypesPackageQuery(TFloatingPointOfIntegralValuesLosePrecisionQuery())) - } - - Query objectReprUsedForComparingFloatingPointValuesQuery() { - //autogenerate `Query` type - result = - // `Query` type for `objectReprUsedForComparingFloatingPointValues` query - TQueryC(TTypesPackageQuery(TObjectReprUsedForComparingFloatingPointValuesQuery())) - } - - Query ensureThatUnsignedIntegerOperationsDoNotWrapQuery() { +Query exprShiftedbyNegativeOrGreaterPrecisionOperandQuery() { //autogenerate `Query` type - result = - // `Query` type for `ensureThatUnsignedIntegerOperationsDoNotWrap` query - TQueryC(TTypesPackageQuery(TEnsureThatUnsignedIntegerOperationsDoNotWrapQuery())) - } - - Query intConversionCausesLostOrMisinterpretedDataQuery() { - //autogenerate `Query` type - result = - // `Query` type for `intConversionCausesLostOrMisinterpretedData` query - TQueryC(TTypesPackageQuery(TIntConversionCausesLostOrMisinterpretedDataQuery())) - } - - Query operationsOnSignedIntegersResultsInOverflowQuery() { - //autogenerate `Query` type - result = - // `Query` type for `operationsOnSignedIntegersResultsInOverflow` query - TQueryC(TTypesPackageQuery(TOperationsOnSignedIntegersResultsInOverflowQuery())) - } - - Query divAndModOperationResultsInDivByZeroQuery() { - //autogenerate `Query` type - result = - // `Query` type for `divAndModOperationResultsInDivByZero` query - TQueryC(TTypesPackageQuery(TDivAndModOperationResultsInDivByZeroQuery())) - } - - Query exprShiftedByNegativeBitsOrGreaterThanOperandQuery() { - //autogenerate `Query` type - result = - // `Query` type for `exprShiftedByNegativeBitsOrGreaterThanOperand` query - TQueryC(TTypesPackageQuery(TExprShiftedByNegativeBitsOrGreaterThanOperandQuery())) - } - - Query useCorrectIntegerPrecisionsQuery() { - //autogenerate `Query` type - result = - // `Query` type for `useCorrectIntegerPrecisions` query - TQueryC(TTypesPackageQuery(TUseCorrectIntegerPrecisionsQuery())) - } + result = + // `Query` type for `exprShiftedbyNegativeOrGreaterPrecisionOperand` query + TQueryC(TTypesPackageQuery(TExprShiftedbyNegativeOrGreaterPrecisionOperandQuery())) +} - Query convertingAPointerToIntegerOrIntegerToPointerQuery() { +Query convertingAPointerToIntegerOrIntegerToPointerQuery() { //autogenerate `Query` type - result = + result = // `Query` type for `convertingAPointerToIntegerOrIntegerToPointer` query - TQueryC(TTypesPackageQuery(TConvertingAPointerToIntegerOrIntegerToPointerQuery())) - } - - Query numericTypedefsNotUsedInPlaceOfBasicNumericalTypesQuery() { - //autogenerate `Query` type - result = - // `Query` type for `numericTypedefsNotUsedInPlaceOfBasicNumericalTypes` query - TQueryC(TTypesPackageQuery(TNumericTypedefsNotUsedInPlaceOfBasicNumericalTypesQuery())) - } - - Query operandsOfAnInappropriateEssentialTypeQuery() { - //autogenerate `Query` type - result = - // `Query` type for `operandsOfAnInappropriateEssentialType` query - TQueryC(TTypesPackageQuery(TOperandsOfAnInappropriateEssentialTypeQuery())) - } - - Query charTypeExprsUsedInAddOrSubQuery() { - //autogenerate `Query` type - result = - // `Query` type for `charTypeExprsUsedInAddOrSub` query - TQueryC(TTypesPackageQuery(TCharTypeExprsUsedInAddOrSubQuery())) - } - - Query assignmentToIncompatibleEssentialTypeQuery() { - //autogenerate `Query` type - result = - // `Query` type for `assignmentToIncompatibleEssentialType` query - TQueryC(TTypesPackageQuery(TAssignmentToIncompatibleEssentialTypeQuery())) - } - - Query arithConversionOperandHasDifferentEssTypeCategoryQuery() { - //autogenerate `Query` type - result = - // `Query` type for `arithConversionOperandHasDifferentEssTypeCategory` query - TQueryC(TTypesPackageQuery(TArithConversionOperandHasDifferentEssTypeCategoryQuery())) - } - - Query valueCastToInappropriateEssentialTypeQuery() { - //autogenerate `Query` type - result = - // `Query` type for `valueCastToInappropriateEssentialType` query - TQueryC(TTypesPackageQuery(TValueCastToInappropriateEssentialTypeQuery())) - } - - Query compositeExprValueAssignedToObjWithWiderEssTypeQuery() { - //autogenerate `Query` type - result = - // `Query` type for `compositeExprValueAssignedToObjWithWiderEssType` query - TQueryC(TTypesPackageQuery(TCompositeExprValueAssignedToObjWithWiderEssTypeQuery())) - } - - Query convertedCompExprOperandHasWiderEssTypeThanOtherQuery() { - //autogenerate `Query` type - result = - // `Query` type for `convertedCompExprOperandHasWiderEssTypeThanOther` query - TQueryC(TTypesPackageQuery(TConvertedCompExprOperandHasWiderEssTypeThanOtherQuery())) - } - - Query compExprValCastToIncompatEssTypeQuery() { - //autogenerate `Query` type - result = - // `Query` type for `compExprValCastToIncompatEssType` query - TQueryC(TTypesPackageQuery(TCompExprValCastToIncompatEssTypeQuery())) - } - - Query constExprEvalCausesUnsignedIntWraparoundQuery() { - //autogenerate `Query` type - result = - // `Query` type for `constExprEvalCausesUnsignedIntWraparound` query - TQueryC(TTypesPackageQuery(TConstExprEvalCausesUnsignedIntWraparoundQuery())) - } - - Query arrayTypeParamAtSizeofOperandQuery() { - //autogenerate `Query` type - result = - // `Query` type for `arrayTypeParamAtSizeofOperand` query - TQueryC(TTypesPackageQuery(TArrayTypeParamAtSizeofOperandQuery())) - } - - Query loopCounterHaveEssentiallyFloatingTypeQuery() { - //autogenerate `Query` type - result = - // `Query` type for `loopCounterHaveEssentiallyFloatingType` query - TQueryC(TTypesPackageQuery(TLoopCounterHaveEssentiallyFloatingTypeQuery())) - } - - Query ctypeFuncNeitherReprAsUnsignedCharNorEOFQuery() { - //autogenerate `Query` type - result = - // `Query` type for `ctypeFuncNeitherReprAsUnsignedCharNorEOF` query - TQueryC(TTypesPackageQuery(TCtypeFuncNeitherReprAsUnsignedCharNorEOFQuery())) - } - - Query memcmpUsedToCompareNullTerminatedStringsQuery() { - //autogenerate `Query` type - result = - // `Query` type for `memcmpUsedToCompareNullTerminatedStrings` query - TQueryC(TTypesPackageQuery(TMemcmpUsedToCompareNullTerminatedStringsQuery())) - } - - Query memcpyMemmoveMemcmpArgNotPointerToCompatTypesQuery() { - //autogenerate `Query` type - result = - // `Query` type for `memcpyMemmoveMemcmpArgNotPointerToCompatTypes` query - TQueryC(TTypesPackageQuery(TMemcpyMemmoveMemcmpArgNotPointerToCompatTypesQuery())) - } - - Query memcmpArgNotPtsToSignedUnsignedBooleanEnumEssTypeQuery() { - //autogenerate `Query` type - result = - // `Query` type for `memcmpArgNotPtsToSignedUnsignedBooleanEnumEssType` query - TQueryC(TTypesPackageQuery(TMemcmpArgNotPtsToSignedUnsignedBooleanEnumEssTypeQuery())) - } + TQueryC(TTypesPackageQuery(TConvertingAPointerToIntegerOrIntegerToPointerQuery())) +} - Query bitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery() { +Query plainNumericalTypeUsedOverExplicitTypedefQuery() { //autogenerate `Query` type - result = - // `Query` type for `bitFieldsShallOnlyBeDeclaredWithAnAppropriateType` query - TQueryC(TTypesPackageQuery(TBitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery())) - } + result = + // `Query` type for `plainNumericalTypeUsedOverExplicitTypedef` query + TQueryC(TTypesPackageQuery(TPlainNumericalTypeUsedOverExplicitTypedefQuery())) +} - Query singleBitNamedBitFieldsOfASignedTypeQuery() { +Query sizeofOperatorUsedOnArrayTypeParamQuery() { //autogenerate `Query` type - result = - // `Query` type for `singleBitNamedBitFieldsOfASignedType` query - TQueryC(TTypesPackageQuery(TSingleBitNamedBitFieldsOfASignedTypeQuery())) - } + result = + // `Query` type for `sizeofOperatorUsedOnArrayTypeParam` query + TQueryC(TTypesPackageQuery(TSizeofOperatorUsedOnArrayTypeParamQuery())) +} - Query stringLiteralAssignedToObjPtrToConstQualifiedCharQuery() { +Query stringLiteralAssignedToNonConstCharQuery() { //autogenerate `Query` type - result = - // `Query` type for `stringLiteralAssignedToObjPtrToConstQualifiedChar` query - TQueryC(TTypesPackageQuery(TStringLiteralAssignedToObjPtrToConstQualifiedCharQuery())) - } + result = + // `Query` type for `stringLiteralAssignedToNonConstChar` query + TQueryC(TTypesPackageQuery(TStringLiteralAssignedToNonConstCharQuery())) +} } diff --git a/rule_packages/c/Types.json b/rule_packages/c/Types.json new file mode 100644 index 0000000000..0324a637a3 --- /dev/null +++ b/rule_packages/c/Types.json @@ -0,0 +1,482 @@ +{ + "CERT-C": { + "FLP32-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "TODO.", + "kind": "problem", + "name": "Prevent or detect domain and range errors in math functions", + "precision": "very-high", + "severity": "error", + "short_name": "PreventOrDetectDomainAndRangeErrorsInMathFunctions", + "tags": [] + } + ], + "title": "Prevent or detect domain and range errors in math functions" + }, + "FLP34-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "TODO.", + "kind": "problem", + "name": "Ensure that floating-point conversions are within range of the new type", + "precision": "very-high", + "severity": "error", + "short_name": "EnsureThatFloatingPointConversionsAreWithinRangeOf", + "tags": [] + } + ], + "title": "Ensure that floating-point conversions are within range of the new type" + }, + "FLP36-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "TODO.", + "kind": "problem", + "name": "Preserve precision when converting integral values to floating-point type", + "precision": "very-high", + "severity": "error", + "short_name": "PreservePrecisionWhenConverting", + "tags": [] + } + ], + "title": "Preserve precision when converting integral values to floating-point type" + }, + "FLP37-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "TODO.", + "kind": "problem", + "name": "Do not use object representations to compare floating-point values", + "precision": "very-high", + "severity": "error", + "short_name": "DoNotUseObjectRepresentations", + "tags": [] + } + ], + "title": "Do not use object representations to compare floating-point values" + }, + "INT30-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "TODO.", + "kind": "problem", + "name": "Ensure that unsigned integer operations do not wrap", + "precision": "high", + "severity": "error", + "short_name": "EnsureThatUnsigne", + "tags": [] + } + ], + "title": "Ensure that unsigned integer operations do not wrap" + }, + "INT31-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "TODO.", + "kind": "problem", + "name": "Ensure that integer conversions do not result in lost or misinterpreted data", + "precision": "high", + "severity": "error", + "short_name": "EnsureThatIntegerConversionsD", + "tags": [] + } + ], + "title": "Ensure that integer conversions do not result in lost or misinterpreted data" + }, + "INT32-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "TODO.", + "kind": "problem", + "name": "Ensure that operations on signed integers do not result in overflow", + "precision": "high", + "severity": "error", + "short_name": "EnsureThatOperationsOnSignedInt", + "tags": [] + } + ], + "title": "Ensure that operations on signed integers do not result in overflow" + }, + "INT33-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "TODO.", + "kind": "problem", + "name": "Ensure that division and remainder operations do not result in divide-by-zero errors", + "precision": "high", + "severity": "error", + "short_name": "EnsureThatDivisionAndRemainderO", + "tags": [] + } + ], + "title": "Ensure that division and remainder operations do not result in divide-by-zero errors" + }, + "INT34-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Shifting an expression by an operand that is negative or of precision greater or equal to that or the another causes representational error.", + "kind": "problem", + "name": "Bit shift should not be done by a negative operand or an operand of greater-or-equal precision than that of another", + "precision": "very-high", + "severity": "error", + "short_name": "ExprShiftedbyNegativeOrGreaterPrecisionOperand", + "tags": [] + } + ], + "title": "Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand" + }, + "INT35-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "TODO.", + "kind": "problem", + "name": "Use correct integer precisions", + "precision": "high", + "severity": "error", + "short_name": "UseCorrectIntegerPrecisions", + "tags": [] + } + ], + "title": "Use correct integer precisions" + }, + "INT36-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Converting between pointers and integers is not portable and might cause invalid memory access.", + "kind": "problem", + "name": "Do not convert pointers to integers and back", + "precision": "very-high", + "severity": "error", + "short_name": "ConvertingAPointerToIntegerOrIntegerToPointer", + "tags": [] + } + ], + "title": "Converting a pointer to integer or integer to pointer" + } + }, + "MISRA-C-2012": { + "DIR-4-6": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "Using plain numerical types over typedefs with explicit sign and bit counts may lead to confusion on how much bits are allocated for a value.", + "kind": "problem", + "name": "Do not use plain numerical types over typedefs named after their explicit bit layout", + "precision": "high", + "severity": "error", + "short_name": "PlainNumericalTypeUsedOverExplicitTypedef", + "tags": [] + } + ], + "title": "typedefs that indicate size and signedness should be used in place of the basic numerical types" + }, + "RULE-10-1": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "TODO.", + "kind": "problem", + "name": "Operands shall not be of an inappropriate essential type", + "precision": "high", + "severity": "error", + "short_name": "OperandsOfAnInappropriateEssentialType", + "tags": [] + } + ], + "title": "Operands shall not be of an inappropriate essential type" + }, + "RULE-10-2": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations.", + "kind": "problem", + "name": "Expressions of essentially character type shall not be used inappropriately in addition and", + "precision": "very-high", + "severity": "error", + "short_name": "ExpressionsOfEssentiallyCharacterTypeUse", + "tags": [] + } + ], + "title": "Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations" + }, + "RULE-10-3": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "The value of an expression shall not be assigned to an object with a narrower essential type or of a different essential type category.", + "kind": "problem", + "name": "The value of an expression shall not be assigned to an object with a narrower essential type or of a", + "precision": "high", + "severity": "error", + "short_name": "ValueOfAnExpressionAssignedToAnObjectWit", + "tags": [] + } + ], + "title": "The value of an expression shall not be assigned to an object with a narrower essential type or of a different essential type category" + }, + "RULE-10-4": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Both operands of an operator in which the usual arithmetic conversions are performed shall have the same essential type category.", + "kind": "problem", + "name": "Both operands of an operator in which the usual arithmetic conversions are performed shall have the", + "precision": "very-high", + "severity": "error", + "short_name": "BothOperandsOfAnOperatorInWhichT", + "tags": [] + } + ], + "title": "Both operands of an operator in which the usual arithmetic conversions are performed shall have the same essential type category" + }, + "RULE-10-5": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "TODO.", + "kind": "problem", + "name": "The value of an expression should not be cast to an inappropriate essential type", + "precision": "very-high", + "severity": "error", + "short_name": "ValueOfAnExpressionShouldNotBe", + "tags": [] + } + ], + "title": "The value of an expression should not be cast to an inappropriate essential type" + }, + "RULE-10-6": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "TODO.", + "kind": "problem", + "name": "The value of a composite expression shall not be assigned to an object with wider essential type", + "precision": "very-high", + "severity": "error", + "short_name": "ValueOfACompositeExpressionA", + "tags": [] + } + ], + "title": "The value of a composite expression shall not be assigned to an object with wider essential type" + }, + "RULE-10-7": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "If a composite expression is used as one operand of an operator in which the usual arithmetic conversions are performed then the other operand shall not have wider essential type.", + "kind": "problem", + "name": "If a composite expression is used as one operand of an operator in which the usual arithmetic", + "precision": "very-high", + "severity": "error", + "short_name": "IfACompositeExpressionIsUsedAsOneOperandO", + "tags": [] + } + ], + "title": "If a composite expression is used as one operand of an operator in which the usual arithmetic conversions are performed then the other operand shall not have wider essential type" + }, + "RULE-10-8": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "The value of a composite expression shall not be cast to a different essential type category or a wider essential type.", + "kind": "problem", + "name": "The value of a composite expression shall not be cast to a different essential type category or a", + "precision": "very-high", + "severity": "error", + "short_name": "ValueOfACompositeExpressionCastTo", + "tags": [] + } + ], + "title": "The value of a composite expression shall not be cast to a different essential type category or a wider essential type" + }, + "RULE-12-4": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "TODO.", + "kind": "problem", + "name": "Evaluation of constant expressions should not lead to unsigned integer wrap-around", + "precision": "very-high", + "severity": "error", + "short_name": "EvaluationOfConstantExpres", + "tags": [] + } + ], + "title": "Evaluation of constant expressions should not lead to unsigned integer wrap-around" + }, + "RULE-12-5": { + "properties": { + "obligation": "mandatory" + }, + "queries": [ + { + "description": "Using sizeof operator on an array type function parameter leads to unintended results.", + "kind": "problem", + "name": "The sizeof operator should not be used on an array type function parameter.", + "precision": "very-high", + "severity": "error", + "short_name": "SizeofOperatorUsedOnArrayTypeParam", + "tags": [] + } + ], + "title": "The sizeof operator shall not have an operand which is a function parameter declared as 'array of type'" + }, + "RULE-14-1": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "TODO.", + "kind": "problem", + "name": "A loop counter shall not have essentially floating type", + "precision": "high", + "severity": "error", + "short_name": "LoopCounterHaveEssentiallyFloatingType", + "tags": [] + } + ], + "title": "A loop counter shall not have essentially floating type" + }, + "RULE-21-13": { + "properties": { + "obligation": "mandatory" + }, + "queries": [ + { + "description": "Any value passed to a function in shall be representable as an unsigned char or be the value EOF.", + "kind": "problem", + "name": "Any value passed to a function in shall be representable as an unsigned char or be the", + "precision": "very-high", + "severity": "error", + "short_name": "ValuePassedToAFunctionInCtypehN", + "tags": [] + } + ], + "title": "Any value passed to a function in shall be representable as an unsigned char or be the value EOF" + }, + "RULE-21-14": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "TODO.", + "kind": "problem", + "name": "The Standard Library function memcmp shall not be used to compare null terminated strings", + "precision": "high", + "severity": "error", + "short_name": "StandardLibraryFunctionMemcmp", + "tags": [] + } + ], + "title": "The Standard Library function memcmp shall not be used to compare null terminated strings" + }, + "RULE-21-15": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "The pointer arguments to the Standard Library functions memcpy, memmove and memcmp shall be pointers to qualified or unqualified versions of compatible types.", + "kind": "problem", + "name": "The pointer arguments to the Standard Library functions memcpy, memmove and memcmp shall be pointers", + "precision": "very-high", + "severity": "error", + "short_name": "PointerArgumentsToTheStandardLibraryFunctionsM", + "tags": [] + } + ], + "title": "The pointer arguments to the Standard Library functions memcpy, memmove and memcmp shall be pointers to qualified or unqualified versions of compatible types" + }, + "RULE-21-16": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "The pointer arguments to the Standard Library function memcmp shall point to either a pointer type, an essentially signed type, an essentially unsigned type, an essentially Boolean type or an essentially enum type.", + "kind": "problem", + "name": "The pointer arguments to the Standard Library function memcmp shall point to either a pointer type,", + "precision": "very-high", + "severity": "error", + "short_name": "PointerArgumentsToTheStandardLibraryFunctionM", + "tags": [] + } + ], + "title": "The pointer arguments to the Standard Library function memcmp shall point to either a pointer type, an essentially signed type, an essentially unsigned type, an essentially Boolean type or an essentially enum type" + }, + "RULE-7-4": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Assigning string literal to a variable with type other than a pointer to const char and modifying it causes undefined behavior .", + "kind": "problem", + "name": "A string literal shall only be assigned to a pointer to const char.", + "precision": "very-high", + "severity": "error", + "short_name": "StringLiteralAssignedToNonConstChar", + "tags": [] + } + ], + "title": "A string literal shall not be assigned to an object unless the object's type is 'pointer to const-qualified char'" + } + } +} From d5259e29a97a65aac9a9215771fc37f0d9f0bece Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Fri, 24 Feb 2023 16:30:03 -0800 Subject: [PATCH 0524/2573] Create test.c for RULE-12-5 --- .codeql-version | 1 + 1 file changed, 1 insertion(+) create mode 100644 .codeql-version diff --git a/.codeql-version b/.codeql-version new file mode 100644 index 0000000000..a2f50868e6 --- /dev/null +++ b/.codeql-version @@ -0,0 +1 @@ +v2.9.4 From c6682eb316e4805fe7a37fb84537c5ac43f5f2ea Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Fri, 24 Feb 2023 16:32:14 -0800 Subject: [PATCH 0525/2573] Remove file staged by mistake and really add test.c --- .codeql-version | 1 - c/misra/test/rules/RULE-12-5/test.c | 35 +++++++++++++++++++++++++++++ 2 files changed, 35 insertions(+), 1 deletion(-) delete mode 100644 .codeql-version create mode 100644 c/misra/test/rules/RULE-12-5/test.c diff --git a/.codeql-version b/.codeql-version deleted file mode 100644 index a2f50868e6..0000000000 --- a/.codeql-version +++ /dev/null @@ -1 +0,0 @@ -v2.9.4 diff --git a/c/misra/test/rules/RULE-12-5/test.c b/c/misra/test/rules/RULE-12-5/test.c new file mode 100644 index 0000000000..d1cea0f8e3 --- /dev/null +++ b/c/misra/test/rules/RULE-12-5/test.c @@ -0,0 +1,35 @@ +#include + +void sample(int32_t nums[4], const char string[], int32_t x) { + for (int i = 0; + i < sizeof(nums) / // NON_COMPLIANT: `sizeof` directly invoked on `nums` + sizeof(int32_t); + i++) { + printf("%d\n", nums[i]); + } + + for (int i = 0; + i < sizeof(string) / // NON_COMPLIANT: directly invoked on `string` + sizeof(char); + i++) { + printf("%c", string[i]); + } + + printf("%d\n", sizeof(x)); // COMPLIANT: `x` not a array type parameter + + char local_string[5] = "abcd"; + printf( + "%d\n", + sizeof( + local_string)); // COMPLIANT: `local_string` not a function parameter + + const char *string = (const char *)string; + + for (int i = 0; + i < sizeof(string) / // COMPLIANT: not a parameter access anymore, now a + // const char* variable declared in the body + sizeof(char); + i++) { + printf("%c", string[i]); + } +} \ No newline at end of file From e3c2298c5e39a0a1a0fbef492a52695850b89149 Mon Sep 17 00:00:00 2001 From: Shadi Samadi Date: Sat, 25 Feb 2023 20:30:20 +1100 Subject: [PATCH 0526/2573] Added implementation for 15-3 --- .../RULE-15-3/GotoLabelBlockCondition.ql | 30 ++++++-- .../GotoLabelBlockCondition.expected | 4 +- c/misra/test/rules/RULE-15-3/test.c | 69 +++++++++++++++++++ rule_packages/c/Statements2.json | 11 +-- 4 files changed, 103 insertions(+), 11 deletions(-) create mode 100644 c/misra/test/rules/RULE-15-3/test.c diff --git a/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql b/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql index f4388a0818..7b941f3669 100644 --- a/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql +++ b/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql @@ -1,19 +1,37 @@ /** * @id c/misra/goto-label-block-condition - * @name RULE-15-3: Any label referenced by a goto statement shall be declared in the same block, or in any block + * @name RULE-15-3: The goto statement and any of its label shall be declared or enclosed in the same block. * @description Any label referenced by a goto statement shall be declared in the same block, or in * any block enclosing the goto statement * @kind problem - * @precision very-high - * @problem.severity error + * @precision high + * @problem.severity recommendation * @tags external/misra/id/rule-15-3 + * maintainability + * readability * external/misra/obligation/required */ import cpp import codingstandards.c.misra -from +from GotoStmt goto where - not isExcluded(x, Statements2Package::gotoLabelBlockConditionQuery()) and -select + not isExcluded(goto, Statements2Package::gotoLabelBlockConditionQuery()) and + not goto.getEnclosingBlock+() = goto.getTarget().getEnclosingBlock() + or + exists(SwitchStmt switch, int caseLocation, int nextCaseLocation | + switch.getAChild*() = goto and + switch.getASwitchCase().getLocation().getStartLine() = caseLocation and + switch.getASwitchCase().getNextSwitchCase().getLocation().getStartLine() = nextCaseLocation and + goto.getLocation().getStartLine() > caseLocation and + goto.getLocation().getStartLine() < nextCaseLocation and + ( + goto.getTarget().getLocation().getStartLine() < caseLocation + or + goto.getTarget().getLocation().getStartLine() > nextCaseLocation + ) and + goto.getTarget().getLocation().getStartLine() > switch.getLocation().getStartLine() + ) +select goto, "The $@ statement and its $@ are not declared or enclosed in the same block.", goto, + "goto", goto.getTarget(), "label" diff --git a/c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.expected b/c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.expected index 2ec1a0ac6c..9a81d6f434 100644 --- a/c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.expected +++ b/c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.expected @@ -1 +1,3 @@ -No expected results have yet been specified \ No newline at end of file +| test.c:2:3:2:10 | goto ... | The $@ statement and its $@ are not declared or enclosed in the same block. | test.c:2:3:2:10 | goto ... | goto | test.c:4:3:4:5 | label ...: | label | +| test.c:37:3:37:10 | goto ... | The $@ statement and its $@ are not declared or enclosed in the same block. | test.c:37:3:37:10 | goto ... | goto | test.c:41:3:41:5 | label ...: | label | +| test.c:52:5:52:12 | goto ... | The $@ statement and its $@ are not declared or enclosed in the same block. | test.c:52:5:52:12 | goto ... | goto | test.c:55:3:55:5 | label ...: | label | diff --git a/c/misra/test/rules/RULE-15-3/test.c b/c/misra/test/rules/RULE-15-3/test.c new file mode 100644 index 0000000000..666a45cb2c --- /dev/null +++ b/c/misra/test/rules/RULE-15-3/test.c @@ -0,0 +1,69 @@ +void f1() { + goto L1; + for (int i = 0; i < 100; i++) { + L1: // NON_COMPLIANT + } +} + +void f2() { + int i = 0; + if (i >= 0) { + for (int j = 0; j < 10; j++) { + goto L2; + } + } +L2: // COMPLIANT +} + +void f3() { + int i = 0; + if (i >= 0) { + for (int j = 0; j < 10; j++) { + goto L3; + L3: // COMPLIANT + } + } +} + +void f4() { + int i = 0; +L4: // COMPLIANT + if (i >= 0) { + goto L4; + } +} + +void f5(int p) { + goto L1; + + switch (p) { + case 0: + L1:; // NON_COMPLIANT + break; + default: + break; + } +} + +void f6(int p) { + + switch (p) { + case 0: + goto L1; + break; + default: + L1: // NON_COMPLIANT + break; + } +} + +void f7(int p) { +L1: // COMPLIANT + switch (p) { + case 0: + goto L1; + break; + default: + break; + } +} \ No newline at end of file diff --git a/rule_packages/c/Statements2.json b/rule_packages/c/Statements2.json index dbf2ebb102..48e6a3aaa1 100644 --- a/rule_packages/c/Statements2.json +++ b/rule_packages/c/Statements2.json @@ -29,11 +29,14 @@ { "description": "Any label referenced by a goto statement shall be declared in the same block, or in any block enclosing the goto statement", "kind": "problem", - "name": "Any label referenced by a goto statement shall be declared in the same block, or in any block", - "precision": "very-high", - "severity": "error", + "name": "The goto statement and any of its label shall be declared or enclosed in the same block. ", + "precision": "high", + "severity": "recommendation", "short_name": "GotoLabelBlockCondition", - "tags": [] + "tags": [ + "maintainability", + "readability" + ] } ], "title": "Any label referenced by a goto statement shall be declared in the same block, or in any block enclosing the goto statement" From fbc9cee2cf5149374ad3d24b6fb11f6322310795 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 20 Feb 2023 14:07:05 +0000 Subject: [PATCH 0527/2573] M14-6-1: Extra test cases for non-dependent base types The rule specifically only refers to dependent base types of class templates. --- cpp/autosar/test/rules/M14-6-1/test.cpp | 33 ++++++++++++++++++++++++- 1 file changed, 32 insertions(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/M14-6-1/test.cpp b/cpp/autosar/test/rules/M14-6-1/test.cpp index 7358a5e5e0..d7e7313162 100644 --- a/cpp/autosar/test/rules/M14-6-1/test.cpp +++ b/cpp/autosar/test/rules/M14-6-1/test.cpp @@ -35,4 +35,35 @@ void f() { A a; a.m1(); a.m2(); -} \ No newline at end of file +} + +class D { +public: + typedef int TYPE; + void g(); + void g(int x); + static void sg(); + static void sg(int x); + int m; +}; + +class C : D { +public: + void m1() { + m = 0; // COMPLIANT - does not apply to non-class templates + g(); // COMPLIANT - does not apply to non-class templates + sg(); // COMPLIANT - does not apply to non-class templates + TYPE t = 0; // COMPLIANT - does not apply to non-class templates + // void (*p)() = &g; // NON_COMPILABLE + } +}; + +template class E : D { +public: + void m1() { + m = 0; // COMPLIANT - does not apply to non dependent base types + g(); // COMPLIANT - does not apply to non dependent base types + TYPE t = 0; // COMPLIANT - does not apply to non dependent base types + void (*p)() = &g; // COMPLIANT - does not apply to non dependent base types + } +}; \ No newline at end of file From 7b6cc90891c8892374fcda8087c08bd8bf2129bd Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 26 Feb 2023 00:18:50 +0000 Subject: [PATCH 0528/2573] M14-6-1: Restrict to templates with dependent base The query didn't explicitly enforce this condition, and instead relied on the fact that NameQualifiableElement's without any qualifier would only point to the "wrong" element within templates. However, there are some edge cases (static member functions with overrides) where non-class templates could be flagged. This commit restricts the output to the set of template classes with dependent base types, therefore avoiding the sort of false positives seen above. In addition, this improves performance for this query because the set of template classes with dependent base types is much much much smaller than the overall set of base types. --- .../src/rules/M14-6-1/NameInDependentBase.qll | 15 +++++++++++++-- .../NameNotReferredUsingAQualifiedIdOrThis.ql | 10 +++++----- ...NameNotReferredUsingAQualifiedIdOrThisAudit.ql | 10 +++++----- 3 files changed, 23 insertions(+), 12 deletions(-) diff --git a/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll b/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll index 93c99c3d76..223d54a434 100644 --- a/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll +++ b/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll @@ -2,9 +2,20 @@ import cpp import codingstandards.cpp.autosar /** - * Just the reverse of `Class.getABaseClass()` + * Gets a dependent base type of the given template class. + * + * This returns the `TemplateClass` for the base type, rather than the `ClassTemplateInstantiation`, + * as the instantiation does not appear to include any member declarations. */ -Class getParent(Class child) { child.getABaseClass() = result } +TemplateClass getADependentBaseType(TemplateClass t) { + exists(ClassTemplateInstantiation baseType | + baseType = t.getABaseClass() and + // Base type depends on at least one of the template parameters of class t + baseType.getATemplateArgument() = t.getATemplateArgument() and + // Return the template itself + result = baseType.getTemplate() + ) +} /** * There is a `MemberFunction` in parent class with same name diff --git a/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.ql b/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.ql index 7d23ddb949..1ac4f17578 100644 --- a/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.ql +++ b/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.ql @@ -18,23 +18,23 @@ import cpp import codingstandards.cpp.autosar import NameInDependentBase -from Class c, Class p, NameQualifiableElement fn +from TemplateClass c, TemplateClass dependentBaseType, NameQualifiableElement fn where not isExcluded(fn, TemplatesPackage::nameNotReferredUsingAQualifiedIdOrThisQuery()) and not isCustomExcluded(fn) and - p = getParent(c) and + dependentBaseType = getADependentBaseType(c) and missingNameQualifier(fn) and ( fn instanceof FunctionAccess and - fn = parentMemberFunctionAccess(c, p) + fn = parentMemberFunctionAccess(c, dependentBaseType) or fn instanceof FunctionCall and - fn = parentMemberFunctionCall(c, p) and + fn = parentMemberFunctionCall(c, dependentBaseType) and not exists(Expr e | e = fn.(FunctionCall).getQualifier()) or fn instanceof VariableAccess and not fn.(VariableAccess).getTarget() instanceof Parameter and - fn = parentMemberAccess(c, p) and + fn = parentMemberAccess(c, dependentBaseType) and not exists(Expr e | e = fn.(VariableAccess).getQualifier()) ) and not fn.isAffectedByMacro() diff --git a/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.ql b/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.ql index e231967ad1..6c06bf319a 100644 --- a/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.ql +++ b/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.ql @@ -18,23 +18,23 @@ import cpp import codingstandards.cpp.autosar import NameInDependentBase -from Class c, Class p, NameQualifiableElement fn +from TemplateClass c, TemplateClass dependentBaseType, NameQualifiableElement fn where not isExcluded(fn, TemplatesPackage::nameNotReferredUsingAQualifiedIdOrThisAuditQuery()) and not isCustomExcluded(fn) and - p = getParent(c) and + dependentBaseType = getADependentBaseType(c) and missingNameQualifier(fn) and ( fn instanceof FunctionAccess and - fn = parentMemberFunctionAccess(c, p) + fn = parentMemberFunctionAccess(c, dependentBaseType) or fn instanceof FunctionCall and - fn = parentMemberFunctionCall(c, p) and + fn = parentMemberFunctionCall(c, dependentBaseType) and not exists(Expr e | e = fn.(FunctionCall).getQualifier()) or fn instanceof VariableAccess and not fn.(VariableAccess).getTarget() instanceof Parameter and - fn = parentMemberAccess(c, p) and + fn = parentMemberAccess(c, dependentBaseType) and not exists(Expr e | e = fn.(VariableAccess).getQualifier()) ) select fn, "Use of identifier that also exists in a base class that is not fully qualified." From 0d43de51f4d2cd13aeb760b2608281ae93cf8780 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 26 Feb 2023 00:35:37 +0000 Subject: [PATCH 0529/2573] M14-6-1: Push dependent base type context Push the dependent type context into the individual determination of contravening cases to work towards addressing performance issues. --- .../src/rules/M14-6-1/NameInDependentBase.qll | 31 ++++++++++--------- .../NameNotReferredUsingAQualifiedIdOrThis.ql | 9 +++--- ...NotReferredUsingAQualifiedIdOrThisAudit.ql | 9 +++--- 3 files changed, 25 insertions(+), 24 deletions(-) diff --git a/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll b/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll index 223d54a434..60c73fd07f 100644 --- a/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll +++ b/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll @@ -18,16 +18,17 @@ TemplateClass getADependentBaseType(TemplateClass t) { } /** - * There is a `MemberFunction` in parent class with same name - * as a `FunctionCall` that exists in a child `MemberFunction` + * Gets a function call in `TemplateClass` `t` where the target function name exists in a dependent + * base type and the function does not call that function. */ -FunctionCall parentMemberFunctionCall(Class child, Class parent) { - exists(MemberFunction parentFunction, Function other | +FunctionCall parentMemberFunctionCall(TemplateClass t) { + exists(TemplateClass dependentBaseType, MemberFunction parentFunction, Function other | + dependentBaseType = getADependentBaseType(t) and not other = parentFunction and - parent.getAMember() = parentFunction and + dependentBaseType.getAMember() = parentFunction and other.getName() = parentFunction.getName() and result = other.getACallToThisFunction() and - result.getEnclosingFunction() = child.getAMemberFunction() + result.getEnclosingFunction() = t.getAMemberFunction() ) } @@ -35,13 +36,14 @@ FunctionCall parentMemberFunctionCall(Class child, Class parent) { * There is a `MemberFunction` in parent class with same name * as a `FunctionAccess` that exists in a child `MemberFunction` */ -FunctionAccess parentMemberFunctionAccess(Class child, Class parent) { - exists(MemberFunction parentFunction, Function other | +FunctionAccess parentMemberFunctionAccess(TemplateClass t) { + exists(TemplateClass dependentBaseType, MemberFunction parentFunction, Function other | + dependentBaseType = getADependentBaseType(t) and not other = parentFunction and - parent.getAMember() = parentFunction and + dependentBaseType.getAMember() = parentFunction and other.getName() = parentFunction.getName() and result = other.getAnAccess() and - result.getEnclosingFunction() = child.getAMemberFunction() + result.getEnclosingFunction() = t.getAMemberFunction() ) } @@ -49,13 +51,14 @@ FunctionAccess parentMemberFunctionAccess(Class child, Class parent) { * There is a `MemberVariable` in parent class with same name * as a `VariableAccess` that exists in a child `MemberFunction` */ -Access parentMemberAccess(Class child, Class parent) { - exists(MemberVariable parentMember, Variable other | +Access parentMemberAccess(TemplateClass t) { + exists(TemplateClass dependentBaseType, MemberVariable parentMember, Variable other | + dependentBaseType = getADependentBaseType(t) and not other = parentMember and - parent.getAMemberVariable() = parentMember and + dependentBaseType.getAMemberVariable() = parentMember and other.getName() = parentMember.getName() and result = other.getAnAccess() and - result.getEnclosingFunction() = child.getAMemberFunction() + result.getEnclosingFunction() = t.getAMemberFunction() ) } diff --git a/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.ql b/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.ql index 1ac4f17578..ada692a626 100644 --- a/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.ql +++ b/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.ql @@ -18,23 +18,22 @@ import cpp import codingstandards.cpp.autosar import NameInDependentBase -from TemplateClass c, TemplateClass dependentBaseType, NameQualifiableElement fn +from TemplateClass c, NameQualifiableElement fn where not isExcluded(fn, TemplatesPackage::nameNotReferredUsingAQualifiedIdOrThisQuery()) and not isCustomExcluded(fn) and - dependentBaseType = getADependentBaseType(c) and missingNameQualifier(fn) and ( fn instanceof FunctionAccess and - fn = parentMemberFunctionAccess(c, dependentBaseType) + fn = parentMemberFunctionAccess(c) or fn instanceof FunctionCall and - fn = parentMemberFunctionCall(c, dependentBaseType) and + fn = parentMemberFunctionCall(c) and not exists(Expr e | e = fn.(FunctionCall).getQualifier()) or fn instanceof VariableAccess and not fn.(VariableAccess).getTarget() instanceof Parameter and - fn = parentMemberAccess(c, dependentBaseType) and + fn = parentMemberAccess(c) and not exists(Expr e | e = fn.(VariableAccess).getQualifier()) ) and not fn.isAffectedByMacro() diff --git a/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.ql b/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.ql index 6c06bf319a..6bc958d4a6 100644 --- a/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.ql +++ b/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.ql @@ -18,23 +18,22 @@ import cpp import codingstandards.cpp.autosar import NameInDependentBase -from TemplateClass c, TemplateClass dependentBaseType, NameQualifiableElement fn +from TemplateClass c, NameQualifiableElement fn where not isExcluded(fn, TemplatesPackage::nameNotReferredUsingAQualifiedIdOrThisAuditQuery()) and not isCustomExcluded(fn) and - dependentBaseType = getADependentBaseType(c) and missingNameQualifier(fn) and ( fn instanceof FunctionAccess and - fn = parentMemberFunctionAccess(c, dependentBaseType) + fn = parentMemberFunctionAccess(c) or fn instanceof FunctionCall and - fn = parentMemberFunctionCall(c, dependentBaseType) and + fn = parentMemberFunctionCall(c) and not exists(Expr e | e = fn.(FunctionCall).getQualifier()) or fn instanceof VariableAccess and not fn.(VariableAccess).getTarget() instanceof Parameter and - fn = parentMemberAccess(c, dependentBaseType) and + fn = parentMemberAccess(c) and not exists(Expr e | e = fn.(VariableAccess).getQualifier()) ) select fn, "Use of identifier that also exists in a base class that is not fully qualified." From e5b9d159649a769d5df83ede756cd3680479fdb2 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 26 Feb 2023 00:42:04 +0000 Subject: [PATCH 0530/2573] M14-6-1: Re-name vars for clarity --- .../src/rules/M14-6-1/NameInDependentBase.qll | 32 ++++++++++--------- 1 file changed, 17 insertions(+), 15 deletions(-) diff --git a/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll b/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll index 60c73fd07f..50f1c5b4cf 100644 --- a/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll +++ b/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll @@ -22,12 +22,12 @@ TemplateClass getADependentBaseType(TemplateClass t) { * base type and the function does not call that function. */ FunctionCall parentMemberFunctionCall(TemplateClass t) { - exists(TemplateClass dependentBaseType, MemberFunction parentFunction, Function other | + exists(TemplateClass dependentBaseType, MemberFunction dependentTypeFunction, Function target | dependentBaseType = getADependentBaseType(t) and - not other = parentFunction and - dependentBaseType.getAMember() = parentFunction and - other.getName() = parentFunction.getName() and - result = other.getACallToThisFunction() and + not target = dependentTypeFunction and + dependentBaseType.getAMember() = dependentTypeFunction and + target.getName() = dependentTypeFunction.getName() and + result = target.getACallToThisFunction() and result.getEnclosingFunction() = t.getAMemberFunction() ) } @@ -37,12 +37,12 @@ FunctionCall parentMemberFunctionCall(TemplateClass t) { * as a `FunctionAccess` that exists in a child `MemberFunction` */ FunctionAccess parentMemberFunctionAccess(TemplateClass t) { - exists(TemplateClass dependentBaseType, MemberFunction parentFunction, Function other | + exists(TemplateClass dependentBaseType, MemberFunction dependentTypeFunction, Function target | dependentBaseType = getADependentBaseType(t) and - not other = parentFunction and - dependentBaseType.getAMember() = parentFunction and - other.getName() = parentFunction.getName() and - result = other.getAnAccess() and + not target = dependentTypeFunction and + dependentBaseType.getAMember() = dependentTypeFunction and + target.getName() = dependentTypeFunction.getName() and + result = target.getAnAccess() and result.getEnclosingFunction() = t.getAMemberFunction() ) } @@ -52,12 +52,14 @@ FunctionAccess parentMemberFunctionAccess(TemplateClass t) { * as a `VariableAccess` that exists in a child `MemberFunction` */ Access parentMemberAccess(TemplateClass t) { - exists(TemplateClass dependentBaseType, MemberVariable parentMember, Variable other | + exists( + TemplateClass dependentBaseType, MemberVariable dependentTypeMemberVariable, Variable target + | dependentBaseType = getADependentBaseType(t) and - not other = parentMember and - dependentBaseType.getAMemberVariable() = parentMember and - other.getName() = parentMember.getName() and - result = other.getAnAccess() and + not target = dependentTypeMemberVariable and + dependentBaseType.getAMemberVariable() = dependentTypeMemberVariable and + target.getName() = dependentTypeMemberVariable.getName() and + result = target.getAnAccess() and result.getEnclosingFunction() = t.getAMemberFunction() ) } From ac2762324f8b43061065e4bf1a0639f8447470e0 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 26 Feb 2023 00:55:20 +0000 Subject: [PATCH 0531/2573] M14-6-1: Handle overloading Previously the logic of this query asserted that the function call did not target the selected function in the dependent base type with the same name. In theory this is wrong, as overloading can permit multiple functions declarations with the same name, but different signatures, so we now say that the target is not declared on the same base type. In practice, such results would be excluded because to call an overload of the same function would always have a qualifier in this case, however this logic makes the intention clearer. --- cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll b/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll index 50f1c5b4cf..3f41abe93f 100644 --- a/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll +++ b/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll @@ -24,7 +24,7 @@ TemplateClass getADependentBaseType(TemplateClass t) { FunctionCall parentMemberFunctionCall(TemplateClass t) { exists(TemplateClass dependentBaseType, MemberFunction dependentTypeFunction, Function target | dependentBaseType = getADependentBaseType(t) and - not target = dependentTypeFunction and + not target.getDeclaringType() = dependentBaseType and dependentBaseType.getAMember() = dependentTypeFunction and target.getName() = dependentTypeFunction.getName() and result = target.getACallToThisFunction() and @@ -39,7 +39,7 @@ FunctionCall parentMemberFunctionCall(TemplateClass t) { FunctionAccess parentMemberFunctionAccess(TemplateClass t) { exists(TemplateClass dependentBaseType, MemberFunction dependentTypeFunction, Function target | dependentBaseType = getADependentBaseType(t) and - not target = dependentTypeFunction and + not target.getDeclaringType() = dependentBaseType and dependentBaseType.getAMember() = dependentTypeFunction and target.getName() = dependentTypeFunction.getName() and result = target.getAnAccess() and @@ -56,7 +56,7 @@ Access parentMemberAccess(TemplateClass t) { TemplateClass dependentBaseType, MemberVariable dependentTypeMemberVariable, Variable target | dependentBaseType = getADependentBaseType(t) and - not target = dependentTypeMemberVariable and + not target.getDeclaringType() = dependentBaseType and dependentBaseType.getAMemberVariable() = dependentTypeMemberVariable and target.getName() = dependentTypeMemberVariable.getName() and result = target.getAnAccess() and From 8d89f17bbc176aa4950ec7b664b98459d318ebdf Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 26 Feb 2023 01:00:42 +0000 Subject: [PATCH 0532/2573] M14-6-1: Clarify documention --- .../src/rules/M14-6-1/NameInDependentBase.qll | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll b/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll index 3f41abe93f..e28fdde03c 100644 --- a/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll +++ b/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll @@ -19,11 +19,12 @@ TemplateClass getADependentBaseType(TemplateClass t) { /** * Gets a function call in `TemplateClass` `t` where the target function name exists in a dependent - * base type and the function does not call that function. + * base type and the call is to a function that is not declared in the dependent base type. */ FunctionCall parentMemberFunctionCall(TemplateClass t) { exists(TemplateClass dependentBaseType, MemberFunction dependentTypeFunction, Function target | dependentBaseType = getADependentBaseType(t) and + // The target of the call is not declared in the dependent base type not target.getDeclaringType() = dependentBaseType and dependentBaseType.getAMember() = dependentTypeFunction and target.getName() = dependentTypeFunction.getName() and @@ -33,12 +34,13 @@ FunctionCall parentMemberFunctionCall(TemplateClass t) { } /** - * There is a `MemberFunction` in parent class with same name - * as a `FunctionAccess` that exists in a child `MemberFunction` + * Gets a function access in `TemplateClass` `t` where the target function name exists in a dependent + * base type and the access is to a function declared outside the dependent base type. */ FunctionAccess parentMemberFunctionAccess(TemplateClass t) { exists(TemplateClass dependentBaseType, MemberFunction dependentTypeFunction, Function target | dependentBaseType = getADependentBaseType(t) and + // The target of the access is not declared in the dependent base type not target.getDeclaringType() = dependentBaseType and dependentBaseType.getAMember() = dependentTypeFunction and target.getName() = dependentTypeFunction.getName() and @@ -48,14 +50,15 @@ FunctionAccess parentMemberFunctionAccess(TemplateClass t) { } /** - * There is a `MemberVariable` in parent class with same name - * as a `VariableAccess` that exists in a child `MemberFunction` + * Gets a memmber access in `TemplateClass` `t` where the target member name exists in a dependent + * base type and the access is to a variable declared outside the dependent base type. */ Access parentMemberAccess(TemplateClass t) { exists( TemplateClass dependentBaseType, MemberVariable dependentTypeMemberVariable, Variable target | dependentBaseType = getADependentBaseType(t) and + // The target of the access is not declared in the dependent base type not target.getDeclaringType() = dependentBaseType and dependentBaseType.getAMemberVariable() = dependentTypeMemberVariable and target.getName() = dependentTypeMemberVariable.getName() and From 82644bcd3c553ba2715301a4c9cf796705b8ad31 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 26 Feb 2023 01:30:57 +0000 Subject: [PATCH 0533/2573] M14-6-3: Address perf problems Performance issues occurred because we are trying to find pairs of functions or variables which have the same name but are not the same. The join orderer is very keen on joining two copies of the function/ variable table early on which, on large databases like openpilot with a lot of name duplication, can cause signficant blow-up. The workaround is to provide helper predicates that ensure the restricted set of functions/variables we care about (targets of accesses or calls in templates with dependent base types) are computed first, then the name is joined with a member on the dependent base type. --- .../src/rules/M14-6-1/NameInDependentBase.qll | 89 ++++++++++++++----- 1 file changed, 67 insertions(+), 22 deletions(-) diff --git a/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll b/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll index e28fdde03c..8722dab604 100644 --- a/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll +++ b/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll @@ -17,53 +17,98 @@ TemplateClass getADependentBaseType(TemplateClass t) { ) } +/** + * Helper predicate that ensures we do not join on function pairs by name early on, as that creates + * a large dataset on big databases with lots of name duplication. + */ +pragma[noinline, nomagic] +private FunctionCall helper_functioncall( + TemplateClass t, TemplateClass dependentBaseType, Function target, string name +) { + dependentBaseType = getADependentBaseType(t) and + // The target of the call is not declared in the dependent base type + not target.getDeclaringType() = dependentBaseType and + result = target.getACallToThisFunction() and + result.getEnclosingFunction() = t.getAMemberFunction() and + name = target.getName() +} + /** * Gets a function call in `TemplateClass` `t` where the target function name exists in a dependent * base type and the call is to a function that is not declared in the dependent base type. */ FunctionCall parentMemberFunctionCall(TemplateClass t) { - exists(TemplateClass dependentBaseType, MemberFunction dependentTypeFunction, Function target | - dependentBaseType = getADependentBaseType(t) and - // The target of the call is not declared in the dependent base type - not target.getDeclaringType() = dependentBaseType and + exists( + string name, TemplateClass dependentBaseType, MemberFunction dependentTypeFunction, + Function target + | + result = helper_functioncall(t, dependentBaseType, target, name) and + // The dependentTypeFunction is declared on the dependent base type dependentBaseType.getAMember() = dependentTypeFunction and - target.getName() = dependentTypeFunction.getName() and - result = target.getACallToThisFunction() and - result.getEnclosingFunction() = t.getAMemberFunction() + // And has the same name as the target of the function call in the child + name = dependentTypeFunction.getName() ) } +/** + * Helper predicate that ensures we do not join on function pairs by name early on, as that creates + * a large dataset on big databases with lots of name duplication. + */ +pragma[noinline, nomagic] +private FunctionAccess helper_functionaccess( + TemplateClass t, TemplateClass dependentBaseType, Function target, string name +) { + dependentBaseType = getADependentBaseType(t) and + // The target of the access is not declared in the dependent base type + not target.getDeclaringType() = dependentBaseType and + result = target.getAnAccess() and + result.getEnclosingFunction() = t.getAMemberFunction() and + name = target.getName() +} + /** * Gets a function access in `TemplateClass` `t` where the target function name exists in a dependent * base type and the access is to a function declared outside the dependent base type. */ FunctionAccess parentMemberFunctionAccess(TemplateClass t) { - exists(TemplateClass dependentBaseType, MemberFunction dependentTypeFunction, Function target | - dependentBaseType = getADependentBaseType(t) and - // The target of the access is not declared in the dependent base type - not target.getDeclaringType() = dependentBaseType and + exists( + string name, TemplateClass dependentBaseType, MemberFunction dependentTypeFunction, + Function target + | + result = helper_functionaccess(t, dependentBaseType, target, name) and dependentBaseType.getAMember() = dependentTypeFunction and - target.getName() = dependentTypeFunction.getName() and - result = target.getAnAccess() and - result.getEnclosingFunction() = t.getAMemberFunction() + name = dependentTypeFunction.getName() ) } +/** + * Helper predicate that ensures we do not join on variable pairs by name early on, as that creates + * a large dataset on big databases with lots of name duplication. + */ +pragma[noinline, nomagic] +private VariableAccess helper_memberaccess( + TemplateClass t, TemplateClass dependentBaseType, Variable target, string name +) { + dependentBaseType = getADependentBaseType(t) and + // The target of the access is not declared in the dependent base type + not target.getDeclaringType() = dependentBaseType and + result = target.getAnAccess() and + result.getEnclosingFunction() = t.getAMemberFunction() and + name = target.getName() +} + /** * Gets a memmber access in `TemplateClass` `t` where the target member name exists in a dependent * base type and the access is to a variable declared outside the dependent base type. */ -Access parentMemberAccess(TemplateClass t) { +VariableAccess parentMemberAccess(TemplateClass t) { exists( - TemplateClass dependentBaseType, MemberVariable dependentTypeMemberVariable, Variable target + string name, TemplateClass dependentBaseType, MemberVariable dependentTypeMemberVariable, + Variable target | - dependentBaseType = getADependentBaseType(t) and - // The target of the access is not declared in the dependent base type - not target.getDeclaringType() = dependentBaseType and + result = helper_memberaccess(t, dependentBaseType, target, name) and dependentBaseType.getAMemberVariable() = dependentTypeMemberVariable and - target.getName() = dependentTypeMemberVariable.getName() and - result = target.getAnAccess() and - result.getEnclosingFunction() = t.getAMemberFunction() + name = dependentTypeMemberVariable.getName() ) } From 3f564a3811c62cac2317ccd0e4a0137305f19b0a Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 26 Feb 2023 22:34:24 +0000 Subject: [PATCH 0534/2573] M14-6-1: Rename predicates for clarity --- cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll | 6 +++--- .../M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.ql | 9 +++------ .../NameNotReferredUsingAQualifiedIdOrThisAudit.ql | 9 +++------ 3 files changed, 9 insertions(+), 15 deletions(-) diff --git a/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll b/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll index 8722dab604..b4fdf0bbf8 100644 --- a/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll +++ b/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll @@ -37,7 +37,7 @@ private FunctionCall helper_functioncall( * Gets a function call in `TemplateClass` `t` where the target function name exists in a dependent * base type and the call is to a function that is not declared in the dependent base type. */ -FunctionCall parentMemberFunctionCall(TemplateClass t) { +FunctionCall getConfusingFunctionCall(TemplateClass t) { exists( string name, TemplateClass dependentBaseType, MemberFunction dependentTypeFunction, Function target @@ -70,7 +70,7 @@ private FunctionAccess helper_functionaccess( * Gets a function access in `TemplateClass` `t` where the target function name exists in a dependent * base type and the access is to a function declared outside the dependent base type. */ -FunctionAccess parentMemberFunctionAccess(TemplateClass t) { +FunctionAccess getConfusingFunctionAccess(TemplateClass t) { exists( string name, TemplateClass dependentBaseType, MemberFunction dependentTypeFunction, Function target @@ -101,7 +101,7 @@ private VariableAccess helper_memberaccess( * Gets a memmber access in `TemplateClass` `t` where the target member name exists in a dependent * base type and the access is to a variable declared outside the dependent base type. */ -VariableAccess parentMemberAccess(TemplateClass t) { +VariableAccess getConfusingMemberVariableAccess(TemplateClass t) { exists( string name, TemplateClass dependentBaseType, MemberVariable dependentTypeMemberVariable, Variable target diff --git a/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.ql b/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.ql index ada692a626..a46023e4e9 100644 --- a/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.ql +++ b/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.ql @@ -24,16 +24,13 @@ where not isCustomExcluded(fn) and missingNameQualifier(fn) and ( - fn instanceof FunctionAccess and - fn = parentMemberFunctionAccess(c) + fn = getConfusingFunctionAccess(c) or - fn instanceof FunctionCall and - fn = parentMemberFunctionCall(c) and + fn = getConfusingFunctionCall(c) and not exists(Expr e | e = fn.(FunctionCall).getQualifier()) or - fn instanceof VariableAccess and not fn.(VariableAccess).getTarget() instanceof Parameter and - fn = parentMemberAccess(c) and + fn = getConfusingMemberVariableAccess(c) and not exists(Expr e | e = fn.(VariableAccess).getQualifier()) ) and not fn.isAffectedByMacro() diff --git a/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.ql b/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.ql index 6bc958d4a6..648a3e6a3c 100644 --- a/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.ql +++ b/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.ql @@ -24,16 +24,13 @@ where not isCustomExcluded(fn) and missingNameQualifier(fn) and ( - fn instanceof FunctionAccess and - fn = parentMemberFunctionAccess(c) + fn = getConfusingFunctionAccess(c) or - fn instanceof FunctionCall and - fn = parentMemberFunctionCall(c) and + fn = getConfusingFunctionCall(c) and not exists(Expr e | e = fn.(FunctionCall).getQualifier()) or - fn instanceof VariableAccess and not fn.(VariableAccess).getTarget() instanceof Parameter and - fn = parentMemberAccess(c) and + fn = getConfusingMemberVariableAccess(c) and not exists(Expr e | e = fn.(VariableAccess).getQualifier()) ) select fn, "Use of identifier that also exists in a base class that is not fully qualified." From c308956de8e4c1a843ad8f53b53b2c10c92bda64 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 26 Feb 2023 22:52:56 +0000 Subject: [PATCH 0535/2573] M14-6-1: Add improved alert message Improve the alert message to include: - The name of the identifier - A link to the target of the use of the identifier - A link to the dependent base type member with the same name. --- .../src/rules/M14-6-1/NameInDependentBase.qll | 27 +++++++++---------- .../NameNotReferredUsingAQualifiedIdOrThis.ql | 16 +++++++---- ...NotReferredUsingAQualifiedIdOrThisAudit.ql | 16 +++++++---- ...otReferredUsingAQualifiedIdOrThis.expected | 6 ++--- ...erredUsingAQualifiedIdOrThisAudit.expected | 6 ++--- 5 files changed, 40 insertions(+), 31 deletions(-) diff --git a/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll b/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll index b4fdf0bbf8..3673348ba2 100644 --- a/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll +++ b/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll @@ -37,11 +37,10 @@ private FunctionCall helper_functioncall( * Gets a function call in `TemplateClass` `t` where the target function name exists in a dependent * base type and the call is to a function that is not declared in the dependent base type. */ -FunctionCall getConfusingFunctionCall(TemplateClass t) { - exists( - string name, TemplateClass dependentBaseType, MemberFunction dependentTypeFunction, - Function target - | +FunctionCall getConfusingFunctionCall( + TemplateClass t, string name, Function target, MemberFunction dependentTypeFunction +) { + exists(TemplateClass dependentBaseType | result = helper_functioncall(t, dependentBaseType, target, name) and // The dependentTypeFunction is declared on the dependent base type dependentBaseType.getAMember() = dependentTypeFunction and @@ -70,11 +69,10 @@ private FunctionAccess helper_functionaccess( * Gets a function access in `TemplateClass` `t` where the target function name exists in a dependent * base type and the access is to a function declared outside the dependent base type. */ -FunctionAccess getConfusingFunctionAccess(TemplateClass t) { - exists( - string name, TemplateClass dependentBaseType, MemberFunction dependentTypeFunction, - Function target - | +FunctionAccess getConfusingFunctionAccess( + TemplateClass t, string name, Function target, MemberFunction dependentTypeFunction +) { + exists(TemplateClass dependentBaseType | result = helper_functionaccess(t, dependentBaseType, target, name) and dependentBaseType.getAMember() = dependentTypeFunction and name = dependentTypeFunction.getName() @@ -101,11 +99,10 @@ private VariableAccess helper_memberaccess( * Gets a memmber access in `TemplateClass` `t` where the target member name exists in a dependent * base type and the access is to a variable declared outside the dependent base type. */ -VariableAccess getConfusingMemberVariableAccess(TemplateClass t) { - exists( - string name, TemplateClass dependentBaseType, MemberVariable dependentTypeMemberVariable, - Variable target - | +VariableAccess getConfusingMemberVariableAccess( + TemplateClass t, string name, Variable target, MemberVariable dependentTypeMemberVariable +) { + exists(TemplateClass dependentBaseType | result = helper_memberaccess(t, dependentBaseType, target, name) and dependentBaseType.getAMemberVariable() = dependentTypeMemberVariable and name = dependentTypeMemberVariable.getName() diff --git a/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.ql b/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.ql index a46023e4e9..646535b977 100644 --- a/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.ql +++ b/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.ql @@ -18,20 +18,26 @@ import cpp import codingstandards.cpp.autosar import NameInDependentBase -from TemplateClass c, NameQualifiableElement fn +from + TemplateClass c, NameQualifiableElement fn, string targetName, Element actualTarget, + Element dependentTypeMemberWithSameName where not isExcluded(fn, TemplatesPackage::nameNotReferredUsingAQualifiedIdOrThisQuery()) and not isCustomExcluded(fn) and missingNameQualifier(fn) and ( - fn = getConfusingFunctionAccess(c) + fn = getConfusingFunctionAccess(c, targetName, actualTarget, dependentTypeMemberWithSameName) or - fn = getConfusingFunctionCall(c) and + fn = getConfusingFunctionCall(c, targetName, actualTarget, dependentTypeMemberWithSameName) and not exists(Expr e | e = fn.(FunctionCall).getQualifier()) or not fn.(VariableAccess).getTarget() instanceof Parameter and - fn = getConfusingMemberVariableAccess(c) and + fn = + getConfusingMemberVariableAccess(c, targetName, actualTarget, dependentTypeMemberWithSameName) and not exists(Expr e | e = fn.(VariableAccess).getQualifier()) ) and not fn.isAffectedByMacro() -select fn, "Use of identifier that also exists in a base class that is not fully qualified." +select fn, + "Use of unqualified identifier " + targetName + + " targets $@ but a member with the name also exists $@.", actualTarget, targetName, + dependentTypeMemberWithSameName, "in the dependent base class" diff --git a/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.ql b/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.ql index 648a3e6a3c..401edf3b61 100644 --- a/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.ql +++ b/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.ql @@ -18,19 +18,25 @@ import cpp import codingstandards.cpp.autosar import NameInDependentBase -from TemplateClass c, NameQualifiableElement fn +from + TemplateClass c, NameQualifiableElement fn, string targetName, Element actualTarget, + Element dependentTypeMemberWithSameName where not isExcluded(fn, TemplatesPackage::nameNotReferredUsingAQualifiedIdOrThisAuditQuery()) and not isCustomExcluded(fn) and missingNameQualifier(fn) and ( - fn = getConfusingFunctionAccess(c) + fn = getConfusingFunctionAccess(c, targetName, actualTarget, dependentTypeMemberWithSameName) or - fn = getConfusingFunctionCall(c) and + fn = getConfusingFunctionCall(c, targetName, actualTarget, dependentTypeMemberWithSameName) and not exists(Expr e | e = fn.(FunctionCall).getQualifier()) or not fn.(VariableAccess).getTarget() instanceof Parameter and - fn = getConfusingMemberVariableAccess(c) and + fn = + getConfusingMemberVariableAccess(c, targetName, actualTarget, dependentTypeMemberWithSameName) and not exists(Expr e | e = fn.(VariableAccess).getQualifier()) ) -select fn, "Use of identifier that also exists in a base class that is not fully qualified." +select fn, + "Use of unqualified identifier " + targetName + + " targets $@ but a member with the name also exists $@.", actualTarget, targetName, + dependentTypeMemberWithSameName, "in the dependent base class" diff --git a/cpp/autosar/test/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.expected b/cpp/autosar/test/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.expected index c117f6d9ed..1ea2cb3ab5 100644 --- a/cpp/autosar/test/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.expected +++ b/cpp/autosar/test/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.expected @@ -1,3 +1,3 @@ -| test.cpp:16:5:16:5 | m | Use of identifier that also exists in a base class that is not fully qualified. | -| test.cpp:17:5:17:5 | call to g | Use of identifier that also exists in a base class that is not fully qualified. | -| test.cpp:19:20:19:20 | g | Use of identifier that also exists in a base class that is not fully qualified. | +| test.cpp:16:5:16:5 | m | Use of unqualified identifier m targets $@ but a member with the name also exists $@. | test.cpp:4:5:4:5 | m | m | test.cpp:10:7:10:7 | m | in the dependent base class | +| test.cpp:17:5:17:5 | call to g | Use of unqualified identifier g targets $@ but a member with the name also exists $@. | test.cpp:2:6:2:6 | g | g | test.cpp:9:8:9:8 | g | in the dependent base class | +| test.cpp:19:20:19:20 | g | Use of unqualified identifier g targets $@ but a member with the name also exists $@. | test.cpp:2:6:2:6 | g | g | test.cpp:9:8:9:8 | g | in the dependent base class | diff --git a/cpp/autosar/test/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.expected b/cpp/autosar/test/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.expected index c117f6d9ed..1ea2cb3ab5 100644 --- a/cpp/autosar/test/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.expected +++ b/cpp/autosar/test/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.expected @@ -1,3 +1,3 @@ -| test.cpp:16:5:16:5 | m | Use of identifier that also exists in a base class that is not fully qualified. | -| test.cpp:17:5:17:5 | call to g | Use of identifier that also exists in a base class that is not fully qualified. | -| test.cpp:19:20:19:20 | g | Use of identifier that also exists in a base class that is not fully qualified. | +| test.cpp:16:5:16:5 | m | Use of unqualified identifier m targets $@ but a member with the name also exists $@. | test.cpp:4:5:4:5 | m | m | test.cpp:10:7:10:7 | m | in the dependent base class | +| test.cpp:17:5:17:5 | call to g | Use of unqualified identifier g targets $@ but a member with the name also exists $@. | test.cpp:2:6:2:6 | g | g | test.cpp:9:8:9:8 | g | in the dependent base class | +| test.cpp:19:20:19:20 | g | Use of unqualified identifier g targets $@ but a member with the name also exists $@. | test.cpp:2:6:2:6 | g | g | test.cpp:9:8:9:8 | g | in the dependent base class | From f6afab6f3146948979186165ce5e99a9dfb19fb3 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 26 Feb 2023 23:20:36 +0000 Subject: [PATCH 0536/2573] M14-6-1: Ensure local scope variables are ignored Access of a local scope variable shadowing a dependent base member is not a case with confusing behaviour - the local scope variable would be expected to be the target. --- cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll | 4 +++- .../M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.ql | 1 - cpp/autosar/test/rules/M14-6-1/test.cpp | 9 +++++++++ 3 files changed, 12 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll b/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll index 3673348ba2..33b5c4b651 100644 --- a/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll +++ b/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll @@ -92,7 +92,9 @@ private VariableAccess helper_memberaccess( not target.getDeclaringType() = dependentBaseType and result = target.getAnAccess() and result.getEnclosingFunction() = t.getAMemberFunction() and - name = target.getName() + name = target.getName() and + // The target is not a local variable, which isn't subject to confusion + not target instanceof LocalScopeVariable } /** diff --git a/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.ql b/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.ql index 646535b977..2736d39290 100644 --- a/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.ql +++ b/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.ql @@ -31,7 +31,6 @@ where fn = getConfusingFunctionCall(c, targetName, actualTarget, dependentTypeMemberWithSameName) and not exists(Expr e | e = fn.(FunctionCall).getQualifier()) or - not fn.(VariableAccess).getTarget() instanceof Parameter and fn = getConfusingMemberVariableAccess(c, targetName, actualTarget, dependentTypeMemberWithSameName) and not exists(Expr e | e = fn.(VariableAccess).getQualifier()) diff --git a/cpp/autosar/test/rules/M14-6-1/test.cpp b/cpp/autosar/test/rules/M14-6-1/test.cpp index d7e7313162..1813251098 100644 --- a/cpp/autosar/test/rules/M14-6-1/test.cpp +++ b/cpp/autosar/test/rules/M14-6-1/test.cpp @@ -29,12 +29,21 @@ template class A : B { typename B::TYPE t2 = 0; // COMPLIANT g1(); // COMPLIANT, identifier not found in B } + void m3(int m) { + m = 0; // COMPLIANT, hides member + } + void m4() { + int m = 0; + m = 0; // COMPLIANT, hides member + } }; void f() { A a; a.m1(); a.m2(); + a.m3(1); + a.m4(); } class D { From b21e62058380749c65e7d91652abd91d976e33ad Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 27 Feb 2023 12:14:38 -0500 Subject: [PATCH 0537/2573] pr auths --- .github/workflows/dispatch-matrix-check.yml | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/.github/workflows/dispatch-matrix-check.yml b/.github/workflows/dispatch-matrix-check.yml index 7da92294c2..b3fc030e40 100644 --- a/.github/workflows/dispatch-matrix-check.yml +++ b/.github/workflows/dispatch-matrix-check.yml @@ -1,7 +1,8 @@ name: 🤖 Run Matrix Check on: - pull_request: + pull_request_target: + types: [synchronize,opened] branches: - "**" workflow_dispatch: @@ -11,7 +12,13 @@ jobs: runs-on: ubuntu-latest steps: + - name: Test Variables + shell: pwsh + run: | + Write-Host "Running as: ${{github.actor}}" + - name: Dispatch Matrix Testing Job + if: contains(fromJSON('["jsinglet", "mbaluda", "lcartey", "rvermeulen", "ravikprasad", "jeongsoolee09", "hohn", "knewbury01", "kraiouchkine"]')', github.actor) uses: peter-evans/repository-dispatch@v2 with: token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} @@ -21,6 +28,7 @@ jobs: - uses: actions/github-script@v6 + if: contains(fromJSON('["jsinglet", "mbaluda", "lcartey", "rvermeulen", "ravikprasad", "jeongsoolee09", "hohn", "knewbury01", "kraiouchkine"]')', github.actor) with: script: | github.rest.issues.createComment({ From 3187901c2c3d257fe88ef2b4a787683752fa63ae Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 27 Feb 2023 12:18:30 -0500 Subject: [PATCH 0538/2573] syntax --- .github/workflows/dispatch-matrix-check.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/dispatch-matrix-check.yml b/.github/workflows/dispatch-matrix-check.yml index b3fc030e40..f888c720ae 100644 --- a/.github/workflows/dispatch-matrix-check.yml +++ b/.github/workflows/dispatch-matrix-check.yml @@ -18,7 +18,7 @@ jobs: Write-Host "Running as: ${{github.actor}}" - name: Dispatch Matrix Testing Job - if: contains(fromJSON('["jsinglet", "mbaluda", "lcartey", "rvermeulen", "ravikprasad", "jeongsoolee09", "hohn", "knewbury01", "kraiouchkine"]')', github.actor) + if: ${{ contains(fromJSON('["jsinglet", "mbaluda", "lcartey", "rvermeulen", "ravikprasad", "jeongsoolee09", "hohn", "knewbury01", "kraiouchkine"]')', github.actor) }} uses: peter-evans/repository-dispatch@v2 with: token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} @@ -28,7 +28,7 @@ jobs: - uses: actions/github-script@v6 - if: contains(fromJSON('["jsinglet", "mbaluda", "lcartey", "rvermeulen", "ravikprasad", "jeongsoolee09", "hohn", "knewbury01", "kraiouchkine"]')', github.actor) + if: ${{ contains(fromJSON('["jsinglet", "mbaluda", "lcartey", "rvermeulen", "ravikprasad", "jeongsoolee09", "hohn", "knewbury01", "kraiouchkine"]')', github.actor) }} with: script: | github.rest.issues.createComment({ From 47f1da258df4a4eb1ef0f0757c99497afdea85c5 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 27 Feb 2023 12:25:29 -0500 Subject: [PATCH 0539/2573] work --- .github/workflows/dispatch-matrix-check.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/dispatch-matrix-check.yml b/.github/workflows/dispatch-matrix-check.yml index f888c720ae..09e23b425f 100644 --- a/.github/workflows/dispatch-matrix-check.yml +++ b/.github/workflows/dispatch-matrix-check.yml @@ -18,7 +18,7 @@ jobs: Write-Host "Running as: ${{github.actor}}" - name: Dispatch Matrix Testing Job - if: ${{ contains(fromJSON('["jsinglet", "mbaluda", "lcartey", "rvermeulen", "ravikprasad", "jeongsoolee09", "hohn", "knewbury01", "kraiouchkine"]')', github.actor) }} + if: ${{ contains(fromJSON('["jsinglet", "mbaluda", "lcartey", "rvermeulen", "ravikprasad", "jeongsoolee09", "hohn", "knewbury01", "kraiouchkine"]'), github.actor) }} uses: peter-evans/repository-dispatch@v2 with: token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} @@ -28,7 +28,7 @@ jobs: - uses: actions/github-script@v6 - if: ${{ contains(fromJSON('["jsinglet", "mbaluda", "lcartey", "rvermeulen", "ravikprasad", "jeongsoolee09", "hohn", "knewbury01", "kraiouchkine"]')', github.actor) }} + if: ${{ contains(fromJSON('["jsinglet", "mbaluda", "lcartey", "rvermeulen", "ravikprasad", "jeongsoolee09", "hohn", "knewbury01", "kraiouchkine"]'), github.actor) }} with: script: | github.rest.issues.createComment({ From e88dd9f714f5870f75259ae0d03915d63e2274db Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 27 Feb 2023 12:43:13 -0500 Subject: [PATCH 0540/2573] test banning mauro --- .github/workflows/dispatch-matrix-check.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/dispatch-matrix-check.yml b/.github/workflows/dispatch-matrix-check.yml index 09e23b425f..288e68cd51 100644 --- a/.github/workflows/dispatch-matrix-check.yml +++ b/.github/workflows/dispatch-matrix-check.yml @@ -18,7 +18,7 @@ jobs: Write-Host "Running as: ${{github.actor}}" - name: Dispatch Matrix Testing Job - if: ${{ contains(fromJSON('["jsinglet", "mbaluda", "lcartey", "rvermeulen", "ravikprasad", "jeongsoolee09", "hohn", "knewbury01", "kraiouchkine"]'), github.actor) }} + if: ${{ contains(fromJSON('["jsinglet", "lcartey", "rvermeulen", "ravikprasad", "jeongsoolee09", "hohn", "knewbury01", "kraiouchkine"]'), github.actor) }} uses: peter-evans/repository-dispatch@v2 with: token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} @@ -28,7 +28,7 @@ jobs: - uses: actions/github-script@v6 - if: ${{ contains(fromJSON('["jsinglet", "mbaluda", "lcartey", "rvermeulen", "ravikprasad", "jeongsoolee09", "hohn", "knewbury01", "kraiouchkine"]'), github.actor) }} + if: ${{ contains(fromJSON('["jsinglet", "lcartey", "rvermeulen", "ravikprasad", "jeongsoolee09", "hohn", "knewbury01", "kraiouchkine"]'), github.actor) }} with: script: | github.rest.issues.createComment({ From 23f819ea674cd277f0082e78cd7ce5d09d12e88b Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 27 Feb 2023 12:46:52 -0500 Subject: [PATCH 0541/2573] test --- .github/workflows/dispatch-matrix-check.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/dispatch-matrix-check.yml b/.github/workflows/dispatch-matrix-check.yml index 288e68cd51..aa5a4cc9d8 100644 --- a/.github/workflows/dispatch-matrix-check.yml +++ b/.github/workflows/dispatch-matrix-check.yml @@ -18,7 +18,7 @@ jobs: Write-Host "Running as: ${{github.actor}}" - name: Dispatch Matrix Testing Job - if: ${{ contains(fromJSON('["jsinglet", "lcartey", "rvermeulen", "ravikprasad", "jeongsoolee09", "hohn", "knewbury01", "kraiouchkine"]'), github.actor) }} + if: ${{ contains(fromJSON('[ "mbaluda", "lcartey", "rvermeulen", "ravikprasad", "jeongsoolee09", "hohn", "knewbury01", "kraiouchkine"]'), github.actor) }} uses: peter-evans/repository-dispatch@v2 with: token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} @@ -28,7 +28,7 @@ jobs: - uses: actions/github-script@v6 - if: ${{ contains(fromJSON('["jsinglet", "lcartey", "rvermeulen", "ravikprasad", "jeongsoolee09", "hohn", "knewbury01", "kraiouchkine"]'), github.actor) }} + if: ${{ contains(fromJSON('[ "mbaluda", "lcartey", "rvermeulen", "ravikprasad", "jeongsoolee09", "hohn", "knewbury01", "kraiouchkine"]'), github.actor) }} with: script: | github.rest.issues.createComment({ From f43b492f34dfac81e1977450d8d44a0fc2edcca9 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 27 Feb 2023 12:52:34 -0500 Subject: [PATCH 0542/2573] fixing --- .github/workflows/dispatch-matrix-check.yml | 4 ++-- .../dispatch-release-performance-check.yml | 13 +++++++++++++ 2 files changed, 15 insertions(+), 2 deletions(-) diff --git a/.github/workflows/dispatch-matrix-check.yml b/.github/workflows/dispatch-matrix-check.yml index aa5a4cc9d8..09e23b425f 100644 --- a/.github/workflows/dispatch-matrix-check.yml +++ b/.github/workflows/dispatch-matrix-check.yml @@ -18,7 +18,7 @@ jobs: Write-Host "Running as: ${{github.actor}}" - name: Dispatch Matrix Testing Job - if: ${{ contains(fromJSON('[ "mbaluda", "lcartey", "rvermeulen", "ravikprasad", "jeongsoolee09", "hohn", "knewbury01", "kraiouchkine"]'), github.actor) }} + if: ${{ contains(fromJSON('["jsinglet", "mbaluda", "lcartey", "rvermeulen", "ravikprasad", "jeongsoolee09", "hohn", "knewbury01", "kraiouchkine"]'), github.actor) }} uses: peter-evans/repository-dispatch@v2 with: token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} @@ -28,7 +28,7 @@ jobs: - uses: actions/github-script@v6 - if: ${{ contains(fromJSON('[ "mbaluda", "lcartey", "rvermeulen", "ravikprasad", "jeongsoolee09", "hohn", "knewbury01", "kraiouchkine"]'), github.actor) }} + if: ${{ contains(fromJSON('["jsinglet", "mbaluda", "lcartey", "rvermeulen", "ravikprasad", "jeongsoolee09", "hohn", "knewbury01", "kraiouchkine"]'), github.actor) }} with: script: | github.rest.issues.createComment({ diff --git a/.github/workflows/dispatch-release-performance-check.yml b/.github/workflows/dispatch-release-performance-check.yml index 05ef63c103..9fc68b9b97 100644 --- a/.github/workflows/dispatch-release-performance-check.yml +++ b/.github/workflows/dispatch-release-performance-check.yml @@ -13,6 +13,19 @@ jobs: runs-on: ubuntu-latest steps: + - name: Test Variables + shell: pwsh + run: | + Write-Host "Running as: ${{github.actor}}" + + $actor = "${{github.actor}}" + + $acl = @("mbaluda", "lcartey", "rvermeulen", "ravikprasad", "jeongsoolee09", "hohn", "knewbury01", "kraiouchkine") + + if(-not ($actor -in $acl)){ + throw "Refusing to run workflow for user not in acl." + } + - name: Dispatch Performance Testing Job if: ${{ github.event.issue.pull_request && contains(github.event.comment.body, '/test-performance') }} uses: peter-evans/repository-dispatch@v2 From a247b21e4ff78fdcb1ceffc6e91aa845e35b6c3d Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 27 Feb 2023 12:58:09 -0500 Subject: [PATCH 0543/2573] fix check --- .github/workflows/dispatch-release-performance-check.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dispatch-release-performance-check.yml b/.github/workflows/dispatch-release-performance-check.yml index 9fc68b9b97..dceb2052a5 100644 --- a/.github/workflows/dispatch-release-performance-check.yml +++ b/.github/workflows/dispatch-release-performance-check.yml @@ -33,7 +33,7 @@ jobs: token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} repository: github/codeql-coding-standards-release-engineering event-type: performance-test - client-payload: '{"pr": "${{ github.event.number }}"}' + client-payload: '{"pr": "${{ github.event.issue.number }}"}' - uses: actions/github-script@v6 From 80afe6e800c052b552ae091b58897617f73c7e93 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 27 Feb 2023 13:03:45 -0500 Subject: [PATCH 0544/2573] acl --- .github/workflows/dispatch-release-performance-check.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dispatch-release-performance-check.yml b/.github/workflows/dispatch-release-performance-check.yml index dceb2052a5..abba5328bd 100644 --- a/.github/workflows/dispatch-release-performance-check.yml +++ b/.github/workflows/dispatch-release-performance-check.yml @@ -20,7 +20,7 @@ jobs: $actor = "${{github.actor}}" - $acl = @("mbaluda", "lcartey", "rvermeulen", "ravikprasad", "jeongsoolee09", "hohn", "knewbury01", "kraiouchkine") + $acl = @("jsinglet","mbaluda", "lcartey", "rvermeulen", "ravikprasad", "jeongsoolee09", "hohn", "knewbury01", "kraiouchkine") if(-not ($actor -in $acl)){ throw "Refusing to run workflow for user not in acl." From 6b57f8dbcb1ed6a6b87a4bc638960396dbf1ef75 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Mon, 27 Feb 2023 10:51:19 -0800 Subject: [PATCH 0545/2573] Remove bogus case and make `test.c` compile --- c/misra/test/rules/RULE-12-5/test.c | 17 +++++------------ 1 file changed, 5 insertions(+), 12 deletions(-) diff --git a/c/misra/test/rules/RULE-12-5/test.c b/c/misra/test/rules/RULE-12-5/test.c index d1cea0f8e3..4b04644ef3 100644 --- a/c/misra/test/rules/RULE-12-5/test.c +++ b/c/misra/test/rules/RULE-12-5/test.c @@ -1,4 +1,5 @@ #include +#include void sample(int32_t nums[4], const char string[], int32_t x) { for (int i = 0; @@ -15,21 +16,13 @@ void sample(int32_t nums[4], const char string[], int32_t x) { printf("%c", string[i]); } - printf("%d\n", sizeof(x)); // COMPLIANT: `x` not a array type parameter + printf("%lu\n", sizeof(x)); // COMPLIANT: `x` not a array type parameter char local_string[5] = "abcd"; printf( - "%d\n", + "%lu\n", sizeof( local_string)); // COMPLIANT: `local_string` not a function parameter +} - const char *string = (const char *)string; - - for (int i = 0; - i < sizeof(string) / // COMPLIANT: not a parameter access anymore, now a - // const char* variable declared in the body - sizeof(char); - i++) { - printf("%c", string[i]); - } -} \ No newline at end of file +int main() { return 0; } \ No newline at end of file From 405f28bbd814f1dc9a5e4772de824c3605f95999 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Mon, 27 Feb 2023 15:03:35 -0800 Subject: [PATCH 0546/2573] Remove bogus files --- .../RULE-12-5/SizeofOperatorHaveAnOperan.ql | 19 ------------------- .../SizeofOperatorHaveAnOperan.expected | 1 - .../SizeofOperatorHaveAnOperan.qlref | 1 - 3 files changed, 21 deletions(-) delete mode 100644 c/misra/src/rules/RULE-12-5/SizeofOperatorHaveAnOperan.ql delete mode 100644 c/misra/test/rules/RULE-12-5/SizeofOperatorHaveAnOperan.expected delete mode 100644 c/misra/test/rules/RULE-12-5/SizeofOperatorHaveAnOperan.qlref diff --git a/c/misra/src/rules/RULE-12-5/SizeofOperatorHaveAnOperan.ql b/c/misra/src/rules/RULE-12-5/SizeofOperatorHaveAnOperan.ql deleted file mode 100644 index 46b1ffc740..0000000000 --- a/c/misra/src/rules/RULE-12-5/SizeofOperatorHaveAnOperan.ql +++ /dev/null @@ -1,19 +0,0 @@ -/** - * @id c/misra/sizeof-operator-have-an-operan - * @name RULE-12-5: The sizeof operator shall not have an operand which is a function parameter declared as 'array of - * @description The sizeof operator shall not have an operand which is a function parameter declared - * as 'array of type'. - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/misra/id/rule-12-5 - * external/misra/obligation/mandatory - */ - -import cpp -import codingstandards.c.misra - -from -where - not isExcluded(x, TypesPackage::sizeofOperatorHaveAnOperanQuery()) and -select diff --git a/c/misra/test/rules/RULE-12-5/SizeofOperatorHaveAnOperan.expected b/c/misra/test/rules/RULE-12-5/SizeofOperatorHaveAnOperan.expected deleted file mode 100644 index 2ec1a0ac6c..0000000000 --- a/c/misra/test/rules/RULE-12-5/SizeofOperatorHaveAnOperan.expected +++ /dev/null @@ -1 +0,0 @@ -No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-12-5/SizeofOperatorHaveAnOperan.qlref b/c/misra/test/rules/RULE-12-5/SizeofOperatorHaveAnOperan.qlref deleted file mode 100644 index 2986a9fda3..0000000000 --- a/c/misra/test/rules/RULE-12-5/SizeofOperatorHaveAnOperan.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-12-5/SizeofOperatorHaveAnOperan.ql \ No newline at end of file From d8cd0bf1099a431cf768eab24648a8e0256e27ac Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Mon, 27 Feb 2023 15:10:26 -0800 Subject: [PATCH 0547/2573] Implement RULE-12-5 --- .../RULE-12-5/SizeofOperatorUsedOnArrayTypeParam.ql | 11 ++++++++--- .../SizeofOperatorUsedOnArrayTypeParam.expected | 3 ++- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/c/misra/src/rules/RULE-12-5/SizeofOperatorUsedOnArrayTypeParam.ql b/c/misra/src/rules/RULE-12-5/SizeofOperatorUsedOnArrayTypeParam.ql index e5a212b033..ad1dba6df4 100644 --- a/c/misra/src/rules/RULE-12-5/SizeofOperatorUsedOnArrayTypeParam.ql +++ b/c/misra/src/rules/RULE-12-5/SizeofOperatorUsedOnArrayTypeParam.ql @@ -13,7 +13,12 @@ import cpp import codingstandards.c.misra -from +from SizeofExprOperator sizeof where - not isExcluded(x, TypesPackage::sizeofOperatorUsedOnArrayTypeParamQuery()) and -select + not isExcluded(sizeof, TypesPackage::sizeofOperatorUsedOnArrayTypeParamQuery()) and + exists(Parameter param | + sizeof.getExprOperand().(VariableAccess).getTarget() = param and + param.getType() instanceof ArrayType + ) +select sizeof, + "The sizeof operator is called on an array-type parameter " + sizeof.getExprOperand() + "." diff --git a/c/misra/test/rules/RULE-12-5/SizeofOperatorUsedOnArrayTypeParam.expected b/c/misra/test/rules/RULE-12-5/SizeofOperatorUsedOnArrayTypeParam.expected index 2ec1a0ac6c..777df8349a 100644 --- a/c/misra/test/rules/RULE-12-5/SizeofOperatorUsedOnArrayTypeParam.expected +++ b/c/misra/test/rules/RULE-12-5/SizeofOperatorUsedOnArrayTypeParam.expected @@ -1 +1,2 @@ -No expected results have yet been specified \ No newline at end of file +| test.c:6:12:6:23 | sizeof() | The sizeof operator is called on an array-type parameter nums. | +| test.c:13:12:13:25 | sizeof() | The sizeof operator is called on an array-type parameter string. | \ No newline at end of file From 3a3eba22876db1c424eb590de5bc10bb193af74e Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Mon, 27 Feb 2023 15:38:32 -0800 Subject: [PATCH 0548/2573] Remove bogus files for RULE-7-4 --- .../StringLiteralAssignedToAnObject.ql | 19 ------------------- .../StringLiteralAssignedToAnObject.expected | 1 - .../StringLiteralAssignedToAnObject.qlref | 1 - 3 files changed, 21 deletions(-) delete mode 100644 c/misra/src/rules/RULE-7-4/StringLiteralAssignedToAnObject.ql delete mode 100644 c/misra/test/rules/RULE-7-4/StringLiteralAssignedToAnObject.expected delete mode 100644 c/misra/test/rules/RULE-7-4/StringLiteralAssignedToAnObject.qlref diff --git a/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToAnObject.ql b/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToAnObject.ql deleted file mode 100644 index 5842903f79..0000000000 --- a/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToAnObject.ql +++ /dev/null @@ -1,19 +0,0 @@ -/** - * @id c/misra/string-literal-assigned-to-an-object - * @name RULE-7-4: A string literal shall not be assigned to an object unless the object's type is 'pointer to - * @description A string literal shall not be assigned to an object unless the object's type is - * 'pointer to const-qualified char'. - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/misra/id/rule-7-4 - * external/misra/obligation/required - */ - -import cpp -import codingstandards.c.misra - -from -where - not isExcluded(x, TypesPackage::stringLiteralAssignedToAnObjectQuery()) and -select diff --git a/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToAnObject.expected b/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToAnObject.expected deleted file mode 100644 index 2ec1a0ac6c..0000000000 --- a/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToAnObject.expected +++ /dev/null @@ -1 +0,0 @@ -No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToAnObject.qlref b/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToAnObject.qlref deleted file mode 100644 index b48e298e04..0000000000 --- a/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToAnObject.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-7-4/StringLiteralAssignedToAnObject.ql \ No newline at end of file From 3034493b683f9d1df2a7d9e6bec383423a4bfd6e Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Mon, 27 Feb 2023 17:00:49 -0800 Subject: [PATCH 0549/2573] Remove main --- c/misra/test/rules/RULE-12-5/test.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/c/misra/test/rules/RULE-12-5/test.c b/c/misra/test/rules/RULE-12-5/test.c index 4b04644ef3..79920737e9 100644 --- a/c/misra/test/rules/RULE-12-5/test.c +++ b/c/misra/test/rules/RULE-12-5/test.c @@ -23,6 +23,4 @@ void sample(int32_t nums[4], const char string[], int32_t x) { "%lu\n", sizeof( local_string)); // COMPLIANT: `local_string` not a function parameter -} - -int main() { return 0; } \ No newline at end of file +} \ No newline at end of file From 25286ad48f031a3773576d97b8834ab8b9c904c3 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Mon, 27 Feb 2023 17:01:15 -0800 Subject: [PATCH 0550/2573] Add test.c for RULE-7-4 --- c/misra/test/rules/RULE-7-4/test.c | 55 ++++++++++++++++++++++++++++++ 1 file changed, 55 insertions(+) create mode 100644 c/misra/test/rules/RULE-7-4/test.c diff --git a/c/misra/test/rules/RULE-7-4/test.c b/c/misra/test/rules/RULE-7-4/test.c new file mode 100644 index 0000000000..f4c713324c --- /dev/null +++ b/c/misra/test/rules/RULE-7-4/test.c @@ -0,0 +1,55 @@ +#include + +void sample1() { + const char *s1 = + "string"; // COMPLIANT: string literal assigned to a const char* variable + const register volatile char *s2 = + "string"; // COMPLIANT: string literal assigned to a const char* variable, + // don't care about the qualifiers + char *s3 = + "string"; // NON_COMPLIANT: string literal assigned to a char* variable + s2 = s3; // COMPLIANT: string literal assigned to a char* variable + s3 = s2; // NON_COMPLIANT: string literal assigned to a char* variable +} + +const char *sample2(int x) { + if (x == 1) + return "string"; // COMPLIANT: can return a string literal with return type + // being const char* being const char* + else + return NULL; +} + +char *sample3(int x) { + if (x == 1) + return "string"; // NON_COMPLIANT: can return a string literal with return + // type being char* + else + return NULL; +} + +const char *sample6(int x) { + const char *result; + if (x == 1) + result = "string"; // COMPLIANT: string literal assigned to a const char* + // variable + else + result = NULL; + + return result; // COMPLIANT: `result` can be a string literal with return type + // being const char* +} + +void sample4(char *string) {} + +void sample5(const char *string) {} + +void call45() { + const char *literal = "string"; + sample4(literal); // NON_COMPLIANT: can't pass string literal to char* + sample4("string"); // NON_COMPLIANT: can't pass string literal to char* + sample5(literal); // COMPLIANT: passing string literal to const char* + sample5("string"); // COMPLIANT: passing string literal to const char* +} + +int main() { return 0; } \ No newline at end of file From 0ef25b2bae9de325e0a059247879784b643b8af1 Mon Sep 17 00:00:00 2001 From: Shadi Samadi Date: Tue, 28 Feb 2023 14:09:15 +1100 Subject: [PATCH 0551/2573] Added RULE 15-4 --- .../rules/RULE-15-4/LoopIterationCondition.ql | 19 ++++++-- .../RULE-15-4/LoopIterationCondition.expected | 3 +- c/misra/test/rules/RULE-15-4/test.c | 46 +++++++++++++++++++ rule_packages/c/Statements2.json | 7 ++- 4 files changed, 68 insertions(+), 7 deletions(-) create mode 100644 c/misra/test/rules/RULE-15-4/test.c diff --git a/c/misra/src/rules/RULE-15-4/LoopIterationCondition.ql b/c/misra/src/rules/RULE-15-4/LoopIterationCondition.ql index c9b49b5f56..9176aea2e1 100644 --- a/c/misra/src/rules/RULE-15-4/LoopIterationCondition.ql +++ b/c/misra/src/rules/RULE-15-4/LoopIterationCondition.ql @@ -1,18 +1,29 @@ /** * @id c/misra/loop-iteration-condition * @name RULE-15-4: There should be no more than one break or goto statement used to terminate any iteration statement - * @description + * @description More than one break or goto statement in iteration conditions may lead to + * readability and maintainability issues. * @kind problem * @precision very-high * @problem.severity error * @tags external/misra/id/rule-15-4 + * maintainability + * readability * external/misra/obligation/advisory */ import cpp import codingstandards.c.misra -from +from Loop loop where - not isExcluded(x, Statements2Package::loopIterationConditionQuery()) and -select + not isExcluded(loop, Statements2Package::loopIterationConditionQuery()) and + count(Stmt terminationStmt | + loop.getChildStmt*() = terminationStmt and + ( + terminationStmt instanceof BreakStmt + or + terminationStmt instanceof GotoStmt + ) + ) > 1 +select loop, "$@ statement contains more than one break or goto statement", loop, "Iteration" diff --git a/c/misra/test/rules/RULE-15-4/LoopIterationCondition.expected b/c/misra/test/rules/RULE-15-4/LoopIterationCondition.expected index 2ec1a0ac6c..6a8d9bf23a 100644 --- a/c/misra/test/rules/RULE-15-4/LoopIterationCondition.expected +++ b/c/misra/test/rules/RULE-15-4/LoopIterationCondition.expected @@ -1 +1,2 @@ -No expected results have yet been specified \ No newline at end of file +| test.c:24:3:32:3 | for(...;...;...) ... | $@ statement contains more than one break or goto statement | test.c:24:3:32:3 | for(...;...;...) ... | Iteration | +| test.c:38:3:45:3 | while (...) ... | $@ statement contains more than one break or goto statement | test.c:38:3:45:3 | while (...) ... | Iteration | diff --git a/c/misra/test/rules/RULE-15-4/test.c b/c/misra/test/rules/RULE-15-4/test.c new file mode 100644 index 0000000000..382b040c55 --- /dev/null +++ b/c/misra/test/rules/RULE-15-4/test.c @@ -0,0 +1,46 @@ +void f1() { +L1:; + + for (int k = 0; k < 10; k++) { // COMPLIANT + ; + } + + for (int i = 0; i < 10; i++) { // COMPLIANT + if (i > 5) { + break; + } + } + + for (int j = 0; j < 10; j++) { // COMPLIANT + goto L1; + } +} + +void f2() { +L1:; + + int k = 0; + + for (int i = 0; i < 10; i++) { // NON_COMPLIANT + if (i > 5) { + break; + } + if (i < 10) { + break; + } + goto L1; + } + + while (k < 10) { // COMPLIANT + ; + } + + while (k < 10) { // NON_COMPLIANT + if (k > 5) { + break; + } + while (k < 3) { // COMPLIANT + goto L1; + } + } +} diff --git a/rule_packages/c/Statements2.json b/rule_packages/c/Statements2.json index 48e6a3aaa1..6406a91441 100644 --- a/rule_packages/c/Statements2.json +++ b/rule_packages/c/Statements2.json @@ -47,13 +47,16 @@ }, "queries": [ { - "description": "", + "description": "More than one break or goto statement in iteration conditions may lead to readability and maintainability issues.", "kind": "problem", "name": "There should be no more than one break or goto statement used to terminate any iteration statement", "precision": "very-high", "severity": "error", "short_name": "LoopIterationCondition", - "tags": [] + "tags": [ + "maintainability", + "readability" + ] } ], "title": "There should be no more than one break or goto statement used to terminate any iteration statement" From 14350d0ed44e65ed5dfbc893ee9108d55ceab39e Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Tue, 28 Feb 2023 11:55:51 -0800 Subject: [PATCH 0552/2573] modified test.c for 7-4 --- c/misra/test/rules/RULE-7-4/test.c | 35 ++++++++++++++++++++---------- 1 file changed, 24 insertions(+), 11 deletions(-) diff --git a/c/misra/test/rules/RULE-7-4/test.c b/c/misra/test/rules/RULE-7-4/test.c index f4c713324c..88ea54e611 100644 --- a/c/misra/test/rules/RULE-7-4/test.c +++ b/c/misra/test/rules/RULE-7-4/test.c @@ -6,10 +6,12 @@ void sample1() { const register volatile char *s2 = "string"; // COMPLIANT: string literal assigned to a const char* variable, // don't care about the qualifiers - char *s3 = - "string"; // NON_COMPLIANT: string literal assigned to a char* variable - s2 = s3; // COMPLIANT: string literal assigned to a char* variable - s3 = s2; // NON_COMPLIANT: string literal assigned to a char* variable + char *s3 = "string"; // NON_COMPLIANT: char* variable declared to hold a + // string literal + s3 = "string"; // NON_COMPLIANT: string literal assigned to a char* variable + s2 = s3; // COMPLIANT: string literal (rvalue) assigned to a char* variable + s3 = + s2; // NON_COMPLIANT: string literal (rvalue) assigned to a char* variable } const char *sample2(int x) { @@ -28,7 +30,7 @@ char *sample3(int x) { return NULL; } -const char *sample6(int x) { +const char *sample4(int x) { const char *result; if (x == 1) result = "string"; // COMPLIANT: string literal assigned to a const char* @@ -40,16 +42,27 @@ const char *sample6(int x) { // being const char* } -void sample4(char *string) {} +char *sample5(int x) { + const char *result; + if (x == 1) + result = "string"; // COMPLIANT: string literal assigned to a const char* + // variable + else + result = NULL; + + return result; // NON_COMPLIANT: `result` can be a string literal with return + // type being char* +} +void sample6(char *string) {} -void sample5(const char *string) {} +void sample7(const char *string) {} void call45() { const char *literal = "string"; - sample4(literal); // NON_COMPLIANT: can't pass string literal to char* - sample4("string"); // NON_COMPLIANT: can't pass string literal to char* - sample5(literal); // COMPLIANT: passing string literal to const char* - sample5("string"); // COMPLIANT: passing string literal to const char* + sample6(literal); // NON_COMPLIANT: can't pass string literal to char* + sample6("string"); // NON_COMPLIANT: can't pass string literal to char* + sample7(literal); // COMPLIANT: passing string literal to const char* + sample7("string"); // COMPLIANT: passing string literal to const char* } int main() { return 0; } \ No newline at end of file From 2ebcf85c007d3126798d8c263edaff0a4621916e Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Tue, 28 Feb 2023 13:44:11 -0800 Subject: [PATCH 0553/2573] Slim down test.c for 7-4 --- c/misra/test/rules/RULE-7-4/test.c | 37 ++++-------------------------- 1 file changed, 4 insertions(+), 33 deletions(-) diff --git a/c/misra/test/rules/RULE-7-4/test.c b/c/misra/test/rules/RULE-7-4/test.c index 88ea54e611..5771f846c9 100644 --- a/c/misra/test/rules/RULE-7-4/test.c +++ b/c/misra/test/rules/RULE-7-4/test.c @@ -8,10 +8,6 @@ void sample1() { // don't care about the qualifiers char *s3 = "string"; // NON_COMPLIANT: char* variable declared to hold a // string literal - s3 = "string"; // NON_COMPLIANT: string literal assigned to a char* variable - s2 = s3; // COMPLIANT: string literal (rvalue) assigned to a char* variable - s3 = - s2; // NON_COMPLIANT: string literal (rvalue) assigned to a char* variable } const char *sample2(int x) { @@ -30,39 +26,14 @@ char *sample3(int x) { return NULL; } -const char *sample4(int x) { - const char *result; - if (x == 1) - result = "string"; // COMPLIANT: string literal assigned to a const char* - // variable - else - result = NULL; - - return result; // COMPLIANT: `result` can be a string literal with return type - // being const char* -} - -char *sample5(int x) { - const char *result; - if (x == 1) - result = "string"; // COMPLIANT: string literal assigned to a const char* - // variable - else - result = NULL; - - return result; // NON_COMPLIANT: `result` can be a string literal with return - // type being char* -} -void sample6(char *string) {} +void sample4(char *string) {} -void sample7(const char *string) {} +void sample5(const char *string) {} void call45() { const char *literal = "string"; - sample6(literal); // NON_COMPLIANT: can't pass string literal to char* - sample6("string"); // NON_COMPLIANT: can't pass string literal to char* - sample7(literal); // COMPLIANT: passing string literal to const char* - sample7("string"); // COMPLIANT: passing string literal to const char* + sample4("string"); // NON_COMPLIANT: can't pass string literal to char* + sample5("string"); // COMPLIANT: passing string literal to const char* } int main() { return 0; } \ No newline at end of file From 16fe159244612517732a654b2e9d23117f103b40 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Tue, 28 Feb 2023 13:51:25 -0800 Subject: [PATCH 0554/2573] Draft of 7-4 --- .../StringLiteralAssignedToNonConstChar.ql | 87 ++++++++++++++++++- c/misra/test/rules/RULE-7-4/test.c | 27 +++--- 2 files changed, 99 insertions(+), 15 deletions(-) diff --git a/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql b/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql index cf92446bca..73d91df642 100644 --- a/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql +++ b/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql @@ -13,7 +13,88 @@ import cpp import codingstandards.c.misra -from +class NonConstCharStarType extends Type { + NonConstCharStarType() { + this instanceof CharPointerType and + not this.isDeeplyConstBelow() + } +} + +/* A non-const-char* variable declared with a string literal */ +predicate declaringNonConstCharVar(Variable decl) { + not decl instanceof Parameter and // exclude parameters + /* It should be declaring a char* type variable */ + decl.getUnspecifiedType() instanceof CharPointerType and + not decl.getUnderlyingType().isDeeplyConstBelow() and + /* But it's declared to hold a string literal. */ + decl.getInitializer().getExpr() instanceof StringLiteral +} + +/* String literal being assigned to a non-const-char* variable */ +predicate assignmentToNonConstCharVar(Assignment assign) { + /* The variable being assigned is char* */ + assign.getLValue().getUnderlyingType() instanceof NonConstCharStarType and + /* But the rvalue is a string literal */ + exists(Expr rvalue | rvalue = assign.getRValue() | rvalue instanceof StringLiteral) +} + +/* String literal being passed to a non-const-char* parameter */ +predicate assignmentToNonConstCharParam(FunctionCall call) { + exists(int index | + /* Param at index is a char* */ + call.getTarget().getParameter(index).getUnderlyingType() instanceof NonConstCharStarType and + /* But a string literal is passed */ + call.getArgument(index) instanceof StringLiteral + ) +} + +/* String literal being returned by a non-const-char* function */ +predicate returningNonConstCharVar(ReturnStmt return) { + /* The function is declared to return a char* */ + return.getEnclosingFunction().getType().resolveTypedefs() instanceof NonConstCharStarType and + /* But in reality it returns a string literal */ + return.getExpr() instanceof StringLiteral +} + +// newtype TProblematicElem = +// TVar(Variable decl) or +// TAssign(Assignment assign) or +// TFunCall(FunctionCall call) or +// TReturnStmt(ReturnStmt return) +// class ProblematicElem extends TProblematicElem { +// Variable getVariable() { this = TVar(result) } +// Assignment getAssign() { this = TAssign(result) } +// FunctionCall getFunCall() { this = TFunCall(result) } +// ReturnStmt getReturnStmt() { this = TReturnStmt(result) } +// override string toString() { +// this instanceof TVar and result = this.getVariable().toString() +// or +// this instanceof TAssign and result = this.getAssign().toString() +// or +// this instanceof TFunCall and result = this.getFunCall().toString() +// or +// this instanceof TReturnStmt and result = this.getReturnStmt().toString() +// } +// } +// class ProblematicElem = Variable or Assignment or FunctionCall or ReturnStmt; +// ^ Nope! +from Variable decl, Assignment assign, FunctionCall call, ReturnStmt return, string message where - not isExcluded(x, TypesPackage::stringLiteralAssignedToNonConstCharQuery()) and -select + not isExcluded(decl, TypesPackage::stringLiteralAssignedToNonConstCharQuery()) and + not isExcluded(assign, TypesPackage::stringLiteralAssignedToNonConstCharQuery()) and + not isExcluded(call, TypesPackage::stringLiteralAssignedToNonConstCharQuery()) and + not isExcluded(return, TypesPackage::stringLiteralAssignedToNonConstCharQuery()) and + ( + declaringNonConstCharVar(decl) and + message = "char* variable " + decl + " is declared with a string literal." + or + assignmentToNonConstCharVar(assign) and + message = "char* variable " + assign.getLValue() + " is assigned a string literal. " + or + assignmentToNonConstCharParam(call) and + message = "char* parameter of " + call.getTarget() + " is passed a string literal." + or + returningNonConstCharVar(return) and + message = "char* function " + return.getEnclosingFunction() + " is returning a string literal." + ) +select message diff --git a/c/misra/test/rules/RULE-7-4/test.c b/c/misra/test/rules/RULE-7-4/test.c index 5771f846c9..fe2afb9444 100644 --- a/c/misra/test/rules/RULE-7-4/test.c +++ b/c/misra/test/rules/RULE-7-4/test.c @@ -2,26 +2,29 @@ void sample1() { const char *s1 = - "string"; // COMPLIANT: string literal assigned to a const char* variable + "string1"; // COMPLIANT: string literal assigned to a const char* variable const register volatile char *s2 = - "string"; // COMPLIANT: string literal assigned to a const char* variable, - // don't care about the qualifiers - char *s3 = "string"; // NON_COMPLIANT: char* variable declared to hold a - // string literal + "string2"; // COMPLIANT: string literal assigned to a const char* + // variable, don't care about the qualifiers + char *s3 = "string3"; // NON_COMPLIANT: char* variable declared to hold a + // string literal + s3 = + "string4"; // NON_COMPLIANT: char* variable assigned a string literal + // (not likely to be seen in production, since there is strcpy) } const char *sample2(int x) { if (x == 1) - return "string"; // COMPLIANT: can return a string literal with return type - // being const char* being const char* + return "string5"; // COMPLIANT: can return a string literal with return type + // being const char* being const char* else return NULL; } char *sample3(int x) { if (x == 1) - return "string"; // NON_COMPLIANT: can return a string literal with return - // type being char* + return "string6"; // NON_COMPLIANT: can return a string literal with return + // type being char* else return NULL; } @@ -31,9 +34,9 @@ void sample4(char *string) {} void sample5(const char *string) {} void call45() { - const char *literal = "string"; - sample4("string"); // NON_COMPLIANT: can't pass string literal to char* - sample5("string"); // COMPLIANT: passing string literal to const char* + const char *literal = "string7"; + sample4("string8"); // NON_COMPLIANT: can't pass string literal to char* + sample5("string9"); // COMPLIANT: passing string literal to const char* } int main() { return 0; } \ No newline at end of file From b51ac0e7b9b118d56768e510933aeb7c2c3d6fdc Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Tue, 28 Feb 2023 13:52:28 -0800 Subject: [PATCH 0555/2573] Update .expected for 7-4 --- .../RULE-7-4/StringLiteralAssignedToNonConstChar.expected | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.expected b/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.expected index 2ec1a0ac6c..379a5659fd 100644 --- a/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.expected +++ b/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.expected @@ -1 +1,4 @@ -No expected results have yet been specified \ No newline at end of file +| char* function sample3 is returning a string literal. | +| char* parameter of sample4 is passed a string literal. | +| char* variable s3 is assigned a string literal. | +| char* variable s3 is declared with a string literal. | From ccf9f5f9654c801c0325eb7da985d256dae4c9aa Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Tue, 28 Feb 2023 15:14:25 -0800 Subject: [PATCH 0556/2573] Remove bogus files --- .../test/rules/DIR-4-6/TypedefsThatIndicateSizeAndSig.expected | 1 - 1 file changed, 1 deletion(-) delete mode 100644 c/misra/test/rules/DIR-4-6/TypedefsThatIndicateSizeAndSig.expected diff --git a/c/misra/test/rules/DIR-4-6/TypedefsThatIndicateSizeAndSig.expected b/c/misra/test/rules/DIR-4-6/TypedefsThatIndicateSizeAndSig.expected deleted file mode 100644 index 2ec1a0ac6c..0000000000 --- a/c/misra/test/rules/DIR-4-6/TypedefsThatIndicateSizeAndSig.expected +++ /dev/null @@ -1 +0,0 @@ -No expected results have yet been specified \ No newline at end of file From ccfeb0630838cba8be7724081b408732506ab3c7 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Tue, 28 Feb 2023 15:14:46 -0800 Subject: [PATCH 0557/2573] Remove bogus file --- c/misra/test/rules/DIR-4-6/TypedefsThatIndicateSizeAndSig.qlref | 1 - 1 file changed, 1 deletion(-) delete mode 100644 c/misra/test/rules/DIR-4-6/TypedefsThatIndicateSizeAndSig.qlref diff --git a/c/misra/test/rules/DIR-4-6/TypedefsThatIndicateSizeAndSig.qlref b/c/misra/test/rules/DIR-4-6/TypedefsThatIndicateSizeAndSig.qlref deleted file mode 100644 index 9a6e2990cd..0000000000 --- a/c/misra/test/rules/DIR-4-6/TypedefsThatIndicateSizeAndSig.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/DIR-4-6/TypedefsThatIndicateSizeAndSig.ql \ No newline at end of file From 7e837dc9a92e1f076a9008be0d814c626532401b Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Tue, 28 Feb 2023 15:15:06 -0800 Subject: [PATCH 0558/2573] Add test cases for DIR-4-6 --- c/misra/test/rules/DIR-4-6/test.c | 71 +++++++++++++++++++++++++++++++ 1 file changed, 71 insertions(+) create mode 100644 c/misra/test/rules/DIR-4-6/test.c diff --git a/c/misra/test/rules/DIR-4-6/test.c b/c/misra/test/rules/DIR-4-6/test.c new file mode 100644 index 0000000000..4762eea2a2 --- /dev/null +++ b/c/misra/test/rules/DIR-4-6/test.c @@ -0,0 +1,71 @@ +#include + +typedef signed char INT8; // COMPLIANT: exception, typedefs are permitted +typedef unsigned char UINT8; // COMPLIANT: exception, typedefs are permitted + +typedef short _INT16; // COMPLIANT: exception, typedefs are permitted +typedef signed short INT16; // COMPLIANT: exception, typedefs are permitted +typedef unsigned short UINT16; // COMPLIANT: exception, typedefs are permitted + +typedef int _INT32; // COMPLIANT: exception, typedefs are permitted +typedef signed int INT32; // COMPLIANT: exception, typedefs are permitted +typedef unsigned int UINT32; // COMPLIANT: exception, typedefs are permitted + +typedef long _INT64; // COMPLIANT: exception, typedefs are permitted +typedef signed long INT64; // COMPLIANT: exception, typedefs are permitted +typedef unsigned long UINT64; // COMPLIANT: exception, typedefs are permitted + +typedef long long _INT128; // COMPLIANT: exception, typedefs are permitted +typedef signed long long INT128; // COMPLIANT: exception, typedefs are permitted +typedef unsigned long long + UINT128; // COMPLIANT: exception, typedefs are permitted + +typedef float FLOAT32; // COMPLIANT: exception, typedefs are permitted +typedef double FLOAT64; // COMPLIANT: exception, typedefs are permitted +typedef long double FLOAT128; // COMPLIANT: exception, typedefs are permitted + +typedef int8_t + astronomical_number_t; // COMPLIANT: aliasing a fixed-width numeric typedef +typedef uint8_t u_astronomical_number_t; // COMPLIANT: aliasing a fixed-width + // numeric typedef +typedef int + astronomical_number_t; // NON_COMPLIANT: aliasing a basic numeric type + +int // COMPLIANT: exception, main's return type can be plain int +main(int argc, // COMPLIANT: exception, argc's type can be plain int + char *argv[]) { // COMPLIANT: char is not a basic numeric type + + char c1 = 1; // COMPLIANT: char is not a basic numeric type + signed char c2 = 1; // NON_COMPLIANT: use typedef int8_t in stdint + unsigned char c3 = 1; // NON_COMPLIANT: use typedef uint8_t in stdint + INT8 c4 = 1; // COMPLIANT: typedef used instead + + short s1 = 1; // NON_COMPLIANT: short is a basic numeric type + signed short s2 = 1; // NON_COMPLIANT: use typedef int16_t in stdint + unsigned short s3 = 1; // NON_COMPLIANT: use typedef uint16_t in stdint + INT16 s4 = 1; // COMPLIANT: typedef used instead + + int i1 = 1; // NON_COMPLIANT: int is a basic numeric type + signed int i2 = 1; // NON_COMPLIANT: use typedef int32_t in stdint + unsigned int i3 = 1; // NON_COMPLIANT: use typedef uint32_t in stdint + INT32 s4 = 1; // COMPLIANT: typedef used instead + + long l1 = 1; // NON_COMPLIANT: int is a basic numeric type + signed long l2 = 1; // NON_COMPLIANT: use typedef int64_t in stdint + unsigned long l3 = 1; // NON_COMPLIANT: use typedef uint64_t in stdint + INT64 s4 = 1; // COMPLIANT: typedef used instead + + long long l1 = 1; // NON_COMPLIANT: int is a basic numeric type + signed long long l2 = 1; // NON_COMPLIANT: use typedef int128_t in stdint + unsigned long long l3 = 1; // NON_COMPLIANT: use typedef uint128_t in stdint + INT128 s4 = 1; // COMPLIANT: typedef used instead + + float f1 = 1; // NON_COMPLIANT: float is a basic numeric type, use a typedef + FLOAT32 f2 = 1; // COMPLIANT: typedef used instead + + double d1 = 1; // NON_COMPLIANT: int is a basic numeric type + FLOAT64 d2 = 1; // COMPLIANT: typedef used instead + + long double ld1 = 1; // NON_COMPLIANT: int is a basic numeric type + FLOAT128 ld2 = 1; // COMPLIANT: typedef used instead +} \ No newline at end of file From 87a0a3df9407d2820a245794e5b808b9317a6886 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Tue, 28 Feb 2023 16:29:55 -0800 Subject: [PATCH 0559/2573] Draft of 4-6 --- ...ainNumericalTypeUsedOverExplicitTypedef.ql | 41 +++++++++- c/misra/test/rules/DIR-4-6/test.c | 77 +++++++++---------- 2 files changed, 73 insertions(+), 45 deletions(-) diff --git a/c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql b/c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql index 7e420aa1a3..4d36edb35a 100644 --- a/c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql +++ b/c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql @@ -13,7 +13,40 @@ import cpp import codingstandards.c.misra -from -where - not isExcluded(x, TypesPackage::plainNumericalTypeUsedOverExplicitTypedefQuery()) and -select +abstract class ForbiddenType extends Type { } + +class BuiltinNumericType extends ForbiddenType { + BuiltinNumericType() { + /* Exclude the plain char because it does not count as a numeric type */ + this.(CharType).isExplicitlySigned() + or + this.(CharType).isExplicitlyUnsigned() + or + this instanceof ShortType + or + this instanceof IntType + or + this instanceof LongType + or + this instanceof LongLongType + or + this instanceof FloatType + or + this instanceof DoubleType + or + this instanceof LongDoubleType + } +} + +class ForbiddenTypedefType extends ForbiddenType, TypedefType { + ForbiddenTypedefType() { + this.(TypedefType).getBaseType() instanceof BuiltinNumericType and + not this.getName().regexpMatch("u?(int|float)(4|8|16|32|64|128)_t") + } +} + +/* TODO: BuiltinNumericType not being flagged */ +from ForbiddenType forbiddenType +where not isExcluded(forbiddenType, TypesPackage::plainNumericalTypeUsedOverExplicitTypedefQuery()) +select forbiddenType, + "The type " + forbiddenType + " is not a fixed-width numeric type nor an alias to one." diff --git a/c/misra/test/rules/DIR-4-6/test.c b/c/misra/test/rules/DIR-4-6/test.c index 4762eea2a2..b806b91c08 100644 --- a/c/misra/test/rules/DIR-4-6/test.c +++ b/c/misra/test/rules/DIR-4-6/test.c @@ -1,71 +1,66 @@ -#include +typedef signed char int8_t; // COMPLIANT: exception, typedefs are permitted +typedef unsigned char uint8_t; // COMPLIANT: exception, typedefs are permitted -typedef signed char INT8; // COMPLIANT: exception, typedefs are permitted -typedef unsigned char UINT8; // COMPLIANT: exception, typedefs are permitted +typedef signed short int16_t; // COMPLIANT: exception, typedefs are permitted +typedef unsigned short uint16_t; // COMPLIANT: exception, typedefs are permitted -typedef short _INT16; // COMPLIANT: exception, typedefs are permitted -typedef signed short INT16; // COMPLIANT: exception, typedefs are permitted -typedef unsigned short UINT16; // COMPLIANT: exception, typedefs are permitted +typedef signed int int32_t; // COMPLIANT: exception, typedefs are permitted +typedef unsigned int uint32_t; // COMPLIANT: exception, typedefs are permitted -typedef int _INT32; // COMPLIANT: exception, typedefs are permitted -typedef signed int INT32; // COMPLIANT: exception, typedefs are permitted -typedef unsigned int UINT32; // COMPLIANT: exception, typedefs are permitted +typedef signed long int64_t; // COMPLIANT: exception, typedefs are permitted +typedef unsigned long uint64_t; // COMPLIANT: exception, typedefs are permitted -typedef long _INT64; // COMPLIANT: exception, typedefs are permitted -typedef signed long INT64; // COMPLIANT: exception, typedefs are permitted -typedef unsigned long UINT64; // COMPLIANT: exception, typedefs are permitted - -typedef long long _INT128; // COMPLIANT: exception, typedefs are permitted -typedef signed long long INT128; // COMPLIANT: exception, typedefs are permitted +typedef signed long long + int128_t; // COMPLIANT: exception, typedefs are permitted typedef unsigned long long - UINT128; // COMPLIANT: exception, typedefs are permitted + uint128_t; // COMPLIANT: exception, typedefs are permitted -typedef float FLOAT32; // COMPLIANT: exception, typedefs are permitted -typedef double FLOAT64; // COMPLIANT: exception, typedefs are permitted -typedef long double FLOAT128; // COMPLIANT: exception, typedefs are permitted +typedef float float32_t; // COMPLIANT: exception, typedefs are permitted +typedef double float64_t; // COMPLIANT: exception, typedefs are permitted +typedef long double float128_t; // COMPLIANT: exception, typedefs are permitted typedef int8_t astronomical_number_t; // COMPLIANT: aliasing a fixed-width numeric typedef typedef uint8_t u_astronomical_number_t; // COMPLIANT: aliasing a fixed-width // numeric typedef typedef int - astronomical_number_t; // NON_COMPLIANT: aliasing a basic numeric type + _astronomical_number_t; // NON_COMPLIANT: aliasing a basic numeric type int // COMPLIANT: exception, main's return type can be plain int main(int argc, // COMPLIANT: exception, argc's type can be plain int char *argv[]) { // COMPLIANT: char is not a basic numeric type char c1 = 1; // COMPLIANT: char is not a basic numeric type - signed char c2 = 1; // NON_COMPLIANT: use typedef int8_t in stdint - unsigned char c3 = 1; // NON_COMPLIANT: use typedef uint8_t in stdint - INT8 c4 = 1; // COMPLIANT: typedef used instead + signed char c2 = 1; // NON_COMPLIANT: use typedef int8_t + unsigned char c3 = 1; // NON_COMPLIANT: use typedef uint8_t + int8_t c4 = 1; // COMPLIANT: typedef used instead short s1 = 1; // NON_COMPLIANT: short is a basic numeric type - signed short s2 = 1; // NON_COMPLIANT: use typedef int16_t in stdint - unsigned short s3 = 1; // NON_COMPLIANT: use typedef uint16_t in stdint - INT16 s4 = 1; // COMPLIANT: typedef used instead + signed short s2 = 1; // NON_COMPLIANT: use typedef int16_t + unsigned short s3 = 1; // NON_COMPLIANT: use typedef uint16_t + int16_t s4 = 1; // COMPLIANT: typedef used instead int i1 = 1; // NON_COMPLIANT: int is a basic numeric type - signed int i2 = 1; // NON_COMPLIANT: use typedef int32_t in stdint - unsigned int i3 = 1; // NON_COMPLIANT: use typedef uint32_t in stdint - INT32 s4 = 1; // COMPLIANT: typedef used instead + signed int i2 = 1; // NON_COMPLIANT: use typedef int32_t + unsigned int i3 = 1; // NON_COMPLIANT: use typedef uint32_t + int32_t i4 = 1; // COMPLIANT: typedef used instead long l1 = 1; // NON_COMPLIANT: int is a basic numeric type - signed long l2 = 1; // NON_COMPLIANT: use typedef int64_t in stdint - unsigned long l3 = 1; // NON_COMPLIANT: use typedef uint64_t in stdint - INT64 s4 = 1; // COMPLIANT: typedef used instead + signed long l2 = 1; // NON_COMPLIANT: use typedef int64_t + unsigned long l3 = 1; // NON_COMPLIANT: use typedef uint64_t + int64_t l4 = 1; // COMPLIANT: typedef used instead - long long l1 = 1; // NON_COMPLIANT: int is a basic numeric type - signed long long l2 = 1; // NON_COMPLIANT: use typedef int128_t in stdint - unsigned long long l3 = 1; // NON_COMPLIANT: use typedef uint128_t in stdint - INT128 s4 = 1; // COMPLIANT: typedef used instead + long long ll1 = 1; // NON_COMPLIANT: int is a basic numeric type + signed long long ll2 = 1; // NON_COMPLIANT: use typedef int128_t + unsigned long long ll3 = 1; // NON_COMPLIANT: use typedef uint128_t + int128_t ll4 = 1; // COMPLIANT: typedef used instead - float f1 = 1; // NON_COMPLIANT: float is a basic numeric type, use a typedef - FLOAT32 f2 = 1; // COMPLIANT: typedef used instead + float f1 = 1; // NON_COMPLIANT: float is a basic numeric type, use a typedef + float32_t f2 = 1; // COMPLIANT: typedef used instead - double d1 = 1; // NON_COMPLIANT: int is a basic numeric type - FLOAT64 d2 = 1; // COMPLIANT: typedef used instead + double d1 = 1; // NON_COMPLIANT: int is a basic numeric type + float64_t d2 = 1; // COMPLIANT: typedef used instead long double ld1 = 1; // NON_COMPLIANT: int is a basic numeric type - FLOAT128 ld2 = 1; // COMPLIANT: typedef used instead + float128_t ld2 = 1; // COMPLIANT: typedef used instead } \ No newline at end of file From 05255c3ab38f795b7cc1b2cf2a6c82c55f0595a7 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Wed, 1 Mar 2023 10:25:36 +0100 Subject: [PATCH 0560/2573] Fix XML deprecation warnings --- cpp/common/src/codingstandards/cpp/Config.qll | 6 +++--- .../GuidelineRecategorizations.qll | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Config.qll b/cpp/common/src/codingstandards/cpp/Config.qll index 7d12340719..5ce3f7a035 100644 --- a/cpp/common/src/codingstandards/cpp/Config.qll +++ b/cpp/common/src/codingstandards/cpp/Config.qll @@ -8,7 +8,7 @@ import codingstandards.cpp.exclusions.RuleMetadata import codingstandards.cpp.deviations.Deviations /** A `coding-standards.xml` configuration file (usually generated from an YAML configuration file). */ -class CodingStandardsFile extends XMLFile { +class CodingStandardsFile extends XmlFile { CodingStandardsFile() { this.getBaseName() = "coding-standards.xml" and // Must be within the users source code. @@ -16,12 +16,12 @@ class CodingStandardsFile extends XMLFile { } } -class CodingStandardsConfigSection extends XMLElement { +class CodingStandardsConfigSection extends XmlElement { CodingStandardsConfigSection() { getParent() instanceof CodingStandardsConfig } } /** A "Coding Standards" configuration file */ -class CodingStandardsConfig extends XMLElement { +class CodingStandardsConfig extends XmlElement { CodingStandardsConfig() { any(CodingStandardsFile csf).getARootElement() = this and this.getName() = "codingstandards" diff --git a/cpp/common/src/codingstandards/cpp/guideline_recategorizations/GuidelineRecategorizations.qll b/cpp/common/src/codingstandards/cpp/guideline_recategorizations/GuidelineRecategorizations.qll index ff148a4a72..ec5731f1bf 100644 --- a/cpp/common/src/codingstandards/cpp/guideline_recategorizations/GuidelineRecategorizations.qll +++ b/cpp/common/src/codingstandards/cpp/guideline_recategorizations/GuidelineRecategorizations.qll @@ -12,7 +12,7 @@ class GuidelineRecategorizations extends CodingStandardsConfigSection { GuidelineRecategorizations() { hasName("guideline-recategorizations") } } -class GuidelineRecategorization extends XMLElement { +class GuidelineRecategorization extends XmlElement { GuidelineRecategorization() { getParent() instanceof GuidelineRecategorizations and hasName("guideline-recategorizations-entry") From 7e87677e5a827938bfe52e379450ae027d81f130 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Wed, 1 Mar 2023 10:29:13 +0100 Subject: [PATCH 0561/2573] Only compile queries that are needed in a particular unit test --- .github/workflows/codeql_unit_tests.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index 84a24238c3..4d33e933ce 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -77,8 +77,7 @@ jobs: - name: Pre-Compile Queries id: pre-compile-queries run: | - ${{ github.workspace }}/codeql_home/codeql/codeql query compile --threads 0 cpp - ${{ github.workspace }}/codeql_home/codeql/codeql query compile --threads 0 c + ${{ github.workspace }}/codeql_home/codeql/codeql query compile --threads 0 ${{ matrix.language }} - name: Run test suites From dd39c9437e654d5b978111bfde081ac0d3d5afb6 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Wed, 1 Mar 2023 10:50:35 +0100 Subject: [PATCH 0562/2573] Update MISRA RULE-8-4 test for changes in latest CodeQL --- .../rules/RULE-8-4/CompatibleDeclarationObjectDefined.expected | 1 - c/misra/test/rules/RULE-8-4/object1.c | 2 +- c/misra/test/rules/RULE-8-4/object2.c | 2 +- 3 files changed, 2 insertions(+), 3 deletions(-) diff --git a/c/misra/test/rules/RULE-8-4/CompatibleDeclarationObjectDefined.expected b/c/misra/test/rules/RULE-8-4/CompatibleDeclarationObjectDefined.expected index 6655c5d6f7..f8472b21e0 100644 --- a/c/misra/test/rules/RULE-8-4/CompatibleDeclarationObjectDefined.expected +++ b/c/misra/test/rules/RULE-8-4/CompatibleDeclarationObjectDefined.expected @@ -1,3 +1,2 @@ | object1.c:4:12:4:13 | definition of i1 | No separate compatible declaration found for this definition. | | object1.c:6:5:6:6 | definition of i2 | No separate compatible declaration found for this definition. | -| object2.c:1:7:1:8 | definition of i3 | No separate compatible declaration found for this definition. | diff --git a/c/misra/test/rules/RULE-8-4/object1.c b/c/misra/test/rules/RULE-8-4/object1.c index 3de20eabcc..bea41c7a20 100644 --- a/c/misra/test/rules/RULE-8-4/object1.c +++ b/c/misra/test/rules/RULE-8-4/object1.c @@ -5,6 +5,6 @@ extern int i1 = 0; // NON_COMPLIANT int i2 = 0; // NON_COMPLIANT -extern int i3; // NON_COMPLIANT +extern int i3; // NON_COMPLIANT - not detected as `short i3` exists extern int i4; // COMPLIANT \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-4/object2.c b/c/misra/test/rules/RULE-8-4/object2.c index 78c5bee421..eef1696918 100644 --- a/c/misra/test/rules/RULE-8-4/object2.c +++ b/c/misra/test/rules/RULE-8-4/object2.c @@ -1,3 +1,3 @@ -short i3 = 0; // NON_COMPLIANT +short i3 = 0; // NON_COMPLIANT - not detected as `extern int i3` exists signed int i4 = 0; // COMPLIANT \ No newline at end of file From 71e1992e556fab18249ba0c4d446eec6f96819ff Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Wed, 1 Mar 2023 10:53:39 +0100 Subject: [PATCH 0563/2573] Fix a number of typos in tests --- cpp/autosar/test/rules/A12-8-1/test.cpp | 2 +- cpp/autosar/test/rules/A13-5-3/test.cpp | 2 +- cpp/autosar/test/rules/A5-1-1/test.cpp | 2 +- .../rules/EXP52-CPP/DoNotRelyOnSideEffectsInSizeOfOperand.cpp | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/cpp/autosar/test/rules/A12-8-1/test.cpp b/cpp/autosar/test/rules/A12-8-1/test.cpp index 481435096a..b25614d64f 100644 --- a/cpp/autosar/test/rules/A12-8-1/test.cpp +++ b/cpp/autosar/test/rules/A12-8-1/test.cpp @@ -44,7 +44,7 @@ class C4 { C4() : m1(0) {} C4(C4 const &p1) : m1(p1.m1) { std::cout << "Copying class C4" - << std::endl; // NON_COMPLIANT - peformance overhead affecting the + << std::endl; // NON_COMPLIANT - performance overhead affecting the // copying of th object? } diff --git a/cpp/autosar/test/rules/A13-5-3/test.cpp b/cpp/autosar/test/rules/A13-5-3/test.cpp index 8eaaef6581..c50578b280 100644 --- a/cpp/autosar/test/rules/A13-5-3/test.cpp +++ b/cpp/autosar/test/rules/A13-5-3/test.cpp @@ -35,7 +35,7 @@ int main() { bar(static_cast(b)); // NON_COMPLIANT--explicit A(*pa)[3] = b; // NON_COMPLIANT - converting B to array of A (size 3)- - // decalartion of variable name pa, pointer to array of A , array size is 3 + // declaration of variable name pa, pointer to array of A , array size is 3 C c; bar(c); // NON_COMPLIANT - one pointer with bar diff --git a/cpp/autosar/test/rules/A5-1-1/test.cpp b/cpp/autosar/test/rules/A5-1-1/test.cpp index f6b9e44ea3..691e94d2fa 100644 --- a/cpp/autosar/test/rules/A5-1-1/test.cpp +++ b/cpp/autosar/test/rules/A5-1-1/test.cpp @@ -2,7 +2,7 @@ #include void test_exception1() { - throw "constant string"; // NOT_COMPLIANT - not used in type initialization + throw "constant string"; // NON_COMPLIANT - not used in type initialization } void test_exception2() { diff --git a/cpp/cert/test/rules/EXP52-CPP/DoNotRelyOnSideEffectsInSizeOfOperand.cpp b/cpp/cert/test/rules/EXP52-CPP/DoNotRelyOnSideEffectsInSizeOfOperand.cpp index 59304f5104..68ffc8dc7d 100644 --- a/cpp/cert/test/rules/EXP52-CPP/DoNotRelyOnSideEffectsInSizeOfOperand.cpp +++ b/cpp/cert/test/rules/EXP52-CPP/DoNotRelyOnSideEffectsInSizeOfOperand.cpp @@ -1,6 +1,6 @@ int g1 = 0; -unsigned char g2[sizeof(g1++)]; // NOT_COMPLIANT +unsigned char g2[sizeof(g1++)]; // NON_COMPLIANT void f1(int p); void f2(long long p); From a3ae3494a032a8cf5d1af419c1c28b94f4db6195 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Wed, 1 Mar 2023 11:00:56 +0100 Subject: [PATCH 0564/2573] Fix formatting and fix one more typo --- cpp/autosar/test/rules/A12-8-1/test.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/test/rules/A12-8-1/test.cpp b/cpp/autosar/test/rules/A12-8-1/test.cpp index b25614d64f..ad7ae7ec0c 100644 --- a/cpp/autosar/test/rules/A12-8-1/test.cpp +++ b/cpp/autosar/test/rules/A12-8-1/test.cpp @@ -44,8 +44,8 @@ class C4 { C4() : m1(0) {} C4(C4 const &p1) : m1(p1.m1) { std::cout << "Copying class C4" - << std::endl; // NON_COMPLIANT - performance overhead affecting the - // copying of th object? + << std::endl; // NON_COMPLIANT - performance overhead affecting + // the copying of the object? } private: From d75bda654c934a70e12897e758af04acc3862dad Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Wed, 1 Mar 2023 11:50:03 +0100 Subject: [PATCH 0565/2573] Fix `NULLMacro` deprecation warning --- cpp/common/src/codingstandards/cpp/Concurrency.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/Concurrency.qll b/cpp/common/src/codingstandards/cpp/Concurrency.qll index a793a3d317..b1083e75b6 100644 --- a/cpp/common/src/codingstandards/cpp/Concurrency.qll +++ b/cpp/common/src/codingstandards/cpp/Concurrency.qll @@ -852,7 +852,7 @@ class TSSCreateFunctionCall extends ThreadSpecificStorageFunctionCall { TSSCreateFunctionCall() { getTarget().getName() = "tss_create" } predicate hasDeallocator() { - not exists(MacroInvocation mi, NULLMacro nm | + not exists(MacroInvocation mi, NullMacro nm | getArgument(1) = mi.getExpr() and mi = nm.getAnInvocation() ) From 4a64e8b53fa5616958e2fb6c8cf64d43d3a6b5de Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Wed, 1 Mar 2023 11:54:56 +0100 Subject: [PATCH 0566/2573] Fix test file formatting --- c/misra/test/rules/RULE-8-4/object1.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/misra/test/rules/RULE-8-4/object1.c b/c/misra/test/rules/RULE-8-4/object1.c index bea41c7a20..93441003ec 100644 --- a/c/misra/test/rules/RULE-8-4/object1.c +++ b/c/misra/test/rules/RULE-8-4/object1.c @@ -5,6 +5,6 @@ extern int i1 = 0; // NON_COMPLIANT int i2 = 0; // NON_COMPLIANT -extern int i3; // NON_COMPLIANT - not detected as `short i3` exists +extern int i3; // NON_COMPLIANT - not detected as `short i3` exists extern int i4; // COMPLIANT \ No newline at end of file From 6c5827cac4dab56ac1611ffde19abc6c516f8621 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 1 Mar 2023 11:09:50 +0000 Subject: [PATCH 0567/2573] M14-6-1: Address test irregularities * Formatting * Address compiler testing issues - Accidental name conflicts - Type of member function parameter --- cpp/autosar/test/rules/M14-6-1/test.cpp | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/cpp/autosar/test/rules/M14-6-1/test.cpp b/cpp/autosar/test/rules/M14-6-1/test.cpp index 1813251098..d5d99597f4 100644 --- a/cpp/autosar/test/rules/M14-6-1/test.cpp +++ b/cpp/autosar/test/rules/M14-6-1/test.cpp @@ -30,11 +30,11 @@ template class A : B { g1(); // COMPLIANT, identifier not found in B } void m3(int m) { - m = 0; // COMPLIANT, hides member + m = 0; // COMPLIANT, hides member } void m4() { int m = 0; - m = 0; // COMPLIANT, hides member + m = 0; // COMPLIANT, hides member } }; @@ -59,20 +59,21 @@ class D { class C : D { public: void m1() { - m = 0; // COMPLIANT - does not apply to non-class templates - g(); // COMPLIANT - does not apply to non-class templates + m = 0; // COMPLIANT - does not apply to non-class templates + g(); // COMPLIANT - does not apply to non-class templates sg(); // COMPLIANT - does not apply to non-class templates - TYPE t = 0; // COMPLIANT - does not apply to non-class templates + TYPE t1 = 0; // COMPLIANT - does not apply to non-class templates // void (*p)() = &g; // NON_COMPILABLE } }; -template class E : D { +template class E : D { public: void m1() { - m = 0; // COMPLIANT - does not apply to non dependent base types - g(); // COMPLIANT - does not apply to non dependent base types - TYPE t = 0; // COMPLIANT - does not apply to non dependent base types - void (*p)() = &g; // COMPLIANT - does not apply to non dependent base types + m = 0; // COMPLIANT - does not apply to non dependent base types + g(); // COMPLIANT - does not apply to non dependent base types + TYPE t1 = 0; // COMPLIANT - does not apply to non dependent base types + void (D::*p)() = + &g; // COMPLIANT - does not apply to non dependent base types } }; \ No newline at end of file From a80c8b0a82d634cc5fe80bfa4289722ef0b1dedd Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 1 Mar 2023 11:25:24 +0000 Subject: [PATCH 0568/2573] M14-6-1: Remove incompatible clang case --- cpp/autosar/test/rules/M14-6-1/test.cpp | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/cpp/autosar/test/rules/M14-6-1/test.cpp b/cpp/autosar/test/rules/M14-6-1/test.cpp index d5d99597f4..be3c7c0b5f 100644 --- a/cpp/autosar/test/rules/M14-6-1/test.cpp +++ b/cpp/autosar/test/rules/M14-6-1/test.cpp @@ -73,7 +73,6 @@ template class E : D { m = 0; // COMPLIANT - does not apply to non dependent base types g(); // COMPLIANT - does not apply to non dependent base types TYPE t1 = 0; // COMPLIANT - does not apply to non dependent base types - void (D::*p)() = - &g; // COMPLIANT - does not apply to non dependent base types + // void (*p)() = &g; // NON_COMPILABLE - clang does not accept this } }; \ No newline at end of file From 1dd9c046b9d3ca8c9393ac221541e2132e590e98 Mon Sep 17 00:00:00 2001 From: jsinglet Date: Wed, 1 Mar 2023 15:37:44 +0000 Subject: [PATCH 0569/2573] Version bump to 2.15.0-dev. --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- docs/user_manual.md | 10 +++++----- 16 files changed, 20 insertions(+), 20 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index fa4eeacaf1..9c7700e4f5 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards -version: 2.14.0-dev +version: 2.15.0-dev description: CERT C 2016 suites: codeql-suites license: MIT diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index 4b4b556207..be31ed6211 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards-tests -version: 2.14.0-dev +version: 2.15.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index e6f76013d7..7cf79493f6 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards -version: 2.14.0-dev +version: 2.15.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index 849856b4bb..decc240266 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards-tests -version: 2.14.0-dev +version: 2.15.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 7a3dda42cc..b5dac3b39a 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards -version: 2.14.0-dev +version: 2.15.0-dev description: MISRA C 2012 suites: codeql-suites license: MIT diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index 5317bc172a..6f3712963b 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards-tests -version: 2.14.0-dev +version: 2.15.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index 50dfb98efe..7709cf5c64 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards -version: 2.14.0-dev +version: 2.15.0-dev description: AUTOSAR C++14 Guidelines 20-11 suites: codeql-suites license: MIT diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index 8e68cab2cf..1813af0c7f 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards-tests -version: 2.14.0-dev +version: 2.15.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index 8be0dbd8b7..82fa50fdc9 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards -version: 2.14.0-dev +version: 2.15.0-dev description: CERT C++ 2016 suites: codeql-suites license: MIT diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index f54b6ff882..02b485f84b 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards-tests -version: 2.14.0-dev +version: 2.15.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index efb4c0875f..6d6281cf2c 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards -version: 2.14.0-dev +version: 2.15.0-dev license: MIT dependencies: codeql/cpp-all: 0.2.3 diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index ef885980eb..7fc52f4b7d 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards-tests -version: 2.14.0-dev +version: 2.15.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index a6c5037b81..1de329e235 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards -version: 2.14.0-dev +version: 2.15.0-dev description: MISRA C++ 2008 suites: codeql-suites license: MIT diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index 6496ddd2fd..97055ea583 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards-tests -version: 2.14.0-dev +version: 2.15.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index 595af25c12..2c6789e1a6 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/report-cpp-coding-standards -version: 2.14.0-dev +version: 2.15.0-dev license: MIT dependencies: codeql/cpp-all: 0.2.3 diff --git a/docs/user_manual.md b/docs/user_manual.md index 25b78693b5..f738010dc8 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -26,10 +26,10 @@ This user manual documents release `2.10.0` of the coding standards located at https://github.com/github/codeql-coding-standards/releases/tag/v2.10.0 . The release page documents the release notes and contains the following artifacts part of the release: -- `code-scanning-cpp-query-pack-anon-2.10.0.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `supported_rules_list_2.10.0.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. -- `supported_rules_list_2.10.0.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. -- `user_manual_2.10.0.md`: This user manual. +- `code-scanning-cpp-query-pack-anon-2.15.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. +- `supported_rules_list_2.15.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. +- `upported_rules_list_2.15.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. +- `user_manual_2.15.0-dev.md`: This user manual. - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards - `checksums.txt`: A text file containing sha256 checksums for the aforementioned artifacts. @@ -457,7 +457,7 @@ This section describes known failure modes for "CodeQL Coding Standards" and des | | Ouf of space | Less output. Some files may be only be partially analyzed, or not analyzed at all. | Error reported on the command line. | Increase space. If it remains an issue report space consumption issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False positives | More output. Results are reported which are not violations of the guidelines. | All reported results must be reviewed. | Report false positive issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False negatives | Less output. Violations of the guidelines are not reported. | Other validation and verification processes during software development should be used to complement the analysis performed by CodeQL Coding Standards. | Report false negative issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | -| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_VERSION.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | +| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.15.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | | | Incorrect deviation record specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation records with a reason. Ensure that all deviation records are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Incorrect deviation permit specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation permits with a reason. Ensure that all deviation permits are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Unapproved use of a deviation record | Less output. Results for guideline violations are not reported. | Validate that the deviation record use is approved by verifying the approved-by attribute of the deviation record specification. | Ensure that each raised deviation record is approved by an independent approver through an auditable process. | From de77a6ad755f44a66642f76805247bebb08e35d3 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 1 Mar 2023 10:45:44 -0500 Subject: [PATCH 0570/2573] apparently this doesn't work anymore --- .github/workflows/bump-version.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/bump-version.yml b/.github/workflows/bump-version.yml index dad7061670..51de9d8b40 100644 --- a/.github/workflows/bump-version.yml +++ b/.github/workflows/bump-version.yml @@ -27,6 +27,5 @@ jobs: title: "Release Engineering: Version bump to ${{ github.event.inputs.new_version }}." body: "This PR updates codeql-coding-standards to version ${{ github.event.inputs.new_version }}." commit-message: "Version bump to ${{ github.event.inputs.new_version }}." - team-reviewers: github/codeql-coding-standards delete-branch: true branch: "automation/version-bump-${{ github.event.inputs.new_version }}" From 3bb5a1bb636ad902aa5bffd3f530a94575acace8 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 1 Mar 2023 11:41:02 -0500 Subject: [PATCH 0571/2573] C should be C11 --- scripts/matrix_testing/Config.ps1 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/matrix_testing/Config.ps1 b/scripts/matrix_testing/Config.ps1 index a0ac180c23..05aad5dd61 100644 --- a/scripts/matrix_testing/Config.ps1 +++ b/scripts/matrix_testing/Config.ps1 @@ -21,8 +21,8 @@ $COMPILER_ARGS = @{ }; "c" = @{ - "gcc" = "-fsyntax-only"; - "clang" = "-fsyntax-only"; + "gcc" = "-fsyntax-only -std=c11"; + "clang" = "-fsyntax-only -std=c11"; }; } From b1d08d3b2fd2cbf5c8b9cc5f2b969006bf03540f Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Wed, 1 Mar 2023 16:28:34 -0800 Subject: [PATCH 0572/2573] Initialize INT34-C --- .../INT34-C/DoNotShiftAnExpressionByANegat.md | 16 -- .../INT34-C/DoNotShiftAnExpressionByANegat.ql | 19 -- ...ftedbyNegativeOrGreaterPrecisionOperand.md | 204 +++++++++++++++++- .../src/rules/INT34-C/LogicalShiftRight.JPG | Bin 0 -> 16405 bytes c/cert/src/rules/INT34-C/ShiftLeft.JPG | Bin 0 -> 17066 bytes c/cert/src/rules/INT34-C/ShiftRight.JPG | Bin 0 -> 16095 bytes 6 files changed, 202 insertions(+), 37 deletions(-) delete mode 100644 c/cert/src/rules/INT34-C/DoNotShiftAnExpressionByANegat.md delete mode 100644 c/cert/src/rules/INT34-C/DoNotShiftAnExpressionByANegat.ql create mode 100644 c/cert/src/rules/INT34-C/LogicalShiftRight.JPG create mode 100644 c/cert/src/rules/INT34-C/ShiftLeft.JPG create mode 100644 c/cert/src/rules/INT34-C/ShiftRight.JPG diff --git a/c/cert/src/rules/INT34-C/DoNotShiftAnExpressionByANegat.md b/c/cert/src/rules/INT34-C/DoNotShiftAnExpressionByANegat.md deleted file mode 100644 index 66c3d5a7a0..0000000000 --- a/c/cert/src/rules/INT34-C/DoNotShiftAnExpressionByANegat.md +++ /dev/null @@ -1,16 +0,0 @@ -# INT34-C: Do not shift an expression by a negative number of bits or by greater than or equal to the number of - -This query implements the CERT-C rule INT34-C: - -> Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand -## CERT - -** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** - -## Implementation notes - -None - -## References - -* CERT-C: [INT34-C: Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/INT34-C/DoNotShiftAnExpressionByANegat.ql b/c/cert/src/rules/INT34-C/DoNotShiftAnExpressionByANegat.ql deleted file mode 100644 index ac5def1e01..0000000000 --- a/c/cert/src/rules/INT34-C/DoNotShiftAnExpressionByANegat.ql +++ /dev/null @@ -1,19 +0,0 @@ -/** - * @id c/cert/do-not-shift-an-expression-by-a-negat - * @name INT34-C: Do not shift an expression by a negative number of bits or by greater than or equal to the number of - * @description Do not shift an expression by a negative number of bits or by greater than or equal - * to the number of bits that exist in the operand.. - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/cert/id/int34-c - * external/cert/obligation/rule - */ - -import cpp -import codingstandards.c.cert - -from -where - not isExcluded(x, TypesPackage::doNotShiftAnExpressionByANegatQuery()) and -select diff --git a/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.md b/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.md index 601dea39c0..0c9a635019 100644 --- a/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.md +++ b/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.md @@ -3,9 +3,209 @@ This query implements the CERT-C rule INT34-C: > Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand -## CERT -** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** + +## Description + +Bitwise shifts include left-shift operations of the form *shift-expression* `<<` *additive-expression* and right-shift operations of the form *shift-expression* `>>` *additive-expression*. The standard integer promotions are first performed on the operands, each of which has an integer type. The type of the result is that of the promoted left operand. If the value of the right operand is negative or is greater than or equal to the width of the promoted left operand, the behavior is [undefined](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). (See [undefined behavior 51](https://wiki.sei.cmu.edu/confluence/display/c/CC.+Undefined+Behavior#CC.UndefinedBehavior-ub_51).) + +Do not shift an expression by a negative number of bits or by a number greater than or equal to the *precision* of the promoted left operand. The precision of an integer type is the number of bits it uses to represent values, excluding any sign and padding bits. For unsigned integer types, the width and the precision are the same; whereas for signed integer types, the width is one greater than the precision. This rule uses precision instead of width because, in almost every case, an attempt to shift by a number of bits greater than or equal to the precision of the operand indicates a bug (logic error). A logic error is different from overflow, in which there is simply a representational deficiency. In general, shifts should be performed only on unsigned operands. (See [INT13-C. Use bitwise operators only on unsigned operands](https://wiki.sei.cmu.edu/confluence/display/c/INT13-C.+Use+bitwise+operators+only+on+unsigned+operands).) + +## Noncompliant Code Example (Left Shift, Unsigned Type) + +The result of `E1 << E2` is `E1` left-shifted `E2` bit positions; vacated bits are filled with zeros. The following diagram illustrates the left-shift operation. + +![](ShiftLeft.JPG) + +According to the C Standard, if `E1` has an unsigned type, the value of the result is `E1` \* `2``E2`, reduced modulo 1 more than the maximum value representable in the result type. + +This noncompliant code example fails to ensure that the right operand is less than the precision of the promoted left operand: + +```cpp +void func(unsigned int ui_a, unsigned int ui_b) { + unsigned int uresult = ui_a << ui_b; + /* ... */ +} +``` + +## Compliant Solution (Left Shift, Unsigned Type) + +This compliant solution eliminates the possibility of shifting by greater than or equal to the number of bits that exist in the precision of the left operand: + +```cpp +#include +#include +#include + +extern size_t popcount(uintmax_t); +#define PRECISION(x) popcount(x) + +void func(unsigned int ui_a, unsigned int ui_b) { + unsigned int uresult = 0; + if (ui_b >= PRECISION(UINT_MAX)) { + /* Handle error */ + } else { + uresult = ui_a << ui_b; + } + /* ... */ +} +``` +The `PRECISION()` macro and `popcount()` function provide the correct precision for any integer type. (See [INT35-C. Use correct integer precisions](https://wiki.sei.cmu.edu/confluence/display/c/INT35-C.+Use+correct+integer+precisions).) + +Modulo behavior resulting from left-shifting an unsigned integer type is permitted by exception INT30-EX3 to [INT30-C. Ensure that unsigned integer operations do not wrap](https://wiki.sei.cmu.edu/confluence/display/c/INT30-C.+Ensure+that+unsigned+integer+operations+do+not+wrap). + +## Noncompliant Code Example (Left Shift, Signed Type) + +The result of `E1 << E2` is `E1` left-shifted `E2` bit positions; vacated bits are filled with zeros. If `E1` has a signed type and nonnegative value, and `E1` \* `2``E2` is representable in the result type, then that is the resulting value; otherwise, the behavior is undefined. + +This noncompliant code example fails to ensure that left and right operands have nonnegative values and that the right operand is less than the precision of the promoted left operand. This example does check for signed integer overflow in compliance with [INT32-C. Ensure that operations on signed integers do not result in overflow](https://wiki.sei.cmu.edu/confluence/display/c/INT32-C.+Ensure+that+operations+on+signed+integers+do+not+result+in+overflow). + +```cpp +#include +#include +#include + +void func(signed long si_a, signed long si_b) { + signed long result; + if (si_a > (LONG_MAX >> si_b)) { + /* Handle error */ + } else { + result = si_a << si_b; + } + /* ... */ +} +``` +Shift operators and other bitwise operators should be used only with unsigned integer operands in accordance with [INT13-C. Use bitwise operators only on unsigned operands](https://wiki.sei.cmu.edu/confluence/display/c/INT13-C.+Use+bitwise+operators+only+on+unsigned+operands). + +## Compliant Solution (Left Shift, Signed Type) + +In addition to the check for overflow, this compliant solution ensures that both the left and right operands have nonnegative values and that the right operand is less than the precision of the promoted left operand: + +```cpp +#include +#include +#include + +extern size_t popcount(uintmax_t); +#define PRECISION(x) popcount(x) + +void func(signed long si_a, signed long si_b) { + signed long result; + if ((si_a < 0) || (si_b < 0) || + (si_b >= PRECISION(ULONG_MAX)) || + (si_a > (LONG_MAX >> si_b))) { + /* Handle error */ + } else { + result = si_a << si_b; + } + /* ... */ +} + +``` +Noncompliant Code Example (Right Shift) + +The result of `E1 >> E2` is `E1` right-shifted `E2` bit positions. If `E1` has an unsigned type or if `E1` has a signed type and a nonnegative value, the value of the result is the integral part of the quotient of `E1` / `2``E2`. If `E1` has a signed type and a negative value, the resulting value is [implementation-defined](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation-definedbehavior) and can be either an arithmetic (signed) shift + +![](ShiftRight.JPG) + +or a logical (unsigned) shift + +![](LogicalShiftRight.JPG) + +This noncompliant code example fails to test whether the right operand is greater than or equal to the precision of the promoted left operand, allowing undefined behavior: + +```cpp +void func(unsigned int ui_a, unsigned int ui_b) { + unsigned int uresult = ui_a >> ui_b; + /* ... */ +} +``` +When working with signed operands, making assumptions about whether a right shift is implemented as an arithmetic (signed) shift or a logical (unsigned) shift can also lead to [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability). (See [INT13-C. Use bitwise operators only on unsigned operands](https://wiki.sei.cmu.edu/confluence/display/c/INT13-C.+Use+bitwise+operators+only+on+unsigned+operands).) + +## Compliant Solution (Right Shift) + +This compliant solution eliminates the possibility of shifting by greater than or equal to the number of bits that exist in the precision of the left operand: + +```cpp +#include +#include +#include + +extern size_t popcount(uintmax_t); +#define PRECISION(x) popcount(x) + +void func(unsigned int ui_a, unsigned int ui_b) { + unsigned int uresult = 0; + if (ui_b >= PRECISION(UINT_MAX)) { + /* Handle error */ + } else { + uresult = ui_a >> ui_b; + } + /* ... */ +} +``` +**Implementation Details** + +GCC has no options to handle shifts by negative amounts or by amounts outside the width of the type predictably or to trap on them; they are always treated as undefined. Processors may reduce the shift amount modulo the width of the type. For example, 32-bit right shifts are implemented using the following instruction on x86-32: + +```cpp +sarl %cl, %eax + +``` +The `sarl` instruction takes a bit mask of the least significant 5 bits from `%cl` to produce a value in the range \[0, 31\] and then shift `%eax` that many bits: + +```cpp +// 64-bit right shifts on IA-32 platforms become +shrdl %edx, %eax +sarl %cl, %edx + +``` +where `%eax` stores the least significant bits in the doubleword to be shifted, and `%edx` stores the most significant bits. + +## Risk Assessment + +Although shifting a negative number of bits or shifting a number of bits greater than or equal to the width of the promoted left operand is undefined behavior in C, the risk is generally low because processors frequently reduce the shift amount modulo the width of the type. + +
Rule Severity Likelihood Remediation Cost Priority Level
INT34-C Low Unlikely Medium P2 L3
+ + +## Automated Detection + +
Tool Version Checker Description
Astrée 22.04 precision-shift-width precision-shift-width-constant Fully checked
Axivion Bauhaus Suite 7.2.0 CertC-INT34 Can detect shifts by a negative or an excessive number of bits and right shifts on negative values.
CodeSonar 7.2p0 LANG.ARITH.BIGSHIFT LANG.ARITH.NEGSHIFT Shift amount exceeds bit width Negative shift amount
Compass/ROSE Can detect violations of this rule. Unsigned operands are detected when checking for INT13-C. Use bitwise operators only on unsigned operands
Coverity 2017.07 BAD_SHIFT Implemented
Cppcheck 1.66 shiftNegative, shiftTooManyBits Context sensitive analysis Warns whenever Cppcheck sees a negative shift for a POD expression (The warning for shifting too many bits is written only if Cppcheck has sufficient type information and you use --platform to specify the sizes of the standard types.)
ECLAIR 1.2 CC2.INT34 Partially implemented
Helix QAC 2022.4 C0499, C2790, C++2790, C++3003 DF2791, DF2792, DF2793
Klocwork 2022.4 MISRA.SHIFT.RANGE.2012
LDRA tool suite 9.7.1 51 S, 403 S, 479 S Partially implemented
Parasoft C/C++test 2022.2 CERT_C-INT34-a Avoid incorrect shift operations
Polyspace Bug Finder R2022b CERT C: Rule INT34-C Checks for: Shift of a negative valuehift of a negative value, shift operation overflowhift operation overflow. Rule partially covered.
PRQA QA-C 9.7 0499, 2790 \[C\], 2791 \[D\], 2792 \[A\], 2793 \[S\] Partially implemented
PRQA QA-C++ 4.4 2791, 2792, 2793, 3003, 3321, 3322
PVS-Studio 7.23 V610
RuleChecker 22.04 precision-shift-width-constant Partially checked
TrustInSoft Analyzer 1.38 shift Exhaustively verified (see one compliant and one non-compliant example ).
+ + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+INT34-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
Taxonomy Taxonomy item Relationship
CERT C INT13-C. Use bitwise operators only on unsigned operands Prior to 2018-01-12: CERT: Unspecified Relationship
CERT C INT35-C. Use correct integer precisions Prior to 2018-01-12: CERT: Unspecified Relationship
CERT C INT32-C. Ensure that operations on signed integers do not result in overflow Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TR 24772:2013 Arithmetic Wrap-Around Error \[FIF\] Prior to 2018-01-12: CERT: Unspecified Relationship
CWE 2.11 CWE-682 2017-07-07: CERT: Rule subset of CWE
CWE 2.11 CWE-758 2017-07-07: CERT: Rule subset of CWE
+ + +## CERT-CWE Mapping Notes + +[Key here](https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=87152408#HowthisCodingStandardisOrganized-CERT-CWEMappingNotes) for mapping notes + +**CWE-758 and INT34-C** + +Independent( INT34-C, INT36-C, MEM30-C, MSC37-C, FLP32-C, EXP33-C, EXP30-C, ERR34-C, ARR32-C) + +CWE-758 = Union( INT34-C, list) where list = + +* Undefined behavior that results from anything other than incorrect bit shifting +**CWE-682 and INT34-C** + +Independent( INT34-C, FLP32-C, INT33-C) CWE-682 = Union( INT34-C, list) where list = + +* Incorrect calculations that do not involve out-of-range bit shifts + +## Bibliography + +
\[ C99 Rationale 2003 \] 6.5.7, "Bitwise Shift Operators"
\[ Dowd 2006 \] Chapter 6, "C Language Issues"
\[ Seacord 2013b \] Chapter 5, "Integer Security"
\[ Viega 2005 \] Section 5.2.7, "Integer Overflow"
+ ## Implementation notes diff --git a/c/cert/src/rules/INT34-C/LogicalShiftRight.JPG b/c/cert/src/rules/INT34-C/LogicalShiftRight.JPG new file mode 100644 index 0000000000000000000000000000000000000000..5f98215baf3800fe1922fea72dc8725e9b89929a GIT binary patch literal 16405 zcmdse2{@E{|MzVVX_BpkX|a_pAt}x1lq8k3SYwWCA$cSrV{U07ilU4-nMz2~lqHd7 zvJ9srYbGPx*q4~GjGNj1x6c3nzSsMh^FB|V=Xu`idZ+82YpS{D{(bk)_xJt$_+R)v zz{&&rtoH#z!T=xy{{i?Nz#c$YXz{i9F1+{>6ew?sI1tk^@h8} z$EGvW>sItWY@G#85XnbuL;`N>OR`8f6VlE$vO4jZLbh2#nu~&ui9-V;T|NnVe6%3^1s}E__9KB zqtQ`@!l`pjQi|%vy&B9#(Y{Oe&j}X&QM?B1 z?U&g5BvKC}grj!Rc*yK(!wgoG*NUcyOASzz2NL zihQ8rFdsOL2K?Mmh1@Kh@NixZG(=HTjxgmCLh^3woKBnNC7i`JKsFw=X=ltQ4J1BH zmy@^J8hk{>@Byg~o)n%BSS2$g_<(GlD<2sA6otCN1u!513fteDbxn6J`@?kKFARxC)2@% z=U5{dIqRXA{h@SB@~9EQ4rp9a~)-1&;Wu~g~!wxk{|GaKNXcg?sWkxj`D%w zDICBD=qCPTPJ7c&tlll0Z3dO_q(a%dA(5lZS;99RhLWW#x)!C)XlW;pv-3}0ciBrN z&IAV!f|V|6<}L0+;bAC;`vdby;W&4Iz3MMpG-Rk-sT>1q)*P~9%Jqg;jS*=+J$f91 z9492WH#Ja+71{Ps*@N=HU-|daDL&Avm)s!gD{f$52-dz!{)lqA`3_b27R*d181YtpVGgDvcGgu) zl}{RcOs<dFg!e-hZ4I^xz1+&uhd1t>uwE>;oLJ zCI?$)L!7xWE0B#EbJ$?tWHQE8`8rQvq|_!Fe+ln$L);w-$9ZO8QY}!`{~}uk!=bnm z48%l}Re6XobYEbN!4=#V2DO^3>K5kBs;vYiO%93ks%v}S`Zy-^>U%R~W~}DYEMjX; z_1oNDxA7Jt_w=JUKwH42Gt}Lo#XG!_b%YNT@PS-#^eyv#q!*u*^_cZCMzx_NLaCl*7gunFZ%&peO1=g|j zIAd<_t>1tZL2*C@Hv_dTESQx9N%jzEN);EBZ)PO+O-lNb);EpM#?oz`*am+%!TXffaK+pvdo<-Xb`_)Z4t_^KYp9`B zuz&WRfZ!FU%&irwk5=hgrS`|||0I>Ra5f5sg>Ul*-%<2>$Izt~Rz#UQ@YZ_thH~_5p*>))Diguk$Ojm=;3zTT1JXOk8^KBw z*mF(q_k+K3b3RSuS_a{?8{Xyc1=q<3R`G!%IK_jH9Eu%=x`yDy45yFfYcIjK2J@81 zcydI@q6EwVD-Gd)@!+j$_{In3hq(8+_y*c^KbOeU;Q4gG1;l@5RTL_cTLAXc(Ow9) z!2+I_*S&_?cw&0;TQVQel4Way?O-c;)(!eZihi&{q|cxRl;SLB%X)4zGnRJ;0ds7^r>C%(-?%9-JmX&0!o}j({nt%E|_gB}PJWw)N9|o}&jX0D) zoN_TEIoJ2%owU$6bG_$#Z~LK;t(p6?QYxpk`_He6?Z4*OpJ2TqW6i_TS1JC!k5X)n zxFvVOj@2NAc{{_R12n$vVN+n`$! zoOOqyqfnQL>o2oPq0mUS{cg50r8jZ46}_c*?WC;D6W6eP3sft%#$(#?qqTuxu!^1E zsv-MV^wy6XrUv9zKc4DKrsfS`;>e1mHNI$uLqjyUJOp!HS%Vm7f{X%JUd@Tg`ur$i zp|AckR!i4KFFyQrlAh7gB=ZnOrM*7y@c{CKLj(DhE$26@aX8s}@d3Cvevatdu^>fS zV&O)K#uM+bUQk0X=2C`Qj7!`2>@Jt1pG~x9CZ!>lJ=Zl_vAc8kC)Fuj{q5-fSTDm` zILy>A)Nr#wj6JbRD?clje2P+C180$wa^GboMZ$!^bumR+h%Nb*;=<2y*+SfCq+$> zx?z7Y5;1D`_-LJbxcs>tl6%kX(LHCSe%p3=yOjcpyM_F3C3cRLd7|VPgDHXe^K~xPA=z%rvNzV1UfVw5zP00!d;wR<0*L}E zOvwFRSSwghY6%f`CsNmfD^Z*cpgR*g^j0hHWS%YhG?hSmeMT11Br zWCffac55@(LnMguR*#Zb8QWmw{m=k!y|gXDCeKoJwl@7KblCBgi{f;Uy0dqddf2G0 zer!XsKI-WM1OYrlnBSh*zK2)GgCXD3xtfp}1uUBlXRG(sxDQAcX4Zh~Kr$jecp{Pr zWipL^foysL_RuA+>z3~h%^4xCd>vDTQ)o4LGk+!73OVttXgI4h{howj4fe(IE8)MU z<*?1MXBb1@G#GLf=puvYag(*XkhNW_TCjUE+s9<9@pjH`9acf|=VBix85-Q(kR+NQ z)Sw>h(xuM~y^59Ybv;&#GGgizGEZOBxPmVu<>z)=1qQeW$a`CBrdS)Q*zF^fZnb9Tw;M%UGppTN%1tPqX<^%FYOODn0%P zen)YMVz#>yUOSbdg;&XVi`mRM0Tnaqtl_jy!pcD&PdWRW^sshMI3my$J@Z}q`SPJu zwX=D>W~bWExYSqQ_D#EUyYI=1vW=*NuYrZ9OM^~uT8%N@jY-?5zr*QYLvI^AwK3LO_hoH|!MYk- zd7;@83e$6(UGY3gUp`>1yNKgsl7Ha?{ZG-o;~0jG?Si!rjN{GIl=y(g5s5})hlXwj z%K*~I;i?zH4U5_#X+Dtj1itGfSfPg=(I5aIW9l@9bJs#fUbzng8I0XwglvVE^f>S4eND%>OZUkJaa))cY<whZb)-37Pk{u zzk_rg_D~^cQ@GaytUviJ^=tr6*LRhb`-z*y@JlK|$ayQRZ?s$_`o1FzR zyy=HlW{Kqrv~wa9p~P9$!b@^mY+ezXSK%yq9Dr9Q0D_UExl!nztZv3(v?x}JIzv`~ z8)pkREJBZB{h{PY1yUx{!z$WZZ=yW#d8f;vS2hn*vrAIUJn)ZS)~Q^MmWdz;45P)? z7jCTt=@cm-kc7~J68swW39!Nj>`Cuh4}D`Bk1l9&S-D^Q}936qK&L2A(BI_!hj+#jZ=6uvKtwuN^#;3+))LF-bp5E;qDNAmzw=Jfoeo z1M8d@By8HwC$1d1<$uv++~Gp#-)eVdeJ+pQKaj9HwSUj={lON>$Kj=8+u5NbWrRv* zFQFr+f_A3B53@}3O)|y)RnUC0A8tjN;Z5%j;^cBWN?JJZ zp2}S}BNRICe>H6I4GCPAWae?p+ic~Onabz9bVmcdj1LRyaA>rvpF_;voz59I3=UzS z-I#&nB6P{Db_UIn$WuAAWpJ#bq`8i@%;FQ+=#?;ZaD?~t6YUtUEDDtj*FfR7_0N=2 z8oVM`!HIu7$xLG5!+Z;Cb!i!dB!-o+gqWhu<4}Mu>{Tl?Q-ec#I!3(MqU(In!&_^E zv(LlLrcb~oKH!S6rq&ZmaOt@m1GP2WGOTKLon{sz+P~ENguf5+-nN{cvCP$N0cAV} zMa6#MH@k#F-ylmqpm$niWQUIFKhUJ}alqlHe%*g$2Qk=RY@o0mvln*v2=#>Byn?9B zBNsp2rmJq13EcNKZsOC#>Y<{tl3Uhr-7`{&4OdC z{==#UPR-_fvUleXQ(wBacUGye@b*)Z8&k~0J#Hg5-mV9H?JVVm{yh$F|2*K=@>dZ$ z!%2<+_o2PF1zl|Si@DcV1GYyOlQdU%c;S!9^6}c_ZNw3Ih(@X zqL&!X_B8i;>gB*J{P@aCzwvN z`9PiDf*Z*l{`%F^J4z}ctR5Q+Ngv11b)C`zCs>@^OXnJm-u*e zX&M2tdcT2tnP+eN(rpobe{&n5vR-yNxw=@BbW$I$?YoP>&MM?#^m*^_N=TsGq0a!) zvL^>?;TdhGi!oPQ4x;Fwffj^i7#wmyC%*L_y!noUJ;)>fm^b_caY5#*srbr z!-`$ds-p3((>ph`RA;EQ_PlK&e)A|RD0`KRbuip-TDw_oepFk;9(HI%Iyz9*^cduh zfYH&}hGo8Zxo*z7lnIQYQ~N&8^ka;W?i7=B*Qmig-+j@l752r|e8AbiyL=aMI76>l z&)mBA+hOU>9lW-kc{+K%rj%g$%h+=dCo>*B|4OR}Kf`ipQh!;e_I~3n@EP$Q_^VBP zVw9T>6VH*$!;~i1LH@?h#LAIuBy+YW9?s#*H+{1Dq5+qKTFz9_D?HETh(zmRy>cim zj-F~CCqATav53^eo zc{@MZ@A4u!MGp`;Po5DG{tH_1=i_Zxg+&~To;yq~P8j_#N;||nNmp8BOJn^d40PVGg-@Qu3NtY`$UXO+xgRqyRZfpSgu1jS_CoDf>)X?soDk^z_q* zT~lLfFha_H<9h=R3_HswmftfDIMqzL{*Tic@EOK8B0uMd|BS}|?QysDXL4iS&k6h^ zk@r)fP0V?^)NlSD)QF!B$T# z0GB`zzd&FUglCDqehrDy$!oxh9mVW>=HzRImQOkQX)p*wx-BE6U|v-I)*l(|IC1_X z*q~$M3l0=VT4La2SMf`cs!J~xrN|{=#j(MEi9=-v=xg(Vfh-_$m*w9uFzh>xzC>0o-<=29_G;B25n*_{M!jb_RJ|e@Hy!-T zxM6FJT>J<0o9Uxw%RX&a=xP-D=|@KHIx+G0i2aC|!9P)bp*ofqG{(qe370S@$Aj4W zuqT>0TD|0}ctgK#nb~eRf5VQd;GT|ob+*job05G6jhodD&W`b1pS%8k;ahKT(=EgV z01bN>C*gk_xj3|*m_~5qb#{LyDOL3bb_~69K0fDMQW0O5PEc@aw<5WER8aRBQv(ct z`~6g$cJZ>zQSWAYBG1|31;>c{fG5uJV~P`d(N_qovAgK5Ru-=c2q#}PnuI-ftI>I= zo|28x=1tb`@87t+=ZHiE4ErTMq8Uf>CF~&#;wm|iAmn?j)300HK>sZEgpZfnd`O~% z>*^NQqMG3KaoUesHzek!+r**geKC8X2uzc?%VX!T4N@XG3XQB2E_RWEDgPX*m zfj!;3Ea6S2CGblX_mQlMlgGWY=k4Mqpiei%m7%Y2Oc@1(dM>@BH}nASondFOYe98_ zdr^Xu?WE_+*KuPuvf#6+`~X``yIY9D#mc@EgZxYez}PwbobVP%Tf37=RcIQbC$NUN z(vK$xSu*_~wdcSBd+$(yW3Ez5m9Q~syMP8_@$xR;!x{lD>fkb}=E9}WVcveBU99XfRCsf08<5)8_r40$U3@oZ1Q+1 zZQ{5Prvzha#p47BYSg;0p#$Vt!*;JI-+>n^vPBtoNrxsZFg3Ec&8&bL} z7TbP>X^m&1@P5u0PQ~xUE_fRPrZozf)4YJKY7g@T@za_0a1o8~S^L;-@(z*0l^<8* z10yG9#01Q}ABYJu=@pnu6J#~cW>~SJp^x1q2IFI}ea}M}CgxDd>jWE^Ftbon^G$ga z-j8ouV`RYEi}9NpC>}oa6k)8EaRChF>MpwYQlkr=l|_ocO(!1+f}i2M=tH#k{fFSs z8zG6c^ASv~8X0(&nv_=w%k}_SjO54#vpTpb97{GT49%0qFlu}4v+^ylM0p6^cQ{7A z?pE;f2c05%Mfa*-TB+~bU7Kn~gnxP|xoB8~Va1cV!}J-4y;rmXif3D6HMv<}pg|Pt zC1w=2I#4DorK(RYQS;t&7fbF_^D$rC=gT*l_cp#uLT^KFIj1vQB5+#r-|`?h3W2a| z?J#eIEwi5_RA#9*e}IE&I$SZyyK60Q2$U>f&U!>*8rFt{Jg$K(3Z6E&QO`cd`$T3q z*k0uW3NsxMvHfHSlZQRq^qk1qC7TRyX?R+)i25#WS7;BWcaIGD%z z2#i^n9;iX!suLF{)~?^xKfGDcEGx=V9l=F0w~^@a2UBsE}R1!)Z& zD0xf_Z)F2?wgGZ1o8+h?87*W+KG>_kqo(s@${O zMrpcT8rlcy8UXue)O61i~|;)$H7jan$I=|oAyHR zO!+#7Da{A)tzcC#*(Y&9n}8%Ub$IK+sRfwa^=MIjG5)v)#CZ9_X+^6#335jj@rWX;izLI zQDVcW4Xs6ocGA16bFqf>`^Waai3m6#vlY3*zwG17cGtbwIw!B>1J`Iau}s|~od*LR zmz2t$teOlN#2|6vi8r11#XJp*prF5~88F=5a>+fma`ir}-)HI%I=g-WA3M+Aj(_7D z5EvNX6^}i)`fQe=O~ASJWw9c+xi`z*=?&0+k{(BzT5g%^e=)Su_PSk|My`BG_OpPU~93c+lv@dqqWXp|UETR#!}Ea&C8WrYO#$tD5(rnu=*yD`>#ntJ)Gaa9^v|`}weA1IWIDH`d|M!QJ0O`x z6OIT*rwgqen>tM3g`YDgrfV26wsSlon6B-Vd_83A5*TaKucprX{7vM^*PhIqr7g;)+!{J0g4ew7d7FFd2V z2D4+X`ojYtBCEWcaT6|$aAZp(c`GLiLGOtvQp*5Xy-3Gq@&VRlXL$Ewc?*fG$C!gv zE65xzBqI^5Yz%~s6BsYRUO2s94dh-y!CY-gD;Am6kj~8?3MaG^XauG)TkGynBykS( zXG?Gnj16A|=9iieX1VbwKXLz1LOkF zG&4l9TBd)9ANHMj<{(9DmCC7u+ox?I&A{s%o4#&HOKF_j2P#AOBW<%cJ$eXNiL(J1 z`_iO{baw9f2q&*JCofHFucUpx%VX3DR4Ufd+$W^>?SZ-q<(m6B{^uO))bQX_-vYM| z+R0R=d~-*wu7U9{yOUR@7_AeP^iWrx<^x~ydJN(~FRfcqJ&A);1ew934;My5}l$*Bw3gK;alBBxuI_#5oyDt7{jCxW}L7BaY&}J~Y zs3S3vWYB7EKyQf7Feb&kGdDb9HpJ`CA&kqc0Ar z@2YiZs&88oll3ggE4BlO2oTWc5Fg|T?C>MS7Ki_WT{L8>y8!vFllX$Y>MJRCZg_e}p>lut zEXq>iD?EG@bdKv;2=^ZP3{jQi19>qGSXa3@xHbOH=qki&*RVM1FARqYf3ET%YtU61 z-qJ1AKU;1YsS*@h?5puEUY)Y~chN?P7UTbBWGM(Bf{~($a@;($&tx2VEfKdCBKDL} z?u%4(X+Qye?O40)P6%Jo;(x)^%{%_-@RW;9fDHFaIVI0V`_`fA+rYjR+9Dm=M1d!K znttM#nZQGGfr1Fag>&ILt7Z5n|Al>#RNfoMc65b< z@74*-9L{Ol}W)u`uL`tGK zpoI{bq(n@RQ3MJZBnnDMBJ-30h6_n<`cT!cU#~XRT~>Af>#bfDxB*s@%Q<`a_C9-m zTl!ww4K3ZdZO1l9ZVm*=fiFnf32lMq$jv@xpXbaz=Avew=gpmqnkzp~UjDaBL2QG-T8Vyn&UDw>fOzv2)-40|#AP-Q0bS_#XB14+snm3qKhV8FlLXg^QPBV&mddQmWoZ z{34u!r)OsOB?qB?-xhe5xi2NKuQ{_iP?+79+?)t-p_Jy%TWKz@Z0D?SI7CHv?b-RN zKU}?=|4LDB-Cn+$_lf2O>iQO(Rf5^A{kF3|x3P17X=ndqWB<9Y4rmcd4k!<$1mPix zI4j-=`gdIPTTGJY>b{yTOGze9sgZ|Q575FVA{L(l5Iv#-+`9MeaeA&d-!C4^yU-O- zqIAeXqvKfagNp46qnAz?54cZH3G1X#YOLfMewaB(oS~EbY!#)@l6FZZzCVjhkwR5; z_@Wf5AH;Jy*oCzcRYEcwzAlB9GN+@7b}WqG2NAc1)}1i2rMv0Eq-jLeY`c zX*=>uCBxo!rfmn)QnrZht>kv>x~_x_W7a@Xe&S6Y!bmBU6(VW|olz;IE9u58=GU8c5UY3~PJLBWA(3Gs zg$64H^P&}OF*s^vG1D)3#)yVt3XGAJ)bW{Q_+-hjKnmHb@TQPe)G91OblD_@7Sjd$ zL=K2XpHSz#6k2c^QI|sE)nmi>{6;CHh!xVs`cjCWNIfRW{#AtiKz)V}6{3wBMCci6 zhj%*jlt<&SQi4apz2Aoa)tDfIJHP57i5M4tY$ z7U5|)vPw``C50BUUNO-O&CY?A$a*d{q3I&o@KMl}I)mE}JHs(TrXB zZCpk{lAC_Y{0GHt!}m`I?7Gz9V}T2A3vq~8qhKX-vE!J(X$zxT(-Vkdt`stu;NnGC zwmS98Vffq`^w&yumbrkLC1vV79_ts$z2y~xI#&07v#+F>!Wb|9>NWVgrAdv3}` z!+2xQwZg5>Vrz~cU0T`aUTc!}a)_@*OG(3ztXwuXw0vrNk*f+UuGcqw9r^` znW01Wh4DF&0D-F6$<~)8+11GyfAd|mB6iZ9@!_y0jUX-GL|@%@A53XcQAuJQQm{Ak zNXBP_onOXeDt>M|K+`AzMv^v`fS-9PwjIdKkB9|(~Uw8yNI;OHgG+kdQbo$If1DYt}P-Y=-}RZr{e>dE9`pS4`iCPThwd5 zv42v74-W_+ElZUgd0xn&Q@Sqd$GVJTn)e|9 zLo!12#H=$GHeF=;(mVWwVQmy;@iw?v3aR;3za;#?njBLThY7rxhpC69(0sqRG4bQz zaL?VnAEnU!_Z@Ha$HnE|ntBF|N;>VUFc2m;six{|JMWJ!8Q?*`lheoUG(>jm3HL~$ z0x9&EI`~p>8;YLis$v_OEpZ^07Pe-W7B^2m&Q0k>w%>cxx%GI@rIjYx zO6N`TtI#ubddt=`?V(6Rv5H?gTNS5DDaXh&l*LEjkVmjbb><@2H!Cv2^X+=$PVIE% z!HQpvzh9;7+Gs&oeu>?X7`N6t1;56@0On1V8r?zD@ZGoA<0PCOSdv8GCxs4TVvYN) zWnnwx{2g?X6yn^ZfT(?xTB#$2DwLW0cxr`M3S9&$SQskW**T2&l|mQTh_VzKCOw^| z1tP7Yh#7?$WU6bm zxw_uBx~uP3hhnea%(^w`>V0EygMC}q2YX0uqEA+`L&Q;Et!IAjB0ESSUlF$nd4gZM zN8xSw1ik9A3b&XgR!!rOl8dlsaVweplf&>`@E@hnUMckMG|w8ESx`n0 z7QjRvNu4NO55MBK+999XaZ2zELG2aiz%NN1gr)Xo2|xEwso$7VzN%_9$JE{9X4yx3 zllJ^ACeQL4j^7o&F+zcKfch+0tW=n=ly*}wE) zGASS=M9JLgNADKz=V@;moSni=%pJp*>kg8RWyM3XO^E&n1_w>ExZC0c?nB4|M}A3d zhekPVDI2!h2JhgGXdDuhX(gqtxIv5lIZ$iyyQ007rjro`-kTQ?*VK}}lOJR~nn=Xk zJKIBl-tD62*=l~f+kK|;ooFcX9@tp~k+on)K`N)_9*3kJxsG!qj`JzPwvB%5_z}mP zg&UsSzqZ52qS@wzHg)Y<{kr(=;#bQvc*$M;cjhq2Qs`U|wXO_KM(U@kX%bh;cOYTt zYl00*#2HPoz;T#lH=xrP?gD6L2_qc7nngZX3ORy^Ul|DrNx6bJaqH^J#s`G@&P{{f+>iRq)8m5 z(1EeUq5jn}tjiW-=WMSE{n6#}EA<(OBn-1AaDX_=R>!H3l>{19a{MW-q^mfuUq`FW zqCTkgF!n;3{ew7f>)cNdiY^=)JXk5e=cKa37UDK%TMV9Bd4$qTos45AGht^jP73ut zOoopocVLmLn*>wf5P*+ii`!UlE%qohvH2e`MMQ~i1aAycrJ|YBkMAMcdcp(%(!0gc z0D_V^;1lcDPcBxK6X1t41VO@Q@M3<+UOpbYr~3w5+n|&Q-{ujP)*8^b$xxkA@jJ2e zF-3svj%$coYwQR8wf}u|ABigcPNDEC{Y$dW1 zFBV{Gv1%P3KXyctb_Z}01mU$f(;IH@IWS;U?j=EZ_zs+`Tz8_r* zU3x9al0pM2ObnHO4+h(8bRr?uY!um!Rm_a0=mEvXXY{6xSl@nuOw{Y_b^J9%dxkEybQsZ)Lfdb{;B0ykQ#pnN2K8$h zp?c5>c)l|&4kIThdBI$!mf+@CnRBT23Jk#zx$Ql%expKw zZ_8);Lw{7?m<*%229REz8ALk6UKox=!AwLkSWpm@18~2~La^vW0Aj>nbXD7vSgn6-edH_$;vsme+eX zFLJ#}TGg}Wz|6Tyu8rYJH@dKEVA`9BUBs8>iZ-u#DSF?{aV;Fh6lK?d(=Gx|wJ5TK zpuYNKiIruhcI&Okq9IEl-?q`X@!TigUv6;&bT6%xLYsXF?tN76v9k;#cm*HV(ZqG? zxjmL_e zcrzcLdjp@PQ0o(~quJk$n3Nv6CYLXJ6?hq*+iZ(bLH?FGL=$CN>g3`mDKzrEfLTc` zq?WUl#3uxvxs8q4mnM5NO|2W5E$cUBk#mAHUmpGC*7m!x)F!um?PqN86|`B0(OCm0 zaH$u&w174Fipg#3o8%v)z&AQf_m!VBUY3`&wzIkyqcZIkkTCUdrD6K=6I+i!j_RkR z(ASCur>kL4zEw2_#Zc&U6YnT1d@1OQU++Ov7H@A0Rv67I?riP-2qMbBHR6ln802=Y zx7zT2IRT-Tn!qfkR}lOf+a6ju;Oh{3=cOlHg7<86A6CI z2%xk+?qrVH8^(irbmO@`cIO8mEojq{j@5sl;lv^=X5P*ZP)>1YPoYG0}Nq9jY zq0afpOxMq^RCTUai0hfP1y`RWqgN?A^r1z!hL~R|(G|hR;RCUqG4`-kpiR>}@e<1} zV*!0xlBin4JimEzoI22sUAOPb$s3+#J7{wP27kxMFfcK$Pj46mhIp8z%#=b5u3vwAJ9ahU{(b#-sx zi6t%d59+)M{|zz`uAW^xI39NF<54ex!wg7e7^A&rNxgN zKOSsjm2DviXb(oNKK`WA)SJvAxzAnSgIV}ktz2IId@)n*#KJ5F{K=s6c*N=sQJLdFSj4t?lM8EwbRoGgxYQThf^ zgN)#}7Q?s2lj}qHe@|RSd(ZYi=y=HkoE1zGl7JuMle~lQc&0&6Ec9UX}jgfin zy}hlKr$Pzpw~w+1v~D-!4iqPP6&`ZZ-&2L}d-8b5R>$d^6ckkZ&G`)78~DPkKm3{N zAD{WhXa4b-rT^V$(BF(Tn?xGq#R7-&v9rQPLz{-a&o#v z7eC{xF**WDrrANR7ejQuDdPN|H2hah2>wZE{?F&`e-fJi%mx2RX#PoP{@*1u#&yg9 zX2(Iy2S$Cx9(&L=@Y>j37R6159mtzFP4c%bH@!&6e@GnMyJF@xD6)ps20i?=eOD^# zCuoU3sy#3>`()|S4BTUr(@3LgiqAl*mzwOt$>Tf<3tx0F`@UyD2=&$X44k4_@R6i- zhOr37N8bmzL^}md6NCpqv7!_K1uVWBvxCIRKFe4ZDInwTMJk~aiivaKH?B{@O@pe+ z>($c(7Ew-`af>kljI=jvldXmolFi&D8|c-^upU9IY{^0tuLos|ePB?NoBI&{AkgNm ziQV3{D#L}Z@IGuA+O_EY1A&7x4W79YmA!m^VGnD-N=6ORAJwmA+(V6F^PLIt81+dv zu@k=!QA`tz9caxB|3ujF%L`AB^0&ucwvu|EGGe9}hP!U&jpXTKkvxL2`E>r(l>;)W zy|y}_urm)7EzZ?a8mRo8q@}Qw3JUn_Hm z)!VfrO+Ch{}%u)d%smzTNyw`Zhbju-7rfmpu zQqp@<0%~@)6U!~1*0y;w7Jz^GoKlI`rgrDCbtnshXlnTGOd6&L9Rqrs-Yh)F_-RWx z8?t=-#4${$wS`a_&SB>ZIVaDT7EV4NVuQ6N2 z*z7u(xt{g8S&a1$Po7gJxp!La@;h-p3KJ*Lm|1oGGvmm^4N@pPFQLV^EXmv823=*VxTEjHa>5nz zTiQ)6zb8Al`60ObIsvtFOs2!+Lv_P` zZk}JW-ICMk{!^ zgw|n|@A`>YztkM2DN(cByc~OX`Xo=e)?MW#*`go+{13kUgKz)f+y7mB>!D}^nB0mp zAiKZy6F5|YjuwXvuTDpF9KRR(kZmt&QaNXnlM@tM*h0XXr(!JR zzIdulOvwt=G7Hd9H0lpwHfD?D7xF=zailSaSWSDM!0oGi2A`!L@-LNt!3FVS!6Da| zlkUF4N8YI-V^Ek*%<#1AkF&X_kGiAI7P_*eE zuJr4slP$)!nJBBlefO;tI*w6Gj_+Cky9oS*y6|)U2;;jTmX_JsJQy@oD$>-k(dy~Z zKWpAc-ms33`WUdBN_7cFwKvOOe>6h%pPD_M%4pdCZ|ERT$)4P?1+Yd%X?7CXkL!uw z_IA=y5gQ)uv5%3|)lt!5)R5w2lH$D~>oPv_h#`df$-5+{kJNe4?lIY4a#OsL+!*p8 zPzvchK;F09mv;!=q$gqxqBu{d^Pm%`8r$;{ZN-`QH ztlP=h23~G>`1Eufm2;WNA&p`9H>j1MIsCd=3YjklDg&Lf3qJS&DdZuAzQe$&;Zi6W z4I;Hr@{V#A5FKUFbY>PXq9p~?&s@AOT7;cRLvq;5Sa0`32hkVEo*d$eNEb&z(|H@m z>>+ENlEW)TujT}#HGlLVb~cBj(D6YwAC$ZPa@ z>STQYAbq$1R;Cka+KQ$mg+5SbyLdV1Dz(WKvI%||I~GWi7y58w#HMuEnaM9KBEU|} zr}z?(c%YH@2_k~XxJiWVMCx8NimWn3^i4X%^ji19p@|8=46D?pR-a1?0rk?CZ84%Pm0bocx@{(AiTfN(yuyphtBsOe zd8u=Cd^CH@au7ve5=MoRTcF2%2DSnuhiBIS>r$pYg2@Y6=Bp|^&u z1r)Pz(^jD4P7z8(ML__HsMj5*>idj05-!uJFcwQb8Z;ln4mxxUz zJVdz(Cb6fr@V$C8_z<3-=r@8NqJBn!X^rDd0S5sPqQfq|gMMo*8=>o|d}n$*aS2Y5 zyj60GvRdpZczBz`UhGd?9=<8p&!gS!f_nSYr~Y(%do%%i?) z!#uUB!E~lo5({c8a(6Ez%wbdgG0J3r0aC1f{=T~;vnC)*UGV9uKI2$^?a~yVB{u9Y zC&K9kOwKTo??{;0;a83k+uQ;yo>hRDXyF1#RYEMhDqEso*o{VXoEA!<~0OY`?>}#59wYIZKwb|N<6doL^;$T|bu+KsD=|_A06O|^;^{Q9vH1+6NXEvfQ(iW91 zg|J*l0-t{I3GUV109MDR z(JbM!yRq>~q0ttFnmo*lq;)Hmw(2FV0pFWuKppcBc&V~jtY>iN>3>rk-$uxE`F3&S zU5bagaS&*>M~K#mSH8tT;uS5$ruYhm`csko#cX0wL}@}t$0c1O`^L$Z2A@RA=!S+1 z_DhpCl!NcFen92|s7BI+7r-=@3)hhf;I$%{<0(I8|8|rssL3Jus$FkY zG`kyZt$o+mDnmbHQ~Kd6v;y~^dOK7w+0Ea`-d#SGU}NsfBQ6@$Sd&8Mhs*r2d9 zV`uyEFwrC4^|{BqpBJTkAKU|_tcu^>lbBdz*ZY+6*X8lewB0f`vMi!IMvTS6{%qK; zNxUl4FGENh(WX6>z6UF-T-MgUt|9Ke^lolLh24k$;C< zAQ4bDeLb{A`%@Gtn+HQ0Rbv-eQ!8Ey(w2){n$={%&<6B;>MK<#^e@6iS_$SNv-=Ka z4x)mVgZnBkQ-$^D`Hn(Q!~GfuQ{7+t7GPe)32^+w;{~C;ipIlQ|5KA)b{Z`^cL6Nr zzrEeBr>*{YV8UK?kDOP4U_$5%JBl0wvjVaZZN5>AII=^R~j;-~XoX~5E^We$wUoaqE4!aq68_%>{hLIVYq+0VHkZy1YP zeOqi+anYAMe4lh&?-_p9K^@u56Zv-y4i0)`q{r9hhU%BB+hI|lPA4CK`ODk&>WpTyQ9vkSW9rOk zCxVYYTjzlpp?`c6JbL`_T8DE!w_Ino+aCjw{C^$V{Oy(i3BDdhl{xm-KRZ$K^^mA* z*I$;(WDl4W>60~_`3Lhvf2iG>zbu&OjemGk8Ji{A{bMq-!Q=k}lPT#Yz=mVP1Aq_J zr32^tJ|gdEFK$xoYCO$(CdjTOs7J=L2`_H_I#}bD!rK4NELhAg_;jeUH|oe)lbgCP zx&Kjv`u(SIU+@-0kuEY{;pf7#X!PLr#+I^T!xsmNcJt{Yi+P>~RcyAWV|0YY$&=Pq z2l>+_F3NAVI@j3LDWY!87sm0gg`;x_%jP&CBQW+U(8QG<>vVUF(c{y2xJVI7h zZn>QNvc(ttuNBLetyuie;!Xbk)g?=%rI#*4$Rhsy$WOhAUjqtqz(XmFw3G(0L_tbg zK}y^Rpx|{b{d0NnV*mb$eR%GL1lrKRCTFNIeOe>w*KJ0PR5RB^M3 zt*nykafC*=vgyTZcjPpGEvs8|sDq=m&G*bD`DH4qYuBl1>*(s~|6*po-C~EOmECUp zJq~*v_Z|N2$Wb?U4^Kb;fD?g1!6zfmMxKkpMW2t0zkDSjF)2AC^ZJdf?3+2cg?H~2 z-7kLd@X@pKipr|$=PzpN8yaa%&2L)Xc6N35^!9!1A7HZBpT7)`jD8*CPS1Rw<;_9! z3yb@b0;K=GE%;sHz7*hnEm=GR#NxiBmPEmqw1Uji%_g#nwyucd;Yu2&7v+?Hy>_Rp zPF{1{Ae`wsS9uWzGT9%#CEn7J7|kafPBC&ck`(YZ}92?!O&4 zrWH#V4b+H5-zcQu#Xv#`p&j+z6^#K|Zh~LMz?WGRXA-`lC|S38O0Z81Bw_`W0%XA` znS@~u(94^J$}U7YbVCfRrq0JW2&}z$I5AL|#N~?tMJh{G3>ZI<9>S#ryU?;PIwS0A zjzJ&w$H(nL*>+&jU_&J}khq{nLQ%N}qRrs+0uee_J;4Bo~Lql9-rKWqYN zCB;}E#fiEsGR9x1>=Iny`pnsKk0E%sx!qS5-Wtn6#KY;EwQ^gwk}89H&&-#t{j7m9 zByI7~EI>a0S!_rWhN~D@)ho=$j27YvVxW->T^0kaW5B|yWat9VK$u3^h!21;B{&#j zG&<2LO;}7LqJm8JlPc)x1=AB}+f_r<0#XAsdi_u}6&2N~Euv?K^8NEZ>+GAI`cd?M zqC=8A?us@%;oE>6yCI<%NWyZLi-GKJsqY)sa7HGV^VI}4P$(B~rvnSrU8O222(>xy$|Jbx=(UaQwJURZLVJi9HidGqRd|M@d58!jOJp|bp(K;~y8 zEVAb_rVKj~%9&vs*9pB~xUZ&c5kz-~O`;8PeA{Gy;eA0QBHQmi?xlN|p`X4=`C4I5 zQBmy)m)VT#Gg|b`rUwy!n7RFwNM=SPZK$MOw3*P3RuN`VgGv2eu8&ES(oflpfCI~j?>r$tSDtjWW^CCo}bQSn|U_aPRo%Mm<$D%KlVpx~wXla-_)q#XMlKiOW zRMKI;;9Qp^8@nx;ev$l-jhDP0JTcZvnA>AVtH}99Q}_}6`-FisZGgs0U_Np1?x;mQ z7@s?O{_Nb*8uShGXUFI*%F$jyX@5Lz)V|Kz8j!W)q8RYd^3#dkVf-|OXx(LQ)(+ibks8GE@5M=b?;?SXAt34nio<@gN-iQ`O? z#vg=S`2b!G7EC6y=`J%&1-FfvmBjoMwX2(a>a@R8$?_eK?_GEFGwZN9qYj#yYPBTq z71XWIV-tr)rD3S(R15Oj6UD#;74IPidJ1zd z7cvwICX)s*94hANcNBD(&Z!myOgHejFg*-%1S>(Nt{8~-;|ETnqxuQ0!ZJSTX|zw^ zN3cuOHv%@6Qi{mw@E2|pti`|yuwkPZs8^(NlEHd`7`XgI3@ne}?;D)J1i&|;ixlBS zg*}}oofLKPqZSYg)Mqi7Ld+yK7}ljDF-f~nXi-0AIvn*ZL6|Lc5(7u3QpZPsnV;je zh=I&R;dRUebqu>e#s^|;4L2emC%msr_t?V3oS>)W>p}$-Qz(XOML$4n!mhCK zu`yt^+1Xv$`+f4j*NWB+2MosbzGOIVO7`+T@YbQ~`kT=E+w4ZX9h9RY4hbJqRG~py zwisAR*ors%09Hp5;|b_Y+TU6}@V_XTS1w%F(Q0V+#c*^T!8U zjUGp+KXB={V1jA2x**qpjc9y@;4gQFUa&_6ZkWrSEbAN_jI!sJ8+Qi>jvd>*|M0Q3 z6*o%*rpuKNdpoT-^vOZ4=BD(Z!A~4F?4-x*PNS^_giZ{jK+R&JjSQ*QZ^a?KpQS^tMc=nl^R!>bonLY$%hFjN2WYEEtF2zW7XDGaCv3~QZJ}|>`LkFn!QKwEfj3y^ zNKk?Jzd}kZbul12N|(3sE*#Idh;!{^KkJ&RbhfjtsY-SaprrHmJKS*^UOV|2_~bde zF+5&+^pV6Pb!(?qxd?7KOxzIzFkTM9*uB8E0v49l#_=+seinFnoIy{ZuL%AA)h2+8 zp^em2l)BB|_-7vI+LFDW(*1?Vo`3d zUO-l_Wm@+pRq$WL%XuM=G?B-lHVr9Jp&Q&dmQS4U@?-ol?stL#ss2g$hIjd>WFysm z9g~w=wrJ?+m#*;K?`Ashk*r@@bVdL4-FR>3$?Hg-L)R1EuTtJ z11}j@BID3XA1djJ_nW%RNQ$^C-a1X=b7e^~)vlgCj>vDR2`Ry*zd7)q;_F&OjhMBy zNBDaPO;~v_2vm3f`XMBLClq`KN;z8HS&(6{_jK4}jh7jEyJ2-sbllRBqqRd?YqoUm z=Z$-(tCtCm11BCvbKb^QM)+3ckX-nrO`hkA)HQi2V&L8ZK@9A6h|D=LU~ZnkrVe(&2}J`5F^*CY z1j15&0r8LD9rd(-f45|4`%A{U-P@lw`ez)vhAU{%QQY=ghJO&zRpAEv7zBoK52J|Q zDKPm!*(&%2c9|yx7kcqKS;s3)xGT;C zi}W}vuBm%tX=?dTLQqrq0|{*^)n!_>er<}szro;Qu#)y|CiQ*gn&~SrE|#i6B&KoF z5DGGZ{coKq+S+4Wq}OFURcjd>UW!xBgCr+$dfpRKj&*kkj!PSk%v<{*~1YVM*COoBRA~xDK&Vts%yjXFq8< zgo=SR7H!4@k=9Ydkt~~g*|%60vsma9allw~&6*3J-7-u9UC{jj@d1uAGerGh#WB|k zD(CAIu@>xZ`MX5FpjU!*d(hhWlTcuxzy&%EKe7dyc@*T?mi#Gr?ye_C>%`tX$Ui+y zS>89(Qqe(Ak+w-=ms|m|q(q{tj1p{jm{b)5dv8PVkzGbLOo>j0yv6v_Q?QlQufs0a zWM34(rz=wh^_%y=dB>C*?uwx8U}#C44BvLXHCRc1#6L_jI0BV$ z+?vrS_*uvBr>+b#s~cO%tH;Ye;qJb+{!*D;zwj+Xvq}sk=M861THSsrnrYp5$mxB! zdTh)Sdpw-xNP_k$Y87@;RXNmHV0D2#g_D{g3m1O@f2t>DrH?F6DgJ>~|R$Q`>9G z_af;(-d9FKqQZ4)22-e&WEwV^x)dM56a$cUbJLqpiaLIO4R_Vc4SmTr(iATbym9GQ z4eK!IAtjj5^>C0nWmEP=t9C?z`UtjhKL9KieGx9(Wb;~ug{-t9xP0S+k70}MyDVx} zpFRghp9vgnx;5-nWq}PyNXMo5_TgW9PaPe1d8O8OQPXrcy+JDi2Omhzn+(fcS^83n zfISf7Eh)S>Ol3a91W^}uPc_p8dLk4!bJ)j~uOsjjKA}kCjk;@*uoZ^1tD9O%$s%1` zSEETwF?9E}>F&@-Q2FHf%E#aGGtCGY(CPfWta8;9Rg2~VU zry!$yoGfZlv!Z>`cy*NNo70ij;f=?TTR$H}^nQ1>2bAG!%@=CboFIotBlC5v=0thJ zIu zRb|3&B&`=LgK>}3r~G$b?#t;l@fqZ7W2;`m1fk+7YET=8^)324Ryl~bke{c;oj;Qp z;4*utne@qN-CIXhLHX6ydu$6<^}@L`Qdw9S$n?iayQR=bEAu^S zAAIgH+8sOKXe=mCUKsGolXnqJ*Jiy$UBs-jS;w~%pg8oVcA%F2QKZ{>yxVYdZG7|2 zD(<^&dm_HHDGgitz4yy7Meh4nGVBt!3OwO5h-{>nr*(&-;zYl|{)vcIzlHpz?>EI} zSjS|u^7H*WX^$M50z&wr4<8U+XBWjhqg$7NDc7A$V1@NJjcq5^!Op`|3^bEgzDL{$ zc_i-#r;~9`E-t3QzCD_3(@NM%1%-UA;kpclFh>4+?tQrJ)iDAbMtd*T<6P2fB_8?N{-7nhsc~unALdHB^2bb5$IuY z0~-Rf!hW$dcXHjdJp;~S4Ox_`tl|2@V!(#1O%5rH-GTj|mtTi;+7h(6YV_RF#vw$$A8yUWZ?h33|hg^srhZF6fAFltBIl7;qK!V+h+G@ZsXFvLy_4UT2*o+tlIG`gjSgV2 zlgmpl4ZLdLofiWc(hQKVY}PK+POfG1APB`K!d}gnTV1zT#U%+`8F>?r<-BvUxV|OQ z+I3T=OEf}5ecWTqDQz)u-z{|4My~ze!1B2!l8mSWt|j12xb4ig?q{Pu2A!L`D>`g+ zEbllX79RSwOb@5R_C*Y2ooTZD>iq>+!y;An)wQb$+#p+2A{tqT6c`eLlU!Umv%J;f z#`@f%2Upb{;iqJUW4)Xrj_Zqoe7B6g%8p&@jbD>e^H&J(h>%biJ22KKYywpJx^+xt z_0X?=`GdIOb$2bNhm&U3myMXTtV0w<9r=rz^yjh6XEGW{{h7Q5Sgh&m-&Xd>l)>qXZBcP?j#=5sYup@9kr=2j|NaSAJXy(!XritWt#)7`<2ZJ3IZgAm zTCI;EbZWZoi-XR?lUlN!j^LMDZoQp zS-0gJUAAry$H%F?5EUyH;$G<4VHycL3JF^GIV$c6# z@!y3-DHxCcef?;)W`CKc4_*-MZ)WugGdEli1I{xC5qA8YV2cz7BTQBc6lKu7)57U+ zR&^C6Ee1Z`xetCdJo51a;;k3}u8Q7btBO;o{z9j@jjN#tVWLd}!#7K;VL!dy7}|UG z!8}{2<377X2v%%)X^;KQElxy7NejZ^6!)>uc1V9o3)h%gT8>N+txGyFeffRyNiD_T zsZF2lVnVdr;;G-?PL|XPNfa|kmq&!QF^TEms?$Z;zjA%9ttz^o#58GJwinamw9zHo zEYPGCB`D8=BPC#J(RBZ%;N_=XZs{1sAKE&?^A|o9IP-UW+S37HSS46!hWX<4^pi+i zLy&VdIQZ+Zv!Ulb{E4Gf>f}lw#$xeAu%`I65qwj^M}m&<*6F)J0u=WMSrEt*D&}KNDzs6YU zW2}PT9(`i^Zsu>5iqgSa)amyI#Bp73{YpJs9F4TWU zfv*Hv518-nY)CJ>zL_&58Afi8T{*b#1^K!q+^rq6NV z$q0#+iG=Nt9c}I$sCd>Wu)#{DgxRKHkP;Gl$VxPGWPBIB_MJE*x*NHDB6Iyvgme6v>)LQqT{8g8l8>(v(lD;QC@qIx_?$k6qH}u=H z`NFM!Eo@;B`H3Dtz9Ev@EWAz)bx|d>EM$MP*~~pi7uZ4`S7pv+i%wxVSHHT>G%xHg z8w+26Gb`_N$&?4=Yz*VEF_S1qcss@4?Sr?2izAn94s(d^M4AZbt#vG+9S_}J9J)S5 zm}A)aJ$a$mD{r0U`z`5GFqh*_=Pp`&YaxBtRpnJAN9@kqxZ*hk8 z0V4+zz7K(R{^NN8 zvM7k0L1pA&Id1g+Y|*l!N4V)O-mxwlJ03EjBUtlb&+MdSDC=eJg7rh0zZKu~*T6ix zy8jZ|3)X|!Wq-}J4~!P9`uV!Vzd^>}!60A}7XMipmx3aB*kUe?5$1r5N1nw*BTPWs zwnohFP>f23`AV!$SJsfh3-aBXs}9Seul%aX*Oz&t`2{|jCyRhsjGzo!sKL~Mqo{sL zYyClcPA1LAvbQ#xMT8vi*35R<+uN;Qrj*^sjvd;taQjnHMR;?_{ZD)MXG-4!R)zG2 zNNPp`#*+F2a3?{(_aYYy7gPBP5Sw>^>n2bvW*0qadR4s6#^RB8hzQVh?qQ(=ZuhFv zWEf7wZR>BQ-hD;51jhi&z`C7?#;K18o&`sD;w}RPY3nxUJQ3*Mbx^tcz@98XqXyij z3DaZaC=OhpYIVGq;d1)MB=(1@CfSceOsO?slb3xZSaJfB&I$wVdM7krb()8oE?B38 z@Pqvn9n20n-29TfTgbS&e)XPhxkClW8*rtz&K|9Y_v#4bS~QR#9c=R}w*!@Zkvnx* zlaXQ4w$J9Ask!wFs3GXKsqf3G=ZVyX7dDTZhnsdMNb_!Rm(nK_I2R5>^89^ZoeJ6v zDrvB4l%71QmPKVqe{p=Toovr_$x$xjW!dbtzObMxsRy8}$_67#-yreWsbXZ7wI>aD{MO za&LlXO;*AA4$^o&a?iOdFNK`Hk{5BI`0E*ZGcPYM#N+qm;h;iHZH8X{*pQ`mlct5q z65H#6=VQ?xTo-||F^d>GOJ9L=q0u?}sl=mJ#c7fAX5jLH4Suhmfk8twzevzoCHqOyc$9(eBaY(nclF)xwHDh6#5%@Z0A{wb`iq7zse&M!`T}V3&>MTXIP-5Y+8D z47FbM%!VFVu)YwoJm{{equDdZL{_qyka-nGdw8;qCTnULG+tkWO~umsGa z*v^;U4k;Zw?@SvQ8;3+;sL*f)aP~~J2eBGVB4XgNxe@pp@iz08lX41+WUB8sX^6XeZf@RAB**5f z;uo1tyYTy=!C(dm>C&6Y3OFT}_R!@BrW|>8Dq;Lla8ih{K)b3&leR=3WRDqdapw*b zW=v=oNqr~3V3?=yTj9tCwnWP;L@MW!;39Q355W@y0yv`>Q~-lvf<^Qq$pY-Rh^C&H z0V7BJT4#2Q@7f3#cqO&UhHK$JEL{%WW$cV<*r>#f5-1t7d(t1Wy$Q~!dR~G%$B;B& zQRe;$+q&8WA}N4{9zIUP`}~M=?k(5Y=`If?(j+8XrWtF|aw#}8yyODu<(F8%750l5 z&OR`Wx{6?u^5&ayWKoYmTA0H!&cl4|uxF8Gso!T&Q<#y0>{LQOY@8(ZEQvpM<@(AX z2injYZr|mz)b-G|#u`HTo$+%DLtoXZa$+{nDuoqgNt(I(n(xlgGzgr%tK>A-wS^sA z%)gOTMj=TVZ8TaA^WYOpBa9xrut$*|AqVXw&O8Kxa*x`;yrk5H&%Eo z|ES-LpN8E<{yyl^6t4l=`A{GuEW$8SP-^%i%-gL7Kz~Z|;mpUW&Vo9a?-5RzVWDvDTj9 zl9+vdO?$iswU2@-eRyA+%!|z$7$qvp!ObP&gW4B<%{lyc%__2lS-86PMp!5YzA8~s zAm=UwQxMvm&sPhKh*waYDk^giT+@5sfnjbJy%y2ob_Is-YdndWAj2HCFuu-|#l%q9 zx7vwlLg0pwk^*EF{$B#gfow^-X(qXEAB#}}8BbB1y;`uQB#o8hK}ZS4OffXb8DX!j zO=rz{dShQ>`tvpB%SE@9ec+-g+^BYO70rmw%j25A5+(V>QMJ0CcSiuXT>`iaIB=e{ znY)eE8;40oZv^X1(CD%4+bNrSDxz^L3S_gj}@AAgrq z=vjwk8JM-!-0gF$jQvhH?3W^qDeZ}iWVNsG!cki5R5xyZ>Kt~k>vY&z;TA7Q)D;mL zVyJMeP1#{C!(Qo=SF_gh#uLMv_L`=~;zlG0`Q!#9kI8k1o-oLlK^4%~IEA!okR|&n zyl_-)Dw!M045nx#_T*T98|rT;uV z3y4{IESuII53WF4LQ7z-OH`A~l^SG$?b`_p!UNaWV3lyGQonNTq`9^H<8SvnEAwun$98} zH^b6T)8uM&0dgaZ(F5RHnCNzb%HM=u31`zrMerIBuaOt&s}?z@@m7e}sJNP=Ma3}n zvlsRIhl=sZ({rvDybdj=kYd(#+et5%J|?)|RO@$-H= z#*-Hw)i(GDZ;F(0Bwjqs6L(`dfvaKb5X$tHowEP%jm2#$2@6yIF@<&fd83hX>;Ai;C)-zI**P36t-sg*6ceBI;EPdl!ygwMGQ@1^gpL)5n~e$j%FhGC90 zJW=9X?|nMsBd7Bsixqw1#!yH~NnVbp zl`4Z_MuQED#(WjXG@P-aSHK04KZFUB*b{sdulOUr9cC^D$0P_5e7m=NY(J(0PcIjZ z#qQLQbT3nnWUTd3#e1KCLlvUSAg7+a;}B zXz7=}e|2=KU+#EFJ~!}+VQmQWwq2d)^?}rLxwqqcqYejqw!J4su0KS5_zGQmHfp@p>u&EXUMukY*t3J{cV9 z5*RQ;kWYg=BYD*q9=v+;z*i&w7~R>hX-D%ncIunmu5#>D_;-~k7A=umF4+<eV@H3nWD4wQrnIgEtwUJ&!{$Mo&LILzk zC{8Vvc^70NFr2LD{ICJA;xwUwM=p;c@()j-17XG(r9l)Yyz?c7JV6?zg!PMoNS|vz z$12z6Mlewg$aDfgg}h+`erX)cVp%zshU6tA)H>g@f8g%D_I|p1?RfCTWY_g&%{p>6 zO(t#8Z~_=1at-90!>mmyPM9bs)ZioDgPCHi1_d7E94*>@cfMf0-)=k%7Omk_CVVtAvf_Ka z>h|gFHc|L>OW6G^zx94|;Z6P;dhy{+GT}`C0+dA2ar+P{F}#NP!oNV7OydR@Ik4_` zycE}=p0v_z!?wo!tTP zt$oxJn9Cb=g?DT$`A47(dLxFDhjX)i*>TqTd2RTk!G8OIv-M67um`S;dN>catUoa9 z?yozMRcu)m-z4>QR>GJD<3U%nI;<3X*On3l@ik8P*GDr$s&^@|trEgR+2 zgZ;j4UQ_-LXR#!X9(DgXkO%Vw;d#Ly<)kNR;Ls1}CX&bUe}OEVv-fhc6VVpIS>-3) zvY!pYxmd*g6Txpe`;n)LL78Y;*vs0 z94BPIwNFol_u*rG6bqj}g49y5LD^AY#T4;#w#$p{@MMnef!0qFF!=le{ZBFr+KHV=DfXB^Im*o8Xa3fts=auzjGf Date: Thu, 2 Mar 2023 10:00:12 +0000 Subject: [PATCH 0573/2573] M14-6-1: Identify non-compilable cases To take a pointer to a member function we need to provide a qualifier to the name. The cases in the COMPLIANT classes are therefore non-compilable. The reason some cases were not previously causing EDG to crash was that the templates weren't instantiated. We now instantiate all templates, and add explanatory comments. --- cpp/autosar/test/rules/M14-6-1/test.cpp | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/cpp/autosar/test/rules/M14-6-1/test.cpp b/cpp/autosar/test/rules/M14-6-1/test.cpp index be3c7c0b5f..b16e6b40dc 100644 --- a/cpp/autosar/test/rules/M14-6-1/test.cpp +++ b/cpp/autosar/test/rules/M14-6-1/test.cpp @@ -63,7 +63,8 @@ class C : D { g(); // COMPLIANT - does not apply to non-class templates sg(); // COMPLIANT - does not apply to non-class templates TYPE t1 = 0; // COMPLIANT - does not apply to non-class templates - // void (*p)() = &g; // NON_COMPILABLE + // void (*p)() = &g; // NON_COMPILABLE - not valid to take address of member + // function without qualifier } }; @@ -73,6 +74,14 @@ template class E : D { m = 0; // COMPLIANT - does not apply to non dependent base types g(); // COMPLIANT - does not apply to non dependent base types TYPE t1 = 0; // COMPLIANT - does not apply to non dependent base types - // void (*p)() = &g; // NON_COMPILABLE - clang does not accept this + // void (*p)() = &g; // NON_COMPILABLE - not valid to take address of member + // function without qualifier } -}; \ No newline at end of file +}; + +void f2() { + C c; + c.m1(); + E e; + e.m1(); +} \ No newline at end of file From dd4a1eaa87f3af547eafbd5b9c26a7a9b22f3427 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 2 Mar 2023 10:04:32 +0000 Subject: [PATCH 0574/2573] M14-6-1: nomagic implies noinline --- cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll b/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll index 33b5c4b651..b3d12c044b 100644 --- a/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll +++ b/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll @@ -21,7 +21,7 @@ TemplateClass getADependentBaseType(TemplateClass t) { * Helper predicate that ensures we do not join on function pairs by name early on, as that creates * a large dataset on big databases with lots of name duplication. */ -pragma[noinline, nomagic] +pragma[nomagic] private FunctionCall helper_functioncall( TemplateClass t, TemplateClass dependentBaseType, Function target, string name ) { @@ -53,7 +53,7 @@ FunctionCall getConfusingFunctionCall( * Helper predicate that ensures we do not join on function pairs by name early on, as that creates * a large dataset on big databases with lots of name duplication. */ -pragma[noinline, nomagic] +pragma[nomagic] private FunctionAccess helper_functionaccess( TemplateClass t, TemplateClass dependentBaseType, Function target, string name ) { @@ -83,7 +83,7 @@ FunctionAccess getConfusingFunctionAccess( * Helper predicate that ensures we do not join on variable pairs by name early on, as that creates * a large dataset on big databases with lots of name duplication. */ -pragma[noinline, nomagic] +pragma[nomagic] private VariableAccess helper_memberaccess( TemplateClass t, TemplateClass dependentBaseType, Variable target, string name ) { From d5403526e85619f38346b7a25bfe9a5f7855f1f2 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 2 Mar 2023 09:53:04 -0500 Subject: [PATCH 0575/2573] limit file replacement --- scripts/matrix_testing/CreateMatrixTestReport.ps1 | 2 +- scripts/matrix_testing/Get-CompilerSpecificFiles.ps1 | 7 +++++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/scripts/matrix_testing/CreateMatrixTestReport.ps1 b/scripts/matrix_testing/CreateMatrixTestReport.ps1 index a2ae220dad..6928154d4d 100644 --- a/scripts/matrix_testing/CreateMatrixTestReport.ps1 +++ b/scripts/matrix_testing/CreateMatrixTestReport.ps1 @@ -321,7 +321,7 @@ $jobRows = $queriesToCheck | ForEach-Object -ThrottleLimit $NumThreads -Parallel ########################################################### # Push context ########################################################### - $fileSet = (Get-CompilerSpecificFiles -Configuration $using:Configuration -Language $using:Language -TestDirectory $testDirectory) + $fileSet = (Get-CompilerSpecificFiles -Configuration $using:Configuration -Language $using:Language -TestDirectory $testDirectory -Query $CurrentQueryName) if($fileSet){ $context = Push-CompilerSpecificFiles -Configuration $using:Configuration -Language $using:Language -FileSet $fileSet diff --git a/scripts/matrix_testing/Get-CompilerSpecificFiles.ps1 b/scripts/matrix_testing/Get-CompilerSpecificFiles.ps1 index 6c06d0a66a..6197a05650 100644 --- a/scripts/matrix_testing/Get-CompilerSpecificFiles.ps1 +++ b/scripts/matrix_testing/Get-CompilerSpecificFiles.ps1 @@ -9,7 +9,10 @@ function Get-CompilerSpecificFiles { $Language, [Parameter(Mandatory)] [string] - $TestDirectory + $TestDirectory, + [Parameter(Mandatory)] + [string] + $Query ) # # Convention is as follows: @@ -28,7 +31,7 @@ function Get-CompilerSpecificFiles { $f } - foreach($f in (Get-ChildItem -Filter "*.expected.$Configuration" $TestDirectory)){ + foreach($f in (Get-ChildItem -Filter "$Query.expected.$Configuration" $TestDirectory)){ Write-Host "Found file $f..." $f } From d47f7d188f655c1f99a68131ee1b6d2ad0e00a80 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 2 Mar 2023 18:14:02 +0100 Subject: [PATCH 0576/2573] Fix RULE-22-3 test --- c/misra/test/rules/RULE-22-3/test.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/misra/test/rules/RULE-22-3/test.c b/c/misra/test/rules/RULE-22-3/test.c index 7e51ee9963..de1a6ecb93 100644 --- a/c/misra/test/rules/RULE-22-3/test.c +++ b/c/misra/test/rules/RULE-22-3/test.c @@ -46,7 +46,7 @@ void f8(void) { void f9(void) { char name[50] = "tmp9"; char ext[] = "txt"; - char file[] = strcat(name, ext); + char *file = strcat(name, ext); FILE *fw = fopen(file, "r+"); FILE *fr = fopen(strcat(name, ext), "r"); // NON_COMPLIANT[FALSE_NEGATIVE] } From 1b5c862c78647c1ec09596e9fe4f3d7cc08b155e Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Thu, 2 Mar 2023 10:25:41 -0800 Subject: [PATCH 0577/2573] Prepare test cases for INT34 --- .../DoNotShiftAnExpressionByANegat.expected | 1 - .../DoNotShiftAnExpressionByANegat.qlref | 1 - c/cert/test/rules/INT34-C/test.c | 527 ++++++++++++++++++ 3 files changed, 527 insertions(+), 2 deletions(-) delete mode 100644 c/cert/test/rules/INT34-C/DoNotShiftAnExpressionByANegat.expected delete mode 100644 c/cert/test/rules/INT34-C/DoNotShiftAnExpressionByANegat.qlref create mode 100644 c/cert/test/rules/INT34-C/test.c diff --git a/c/cert/test/rules/INT34-C/DoNotShiftAnExpressionByANegat.expected b/c/cert/test/rules/INT34-C/DoNotShiftAnExpressionByANegat.expected deleted file mode 100644 index 2ec1a0ac6c..0000000000 --- a/c/cert/test/rules/INT34-C/DoNotShiftAnExpressionByANegat.expected +++ /dev/null @@ -1 +0,0 @@ -No expected results have yet been specified \ No newline at end of file diff --git a/c/cert/test/rules/INT34-C/DoNotShiftAnExpressionByANegat.qlref b/c/cert/test/rules/INT34-C/DoNotShiftAnExpressionByANegat.qlref deleted file mode 100644 index 2c0ac34aa2..0000000000 --- a/c/cert/test/rules/INT34-C/DoNotShiftAnExpressionByANegat.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/INT34-C/DoNotShiftAnExpressionByANegat.ql \ No newline at end of file diff --git a/c/cert/test/rules/INT34-C/test.c b/c/cert/test/rules/INT34-C/test.c new file mode 100644 index 0000000000..982d0c15b5 --- /dev/null +++ b/c/cert/test/rules/INT34-C/test.c @@ -0,0 +1,527 @@ +int main() { + unsigned char x0; + signed char x1; + char x2; + unsigned short x3; + signed short x4; + short x5; + unsigned int x6; + signed int x7; + int x8; + unsigned long x9; + signed long x10; + long x11; + unsigned long long x12; + signed long long x13; + long long x14; + + /* left shift */ + + x0 << x0; // NON_COMPLIANT: x0's precision is not strictly greater than x0's + x0 << x1; // COMPLIANT: x0's precision is strictly greater than x1's + x0 << x2; // COMPLIANT: x0's precision is strictly greater than x2's + x0 << x3; // NON_COMPLIANT: x0's precision is not strictly greater than x3's + x0 << x4; // NON_COMPLIANT: x0's precision is not strictly greater than x4's + x0 << x5; // NON_COMPLIANT: x0's precision is not strictly greater than x5's + x0 << x6; // NON_COMPLIANT: x0's precision is not strictly greater than x6's + x0 << x7; // NON_COMPLIANT: x0's precision is not strictly greater than x7's + x0 << x8; // NON_COMPLIANT: x0's precision is not strictly greater than x8's + x0 << x9; // NON_COMPLIANT: x0's precision is not strictly greater than x9's + x0 << x10; // NON_COMPLIANT: x0's precision is not strictly greater than x10's + x0 << x11; // NON_COMPLIANT: x0's precision is not strictly greater than x11's + x0 << x12; // NON_COMPLIANT: x0's precision is not strictly greater than x12's + x0 << x13; // NON_COMPLIANT: x0's precision is not strictly greater than x13's + x0 << x14; // NON_COMPLIANT: x0's precision is not strictly greater than x14's + x1 << x0; // NON_COMPLIANT: x1's precision is not strictly greater than x0's + x1 << x1; // NON_COMPLIANT: x1's precision is not strictly greater than x1's + x1 << x2; // NON_COMPLIANT: x1's precision is not strictly greater than x2's + x1 << x3; // NON_COMPLIANT: x1's precision is not strictly greater than x3's + x1 << x4; // NON_COMPLIANT: x1's precision is not strictly greater than x4's + x1 << x5; // NON_COMPLIANT: x1's precision is not strictly greater than x5's + x1 << x6; // NON_COMPLIANT: x1's precision is not strictly greater than x6's + x1 << x7; // NON_COMPLIANT: x1's precision is not strictly greater than x7's + x1 << x8; // NON_COMPLIANT: x1's precision is not strictly greater than x8's + x1 << x9; // NON_COMPLIANT: x1's precision is not strictly greater than x9's + x1 << x10; // NON_COMPLIANT: x1's precision is not strictly greater than x10's + x1 << x11; // NON_COMPLIANT: x1's precision is not strictly greater than x11's + x1 << x12; // NON_COMPLIANT: x1's precision is not strictly greater than x12's + x1 << x13; // NON_COMPLIANT: x1's precision is not strictly greater than x13's + x1 << x14; // NON_COMPLIANT: x1's precision is not strictly greater than x14's + x2 << x0; // NON_COMPLIANT: x2's precision is not strictly greater than x0's + x2 << x1; // NON_COMPLIANT: x2's precision is not strictly greater than x1's + x2 << x2; // NON_COMPLIANT: x2's precision is not strictly greater than x2's + x2 << x3; // NON_COMPLIANT: x2's precision is not strictly greater than x3's + x2 << x4; // NON_COMPLIANT: x2's precision is not strictly greater than x4's + x2 << x5; // NON_COMPLIANT: x2's precision is not strictly greater than x5's + x2 << x6; // NON_COMPLIANT: x2's precision is not strictly greater than x6's + x2 << x7; // NON_COMPLIANT: x2's precision is not strictly greater than x7's + x2 << x8; // NON_COMPLIANT: x2's precision is not strictly greater than x8's + x2 << x9; // NON_COMPLIANT: x2's precision is not strictly greater than x9's + x2 << x10; // NON_COMPLIANT: x2's precision is not strictly greater than x10's + x2 << x11; // NON_COMPLIANT: x2's precision is not strictly greater than x11's + x2 << x12; // NON_COMPLIANT: x2's precision is not strictly greater than x12's + x2 << x13; // NON_COMPLIANT: x2's precision is not strictly greater than x13's + x2 << x14; // NON_COMPLIANT: x2's precision is not strictly greater than x14's + x3 << x0; // COMPLIANT: x3's precision is strictly greater than x0's + x3 << x1; // COMPLIANT: x3's precision is strictly greater than x1's + x3 << x2; // COMPLIANT: x3's precision is strictly greater than x2's + x3 << x3; // NON_COMPLIANT: x3's precision is not strictly greater than x3's + x3 << x4; // COMPLIANT: x3's precision is strictly greater than x4's + x3 << x5; // COMPLIANT: x3's precision is strictly greater than x5's + x3 << x6; // NON_COMPLIANT: x3's precision is not strictly greater than x6's + x3 << x7; // NON_COMPLIANT: x3's precision is not strictly greater than x7's + x3 << x8; // NON_COMPLIANT: x3's precision is not strictly greater than x8's + x3 << x9; // NON_COMPLIANT: x3's precision is not strictly greater than x9's + x3 << x10; // NON_COMPLIANT: x3's precision is not strictly greater than x10's + x3 << x11; // NON_COMPLIANT: x3's precision is not strictly greater than x11's + x3 << x12; // NON_COMPLIANT: x3's precision is not strictly greater than x12's + x3 << x13; // NON_COMPLIANT: x3's precision is not strictly greater than x13's + x3 << x14; // NON_COMPLIANT: x3's precision is not strictly greater than x14's + x4 << x0; // COMPLIANT: x4's precision is strictly greater than x0's + x4 << x1; // COMPLIANT: x4's precision is strictly greater than x1's + x4 << x2; // COMPLIANT: x4's precision is strictly greater than x2's + x4 << x3; // NON_COMPLIANT: x4's precision is not strictly greater than x3's + x4 << x4; // NON_COMPLIANT: x4's precision is not strictly greater than x4's + x4 << x5; // NON_COMPLIANT: x4's precision is not strictly greater than x5's + x4 << x6; // NON_COMPLIANT: x4's precision is not strictly greater than x6's + x4 << x7; // NON_COMPLIANT: x4's precision is not strictly greater than x7's + x4 << x8; // NON_COMPLIANT: x4's precision is not strictly greater than x8's + x4 << x9; // NON_COMPLIANT: x4's precision is not strictly greater than x9's + x4 << x10; // NON_COMPLIANT: x4's precision is not strictly greater than x10's + x4 << x11; // NON_COMPLIANT: x4's precision is not strictly greater than x11's + x4 << x12; // NON_COMPLIANT: x4's precision is not strictly greater than x12's + x4 << x13; // NON_COMPLIANT: x4's precision is not strictly greater than x13's + x4 << x14; // NON_COMPLIANT: x4's precision is not strictly greater than x14's + x5 << x0; // COMPLIANT: x5's precision is strictly greater than x0's + x5 << x1; // COMPLIANT: x5's precision is strictly greater than x1's + x5 << x2; // COMPLIANT: x5's precision is strictly greater than x2's + x5 << x3; // NON_COMPLIANT: x5's precision is not strictly greater than x3's + x5 << x4; // NON_COMPLIANT: x5's precision is not strictly greater than x4's + x5 << x5; // NON_COMPLIANT: x5's precision is not strictly greater than x5's + x5 << x6; // NON_COMPLIANT: x5's precision is not strictly greater than x6's + x5 << x7; // NON_COMPLIANT: x5's precision is not strictly greater than x7's + x5 << x8; // NON_COMPLIANT: x5's precision is not strictly greater than x8's + x5 << x9; // NON_COMPLIANT: x5's precision is not strictly greater than x9's + x5 << x10; // NON_COMPLIANT: x5's precision is not strictly greater than x10's + x5 << x11; // NON_COMPLIANT: x5's precision is not strictly greater than x11's + x5 << x12; // NON_COMPLIANT: x5's precision is not strictly greater than x12's + x5 << x13; // NON_COMPLIANT: x5's precision is not strictly greater than x13's + x5 << x14; // NON_COMPLIANT: x5's precision is not strictly greater than x14's + x6 << x0; // COMPLIANT: x6's precision is strictly greater than x0's + x6 << x1; // COMPLIANT: x6's precision is strictly greater than x1's + x6 << x2; // COMPLIANT: x6's precision is strictly greater than x2's + x6 << x3; // COMPLIANT: x6's precision is strictly greater than x3's + x6 << x4; // COMPLIANT: x6's precision is strictly greater than x4's + x6 << x5; // COMPLIANT: x6's precision is strictly greater than x5's + x6 << x6; // NON_COMPLIANT: x6's precision is not strictly greater than x6's + x6 << x7; // COMPLIANT: x6's precision is strictly greater than x7's + x6 << x8; // COMPLIANT: x6's precision is strictly greater than x8's + x6 << x9; // NON_COMPLIANT: x6's precision is not strictly greater than x9's + x6 << x10; // COMPLIANT: x6's precision is strictly greater than x10's + x6 << x11; // COMPLIANT: x6's precision is strictly greater than x11's + x6 << x12; // NON_COMPLIANT: x6's precision is not strictly greater than x12's + x6 << x13; // NON_COMPLIANT: x6's precision is not strictly greater than x13's + x6 << x14; // NON_COMPLIANT: x6's precision is not strictly greater than x14's + x7 << x0; // COMPLIANT: x7's precision is strictly greater than x0's + x7 << x1; // COMPLIANT: x7's precision is strictly greater than x1's + x7 << x2; // COMPLIANT: x7's precision is strictly greater than x2's + x7 << x3; // COMPLIANT: x7's precision is strictly greater than x3's + x7 << x4; // COMPLIANT: x7's precision is strictly greater than x4's + x7 << x5; // COMPLIANT: x7's precision is strictly greater than x5's + x7 << x6; // NON_COMPLIANT: x7's precision is not strictly greater than x6's + x7 << x7; // NON_COMPLIANT: x7's precision is not strictly greater than x7's + x7 << x8; // NON_COMPLIANT: x7's precision is not strictly greater than x8's + x7 << x9; // NON_COMPLIANT: x7's precision is not strictly greater than x9's + x7 << x10; // NON_COMPLIANT: x7's precision is not strictly greater than x10's + x7 << x11; // NON_COMPLIANT: x7's precision is not strictly greater than x11's + x7 << x12; // NON_COMPLIANT: x7's precision is not strictly greater than x12's + x7 << x13; // NON_COMPLIANT: x7's precision is not strictly greater than x13's + x7 << x14; // NON_COMPLIANT: x7's precision is not strictly greater than x14's + x8 << x0; // COMPLIANT: x8's precision is strictly greater than x0's + x8 << x1; // COMPLIANT: x8's precision is strictly greater than x1's + x8 << x2; // COMPLIANT: x8's precision is strictly greater than x2's + x8 << x3; // COMPLIANT: x8's precision is strictly greater than x3's + x8 << x4; // COMPLIANT: x8's precision is strictly greater than x4's + x8 << x5; // COMPLIANT: x8's precision is strictly greater than x5's + x8 << x6; // NON_COMPLIANT: x8's precision is not strictly greater than x6's + x8 << x7; // NON_COMPLIANT: x8's precision is not strictly greater than x7's + x8 << x8; // NON_COMPLIANT: x8's precision is not strictly greater than x8's + x8 << x9; // NON_COMPLIANT: x8's precision is not strictly greater than x9's + x8 << x10; // NON_COMPLIANT: x8's precision is not strictly greater than x10's + x8 << x11; // NON_COMPLIANT: x8's precision is not strictly greater than x11's + x8 << x12; // NON_COMPLIANT: x8's precision is not strictly greater than x12's + x8 << x13; // NON_COMPLIANT: x8's precision is not strictly greater than x13's + x8 << x14; // NON_COMPLIANT: x8's precision is not strictly greater than x14's + x9 << x0; // COMPLIANT: x9's precision is strictly greater than x0's + x9 << x1; // COMPLIANT: x9's precision is strictly greater than x1's + x9 << x2; // COMPLIANT: x9's precision is strictly greater than x2's + x9 << x3; // COMPLIANT: x9's precision is strictly greater than x3's + x9 << x4; // COMPLIANT: x9's precision is strictly greater than x4's + x9 << x5; // COMPLIANT: x9's precision is strictly greater than x5's + x9 << x6; // NON_COMPLIANT: x9's precision is not strictly greater than x6's + x9 << x7; // COMPLIANT: x9's precision is strictly greater than x7's + x9 << x8; // COMPLIANT: x9's precision is strictly greater than x8's + x9 << x9; // NON_COMPLIANT: x9's precision is not strictly greater than x9's + x9 << x10; // COMPLIANT: x9's precision is strictly greater than x10's + x9 << x11; // COMPLIANT: x9's precision is strictly greater than x11's + x9 << x12; // NON_COMPLIANT: x9's precision is not strictly greater than x12's + x9 << x13; // NON_COMPLIANT: x9's precision is not strictly greater than x13's + x9 << x14; // NON_COMPLIANT: x9's precision is not strictly greater than x14's + x10 << x0; // COMPLIANT: x10's precision is strictly greater than x0's + x10 << x1; // COMPLIANT: x10's precision is strictly greater than x1's + x10 << x2; // COMPLIANT: x10's precision is strictly greater than x2's + x10 << x3; // COMPLIANT: x10's precision is strictly greater than x3's + x10 << x4; // COMPLIANT: x10's precision is strictly greater than x4's + x10 << x5; // COMPLIANT: x10's precision is strictly greater than x5's + x10 << x6; // NON_COMPLIANT: x10's precision is not strictly greater than x6's + x10 << x7; // NON_COMPLIANT: x10's precision is not strictly greater than x7's + x10 << x8; // NON_COMPLIANT: x10's precision is not strictly greater than x8's + x10 << x9; // NON_COMPLIANT: x10's precision is not strictly greater than x9's + x10 << x10; // NON_COMPLIANT: x10's precision is not strictly greater than + // x10's + x10 << x11; // NON_COMPLIANT: x10's precision is not strictly greater than + // x11's + x10 << x12; // NON_COMPLIANT: x10's precision is not strictly greater than + // x12's + x10 << x13; // NON_COMPLIANT: x10's precision is not strictly greater than + // x13's + x10 << x14; // NON_COMPLIANT: x10's precision is not strictly greater than + // x14's + x11 << x0; // COMPLIANT: x11's precision is strictly greater than x0's + x11 << x1; // COMPLIANT: x11's precision is strictly greater than x1's + x11 << x2; // COMPLIANT: x11's precision is strictly greater than x2's + x11 << x3; // COMPLIANT: x11's precision is strictly greater than x3's + x11 << x4; // COMPLIANT: x11's precision is strictly greater than x4's + x11 << x5; // COMPLIANT: x11's precision is strictly greater than x5's + x11 << x6; // NON_COMPLIANT: x11's precision is not strictly greater than x6's + x11 << x7; // NON_COMPLIANT: x11's precision is not strictly greater than x7's + x11 << x8; // NON_COMPLIANT: x11's precision is not strictly greater than x8's + x11 << x9; // NON_COMPLIANT: x11's precision is not strictly greater than x9's + x11 << x10; // NON_COMPLIANT: x11's precision is not strictly greater than + // x10's + x11 << x11; // NON_COMPLIANT: x11's precision is not strictly greater than + // x11's + x11 << x12; // NON_COMPLIANT: x11's precision is not strictly greater than + // x12's + x11 << x13; // NON_COMPLIANT: x11's precision is not strictly greater than + // x13's + x11 << x14; // NON_COMPLIANT: x11's precision is not strictly greater than + // x14's + x12 << x0; // COMPLIANT: x12's precision is strictly greater than x0's + x12 << x1; // COMPLIANT: x12's precision is strictly greater than x1's + x12 << x2; // COMPLIANT: x12's precision is strictly greater than x2's + x12 << x3; // COMPLIANT: x12's precision is strictly greater than x3's + x12 << x4; // COMPLIANT: x12's precision is strictly greater than x4's + x12 << x5; // COMPLIANT: x12's precision is strictly greater than x5's + x12 << x6; // COMPLIANT: x12's precision is strictly greater than x6's + x12 << x7; // COMPLIANT: x12's precision is strictly greater than x7's + x12 << x8; // COMPLIANT: x12's precision is strictly greater than x8's + x12 << x9; // COMPLIANT: x12's precision is strictly greater than x9's + x12 << x10; // COMPLIANT: x12's precision is strictly greater than x10's + x12 << x11; // COMPLIANT: x12's precision is strictly greater than x11's + x12 << x12; // NON_COMPLIANT: x12's precision is not strictly greater than + // x12's + x12 << x13; // COMPLIANT: x12's precision is strictly greater than x13's + x12 << x14; // COMPLIANT: x12's precision is strictly greater than x14's + x13 << x0; // COMPLIANT: x13's precision is strictly greater than x0's + x13 << x1; // COMPLIANT: x13's precision is strictly greater than x1's + x13 << x2; // COMPLIANT: x13's precision is strictly greater than x2's + x13 << x3; // COMPLIANT: x13's precision is strictly greater than x3's + x13 << x4; // COMPLIANT: x13's precision is strictly greater than x4's + x13 << x5; // COMPLIANT: x13's precision is strictly greater than x5's + x13 << x6; // COMPLIANT: x13's precision is strictly greater than x6's + x13 << x7; // COMPLIANT: x13's precision is strictly greater than x7's + x13 << x8; // COMPLIANT: x13's precision is strictly greater than x8's + x13 << x9; // COMPLIANT: x13's precision is strictly greater than x9's + x13 << x10; // COMPLIANT: x13's precision is strictly greater than x10's + x13 << x11; // COMPLIANT: x13's precision is strictly greater than x11's + x13 << x12; // NON_COMPLIANT: x13's precision is not strictly greater than + // x12's + x13 << x13; // NON_COMPLIANT: x13's precision is not strictly greater than + // x13's + x13 << x14; // NON_COMPLIANT: x13's precision is not strictly greater than + // x14's + x14 << x0; // COMPLIANT: x14's precision is strictly greater than x0's + x14 << x1; // COMPLIANT: x14's precision is strictly greater than x1's + x14 << x2; // COMPLIANT: x14's precision is strictly greater than x2's + x14 << x3; // COMPLIANT: x14's precision is strictly greater than x3's + x14 << x4; // COMPLIANT: x14's precision is strictly greater than x4's + x14 << x5; // COMPLIANT: x14's precision is strictly greater than x5's + x14 << x6; // COMPLIANT: x14's precision is strictly greater than x6's + x14 << x7; // COMPLIANT: x14's precision is strictly greater than x7's + x14 << x8; // COMPLIANT: x14's precision is strictly greater than x8's + x14 << x9; // COMPLIANT: x14's precision is strictly greater than x9's + x14 << x10; // COMPLIANT: x14's precision is strictly greater than x10's + x14 << x11; // COMPLIANT: x14's precision is strictly greater than x11's + x14 << x12; // NON_COMPLIANT: x14's precision is not strictly greater than + // x12's + x14 << x13; // NON_COMPLIANT: x14's precision is not strictly greater than + // x13's + x14 << x14; // NON_COMPLIANT: x14's precision is not strictly greater than + // x14's + + /* right shift */ + + x0 >> x0; // NON_COMPLIANT: x0's precision is not strictly greater than x0's + x0 >> x1; // COMPLIANT: x0's precision is strictly greater than x1's + x0 >> x2; // COMPLIANT: x0's precision is strictly greater than x2's + x0 >> x3; // NON_COMPLIANT: x0's precision is not strictly greater than x3's + x0 >> x4; // NON_COMPLIANT: x0's precision is not strictly greater than x4's + x0 >> x5; // NON_COMPLIANT: x0's precision is not strictly greater than x5's + x0 >> x6; // NON_COMPLIANT: x0's precision is not strictly greater than x6's + x0 >> x7; // NON_COMPLIANT: x0's precision is not strictly greater than x7's + x0 >> x8; // NON_COMPLIANT: x0's precision is not strictly greater than x8's + x0 >> x9; // NON_COMPLIANT: x0's precision is not strictly greater than x9's + x0 >> x10; // NON_COMPLIANT: x0's precision is not strictly greater than x10's + x0 >> x11; // NON_COMPLIANT: x0's precision is not strictly greater than x11's + x0 >> x12; // NON_COMPLIANT: x0's precision is not strictly greater than x12's + x0 >> x13; // NON_COMPLIANT: x0's precision is not strictly greater than x13's + x0 >> x14; // NON_COMPLIANT: x0's precision is not strictly greater than x14's + x1 >> x0; // NON_COMPLIANT: x1's precision is not strictly greater than x0's + x1 >> x1; // NON_COMPLIANT: x1's precision is not strictly greater than x1's + x1 >> x2; // NON_COMPLIANT: x1's precision is not strictly greater than x2's + x1 >> x3; // NON_COMPLIANT: x1's precision is not strictly greater than x3's + x1 >> x4; // NON_COMPLIANT: x1's precision is not strictly greater than x4's + x1 >> x5; // NON_COMPLIANT: x1's precision is not strictly greater than x5's + x1 >> x6; // NON_COMPLIANT: x1's precision is not strictly greater than x6's + x1 >> x7; // NON_COMPLIANT: x1's precision is not strictly greater than x7's + x1 >> x8; // NON_COMPLIANT: x1's precision is not strictly greater than x8's + x1 >> x9; // NON_COMPLIANT: x1's precision is not strictly greater than x9's + x1 >> x10; // NON_COMPLIANT: x1's precision is not strictly greater than x10's + x1 >> x11; // NON_COMPLIANT: x1's precision is not strictly greater than x11's + x1 >> x12; // NON_COMPLIANT: x1's precision is not strictly greater than x12's + x1 >> x13; // NON_COMPLIANT: x1's precision is not strictly greater than x13's + x1 >> x14; // NON_COMPLIANT: x1's precision is not strictly greater than x14's + x2 >> x0; // NON_COMPLIANT: x2's precision is not strictly greater than x0's + x2 >> x1; // NON_COMPLIANT: x2's precision is not strictly greater than x1's + x2 >> x2; // NON_COMPLIANT: x2's precision is not strictly greater than x2's + x2 >> x3; // NON_COMPLIANT: x2's precision is not strictly greater than x3's + x2 >> x4; // NON_COMPLIANT: x2's precision is not strictly greater than x4's + x2 >> x5; // NON_COMPLIANT: x2's precision is not strictly greater than x5's + x2 >> x6; // NON_COMPLIANT: x2's precision is not strictly greater than x6's + x2 >> x7; // NON_COMPLIANT: x2's precision is not strictly greater than x7's + x2 >> x8; // NON_COMPLIANT: x2's precision is not strictly greater than x8's + x2 >> x9; // NON_COMPLIANT: x2's precision is not strictly greater than x9's + x2 >> x10; // NON_COMPLIANT: x2's precision is not strictly greater than x10's + x2 >> x11; // NON_COMPLIANT: x2's precision is not strictly greater than x11's + x2 >> x12; // NON_COMPLIANT: x2's precision is not strictly greater than x12's + x2 >> x13; // NON_COMPLIANT: x2's precision is not strictly greater than x13's + x2 >> x14; // NON_COMPLIANT: x2's precision is not strictly greater than x14's + x3 >> x0; // COMPLIANT: x3's precision is strictly greater than x0's + x3 >> x1; // COMPLIANT: x3's precision is strictly greater than x1's + x3 >> x2; // COMPLIANT: x3's precision is strictly greater than x2's + x3 >> x3; // NON_COMPLIANT: x3's precision is not strictly greater than x3's + x3 >> x4; // COMPLIANT: x3's precision is strictly greater than x4's + x3 >> x5; // COMPLIANT: x3's precision is strictly greater than x5's + x3 >> x6; // NON_COMPLIANT: x3's precision is not strictly greater than x6's + x3 >> x7; // NON_COMPLIANT: x3's precision is not strictly greater than x7's + x3 >> x8; // NON_COMPLIANT: x3's precision is not strictly greater than x8's + x3 >> x9; // NON_COMPLIANT: x3's precision is not strictly greater than x9's + x3 >> x10; // NON_COMPLIANT: x3's precision is not strictly greater than x10's + x3 >> x11; // NON_COMPLIANT: x3's precision is not strictly greater than x11's + x3 >> x12; // NON_COMPLIANT: x3's precision is not strictly greater than x12's + x3 >> x13; // NON_COMPLIANT: x3's precision is not strictly greater than x13's + x3 >> x14; // NON_COMPLIANT: x3's precision is not strictly greater than x14's + x4 >> x0; // COMPLIANT: x4's precision is strictly greater than x0's + x4 >> x1; // COMPLIANT: x4's precision is strictly greater than x1's + x4 >> x2; // COMPLIANT: x4's precision is strictly greater than x2's + x4 >> x3; // NON_COMPLIANT: x4's precision is not strictly greater than x3's + x4 >> x4; // NON_COMPLIANT: x4's precision is not strictly greater than x4's + x4 >> x5; // NON_COMPLIANT: x4's precision is not strictly greater than x5's + x4 >> x6; // NON_COMPLIANT: x4's precision is not strictly greater than x6's + x4 >> x7; // NON_COMPLIANT: x4's precision is not strictly greater than x7's + x4 >> x8; // NON_COMPLIANT: x4's precision is not strictly greater than x8's + x4 >> x9; // NON_COMPLIANT: x4's precision is not strictly greater than x9's + x4 >> x10; // NON_COMPLIANT: x4's precision is not strictly greater than x10's + x4 >> x11; // NON_COMPLIANT: x4's precision is not strictly greater than x11's + x4 >> x12; // NON_COMPLIANT: x4's precision is not strictly greater than x12's + x4 >> x13; // NON_COMPLIANT: x4's precision is not strictly greater than x13's + x4 >> x14; // NON_COMPLIANT: x4's precision is not strictly greater than x14's + x5 >> x0; // COMPLIANT: x5's precision is strictly greater than x0's + x5 >> x1; // COMPLIANT: x5's precision is strictly greater than x1's + x5 >> x2; // COMPLIANT: x5's precision is strictly greater than x2's + x5 >> x3; // NON_COMPLIANT: x5's precision is not strictly greater than x3's + x5 >> x4; // NON_COMPLIANT: x5's precision is not strictly greater than x4's + x5 >> x5; // NON_COMPLIANT: x5's precision is not strictly greater than x5's + x5 >> x6; // NON_COMPLIANT: x5's precision is not strictly greater than x6's + x5 >> x7; // NON_COMPLIANT: x5's precision is not strictly greater than x7's + x5 >> x8; // NON_COMPLIANT: x5's precision is not strictly greater than x8's + x5 >> x9; // NON_COMPLIANT: x5's precision is not strictly greater than x9's + x5 >> x10; // NON_COMPLIANT: x5's precision is not strictly greater than x10's + x5 >> x11; // NON_COMPLIANT: x5's precision is not strictly greater than x11's + x5 >> x12; // NON_COMPLIANT: x5's precision is not strictly greater than x12's + x5 >> x13; // NON_COMPLIANT: x5's precision is not strictly greater than x13's + x5 >> x14; // NON_COMPLIANT: x5's precision is not strictly greater than x14's + x6 >> x0; // COMPLIANT: x6's precision is strictly greater than x0's + x6 >> x1; // COMPLIANT: x6's precision is strictly greater than x1's + x6 >> x2; // COMPLIANT: x6's precision is strictly greater than x2's + x6 >> x3; // COMPLIANT: x6's precision is strictly greater than x3's + x6 >> x4; // COMPLIANT: x6's precision is strictly greater than x4's + x6 >> x5; // COMPLIANT: x6's precision is strictly greater than x5's + x6 >> x6; // NON_COMPLIANT: x6's precision is not strictly greater than x6's + x6 >> x7; // COMPLIANT: x6's precision is strictly greater than x7's + x6 >> x8; // COMPLIANT: x6's precision is strictly greater than x8's + x6 >> x9; // NON_COMPLIANT: x6's precision is not strictly greater than x9's + x6 >> x10; // COMPLIANT: x6's precision is strictly greater than x10's + x6 >> x11; // COMPLIANT: x6's precision is strictly greater than x11's + x6 >> x12; // NON_COMPLIANT: x6's precision is not strictly greater than x12's + x6 >> x13; // NON_COMPLIANT: x6's precision is not strictly greater than x13's + x6 >> x14; // NON_COMPLIANT: x6's precision is not strictly greater than x14's + x7 >> x0; // COMPLIANT: x7's precision is strictly greater than x0's + x7 >> x1; // COMPLIANT: x7's precision is strictly greater than x1's + x7 >> x2; // COMPLIANT: x7's precision is strictly greater than x2's + x7 >> x3; // COMPLIANT: x7's precision is strictly greater than x3's + x7 >> x4; // COMPLIANT: x7's precision is strictly greater than x4's + x7 >> x5; // COMPLIANT: x7's precision is strictly greater than x5's + x7 >> x6; // NON_COMPLIANT: x7's precision is not strictly greater than x6's + x7 >> x7; // NON_COMPLIANT: x7's precision is not strictly greater than x7's + x7 >> x8; // NON_COMPLIANT: x7's precision is not strictly greater than x8's + x7 >> x9; // NON_COMPLIANT: x7's precision is not strictly greater than x9's + x7 >> x10; // NON_COMPLIANT: x7's precision is not strictly greater than x10's + x7 >> x11; // NON_COMPLIANT: x7's precision is not strictly greater than x11's + x7 >> x12; // NON_COMPLIANT: x7's precision is not strictly greater than x12's + x7 >> x13; // NON_COMPLIANT: x7's precision is not strictly greater than x13's + x7 >> x14; // NON_COMPLIANT: x7's precision is not strictly greater than x14's + x8 >> x0; // COMPLIANT: x8's precision is strictly greater than x0's + x8 >> x1; // COMPLIANT: x8's precision is strictly greater than x1's + x8 >> x2; // COMPLIANT: x8's precision is strictly greater than x2's + x8 >> x3; // COMPLIANT: x8's precision is strictly greater than x3's + x8 >> x4; // COMPLIANT: x8's precision is strictly greater than x4's + x8 >> x5; // COMPLIANT: x8's precision is strictly greater than x5's + x8 >> x6; // NON_COMPLIANT: x8's precision is not strictly greater than x6's + x8 >> x7; // NON_COMPLIANT: x8's precision is not strictly greater than x7's + x8 >> x8; // NON_COMPLIANT: x8's precision is not strictly greater than x8's + x8 >> x9; // NON_COMPLIANT: x8's precision is not strictly greater than x9's + x8 >> x10; // NON_COMPLIANT: x8's precision is not strictly greater than x10's + x8 >> x11; // NON_COMPLIANT: x8's precision is not strictly greater than x11's + x8 >> x12; // NON_COMPLIANT: x8's precision is not strictly greater than x12's + x8 >> x13; // NON_COMPLIANT: x8's precision is not strictly greater than x13's + x8 >> x14; // NON_COMPLIANT: x8's precision is not strictly greater than x14's + x9 >> x0; // COMPLIANT: x9's precision is strictly greater than x0's + x9 >> x1; // COMPLIANT: x9's precision is strictly greater than x1's + x9 >> x2; // COMPLIANT: x9's precision is strictly greater than x2's + x9 >> x3; // COMPLIANT: x9's precision is strictly greater than x3's + x9 >> x4; // COMPLIANT: x9's precision is strictly greater than x4's + x9 >> x5; // COMPLIANT: x9's precision is strictly greater than x5's + x9 >> x6; // NON_COMPLIANT: x9's precision is not strictly greater than x6's + x9 >> x7; // COMPLIANT: x9's precision is strictly greater than x7's + x9 >> x8; // COMPLIANT: x9's precision is strictly greater than x8's + x9 >> x9; // NON_COMPLIANT: x9's precision is not strictly greater than x9's + x9 >> x10; // COMPLIANT: x9's precision is strictly greater than x10's + x9 >> x11; // COMPLIANT: x9's precision is strictly greater than x11's + x9 >> x12; // NON_COMPLIANT: x9's precision is not strictly greater than x12's + x9 >> x13; // NON_COMPLIANT: x9's precision is not strictly greater than x13's + x9 >> x14; // NON_COMPLIANT: x9's precision is not strictly greater than x14's + x10 >> x0; // COMPLIANT: x10's precision is strictly greater than x0's + x10 >> x1; // COMPLIANT: x10's precision is strictly greater than x1's + x10 >> x2; // COMPLIANT: x10's precision is strictly greater than x2's + x10 >> x3; // COMPLIANT: x10's precision is strictly greater than x3's + x10 >> x4; // COMPLIANT: x10's precision is strictly greater than x4's + x10 >> x5; // COMPLIANT: x10's precision is strictly greater than x5's + x10 >> x6; // NON_COMPLIANT: x10's precision is not strictly greater than x6's + x10 >> x7; // NON_COMPLIANT: x10's precision is not strictly greater than x7's + x10 >> x8; // NON_COMPLIANT: x10's precision is not strictly greater than x8's + x10 >> x9; // NON_COMPLIANT: x10's precision is not strictly greater than x9's + x10 >> + x10; // NON_COMPLIANT: x10's precision is not strictly greater than x10's + x10 >> + x11; // NON_COMPLIANT: x10's precision is not strictly greater than x11's + x10 >> + x12; // NON_COMPLIANT: x10's precision is not strictly greater than x12's + x10 >> + x13; // NON_COMPLIANT: x10's precision is not strictly greater than x13's + x10 >> + x14; // NON_COMPLIANT: x10's precision is not strictly greater than x14's + x11 >> x0; // COMPLIANT: x11's precision is strictly greater than x0's + x11 >> x1; // COMPLIANT: x11's precision is strictly greater than x1's + x11 >> x2; // COMPLIANT: x11's precision is strictly greater than x2's + x11 >> x3; // COMPLIANT: x11's precision is strictly greater than x3's + x11 >> x4; // COMPLIANT: x11's precision is strictly greater than x4's + x11 >> x5; // COMPLIANT: x11's precision is strictly greater than x5's + x11 >> x6; // NON_COMPLIANT: x11's precision is not strictly greater than x6's + x11 >> x7; // NON_COMPLIANT: x11's precision is not strictly greater than x7's + x11 >> x8; // NON_COMPLIANT: x11's precision is not strictly greater than x8's + x11 >> x9; // NON_COMPLIANT: x11's precision is not strictly greater than x9's + x11 >> + x10; // NON_COMPLIANT: x11's precision is not strictly greater than x10's + x11 >> + x11; // NON_COMPLIANT: x11's precision is not strictly greater than x11's + x11 >> + x12; // NON_COMPLIANT: x11's precision is not strictly greater than x12's + x11 >> + x13; // NON_COMPLIANT: x11's precision is not strictly greater than x13's + x11 >> + x14; // NON_COMPLIANT: x11's precision is not strictly greater than x14's + x12 >> x0; // COMPLIANT: x12's precision is strictly greater than x0's + x12 >> x1; // COMPLIANT: x12's precision is strictly greater than x1's + x12 >> x2; // COMPLIANT: x12's precision is strictly greater than x2's + x12 >> x3; // COMPLIANT: x12's precision is strictly greater than x3's + x12 >> x4; // COMPLIANT: x12's precision is strictly greater than x4's + x12 >> x5; // COMPLIANT: x12's precision is strictly greater than x5's + x12 >> x6; // COMPLIANT: x12's precision is strictly greater than x6's + x12 >> x7; // COMPLIANT: x12's precision is strictly greater than x7's + x12 >> x8; // COMPLIANT: x12's precision is strictly greater than x8's + x12 >> x9; // COMPLIANT: x12's precision is strictly greater than x9's + x12 >> x10; // COMPLIANT: x12's precision is strictly greater than x10's + x12 >> x11; // COMPLIANT: x12's precision is strictly greater than x11's + x12 >> + x12; // NON_COMPLIANT: x12's precision is not strictly greater than x12's + x12 >> x13; // COMPLIANT: x12's precision is strictly greater than x13's + x12 >> x14; // COMPLIANT: x12's precision is strictly greater than x14's + x13 >> x0; // COMPLIANT: x13's precision is strictly greater than x0's + x13 >> x1; // COMPLIANT: x13's precision is strictly greater than x1's + x13 >> x2; // COMPLIANT: x13's precision is strictly greater than x2's + x13 >> x3; // COMPLIANT: x13's precision is strictly greater than x3's + x13 >> x4; // COMPLIANT: x13's precision is strictly greater than x4's + x13 >> x5; // COMPLIANT: x13's precision is strictly greater than x5's + x13 >> x6; // COMPLIANT: x13's precision is strictly greater than x6's + x13 >> x7; // COMPLIANT: x13's precision is strictly greater than x7's + x13 >> x8; // COMPLIANT: x13's precision is strictly greater than x8's + x13 >> x9; // COMPLIANT: x13's precision is strictly greater than x9's + x13 >> x10; // COMPLIANT: x13's precision is strictly greater than x10's + x13 >> x11; // COMPLIANT: x13's precision is strictly greater than x11's + x13 >> + x12; // NON_COMPLIANT: x13's precision is not strictly greater than x12's + x13 >> + x13; // NON_COMPLIANT: x13's precision is not strictly greater than x13's + x13 >> + x14; // NON_COMPLIANT: x13's precision is not strictly greater than x14's + x14 >> x0; // COMPLIANT: x14's precision is strictly greater than x0's + x14 >> x1; // COMPLIANT: x14's precision is strictly greater than x1's + x14 >> x2; // COMPLIANT: x14's precision is strictly greater than x2's + x14 >> x3; // COMPLIANT: x14's precision is strictly greater than x3's + x14 >> x4; // COMPLIANT: x14's precision is strictly greater than x4's + x14 >> x5; // COMPLIANT: x14's precision is strictly greater than x5's + x14 >> x6; // COMPLIANT: x14's precision is strictly greater than x6's + x14 >> x7; // COMPLIANT: x14's precision is strictly greater than x7's + x14 >> x8; // COMPLIANT: x14's precision is strictly greater than x8's + x14 >> x9; // COMPLIANT: x14's precision is strictly greater than x9's + x14 >> x10; // COMPLIANT: x14's precision is strictly greater than x10's + x14 >> x11; // COMPLIANT: x14's precision is strictly greater than x11's + x14 >> + x12; // NON_COMPLIANT: x14's precision is not strictly greater than x12's + x14 >> + x13; // NON_COMPLIANT: x14's precision is not strictly greater than x13's + x14 >> + x14; // NON_COMPLIANT: x14's precision is not strictly greater than x14's + + /* negative shift */ + + x0 << -1; // NON_COMPLIANT: shifting by a negative operand + x1 << -1; // NON_COMPLIANT: shifting by a negative operand + x2 << -1; // NON_COMPLIANT: shifting by a negative operand + x3 << -1; // NON_COMPLIANT: shifting by a negative operand + x4 << -1; // NON_COMPLIANT: shifting by a negative operand + x5 << -1; // NON_COMPLIANT: shifting by a negative operand + x6 << -1; // NON_COMPLIANT: shifting by a negative operand + x7 << -1; // NON_COMPLIANT: shifting by a negative operand + x8 << -1; // NON_COMPLIANT: shifting by a negative operand + x9 << -1; // NON_COMPLIANT: shifting by a negative operand + x10 << -1; // NON_COMPLIANT: shifting by a negative operand + x11 << -1; // NON_COMPLIANT: shifting by a negative operand + x12 << -1; // NON_COMPLIANT: shifting by a negative operand + x13 << -1; // NON_COMPLIANT: shifting by a negative operand + x14 << -1; // NON_COMPLIANT: shifting by a negative operand + + return 0; +} \ No newline at end of file From 89b8cb216ae5df8238701eb02e4c633eb40afdcc Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 2 Mar 2023 16:01:06 -0500 Subject: [PATCH 0578/2573] compiler fixes --- ...actAScaledIntegerToAPointer.expected.clang | 23 +++++++++++++++++++ ...tractAScaledIntegerToAPointer.expected.gcc | 23 +++++++++++++++++++ 2 files changed, 46 insertions(+) create mode 100644 c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected.clang create mode 100644 c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected.gcc diff --git a/c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected.clang b/c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected.clang new file mode 100644 index 0000000000..17f9312a38 --- /dev/null +++ b/c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected.clang @@ -0,0 +1,23 @@ +edges +| test.c:7:13:7:14 | p1 | test.c:9:9:9:10 | p1 | +| test.c:16:19:16:41 | __builtin_offsetof | test.c:18:26:18:31 | offset | +| test.c:16:19:16:41 | __builtin_offsetof | test.c:29:6:29:11 | offset | +| test.c:17:17:17:26 | sizeof() | test.c:23:9:23:12 | size | +| test.c:29:6:29:11 | offset | test.c:7:13:7:14 | p1 | +nodes +| test.c:7:13:7:14 | p1 | semmle.label | p1 | +| test.c:9:9:9:10 | p1 | semmle.label | p1 | +| test.c:16:19:16:41 | __builtin_offsetof | semmle.label | __builtin_offsetof | +| test.c:17:17:17:26 | sizeof() | semmle.label | sizeof() | +| test.c:18:26:18:31 | offset | semmle.label | offset | +| test.c:23:9:23:12 | size | semmle.label | size | +| test.c:25:9:25:18 | sizeof() | semmle.label | sizeof() | +| test.c:27:17:27:26 | sizeof() | semmle.label | sizeof() | +| test.c:29:6:29:11 | offset | semmle.label | offset | +subpaths +#select +| test.c:9:9:9:10 | p1 | test.c:16:19:16:41 | __builtin_offsetof | test.c:9:9:9:10 | p1 | Scaled integer used in pointer arithmetic. | +| test.c:18:26:18:31 | offset | test.c:16:19:16:41 | __builtin_offsetof | test.c:18:26:18:31 | offset | Scaled integer used in pointer arithmetic. | +| test.c:23:9:23:12 | size | test.c:17:17:17:26 | sizeof() | test.c:23:9:23:12 | size | Scaled integer used in pointer arithmetic. | +| test.c:25:9:25:18 | sizeof() | test.c:25:9:25:18 | sizeof() | test.c:25:9:25:18 | sizeof() | Scaled integer used in pointer arithmetic. | +| test.c:27:17:27:26 | sizeof() | test.c:27:17:27:26 | sizeof() | test.c:27:17:27:26 | sizeof() | Scaled integer used in pointer arithmetic. | diff --git a/c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected.gcc b/c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected.gcc new file mode 100644 index 0000000000..17f9312a38 --- /dev/null +++ b/c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected.gcc @@ -0,0 +1,23 @@ +edges +| test.c:7:13:7:14 | p1 | test.c:9:9:9:10 | p1 | +| test.c:16:19:16:41 | __builtin_offsetof | test.c:18:26:18:31 | offset | +| test.c:16:19:16:41 | __builtin_offsetof | test.c:29:6:29:11 | offset | +| test.c:17:17:17:26 | sizeof() | test.c:23:9:23:12 | size | +| test.c:29:6:29:11 | offset | test.c:7:13:7:14 | p1 | +nodes +| test.c:7:13:7:14 | p1 | semmle.label | p1 | +| test.c:9:9:9:10 | p1 | semmle.label | p1 | +| test.c:16:19:16:41 | __builtin_offsetof | semmle.label | __builtin_offsetof | +| test.c:17:17:17:26 | sizeof() | semmle.label | sizeof() | +| test.c:18:26:18:31 | offset | semmle.label | offset | +| test.c:23:9:23:12 | size | semmle.label | size | +| test.c:25:9:25:18 | sizeof() | semmle.label | sizeof() | +| test.c:27:17:27:26 | sizeof() | semmle.label | sizeof() | +| test.c:29:6:29:11 | offset | semmle.label | offset | +subpaths +#select +| test.c:9:9:9:10 | p1 | test.c:16:19:16:41 | __builtin_offsetof | test.c:9:9:9:10 | p1 | Scaled integer used in pointer arithmetic. | +| test.c:18:26:18:31 | offset | test.c:16:19:16:41 | __builtin_offsetof | test.c:18:26:18:31 | offset | Scaled integer used in pointer arithmetic. | +| test.c:23:9:23:12 | size | test.c:17:17:17:26 | sizeof() | test.c:23:9:23:12 | size | Scaled integer used in pointer arithmetic. | +| test.c:25:9:25:18 | sizeof() | test.c:25:9:25:18 | sizeof() | test.c:25:9:25:18 | sizeof() | Scaled integer used in pointer arithmetic. | +| test.c:27:17:27:26 | sizeof() | test.c:27:17:27:26 | sizeof() | test.c:27:17:27:26 | sizeof() | Scaled integer used in pointer arithmetic. | From 59cc35c8bdff43afc9f3479461cfcf1f739b3870 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Thu, 2 Mar 2023 22:43:31 +0100 Subject: [PATCH 0579/2573] Implement RULE-9-2, RULE-9-3, RULE-9-4 --- ...acesToMatchAggregateTypeStructure.expected | 7 + ...izerBracesToMatchAggregateTypeStructure.ql | 2 + .../test.c | 55 ++++++++ ...rForAggregateOrUnionNotEnclosedInBraces.ql | 23 ++++ ...nitializedArrayWithExplicitInitializers.ql | 76 ++++++++++ ...dInitializationOfAggregateObjectElement.ql | 130 ++++++++++++++++++ ...ggregateOrUnionNotEnclosedInBraces.testref | 1 + ...izedArrayWithExplicitInitializers.expected | 6 + ...ializedArrayWithExplicitInitializers.qlref | 1 + c/misra/test/rules/RULE-9-3/test.c | 37 +++++ ...alizationOfAggregateObjectElement.expected | 4 + ...itializationOfAggregateObjectElement.qlref | 1 + c/misra/test/rules/RULE-9-4/test.c | 38 +++++ .../UseInitBracesToMatchTypeStructure.ql | 50 +------ .../UseInitBracesToMatchTypeStructure.qlref | 1 - .../UseInitBracesToMatchTypeStructure.testref | 1 + .../cpp/exclusions/c/Memory1.qll | 61 ++++++++ .../cpp/exclusions/c/RuleMetadata.qll | 3 + ...zerBracesToMatchAggregateTypeStructure.qll | 59 ++++++++ ...cesToMatchAggregateTypeStructure.expected} | 0 ...izerBracesToMatchAggregateTypeStructure.ql | 2 + .../test.cpp | 58 ++++++++ rule_packages/c/Memory1.json | 66 +++++++++ rule_packages/cpp/Initialization.json | 1 + 24 files changed, 638 insertions(+), 45 deletions(-) create mode 100644 c/common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.expected create mode 100644 c/common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.ql create mode 100644 c/common/test/rules/useinitializerbracestomatchaggregatetypestructure/test.c create mode 100644 c/misra/src/rules/RULE-9-2/InitializerForAggregateOrUnionNotEnclosedInBraces.ql create mode 100644 c/misra/src/rules/RULE-9-3/PartiallyInitializedArrayWithExplicitInitializers.ql create mode 100644 c/misra/src/rules/RULE-9-4/RepeatedInitializationOfAggregateObjectElement.ql create mode 100644 c/misra/test/rules/RULE-9-2/InitializerForAggregateOrUnionNotEnclosedInBraces.testref create mode 100644 c/misra/test/rules/RULE-9-3/PartiallyInitializedArrayWithExplicitInitializers.expected create mode 100644 c/misra/test/rules/RULE-9-3/PartiallyInitializedArrayWithExplicitInitializers.qlref create mode 100644 c/misra/test/rules/RULE-9-3/test.c create mode 100644 c/misra/test/rules/RULE-9-4/RepeatedInitializationOfAggregateObjectElement.expected create mode 100644 c/misra/test/rules/RULE-9-4/RepeatedInitializationOfAggregateObjectElement.qlref create mode 100644 c/misra/test/rules/RULE-9-4/test.c delete mode 100644 cpp/autosar/test/rules/M8-5-2/UseInitBracesToMatchTypeStructure.qlref create mode 100644 cpp/autosar/test/rules/M8-5-2/UseInitBracesToMatchTypeStructure.testref create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/Memory1.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.qll rename cpp/{autosar/test/rules/M8-5-2/UseInitBracesToMatchTypeStructure.expected => common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.expected} (100%) create mode 100644 cpp/common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.ql create mode 100644 cpp/common/test/rules/useinitializerbracestomatchaggregatetypestructure/test.cpp create mode 100644 rule_packages/c/Memory1.json diff --git a/c/common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.expected b/c/common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.expected new file mode 100644 index 0000000000..c95e3cc881 --- /dev/null +++ b/c/common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.expected @@ -0,0 +1,7 @@ +| test.c:35:20:35:23 | {...} | Missing braces on aggregate literal of type int[2]$@ which is assigned to index 0 in $@. | file://:0:0:0:0 | int[2] | int[2] | test.c:35:18:35:42 | {...} | array of type int[4][2] | +| test.c:35:26:35:29 | {...} | Missing braces on aggregate literal of type int[2]$@ which is assigned to index 1 in $@. | file://:0:0:0:0 | int[2] | int[2] | test.c:35:18:35:42 | {...} | array of type int[4][2] | +| test.c:35:32:35:35 | {...} | Missing braces on aggregate literal of type int[2]$@ which is assigned to index 2 in $@. | file://:0:0:0:0 | int[2] | int[2] | test.c:35:18:35:42 | {...} | array of type int[4][2] | +| test.c:35:38:35:41 | {...} | Missing braces on aggregate literal of type int[2]$@ which is assigned to index 3 in $@. | file://:0:0:0:0 | int[2] | int[2] | test.c:35:18:35:42 | {...} | array of type int[4][2] | +| test.c:41:34:41:34 | {...} | Missing braces on aggregate literal of type int[2]$@ which is assigned to index 1 in $@. | file://:0:0:0:0 | int[2] | int[2] | test.c:41:18:41:35 | {...} | array of type int[2][2] | +| test.c:47:26:47:29 | {...} | Missing braces on aggregate literal of type $@ which is assigned to field $@. | test.c:4:10:4:10 | struct | struct | test.c:7:5:7:8 | m_s1 | m_s1 | +| test.c:47:26:47:29 | {...} | Missing braces on aggregate literal of type $@ which is assigned to field $@. | test.c:11:10:11:10 | struct | struct | test.c:7:5:7:8 | m_s1 | m_s1 | diff --git a/c/common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.ql b/c/common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.ql new file mode 100644 index 0000000000..b24a879bab --- /dev/null +++ b/c/common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.useinitializerbracestomatchaggregatetypestructure.UseInitializerBracesToMatchAggregateTypeStructure diff --git a/c/common/test/rules/useinitializerbracestomatchaggregatetypestructure/test.c b/c/common/test/rules/useinitializerbracestomatchaggregatetypestructure/test.c new file mode 100644 index 0000000000..017889e9fa --- /dev/null +++ b/c/common/test/rules/useinitializerbracestomatchaggregatetypestructure/test.c @@ -0,0 +1,55 @@ +struct Foo { + int m_i1; + int m_i2; + struct { + int m_s1_i1; + int m_s1_i2; + } m_s1; +}; + +struct Bar { + struct { + int m_s1_i1; + int m_s1_i2; + } m_s1; + int m_i1; + int m_i2; +}; + +struct Baz { + int m_baz_i1; + int m_baz_i2; + struct Foo f; +}; + +struct StructNested { + int m_nested_i1; + int *m_nested_i2; + struct Baz m_baz; + int m_array[10]; +}; + +void test() { + int l01[4] = {1, 2, 3, 4}; // COMPLIANT + int l02[4][2] = {{1, 2}, {3, 4}, {3, 4}, {3, 4}}; // COMPLIANT + int l03[4][2] = {1, 2, 3, 4, 3, 4, 3, 4}; // NON_COMPLIANT - implied braces + int l04[4][2] = {0}; // COMPLIANT + int l06[4][2] = {{0}, {0}, {0}, {0}}; // COMPLIANT, nested zero initializer + int l08[4] = {1, 2}; // COMPLIANT, but missing explicit init + int l09[2][2] = {{1, 2}}; // COMPLIANT, but missing explicit init + int l10[2][2] = {{1, 2}, [1] = {0}}; // COMPLIANT + int l11[2][2] = {{1, 2}, [1] = 0}; // NON_COMPLIANT - implied braces + int l12[2][2] = {{1, 2}, [1][0] = 0, [1][1] = 0}; // COMPLIANT + int l13[2][2] = {{0}, [1][0] = 0}; // COMPLIANT + int l14[2][2] = { + {0}, [1][0] = 0, 0}; // NON_COMPLIANT[FALSE_NEGATIVE] - not all elements + // initialized with designated initializer + struct Foo f1 = {1, 2, 3, 4}; // NON_COMPLIANT - implied braces + struct Foo f2 = {1, 2, {3, 4}}; // COMPLIANT + struct Foo f3 = {0}; // COMPLIANT + struct Foo f4 = {0, 2}; // COMPLIANT, but missing explicit init + struct Foo f5 = {0, 2, {0}}; // COMPLIANT + struct Bar b1 = {0}; // COMPLIANT + struct Bar b2 = {{0}}; // COMPLIANT, but missing explicit init + struct StructNested n = {0}; // COMPLIANT +} \ No newline at end of file diff --git a/c/misra/src/rules/RULE-9-2/InitializerForAggregateOrUnionNotEnclosedInBraces.ql b/c/misra/src/rules/RULE-9-2/InitializerForAggregateOrUnionNotEnclosedInBraces.ql new file mode 100644 index 0000000000..4999527fc0 --- /dev/null +++ b/c/misra/src/rules/RULE-9-2/InitializerForAggregateOrUnionNotEnclosedInBraces.ql @@ -0,0 +1,23 @@ +/** + * @id c/misra/initializer-for-aggregate-or-union-not-enclosed-in-braces + * @name RULE-9-2: The initializer for an aggregate or union shall be enclosed in braces + * @description Using braces in initializers of objects and subobjects improves code readability and + * clarifies intent. + * @kind problem + * @precision high + * @problem.severity warning + * @tags external/misra/id/rule-9-2 + * maintainability + * readability + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.rules.useinitializerbracestomatchaggregatetypestructure.UseInitializerBracesToMatchAggregateTypeStructure + +class InitializerForAggregateOrUnionNotEnclosedInBracesQuery extends UseInitializerBracesToMatchAggregateTypeStructureSharedQuery { + InitializerForAggregateOrUnionNotEnclosedInBracesQuery() { + this = Memory1Package::initializerForAggregateOrUnionNotEnclosedInBracesQuery() + } +} diff --git a/c/misra/src/rules/RULE-9-3/PartiallyInitializedArrayWithExplicitInitializers.ql b/c/misra/src/rules/RULE-9-3/PartiallyInitializedArrayWithExplicitInitializers.ql new file mode 100644 index 0000000000..231520ce50 --- /dev/null +++ b/c/misra/src/rules/RULE-9-3/PartiallyInitializedArrayWithExplicitInitializers.ql @@ -0,0 +1,76 @@ +/** + * @id c/misra/partially-initialized-array-with-explicit-initializers + * @name RULE-9-3: Arrays shall not be partially initialized + * @description An array object or a subobject of an array shall be explicitly initialized if any + * other object in that array is explicitly initialized. + * @kind problem + * @precision high + * @problem.severity warning + * @tags external/misra/id/rule-9-3 + * maintainability + * readability + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.enhancements.AggregateLiteralEnhancements + +/** + * Holds if the aggregate literal has at least one explicit initializer, and at least one + * _missing_ explicit initializer, and not _only_ designated initializers. + */ +predicate isMissingExplicitInitializers(AggregateLiteral al) { + not al.isCompilerGenerated() and + not al.isAffectedByMacro() and + // Partially initialized, but not initialized with a leading zero (which is permitted) + isPartiallyValueInitialized(al) and + not isLeadingZeroInitialized(al) +} + +// note: this query is similar to M8-5-2: MissingExplicitInitializers.ql +// but, pursuant to Rule 9.3, only covers array initializers rather than all aggregates +from AggregateLiteral al, Type aggType, Element explanationElement, string explanationDescription +where + not isExcluded(al, Memory1Package::partiallyInitializedArrayWithExplicitInitializersQuery()) and + // The aggregate literal is missing at least one explicit initializer + isMissingExplicitInitializers(al) and + // Missing array initializer + exists(int arraySize, int minIndex, int maxIndex | + // Identify the size of the array with a missing initializer + arraySize = al.getType().getUnspecifiedType().(ArrayType).getArraySize() and + // Identify the smallest index missing an initialzer + minIndex = + min(int index | + index = [0 .. arraySize - 1] and ArrayAggregateLiterals::isValueInitialized(al, index) + | + index + ) and + // Identify the largest index missing an initialzer + maxIndex = + max(int index | + index = [0 .. arraySize - 1] and ArrayAggregateLiterals::isValueInitialized(al, index) + | + index + ) and + // Ensure that the maxIndex is the last array entry. If it's not, something is up with this + // database, and so we shouldn't report it (because you can only initialize trailing array + // values) + maxIndex = (arraySize - 1) and + // Nothing useful to point to as the explanation element, so let's just set it to the parent + // array + explanationElement = al and + ( + if minIndex = maxIndex + then + // Only one element missing + explanationDescription = "the element at index " + minIndex + else + // Multiple elements missing + explanationDescription = "the elements in the index range " + minIndex + " to " + maxIndex + ) + ) +select al, + "Aggregate literal for " + getAggregateTypeDescription(al, aggType) + + " is missing an explicit initializer for $@.", aggType, aggType.getName(), explanationElement, + explanationDescription diff --git a/c/misra/src/rules/RULE-9-4/RepeatedInitializationOfAggregateObjectElement.ql b/c/misra/src/rules/RULE-9-4/RepeatedInitializationOfAggregateObjectElement.ql new file mode 100644 index 0000000000..9816f83e75 --- /dev/null +++ b/c/misra/src/rules/RULE-9-4/RepeatedInitializationOfAggregateObjectElement.ql @@ -0,0 +1,130 @@ +/** + * @id c/misra/repeated-initialization-of-aggregate-object-element + * @name RULE-9-4: An element of an object shall not be initialized more than once + * @description Repeated initialization of an element in an object can lead to side-effects or may + * signal a logic error. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/misra/id/rule-9-4 + * correctness + * maintainability + * readability + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.enhancements.AggregateLiteralEnhancements + +/** + * Gets the `n`th parent of `e`. + * If `n` is zero, the result is `e`. + */ +Expr getNthParent(Expr e, int n) { + if n = 0 then result = e else result = getNthParent(e.getParent(), n - 1) +} + +/** + * Returns a string representation of the index of `e` relative + * to the nested array aggregate literal structure it is contained in. + */ +string getNestedArrayIndexString(Expr e) { + result = + concat(int depth | + depth = [0 .. getMaxDepth(getRootAggregate(e.getParent()))] + | + "[" + + any(int elementIndex | + exists(ArrayAggregateLiteral parent | + parent = getNthParent(e, pragma[only_bind_into](depth + 1)) and + parent.getElementExpr(elementIndex) = getNthParent(e, pragma[only_bind_into](depth)) + ) + | + elementIndex + ).toString() + "]" + ) +} + +/** + * Returns the number of levels of nested `ArrayAggregateLiteral`s in `al`. + * If there are no nested array aggregate literals, the max depth of the `ArrayAggregateLiteral` is `0`. + */ +language[monotonicAggregates] +int getMaxDepth(ArrayAggregateLiteral al) { + if not exists(al.getElementExpr(_).(ArrayAggregateLiteral)) + then result = 0 + else result = 1 + max(Expr child | child = al.getElementExpr(_) | getMaxDepth(child)) +} + +// internal recursive predicate for `hasMultipleInitializerExprsForSameIndex` +predicate hasMultipleInitializerExprsForSameIndexInternal( + ArrayAggregateLiteral al1, ArrayAggregateLiteral al2, Expr out_al1_expr, Expr out_al2_expr +) { + exists(int shared_index, Expr al1_expr, Expr al2_expr | + // an `Expr` initializing an element of the same index in both `al1` and `al2` + shared_index = [0 .. al1.getArraySize() - 1] and + al1_expr = al1.getElementExpr(shared_index) and + al2_expr = al2.getElementExpr(shared_index) and + // but not the same `Expr` + not al1_expr = al2_expr and + ( + // case A - the children are not aggregate literals + // holds if `al1` and `al2` both hold for .getElement[sharedIndex] + not al1_expr instanceof ArrayAggregateLiteral and + out_al1_expr = al1_expr and + out_al2_expr = al2_expr + or + // case B - `al1` and `al2` both have an aggregate literal child at the same index, so recurse + hasMultipleInitializerExprsForSameIndexInternal(al1_expr, al2_expr, out_al1_expr, out_al2_expr) + ) + ) +} + +/** + * Holds if `expr1` and `expr2` both initialize the same array element of `root`. + */ +predicate hasMultipleInitializerExprsForSameIndex(ArrayAggregateLiteral root, Expr expr1, Expr expr2) { + hasMultipleInitializerExprsForSameIndexInternal(root, root, expr1, expr2) +} + +/** + * Holds if `expr1` and `expr2` both initialize the same field of `root`. + * + * The dbschema keyset for `aggregate_field_init` prevents referencing multiple `Expr` + * that initialize the same Field and are part of the same `ClassAggregateLiteral`. + * This predicate is therefore unable to distinguish the individual duplicate expressions. + */ +predicate hasMultipleInitializerExprsForSameField(ClassAggregateLiteral root, Expr expr, Field f) { + expr = root.getFieldExpr(f) and + count(root.getFieldExpr(f)) > 1 +} + +from + AggregateLiteral root, Expr e1, Expr e2, string elementDescription, string rootType, + string clarification +where + not isExcluded(e1, Memory1Package::repeatedInitializationOfAggregateObjectElementQuery()) and + exists(Initializer init | init.getExpr() = root) and + ( + hasMultipleInitializerExprsForSameIndex(root, e1, e2) and + elementDescription = getNestedArrayIndexString(e1) and + rootType = "Array aggregate literal" and + clarification = ", which is already initialized $@." + or + exists(Field f | + // we cannot distinguish between different aggregate field init expressions. + // therefore, we only report the root aggregate rather than any child init expr. + // see `hasMultipleInitializerExprsForSameField` documentation. + hasMultipleInitializerExprsForSameField(root, _, f) and + e1 = root and + e2 = root and + elementDescription = f.getQualifiedName() and + rootType = "Structure aggregate literal" and + clarification = "." + ) + ) and + // de-duplicate the results by excluding permutations of `e1` and `e2` + e1.getLocation().toString() <= e2.getLocation().toString() +select e1, "$@ repeats initialization of element " + elementDescription + clarification, root, + rootType, e2, "here" diff --git a/c/misra/test/rules/RULE-9-2/InitializerForAggregateOrUnionNotEnclosedInBraces.testref b/c/misra/test/rules/RULE-9-2/InitializerForAggregateOrUnionNotEnclosedInBraces.testref new file mode 100644 index 0000000000..91bc9e1c63 --- /dev/null +++ b/c/misra/test/rules/RULE-9-2/InitializerForAggregateOrUnionNotEnclosedInBraces.testref @@ -0,0 +1 @@ +c/common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-9-3/PartiallyInitializedArrayWithExplicitInitializers.expected b/c/misra/test/rules/RULE-9-3/PartiallyInitializedArrayWithExplicitInitializers.expected new file mode 100644 index 0000000000..25774b2d25 --- /dev/null +++ b/c/misra/test/rules/RULE-9-3/PartiallyInitializedArrayWithExplicitInitializers.expected @@ -0,0 +1,6 @@ +| test.c:7:15:7:21 | {...} | Aggregate literal for type int[4]$@ is missing an explicit initializer for $@. | file://:0:0:0:0 | int[4] | int[4] | test.c:7:15:7:21 | {...} | the elements in the index range 2 to 3 | +| test.c:8:18:8:26 | {...} | Aggregate literal for type int[2][2]$@ is missing an explicit initializer for $@. | file://:0:0:0:0 | int[2][2] | int[2][2] | test.c:8:18:8:26 | {...} | the element at index 1 | +| test.c:12:18:12:35 | {...} | Aggregate literal for type int[2][2]$@ is missing an explicit initializer for $@. | file://:0:0:0:0 | int[2][2] | int[2][2] | test.c:12:18:12:35 | {...} | the element at index 1 | +| test.c:14:18:15:25 | {...} | Aggregate literal for type int[2][2]$@ is missing an explicit initializer for $@. | file://:0:0:0:0 | int[2][2] | int[2][2] | test.c:14:18:15:25 | {...} | the element at index 1 | +| test.c:20:18:20:32 | {...} | Aggregate literal for type int[2][2]$@ is missing an explicit initializer for $@. | file://:0:0:0:0 | int[2][2] | int[2][2] | test.c:20:18:20:32 | {...} | the element at index 1 | +| test.c:31:43:31:43 | {...} | Aggregate literal for type int[4]$@ is missing an explicit initializer for $@. | file://:0:0:0:0 | int[4] | int[4] | test.c:31:43:31:43 | {...} | the elements in the index range 1 to 3 | diff --git a/c/misra/test/rules/RULE-9-3/PartiallyInitializedArrayWithExplicitInitializers.qlref b/c/misra/test/rules/RULE-9-3/PartiallyInitializedArrayWithExplicitInitializers.qlref new file mode 100644 index 0000000000..f4892f425c --- /dev/null +++ b/c/misra/test/rules/RULE-9-3/PartiallyInitializedArrayWithExplicitInitializers.qlref @@ -0,0 +1 @@ +rules/RULE-9-3/PartiallyInitializedArrayWithExplicitInitializers.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-9-3/test.c b/c/misra/test/rules/RULE-9-3/test.c new file mode 100644 index 0000000000..21451e6f31 --- /dev/null +++ b/c/misra/test/rules/RULE-9-3/test.c @@ -0,0 +1,37 @@ +void test() { + int l01[4] = {1, 2, 3, 4}; // COMPLIANT + int l02[4][2] = {{1, 2}, {3, 4}, {3, 4}, {3, 4}}; // COMPLIANT + int l03[4][2] = {1, 2, 3, 4, 3, 4, 3, 4}; // COMPLIANT + int l04[4][2] = {0}; // COMPLIANT + int l06[4][2] = {{0}, {0}, {0}, {0}}; // COMPLIANT + int l08[4] = {1, 2}; // NON_COMPLIANT + int l09[2][2] = {{1, 2}}; // NON_COMPLIANT + int l10[2][2] = {{1, 2}, [1] = {0}}; // COMPLIANT + int l11[2][2] = {{1, 2}, [1] = 0}; // COMPLIANT + int l12[2][2] = {{1, 2}, [1][0] = 0, [1][1] = 0}; // COMPLIANT + int l13[2][2] = {{0}, [1][0] = 0}; // NON_COMPLIANT - not all elements + // initialized with designated initializer + int l14[2][2] = { + {0}, [1][0] = 0, 0}; // NON_COMPLIANT - not all elements + // initialized with designated initializer + + int l15[2] = {[1] = 0}; // COMPILANT - sparse matrix initialized with + // designated initializer + int l16[2][2] = {[0] = {0, 1}}; // NON_COMPLIANT - sub-elements not + // initialized with designated initializer + + int l17[4][4] = { + [0][0] = 0, [0][1] = 0, [0][2] = 0, [0][3] = 0, [2][0] = 0, + [2][1] = 0, [2][2] = 0, [2][3] = 0}; // COMPLIANT - sparse matrix + // initialized with designated + // initializer + + int l18[4][4] = { + [0][0] = 0, [0][1] = 0, [0][2] = 0, [0][3] = 0, [2][0] = 0, + [2][1] = 0, [2][2] = 0, [2][3] = 0, 2}; // NON_COMPLIANT - not all + // elements initialized with + // designated initializer + + char str1[4] = "abc"; // COMPLIANT + char str2[5] = "abc"; // COMPLIANT - array initialized by string literal +} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-9-4/RepeatedInitializationOfAggregateObjectElement.expected b/c/misra/test/rules/RULE-9-4/RepeatedInitializationOfAggregateObjectElement.expected new file mode 100644 index 0000000000..725b5daab7 --- /dev/null +++ b/c/misra/test/rules/RULE-9-4/RepeatedInitializationOfAggregateObjectElement.expected @@ -0,0 +1,4 @@ +| test.c:10:16:10:16 | 1 | $@ repeats initialization of element [0], which is already initialized $@. | test.c:9:14:10:26 | {...} | Array aggregate literal | test.c:10:7:10:7 | 0 | here | +| test.c:12:28:12:28 | 1 | $@ repeats initialization of element [0][0], which is already initialized $@. | test.c:12:17:16:29 | {...} | Array aggregate literal | test.c:16:28:16:28 | 1 | here | +| test.c:24:34:24:34 | 1 | $@ repeats initialization of element [0][0][0], which is already initialized $@. | test.c:24:20:26:35 | {...} | Array aggregate literal | test.c:26:34:26:34 | 1 | here | +| test.c:36:17:37:25 | {...} | $@ repeats initialization of element s1::a. | test.c:36:17:37:25 | {...} | Structure aggregate literal | test.c:36:17:37:25 | {...} | here | diff --git a/c/misra/test/rules/RULE-9-4/RepeatedInitializationOfAggregateObjectElement.qlref b/c/misra/test/rules/RULE-9-4/RepeatedInitializationOfAggregateObjectElement.qlref new file mode 100644 index 0000000000..512ebb1a5a --- /dev/null +++ b/c/misra/test/rules/RULE-9-4/RepeatedInitializationOfAggregateObjectElement.qlref @@ -0,0 +1 @@ +rules/RULE-9-4/RepeatedInitializationOfAggregateObjectElement.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-9-4/test.c b/c/misra/test/rules/RULE-9-4/test.c new file mode 100644 index 0000000000..aae73afb67 --- /dev/null +++ b/c/misra/test/rules/RULE-9-4/test.c @@ -0,0 +1,38 @@ +struct s1 { + int a; + int b; +}; + +void test_arrays(void) { + int a1[2] = {1, 2}; // COMPLIANT + int a2[2] = {[0] = 1, [1] = 2}; // COMPLIANT + int a3[2] = { + 0, [0] = 1, [1] = 2}; // NON_COMPLIANT - repeated initialiation of [0] + int a4[2][2] = {[0][0] = 1, [0][1] = 2, [1][0] = 3, [1][1] = 4}; // COMPLIANT + int a5[2][2] = {[0][0] = 1, + [0][1] = 2, + [1][0] = 3, + [1][1] = 4, + [0][0] = 1}; // NON_COMPLIANT + // - repeated + // initialiation + // of [0][0] + int a6[2][2][2] = { + [0][0][0] = 1, [0][0][1] = 2, [0][1][0] = 3, [0][1][1] = 4, + [1][0][0] = 5, [1][0][1] = 6, [1][1][0] = 7, [1][1][1] = 8}; // COMPLIANT + + int a7[2][2][2] = {[0][0][0] = 1, [0][0][1] = 2, [0][1][0] = 3, [0][1][1] = 4, + [1][0][0] = 5, [1][0][1] = 6, [1][1][0] = 7, [1][1][1] = 8, + [0][0][0] = 1}; // NON_COMPLIANT + // - repeated + // initialiation + // of [0][0][0] +} + +void test_structs(void) { + struct s1 s1 = {0}; // COMPLIANT + struct s1 s2 = {0, 1}; // COMPLIANT + struct s1 s3 = {.a = 0, .b = 1}; // COMPLIANT + struct s1 s4 = {.a = 0, + .a = 1}; // NON_COMPLIANT - repeated initialiation of .a +} \ No newline at end of file diff --git a/cpp/autosar/src/rules/M8-5-2/UseInitBracesToMatchTypeStructure.ql b/cpp/autosar/src/rules/M8-5-2/UseInitBracesToMatchTypeStructure.ql index f9de5d549e..a0ad244c15 100644 --- a/cpp/autosar/src/rules/M8-5-2/UseInitBracesToMatchTypeStructure.ql +++ b/cpp/autosar/src/rules/M8-5-2/UseInitBracesToMatchTypeStructure.ql @@ -16,48 +16,10 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.enhancements.AggregateLiteralEnhancements +import codingstandards.cpp.rules.useinitializerbracestomatchaggregatetypestructure.UseInitializerBracesToMatchAggregateTypeStructure -from - InferredAggregateLiteral inferredAggregateLiteral, Type aggType, string parentDescription, - Element explanationElement, string explanationDescription -where - not isExcluded(inferredAggregateLiteral, - InitializationPackage::useInitBracesToMatchTypeStructureQuery()) and - // Not an inferred aggregate literal that acts as a "leading zero" for the root aggregate - // e.g. - // ``` - // int i[2][4] { 0 } - // ``` - // Has an inferred aggregate literal (i.e. it's `{ { 0 } }`), but we shouldn't report it - not isLeadingZeroInitialized(getRootAggregate(inferredAggregateLiteral)) and - // Provide a good message, dependending on the type of the parent - ( - // For class aggergate literal parents, report which field is being assigned to - exists(ClassAggregateLiteral cal, Field field | - cal.getFieldExpr(field) = inferredAggregateLiteral and - parentDescription = "to field $@" and - explanationElement = field - | - explanationDescription = field.getName() - ) - or - // For array aggregate literal parents, report which index is being assigned to - exists(ArrayAggregateLiteral aal, int elementIndex | - aal.getElementExpr(elementIndex) = inferredAggregateLiteral and - parentDescription = "to index " + elementIndex + " in $@" and - explanationElement = aal and - explanationDescription = "array of type " + aal.getType().getName() - ) - or - // In some cases, we seem to have missing link, so provide a basic message - not any(ArrayAggregateLiteral aal).getElementExpr(_) = inferredAggregateLiteral and - not any(ClassAggregateLiteral aal).getFieldExpr(_) = inferredAggregateLiteral and - parentDescription = "to an unnamed field of $@" and - explanationElement = inferredAggregateLiteral.getParent() and - explanationDescription = " " + explanationElement.(Expr).getType().getName() - ) -select inferredAggregateLiteral, - "Missing braces on aggregate literal of " + - getAggregateTypeDescription(inferredAggregateLiteral, aggType) + " which is assigned " + - parentDescription + ".", aggType, aggType.getName(), explanationElement, explanationDescription +class UseInitBracesToMatchTypeStructureQuery extends UseInitializerBracesToMatchAggregateTypeStructureSharedQuery { + UseInitBracesToMatchTypeStructureQuery() { + this = InitializationPackage::useInitBracesToMatchTypeStructureQuery() + } +} diff --git a/cpp/autosar/test/rules/M8-5-2/UseInitBracesToMatchTypeStructure.qlref b/cpp/autosar/test/rules/M8-5-2/UseInitBracesToMatchTypeStructure.qlref deleted file mode 100644 index fb3df26b1e..0000000000 --- a/cpp/autosar/test/rules/M8-5-2/UseInitBracesToMatchTypeStructure.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M8-5-2/UseInitBracesToMatchTypeStructure.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M8-5-2/UseInitBracesToMatchTypeStructure.testref b/cpp/autosar/test/rules/M8-5-2/UseInitBracesToMatchTypeStructure.testref new file mode 100644 index 0000000000..06c190cf67 --- /dev/null +++ b/cpp/autosar/test/rules/M8-5-2/UseInitBracesToMatchTypeStructure.testref @@ -0,0 +1 @@ +cpp/common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.ql \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Memory1.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Memory1.qll new file mode 100644 index 0000000000..061215310c --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Memory1.qll @@ -0,0 +1,61 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype Memory1Query = + TInitializerForAggregateOrUnionNotEnclosedInBracesQuery() or + TPartiallyInitializedArrayWithExplicitInitializersQuery() or + TRepeatedInitializationOfAggregateObjectElementQuery() + +predicate isMemory1QueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `initializerForAggregateOrUnionNotEnclosedInBraces` query + Memory1Package::initializerForAggregateOrUnionNotEnclosedInBracesQuery() and + queryId = + // `@id` for the `initializerForAggregateOrUnionNotEnclosedInBraces` query + "c/misra/initializer-for-aggregate-or-union-not-enclosed-in-braces" and + ruleId = "RULE-9-2" and + category = "required" + or + query = + // `Query` instance for the `partiallyInitializedArrayWithExplicitInitializers` query + Memory1Package::partiallyInitializedArrayWithExplicitInitializersQuery() and + queryId = + // `@id` for the `partiallyInitializedArrayWithExplicitInitializers` query + "c/misra/partially-initialized-array-with-explicit-initializers" and + ruleId = "RULE-9-3" and + category = "required" + or + query = + // `Query` instance for the `repeatedInitializationOfAggregateObjectElement` query + Memory1Package::repeatedInitializationOfAggregateObjectElementQuery() and + queryId = + // `@id` for the `repeatedInitializationOfAggregateObjectElement` query + "c/misra/repeated-initialization-of-aggregate-object-element" and + ruleId = "RULE-9-4" and + category = "required" +} + +module Memory1Package { + Query initializerForAggregateOrUnionNotEnclosedInBracesQuery() { + //autogenerate `Query` type + result = + // `Query` type for `initializerForAggregateOrUnionNotEnclosedInBraces` query + TQueryC(TMemory1PackageQuery(TInitializerForAggregateOrUnionNotEnclosedInBracesQuery())) + } + + Query partiallyInitializedArrayWithExplicitInitializersQuery() { + //autogenerate `Query` type + result = + // `Query` type for `partiallyInitializedArrayWithExplicitInitializers` query + TQueryC(TMemory1PackageQuery(TPartiallyInitializedArrayWithExplicitInitializersQuery())) + } + + Query repeatedInitializationOfAggregateObjectElementQuery() { + //autogenerate `Query` type + result = + // `Query` type for `repeatedInitializationOfAggregateObjectElement` query + TQueryC(TMemory1PackageQuery(TRepeatedInitializationOfAggregateObjectElementQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index 1fcdafb5d0..6c3971b7f4 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -30,6 +30,7 @@ import IO4 import InvalidMemory1 import Language1 import Language2 +import Memory1 import Misc import Pointers1 import Pointers2 @@ -76,6 +77,7 @@ newtype TCQuery = TInvalidMemory1PackageQuery(InvalidMemory1Query q) or TLanguage1PackageQuery(Language1Query q) or TLanguage2PackageQuery(Language2Query q) or + TMemory1PackageQuery(Memory1Query q) or TMiscPackageQuery(MiscQuery q) or TPointers1PackageQuery(Pointers1Query q) or TPointers2PackageQuery(Pointers2Query q) or @@ -122,6 +124,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isInvalidMemory1QueryMetadata(query, queryId, ruleId, category) or isLanguage1QueryMetadata(query, queryId, ruleId, category) or isLanguage2QueryMetadata(query, queryId, ruleId, category) or + isMemory1QueryMetadata(query, queryId, ruleId, category) or isMiscQueryMetadata(query, queryId, ruleId, category) or isPointers1QueryMetadata(query, queryId, ruleId, category) or isPointers2QueryMetadata(query, queryId, ruleId, category) or diff --git a/cpp/common/src/codingstandards/cpp/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.qll b/cpp/common/src/codingstandards/cpp/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.qll new file mode 100644 index 0000000000..8aab8849fd --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.qll @@ -0,0 +1,59 @@ +/** + * Provides a library which includes a `problems` predicate for reporting initializers + * with brace structures that do not match the structure of the object being initialized. + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import codingstandards.cpp.enhancements.AggregateLiteralEnhancements + +abstract class UseInitializerBracesToMatchAggregateTypeStructureSharedQuery extends Query { } + +Query getQuery() { result instanceof UseInitializerBracesToMatchAggregateTypeStructureSharedQuery } + +query predicate problems( + InferredAggregateLiteral inferredAggregateLiteral, string message, Type aggType, + string aggTypeName, Element explanationElement, string explanationDescription +) { + not isExcluded(inferredAggregateLiteral, getQuery()) and + // Not an inferred aggregate literal that acts as a "leading zero" for the root aggregate + // e.g. + // ``` + // int i[2][4] { 0 } + // ``` + // Has an inferred aggregate literal (i.e. it's `{ { 0 } }`), but we shouldn't report it + not isLeadingZeroInitialized(getRootAggregate(inferredAggregateLiteral)) and + // Provide a good message, dependending on the type of the parent + exists(string parentDescription | + // For class aggergate literal parents, report which field is being assigned to + exists(ClassAggregateLiteral cal, Field field | + cal.getFieldExpr(field) = inferredAggregateLiteral and + parentDescription = "to field $@" and + explanationElement = field + | + explanationDescription = field.getName() + ) + or + // For array aggregate literal parents, report which index is being assigned to + exists(ArrayAggregateLiteral aal, int elementIndex | + aal.getElementExpr(elementIndex) = inferredAggregateLiteral and + parentDescription = "to index " + elementIndex + " in $@" and + explanationElement = aal and + explanationDescription = "array of type " + aal.getType().getName() + ) + or + // In some cases, we seem to have missing link, so provide a basic message + not any(ArrayAggregateLiteral aal).getElementExpr(_) = inferredAggregateLiteral and + not any(ClassAggregateLiteral aal).getFieldExpr(_) = inferredAggregateLiteral and + parentDescription = "to an unnamed field of $@" and + explanationElement = inferredAggregateLiteral.getParent() and + explanationDescription = " " + explanationElement.(Expr).getType().getName() + | + aggTypeName = aggType.getName() and + message = + "Missing braces on aggregate literal of " + + getAggregateTypeDescription(inferredAggregateLiteral, aggType) + " which is assigned " + + parentDescription + "." + ) +} diff --git a/cpp/autosar/test/rules/M8-5-2/UseInitBracesToMatchTypeStructure.expected b/cpp/common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.expected similarity index 100% rename from cpp/autosar/test/rules/M8-5-2/UseInitBracesToMatchTypeStructure.expected rename to cpp/common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.expected diff --git a/cpp/common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.ql b/cpp/common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.ql new file mode 100644 index 0000000000..b24a879bab --- /dev/null +++ b/cpp/common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.useinitializerbracestomatchaggregatetypestructure.UseInitializerBracesToMatchAggregateTypeStructure diff --git a/cpp/common/test/rules/useinitializerbracestomatchaggregatetypestructure/test.cpp b/cpp/common/test/rules/useinitializerbracestomatchaggregatetypestructure/test.cpp new file mode 100644 index 0000000000..b3a75e92ee --- /dev/null +++ b/cpp/common/test/rules/useinitializerbracestomatchaggregatetypestructure/test.cpp @@ -0,0 +1,58 @@ +#include + +struct Foo { + int m_i1; + int m_i2; + struct { + int m_s1_i1; + int m_s1_i2; + } m_s1; +}; + +struct Bar { + struct { + int m_s1_i1; + int m_s1_i2; + } m_s1; + int m_i1; + int m_i2; +}; + +struct Baz { + int m_baz_i1; + int m_baz_i2; + std::mutex m_mutex; + Foo f; +}; + +class StructNested { +public: + int m_nested_i1; + int *m_nested_i2; + Baz m_baz; + int m_array[10]; + StructNested() = default; + ~StructNested(); +}; + +void test() { + int l1[4]{1, 2, 3, 4}; // COMPLIANT + int l2[4][2]{{1, 2}, {3, 4}, {3, 4}, {3, 4}}; // COMPLIANT + int l3[4][2]{1, 2, 3, 4, 3, 4, 3, 4}; // NON_COMPLIANT - implied braces + int l4[4][2]{0}; // COMPLIANT + int l5[4][2]{{}, {}, {}, {}}; // NON_COMPLIANT - nested zero initializer + int l6[4][2]{{0}, {0}, {0}, {0}}; // NON_COMPLIANT - nested zero initializer + int l7[4][2]{}; // COMPLIANT + int l8[4]{1, 2}; // NON_COMPLIANT - missing explicit init + int l9[4][2]{{1, 2}}; // NON_COMPLIANT - missing explicit init + Foo f{1, 2, 3, 4}; // NON_COMPLIANT - implied braces + Foo f1{1, 2, {3, 4}}; // COMPLIANT + Foo f3{}; // COMPLIANT + Foo f4{0, 2}; // NON_COMPLIANT - missing explicit init + Foo f5{0, 2, {}}; // NON_COMPLIANT - nested zero initializer + Bar b{}; // COMPLIANT + Bar b1{0}; // COMPLIANT + Bar b2{{0}}; // NON_COMPLIANT - missing explicit init, nested zero init + StructNested n{}; // COMPLIANT + StructNested n1 = {}; // COMPLIANT +} \ No newline at end of file diff --git a/rule_packages/c/Memory1.json b/rule_packages/c/Memory1.json new file mode 100644 index 0000000000..15a9b389a1 --- /dev/null +++ b/rule_packages/c/Memory1.json @@ -0,0 +1,66 @@ +{ + "MISRA-C-2012": { + "RULE-9-2": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Using braces in initializers of objects and subobjects improves code readability and clarifies intent.", + "kind": "problem", + "name": "The initializer for an aggregate or union shall be enclosed in braces", + "precision": "high", + "severity": "warning", + "short_name": "InitializerForAggregateOrUnionNotEnclosedInBraces", + "shared_implementation_short_name": "UseInitializerBracesToMatchAggregateTypeStructure", + "tags": [ + "maintainability", + "readability" + ] + } + ], + "title": "The initializer for an aggregate or union shall be enclosed in braces" + }, + "RULE-9-3": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "An array object or a subobject of an array shall be explicitly initialized if any other object in that array is explicitly initialized.", + "kind": "problem", + "name": "Arrays shall not be partially initialized", + "precision": "high", + "severity": "warning", + "short_name": "PartiallyInitializedArrayWithExplicitInitializers", + "tags": [ + "maintainability", + "readability" + ] + } + ], + "title": "Arrays shall not be partially initialized" + }, + "RULE-9-4": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Repeated initialization of an element in an object can lead to side-effects or may signal a logic error.", + "kind": "problem", + "name": "An element of an object shall not be initialized more than once", + "precision": "high", + "severity": "error", + "short_name": "RepeatedInitializationOfAggregateObjectElement", + "tags": [ + "correctness", + "maintainability", + "readability" + ] + } + ], + "title": "An element of an object shall not be initialized more than once" + } + } +} \ No newline at end of file diff --git a/rule_packages/cpp/Initialization.json b/rule_packages/cpp/Initialization.json index 626ddb3184..da2ed53c98 100644 --- a/rule_packages/cpp/Initialization.json +++ b/rule_packages/cpp/Initialization.json @@ -364,6 +364,7 @@ "precision": "high", "severity": "recommendation", "short_name": "UseInitBracesToMatchTypeStructure", + "shared_implementation_short_name": "UseInitializerBracesToMatchAggregateTypeStructure", "tags": [ "readability", "maintainability" From 321a1e979611068f335bfbafcceb506ec8e7dc13 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Thu, 2 Mar 2023 23:14:10 +0100 Subject: [PATCH 0580/2573] Move RULE-9-5 to the Memory2 package RULE-9-5 is currently blocked due to CodeQL extractor non-support for identifying designated initializers in array aggregate literals. --- rules.csv | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rules.csv b/rules.csv index ef6fee41d7..75396bf81c 100644 --- a/rules.csv +++ b/rules.csv @@ -664,7 +664,7 @@ c,MISRA-C-2012,RULE-9-1,Yes,Mandatory,,,The value of an object with automatic st c,MISRA-C-2012,RULE-9-2,Yes,Required,,,The initializer for an aggregate or union shall be enclosed in braces,,Memory1,Easy, c,MISRA-C-2012,RULE-9-3,Yes,Required,,,Arrays shall not be partially initialized,,Memory1,Medium, c,MISRA-C-2012,RULE-9-4,Yes,Required,,,An element of an object shall not be initialized more than once,,Memory1,Medium, -c,MISRA-C-2012,RULE-9-5,Yes,Required,,,Where designated initializers are used to initialize an array object the size of the array shall be specified explicitly,,Memory1,Medium, +c,MISRA-C-2012,RULE-9-5,Yes,Required,,,Where designated initializers are used to initialize an array object the size of the array shall be specified explicitly,,Memory2,Medium, c,MISRA-C-2012,RULE-10-1,Yes,Required,,,Operands shall not be of an inappropriate essential type,,Types,Hard, c,MISRA-C-2012,RULE-10-2,Yes,Required,,,Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations,,Types,Medium, c,MISRA-C-2012,RULE-10-3,Yes,Required,,,The value of an expression shall not be assigned to an object with a narrower essential type or of a different essential type category,,Types,Hard, From 273ceb2d08818de1be999a24745ee3feff0ce7ef Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Thu, 2 Mar 2023 23:05:31 +0000 Subject: [PATCH 0581/2573] RULE-21-9: Simplify alert message, remove stdlib.h --- .../RULE-21-9/BsearchAndQsortOfStdlibhUsed.ql | 2 +- .../BsearchAndQsortOfStdlibhUsed.expected | 4 +- c/misra/test/rules/RULE-21-9/stdlib.h | 176 ------------------ c/misra/test/rules/RULE-21-9/test.c | 2 +- 4 files changed, 4 insertions(+), 180 deletions(-) delete mode 100644 c/misra/test/rules/RULE-21-9/stdlib.h diff --git a/c/misra/src/rules/RULE-21-9/BsearchAndQsortOfStdlibhUsed.ql b/c/misra/src/rules/RULE-21-9/BsearchAndQsortOfStdlibhUsed.ql index 5685c51a03..e442120ffc 100644 --- a/c/misra/src/rules/RULE-21-9/BsearchAndQsortOfStdlibhUsed.ql +++ b/c/misra/src/rules/RULE-21-9/BsearchAndQsortOfStdlibhUsed.ql @@ -21,4 +21,4 @@ where f = fc.getTarget() and f.getName() = ["qsort", "bsearch"] and f.getFile().getBaseName() = "stdlib.h" -select fc, "Call to banned function $@.", f, f.getName() +select fc, "Call to banned function " + f.getName() + "." diff --git a/c/misra/test/rules/RULE-21-9/BsearchAndQsortOfStdlibhUsed.expected b/c/misra/test/rules/RULE-21-9/BsearchAndQsortOfStdlibhUsed.expected index 2bf65c461f..e74ac68a2a 100644 --- a/c/misra/test/rules/RULE-21-9/BsearchAndQsortOfStdlibhUsed.expected +++ b/c/misra/test/rules/RULE-21-9/BsearchAndQsortOfStdlibhUsed.expected @@ -1,2 +1,2 @@ -| test.c:22:3:22:7 | call to qsort | Call to banned function $@. | stdlib.h:56:6:56:10 | qsort | qsort | -| test.c:26:9:26:15 | call to bsearch | Call to banned function $@. | stdlib.h:55:7:55:13 | bsearch | bsearch | +| test.c:22:3:22:7 | call to qsort | Call to banned function qsort. | +| test.c:26:9:26:15 | call to bsearch | Call to banned function bsearch. | diff --git a/c/misra/test/rules/RULE-21-9/stdlib.h b/c/misra/test/rules/RULE-21-9/stdlib.h deleted file mode 100644 index b54a051fe9..0000000000 --- a/c/misra/test/rules/RULE-21-9/stdlib.h +++ /dev/null @@ -1,176 +0,0 @@ -#ifndef _STDLIB_H -#define _STDLIB_H - -#ifdef __cplusplus -extern "C" { -#endif - -#include - -#ifdef __cplusplus -#define NULL 0L -#else -#define NULL ((void*)0) -#endif - -#define __NEED_size_t -#define __NEED_wchar_t - -#include - -int atoi (const char *); -long atol (const char *); -long long atoll (const char *); -double atof (const char *); - -float strtof (const char *__restrict, char **__restrict); -double strtod (const char *__restrict, char **__restrict); -long double strtold (const char *__restrict, char **__restrict); - -long strtol (const char *__restrict, char **__restrict, int); -unsigned long strtoul (const char *__restrict, char **__restrict, int); -long long strtoll (const char *__restrict, char **__restrict, int); -unsigned long long strtoull (const char *__restrict, char **__restrict, int); - -int rand (void); -void srand (unsigned); - -void *malloc (size_t); -void *calloc (size_t, size_t); -void *realloc (void *, size_t); -void free (void *); -void *aligned_alloc(size_t, size_t); - -_Noreturn void abort (void); -int atexit (void (*) (void)); -_Noreturn void exit (int); -_Noreturn void _Exit (int); -int at_quick_exit (void (*) (void)); -_Noreturn void quick_exit (int); - -char *getenv (const char *); - -int system (const char *); - -void *bsearch (const void *, const void *, size_t, size_t, int (*)(const void *, const void *)); -void qsort (void *, size_t, size_t, int (*)(const void *, const void *)); - -int abs (int); -long labs (long); -long long llabs (long long); - -typedef struct { int quot, rem; } div_t; -typedef struct { long quot, rem; } ldiv_t; -typedef struct { long long quot, rem; } lldiv_t; - -div_t div (int, int); -ldiv_t ldiv (long, long); -lldiv_t lldiv (long long, long long); - -int mblen (const char *, size_t); -int mbtowc (wchar_t *__restrict, const char *__restrict, size_t); -int wctomb (char *, wchar_t); -size_t mbstowcs (wchar_t *__restrict, const char *__restrict, size_t); -size_t wcstombs (char *__restrict, const wchar_t *__restrict, size_t); - -#define EXIT_FAILURE 1 -#define EXIT_SUCCESS 0 - -size_t __ctype_get_mb_cur_max(void); -#define MB_CUR_MAX (__ctype_get_mb_cur_max()) - -#define RAND_MAX (0x7fffffff) - - -#if defined(_POSIX_SOURCE) || defined(_POSIX_C_SOURCE) \ - || defined(_XOPEN_SOURCE) || defined(_GNU_SOURCE) \ - || defined(_BSD_SOURCE) - -#define WNOHANG 1 -#define WUNTRACED 2 - -#define WEXITSTATUS(s) (((s) & 0xff00) >> 8) -#define WTERMSIG(s) ((s) & 0x7f) -#define WSTOPSIG(s) WEXITSTATUS(s) -#define WIFEXITED(s) (!WTERMSIG(s)) -#define WIFSTOPPED(s) ((short)((((s)&0xffff)*0x10001)>>8) > 0x7f00) -#define WIFSIGNALED(s) (((s)&0xffff)-1U < 0xffu) - -int posix_memalign (void **, size_t, size_t); -int setenv (const char *, const char *, int); -int unsetenv (const char *); -int mkstemp (char *); -int mkostemp (char *, int); -char *mkdtemp (char *); -int getsubopt (char **, char *const *, char **); -int rand_r (unsigned *); - -#endif - - -#if defined(_XOPEN_SOURCE) || defined(_GNU_SOURCE) \ - || defined(_BSD_SOURCE) -char *realpath (const char *__restrict, char *__restrict); -long int random (void); -void srandom (unsigned int); -char *initstate (unsigned int, char *, size_t); -char *setstate (char *); -int putenv (char *); -int posix_openpt (int); -int grantpt (int); -int unlockpt (int); -char *ptsname (int); -char *l64a (long); -long a64l (const char *); -void setkey (const char *); -double drand48 (void); -double erand48 (unsigned short [3]); -long int lrand48 (void); -long int nrand48 (unsigned short [3]); -long mrand48 (void); -long jrand48 (unsigned short [3]); -void srand48 (long); -unsigned short *seed48 (unsigned short [3]); -void lcong48 (unsigned short [7]); -#endif - -#if defined(_GNU_SOURCE) || defined(_BSD_SOURCE) -#include -char *mktemp (char *); -int mkstemps (char *, int); -int mkostemps (char *, int, int); -void *valloc (size_t); -void *memalign(size_t, size_t); -int getloadavg(double *, int); -int clearenv(void); -#define WCOREDUMP(s) ((s) & 0x80) -#define WIFCONTINUED(s) ((s) == 0xffff) -void *reallocarray (void *, size_t, size_t); -#endif - -#ifdef _GNU_SOURCE -int ptsname_r(int, char *, size_t); -char *ecvt(double, int, int *, int *); -char *fcvt(double, int, int *, int *); -char *gcvt(double, int, char *); -char *secure_getenv(const char *); -struct __locale_struct; -float strtof_l(const char *__restrict, char **__restrict, struct __locale_struct *); -double strtod_l(const char *__restrict, char **__restrict, struct __locale_struct *); -long double strtold_l(const char *__restrict, char **__restrict, struct __locale_struct *); -#endif - -#if defined(_LARGEFILE64_SOURCE) || defined(_GNU_SOURCE) -#define mkstemp64 mkstemp -#define mkostemp64 mkostemp -#if defined(_GNU_SOURCE) || defined(_BSD_SOURCE) -#define mkstemps64 mkstemps -#define mkostemps64 mkostemps -#endif -#endif - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/c/misra/test/rules/RULE-21-9/test.c b/c/misra/test/rules/RULE-21-9/test.c index 3bebecd355..dfb00f03e0 100644 --- a/c/misra/test/rules/RULE-21-9/test.c +++ b/c/misra/test/rules/RULE-21-9/test.c @@ -1,5 +1,5 @@ -#include "stdlib.h" #include +#include #include #define size_of_months (sizeof(months) / sizeof(months[0])) From 892227e2d4cfb65b90950dbf80018b372e711d7e Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Thu, 2 Mar 2023 23:09:09 +0000 Subject: [PATCH 0582/2573] RULE-21-4: Simplify alert message, remove setjmp.h --- .../StandardHeaderFileUsedSetjmph.ql | 6 +-- .../StandardHeaderFileUsedSetjmph.expected | 4 +- c/misra/test/rules/RULE-21-4/setjmp.h | 39 ------------------- c/misra/test/rules/RULE-21-4/test.c | 2 +- 4 files changed, 5 insertions(+), 46 deletions(-) delete mode 100644 c/misra/test/rules/RULE-21-4/setjmp.h diff --git a/c/misra/src/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.ql b/c/misra/src/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.ql index 22eca266b3..01b0ed44b1 100644 --- a/c/misra/src/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.ql +++ b/c/misra/src/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.ql @@ -27,20 +27,18 @@ class LongJmp extends Function { } } -from Locatable use, Locatable feature, string name +from Locatable use, string name where not isExcluded(use, BannedPackage::standardHeaderFileUsedSetjmphQuery()) and ( exists(SetJmp setjmp | - feature = setjmp and use = setjmp.getAnInvocation() and name = "setjmp" ) or exists(LongJmp longjmp | - feature = longjmp and use = longjmp.getACallToThisFunction() and name = "longjmp" ) ) -select use, "Use of $@.", feature, name +select use, "Use of " + name + "." diff --git a/c/misra/test/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.expected b/c/misra/test/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.expected index aa28e9264f..bddea12878 100644 --- a/c/misra/test/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.expected +++ b/c/misra/test/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.expected @@ -1,2 +1,2 @@ -| test.c:7:7:7:12 | setjmp | Use of $@. | setjmp.h:33:1:33:21 | #define setjmp setjmp | setjmp | -| test.c:8:3:8:9 | call to longjmp | Use of $@. | setjmp.h:31:16:31:22 | longjmp | longjmp | +| test.c:7:7:7:12 | setjmp | Use of setjmp. | +| test.c:8:3:8:9 | call to longjmp | Use of longjmp. | diff --git a/c/misra/test/rules/RULE-21-4/setjmp.h b/c/misra/test/rules/RULE-21-4/setjmp.h deleted file mode 100644 index deb63fdd6e..0000000000 --- a/c/misra/test/rules/RULE-21-4/setjmp.h +++ /dev/null @@ -1,39 +0,0 @@ -#ifndef _SETJMP_H -#define _SETJMP_H - -#ifdef __cplusplus -extern "C" { -#endif - -#include "features.h" - -#include "bits/setjmp.h" - -typedef struct __jmp_buf_tag { - __jmp_buf __jb; - unsigned long __fl; - unsigned long __ss[128 / sizeof(long)]; -} jmp_buf[1]; - -#if defined(_POSIX_SOURCE) || defined(_POSIX_C_SOURCE) || \ - defined(_XOPEN_SOURCE) || defined(_GNU_SOURCE) || defined(_BSD_SOURCE) -typedef jmp_buf sigjmp_buf; -int sigsetjmp(sigjmp_buf, int); -_Noreturn void siglongjmp(sigjmp_buf, int); -#endif - -#if defined(_XOPEN_SOURCE) || defined(_GNU_SOURCE) || defined(_BSD_SOURCE) -int _setjmp(jmp_buf); -_Noreturn void _longjmp(jmp_buf, int); -#endif - -int setjmp(jmp_buf); -_Noreturn void longjmp(jmp_buf, int); - -#define setjmp setjmp - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/c/misra/test/rules/RULE-21-4/test.c b/c/misra/test/rules/RULE-21-4/test.c index c7de20b818..8ac53736bf 100644 --- a/c/misra/test/rules/RULE-21-4/test.c +++ b/c/misra/test/rules/RULE-21-4/test.c @@ -1,4 +1,4 @@ -#include "setjmp.h" +#include void f1() { jmp_buf env; // COMPLIANT - Assumption of features outlined in rule is From cd0d4acf75dad5446dc14881fc7ad1ac6ba3d775 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Thu, 2 Mar 2023 23:12:43 +0000 Subject: [PATCH 0583/2573] RULE-21-5: Simplify alert message, remove signal.h --- .../StandardHeaderFileUsedSignalh.ql | 2 +- .../StandardHeaderFileUsedSignalh.expected | 4 +- c/misra/test/rules/RULE-21-5/signal.h | 296 ------------------ c/misra/test/rules/RULE-21-5/test.c | 2 +- 4 files changed, 4 insertions(+), 300 deletions(-) delete mode 100644 c/misra/test/rules/RULE-21-5/signal.h diff --git a/c/misra/src/rules/RULE-21-5/StandardHeaderFileUsedSignalh.ql b/c/misra/src/rules/RULE-21-5/StandardHeaderFileUsedSignalh.ql index edd05fd1aa..004060b5a5 100644 --- a/c/misra/src/rules/RULE-21-5/StandardHeaderFileUsedSignalh.ql +++ b/c/misra/src/rules/RULE-21-5/StandardHeaderFileUsedSignalh.ql @@ -18,4 +18,4 @@ where not isExcluded(fc, BannedPackage::standardHeaderFileUsedSignalhQuery()) and fc.getTarget() = f and f.getFile().getBaseName() = "signal.h" -select fc, "Call to banned function $@.", f, f.getName() +select fc, "Call to banned function " + f.getName() + "." diff --git a/c/misra/test/rules/RULE-21-5/StandardHeaderFileUsedSignalh.expected b/c/misra/test/rules/RULE-21-5/StandardHeaderFileUsedSignalh.expected index 3aba88b3aa..0e0fb8b904 100644 --- a/c/misra/test/rules/RULE-21-5/StandardHeaderFileUsedSignalh.expected +++ b/c/misra/test/rules/RULE-21-5/StandardHeaderFileUsedSignalh.expected @@ -1,2 +1,2 @@ -| test.c:4:7:4:12 | call to signal | Call to banned function $@. | signal.h:282:8:282:13 | signal | signal | -| test.c:6:7:6:11 | call to raise | Call to banned function $@. | signal.h:283:5:283:9 | raise | raise | +| test.c:4:7:4:12 | call to signal | Call to banned function signal. | +| test.c:6:7:6:11 | call to raise | Call to banned function raise. | diff --git a/c/misra/test/rules/RULE-21-5/signal.h b/c/misra/test/rules/RULE-21-5/signal.h deleted file mode 100644 index 8ac0aab063..0000000000 --- a/c/misra/test/rules/RULE-21-5/signal.h +++ /dev/null @@ -1,296 +0,0 @@ -#ifndef _SIGNAL_H -#define _SIGNAL_H - -#ifdef __cplusplus -extern "C" { -#endif - -#include - -#if defined(_POSIX_SOURCE) || defined(_POSIX_C_SOURCE) || \ - defined(_XOPEN_SOURCE) || defined(_GNU_SOURCE) || defined(_BSD_SOURCE) - -#ifdef _GNU_SOURCE -#define __ucontext ucontext -#endif - -#define __NEED_size_t -#define __NEED_pid_t -#define __NEED_uid_t -#define __NEED_struct_timespec -#define __NEED_pthread_t -#define __NEED_pthread_attr_t -#define __NEED_time_t -#define __NEED_clock_t -#define __NEED_sigset_t - -#include - -#define SIG_BLOCK 0 -#define SIG_UNBLOCK 1 -#define SIG_SETMASK 2 - -#define SI_ASYNCNL (-60) -#define SI_TKILL (-6) -#define SI_SIGIO (-5) -#define SI_ASYNCIO (-4) -#define SI_MESGQ (-3) -#define SI_TIMER (-2) -#define SI_QUEUE (-1) -#define SI_USER 0 -#define SI_KERNEL 128 - -typedef struct sigaltstack stack_t; - -#endif - -#include - -#if defined(_POSIX_SOURCE) || defined(_POSIX_C_SOURCE) || \ - defined(_XOPEN_SOURCE) || defined(_GNU_SOURCE) || defined(_BSD_SOURCE) - -#define SIG_HOLD ((void (*)(int))2) - -#define FPE_INTDIV 1 -#define FPE_INTOVF 2 -#define FPE_FLTDIV 3 -#define FPE_FLTOVF 4 -#define FPE_FLTUND 5 -#define FPE_FLTRES 6 -#define FPE_FLTINV 7 -#define FPE_FLTSUB 8 - -#define ILL_ILLOPC 1 -#define ILL_ILLOPN 2 -#define ILL_ILLADR 3 -#define ILL_ILLTRP 4 -#define ILL_PRVOPC 5 -#define ILL_PRVREG 6 -#define ILL_COPROC 7 -#define ILL_BADSTK 8 - -#define SEGV_MAPERR 1 -#define SEGV_ACCERR 2 -#define SEGV_BNDERR 3 -#define SEGV_PKUERR 4 - -#define BUS_ADRALN 1 -#define BUS_ADRERR 2 -#define BUS_OBJERR 3 -#define BUS_MCEERR_AR 4 -#define BUS_MCEERR_AO 5 - -#define CLD_EXITED 1 -#define CLD_KILLED 2 -#define CLD_DUMPED 3 -#define CLD_TRAPPED 4 -#define CLD_STOPPED 5 -#define CLD_CONTINUED 6 - -union sigval { - int sival_int; - void *sival_ptr; -}; - -typedef struct { -#ifdef __SI_SWAP_ERRNO_CODE - int si_signo, si_code, si_errno; -#else - int si_signo, si_errno, si_code; -#endif - union { - char __pad[128 - 2 * sizeof(int) - sizeof(long)]; - struct { - union { - struct { - pid_t si_pid; - uid_t si_uid; - } __piduid; - struct { - int si_timerid; - int si_overrun; - } __timer; - } __first; - union { - union sigval si_value; - struct { - int si_status; - clock_t si_utime, si_stime; - } __sigchld; - } __second; - } __si_common; - struct { - void *si_addr; - short si_addr_lsb; - union { - struct { - void *si_lower; - void *si_upper; - } __addr_bnd; - unsigned si_pkey; - } __first; - } __sigfault; - struct { - long si_band; - int si_fd; - } __sigpoll; - struct { - void *si_call_addr; - int si_syscall; - unsigned si_arch; - } __sigsys; - } __si_fields; -} siginfo_t; -#define si_pid __si_fields.__si_common.__first.__piduid.si_pid -#define si_uid __si_fields.__si_common.__first.__piduid.si_uid -#define si_status __si_fields.__si_common.__second.__sigchld.si_status -#define si_utime __si_fields.__si_common.__second.__sigchld.si_utime -#define si_stime __si_fields.__si_common.__second.__sigchld.si_stime -#define si_value __si_fields.__si_common.__second.si_value -#define si_addr __si_fields.__sigfault.si_addr -#define si_addr_lsb __si_fields.__sigfault.si_addr_lsb -#define si_lower __si_fields.__sigfault.__first.__addr_bnd.si_lower -#define si_upper __si_fields.__sigfault.__first.__addr_bnd.si_upper -#define si_pkey __si_fields.__sigfault.__first.si_pkey -#define si_band __si_fields.__sigpoll.si_band -#define si_fd __si_fields.__sigpoll.si_fd -#define si_timerid __si_fields.__si_common.__first.__timer.si_timerid -#define si_overrun __si_fields.__si_common.__first.__timer.si_overrun -#define si_ptr si_value.sival_ptr -#define si_int si_value.sival_int -#define si_call_addr __si_fields.__sigsys.si_call_addr -#define si_syscall __si_fields.__sigsys.si_syscall -#define si_arch __si_fields.__sigsys.si_arch - -struct sigaction { - union { - void (*sa_handler)(int); - void (*sa_sigaction)(int, siginfo_t *, void *); - } __sa_handler; - sigset_t sa_mask; - int sa_flags; - void (*sa_restorer)(void); -}; -#define sa_handler __sa_handler.sa_handler -#define sa_sigaction __sa_handler.sa_sigaction - -struct sigevent { - union sigval sigev_value; - int sigev_signo; - int sigev_notify; - union { - char __pad[64 - 2 * sizeof(int) - sizeof(union sigval)]; - pid_t sigev_notify_thread_id; - struct { - void (*sigev_notify_function)(union sigval); - pthread_attr_t *sigev_notify_attributes; - } __sev_thread; - } __sev_fields; -}; - -#define sigev_notify_thread_id __sev_fields.sigev_notify_thread_id -#define sigev_notify_function __sev_fields.__sev_thread.sigev_notify_function -#define sigev_notify_attributes \ - __sev_fields.__sev_thread.sigev_notify_attributes - -#define SIGEV_SIGNAL 0 -#define SIGEV_NONE 1 -#define SIGEV_THREAD 2 -#define SIGEV_THREAD_ID 4 - -int __libc_current_sigrtmin(void); -int __libc_current_sigrtmax(void); - -#define SIGRTMIN (__libc_current_sigrtmin()) -#define SIGRTMAX (__libc_current_sigrtmax()) - -int kill(pid_t, int); - -int sigemptyset(sigset_t *); -int sigfillset(sigset_t *); -int sigaddset(sigset_t *, int); -int sigdelset(sigset_t *, int); -int sigismember(const sigset_t *, int); - -int sigprocmask(int, const sigset_t *__restrict, sigset_t *__restrict); -int sigsuspend(const sigset_t *); -int sigaction(int, const struct sigaction *__restrict, - struct sigaction *__restrict); -int sigpending(sigset_t *); -int sigwait(const sigset_t *__restrict, int *__restrict); -int sigwaitinfo(const sigset_t *__restrict, siginfo_t *__restrict); -int sigtimedwait(const sigset_t *__restrict, siginfo_t *__restrict, - const struct timespec *__restrict); -int sigqueue(pid_t, int, union sigval); - -int pthread_sigmask(int, const sigset_t *__restrict, sigset_t *__restrict); -int pthread_kill(pthread_t, int); - -void psiginfo(const siginfo_t *, const char *); -void psignal(int, const char *); - -#endif - -#if defined(_XOPEN_SOURCE) || defined(_BSD_SOURCE) || defined(_GNU_SOURCE) -int killpg(pid_t, int); -int sigaltstack(const stack_t *__restrict, stack_t *__restrict); -int sighold(int); -int sigignore(int); -int siginterrupt(int, int); -int sigpause(int); -int sigrelse(int); -void (*sigset(int, void (*)(int)))(int); -#define TRAP_BRKPT 1 -#define TRAP_TRACE 2 -#define TRAP_BRANCH 3 -#define TRAP_HWBKPT 4 -#define TRAP_UNK 5 -#define POLL_IN 1 -#define POLL_OUT 2 -#define POLL_MSG 3 -#define POLL_ERR 4 -#define POLL_PRI 5 -#define POLL_HUP 6 -#define SS_ONSTACK 1 -#define SS_DISABLE 2 -#define SS_AUTODISARM (1U << 31) -#define SS_FLAG_BITS SS_AUTODISARM -#endif - -#if defined(_BSD_SOURCE) || defined(_GNU_SOURCE) -#define NSIG _NSIG -typedef void (*sig_t)(int); -#endif - -#ifdef _GNU_SOURCE -typedef void (*sighandler_t)(int); -void (*bsd_signal(int, void (*)(int)))(int); -int sigisemptyset(const sigset_t *); -int sigorset(sigset_t *, const sigset_t *, const sigset_t *); -int sigandset(sigset_t *, const sigset_t *, const sigset_t *); - -#define SA_NOMASK SA_NODEFER -#define SA_ONESHOT SA_RESETHAND -#endif - -#define SIG_ERR ((void (*)(int)) - 1) -#define SIG_DFL ((void (*)(int))0) -#define SIG_IGN ((void (*)(int))1) - -typedef int sig_atomic_t; - -void (*signal(int, void (*)(int)))(int); -int raise(int); - -#if _REDIR_TIME64 -#if defined(_POSIX_SOURCE) || defined(_POSIX_C_SOURCE) || \ - defined(_XOPEN_SOURCE) || defined(_GNU_SOURCE) || defined(_BSD_SOURCE) -__REDIR(sigtimedwait, __sigtimedwait_time64); -#endif -#endif - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/c/misra/test/rules/RULE-21-5/test.c b/c/misra/test/rules/RULE-21-5/test.c index 0516c9d6ad..7d325b73c7 100644 --- a/c/misra/test/rules/RULE-21-5/test.c +++ b/c/misra/test/rules/RULE-21-5/test.c @@ -1,4 +1,4 @@ -#include "signal.h" +#include static void catch_function(int p1) {} void f1(void) { if (signal(SIGINT, catch_function) == SIG_ERR) { // NON_COMPLIANT From 3d303168e0cfe7abba398ed79333a158b1566c40 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Thu, 2 Mar 2023 15:15:35 -0800 Subject: [PATCH 0584/2573] Implement INT34-C --- ...ftedbyNegativeOrGreaterPrecisionOperand.ql | 64 +++- ...NegativeOrGreaterPrecisionOperand.expected | 276 +++++++++++++++++- 2 files changed, 336 insertions(+), 4 deletions(-) diff --git a/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql b/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql index 63de22a8cb..c59665a48b 100644 --- a/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql +++ b/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql @@ -13,7 +13,65 @@ import cpp import codingstandards.c.cert -from +/* Precision predicate based on a sample implementaion from https://wiki.sei.cmu.edu/confluence/display/c/INT35-C.+Use+correct+integer+precisions */ +int getPrecision(BuiltInType type) { + type.(CharType).isExplicitlyUnsigned() and result = 8 + or + type.(ShortType).isExplicitlyUnsigned() and result = 16 + or + type.(IntType).isExplicitlyUnsigned() and result = 32 + or + type.(LongType).isExplicitlyUnsigned() and result = 32 + or + type.(LongLongType).isExplicitlyUnsigned() and result = 64 + or + type instanceof CharType and not type.(CharType).isExplicitlyUnsigned() and result = 7 + or + type instanceof ShortType and not type.(ShortType).isExplicitlyUnsigned() and result = 15 + or + type instanceof IntType and not type.(IntType).isExplicitlyUnsigned() and result = 31 + or + type instanceof LongType and not type.(LongType).isExplicitlyUnsigned() and result = 31 + or + type instanceof LongLongType and not type.(LongLongType).isExplicitlyUnsigned() and result = 63 +} + +class MinusNumberLiteral extends UnaryMinusExpr { + MinusNumberLiteral() { this.getOperand() instanceof Literal } + + override string toString() { result = "-" + this.getOperand().toString() } +} + +class ForbiddenShiftExpr extends BinaryBitwiseOperation { + ForbiddenShiftExpr() { + ( + /* Precision mismatch between operands */ + getPrecision(this.(LShiftExpr).getLeftOperand().getUnderlyingType()) <= + getPrecision(this.(LShiftExpr).getRightOperand().getUnderlyingType()) or + getPrecision(this.(RShiftExpr).getLeftOperand().getUnderlyingType()) <= + getPrecision(this.(RShiftExpr).getRightOperand().getUnderlyingType()) or + /* Shifting by a negative number literal */ + this.(LShiftExpr).getRightOperand() instanceof MinusNumberLiteral or + this.(RShiftExpr).getRightOperand() instanceof MinusNumberLiteral + ) + } + + predicate hasNegativeOperand() { + this.(LShiftExpr).getRightOperand() instanceof MinusNumberLiteral or + this.(RShiftExpr).getRightOperand() instanceof MinusNumberLiteral + } +} + +from ForbiddenShiftExpr badShift, string message where - not isExcluded(x, TypesPackage::exprShiftedbyNegativeOrGreaterPrecisionOperandQuery()) and -select + not isExcluded(badShift, TypesPackage::exprShiftedbyNegativeOrGreaterPrecisionOperandQuery()) and + if badShift.hasNegativeOperand() + then + message = + "The operand " + badShift.getLeftOperand() + " is shifted by a negative expression " + + badShift.getRightOperand() + "." + else + message = + "The operand " + badShift.getLeftOperand() + " is shifted by an expression " + + badShift.getRightOperand() + " which is greater than or equal to in precision." +select badShift, message diff --git a/c/cert/test/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.expected b/c/cert/test/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.expected index 2ec1a0ac6c..f7d45166f3 100644 --- a/c/cert/test/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.expected +++ b/c/cert/test/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.expected @@ -1 +1,275 @@ -No expected results have yet been specified \ No newline at end of file +| test.c:20:3:20:10 | ... << ... | The operand x0 is shifted by an expression x0 which is greater than or equal to in precision. | +| test.c:23:3:23:10 | ... << ... | The operand x0 is shifted by an expression x3 which is greater than or equal to in precision. | +| test.c:24:3:24:10 | ... << ... | The operand x0 is shifted by an expression x4 which is greater than or equal to in precision. | +| test.c:25:3:25:10 | ... << ... | The operand x0 is shifted by an expression x5 which is greater than or equal to in precision. | +| test.c:26:3:26:10 | ... << ... | The operand x0 is shifted by an expression x6 which is greater than or equal to in precision. | +| test.c:27:3:27:10 | ... << ... | The operand x0 is shifted by an expression x7 which is greater than or equal to in precision. | +| test.c:28:3:28:10 | ... << ... | The operand x0 is shifted by an expression x8 which is greater than or equal to in precision. | +| test.c:29:3:29:10 | ... << ... | The operand x0 is shifted by an expression x9 which is greater than or equal to in precision. | +| test.c:30:3:30:11 | ... << ... | The operand x0 is shifted by an expression x10 which is greater than or equal to in precision. | +| test.c:31:3:31:11 | ... << ... | The operand x0 is shifted by an expression x11 which is greater than or equal to in precision. | +| test.c:32:3:32:11 | ... << ... | The operand x0 is shifted by an expression x12 which is greater than or equal to in precision. | +| test.c:33:3:33:11 | ... << ... | The operand x0 is shifted by an expression x13 which is greater than or equal to in precision. | +| test.c:34:3:34:11 | ... << ... | The operand x0 is shifted by an expression x14 which is greater than or equal to in precision. | +| test.c:35:3:35:10 | ... << ... | The operand x1 is shifted by an expression x0 which is greater than or equal to in precision. | +| test.c:36:3:36:10 | ... << ... | The operand x1 is shifted by an expression x1 which is greater than or equal to in precision. | +| test.c:37:3:37:10 | ... << ... | The operand x1 is shifted by an expression x2 which is greater than or equal to in precision. | +| test.c:38:3:38:10 | ... << ... | The operand x1 is shifted by an expression x3 which is greater than or equal to in precision. | +| test.c:39:3:39:10 | ... << ... | The operand x1 is shifted by an expression x4 which is greater than or equal to in precision. | +| test.c:40:3:40:10 | ... << ... | The operand x1 is shifted by an expression x5 which is greater than or equal to in precision. | +| test.c:41:3:41:10 | ... << ... | The operand x1 is shifted by an expression x6 which is greater than or equal to in precision. | +| test.c:42:3:42:10 | ... << ... | The operand x1 is shifted by an expression x7 which is greater than or equal to in precision. | +| test.c:43:3:43:10 | ... << ... | The operand x1 is shifted by an expression x8 which is greater than or equal to in precision. | +| test.c:44:3:44:10 | ... << ... | The operand x1 is shifted by an expression x9 which is greater than or equal to in precision. | +| test.c:45:3:45:11 | ... << ... | The operand x1 is shifted by an expression x10 which is greater than or equal to in precision. | +| test.c:46:3:46:11 | ... << ... | The operand x1 is shifted by an expression x11 which is greater than or equal to in precision. | +| test.c:47:3:47:11 | ... << ... | The operand x1 is shifted by an expression x12 which is greater than or equal to in precision. | +| test.c:48:3:48:11 | ... << ... | The operand x1 is shifted by an expression x13 which is greater than or equal to in precision. | +| test.c:49:3:49:11 | ... << ... | The operand x1 is shifted by an expression x14 which is greater than or equal to in precision. | +| test.c:50:3:50:10 | ... << ... | The operand x2 is shifted by an expression x0 which is greater than or equal to in precision. | +| test.c:51:3:51:10 | ... << ... | The operand x2 is shifted by an expression x1 which is greater than or equal to in precision. | +| test.c:52:3:52:10 | ... << ... | The operand x2 is shifted by an expression x2 which is greater than or equal to in precision. | +| test.c:53:3:53:10 | ... << ... | The operand x2 is shifted by an expression x3 which is greater than or equal to in precision. | +| test.c:54:3:54:10 | ... << ... | The operand x2 is shifted by an expression x4 which is greater than or equal to in precision. | +| test.c:55:3:55:10 | ... << ... | The operand x2 is shifted by an expression x5 which is greater than or equal to in precision. | +| test.c:56:3:56:10 | ... << ... | The operand x2 is shifted by an expression x6 which is greater than or equal to in precision. | +| test.c:57:3:57:10 | ... << ... | The operand x2 is shifted by an expression x7 which is greater than or equal to in precision. | +| test.c:58:3:58:10 | ... << ... | The operand x2 is shifted by an expression x8 which is greater than or equal to in precision. | +| test.c:59:3:59:10 | ... << ... | The operand x2 is shifted by an expression x9 which is greater than or equal to in precision. | +| test.c:60:3:60:11 | ... << ... | The operand x2 is shifted by an expression x10 which is greater than or equal to in precision. | +| test.c:61:3:61:11 | ... << ... | The operand x2 is shifted by an expression x11 which is greater than or equal to in precision. | +| test.c:62:3:62:11 | ... << ... | The operand x2 is shifted by an expression x12 which is greater than or equal to in precision. | +| test.c:63:3:63:11 | ... << ... | The operand x2 is shifted by an expression x13 which is greater than or equal to in precision. | +| test.c:64:3:64:11 | ... << ... | The operand x2 is shifted by an expression x14 which is greater than or equal to in precision. | +| test.c:68:3:68:10 | ... << ... | The operand x3 is shifted by an expression x3 which is greater than or equal to in precision. | +| test.c:71:3:71:10 | ... << ... | The operand x3 is shifted by an expression x6 which is greater than or equal to in precision. | +| test.c:72:3:72:10 | ... << ... | The operand x3 is shifted by an expression x7 which is greater than or equal to in precision. | +| test.c:73:3:73:10 | ... << ... | The operand x3 is shifted by an expression x8 which is greater than or equal to in precision. | +| test.c:74:3:74:10 | ... << ... | The operand x3 is shifted by an expression x9 which is greater than or equal to in precision. | +| test.c:75:3:75:11 | ... << ... | The operand x3 is shifted by an expression x10 which is greater than or equal to in precision. | +| test.c:76:3:76:11 | ... << ... | The operand x3 is shifted by an expression x11 which is greater than or equal to in precision. | +| test.c:77:3:77:11 | ... << ... | The operand x3 is shifted by an expression x12 which is greater than or equal to in precision. | +| test.c:78:3:78:11 | ... << ... | The operand x3 is shifted by an expression x13 which is greater than or equal to in precision. | +| test.c:79:3:79:11 | ... << ... | The operand x3 is shifted by an expression x14 which is greater than or equal to in precision. | +| test.c:83:3:83:10 | ... << ... | The operand x4 is shifted by an expression x3 which is greater than or equal to in precision. | +| test.c:84:3:84:10 | ... << ... | The operand x4 is shifted by an expression x4 which is greater than or equal to in precision. | +| test.c:85:3:85:10 | ... << ... | The operand x4 is shifted by an expression x5 which is greater than or equal to in precision. | +| test.c:86:3:86:10 | ... << ... | The operand x4 is shifted by an expression x6 which is greater than or equal to in precision. | +| test.c:87:3:87:10 | ... << ... | The operand x4 is shifted by an expression x7 which is greater than or equal to in precision. | +| test.c:88:3:88:10 | ... << ... | The operand x4 is shifted by an expression x8 which is greater than or equal to in precision. | +| test.c:89:3:89:10 | ... << ... | The operand x4 is shifted by an expression x9 which is greater than or equal to in precision. | +| test.c:90:3:90:11 | ... << ... | The operand x4 is shifted by an expression x10 which is greater than or equal to in precision. | +| test.c:91:3:91:11 | ... << ... | The operand x4 is shifted by an expression x11 which is greater than or equal to in precision. | +| test.c:92:3:92:11 | ... << ... | The operand x4 is shifted by an expression x12 which is greater than or equal to in precision. | +| test.c:93:3:93:11 | ... << ... | The operand x4 is shifted by an expression x13 which is greater than or equal to in precision. | +| test.c:94:3:94:11 | ... << ... | The operand x4 is shifted by an expression x14 which is greater than or equal to in precision. | +| test.c:98:3:98:10 | ... << ... | The operand x5 is shifted by an expression x3 which is greater than or equal to in precision. | +| test.c:99:3:99:10 | ... << ... | The operand x5 is shifted by an expression x4 which is greater than or equal to in precision. | +| test.c:100:3:100:10 | ... << ... | The operand x5 is shifted by an expression x5 which is greater than or equal to in precision. | +| test.c:101:3:101:10 | ... << ... | The operand x5 is shifted by an expression x6 which is greater than or equal to in precision. | +| test.c:102:3:102:10 | ... << ... | The operand x5 is shifted by an expression x7 which is greater than or equal to in precision. | +| test.c:103:3:103:10 | ... << ... | The operand x5 is shifted by an expression x8 which is greater than or equal to in precision. | +| test.c:104:3:104:10 | ... << ... | The operand x5 is shifted by an expression x9 which is greater than or equal to in precision. | +| test.c:105:3:105:11 | ... << ... | The operand x5 is shifted by an expression x10 which is greater than or equal to in precision. | +| test.c:106:3:106:11 | ... << ... | The operand x5 is shifted by an expression x11 which is greater than or equal to in precision. | +| test.c:107:3:107:11 | ... << ... | The operand x5 is shifted by an expression x12 which is greater than or equal to in precision. | +| test.c:108:3:108:11 | ... << ... | The operand x5 is shifted by an expression x13 which is greater than or equal to in precision. | +| test.c:109:3:109:11 | ... << ... | The operand x5 is shifted by an expression x14 which is greater than or equal to in precision. | +| test.c:116:3:116:10 | ... << ... | The operand x6 is shifted by an expression x6 which is greater than or equal to in precision. | +| test.c:119:3:119:10 | ... << ... | The operand x6 is shifted by an expression x9 which is greater than or equal to in precision. | +| test.c:122:3:122:11 | ... << ... | The operand x6 is shifted by an expression x12 which is greater than or equal to in precision. | +| test.c:123:3:123:11 | ... << ... | The operand x6 is shifted by an expression x13 which is greater than or equal to in precision. | +| test.c:124:3:124:11 | ... << ... | The operand x6 is shifted by an expression x14 which is greater than or equal to in precision. | +| test.c:131:3:131:10 | ... << ... | The operand x7 is shifted by an expression x6 which is greater than or equal to in precision. | +| test.c:132:3:132:10 | ... << ... | The operand x7 is shifted by an expression x7 which is greater than or equal to in precision. | +| test.c:133:3:133:10 | ... << ... | The operand x7 is shifted by an expression x8 which is greater than or equal to in precision. | +| test.c:134:3:134:10 | ... << ... | The operand x7 is shifted by an expression x9 which is greater than or equal to in precision. | +| test.c:135:3:135:11 | ... << ... | The operand x7 is shifted by an expression x10 which is greater than or equal to in precision. | +| test.c:136:3:136:11 | ... << ... | The operand x7 is shifted by an expression x11 which is greater than or equal to in precision. | +| test.c:137:3:137:11 | ... << ... | The operand x7 is shifted by an expression x12 which is greater than or equal to in precision. | +| test.c:138:3:138:11 | ... << ... | The operand x7 is shifted by an expression x13 which is greater than or equal to in precision. | +| test.c:139:3:139:11 | ... << ... | The operand x7 is shifted by an expression x14 which is greater than or equal to in precision. | +| test.c:146:3:146:10 | ... << ... | The operand x8 is shifted by an expression x6 which is greater than or equal to in precision. | +| test.c:147:3:147:10 | ... << ... | The operand x8 is shifted by an expression x7 which is greater than or equal to in precision. | +| test.c:148:3:148:10 | ... << ... | The operand x8 is shifted by an expression x8 which is greater than or equal to in precision. | +| test.c:149:3:149:10 | ... << ... | The operand x8 is shifted by an expression x9 which is greater than or equal to in precision. | +| test.c:150:3:150:11 | ... << ... | The operand x8 is shifted by an expression x10 which is greater than or equal to in precision. | +| test.c:151:3:151:11 | ... << ... | The operand x8 is shifted by an expression x11 which is greater than or equal to in precision. | +| test.c:152:3:152:11 | ... << ... | The operand x8 is shifted by an expression x12 which is greater than or equal to in precision. | +| test.c:153:3:153:11 | ... << ... | The operand x8 is shifted by an expression x13 which is greater than or equal to in precision. | +| test.c:154:3:154:11 | ... << ... | The operand x8 is shifted by an expression x14 which is greater than or equal to in precision. | +| test.c:161:3:161:10 | ... << ... | The operand x9 is shifted by an expression x6 which is greater than or equal to in precision. | +| test.c:164:3:164:10 | ... << ... | The operand x9 is shifted by an expression x9 which is greater than or equal to in precision. | +| test.c:167:3:167:11 | ... << ... | The operand x9 is shifted by an expression x12 which is greater than or equal to in precision. | +| test.c:168:3:168:11 | ... << ... | The operand x9 is shifted by an expression x13 which is greater than or equal to in precision. | +| test.c:169:3:169:11 | ... << ... | The operand x9 is shifted by an expression x14 which is greater than or equal to in precision. | +| test.c:176:3:176:11 | ... << ... | The operand x10 is shifted by an expression x6 which is greater than or equal to in precision. | +| test.c:177:3:177:11 | ... << ... | The operand x10 is shifted by an expression x7 which is greater than or equal to in precision. | +| test.c:178:3:178:11 | ... << ... | The operand x10 is shifted by an expression x8 which is greater than or equal to in precision. | +| test.c:179:3:179:11 | ... << ... | The operand x10 is shifted by an expression x9 which is greater than or equal to in precision. | +| test.c:180:3:180:12 | ... << ... | The operand x10 is shifted by an expression x10 which is greater than or equal to in precision. | +| test.c:182:3:182:12 | ... << ... | The operand x10 is shifted by an expression x11 which is greater than or equal to in precision. | +| test.c:184:3:184:12 | ... << ... | The operand x10 is shifted by an expression x12 which is greater than or equal to in precision. | +| test.c:186:3:186:12 | ... << ... | The operand x10 is shifted by an expression x13 which is greater than or equal to in precision. | +| test.c:188:3:188:12 | ... << ... | The operand x10 is shifted by an expression x14 which is greater than or equal to in precision. | +| test.c:196:3:196:11 | ... << ... | The operand x11 is shifted by an expression x6 which is greater than or equal to in precision. | +| test.c:197:3:197:11 | ... << ... | The operand x11 is shifted by an expression x7 which is greater than or equal to in precision. | +| test.c:198:3:198:11 | ... << ... | The operand x11 is shifted by an expression x8 which is greater than or equal to in precision. | +| test.c:199:3:199:11 | ... << ... | The operand x11 is shifted by an expression x9 which is greater than or equal to in precision. | +| test.c:200:3:200:12 | ... << ... | The operand x11 is shifted by an expression x10 which is greater than or equal to in precision. | +| test.c:202:3:202:12 | ... << ... | The operand x11 is shifted by an expression x11 which is greater than or equal to in precision. | +| test.c:204:3:204:12 | ... << ... | The operand x11 is shifted by an expression x12 which is greater than or equal to in precision. | +| test.c:206:3:206:12 | ... << ... | The operand x11 is shifted by an expression x13 which is greater than or equal to in precision. | +| test.c:208:3:208:12 | ... << ... | The operand x11 is shifted by an expression x14 which is greater than or equal to in precision. | +| test.c:222:3:222:12 | ... << ... | The operand x12 is shifted by an expression x12 which is greater than or equal to in precision. | +| test.c:238:3:238:12 | ... << ... | The operand x13 is shifted by an expression x12 which is greater than or equal to in precision. | +| test.c:240:3:240:12 | ... << ... | The operand x13 is shifted by an expression x13 which is greater than or equal to in precision. | +| test.c:242:3:242:12 | ... << ... | The operand x13 is shifted by an expression x14 which is greater than or equal to in precision. | +| test.c:256:3:256:12 | ... << ... | The operand x14 is shifted by an expression x12 which is greater than or equal to in precision. | +| test.c:258:3:258:12 | ... << ... | The operand x14 is shifted by an expression x13 which is greater than or equal to in precision. | +| test.c:260:3:260:12 | ... << ... | The operand x14 is shifted by an expression x14 which is greater than or equal to in precision. | +| test.c:265:3:265:10 | ... >> ... | The operand x0 is shifted by an expression x0 which is greater than or equal to in precision. | +| test.c:268:3:268:10 | ... >> ... | The operand x0 is shifted by an expression x3 which is greater than or equal to in precision. | +| test.c:269:3:269:10 | ... >> ... | The operand x0 is shifted by an expression x4 which is greater than or equal to in precision. | +| test.c:270:3:270:10 | ... >> ... | The operand x0 is shifted by an expression x5 which is greater than or equal to in precision. | +| test.c:271:3:271:10 | ... >> ... | The operand x0 is shifted by an expression x6 which is greater than or equal to in precision. | +| test.c:272:3:272:10 | ... >> ... | The operand x0 is shifted by an expression x7 which is greater than or equal to in precision. | +| test.c:273:3:273:10 | ... >> ... | The operand x0 is shifted by an expression x8 which is greater than or equal to in precision. | +| test.c:274:3:274:10 | ... >> ... | The operand x0 is shifted by an expression x9 which is greater than or equal to in precision. | +| test.c:275:3:275:11 | ... >> ... | The operand x0 is shifted by an expression x10 which is greater than or equal to in precision. | +| test.c:276:3:276:11 | ... >> ... | The operand x0 is shifted by an expression x11 which is greater than or equal to in precision. | +| test.c:277:3:277:11 | ... >> ... | The operand x0 is shifted by an expression x12 which is greater than or equal to in precision. | +| test.c:278:3:278:11 | ... >> ... | The operand x0 is shifted by an expression x13 which is greater than or equal to in precision. | +| test.c:279:3:279:11 | ... >> ... | The operand x0 is shifted by an expression x14 which is greater than or equal to in precision. | +| test.c:280:3:280:10 | ... >> ... | The operand x1 is shifted by an expression x0 which is greater than or equal to in precision. | +| test.c:281:3:281:10 | ... >> ... | The operand x1 is shifted by an expression x1 which is greater than or equal to in precision. | +| test.c:282:3:282:10 | ... >> ... | The operand x1 is shifted by an expression x2 which is greater than or equal to in precision. | +| test.c:283:3:283:10 | ... >> ... | The operand x1 is shifted by an expression x3 which is greater than or equal to in precision. | +| test.c:284:3:284:10 | ... >> ... | The operand x1 is shifted by an expression x4 which is greater than or equal to in precision. | +| test.c:285:3:285:10 | ... >> ... | The operand x1 is shifted by an expression x5 which is greater than or equal to in precision. | +| test.c:286:3:286:10 | ... >> ... | The operand x1 is shifted by an expression x6 which is greater than or equal to in precision. | +| test.c:287:3:287:10 | ... >> ... | The operand x1 is shifted by an expression x7 which is greater than or equal to in precision. | +| test.c:288:3:288:10 | ... >> ... | The operand x1 is shifted by an expression x8 which is greater than or equal to in precision. | +| test.c:289:3:289:10 | ... >> ... | The operand x1 is shifted by an expression x9 which is greater than or equal to in precision. | +| test.c:290:3:290:11 | ... >> ... | The operand x1 is shifted by an expression x10 which is greater than or equal to in precision. | +| test.c:291:3:291:11 | ... >> ... | The operand x1 is shifted by an expression x11 which is greater than or equal to in precision. | +| test.c:292:3:292:11 | ... >> ... | The operand x1 is shifted by an expression x12 which is greater than or equal to in precision. | +| test.c:293:3:293:11 | ... >> ... | The operand x1 is shifted by an expression x13 which is greater than or equal to in precision. | +| test.c:294:3:294:11 | ... >> ... | The operand x1 is shifted by an expression x14 which is greater than or equal to in precision. | +| test.c:295:3:295:10 | ... >> ... | The operand x2 is shifted by an expression x0 which is greater than or equal to in precision. | +| test.c:296:3:296:10 | ... >> ... | The operand x2 is shifted by an expression x1 which is greater than or equal to in precision. | +| test.c:297:3:297:10 | ... >> ... | The operand x2 is shifted by an expression x2 which is greater than or equal to in precision. | +| test.c:298:3:298:10 | ... >> ... | The operand x2 is shifted by an expression x3 which is greater than or equal to in precision. | +| test.c:299:3:299:10 | ... >> ... | The operand x2 is shifted by an expression x4 which is greater than or equal to in precision. | +| test.c:300:3:300:10 | ... >> ... | The operand x2 is shifted by an expression x5 which is greater than or equal to in precision. | +| test.c:301:3:301:10 | ... >> ... | The operand x2 is shifted by an expression x6 which is greater than or equal to in precision. | +| test.c:302:3:302:10 | ... >> ... | The operand x2 is shifted by an expression x7 which is greater than or equal to in precision. | +| test.c:303:3:303:10 | ... >> ... | The operand x2 is shifted by an expression x8 which is greater than or equal to in precision. | +| test.c:304:3:304:10 | ... >> ... | The operand x2 is shifted by an expression x9 which is greater than or equal to in precision. | +| test.c:305:3:305:11 | ... >> ... | The operand x2 is shifted by an expression x10 which is greater than or equal to in precision. | +| test.c:306:3:306:11 | ... >> ... | The operand x2 is shifted by an expression x11 which is greater than or equal to in precision. | +| test.c:307:3:307:11 | ... >> ... | The operand x2 is shifted by an expression x12 which is greater than or equal to in precision. | +| test.c:308:3:308:11 | ... >> ... | The operand x2 is shifted by an expression x13 which is greater than or equal to in precision. | +| test.c:309:3:309:11 | ... >> ... | The operand x2 is shifted by an expression x14 which is greater than or equal to in precision. | +| test.c:313:3:313:10 | ... >> ... | The operand x3 is shifted by an expression x3 which is greater than or equal to in precision. | +| test.c:316:3:316:10 | ... >> ... | The operand x3 is shifted by an expression x6 which is greater than or equal to in precision. | +| test.c:317:3:317:10 | ... >> ... | The operand x3 is shifted by an expression x7 which is greater than or equal to in precision. | +| test.c:318:3:318:10 | ... >> ... | The operand x3 is shifted by an expression x8 which is greater than or equal to in precision. | +| test.c:319:3:319:10 | ... >> ... | The operand x3 is shifted by an expression x9 which is greater than or equal to in precision. | +| test.c:320:3:320:11 | ... >> ... | The operand x3 is shifted by an expression x10 which is greater than or equal to in precision. | +| test.c:321:3:321:11 | ... >> ... | The operand x3 is shifted by an expression x11 which is greater than or equal to in precision. | +| test.c:322:3:322:11 | ... >> ... | The operand x3 is shifted by an expression x12 which is greater than or equal to in precision. | +| test.c:323:3:323:11 | ... >> ... | The operand x3 is shifted by an expression x13 which is greater than or equal to in precision. | +| test.c:324:3:324:11 | ... >> ... | The operand x3 is shifted by an expression x14 which is greater than or equal to in precision. | +| test.c:328:3:328:10 | ... >> ... | The operand x4 is shifted by an expression x3 which is greater than or equal to in precision. | +| test.c:329:3:329:10 | ... >> ... | The operand x4 is shifted by an expression x4 which is greater than or equal to in precision. | +| test.c:330:3:330:10 | ... >> ... | The operand x4 is shifted by an expression x5 which is greater than or equal to in precision. | +| test.c:331:3:331:10 | ... >> ... | The operand x4 is shifted by an expression x6 which is greater than or equal to in precision. | +| test.c:332:3:332:10 | ... >> ... | The operand x4 is shifted by an expression x7 which is greater than or equal to in precision. | +| test.c:333:3:333:10 | ... >> ... | The operand x4 is shifted by an expression x8 which is greater than or equal to in precision. | +| test.c:334:3:334:10 | ... >> ... | The operand x4 is shifted by an expression x9 which is greater than or equal to in precision. | +| test.c:335:3:335:11 | ... >> ... | The operand x4 is shifted by an expression x10 which is greater than or equal to in precision. | +| test.c:336:3:336:11 | ... >> ... | The operand x4 is shifted by an expression x11 which is greater than or equal to in precision. | +| test.c:337:3:337:11 | ... >> ... | The operand x4 is shifted by an expression x12 which is greater than or equal to in precision. | +| test.c:338:3:338:11 | ... >> ... | The operand x4 is shifted by an expression x13 which is greater than or equal to in precision. | +| test.c:339:3:339:11 | ... >> ... | The operand x4 is shifted by an expression x14 which is greater than or equal to in precision. | +| test.c:343:3:343:10 | ... >> ... | The operand x5 is shifted by an expression x3 which is greater than or equal to in precision. | +| test.c:344:3:344:10 | ... >> ... | The operand x5 is shifted by an expression x4 which is greater than or equal to in precision. | +| test.c:345:3:345:10 | ... >> ... | The operand x5 is shifted by an expression x5 which is greater than or equal to in precision. | +| test.c:346:3:346:10 | ... >> ... | The operand x5 is shifted by an expression x6 which is greater than or equal to in precision. | +| test.c:347:3:347:10 | ... >> ... | The operand x5 is shifted by an expression x7 which is greater than or equal to in precision. | +| test.c:348:3:348:10 | ... >> ... | The operand x5 is shifted by an expression x8 which is greater than or equal to in precision. | +| test.c:349:3:349:10 | ... >> ... | The operand x5 is shifted by an expression x9 which is greater than or equal to in precision. | +| test.c:350:3:350:11 | ... >> ... | The operand x5 is shifted by an expression x10 which is greater than or equal to in precision. | +| test.c:351:3:351:11 | ... >> ... | The operand x5 is shifted by an expression x11 which is greater than or equal to in precision. | +| test.c:352:3:352:11 | ... >> ... | The operand x5 is shifted by an expression x12 which is greater than or equal to in precision. | +| test.c:353:3:353:11 | ... >> ... | The operand x5 is shifted by an expression x13 which is greater than or equal to in precision. | +| test.c:354:3:354:11 | ... >> ... | The operand x5 is shifted by an expression x14 which is greater than or equal to in precision. | +| test.c:361:3:361:10 | ... >> ... | The operand x6 is shifted by an expression x6 which is greater than or equal to in precision. | +| test.c:364:3:364:10 | ... >> ... | The operand x6 is shifted by an expression x9 which is greater than or equal to in precision. | +| test.c:367:3:367:11 | ... >> ... | The operand x6 is shifted by an expression x12 which is greater than or equal to in precision. | +| test.c:368:3:368:11 | ... >> ... | The operand x6 is shifted by an expression x13 which is greater than or equal to in precision. | +| test.c:369:3:369:11 | ... >> ... | The operand x6 is shifted by an expression x14 which is greater than or equal to in precision. | +| test.c:376:3:376:10 | ... >> ... | The operand x7 is shifted by an expression x6 which is greater than or equal to in precision. | +| test.c:377:3:377:10 | ... >> ... | The operand x7 is shifted by an expression x7 which is greater than or equal to in precision. | +| test.c:378:3:378:10 | ... >> ... | The operand x7 is shifted by an expression x8 which is greater than or equal to in precision. | +| test.c:379:3:379:10 | ... >> ... | The operand x7 is shifted by an expression x9 which is greater than or equal to in precision. | +| test.c:380:3:380:11 | ... >> ... | The operand x7 is shifted by an expression x10 which is greater than or equal to in precision. | +| test.c:381:3:381:11 | ... >> ... | The operand x7 is shifted by an expression x11 which is greater than or equal to in precision. | +| test.c:382:3:382:11 | ... >> ... | The operand x7 is shifted by an expression x12 which is greater than or equal to in precision. | +| test.c:383:3:383:11 | ... >> ... | The operand x7 is shifted by an expression x13 which is greater than or equal to in precision. | +| test.c:384:3:384:11 | ... >> ... | The operand x7 is shifted by an expression x14 which is greater than or equal to in precision. | +| test.c:391:3:391:10 | ... >> ... | The operand x8 is shifted by an expression x6 which is greater than or equal to in precision. | +| test.c:392:3:392:10 | ... >> ... | The operand x8 is shifted by an expression x7 which is greater than or equal to in precision. | +| test.c:393:3:393:10 | ... >> ... | The operand x8 is shifted by an expression x8 which is greater than or equal to in precision. | +| test.c:394:3:394:10 | ... >> ... | The operand x8 is shifted by an expression x9 which is greater than or equal to in precision. | +| test.c:395:3:395:11 | ... >> ... | The operand x8 is shifted by an expression x10 which is greater than or equal to in precision. | +| test.c:396:3:396:11 | ... >> ... | The operand x8 is shifted by an expression x11 which is greater than or equal to in precision. | +| test.c:397:3:397:11 | ... >> ... | The operand x8 is shifted by an expression x12 which is greater than or equal to in precision. | +| test.c:398:3:398:11 | ... >> ... | The operand x8 is shifted by an expression x13 which is greater than or equal to in precision. | +| test.c:399:3:399:11 | ... >> ... | The operand x8 is shifted by an expression x14 which is greater than or equal to in precision. | +| test.c:406:3:406:10 | ... >> ... | The operand x9 is shifted by an expression x6 which is greater than or equal to in precision. | +| test.c:409:3:409:10 | ... >> ... | The operand x9 is shifted by an expression x9 which is greater than or equal to in precision. | +| test.c:412:3:412:11 | ... >> ... | The operand x9 is shifted by an expression x12 which is greater than or equal to in precision. | +| test.c:413:3:413:11 | ... >> ... | The operand x9 is shifted by an expression x13 which is greater than or equal to in precision. | +| test.c:414:3:414:11 | ... >> ... | The operand x9 is shifted by an expression x14 which is greater than or equal to in precision. | +| test.c:421:3:421:11 | ... >> ... | The operand x10 is shifted by an expression x6 which is greater than or equal to in precision. | +| test.c:422:3:422:11 | ... >> ... | The operand x10 is shifted by an expression x7 which is greater than or equal to in precision. | +| test.c:423:3:423:11 | ... >> ... | The operand x10 is shifted by an expression x8 which is greater than or equal to in precision. | +| test.c:424:3:424:11 | ... >> ... | The operand x10 is shifted by an expression x9 which is greater than or equal to in precision. | +| test.c:425:3:426:9 | ... >> ... | The operand x10 is shifted by an expression x10 which is greater than or equal to in precision. | +| test.c:427:3:428:9 | ... >> ... | The operand x10 is shifted by an expression x11 which is greater than or equal to in precision. | +| test.c:429:3:430:9 | ... >> ... | The operand x10 is shifted by an expression x12 which is greater than or equal to in precision. | +| test.c:431:3:432:9 | ... >> ... | The operand x10 is shifted by an expression x13 which is greater than or equal to in precision. | +| test.c:433:3:434:9 | ... >> ... | The operand x10 is shifted by an expression x14 which is greater than or equal to in precision. | +| test.c:441:3:441:11 | ... >> ... | The operand x11 is shifted by an expression x6 which is greater than or equal to in precision. | +| test.c:442:3:442:11 | ... >> ... | The operand x11 is shifted by an expression x7 which is greater than or equal to in precision. | +| test.c:443:3:443:11 | ... >> ... | The operand x11 is shifted by an expression x8 which is greater than or equal to in precision. | +| test.c:444:3:444:11 | ... >> ... | The operand x11 is shifted by an expression x9 which is greater than or equal to in precision. | +| test.c:445:3:446:9 | ... >> ... | The operand x11 is shifted by an expression x10 which is greater than or equal to in precision. | +| test.c:447:3:448:9 | ... >> ... | The operand x11 is shifted by an expression x11 which is greater than or equal to in precision. | +| test.c:449:3:450:9 | ... >> ... | The operand x11 is shifted by an expression x12 which is greater than or equal to in precision. | +| test.c:451:3:452:9 | ... >> ... | The operand x11 is shifted by an expression x13 which is greater than or equal to in precision. | +| test.c:453:3:454:9 | ... >> ... | The operand x11 is shifted by an expression x14 which is greater than or equal to in precision. | +| test.c:467:3:468:9 | ... >> ... | The operand x12 is shifted by an expression x12 which is greater than or equal to in precision. | +| test.c:483:3:484:9 | ... >> ... | The operand x13 is shifted by an expression x12 which is greater than or equal to in precision. | +| test.c:485:3:486:9 | ... >> ... | The operand x13 is shifted by an expression x13 which is greater than or equal to in precision. | +| test.c:487:3:488:9 | ... >> ... | The operand x13 is shifted by an expression x14 which is greater than or equal to in precision. | +| test.c:501:3:502:9 | ... >> ... | The operand x14 is shifted by an expression x12 which is greater than or equal to in precision. | +| test.c:503:3:504:9 | ... >> ... | The operand x14 is shifted by an expression x13 which is greater than or equal to in precision. | +| test.c:505:3:506:9 | ... >> ... | The operand x14 is shifted by an expression x14 which is greater than or equal to in precision. | +| test.c:510:3:510:10 | ... << ... | The operand x0 is shifted by a negative expression -1. | +| test.c:511:3:511:10 | ... << ... | The operand x1 is shifted by a negative expression -1. | +| test.c:512:3:512:10 | ... << ... | The operand x2 is shifted by a negative expression -1. | +| test.c:513:3:513:10 | ... << ... | The operand x3 is shifted by a negative expression -1. | +| test.c:514:3:514:10 | ... << ... | The operand x4 is shifted by a negative expression -1. | +| test.c:515:3:515:10 | ... << ... | The operand x5 is shifted by a negative expression -1. | +| test.c:516:3:516:10 | ... << ... | The operand x6 is shifted by a negative expression -1. | +| test.c:517:3:517:10 | ... << ... | The operand x7 is shifted by a negative expression -1. | +| test.c:518:3:518:10 | ... << ... | The operand x8 is shifted by a negative expression -1. | +| test.c:519:3:519:10 | ... << ... | The operand x9 is shifted by a negative expression -1. | +| test.c:520:3:520:11 | ... << ... | The operand x10 is shifted by a negative expression -1. | +| test.c:521:3:521:11 | ... << ... | The operand x11 is shifted by a negative expression -1. | +| test.c:522:3:522:11 | ... << ... | The operand x12 is shifted by a negative expression -1. | +| test.c:523:3:523:11 | ... << ... | The operand x13 is shifted by a negative expression -1. | +| test.c:524:3:524:11 | ... << ... | The operand x14 is shifted by a negative expression -1. | From c8036804198d85c6d8a5d0d5482538b492f7d6f0 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Thu, 2 Mar 2023 23:15:56 +0000 Subject: [PATCH 0585/2573] RULE-21-6: Simplify alert msg, remove std headers --- ...StandardLibraryInputoutputFunctionsUsed.ql | 2 +- ...rdLibraryInputoutputFunctionsUsed.expected | 14 +- c/misra/test/rules/RULE-21-6/stdio.h | 222 ------------------ c/misra/test/rules/RULE-21-6/test.c | 4 +- c/misra/test/rules/RULE-21-6/wchar.h | 205 ---------------- 5 files changed, 10 insertions(+), 437 deletions(-) delete mode 100644 c/misra/test/rules/RULE-21-6/stdio.h delete mode 100644 c/misra/test/rules/RULE-21-6/wchar.h diff --git a/c/misra/src/rules/RULE-21-6/StandardLibraryInputoutputFunctionsUsed.ql b/c/misra/src/rules/RULE-21-6/StandardLibraryInputoutputFunctionsUsed.ql index 008d8be1e3..8976e87c2f 100644 --- a/c/misra/src/rules/RULE-21-6/StandardLibraryInputoutputFunctionsUsed.ql +++ b/c/misra/src/rules/RULE-21-6/StandardLibraryInputoutputFunctionsUsed.ql @@ -49,4 +49,4 @@ where f.getName() = wcharInputOutput() and f.getFile().getBaseName() = "wchar.h" ) -select fc, "Call to banned function $@.", f, f.getName() +select fc, "Call to banned function " + f.getName() + "." diff --git a/c/misra/test/rules/RULE-21-6/StandardLibraryInputoutputFunctionsUsed.expected b/c/misra/test/rules/RULE-21-6/StandardLibraryInputoutputFunctionsUsed.expected index a818731be0..0dee7e9b3d 100644 --- a/c/misra/test/rules/RULE-21-6/StandardLibraryInputoutputFunctionsUsed.expected +++ b/c/misra/test/rules/RULE-21-6/StandardLibraryInputoutputFunctionsUsed.expected @@ -1,7 +1,7 @@ -| test.c:8:10:8:14 | call to scanf | Call to banned function $@. | stdio.h:117:5:117:9 | scanf | scanf | -| test.c:9:5:9:10 | call to printf | Call to banned function $@. | stdio.h:107:5:107:10 | printf | printf | -| test.c:16:16:16:21 | call to fgetwc | Call to banned function $@. | wchar.h:125:8:125:13 | fgetwc | fgetwc | -| test.c:17:5:17:12 | call to putwchar | Call to banned function $@. | wchar.h:131:8:131:15 | putwchar | putwchar | -| test.c:22:7:22:10 | call to puts | Call to banned function $@. | stdio.h:105:5:105:8 | puts | puts | -| test.c:24:7:24:10 | call to puts | Call to banned function $@. | stdio.h:105:5:105:8 | puts | puts | -| test.c:26:5:26:8 | call to puts | Call to banned function $@. | stdio.h:105:5:105:8 | puts | puts | +| test.c:8:10:8:14 | call to scanf | Call to banned function scanf. | +| test.c:9:5:9:10 | call to printf | Call to banned function printf. | +| test.c:16:16:16:21 | call to fgetwc | Call to banned function fgetwc. | +| test.c:17:5:17:12 | call to putwchar | Call to banned function putwchar. | +| test.c:22:7:22:10 | call to puts | Call to banned function puts. | +| test.c:24:7:24:10 | call to puts | Call to banned function puts. | +| test.c:26:5:26:8 | call to puts | Call to banned function puts. | diff --git a/c/misra/test/rules/RULE-21-6/stdio.h b/c/misra/test/rules/RULE-21-6/stdio.h deleted file mode 100644 index 3604198c3e..0000000000 --- a/c/misra/test/rules/RULE-21-6/stdio.h +++ /dev/null @@ -1,222 +0,0 @@ -#ifndef _STDIO_H -#define _STDIO_H - -#ifdef __cplusplus -extern "C" { -#endif - -#include - -#define __NEED_FILE -#define __NEED___isoc_va_list -#define __NEED_size_t - -#if __STDC_VERSION__ < 201112L -#define __NEED_struct__IO_FILE -#endif - -#if defined(_POSIX_SOURCE) || defined(_POSIX_C_SOURCE) \ - || defined(_XOPEN_SOURCE) || defined(_GNU_SOURCE) \ - || defined(_BSD_SOURCE) -#define __NEED_ssize_t -#define __NEED_off_t -#define __NEED_va_list -#endif - -#include - -#ifdef __cplusplus -#define NULL 0L -#else -#define NULL ((void*)0) -#endif - -#undef EOF -#define EOF (-1) - -#undef SEEK_SET -#undef SEEK_CUR -#undef SEEK_END -#define SEEK_SET 0 -#define SEEK_CUR 1 -#define SEEK_END 2 - -#define _IOFBF 0 -#define _IOLBF 1 -#define _IONBF 2 - -#define BUFSIZ 1024 -#define FILENAME_MAX 4096 -#define FOPEN_MAX 1000 -#define TMP_MAX 10000 -#define L_tmpnam 20 - -typedef union _G_fpos64_t { - char __opaque[16]; - long long __lldata; - double __align; -} fpos_t; - -extern FILE *const stdin; -extern FILE *const stdout; -extern FILE *const stderr; - -#define stdin (stdin) -#define stdout (stdout) -#define stderr (stderr) - -FILE *fopen(const char *__restrict, const char *__restrict); -FILE *freopen(const char *__restrict, const char *__restrict, FILE *__restrict); -int fclose(FILE *); - -int remove(const char *); -int rename(const char *, const char *); - -int feof(FILE *); -int ferror(FILE *); -int fflush(FILE *); -void clearerr(FILE *); - -int fseek(FILE *, long, int); -long ftell(FILE *); -void rewind(FILE *); - -int fgetpos(FILE *__restrict, fpos_t *__restrict); -int fsetpos(FILE *, const fpos_t *); - -size_t fread(void *__restrict, size_t, size_t, FILE *__restrict); -size_t fwrite(const void *__restrict, size_t, size_t, FILE *__restrict); - -int fgetc(FILE *); -int getc(FILE *); -int getchar(void); -int ungetc(int, FILE *); - -int fputc(int, FILE *); -int putc(int, FILE *); -int putchar(int); - -char *fgets(char *__restrict, int, FILE *__restrict); -#if __STDC_VERSION__ < 201112L -char *gets(char *); -#endif - -int fputs(const char *__restrict, FILE *__restrict); -int puts(const char *); - -int printf(const char *__restrict, ...); -int fprintf(FILE *__restrict, const char *__restrict, ...); -int sprintf(char *__restrict, const char *__restrict, ...); -int snprintf(char *__restrict, size_t, const char *__restrict, ...); - -int vprintf(const char *__restrict, __isoc_va_list); -int vfprintf(FILE *__restrict, const char *__restrict, __isoc_va_list); -int vsprintf(char *__restrict, const char *__restrict, __isoc_va_list); -int vsnprintf(char *__restrict, size_t, const char *__restrict, __isoc_va_list); - -int scanf(const char *__restrict, ...); -int fscanf(FILE *__restrict, const char *__restrict, ...); -int sscanf(const char *__restrict, const char *__restrict, ...); -int vscanf(const char *__restrict, __isoc_va_list); -int vfscanf(FILE *__restrict, const char *__restrict, __isoc_va_list); -int vsscanf(const char *__restrict, const char *__restrict, __isoc_va_list); - -void perror(const char *); - -int setvbuf(FILE *__restrict, char *__restrict, int, size_t); -void setbuf(FILE *__restrict, char *__restrict); - -char *tmpnam(char *); -FILE *tmpfile(void); - -#if defined(_POSIX_SOURCE) || defined(_POSIX_C_SOURCE) \ - || defined(_XOPEN_SOURCE) || defined(_GNU_SOURCE) \ - || defined(_BSD_SOURCE) -FILE *fmemopen(void *__restrict, size_t, const char *__restrict); -FILE *open_memstream(char **, size_t *); -FILE *fdopen(int, const char *); -FILE *popen(const char *, const char *); -int pclose(FILE *); -int fileno(FILE *); -int fseeko(FILE *, off_t, int); -off_t ftello(FILE *); -int dprintf(int, const char *__restrict, ...); -int vdprintf(int, const char *__restrict, __isoc_va_list); -void flockfile(FILE *); -int ftrylockfile(FILE *); -void funlockfile(FILE *); -int getc_unlocked(FILE *); -int getchar_unlocked(void); -int putc_unlocked(int, FILE *); -int putchar_unlocked(int); -ssize_t getdelim(char **__restrict, size_t *__restrict, int, FILE *__restrict); -ssize_t getline(char **__restrict, size_t *__restrict, FILE *__restrict); -int renameat(int, const char *, int, const char *); -char *ctermid(char *); -#define L_ctermid 20 -#endif - - -#if defined(_XOPEN_SOURCE) || defined(_GNU_SOURCE) \ - || defined(_BSD_SOURCE) -#define P_tmpdir "/tmp" -char *tempnam(const char *, const char *); -#endif - -#if defined(_GNU_SOURCE) || defined(_BSD_SOURCE) -#define L_cuserid 20 -char *cuserid(char *); -void setlinebuf(FILE *); -void setbuffer(FILE *, char *, size_t); -int fgetc_unlocked(FILE *); -int fputc_unlocked(int, FILE *); -int fflush_unlocked(FILE *); -size_t fread_unlocked(void *, size_t, size_t, FILE *); -size_t fwrite_unlocked(const void *, size_t, size_t, FILE *); -void clearerr_unlocked(FILE *); -int feof_unlocked(FILE *); -int ferror_unlocked(FILE *); -int fileno_unlocked(FILE *); -int getw(FILE *); -int putw(int, FILE *); -char *fgetln(FILE *, size_t *); -int asprintf(char **, const char *, ...); -int vasprintf(char **, const char *, __isoc_va_list); -#endif - -#ifdef _GNU_SOURCE -char *fgets_unlocked(char *, int, FILE *); -int fputs_unlocked(const char *, FILE *); - -typedef ssize_t (cookie_read_function_t)(void *, char *, size_t); -typedef ssize_t (cookie_write_function_t)(void *, const char *, size_t); -typedef int (cookie_seek_function_t)(void *, off_t *, int); -typedef int (cookie_close_function_t)(void *); - -typedef struct _IO_cookie_io_functions_t { - cookie_read_function_t *read; - cookie_write_function_t *write; - cookie_seek_function_t *seek; - cookie_close_function_t *close; -} cookie_io_functions_t; - -FILE *fopencookie(void *, const char *, cookie_io_functions_t); -#endif - -#if defined(_LARGEFILE64_SOURCE) || defined(_GNU_SOURCE) -#define tmpfile64 tmpfile -#define fopen64 fopen -#define freopen64 freopen -#define fseeko64 fseeko -#define ftello64 ftello -#define fgetpos64 fgetpos -#define fsetpos64 fsetpos -#define fpos64_t fpos_t -#define off64_t off_t -#endif - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/c/misra/test/rules/RULE-21-6/test.c b/c/misra/test/rules/RULE-21-6/test.c index 7094891454..0ae580164e 100644 --- a/c/misra/test/rules/RULE-21-6/test.c +++ b/c/misra/test/rules/RULE-21-6/test.c @@ -1,8 +1,8 @@ -#include "stdio.h" -#include "wchar.h" #include #include +#include #include +#include void f1() { int n; while (scanf("%d", &n) == 1) // NON_COMPLIANT diff --git a/c/misra/test/rules/RULE-21-6/wchar.h b/c/misra/test/rules/RULE-21-6/wchar.h deleted file mode 100644 index 88eb55b18c..0000000000 --- a/c/misra/test/rules/RULE-21-6/wchar.h +++ /dev/null @@ -1,205 +0,0 @@ -#ifndef _WCHAR_H -#define _WCHAR_H - -#ifdef __cplusplus -extern "C" { -#endif - -#include - -#define __NEED_FILE -#define __NEED___isoc_va_list -#define __NEED_size_t -#define __NEED_wchar_t -#define __NEED_wint_t -#define __NEED_mbstate_t - -#if __STDC_VERSION__ < 201112L -#define __NEED_struct__IO_FILE -#endif - -#if defined(_POSIX_SOURCE) || defined(_POSIX_C_SOURCE) \ - || defined(_XOPEN_SOURCE) || defined(_GNU_SOURCE) || defined(_BSD_SOURCE) -#define __NEED_locale_t -#define __NEED_va_list -#endif - -#if defined(_XOPEN_SOURCE) || defined(_GNU_SOURCE) || defined(_BSD_SOURCE) -#define __NEED_wctype_t -#endif - -#include - -#if L'\0'-1 > 0 -#define WCHAR_MAX (0xffffffffu+L'\0') -#define WCHAR_MIN (0+L'\0') -#else -#define WCHAR_MAX (0x7fffffff+L'\0') -#define WCHAR_MIN (-1-0x7fffffff+L'\0') -#endif - -#ifdef __cplusplus -#define NULL 0L -#else -#define NULL ((void*)0) -#endif - -#undef WEOF -#define WEOF 0xffffffffU - -wchar_t *wcscpy (wchar_t *__restrict, const wchar_t *__restrict); -wchar_t *wcsncpy (wchar_t *__restrict, const wchar_t *__restrict, size_t); - -wchar_t *wcscat (wchar_t *__restrict, const wchar_t *__restrict); -wchar_t *wcsncat (wchar_t *__restrict, const wchar_t *__restrict, size_t); - -int wcscmp (const wchar_t *, const wchar_t *); -int wcsncmp (const wchar_t *, const wchar_t *, size_t); - -int wcscoll(const wchar_t *, const wchar_t *); -size_t wcsxfrm (wchar_t *__restrict, const wchar_t *__restrict, size_t); - -wchar_t *wcschr (const wchar_t *, wchar_t); -wchar_t *wcsrchr (const wchar_t *, wchar_t); - -size_t wcscspn (const wchar_t *, const wchar_t *); -size_t wcsspn (const wchar_t *, const wchar_t *); -wchar_t *wcspbrk (const wchar_t *, const wchar_t *); - -wchar_t *wcstok (wchar_t *__restrict, const wchar_t *__restrict, wchar_t **__restrict); - -size_t wcslen (const wchar_t *); - -wchar_t *wcsstr (const wchar_t *__restrict, const wchar_t *__restrict); -wchar_t *wcswcs (const wchar_t *, const wchar_t *); - -wchar_t *wmemchr (const wchar_t *, wchar_t, size_t); -int wmemcmp (const wchar_t *, const wchar_t *, size_t); -wchar_t *wmemcpy (wchar_t *__restrict, const wchar_t *__restrict, size_t); -wchar_t *wmemmove (wchar_t *, const wchar_t *, size_t); -wchar_t *wmemset (wchar_t *, wchar_t, size_t); - -wint_t btowc (int); -int wctob (wint_t); - -int mbsinit (const mbstate_t *); -size_t mbrtowc (wchar_t *__restrict, const char *__restrict, size_t, mbstate_t *__restrict); -size_t wcrtomb (char *__restrict, wchar_t, mbstate_t *__restrict); - -size_t mbrlen (const char *__restrict, size_t, mbstate_t *__restrict); - -size_t mbsrtowcs (wchar_t *__restrict, const char **__restrict, size_t, mbstate_t *__restrict); -size_t wcsrtombs (char *__restrict, const wchar_t **__restrict, size_t, mbstate_t *__restrict); - -float wcstof (const wchar_t *__restrict, wchar_t **__restrict); -double wcstod (const wchar_t *__restrict, wchar_t **__restrict); -long double wcstold (const wchar_t *__restrict, wchar_t **__restrict); - -long wcstol (const wchar_t *__restrict, wchar_t **__restrict, int); -unsigned long wcstoul (const wchar_t *__restrict, wchar_t **__restrict, int); - -long long wcstoll (const wchar_t *__restrict, wchar_t **__restrict, int); -unsigned long long wcstoull (const wchar_t *__restrict, wchar_t **__restrict, int); - - - -int fwide (FILE *, int); - - -int wprintf (const wchar_t *__restrict, ...); -int fwprintf (FILE *__restrict, const wchar_t *__restrict, ...); -int swprintf (wchar_t *__restrict, size_t, const wchar_t *__restrict, ...); - -int vwprintf (const wchar_t *__restrict, __isoc_va_list); -int vfwprintf (FILE *__restrict, const wchar_t *__restrict, __isoc_va_list); -int vswprintf (wchar_t *__restrict, size_t, const wchar_t *__restrict, __isoc_va_list); - -int wscanf (const wchar_t *__restrict, ...); -int fwscanf (FILE *__restrict, const wchar_t *__restrict, ...); -int swscanf (const wchar_t *__restrict, const wchar_t *__restrict, ...); - -int vwscanf (const wchar_t *__restrict, __isoc_va_list); -int vfwscanf (FILE *__restrict, const wchar_t *__restrict, __isoc_va_list); -int vswscanf (const wchar_t *__restrict, const wchar_t *__restrict, __isoc_va_list); - -wint_t fgetwc (FILE *); -wint_t getwc (FILE *); -wint_t getwchar (void); - -wint_t fputwc (wchar_t, FILE *); -wint_t putwc (wchar_t, FILE *); -wint_t putwchar (wchar_t); - -wchar_t *fgetws (wchar_t *__restrict, int, FILE *__restrict); -int fputws (const wchar_t *__restrict, FILE *__restrict); - -wint_t ungetwc (wint_t, FILE *); - -struct tm; -size_t wcsftime (wchar_t *__restrict, size_t, const wchar_t *__restrict, const struct tm *__restrict); - -#undef iswdigit - -#if defined(_GNU_SOURCE) -wint_t fgetwc_unlocked (FILE *); -wint_t getwc_unlocked (FILE *); -wint_t getwchar_unlocked (void); -wint_t fputwc_unlocked (wchar_t, FILE *); -wint_t putwc_unlocked (wchar_t, FILE *); -wint_t putwchar_unlocked (wchar_t); -wchar_t *fgetws_unlocked (wchar_t *__restrict, int, FILE *__restrict); -int fputws_unlocked (const wchar_t *__restrict, FILE *__restrict); -#endif - -#if defined(_GNU_SOURCE) || defined(_BSD_SOURCE) -size_t wcsftime_l (wchar_t *__restrict, size_t, const wchar_t *__restrict, const struct tm *__restrict, locale_t); -#endif - -#if defined(_POSIX_SOURCE) || defined(_POSIX_C_SOURCE) \ - || defined(_XOPEN_SOURCE) || defined(_GNU_SOURCE) || defined(_BSD_SOURCE) -FILE *open_wmemstream(wchar_t **, size_t *); -size_t mbsnrtowcs(wchar_t *__restrict, const char **__restrict, size_t, size_t, mbstate_t *__restrict); -size_t wcsnrtombs(char *__restrict, const wchar_t **__restrict, size_t, size_t, mbstate_t *__restrict); -wchar_t *wcsdup(const wchar_t *); -size_t wcsnlen (const wchar_t *, size_t); -wchar_t *wcpcpy (wchar_t *__restrict, const wchar_t *__restrict); -wchar_t *wcpncpy (wchar_t *__restrict, const wchar_t *__restrict, size_t); -int wcscasecmp(const wchar_t *, const wchar_t *); -int wcscasecmp_l(const wchar_t *, const wchar_t *, locale_t); -int wcsncasecmp(const wchar_t *, const wchar_t *, size_t); -int wcsncasecmp_l(const wchar_t *, const wchar_t *, size_t, locale_t); -int wcscoll_l(const wchar_t *, const wchar_t *, locale_t); -size_t wcsxfrm_l(wchar_t *__restrict, const wchar_t *__restrict, size_t, locale_t); -#endif - -#if defined(_XOPEN_SOURCE) || defined(_GNU_SOURCE) || defined(_BSD_SOURCE) -int wcwidth (wchar_t); -int wcswidth (const wchar_t *, size_t); -int iswalnum(wint_t); -int iswalpha(wint_t); -int iswblank(wint_t); -int iswcntrl(wint_t); -int iswdigit(wint_t); -int iswgraph(wint_t); -int iswlower(wint_t); -int iswprint(wint_t); -int iswpunct(wint_t); -int iswspace(wint_t); -int iswupper(wint_t); -int iswxdigit(wint_t); -int iswctype(wint_t, wctype_t); -wint_t towlower(wint_t); -wint_t towupper(wint_t); -wctype_t wctype(const char *); - -#ifndef __cplusplus -#undef iswdigit -#define iswdigit(a) (0 ? iswdigit(a) : ((unsigned)(a)-'0') < 10) -#endif -#endif - -#ifdef __cplusplus -} -#endif - -#endif From ca787951426d4df1764aca5dea2ea86ac2acac98 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Thu, 2 Mar 2023 23:18:51 +0000 Subject: [PATCH 0586/2573] RULE-21-7: Simplify alert message, remove stdlib.h --- .../AtofAtoiAtolAndAtollOfStdlibhUsed.ql | 2 +- ...AtofAtoiAtolAndAtollOfStdlibhUsed.expected | 8 +- c/misra/test/rules/RULE-21-7/stdlib.h | 176 ------------------ c/misra/test/rules/RULE-21-7/test.c | 2 +- 4 files changed, 6 insertions(+), 182 deletions(-) delete mode 100644 c/misra/test/rules/RULE-21-7/stdlib.h diff --git a/c/misra/src/rules/RULE-21-7/AtofAtoiAtolAndAtollOfStdlibhUsed.ql b/c/misra/src/rules/RULE-21-7/AtofAtoiAtolAndAtollOfStdlibhUsed.ql index 817ff2ae8c..f834201cbd 100644 --- a/c/misra/src/rules/RULE-21-7/AtofAtoiAtolAndAtollOfStdlibhUsed.ql +++ b/c/misra/src/rules/RULE-21-7/AtofAtoiAtolAndAtollOfStdlibhUsed.ql @@ -22,4 +22,4 @@ where f = fc.getTarget() and f.getName() = atoi() and f.getFile().getBaseName() = "stdlib.h" -select fc, "Call to banned function $@.", f, f.getName() +select fc, "Call to banned function " + f.getName() + "." diff --git a/c/misra/test/rules/RULE-21-7/AtofAtoiAtolAndAtollOfStdlibhUsed.expected b/c/misra/test/rules/RULE-21-7/AtofAtoiAtolAndAtollOfStdlibhUsed.expected index a4ab0d6902..29a0c6fac1 100644 --- a/c/misra/test/rules/RULE-21-7/AtofAtoiAtolAndAtollOfStdlibhUsed.expected +++ b/c/misra/test/rules/RULE-21-7/AtofAtoiAtolAndAtollOfStdlibhUsed.expected @@ -1,4 +1,4 @@ -| test.c:6:14:6:17 | call to atof | Call to banned function $@. | stdlib.h:24:8:24:11 | atof | atof | -| test.c:7:12:7:15 | call to atoi | Call to banned function $@. | stdlib.h:21:5:21:8 | atoi | atoi | -| test.c:8:13:8:16 | call to atol | Call to banned function $@. | stdlib.h:22:6:22:9 | atol | atol | -| test.c:9:18:9:22 | call to atoll | Call to banned function $@. | stdlib.h:23:11:23:15 | atoll | atoll | +| test.c:6:14:6:17 | call to atof | Call to banned function atof. | +| test.c:7:12:7:15 | call to atoi | Call to banned function atoi. | +| test.c:8:13:8:16 | call to atol | Call to banned function atol. | +| test.c:9:18:9:22 | call to atoll | Call to banned function atoll. | diff --git a/c/misra/test/rules/RULE-21-7/stdlib.h b/c/misra/test/rules/RULE-21-7/stdlib.h deleted file mode 100644 index b54a051fe9..0000000000 --- a/c/misra/test/rules/RULE-21-7/stdlib.h +++ /dev/null @@ -1,176 +0,0 @@ -#ifndef _STDLIB_H -#define _STDLIB_H - -#ifdef __cplusplus -extern "C" { -#endif - -#include - -#ifdef __cplusplus -#define NULL 0L -#else -#define NULL ((void*)0) -#endif - -#define __NEED_size_t -#define __NEED_wchar_t - -#include - -int atoi (const char *); -long atol (const char *); -long long atoll (const char *); -double atof (const char *); - -float strtof (const char *__restrict, char **__restrict); -double strtod (const char *__restrict, char **__restrict); -long double strtold (const char *__restrict, char **__restrict); - -long strtol (const char *__restrict, char **__restrict, int); -unsigned long strtoul (const char *__restrict, char **__restrict, int); -long long strtoll (const char *__restrict, char **__restrict, int); -unsigned long long strtoull (const char *__restrict, char **__restrict, int); - -int rand (void); -void srand (unsigned); - -void *malloc (size_t); -void *calloc (size_t, size_t); -void *realloc (void *, size_t); -void free (void *); -void *aligned_alloc(size_t, size_t); - -_Noreturn void abort (void); -int atexit (void (*) (void)); -_Noreturn void exit (int); -_Noreturn void _Exit (int); -int at_quick_exit (void (*) (void)); -_Noreturn void quick_exit (int); - -char *getenv (const char *); - -int system (const char *); - -void *bsearch (const void *, const void *, size_t, size_t, int (*)(const void *, const void *)); -void qsort (void *, size_t, size_t, int (*)(const void *, const void *)); - -int abs (int); -long labs (long); -long long llabs (long long); - -typedef struct { int quot, rem; } div_t; -typedef struct { long quot, rem; } ldiv_t; -typedef struct { long long quot, rem; } lldiv_t; - -div_t div (int, int); -ldiv_t ldiv (long, long); -lldiv_t lldiv (long long, long long); - -int mblen (const char *, size_t); -int mbtowc (wchar_t *__restrict, const char *__restrict, size_t); -int wctomb (char *, wchar_t); -size_t mbstowcs (wchar_t *__restrict, const char *__restrict, size_t); -size_t wcstombs (char *__restrict, const wchar_t *__restrict, size_t); - -#define EXIT_FAILURE 1 -#define EXIT_SUCCESS 0 - -size_t __ctype_get_mb_cur_max(void); -#define MB_CUR_MAX (__ctype_get_mb_cur_max()) - -#define RAND_MAX (0x7fffffff) - - -#if defined(_POSIX_SOURCE) || defined(_POSIX_C_SOURCE) \ - || defined(_XOPEN_SOURCE) || defined(_GNU_SOURCE) \ - || defined(_BSD_SOURCE) - -#define WNOHANG 1 -#define WUNTRACED 2 - -#define WEXITSTATUS(s) (((s) & 0xff00) >> 8) -#define WTERMSIG(s) ((s) & 0x7f) -#define WSTOPSIG(s) WEXITSTATUS(s) -#define WIFEXITED(s) (!WTERMSIG(s)) -#define WIFSTOPPED(s) ((short)((((s)&0xffff)*0x10001)>>8) > 0x7f00) -#define WIFSIGNALED(s) (((s)&0xffff)-1U < 0xffu) - -int posix_memalign (void **, size_t, size_t); -int setenv (const char *, const char *, int); -int unsetenv (const char *); -int mkstemp (char *); -int mkostemp (char *, int); -char *mkdtemp (char *); -int getsubopt (char **, char *const *, char **); -int rand_r (unsigned *); - -#endif - - -#if defined(_XOPEN_SOURCE) || defined(_GNU_SOURCE) \ - || defined(_BSD_SOURCE) -char *realpath (const char *__restrict, char *__restrict); -long int random (void); -void srandom (unsigned int); -char *initstate (unsigned int, char *, size_t); -char *setstate (char *); -int putenv (char *); -int posix_openpt (int); -int grantpt (int); -int unlockpt (int); -char *ptsname (int); -char *l64a (long); -long a64l (const char *); -void setkey (const char *); -double drand48 (void); -double erand48 (unsigned short [3]); -long int lrand48 (void); -long int nrand48 (unsigned short [3]); -long mrand48 (void); -long jrand48 (unsigned short [3]); -void srand48 (long); -unsigned short *seed48 (unsigned short [3]); -void lcong48 (unsigned short [7]); -#endif - -#if defined(_GNU_SOURCE) || defined(_BSD_SOURCE) -#include -char *mktemp (char *); -int mkstemps (char *, int); -int mkostemps (char *, int, int); -void *valloc (size_t); -void *memalign(size_t, size_t); -int getloadavg(double *, int); -int clearenv(void); -#define WCOREDUMP(s) ((s) & 0x80) -#define WIFCONTINUED(s) ((s) == 0xffff) -void *reallocarray (void *, size_t, size_t); -#endif - -#ifdef _GNU_SOURCE -int ptsname_r(int, char *, size_t); -char *ecvt(double, int, int *, int *); -char *fcvt(double, int, int *, int *); -char *gcvt(double, int, char *); -char *secure_getenv(const char *); -struct __locale_struct; -float strtof_l(const char *__restrict, char **__restrict, struct __locale_struct *); -double strtod_l(const char *__restrict, char **__restrict, struct __locale_struct *); -long double strtold_l(const char *__restrict, char **__restrict, struct __locale_struct *); -#endif - -#if defined(_LARGEFILE64_SOURCE) || defined(_GNU_SOURCE) -#define mkstemp64 mkstemp -#define mkostemp64 mkostemp -#if defined(_GNU_SOURCE) || defined(_BSD_SOURCE) -#define mkstemps64 mkstemps -#define mkostemps64 mkostemps -#endif -#endif - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/c/misra/test/rules/RULE-21-7/test.c b/c/misra/test/rules/RULE-21-7/test.c index 6c3c2d18eb..141dd061d3 100644 --- a/c/misra/test/rules/RULE-21-7/test.c +++ b/c/misra/test/rules/RULE-21-7/test.c @@ -1,5 +1,5 @@ -#include "stdlib.h" #include +#include void f2(); void f1() { char l1[5] = "abcde"; From efd7b79262d457f1e8db95366d5a9ed0b9279009 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Thu, 2 Mar 2023 23:21:46 +0000 Subject: [PATCH 0587/2573] RULE-21-8: Simplify alert message, remove stdlib.h --- .../TerminationFunctionsOfStdlibhUsed.ql | 2 +- .../TerminationMacrosOfStdlibhUsed.ql | 2 +- ...TerminationFunctionsOfStdlibhUsed.expected | 12 +- .../TerminationMacrosOfStdlibhUsed.expected | 6 +- c/misra/test/rules/RULE-21-8/stdlib.h | 176 ------------------ c/misra/test/rules/RULE-21-8/test.c | 2 +- 6 files changed, 12 insertions(+), 188 deletions(-) delete mode 100644 c/misra/test/rules/RULE-21-8/stdlib.h diff --git a/c/misra/src/rules/RULE-21-8/TerminationFunctionsOfStdlibhUsed.ql b/c/misra/src/rules/RULE-21-8/TerminationFunctionsOfStdlibhUsed.ql index 104fa80a78..3414e82ab2 100644 --- a/c/misra/src/rules/RULE-21-8/TerminationFunctionsOfStdlibhUsed.ql +++ b/c/misra/src/rules/RULE-21-8/TerminationFunctionsOfStdlibhUsed.ql @@ -26,4 +26,4 @@ from FunctionCall fc, BannedFunction f where not isExcluded(fc, BannedPackage::terminationFunctionsOfStdlibhUsedQuery()) and f = fc.getTarget() -select fc, "Call to banned function $@.", f, f.getName() +select fc, "Call to banned function " + f.getName() + "." diff --git a/c/misra/src/rules/RULE-21-8/TerminationMacrosOfStdlibhUsed.ql b/c/misra/src/rules/RULE-21-8/TerminationMacrosOfStdlibhUsed.ql index 8a3c2802bf..2f83ec6b70 100644 --- a/c/misra/src/rules/RULE-21-8/TerminationMacrosOfStdlibhUsed.ql +++ b/c/misra/src/rules/RULE-21-8/TerminationMacrosOfStdlibhUsed.ql @@ -23,4 +23,4 @@ from MacroInvocation mi, BannedMacro m where not isExcluded(mi, BannedPackage::terminationMacrosOfStdlibhUsedQuery()) and m.getAnInvocation() = mi -select mi, "Use of banned macro $@.", m, m.getName() +select mi, "Use of banned macro " + m.getName() + "." diff --git a/c/misra/test/rules/RULE-21-8/TerminationFunctionsOfStdlibhUsed.expected b/c/misra/test/rules/RULE-21-8/TerminationFunctionsOfStdlibhUsed.expected index b3e816050a..7dad54e9cf 100644 --- a/c/misra/test/rules/RULE-21-8/TerminationFunctionsOfStdlibhUsed.expected +++ b/c/misra/test/rules/RULE-21-8/TerminationFunctionsOfStdlibhUsed.expected @@ -1,6 +1,6 @@ -| test.c:10:3:10:6 | call to exit | Call to banned function $@. | stdlib.h:46:16:46:19 | exit | exit | -| test.c:11:3:11:8 | call to system | Call to banned function $@. | stdlib.h:53:5:53:10 | system | system | -| test.c:12:3:12:7 | call to abort | Call to banned function $@. | stdlib.h:44:16:44:20 | abort | abort | -| test.c:14:3:14:9 | call to exit | Call to banned function $@. | stdlib.h:46:16:46:19 | exit | exit | -| test.c:15:3:15:7 | call to abort | Call to banned function $@. | stdlib.h:44:16:44:20 | abort | abort | -| test.c:16:3:16:14 | call to system | Call to banned function $@. | stdlib.h:53:5:53:10 | system | system | +| test.c:10:3:10:6 | call to exit | Call to banned function exit. | +| test.c:11:3:11:8 | call to system | Call to banned function system. | +| test.c:12:3:12:7 | call to abort | Call to banned function abort. | +| test.c:14:3:14:9 | call to exit | Call to banned function exit. | +| test.c:15:3:15:7 | call to abort | Call to banned function abort. | +| test.c:16:3:16:14 | call to system | Call to banned function system. | diff --git a/c/misra/test/rules/RULE-21-8/TerminationMacrosOfStdlibhUsed.expected b/c/misra/test/rules/RULE-21-8/TerminationMacrosOfStdlibhUsed.expected index 93a3769c1e..b4232cb60e 100644 --- a/c/misra/test/rules/RULE-21-8/TerminationMacrosOfStdlibhUsed.expected +++ b/c/misra/test/rules/RULE-21-8/TerminationMacrosOfStdlibhUsed.expected @@ -1,3 +1,3 @@ -| test.c:14:3:14:9 | EXIT(x) | Use of banned macro $@. | test.c:3:1:3:23 | #define EXIT(x) exit(x) | EXIT | -| test.c:15:3:15:7 | ABORT | Use of banned macro $@. | test.c:4:1:4:21 | #define ABORT abort() | ABORT | -| test.c:16:3:16:14 | SYSTEM(x) | Use of banned macro $@. | test.c:5:1:5:27 | #define SYSTEM(x) system(x) | SYSTEM | +| test.c:14:3:14:9 | EXIT(x) | Use of banned macro EXIT. | +| test.c:15:3:15:7 | ABORT | Use of banned macro ABORT. | +| test.c:16:3:16:14 | SYSTEM(x) | Use of banned macro SYSTEM. | diff --git a/c/misra/test/rules/RULE-21-8/stdlib.h b/c/misra/test/rules/RULE-21-8/stdlib.h deleted file mode 100644 index b54a051fe9..0000000000 --- a/c/misra/test/rules/RULE-21-8/stdlib.h +++ /dev/null @@ -1,176 +0,0 @@ -#ifndef _STDLIB_H -#define _STDLIB_H - -#ifdef __cplusplus -extern "C" { -#endif - -#include - -#ifdef __cplusplus -#define NULL 0L -#else -#define NULL ((void*)0) -#endif - -#define __NEED_size_t -#define __NEED_wchar_t - -#include - -int atoi (const char *); -long atol (const char *); -long long atoll (const char *); -double atof (const char *); - -float strtof (const char *__restrict, char **__restrict); -double strtod (const char *__restrict, char **__restrict); -long double strtold (const char *__restrict, char **__restrict); - -long strtol (const char *__restrict, char **__restrict, int); -unsigned long strtoul (const char *__restrict, char **__restrict, int); -long long strtoll (const char *__restrict, char **__restrict, int); -unsigned long long strtoull (const char *__restrict, char **__restrict, int); - -int rand (void); -void srand (unsigned); - -void *malloc (size_t); -void *calloc (size_t, size_t); -void *realloc (void *, size_t); -void free (void *); -void *aligned_alloc(size_t, size_t); - -_Noreturn void abort (void); -int atexit (void (*) (void)); -_Noreturn void exit (int); -_Noreturn void _Exit (int); -int at_quick_exit (void (*) (void)); -_Noreturn void quick_exit (int); - -char *getenv (const char *); - -int system (const char *); - -void *bsearch (const void *, const void *, size_t, size_t, int (*)(const void *, const void *)); -void qsort (void *, size_t, size_t, int (*)(const void *, const void *)); - -int abs (int); -long labs (long); -long long llabs (long long); - -typedef struct { int quot, rem; } div_t; -typedef struct { long quot, rem; } ldiv_t; -typedef struct { long long quot, rem; } lldiv_t; - -div_t div (int, int); -ldiv_t ldiv (long, long); -lldiv_t lldiv (long long, long long); - -int mblen (const char *, size_t); -int mbtowc (wchar_t *__restrict, const char *__restrict, size_t); -int wctomb (char *, wchar_t); -size_t mbstowcs (wchar_t *__restrict, const char *__restrict, size_t); -size_t wcstombs (char *__restrict, const wchar_t *__restrict, size_t); - -#define EXIT_FAILURE 1 -#define EXIT_SUCCESS 0 - -size_t __ctype_get_mb_cur_max(void); -#define MB_CUR_MAX (__ctype_get_mb_cur_max()) - -#define RAND_MAX (0x7fffffff) - - -#if defined(_POSIX_SOURCE) || defined(_POSIX_C_SOURCE) \ - || defined(_XOPEN_SOURCE) || defined(_GNU_SOURCE) \ - || defined(_BSD_SOURCE) - -#define WNOHANG 1 -#define WUNTRACED 2 - -#define WEXITSTATUS(s) (((s) & 0xff00) >> 8) -#define WTERMSIG(s) ((s) & 0x7f) -#define WSTOPSIG(s) WEXITSTATUS(s) -#define WIFEXITED(s) (!WTERMSIG(s)) -#define WIFSTOPPED(s) ((short)((((s)&0xffff)*0x10001)>>8) > 0x7f00) -#define WIFSIGNALED(s) (((s)&0xffff)-1U < 0xffu) - -int posix_memalign (void **, size_t, size_t); -int setenv (const char *, const char *, int); -int unsetenv (const char *); -int mkstemp (char *); -int mkostemp (char *, int); -char *mkdtemp (char *); -int getsubopt (char **, char *const *, char **); -int rand_r (unsigned *); - -#endif - - -#if defined(_XOPEN_SOURCE) || defined(_GNU_SOURCE) \ - || defined(_BSD_SOURCE) -char *realpath (const char *__restrict, char *__restrict); -long int random (void); -void srandom (unsigned int); -char *initstate (unsigned int, char *, size_t); -char *setstate (char *); -int putenv (char *); -int posix_openpt (int); -int grantpt (int); -int unlockpt (int); -char *ptsname (int); -char *l64a (long); -long a64l (const char *); -void setkey (const char *); -double drand48 (void); -double erand48 (unsigned short [3]); -long int lrand48 (void); -long int nrand48 (unsigned short [3]); -long mrand48 (void); -long jrand48 (unsigned short [3]); -void srand48 (long); -unsigned short *seed48 (unsigned short [3]); -void lcong48 (unsigned short [7]); -#endif - -#if defined(_GNU_SOURCE) || defined(_BSD_SOURCE) -#include -char *mktemp (char *); -int mkstemps (char *, int); -int mkostemps (char *, int, int); -void *valloc (size_t); -void *memalign(size_t, size_t); -int getloadavg(double *, int); -int clearenv(void); -#define WCOREDUMP(s) ((s) & 0x80) -#define WIFCONTINUED(s) ((s) == 0xffff) -void *reallocarray (void *, size_t, size_t); -#endif - -#ifdef _GNU_SOURCE -int ptsname_r(int, char *, size_t); -char *ecvt(double, int, int *, int *); -char *fcvt(double, int, int *, int *); -char *gcvt(double, int, char *); -char *secure_getenv(const char *); -struct __locale_struct; -float strtof_l(const char *__restrict, char **__restrict, struct __locale_struct *); -double strtod_l(const char *__restrict, char **__restrict, struct __locale_struct *); -long double strtold_l(const char *__restrict, char **__restrict, struct __locale_struct *); -#endif - -#if defined(_LARGEFILE64_SOURCE) || defined(_GNU_SOURCE) -#define mkstemp64 mkstemp -#define mkostemp64 mkostemp -#if defined(_GNU_SOURCE) || defined(_BSD_SOURCE) -#define mkstemps64 mkstemps -#define mkostemps64 mkostemps -#endif -#endif - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/c/misra/test/rules/RULE-21-8/test.c b/c/misra/test/rules/RULE-21-8/test.c index 0c4f99ed27..e5348d7d72 100644 --- a/c/misra/test/rules/RULE-21-8/test.c +++ b/c/misra/test/rules/RULE-21-8/test.c @@ -1,4 +1,4 @@ -#include "stdlib.h" +#include #define EXIT(x) exit(x) #define ABORT abort() From f22351fbb7b9b308ef3f918a4fe50a5727fc7986 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Thu, 2 Mar 2023 23:24:03 +0000 Subject: [PATCH 0588/2573] RULE-21-10: Simplify alert msg, remove std headers --- ...StandardLibraryTimeAndDateFunctionsUsed.ql | 2 +- ...rdLibraryTimeAndDateFunctionsUsed.expected | 10 +- c/misra/test/rules/RULE-21-10/test.c | 4 +- c/misra/test/rules/RULE-21-10/time.h | 166 -------------- c/misra/test/rules/RULE-21-10/wchar.h | 205 ------------------ 5 files changed, 8 insertions(+), 379 deletions(-) delete mode 100644 c/misra/test/rules/RULE-21-10/time.h delete mode 100644 c/misra/test/rules/RULE-21-10/wchar.h diff --git a/c/misra/src/rules/RULE-21-10/StandardLibraryTimeAndDateFunctionsUsed.ql b/c/misra/src/rules/RULE-21-10/StandardLibraryTimeAndDateFunctionsUsed.ql index bd79074f3e..c519ebe701 100644 --- a/c/misra/src/rules/RULE-21-10/StandardLibraryTimeAndDateFunctionsUsed.ql +++ b/c/misra/src/rules/RULE-21-10/StandardLibraryTimeAndDateFunctionsUsed.ql @@ -25,4 +25,4 @@ where f.getFile().getBaseName() = "wchar.h" ) ) -select fc, "Call to banned function $@.", f, f.getName() +select fc, "Call to banned function " + f.getName() + "." diff --git a/c/misra/test/rules/RULE-21-10/StandardLibraryTimeAndDateFunctionsUsed.expected b/c/misra/test/rules/RULE-21-10/StandardLibraryTimeAndDateFunctionsUsed.expected index 0ffd5eed7a..5f790df8e7 100644 --- a/c/misra/test/rules/RULE-21-10/StandardLibraryTimeAndDateFunctionsUsed.expected +++ b/c/misra/test/rules/RULE-21-10/StandardLibraryTimeAndDateFunctionsUsed.expected @@ -1,5 +1,5 @@ -| test.c:6:18:6:21 | call to time | Call to banned function $@. | time.h:53:8:53:11 | time | time | -| test.c:9:19:9:23 | call to ctime | Call to banned function $@. | time.h:60:7:60:11 | ctime | ctime | -| test.c:17:3:17:6 | call to time | Call to banned function $@. | time.h:53:8:53:11 | time | time | -| test.c:18:8:18:16 | call to localtime | Call to banned function $@. | time.h:58:12:58:20 | localtime | localtime | -| test.c:19:3:19:10 | call to wcsftime | Call to banned function $@. | wchar.h:139:8:139:15 | wcsftime | wcsftime | +| test.c:6:18:6:21 | call to time | Call to banned function time. | +| test.c:9:19:9:23 | call to ctime | Call to banned function ctime. | +| test.c:17:3:17:6 | call to time | Call to banned function time. | +| test.c:18:8:18:16 | call to localtime | Call to banned function localtime. | +| test.c:19:3:19:10 | call to wcsftime | Call to banned function wcsftime. | diff --git a/c/misra/test/rules/RULE-21-10/test.c b/c/misra/test/rules/RULE-21-10/test.c index fb028300a4..69b5e9cfb0 100644 --- a/c/misra/test/rules/RULE-21-10/test.c +++ b/c/misra/test/rules/RULE-21-10/test.c @@ -1,5 +1,5 @@ -#include "time.h" -#include "wchar.h" +#include +#include void f1() { time_t current_time; char *c_time_string; diff --git a/c/misra/test/rules/RULE-21-10/time.h b/c/misra/test/rules/RULE-21-10/time.h deleted file mode 100644 index 5494df1836..0000000000 --- a/c/misra/test/rules/RULE-21-10/time.h +++ /dev/null @@ -1,166 +0,0 @@ -#ifndef _TIME_H -#define _TIME_H - -#ifdef __cplusplus -extern "C" { -#endif - -#include - -#ifdef __cplusplus -#define NULL 0L -#else -#define NULL ((void*)0) -#endif - - -#define __NEED_size_t -#define __NEED_time_t -#define __NEED_clock_t -#define __NEED_struct_timespec - -#if defined(_POSIX_SOURCE) || defined(_POSIX_C_SOURCE) \ - || defined(_XOPEN_SOURCE) || defined(_GNU_SOURCE) \ - || defined(_BSD_SOURCE) -#define __NEED_clockid_t -#define __NEED_timer_t -#define __NEED_pid_t -#define __NEED_locale_t -#endif - -#include - -#if defined(_BSD_SOURCE) || defined(_GNU_SOURCE) -#define __tm_gmtoff tm_gmtoff -#define __tm_zone tm_zone -#endif - -struct tm { - int tm_sec; - int tm_min; - int tm_hour; - int tm_mday; - int tm_mon; - int tm_year; - int tm_wday; - int tm_yday; - int tm_isdst; - long __tm_gmtoff; - const char *__tm_zone; -}; - -clock_t clock (void); -time_t time (time_t *); -double difftime (time_t, time_t); -time_t mktime (struct tm *); -size_t strftime (char *__restrict, size_t, const char *__restrict, const struct tm *__restrict); -struct tm *gmtime (const time_t *); -struct tm *localtime (const time_t *); -char *asctime (const struct tm *); -char *ctime (const time_t *); -int timespec_get(struct timespec *, int); - -#define CLOCKS_PER_SEC 1000000L - -#define TIME_UTC 1 - -#if defined(_POSIX_SOURCE) || defined(_POSIX_C_SOURCE) \ - || defined(_XOPEN_SOURCE) || defined(_GNU_SOURCE) \ - || defined(_BSD_SOURCE) - -size_t strftime_l (char * __restrict, size_t, const char * __restrict, const struct tm * __restrict, locale_t); - -struct tm *gmtime_r (const time_t *__restrict, struct tm *__restrict); -struct tm *localtime_r (const time_t *__restrict, struct tm *__restrict); -char *asctime_r (const struct tm *__restrict, char *__restrict); -char *ctime_r (const time_t *, char *); - -void tzset (void); - -struct itimerspec { - struct timespec it_interval; - struct timespec it_value; -}; - -#define CLOCK_REALTIME 0 -#define CLOCK_MONOTONIC 1 -#define CLOCK_PROCESS_CPUTIME_ID 2 -#define CLOCK_THREAD_CPUTIME_ID 3 -#define CLOCK_MONOTONIC_RAW 4 -#define CLOCK_REALTIME_COARSE 5 -#define CLOCK_MONOTONIC_COARSE 6 -#define CLOCK_BOOTTIME 7 -#define CLOCK_REALTIME_ALARM 8 -#define CLOCK_BOOTTIME_ALARM 9 -#define CLOCK_SGI_CYCLE 10 -#define CLOCK_TAI 11 - -#define TIMER_ABSTIME 1 - -int nanosleep (const struct timespec *, struct timespec *); -int clock_getres (clockid_t, struct timespec *); -int clock_gettime (clockid_t, struct timespec *); -int clock_settime (clockid_t, const struct timespec *); -int clock_nanosleep (clockid_t, int, const struct timespec *, struct timespec *); -int clock_getcpuclockid (pid_t, clockid_t *); - -struct sigevent; -int timer_create (clockid_t, struct sigevent *__restrict, timer_t *__restrict); -int timer_delete (timer_t); -int timer_settime (timer_t, int, const struct itimerspec *__restrict, struct itimerspec *__restrict); -int timer_gettime (timer_t, struct itimerspec *); -int timer_getoverrun (timer_t); - -extern char *tzname[2]; - -#endif - - -#if defined(_XOPEN_SOURCE) || defined(_BSD_SOURCE) || defined(_GNU_SOURCE) -char *strptime (const char *__restrict, const char *__restrict, struct tm *__restrict); -extern int daylight; -extern long timezone; -extern int getdate_err; -struct tm *getdate (const char *); -#endif - - -#if defined(_GNU_SOURCE) || defined(_BSD_SOURCE) -int stime(const time_t *); -time_t timegm(struct tm *); -#endif - -#if _REDIR_TIME64 -__REDIR(time, __time64); -__REDIR(difftime, __difftime64); -__REDIR(mktime, __mktime64); -__REDIR(gmtime, __gmtime64); -__REDIR(localtime, __localtime64); -__REDIR(ctime, __ctime64); -__REDIR(timespec_get, __timespec_get_time64); -#if defined(_POSIX_SOURCE) || defined(_POSIX_C_SOURCE) \ - || defined(_XOPEN_SOURCE) || defined(_GNU_SOURCE) \ - || defined(_BSD_SOURCE) -__REDIR(gmtime_r, __gmtime64_r); -__REDIR(localtime_r, __localtime64_r); -__REDIR(ctime_r, __ctime64_r); -__REDIR(nanosleep, __nanosleep_time64); -__REDIR(clock_getres, __clock_getres_time64); -__REDIR(clock_gettime, __clock_gettime64); -__REDIR(clock_settime, __clock_settime64); -__REDIR(clock_nanosleep, __clock_nanosleep_time64); -__REDIR(timer_settime, __timer_settime64); -__REDIR(timer_gettime, __timer_gettime64); -#endif -#if defined(_GNU_SOURCE) || defined(_BSD_SOURCE) -__REDIR(stime, __stime64); -__REDIR(timegm, __timegm_time64); -#endif -#endif - -#ifdef __cplusplus -} -#endif - - -#endif diff --git a/c/misra/test/rules/RULE-21-10/wchar.h b/c/misra/test/rules/RULE-21-10/wchar.h deleted file mode 100644 index 88eb55b18c..0000000000 --- a/c/misra/test/rules/RULE-21-10/wchar.h +++ /dev/null @@ -1,205 +0,0 @@ -#ifndef _WCHAR_H -#define _WCHAR_H - -#ifdef __cplusplus -extern "C" { -#endif - -#include - -#define __NEED_FILE -#define __NEED___isoc_va_list -#define __NEED_size_t -#define __NEED_wchar_t -#define __NEED_wint_t -#define __NEED_mbstate_t - -#if __STDC_VERSION__ < 201112L -#define __NEED_struct__IO_FILE -#endif - -#if defined(_POSIX_SOURCE) || defined(_POSIX_C_SOURCE) \ - || defined(_XOPEN_SOURCE) || defined(_GNU_SOURCE) || defined(_BSD_SOURCE) -#define __NEED_locale_t -#define __NEED_va_list -#endif - -#if defined(_XOPEN_SOURCE) || defined(_GNU_SOURCE) || defined(_BSD_SOURCE) -#define __NEED_wctype_t -#endif - -#include - -#if L'\0'-1 > 0 -#define WCHAR_MAX (0xffffffffu+L'\0') -#define WCHAR_MIN (0+L'\0') -#else -#define WCHAR_MAX (0x7fffffff+L'\0') -#define WCHAR_MIN (-1-0x7fffffff+L'\0') -#endif - -#ifdef __cplusplus -#define NULL 0L -#else -#define NULL ((void*)0) -#endif - -#undef WEOF -#define WEOF 0xffffffffU - -wchar_t *wcscpy (wchar_t *__restrict, const wchar_t *__restrict); -wchar_t *wcsncpy (wchar_t *__restrict, const wchar_t *__restrict, size_t); - -wchar_t *wcscat (wchar_t *__restrict, const wchar_t *__restrict); -wchar_t *wcsncat (wchar_t *__restrict, const wchar_t *__restrict, size_t); - -int wcscmp (const wchar_t *, const wchar_t *); -int wcsncmp (const wchar_t *, const wchar_t *, size_t); - -int wcscoll(const wchar_t *, const wchar_t *); -size_t wcsxfrm (wchar_t *__restrict, const wchar_t *__restrict, size_t); - -wchar_t *wcschr (const wchar_t *, wchar_t); -wchar_t *wcsrchr (const wchar_t *, wchar_t); - -size_t wcscspn (const wchar_t *, const wchar_t *); -size_t wcsspn (const wchar_t *, const wchar_t *); -wchar_t *wcspbrk (const wchar_t *, const wchar_t *); - -wchar_t *wcstok (wchar_t *__restrict, const wchar_t *__restrict, wchar_t **__restrict); - -size_t wcslen (const wchar_t *); - -wchar_t *wcsstr (const wchar_t *__restrict, const wchar_t *__restrict); -wchar_t *wcswcs (const wchar_t *, const wchar_t *); - -wchar_t *wmemchr (const wchar_t *, wchar_t, size_t); -int wmemcmp (const wchar_t *, const wchar_t *, size_t); -wchar_t *wmemcpy (wchar_t *__restrict, const wchar_t *__restrict, size_t); -wchar_t *wmemmove (wchar_t *, const wchar_t *, size_t); -wchar_t *wmemset (wchar_t *, wchar_t, size_t); - -wint_t btowc (int); -int wctob (wint_t); - -int mbsinit (const mbstate_t *); -size_t mbrtowc (wchar_t *__restrict, const char *__restrict, size_t, mbstate_t *__restrict); -size_t wcrtomb (char *__restrict, wchar_t, mbstate_t *__restrict); - -size_t mbrlen (const char *__restrict, size_t, mbstate_t *__restrict); - -size_t mbsrtowcs (wchar_t *__restrict, const char **__restrict, size_t, mbstate_t *__restrict); -size_t wcsrtombs (char *__restrict, const wchar_t **__restrict, size_t, mbstate_t *__restrict); - -float wcstof (const wchar_t *__restrict, wchar_t **__restrict); -double wcstod (const wchar_t *__restrict, wchar_t **__restrict); -long double wcstold (const wchar_t *__restrict, wchar_t **__restrict); - -long wcstol (const wchar_t *__restrict, wchar_t **__restrict, int); -unsigned long wcstoul (const wchar_t *__restrict, wchar_t **__restrict, int); - -long long wcstoll (const wchar_t *__restrict, wchar_t **__restrict, int); -unsigned long long wcstoull (const wchar_t *__restrict, wchar_t **__restrict, int); - - - -int fwide (FILE *, int); - - -int wprintf (const wchar_t *__restrict, ...); -int fwprintf (FILE *__restrict, const wchar_t *__restrict, ...); -int swprintf (wchar_t *__restrict, size_t, const wchar_t *__restrict, ...); - -int vwprintf (const wchar_t *__restrict, __isoc_va_list); -int vfwprintf (FILE *__restrict, const wchar_t *__restrict, __isoc_va_list); -int vswprintf (wchar_t *__restrict, size_t, const wchar_t *__restrict, __isoc_va_list); - -int wscanf (const wchar_t *__restrict, ...); -int fwscanf (FILE *__restrict, const wchar_t *__restrict, ...); -int swscanf (const wchar_t *__restrict, const wchar_t *__restrict, ...); - -int vwscanf (const wchar_t *__restrict, __isoc_va_list); -int vfwscanf (FILE *__restrict, const wchar_t *__restrict, __isoc_va_list); -int vswscanf (const wchar_t *__restrict, const wchar_t *__restrict, __isoc_va_list); - -wint_t fgetwc (FILE *); -wint_t getwc (FILE *); -wint_t getwchar (void); - -wint_t fputwc (wchar_t, FILE *); -wint_t putwc (wchar_t, FILE *); -wint_t putwchar (wchar_t); - -wchar_t *fgetws (wchar_t *__restrict, int, FILE *__restrict); -int fputws (const wchar_t *__restrict, FILE *__restrict); - -wint_t ungetwc (wint_t, FILE *); - -struct tm; -size_t wcsftime (wchar_t *__restrict, size_t, const wchar_t *__restrict, const struct tm *__restrict); - -#undef iswdigit - -#if defined(_GNU_SOURCE) -wint_t fgetwc_unlocked (FILE *); -wint_t getwc_unlocked (FILE *); -wint_t getwchar_unlocked (void); -wint_t fputwc_unlocked (wchar_t, FILE *); -wint_t putwc_unlocked (wchar_t, FILE *); -wint_t putwchar_unlocked (wchar_t); -wchar_t *fgetws_unlocked (wchar_t *__restrict, int, FILE *__restrict); -int fputws_unlocked (const wchar_t *__restrict, FILE *__restrict); -#endif - -#if defined(_GNU_SOURCE) || defined(_BSD_SOURCE) -size_t wcsftime_l (wchar_t *__restrict, size_t, const wchar_t *__restrict, const struct tm *__restrict, locale_t); -#endif - -#if defined(_POSIX_SOURCE) || defined(_POSIX_C_SOURCE) \ - || defined(_XOPEN_SOURCE) || defined(_GNU_SOURCE) || defined(_BSD_SOURCE) -FILE *open_wmemstream(wchar_t **, size_t *); -size_t mbsnrtowcs(wchar_t *__restrict, const char **__restrict, size_t, size_t, mbstate_t *__restrict); -size_t wcsnrtombs(char *__restrict, const wchar_t **__restrict, size_t, size_t, mbstate_t *__restrict); -wchar_t *wcsdup(const wchar_t *); -size_t wcsnlen (const wchar_t *, size_t); -wchar_t *wcpcpy (wchar_t *__restrict, const wchar_t *__restrict); -wchar_t *wcpncpy (wchar_t *__restrict, const wchar_t *__restrict, size_t); -int wcscasecmp(const wchar_t *, const wchar_t *); -int wcscasecmp_l(const wchar_t *, const wchar_t *, locale_t); -int wcsncasecmp(const wchar_t *, const wchar_t *, size_t); -int wcsncasecmp_l(const wchar_t *, const wchar_t *, size_t, locale_t); -int wcscoll_l(const wchar_t *, const wchar_t *, locale_t); -size_t wcsxfrm_l(wchar_t *__restrict, const wchar_t *__restrict, size_t, locale_t); -#endif - -#if defined(_XOPEN_SOURCE) || defined(_GNU_SOURCE) || defined(_BSD_SOURCE) -int wcwidth (wchar_t); -int wcswidth (const wchar_t *, size_t); -int iswalnum(wint_t); -int iswalpha(wint_t); -int iswblank(wint_t); -int iswcntrl(wint_t); -int iswdigit(wint_t); -int iswgraph(wint_t); -int iswlower(wint_t); -int iswprint(wint_t); -int iswpunct(wint_t); -int iswspace(wint_t); -int iswupper(wint_t); -int iswxdigit(wint_t); -int iswctype(wint_t, wctype_t); -wint_t towlower(wint_t); -wint_t towupper(wint_t); -wctype_t wctype(const char *); - -#ifndef __cplusplus -#undef iswdigit -#define iswdigit(a) (0 ? iswdigit(a) : ((unsigned)(a)-'0') < 10) -#endif -#endif - -#ifdef __cplusplus -} -#endif - -#endif From 9a8f89f20927bd238ac5ed7ec94920c5362a0fb3 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Thu, 2 Mar 2023 23:26:18 +0000 Subject: [PATCH 0589/2573] RULE-21-11: Simplify alert msg, remove tgmath.h --- .../StandardHeaderFileTgmathhUsed.ql | 2 +- .../StandardHeaderFileTgmathhUsed.expected | 148 +++++----- c/misra/test/rules/RULE-21-11/test.c | 2 +- c/misra/test/rules/RULE-21-11/tgmath.h | 270 ------------------ 4 files changed, 76 insertions(+), 346 deletions(-) delete mode 100644 c/misra/test/rules/RULE-21-11/tgmath.h diff --git a/c/misra/src/rules/RULE-21-11/StandardHeaderFileTgmathhUsed.ql b/c/misra/src/rules/RULE-21-11/StandardHeaderFileTgmathhUsed.ql index f0903a3d52..e45279fb2b 100644 --- a/c/misra/src/rules/RULE-21-11/StandardHeaderFileTgmathhUsed.ql +++ b/c/misra/src/rules/RULE-21-11/StandardHeaderFileTgmathhUsed.ql @@ -18,4 +18,4 @@ where not isExcluded(mi, BannedPackage::standardHeaderFileTgmathhUsedQuery()) and mi.getMacro() = m and m.getFile().getBaseName() = "tgmath.h" -select mi, "Call to banned macro $@.", m, m.getName() +select mi, "Call to banned macro " + m.getName() + "." diff --git a/c/misra/test/rules/RULE-21-11/StandardHeaderFileTgmathhUsed.expected b/c/misra/test/rules/RULE-21-11/StandardHeaderFileTgmathhUsed.expected index db2a41bb06..73d5d5e80c 100644 --- a/c/misra/test/rules/RULE-21-11/StandardHeaderFileTgmathhUsed.expected +++ b/c/misra/test/rules/RULE-21-11/StandardHeaderFileTgmathhUsed.expected @@ -1,74 +1,74 @@ -| test.c:5:3:5:9 | __DBLCX(x) | Call to banned macro $@. | tgmath.h:24:1:24:70 | #define __DBLCX(x) (__IS_CX(x) && sizeof(x) == sizeof(double complex)) | __DBLCX | -| test.c:5:3:5:9 | __FLT(x) | Call to banned macro $@. | tgmath.h:20:1:20:61 | #define __FLT(x) (__IS_REAL(x) && sizeof(x) == sizeof(float)) | __FLT | -| test.c:5:3:5:9 | __FLTCX(x) | Call to banned macro $@. | tgmath.h:23:1:23:69 | #define __FLTCX(x) (__IS_CX(x) && sizeof(x) == sizeof(float complex)) | __FLTCX | -| test.c:5:3:5:9 | __IS_CX(x) | Call to banned macro $@. | tgmath.h:17:1:17:61 | #define __IS_CX(x) (__IS_FP(x) && sizeof(x) == sizeof((x)+I)) | __IS_CX | -| test.c:5:3:5:9 | __IS_CX(x) | Call to banned macro $@. | tgmath.h:17:1:17:61 | #define __IS_CX(x) (__IS_FP(x) && sizeof(x) == sizeof((x)+I)) | __IS_CX | -| test.c:5:3:5:9 | __IS_CX(x) | Call to banned macro $@. | tgmath.h:17:1:17:61 | #define __IS_CX(x) (__IS_FP(x) && sizeof(x) == sizeof((x)+I)) | __IS_CX | -| test.c:5:3:5:9 | __IS_FP(x) | Call to banned macro $@. | tgmath.h:16:1:16:57 | #define __IS_FP(x) (sizeof((x)+1ULL) == sizeof((x)+1.0f)) | __IS_FP | -| test.c:5:3:5:9 | __IS_FP(x) | Call to banned macro $@. | tgmath.h:16:1:16:57 | #define __IS_FP(x) (sizeof((x)+1ULL) == sizeof((x)+1.0f)) | __IS_FP | -| test.c:5:3:5:9 | __IS_FP(x) | Call to banned macro $@. | tgmath.h:16:1:16:57 | #define __IS_FP(x) (sizeof((x)+1ULL) == sizeof((x)+1.0f)) | __IS_FP | -| test.c:5:3:5:9 | __IS_FP(x) | Call to banned macro $@. | tgmath.h:16:1:16:57 | #define __IS_FP(x) (sizeof((x)+1ULL) == sizeof((x)+1.0f)) | __IS_FP | -| test.c:5:3:5:9 | __IS_FP(x) | Call to banned macro $@. | tgmath.h:16:1:16:57 | #define __IS_FP(x) (sizeof((x)+1ULL) == sizeof((x)+1.0f)) | __IS_FP | -| test.c:5:3:5:9 | __IS_REAL(x) | Call to banned macro $@. | tgmath.h:18:1:18:65 | #define __IS_REAL(x) (__IS_FP(x) && 2*sizeof(x) == sizeof((x)+I)) | __IS_REAL | -| test.c:5:3:5:9 | __IS_REAL(x) | Call to banned macro $@. | tgmath.h:18:1:18:65 | #define __IS_REAL(x) (__IS_FP(x) && 2*sizeof(x) == sizeof((x)+I)) | __IS_REAL | -| test.c:5:3:5:9 | __LDBL(x) | Call to banned macro $@. | tgmath.h:21:1:21:109 | #define __LDBL(x) (__IS_REAL(x) && sizeof(x) == sizeof(long double) && sizeof(long double) != sizeof(double)) | __LDBL | -| test.c:5:3:5:9 | __LDBLCX(x) | Call to banned macro $@. | tgmath.h:25:1:25:117 | #define __LDBLCX(x) (__IS_CX(x) && sizeof(x) == sizeof(long double complex) && sizeof(long double) != sizeof(double)) | __LDBLCX | -| test.c:5:3:5:9 | __RETCAST(x) | Call to banned macro $@. | tgmath.h:71:1:71:20 | #define __RETCAST(x) | __RETCAST | -| test.c:5:3:5:9 | __tg_real_complex(fun,x) | Call to banned macro $@. | tgmath.h:107:1:113:10 | #define __tg_real_complex(fun,x) (__RETCAST(x)( __FLTCX(x) ? c ## fun ## f (x) : __DBLCX(x) ? c ## fun (x) : __LDBLCX(x) ? c ## fun ## l (x) : __FLT(x) ? fun ## f (x) : __LDBL(x) ? fun ## l (x) : fun(x) )) | __tg_real_complex | -| test.c:5:3:5:9 | sqrt(x) | Call to banned macro $@. | tgmath.h:264:1:264:52 | #define sqrt(x) __tg_real_complex(sqrt, (x)) | sqrt | -| test.c:7:3:7:8 | __DBLCX(x) | Call to banned macro $@. | tgmath.h:24:1:24:70 | #define __DBLCX(x) (__IS_CX(x) && sizeof(x) == sizeof(double complex)) | __DBLCX | -| test.c:7:3:7:8 | __FLT(x) | Call to banned macro $@. | tgmath.h:20:1:20:61 | #define __FLT(x) (__IS_REAL(x) && sizeof(x) == sizeof(float)) | __FLT | -| test.c:7:3:7:8 | __FLTCX(x) | Call to banned macro $@. | tgmath.h:23:1:23:69 | #define __FLTCX(x) (__IS_CX(x) && sizeof(x) == sizeof(float complex)) | __FLTCX | -| test.c:7:3:7:8 | __IS_CX(x) | Call to banned macro $@. | tgmath.h:17:1:17:61 | #define __IS_CX(x) (__IS_FP(x) && sizeof(x) == sizeof((x)+I)) | __IS_CX | -| test.c:7:3:7:8 | __IS_CX(x) | Call to banned macro $@. | tgmath.h:17:1:17:61 | #define __IS_CX(x) (__IS_FP(x) && sizeof(x) == sizeof((x)+I)) | __IS_CX | -| test.c:7:3:7:8 | __IS_CX(x) | Call to banned macro $@. | tgmath.h:17:1:17:61 | #define __IS_CX(x) (__IS_FP(x) && sizeof(x) == sizeof((x)+I)) | __IS_CX | -| test.c:7:3:7:8 | __IS_FP(x) | Call to banned macro $@. | tgmath.h:16:1:16:57 | #define __IS_FP(x) (sizeof((x)+1ULL) == sizeof((x)+1.0f)) | __IS_FP | -| test.c:7:3:7:8 | __IS_FP(x) | Call to banned macro $@. | tgmath.h:16:1:16:57 | #define __IS_FP(x) (sizeof((x)+1ULL) == sizeof((x)+1.0f)) | __IS_FP | -| test.c:7:3:7:8 | __IS_FP(x) | Call to banned macro $@. | tgmath.h:16:1:16:57 | #define __IS_FP(x) (sizeof((x)+1ULL) == sizeof((x)+1.0f)) | __IS_FP | -| test.c:7:3:7:8 | __IS_FP(x) | Call to banned macro $@. | tgmath.h:16:1:16:57 | #define __IS_FP(x) (sizeof((x)+1ULL) == sizeof((x)+1.0f)) | __IS_FP | -| test.c:7:3:7:8 | __IS_FP(x) | Call to banned macro $@. | tgmath.h:16:1:16:57 | #define __IS_FP(x) (sizeof((x)+1ULL) == sizeof((x)+1.0f)) | __IS_FP | -| test.c:7:3:7:8 | __IS_REAL(x) | Call to banned macro $@. | tgmath.h:18:1:18:65 | #define __IS_REAL(x) (__IS_FP(x) && 2*sizeof(x) == sizeof((x)+I)) | __IS_REAL | -| test.c:7:3:7:8 | __IS_REAL(x) | Call to banned macro $@. | tgmath.h:18:1:18:65 | #define __IS_REAL(x) (__IS_FP(x) && 2*sizeof(x) == sizeof((x)+I)) | __IS_REAL | -| test.c:7:3:7:8 | __LDBL(x) | Call to banned macro $@. | tgmath.h:21:1:21:109 | #define __LDBL(x) (__IS_REAL(x) && sizeof(x) == sizeof(long double) && sizeof(long double) != sizeof(double)) | __LDBL | -| test.c:7:3:7:8 | __LDBLCX(x) | Call to banned macro $@. | tgmath.h:25:1:25:117 | #define __LDBLCX(x) (__IS_CX(x) && sizeof(x) == sizeof(long double complex) && sizeof(long double) != sizeof(double)) | __LDBLCX | -| test.c:7:3:7:8 | __RETCAST(x) | Call to banned macro $@. | tgmath.h:71:1:71:20 | #define __RETCAST(x) | __RETCAST | -| test.c:7:3:7:8 | __tg_real_complex(fun,x) | Call to banned macro $@. | tgmath.h:107:1:113:10 | #define __tg_real_complex(fun,x) (__RETCAST(x)( __FLTCX(x) ? c ## fun ## f (x) : __DBLCX(x) ? c ## fun (x) : __LDBLCX(x) ? c ## fun ## l (x) : __FLT(x) ? fun ## f (x) : __LDBL(x) ? fun ## l (x) : fun(x) )) | __tg_real_complex | -| test.c:7:3:7:8 | sin(x) | Call to banned macro $@. | tgmath.h:262:1:262:51 | #define sin(x) __tg_real_complex(sin, (x)) | sin | -| test.c:10:21:10:28 | __DBLCX(x) | Call to banned macro $@. | tgmath.h:24:1:24:70 | #define __DBLCX(x) (__IS_CX(x) && sizeof(x) == sizeof(double complex)) | __DBLCX | -| test.c:10:21:10:28 | __FLT(x) | Call to banned macro $@. | tgmath.h:20:1:20:61 | #define __FLT(x) (__IS_REAL(x) && sizeof(x) == sizeof(float)) | __FLT | -| test.c:10:21:10:28 | __FLTCX(x) | Call to banned macro $@. | tgmath.h:23:1:23:69 | #define __FLTCX(x) (__IS_CX(x) && sizeof(x) == sizeof(float complex)) | __FLTCX | -| test.c:10:21:10:28 | __IS_CX(x) | Call to banned macro $@. | tgmath.h:17:1:17:61 | #define __IS_CX(x) (__IS_FP(x) && sizeof(x) == sizeof((x)+I)) | __IS_CX | -| test.c:10:21:10:28 | __IS_CX(x) | Call to banned macro $@. | tgmath.h:17:1:17:61 | #define __IS_CX(x) (__IS_FP(x) && sizeof(x) == sizeof((x)+I)) | __IS_CX | -| test.c:10:21:10:28 | __IS_CX(x) | Call to banned macro $@. | tgmath.h:17:1:17:61 | #define __IS_CX(x) (__IS_FP(x) && sizeof(x) == sizeof((x)+I)) | __IS_CX | -| test.c:10:21:10:28 | __IS_FP(x) | Call to banned macro $@. | tgmath.h:16:1:16:57 | #define __IS_FP(x) (sizeof((x)+1ULL) == sizeof((x)+1.0f)) | __IS_FP | -| test.c:10:21:10:28 | __IS_FP(x) | Call to banned macro $@. | tgmath.h:16:1:16:57 | #define __IS_FP(x) (sizeof((x)+1ULL) == sizeof((x)+1.0f)) | __IS_FP | -| test.c:10:21:10:28 | __IS_FP(x) | Call to banned macro $@. | tgmath.h:16:1:16:57 | #define __IS_FP(x) (sizeof((x)+1ULL) == sizeof((x)+1.0f)) | __IS_FP | -| test.c:10:21:10:28 | __IS_FP(x) | Call to banned macro $@. | tgmath.h:16:1:16:57 | #define __IS_FP(x) (sizeof((x)+1ULL) == sizeof((x)+1.0f)) | __IS_FP | -| test.c:10:21:10:28 | __IS_FP(x) | Call to banned macro $@. | tgmath.h:16:1:16:57 | #define __IS_FP(x) (sizeof((x)+1ULL) == sizeof((x)+1.0f)) | __IS_FP | -| test.c:10:21:10:28 | __IS_REAL(x) | Call to banned macro $@. | tgmath.h:18:1:18:65 | #define __IS_REAL(x) (__IS_FP(x) && 2*sizeof(x) == sizeof((x)+I)) | __IS_REAL | -| test.c:10:21:10:28 | __IS_REAL(x) | Call to banned macro $@. | tgmath.h:18:1:18:65 | #define __IS_REAL(x) (__IS_FP(x) && 2*sizeof(x) == sizeof((x)+I)) | __IS_REAL | -| test.c:10:21:10:28 | __LDBL(x) | Call to banned macro $@. | tgmath.h:21:1:21:109 | #define __LDBL(x) (__IS_REAL(x) && sizeof(x) == sizeof(long double) && sizeof(long double) != sizeof(double)) | __LDBL | -| test.c:10:21:10:28 | __LDBLCX(x) | Call to banned macro $@. | tgmath.h:25:1:25:117 | #define __LDBLCX(x) (__IS_CX(x) && sizeof(x) == sizeof(long double complex) && sizeof(long double) != sizeof(double)) | __LDBLCX | -| test.c:10:21:10:28 | __RETCAST(x) | Call to banned macro $@. | tgmath.h:71:1:71:20 | #define __RETCAST(x) | __RETCAST | -| test.c:10:21:10:28 | __tg_real_complex(fun,x) | Call to banned macro $@. | tgmath.h:107:1:113:10 | #define __tg_real_complex(fun,x) (__RETCAST(x)( __FLTCX(x) ? c ## fun ## f (x) : __DBLCX(x) ? c ## fun (x) : __LDBLCX(x) ? c ## fun ## l (x) : __FLT(x) ? fun ## f (x) : __LDBL(x) ? fun ## l (x) : fun(x) )) | __tg_real_complex | -| test.c:10:21:10:28 | sqrt(x) | Call to banned macro $@. | tgmath.h:264:1:264:52 | #define sqrt(x) __tg_real_complex(sqrt, (x)) | sqrt | -| test.c:11:3:11:10 | __FLTCX(x) | Call to banned macro $@. | tgmath.h:23:1:23:69 | #define __FLTCX(x) (__IS_CX(x) && sizeof(x) == sizeof(float complex)) | __FLTCX | -| test.c:11:3:11:10 | __IS_CX(x) | Call to banned macro $@. | tgmath.h:17:1:17:61 | #define __IS_CX(x) (__IS_FP(x) && sizeof(x) == sizeof((x)+I)) | __IS_CX | -| test.c:11:3:11:10 | __IS_CX(x) | Call to banned macro $@. | tgmath.h:17:1:17:61 | #define __IS_CX(x) (__IS_FP(x) && sizeof(x) == sizeof((x)+I)) | __IS_CX | -| test.c:11:3:11:10 | __IS_FP(x) | Call to banned macro $@. | tgmath.h:16:1:16:57 | #define __IS_FP(x) (sizeof((x)+1ULL) == sizeof((x)+1.0f)) | __IS_FP | -| test.c:11:3:11:10 | __IS_FP(x) | Call to banned macro $@. | tgmath.h:16:1:16:57 | #define __IS_FP(x) (sizeof((x)+1ULL) == sizeof((x)+1.0f)) | __IS_FP | -| test.c:11:3:11:10 | __IS_FP(x) | Call to banned macro $@. | tgmath.h:16:1:16:57 | #define __IS_FP(x) (sizeof((x)+1ULL) == sizeof((x)+1.0f)) | __IS_FP | -| test.c:11:3:11:10 | __LDBLCX(x) | Call to banned macro $@. | tgmath.h:25:1:25:117 | #define __LDBLCX(x) (__IS_CX(x) && sizeof(x) == sizeof(long double complex) && sizeof(long double) != sizeof(double)) | __LDBLCX | -| test.c:11:3:11:10 | __RETCAST_REAL(x) | Call to banned macro $@. | tgmath.h:74:1:74:25 | #define __RETCAST_REAL(x) | __RETCAST_REAL | -| test.c:11:3:11:10 | __tg_complex_retreal(fun,x) | Call to banned macro $@. | tgmath.h:102:1:105:10 | #define __tg_complex_retreal(fun,x) (__RETCAST_REAL(x)( __FLTCX((x)+I) && __IS_FP(x) ? fun ## f (x) : __LDBLCX((x)+I) ? fun ## l (x) : fun(x) )) | __tg_complex_retreal | -| test.c:11:3:11:10 | creal(x) | Call to banned macro $@. | tgmath.h:225:1:225:56 | #define creal(x) __tg_complex_retreal(creal, (x)) | creal | -| test.c:12:3:12:10 | __FLTCX(x) | Call to banned macro $@. | tgmath.h:23:1:23:69 | #define __FLTCX(x) (__IS_CX(x) && sizeof(x) == sizeof(float complex)) | __FLTCX | -| test.c:12:3:12:10 | __IS_CX(x) | Call to banned macro $@. | tgmath.h:17:1:17:61 | #define __IS_CX(x) (__IS_FP(x) && sizeof(x) == sizeof((x)+I)) | __IS_CX | -| test.c:12:3:12:10 | __IS_CX(x) | Call to banned macro $@. | tgmath.h:17:1:17:61 | #define __IS_CX(x) (__IS_FP(x) && sizeof(x) == sizeof((x)+I)) | __IS_CX | -| test.c:12:3:12:10 | __IS_FP(x) | Call to banned macro $@. | tgmath.h:16:1:16:57 | #define __IS_FP(x) (sizeof((x)+1ULL) == sizeof((x)+1.0f)) | __IS_FP | -| test.c:12:3:12:10 | __IS_FP(x) | Call to banned macro $@. | tgmath.h:16:1:16:57 | #define __IS_FP(x) (sizeof((x)+1ULL) == sizeof((x)+1.0f)) | __IS_FP | -| test.c:12:3:12:10 | __IS_FP(x) | Call to banned macro $@. | tgmath.h:16:1:16:57 | #define __IS_FP(x) (sizeof((x)+1ULL) == sizeof((x)+1.0f)) | __IS_FP | -| test.c:12:3:12:10 | __LDBLCX(x) | Call to banned macro $@. | tgmath.h:25:1:25:117 | #define __LDBLCX(x) (__IS_CX(x) && sizeof(x) == sizeof(long double complex) && sizeof(long double) != sizeof(double)) | __LDBLCX | -| test.c:12:3:12:10 | __RETCAST_REAL(x) | Call to banned macro $@. | tgmath.h:74:1:74:25 | #define __RETCAST_REAL(x) | __RETCAST_REAL | -| test.c:12:3:12:10 | __tg_complex_retreal(fun,x) | Call to banned macro $@. | tgmath.h:102:1:105:10 | #define __tg_complex_retreal(fun,x) (__RETCAST_REAL(x)( __FLTCX((x)+I) && __IS_FP(x) ? fun ## f (x) : __LDBLCX((x)+I) ? fun ## l (x) : fun(x) )) | __tg_complex_retreal | -| test.c:12:3:12:10 | cimag(x) | Call to banned macro $@. | tgmath.h:219:1:219:56 | #define cimag(x) __tg_complex_retreal(cimag, (x)) | cimag | +| test.c:5:3:5:9 | __DBLCX(x) | Call to banned macro __DBLCX. | +| test.c:5:3:5:9 | __FLT(x) | Call to banned macro __FLT. | +| test.c:5:3:5:9 | __FLTCX(x) | Call to banned macro __FLTCX. | +| test.c:5:3:5:9 | __IS_CX(x) | Call to banned macro __IS_CX. | +| test.c:5:3:5:9 | __IS_CX(x) | Call to banned macro __IS_CX. | +| test.c:5:3:5:9 | __IS_CX(x) | Call to banned macro __IS_CX. | +| test.c:5:3:5:9 | __IS_FP(x) | Call to banned macro __IS_FP. | +| test.c:5:3:5:9 | __IS_FP(x) | Call to banned macro __IS_FP. | +| test.c:5:3:5:9 | __IS_FP(x) | Call to banned macro __IS_FP. | +| test.c:5:3:5:9 | __IS_FP(x) | Call to banned macro __IS_FP. | +| test.c:5:3:5:9 | __IS_FP(x) | Call to banned macro __IS_FP. | +| test.c:5:3:5:9 | __IS_REAL(x) | Call to banned macro __IS_REAL. | +| test.c:5:3:5:9 | __IS_REAL(x) | Call to banned macro __IS_REAL. | +| test.c:5:3:5:9 | __LDBL(x) | Call to banned macro __LDBL. | +| test.c:5:3:5:9 | __LDBLCX(x) | Call to banned macro __LDBLCX. | +| test.c:5:3:5:9 | __RETCAST(x) | Call to banned macro __RETCAST. | +| test.c:5:3:5:9 | __tg_real_complex(fun,x) | Call to banned macro __tg_real_complex. | +| test.c:5:3:5:9 | sqrt(x) | Call to banned macro sqrt. | +| test.c:7:3:7:8 | __DBLCX(x) | Call to banned macro __DBLCX. | +| test.c:7:3:7:8 | __FLT(x) | Call to banned macro __FLT. | +| test.c:7:3:7:8 | __FLTCX(x) | Call to banned macro __FLTCX. | +| test.c:7:3:7:8 | __IS_CX(x) | Call to banned macro __IS_CX. | +| test.c:7:3:7:8 | __IS_CX(x) | Call to banned macro __IS_CX. | +| test.c:7:3:7:8 | __IS_CX(x) | Call to banned macro __IS_CX. | +| test.c:7:3:7:8 | __IS_FP(x) | Call to banned macro __IS_FP. | +| test.c:7:3:7:8 | __IS_FP(x) | Call to banned macro __IS_FP. | +| test.c:7:3:7:8 | __IS_FP(x) | Call to banned macro __IS_FP. | +| test.c:7:3:7:8 | __IS_FP(x) | Call to banned macro __IS_FP. | +| test.c:7:3:7:8 | __IS_FP(x) | Call to banned macro __IS_FP. | +| test.c:7:3:7:8 | __IS_REAL(x) | Call to banned macro __IS_REAL. | +| test.c:7:3:7:8 | __IS_REAL(x) | Call to banned macro __IS_REAL. | +| test.c:7:3:7:8 | __LDBL(x) | Call to banned macro __LDBL. | +| test.c:7:3:7:8 | __LDBLCX(x) | Call to banned macro __LDBLCX. | +| test.c:7:3:7:8 | __RETCAST(x) | Call to banned macro __RETCAST. | +| test.c:7:3:7:8 | __tg_real_complex(fun,x) | Call to banned macro __tg_real_complex. | +| test.c:7:3:7:8 | sin(x) | Call to banned macro sin. | +| test.c:10:21:10:28 | __DBLCX(x) | Call to banned macro __DBLCX. | +| test.c:10:21:10:28 | __FLT(x) | Call to banned macro __FLT. | +| test.c:10:21:10:28 | __FLTCX(x) | Call to banned macro __FLTCX. | +| test.c:10:21:10:28 | __IS_CX(x) | Call to banned macro __IS_CX. | +| test.c:10:21:10:28 | __IS_CX(x) | Call to banned macro __IS_CX. | +| test.c:10:21:10:28 | __IS_CX(x) | Call to banned macro __IS_CX. | +| test.c:10:21:10:28 | __IS_FP(x) | Call to banned macro __IS_FP. | +| test.c:10:21:10:28 | __IS_FP(x) | Call to banned macro __IS_FP. | +| test.c:10:21:10:28 | __IS_FP(x) | Call to banned macro __IS_FP. | +| test.c:10:21:10:28 | __IS_FP(x) | Call to banned macro __IS_FP. | +| test.c:10:21:10:28 | __IS_FP(x) | Call to banned macro __IS_FP. | +| test.c:10:21:10:28 | __IS_REAL(x) | Call to banned macro __IS_REAL. | +| test.c:10:21:10:28 | __IS_REAL(x) | Call to banned macro __IS_REAL. | +| test.c:10:21:10:28 | __LDBL(x) | Call to banned macro __LDBL. | +| test.c:10:21:10:28 | __LDBLCX(x) | Call to banned macro __LDBLCX. | +| test.c:10:21:10:28 | __RETCAST(x) | Call to banned macro __RETCAST. | +| test.c:10:21:10:28 | __tg_real_complex(fun,x) | Call to banned macro __tg_real_complex. | +| test.c:10:21:10:28 | sqrt(x) | Call to banned macro sqrt. | +| test.c:11:3:11:10 | __FLTCX(x) | Call to banned macro __FLTCX. | +| test.c:11:3:11:10 | __IS_CX(x) | Call to banned macro __IS_CX. | +| test.c:11:3:11:10 | __IS_CX(x) | Call to banned macro __IS_CX. | +| test.c:11:3:11:10 | __IS_FP(x) | Call to banned macro __IS_FP. | +| test.c:11:3:11:10 | __IS_FP(x) | Call to banned macro __IS_FP. | +| test.c:11:3:11:10 | __IS_FP(x) | Call to banned macro __IS_FP. | +| test.c:11:3:11:10 | __LDBLCX(x) | Call to banned macro __LDBLCX. | +| test.c:11:3:11:10 | __RETCAST_REAL(x) | Call to banned macro __RETCAST_REAL. | +| test.c:11:3:11:10 | __tg_complex_retreal(fun,x) | Call to banned macro __tg_complex_retreal. | +| test.c:11:3:11:10 | creal(x) | Call to banned macro creal. | +| test.c:12:3:12:10 | __FLTCX(x) | Call to banned macro __FLTCX. | +| test.c:12:3:12:10 | __IS_CX(x) | Call to banned macro __IS_CX. | +| test.c:12:3:12:10 | __IS_CX(x) | Call to banned macro __IS_CX. | +| test.c:12:3:12:10 | __IS_FP(x) | Call to banned macro __IS_FP. | +| test.c:12:3:12:10 | __IS_FP(x) | Call to banned macro __IS_FP. | +| test.c:12:3:12:10 | __IS_FP(x) | Call to banned macro __IS_FP. | +| test.c:12:3:12:10 | __LDBLCX(x) | Call to banned macro __LDBLCX. | +| test.c:12:3:12:10 | __RETCAST_REAL(x) | Call to banned macro __RETCAST_REAL. | +| test.c:12:3:12:10 | __tg_complex_retreal(fun,x) | Call to banned macro __tg_complex_retreal. | +| test.c:12:3:12:10 | cimag(x) | Call to banned macro cimag. | diff --git a/c/misra/test/rules/RULE-21-11/test.c b/c/misra/test/rules/RULE-21-11/test.c index 95b432d231..7e81bf3c57 100644 --- a/c/misra/test/rules/RULE-21-11/test.c +++ b/c/misra/test/rules/RULE-21-11/test.c @@ -1,4 +1,4 @@ -#include "tgmath.h" +#include void f2(); void f1() { int i = 2; diff --git a/c/misra/test/rules/RULE-21-11/tgmath.h b/c/misra/test/rules/RULE-21-11/tgmath.h deleted file mode 100644 index e41ccac9ec..0000000000 --- a/c/misra/test/rules/RULE-21-11/tgmath.h +++ /dev/null @@ -1,270 +0,0 @@ -#ifndef _TGMATH_H -#define _TGMATH_H - -/* -the return types are only correct with gcc (__GNUC__) -otherwise they are long double or long double complex - -the long double version of a function is never chosen when -sizeof(double) == sizeof(long double) -(but the return type is set correctly with gcc) -*/ - -#include -#include - -#define __IS_FP(x) (sizeof((x)+1ULL) == sizeof((x)+1.0f)) -#define __IS_CX(x) (__IS_FP(x) && sizeof(x) == sizeof((x)+I)) -#define __IS_REAL(x) (__IS_FP(x) && 2*sizeof(x) == sizeof((x)+I)) - -#define __FLT(x) (__IS_REAL(x) && sizeof(x) == sizeof(float)) -#define __LDBL(x) (__IS_REAL(x) && sizeof(x) == sizeof(long double) && sizeof(long double) != sizeof(double)) - -#define __FLTCX(x) (__IS_CX(x) && sizeof(x) == sizeof(float complex)) -#define __DBLCX(x) (__IS_CX(x) && sizeof(x) == sizeof(double complex)) -#define __LDBLCX(x) (__IS_CX(x) && sizeof(x) == sizeof(long double complex) && sizeof(long double) != sizeof(double)) - -/* return type */ - -#ifdef __GNUC__ -/* -the result must be casted to the right type -(otherwise the result type is determined by the conversion -rules applied to all the function return types so it is long -double or long double complex except for integral functions) - -this cannot be done in c99, so the typeof gcc extension is -used and that the type of ?: depends on wether an operand is -a null pointer constant or not -(in c11 _Generic can be used) - -the c arguments below must be integer constant expressions -so they can be in null pointer constants -(__IS_FP above was carefully chosen this way) -*/ -/* if c then t else void */ -#define __type1(c,t) __typeof__(*(0?(t*)0:(void*)!(c))) -/* if c then t1 else t2 */ -#define __type2(c,t1,t2) __typeof__(*(0?(__type1(c,t1)*)0:(__type1(!(c),t2)*)0)) -/* cast to double when x is integral, otherwise use typeof(x) */ -#define __RETCAST(x) ( \ - __type2(__IS_FP(x), __typeof__(x), double)) -/* 2 args case, should work for complex types (cpow) */ -#define __RETCAST_2(x, y) ( \ - __type2(__IS_FP(x) && __IS_FP(y), \ - __typeof__((x)+(y)), \ - __typeof__((x)+(y)+1.0))) -/* 3 args case (fma only) */ -#define __RETCAST_3(x, y, z) ( \ - __type2(__IS_FP(x) && __IS_FP(y) && __IS_FP(z), \ - __typeof__((x)+(y)+(z)), \ - __typeof__((x)+(y)+(z)+1.0))) -/* drop complex from the type of x */ -/* TODO: wrong when sizeof(long double)==sizeof(double) */ -#define __RETCAST_REAL(x) ( \ - __type2(__IS_FP(x) && sizeof((x)+I) == sizeof(float complex), float, \ - __type2(sizeof((x)+1.0+I) == sizeof(double complex), double, \ - long double))) -/* add complex to the type of x */ -#define __RETCAST_CX(x) (__typeof__(__RETCAST(x)0+I)) -#else -#define __RETCAST(x) -#define __RETCAST_2(x, y) -#define __RETCAST_3(x, y, z) -#define __RETCAST_REAL(x) -#define __RETCAST_CX(x) -#endif - -/* function selection */ - -#define __tg_real_nocast(fun, x) ( \ - __FLT(x) ? fun ## f (x) : \ - __LDBL(x) ? fun ## l (x) : \ - fun(x) ) - -#define __tg_real(fun, x) (__RETCAST(x)__tg_real_nocast(fun, x)) - -#define __tg_real_2_1(fun, x, y) (__RETCAST(x)( \ - __FLT(x) ? fun ## f (x, y) : \ - __LDBL(x) ? fun ## l (x, y) : \ - fun(x, y) )) - -#define __tg_real_2(fun, x, y) (__RETCAST_2(x, y)( \ - __FLT(x) && __FLT(y) ? fun ## f (x, y) : \ - __LDBL((x)+(y)) ? fun ## l (x, y) : \ - fun(x, y) )) - -#define __tg_complex(fun, x) (__RETCAST_CX(x)( \ - __FLTCX((x)+I) && __IS_FP(x) ? fun ## f (x) : \ - __LDBLCX((x)+I) ? fun ## l (x) : \ - fun(x) )) - -#define __tg_complex_retreal(fun, x) (__RETCAST_REAL(x)( \ - __FLTCX((x)+I) && __IS_FP(x) ? fun ## f (x) : \ - __LDBLCX((x)+I) ? fun ## l (x) : \ - fun(x) )) - -#define __tg_real_complex(fun, x) (__RETCAST(x)( \ - __FLTCX(x) ? c ## fun ## f (x) : \ - __DBLCX(x) ? c ## fun (x) : \ - __LDBLCX(x) ? c ## fun ## l (x) : \ - __FLT(x) ? fun ## f (x) : \ - __LDBL(x) ? fun ## l (x) : \ - fun(x) )) - -/* special cases */ - -#define __tg_real_remquo(x, y, z) (__RETCAST_2(x, y)( \ - __FLT(x) && __FLT(y) ? remquof(x, y, z) : \ - __LDBL((x)+(y)) ? remquol(x, y, z) : \ - remquo(x, y, z) )) - -#define __tg_real_fma(x, y, z) (__RETCAST_3(x, y, z)( \ - __FLT(x) && __FLT(y) && __FLT(z) ? fmaf(x, y, z) : \ - __LDBL((x)+(y)+(z)) ? fmal(x, y, z) : \ - fma(x, y, z) )) - -#define __tg_real_complex_pow(x, y) (__RETCAST_2(x, y)( \ - __FLTCX((x)+(y)) && __IS_FP(x) && __IS_FP(y) ? cpowf(x, y) : \ - __FLTCX((x)+(y)) ? cpow(x, y) : \ - __DBLCX((x)+(y)) ? cpow(x, y) : \ - __LDBLCX((x)+(y)) ? cpowl(x, y) : \ - __FLT(x) && __FLT(y) ? powf(x, y) : \ - __LDBL((x)+(y)) ? powl(x, y) : \ - pow(x, y) )) - -#define __tg_real_complex_fabs(x) (__RETCAST_REAL(x)( \ - __FLTCX(x) ? cabsf(x) : \ - __DBLCX(x) ? cabs(x) : \ - __LDBLCX(x) ? cabsl(x) : \ - __FLT(x) ? fabsf(x) : \ - __LDBL(x) ? fabsl(x) : \ - fabs(x) )) - -/* suppress any macros in math.h or complex.h */ - -#undef acos -#undef acosh -#undef asin -#undef asinh -#undef atan -#undef atan2 -#undef atanh -#undef carg -#undef cbrt -#undef ceil -#undef cimag -#undef conj -#undef copysign -#undef cos -#undef cosh -#undef cproj -#undef creal -#undef erf -#undef erfc -#undef exp -#undef exp2 -#undef expm1 -#undef fabs -#undef fdim -#undef floor -#undef fma -#undef fmax -#undef fmin -#undef fmod -#undef frexp -#undef hypot -#undef ilogb -#undef ldexp -#undef lgamma -#undef llrint -#undef llround -#undef log -#undef log10 -#undef log1p -#undef log2 -#undef logb -#undef lrint -#undef lround -#undef nearbyint -#undef nextafter -#undef nexttoward -#undef pow -#undef remainder -#undef remquo -#undef rint -#undef round -#undef scalbln -#undef scalbn -#undef sin -#undef sinh -#undef sqrt -#undef tan -#undef tanh -#undef tgamma -#undef trunc - -/* tg functions */ - -#define acos(x) __tg_real_complex(acos, (x)) -#define acosh(x) __tg_real_complex(acosh, (x)) -#define asin(x) __tg_real_complex(asin, (x)) -#define asinh(x) __tg_real_complex(asinh, (x)) -#define atan(x) __tg_real_complex(atan, (x)) -#define atan2(x,y) __tg_real_2(atan2, (x), (y)) -#define atanh(x) __tg_real_complex(atanh, (x)) -#define carg(x) __tg_complex_retreal(carg, (x)) -#define cbrt(x) __tg_real(cbrt, (x)) -#define ceil(x) __tg_real(ceil, (x)) -#define cimag(x) __tg_complex_retreal(cimag, (x)) -#define conj(x) __tg_complex(conj, (x)) -#define copysign(x,y) __tg_real_2(copysign, (x), (y)) -#define cos(x) __tg_real_complex(cos, (x)) -#define cosh(x) __tg_real_complex(cosh, (x)) -#define cproj(x) __tg_complex(cproj, (x)) -#define creal(x) __tg_complex_retreal(creal, (x)) -#define erf(x) __tg_real(erf, (x)) -#define erfc(x) __tg_real(erfc, (x)) -#define exp(x) __tg_real_complex(exp, (x)) -#define exp2(x) __tg_real(exp2, (x)) -#define expm1(x) __tg_real(expm1, (x)) -#define fabs(x) __tg_real_complex_fabs(x) -#define fdim(x,y) __tg_real_2(fdim, (x), (y)) -#define floor(x) __tg_real(floor, (x)) -#define fma(x,y,z) __tg_real_fma((x), (y), (z)) -#define fmax(x,y) __tg_real_2(fmax, (x), (y)) -#define fmin(x,y) __tg_real_2(fmin, (x), (y)) -#define fmod(x,y) __tg_real_2(fmod, (x), (y)) -#define frexp(x,y) __tg_real_2_1(frexp, (x), (y)) -#define hypot(x,y) __tg_real_2(hypot, (x), (y)) -#define ilogb(x) __tg_real_nocast(ilogb, (x)) -#define ldexp(x,y) __tg_real_2_1(ldexp, (x), (y)) -#define lgamma(x) __tg_real(lgamma, (x)) -#define llrint(x) __tg_real_nocast(llrint, (x)) -#define llround(x) __tg_real_nocast(llround, (x)) -#define log(x) __tg_real_complex(log, (x)) -#define log10(x) __tg_real(log10, (x)) -#define log1p(x) __tg_real(log1p, (x)) -#define log2(x) __tg_real(log2, (x)) -#define logb(x) __tg_real(logb, (x)) -#define lrint(x) __tg_real_nocast(lrint, (x)) -#define lround(x) __tg_real_nocast(lround, (x)) -#define nearbyint(x) __tg_real(nearbyint, (x)) -#define nextafter(x,y) __tg_real_2(nextafter, (x), (y)) -#define nexttoward(x,y) __tg_real_2(nexttoward, (x), (y)) -#define pow(x,y) __tg_real_complex_pow((x), (y)) -#define remainder(x,y) __tg_real_2(remainder, (x), (y)) -#define remquo(x,y,z) __tg_real_remquo((x), (y), (z)) -#define rint(x) __tg_real(rint, (x)) -#define round(x) __tg_real(round, (x)) -#define scalbln(x,y) __tg_real_2_1(scalbln, (x), (y)) -#define scalbn(x,y) __tg_real_2_1(scalbn, (x), (y)) -#define sin(x) __tg_real_complex(sin, (x)) -#define sinh(x) __tg_real_complex(sinh, (x)) -#define sqrt(x) __tg_real_complex(sqrt, (x)) -#define tan(x) __tg_real_complex(tan, (x)) -#define tanh(x) __tg_real_complex(tanh, (x)) -#define tgamma(x) __tg_real(tgamma, (x)) -#define trunc(x) __tg_real(trunc, (x)) - -#endif From 643aa3569cf8cfce393bf841e4155cd8d5794160 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Thu, 2 Mar 2023 23:28:59 +0000 Subject: [PATCH 0590/2573] RULE-21-11: Avoid double reporting macros The macros in tgmath.h often expand to other macros in tgmath.h. This cause the query to report multiple macro violations for the one macro invocation. We exclude macro invocations expanded from other macro invocations from the same file to avoid this double reporting, and produce more useful and stable results across compilers. --- .../StandardHeaderFileTgmathhUsed.ql | 3 +- .../StandardHeaderFileTgmathhUsed.expected | 69 ------------------- 2 files changed, 2 insertions(+), 70 deletions(-) diff --git a/c/misra/src/rules/RULE-21-11/StandardHeaderFileTgmathhUsed.ql b/c/misra/src/rules/RULE-21-11/StandardHeaderFileTgmathhUsed.ql index e45279fb2b..5a33f94fb6 100644 --- a/c/misra/src/rules/RULE-21-11/StandardHeaderFileTgmathhUsed.ql +++ b/c/misra/src/rules/RULE-21-11/StandardHeaderFileTgmathhUsed.ql @@ -17,5 +17,6 @@ from Macro m, MacroInvocation mi where not isExcluded(mi, BannedPackage::standardHeaderFileTgmathhUsedQuery()) and mi.getMacro() = m and - m.getFile().getBaseName() = "tgmath.h" + m.getFile().getBaseName() = "tgmath.h" and + not mi.getParentInvocation().getMacro().getFile().getBaseName() = "tgmath.h" select mi, "Call to banned macro " + m.getName() + "." diff --git a/c/misra/test/rules/RULE-21-11/StandardHeaderFileTgmathhUsed.expected b/c/misra/test/rules/RULE-21-11/StandardHeaderFileTgmathhUsed.expected index 73d5d5e80c..2800d13160 100644 --- a/c/misra/test/rules/RULE-21-11/StandardHeaderFileTgmathhUsed.expected +++ b/c/misra/test/rules/RULE-21-11/StandardHeaderFileTgmathhUsed.expected @@ -1,74 +1,5 @@ -| test.c:5:3:5:9 | __DBLCX(x) | Call to banned macro __DBLCX. | -| test.c:5:3:5:9 | __FLT(x) | Call to banned macro __FLT. | -| test.c:5:3:5:9 | __FLTCX(x) | Call to banned macro __FLTCX. | -| test.c:5:3:5:9 | __IS_CX(x) | Call to banned macro __IS_CX. | -| test.c:5:3:5:9 | __IS_CX(x) | Call to banned macro __IS_CX. | -| test.c:5:3:5:9 | __IS_CX(x) | Call to banned macro __IS_CX. | -| test.c:5:3:5:9 | __IS_FP(x) | Call to banned macro __IS_FP. | -| test.c:5:3:5:9 | __IS_FP(x) | Call to banned macro __IS_FP. | -| test.c:5:3:5:9 | __IS_FP(x) | Call to banned macro __IS_FP. | -| test.c:5:3:5:9 | __IS_FP(x) | Call to banned macro __IS_FP. | -| test.c:5:3:5:9 | __IS_FP(x) | Call to banned macro __IS_FP. | -| test.c:5:3:5:9 | __IS_REAL(x) | Call to banned macro __IS_REAL. | -| test.c:5:3:5:9 | __IS_REAL(x) | Call to banned macro __IS_REAL. | -| test.c:5:3:5:9 | __LDBL(x) | Call to banned macro __LDBL. | -| test.c:5:3:5:9 | __LDBLCX(x) | Call to banned macro __LDBLCX. | -| test.c:5:3:5:9 | __RETCAST(x) | Call to banned macro __RETCAST. | -| test.c:5:3:5:9 | __tg_real_complex(fun,x) | Call to banned macro __tg_real_complex. | | test.c:5:3:5:9 | sqrt(x) | Call to banned macro sqrt. | -| test.c:7:3:7:8 | __DBLCX(x) | Call to banned macro __DBLCX. | -| test.c:7:3:7:8 | __FLT(x) | Call to banned macro __FLT. | -| test.c:7:3:7:8 | __FLTCX(x) | Call to banned macro __FLTCX. | -| test.c:7:3:7:8 | __IS_CX(x) | Call to banned macro __IS_CX. | -| test.c:7:3:7:8 | __IS_CX(x) | Call to banned macro __IS_CX. | -| test.c:7:3:7:8 | __IS_CX(x) | Call to banned macro __IS_CX. | -| test.c:7:3:7:8 | __IS_FP(x) | Call to banned macro __IS_FP. | -| test.c:7:3:7:8 | __IS_FP(x) | Call to banned macro __IS_FP. | -| test.c:7:3:7:8 | __IS_FP(x) | Call to banned macro __IS_FP. | -| test.c:7:3:7:8 | __IS_FP(x) | Call to banned macro __IS_FP. | -| test.c:7:3:7:8 | __IS_FP(x) | Call to banned macro __IS_FP. | -| test.c:7:3:7:8 | __IS_REAL(x) | Call to banned macro __IS_REAL. | -| test.c:7:3:7:8 | __IS_REAL(x) | Call to banned macro __IS_REAL. | -| test.c:7:3:7:8 | __LDBL(x) | Call to banned macro __LDBL. | -| test.c:7:3:7:8 | __LDBLCX(x) | Call to banned macro __LDBLCX. | -| test.c:7:3:7:8 | __RETCAST(x) | Call to banned macro __RETCAST. | -| test.c:7:3:7:8 | __tg_real_complex(fun,x) | Call to banned macro __tg_real_complex. | | test.c:7:3:7:8 | sin(x) | Call to banned macro sin. | -| test.c:10:21:10:28 | __DBLCX(x) | Call to banned macro __DBLCX. | -| test.c:10:21:10:28 | __FLT(x) | Call to banned macro __FLT. | -| test.c:10:21:10:28 | __FLTCX(x) | Call to banned macro __FLTCX. | -| test.c:10:21:10:28 | __IS_CX(x) | Call to banned macro __IS_CX. | -| test.c:10:21:10:28 | __IS_CX(x) | Call to banned macro __IS_CX. | -| test.c:10:21:10:28 | __IS_CX(x) | Call to banned macro __IS_CX. | -| test.c:10:21:10:28 | __IS_FP(x) | Call to banned macro __IS_FP. | -| test.c:10:21:10:28 | __IS_FP(x) | Call to banned macro __IS_FP. | -| test.c:10:21:10:28 | __IS_FP(x) | Call to banned macro __IS_FP. | -| test.c:10:21:10:28 | __IS_FP(x) | Call to banned macro __IS_FP. | -| test.c:10:21:10:28 | __IS_FP(x) | Call to banned macro __IS_FP. | -| test.c:10:21:10:28 | __IS_REAL(x) | Call to banned macro __IS_REAL. | -| test.c:10:21:10:28 | __IS_REAL(x) | Call to banned macro __IS_REAL. | -| test.c:10:21:10:28 | __LDBL(x) | Call to banned macro __LDBL. | -| test.c:10:21:10:28 | __LDBLCX(x) | Call to banned macro __LDBLCX. | -| test.c:10:21:10:28 | __RETCAST(x) | Call to banned macro __RETCAST. | -| test.c:10:21:10:28 | __tg_real_complex(fun,x) | Call to banned macro __tg_real_complex. | | test.c:10:21:10:28 | sqrt(x) | Call to banned macro sqrt. | -| test.c:11:3:11:10 | __FLTCX(x) | Call to banned macro __FLTCX. | -| test.c:11:3:11:10 | __IS_CX(x) | Call to banned macro __IS_CX. | -| test.c:11:3:11:10 | __IS_CX(x) | Call to banned macro __IS_CX. | -| test.c:11:3:11:10 | __IS_FP(x) | Call to banned macro __IS_FP. | -| test.c:11:3:11:10 | __IS_FP(x) | Call to banned macro __IS_FP. | -| test.c:11:3:11:10 | __IS_FP(x) | Call to banned macro __IS_FP. | -| test.c:11:3:11:10 | __LDBLCX(x) | Call to banned macro __LDBLCX. | -| test.c:11:3:11:10 | __RETCAST_REAL(x) | Call to banned macro __RETCAST_REAL. | -| test.c:11:3:11:10 | __tg_complex_retreal(fun,x) | Call to banned macro __tg_complex_retreal. | | test.c:11:3:11:10 | creal(x) | Call to banned macro creal. | -| test.c:12:3:12:10 | __FLTCX(x) | Call to banned macro __FLTCX. | -| test.c:12:3:12:10 | __IS_CX(x) | Call to banned macro __IS_CX. | -| test.c:12:3:12:10 | __IS_CX(x) | Call to banned macro __IS_CX. | -| test.c:12:3:12:10 | __IS_FP(x) | Call to banned macro __IS_FP. | -| test.c:12:3:12:10 | __IS_FP(x) | Call to banned macro __IS_FP. | -| test.c:12:3:12:10 | __IS_FP(x) | Call to banned macro __IS_FP. | -| test.c:12:3:12:10 | __LDBLCX(x) | Call to banned macro __LDBLCX. | -| test.c:12:3:12:10 | __RETCAST_REAL(x) | Call to banned macro __RETCAST_REAL. | -| test.c:12:3:12:10 | __tg_complex_retreal(fun,x) | Call to banned macro __tg_complex_retreal. | | test.c:12:3:12:10 | cimag(x) | Call to banned macro cimag. | From 268d1f4aed0844102707da6e5376e2e5095d22b7 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Thu, 2 Mar 2023 23:33:25 +0000 Subject: [PATCH 0591/2573] RULE-21-12: Simplify alert message, remove fenv.h --- .../ExceptionHandlingFeaturesOfFenvhUsed.ql | 6 +- ...eptionHandlingFeaturesOfFenvhUsed.expected | 24 ++++---- c/misra/test/rules/RULE-21-12/fenv.h | 60 ------------------- c/misra/test/rules/RULE-21-12/test.c | 2 +- 4 files changed, 15 insertions(+), 77 deletions(-) delete mode 100644 c/misra/test/rules/RULE-21-12/fenv.h diff --git a/c/misra/src/rules/RULE-21-12/ExceptionHandlingFeaturesOfFenvhUsed.ql b/c/misra/src/rules/RULE-21-12/ExceptionHandlingFeaturesOfFenvhUsed.ql index 43a46a7e22..6035f15401 100644 --- a/c/misra/src/rules/RULE-21-12/ExceptionHandlingFeaturesOfFenvhUsed.ql +++ b/c/misra/src/rules/RULE-21-12/ExceptionHandlingFeaturesOfFenvhUsed.ql @@ -32,22 +32,20 @@ class FPExceptionHandlingMacro extends Macro { } } -from Locatable call, Locatable def, string name, string kind +from Locatable call, string name, string kind where not isExcluded(call, BannedPackage::exceptionHandlingFeaturesOfFenvhUsedQuery()) and ( exists(FPExceptionHandlingFunction f | - def = f and call = f.getACallToThisFunction() and name = f.getName() and kind = "function" ) or exists(FPExceptionHandlingMacro m | - def = m and call = m.getAnInvocation() and name = m.getName() and kind = "macro" ) ) -select call, "Call to banned " + kind + " $@.", def, name +select call, "Call to banned " + kind + " " + name + "." diff --git a/c/misra/test/rules/RULE-21-12/ExceptionHandlingFeaturesOfFenvhUsed.expected b/c/misra/test/rules/RULE-21-12/ExceptionHandlingFeaturesOfFenvhUsed.expected index 833c2f664f..747b25a2c1 100644 --- a/c/misra/test/rules/RULE-21-12/ExceptionHandlingFeaturesOfFenvhUsed.expected +++ b/c/misra/test/rules/RULE-21-12/ExceptionHandlingFeaturesOfFenvhUsed.expected @@ -1,12 +1,12 @@ -| test.c:4:11:4:23 | call to feclearexcept | Call to banned function $@. | fenv.h:43:5:43:17 | feclearexcept | feclearexcept | -| test.c:4:25:4:34 | FE_INVALID | Call to banned macro $@. | fenv.h:8:1:8:20 | #define FE_INVALID 1 | FE_INVALID | -| test.c:6:3:6:17 | call to fegetexceptflag | Call to banned function $@. | fenv.h:44:5:44:19 | fegetexceptflag | fegetexceptflag | -| test.c:6:24:6:36 | FE_ALL_EXCEPT | Call to banned macro $@. | fenv.h:15:1:15:24 | #define FE_ALL_EXCEPT 63 | FE_ALL_EXCEPT | -| test.c:7:3:7:15 | call to feraiseexcept | Call to banned function $@. | fenv.h:45:5:45:17 | feraiseexcept | feraiseexcept | -| test.c:7:17:7:28 | FE_DIVBYZERO | Call to banned macro $@. | fenv.h:10:1:10:22 | #define FE_DIVBYZERO 4 | FE_DIVBYZERO | -| test.c:8:3:8:15 | call to feraiseexcept | Call to banned function $@. | fenv.h:45:5:45:17 | feraiseexcept | feraiseexcept | -| test.c:8:17:8:27 | FE_OVERFLOW | Call to banned macro $@. | fenv.h:11:1:11:21 | #define FE_OVERFLOW 8 | FE_OVERFLOW | -| test.c:9:3:9:17 | call to fesetexceptflag | Call to banned function $@. | fenv.h:46:5:46:19 | fesetexceptflag | fesetexceptflag | -| test.c:9:24:9:36 | FE_ALL_EXCEPT | Call to banned macro $@. | fenv.h:15:1:15:24 | #define FE_ALL_EXCEPT 63 | FE_ALL_EXCEPT | -| test.c:10:3:10:14 | call to fetestexcept | Call to banned function $@. | fenv.h:47:5:47:16 | fetestexcept | fetestexcept | -| test.c:10:16:10:27 | FE_UNDERFLOW | Call to banned macro $@. | fenv.h:12:1:12:23 | #define FE_UNDERFLOW 16 | FE_UNDERFLOW | +| test.c:4:11:4:23 | call to feclearexcept | Call to banned function feclearexcept. | +| test.c:4:25:4:34 | FE_INVALID | Call to banned macro FE_INVALID. | +| test.c:6:3:6:17 | call to fegetexceptflag | Call to banned function fegetexceptflag. | +| test.c:6:24:6:36 | FE_ALL_EXCEPT | Call to banned macro FE_ALL_EXCEPT. | +| test.c:7:3:7:15 | call to feraiseexcept | Call to banned function feraiseexcept. | +| test.c:7:17:7:28 | FE_DIVBYZERO | Call to banned macro FE_DIVBYZERO. | +| test.c:8:3:8:15 | call to feraiseexcept | Call to banned function feraiseexcept. | +| test.c:8:17:8:27 | FE_OVERFLOW | Call to banned macro FE_OVERFLOW. | +| test.c:9:3:9:17 | call to fesetexceptflag | Call to banned function fesetexceptflag. | +| test.c:9:24:9:36 | FE_ALL_EXCEPT | Call to banned macro FE_ALL_EXCEPT. | +| test.c:10:3:10:14 | call to fetestexcept | Call to banned function fetestexcept. | +| test.c:10:16:10:27 | FE_UNDERFLOW | Call to banned macro FE_UNDERFLOW. | diff --git a/c/misra/test/rules/RULE-21-12/fenv.h b/c/misra/test/rules/RULE-21-12/fenv.h deleted file mode 100644 index 4240535db9..0000000000 --- a/c/misra/test/rules/RULE-21-12/fenv.h +++ /dev/null @@ -1,60 +0,0 @@ -#ifndef _FENV_H -#define _FENV_H - -#ifdef __cplusplus -extern "C" { -#endif - -#define FE_INVALID 1 -#define __FE_DENORM 2 -#define FE_DIVBYZERO 4 -#define FE_OVERFLOW 8 -#define FE_UNDERFLOW 16 -#define FE_INEXACT 32 - -#define FE_ALL_EXCEPT 63 - -#define FE_TONEAREST 0 -#define FE_DOWNWARD 0x400 -#define FE_UPWARD 0x800 -#define FE_TOWARDZERO 0xc00 - -typedef unsigned short fexcept_t; - -typedef struct { - unsigned short __control_word; - unsigned short __unused1; - unsigned short __status_word; - unsigned short __unused2; - unsigned short __tags; - unsigned short __unused3; - unsigned int __eip; - unsigned short __cs_selector; - unsigned int __opcode : 11; - unsigned int __unused4 : 5; - unsigned int __data_offset; - unsigned short __data_selector; - unsigned short __unused5; - unsigned int __mxcsr; -} fenv_t; - -#define FE_DFL_ENV ((const fenv_t *)-1) - -int feclearexcept(int); -int fegetexceptflag(fexcept_t *, int); -int feraiseexcept(int); -int fesetexceptflag(const fexcept_t *, int); -int fetestexcept(int); - -int fegetround(void); -int fesetround(int); - -int fegetenv(fenv_t *); -int feholdexcept(fenv_t *); -int fesetenv(const fenv_t *); -int feupdateenv(const fenv_t *); - -#ifdef __cplusplus -} -#endif -#endif diff --git a/c/misra/test/rules/RULE-21-12/test.c b/c/misra/test/rules/RULE-21-12/test.c index d6cda837a6..ae4d90a402 100644 --- a/c/misra/test/rules/RULE-21-12/test.c +++ b/c/misra/test/rules/RULE-21-12/test.c @@ -1,4 +1,4 @@ -#include "fenv.h" +#include void f2(); void f1() { int i = feclearexcept(FE_INVALID); // NON_COMPLIANT From 25d51c6e6c4ae32fd605308c6a9a362bd4f6e9c6 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Thu, 2 Mar 2023 23:38:01 +0000 Subject: [PATCH 0592/2573] RULE-21-21: Simplify alert message --- c/misra/src/rules/RULE-21-21/SystemOfStdlibhUsed.ql | 2 +- .../test/rules/RULE-21-21/SystemOfStdlibhUsed.expected | 10 +++++----- .../test/rules/RULE-21-21/SystemOfStdlibhUsed.testref | 1 - c/misra/test/rules/RULE-21-21/test.c | 8 ++------ 4 files changed, 8 insertions(+), 13 deletions(-) delete mode 100644 c/misra/test/rules/RULE-21-21/SystemOfStdlibhUsed.testref diff --git a/c/misra/src/rules/RULE-21-21/SystemOfStdlibhUsed.ql b/c/misra/src/rules/RULE-21-21/SystemOfStdlibhUsed.ql index 1b5e8fcaa3..b38f159c14 100644 --- a/c/misra/src/rules/RULE-21-21/SystemOfStdlibhUsed.ql +++ b/c/misra/src/rules/RULE-21-21/SystemOfStdlibhUsed.ql @@ -19,4 +19,4 @@ where not isExcluded(call, BannedPackage::systemOfStdlibhUsedQuery()) and call.getTarget() = target and target.hasGlobalOrStdName("system") -select call, "Call to banned function $@.", target, target.getName() +select call, "Call to banned function " + target.getName() + "." diff --git a/c/misra/test/rules/RULE-21-21/SystemOfStdlibhUsed.expected b/c/misra/test/rules/RULE-21-21/SystemOfStdlibhUsed.expected index 88d809ef37..f3fc1204c4 100644 --- a/c/misra/test/rules/RULE-21-21/SystemOfStdlibhUsed.expected +++ b/c/misra/test/rules/RULE-21-21/SystemOfStdlibhUsed.expected @@ -1,5 +1,5 @@ -| test.c:10:3:10:8 | call to system | Call to banned function $@. | test.c:4:5:4:10 | system | system | -| test.c:18:3:18:8 | call to system | Call to banned function $@. | test.c:4:5:4:10 | system | system | -| test.c:19:3:19:8 | call to system | Call to banned function $@. | test.c:4:5:4:10 | system | system | -| test.c:20:3:20:8 | call to system | Call to banned function $@. | test.c:4:5:4:10 | system | system | -| test.c:21:3:21:8 | call to system | Call to banned function $@. | test.c:4:5:4:10 | system | system | +| test.c:6:3:6:8 | call to system | Call to banned function system. | +| test.c:14:3:14:8 | call to system | Call to banned function system. | +| test.c:15:3:15:8 | call to system | Call to banned function system. | +| test.c:16:3:16:8 | call to system | Call to banned function system. | +| test.c:17:3:17:8 | call to system | Call to banned function system. | diff --git a/c/misra/test/rules/RULE-21-21/SystemOfStdlibhUsed.testref b/c/misra/test/rules/RULE-21-21/SystemOfStdlibhUsed.testref deleted file mode 100644 index a71ee90500..0000000000 --- a/c/misra/test/rules/RULE-21-21/SystemOfStdlibhUsed.testref +++ /dev/null @@ -1 +0,0 @@ -c/common/test/rules/systemused/SystemUsed.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-21/test.c b/c/misra/test/rules/RULE-21-21/test.c index 5040bba006..ff8522cb28 100644 --- a/c/misra/test/rules/RULE-21-21/test.c +++ b/c/misra/test/rules/RULE-21-21/test.c @@ -1,9 +1,5 @@ -typedef struct _FILE FILE; -#define NULL (void *)0 - -int system(const char *); -void abort(void); -FILE *popen(const char *, const char *); +#include +#include void f1(const char *p1) { FILE *l1; From 213047771ca2a0b4eccefb09d1d85c40bc55411d Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Tue, 19 Jul 2022 20:31:42 +0200 Subject: [PATCH 0593/2573] Upgrade `github/codeql` dependency to 2.10.5 --- c/cert/src/codeql-pack.lock.yml | 2 +- c/cert/src/qlpack.yml | 2 +- c/cert/test/codeql-pack.lock.yml | 2 +- c/common/src/codeql-pack.lock.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/codeql-pack.lock.yml | 2 +- c/misra/src/codeql-pack.lock.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/codeql-pack.lock.yml | 2 +- .../2022-06-28-detect-static-namespace-members.md | 6 ++++++ cpp/autosar/src/codeql-pack.lock.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/codeql-pack.lock.yml | 2 +- ...entifierNameOfStaticFunctionReusedInNamespace.expected | 2 ++ ...rNameOfStaticNonMemberObjectReusedInNamespace.expected | 2 ++ cpp/autosar/test/rules/A2-10-4/test1b.cpp | 5 ++--- ...erObjectWithExternalOrInternalLinkageIsReused.expected | 8 ++++---- .../IdentifierNameOfAStaticFunctionIsReused.expected | 4 ++-- cpp/autosar/test/rules/A2-10-5/test1b.cpp | 3 +-- cpp/cert/src/codeql-pack.lock.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/codeql-pack.lock.yml | 2 +- cpp/common/src/codeql-pack.lock.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/codeql-pack.lock.yml | 2 +- cpp/misra/src/codeql-pack.lock.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/codeql-pack.lock.yml | 2 +- cpp/report/src/codeql-pack.lock.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- scripts/generate_modules/queries/codeql-pack.lock.yml | 2 +- scripts/generate_modules/queries/qlpack.yml | 2 +- supported_codeql_configs.json | 6 +++--- 33 files changed, 47 insertions(+), 39 deletions(-) create mode 100644 change_notes/2022-06-28-detect-static-namespace-members.md diff --git a/c/cert/src/codeql-pack.lock.yml b/c/cert/src/codeql-pack.lock.yml index b0f02a9d1f..1da7b6075b 100644 --- a/c/cert/src/codeql-pack.lock.yml +++ b/c/cert/src/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.2.3 + version: 0.3.5 compiled: false lockVersion: 1.0.0 diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index fa4eeacaf1..db1a0c0e89 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -5,4 +5,4 @@ suites: codeql-suites license: MIT dependencies: codeql/common-c-coding-standards: '*' - codeql/cpp-all: 0.2.3 + codeql/cpp-all: 0.3.5 diff --git a/c/cert/test/codeql-pack.lock.yml b/c/cert/test/codeql-pack.lock.yml index b0f02a9d1f..1da7b6075b 100644 --- a/c/cert/test/codeql-pack.lock.yml +++ b/c/cert/test/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.2.3 + version: 0.3.5 compiled: false lockVersion: 1.0.0 diff --git a/c/common/src/codeql-pack.lock.yml b/c/common/src/codeql-pack.lock.yml index b0f02a9d1f..1da7b6075b 100644 --- a/c/common/src/codeql-pack.lock.yml +++ b/c/common/src/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.2.3 + version: 0.3.5 compiled: false lockVersion: 1.0.0 diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index e6f76013d7..87360ed2c3 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -3,4 +3,4 @@ version: 2.14.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.2.3 + codeql/cpp-all: 0.3.5 diff --git a/c/common/test/codeql-pack.lock.yml b/c/common/test/codeql-pack.lock.yml index b0f02a9d1f..1da7b6075b 100644 --- a/c/common/test/codeql-pack.lock.yml +++ b/c/common/test/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.2.3 + version: 0.3.5 compiled: false lockVersion: 1.0.0 diff --git a/c/misra/src/codeql-pack.lock.yml b/c/misra/src/codeql-pack.lock.yml index b0f02a9d1f..1da7b6075b 100644 --- a/c/misra/src/codeql-pack.lock.yml +++ b/c/misra/src/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.2.3 + version: 0.3.5 compiled: false lockVersion: 1.0.0 diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 7a3dda42cc..1da16038bc 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -5,4 +5,4 @@ suites: codeql-suites license: MIT dependencies: codeql/common-c-coding-standards: '*' - codeql/cpp-all: 0.2.3 + codeql/cpp-all: 0.3.5 diff --git a/c/misra/test/codeql-pack.lock.yml b/c/misra/test/codeql-pack.lock.yml index b0f02a9d1f..1da7b6075b 100644 --- a/c/misra/test/codeql-pack.lock.yml +++ b/c/misra/test/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.2.3 + version: 0.3.5 compiled: false lockVersion: 1.0.0 diff --git a/change_notes/2022-06-28-detect-static-namespace-members.md b/change_notes/2022-06-28-detect-static-namespace-members.md new file mode 100644 index 0000000000..05af4deb79 --- /dev/null +++ b/change_notes/2022-06-28-detect-static-namespace-members.md @@ -0,0 +1,6 @@ +- `A2-10-4` - `IdentifierNameOfStaticFunctionReusedInNamespace.ql`: + - Reuse of an identifier name of a static function in a namespace is now detected. +- `A2-10-4` - `IdentifierNameOfStaticNonMemberObjectReusedInNamespace.ql`: + - Reuse of an identifier name of a static non-member object in a namespace is now detected. +- `A2-10-5` - `IdentifierNameOfStaticNonMemberObjectWithExternalOrInternalLinkageIsReused.ql`: + - Reuse of an identifier name of a static non-member object with internal linkage in a namespace is now detected. diff --git a/cpp/autosar/src/codeql-pack.lock.yml b/cpp/autosar/src/codeql-pack.lock.yml index b0f02a9d1f..1da7b6075b 100644 --- a/cpp/autosar/src/codeql-pack.lock.yml +++ b/cpp/autosar/src/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.2.3 + version: 0.3.5 compiled: false lockVersion: 1.0.0 diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index 50dfb98efe..b866eebf80 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -5,4 +5,4 @@ suites: codeql-suites license: MIT dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.2.3 + codeql/cpp-all: 0.3.5 diff --git a/cpp/autosar/test/codeql-pack.lock.yml b/cpp/autosar/test/codeql-pack.lock.yml index b0f02a9d1f..1da7b6075b 100644 --- a/cpp/autosar/test/codeql-pack.lock.yml +++ b/cpp/autosar/test/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.2.3 + version: 0.3.5 compiled: false lockVersion: 1.0.0 diff --git a/cpp/autosar/test/rules/A2-10-4/IdentifierNameOfStaticFunctionReusedInNamespace.expected b/cpp/autosar/test/rules/A2-10-4/IdentifierNameOfStaticFunctionReusedInNamespace.expected index e69de29bb2..180e52c6f1 100644 --- a/cpp/autosar/test/rules/A2-10-4/IdentifierNameOfStaticFunctionReusedInNamespace.expected +++ b/cpp/autosar/test/rules/A2-10-4/IdentifierNameOfStaticFunctionReusedInNamespace.expected @@ -0,0 +1,2 @@ +| test1a.cpp:13:13:13:14 | f1 | Static function $@ reuses identifier of $@ | test1a.cpp:13:13:13:14 | f1 | f1 | test1b.cpp:6:13:6:14 | f1 | f1 | +| test1b.cpp:6:13:6:14 | f1 | Static function $@ reuses identifier of $@ | test1b.cpp:6:13:6:14 | f1 | f1 | test1a.cpp:13:13:13:14 | f1 | f1 | diff --git a/cpp/autosar/test/rules/A2-10-4/IdentifierNameOfStaticNonMemberObjectReusedInNamespace.expected b/cpp/autosar/test/rules/A2-10-4/IdentifierNameOfStaticNonMemberObjectReusedInNamespace.expected index e69de29bb2..9eef8da1b5 100644 --- a/cpp/autosar/test/rules/A2-10-4/IdentifierNameOfStaticNonMemberObjectReusedInNamespace.expected +++ b/cpp/autosar/test/rules/A2-10-4/IdentifierNameOfStaticNonMemberObjectReusedInNamespace.expected @@ -0,0 +1,2 @@ +| test1a.cpp:2:12:2:13 | v1 | Non-member static object $@ reuses identifier name of non-member static object $@ | test1a.cpp:2:12:2:13 | v1 | v1 | test1b.cpp:2:12:2:13 | v1 | v1 | +| test1b.cpp:2:12:2:13 | v1 | Non-member static object $@ reuses identifier name of non-member static object $@ | test1b.cpp:2:12:2:13 | v1 | v1 | test1a.cpp:2:12:2:13 | v1 | v1 | diff --git a/cpp/autosar/test/rules/A2-10-4/test1b.cpp b/cpp/autosar/test/rules/A2-10-4/test1b.cpp index 49a01226c3..c8a0e8a4b5 100644 --- a/cpp/autosar/test/rules/A2-10-4/test1b.cpp +++ b/cpp/autosar/test/rules/A2-10-4/test1b.cpp @@ -3,7 +3,6 @@ static int v1 = 3; // NON_COMPLIANT } // namespace ns1 namespace ns3 { -static void f1() {} // NON_COMPLIANT - Not accepted by Clang linker and - // therefore not alerted upon. +static void f1() {} // NON_COMPLIANT - Not accepted by Clang linker void f2() {} // COMPLIANT - Not accepted by Clang linker -} // namespace ns3 \ No newline at end of file +} // namespace ns3 diff --git a/cpp/autosar/test/rules/A2-10-5/IdentifierNameOfANonMemberObjectWithExternalOrInternalLinkageIsReused.expected b/cpp/autosar/test/rules/A2-10-5/IdentifierNameOfANonMemberObjectWithExternalOrInternalLinkageIsReused.expected index d06e645044..83409a78a2 100644 --- a/cpp/autosar/test/rules/A2-10-5/IdentifierNameOfANonMemberObjectWithExternalOrInternalLinkageIsReused.expected +++ b/cpp/autosar/test/rules/A2-10-5/IdentifierNameOfANonMemberObjectWithExternalOrInternalLinkageIsReused.expected @@ -1,4 +1,4 @@ -| test1a.cpp:6:12:6:13 | g3 | Identifier name of non-member object $@ reuses the identifier name of non-member object $@. | test1a.cpp:6:12:6:13 | g3 | g3 | test1b.cpp:7:12:7:13 | g3 | g3 | -| test1a.cpp:17:43:17:43 | number_two | Identifier name of non-member object $@ reuses the identifier name of non-member object $@. | test1a.cpp:17:43:17:43 | number_two | number_two | test1b.cpp:12:43:12:43 | number_two | number_two | -| test1b.cpp:7:12:7:13 | g3 | Identifier name of non-member object $@ reuses the identifier name of non-member object $@. | test1b.cpp:7:12:7:13 | g3 | g3 | test1a.cpp:6:12:6:13 | g3 | g3 | -| test1b.cpp:12:43:12:43 | number_two | Identifier name of non-member object $@ reuses the identifier name of non-member object $@. | test1b.cpp:12:43:12:43 | number_two | number_two | test1a.cpp:17:43:17:43 | number_two | number_two | +| test1a.cpp:2:12:2:13 | g1 | Identifier name of non-member object $@ reuses the identifier name of non-member object $@. | test1a.cpp:2:12:2:13 | g1 | g1 | test1b.cpp:2:12:2:13 | g1 | g1 | +| test1a.cpp:6:12:6:13 | g3 | Identifier name of non-member object $@ reuses the identifier name of non-member object $@. | test1a.cpp:6:12:6:13 | g3 | g3 | test1b.cpp:6:12:6:13 | g3 | g3 | +| test1b.cpp:2:12:2:13 | g1 | Identifier name of non-member object $@ reuses the identifier name of non-member object $@. | test1b.cpp:2:12:2:13 | g1 | g1 | test1a.cpp:2:12:2:13 | g1 | g1 | +| test1b.cpp:6:12:6:13 | g3 | Identifier name of non-member object $@ reuses the identifier name of non-member object $@. | test1b.cpp:6:12:6:13 | g3 | g3 | test1a.cpp:6:12:6:13 | g3 | g3 | \ No newline at end of file diff --git a/cpp/autosar/test/rules/A2-10-5/IdentifierNameOfAStaticFunctionIsReused.expected b/cpp/autosar/test/rules/A2-10-5/IdentifierNameOfAStaticFunctionIsReused.expected index d84cdee2b0..c9eea3450b 100644 --- a/cpp/autosar/test/rules/A2-10-5/IdentifierNameOfAStaticFunctionIsReused.expected +++ b/cpp/autosar/test/rules/A2-10-5/IdentifierNameOfAStaticFunctionIsReused.expected @@ -1,2 +1,2 @@ -| test1a.cpp:7:13:7:14 | f1 | Identifier name of static function $@ reuses identifier name of static function $@ | test1a.cpp:7:13:7:14 | f1 | f1 | test1b.cpp:10:13:10:14 | f1 | f1 | -| test1b.cpp:10:13:10:14 | f1 | Identifier name of static function $@ reuses identifier name of static function $@ | test1b.cpp:10:13:10:14 | f1 | f1 | test1a.cpp:7:13:7:14 | f1 | f1 | +| test1a.cpp:7:13:7:14 | f1 | Identifier name of static function $@ reuses identifier name of static function $@ | test1a.cpp:7:13:7:14 | f1 | f1 | test1b.cpp:9:13:9:14 | f1 | f1 | +| test1b.cpp:9:13:9:14 | f1 | Identifier name of static function $@ reuses identifier name of static function $@ | test1b.cpp:9:13:9:14 | f1 | f1 | test1a.cpp:7:13:7:14 | f1 | f1 | diff --git a/cpp/autosar/test/rules/A2-10-5/test1b.cpp b/cpp/autosar/test/rules/A2-10-5/test1b.cpp index f292164478..132588d5dd 100644 --- a/cpp/autosar/test/rules/A2-10-5/test1b.cpp +++ b/cpp/autosar/test/rules/A2-10-5/test1b.cpp @@ -1,6 +1,5 @@ namespace n1 { -static int g1 = 1; // NON_COMPLIANT[FALSE_NEGATIVE], considered the same as - // n1::g1 in test1a.cpp. +static int g1 = 1; // NON_COMPLIANT } namespace n2 { diff --git a/cpp/cert/src/codeql-pack.lock.yml b/cpp/cert/src/codeql-pack.lock.yml index b0f02a9d1f..1da7b6075b 100644 --- a/cpp/cert/src/codeql-pack.lock.yml +++ b/cpp/cert/src/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.2.3 + version: 0.3.5 compiled: false lockVersion: 1.0.0 diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index 8be0dbd8b7..bf3b7debef 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -4,5 +4,5 @@ description: CERT C++ 2016 suites: codeql-suites license: MIT dependencies: - codeql/cpp-all: 0.2.3 + codeql/cpp-all: 0.3.5 codeql/common-cpp-coding-standards: '*' diff --git a/cpp/cert/test/codeql-pack.lock.yml b/cpp/cert/test/codeql-pack.lock.yml index b0f02a9d1f..1da7b6075b 100644 --- a/cpp/cert/test/codeql-pack.lock.yml +++ b/cpp/cert/test/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.2.3 + version: 0.3.5 compiled: false lockVersion: 1.0.0 diff --git a/cpp/common/src/codeql-pack.lock.yml b/cpp/common/src/codeql-pack.lock.yml index b0f02a9d1f..1da7b6075b 100644 --- a/cpp/common/src/codeql-pack.lock.yml +++ b/cpp/common/src/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.2.3 + version: 0.3.5 compiled: false lockVersion: 1.0.0 diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index efb4c0875f..21edb7d16c 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/common-cpp-coding-standards version: 2.14.0-dev license: MIT dependencies: - codeql/cpp-all: 0.2.3 + codeql/cpp-all: 0.3.5 diff --git a/cpp/common/test/codeql-pack.lock.yml b/cpp/common/test/codeql-pack.lock.yml index b0f02a9d1f..1da7b6075b 100644 --- a/cpp/common/test/codeql-pack.lock.yml +++ b/cpp/common/test/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.2.3 + version: 0.3.5 compiled: false lockVersion: 1.0.0 diff --git a/cpp/misra/src/codeql-pack.lock.yml b/cpp/misra/src/codeql-pack.lock.yml index b0f02a9d1f..1da7b6075b 100644 --- a/cpp/misra/src/codeql-pack.lock.yml +++ b/cpp/misra/src/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.2.3 + version: 0.3.5 compiled: false lockVersion: 1.0.0 diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index a6c5037b81..6d9466e54c 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -5,4 +5,4 @@ suites: codeql-suites license: MIT dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.2.3 + codeql/cpp-all: 0.3.5 diff --git a/cpp/misra/test/codeql-pack.lock.yml b/cpp/misra/test/codeql-pack.lock.yml index b0f02a9d1f..1da7b6075b 100644 --- a/cpp/misra/test/codeql-pack.lock.yml +++ b/cpp/misra/test/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.2.3 + version: 0.3.5 compiled: false lockVersion: 1.0.0 diff --git a/cpp/report/src/codeql-pack.lock.yml b/cpp/report/src/codeql-pack.lock.yml index b0f02a9d1f..1da7b6075b 100644 --- a/cpp/report/src/codeql-pack.lock.yml +++ b/cpp/report/src/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.2.3 + version: 0.3.5 compiled: false lockVersion: 1.0.0 diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index 595af25c12..5b5636744d 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/report-cpp-coding-standards version: 2.14.0-dev license: MIT dependencies: - codeql/cpp-all: 0.2.3 + codeql/cpp-all: 0.3.5 diff --git a/scripts/generate_modules/queries/codeql-pack.lock.yml b/scripts/generate_modules/queries/codeql-pack.lock.yml index b0f02a9d1f..1da7b6075b 100644 --- a/scripts/generate_modules/queries/codeql-pack.lock.yml +++ b/scripts/generate_modules/queries/codeql-pack.lock.yml @@ -1,6 +1,6 @@ --- dependencies: codeql/cpp-all: - version: 0.2.3 + version: 0.3.5 compiled: false lockVersion: 1.0.0 diff --git a/scripts/generate_modules/queries/qlpack.yml b/scripts/generate_modules/queries/qlpack.yml index 29906305c6..76ee66f817 100644 --- a/scripts/generate_modules/queries/qlpack.yml +++ b/scripts/generate_modules/queries/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/standard-library-extraction-cpp-coding-standards version: 0.0.0 license: MIT dependencies: - codeql/cpp-all: 0.2.3 + codeql/cpp-all: 0.3.5 diff --git a/supported_codeql_configs.json b/supported_codeql_configs.json index 269af480e3..b87a09bef6 100644 --- a/supported_codeql_configs.json +++ b/supported_codeql_configs.json @@ -1,9 +1,9 @@ { "supported_environment": [ { - "codeql_cli": "2.9.4", - "codeql_standard_library": "codeql-cli/v2.9.4", - "codeql_cli_bundle": "codeql-bundle-20220615" + "codeql_cli": "2.10.5", + "codeql_standard_library": "codeql-cli/v2.10.5", + "codeql_cli_bundle": "codeql-bundle-20220908" } ], "supported_language" : [ From cdb3ab620c3a11caa94ae273cbd7cb2ed31812f5 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Thu, 2 Mar 2023 23:39:42 +0000 Subject: [PATCH 0594/2573] Add change note. --- change_notes/2023-03-02-simplify-stdlib-queries.md | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 change_notes/2023-03-02-simplify-stdlib-queries.md diff --git a/change_notes/2023-03-02-simplify-stdlib-queries.md b/change_notes/2023-03-02-simplify-stdlib-queries.md new file mode 100644 index 0000000000..b705ec993f --- /dev/null +++ b/change_notes/2023-03-02-simplify-stdlib-queries.md @@ -0,0 +1,11 @@ + * Improved alert message to avoid reporting locations in standard header files, which cannot be viewed in Code Scanning, in the following queries: + - `Rule 21.4` + - `Rule 21.5` + - `Rule 21.6` + - `Rule 21.7` + - `Rule 21.8` + - `Rule 21.9` + - `Rule 21.10` + - `Rule 21.11` + - `Rule 21.12` + - `Rule 21.21` \ No newline at end of file From f0dcebe76263e202698d14c1345010043e6bda11 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Tue, 30 Aug 2022 14:23:07 +0200 Subject: [PATCH 0595/2573] Replace `XMLElement` by `XmlElement` and `XMLFile` by `XmlFile` `XMLElement` and `XMLFile` are deprecated from CodeQL 2.10.4 onwards. `XmlElement` and `XmlFile` are their direct replacements. --- .../cpp/deviations/Deviations.qll | 763 +++++++++--------- 1 file changed, 382 insertions(+), 381 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll b/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll index 9399607e3d..a1f69b2f51 100644 --- a/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll +++ b/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll @@ -4,384 +4,385 @@ * The deviation model is based on the "MISRA Compliance 2020" document. */ -import cpp -import semmle.code.cpp.XML -import codingstandards.cpp.exclusions.RuleMetadata -import codingstandards.cpp.Config - -predicate applyDeviationsAtQueryLevel() { - not exists(CodingStandardsReportDeviatedAlerts reportDeviatedResults | - // There exists at least one `report-deviated-alerts: true` command in the repository - reportDeviatedResults.getTextValue().trim() = "true" - ) -} - -/** An element which tells the analysis whether to report deviated results. */ -class CodingStandardsReportDeviatedAlerts extends XMLElement { - CodingStandardsReportDeviatedAlerts() { - getParent() instanceof CodingStandardsConfig and - hasName("report-deviated-alerts") - } -} - -/** A container of deviation records. */ -class DeviationRecords extends CodingStandardsConfigSection { - DeviationRecords() { hasName("deviations") } -} - -/** A container for the deviation permits records. */ -class DeviationPermits extends CodingStandardsConfigSection { - DeviationPermits() { hasName("deviation-permits") } -} - -/** A deviation permit record, that is specified by a permit identifier */ -class DeviationPermit extends XMLElement { - DeviationPermit() { - getParent() instanceof DeviationPermits and - hasName("deviation-permits-entry") - } - - string getRawScope() { result = getAChild("scope").getTextValue() } - - predicate hasScope() { exists(getRawScope()) } - - string getScope() { if hasScope() then result = getRawScope() else result = "" } - - string getRawJustification() { result = getAChild("justification").getTextValue() } - - predicate hasJustification() { exists(getRawJustification()) } - - string getJustification() { - if hasJustification() then result = getRawJustification() else result = "" - } - - string getRawBackground() { result = getAChild("background").getTextValue() } - - predicate hasBackground() { exists(getRawBackground()) } - - string getBackground() { if hasBackground() then result = getRawBackground() else result = "" } - - string getRawRequirements() { result = getAChild("requirements").getTextValue() } - - predicate hasRequirements() { exists(getRawRequirements()) } - - string getRequirements() { - if hasRequirements() then result = getRawRequirements() else result = "" - } - - string getRawPermitId() { result = getAChild("permit-id").getTextValue() } - - predicate hasPermitId() { exists(getRawPermitId()) } - - string getPermitId() { - // In the case of the permit identifier we do not return an empty string because that can - // result in spurious matches when an invalid permit without an id is specified, because - // the record returns an empty string for the permit id if it is not specified. - result = getRawPermitId() - } - - predicate hasCodeIdentifier() { exists(getAChild("code-identifier")) } - - /** Gets the code identifier associated with this deviation record, if any. */ - string getCodeIdentifier() { result = getAChild("code-identifier").getTextValue() } - - /** Gets the `rule-id` specified for this record, if any. */ - string getRawRuleId() { result = getAChild("rule-id").getTextValue() } - - predicate hasRuleId() { exists(getRawRuleId()) } - - string getRuleId() { if hasRuleId() then result = getRawRuleId() else result = "" } - - /** Gets the `query-id` specified for this record, if any. */ - string getRawQueryId() { result = getAChild("query-id").getTextValue() } - - predicate hasQueryId() { exists(getRawQueryId()) } - - string getQueryId() { if hasQueryId() then result = getRawQueryId() else result = "" } - - /** If the permit is invalid, get a string describing a reason for it being invalid. */ - string getAnInvalidPermitReason() { - not hasPermitId() and result = "Deviation permit does not specify a permit identifier." - or - exists(string childName | - exists(getAChild(childName)) and - not childName in [ - "permit-id", "rule-id", "query-id", "code-identifier", "scope", "justification", - "background", "requirements" - ] and - result = "Deviation permit specifies unknown property `" + childName + "`." - ) - } - - /** Holds if the deviation record is valid */ - predicate isDeviationPermitValid() { not exists(getAnInvalidPermitReason()) } -} - -/** A deviation record, that is a specified rule or query */ -class DeviationRecord extends XMLElement { - DeviationRecord() { - getParent() instanceof DeviationRecords and - hasName("deviations-entry") - } - - private string getRawScope() { result = getAChild("scope").getTextValue() } - - private string getRawJustification() { result = getAChild("justification").getTextValue() } - - private string getRawBackground() { result = getAChild("background").getTextValue() } - - private string getRawRequirements() { result = getAChild("requirements").getTextValue() } - - private string getRawPermitId() { result = getAChild("permit-id").getTextValue() } - - private XMLElement getRawRaisedBy() { result = getAChild("raised-by") } - - private string getRawRaisedByName() { result = getRawRaisedBy().getAChild("name").getTextValue() } - - private string getRawRaisedByDate() { result = getRawRaisedBy().getAChild("date").getTextValue() } - - private XMLElement getRawApprovedBy() { result = getAChild("approved-by") } - - private string getRawApprovedByName() { - result = getRawApprovedBy().getAChild("name").getTextValue() - } - - private string getRawApprovedByDate() { - result = getRawApprovedBy().getAChild("date").getTextValue() - } - - predicate hasRaisedBy() { exists(getRawRaisedBy()) } - - predicate hasApprovedBy() { exists(getRawApprovedBy()) } - - string getRaisedByName() { - if exists(getRawRaisedByName()) then result = getRawRaisedByName() else result = "" - } - - string getRaisedByDate() { - if exists(getRawRaisedByDate()) then result = getRawRaisedByDate() else result = "" - } - - string getApprovedByName() { - if exists(getRawApprovedByName()) then result = getRawApprovedByName() else result = "" - } - - string getApprovedByDate() { - if exists(getRawApprovedByDate()) then result = getRawApprovedByDate() else result = "" - } - - string getScope() { - if exists(getRawScope()) - then result = getRawScope() - else - if getADeviationPermit().hasScope() - then result = getADeviationPermit().getScope() - else result = "" - } - - string getJustification() { - if exists(getRawJustification()) - then result = getRawJustification() - else - if getADeviationPermit().hasJustification() - then result = getADeviationPermit().getJustification() - else result = "" - } - - string getBackground() { - if exists(getRawBackground()) - then result = getRawBackground() - else - if getADeviationPermit().hasBackground() - then result = getADeviationPermit().getBackground() - else result = "" - } - - string getRequirements() { - if exists(getRawRequirements()) - then result = getRawRequirements() - else - if getADeviationPermit().hasRequirements() - then result = getADeviationPermit().getRequirements() - else result = "" - } - - string getPermitId() { - if exists(getRawPermitId()) then result = getRawPermitId() else result = "" - } - - predicate hasPermitId() { exists(getRawPermitId()) } - - /** Gets the code identifier associated with this deviation record, if any. */ - string getCodeIdentifier() { - if exists(getAChild("code-identifier").getTextValue()) - then result = getAChild("code-identifier").getTextValue() - else result = getADeviationPermit().getCodeIdentifier() - } - - /** Gets a comment which starts or ends with the code identifier comment. */ - Comment getACodeIdentifierComment() { - exists(string text | - ( - result instanceof CppStyleComment and - // strip the beginning slashes - text = result.getContents().suffix(2).trim() - or - result instanceof CStyleComment and - // strip both the beginning /* and the end */ the comment - exists(string text0 | - text0 = result.getContents().suffix(2) and - text = text0.prefix(text0.length() - 2).trim() - ) and - // The /* */ comment must be a single-line comment - not text.matches("%\n%") - ) and - ( - // Code identifier appears at the start of the comment (modulo whitespace) - text.prefix(getCodeIdentifier().length()) = getCodeIdentifier() - or - // Code identifier appears at the end of the comment (modulo whitespace) - text.suffix(text.length() - getCodeIdentifier().length()) = getCodeIdentifier() - ) - ) - } - - /** Gets the `rule-id` specified for this record, if any. */ - private string getRawRuleId() { result = getAChild("rule-id").getTextValue() } - - string getRuleId() { - if exists(getRawRuleId()) - then result = getRawRuleId() - else - if exists(DeviationPermit dp | dp.getPermitId() = getPermitId() and dp.hasRuleId()) - then - exists(DeviationPermit dp | - dp.getPermitId() = getPermitId() and dp.hasRuleId() and result = dp.getRuleId() - ) - else result = "" - } - - predicate hasRuleId() { not exists(string id | id = getRuleId() and id = "") } - - /** Gets the `query-id` specified for this record, if any. */ - private string getRawQueryId() { result = getAChild("query-id").getTextValue() } - - string getQueryId() { - if exists(getRawQueryId()) - then result = getRawQueryId() - else - if getADeviationPermit().hasQueryId() - then result = getADeviationPermit().getQueryId() - else result = "" - } - - predicate hasQueryId() { not exists(string id | id = getQueryId() and id = "") } - - DeviationPermit getADeviationPermit() { - exists(DeviationPermit dp | dp.getPermitId() = getPermitId() | result = dp) - } - - predicate hasADeviationPermit() { exists(getADeviationPermit()) } - - /** If the record is invalid, get a string describing a reason for it being invalid. */ - string getAnInvalidRecordReason() { - not hasRuleId() and - not hasQueryId() and - result = "No rule-id and query-id specified for this deviation record." - or - hasRuleId() and - not exists(Query q | q.getRuleId() = getRuleId()) and - result = - "The rule-id `" + getRuleId() + "` for this deviation matches none of the available queries." - or - hasQueryId() and - not hasRuleId() and - result = - "A query-id of `" + getQueryId() + - "` is specified for this deviation, but not rule-id is specified." - or - hasRuleId() and - hasQueryId() and - not exists(Query q | q.getQueryId() = getQueryId() and q.getRuleId() = getRuleId()) and - result = - "There is no query which matches both the rule-id `" + getRuleId() + "` and the query-id `" + - getQueryId() + "`." - or - hasRaisedBy() and - not hasApprovedBy() and - result = "A deviation `raised-by` is specified without providing an `approved-by`." - or - not hasRaisedBy() and - hasApprovedBy() and - result = "A deviation `approved-by` is specified without providing a `raised-by`." - or - hasRaisedBy() and - not (exists(getRawRaisedByName()) and exists(getRawRaisedByDate())) and - result = "A deviation `raised-by` is specified without providing both a `name` and `date`." - or - hasApprovedBy() and - not (exists(getRawApprovedByName()) and exists(getRawApprovedByDate())) and - result = "A deviation `approved-by` is specified without providing both a `name` and `date`." - or - exists(DeviationPermit dp | - dp = getADeviationPermit() and - not dp.isDeviationPermitValid() and - result = "A deviation with an invalid deviation permit identified by `" + getPermitId() + "`." - ) - or - hasPermitId() and - not hasADeviationPermit() and - result = "There is no deviation permit with id `" + getPermitId() + "`." - or - exists(Query q | q.getQueryId() = getQueryId() | - not q.getEffectiveCategory().permitsDeviation() and - result = - "The deviation is applied to a query with the rule category '" + - q.getEffectiveCategory().toString() + "' that does not permit a deviation." - ) - } - - /** Holds if the deviation record is valid */ - predicate isDeviationRecordValid() { not exists(getAnInvalidRecordReason()) } - - /** - * Gets the query or queries to which this deviation record applies. - */ - Query getQuery() { - isDeviationRecordValid() and - result.getRuleId() = getRuleId() - } - - /** Gets a `Container` representing a path this record applies to, if any. */ - private Container getPathAContainer() { - not this.getFile().getParentContainer().getRelativePath() = "" and - result.getRelativePath() = - this.getFile().getParentContainer().getRelativePath() + "/" + - getAChild("paths").getAChild("paths-entry").getTextValue() - or - this.getFile().getParentContainer().getRelativePath() = "" and - result.getRelativePath() = getAChild("paths").getAChild("paths-entry").getTextValue() - } - - /** Gets a path to which this deviation applies. */ - string getADeviationPath() { - ( - if exists(getPathAContainer()) - then - // Use the path, which will be relative to this file, if specified - result = getPathAContainer().getRelativePath() - else ( - // Otherwise, if no code identifier was supplied, it applies to the parent container of the - // file itself - not exists(getCodeIdentifier()) and - result = this.getFile().getParentContainer().getRelativePath() - ) - ) - } - - cached - predicate isDeviated(Query query, string deviationPath) { - query = getQuery() and - deviationPath = getADeviationPath() - } -} + import cpp + import semmle.code.cpp.XML + import codingstandards.cpp.exclusions.RuleMetadata + import codingstandards.cpp.Config + + predicate applyDeviationsAtQueryLevel() { + not exists(CodingStandardsReportDeviatedAlerts reportDeviatedResults | + // There exists at least one `report-deviated-alerts: true` command in the repository + reportDeviatedResults.getTextValue().trim() = "true" + ) + } + + /** An element which tells the analysis whether to report deviated results. */ + class CodingStandardsReportDeviatedAlerts extends XMLElement { + CodingStandardsReportDeviatedAlerts() { + getParent() instanceof CodingStandardsConfig and + hasName("report-deviated-alerts") + } + } + + /** A container of deviation records. */ + class DeviationRecords extends CodingStandardsConfigSection { + DeviationRecords() { hasName("deviations") } + } + + /** A container for the deviation permits records. */ + class DeviationPermits extends CodingStandardsConfigSection { + DeviationPermits() { hasName("deviation-permits") } + } + + /** A deviation permit record, that is specified by a permit identifier */ + class DeviationPermit extends XMLElement { + DeviationPermit() { + getParent() instanceof DeviationPermits and + hasName("deviation-permits-entry") + } + + string getRawScope() { result = getAChild("scope").getTextValue() } + + predicate hasScope() { exists(getRawScope()) } + + string getScope() { if hasScope() then result = getRawScope() else result = "" } + + string getRawJustification() { result = getAChild("justification").getTextValue() } + + predicate hasJustification() { exists(getRawJustification()) } + + string getJustification() { + if hasJustification() then result = getRawJustification() else result = "" + } + + string getRawBackground() { result = getAChild("background").getTextValue() } + + predicate hasBackground() { exists(getRawBackground()) } + + string getBackground() { if hasBackground() then result = getRawBackground() else result = "" } + + string getRawRequirements() { result = getAChild("requirements").getTextValue() } + + predicate hasRequirements() { exists(getRawRequirements()) } + + string getRequirements() { + if hasRequirements() then result = getRawRequirements() else result = "" + } + + string getRawPermitId() { result = getAChild("permit-id").getTextValue() } + + predicate hasPermitId() { exists(getRawPermitId()) } + + string getPermitId() { + // In the case of the permit identifier we do not return an empty string because that can + // result in spurious matches when an invalid permit without an id is specified, because + // the record returns an empty string for the permit id if it is not specified. + result = getRawPermitId() + } + + predicate hasCodeIdentifier() { exists(getAChild("code-identifier")) } + + /** Gets the code identifier associated with this deviation record, if any. */ + string getCodeIdentifier() { result = getAChild("code-identifier").getTextValue() } + + /** Gets the `rule-id` specified for this record, if any. */ + string getRawRuleId() { result = getAChild("rule-id").getTextValue() } + + predicate hasRuleId() { exists(getRawRuleId()) } + + string getRuleId() { if hasRuleId() then result = getRawRuleId() else result = "" } + + /** Gets the `query-id` specified for this record, if any. */ + string getRawQueryId() { result = getAChild("query-id").getTextValue() } + + predicate hasQueryId() { exists(getRawQueryId()) } + + string getQueryId() { if hasQueryId() then result = getRawQueryId() else result = "" } + + /** If the permit is invalid, get a string describing a reason for it being invalid. */ + string getAnInvalidPermitReason() { + not hasPermitId() and result = "Deviation permit does not specify a permit identifier." + or + exists(string childName | + exists(getAChild(childName)) and + not childName in [ + "permit-id", "rule-id", "query-id", "code-identifier", "scope", "justification", + "background", "requirements" + ] and + result = "Deviation permit specifies unknown property `" + childName + "`." + ) + } + + /** Holds if the deviation record is valid */ + predicate isDeviationPermitValid() { not exists(getAnInvalidPermitReason()) } + } + + /** A deviation record, that is a specified rule or query */ + class DeviationRecord extends XMLElement { + DeviationRecord() { + getParent() instanceof DeviationRecords and + hasName("deviations-entry") + } + + private string getRawScope() { result = getAChild("scope").getTextValue() } + + private string getRawJustification() { result = getAChild("justification").getTextValue() } + + private string getRawBackground() { result = getAChild("background").getTextValue() } + + private string getRawRequirements() { result = getAChild("requirements").getTextValue() } + + private string getRawPermitId() { result = getAChild("permit-id").getTextValue() } + + private XMLElement getRawRaisedBy() { result = getAChild("raised-by") } + + private string getRawRaisedByName() { result = getRawRaisedBy().getAChild("name").getTextValue() } + + private string getRawRaisedByDate() { result = getRawRaisedBy().getAChild("date").getTextValue() } + + private XMLElement getRawApprovedBy() { result = getAChild("approved-by") } + + private string getRawApprovedByName() { + result = getRawApprovedBy().getAChild("name").getTextValue() + } + + private string getRawApprovedByDate() { + result = getRawApprovedBy().getAChild("date").getTextValue() + } + + predicate hasRaisedBy() { exists(getRawRaisedBy()) } + + predicate hasApprovedBy() { exists(getRawApprovedBy()) } + + string getRaisedByName() { + if exists(getRawRaisedByName()) then result = getRawRaisedByName() else result = "" + } + + string getRaisedByDate() { + if exists(getRawRaisedByDate()) then result = getRawRaisedByDate() else result = "" + } + + string getApprovedByName() { + if exists(getRawApprovedByName()) then result = getRawApprovedByName() else result = "" + } + + string getApprovedByDate() { + if exists(getRawApprovedByDate()) then result = getRawApprovedByDate() else result = "" + } + + string getScope() { + if exists(getRawScope()) + then result = getRawScope() + else + if getADeviationPermit().hasScope() + then result = getADeviationPermit().getScope() + else result = "" + } + + string getJustification() { + if exists(getRawJustification()) + then result = getRawJustification() + else + if getADeviationPermit().hasJustification() + then result = getADeviationPermit().getJustification() + else result = "" + } + + string getBackground() { + if exists(getRawBackground()) + then result = getRawBackground() + else + if getADeviationPermit().hasBackground() + then result = getADeviationPermit().getBackground() + else result = "" + } + + string getRequirements() { + if exists(getRawRequirements()) + then result = getRawRequirements() + else + if getADeviationPermit().hasRequirements() + then result = getADeviationPermit().getRequirements() + else result = "" + } + + string getPermitId() { + if exists(getRawPermitId()) then result = getRawPermitId() else result = "" + } + + predicate hasPermitId() { exists(getRawPermitId()) } + + /** Gets the code identifier associated with this deviation record, if any. */ + string getCodeIdentifier() { + if exists(getAChild("code-identifier").getTextValue()) + then result = getAChild("code-identifier").getTextValue() + else result = getADeviationPermit().getCodeIdentifier() + } + + /** Gets a comment which starts or ends with the code identifier comment. */ + Comment getACodeIdentifierComment() { + exists(string text | + ( + result instanceof CppStyleComment and + // strip the beginning slashes + text = result.getContents().suffix(2).trim() + or + result instanceof CStyleComment and + // strip both the beginning /* and the end */ the comment + exists(string text0 | + text0 = result.getContents().suffix(2) and + text = text0.prefix(text0.length() - 2).trim() + ) and + // The /* */ comment must be a single-line comment + not text.matches("%\n%") + ) and + ( + // Code identifier appears at the start of the comment (modulo whitespace) + text.prefix(getCodeIdentifier().length()) = getCodeIdentifier() + or + // Code identifier appears at the end of the comment (modulo whitespace) + text.suffix(text.length() - getCodeIdentifier().length()) = getCodeIdentifier() + ) + ) + } + + /** Gets the `rule-id` specified for this record, if any. */ + private string getRawRuleId() { result = getAChild("rule-id").getTextValue() } + + string getRuleId() { + if exists(getRawRuleId()) + then result = getRawRuleId() + else + if exists(DeviationPermit dp | dp.getPermitId() = getPermitId() and dp.hasRuleId()) + then + exists(DeviationPermit dp | + dp.getPermitId() = getPermitId() and dp.hasRuleId() and result = dp.getRuleId() + ) + else result = "" + } + + predicate hasRuleId() { not exists(string id | id = getRuleId() and id = "") } + + /** Gets the `query-id` specified for this record, if any. */ + private string getRawQueryId() { result = getAChild("query-id").getTextValue() } + + string getQueryId() { + if exists(getRawQueryId()) + then result = getRawQueryId() + else + if getADeviationPermit().hasQueryId() + then result = getADeviationPermit().getQueryId() + else result = "" + } + + predicate hasQueryId() { not exists(string id | id = getQueryId() and id = "") } + + DeviationPermit getADeviationPermit() { + exists(DeviationPermit dp | dp.getPermitId() = getPermitId() | result = dp) + } + + predicate hasADeviationPermit() { exists(getADeviationPermit()) } + + /** If the record is invalid, get a string describing a reason for it being invalid. */ + string getAnInvalidRecordReason() { + not hasRuleId() and + not hasQueryId() and + result = "No rule-id and query-id specified for this deviation record." + or + hasRuleId() and + not exists(Query q | q.getRuleId() = getRuleId()) and + result = + "The rule-id `" + getRuleId() + "` for this deviation matches none of the available queries." + or + hasQueryId() and + not hasRuleId() and + result = + "A query-id of `" + getQueryId() + + "` is specified for this deviation, but not rule-id is specified." + or + hasRuleId() and + hasQueryId() and + not exists(Query q | q.getQueryId() = getQueryId() and q.getRuleId() = getRuleId()) and + result = + "There is no query which matches both the rule-id `" + getRuleId() + "` and the query-id `" + + getQueryId() + "`." + or + hasRaisedBy() and + not hasApprovedBy() and + result = "A deviation `raised-by` is specified without providing an `approved-by`." + or + not hasRaisedBy() and + hasApprovedBy() and + result = "A deviation `approved-by` is specified without providing a `raised-by`." + or + hasRaisedBy() and + not (exists(getRawRaisedByName()) and exists(getRawRaisedByDate())) and + result = "A deviation `raised-by` is specified without providing both a `name` and `date`." + or + hasApprovedBy() and + not (exists(getRawApprovedByName()) and exists(getRawApprovedByDate())) and + result = "A deviation `approved-by` is specified without providing both a `name` and `date`." + or + exists(DeviationPermit dp | + dp = getADeviationPermit() and + not dp.isDeviationPermitValid() and + result = "A deviation with an invalid deviation permit identified by `" + getPermitId() + "`." + ) + or + hasPermitId() and + not hasADeviationPermit() and + result = "There is no deviation permit with id `" + getPermitId() + "`." + or + exists(Query q | q.getQueryId() = getQueryId() | + not q.getEffectiveCategory().permitsDeviation() and + result = + "The deviation is applied to a query with the rule category '" + + q.getEffectiveCategory().toString() + "' that does not permit a deviation." + ) + } + + /** Holds if the deviation record is valid */ + predicate isDeviationRecordValid() { not exists(getAnInvalidRecordReason()) } + + /** + * Gets the query or queries to which this deviation record applies. + */ + Query getQuery() { + isDeviationRecordValid() and + result.getRuleId() = getRuleId() + } + + /** Gets a `Container` representing a path this record applies to, if any. */ + private Container getPathAContainer() { + not this.getFile().getParentContainer().getRelativePath() = "" and + result.getRelativePath() = + this.getFile().getParentContainer().getRelativePath() + "/" + + getAChild("paths").getAChild("paths-entry").getTextValue() + or + this.getFile().getParentContainer().getRelativePath() = "" and + result.getRelativePath() = getAChild("paths").getAChild("paths-entry").getTextValue() + } + + /** Gets a path to which this deviation applies. */ + string getADeviationPath() { + ( + if exists(getPathAContainer()) + then + // Use the path, which will be relative to this file, if specified + result = getPathAContainer().getRelativePath() + else ( + // Otherwise, if no code identifier was supplied, it applies to the parent container of the + // file itself + not exists(getCodeIdentifier()) and + result = this.getFile().getParentContainer().getRelativePath() + ) + ) + } + + cached + predicate isDeviated(Query query, string deviationPath) { + query = getQuery() and + deviationPath = getADeviationPath() + } + } + \ No newline at end of file From 178eddc4d4aad682bb9c87a1733c02902925315e Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Tue, 19 Jul 2022 20:31:42 +0200 Subject: [PATCH 0596/2573] Fix A2-10-4 and A2-10-5 test results --- cpp/common/src/codingstandards/cpp/Config.qll | 6 +++--- .../src/codingstandards/cpp/deviations/Deviations.qll | 10 +++++----- .../GuidelineRecategorizations.qll | 2 +- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Config.qll b/cpp/common/src/codingstandards/cpp/Config.qll index 7d12340719..5ce3f7a035 100644 --- a/cpp/common/src/codingstandards/cpp/Config.qll +++ b/cpp/common/src/codingstandards/cpp/Config.qll @@ -8,7 +8,7 @@ import codingstandards.cpp.exclusions.RuleMetadata import codingstandards.cpp.deviations.Deviations /** A `coding-standards.xml` configuration file (usually generated from an YAML configuration file). */ -class CodingStandardsFile extends XMLFile { +class CodingStandardsFile extends XmlFile { CodingStandardsFile() { this.getBaseName() = "coding-standards.xml" and // Must be within the users source code. @@ -16,12 +16,12 @@ class CodingStandardsFile extends XMLFile { } } -class CodingStandardsConfigSection extends XMLElement { +class CodingStandardsConfigSection extends XmlElement { CodingStandardsConfigSection() { getParent() instanceof CodingStandardsConfig } } /** A "Coding Standards" configuration file */ -class CodingStandardsConfig extends XMLElement { +class CodingStandardsConfig extends XmlElement { CodingStandardsConfig() { any(CodingStandardsFile csf).getARootElement() = this and this.getName() = "codingstandards" diff --git a/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll b/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll index a1f69b2f51..d85d6a015b 100644 --- a/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll +++ b/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll @@ -17,7 +17,7 @@ } /** An element which tells the analysis whether to report deviated results. */ - class CodingStandardsReportDeviatedAlerts extends XMLElement { + class CodingStandardsReportDeviatedAlerts extends XmlElement { CodingStandardsReportDeviatedAlerts() { getParent() instanceof CodingStandardsConfig and hasName("report-deviated-alerts") @@ -35,7 +35,7 @@ } /** A deviation permit record, that is specified by a permit identifier */ - class DeviationPermit extends XMLElement { + class DeviationPermit extends XmlElement { DeviationPermit() { getParent() instanceof DeviationPermits and hasName("deviation-permits-entry") @@ -118,7 +118,7 @@ } /** A deviation record, that is a specified rule or query */ - class DeviationRecord extends XMLElement { + class DeviationRecord extends XmlElement { DeviationRecord() { getParent() instanceof DeviationRecords and hasName("deviations-entry") @@ -134,13 +134,13 @@ private string getRawPermitId() { result = getAChild("permit-id").getTextValue() } - private XMLElement getRawRaisedBy() { result = getAChild("raised-by") } + private XmlElement getRawRaisedBy() { result = getAChild("raised-by") } private string getRawRaisedByName() { result = getRawRaisedBy().getAChild("name").getTextValue() } private string getRawRaisedByDate() { result = getRawRaisedBy().getAChild("date").getTextValue() } - private XMLElement getRawApprovedBy() { result = getAChild("approved-by") } + private XmlElement getRawApprovedBy() { result = getAChild("approved-by") } private string getRawApprovedByName() { result = getRawApprovedBy().getAChild("name").getTextValue() diff --git a/cpp/common/src/codingstandards/cpp/guideline_recategorizations/GuidelineRecategorizations.qll b/cpp/common/src/codingstandards/cpp/guideline_recategorizations/GuidelineRecategorizations.qll index ff148a4a72..ec5731f1bf 100644 --- a/cpp/common/src/codingstandards/cpp/guideline_recategorizations/GuidelineRecategorizations.qll +++ b/cpp/common/src/codingstandards/cpp/guideline_recategorizations/GuidelineRecategorizations.qll @@ -12,7 +12,7 @@ class GuidelineRecategorizations extends CodingStandardsConfigSection { GuidelineRecategorizations() { hasName("guideline-recategorizations") } } -class GuidelineRecategorization extends XMLElement { +class GuidelineRecategorization extends XmlElement { GuidelineRecategorization() { getParent() instanceof GuidelineRecategorizations and hasName("guideline-recategorizations-entry") From 9ddb2c65ed71ecfb33b06d7b39bdbb912a955893 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Thu, 2 Mar 2023 22:37:34 -0800 Subject: [PATCH 0597/2573] Draft for INT36-C --- ...tingAPointerToIntegerOrIntegerToPointer.ql | 23 +++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) diff --git a/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql b/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql index f63fa16f68..cd241557e1 100644 --- a/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql +++ b/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql @@ -13,7 +13,26 @@ import cpp import codingstandards.c.cert -from +/* 1. Declaring an integer variable to hold a pointer value */ +predicate integerVariableWithPointerValue(Variable var) { + var.getUnderlyingType() instanceof IntType and + var.getAnAssignedValue().getUnderlyingType() instanceof PointerType +} + +/* 2. Assigning an integer variable a pointer a pointer value */ +predicate assigningPointerValueToInteger(Assignment assign) { + assign.getLValue().getUnderlyingType() instanceof IntType and + assign.getRValue().getUnderlyingType() instanceof PointerType +} + +/* 3. Casting a pointer value to integer */ +predicate castingPointerToInteger(Cast cast) { + cast.getExpr().getUnderlyingType() instanceof PointerType and + cast.getUnderlyingType() instanceof PointerType +} + +from Variable x where not isExcluded(x, TypesPackage::convertingAPointerToIntegerOrIntegerToPointerQuery()) and -select + x.getType() instanceof PointerType +select x, x.getType().getAPrimaryQlClass() From 834402729e356521f3342cb272dbdc65bef47f54 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Fri, 3 Mar 2023 11:08:19 +0100 Subject: [PATCH 0598/2573] Update supported_codeql_configs.json --- supported_codeql_configs.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/supported_codeql_configs.json b/supported_codeql_configs.json index b87a09bef6..c6c35979d9 100644 --- a/supported_codeql_configs.json +++ b/supported_codeql_configs.json @@ -14,4 +14,4 @@ "language" : "c" } ] -} \ No newline at end of file +} From 1cdf4d86b5db862a63b93d709985dda4b5b22cdb Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Fri, 3 Mar 2023 11:13:29 +0100 Subject: [PATCH 0599/2573] Update Deviations.qll --- .../cpp/deviations/Deviations.qll | 763 +++++++++--------- 1 file changed, 381 insertions(+), 382 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll b/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll index d85d6a015b..4dfadd12eb 100644 --- a/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll +++ b/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll @@ -4,385 +4,384 @@ * The deviation model is based on the "MISRA Compliance 2020" document. */ - import cpp - import semmle.code.cpp.XML - import codingstandards.cpp.exclusions.RuleMetadata - import codingstandards.cpp.Config - - predicate applyDeviationsAtQueryLevel() { - not exists(CodingStandardsReportDeviatedAlerts reportDeviatedResults | - // There exists at least one `report-deviated-alerts: true` command in the repository - reportDeviatedResults.getTextValue().trim() = "true" - ) - } - - /** An element which tells the analysis whether to report deviated results. */ - class CodingStandardsReportDeviatedAlerts extends XmlElement { - CodingStandardsReportDeviatedAlerts() { - getParent() instanceof CodingStandardsConfig and - hasName("report-deviated-alerts") - } - } - - /** A container of deviation records. */ - class DeviationRecords extends CodingStandardsConfigSection { - DeviationRecords() { hasName("deviations") } - } - - /** A container for the deviation permits records. */ - class DeviationPermits extends CodingStandardsConfigSection { - DeviationPermits() { hasName("deviation-permits") } - } - - /** A deviation permit record, that is specified by a permit identifier */ - class DeviationPermit extends XmlElement { - DeviationPermit() { - getParent() instanceof DeviationPermits and - hasName("deviation-permits-entry") - } - - string getRawScope() { result = getAChild("scope").getTextValue() } - - predicate hasScope() { exists(getRawScope()) } - - string getScope() { if hasScope() then result = getRawScope() else result = "" } - - string getRawJustification() { result = getAChild("justification").getTextValue() } - - predicate hasJustification() { exists(getRawJustification()) } - - string getJustification() { - if hasJustification() then result = getRawJustification() else result = "" - } - - string getRawBackground() { result = getAChild("background").getTextValue() } - - predicate hasBackground() { exists(getRawBackground()) } - - string getBackground() { if hasBackground() then result = getRawBackground() else result = "" } - - string getRawRequirements() { result = getAChild("requirements").getTextValue() } - - predicate hasRequirements() { exists(getRawRequirements()) } - - string getRequirements() { - if hasRequirements() then result = getRawRequirements() else result = "" - } - - string getRawPermitId() { result = getAChild("permit-id").getTextValue() } - - predicate hasPermitId() { exists(getRawPermitId()) } - - string getPermitId() { - // In the case of the permit identifier we do not return an empty string because that can - // result in spurious matches when an invalid permit without an id is specified, because - // the record returns an empty string for the permit id if it is not specified. - result = getRawPermitId() - } - - predicate hasCodeIdentifier() { exists(getAChild("code-identifier")) } - - /** Gets the code identifier associated with this deviation record, if any. */ - string getCodeIdentifier() { result = getAChild("code-identifier").getTextValue() } - - /** Gets the `rule-id` specified for this record, if any. */ - string getRawRuleId() { result = getAChild("rule-id").getTextValue() } - - predicate hasRuleId() { exists(getRawRuleId()) } - - string getRuleId() { if hasRuleId() then result = getRawRuleId() else result = "" } - - /** Gets the `query-id` specified for this record, if any. */ - string getRawQueryId() { result = getAChild("query-id").getTextValue() } - - predicate hasQueryId() { exists(getRawQueryId()) } - - string getQueryId() { if hasQueryId() then result = getRawQueryId() else result = "" } - - /** If the permit is invalid, get a string describing a reason for it being invalid. */ - string getAnInvalidPermitReason() { - not hasPermitId() and result = "Deviation permit does not specify a permit identifier." - or - exists(string childName | - exists(getAChild(childName)) and - not childName in [ - "permit-id", "rule-id", "query-id", "code-identifier", "scope", "justification", - "background", "requirements" - ] and - result = "Deviation permit specifies unknown property `" + childName + "`." - ) - } - - /** Holds if the deviation record is valid */ - predicate isDeviationPermitValid() { not exists(getAnInvalidPermitReason()) } - } - - /** A deviation record, that is a specified rule or query */ - class DeviationRecord extends XmlElement { - DeviationRecord() { - getParent() instanceof DeviationRecords and - hasName("deviations-entry") - } - - private string getRawScope() { result = getAChild("scope").getTextValue() } - - private string getRawJustification() { result = getAChild("justification").getTextValue() } - - private string getRawBackground() { result = getAChild("background").getTextValue() } - - private string getRawRequirements() { result = getAChild("requirements").getTextValue() } - - private string getRawPermitId() { result = getAChild("permit-id").getTextValue() } - - private XmlElement getRawRaisedBy() { result = getAChild("raised-by") } - - private string getRawRaisedByName() { result = getRawRaisedBy().getAChild("name").getTextValue() } - - private string getRawRaisedByDate() { result = getRawRaisedBy().getAChild("date").getTextValue() } - - private XmlElement getRawApprovedBy() { result = getAChild("approved-by") } - - private string getRawApprovedByName() { - result = getRawApprovedBy().getAChild("name").getTextValue() - } - - private string getRawApprovedByDate() { - result = getRawApprovedBy().getAChild("date").getTextValue() - } - - predicate hasRaisedBy() { exists(getRawRaisedBy()) } - - predicate hasApprovedBy() { exists(getRawApprovedBy()) } - - string getRaisedByName() { - if exists(getRawRaisedByName()) then result = getRawRaisedByName() else result = "" - } - - string getRaisedByDate() { - if exists(getRawRaisedByDate()) then result = getRawRaisedByDate() else result = "" - } - - string getApprovedByName() { - if exists(getRawApprovedByName()) then result = getRawApprovedByName() else result = "" - } - - string getApprovedByDate() { - if exists(getRawApprovedByDate()) then result = getRawApprovedByDate() else result = "" - } - - string getScope() { - if exists(getRawScope()) - then result = getRawScope() - else - if getADeviationPermit().hasScope() - then result = getADeviationPermit().getScope() - else result = "" - } - - string getJustification() { - if exists(getRawJustification()) - then result = getRawJustification() - else - if getADeviationPermit().hasJustification() - then result = getADeviationPermit().getJustification() - else result = "" - } - - string getBackground() { - if exists(getRawBackground()) - then result = getRawBackground() - else - if getADeviationPermit().hasBackground() - then result = getADeviationPermit().getBackground() - else result = "" - } - - string getRequirements() { - if exists(getRawRequirements()) - then result = getRawRequirements() - else - if getADeviationPermit().hasRequirements() - then result = getADeviationPermit().getRequirements() - else result = "" - } - - string getPermitId() { - if exists(getRawPermitId()) then result = getRawPermitId() else result = "" - } - - predicate hasPermitId() { exists(getRawPermitId()) } - - /** Gets the code identifier associated with this deviation record, if any. */ - string getCodeIdentifier() { - if exists(getAChild("code-identifier").getTextValue()) - then result = getAChild("code-identifier").getTextValue() - else result = getADeviationPermit().getCodeIdentifier() - } - - /** Gets a comment which starts or ends with the code identifier comment. */ - Comment getACodeIdentifierComment() { - exists(string text | - ( - result instanceof CppStyleComment and - // strip the beginning slashes - text = result.getContents().suffix(2).trim() - or - result instanceof CStyleComment and - // strip both the beginning /* and the end */ the comment - exists(string text0 | - text0 = result.getContents().suffix(2) and - text = text0.prefix(text0.length() - 2).trim() - ) and - // The /* */ comment must be a single-line comment - not text.matches("%\n%") - ) and - ( - // Code identifier appears at the start of the comment (modulo whitespace) - text.prefix(getCodeIdentifier().length()) = getCodeIdentifier() - or - // Code identifier appears at the end of the comment (modulo whitespace) - text.suffix(text.length() - getCodeIdentifier().length()) = getCodeIdentifier() - ) - ) - } - - /** Gets the `rule-id` specified for this record, if any. */ - private string getRawRuleId() { result = getAChild("rule-id").getTextValue() } - - string getRuleId() { - if exists(getRawRuleId()) - then result = getRawRuleId() - else - if exists(DeviationPermit dp | dp.getPermitId() = getPermitId() and dp.hasRuleId()) - then - exists(DeviationPermit dp | - dp.getPermitId() = getPermitId() and dp.hasRuleId() and result = dp.getRuleId() - ) - else result = "" - } - - predicate hasRuleId() { not exists(string id | id = getRuleId() and id = "") } - - /** Gets the `query-id` specified for this record, if any. */ - private string getRawQueryId() { result = getAChild("query-id").getTextValue() } - - string getQueryId() { - if exists(getRawQueryId()) - then result = getRawQueryId() - else - if getADeviationPermit().hasQueryId() - then result = getADeviationPermit().getQueryId() - else result = "" - } - - predicate hasQueryId() { not exists(string id | id = getQueryId() and id = "") } - - DeviationPermit getADeviationPermit() { - exists(DeviationPermit dp | dp.getPermitId() = getPermitId() | result = dp) - } - - predicate hasADeviationPermit() { exists(getADeviationPermit()) } - - /** If the record is invalid, get a string describing a reason for it being invalid. */ - string getAnInvalidRecordReason() { - not hasRuleId() and - not hasQueryId() and - result = "No rule-id and query-id specified for this deviation record." - or - hasRuleId() and - not exists(Query q | q.getRuleId() = getRuleId()) and - result = - "The rule-id `" + getRuleId() + "` for this deviation matches none of the available queries." - or - hasQueryId() and - not hasRuleId() and - result = - "A query-id of `" + getQueryId() + - "` is specified for this deviation, but not rule-id is specified." - or - hasRuleId() and - hasQueryId() and - not exists(Query q | q.getQueryId() = getQueryId() and q.getRuleId() = getRuleId()) and - result = - "There is no query which matches both the rule-id `" + getRuleId() + "` and the query-id `" + - getQueryId() + "`." - or - hasRaisedBy() and - not hasApprovedBy() and - result = "A deviation `raised-by` is specified without providing an `approved-by`." - or - not hasRaisedBy() and - hasApprovedBy() and - result = "A deviation `approved-by` is specified without providing a `raised-by`." - or - hasRaisedBy() and - not (exists(getRawRaisedByName()) and exists(getRawRaisedByDate())) and - result = "A deviation `raised-by` is specified without providing both a `name` and `date`." - or - hasApprovedBy() and - not (exists(getRawApprovedByName()) and exists(getRawApprovedByDate())) and - result = "A deviation `approved-by` is specified without providing both a `name` and `date`." - or - exists(DeviationPermit dp | - dp = getADeviationPermit() and - not dp.isDeviationPermitValid() and - result = "A deviation with an invalid deviation permit identified by `" + getPermitId() + "`." - ) - or - hasPermitId() and - not hasADeviationPermit() and - result = "There is no deviation permit with id `" + getPermitId() + "`." - or - exists(Query q | q.getQueryId() = getQueryId() | - not q.getEffectiveCategory().permitsDeviation() and - result = - "The deviation is applied to a query with the rule category '" + - q.getEffectiveCategory().toString() + "' that does not permit a deviation." - ) - } - - /** Holds if the deviation record is valid */ - predicate isDeviationRecordValid() { not exists(getAnInvalidRecordReason()) } - - /** - * Gets the query or queries to which this deviation record applies. - */ - Query getQuery() { - isDeviationRecordValid() and - result.getRuleId() = getRuleId() - } - - /** Gets a `Container` representing a path this record applies to, if any. */ - private Container getPathAContainer() { - not this.getFile().getParentContainer().getRelativePath() = "" and - result.getRelativePath() = - this.getFile().getParentContainer().getRelativePath() + "/" + - getAChild("paths").getAChild("paths-entry").getTextValue() - or - this.getFile().getParentContainer().getRelativePath() = "" and - result.getRelativePath() = getAChild("paths").getAChild("paths-entry").getTextValue() - } - - /** Gets a path to which this deviation applies. */ - string getADeviationPath() { - ( - if exists(getPathAContainer()) - then - // Use the path, which will be relative to this file, if specified - result = getPathAContainer().getRelativePath() - else ( - // Otherwise, if no code identifier was supplied, it applies to the parent container of the - // file itself - not exists(getCodeIdentifier()) and - result = this.getFile().getParentContainer().getRelativePath() - ) - ) - } - - cached - predicate isDeviated(Query query, string deviationPath) { - query = getQuery() and - deviationPath = getADeviationPath() - } - } - \ No newline at end of file +import cpp +import semmle.code.cpp.XML +import codingstandards.cpp.exclusions.RuleMetadata +import codingstandards.cpp.Config + +predicate applyDeviationsAtQueryLevel() { + not exists(CodingStandardsReportDeviatedAlerts reportDeviatedResults | + // There exists at least one `report-deviated-alerts: true` command in the repository + reportDeviatedResults.getTextValue().trim() = "true" + ) +} + +/** An element which tells the analysis whether to report deviated results. */ +class CodingStandardsReportDeviatedAlerts extends XmlElement { + CodingStandardsReportDeviatedAlerts() { + getParent() instanceof CodingStandardsConfig and + hasName("report-deviated-alerts") + } +} + +/** A container of deviation records. */ +class DeviationRecords extends CodingStandardsConfigSection { + DeviationRecords() { hasName("deviations") } +} + +/** A container for the deviation permits records. */ +class DeviationPermits extends CodingStandardsConfigSection { + DeviationPermits() { hasName("deviation-permits") } +} + +/** A deviation permit record, that is specified by a permit identifier */ +class DeviationPermit extends XmlElement { + DeviationPermit() { + getParent() instanceof DeviationPermits and + hasName("deviation-permits-entry") + } + + string getRawScope() { result = getAChild("scope").getTextValue() } + + predicate hasScope() { exists(getRawScope()) } + + string getScope() { if hasScope() then result = getRawScope() else result = "" } + + string getRawJustification() { result = getAChild("justification").getTextValue() } + + predicate hasJustification() { exists(getRawJustification()) } + + string getJustification() { + if hasJustification() then result = getRawJustification() else result = "" + } + + string getRawBackground() { result = getAChild("background").getTextValue() } + + predicate hasBackground() { exists(getRawBackground()) } + + string getBackground() { if hasBackground() then result = getRawBackground() else result = "" } + + string getRawRequirements() { result = getAChild("requirements").getTextValue() } + + predicate hasRequirements() { exists(getRawRequirements()) } + + string getRequirements() { + if hasRequirements() then result = getRawRequirements() else result = "" + } + + string getRawPermitId() { result = getAChild("permit-id").getTextValue() } + + predicate hasPermitId() { exists(getRawPermitId()) } + + string getPermitId() { + // In the case of the permit identifier we do not return an empty string because that can + // result in spurious matches when an invalid permit without an id is specified, because + // the record returns an empty string for the permit id if it is not specified. + result = getRawPermitId() + } + + predicate hasCodeIdentifier() { exists(getAChild("code-identifier")) } + + /** Gets the code identifier associated with this deviation record, if any. */ + string getCodeIdentifier() { result = getAChild("code-identifier").getTextValue() } + + /** Gets the `rule-id` specified for this record, if any. */ + string getRawRuleId() { result = getAChild("rule-id").getTextValue() } + + predicate hasRuleId() { exists(getRawRuleId()) } + + string getRuleId() { if hasRuleId() then result = getRawRuleId() else result = "" } + + /** Gets the `query-id` specified for this record, if any. */ + string getRawQueryId() { result = getAChild("query-id").getTextValue() } + + predicate hasQueryId() { exists(getRawQueryId()) } + + string getQueryId() { if hasQueryId() then result = getRawQueryId() else result = "" } + + /** If the permit is invalid, get a string describing a reason for it being invalid. */ + string getAnInvalidPermitReason() { + not hasPermitId() and result = "Deviation permit does not specify a permit identifier." + or + exists(string childName | + exists(getAChild(childName)) and + not childName in [ + "permit-id", "rule-id", "query-id", "code-identifier", "scope", "justification", + "background", "requirements" + ] and + result = "Deviation permit specifies unknown property `" + childName + "`." + ) + } + + /** Holds if the deviation record is valid */ + predicate isDeviationPermitValid() { not exists(getAnInvalidPermitReason()) } +} + +/** A deviation record, that is a specified rule or query */ +class DeviationRecord extends XmlElement { + DeviationRecord() { + getParent() instanceof DeviationRecords and + hasName("deviations-entry") + } + + private string getRawScope() { result = getAChild("scope").getTextValue() } + + private string getRawJustification() { result = getAChild("justification").getTextValue() } + + private string getRawBackground() { result = getAChild("background").getTextValue() } + + private string getRawRequirements() { result = getAChild("requirements").getTextValue() } + + private string getRawPermitId() { result = getAChild("permit-id").getTextValue() } + + private XmlElement getRawRaisedBy() { result = getAChild("raised-by") } + + private string getRawRaisedByName() { result = getRawRaisedBy().getAChild("name").getTextValue() } + + private string getRawRaisedByDate() { result = getRawRaisedBy().getAChild("date").getTextValue() } + + private XmlElement getRawApprovedBy() { result = getAChild("approved-by") } + + private string getRawApprovedByName() { + result = getRawApprovedBy().getAChild("name").getTextValue() + } + + private string getRawApprovedByDate() { + result = getRawApprovedBy().getAChild("date").getTextValue() + } + + predicate hasRaisedBy() { exists(getRawRaisedBy()) } + + predicate hasApprovedBy() { exists(getRawApprovedBy()) } + + string getRaisedByName() { + if exists(getRawRaisedByName()) then result = getRawRaisedByName() else result = "" + } + + string getRaisedByDate() { + if exists(getRawRaisedByDate()) then result = getRawRaisedByDate() else result = "" + } + + string getApprovedByName() { + if exists(getRawApprovedByName()) then result = getRawApprovedByName() else result = "" + } + + string getApprovedByDate() { + if exists(getRawApprovedByDate()) then result = getRawApprovedByDate() else result = "" + } + + string getScope() { + if exists(getRawScope()) + then result = getRawScope() + else + if getADeviationPermit().hasScope() + then result = getADeviationPermit().getScope() + else result = "" + } + + string getJustification() { + if exists(getRawJustification()) + then result = getRawJustification() + else + if getADeviationPermit().hasJustification() + then result = getADeviationPermit().getJustification() + else result = "" + } + + string getBackground() { + if exists(getRawBackground()) + then result = getRawBackground() + else + if getADeviationPermit().hasBackground() + then result = getADeviationPermit().getBackground() + else result = "" + } + + string getRequirements() { + if exists(getRawRequirements()) + then result = getRawRequirements() + else + if getADeviationPermit().hasRequirements() + then result = getADeviationPermit().getRequirements() + else result = "" + } + + string getPermitId() { + if exists(getRawPermitId()) then result = getRawPermitId() else result = "" + } + + predicate hasPermitId() { exists(getRawPermitId()) } + + /** Gets the code identifier associated with this deviation record, if any. */ + string getCodeIdentifier() { + if exists(getAChild("code-identifier").getTextValue()) + then result = getAChild("code-identifier").getTextValue() + else result = getADeviationPermit().getCodeIdentifier() + } + + /** Gets a comment which starts or ends with the code identifier comment. */ + Comment getACodeIdentifierComment() { + exists(string text | + ( + result instanceof CppStyleComment and + // strip the beginning slashes + text = result.getContents().suffix(2).trim() + or + result instanceof CStyleComment and + // strip both the beginning /* and the end */ the comment + exists(string text0 | + text0 = result.getContents().suffix(2) and + text = text0.prefix(text0.length() - 2).trim() + ) and + // The /* */ comment must be a single-line comment + not text.matches("%\n%") + ) and + ( + // Code identifier appears at the start of the comment (modulo whitespace) + text.prefix(getCodeIdentifier().length()) = getCodeIdentifier() + or + // Code identifier appears at the end of the comment (modulo whitespace) + text.suffix(text.length() - getCodeIdentifier().length()) = getCodeIdentifier() + ) + ) + } + + /** Gets the `rule-id` specified for this record, if any. */ + private string getRawRuleId() { result = getAChild("rule-id").getTextValue() } + + string getRuleId() { + if exists(getRawRuleId()) + then result = getRawRuleId() + else + if exists(DeviationPermit dp | dp.getPermitId() = getPermitId() and dp.hasRuleId()) + then + exists(DeviationPermit dp | + dp.getPermitId() = getPermitId() and dp.hasRuleId() and result = dp.getRuleId() + ) + else result = "" + } + + predicate hasRuleId() { not exists(string id | id = getRuleId() and id = "") } + + /** Gets the `query-id` specified for this record, if any. */ + private string getRawQueryId() { result = getAChild("query-id").getTextValue() } + + string getQueryId() { + if exists(getRawQueryId()) + then result = getRawQueryId() + else + if getADeviationPermit().hasQueryId() + then result = getADeviationPermit().getQueryId() + else result = "" + } + + predicate hasQueryId() { not exists(string id | id = getQueryId() and id = "") } + + DeviationPermit getADeviationPermit() { + exists(DeviationPermit dp | dp.getPermitId() = getPermitId() | result = dp) + } + + predicate hasADeviationPermit() { exists(getADeviationPermit()) } + + /** If the record is invalid, get a string describing a reason for it being invalid. */ + string getAnInvalidRecordReason() { + not hasRuleId() and + not hasQueryId() and + result = "No rule-id and query-id specified for this deviation record." + or + hasRuleId() and + not exists(Query q | q.getRuleId() = getRuleId()) and + result = + "The rule-id `" + getRuleId() + "` for this deviation matches none of the available queries." + or + hasQueryId() and + not hasRuleId() and + result = + "A query-id of `" + getQueryId() + + "` is specified for this deviation, but not rule-id is specified." + or + hasRuleId() and + hasQueryId() and + not exists(Query q | q.getQueryId() = getQueryId() and q.getRuleId() = getRuleId()) and + result = + "There is no query which matches both the rule-id `" + getRuleId() + "` and the query-id `" + + getQueryId() + "`." + or + hasRaisedBy() and + not hasApprovedBy() and + result = "A deviation `raised-by` is specified without providing an `approved-by`." + or + not hasRaisedBy() and + hasApprovedBy() and + result = "A deviation `approved-by` is specified without providing a `raised-by`." + or + hasRaisedBy() and + not (exists(getRawRaisedByName()) and exists(getRawRaisedByDate())) and + result = "A deviation `raised-by` is specified without providing both a `name` and `date`." + or + hasApprovedBy() and + not (exists(getRawApprovedByName()) and exists(getRawApprovedByDate())) and + result = "A deviation `approved-by` is specified without providing both a `name` and `date`." + or + exists(DeviationPermit dp | + dp = getADeviationPermit() and + not dp.isDeviationPermitValid() and + result = "A deviation with an invalid deviation permit identified by `" + getPermitId() + "`." + ) + or + hasPermitId() and + not hasADeviationPermit() and + result = "There is no deviation permit with id `" + getPermitId() + "`." + or + exists(Query q | q.getQueryId() = getQueryId() | + not q.getEffectiveCategory().permitsDeviation() and + result = + "The deviation is applied to a query with the rule category '" + + q.getEffectiveCategory().toString() + "' that does not permit a deviation." + ) + } + + /** Holds if the deviation record is valid */ + predicate isDeviationRecordValid() { not exists(getAnInvalidRecordReason()) } + + /** + * Gets the query or queries to which this deviation record applies. + */ + Query getQuery() { + isDeviationRecordValid() and + result.getRuleId() = getRuleId() + } + + /** Gets a `Container` representing a path this record applies to, if any. */ + private Container getPathAContainer() { + not this.getFile().getParentContainer().getRelativePath() = "" and + result.getRelativePath() = + this.getFile().getParentContainer().getRelativePath() + "/" + + getAChild("paths").getAChild("paths-entry").getTextValue() + or + this.getFile().getParentContainer().getRelativePath() = "" and + result.getRelativePath() = getAChild("paths").getAChild("paths-entry").getTextValue() + } + + /** Gets a path to which this deviation applies. */ + string getADeviationPath() { + ( + if exists(getPathAContainer()) + then + // Use the path, which will be relative to this file, if specified + result = getPathAContainer().getRelativePath() + else ( + // Otherwise, if no code identifier was supplied, it applies to the parent container of the + // file itself + not exists(getCodeIdentifier()) and + result = this.getFile().getParentContainer().getRelativePath() + ) + ) + } + + cached + predicate isDeviated(Query query, string deviationPath) { + query = getQuery() and + deviationPath = getADeviationPath() + } +} From 08fc00ed7af1d4e5c8dc41577c28bcce73e1cde7 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Fri, 3 Mar 2023 11:16:21 +0100 Subject: [PATCH 0600/2573] Update IdentifierNameOfANonMemberObjectWithExternalOrInternalLinkageIsReused.expected --- ...MemberObjectWithExternalOrInternalLinkageIsReused.expected | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A2-10-5/IdentifierNameOfANonMemberObjectWithExternalOrInternalLinkageIsReused.expected b/cpp/autosar/test/rules/A2-10-5/IdentifierNameOfANonMemberObjectWithExternalOrInternalLinkageIsReused.expected index 83409a78a2..66d2b38c57 100644 --- a/cpp/autosar/test/rules/A2-10-5/IdentifierNameOfANonMemberObjectWithExternalOrInternalLinkageIsReused.expected +++ b/cpp/autosar/test/rules/A2-10-5/IdentifierNameOfANonMemberObjectWithExternalOrInternalLinkageIsReused.expected @@ -1,4 +1,6 @@ | test1a.cpp:2:12:2:13 | g1 | Identifier name of non-member object $@ reuses the identifier name of non-member object $@. | test1a.cpp:2:12:2:13 | g1 | g1 | test1b.cpp:2:12:2:13 | g1 | g1 | | test1a.cpp:6:12:6:13 | g3 | Identifier name of non-member object $@ reuses the identifier name of non-member object $@. | test1a.cpp:6:12:6:13 | g3 | g3 | test1b.cpp:6:12:6:13 | g3 | g3 | +| test1a.cpp:17:43:17:43 | number_two | Identifier name of non-member object $@ reuses the identifier name of non-member object $@. | test1a.cpp:17:43:17:43 | number_two | number_two | test1b.cpp:11:43:11:43 | number_two | number_two | | test1b.cpp:2:12:2:13 | g1 | Identifier name of non-member object $@ reuses the identifier name of non-member object $@. | test1b.cpp:2:12:2:13 | g1 | g1 | test1a.cpp:2:12:2:13 | g1 | g1 | -| test1b.cpp:6:12:6:13 | g3 | Identifier name of non-member object $@ reuses the identifier name of non-member object $@. | test1b.cpp:6:12:6:13 | g3 | g3 | test1a.cpp:6:12:6:13 | g3 | g3 | \ No newline at end of file +| test1b.cpp:6:12:6:13 | g3 | Identifier name of non-member object $@ reuses the identifier name of non-member object $@. | test1b.cpp:6:12:6:13 | g3 | g3 | test1a.cpp:6:12:6:13 | g3 | g3 | +| test1b.cpp:11:43:11:43 | number_two | Identifier name of non-member object $@ reuses the identifier name of non-member object $@. | test1b.cpp:11:43:11:43 | number_two | number_two | test1a.cpp:17:43:17:43 | number_two | number_two | From e4151cf58039a145a44f19bff6af2938689e99d1 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Fri, 3 Mar 2023 10:44:58 +0000 Subject: [PATCH 0601/2573] RULE-21-12: Exclude nested macro invocations Do not report macro invocations inside other macro invocations where the parent macro invocation is also for a macro inside fenv.h. --- .../rules/RULE-21-12/ExceptionHandlingFeaturesOfFenvhUsed.ql | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/c/misra/src/rules/RULE-21-12/ExceptionHandlingFeaturesOfFenvhUsed.ql b/c/misra/src/rules/RULE-21-12/ExceptionHandlingFeaturesOfFenvhUsed.ql index 6035f15401..727cb190e9 100644 --- a/c/misra/src/rules/RULE-21-12/ExceptionHandlingFeaturesOfFenvhUsed.ql +++ b/c/misra/src/rules/RULE-21-12/ExceptionHandlingFeaturesOfFenvhUsed.ql @@ -45,7 +45,9 @@ where exists(FPExceptionHandlingMacro m | call = m.getAnInvocation() and name = m.getName() and - kind = "macro" + kind = "macro" and + // Exclude macro invocations expanded from other macro invocations from macros in fenv.h. + not call.(MacroInvocation).getParentInvocation().getMacro().getFile().getBaseName() = "fenv.h" ) ) select call, "Call to banned " + kind + " " + name + "." From f403fbd460e6f08b4a24628e919fc4b5d463c527 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Fri, 3 Mar 2023 10:48:25 +0000 Subject: [PATCH 0602/2573] RULE-21-11: Add compiler-specific expected results These queries report macro invocations for standard library macros which are defined with different argument names depending on the compiler. --- .../RULE-21-11/StandardHeaderFileTgmathhUsed.expected.clang | 5 +++++ .../RULE-21-11/StandardHeaderFileTgmathhUsed.expected.gcc | 5 +++++ 2 files changed, 10 insertions(+) create mode 100644 c/misra/test/rules/RULE-21-11/StandardHeaderFileTgmathhUsed.expected.clang create mode 100644 c/misra/test/rules/RULE-21-11/StandardHeaderFileTgmathhUsed.expected.gcc diff --git a/c/misra/test/rules/RULE-21-11/StandardHeaderFileTgmathhUsed.expected.clang b/c/misra/test/rules/RULE-21-11/StandardHeaderFileTgmathhUsed.expected.clang new file mode 100644 index 0000000000..42a740200a --- /dev/null +++ b/c/misra/test/rules/RULE-21-11/StandardHeaderFileTgmathhUsed.expected.clang @@ -0,0 +1,5 @@ +| test.c:5:3:5:9 | sqrt(__x) | Call to banned macro sqrt. | +| test.c:7:3:7:8 | sin(__x) | Call to banned macro sin. | +| test.c:10:21:10:28 | sqrt(__x) | Call to banned macro sqrt. | +| test.c:11:3:11:10 | creal(__x) | Call to banned macro creal. | +| test.c:12:3:12:10 | cimag(__x) | Call to banned macro cimag. | diff --git a/c/misra/test/rules/RULE-21-11/StandardHeaderFileTgmathhUsed.expected.gcc b/c/misra/test/rules/RULE-21-11/StandardHeaderFileTgmathhUsed.expected.gcc new file mode 100644 index 0000000000..db1d5718bd --- /dev/null +++ b/c/misra/test/rules/RULE-21-11/StandardHeaderFileTgmathhUsed.expected.gcc @@ -0,0 +1,5 @@ +| test.c:5:3:5:9 | sqrt(Val) | Call to banned macro sqrt. | +| test.c:7:3:7:8 | sin(Val) | Call to banned macro sin. | +| test.c:10:21:10:28 | sqrt(Val) | Call to banned macro sqrt. | +| test.c:11:3:11:10 | creal(Val) | Call to banned macro creal. | +| test.c:12:3:12:10 | cimag(Val) | Call to banned macro cimag. | From 64c845834de6efc32b27cf90ed01872f66622355 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Fri, 3 Mar 2023 10:50:51 +0000 Subject: [PATCH 0603/2573] RULE-21-4: Add compiler-specific expected results These queries report macro invocations for standard library macros which are defined with different argument names depending on the compiler. --- .../RULE-21-4/StandardHeaderFileUsedSetjmph.expected.clang | 2 ++ .../rules/RULE-21-4/StandardHeaderFileUsedSetjmph.expected.gcc | 2 ++ 2 files changed, 4 insertions(+) create mode 100644 c/misra/test/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.expected.clang create mode 100644 c/misra/test/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.expected.gcc diff --git a/c/misra/test/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.expected.clang b/c/misra/test/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.expected.clang new file mode 100644 index 0000000000..f171fe6b69 --- /dev/null +++ b/c/misra/test/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.expected.clang @@ -0,0 +1,2 @@ +| test.c:7:7:7:12 | setjmp(env) | Use of setjmp. | +| test.c:8:3:8:9 | call to longjmp | Use of longjmp. | diff --git a/c/misra/test/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.expected.gcc b/c/misra/test/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.expected.gcc new file mode 100644 index 0000000000..f171fe6b69 --- /dev/null +++ b/c/misra/test/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.expected.gcc @@ -0,0 +1,2 @@ +| test.c:7:7:7:12 | setjmp(env) | Use of setjmp. | +| test.c:8:3:8:9 | call to longjmp | Use of longjmp. | From e1e31f51ef207fd6fdf81512aa2d1f75bd6a5fd8 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Wed, 1 Mar 2023 10:50:35 +0100 Subject: [PATCH 0604/2573] Update MISRA RULE-8-4 test for changes in latest CodeQL --- .../rules/RULE-8-4/CompatibleDeclarationObjectDefined.expected | 1 - c/misra/test/rules/RULE-8-4/object1.c | 2 +- c/misra/test/rules/RULE-8-4/object2.c | 2 +- 3 files changed, 2 insertions(+), 3 deletions(-) diff --git a/c/misra/test/rules/RULE-8-4/CompatibleDeclarationObjectDefined.expected b/c/misra/test/rules/RULE-8-4/CompatibleDeclarationObjectDefined.expected index 6655c5d6f7..f8472b21e0 100644 --- a/c/misra/test/rules/RULE-8-4/CompatibleDeclarationObjectDefined.expected +++ b/c/misra/test/rules/RULE-8-4/CompatibleDeclarationObjectDefined.expected @@ -1,3 +1,2 @@ | object1.c:4:12:4:13 | definition of i1 | No separate compatible declaration found for this definition. | | object1.c:6:5:6:6 | definition of i2 | No separate compatible declaration found for this definition. | -| object2.c:1:7:1:8 | definition of i3 | No separate compatible declaration found for this definition. | diff --git a/c/misra/test/rules/RULE-8-4/object1.c b/c/misra/test/rules/RULE-8-4/object1.c index 3de20eabcc..bea41c7a20 100644 --- a/c/misra/test/rules/RULE-8-4/object1.c +++ b/c/misra/test/rules/RULE-8-4/object1.c @@ -5,6 +5,6 @@ extern int i1 = 0; // NON_COMPLIANT int i2 = 0; // NON_COMPLIANT -extern int i3; // NON_COMPLIANT +extern int i3; // NON_COMPLIANT - not detected as `short i3` exists extern int i4; // COMPLIANT \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-4/object2.c b/c/misra/test/rules/RULE-8-4/object2.c index 78c5bee421..eef1696918 100644 --- a/c/misra/test/rules/RULE-8-4/object2.c +++ b/c/misra/test/rules/RULE-8-4/object2.c @@ -1,3 +1,3 @@ -short i3 = 0; // NON_COMPLIANT +short i3 = 0; // NON_COMPLIANT - not detected as `extern int i3` exists signed int i4 = 0; // COMPLIANT \ No newline at end of file From 39f2079f139eb0f2d1c4a8561d72e5eefd890f56 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Fri, 3 Mar 2023 12:04:59 +0100 Subject: [PATCH 0605/2573] Format test case --- c/misra/test/rules/RULE-8-4/object1.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/misra/test/rules/RULE-8-4/object1.c b/c/misra/test/rules/RULE-8-4/object1.c index bea41c7a20..93441003ec 100644 --- a/c/misra/test/rules/RULE-8-4/object1.c +++ b/c/misra/test/rules/RULE-8-4/object1.c @@ -5,6 +5,6 @@ extern int i1 = 0; // NON_COMPLIANT int i2 = 0; // NON_COMPLIANT -extern int i3; // NON_COMPLIANT - not detected as `short i3` exists +extern int i3; // NON_COMPLIANT - not detected as `short i3` exists extern int i4; // COMPLIANT \ No newline at end of file From aa92cc2a5879e04235c44b3123fcd9c6d0334064 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Fri, 3 Mar 2023 11:05:54 +0000 Subject: [PATCH 0606/2573] RULE-21-4: Adjust locations for setjmp setjmp encompasses the arguments on real compilers, due to differences in how the macros are defined. --- .../RULE-21-4/StandardHeaderFileUsedSetjmph.expected.clang | 2 +- .../rules/RULE-21-4/StandardHeaderFileUsedSetjmph.expected.gcc | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/c/misra/test/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.expected.clang b/c/misra/test/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.expected.clang index f171fe6b69..9061834c4d 100644 --- a/c/misra/test/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.expected.clang +++ b/c/misra/test/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.expected.clang @@ -1,2 +1,2 @@ -| test.c:7:7:7:12 | setjmp(env) | Use of setjmp. | +| test.c:7:7:7:17 | setjmp(env) | Use of setjmp. | | test.c:8:3:8:9 | call to longjmp | Use of longjmp. | diff --git a/c/misra/test/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.expected.gcc b/c/misra/test/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.expected.gcc index f171fe6b69..9061834c4d 100644 --- a/c/misra/test/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.expected.gcc +++ b/c/misra/test/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.expected.gcc @@ -1,2 +1,2 @@ -| test.c:7:7:7:12 | setjmp(env) | Use of setjmp. | +| test.c:7:7:7:17 | setjmp(env) | Use of setjmp. | | test.c:8:3:8:9 | call to longjmp | Use of longjmp. | From 1c551ab03e3283e1d17ba41dd9f1eb64ff0734e3 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 3 Mar 2023 10:11:40 -0500 Subject: [PATCH 0607/2573] small enhancement to make rules that don't match not appear --- scripts/PSCodingStandards/Get-RuleForPath.ps1 | 33 +++++++++++++--- .../PSCodingStandards/Test-GetRuleForPath.ps1 | 39 +++++++++++++++++++ 2 files changed, 67 insertions(+), 5 deletions(-) create mode 100644 scripts/PSCodingStandards/Test-GetRuleForPath.ps1 diff --git a/scripts/PSCodingStandards/Get-RuleForPath.ps1 b/scripts/PSCodingStandards/Get-RuleForPath.ps1 index bcb056a1f8..575bb7d222 100644 --- a/scripts/PSCodingStandards/Get-RuleForPath.ps1 +++ b/scripts/PSCodingStandards/Get-RuleForPath.ps1 @@ -28,6 +28,9 @@ # is a substring of the path once the substitution `/src/` -> `/test/` is # applied +$global:ruleCacheC = $null; +$global:ruleCacheCPP = $null; +$global:enableRuleCache = $false function Get-RuleForPath { param([Parameter(Mandatory)] [string] @@ -41,9 +44,30 @@ function Get-RuleForPath { $allQueries = @() $queriesToCheck = @() - # load all the queries - foreach ($s in $AVAILABLE_SUITES) { - $allQueries += Get-RulesInSuite -Suite $s -Language $Language + if($global:enableRuleCache){ + # load all the queries + if($Language -eq 'cpp'){ + $ruleCache = $global:ruleCacheCPP + }else{ + $ruleCache = $global:ruleCacheC + } + } + + if(-not $ruleCache){ + + foreach ($s in $AVAILABLE_SUITES) { + $allQueries += Get-RulesInSuite -Suite $s -Language $Language + } + + if($global:enableRuleCache){ + if($Language -eq 'cpp'){ + $global:ruleCacheCPP = $allQueries + }else{ + $global:ruleCacheC = $allQueries + } + } + }else{ + $allQueries = $ruleCache } $modifiedPathWithReplacement = Join-Path (Resolve-Path . -Relative) $Path @@ -57,12 +81,11 @@ function Get-RuleForPath { # for each query, create the test directory foreach($q in $allQueries){ - # get test directory $testDirs = (Get-ATestDirectory -RuleObject $q -Language $Language) foreach($testDirectory in $testDirs){ # resolve path to be compatible - $testPath = Join-Path (Resolve-Path . -Relative) $testDirectory + $testPath = (Join-Path (Resolve-Path . -Relative) $testDirectory) + [IO.Path]::DirectorySeparatorChar # see if the TEST directory is a substring of the full path if($modifiedPath.StartsWith($testPath)){ diff --git a/scripts/PSCodingStandards/Test-GetRuleForPath.ps1 b/scripts/PSCodingStandards/Test-GetRuleForPath.ps1 new file mode 100644 index 0000000000..b3c78cc3dc --- /dev/null +++ b/scripts/PSCodingStandards/Test-GetRuleForPath.ps1 @@ -0,0 +1,39 @@ +function Test-GetRuleForPath { +param( + [Parameter(Mandatory)] + [string] + $PR +) + +$prData = (gh pr view -R github/codeql-coding-standards $PR --json headRefOid,headRepository,author,isCrossRepository,headRepositoryOwner,headRefName,files) | ConvertFrom-Json + +foreach($f in $prData.files){ + try { + Write-Host "[C] Scanning file for relationship $($f.path)..." + $rulesToTest = Get-RuleForPath -Language c -Path "$($f.path)" + + Write-Host "[C] Got $($rulesToTest.Count) potential C rules..." + + foreach($r in $rulesToTest){ + $ruleNames += $r.__memberof_rule + Write-Host "[C] Found rule $r " + } + }catch{ + Write-Host "No $Language rules found for path: $($f.path)" + } + + + try { + Write-Host "[CPP] Scanning file for relationship $($f.path)..." + $rulesToTest = Get-RuleForPath -Language cpp -Path "$($f.path)" + + Write-Host "[CPP] Got $($rulesToTest.Count) potential CPP rules..." + + foreach($r in $rulesToTest){ + Write-Host "[CPP] Found rule $r " + } + }catch{ + Write-Host "No CPP rules found for path: $($f.path)" + } +} +} \ No newline at end of file From 79d9b3a3227ddb47d33af0ea6714abd6b6e2e2dd Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 3 Mar 2023 10:39:59 -0500 Subject: [PATCH 0608/2573] probably better --- scripts/PSCodingStandards/Get-RuleForPath.ps1 | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/scripts/PSCodingStandards/Get-RuleForPath.ps1 b/scripts/PSCodingStandards/Get-RuleForPath.ps1 index 575bb7d222..63602c09af 100644 --- a/scripts/PSCodingStandards/Get-RuleForPath.ps1 +++ b/scripts/PSCodingStandards/Get-RuleForPath.ps1 @@ -85,15 +85,14 @@ function Get-RuleForPath { $testDirs = (Get-ATestDirectory -RuleObject $q -Language $Language) foreach($testDirectory in $testDirs){ # resolve path to be compatible - $testPath = (Join-Path (Resolve-Path . -Relative) $testDirectory) + [IO.Path]::DirectorySeparatorChar + $testPath = (Join-Path (Resolve-Path . -Relative) $testDirectory) - # see if the TEST directory is a substring of the full path - if($modifiedPath.StartsWith($testPath)){ + if((Split-Path $modifiedPath -Parent) -eq $testPath){ $matchingRules += $q continue } - if($modifiedPathWithReplacement.StartsWith($testPath)){ + if((Split-Path $modifiedPathWithReplacement -Parent) -eq $testPath){ $matchingRules += $q continue } From 0411421bb112013c40110851008a55da9033139d Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 3 Mar 2023 10:50:02 -0500 Subject: [PATCH 0609/2573] remove cache stuff --- scripts/PSCodingStandards/Get-RuleForPath.ps1 | 29 ++----------------- 1 file changed, 3 insertions(+), 26 deletions(-) diff --git a/scripts/PSCodingStandards/Get-RuleForPath.ps1 b/scripts/PSCodingStandards/Get-RuleForPath.ps1 index 63602c09af..34e927e854 100644 --- a/scripts/PSCodingStandards/Get-RuleForPath.ps1 +++ b/scripts/PSCodingStandards/Get-RuleForPath.ps1 @@ -28,9 +28,6 @@ # is a substring of the path once the substitution `/src/` -> `/test/` is # applied -$global:ruleCacheC = $null; -$global:ruleCacheCPP = $null; -$global:enableRuleCache = $false function Get-RuleForPath { param([Parameter(Mandatory)] [string] @@ -44,32 +41,12 @@ function Get-RuleForPath { $allQueries = @() $queriesToCheck = @() - if($global:enableRuleCache){ - # load all the queries - if($Language -eq 'cpp'){ - $ruleCache = $global:ruleCacheCPP - }else{ - $ruleCache = $global:ruleCacheC - } - } - if(-not $ruleCache){ - - foreach ($s in $AVAILABLE_SUITES) { - $allQueries += Get-RulesInSuite -Suite $s -Language $Language - } - - if($global:enableRuleCache){ - if($Language -eq 'cpp'){ - $global:ruleCacheCPP = $allQueries - }else{ - $global:ruleCacheC = $allQueries - } - } - }else{ - $allQueries = $ruleCache + foreach ($s in $AVAILABLE_SUITES) { + $allQueries += Get-RulesInSuite -Suite $s -Language $Language } + $modifiedPathWithReplacement = Join-Path (Resolve-Path . -Relative) $Path # replace "src" with "test" to make it match up $sep = [IO.Path]::DirectorySeparatorChar From 29208c9e087a6c2552650e941785a9c84ba78c1b Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 3 Mar 2023 11:07:32 -0500 Subject: [PATCH 0610/2573] fix compiler messages --- ...formFileOperationsOnDevices.expected.clang | 29 +++++++++++++++++++ ...erformFileOperationsOnDevices.expected.gcc | 29 +++++++++++++++++++ 2 files changed, 58 insertions(+) create mode 100644 c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected.clang create mode 100644 c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected.gcc diff --git a/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected.clang b/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected.clang new file mode 100644 index 0000000000..9eaacf30f4 --- /dev/null +++ b/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected.clang @@ -0,0 +1,29 @@ +WARNING: Module TaintedWithPath has been deprecated and may be removed in future (/mnt/c/Projects/codeql-coding-standards/c/cert/src/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.ql:19,8-23) +edges +| test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | (const char *)... | +| test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | file_name | +| test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | file_name indirection | +| test.c:20:15:20:23 | scanf output argument | test.c:21:8:21:16 | (const char *)... | +| test.c:20:15:20:23 | scanf output argument | test.c:21:8:21:16 | file_name | +| test.c:20:15:20:23 | scanf output argument | test.c:21:8:21:16 | file_name indirection | +| test.c:45:15:45:23 | file_name | test.c:46:29:46:37 | (LPCTSTR)... | +| test.c:45:15:45:23 | file_name | test.c:46:29:46:37 | file_name | +| test.c:45:15:45:23 | file_name | test.c:46:29:46:37 | file_name indirection | +| test.c:45:15:45:23 | scanf output argument | test.c:46:29:46:37 | (LPCTSTR)... | +| test.c:45:15:45:23 | scanf output argument | test.c:46:29:46:37 | file_name | +| test.c:45:15:45:23 | scanf output argument | test.c:46:29:46:37 | file_name indirection | +subpaths +nodes +| test.c:20:15:20:23 | file_name | semmle.label | file_name | +| test.c:20:15:20:23 | scanf output argument | semmle.label | scanf output argument | +| test.c:21:8:21:16 | (const char *)... | semmle.label | (const char *)... | +| test.c:21:8:21:16 | file_name | semmle.label | file_name | +| test.c:21:8:21:16 | file_name indirection | semmle.label | file_name indirection | +| test.c:45:15:45:23 | file_name | semmle.label | file_name | +| test.c:45:15:45:23 | scanf output argument | semmle.label | scanf output argument | +| test.c:46:29:46:37 | (LPCTSTR)... | semmle.label | (LPCTSTR)... | +| test.c:46:29:46:37 | file_name | semmle.label | file_name | +| test.c:46:29:46:37 | file_name indirection | semmle.label | file_name indirection | +#select +| test.c:21:8:21:16 | file_name | test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | file_name | This argument to a file access function is derived from $@ and then passed to func(file_name), which calls fopen(__filename) | test.c:20:15:20:23 | file_name | user input (scanf) | +| test.c:46:29:46:37 | file_name | test.c:45:15:45:23 | file_name | test.c:46:29:46:37 | file_name | This argument to a file access function is derived from $@ and then passed to CreateFile(lpFileName) | test.c:45:15:45:23 | file_name | user input (scanf) | diff --git a/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected.gcc b/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected.gcc new file mode 100644 index 0000000000..9eaacf30f4 --- /dev/null +++ b/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected.gcc @@ -0,0 +1,29 @@ +WARNING: Module TaintedWithPath has been deprecated and may be removed in future (/mnt/c/Projects/codeql-coding-standards/c/cert/src/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.ql:19,8-23) +edges +| test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | (const char *)... | +| test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | file_name | +| test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | file_name indirection | +| test.c:20:15:20:23 | scanf output argument | test.c:21:8:21:16 | (const char *)... | +| test.c:20:15:20:23 | scanf output argument | test.c:21:8:21:16 | file_name | +| test.c:20:15:20:23 | scanf output argument | test.c:21:8:21:16 | file_name indirection | +| test.c:45:15:45:23 | file_name | test.c:46:29:46:37 | (LPCTSTR)... | +| test.c:45:15:45:23 | file_name | test.c:46:29:46:37 | file_name | +| test.c:45:15:45:23 | file_name | test.c:46:29:46:37 | file_name indirection | +| test.c:45:15:45:23 | scanf output argument | test.c:46:29:46:37 | (LPCTSTR)... | +| test.c:45:15:45:23 | scanf output argument | test.c:46:29:46:37 | file_name | +| test.c:45:15:45:23 | scanf output argument | test.c:46:29:46:37 | file_name indirection | +subpaths +nodes +| test.c:20:15:20:23 | file_name | semmle.label | file_name | +| test.c:20:15:20:23 | scanf output argument | semmle.label | scanf output argument | +| test.c:21:8:21:16 | (const char *)... | semmle.label | (const char *)... | +| test.c:21:8:21:16 | file_name | semmle.label | file_name | +| test.c:21:8:21:16 | file_name indirection | semmle.label | file_name indirection | +| test.c:45:15:45:23 | file_name | semmle.label | file_name | +| test.c:45:15:45:23 | scanf output argument | semmle.label | scanf output argument | +| test.c:46:29:46:37 | (LPCTSTR)... | semmle.label | (LPCTSTR)... | +| test.c:46:29:46:37 | file_name | semmle.label | file_name | +| test.c:46:29:46:37 | file_name indirection | semmle.label | file_name indirection | +#select +| test.c:21:8:21:16 | file_name | test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | file_name | This argument to a file access function is derived from $@ and then passed to func(file_name), which calls fopen(__filename) | test.c:20:15:20:23 | file_name | user input (scanf) | +| test.c:46:29:46:37 | file_name | test.c:45:15:45:23 | file_name | test.c:46:29:46:37 | file_name | This argument to a file access function is derived from $@ and then passed to CreateFile(lpFileName) | test.c:45:15:45:23 | file_name | user input (scanf) | From 029a3821acf66543c35cd432fb47e11213d57271 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 3 Mar 2023 11:21:04 -0500 Subject: [PATCH 0611/2573] update codeql version -- fix check --- scripts/matrix_testing/CompileFixTool.ps1 | 2 +- scripts/matrix_testing/Config.ps1 | 2 +- scripts/matrix_testing/CreateMatrixTestReport.ps1 | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/scripts/matrix_testing/CompileFixTool.ps1 b/scripts/matrix_testing/CompileFixTool.ps1 index 1927e981c3..ba4cd2c146 100755 --- a/scripts/matrix_testing/CompileFixTool.ps1 +++ b/scripts/matrix_testing/CompileFixTool.ps1 @@ -37,7 +37,7 @@ Write-Host -ForegroundColor ([ConsoleColor]2) "OK" $CODEQL_VERSION = (codeql version --format json | ConvertFrom-Json).version Write-Host "Checking 'codeql' version = $REQUIRED_CODEQL_VERSION...." -NoNewline -if (-Not $CODEQL_VERSION -eq $REQUIRED_CODEQL_VERSION) { +if (-Not ($CODEQL_VERSION -eq $REQUIRED_CODEQL_VERSION)) { throw "Invalid CodeQL version $CODEQL_VERSION. Please install $REQUIRED_CODEQL_VERSION." } Write-Host -ForegroundColor ([ConsoleColor]2) "OK" diff --git a/scripts/matrix_testing/Config.ps1 b/scripts/matrix_testing/Config.ps1 index 05aad5dd61..27b03b29f6 100644 --- a/scripts/matrix_testing/Config.ps1 +++ b/scripts/matrix_testing/Config.ps1 @@ -27,7 +27,7 @@ $COMPILER_ARGS = @{ } -$REQUIRED_CODEQL_VERSION = "2.6.3" +$REQUIRED_CODEQL_VERSION = "2.9.4" $REPORT_QUERY = @" diff --git a/scripts/matrix_testing/CreateMatrixTestReport.ps1 b/scripts/matrix_testing/CreateMatrixTestReport.ps1 index 6928154d4d..f60889fa7a 100644 --- a/scripts/matrix_testing/CreateMatrixTestReport.ps1 +++ b/scripts/matrix_testing/CreateMatrixTestReport.ps1 @@ -262,7 +262,7 @@ Write-Host -ForegroundColor ([ConsoleColor]2) "OK" $CODEQL_VERSION = (codeql version --format json | ConvertFrom-Json).version Write-Host "Checking 'codeql' version = $REQUIRED_CODEQL_VERSION...." -NoNewline -if (-Not $CODEQL_VERSION -eq $REQUIRED_CODEQL_VERSION) { +if (-Not ($CODEQL_VERSION -eq $REQUIRED_CODEQL_VERSION)) { throw "Invalid CodeQL version $CODEQL_VERSION. Please install $REQUIRED_CODEQL_VERSION." } Write-Host -ForegroundColor ([ConsoleColor]2) "OK" From 876eda1da284759623b5ef3d3c57f26f488d1513 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 3 Mar 2023 11:32:19 -0500 Subject: [PATCH 0612/2573] fixes --- .../FIO32-C/DoNotPerformFileOperationsOnDevices.expected.clang | 2 -- .../FIO32-C/DoNotPerformFileOperationsOnDevices.expected.gcc | 2 -- 2 files changed, 4 deletions(-) diff --git a/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected.clang b/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected.clang index 9eaacf30f4..0e569b4d8a 100644 --- a/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected.clang +++ b/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected.clang @@ -1,5 +1,3 @@ -WARNING: Module TaintedWithPath has been deprecated and may be removed in future (/mnt/c/Projects/codeql-coding-standards/c/cert/src/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.ql:19,8-23) -edges | test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | (const char *)... | | test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | file_name | | test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | file_name indirection | diff --git a/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected.gcc b/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected.gcc index 9eaacf30f4..0e569b4d8a 100644 --- a/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected.gcc +++ b/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected.gcc @@ -1,5 +1,3 @@ -WARNING: Module TaintedWithPath has been deprecated and may be removed in future (/mnt/c/Projects/codeql-coding-standards/c/cert/src/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.ql:19,8-23) -edges | test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | (const char *)... | | test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | file_name | | test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | file_name indirection | From 87f737cf8d3c3e22d8b700d1fe397f195069490d Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 3 Mar 2023 11:49:33 -0500 Subject: [PATCH 0613/2573] fix --- ...NotPerformFileOperationsOnDevices.expected.clang | 13 +++++++++++++ ...DoNotPerformFileOperationsOnDevices.expected.gcc | 13 +++++++++++++ 2 files changed, 26 insertions(+) diff --git a/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected.clang b/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected.clang index 0e569b4d8a..d885a5b207 100644 --- a/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected.clang +++ b/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected.clang @@ -1,9 +1,16 @@ +edges +| test.c:20:15:20:23 | array to pointer conversion | test.c:21:8:21:16 | (const char *)... | +| test.c:20:15:20:23 | array to pointer conversion | test.c:21:8:21:16 | file_name | +| test.c:20:15:20:23 | array to pointer conversion | test.c:21:8:21:16 | file_name indirection | | test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | (const char *)... | | test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | file_name | | test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | file_name indirection | | test.c:20:15:20:23 | scanf output argument | test.c:21:8:21:16 | (const char *)... | | test.c:20:15:20:23 | scanf output argument | test.c:21:8:21:16 | file_name | | test.c:20:15:20:23 | scanf output argument | test.c:21:8:21:16 | file_name indirection | +| test.c:45:15:45:23 | array to pointer conversion | test.c:46:29:46:37 | (LPCTSTR)... | +| test.c:45:15:45:23 | array to pointer conversion | test.c:46:29:46:37 | file_name | +| test.c:45:15:45:23 | array to pointer conversion | test.c:46:29:46:37 | file_name indirection | | test.c:45:15:45:23 | file_name | test.c:46:29:46:37 | (LPCTSTR)... | | test.c:45:15:45:23 | file_name | test.c:46:29:46:37 | file_name | | test.c:45:15:45:23 | file_name | test.c:46:29:46:37 | file_name indirection | @@ -12,16 +19,22 @@ | test.c:45:15:45:23 | scanf output argument | test.c:46:29:46:37 | file_name indirection | subpaths nodes +| test.c:20:15:20:23 | array to pointer conversion | semmle.label | array to pointer conversion | | test.c:20:15:20:23 | file_name | semmle.label | file_name | | test.c:20:15:20:23 | scanf output argument | semmle.label | scanf output argument | | test.c:21:8:21:16 | (const char *)... | semmle.label | (const char *)... | +| test.c:21:8:21:16 | (const char *)... | semmle.label | (const char *)... | | test.c:21:8:21:16 | file_name | semmle.label | file_name | | test.c:21:8:21:16 | file_name indirection | semmle.label | file_name indirection | +| test.c:21:8:21:16 | file_name indirection | semmle.label | file_name indirection | +| test.c:45:15:45:23 | array to pointer conversion | semmle.label | array to pointer conversion | | test.c:45:15:45:23 | file_name | semmle.label | file_name | | test.c:45:15:45:23 | scanf output argument | semmle.label | scanf output argument | | test.c:46:29:46:37 | (LPCTSTR)... | semmle.label | (LPCTSTR)... | +| test.c:46:29:46:37 | (LPCTSTR)... | semmle.label | (LPCTSTR)... | | test.c:46:29:46:37 | file_name | semmle.label | file_name | | test.c:46:29:46:37 | file_name indirection | semmle.label | file_name indirection | +| test.c:46:29:46:37 | file_name indirection | semmle.label | file_name indirection | #select | test.c:21:8:21:16 | file_name | test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | file_name | This argument to a file access function is derived from $@ and then passed to func(file_name), which calls fopen(__filename) | test.c:20:15:20:23 | file_name | user input (scanf) | | test.c:46:29:46:37 | file_name | test.c:45:15:45:23 | file_name | test.c:46:29:46:37 | file_name | This argument to a file access function is derived from $@ and then passed to CreateFile(lpFileName) | test.c:45:15:45:23 | file_name | user input (scanf) | diff --git a/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected.gcc b/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected.gcc index 0e569b4d8a..d885a5b207 100644 --- a/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected.gcc +++ b/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected.gcc @@ -1,9 +1,16 @@ +edges +| test.c:20:15:20:23 | array to pointer conversion | test.c:21:8:21:16 | (const char *)... | +| test.c:20:15:20:23 | array to pointer conversion | test.c:21:8:21:16 | file_name | +| test.c:20:15:20:23 | array to pointer conversion | test.c:21:8:21:16 | file_name indirection | | test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | (const char *)... | | test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | file_name | | test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | file_name indirection | | test.c:20:15:20:23 | scanf output argument | test.c:21:8:21:16 | (const char *)... | | test.c:20:15:20:23 | scanf output argument | test.c:21:8:21:16 | file_name | | test.c:20:15:20:23 | scanf output argument | test.c:21:8:21:16 | file_name indirection | +| test.c:45:15:45:23 | array to pointer conversion | test.c:46:29:46:37 | (LPCTSTR)... | +| test.c:45:15:45:23 | array to pointer conversion | test.c:46:29:46:37 | file_name | +| test.c:45:15:45:23 | array to pointer conversion | test.c:46:29:46:37 | file_name indirection | | test.c:45:15:45:23 | file_name | test.c:46:29:46:37 | (LPCTSTR)... | | test.c:45:15:45:23 | file_name | test.c:46:29:46:37 | file_name | | test.c:45:15:45:23 | file_name | test.c:46:29:46:37 | file_name indirection | @@ -12,16 +19,22 @@ | test.c:45:15:45:23 | scanf output argument | test.c:46:29:46:37 | file_name indirection | subpaths nodes +| test.c:20:15:20:23 | array to pointer conversion | semmle.label | array to pointer conversion | | test.c:20:15:20:23 | file_name | semmle.label | file_name | | test.c:20:15:20:23 | scanf output argument | semmle.label | scanf output argument | | test.c:21:8:21:16 | (const char *)... | semmle.label | (const char *)... | +| test.c:21:8:21:16 | (const char *)... | semmle.label | (const char *)... | | test.c:21:8:21:16 | file_name | semmle.label | file_name | | test.c:21:8:21:16 | file_name indirection | semmle.label | file_name indirection | +| test.c:21:8:21:16 | file_name indirection | semmle.label | file_name indirection | +| test.c:45:15:45:23 | array to pointer conversion | semmle.label | array to pointer conversion | | test.c:45:15:45:23 | file_name | semmle.label | file_name | | test.c:45:15:45:23 | scanf output argument | semmle.label | scanf output argument | | test.c:46:29:46:37 | (LPCTSTR)... | semmle.label | (LPCTSTR)... | +| test.c:46:29:46:37 | (LPCTSTR)... | semmle.label | (LPCTSTR)... | | test.c:46:29:46:37 | file_name | semmle.label | file_name | | test.c:46:29:46:37 | file_name indirection | semmle.label | file_name indirection | +| test.c:46:29:46:37 | file_name indirection | semmle.label | file_name indirection | #select | test.c:21:8:21:16 | file_name | test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | file_name | This argument to a file access function is derived from $@ and then passed to func(file_name), which calls fopen(__filename) | test.c:20:15:20:23 | file_name | user input (scanf) | | test.c:46:29:46:37 | file_name | test.c:45:15:45:23 | file_name | test.c:46:29:46:37 | file_name | This argument to a file access function is derived from $@ and then passed to CreateFile(lpFileName) | test.c:45:15:45:23 | file_name | user input (scanf) | From 99bf138c086ce56c7ac5ad2aa4c335c0d65addce Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Fri, 3 Mar 2023 19:02:30 +0100 Subject: [PATCH 0614/2573] Replace `isDefined` by `hasDefinition` `isDefined` QLDoc marks the predicate as being deprecated and mentions that `hasDefinition` should be used instead. --- .../rules/A12-1-1/ExplicitConstructorBaseClassInitialization.ql | 2 +- .../A2-10-4/IdentifierNameOfStaticFunctionReusedInNamespace.ql | 2 +- cpp/autosar/src/rules/A3-1-1/ViolationsOfOneDefinitionRule.ql | 2 +- cpp/common/src/codingstandards/cpp/TrivialType.qll | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/cpp/autosar/src/rules/A12-1-1/ExplicitConstructorBaseClassInitialization.ql b/cpp/autosar/src/rules/A12-1-1/ExplicitConstructorBaseClassInitialization.ql index 33906535d3..e1aeec46a0 100644 --- a/cpp/autosar/src/rules/A12-1-1/ExplicitConstructorBaseClassInitialization.ql +++ b/cpp/autosar/src/rules/A12-1-1/ExplicitConstructorBaseClassInitialization.ql @@ -35,7 +35,7 @@ where not init.isCompilerGenerated() ) and // Must be a defined constructor - c.isDefined() and + c.hasDefinition() and // Not a compiler-generated constructor not c.isCompilerGenerated() and // Not a defaulted constructor diff --git a/cpp/autosar/src/rules/A2-10-4/IdentifierNameOfStaticFunctionReusedInNamespace.ql b/cpp/autosar/src/rules/A2-10-4/IdentifierNameOfStaticFunctionReusedInNamespace.ql index 8e61436d57..7a8a67c64e 100644 --- a/cpp/autosar/src/rules/A2-10-4/IdentifierNameOfStaticFunctionReusedInNamespace.ql +++ b/cpp/autosar/src/rules/A2-10-4/IdentifierNameOfStaticFunctionReusedInNamespace.ql @@ -17,7 +17,7 @@ import codingstandards.cpp.autosar class CandidateFunction extends Function { CandidateFunction() { - isDefined() and + hasDefinition() and isStatic() and not isMember() and not ( diff --git a/cpp/autosar/src/rules/A3-1-1/ViolationsOfOneDefinitionRule.ql b/cpp/autosar/src/rules/A3-1-1/ViolationsOfOneDefinitionRule.ql index 482b17ca3b..4beb91e8f4 100644 --- a/cpp/autosar/src/rules/A3-1-1/ViolationsOfOneDefinitionRule.ql +++ b/cpp/autosar/src/rules/A3-1-1/ViolationsOfOneDefinitionRule.ql @@ -65,7 +65,7 @@ where or //an non-const object defined in a header exists(GlobalOrNamespaceVariable object | - object.isDefined() and + object.hasDefinition() and not ( object.isConstexpr() or diff --git a/cpp/common/src/codingstandards/cpp/TrivialType.qll b/cpp/common/src/codingstandards/cpp/TrivialType.qll index bbbdea852d..96f09ccf81 100644 --- a/cpp/common/src/codingstandards/cpp/TrivialType.qll +++ b/cpp/common/src/codingstandards/cpp/TrivialType.qll @@ -48,7 +48,7 @@ predicate hasTrivialMoveConstructor(Class c) { forall(Class baseClass | baseClass = c.getABaseClass() | hasTrivialMoveConstructor(baseClass)) and // The class has to be defined, otherwise we may not see the information required to deduce // whether it does or does not have a trivial move constructor - c.isDefined() + c.hasDefinition() } /** A trivial copy or move constructor (see [class.copy]/12). */ From 0b242cb0a48bdab251d8d75f8ab8dd03f7986f76 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Fri, 3 Mar 2023 11:57:15 -0800 Subject: [PATCH 0615/2573] Add test.c for INT36-C --- c/cert/test/rules/INT36-C/test.c | 60 ++++++++++++++++++++++++++++++++ 1 file changed, 60 insertions(+) create mode 100644 c/cert/test/rules/INT36-C/test.c diff --git a/c/cert/test/rules/INT36-C/test.c b/c/cert/test/rules/INT36-C/test.c new file mode 100644 index 0000000000..c4c7487502 --- /dev/null +++ b/c/cert/test/rules/INT36-C/test.c @@ -0,0 +1,60 @@ +#include + +int main() { + /* Compliant declarations and assignments */ + int integer1 = 1; // COMPLIANT: declaring integer as integer + int integer2 = integer1; // COMPLIANT: declaring integer as integer + integer1 = + integer2; // COMPLIANT: assigning integer rvalue to integer variable + int *int_pointer1 = + &integer1; // COMPLIANT: declaring pointer variable as an address + int *int_pointer2 = int_pointer1; // COMPLIANT: declaring pointer variable as + // an address rvalue + int_pointer1 = + int_pointer2; // COMPLIANT: assigning pointer rvalue to a pointer variable + + /* Integer to pointer */ + int *int_pointer3 = 0x01abcdef; // NON_COMPLIANT: declaring pointer variable + // with raw hex integer + int_pointer3 = + 0x01abcdef; // NON_COMPLIANT: assigning raw hex to pointer variable + int *int_pointer4 = + integer1; // NON_COMPLIANT: declaring pointer variable with integer value + *int_pointer4 = + integer1 + + 1; // NON_COMPLIANT: assigning integer rvalue to pointer variable + int *integer_address5 = + (int *)0x01abcdef; // NON_COMPLIANT: casting raw hex to pointer type + int *integer_address6 = + (int *)integer1; // NON_COMPLIANT: casting integer value to pointer type + + /* Pointer to integer */ + int *integer_address7 = + &integer1; // COMPLIANT: declaring pointer variable as an address + int integer_address8 = &integer1; // NON_COMPLIANT: declaring integer + // variable with pointer type value + integer_address8 = &integer1; // NON_COMPLIANT: assigning pointer type rvalue + // to integer variable + int integer_address = + (int)&integer1; // NON_COMPLIANT: casting pointer value to integer type + + /* Exceptions that are COMPLIANT */ + int *null_pointer1 = + 0; // COMPLIANT: integer 0 converted to pointer becomes null pointer + int *null_pointer2 = (int *)0; // COMPLIANT: integer 0 is converted to pointer + // becomes null pointer + null_pointer2 = + 0; // COMPLIANT: integer 0 converted to pointer becomes null pointer + + void *void_pointer = &integer1; + intptr_t void_pointer_integer1 = + void_pointer; // COMPLIANT: void pointer can be converted to intptr_t + uintptr_t void_pointer_integer2 = + void_pointer; // COMPLIANT: void pointer can be converted to uintptr_t + void *void_pointer1 = (void *) + void_pointer_integer1; // COMPLIANT: intptr_t can be converted to void* + void *void_pointer2 = (void *) + void_pointer_integer2; // COMPLIANT: uintptr_t can be converted to void* + + return 0; +} \ No newline at end of file From 2c36364459f0e1d88ea6be704b054c6a6d3a8c68 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Fri, 3 Mar 2023 12:25:58 -0800 Subject: [PATCH 0616/2573] Implement INT36-C --- ...tingAPointerToIntegerOrIntegerToPointer.ql | 93 +++++++++++++++---- ...ointerToIntegerOrIntegerToPointer.expected | 12 ++- 2 files changed, 88 insertions(+), 17 deletions(-) diff --git a/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql b/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql index cd241557e1..6df573885b 100644 --- a/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql +++ b/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql @@ -13,26 +13,87 @@ import cpp import codingstandards.c.cert -/* 1. Declaring an integer variable to hold a pointer value */ -predicate integerVariableWithPointerValue(Variable var) { - var.getUnderlyingType() instanceof IntType and - var.getAnAssignedValue().getUnderlyingType() instanceof PointerType +class LiteralZero extends Literal { + LiteralZero() { this.getValue() = "0" } } -/* 2. Assigning an integer variable a pointer a pointer value */ -predicate assigningPointerValueToInteger(Assignment assign) { - assign.getLValue().getUnderlyingType() instanceof IntType and - assign.getRValue().getUnderlyingType() instanceof PointerType +class StdIntIntPtrType extends IntPointerType { + StdIntIntPtrType() { + this.getFile().(HeaderFile).getBaseName() = "stdint.h" and + this.getName().regexpMatch("u?intptr_t") + } } -/* 3. Casting a pointer value to integer */ -predicate castingPointerToInteger(Cast cast) { - cast.getExpr().getUnderlyingType() instanceof PointerType and - cast.getUnderlyingType() instanceof PointerType +/* 1. Declaring an integer variable to hold a pointer value or the opposite, excluding compliant exceptions */ +predicate integerVariableWithPointerValue(Variable var, string message) { + ( + // Declaring an integer variable to hold a pointer value + var.getUnderlyingType() instanceof IntType and + var.getAnAssignedValue().getUnderlyingType() instanceof PointerType and + message = + "Integer variable " + var + " is declared as an expression " + var.getAnAssignedValue() + + ", which is of a pointer type." + or + // Declaring an pointer variable to hold a integer value + var.getUnderlyingType() instanceof PointerType and + var.getAnAssignedValue().getUnderlyingType() instanceof IntType and + message = + "Pointer variable " + var + " is declared as an expression " + var.getAnAssignedValue() + + ", which is of integer type." + ) and + /* Compliant exception 1: literal 0 */ + not var.getAnAssignedValue() instanceof LiteralZero and + /* Compliant exception 2: variable's declared type is (u)intptr_t */ + not var.getUnderlyingType() instanceof StdIntIntPtrType } -from Variable x +/* 2. Assigning an integer variable a pointer a pointer value, excluding literal 0 */ +predicate assigningPointerValueToInteger(Assignment assign, string message) { + ( + assign.getLValue().getUnderlyingType() instanceof IntType and + assign.getRValue().getUnderlyingType() instanceof PointerType and + message = + "Integer variable " + assign.getLValue() + " is assigned an expression " + assign.getRValue() + + ", which is of a pointer type." + or + assign.getLValue().getUnderlyingType() instanceof PointerType and + assign.getRValue().getUnderlyingType() instanceof IntType and + message = + "Pointer variable " + assign.getLValue() + " is assigned an expression " + assign.getRValue() + + ", which is of integer type." + ) and + /* Compliant exception 1: literal 0 */ + not assign.getRValue() instanceof LiteralZero and + /* Compliant exception 2: variable's declared type is (u)intptr_t */ + not assign.getLValue().getUnderlyingType() instanceof StdIntIntPtrType +} + +/* 3. Casting a pointer value to integer, excluding literal 0 */ +predicate castingPointerToInteger(Cast cast, string message) { + not cast.isCompilerGenerated() and + ( + cast.getExpr().getUnderlyingType() instanceof IntType and + cast.getUnderlyingType() instanceof PointerType and + message = "Integer expression " + cast.getExpr() + " is cast to a pointer type." + or + cast.getExpr().getUnderlyingType() instanceof PointerType and + cast.getUnderlyingType() instanceof IntType and + message = "Pointer expression " + cast.getExpr() + " is cast to integer type." + ) and + /* Compliant exception 1: literal 0 */ + not cast.getExpr() instanceof LiteralZero and + /* Compliant exception 2: variable's declared type is (u)intptr_t */ + not cast.getUnderlyingType() instanceof StdIntIntPtrType +} + +from Element elem, string message where - not isExcluded(x, TypesPackage::convertingAPointerToIntegerOrIntegerToPointerQuery()) and - x.getType() instanceof PointerType -select x, x.getType().getAPrimaryQlClass() + not isExcluded(elem, TypesPackage::convertingAPointerToIntegerOrIntegerToPointerQuery()) and + ( + integerVariableWithPointerValue(elem, message) + or + assigningPointerValueToInteger(elem, message) + or + castingPointerToInteger(elem, message) + ) +select elem, message diff --git a/c/cert/test/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.expected b/c/cert/test/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.expected index 2ec1a0ac6c..fc119af0b2 100644 --- a/c/cert/test/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.expected +++ b/c/cert/test/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.expected @@ -1 +1,11 @@ -No expected results have yet been specified \ No newline at end of file +| test.c:17:8:17:19 | int_pointer3 | Pointer variable int_pointer3 is declared as an expression 28036591, which is of integer type. | +| test.c:19:3:20:16 | ... = ... | Pointer variable int_pointer3 is assigned an expression 28036591, which is of integer type. | +| test.c:21:8:21:19 | int_pointer4 | Pointer variable int_pointer4 is declared as an expression integer1, which is of integer type. | +| test.c:26:8:26:23 | integer_address5 | Pointer variable integer_address5 is declared as an expression 28036591, which is of integer type. | +| test.c:27:7:27:23 | (int *)... | Integer expression 28036591 is cast to a pointer type. | +| test.c:28:8:28:23 | integer_address6 | Pointer variable integer_address6 is declared as an expression integer1, which is of integer type. | +| test.c:29:7:29:21 | (int *)... | Integer expression integer1 is cast to a pointer type. | +| test.c:34:7:34:22 | integer_address8 | Integer variable integer_address8 is declared as an expression & ..., which is of a pointer type. | +| test.c:36:3:36:30 | ... = ... | Integer variable integer_address8 is assigned an expression & ..., which is of a pointer type. | +| test.c:38:7:38:21 | integer_address | Integer variable integer_address is declared as an expression & ..., which is of a pointer type. | +| test.c:39:7:39:20 | (int)... | Pointer expression & ... is cast to integer type. | From 20bc3ab771999f595871e05093b4617273f09baa Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Fri, 3 Mar 2023 12:43:48 -0800 Subject: [PATCH 0617/2573] Some minor comment adjustments --- ...ftedbyNegativeOrGreaterPrecisionOperand.ql | 12 +++- .../StringLiteralAssignedToNonConstChar.ql | 61 ++++++------------- 2 files changed, 27 insertions(+), 46 deletions(-) diff --git a/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql b/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql index c59665a48b..1eb6459628 100644 --- a/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql +++ b/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql @@ -13,7 +13,11 @@ import cpp import codingstandards.c.cert -/* Precision predicate based on a sample implementaion from https://wiki.sei.cmu.edu/confluence/display/c/INT35-C.+Use+correct+integer+precisions */ +/* + * Precision predicate based on a sample implementaion from + * https://wiki.sei.cmu.edu/confluence/display/c/INT35-C.+Use+correct+integer+precisions + */ + int getPrecision(BuiltInType type) { type.(CharType).isExplicitlyUnsigned() and result = 8 or @@ -36,6 +40,7 @@ int getPrecision(BuiltInType type) { type instanceof LongLongType and not type.(LongLongType).isExplicitlyUnsigned() and result = 63 } +/* The -1 number literal. */ class MinusNumberLiteral extends UnaryMinusExpr { MinusNumberLiteral() { this.getOperand() instanceof Literal } @@ -45,17 +50,18 @@ class MinusNumberLiteral extends UnaryMinusExpr { class ForbiddenShiftExpr extends BinaryBitwiseOperation { ForbiddenShiftExpr() { ( - /* Precision mismatch between operands */ + /* First Case: Precision mismatch between operands */ getPrecision(this.(LShiftExpr).getLeftOperand().getUnderlyingType()) <= getPrecision(this.(LShiftExpr).getRightOperand().getUnderlyingType()) or getPrecision(this.(RShiftExpr).getLeftOperand().getUnderlyingType()) <= getPrecision(this.(RShiftExpr).getRightOperand().getUnderlyingType()) or - /* Shifting by a negative number literal */ + /* Second Case: Shifting by a negative number literal */ this.(LShiftExpr).getRightOperand() instanceof MinusNumberLiteral or this.(RShiftExpr).getRightOperand() instanceof MinusNumberLiteral ) } + /* Second Case: Shifting by a negative number literal */ predicate hasNegativeOperand() { this.(LShiftExpr).getRightOperand() instanceof MinusNumberLiteral or this.(RShiftExpr).getRightOperand() instanceof MinusNumberLiteral diff --git a/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql b/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql index 73d91df642..e1a8c39fde 100644 --- a/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql +++ b/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql @@ -21,80 +21,55 @@ class NonConstCharStarType extends Type { } /* A non-const-char* variable declared with a string literal */ -predicate declaringNonConstCharVar(Variable decl) { +predicate declaringNonConstCharVar(Variable decl, string message) { not decl instanceof Parameter and // exclude parameters /* It should be declaring a char* type variable */ decl.getUnspecifiedType() instanceof CharPointerType and not decl.getUnderlyingType().isDeeplyConstBelow() and /* But it's declared to hold a string literal. */ - decl.getInitializer().getExpr() instanceof StringLiteral + decl.getInitializer().getExpr() instanceof StringLiteral and + message = "char* variable " + decl + " is declared with a string literal." } /* String literal being assigned to a non-const-char* variable */ -predicate assignmentToNonConstCharVar(Assignment assign) { +predicate assignmentToNonConstCharVar(Assignment assign, string message) { /* The variable being assigned is char* */ assign.getLValue().getUnderlyingType() instanceof NonConstCharStarType and /* But the rvalue is a string literal */ - exists(Expr rvalue | rvalue = assign.getRValue() | rvalue instanceof StringLiteral) + exists(Expr rvalue | rvalue = assign.getRValue() | rvalue instanceof StringLiteral) and + message = "char* variable " + assign.getLValue() + " is assigned a string literal. " } /* String literal being passed to a non-const-char* parameter */ -predicate assignmentToNonConstCharParam(FunctionCall call) { +predicate assignmentToNonConstCharParam(FunctionCall call, string message) { exists(int index | /* Param at index is a char* */ call.getTarget().getParameter(index).getUnderlyingType() instanceof NonConstCharStarType and /* But a string literal is passed */ call.getArgument(index) instanceof StringLiteral - ) + ) and + message = "char* parameter of " + call.getTarget() + " is passed a string literal." } /* String literal being returned by a non-const-char* function */ -predicate returningNonConstCharVar(ReturnStmt return) { +predicate returningNonConstCharVar(ReturnStmt return, string message) { /* The function is declared to return a char* */ return.getEnclosingFunction().getType().resolveTypedefs() instanceof NonConstCharStarType and /* But in reality it returns a string literal */ - return.getExpr() instanceof StringLiteral + return.getExpr() instanceof StringLiteral and + message = "char* function " + return.getEnclosingFunction() + " is returning a string literal." } -// newtype TProblematicElem = -// TVar(Variable decl) or -// TAssign(Assignment assign) or -// TFunCall(FunctionCall call) or -// TReturnStmt(ReturnStmt return) -// class ProblematicElem extends TProblematicElem { -// Variable getVariable() { this = TVar(result) } -// Assignment getAssign() { this = TAssign(result) } -// FunctionCall getFunCall() { this = TFunCall(result) } -// ReturnStmt getReturnStmt() { this = TReturnStmt(result) } -// override string toString() { -// this instanceof TVar and result = this.getVariable().toString() -// or -// this instanceof TAssign and result = this.getAssign().toString() -// or -// this instanceof TFunCall and result = this.getFunCall().toString() -// or -// this instanceof TReturnStmt and result = this.getReturnStmt().toString() -// } -// } -// class ProblematicElem = Variable or Assignment or FunctionCall or ReturnStmt; -// ^ Nope! -from Variable decl, Assignment assign, FunctionCall call, ReturnStmt return, string message +from Element elem, string message where - not isExcluded(decl, TypesPackage::stringLiteralAssignedToNonConstCharQuery()) and - not isExcluded(assign, TypesPackage::stringLiteralAssignedToNonConstCharQuery()) and - not isExcluded(call, TypesPackage::stringLiteralAssignedToNonConstCharQuery()) and - not isExcluded(return, TypesPackage::stringLiteralAssignedToNonConstCharQuery()) and + not isExcluded(elem, TypesPackage::stringLiteralAssignedToNonConstCharQuery()) and ( - declaringNonConstCharVar(decl) and - message = "char* variable " + decl + " is declared with a string literal." + declaringNonConstCharVar(elem, message) or - assignmentToNonConstCharVar(assign) and - message = "char* variable " + assign.getLValue() + " is assigned a string literal. " + assignmentToNonConstCharVar(elem, message) or - assignmentToNonConstCharParam(call) and - message = "char* parameter of " + call.getTarget() + " is passed a string literal." + assignmentToNonConstCharParam(elem, message) or - returningNonConstCharVar(return) and - message = "char* function " + return.getEnclosingFunction() + " is returning a string literal." + returningNonConstCharVar(elem, message) ) select message From 887c215e48e5a5db96cda33358c29083c4beab7c Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Fri, 3 Mar 2023 12:52:52 -0800 Subject: [PATCH 0618/2573] Add missing help query help file for INT36-c --- ...tingAPointerToIntegerOrIntegerToPointer.md | 202 +++++++++++++++++- 1 file changed, 200 insertions(+), 2 deletions(-) diff --git a/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.md b/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.md index f2fd9caa6e..1b4662ab74 100644 --- a/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.md +++ b/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.md @@ -5,9 +5,207 @@ This query implements the CERT-C rule INT36-C: > Converting a pointer to integer or integer to pointer -## CERT +## Description + +Although programmers often use integers and pointers interchangeably in C, pointer-to-integer and integer-to-pointer conversions are [implementation-defined](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation-definedbehavior). + +Conversions between integers and pointers can have undesired consequences depending on the [implementation](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation). According to the C Standard, subclause 6.3.2.3 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\], + +> An integer may be converted to any pointer type. Except as previously specified, the result is implementation-defined, might not be correctly aligned, might not point to an entity of the referenced type, and might be a trap representation. + + +> Any pointer type may be converted to an integer type. Except as previously specified, the result is implementation-defined. If the result cannot be represented in the integer type, the behavior is undefined. The result need not be in the range of values of any integer type. + + +Do not convert an integer type to a pointer type if the resulting pointer is incorrectly aligned, does not point to an entity of the referenced type, or is a [trap representation](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-traprepresentation). + +Do not convert a pointer type to an integer type if the result cannot be represented in the integer type. (See [undefined behavior 24](https://wiki.sei.cmu.edu/confluence/display/c/CC.+Undefined+Behavior#CC.UndefinedBehavior-ub_24).) + +The mapping between pointers and integers must be consistent with the addressing structure of the execution environment. Issues may arise, for example, on architectures that have a segmented memory model. + +## Noncompliant Code Example + +The size of a pointer can be greater than the size of an integer, such as in an implementation where pointers are 64 bits and unsigned integers are 32 bits. This code example is noncompliant on such implementations because the result of converting the 64-bit `ptr` cannot be represented in the 32-bit integer type: + +```cpp +void f(void) { + char *ptr; + /* ... */ + unsigned int number = (unsigned int)ptr; + /* ... */ +} + +``` + +## Compliant Solution + +Any valid pointer to `void` can be converted to `intptr_t` or `uintptr_t` and back with no change in value. (See **INT36-EX2**.) The C Standard guarantees that a pointer to `void` may be converted to or from a pointer to any object type and back again and that the result must compare equal to the original pointer. Consequently, converting directly from a `char *` pointer to a `uintptr_t`, as in this compliant solution, is allowed on implementations that support the `uintptr_t` type. + +```cpp +#include + +void f(void) { + char *ptr; + /* ... */ + uintptr_t number = (uintptr_t)ptr; + /* ... */ +} + +``` + +## Noncompliant Code Example + +In this noncompliant code example, the pointer `ptr` is converted to an integer value. The high-order 9 bits of the number are used to hold a flag value, and the result is converted back into a pointer. This example is noncompliant on an implementation where pointers are 64 bits and unsigned integers are 32 bits because the result of converting the 64-bit `ptr` cannot be represented in the 32-bit integer type. + +```cpp +void func(unsigned int flag) { + char *ptr; + /* ... */ + unsigned int number = (unsigned int)ptr; + number = (number & 0x7fffff) | (flag << 23); + ptr = (char *)number; +} + +``` +A similar scheme was used in early versions of Emacs, limiting its portability and preventing the ability to edit files larger than 8MB. + +## Compliant Solution + +This compliant solution uses a `struct` to provide storage for both the pointer and the flag value. This solution is portable to machines of different word sizes, both smaller and larger than 32 bits, working even when pointers cannot be represented in any integer type. + +```cpp +struct ptrflag { + char *pointer; + unsigned int flag : 9; +} ptrflag; + +void func(unsigned int flag) { + char *ptr; + /* ... */ + ptrflag.pointer = ptr; + ptrflag.flag = flag; +} + +``` + +## Noncompliant Code Example + +It is sometimes necessary to access memory at a specific location, requiring a literal integer to pointer conversion. In this noncompliant code, a pointer is set directly to an integer constant, where it is unknown whether the result will be as intended: + +```cpp +unsigned int *g(void) { + unsigned int *ptr = 0xdeadbeef; + /* ... */ + return ptr; +} +``` +The result of this assignment is [implementation-defined](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation-definedbehavior), might not be correctly aligned, might not point to an entity of the referenced type, and might be a [trap representation](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-traprepresentation). + +## Compliant Solution + +Unfortunately this code cannot be made safe while strictly conforming to ISO C. + +A particular platform (that is, hardware, operating system, compiler, and Standard C library) might guarantee that a memory address is correctly aligned for the pointer type, and actually contains a value for that type. A common practice is to use addresses that are known to point to hardware that provides valid values. + +## Exceptions + +**INT36-C-EX1:** The integer value 0 can be converted to a pointer; it becomes the null pointer. + +**INT36-C-EX2:** Any valid pointer to `void` can be converted to `intptr_t` or `uintptr_t` or their underlying types and back again with no change in value. Use of underlying types instead of `intptr_t` or `uintptr_t` is discouraged, however, because it limits portability. + +```cpp +#include +#include + +void h(void) { + intptr_t i = (intptr_t)(void *)&i; + uintptr_t j = (uintptr_t)(void *)&j; + + void *ip = (void *)i; + void *jp = (void *)j; + + assert(ip == &i); + assert(jp == &j); +} + +``` + +## Risk Assessment + +Converting from pointer to integer or vice versa results in code that is not portable and may create unexpected pointers to invalid memory locations. + +
Rule Severity Likelihood Remediation Cost Priority Level
INT36-C Low Probable High P2 L3
+ + +## Automated Detection + +
Tool Version Checker Description
Astrée 22.04 pointer-integral-cast pointer-integral-cast-implicit function-pointer-integer-cast function-pointer-integer-cast-implicit Fully checked
Axivion Bauhaus Suite 7.2.0 CertC-INT36 Fully implemented
Clang 3.9 -Wint-to-pointer-cast , -Wint-conversion Can detect some instances of this rule, but does not detect all
CodeSonar 7.2p0 LANG.CAST.PC.CONST2PTRLANG.CAST.PC.INT Conversion: integer constant to pointer Conversion: pointer/integer
Compass/ROSE
Coverity 2017.07 PW.POINTER_CONVERSION_LOSES_BITS Fully implemented
Helix QAC 2022.4 C0303, C0305, C0306, C0309, C0324, C0326, C0360, C0361, C0362 C++3040, C++3041, C++3042, C++3043, C++3044, C++3045, C++3046, C++3047, C++3048
Klocwork 2022.4 MISRA.CAST.OBJ_PTR_TO_INT.2012
LDRA tool suite 9.7.1 439 S, 440 S Fully implemented
Parasoft C/C++test 2022.2 CERT_C-INT36-b A conversion should not be performed between a pointer to object type and an integer type other than 'uintptr_t' or 'intptr_t'
PC-lint Plus 1.4 4287 Partially supported: reports casts from pointer types to smaller integer types which lose information
Polyspace Bug Finder R2022b CERT C: Rule INT36-C Checks for unsafe conversion between pointer and integer (rule partially covered)
PRQA QA-C 9.7 0303, 0305, 0306, 0309, 0324, 0326, 0360, 0361, 0362 Partially implemented
PRQA QA-C++ 4.4 3040, 3041, 3042, 3043, 3044, 3045, 3046, 3047, 3048
PVS-Studio 7.23 V527 , V528 , V542 , V566 , V601 , V647 , V1091
RuleChecker 22.04 pointer-integral-cast pointer-integral-cast-implicit function-pointer-integer-cast function-pointer-integer-cast-implicit Fully checked
SonarQube C/C++ Plugin 3.11 S1767 Partially implemented
+ + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+INT36-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
Taxonomy Taxonomy item Relationship
CERT C INT11-CPP. Take care when converting from pointer to integer or integer to pointer Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TR 24772:2013 Pointer Casting and Pointer Type Changes \[HFC\] Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TS 17961:2013 Converting a pointer to integer or integer to pointer \[intptrconv\] Prior to 2018-01-12: CERT: Unspecified Relationship
CWE 2.11 CWE-587 , Assignment of a Fixed Address to a Pointer 2017-07-07: CERT: Partial overlap
CWE 2.11 CWE-704 2017-06-14: CERT: Rule subset of CWE
CWE 2.11 CWE-758 2017-07-07: CERT: Rule subset of CWE
CWE 3.1 CWE-119 , Improper Restriction of Operations within the Bounds of a Memory Buffer 2018-10-19:CERT:None
CWE 3.1 CWE-466 , Return of Pointer Value Outside of Expected Range 2018-10-19:CERT:None
+ + +## CERT-CWE Mapping Notes + +[Key here](https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=87152408#HowthisCodingStandardisOrganized-CERT-CWEMappingNotes) for mapping notes + +**CWE-758 and INT36-C** + +Independent( INT34-C, INT36-C, MEM30-C, MSC37-C, FLP32-C, EXP33-C, EXP30-C, ERR34-C, ARR32-C) + +CWE-758 = Union( INT36-C, list) where list = + +* Undefined behavior that results from anything other than integer <-> pointer conversion +**CWE-704 and INT36-C** + +CWE-704 = Union( INT36-C, list) where list = + +* Incorrect (?) typecast that is not between integers and pointers +**CWE-587 and INT36-C** + +Intersection( CWE-587, INT36-C) = + +* Setting a pointer to an integer value that is ill-defined (trap representation, improperly aligned, mis-typed, etc) +CWE-587 – INT36-C = +* Setting a pointer to a valid integer value (eg points to an object of the correct t ype) +INT36-C – CWE-587 = +* Illegal pointer-to-integer conversion +Intersection(INT36-C,CWE-466) = ∅ + +Intersection(INT36-C,CWE-466) = ∅ + +An example explaining the above two equations follows: + +`static char x[3];` + +`char* foo() {` + +` int x_int = (int) x; // x_int = 999 eg` + +` return x_int + 5; // returns 1004 , violates CWE 466` + +`}` + +`...` + +`int y_int = foo(); // violates CWE-466` + +`char* y = (char*) y_int; // // well-defined but y may be invalid, violates INT36-C` + +`char c = *y; // indeterminate value, out-of-bounds read, violates CWE-119` + +## Bibliography + +
\[ ISO/IEC 9899:2011 \] 6.3.2.3, "Pointers"
-** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** ## Implementation notes From bb9530505ada05210bff438dbce58915bf0e9e3b Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 3 Mar 2023 16:50:44 -0500 Subject: [PATCH 0619/2573] missing test results --- .../DoNotCallFunctionsWithIncompatibleArguments.expected.clang | 3 +++ .../DoNotCallFunctionsWithIncompatibleArguments.expected.gcc | 3 +++ 2 files changed, 6 insertions(+) create mode 100644 c/cert/test/rules/EXP37-C/DoNotCallFunctionsWithIncompatibleArguments.expected.clang create mode 100644 c/cert/test/rules/EXP37-C/DoNotCallFunctionsWithIncompatibleArguments.expected.gcc diff --git a/c/cert/test/rules/EXP37-C/DoNotCallFunctionsWithIncompatibleArguments.expected.clang b/c/cert/test/rules/EXP37-C/DoNotCallFunctionsWithIncompatibleArguments.expected.clang new file mode 100644 index 0000000000..64026d92ea --- /dev/null +++ b/c/cert/test/rules/EXP37-C/DoNotCallFunctionsWithIncompatibleArguments.expected.clang @@ -0,0 +1,3 @@ +| test.c:83:12:83:16 | call to atan2 | Argument $@ in call to atan2 is incompatible with parameter double __y. | test.c:83:18:83:18 | c | c | +| test.c:93:3:93:12 | call to test_func1 | Argument $@ in call to test_func1 is incompatible with parameter short p1. | test.c:93:14:93:15 | p1 | p1 | +| test.c:94:3:94:12 | call to test_func1 | Argument $@ in call to test_func1 is incompatible with parameter short p1. | test.c:94:14:94:15 | p2 | p2 | diff --git a/c/cert/test/rules/EXP37-C/DoNotCallFunctionsWithIncompatibleArguments.expected.gcc b/c/cert/test/rules/EXP37-C/DoNotCallFunctionsWithIncompatibleArguments.expected.gcc new file mode 100644 index 0000000000..64026d92ea --- /dev/null +++ b/c/cert/test/rules/EXP37-C/DoNotCallFunctionsWithIncompatibleArguments.expected.gcc @@ -0,0 +1,3 @@ +| test.c:83:12:83:16 | call to atan2 | Argument $@ in call to atan2 is incompatible with parameter double __y. | test.c:83:18:83:18 | c | c | +| test.c:93:3:93:12 | call to test_func1 | Argument $@ in call to test_func1 is incompatible with parameter short p1. | test.c:93:14:93:15 | p1 | p1 | +| test.c:94:3:94:12 | call to test_func1 | Argument $@ in call to test_func1 is incompatible with parameter short p1. | test.c:94:14:94:15 | p2 | p2 | From c2ced98b7495d1e5d38e7e0eb20d6b793de38b82 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Fri, 3 Mar 2023 16:22:55 -0800 Subject: [PATCH 0620/2573] Update select clause for 7-4 --- .../src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql b/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql index e1a8c39fde..f7f859e0a7 100644 --- a/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql +++ b/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql @@ -72,4 +72,4 @@ where or returningNonConstCharVar(elem, message) ) -select message +select elem, message From 094f6a02cc0678eaaf5d691129bf570714d83012 Mon Sep 17 00:00:00 2001 From: s-samadi Date: Mon, 6 Mar 2023 17:26:18 +1100 Subject: [PATCH 0621/2573] added RULE-16-6 --- .../RULE-15-3/GotoLabelBlockCondition.ql | 2 +- .../RULE-16-6/SwitchClauseNumberCondition.ql | 16 ++++-- .../SwitchClauseNumberCondition.expected | 4 +- c/misra/test/rules/RULE-16-6/test.c | 49 +++++++++++++++++++ rule_packages/c/Statements2.json | 11 +++-- 5 files changed, 71 insertions(+), 11 deletions(-) create mode 100644 c/misra/test/rules/RULE-16-6/test.c diff --git a/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql b/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql index 7b941f3669..d0737e659e 100644 --- a/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql +++ b/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql @@ -1,6 +1,6 @@ /** * @id c/misra/goto-label-block-condition - * @name RULE-15-3: The goto statement and any of its label shall be declared or enclosed in the same block. + * @name RULE-15-3: The goto statement and any of its label shall be declared or enclosed in the same block. * @description Any label referenced by a goto statement shall be declared in the same block, or in * any block enclosing the goto statement * @kind problem diff --git a/c/misra/src/rules/RULE-16-6/SwitchClauseNumberCondition.ql b/c/misra/src/rules/RULE-16-6/SwitchClauseNumberCondition.ql index 6b2bc9278e..8ddb2e49b2 100644 --- a/c/misra/src/rules/RULE-16-6/SwitchClauseNumberCondition.ql +++ b/c/misra/src/rules/RULE-16-6/SwitchClauseNumberCondition.ql @@ -1,18 +1,24 @@ /** * @id c/misra/switch-clause-number-condition * @name RULE-16-6: Every switch statement shall have at least two switch-clauses - * @description + * @description Switch Statements with a single path are redundant and may cause programming errors. * @kind problem * @precision very-high - * @problem.severity error + * @problem.severity recommendation * @tags external/misra/id/rule-16-6 + * maintainability + * readability * external/misra/obligation/required */ import cpp import codingstandards.c.misra -from +from SwitchStmt switch where - not isExcluded(x, Statements2Package::switchClauseNumberConditionQuery()) and -select + not isExcluded(switch, Statements2Package::switchClauseNumberConditionQuery()) and + count(SwitchCase case | + switch.getASwitchCase() = case and + case.getNextSwitchCase() != case.getFollowingStmt() + ) + 1 < 2 +select switch, "$@ statement has a single path.", switch, "Switch" diff --git a/c/misra/test/rules/RULE-16-6/SwitchClauseNumberCondition.expected b/c/misra/test/rules/RULE-16-6/SwitchClauseNumberCondition.expected index 2ec1a0ac6c..112d0bdd96 100644 --- a/c/misra/test/rules/RULE-16-6/SwitchClauseNumberCondition.expected +++ b/c/misra/test/rules/RULE-16-6/SwitchClauseNumberCondition.expected @@ -1 +1,3 @@ -No expected results have yet been specified \ No newline at end of file +| test.c:3:3:6:3 | switch (...) ... | $@ statement has a single path. | test.c:3:3:6:3 | switch (...) ... | Switch | +| test.c:8:3:12:3 | switch (...) ... | $@ statement has a single path. | test.c:8:3:12:3 | switch (...) ... | Switch | +| test.c:14:3:19:3 | switch (...) ... | $@ statement has a single path. | test.c:14:3:19:3 | switch (...) ... | Switch | diff --git a/c/misra/test/rules/RULE-16-6/test.c b/c/misra/test/rules/RULE-16-6/test.c new file mode 100644 index 0000000000..38a1457a61 --- /dev/null +++ b/c/misra/test/rules/RULE-16-6/test.c @@ -0,0 +1,49 @@ +void f1(int p1) { + int i = 0; + switch (p1) { // NON_COMPLIANT + default: + break; + } + + switch (p1) { // NON_COMPLIANT + case 1: + default: + break; + } + + switch (p1) { // NON_COMPLIANT + case 1: + case 2: + default: + break; + } + + switch (p1) { // COMPLIANT + case 1: + i++; + default: + i = 1; + break; + } + + switch (p1) { // COMPLIANT + case 1: + i++; + case 2: + i = 2; + default: + i = 1; + break; + } + + switch (p1) { // COMPLIANT + case 1: + i++; + case 2: + i = 2; + case 3: + default: + i = 1; + break; + } +} diff --git a/rule_packages/c/Statements2.json b/rule_packages/c/Statements2.json index 6406a91441..4bb37e2743 100644 --- a/rule_packages/c/Statements2.json +++ b/rule_packages/c/Statements2.json @@ -67,13 +67,16 @@ }, "queries": [ { - "description": "", + "description": "Switch Statements with a single path are redundant and may cause programming errors.", "kind": "problem", "name": "Every switch statement shall have at least two switch-clauses", "precision": "very-high", - "severity": "error", + "severity": "recommendation", "short_name": "SwitchClauseNumberCondition", - "tags": [] + "tags": [ + "maintainability", + "readability" + ] } ], "title": "Every switch statement shall have at least two switch-clauses" @@ -96,4 +99,4 @@ "title": "A switch-expression shall not have essentially Boolean type" } } -} \ No newline at end of file +} From d815fbe7590511ea22b5c027548e4262df0cb085 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Mon, 6 Mar 2023 12:36:42 +0100 Subject: [PATCH 0622/2573] Do not use deprecated `getFullSignature` but use `getIdentityString` instead Note that both `getFullSignature` and `getIdentityString` are expensive to compute. It might be better to use a cheaper alternative here. --- change_notes/2023-03-06-A13-2-2-message.md | 2 ++ .../BinaryOperatorAndBitwiseOperatorReturnAPrvalue.ql | 3 ++- ...inaryOperatorAndBitwiseOperatorReturnAPrvalue.expected | 8 ++++---- 3 files changed, 8 insertions(+), 5 deletions(-) create mode 100644 change_notes/2023-03-06-A13-2-2-message.md diff --git a/change_notes/2023-03-06-A13-2-2-message.md b/change_notes/2023-03-06-A13-2-2-message.md new file mode 100644 index 0000000000..5af068a605 --- /dev/null +++ b/change_notes/2023-03-06-A13-2-2-message.md @@ -0,0 +1,2 @@ + - `A13-2-2` - `BinaryOperatorAndBitwiseOperatorReturnAPrvalue.ql` + - The formatting of the query output message has been changed and operators are now displayed starting with the return type instead of ending with it. diff --git a/cpp/autosar/src/rules/A13-2-2/BinaryOperatorAndBitwiseOperatorReturnAPrvalue.ql b/cpp/autosar/src/rules/A13-2-2/BinaryOperatorAndBitwiseOperatorReturnAPrvalue.ql index 8651118b49..c28047dcfb 100644 --- a/cpp/autosar/src/rules/A13-2-2/BinaryOperatorAndBitwiseOperatorReturnAPrvalue.ql +++ b/cpp/autosar/src/rules/A13-2-2/BinaryOperatorAndBitwiseOperatorReturnAPrvalue.ql @@ -17,6 +17,7 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.Operator +import semmle.code.cpp.Print from Operator o where @@ -30,5 +31,5 @@ where o.getType() instanceof ReferenceType ) select o, - "User-defined bitwise or arithmetic operator " + o.getFullSignature() + + "User-defined bitwise or arithmetic operator " + getIdentityString(o) + " does not return a prvalue." diff --git a/cpp/autosar/test/rules/A13-2-2/BinaryOperatorAndBitwiseOperatorReturnAPrvalue.expected b/cpp/autosar/test/rules/A13-2-2/BinaryOperatorAndBitwiseOperatorReturnAPrvalue.expected index 45d74bda6f..c8f1cc9204 100644 --- a/cpp/autosar/test/rules/A13-2-2/BinaryOperatorAndBitwiseOperatorReturnAPrvalue.expected +++ b/cpp/autosar/test/rules/A13-2-2/BinaryOperatorAndBitwiseOperatorReturnAPrvalue.expected @@ -1,4 +1,4 @@ -| test.cpp:16:9:16:17 | operator- | User-defined bitwise or arithmetic operator operator-(const A &, int) -> const A does not return a prvalue. | -| test.cpp:20:4:20:12 | operator\| | User-defined bitwise or arithmetic operator operator\|(const A &, const A &) -> A * does not return a prvalue. | -| test.cpp:24:9:24:18 | operator<< | User-defined bitwise or arithmetic operator operator<<(const A &, const A &) -> const A does not return a prvalue. | -| test.cpp:34:6:34:14 | operator+ | User-defined bitwise or arithmetic operator NS_C::operator+(const C &, const C &) -> int & does not return a prvalue. | +| test.cpp:16:9:16:17 | operator- | User-defined bitwise or arithmetic operator A const operator-(A const&, int) does not return a prvalue. | +| test.cpp:20:4:20:12 | operator\| | User-defined bitwise or arithmetic operator A* operator\|(A const&, A const&) does not return a prvalue. | +| test.cpp:24:9:24:18 | operator<< | User-defined bitwise or arithmetic operator A const operator<<(A const&, A const&) does not return a prvalue. | +| test.cpp:34:6:34:14 | operator+ | User-defined bitwise or arithmetic operator int& NS_C::operator+(C const&, C const&) does not return a prvalue. | From f40672939392ffa557d564a460d34285aba2a56c Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Mon, 6 Mar 2023 10:08:31 -0800 Subject: [PATCH 0623/2573] Add an additional check to INT36-C Additional clause to ensure `int` has different size from `PointerType` to avoid FP on some platforms --- .../INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql b/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql index 6df573885b..dff99d1889 100644 --- a/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql +++ b/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql @@ -95,5 +95,6 @@ where assigningPointerValueToInteger(elem, message) or castingPointerToInteger(elem, message) - ) + ) and + forall(IntType intType, PointerType ptrType | intType.getSize() != ptrType.getSize()) select elem, message From 2c1ea8270a307dd2f476b6f11c2bfe54ff8afde2 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Mon, 6 Mar 2023 10:19:27 -0800 Subject: [PATCH 0624/2573] Minor comment stuff --- .../INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql | 1 + 1 file changed, 1 insertion(+) diff --git a/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql b/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql index dff99d1889..2971c07770 100644 --- a/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql +++ b/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql @@ -96,5 +96,6 @@ where or castingPointerToInteger(elem, message) ) and + /* Ensure that `int` has different size than that of pointers */ forall(IntType intType, PointerType ptrType | intType.getSize() != ptrType.getSize()) select elem, message From f723712cacfe7dc35c848be4bf8cce8fcb30fa58 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 6 Mar 2023 19:48:12 +0100 Subject: [PATCH 0625/2573] Update test1a.cpp --- cpp/autosar/test/rules/A2-10-5/test1a.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A2-10-5/test1a.cpp b/cpp/autosar/test/rules/A2-10-5/test1a.cpp index d8e6634da7..80f63c3c69 100644 --- a/cpp/autosar/test/rules/A2-10-5/test1a.cpp +++ b/cpp/autosar/test/rules/A2-10-5/test1a.cpp @@ -1,5 +1,5 @@ namespace n1 { -static int g1 = 0; +static int g1 = 0; // NON_COMPLIANT } static int g2; // COMPLIANT From 1fd3b9c2b273801c5846533a061b8741ae5ffe0d Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 6 Mar 2023 19:51:22 +0100 Subject: [PATCH 0626/2573] Update object1.c --- c/misra/test/rules/RULE-8-4/object1.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/c/misra/test/rules/RULE-8-4/object1.c b/c/misra/test/rules/RULE-8-4/object1.c index 93441003ec..9b52cd85af 100644 --- a/c/misra/test/rules/RULE-8-4/object1.c +++ b/c/misra/test/rules/RULE-8-4/object1.c @@ -5,6 +5,6 @@ extern int i1 = 0; // NON_COMPLIANT int i2 = 0; // NON_COMPLIANT -extern int i3; // NON_COMPLIANT - not detected as `short i3` exists +extern int i3; // NON_COMPLIANT[FALSE_NEGATIVE] - not detected as `short i3` exists -extern int i4; // COMPLIANT \ No newline at end of file +extern int i4; // COMPLIANT From c43701f9d83f71553b6ab5cac3f4fe954544b9ad Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 6 Mar 2023 19:52:24 +0100 Subject: [PATCH 0627/2573] Update object2.c --- c/misra/test/rules/RULE-8-4/object2.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/c/misra/test/rules/RULE-8-4/object2.c b/c/misra/test/rules/RULE-8-4/object2.c index eef1696918..a308f7123b 100644 --- a/c/misra/test/rules/RULE-8-4/object2.c +++ b/c/misra/test/rules/RULE-8-4/object2.c @@ -1,3 +1,4 @@ -short i3 = 0; // NON_COMPLIANT - not detected as `extern int i3` exists +// not detected as `extern int i3` exists +short i3 = 0; // NON_COMPLIANT[FALSE_NEGATIVE] -signed int i4 = 0; // COMPLIANT \ No newline at end of file +signed int i4 = 0; // COMPLIANT From d82cafbf2654d6182ed16ec0057d046f0c98f26f Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 6 Mar 2023 19:53:09 +0100 Subject: [PATCH 0628/2573] Update object1.c --- c/misra/test/rules/RULE-8-4/object1.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/c/misra/test/rules/RULE-8-4/object1.c b/c/misra/test/rules/RULE-8-4/object1.c index 9b52cd85af..c37301e56f 100644 --- a/c/misra/test/rules/RULE-8-4/object1.c +++ b/c/misra/test/rules/RULE-8-4/object1.c @@ -5,6 +5,7 @@ extern int i1 = 0; // NON_COMPLIANT int i2 = 0; // NON_COMPLIANT -extern int i3; // NON_COMPLIANT[FALSE_NEGATIVE] - not detected as `short i3` exists +// not detected as `short i3` exists +extern int i3; // NON_COMPLIANT[FALSE_NEGATIVE] extern int i4; // COMPLIANT From 4f4dc37657549e59ea0476f5c2f6f2e55c5dd969 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 6 Mar 2023 20:11:47 +0100 Subject: [PATCH 0629/2573] Remove submodule codeql --- .gitmodules | 3 --- codeql_modules/codeql | 1 - 2 files changed, 4 deletions(-) delete mode 100644 .gitmodules delete mode 160000 codeql_modules/codeql diff --git a/.gitmodules b/.gitmodules deleted file mode 100644 index af8560fc44..0000000000 --- a/.gitmodules +++ /dev/null @@ -1,3 +0,0 @@ -[submodule "codeql"] - path = codeql_modules/codeql - url = https://github.com/github/codeql.git diff --git a/codeql_modules/codeql b/codeql_modules/codeql deleted file mode 160000 index 28fe7a7660..0000000000 --- a/codeql_modules/codeql +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 28fe7a76603ab7ef884ca35115b63104ecb699a7 From 4599a7354a9eb24592374af60c0cc3f320af175f Mon Sep 17 00:00:00 2001 From: Shadi Samadi Date: Tue, 7 Mar 2023 07:55:38 +1100 Subject: [PATCH 0630/2573] Added RULE-15-6 --- .../rules/RULE-15-6/LoopCompoundCondition.ql | 22 +++ .../RULE-15-6/SelectionCompoundCondition.ql | 22 +++ .../RULE-15-6/SwitchCompoundCondition.ql | 26 ++++ .../RULE-15-6/LoopCompoundCondition.expected | 4 + .../RULE-15-6/LoopCompoundCondition.qlref | 1 + .../SelectionCompoundCondition.expected | 4 + .../SelectionCompoundCondition.qlref | 1 + .../SwitchCompoundCondition.expected | 1 + .../RULE-15-6/SwitchCompoundCondition.qlref | 1 + c/misra/test/rules/RULE-15-6/test.c | 80 +++++++++++ .../codingstandards/cpp/SwitchStatement.qll | 24 ++++ .../cpp/exclusions/c/RuleMetadata.qll | 3 + .../cpp/exclusions/c/Statements3.qll | 129 ++++++++++++++++++ rule_packages/c/Statements3.json | 123 +++++++++++++++++ rules.csv | 10 +- 15 files changed, 446 insertions(+), 5 deletions(-) create mode 100644 c/misra/src/rules/RULE-15-6/LoopCompoundCondition.ql create mode 100644 c/misra/src/rules/RULE-15-6/SelectionCompoundCondition.ql create mode 100644 c/misra/src/rules/RULE-15-6/SwitchCompoundCondition.ql create mode 100644 c/misra/test/rules/RULE-15-6/LoopCompoundCondition.expected create mode 100644 c/misra/test/rules/RULE-15-6/LoopCompoundCondition.qlref create mode 100644 c/misra/test/rules/RULE-15-6/SelectionCompoundCondition.expected create mode 100644 c/misra/test/rules/RULE-15-6/SelectionCompoundCondition.qlref create mode 100644 c/misra/test/rules/RULE-15-6/SwitchCompoundCondition.expected create mode 100644 c/misra/test/rules/RULE-15-6/SwitchCompoundCondition.qlref create mode 100644 c/misra/test/rules/RULE-15-6/test.c create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/Statements3.qll create mode 100644 rule_packages/c/Statements3.json diff --git a/c/misra/src/rules/RULE-15-6/LoopCompoundCondition.ql b/c/misra/src/rules/RULE-15-6/LoopCompoundCondition.ql new file mode 100644 index 0000000000..c596cb2970 --- /dev/null +++ b/c/misra/src/rules/RULE-15-6/LoopCompoundCondition.ql @@ -0,0 +1,22 @@ +/** + * @id c/misra/loop-compound-condition + * @name RULE-15-6: the statement forming the body of a loop shall be a compound statement + * @description if the body of a loop is not enclosed in braces, then this can lead to incorrect + * execution, and is hard for developers to maintain. + * @kind problem + * @precision very-high + * @problem.severity recommendation + * @tags external/misra/id/rule-15-6 + * maintainability + * readability + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +from Loop loop +where + not isExcluded(loop, Statements3Package::loopCompoundConditionQuery()) and + not loop.getStmt() instanceof BlockStmt +select loop, "Loop body not enclosed within braces." diff --git a/c/misra/src/rules/RULE-15-6/SelectionCompoundCondition.ql b/c/misra/src/rules/RULE-15-6/SelectionCompoundCondition.ql new file mode 100644 index 0000000000..0c97b3ea5a --- /dev/null +++ b/c/misra/src/rules/RULE-15-6/SelectionCompoundCondition.ql @@ -0,0 +1,22 @@ +/** + * @id c/misra/selection-compound-condition + * @name RULE-15-6: the statement forming the body of a loop shall be a compound statement + * @description if the body of a selection statement is not enclosed in braces, then this can lead + * to incorrect execution, and is hard for developers to maintain. + * @kind problem + * @precision very-high + * @problem.severity recommendation + * @tags external/misra/id/rule-15-6 + * maintainability + * readability + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +from IfStmt ifStmt +where + not isExcluded(ifStmt, Statements3Package::selectionCompoundConditionQuery()) and + not ifStmt.getChildStmt() instanceof BlockStmt +select ifStmt, "If statement not enclosed within braces." diff --git a/c/misra/src/rules/RULE-15-6/SwitchCompoundCondition.ql b/c/misra/src/rules/RULE-15-6/SwitchCompoundCondition.ql new file mode 100644 index 0000000000..837bfb12c1 --- /dev/null +++ b/c/misra/src/rules/RULE-15-6/SwitchCompoundCondition.ql @@ -0,0 +1,26 @@ +/** + * @id c/misra/switch-compound-condition + * @name RULE-15-6: The statement forming the body of a switch shall be a compound statement + * @description If the body of a switch is not enclosed in braces, then this can lead to incorrect + * execution, and is hard for developers to maintain. + * @kind problem + * @precision very-high + * @problem.severity recommendation + * @tags external/misra/id/rule-15-6 + * maintainability + * readability + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.SwitchStatement + +from SwitchStmt switch +where + not isExcluded(switch, Statements3Package::switchCompoundConditionQuery()) and + ( + switch.getStmt() instanceof ArtificialBlock or + not switch.getStmt() instanceof BlockStmt + ) +select switch, "Switch body not enclosed within braces." diff --git a/c/misra/test/rules/RULE-15-6/LoopCompoundCondition.expected b/c/misra/test/rules/RULE-15-6/LoopCompoundCondition.expected new file mode 100644 index 0000000000..263fee14de --- /dev/null +++ b/c/misra/test/rules/RULE-15-6/LoopCompoundCondition.expected @@ -0,0 +1,4 @@ +| test.c:4:3:5:9 | while (...) ... | Loop body not enclosed within braces. | +| test.c:7:3:8:5 | while (...) ... | Loop body not enclosed within braces. | +| test.c:11:3:12:9 | for(...;...;...) ... | Loop body not enclosed within braces. | +| test.c:14:3:15:5 | while (...) ... | Loop body not enclosed within braces. | diff --git a/c/misra/test/rules/RULE-15-6/LoopCompoundCondition.qlref b/c/misra/test/rules/RULE-15-6/LoopCompoundCondition.qlref new file mode 100644 index 0000000000..8cd3c36d27 --- /dev/null +++ b/c/misra/test/rules/RULE-15-6/LoopCompoundCondition.qlref @@ -0,0 +1 @@ +rules/RULE-15-6/LoopCompoundCondition.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-15-6/SelectionCompoundCondition.expected b/c/misra/test/rules/RULE-15-6/SelectionCompoundCondition.expected new file mode 100644 index 0000000000..661d118a69 --- /dev/null +++ b/c/misra/test/rules/RULE-15-6/SelectionCompoundCondition.expected @@ -0,0 +1,4 @@ +| test.c:29:3:32:5 | if (...) ... | If statement not enclosed within braces. | +| test.c:34:3:41:7 | if (...) ... | If statement not enclosed within braces. | +| test.c:36:8:41:7 | if (...) ... | If statement not enclosed within braces. | +| test.c:37:5:41:7 | if (...) ... | If statement not enclosed within braces. | diff --git a/c/misra/test/rules/RULE-15-6/SelectionCompoundCondition.qlref b/c/misra/test/rules/RULE-15-6/SelectionCompoundCondition.qlref new file mode 100644 index 0000000000..b62fe0b2c8 --- /dev/null +++ b/c/misra/test/rules/RULE-15-6/SelectionCompoundCondition.qlref @@ -0,0 +1 @@ +rules/RULE-15-6/SelectionCompoundCondition.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-15-6/SwitchCompoundCondition.expected b/c/misra/test/rules/RULE-15-6/SwitchCompoundCondition.expected new file mode 100644 index 0000000000..eedc122cd6 --- /dev/null +++ b/c/misra/test/rules/RULE-15-6/SwitchCompoundCondition.expected @@ -0,0 +1 @@ +| test.c:75:3:79:5 | switch (...) ... | Switch body not enclosed within braces. | diff --git a/c/misra/test/rules/RULE-15-6/SwitchCompoundCondition.qlref b/c/misra/test/rules/RULE-15-6/SwitchCompoundCondition.qlref new file mode 100644 index 0000000000..c34e33fcbd --- /dev/null +++ b/c/misra/test/rules/RULE-15-6/SwitchCompoundCondition.qlref @@ -0,0 +1 @@ +rules/RULE-15-6/SwitchCompoundCondition.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-15-6/test.c b/c/misra/test/rules/RULE-15-6/test.c new file mode 100644 index 0000000000..e8ed064b32 --- /dev/null +++ b/c/misra/test/rules/RULE-15-6/test.c @@ -0,0 +1,80 @@ +void f1(); + +void f2(int p1) { + while (p1) // NON_COMPLIANT + f1(); + + while (p1) // NON_COMPLIANT + ; + f1(); + + for (int i = 0; i < p1; i++) // NON_COMPLIANT + f1(); + + while (p1) + ; + { // NON_COMPLIANT + ; + } + + while (p1) { // COMPLIANT + ; + } + for (int i = 0; i < p1; i++) { // COMPLIANT + ; + } +} + +void f3(int p1) { + if (p1) // NON_COMPLIANT + ; + else + ; + + if (p1) // NON_COMPLIANT + ; + else if (p1) // NON_COMPLIANT + if (p1) // NON_COMPLIANT + + if (p1) { // COMPLIANT + ; + } + + if (p1) { // COMPLIANT + ; + } else { // COMPLIANT + ; + } + + if (p1) { // COMPLIANT + ; + } else if (p1) { // COMPLIANT + ; + } else { // COMPLIANT + ; + } +} + +void f4(int p1) { + + switch (p1) { // COMPLIANT + case 0: + while (p1) { + ; + } + break; + case 1: + if (p1) { + ; + } + break; + default: + break; + } + + switch (p1) // NON_COMPLIANT + case 0: + while (p1) { + ; + } +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/SwitchStatement.qll b/cpp/common/src/codingstandards/cpp/SwitchStatement.qll index 1f055be570..7e6686b41a 100644 --- a/cpp/common/src/codingstandards/cpp/SwitchStatement.qll +++ b/cpp/common/src/codingstandards/cpp/SwitchStatement.qll @@ -4,6 +4,30 @@ import cpp +/** + * Class to differentiate between extractor generated blockstmt and actual blockstmt. The extractor + * will generate an artificial blockstmt when there is a single case and statement, e.g. + * ``` + * switch(x) + * case 1: + * f(); + * ``` + * This is because our AST model considers the `case` to be a statement in its own right, so the + * extractor needs an aritifical block to hold both the case and the statement. + */ +class ArtificialBlock extends BlockStmt { + ArtificialBlock() { + exists(Location block, Location firstStatement | + block = getLocation() and firstStatement = getStmt(0).getLocation() + | + // We can identify artificial blocks as those where the start of the statement is at the same + // location as the start of the first statement in the block i.e. there was no opening brace. + block.getStartLine() = firstStatement.getStartLine() and + block.getStartColumn() = firstStatement.getStartColumn() + ) + } +} + /* A `SwitchCase` that contains a 'SwitchCase' inside its body */ class NestedSwitchCase extends SwitchCase { NestedSwitchCase() { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index e480438be3..5d5e2b7189 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -44,6 +44,7 @@ import SideEffects1 import SideEffects2 import Statements1 import Statements2 +import Statements3 import Strings1 import Strings2 import Strings3 @@ -93,6 +94,7 @@ newtype TCQuery = TSideEffects2PackageQuery(SideEffects2Query q) or TStatements1PackageQuery(Statements1Query q) or TStatements2PackageQuery(Statements2Query q) or + TStatements3PackageQuery(Statements3Query q) or TStrings1PackageQuery(Strings1Query q) or TStrings2PackageQuery(Strings2Query q) or TStrings3PackageQuery(Strings3Query q) or @@ -142,6 +144,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isSideEffects2QueryMetadata(query, queryId, ruleId, category) or isStatements1QueryMetadata(query, queryId, ruleId, category) or isStatements2QueryMetadata(query, queryId, ruleId, category) or + isStatements3QueryMetadata(query, queryId, ruleId, category) or isStrings1QueryMetadata(query, queryId, ruleId, category) or isStrings2QueryMetadata(query, queryId, ruleId, category) or isStrings3QueryMetadata(query, queryId, ruleId, category) or diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Statements3.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Statements3.qll new file mode 100644 index 0000000000..25c1a82ea2 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Statements3.qll @@ -0,0 +1,129 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype Statements3Query = + TSwitchCompoundConditionQuery() or + TLoopCompoundConditionQuery() or + TSelectionCompoundConditionQuery() or + TIfElseEndConditionQuery() or + TSwitchCaseStartConditionQuery() or + TSwitchStmtNotWellFormedQuery() or + TRecursiveFunctionConditionQuery() + +predicate isStatements3QueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `switchCompoundCondition` query + Statements3Package::switchCompoundConditionQuery() and + queryId = + // `@id` for the `switchCompoundCondition` query + "c/misra/switch-compound-condition" and + ruleId = "RULE-15-6" and + category = "required" + or + query = + // `Query` instance for the `loopCompoundCondition` query + Statements3Package::loopCompoundConditionQuery() and + queryId = + // `@id` for the `loopCompoundCondition` query + "c/misra/loop-compound-condition" and + ruleId = "RULE-15-6" and + category = "required" + or + query = + // `Query` instance for the `selectionCompoundCondition` query + Statements3Package::selectionCompoundConditionQuery() and + queryId = + // `@id` for the `selectionCompoundCondition` query + "c/misra/selection-compound-condition" and + ruleId = "RULE-15-6" and + category = "required" + or + query = + // `Query` instance for the `ifElseEndCondition` query + Statements3Package::ifElseEndConditionQuery() and + queryId = + // `@id` for the `ifElseEndCondition` query + "c/misra/if-else-end-condition" and + ruleId = "RULE-15-7" and + category = "required" + or + query = + // `Query` instance for the `switchCaseStartCondition` query + Statements3Package::switchCaseStartConditionQuery() and + queryId = + // `@id` for the `switchCaseStartCondition` query + "c/misra/switch-case-start-condition" and + ruleId = "RULE-16-1" and + category = "required" + or + query = + // `Query` instance for the `switchStmtNotWellFormed` query + Statements3Package::switchStmtNotWellFormedQuery() and + queryId = + // `@id` for the `switchStmtNotWellFormed` query + "c/misra/switch-stmt-not-well-formed" and + ruleId = "RULE-16-1" and + category = "required" + or + query = + // `Query` instance for the `recursiveFunctionCondition` query + Statements3Package::recursiveFunctionConditionQuery() and + queryId = + // `@id` for the `recursiveFunctionCondition` query + "c/misra/recursive-function-condition" and + ruleId = "RULE-17-2" and + category = "required" +} + +module Statements3Package { + Query switchCompoundConditionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `switchCompoundCondition` query + TQueryC(TStatements3PackageQuery(TSwitchCompoundConditionQuery())) + } + + Query loopCompoundConditionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `loopCompoundCondition` query + TQueryC(TStatements3PackageQuery(TLoopCompoundConditionQuery())) + } + + Query selectionCompoundConditionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `selectionCompoundCondition` query + TQueryC(TStatements3PackageQuery(TSelectionCompoundConditionQuery())) + } + + Query ifElseEndConditionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `ifElseEndCondition` query + TQueryC(TStatements3PackageQuery(TIfElseEndConditionQuery())) + } + + Query switchCaseStartConditionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `switchCaseStartCondition` query + TQueryC(TStatements3PackageQuery(TSwitchCaseStartConditionQuery())) + } + + Query switchStmtNotWellFormedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `switchStmtNotWellFormed` query + TQueryC(TStatements3PackageQuery(TSwitchStmtNotWellFormedQuery())) + } + + Query recursiveFunctionConditionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `recursiveFunctionCondition` query + TQueryC(TStatements3PackageQuery(TRecursiveFunctionConditionQuery())) + } +} diff --git a/rule_packages/c/Statements3.json b/rule_packages/c/Statements3.json new file mode 100644 index 0000000000..d6259ba8a1 --- /dev/null +++ b/rule_packages/c/Statements3.json @@ -0,0 +1,123 @@ +{ + "MISRA-C-2012": { + "RULE-15-6": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "If the body of a switch is not enclosed in braces, then this can lead to incorrect execution, and is hard for developers to maintain.", + "kind": "problem", + "name": "The statement forming the body of a switch shall be a compound statement", + "precision": "very-high", + "severity": "recommendation", + "short_name": "SwitchCompoundCondition", + "tags": [ + "maintainability", + "readability" + ] + }, + { + "description": "if the body of a loop is not enclosed in braces, then this can lead to incorrect execution, and is hard for developers to maintain.", + "kind": "problem", + "name": "the statement forming the body of a loop shall be a compound statement", + "precision": "very-high", + "severity": "recommendation", + "short_name": "LoopCompoundCondition", + "tags": [ + "maintainability", + "readability" + ] + }, + { + "description": "if the body of a selection statement is not enclosed in braces, then this can lead to incorrect execution, and is hard for developers to maintain.", + "kind": "problem", + "name": "the statement forming the body of a loop shall be a compound statement", + "precision": "very-high", + "severity": "recommendation", + "short_name": "SelectionCompoundCondition", + "tags": [ + "maintainability", + "readability" + ] + } + ], + "title": "The body of an iteration-statement or a selection-statement shall be a compund-statement" + }, + "RULE-15-7": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Terminating an `if...else`construct is a defensive programming technique.", + "kind": "problem", + "name": "All if / else if constructs shall be terminated with an else statement", + "precision": "very-high", + "severity": "recommendation", + "shared_implementation_short_name": "IfElseTerminationConstruct", + "short_name": "IfElseEndCondition", + "tags": [ + "readability", + "maintainability" + ] + } + ], + "title": "All if / else if constructs shall be terminated with an else statement" + }, + "RULE-16-1": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "The switch statement syntax is weak and may lead to unspecified behaviour.", + "kind": "problem", + "name": "A well formed switch statement must start with a case clause", + "precision": "very-high", + "severity": "recommendation", + "shared_implementation_short_name": "SwitchCasePositionCondition", + "short_name": "SwitchCaseStartCondition", + "tags": [ + "maintainability", + "readability" + ] + }, + { + "description": "The switch statement syntax is weak and may lead to unspecified behaviour.", + "kind": "problem", + "name": "A well formed switch statement should only have expression, compound, selection, iteration or try statements within its body", + "precision": "very-high", + "severity": "recommendation", + "shared_implementation_short_name": "SwitchNotWellFormed", + "short_name": "SwitchStmtNotWellFormed", + "tags": [ + "maintainability", + "readability" + ] + } + ], + "title": "All switch statements shall be well-formed" + }, + "RULE-17-2": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Recursive function may cause memory and system failure issues.", + "kind": "problem", + "name": "Functions shall not call themselves, either directly or indirectly", + "precision": "very-high", + "severity": "error", + "short_name": "RecursiveFunctionCondition", + "tags": [ + "maintainability", + "correctness" + ] + } + ], + "title": "Functions shall not call themselves, either directly or indirectly" + } + } +} \ No newline at end of file diff --git a/rules.csv b/rules.csv index 4029401639..96da89354d 100644 --- a/rules.csv +++ b/rules.csv @@ -692,7 +692,7 @@ c,MISRA-C-2012,RULE-13-2,Yes,Required,,,The value of an expression and its persi c,MISRA-C-2012,RULE-13-3,Yes,Advisory,,,A full expression containing an increment (++) or decrement (--) operator should have no other potential side effects other than that caused by the increment or decrement operator,,SideEffects2,Medium, c,MISRA-C-2012,RULE-13-4,Yes,Advisory,,,The result of an assignment operator should not be used,M6-2-1,SideEffects1,Easy, c,MISRA-C-2012,RULE-13-5,Yes,Required,,,The right hand operand of a logical && or || operator shall not contain persistent side effects,M5-14-1,SideEffects1,Import, -c,MISRA-C-2012,RULE-13-6,Yes,Mandatory,,,The operand of the sizeof operator shall not contain any expression which has potential side effects,M5-3-4,SideEffects1,Import, +c,MISRA-C-2012,RULE-13-6,Yes,Mandatory,,,The operand of the sizeof operator shall not contain any expressiosn which has potential side effects,M5-3-4,SideEffects1,Import, c,MISRA-C-2012,RULE-14-1,Yes,Required,,,A loop counter shall not have essentially floating type,FLP30-C A6-5-2,Types,Hard, c,MISRA-C-2012,RULE-14-2,Yes,Required,,,A for loop shall be well-formed,M6-5-1...M6-5-6,Statements,Medium, c,MISRA-C-2012,RULE-14-3,Yes,Required,,,Controlling expressions shall not be invariant,,Statements,Medium, @@ -702,9 +702,9 @@ c,MISRA-C-2012,RULE-15-2,Yes,Required,,,The goto statement shall jump to a label c,MISRA-C-2012,RULE-15-3,Yes,Required,,,"Any label referenced by a goto statement shall be declared in the same block, or in any block enclosing the goto statement",M6-6-1,Statements2,Import, c,MISRA-C-2012,RULE-15-4,Yes,Advisory,,,There should be no more than one break or goto statement used to terminate any iteration statement,,Statements2,Medium, c,MISRA-C-2012,RULE-15-5,Yes,Advisory,,,A function should have a single point of exit at the end,,Statements,Medium, -c,MISRA-C-2012,RULE-15-6,Yes,Required,,,The body of an iteration-statement or a selection-statement shall be a compund-statement,M6-3-1,Statements,Import, -c,MISRA-C-2012,RULE-15-7,Yes,Required,,,All if / else if constructs shall be terminated with an else statement,M6-4-2,Statements,Import, -c,MISRA-C-2012,RULE-16-1,Yes,Required,,,All switch statements shall be well-formed,M6-4-3,Statements,Import, +c,MISRA-C-2012,RULE-15-6,Yes,Required,,,The body of an iteration-statement or a selection-statement shall be a compund-statement,M6-3-1,Statements3,Import, +c,MISRA-C-2012,RULE-15-7,Yes,Required,,,All if / else if constructs shall be terminated with an else statement,M6-4-2,Statements3,Import, +c,MISRA-C-2012,RULE-16-1,Yes,Required,,,All switch statements shall be well-formed,M6-4-3,Statements3,Import, c,MISRA-C-2012,RULE-16-2,Yes,Required,,,A switch label shall only be used when the most closely-enclosing compound statement is the body of a switch statement,M6-4-4,Statements1,Import, c,MISRA-C-2012,RULE-16-3,Yes,Required,,,An unconditional break statement shall terminate every switch-clause,M6-4-5,Statements1,Import, c,MISRA-C-2012,RULE-16-4,Yes,Required,,,Every switch statement shall have a default label,M6-4-6,Statements1,Easy, @@ -712,7 +712,7 @@ c,MISRA-C-2012,RULE-16-5,Yes,Required,,,A default label shall appear as either t c,MISRA-C-2012,RULE-16-6,Yes,Required,,,Every switch statement shall have at least two switch-clauses,A6-4-1,Statements2,Medium, c,MISRA-C-2012,RULE-16-7,Yes,Required,,,A switch-expression shall not have essentially Boolean type,M6-4-7,Statements2,Medium, c,MISRA-C-2012,RULE-17-1,Yes,Required,,,The features of shall not be used,,Banned,Easy, -c,MISRA-C-2012,RULE-17-2,Yes,Required,,,"Functions shall not call themselves, either directly or indirectly",A7-5-2,Statements,Import, +c,MISRA-C-2012,RULE-17-2,Yes,Required,,,"Functions shall not call themselves, either directly or indirectly",A7-5-2,Statements3,Import, c,MISRA-C-2012,RULE-17-3,Yes,Mandatory,,,A function shall not be declared implicitly,,Declarations6,Medium, c,MISRA-C-2012,RULE-17-4,Yes,Mandatory,,,All exit paths from a function with non-void return type shall have an explicit return statement with an expression,MSC52-CPP,Statements,Medium, c,MISRA-C-2012,RULE-17-5,Yes,Advisory,,,The function argument corresponding to a parameter declared to have an array type shall have an appropriate number of elements,,Contracts,Hard, From 3b86205f6b50cb667ae97a555e6b9c2bbb6d89e4 Mon Sep 17 00:00:00 2001 From: Shadi Samadi Date: Tue, 7 Mar 2023 07:58:08 +1100 Subject: [PATCH 0631/2573] RULE-15-3 WIP --- .../src/rules/RULE-15-3/GotoLabelBlockCondition.ql | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql b/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql index 7b941f3669..cfe5634688 100644 --- a/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql +++ b/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql @@ -15,6 +15,16 @@ import cpp import codingstandards.c.misra +int statementDepth(Stmt statement) { + statement.getParent() = statement.getEnclosingFunction().getBlock() and result = 1 + or + statementDepth(statement.getParent()) + 1 = result +} + +predicate test(GotoStmt goto, Stmt target, int m, int n) { + statementDepth(goto) = m and target = goto.getTarget() and statementDepth(target) = n +} + from GotoStmt goto where not isExcluded(goto, Statements2Package::gotoLabelBlockConditionQuery()) and @@ -33,5 +43,5 @@ where ) and goto.getTarget().getLocation().getStartLine() > switch.getLocation().getStartLine() ) -select goto, "The $@ statement and its $@ are not declared or enclosed in the same block.", goto, - "goto", goto.getTarget(), "label" +select goto, "The $@ statement and its $@ are not declared or enclosed in the same block. test", + goto, "goto", goto.getTarget(), "label" From a3f17fdb07d3d0a3204f310d85039582727f989e Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 6 Mar 2023 16:52:29 -0500 Subject: [PATCH 0632/2573] fix test cases --- .../WrapFunctionsThatCanFailSpuriouslyInLoop.expected | 8 ++++---- ...rapFunctionsThatCanFailSpuriouslyInLoop.expected.clang | 4 ++++ .../WrapFunctionsThatCanFailSpuriouslyInLoop.expected.gcc | 4 ++++ c/cert/test/rules/CON41-C/test.c | 6 ++++-- 4 files changed, 16 insertions(+), 6 deletions(-) create mode 100644 c/cert/test/rules/CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.expected.clang create mode 100644 c/cert/test/rules/CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.expected.gcc diff --git a/c/cert/test/rules/CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.expected b/c/cert/test/rules/CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.expected index e376acecbf..0c1e25cd00 100644 --- a/c/cert/test/rules/CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.expected +++ b/c/cert/test/rules/CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.expected @@ -1,4 +1,4 @@ -| test.c:5:8:5:46 | atomic_compare_exchange_weak(a,b,c) | Function that can spuriously fail not wrapped in a loop. | -| test.c:9:3:9:41 | atomic_compare_exchange_weak(a,b,c) | Function that can spuriously fail not wrapped in a loop. | -| test.c:11:8:12:47 | atomic_compare_exchange_weak_explicit(a,b,c,d,e) | Function that can spuriously fail not wrapped in a loop. | -| test.c:16:3:16:56 | atomic_compare_exchange_weak_explicit(a,b,c,d,e) | Function that can spuriously fail not wrapped in a loop. | +| test.c:6:8:6:46 | atomic_compare_exchange_weak(a,b,c) | Function that can spuriously fail not wrapped in a loop. | +| test.c:10:3:10:41 | atomic_compare_exchange_weak(a,b,c) | Function that can spuriously fail not wrapped in a loop. | +| test.c:12:8:13:47 | atomic_compare_exchange_weak_explicit(a,b,c,d,e) | Function that can spuriously fail not wrapped in a loop. | +| test.c:17:3:17:56 | atomic_compare_exchange_weak_explicit(a,b,c,d,e) | Function that can spuriously fail not wrapped in a loop. | diff --git a/c/cert/test/rules/CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.expected.clang b/c/cert/test/rules/CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.expected.clang new file mode 100644 index 0000000000..b1c224173e --- /dev/null +++ b/c/cert/test/rules/CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.expected.clang @@ -0,0 +1,4 @@ +| test.c:6:8:6:46 | atomic_compare_exchange_weak(object,expected,desired) | Function that can spuriously fail not wrapped in a loop. | +| test.c:10:3:10:41 | atomic_compare_exchange_weak(object,expected,desired) | Function that can spuriously fail not wrapped in a loop. | +| test.c:12:8:12:44 | atomic_compare_exchange_weak_explicit | Function that can spuriously fail not wrapped in a loop. | +| test.c:17:3:17:39 | atomic_compare_exchange_weak_explicit | Function that can spuriously fail not wrapped in a loop. | diff --git a/c/cert/test/rules/CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.expected.gcc b/c/cert/test/rules/CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.expected.gcc new file mode 100644 index 0000000000..56c78a0189 --- /dev/null +++ b/c/cert/test/rules/CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.expected.gcc @@ -0,0 +1,4 @@ +| test.c:6:8:6:46 | atomic_compare_exchange_weak(PTR,VAL,DES) | Function that can spuriously fail not wrapped in a loop. | +| test.c:10:3:10:41 | atomic_compare_exchange_weak(PTR,VAL,DES) | Function that can spuriously fail not wrapped in a loop. | +| test.c:12:8:13:47 | atomic_compare_exchange_weak_explicit(PTR,VAL,DES,SUC,FAIL) | Function that can spuriously fail not wrapped in a loop. | +| test.c:17:3:17:56 | atomic_compare_exchange_weak_explicit(PTR,VAL,DES,SUC,FAIL) | Function that can spuriously fail not wrapped in a loop. | diff --git a/c/cert/test/rules/CON41-C/test.c b/c/cert/test/rules/CON41-C/test.c index 58cb4d0c18..960fc00bfb 100644 --- a/c/cert/test/rules/CON41-C/test.c +++ b/c/cert/test/rules/CON41-C/test.c @@ -1,7 +1,8 @@ #include "stdatomic.h" void f1() { - int a, b, c; + _Atomic int a; + int b, c; if (!atomic_compare_exchange_weak(&a, &b, c)) { // NON_COMPLIANT (void)0; /* no-op */ } @@ -17,7 +18,8 @@ void f1() { } void f2() { - int a, b, c; + _Atomic int a; + int b, c; while (1 == 1) { if (!atomic_compare_exchange_weak(&a, &b, c)) { // COMPLIANT (void)0; /* no-op */ From 5a130002226be61a41162f466bd1d83f0f0b4bfd Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Mon, 6 Mar 2023 21:52:49 +0000 Subject: [PATCH 0633/2573] A5-2-2: Exclude results in uninstantiated templates, explain limitations (#160) * A5-2-2: Clarify c-style casts scope, exclude templates Clarify what `CStyleCast` does and does not cover by adding a comment, expanding the test case and providing an implementation scope. In addition, exclude casts on template parameters to avoid unnecessary false positives. * A5-2-2: Exclude uninstantiated templates Any cast in an uninstantiated template that is related to the template parameter may be converted to a `ConstructorCall` when the template is instantiated. To avoid the common false positive case where the functional cast notation is used to call a constructor, we exclude all results in uninstantiated templates and instead rely on reporting results in template instantiations instead. --------- Co-authored-by: Mauro Baluda --- ...3-01-09-cstylecasts-template-parameters.md | 2 + .../A5-2-2/TraditionalCStyleCastsUsed.ql | 32 ++++++++ .../TraditionalCStyleCastsUsed.expected | 2 + cpp/autosar/test/rules/A5-2-2/options.clang | 1 + cpp/autosar/test/rules/A5-2-2/options.gcc | 1 + cpp/autosar/test/rules/A5-2-2/test.cpp | 75 ++++++++++++++++++- rule_packages/cpp/BannedSyntax.json | 9 ++- 7 files changed, 119 insertions(+), 3 deletions(-) create mode 100644 change_notes/2023-01-09-cstylecasts-template-parameters.md create mode 100644 cpp/autosar/test/rules/A5-2-2/options.clang create mode 100644 cpp/autosar/test/rules/A5-2-2/options.gcc diff --git a/change_notes/2023-01-09-cstylecasts-template-parameters.md b/change_notes/2023-01-09-cstylecasts-template-parameters.md new file mode 100644 index 0000000000..610c4b01fe --- /dev/null +++ b/change_notes/2023-01-09-cstylecasts-template-parameters.md @@ -0,0 +1,2 @@ + - `A5-2-2` + - `CStyleCasts.ql` - exclude template parameters to avoid false positives when using the "functional notation" syntax. In addition, provide a greater explanation on limitations of this query. diff --git a/cpp/autosar/src/rules/A5-2-2/TraditionalCStyleCastsUsed.ql b/cpp/autosar/src/rules/A5-2-2/TraditionalCStyleCastsUsed.ql index e7f6e96eb5..c769339d65 100644 --- a/cpp/autosar/src/rules/A5-2-2/TraditionalCStyleCastsUsed.ql +++ b/cpp/autosar/src/rules/A5-2-2/TraditionalCStyleCastsUsed.ql @@ -44,11 +44,43 @@ class LibraryMacro extends Macro { LibraryMacro() { not this instanceof UserProvidedMacro } } +/* + * In theory this query should exclude casts using the "functional notation" syntax, e.g. + * ``` + * int(x); + * ``` + * This is because this is not a C-style cast, as it is not legitimate C code. However, our database + * schema does not distinguish between C-style casts and functional casts, so we cannot exclude just + * those. + * + * In addition, we do not get `CStyleCasts` in cases where the cast is converted to a `ConstructorCall`. + * This holds for both the "functional notation" syntax and the "c-style" syntax, e.g. both of these + * are represented in our model as `ConstructorCall`s only: + * ``` + * class A { public: A(int); }; + * void create() { + * (A)1; + * A(1); + * } + * ``` + * + * As a consequence this query: + * - Produces false positives when primitive types are cast using the "functional notation" syntax. + * - Produces false negatives when a C-style cast is converted to a `ConstructorCall` e.g. when the + * argument type is compatible with a single-argument constructor. + */ + from CStyleCast c, string extraMessage, Locatable l, string supplementary where not isExcluded(c, BannedSyntaxPackage::traditionalCStyleCastsUsedQuery()) and not c.isImplicit() and not c.getType() instanceof UnknownType and + // For casts in templates that occur on types related to a template parameter, the copy of th + // cast in the uninstantiated template is represented as a `CStyleCast` even if in practice all + // the instantiations represent it as a `ConstructorCall`. To avoid the common false positive case + // of using the functional cast notation to call a constructor we exclude all `CStyleCast`s on + // uninstantiated templates, and instead rely on reporting results within instantiations. + not c.isFromUninstantiatedTemplate(_) and // Exclude casts created from macro invocations of macros defined by third parties not getGeneratedFrom(c) instanceof LibraryMacro and // If the cast was generated from a user-provided macro, then report the macro that generated the diff --git a/cpp/autosar/test/rules/A5-2-2/TraditionalCStyleCastsUsed.expected b/cpp/autosar/test/rules/A5-2-2/TraditionalCStyleCastsUsed.expected index 291eb53348..a7b7eef66c 100644 --- a/cpp/autosar/test/rules/A5-2-2/TraditionalCStyleCastsUsed.expected +++ b/cpp/autosar/test/rules/A5-2-2/TraditionalCStyleCastsUsed.expected @@ -5,3 +5,5 @@ | test.cpp:79:3:79:18 | (int)... | Use of explicit c-style cast to int generated from macro $@. | test.cpp:71:1:71:36 | #define NESTED_ADD_ONE(x) ADD_ONE(x) | NESTED_ADD_ONE | | test.cpp:85:19:85:26 | (int)... | Use of explicit c-style cast to int. | test.cpp:85:19:85:26 | (int)... | | | test.cpp:86:27:86:34 | (int)... | Use of explicit c-style cast to int. | test.cpp:86:27:86:34 | (int)... | | +| test.cpp:114:10:114:13 | (int)... | Use of explicit c-style cast to int. | test.cpp:114:10:114:13 | (int)... | | +| test.cpp:149:12:149:26 | (unsigned int)... | Use of explicit c-style cast to unsigned int. | test.cpp:149:12:149:26 | (unsigned int)... | | diff --git a/cpp/autosar/test/rules/A5-2-2/options.clang b/cpp/autosar/test/rules/A5-2-2/options.clang new file mode 100644 index 0000000000..a275a21895 --- /dev/null +++ b/cpp/autosar/test/rules/A5-2-2/options.clang @@ -0,0 +1 @@ +-I../../../../common/test/includes/custom-library \ No newline at end of file diff --git a/cpp/autosar/test/rules/A5-2-2/options.gcc b/cpp/autosar/test/rules/A5-2-2/options.gcc new file mode 100644 index 0000000000..a275a21895 --- /dev/null +++ b/cpp/autosar/test/rules/A5-2-2/options.gcc @@ -0,0 +1 @@ +-I../../../../common/test/includes/custom-library \ No newline at end of file diff --git a/cpp/autosar/test/rules/A5-2-2/test.cpp b/cpp/autosar/test/rules/A5-2-2/test.cpp index 6bcd09c777..fb39868560 100644 --- a/cpp/autosar/test/rules/A5-2-2/test.cpp +++ b/cpp/autosar/test/rules/A5-2-2/test.cpp @@ -6,7 +6,7 @@ int foo() { return 1; } void test_c_style_cast() { double f = 3.14; std::uint32_t n1 = (std::uint32_t)f; // NON_COMPLIANT - C-style cast - std::uint32_t n2 = unsigned(f); // NON_COMPLIANT - functional cast + std::uint32_t n2 = unsigned(f); // COMPLIANT[FALSE_POSITIVE] std::uint8_t n3 = 1; std::uint8_t n4 = 1; @@ -86,4 +86,75 @@ void test_macro_cast() { LIBRARY_NO_CAST_ADD_TWO((int)1.0); // NON_COMPLIANT - library macro with // c-style cast in argument, written by // user so should be reported -} \ No newline at end of file +} + +class D { +public: + D(int x) : fx(x), fy(0) {} + D(int x, int y) : fx(x), fy(y) {} + +private: + int fx; + int fy; +}; + +D testNonFunctionalCast() { + return (D)1; // NON_COMPLIANT[FALSE_NEGATIVE] +} + +D testFunctionalCast() { + return D(1); // COMPLIANT +} + +D testFunctionalCastMulti() { + return D(1, 2); // COMPLIANT +} + +template T testFunctionalCastTemplate() { + return T(1); // COMPLIANT[FALSE_POSITIVE] +} + +template T testFunctionalCastTemplateMulti() { + return T(1, 2); // COMPLIANT +} + +void testFunctionalCastTemplateUse() { + testFunctionalCastTemplate(); + testFunctionalCastTemplate(); + testFunctionalCastTemplateMulti(); +} + +template class E { +public: + class F { + public: + F(int x) : fx(x), fy(0) {} + F(int x, int y) : fx(x), fy(y) {} + + private: + int fx; + int fy; + }; + + F f() { + return F(1); // COMPLIANT + } + + D d() { + return D(1); // COMPLIANT + } + + int i() { + double f = 3.14; + return (unsigned int)f; // NON_COMPLIANT + } +}; + +class G {}; + +void testE() { + E e; + e.f(); + e.d(); + e.i(); +} diff --git a/rule_packages/cpp/BannedSyntax.json b/rule_packages/cpp/BannedSyntax.json index e2f3ce6ef7..0f559e60b7 100644 --- a/rule_packages/cpp/BannedSyntax.json +++ b/rule_packages/cpp/BannedSyntax.json @@ -141,7 +141,14 @@ "tags": [ "correctness", "scope/single-translation-unit" - ] + ], + "implementation_scope": { + "description": "This query has the following limitations:", + "items": [ + "It erroneously reports functional notation casts on primitive types (e.g. int(x)) as traditional C-style casts.", + "It will not report C-Style casts that result in a direct initialization via a constructor call with the given argument." + ] + } } ], "title": "Traditional C-style casts shall not be used." From 1408a855973ceae07d1c4601a13d5dcaa37ae9ad Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Mon, 6 Mar 2023 14:01:20 -0800 Subject: [PATCH 0634/2573] Address minor things for Actions --- .../DIR-4-6/TypedefsThatIndicateSizeAndSig.ql | 18 ----- .../cpp/exclusions/c/Types.qll | 70 +++++++++---------- rule_packages/c/Types.json | 6 +- 3 files changed, 38 insertions(+), 56 deletions(-) delete mode 100644 c/misra/src/rules/DIR-4-6/TypedefsThatIndicateSizeAndSig.ql diff --git a/c/misra/src/rules/DIR-4-6/TypedefsThatIndicateSizeAndSig.ql b/c/misra/src/rules/DIR-4-6/TypedefsThatIndicateSizeAndSig.ql deleted file mode 100644 index 32f6f10a9a..0000000000 --- a/c/misra/src/rules/DIR-4-6/TypedefsThatIndicateSizeAndSig.ql +++ /dev/null @@ -1,18 +0,0 @@ -/** - * @id c/misra/typedefs-that-indicate-size-and-sig - * @name DIR-4-6: typedefs that indicate size and signedness should be used in place of the basic numerical types - * @description TODO. - * @kind problem - * @precision high - * @problem.severity error - * @tags external/misra/id/dir-4-6 - * external/misra/obligation/advisory - */ - -import cpp -import codingstandards.c.misra - -from -where - not isExcluded(x, TypesPackage::typedefsThatIndicateSizeAndSigQuery()) and -select diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Types.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Types.qll index f50d30d5f0..970e07f6c9 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Types.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Types.qll @@ -4,92 +4,92 @@ import RuleMetadata import codingstandards.cpp.exclusions.RuleMetadata newtype TypesQuery = -TExprShiftedbyNegativeOrGreaterPrecisionOperandQuery() or -TConvertingAPointerToIntegerOrIntegerToPointerQuery() or -TPlainNumericalTypeUsedOverExplicitTypedefQuery() or -TSizeofOperatorUsedOnArrayTypeParamQuery() or -TStringLiteralAssignedToNonConstCharQuery() + TExprShiftedbyNegativeOrGreaterPrecisionOperandQuery() or + TConvertingAPointerToIntegerOrIntegerToPointerQuery() or + TPlainNumericalTypeUsedOverExplicitTypedefQuery() or + TSizeofOperatorUsedOnArrayTypeParamQuery() or + TStringLiteralAssignedToNonConstCharQuery() predicate isTypesQueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `exprShiftedbyNegativeOrGreaterPrecisionOperand` query - TypesPackage::exprShiftedbyNegativeOrGreaterPrecisionOperandQuery() and + TypesPackage::exprShiftedbyNegativeOrGreaterPrecisionOperandQuery() and queryId = // `@id` for the `exprShiftedbyNegativeOrGreaterPrecisionOperand` query - "c/cert/expr-shiftedby-negative-or-greater-precision-operand" and + "c/cert/expr-shiftedby-negative-or-greater-precision-operand" and ruleId = "INT34-C" and category = "rule" or query = // `Query` instance for the `convertingAPointerToIntegerOrIntegerToPointer` query - TypesPackage::convertingAPointerToIntegerOrIntegerToPointerQuery() and + TypesPackage::convertingAPointerToIntegerOrIntegerToPointerQuery() and queryId = // `@id` for the `convertingAPointerToIntegerOrIntegerToPointer` query - "c/cert/converting-a-pointer-to-integer-or-integer-to-pointer" and + "c/cert/converting-a-pointer-to-integer-or-integer-to-pointer" and ruleId = "INT36-C" and category = "rule" or query = // `Query` instance for the `plainNumericalTypeUsedOverExplicitTypedef` query - TypesPackage::plainNumericalTypeUsedOverExplicitTypedefQuery() and + TypesPackage::plainNumericalTypeUsedOverExplicitTypedefQuery() and queryId = // `@id` for the `plainNumericalTypeUsedOverExplicitTypedef` query - "c/misra/plain-numerical-type-used-over-explicit-typedef" and + "c/misra/plain-numerical-type-used-over-explicit-typedef" and ruleId = "DIR-4-6" and category = "advisory" or query = // `Query` instance for the `sizeofOperatorUsedOnArrayTypeParam` query - TypesPackage::sizeofOperatorUsedOnArrayTypeParamQuery() and + TypesPackage::sizeofOperatorUsedOnArrayTypeParamQuery() and queryId = // `@id` for the `sizeofOperatorUsedOnArrayTypeParam` query - "c/misra/sizeof-operator-used-on-array-type-param" and + "c/misra/sizeof-operator-used-on-array-type-param" and ruleId = "RULE-12-5" and category = "mandatory" or query = // `Query` instance for the `stringLiteralAssignedToNonConstChar` query - TypesPackage::stringLiteralAssignedToNonConstCharQuery() and + TypesPackage::stringLiteralAssignedToNonConstCharQuery() and queryId = // `@id` for the `stringLiteralAssignedToNonConstChar` query - "c/misra/string-literal-assigned-to-non-const-char" and + "c/misra/string-literal-assigned-to-non-const-char" and ruleId = "RULE-7-4" and category = "required" } module TypesPackage { -Query exprShiftedbyNegativeOrGreaterPrecisionOperandQuery() { + Query exprShiftedbyNegativeOrGreaterPrecisionOperandQuery() { //autogenerate `Query` type - result = + result = // `Query` type for `exprShiftedbyNegativeOrGreaterPrecisionOperand` query - TQueryC(TTypesPackageQuery(TExprShiftedbyNegativeOrGreaterPrecisionOperandQuery())) -} + TQueryC(TTypesPackageQuery(TExprShiftedbyNegativeOrGreaterPrecisionOperandQuery())) + } -Query convertingAPointerToIntegerOrIntegerToPointerQuery() { + Query convertingAPointerToIntegerOrIntegerToPointerQuery() { //autogenerate `Query` type - result = + result = // `Query` type for `convertingAPointerToIntegerOrIntegerToPointer` query - TQueryC(TTypesPackageQuery(TConvertingAPointerToIntegerOrIntegerToPointerQuery())) -} + TQueryC(TTypesPackageQuery(TConvertingAPointerToIntegerOrIntegerToPointerQuery())) + } -Query plainNumericalTypeUsedOverExplicitTypedefQuery() { + Query plainNumericalTypeUsedOverExplicitTypedefQuery() { //autogenerate `Query` type - result = + result = // `Query` type for `plainNumericalTypeUsedOverExplicitTypedef` query - TQueryC(TTypesPackageQuery(TPlainNumericalTypeUsedOverExplicitTypedefQuery())) -} + TQueryC(TTypesPackageQuery(TPlainNumericalTypeUsedOverExplicitTypedefQuery())) + } -Query sizeofOperatorUsedOnArrayTypeParamQuery() { + Query sizeofOperatorUsedOnArrayTypeParamQuery() { //autogenerate `Query` type - result = + result = // `Query` type for `sizeofOperatorUsedOnArrayTypeParam` query - TQueryC(TTypesPackageQuery(TSizeofOperatorUsedOnArrayTypeParamQuery())) -} + TQueryC(TTypesPackageQuery(TSizeofOperatorUsedOnArrayTypeParamQuery())) + } -Query stringLiteralAssignedToNonConstCharQuery() { + Query stringLiteralAssignedToNonConstCharQuery() { //autogenerate `Query` type - result = + result = // `Query` type for `stringLiteralAssignedToNonConstChar` query - TQueryC(TTypesPackageQuery(TStringLiteralAssignedToNonConstCharQuery())) -} + TQueryC(TTypesPackageQuery(TStringLiteralAssignedToNonConstCharQuery())) + } } diff --git a/rule_packages/c/Types.json b/rule_packages/c/Types.json index 0324a637a3..aa9e8d3fef 100644 --- a/rule_packages/c/Types.json +++ b/rule_packages/c/Types.json @@ -367,7 +367,7 @@ { "description": "Using sizeof operator on an array type function parameter leads to unintended results.", "kind": "problem", - "name": "The sizeof operator should not be used on an array type function parameter.", + "name": "The sizeof operator should not be used on an array type function parameter", "precision": "very-high", "severity": "error", "short_name": "SizeofOperatorUsedOnArrayTypeParam", @@ -469,7 +469,7 @@ { "description": "Assigning string literal to a variable with type other than a pointer to const char and modifying it causes undefined behavior .", "kind": "problem", - "name": "A string literal shall only be assigned to a pointer to const char.", + "name": "A string literal shall only be assigned to a pointer to const char", "precision": "very-high", "severity": "error", "short_name": "StringLiteralAssignedToNonConstChar", @@ -479,4 +479,4 @@ "title": "A string literal shall not be assigned to an object unless the object's type is 'pointer to const-qualified char'" } } -} +} \ No newline at end of file From cb45556f874dddc4bf5a4c4b7d62f739cb7524e9 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Mon, 6 Mar 2023 14:04:34 -0800 Subject: [PATCH 0635/2573] Update queries and .expected for DIR-4-6 --- ...ainNumericalTypeUsedOverExplicitTypedef.ql | 31 +++++++++++-------- ...ericalTypeUsedOverExplicitTypedef.expected | 20 +++++++++++- 2 files changed, 37 insertions(+), 14 deletions(-) diff --git a/c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql b/c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql index 4d36edb35a..31cbe66a4a 100644 --- a/c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql +++ b/c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql @@ -13,9 +13,7 @@ import cpp import codingstandards.c.misra -abstract class ForbiddenType extends Type { } - -class BuiltinNumericType extends ForbiddenType { +class BuiltinNumericType extends BuiltInType { BuiltinNumericType() { /* Exclude the plain char because it does not count as a numeric type */ this.(CharType).isExplicitlySigned() @@ -38,15 +36,22 @@ class BuiltinNumericType extends ForbiddenType { } } -class ForbiddenTypedefType extends ForbiddenType, TypedefType { - ForbiddenTypedefType() { - this.(TypedefType).getBaseType() instanceof BuiltinNumericType and - not this.getName().regexpMatch("u?(int|float)(4|8|16|32|64|128)_t") - } +predicate forbiddenBuiltinNumericUsedInDecl(Variable var, string message) { + var.getType() instanceof BuiltinNumericType and + message = "The type " + var.getType() + " is not a fixed-width numeric type." +} + +predicate forbiddenTypedef(TypedefType typedef, string message) { + typedef.getBaseType() instanceof BuiltinNumericType and + not typedef.getName().regexpMatch("u?(int|float)(4|8|16|32|64|128)_t") and + message = "The type " + typedef.getName() + " is not an alias to a fixed-width numeric type." } -/* TODO: BuiltinNumericType not being flagged */ -from ForbiddenType forbiddenType -where not isExcluded(forbiddenType, TypesPackage::plainNumericalTypeUsedOverExplicitTypedefQuery()) -select forbiddenType, - "The type " + forbiddenType + " is not a fixed-width numeric type nor an alias to one." +from Element elem, string message +where + not isExcluded(elem, TypesPackage::plainNumericalTypeUsedOverExplicitTypedefQuery()) and + ( + forbiddenBuiltinNumericUsedInDecl(elem, message) or + forbiddenTypedef(elem, message) + ) +select elem, message diff --git a/c/misra/test/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.expected b/c/misra/test/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.expected index 2ec1a0ac6c..7aa7ba28ad 100644 --- a/c/misra/test/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.expected +++ b/c/misra/test/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.expected @@ -1 +1,19 @@ -No expected results have yet been specified \ No newline at end of file +| test.c:27:5:27:26 | _astronomical_number_t | The type _astronomical_number_t is not an alias to a fixed-width numeric type. | +| test.c:30:10:30:13 | argc | The type int is not a fixed-width numeric type. | +| test.c:34:15:34:16 | c2 | The type signed char is not a fixed-width numeric type. | +| test.c:35:17:35:18 | c3 | The type unsigned char is not a fixed-width numeric type. | +| test.c:38:9:38:10 | s1 | The type short is not a fixed-width numeric type. | +| test.c:39:16:39:17 | s2 | The type signed short is not a fixed-width numeric type. | +| test.c:40:18:40:19 | s3 | The type unsigned short is not a fixed-width numeric type. | +| test.c:43:7:43:8 | i1 | The type int is not a fixed-width numeric type. | +| test.c:44:14:44:15 | i2 | The type signed int is not a fixed-width numeric type. | +| test.c:45:16:45:17 | i3 | The type unsigned int is not a fixed-width numeric type. | +| test.c:48:8:48:9 | l1 | The type long is not a fixed-width numeric type. | +| test.c:49:15:49:16 | l2 | The type signed long is not a fixed-width numeric type. | +| test.c:50:17:50:18 | l3 | The type unsigned long is not a fixed-width numeric type. | +| test.c:53:13:53:15 | ll1 | The type long long is not a fixed-width numeric type. | +| test.c:54:20:54:22 | ll2 | The type signed long long is not a fixed-width numeric type. | +| test.c:55:22:55:24 | ll3 | The type unsigned long long is not a fixed-width numeric type. | +| test.c:58:9:58:10 | f1 | The type float is not a fixed-width numeric type. | +| test.c:61:10:61:11 | d1 | The type double is not a fixed-width numeric type. | +| test.c:64:15:64:17 | ld1 | The type long double is not a fixed-width numeric type. | From f6488aad49808fbe634a029600a18598015ee389 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Mon, 6 Mar 2023 14:14:33 -0800 Subject: [PATCH 0636/2573] Format query metadata --- .../src/rules/RULE-12-5/SizeofOperatorUsedOnArrayTypeParam.ql | 2 +- .../src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/c/misra/src/rules/RULE-12-5/SizeofOperatorUsedOnArrayTypeParam.ql b/c/misra/src/rules/RULE-12-5/SizeofOperatorUsedOnArrayTypeParam.ql index ad1dba6df4..2215c819fd 100644 --- a/c/misra/src/rules/RULE-12-5/SizeofOperatorUsedOnArrayTypeParam.ql +++ b/c/misra/src/rules/RULE-12-5/SizeofOperatorUsedOnArrayTypeParam.ql @@ -1,6 +1,6 @@ /** * @id c/misra/sizeof-operator-used-on-array-type-param - * @name RULE-12-5: The sizeof operator should not be used on an array type function parameter. + * @name RULE-12-5: The sizeof operator should not be used on an array type function parameter * @description Using sizeof operator on an array type function parameter leads to unintended * results. * @kind problem diff --git a/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql b/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql index f7f859e0a7..bd9a72943f 100644 --- a/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql +++ b/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql @@ -1,6 +1,6 @@ /** * @id c/misra/string-literal-assigned-to-non-const-char - * @name RULE-7-4: A string literal shall only be assigned to a pointer to const char. + * @name RULE-7-4: A string literal shall only be assigned to a pointer to const char * @description Assigning string literal to a variable with type other than a pointer to const char * and modifying it causes undefined behavior . * @kind problem From 51d0269e4c376962f651b50ef1f6f485a9217285 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 6 Mar 2023 17:18:05 -0500 Subject: [PATCH 0637/2573] fixes --- .../AtomicVariableTwiceInExpression.ql | 5 ++- ...rapFunctionsThatCanFailSpuriouslyInLoop.ql | 38 +++++++------------ 2 files changed, 17 insertions(+), 26 deletions(-) diff --git a/c/cert/src/rules/CON40-C/AtomicVariableTwiceInExpression.ql b/c/cert/src/rules/CON40-C/AtomicVariableTwiceInExpression.ql index d20663bd87..8a44013277 100644 --- a/c/cert/src/rules/CON40-C/AtomicVariableTwiceInExpression.ql +++ b/c/cert/src/rules/CON40-C/AtomicVariableTwiceInExpression.ql @@ -14,6 +14,7 @@ import cpp import codingstandards.c.cert +import codingstandards.cpp.Concurrency from MacroInvocation mi, Variable v, Locatable whereFound where @@ -22,13 +23,13 @@ where // There isn't a way to safely use this construct in a way that is also // possible the reliably detect so advise against using it. ( - mi.getMacroName() = ["atomic_store", "atomic_store_explicit"] + mi instanceof AtomicStore or // This construct is generally safe, but must be used in a loop. To lower // the false positive rate we don't look at the conditions of the loop and // instead assume if it is found in a looping construct that it is likely // related to the safety property. - mi.getMacroName() = ["atomic_compare_exchange_weak", "atomic_compare_exchange_weak_explicit"] and + mi instanceof AtomicCompareExchange and not exists(Loop l | mi.getAGeneratedElement().(Expr).getParent*() = l) ) and whereFound = mi diff --git a/c/cert/src/rules/CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.ql b/c/cert/src/rules/CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.ql index 62c8ec5dc4..1999173a8e 100644 --- a/c/cert/src/rules/CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.ql +++ b/c/cert/src/rules/CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.ql @@ -12,28 +12,18 @@ * external/cert/obligation/rule */ -import cpp -import codingstandards.c.cert + import cpp + import codingstandards.c.cert + import codingstandards.cpp.Concurrency + -/** - * Models calls to routines in the `stdatomic` library. Note that these - * are typically implemented as macros within Clang and GCC's standard - * libraries. - */ -class SpuriouslyFailingFunctionCallType extends MacroInvocation { - SpuriouslyFailingFunctionCallType() { - getMacroName() = ["atomic_compare_exchange_weak", "atomic_compare_exchange_weak_explicit"] - } -} - -from SpuriouslyFailingFunctionCallType fc -where - not isExcluded(fc, Concurrency3Package::wrapFunctionsThatCanFailSpuriouslyInLoopQuery()) and - ( - exists(StmtParent sp | sp = fc.getStmt() and not sp.(Stmt).getParentStmt*() instanceof Loop) - or - exists(StmtParent sp | - sp = fc.getExpr() and not sp.(Expr).getEnclosingStmt().getParentStmt*() instanceof Loop - ) - ) -select fc, "Function that can spuriously fail not wrapped in a loop." + from AtomicCompareExchange ace + where + not isExcluded(ace, Concurrency3Package::wrapFunctionsThatCanFailSpuriouslyInLoopQuery()) and + ( + forex(StmtParent sp | sp = ace.getStmt() | not sp.(Stmt).getParentStmt*() instanceof Loop) or + forex(Expr e | e = ace.getExpr() | not e.getEnclosingStmt().getParentStmt*() + instanceof Loop) + ) + select ace, "Function that can spuriously fail not wrapped in a loop." + \ No newline at end of file From 1fa4bba90052fd0bf1d5d0ea64a934648a16f62e Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 6 Mar 2023 17:19:21 -0500 Subject: [PATCH 0638/2573] compiler compatability --- .../AtomicVariableTwiceInExpression.expected | 12 +++++------ ...icVariableTwiceInExpression.expected.clang | 6 ++++++ ...omicVariableTwiceInExpression.expected.gcc | 6 ++++++ c/cert/test/rules/CON40-C/test.c | 21 ++++++++++--------- 4 files changed, 29 insertions(+), 16 deletions(-) create mode 100644 c/cert/test/rules/CON40-C/AtomicVariableTwiceInExpression.expected.clang create mode 100644 c/cert/test/rules/CON40-C/AtomicVariableTwiceInExpression.expected.gcc diff --git a/c/cert/test/rules/CON40-C/AtomicVariableTwiceInExpression.expected b/c/cert/test/rules/CON40-C/AtomicVariableTwiceInExpression.expected index 377d6cc818..42d3ea924d 100644 --- a/c/cert/test/rules/CON40-C/AtomicVariableTwiceInExpression.expected +++ b/c/cert/test/rules/CON40-C/AtomicVariableTwiceInExpression.expected @@ -1,6 +1,6 @@ -| test.c:6:19:6:40 | ATOMIC_VAR_INIT(value) | Atomic variable possibly referred to twice in an $@. | test.c:32:3:32:10 | ... += ... | expression | -| test.c:6:19:6:40 | ATOMIC_VAR_INIT(value) | Atomic variable possibly referred to twice in an $@. | test.c:33:3:33:13 | ... = ... | expression | -| test.c:10:3:10:23 | atomic_store(a,b) | Atomic variable possibly referred to twice in an $@. | test.c:10:3:10:23 | atomic_store(a,b) | expression | -| test.c:11:3:11:35 | atomic_store_explicit(a,b,c) | Atomic variable possibly referred to twice in an $@. | test.c:11:3:11:35 | atomic_store_explicit(a,b,c) | expression | -| test.c:24:3:24:48 | atomic_compare_exchange_weak(a,b,c) | Atomic variable possibly referred to twice in an $@. | test.c:24:3:24:48 | atomic_compare_exchange_weak(a,b,c) | expression | -| test.c:25:3:26:45 | atomic_compare_exchange_weak_explicit(a,b,c,d,e) | Atomic variable possibly referred to twice in an $@. | test.c:25:3:26:45 | atomic_compare_exchange_weak_explicit(a,b,c,d,e) | expression | +| test.c:7:18:7:39 | ATOMIC_VAR_INIT(value) | Atomic variable possibly referred to twice in an $@. | test.c:33:3:33:10 | ... += ... | expression | +| test.c:7:18:7:39 | ATOMIC_VAR_INIT(value) | Atomic variable possibly referred to twice in an $@. | test.c:34:3:34:13 | ... = ... | expression | +| test.c:11:3:11:23 | atomic_store(object,desired) | Atomic variable possibly referred to twice in an $@. | test.c:11:3:11:23 | atomic_store(object,desired) | expression | +| test.c:12:3:12:23 | atomic_store_explicit | Atomic variable possibly referred to twice in an $@. | test.c:12:3:12:23 | atomic_store_explicit | expression | +| test.c:25:3:25:49 | atomic_compare_exchange_weak(object,expected,desired) | Atomic variable possibly referred to twice in an $@. | test.c:25:3:25:49 | atomic_compare_exchange_weak(object,expected,desired) | expression | +| test.c:26:3:26:39 | atomic_compare_exchange_weak_explicit | Atomic variable possibly referred to twice in an $@. | test.c:26:3:26:39 | atomic_compare_exchange_weak_explicit | expression | diff --git a/c/cert/test/rules/CON40-C/AtomicVariableTwiceInExpression.expected.clang b/c/cert/test/rules/CON40-C/AtomicVariableTwiceInExpression.expected.clang new file mode 100644 index 0000000000..42d3ea924d --- /dev/null +++ b/c/cert/test/rules/CON40-C/AtomicVariableTwiceInExpression.expected.clang @@ -0,0 +1,6 @@ +| test.c:7:18:7:39 | ATOMIC_VAR_INIT(value) | Atomic variable possibly referred to twice in an $@. | test.c:33:3:33:10 | ... += ... | expression | +| test.c:7:18:7:39 | ATOMIC_VAR_INIT(value) | Atomic variable possibly referred to twice in an $@. | test.c:34:3:34:13 | ... = ... | expression | +| test.c:11:3:11:23 | atomic_store(object,desired) | Atomic variable possibly referred to twice in an $@. | test.c:11:3:11:23 | atomic_store(object,desired) | expression | +| test.c:12:3:12:23 | atomic_store_explicit | Atomic variable possibly referred to twice in an $@. | test.c:12:3:12:23 | atomic_store_explicit | expression | +| test.c:25:3:25:49 | atomic_compare_exchange_weak(object,expected,desired) | Atomic variable possibly referred to twice in an $@. | test.c:25:3:25:49 | atomic_compare_exchange_weak(object,expected,desired) | expression | +| test.c:26:3:26:39 | atomic_compare_exchange_weak_explicit | Atomic variable possibly referred to twice in an $@. | test.c:26:3:26:39 | atomic_compare_exchange_weak_explicit | expression | diff --git a/c/cert/test/rules/CON40-C/AtomicVariableTwiceInExpression.expected.gcc b/c/cert/test/rules/CON40-C/AtomicVariableTwiceInExpression.expected.gcc new file mode 100644 index 0000000000..7a37b9424d --- /dev/null +++ b/c/cert/test/rules/CON40-C/AtomicVariableTwiceInExpression.expected.gcc @@ -0,0 +1,6 @@ +| test.c:7:18:7:39 | ATOMIC_VAR_INIT(VALUE) | Atomic variable possibly referred to twice in an $@. | test.c:33:3:33:10 | ... += ... | expression | +| test.c:7:18:7:39 | ATOMIC_VAR_INIT(VALUE) | Atomic variable possibly referred to twice in an $@. | test.c:34:3:34:13 | ... = ... | expression | +| test.c:11:3:11:23 | atomic_store(PTR,VAL) | Atomic variable possibly referred to twice in an $@. | test.c:11:3:11:23 | atomic_store(PTR,VAL) | expression | +| test.c:12:3:12:35 | atomic_store_explicit(PTR,VAL,MO) | Atomic variable possibly referred to twice in an $@. | test.c:12:3:12:35 | atomic_store_explicit(PTR,VAL,MO) | expression | +| test.c:25:3:25:49 | atomic_compare_exchange_weak(PTR,VAL,DES) | Atomic variable possibly referred to twice in an $@. | test.c:25:3:25:49 | atomic_compare_exchange_weak(PTR,VAL,DES) | expression | +| test.c:26:3:27:42 | atomic_compare_exchange_weak_explicit(PTR,VAL,DES,SUC,FAIL) | Atomic variable possibly referred to twice in an $@. | test.c:26:3:27:42 | atomic_compare_exchange_weak_explicit(PTR,VAL,DES,SUC,FAIL) | expression | diff --git a/c/cert/test/rules/CON40-C/test.c b/c/cert/test/rules/CON40-C/test.c index a72a9d4809..20a381acc3 100644 --- a/c/cert/test/rules/CON40-C/test.c +++ b/c/cert/test/rules/CON40-C/test.c @@ -1,10 +1,11 @@ #include #include -static bool fl1 = ATOMIC_VAR_INIT(false); -static bool fl2 = ATOMIC_VAR_INIT(false); -static bool fl3 = ATOMIC_VAR_INIT(false); -static bool fl4 = ATOMIC_VAR_INIT(false); +static _Atomic int fl1 = ATOMIC_VAR_INIT(false); +static _Atomic int fl2 = ATOMIC_VAR_INIT(false); +static int fl2a = ATOMIC_VAR_INIT(false); +static int fl3 = ATOMIC_VAR_INIT(false); +static int fl4 = ATOMIC_VAR_INIT(false); void f1() { atomic_store(&fl1, 0); // NON_COMPLIANT @@ -13,17 +14,17 @@ void f1() { void f2() { do { - } while (!atomic_compare_exchange_weak(&fl2, &fl2, &fl2)); // COMPLIANT + } while (!atomic_compare_exchange_weak(&fl2, &fl2a, fl2a)); // COMPLIANT do { - } while (!atomic_compare_exchange_weak_explicit(&fl2, &fl2, &fl2, &fl2, - &fl2)); // COMPLIANT + } while (!atomic_compare_exchange_weak_explicit(&fl2, &fl2a, fl2a, 0, + 0)); // COMPLIANT } void f3() { - atomic_compare_exchange_weak(&fl2, &fl2, &fl2); // NON_COMPLIANT - atomic_compare_exchange_weak_explicit(&fl2, &fl2, &fl2, &fl2, - &fl2); // NON_COMPLIANT + atomic_compare_exchange_weak(&fl2, &fl2a, fl2a); // NON_COMPLIANT + atomic_compare_exchange_weak_explicit(&fl2, &fl2a, fl2a, 0, + 0); // NON_COMPLIANT } void f4() { fl3 ^= true; } From c5c7972b78f1000178297d2da482840ba908cd0c Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 6 Mar 2023 17:19:34 -0500 Subject: [PATCH 0639/2573] new library stubs --- .../src/codingstandards/cpp/Concurrency.qll | 42 +++++++++++++++++++ 1 file changed, 42 insertions(+) diff --git a/cpp/common/src/codingstandards/cpp/Concurrency.qll b/cpp/common/src/codingstandards/cpp/Concurrency.qll index a793a3d317..66af30dbb9 100644 --- a/cpp/common/src/codingstandards/cpp/Concurrency.qll +++ b/cpp/common/src/codingstandards/cpp/Concurrency.qll @@ -876,3 +876,45 @@ predicate getAThreadSpecificStorageDeallocationCall(C11ThreadCreateCall tcc, Dea DataFlow::localFlow(DataFlow::exprNode(tsg), DataFlow::exprNode(dexp.getFreedExpr())) ) } + +/** + * Models calls to routines `atomic_compare_exchange_weak` and + * `atomic_compare_exchange_weak_explicit` in the `stdatomic` library. + * Note that these are typically implemented as macros within Clang and + * GCC's standard libraries. + */ +class AtomicCompareExchange extends MacroInvocation { + AtomicCompareExchange() { + getMacroName() = "atomic_compare_exchange_weak" + or + // some compilers model `atomic_compare_exchange_weak` as a macro that + // expands to `atomic_compare_exchange_weak_explicit` so this defeats that + // and other similar modeling. + getMacroName() = "atomic_compare_exchange_weak_explicit" and + not exists(MacroInvocation m | + m.getMacroName() = "atomic_compare_exchange_weak" and + m.getAnExpandedElement() = getAnExpandedElement() + ) + } +} + +/** + * Models calls to routines `atomic_store` and + * `atomic_store_explicit` in the `stdatomic` library. + * Note that these are typically implemented as macros within Clang and + * GCC's standard libraries. + */ +class AtomicStore extends MacroInvocation { + AtomicStore() { + getMacroName() = "atomic_store" + or + // some compilers model `atomic_compare_exchange_weak` as a macro that + // expands to `atomic_compare_exchange_weak_explicit` so this defeats that + // and other similar modeling. + getMacroName() = "atomic_store_explicit" and + not exists(MacroInvocation m | + m.getMacroName() = "atomic_store" and + m.getAnExpandedElement() = getAnExpandedElement() + ) + } +} From 7e3dc0b9ff56468390220bf4f630f63a4e7fe3de Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 6 Mar 2023 17:25:39 -0500 Subject: [PATCH 0640/2573] changelog --- change_notes/2023-03-06-better-modeling-of-stdatomic.md | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 change_notes/2023-03-06-better-modeling-of-stdatomic.md diff --git a/change_notes/2023-03-06-better-modeling-of-stdatomic.md b/change_notes/2023-03-06-better-modeling-of-stdatomic.md new file mode 100644 index 0000000000..c34b528620 --- /dev/null +++ b/change_notes/2023-03-06-better-modeling-of-stdatomic.md @@ -0,0 +1,6 @@ + - `CON41-C`: Refactored to address compiler compatibility issues. More accurate + modeling of cases where macros are modeled against other macros such as + `atomic_compare_exchange_weak` and `atomic_store`. + - `CON40-C`: Refactored to address compiler compatibility issues. More accurate + modeling of cases where macros are modeled against other macros such as + `atomic_compare_exchange_weak` and `atomic_store`. \ No newline at end of file From 490b3fe0b885744b2547506eda641954e0b99a6d Mon Sep 17 00:00:00 2001 From: Shadi Samadi Date: Tue, 7 Mar 2023 09:47:38 +1100 Subject: [PATCH 0641/2573] Added RULE-15-7 and moved M6-4-2 to shared folder --- .../IfElseTerminationConstruct.expected | 3 + .../IfElseTerminationConstruct.ql | 2 + .../rules/ifelseterminationconstruct/test.c | 56 +++++++++++++++++++ .../src/rules/RULE-15-7/IfElseEndCondition.ql | 22 ++++++++ .../M6-4-2/IfElseTerminationCondition.ql | 12 ++-- .../IfElseTerminationCondition.expected | 3 - .../M6-4-2/IfElseTerminationCondition.qlref | 1 - .../M6-4-2/IfElseTerminationCondition.testref | 1 + .../IfElseTerminationConstruct.qll | 22 ++++++++ .../IfElseTerminationConstruct.expected | 3 + .../IfElseTerminationConstruct.ql | 2 + .../ifelseterminationconstruct}/test.cpp | 1 + rule_packages/c/Statements3.json | 2 +- rule_packages/cpp/Conditionals.json | 3 +- 14 files changed, 121 insertions(+), 12 deletions(-) create mode 100644 c/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.expected create mode 100644 c/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql create mode 100644 c/common/test/rules/ifelseterminationconstruct/test.c create mode 100644 c/misra/src/rules/RULE-15-7/IfElseEndCondition.ql delete mode 100644 cpp/autosar/test/rules/M6-4-2/IfElseTerminationCondition.expected delete mode 100644 cpp/autosar/test/rules/M6-4-2/IfElseTerminationCondition.qlref create mode 100644 cpp/autosar/test/rules/M6-4-2/IfElseTerminationCondition.testref create mode 100644 cpp/common/src/codingstandards/cpp/rules/ifelseterminationconstruct/IfElseTerminationConstruct.qll create mode 100644 cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.expected create mode 100644 cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql rename cpp/{autosar/test/rules/M6-4-2 => common/test/rules/ifelseterminationconstruct}/test.cpp (99%) diff --git a/c/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.expected b/c/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.expected new file mode 100644 index 0000000000..910ea55bab --- /dev/null +++ b/c/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.expected @@ -0,0 +1,3 @@ +| test.c:16:3:20:3 | if (...) ... | The $@ construct does not terminate with else statement. | test.c:16:3:20:3 | if (...) ... | `if...else` | +| test.c:33:5:37:5 | if (...) ... | The $@ construct does not terminate with else statement. | test.c:33:5:37:5 | if (...) ... | `if...else` | +| test.c:45:3:55:3 | if (...) ... | The $@ construct does not terminate with else statement. | test.c:45:3:55:3 | if (...) ... | `if...else` | diff --git a/c/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql b/c/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql new file mode 100644 index 0000000000..d96cb456ce --- /dev/null +++ b/c/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.ifelseterminationconstruct.IfElseTerminationConstruct diff --git a/c/common/test/rules/ifelseterminationconstruct/test.c b/c/common/test/rules/ifelseterminationconstruct/test.c new file mode 100644 index 0000000000..c3fb95df15 --- /dev/null +++ b/c/common/test/rules/ifelseterminationconstruct/test.c @@ -0,0 +1,56 @@ +void f1(int p1) { + + if (p1) { // COMPLIANT + ; + } else if (p1) { + ; + } else { + ; + } +} + +void f2(int p1) { + if (p1) { // COMPLIANT + ; + } + if (p1) { // NON_COMPLIANT + ; + } else if (p1) { + ; + } +} + +void f3(int p1) { + + if (p1) { // COMPLIANT + ; + } else { + ; + } + if (p1) { // COMPLIANT + ; + } else if (p1) { + if (p1) { // NON_COMPLIANT + ; + } else if (p1) { + ; + } + } else { + ; + } +} + +void f4(int p1) { + + if (p1) { // NON_COMPLIANT + ; + } else if (p1) { + if (p1) { // COMPLIANT + ; + } else if (p1) { + ; + } else { + ; + } + } +} \ No newline at end of file diff --git a/c/misra/src/rules/RULE-15-7/IfElseEndCondition.ql b/c/misra/src/rules/RULE-15-7/IfElseEndCondition.ql new file mode 100644 index 0000000000..96132d3deb --- /dev/null +++ b/c/misra/src/rules/RULE-15-7/IfElseEndCondition.ql @@ -0,0 +1,22 @@ +/** + * @id c/misra/if-else-end-condition + * @name RULE-15-7: All if / else if constructs shall be terminated with an else statement + * @description Terminating an `if...else` construct is a defensive programming technique. + * @kind problem + * @precision very-high + * @problem.severity recommendation + * @tags external/misra/id/rule-15-7 + * readability + * maintainability + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.rules.ifelseterminationconstruct.IfElseTerminationConstruct + +class IfElseEndConditionQuery extends IfElseTerminationConstructSharedQuery { + IfElseEndConditionQuery() { + this = Statements3Package::ifElseEndConditionQuery() + } +} diff --git a/cpp/autosar/src/rules/M6-4-2/IfElseTerminationCondition.ql b/cpp/autosar/src/rules/M6-4-2/IfElseTerminationCondition.ql index 1435ed2281..e75d365461 100644 --- a/cpp/autosar/src/rules/M6-4-2/IfElseTerminationCondition.ql +++ b/cpp/autosar/src/rules/M6-4-2/IfElseTerminationCondition.ql @@ -15,10 +15,10 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.rules.ifelseterminationconstruct.IfElseTerminationConstruct -from IfStmt ifStmt, IfStmt ifElse -where - not isExcluded(ifStmt, ConditionalsPackage::ifElseTerminationConditionQuery()) and - ifStmt.getElse() = ifElse and - not ifElse.hasElse() -select ifStmt, "The $@ if statement does not terminate with an else construct.", ifElse, "if...else" +class IfElseTerminationConditionQuery extends IfElseTerminationConstructSharedQuery { + IfElseTerminationConditionQuery() { + this = ConditionalsPackage::ifElseTerminationConditionQuery() + } +} diff --git a/cpp/autosar/test/rules/M6-4-2/IfElseTerminationCondition.expected b/cpp/autosar/test/rules/M6-4-2/IfElseTerminationCondition.expected deleted file mode 100644 index 7716b684af..0000000000 --- a/cpp/autosar/test/rules/M6-4-2/IfElseTerminationCondition.expected +++ /dev/null @@ -1,3 +0,0 @@ -| test.cpp:22:3:26:3 | if (...) ... | The $@ if statement does not terminate with an else construct. | test.cpp:24:10:26:3 | if (...) ... | if...else | -| test.cpp:42:5:46:5 | if (...) ... | The $@ if statement does not terminate with an else construct. | test.cpp:44:12:46:5 | if (...) ... | if...else | -| test.cpp:56:3:66:3 | if (...) ... | The $@ if statement does not terminate with an else construct. | test.cpp:58:10:66:3 | if (...) ... | if...else | diff --git a/cpp/autosar/test/rules/M6-4-2/IfElseTerminationCondition.qlref b/cpp/autosar/test/rules/M6-4-2/IfElseTerminationCondition.qlref deleted file mode 100644 index 28420bff1a..0000000000 --- a/cpp/autosar/test/rules/M6-4-2/IfElseTerminationCondition.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M6-4-2/IfElseTerminationCondition.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M6-4-2/IfElseTerminationCondition.testref b/cpp/autosar/test/rules/M6-4-2/IfElseTerminationCondition.testref new file mode 100644 index 0000000000..d7ca04a26e --- /dev/null +++ b/cpp/autosar/test/rules/M6-4-2/IfElseTerminationCondition.testref @@ -0,0 +1 @@ +cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/rules/ifelseterminationconstruct/IfElseTerminationConstruct.qll b/cpp/common/src/codingstandards/cpp/rules/ifelseterminationconstruct/IfElseTerminationConstruct.qll new file mode 100644 index 0000000000..5755ed8f38 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/ifelseterminationconstruct/IfElseTerminationConstruct.qll @@ -0,0 +1,22 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class IfElseTerminationConstructSharedQuery extends Query { } + +Query getQuery() { result instanceof IfElseTerminationConstructSharedQuery } + +query predicate problems(IfStmt ifStmt, string message, IfStmt ifLocation, string ifElseString) { + not isExcluded(ifStmt, getQuery()) and + exists(IfStmt ifElse | + ifStmt.getElse() = ifElse and + not ifElse.hasElse() + ) and + ifLocation = ifStmt and + message = "The $@ construct does not terminate with else statement." and + ifElseString = "`if...else`" +} diff --git a/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.expected b/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.expected new file mode 100644 index 0000000000..0d14bfa016 --- /dev/null +++ b/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.expected @@ -0,0 +1,3 @@ +| test.cpp:23:3:27:3 | if (...) ... | The $@ construct does not terminate with else statement. | test.cpp:23:3:27:3 | if (...) ... | `if...else` | +| test.cpp:43:5:47:5 | if (...) ... | The $@ construct does not terminate with else statement. | test.cpp:43:5:47:5 | if (...) ... | `if...else` | +| test.cpp:57:3:67:3 | if (...) ... | The $@ construct does not terminate with else statement. | test.cpp:57:3:67:3 | if (...) ... | `if...else` | diff --git a/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql b/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql new file mode 100644 index 0000000000..d96cb456ce --- /dev/null +++ b/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.ifelseterminationconstruct.IfElseTerminationConstruct diff --git a/cpp/autosar/test/rules/M6-4-2/test.cpp b/cpp/common/test/rules/ifelseterminationconstruct/test.cpp similarity index 99% rename from cpp/autosar/test/rules/M6-4-2/test.cpp rename to cpp/common/test/rules/ifelseterminationconstruct/test.cpp index 8689771d8e..bf8d1d6da3 100644 --- a/cpp/autosar/test/rules/M6-4-2/test.cpp +++ b/cpp/common/test/rules/ifelseterminationconstruct/test.cpp @@ -1,3 +1,4 @@ + void test_ifelse_valid(int expression) { int i = 3; int j = 4; diff --git a/rule_packages/c/Statements3.json b/rule_packages/c/Statements3.json index d6259ba8a1..41463415a6 100644 --- a/rule_packages/c/Statements3.json +++ b/rule_packages/c/Statements3.json @@ -50,7 +50,7 @@ }, "queries": [ { - "description": "Terminating an `if...else`construct is a defensive programming technique.", + "description": "Terminating an `if...else` construct is a defensive programming technique.", "kind": "problem", "name": "All if / else if constructs shall be terminated with an else statement", "precision": "very-high", diff --git a/rule_packages/cpp/Conditionals.json b/rule_packages/cpp/Conditionals.json index 755a24d2aa..549f3440e3 100644 --- a/rule_packages/cpp/Conditionals.json +++ b/rule_packages/cpp/Conditionals.json @@ -136,6 +136,7 @@ "precision": "very-high", "severity": "recommendation", "short_name": "IfElseTerminationCondition", + "shared_implementation_short_name": "IfElseTerminationConstruct", "tags": [ "maintainability", "readability" @@ -363,4 +364,4 @@ "title": "The continue statement shall only be used within a well-formed for loop." } } -} +} \ No newline at end of file From aeb9b65f27290e51514f2ec994f09e6aba969364 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Mon, 6 Mar 2023 15:04:45 -0800 Subject: [PATCH 0642/2573] Factor out shared clauses to common --- ...ainNumericalTypeUsedOverExplicitTypedef.ql | 18 ++++++-------- ...ericalTypeUsedOverExplicitTypedef.expected | 1 - .../A3-9-1/VariableWidthIntegerTypesUsed.ql | 24 ++++--------------- .../cpp/BuiltInNumericTypes.qll | 22 +++++++++++++++++ 4 files changed, 33 insertions(+), 32 deletions(-) create mode 100644 cpp/common/src/codingstandards/cpp/BuiltInNumericTypes.qll diff --git a/c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql b/c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql index 31cbe66a4a..29dd1c16d4 100644 --- a/c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql +++ b/c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql @@ -12,21 +12,16 @@ import cpp import codingstandards.c.misra +import codingstandards.cpp.BuiltInNumericTypes -class BuiltinNumericType extends BuiltInType { - BuiltinNumericType() { +class BuiltInNumericType extends BuiltInType { + BuiltInNumericType() { /* Exclude the plain char because it does not count as a numeric type */ this.(CharType).isExplicitlySigned() or this.(CharType).isExplicitlyUnsigned() or - this instanceof ShortType - or - this instanceof IntType - or - this instanceof LongType - or - this instanceof LongLongType + this instanceof BuiltInIntegerType or this instanceof FloatType or @@ -37,12 +32,13 @@ class BuiltinNumericType extends BuiltInType { } predicate forbiddenBuiltinNumericUsedInDecl(Variable var, string message) { - var.getType() instanceof BuiltinNumericType and + var.getType() instanceof BuiltInNumericType and + not var instanceof ExcludedVariable and message = "The type " + var.getType() + " is not a fixed-width numeric type." } predicate forbiddenTypedef(TypedefType typedef, string message) { - typedef.getBaseType() instanceof BuiltinNumericType and + typedef.getBaseType() instanceof BuiltInNumericType and not typedef.getName().regexpMatch("u?(int|float)(4|8|16|32|64|128)_t") and message = "The type " + typedef.getName() + " is not an alias to a fixed-width numeric type." } diff --git a/c/misra/test/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.expected b/c/misra/test/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.expected index 7aa7ba28ad..49865c8824 100644 --- a/c/misra/test/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.expected +++ b/c/misra/test/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.expected @@ -1,5 +1,4 @@ | test.c:27:5:27:26 | _astronomical_number_t | The type _astronomical_number_t is not an alias to a fixed-width numeric type. | -| test.c:30:10:30:13 | argc | The type int is not a fixed-width numeric type. | | test.c:34:15:34:16 | c2 | The type signed char is not a fixed-width numeric type. | | test.c:35:17:35:18 | c3 | The type unsigned char is not a fixed-width numeric type. | | test.c:38:9:38:10 | s1 | The type short is not a fixed-width numeric type. | diff --git a/cpp/autosar/src/rules/A3-9-1/VariableWidthIntegerTypesUsed.ql b/cpp/autosar/src/rules/A3-9-1/VariableWidthIntegerTypesUsed.ql index 46376be1af..699b79ae61 100644 --- a/cpp/autosar/src/rules/A3-9-1/VariableWidthIntegerTypesUsed.ql +++ b/cpp/autosar/src/rules/A3-9-1/VariableWidthIntegerTypesUsed.ql @@ -18,32 +18,16 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.EncapsulatingFunctions - -/** - * any `Parameter` in a main function like: - * int main(int argc, char *argv[]) - */ -class ExcludedVariable extends Parameter { - ExcludedVariable() { getFunction() instanceof MainFunction } -} +import codingstandards.cpp.BuiltInNumericTypes from Variable v where not isExcluded(v, DeclarationsPackage::variableWidthIntegerTypesUsedQuery()) and ( - v.getType() instanceof PlainCharType - or - v.getType() instanceof UnsignedCharType - or + v.getType() instanceof BuiltInIntegerType or + v.getType() instanceof PlainCharType or + v.getType() instanceof UnsignedCharType or v.getType() instanceof SignedCharType - or - v.getType() instanceof ShortType - or - v.getType() instanceof IntType - or - v.getType() instanceof LongType - or - v.getType() instanceof LongLongType ) and not v instanceof ExcludedVariable select v, "Variable '" + v.getName() + "' has variable-width type." diff --git a/cpp/common/src/codingstandards/cpp/BuiltInNumericTypes.qll b/cpp/common/src/codingstandards/cpp/BuiltInNumericTypes.qll new file mode 100644 index 0000000000..b145428a57 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/BuiltInNumericTypes.qll @@ -0,0 +1,22 @@ +import cpp +import codingstandards.cpp.EncapsulatingFunctions + +class BuiltInIntegerType extends BuiltInType { + BuiltInIntegerType() { + this instanceof ShortType + or + this instanceof IntType + or + this instanceof LongType + or + this instanceof LongLongType + } +} + +/** + * any `Parameter` in a main function like: + * int main(int argc, char *argv[]) + */ +class ExcludedVariable extends Parameter { + ExcludedVariable() { getFunction() instanceof MainFunction } +} From 0f532e3c589e243b46d7ccd786d278fca0ba2431 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Mon, 6 Mar 2023 15:16:57 -0800 Subject: [PATCH 0643/2573] Update .expected for 7-4 --- .../RULE-7-4/StringLiteralAssignedToNonConstChar.expected | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.expected b/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.expected index 379a5659fd..235697faa6 100644 --- a/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.expected +++ b/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.expected @@ -1,4 +1,4 @@ -| char* function sample3 is returning a string literal. | -| char* parameter of sample4 is passed a string literal. | -| char* variable s3 is assigned a string literal. | -| char* variable s3 is declared with a string literal. | +| test.c:9:9:9:10 | s3 | char* variable s3 is declared with a string literal. | +| test.c:11:3:12:15 | ... = ... | char* variable s3 is assigned a string literal. | +| test.c:26:5:26:21 | return ... | char* function sample3 is returning a string literal. | +| test.c:38:3:38:9 | call to sample4 | char* parameter of sample4 is passed a string literal. | From d327596ee8473fc98f9f2711a913d29a34bd9e9a Mon Sep 17 00:00:00 2001 From: Shadi Samadi Date: Tue, 7 Mar 2023 10:46:58 +1100 Subject: [PATCH 0644/2573] added RULE-16-1 and moved M6-4-3 to shared folder --- .../SwitchCasePositionCondition.expected | 1 + .../SwitchCasePositionCondition.ql | 2 + .../rules/switchcasepositioncondition/test.c | 42 +++++++++ .../SwitchNotWellFormed.expected | 3 + .../SwitchNotWellFormed.ql | 2 + .../test/rules/switchnotwellformed/test.c | 40 ++++++++ .../RULE-16-1/SwitchCaseStartCondition.ql | 22 +++++ .../RULE-16-1/SwitchStmtNotWellFormed.ql | 22 +++++ .../M6-4-3/SwitchDoesNotStartWithCase.ql | 15 ++- .../M6-4-3/SwitchStatementNotWellFormed.ql | 15 ++- .../SwitchDoesNotStartWithCase.expected | 1 - .../M6-4-3/SwitchDoesNotStartWithCase.qlref | 1 - .../M6-4-3/SwitchDoesNotStartWithCase.testref | 1 + .../SwitchStatementNotWellFormed.expected | 3 - .../M6-4-3/SwitchStatementNotWellFormed.qlref | 1 - .../SwitchStatementNotWellFormed.testref | 1 + cpp/autosar/test/rules/M6-4-3/test.cpp | 92 ------------------- .../SwitchCasePositionCondition.qll | 32 +++++++ .../SwitchNotWellFormed.qll | 26 ++++++ .../SwitchCasePositionCondition.expected | 1 + .../SwitchCasePositionCondition.ql | 2 + .../switchcasepositioncondition/test.cpp | 42 +++++++++ .../SwitchNotWellFormed.expected | 3 + .../SwitchNotWellFormed.ql | 2 + .../test/rules/switchnotwellformed/test.cpp | 40 ++++++++ rule_packages/cpp/Conditionals.json | 2 + 26 files changed, 298 insertions(+), 116 deletions(-) create mode 100644 c/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.expected create mode 100644 c/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql create mode 100644 c/common/test/rules/switchcasepositioncondition/test.c create mode 100644 c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.expected create mode 100644 c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql create mode 100644 c/common/test/rules/switchnotwellformed/test.c create mode 100644 c/misra/src/rules/RULE-16-1/SwitchCaseStartCondition.ql create mode 100644 c/misra/src/rules/RULE-16-1/SwitchStmtNotWellFormed.ql delete mode 100644 cpp/autosar/test/rules/M6-4-3/SwitchDoesNotStartWithCase.expected delete mode 100644 cpp/autosar/test/rules/M6-4-3/SwitchDoesNotStartWithCase.qlref create mode 100644 cpp/autosar/test/rules/M6-4-3/SwitchDoesNotStartWithCase.testref delete mode 100644 cpp/autosar/test/rules/M6-4-3/SwitchStatementNotWellFormed.expected delete mode 100644 cpp/autosar/test/rules/M6-4-3/SwitchStatementNotWellFormed.qlref create mode 100644 cpp/autosar/test/rules/M6-4-3/SwitchStatementNotWellFormed.testref delete mode 100644 cpp/autosar/test/rules/M6-4-3/test.cpp create mode 100644 cpp/common/src/codingstandards/cpp/rules/switchcasepositioncondition/SwitchCasePositionCondition.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/switchnotwellformed/SwitchNotWellFormed.qll create mode 100644 cpp/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.expected create mode 100644 cpp/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql create mode 100644 cpp/common/test/rules/switchcasepositioncondition/test.cpp create mode 100644 cpp/common/test/rules/switchnotwellformed/SwitchNotWellFormed.expected create mode 100644 cpp/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql create mode 100644 cpp/common/test/rules/switchnotwellformed/test.cpp diff --git a/c/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.expected b/c/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.expected new file mode 100644 index 0000000000..14cc8431da --- /dev/null +++ b/c/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.expected @@ -0,0 +1 @@ +| test.c:5:3:24:3 | switch (...) ... | $@ statement not well formed because the first statement in a well formed switch statement must be a case clause. | test.c:5:3:24:3 | switch (...) ... | Switch | diff --git a/c/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql b/c/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql new file mode 100644 index 0000000000..65188d04f7 --- /dev/null +++ b/c/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.switchcasepositioncondition.SwitchCasePositionCondition diff --git a/c/common/test/rules/switchcasepositioncondition/test.c b/c/common/test/rules/switchcasepositioncondition/test.c new file mode 100644 index 0000000000..bbdbddfb80 --- /dev/null +++ b/c/common/test/rules/switchcasepositioncondition/test.c @@ -0,0 +1,42 @@ +void f1(int p1); + +void f2(int p1) { + + switch (p1) { + start:; // NON_COMPLIANT + case 1: + if (p1) { + ; + }; + break; + case 2: + if (p1) { + ; + } + break; + case 3: + if (p1) { + ; + } + break; + default:; + break; + } +} +void f3(int p1) { + + switch (p1) { // COMPLIANT + case 2: + if (p1) { + ; + } + break; + case 3: + if (p1) { + ; + } + break; + default:; + break; + } +} diff --git a/c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.expected b/c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.expected new file mode 100644 index 0000000000..a9062b5fd4 --- /dev/null +++ b/c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.expected @@ -0,0 +1,3 @@ +| test.c:4:3:10:3 | switch (...) ... | $@ statement not well formed because this $@ block uses a statement that is not allowed. | test.c:4:3:10:3 | switch (...) ... | Switch | test.c:5:3:5:9 | case ...: | case | +| test.c:13:3:20:3 | switch (...) ... | $@ statement not well formed because this $@ block uses a statement that is not allowed. | test.c:13:3:20:3 | switch (...) ... | Switch | test.c:14:3:14:10 | case ...: | case | +| test.c:25:3:30:3 | switch (...) ... | $@ statement not well formed because this $@ block uses a statement that is not allowed. | test.c:25:3:30:3 | switch (...) ... | Switch | test.c:26:3:26:9 | case ...: | case | diff --git a/c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql b/c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql new file mode 100644 index 0000000000..0a398a99a9 --- /dev/null +++ b/c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.switchnotwellformed.SwitchNotWellFormed diff --git a/c/common/test/rules/switchnotwellformed/test.c b/c/common/test/rules/switchnotwellformed/test.c new file mode 100644 index 0000000000..d1fe00d5af --- /dev/null +++ b/c/common/test/rules/switchnotwellformed/test.c @@ -0,0 +1,40 @@ + +void f1(); +void f2(int p1) { + switch (p1) { + case 1: + int y = p1; // NON_COMPLIANT - `DeclStmt` whose parent + // statement is the switch body + f1(); + break; + } +} +void f3(int p1) { + switch (p1) { + case 10: + f1(); + goto L1; // NON_COMPLIANT - `JumpStmt` whose parent statement is the// + // switch// body + case 2: + break; + } +L1:; +} + +void f4(int p1) { + switch (p1) { + case 1: + L1:; // NON_COMPLIANT - `LabelStmt` whose parent statement is the + // switch body + break; + } +} + +void f5(int p1) { + switch (p1) { + case 1: // COMPLIANT + default: + p1 = 0; + break; + } +} diff --git a/c/misra/src/rules/RULE-16-1/SwitchCaseStartCondition.ql b/c/misra/src/rules/RULE-16-1/SwitchCaseStartCondition.ql new file mode 100644 index 0000000000..32d390e33e --- /dev/null +++ b/c/misra/src/rules/RULE-16-1/SwitchCaseStartCondition.ql @@ -0,0 +1,22 @@ +/** + * @id c/misra/switch-case-start-condition + * @name RULE-16-1: A well formed switch statement must start with a case clause + * @description The switch statement syntax is weak and may lead to unspecified behaviour. + * @kind problem + * @precision very-high + * @problem.severity recommendation + * @tags external/misra/id/rule-16-1 + * maintainability + * readability + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.rules.switchcasepositioncondition.SwitchCasePositionCondition + +class SwitchCaseStartConditionQuery extends SwitchCasePositionConditionSharedQuery { + SwitchCaseStartConditionQuery() { + this = Statements3Package::switchCaseStartConditionQuery() + } +} diff --git a/c/misra/src/rules/RULE-16-1/SwitchStmtNotWellFormed.ql b/c/misra/src/rules/RULE-16-1/SwitchStmtNotWellFormed.ql new file mode 100644 index 0000000000..30293e41dd --- /dev/null +++ b/c/misra/src/rules/RULE-16-1/SwitchStmtNotWellFormed.ql @@ -0,0 +1,22 @@ +/** + * @id c/misra/switch-stmt-not-well-formed + * @name RULE-16-1: A well formed switch statement should only have expression, compound, selection, iteration or try statements within its body + * @description The switch statement syntax is weak and may lead to unspecified behaviour. + * @kind problem + * @precision very-high + * @problem.severity recommendation + * @tags external/misra/id/rule-16-1 + * maintainability + * readability + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.rules.switchnotwellformed.SwitchNotWellFormed + +class SwitchStmtNotWellFormedQuery extends SwitchNotWellFormedSharedQuery { + SwitchStmtNotWellFormedQuery() { + this = Statements3Package::switchStmtNotWellFormedQuery() + } +} diff --git a/cpp/autosar/src/rules/M6-4-3/SwitchDoesNotStartWithCase.ql b/cpp/autosar/src/rules/M6-4-3/SwitchDoesNotStartWithCase.ql index d56bf1da0f..07953dd9f1 100644 --- a/cpp/autosar/src/rules/M6-4-3/SwitchDoesNotStartWithCase.ql +++ b/cpp/autosar/src/rules/M6-4-3/SwitchDoesNotStartWithCase.ql @@ -16,13 +16,10 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.SwitchStatement +import codingstandards.cpp.rules.switchcasepositioncondition.SwitchCasePositionCondition -from SwitchStmt switch, SwitchCase case -where - not isExcluded(switch, ConditionalsPackage::switchDoesNotStartWithCaseQuery()) and - case = switch.getASwitchCase() and - switchWithCaseNotFirst(switch) -select switch, - "$@ statement not well formed because the first statement in a well formed switch statement must be a case clause.", - switch, "Switch" +class SwitchDoesNotStartWithCaseQuery extends SwitchCasePositionConditionSharedQuery { + SwitchDoesNotStartWithCaseQuery() { + this = ConditionalsPackage::switchDoesNotStartWithCaseQuery() + } +} diff --git a/cpp/autosar/src/rules/M6-4-3/SwitchStatementNotWellFormed.ql b/cpp/autosar/src/rules/M6-4-3/SwitchStatementNotWellFormed.ql index 83d4c2017f..24ac2298b5 100644 --- a/cpp/autosar/src/rules/M6-4-3/SwitchStatementNotWellFormed.ql +++ b/cpp/autosar/src/rules/M6-4-3/SwitchStatementNotWellFormed.ql @@ -16,13 +16,10 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.SwitchStatement +import codingstandards.cpp.rules.switchnotwellformed.SwitchNotWellFormed -from SwitchStmt switch, SwitchCase case -where - not isExcluded(switch, ConditionalsPackage::switchStatementNotWellFormedQuery()) and - case = switch.getASwitchCase() and - switchCaseNotWellFormed(case) -select switch, - "$@ statement not well formed because this $@ block uses a statement that is not allowed.", - switch, "Switch", case, "case" +class SwitchStatementNotWellFormedQuery extends SwitchNotWellFormedSharedQuery { + SwitchStatementNotWellFormedQuery() { + this = ConditionalsPackage::switchStatementNotWellFormedQuery() + } +} diff --git a/cpp/autosar/test/rules/M6-4-3/SwitchDoesNotStartWithCase.expected b/cpp/autosar/test/rules/M6-4-3/SwitchDoesNotStartWithCase.expected deleted file mode 100644 index 58fffdcdbb..0000000000 --- a/cpp/autosar/test/rules/M6-4-3/SwitchDoesNotStartWithCase.expected +++ /dev/null @@ -1 +0,0 @@ -| test.cpp:6:3:28:3 | switch (...) ... | $@ statement not well formed because the first statement in a well formed switch statement must be a case clause. | test.cpp:6:3:28:3 | switch (...) ... | Switch | diff --git a/cpp/autosar/test/rules/M6-4-3/SwitchDoesNotStartWithCase.qlref b/cpp/autosar/test/rules/M6-4-3/SwitchDoesNotStartWithCase.qlref deleted file mode 100644 index 6cd5c459fb..0000000000 --- a/cpp/autosar/test/rules/M6-4-3/SwitchDoesNotStartWithCase.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M6-4-3/SwitchDoesNotStartWithCase.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M6-4-3/SwitchDoesNotStartWithCase.testref b/cpp/autosar/test/rules/M6-4-3/SwitchDoesNotStartWithCase.testref new file mode 100644 index 0000000000..4dd98ccfb9 --- /dev/null +++ b/cpp/autosar/test/rules/M6-4-3/SwitchDoesNotStartWithCase.testref @@ -0,0 +1 @@ +cpp/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M6-4-3/SwitchStatementNotWellFormed.expected b/cpp/autosar/test/rules/M6-4-3/SwitchStatementNotWellFormed.expected deleted file mode 100644 index 6985297c15..0000000000 --- a/cpp/autosar/test/rules/M6-4-3/SwitchStatementNotWellFormed.expected +++ /dev/null @@ -1,3 +0,0 @@ -| test.cpp:51:3:57:3 | switch (...) ... | $@ statement not well formed because this $@ block uses a statement that is not allowed. | test.cpp:51:3:57:3 | switch (...) ... | Switch | test.cpp:52:3:52:9 | case ...: | case | -| test.cpp:61:3:70:3 | switch (...) ... | $@ statement not well formed because this $@ block uses a statement that is not allowed. | test.cpp:61:3:70:3 | switch (...) ... | Switch | test.cpp:62:3:62:10 | case ...: | case | -| test.cpp:76:3:82:3 | switch (...) ... | $@ statement not well formed because this $@ block uses a statement that is not allowed. | test.cpp:76:3:82:3 | switch (...) ... | Switch | test.cpp:77:3:77:9 | case ...: | case | diff --git a/cpp/autosar/test/rules/M6-4-3/SwitchStatementNotWellFormed.qlref b/cpp/autosar/test/rules/M6-4-3/SwitchStatementNotWellFormed.qlref deleted file mode 100644 index d71f5220bc..0000000000 --- a/cpp/autosar/test/rules/M6-4-3/SwitchStatementNotWellFormed.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M6-4-3/SwitchStatementNotWellFormed.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M6-4-3/SwitchStatementNotWellFormed.testref b/cpp/autosar/test/rules/M6-4-3/SwitchStatementNotWellFormed.testref new file mode 100644 index 0000000000..7695dc2772 --- /dev/null +++ b/cpp/autosar/test/rules/M6-4-3/SwitchStatementNotWellFormed.testref @@ -0,0 +1 @@ +cpp/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M6-4-3/test.cpp b/cpp/autosar/test/rules/M6-4-3/test.cpp deleted file mode 100644 index 4156053457..0000000000 --- a/cpp/autosar/test/rules/M6-4-3/test.cpp +++ /dev/null @@ -1,92 +0,0 @@ -void f(int y); - -void test_caseclausenotfirst_invalid(int expression) { - int i = 5; - int j; - switch (expression) { - start: - expression = 4; // NON_COMPLIANT - first statement must be case clause - case 1: - if (i > 4) { - j = 3; - } - i = 3; - break; - case 2: - if (i % 2 == 0) { - j = 1; - } - break; - case 3: - if (i % 2 == 1) { - j = 8; - } - break; - default: - j = 5; - break; - } -} -void test_switch_caseclausefirst_valid(int expression) { - int i = 5; - int j; - switch (expression) { - case 2: - if (i % 2 == 0) { - j = 1; - } - break; - case 3: - if (i % 2 == 1) { - j = 8; - } - break; - default: - j = 5; - break; - } -} - -void test_notwellformedswitch_expr(int expression) { - switch (expression) { - case 1: - int y = expression + 1; // NON_COMPLIANT - `DeclStmt` whose parent - // statementis the switch body - f(y); - break; - } -} -void test_notwellformedswitch_jmp(int expression) { - int y = 2; - switch (expression) { - case 10: - f(y); - goto end; // NON_COMPLIANT - `JumpStmt` whose parent statement is the - // switch - // body - - case 2: - break; - } -end: - expression = 3; -} - -void test_notwellformedswitch_labelStmt(int expression) { - switch (expression) { - case 1: - start: - expression = 4; // NON_COMPLIANT - `LabelStmt` whose parent statement is the - // switch body - break; - } -} - -void test_emptyfallthrough(int expression) { - switch (expression) { - case 1: // COMPLIANT - default: - expression = 0; - break; - } -} diff --git a/cpp/common/src/codingstandards/cpp/rules/switchcasepositioncondition/SwitchCasePositionCondition.qll b/cpp/common/src/codingstandards/cpp/rules/switchcasepositioncondition/SwitchCasePositionCondition.qll new file mode 100644 index 0000000000..68ba9850af --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/switchcasepositioncondition/SwitchCasePositionCondition.qll @@ -0,0 +1,32 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import codingstandards.cpp.SwitchStatement + +abstract class SwitchCasePositionConditionSharedQuery extends Query { } + +Query getQuery() { result instanceof SwitchCasePositionConditionSharedQuery } + +//from SwitchStmt switch, SwitchCase case +//where +//not isExcluded(switch, ConditionalsPackage::switchDoesNotStartWithCaseQuery()) and +//case = switch.getASwitchCase() and +//switchWithCaseNotFirst(switch) +//select switch, +//"$@ statement not well formed because the first statement in a well formed switch statement must be a case clause.", +//switch, "Switch" +query predicate problems( + SwitchStmt switch, string message, SwitchStmt switchLocation, string switchMessage +) { + not isExcluded(switch, getQuery()) and + exists(SwitchCase case | case = switch.getASwitchCase()) and + switchWithCaseNotFirst(switch) and + switchLocation = switch and + switchMessage = "Switch" and + message = + "$@ statement not well formed because the first statement in a well formed switch statement must be a case clause." +} diff --git a/cpp/common/src/codingstandards/cpp/rules/switchnotwellformed/SwitchNotWellFormed.qll b/cpp/common/src/codingstandards/cpp/rules/switchnotwellformed/SwitchNotWellFormed.qll new file mode 100644 index 0000000000..ee04228a95 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/switchnotwellformed/SwitchNotWellFormed.qll @@ -0,0 +1,26 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import codingstandards.cpp.SwitchStatement + +abstract class SwitchNotWellFormedSharedQuery extends Query { } + +Query getQuery() { result instanceof SwitchNotWellFormedSharedQuery } + +query predicate problems( + SwitchStmt switch, string message, SwitchStmt switchLocation, string switchMessage, + SwitchCase case, string caseMessage +) { + not isExcluded(switch, getQuery()) and + case = switch.getASwitchCase() and + switchCaseNotWellFormed(case) and + switch = switchLocation and + message = + "$@ statement not well formed because this $@ block uses a statement that is not allowed." and + switchMessage = "Switch" and + caseMessage = "case" +} diff --git a/cpp/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.expected b/cpp/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.expected new file mode 100644 index 0000000000..9bad1dc42e --- /dev/null +++ b/cpp/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.expected @@ -0,0 +1 @@ +| test.cpp:5:3:24:3 | switch (...) ... | $@ statement not well formed because the first statement in a well formed switch statement must be a case clause. | test.cpp:5:3:24:3 | switch (...) ... | Switch | diff --git a/cpp/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql b/cpp/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql new file mode 100644 index 0000000000..65188d04f7 --- /dev/null +++ b/cpp/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.switchcasepositioncondition.SwitchCasePositionCondition diff --git a/cpp/common/test/rules/switchcasepositioncondition/test.cpp b/cpp/common/test/rules/switchcasepositioncondition/test.cpp new file mode 100644 index 0000000000..bbdbddfb80 --- /dev/null +++ b/cpp/common/test/rules/switchcasepositioncondition/test.cpp @@ -0,0 +1,42 @@ +void f1(int p1); + +void f2(int p1) { + + switch (p1) { + start:; // NON_COMPLIANT + case 1: + if (p1) { + ; + }; + break; + case 2: + if (p1) { + ; + } + break; + case 3: + if (p1) { + ; + } + break; + default:; + break; + } +} +void f3(int p1) { + + switch (p1) { // COMPLIANT + case 2: + if (p1) { + ; + } + break; + case 3: + if (p1) { + ; + } + break; + default:; + break; + } +} diff --git a/cpp/common/test/rules/switchnotwellformed/SwitchNotWellFormed.expected b/cpp/common/test/rules/switchnotwellformed/SwitchNotWellFormed.expected new file mode 100644 index 0000000000..0353e68531 --- /dev/null +++ b/cpp/common/test/rules/switchnotwellformed/SwitchNotWellFormed.expected @@ -0,0 +1,3 @@ +| test.cpp:4:3:10:3 | switch (...) ... | $@ statement not well formed because this $@ block uses a statement that is not allowed. | test.cpp:4:3:10:3 | switch (...) ... | Switch | test.cpp:5:3:5:9 | case ...: | case | +| test.cpp:13:3:20:3 | switch (...) ... | $@ statement not well formed because this $@ block uses a statement that is not allowed. | test.cpp:13:3:20:3 | switch (...) ... | Switch | test.cpp:14:3:14:10 | case ...: | case | +| test.cpp:25:3:30:3 | switch (...) ... | $@ statement not well formed because this $@ block uses a statement that is not allowed. | test.cpp:25:3:30:3 | switch (...) ... | Switch | test.cpp:26:3:26:9 | case ...: | case | diff --git a/cpp/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql b/cpp/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql new file mode 100644 index 0000000000..0a398a99a9 --- /dev/null +++ b/cpp/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.switchnotwellformed.SwitchNotWellFormed diff --git a/cpp/common/test/rules/switchnotwellformed/test.cpp b/cpp/common/test/rules/switchnotwellformed/test.cpp new file mode 100644 index 0000000000..d1fe00d5af --- /dev/null +++ b/cpp/common/test/rules/switchnotwellformed/test.cpp @@ -0,0 +1,40 @@ + +void f1(); +void f2(int p1) { + switch (p1) { + case 1: + int y = p1; // NON_COMPLIANT - `DeclStmt` whose parent + // statement is the switch body + f1(); + break; + } +} +void f3(int p1) { + switch (p1) { + case 10: + f1(); + goto L1; // NON_COMPLIANT - `JumpStmt` whose parent statement is the// + // switch// body + case 2: + break; + } +L1:; +} + +void f4(int p1) { + switch (p1) { + case 1: + L1:; // NON_COMPLIANT - `LabelStmt` whose parent statement is the + // switch body + break; + } +} + +void f5(int p1) { + switch (p1) { + case 1: // COMPLIANT + default: + p1 = 0; + break; + } +} diff --git a/rule_packages/cpp/Conditionals.json b/rule_packages/cpp/Conditionals.json index 549f3440e3..dba9341493 100644 --- a/rule_packages/cpp/Conditionals.json +++ b/rule_packages/cpp/Conditionals.json @@ -161,6 +161,7 @@ "precision": "very-high", "severity": "recommendation", "short_name": "SwitchDoesNotStartWithCase", + "shared_implementation_short_name": "SwitchCasePositionCondition", "tags": [ "maintainability", "readability" @@ -173,6 +174,7 @@ "precision": "very-high", "severity": "recommendation", "short_name": "SwitchStatementNotWellFormed", + "shared_implementation_short_name": "SwitchNotWellFormed", "tags": [ "maintainability", "readability" From 12da78003c426b9b7f94b723bab611983ec18936 Mon Sep 17 00:00:00 2001 From: Shadi Samadi Date: Tue, 7 Mar 2023 10:58:20 +1100 Subject: [PATCH 0645/2573] added image of rule condition to RULE-16-1 --- .../src/rules/RULE-16-1/6-4-3_grammar_1.png | Bin 0 -> 213564 bytes .../src/rules/RULE-16-1/6-4-3_grammar_2.png | Bin 0 -> 26933 bytes .../src/rules/RULE-16-1/6-4-3_grammar_3.png | Bin 0 -> 58008 bytes 3 files changed, 0 insertions(+), 0 deletions(-) create mode 100644 c/misra/src/rules/RULE-16-1/6-4-3_grammar_1.png create mode 100644 c/misra/src/rules/RULE-16-1/6-4-3_grammar_2.png create mode 100644 c/misra/src/rules/RULE-16-1/6-4-3_grammar_3.png diff --git a/c/misra/src/rules/RULE-16-1/6-4-3_grammar_1.png b/c/misra/src/rules/RULE-16-1/6-4-3_grammar_1.png new file mode 100644 index 0000000000000000000000000000000000000000..d6adfd06c1335fbc7f370fcfb37862f5be316ed6 GIT binary patch literal 213564 zcmd?RbzD?y`!7s`bV`>nh;)NAA`Q|d-6aju4FXcq-617N4=LRtT|;+w*IDenpZ)&c z&pCTP=l_EPvskQIamRIi};mVV4)QL*6s(%3HqVhc(b*shqI zy}Ol--Z3@=HSJgix^D`fmTu7RoA=>E+rZvP45YTU$wX z+ahf>HxgrAScYTse+BPFW=h94l(eMp3va#sj(K1phY#~OV6|?lXIh~C%~y2mspFYV z$gOiB*gaXxUBJ8P_NY88!CZC|S`_C5iCG%?gvVa*0~Ti_wu@vnuD$MB;II{uBkxhX zz)Du)bzss;EW-uiVaS1}Qa_aV0VA>cn$(0HP5K7?ow-m&XJ8-Zq)k6rFH$=q27z7g zs~`?so;d|Zu`asW-;_f0+QB<8tfudl5f8!#b{wGR1fCX)iigGzb2EL56ehup z%b(!4J&P@Cby^!x({w{hI}<=S`K)A!i&4H)NWZ;NI7WI;C=(xX!Vt|p6(^&-TbrQc zkc)4d%Zu}2Exi$j;UBo-HF-Rt+QWRG5M~yk5zK3yFA=44?MhFwv7Ld=aW&D9GL@5q zq64;(px~jgp)!Od)Q&9Y_yuhZliIV|^tMw-vM_yNfSAQJA3v55{W`0HS$01Hu z0=m{^!tUI`*oP*CtY7@P7cy%+!MNO7!RY8_<7D8Mh+HsP8PN{6wl{1Ftl}c z5_t9M`9gnx{du2G7N-B-m24dUdMw}pnVV{P($mkMck7<&}4^FafUoe11Vz z{y&cV|LyzhI{eJf7ylnO^XHTPu@`t$L1cdBzne`EnNW8H5eiBeO6t9ciYxSfIwBZX zZ0ZY2moIGybeF1#2(Ah$Egglwf6`~UtTH6S?zF11GI~?7E}dy88ew%T93})7Lt(}D z@Nlpph6r70cS3pxdM3{DBeKB_SHqCI$+N)&6&>f@AG;ZRTPo?}wBPcQBz@uj%Zq~2 z4}`sG#Dz@({a;?c;moy{h5zeel48EyK`P*+R z_r$Yd?}ytro<9w<-Oe_5Q*B#DL5GzCOmAg252%G<{_UmU2uC#0AH-_ZZQcQ6_jufa zVYxq3!70Hd)_1lwQuhTOBEI$x*>zC*-_NoKM-*qDEtAMZ**d!RTkI`?karUio3Z41 z_0`%79GV$6bscBbnvDdlxi!m~BE}C)VGV`jKYnHJ$2yAcSk%V;V+W66JwN*8l8?{D z#k5|DR4h$V^VOo3^TAvVEhC(Y;BhOgYAToY*Ub~>HcqDVgL!qviuV^Yo|dt(D?0ej zDGkJ932DSiwpBm=u@$~W3SXF4jMva}U5&{w|A^!}s#`9(joOc zZsXl{lxw7Yr(j0FCtJL8D=Q#aThrIqtMz|*kqqGgHYVz}faU&R($7im>(LTUm+3Bx zZ~Ls1&-m~5t9BcYTE?%K>(^tD>G6vxC%Im;6ov7YWHWmXNDjAzR`UPjlq&RrYa+&H z!SNZ*5&MYs$?oC)Y-El!`fa4muct>3V)M7|LnKd^^R~NZBSPH4@bh{;52}b3Okhk$ znA6VutqhM32jI0x%k|#q+f!-!A9=NNmL=d)&zZHFns6)oQMH31~QD zCcb3WC2`?(Vv<=}o$Uw?{m0&x%v!-bHq`cgceYznu68hAr!JSurAlAkRQcFi^BcH{ z;?FY%h?BVz7%~^RQG!Y?OI~%nkJoFeTf^z9Ri;Bu$Hu9Yrdy{2%<7CS;dKl(y!L*US1vfkT&GiOykDcgp3C;N|+ zMHmJx&=)M+mwpLx91*sIk09noe>_e61vjnjC`ZAHcK$Z4$85>#YVsn@zMC-nZ1WaN zf<#dz@@mOP2(#;Fi|yt9Ec{KR;H|k<0j(2kGHcmcwdEw8hGkLyKBw~Zi`QwGbVkR^ zZGHq|{^AitL8nZO`<1u+WufgnPEl`N_bYl}6qEMu6!7Qlx6)k@*199c85Fj$pXlq5M6+V>fHt#pPxs07B7tzzdR!l-PbQ(Rt0y$Ci z9}35<_|Z1Pvhubj$ogURf#F^%4d2-<}fFr=AuDN=k9(GtA0kNmf3@rdJlm!tjSt5fa- z2@qBbOIJFA=dBWTJ}0*zbiIw+R@f}7TXetV#XaweQ4Gu_qgBn7TBS1Y_!14tJ40D@3kqilPFO|%wN4M?l;CDB&Z$~{huVZAGULpZPvRz860;`O5ckaJpFIWuwgs0|n;)@QA)t5o?1Rp#jyJbnGBRs{a`?@j0D zS9QHEROh+IUA70naRnd383}L|Xi)jsO$U+i-c(&%H*+s}R<&FXaW8E@!ai|X&&}+K zV`1bX_G`H;I0uyJG|uhuAj0B|z1>R79qBM%neyYW{3^Z`dKW9Es~L?sm?Kw`tpr1-{bjrAq%(KS<_VgbmyrGHW~dh9@g`Ejx?Y9lOAD+>#T!`n53`czm4aM zOktZk$ueR}MY1rmizufFMTsIbt{LIX8PBt!iZ3zFSRy+N@6^wJ?`L&JNl{(8{Ilm9eTsIXBoYZDvdzVo(356Q0%kyn`%Zr1 zM5`a{fwlhDpG__Gw(Vl_u<@u2QyKQ*3CL0AE{X;GU`c;I(%9u%^TvZ(_TX&mG2X6_ zd<0a2ETdOh3@m{%)ZC#Wy=3hhxY*j7*-xE6vl28-2|Y-?Q0heOZeZ1=fw-xZsOw(T z97!7Yl=*Zoq2sy|#B18qX^&`V<&_&sgT_j^9y9ji$GAIFuJTv?YxM_R%gqeo!sO#EpDtj=|YRH&#R-|0|v9|>S9+$lvcfO z7|SP$XXNZ|^(gFz1}c$Cnk7wSp(14;mU9T8Pj#FzdJFR( zQqTqJX*89@?)_or_YC)bx+#!afIsVMhR31e)9v)HxM-}(#;-=S{OiEW5dWpkz3FnjPZ`v&BQSh=;e>8Nu=M?PQ}3{n@TZ5i zfO*87=wN+zu8IAjva+K;ymi99t#lO19%Ou$9Wk1OR}d|=i<|4mhytCHD;195M}YDv zWBdc39HK?!=Dc;?!Y8ucK;NPA=F60!FZPsWai7SlG5lKfJWs?@B~WSnz=)M@5PNI3 zo0zL4qsWR2if)+hXfPG~(9b-|+T{ZNA>dO(mkxB^OsM}NStB3z?^!ZKXJ6u~cHM934$g*<5SXP!e^new zg0R@v@>5LTe-gpnsA*Yq25CNoq+&W}2H`>3sjky>qG7@M3k1be8xB_XjDMG(KJ*2E zFue!*VcDQ1OzCH+*W5QT_$CdXUNUH8t+BLPC#FL9?MABseASS6(2~krW@{~e_%9@r z!xiQU#q}FbM+g?xM770usTO4?j&B=u%Z>@2aNpR1Z%a4WHwjju6oZskg9M#yf0+cixmRDl0o3)?Kp5BgR zS}?X;dnxNF0)++w3%bh^32-V!>x2>ZH`rN^1zIiqYnQX{NiQQ}TPQPl8OH0^O@Q!% z&AUt;&y%jhHyfKGzby$kAnP)V01A<56mb}6dA!}L$?g|Ww;`dljcIWnSQq?f`Yqf+ z^UY%e=2#>&T(~~T%NE-oA&ig8QNwAEZsOPdsmuispNeok@Q9SN@NC2>pL>ZRRTv7*Ucgd@EO@O< zvXxQ5<8q=z05V^JZPXw4=2C^Dl>>MCI!;F4%wMO`t?GHkDcGb|FL~d+q1|4?j=R*T zFi>LMl-hj{f#w!*i^8KpBJc)O1-eou;eGVdceJJ&tq-H#H&?%&bo5Ca(GbCiC2*}{ zayD=6jfNAO%0{6su8x-U>Sp6N00M>~0NWMLBgNCW;qY%^+W_ad(g7MNd->N+L8_C2 zP5|zq>*LLc&r9d908gY8D{NDFs%vJ`HBtM9^D&t{nKFB51lZWlr6&IhXg?=8T}L!6 zT7NlTJ?*2(l0=W$!$#>jfKF8E!$Y$fiZ_;^_Q+nB_Wi)4kgsdBjM_Iu0#4*U7fbcmA0L7Ptf z^UUfgduoo_E|!se|8X8;~AOxCA>3CzwHueF6n@xBP z#1~cbOD}C5`qH2N0*oT|ld9@E`8qpbY0YUcl-{Mr3RKYjGkJ`kIG!d?)DGGKaBfKo zmo-r$BZpD*%-|uQnpluO7WgJGYNafwXc4^00N{nk2mpr6CbLBmJwAQbp3TmSiq-MI zqNClE@%o0?Cy`m-f5r1bKQIY}rp9V|c>hZ+_8@N@2J#Wl8m0}_b(N6av~!dF zwayxhsTb9^Q-C5`Gwm_PRf|hS;ykmbve?^;z3=D(=f4$n9eoKOk{)bhSk;7Q-8;~@ zlg2GK2a}PR(q!4hV?%LX@2cW&@*CU5mi+!alIk_#bKHhl0?_cev@tEXJ26@0SWHBU zl&sb-ujZ+9_q*sY!Pk8;r@{Ro$`3WDT4L*s*?qRi#4LM-u2E*t_ZUaycaruO`M;-XoDxu1Q0fH{yNF1aBsnEiy$ zc^7vGoA+}B3fPwi%^o^rAq&hx3$Rn^MgwHLO_C;HrcsJHFSU5#8PW(_gyUh;)IT1n z1Aw^ZW;3-!v&wYGlLambj{7|zLb3;2o^Ov*Zd5l@@P)uv9JSmP10o_`r>&h?j4gQO z3o<=j&I`YvI#=>6t`r5G0H`G%;CJ_d*e?P>`ps@mpX!Y0N>mbJM=*x^HVU`F1`Gtv zAdCl*22_N@l-W8;4cFgtIcGIwU>>GQ#j@G@yL#%QRnV#kxbl^P3r8dj?nPMza*306 zE&|=VJ1pF}JW>~kVg$L6?!!g7&t%(>{UQ*WWb)*=7gPW(ZBoUmj^#b&=U^%GDL}P6w*{vB~?dcp%W1)=L=_$_Mp}<(8`d(BH#^%auaf z-OCH$W-mH1d_>5u0%?V<-LQKo0G><^8ThOR8JO{0oddZ70d>CyoG!yu-?^CxM)0Fm zfK?lV#S;JKl(P%ghaXPms%L{N~8u|T@P>X?E{&Z{78G?10 zGK&=u*Bt3dAU{f7;`GkVcv6~z-Uddq4bvU{v>#=*ZJ?K4BtJK2+emZA@N7A`9zd)x z_QZH;&QqG%_fl`yXsWv==n;PXuEM2@L;RPqeUSpC-J2)P)-g|qpWP|&a6VpxO(qU! zPmFWEGcKW*NYQD6234qW51BtD160kNO35tUba_*6D|qkG@FyP;)4q9!2sT^B?_#H*%4z_iM;ES>^8^ z7<&V7^mnKHyl8!^XvhJmA3F%aFn;Ofw_m`hU`Z8K`r%FQc#GGauv$l8N>bhjh%ehH zVnK$XmZldr#OLWDo7awl9(%u;0QMQIievyeb7?c0fTCg8oJLbl|BQf;h3O@eHbH-i zx~}F1Rkh6tvjQ8Nf1{n;eiJs)%Pk0HI?L_i zrrY$L8XABU=d56$iI?@T10X7$&{ge50&IBWK4X~U_6rPuVtg5zLUsu3#nI9)4K9xs z^>W?M|GoDIH3NQ zEn_3wq%TL(3@>0Ea=x%}<8?Xwgf6PZjr5biZUSHl*~XlrwDKvi&y9y;93htzUHI1?>Bnz^n!Z$s+)p6+7=uiP?%Y1p+=xF)TVymU+fD zJndPRR}9@|?BaSbD^y$Hij^LOGI<(D8n%sn zT_xdbeBCF}6wKeJo(bBZX1@R&l33hY0u+Ur#$p%{*Qq%0>uj4H(s`^G{3pv!kO@G;hd-QnwG=8G3zv>)gA*4zr3GM|H8iN zvRuDp(|CX_v^9F`D*Mlth{6J#5;1;pV|`r4KeyDMmJbE9-@7FyH<|T^f0@*O{t1}c z5hxc89~sU6GvcEdl(YQFks$o&Vzny`Z5V4B!FG+FyEhE}T(G!gziyGiJO zxkrWa7r(&@<&B9ERR6^Sd;%Q6SfzhOP#9)+7}gxB6RAL?>N{+EWl$H}s96H-o) z{O4Zz!wLI;vk`xTb?YMk?359>X9MwKnD3|%a5#76r^|Fy0fC%MSppb%cqyVn3w$R|r9=urF@dZs8KsA|MbO2e!uZ3_< zX^1jv{A?wg?*8z6+l~L@wn3h@qMBZS;#6$E)?EZj(0FHEzmZ@G5XEQsw)<=>y-s&h z5<|_GCZu~#tZzHoGb!UGA6sy&gUlYn_w zo}lY)L9hC3A5Cf5T1R;ua#+u)Tx^euI&c4`RQUv;Qqi6odj3ow$ILwVuR?c}zwscM`_f9_rr; zFPcvK=`B~oD!N_>}jO; z_xDj=b)0=y8Bx5k-nMszC??tfnB4_f{!~{wAgovdq#6y+>)9PCDQhThjsHliOiD^k zN?+#6IU1$8ZfDY8sRs<2UOnJx97>F5V`}|w{!T0R*yj6nJPA|ZUi9)3g9dgv{eRTX zNi$XrvY`9!W z9wUfLc}w$xySISNJRyd!lNW|P9kTmP6#Yc;(~tOQr&0nx%VP5JeuMSCsvmhSJaf-M z>hynqC?Mr9k09vGG5@;H0W<}^At>=Lfbgph!Z>LxHj8gdN5eKv2OQbz-8uhc$JHyX zXT1#BhBxUH$1Wb1?+|RHScXL70kQAdkuUmKQGE|gm?@D=*3=3W>5ryGY;+eysIh=U zU-lVfv`86GN59^VVMP#$S&H+8vY`LfGM%8M=%|q6rYxvsf-!Kea9r(WmGb;S6jt_n zk#u5t-m$7H>zkvw+eoRi<}Fy4u_J48XG+O4AksJ~HoIRaVY{?RRMe=6k5$0=K=CKPy4Qf0*$xt3%)q7~)3_ zcRdsxh<%nv17%{6a1Ic=;+^sDX7!Wv0=6wT1(%^7<8s_@JP#Z8m~2g^)kKm6>VQYG zr0N3-1~j!Mr}o^JCEQj!Lu(_tv|r7lntVPECjo5!epgM`vJzfb;igm51Qkft;~`lm5=nK^__dg^1Ky22{aCW)s8Fdd74lA{(DoRPmmqwos=PsRCm$kfO$ z=f!>~9v4nBXN~K&vw+RN2Q(SoJ52tGkV#~emkbI(#fQA#FFlN|;IFO780^Z-PLy43 zfPRtd4anTMF89$FK*$?s-+tsd>segw3VY&_tVhg;TW8w=45Hs_Fg?d>8Jz?QrE((z zS844+$5axL6J6!iW75cFoiTZaCJ7C7*f$M-xaXhYdw|)nrCVJ1@T|`2c;9STMsQ9k zJd zM*KiGpZ&l<|2ELiwOte~u!|TpexraHYKG2k8|yGI{#e?cPnhbqF)${PWN?s+p)J^w zff$!uZM$$AduXa7)|^<~EZ9=F&=7Np_PDgW^y`;b&noFpAQ?1@#Y0Be z$`rFkD$<=wC!B<6;;GQh)gt51(IpyBSwhxg*0sm3TyRl#F-Q0ELBtE}o^L48~u;pfttCLxx(C z_GR!d{n?JpOJT;@fYTnOJ($rEHSak5_O;B}z+wQop~rqju;qO1kB>m};l;TE^+)4n z)`CDDt-KO-gYM!@SgZwA-xCr`|Z^IQ#mJpqiuAMvAFpDKdh z=`GlGpmFgX28EIK27r->ZNLVGAQoI4S`=taMW*%LnTlK@PRlqQ1K+Q;5Ql+pqX^Jc z6)@0G;YOS=+Wvko=C=MWThVh-7ZJ8Vx#C46vGWB4&6F09MY7F}=`W=lqMOxPvo!lJ z?R;h%}ivOPTPjDYkdgn!v@gLf*zGeYQEo>Cr@QkA9St z_Xee|`aqsehC^?vB3Z1Z)GILl8(<$61GN)1xTxTK2yuHn)#9(~G}qP8(al{Wy%AXC zfw8)ZckypEzq%wGB{86mc^<`EeAwS8U7D{5>g(h1Vh4<(;F#@U?Kptkm6w7DwDaubkHZG8{`>Tot<++Gv z`^=C6X}!mL)WH@QKf1@CJu3dWN!s(<%;hqv zzdeJv+JmPafF#-gNp0T?Tni|n-HTzds~M6)9=+4g#WlEfeguLSFSm}{k}~;RY)09} zv|BwS;(FBtS&y|eOgN=v})Z*DQpWHGLaZ_q+jo|4VD@l$RmRL0j@@^LC$MgIL z+*;~#gYplElY6m<^fn2jY@Y2(b5)Tk`v`wa!%vCC^o4aacUT)#py)N9w@+8x7!t}K z0NhWh{1Ksm)S^~%X-(63U|gc5$35XnJizknB~P~t?4!K#pCFmSj{}aS@k^2P z3kGd43ub1BDxFu;45x+mHy$`YhP#MzaPO>PH+*t3Q7`twE0@Uyi)25%URlkD0CiJp zH@x>ScnH|bGKtLxwetu^%~!gG_keq_`1m_v_A1+o2g)Nk-S+JKaDfkVS~=SjC`qYo zegvB8t&^M@H5^dIiP5=a^|OyAb;k4hHGvnaI&PfL?Re(-jdkrTjfPpe^Cz-oEOI(} zcPQ9CwgHCRvw^`iC=$68R--SBJ+x@XUvlb8>s(((+x&XCRM6EFEE|z{;sz>UJ3VMQ@KhK&Z29+fTjOI#M1;F(CwqcD#ry83?Gm5G;)hDtY z4Ism4(JZREs^iKC5@hcOp!4=lh1RzBBCYwC8X{9ffk!I4RXWaq>P=c2wQs>%DVO+o zS)D;mM(jU4HSe~8Qp?e$fXYh7Z^=ouKF08(pZ0)2o~R$Ms#bB+d7&xN(gcK-!SOnH z7!Z$Qq|4kP8<@@dj~Be`7tOhGgihD6=4w0rP(ljT~f9q)`Q*OW&;ez)7+D~*x6$9Eo; zEwAltIYF{NbL_KI+`}uMg%DvA%q;tCwp+?*T)=+(p|&eY0##Do7DYg-4*DSMOQ@Zc z&TG&f=zp5k)K;o^1uJG=;nW6?A9%Xj!ehc|YS(Cz@-SOvhELzHe4n4FYdO%muQvF| zvC(NgPMgztApvDlp~x$`0+;{Nw7eJF_Q$vGeGhvXWeWTc;BI)@udIAagVJ57`t}|; z;e_lomx~QNZ=ee=Fd%>}hMiAG;2xMa zOtqf&HO6Pc&_`71UYE1Avi3JB)slMQzs*KxPp%_Fh~&P@XWF1uEx+;`Ffth!V6?b1 zqGz@ro1T%S(wh=&zte)T+{0+W?=*=Z#hHncN$RrdrmtP)Dy7iM*n$q)IGBg=!%maz z=j(GpEgl%47`oD}-@LhByd33T6&#MFEPc;lN;1M*)|Ok)&DH;bSMA%hnNSWtHz@vj zptMMP1dG<@p+Y`W&t9F7$x~@%2o{G{WL!OLtO-QtWztb%M4-g~Mv3!#7D$St0BWc@ zW~P8ixWRxcp)ezSf}V)0Kv6Fgel>6V%U@0ETb}~ida!@9h9#hZh&%%DxtXG|#L3yD z^;3LaU%KXYg5oDV|MhrAA|_|q)HalU6L79@Y6Kr9ZCuw;oz3ew6#Ez5@Pod;wsXQt z9n1mPjs6G}@mO}iK!Sva0S@`<@baS&VwcdmU;Bc(!&CN`cPy3~!UBh~rnH}PUa)7% z`ACO<@mIyL@h)X!abvyXPEq)!Y2xb%RA-iZqaO#5A#lY~(*!b_0iyk;lQ~L2auJGj zyS(5HwbKF#c#WhA@-^QN7IE%We}XOnpnOJWT>|QdUQ+#~DlImAF^9x;x~@H{AB&~d z{G+x|ZQAr1T9dkE_vM8is-Y-xQC$&+z`+K*O!d;5;UG%jJM}?oxCTM4~zCXU1UwTw?Qj4$0VpnE8Ll#QP3VZ^J zCkFF>PpymUdM+Q4I(PoaKw8))0h_c^Ky4(wVYbO(d&uC0px*Maz|} zm%Ucz(tOJ;g3%PIs4MgP*b)1PO0UR+JR|sv+g*t`JUOZLFi2Udz zukz-QO3z4O?~l%x5>k~WBf_W4e@%<{N9W`J(fPl4opDp9kJaoS#ptDR7 zE?nI-AC%Z)2K4dI&j4lnRf-kOzcT;q;)v79D0tuX_t-ZrT@*AQ(%_Y5-MI4K}Ql_)DIw5az_P-F)5eqR=EtH%al{0vH%~6Rb6{V>^N?AnX|XPdGMJ56sJ_cI zDga;mbv!aEGKft3^gW)qjX+JsQ#%Ut3^~}o|Gb(FEUg`li7Gd@B`4%-FG;Km{{wdCwXa4-Ixj>bTqHhj@mBBu$+OLPfxjRveY zIqb0usmp9_>j7F-N`2N6+R5?#btW9Vg?1vA)7 zuURYfTgxU~zYsHZ;L|rrgG%q&+$y>}n1}`;kf^NDZV=9CiW&YAr$TLgzjH4U{={|D z+3QC{aHVQ2&d&>lM(IR*x=G1T8;?ZDAqtB1msIi} zTb={DnDnd6Bf<7O)N!E@VqCdv@-}C;;1gnepH4{Prdz9k+Z~s+58>Mixpv~4ey<*i zsMIkwmaBrBMfR)rb%MX@&MqV9Q}=8TVo6yHdgNMqIQuW(*2YHSO=y*oTR9BgZfaN@ z*&Q=Z<7-~ux<@6(qMhCyQpN2!mVWp0x$%_GVw{W#4_k2H4Ystv*r5JHS1%-ew&u{c zAT|0047hv>X+~eDO)=Vz7);$eoE65Lfb#Y|@_Cz99V2jS)G=TT&*g;c?E_juTLyid z@^p6)fWo!wFsiU(sXHrubC91fdq4#Et8opZO-XMWbx7|*g0;xcDNP9ymA<_OP5C;D=SAfI`4&R+50sS*xJa3&f7E&G3Mz1`lGwEDBs8v2<_O3s=Ro? zzNMyN059+o)3(d(^dv3WjNAyX`?ulJ3j&`XA8RU&ZUO0xZWb3D$9{M@==c*THtQ~1 z^`EB(ilD$89WE#d)2U~!iS2006<0Xn?KHMU2fz{}f*9hXBh#UjS&udCv>Q_n%L!U7 za>Lg5XlZ4>%ZJ^eB2YT9o^~>0-V=!lz_RZ-ehpl+qKwu2d?s2Z;j{;t)i zEHp`r48--3`8ta`6z5lOM#;cCn zxw@G~d_x*iV^N%MO}!jT0m1l|Q%cWxWe>>O@42emfJsfV_l^1BZeYs;=0aVj-T1{e z@o_VfOBcY-%3qGYdHsh`D@=+Fz<>0W?>~qHAL?cd!+u8@c%H10L(xjcb}IS4BE1SH zd8?$30m6-AQy>t@-fF1iSqo=(TI8sJ1Ex6C(yh5(TG;pMrf71Zrjjl&i|HW2!e{Vd zpCMAnseQb^J-c7-&01s|`h%Z*z2;cb!4{n$D_Jg6i0o4e+ez-56qXW5x*~~AA1wJi z4HtZWn`I_AkX#v%x~fj8Y+1PlkkYh@KPb1b&SW#JGjqZUN+rklPFHh|Om(({0VVAe zckMv;3egJ^e#eh@<2vkqzHQKBk;XdIYvyl~x`o(17b3BWw ztS(&r=LmYY`s_vOgOT>>o*7v>^3$7rs{1ITBq|$)i61M#dM;5`-f!HYtn52yzL)C< z^C_NW6nZg71nXf19H@4-DM!ubI-4_BSDzPKSRGcL;EYgv2pW#tQHDT`7jMfH3jy_U zeZhc8sf@g;$w+qg@1(2{DWcXQxVW}q%>J<5808u1Ol6dEl~{fiSk(BjmfYvQ;vqe7 ziB998{rz8N&IS_TibpEI>-Iz$gIfVZQ45APOcvAl{-@v3H6T~NjK2k3xM?9UD=g}Z zDjd5dpfrLw$)`F(h7|0p3Gmdg+r!9`ys`+CZf>);Vrpso_FKh$U?`Ipx7g(8jv0ZP zU>iG?Qd-GWeFnRDDx^zoy5tI@IlErUU|eID#C0QhVQoGgF*3Eg_hz^fUb4B1U|ddP z{R{DmKs+RIo8AjxZBVxyXih1bP5e5#3bTWWQ%)Sc5DXGjfl3DIh%E zEj>+1Qxg?jf{UP(Ya5Nd|D$P0g~K;PUC0B!Z~iLYSKe^xpcd7bvlEZ>^_evO|ziN+hw(~ zhk|wvPp@z}Wn1hU&nqnLVZu!X*ZQ53@|Ll~ZusL_TiK>I=T0gE5t3GCJAR%> z{|S4sSMQLon~}XCGYhQKJs11f(z3WFWqh_Ep}*=_n#&&>)AGx+`L%5GWF;w!zOQ#V8W}&&rHfik zb%4X4r3({GexP+kJmq*S%&y273S;S(^LVg@A~v;h9|J6iy&w*puE;jfWFBUWP!>Z0 zmJY|^jiSvtS9|nR#zy*hG*GDqVi%1kcryX$s73EZw5yw>8!5aSY9wFZvD&y17D7@-^%DB9edw__ZaDkYB9A&$q-Wo*1k6+l6HIFBKb`&wOy4!cO)%I z{IyNpR_9YmyK5xP$+)e2XbByNz3_k)Fjv4*YJ1>dcOQUO?E=srJsqDsFWcy<^@p+{ z2W@iSwr=g6tC}30D%ok=^C(EUG+AgcQrA8;X6)YcGR#wA)6z2-49yk^g`SeR0g`nb zrO@sVVEI$`VIv33lTM+93?m;e*oJ9f89u`oQ9t=_T$>e_FH2xHrm!*-YvQ zL-T9q^_TCGNm(JZtnP956!IMPBVRi|hv=#a5@y>~>p7KBZEgW3*bB8>wUn^+%b(5LJm#{2l366wORT z$X+fmI`DTn-n_6~cRs_rTkP*>?Ty{^7=hp{-2Oq)#RWA%R-fZbrN^Gw=W#06JhXE^ zksHnTZb$lUI~txQS;u&n7P0Q78Uf~58;_J;-Uf<|+f$-EUFwnGyJoi@_l&E=kt?`4 zCAl3yj#YeK3JSQjUi(L-mX;_cpg%LZz;i|?+Z*H*$+nF9*oBNWE&h=ZxeFe5Pa*Q9 z42x`t2mVFh>r7gE!rbFrBJvaBlBZ-~eZX|~pxC0NH1@Sj7=2rCiPR_N%6Fsa`TS!5 z)lV;xy;laOJ(T?C{{q;dQHS2l;J#ydMFJG}NgJXiDN92VY40)FisEvv0mEJW*~soI z?l~<;wXuwv29RQBe}Bc)I{Be5>`;JkV#_`%(HEi8QR_)nvJz z5XdGiZt%QzT2^zFS)dc&+NCG;#xIimD|UJ3Vw9P5Le0EUZl_pdCq}bCR64bZ8r_nD zC>sg5JE*XdS=3(FHhPk#fuDBTi<*2y^IQ`jp9Mar?I#7(w|84Zu3xe>)jD>puuJO; zSJr`*>nMa&rh`ca1ET3=B4{I(CBJ_Xrjzo22h@ylY27WSU7e;>ZB5xm>fU0uuR@vO z6j_~ol@9GmRDLZ7_D+aPeXbcN8PUnBbFKQP*UJfc4+Sk8TI5DJ7ohkNGjb8Eh%2zv z>RkIiT_}BiXHZrHAnDB2NFYa_aA6a zu;;d@C%A+obz2;BD(Q(=1E{jJvZV(9k%>FuEM2nUtOnjeRp91{qWI5u$6rMG+>36J z@_qgUG4Vog%Tgq}H#G|Lkd2wdyoG$D6g_`w6FWw|HYaY%lV3ly8MH?N9%~z0Vt8RA zxExHz_NvP8Jrbx?M$IWfw z3<3;suH;aheky5Yt(Tq(0hDu*X1x=LE^OwnJssB4?mPva?$5Z$%bHKRiJ`SYAqJq< zGh=L+*_6{|7t%F3@1KaLYw~C8H$UY*nu1Q9=c7%Q;C{#AscG7jk9x>H-F@AGF*p-6 zBbYYTHt^^JC2AlL7=^U?p4t3XBw3qnJ%gDx(2uMJR;};2yuLr^2HjLx?0s!`@=aw{ zk2EavUoL?5%R7;6-w@HoSEdpV|9Mdc6iD3GzoT&NbpWjC9n)*$K$w$9R%^TtITAWA zbXHMWL2!JCj9Wb*`e-*x4R4U97E=8|1konGUX|R~^dxnH`G8W6i??t>+z(XU%fhBs zyIU)(Va!vmr~DYS6t+v2luD0M{d_wvvbqQW>zC%7yt=B5YVm92=T_kB*5SAznWmke zo)OoS>OnsJKhgfNwWhylKe>^>(cM4~p!o=?DhYP(gf!rkQs2;`{0SOOuv_=v6(GN+ z7~s9Y(6_(I#Y^n!?7}d*Ztspt9}#+L(x_d2UIrsnc+x>6O%rQ8rMsO{YQvIN{fKTI-_5@P0UT34u(aEH$sPyw*rfJu2Dk#mT%u?a#$!8>Kvz|Z_vfzvp6gZ zYKCI=S|X-mh!~sDRHL_l!j&)hKLJlX`aUC#*T%n-dRm3_&nK@X7j;Uhvqh@MM zBzFZCA}2La`X0~;EBA>(;8OoS2akwFWt{GyrV&C^71MhI6nH*VH=rzR{0KUYn8RGb zoWCQ>cZS!s;P}3c7A3&{%@#li7?+XOh{6qf1FoqQVV41RYknj_#*f0{@Cpf(0h=sB zu>1fg3MvzwCA%7CECdg}Fv65bcI{bigkADOBy-Jb9>=G`1?#u@EAXA96DA%r`M)A| zSmA5Z&^mLF8GGcpiAfva<5HARy79b>F8%P+D^R~tKm3aI_MJ8*Je!r?U37QFP48|! z6v7ZtQnFW(e&r@Se|E{(F9`?^A5KZv0z?1^t7Lug(0q_<3*k|BUFv#RI&jnuh>EJP z=6Ov@-+NR-F1K*V6-pxb2f$&7VX;fjpB=d)0}|JW;JdriNay<_gT*7w$M1fqf{Qq` z-{-I+P$s90;u4>AX1V}CXO17m0OhlE!{5ik_bkUqwAX>m5)W zpX*XfA-@6=UV^N9>i7HIS8_go^*+msc@v{P_|hdYatv1-*OPiW4;~p}6S8X-o@uz{ zyk%ldmya;&g?3*MwPA#bUwfoEah+gFXp~S*l+sK zOnmT?nx)rE$NFpOV)XHCyrn=JGd(Vz#M2>W(0>sZ7XEyRb)m>~sCQ`HgLCaaGw(*riYcYFg=ivk;VN%_+)}u>4AXzBVS&Er6?6f zxADc`SKrU-sK3-|_E*)7a4KbDX?|X(fln}9iyu}Y%Pg!%Ya95k1i)ppoXd-j#WZ-w z2RV8|vnRd%cJAS}U>C7-aVc*FzsjuD^}4(OEJz%>I7_bK<4>u06=yR9)vr9+A?j(| zGT^0c8zz|#5-Z3(t;eZrr9ZEqMVz5}b;TIvbXf3oovgCZ$6&{<+hAE%GhrL zPh4l~Mz7MHElOIHxh$$42k7Z@m&!fNMxji8>-v+!VtT7;s+&|r>z zD9LJP%CD4RngUlPl$n3@I$fJH_j428ecEN^?bRdH`SNA|>xbc67Z2WhZtY0`?05N# z6+$OWcy!L-$+t$ndPxOA{;(K{FfNI(jXkuSa}7!a;u2xgC#$9;Sns(R%u~L6D~qjH z{o<1-!S0*&0!PZ*{Nc^lyG;+^lnyIqybmE&w}9OUW!1Ez>mN0jAh>w*p6Bur1Y;s(07=JCMnq2a(bBDAf)J&Kv z^HqbS6Sc_Yo{#RwNkzS?yegO9*X*Q=1YgY3y_T}=w9c)+HhDi--=y|L$`}f!m;rtq zPPx3?Q`*`v;;v@uitum?Y#lMhC$l=}Sr>#o-Ik`GCc7QK9sa&8ociLJ5ARAQZbZQN zu!H7!Y{0g#luJs21}5%vyMU^@{@Q%fS6!KIBo=$gU5lFs=$Fn?TtQusxSoU5U4O{P@Rn=cN4wr1)+#p~knNHMVpXWpj&f zcda0W^8n-=vs&EPtuUQy>|}p|w#>Hj5Ka}_V+oUM^14;MFng*T>kH2@wJ2Bd@a}gs zc$kvjaj{}y?%w3$W<C>jXy?Mm^I7hSY-LS%! zbeTi5m*TvQILh&5S{HuWV#zKef`#R>C>#?%^n`NX3H1pyS{03UymKE~6huDJF6rro zvUOjT)9$l7|Hh9Xl0%h*F7KiOsgS;DQ{&!GdaIG|i8JH)FCG#xG30gwh^Tp+Fy{fX zi_r@5D-JSPK1$QIEeiD*bn+4o$@G`e1g8@T^-t;5xLlH7kFBo#Ag7_=i%BFbB`4E_ zzd%T{_s`=I;W=r zemcj%%D`h6D6PT=K^G8qaWYm-7=cq@gu22_xr(;gs8`NDZaEIbZ$;Rt3K-`RGCMxM z+WVxs<7j0SoJr4`m=1=-N8K!jUN`$S{&H<~BL5Le#zShR;IwCI zzrOQb@MpUl1=OeXfKLGPWZ#Uz&33(tX={rmV@O7hQY_%D2E|-X@#B^B2Pbx_Hi6zs z??3%!d<%nt5A`AyOdY?`L(#!XG3ukArccIU8_#tS&b42x1FXLHyc||n8 zzBJTh^S_lb{62Ud0$+h;+|`*`(5pHJB~)1pVJq-o$&g|jxQhVVgqP`R5xK+zRAr45 z)t_PWImdjRe^f70LotBI{m8{w9WhYaDA5VJQ%8DXxLi5J3}2C$auE)cZv?-TowEAq z-!G)Kw&!X8@sxjRiYPrLu8h}ZsDdj^k3UUZszx;8QPoEI(C}S2y_9aF5b9M~0rbkf zIR;jj9Sg>D!)~Pj(7N5fNl%%T+eq)k<+^9H33-B{k{Cj0=G8xHetk!N`SJy{&Zn2$ zQb!#oaZJO&5Y(Hu{?{{-jRcWU>b3ZQuC0q3GLT;3h6iu)+H zE+Eq9j5C?Eo^)qm+6$ip${65XHXidyJ&I~lwsYO$@$o<)A4UB0*e==sT;gI0OjzxV_cc28NB(QR5DK5j^StCZ zb#4=w^67|R1kQ`{w^NBX;lgmK6BsC0Gwq&TD^?N`d@-XJp(3(OHu)I@I4Qv`m-6;d zRteua&fR?jadIA`{rU_{+C~Ujrc^F{S27|NYtjF*%(?6F?T3ZrGKKEfDQ~xT!S4TO;lf zaw6w^UGSy%2ocovqT>&H!b(@?O;8KXTU%5ij6b6*H9}{3l7QBl)TSd`0~tUM!s$WO zxU3LX>zyItL_7XPqNYH;18zc|#BaaDp6H1TJTTLFhgV)=I#g%`{7FRUBaeo0MmCst zFVzTyHm3QO{!hZO5z)m>$qg`HSOm|&K@QLUGuNtE@zo2eWN(3YBCB={rnUdCy)5-M z>T_K~4O#ty|DO1NJ_CJpw}VwtQ*;jjtr6S4f($~*+i#w!09z2qy{_*NUl4Eh>Xi>w z7-Uh`PY!{nz-;)Ln|FWt%kWbp_l57|$^6HS{@vw(g%}kCItprLCGQ3wJ*DUd{DMrf zY(VzMAb9QxdzgjHDY@se{@48b`AN~77}LlA`?FAioVZp{}?CaQ?cb_H<&7r8gXhftHU6? zvF84@Qy5VK)0%YyU+*WD`Nzw@#_>P@^u)gWDe5#~Hwl5y-&gq0b^e#1>7I~^_O#y% z3;91>Nbd(1{{Qdz$F}vC5&Zee|EJ@~KZzac^A^(+yt~8^f7TW_01&TM9C8lX0`sv- zkpUMtD`5evl(xcg`ydwR_eN0f%k1F1NBEHFj06~yfCfkX&U_QEV_#&PF4w=^<{TNw z2b1=CQ;m$;q(#La(N=MJqlk30af&KrH2lh&X@?)^@ zhcq#r?vkUDyt$m>?=~fv*`B@ zb-usv7C*O;2h=Fp>Zu>h=DSjYqd6?!Mi_zfq5{O1O3x)Y;JoiCwKZ0&M+_bIwwKL= z=e1J`NsUw%Y+3CzPS7rzDQXX!0{l!jJ@!st}@aW%uBn9%32~7KlY!GoVx(hxd z0VD6zVqp*LxiC^}sdG}#Od}b&r;1LJ z>7k=Aqk6IIz3x=GD+P#*t=I-EW}>ptn4%QbErp%ciMVX5C=Iz7R0@+!Q;#o^? zH|nTgrm6JfL)8BBA)xs=ngbnx;>&AN_rdtAXbu95=Pa9uK`>JIGXnF_=V5Jv|LQ%E zpo-wZ0zA|7^2R^qTS$(1FM(|?Kb&wN%@jkp#*atiOKvT;`ZP_~iU{Qfm_bOp8>J6e zblHGXbl#&wl*0CbltQ)DzkdcjChXrnHeECE?%B!Gu}1IGo;#e*UbBOEQ7Oi(G%f2R zlN};lwNuPB5g(G3+NFPPkB2@7)^hT|o${+w#_}yTnv?n0=OlZK*Bh%$#fT!~KIvF67@7lP8~P@E?9Yhq44CqdjeH0dWg!TYEn6zh@FI(clUkTz z3(uh#k;>=^%sL{G_}1c3MzU1Q+}@iHPw%}%;{Qb$QDn*IY?so+yB|58)Leqf!vm14 zy;g-Jx8OR*HWVaERjilGGBEeH7BeE0-`ey|>7h?zhb3Qobd4>L#vLXnBGG>ELpifS z)%s2@?D2F&gl7oPB3si=^JQQQ@4?dQ0XA4V*uXHJ)Z1!*BNV{4KA<13fJlRm5dF-_ zU1an)jK?luDtxL}G5ZhM2x1|QLZ_CfzeUr8R%!&!m8^kD{{DD}W#OPkn*#^Zlg(xO; zcnV+hY!A!N7!DWbWN$|sXJbJ$tGirXfhdU=Dmdtt{Jmg1pFNO@X2H7aPwW>eYi@ai zS34i`TWhRZejp3cCn16c#Y)g{hyST4iBPxtGR}9rEAs)MqXFyW*vAaFi|#c(32-ca zrzfiz6?I0XUjM?t+D6B{8x;h8G3m0JewNphg^#&xA>-^X*CwWKh=iiNr{i8Be*!a2 z=!#iSdbnGC)T&`2&1(xmlUWtwGZ(p)`DSw8)~^ZkG%=NB@&?;`5K{G;!|r| zetfil(l+WmAD99*$kJwHqrTSp12g?iRJkWYS!5~T^7*OaNioU^uUDn#uSsIk%>X-0 z;nTU>GjGOyy)589&(@gA2wcq6{bcK+^#sp-_oU;n$}nx0)C4JYKL`jm4m(Kd8|)!V zA6zSf!bAUBZBJ+m+R5@@8_>89G1o>qcU*S8B^WQPU#Fvoh*?R}o%c3od$rKNArQv* z(mN|vjC5%7`kh(9tFJ@~xm~a3oIu4&&*B?%S(l<*%2_D>&eW#Xc3w_G7^=4<*$v+`9D(-qH-88B_8jg0O4ANxO6 znBBsS!A2|b#}W*$crx>->O6~wAIeZ)1bg_+F&wf_L%M%X0@c?rUFY3Q5sZDxi8zFri!w zyeDZ1#W(%(2zz*hovX5#`jOV0WZvd2-j|ILMZtJP34lq?L0%(ItO<4wg;I=IcU@?ryfhr~_TQ;N@!h4Ls@&zUX%weZa-IPVR;alaIFF?H-WX$3bA~^iDIPyn|+pA%(K@l~ezO&IK z(*tFqux6{ily+Q8EM0_LQ79{V(J_hVsh#M0e*m2w;(56VJL~}0#Nc$yIaJb^CvGo^ z&*mKZa%0k(gcjT1Ds!3-P{YS~^X&Y^9pZR#z4Z=J2fLb{2#7hJ;}#x5s5cN%capwt z{e(`OxTOwF)4Io+%Vt&x<18DD&ndVufm~st+s%4<9$u@%Z87X^z31xtAKKXI5=MOf zAI9u+jGo-{jN_k$KYf?^=yu3Vc=FO}av;>5k_@|fvxspPcr49i#(S|)Y^4r?YOYGzIMtuq8ApCg`w1hFS^Rh%O|;8xMBif?3+}~g z`K9eSv?ivbqZQ6ivv(&Vo(QB)JUPW%r+F&lq_a&ih%<%IaEQic#o^cN}3xh6*klw3r zvup|K&LEWK436Qh?51$2*oyn#s;S7-5Z=|jDv%pat7l4K@%28vD+GL7%!;m2Q{FLj z8RXvAffXmypd`&UmF91Gy{b_zU)pj~Q2R73R;6h!t-rwAar*1govAZ6uzSHj!poz! z;YOXeY$cd?QW1kW6(v*ff}@-|#xZC)b-Zie27;h}=$o)cEiWi&F6RzyK+)(F*yrW# zR$YOaflnk>SP50LYj}NJ9rTO0imwD4p7olEp7JJZl=w_}TJzH6ZGRI3?`2-q4_cmj zxLX~crc&1dyvLaiQ9i*z5z`4<>L+9%@{-D>u9Vr#YLk$=ZghOJSpaWp0f z8&M|`@)2CoYyQTDt1We7yDZyHf|JR-PYKDc_2 z5m5iSyVK-b-h7@5x=+W57Iv~#d!@bhGMjkGwshK_V%9fYPH+$9QAV|weiO_U&M7lLNtDA^Uu%|-aA%4n;%~2PlIFt~R zs_z~^)@+eI5GXzxp&NLqXNTCir-5mN2vvf48v3L__jJg-l^$?X?=xiO-%rIH3#3fU zC}tvheW6^^YbXOEnO^er@?lAVX<}eo>$nJ3TIEs&11Im5*(I#$@vzU?!2xsOUPG4I_>W0aZue5P(OOS3W^&M7=KFnMY#LC@t3fn^{k&R8o zDjh(GGy_6pwel?qx+DN^Y{`sK51l~*Ftp!p&RhKElhv6QG>ph%NHeM2$K2%IoqE~- zoq&Q!SzsNgz3Ff)jOfaNIN%NF0SkCq_qY>IXu8G}w#nLu=6JY>nTymaOGRMaiRQj=jd!0ZNyg@?c# z&(ib$BV`BpszSSgg5((&E5Xj!brEXiitv~p)5hN^Mr=y!{J^F(>Rzd|5}kiS#{^l^ z!{DK+%ryw<4Nsa6Zzj!rY7Vc>p9gKX0up#I)zMrb_+EO~>sE^L3H2$TTPTOVJr^(? z7D->UD}hw+(Fv8#YrjT=!FGJD{%Rj}C!|C@QMYuuVav(TI=F@9=?f;omvlJh*FBhB zHW?cwUWTrTydsW7Y7C5{#9CSw;L}OAvCDl%_7gO1AXHC#r5hM|o<_PmBfi=3->n4` z-rzUrs(TEb$GU6s>iI>U($riHR19OyLwqrgsXTIQLH3foCvV2<&n$vF5JMsdt7DE8 z%97THL-0q)lKBW+#5o|M$RbeEm&ZjGdYy;^?QohrP1)I6&= zz!l;Cc-tsZ(bY5RC83~oLZXQg(f8$R&rGicUL__Hv%v8k*rADYcx$&goo)7gq^yXI zegO_X)!DdBM}D5ly$gEp#Kj#Go1uBY7t#xsf%fPVIvewSGUDwvuRAT}bIZ?fw5-(! zx|3fSZ9vdL2*BUXTMSHc4vSG(HBezQyo+=EM)F$we?;;!l*R4(2HSqc=?^9o82*6YorQHq|+$^_iexAxNIm81Dr zC6ENfAA%W%8g*e!5N6F`Q1}(IQ@PXA5FM(IAmmJB<_?G&^ufG0+;5=pCa%xL7Gu|V z+)6ZM2#zgo*VcH?ra}~8Bp`nv-bg0gn4avl1zAV$;0wQbUgF|9I%3gB7REj43Y6K+ zvcj}gH|Ms(9oc=DSN}OSzh0Rm@ocU;X%Tf>Uz&2sU+@`gqHgt>hr}3HnFQr@A+y1O zb9}S?&~z{#t1gJbc)8>kXQznYrE_SWNW&&X@jw8#nVv0gDW|cj!HZ-BJU@IZXiB|% zaL`WS=I^$+_G=feLBWLR`onS#C$(&y%+8yeVw8qF@}zm$iC<1#DQboq=cyQzT>mUG z5u)z1Do_=zJ&{2O_Nd=S@7wU*C`vl>3|sb_U>u~MZ1Jw>SK6(b81?s0xn8jp5@Zn5 z;t1)-WRnTL$bC6hQ)qMZs7}JesA;oM} zct&g5;b{L}vS2|+ecmo67dS2PwnhQ-F2j;)zPptrUlO>SW=5zQrR7dPyDtkTocN;U2yeJPRF9yQ+cI*jaScU`ahQlI zr<$lODU#5pFK?k9WM27xYmkcJa^pz!9_OIXc)LLnv1AzSRzO5Zq?~#ctu^H1gTdU| zyu{MlCVov1*VGlw42i=C5}IqTPu|W#)}Ci${d2OEnw8}Er@-QSli-7ifqQ)9$Ky3q zcNL+kG!GVu#3c>omxF7CpbNIjVN$8xB58UZ5gPX;O!DBU3l2nK5`Na6_Q9FBot6v| z)6=Z~o@1UxFDE9NL&Gfmq2vD_8HpGr3Cgkj+RL6M^?%ma{_7P538 zFD>6}k#>5em)o5FHPrn%yAvc3Qp`IF(VYL&h1p0UTWLz=#=oWze*hJ9h(0-gl9uiN zaA7wgTsZfPd;X_p;uoNJth3DfDU%-eDERFCq%=xwF@6DplVz9bX|+#wus>@Qdh5mW zR;2r`4s}HN7O`yNH`WW<*ZuCYTp&PUP<)o^arymaRHGAR0A8kN*V9pFcdA3AHTVNSc$^iu~o(|NKAlTS6f^v3e?_ z?uOf=`*U*G+2?~}@if?PM~7`*N^Uee(wg~=+>|Uyi`L^NR;{x!0FFEb|3uHZW{MyVhKBdgNqcL zDxcj{$r44LGee!v!W+9O^2XUOcHi5puB+r;UFho;F(vMPFfymZJKVPC(3f`mA0I?1 z%ZXZEBFnk$6`CpJ3CVo)MINUpDCNgMI{PY|L8)|DwaCmA>3C)vY7IEKBydl_^si#$ zenX=B@zJBQYwSkV3D@S8#?~g>dW*QEUH|zQJv;HoTYNf8FNGyzpyP6Wr@ZaBrW@G> z3XbOf9GyPHY|>^>d@>4N1XKRo5K`do7v#uwVHC*K?}gE9=kbo1&OQ6*7=`(sIL#SZ z=bAvkdi8_dqUvoJmls3OY@vFqbTI0U^<%M8sCkP}R27iGH)NYv>s$Zk*1O3idHCyL z|K|~Vb`rp2XIVb|PE`~YI(FS;P|UPQV>f93bcXn*7RB_&@yl3X==XOJNCMRf8~J`@ z@cr8MLgD*W4jaz-|K|HeobW#V&X$k1h4X>~80HA#LYXI~qkMCoQ}Q*(EnQ2fq(504 z98AUW9!xiOZHU}gxwOP=d-tDiCWfOsM#+;P4Ns-?Q5bz8Hfy?%%kDBYVh`rTMD=Q5q&cy_qX7l#c zHr2n6+E+1%>9wbQZbxQM8#(sE;nl!zcB;8Dcm{fdsNIIHHRnX5pfno|hCZdOYk-qA zf}*(dx<+aKplX`VKGY{z5IA=L%HNXny;&`9o?bL!c@7qX!#Z32I%kVkETH&@-*rD_ z{(DEF6m)Blgw>#aH1~mTHtA(EBv;KSr^vMc#fot-Js1b%Ogre#H{vd+0Cbf*TIYdZ zYiaKHe&hEQ7lKtc><$>cjt=)@HhVKlcZrOXs=@(d^06|OxQY`8fehheNFi?{UHS6* zc)D|-;6YcDWtJ#gc?KxJhQ<2&&>bzTk3n%EkkQT5-iDR7P?$CR3~9d zqv2vp8)z#d42@j1HX5!3-vz{|ZDf_guAeHGq9?q!(JoG;P-v*OAa*x|;)UNr0)ICU z{TpyG?}9$Bf-42M_QWAkt>Av9{u*dYB`)Trv&jbiA0B<>)Zo%>cu`|)+b%6busPdR zUuzE32VJhqi9lHxaGg^<91sWqx+ZTr%X1g$hH5)M-!;hOT@@b2`F8BAP71lVcu~+rS$kZm+yegxq7p*dLPJuxHE^o7`G30 zA?@9-URnpf7}iYo$D_SKYquFVKZ02j5?EO9n1Pz*-sn2Wep8SXijDepC4%+~Wav~< zB!eY$3{vzsSE${9+2_j*ezX{d7LR}(5Yo5~@TVwr-)!((hb+3H(~59DB3R&^k6&ym z!=ju5eJ@*G==$Rvx8313?ZFMNlcz85M@S)xiBteS-&72;6XVbC0e~+8(X_aqJ@^_t z@KXxb?qYuZNhs+fKDygZYxTfXbi6`qNIY%5O6^&ls1^({swKyJUJK~$6 zyCI?%Us;YWCw+~`@NCP=Z7c1*s8G*h!jLDy85g0My`2}uX4)s{w{UrCX&ENw^9392 zug*z}NeM-_4$S>{7atfCz73x=7xR&@_~+h>mpX%bhAB({&ClK~eUisnOF+TzTVH=mdiAhs6u$7VMq4=6X�ocYq6-AWv8d221Et z4E9@r3$-2b8qRM82Rf~qY7+#%VV#2M{h+5aS4t~=LzdJ{f*XzxlNiOA9{x|Fc23MV zEC%V!V~X!fzD3t?##uGeQ6aX;_>*C9pW4D4e*ZkKx^*DNk~sKgJa<0JI02VOY9{e8 zY3059ApjiXNrC$ilw=(0P%N^8hi#+nN246(lxhnc44*RUT3JFe+jl(a&k8!Ob*;z`SeL{b7R>^P=4+R} z6}`dJIfSEHR$DZK^ctSa#w$zd6-TP$}##r3sxzt=92% z(p-xVX0_X*d28#t^tYmMdDnqD!h0o-a|tZS=VfTzpeNGoS5ijeSPGV`mlymtcaN9s zKL)VW-Y5MEZSk;YjRt8d-h{wC41)SkC=P7KmF?_E_MP^t`}Uz^-OLdgp~i$kLZXx_ z4|{idWP~a81OKORFP}?>+wzCT|Lh!}5>I_xjL%JF{^{mYo1aKo)({Ra!{y8gu zoNLs>s1KoCWnd6zi(Z_$a)ncY+TDJ8?8omz@MM;~PBUTd8jd_k{|qB6sQzvQ2ut6g z_o!s~-2jn&;UvPo8!PG3M^L|_duE?)Ts4^_{QO4Q0&`JR=7q4Vxf_Nrgv@Pr_MjnK zz92~#Tc>u1+gH=+eZUtK8g9GsdoxzL%&lxu;jqUm+G6lNRES3&P*CmQh0cpzE9=`S zrTee!ViYS8pJ#&<;F+xpW5q`ciU)A-7pf0LGah+GAK|R-uKgx%qI?kqhxRN-_R9wt zXD^a-&av1#cAnqv(L)@feOVwJr9jA3{*eZjGc9aG*J}=2%mFHFyVUK34Nlm&t37WZ zs;mdAVTQ_NsWpnAJ#J`(bJ=#y9^B%|`)v55ed!EQ4BzEIWb(9lH9xmV(|M6q_^d!| zCgMk1tax#N$}|z!6*s1eAWavACfKgXbX9{YkC zP90O&JnoQib_)dWf??VtE`lY*JH-mFz2RG_oELP|44fsaW%Syn-I7O=sfd1tHrj09EM7jRtbx%?=frC-8p^_~ixA|K6lJdra#HjQgT> zf_d2P=E$&+?PGY!iB_IPe5=P;M9D3mARBOho8F{8-~Owd)3v0qbBA|?>u;S1j9uqZ z&w~PK6lh;L7L2c$UJ1W7dXCFt{8QjTuKm<>^?SEX2A!11wX$So_ITMpRzMn0dR%S) zf31L3wk#CkGK0JuLAwB)wSa!WV8IFhF@y|X9c)cC&l%6LUnO{k^P8;Ivm3ql9wRlr zgn|}?`q8=cNrptSI7207w9mn5<<{LXC})1QbJ2kwOC+lsA_Bn4n~-a62)QEF`LY3V zBfA4_BLs(G)EdiSB0tjHy`h>%_Xm95a^e zN+V?h(>axaxMr$Dlxt^c>kbV21q%&TGl>tJ-Y*RQ*oqDNzYQTPz3A6UN6fg}Ms?kT zTLJc4hhXg$bQR#P8GxQK%}CjKt3Yn(BNd6yqf@_&Dh%N8d3H^m9SiZ$CBdra`hHvb zU@Ryu>PK|_N=}7LEn3n$6y7pr6dP4%9}sK$DG_b8XA& zK+h-fJ_kK>R#VjDfVPIYe_Ow`nV1EOMw`q@q7=FqWLGoWaV$%{s%@H>w*^A`D>zJ` zn;^@5uT{DbmZ&^H@sw1}aISr?oHY&jc(`bOjn^Z|IouaE@$d^b?cQeRiz?7D4iU=~ z#2D_-y;NV)A2d}pXFG&Wz}U8dGK_Z6G2j&tB0mj-pM;3F9xpKQ$4q%aKPxik=wo$& zV|j9h@1MEV2~>XwHm>G&9|=fRXcJw=Jy``>Xm`=veSWST?q8zssh_5N&lUt@)w7V76>n0oP`~W;*@4Y=q=e-; z=-Jb(_@d5XpBrlLmUA0D24!U%q{ozYy~QX`S%$4{H8d25#v)r{#h}5P@)~dpGo$<+IJQNFy|KM9aF}84TCFy%veyv4KK@3B*EV{ZWWBzr|$%qCvi7%Ip@^8SGeQG@z1!l^{inIN=TMbOZ zn+5QB6c}n8?q1aTH~ST7>T1ny|h36 zK&_v~YpDI-wQJoD<6x#c@$x7}N!?-VV@+Ukbg~B!)HU<0j;mp5ki6HFbXM1KR13#c?}J z(;1U@wo=uMMBWYq>4Vu2w%bZp7t&`WS=a8-wZQC(HdS>TEIKb(R%qVE!No=VEodO^ z#bvIjbFL6qQ3VZFYAo>NqS1$F_>CT344XIio0IuV%>HNmAaYgnOp=7^&NZ|%r`T7jv zvOT~~s2;ub{Heu5G&CZ03jy6eMT=P9IexzH3Esnww!=dyug^EVVcySY*ngm(#7W(S zZHF?C?Knu2o(Lr+-|L;s_r2!$k%UeNY07S++oxqwXBT&D0CJ3w<*)){(Ytn>uVjOg zaKf{ci`1e21h~c`NpFO&X{ek+{j*K^K{#w#hVs|IESyXzCdl1>v!cjcicVq!Dpd-8 zaOCyn9^+VsPyUZp7S>v|yFLTa@>^^Q`?)D&=mwPJiBiTS`0ivJud7oxwEhX4=dxcS zhu(p_>bLC{`UBUI$WC`g`RojG7Hub0G(PG(hbc2M&vT`94sbftjvz6CQM&i&lCTbmKSZS_o7DR3_F4p-2H#2S!_tg^%dN7VpGLfDSR z?ZUem*P+PtY@_h=GeU-m$OokwnQGav?@-R))i4ZBSIj9?VY#z-VLo#HP%=--xIGg9 z_%}Qmj6=4H%%jB}pZqnNF4rI@Vv-IoG8b;R^Ts0$51jWI;*I?R{u%m*CGw*Y4%#{4 zgErGnf|N1SDCN>EJM7C4hA<;FE1;fQ7El*a3_ONrKqB!&CV9_uDBMW`xQ6Kb0$tbo zY0q+LgywWn=_REVpeztbeuG+pP5q+U={mcIrEC4OFC_tIQ7?^dsw~w?!L>U5(P;5x zk5ItHjEh^({pOfj_RHtq)xJ?M=hD(Psdsy4NMIZm_M!7NG**4ZZXVYWeRlKb9@B*Q`=LzPmSw1D^QcX2t!Pk^p-pO}j< zET>DXWPU^Zcb}aL(X#FC(tUO$gz!A$i7;Ss=v~0k$m|n;*PVgQ%gt0z$+Z_y7nsb3 z3Qd0$w&I-T=+>)FU5Wy$#Nj|v)<$vwAkCcekjN2C2eU0LSz87!9j%<|s&KY1atA6| z6wtXEq^QC}ZgKtd+~TJ=uceyAX(yD1i&U8Tb3I1I+SM>r^B%*3u48(zc-iO!zxfqt zG1+_o=Z$s!hMmw%YwXAt-bnWP46yZN?+Zg{%b-$dqEZ*l z#)NwOo98r_aKfCayDCN^{Ku1EKFRXD1MbNL`Y#(p4L9oMhXiHdQ(1=qO`m{it?MeV zJi4K)1f!Xj08PPrJmHZ2Zue_4aVChgEwXadi}E)o&!zxOhCPeOv@6JiZ956!4BL7w zk!BQ#K*kpGyQE1-qxZxfy_90Zs%NDR{S0XE^aaB$8X#ZKvpH`q%$_ZoeVLz_7KZto zVRJnPRp(#j<8B>K_oMar>@DCOXrDZpm6q_MAxK+KhEiG4In_cFL#FZ-LHp+887O#I z#vmeGKHY25uMJ39474!L5aR{qc>Z&3ciTc_HMd8R?DpgHzd=xDgAHBMHGJz31{6$C z)BKz3STwK4TPuLQ`VC?z>n?JnhX++<@1u79yHM$DCeeTWHK;9)XUL$D8b{KA$^i8@ zK!PTM2Hmiac0!71o5~5mH_G0EQwA41LotgPL4DOccH#M)@kVo#NCJmz-(ppruSy^H z!d1%bvedlaKqX}9H3kg529AjE0`x$y{U8-x|u61+dUMIjZ`FBNHEaCn0lN6_Gr!KKHouV>i`Xg9{IyrrNm z*&!Y8Z(s{f#`aX{zMw{`A32KF$?VcO`gN!oMxDDNQk?c2nq29#4H{fYWFHPzg4MfKNVgHUt*_)YfDISfkmOu@75#I|8wr{`v)q;3l@;jAJA^ zX@3fPV(9~_IjXh3DpD0PSotcA+PQDO2T+wl%;D(S!_& zQ9ymEgS0ql1?qXxa7ohw@GM2p@X>!WhLxBwhMG$(n?DeTRK@Xjp|h;f7sLZNfn-10 zQ%CdLhYWaL>U;Y*ryqHnE+)eMHIvh?@LYj4QS1|U`|=0xe@;S5JapyuJF*{s%uiX( zlPrfF2w?#sJ#=MjaOD~Gr0+=xRQ%=uXu*o}?dQKBDc>tD`)p|X7evBolRDd*HN$O_4oU zGU{d(4*hk_O75#ez;nujs^AArc|c%Z7>`Jln3VLsc|Gw}L)t!rrAd{{)Nic2)8w@6 zy9Wgw$@9-BHvf7QcrO3osY?OM%9#krEsrSSweSe8M>VjECKp|r>HFyzn;6N(nUm@k3%Sr z?mcq;#$I@0t5MrcW`a-?=@d)to~`wx(Cyj=A@g)-!`CxY#ziC$N}Q z^BWLB#MgGvz%;|Mt9COr>CPA6wY@%_J1rk<a-CPOFL z>HAWRCAcT8Ooa>yJ;%E9uZpKIdq$geg@=1j{%uR;PdmNxO)zbYsxdPC6Ufq9GF9>f zqk&IyW@z3>2by_P%>oEPVyoKy7$7(Gd9_BprUKk)f*Y5XAycE2q$#wTmbmS9uw#`@ zucsl3x|{zd|Jf&VBh}EPmse%UOgYoY|Em<&h@1^p#rMK)v3epTK3IXp8-MJ^FH{G^ zsi6^Il7)o)%>sal7y9Y|jh#|$yU(PSZA+Wtuf2wNZ#~MbWwd? z^*^_Y_#Z${%8rC`-@rAJxx#t-A&mlTn=&nsq?iL&rChp`ro-msnxT;4bo2k+`*%nY zkh0lmi{RxRiv8FN1Ax!t^E&iI5EwCCGJ+38ucV$z(m zSBtbZ;CRW&&ZQb5`0<&#P3A_V&ywWA`K5|x(;GkE`P<%=(0wxMLR$AS-t;{wt$|#< z$3SzTs)$xLry3RS0O@@mWTj6JjCB&(&RAvX!{_#KhRK)TUk`fQ@Y-oE?Hgb*c7gA1 z;wedQ=dm^ZTvvm|U7Iv*g9crjqLI;mg@E`q5Lg&@Sb;Hn5B4_#^_L16iX`ts2o&Ex zjJ4sIjLKFznj_y3=rhC)clrDmi1TH3@ILr!5%Z8_wI@rFy=;5E>O;x{)Kp&QqDt>x z#}$E1M1Fo~Ru#WnOsFGkfMRVLUmKCt?wrIHQs=tDYv_6@>>=-V?@au>{+rPf7ru2? zKry240Law>dDG&vkC6Ao@ND&8=}S+#c%zR^O{LDKP&oc!rQ1B*lr^G%+rfbsU2bG zk#u9ezw2}L;ojyw$$J!v&^L<>=}8LJ7>nJE>WA{tP!*^nxA=sDY)Afmb!RJ~`Y&Q# zvJG1oi}~oV2|$I}*ExX*^}aUoLIs8UL;=tZ9#?Fpn;q4X8d?a)Ci8w5H~AO1^owZL zR^AV|lu?ZO9JXP+Pgquzb3Rfa1(|h>bSx){?PE>QAcl9>MIjtca{FP+rDez+v+!7DMsIJuZ5 zTQ=uLH0ek%l-zZ|E~Y0wAJ@~pELuqY_eYZa{{Wmlx>Vm_XHZsLc$+U54L^i}z;8iI zQ1=x2TcAac#>!u`3)-x)0WIOw1UQB_Oe38Ng`rS?x^H$6NR(F}W_UwpoC?J+xtr-Kv3+6Rvg~2}i zbiE7DVT!9&StIkT?k%%j(g$i$PcVH7+XNdGn|Yj|H|}LFDTTU<58gUhtb1*5z@p<$ zO#zw^;RNBntE^Y;@DTRN^l$u3qcNt1ulAp>E_S)cfi~VhjY!+#GZszpa*1mq%?^D$ zC{If#_i#RVIQazB2T;^)QMW-RLWO4HcT0n(D?E+Q(V|s3n6m zdwd*r09hU`h0T`X7$CXzyx~Lx?C9#;wxNSGvxjL0aOiw>8VfO);XC{P7XNh&|0n)i z#fx<@jT@|8EV_Yr6v%;yWf>Tia*!lh)sJ49po@2%QSH{YL6z6Z5Le@?bI>5E8}|Eg z^D!;4%#mQeBVyCsFW0C>aoC4noO|C7^PXXA^f3YL(^&O#rA+0o_e+66Ei}>-w3tst zXhqvQ4ktug!z2Wk*)Qr#IbUh;uoB0GuALwC|AAFK(L{LZ^SQ!}jdc4g!nv>P%V z*%X%{N9?Ak4x#YJe#@1s=e}Pe?heam2pjP`^Q}viqIFe8O7#b1>gHQQp@}K;m1P*7 zrzlrmK@}l{Wadzs)U1Sbhuiv4GST&$e4+MINbGs8+yJApkLDi_*>bydeC*x;h)nb7 z&|Wa!Ztg>%L9NTBFj>-VwnY9r3saM(DR)k9_9bWye#D|*f+OzST6>KAJZDnJV}&~H zLGAJ&+Y+32dJp>C<-4F-suHON(24X|y}CP5faOD?V~n(g+Tpyx9oQ7E{WUM;AHjn& z>CBSO!SPPoUjXT@KLP2_e*n^ZeBbR3ecQk2_i3f#iJqFE$hD(DvDe^!n|%L1O=c`R zj~hocv!29vF(s0S>nfp^54jMr=q@`b32#aJ1Xyv5r-a@wVfuKmR>RQA0zJ`0QlGAM zdx&(p$_ubGyye)-GnRQktEOsJLj0hC`ze}Xew%ue;sQ@6k1S2Is9hkhvU|L6aQQTMyr8A4tGx86u+u|z^{&SCUPp}svZOU4r#7Sc z?dq8IzhR2g2$tkOCRCC9-WI1DC4JTjPTb3cjJ{MEPLK2hfvL~1l?0S=PtSr zjxkxirg)d&3Ya!Qe3ynbh5pn0=ZM*^R?_|!WWBojBwGcePwX|7V7Q*3PUnP(>^B#f z7>*@E=^evmD3C5h zwVhe$##eqP{%^Y*JEZNjtNW=%crNurU{a+aYse~EE~5k0$aI?={ffEe$=Tb^Qm5i~ zAxnxsCquCfLHTCNc|Nc`*szf5%%_R&6+b<)9hozy7-b)GEZnw z1W7#_)`5TD)XJozDdWBGbje}dlVk>AGEiQbB)9K0h%bp?T!hf)+enXRTsIRUh4SHe zmf={KCqy-N>Rm{0MGKRR?S6?90|id8!xdMf6U=l3MhW>xJN10N+$=8=S($qE#1dPQ zM=qS+WSC|PE0ohXl42~BN;cJyUd&PEI#zqxw5&bYYIsPN#7SWFyNU8+3&O7qcJg8$ z%}FU4TgQO{zg+<4z730qtV+AhRo=K>sZ{ziq%5>GJ*-gNcs>fpVa>gKgM7`qs+ODX z?S$R0_Ccm2yxMBZ=xpq48fQsY>Ce~znpLuxe?SOR}R)AjUU<-D)D zpvij}?|P}zV%<{O8{3-FnkHHuNQKKYy@4IOu;7NZRFUX(jCl+!u0Dl$){*3J{pe#1 zx(b&im7I^48iW6~Yh#MRu8nVos6cRI&7$XdX1~nMJv;tC!}P0;ojoW6e+B8oet`7D z+)F@Y!mRJHOf!rMy%3;4ir^7`WHJoS`ygGC-@xl$%>`kSukkcOwkUOY26u zUHHN|BBQ7=wH=Gun{Gk6q#NG3Joo(^Jdd8=|Ks!F{igc|ti7&vt!vIX<``q<`&{i2 zC~~H<*34SZZ~1HeZVru_4PQzReq*;7;P0B@%|4t_nu~5IK8ech$?bbwTE4k)4)fQ} z`)l2{<$Q-Q)A`7Wu3qz1U3m^FlQw!dw`|gVdCS=L@Rgh_%k-;vobCAjfzKgG%bPh- zg_0T)nojG(o5vb82LV`U@rqor&Tot6GkYLW3QSK4fFA3aN+3%YNz5d;*BFs;lW_Er zH*5ZJ3%{!)o*Svr1w1!>iM!IL6)dtp15KN130kGLYbd^oCy^3q2rKl$(gh(0Yj?p> zoLtIhR2qfQ3mZ*-1N-Zt&9RrkneeJ|b!De}qu)>2mX`2OjC_MR9hMlHIjD+g{6^TI z7^Y;k5C~g%#wI&D2!j_w%-BrC7Kv7fUHRJju)(xwz(rnVc}N34qyd>|wFHQkP?~g6 zAqE!Brj43Tm?z9AtffK!|m5(&2&EGdJSH)pRBQ;sDZ~5Ppep34G>!PHek7Q-z4C zt@92&Nh-BM;k`^gHwH=uJv0FfTG%mnwzc+KbWMq_NIYJ^zE{BzPG)#h= zIdQjEWRNYpLV!OmDX@*DYe*%utXL7&5>uStm+*cG6Q`VU*-v^F_1 z=@^*W{xieA6irW*^%k=?93cI*(VK2hWh;Z8{4mr@=j&5HMMKx0e^%ej;ELFKWBKdH zv&tiXQxUBkY*CLF1+R7yX+>On`EIc>toua8+yK`4lm(p(duoXZ;F({)j*TzOo6|@#pJNB$vTRt(UXyClUA2V{+LF*6zKJ+1IQav*nP} zAB*||E1cZ&L{+_lika*1L1G9rci7ECGDIC|9<#oB&*U29mc()mAtJU*EZVo`nM4_H zlmIyJc}y)z)ac4&>D*O(i(C<)WY(hNB_KN6;5ARbfo6OWDiTn5On`(VlF{IzblB70 zPsxvrr5LAC%UQ*{C-P8)B%N%b^{##n=0+^v`v9&fp!|H%UvR{47t%x<>10$Q7H|e8 z0+J~TQ*$?v9?f+@xw-(NHgiZ|m=-kr&h-gfv8wm3GnQX{KNpWXW1XUzHisA~&4&|< zuFrL%(B{+d+`%L^jp)`MNv{fzg2Pd7VX6^nQWz+l3Ab-IQm%eOO>janezlA==5|s#>u% ziZMOLnSqSYR3jIdo5k4vRPfT7%ac#1EXUYxso-n_WPkoQREp%o*xN6}6Wz}s-LB3D zEl=GPCcr(SzV^BRS-;{${0M+WZ!0750AZ0Vd|;7l{*E}H^N1gr=m&+No73GLhh8?l z%Mp6=XdE|U+*~v!zPuk!U?4<)K*)E{pL8tbXT3;Q2^PlLf@%f7t@s*9b}Gi6o-ATd^E7!Z>wAw26qG=Q~#d0V4PKPqFx*P zgJ=l1RRh&Mb3x-6=rqdER!lNOOVp=_G4w`lgc_2|e3e?S5Z*~5#?WK3*}B&5`NZry zAv>K_KTbbu{}_rQ=<&jRlO5-ctzT;t8$`NvraTVV%|IEO#?b-cQs`#9DP(gU-cJ zzywqR6g``jFIK5ItMj4ado?bkR0ifeU(EeS zOm5HJGizoP1pM#Zi1l1=hZDogU17#u?)mh#ItHlqxaW$`o|~?KeB{N=7|az<+mpP; z-7WZqh-N!5rv7rA;n=x?Zr&(Wb=l9EDt(GjqGus^LO5^4E1RPHn#Z#{gpzC(-l%Ka zg5JA)Qd2}vnhi(SKX=6`9E6Ee)REL`W4E2?Cfaojm%?e9sDovZjP%0{t%{mAoT!p> zeFe>h<>0b|$O%64Kuyzl)usE9$4#{SmiZotozWC7%pS4KYk!eDuDxR@=CP5{6*J>I zNx{!uwca(QtiYlLle=4C+L30@7&b+hI+-w4NkHxsC4N-eTW+5bY)8QK-)wN-CbPc1 z$9xM?5!$l!509%~ZqS9AlFYn%C-xRQW&8%m99JB&Z`&XBfS-U*{-ZAZI=g2#VpP!& zrcWgUIvVK5l(^`m$X`9E{x(pdwnp7dY;(a+nCHhCvm6xZBp+jJ4bTh521)CZ<=v}T zlNy;TxO*RyIWyl%&4119qas2zy=7*|VZw<&V`<`VNLAfEwFM{x#$44Iw|b8}k-M!> zpJ#XbwdDl)%7WkYF9ZkIwsQvYZ+ZwQ#l7&l_m9pIAI`<(kqTf3W?={;2GD(t+@}47 zy+M8ZR(gn;!%7h_a!LDcM`jh~#JJUVGvxU$eZbJ27obp*h(yZ}X(vDAL~MTqOp`Bj ztnC|={LKzQx6q6hCsGJBx~ntV0$`OvskU-&^@G`sOE=l4!+#-&Or86MAd;o5gv}t( z9Y9o8ukBturmd)ZIPKbfsqKaWW7Ob9Ru$8(p)2U&MkgxX?uXBCdD93+ggsd0Lh8Q`wSX1g0r2y|@ z$!AR(oA|2y(j?{HMXiDjedGYnl_NIN%$VaC z^wKqY$zNKI`PgkP8m0M0H}(!DdLNpwXSeXjLBeEd7H>1#-P)bX*9as^6r#ooSO>W8 z;p|Ay7kQV7K|jrM$0BmUZZN$Y=(B+4HJ$}BNg}73SiR5{n_>qOx2H49f9{(g`N0b) zsv+-J=Waarflot9pB^JdL{EI?=Jia;;rqKo`#fD5R=!1`Xz#bsas{zW%?{)i<50_S zMUrI$wwwf7v~fV#(aMs{_$8fT-Wi8I!FH(1WC7e3#w+%>D}0kAX%FUJq9|O*{Ug`i zmHukW|Ex$AgN~?Wj)31fr^C!JctmhlY*e%NfBeMmvU#f@wiS{j6w;o*i^e~*!BhFb ze(W3sWKyJ+VFkLVVjF*Msn<3EMBo)|3RS~+zCZsoW5IYcI5*6%Z4w@A(uc$%syx%tEgif0-==;l}fixuv~u;;FeKu zZ-o`72CRG$7i@qY+}zr155|e@L1{Pi{{@n6g|W@EzOd8yrBNQgf*?O-PsF_r>^eqi zSHPnppG!#?2LbTU{lBgD_(yQbnt;G9U(iV2-HbQcT4aI>7@_=u5v%w$==0hcxquZ zlskQdfFfzS7s`4Og*`r?*M$QKQg7=8e7Xa&i1RlzzKknl%;p6i&2k#^32;zH+aFtqV8vzjuW=ZIjZlQMVlt(<+Wx=*`z@i$d41jYG z1(SjE1lC|zMM8(AP|OoyUvY!Tl%k9LG%}c=2i(9K!BN{}5Hts)IGh?-d%v(L=okRZ ztQ$Ck`}}W?1-uWFtj|HN&}^_cjtCsD6I`nT229Nb@Sq%rm!1PrH82*&osl+UMmq2k zN6!La!;8S5omP1K&2b__{UF2IBl;C2d~*bUmZkQ#*DK%02X6kU z=m}hq!4XP4J4AM>8;Dh(`*6!swkk*=xblGqMCko&9WV9L`$q|p;RXIm->iVgJ}-9+ z|Hi2UTTV271rdqwKDlw?z|qFY;tF9p3UZMFq)Vu`^u12^4jT6t_F~bAE38VU@>K_3 zl|!xwozpZ<+op9{!*w4#Lk{Iq@O52P=`6 z#K3KPb3*#>_YwYe=?8EeLG<}W=b?ez3)sf`7qovNw%2PxPPbIy(f-S?9lY&Bu4LyP zHoB9I(Q_UAk_S(N!&v{1f5!Z^L{Z(zgWvksD=m@0OS7{;!}IH3KlnrO5(u^DwkhX< z_v#8wq70Q4N3o5k?pIk@|f~rK5koZ$m_?|9@y{$T|#6 zbyU+o!m--`Xp$Mw`;4Gq*M`=GAsjlYb2imCe#<9%#34;=V`4%|bmt-4Zv@IeS7|x| zQTscnP6WLJbDwe}XXxXVH0@&J5r^{_bw1|=3&q^WzJ__| z2v|=(gyzkeH6ue{JQ${#e*fjbI1ruNc@8JtWOfyR6hs|SB_oQUC}5^NKa*!V(2JNG zJrZg31q3A=c+ZGnK>t!7Oxp3;jqFXue-@cWzIpIa|NHzobi_vPDIbZ4Dx2{9P{==$i1rU^{V z;JP#bj@Su)yS*ntsUEdTXZD9Z6n_EPtFKFVwZELqd0dTq_YJhV!w(-l_I|kyELfPn zzh(+o%QHN;_LC}Nm=OE@m$uP?g$v1nh)-v|4xHIk#YiOQHK1^_p#bJ3Y4+9c0oNX&rqrmV-0(Hq9xTOpfO;?j;+8{? z1>#keQ0;RLf~>Z~>U1c@+qPYC-&n_`x`3ok+ZKL8;gndA$(0SUZg5e7NFCIY3<)B? zfDQ*Yk7y(A``}O5HfmHBRi~4HcaLO&899z%cE<@;quh|Lr02hw?k)$8OCwv!>|;pW zk3wuWvI62HncOI7EZ4(<`|_Dpus>6)qAIujwUEP#0VZ9Y5A)_GURVYHtO78LkQC4A z<6#_RL(@MX7ul$1$qYyMPY6Bkw;U7i`2TQB%6Slui7wpl>;A|y($5&~YFN1UK;O3k z5WnxUHiR~p2YU1EZ5+Yk&XZ?#*#T4;zWcR`?Ni z_E#vLx^2dd4n5pm?Xr#8LYyHR2?S<`oA|&egrfjqaznM*zO%5umpLOyDePE?L{w-` zOE!S0e{xV9p&1V3!C=oTd;`|X?$&;SOHy2qDzPxgOETro9exG2zZF1!FAD$jPU3Gb z;#Uj7x6qt;0`zHRj*FouVVM9VQNs#hOS5Du5^z9CrF(m;P|;a|TCcpS_^* z^*C_lp7{Y*DEo7FW+hZ6VV$q=JUkhJBaTU%!o?xHJpwU_N*&rR3<4XOCAT);K* zG^2w#^yy5GWAIVF$T)(#;jt15Tifw`#Ev)>B1l6#{H%gt>keRY8K3XP^r{)rP`1-h zYIWZ~iX;7u2zpoqVJIi}jrR)Ej9n|jxINGC0CnR*SmXl91V%z$aWQ+a4-Lng;}%AM zW?5xZSrS9Le|F*CT?Q8=kTPOaQDih!xi8!YTMWROT;#hj4}R#N_@dY|!X6q{&=if> z$H9Rbg{VI68tZVC-TEXyy z$bL}~q~Ba=iA?q@d@A?VD|oFPc1gzo2$e4*ke&yC&-Hs$(K9T&D>dn zrbF{@JIY)d;7eZ&upUxL0WO<+HX?`yZ6vB_>~TQg;{Ke0CgJYsgJ;k$Nt&T*e99+x zP|IVGYCNM#?Z$n~)Fo^={X{-8?vB7DzLz+Si<#Ij&%r1)h6IMTV7J(Oe~WK@B8?A}MHw04rnLrw^wFaCTko7uj9422~}_FeAu z3w~V$iJG3Eg;s4lcjU1t@T1nQy^kkuWHFd{1!SM*_b|-WUDn4LW?yv5kiwALd+qlr z*1?zFZ3=k7k88^KoAWku2_3w}#k!zOZ$w7;JaTeFx&=#m?1o6UlRVu+Q4{g!^cfuS z^stlM2mfkWP!xG%yB zX!wM+MiGDjz}kZ+#{bv_=tjig&fxaLY4k{j{^kP+3g@BY8v)Y`qA*%D+`esQF5Bu> zZPE;P?sN)97#tF6ngmA!fw2 z5%40at-ku>MBSgViKn8d<3xgm@yT0G-QW<;B51MDd}q}jzO)Ah0bYFgOM)vAfwY%0Y+GsI|95Le=PmpzP3(U-reB-p-3-FEi6-eUa-Fb{zltPhLcd56iQ-Y$xUq37>9ra!{U2V({ z6*#k@PEuXG>0`<9!(#JK`Q<4_d{?()B<+u=7G}GGcQ=ovcMNx_wdDQes*V6Cz=Z_U zt6kZ;w=e}}Lm#wyUUZsmfV6j-*l^7vcdZh7ZIK+SZSaK`6rwKrU8R*xCL&PHSgkH=M`$8P2j1wFU``m+_(3xzcfv(JZZVIUd+rWQOZhy7 zi0C`cZ`l2V8gL+e3-J>b!{aw9rl~ldmDUE>OQ}&JH#eOhVJIuJ;NvP!A3KMHc%b_4 zajsuOAT7v}^e$kUIBG78cB=niKnBw-Z_Q+GYlfLR@+Zt%U#~Lc1+uap_vG!4xDg!> zyBdeKK2j7JlUc_uq=(0=Qw+_&!44!alAGL%1=Q{v|3JZC9d8*d6M#oMXZ$HAC_8(_zb zzNWoq2v~6(q%fr{`qWMPe1lfnS)n$a1Clu<|EP~c6#tPGE)toKr!{rI*Qk%e~SR|cbgG+gp_AqBT_=<%HFG|R1L@7JxvUz87q=1;Xu$w zG++Wo{ZFqWEwK$B9()XFm1YMe?7^aI_t8HH6bE9R;q{N`?<7RCA=d+0%{Fpk=3Cp| z-ny;^%^m{~egQ zT>yT|108|(izSDwbK#Y*EkAb}a6x{=_|n@Ja!g4m6B?xw0%8z5_3uVFBD5vKH*`pH z{rq4sMu3KzgiH$?KgE)=5Jq0tKKXe7agt^rxRo14=uYVeG&C5__)bF8E#2JdHO}mj&T~tGKRzD)DVM&40l75U^PYdmrSaW=%B7vI ze~Kvp!89Rw?=niZy{K1x4=x45X86L@3%;NM68r_p`-Q*7!=MNmUw&{`cXG|Zkx!Aa zwK#norpP$TgzBd}6oC|^R}hzS2p0bSXN2cOpJtiSA>M!<+Px4-a?Xo5mm)S}J|o?S zJ%380!|fq-`Z@&zph+YhIVd&u!AzPoJ*y?{4og8{cG7ZdBt9}UDni()7|GYU+S>e< zTF7ubBxDQl*fZN_cA{UPI$y6+61H91=g@g;E89Iqr(7&Ve86A{TUy z{xLXz!6GxbkkH)^S)~~W5QVy!Op>WN(OWb*0ANOd&A{EL6-ZYaz{kl)xS&Um9ElG; z)iHBKH^u=#;i~^EAEq;FEp;B1_PJmFlMYgj+4h&`4IewBLMh-BG}W5maqI5UQytg> zHUZ?Mt-W|@9>hYbLhXUEXvMPJtGUzZhtJ}Bst~{Ak&(HJG912@B*oJiy>{LmyLS$QCs94y3yZl@+k_Cor8IBD(#{B4FhopNfV}NDK=pJfA_?DAm&N|sN+<=0LU8yPac;$5 z(mp$vm%ppWT?Jv!)gJXuIo{6a3hL|1lT^Z`#_u%e$Jo_3&al}b{zx)mWpNfk6bHiQ zfAb($8AOq$L?%zISb>ccYF2RmL^Z_-gwfq73ahx>`Zc}<;m$$KFhfob1ai@JSfAHC z_BP4$;I{tjF@nD)$QY*v&dNL&O~-o=7-%#M7%~0S2c5M}2m2*f(V{Ssp{+9_wyuEQ zB2wgVFe++*KGx-RJg?t@m;p4b$;Bo+#XRND52x&P+b#^)nljX43)J-UlOpiYZ~biEQGrsNv;w1Fks7o^LHkR0_O zA?bLf91}VnA_8eb1DJm6LH>6g0Thv*VL0O7Yx9Dh?u|U+JQoQqpOREhhqYN00!}WA z>@SPZ6!R0Eq{lZoW@(3`pdGTZiOaj7@sU|x>fa8IzE_QRX*~Jv`YQ%tT zloi+q6n&k5?uWeK;*Glmnwh+S{NqHx2;y3X1z{Hef1&BT5DsjD2pDzNfATzMRo?Bq z4&bq0tkTSS>|U~vrVQBi0M9oa8{a>9*7fWWj)+yp6QKlwGo(JkT0Cu*9E zp$pbFW8Ve;cSuoWIkM&j#I{wnhi!?{fpbJ%3A?v}zmNdaGFctKD=GnqCYQ2f3g-(c zs6CC7jo-@WEAvjnlx=S#0k#CFbFOAn)CX!_>7-EZ%|FYZO%Zb*RSN9hZ>1wu`^J(v z-U0}lkbqt%TDer%X-g+@%=V{Rju+H&q5DZurY~pvm(F+f5$IA4IK_e(EpSf557fV) zqyjV7`NF0iF%KW39Y6SV_Nh-v6FO27ed<#7(er^6vYxZl61gxX#DjZIV|_k5cScio z(@Ds3HySb{uzdXxvmHob=LLm<-ul!+T&Zz#`K_fl-fS<8CmgT*umG9@WlzBo@q8rb zOMEikJcIbap(mhZI-d^B+(3$|+N+sYf7+em1Z(v9YRweP^)a*pv`V~`b(CXX_+9$; z)jj1+Mr1-pAVq)e)qTWvF!8moBgIa&dv5dNjJ%^xUc7(<`YG@(=7f}Eys*Dh|K=fl zJ(BclnPHn2tG&l0ZjX)DeP6>cS<4GZ6vREr3EuLzP&-gKzYNjK5<@vba#&5TJhqAm z>2kqIsYqUBTgCpTkgiGuvdrr^@0=_}Mx)W~*No$42`ylp#7A7+J#Y*mZ`$v2*}W@4 zw&wfXp!LnoCKrUvx!6v_{Mp|aXSLaRjmy?Cvuy1p2#n5*bi1RF)biL(N6AHyRC6^U zE?M9Dk;2lVX+dyrW0c0PZ4*wF-PEe){_Q~hYKJyF0{n-n(EI{FAksQAoAooR)EEY~l@YkoC2KGQ!OzwCWe1@DUng_t2PGd~S!cQHw|XZ4X!Y8sprk&r>SY$v zYs>$D_ZM2ne;`;TgrOWVFF~N&8oV&gh&1&t3f;-@6A{3cN%Wfl)+r}q+)6Pey^2Wf zLX(o@w_SEdsala@eGXV7-%=mgWZO=+*HLsG63h4o6}mOWEF$PsD4+2%6*AfP5ZR&0 z#uVK^%Y;i&By_mL3JPRn>I;o_mHQnoKK%Ifa9|8QW2hKjs2IiiV)7;q!G+1$kuhb- z^o4sJ$^0gxVle@THV9;VCq@+BY!{MIdsUo{PhJali{WHUe9N#uw=^7W-yzcfo~< zpDXm$bkfulZrwmC14YeMZkH^YL9sM~M>b#dJT`*&$ez~`?0H#qG-k9az6~4X{6UPK zU!P6X*o$2IQqwx@Kb^6?3WfIf! zQC!Kh0NY72IB9jMf<$Hpat!YkJ>U5Vms=A-x7aMqz8ds0xId;C(XB6VBDPAer*w(B zZqMMZv?I?D$`z)KwpeayvUcH71b3#oF{P1z)=2Q2t^xTc;H>hTWVZK6u^(+oVcL@! z>XI8s-eV2+NY4org`CvyD^9Gr?612>BL4V^Q>YO!GZKR|Y8#2Eso6BQB>UUR75q}G zA^EXB{vHUPlrA(ZAhxQ4*8QX)f{?ByMr-^tPszpfkQFMby-di(!=JWZes<15{ra}F zn3j7Hom?-bt&}LQTnA@xWyuiMyu^sN{S45gCUC+dHFY#T7;G@R_q}eQ1yJJ zS{7=aF_x+5X-HsD=C%=eBGQ3LfN{a@f)fb~-qv81W^OvqS<4fV!c5NTgAeNV2)3 | -| 0.10.0 | 2021-09-08 | Luke Cartey | Update tool qualification section. | -| 0.11.0 | 2021-09-10 | Luke Cartey | Add reporting and deviations to scope of work. | -| 0.12.0 | 2021-09-18 | Luke Cartey |
  • Document conditions for overriding PR checks.
  • Clarify that LGTM and GHAS are out of scope.
  • Document our used versioning control system.
| -| 0.13.0 | 2021-09-22 | Remco Vermeulen | Document rule package schema. | -| 0.14.0 | 2021-10-11 | Luke Cartey | Document how to update dependencies. | -| 0.15.0 | 2021-10-26 | John Singleton | Document false positive triage process. | -| 0.16.0 | 2021-11-29 | Remco Vermeulen | Add document management section. | -| 0.17.0 | 2021-11-29 | Remco Vermeulen |
  • Explain the process of determining if a guideline is amenable to automated static analysis.
  • Document the supported language.
  • Document the `short_name` property update process.
  • Describe guidelines for splitting a rule into multiple queries.
| -| 0.18.0 | 2022-02-16 | Remco Vermeulen | Address mistake in point 2 in section *Splitting a rule into multiple queries*. | -| 0.19.0 | 2022-06-15 | Remco Vermeulen | Replace references and steps related to Markdown help files. | -| 0.20.0 | 2022-07-05 | Remco Vermeulen | Expand scope of work to include CERT-C and MISRA C. | -| 0.21.0 | 2022-07-05 | Remco Vermeulen | Update architecture section to include the supported languages C90, C99, and C11. | -| 0.22.0 | 2022-07-05 | Remco Vermeulen | Update section `Generation of query templates from rule specifications` to include external help files. | -| 0.23.0 | 2022-07-05 | Remco Vermeulen | Update text to consider both the C++ and the C standards. | -| 0.24.0 | 2022-07-05 | Remco Vermeulen | Update release process to include steps for external help files. | -| 0.25.0 | 2022-07-22 | Jeroen Ketema | Document the existence and purpose of the `next` branch. | -| 0.26.0 | 2022-08-10 | Remco Vermeulen | Address incorrect package file generation command. This was missing the required language argument. -| 0.27.0 | 2022-11-08 | Luke Cartey | Update the versions of C we intend to support to exclude C90, which reflects the intended scope at the outset of the project. -| 0.28.0 | 2023-01-27 | David Bartolomeo | Add section on installing QL dependencies and update CLI commands to account for the migration to CodeQL packs. +| Version | Date | Author | Changes | +| ------- | ---------- | ---------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| 0.1.0 | 2021-02-02 | Luke Cartey | Initial version. | +| 0.2.0 | 2021-02-19 | Luke Cartey | Add section on Python environment preparation. | +| 0.3.0 | 2021-04-13 | Michael Hohn | Add cookbook section documenting common procedures. | +| 0.4.0 | 2021-04-13 | Mario Campos | Add submodule out of date tip to the cookbook section. | +| 0.5.0 | 2021-04-30 | Luke Cartey | Add query style guide. | +| 0.6.0 | 2021-05-05 | John Singleton | Add task automation files. | +| 0.7.0 | 2021-05-10 | Luke Cartey | Explain non-constant alert messages. | +| 0.8.0 | 2021-05-27 | Luke Cartey | Clarify the `short_name` property. | +| 0.9.0 | 2021-09-06 | Luke Cartey |
  • Update code review requirements.
  • Update release process documentation.
| +| 0.10.0 | 2021-09-08 | Luke Cartey | Update tool qualification section. | +| 0.11.0 | 2021-09-10 | Luke Cartey | Add reporting and deviations to scope of work. | +| 0.12.0 | 2021-09-18 | Luke Cartey |
  • Document conditions for overriding PR checks.
  • Clarify that LGTM and GHAS are out of scope.
  • Document our used versioning control system.
| +| 0.13.0 | 2021-09-22 | Remco Vermeulen | Document rule package schema. | +| 0.14.0 | 2021-10-11 | Luke Cartey | Document how to update dependencies. | +| 0.15.0 | 2021-10-26 | John Singleton | Document false positive triage process. | +| 0.16.0 | 2021-11-29 | Remco Vermeulen | Add document management section. | +| 0.17.0 | 2021-11-29 | Remco Vermeulen |
  • Explain the process of determining if a guideline is amenable to automated static analysis.
  • Document the supported language.
  • Document the `short_name` property update process.
  • Describe guidelines for splitting a rule into multiple queries.
| +| 0.18.0 | 2022-02-16 | Remco Vermeulen | Address mistake in point 2 in section *Splitting a rule into multiple queries*. | +| 0.19.0 | 2022-06-15 | Remco Vermeulen | Replace references and steps related to Markdown help files. | +| 0.20.0 | 2022-07-05 | Remco Vermeulen | Expand scope of work to include CERT-C and MISRA C. | +| 0.21.0 | 2022-07-05 | Remco Vermeulen | Update architecture section to include the supported languages C90, C99, and C11. | +| 0.22.0 | 2022-07-05 | Remco Vermeulen | Update section `Generation of query templates from rule specifications` to include external help files. | +| 0.23.0 | 2022-07-05 | Remco Vermeulen | Update text to consider both the C++ and the C standards. | +| 0.24.0 | 2022-07-05 | Remco Vermeulen | Update release process to include steps for external help files. | +| 0.25.0 | 2022-07-14 | David Bartolomeo | Add section on installing QL dependencies and update CLI commands to account for the migration to CodeQL packs. | +| 0.25.0 | 2022-07-22 | Jeroen Ketema | Document the existence and purpose of the `next` branch. | +| 0.26.0 | 2022-08-10 | Remco Vermeulen | Address incorrect package file generation command. This was missing the required language argument. | +| 0.27.0 | 2022-11-08 | Luke Cartey | Update the versions of C we intend to support to exclude C90, which reflects the intended scope at the outset of the project. | ## Scope of work From 25bc94dfd12a1445596e3195049409a9e0e08661 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 2 Aug 2023 18:19:33 +0100 Subject: [PATCH 1160/2573] Fixup stubs after changes to string and string.h --- cpp/common/test/includes/standard-library/array | 4 ++-- cpp/common/test/includes/standard-library/deque.h | 4 ++-- cpp/common/test/includes/standard-library/ostream.h | 2 +- cpp/common/test/includes/standard-library/random.h | 2 +- cpp/common/test/includes/standard-library/stdexcept.h | 4 ++-- cpp/common/test/includes/standard-library/vector.h | 4 ++-- 6 files changed, 10 insertions(+), 10 deletions(-) diff --git a/cpp/common/test/includes/standard-library/array b/cpp/common/test/includes/standard-library/array index b77ca4ca99..ca4d3291ad 100644 --- a/cpp/common/test/includes/standard-library/array +++ b/cpp/common/test/includes/standard-library/array @@ -1,7 +1,7 @@ #ifndef _GHLIBCPP_ARRAY #define _GHLIBCPP_ARRAY -#include "iterator.h" -#include "string.h" +#include +#include // Note: a few features currently unused by tests are commented out namespace std { diff --git a/cpp/common/test/includes/standard-library/deque.h b/cpp/common/test/includes/standard-library/deque.h index aee0573229..00b44b704a 100644 --- a/cpp/common/test/includes/standard-library/deque.h +++ b/cpp/common/test/includes/standard-library/deque.h @@ -1,7 +1,7 @@ #ifndef _GHLIBCPP_DEQUE #define _GHLIBCPP_DEQUE -#include "iterator.h" -#include "string.h" +#include +#include namespace std { template > class deque { diff --git a/cpp/common/test/includes/standard-library/ostream.h b/cpp/common/test/includes/standard-library/ostream.h index bde2b7a53f..9f2c6d9069 100644 --- a/cpp/common/test/includes/standard-library/ostream.h +++ b/cpp/common/test/includes/standard-library/ostream.h @@ -1,7 +1,7 @@ #ifndef _GHLIBCPP_OSTREAM #define _GHLIBCPP_OSTREAM -#include "string.h" #include +#include namespace std { template diff --git a/cpp/common/test/includes/standard-library/random.h b/cpp/common/test/includes/standard-library/random.h index e3f3dcab0a..1a2b341226 100644 --- a/cpp/common/test/includes/standard-library/random.h +++ b/cpp/common/test/includes/standard-library/random.h @@ -2,7 +2,7 @@ #define _GHLIBCPP_RANDOM #include "cstdint.h" #include "stddef.h" -#include "string.h" +#include namespace std { template diff --git a/cpp/common/test/includes/standard-library/stdexcept.h b/cpp/common/test/includes/standard-library/stdexcept.h index fd9f7f9e6d..cb9af14db2 100644 --- a/cpp/common/test/includes/standard-library/stdexcept.h +++ b/cpp/common/test/includes/standard-library/stdexcept.h @@ -1,7 +1,7 @@ #ifndef _GHLIBCPP_STDEXCEPT #define _GHLIBCPP_STDEXCEPT -#include "exception.h" -#include "string.h" +#include +#include namespace std { class logic_error : public exception { diff --git a/cpp/common/test/includes/standard-library/vector.h b/cpp/common/test/includes/standard-library/vector.h index caa443f641..6d0293f8f5 100644 --- a/cpp/common/test/includes/standard-library/vector.h +++ b/cpp/common/test/includes/standard-library/vector.h @@ -1,7 +1,7 @@ #ifndef _GHLIBCPP_VECTOR #define _GHLIBCPP_VECTOR -#include "iterator.h" -#include "string.h" +#include +#include namespace std { From 7e496865fbf79fff7873b4223b86ff3e6e4e4920 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 2 Aug 2023 18:50:03 +0100 Subject: [PATCH 1161/2573] A18-1-4: Fix compiler compatibility issues with reset reset() is sometimes declared on a base class. Similar issue to A8-4-13, so I have refactored the SmartPointer class to provide predicates which identify the operations across multiple compilers. --- ...AnElementOfAnArrayPassedToASmartPointer.ql | 9 +----- ...trPassedToFunctionWithImproperSemantics.ql | 32 +++++++------------ .../src/codingstandards/cpp/SmartPointers.qll | 10 ++++++ 3 files changed, 22 insertions(+), 29 deletions(-) diff --git a/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql b/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql index 969373d436..5996448a38 100644 --- a/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql +++ b/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql @@ -46,14 +46,7 @@ class SingleObjectSmartPointerArrayConstructionConfig extends TaintTracking::Con ( sp.getAConstructorCallWithExternalObjectConstruction().getAnArgument() = sink.asExpr() or - sink.asExpr() = - any(FunctionCall fc, MemberFunction mf | - mf = fc.getTarget() and - mf.getDeclaringType() = sp and - mf.getName() = "reset" - | - fc.getArgument(0) - ) + sink.asExpr() = sp.getAResetCall().getArgument(0) ) ) } diff --git a/cpp/autosar/src/rules/A8-4-13/SharedPtrPassedToFunctionWithImproperSemantics.ql b/cpp/autosar/src/rules/A8-4-13/SharedPtrPassedToFunctionWithImproperSemantics.ql index 5a8d06a6da..422818f4c9 100644 --- a/cpp/autosar/src/rules/A8-4-13/SharedPtrPassedToFunctionWithImproperSemantics.ql +++ b/cpp/autosar/src/rules/A8-4-13/SharedPtrPassedToFunctionWithImproperSemantics.ql @@ -19,30 +19,20 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.SmartPointers -class AutosarSharedPointerOrDerived extends Type { - AutosarSharedPointerOrDerived() { - this.getUnspecifiedType() instanceof AutosarSharedPointer or - this.getUnspecifiedType().(DerivedType).getBaseType() instanceof AutosarSharedPointer - } -} - -Expr underlyingObjectAffectingSharedPointerExpr(Function f) { - result = - any(VariableAccess va, FunctionCall fc | - va.getEnclosingFunction() = f and - // The type of the variable is either a shared_ptr, or a reference or pointer to a shared_ptr - va.getType() instanceof AutosarSharedPointerOrDerived and - fc.getQualifier() = va and - // include only calls to methods which modify the underlying object - fc.getTarget().hasName(["operator=", "reset", "swap"]) - | - va - ) +VariableAccess underlyingObjectAffectingSharedPointerExpr(Function f) { + exists(FunctionCall fc | + // Find a call in the function + fc.getEnclosingFunction() = f and + // include only calls to methods which modify the underlying object + fc = any(AutosarSharedPointer s).getAModifyingCall() and + // Report the qualifier + fc.getQualifier() = result + ) } predicate flowsToUnderlyingObjectAffectingExpr(Parameter p) { // check if a parameter flows locally to an expression which affects smart pointer lifetime - p.getType() instanceof AutosarSharedPointerOrDerived and + p.getType().stripType() instanceof AutosarSharedPointer and localExprFlow(p.getAnAccess(), underlyingObjectAffectingSharedPointerExpr(p.getFunction())) or // else handle nested cases, such as passing smart pointers as reference arguments @@ -60,7 +50,7 @@ predicate flowsToUnderlyingObjectAffectingExpr(Parameter p) { from DefinedSmartPointerParameter p, string problem where not isExcluded(p, SmartPointers1Package::smartPointerAsParameterWithoutLifetimeSemanticsQuery()) and - p.getType() instanceof AutosarSharedPointerOrDerived and + p.getType().stripType() instanceof AutosarSharedPointer and ( // handle the parameter depending on its derived type p.getType() instanceof RValueReferenceType and diff --git a/cpp/common/src/codingstandards/cpp/SmartPointers.qll b/cpp/common/src/codingstandards/cpp/SmartPointers.qll index aa9ea420a3..a8bee55f87 100644 --- a/cpp/common/src/codingstandards/cpp/SmartPointers.qll +++ b/cpp/common/src/codingstandards/cpp/SmartPointers.qll @@ -51,6 +51,16 @@ abstract class AutosarSmartPointer extends Class { AutosarSmartPointer ) } + + FunctionCall getAResetCall() { + result.getTarget().hasName("reset") and + result.getQualifier().getType().stripType() = this + } + + FunctionCall getAModifyingCall() { + result.getTarget().hasName(["operator=", "reset", "swap"]) and + result.getQualifier().getType().stripType() = this + } } class AutosarUniquePointer extends AutosarSmartPointer { From a1bf3030b7b7432355d287f821883c0eff1da104 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 2 Aug 2023 23:04:08 +0100 Subject: [PATCH 1162/2573] A20-8-1/MEM56-CPP: Fix compiler compat issues Fix false negative issues related to the library structure of smart pointers. This commit makes the following changes: * Update `memory` stubs to move more functions to the __shared_ptr base class * Add dataflow summaries for smart pointer constructor calls and smart pointer get calls. * Add sanitizers to prevent flow into library code for the dataflow summaries added above. --- .../src/codingstandards/cpp/SmartPointers.qll | 5 ++++ ...nterValueStoredInUnrelatedSmartPointer.qll | 28 +++++++++++++++++++ .../test/includes/standard-library/memory.h | 5 ++-- ...alueStoredInUnrelatedSmartPointer.expected | 17 ----------- 4 files changed, 36 insertions(+), 19 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/SmartPointers.qll b/cpp/common/src/codingstandards/cpp/SmartPointers.qll index a8bee55f87..46d5626a87 100644 --- a/cpp/common/src/codingstandards/cpp/SmartPointers.qll +++ b/cpp/common/src/codingstandards/cpp/SmartPointers.qll @@ -29,6 +29,11 @@ abstract class AutosarSmartPointer extends Class { ) } + FunctionCall getAGetCall() { + result.getTarget().hasName("get") and + result.getQualifier().getType().stripType() = this + } + FunctionCall getAnInitializerExpr() { result = any(FunctionCall fc | diff --git a/cpp/common/src/codingstandards/cpp/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.qll b/cpp/common/src/codingstandards/cpp/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.qll index ced6545e39..30caf12d75 100644 --- a/cpp/common/src/codingstandards/cpp/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.qll +++ b/cpp/common/src/codingstandards/cpp/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.qll @@ -29,6 +29,34 @@ private class PointerToSmartPointerConstructorFlowConfig extends TaintTracking:: cc.getArgument(0) = sink.asExpr() ) } + + override predicate isAdditionalTaintStep(DataFlow::Node node1, DataFlow::Node node2) { + // Summarize flow through constructor calls + exists(AutosarSmartPointer sp, ConstructorCall cc | + sp.getAConstructorCall() = cc and + cc = node2.asExpr() and + cc.getArgument(0) = node1.asExpr() + ) + or + // Summarize flow through get() calls + exists(AutosarSmartPointer sp, FunctionCall fc | + sp.getAGetCall() = fc and + fc = node2.asExpr() and + fc.getQualifier() = node1.asExpr() + ) + } + + override predicate isSanitizerIn(DataFlow::Node node) { + // Exclude flow into header files outside the source archive which are summarized by the + // additional taint steps above. + exists(AutosarSmartPointer sp | + sp.getAConstructorCall().getTarget().getAParameter() = node.asParameter() + or + sp.getAGetCall().getTarget().getAParameter() = node.asParameter() + | + not exists(node.getLocation().getFile().getRelativePath()) + ) + } } query predicate problems( diff --git a/cpp/common/test/includes/standard-library/memory.h b/cpp/common/test/includes/standard-library/memory.h index e88c40b965..ba361a4dc6 100644 --- a/cpp/common/test/includes/standard-library/memory.h +++ b/cpp/common/test/includes/standard-library/memory.h @@ -75,6 +75,9 @@ template class __shared_ptr { template void reset(Y *p); template void reset(Y *p, D d); template void reset(Y *p, D d, A a); + + long use_count() const noexcept; + T *get() const noexcept; }; template class shared_ptr : public __shared_ptr { @@ -90,8 +93,6 @@ template class shared_ptr : public __shared_ptr { T &operator*() const noexcept; T *operator->() const noexcept; - long use_count() const noexcept { return 0; } - T *get() const noexcept { return ptr; } shared_ptr &operator=(const shared_ptr &) {} shared_ptr &operator=(shared_ptr &&) { return *this; } template shared_ptr &operator=(shared_ptr &&) { diff --git a/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.expected b/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.expected index a4f85ecb72..d5d138ec19 100644 --- a/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.expected +++ b/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.expected @@ -6,7 +6,6 @@ problems | test.cpp:12:28:12:29 | v2 | test.cpp:10:8:10:17 | new | test.cpp:12:28:12:29 | v2 | Raw pointer flows to initialize multiple unrelated smart pointers. | | test.cpp:17:27:17:28 | v1 | test.cpp:16:13:16:22 | new | test.cpp:17:27:17:28 | v1 | Raw pointer flows to initialize multiple unrelated smart pointers. | edges -| ../../includes/standard-library/memory.h:76:17:76:19 | ptr | ../../includes/standard-library/memory.h:76:17:76:19 | ptr | | test.cpp:3:14:3:15 | v1 | test.cpp:5:27:5:28 | v1 | | test.cpp:3:14:3:15 | v1 | test.cpp:6:31:6:33 | call to get | | test.cpp:3:14:3:15 | v1 | test.cpp:7:28:7:29 | v2 | @@ -14,21 +13,11 @@ edges | test.cpp:5:27:5:29 | call to shared_ptr | test.cpp:6:31:6:33 | call to get | | test.cpp:8:8:8:14 | 0 | test.cpp:9:28:9:29 | v2 | | test.cpp:10:8:10:17 | new | test.cpp:11:28:11:29 | v2 | -| test.cpp:10:8:10:17 | new | test.cpp:11:28:11:29 | v2 | | test.cpp:10:8:10:17 | new | test.cpp:12:28:12:29 | v2 | -| test.cpp:11:28:11:29 | ref arg v2 | test.cpp:12:28:12:29 | v2 | -| test.cpp:11:28:11:29 | v2 | ../../includes/standard-library/memory.h:76:17:76:19 | ptr | -| test.cpp:11:28:11:29 | v2 | test.cpp:11:28:11:29 | ref arg v2 | -| test.cpp:16:13:16:22 | new | test.cpp:17:27:17:28 | v1 | | test.cpp:16:13:16:22 | new | test.cpp:17:27:17:28 | v1 | | test.cpp:16:13:16:22 | new | test.cpp:19:6:19:7 | v1 | -| test.cpp:17:27:17:28 | ref arg v1 | test.cpp:19:6:19:7 | v1 | -| test.cpp:17:27:17:28 | v1 | ../../includes/standard-library/memory.h:76:17:76:19 | ptr | -| test.cpp:17:27:17:28 | v1 | test.cpp:17:27:17:28 | ref arg v1 | | test.cpp:19:6:19:7 | v1 | test.cpp:3:14:3:15 | v1 | nodes -| ../../includes/standard-library/memory.h:76:17:76:19 | ptr | semmle.label | ptr | -| ../../includes/standard-library/memory.h:76:17:76:19 | ptr | semmle.label | ptr | | test.cpp:3:14:3:15 | v1 | semmle.label | v1 | | test.cpp:4:13:4:14 | v1 | semmle.label | v1 | | test.cpp:5:27:5:28 | v1 | semmle.label | v1 | @@ -38,15 +27,9 @@ nodes | test.cpp:8:8:8:14 | 0 | semmle.label | 0 | | test.cpp:9:28:9:29 | v2 | semmle.label | v2 | | test.cpp:10:8:10:17 | new | semmle.label | new | -| test.cpp:11:28:11:29 | ref arg v2 | semmle.label | ref arg v2 | -| test.cpp:11:28:11:29 | v2 | semmle.label | v2 | | test.cpp:11:28:11:29 | v2 | semmle.label | v2 | | test.cpp:12:28:12:29 | v2 | semmle.label | v2 | | test.cpp:16:13:16:22 | new | semmle.label | new | -| test.cpp:17:27:17:28 | ref arg v1 | semmle.label | ref arg v1 | -| test.cpp:17:27:17:28 | v1 | semmle.label | v1 | | test.cpp:17:27:17:28 | v1 | semmle.label | v1 | | test.cpp:19:6:19:7 | v1 | semmle.label | v1 | subpaths -| test.cpp:11:28:11:29 | v2 | ../../includes/standard-library/memory.h:76:17:76:19 | ptr | ../../includes/standard-library/memory.h:76:17:76:19 | ptr | test.cpp:11:28:11:29 | ref arg v2 | -| test.cpp:17:27:17:28 | v1 | ../../includes/standard-library/memory.h:76:17:76:19 | ptr | ../../includes/standard-library/memory.h:76:17:76:19 | ptr | test.cpp:17:27:17:28 | ref arg v1 | From bc122b73e8f4486950766ad0e52c54c6f32d19ec Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 2 Aug 2023 23:41:56 +0100 Subject: [PATCH 1163/2573] Add a change note for A20-8-1/MEM56-CPP/A18-1-4. --- change_notes/2023-08-02-a8-4-13-false-positives.md | 3 ++- change_notes/2023-08-02-smart-pointers.md | 5 +++++ 2 files changed, 7 insertions(+), 1 deletion(-) create mode 100644 change_notes/2023-08-02-smart-pointers.md diff --git a/change_notes/2023-08-02-a8-4-13-false-positives.md b/change_notes/2023-08-02-a8-4-13-false-positives.md index 669a10c9a0..1effc84cb7 100644 --- a/change_notes/2023-08-02-a8-4-13-false-positives.md +++ b/change_notes/2023-08-02-a8-4-13-false-positives.md @@ -1 +1,2 @@ - - `A8-4-13` - reduce false positives when using gcc/clang where a modifying operation was used on a shared_ptr. \ No newline at end of file + - `A8-4-13` + - Address false positives caused by missing modelling of modifying operations for smart pointers for some standard libraries (such as libstdc++). \ No newline at end of file diff --git a/change_notes/2023-08-02-smart-pointers.md b/change_notes/2023-08-02-smart-pointers.md new file mode 100644 index 0000000000..f26d1ca27c --- /dev/null +++ b/change_notes/2023-08-02-smart-pointers.md @@ -0,0 +1,5 @@ + - `A20-8-1`/`MEM56-CPP` + - Address false negatives caused by lack of modelling of flow through smart pointers. + - Reduce flow paths through standard library headers to simplify results. + - `A18-1-4` + - Address false positives caused by missing modelling of modifying operations for smart pointers for some standard libraries (such as libstdc++). \ No newline at end of file From 089397a1e6a1385be0c143a8bc1d84fe9e9c62a8 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 3 Aug 2023 20:37:09 +0100 Subject: [PATCH 1164/2573] STR51-CPP: Address false negatives due to incomplete replace modelling The std::string::replace function uses an internal typedef __const_iterator in libstdc++, instead of the const_iterator typedef. --- change_notes/2023-08-03-string-replace.md | 2 ++ .../cpp/standardlibrary/String.qll | 3 ++- cpp/common/test/includes/standard-library/string | 15 ++++++++------- 3 files changed, 12 insertions(+), 8 deletions(-) create mode 100644 change_notes/2023-08-03-string-replace.md diff --git a/change_notes/2023-08-03-string-replace.md b/change_notes/2023-08-03-string-replace.md new file mode 100644 index 0000000000..58e5800003 --- /dev/null +++ b/change_notes/2023-08-03-string-replace.md @@ -0,0 +1,2 @@ + - `STR51-CPP` + - Address false negatives caused by incomplete modelling of the `std::string::replace()` function. \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/standardlibrary/String.qll b/cpp/common/src/codingstandards/cpp/standardlibrary/String.qll index ed6a4fc8b2..f233410b89 100644 --- a/cpp/common/src/codingstandards/cpp/standardlibrary/String.qll +++ b/cpp/common/src/codingstandards/cpp/standardlibrary/String.qll @@ -45,7 +45,8 @@ class StdBasicString extends ClassTemplateInstantiation { Type getConstIteratorType() { exists(TypedefType t | t.getDeclaringType() = this and - t.getName() = "const_iterator" and + // Certain compilers user __const_iterator instead of const_iterator. + t.getName() = ["const_iterator", "__const_iterator"] and result = t ) } diff --git a/cpp/common/test/includes/standard-library/string b/cpp/common/test/includes/standard-library/string index 8759804234..ca267f6191 100644 --- a/cpp/common/test/includes/standard-library/string +++ b/cpp/common/test/includes/standard-library/string @@ -48,7 +48,8 @@ public: size_type length() const noexcept; typedef __iterator iterator; - typedef __iterator const_iterator; + typedef __iterator __const_iterator; + typedef __const_iterator const_iterator; iterator begin(); iterator end(); @@ -111,17 +112,17 @@ public: size_type n2); basic_string &replace(size_type pos, size_type n1, const charT *s); basic_string &replace(size_type pos, size_type n1, size_type n2, charT c); - basic_string &replace(const_iterator i1, const_iterator i2, + basic_string &replace(__const_iterator i1, __const_iterator i2, const basic_string &str); - basic_string &replace(const_iterator i1, const_iterator i2, const charT *s, + basic_string &replace(__const_iterator i1, __const_iterator i2, const charT *s, size_type n); - basic_string &replace(const_iterator i1, const_iterator i2, const charT *s); - basic_string &replace(const_iterator i1, const_iterator i2, size_type n, + basic_string &replace(__const_iterator i1, __const_iterator i2, const charT *s); + basic_string &replace(__const_iterator i1, __const_iterator i2, size_type n, charT c); template - basic_string &replace(const_iterator i1, const_iterator i2, InputIterator j1, + basic_string &replace(__const_iterator i1, __const_iterator i2, InputIterator j1, InputIterator j2); - basic_string &replace(const_iterator, const_iterator, + basic_string &replace(__const_iterator, __const_iterator, initializer_list); size_type copy(charT *s, size_type n, size_type pos = 0) const; From 1f9a3b4864e5a7c5fb4980b69127ecea6366a4ae Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 4 Aug 2023 01:15:33 +0100 Subject: [PATCH 1165/2573] A15-5-1: Clarify message and handle implicit noexcept(true). --- change_notes/2023-08-04-a15-5-1-noexcept.md | 3 +++ ...ialFunctionMissingNoExceptSpecification.ql | 16 +++++++++++--- ...ctionMissingNoExceptSpecification.expected | 22 +++++++++---------- cpp/autosar/test/rules/A15-5-1/test.cpp | 6 ++--- 4 files changed, 30 insertions(+), 17 deletions(-) create mode 100644 change_notes/2023-08-04-a15-5-1-noexcept.md diff --git a/change_notes/2023-08-04-a15-5-1-noexcept.md b/change_notes/2023-08-04-a15-5-1-noexcept.md new file mode 100644 index 0000000000..3f8c43c64d --- /dev/null +++ b/change_notes/2023-08-04-a15-5-1-noexcept.md @@ -0,0 +1,3 @@ + - `A15-5-1` + - Rephrase alert message for `noalert(false)` special functions to clarify that this permits exceptions. + - Additional results for implicit `noexcept(true)` special functions highlighting that the specification should be made explicit. diff --git a/cpp/autosar/src/rules/A15-5-1/SpecialFunctionMissingNoExceptSpecification.ql b/cpp/autosar/src/rules/A15-5-1/SpecialFunctionMissingNoExceptSpecification.ql index ae61049b6f..77fdd88670 100644 --- a/cpp/autosar/src/rules/A15-5-1/SpecialFunctionMissingNoExceptSpecification.ql +++ b/cpp/autosar/src/rules/A15-5-1/SpecialFunctionMissingNoExceptSpecification.ql @@ -22,15 +22,25 @@ import codingstandards.cpp.exceptions.ExceptionSpecifications from SpecialFunction f, string message where not isExcluded(f, Exceptions2Package::specialFunctionMissingNoExceptSpecificationQuery()) and - not isNoExceptTrue(f) and + not isFDENoExceptTrue(f.getDefinition()) and not f.isCompilerGenerated() and not f.isDeleted() and not f.isDefaulted() and ( isNoExceptExplicitlyFalse(f) and - message = f.getQualifiedName() + " should not be noexcept(false)." + message = + "Special function " + f.getQualifiedName() + + " has a noexcept(false) specification that permits exceptions." or + isNoExceptTrue(f) and + message = + f.getQualifiedName() + + " has an implicit noexcept(true) specification but should make that explicit." + or + not isNoExceptTrue(f) and not isNoExceptExplicitlyFalse(f) and - message = f.getQualifiedName() + " is implicitly noexcept(false) and might throw." + message = + "Special function " + f.getQualifiedName() + + " has an implicit noexcept(false) specification that permits exceptions." ) select f, message diff --git a/cpp/autosar/test/rules/A15-5-1/SpecialFunctionMissingNoExceptSpecification.expected b/cpp/autosar/test/rules/A15-5-1/SpecialFunctionMissingNoExceptSpecification.expected index 9e698e41ae..4c6a3ae4f7 100644 --- a/cpp/autosar/test/rules/A15-5-1/SpecialFunctionMissingNoExceptSpecification.expected +++ b/cpp/autosar/test/rules/A15-5-1/SpecialFunctionMissingNoExceptSpecification.expected @@ -1,11 +1,11 @@ -| test.cpp:5:3:5:9 | ~ClassA | ClassA::~ClassA should not be noexcept(false). | -| test.cpp:9:3:9:9 | ~ClassB | ClassB::~ClassB should not be noexcept(false). | -| test.cpp:38:6:38:20 | operator delete | operator delete is implicitly noexcept(false) and might throw. | -| test.cpp:43:6:43:20 | operator delete | operator delete is implicitly noexcept(false) and might throw. | -| test.cpp:53:11:53:19 | operator= | ClassF::operator= should not be noexcept(false). | -| test.cpp:63:3:63:8 | ClassH | ClassH::ClassH should not be noexcept(false). | -| test.cpp:68:6:68:9 | swap | swap is implicitly noexcept(false) and might throw. | -| test.cpp:72:6:72:9 | swap | swap should not be noexcept(false). | -| test.cpp:77:8:77:11 | swap | ClassI::swap is implicitly noexcept(false) and might throw. | -| test.cpp:82:8:82:11 | swap | ClassJ::swap is implicitly noexcept(false) and might throw. | -| test.cpp:88:6:88:6 | swap | swap is implicitly noexcept(false) and might throw. | +| test.cpp:5:3:5:9 | ~ClassA | Special function ClassA::~ClassA has a noexcept(false) specification that permits exceptions. | +| test.cpp:9:3:9:9 | ~ClassB | Special function ClassB::~ClassB has a noexcept(false) specification that permits exceptions. | +| test.cpp:38:6:38:20 | operator delete | operator delete has an implicit noexcept(true) specification but should make that explicit. | +| test.cpp:43:6:43:20 | operator delete | operator delete has an implicit noexcept(true) specification but should make that explicit. | +| test.cpp:53:11:53:19 | operator= | Special function ClassF::operator= has a noexcept(false) specification that permits exceptions. | +| test.cpp:63:3:63:8 | ClassH | Special function ClassH::ClassH has a noexcept(false) specification that permits exceptions. | +| test.cpp:68:6:68:9 | swap | Special function swap has an implicit noexcept(false) specification that permits exceptions. | +| test.cpp:72:6:72:9 | swap | Special function swap has a noexcept(false) specification that permits exceptions. | +| test.cpp:77:8:77:11 | swap | Special function ClassI::swap has an implicit noexcept(false) specification that permits exceptions. | +| test.cpp:82:8:82:11 | swap | Special function ClassJ::swap has an implicit noexcept(false) specification that permits exceptions. | +| test.cpp:88:6:88:6 | swap | Special function swap has an implicit noexcept(false) specification that permits exceptions. | diff --git a/cpp/autosar/test/rules/A15-5-1/test.cpp b/cpp/autosar/test/rules/A15-5-1/test.cpp index adc45dd36c..353f4f62d7 100644 --- a/cpp/autosar/test/rules/A15-5-1/test.cpp +++ b/cpp/autosar/test/rules/A15-5-1/test.cpp @@ -1,6 +1,6 @@ #include "stddef.h" +#include #include - class ClassA { ~ClassA() noexcept(false) { throw std::exception(); } // NON_COMPLIANT }; @@ -36,12 +36,12 @@ class ClassD { }; void operator delete(void *ptr) { // NON_COMPLIANT - // NOTE: cannot be declared noexcept(false) + // NOTE: defaults to noexcept(true) throw std::exception(); } void operator delete(void *ptr, size_t size) { // NON_COMPLIANT - // NOTE: cannot be declared noexcept(false) + // NOTE: defaults to noexcept(true) throw std::exception(); } From e70089f964988a59fc672dcc802941a3a471a475 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 4 Aug 2023 01:21:42 +0100 Subject: [PATCH 1166/2573] A18-5-5/A18-5-6: Make test case valid for gcc --- cpp/autosar/test/rules/A18-5-5/test.cpp | 2 +- cpp/autosar/test/rules/A18-5-6/test.cpp | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/test/rules/A18-5-5/test.cpp b/cpp/autosar/test/rules/A18-5-5/test.cpp index 73244c15a6..b125f2201a 100644 --- a/cpp/autosar/test/rules/A18-5-5/test.cpp +++ b/cpp/autosar/test/rules/A18-5-5/test.cpp @@ -11,7 +11,7 @@ void *malloc1(int b) { // NON_COMPLIANT - recursion return malloc1(b - 1); } -void *malloc2(int b) __attribute__((no_caller_saved_registers, __malloc__)); +void *malloc2(int b) __attribute__((__malloc__)); void *malloc2(int b) { // NON_COMPLIANT - execution doesn't depend on b for (int i = 0; i < 10; i++) { diff --git a/cpp/autosar/test/rules/A18-5-6/test.cpp b/cpp/autosar/test/rules/A18-5-6/test.cpp index 576dbc02fa..a9434ed1b5 100644 --- a/cpp/autosar/test/rules/A18-5-6/test.cpp +++ b/cpp/autosar/test/rules/A18-5-6/test.cpp @@ -4,7 +4,7 @@ void *malloc1(int b) __attribute__((malloc)); void *malloc1(int b) { return nullptr; } // NON_COMPLIANT -void *malloc3(int b) __attribute__((no_caller_saved_registers, __malloc__)); +void *malloc3(int b) __attribute__((__malloc__)); void *malloc3(int b) { return nullptr; } // NON_COMPLIANT void h1() {} // NON_COMPLIANT From eb9541983ac6eace2ead9388646ead2840b6f167 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 4 Aug 2023 18:13:56 +0100 Subject: [PATCH 1167/2573] CON50-CPP: Mutexes do not have destructors in most real libraries Mark ~mutex() as deleted, as that is what we see in real libraries. Also modify lock_guard. This didn't have any affect on the test, but retained to ensure we better reflect real compilers. --- cpp/common/test/includes/standard-library/mutex.h | 10 +++++++--- .../DoNotDestroyAMutexWhileItIsLocked.expected | 3 --- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/cpp/common/test/includes/standard-library/mutex.h b/cpp/common/test/includes/standard-library/mutex.h index 4f16824861..4c49819ddd 100644 --- a/cpp/common/test/includes/standard-library/mutex.h +++ b/cpp/common/test/includes/standard-library/mutex.h @@ -23,7 +23,7 @@ constexpr try_to_lock_t try_to_lock{}; class mutex { public: constexpr mutex() noexcept; - ~mutex(); + ~mutex() = default; mutex(const mutex &) = delete; mutex &operator=(const mutex &) = delete; void lock(); @@ -62,15 +62,19 @@ template void swap(unique_lock &x, unique_lock &y) noexcept; template -void lock(_Lock0 &_Lk0, _Lock1 &_Lk1, _LockN &..._LkN) { } +void lock(_Lock0 &_Lk0, _Lock1 &_Lk1, _LockN &..._LkN) {} template class lock_guard { public: typedef Mutex mutex_type; - explicit lock_guard(mutex_type &__m); + explicit lock_guard(mutex_type &__m) : _m(__m) { _m.lock(); } lock_guard(const lock_guard &) = delete; lock_guard &operator=(const lock_guard &) = delete; + ~lock_guard() { _m.unlock(); } + +private: + mutex_type &_m; }; } // namespace std diff --git a/cpp/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.expected b/cpp/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.expected index 0ae4aafa66..71ccc11ba7 100644 --- a/cpp/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.expected +++ b/cpp/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.expected @@ -1,6 +1,3 @@ -| test.cpp:4:18:4:33 | call to mutex | Mutex used by thread potentially $@ while in use. | test.cpp:11:18:11:26 | call to ~mutex | destroyed | | test.cpp:4:18:4:33 | call to mutex | Mutex used by thread potentially $@ while in use. | test.cpp:11:18:11:26 | delete | destroyed | -| test.cpp:16:14:16:15 | call to mutex | Mutex used by thread potentially $@ while in use. | test.cpp:21:1:21:1 | call to ~mutex | destroyed | | test.cpp:16:14:16:15 | call to mutex | Mutex used by thread potentially $@ while in use. | test.cpp:21:1:21:1 | return ... | destroyed | -| test.cpp:94:8:94:23 | call to mutex | Mutex used by thread potentially $@ while in use. | test.cpp:10:34:10:42 | call to ~mutex | destroyed | | test.cpp:94:8:94:23 | call to mutex | Mutex used by thread potentially $@ while in use. | test.cpp:10:34:10:42 | delete | destroyed | From 6aaf0ee2a5c6c35440b142637eae855e1e5abf9c Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 4 Aug 2023 21:43:14 +0100 Subject: [PATCH 1168/2573] A15-2-2: Address compiler compatibility issue This query included some spurious edges for results that are outside the source location. We now exclude constructors outside the source archive to avoid these spurious edges, and make the result more stable. --- .../ConstructorErrorLeavesObjectInInvalidState.ql | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql b/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql index 5fbd09d522..47a4e86c19 100644 --- a/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql +++ b/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql @@ -78,11 +78,18 @@ class DeleteWrapperFunction extends Function { class ExceptionThrownInConstructor extends ExceptionThrowingExpr { Constructor c; - ExceptionThrownInConstructor() { exists(getAFunctionThrownType(c, this)) } + ExceptionThrownInConstructor() { + exists(getAFunctionThrownType(c, this)) and + // The constructor is within the users source code + exists(c.getFile().getRelativePath()) + } Constructor getConstructor() { result = c } } +/** + * Add the `nodes` predicate to ensure results with an empty path are still reported. + */ query predicate nodes(ExceptionFlowNode node) { any() } from From 14e4193c997fd88148f43444fa5c3288511a755f Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 6 Aug 2023 23:35:13 +0100 Subject: [PATCH 1169/2573] A16-2-2: Library includes are not useless on real compilers Our useless include query is looking for includes where nothing from the included file is used by the including file. In this case, the declaration of v transitively uses std::size_t, and `#include ` transitively includes the file that defines std::size_t. To detect such cases we would need to report redundant includes e.g. includes for which useful symbols are provided, but which are made unnecessary by other imports in the file. For now we just exclude these expected results, as modifying the query is tricky. Furthermore, the intention of the rule is actually that we check standard library includes against the list of symbols as per the standard library, but again this is challenging. --- .../test/rules/A16-2-2/UnusedIncludeDirectives.expected.clang | 1 + .../test/rules/A16-2-2/UnusedIncludeDirectives.expected.gcc | 1 + .../test/rules/A16-2-2/UnusedIncludeDirectives.expected.qcc | 1 + cpp/autosar/test/rules/A16-2-2/test.cpp | 4 ++-- 4 files changed, 5 insertions(+), 2 deletions(-) create mode 100644 cpp/autosar/test/rules/A16-2-2/UnusedIncludeDirectives.expected.clang create mode 100644 cpp/autosar/test/rules/A16-2-2/UnusedIncludeDirectives.expected.gcc create mode 100644 cpp/autosar/test/rules/A16-2-2/UnusedIncludeDirectives.expected.qcc diff --git a/cpp/autosar/test/rules/A16-2-2/UnusedIncludeDirectives.expected.clang b/cpp/autosar/test/rules/A16-2-2/UnusedIncludeDirectives.expected.clang new file mode 100644 index 0000000000..153bf8fa0f --- /dev/null +++ b/cpp/autosar/test/rules/A16-2-2/UnusedIncludeDirectives.expected.clang @@ -0,0 +1 @@ +| test.cpp:1:1:1:19 | #include "test.hpp" | Nothing in this file uses anything from "test.hpp" | diff --git a/cpp/autosar/test/rules/A16-2-2/UnusedIncludeDirectives.expected.gcc b/cpp/autosar/test/rules/A16-2-2/UnusedIncludeDirectives.expected.gcc new file mode 100644 index 0000000000..153bf8fa0f --- /dev/null +++ b/cpp/autosar/test/rules/A16-2-2/UnusedIncludeDirectives.expected.gcc @@ -0,0 +1 @@ +| test.cpp:1:1:1:19 | #include "test.hpp" | Nothing in this file uses anything from "test.hpp" | diff --git a/cpp/autosar/test/rules/A16-2-2/UnusedIncludeDirectives.expected.qcc b/cpp/autosar/test/rules/A16-2-2/UnusedIncludeDirectives.expected.qcc new file mode 100644 index 0000000000..153bf8fa0f --- /dev/null +++ b/cpp/autosar/test/rules/A16-2-2/UnusedIncludeDirectives.expected.qcc @@ -0,0 +1 @@ +| test.cpp:1:1:1:19 | #include "test.hpp" | Nothing in this file uses anything from "test.hpp" | diff --git a/cpp/autosar/test/rules/A16-2-2/test.cpp b/cpp/autosar/test/rules/A16-2-2/test.cpp index 50c66461b4..571675ab18 100644 --- a/cpp/autosar/test/rules/A16-2-2/test.cpp +++ b/cpp/autosar/test/rules/A16-2-2/test.cpp @@ -1,5 +1,5 @@ -#include "test.hpp" //NON_COMPLIANT -#include //NON_COMPLIANT +#include "test.hpp" //NON_COMPLIANT +#include //NON_COMPLIANT - redundant but not useless on real compilers #include //COMPLIANT std::vector v; \ No newline at end of file From f283a3839a397df460712d7986311934f9f845be Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Tue, 8 Aug 2023 15:26:41 -0400 Subject: [PATCH 1170/2573] fixes --- .../src/codingstandards/cpp/Concurrency.qll | 17 ++++++++++++++++- ...reventDeadlockByLockingInPredefinedOrder.qll | 6 +++++- 2 files changed, 21 insertions(+), 2 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Concurrency.qll b/cpp/common/src/codingstandards/cpp/Concurrency.qll index 7c92d93752..609cfafc4b 100644 --- a/cpp/common/src/codingstandards/cpp/Concurrency.qll +++ b/cpp/common/src/codingstandards/cpp/Concurrency.qll @@ -114,7 +114,10 @@ class CPPMutexFunctionCall extends MutexFunctionCall { /** * Holds if this `CPPMutexFunctionCall` is a lock. */ - override predicate isLock() { getTarget().getName() = "lock" } + override predicate isLock() { + not isLockingOperationWithinLockingOperation(this) and + getTarget().getName() = "lock" + } /** * Holds if this `CPPMutexFunctionCall` is a speculative lock, defined as calling @@ -172,6 +175,7 @@ class CMutexFunctionCall extends MutexFunctionCall { * Holds if this `CMutexFunctionCall` is a lock. */ override predicate isLock() { + not isLockingOperationWithinLockingOperation(this) and getTarget().getName() = ["mtx_lock", "mtx_timedlock", "mtx_trylock"] } @@ -296,6 +300,16 @@ abstract class LockingOperation extends FunctionCall { * Holds if this is an unlock operation */ abstract predicate isUnlock(); + + /** + * Holds if this locking operation is really a locking operation within a + * designated locking operation. This library assumes the underlying locking + * operations are implemented correctly in that calling a `LockingOperation` + * results in the creation of a singular lock. + */ + predicate isLockingOperationWithinLockingOperation(LockingOperation inner) { + exists(LockingOperation outer | outer.getTarget() = inner.getEnclosingFunction()) + } } /** @@ -317,6 +331,7 @@ class RAIIStyleLock extends LockingOperation { * Holds if this is a lock operation */ override predicate isLock() { + not isLockingOperationWithinLockingOperation(this) and this instanceof ConstructorCall and lock = getArgument(0).getAChild*() and // defer_locks don't cause a lock diff --git a/cpp/common/src/codingstandards/cpp/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.qll b/cpp/common/src/codingstandards/cpp/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.qll index 3767f023a0..db755293c6 100644 --- a/cpp/common/src/codingstandards/cpp/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.qll +++ b/cpp/common/src/codingstandards/cpp/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.qll @@ -24,7 +24,11 @@ predicate getAnOrderedLockPair( lock1 = node.coveredByLock() and lock2 = node.coveredByLock() and not lock1 = lock2 and - lock1.getEnclosingFunction() = lock2.getEnclosingFunction() and + exists(Function f | + lock1.getEnclosingFunction() = f and + lock2.getEnclosingFunction() = f and + node.getBasicBlock().getEnclosingFunction() = f + ) and exists(Location l1Loc, Location l2Loc | l1Loc = lock1.getLocation() and l2Loc = lock2.getLocation() From f6a9d301293976428bd0dbbe17be23a6d11a7a06 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 14 Aug 2023 00:23:37 +0100 Subject: [PATCH 1171/2573] A18-1-4: Address compiler compatibility issue libc++ defines release inline in the header, which causes extraneous paths to be reported by CodeQL. Adjust to summarize and exclude. --- ...oAnElementOfAnArrayPassedToASmartPointer.ql | 18 ++++++++++++++++++ .../src/codingstandards/cpp/SmartPointers.qll | 5 +++++ .../test/includes/standard-library/memory.h | 9 ++++++++- 3 files changed, 31 insertions(+), 1 deletion(-) diff --git a/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql b/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql index 5996448a38..639de937f7 100644 --- a/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql +++ b/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql @@ -50,6 +50,24 @@ class SingleObjectSmartPointerArrayConstructionConfig extends TaintTracking::Con ) ) } + + override predicate isAdditionalTaintStep(DataFlow::Node source, DataFlow::Node sink) { + exists(AutosarUniquePointer sp, FunctionCall fc | + fc = sp.getAReleaseCall() and + source.asExpr() = fc.getQualifier() and + sink.asExpr() = fc + ) + } + + override predicate isSanitizerIn(DataFlow::Node node) { + // Exclude flow into header files outside the source archive which are summarized by the + // additional taint steps above. + exists(AutosarUniquePointer sp | + sp.getAReleaseCall().getTarget() = node.asExpr().(ThisExpr).getEnclosingFunction() + | + not exists(node.getLocation().getFile().getRelativePath()) + ) + } } from diff --git a/cpp/common/src/codingstandards/cpp/SmartPointers.qll b/cpp/common/src/codingstandards/cpp/SmartPointers.qll index 46d5626a87..0f01d886be 100644 --- a/cpp/common/src/codingstandards/cpp/SmartPointers.qll +++ b/cpp/common/src/codingstandards/cpp/SmartPointers.qll @@ -70,6 +70,11 @@ abstract class AutosarSmartPointer extends Class { class AutosarUniquePointer extends AutosarSmartPointer { AutosarUniquePointer() { this.hasQualifiedName("std", "unique_ptr") } + + FunctionCall getAReleaseCall() { + result.getTarget().hasName("release") and + result.getQualifier().getType().stripType() = this + } } class AutosarSharedPointer extends AutosarSmartPointer { diff --git a/cpp/common/test/includes/standard-library/memory.h b/cpp/common/test/includes/standard-library/memory.h index ba361a4dc6..985ee41602 100644 --- a/cpp/common/test/includes/standard-library/memory.h +++ b/cpp/common/test/includes/standard-library/memory.h @@ -57,13 +57,20 @@ template class unique_ptr { pointer get() const noexcept; explicit operator bool() const noexcept; - pointer release() noexcept; + pointer release() noexcept { + pointer __p = get(); + _M_p = pointer(); + return __p; + } void reset(pointer p = pointer()) noexcept; void reset(nullptr_t) noexcept; template void reset(U) = delete; void swap(unique_ptr &u) noexcept; unique_ptr(const unique_ptr &) = delete; unique_ptr &operator=(const unique_ptr &) = delete; + +private: + pointer _M_p; }; template unique_ptr make_unique(Args &&...args); From c0efa2e8b9d603b5bdd1ce9979a25263710f5fcf Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 14 Aug 2023 11:47:46 +0100 Subject: [PATCH 1172/2573] Update ISO 26262 breadth of use statement LGTM.com is no longer used for testing of CodeQL releases. --- docs/iso_26262_tool_qualification.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/docs/iso_26262_tool_qualification.md b/docs/iso_26262_tool_qualification.md index 9240ecefc9..22de2f5a21 100644 --- a/docs/iso_26262_tool_qualification.md +++ b/docs/iso_26262_tool_qualification.md @@ -11,6 +11,7 @@ | 0.3.0 | 2021-09-08 | Luke Cartey | Update the customer table. | | 0.4.0 | 2021-09-19 | Luke Cartey | Add more detail on approach to V&V. Update section around increased confidence from use. | | 0.5.0 | 2021-11-29 | Remco Vermeulen | Add document management section. | +| 0.6.0 | 2023-08-14 | Luke Cartey | Update use and testing statement after LGTM.com deprecation. | ## Introduction @@ -100,9 +101,9 @@ The CodeQL CLI and CodeQL Standard Library for C++ are extensively used by both The versions of the CodeQL CLI and CodeQL Standard Library for C++ are identical to those shipped to both customers and open source users, and the use cases are comparable. -In terms of breadth of use, between the 4th September 2021 and 7th September 2021 11,788 open source C/C++ repositories were successfully analyzed on [LGTM.com](https://lgtm.com), a platform provided by GitHub for performing analysis of open source repositories[^1] using CodeQL. Each version of the CodeQL CLI and CodeQL Standard Library for C++ version will undergo similarly broad testing on LGTM.com before being adopted by the CodeQL Coding Standards. +In terms of breadth of use, between the 4th September 2021 and 7th September 2021 11,788 open source C/C++ repositories were successfully analyzed on [LGTM.com](https://lgtm.com), a platform provided by GitHub for performing analysis of open source repositories[^1] using CodeQL. In addition, at that time we also analyzed a further 748 C++ repos using CodeQL via the "Code Scanning" feature included in GitHub.com. This includes both private closed source and open source software. -In addition to testing on LGTM.com, we have also analyzed a further 748 C++ repos using CodeQL via the "Code Scanning" feature included in GitHub.com. This includes both private closed source and open source software. +Each version of the CodeQL CLI and CodeQL Standard Library for C++ version will undergo similarly broad testing on GitHub.com before being adopted by the CodeQL Coding Standards. In addition, the following companies have publicly described their use of CodeQL for C++: From c0dca29062afe3da015ae9499dcea4e4f37b0742 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 14 Aug 2023 11:52:57 +0100 Subject: [PATCH 1173/2573] Dev Handbook: remove LGTM references. --- docs/development_handbook.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/docs/development_handbook.md b/docs/development_handbook.md index 897ab59d3b..8aeb1ee5e5 100644 --- a/docs/development_handbook.md +++ b/docs/development_handbook.md @@ -34,6 +34,7 @@ | 0.25.0 | 2022-07-22 | Jeroen Ketema | Document the existence and purpose of the `next` branch. | | 0.26.0 | 2022-08-10 | Remco Vermeulen | Address incorrect package file generation command. This was missing the required language argument. | | 0.27.0 | 2022-11-08 | Luke Cartey | Update the versions of C we intend to support to exclude C90, which reflects the intended scope at the outset of the project. | +| 0.28.0 | 2023-08-14 | Luke Cartey | Remove references to LGTM which is now a legacy product. | ## Scope of work @@ -475,7 +476,7 @@ For the purpose of this repository, and any tool qualification, we consider thes To (a) clearly specify the supported versions of these external dependencies and to (b) enable automation around them, the repository contains a `supported_codeql_configs.json` which lists the sets of supported configurations. There are four fields: * `codeql_cli` - this is the plain version number of the supported CodeQL CLI, e.g. `2.6.3`. - * `codeql_standard_library` - this is the name of a tag on the `github.com/github/codeql` repository. The tag should be compatible with the CodeQL CLI given above. For an enterprise release compatible with LGTM an `lgtm/v` should be chosen. For CodeQL CLI releases which are not tied to an enterprise release we would typically use `codeql-cli/v`, although any tag which is compatible is allowed. + * `codeql_standard_library` - this is the name of a tag on the `github.com/github/codeql` repository. The tag should be compatible with the CodeQL CLI given above. This would typically use the `codeql-cli/v` tag for the release, although any tag which is compatible is allowed. * `codeql_cli_bundle` - (optional) - if present, describes the CodeQL CLI bundle version that is compatible. The bundle should include precisely the CodeQL CLI version and CodeQL Standard Library versions specified in the two mandatory fields. * `ghes` - (optional) - if present describes the GitHub Enterprise Server release whose integrated copy of the CodeQL Action points to the CodeQL CLI bundle specified in the `codeql_cli_bundle` field. @@ -497,8 +498,8 @@ To upgrade the CodeQL external dependencies: - GHES - CodeQL CLI Bundle - and GitHub Enterprise Server > - + > + ## CodeQL dependency upgrade checklist: @@ -548,10 +549,9 @@ Ensure that the same release branch is created in the [codeql-coding-standards-h There is an automated CI/CD job ([Code Scanning Query Pack Generation](../.github/workflows/code-scanning-pack-gen.yml)) provided that generates the following release artifacts for Coding Standards: - - LGTM query pack - generates a query pack that can be deployed to LGTM. - - Code Scanning query pack - generates a zipped folder that can be used with the CodeQL CLI directly, or with GitHub Advanced Security. + - Code Scanning query pack - generates a zipped folder that can be used with the CodeQL CLI directly, or with GitHub Advanced Security. -**Use of LGTM and GitHub Advanced Security is not in scope for ISO 26262 tool qualification. See [user_manual.md#github-advanced-security-and-lgtm](user_manual.md#github-advanced-security-and-lgtm) for more information**. +**Use of Code Scanning within GitHub Advanced Security is not in scope for ISO 26262 tool qualification. See [user_manual.md#github-advanced-security](user_manual.md#github-advanced-security) for more information**. These run on every push to `main` and `rc/*`, and on every pull request, and are releasable without modification, assuming all other status checks succeed on the same commit. From b10804772b20f5d062a9e9a65d8bf7e6498bc54b Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 14 Aug 2023 11:54:19 +0100 Subject: [PATCH 1174/2573] Update code comment link to CodeQL help --- cpp/autosar/src/rules/A16-2-2/PreprocBlock.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/src/rules/A16-2-2/PreprocBlock.qll b/cpp/autosar/src/rules/A16-2-2/PreprocBlock.qll index f684b5d954..d83e33147c 100644 --- a/cpp/autosar/src/rules/A16-2-2/PreprocBlock.qll +++ b/cpp/autosar/src/rules/A16-2-2/PreprocBlock.qll @@ -43,7 +43,7 @@ class PreprocessorBlock extends @element { * The location spans column `startcolumn` of line `startline` to * column `endcolumn` of line `endline` in file `filepath`. * For more information, see - * [LGTM locations](https://lgtm.com/help/ql/locations). + * [CodeQL locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). */ predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn From 1ba15c3ca75a8ca4501b6b5f4de83c6f4bfaa4ff Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 14 Aug 2023 11:55:36 +0100 Subject: [PATCH 1175/2573] Fix bump script to work with non-anon artefact --- scripts/bump_version.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/bump_version.sh b/scripts/bump_version.sh index 5c4209ac99..27a15b8ab8 100644 --- a/scripts/bump_version.sh +++ b/scripts/bump_version.sh @@ -14,7 +14,7 @@ find . -name 'qlpack.yml' | grep -v './codeql_modules' | grep -v './scripts' | x # update the documentation. -find docs -name 'user_manual.md' | xargs sed -i "s/code-scanning-cpp-query-pack-anon-.*\.zip\`/code-scanning-cpp-query-pack-anon-${1}.zip\`/" +find docs -name 'user_manual.md' | xargs sed -i "s/code-scanning-cpp-query-pack-.*\.zip\`/code-scanning-cpp-query-pack-${1}.zip\`/" find docs -name 'user_manual.md' | xargs sed -i "s/supported_rules_list_.*\.csv\`/supported_rules_list_${1}.csv\`/" find docs -name 'user_manual.md' | xargs sed -i "s/supported_rules_list_.*\.md\`/upported_rules_list_${1}.md\`/" find docs -name 'user_manual.md' | xargs sed -i "s/user_manual_.*\.md\`/user_manual_${1}.md\`/" From 989fe99f5d21957108268445c1c8cd72010f738e Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 16 Aug 2023 15:02:22 +0100 Subject: [PATCH 1176/2573] User manual: update list of supported compiler configurations. --- docs/user_manual.md | 25 ++++++++++++++++--------- 1 file changed, 16 insertions(+), 9 deletions(-) diff --git a/docs/user_manual.md b/docs/user_manual.md index a1404b62b4..4efa834c76 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -22,6 +22,7 @@ | 0.14.0 | 2022-11-03 | Remco Vermeulen | Add guideline recategorization plan. | | 0.15.0 | 2023-05-24 | Mauro Baluda | Clarify AUTOSAR C++ supported versions. | | 0.16.0 | 2023-07-03 | Luke Cartey | Remove reference to LGTM, update the name of the query pack | +| 0.17.0 | 2023-08-16 | Luke Cartey | Update list of supported compiler configurations. | ## Release information @@ -89,23 +90,29 @@ In addition, the machine which performs the analysis must be able to complete a #### C++ -For C++ the codebase under analysis must: - * Comply with C++14 - * Use one of the following supported compilers: - - Clang version 10 +For C++ the codebase under analysis must comply with C++14 and use one of the following supported compiler configurations: + +| Compiler | Version | Standard library | Target architecture | Required flags | +| -------- | ------- | ------------------- | --------------------- | -------------------------------- | +| clang | 10.0.0 | libstdc++ (default) | x86_64-linux-gnu | -std=c++14 | +| gcc | 8.4.0 | libstdc++ (default) | x86_64-linux-gnu | -std=c++14 | +| qcc | 8.3.0 | libc++ (default) | gcc_ntoaarch64le_cxx | -std=c++14 -D_QNX_SOURCE -nopipe | Use of the queries outside these scenarios is possible, but not validated for functional safety. In particular: - Use of the queries against codebases written with more recent versions of C++ (as supported by CodeQL) are not validated in the following circumstances: - When new language features are used - When language features are used which have a differing interpretation from C++14. - - Use of the queries against codebases which use other compilers or other compiler versions supported by CodeQL (e.g. gcc) is not tested or validated for functional safety. + - Use of the queries against codebases which use other compilers or other compiler versions supported by CodeQL is not tested or validated for functional safety. #### C -For C the codebase under analysis must: - * Comply with C99 or C11. - * Use one of the following supported compilers: - - Clang version 10 +For C the codebase under analysis must comply with C99 or C11 and use one of the following supported compiler configurations: + +| Compiler | Version | Standard library | Target architecture | Required Flags | +| -------- | ------- | ------------------- | --------------------- | -------------------------- | +| clang | 10.0.0 | glibc (default) | x86_64-linux-gnu | -std=c11 | +| gcc | 8.4.0 | glibc (default) | x86_64-linux-gnu | -std=c11 | +| qcc | 8.3.0 | glibc (default) | gcc_ntoaarch64le | -std=c11 -nopipe | Use of the queries outside these scenarios is possible, but not validated for functional safety. In particular: - Use of the queries against codebases written with more recent versions of C (as supported by CodeQL) are not validated in the following circumstances: From b45c846cb10347b0d864c0e715f07a41bf8b4ec5 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 16 Aug 2023 17:51:40 +0100 Subject: [PATCH 1177/2573] Update to CodeQL CLI 2.12.7. --- supported_codeql_configs.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/supported_codeql_configs.json b/supported_codeql_configs.json index ff7551a34f..b62a99c892 100644 --- a/supported_codeql_configs.json +++ b/supported_codeql_configs.json @@ -1,9 +1,9 @@ { "supported_environment": [ { - "codeql_cli": "2.11.6", - "codeql_standard_library": "codeql-cli/v2.11.6", - "codeql_cli_bundle": "codeql-bundle-20221211" + "codeql_cli": "2.12.7", + "codeql_standard_library": "codeql-cli/v2.12.7", + "codeql_cli_bundle": "codeql-bundle-20230418" } ], "supported_language": [ From e60bc7b05bfb0a5c4f3b2396230ea2988f18f65d Mon Sep 17 00:00:00 2001 From: jsinglet Date: Wed, 16 Aug 2023 17:09:50 +0000 Subject: [PATCH 1178/2573] Version bump to 2.22.0-dev. --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- docs/user_manual.md | 12 ++++++------ 16 files changed, 21 insertions(+), 21 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index 1c407d8aa8..b4be806864 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards -version: 2.21.0-dev +version: 2.22.0-dev description: CERT C 2016 suites: codeql-suites license: MIT diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index 4851e3f1cd..fee5a2f16e 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards-tests -version: 2.21.0-dev +version: 2.22.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index df6a55604d..ebb3ecb774 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards -version: 2.21.0-dev +version: 2.22.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index cfb440c039..9c82dfd3dd 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards-tests -version: 2.21.0-dev +version: 2.22.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 947701e1e3..fc535f7d68 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards -version: 2.21.0-dev +version: 2.22.0-dev description: MISRA C 2012 suites: codeql-suites license: MIT diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index 3cb8496e8f..b64a6fb167 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards-tests -version: 2.21.0-dev +version: 2.22.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index abfd269968..52c576967d 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards -version: 2.21.0-dev +version: 2.22.0-dev description: AUTOSAR C++14 Guidelines R22-11, R21-11, R20-11, R19-11 and R19-03 suites: codeql-suites license: MIT diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index 39894c7646..062c269f5e 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards-tests -version: 2.21.0-dev +version: 2.22.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index 7c6a9bc84f..43fbde70fe 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards -version: 2.21.0-dev +version: 2.22.0-dev description: CERT C++ 2016 suites: codeql-suites license: MIT diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index e1824cc8fd..2c879e82a2 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards-tests -version: 2.21.0-dev +version: 2.22.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index 6da60f7463..496ed5c7e2 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards -version: 2.21.0-dev +version: 2.22.0-dev license: MIT dependencies: codeql/cpp-all: 0.4.6 \ No newline at end of file diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index 36f215a51b..5a5374e947 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards-tests -version: 2.21.0-dev +version: 2.22.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index 2aafabc604..d4e3edb901 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards -version: 2.21.0-dev +version: 2.22.0-dev description: MISRA C++ 2008 suites: codeql-suites license: MIT diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index 641f118252..f8b7339f66 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards-tests -version: 2.21.0-dev +version: 2.22.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index 18965af30b..e56e87a29f 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/report-cpp-coding-standards -version: 2.21.0-dev +version: 2.22.0-dev license: MIT dependencies: codeql/cpp-all: 0.4.6 diff --git a/docs/user_manual.md b/docs/user_manual.md index a1404b62b4..60611016f2 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -25,13 +25,13 @@ ## Release information -This user manual documents release `2.21.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). +This user manual documents release `2.22.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). The release page documents the release notes and contains the following artifacts part of the release: -- `code-scanning-cpp-query-pack-2.21.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `supported_rules_list_2.21.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. -- `supported_rules_list_2.21.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. -- `user_manual_2.21.0-dev.md`: This user manual. +- `code-scanning-cpp-query-pack-2.22.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. +- `supported_rules_list_2.22.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. +- `upported_rules_list_2.22.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. +- `user_manual_2.22.0-dev.md`: This user manual. - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards - `checksums.txt`: A text file containing sha256 checksums for the aforementioned artifacts. @@ -460,7 +460,7 @@ This section describes known failure modes for "CodeQL Coding Standards" and des | | Ouf of space | Less output. Some files may be only be partially analyzed, or not analyzed at all. | Error reported on the command line. | Increase space. If it remains an issue report space consumption issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False positives | More output. Results are reported which are not violations of the guidelines. | All reported results must be reviewed. | Report false positive issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False negatives | Less output. Violations of the guidelines are not reported. | Other validation and verification processes during software development should be used to complement the analysis performed by CodeQL Coding Standards. | Report false negative issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | -| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.21.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | +| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.22.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | | | Incorrect deviation record specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation records with a reason. Ensure that all deviation records are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Incorrect deviation permit specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation permits with a reason. Ensure that all deviation permits are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Unapproved use of a deviation record | Less output. Results for guideline violations are not reported. | Validate that the deviation record use is approved by verifying the approved-by attribute of the deviation record specification. | Ensure that each raised deviation record is approved by an independent approver through an auditable process. | From 89d368d9b7c7246d7e30d4e4a6e0a52574c81dea Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 16 Aug 2023 13:16:35 -0400 Subject: [PATCH 1179/2573] fix to script --- docs/user_manual.md | 2 +- scripts/bump_version.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/user_manual.md b/docs/user_manual.md index 60611016f2..c094943bdb 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -30,7 +30,7 @@ The release page documents the release notes and contains the following artifact - `code-scanning-cpp-query-pack-2.22.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. - `supported_rules_list_2.22.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. -- `upported_rules_list_2.22.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. +- `supported_rules_list_2.22.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. - `user_manual_2.22.0-dev.md`: This user manual. - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards diff --git a/scripts/bump_version.sh b/scripts/bump_version.sh index 27a15b8ab8..bc3e7495e3 100644 --- a/scripts/bump_version.sh +++ b/scripts/bump_version.sh @@ -16,7 +16,7 @@ find . -name 'qlpack.yml' | grep -v './codeql_modules' | grep -v './scripts' | x find docs -name 'user_manual.md' | xargs sed -i "s/code-scanning-cpp-query-pack-.*\.zip\`/code-scanning-cpp-query-pack-${1}.zip\`/" find docs -name 'user_manual.md' | xargs sed -i "s/supported_rules_list_.*\.csv\`/supported_rules_list_${1}.csv\`/" -find docs -name 'user_manual.md' | xargs sed -i "s/supported_rules_list_.*\.md\`/upported_rules_list_${1}.md\`/" +find docs -name 'user_manual.md' | xargs sed -i "s/supported_rules_list_.*\.md\`/supported_rules_list_${1}.md\`/" find docs -name 'user_manual.md' | xargs sed -i "s/user_manual_.*\.md\`/user_manual_${1}.md\`/" find docs -name 'user_manual.md' | xargs sed -i "s/This user manual documents release \`.*\` of/This user manual documents release \`${1}\` of/" From a810682f0407117024249bf9a8a6dc2fdfab8c74 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 16 Aug 2023 23:18:37 +0100 Subject: [PATCH 1180/2573] Add quick & dirty script for updating codeql dependencies --- scripts/update_codeql_dependency.sh | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100755 scripts/update_codeql_dependency.sh diff --git a/scripts/update_codeql_dependency.sh b/scripts/update_codeql_dependency.sh new file mode 100755 index 0000000000..9a2a7ca3d5 --- /dev/null +++ b/scripts/update_codeql_dependency.sh @@ -0,0 +1,18 @@ +#!/usr/bin/env bash + +# If there aren't two arguments, print usage and exit. +if [[ -z $2 ]]; +then + echo "Usage: bump_version.sh " + exit +fi + +echo "Updating CodeQL dependency $1 to $2." + +# update the qlpacks +find . -name 'qlpack.yml' | grep -v './codeql_modules' | grep -v './scripts' | xargs sed -i -r "s#${1}: [^\s]+#${1}: ${2}#" + +# update the lock files +find . -name 'codeql-pack.lock.yml' | grep -v './codeql_modules' | grep -v './scripts' | xargs sed -i -r -z "s#${1}:\n(\s*)version: [^\s]+\n#${1}:\n\1version: ${2}\n#" + +echo "Done." \ No newline at end of file From 208b8f97c4e368fb367b1ef93e82d2347e9c29f4 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 16 Aug 2023 23:19:06 +0100 Subject: [PATCH 1181/2573] Update CodeQL dependencies for 2.12.7 Update codeql/cpp-all to 0.6.1 and codeql/ssa to 0.0.14 to match the packs shipped with 2.12.7. --- c/cert/src/codeql-pack.lock.yml | 4 +++- c/cert/src/qlpack.yml | 2 +- c/cert/test/codeql-pack.lock.yml | 4 +++- c/common/src/codeql-pack.lock.yml | 4 +++- c/common/src/qlpack.yml | 2 +- c/common/test/codeql-pack.lock.yml | 4 +++- c/misra/src/codeql-pack.lock.yml | 4 +++- c/misra/src/qlpack.yml | 2 +- c/misra/test/codeql-pack.lock.yml | 4 +++- cpp/autosar/src/codeql-pack.lock.yml | 4 +++- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/codeql-pack.lock.yml | 4 +++- cpp/cert/src/codeql-pack.lock.yml | 4 +++- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/codeql-pack.lock.yml | 4 +++- cpp/common/src/codeql-pack.lock.yml | 4 +++- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/codeql-pack.lock.yml | 4 +++- cpp/misra/src/codeql-pack.lock.yml | 4 +++- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/codeql-pack.lock.yml | 4 +++- cpp/report/src/codeql-pack.lock.yml | 4 +++- cpp/report/src/qlpack.yml | 2 +- 23 files changed, 53 insertions(+), 23 deletions(-) diff --git a/c/cert/src/codeql-pack.lock.yml b/c/cert/src/codeql-pack.lock.yml index a7035a9f24..e7600d8458 100644 --- a/c/cert/src/codeql-pack.lock.yml +++ b/c/cert/src/codeql-pack.lock.yml @@ -2,7 +2,9 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.6 + version: 0.6.1 codeql/ssa: + version: 0.0.14 + codeql/tutorial: version: 0.0.7 compiled: false diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index 1c407d8aa8..f3c2b36774 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -5,4 +5,4 @@ suites: codeql-suites license: MIT dependencies: codeql/common-c-coding-standards: '*' - codeql/cpp-all: 0.4.6 + codeql/cpp-all: 0.6.1 diff --git a/c/cert/test/codeql-pack.lock.yml b/c/cert/test/codeql-pack.lock.yml index a7035a9f24..e7600d8458 100644 --- a/c/cert/test/codeql-pack.lock.yml +++ b/c/cert/test/codeql-pack.lock.yml @@ -2,7 +2,9 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.6 + version: 0.6.1 codeql/ssa: + version: 0.0.14 + codeql/tutorial: version: 0.0.7 compiled: false diff --git a/c/common/src/codeql-pack.lock.yml b/c/common/src/codeql-pack.lock.yml index a7035a9f24..e7600d8458 100644 --- a/c/common/src/codeql-pack.lock.yml +++ b/c/common/src/codeql-pack.lock.yml @@ -2,7 +2,9 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.6 + version: 0.6.1 codeql/ssa: + version: 0.0.14 + codeql/tutorial: version: 0.0.7 compiled: false diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index df6a55604d..0cc49ed41f 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -3,4 +3,4 @@ version: 2.21.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.4.6 + codeql/cpp-all: 0.6.1 diff --git a/c/common/test/codeql-pack.lock.yml b/c/common/test/codeql-pack.lock.yml index a7035a9f24..e7600d8458 100644 --- a/c/common/test/codeql-pack.lock.yml +++ b/c/common/test/codeql-pack.lock.yml @@ -2,7 +2,9 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.6 + version: 0.6.1 codeql/ssa: + version: 0.0.14 + codeql/tutorial: version: 0.0.7 compiled: false diff --git a/c/misra/src/codeql-pack.lock.yml b/c/misra/src/codeql-pack.lock.yml index a7035a9f24..e7600d8458 100644 --- a/c/misra/src/codeql-pack.lock.yml +++ b/c/misra/src/codeql-pack.lock.yml @@ -2,7 +2,9 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.6 + version: 0.6.1 codeql/ssa: + version: 0.0.14 + codeql/tutorial: version: 0.0.7 compiled: false diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 947701e1e3..2ebe63474f 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -5,4 +5,4 @@ suites: codeql-suites license: MIT dependencies: codeql/common-c-coding-standards: '*' - codeql/cpp-all: 0.4.6 + codeql/cpp-all: 0.6.1 diff --git a/c/misra/test/codeql-pack.lock.yml b/c/misra/test/codeql-pack.lock.yml index a7035a9f24..e7600d8458 100644 --- a/c/misra/test/codeql-pack.lock.yml +++ b/c/misra/test/codeql-pack.lock.yml @@ -2,7 +2,9 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.6 + version: 0.6.1 codeql/ssa: + version: 0.0.14 + codeql/tutorial: version: 0.0.7 compiled: false diff --git a/cpp/autosar/src/codeql-pack.lock.yml b/cpp/autosar/src/codeql-pack.lock.yml index a7035a9f24..e7600d8458 100644 --- a/cpp/autosar/src/codeql-pack.lock.yml +++ b/cpp/autosar/src/codeql-pack.lock.yml @@ -2,7 +2,9 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.6 + version: 0.6.1 codeql/ssa: + version: 0.0.14 + codeql/tutorial: version: 0.0.7 compiled: false diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index abfd269968..9ca0db6501 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -5,4 +5,4 @@ suites: codeql-suites license: MIT dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.4.6 + codeql/cpp-all: 0.6.1 diff --git a/cpp/autosar/test/codeql-pack.lock.yml b/cpp/autosar/test/codeql-pack.lock.yml index a7035a9f24..e7600d8458 100644 --- a/cpp/autosar/test/codeql-pack.lock.yml +++ b/cpp/autosar/test/codeql-pack.lock.yml @@ -2,7 +2,9 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.6 + version: 0.6.1 codeql/ssa: + version: 0.0.14 + codeql/tutorial: version: 0.0.7 compiled: false diff --git a/cpp/cert/src/codeql-pack.lock.yml b/cpp/cert/src/codeql-pack.lock.yml index a7035a9f24..e7600d8458 100644 --- a/cpp/cert/src/codeql-pack.lock.yml +++ b/cpp/cert/src/codeql-pack.lock.yml @@ -2,7 +2,9 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.6 + version: 0.6.1 codeql/ssa: + version: 0.0.14 + codeql/tutorial: version: 0.0.7 compiled: false diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index 7c6a9bc84f..555cbbeb4f 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -4,5 +4,5 @@ description: CERT C++ 2016 suites: codeql-suites license: MIT dependencies: - codeql/cpp-all: 0.4.6 + codeql/cpp-all: 0.6.1 codeql/common-cpp-coding-standards: '*' diff --git a/cpp/cert/test/codeql-pack.lock.yml b/cpp/cert/test/codeql-pack.lock.yml index a7035a9f24..e7600d8458 100644 --- a/cpp/cert/test/codeql-pack.lock.yml +++ b/cpp/cert/test/codeql-pack.lock.yml @@ -2,7 +2,9 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.6 + version: 0.6.1 codeql/ssa: + version: 0.0.14 + codeql/tutorial: version: 0.0.7 compiled: false diff --git a/cpp/common/src/codeql-pack.lock.yml b/cpp/common/src/codeql-pack.lock.yml index a7035a9f24..e7600d8458 100644 --- a/cpp/common/src/codeql-pack.lock.yml +++ b/cpp/common/src/codeql-pack.lock.yml @@ -2,7 +2,9 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.6 + version: 0.6.1 codeql/ssa: + version: 0.0.14 + codeql/tutorial: version: 0.0.7 compiled: false diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index 6da60f7463..cf863c6b27 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/common-cpp-coding-standards version: 2.21.0-dev license: MIT dependencies: - codeql/cpp-all: 0.4.6 \ No newline at end of file + codeql/cpp-all: 0.6.1 \ No newline at end of file diff --git a/cpp/common/test/codeql-pack.lock.yml b/cpp/common/test/codeql-pack.lock.yml index a7035a9f24..e7600d8458 100644 --- a/cpp/common/test/codeql-pack.lock.yml +++ b/cpp/common/test/codeql-pack.lock.yml @@ -2,7 +2,9 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.6 + version: 0.6.1 codeql/ssa: + version: 0.0.14 + codeql/tutorial: version: 0.0.7 compiled: false diff --git a/cpp/misra/src/codeql-pack.lock.yml b/cpp/misra/src/codeql-pack.lock.yml index a7035a9f24..e7600d8458 100644 --- a/cpp/misra/src/codeql-pack.lock.yml +++ b/cpp/misra/src/codeql-pack.lock.yml @@ -2,7 +2,9 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.6 + version: 0.6.1 codeql/ssa: + version: 0.0.14 + codeql/tutorial: version: 0.0.7 compiled: false diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index 2aafabc604..c7f8ab947f 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -5,4 +5,4 @@ suites: codeql-suites license: MIT dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.4.6 + codeql/cpp-all: 0.6.1 diff --git a/cpp/misra/test/codeql-pack.lock.yml b/cpp/misra/test/codeql-pack.lock.yml index a7035a9f24..e7600d8458 100644 --- a/cpp/misra/test/codeql-pack.lock.yml +++ b/cpp/misra/test/codeql-pack.lock.yml @@ -2,7 +2,9 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.6 + version: 0.6.1 codeql/ssa: + version: 0.0.14 + codeql/tutorial: version: 0.0.7 compiled: false diff --git a/cpp/report/src/codeql-pack.lock.yml b/cpp/report/src/codeql-pack.lock.yml index a7035a9f24..e7600d8458 100644 --- a/cpp/report/src/codeql-pack.lock.yml +++ b/cpp/report/src/codeql-pack.lock.yml @@ -2,7 +2,9 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.6 + version: 0.6.1 codeql/ssa: + version: 0.0.14 + codeql/tutorial: version: 0.0.7 compiled: false diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index 18965af30b..7d639feaa6 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/report-cpp-coding-standards version: 2.21.0-dev license: MIT dependencies: - codeql/cpp-all: 0.4.6 + codeql/cpp-all: 0.6.1 From 91c5a927b60f24f8517c142cecfc7714d41a194b Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 16 Aug 2023 23:39:40 +0100 Subject: [PATCH 1182/2573] Update test output for 2.12.7. This is as a result of changes to reporting in the dataflow library. --- .../FIO32-C/DoNotPerformFileOperationsOnDevices.expected | 4 ---- 1 file changed, 4 deletions(-) diff --git a/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected b/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected index 33de96fdac..06bf56cf8a 100644 --- a/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected +++ b/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected @@ -1,13 +1,9 @@ edges -| test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | file_name indirection | | test.c:20:15:20:23 | scanf output argument | test.c:21:8:21:16 | file_name indirection | -| test.c:45:15:45:23 | file_name | test.c:46:29:46:37 | file_name indirection | | test.c:45:15:45:23 | scanf output argument | test.c:46:29:46:37 | file_name indirection | nodes -| test.c:20:15:20:23 | file_name | semmle.label | file_name | | test.c:20:15:20:23 | scanf output argument | semmle.label | scanf output argument | | test.c:21:8:21:16 | file_name indirection | semmle.label | file_name indirection | -| test.c:45:15:45:23 | file_name | semmle.label | file_name | | test.c:45:15:45:23 | scanf output argument | semmle.label | scanf output argument | | test.c:46:29:46:37 | file_name indirection | semmle.label | file_name indirection | subpaths From 14cb4ffd7aaaeefb8193209693ba22637e5dbee9 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 16 Aug 2023 23:43:09 +0100 Subject: [PATCH 1183/2573] Add change note. --- change_notes/2023-08-16-update-to-2.12.7.md | 1 + 1 file changed, 1 insertion(+) create mode 100644 change_notes/2023-08-16-update-to-2.12.7.md diff --git a/change_notes/2023-08-16-update-to-2.12.7.md b/change_notes/2023-08-16-update-to-2.12.7.md new file mode 100644 index 0000000000..b56574638a --- /dev/null +++ b/change_notes/2023-08-16-update-to-2.12.7.md @@ -0,0 +1 @@ + - Updated the supported CodeQL version to `2.12.7`. \ No newline at end of file From 2d0a6a64dd78ac0a0f379942e741c35d7ef480c1 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 17 Aug 2023 00:23:10 +0100 Subject: [PATCH 1184/2573] Format the QL files --- .../cpp/exceptions/SpecialFunctionExceptions.qll | 3 ++- .../src/codingstandards/cpp/sideeffect/DefaultEffects.qll | 3 ++- .../src/codingstandards/cpp/standardlibrary/Random.qll | 6 ++++-- 3 files changed, 8 insertions(+), 4 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/exceptions/SpecialFunctionExceptions.qll b/cpp/common/src/codingstandards/cpp/exceptions/SpecialFunctionExceptions.qll index 07a6fa32cb..c24cfee66d 100644 --- a/cpp/common/src/codingstandards/cpp/exceptions/SpecialFunctionExceptions.qll +++ b/cpp/common/src/codingstandards/cpp/exceptions/SpecialFunctionExceptions.qll @@ -36,7 +36,8 @@ class SpecialFunction extends Function { } /** A special function which throws an exception. */ -abstract class SpecialExceptionThrowingFunction extends ExceptionPathGraph::ExceptionThrowingFunction { +abstract class SpecialExceptionThrowingFunction extends ExceptionPathGraph::ExceptionThrowingFunction +{ SpecialExceptionThrowingFunction() { exists(getAFunctionThrownType(this, _)) } /** Gets a description for this exception throwing. */ diff --git a/cpp/common/src/codingstandards/cpp/sideeffect/DefaultEffects.qll b/cpp/common/src/codingstandards/cpp/sideeffect/DefaultEffects.qll index bb3fb7fad7..3302864e9c 100644 --- a/cpp/common/src/codingstandards/cpp/sideeffect/DefaultEffects.qll +++ b/cpp/common/src/codingstandards/cpp/sideeffect/DefaultEffects.qll @@ -16,7 +16,8 @@ private class ResourceReleaseCall extends ExternalSideEffect::Range { } private class DirectStaticStorageDurationVariableModification extends VariableEffect, - GlobalSideEffect::Range { + GlobalSideEffect::Range +{ DirectStaticStorageDurationVariableModification() { this.getTarget() instanceof StaticStorageDurationVariable } diff --git a/cpp/common/src/codingstandards/cpp/standardlibrary/Random.qll b/cpp/common/src/codingstandards/cpp/standardlibrary/Random.qll index 9fc23cfb5a..5bcdf3a739 100644 --- a/cpp/common/src/codingstandards/cpp/standardlibrary/Random.qll +++ b/cpp/common/src/codingstandards/cpp/standardlibrary/Random.qll @@ -54,7 +54,8 @@ class RandomNumberEngineCreation extends TRandomNumberEngineCreation { * A `ConstructorCall` which targets a `RandomNumberEngine`. */ class RandomNumberEngineConstructorCall extends TRandomNumberEngineConstructorCall, - RandomNumberEngineCreation { + RandomNumberEngineCreation +{ ConstructorCall getConstructorCall() { this = TRandomNumberEngineConstructorCall(result) } override Element getExclusionElement() { result = getConstructorCall() } @@ -82,7 +83,8 @@ class RandomNumberEngineConstructorCall extends TRandomNumberEngineConstructorCa * This is because no `ConstructorCall`s are generated in this case. */ class RandomNumberEngineMemberVariableDefaultInit extends TRandomNumberEngineMemberVariableDefaultInit, - RandomNumberEngineCreation { + RandomNumberEngineCreation +{ MemberVariable getMemberVariable() { this = TRandomNumberEngineMemberVariableDefaultInit(result, _) } From 8eb193a868902db57964fbbd2e220f131ae87aed Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 17 Aug 2023 00:23:30 +0100 Subject: [PATCH 1185/2573] Update generate_modules qlpack, and update script. --- scripts/generate_modules/queries/codeql-pack.lock.yml | 4 +++- scripts/generate_modules/queries/qlpack.yml | 2 +- scripts/update_codeql_dependency.sh | 4 ++-- 3 files changed, 6 insertions(+), 4 deletions(-) diff --git a/scripts/generate_modules/queries/codeql-pack.lock.yml b/scripts/generate_modules/queries/codeql-pack.lock.yml index a7035a9f24..e7600d8458 100644 --- a/scripts/generate_modules/queries/codeql-pack.lock.yml +++ b/scripts/generate_modules/queries/codeql-pack.lock.yml @@ -2,7 +2,9 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.6 + version: 0.6.1 codeql/ssa: + version: 0.0.14 + codeql/tutorial: version: 0.0.7 compiled: false diff --git a/scripts/generate_modules/queries/qlpack.yml b/scripts/generate_modules/queries/qlpack.yml index e3e1783997..d531a0df30 100644 --- a/scripts/generate_modules/queries/qlpack.yml +++ b/scripts/generate_modules/queries/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/standard-library-extraction-cpp-coding-standards version: 0.0.0 license: MIT dependencies: - codeql/cpp-all: 0.4.6 + codeql/cpp-all: 0.6.1 diff --git a/scripts/update_codeql_dependency.sh b/scripts/update_codeql_dependency.sh index 9a2a7ca3d5..60f08415cf 100755 --- a/scripts/update_codeql_dependency.sh +++ b/scripts/update_codeql_dependency.sh @@ -10,9 +10,9 @@ fi echo "Updating CodeQL dependency $1 to $2." # update the qlpacks -find . -name 'qlpack.yml' | grep -v './codeql_modules' | grep -v './scripts' | xargs sed -i -r "s#${1}: [^\s]+#${1}: ${2}#" +find . -name 'qlpack.yml' | grep -v './codeql_modules' | xargs sed -i -r "s#${1}: [^\s]+#${1}: ${2}#" # update the lock files -find . -name 'codeql-pack.lock.yml' | grep -v './codeql_modules' | grep -v './scripts' | xargs sed -i -r -z "s#${1}:\n(\s*)version: [^\s]+\n#${1}:\n\1version: ${2}\n#" +find . -name 'codeql-pack.lock.yml' | grep -v './codeql_modules' | xargs sed -i -r -z "s#${1}:\n(\s*)version: [^\s]+\n#${1}:\n\1version: ${2}\n#" echo "Done." \ No newline at end of file From 1cc7e8b12893feab25417395fbc9a6fae3f2eb5c Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 17 Aug 2023 10:08:45 +0100 Subject: [PATCH 1186/2573] Format OutOfBounds.qll --- c/common/src/codingstandards/c/OutOfBounds.qll | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/c/common/src/codingstandards/c/OutOfBounds.qll b/c/common/src/codingstandards/c/OutOfBounds.qll index 33f1e9cd39..044528d798 100644 --- a/c/common/src/codingstandards/c/OutOfBounds.qll +++ b/c/common/src/codingstandards/c/OutOfBounds.qll @@ -712,7 +712,8 @@ module OOB { } private class DynamicAllocationSource extends PointerToObjectSource instanceof AllocationExpr, - FunctionCall { + FunctionCall + { DynamicAllocationSource() { // exclude OperatorNewAllocationFunction to only deal with raw malloc-style calls, // which do not apply a multiple to the size of the allocation passed to them. @@ -905,7 +906,8 @@ module OOB { override predicate isNotNullTerminated() { none() } } - private class PointerToObjectSourceOrSizeToBufferAccessFunctionConfig extends DataFlow::Configuration { + private class PointerToObjectSourceOrSizeToBufferAccessFunctionConfig extends DataFlow::Configuration + { PointerToObjectSourceOrSizeToBufferAccessFunctionConfig() { this = "PointerToObjectSourceOrSizeToBufferAccessFunctionConfig" } From afc027bea4dcc451c50423077e31ddef595af409 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 20 Aug 2023 23:58:39 +0100 Subject: [PATCH 1187/2573] A15-2-2: Address cartesian product Missing target call in DeletedExpr. --- .../A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql b/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql index 47a4e86c19..f2c61de5f4 100644 --- a/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql +++ b/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql @@ -53,10 +53,13 @@ class NewWrapperFunction extends Function { /** An expression on which `delete` is called, directly or indirectly. */ class DeletedExpr extends Expr { + pragma[noinline, nomagic] DeletedExpr() { - this = any(DeleteExpr deleteExpr).getExpr() or + this = any(DeleteExpr deleteExpr).getExpr() + or exists(DeleteWrapperFunction dwf, FunctionCall call | - this = call.getArgument(dwf.getADeleteParameter().getIndex()) + this = call.getArgument(dwf.getADeleteParameter().getIndex()) and + call.getTarget() = dwf ) } } From e428a8cbf0fdec3aa2222c526efc0082b6dbbc00 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Mon, 21 Aug 2023 16:30:15 +0200 Subject: [PATCH 1188/2573] Update STR31-C and STR32-C test result The C/C++ extractor now correctly outputs the correct string with which an array is being initialized. --- ...HasSufficientSpaceForTheNullTerminator.expected | 2 +- ...TerminatedToFunctionThatExpectsAString.expected | 14 +++++++------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.expected b/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.expected index b32aa0314a..1d6ec5445f 100644 --- a/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.expected +++ b/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.expected @@ -4,7 +4,7 @@ WARNING: Module DataFlow has been deprecated and may be removed in future (/home WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql:63,54-62) WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql:57,5-18) WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql:63,5-18) -| test.c:10:20:10:24 | Co | Expression produces or consumes a string that may not have sufficient space for a null-terminator. | +| test.c:10:20:10:24 | Cod | Expression produces or consumes a string that may not have sufficient space for a null-terminator. | | test.c:16:3:16:9 | call to strncpy | Expression produces or consumes a string that may not have sufficient space for a null-terminator. | | test.c:26:3:26:10 | call to snprintf | Expression produces or consumes a string that may not have sufficient space for a null-terminator. | | test.c:32:3:32:9 | call to strncat | Expression produces or consumes a string that may not have sufficient space for a null-terminator. | diff --git a/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected b/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected index 55ac2ecc66..00757ca722 100644 --- a/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected +++ b/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected @@ -7,19 +7,19 @@ WARNING: Module DataFlow has been deprecated and may be removed in future (/home WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql:55,7-20) WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql:61,7-20) WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql:69,5-18) -| test.c:19:3:19:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:7:20:7:24 | Co | this expression | -| test.c:20:3:20:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:7:20:7:24 | Co | this expression | +| test.c:19:3:19:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:7:20:7:24 | Cod | this expression | +| test.c:20:3:20:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:7:20:7:24 | Cod | this expression | | test.c:22:3:22:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:13:3:13:9 | call to strncpy | this expression | | test.c:23:3:23:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:13:3:13:9 | call to strncpy | this expression | | test.c:24:3:24:8 | call to strlen | String modified by $@ is passed to function expecting a null-terminated string. | test.c:13:3:13:9 | call to strncpy | this expression | -| test.c:33:3:33:9 | call to wprintf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:30:24:30:29 | Co | this expression | +| test.c:33:3:33:9 | call to wprintf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:30:24:30:29 | Cod | this expression | | test.c:46:3:46:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:41:3:41:10 | call to snprintf | this expression | | test.c:47:3:47:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:41:3:41:10 | call to snprintf | this expression | | test.c:55:3:55:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:53:3:53:9 | call to strncat | this expression | | test.c:56:3:56:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:53:3:53:9 | call to strncat | this expression | -| test.c:62:3:62:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:60:20:60:24 | Co | this expression | -| test.c:63:3:63:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:60:20:60:24 | Co | this expression | -| test.c:75:3:75:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:72:20:72:24 | Co | this expression | -| test.c:76:3:76:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:72:20:72:24 | Co | this expression | +| test.c:62:3:62:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:60:20:60:24 | Cod | this expression | +| test.c:63:3:63:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:60:20:60:24 | Cod | this expression | +| test.c:75:3:75:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:72:20:72:24 | Cod | this expression | +| test.c:76:3:76:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:72:20:72:24 | Cod | this expression | | test.c:85:3:85:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:83:3:83:9 | call to strncpy | this expression | | test.c:86:3:86:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:83:3:83:9 | call to strncpy | this expression | From d99a94cb6360e032536aa676db1c0df0cc43189f Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 22 Aug 2023 12:30:34 -0700 Subject: [PATCH 1189/2573] Add python script to upgrade CodeQL supported environment --- .../requirements.txt | 6 ++ .../upgrade-codeql-dependencies.py | 81 +++++++++++++++++++ 2 files changed, 87 insertions(+) create mode 100644 scripts/upgrade-codeql-dependencies/requirements.txt create mode 100644 scripts/upgrade-codeql-dependencies/upgrade-codeql-dependencies.py diff --git a/scripts/upgrade-codeql-dependencies/requirements.txt b/scripts/upgrade-codeql-dependencies/requirements.txt new file mode 100644 index 0000000000..51cdfea505 --- /dev/null +++ b/scripts/upgrade-codeql-dependencies/requirements.txt @@ -0,0 +1,6 @@ +certifi==2023.7.22 +charset-normalizer==3.2.0 +idna==3.4 +requests==2.31.0 +semantic-version==2.10.0 +urllib3==2.0.4 diff --git a/scripts/upgrade-codeql-dependencies/upgrade-codeql-dependencies.py b/scripts/upgrade-codeql-dependencies/upgrade-codeql-dependencies.py new file mode 100644 index 0000000000..e818cb2a12 --- /dev/null +++ b/scripts/upgrade-codeql-dependencies/upgrade-codeql-dependencies.py @@ -0,0 +1,81 @@ +import json +import requests +from typing import Optional, Dict, List +from semantic_version import Version +from pathlib import Path + +SCRIPT_PATH = Path(__file__) +SUPPORTED_VERSIONS_PATH = SCRIPT_PATH.parent.parent.parent / "supported_codeql_configs.json" + +def get_compatible_stdlib(version: Version) -> Optional[str]: + tag = f"codeql-cli/v{version}" + response = requests.get(f"https://raw.githubusercontent.com/github/codeql/{tag}/cpp/ql/lib/qlpack.yml") + + if response.status_code == 200: + return tag + return None + +def get_compatible_bundle(version: Version, token: str) -> Optional[str]: + tag = f"codeql-bundle-v{version}" + response = requests.get(f"https://api.github.com/repos/github/codeql-action/releases/tags/{tag}", headers={ + "Accept": "application/vnd.github+json", + "Authorization": f"Bearer {token}", + "X-GitHub-Api-Version": "2022-11-28" + }) + + if response.status_code == 200: + return tag + return None + +def main(cli_version : str, github_token: str) -> None: + try: + parsed_cli_version = Version(cli_version) + compatible_stdlib = get_compatible_stdlib(parsed_cli_version) + if compatible_stdlib is None: + print(f"Unable to find compatible standard library for: {parsed_cli_version}") + exit(1) + compatible_bundle = get_compatible_bundle(parsed_cli_version, github_token) + if compatible_bundle is None: + print(f"Unable to find compatible bundle for: {parsed_cli_version}") + exit(1) + + with SUPPORTED_VERSIONS_PATH.open("r") as f: + supported_versions = json.load(f) + with SUPPORTED_VERSIONS_PATH.open("w") as f: + supported_envs: List[Dict[str, str]] = supported_versions["supported_environment"] + if len(supported_envs) != 1: + print("Expected exactly one supported environment, cannot upgrade!") + exit(1) + supported_env = supported_envs[0] + supported_env["codeql_cli"] = str(parsed_cli_version) + supported_env["codeql_cli_bundle"] = compatible_bundle + supported_env["codeql_standard_library"] = compatible_stdlib + + json.dump(supported_versions, f, indent=2) + except ValueError as e: + print(e) + exit(1) + +if __name__ == '__main__': + import sys + import argparse + import os + + parser = argparse.ArgumentParser(description='Upgrade CodeQL dependencies') + + parser.add_argument('--cli-version', type=str, required=True, help='CodeQL CLI version') + parser.add_argument('--github-auth-stdin', action='store_true', help='CodeQL bundle version') + + args = parser.parse_args() + if args.github_auth_stdin: + token = sys.stdin.read() + else: + if "GITHUB_TOKEN" not in os.environ: + print("GITHUB_TOKEN environment variable not set") + exit(1) + token = os.environ["GITHUB_TOKEN"] + + main(args.cli_version, token) + + + From 0078753c406a9e88b87f1f55d8ca9f5b2f669789 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 22 Aug 2023 12:38:01 -0700 Subject: [PATCH 1190/2573] Replace jq with Python script This simplifies the workflow by only requiring a CodeQL CLI version. The Python script automatically determines a compatible standard library commit and bundle tag. This sacrifices flexibility for correctness, since we can no longer independently specify the the other values. --- .../workflows/upgrade_codeql_dependencies.yml | 25 ++++++++++--------- 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/.github/workflows/upgrade_codeql_dependencies.yml b/.github/workflows/upgrade_codeql_dependencies.yml index b06ec6f49c..6474aaffb7 100644 --- a/.github/workflows/upgrade_codeql_dependencies.yml +++ b/.github/workflows/upgrade_codeql_dependencies.yml @@ -7,10 +7,6 @@ on: description: | The version of the CodeQL CLI to be set as the default. required: true - codeql_standard_library_commit: - description: | - The tag or commit to use from the CodeQL Standard Library - required: true env: XARGS_MAX_PROCS: 4 @@ -19,20 +15,25 @@ jobs: say_hello: env: CODEQL_CLI_VERSION: ${{ github.event.inputs.codeql_cli_version }} - CODEQL_LIB_COMMIT: ${{ github.event.inputs.codeql_standard_library_commit }} runs-on: ubuntu-22.04 steps: - name: Checkout uses: actions/checkout@v2 + - name: Install Python + uses: actions/setup-python@v4 + with: + python-version: "3.9" + + - name: Install upgrade-codeql-dependencies.py dependencies + run: pip install -r scripts/upgrade-codeql-dependencies/requirements.txt + - name: Update the supported environment + env: + GITHUB_TOKEN: ${{ github.token }} + CODEQL_CLI_VERSION: ${{ github.event.inputs.codeql_cli_version }} run: | - jq \ - --arg cli_version "$CODEQL_CLI_VERSION" \ - --arg standard_library_commit "$CODEQL_LIB_COMMIT" \ - --raw-output \ - '.supported_environment | .[0] | .codeql_cli = $cli_version | .codeql_standard_library = $standard_library_commit' \ - supported_codeql_configs.json + scripts/upgrade-codeql-dependencies/upgrade_codeql_dependencies.py --cli-version "$CODEQL_CLI_VERSION" - name: Fetch CodeQL env: @@ -54,4 +55,4 @@ jobs: commit-message: "Upgrading `github/codeql` dependency to ${{ github.event.inputs.codeql_standard_library_commit }}" team-reviewers: github/codeql-coding-standards delete-branch: true - branch: "codeql/upgrade-to-${{ github.event.inputs.codeql_standard_library_commit }}-${{ github.event.inputs.codeql_cli_version }}" + branch: "codeql/upgrade-to-${{ github.event.inputs.codeql_cli_version }}" From eef430c9c3d6640f1480363633638da62072b99b Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Wed, 23 Aug 2023 13:39:09 +0900 Subject: [PATCH 1191/2573] Fixes issue no. 121 --- ...3-06-28-unused-local-function-use-cases.md | 1 + .../src/rules/A0-1-3/UnusedLocalFunction.ql | 55 +++++++++++++++- cpp/autosar/test/rules/A0-1-3/test.cpp | 64 ++++++++++++++++++- 3 files changed, 118 insertions(+), 2 deletions(-) create mode 100644 change_notes/2023-06-28-unused-local-function-use-cases.md diff --git a/change_notes/2023-06-28-unused-local-function-use-cases.md b/change_notes/2023-06-28-unused-local-function-use-cases.md new file mode 100644 index 0000000000..452b9f8d5e --- /dev/null +++ b/change_notes/2023-06-28-unused-local-function-use-cases.md @@ -0,0 +1 @@ + - Considered use cases mentioned on issue [121](https://github.com/github/codeql-coding-standards/issues/121) while reporting a local function as "unused". diff --git a/cpp/autosar/src/rules/A0-1-3/UnusedLocalFunction.ql b/cpp/autosar/src/rules/A0-1-3/UnusedLocalFunction.ql index 013047256a..6551b184e1 100644 --- a/cpp/autosar/src/rules/A0-1-3/UnusedLocalFunction.ql +++ b/cpp/autosar/src/rules/A0-1-3/UnusedLocalFunction.ql @@ -19,6 +19,44 @@ import codingstandards.cpp.autosar import codingstandards.cpp.DynamicCallGraph import codingstandards.cpp.deadcode.UnusedFunctions +/** Checks if a function call exists to the function + * passed in the arguments. + */ +predicate isCalled(Function unusedFunction) { + exists (FunctionCall f | unusedFunction.getACallToThisFunction() = f) +} + +/** Checks if an overloaded function of + * the function passed in the arguments, is called. + */ +predicate overloadedFunctionIsCalled(Function unusedFunction) { + exists (Function f | f = unusedFunction.getAnOverload*() and isCalled(f)) + or + unusedFunction.getNamespace().isAnonymous() and + exists (TopLevelFunction overloadedFunction | + overloadedFunction != unusedFunction and + ((overloadedFunction.getName() = unusedFunction.getName()) or + (overloadedFunction.getQualifiedName() = + unusedFunction.getQualifiedName())) + ) +} + +/** Checks if a Function is part of an unevaluated context. */ +predicate partOfUnevalutedContexts(Function unusedFunction) { + exists (Expr e, FunctionCall f | ((e instanceof TypeidOperator or + e instanceof SizeofOperator or + e instanceof NoExceptExpr) and + e.getAChild*() = f and f.getTarget() = unusedFunction + ) + ) +} + +/** Checks if a Function's address was taken. */ +predicate addressBeenTaken(Function unusedFunction) +{ + exists (FunctionAccess fa | fa.getTarget() = unusedFunction) +} + /** A `Function` nested in an anonymous namespace. */ class AnonymousNamespaceFunction extends Function { AnonymousNamespaceFunction() { getNamespace().getParentNamespace*().isAnonymous() } @@ -75,7 +113,22 @@ where // There exists an instantiation which is called functionFromInstantiatedTemplate.isConstructedFrom(functionFromUninstantiatedTemplate) and functionFromInstantiatedTemplate = getTarget(_) - ) and + ) + and + // A function is defined as "used" if any one of the following holds true: + // - It's an explicitly deleted functions e.g. =delete + // - It's annotated as "[[maybe_unused]]" + // - It's part of an overloaded set and any one of the overloaded instance + // is called. + // - It's an operand of an expression in an unevaluated context. + ( + not unusedLocalFunction.isDeleted() and + not unusedLocalFunction.getAnAttribute().getName() = "maybe_unused" and + not overloadedFunctionIsCalled(unusedLocalFunction) and + not addressBeenTaken(unusedLocalFunction) and + not partOfUnevalutedContexts(unusedLocalFunction) + ) + and // Get a printable name ( if exists(unusedLocalFunction.getQualifiedName()) diff --git a/cpp/autosar/test/rules/A0-1-3/test.cpp b/cpp/autosar/test/rules/A0-1-3/test.cpp index a23fbb9545..d593d0ab46 100644 --- a/cpp/autosar/test/rules/A0-1-3/test.cpp +++ b/cpp/autosar/test/rules/A0-1-3/test.cpp @@ -85,4 +85,66 @@ namespace bar { void h3() {} // NON_COMPLIANT } // namespace bar } // namespace foo -} // namespace \ No newline at end of file +} // namespace + + + +static int unevaluatedContextFn(int x) { x++; return x; } // COMPLIANT - called in an unevaluated context. +#include +static int unevalContextCaller() // COMPLIANT - address taken +{ + + typeid(unevaluatedContextFn(0)); + sizeof(unevaluatedContextFn(1)); + noexcept(unevaluatedContextFn(2)); + decltype(unevaluatedContextFn(2)) n = 42; + return 0; +} +int (* ptr_unevalContextCaller)(void) = unevalContextCaller; + + +class X { +private: + [[maybe_unused]] void maybeUnused(); + void deleted() = delete; // COMPLIANT - Deleted Function +}; + +void X::maybeUnused() {} // COMPLIANT - [[maybe_unused]] + +static int overload1(int c) // COMPLIANT - called +{ + return ++c; +} + +static int overload1(int c, int d) // COMPLAINT - overload1(int) is called. +{ + return c+d; +} + +namespace +{ + float overload1(int c, float d) // COMPLAINT - overload1(int) is called. + { + return c+d; + } +} + +int overload = overload1(5); + +class classWithOverloads +{ + public: + int caller(int x) + { + return overloadMember(x,0); + } + private: + int overloadMember(int c) // COMPLAINT - overloadMember(int, int) is called. + { + return ++c; + } + int overloadMember(int c, int d) // COMPLAINT - called. + { + return c+d; + } +}; From 802e6cdd78d0399947b15eac1d8c43c68a199d6f Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Wed, 23 Aug 2023 14:36:24 +0900 Subject: [PATCH 1192/2573] Fix for A5-1-3 false positives --- change_notes/2023-07-11-lambda-expr-without-param-list.md | 1 + .../src/rules/A5-1-3/LambdaExpressionWithoutParameterList.ql | 4 ++++ 2 files changed, 5 insertions(+) create mode 100644 change_notes/2023-07-11-lambda-expr-without-param-list.md diff --git a/change_notes/2023-07-11-lambda-expr-without-param-list.md b/change_notes/2023-07-11-lambda-expr-without-param-list.md new file mode 100644 index 0000000000..4a5b4cf5ad --- /dev/null +++ b/change_notes/2023-07-11-lambda-expr-without-param-list.md @@ -0,0 +1 @@ + - Only consider lambdas that have zero arguments, since any lambda with non-zero arguments will have an explicit argument list. diff --git a/cpp/autosar/src/rules/A5-1-3/LambdaExpressionWithoutParameterList.ql b/cpp/autosar/src/rules/A5-1-3/LambdaExpressionWithoutParameterList.ql index 4583f8675e..db39a62d8e 100644 --- a/cpp/autosar/src/rules/A5-1-3/LambdaExpressionWithoutParameterList.ql +++ b/cpp/autosar/src/rules/A5-1-3/LambdaExpressionWithoutParameterList.ql @@ -21,6 +21,10 @@ where not isExcluded(lambda, LambdasPackage::lambdaExpressionWithoutParameterListQuery()) and lambdaFunction = lambda.getLambdaFunction() and not lambdaFunction.isAffectedByMacro() and + // If it has a parameter, then it will have an + // explicit parameter list. Therefore, proceed to check only if the lambda + // does not have any parameters. + not exists (lambdaFunction.getAParameter()) and // The extractor doesn't store the syntactic information whether the parameter list // is enclosed in parenthesis. Therefore we cannot determine if the parameter list is // explicitly specified when the parameter list is empty. From 5ecee7e0c1d7cddeb672ed957f040cc190c4fb74 Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Wed, 23 Aug 2023 15:36:58 +0900 Subject: [PATCH 1193/2573] Fixes false positives for M0-1-3. --- .../2023-07-26-unused-local-variable.md | 1 + .../src/rules/M0-1-3/UnusedLocalVariable.ql | 28 ++++++++++++++++++ cpp/autosar/test/rules/M0-1-3/test.cpp | 22 +++++++++++++- rule_packages/cpp/Templates.json | 29 ++++++++++++++++++- 4 files changed, 78 insertions(+), 2 deletions(-) create mode 100644 change_notes/2023-07-26-unused-local-variable.md diff --git a/change_notes/2023-07-26-unused-local-variable.md b/change_notes/2023-07-26-unused-local-variable.md new file mode 100644 index 0000000000..1399475cd7 --- /dev/null +++ b/change_notes/2023-07-26-unused-local-variable.md @@ -0,0 +1 @@ + - Consider constexpr variables used in template instantiations as "used". diff --git a/cpp/autosar/src/rules/M0-1-3/UnusedLocalVariable.ql b/cpp/autosar/src/rules/M0-1-3/UnusedLocalVariable.ql index 50aa5ea919..d97d1d1abc 100644 --- a/cpp/autosar/src/rules/M0-1-3/UnusedLocalVariable.ql +++ b/cpp/autosar/src/rules/M0-1-3/UnusedLocalVariable.ql @@ -18,9 +18,37 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.deadcode.UnusedVariables +/** Gets the constant value of a constexpr variable. */ +private string getConstExprValue(Variable v) { + result = v.getInitializer().getExpr().getValue() and + v.isConstexpr() +} + +// This predicate is similar to getUseCount for M0-1-4 except that it also +// considers static_asserts. This was created to cater for M0-1-3 specifically +// and hence, doesn't attempt to reuse the M0-1-4 specific predicate +// - getUseCount() +int getUseCountConservatively(Variable v) { + result = + count(VariableAccess access | access = v.getAnAccess() and not access.isCompilerGenerated()) + + count(UserProvidedConstructorFieldInit cfi | cfi.getTarget() = v) + + // For constexpr variables used as template arguments, we don't see accesses (just the + // appropriate literals). We therefore take a conservative approach and count the number of + // template instantiations that use the given constant, and consider each one to be a use + // of the variable + count(ClassTemplateInstantiation cti | + cti.getTemplateArgument(_).(Expr).getValue() = getConstExprValue(v) + ) + // For static asserts too, check if there is a child which has the same value + // as the constexpr variable. + + count(StaticAssert s | + s.getCondition().getAChild*().getValue() = getConstExprValue(v)) +} + from PotentiallyUnusedLocalVariable v where not isExcluded(v, DeadCodePackage::unusedLocalVariableQuery()) and // Local variable is never accessed not exists(v.getAnAccess()) + and getUseCountConservatively(v) = 0 select v, "Local variable " + v.getName() + " in " + v.getFunction().getName() + " is not used." diff --git a/cpp/autosar/test/rules/M0-1-3/test.cpp b/cpp/autosar/test/rules/M0-1-3/test.cpp index 7729371e5e..76848759e4 100644 --- a/cpp/autosar/test/rules/M0-1-3/test.cpp +++ b/cpp/autosar/test/rules/M0-1-3/test.cpp @@ -44,4 +44,24 @@ void test_side_effect_init() { LA a; // NON_COMPLIANT - no constructor called LC c; // COMPLIANT - constructor called which is considered to potentially // have side effects -} \ No newline at end of file +} + +#include +template +class CharBuffer +{ + public: + int member[t]; + CharBuffer():member{0}{} +}; + +int foo() +{ + constexpr int line_length = 1024U; + CharBuffer buffer{}; + constexpr std::size_t max_stack_size_usage = 64 * 1024; + static_assert( + (sizeof(buffer) + sizeof(line_length)) <= max_stack_size_usage, + "assert"); + return buffer.member[0]; +} diff --git a/rule_packages/cpp/Templates.json b/rule_packages/cpp/Templates.json index faf3c67155..aaef75e009 100644 --- a/rule_packages/cpp/Templates.json +++ b/rule_packages/cpp/Templates.json @@ -190,6 +190,33 @@ } ], "title": "In a class template with a dependent base, any name that may be found in that dependent base shall be referred to using a qualified-id or this->." + }, + "M0-1-3": { + "properties": { + "allocated-target": [ + "implementation" + ], + "enforcement": "automated", + "obligation": "required" + }, + "queries": [ + { + "description": "Unused variables complicate the program and can indicate a possible mistake on the part of the programmer.", + "kind": "problem", + "name": "A project shall not contain unused local variables", + "precision": "very-high", + "severity": "warning", + "short_name": "UnusedLocalVariable", + "tags": [ + "maintainability", + "readability" + ], + "implementation_scope": { + "description": "In limited cases, this query can raise false-positives for variables that are defined as constexpr and used in an expression to instantiate a template." + } + } + ], + "title": "A project shall not contain unused local variables." } } -} \ No newline at end of file +} From e6c25d370a5949d74fd1c0603cf4709051857695 Mon Sep 17 00:00:00 2001 From: Rakesh Pothengil <122329100+rak3-sh@users.noreply.github.com> Date: Wed, 30 Aug 2023 09:52:45 +0900 Subject: [PATCH 1194/2573] Apply suggestions from code review Co-authored-by: Luke Cartey <5377966+lcartey@users.noreply.github.com> --- change_notes/2023-07-26-unused-local-variable.md | 2 +- cpp/autosar/src/rules/M0-1-3/UnusedLocalVariable.ql | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/change_notes/2023-07-26-unused-local-variable.md b/change_notes/2023-07-26-unused-local-variable.md index 1399475cd7..1f71a5b67f 100644 --- a/change_notes/2023-07-26-unused-local-variable.md +++ b/change_notes/2023-07-26-unused-local-variable.md @@ -1 +1 @@ - - Consider constexpr variables used in template instantiations as "used". + - `M0-1-3` - Consider constexpr variables used in template instantiations as "used". diff --git a/cpp/autosar/src/rules/M0-1-3/UnusedLocalVariable.ql b/cpp/autosar/src/rules/M0-1-3/UnusedLocalVariable.ql index d97d1d1abc..3b93402261 100644 --- a/cpp/autosar/src/rules/M0-1-3/UnusedLocalVariable.ql +++ b/cpp/autosar/src/rules/M0-1-3/UnusedLocalVariable.ql @@ -30,7 +30,7 @@ private string getConstExprValue(Variable v) { // - getUseCount() int getUseCountConservatively(Variable v) { result = - count(VariableAccess access | access = v.getAnAccess() and not access.isCompilerGenerated()) + count(VariableAccess access | access = v.getAnAccess()) + count(UserProvidedConstructorFieldInit cfi | cfi.getTarget() = v) + // For constexpr variables used as template arguments, we don't see accesses (just the // appropriate literals). We therefore take a conservative approach and count the number of From da7e015732df3533cc16913abd868b2cfbd03082 Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Wed, 30 Aug 2023 11:19:06 +0900 Subject: [PATCH 1195/2573] Added test and moved implementation_scope text --- cpp/autosar/test/rules/M0-1-3/test.cpp | 31 +++++++++++++++++++++----- rule_packages/cpp/DeadCode.json | 7 ++++-- rule_packages/cpp/Templates.json | 27 ---------------------- 3 files changed, 30 insertions(+), 35 deletions(-) diff --git a/cpp/autosar/test/rules/M0-1-3/test.cpp b/cpp/autosar/test/rules/M0-1-3/test.cpp index 76848759e4..80122d2e14 100644 --- a/cpp/autosar/test/rules/M0-1-3/test.cpp +++ b/cpp/autosar/test/rules/M0-1-3/test.cpp @@ -47,6 +47,7 @@ void test_side_effect_init() { } #include +#include template class CharBuffer { @@ -55,13 +56,31 @@ class CharBuffer CharBuffer():member{0}{} }; -int foo() +int test_constexpr_in_template_inst() { - constexpr int line_length = 1024U; + constexpr int line_length = 1024U; // COMPLIANT - used in template inst. + // of buffer. CharBuffer buffer{}; - constexpr std::size_t max_stack_size_usage = 64 * 1024; - static_assert( - (sizeof(buffer) + sizeof(line_length)) <= max_stack_size_usage, - "assert"); return buffer.member[0]; } + +enum DataType : unsigned char { + int8, + int16, +}; + +template +int test_constexpr_in_static_assert() +{ + const std::array lldts {int8}; + const std::array llams {int16}; + constexpr std::size_t mssu = 64 * 1024; // COMPLIANT - used in static assert. + static_assert((sizeof(lldts) + sizeof(llams)) <= mssu, "assert"); + return 0; +} + +int baz() +{ + test_constexpr_in_static_assert(); + return 0; +} diff --git a/rule_packages/cpp/DeadCode.json b/rule_packages/cpp/DeadCode.json index f322f5b0a7..53d6b41aa5 100644 --- a/rule_packages/cpp/DeadCode.json +++ b/rule_packages/cpp/DeadCode.json @@ -238,7 +238,10 @@ "tags": [ "readability", "maintainability" - ] + ], + "implementation_scope": { + "description": "In limited cases, this query can raise false-positives for variables that are defined as constexpr and used in an expression to instantiate a template." + } }, { "description": "Unused variables complicate the program and can indicate a possible mistake on the part of the programmer.", @@ -344,4 +347,4 @@ "title": "There shall be no dead code." } } -} \ No newline at end of file +} diff --git a/rule_packages/cpp/Templates.json b/rule_packages/cpp/Templates.json index aaef75e009..006f81bda6 100644 --- a/rule_packages/cpp/Templates.json +++ b/rule_packages/cpp/Templates.json @@ -190,33 +190,6 @@ } ], "title": "In a class template with a dependent base, any name that may be found in that dependent base shall be referred to using a qualified-id or this->." - }, - "M0-1-3": { - "properties": { - "allocated-target": [ - "implementation" - ], - "enforcement": "automated", - "obligation": "required" - }, - "queries": [ - { - "description": "Unused variables complicate the program and can indicate a possible mistake on the part of the programmer.", - "kind": "problem", - "name": "A project shall not contain unused local variables", - "precision": "very-high", - "severity": "warning", - "short_name": "UnusedLocalVariable", - "tags": [ - "maintainability", - "readability" - ], - "implementation_scope": { - "description": "In limited cases, this query can raise false-positives for variables that are defined as constexpr and used in an expression to instantiate a template." - } - } - ], - "title": "A project shall not contain unused local variables." } } } From 65b70abb8a29b0501a88559b31aab08b399b1045 Mon Sep 17 00:00:00 2001 From: Rakesh Pothengil <122329100+rak3-sh@users.noreply.github.com> Date: Wed, 30 Aug 2023 11:28:32 +0900 Subject: [PATCH 1196/2573] Update change_notes/2023-07-11-lambda-expr-without-param-list.md As per review comment. Co-authored-by: Luke Cartey <5377966+lcartey@users.noreply.github.com> --- change_notes/2023-07-11-lambda-expr-without-param-list.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/change_notes/2023-07-11-lambda-expr-without-param-list.md b/change_notes/2023-07-11-lambda-expr-without-param-list.md index 4a5b4cf5ad..d5f50e6853 100644 --- a/change_notes/2023-07-11-lambda-expr-without-param-list.md +++ b/change_notes/2023-07-11-lambda-expr-without-param-list.md @@ -1 +1 @@ - - Only consider lambdas that have zero arguments, since any lambda with non-zero arguments will have an explicit argument list. + - `A5-1-3` - Only consider lambdas that have zero arguments, since any lambda with non-zero arguments will have an explicit argument list. From a7dd290a650f9997c97763680bbbb8fa3574e0db Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Wed, 30 Aug 2023 11:36:51 +0900 Subject: [PATCH 1197/2573] Updated test --- cpp/autosar/test/rules/A5-1-3/test.cpp | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A5-1-3/test.cpp b/cpp/autosar/test/rules/A5-1-3/test.cpp index cca6898710..50a041e925 100644 --- a/cpp/autosar/test/rules/A5-1-3/test.cpp +++ b/cpp/autosar/test/rules/A5-1-3/test.cpp @@ -28,4 +28,12 @@ void test() { l1 += 1; }; // clang-format on -} \ No newline at end of file +} + +#define PARAM_MACRO [](int i) { i; }; + +int test_lambda_in_macro() +{ + PARAM_MACRO // COMPLIANT + return 0; +} From d8c6a92a8804cf397d17cf88aa50c33eef4778c9 Mon Sep 17 00:00:00 2001 From: Rakesh Pothengil <122329100+rak3-sh@users.noreply.github.com> Date: Wed, 30 Aug 2023 11:40:39 +0900 Subject: [PATCH 1198/2573] Updated as per convention --- change_notes/2023-06-28-unused-local-function-use-cases.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/change_notes/2023-06-28-unused-local-function-use-cases.md b/change_notes/2023-06-28-unused-local-function-use-cases.md index 452b9f8d5e..f10cb92773 100644 --- a/change_notes/2023-06-28-unused-local-function-use-cases.md +++ b/change_notes/2023-06-28-unused-local-function-use-cases.md @@ -1 +1 @@ - - Considered use cases mentioned on issue [121](https://github.com/github/codeql-coding-standards/issues/121) while reporting a local function as "unused". + - `A0-1-3` - Considered use cases mentioned on issue [121](https://github.com/github/codeql-coding-standards/issues/121) while reporting a local function as "unused". From da1d12eb1d6a1ada49db4e5fd804986931955ae5 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 30 Aug 2023 11:03:55 +0100 Subject: [PATCH 1199/2573] A15-2-2: Avoid infinite interpretation edge case In CodeQL CLI 2.12.7 there is a bug which causes an infinite loop during results interpretation when a result includes more than maxPaths paths and also includes a path with no edges i.e. where the source and sink node are the same. To avoid this edge case, if we report a path where the source and sink are the same (i.e the throwingExpr directly throws an exception), we adjust the sink node to report the constructor, which creates a one step path from the throwingExprFlowNode to the constructor node. This also means we can delete the `nodes` query predicate, as we only included it to enable zero-path elements to display. --- .../2023-08-30-a15-2-2-no-zero-paths.md | 1 + ...structorErrorLeavesObjectInInvalidState.ql | 35 ++++++++---- ...orErrorLeavesObjectInInvalidState.expected | 54 ++++++------------- 3 files changed, 42 insertions(+), 48 deletions(-) create mode 100644 change_notes/2023-08-30-a15-2-2-no-zero-paths.md diff --git a/change_notes/2023-08-30-a15-2-2-no-zero-paths.md b/change_notes/2023-08-30-a15-2-2-no-zero-paths.md new file mode 100644 index 0000000000..aef91c3d3b --- /dev/null +++ b/change_notes/2023-08-30-a15-2-2-no-zero-paths.md @@ -0,0 +1 @@ + - `A15-2-2` - all results now include an associated exception flow path to avoid a CodeQL CLI bug in 2.12.7. This includes results where an exception is thrown directly in the constructor. \ No newline at end of file diff --git a/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql b/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql index f2c61de5f4..1b3a3cfed2 100644 --- a/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql +++ b/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql @@ -78,6 +78,14 @@ class DeleteWrapperFunction extends Function { Parameter getADeleteParameter() { result = p } } +class ExceptionThrowingConstructor extends ExceptionThrowingFunction, Constructor { + ExceptionThrowingConstructor() { + exists(getAFunctionThrownType(this, _)) and + // The constructor is within the users source code + exists(getFile().getRelativePath()) + } +} + class ExceptionThrownInConstructor extends ExceptionThrowingExpr { Constructor c; @@ -90,24 +98,20 @@ class ExceptionThrownInConstructor extends ExceptionThrowingExpr { Constructor getConstructor() { result = c } } -/** - * Add the `nodes` predicate to ensure results with an empty path are still reported. - */ -query predicate nodes(ExceptionFlowNode node) { any() } - from - Constructor c, ExceptionThrownInConstructor throwingExpr, NewAllocationExpr newExpr, - ExceptionFlowNode exceptionSource, ExceptionFlowNode functionNode + ExceptionThrowingConstructor c, ExceptionThrownInConstructor throwingExpr, + NewAllocationExpr newExpr, ExceptionFlowNode exceptionSource, + ExceptionFlowNode throwingExprFlowNode, ExceptionFlowNode reportingNode where not isExcluded(c, Exceptions2Package::constructorErrorLeavesObjectInInvalidStateQuery()) and not isNoExceptTrue(c) and // Constructor must exit with an exception c = throwingExpr.getConstructor() and - throwingExpr.hasExceptionFlowReflexive(exceptionSource, functionNode, _) and + throwingExpr.hasExceptionFlowReflexive(exceptionSource, throwingExprFlowNode, _) and exists(ExceptionFlowNode mid | edges*(exceptionSource, mid) and newExpr.getASuccessor+() = mid.asThrowingExpr() and - edges*(mid, functionNode) and + edges*(mid, throwingExprFlowNode) and not exists(ExceptionFlowNode prior | edges(prior, mid) | prior.asCatchBlock().getEnclosingFunction() = c ) @@ -126,7 +130,16 @@ where DataFlow::localFlow(DataFlow::exprNode(newExpr), DataFlow::exprNode(deletedExpr)) and newExpr.getASuccessor+() = deletedExpr and deletedExpr.getASuccessor+() = throwingExpr - ) -select c, exceptionSource, functionNode, "Constructor throws $@ and allocates memory at $@", + ) and + // In CodeQL CLI 2.12.7 there is a bug which causes an infinite loop during results interpretation + // when a result includes more than maxPaths paths and also includes a path with no edges i.e. + // where the source and sink node are the same. + // To avoid this edge case, if we report a path where the source and sink are the same (i.e the + // throwingExpr directly throws an exception), we adjust the sink node to report the constructor, + // which creates a one step path from the throwingExprFlowNode to the constructor node. + if throwingExprFlowNode = exceptionSource + then reportingNode.asFunction() = c and edges(throwingExprFlowNode, reportingNode) + else reportingNode = throwingExprFlowNode +select c, exceptionSource, reportingNode, "Constructor throws $@ and allocates memory at $@", throwingExpr, throwingExpr.(ThrowingExpr).getAnExceptionType().getExceptionName(), newExpr, "alloc" diff --git a/cpp/autosar/test/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.expected b/cpp/autosar/test/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.expected index b077cc93bb..941771dada 100644 --- a/cpp/autosar/test/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.expected +++ b/cpp/autosar/test/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.expected @@ -3,60 +3,40 @@ edges | test.cpp:13:7:13:28 | throw ... [exception] | test.cpp:14:33:16:5 | { ... } [exception] | | test.cpp:14:33:16:5 | { ... } [bad_alloc] | test.cpp:15:7:15:11 | re-throw exception [bad_alloc] | | test.cpp:14:33:16:5 | { ... } [exception] | test.cpp:15:7:15:11 | re-throw exception [exception] | +| test.cpp:15:7:15:11 | re-throw exception [bad_alloc] | test.cpp:9:3:9:8 | ClassA [bad_alloc] | +| test.cpp:15:7:15:11 | re-throw exception [exception] | test.cpp:9:3:9:8 | ClassA [exception] | | test.cpp:25:16:25:27 | new [bad_alloc] | test.cpp:27:33:30:5 | { ... } [bad_alloc] | | test.cpp:26:7:26:28 | throw ... [exception] | test.cpp:27:33:30:5 | { ... } [exception] | | test.cpp:27:33:30:5 | { ... } [bad_alloc] | test.cpp:29:7:29:11 | re-throw exception [bad_alloc] | | test.cpp:27:33:30:5 | { ... } [exception] | test.cpp:29:7:29:11 | re-throw exception [exception] | +| test.cpp:29:7:29:11 | re-throw exception [bad_alloc] | test.cpp:23:3:23:8 | ClassB [bad_alloc] | +| test.cpp:29:7:29:11 | re-throw exception [exception] | test.cpp:23:3:23:8 | ClassB [exception] | | test.cpp:44:16:44:27 | call to CreateMember [bad_alloc] | test.cpp:46:33:48:5 | { ... } [bad_alloc] | | test.cpp:45:7:45:28 | throw ... [exception] | test.cpp:46:33:48:5 | { ... } [exception] | | test.cpp:46:33:48:5 | { ... } [bad_alloc] | test.cpp:47:7:47:11 | re-throw exception [bad_alloc] | | test.cpp:46:33:48:5 | { ... } [exception] | test.cpp:47:7:47:11 | re-throw exception [exception] | +| test.cpp:47:7:47:11 | re-throw exception [bad_alloc] | test.cpp:41:3:41:8 | ClassC [bad_alloc] | +| test.cpp:47:7:47:11 | re-throw exception [exception] | test.cpp:41:3:41:8 | ClassC [exception] | | test.cpp:58:16:58:27 | call to CreateMember [bad_alloc] | test.cpp:60:33:63:5 | { ... } [bad_alloc] | | test.cpp:59:7:59:28 | throw ... [exception] | test.cpp:60:33:63:5 | { ... } [exception] | | test.cpp:60:33:63:5 | { ... } [bad_alloc] | test.cpp:62:7:62:11 | re-throw exception [bad_alloc] | | test.cpp:60:33:63:5 | { ... } [exception] | test.cpp:62:7:62:11 | re-throw exception [exception] | +| test.cpp:62:7:62:11 | re-throw exception [bad_alloc] | test.cpp:55:3:55:8 | ClassD [bad_alloc] | +| test.cpp:62:7:62:11 | re-throw exception [exception] | test.cpp:55:3:55:8 | ClassD [exception] | +| test.cpp:77:11:77:20 | new [bad_alloc] | test.cpp:75:3:75:8 | ClassE [bad_alloc] | +| test.cpp:78:11:78:20 | new [bad_alloc] | test.cpp:75:3:75:8 | ClassE [bad_alloc] | | test.cpp:80:13:80:22 | new [bad_alloc] | test.cpp:82:33:86:5 | { ... } [bad_alloc] | | test.cpp:81:13:81:22 | new [bad_alloc] | test.cpp:82:33:86:5 | { ... } [bad_alloc] | | test.cpp:82:33:86:5 | { ... } [bad_alloc] | test.cpp:85:7:85:11 | re-throw exception [bad_alloc] | -nodes -| test.cpp:12:16:12:27 | new [bad_alloc] | -| test.cpp:13:7:13:28 | throw ... [exception] | -| test.cpp:14:33:16:5 | { ... } [bad_alloc] | -| test.cpp:14:33:16:5 | { ... } [exception] | -| test.cpp:15:7:15:11 | re-throw exception [bad_alloc] | -| test.cpp:15:7:15:11 | re-throw exception [exception] | -| test.cpp:25:16:25:27 | new [bad_alloc] | -| test.cpp:26:7:26:28 | throw ... [exception] | -| test.cpp:27:33:30:5 | { ... } [bad_alloc] | -| test.cpp:27:33:30:5 | { ... } [exception] | -| test.cpp:29:7:29:11 | re-throw exception [bad_alloc] | -| test.cpp:29:7:29:11 | re-throw exception [exception] | -| test.cpp:44:16:44:27 | call to CreateMember [bad_alloc] | -| test.cpp:45:7:45:28 | throw ... [exception] | -| test.cpp:46:33:48:5 | { ... } [bad_alloc] | -| test.cpp:46:33:48:5 | { ... } [exception] | -| test.cpp:47:7:47:11 | re-throw exception [bad_alloc] | -| test.cpp:47:7:47:11 | re-throw exception [exception] | -| test.cpp:58:16:58:27 | call to CreateMember [bad_alloc] | -| test.cpp:59:7:59:28 | throw ... [exception] | -| test.cpp:60:33:63:5 | { ... } [bad_alloc] | -| test.cpp:60:33:63:5 | { ... } [exception] | -| test.cpp:62:7:62:11 | re-throw exception [bad_alloc] | -| test.cpp:62:7:62:11 | re-throw exception [exception] | -| test.cpp:77:11:77:20 | new [bad_alloc] | -| test.cpp:78:11:78:20 | new [bad_alloc] | -| test.cpp:80:13:80:22 | new [bad_alloc] | -| test.cpp:81:13:81:22 | new [bad_alloc] | -| test.cpp:82:33:86:5 | { ... } [bad_alloc] | -| test.cpp:85:7:85:11 | re-throw exception [bad_alloc] | -| test.cpp:87:11:87:20 | new [bad_alloc] | +| test.cpp:85:7:85:11 | re-throw exception [bad_alloc] | test.cpp:75:3:75:8 | ClassE [bad_alloc] | +| test.cpp:87:11:87:20 | new [bad_alloc] | test.cpp:75:3:75:8 | ClassE [bad_alloc] | #select | test.cpp:9:3:9:8 | ClassA | test.cpp:13:7:13:28 | throw ... [exception] | test.cpp:15:7:15:11 | re-throw exception [exception] | Constructor throws $@ and allocates memory at $@ | test.cpp:15:7:15:11 | re-throw exception | std::bad_alloc | test.cpp:12:16:12:27 | new | alloc | | test.cpp:9:3:9:8 | ClassA | test.cpp:13:7:13:28 | throw ... [exception] | test.cpp:15:7:15:11 | re-throw exception [exception] | Constructor throws $@ and allocates memory at $@ | test.cpp:15:7:15:11 | re-throw exception | std::exception | test.cpp:12:16:12:27 | new | alloc | | test.cpp:41:3:41:8 | ClassC | test.cpp:45:7:45:28 | throw ... [exception] | test.cpp:47:7:47:11 | re-throw exception [exception] | Constructor throws $@ and allocates memory at $@ | test.cpp:47:7:47:11 | re-throw exception | std::bad_alloc | test.cpp:44:16:44:27 | call to CreateMember | alloc | | test.cpp:41:3:41:8 | ClassC | test.cpp:45:7:45:28 | throw ... [exception] | test.cpp:47:7:47:11 | re-throw exception [exception] | Constructor throws $@ and allocates memory at $@ | test.cpp:47:7:47:11 | re-throw exception | std::exception | test.cpp:44:16:44:27 | call to CreateMember | alloc | -| test.cpp:75:3:75:8 | ClassE | test.cpp:78:11:78:20 | new [bad_alloc] | test.cpp:78:11:78:20 | new [bad_alloc] | Constructor throws $@ and allocates memory at $@ | test.cpp:78:11:78:20 | new | std::bad_alloc | test.cpp:77:11:77:20 | new | alloc | -| test.cpp:75:3:75:8 | ClassE | test.cpp:87:11:87:20 | new [bad_alloc] | test.cpp:87:11:87:20 | new [bad_alloc] | Constructor throws $@ and allocates memory at $@ | test.cpp:87:11:87:20 | new | std::bad_alloc | test.cpp:77:11:77:20 | new | alloc | -| test.cpp:75:3:75:8 | ClassE | test.cpp:87:11:87:20 | new [bad_alloc] | test.cpp:87:11:87:20 | new [bad_alloc] | Constructor throws $@ and allocates memory at $@ | test.cpp:87:11:87:20 | new | std::bad_alloc | test.cpp:78:11:78:20 | new | alloc | -| test.cpp:75:3:75:8 | ClassE | test.cpp:87:11:87:20 | new [bad_alloc] | test.cpp:87:11:87:20 | new [bad_alloc] | Constructor throws $@ and allocates memory at $@ | test.cpp:87:11:87:20 | new | std::bad_alloc | test.cpp:80:13:80:22 | new | alloc | -| test.cpp:75:3:75:8 | ClassE | test.cpp:87:11:87:20 | new [bad_alloc] | test.cpp:87:11:87:20 | new [bad_alloc] | Constructor throws $@ and allocates memory at $@ | test.cpp:87:11:87:20 | new | std::bad_alloc | test.cpp:81:13:81:22 | new | alloc | +| test.cpp:75:3:75:8 | ClassE | test.cpp:78:11:78:20 | new [bad_alloc] | test.cpp:75:3:75:8 | ClassE [bad_alloc] | Constructor throws $@ and allocates memory at $@ | test.cpp:78:11:78:20 | new | std::bad_alloc | test.cpp:77:11:77:20 | new | alloc | +| test.cpp:75:3:75:8 | ClassE | test.cpp:87:11:87:20 | new [bad_alloc] | test.cpp:75:3:75:8 | ClassE [bad_alloc] | Constructor throws $@ and allocates memory at $@ | test.cpp:87:11:87:20 | new | std::bad_alloc | test.cpp:77:11:77:20 | new | alloc | +| test.cpp:75:3:75:8 | ClassE | test.cpp:87:11:87:20 | new [bad_alloc] | test.cpp:75:3:75:8 | ClassE [bad_alloc] | Constructor throws $@ and allocates memory at $@ | test.cpp:87:11:87:20 | new | std::bad_alloc | test.cpp:78:11:78:20 | new | alloc | +| test.cpp:75:3:75:8 | ClassE | test.cpp:87:11:87:20 | new [bad_alloc] | test.cpp:75:3:75:8 | ClassE [bad_alloc] | Constructor throws $@ and allocates memory at $@ | test.cpp:87:11:87:20 | new | std::bad_alloc | test.cpp:80:13:80:22 | new | alloc | +| test.cpp:75:3:75:8 | ClassE | test.cpp:87:11:87:20 | new [bad_alloc] | test.cpp:75:3:75:8 | ClassE [bad_alloc] | Constructor throws $@ and allocates memory at $@ | test.cpp:87:11:87:20 | new | std::bad_alloc | test.cpp:81:13:81:22 | new | alloc | From 4297f0a82e461f2076f3db0834d8e79eadb7b8b3 Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Wed, 30 Aug 2023 19:26:31 +0900 Subject: [PATCH 1200/2573] Formatted using clang-format --- cpp/autosar/test/rules/A5-1-3/test.cpp | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/cpp/autosar/test/rules/A5-1-3/test.cpp b/cpp/autosar/test/rules/A5-1-3/test.cpp index 50a041e925..d44419ff9b 100644 --- a/cpp/autosar/test/rules/A5-1-3/test.cpp +++ b/cpp/autosar/test/rules/A5-1-3/test.cpp @@ -32,8 +32,7 @@ void test() { #define PARAM_MACRO [](int i) { i; }; -int test_lambda_in_macro() -{ +int test_lambda_in_macro() { PARAM_MACRO // COMPLIANT - return 0; + return 0; } From 7804c408d9302d4950aeb4ed95826389eb38da83 Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Wed, 30 Aug 2023 21:02:10 +0900 Subject: [PATCH 1201/2573] Applied clang-format --- cpp/autosar/test/rules/M0-1-3/test.cpp | 28 ++++++++++---------------- 1 file changed, 11 insertions(+), 17 deletions(-) diff --git a/cpp/autosar/test/rules/M0-1-3/test.cpp b/cpp/autosar/test/rules/M0-1-3/test.cpp index 80122d2e14..9dbe9692cd 100644 --- a/cpp/autosar/test/rules/M0-1-3/test.cpp +++ b/cpp/autosar/test/rules/M0-1-3/test.cpp @@ -46,18 +46,15 @@ void test_side_effect_init() { // have side effects } -#include #include -template -class CharBuffer -{ - public: +#include +template class CharBuffer { +public: int member[t]; - CharBuffer():member{0}{} + CharBuffer() : member{0} {} }; -int test_constexpr_in_template_inst() -{ +int test_constexpr_in_template_inst() { constexpr int line_length = 1024U; // COMPLIANT - used in template inst. // of buffer. CharBuffer buffer{}; @@ -65,22 +62,19 @@ int test_constexpr_in_template_inst() } enum DataType : unsigned char { - int8, - int16, + int8, + int16, }; -template -int test_constexpr_in_static_assert() -{ - const std::array lldts {int8}; - const std::array llams {int16}; +template int test_constexpr_in_static_assert() { + const std::array lldts{int8}; + const std::array llams{int16}; constexpr std::size_t mssu = 64 * 1024; // COMPLIANT - used in static assert. static_assert((sizeof(lldts) + sizeof(llams)) <= mssu, "assert"); return 0; } -int baz() -{ +int baz() { test_constexpr_in_static_assert(); return 0; } From 3e617da538483d9947f2d52e16d0019f2ef6e9b6 Mon Sep 17 00:00:00 2001 From: Rakesh Pothengil <122329100+rak3-sh@users.noreply.github.com> Date: Thu, 31 Aug 2023 14:18:41 +0900 Subject: [PATCH 1202/2573] Apply suggestions from code review Co-authored-by: Luke Cartey <5377966+lcartey@users.noreply.github.com> --- cpp/autosar/src/rules/A0-1-3/UnusedLocalFunction.ql | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/src/rules/A0-1-3/UnusedLocalFunction.ql b/cpp/autosar/src/rules/A0-1-3/UnusedLocalFunction.ql index 6551b184e1..a5f7c6b7f2 100644 --- a/cpp/autosar/src/rules/A0-1-3/UnusedLocalFunction.ql +++ b/cpp/autosar/src/rules/A0-1-3/UnusedLocalFunction.ql @@ -23,14 +23,14 @@ import codingstandards.cpp.deadcode.UnusedFunctions * passed in the arguments. */ predicate isCalled(Function unusedFunction) { - exists (FunctionCall f | unusedFunction.getACallToThisFunction() = f) + unusedFunction = getTarget(_) } /** Checks if an overloaded function of * the function passed in the arguments, is called. */ predicate overloadedFunctionIsCalled(Function unusedFunction) { - exists (Function f | f = unusedFunction.getAnOverload*() and isCalled(f)) + exists (Function f | f = unusedFunction.getAnOverload() and isCalled(f)) or unusedFunction.getNamespace().isAnonymous() and exists (TopLevelFunction overloadedFunction | From 07a78fe455bb3dac829becad1886801bb29babd0 Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Thu, 31 Aug 2023 14:20:44 +0900 Subject: [PATCH 1203/2573] Applied clang-format --- cpp/autosar/test/rules/A0-1-3/test.cpp | 52 ++++++++++++-------------- 1 file changed, 24 insertions(+), 28 deletions(-) diff --git a/cpp/autosar/test/rules/A0-1-3/test.cpp b/cpp/autosar/test/rules/A0-1-3/test.cpp index d593d0ab46..c27cc4679c 100644 --- a/cpp/autosar/test/rules/A0-1-3/test.cpp +++ b/cpp/autosar/test/rules/A0-1-3/test.cpp @@ -87,9 +87,10 @@ void h3() {} // NON_COMPLIANT } // namespace foo } // namespace - - -static int unevaluatedContextFn(int x) { x++; return x; } // COMPLIANT - called in an unevaluated context. +static int unevaluatedContextFn(int x) { + x++; + return x; +} // COMPLIANT - called in an unevaluated context. #include static int unevalContextCaller() // COMPLIANT - address taken { @@ -100,13 +101,12 @@ static int unevalContextCaller() // COMPLIANT - address taken decltype(unevaluatedContextFn(2)) n = 42; return 0; } -int (* ptr_unevalContextCaller)(void) = unevalContextCaller; - +int (*ptr_unevalContextCaller)(void) = unevalContextCaller; class X { private: [[maybe_unused]] void maybeUnused(); - void deleted() = delete; // COMPLIANT - Deleted Function + void deleted() = delete; // COMPLIANT - Deleted Function }; void X::maybeUnused() {} // COMPLIANT - [[maybe_unused]] @@ -118,33 +118,29 @@ static int overload1(int c) // COMPLIANT - called static int overload1(int c, int d) // COMPLAINT - overload1(int) is called. { - return c+d; + return c + d; } -namespace +namespace { +int overload1(int c, float d) // COMPLAINT - overload1(int) is called. { - float overload1(int c, float d) // COMPLAINT - overload1(int) is called. - { - return c+d; - } + return c + d; } +} // namespace int overload = overload1(5); -class classWithOverloads -{ - public: - int caller(int x) - { - return overloadMember(x,0); - } - private: - int overloadMember(int c) // COMPLAINT - overloadMember(int, int) is called. - { - return ++c; - } - int overloadMember(int c, int d) // COMPLAINT - called. - { - return c+d; - } +class classWithOverloads { +public: + int caller(int x) { return overloadMember(x, 0); } + +private: + int overloadMember(int c) // COMPLAINT - overloadMember(int, int) is called. + { + return ++c; + } + int overloadMember(int c, int d) // COMPLAINT - called. + { + return c + d; + } }; From b150aed635c785aae01548540dde8ed9ac9152e3 Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Thu, 31 Aug 2023 14:35:45 +0900 Subject: [PATCH 1204/2573] Removed partOfUnevaluatedContexts predicate --- .../src/rules/A0-1-3/UnusedLocalFunction.ql | 20 ++++--------------- 1 file changed, 4 insertions(+), 16 deletions(-) diff --git a/cpp/autosar/src/rules/A0-1-3/UnusedLocalFunction.ql b/cpp/autosar/src/rules/A0-1-3/UnusedLocalFunction.ql index a5f7c6b7f2..78a6074bcc 100644 --- a/cpp/autosar/src/rules/A0-1-3/UnusedLocalFunction.ql +++ b/cpp/autosar/src/rules/A0-1-3/UnusedLocalFunction.ql @@ -41,15 +41,6 @@ predicate overloadedFunctionIsCalled(Function unusedFunction) { ) } -/** Checks if a Function is part of an unevaluated context. */ -predicate partOfUnevalutedContexts(Function unusedFunction) { - exists (Expr e, FunctionCall f | ((e instanceof TypeidOperator or - e instanceof SizeofOperator or - e instanceof NoExceptExpr) and - e.getAChild*() = f and f.getTarget() = unusedFunction - ) - ) -} /** Checks if a Function's address was taken. */ predicate addressBeenTaken(Function unusedFunction) @@ -121,13 +112,10 @@ where // - It's part of an overloaded set and any one of the overloaded instance // is called. // - It's an operand of an expression in an unevaluated context. - ( - not unusedLocalFunction.isDeleted() and - not unusedLocalFunction.getAnAttribute().getName() = "maybe_unused" and - not overloadedFunctionIsCalled(unusedLocalFunction) and - not addressBeenTaken(unusedLocalFunction) and - not partOfUnevalutedContexts(unusedLocalFunction) - ) + not unusedLocalFunction.isDeleted() and + not unusedLocalFunction.getAnAttribute().getName() = "maybe_unused" and + not overloadedFunctionIsCalled(unusedLocalFunction) and + not addressBeenTaken(unusedLocalFunction) and // Get a printable name ( From a8e929a99539a1080f5f11b7453a79075489fea6 Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Thu, 7 Sep 2023 14:23:57 +0900 Subject: [PATCH 1205/2573] Changed based on review comments. --- ...023-06-28-unused-local-function-use-cases.md | 7 ++++++- .../src/rules/A0-1-3/UnusedLocalFunction.ql | 17 +---------------- cpp/autosar/test/rules/A0-1-3/test.cpp | 7 ------- rule_packages/cpp/DeadCode.json | 5 ++++- 4 files changed, 11 insertions(+), 25 deletions(-) diff --git a/change_notes/2023-06-28-unused-local-function-use-cases.md b/change_notes/2023-06-28-unused-local-function-use-cases.md index f10cb92773..8f73e0043b 100644 --- a/change_notes/2023-06-28-unused-local-function-use-cases.md +++ b/change_notes/2023-06-28-unused-local-function-use-cases.md @@ -1 +1,6 @@ - - `A0-1-3` - Considered use cases mentioned on issue [121](https://github.com/github/codeql-coding-standards/issues/121) while reporting a local function as "unused". +- `A0-1-3` - Considered the following additional use cases while reporting a local function as "unused". + - The address of a function is taken + - The operand of an expression in an unevaluated context + - Functions marked with [[maybe_unused]] + - Explicitly deleted functions e.g. =delete + - Use of any overload of a function in an overload set constitute a use of all members of the set. An overload set is a set of functions with the same name that differ in the number, type and/or qualifiers of their parameters. diff --git a/cpp/autosar/src/rules/A0-1-3/UnusedLocalFunction.ql b/cpp/autosar/src/rules/A0-1-3/UnusedLocalFunction.ql index 78a6074bcc..c9e5fbb345 100644 --- a/cpp/autosar/src/rules/A0-1-3/UnusedLocalFunction.ql +++ b/cpp/autosar/src/rules/A0-1-3/UnusedLocalFunction.ql @@ -19,29 +19,14 @@ import codingstandards.cpp.autosar import codingstandards.cpp.DynamicCallGraph import codingstandards.cpp.deadcode.UnusedFunctions -/** Checks if a function call exists to the function - * passed in the arguments. - */ -predicate isCalled(Function unusedFunction) { - unusedFunction = getTarget(_) -} /** Checks if an overloaded function of * the function passed in the arguments, is called. */ predicate overloadedFunctionIsCalled(Function unusedFunction) { - exists (Function f | f = unusedFunction.getAnOverload() and isCalled(f)) - or - unusedFunction.getNamespace().isAnonymous() and - exists (TopLevelFunction overloadedFunction | - overloadedFunction != unusedFunction and - ((overloadedFunction.getName() = unusedFunction.getName()) or - (overloadedFunction.getQualifiedName() = - unusedFunction.getQualifiedName())) - ) + exists (Function f | f = unusedFunction.getAnOverload() and f = getTarget(_)) } - /** Checks if a Function's address was taken. */ predicate addressBeenTaken(Function unusedFunction) { diff --git a/cpp/autosar/test/rules/A0-1-3/test.cpp b/cpp/autosar/test/rules/A0-1-3/test.cpp index c27cc4679c..c4b78507d4 100644 --- a/cpp/autosar/test/rules/A0-1-3/test.cpp +++ b/cpp/autosar/test/rules/A0-1-3/test.cpp @@ -121,13 +121,6 @@ static int overload1(int c, int d) // COMPLAINT - overload1(int) is called. return c + d; } -namespace { -int overload1(int c, float d) // COMPLAINT - overload1(int) is called. -{ - return c + d; -} -} // namespace - int overload = overload1(5); class classWithOverloads { diff --git a/rule_packages/cpp/DeadCode.json b/rule_packages/cpp/DeadCode.json index 53d6b41aa5..5d46a008da 100644 --- a/rule_packages/cpp/DeadCode.json +++ b/rule_packages/cpp/DeadCode.json @@ -67,7 +67,10 @@ "tags": [ "readability", "maintainability" - ] + ], + "implementation_scope": { + "description": "Functions defined in anonymous (unnamed) namespaces and global namespaces are not considered to be part of the same overload set." + } } ], "title": "Every function defined in an anonymous namespace, or static function with internal linkage, or private member function shall be used." From 4f9fb8285a83169ae4285f73e9a294ff34673704 Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Thu, 7 Sep 2023 14:26:10 +0900 Subject: [PATCH 1206/2573] Corrected typos in comments --- cpp/autosar/test/rules/A0-1-3/test.cpp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cpp/autosar/test/rules/A0-1-3/test.cpp b/cpp/autosar/test/rules/A0-1-3/test.cpp index c4b78507d4..4ec8af884a 100644 --- a/cpp/autosar/test/rules/A0-1-3/test.cpp +++ b/cpp/autosar/test/rules/A0-1-3/test.cpp @@ -116,7 +116,7 @@ static int overload1(int c) // COMPLIANT - called return ++c; } -static int overload1(int c, int d) // COMPLAINT - overload1(int) is called. +static int overload1(int c, int d) // COMPLIANT - overload1(int) is called. { return c + d; } @@ -128,11 +128,11 @@ class classWithOverloads { int caller(int x) { return overloadMember(x, 0); } private: - int overloadMember(int c) // COMPLAINT - overloadMember(int, int) is called. + int overloadMember(int c) // COMPLIANT - overloadMember(int, int) is called. { return ++c; } - int overloadMember(int c, int d) // COMPLAINT - called. + int overloadMember(int c, int d) // COMPLIANT - called. { return c + d; } From 9396451c71926ad7f88582739a067e655646d7ab Mon Sep 17 00:00:00 2001 From: Rakesh Pothengil <122329100+rak3-sh@users.noreply.github.com> Date: Fri, 8 Sep 2023 10:24:34 +0900 Subject: [PATCH 1207/2573] Apply suggestions from code review Co-authored-by: Luke Cartey <5377966+lcartey@users.noreply.github.com> --- change_notes/2023-06-28-unused-local-function-use-cases.md | 2 +- rule_packages/cpp/DeadCode.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/change_notes/2023-06-28-unused-local-function-use-cases.md b/change_notes/2023-06-28-unused-local-function-use-cases.md index 8f73e0043b..41a8833252 100644 --- a/change_notes/2023-06-28-unused-local-function-use-cases.md +++ b/change_notes/2023-06-28-unused-local-function-use-cases.md @@ -3,4 +3,4 @@ - The operand of an expression in an unevaluated context - Functions marked with [[maybe_unused]] - Explicitly deleted functions e.g. =delete - - Use of any overload of a function in an overload set constitute a use of all members of the set. An overload set is a set of functions with the same name that differ in the number, type and/or qualifiers of their parameters. + - Use of any overload of a function in an overload set constitute a use of all members of the set. An overload set is a set of functions with the same name that differ in the number, type and/or qualifiers of their parameters, and, for the purpose of this query, are limited to functions which are declared in the same scope (namespace or class). diff --git a/rule_packages/cpp/DeadCode.json b/rule_packages/cpp/DeadCode.json index 5d46a008da..7eb5c9f6f9 100644 --- a/rule_packages/cpp/DeadCode.json +++ b/rule_packages/cpp/DeadCode.json @@ -69,7 +69,7 @@ "maintainability" ], "implementation_scope": { - "description": "Functions defined in anonymous (unnamed) namespaces and global namespaces are not considered to be part of the same overload set." + "description": "Use of any overload of a function in an overload set constitute a use of all members of the set. An overload set is a set of functions with the same name that differ in the number, type and/or qualifiers of their parameters, and, for the purpose of this query, are limited to functions which are declared in the same scope (namespace or class). Functions defined in anonymous (unnamed) namespaces and global namespaces are therefore not currently considered to be part of the same overload set." } } ], From ac0256ffd8f8c28314b57ad5af32b11ff0b9fb45 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 8 Sep 2023 14:18:09 -0700 Subject: [PATCH 1208/2573] Tighten with scope --- .../upgrade-codeql-dependencies.py | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/scripts/upgrade-codeql-dependencies/upgrade-codeql-dependencies.py b/scripts/upgrade-codeql-dependencies/upgrade-codeql-dependencies.py index e818cb2a12..17d8e735b7 100644 --- a/scripts/upgrade-codeql-dependencies/upgrade-codeql-dependencies.py +++ b/scripts/upgrade-codeql-dependencies/upgrade-codeql-dependencies.py @@ -41,16 +41,17 @@ def main(cli_version : str, github_token: str) -> None: with SUPPORTED_VERSIONS_PATH.open("r") as f: supported_versions = json.load(f) - with SUPPORTED_VERSIONS_PATH.open("w") as f: - supported_envs: List[Dict[str, str]] = supported_versions["supported_environment"] - if len(supported_envs) != 1: - print("Expected exactly one supported environment, cannot upgrade!") - exit(1) - supported_env = supported_envs[0] - supported_env["codeql_cli"] = str(parsed_cli_version) - supported_env["codeql_cli_bundle"] = compatible_bundle - supported_env["codeql_standard_library"] = compatible_stdlib + supported_envs: List[Dict[str, str]] = supported_versions["supported_environment"] + if len(supported_envs) != 1: + print("Expected exactly one supported environment, cannot upgrade!") + exit(1) + supported_env = supported_envs[0] + supported_env["codeql_cli"] = str(parsed_cli_version) + supported_env["codeql_cli_bundle"] = compatible_bundle + supported_env["codeql_standard_library"] = compatible_stdlib + + with SUPPORTED_VERSIONS_PATH.open("w") as f: json.dump(supported_versions, f, indent=2) except ValueError as e: print(e) From 9e8673adf8da0e249e44544c8bdc3b6dbad6d994 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 8 Sep 2023 14:18:25 -0700 Subject: [PATCH 1209/2573] Trim trailing whitespace --- .../upgrade-codeql-dependencies/upgrade-codeql-dependencies.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/upgrade-codeql-dependencies/upgrade-codeql-dependencies.py b/scripts/upgrade-codeql-dependencies/upgrade-codeql-dependencies.py index 17d8e735b7..4e1a9e9a77 100644 --- a/scripts/upgrade-codeql-dependencies/upgrade-codeql-dependencies.py +++ b/scripts/upgrade-codeql-dependencies/upgrade-codeql-dependencies.py @@ -14,7 +14,7 @@ def get_compatible_stdlib(version: Version) -> Optional[str]: if response.status_code == 200: return tag return None - + def get_compatible_bundle(version: Version, token: str) -> Optional[str]: tag = f"codeql-bundle-v{version}" response = requests.get(f"https://api.github.com/repos/github/codeql-action/releases/tags/{tag}", headers={ From 8225ac1dfb1811d3800f85f928946ed10ace1ebf Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 8 Sep 2023 14:21:06 -0700 Subject: [PATCH 1210/2573] Adjust help message --- .../upgrade-codeql-dependencies/upgrade-codeql-dependencies.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/upgrade-codeql-dependencies/upgrade-codeql-dependencies.py b/scripts/upgrade-codeql-dependencies/upgrade-codeql-dependencies.py index 4e1a9e9a77..6c98216ca0 100644 --- a/scripts/upgrade-codeql-dependencies/upgrade-codeql-dependencies.py +++ b/scripts/upgrade-codeql-dependencies/upgrade-codeql-dependencies.py @@ -65,7 +65,7 @@ def main(cli_version : str, github_token: str) -> None: parser = argparse.ArgumentParser(description='Upgrade CodeQL dependencies') parser.add_argument('--cli-version', type=str, required=True, help='CodeQL CLI version') - parser.add_argument('--github-auth-stdin', action='store_true', help='CodeQL bundle version') + parser.add_argument('--github-auth-stdin', action='store_true', help='Authenticate to the GitHub API by providing a GitHub token via standard input.') args = parser.parse_args() if args.github_auth_stdin: From f905b78a88cd62ea5303ce6d78308a4f068ad54f Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 11 Sep 2023 16:27:41 -0400 Subject: [PATCH 1211/2573] finally fixed this --- scripts/matrix_testing/CreateMatrixTestReport.ps1 | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/scripts/matrix_testing/CreateMatrixTestReport.ps1 b/scripts/matrix_testing/CreateMatrixTestReport.ps1 index 0cf48ac36c..6f570c1b82 100644 --- a/scripts/matrix_testing/CreateMatrixTestReport.ps1 +++ b/scripts/matrix_testing/CreateMatrixTestReport.ps1 @@ -417,9 +417,7 @@ $jobRows = $queriesToCheck | ForEach-Object -ThrottleLimit $NumThreads -Parallel # output current row state $row - # release any held mutexes - $Mutex.ReleaseMutex(); - + ########################################################### ########################################################### # Context is restored here @@ -427,6 +425,10 @@ $jobRows = $queriesToCheck | ForEach-Object -ThrottleLimit $NumThreads -Parallel if($context){ Pop-CompilerSpecificFiles -Context $context } + + # release any held mutexes + $Mutex.ReleaseMutex(); + Write-Host "Released $testDirectory" } } # go to next row From 0be7d21050752c547399d11e819788c7d1a01bf6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 26 Sep 2023 00:55:30 +0000 Subject: [PATCH 1212/2573] Bump gitpython from 3.1.30 to 3.1.35 in /scripts Bumps [gitpython](https://github.com/gitpython-developers/GitPython) from 3.1.30 to 3.1.35. - [Release notes](https://github.com/gitpython-developers/GitPython/releases) - [Changelog](https://github.com/gitpython-developers/GitPython/blob/main/CHANGES) - [Commits](https://github.com/gitpython-developers/GitPython/compare/3.1.30...3.1.35) --- updated-dependencies: - dependency-name: gitpython dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- scripts/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/requirements.txt b/scripts/requirements.txt index f09675930f..976c6a46b4 100644 --- a/scripts/requirements.txt +++ b/scripts/requirements.txt @@ -2,7 +2,7 @@ beautifulsoup4==4.9.3 certifi==2023.7.22 chardet==3.0.4 gitdb==4.0.5 -GitPython==3.1.30 +GitPython==3.1.35 idna==2.10 Jinja2==2.11.3 MarkupSafe==1.1.1 From c52202671a5ced684e569c1b1917aa0aa3d3a875 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Wed, 27 Sep 2023 20:54:41 +0100 Subject: [PATCH 1213/2573] Fix upgrade CodeQL dependencies workflow Call the script by the correct name. --- .github/workflows/upgrade_codeql_dependencies.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/upgrade_codeql_dependencies.yml b/.github/workflows/upgrade_codeql_dependencies.yml index 6474aaffb7..119f065b52 100644 --- a/.github/workflows/upgrade_codeql_dependencies.yml +++ b/.github/workflows/upgrade_codeql_dependencies.yml @@ -12,7 +12,7 @@ env: XARGS_MAX_PROCS: 4 jobs: - say_hello: + upgrade_codeql_dependencies env: CODEQL_CLI_VERSION: ${{ github.event.inputs.codeql_cli_version }} runs-on: ubuntu-22.04 @@ -33,7 +33,7 @@ jobs: GITHUB_TOKEN: ${{ github.token }} CODEQL_CLI_VERSION: ${{ github.event.inputs.codeql_cli_version }} run: | - scripts/upgrade-codeql-dependencies/upgrade_codeql_dependencies.py --cli-version "$CODEQL_CLI_VERSION" + scripts/upgrade-codeql-dependencies/upgrade-codeql-dependencies.py --cli-version "$CODEQL_CLI_VERSION" - name: Fetch CodeQL env: From 97e7a2b3c938825b3778161add4bf483374a5642 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Wed, 27 Sep 2023 21:25:38 +0100 Subject: [PATCH 1214/2573] Fix missing colon --- .github/workflows/upgrade_codeql_dependencies.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/upgrade_codeql_dependencies.yml b/.github/workflows/upgrade_codeql_dependencies.yml index 119f065b52..5552350675 100644 --- a/.github/workflows/upgrade_codeql_dependencies.yml +++ b/.github/workflows/upgrade_codeql_dependencies.yml @@ -12,7 +12,7 @@ env: XARGS_MAX_PROCS: 4 jobs: - upgrade_codeql_dependencies + upgrade_codeql_dependencies: env: CODEQL_CLI_VERSION: ${{ github.event.inputs.codeql_cli_version }} runs-on: ubuntu-22.04 From 58cfcee1319e6663079888e9c218248ee8be860a Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Wed, 27 Sep 2023 21:28:24 +0100 Subject: [PATCH 1215/2573] Add missing call to Python --- .github/workflows/upgrade_codeql_dependencies.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/upgrade_codeql_dependencies.yml b/.github/workflows/upgrade_codeql_dependencies.yml index 5552350675..89fa737bfc 100644 --- a/.github/workflows/upgrade_codeql_dependencies.yml +++ b/.github/workflows/upgrade_codeql_dependencies.yml @@ -33,7 +33,7 @@ jobs: GITHUB_TOKEN: ${{ github.token }} CODEQL_CLI_VERSION: ${{ github.event.inputs.codeql_cli_version }} run: | - scripts/upgrade-codeql-dependencies/upgrade-codeql-dependencies.py --cli-version "$CODEQL_CLI_VERSION" + python3 scripts/upgrade-codeql-dependencies/upgrade-codeql-dependencies.py --cli-version "$CODEQL_CLI_VERSION" - name: Fetch CodeQL env: From 05e5d808df46ce7626fd750643617a7ffd5062ff Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Thu, 28 Sep 2023 11:44:34 +0100 Subject: [PATCH 1216/2573] Put CodeQL in the temp directory --- .github/workflows/upgrade_codeql_dependencies.yml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/.github/workflows/upgrade_codeql_dependencies.yml b/.github/workflows/upgrade_codeql_dependencies.yml index 89fa737bfc..bed9825c86 100644 --- a/.github/workflows/upgrade_codeql_dependencies.yml +++ b/.github/workflows/upgrade_codeql_dependencies.yml @@ -38,14 +38,18 @@ jobs: - name: Fetch CodeQL env: GITHUB_TOKEN: ${{ github.token }} + RUNNER_TEMP: ${{ runner.temp }} run: | + cd $RUNNER_TEMP gh release download "v${CODEQL_CLI_VERSION}" --repo https://github.com/github/codeql-cli-binaries --pattern codeql-linux64.zip unzip -q codeql-linux64.zip - name: Update CodeQL formatting based on new CLI version + env: + RUNNER_TEMP: ${{ runner.temp }} run: | - find cpp -name '*.ql' -or -name '*.qll' | xargs --max-procs "$XARGS_MAX_PROCS" --max-args 1 codeql/codeql query format --in-place - find c -name '*.ql' -or -name '*.qll' | xargs --max-procs "$XARGS_MAX_PROCS" --max-args 1 codeql/codeql query format --in-place + find cpp -name '*.ql' -or -name '*.qll' | xargs --max-procs "$XARGS_MAX_PROCS" --max-args 1 $RUNNER_TEMP/codeql/codeql query format --in-place + find c -name '*.ql' -or -name '*.qll' | xargs --max-procs "$XARGS_MAX_PROCS" --max-args 1 $RUNNER_TEMP/codeql/codeql query format --in-place - name: Create Pull Request uses: peter-evans/create-pull-request@v3 From 3c77de2052ed027c9b9527bb5192d544adb1d9b3 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Thu, 28 Sep 2023 14:25:15 +0100 Subject: [PATCH 1217/2573] Remove review team Review team is not part of the repository. --- .github/workflows/upgrade_codeql_dependencies.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/upgrade_codeql_dependencies.yml b/.github/workflows/upgrade_codeql_dependencies.yml index bed9825c86..a71ecabfac 100644 --- a/.github/workflows/upgrade_codeql_dependencies.yml +++ b/.github/workflows/upgrade_codeql_dependencies.yml @@ -57,6 +57,5 @@ jobs: title: "Upgrading `github/codeql` dependency to ${{ github.event.inputs.codeql_standard_library_commit }}" body: "This PR upgrades the CodeQL CLI version to ${{ github.event.inputs.codeql_cli_version }} and the `github/codeql` version to ${{ github.event.inputs.codeql_standard_library_commit }}." commit-message: "Upgrading `github/codeql` dependency to ${{ github.event.inputs.codeql_standard_library_commit }}" - team-reviewers: github/codeql-coding-standards delete-branch: true branch: "codeql/upgrade-to-${{ github.event.inputs.codeql_cli_version }}" From 3f7613c78877f6bf05b95bf9d9a3b77901deb27a Mon Sep 17 00:00:00 2001 From: lcartey Date: Thu, 28 Sep 2023 13:40:10 +0000 Subject: [PATCH 1218/2573] Upgrading `github/codeql` dependency to --- ...ormOutOfBoundsPointersOrArraySubscripts.ql | 77 ++++++++++--------- ...atePointersThatDoNotReferToTheSameArray.ql | 3 +- ...actPointersThatDoNotReferToTheSameArray.ql | 3 +- .../LibraryFunctionArgumentOutOfBounds.ql | 2 +- ...NotAllowAMutexToGoOutOfScopeWhileLocked.ql | 3 +- ...RaceConditionsWhenUsingLibraryFunctions.ql | 4 +- .../DeadlockByLockingInPredefinedOrder.ql | 3 +- .../DoNotCallSignalInMultithreadedProgram.ql | 3 +- ...eserveSafetyWhenUsingConditionVariables.ql | 3 +- ...rapFunctionsThatCanFailSpuriouslyInLoop.ql | 26 +++---- ...priateStorageDurationsStackAdressEscape.ql | 3 +- ...nformationLeakageAcrossTrustBoundariesC.ql | 3 +- ...orePointersReturnedByEnvironmentFunWarn.ql | 3 +- .../DoNotRelyOnIndeterminateValuesOfErrno.ql | 1 - ...PointerToMoreStrictlyAlignedPointerType.ql | 3 +- .../rules/EXP42-C/DoNotComparePaddingData.ql | 4 +- ...ernatelyIOFromAStreamWithoutPositioning.ql | 3 +- .../CloseFilesWhenTheyAreNoLongerNeeded.ql | 3 +- .../OnlyFreeMemoryAllocatedDynamicallyCert.ql | 3 +- ...andUsedForGeneratingPseudorandomNumbers.ql | 3 +- ...roperlySeedPseudorandomNumberGenerators.ql | 20 ++--- ...trolFlowReachesTheEndOfANonVoidFunction.ql | 3 +- ...dentifiersNotTypographicallyUnambiguous.ql | 3 +- ...AddressOfAutoStorageObjectToOtherObject.ql | 3 +- ...interArithmeticToAddressDifferentArrays.ql | 3 +- ...rWithExternalLinkageOneDefinitionShared.ql | 3 +- ...ticSpecifierFunctionRedeclarationShared.ql | 3 +- ...izerBracesToMatchAggregateTypeStructure.ql | 3 +- ...ageOfAssemblyLanguageShouldBeDocumented.ql | 3 +- .../SectionsOfCodeShallNotBeCommentedOut.ql | 3 +- ...dentifiersInTheSameNameSpaceUnambiguous.ql | 3 +- .../RULE-1-4/EmergentLanguageFeaturesUsed.ql | 1 - ...nPointerToObjectAndNonIntArithmeticType.ql | 3 +- ...NullNotUsedAsIntegerNullPointerConstant.ql | 1 - .../RightHandOperandOfAShiftRange.ql | 3 +- .../RULE-12-3/CommaOperatorShouldNotBeUsed.ql | 4 +- ...antUnsignedIntegerExpressionsWrapAround.ql | 3 +- .../RULE-15-2/GotoLabelLocationCondition.ql | 4 +- .../src/rules/RULE-15-7/IfElseEndCondition.ql | 4 +- .../RULE-16-1/SwitchCaseStartCondition.ql | 4 +- .../RULE-16-1/SwitchStmtNotWellFormed.ql | 4 +- ...erAndDerivedPointerMustAddressSameArray.ql | 3 +- ...tionBetweenPointersMustAddressSameArray.ql | 3 +- ...OperatorComparesPointerToDifferentArray.ql | 3 +- ...dditionOrSubtractionOperatorsOnPointers.ql | 3 +- ...TwoLevelsOfPointerNestingInDeclarations.ql | 3 +- ...StorageObjectAddressCopiedToOtherObject.ql | 3 +- c/misra/src/rules/RULE-2-1/UnreachableCode.ql | 4 +- c/misra/src/rules/RULE-2-7/UnusedParameter.ql | 4 +- .../ForbiddenCharactersInHeaderFileName.ql | 3 +- ...tionLikeMacroArgsContainHashTokenCQuery.ql | 3 +- ...ParameterNotEnclosedInParenthesesCQuery.ql | 3 +- ...tringFunctionPointerArgumentOutOfBounds.ql | 2 +- ...llToSetlocaleInvalidatesOldPointersWarn.ql | 3 +- .../CloseFileHandleWhenNoLongerNeededMisra.ql | 3 +- ...OnlyFreeMemoryAllocatedDynamicallyMisra.ql | 3 +- ...CharacterSequencesAndUsedWithinAComment.ql | 20 ++--- .../ExternalIdentifiersNotDistinct.ql | 4 +- .../src/rules/RULE-5-3/IdentifierHidingC.ql | 4 +- .../RULE-5-4/MacroIdentifiersNotDistinct.ql | 4 +- ...ntifierWithExternalLinkageOneDefinition.ql | 3 +- ...ngStaticSpecifierFunctionRedeclarationC.ql | 3 +- ...nnecessaryExposedIdentifierDeclarationC.ql | 3 +- ...rForAggregateOrUnionNotEnclosedInBraces.ql | 3 +- .../src/rules/A0-1-3/UnusedLocalFunction.ql | 17 ++-- ...nctionsShouldBeDefaultedOrLeftUndefined.ql | 18 +++-- ...itionVariablePostConditionFailedAutosar.ql | 3 +- .../JoinableThreadCopiedOrDestroyedAutosar.ql | 3 +- ...curInHeaderFileNameOrInIncludeDirective.ql | 3 +- ...NonStandardEntitiesInStandardNamespaces.ql | 3 +- ...StringNumberConversionMissingErrorCheck.ql | 3 +- .../PlacementNewInsufficientStorageAutosar.ql | 3 +- .../A18-5-8/UnnecessaryUseOfDynamicStorage.ql | 3 +- ...ThrowingNoThrowOperatorNewDeleteAutosar.ql | 3 +- ...peratorNewThrowsInvalidExceptionAutosar.ql | 3 +- .../A2-7-2/SectionsOfCodeCommentedOut.ql | 4 +- ...rValueStoredInUnrelatedSmartPointerAsar.ql | 3 +- ...oFunctionObjectIdentityShallNotBeCopied.ql | 3 +- .../PseudorandomNumbersGeneratedUsingRand.ql | 3 +- ...nMayNotNullTerminateCStyleStringAutosar.ql | 3 +- .../src/rules/A5-0-2/NonBooleanIfCondition.ql | 4 +- ...onContainLessThanTwoLevelsOfIndirection.ql | 3 +- .../LambdaExpressionWithoutParameterList.ql | 2 +- ...dLambdaObjectOutlivesCaptureByReference.ql | 3 +- ...dLambdaObjectOutlivesCaptureByReference.ql | 3 +- ...moveConstOrVolatileQualificationAutosar.ql | 3 +- ...ContainerAccessWithoutRangeCheckAutosar.ql | 3 +- .../rules/A5-3-2/NullPointersDereferenced.ql | 4 +- ...erToMemberAccessNonExistentClassMembers.ql | 3 +- ...erToMemberAccessNonExistentClassMembers.ql | 3 +- .../UninitializedStaticPointerToMemberUse.ql | 3 +- ...nctionNoReturnAttributeConditionAutosar.ql | 3 +- .../src/rules/M0-1-3/UnusedLocalVariable.ql | 29 ++++--- ...edValueReferencedInDestructorCatchBlock.ql | 3 +- .../FunctionLikeMacroArgsContainHashToken.ql | 3 +- ...eMacroParameterNotEnclosedInParentheses.ql | 3 +- ...dentifiersNotTypographicallyUnambiguous.ql | 3 +- ...thExternalLinkageShallHaveOneDefinition.ql | 3 +- ...gStaticSpecifierOnFunctionRedeclaration.ql | 3 +- ...UnnecessaryExposedIdentifierDeclaration.ql | 3 +- ...dexingNotTheOnlyFormOfPointerArithmetic.ql | 3 +- ...erAndDerivedPointerAccessDifferentArray.ql | 3 +- .../M5-0-18/AppliedToObjectsOfPointerType.ql | 3 +- .../src/rules/M5-18-1/CommaOperatorUsed.ql | 4 +- ...antUnsignedIntegerExpressionsWrapAround.ql | 3 +- .../src/rules/M6-4-4/NestedCaseInSwitch.ql | 4 +- .../M7-5-2/AssignmentOfEscapingAutoStorage.ql | 3 +- .../UseInitBracesToMatchTypeStructure.ql | 3 +- ...NotAllowAMutexToGoOutOfScopeWhileLocked.ql | 3 +- .../DeadlockByLockingInPredefinedOrder.ql | 3 +- ...eserveSafetyWhenUsingConditionVariables.ql | 3 +- .../LockedALockedNonRecursiveMutexAudit.ql | 2 +- ...dicateFunctionObjectsShouldNotBeMutable.ql | 3 +- .../UseOfDoubleUnderscoreReservedPrefix.ql | 4 +- ...InformationLeakageAcrossTrustBoundaries.ql | 3 +- .../ModificationOfTheStandardNamespaces.ql | 3 +- ...onditionVariablePostConditionFailedCert.ql | 3 +- .../ERR52-CPP/DoNotUseSetjmpOrLongjmp.ql | 4 +- ...rencedInConstructorDestructorCatchBlock.ql | 3 +- ...ceptionsThrownBeforeMainBeginsExecuting.ql | 3 +- ...ectErrorsWhenConvertingAStringToANumber.ql | 3 +- .../RemoveConstOrVolatileQualificationCert.ql | 3 +- ...apingLambdaObjectWithCaptureByReference.ql | 3 +- ...rningLambdaObjectWithCaptureByReference.ql | 3 +- .../DoNotRelyOnTheValueOfAMovedFromObject.ql | 3 +- ...ngOperatorNewThrowsInvalidExceptionCert.ql | 3 +- ...rValueStoredInUnrelatedSmartPointerCert.ql | 3 +- ...UseRandForGeneratingPseudorandomNumbers.ql | 3 +- .../FunctionNoReturnAttributeConditionCert.ql | 3 +- ...sWithUninitializedStaticPointerToMember.ql | 3 +- ...ointerToMemberToAccessNonexistentMember.ql | 3 +- ...fPointerToMemberToAccessUndefinedMember.ql | 3 +- .../BasicStringMayNotBeNullTerminatedCert.ql | 3 +- ...tionMayNotNullTerminateCStyleStringCert.ql | 3 +- ...NonExistingMemberThroughPointerToMember.ql | 3 +- ...MemberThroughUninitializedStaticPointer.ql | 4 +- ...dentifiersNotTypographicallyUnambiguous.ql | 3 +- ...AddressOfAutoStorageObjectToOtherObject.ql | 3 +- ...interArithmeticToAddressDifferentArrays.ql | 3 +- ...rWithExternalLinkageOneDefinitionShared.ql | 3 +- ...ticSpecifierFunctionRedeclarationShared.ql | 3 +- ...izerBracesToMatchAggregateTypeStructure.ql | 3 +- supported_codeql_configs.json | 6 +- 143 files changed, 349 insertions(+), 279 deletions(-) diff --git a/c/cert/src/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.ql b/c/cert/src/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.ql index 332928c240..cc4c99c002 100644 --- a/c/cert/src/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.ql +++ b/c/cert/src/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.ql @@ -12,41 +12,42 @@ * external/cert/obligation/rule */ - import cpp - import codingstandards.c.cert - import codingstandards.c.OutOfBounds - - from - OOB::BufferAccess ba, Expr bufferArg, Expr sizeArg, OOB::PointerToObjectSource bufferSource, - string message - where - not isExcluded(ba, OutOfBoundsPackage::doNotFormOutOfBoundsPointersOrArraySubscriptsQuery()) and - // exclude loops - not exists(Loop loop | loop.getStmt().getChildStmt*() = ba.getEnclosingStmt()) and - // exclude size arguments that are of type ssize_t - not sizeArg.getAChild*().(VariableAccess).getTarget().getType() instanceof Ssize_t and - // exclude size arguments that are assigned the result of a function call e.g. ftell - not sizeArg.getAChild*().(VariableAccess).getTarget().getAnAssignedValue() instanceof FunctionCall and - // exclude field or array accesses for the size arguments - not sizeArg.getAChild*() instanceof FieldAccess and - not sizeArg.getAChild*() instanceof ArrayExpr and - ( - exists(int sizeArgValue, int bufferArgSize | - OOB::isSizeArgGreaterThanBufferSize(bufferArg, sizeArg, bufferSource, bufferArgSize, sizeArgValue, ba) and - message = - "Buffer accesses offset " + sizeArgValue + - " which is greater than the fixed size " + bufferArgSize + " of the $@." - ) - or - exists(int sizeArgUpperBound, int sizeMult, int bufferArgSize | - OOB::isSizeArgNotCheckedLessThanFixedBufferSize(bufferArg, sizeArg, bufferSource, - bufferArgSize, ba, sizeArgUpperBound, sizeMult) and - message = - "Buffer may access up to offset " + sizeArgUpperBound + "*" + sizeMult + - " which is greater than the fixed size " + bufferArgSize + " of the $@." - ) - or - OOB::isSizeArgNotCheckedGreaterThanZero(bufferArg, sizeArg, bufferSource, ba) and - message = "Buffer access may be to a negative index in the buffer." - ) - select ba, message, bufferSource, "buffer" \ No newline at end of file +import cpp +import codingstandards.c.cert +import codingstandards.c.OutOfBounds + +from + OOB::BufferAccess ba, Expr bufferArg, Expr sizeArg, OOB::PointerToObjectSource bufferSource, + string message +where + not isExcluded(ba, OutOfBoundsPackage::doNotFormOutOfBoundsPointersOrArraySubscriptsQuery()) and + // exclude loops + not exists(Loop loop | loop.getStmt().getChildStmt*() = ba.getEnclosingStmt()) and + // exclude size arguments that are of type ssize_t + not sizeArg.getAChild*().(VariableAccess).getTarget().getType() instanceof Ssize_t and + // exclude size arguments that are assigned the result of a function call e.g. ftell + not sizeArg.getAChild*().(VariableAccess).getTarget().getAnAssignedValue() instanceof FunctionCall and + // exclude field or array accesses for the size arguments + not sizeArg.getAChild*() instanceof FieldAccess and + not sizeArg.getAChild*() instanceof ArrayExpr and + ( + exists(int sizeArgValue, int bufferArgSize | + OOB::isSizeArgGreaterThanBufferSize(bufferArg, sizeArg, bufferSource, bufferArgSize, + sizeArgValue, ba) and + message = + "Buffer accesses offset " + sizeArgValue + " which is greater than the fixed size " + + bufferArgSize + " of the $@." + ) + or + exists(int sizeArgUpperBound, int sizeMult, int bufferArgSize | + OOB::isSizeArgNotCheckedLessThanFixedBufferSize(bufferArg, sizeArg, bufferSource, + bufferArgSize, ba, sizeArgUpperBound, sizeMult) and + message = + "Buffer may access up to offset " + sizeArgUpperBound + "*" + sizeMult + + " which is greater than the fixed size " + bufferArgSize + " of the $@." + ) + or + OOB::isSizeArgNotCheckedGreaterThanZero(bufferArg, sizeArg, bufferSource, ba) and + message = "Buffer access may be to a negative index in the buffer." + ) +select ba, message, bufferSource, "buffer" diff --git a/c/cert/src/rules/ARR36-C/DoNotRelatePointersThatDoNotReferToTheSameArray.ql b/c/cert/src/rules/ARR36-C/DoNotRelatePointersThatDoNotReferToTheSameArray.ql index b0cd3200f1..93244bd483 100644 --- a/c/cert/src/rules/ARR36-C/DoNotRelatePointersThatDoNotReferToTheSameArray.ql +++ b/c/cert/src/rules/ARR36-C/DoNotRelatePointersThatDoNotReferToTheSameArray.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.rules.donotuserelationaloperatorswithdifferingarrays.DoNotUseRelationalOperatorsWithDifferingArrays -class DoNotRelatePointersThatDoNotReferToTheSameArrayQuery extends DoNotUseRelationalOperatorsWithDifferingArraysSharedQuery { +class DoNotRelatePointersThatDoNotReferToTheSameArrayQuery extends DoNotUseRelationalOperatorsWithDifferingArraysSharedQuery +{ DoNotRelatePointersThatDoNotReferToTheSameArrayQuery() { this = Memory2Package::doNotRelatePointersThatDoNotReferToTheSameArrayQuery() } diff --git a/c/cert/src/rules/ARR36-C/DoNotSubtractPointersThatDoNotReferToTheSameArray.ql b/c/cert/src/rules/ARR36-C/DoNotSubtractPointersThatDoNotReferToTheSameArray.ql index d62c3eda5a..b3ed62d5d7 100644 --- a/c/cert/src/rules/ARR36-C/DoNotSubtractPointersThatDoNotReferToTheSameArray.ql +++ b/c/cert/src/rules/ARR36-C/DoNotSubtractPointersThatDoNotReferToTheSameArray.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.rules.donotsubtractpointersaddressingdifferentarrays.DoNotSubtractPointersAddressingDifferentArrays -class DoNotSubtractPointersThatDoNotReferToTheSameArrayQuery extends DoNotSubtractPointersAddressingDifferentArraysSharedQuery { +class DoNotSubtractPointersThatDoNotReferToTheSameArrayQuery extends DoNotSubtractPointersAddressingDifferentArraysSharedQuery +{ DoNotSubtractPointersThatDoNotReferToTheSameArrayQuery() { this = Memory2Package::doNotSubtractPointersThatDoNotReferToTheSameArrayQuery() } diff --git a/c/cert/src/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.ql b/c/cert/src/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.ql index 6b499d0282..5082743193 100644 --- a/c/cert/src/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.ql +++ b/c/cert/src/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.ql @@ -22,4 +22,4 @@ from where not isExcluded(fc, OutOfBoundsPackage::libraryFunctionArgumentOutOfBoundsQuery()) and OOB::problems(fc, message, bufferArg, bufferArgStr, sizeOrOtherBufferArg, otherStr) -select fc, message, bufferArg, bufferArgStr, sizeOrOtherBufferArg, otherStr \ No newline at end of file +select fc, message, bufferArg, bufferArgStr, sizeOrOtherBufferArg, otherStr diff --git a/c/cert/src/rules/CON31-C/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql b/c/cert/src/rules/CON31-C/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql index 4e32b6eb15..0bde0b0de7 100644 --- a/c/cert/src/rules/CON31-C/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql +++ b/c/cert/src/rules/CON31-C/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.rules.donotallowamutextogooutofscopewhilelocked.DoNotAllowAMutexToGoOutOfScopeWhileLocked -class DoNotAllowAMutexToGoOutOfScopeWhileLockedQuery extends DoNotAllowAMutexToGoOutOfScopeWhileLockedSharedQuery { +class DoNotAllowAMutexToGoOutOfScopeWhileLockedQuery extends DoNotAllowAMutexToGoOutOfScopeWhileLockedSharedQuery +{ DoNotAllowAMutexToGoOutOfScopeWhileLockedQuery() { this = Concurrency3Package::doNotAllowAMutexToGoOutOfScopeWhileLockedQuery() } diff --git a/c/cert/src/rules/CON33-C/RaceConditionsWhenUsingLibraryFunctions.ql b/c/cert/src/rules/CON33-C/RaceConditionsWhenUsingLibraryFunctions.ql index ff9f0884d7..4efafd8ebf 100644 --- a/c/cert/src/rules/CON33-C/RaceConditionsWhenUsingLibraryFunctions.ql +++ b/c/cert/src/rules/CON33-C/RaceConditionsWhenUsingLibraryFunctions.ql @@ -24,5 +24,5 @@ where "setlocale", "atomic_init", "ATOMIC_VAR_INIT", "tmpnam", "mbrtoc16", "c16rtomb", "mbrtoc32", "c32rtomb" ] -select node, - "Concurrent call to non-reeantrant function $@.", node.(FunctionCall).getTarget(), node.(FunctionCall).getTarget().getName() +select node, "Concurrent call to non-reeantrant function $@.", node.(FunctionCall).getTarget(), + node.(FunctionCall).getTarget().getName() diff --git a/c/cert/src/rules/CON35-C/DeadlockByLockingInPredefinedOrder.ql b/c/cert/src/rules/CON35-C/DeadlockByLockingInPredefinedOrder.ql index 00fa021878..143e0a58be 100644 --- a/c/cert/src/rules/CON35-C/DeadlockByLockingInPredefinedOrder.ql +++ b/c/cert/src/rules/CON35-C/DeadlockByLockingInPredefinedOrder.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.rules.preventdeadlockbylockinginpredefinedorder.PreventDeadlockByLockingInPredefinedOrder -class DeadlockByLockingInPredefinedOrderQuery extends PreventDeadlockByLockingInPredefinedOrderSharedQuery { +class DeadlockByLockingInPredefinedOrderQuery extends PreventDeadlockByLockingInPredefinedOrderSharedQuery +{ DeadlockByLockingInPredefinedOrderQuery() { this = Concurrency2Package::deadlockByLockingInPredefinedOrderQuery() } diff --git a/c/cert/src/rules/CON37-C/DoNotCallSignalInMultithreadedProgram.ql b/c/cert/src/rules/CON37-C/DoNotCallSignalInMultithreadedProgram.ql index 68e0c97ea9..00cf456948 100644 --- a/c/cert/src/rules/CON37-C/DoNotCallSignalInMultithreadedProgram.ql +++ b/c/cert/src/rules/CON37-C/DoNotCallSignalInMultithreadedProgram.ql @@ -24,5 +24,4 @@ where not isExcluded(fc, Concurrency1Package::doNotCallSignalInMultithreadedProgramQuery()) and fc.getTarget().getName() = "signal" and exists(ThreadedFunction f) -select fc, - "Call to `signal()` in multithreaded programs." +select fc, "Call to `signal()` in multithreaded programs." diff --git a/c/cert/src/rules/CON38-C/PreserveSafetyWhenUsingConditionVariables.ql b/c/cert/src/rules/CON38-C/PreserveSafetyWhenUsingConditionVariables.ql index dad45dd592..470480ae62 100644 --- a/c/cert/src/rules/CON38-C/PreserveSafetyWhenUsingConditionVariables.ql +++ b/c/cert/src/rules/CON38-C/PreserveSafetyWhenUsingConditionVariables.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.rules.preservesafetywhenusingconditionvariables.PreserveSafetyWhenUsingConditionVariables -class PreserveSafetyWhenUsingConditionVariablesQuery extends PreserveSafetyWhenUsingConditionVariablesSharedQuery { +class PreserveSafetyWhenUsingConditionVariablesQuery extends PreserveSafetyWhenUsingConditionVariablesSharedQuery +{ PreserveSafetyWhenUsingConditionVariablesQuery() { this = Concurrency3Package::preserveSafetyWhenUsingConditionVariablesQuery() } diff --git a/c/cert/src/rules/CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.ql b/c/cert/src/rules/CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.ql index 1999173a8e..dd8aed6a55 100644 --- a/c/cert/src/rules/CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.ql +++ b/c/cert/src/rules/CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.ql @@ -12,18 +12,16 @@ * external/cert/obligation/rule */ - import cpp - import codingstandards.c.cert - import codingstandards.cpp.Concurrency - +import cpp +import codingstandards.c.cert +import codingstandards.cpp.Concurrency - from AtomicCompareExchange ace - where - not isExcluded(ace, Concurrency3Package::wrapFunctionsThatCanFailSpuriouslyInLoopQuery()) and - ( - forex(StmtParent sp | sp = ace.getStmt() | not sp.(Stmt).getParentStmt*() instanceof Loop) or - forex(Expr e | e = ace.getExpr() | not e.getEnclosingStmt().getParentStmt*() - instanceof Loop) - ) - select ace, "Function that can spuriously fail not wrapped in a loop." - \ No newline at end of file +from AtomicCompareExchange ace +where + not isExcluded(ace, Concurrency3Package::wrapFunctionsThatCanFailSpuriouslyInLoopQuery()) and + ( + forex(StmtParent sp | sp = ace.getStmt() | not sp.(Stmt).getParentStmt*() instanceof Loop) + or + forex(Expr e | e = ace.getExpr() | not e.getEnclosingStmt().getParentStmt*() instanceof Loop) + ) +select ace, "Function that can spuriously fail not wrapped in a loop." diff --git a/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsStackAdressEscape.ql b/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsStackAdressEscape.ql index 95e84a6622..fb9b13b39c 100644 --- a/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsStackAdressEscape.ql +++ b/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsStackAdressEscape.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.rules.donotcopyaddressofautostorageobjecttootherobject.DoNotCopyAddressOfAutoStorageObjectToOtherObject -class AppropriateStorageDurationsStackAdressEscapeQuery extends DoNotCopyAddressOfAutoStorageObjectToOtherObjectSharedQuery { +class AppropriateStorageDurationsStackAdressEscapeQuery extends DoNotCopyAddressOfAutoStorageObjectToOtherObjectSharedQuery +{ AppropriateStorageDurationsStackAdressEscapeQuery() { this = Declarations8Package::appropriateStorageDurationsStackAdressEscapeQuery() } diff --git a/c/cert/src/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.ql b/c/cert/src/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.ql index 7a8a0e6d46..1199fbeb9b 100644 --- a/c/cert/src/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.ql +++ b/c/cert/src/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.rules.informationleakageacrossboundaries.InformationLeakageAcrossBoundaries -class InformationLeakageAcrossTrustBoundariesCQuery extends InformationLeakageAcrossBoundariesSharedQuery { +class InformationLeakageAcrossTrustBoundariesCQuery extends InformationLeakageAcrossBoundariesSharedQuery +{ InformationLeakageAcrossTrustBoundariesCQuery() { this = Declarations7Package::informationLeakageAcrossTrustBoundariesCQuery() } diff --git a/c/cert/src/rules/ENV34-C/DoNotStorePointersReturnedByEnvironmentFunWarn.ql b/c/cert/src/rules/ENV34-C/DoNotStorePointersReturnedByEnvironmentFunWarn.ql index d46b5b36b8..b5dd9f4d80 100644 --- a/c/cert/src/rules/ENV34-C/DoNotStorePointersReturnedByEnvironmentFunWarn.ql +++ b/c/cert/src/rules/ENV34-C/DoNotStorePointersReturnedByEnvironmentFunWarn.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.rules.invalidatedenvstringpointerswarn.InvalidatedEnvStringPointersWarn -class DoNotStorePointersReturnedByEnvironmentFunWarnQuery extends InvalidatedEnvStringPointersWarnSharedQuery { +class DoNotStorePointersReturnedByEnvironmentFunWarnQuery extends InvalidatedEnvStringPointersWarnSharedQuery +{ DoNotStorePointersReturnedByEnvironmentFunWarnQuery() { this = Contracts2Package::doNotStorePointersReturnedByEnvironmentFunWarnQuery() } diff --git a/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql b/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql index baccfbd348..ab121a5cc6 100644 --- a/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql +++ b/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql @@ -16,7 +16,6 @@ import codingstandards.c.Errno import codingstandards.c.Signal import semmle.code.cpp.controlflow.Guards - /** * A check on `signal` call return value * `if (signal(SIGINT, handler) == SIG_ERR)` diff --git a/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql b/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql index 7dd8489415..9a8d5eaebb 100644 --- a/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql +++ b/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql @@ -118,7 +118,8 @@ class DefaultAlignedPointerExpr extends UnconvertedCastFromNonVoidPointerExpr, E * to exclude an `DefaultAlignedPointerAccessExpr` as a source if a preceding source * defined by this configuration provides more accurate alignment information. */ -class AllocationOrAddressOfExprToUnconvertedCastFromNonVoidPointerExprConfig extends DataFlow2::Configuration { +class AllocationOrAddressOfExprToUnconvertedCastFromNonVoidPointerExprConfig extends DataFlow2::Configuration +{ AllocationOrAddressOfExprToUnconvertedCastFromNonVoidPointerExprConfig() { this = "AllocationOrAddressOfExprToUnconvertedCastFromNonVoidPointerExprConfig" } diff --git a/c/cert/src/rules/EXP42-C/DoNotComparePaddingData.ql b/c/cert/src/rules/EXP42-C/DoNotComparePaddingData.ql index d2403553aa..9592ebfd30 100644 --- a/c/cert/src/rules/EXP42-C/DoNotComparePaddingData.ql +++ b/c/cert/src/rules/EXP42-C/DoNotComparePaddingData.ql @@ -15,7 +15,5 @@ import codingstandards.c.cert import codingstandards.cpp.rules.memcmpusedtocomparepaddingdata.MemcmpUsedToComparePaddingData class DoNotComparePaddingDataQuery extends MemcmpUsedToComparePaddingDataSharedQuery { - DoNotComparePaddingDataQuery() { - this = Memory2Package::doNotComparePaddingDataQuery() - } + DoNotComparePaddingDataQuery() { this = Memory2Package::doNotComparePaddingDataQuery() } } diff --git a/c/cert/src/rules/FIO39-C/DoNotAlternatelyIOFromAStreamWithoutPositioning.ql b/c/cert/src/rules/FIO39-C/DoNotAlternatelyIOFromAStreamWithoutPositioning.ql index 4983e3a69a..668a7d982e 100644 --- a/c/cert/src/rules/FIO39-C/DoNotAlternatelyIOFromAStreamWithoutPositioning.ql +++ b/c/cert/src/rules/FIO39-C/DoNotAlternatelyIOFromAStreamWithoutPositioning.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.rules.iofstreammissingpositioning.IOFstreamMissingPositioning -class DoNotAlternatelyIOFromAStreamWithoutPositioningQuery extends IOFstreamMissingPositioningSharedQuery { +class DoNotAlternatelyIOFromAStreamWithoutPositioningQuery extends IOFstreamMissingPositioningSharedQuery +{ DoNotAlternatelyIOFromAStreamWithoutPositioningQuery() { this = IO1Package::doNotAlternatelyIOFromAStreamWithoutPositioningQuery() } diff --git a/c/cert/src/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.ql b/c/cert/src/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.ql index b7cfd40da5..3650fad82f 100644 --- a/c/cert/src/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.ql +++ b/c/cert/src/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.rules.closefilehandlewhennolongerneededshared.CloseFileHandleWhenNoLongerNeededShared -class CloseFilesWhenTheyAreNoLongerNeededQuery extends CloseFileHandleWhenNoLongerNeededSharedSharedQuery { +class CloseFilesWhenTheyAreNoLongerNeededQuery extends CloseFileHandleWhenNoLongerNeededSharedSharedQuery +{ CloseFilesWhenTheyAreNoLongerNeededQuery() { this = IO1Package::closeFilesWhenTheyAreNoLongerNeededQuery() } diff --git a/c/cert/src/rules/MEM34-C/OnlyFreeMemoryAllocatedDynamicallyCert.ql b/c/cert/src/rules/MEM34-C/OnlyFreeMemoryAllocatedDynamicallyCert.ql index a51effec5a..95da1cc86a 100644 --- a/c/cert/src/rules/MEM34-C/OnlyFreeMemoryAllocatedDynamicallyCert.ql +++ b/c/cert/src/rules/MEM34-C/OnlyFreeMemoryAllocatedDynamicallyCert.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.rules.onlyfreememoryallocateddynamicallyshared.OnlyFreeMemoryAllocatedDynamicallyShared -class OnlyFreeMemoryAllocatedDynamicallyCertQuery extends OnlyFreeMemoryAllocatedDynamicallySharedSharedQuery { +class OnlyFreeMemoryAllocatedDynamicallyCertQuery extends OnlyFreeMemoryAllocatedDynamicallySharedSharedQuery +{ OnlyFreeMemoryAllocatedDynamicallyCertQuery() { this = Memory2Package::onlyFreeMemoryAllocatedDynamicallyCertQuery() } diff --git a/c/cert/src/rules/MSC30-C/RandUsedForGeneratingPseudorandomNumbers.ql b/c/cert/src/rules/MSC30-C/RandUsedForGeneratingPseudorandomNumbers.ql index 5feb7d5f99..ed553b9814 100644 --- a/c/cert/src/rules/MSC30-C/RandUsedForGeneratingPseudorandomNumbers.ql +++ b/c/cert/src/rules/MSC30-C/RandUsedForGeneratingPseudorandomNumbers.ql @@ -14,7 +14,8 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.rules.donotuserandforgeneratingpseudorandomnumbers.DoNotUseRandForGeneratingPseudorandomNumbers -class RandUsedForGeneratingPseudorandomNumbersQuery extends DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery { +class RandUsedForGeneratingPseudorandomNumbersQuery extends DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery +{ RandUsedForGeneratingPseudorandomNumbersQuery() { this = MiscPackage::randUsedForGeneratingPseudorandomNumbersQuery() } diff --git a/c/cert/src/rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators.ql b/c/cert/src/rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators.ql index b175dd5fa2..2c3db87ee8 100644 --- a/c/cert/src/rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators.ql +++ b/c/cert/src/rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators.ql @@ -15,30 +15,22 @@ import codingstandards.c.cert /** Defines a class that models function calls to srandom() */ class SRandomCall extends FunctionCall { - SRandomCall(){ - getTarget().hasGlobalOrStdName("srandom") - } + SRandomCall() { getTarget().hasGlobalOrStdName("srandom") } /** Holds if the call is not obviously trivial. */ - predicate isTrivial(){ - getArgument(0) instanceof Literal - } + predicate isTrivial() { getArgument(0) instanceof Literal } } from FunctionCall fc where not isExcluded(fc, MiscPackage::properlySeedPseudorandomNumberGeneratorsQuery()) and - - // find all calls to random() - fc.getTarget().hasGlobalOrStdName("random") and - + // find all calls to random() + fc.getTarget().hasGlobalOrStdName("random") and // where there isn't a call to srandom that comes before it that is // non-trivial not exists(SRandomCall sr | - // normally we would want to do this in reverse --- but srandom() is - // not pure and the order does not matter. + // normally we would want to do this in reverse --- but srandom() is + // not pure and the order does not matter. sr.getASuccessor*() = fc and not sr.isTrivial() ) - - select fc, "Call to `random()` without a valid call to `srandom()`." diff --git a/c/cert/src/rules/MSC37-C/ControlFlowReachesTheEndOfANonVoidFunction.ql b/c/cert/src/rules/MSC37-C/ControlFlowReachesTheEndOfANonVoidFunction.ql index 2f141417bf..c56f3e48c1 100644 --- a/c/cert/src/rules/MSC37-C/ControlFlowReachesTheEndOfANonVoidFunction.ql +++ b/c/cert/src/rules/MSC37-C/ControlFlowReachesTheEndOfANonVoidFunction.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.rules.nonvoidfunctiondoesnotreturn.NonVoidFunctionDoesNotReturn -class ControlFlowReachesTheEndOfANonVoidFunctionQuery extends NonVoidFunctionDoesNotReturnSharedQuery { +class ControlFlowReachesTheEndOfANonVoidFunctionQuery extends NonVoidFunctionDoesNotReturnSharedQuery +{ ControlFlowReachesTheEndOfANonVoidFunctionQuery() { this = MiscPackage::controlFlowReachesTheEndOfANonVoidFunctionQuery() } diff --git a/c/common/test/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.ql b/c/common/test/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.ql index 16a160b121..64357d95de 100644 --- a/c/common/test/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.ql +++ b/c/common/test/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.differentidentifiersnottypographicallyunambiguous.DifferentIdentifiersNotTypographicallyUnambiguous -class TestFileQuery extends DifferentIdentifiersNotTypographicallyUnambiguousSharedQuery, TestQuery { } +class TestFileQuery extends DifferentIdentifiersNotTypographicallyUnambiguousSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/donotcopyaddressofautostorageobjecttootherobject/DoNotCopyAddressOfAutoStorageObjectToOtherObject.ql b/c/common/test/rules/donotcopyaddressofautostorageobjecttootherobject/DoNotCopyAddressOfAutoStorageObjectToOtherObject.ql index 782afa4cee..9955572e73 100644 --- a/c/common/test/rules/donotcopyaddressofautostorageobjecttootherobject/DoNotCopyAddressOfAutoStorageObjectToOtherObject.ql +++ b/c/common/test/rules/donotcopyaddressofautostorageobjecttootherobject/DoNotCopyAddressOfAutoStorageObjectToOtherObject.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotcopyaddressofautostorageobjecttootherobject.DoNotCopyAddressOfAutoStorageObjectToOtherObject -class TestFileQuery extends DoNotCopyAddressOfAutoStorageObjectToOtherObjectSharedQuery, TestQuery { } +class TestFileQuery extends DoNotCopyAddressOfAutoStorageObjectToOtherObjectSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.ql b/c/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.ql index 79e322e22c..c0a3435e05 100644 --- a/c/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.ql +++ b/c/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotusepointerarithmetictoaddressdifferentarrays.DoNotUsePointerArithmeticToAddressDifferentArrays -class TestFileQuery extends DoNotUsePointerArithmeticToAddressDifferentArraysSharedQuery, TestQuery { } +class TestFileQuery extends DoNotUsePointerArithmeticToAddressDifferentArraysSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/identifierwithexternallinkageonedefinitionshared/IdentifierWithExternalLinkageOneDefinitionShared.ql b/c/common/test/rules/identifierwithexternallinkageonedefinitionshared/IdentifierWithExternalLinkageOneDefinitionShared.ql index ebe9a75d1e..d50eb53652 100644 --- a/c/common/test/rules/identifierwithexternallinkageonedefinitionshared/IdentifierWithExternalLinkageOneDefinitionShared.ql +++ b/c/common/test/rules/identifierwithexternallinkageonedefinitionshared/IdentifierWithExternalLinkageOneDefinitionShared.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.identifierwithexternallinkageonedefinitionshared.IdentifierWithExternalLinkageOneDefinitionShared -class TestFileQuery extends IdentifierWithExternalLinkageOneDefinitionSharedSharedQuery, TestQuery { } +class TestFileQuery extends IdentifierWithExternalLinkageOneDefinitionSharedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.ql b/c/common/test/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.ql index 5113873b8b..f84cbf8698 100644 --- a/c/common/test/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.ql +++ b/c/common/test/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.missingstaticspecifierfunctionredeclarationshared.MissingStaticSpecifierFunctionRedeclarationShared -class TestFileQuery extends MissingStaticSpecifierFunctionRedeclarationSharedSharedQuery, TestQuery { } +class TestFileQuery extends MissingStaticSpecifierFunctionRedeclarationSharedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.ql b/c/common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.ql index 8ddcc5bc7e..b2bbb0ff1c 100644 --- a/c/common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.ql +++ b/c/common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.useinitializerbracestomatchaggregatetypestructure.UseInitializerBracesToMatchAggregateTypeStructure -class TestFileQuery extends UseInitializerBracesToMatchAggregateTypeStructureSharedQuery, TestQuery { } +class TestFileQuery extends UseInitializerBracesToMatchAggregateTypeStructureSharedQuery, TestQuery { +} diff --git a/c/misra/src/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.ql b/c/misra/src/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.ql index d1a8a80046..9503024671 100644 --- a/c/misra/src/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.ql +++ b/c/misra/src/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.usageofassemblernotdocumented.UsageOfAssemblerNotDocumented -class UsageOfAssemblyLanguageShouldBeDocumentedQuery extends UsageOfAssemblerNotDocumentedSharedQuery { +class UsageOfAssemblyLanguageShouldBeDocumentedQuery extends UsageOfAssemblerNotDocumentedSharedQuery +{ UsageOfAssemblyLanguageShouldBeDocumentedQuery() { this = Language2Package::usageOfAssemblyLanguageShouldBeDocumentedQuery() } diff --git a/c/misra/src/rules/DIR-4-4/SectionsOfCodeShallNotBeCommentedOut.ql b/c/misra/src/rules/DIR-4-4/SectionsOfCodeShallNotBeCommentedOut.ql index 1831f211dd..d0af758699 100644 --- a/c/misra/src/rules/DIR-4-4/SectionsOfCodeShallNotBeCommentedOut.ql +++ b/c/misra/src/rules/DIR-4-4/SectionsOfCodeShallNotBeCommentedOut.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.sectionsofcodeshallnotbecommentedout.SectionsOfCodeShallNotBeCommentedOut -class SectionsOfCodeShallNotBeCommentedOutQuery extends SectionsOfCodeShallNotBeCommentedOutSharedQuery { +class SectionsOfCodeShallNotBeCommentedOutQuery extends SectionsOfCodeShallNotBeCommentedOutSharedQuery +{ SectionsOfCodeShallNotBeCommentedOutQuery() { this = SyntaxPackage::sectionsOfCodeShallNotBeCommentedOutQuery() } diff --git a/c/misra/src/rules/DIR-4-5/IdentifiersInTheSameNameSpaceUnambiguous.ql b/c/misra/src/rules/DIR-4-5/IdentifiersInTheSameNameSpaceUnambiguous.ql index 954bdf687b..ced5bce28f 100644 --- a/c/misra/src/rules/DIR-4-5/IdentifiersInTheSameNameSpaceUnambiguous.ql +++ b/c/misra/src/rules/DIR-4-5/IdentifiersInTheSameNameSpaceUnambiguous.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.differentidentifiersnottypographicallyunambiguous.DifferentIdentifiersNotTypographicallyUnambiguous -class IdentifiersInTheSameNameSpaceUnambiguousQuery extends DifferentIdentifiersNotTypographicallyUnambiguousSharedQuery { +class IdentifiersInTheSameNameSpaceUnambiguousQuery extends DifferentIdentifiersNotTypographicallyUnambiguousSharedQuery +{ IdentifiersInTheSameNameSpaceUnambiguousQuery() { this = SyntaxPackage::identifiersInTheSameNameSpaceUnambiguousQuery() } diff --git a/c/misra/src/rules/RULE-1-4/EmergentLanguageFeaturesUsed.ql b/c/misra/src/rules/RULE-1-4/EmergentLanguageFeaturesUsed.ql index e5c55d4fc5..56ab349a11 100644 --- a/c/misra/src/rules/RULE-1-4/EmergentLanguageFeaturesUsed.ql +++ b/c/misra/src/rules/RULE-1-4/EmergentLanguageFeaturesUsed.ql @@ -18,4 +18,3 @@ import codingstandards.cpp.Emergent from C11::EmergentLanguageFeature ef where not isExcluded(ef, Language2Package::emergentLanguageFeaturesUsedQuery()) select ef, "Usage of emergent language feature." - diff --git a/c/misra/src/rules/RULE-11-7/CastBetweenPointerToObjectAndNonIntArithmeticType.ql b/c/misra/src/rules/RULE-11-7/CastBetweenPointerToObjectAndNonIntArithmeticType.ql index 3be7644b9d..30b643963c 100644 --- a/c/misra/src/rules/RULE-11-7/CastBetweenPointerToObjectAndNonIntArithmeticType.ql +++ b/c/misra/src/rules/RULE-11-7/CastBetweenPointerToObjectAndNonIntArithmeticType.ql @@ -31,5 +31,4 @@ where typeTo = cast.getUnderlyingType() and [typeFrom, typeTo] instanceof MisraNonIntegerArithmeticType and [typeFrom, typeTo] instanceof PointerToObjectType -select cast, - "Cast performed between a pointer to object type and a non-integer arithmetic type." \ No newline at end of file +select cast, "Cast performed between a pointer to object type and a non-integer arithmetic type." diff --git a/c/misra/src/rules/RULE-11-9/MacroNullNotUsedAsIntegerNullPointerConstant.ql b/c/misra/src/rules/RULE-11-9/MacroNullNotUsedAsIntegerNullPointerConstant.ql index 844229de2f..81ea8b1dfd 100644 --- a/c/misra/src/rules/RULE-11-9/MacroNullNotUsedAsIntegerNullPointerConstant.ql +++ b/c/misra/src/rules/RULE-11-9/MacroNullNotUsedAsIntegerNullPointerConstant.ql @@ -15,7 +15,6 @@ import codingstandards.c.misra import codingstandards.c.Pointers import codingstandards.cpp.Type - from Zero zero, Expr e, string type where not isExcluded(zero, Pointers1Package::macroNullNotUsedAsIntegerNullPointerConstantQuery()) and diff --git a/c/misra/src/rules/RULE-12-2/RightHandOperandOfAShiftRange.ql b/c/misra/src/rules/RULE-12-2/RightHandOperandOfAShiftRange.ql index 03b33f4368..891ca1e82a 100644 --- a/c/misra/src/rules/RULE-12-2/RightHandOperandOfAShiftRange.ql +++ b/c/misra/src/rules/RULE-12-2/RightHandOperandOfAShiftRange.ql @@ -29,4 +29,5 @@ where lowerBound(right) < 0 or upperBound(right) > max_val ) -select right, "The right hand operand of the shift operator shall lie in the range 0 to " + max_val + "." \ No newline at end of file +select right, + "The right hand operand of the shift operator shall lie in the range 0 to " + max_val + "." diff --git a/c/misra/src/rules/RULE-12-3/CommaOperatorShouldNotBeUsed.ql b/c/misra/src/rules/RULE-12-3/CommaOperatorShouldNotBeUsed.ql index d6d00044dd..ec782d84f5 100644 --- a/c/misra/src/rules/RULE-12-3/CommaOperatorShouldNotBeUsed.ql +++ b/c/misra/src/rules/RULE-12-3/CommaOperatorShouldNotBeUsed.ql @@ -15,7 +15,5 @@ import codingstandards.c.misra import codingstandards.cpp.rules.commaoperatorused.CommaOperatorUsed class CommaOperatorShouldNotBeUsedQuery extends CommaOperatorUsedSharedQuery { - CommaOperatorShouldNotBeUsedQuery() { - this = BannedPackage::commaOperatorShouldNotBeUsedQuery() - } + CommaOperatorShouldNotBeUsedQuery() { this = BannedPackage::commaOperatorShouldNotBeUsedQuery() } } diff --git a/c/misra/src/rules/RULE-12-4/ConstantUnsignedIntegerExpressionsWrapAround.ql b/c/misra/src/rules/RULE-12-4/ConstantUnsignedIntegerExpressionsWrapAround.ql index b5d508dfe1..5009ef292d 100644 --- a/c/misra/src/rules/RULE-12-4/ConstantUnsignedIntegerExpressionsWrapAround.ql +++ b/c/misra/src/rules/RULE-12-4/ConstantUnsignedIntegerExpressionsWrapAround.ql @@ -21,7 +21,8 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.constantunsignedintegerexpressionswraparound.ConstantUnsignedIntegerExpressionsWrapAround -class ConstantUnsignedIntegerExpressionsWrapAroundQuery extends ConstantUnsignedIntegerExpressionsWrapAroundSharedQuery { +class ConstantUnsignedIntegerExpressionsWrapAroundQuery extends ConstantUnsignedIntegerExpressionsWrapAroundSharedQuery +{ ConstantUnsignedIntegerExpressionsWrapAroundQuery() { this = IntegerOverflowPackage::constantUnsignedIntegerExpressionsWrapAroundQuery() } diff --git a/c/misra/src/rules/RULE-15-2/GotoLabelLocationCondition.ql b/c/misra/src/rules/RULE-15-2/GotoLabelLocationCondition.ql index 7ad9963d14..d12521dd7e 100644 --- a/c/misra/src/rules/RULE-15-2/GotoLabelLocationCondition.ql +++ b/c/misra/src/rules/RULE-15-2/GotoLabelLocationCondition.ql @@ -16,7 +16,5 @@ import codingstandards.c.misra import codingstandards.cpp.rules.gotostatementcondition.GotoStatementCondition class GotoLabelLocationConditionQuery extends GotoStatementConditionSharedQuery { - GotoLabelLocationConditionQuery() { - this = Statements2Package::gotoLabelLocationConditionQuery() - } + GotoLabelLocationConditionQuery() { this = Statements2Package::gotoLabelLocationConditionQuery() } } diff --git a/c/misra/src/rules/RULE-15-7/IfElseEndCondition.ql b/c/misra/src/rules/RULE-15-7/IfElseEndCondition.ql index 96132d3deb..f3992d26f5 100644 --- a/c/misra/src/rules/RULE-15-7/IfElseEndCondition.ql +++ b/c/misra/src/rules/RULE-15-7/IfElseEndCondition.ql @@ -16,7 +16,5 @@ import codingstandards.c.misra import codingstandards.cpp.rules.ifelseterminationconstruct.IfElseTerminationConstruct class IfElseEndConditionQuery extends IfElseTerminationConstructSharedQuery { - IfElseEndConditionQuery() { - this = Statements3Package::ifElseEndConditionQuery() - } + IfElseEndConditionQuery() { this = Statements3Package::ifElseEndConditionQuery() } } diff --git a/c/misra/src/rules/RULE-16-1/SwitchCaseStartCondition.ql b/c/misra/src/rules/RULE-16-1/SwitchCaseStartCondition.ql index 32d390e33e..e30ac1bd7b 100644 --- a/c/misra/src/rules/RULE-16-1/SwitchCaseStartCondition.ql +++ b/c/misra/src/rules/RULE-16-1/SwitchCaseStartCondition.ql @@ -16,7 +16,5 @@ import codingstandards.c.misra import codingstandards.cpp.rules.switchcasepositioncondition.SwitchCasePositionCondition class SwitchCaseStartConditionQuery extends SwitchCasePositionConditionSharedQuery { - SwitchCaseStartConditionQuery() { - this = Statements3Package::switchCaseStartConditionQuery() - } + SwitchCaseStartConditionQuery() { this = Statements3Package::switchCaseStartConditionQuery() } } diff --git a/c/misra/src/rules/RULE-16-1/SwitchStmtNotWellFormed.ql b/c/misra/src/rules/RULE-16-1/SwitchStmtNotWellFormed.ql index 30293e41dd..9da9242a78 100644 --- a/c/misra/src/rules/RULE-16-1/SwitchStmtNotWellFormed.ql +++ b/c/misra/src/rules/RULE-16-1/SwitchStmtNotWellFormed.ql @@ -16,7 +16,5 @@ import codingstandards.c.misra import codingstandards.cpp.rules.switchnotwellformed.SwitchNotWellFormed class SwitchStmtNotWellFormedQuery extends SwitchNotWellFormedSharedQuery { - SwitchStmtNotWellFormedQuery() { - this = Statements3Package::switchStmtNotWellFormedQuery() - } + SwitchStmtNotWellFormedQuery() { this = Statements3Package::switchStmtNotWellFormedQuery() } } diff --git a/c/misra/src/rules/RULE-18-1/PointerAndDerivedPointerMustAddressSameArray.ql b/c/misra/src/rules/RULE-18-1/PointerAndDerivedPointerMustAddressSameArray.ql index 689d711ec2..f17d596ead 100644 --- a/c/misra/src/rules/RULE-18-1/PointerAndDerivedPointerMustAddressSameArray.ql +++ b/c/misra/src/rules/RULE-18-1/PointerAndDerivedPointerMustAddressSameArray.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.donotusepointerarithmetictoaddressdifferentarrays.DoNotUsePointerArithmeticToAddressDifferentArrays -class PointerAndDerivedPointerMustAddressSameArrayQuery extends DoNotUsePointerArithmeticToAddressDifferentArraysSharedQuery { +class PointerAndDerivedPointerMustAddressSameArrayQuery extends DoNotUsePointerArithmeticToAddressDifferentArraysSharedQuery +{ PointerAndDerivedPointerMustAddressSameArrayQuery() { this = Pointers1Package::pointerAndDerivedPointerMustAddressSameArrayQuery() } diff --git a/c/misra/src/rules/RULE-18-2/SubtractionBetweenPointersMustAddressSameArray.ql b/c/misra/src/rules/RULE-18-2/SubtractionBetweenPointersMustAddressSameArray.ql index 4eb5c5b7fb..b6fbb31f1c 100644 --- a/c/misra/src/rules/RULE-18-2/SubtractionBetweenPointersMustAddressSameArray.ql +++ b/c/misra/src/rules/RULE-18-2/SubtractionBetweenPointersMustAddressSameArray.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.donotsubtractpointersaddressingdifferentarrays.DoNotSubtractPointersAddressingDifferentArrays -class SubtractionBetweenPointersMustAddressSameArrayQuery extends DoNotSubtractPointersAddressingDifferentArraysSharedQuery { +class SubtractionBetweenPointersMustAddressSameArrayQuery extends DoNotSubtractPointersAddressingDifferentArraysSharedQuery +{ SubtractionBetweenPointersMustAddressSameArrayQuery() { this = Pointers1Package::subtractionBetweenPointersMustAddressSameArrayQuery() } diff --git a/c/misra/src/rules/RULE-18-3/RelationalOperatorComparesPointerToDifferentArray.ql b/c/misra/src/rules/RULE-18-3/RelationalOperatorComparesPointerToDifferentArray.ql index 7e6cd78a6a..d7785a2d0e 100644 --- a/c/misra/src/rules/RULE-18-3/RelationalOperatorComparesPointerToDifferentArray.ql +++ b/c/misra/src/rules/RULE-18-3/RelationalOperatorComparesPointerToDifferentArray.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.donotuserelationaloperatorswithdifferingarrays.DoNotUseRelationalOperatorsWithDifferingArrays -class RelationalOperatorComparesPointerToDifferentArrayQuery extends DoNotUseRelationalOperatorsWithDifferingArraysSharedQuery { +class RelationalOperatorComparesPointerToDifferentArrayQuery extends DoNotUseRelationalOperatorsWithDifferingArraysSharedQuery +{ RelationalOperatorComparesPointerToDifferentArrayQuery() { this = Pointers1Package::relationalOperatorComparesPointerToDifferentArrayQuery() } diff --git a/c/misra/src/rules/RULE-18-4/DoNotUseAdditionOrSubtractionOperatorsOnPointers.ql b/c/misra/src/rules/RULE-18-4/DoNotUseAdditionOrSubtractionOperatorsOnPointers.ql index 3263640266..a5f8a85ff1 100644 --- a/c/misra/src/rules/RULE-18-4/DoNotUseAdditionOrSubtractionOperatorsOnPointers.ql +++ b/c/misra/src/rules/RULE-18-4/DoNotUseAdditionOrSubtractionOperatorsOnPointers.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.useonlyarrayindexingforpointerarithmetic.UseOnlyArrayIndexingForPointerArithmetic -class DoNotUseAdditionOrSubtractionOperatorsOnPointersQuery extends UseOnlyArrayIndexingForPointerArithmeticSharedQuery { +class DoNotUseAdditionOrSubtractionOperatorsOnPointersQuery extends UseOnlyArrayIndexingForPointerArithmeticSharedQuery +{ DoNotUseAdditionOrSubtractionOperatorsOnPointersQuery() { this = Pointers1Package::doNotUseAdditionOrSubtractionOperatorsOnPointersQuery() } diff --git a/c/misra/src/rules/RULE-18-5/NoMoreThanTwoLevelsOfPointerNestingInDeclarations.ql b/c/misra/src/rules/RULE-18-5/NoMoreThanTwoLevelsOfPointerNestingInDeclarations.ql index c9d99469e0..7a847acbfa 100644 --- a/c/misra/src/rules/RULE-18-5/NoMoreThanTwoLevelsOfPointerNestingInDeclarations.ql +++ b/c/misra/src/rules/RULE-18-5/NoMoreThanTwoLevelsOfPointerNestingInDeclarations.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.donotusemorethantwolevelsofpointerindirection.DoNotUseMoreThanTwoLevelsOfPointerIndirection -class NoMoreThanTwoLevelsOfPointerNestingInDeclarationsQuery extends DoNotUseMoreThanTwoLevelsOfPointerIndirectionSharedQuery { +class NoMoreThanTwoLevelsOfPointerNestingInDeclarationsQuery extends DoNotUseMoreThanTwoLevelsOfPointerIndirectionSharedQuery +{ NoMoreThanTwoLevelsOfPointerNestingInDeclarationsQuery() { this = Pointers1Package::noMoreThanTwoLevelsOfPointerNestingInDeclarationsQuery() } diff --git a/c/misra/src/rules/RULE-18-6/AutomaticStorageObjectAddressCopiedToOtherObject.ql b/c/misra/src/rules/RULE-18-6/AutomaticStorageObjectAddressCopiedToOtherObject.ql index 499b730e2f..6d947efb16 100644 --- a/c/misra/src/rules/RULE-18-6/AutomaticStorageObjectAddressCopiedToOtherObject.ql +++ b/c/misra/src/rules/RULE-18-6/AutomaticStorageObjectAddressCopiedToOtherObject.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.donotcopyaddressofautostorageobjecttootherobject.DoNotCopyAddressOfAutoStorageObjectToOtherObject -class AutomaticStorageObjectAddressCopiedToOtherObjectQuery extends DoNotCopyAddressOfAutoStorageObjectToOtherObjectSharedQuery { +class AutomaticStorageObjectAddressCopiedToOtherObjectQuery extends DoNotCopyAddressOfAutoStorageObjectToOtherObjectSharedQuery +{ AutomaticStorageObjectAddressCopiedToOtherObjectQuery() { this = Pointers1Package::automaticStorageObjectAddressCopiedToOtherObjectQuery() } diff --git a/c/misra/src/rules/RULE-2-1/UnreachableCode.ql b/c/misra/src/rules/RULE-2-1/UnreachableCode.ql index 886b0ec285..5de46fd9ea 100644 --- a/c/misra/src/rules/RULE-2-1/UnreachableCode.ql +++ b/c/misra/src/rules/RULE-2-1/UnreachableCode.ql @@ -17,7 +17,5 @@ import codingstandards.c.misra import codingstandards.cpp.rules.unreachablecode.UnreachableCode class UnreachableCodeQuery extends UnreachableCodeSharedQuery { - UnreachableCodeQuery() { - this = DeadCodePackage::unreachableCodeQuery() - } + UnreachableCodeQuery() { this = DeadCodePackage::unreachableCodeQuery() } } diff --git a/c/misra/src/rules/RULE-2-7/UnusedParameter.ql b/c/misra/src/rules/RULE-2-7/UnusedParameter.ql index 0c47ebf130..b9c2f32f60 100644 --- a/c/misra/src/rules/RULE-2-7/UnusedParameter.ql +++ b/c/misra/src/rules/RULE-2-7/UnusedParameter.ql @@ -16,7 +16,5 @@ import codingstandards.c.misra import codingstandards.cpp.rules.unusedparameter.UnusedParameter class UnusedParameterQuery extends UnusedParameterSharedQuery { - UnusedParameterQuery() { - this = DeadCodePackage::unusedParameterQuery() - } + UnusedParameterQuery() { this = DeadCodePackage::unusedParameterQuery() } } diff --git a/c/misra/src/rules/RULE-20-2/ForbiddenCharactersInHeaderFileName.ql b/c/misra/src/rules/RULE-20-2/ForbiddenCharactersInHeaderFileName.ql index 37d735fb92..a9b27e8669 100644 --- a/c/misra/src/rules/RULE-20-2/ForbiddenCharactersInHeaderFileName.ql +++ b/c/misra/src/rules/RULE-20-2/ForbiddenCharactersInHeaderFileName.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.preprocessorincludesforbiddenheadernames.PreprocessorIncludesForbiddenHeaderNames -class PreprocessorIncludesForbiddenHeaderNames extends PreprocessorIncludesForbiddenHeaderNamesSharedQuery { +class PreprocessorIncludesForbiddenHeaderNames extends PreprocessorIncludesForbiddenHeaderNamesSharedQuery +{ PreprocessorIncludesForbiddenHeaderNames() { this = Preprocessor1Package::forbiddenCharactersInHeaderFileNameQuery() } diff --git a/c/misra/src/rules/RULE-20-6/FunctionLikeMacroArgsContainHashTokenCQuery.ql b/c/misra/src/rules/RULE-20-6/FunctionLikeMacroArgsContainHashTokenCQuery.ql index 3006b9ab15..3e212dc972 100644 --- a/c/misra/src/rules/RULE-20-6/FunctionLikeMacroArgsContainHashTokenCQuery.ql +++ b/c/misra/src/rules/RULE-20-6/FunctionLikeMacroArgsContainHashTokenCQuery.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.preprocessingdirectivewithinmacroargument.PreprocessingDirectiveWithinMacroArgument -class FunctionLikeMacroArgsContainHashTokenCQueryQuery extends PreprocessingDirectiveWithinMacroArgumentSharedQuery { +class FunctionLikeMacroArgsContainHashTokenCQueryQuery extends PreprocessingDirectiveWithinMacroArgumentSharedQuery +{ FunctionLikeMacroArgsContainHashTokenCQueryQuery() { this = Preprocessor4Package::functionLikeMacroArgsContainHashTokenCQueryQuery() } diff --git a/c/misra/src/rules/RULE-20-7/MacroParameterNotEnclosedInParenthesesCQuery.ql b/c/misra/src/rules/RULE-20-7/MacroParameterNotEnclosedInParenthesesCQuery.ql index 257bc8d9f7..ad4882d07c 100644 --- a/c/misra/src/rules/RULE-20-7/MacroParameterNotEnclosedInParenthesesCQuery.ql +++ b/c/misra/src/rules/RULE-20-7/MacroParameterNotEnclosedInParenthesesCQuery.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.macroparameternotenclosedinparentheses.MacroParameterNotEnclosedInParentheses -class MacroParameterNotEnclosedInParenthesesCQueryQuery extends MacroParameterNotEnclosedInParenthesesSharedQuery { +class MacroParameterNotEnclosedInParenthesesCQueryQuery extends MacroParameterNotEnclosedInParenthesesSharedQuery +{ MacroParameterNotEnclosedInParenthesesCQueryQuery() { this = Preprocessor5Package::macroParameterNotEnclosedInParenthesesCQueryQuery() } diff --git a/c/misra/src/rules/RULE-21-17/StringFunctionPointerArgumentOutOfBounds.ql b/c/misra/src/rules/RULE-21-17/StringFunctionPointerArgumentOutOfBounds.ql index cf1e8cda1b..a4850781f6 100644 --- a/c/misra/src/rules/RULE-21-17/StringFunctionPointerArgumentOutOfBounds.ql +++ b/c/misra/src/rules/RULE-21-17/StringFunctionPointerArgumentOutOfBounds.ql @@ -24,4 +24,4 @@ from where not isExcluded(fc, OutOfBoundsPackage::stringFunctionPointerArgumentOutOfBoundsQuery()) and OOB::problems(fc, message, bufferArg, bufferArgStr, sizeOrOtherBufferArg, otherStr) -select fc, message, bufferArg, bufferArgStr, sizeOrOtherBufferArg, otherStr \ No newline at end of file +select fc, message, bufferArg, bufferArgStr, sizeOrOtherBufferArg, otherStr diff --git a/c/misra/src/rules/RULE-21-20/CallToSetlocaleInvalidatesOldPointersWarn.ql b/c/misra/src/rules/RULE-21-20/CallToSetlocaleInvalidatesOldPointersWarn.ql index ba1e75cd4c..0bbcb045d9 100644 --- a/c/misra/src/rules/RULE-21-20/CallToSetlocaleInvalidatesOldPointersWarn.ql +++ b/c/misra/src/rules/RULE-21-20/CallToSetlocaleInvalidatesOldPointersWarn.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.invalidatedenvstringpointerswarn.InvalidatedEnvStringPointersWarn -class CallToSetlocaleInvalidatesOldPointersWarnQuery extends InvalidatedEnvStringPointersWarnSharedQuery { +class CallToSetlocaleInvalidatesOldPointersWarnQuery extends InvalidatedEnvStringPointersWarnSharedQuery +{ CallToSetlocaleInvalidatesOldPointersWarnQuery() { this = Contracts2Package::callToSetlocaleInvalidatesOldPointersWarnQuery() } diff --git a/c/misra/src/rules/RULE-22-1/CloseFileHandleWhenNoLongerNeededMisra.ql b/c/misra/src/rules/RULE-22-1/CloseFileHandleWhenNoLongerNeededMisra.ql index 66f4625584..c756bc2526 100644 --- a/c/misra/src/rules/RULE-22-1/CloseFileHandleWhenNoLongerNeededMisra.ql +++ b/c/misra/src/rules/RULE-22-1/CloseFileHandleWhenNoLongerNeededMisra.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.closefilehandlewhennolongerneededshared.CloseFileHandleWhenNoLongerNeededShared -class CloseFileHandleWhenNoLongerNeededMisraQuery extends CloseFileHandleWhenNoLongerNeededSharedSharedQuery { +class CloseFileHandleWhenNoLongerNeededMisraQuery extends CloseFileHandleWhenNoLongerNeededSharedSharedQuery +{ CloseFileHandleWhenNoLongerNeededMisraQuery() { this = Memory2Package::closeFileHandleWhenNoLongerNeededMisraQuery() } diff --git a/c/misra/src/rules/RULE-22-2/OnlyFreeMemoryAllocatedDynamicallyMisra.ql b/c/misra/src/rules/RULE-22-2/OnlyFreeMemoryAllocatedDynamicallyMisra.ql index ee14d443d2..a149103c9a 100644 --- a/c/misra/src/rules/RULE-22-2/OnlyFreeMemoryAllocatedDynamicallyMisra.ql +++ b/c/misra/src/rules/RULE-22-2/OnlyFreeMemoryAllocatedDynamicallyMisra.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.onlyfreememoryallocateddynamicallyshared.OnlyFreeMemoryAllocatedDynamicallyShared -class OnlyFreeMemoryAllocatedDynamicallyMisraQuery extends OnlyFreeMemoryAllocatedDynamicallySharedSharedQuery { +class OnlyFreeMemoryAllocatedDynamicallyMisraQuery extends OnlyFreeMemoryAllocatedDynamicallySharedSharedQuery +{ OnlyFreeMemoryAllocatedDynamicallyMisraQuery() { this = Memory2Package::onlyFreeMemoryAllocatedDynamicallyMisraQuery() } diff --git a/c/misra/src/rules/RULE-3-1/CharacterSequencesAndUsedWithinAComment.ql b/c/misra/src/rules/RULE-3-1/CharacterSequencesAndUsedWithinAComment.ql index b7d01b4eae..f59606a0ac 100644 --- a/c/misra/src/rules/RULE-3-1/CharacterSequencesAndUsedWithinAComment.ql +++ b/c/misra/src/rules/RULE-3-1/CharacterSequencesAndUsedWithinAComment.ql @@ -16,24 +16,26 @@ import cpp import codingstandards.c.misra class IllegalCCommentCharacter extends string { - IllegalCCommentCharacter(){ - this = "/*" or + IllegalCCommentCharacter() { + this = "/*" or this = "//" } } class IllegalCPPCommentCharacter extends string { - IllegalCPPCommentCharacter(){ - this = "/*" - } + IllegalCPPCommentCharacter() { this = "/*" } } from Comment comment, string illegalSequence where - not isExcluded(comment, SyntaxPackage::characterSequencesAndUsedWithinACommentQuery()) - and + not isExcluded(comment, SyntaxPackage::characterSequencesAndUsedWithinACommentQuery()) and ( - exists(IllegalCCommentCharacter c | illegalSequence = c | comment.(CStyleComment).getContents().indexOf(illegalSequence) > 0) or - exists(IllegalCPPCommentCharacter c | illegalSequence = c | comment.(CppStyleComment).getContents().indexOf(illegalSequence) > 0) + exists(IllegalCCommentCharacter c | illegalSequence = c | + comment.(CStyleComment).getContents().indexOf(illegalSequence) > 0 + ) + or + exists(IllegalCPPCommentCharacter c | illegalSequence = c | + comment.(CppStyleComment).getContents().indexOf(illegalSequence) > 0 + ) ) select comment, "Comment contains an illegal sequence '" + illegalSequence + "'" diff --git a/c/misra/src/rules/RULE-5-1/ExternalIdentifiersNotDistinct.ql b/c/misra/src/rules/RULE-5-1/ExternalIdentifiersNotDistinct.ql index 774bc97663..fa7190c39b 100644 --- a/c/misra/src/rules/RULE-5-1/ExternalIdentifiersNotDistinct.ql +++ b/c/misra/src/rules/RULE-5-1/ExternalIdentifiersNotDistinct.ql @@ -17,7 +17,7 @@ import codingstandards.c.misra import codingstandards.cpp.rules.notdistinctidentifier.NotDistinctIdentifier class ExternalIdentifiersNotDistinct extends NotDistinctIdentifierSharedQuery { - ExternalIdentifiersNotDistinct() { + ExternalIdentifiersNotDistinct() { this = Declarations1Package::externalIdentifiersNotDistinctQuery() } -} \ No newline at end of file +} diff --git a/c/misra/src/rules/RULE-5-3/IdentifierHidingC.ql b/c/misra/src/rules/RULE-5-3/IdentifierHidingC.ql index 94d56367fe..3463d08e1c 100644 --- a/c/misra/src/rules/RULE-5-3/IdentifierHidingC.ql +++ b/c/misra/src/rules/RULE-5-3/IdentifierHidingC.ql @@ -18,7 +18,5 @@ import codingstandards.c.misra import codingstandards.cpp.rules.identifierhidden.IdentifierHidden class IdentifierHidingCQuery extends IdentifierHiddenSharedQuery { - IdentifierHidingCQuery() { - this = Declarations3Package::identifierHidingCQuery() - } + IdentifierHidingCQuery() { this = Declarations3Package::identifierHidingCQuery() } } diff --git a/c/misra/src/rules/RULE-5-4/MacroIdentifiersNotDistinct.ql b/c/misra/src/rules/RULE-5-4/MacroIdentifiersNotDistinct.ql index 1dd0fe196e..5b3683bdc4 100644 --- a/c/misra/src/rules/RULE-5-4/MacroIdentifiersNotDistinct.ql +++ b/c/misra/src/rules/RULE-5-4/MacroIdentifiersNotDistinct.ql @@ -30,4 +30,6 @@ where ) and //reduce double report since both macros are in alert, arbitrary ordering m.getLocation().getStartLine() >= m2.getLocation().getStartLine() -select m, "Macro identifer " + m.getName() + " is nondistinct in first 63 characters, compared to $@.", m2, m2.getName() +select m, + "Macro identifer " + m.getName() + " is nondistinct in first 63 characters, compared to $@.", m2, + m2.getName() diff --git a/c/misra/src/rules/RULE-8-6/IdentifierWithExternalLinkageOneDefinition.ql b/c/misra/src/rules/RULE-8-6/IdentifierWithExternalLinkageOneDefinition.ql index 2eb5028dba..1a85775236 100644 --- a/c/misra/src/rules/RULE-8-6/IdentifierWithExternalLinkageOneDefinition.ql +++ b/c/misra/src/rules/RULE-8-6/IdentifierWithExternalLinkageOneDefinition.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.identifierwithexternallinkageonedefinitionshared.IdentifierWithExternalLinkageOneDefinitionShared -class IdentifierWithExternalLinkageShallHaveOneDefinitionQuery extends IdentifierWithExternalLinkageOneDefinitionSharedSharedQuery { +class IdentifierWithExternalLinkageShallHaveOneDefinitionQuery extends IdentifierWithExternalLinkageOneDefinitionSharedSharedQuery +{ IdentifierWithExternalLinkageShallHaveOneDefinitionQuery() { this = Declarations4Package::identifierWithExternalLinkageOneDefinitionQuery() } diff --git a/c/misra/src/rules/RULE-8-8/MissingStaticSpecifierFunctionRedeclarationC.ql b/c/misra/src/rules/RULE-8-8/MissingStaticSpecifierFunctionRedeclarationC.ql index a56d4ca426..c210273cd1 100644 --- a/c/misra/src/rules/RULE-8-8/MissingStaticSpecifierFunctionRedeclarationC.ql +++ b/c/misra/src/rules/RULE-8-8/MissingStaticSpecifierFunctionRedeclarationC.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.missingstaticspecifierfunctionredeclarationshared.MissingStaticSpecifierFunctionRedeclarationShared -class MissingStaticSpecifierFunctionRedeclarationCQuery extends MissingStaticSpecifierFunctionRedeclarationSharedSharedQuery { +class MissingStaticSpecifierFunctionRedeclarationCQuery extends MissingStaticSpecifierFunctionRedeclarationSharedSharedQuery +{ MissingStaticSpecifierFunctionRedeclarationCQuery() { this = Declarations5Package::missingStaticSpecifierFunctionRedeclarationCQuery() } diff --git a/c/misra/src/rules/RULE-8-9/UnnecessaryExposedIdentifierDeclarationC.ql b/c/misra/src/rules/RULE-8-9/UnnecessaryExposedIdentifierDeclarationC.ql index 09cad2f08d..88cf72fdcd 100644 --- a/c/misra/src/rules/RULE-8-9/UnnecessaryExposedIdentifierDeclarationC.ql +++ b/c/misra/src/rules/RULE-8-9/UnnecessaryExposedIdentifierDeclarationC.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.unnecessaryexposedidentifierdeclarationshared.UnnecessaryExposedIdentifierDeclarationShared -class UnnecessaryExposedIdentifierDeclarationCQuery extends UnnecessaryExposedIdentifierDeclarationSharedSharedQuery { +class UnnecessaryExposedIdentifierDeclarationCQuery extends UnnecessaryExposedIdentifierDeclarationSharedSharedQuery +{ UnnecessaryExposedIdentifierDeclarationCQuery() { this = Declarations5Package::unnecessaryExposedIdentifierDeclarationCQuery() } diff --git a/c/misra/src/rules/RULE-9-2/InitializerForAggregateOrUnionNotEnclosedInBraces.ql b/c/misra/src/rules/RULE-9-2/InitializerForAggregateOrUnionNotEnclosedInBraces.ql index 5d7b7981aa..02ee294036 100644 --- a/c/misra/src/rules/RULE-9-2/InitializerForAggregateOrUnionNotEnclosedInBraces.ql +++ b/c/misra/src/rules/RULE-9-2/InitializerForAggregateOrUnionNotEnclosedInBraces.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.useinitializerbracestomatchaggregatetypestructure.UseInitializerBracesToMatchAggregateTypeStructure -class InitializerForAggregateOrUnionNotEnclosedInBracesQuery extends UseInitializerBracesToMatchAggregateTypeStructureSharedQuery { +class InitializerForAggregateOrUnionNotEnclosedInBracesQuery extends UseInitializerBracesToMatchAggregateTypeStructureSharedQuery +{ InitializerForAggregateOrUnionNotEnclosedInBracesQuery() { this = Memory1Package::initializerForAggregateOrUnionNotEnclosedInBracesQuery() } diff --git a/cpp/autosar/src/rules/A0-1-3/UnusedLocalFunction.ql b/cpp/autosar/src/rules/A0-1-3/UnusedLocalFunction.ql index c9e5fbb345..3d5869123a 100644 --- a/cpp/autosar/src/rules/A0-1-3/UnusedLocalFunction.ql +++ b/cpp/autosar/src/rules/A0-1-3/UnusedLocalFunction.ql @@ -19,18 +19,17 @@ import codingstandards.cpp.autosar import codingstandards.cpp.DynamicCallGraph import codingstandards.cpp.deadcode.UnusedFunctions - -/** Checks if an overloaded function of +/** + * Checks if an overloaded function of * the function passed in the arguments, is called. */ predicate overloadedFunctionIsCalled(Function unusedFunction) { - exists (Function f | f = unusedFunction.getAnOverload() and f = getTarget(_)) + exists(Function f | f = unusedFunction.getAnOverload() and f = getTarget(_)) } /** Checks if a Function's address was taken. */ -predicate addressBeenTaken(Function unusedFunction) -{ - exists (FunctionAccess fa | fa.getTarget() = unusedFunction) +predicate addressBeenTaken(Function unusedFunction) { + exists(FunctionAccess fa | fa.getTarget() = unusedFunction) } /** A `Function` nested in an anonymous namespace. */ @@ -89,8 +88,7 @@ where // There exists an instantiation which is called functionFromInstantiatedTemplate.isConstructedFrom(functionFromUninstantiatedTemplate) and functionFromInstantiatedTemplate = getTarget(_) - ) - and + ) and // A function is defined as "used" if any one of the following holds true: // - It's an explicitly deleted functions e.g. =delete // - It's annotated as "[[maybe_unused]]" @@ -100,8 +98,7 @@ where not unusedLocalFunction.isDeleted() and not unusedLocalFunction.getAnAttribute().getName() = "maybe_unused" and not overloadedFunctionIsCalled(unusedLocalFunction) and - not addressBeenTaken(unusedLocalFunction) - and + not addressBeenTaken(unusedLocalFunction) and // Get a printable name ( if exists(unusedLocalFunction.getQualifiedName()) diff --git a/cpp/autosar/src/rules/A12-7-1/RedundantMemberFunctionsShouldBeDefaultedOrLeftUndefined.ql b/cpp/autosar/src/rules/A12-7-1/RedundantMemberFunctionsShouldBeDefaultedOrLeftUndefined.ql index 120eb62a31..b066db8b3d 100644 --- a/cpp/autosar/src/rules/A12-7-1/RedundantMemberFunctionsShouldBeDefaultedOrLeftUndefined.ql +++ b/cpp/autosar/src/rules/A12-7-1/RedundantMemberFunctionsShouldBeDefaultedOrLeftUndefined.ql @@ -34,10 +34,12 @@ class NonDefaultedNoExceptUserDefinedSpecialMemberFunction extends UserDefinedSp abstract class RedundantSpecialMemberFunction extends UserDefinedSpecialMemberFunction { } abstract class RedundantNonDefaultNoExceptSpecialMemberFunction extends RedundantSpecialMemberFunction, - NonDefaultedNoExceptUserDefinedSpecialMemberFunction { } + NonDefaultedNoExceptUserDefinedSpecialMemberFunction +{ } class RedundantCopySpecialMemberFunction extends RedundantNonDefaultNoExceptSpecialMemberFunction, - CopyConstructor { + CopyConstructor +{ RedundantCopySpecialMemberFunction() { // a copy function is redundant if // 1) it has a vacuous body @@ -68,7 +70,8 @@ class RedundantCopySpecialMemberFunction extends RedundantNonDefaultNoExceptSpec } class RedundantMoveSpecialMemberFunction extends RedundantNonDefaultNoExceptSpecialMemberFunction, - MoveConstructor { + MoveConstructor +{ RedundantMoveSpecialMemberFunction() { // a move function is redundant if // 1) it has a vacuous body @@ -97,7 +100,8 @@ class RedundantMoveSpecialMemberFunction extends RedundantNonDefaultNoExceptSpec } class RedundantConstructorSpecialMemberFunction extends RedundantNonDefaultNoExceptSpecialMemberFunction, - Constructor { + Constructor +{ RedundantConstructorSpecialMemberFunction() { // 1) The constructor should be not one of the other special types of // constructors @@ -131,7 +135,8 @@ class RedundantDestructorSpecialMemberFunction extends RedundantSpecialMemberFun } class RedundantCopyAssignmentOperatorSpecialMemberFunction extends RedundantNonDefaultNoExceptSpecialMemberFunction, - CopyAssignmentOperator { + CopyAssignmentOperator +{ RedundantCopyAssignmentOperatorSpecialMemberFunction() { // The copy (and move) assignment operator is especially hard to tell if it // is the same behavior as the default constructor. For our purposes we use @@ -167,7 +172,8 @@ class RedundantCopyAssignmentOperatorSpecialMemberFunction extends RedundantNonD } class RedundantMoveAssignmentOperatorSpecialMemberFunction extends RedundantNonDefaultNoExceptSpecialMemberFunction, - MoveAssignmentOperator { + MoveAssignmentOperator +{ RedundantMoveAssignmentOperatorSpecialMemberFunction() { // The move (and copy) assignment operator is especially hard to tell if it // is the same behavior as the default constructor. For our purposes we use diff --git a/cpp/autosar/src/rules/A15-5-3/ConditionVariablePostConditionFailedAutosar.ql b/cpp/autosar/src/rules/A15-5-3/ConditionVariablePostConditionFailedAutosar.ql index 3a06dedc19..7d80bd9903 100644 --- a/cpp/autosar/src/rules/A15-5-3/ConditionVariablePostConditionFailedAutosar.ql +++ b/cpp/autosar/src/rules/A15-5-3/ConditionVariablePostConditionFailedAutosar.ql @@ -18,7 +18,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.conditionvariablepostconditionfailed.ConditionVariablePostConditionFailed -class ConditionVariablePostConditionFailedAutosarQuery extends ConditionVariablePostConditionFailedSharedQuery { +class ConditionVariablePostConditionFailedAutosarQuery extends ConditionVariablePostConditionFailedSharedQuery +{ ConditionVariablePostConditionFailedAutosarQuery() { this = Exceptions1Package::conditionVariablePostConditionFailedAutosarQuery() } diff --git a/cpp/autosar/src/rules/A15-5-3/JoinableThreadCopiedOrDestroyedAutosar.ql b/cpp/autosar/src/rules/A15-5-3/JoinableThreadCopiedOrDestroyedAutosar.ql index 77403c05ee..476f4f15ff 100644 --- a/cpp/autosar/src/rules/A15-5-3/JoinableThreadCopiedOrDestroyedAutosar.ql +++ b/cpp/autosar/src/rules/A15-5-3/JoinableThreadCopiedOrDestroyedAutosar.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.joinablethreadcopiedordestroyed.JoinableThreadCopiedOrDestroyed -class JoinableThreadCopiedOrDestroyedAutosarQuery extends JoinableThreadCopiedOrDestroyedSharedQuery { +class JoinableThreadCopiedOrDestroyedAutosarQuery extends JoinableThreadCopiedOrDestroyedSharedQuery +{ JoinableThreadCopiedOrDestroyedAutosarQuery() { this = Exceptions1Package::joinableThreadCopiedOrDestroyedAutosarQuery() } diff --git a/cpp/autosar/src/rules/A16-2-1/CharactersOccurInHeaderFileNameOrInIncludeDirective.ql b/cpp/autosar/src/rules/A16-2-1/CharactersOccurInHeaderFileNameOrInIncludeDirective.ql index 112e5c6f88..18a373e935 100644 --- a/cpp/autosar/src/rules/A16-2-1/CharactersOccurInHeaderFileNameOrInIncludeDirective.ql +++ b/cpp/autosar/src/rules/A16-2-1/CharactersOccurInHeaderFileNameOrInIncludeDirective.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.preprocessorincludesforbiddenheadernames.PreprocessorIncludesForbiddenHeaderNames -class CharactersOccurInHeaderFileNameOrInIncludeDirectiveQuery extends PreprocessorIncludesForbiddenHeaderNamesSharedQuery { +class CharactersOccurInHeaderFileNameOrInIncludeDirectiveQuery extends PreprocessorIncludesForbiddenHeaderNamesSharedQuery +{ CharactersOccurInHeaderFileNameOrInIncludeDirectiveQuery() { this = MacrosPackage::charactersOccurInHeaderFileNameOrInIncludeDirectiveQuery() } diff --git a/cpp/autosar/src/rules/A17-6-1/NonStandardEntitiesInStandardNamespaces.ql b/cpp/autosar/src/rules/A17-6-1/NonStandardEntitiesInStandardNamespaces.ql index a9c08ec594..81ee00878e 100644 --- a/cpp/autosar/src/rules/A17-6-1/NonStandardEntitiesInStandardNamespaces.ql +++ b/cpp/autosar/src/rules/A17-6-1/NonStandardEntitiesInStandardNamespaces.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.nonstandardentitiesinstandardnamespaces.NonStandardEntitiesInStandardNamespaces -class NonStandardEntitiesInStandardNamespacesQuery extends NonStandardEntitiesInStandardNamespacesSharedQuery { +class NonStandardEntitiesInStandardNamespacesQuery extends NonStandardEntitiesInStandardNamespacesSharedQuery +{ NonStandardEntitiesInStandardNamespacesQuery() { this = ScopePackage::nonStandardEntitiesInStandardNamespacesQuery() } diff --git a/cpp/autosar/src/rules/A18-0-2/StringNumberConversionMissingErrorCheck.ql b/cpp/autosar/src/rules/A18-0-2/StringNumberConversionMissingErrorCheck.ql index 02b35f8764..99d5393171 100644 --- a/cpp/autosar/src/rules/A18-0-2/StringNumberConversionMissingErrorCheck.ql +++ b/cpp/autosar/src/rules/A18-0-2/StringNumberConversionMissingErrorCheck.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.stringnumberconversionmissingerrorcheck.StringNumberConversionMissingErrorCheck -class StringNumberConversionMissingErrorCheckQuery extends StringNumberConversionMissingErrorCheckSharedQuery { +class StringNumberConversionMissingErrorCheckQuery extends StringNumberConversionMissingErrorCheckSharedQuery +{ StringNumberConversionMissingErrorCheckQuery() { this = TypeRangesPackage::stringNumberConversionMissingErrorCheckQuery() } diff --git a/cpp/autosar/src/rules/A18-5-10/PlacementNewInsufficientStorageAutosar.ql b/cpp/autosar/src/rules/A18-5-10/PlacementNewInsufficientStorageAutosar.ql index 9ecf3f415f..2854f30e0d 100644 --- a/cpp/autosar/src/rules/A18-5-10/PlacementNewInsufficientStorageAutosar.ql +++ b/cpp/autosar/src/rules/A18-5-10/PlacementNewInsufficientStorageAutosar.ql @@ -19,7 +19,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.placementnewinsufficientstorage.PlacementNewInsufficientStorage -class PlacementNewInsufficientStorageAutosarQuery extends PlacementNewInsufficientStorageSharedQuery { +class PlacementNewInsufficientStorageAutosarQuery extends PlacementNewInsufficientStorageSharedQuery +{ PlacementNewInsufficientStorageAutosarQuery() { this = AllocationsPackage::placementNewInsufficientStorageAutosarQuery() } diff --git a/cpp/autosar/src/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.ql b/cpp/autosar/src/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.ql index 227b5d55aa..cdf35374f9 100644 --- a/cpp/autosar/src/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.ql +++ b/cpp/autosar/src/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.ql @@ -64,7 +64,8 @@ class MakeSharedOrUnique extends FunctionCall, CandidateFunctionLocalHeapAllocat * An `AllocationExpr` that allocates heap memory, where the memory is freed on at least one path * through the enclosing function. */ -class AllocationExprFunctionLocal extends CandidateFunctionLocalHeapAllocationExpr instanceof AllocationExpr { +class AllocationExprFunctionLocal extends CandidateFunctionLocalHeapAllocationExpr instanceof AllocationExpr +{ AllocationExprFunctionLocal() { this.getSizeBytes() < 1024 and TaintTracking::localExprTaint(this, any(DeallocationExpr de).getFreedExpr()) diff --git a/cpp/autosar/src/rules/A18-5-9/ThrowingNoThrowOperatorNewDeleteAutosar.ql b/cpp/autosar/src/rules/A18-5-9/ThrowingNoThrowOperatorNewDeleteAutosar.ql index fd613aa3bf..f2cf835a2b 100644 --- a/cpp/autosar/src/rules/A18-5-9/ThrowingNoThrowOperatorNewDeleteAutosar.ql +++ b/cpp/autosar/src/rules/A18-5-9/ThrowingNoThrowOperatorNewDeleteAutosar.ql @@ -18,7 +18,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.throwingnothrowoperatornewdelete.ThrowingNoThrowOperatorNewDelete -class ThrowingNoThrowOperatorNewDeleteAutosarQuery extends ThrowingNoThrowOperatorNewDeleteSharedQuery { +class ThrowingNoThrowOperatorNewDeleteAutosarQuery extends ThrowingNoThrowOperatorNewDeleteSharedQuery +{ ThrowingNoThrowOperatorNewDeleteAutosarQuery() { this = AllocationsPackage::throwingNoThrowOperatorNewDeleteAutosarQuery() } diff --git a/cpp/autosar/src/rules/A18-5-9/ThrowingOperatorNewThrowsInvalidExceptionAutosar.ql b/cpp/autosar/src/rules/A18-5-9/ThrowingOperatorNewThrowsInvalidExceptionAutosar.ql index c6c464b44a..c85eba435d 100644 --- a/cpp/autosar/src/rules/A18-5-9/ThrowingOperatorNewThrowsInvalidExceptionAutosar.ql +++ b/cpp/autosar/src/rules/A18-5-9/ThrowingOperatorNewThrowsInvalidExceptionAutosar.ql @@ -18,7 +18,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.throwingoperatornewthrowsinvalidexception.ThrowingOperatorNewThrowsInvalidException -class ThrowingOperatorNewThrowsInvalidExceptionAutosarQuery extends ThrowingOperatorNewThrowsInvalidExceptionSharedQuery { +class ThrowingOperatorNewThrowsInvalidExceptionAutosarQuery extends ThrowingOperatorNewThrowsInvalidExceptionSharedQuery +{ ThrowingOperatorNewThrowsInvalidExceptionAutosarQuery() { this = AllocationsPackage::throwingOperatorNewThrowsInvalidExceptionAutosarQuery() } diff --git a/cpp/autosar/src/rules/A2-7-2/SectionsOfCodeCommentedOut.ql b/cpp/autosar/src/rules/A2-7-2/SectionsOfCodeCommentedOut.ql index f47085b54d..5dbb6ee3c0 100644 --- a/cpp/autosar/src/rules/A2-7-2/SectionsOfCodeCommentedOut.ql +++ b/cpp/autosar/src/rules/A2-7-2/SectionsOfCodeCommentedOut.ql @@ -19,7 +19,5 @@ import codingstandards.cpp.autosar import codingstandards.cpp.rules.sectionsofcodeshallnotbecommentedout.SectionsOfCodeShallNotBeCommentedOut class SectionsOfCodeCommentedOutQuery extends SectionsOfCodeShallNotBeCommentedOutSharedQuery { - SectionsOfCodeCommentedOutQuery() { - this = CommentsPackage::sectionsOfCodeCommentedOutQuery() - } + SectionsOfCodeCommentedOutQuery() { this = CommentsPackage::sectionsOfCodeCommentedOutQuery() } } diff --git a/cpp/autosar/src/rules/A20-8-1/OwnedPointerValueStoredInUnrelatedSmartPointerAsar.ql b/cpp/autosar/src/rules/A20-8-1/OwnedPointerValueStoredInUnrelatedSmartPointerAsar.ql index 1e974f5145..581a8f8dc2 100644 --- a/cpp/autosar/src/rules/A20-8-1/OwnedPointerValueStoredInUnrelatedSmartPointerAsar.ql +++ b/cpp/autosar/src/rules/A20-8-1/OwnedPointerValueStoredInUnrelatedSmartPointerAsar.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.ownedpointervaluestoredinunrelatedsmartpointer.OwnedPointerValueStoredInUnrelatedSmartPointer -class OwnedPointerValueStoredInUnrelatedSmartPointerAsarQuery extends OwnedPointerValueStoredInUnrelatedSmartPointerSharedQuery { +class OwnedPointerValueStoredInUnrelatedSmartPointerAsarQuery extends OwnedPointerValueStoredInUnrelatedSmartPointerSharedQuery +{ OwnedPointerValueStoredInUnrelatedSmartPointerAsarQuery() { this = SmartPointers1Package::ownedPointerValueStoredInUnrelatedSmartPointerAsarQuery() } diff --git a/cpp/autosar/src/rules/A25-1-1/StateRelatedToFunctionObjectIdentityShallNotBeCopied.ql b/cpp/autosar/src/rules/A25-1-1/StateRelatedToFunctionObjectIdentityShallNotBeCopied.ql index d016b12662..93f857d302 100644 --- a/cpp/autosar/src/rules/A25-1-1/StateRelatedToFunctionObjectIdentityShallNotBeCopied.ql +++ b/cpp/autosar/src/rules/A25-1-1/StateRelatedToFunctionObjectIdentityShallNotBeCopied.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.predicatefunctionobjectsshouldnotbemutable.PredicateFunctionObjectsShouldNotBeMutable -class StateRelatedToFunctionObjectIdentityShallNotBeCopiedQuery extends PredicateFunctionObjectsShouldNotBeMutableSharedQuery { +class StateRelatedToFunctionObjectIdentityShallNotBeCopiedQuery extends PredicateFunctionObjectsShouldNotBeMutableSharedQuery +{ StateRelatedToFunctionObjectIdentityShallNotBeCopiedQuery() { this = SideEffects2Package::stateRelatedToFunctionObjectIdentityShallNotBeCopiedQuery() } diff --git a/cpp/autosar/src/rules/A26-5-1/PseudorandomNumbersGeneratedUsingRand.ql b/cpp/autosar/src/rules/A26-5-1/PseudorandomNumbersGeneratedUsingRand.ql index 17411c0685..9dfdfe538e 100644 --- a/cpp/autosar/src/rules/A26-5-1/PseudorandomNumbersGeneratedUsingRand.ql +++ b/cpp/autosar/src/rules/A26-5-1/PseudorandomNumbersGeneratedUsingRand.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.donotuserandforgeneratingpseudorandomnumbers.DoNotUseRandForGeneratingPseudorandomNumbers -class PseudorandomNumbersGeneratedUsingRandQuery extends DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery { +class PseudorandomNumbersGeneratedUsingRandQuery extends DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery +{ PseudorandomNumbersGeneratedUsingRandQuery() { this = BannedFunctionsPackage::pseudorandomNumbersGeneratedUsingRandQuery() } diff --git a/cpp/autosar/src/rules/A27-0-2/OperationMayNotNullTerminateCStyleStringAutosar.ql b/cpp/autosar/src/rules/A27-0-2/OperationMayNotNullTerminateCStyleStringAutosar.ql index b012eea69f..69ff628298 100644 --- a/cpp/autosar/src/rules/A27-0-2/OperationMayNotNullTerminateCStyleStringAutosar.ql +++ b/cpp/autosar/src/rules/A27-0-2/OperationMayNotNullTerminateCStyleStringAutosar.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.operationmaynotnullterminatecstylestring.OperationMayNotNullTerminateCStyleString -class OperationMayNotNullTerminateCStyleStringAutosarQuery extends OperationMayNotNullTerminateCStyleStringSharedQuery { +class OperationMayNotNullTerminateCStyleStringAutosarQuery extends OperationMayNotNullTerminateCStyleStringSharedQuery +{ OperationMayNotNullTerminateCStyleStringAutosarQuery() { this = StringsPackage::operationMayNotNullTerminateCStyleStringAutosarQuery() } diff --git a/cpp/autosar/src/rules/A5-0-2/NonBooleanIfCondition.ql b/cpp/autosar/src/rules/A5-0-2/NonBooleanIfCondition.ql index 134ded1651..f598bb8835 100644 --- a/cpp/autosar/src/rules/A5-0-2/NonBooleanIfCondition.ql +++ b/cpp/autosar/src/rules/A5-0-2/NonBooleanIfCondition.ql @@ -18,7 +18,5 @@ import codingstandards.cpp.autosar import codingstandards.cpp.rules.nonbooleanifstmt.NonBooleanIfStmt class NonBooleanIfConditionQuery extends NonBooleanIfStmtSharedQuery { - NonBooleanIfConditionQuery() { - this = ConditionalsPackage::nonBooleanIfConditionQuery() - } + NonBooleanIfConditionQuery() { this = ConditionalsPackage::nonBooleanIfConditionQuery() } } diff --git a/cpp/autosar/src/rules/A5-0-3/DeclarationContainLessThanTwoLevelsOfIndirection.ql b/cpp/autosar/src/rules/A5-0-3/DeclarationContainLessThanTwoLevelsOfIndirection.ql index ddd996db5a..2e866c9f2d 100644 --- a/cpp/autosar/src/rules/A5-0-3/DeclarationContainLessThanTwoLevelsOfIndirection.ql +++ b/cpp/autosar/src/rules/A5-0-3/DeclarationContainLessThanTwoLevelsOfIndirection.ql @@ -19,7 +19,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.donotusemorethantwolevelsofpointerindirection.DoNotUseMoreThanTwoLevelsOfPointerIndirection -class DeclarationContainLessThanTwoLevelsOfIndirectionQuery extends DoNotUseMoreThanTwoLevelsOfPointerIndirectionSharedQuery { +class DeclarationContainLessThanTwoLevelsOfIndirectionQuery extends DoNotUseMoreThanTwoLevelsOfPointerIndirectionSharedQuery +{ DeclarationContainLessThanTwoLevelsOfIndirectionQuery() { this = PointersPackage::declarationContainLessThanTwoLevelsOfIndirectionQuery() } diff --git a/cpp/autosar/src/rules/A5-1-3/LambdaExpressionWithoutParameterList.ql b/cpp/autosar/src/rules/A5-1-3/LambdaExpressionWithoutParameterList.ql index db39a62d8e..7d3d630d95 100644 --- a/cpp/autosar/src/rules/A5-1-3/LambdaExpressionWithoutParameterList.ql +++ b/cpp/autosar/src/rules/A5-1-3/LambdaExpressionWithoutParameterList.ql @@ -24,7 +24,7 @@ where // If it has a parameter, then it will have an // explicit parameter list. Therefore, proceed to check only if the lambda // does not have any parameters. - not exists (lambdaFunction.getAParameter()) and + not exists(lambdaFunction.getAParameter()) and // The extractor doesn't store the syntactic information whether the parameter list // is enclosed in parenthesis. Therefore we cannot determine if the parameter list is // explicitly specified when the parameter list is empty. diff --git a/cpp/autosar/src/rules/A5-1-4/MovedLambdaObjectOutlivesCaptureByReference.ql b/cpp/autosar/src/rules/A5-1-4/MovedLambdaObjectOutlivesCaptureByReference.ql index a7280526e3..2cf48c7f6b 100644 --- a/cpp/autosar/src/rules/A5-1-4/MovedLambdaObjectOutlivesCaptureByReference.ql +++ b/cpp/autosar/src/rules/A5-1-4/MovedLambdaObjectOutlivesCaptureByReference.ql @@ -19,7 +19,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.danglingcapturewhenmovinglambdaobject.DanglingCaptureWhenMovingLambdaObject -class MovedLambdaObjectOutlivesCaptureByReferenceQuery extends DanglingCaptureWhenMovingLambdaObjectSharedQuery { +class MovedLambdaObjectOutlivesCaptureByReferenceQuery extends DanglingCaptureWhenMovingLambdaObjectSharedQuery +{ MovedLambdaObjectOutlivesCaptureByReferenceQuery() { this = LambdasPackage::movedLambdaObjectOutlivesCaptureByReferenceQuery() } diff --git a/cpp/autosar/src/rules/A5-1-4/ReturnedLambdaObjectOutlivesCaptureByReference.ql b/cpp/autosar/src/rules/A5-1-4/ReturnedLambdaObjectOutlivesCaptureByReference.ql index d173d8ab54..aaefa175cc 100644 --- a/cpp/autosar/src/rules/A5-1-4/ReturnedLambdaObjectOutlivesCaptureByReference.ql +++ b/cpp/autosar/src/rules/A5-1-4/ReturnedLambdaObjectOutlivesCaptureByReference.ql @@ -19,7 +19,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.danglingcapturewhenreturninglambdaobject.DanglingCaptureWhenReturningLambdaObject -class ReturnedLambdaObjectOutlivesCaptureByReferenceQuery extends DanglingCaptureWhenReturningLambdaObjectSharedQuery { +class ReturnedLambdaObjectOutlivesCaptureByReferenceQuery extends DanglingCaptureWhenReturningLambdaObjectSharedQuery +{ ReturnedLambdaObjectOutlivesCaptureByReferenceQuery() { this = LambdasPackage::returnedLambdaObjectOutlivesCaptureByReferenceQuery() } diff --git a/cpp/autosar/src/rules/A5-2-3/RemoveConstOrVolatileQualificationAutosar.ql b/cpp/autosar/src/rules/A5-2-3/RemoveConstOrVolatileQualificationAutosar.ql index d92045eac7..47a9b49f1b 100644 --- a/cpp/autosar/src/rules/A5-2-3/RemoveConstOrVolatileQualificationAutosar.ql +++ b/cpp/autosar/src/rules/A5-2-3/RemoveConstOrVolatileQualificationAutosar.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.removeconstorvolatilequalification.RemoveConstOrVolatileQualification -class RemoveConstOrVolatileQualificationAutosarQuery extends RemoveConstOrVolatileQualificationSharedQuery { +class RemoveConstOrVolatileQualificationAutosarQuery extends RemoveConstOrVolatileQualificationSharedQuery +{ RemoveConstOrVolatileQualificationAutosarQuery() { this = ConstPackage::removeConstOrVolatileQualificationAutosarQuery() } diff --git a/cpp/autosar/src/rules/A5-2-5/ContainerAccessWithoutRangeCheckAutosar.ql b/cpp/autosar/src/rules/A5-2-5/ContainerAccessWithoutRangeCheckAutosar.ql index 1d7fef1685..48e350af7c 100644 --- a/cpp/autosar/src/rules/A5-2-5/ContainerAccessWithoutRangeCheckAutosar.ql +++ b/cpp/autosar/src/rules/A5-2-5/ContainerAccessWithoutRangeCheckAutosar.ql @@ -19,7 +19,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.containeraccesswithoutrangecheck.ContainerAccessWithoutRangeCheck -class ContainerAccessWithoutRangeCheckAutosarQuery extends ContainerAccessWithoutRangeCheckSharedQuery { +class ContainerAccessWithoutRangeCheckAutosarQuery extends ContainerAccessWithoutRangeCheckSharedQuery +{ ContainerAccessWithoutRangeCheckAutosarQuery() { this = OutOfBoundsPackage::containerAccessWithoutRangeCheckAutosarQuery() } diff --git a/cpp/autosar/src/rules/A5-3-2/NullPointersDereferenced.ql b/cpp/autosar/src/rules/A5-3-2/NullPointersDereferenced.ql index 0f00a5de8f..e342c53d00 100644 --- a/cpp/autosar/src/rules/A5-3-2/NullPointersDereferenced.ql +++ b/cpp/autosar/src/rules/A5-3-2/NullPointersDereferenced.ql @@ -17,7 +17,5 @@ import codingstandards.cpp.autosar import codingstandards.cpp.rules.dereferenceofnullpointer.DereferenceOfNullPointer class NullPointersDereferencedQuery extends DereferenceOfNullPointerSharedQuery { - NullPointersDereferencedQuery() { - this = NullPackage::nullPointersDereferencedQuery() - } + NullPointersDereferencedQuery() { this = NullPackage::nullPointersDereferencedQuery() } } diff --git a/cpp/autosar/src/rules/A5-5-1/NullPointerToMemberAccessNonExistentClassMembers.ql b/cpp/autosar/src/rules/A5-5-1/NullPointerToMemberAccessNonExistentClassMembers.ql index 3fede7950e..7f6a8dae1a 100644 --- a/cpp/autosar/src/rules/A5-5-1/NullPointerToMemberAccessNonExistentClassMembers.ql +++ b/cpp/autosar/src/rules/A5-5-1/NullPointerToMemberAccessNonExistentClassMembers.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.accessofundefinedmemberthroughnullpointer.AccessOfUndefinedMemberThroughNullPointer -class NullPointerToMemberAccessNonExistentClassMembersQuery extends AccessOfUndefinedMemberThroughNullPointerSharedQuery { +class NullPointerToMemberAccessNonExistentClassMembersQuery extends AccessOfUndefinedMemberThroughNullPointerSharedQuery +{ NullPointerToMemberAccessNonExistentClassMembersQuery() { this = PointersPackage::nullPointerToMemberAccessNonExistentClassMembersQuery() } diff --git a/cpp/autosar/src/rules/A5-5-1/PointerToMemberAccessNonExistentClassMembers.ql b/cpp/autosar/src/rules/A5-5-1/PointerToMemberAccessNonExistentClassMembers.ql index 768c7f6699..e3a78ce30c 100644 --- a/cpp/autosar/src/rules/A5-5-1/PointerToMemberAccessNonExistentClassMembers.ql +++ b/cpp/autosar/src/rules/A5-5-1/PointerToMemberAccessNonExistentClassMembers.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.accessofnonexistingmemberthroughpointertomember.AccessOfNonExistingMemberThroughPointerToMember -class PointerToMemberAccessNonExistentClassMembersQuery extends AccessOfNonExistingMemberThroughPointerToMemberSharedQuery { +class PointerToMemberAccessNonExistentClassMembersQuery extends AccessOfNonExistingMemberThroughPointerToMemberSharedQuery +{ PointerToMemberAccessNonExistentClassMembersQuery() { this = PointersPackage::pointerToMemberAccessNonExistentClassMembersQuery() } diff --git a/cpp/autosar/src/rules/A5-5-1/UninitializedStaticPointerToMemberUse.ql b/cpp/autosar/src/rules/A5-5-1/UninitializedStaticPointerToMemberUse.ql index 8802b4fabb..b6aa698e65 100644 --- a/cpp/autosar/src/rules/A5-5-1/UninitializedStaticPointerToMemberUse.ql +++ b/cpp/autosar/src/rules/A5-5-1/UninitializedStaticPointerToMemberUse.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.accessofundefinedmemberthroughuninitializedstaticpointer.AccessOfUndefinedMemberThroughUninitializedStaticPointer -class UninitializedStaticPointerToMemberUseQuery extends AccessOfUndefinedMemberThroughUninitializedStaticPointerSharedQuery { +class UninitializedStaticPointerToMemberUseQuery extends AccessOfUndefinedMemberThroughUninitializedStaticPointerSharedQuery +{ UninitializedStaticPointerToMemberUseQuery() { this = PointersPackage::uninitializedStaticPointerToMemberUseQuery() } diff --git a/cpp/autosar/src/rules/A7-6-1/FunctionNoReturnAttributeConditionAutosar.ql b/cpp/autosar/src/rules/A7-6-1/FunctionNoReturnAttributeConditionAutosar.ql index f9cdb1741f..9ebeff7b58 100644 --- a/cpp/autosar/src/rules/A7-6-1/FunctionNoReturnAttributeConditionAutosar.ql +++ b/cpp/autosar/src/rules/A7-6-1/FunctionNoReturnAttributeConditionAutosar.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.functionnoreturnattributecondition.FunctionNoReturnAttributeCondition -class FunctionNoReturnAttributeConditionAutosarQuery extends FunctionNoReturnAttributeConditionSharedQuery { +class FunctionNoReturnAttributeConditionAutosarQuery extends FunctionNoReturnAttributeConditionSharedQuery +{ FunctionNoReturnAttributeConditionAutosarQuery() { this = FunctionsPackage::functionNoReturnAttributeConditionAutosarQuery() } diff --git a/cpp/autosar/src/rules/M0-1-3/UnusedLocalVariable.ql b/cpp/autosar/src/rules/M0-1-3/UnusedLocalVariable.ql index 3b93402261..9ac58a6de8 100644 --- a/cpp/autosar/src/rules/M0-1-3/UnusedLocalVariable.ql +++ b/cpp/autosar/src/rules/M0-1-3/UnusedLocalVariable.ql @@ -30,25 +30,24 @@ private string getConstExprValue(Variable v) { // - getUseCount() int getUseCountConservatively(Variable v) { result = - count(VariableAccess access | access = v.getAnAccess()) - + count(UserProvidedConstructorFieldInit cfi | cfi.getTarget() = v) + - // For constexpr variables used as template arguments, we don't see accesses (just the - // appropriate literals). We therefore take a conservative approach and count the number of - // template instantiations that use the given constant, and consider each one to be a use - // of the variable - count(ClassTemplateInstantiation cti | - cti.getTemplateArgument(_).(Expr).getValue() = getConstExprValue(v) - ) - // For static asserts too, check if there is a child which has the same value - // as the constexpr variable. - + count(StaticAssert s | - s.getCondition().getAChild*().getValue() = getConstExprValue(v)) + count(VariableAccess access | access = v.getAnAccess()) + + count(UserProvidedConstructorFieldInit cfi | cfi.getTarget() = v) + + // For constexpr variables used as template arguments, we don't see accesses (just the + // appropriate literals). We therefore take a conservative approach and count the number of + // template instantiations that use the given constant, and consider each one to be a use + // of the variable + count(ClassTemplateInstantiation cti | + cti.getTemplateArgument(_).(Expr).getValue() = getConstExprValue(v) + ) + + // For static asserts too, check if there is a child which has the same value + // as the constexpr variable. + count(StaticAssert s | s.getCondition().getAChild*().getValue() = getConstExprValue(v)) } from PotentiallyUnusedLocalVariable v where not isExcluded(v, DeadCodePackage::unusedLocalVariableQuery()) and // Local variable is never accessed - not exists(v.getAnAccess()) - and getUseCountConservatively(v) = 0 + not exists(v.getAnAccess()) and + getUseCountConservatively(v) = 0 select v, "Local variable " + v.getName() + " in " + v.getFunction().getName() + " is not used." diff --git a/cpp/autosar/src/rules/M15-3-3/DestroyedValueReferencedInDestructorCatchBlock.ql b/cpp/autosar/src/rules/M15-3-3/DestroyedValueReferencedInDestructorCatchBlock.ql index 6346e3fc6a..ba0c499add 100644 --- a/cpp/autosar/src/rules/M15-3-3/DestroyedValueReferencedInDestructorCatchBlock.ql +++ b/cpp/autosar/src/rules/M15-3-3/DestroyedValueReferencedInDestructorCatchBlock.ql @@ -18,7 +18,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.destroyedvaluereferencedindestructorcatchblock.DestroyedValueReferencedInDestructorCatchBlock -class DestroyedValueReferencedInDestructorCatchBlockQuery extends DestroyedValueReferencedInDestructorCatchBlockSharedQuery { +class DestroyedValueReferencedInDestructorCatchBlockQuery extends DestroyedValueReferencedInDestructorCatchBlockSharedQuery +{ DestroyedValueReferencedInDestructorCatchBlockQuery() { this = Exceptions2Package::destroyedValueReferencedInDestructorCatchBlockQuery() } diff --git a/cpp/autosar/src/rules/M16-0-5/FunctionLikeMacroArgsContainHashToken.ql b/cpp/autosar/src/rules/M16-0-5/FunctionLikeMacroArgsContainHashToken.ql index 105ba04144..38312b7b1a 100644 --- a/cpp/autosar/src/rules/M16-0-5/FunctionLikeMacroArgsContainHashToken.ql +++ b/cpp/autosar/src/rules/M16-0-5/FunctionLikeMacroArgsContainHashToken.ql @@ -18,7 +18,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.preprocessingdirectivewithinmacroargument.PreprocessingDirectiveWithinMacroArgument -class FunctionLikeMacroArgsContainHashTokenCQueryQuery extends PreprocessingDirectiveWithinMacroArgumentSharedQuery { +class FunctionLikeMacroArgsContainHashTokenCQueryQuery extends PreprocessingDirectiveWithinMacroArgumentSharedQuery +{ FunctionLikeMacroArgsContainHashTokenCQueryQuery() { this = MacrosPackage::functionLikeMacroArgsContainHashTokenQuery() } diff --git a/cpp/autosar/src/rules/M16-0-6/FunctionLikeMacroParameterNotEnclosedInParentheses.ql b/cpp/autosar/src/rules/M16-0-6/FunctionLikeMacroParameterNotEnclosedInParentheses.ql index 02eb1fe3a5..13dd7b7a11 100644 --- a/cpp/autosar/src/rules/M16-0-6/FunctionLikeMacroParameterNotEnclosedInParentheses.ql +++ b/cpp/autosar/src/rules/M16-0-6/FunctionLikeMacroParameterNotEnclosedInParentheses.ql @@ -19,7 +19,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.macroparameternotenclosedinparentheses.MacroParameterNotEnclosedInParentheses -class MacroParameterNotEnclosedInParenthesesCQueryQuery extends MacroParameterNotEnclosedInParenthesesSharedQuery { +class MacroParameterNotEnclosedInParenthesesCQueryQuery extends MacroParameterNotEnclosedInParenthesesSharedQuery +{ MacroParameterNotEnclosedInParenthesesCQueryQuery() { this = MacrosPackage::functionLikeMacroParameterNotEnclosedInParenthesesQuery() } diff --git a/cpp/autosar/src/rules/M2-10-1/DifferentIdentifiersNotTypographicallyUnambiguous.ql b/cpp/autosar/src/rules/M2-10-1/DifferentIdentifiersNotTypographicallyUnambiguous.ql index 9fe2bc2887..cb073ce6c5 100644 --- a/cpp/autosar/src/rules/M2-10-1/DifferentIdentifiersNotTypographicallyUnambiguous.ql +++ b/cpp/autosar/src/rules/M2-10-1/DifferentIdentifiersNotTypographicallyUnambiguous.ql @@ -19,7 +19,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.differentidentifiersnottypographicallyunambiguous.DifferentIdentifiersNotTypographicallyUnambiguous -class DifferentIdentifiersNotTypographicallyUnambiguousQuery extends DifferentIdentifiersNotTypographicallyUnambiguousSharedQuery { +class DifferentIdentifiersNotTypographicallyUnambiguousQuery extends DifferentIdentifiersNotTypographicallyUnambiguousSharedQuery +{ DifferentIdentifiersNotTypographicallyUnambiguousQuery() { this = NamingPackage::differentIdentifiersNotTypographicallyUnambiguousQuery() } diff --git a/cpp/autosar/src/rules/M3-2-4/IdentifierWithExternalLinkageShallHaveOneDefinition.ql b/cpp/autosar/src/rules/M3-2-4/IdentifierWithExternalLinkageShallHaveOneDefinition.ql index b7ace226a0..1698eb97a6 100644 --- a/cpp/autosar/src/rules/M3-2-4/IdentifierWithExternalLinkageShallHaveOneDefinition.ql +++ b/cpp/autosar/src/rules/M3-2-4/IdentifierWithExternalLinkageShallHaveOneDefinition.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.identifierwithexternallinkageonedefinitionshared.IdentifierWithExternalLinkageOneDefinitionShared -class IdentifierWithExternalLinkageOneDefinitionQuery extends IdentifierWithExternalLinkageOneDefinitionSharedSharedQuery { +class IdentifierWithExternalLinkageOneDefinitionQuery extends IdentifierWithExternalLinkageOneDefinitionSharedSharedQuery +{ IdentifierWithExternalLinkageOneDefinitionQuery() { this = ScopePackage::identifierWithExternalLinkageShallHaveOneDefinitionQuery() } diff --git a/cpp/autosar/src/rules/M3-3-2/MissingStaticSpecifierOnFunctionRedeclaration.ql b/cpp/autosar/src/rules/M3-3-2/MissingStaticSpecifierOnFunctionRedeclaration.ql index 3904e267b6..e01f2e3343 100644 --- a/cpp/autosar/src/rules/M3-3-2/MissingStaticSpecifierOnFunctionRedeclaration.ql +++ b/cpp/autosar/src/rules/M3-3-2/MissingStaticSpecifierOnFunctionRedeclaration.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.missingstaticspecifierfunctionredeclarationshared.MissingStaticSpecifierFunctionRedeclarationShared -class MissingStaticSpecifierOnFunctionRedeclarationQuery extends MissingStaticSpecifierFunctionRedeclarationSharedSharedQuery { +class MissingStaticSpecifierOnFunctionRedeclarationQuery extends MissingStaticSpecifierFunctionRedeclarationSharedSharedQuery +{ MissingStaticSpecifierOnFunctionRedeclarationQuery() { this = ScopePackage::missingStaticSpecifierOnFunctionRedeclarationQuery() } diff --git a/cpp/autosar/src/rules/M3-4-1/UnnecessaryExposedIdentifierDeclaration.ql b/cpp/autosar/src/rules/M3-4-1/UnnecessaryExposedIdentifierDeclaration.ql index 1d84a385e5..e6dceb6ca3 100644 --- a/cpp/autosar/src/rules/M3-4-1/UnnecessaryExposedIdentifierDeclaration.ql +++ b/cpp/autosar/src/rules/M3-4-1/UnnecessaryExposedIdentifierDeclaration.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.unnecessaryexposedidentifierdeclarationshared.UnnecessaryExposedIdentifierDeclarationShared -class UnnecessaryExposedIdentifierDeclarationQuery extends UnnecessaryExposedIdentifierDeclarationSharedSharedQuery { +class UnnecessaryExposedIdentifierDeclarationQuery extends UnnecessaryExposedIdentifierDeclarationSharedSharedQuery +{ UnnecessaryExposedIdentifierDeclarationQuery() { this = ScopePackage::unnecessaryExposedIdentifierDeclarationQuery() } diff --git a/cpp/autosar/src/rules/M5-0-15/IndexingNotTheOnlyFormOfPointerArithmetic.ql b/cpp/autosar/src/rules/M5-0-15/IndexingNotTheOnlyFormOfPointerArithmetic.ql index ab545a5225..90cf3132ac 100644 --- a/cpp/autosar/src/rules/M5-0-15/IndexingNotTheOnlyFormOfPointerArithmetic.ql +++ b/cpp/autosar/src/rules/M5-0-15/IndexingNotTheOnlyFormOfPointerArithmetic.ql @@ -18,7 +18,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.useonlyarrayindexingforpointerarithmetic.UseOnlyArrayIndexingForPointerArithmetic -class IndexingNotTheOnlyFormOfPointerArithmeticQuery extends UseOnlyArrayIndexingForPointerArithmeticSharedQuery { +class IndexingNotTheOnlyFormOfPointerArithmeticQuery extends UseOnlyArrayIndexingForPointerArithmeticSharedQuery +{ IndexingNotTheOnlyFormOfPointerArithmeticQuery() { this = PointersPackage::indexingNotTheOnlyFormOfPointerArithmeticQuery() } diff --git a/cpp/autosar/src/rules/M5-0-16/PointerAndDerivedPointerAccessDifferentArray.ql b/cpp/autosar/src/rules/M5-0-16/PointerAndDerivedPointerAccessDifferentArray.ql index 8cbacf949f..a403c6b533 100644 --- a/cpp/autosar/src/rules/M5-0-16/PointerAndDerivedPointerAccessDifferentArray.ql +++ b/cpp/autosar/src/rules/M5-0-16/PointerAndDerivedPointerAccessDifferentArray.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.donotusepointerarithmetictoaddressdifferentarrays.DoNotUsePointerArithmeticToAddressDifferentArrays -class PointerAndDerivedPointerAccessDifferentArrayQuery extends DoNotUsePointerArithmeticToAddressDifferentArraysSharedQuery { +class PointerAndDerivedPointerAccessDifferentArrayQuery extends DoNotUsePointerArithmeticToAddressDifferentArraysSharedQuery +{ PointerAndDerivedPointerAccessDifferentArrayQuery() { this = PointersPackage::pointerAndDerivedPointerAccessDifferentArrayQuery() } diff --git a/cpp/autosar/src/rules/M5-0-18/AppliedToObjectsOfPointerType.ql b/cpp/autosar/src/rules/M5-0-18/AppliedToObjectsOfPointerType.ql index da6f82dd48..d8113cde03 100644 --- a/cpp/autosar/src/rules/M5-0-18/AppliedToObjectsOfPointerType.ql +++ b/cpp/autosar/src/rules/M5-0-18/AppliedToObjectsOfPointerType.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.donotuserelationaloperatorswithdifferingarrays.DoNotUseRelationalOperatorsWithDifferingArrays -class AppliedToObjectsOfPointerTypeQuery extends DoNotUseRelationalOperatorsWithDifferingArraysSharedQuery { +class AppliedToObjectsOfPointerTypeQuery extends DoNotUseRelationalOperatorsWithDifferingArraysSharedQuery +{ AppliedToObjectsOfPointerTypeQuery() { this = PointersPackage::appliedToObjectsOfPointerTypeQuery() } diff --git a/cpp/autosar/src/rules/M5-18-1/CommaOperatorUsed.ql b/cpp/autosar/src/rules/M5-18-1/CommaOperatorUsed.ql index 54e81f9a04..2ce4319df1 100644 --- a/cpp/autosar/src/rules/M5-18-1/CommaOperatorUsed.ql +++ b/cpp/autosar/src/rules/M5-18-1/CommaOperatorUsed.ql @@ -18,7 +18,5 @@ import codingstandards.cpp.autosar import codingstandards.cpp.rules.commaoperatorused.CommaOperatorUsed class CommaOperatorUsedQuery extends CommaOperatorUsedSharedQuery { - CommaOperatorUsedQuery() { - this = BannedSyntaxPackage::commaOperatorUsedQuery() - } + CommaOperatorUsedQuery() { this = BannedSyntaxPackage::commaOperatorUsedQuery() } } diff --git a/cpp/autosar/src/rules/M5-19-1/ConstantUnsignedIntegerExpressionsWrapAround.ql b/cpp/autosar/src/rules/M5-19-1/ConstantUnsignedIntegerExpressionsWrapAround.ql index 221651b9b4..d5d5490fe9 100644 --- a/cpp/autosar/src/rules/M5-19-1/ConstantUnsignedIntegerExpressionsWrapAround.ql +++ b/cpp/autosar/src/rules/M5-19-1/ConstantUnsignedIntegerExpressionsWrapAround.ql @@ -23,7 +23,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.constantunsignedintegerexpressionswraparound.ConstantUnsignedIntegerExpressionsWrapAround -class ConstantUnsignedIntegerExpressionsWrapAroundQuery extends ConstantUnsignedIntegerExpressionsWrapAroundSharedQuery { +class ConstantUnsignedIntegerExpressionsWrapAroundQuery extends ConstantUnsignedIntegerExpressionsWrapAroundSharedQuery +{ ConstantUnsignedIntegerExpressionsWrapAroundQuery() { this = ExpressionsPackage::constantUnsignedIntegerExpressionsWrapAroundQuery() } diff --git a/cpp/autosar/src/rules/M6-4-4/NestedCaseInSwitch.ql b/cpp/autosar/src/rules/M6-4-4/NestedCaseInSwitch.ql index c984053464..3b12bf2ef3 100644 --- a/cpp/autosar/src/rules/M6-4-4/NestedCaseInSwitch.ql +++ b/cpp/autosar/src/rules/M6-4-4/NestedCaseInSwitch.ql @@ -18,7 +18,5 @@ import codingstandards.cpp.autosar import codingstandards.cpp.rules.nestedlabelinswitch.NestedLabelInSwitch class NestedCaseInSwitchQuery extends NestedLabelInSwitchSharedQuery { - NestedCaseInSwitchQuery() { - this = ConditionalsPackage::nestedCaseInSwitchQuery() - } + NestedCaseInSwitchQuery() { this = ConditionalsPackage::nestedCaseInSwitchQuery() } } diff --git a/cpp/autosar/src/rules/M7-5-2/AssignmentOfEscapingAutoStorage.ql b/cpp/autosar/src/rules/M7-5-2/AssignmentOfEscapingAutoStorage.ql index def439ebae..9ebdeb17c8 100644 --- a/cpp/autosar/src/rules/M7-5-2/AssignmentOfEscapingAutoStorage.ql +++ b/cpp/autosar/src/rules/M7-5-2/AssignmentOfEscapingAutoStorage.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.donotcopyaddressofautostorageobjecttootherobject.DoNotCopyAddressOfAutoStorageObjectToOtherObject -class AssignmentOfEscapingAutoStorageQuery extends DoNotCopyAddressOfAutoStorageObjectToOtherObjectSharedQuery { +class AssignmentOfEscapingAutoStorageQuery extends DoNotCopyAddressOfAutoStorageObjectToOtherObjectSharedQuery +{ AssignmentOfEscapingAutoStorageQuery() { this = FreedPackage::assignmentOfEscapingAutoStorageQuery() } diff --git a/cpp/autosar/src/rules/M8-5-2/UseInitBracesToMatchTypeStructure.ql b/cpp/autosar/src/rules/M8-5-2/UseInitBracesToMatchTypeStructure.ql index a0ad244c15..fae629d030 100644 --- a/cpp/autosar/src/rules/M8-5-2/UseInitBracesToMatchTypeStructure.ql +++ b/cpp/autosar/src/rules/M8-5-2/UseInitBracesToMatchTypeStructure.ql @@ -18,7 +18,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.useinitializerbracestomatchaggregatetypestructure.UseInitializerBracesToMatchAggregateTypeStructure -class UseInitBracesToMatchTypeStructureQuery extends UseInitializerBracesToMatchAggregateTypeStructureSharedQuery { +class UseInitBracesToMatchTypeStructureQuery extends UseInitializerBracesToMatchAggregateTypeStructureSharedQuery +{ UseInitBracesToMatchTypeStructureQuery() { this = InitializationPackage::useInitBracesToMatchTypeStructureQuery() } diff --git a/cpp/cert/src/rules/CON50-CPP/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql b/cpp/cert/src/rules/CON50-CPP/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql index f14dad7091..88232118bb 100644 --- a/cpp/cert/src/rules/CON50-CPP/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql +++ b/cpp/cert/src/rules/CON50-CPP/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.cpp.cert import codingstandards.cpp.rules.donotallowamutextogooutofscopewhilelocked.DoNotAllowAMutexToGoOutOfScopeWhileLocked -class DoNotAllowAMutexToGoOutOfScopeWhileLockedQuery extends DoNotAllowAMutexToGoOutOfScopeWhileLockedSharedQuery { +class DoNotAllowAMutexToGoOutOfScopeWhileLockedQuery extends DoNotAllowAMutexToGoOutOfScopeWhileLockedSharedQuery +{ DoNotAllowAMutexToGoOutOfScopeWhileLockedQuery() { this = ConcurrencyPackage::doNotAllowAMutexToGoOutOfScopeWhileLockedQuery() } diff --git a/cpp/cert/src/rules/CON53-CPP/DeadlockByLockingInPredefinedOrder.ql b/cpp/cert/src/rules/CON53-CPP/DeadlockByLockingInPredefinedOrder.ql index 3989464f70..bbd075b930 100644 --- a/cpp/cert/src/rules/CON53-CPP/DeadlockByLockingInPredefinedOrder.ql +++ b/cpp/cert/src/rules/CON53-CPP/DeadlockByLockingInPredefinedOrder.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.cpp.cert import codingstandards.cpp.rules.preventdeadlockbylockinginpredefinedorder.PreventDeadlockByLockingInPredefinedOrder -class DeadlockByLockingInPredefinedOrderQuery extends PreventDeadlockByLockingInPredefinedOrderSharedQuery { +class DeadlockByLockingInPredefinedOrderQuery extends PreventDeadlockByLockingInPredefinedOrderSharedQuery +{ DeadlockByLockingInPredefinedOrderQuery() { this = ConcurrencyPackage::deadlockByLockingInPredefinedOrderQuery() } diff --git a/cpp/cert/src/rules/CON55-CPP/PreserveSafetyWhenUsingConditionVariables.ql b/cpp/cert/src/rules/CON55-CPP/PreserveSafetyWhenUsingConditionVariables.ql index faec80c67d..05d73a4d9f 100644 --- a/cpp/cert/src/rules/CON55-CPP/PreserveSafetyWhenUsingConditionVariables.ql +++ b/cpp/cert/src/rules/CON55-CPP/PreserveSafetyWhenUsingConditionVariables.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.cpp.cert import codingstandards.cpp.rules.preservesafetywhenusingconditionvariables.PreserveSafetyWhenUsingConditionVariables -class PreserveSafetyWhenUsingConditionVariablesQuery extends PreserveSafetyWhenUsingConditionVariablesSharedQuery { +class PreserveSafetyWhenUsingConditionVariablesQuery extends PreserveSafetyWhenUsingConditionVariablesSharedQuery +{ PreserveSafetyWhenUsingConditionVariablesQuery() { this = ConcurrencyPackage::preserveSafetyWhenUsingConditionVariablesQuery() } diff --git a/cpp/cert/src/rules/CON56-CPP/LockedALockedNonRecursiveMutexAudit.ql b/cpp/cert/src/rules/CON56-CPP/LockedALockedNonRecursiveMutexAudit.ql index d3a5778f2c..478a37af65 100644 --- a/cpp/cert/src/rules/CON56-CPP/LockedALockedNonRecursiveMutexAudit.ql +++ b/cpp/cert/src/rules/CON56-CPP/LockedALockedNonRecursiveMutexAudit.ql @@ -20,7 +20,7 @@ from LockProtectedControlFlowNode n where not isExcluded(n, ConcurrencyPackage::lockedALockedNonRecursiveMutexAuditQuery()) and // problematic nodes are ones where a lock is active and there is an attempt - // to call a speculative locking function + // to call a speculative locking function n.(MutexFunctionCall).isSpeculativeLock() and not n.(MutexFunctionCall).isRecursive() select n, "(Audit) Attempt to speculatively lock a non-recursive mutex while it is $@.", diff --git a/cpp/cert/src/rules/CTR58-CPP/PredicateFunctionObjectsShouldNotBeMutable.ql b/cpp/cert/src/rules/CTR58-CPP/PredicateFunctionObjectsShouldNotBeMutable.ql index ab56f399a8..be26725105 100644 --- a/cpp/cert/src/rules/CTR58-CPP/PredicateFunctionObjectsShouldNotBeMutable.ql +++ b/cpp/cert/src/rules/CTR58-CPP/PredicateFunctionObjectsShouldNotBeMutable.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.cpp.cert import codingstandards.cpp.rules.predicatefunctionobjectsshouldnotbemutable.PredicateFunctionObjectsShouldNotBeMutable -class PredicateFunctionObjectsShouldNotBeMutableQuery extends PredicateFunctionObjectsShouldNotBeMutableSharedQuery { +class PredicateFunctionObjectsShouldNotBeMutableQuery extends PredicateFunctionObjectsShouldNotBeMutableSharedQuery +{ PredicateFunctionObjectsShouldNotBeMutableQuery() { this = SideEffects2Package::predicateFunctionObjectsShouldNotBeMutableQuery() } diff --git a/cpp/cert/src/rules/DCL51-CPP/UseOfDoubleUnderscoreReservedPrefix.ql b/cpp/cert/src/rules/DCL51-CPP/UseOfDoubleUnderscoreReservedPrefix.ql index 4e676e4d70..472f0444ad 100644 --- a/cpp/cert/src/rules/DCL51-CPP/UseOfDoubleUnderscoreReservedPrefix.ql +++ b/cpp/cert/src/rules/DCL51-CPP/UseOfDoubleUnderscoreReservedPrefix.ql @@ -34,7 +34,7 @@ from Locatable l, string s where not isExcluded(l, NamingPackage::useOfDoubleUnderscoreReservedPrefixQuery()) and //exclude uses of __func__, which are modelled as LocalVariable declarations - not(l.(LocalVariable).getName() = "__func__") and + not l.(LocalVariable).getName() = "__func__" and ( exists(Macro m | l = m and isReservedMacroPrefix(m) and s = m.getName()) or @@ -49,4 +49,4 @@ where ) ) ) -select l, "Name $@ uses the reserved prefix '__'.", l, s \ No newline at end of file +select l, "Name $@ uses the reserved prefix '__'.", l, s diff --git a/cpp/cert/src/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries.ql b/cpp/cert/src/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries.ql index e3061a0314..cf301dfb5f 100644 --- a/cpp/cert/src/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries.ql +++ b/cpp/cert/src/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.cpp.cert import codingstandards.cpp.rules.informationleakageacrossboundaries.InformationLeakageAcrossBoundaries -class InformationLeakageAcrossTrustBoundariesQuery extends InformationLeakageAcrossBoundariesSharedQuery { +class InformationLeakageAcrossTrustBoundariesQuery extends InformationLeakageAcrossBoundariesSharedQuery +{ InformationLeakageAcrossTrustBoundariesQuery() { this = UninitializedPackage::informationLeakageAcrossTrustBoundariesQuery() } diff --git a/cpp/cert/src/rules/DCL58-CPP/ModificationOfTheStandardNamespaces.ql b/cpp/cert/src/rules/DCL58-CPP/ModificationOfTheStandardNamespaces.ql index d8a33090ba..a0e94d083c 100644 --- a/cpp/cert/src/rules/DCL58-CPP/ModificationOfTheStandardNamespaces.ql +++ b/cpp/cert/src/rules/DCL58-CPP/ModificationOfTheStandardNamespaces.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.cpp.cert import codingstandards.cpp.rules.nonstandardentitiesinstandardnamespaces.NonStandardEntitiesInStandardNamespaces -class ModificationOfTheStandardNamespacesQuery extends NonStandardEntitiesInStandardNamespacesSharedQuery { +class ModificationOfTheStandardNamespacesQuery extends NonStandardEntitiesInStandardNamespacesSharedQuery +{ ModificationOfTheStandardNamespacesQuery() { this = ScopePackage::modificationOfTheStandardNamespacesQuery() } diff --git a/cpp/cert/src/rules/ERR50-CPP/ConditionVariablePostConditionFailedCert.ql b/cpp/cert/src/rules/ERR50-CPP/ConditionVariablePostConditionFailedCert.ql index d183bfa446..6c22010ef7 100644 --- a/cpp/cert/src/rules/ERR50-CPP/ConditionVariablePostConditionFailedCert.ql +++ b/cpp/cert/src/rules/ERR50-CPP/ConditionVariablePostConditionFailedCert.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.cpp.cert import codingstandards.cpp.rules.conditionvariablepostconditionfailed.ConditionVariablePostConditionFailed -class ConditionVariablePostConditionFailedCertQuery extends ConditionVariablePostConditionFailedSharedQuery { +class ConditionVariablePostConditionFailedCertQuery extends ConditionVariablePostConditionFailedSharedQuery +{ ConditionVariablePostConditionFailedCertQuery() { this = Exceptions1Package::conditionVariablePostConditionFailedCertQuery() } diff --git a/cpp/cert/src/rules/ERR52-CPP/DoNotUseSetjmpOrLongjmp.ql b/cpp/cert/src/rules/ERR52-CPP/DoNotUseSetjmpOrLongjmp.ql index d00355e942..45e29d02ff 100644 --- a/cpp/cert/src/rules/ERR52-CPP/DoNotUseSetjmpOrLongjmp.ql +++ b/cpp/cert/src/rules/ERR52-CPP/DoNotUseSetjmpOrLongjmp.ql @@ -16,7 +16,5 @@ import codingstandards.cpp.cert import codingstandards.cpp.rules.donotusesetjmporlongjmpshared.DoNotUseSetjmpOrLongjmpShared class DoNotUseSetjmpOrLongjmpQuery extends DoNotUseSetjmpOrLongjmpSharedSharedQuery { - DoNotUseSetjmpOrLongjmpQuery() { - this = BannedFunctionsPackage::doNotUseSetjmpOrLongjmpQuery() - } + DoNotUseSetjmpOrLongjmpQuery() { this = BannedFunctionsPackage::doNotUseSetjmpOrLongjmpQuery() } } diff --git a/cpp/cert/src/rules/ERR53-CPP/DestroyedValueReferencedInConstructorDestructorCatchBlock.ql b/cpp/cert/src/rules/ERR53-CPP/DestroyedValueReferencedInConstructorDestructorCatchBlock.ql index b1709d2340..c45c3785e6 100644 --- a/cpp/cert/src/rules/ERR53-CPP/DestroyedValueReferencedInConstructorDestructorCatchBlock.ql +++ b/cpp/cert/src/rules/ERR53-CPP/DestroyedValueReferencedInConstructorDestructorCatchBlock.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.cpp.cert import codingstandards.cpp.rules.destroyedvaluereferencedindestructorcatchblock.DestroyedValueReferencedInDestructorCatchBlock -class DestroyedValueReferencedInConstructorDestructorCatchBlockQuery extends DestroyedValueReferencedInDestructorCatchBlockSharedQuery { +class DestroyedValueReferencedInConstructorDestructorCatchBlockQuery extends DestroyedValueReferencedInDestructorCatchBlockSharedQuery +{ DestroyedValueReferencedInConstructorDestructorCatchBlockQuery() { this = Exceptions2Package::destroyedValueReferencedInDestructorCatchBlockQuery() } diff --git a/cpp/cert/src/rules/ERR58-CPP/HandleAllExceptionsThrownBeforeMainBeginsExecuting.ql b/cpp/cert/src/rules/ERR58-CPP/HandleAllExceptionsThrownBeforeMainBeginsExecuting.ql index a6d4baf0bb..843b1f0964 100644 --- a/cpp/cert/src/rules/ERR58-CPP/HandleAllExceptionsThrownBeforeMainBeginsExecuting.ql +++ b/cpp/cert/src/rules/ERR58-CPP/HandleAllExceptionsThrownBeforeMainBeginsExecuting.ql @@ -14,7 +14,8 @@ import cpp import codingstandards.cpp.cert import codingstandards.cpp.rules.handleallexceptionsduringstartup.HandleAllExceptionsDuringStartup -class HandleAllExceptionsThrownBeforeMainBeginsExcecutingQuery extends HandleAllExceptionsDuringStartupSharedQuery { +class HandleAllExceptionsThrownBeforeMainBeginsExcecutingQuery extends HandleAllExceptionsDuringStartupSharedQuery +{ HandleAllExceptionsThrownBeforeMainBeginsExcecutingQuery() { this = Exceptions1Package::handleAllExceptionsThrownBeforeMainBeginsExecutingQuery() } diff --git a/cpp/cert/src/rules/ERR62-CPP/DetectErrorsWhenConvertingAStringToANumber.ql b/cpp/cert/src/rules/ERR62-CPP/DetectErrorsWhenConvertingAStringToANumber.ql index 0f7d458fad..9c6f8120c5 100644 --- a/cpp/cert/src/rules/ERR62-CPP/DetectErrorsWhenConvertingAStringToANumber.ql +++ b/cpp/cert/src/rules/ERR62-CPP/DetectErrorsWhenConvertingAStringToANumber.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.cpp.cert import codingstandards.cpp.rules.stringnumberconversionmissingerrorcheck.StringNumberConversionMissingErrorCheck -class DetectErrorsWhenConvertingAStringToANumberQuery extends StringNumberConversionMissingErrorCheckSharedQuery { +class DetectErrorsWhenConvertingAStringToANumberQuery extends StringNumberConversionMissingErrorCheckSharedQuery +{ DetectErrorsWhenConvertingAStringToANumberQuery() { this = TypeRangesPackage::detectErrorsWhenConvertingAStringToANumberQuery() } diff --git a/cpp/cert/src/rules/EXP55-CPP/RemoveConstOrVolatileQualificationCert.ql b/cpp/cert/src/rules/EXP55-CPP/RemoveConstOrVolatileQualificationCert.ql index c7960b1b66..3c915191d4 100644 --- a/cpp/cert/src/rules/EXP55-CPP/RemoveConstOrVolatileQualificationCert.ql +++ b/cpp/cert/src/rules/EXP55-CPP/RemoveConstOrVolatileQualificationCert.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.cpp.cert import codingstandards.cpp.rules.removeconstorvolatilequalification.RemoveConstOrVolatileQualification -class RemoveConstOrVolatileQualificationCertQuery extends RemoveConstOrVolatileQualificationSharedQuery { +class RemoveConstOrVolatileQualificationCertQuery extends RemoveConstOrVolatileQualificationSharedQuery +{ RemoveConstOrVolatileQualificationCertQuery() { this = ConstPackage::removeConstOrVolatileQualificationCertQuery() } diff --git a/cpp/cert/src/rules/EXP61-CPP/EscapingLambdaObjectWithCaptureByReference.ql b/cpp/cert/src/rules/EXP61-CPP/EscapingLambdaObjectWithCaptureByReference.ql index 55ffa19c09..c57de9b2d1 100644 --- a/cpp/cert/src/rules/EXP61-CPP/EscapingLambdaObjectWithCaptureByReference.ql +++ b/cpp/cert/src/rules/EXP61-CPP/EscapingLambdaObjectWithCaptureByReference.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.cert import codingstandards.cpp.rules.danglingcapturewhenmovinglambdaobject.DanglingCaptureWhenMovingLambdaObject -class MovedLambdaObjectOutlivesCaptureByReferenceQuery extends DanglingCaptureWhenMovingLambdaObjectSharedQuery { +class MovedLambdaObjectOutlivesCaptureByReferenceQuery extends DanglingCaptureWhenMovingLambdaObjectSharedQuery +{ MovedLambdaObjectOutlivesCaptureByReferenceQuery() { this = LambdasPackage::escapingLambdaObjectWithCaptureByReferenceQuery() } diff --git a/cpp/cert/src/rules/EXP61-CPP/ReturningLambdaObjectWithCaptureByReference.ql b/cpp/cert/src/rules/EXP61-CPP/ReturningLambdaObjectWithCaptureByReference.ql index 4ca210ce97..8487c78039 100644 --- a/cpp/cert/src/rules/EXP61-CPP/ReturningLambdaObjectWithCaptureByReference.ql +++ b/cpp/cert/src/rules/EXP61-CPP/ReturningLambdaObjectWithCaptureByReference.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.cert import codingstandards.cpp.rules.danglingcapturewhenreturninglambdaobject.DanglingCaptureWhenReturningLambdaObject -class ReturnedLambdaObjectOutlivesCaptureByReferenceQuery extends DanglingCaptureWhenReturningLambdaObjectSharedQuery { +class ReturnedLambdaObjectOutlivesCaptureByReferenceQuery extends DanglingCaptureWhenReturningLambdaObjectSharedQuery +{ ReturnedLambdaObjectOutlivesCaptureByReferenceQuery() { this = LambdasPackage::returningLambdaObjectWithCaptureByReferenceQuery() } diff --git a/cpp/cert/src/rules/EXP63-CPP/DoNotRelyOnTheValueOfAMovedFromObject.ql b/cpp/cert/src/rules/EXP63-CPP/DoNotRelyOnTheValueOfAMovedFromObject.ql index 8f988827ce..785d4b8b2b 100644 --- a/cpp/cert/src/rules/EXP63-CPP/DoNotRelyOnTheValueOfAMovedFromObject.ql +++ b/cpp/cert/src/rules/EXP63-CPP/DoNotRelyOnTheValueOfAMovedFromObject.ql @@ -14,7 +14,8 @@ import cpp import codingstandards.cpp.cert import codingstandards.cpp.rules.movedfromobjectsunspecifiedstate.MovedFromObjectsUnspecifiedState -class DoNotRelyOnTheValueOfAMovedFromObjectQuery extends MovedFromObjectsUnspecifiedStateSharedQuery { +class DoNotRelyOnTheValueOfAMovedFromObjectQuery extends MovedFromObjectsUnspecifiedStateSharedQuery +{ DoNotRelyOnTheValueOfAMovedFromObjectQuery() { this = MoveForwardPackage::doNotRelyOnTheValueOfAMovedFromObjectQuery() } diff --git a/cpp/cert/src/rules/MEM55-CPP/ThrowingOperatorNewThrowsInvalidExceptionCert.ql b/cpp/cert/src/rules/MEM55-CPP/ThrowingOperatorNewThrowsInvalidExceptionCert.ql index 55affc59d6..0b02be8b3f 100644 --- a/cpp/cert/src/rules/MEM55-CPP/ThrowingOperatorNewThrowsInvalidExceptionCert.ql +++ b/cpp/cert/src/rules/MEM55-CPP/ThrowingOperatorNewThrowsInvalidExceptionCert.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.cpp.cert import codingstandards.cpp.rules.throwingoperatornewthrowsinvalidexception.ThrowingOperatorNewThrowsInvalidException -class ThrowingOperatorNewThrowsInvalidExceptionCertQuery extends ThrowingOperatorNewThrowsInvalidExceptionSharedQuery { +class ThrowingOperatorNewThrowsInvalidExceptionCertQuery extends ThrowingOperatorNewThrowsInvalidExceptionSharedQuery +{ ThrowingOperatorNewThrowsInvalidExceptionCertQuery() { this = AllocationsPackage::throwingOperatorNewThrowsInvalidExceptionCertQuery() } diff --git a/cpp/cert/src/rules/MEM56-CPP/OwnedPointerValueStoredInUnrelatedSmartPointerCert.ql b/cpp/cert/src/rules/MEM56-CPP/OwnedPointerValueStoredInUnrelatedSmartPointerCert.ql index a7035dac81..7fa3209151 100644 --- a/cpp/cert/src/rules/MEM56-CPP/OwnedPointerValueStoredInUnrelatedSmartPointerCert.ql +++ b/cpp/cert/src/rules/MEM56-CPP/OwnedPointerValueStoredInUnrelatedSmartPointerCert.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.cpp.cert import codingstandards.cpp.rules.ownedpointervaluestoredinunrelatedsmartpointer.OwnedPointerValueStoredInUnrelatedSmartPointer -class OwnedPointerValueStoredInUnrelatedSmartPointerCertQuery extends OwnedPointerValueStoredInUnrelatedSmartPointerSharedQuery { +class OwnedPointerValueStoredInUnrelatedSmartPointerCertQuery extends OwnedPointerValueStoredInUnrelatedSmartPointerSharedQuery +{ OwnedPointerValueStoredInUnrelatedSmartPointerCertQuery() { this = SmartPointers2Package::ownedPointerValueStoredInUnrelatedSmartPointerCertQuery() } diff --git a/cpp/cert/src/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.ql b/cpp/cert/src/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.ql index bf58920b84..8ab68974cb 100644 --- a/cpp/cert/src/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.ql +++ b/cpp/cert/src/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.cpp.cert import codingstandards.cpp.rules.donotuserandforgeneratingpseudorandomnumbers.DoNotUseRandForGeneratingPseudorandomNumbers -class DoNotUseRandForGeneratingPseudorandomNumbersQuery extends DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery { +class DoNotUseRandForGeneratingPseudorandomNumbersQuery extends DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery +{ DoNotUseRandForGeneratingPseudorandomNumbersQuery() { this = BannedFunctionsPackage::doNotUseRandForGeneratingPseudorandomNumbersQuery() } diff --git a/cpp/cert/src/rules/MSC53-CPP/FunctionNoReturnAttributeConditionCert.ql b/cpp/cert/src/rules/MSC53-CPP/FunctionNoReturnAttributeConditionCert.ql index 0f0863cc16..511369e46c 100644 --- a/cpp/cert/src/rules/MSC53-CPP/FunctionNoReturnAttributeConditionCert.ql +++ b/cpp/cert/src/rules/MSC53-CPP/FunctionNoReturnAttributeConditionCert.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.cpp.cert import codingstandards.cpp.rules.functionnoreturnattributecondition.FunctionNoReturnAttributeCondition -class FuntionNoReturnAttributeConditionCertQuery extends FunctionNoReturnAttributeConditionSharedQuery { +class FuntionNoReturnAttributeConditionCertQuery extends FunctionNoReturnAttributeConditionSharedQuery +{ FuntionNoReturnAttributeConditionCertQuery() { this = FunctionsPackage::functionNoReturnAttributeConditionCertQuery() } diff --git a/cpp/cert/src/rules/OOP55-CPP/MemberAccessWithUninitializedStaticPointerToMember.ql b/cpp/cert/src/rules/OOP55-CPP/MemberAccessWithUninitializedStaticPointerToMember.ql index d1fb58b549..ead970ca71 100644 --- a/cpp/cert/src/rules/OOP55-CPP/MemberAccessWithUninitializedStaticPointerToMember.ql +++ b/cpp/cert/src/rules/OOP55-CPP/MemberAccessWithUninitializedStaticPointerToMember.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.cpp.cert import codingstandards.cpp.rules.accessofundefinedmemberthroughuninitializedstaticpointer.AccessOfUndefinedMemberThroughUninitializedStaticPointer -class MemberAccessWithUninitializedStaticPointerToMemberQuery extends AccessOfUndefinedMemberThroughUninitializedStaticPointerSharedQuery { +class MemberAccessWithUninitializedStaticPointerToMemberQuery extends AccessOfUndefinedMemberThroughUninitializedStaticPointerSharedQuery +{ MemberAccessWithUninitializedStaticPointerToMemberQuery() { this = PointersPackage::memberAccessWithUninitializedStaticPointerToMemberQuery() } diff --git a/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessNonexistentMember.ql b/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessNonexistentMember.ql index 6341dc49e4..614d3fbaca 100644 --- a/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessNonexistentMember.ql +++ b/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessNonexistentMember.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.cpp.cert import codingstandards.cpp.rules.accessofnonexistingmemberthroughpointertomember.AccessOfNonExistingMemberThroughPointerToMember -class UseOfPointerToMemberToAccessNonexistentMemberQuery extends AccessOfNonExistingMemberThroughPointerToMemberSharedQuery { +class UseOfPointerToMemberToAccessNonexistentMemberQuery extends AccessOfNonExistingMemberThroughPointerToMemberSharedQuery +{ UseOfPointerToMemberToAccessNonexistentMemberQuery() { this = PointersPackage::useOfPointerToMemberToAccessNonexistentMemberQuery() } diff --git a/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessUndefinedMember.ql b/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessUndefinedMember.ql index 3a5af3433e..e6b8f10d9c 100644 --- a/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessUndefinedMember.ql +++ b/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessUndefinedMember.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.cpp.cert import codingstandards.cpp.rules.accessofundefinedmemberthroughnullpointer.AccessOfUndefinedMemberThroughNullPointer -class UseOfPointerToMemberToAccessUndefinedMemberQuery extends AccessOfUndefinedMemberThroughNullPointerSharedQuery { +class UseOfPointerToMemberToAccessUndefinedMemberQuery extends AccessOfUndefinedMemberThroughNullPointerSharedQuery +{ UseOfPointerToMemberToAccessUndefinedMemberQuery() { this = PointersPackage::useOfPointerToMemberToAccessUndefinedMemberQuery() } diff --git a/cpp/cert/src/rules/STR50-CPP/BasicStringMayNotBeNullTerminatedCert.ql b/cpp/cert/src/rules/STR50-CPP/BasicStringMayNotBeNullTerminatedCert.ql index d9787d2393..9ff12eca5c 100644 --- a/cpp/cert/src/rules/STR50-CPP/BasicStringMayNotBeNullTerminatedCert.ql +++ b/cpp/cert/src/rules/STR50-CPP/BasicStringMayNotBeNullTerminatedCert.ql @@ -14,7 +14,8 @@ import cpp import codingstandards.cpp.cert import codingstandards.cpp.rules.basicstringmaynotbenullterminated.BasicStringMayNotBeNullTerminated -class BasicStringMayNotBeNullTerminatedCertQuery extends BasicStringMayNotBeNullTerminatedSharedQuery { +class BasicStringMayNotBeNullTerminatedCertQuery extends BasicStringMayNotBeNullTerminatedSharedQuery +{ BasicStringMayNotBeNullTerminatedCertQuery() { this = StringsPackage::basicStringMayNotBeNullTerminatedCertQuery() } diff --git a/cpp/cert/src/rules/STR50-CPP/OperationMayNotNullTerminateCStyleStringCert.ql b/cpp/cert/src/rules/STR50-CPP/OperationMayNotNullTerminateCStyleStringCert.ql index 2878c7b001..d79297a63b 100644 --- a/cpp/cert/src/rules/STR50-CPP/OperationMayNotNullTerminateCStyleStringCert.ql +++ b/cpp/cert/src/rules/STR50-CPP/OperationMayNotNullTerminateCStyleStringCert.ql @@ -14,7 +14,8 @@ import cpp import codingstandards.cpp.cert import codingstandards.cpp.rules.operationmaynotnullterminatecstylestring.OperationMayNotNullTerminateCStyleString -class OperationMayNotNullTerminateCStyleStringCertQuery extends OperationMayNotNullTerminateCStyleStringSharedQuery { +class OperationMayNotNullTerminateCStyleStringCertQuery extends OperationMayNotNullTerminateCStyleStringSharedQuery +{ OperationMayNotNullTerminateCStyleStringCertQuery() { this = StringsPackage::operationMayNotNullTerminateCStyleStringCertQuery() } diff --git a/cpp/common/test/rules/accessofnonexistingmemberthroughpointertomember/AccessOfNonExistingMemberThroughPointerToMember.ql b/cpp/common/test/rules/accessofnonexistingmemberthroughpointertomember/AccessOfNonExistingMemberThroughPointerToMember.ql index 6e49f3b033..3d65ee176a 100644 --- a/cpp/common/test/rules/accessofnonexistingmemberthroughpointertomember/AccessOfNonExistingMemberThroughPointerToMember.ql +++ b/cpp/common/test/rules/accessofnonexistingmemberthroughpointertomember/AccessOfNonExistingMemberThroughPointerToMember.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.accessofnonexistingmemberthroughpointertomember.AccessOfNonExistingMemberThroughPointerToMember -class TestFileQuery extends AccessOfNonExistingMemberThroughPointerToMemberSharedQuery, TestQuery { } +class TestFileQuery extends AccessOfNonExistingMemberThroughPointerToMemberSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.ql b/cpp/common/test/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.ql index e39fe834cb..90d192e3d8 100644 --- a/cpp/common/test/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.ql +++ b/cpp/common/test/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.ql @@ -1,4 +1,6 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.accessofundefinedmemberthroughuninitializedstaticpointer.AccessOfUndefinedMemberThroughUninitializedStaticPointer -class TestFileQuery extends AccessOfUndefinedMemberThroughUninitializedStaticPointerSharedQuery, TestQuery { } +class TestFileQuery extends AccessOfUndefinedMemberThroughUninitializedStaticPointerSharedQuery, + TestQuery +{ } diff --git a/cpp/common/test/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.ql b/cpp/common/test/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.ql index 16a160b121..64357d95de 100644 --- a/cpp/common/test/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.ql +++ b/cpp/common/test/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.differentidentifiersnottypographicallyunambiguous.DifferentIdentifiersNotTypographicallyUnambiguous -class TestFileQuery extends DifferentIdentifiersNotTypographicallyUnambiguousSharedQuery, TestQuery { } +class TestFileQuery extends DifferentIdentifiersNotTypographicallyUnambiguousSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/donotcopyaddressofautostorageobjecttootherobject/DoNotCopyAddressOfAutoStorageObjectToOtherObject.ql b/cpp/common/test/rules/donotcopyaddressofautostorageobjecttootherobject/DoNotCopyAddressOfAutoStorageObjectToOtherObject.ql index 782afa4cee..9955572e73 100644 --- a/cpp/common/test/rules/donotcopyaddressofautostorageobjecttootherobject/DoNotCopyAddressOfAutoStorageObjectToOtherObject.ql +++ b/cpp/common/test/rules/donotcopyaddressofautostorageobjecttootherobject/DoNotCopyAddressOfAutoStorageObjectToOtherObject.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotcopyaddressofautostorageobjecttootherobject.DoNotCopyAddressOfAutoStorageObjectToOtherObject -class TestFileQuery extends DoNotCopyAddressOfAutoStorageObjectToOtherObjectSharedQuery, TestQuery { } +class TestFileQuery extends DoNotCopyAddressOfAutoStorageObjectToOtherObjectSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.ql b/cpp/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.ql index 79e322e22c..c0a3435e05 100644 --- a/cpp/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.ql +++ b/cpp/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotusepointerarithmetictoaddressdifferentarrays.DoNotUsePointerArithmeticToAddressDifferentArrays -class TestFileQuery extends DoNotUsePointerArithmeticToAddressDifferentArraysSharedQuery, TestQuery { } +class TestFileQuery extends DoNotUsePointerArithmeticToAddressDifferentArraysSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/identifierwithexternallinkageonedefinitionshared/IdentifierWithExternalLinkageOneDefinitionShared.ql b/cpp/common/test/rules/identifierwithexternallinkageonedefinitionshared/IdentifierWithExternalLinkageOneDefinitionShared.ql index ebe9a75d1e..d50eb53652 100644 --- a/cpp/common/test/rules/identifierwithexternallinkageonedefinitionshared/IdentifierWithExternalLinkageOneDefinitionShared.ql +++ b/cpp/common/test/rules/identifierwithexternallinkageonedefinitionshared/IdentifierWithExternalLinkageOneDefinitionShared.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.identifierwithexternallinkageonedefinitionshared.IdentifierWithExternalLinkageOneDefinitionShared -class TestFileQuery extends IdentifierWithExternalLinkageOneDefinitionSharedSharedQuery, TestQuery { } +class TestFileQuery extends IdentifierWithExternalLinkageOneDefinitionSharedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.ql b/cpp/common/test/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.ql index 5113873b8b..f84cbf8698 100644 --- a/cpp/common/test/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.ql +++ b/cpp/common/test/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.missingstaticspecifierfunctionredeclarationshared.MissingStaticSpecifierFunctionRedeclarationShared -class TestFileQuery extends MissingStaticSpecifierFunctionRedeclarationSharedSharedQuery, TestQuery { } +class TestFileQuery extends MissingStaticSpecifierFunctionRedeclarationSharedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.ql b/cpp/common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.ql index 8ddcc5bc7e..b2bbb0ff1c 100644 --- a/cpp/common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.ql +++ b/cpp/common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.useinitializerbracestomatchaggregatetypestructure.UseInitializerBracesToMatchAggregateTypeStructure -class TestFileQuery extends UseInitializerBracesToMatchAggregateTypeStructureSharedQuery, TestQuery { } +class TestFileQuery extends UseInitializerBracesToMatchAggregateTypeStructureSharedQuery, TestQuery { +} diff --git a/supported_codeql_configs.json b/supported_codeql_configs.json index b62a99c892..3a38b4bb26 100644 --- a/supported_codeql_configs.json +++ b/supported_codeql_configs.json @@ -1,9 +1,9 @@ { "supported_environment": [ { - "codeql_cli": "2.12.7", - "codeql_standard_library": "codeql-cli/v2.12.7", - "codeql_cli_bundle": "codeql-bundle-20230418" + "codeql_cli": "2.13.5", + "codeql_standard_library": "codeql-cli/v2.13.5", + "codeql_cli_bundle": "codeql-bundle-v2.13.5" } ], "supported_language": [ From bc60676f014a60f71d32da6c9f204fa13bd38d26 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Thu, 28 Sep 2023 15:42:14 +0100 Subject: [PATCH 1219/2573] Fix PR name, body and commit message. --- .github/workflows/upgrade_codeql_dependencies.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/upgrade_codeql_dependencies.yml b/.github/workflows/upgrade_codeql_dependencies.yml index a71ecabfac..12eff7c0f2 100644 --- a/.github/workflows/upgrade_codeql_dependencies.yml +++ b/.github/workflows/upgrade_codeql_dependencies.yml @@ -54,8 +54,8 @@ jobs: - name: Create Pull Request uses: peter-evans/create-pull-request@v3 with: - title: "Upgrading `github/codeql` dependency to ${{ github.event.inputs.codeql_standard_library_commit }}" - body: "This PR upgrades the CodeQL CLI version to ${{ github.event.inputs.codeql_cli_version }} and the `github/codeql` version to ${{ github.event.inputs.codeql_standard_library_commit }}." - commit-message: "Upgrading `github/codeql` dependency to ${{ github.event.inputs.codeql_standard_library_commit }}" + title: "Upgrading `github/codeql` dependency to ${{ github.event.inputs.codeql_cli_version }}" + body: "This PR upgrades the CodeQL CLI version to ${{ github.event.inputs.codeql_cli_version }}." + commit-message: "Upgrading `github/codeql` dependency to ${{ github.event.inputs.codeql_cli_version }}" delete-branch: true branch: "codeql/upgrade-to-${{ github.event.inputs.codeql_cli_version }}" From 92ea901854adc46d74aaf0448ab5d66faf84f9fa Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Thu, 28 Sep 2023 15:52:02 +0100 Subject: [PATCH 1220/2573] Pass multiple files per call to CodeQL query format --- .github/workflows/upgrade_codeql_dependencies.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/upgrade_codeql_dependencies.yml b/.github/workflows/upgrade_codeql_dependencies.yml index 12eff7c0f2..df496124e4 100644 --- a/.github/workflows/upgrade_codeql_dependencies.yml +++ b/.github/workflows/upgrade_codeql_dependencies.yml @@ -48,8 +48,8 @@ jobs: env: RUNNER_TEMP: ${{ runner.temp }} run: | - find cpp -name '*.ql' -or -name '*.qll' | xargs --max-procs "$XARGS_MAX_PROCS" --max-args 1 $RUNNER_TEMP/codeql/codeql query format --in-place - find c -name '*.ql' -or -name '*.qll' | xargs --max-procs "$XARGS_MAX_PROCS" --max-args 1 $RUNNER_TEMP/codeql/codeql query format --in-place + find cpp -name '*.ql' -or -name '*.qll' | xargs --max-procs "$XARGS_MAX_PROCS" $RUNNER_TEMP/codeql/codeql query format --in-place + find c -name '*.ql' -or -name '*.qll' | xargs --max-procs "$XARGS_MAX_PROCS" $RUNNER_TEMP/codeql/codeql query format --in-place - name: Create Pull Request uses: peter-evans/create-pull-request@v3 From a0e1aa533d75495994db399125ba7cf3f882d906 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Thu, 28 Sep 2023 15:54:54 +0100 Subject: [PATCH 1221/2573] Use null to separate query files when formatting. Safer in the presence of files with spaces. --- .github/workflows/upgrade_codeql_dependencies.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/upgrade_codeql_dependencies.yml b/.github/workflows/upgrade_codeql_dependencies.yml index df496124e4..a13d58dd40 100644 --- a/.github/workflows/upgrade_codeql_dependencies.yml +++ b/.github/workflows/upgrade_codeql_dependencies.yml @@ -48,8 +48,8 @@ jobs: env: RUNNER_TEMP: ${{ runner.temp }} run: | - find cpp -name '*.ql' -or -name '*.qll' | xargs --max-procs "$XARGS_MAX_PROCS" $RUNNER_TEMP/codeql/codeql query format --in-place - find c -name '*.ql' -or -name '*.qll' | xargs --max-procs "$XARGS_MAX_PROCS" $RUNNER_TEMP/codeql/codeql query format --in-place + find cpp -name '*.ql' -or -name '*.qll' -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" $RUNNER_TEMP/codeql/codeql query format --in-place + find c -name '*.ql' -or -name '*.qll' -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" $RUNNER_TEMP/codeql/codeql query format --in-place - name: Create Pull Request uses: peter-evans/create-pull-request@v3 From 1ed7676c6d03d6787b13cce3f1a1ac8ecf1228a4 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Thu, 28 Sep 2023 16:07:30 +0100 Subject: [PATCH 1222/2573] Fix bracketing on CodeQL query formatting command --- .github/workflows/upgrade_codeql_dependencies.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/upgrade_codeql_dependencies.yml b/.github/workflows/upgrade_codeql_dependencies.yml index a13d58dd40..73721d5581 100644 --- a/.github/workflows/upgrade_codeql_dependencies.yml +++ b/.github/workflows/upgrade_codeql_dependencies.yml @@ -48,8 +48,8 @@ jobs: env: RUNNER_TEMP: ${{ runner.temp }} run: | - find cpp -name '*.ql' -or -name '*.qll' -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" $RUNNER_TEMP/codeql/codeql query format --in-place - find c -name '*.ql' -or -name '*.qll' -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" $RUNNER_TEMP/codeql/codeql query format --in-place + find cpp \( -name '*.ql' -or -name '*.qll' \) -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" $RUNNER_TEMP/codeql/codeql query format --in-place + find c \( -name '*.ql' -or -name '*.qll' \) -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" $RUNNER_TEMP/codeql/codeql query format --in-place - name: Create Pull Request uses: peter-evans/create-pull-request@v3 From 46e5ebaae81f25579405e78d067b691fddb007f2 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 28 Sep 2023 23:15:54 +0100 Subject: [PATCH 1223/2573] A7-3-1: Refactor to avoid join on name Refactor to: 1. Avoid any potential performance problems from equating names of two member functions. 2. Report the Declaration, not the DeclarationEntry of the hidden function, which reduces duplication. --- ...enInheritedNonOverridableMemberFunction.ql | 19 +++++++++++++------ ...ritedNonOverridableMemberFunction.expected | 2 +- 2 files changed, 14 insertions(+), 7 deletions(-) diff --git a/cpp/autosar/src/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.ql b/cpp/autosar/src/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.ql index 0083fb0cb4..1f0eb4a19b 100644 --- a/cpp/autosar/src/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.ql +++ b/cpp/autosar/src/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.ql @@ -16,17 +16,24 @@ import cpp import codingstandards.cpp.autosar -from FunctionDeclarationEntry overridingDecl, FunctionDeclarationEntry hiddenDecl +/** + * Holds if the class has a non-virtual member function with the given name. + */ +predicate hasNonVirtualMemberFunction(Class clazz, MemberFunction mf, string name) { + mf.getDeclaringType() = clazz and + mf.getName() = name and + not mf.isVirtual() +} + +from FunctionDeclarationEntry overridingDecl, MemberFunction hiddenDecl where not isExcluded(overridingDecl, ScopePackage::hiddenInheritedNonOverridableMemberFunctionQuery()) and // Check if we are overriding a non-virtual inherited member function - overridingDecl.getName() = hiddenDecl.getName() and - overridingDecl.getDeclaration().getDeclaringType().getABaseClass() = - hiddenDecl.getDeclaration().getDeclaringType() and - not hiddenDecl.getDeclaration().isVirtual() and + hasNonVirtualMemberFunction(overridingDecl.getDeclaration().getDeclaringType().getABaseClass(), + hiddenDecl, overridingDecl.getName()) and // Where the hidden member function isn't explicitly brought in scope through a using declaration. not exists(UsingDeclarationEntry ude | - ude.getDeclaration() = hiddenDecl.getDeclaration() and + ude.getDeclaration() = hiddenDecl and ude.getEnclosingElement() = overridingDecl.getDeclaration().getDeclaringType() and ude.getLocation().getStartLine() < overridingDecl.getLocation().getStartLine() ) and diff --git a/cpp/autosar/test/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.expected b/cpp/autosar/test/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.expected index 85ede1ada2..ca10ea31f3 100644 --- a/cpp/autosar/test/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.expected +++ b/cpp/autosar/test/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.expected @@ -1 +1 @@ -| test.cpp:16:8:16:9 | declaration of f1 | Declaration for member 'f1' hides non-overridable inherited member function $@ | test.cpp:7:8:7:9 | declaration of f1 | f1 | +| test.cpp:16:8:16:9 | declaration of f1 | Declaration for member 'f1' hides non-overridable inherited member function $@ | test.cpp:7:8:7:9 | f1 | f1 | From 1263d08214a847a1cd1a14cf2fa473b0a427f7af Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 28 Sep 2023 23:36:29 +0100 Subject: [PATCH 1224/2573] A7-3-1: Ignore order of using and decl The filter on order between overriding declaration and using was problematic because: 1. It produced a bad join order related to start lines. 2. It did not check if they were in the same file. 3. It used the wrong declaration - the order of the overriding declaration and the using declaration doesn't matter. I think the intention was to confirm that the hidden declaration appeared before the using declaration (so that it was in scope), but errors of this kind would be identified by the DefinitionNotConsideredForUnqualifiedLookup.ql query, so there's no need to factor that in here. --- ...enInheritedNonOverridableMemberFunction.ql | 3 +-- cpp/autosar/test/rules/A7-3-1/test.cpp | 19 ++++++++++++++++++- 2 files changed, 19 insertions(+), 3 deletions(-) diff --git a/cpp/autosar/src/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.ql b/cpp/autosar/src/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.ql index 1f0eb4a19b..1365d00f76 100644 --- a/cpp/autosar/src/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.ql +++ b/cpp/autosar/src/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.ql @@ -34,8 +34,7 @@ where // Where the hidden member function isn't explicitly brought in scope through a using declaration. not exists(UsingDeclarationEntry ude | ude.getDeclaration() = hiddenDecl and - ude.getEnclosingElement() = overridingDecl.getDeclaration().getDeclaringType() and - ude.getLocation().getStartLine() < overridingDecl.getLocation().getStartLine() + ude.getEnclosingElement() = overridingDecl.getDeclaration().getDeclaringType() ) and // Exclude compiler generated member functions which include things like copy constructor that hide base class // copy constructors. diff --git a/cpp/autosar/test/rules/A7-3-1/test.cpp b/cpp/autosar/test/rules/A7-3-1/test.cpp index 7aaeb26567..ce54c0abeb 100644 --- a/cpp/autosar/test/rules/A7-3-1/test.cpp +++ b/cpp/autosar/test/rules/A7-3-1/test.cpp @@ -47,7 +47,7 @@ void f1() { l1.f1(0); // calls C2::f1(double) instead of C1::f1(int) l1.f2(0); // calls C2::f2(double) instead of C1::f2(int) // S1 s1; - // l1.f2(s1); Won't compile because there is no suitable conversion fro S1 to + // l1.f2(s1); Won't compile because there is no suitable conversion from S1 to // double. C1 &l2{l1}; l2.f1(0); // calls C1::f1(int) @@ -60,3 +60,20 @@ void f1() { S1 l4; l3.f2(l4); // calls C1:f2(S1) } + +class C5 : public C1 { +public: + void f1(double); // COMPLIANT + using C1::f1; // order of using and f1 declaration is not relevant + + void f2(double) override; // COMPLIANT + using C1::f2; // order of using and f1 declaration is not relevant +}; + +void f2() { + C5 c5; + c5.f1(0); // calls C1::f1(int) + c5.f1(0.0); // calls C5::f1(double) + c5.f2(0); // calls C1::f2(int) + c5.f2(0.0); // calls C5::f2(double) +} \ No newline at end of file From 5283bc85304943721acd78a93e3bab8f9cca637d Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 28 Sep 2023 23:57:48 +0100 Subject: [PATCH 1225/2573] A7-3-1: Report the declaration not the entry There is no need to report every declaration entry. This commit also fixes performance issues that occurred when making this change. --- ...enInheritedNonOverridableMemberFunction.ql | 24 +++++++++++++------ ...ritedNonOverridableMemberFunction.expected | 2 +- 2 files changed, 18 insertions(+), 8 deletions(-) diff --git a/cpp/autosar/src/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.ql b/cpp/autosar/src/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.ql index 1365d00f76..5a4d8068bd 100644 --- a/cpp/autosar/src/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.ql +++ b/cpp/autosar/src/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.ql @@ -19,26 +19,36 @@ import codingstandards.cpp.autosar /** * Holds if the class has a non-virtual member function with the given name. */ +pragma[noinline, nomagic] predicate hasNonVirtualMemberFunction(Class clazz, MemberFunction mf, string name) { mf.getDeclaringType() = clazz and mf.getName() = name and not mf.isVirtual() } -from FunctionDeclarationEntry overridingDecl, MemberFunction hiddenDecl +/** + * Holds if the member function is in a class with the given base class, and has the given name. + */ +pragma[noinline, nomagic] +predicate hasDeclarationBaseClass(MemberFunction mf, Class baseClass, string functionName) { + baseClass = mf.getDeclaringType().getABaseClass() and + functionName = mf.getName() +} + +from MemberFunction overridingDecl, MemberFunction hiddenDecl, Class baseClass, string name where not isExcluded(overridingDecl, ScopePackage::hiddenInheritedNonOverridableMemberFunctionQuery()) and // Check if we are overriding a non-virtual inherited member function - hasNonVirtualMemberFunction(overridingDecl.getDeclaration().getDeclaringType().getABaseClass(), - hiddenDecl, overridingDecl.getName()) and + hasNonVirtualMemberFunction(baseClass, hiddenDecl, name) and + hasDeclarationBaseClass(overridingDecl, baseClass, name) and // Where the hidden member function isn't explicitly brought in scope through a using declaration. not exists(UsingDeclarationEntry ude | ude.getDeclaration() = hiddenDecl and - ude.getEnclosingElement() = overridingDecl.getDeclaration().getDeclaringType() + ude.getEnclosingElement() = overridingDecl.getDeclaringType() ) and // Exclude compiler generated member functions which include things like copy constructor that hide base class // copy constructors. - not overridingDecl.getDeclaration().isCompilerGenerated() + not overridingDecl.isCompilerGenerated() select overridingDecl, - "Declaration for member '" + overridingDecl.getName() + - "' hides non-overridable inherited member function $@", hiddenDecl, hiddenDecl.getName() + "Declaration for member '" + name + "' hides non-overridable inherited member function $@", + hiddenDecl, hiddenDecl.getName() diff --git a/cpp/autosar/test/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.expected b/cpp/autosar/test/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.expected index ca10ea31f3..bf75699c4d 100644 --- a/cpp/autosar/test/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.expected +++ b/cpp/autosar/test/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.expected @@ -1 +1 @@ -| test.cpp:16:8:16:9 | declaration of f1 | Declaration for member 'f1' hides non-overridable inherited member function $@ | test.cpp:7:8:7:9 | f1 | f1 | +| test.cpp:16:8:16:9 | f1 | Declaration for member 'f1' hides non-overridable inherited member function $@ | test.cpp:7:8:7:9 | f1 | f1 | From 2dc3c188fa39ecfbe7dcd8d5eafad2885225cb5c Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 29 Sep 2023 08:29:25 +0100 Subject: [PATCH 1226/2573] A7-3-1: Do not report special member functions Special member functions are not inheritable. --- .../A7-3-1/HiddenInheritedNonOverridableMemberFunction.ql | 5 ++++- cpp/autosar/test/rules/A7-3-1/test.cpp | 7 ++++++- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/src/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.ql b/cpp/autosar/src/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.ql index 5a4d8068bd..dab395777e 100644 --- a/cpp/autosar/src/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.ql +++ b/cpp/autosar/src/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.ql @@ -15,6 +15,7 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.Class /** * Holds if the class has a non-virtual member function with the given name. @@ -48,7 +49,9 @@ where ) and // Exclude compiler generated member functions which include things like copy constructor that hide base class // copy constructors. - not overridingDecl.isCompilerGenerated() + not overridingDecl.isCompilerGenerated() and + // Exclude special member functions, which cannot be inherited. + not overridingDecl instanceof SpecialMemberFunction select overridingDecl, "Declaration for member '" + name + "' hides non-overridable inherited member function $@", hiddenDecl, hiddenDecl.getName() diff --git a/cpp/autosar/test/rules/A7-3-1/test.cpp b/cpp/autosar/test/rules/A7-3-1/test.cpp index ce54c0abeb..1b82860ca2 100644 --- a/cpp/autosar/test/rules/A7-3-1/test.cpp +++ b/cpp/autosar/test/rules/A7-3-1/test.cpp @@ -76,4 +76,9 @@ void f2() { c5.f1(0.0); // calls C5::f1(double) c5.f2(0); // calls C1::f2(int) c5.f2(0.0); // calls C5::f2(double) -} \ No newline at end of file +} + +class C6 : public C1 { +public: + C6 &operator=(const C6 &); // COMPLIANT +}; \ No newline at end of file From 40ef3c6270887e973dd804f0306b8ece14d49caf Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 29 Sep 2023 08:31:56 +0100 Subject: [PATCH 1227/2573] Add change note --- change_notes/2023-09-28-a7-3-1-updates.md | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 change_notes/2023-09-28-a7-3-1-updates.md diff --git a/change_notes/2023-09-28-a7-3-1-updates.md b/change_notes/2023-09-28-a7-3-1-updates.md new file mode 100644 index 0000000000..68ce080cbe --- /dev/null +++ b/change_notes/2023-09-28-a7-3-1-updates.md @@ -0,0 +1,6 @@ + * `A7-3-1` - `HiddenInheritedNonOverridableMemberFunction.ql`: + - Reduce duplication by reporting only a single location for each declaration of a problematic element. + - Reduce duplication when reporting the hidden function by reporting only one declaration entry. + - Improve performance by eliminating a number of bad join orders. + - Fix false positives where the using declaration occurred after the function declaration. + - Exclude special member functions, which cannot be inherited. \ No newline at end of file From b33489ee755ab5c601724894c8f0910d3ef91ae0 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 29 Sep 2023 15:31:03 +0100 Subject: [PATCH 1228/2573] Update CodeQL codeql/cpp-all pack dependencies to 2.13.5. --- c/cert/src/codeql-pack.lock.yml | 8 +++++--- c/cert/src/qlpack.yml | 2 +- c/cert/test/codeql-pack.lock.yml | 8 +++++--- c/common/src/codeql-pack.lock.yml | 8 +++++--- c/common/src/qlpack.yml | 2 +- c/common/test/codeql-pack.lock.yml | 8 +++++--- c/misra/src/codeql-pack.lock.yml | 8 +++++--- c/misra/src/qlpack.yml | 2 +- c/misra/test/codeql-pack.lock.yml | 8 +++++--- cpp/autosar/src/codeql-pack.lock.yml | 8 +++++--- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/codeql-pack.lock.yml | 8 +++++--- cpp/cert/src/codeql-pack.lock.yml | 8 +++++--- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/codeql-pack.lock.yml | 8 +++++--- cpp/common/src/codeql-pack.lock.yml | 8 +++++--- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/codeql-pack.lock.yml | 8 +++++--- cpp/misra/src/codeql-pack.lock.yml | 8 +++++--- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/codeql-pack.lock.yml | 8 +++++--- cpp/report/src/codeql-pack.lock.yml | 8 +++++--- cpp/report/src/qlpack.yml | 2 +- scripts/generate_modules/queries/codeql-pack.lock.yml | 8 +++++--- scripts/generate_modules/queries/qlpack.yml | 2 +- scripts/update_codeql_dependency.sh | 4 ++-- 26 files changed, 91 insertions(+), 59 deletions(-) diff --git a/c/cert/src/codeql-pack.lock.yml b/c/cert/src/codeql-pack.lock.yml index e7600d8458..a2bd966ce1 100644 --- a/c/cert/src/codeql-pack.lock.yml +++ b/c/cert/src/codeql-pack.lock.yml @@ -2,9 +2,11 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.6.1 + version: 0.7.4 codeql/ssa: - version: 0.0.14 + version: 0.0.19 codeql/tutorial: - version: 0.0.7 + version: 0.0.12 + codeql/util: + version: 0.0.12 compiled: false diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index 9be69ce8e2..1502c25759 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -5,4 +5,4 @@ suites: codeql-suites license: MIT dependencies: codeql/common-c-coding-standards: '*' - codeql/cpp-all: 0.6.1 + codeql/cpp-all: 0.7.4 diff --git a/c/cert/test/codeql-pack.lock.yml b/c/cert/test/codeql-pack.lock.yml index e7600d8458..a2bd966ce1 100644 --- a/c/cert/test/codeql-pack.lock.yml +++ b/c/cert/test/codeql-pack.lock.yml @@ -2,9 +2,11 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.6.1 + version: 0.7.4 codeql/ssa: - version: 0.0.14 + version: 0.0.19 codeql/tutorial: - version: 0.0.7 + version: 0.0.12 + codeql/util: + version: 0.0.12 compiled: false diff --git a/c/common/src/codeql-pack.lock.yml b/c/common/src/codeql-pack.lock.yml index e7600d8458..a2bd966ce1 100644 --- a/c/common/src/codeql-pack.lock.yml +++ b/c/common/src/codeql-pack.lock.yml @@ -2,9 +2,11 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.6.1 + version: 0.7.4 codeql/ssa: - version: 0.0.14 + version: 0.0.19 codeql/tutorial: - version: 0.0.7 + version: 0.0.12 + codeql/util: + version: 0.0.12 compiled: false diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 8884f0e49b..66299833e7 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -3,4 +3,4 @@ version: 2.22.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.6.1 + codeql/cpp-all: 0.7.4 diff --git a/c/common/test/codeql-pack.lock.yml b/c/common/test/codeql-pack.lock.yml index e7600d8458..a2bd966ce1 100644 --- a/c/common/test/codeql-pack.lock.yml +++ b/c/common/test/codeql-pack.lock.yml @@ -2,9 +2,11 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.6.1 + version: 0.7.4 codeql/ssa: - version: 0.0.14 + version: 0.0.19 codeql/tutorial: - version: 0.0.7 + version: 0.0.12 + codeql/util: + version: 0.0.12 compiled: false diff --git a/c/misra/src/codeql-pack.lock.yml b/c/misra/src/codeql-pack.lock.yml index e7600d8458..a2bd966ce1 100644 --- a/c/misra/src/codeql-pack.lock.yml +++ b/c/misra/src/codeql-pack.lock.yml @@ -2,9 +2,11 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.6.1 + version: 0.7.4 codeql/ssa: - version: 0.0.14 + version: 0.0.19 codeql/tutorial: - version: 0.0.7 + version: 0.0.12 + codeql/util: + version: 0.0.12 compiled: false diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index e0e18d5ca5..26ff8140fb 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -5,4 +5,4 @@ suites: codeql-suites license: MIT dependencies: codeql/common-c-coding-standards: '*' - codeql/cpp-all: 0.6.1 + codeql/cpp-all: 0.7.4 diff --git a/c/misra/test/codeql-pack.lock.yml b/c/misra/test/codeql-pack.lock.yml index e7600d8458..a2bd966ce1 100644 --- a/c/misra/test/codeql-pack.lock.yml +++ b/c/misra/test/codeql-pack.lock.yml @@ -2,9 +2,11 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.6.1 + version: 0.7.4 codeql/ssa: - version: 0.0.14 + version: 0.0.19 codeql/tutorial: - version: 0.0.7 + version: 0.0.12 + codeql/util: + version: 0.0.12 compiled: false diff --git a/cpp/autosar/src/codeql-pack.lock.yml b/cpp/autosar/src/codeql-pack.lock.yml index e7600d8458..a2bd966ce1 100644 --- a/cpp/autosar/src/codeql-pack.lock.yml +++ b/cpp/autosar/src/codeql-pack.lock.yml @@ -2,9 +2,11 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.6.1 + version: 0.7.4 codeql/ssa: - version: 0.0.14 + version: 0.0.19 codeql/tutorial: - version: 0.0.7 + version: 0.0.12 + codeql/util: + version: 0.0.12 compiled: false diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index 2cf0f667af..557ad5c32e 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -5,4 +5,4 @@ suites: codeql-suites license: MIT dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.6.1 + codeql/cpp-all: 0.7.4 diff --git a/cpp/autosar/test/codeql-pack.lock.yml b/cpp/autosar/test/codeql-pack.lock.yml index e7600d8458..a2bd966ce1 100644 --- a/cpp/autosar/test/codeql-pack.lock.yml +++ b/cpp/autosar/test/codeql-pack.lock.yml @@ -2,9 +2,11 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.6.1 + version: 0.7.4 codeql/ssa: - version: 0.0.14 + version: 0.0.19 codeql/tutorial: - version: 0.0.7 + version: 0.0.12 + codeql/util: + version: 0.0.12 compiled: false diff --git a/cpp/cert/src/codeql-pack.lock.yml b/cpp/cert/src/codeql-pack.lock.yml index e7600d8458..a2bd966ce1 100644 --- a/cpp/cert/src/codeql-pack.lock.yml +++ b/cpp/cert/src/codeql-pack.lock.yml @@ -2,9 +2,11 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.6.1 + version: 0.7.4 codeql/ssa: - version: 0.0.14 + version: 0.0.19 codeql/tutorial: - version: 0.0.7 + version: 0.0.12 + codeql/util: + version: 0.0.12 compiled: false diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index 2fab182a3b..b1627c03e5 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -4,5 +4,5 @@ description: CERT C++ 2016 suites: codeql-suites license: MIT dependencies: - codeql/cpp-all: 0.6.1 + codeql/cpp-all: 0.7.4 codeql/common-cpp-coding-standards: '*' diff --git a/cpp/cert/test/codeql-pack.lock.yml b/cpp/cert/test/codeql-pack.lock.yml index e7600d8458..a2bd966ce1 100644 --- a/cpp/cert/test/codeql-pack.lock.yml +++ b/cpp/cert/test/codeql-pack.lock.yml @@ -2,9 +2,11 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.6.1 + version: 0.7.4 codeql/ssa: - version: 0.0.14 + version: 0.0.19 codeql/tutorial: - version: 0.0.7 + version: 0.0.12 + codeql/util: + version: 0.0.12 compiled: false diff --git a/cpp/common/src/codeql-pack.lock.yml b/cpp/common/src/codeql-pack.lock.yml index e7600d8458..a2bd966ce1 100644 --- a/cpp/common/src/codeql-pack.lock.yml +++ b/cpp/common/src/codeql-pack.lock.yml @@ -2,9 +2,11 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.6.1 + version: 0.7.4 codeql/ssa: - version: 0.0.14 + version: 0.0.19 codeql/tutorial: - version: 0.0.7 + version: 0.0.12 + codeql/util: + version: 0.0.12 compiled: false diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index db17908c4c..8fbf9b0529 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/common-cpp-coding-standards version: 2.22.0-dev license: MIT dependencies: - codeql/cpp-all: 0.6.1 + codeql/cpp-all: 0.7.4 diff --git a/cpp/common/test/codeql-pack.lock.yml b/cpp/common/test/codeql-pack.lock.yml index e7600d8458..a2bd966ce1 100644 --- a/cpp/common/test/codeql-pack.lock.yml +++ b/cpp/common/test/codeql-pack.lock.yml @@ -2,9 +2,11 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.6.1 + version: 0.7.4 codeql/ssa: - version: 0.0.14 + version: 0.0.19 codeql/tutorial: - version: 0.0.7 + version: 0.0.12 + codeql/util: + version: 0.0.12 compiled: false diff --git a/cpp/misra/src/codeql-pack.lock.yml b/cpp/misra/src/codeql-pack.lock.yml index e7600d8458..a2bd966ce1 100644 --- a/cpp/misra/src/codeql-pack.lock.yml +++ b/cpp/misra/src/codeql-pack.lock.yml @@ -2,9 +2,11 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.6.1 + version: 0.7.4 codeql/ssa: - version: 0.0.14 + version: 0.0.19 codeql/tutorial: - version: 0.0.7 + version: 0.0.12 + codeql/util: + version: 0.0.12 compiled: false diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index 07070afe53..df123061d3 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -5,4 +5,4 @@ suites: codeql-suites license: MIT dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.6.1 + codeql/cpp-all: 0.7.4 diff --git a/cpp/misra/test/codeql-pack.lock.yml b/cpp/misra/test/codeql-pack.lock.yml index e7600d8458..a2bd966ce1 100644 --- a/cpp/misra/test/codeql-pack.lock.yml +++ b/cpp/misra/test/codeql-pack.lock.yml @@ -2,9 +2,11 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.6.1 + version: 0.7.4 codeql/ssa: - version: 0.0.14 + version: 0.0.19 codeql/tutorial: - version: 0.0.7 + version: 0.0.12 + codeql/util: + version: 0.0.12 compiled: false diff --git a/cpp/report/src/codeql-pack.lock.yml b/cpp/report/src/codeql-pack.lock.yml index e7600d8458..a2bd966ce1 100644 --- a/cpp/report/src/codeql-pack.lock.yml +++ b/cpp/report/src/codeql-pack.lock.yml @@ -2,9 +2,11 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.6.1 + version: 0.7.4 codeql/ssa: - version: 0.0.14 + version: 0.0.19 codeql/tutorial: - version: 0.0.7 + version: 0.0.12 + codeql/util: + version: 0.0.12 compiled: false diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index 2329bac4a1..f6d9c57f32 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/report-cpp-coding-standards version: 2.22.0-dev license: MIT dependencies: - codeql/cpp-all: 0.6.1 + codeql/cpp-all: 0.7.4 diff --git a/scripts/generate_modules/queries/codeql-pack.lock.yml b/scripts/generate_modules/queries/codeql-pack.lock.yml index e7600d8458..a2bd966ce1 100644 --- a/scripts/generate_modules/queries/codeql-pack.lock.yml +++ b/scripts/generate_modules/queries/codeql-pack.lock.yml @@ -2,9 +2,11 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.6.1 + version: 0.7.4 codeql/ssa: - version: 0.0.14 + version: 0.0.19 codeql/tutorial: - version: 0.0.7 + version: 0.0.12 + codeql/util: + version: 0.0.12 compiled: false diff --git a/scripts/generate_modules/queries/qlpack.yml b/scripts/generate_modules/queries/qlpack.yml index d531a0df30..fa9e608c9d 100644 --- a/scripts/generate_modules/queries/qlpack.yml +++ b/scripts/generate_modules/queries/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/standard-library-extraction-cpp-coding-standards version: 0.0.0 license: MIT dependencies: - codeql/cpp-all: 0.6.1 + codeql/cpp-all: 0.7.4 diff --git a/scripts/update_codeql_dependency.sh b/scripts/update_codeql_dependency.sh index 60f08415cf..5aba4bae2c 100755 --- a/scripts/update_codeql_dependency.sh +++ b/scripts/update_codeql_dependency.sh @@ -3,7 +3,7 @@ # If there aren't two arguments, print usage and exit. if [[ -z $2 ]]; then - echo "Usage: bump_version.sh " + echo "Usage: update_codeql_dependencies.sh " exit fi @@ -15,4 +15,4 @@ find . -name 'qlpack.yml' | grep -v './codeql_modules' | xargs sed -i -r "s#${1} # update the lock files find . -name 'codeql-pack.lock.yml' | grep -v './codeql_modules' | xargs sed -i -r -z "s#${1}:\n(\s*)version: [^\s]+\n#${1}:\n\1version: ${2}\n#" -echo "Done." \ No newline at end of file +echo "Done." From 1193b8d721b7ca8c05231b768f4394a544d864f8 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 29 Sep 2023 16:11:06 +0100 Subject: [PATCH 1229/2573] Update formatting of test queries for shared rules. --- .../CloseFileHandleWhenNoLongerNeededShared.ql | 3 ++- c/common/test/rules/commaoperatorused/CommaOperatorUsed.ql | 3 ++- .../ConstantUnsignedIntegerExpressionsWrapAround.ql | 3 ++- .../test/rules/constlikereturnvalue/ConstLikeReturnValue.ql | 3 ++- c/common/test/rules/deadcode/DeadCode.ql | 3 ++- .../DeclaredAReservedIdentifier.ql | 3 ++- .../dereferenceofnullpointer/DereferenceOfNullPointer.ql | 3 ++- .../rules/donotaccessaclosedfile/DoNotAccessAClosedFile.ql | 3 ++- .../DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql | 3 ++- .../DoNotDestroyAMutexWhileItIsLocked.ql | 3 ++- .../DoNotSubtractPointersAddressingDifferentArrays.ql | 3 ++- .../DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql | 3 ++- .../DoNotUseRandForGeneratingPseudorandomNumbers.ql | 3 ++- .../DoNotUseRelationalOperatorsWithDifferingArrays.ql | 3 ++- .../FreeMemoryWhenNoLongerNeededShared.ql | 3 ++- .../rules/gotostatementcondition/GotoStatementCondition.ql | 3 ++- .../rules/guardaccesstobitfields/GuardAccessToBitFields.ql | 3 ++- c/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql | 3 ++- c/common/test/rules/identifierhidden/IdentifierHidden.ql | 3 ++- .../ifelseterminationconstruct/IfElseTerminationConstruct.ql | 3 ++- .../test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql | 3 ++- .../InformationLeakageAcrossBoundaries.ql | 3 ++- .../InvalidatedEnvStringPointers.ql | 3 ++- .../InvalidatedEnvStringPointersWarn.ql | 3 ++- .../IOFstreamMissingPositioning.ql | 3 ++- .../MacroParameterNotEnclosedInParentheses.ql | 3 ++- .../MemcmpUsedToComparePaddingData.ql | 3 ++- .../test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql | 3 ++- c/common/test/rules/nonconstantformat/NonConstantFormat.ql | 3 ++- .../NonVoidFunctionDoesNotReturn.ql | 3 ++- .../rules/notdistinctidentifier/NotDistinctIdentifier.ql | 3 ++- .../OnlyFreeMemoryAllocatedDynamicallyShared.ql | 3 ++- .../PreprocessingDirectiveWithinMacroArgument.ql | 3 ++- .../PreprocessorIncludesForbiddenHeaderNames.ql | 3 ++- .../PreprocessorIncludesPreceded.ql | 3 ++- .../PreserveSafetyWhenUsingConditionVariables.ql | 3 ++- .../PreventDeadlockByLockingInPredefinedOrder.ql | 3 ++- .../readofuninitializedmemory/ReadOfUninitializedMemory.ql | 3 ++- .../SectionsOfCodeShallNotBeCommentedOut.ql | 3 ++- .../SwitchCasePositionCondition.ql | 3 ++- .../test/rules/switchnotwellformed/SwitchNotWellFormed.ql | 3 ++- c/common/test/rules/typeomitted/TypeOmitted.ql | 3 ++- .../UncheckedRangeDomainPoleErrors.ql | 3 ++- .../undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql | 3 ++- .../UnnecessaryExposedIdentifierDeclarationShared.ql | 3 ++- c/common/test/rules/unreachablecode/UnreachableCode.ql | 3 ++- c/common/test/rules/unusedparameter/UnusedParameter.ql | 3 ++- .../rules/unusedtypedeclarations/UnusedTypeDeclarations.ql | 3 ++- .../UsageOfAssemblerNotDocumented.ql | 3 ++- .../UseOnlyArrayIndexingForPointerArithmetic.ql | 3 ++- .../wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql | 3 ++- .../AccessOfUndefinedMemberThroughNullPointer.ql | 3 ++- ...cessOfUndefinedMemberThroughUninitializedStaticPointer.ql | 5 ++--- .../BasicStringMayNotBeNullTerminated.ql | 3 ++- .../test/rules/catchblockshadowing/CatchBlockShadowing.ql | 3 ++- .../CatchExceptionsByLvalueReference.ql | 3 ++- cpp/common/test/rules/commaoperatorused/CommaOperatorUsed.ql | 3 ++- .../ConditionVariablePostConditionFailed.ql | 3 ++- .../ConstantUnsignedIntegerExpressionsWrapAround.ql | 3 ++- .../ContainerAccessWithoutRangeCheck.ql | 3 ++- .../DanglingCaptureWhenMovingLambdaObject.ql | 3 ++- .../DanglingCaptureWhenReturningLambdaObject.ql | 3 ++- cpp/common/test/rules/deadcode/DeadCode.ql | 3 ++- .../DeleteOfPointerToIncompleteClass.ql | 3 ++- .../dereferenceofnullpointer/DereferenceOfNullPointer.ql | 3 ++- .../DestroyedValueReferencedInDestructorCatchBlock.ql | 3 ++- .../DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql | 3 ++- .../DoNotDestroyAMutexWhileItIsLocked.ql | 3 ++- .../DoNotSubtractPointersAddressingDifferentArrays.ql | 3 ++- .../DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql | 3 ++- .../DoNotUseRandForGeneratingPseudorandomNumbers.ql | 3 ++- .../DoNotUseRelationalOperatorsWithDifferingArrays.ql | 3 ++- .../DoNotUseSetjmpOrLongjmpShared.ql | 3 ++- .../exceptionsafetyguarantees/ExceptionSafetyGuarantees.ql | 3 ++- .../exceptionsafetyvalidstate/ExceptionSafetyValidState.ql | 3 ++- .../exithandlerthrowsexception/ExitHandlerThrowsException.ql | 3 ++- .../explicitabrupttermination/ExplicitAbruptTermination.ql | 3 ++- .../FunctionNoReturnAttributeCondition.ql | 3 ++- .../rules/gotostatementcondition/GotoStatementCondition.ql | 3 ++- .../rules/guardaccesstobitfields/GuardAccessToBitFields.ql | 3 ++- .../HandleAllExceptionsDuringStartup.ql | 3 ++- cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql | 3 ++- cpp/common/test/rules/identifierhidden/IdentifierHidden.ql | 3 ++- .../ifelseterminationconstruct/IfElseTerminationConstruct.ql | 3 ++- .../test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql | 3 ++- .../InformationLeakageAcrossBoundaries.ql | 3 ++- .../IOFstreamMissingPositioning.ql | 3 ++- .../JoinableThreadCopiedOrDestroyed.ql | 3 ++- .../MacroParameterNotEnclosedInParentheses.ql | 3 ++- .../MemcmpUsedToComparePaddingData.ql | 3 ++- .../MovedFromObjectsUnspecifiedState.ql | 3 ++- .../test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql | 3 ++- cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql | 3 ++- .../rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql | 3 ++- cpp/common/test/rules/nonconstantformat/NonConstantFormat.ql | 3 ++- .../NonStandardEntitiesInStandardNamespaces.ql | 3 ++- .../NonVoidFunctionDoesNotReturn.ql | 3 ++- .../ObjectAccessedAfterLifetime.ql | 3 ++- .../ObjectAccessedBeforeLifetime.ql | 3 ++- .../onedefinitionruleviolation/OneDefinitionRuleViolation.ql | 3 ++- .../OperationMayNotNullTerminateCStyleString.ql | 3 ++- .../OperatorDeleteMissingPartner.ql | 3 ++- .../OrderingPredicateMustBeStrictlyWeak.ql | 3 ++- .../OwnedPointerValueStoredInUnrelatedSmartPointer.ql | 3 ++- .../PlacementNewInsufficientStorage.ql | 3 ++- .../PlacementNewNotProperlyAligned.ql | 3 ++- .../PredicateFunctionObjectsShouldNotBeMutable.ql | 3 ++- .../PreprocessingDirectiveWithinMacroArgument.ql | 3 ++- .../PreprocessorIncludesForbiddenHeaderNames.ql | 3 ++- .../PreprocessorIncludesPreceded.ql | 3 ++- .../PreserveSafetyWhenUsingConditionVariables.ql | 3 ++- .../PreventDeadlockByLockingInPredefinedOrder.ql | 3 ++- .../readofuninitializedmemory/ReadOfUninitializedMemory.ql | 3 ++- .../RemoveConstOrVolatileQualification.ql | 3 ++- .../RethrowNestedWithoutCapture.ql | 3 ++- .../SectionsOfCodeShallNotBeCommentedOut.ql | 3 ++- .../StringNumberConversionMissingErrorCheck.ql | 3 ++- .../SwitchCasePositionCondition.ql | 3 ++- .../test/rules/switchnotwellformed/SwitchNotWellFormed.ql | 3 ++- .../ThrowingNoThrowOperatorNewDelete.ql | 3 ++- .../ThrowingOperatorNewReturnsNull.ql | 3 ++- .../ThrowingOperatorNewThrowsInvalidException.ql | 3 ++- .../UncheckedRangeDomainPoleErrors.ql | 3 ++- .../undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql | 3 ++- .../UnnecessaryExposedIdentifierDeclarationShared.ql | 3 ++- cpp/common/test/rules/unreachablecode/UnreachableCode.ql | 3 ++- cpp/common/test/rules/unusedparameter/UnusedParameter.ql | 3 ++- .../rules/unusedtypedeclarations/UnusedTypeDeclarations.ql | 3 ++- .../UsageOfAssemblerNotDocumented.ql | 3 ++- .../UseCanonicalOrderForMemberInit.ql | 3 ++- .../UseOnlyArrayIndexingForPointerArithmetic.ql | 3 ++- .../ValidContainerElementAccess.ql | 3 ++- .../wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql | 3 ++- scripts/generate_rules/generate_package_files.py | 3 ++- 134 files changed, 268 insertions(+), 136 deletions(-) diff --git a/c/common/test/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.ql b/c/common/test/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.ql index 9e657b351a..a208410321 100644 --- a/c/common/test/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.ql +++ b/c/common/test/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.closefilehandlewhennolongerneededshared.CloseFileHandleWhenNoLongerNeededShared -class TestFileQuery extends CloseFileHandleWhenNoLongerNeededSharedSharedQuery, TestQuery { } +class TestFileQuery extends CloseFileHandleWhenNoLongerNeededSharedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/commaoperatorused/CommaOperatorUsed.ql b/c/common/test/rules/commaoperatorused/CommaOperatorUsed.ql index 2fe294762e..b6c91e6eb2 100644 --- a/c/common/test/rules/commaoperatorused/CommaOperatorUsed.ql +++ b/c/common/test/rules/commaoperatorused/CommaOperatorUsed.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.commaoperatorused.CommaOperatorUsed -class TestFileQuery extends CommaOperatorUsedSharedQuery, TestQuery { } +class TestFileQuery extends CommaOperatorUsedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql b/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql index c77ee1c66a..b12383aabb 100644 --- a/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql +++ b/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.constantunsignedintegerexpressionswraparound.ConstantUnsignedIntegerExpressionsWrapAround -class TestFileQuery extends ConstantUnsignedIntegerExpressionsWrapAroundSharedQuery, TestQuery { } +class TestFileQuery extends ConstantUnsignedIntegerExpressionsWrapAroundSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.ql b/c/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.ql index 53c27eb3ce..c598883031 100644 --- a/c/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.ql +++ b/c/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.constlikereturnvalue.ConstLikeReturnValue -class TestFileQuery extends ConstLikeReturnValueSharedQuery, TestQuery { } +class TestFileQuery extends ConstLikeReturnValueSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/deadcode/DeadCode.ql b/c/common/test/rules/deadcode/DeadCode.ql index dcd7fce840..b38dba26d7 100644 --- a/c/common/test/rules/deadcode/DeadCode.ql +++ b/c/common/test/rules/deadcode/DeadCode.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.deadcode.DeadCode -class TestFileQuery extends DeadCodeSharedQuery, TestQuery { } +class TestFileQuery extends DeadCodeSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/declaredareservedidentifier/DeclaredAReservedIdentifier.ql b/c/common/test/rules/declaredareservedidentifier/DeclaredAReservedIdentifier.ql index f091b0aaaa..707ef3ccbe 100644 --- a/c/common/test/rules/declaredareservedidentifier/DeclaredAReservedIdentifier.ql +++ b/c/common/test/rules/declaredareservedidentifier/DeclaredAReservedIdentifier.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.declaredareservedidentifier.DeclaredAReservedIdentifier -class TestFileQuery extends DeclaredAReservedIdentifierSharedQuery, TestQuery { } +class TestFileQuery extends DeclaredAReservedIdentifierSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql b/c/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql index c8dc62e67c..cf9fdf6071 100644 --- a/c/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql +++ b/c/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.dereferenceofnullpointer.DereferenceOfNullPointer -class TestFileQuery extends DereferenceOfNullPointerSharedQuery, TestQuery { } +class TestFileQuery extends DereferenceOfNullPointerSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.ql b/c/common/test/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.ql index d3b8b9ea3a..1087134c19 100644 --- a/c/common/test/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.ql +++ b/c/common/test/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotaccessaclosedfile.DoNotAccessAClosedFile -class TestFileQuery extends DoNotAccessAClosedFileSharedQuery, TestQuery { } +class TestFileQuery extends DoNotAccessAClosedFileSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql b/c/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql index ceae7e6a9e..9aac0f1c09 100644 --- a/c/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql +++ b/c/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotallowamutextogooutofscopewhilelocked.DoNotAllowAMutexToGoOutOfScopeWhileLocked -class TestFileQuery extends DoNotAllowAMutexToGoOutOfScopeWhileLockedSharedQuery, TestQuery { } +class TestFileQuery extends DoNotAllowAMutexToGoOutOfScopeWhileLockedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql b/c/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql index 96ea58009e..b2fdab8eea 100644 --- a/c/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql +++ b/c/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotdestroyamutexwhileitislocked.DoNotDestroyAMutexWhileItIsLocked -class TestFileQuery extends DoNotDestroyAMutexWhileItIsLockedSharedQuery, TestQuery { } +class TestFileQuery extends DoNotDestroyAMutexWhileItIsLockedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql b/c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql index 374a6fc52b..cc9cb834e0 100644 --- a/c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql +++ b/c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotsubtractpointersaddressingdifferentarrays.DoNotSubtractPointersAddressingDifferentArrays -class TestFileQuery extends DoNotSubtractPointersAddressingDifferentArraysSharedQuery, TestQuery { } +class TestFileQuery extends DoNotSubtractPointersAddressingDifferentArraysSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql b/c/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql index edef2c1127..ddaa0399b2 100644 --- a/c/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql +++ b/c/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotusemorethantwolevelsofpointerindirection.DoNotUseMoreThanTwoLevelsOfPointerIndirection -class TestFileQuery extends DoNotUseMoreThanTwoLevelsOfPointerIndirectionSharedQuery, TestQuery { } +class TestFileQuery extends DoNotUseMoreThanTwoLevelsOfPointerIndirectionSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql b/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql index 3ad5626256..c6e0f0e58a 100644 --- a/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql +++ b/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotuserandforgeneratingpseudorandomnumbers.DoNotUseRandForGeneratingPseudorandomNumbers -class TestFileQuery extends DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery, TestQuery { } +class TestFileQuery extends DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql b/c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql index bceb46bf63..647ee40426 100644 --- a/c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql +++ b/c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotuserelationaloperatorswithdifferingarrays.DoNotUseRelationalOperatorsWithDifferingArrays -class TestFileQuery extends DoNotUseRelationalOperatorsWithDifferingArraysSharedQuery, TestQuery { } +class TestFileQuery extends DoNotUseRelationalOperatorsWithDifferingArraysSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.ql b/c/common/test/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.ql index 27683eddfb..8b89cb900c 100644 --- a/c/common/test/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.ql +++ b/c/common/test/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.freememorywhennolongerneededshared.FreeMemoryWhenNoLongerNeededShared -class TestFileQuery extends FreeMemoryWhenNoLongerNeededSharedSharedQuery, TestQuery { } +class TestFileQuery extends FreeMemoryWhenNoLongerNeededSharedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/gotostatementcondition/GotoStatementCondition.ql b/c/common/test/rules/gotostatementcondition/GotoStatementCondition.ql index 89768a3022..2317d5c7db 100644 --- a/c/common/test/rules/gotostatementcondition/GotoStatementCondition.ql +++ b/c/common/test/rules/gotostatementcondition/GotoStatementCondition.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.gotostatementcondition.GotoStatementCondition -class TestFileQuery extends GotoStatementConditionSharedQuery, TestQuery { } +class TestFileQuery extends GotoStatementConditionSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql b/c/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql index a0d83a59a6..4f7709c7dd 100644 --- a/c/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql +++ b/c/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.guardaccesstobitfields.GuardAccessToBitFields -class TestFileQuery extends GuardAccessToBitFieldsSharedQuery, TestQuery { } +class TestFileQuery extends GuardAccessToBitFieldsSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql b/c/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql index a61dc7860a..f9f34ef6d9 100644 --- a/c/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql +++ b/c/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.hashoperatorsused.HashOperatorsUsed -class TestFileQuery extends HashOperatorsUsedSharedQuery, TestQuery { } +class TestFileQuery extends HashOperatorsUsedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/identifierhidden/IdentifierHidden.ql b/c/common/test/rules/identifierhidden/IdentifierHidden.ql index ba13b28bd4..27a35f8376 100644 --- a/c/common/test/rules/identifierhidden/IdentifierHidden.ql +++ b/c/common/test/rules/identifierhidden/IdentifierHidden.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.identifierhidden.IdentifierHidden -class TestFileQuery extends IdentifierHiddenSharedQuery, TestQuery { } +class TestFileQuery extends IdentifierHiddenSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql b/c/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql index acdd497be7..d0a494f270 100644 --- a/c/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql +++ b/c/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.ifelseterminationconstruct.IfElseTerminationConstruct -class TestFileQuery extends IfElseTerminationConstructSharedQuery, TestQuery { } +class TestFileQuery extends IfElseTerminationConstructSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql b/c/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql index 13b07b4e90..8bec76dc05 100644 --- a/c/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql +++ b/c/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.includeguardsnotused.IncludeGuardsNotUsed -class TestFileQuery extends IncludeGuardsNotUsedSharedQuery, TestQuery { } +class TestFileQuery extends IncludeGuardsNotUsedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql b/c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql index 3393d015c3..f51683773f 100644 --- a/c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql +++ b/c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.informationleakageacrossboundaries.InformationLeakageAcrossBoundaries -class TestFileQuery extends InformationLeakageAcrossBoundariesSharedQuery, TestQuery { } +class TestFileQuery extends InformationLeakageAcrossBoundariesSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.ql b/c/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.ql index b82c43333a..777e498dc1 100644 --- a/c/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.ql +++ b/c/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.invalidatedenvstringpointers.InvalidatedEnvStringPointers -class TestFileQuery extends InvalidatedEnvStringPointersSharedQuery, TestQuery { } +class TestFileQuery extends InvalidatedEnvStringPointersSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.ql b/c/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.ql index 7a56af210d..9efdbbe048 100644 --- a/c/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.ql +++ b/c/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.invalidatedenvstringpointerswarn.InvalidatedEnvStringPointersWarn -class TestFileQuery extends InvalidatedEnvStringPointersWarnSharedQuery, TestQuery { } +class TestFileQuery extends InvalidatedEnvStringPointersWarnSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql b/c/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql index c1f22c408a..ed1e85b531 100644 --- a/c/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql +++ b/c/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.iofstreammissingpositioning.IOFstreamMissingPositioning -class TestFileQuery extends IOFstreamMissingPositioningSharedQuery, TestQuery { } +class TestFileQuery extends IOFstreamMissingPositioningSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql b/c/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql index 2ff9477919..8b3c25098c 100644 --- a/c/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql +++ b/c/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.macroparameternotenclosedinparentheses.MacroParameterNotEnclosedInParentheses -class TestFileQuery extends MacroParameterNotEnclosedInParenthesesSharedQuery, TestQuery { } +class TestFileQuery extends MacroParameterNotEnclosedInParenthesesSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql b/c/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql index 55290047a1..108cf3b8a1 100644 --- a/c/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql +++ b/c/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.memcmpusedtocomparepaddingdata.MemcmpUsedToComparePaddingData -class TestFileQuery extends MemcmpUsedToComparePaddingDataSharedQuery, TestQuery { } +class TestFileQuery extends MemcmpUsedToComparePaddingDataSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql b/c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql index 3e0b1f7e8b..d57bf78fad 100644 --- a/c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql +++ b/c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nestedlabelinswitch.NestedLabelInSwitch -class TestFileQuery extends NestedLabelInSwitchSharedQuery, TestQuery { } +class TestFileQuery extends NestedLabelInSwitchSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/nonconstantformat/NonConstantFormat.ql b/c/common/test/rules/nonconstantformat/NonConstantFormat.ql index 25750ae9e5..71bff7e9c6 100644 --- a/c/common/test/rules/nonconstantformat/NonConstantFormat.ql +++ b/c/common/test/rules/nonconstantformat/NonConstantFormat.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonconstantformat.NonConstantFormat -class TestFileQuery extends NonConstantFormatSharedQuery, TestQuery { } +class TestFileQuery extends NonConstantFormatSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql b/c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql index bcf99b44e7..775599e10e 100644 --- a/c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql +++ b/c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonvoidfunctiondoesnotreturn.NonVoidFunctionDoesNotReturn -class TestFileQuery extends NonVoidFunctionDoesNotReturnSharedQuery, TestQuery { } +class TestFileQuery extends NonVoidFunctionDoesNotReturnSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/notdistinctidentifier/NotDistinctIdentifier.ql b/c/common/test/rules/notdistinctidentifier/NotDistinctIdentifier.ql index 3b7a8a5f9a..ba74868838 100644 --- a/c/common/test/rules/notdistinctidentifier/NotDistinctIdentifier.ql +++ b/c/common/test/rules/notdistinctidentifier/NotDistinctIdentifier.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.notdistinctidentifier.NotDistinctIdentifier -class TestFileQuery extends NotDistinctIdentifierSharedQuery, TestQuery { } +class TestFileQuery extends NotDistinctIdentifierSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.ql b/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.ql index f7d315554e..f8c036c2d2 100644 --- a/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.ql +++ b/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.onlyfreememoryallocateddynamicallyshared.OnlyFreeMemoryAllocatedDynamicallyShared -class TestFileQuery extends OnlyFreeMemoryAllocatedDynamicallySharedSharedQuery, TestQuery { } +class TestFileQuery extends OnlyFreeMemoryAllocatedDynamicallySharedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql b/c/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql index d66babdb6d..35bc1586b0 100644 --- a/c/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql +++ b/c/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessingdirectivewithinmacroargument.PreprocessingDirectiveWithinMacroArgument -class TestFileQuery extends PreprocessingDirectiveWithinMacroArgumentSharedQuery, TestQuery { } +class TestFileQuery extends PreprocessingDirectiveWithinMacroArgumentSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql b/c/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql index c7652ab4ae..f12f9663b1 100644 --- a/c/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql +++ b/c/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessorincludesforbiddenheadernames.PreprocessorIncludesForbiddenHeaderNames -class TestFileQuery extends PreprocessorIncludesForbiddenHeaderNamesSharedQuery, TestQuery { } +class TestFileQuery extends PreprocessorIncludesForbiddenHeaderNamesSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql b/c/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql index 43701dbbf9..44f700604a 100644 --- a/c/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql +++ b/c/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessorincludespreceded.PreprocessorIncludesPreceded -class TestFileQuery extends PreprocessorIncludesPrecededSharedQuery, TestQuery { } +class TestFileQuery extends PreprocessorIncludesPrecededSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql b/c/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql index 009c7f9e26..6fd33d601b 100644 --- a/c/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql +++ b/c/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preservesafetywhenusingconditionvariables.PreserveSafetyWhenUsingConditionVariables -class TestFileQuery extends PreserveSafetyWhenUsingConditionVariablesSharedQuery, TestQuery { } +class TestFileQuery extends PreserveSafetyWhenUsingConditionVariablesSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql b/c/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql index 4ca46f15ea..9968a80e75 100644 --- a/c/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql +++ b/c/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preventdeadlockbylockinginpredefinedorder.PreventDeadlockByLockingInPredefinedOrder -class TestFileQuery extends PreventDeadlockByLockingInPredefinedOrderSharedQuery, TestQuery { } +class TestFileQuery extends PreventDeadlockByLockingInPredefinedOrderSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql b/c/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql index 9150d4459d..cec14d6dac 100644 --- a/c/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql +++ b/c/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.readofuninitializedmemory.ReadOfUninitializedMemory -class TestFileQuery extends ReadOfUninitializedMemorySharedQuery, TestQuery { } +class TestFileQuery extends ReadOfUninitializedMemorySharedQuery, TestQuery { +} diff --git a/c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql b/c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql index aacadf0253..00d24cc943 100644 --- a/c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql +++ b/c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.sectionsofcodeshallnotbecommentedout.SectionsOfCodeShallNotBeCommentedOut -class TestFileQuery extends SectionsOfCodeShallNotBeCommentedOutSharedQuery, TestQuery { } +class TestFileQuery extends SectionsOfCodeShallNotBeCommentedOutSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql b/c/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql index 1b323a652d..de3d7c5c9c 100644 --- a/c/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql +++ b/c/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.switchcasepositioncondition.SwitchCasePositionCondition -class TestFileQuery extends SwitchCasePositionConditionSharedQuery, TestQuery { } +class TestFileQuery extends SwitchCasePositionConditionSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql b/c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql index 75ce3cb1ec..3669f8739e 100644 --- a/c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql +++ b/c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.switchnotwellformed.SwitchNotWellFormed -class TestFileQuery extends SwitchNotWellFormedSharedQuery, TestQuery { } +class TestFileQuery extends SwitchNotWellFormedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/typeomitted/TypeOmitted.ql b/c/common/test/rules/typeomitted/TypeOmitted.ql index a9cd81118c..eaade7faf6 100644 --- a/c/common/test/rules/typeomitted/TypeOmitted.ql +++ b/c/common/test/rules/typeomitted/TypeOmitted.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.typeomitted.TypeOmitted -class TestFileQuery extends TypeOmittedSharedQuery, TestQuery { } +class TestFileQuery extends TypeOmittedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql b/c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql index 11720fb8da..6ae007bd39 100644 --- a/c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql +++ b/c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.uncheckedrangedomainpoleerrors.UncheckedRangeDomainPoleErrors -class TestFileQuery extends UncheckedRangeDomainPoleErrorsSharedQuery, TestQuery { } +class TestFileQuery extends UncheckedRangeDomainPoleErrorsSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql b/c/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql index 316565cab7..168b3a0b2e 100644 --- a/c/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql +++ b/c/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.undefinedmacroidentifiers.UndefinedMacroIdentifiers -class TestFileQuery extends UndefinedMacroIdentifiersSharedQuery, TestQuery { } +class TestFileQuery extends UndefinedMacroIdentifiersSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql b/c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql index 3baad901da..3b1e4b7c56 100644 --- a/c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql +++ b/c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unnecessaryexposedidentifierdeclarationshared.UnnecessaryExposedIdentifierDeclarationShared -class TestFileQuery extends UnnecessaryExposedIdentifierDeclarationSharedSharedQuery, TestQuery { } +class TestFileQuery extends UnnecessaryExposedIdentifierDeclarationSharedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/unreachablecode/UnreachableCode.ql b/c/common/test/rules/unreachablecode/UnreachableCode.ql index c394bfba3e..61554593fd 100644 --- a/c/common/test/rules/unreachablecode/UnreachableCode.ql +++ b/c/common/test/rules/unreachablecode/UnreachableCode.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unreachablecode.UnreachableCode -class TestFileQuery extends UnreachableCodeSharedQuery, TestQuery { } +class TestFileQuery extends UnreachableCodeSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/unusedparameter/UnusedParameter.ql b/c/common/test/rules/unusedparameter/UnusedParameter.ql index e990a7dcf3..4dc2000dbb 100644 --- a/c/common/test/rules/unusedparameter/UnusedParameter.ql +++ b/c/common/test/rules/unusedparameter/UnusedParameter.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unusedparameter.UnusedParameter -class TestFileQuery extends UnusedParameterSharedQuery, TestQuery { } +class TestFileQuery extends UnusedParameterSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql b/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql index f1c09524d5..76ccfec0f2 100644 --- a/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql +++ b/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unusedtypedeclarations.UnusedTypeDeclarations -class TestFileQuery extends UnusedTypeDeclarationsSharedQuery, TestQuery { } +class TestFileQuery extends UnusedTypeDeclarationsSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql b/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql index f9997627b4..c8b9f229f4 100644 --- a/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql +++ b/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.usageofassemblernotdocumented.UsageOfAssemblerNotDocumented -class TestFileQuery extends UsageOfAssemblerNotDocumentedSharedQuery, TestQuery { } +class TestFileQuery extends UsageOfAssemblerNotDocumentedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql b/c/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql index 55554bee07..7edd86ecab 100644 --- a/c/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql +++ b/c/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.useonlyarrayindexingforpointerarithmetic.UseOnlyArrayIndexingForPointerArithmetic -class TestFileQuery extends UseOnlyArrayIndexingForPointerArithmeticSharedQuery, TestQuery { } +class TestFileQuery extends UseOnlyArrayIndexingForPointerArithmeticSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql b/c/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql index 44947bf85a..af84dd07c1 100644 --- a/c/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql +++ b/c/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.wrapspuriousfunctioninloop.WrapSpuriousFunctionInLoop -class TestFileQuery extends WrapSpuriousFunctionInLoopSharedQuery, TestQuery { } +class TestFileQuery extends WrapSpuriousFunctionInLoopSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.ql b/cpp/common/test/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.ql index a94e11dbf6..4607c4f48c 100644 --- a/cpp/common/test/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.ql +++ b/cpp/common/test/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.accessofundefinedmemberthroughnullpointer.AccessOfUndefinedMemberThroughNullPointer -class TestFileQuery extends AccessOfUndefinedMemberThroughNullPointerSharedQuery, TestQuery { } +class TestFileQuery extends AccessOfUndefinedMemberThroughNullPointerSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.ql b/cpp/common/test/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.ql index 90d192e3d8..489c4a23f4 100644 --- a/cpp/common/test/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.ql +++ b/cpp/common/test/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.ql @@ -1,6 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.accessofundefinedmemberthroughuninitializedstaticpointer.AccessOfUndefinedMemberThroughUninitializedStaticPointer -class TestFileQuery extends AccessOfUndefinedMemberThroughUninitializedStaticPointerSharedQuery, - TestQuery -{ } +class TestFileQuery extends AccessOfUndefinedMemberThroughUninitializedStaticPointerSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/basicstringmaynotbenullterminated/BasicStringMayNotBeNullTerminated.ql b/cpp/common/test/rules/basicstringmaynotbenullterminated/BasicStringMayNotBeNullTerminated.ql index c2c4fe7906..21f00547fc 100644 --- a/cpp/common/test/rules/basicstringmaynotbenullterminated/BasicStringMayNotBeNullTerminated.ql +++ b/cpp/common/test/rules/basicstringmaynotbenullterminated/BasicStringMayNotBeNullTerminated.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.basicstringmaynotbenullterminated.BasicStringMayNotBeNullTerminated -class TestFileQuery extends BasicStringMayNotBeNullTerminatedSharedQuery, TestQuery { } +class TestFileQuery extends BasicStringMayNotBeNullTerminatedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/catchblockshadowing/CatchBlockShadowing.ql b/cpp/common/test/rules/catchblockshadowing/CatchBlockShadowing.ql index 76b7123d99..81b37d3aa5 100644 --- a/cpp/common/test/rules/catchblockshadowing/CatchBlockShadowing.ql +++ b/cpp/common/test/rules/catchblockshadowing/CatchBlockShadowing.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.catchblockshadowing.CatchBlockShadowing -class TestFileQuery extends CatchBlockShadowingSharedQuery, TestQuery { } +class TestFileQuery extends CatchBlockShadowingSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/catchexceptionsbylvaluereference/CatchExceptionsByLvalueReference.ql b/cpp/common/test/rules/catchexceptionsbylvaluereference/CatchExceptionsByLvalueReference.ql index 30d6d30c47..0931cc9ca8 100644 --- a/cpp/common/test/rules/catchexceptionsbylvaluereference/CatchExceptionsByLvalueReference.ql +++ b/cpp/common/test/rules/catchexceptionsbylvaluereference/CatchExceptionsByLvalueReference.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.catchexceptionsbylvaluereference.CatchExceptionsByLvalueReference -class TestFileQuery extends CatchExceptionsByLvalueReferenceSharedQuery, TestQuery { } +class TestFileQuery extends CatchExceptionsByLvalueReferenceSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/commaoperatorused/CommaOperatorUsed.ql b/cpp/common/test/rules/commaoperatorused/CommaOperatorUsed.ql index 2fe294762e..b6c91e6eb2 100644 --- a/cpp/common/test/rules/commaoperatorused/CommaOperatorUsed.ql +++ b/cpp/common/test/rules/commaoperatorused/CommaOperatorUsed.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.commaoperatorused.CommaOperatorUsed -class TestFileQuery extends CommaOperatorUsedSharedQuery, TestQuery { } +class TestFileQuery extends CommaOperatorUsedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/conditionvariablepostconditionfailed/ConditionVariablePostConditionFailed.ql b/cpp/common/test/rules/conditionvariablepostconditionfailed/ConditionVariablePostConditionFailed.ql index e990e23e2e..9192ea6c24 100644 --- a/cpp/common/test/rules/conditionvariablepostconditionfailed/ConditionVariablePostConditionFailed.ql +++ b/cpp/common/test/rules/conditionvariablepostconditionfailed/ConditionVariablePostConditionFailed.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.conditionvariablepostconditionfailed.ConditionVariablePostConditionFailed -class TestFileQuery extends ConditionVariablePostConditionFailedSharedQuery, TestQuery { } +class TestFileQuery extends ConditionVariablePostConditionFailedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql b/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql index c77ee1c66a..b12383aabb 100644 --- a/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql +++ b/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.constantunsignedintegerexpressionswraparound.ConstantUnsignedIntegerExpressionsWrapAround -class TestFileQuery extends ConstantUnsignedIntegerExpressionsWrapAroundSharedQuery, TestQuery { } +class TestFileQuery extends ConstantUnsignedIntegerExpressionsWrapAroundSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.ql b/cpp/common/test/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.ql index be54f5a31c..90f2624e6b 100644 --- a/cpp/common/test/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.ql +++ b/cpp/common/test/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.containeraccesswithoutrangecheck.ContainerAccessWithoutRangeCheck -class TestFileQuery extends ContainerAccessWithoutRangeCheckSharedQuery, TestQuery { } +class TestFileQuery extends ContainerAccessWithoutRangeCheckSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/danglingcapturewhenmovinglambdaobject/DanglingCaptureWhenMovingLambdaObject.ql b/cpp/common/test/rules/danglingcapturewhenmovinglambdaobject/DanglingCaptureWhenMovingLambdaObject.ql index ba1f1efc2f..3e1929e5c3 100644 --- a/cpp/common/test/rules/danglingcapturewhenmovinglambdaobject/DanglingCaptureWhenMovingLambdaObject.ql +++ b/cpp/common/test/rules/danglingcapturewhenmovinglambdaobject/DanglingCaptureWhenMovingLambdaObject.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.danglingcapturewhenmovinglambdaobject.DanglingCaptureWhenMovingLambdaObject -class TestFileQuery extends DanglingCaptureWhenMovingLambdaObjectSharedQuery, TestQuery { } +class TestFileQuery extends DanglingCaptureWhenMovingLambdaObjectSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/danglingcapturewhenreturninglambdaobject/DanglingCaptureWhenReturningLambdaObject.ql b/cpp/common/test/rules/danglingcapturewhenreturninglambdaobject/DanglingCaptureWhenReturningLambdaObject.ql index d95ba912fd..6880b797fc 100644 --- a/cpp/common/test/rules/danglingcapturewhenreturninglambdaobject/DanglingCaptureWhenReturningLambdaObject.ql +++ b/cpp/common/test/rules/danglingcapturewhenreturninglambdaobject/DanglingCaptureWhenReturningLambdaObject.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.danglingcapturewhenreturninglambdaobject.DanglingCaptureWhenReturningLambdaObject -class TestFileQuery extends DanglingCaptureWhenReturningLambdaObjectSharedQuery, TestQuery { } +class TestFileQuery extends DanglingCaptureWhenReturningLambdaObjectSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/deadcode/DeadCode.ql b/cpp/common/test/rules/deadcode/DeadCode.ql index dcd7fce840..b38dba26d7 100644 --- a/cpp/common/test/rules/deadcode/DeadCode.ql +++ b/cpp/common/test/rules/deadcode/DeadCode.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.deadcode.DeadCode -class TestFileQuery extends DeadCodeSharedQuery, TestQuery { } +class TestFileQuery extends DeadCodeSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/deleteofpointertoincompleteclass/DeleteOfPointerToIncompleteClass.ql b/cpp/common/test/rules/deleteofpointertoincompleteclass/DeleteOfPointerToIncompleteClass.ql index a589ae988e..54ae2a773b 100644 --- a/cpp/common/test/rules/deleteofpointertoincompleteclass/DeleteOfPointerToIncompleteClass.ql +++ b/cpp/common/test/rules/deleteofpointertoincompleteclass/DeleteOfPointerToIncompleteClass.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.deleteofpointertoincompleteclass.DeleteOfPointerToIncompleteClass -class TestFileQuery extends DeleteOfPointerToIncompleteClassSharedQuery, TestQuery { } +class TestFileQuery extends DeleteOfPointerToIncompleteClassSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql b/cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql index c8dc62e67c..cf9fdf6071 100644 --- a/cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql +++ b/cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.dereferenceofnullpointer.DereferenceOfNullPointer -class TestFileQuery extends DereferenceOfNullPointerSharedQuery, TestQuery { } +class TestFileQuery extends DereferenceOfNullPointerSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/destroyedvaluereferencedindestructorcatchblock/DestroyedValueReferencedInDestructorCatchBlock.ql b/cpp/common/test/rules/destroyedvaluereferencedindestructorcatchblock/DestroyedValueReferencedInDestructorCatchBlock.ql index 90c4ed602a..a2418fe0e6 100644 --- a/cpp/common/test/rules/destroyedvaluereferencedindestructorcatchblock/DestroyedValueReferencedInDestructorCatchBlock.ql +++ b/cpp/common/test/rules/destroyedvaluereferencedindestructorcatchblock/DestroyedValueReferencedInDestructorCatchBlock.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.destroyedvaluereferencedindestructorcatchblock.DestroyedValueReferencedInDestructorCatchBlock -class TestFileQuery extends DestroyedValueReferencedInDestructorCatchBlockSharedQuery, TestQuery { } +class TestFileQuery extends DestroyedValueReferencedInDestructorCatchBlockSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql b/cpp/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql index ceae7e6a9e..9aac0f1c09 100644 --- a/cpp/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql +++ b/cpp/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotallowamutextogooutofscopewhilelocked.DoNotAllowAMutexToGoOutOfScopeWhileLocked -class TestFileQuery extends DoNotAllowAMutexToGoOutOfScopeWhileLockedSharedQuery, TestQuery { } +class TestFileQuery extends DoNotAllowAMutexToGoOutOfScopeWhileLockedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql b/cpp/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql index 96ea58009e..b2fdab8eea 100644 --- a/cpp/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql +++ b/cpp/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotdestroyamutexwhileitislocked.DoNotDestroyAMutexWhileItIsLocked -class TestFileQuery extends DoNotDestroyAMutexWhileItIsLockedSharedQuery, TestQuery { } +class TestFileQuery extends DoNotDestroyAMutexWhileItIsLockedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql b/cpp/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql index 374a6fc52b..cc9cb834e0 100644 --- a/cpp/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql +++ b/cpp/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotsubtractpointersaddressingdifferentarrays.DoNotSubtractPointersAddressingDifferentArrays -class TestFileQuery extends DoNotSubtractPointersAddressingDifferentArraysSharedQuery, TestQuery { } +class TestFileQuery extends DoNotSubtractPointersAddressingDifferentArraysSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql b/cpp/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql index edef2c1127..ddaa0399b2 100644 --- a/cpp/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql +++ b/cpp/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotusemorethantwolevelsofpointerindirection.DoNotUseMoreThanTwoLevelsOfPointerIndirection -class TestFileQuery extends DoNotUseMoreThanTwoLevelsOfPointerIndirectionSharedQuery, TestQuery { } +class TestFileQuery extends DoNotUseMoreThanTwoLevelsOfPointerIndirectionSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql b/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql index 3ad5626256..c6e0f0e58a 100644 --- a/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql +++ b/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotuserandforgeneratingpseudorandomnumbers.DoNotUseRandForGeneratingPseudorandomNumbers -class TestFileQuery extends DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery, TestQuery { } +class TestFileQuery extends DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql b/cpp/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql index bceb46bf63..647ee40426 100644 --- a/cpp/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql +++ b/cpp/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotuserelationaloperatorswithdifferingarrays.DoNotUseRelationalOperatorsWithDifferingArrays -class TestFileQuery extends DoNotUseRelationalOperatorsWithDifferingArraysSharedQuery, TestQuery { } +class TestFileQuery extends DoNotUseRelationalOperatorsWithDifferingArraysSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.ql b/cpp/common/test/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.ql index e0026467ff..bb9245942d 100644 --- a/cpp/common/test/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.ql +++ b/cpp/common/test/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotusesetjmporlongjmpshared.DoNotUseSetjmpOrLongjmpShared -class TestFileQuery extends DoNotUseSetjmpOrLongjmpSharedSharedQuery, TestQuery { } +class TestFileQuery extends DoNotUseSetjmpOrLongjmpSharedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/exceptionsafetyguarantees/ExceptionSafetyGuarantees.ql b/cpp/common/test/rules/exceptionsafetyguarantees/ExceptionSafetyGuarantees.ql index bfa4a88318..2d09d10250 100644 --- a/cpp/common/test/rules/exceptionsafetyguarantees/ExceptionSafetyGuarantees.ql +++ b/cpp/common/test/rules/exceptionsafetyguarantees/ExceptionSafetyGuarantees.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.exceptionsafetyguarantees.ExceptionSafetyGuarantees -class TestFileQuery extends ExceptionSafetyGuaranteesSharedQuery, TestQuery { } +class TestFileQuery extends ExceptionSafetyGuaranteesSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/exceptionsafetyvalidstate/ExceptionSafetyValidState.ql b/cpp/common/test/rules/exceptionsafetyvalidstate/ExceptionSafetyValidState.ql index aa18543c36..e2d2107580 100644 --- a/cpp/common/test/rules/exceptionsafetyvalidstate/ExceptionSafetyValidState.ql +++ b/cpp/common/test/rules/exceptionsafetyvalidstate/ExceptionSafetyValidState.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.exceptionsafetyvalidstate.ExceptionSafetyValidState -class TestFileQuery extends ExceptionSafetyValidStateSharedQuery, TestQuery { } +class TestFileQuery extends ExceptionSafetyValidStateSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/exithandlerthrowsexception/ExitHandlerThrowsException.ql b/cpp/common/test/rules/exithandlerthrowsexception/ExitHandlerThrowsException.ql index c61992b8b0..4552e1d6e5 100644 --- a/cpp/common/test/rules/exithandlerthrowsexception/ExitHandlerThrowsException.ql +++ b/cpp/common/test/rules/exithandlerthrowsexception/ExitHandlerThrowsException.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.exithandlerthrowsexception.ExitHandlerThrowsException -class TestFileQuery extends ExitHandlerThrowsExceptionSharedQuery, TestQuery { } +class TestFileQuery extends ExitHandlerThrowsExceptionSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/explicitabrupttermination/ExplicitAbruptTermination.ql b/cpp/common/test/rules/explicitabrupttermination/ExplicitAbruptTermination.ql index d7df643551..cd11b45494 100644 --- a/cpp/common/test/rules/explicitabrupttermination/ExplicitAbruptTermination.ql +++ b/cpp/common/test/rules/explicitabrupttermination/ExplicitAbruptTermination.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.explicitabrupttermination.ExplicitAbruptTermination -class TestFileQuery extends ExplicitAbruptTerminationSharedQuery, TestQuery { } +class TestFileQuery extends ExplicitAbruptTerminationSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.ql b/cpp/common/test/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.ql index 4af4aeceaf..6526233b4c 100644 --- a/cpp/common/test/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.ql +++ b/cpp/common/test/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.functionnoreturnattributecondition.FunctionNoReturnAttributeCondition -class TestFileQuery extends FunctionNoReturnAttributeConditionSharedQuery, TestQuery { } +class TestFileQuery extends FunctionNoReturnAttributeConditionSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.ql b/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.ql index 89768a3022..2317d5c7db 100644 --- a/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.ql +++ b/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.gotostatementcondition.GotoStatementCondition -class TestFileQuery extends GotoStatementConditionSharedQuery, TestQuery { } +class TestFileQuery extends GotoStatementConditionSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql b/cpp/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql index a0d83a59a6..4f7709c7dd 100644 --- a/cpp/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql +++ b/cpp/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.guardaccesstobitfields.GuardAccessToBitFields -class TestFileQuery extends GuardAccessToBitFieldsSharedQuery, TestQuery { } +class TestFileQuery extends GuardAccessToBitFieldsSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/handleallexceptionsduringstartup/HandleAllExceptionsDuringStartup.ql b/cpp/common/test/rules/handleallexceptionsduringstartup/HandleAllExceptionsDuringStartup.ql index d366b0eb79..4a4ae60b84 100644 --- a/cpp/common/test/rules/handleallexceptionsduringstartup/HandleAllExceptionsDuringStartup.ql +++ b/cpp/common/test/rules/handleallexceptionsduringstartup/HandleAllExceptionsDuringStartup.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.handleallexceptionsduringstartup.HandleAllExceptionsDuringStartup -class TestFileQuery extends HandleAllExceptionsDuringStartupSharedQuery, TestQuery { } +class TestFileQuery extends HandleAllExceptionsDuringStartupSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql b/cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql index a61dc7860a..f9f34ef6d9 100644 --- a/cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql +++ b/cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.hashoperatorsused.HashOperatorsUsed -class TestFileQuery extends HashOperatorsUsedSharedQuery, TestQuery { } +class TestFileQuery extends HashOperatorsUsedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/identifierhidden/IdentifierHidden.ql b/cpp/common/test/rules/identifierhidden/IdentifierHidden.ql index ba13b28bd4..27a35f8376 100644 --- a/cpp/common/test/rules/identifierhidden/IdentifierHidden.ql +++ b/cpp/common/test/rules/identifierhidden/IdentifierHidden.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.identifierhidden.IdentifierHidden -class TestFileQuery extends IdentifierHiddenSharedQuery, TestQuery { } +class TestFileQuery extends IdentifierHiddenSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql b/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql index acdd497be7..d0a494f270 100644 --- a/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql +++ b/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.ifelseterminationconstruct.IfElseTerminationConstruct -class TestFileQuery extends IfElseTerminationConstructSharedQuery, TestQuery { } +class TestFileQuery extends IfElseTerminationConstructSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql b/cpp/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql index 13b07b4e90..8bec76dc05 100644 --- a/cpp/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql +++ b/cpp/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.includeguardsnotused.IncludeGuardsNotUsed -class TestFileQuery extends IncludeGuardsNotUsedSharedQuery, TestQuery { } +class TestFileQuery extends IncludeGuardsNotUsedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql b/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql index 3393d015c3..f51683773f 100644 --- a/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql +++ b/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.informationleakageacrossboundaries.InformationLeakageAcrossBoundaries -class TestFileQuery extends InformationLeakageAcrossBoundariesSharedQuery, TestQuery { } +class TestFileQuery extends InformationLeakageAcrossBoundariesSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql b/cpp/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql index c1f22c408a..ed1e85b531 100644 --- a/cpp/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql +++ b/cpp/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.iofstreammissingpositioning.IOFstreamMissingPositioning -class TestFileQuery extends IOFstreamMissingPositioningSharedQuery, TestQuery { } +class TestFileQuery extends IOFstreamMissingPositioningSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/joinablethreadcopiedordestroyed/JoinableThreadCopiedOrDestroyed.ql b/cpp/common/test/rules/joinablethreadcopiedordestroyed/JoinableThreadCopiedOrDestroyed.ql index affaeef13d..394425a83b 100644 --- a/cpp/common/test/rules/joinablethreadcopiedordestroyed/JoinableThreadCopiedOrDestroyed.ql +++ b/cpp/common/test/rules/joinablethreadcopiedordestroyed/JoinableThreadCopiedOrDestroyed.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.joinablethreadcopiedordestroyed.JoinableThreadCopiedOrDestroyed -class TestFileQuery extends JoinableThreadCopiedOrDestroyedSharedQuery, TestQuery { } +class TestFileQuery extends JoinableThreadCopiedOrDestroyedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql b/cpp/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql index 2ff9477919..8b3c25098c 100644 --- a/cpp/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql +++ b/cpp/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.macroparameternotenclosedinparentheses.MacroParameterNotEnclosedInParentheses -class TestFileQuery extends MacroParameterNotEnclosedInParenthesesSharedQuery, TestQuery { } +class TestFileQuery extends MacroParameterNotEnclosedInParenthesesSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql b/cpp/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql index 55290047a1..108cf3b8a1 100644 --- a/cpp/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql +++ b/cpp/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.memcmpusedtocomparepaddingdata.MemcmpUsedToComparePaddingData -class TestFileQuery extends MemcmpUsedToComparePaddingDataSharedQuery, TestQuery { } +class TestFileQuery extends MemcmpUsedToComparePaddingDataSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/movedfromobjectsunspecifiedstate/MovedFromObjectsUnspecifiedState.ql b/cpp/common/test/rules/movedfromobjectsunspecifiedstate/MovedFromObjectsUnspecifiedState.ql index 3f818cc3e2..f7510b8b24 100644 --- a/cpp/common/test/rules/movedfromobjectsunspecifiedstate/MovedFromObjectsUnspecifiedState.ql +++ b/cpp/common/test/rules/movedfromobjectsunspecifiedstate/MovedFromObjectsUnspecifiedState.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.movedfromobjectsunspecifiedstate.MovedFromObjectsUnspecifiedState -class TestFileQuery extends MovedFromObjectsUnspecifiedStateSharedQuery, TestQuery { } +class TestFileQuery extends MovedFromObjectsUnspecifiedStateSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql b/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql index 3e0b1f7e8b..d57bf78fad 100644 --- a/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql +++ b/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nestedlabelinswitch.NestedLabelInSwitch -class TestFileQuery extends NestedLabelInSwitchSharedQuery, TestQuery { } +class TestFileQuery extends NestedLabelInSwitchSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql b/cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql index 2e27365953..d1956d4b71 100644 --- a/cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql +++ b/cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonbooleanifstmt.NonBooleanIfStmt -class TestFileQuery extends NonBooleanIfStmtSharedQuery, TestQuery { } +class TestFileQuery extends NonBooleanIfStmtSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql b/cpp/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql index 46c2d4c3bb..3cd92aa294 100644 --- a/cpp/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql +++ b/cpp/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonbooleaniterationstmt.NonBooleanIterationStmt -class TestFileQuery extends NonBooleanIterationStmtSharedQuery, TestQuery { } +class TestFileQuery extends NonBooleanIterationStmtSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/nonconstantformat/NonConstantFormat.ql b/cpp/common/test/rules/nonconstantformat/NonConstantFormat.ql index 25750ae9e5..71bff7e9c6 100644 --- a/cpp/common/test/rules/nonconstantformat/NonConstantFormat.ql +++ b/cpp/common/test/rules/nonconstantformat/NonConstantFormat.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonconstantformat.NonConstantFormat -class TestFileQuery extends NonConstantFormatSharedQuery, TestQuery { } +class TestFileQuery extends NonConstantFormatSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/nonstandardentitiesinstandardnamespaces/NonStandardEntitiesInStandardNamespaces.ql b/cpp/common/test/rules/nonstandardentitiesinstandardnamespaces/NonStandardEntitiesInStandardNamespaces.ql index 3b10c31026..19990c3d2f 100644 --- a/cpp/common/test/rules/nonstandardentitiesinstandardnamespaces/NonStandardEntitiesInStandardNamespaces.ql +++ b/cpp/common/test/rules/nonstandardentitiesinstandardnamespaces/NonStandardEntitiesInStandardNamespaces.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonstandardentitiesinstandardnamespaces.NonStandardEntitiesInStandardNamespaces -class TestFileQuery extends NonStandardEntitiesInStandardNamespacesSharedQuery, TestQuery { } +class TestFileQuery extends NonStandardEntitiesInStandardNamespacesSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql b/cpp/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql index bcf99b44e7..775599e10e 100644 --- a/cpp/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql +++ b/cpp/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonvoidfunctiondoesnotreturn.NonVoidFunctionDoesNotReturn -class TestFileQuery extends NonVoidFunctionDoesNotReturnSharedQuery, TestQuery { } +class TestFileQuery extends NonVoidFunctionDoesNotReturnSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/objectaccessedafterlifetime/ObjectAccessedAfterLifetime.ql b/cpp/common/test/rules/objectaccessedafterlifetime/ObjectAccessedAfterLifetime.ql index fbf2270fb9..a6dd5f0ddb 100644 --- a/cpp/common/test/rules/objectaccessedafterlifetime/ObjectAccessedAfterLifetime.ql +++ b/cpp/common/test/rules/objectaccessedafterlifetime/ObjectAccessedAfterLifetime.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.objectaccessedafterlifetime.ObjectAccessedAfterLifetime -class TestFileQuery extends ObjectAccessedAfterLifetimeSharedQuery, TestQuery { } +class TestFileQuery extends ObjectAccessedAfterLifetimeSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/objectaccessedbeforelifetime/ObjectAccessedBeforeLifetime.ql b/cpp/common/test/rules/objectaccessedbeforelifetime/ObjectAccessedBeforeLifetime.ql index aa88f954dc..c7e11a4489 100644 --- a/cpp/common/test/rules/objectaccessedbeforelifetime/ObjectAccessedBeforeLifetime.ql +++ b/cpp/common/test/rules/objectaccessedbeforelifetime/ObjectAccessedBeforeLifetime.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.objectaccessedbeforelifetime.ObjectAccessedBeforeLifetime -class TestFileQuery extends ObjectAccessedBeforeLifetimeSharedQuery, TestQuery { } +class TestFileQuery extends ObjectAccessedBeforeLifetimeSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/onedefinitionruleviolation/OneDefinitionRuleViolation.ql b/cpp/common/test/rules/onedefinitionruleviolation/OneDefinitionRuleViolation.ql index 0f01e0b871..8b818c9f65 100644 --- a/cpp/common/test/rules/onedefinitionruleviolation/OneDefinitionRuleViolation.ql +++ b/cpp/common/test/rules/onedefinitionruleviolation/OneDefinitionRuleViolation.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.onedefinitionruleviolation.OneDefinitionRuleViolation -class TestFileQuery extends OneDefinitionRuleViolationSharedQuery, TestQuery { } +class TestFileQuery extends OneDefinitionRuleViolationSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/operationmaynotnullterminatecstylestring/OperationMayNotNullTerminateCStyleString.ql b/cpp/common/test/rules/operationmaynotnullterminatecstylestring/OperationMayNotNullTerminateCStyleString.ql index 88637e5fb8..191a71c62d 100644 --- a/cpp/common/test/rules/operationmaynotnullterminatecstylestring/OperationMayNotNullTerminateCStyleString.ql +++ b/cpp/common/test/rules/operationmaynotnullterminatecstylestring/OperationMayNotNullTerminateCStyleString.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.operationmaynotnullterminatecstylestring.OperationMayNotNullTerminateCStyleString -class TestFileQuery extends OperationMayNotNullTerminateCStyleStringSharedQuery, TestQuery { } +class TestFileQuery extends OperationMayNotNullTerminateCStyleStringSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/operatordeletemissingpartner/OperatorDeleteMissingPartner.ql b/cpp/common/test/rules/operatordeletemissingpartner/OperatorDeleteMissingPartner.ql index df5ed195c3..2239471465 100644 --- a/cpp/common/test/rules/operatordeletemissingpartner/OperatorDeleteMissingPartner.ql +++ b/cpp/common/test/rules/operatordeletemissingpartner/OperatorDeleteMissingPartner.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.operatordeletemissingpartner.OperatorDeleteMissingPartner -class TestFileQuery extends OperatorDeleteMissingPartnerSharedQuery, TestQuery { } +class TestFileQuery extends OperatorDeleteMissingPartnerSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.ql b/cpp/common/test/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.ql index 765e11c79e..a546ac7dee 100644 --- a/cpp/common/test/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.ql +++ b/cpp/common/test/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.orderingpredicatemustbestrictlyweak.OrderingPredicateMustBeStrictlyWeak -class TestFileQuery extends OrderingPredicateMustBeStrictlyWeakSharedQuery, TestQuery { } +class TestFileQuery extends OrderingPredicateMustBeStrictlyWeakSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.ql b/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.ql index efdcb47a16..06ce668f27 100644 --- a/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.ql +++ b/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.ownedpointervaluestoredinunrelatedsmartpointer.OwnedPointerValueStoredInUnrelatedSmartPointer -class TestFileQuery extends OwnedPointerValueStoredInUnrelatedSmartPointerSharedQuery, TestQuery { } +class TestFileQuery extends OwnedPointerValueStoredInUnrelatedSmartPointerSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.ql b/cpp/common/test/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.ql index d63da2dc8d..7b30c736d3 100644 --- a/cpp/common/test/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.ql +++ b/cpp/common/test/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.placementnewinsufficientstorage.PlacementNewInsufficientStorage -class TestFileQuery extends PlacementNewInsufficientStorageSharedQuery, TestQuery { } +class TestFileQuery extends PlacementNewInsufficientStorageSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/placementnewnotproperlyaligned/PlacementNewNotProperlyAligned.ql b/cpp/common/test/rules/placementnewnotproperlyaligned/PlacementNewNotProperlyAligned.ql index 913b1c9c66..5f4fd81927 100644 --- a/cpp/common/test/rules/placementnewnotproperlyaligned/PlacementNewNotProperlyAligned.ql +++ b/cpp/common/test/rules/placementnewnotproperlyaligned/PlacementNewNotProperlyAligned.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.placementnewnotproperlyaligned.PlacementNewNotProperlyAligned -class TestFileQuery extends PlacementNewNotProperlyAlignedSharedQuery, TestQuery { } +class TestFileQuery extends PlacementNewNotProperlyAlignedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/predicatefunctionobjectsshouldnotbemutable/PredicateFunctionObjectsShouldNotBeMutable.ql b/cpp/common/test/rules/predicatefunctionobjectsshouldnotbemutable/PredicateFunctionObjectsShouldNotBeMutable.ql index 1c9c73fb3d..0d4dec003f 100644 --- a/cpp/common/test/rules/predicatefunctionobjectsshouldnotbemutable/PredicateFunctionObjectsShouldNotBeMutable.ql +++ b/cpp/common/test/rules/predicatefunctionobjectsshouldnotbemutable/PredicateFunctionObjectsShouldNotBeMutable.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.predicatefunctionobjectsshouldnotbemutable.PredicateFunctionObjectsShouldNotBeMutable -class TestFileQuery extends PredicateFunctionObjectsShouldNotBeMutableSharedQuery, TestQuery { } +class TestFileQuery extends PredicateFunctionObjectsShouldNotBeMutableSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql b/cpp/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql index d66babdb6d..35bc1586b0 100644 --- a/cpp/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql +++ b/cpp/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessingdirectivewithinmacroargument.PreprocessingDirectiveWithinMacroArgument -class TestFileQuery extends PreprocessingDirectiveWithinMacroArgumentSharedQuery, TestQuery { } +class TestFileQuery extends PreprocessingDirectiveWithinMacroArgumentSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql b/cpp/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql index c7652ab4ae..f12f9663b1 100644 --- a/cpp/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql +++ b/cpp/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessorincludesforbiddenheadernames.PreprocessorIncludesForbiddenHeaderNames -class TestFileQuery extends PreprocessorIncludesForbiddenHeaderNamesSharedQuery, TestQuery { } +class TestFileQuery extends PreprocessorIncludesForbiddenHeaderNamesSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql b/cpp/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql index 43701dbbf9..44f700604a 100644 --- a/cpp/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql +++ b/cpp/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessorincludespreceded.PreprocessorIncludesPreceded -class TestFileQuery extends PreprocessorIncludesPrecededSharedQuery, TestQuery { } +class TestFileQuery extends PreprocessorIncludesPrecededSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql b/cpp/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql index 009c7f9e26..6fd33d601b 100644 --- a/cpp/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql +++ b/cpp/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preservesafetywhenusingconditionvariables.PreserveSafetyWhenUsingConditionVariables -class TestFileQuery extends PreserveSafetyWhenUsingConditionVariablesSharedQuery, TestQuery { } +class TestFileQuery extends PreserveSafetyWhenUsingConditionVariablesSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql b/cpp/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql index 4ca46f15ea..9968a80e75 100644 --- a/cpp/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql +++ b/cpp/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preventdeadlockbylockinginpredefinedorder.PreventDeadlockByLockingInPredefinedOrder -class TestFileQuery extends PreventDeadlockByLockingInPredefinedOrderSharedQuery, TestQuery { } +class TestFileQuery extends PreventDeadlockByLockingInPredefinedOrderSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql b/cpp/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql index 9150d4459d..cec14d6dac 100644 --- a/cpp/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql +++ b/cpp/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.readofuninitializedmemory.ReadOfUninitializedMemory -class TestFileQuery extends ReadOfUninitializedMemorySharedQuery, TestQuery { } +class TestFileQuery extends ReadOfUninitializedMemorySharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/removeconstorvolatilequalification/RemoveConstOrVolatileQualification.ql b/cpp/common/test/rules/removeconstorvolatilequalification/RemoveConstOrVolatileQualification.ql index 61865cccab..137fc2edf1 100644 --- a/cpp/common/test/rules/removeconstorvolatilequalification/RemoveConstOrVolatileQualification.ql +++ b/cpp/common/test/rules/removeconstorvolatilequalification/RemoveConstOrVolatileQualification.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.removeconstorvolatilequalification.RemoveConstOrVolatileQualification -class TestFileQuery extends RemoveConstOrVolatileQualificationSharedQuery, TestQuery { } +class TestFileQuery extends RemoveConstOrVolatileQualificationSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/rethrownestedwithoutcapture/RethrowNestedWithoutCapture.ql b/cpp/common/test/rules/rethrownestedwithoutcapture/RethrowNestedWithoutCapture.ql index ab45ada710..e3cc2a62fb 100644 --- a/cpp/common/test/rules/rethrownestedwithoutcapture/RethrowNestedWithoutCapture.ql +++ b/cpp/common/test/rules/rethrownestedwithoutcapture/RethrowNestedWithoutCapture.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.rethrownestedwithoutcapture.RethrowNestedWithoutCapture -class TestFileQuery extends RethrowNestedWithoutCaptureSharedQuery, TestQuery { } +class TestFileQuery extends RethrowNestedWithoutCaptureSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql b/cpp/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql index aacadf0253..00d24cc943 100644 --- a/cpp/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql +++ b/cpp/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.sectionsofcodeshallnotbecommentedout.SectionsOfCodeShallNotBeCommentedOut -class TestFileQuery extends SectionsOfCodeShallNotBeCommentedOutSharedQuery, TestQuery { } +class TestFileQuery extends SectionsOfCodeShallNotBeCommentedOutSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/stringnumberconversionmissingerrorcheck/StringNumberConversionMissingErrorCheck.ql b/cpp/common/test/rules/stringnumberconversionmissingerrorcheck/StringNumberConversionMissingErrorCheck.ql index 7fae4b8b9a..9e35a26b6d 100644 --- a/cpp/common/test/rules/stringnumberconversionmissingerrorcheck/StringNumberConversionMissingErrorCheck.ql +++ b/cpp/common/test/rules/stringnumberconversionmissingerrorcheck/StringNumberConversionMissingErrorCheck.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.stringnumberconversionmissingerrorcheck.StringNumberConversionMissingErrorCheck -class TestFileQuery extends StringNumberConversionMissingErrorCheckSharedQuery, TestQuery { } +class TestFileQuery extends StringNumberConversionMissingErrorCheckSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql b/cpp/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql index 1b323a652d..de3d7c5c9c 100644 --- a/cpp/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql +++ b/cpp/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.switchcasepositioncondition.SwitchCasePositionCondition -class TestFileQuery extends SwitchCasePositionConditionSharedQuery, TestQuery { } +class TestFileQuery extends SwitchCasePositionConditionSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql b/cpp/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql index 75ce3cb1ec..3669f8739e 100644 --- a/cpp/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql +++ b/cpp/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.switchnotwellformed.SwitchNotWellFormed -class TestFileQuery extends SwitchNotWellFormedSharedQuery, TestQuery { } +class TestFileQuery extends SwitchNotWellFormedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/throwingnothrowoperatornewdelete/ThrowingNoThrowOperatorNewDelete.ql b/cpp/common/test/rules/throwingnothrowoperatornewdelete/ThrowingNoThrowOperatorNewDelete.ql index 0135c410f4..039db1c5c3 100644 --- a/cpp/common/test/rules/throwingnothrowoperatornewdelete/ThrowingNoThrowOperatorNewDelete.ql +++ b/cpp/common/test/rules/throwingnothrowoperatornewdelete/ThrowingNoThrowOperatorNewDelete.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.throwingnothrowoperatornewdelete.ThrowingNoThrowOperatorNewDelete -class TestFileQuery extends ThrowingNoThrowOperatorNewDeleteSharedQuery, TestQuery { } +class TestFileQuery extends ThrowingNoThrowOperatorNewDeleteSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.ql b/cpp/common/test/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.ql index c0fc6c8619..b034de0a67 100644 --- a/cpp/common/test/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.ql +++ b/cpp/common/test/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.throwingoperatornewreturnsnull.ThrowingOperatorNewReturnsNull -class TestFileQuery extends ThrowingOperatorNewReturnsNullSharedQuery, TestQuery { } +class TestFileQuery extends ThrowingOperatorNewReturnsNullSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/throwingoperatornewthrowsinvalidexception/ThrowingOperatorNewThrowsInvalidException.ql b/cpp/common/test/rules/throwingoperatornewthrowsinvalidexception/ThrowingOperatorNewThrowsInvalidException.ql index 072a5c7027..e4917831e5 100644 --- a/cpp/common/test/rules/throwingoperatornewthrowsinvalidexception/ThrowingOperatorNewThrowsInvalidException.ql +++ b/cpp/common/test/rules/throwingoperatornewthrowsinvalidexception/ThrowingOperatorNewThrowsInvalidException.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.throwingoperatornewthrowsinvalidexception.ThrowingOperatorNewThrowsInvalidException -class TestFileQuery extends ThrowingOperatorNewThrowsInvalidExceptionSharedQuery, TestQuery { } +class TestFileQuery extends ThrowingOperatorNewThrowsInvalidExceptionSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql b/cpp/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql index 11720fb8da..6ae007bd39 100644 --- a/cpp/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql +++ b/cpp/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.uncheckedrangedomainpoleerrors.UncheckedRangeDomainPoleErrors -class TestFileQuery extends UncheckedRangeDomainPoleErrorsSharedQuery, TestQuery { } +class TestFileQuery extends UncheckedRangeDomainPoleErrorsSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql b/cpp/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql index 316565cab7..168b3a0b2e 100644 --- a/cpp/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql +++ b/cpp/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.undefinedmacroidentifiers.UndefinedMacroIdentifiers -class TestFileQuery extends UndefinedMacroIdentifiersSharedQuery, TestQuery { } +class TestFileQuery extends UndefinedMacroIdentifiersSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql b/cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql index 3baad901da..3b1e4b7c56 100644 --- a/cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql +++ b/cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unnecessaryexposedidentifierdeclarationshared.UnnecessaryExposedIdentifierDeclarationShared -class TestFileQuery extends UnnecessaryExposedIdentifierDeclarationSharedSharedQuery, TestQuery { } +class TestFileQuery extends UnnecessaryExposedIdentifierDeclarationSharedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/unreachablecode/UnreachableCode.ql b/cpp/common/test/rules/unreachablecode/UnreachableCode.ql index c394bfba3e..61554593fd 100644 --- a/cpp/common/test/rules/unreachablecode/UnreachableCode.ql +++ b/cpp/common/test/rules/unreachablecode/UnreachableCode.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unreachablecode.UnreachableCode -class TestFileQuery extends UnreachableCodeSharedQuery, TestQuery { } +class TestFileQuery extends UnreachableCodeSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/unusedparameter/UnusedParameter.ql b/cpp/common/test/rules/unusedparameter/UnusedParameter.ql index e990a7dcf3..4dc2000dbb 100644 --- a/cpp/common/test/rules/unusedparameter/UnusedParameter.ql +++ b/cpp/common/test/rules/unusedparameter/UnusedParameter.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unusedparameter.UnusedParameter -class TestFileQuery extends UnusedParameterSharedQuery, TestQuery { } +class TestFileQuery extends UnusedParameterSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql b/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql index f1c09524d5..76ccfec0f2 100644 --- a/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql +++ b/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unusedtypedeclarations.UnusedTypeDeclarations -class TestFileQuery extends UnusedTypeDeclarationsSharedQuery, TestQuery { } +class TestFileQuery extends UnusedTypeDeclarationsSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql b/cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql index f9997627b4..c8b9f229f4 100644 --- a/cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql +++ b/cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.usageofassemblernotdocumented.UsageOfAssemblerNotDocumented -class TestFileQuery extends UsageOfAssemblerNotDocumentedSharedQuery, TestQuery { } +class TestFileQuery extends UsageOfAssemblerNotDocumentedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/usecanonicalorderformemberinit/UseCanonicalOrderForMemberInit.ql b/cpp/common/test/rules/usecanonicalorderformemberinit/UseCanonicalOrderForMemberInit.ql index c703151f75..6cee3d153d 100644 --- a/cpp/common/test/rules/usecanonicalorderformemberinit/UseCanonicalOrderForMemberInit.ql +++ b/cpp/common/test/rules/usecanonicalorderformemberinit/UseCanonicalOrderForMemberInit.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.usecanonicalorderformemberinit.UseCanonicalOrderForMemberInit -class TestFileQuery extends UseCanonicalOrderForMemberInitSharedQuery, TestQuery { } +class TestFileQuery extends UseCanonicalOrderForMemberInitSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql b/cpp/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql index 55554bee07..7edd86ecab 100644 --- a/cpp/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql +++ b/cpp/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.useonlyarrayindexingforpointerarithmetic.UseOnlyArrayIndexingForPointerArithmetic -class TestFileQuery extends UseOnlyArrayIndexingForPointerArithmeticSharedQuery, TestQuery { } +class TestFileQuery extends UseOnlyArrayIndexingForPointerArithmeticSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/validcontainerelementaccess/ValidContainerElementAccess.ql b/cpp/common/test/rules/validcontainerelementaccess/ValidContainerElementAccess.ql index 5f61b8a2a9..64e86b2ba5 100644 --- a/cpp/common/test/rules/validcontainerelementaccess/ValidContainerElementAccess.ql +++ b/cpp/common/test/rules/validcontainerelementaccess/ValidContainerElementAccess.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.validcontainerelementaccess.ValidContainerElementAccess -class TestFileQuery extends ValidContainerElementAccessSharedQuery, TestQuery { } +class TestFileQuery extends ValidContainerElementAccessSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql b/cpp/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql index 44947bf85a..af84dd07c1 100644 --- a/cpp/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql +++ b/cpp/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.wrapspuriousfunctioninloop.WrapSpuriousFunctionInLoop -class TestFileQuery extends WrapSpuriousFunctionInLoopSharedQuery, TestQuery { } +class TestFileQuery extends WrapSpuriousFunctionInLoopSharedQuery, TestQuery { +} diff --git a/scripts/generate_rules/generate_package_files.py b/scripts/generate_rules/generate_package_files.py index 7f9a63ef8d..98bc1b5595 100644 --- a/scripts/generate_rules/generate_package_files.py +++ b/scripts/generate_rules/generate_package_files.py @@ -182,7 +182,8 @@ def write_shared_implementation(package_name, rule_id, query, language_name, ql_ + "\n" ) f.write("\n"); - f.write("class TestFileQuery extends " + str(query["shared_implementation_short_name"]) + "SharedQuery, TestQuery { }\n") + f.write("class TestFileQuery extends " + str(query["shared_implementation_short_name"]) + "SharedQuery, TestQuery {\n") + f.write("}\n") # Create an empty test file, if one doesn't already exist shared_impl_test_dir.joinpath( From a1a47cc21c0c438a8daa0d09c4edc523ad75ff77 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 29 Sep 2023 18:09:05 +0100 Subject: [PATCH 1230/2573] RULE-17-5: Avoid deprecated predicate --- .../rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql b/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql index 0b5b95016c..215f9811c2 100644 --- a/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql +++ b/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql @@ -42,7 +42,7 @@ class ArrayParameter extends Parameter { * int arr2[2] = {1, 2, 3}; * ``` */ -int countElements(ArrayAggregateLiteral l) { result = count(l.getElementExpr(_)) } +int countElements(ArrayAggregateLiteral l) { result = count(l.getAnElementExpr(_)) } class SmallArrayConfig extends DataFlow::Configuration { SmallArrayConfig() { this = "SmallArrayConfig" } From 805dc57c7f3f4183d6d8212ae1d50adbab558b40 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 2 Oct 2023 23:55:40 +0000 Subject: [PATCH 1231/2573] Bump urllib3 from 2.0.4 to 2.0.6 in /scripts/upgrade-codeql-dependencies Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.0.4 to 2.0.6. - [Release notes](https://github.com/urllib3/urllib3/releases) - [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst) - [Commits](https://github.com/urllib3/urllib3/compare/2.0.4...2.0.6) --- updated-dependencies: - dependency-name: urllib3 dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- scripts/upgrade-codeql-dependencies/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/upgrade-codeql-dependencies/requirements.txt b/scripts/upgrade-codeql-dependencies/requirements.txt index 51cdfea505..4ad888505b 100644 --- a/scripts/upgrade-codeql-dependencies/requirements.txt +++ b/scripts/upgrade-codeql-dependencies/requirements.txt @@ -3,4 +3,4 @@ charset-normalizer==3.2.0 idna==3.4 requests==2.31.0 semantic-version==2.10.0 -urllib3==2.0.4 +urllib3==2.0.6 From 25d6eab863803fdde0607b7179106f6b66145862 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 3 Oct 2023 04:47:59 +0000 Subject: [PATCH 1232/2573] Bump urllib3 from 1.26.5 to 1.26.17 in /scripts Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.5 to 1.26.17. - [Release notes](https://github.com/urllib3/urllib3/releases) - [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst) - [Commits](https://github.com/urllib3/urllib3/compare/1.26.5...1.26.17) --- updated-dependencies: - dependency-name: urllib3 dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- scripts/requirements.txt | 2 +- scripts/upgrade-codeql-dependencies/requirements.txt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/requirements.txt b/scripts/requirements.txt index f09675930f..a38b2a8aeb 100644 --- a/scripts/requirements.txt +++ b/scripts/requirements.txt @@ -9,7 +9,7 @@ MarkupSafe==1.1.1 requests==2.31.0 smmap==3.0.5 soupsieve==2.0.1 -urllib3==1.26.5 +urllib3==1.26.17 pyyaml==5.4 wheel==0.38.1 jsonschema==4.9.1 diff --git a/scripts/upgrade-codeql-dependencies/requirements.txt b/scripts/upgrade-codeql-dependencies/requirements.txt index 51cdfea505..7018f4cc3f 100644 --- a/scripts/upgrade-codeql-dependencies/requirements.txt +++ b/scripts/upgrade-codeql-dependencies/requirements.txt @@ -3,4 +3,4 @@ charset-normalizer==3.2.0 idna==3.4 requests==2.31.0 semantic-version==2.10.0 -urllib3==2.0.4 +urllib3==1.26.17 From 9efce9475e88e702e9c9d0449f0d83314386c1ba Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 4 Oct 2023 17:17:11 +0100 Subject: [PATCH 1233/2573] M5-0-20: Exclude pointer assign from bitwise assign This query was erroneously reporting pointer assign as a bitwise assign operator. --- .../2023-10-04-m5-0-20-exclude-pointer-bitwise.md | 1 + ...wiseOperatorOperandsHaveDifferentUnderlyingType.ql | 11 ++++++++++- cpp/autosar/test/rules/M5-0-20/test.cpp | 5 +++++ 3 files changed, 16 insertions(+), 1 deletion(-) create mode 100644 change_notes/2023-10-04-m5-0-20-exclude-pointer-bitwise.md diff --git a/change_notes/2023-10-04-m5-0-20-exclude-pointer-bitwise.md b/change_notes/2023-10-04-m5-0-20-exclude-pointer-bitwise.md new file mode 100644 index 0000000000..6df6395640 --- /dev/null +++ b/change_notes/2023-10-04-m5-0-20-exclude-pointer-bitwise.md @@ -0,0 +1 @@ + * `M5-0-20` - exclude pointer assignment operators as bitwise operators. \ No newline at end of file diff --git a/cpp/autosar/src/rules/M5-0-20/BitwiseOperatorOperandsHaveDifferentUnderlyingType.ql b/cpp/autosar/src/rules/M5-0-20/BitwiseOperatorOperandsHaveDifferentUnderlyingType.ql index e1a8f568e8..f8f1d11a13 100644 --- a/cpp/autosar/src/rules/M5-0-20/BitwiseOperatorOperandsHaveDifferentUnderlyingType.ql +++ b/cpp/autosar/src/rules/M5-0-20/BitwiseOperatorOperandsHaveDifferentUnderlyingType.ql @@ -22,7 +22,16 @@ predicate isBinaryBitwiseOperation(Operation o, VariableAccess l, VariableAccess l = bbo.getLeftOperand() and r = bbo.getRightOperand() ) or - exists(AssignBitwiseOperation abo | abo = o | l = abo.getLValue() and r = abo.getRValue()) + exists(AssignBitwiseOperation abo | + abo = o and + // exclude += and -= on pointers, which seem to be erroneously included + // in the database schema + not abo instanceof AssignPointerAddExpr and + not abo instanceof AssignPointerSubExpr + | + l = abo.getLValue() and + r = abo.getRValue() + ) } from Operation o, Variable left, Variable right diff --git a/cpp/autosar/test/rules/M5-0-20/test.cpp b/cpp/autosar/test/rules/M5-0-20/test.cpp index 925a5ec6b8..2db9252445 100644 --- a/cpp/autosar/test/rules/M5-0-20/test.cpp +++ b/cpp/autosar/test/rules/M5-0-20/test.cpp @@ -71,3 +71,8 @@ void test463_2_instantiations() { char shift2 = 2; test463_2(val, shift2); } + +void test_add(char *val) { + int add = 2; + val += add; // COMPLIANT +} \ No newline at end of file From 9dfe737eb8aebd5b536c6330a48f64e145adfa38 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 4 Oct 2023 18:08:57 +0100 Subject: [PATCH 1234/2573] Remove deceptive uses of AssignBitwiseOperator AssignBitwiseOperator erroneously includes pointer += and -=. --- .../OperandsOfAnInappropriateEssentialType.ql | 3 ++- c/misra/test/rules/RULE-10-1/test.c | 2 ++ ...23-10-04-m5-0-20-exclude-pointer-bitwise.md | 2 +- ...ratorOperandsHaveDifferentUnderlyingType.ql | 9 ++------- .../BitwiseOperatorAppliedToSignedTypes.ql | 3 ++- .../RightBitShiftOperandIsNegativeOrTooWide.ql | 3 ++- cpp/autosar/test/rules/M5-0-21/test.cpp | 4 ++++ cpp/common/src/codingstandards/cpp/Bitwise.qll | 18 ++++++++++++++++++ 8 files changed, 33 insertions(+), 11 deletions(-) create mode 100644 cpp/common/src/codingstandards/cpp/Bitwise.qll diff --git a/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql b/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql index 005b7c6cf5..4043e40ef1 100644 --- a/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql +++ b/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql @@ -14,6 +14,7 @@ import cpp import codingstandards.c.misra import codingstandards.c.misra.EssentialTypes +import codingstandards.cpp.Bitwise /** * Holds if the operator `operator` has an operand `child` that is of an inappropriate essential type @@ -177,7 +178,7 @@ predicate isInappropriateEssentialType( child = [ operator.(BinaryBitwiseOperation).getAnOperand(), - operator.(AssignBitwiseOperation).getAnOperand() + operator.(AssignBitwiseOperationFixed).getAnOperand() ] and not operator instanceof LShiftExpr and not operator instanceof RShiftExpr and diff --git a/c/misra/test/rules/RULE-10-1/test.c b/c/misra/test/rules/RULE-10-1/test.c index 8945890d4c..b4d3ffb17d 100644 --- a/c/misra/test/rules/RULE-10-1/test.c +++ b/c/misra/test/rules/RULE-10-1/test.c @@ -492,4 +492,6 @@ void pointerType() { b || b; // COMPLIANT p || b; // NON_COMPLIANT b || p; // NON_COMPLIANT + p+=1; // COMPLIANT + p-=1; // COMPLIANT } diff --git a/change_notes/2023-10-04-m5-0-20-exclude-pointer-bitwise.md b/change_notes/2023-10-04-m5-0-20-exclude-pointer-bitwise.md index 6df6395640..dc8d47f064 100644 --- a/change_notes/2023-10-04-m5-0-20-exclude-pointer-bitwise.md +++ b/change_notes/2023-10-04-m5-0-20-exclude-pointer-bitwise.md @@ -1 +1 @@ - * `M5-0-20` - exclude pointer assignment operators as bitwise operators. \ No newline at end of file + * `M5-0-20`, `M5-0-21`, `RULE-10-1` - exclude pointer assignment operators as bitwise operators. \ No newline at end of file diff --git a/cpp/autosar/src/rules/M5-0-20/BitwiseOperatorOperandsHaveDifferentUnderlyingType.ql b/cpp/autosar/src/rules/M5-0-20/BitwiseOperatorOperandsHaveDifferentUnderlyingType.ql index f8f1d11a13..d400faf0c1 100644 --- a/cpp/autosar/src/rules/M5-0-20/BitwiseOperatorOperandsHaveDifferentUnderlyingType.ql +++ b/cpp/autosar/src/rules/M5-0-20/BitwiseOperatorOperandsHaveDifferentUnderlyingType.ql @@ -16,19 +16,14 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.Bitwise predicate isBinaryBitwiseOperation(Operation o, VariableAccess l, VariableAccess r) { exists(BinaryBitwiseOperation bbo | bbo = o | l = bbo.getLeftOperand() and r = bbo.getRightOperand() ) or - exists(AssignBitwiseOperation abo | - abo = o and - // exclude += and -= on pointers, which seem to be erroneously included - // in the database schema - not abo instanceof AssignPointerAddExpr and - not abo instanceof AssignPointerSubExpr - | + exists(AssignBitwiseOperationFixed abo | abo = o | l = abo.getLValue() and r = abo.getRValue() ) diff --git a/cpp/autosar/src/rules/M5-0-21/BitwiseOperatorAppliedToSignedTypes.ql b/cpp/autosar/src/rules/M5-0-21/BitwiseOperatorAppliedToSignedTypes.ql index 02bb5314cd..710aa72b0c 100644 --- a/cpp/autosar/src/rules/M5-0-21/BitwiseOperatorAppliedToSignedTypes.ql +++ b/cpp/autosar/src/rules/M5-0-21/BitwiseOperatorAppliedToSignedTypes.ql @@ -17,6 +17,7 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.Bitwise from Operation o, VariableAccess va where @@ -24,7 +25,7 @@ where ( o instanceof UnaryBitwiseOperation or o instanceof BinaryBitwiseOperation or - o instanceof AssignBitwiseOperation + o instanceof AssignBitwiseOperationFixed ) and o.getAnOperand() = va and va.getTarget().getUnderlyingType().(IntegralType).isSigned() diff --git a/cpp/autosar/src/rules/M5-8-1/RightBitShiftOperandIsNegativeOrTooWide.ql b/cpp/autosar/src/rules/M5-8-1/RightBitShiftOperandIsNegativeOrTooWide.ql index b94d76fd94..3b0e830ef9 100644 --- a/cpp/autosar/src/rules/M5-8-1/RightBitShiftOperandIsNegativeOrTooWide.ql +++ b/cpp/autosar/src/rules/M5-8-1/RightBitShiftOperandIsNegativeOrTooWide.ql @@ -17,6 +17,7 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.Bitwise class ShiftOperation extends Operation { Expr leftOperand; @@ -33,7 +34,7 @@ class ShiftOperation extends Operation { rightOperand = o.getRightOperand() ) or - exists(AssignBitwiseOperation o | this = o | + exists(AssignBitwiseOperationFixed o | this = o | ( o instanceof AssignLShiftExpr or diff --git a/cpp/autosar/test/rules/M5-0-21/test.cpp b/cpp/autosar/test/rules/M5-0-21/test.cpp index eb6c88c8be..0dbedd9f1f 100644 --- a/cpp/autosar/test/rules/M5-0-21/test.cpp +++ b/cpp/autosar/test/rules/M5-0-21/test.cpp @@ -45,4 +45,8 @@ void test() { u ^= u; // COMPLIANT u | 0; // COMPLIANT u |= 0; // COMPLIANT + + int *p = 0; + p += 1; // COMPLIANT + p -= 1; // COMPLIANT } \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/Bitwise.qll b/cpp/common/src/codingstandards/cpp/Bitwise.qll new file mode 100644 index 0000000000..35b6a803c7 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/Bitwise.qll @@ -0,0 +1,18 @@ +/** + * A library for addressing issues in bitwise operator modelling in our database schema. + */ + +import cpp + +/** + * A binary bitwise assign operation, excluding += and -= on pointers, which seem to be erroneously + * included. + */ +class AssignBitwiseOperationFixed extends AssignBitwiseOperation { + AssignBitwiseOperationFixed() { + // exclude += and -= on pointers, which seem to be erroneously included + // in the database schema + not this instanceof AssignPointerAddExpr and + not this instanceof AssignPointerSubExpr + } +} From 6c5a62fafd454d36c6ef37bd46e6c0f058dd5315 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 4 Oct 2023 18:51:21 +0100 Subject: [PATCH 1235/2573] Fix formatting. --- c/misra/test/rules/RULE-10-1/test.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/c/misra/test/rules/RULE-10-1/test.c b/c/misra/test/rules/RULE-10-1/test.c index b4d3ffb17d..19b7d2e3e8 100644 --- a/c/misra/test/rules/RULE-10-1/test.c +++ b/c/misra/test/rules/RULE-10-1/test.c @@ -492,6 +492,6 @@ void pointerType() { b || b; // COMPLIANT p || b; // NON_COMPLIANT b || p; // NON_COMPLIANT - p+=1; // COMPLIANT - p-=1; // COMPLIANT + p += 1; // COMPLIANT + p -= 1; // COMPLIANT } From 5efac9768a4edd9f36775c37c5f5f732f9822da0 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 4 Oct 2023 23:09:24 +0100 Subject: [PATCH 1236/2573] M8-5-2: recognise aggregate literals initialized with parameters from variadic templates. --- ...0-04-aggregate-literals-from-variadic-templates.md | 1 + cpp/autosar/test/rules/M8-5-2/test.cpp | 11 ++++++++++- .../cpp/enhancements/AggregateLiteralEnhancements.qll | 3 +++ 3 files changed, 14 insertions(+), 1 deletion(-) create mode 100644 change_notes/2023-10-04-aggregate-literals-from-variadic-templates.md diff --git a/change_notes/2023-10-04-aggregate-literals-from-variadic-templates.md b/change_notes/2023-10-04-aggregate-literals-from-variadic-templates.md new file mode 100644 index 0000000000..f282d92565 --- /dev/null +++ b/change_notes/2023-10-04-aggregate-literals-from-variadic-templates.md @@ -0,0 +1 @@ + * `M8-5-2` - recognise aggregate literals initialized with parameters from variadic templates. \ No newline at end of file diff --git a/cpp/autosar/test/rules/M8-5-2/test.cpp b/cpp/autosar/test/rules/M8-5-2/test.cpp index b3a75e92ee..d78dd3df81 100644 --- a/cpp/autosar/test/rules/M8-5-2/test.cpp +++ b/cpp/autosar/test/rules/M8-5-2/test.cpp @@ -55,4 +55,13 @@ void test() { Bar b2{{0}}; // NON_COMPLIANT - missing explicit init, nested zero init StructNested n{}; // COMPLIANT StructNested n1 = {}; // COMPLIANT -} \ No newline at end of file +} + +#include +template bool all_of(std::initializer_list); + +template constexpr bool all_of(Args... args) noexcept { + return all_of({args...}); +} + +void test_all_of() { all_of(true, false, false); } \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/enhancements/AggregateLiteralEnhancements.qll b/cpp/common/src/codingstandards/cpp/enhancements/AggregateLiteralEnhancements.qll index 4d80fc16a2..34f91cf611 100644 --- a/cpp/common/src/codingstandards/cpp/enhancements/AggregateLiteralEnhancements.qll +++ b/cpp/common/src/codingstandards/cpp/enhancements/AggregateLiteralEnhancements.qll @@ -85,6 +85,9 @@ module ArrayAggregateLiterals { // The aggregate itself not be compiler generated, or in a macro expansion, otherwise our line numbers will be off not cal.isCompilerGenerated() and not cal.isInMacroExpansion() and + // Ignore cases where the compilerGenerated value is a variable access targeting + // a parameter, as these are generated from variadic templates + not compilerGeneratedVal.(VariableAccess).getTarget() instanceof Parameter and exists(string filepath, int startline, int startcolumn, int endline, int endcolumn | compilerGeneratedVal.getLocation().hasLocationInfo(filepath, _, _, endline, endcolumn) and previousExpr From 77ac3d09f523c924ed357a0896070d445461dda6 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Fri, 6 Oct 2023 00:03:24 +0100 Subject: [PATCH 1237/2573] Update cpp/autosar/test/rules/A7-3-1/test.cpp Co-authored-by: Remco Vermeulen --- cpp/autosar/test/rules/A7-3-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A7-3-1/test.cpp b/cpp/autosar/test/rules/A7-3-1/test.cpp index 1b82860ca2..667ee63579 100644 --- a/cpp/autosar/test/rules/A7-3-1/test.cpp +++ b/cpp/autosar/test/rules/A7-3-1/test.cpp @@ -67,7 +67,7 @@ class C5 : public C1 { using C1::f1; // order of using and f1 declaration is not relevant void f2(double) override; // COMPLIANT - using C1::f2; // order of using and f1 declaration is not relevant + using C1::f2; // order of using and f2 declaration is not relevant }; void f2() { From 6e35de7de268921ffd780ea70cca3793b2b7965b Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 6 Oct 2023 14:12:10 +0100 Subject: [PATCH 1238/2573] A7-3-1: Enable using to be on any line Similar change to NonOverridable case. --- .../rules/A7-3-1/HiddenInheritedOverridableMemberFunction.ql | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/cpp/autosar/src/rules/A7-3-1/HiddenInheritedOverridableMemberFunction.ql b/cpp/autosar/src/rules/A7-3-1/HiddenInheritedOverridableMemberFunction.ql index 4a252ecb51..f0200f684a 100644 --- a/cpp/autosar/src/rules/A7-3-1/HiddenInheritedOverridableMemberFunction.ql +++ b/cpp/autosar/src/rules/A7-3-1/HiddenInheritedOverridableMemberFunction.ql @@ -36,8 +36,7 @@ where // and the hidden declaration isn't explicitly brought in scope through a using declaration. not exists(UsingDeclarationEntry ude | ude.getDeclaration() = hiddenDecl.getDeclaration() and - ude.getEnclosingElement() = overridingDecl.getDeclaration().getDeclaringType() and - ude.getLocation().getStartLine() < overridingDecl.getLocation().getStartLine() + ude.getEnclosingElement() = overridingDecl.getDeclaration().getDeclaringType() ) or // 2. if the overriding declaration doesn't override a base member function but has the same name From 426245201001ecaeef391f60528349513f1e2c78 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 10 Oct 2023 20:45:51 +0000 Subject: [PATCH 1239/2573] Bump gitpython from 3.1.35 to 3.1.37 in /scripts Bumps [gitpython](https://github.com/gitpython-developers/GitPython) from 3.1.35 to 3.1.37. - [Release notes](https://github.com/gitpython-developers/GitPython/releases) - [Changelog](https://github.com/gitpython-developers/GitPython/blob/main/CHANGES) - [Commits](https://github.com/gitpython-developers/GitPython/compare/3.1.35...3.1.37) --- updated-dependencies: - dependency-name: gitpython dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- scripts/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/requirements.txt b/scripts/requirements.txt index 976c6a46b4..88189f1d08 100644 --- a/scripts/requirements.txt +++ b/scripts/requirements.txt @@ -2,7 +2,7 @@ beautifulsoup4==4.9.3 certifi==2023.7.22 chardet==3.0.4 gitdb==4.0.5 -GitPython==3.1.35 +GitPython==3.1.37 idna==2.10 Jinja2==2.11.3 MarkupSafe==1.1.1 From c956b2d834c19bcbac807c784464c244a052d010 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 28 Aug 2023 16:47:42 -0700 Subject: [PATCH 1240/2573] Add prepare release workflow --- .github/workflows/prepare-release.yml | 61 +++++++++++++++++++++++++++ scripts/release/requirements.txt | 1 + scripts/release/validate-version.py | 20 +++++++++ 3 files changed, 82 insertions(+) create mode 100644 .github/workflows/prepare-release.yml create mode 100644 scripts/release/requirements.txt create mode 100644 scripts/release/validate-version.py diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml new file mode 100644 index 0000000000..bb92fadad0 --- /dev/null +++ b/.github/workflows/prepare-release.yml @@ -0,0 +1,61 @@ +name: "Prepare CodeQL Coding Standards release" + +on: + workflow_dispatch: + inputs: + version: + description: | + The version to release (MUST follow semantic versioning). + required: true + ref: + description: | + The git commit, branch, or tag to release from. + required: true + +env: + RELEASE_VERSION: ${{ github.event.inputs.version }} + +jobs: + prepare-release: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v2 + with: + ref: ${{ github.event.inputs.ref }} + + - name: Install Python + uses: actions/setup-python@v2 + with: + python-version: "3.9" + + - name: Install release script dependencies + run: pip install -r scripts/release/requirements.txt + + - name: Validate version + run: | + scripts/release/validate-version.py "$RELEASE_VERSION" + + - name: Create release branch + run: | + git switch -c rc/$RELEASE_VERSION + git push --set-upstream origin rc/$RELEASE_VERSION + + - name: Update user manual version + run: | + find docs -name 'user_manual.md' | xargs sed -i "s/code-scanning-cpp-query-pack-.*\.zip\`/code-scanning-cpp-query-pack-$RELEASE_VERSION.zip\`/" + find docs -name 'user_manual.md' | xargs sed -i "s/supported_rules_list_.*\.csv\`/supported_rules_list_$RELEASE_VERSION.csv\`/" + find docs -name 'user_manual.md' | xargs sed -i "s/supported_rules_list_.*\.md\`/supported_rules_list_$RELEASE_VERSION.md\`/" + find docs -name 'user_manual.md' | xargs sed -i "s/user_manual_.*\.md\`/user_manual_$RELEASE_VERSION.md\`/" + find docs -name 'user_manual.md' | xargs sed -i "s/This user manual documents release \`.*\` of/This user manual documents release \`$RELEASE_VERSION\` of/" + + - name: Create release PR + uses: peter-evans/create-pull-request@v4 + with: + title: "Release $RELEASE_VERSION." + body: "This PR releases codeql-coding-standards version $RELEASE_VERSION." + commit-message: "Release $RELEASE_VERSION." + delete-branch: true + branch: "rc/$RELEASE_VERSION" + + \ No newline at end of file diff --git a/scripts/release/requirements.txt b/scripts/release/requirements.txt new file mode 100644 index 0000000000..537a1dc317 --- /dev/null +++ b/scripts/release/requirements.txt @@ -0,0 +1 @@ +semantic-version==2.10.0 diff --git a/scripts/release/validate-version.py b/scripts/release/validate-version.py new file mode 100644 index 0000000000..d0bf15fa64 --- /dev/null +++ b/scripts/release/validate-version.py @@ -0,0 +1,20 @@ +import semantic_version # type: ignore +from typing import Literal + +def main(args : list[str]) -> Literal[1, 0]: + if len(args) != 2: + print("Error: incorrect number of arguments", file=sys.stderr) + print(f"Usage: {args[0]} ", file=sys.stderr) + return 1 + + try: + semantic_version.Version.parse(args[1]) # type: ignore + return 0 + except ValueError as e: + print(f"Error: invalid version: {e}", file=sys.stderr) + return 1 + + +if __name__ == '__main__': + import sys + sys.exit(main(sys.argv)) \ No newline at end of file From c0aeff46be9afd54c139e25a86d3575c32a71927 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 28 Aug 2023 17:05:37 -0700 Subject: [PATCH 1241/2573] Add push event for testing workflow --- .github/workflows/prepare-release.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index bb92fadad0..00c2a8f2bd 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -11,6 +11,9 @@ on: description: | The git commit, branch, or tag to release from. required: true + push: + branches: + - rvermeulen/release-process-improvements env: RELEASE_VERSION: ${{ github.event.inputs.version }} From 12e730fa1de28d53664cb0067f81a27dbf8c8d93 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 28 Aug 2023 17:12:00 -0700 Subject: [PATCH 1242/2573] Add comment to remove push trigger --- .github/workflows/prepare-release.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 00c2a8f2bd..17f5249d76 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -11,6 +11,7 @@ on: description: | The git commit, branch, or tag to release from. required: true + # The following push event trigger is only used for testing purposes. Should be removed before merging! push: branches: - rvermeulen/release-process-improvements From 6e9ef57690c61a661288dfa530a8a08b8285da1e Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 28 Aug 2023 17:12:19 -0700 Subject: [PATCH 1243/2573] Remove the checkout ref because our scripts are not in main yet --- .github/workflows/prepare-release.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 17f5249d76..4e81668484 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -25,8 +25,8 @@ jobs: steps: - name: Checkout uses: actions/checkout@v2 - with: - ref: ${{ github.event.inputs.ref }} + #with: + #ref: ${{ github.event.inputs.ref }} - name: Install Python uses: actions/setup-python@v2 From 00e9fac488fc3e2cb976b931b12885073cbff89e Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 28 Aug 2023 17:13:30 -0700 Subject: [PATCH 1244/2573] Use python interpreter --- .github/workflows/prepare-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 4e81668484..6d098a62ab 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -38,7 +38,7 @@ jobs: - name: Validate version run: | - scripts/release/validate-version.py "$RELEASE_VERSION" + python scripts/release/validate-version.py "$RELEASE_VERSION" - name: Create release branch run: | From a9947780522c4b57a86ed35e7b43d764c7e9e9f9 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 28 Aug 2023 17:19:33 -0700 Subject: [PATCH 1245/2573] Conditionally execute on workflow dispatch --- .github/workflows/prepare-release.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 6d098a62ab..991842ddd1 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -21,6 +21,7 @@ env: jobs: prepare-release: + if: github.event_name == "workflow_dispatch" runs-on: ubuntu-latest steps: - name: Checkout From 47a565cf317f35e96040c019a1b901639bf958f7 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 28 Aug 2023 17:19:46 -0700 Subject: [PATCH 1246/2573] Add workflow name --- .github/workflows/prepare-release.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 991842ddd1..b12012b006 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -21,6 +21,7 @@ env: jobs: prepare-release: + name: "Prepare release" if: github.event_name == "workflow_dispatch" runs-on: ubuntu-latest steps: From d1060d3a196b857e3f04d978aa22bbf429d8e954 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 28 Aug 2023 17:23:33 -0700 Subject: [PATCH 1247/2573] Correct condition --- .github/workflows/prepare-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index b12012b006..537016a4c0 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -22,7 +22,7 @@ env: jobs: prepare-release: name: "Prepare release" - if: github.event_name == "workflow_dispatch" + if: github.event_name == 'workflow_dispatch' runs-on: ubuntu-latest steps: - name: Checkout From fff6a78fad2e313a659aea780d6655ea1499e45e Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 28 Aug 2023 17:27:06 -0700 Subject: [PATCH 1248/2573] Provide version information through expression --- .github/workflows/prepare-release.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 537016a4c0..48b570cd85 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -58,10 +58,10 @@ jobs: - name: Create release PR uses: peter-evans/create-pull-request@v4 with: - title: "Release $RELEASE_VERSION." - body: "This PR releases codeql-coding-standards version $RELEASE_VERSION." - commit-message: "Release $RELEASE_VERSION." + title: "Release ${{ github.event.inputs.version }}." + body: "This PR releases codeql-coding-standards version ${{ github.event.inputs.version }}." + commit-message: "Update user manual for release." delete-branch: true - branch: "rc/$RELEASE_VERSION" + branch: "rc/${{ github.event.inputs.version }}" \ No newline at end of file From 354f34191e812f97e6a5668f8f6a47c3663f7f91 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 28 Aug 2023 17:31:40 -0700 Subject: [PATCH 1249/2573] Use feature branch to update user manual --- .github/workflows/prepare-release.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 48b570cd85..c54a2ceec6 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -47,6 +47,11 @@ jobs: git switch -c rc/$RELEASE_VERSION git push --set-upstream origin rc/$RELEASE_VERSION + - name: Create feature branch for PR + run: | + git switch -c feature/update-user-manual-for-$RELEASE_VERSION + git push --set-upstream origin feature/update-user-manual-for-$RELEASE_VERSION + - name: Update user manual version run: | find docs -name 'user_manual.md' | xargs sed -i "s/code-scanning-cpp-query-pack-.*\.zip\`/code-scanning-cpp-query-pack-$RELEASE_VERSION.zip\`/" From 3bbd6eb7615e41844fbb4ac5e817d2c6b4e235de Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 28 Aug 2023 17:34:06 -0700 Subject: [PATCH 1250/2573] Add version to commit message --- .github/workflows/prepare-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index c54a2ceec6..43dbff559a 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -65,7 +65,7 @@ jobs: with: title: "Release ${{ github.event.inputs.version }}." body: "This PR releases codeql-coding-standards version ${{ github.event.inputs.version }}." - commit-message: "Update user manual for release." + commit-message: "Update user manual for release ${{ github.event.inputs.version }}." delete-branch: true branch: "rc/${{ github.event.inputs.version }}" From 8167baebea87ee44611255e4319450f154dd4b9d Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 30 Aug 2023 17:29:45 -0700 Subject: [PATCH 1251/2573] Split coding standard validation into multiple workflows This work simplifies the main workflow and applies optimizations such a matrix strategies to the workflows implementing the various validations. --- .../workflows/validate-coding-standards.yml | 184 ++---------------- .github/workflows/validate-package-files.yml | 64 ++++++ .../workflows/validate-query-formatting.yml | 58 ++++++ .github/workflows/validate-query-help.yml | 42 ++++ .../validate-query-test-case-formatting.yml | 60 ++++++ 5 files changed, 244 insertions(+), 164 deletions(-) create mode 100644 .github/workflows/validate-package-files.yml create mode 100644 .github/workflows/validate-query-formatting.yml create mode 100644 .github/workflows/validate-query-help.yml create mode 100644 .github/workflows/validate-query-test-case-formatting.yml diff --git a/.github/workflows/validate-coding-standards.yml b/.github/workflows/validate-coding-standards.yml index aad7a435b1..bda11df979 100644 --- a/.github/workflows/validate-coding-standards.yml +++ b/.github/workflows/validate-coding-standards.yml @@ -5,181 +5,37 @@ on: push: branches: - main - - "rc/**" - next pull_request: branches: - main - - "rc/**" - next -env: - XARGS_MAX_PROCS: 4 +permissions: + contents: read + actions: write jobs: validate-package-files: name: Validate Package Files - runs-on: ubuntu-22.04 - steps: - - name: Checkout - uses: actions/checkout@v2 + uses: ./.github/workflows/validate-package-files.yml + with: + ref: ${{ github.ref }} - - name: Install Python - uses: actions/setup-python@v4 - with: - python-version: "3.9" - - - name: Install CodeQL - run: | - VERSION="v$( jq -r '.supported_environment | .[0] | .codeql_cli' supported_codeql_configs.json)" - gh extensions install github/gh-codeql - gh codeql set-version "$VERSION" - gh codeql install-stub - env: - GITHUB_TOKEN: ${{ github.token }} - - - name: Install generate_package_files.py dependencies - run: pip install -r scripts/requirements.txt - - - name: Validate Package Descriptions (CPP) - run: | - python scripts/validate-rule-package.py rule_packages/cpp/*.json - - - name: Validate Package Descriptions (C) - run: | - python scripts/validate-rule-package.py rule_packages/c/*.json - - - name: Validate Package Descriptions consistency (CPP) - run: | - python scripts/verify_rule_package_consistency.py cpp - - - name: Validate Package Descriptions consistency (C) - run: | - python scripts/verify_rule_package_consistency.py c - - - name: Validate Package Files (CPP) - run: | - find rule_packages/cpp -name \*.json -exec basename {} .json \; | xargs python scripts/generate_rules/generate_package_files.py cpp - git diff - git diff --compact-summary - git diff --quiet - - - name: Validate Package Files (C) - run: | - find rule_packages/c -name \*.json -exec basename {} .json \; | xargs python scripts/generate_rules/generate_package_files.py c - git diff - git diff --compact-summary - git diff --quiet - - validate-codeql-format: - name: "Validate CodeQL Format" - runs-on: ubuntu-22.04 - steps: - - name: Checkout - uses: actions/checkout@v2 - - - name: Install CodeQL - run: | - VERSION="v$( jq -r '.supported_environment | .[0] | .codeql_cli' supported_codeql_configs.json)" - gh extensions install github/gh-codeql - gh codeql set-version "$VERSION" - gh codeql install-stub - env: - GITHUB_TOKEN: ${{ github.token }} - - - name: Validate CodeQL Format (CPP) - run: | - find cpp -name \*.ql -or -name \*.qll -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql query format --in-place - - git diff - git diff --compact-summary - git diff --quiet - - - name: Validate CodeQL Format (C) - run: | - find c -name \*.ql -or -name \*.qll -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql query format --in-place - - git diff - git diff --compact-summary - git diff --quiet + validate-codeql-query-formatting: + name: "Validate CodeQL Query Formatting" + uses: ./.github/workflows/validate-query-formatting.yml + with: + ref: ${{ github.ref }} validate-query-help-files: name: Validate Query Help Files - runs-on: ubuntu-22.04 - steps: - - name: Checkout - uses: actions/checkout@v2 - - - name: Validate CPP Query Help Files - run: | - exit_code=0 - for help_file in `find cpp -name '*.md'` - do - if grep -F -q 'REPLACE THIS' "$help_file" > /dev/null - then - echo "Help file $help_file contains placeholders that are not replaced or removed!" - exit_code=1 - fi - done - - exit $exit_code - - - name: Validate C Query Help Files - run: | - exit_code=0 - for help_file in `find c -name '*.md'` - do - if grep -F -q 'REPLACE THIS' "$help_file" > /dev/null - then - echo "Help file $help_file contains placeholders that are not replaced or removed!" - exit_code=1 - fi - done - - exit $exit_code - - validate-cpp-test-files: - name: Validate C++ Test Files - runs-on: ubuntu-22.04 - steps: - - name: Checkout - uses: actions/checkout@v2 - - - name: Install clang-format - run: | - sudo apt-get install --yes --quiet --no-install-recommends clang-format - echo "::debug::$(clang-format -version)" - - - name: Validate C++ Test Files - run: | - if ! test -f .clang-format; then - echo "Cannot find .clang-format in '$PWD'. Exiting..." - fi - - find cpp/*/test -name \*.cpp -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" clang-format --style=file -i --verbose - git diff - git diff --compact-summary - git diff --quiet - - validate-c-test-files: - name: Validate C Test Files - runs-on: ubuntu-22.04 - steps: - - name: Checkout - uses: actions/checkout@v2 - - - name: Install clang-format - run: | - sudo apt-get install --yes --quiet --no-install-recommends clang-format - echo "::debug::$(clang-format -version)" - - - name: Validate C++ Test Files - run: | - if ! test -f .clang-format; then - echo "Cannot find .clang-format in '$PWD'. Exiting..." - fi - - find c/*/test -name \*.c -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" clang-format --style=file -i --verbose - git diff - git diff --compact-summary - git diff --quiet + uses: ./.github/workflows/validate-query-help.yml + with: + ref: ${{ github.ref }} + + validate-test-case-formatting: + name: Validate Test + uses: ./.github/workflows/validate-query-test-case-formatting.yml + with: + ref: ${{ github.ref }} \ No newline at end of file diff --git a/.github/workflows/validate-package-files.yml b/.github/workflows/validate-package-files.yml new file mode 100644 index 0000000000..d698b7e2e5 --- /dev/null +++ b/.github/workflows/validate-package-files.yml @@ -0,0 +1,64 @@ +name: Validate Package Files +on: + workflow_call: + inputs: + ref: + description: 'The ref to validate. Defaults to the default branch.' + required: true + type: string + workflow_dispatch: + inputs: + ref: + description: 'The ref to validate. Defaults to the default branch.' + required: true + type: string + +jobs: + validate-package-files: + strategy: + matrix: + language: [cpp, c] + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v3 + with: + ref: ${{ inputs.ref }} + + - name: Install Python + uses: actions/setup-python@v4 + with: + python-version: "3.9" + + - name: Install CodeQL + run: | + VERSION="v$( jq -r '.supported_environment | .[0] | .codeql_cli' supported_codeql_configs.json)" + gh extensions install github/gh-codeql + gh codeql set-version "$VERSION" + gh codeql install-stub + env: + GITHUB_TOKEN: ${{ github.token }} + + - name: Install generate_package_files.py dependencies + run: pip install -r scripts/requirements.txt + + - name: Validate Package Descriptions + env: + LANGUAGE: ${{ matrix.language }} + run: | + python scripts/validate-rule-package.py rule_packages/$LANGUAGE/*.json + + - name: Validate Package Descriptions consistency + env: + LANGUAGE: ${{ matrix.language }} + run: | + python scripts/verify_rule_package_consistency.py $LANGUAGE + + - name: Validate Current versus Expected Package Files + env: + LANGUAGE: ${{ matrix.language }} + run: | + find rule_packages/$LANGUAGE -name \*.json -exec basename {} .json \; | xargs python scripts/generate_rules/generate_package_files.py $LANGUAGE + git diff + git diff --compact-summary + git diff --quiet \ No newline at end of file diff --git a/.github/workflows/validate-query-formatting.yml b/.github/workflows/validate-query-formatting.yml new file mode 100644 index 0000000000..fc574c65b4 --- /dev/null +++ b/.github/workflows/validate-query-formatting.yml @@ -0,0 +1,58 @@ +name: "Validate Query Formatting" +on: + workflow_call: + inputs: + ref: + description: 'The ref to validate. Defaults to the default branch.' + required: true + type: string + xargs-max-procs: + description: 'The maximum number of processes to use for xargs.' + required: false + type: number + default: 4 + workflow_dispatch: + inputs: + ref: + description: 'The ref to validate. Defaults to the default branch.' + required: true + type: string + xargs-max-procs: + description: 'The maximum number of processes to use for xargs.' + required: false + type: number + default: 4 + +env: + XARGS_MAX_PROCS: ${{ inputs.xargs-max-procs }} + +jobs: + validate-query-formatting: + strategy: + matrix: + language: [cpp, c] + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v3 + with: + ref: ${{ inputs.ref }} + + - name: Install CodeQL + run: | + VERSION="v$( jq -r '.supported_environment | .[0] | .codeql_cli' supported_codeql_configs.json)" + gh extensions install github/gh-codeql + gh codeql set-version "$VERSION" + gh codeql install-stub + env: + GITHUB_TOKEN: ${{ github.token }} + + - name: Validate query format + env: + LANGUAGE: ${{ matrix.language }} + run: | + find $LANGUAGE -name \*.ql -or -name \*.qll -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql query format --in-place + + git diff + git diff --compact-summary + git diff --quiet \ No newline at end of file diff --git a/.github/workflows/validate-query-help.yml b/.github/workflows/validate-query-help.yml new file mode 100644 index 0000000000..e22e959d33 --- /dev/null +++ b/.github/workflows/validate-query-help.yml @@ -0,0 +1,42 @@ +name: Validate Query Help Files +on: + workflow_call: + inputs: + ref: + description: 'The ref to validate. Defaults to the default branch.' + required: true + type: string + workflow_dispatch: + inputs: + ref: + description: 'The ref to validate. Defaults to the default branch.' + required: true + type: string + +jobs: + validate-query-help-files: + strategy: + matrix: + language: [cpp, c] + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v3 + with: + ref: ${{ inputs.ref }} + + - name: Validate Query Help Files + env: + LANGUAGE: ${{ matrix.language }} + run: | + exit_code=0 + for help_file in `find $LANGUAGE -name '*.md'` + do + if grep -F -q 'REPLACE THIS' "$help_file" > /dev/null + then + echo "Help file $help_file contains placeholders that are not replaced or removed!" + exit_code=1 + fi + done + + exit $exit_code \ No newline at end of file diff --git a/.github/workflows/validate-query-test-case-formatting.yml b/.github/workflows/validate-query-test-case-formatting.yml new file mode 100644 index 0000000000..3fa974e4d9 --- /dev/null +++ b/.github/workflows/validate-query-test-case-formatting.yml @@ -0,0 +1,60 @@ +name: Validate Query Test Case Formatting +on: + workflow_call: + inputs: + ref: + description: 'The ref to validate. Defaults to the default branch.' + required: true + type: string + xargs-max-procs: + description: 'The maximum number of processes to use for xargs.' + required: false + type: number + default: 4 + workflow_dispatch: + inputs: + ref: + description: 'The ref to validate. Defaults to the default branch.' + required: true + type: string + xargs-max-procs: + description: 'The maximum number of processes to use for xargs.' + required: false + type: number + default: 4 + +env: + XARGS_MAX_PROCS: ${{ inputs.xargs-max-procs }} + +jobs: + validate-test-case-files: + runs-on: ubuntu-latest + strategy: + matrix: + language: [cpp, c] + fail-fast: false + steps: + - name: Checkout + uses: actions/checkout@v3 + with: + ref: ${{ inputs.ref }} + + - name: Install clang-format + run: | + sudo apt-get install --yes --quiet --no-install-recommends clang-format + + - name: Validating Current versus Expected Test Case Formatting + env: + LANGUAGE: ${{ matrix.language }} + # IMPORTANT: This step current relies on the fact that a file extension is the same as the language name for simplicity. + run: | + if ! test -f .clang-format; then + echo "Cannot find .clang-format in '$PWD'. Exiting..." + fi + + find $LANGUAGE/*/test -name \*.$LANGUAGE -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" clang-format --style=file -i --verbose + git diff + git diff --compact-summary + git diff --quiet + + \ No newline at end of file From 371a80aa7a937811e75974ebf460a16ed4a36a01 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 31 Aug 2023 10:39:57 -0700 Subject: [PATCH 1252/2573] Remove push trigger --- .github/workflows/validate-coding-standards.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.github/workflows/validate-coding-standards.yml b/.github/workflows/validate-coding-standards.yml index bda11df979..c8e66f0625 100644 --- a/.github/workflows/validate-coding-standards.yml +++ b/.github/workflows/validate-coding-standards.yml @@ -2,10 +2,6 @@ name: Validating Coding Standards on: merge_group: - push: - branches: - - main - - next pull_request: branches: - main From 986535a429202ee5ae8e0091b5f246f25d2628f3 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 1 Sep 2023 13:50:20 -0700 Subject: [PATCH 1253/2573] Update prepare release to include release validation The validation validates the coding standards and invokes a performance test. --- .github/workflows/prepare-release.yml | 31 ++++++---- .github/workflows/validate-release.yml | 78 ++++++++++++++++++++++++++ 2 files changed, 99 insertions(+), 10 deletions(-) create mode 100644 .github/workflows/validate-release.yml diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 43dbff559a..26ecaa0fc6 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -16,8 +16,13 @@ on: branches: - rvermeulen/release-process-improvements +permissions: + contents: write + pull-requests: write + actions: write + env: - RELEASE_VERSION: ${{ github.event.inputs.version }} + RELEASE_VERSION: ${{ inputs.version }} jobs: prepare-release: @@ -26,9 +31,9 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v2 - #with: - #ref: ${{ github.event.inputs.ref }} + uses: actions/checkout@v3 + with: + ref: ${{ inputs.ref }} - name: Install Python uses: actions/setup-python@v2 @@ -61,12 +66,18 @@ jobs: find docs -name 'user_manual.md' | xargs sed -i "s/This user manual documents release \`.*\` of/This user manual documents release \`$RELEASE_VERSION\` of/" - name: Create release PR - uses: peter-evans/create-pull-request@v4 + uses: peter-evans/create-pull-request@v5 with: - title: "Release ${{ github.event.inputs.version }}." - body: "This PR releases codeql-coding-standards version ${{ github.event.inputs.version }}." - commit-message: "Update user manual for release ${{ github.event.inputs.version }}." + title: "Release ${{ inputs.version }}." + body: "This PR releases codeql-coding-standards version ${{ inputs.version }}." + commit-message: "Update user manual for release ${{ inputs.version }}." delete-branch: true - branch: "rc/${{ github.event.inputs.version }}" + branch: "rc/${{ inputs.version }}" - \ No newline at end of file + # Invoke release validation because our PRs created with a GitHub token do not trigger a `pull_request` event. + validate-release: + name: "Validate coding standards release" + needs: prepare-release + uses: .github/workflows/validate-release.yml + with: + version: ${{ inputs.version }} \ No newline at end of file diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml new file mode 100644 index 0000000000..b9e68d1760 --- /dev/null +++ b/.github/workflows/validate-release.yml @@ -0,0 +1,78 @@ +name: Validate release + +on: + workflow_call: + inputs: + version: + description: | + The version to release (MUST follow semantic versioning). + required: true + type: string + push: + branches: + - rvermeulen/release-process-improvements # The following push event trigger is only used for testing purposes. Should be removed before merging! + pull_request: + branches: + - "rc/*" + +permissions: + contents: read + actions: write + +env: + GITHUB_TOKEN: ${{ github.token }} + +jobs: + + determine-release-version: + runs-on: ubuntu-latest + outputs: + release-version: ${{ steps.set-release-version.outputs.release-version }} + env: + RELEASE_FROM_INPUT: ${{ inputs.version }} + RELEASE_FROM_BRANCH: ${{ github.base_ref }} + EVENT_NAME: ${{ github.event_name }} + steps: + - id: set-release-version + run: | + if [[ "$EVENT_NAME" == "workflow_dispatch "]]; then + echo "release-version=$RELEASE_FROM_INPUT" >> "$GITHUB_OUTPUT" + else + if [[ "$EVENT_NAME" == "pull_request" ]]; then + release_version=${RELEASE_FROM_BRANCH#"rc/"} + echo "release-version=$release_version" >> "$GITHUB_OUTPUT" + else + echo "Unexpected event name $EVENT_NAME!" + exit 1 + fi + fi + + validate-coding-standards: + needs: determine-release-version + name: "Validate coding standards" + uses: ./.github/workflows/validate-package-files.yml + with: + version: ${{ needs.determine-release-version.outputs.release-version }} + + validate-release-performance: + needs: determine-release-version + runs-on: ubuntu-latest + steps: + - name: Create check run + run: | + check_run_id=$(gh api \ + --header "Accept: application/vnd.github+json" \ + --header "X-GitHub-Api-Version: 2022-11-28" \ + --field name="performance-test" \ + --head-sha="$GITHUB_SHA" \ + --jq ".id" \ + https://api.github.com/repos/{owner}/{repo}/check-runs) + + echo "check-run-id=$check_run_id" >> "$GITHUB_ENV" + - name: Invoke performance test + env: + CHECK_RUN_ID: ${{ env.check-run-id }} + RELEASE_VERSION: ${{ needs.determine-release-version.outputs.release-version }} + GITHUB_TOKEN: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} + run: | + echo "{\"version\": \"$RELEASE_VERSION\", \"check-run-id\": \"$CHECK_RUN_ID\"}" | gh workflow run release-performance-testing.yml --json -R github/codeql-coding-standards-release-engineering --ref rvermeulen/release-process \ No newline at end of file From d9669e6d836632f54f56c2fd058acb8f7c8663e8 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 1 Sep 2023 13:59:45 -0700 Subject: [PATCH 1254/2573] Address incorrect workflow call --- .github/workflows/prepare-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 26ecaa0fc6..785a9c0e48 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -78,6 +78,6 @@ jobs: validate-release: name: "Validate coding standards release" needs: prepare-release - uses: .github/workflows/validate-release.yml + uses: ./.github/workflows/validate-release.yml with: version: ${{ inputs.version }} \ No newline at end of file From 435337d3a3b6d38ebe7a2d261503ada6be81bacb Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 1 Sep 2023 14:16:52 -0700 Subject: [PATCH 1255/2573] Address incorrect workflow call --- .github/workflows/validate-coding-standards.yml | 1 + .github/workflows/validate-release.yml | 5 +---- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/.github/workflows/validate-coding-standards.yml b/.github/workflows/validate-coding-standards.yml index c8e66f0625..035468e4f6 100644 --- a/.github/workflows/validate-coding-standards.yml +++ b/.github/workflows/validate-coding-standards.yml @@ -6,6 +6,7 @@ on: branches: - main - next + workflow_call: permissions: contents: read diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index b9e68d1760..c5dad0eea8 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -48,11 +48,8 @@ jobs: fi validate-coding-standards: - needs: determine-release-version name: "Validate coding standards" - uses: ./.github/workflows/validate-package-files.yml - with: - version: ${{ needs.determine-release-version.outputs.release-version }} + uses: ./.github/workflows/validate-coding-standards.yml validate-release-performance: needs: determine-release-version From b04d46374789f613c110b9b8d60bdecfc357a671 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 1 Sep 2023 14:21:17 -0700 Subject: [PATCH 1256/2573] Address syntax error --- .github/workflows/validate-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index c5dad0eea8..0906bc7105 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -35,7 +35,7 @@ jobs: steps: - id: set-release-version run: | - if [[ "$EVENT_NAME" == "workflow_dispatch "]]; then + if [[ "$EVENT_NAME" == "workflow_dispatch" ]]; then echo "release-version=$RELEASE_FROM_INPUT" >> "$GITHUB_OUTPUT" else if [[ "$EVENT_NAME" == "pull_request" ]]; then From 1160fe00cf6587bc84a64534db65046ee26dcbd1 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 1 Sep 2023 14:24:30 -0700 Subject: [PATCH 1257/2573] Upgrade actions/setup-python dep --- .github/workflows/prepare-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 785a9c0e48..cb31ffd21f 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -36,7 +36,7 @@ jobs: ref: ${{ inputs.ref }} - name: Install Python - uses: actions/setup-python@v2 + uses: actions/setup-python@v4 with: python-version: "3.9" From 3b960b84b075bc82d8cbede9e7962f6448c5d7ee Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 1 Sep 2023 14:27:05 -0700 Subject: [PATCH 1258/2573] Address incorrect check run create call --- .github/workflows/validate-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 0906bc7105..fb2cf36488 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -61,7 +61,7 @@ jobs: --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ --field name="performance-test" \ - --head-sha="$GITHUB_SHA" \ + --field head_sha="$GITHUB_SHA" \ --jq ".id" \ https://api.github.com/repos/{owner}/{repo}/check-runs) From 7af385c3fa851d821fabdeddac9d7c951767e567 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 1 Sep 2023 14:31:16 -0700 Subject: [PATCH 1259/2573] Address placeholder issue in check run call --- .github/workflows/validate-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index fb2cf36488..f173f4385c 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -63,7 +63,7 @@ jobs: --field name="performance-test" \ --field head_sha="$GITHUB_SHA" \ --jq ".id" \ - https://api.github.com/repos/{owner}/{repo}/check-runs) + https://api.github.com/repos/github/codeql-coding-standards/check-runs) echo "check-run-id=$check_run_id" >> "$GITHUB_ENV" - name: Invoke performance test From a315393c95198f05b096188237f72fb73e3bbad6 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 1 Sep 2023 14:35:59 -0700 Subject: [PATCH 1260/2573] Add missing premission for statuses --- .github/workflows/prepare-release.yml | 1 + .github/workflows/validate-release.yml | 1 + 2 files changed, 2 insertions(+) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index cb31ffd21f..9a5bc78c7a 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -20,6 +20,7 @@ permissions: contents: write pull-requests: write actions: write + statuses: write env: RELEASE_VERSION: ${{ inputs.version }} diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index f173f4385c..87e57a0787 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -18,6 +18,7 @@ on: permissions: contents: read actions: write + statuses: write env: GITHUB_TOKEN: ${{ github.token }} From 73f8c31dcd1cc3d02ce05b1c45445d7a85dd8f5f Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 1 Sep 2023 14:45:31 -0700 Subject: [PATCH 1261/2573] Use current github repo to perform check run call --- .github/workflows/validate-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 87e57a0787..72ca129fdb 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -64,7 +64,7 @@ jobs: --field name="performance-test" \ --field head_sha="$GITHUB_SHA" \ --jq ".id" \ - https://api.github.com/repos/github/codeql-coding-standards/check-runs) + https://api.github.com/repos/$GITHUB_REPOSITORY/check-runs) echo "check-run-id=$check_run_id" >> "$GITHUB_ENV" - name: Invoke performance test From ba0ffd658ec7c74d2e907218e03f51250a5d5bbb Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 1 Sep 2023 14:53:24 -0700 Subject: [PATCH 1262/2573] Use PAT to create check runs --- .github/workflows/prepare-release.yml | 1 - .github/workflows/validate-release.yml | 6 +++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 9a5bc78c7a..cb31ffd21f 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -20,7 +20,6 @@ permissions: contents: write pull-requests: write actions: write - statuses: write env: RELEASE_VERSION: ${{ inputs.version }} diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 72ca129fdb..44405ca813 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -18,7 +18,6 @@ on: permissions: contents: read actions: write - statuses: write env: GITHUB_TOKEN: ${{ github.token }} @@ -55,9 +54,14 @@ jobs: validate-release-performance: needs: determine-release-version runs-on: ubuntu-latest + env: + GITHUB_TOKEN: ${{ secrets.CHECK_RUNS_TOKEN }} steps: - name: Create check run run: | + # For debugging purposes + echo https://api.github.com/repos/$GITHUB_REPOSITORY/check-runs + check_run_id=$(gh api \ --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ From 325b297f1d52f2041727d6da1d25f1d3f76bef19 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 1 Sep 2023 15:37:07 -0700 Subject: [PATCH 1263/2573] Use correct gh cli token env var --- .github/workflows/validate-release.yml | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 44405ca813..ba9df943c8 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -19,9 +19,6 @@ permissions: contents: read actions: write -env: - GITHUB_TOKEN: ${{ github.token }} - jobs: determine-release-version: @@ -54,10 +51,10 @@ jobs: validate-release-performance: needs: determine-release-version runs-on: ubuntu-latest - env: - GITHUB_TOKEN: ${{ secrets.CHECK_RUNS_TOKEN }} steps: - name: Create check run + env: + GH_TOKEN: ${{ secrets.CHECK_RUNS_TOKEN }} run: | # For debugging purposes echo https://api.github.com/repos/$GITHUB_REPOSITORY/check-runs @@ -75,6 +72,6 @@ jobs: env: CHECK_RUN_ID: ${{ env.check-run-id }} RELEASE_VERSION: ${{ needs.determine-release-version.outputs.release-version }} - GITHUB_TOKEN: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} + GH_TOKEN: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} run: | echo "{\"version\": \"$RELEASE_VERSION\", \"check-run-id\": \"$CHECK_RUN_ID\"}" | gh workflow run release-performance-testing.yml --json -R github/codeql-coding-standards-release-engineering --ref rvermeulen/release-process \ No newline at end of file From 24ee05bc23a016e48c997c516e8d121a946f8955 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 1 Sep 2023 15:46:39 -0700 Subject: [PATCH 1264/2573] Dump environment for debugging --- .github/workflows/validate-release.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index ba9df943c8..2868f7146a 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -58,6 +58,7 @@ jobs: run: | # For debugging purposes echo https://api.github.com/repos/$GITHUB_REPOSITORY/check-runs + env check_run_id=$(gh api \ --header "Accept: application/vnd.github+json" \ From 4b11eb8906cfb4c94dc4e28011f8a6ea950a2539 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 1 Sep 2023 15:57:03 -0700 Subject: [PATCH 1265/2573] Pass required secrets to reused workflow --- .github/workflows/prepare-release.yml | 5 ++++- .github/workflows/validate-release.yml | 10 ++++++++-- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index cb31ffd21f..656d754521 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -80,4 +80,7 @@ jobs: needs: prepare-release uses: ./.github/workflows/validate-release.yml with: - version: ${{ inputs.version }} \ No newline at end of file + version: ${{ inputs.version }} + secrets: + check-runs-token: ${{ secrets.CHECK_RUNS_TOKEN }} + release-engineering-token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 2868f7146a..97e59a1fb5 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -8,6 +8,12 @@ on: The version to release (MUST follow semantic versioning). required: true type: string + secrets: + check-runs-token: + required: true + release-engineering-token: + required: true + push: branches: - rvermeulen/release-process-improvements # The following push event trigger is only used for testing purposes. Should be removed before merging! @@ -54,7 +60,7 @@ jobs: steps: - name: Create check run env: - GH_TOKEN: ${{ secrets.CHECK_RUNS_TOKEN }} + GH_TOKEN: ${{ secrets.check-runs-token }} run: | # For debugging purposes echo https://api.github.com/repos/$GITHUB_REPOSITORY/check-runs @@ -73,6 +79,6 @@ jobs: env: CHECK_RUN_ID: ${{ env.check-run-id }} RELEASE_VERSION: ${{ needs.determine-release-version.outputs.release-version }} - GH_TOKEN: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} + GH_TOKEN: ${{ secrets.release-engineering-token }} run: | echo "{\"version\": \"$RELEASE_VERSION\", \"check-run-id\": \"$CHECK_RUN_ID\"}" | gh workflow run release-performance-testing.yml --json -R github/codeql-coding-standards-release-engineering --ref rvermeulen/release-process \ No newline at end of file From b6389c4af69788b4d25c0999d37341dd2955c21d Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 1 Sep 2023 16:13:24 -0700 Subject: [PATCH 1266/2573] Test with checks permission --- .github/workflows/prepare-release.yml | 2 +- .github/workflows/validate-release.yml | 5 ++--- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 656d754521..52203ef8ab 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -20,6 +20,7 @@ permissions: contents: write pull-requests: write actions: write + checks: write env: RELEASE_VERSION: ${{ inputs.version }} @@ -82,5 +83,4 @@ jobs: with: version: ${{ inputs.version }} secrets: - check-runs-token: ${{ secrets.CHECK_RUNS_TOKEN }} release-engineering-token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 97e59a1fb5..beb3c77516 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -9,8 +9,6 @@ on: required: true type: string secrets: - check-runs-token: - required: true release-engineering-token: required: true @@ -24,6 +22,7 @@ on: permissions: contents: read actions: write + checks: write jobs: @@ -60,7 +59,7 @@ jobs: steps: - name: Create check run env: - GH_TOKEN: ${{ secrets.check-runs-token }} + GH_TOKEN: ${{ github.token }} run: | # For debugging purposes echo https://api.github.com/repos/$GITHUB_REPOSITORY/check-runs From f47ec0882a5ea2dfa6d2c8a1fe3849ae16c02b42 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 1 Sep 2023 17:01:51 -0700 Subject: [PATCH 1267/2573] Address incorrect release performance parameter --- .github/workflows/prepare-release.yml | 2 +- .github/workflows/validate-release.yml | 59 +++++++++++++++++--------- 2 files changed, 40 insertions(+), 21 deletions(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 52203ef8ab..346161982e 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -81,6 +81,6 @@ jobs: needs: prepare-release uses: ./.github/workflows/validate-release.yml with: - version: ${{ inputs.version }} + ref: ${{ inputs.ref }} secrets: release-engineering-token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index beb3c77516..a60aee36e7 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -3,18 +3,15 @@ name: Validate release on: workflow_call: inputs: - version: + ref: description: | - The version to release (MUST follow semantic versioning). + The ref that is released required: true type: string secrets: release-engineering-token: required: true - push: - branches: - - rvermeulen/release-process-improvements # The following push event trigger is only used for testing purposes. Should be removed before merging! pull_request: branches: - "rc/*" @@ -26,23 +23,22 @@ permissions: jobs: - determine-release-version: + determine-ref: runs-on: ubuntu-latest outputs: - release-version: ${{ steps.set-release-version.outputs.release-version }} + release-ref: ${{ steps.set-ref.outputs.release-ref }} env: - RELEASE_FROM_INPUT: ${{ inputs.version }} - RELEASE_FROM_BRANCH: ${{ github.base_ref }} + REF_FROM_INPUT: ${{ inputs.ref }} + REF_FROM_PR: ${{ github.base_ref }} EVENT_NAME: ${{ github.event_name }} steps: - - id: set-release-version + - id: set-ref run: | if [[ "$EVENT_NAME" == "workflow_dispatch" ]]; then - echo "release-version=$RELEASE_FROM_INPUT" >> "$GITHUB_OUTPUT" + echo "release-ref=$REF_FROM_INPUT" >> "$GITHUB_OUTPUT" else if [[ "$EVENT_NAME" == "pull_request" ]]; then - release_version=${RELEASE_FROM_BRANCH#"rc/"} - echo "release-version=$release_version" >> "$GITHUB_OUTPUT" + echo "release-ref=$REF_FROM_PR" >> "$GITHUB_OUTPUT" else echo "Unexpected event name $EVENT_NAME!" exit 1 @@ -53,11 +49,13 @@ jobs: name: "Validate coding standards" uses: ./.github/workflows/validate-coding-standards.yml - validate-release-performance: - needs: determine-release-version + init-release-performance: + outputs: + check-run-id: ${{ steps.create-check-run.outputs.check-run-id }}} runs-on: ubuntu-latest steps: - name: Create check run + id: create-check-run env: GH_TOKEN: ${{ github.token }} run: | @@ -71,13 +69,34 @@ jobs: --field name="performance-test" \ --field head_sha="$GITHUB_SHA" \ --jq ".id" \ - https://api.github.com/repos/$GITHUB_REPOSITORY/check-runs) + /repos/$GITHUB_REPOSITORY/check-runs) - echo "check-run-id=$check_run_id" >> "$GITHUB_ENV" + echo "check-run-id=$check_run_id" >> "$GITHUB_OUTPUT" + + validate-release-performance: + needs: [init-release-performance, determine-ref] + runs-on: ubuntu-latest + steps: - name: Invoke performance test env: - CHECK_RUN_ID: ${{ env.check-run-id }} - RELEASE_VERSION: ${{ needs.determine-release-version.outputs.release-version }} + RELEASE_REF: ${{ needs.determine-ref.outputs.release-ref }} + CHECK_RUN_ID: ${{ needs.init-release-performance.outputs.check-run-id }} GH_TOKEN: ${{ secrets.release-engineering-token }} run: | - echo "{\"version\": \"$RELEASE_VERSION\", \"check-run-id\": \"$CHECK_RUN_ID\"}" | gh workflow run release-performance-testing.yml --json -R github/codeql-coding-standards-release-engineering --ref rvermeulen/release-process \ No newline at end of file + echo "{\"ref\": \"$RELEASE_REF\", \"check-run-id\": \"$CHECK_RUN_ID\"}" | gh workflow run release-performance-testing.yml --json -R github/codeql-coding-standards-release-engineering --ref rvermeulen/release-process + + on-failure-validate-release-performance: + needs: [init-release-performance, validate-release-performance] + if: failure() + runs-on: ubuntu-latest + steps: + - name: Fail check run status + env: + CHECK_RUN_ID: ${{ needs.init-release-performance.outputs.check-run-id }} + run: | + echo "{\"status\": \"completed\", \"conclusion\": \"failed\"}" | gh api \ + --method PATCH \ + --header "Accept: application/vnd.github+json" \ + --header "X-GitHub-Api-Version: 2022-11-28" \ + --json \ + /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID \ No newline at end of file From 51bfc479e0fd7fa8857a42658402e6a1ec909c84 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 1 Sep 2023 17:20:46 -0700 Subject: [PATCH 1268/2573] Address incorrect gh cli usage --- .github/workflows/validate-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index a60aee36e7..691d48abd9 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -98,5 +98,5 @@ jobs: --method PATCH \ --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ - --json \ + --input - \ /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID \ No newline at end of file From ab31e64295b9cea8c06d1a50691af21b01ceb95e Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 5 Sep 2023 10:23:30 -0700 Subject: [PATCH 1269/2573] Add workflow to update check runs --- .github/workflows/update-check-run.yml | 53 ++++++++++++++++++++++++++ 1 file changed, 53 insertions(+) create mode 100644 .github/workflows/update-check-run.yml diff --git a/.github/workflows/update-check-run.yml b/.github/workflows/update-check-run.yml new file mode 100644 index 0000000000..2c14ec25ce --- /dev/null +++ b/.github/workflows/update-check-run.yml @@ -0,0 +1,53 @@ +name: Update check run + +on: + workflow_dispatch: + id: + description: | + The ID of the check run to update. + type: number + required: true + status: + description: | + The new status of the check run. + type: string + required: true + conclusion: + description: | + The conclusion of the check run when the status is 'completed'. + type: string + details_url: + description: | + The URL of the check run's details page. + type: string + push: + branches: + - "rvermeulen/release-process-improvements" + +permissions: + checks: write + +jobs: + update-check-run: + runs-on: ubuntu-latest + steps: + - name: Update check run + env: + CHECK_RUN_ID: ${{ inputs.id }} + CHECK_RUN_STATUS: ${{ inputs.status }} + CHECK_RUN_CONCLUSION: ${{ inputs.conclusion }} + CHECK_RUN_DETAILS_URL: ${{ inputs.details_url }} + GITHUB_TOKEN: ${{ github.token }} + run: | + CHECK_RUNS_UPDATE=$(jq -n \ + --arg status "$CHECK_RUN_STATUS" \ + --arg conclusion "$CHECK_RUN_CONCLUSION" \ + --arg details_url "$CHECK_RUN_DETAILS_URL" \ + '{status: $status, conclusion: $conclusion, details_url: $details_url} | to_entries | map(select(.value != "")) | from_entries)' + ) + echo "$CHECK_RUNS_UPDATE" | gh api \ + --method PATCH \ + --header "Accept: application/vnd.github+json" \ + --header "X-GitHub-Api-Version: 2022-11-28" \ + --input - \ + /repos/rvermeulen/codeql-coding-standards/check-runs/$CHECK_RUN_ID From 4b7d75fffec36ff626b1016041e7e2a90fd9110d Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 5 Sep 2023 12:39:03 -0700 Subject: [PATCH 1270/2573] Use jq to format workflow dispatch body --- .github/workflows/validate-release.yml | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 691d48abd9..8fe6dbe0c9 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -83,7 +83,15 @@ jobs: CHECK_RUN_ID: ${{ needs.init-release-performance.outputs.check-run-id }} GH_TOKEN: ${{ secrets.release-engineering-token }} run: | - echo "{\"ref\": \"$RELEASE_REF\", \"check-run-id\": \"$CHECK_RUN_ID\"}" | gh workflow run release-performance-testing.yml --json -R github/codeql-coding-standards-release-engineering --ref rvermeulen/release-process + jq -n \ + --arg ref "$RELEASE_REF" \ + --arg check_run_id "$CHECK_RUN_ID" \ + '{ref: $ref, check-run-id: $check_run_id}' \ + | \ + gh workflow run release-performance-testing.yml \ + --json \ + -R github/codeql-coding-standards-release-engineering \ + --ref rvermeulen/release-process on-failure-validate-release-performance: needs: [init-release-performance, validate-release-performance] From 62487911851d38329250f667fb6b269936765ae6 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 5 Sep 2023 12:39:28 -0700 Subject: [PATCH 1271/2573] Add workflow to update check run status We can't install a GitHub App to provided access to the check runs in other repositories. Therefore we use this workflow instead that can be dispatched. --- .github/workflows/update-release-status.yml | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 .github/workflows/update-release-status.yml diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml new file mode 100644 index 0000000000..0ac84a1f2c --- /dev/null +++ b/.github/workflows/update-release-status.yml @@ -0,0 +1,14 @@ +name: "Update release status" +on: + issue_comment: + types: [created] + branches: + - "rc/**" + +permissions: + contents: read + issues: write + +jobs: + update-validation-status: + name: "Update validation status" \ No newline at end of file From 84aeab6e8d3ba7c71e5daf16a330d904e54d29db Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 5 Sep 2023 12:59:59 -0700 Subject: [PATCH 1272/2573] Properly quote key --- .github/workflows/validate-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 8fe6dbe0c9..7a237ded45 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -86,7 +86,7 @@ jobs: jq -n \ --arg ref "$RELEASE_REF" \ --arg check_run_id "$CHECK_RUN_ID" \ - '{ref: $ref, check-run-id: $check_run_id}' \ + '{ref: $ref, "check-run-id": $check_run_id}' \ | \ gh workflow run release-performance-testing.yml \ --json \ From dcbc84f2a234d0f6b8c965dd8eb2a5ade73fddc6 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 5 Sep 2023 13:00:24 -0700 Subject: [PATCH 1273/2573] Use jq to construct JSON body --- .github/workflows/validate-release.yml | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 7a237ded45..a217ff4c87 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -101,8 +101,14 @@ jobs: - name: Fail check run status env: CHECK_RUN_ID: ${{ needs.init-release-performance.outputs.check-run-id }} + GITHUB_TOKEN: ${{ github.token }} run: | - echo "{\"status\": \"completed\", \"conclusion\": \"failed\"}" | gh api \ + jq -n \ + --arg status "completed" \ + --arg conclusion "failed" \ + '{status: $status, conclusion: $conclusion}' \ + | \ + gh api \ --method PATCH \ --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ From 3bd024b3ed9878c022457c313bd5d0e5a477b2ef Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 5 Sep 2023 13:27:49 -0700 Subject: [PATCH 1274/2573] Correctly specify inputs --- .github/workflows/update-check-run.yml | 37 +++++++++++++------------- 1 file changed, 19 insertions(+), 18 deletions(-) diff --git a/.github/workflows/update-check-run.yml b/.github/workflows/update-check-run.yml index 2c14ec25ce..f45634e2e4 100644 --- a/.github/workflows/update-check-run.yml +++ b/.github/workflows/update-check-run.yml @@ -2,24 +2,25 @@ name: Update check run on: workflow_dispatch: - id: - description: | - The ID of the check run to update. - type: number - required: true - status: - description: | - The new status of the check run. - type: string - required: true - conclusion: - description: | - The conclusion of the check run when the status is 'completed'. - type: string - details_url: - description: | - The URL of the check run's details page. - type: string + inputs: + id: + description: | + The ID of the check run to update. + type: number + required: true + status: + description: | + The new status of the check run. + type: string + required: true + conclusion: + description: | + The conclusion of the check run when the status is 'completed'. + type: string + details_url: + description: | + The URL of the check run's details page. + type: string push: branches: - "rvermeulen/release-process-improvements" From a6933ca6e2a5f080cd3f7405dd2bf6236f63ae67 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 5 Sep 2023 14:05:43 -0700 Subject: [PATCH 1275/2573] Address incorrect JSON body --- .github/workflows/update-check-run.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/update-check-run.yml b/.github/workflows/update-check-run.yml index f45634e2e4..12f3c3b5a1 100644 --- a/.github/workflows/update-check-run.yml +++ b/.github/workflows/update-check-run.yml @@ -40,13 +40,13 @@ jobs: CHECK_RUN_DETAILS_URL: ${{ inputs.details_url }} GITHUB_TOKEN: ${{ github.token }} run: | - CHECK_RUNS_UPDATE=$(jq -n \ + jq -n \ --arg status "$CHECK_RUN_STATUS" \ --arg conclusion "$CHECK_RUN_CONCLUSION" \ --arg details_url "$CHECK_RUN_DETAILS_URL" \ - '{status: $status, conclusion: $conclusion, details_url: $details_url} | to_entries | map(select(.value != "")) | from_entries)' - ) - echo "$CHECK_RUNS_UPDATE" | gh api \ + '{status: $status, conclusion: $conclusion, details_url: $details_url} | to_entries | map(select(.value != "")) | from_entries' \ + | \ + gh api \ --method PATCH \ --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ From ace3379a0daca50d51581c3fd35e10059f8183f8 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 5 Sep 2023 14:06:22 -0700 Subject: [PATCH 1276/2573] Use the ref of the just created PR to validate --- .github/workflows/prepare-release.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 346161982e..b66f66b390 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -27,6 +27,8 @@ env: jobs: prepare-release: + outputs: + pull-request-head-sha: ${{ steps.create-release-pull-request.outputs.pull-request-head-sha }} name: "Prepare release" if: github.event_name == 'workflow_dispatch' runs-on: ubuntu-latest @@ -67,6 +69,7 @@ jobs: find docs -name 'user_manual.md' | xargs sed -i "s/This user manual documents release \`.*\` of/This user manual documents release \`$RELEASE_VERSION\` of/" - name: Create release PR + id: create-release-pull-request uses: peter-evans/create-pull-request@v5 with: title: "Release ${{ inputs.version }}." @@ -81,6 +84,6 @@ jobs: needs: prepare-release uses: ./.github/workflows/validate-release.yml with: - ref: ${{ inputs.ref }} + ref: ${{ needs.prepare-release.outputs.pull-request-head-sha }} secrets: release-engineering-token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} \ No newline at end of file From d3ce01038de9f081e1f55de02cb343abd8cdfae5 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 5 Sep 2023 14:07:41 -0700 Subject: [PATCH 1277/2573] Generalize url --- .github/workflows/update-check-run.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-check-run.yml b/.github/workflows/update-check-run.yml index 12f3c3b5a1..7f564ca03f 100644 --- a/.github/workflows/update-check-run.yml +++ b/.github/workflows/update-check-run.yml @@ -51,4 +51,4 @@ jobs: --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ --input - \ - /repos/rvermeulen/codeql-coding-standards/check-runs/$CHECK_RUN_ID + /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID From 8e727aa1c8c305463b352302d26d6e83e1c046af Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 5 Sep 2023 14:09:32 -0700 Subject: [PATCH 1278/2573] Remove on push trigger --- .github/workflows/update-check-run.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.github/workflows/update-check-run.yml b/.github/workflows/update-check-run.yml index 7f564ca03f..12f1de5779 100644 --- a/.github/workflows/update-check-run.yml +++ b/.github/workflows/update-check-run.yml @@ -21,9 +21,6 @@ on: description: | The URL of the check run's details page. type: string - push: - branches: - - "rvermeulen/release-process-improvements" permissions: checks: write From 2b9c33096bf10e8f99c5f4022a2fd8a6985324a4 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 5 Sep 2023 14:18:53 -0700 Subject: [PATCH 1279/2573] Create check run on input ref --- .github/workflows/validate-release.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index a217ff4c87..b3f697333c 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -52,12 +52,14 @@ jobs: init-release-performance: outputs: check-run-id: ${{ steps.create-check-run.outputs.check-run-id }}} + needs: [determine-ref] runs-on: ubuntu-latest steps: - name: Create check run id: create-check-run env: GH_TOKEN: ${{ github.token }} + RELEASE_REF: ${{ needs.determine-ref.outputs.release-ref }} run: | # For debugging purposes echo https://api.github.com/repos/$GITHUB_REPOSITORY/check-runs @@ -67,7 +69,7 @@ jobs: --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ --field name="performance-test" \ - --field head_sha="$GITHUB_SHA" \ + --field head_sha="$RELEASE_REF" \ --jq ".id" \ /repos/$GITHUB_REPOSITORY/check-runs) From b4cc27aed3816f3cfffc25131ccbde4a061de194 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 5 Sep 2023 14:49:10 -0700 Subject: [PATCH 1280/2573] Remove push on release and any PR trigger --- .github/workflows/codeql_unit_tests.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index 053bea4985..9a5c498102 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -5,11 +5,11 @@ on: push: branches: - main - - "rc/**" - next pull_request: branches: - - "**" + - main + - next workflow_dispatch: jobs: From 9a0f0f1940bbf91311983606d5583247fa00fbf3 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 5 Sep 2023 14:50:02 -0700 Subject: [PATCH 1281/2573] Handle call and dispath input --- .github/workflows/codeql_unit_tests.yml | 38 +++++++++++++++++++++---- 1 file changed, 33 insertions(+), 5 deletions(-) diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index 9a5c498102..f15b631876 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -11,16 +11,42 @@ on: - main - next workflow_dispatch: + workflow_call: + inputs: + ref: + description: | + The ref to run the tests on. + type: string + required: true jobs: + determine-ref: + runs-on: ubuntu-latest + outputs: + release-ref: ${{ steps.set-ref.outputs.ref }} + env: + REF_FROM_INPUT: ${{ inputs.ref }} + EVENT_NAME: ${{ github.event_name }} + steps: + - id: set-ref + run: | + if [[ "$EVENT_NAME" == "workflow_dispatch" ]]; then + echo "ref=$REF_FROM_INPUT" >> "$GITHUB_OUTPUT" + else + echo "ref=$GITHUB_REF" >> "$GITHUB_OUTPUT" + fi + prepare-unit-test-matrix: name: Prepare CodeQL unit test matrix + needs: [determine-ref] runs-on: ubuntu-22.04 outputs: matrix: ${{ steps.export-unit-test-matrix.outputs.matrix }} steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@v4 + with: + ref: ${{ needs.determine-ref.outputs.ref }} - name: Export unit test matrix id: export-unit-test-matrix @@ -33,22 +59,24 @@ jobs: run-test-suites: name: Run unit tests - needs: prepare-unit-test-matrix + needs: [prepare-unit-test-matrix, determine-ref] runs-on: ${{ matrix.os }} strategy: fail-fast: false matrix: ${{ fromJSON(needs.prepare-unit-test-matrix.outputs.matrix) }} - + steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@v4 + with: + ref: ${{ needs.determine-ref.outputs.ref }} - name: Install Python uses: actions/setup-python@v4 with: python-version: "3.9" - + - name: Install Python dependencies run: pip install -r scripts/requirements.txt From 467f37e6fa7571783671472d577f06d2d838d8d0 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 5 Sep 2023 14:50:17 -0700 Subject: [PATCH 1282/2573] Upgrade used actions --- .github/workflows/codeql_unit_tests.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index f15b631876..fe5e3524af 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -82,7 +82,7 @@ jobs: - name: Cache CodeQL id: cache-codeql - uses: actions/cache@v2.1.3 + uses: actions/cache@v3 with: # A list of files, directories, and wildcard patterns to cache and restore path: ${{github.workspace}}/codeql_home @@ -129,7 +129,7 @@ jobs: def print_error(fmt, *args): print(f"::error::{fmt}", *args) - + def print_error_and_fail(fmt, *args): print_error(fmt, args) sys.exit(1) @@ -176,7 +176,7 @@ jobs: file.close() - name: Upload test results - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@v3 with: name: ${{ matrix.language }}-test-results-${{ runner.os }}-${{ matrix.codeql_cli }}-${{ matrix.codeql_standard_library_ident }} path: | @@ -189,7 +189,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Collect test results - uses: actions/download-artifact@v2 + uses: actions/download-artifact@v3 - name: Validate test results run: | From f8a6b03aa4df322a8b6466ece5d8cdf736fafcf6 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 5 Sep 2023 14:57:15 -0700 Subject: [PATCH 1283/2573] Remove dispatch trigger --- .github/workflows/codeql_unit_tests.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index fe5e3524af..b11c30cee8 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -10,7 +10,6 @@ on: branches: - main - next - workflow_dispatch: workflow_call: inputs: ref: From 643bea22c4f41a96036b9fcfcd14d92dc9bfae3e Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 5 Sep 2023 14:58:24 -0700 Subject: [PATCH 1284/2573] Validate the PR --- .../workflows/validate-coding-standards.yml | 41 +++++++++++++++++-- .github/workflows/validate-release.yml | 37 ++++++++--------- 2 files changed, 54 insertions(+), 24 deletions(-) diff --git a/.github/workflows/validate-coding-standards.yml b/.github/workflows/validate-coding-standards.yml index 035468e4f6..950c7be566 100644 --- a/.github/workflows/validate-coding-standards.yml +++ b/.github/workflows/validate-coding-standards.yml @@ -7,32 +7,65 @@ on: - main - next workflow_call: + inputs: + ref: + description: | + The ref to validate. + type: string + required: true permissions: contents: read actions: write jobs: + determine-ref: + runs-on: ubuntu-latest + outputs: + release-ref: ${{ steps.set-ref.outputs.ref }} + env: + REF_FROM_INPUT: ${{ inputs.ref }} + EVENT_NAME: ${{ github.event_name }} + steps: + - id: set-ref + run: | + if [[ "$EVENT_NAME" == "workflow_call" ]]; then + echo "ref=$REF_FROM_INPUT" >> "$GITHUB_OUTPUT" + else + echo "ref=$GITHUB_REF" >> "$GITHUB_OUTPUT" + fi + validate-package-files: name: Validate Package Files + needs: [determine-ref] uses: ./.github/workflows/validate-package-files.yml with: - ref: ${{ github.ref }} + ref: ${{ needs.determine-ref.outputs.ref }} validate-codeql-query-formatting: name: "Validate CodeQL Query Formatting" + needs: [determine-ref] uses: ./.github/workflows/validate-query-formatting.yml with: - ref: ${{ github.ref }} + ref: ${{ needs.determine-ref.outputs.ref }} validate-query-help-files: name: Validate Query Help Files + needs: [determine-ref] uses: ./.github/workflows/validate-query-help.yml with: - ref: ${{ github.ref }} + ref: ${{ needs.determine-ref.outputs.ref }} validate-test-case-formatting: name: Validate Test + needs: [determine-ref] uses: ./.github/workflows/validate-query-test-case-formatting.yml with: - ref: ${{ github.ref }} \ No newline at end of file + ref: ${{ needs.determine-ref.outputs.ref }} + + run-codeql-unit-tests: + name: Run CodeQL Unit Tests + needs: [determine-ref] + uses: ./.github/workflows/codeql_unit_tests.yml + with: + ref: ${{ needs.determine-ref.outputs.ref }} \ No newline at end of file diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index b3f697333c..7fa1c33aa9 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -24,30 +24,27 @@ permissions: jobs: determine-ref: - runs-on: ubuntu-latest - outputs: - release-ref: ${{ steps.set-ref.outputs.release-ref }} - env: - REF_FROM_INPUT: ${{ inputs.ref }} - REF_FROM_PR: ${{ github.base_ref }} - EVENT_NAME: ${{ github.event_name }} - steps: - - id: set-ref - run: | - if [[ "$EVENT_NAME" == "workflow_dispatch" ]]; then - echo "release-ref=$REF_FROM_INPUT" >> "$GITHUB_OUTPUT" - else - if [[ "$EVENT_NAME" == "pull_request" ]]; then - echo "release-ref=$REF_FROM_PR" >> "$GITHUB_OUTPUT" + runs-on: ubuntu-latest + outputs: + release-ref: ${{ steps.set-ref.outputs.ref }} + env: + REF_FROM_INPUT: ${{ inputs.ref }} + EVENT_NAME: ${{ github.event_name }} + steps: + - id: set-ref + run: | + if [[ "$EVENT_NAME" == "workflow_call" ]]; then + echo "ref=$REF_FROM_INPUT" >> "$GITHUB_OUTPUT" else - echo "Unexpected event name $EVENT_NAME!" - exit 1 + echo "ref=$GITHUB_REF" >> "$GITHUB_OUTPUT" fi - fi validate-coding-standards: name: "Validate coding standards" + needs: [determine-ref] uses: ./.github/workflows/validate-coding-standards.yml + with: + ref: ${{ needs.determine-ref.outputs.ref }} init-release-performance: outputs: @@ -59,7 +56,7 @@ jobs: id: create-check-run env: GH_TOKEN: ${{ github.token }} - RELEASE_REF: ${{ needs.determine-ref.outputs.release-ref }} + RELEASE_REF: ${{ needs.determine-ref.outputs.ref }} run: | # For debugging purposes echo https://api.github.com/repos/$GITHUB_REPOSITORY/check-runs @@ -81,7 +78,7 @@ jobs: steps: - name: Invoke performance test env: - RELEASE_REF: ${{ needs.determine-ref.outputs.release-ref }} + RELEASE_REF: ${{ needs.determine-ref.outputs.ref }} CHECK_RUN_ID: ${{ needs.init-release-performance.outputs.check-run-id }} GH_TOKEN: ${{ secrets.release-engineering-token }} run: | From 6b135901e355c5642818c322461ef255a042c39b Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 7 Sep 2023 14:15:23 -0700 Subject: [PATCH 1285/2573] Add release status check --- .github/workflows/update-release-status.yml | 82 +++++++++++++++++++-- .github/workflows/validate-release.yml | 23 +++++- 2 files changed, 96 insertions(+), 9 deletions(-) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index 0ac84a1f2c..527677d1a9 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -1,14 +1,80 @@ -name: "Update release status" +name: "Update Release Status" on: - issue_comment: - types: [created] + check_run: + types: + - completed + - rerequested branches: - - "rc/**" + - "rc/*" permissions: - contents: read - issues: write + actions: read + checks: write jobs: - update-validation-status: - name: "Update validation status" \ No newline at end of file + validate-check-runs: + runs-on: ubuntu-latest + steps: + - name: Get release status check run + id: get-check-run + if: github.event.check_run.conclusion == 'success' && github.event.check_run.name != 'Update Release Status' + env: + GITHUB_TOKEN: ${{ github.token }} + CHECK_RUN_HEAD_SHA: ${{ github.event.check_run.head_sha }} + run: | + check_run_info=$(gh api \ + --header "Accept: application/vnd.github+json" \ + --header "X-GitHub-Api-Version: 2022-11-28" \ + --jq '.check_runs[] | select(.name == "release-status") | {id: .id, status: .status, conclusion: .conclusion' \ + /repos/$GITHUB_REPOSITORY/commits/$CHECK_RUN_HEAD_SHA/check-runs) + + check_run_id=$(echo "$check_run_info" | jq -r '.id') + check_run_status=$(echo "$check_run_info" | jq -r '.status') + check_run_conclusion=$(echo "$check_run_info" | jq -r '.conclusion') + + echo "CHECK_RUN_ID=$check_run_id" >> "$GITHUB_ENV" + echo "CHECK_RUN_STATUS=$check_run_status" >> "$GITHUB_ENV" + echo "CHECK_RUN_CONCLUSION=$check_run_conclusion" >> "$GITHUB_ENV" + + - name: Reset release status + if: env.CHECK_RUN_STATUS == 'completed' && github.event.action == 'rerequested' + env: + GITHUB_TOKEN: ${{ github.token }} + run: | + CHECK_RUN_ID=$(gh api \ + --header "Accept: application/vnd.github+json" \ + --header "X-GitHub-Api-Version: 2022-11-28" \ + --field name="release-status" \ + --field head_sha="$REF" \ + --jq ".id" \ + /repos/$GITHUB_REPOSITORY/check-runs) + + echo "Created release status check run with id $CHECK_RUN_ID" + + - name: Check all runs completed + if: env.CHECK_RUN_STATUS != 'completed' + env: + GITHUB_TOKEN: ${{ github.token }} + run: | + done=$(gh api \ + --header "Accept: application/vnd.github+json" \ + --header "X-GitHub-Api-Version: 2022-11-28" \ + --jq '.check_runs | map(select(.name != "Update Release Status" and .status != "completed")) | length | if . == 0 then "true" else "false" end \ + /repos/$GITHUB_REPOSITORY/commits/$CHECK_RUN_HEAD_SHA/check-runs) + + if [[ "$done" == "true" ]]; then + echo "All check runs completed" + jq -n \ + --arg status "completed" \ + --arg conclusion "success" \ + '{status: $status, conclusion: $conclusion}' \ + | \ + gh api \ + --method PATCH \ + --header "Accept: application/vnd.github+json" \ + --header "X-GitHub-Api-Version: 2022-11-28" \ + --input - \ + /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID + else + echo "Not all check runs completed" + fi \ No newline at end of file diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 7fa1c33aa9..677b8db6b7 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -112,4 +112,25 @@ jobs: --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ --input - \ - /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID \ No newline at end of file + /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID + + init-release-status: + name: "Initialize release status monitoring" + needs: [determine-ref, validate-release-performance] + runs-on: ubuntu-latest + steps: + - name: Create release status check run + env: + REF: ${{ needs.determine-ref.outputs.ref }} + GITHUB_TOKEN: ${{ github.token }} + run: | + CHECK_RUN_ID=$(gh api \ + --header "Accept: application/vnd.github+json" \ + --header "X-GitHub-Api-Version: 2022-11-28" \ + --field name="release-status" \ + --field head_sha="$REF" \ + --field status="in_progress" \ + --jq ".id" \ + /repos/$GITHUB_REPOSITORY/check-runs) + + echo "Created release status check run with id $CHECK_RUN_ID" From 59ed68a10105f6a1d95f1358256b4abde8eec403 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 7 Sep 2023 14:21:16 -0700 Subject: [PATCH 1286/2573] Add push trigger to register workflow --- .github/workflows/update-release-status.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index 527677d1a9..e963954f0b 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -7,6 +7,10 @@ on: branches: - "rc/*" + push: + branches: + - "rvermeulen/release-process-improvements" + permissions: actions: read checks: write From e6d4e0a438f7dd55b5f7675650016526330f9729 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 7 Sep 2023 14:21:28 -0700 Subject: [PATCH 1287/2573] Remove dumping of env --- .github/workflows/validate-release.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 677b8db6b7..d1ed82f5fd 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -58,10 +58,6 @@ jobs: GH_TOKEN: ${{ github.token }} RELEASE_REF: ${{ needs.determine-ref.outputs.ref }} run: | - # For debugging purposes - echo https://api.github.com/repos/$GITHUB_REPOSITORY/check-runs - env - check_run_id=$(gh api \ --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ From 179aa10e09d663ea72f5710ba2cb1aef81882d40 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 7 Sep 2023 14:32:38 -0700 Subject: [PATCH 1288/2573] Always initialize release status monitoring --- .github/workflows/validate-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index d1ed82f5fd..a4ab12db4a 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -112,7 +112,7 @@ jobs: init-release-status: name: "Initialize release status monitoring" - needs: [determine-ref, validate-release-performance] + needs: [determine-ref] runs-on: ubuntu-latest steps: - name: Create release status check run From 7dfd22a63e38b6e6d52be1a7767b911f6e47c708 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 7 Sep 2023 14:39:49 -0700 Subject: [PATCH 1289/2573] Handle dispatch event --- .github/workflows/validate-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index a4ab12db4a..4e47ba684d 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -33,7 +33,7 @@ jobs: steps: - id: set-ref run: | - if [[ "$EVENT_NAME" == "workflow_call" ]]; then + if [[ "$EVENT_NAME" == "workflow_call" ]] || [[ "$EVENT_NAME" == "workflow_dispatch" ]]; then echo "ref=$REF_FROM_INPUT" >> "$GITHUB_OUTPUT" else echo "ref=$GITHUB_REF" >> "$GITHUB_OUTPUT" From 4edb82a30b58d69229154cc1d82a7faa4c94c750 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 7 Sep 2023 15:26:50 -0700 Subject: [PATCH 1290/2573] Replace deprecated set-output --- .github/workflows/codeql_unit_tests.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index b11c30cee8..648b2f990c 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -52,9 +52,9 @@ jobs: run: | echo "Merging Result:" python scripts/create_language_matrix.py - echo "::set-output name=matrix::$( + echo "matrix=$( python scripts/create_language_matrix.py | \ - jq --compact-output 'map([.+{os: "ubuntu-20.04-xl", codeql_standard_library_ident : .codeql_standard_library | sub("\/"; "_")}]) | flatten | {include: .}')" + jq --compact-output 'map([.+{os: "ubuntu-20.04-xl", codeql_standard_library_ident : .codeql_standard_library | sub("\/"; "_")}]) | flatten | {include: .}')" >> $GITHUB_OUTPUT run-test-suites: name: Run unit tests From 716c00584d4eb4008e5b3bd4796dafdf8cdaa649 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 7 Sep 2023 16:05:35 -0700 Subject: [PATCH 1291/2573] Update determine-ref to include workflow calls --- .github/workflows/codeql_unit_tests.yml | 2 +- .github/workflows/validate-coding-standards.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index 648b2f990c..1adaae275c 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -29,7 +29,7 @@ jobs: steps: - id: set-ref run: | - if [[ "$EVENT_NAME" == "workflow_dispatch" ]]; then + if [[ "$EVENT_NAME" == "workflow_dispatch" ]] || [[ "$EVENT_NAME" == "workflow_call" ]]; then echo "ref=$REF_FROM_INPUT" >> "$GITHUB_OUTPUT" else echo "ref=$GITHUB_REF" >> "$GITHUB_OUTPUT" diff --git a/.github/workflows/validate-coding-standards.yml b/.github/workflows/validate-coding-standards.yml index 950c7be566..41f0d8fb60 100644 --- a/.github/workflows/validate-coding-standards.yml +++ b/.github/workflows/validate-coding-standards.yml @@ -29,7 +29,7 @@ jobs: steps: - id: set-ref run: | - if [[ "$EVENT_NAME" == "workflow_call" ]]; then + if [[ "$EVENT_NAME" == "workflow_call" ]] || [[ "$EVENT_NAME" == "workflow_dispatch" ]]; then echo "ref=$REF_FROM_INPUT" >> "$GITHUB_OUTPUT" else echo "ref=$GITHUB_REF" >> "$GITHUB_OUTPUT" From b273ef12fd8478145c44bfa5cc90834e9af87b18 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 7 Sep 2023 16:07:50 -0700 Subject: [PATCH 1292/2573] Use correct output --- .github/workflows/codeql_unit_tests.yml | 2 +- .github/workflows/validate-coding-standards.yml | 2 +- .github/workflows/validate-release.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index 1adaae275c..da99906d87 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -22,7 +22,7 @@ jobs: determine-ref: runs-on: ubuntu-latest outputs: - release-ref: ${{ steps.set-ref.outputs.ref }} + ref: ${{ steps.set-ref.outputs.ref }} env: REF_FROM_INPUT: ${{ inputs.ref }} EVENT_NAME: ${{ github.event_name }} diff --git a/.github/workflows/validate-coding-standards.yml b/.github/workflows/validate-coding-standards.yml index 41f0d8fb60..1895b6828d 100644 --- a/.github/workflows/validate-coding-standards.yml +++ b/.github/workflows/validate-coding-standards.yml @@ -22,7 +22,7 @@ jobs: determine-ref: runs-on: ubuntu-latest outputs: - release-ref: ${{ steps.set-ref.outputs.ref }} + ref: ${{ steps.set-ref.outputs.ref }} env: REF_FROM_INPUT: ${{ inputs.ref }} EVENT_NAME: ${{ github.event_name }} diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 4e47ba684d..56a6d73e48 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -26,7 +26,7 @@ jobs: determine-ref: runs-on: ubuntu-latest outputs: - release-ref: ${{ steps.set-ref.outputs.ref }} + ref: ${{ steps.set-ref.outputs.ref }} env: REF_FROM_INPUT: ${{ inputs.ref }} EVENT_NAME: ${{ github.event_name }} From 0acdc8ed67edb4d67d4890b9392d3f97e24f2713 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 7 Sep 2023 16:10:35 -0700 Subject: [PATCH 1293/2573] Run on ubuntu latest --- .github/workflows/codeql_unit_tests.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index da99906d87..2048892eee 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -38,7 +38,7 @@ jobs: prepare-unit-test-matrix: name: Prepare CodeQL unit test matrix needs: [determine-ref] - runs-on: ubuntu-22.04 + runs-on: ubuntu-latest outputs: matrix: ${{ steps.export-unit-test-matrix.outputs.matrix }} steps: @@ -185,7 +185,7 @@ jobs: validate-test-results: name: Validate test results needs: [run-test-suites] - runs-on: ubuntu-22.04 + runs-on: ubuntu-latest steps: - name: Collect test results uses: actions/download-artifact@v3 From d2e3ee0821a77558830001d6f4936ac10372006e Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 7 Sep 2023 16:11:18 -0700 Subject: [PATCH 1294/2573] REVERT: temporary switch runner os for testing --- .github/workflows/codeql_unit_tests.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index 2048892eee..ce004a9d03 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -54,7 +54,7 @@ jobs: python scripts/create_language_matrix.py echo "matrix=$( python scripts/create_language_matrix.py | \ - jq --compact-output 'map([.+{os: "ubuntu-20.04-xl", codeql_standard_library_ident : .codeql_standard_library | sub("\/"; "_")}]) | flatten | {include: .}')" >> $GITHUB_OUTPUT + jq --compact-output 'map([.+{os: "ubuntu-latest", codeql_standard_library_ident : .codeql_standard_library | sub("\/"; "_")}]) | flatten | {include: .}')" >> $GITHUB_OUTPUT run-test-suites: name: Run unit tests From 8a9f77a0e1d65b8fe28f734ab3700709114e9d85 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 7 Sep 2023 16:38:13 -0700 Subject: [PATCH 1295/2573] Create check run for validate release when not triggered by PR --- .github/workflows/validate-release.yml | 52 ++++++++++++++++++++++++-- 1 file changed, 49 insertions(+), 3 deletions(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 56a6d73e48..35d4026717 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -38,14 +38,60 @@ jobs: else echo "ref=$GITHUB_REF" >> "$GITHUB_OUTPUT" fi - + + pre-validate-coding-standards: + needs: [determine-ref] + runs-on: ubuntu-latest + if: github.event_name != 'pull_request' + outputs: + check-run-id: ${{ steps.create-check-run.outputs.check-run-id }} + steps: + - name: Create check run + id: create-check-run + env: + REF: ${{ needs.determine-ref.outputs.ref }} + run: | + check_run_id=$(gh api \ + --header "Accept: application/vnd.github+json" \ + --header "X-GitHub-Api-Version: 2022-11-28" \ + --field name="Validating Coding Standards" \ + --field head_sha="$REF" \ + --field status="in_progress" \ + --jq ".id" \ + /repos/$GITHUB_REPOSITORY/check-runs) + + echo "check-run-id=$check_run_id" >> "$GITHUB_OUTPUT" + validate-coding-standards: name: "Validate coding standards" - needs: [determine-ref] + needs: [determine-ref, pre-validate-coding-standards] + if: needs.pre-validate-coding-standards.result != 'failure' uses: ./.github/workflows/validate-coding-standards.yml with: ref: ${{ needs.determine-ref.outputs.ref }} + post-validate-coding-standards: + needs: [validate-coding-standards] + if: github.event_name != 'pull_request' + runs-on: ubuntu-latest + steps: + - name: Update check run + env: + CHECK_RUN_ID: ${{ needs.validate-coding-standards.outputs.check-run-id }} + CHECK_RUN_CONCLUSION: ${{ needs.validate-coding-standards.result }} + run: | + jq -n \ + --arg status "completed" \ + --arg conclusion "$CHECK_RUN_CONCLUSION" \ + '{status: $status, conclusion: $conclusion}' \ + | \ + gh api \ + --method PATCH \ + --header "Accept: application/vnd.github+json" \ + --header "X-GitHub-Api-Version: 2022-11-28" \ + --input - \ + /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID + init-release-performance: outputs: check-run-id: ${{ steps.create-check-run.outputs.check-run-id }}} @@ -71,7 +117,7 @@ jobs: validate-release-performance: needs: [init-release-performance, determine-ref] runs-on: ubuntu-latest - steps: + steps: - name: Invoke performance test env: RELEASE_REF: ${{ needs.determine-ref.outputs.ref }} From 3a5c9458298cec09308094cc39a0fed434b11c53 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 7 Sep 2023 16:40:37 -0700 Subject: [PATCH 1296/2573] Rename jobs --- .github/workflows/validate-release.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 35d4026717..5d03e2b039 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -92,7 +92,7 @@ jobs: --input - \ /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID - init-release-performance: + pre-validate-release-performance: outputs: check-run-id: ${{ steps.create-check-run.outputs.check-run-id }}} needs: [determine-ref] @@ -115,13 +115,13 @@ jobs: echo "check-run-id=$check_run_id" >> "$GITHUB_OUTPUT" validate-release-performance: - needs: [init-release-performance, determine-ref] + needs: [pre-validate-release-performance, determine-ref] runs-on: ubuntu-latest steps: - name: Invoke performance test env: RELEASE_REF: ${{ needs.determine-ref.outputs.ref }} - CHECK_RUN_ID: ${{ needs.init-release-performance.outputs.check-run-id }} + CHECK_RUN_ID: ${{ needs.pre-validate-release-performance.outputs.check-run-id }} GH_TOKEN: ${{ secrets.release-engineering-token }} run: | jq -n \ @@ -135,13 +135,13 @@ jobs: --ref rvermeulen/release-process on-failure-validate-release-performance: - needs: [init-release-performance, validate-release-performance] + needs: [pre-validate-release-performance, validate-release-performance] if: failure() runs-on: ubuntu-latest steps: - name: Fail check run status env: - CHECK_RUN_ID: ${{ needs.init-release-performance.outputs.check-run-id }} + CHECK_RUN_ID: ${{ needs.pre-validate-release-performance.outputs.check-run-id }} GITHUB_TOKEN: ${{ github.token }} run: | jq -n \ @@ -156,7 +156,7 @@ jobs: --input - \ /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID - init-release-status: + create-release-status-check-run: name: "Initialize release status monitoring" needs: [determine-ref] runs-on: ubuntu-latest From 876f20febd51505cd48c1fb8660990af6a4e5ee5 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 7 Sep 2023 17:09:37 -0700 Subject: [PATCH 1297/2573] Properly align push trigger --- .github/workflows/update-release-status.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index e963954f0b..f41ecda508 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -7,9 +7,9 @@ on: branches: - "rc/*" - push: - branches: - - "rvermeulen/release-process-improvements" + push: + branches: + - "rvermeulen/release-process-improvements" permissions: actions: read From e05abe16568b66754891ff42565e1d18562d9399 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 7 Sep 2023 17:12:01 -0700 Subject: [PATCH 1298/2573] Fix unterminated jq query --- .github/workflows/update-release-status.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index f41ecda508..8f806d7f20 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -63,7 +63,7 @@ jobs: done=$(gh api \ --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ - --jq '.check_runs | map(select(.name != "Update Release Status" and .status != "completed")) | length | if . == 0 then "true" else "false" end \ + --jq '.check_runs | map(select(.name != "Update Release Status" and .status != "completed")) | length | if . == 0 then "true" else "false" end' \ /repos/$GITHUB_REPOSITORY/commits/$CHECK_RUN_HEAD_SHA/check-runs) if [[ "$done" == "true" ]]; then From de2084b549c652a6dc48a242a42ecfac3d32da3a Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 7 Sep 2023 17:28:35 -0700 Subject: [PATCH 1299/2573] Add token to env --- .github/workflows/validate-release.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 5d03e2b039..b4c62c3253 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -50,6 +50,7 @@ jobs: id: create-check-run env: REF: ${{ needs.determine-ref.outputs.ref }} + GH_TOKEN: ${{ github.token }} run: | check_run_id=$(gh api \ --header "Accept: application/vnd.github+json" \ @@ -79,6 +80,7 @@ jobs: env: CHECK_RUN_ID: ${{ needs.validate-coding-standards.outputs.check-run-id }} CHECK_RUN_CONCLUSION: ${{ needs.validate-coding-standards.result }} + GH_TOKEN: ${{ github.token }} run: | jq -n \ --arg status "completed" \ From 4096a14281ec7c747bd18505bcd48582464a8459 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 8 Sep 2023 10:08:46 -0700 Subject: [PATCH 1300/2573] Make sure the post job is always executed --- .github/workflows/validate-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index b4c62c3253..8bc6555bf5 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -73,7 +73,7 @@ jobs: post-validate-coding-standards: needs: [validate-coding-standards] - if: github.event_name != 'pull_request' + if: always() && github.event_name != 'pull_request' runs-on: ubuntu-latest steps: - name: Update check run From 24a8a164ea066cbb23e84adf4b3b45d038dab9d1 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 8 Sep 2023 11:15:56 -0700 Subject: [PATCH 1301/2573] Fast fail unit test for testing workflow --- .github/workflows/validate-coding-standards.yml | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/.github/workflows/validate-coding-standards.yml b/.github/workflows/validate-coding-standards.yml index 1895b6828d..0030313061 100644 --- a/.github/workflows/validate-coding-standards.yml +++ b/.github/workflows/validate-coding-standards.yml @@ -66,6 +66,11 @@ jobs: run-codeql-unit-tests: name: Run CodeQL Unit Tests needs: [determine-ref] - uses: ./.github/workflows/codeql_unit_tests.yml - with: - ref: ${{ needs.determine-ref.outputs.ref }} \ No newline at end of file + #uses: ./.github/workflows/codeql_unit_tests.yml + #with: + # ref: ${{ needs.determine-ref.outputs.ref }} + runs-on: ubuntu-latest + steps: + - name: Fail + run: | + exit 1 From 280e2a5b08e7861e2203bd783e5772918462254d Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 8 Sep 2023 11:21:50 -0700 Subject: [PATCH 1302/2573] Use correct output parameter --- .github/workflows/validate-release.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 8bc6555bf5..f186f07ad2 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -72,13 +72,13 @@ jobs: ref: ${{ needs.determine-ref.outputs.ref }} post-validate-coding-standards: - needs: [validate-coding-standards] + needs: [pre-validate-coding-standards, validate-coding-standards] if: always() && github.event_name != 'pull_request' runs-on: ubuntu-latest steps: - name: Update check run env: - CHECK_RUN_ID: ${{ needs.validate-coding-standards.outputs.check-run-id }} + CHECK_RUN_ID: ${{ needs.pre-validate-coding-standards.outputs.check-run-id }} CHECK_RUN_CONCLUSION: ${{ needs.validate-coding-standards.result }} GH_TOKEN: ${{ github.token }} run: | From 56a1cf3cae37405fac9c0259a56b082db0bff7a7 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 8 Sep 2023 11:44:07 -0700 Subject: [PATCH 1303/2573] Add workflow dispatch trigger for testing --- .github/workflows/update-release-status.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index 8f806d7f20..02b49c25b2 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -7,9 +7,7 @@ on: branches: - "rc/*" - push: - branches: - - "rvermeulen/release-process-improvements" + workflow_dispatch: permissions: actions: read From b0055da38a6c9b6be670c7a3f9d8f97bfefbb6dd Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 8 Sep 2023 11:55:34 -0700 Subject: [PATCH 1304/2573] Add head sha input --- .github/workflows/update-release-status.yml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index 02b49c25b2..f14fd37696 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -8,6 +8,12 @@ on: - "rc/*" workflow_dispatch: + inputs: + head-sha: + description: | + The head SHA to use. + type: string + required: true permissions: actions: read @@ -53,6 +59,17 @@ jobs: echo "Created release status check run with id $CHECK_RUN_ID" + - name: Determine check run head SHA + env: + HEAD_SHA_FROM_EVENT: ${{ github.event.check_run.head_sha }} + HEAD_SHA_FROM_INPUTS: ${{ inputs.head-sha }} + run: | + if [[ $GITHUB_EVENT_NAME == "workflow_dispatch" ]]; then + echo "CHECK_RUN_HEAD_SHA=$HEAD_SHA_FROM_INPUTS" >> "$GITHUB_ENV" + else + echo "CHECK_RUN_HEAD_SHA=$HEAD_SHA_FROM_EVENT" >> "$GITHUB_ENV" + fi + - name: Check all runs completed if: env.CHECK_RUN_STATUS != 'completed' env: From 950785beb79b78823f68443204b07a568882a255 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 8 Sep 2023 14:27:52 -0700 Subject: [PATCH 1305/2573] Correct check to excluded from count --- .github/workflows/update-release-status.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index f14fd37696..50b9327693 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -78,7 +78,7 @@ jobs: done=$(gh api \ --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ - --jq '.check_runs | map(select(.name != "Update Release Status" and .status != "completed")) | length | if . == 0 then "true" else "false" end' \ + --jq '.check_runs | map(select(.name != "release-status" and .status != "completed")) | length | if . == 0 then "true" else "false" end' \ /repos/$GITHUB_REPOSITORY/commits/$CHECK_RUN_HEAD_SHA/check-runs) if [[ "$done" == "true" ]]; then From 92fc4e2154777abec7980c7dbcc0d498fcdc99c6 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 8 Sep 2023 14:36:21 -0700 Subject: [PATCH 1306/2573] Properly handle the check run data when dispatched --- .github/workflows/update-release-status.yml | 41 ++++++++++----------- 1 file changed, 20 insertions(+), 21 deletions(-) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index 50b9327693..702f8f1d9a 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -23,12 +23,22 @@ jobs: validate-check-runs: runs-on: ubuntu-latest steps: + - name: Determine check run head SHA + env: + HEAD_SHA_FROM_EVENT: ${{ github.event.check_run.head_sha }} + HEAD_SHA_FROM_INPUTS: ${{ inputs.head-sha }} + run: | + if [[ $GITHUB_EVENT_NAME == "workflow_dispatch" ]]; then + echo "CHECK_RUN_HEAD_SHA=$HEAD_SHA_FROM_INPUTS" >> "$GITHUB_ENV" + else + echo "CHECK_RUN_HEAD_SHA=$HEAD_SHA_FROM_EVENT" >> "$GITHUB_ENV" + fi + - name: Get release status check run id: get-check-run - if: github.event.check_run.conclusion == 'success' && github.event.check_run.name != 'Update Release Status' + if: (github.event_name == 'check_run' && github.event.check_run.conclusion == 'success' && github.event.check_run.name != 'Update Release Status') || github.event_name == 'workflow_dispatch' env: GITHUB_TOKEN: ${{ github.token }} - CHECK_RUN_HEAD_SHA: ${{ github.event.check_run.head_sha }} run: | check_run_info=$(gh api \ --header "Accept: application/vnd.github+json" \ @@ -45,7 +55,7 @@ jobs: echo "CHECK_RUN_CONCLUSION=$check_run_conclusion" >> "$GITHUB_ENV" - name: Reset release status - if: env.CHECK_RUN_STATUS == 'completed' && github.event.action == 'rerequested' + if: github.event_name == 'check_run' && env.CHECK_RUN_STATUS == 'completed' && github.event.action == 'rerequested' env: GITHUB_TOKEN: ${{ github.token }} run: | @@ -59,17 +69,6 @@ jobs: echo "Created release status check run with id $CHECK_RUN_ID" - - name: Determine check run head SHA - env: - HEAD_SHA_FROM_EVENT: ${{ github.event.check_run.head_sha }} - HEAD_SHA_FROM_INPUTS: ${{ inputs.head-sha }} - run: | - if [[ $GITHUB_EVENT_NAME == "workflow_dispatch" ]]; then - echo "CHECK_RUN_HEAD_SHA=$HEAD_SHA_FROM_INPUTS" >> "$GITHUB_ENV" - else - echo "CHECK_RUN_HEAD_SHA=$HEAD_SHA_FROM_EVENT" >> "$GITHUB_ENV" - fi - - name: Check all runs completed if: env.CHECK_RUN_STATUS != 'completed' env: @@ -87,13 +86,13 @@ jobs: --arg status "completed" \ --arg conclusion "success" \ '{status: $status, conclusion: $conclusion}' \ - | \ - gh api \ - --method PATCH \ - --header "Accept: application/vnd.github+json" \ - --header "X-GitHub-Api-Version: 2022-11-28" \ - --input - \ - /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID + | \ + gh api \ + --method PATCH \ + --header "Accept: application/vnd.github+json" \ + --header "X-GitHub-Api-Version: 2022-11-28" \ + --input - \ + /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID else echo "Not all check runs completed" fi \ No newline at end of file From c00e89015dbaed788a7e0bc7bbe30796397ce36c Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 8 Sep 2023 14:38:44 -0700 Subject: [PATCH 1307/2573] Use the gh context to get the workflow name to exclude --- .github/workflows/update-release-status.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index 702f8f1d9a..11c49d316f 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -36,7 +36,7 @@ jobs: - name: Get release status check run id: get-check-run - if: (github.event_name == 'check_run' && github.event.check_run.conclusion == 'success' && github.event.check_run.name != 'Update Release Status') || github.event_name == 'workflow_dispatch' + if: (github.event_name == 'check_run' && github.event.check_run.conclusion == 'success' && github.event.check_run.name != github.workflow) || github.event_name == 'workflow_dispatch' env: GITHUB_TOKEN: ${{ github.token }} run: | From c592e4c223b5859d8cf4c375c7b33a954127871e Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 8 Sep 2023 14:41:18 -0700 Subject: [PATCH 1308/2573] Restore check run status retrieval --- .github/workflows/update-release-status.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index 11c49d316f..5990a1d79c 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -43,7 +43,7 @@ jobs: check_run_info=$(gh api \ --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ - --jq '.check_runs[] | select(.name == "release-status") | {id: .id, status: .status, conclusion: .conclusion' \ + --jq '.check_runs[] | select(.name == "release-status") | {id: .id, status: .status, conclusion: .conclusion}' \ /repos/$GITHUB_REPOSITORY/commits/$CHECK_RUN_HEAD_SHA/check-runs) check_run_id=$(echo "$check_run_info" | jq -r '.id') From 5a80a333168ec9a91e531ee3e89bedf4dff3e242 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 8 Sep 2023 15:08:29 -0700 Subject: [PATCH 1309/2573] Fail release-check if any other check runs failed --- .github/workflows/update-release-status.yml | 22 +++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index 5990a1d79c..d517ac34ae 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -74,17 +74,31 @@ jobs: env: GITHUB_TOKEN: ${{ github.token }} run: | - done=$(gh api \ + check_runs=$(gh api \ --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ - --jq '.check_runs | map(select(.name != "release-status" and .status != "completed")) | length | if . == 0 then "true" else "false" end' \ + --jq '.check_runs | map(select(.name != "release-status"))' \ /repos/$GITHUB_REPOSITORY/commits/$CHECK_RUN_HEAD_SHA/check-runs) - if [[ "$done" == "true" ]]; then + status_stats=$(echo "$check_runs" | jq -r '. | {failed: (map(select(.conclusion == "failure")) | length), pending: (map(select(.status != "completed")) | length) }') + + failed=$(echo "$status_stats" | jq -r '.failed') + pending=$(echo "$status_stats" | jq -r '.pending') + + if [[ "$pending" == "0" ]]; then echo "All check runs completed" + + if [[ "$failed" == "0" ]]; then + echo "All check runs succeeded" + conclusion="success" + else + echo "Some check runs failed" + conclusion="failure" + fi + jq -n \ --arg status "completed" \ - --arg conclusion "success" \ + --arg conclusion "$conclusion" \ '{status: $status, conclusion: $conclusion}' \ | \ gh api \ From afa5b39a4668609677f753a60238f92bcaf215b2 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 8 Sep 2023 15:28:23 -0700 Subject: [PATCH 1310/2573] Update descriptions to match our docs --- .github/workflows/update-check-run.yml | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/.github/workflows/update-check-run.yml b/.github/workflows/update-check-run.yml index 12f1de5779..028748f9ad 100644 --- a/.github/workflows/update-check-run.yml +++ b/.github/workflows/update-check-run.yml @@ -5,21 +5,25 @@ on: inputs: id: description: | - The ID of the check run to update. + The unique identifier of the check run. type: number required: true status: description: | - The new status of the check run. + The current status. + + Can be one of: queued, in_progress, completed type: string required: true conclusion: description: | - The conclusion of the check run when the status is 'completed'. + The final conclusion of the check when completed. + + Can be one of: action_required, cancelled, failure, neutral, success, skipped, stale, timed_out type: string details_url: description: | - The URL of the check run's details page. + The URL of the integrator's site that has the full details of the check. type: string permissions: From 69bfe7dc00c5cc88636d7b318156f2d3eef2b95a Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 8 Sep 2023 15:28:42 -0700 Subject: [PATCH 1311/2573] Add support for external id and output inputs --- .github/workflows/update-check-run.yml | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/.github/workflows/update-check-run.yml b/.github/workflows/update-check-run.yml index 028748f9ad..da43d91f54 100644 --- a/.github/workflows/update-check-run.yml +++ b/.github/workflows/update-check-run.yml @@ -25,6 +25,17 @@ on: description: | The URL of the integrator's site that has the full details of the check. type: string + external_id: + description: | + A reference for the run on the integrator's system. + type: string + output: + description: | + The output object for the check run. + + See https://docs.github.com/en/rest/checks/runs?apiVersion=2022-11-28#update-a-check-run for more information. + type: string + default: '{}' permissions: checks: write @@ -39,13 +50,17 @@ jobs: CHECK_RUN_STATUS: ${{ inputs.status }} CHECK_RUN_CONCLUSION: ${{ inputs.conclusion }} CHECK_RUN_DETAILS_URL: ${{ inputs.details_url }} + CHECK_RUN_EXTERNAL_ID: ${{ inputs.external_id }} + CHECK_RUN_OUTPUT: ${{ inputs.output }} GITHUB_TOKEN: ${{ github.token }} run: | jq -n \ --arg status "$CHECK_RUN_STATUS" \ --arg conclusion "$CHECK_RUN_CONCLUSION" \ --arg details_url "$CHECK_RUN_DETAILS_URL" \ - '{status: $status, conclusion: $conclusion, details_url: $details_url} | to_entries | map(select(.value != "")) | from_entries' \ + --arg external_id "$CHECK_RUN_EXTERNAL_ID" \ + --argjson output "$CHECK_RUN_OUTPUT" \ + '{status: $status, conclusion: $conclusion, details_url: $details_url, external_id: $external_id, output: $output} | to_entries | map(select(.value != "" and .value != {})) | from_entries' \ | \ gh api \ --method PATCH \ From 31d17eab2b3e8b97b51486a74275e9e0eedc6f45 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 11 Sep 2023 11:36:25 -0700 Subject: [PATCH 1312/2573] Create draft release --- .github/workflows/prepare-release.yml | 103 ++++++++++++++++++++++++-- 1 file changed, 96 insertions(+), 7 deletions(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index b66f66b390..0149cdf329 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -28,16 +28,59 @@ env: jobs: prepare-release: outputs: - pull-request-head-sha: ${{ steps.create-release-pull-request.outputs.pull-request-head-sha }} + pull-request-head-sha: ${{ steps.determine-pr-head-sha.outputs.pull-request-head-sha }} name: "Prepare release" if: github.event_name == 'workflow_dispatch' - runs-on: ubuntu-latest + runs-on: ubuntu-latest steps: - - name: Checkout + - name: Checkout uses: actions/checkout@v3 with: ref: ${{ inputs.ref }} + - name: Validate release precondition + env: + RELEASE_VERSION: ${{ inputs.version }} + GITHUB_TOKEN: ${{ github.token }} + run: | + read -r release type < <(gh release list | awk -v release="v$RELEASE_VERSION" '$1 ~ release { print $1,$2; ++n } END { if (n == 0) print "undefined", "undefined" }') + if [[ "$release" == "undefined" ]]; then + echo "Release v$RELEASE_VERSION does not exist. Proceeding" + echo "create_draft_release=true" >> "$GITHUB_ENV" + else + if [[ "$type" != "Draft" ]]; then + echo "Release '$release' already exists and is not a draft, but has release state '$type'. Cannot proceed" + exit 1 + else + echo "Release '$release' already exists and is a draft. Proceeding" + echo "create_draft_release=false" >> "$GITHUB_ENV" + fi + fi + + if [[ -z $(git ls-remote --heads origin rc/$RELEASE_VERSION) ]]; then + echo "Release branch rc/$RELEASE_VERSION does not exist." + echo "create_release_branch=true" >> "$GITHUB_ENV" + echo "create_release_pr=true" >> "$GITHUB_ENV" + else + echo "Release branch rc/$RELEASE_VERSION already exists." + echo "create_release_branch=false" >> "$GITHUB_ENV" + + pr_state=$(gh pr view rc/$RELEASE_VERSION --json title,state) + pr_title=$(echo "$pr_state" | jq -r '.title') + pr_state=$(echo "$pr_state" | jq -r '.state') + + echo "Found PR '$pr_title' with state '$pr_state'" + + if [[ "$pr_title" == "Release v$RELEASE_VERSION" ]] && [[ "$pr_state" == "OPEN" ]]; then + echo "Release PR for rc/$RELEASE_VERSION already exists and is open." + echo "create_release_pr=false" >> "$GITHUB_ENV" + else + echo "Release PR for rc/$RELEASE_VERSION does not exist or is closed." + echo "create_release_pr=true" >> "$GITHUB_ENV" + fi + + fi + - name: Install Python uses: actions/setup-python@v4 with: @@ -49,17 +92,38 @@ jobs: - name: Validate version run: | python scripts/release/validate-version.py "$RELEASE_VERSION" - + - name: Create release branch + if: env.create_release_branch == 'true' run: | git switch -c rc/$RELEASE_VERSION git push --set-upstream origin rc/$RELEASE_VERSION + - name: Create draft release + if: env.create_draft_release == 'true' + env: + RELEASE_VERSION: ${{ inputs.version }} + GITHUB_TOKEN: ${{ github.token }} + run: | + gh release create \ + -R $GITHUB_REPOSITORY \ + --title "v$RELEASE_VERSION" \ + --draft \ + --target rc/$RELEASE_VERSION \ + $RELEASE_VERSION + - name: Create feature branch for PR + if: env.create_release_pr == 'true' run: | git switch -c feature/update-user-manual-for-$RELEASE_VERSION git push --set-upstream origin feature/update-user-manual-for-$RELEASE_VERSION + - name: Get feature branch for PR + if: env.create_release_pr == 'false' + run: | + git switch feature/update-user-manual-for-$RELEASE_VERSION + git pull --rebase + - name: Update user manual version run: | find docs -name 'user_manual.md' | xargs sed -i "s/code-scanning-cpp-query-pack-.*\.zip\`/code-scanning-cpp-query-pack-$RELEASE_VERSION.zip\`/" @@ -68,16 +132,41 @@ jobs: find docs -name 'user_manual.md' | xargs sed -i "s/user_manual_.*\.md\`/user_manual_$RELEASE_VERSION.md\`/" find docs -name 'user_manual.md' | xargs sed -i "s/This user manual documents release \`.*\` of/This user manual documents release \`$RELEASE_VERSION\` of/" + if git diff --quiet; then + echo "update-release-pr=true" >> "$GITHUB_ENV" + else + echo "update-release-pr=false" >> "$GITHUB_ENV" + fi + + - name: Update feature branch for PR + if: env.update-release-pr == 'true' + run: | + find docs -name 'user_manual.md' -exec git add {} \; + git commit -m "Update user manual for release $RELEASE_VERSION." + git push + - name: Create release PR - id: create-release-pull-request + if: env.create_release_pr == 'true' uses: peter-evans/create-pull-request@v5 with: - title: "Release ${{ inputs.version }}." + title: "Release v${{ inputs.version }}." body: "This PR releases codeql-coding-standards version ${{ inputs.version }}." commit-message: "Update user manual for release ${{ inputs.version }}." delete-branch: true branch: "rc/${{ inputs.version }}" - + + - name: Determine pull request head SHA + id: determine-pr-head-sha + env: + GITHUB_TOKEN: ${{ github.token }} + run: | + read -r pull_request_head_sha pr_state < <(gh pr view rc/$RELEASE_VERSION --json headRefOid,state --jq '.headRefOid + " " + .state') + if [[ "$pr_state" != "OPEN" ]]; then + echo "Release PR for rc/$RELEASE_VERSION is not open, but in state '$pr_state'. Cannot proceed!" + exit 1 + fi + echo "pull-request-head-sha=$pull_request_head_sha" >> "$GITHUB_OUTPUT" + # Invoke release validation because our PRs created with a GitHub token do not trigger a `pull_request` event. validate-release: name: "Validate coding standards release" From 427b94f152a33bda0054715a12c8df5371c52e64 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 12 Sep 2023 16:04:20 -0700 Subject: [PATCH 1313/2573] Change PR title --- .github/workflows/prepare-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 0149cdf329..73026d7779 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -149,7 +149,7 @@ jobs: if: env.create_release_pr == 'true' uses: peter-evans/create-pull-request@v5 with: - title: "Release v${{ inputs.version }}." + title: "Release v${{ inputs.version }}" body: "This PR releases codeql-coding-standards version ${{ inputs.version }}." commit-message: "Update user manual for release ${{ inputs.version }}." delete-branch: true From 2af15d33e7d27c8f4a2115ae1bafe7ae3becb0bc Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 12 Sep 2023 16:05:09 -0700 Subject: [PATCH 1314/2573] Dispatch compiler compatibility testing --- .github/workflows/validate-release.yml | 64 ++++++++++++++++++++++++++ 1 file changed, 64 insertions(+) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index f186f07ad2..5a9adffe34 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -158,6 +158,70 @@ jobs: --input - \ /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID + pre-validate-compiler-compatibility: + outputs: + check-run-id: ${{ steps.create-check-run.outputs.check-run-id }}} + needs: [determine-ref] + runs-on: ubuntu-latest + steps: + - name: Create check run + id: create-check-run + env: + GH_TOKEN: ${{ github.token }} + RELEASE_REF: ${{ needs.determine-ref.outputs.ref }} + run: | + check_run_id=$(gh api \ + --header "Accept: application/vnd.github+json" \ + --header "X-GitHub-Api-Version: 2022-11-28" \ + --field name="compiler-compatibility-test" \ + --field head_sha="$RELEASE_REF" \ + --jq ".id" \ + /repos/$GITHUB_REPOSITORY/check-runs) + + echo "check-run-id=$check_run_id" >> "$GITHUB_OUTPUT" + + validate-compiler-compatibility: + needs: [pre-validate-compiler-compatibility, determine-ref] + runs-on: ubuntu-latest + steps: + - name: Invoke performance test + env: + RELEASE_REF: ${{ needs.determine-ref.outputs.ref }} + CHECK_RUN_ID: ${{ needs.pre-validate-release-performance.outputs.check-run-id }} + GH_TOKEN: ${{ secrets.release-engineering-token }} + run: | + jq -n \ + --arg ref "$RELEASE_REF" \ + --arg check_run_id "$CHECK_RUN_ID" \ + '{ref: $ref, "check-run-id": $check_run_id}' \ + | \ + gh workflow run release-performance-validation.yml \ + --json \ + -R github/codeql-coding-standards-release-engineering \ + --ref rvermeulen/release-process + + on-failure-validate-compiler-compatibility-dispatch: + needs: [pre-validate-compiler-compatibility, validate-compiler-compatibility] + if: failure() + runs-on: ubuntu-latest + steps: + - name: Fail check run status + env: + CHECK_RUN_ID: ${{ needs.pre-validate-release-performance.outputs.check-run-id }} + GITHUB_TOKEN: ${{ github.token }} + run: | + jq -n \ + --arg status "completed" \ + --arg conclusion "failed" \ + '{status: $status, conclusion: $conclusion}' \ + | \ + gh api \ + --method PATCH \ + --header "Accept: application/vnd.github+json" \ + --header "X-GitHub-Api-Version: 2022-11-28" \ + --input - \ + /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID + create-release-status-check-run: name: "Initialize release status monitoring" needs: [determine-ref] From 9d53b04bec22937267f992b2dc6d0bbcc1be0eae Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 12 Sep 2023 16:06:35 -0700 Subject: [PATCH 1315/2573] Rename jobs for consistency --- .github/workflows/validate-release.yml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 5a9adffe34..38f3020e8b 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -94,7 +94,7 @@ jobs: --input - \ /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID - pre-validate-release-performance: + pre-validate-performance: outputs: check-run-id: ${{ steps.create-check-run.outputs.check-run-id }}} needs: [determine-ref] @@ -116,14 +116,14 @@ jobs: echo "check-run-id=$check_run_id" >> "$GITHUB_OUTPUT" - validate-release-performance: - needs: [pre-validate-release-performance, determine-ref] + validate-performance: + needs: [pre-validate-performance, determine-ref] runs-on: ubuntu-latest steps: - name: Invoke performance test env: RELEASE_REF: ${{ needs.determine-ref.outputs.ref }} - CHECK_RUN_ID: ${{ needs.pre-validate-release-performance.outputs.check-run-id }} + CHECK_RUN_ID: ${{ needs.pre-validate-performance.outputs.check-run-id }} GH_TOKEN: ${{ secrets.release-engineering-token }} run: | jq -n \ @@ -136,14 +136,14 @@ jobs: -R github/codeql-coding-standards-release-engineering \ --ref rvermeulen/release-process - on-failure-validate-release-performance: - needs: [pre-validate-release-performance, validate-release-performance] + on-failure-validate-performance-dispatch: + needs: [pre-validate-performance, validate-performance] if: failure() runs-on: ubuntu-latest steps: - name: Fail check run status env: - CHECK_RUN_ID: ${{ needs.pre-validate-release-performance.outputs.check-run-id }} + CHECK_RUN_ID: ${{ needs.pre-validate-performance.outputs.check-run-id }} GITHUB_TOKEN: ${{ github.token }} run: | jq -n \ @@ -187,7 +187,7 @@ jobs: - name: Invoke performance test env: RELEASE_REF: ${{ needs.determine-ref.outputs.ref }} - CHECK_RUN_ID: ${{ needs.pre-validate-release-performance.outputs.check-run-id }} + CHECK_RUN_ID: ${{ needs.pre-validate-compiler-compatibility.outputs.check-run-id }} GH_TOKEN: ${{ secrets.release-engineering-token }} run: | jq -n \ @@ -207,7 +207,7 @@ jobs: steps: - name: Fail check run status env: - CHECK_RUN_ID: ${{ needs.pre-validate-release-performance.outputs.check-run-id }} + CHECK_RUN_ID: ${{ needs.pre-validate-compiler-compatibility.outputs.check-run-id }} GITHUB_TOKEN: ${{ github.token }} run: | jq -n \ From ddcf8ff42e82394c55fadaee08368b6df411181d Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 12 Sep 2023 16:17:34 -0700 Subject: [PATCH 1316/2573] Address incorrect retrieval of feature branch --- .github/workflows/prepare-release.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 73026d7779..035b7ae770 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -121,8 +121,9 @@ jobs: - name: Get feature branch for PR if: env.create_release_pr == 'false' run: | + git fetch origin feature/update-user-manual-for-$RELEASE_VERSION git switch feature/update-user-manual-for-$RELEASE_VERSION - git pull --rebase + git pull - name: Update user manual version run: | From 62e4e8b02e702ea59626867a8052ed2ef643c571 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 12 Sep 2023 16:32:13 -0700 Subject: [PATCH 1317/2573] Invoke correct compiler validation workflow --- .github/workflows/validate-release.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 38f3020e8b..ec6f0a64cc 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -184,7 +184,7 @@ jobs: needs: [pre-validate-compiler-compatibility, determine-ref] runs-on: ubuntu-latest steps: - - name: Invoke performance test + - name: Invoke compiler compatibility test env: RELEASE_REF: ${{ needs.determine-ref.outputs.ref }} CHECK_RUN_ID: ${{ needs.pre-validate-compiler-compatibility.outputs.check-run-id }} @@ -195,7 +195,7 @@ jobs: --arg check_run_id "$CHECK_RUN_ID" \ '{ref: $ref, "check-run-id": $check_run_id}' \ | \ - gh workflow run release-performance-validation.yml \ + gh workflow run release-compiler-validation.yml \ --json \ -R github/codeql-coding-standards-release-engineering \ --ref rvermeulen/release-process From ffb942501f5b7c3bc8a322bf5fc45d4cd508f17c Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 13 Sep 2023 13:52:46 -0700 Subject: [PATCH 1318/2573] Validate we can generate deploy artifacts --- .github/workflows/code-scanning-pack-gen.yml | 43 +++++++++++++--- .github/workflows/validate-release.yml | 54 ++++++++++++++++++++ 2 files changed, 89 insertions(+), 8 deletions(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index 9cf2b3ebe8..b2c5785fa6 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -5,27 +5,52 @@ on: pull_request: branches: - main - - "rc/**" - next push: branches: - main - - "rc/**" - next + workflow_call: + inputs: + ref: + description: | + The ref to run the tests on. + type: string + required: true + env: XARGS_MAX_PROCS: 4 jobs: + determine-ref: + runs-on: ubuntu-latest + outputs: + ref: ${{ steps.set-ref.outputs.ref }} + env: + REF_FROM_INPUT: ${{ inputs.ref }} + EVENT_NAME: ${{ github.event_name }} + steps: + - id: set-ref + run: | + if [[ "$EVENT_NAME" == "workflow_dispatch" ]] || [[ "$EVENT_NAME" == "workflow_call" ]]; then + echo "ref=$REF_FROM_INPUT" >> "$GITHUB_OUTPUT" + else + echo "ref=$GITHUB_REF" >> "$GITHUB_OUTPUT" + fi + prepare-code-scanning-pack-matrix: name: Prepare CodeQL Code Scanning pack matrix + needs: [determine-ref] runs-on: ubuntu-22.04 outputs: matrix: ${{ steps.export-code-scanning-pack-matrix.outputs.matrix }} steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@v4 + with: + ref: ${{ needs.determine-ref.outputs.ref }} - name: Export Code Scanning pack matrix id: export-code-scanning-pack-matrix @@ -36,13 +61,15 @@ jobs: create-code-scanning-pack: name: Create Code Scanning pack - needs: prepare-code-scanning-pack-matrix + needs: [prepare-code-scanning-pack-matrix, determine-ref] runs-on: ubuntu-20.04-xl strategy: fail-fast: false matrix: ${{ fromJSON(needs.prepare-code-scanning-pack-matrix.outputs.matrix) }} steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 + with: + ref: ${{ needs.determine-ref.outputs.ref }} - name: Cache CodeQL id: cache-codeql @@ -68,15 +95,15 @@ jobs: - name: Checkout external help files continue-on-error: true id: checkout-external-help-files - uses: actions/checkout@v2 + uses: actions/checkout@v4 with: ssh-key: ${{ secrets.CODEQL_CODING_STANDARDS_HELP_KEY }} repository: "github/codeql-coding-standards-help" - ref: ${{ github.head_ref }} + ref: ${{ needs.determine-ref.outputs.ref }} path: external-help-files - name: Include external help files - if: ${{ steps.checkout-external-help-files.outcome == 'success' }} + if: steps.checkout-external-help-files.outcome == 'success' run: | pushd external-help-files find . -name '*.md' -exec rsync -av --relative {} "$GITHUB_WORKSPACE" \; diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index ec6f0a64cc..e636a8ada5 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -222,6 +222,60 @@ jobs: --input - \ /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID + pre-generate-packs: + needs: [determine-ref] + runs-on: ubuntu-latest + if: github.event_name != 'pull_request' + outputs: + check-run-id: ${{ steps.create-check-run.outputs.check-run-id }} + steps: + - name: Create check run + id: create-check-run + env: + REF: ${{ needs.determine-ref.outputs.ref }} + GH_TOKEN: ${{ github.token }} + run: | + check_run_id=$(gh api \ + --header "Accept: application/vnd.github+json" \ + --header "X-GitHub-Api-Version: 2022-11-28" \ + --field name="Code Scanning Query Pack Generation" \ + --field head_sha="$REF" \ + --field status="in_progress" \ + --jq ".id" \ + /repos/$GITHUB_REPOSITORY/check-runs) + + echo "check-run-id=$check_run_id" >> "$GITHUB_OUTPUT" + + generate-packs: + needs: [determine-ref, pre-generate-packs] + if: needs.pre-generate-packs.result != 'failure' + uses: ./.github/workflows/code-scanning-pack-gen.yml + with: + ref: ${{ needs.determine-ref.outputs.ref }} + + post-generate-packs: + needs: [pre-generate-packs, generate-packs] + if: always() && github.event_name != 'pull_request' + runs-on: ubuntu-latest + steps: + - name: Update check run + env: + CHECK_RUN_ID: ${{ needs.pre-generate-packs.outputs.check-run-id }} + CHECK_RUN_CONCLUSION: ${{ needs.generate-packs.result }} + GH_TOKEN: ${{ github.token }} + run: | + jq -n \ + --arg status "completed" \ + --arg conclusion "$CHECK_RUN_CONCLUSION" \ + '{status: $status, conclusion: $conclusion}' \ + | \ + gh api \ + --method PATCH \ + --header "Accept: application/vnd.github+json" \ + --header "X-GitHub-Api-Version: 2022-11-28" \ + --input - \ + /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID + create-release-status-check-run: name: "Initialize release status monitoring" needs: [determine-ref] From 41a9ad07d160f61522f3fbf216c7798983a3cce3 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 13 Sep 2023 14:08:18 -0700 Subject: [PATCH 1319/2573] Remove push trigger used to register the workflow --- .github/workflows/prepare-release.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 035b7ae770..66650aa3bc 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -11,10 +11,6 @@ on: description: | The git commit, branch, or tag to release from. required: true - # The following push event trigger is only used for testing purposes. Should be removed before merging! - push: - branches: - - rvermeulen/release-process-improvements permissions: contents: write From 30ee9ea66efdce60224becd6156bd6b1c0d5a21a Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 13 Sep 2023 17:07:22 -0700 Subject: [PATCH 1320/2573] Run on ubuntu latest --- .github/workflows/code-scanning-pack-gen.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index b2c5785fa6..3b7e723032 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -43,7 +43,7 @@ jobs: prepare-code-scanning-pack-matrix: name: Prepare CodeQL Code Scanning pack matrix needs: [determine-ref] - runs-on: ubuntu-22.04 + runs-on: ubuntu-latest outputs: matrix: ${{ steps.export-code-scanning-pack-matrix.outputs.matrix }} steps: @@ -62,7 +62,8 @@ jobs: create-code-scanning-pack: name: Create Code Scanning pack needs: [prepare-code-scanning-pack-matrix, determine-ref] - runs-on: ubuntu-20.04-xl + #runs-on: ubuntu-20.04-xl + runs-on: ubuntu-latest strategy: fail-fast: false matrix: ${{ fromJSON(needs.prepare-code-scanning-pack-matrix.outputs.matrix) }} From 35d98b1162391114edab03cb5b5a650aff6eac43 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 13 Sep 2023 17:07:36 -0700 Subject: [PATCH 1321/2573] Replace ::set-output --- .github/workflows/code-scanning-pack-gen.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index 3b7e723032..d5e662ebf7 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -55,9 +55,9 @@ jobs: - name: Export Code Scanning pack matrix id: export-code-scanning-pack-matrix run: | - echo "::set-output name=matrix::$( + echo "matrix=$( jq --compact-output '.supported_environment | {include: .}' supported_codeql_configs.json - )" + )" >> $GITHUB_OUTPUT create-code-scanning-pack: name: Create Code Scanning pack From af1a003710823ffe25a14e11274de636eafa8f31 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 14 Sep 2023 09:31:23 -0700 Subject: [PATCH 1322/2573] Make release process pull_request driven --- .github/workflows/code-scanning-pack-gen.yml | 33 +--- .github/workflows/codeql_unit_tests.yml | 35 +--- .github/workflows/prepare-release.yml | 31 ++-- .github/workflows/update-release-status.yml | 56 +++--- .../workflows/validate-coding-standards.yml | 76 -------- .github/workflows/validate-package-files.yml | 18 +- .../workflows/validate-query-formatting.yml | 30 +--- .github/workflows/validate-query-help.yml | 18 +- .../validate-query-test-case-formatting.yml | 30 +--- .github/workflows/validate-release.yml | 167 ++---------------- 10 files changed, 91 insertions(+), 403 deletions(-) delete mode 100644 .github/workflows/validate-coding-standards.yml diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index d5e662ebf7..83d22a6765 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -6,52 +6,27 @@ on: branches: - main - next + - "rc/**" push: branches: - main - next - - workflow_call: - inputs: - ref: - description: | - The ref to run the tests on. - type: string - required: true + - "rc/**" env: XARGS_MAX_PROCS: 4 jobs: - determine-ref: - runs-on: ubuntu-latest - outputs: - ref: ${{ steps.set-ref.outputs.ref }} - env: - REF_FROM_INPUT: ${{ inputs.ref }} - EVENT_NAME: ${{ github.event_name }} - steps: - - id: set-ref - run: | - if [[ "$EVENT_NAME" == "workflow_dispatch" ]] || [[ "$EVENT_NAME" == "workflow_call" ]]; then - echo "ref=$REF_FROM_INPUT" >> "$GITHUB_OUTPUT" - else - echo "ref=$GITHUB_REF" >> "$GITHUB_OUTPUT" - fi prepare-code-scanning-pack-matrix: name: Prepare CodeQL Code Scanning pack matrix - needs: [determine-ref] runs-on: ubuntu-latest outputs: matrix: ${{ steps.export-code-scanning-pack-matrix.outputs.matrix }} steps: - name: Checkout repository uses: actions/checkout@v4 - with: - ref: ${{ needs.determine-ref.outputs.ref }} - - name: Export Code Scanning pack matrix id: export-code-scanning-pack-matrix run: | @@ -61,7 +36,7 @@ jobs: create-code-scanning-pack: name: Create Code Scanning pack - needs: [prepare-code-scanning-pack-matrix, determine-ref] + needs: prepare-code-scanning-pack-matrix #runs-on: ubuntu-20.04-xl runs-on: ubuntu-latest strategy: @@ -69,8 +44,6 @@ jobs: matrix: ${{ fromJSON(needs.prepare-code-scanning-pack-matrix.outputs.matrix) }} steps: - uses: actions/checkout@v4 - with: - ref: ${{ needs.determine-ref.outputs.ref }} - name: Cache CodeQL id: cache-codeql diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index ce004a9d03..ebcc90a393 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -6,46 +6,23 @@ on: branches: - main - next + - "rc/**" pull_request: branches: - main - next - workflow_call: - inputs: - ref: - description: | - The ref to run the tests on. - type: string - required: true + - "rc/**" jobs: - determine-ref: - runs-on: ubuntu-latest - outputs: - ref: ${{ steps.set-ref.outputs.ref }} - env: - REF_FROM_INPUT: ${{ inputs.ref }} - EVENT_NAME: ${{ github.event_name }} - steps: - - id: set-ref - run: | - if [[ "$EVENT_NAME" == "workflow_dispatch" ]] || [[ "$EVENT_NAME" == "workflow_call" ]]; then - echo "ref=$REF_FROM_INPUT" >> "$GITHUB_OUTPUT" - else - echo "ref=$GITHUB_REF" >> "$GITHUB_OUTPUT" - fi - + prepare-unit-test-matrix: name: Prepare CodeQL unit test matrix - needs: [determine-ref] runs-on: ubuntu-latest outputs: matrix: ${{ steps.export-unit-test-matrix.outputs.matrix }} steps: - name: Checkout repository uses: actions/checkout@v4 - with: - ref: ${{ needs.determine-ref.outputs.ref }} - name: Export unit test matrix id: export-unit-test-matrix @@ -58,7 +35,7 @@ jobs: run-test-suites: name: Run unit tests - needs: [prepare-unit-test-matrix, determine-ref] + needs: prepare-unit-test-matrix runs-on: ${{ matrix.os }} strategy: @@ -68,8 +45,6 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@v4 - with: - ref: ${{ needs.determine-ref.outputs.ref }} - name: Install Python uses: actions/setup-python@v4 @@ -184,7 +159,7 @@ jobs: validate-test-results: name: Validate test results - needs: [run-test-suites] + needs: run-test-suites runs-on: ubuntu-latest steps: - name: Collect test results diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 66650aa3bc..c34408b9f4 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -143,15 +143,18 @@ jobs: git push - name: Create release PR + env: + GITHUB_TOKEN: ${{ secrets.ACTION_DISPATCH_TOKEN }} if: env.create_release_pr == 'true' - uses: peter-evans/create-pull-request@v5 - with: - title: "Release v${{ inputs.version }}" - body: "This PR releases codeql-coding-standards version ${{ inputs.version }}." - commit-message: "Update user manual for release ${{ inputs.version }}." - delete-branch: true - branch: "rc/${{ inputs.version }}" - + run: | + gh pr create \ + -R $GITHUB_REPOSITORY \ + --title "Release v$RELEASE_VERSION" \ + --body "This PR releases codeql-coding-standards version $RELEASE_VERSION." \ + --base rc/$RELEASE_VERSION \ + --head feature/update-user-manual-for-$RELEASE_VERSION \ + --draft + - name: Determine pull request head SHA id: determine-pr-head-sha env: @@ -162,14 +165,4 @@ jobs: echo "Release PR for rc/$RELEASE_VERSION is not open, but in state '$pr_state'. Cannot proceed!" exit 1 fi - echo "pull-request-head-sha=$pull_request_head_sha" >> "$GITHUB_OUTPUT" - - # Invoke release validation because our PRs created with a GitHub token do not trigger a `pull_request` event. - validate-release: - name: "Validate coding standards release" - needs: prepare-release - uses: ./.github/workflows/validate-release.yml - with: - ref: ${{ needs.prepare-release.outputs.pull-request-head-sha }} - secrets: - release-engineering-token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} \ No newline at end of file + echo "pull-request-head-sha=$pull_request_head_sha" >> "$GITHUB_OUTPUT" \ No newline at end of file diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index d517ac34ae..53e9e45c04 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -5,7 +5,7 @@ on: - completed - rerequested branches: - - "rc/*" + - "rc/**" workflow_dispatch: inputs: @@ -85,28 +85,38 @@ jobs: failed=$(echo "$status_stats" | jq -r '.failed') pending=$(echo "$status_stats" | jq -r '.pending') - if [[ "$pending" == "0" ]]; then - echo "All check runs completed" + echo "CHECK_RUNS_FAILED=$failed" >> "$GITHUB_ENV" + echo "CHECK_RUNS_PENDING=$pending" >> "$GITHUB_ENV - if [[ "$failed" == "0" ]]; then - echo "All check runs succeeded" - conclusion="success" - else - echo "Some check runs failed" - conclusion="failure" - fi + - name: Finalize release + if: env.CHECK_RUNS_PENDING == '0' && env.CHECK_RUN_STATUS != 'completed' + uses: ./.github/workflows/post-release.yml + with: + ref: ${{ env.CHECK_RUN_HEAD_SHA }} - jq -n \ - --arg status "completed" \ - --arg conclusion "$conclusion" \ - '{status: $status, conclusion: $conclusion}' \ - | \ - gh api \ - --method PATCH \ - --header "Accept: application/vnd.github+json" \ - --header "X-GitHub-Api-Version: 2022-11-28" \ - --input - \ - /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID + - name: Conclude release status + if: env.CHECK_RUNS_PENDING == '0' && env.CHECK_RUN_STATUS != 'completed' + env: + GITHUB_TOKEN: ${{ github.token }} + CHECK_RUNS_FAILED: ${{ env.check-runs-failed }} + run: | + if [[ "$CHECK_RUNS_FAILED" == "0" ]]; then + echo "All check runs succeeded" + conclusion="success" else - echo "Not all check runs completed" - fi \ No newline at end of file + echo "Some check runs failed" + conclusion="failure" + fi + + jq -n \ + --arg status "completed" \ + --arg conclusion "$conclusion" \ + '{status: $status, conclusion: $conclusion}' \ + | \ + gh api \ + --method PATCH \ + --header "Accept: application/vnd.github+json" \ + --header "X-GitHub-Api-Version: 2022-11-28" \ + --input - \ + /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID + \ No newline at end of file diff --git a/.github/workflows/validate-coding-standards.yml b/.github/workflows/validate-coding-standards.yml deleted file mode 100644 index 0030313061..0000000000 --- a/.github/workflows/validate-coding-standards.yml +++ /dev/null @@ -1,76 +0,0 @@ -name: Validating Coding Standards - -on: - merge_group: - pull_request: - branches: - - main - - next - workflow_call: - inputs: - ref: - description: | - The ref to validate. - type: string - required: true - -permissions: - contents: read - actions: write - -jobs: - determine-ref: - runs-on: ubuntu-latest - outputs: - ref: ${{ steps.set-ref.outputs.ref }} - env: - REF_FROM_INPUT: ${{ inputs.ref }} - EVENT_NAME: ${{ github.event_name }} - steps: - - id: set-ref - run: | - if [[ "$EVENT_NAME" == "workflow_call" ]] || [[ "$EVENT_NAME" == "workflow_dispatch" ]]; then - echo "ref=$REF_FROM_INPUT" >> "$GITHUB_OUTPUT" - else - echo "ref=$GITHUB_REF" >> "$GITHUB_OUTPUT" - fi - - validate-package-files: - name: Validate Package Files - needs: [determine-ref] - uses: ./.github/workflows/validate-package-files.yml - with: - ref: ${{ needs.determine-ref.outputs.ref }} - - validate-codeql-query-formatting: - name: "Validate CodeQL Query Formatting" - needs: [determine-ref] - uses: ./.github/workflows/validate-query-formatting.yml - with: - ref: ${{ needs.determine-ref.outputs.ref }} - - validate-query-help-files: - name: Validate Query Help Files - needs: [determine-ref] - uses: ./.github/workflows/validate-query-help.yml - with: - ref: ${{ needs.determine-ref.outputs.ref }} - - validate-test-case-formatting: - name: Validate Test - needs: [determine-ref] - uses: ./.github/workflows/validate-query-test-case-formatting.yml - with: - ref: ${{ needs.determine-ref.outputs.ref }} - - run-codeql-unit-tests: - name: Run CodeQL Unit Tests - needs: [determine-ref] - #uses: ./.github/workflows/codeql_unit_tests.yml - #with: - # ref: ${{ needs.determine-ref.outputs.ref }} - runs-on: ubuntu-latest - steps: - - name: Fail - run: | - exit 1 diff --git a/.github/workflows/validate-package-files.yml b/.github/workflows/validate-package-files.yml index d698b7e2e5..f348903caa 100644 --- a/.github/workflows/validate-package-files.yml +++ b/.github/workflows/validate-package-files.yml @@ -1,17 +1,11 @@ name: Validate Package Files on: - workflow_call: - inputs: - ref: - description: 'The ref to validate. Defaults to the default branch.' - required: true - type: string - workflow_dispatch: - inputs: - ref: - description: 'The ref to validate. Defaults to the default branch.' - required: true - type: string + merge_group: + pull_request: + branches: + - main + - next + - "rc/**" jobs: validate-package-files: diff --git a/.github/workflows/validate-query-formatting.yml b/.github/workflows/validate-query-formatting.yml index fc574c65b4..5aeb0b926a 100644 --- a/.github/workflows/validate-query-formatting.yml +++ b/.github/workflows/validate-query-formatting.yml @@ -1,30 +1,14 @@ name: "Validate Query Formatting" on: - workflow_call: - inputs: - ref: - description: 'The ref to validate. Defaults to the default branch.' - required: true - type: string - xargs-max-procs: - description: 'The maximum number of processes to use for xargs.' - required: false - type: number - default: 4 - workflow_dispatch: - inputs: - ref: - description: 'The ref to validate. Defaults to the default branch.' - required: true - type: string - xargs-max-procs: - description: 'The maximum number of processes to use for xargs.' - required: false - type: number - default: 4 + merge_group: + pull_request: + branches: + - main + - next + - "rc/**" env: - XARGS_MAX_PROCS: ${{ inputs.xargs-max-procs }} + XARGS_MAX_PROCS: 4 jobs: validate-query-formatting: diff --git a/.github/workflows/validate-query-help.yml b/.github/workflows/validate-query-help.yml index e22e959d33..a035c6be21 100644 --- a/.github/workflows/validate-query-help.yml +++ b/.github/workflows/validate-query-help.yml @@ -1,17 +1,11 @@ name: Validate Query Help Files on: - workflow_call: - inputs: - ref: - description: 'The ref to validate. Defaults to the default branch.' - required: true - type: string - workflow_dispatch: - inputs: - ref: - description: 'The ref to validate. Defaults to the default branch.' - required: true - type: string + merge_group: + pull_request: + branches: + - main + - next + - "rc/**" jobs: validate-query-help-files: diff --git a/.github/workflows/validate-query-test-case-formatting.yml b/.github/workflows/validate-query-test-case-formatting.yml index 3fa974e4d9..825ddc2ad5 100644 --- a/.github/workflows/validate-query-test-case-formatting.yml +++ b/.github/workflows/validate-query-test-case-formatting.yml @@ -1,30 +1,14 @@ name: Validate Query Test Case Formatting on: - workflow_call: - inputs: - ref: - description: 'The ref to validate. Defaults to the default branch.' - required: true - type: string - xargs-max-procs: - description: 'The maximum number of processes to use for xargs.' - required: false - type: number - default: 4 - workflow_dispatch: - inputs: - ref: - description: 'The ref to validate. Defaults to the default branch.' - required: true - type: string - xargs-max-procs: - description: 'The maximum number of processes to use for xargs.' - required: false - type: number - default: 4 + merge_group: + pull_request: + branches: + - main + - next + - "rc/**" env: - XARGS_MAX_PROCS: ${{ inputs.xargs-max-procs }} + XARGS_MAX_PROCS: 4 jobs: validate-test-case-files: diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index e636a8ada5..e740c0d82e 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -1,20 +1,9 @@ name: Validate release on: - workflow_call: - inputs: - ref: - description: | - The ref that is released - required: true - type: string - secrets: - release-engineering-token: - required: true - pull_request: branches: - - "rc/*" + - "rc/**" permissions: contents: read @@ -23,111 +12,37 @@ permissions: jobs: - determine-ref: - runs-on: ubuntu-latest - outputs: - ref: ${{ steps.set-ref.outputs.ref }} - env: - REF_FROM_INPUT: ${{ inputs.ref }} - EVENT_NAME: ${{ github.event_name }} - steps: - - id: set-ref - run: | - if [[ "$EVENT_NAME" == "workflow_call" ]] || [[ "$EVENT_NAME" == "workflow_dispatch" ]]; then - echo "ref=$REF_FROM_INPUT" >> "$GITHUB_OUTPUT" - else - echo "ref=$GITHUB_REF" >> "$GITHUB_OUTPUT" - fi - - pre-validate-coding-standards: - needs: [determine-ref] - runs-on: ubuntu-latest - if: github.event_name != 'pull_request' - outputs: - check-run-id: ${{ steps.create-check-run.outputs.check-run-id }} - steps: - - name: Create check run - id: create-check-run - env: - REF: ${{ needs.determine-ref.outputs.ref }} - GH_TOKEN: ${{ github.token }} - run: | - check_run_id=$(gh api \ - --header "Accept: application/vnd.github+json" \ - --header "X-GitHub-Api-Version: 2022-11-28" \ - --field name="Validating Coding Standards" \ - --field head_sha="$REF" \ - --field status="in_progress" \ - --jq ".id" \ - /repos/$GITHUB_REPOSITORY/check-runs) - - echo "check-run-id=$check_run_id" >> "$GITHUB_OUTPUT" - - validate-coding-standards: - name: "Validate coding standards" - needs: [determine-ref, pre-validate-coding-standards] - if: needs.pre-validate-coding-standards.result != 'failure' - uses: ./.github/workflows/validate-coding-standards.yml - with: - ref: ${{ needs.determine-ref.outputs.ref }} - - post-validate-coding-standards: - needs: [pre-validate-coding-standards, validate-coding-standards] - if: always() && github.event_name != 'pull_request' - runs-on: ubuntu-latest - steps: - - name: Update check run - env: - CHECK_RUN_ID: ${{ needs.pre-validate-coding-standards.outputs.check-run-id }} - CHECK_RUN_CONCLUSION: ${{ needs.validate-coding-standards.result }} - GH_TOKEN: ${{ github.token }} - run: | - jq -n \ - --arg status "completed" \ - --arg conclusion "$CHECK_RUN_CONCLUSION" \ - '{status: $status, conclusion: $conclusion}' \ - | \ - gh api \ - --method PATCH \ - --header "Accept: application/vnd.github+json" \ - --header "X-GitHub-Api-Version: 2022-11-28" \ - --input - \ - /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID - pre-validate-performance: outputs: check-run-id: ${{ steps.create-check-run.outputs.check-run-id }}} - needs: [determine-ref] runs-on: ubuntu-latest steps: - name: Create check run id: create-check-run env: - GH_TOKEN: ${{ github.token }} - RELEASE_REF: ${{ needs.determine-ref.outputs.ref }} + GITHUB_TOKEN: ${{ github.token }} run: | check_run_id=$(gh api \ --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ --field name="performance-test" \ - --field head_sha="$RELEASE_REF" \ + --field head_sha="$GITHUB_REF" \ --jq ".id" \ /repos/$GITHUB_REPOSITORY/check-runs) echo "check-run-id=$check_run_id" >> "$GITHUB_OUTPUT" validate-performance: - needs: [pre-validate-performance, determine-ref] + needs: pre-validate-performance runs-on: ubuntu-latest steps: - name: Invoke performance test env: - RELEASE_REF: ${{ needs.determine-ref.outputs.ref }} CHECK_RUN_ID: ${{ needs.pre-validate-performance.outputs.check-run-id }} - GH_TOKEN: ${{ secrets.release-engineering-token }} + GITHUB_TOKEN: ${{ secrets.release-engineering-token }} run: | jq -n \ - --arg ref "$RELEASE_REF" \ + --arg ref "$GITHUB_REF" \ --arg check_run_id "$CHECK_RUN_ID" \ '{ref: $ref, "check-run-id": $check_run_id}' \ | \ @@ -161,37 +76,35 @@ jobs: pre-validate-compiler-compatibility: outputs: check-run-id: ${{ steps.create-check-run.outputs.check-run-id }}} - needs: [determine-ref] runs-on: ubuntu-latest steps: - name: Create check run id: create-check-run env: - GH_TOKEN: ${{ github.token }} + GITHUB_TOKEN: ${{ github.token }} RELEASE_REF: ${{ needs.determine-ref.outputs.ref }} run: | check_run_id=$(gh api \ --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ --field name="compiler-compatibility-test" \ - --field head_sha="$RELEASE_REF" \ + --field head_sha="$GITHUB_REF" \ --jq ".id" \ /repos/$GITHUB_REPOSITORY/check-runs) echo "check-run-id=$check_run_id" >> "$GITHUB_OUTPUT" validate-compiler-compatibility: - needs: [pre-validate-compiler-compatibility, determine-ref] + needs: pre-validate-compiler-compatibility runs-on: ubuntu-latest steps: - name: Invoke compiler compatibility test env: - RELEASE_REF: ${{ needs.determine-ref.outputs.ref }} CHECK_RUN_ID: ${{ needs.pre-validate-compiler-compatibility.outputs.check-run-id }} - GH_TOKEN: ${{ secrets.release-engineering-token }} + GITHUB_TOKEN: ${{ secrets.release-engineering-token }} run: | jq -n \ - --arg ref "$RELEASE_REF" \ + --arg ref "$GITHUB_REF" \ --arg check_run_id "$CHECK_RUN_ID" \ '{ref: $ref, "check-run-id": $check_run_id}' \ | \ @@ -222,75 +135,19 @@ jobs: --input - \ /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID - pre-generate-packs: - needs: [determine-ref] - runs-on: ubuntu-latest - if: github.event_name != 'pull_request' - outputs: - check-run-id: ${{ steps.create-check-run.outputs.check-run-id }} - steps: - - name: Create check run - id: create-check-run - env: - REF: ${{ needs.determine-ref.outputs.ref }} - GH_TOKEN: ${{ github.token }} - run: | - check_run_id=$(gh api \ - --header "Accept: application/vnd.github+json" \ - --header "X-GitHub-Api-Version: 2022-11-28" \ - --field name="Code Scanning Query Pack Generation" \ - --field head_sha="$REF" \ - --field status="in_progress" \ - --jq ".id" \ - /repos/$GITHUB_REPOSITORY/check-runs) - - echo "check-run-id=$check_run_id" >> "$GITHUB_OUTPUT" - - generate-packs: - needs: [determine-ref, pre-generate-packs] - if: needs.pre-generate-packs.result != 'failure' - uses: ./.github/workflows/code-scanning-pack-gen.yml - with: - ref: ${{ needs.determine-ref.outputs.ref }} - - post-generate-packs: - needs: [pre-generate-packs, generate-packs] - if: always() && github.event_name != 'pull_request' - runs-on: ubuntu-latest - steps: - - name: Update check run - env: - CHECK_RUN_ID: ${{ needs.pre-generate-packs.outputs.check-run-id }} - CHECK_RUN_CONCLUSION: ${{ needs.generate-packs.result }} - GH_TOKEN: ${{ github.token }} - run: | - jq -n \ - --arg status "completed" \ - --arg conclusion "$CHECK_RUN_CONCLUSION" \ - '{status: $status, conclusion: $conclusion}' \ - | \ - gh api \ - --method PATCH \ - --header "Accept: application/vnd.github+json" \ - --header "X-GitHub-Api-Version: 2022-11-28" \ - --input - \ - /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID - create-release-status-check-run: name: "Initialize release status monitoring" - needs: [determine-ref] runs-on: ubuntu-latest steps: - name: Create release status check run env: - REF: ${{ needs.determine-ref.outputs.ref }} GITHUB_TOKEN: ${{ github.token }} run: | CHECK_RUN_ID=$(gh api \ --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ --field name="release-status" \ - --field head_sha="$REF" \ + --field head_sha="$GITHUB_REF" \ --field status="in_progress" \ --jq ".id" \ /repos/$GITHUB_REPOSITORY/check-runs) From 1f6f1fc7e61547ce72984fc4bf656011e004ae49 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 14 Sep 2023 10:45:46 -0700 Subject: [PATCH 1323/2573] Push commits if manual was updated --- .github/workflows/prepare-release.yml | 13 +++---------- 1 file changed, 3 insertions(+), 10 deletions(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index c34408b9f4..f53ba60163 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -130,18 +130,11 @@ jobs: find docs -name 'user_manual.md' | xargs sed -i "s/This user manual documents release \`.*\` of/This user manual documents release \`$RELEASE_VERSION\` of/" if git diff --quiet; then - echo "update-release-pr=true" >> "$GITHUB_ENV" - else - echo "update-release-pr=false" >> "$GITHUB_ENV" + git add -u . + git commit -m "Update version" + git push fi - - name: Update feature branch for PR - if: env.update-release-pr == 'true' - run: | - find docs -name 'user_manual.md' -exec git add {} \; - git commit -m "Update user manual for release $RELEASE_VERSION." - git push - - name: Create release PR env: GITHUB_TOKEN: ${{ secrets.ACTION_DISPATCH_TOKEN }} From 43757cf73d4905eee001d24071ee2edb1012d3e6 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 14 Sep 2023 10:51:55 -0700 Subject: [PATCH 1324/2573] Handle feature branch separately from PR --- .github/workflows/prepare-release.yml | 34 ++++++++++++++------------- 1 file changed, 18 insertions(+), 16 deletions(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index f53ba60163..f41be77706 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -57,10 +57,19 @@ jobs: echo "Release branch rc/$RELEASE_VERSION does not exist." echo "create_release_branch=true" >> "$GITHUB_ENV" echo "create_release_pr=true" >> "$GITHUB_ENV" + echo "create_release_feature_branch=true" >> "$GITHUB_ENV" else echo "Release branch rc/$RELEASE_VERSION already exists." echo "create_release_branch=false" >> "$GITHUB_ENV" + if [[ -z $(git ls-remote --heads origin feature/update-user-manual-for-$RELEASE_VERSION) ]]; then + echo "Feature branch feature/update-user-manual-for-$RELEASE_VERSION does not exist." + echo "create_release_feature_branch=true" >> "$GITHUB_ENV" + else + echo "Feature branch feature/update-user-manual-for-$RELEASE_VERSION already exists." + echo "create_release_feature_branch=false" >> "$GITHUB_ENV" + fi + pr_state=$(gh pr view rc/$RELEASE_VERSION --json title,state) pr_title=$(echo "$pr_state" | jq -r '.title') pr_state=$(echo "$pr_state" | jq -r '.state') @@ -77,6 +86,11 @@ jobs: fi + - name: Configure git + run: | + git config user.name "$GITHUB_ACTOR" + git config user.email "$GITHUB_ACTOR@users.noreply.github.com" + - name: Install Python uses: actions/setup-python@v4 with: @@ -109,13 +123,13 @@ jobs: $RELEASE_VERSION - name: Create feature branch for PR - if: env.create_release_pr == 'true' + if: env.create_release_feature_branch == 'true' run: | git switch -c feature/update-user-manual-for-$RELEASE_VERSION git push --set-upstream origin feature/update-user-manual-for-$RELEASE_VERSION - name: Get feature branch for PR - if: env.create_release_pr == 'false' + if: env.create_release_feature_branch == 'false' run: | git fetch origin feature/update-user-manual-for-$RELEASE_VERSION git switch feature/update-user-manual-for-$RELEASE_VERSION @@ -129,7 +143,7 @@ jobs: find docs -name 'user_manual.md' | xargs sed -i "s/user_manual_.*\.md\`/user_manual_$RELEASE_VERSION.md\`/" find docs -name 'user_manual.md' | xargs sed -i "s/This user manual documents release \`.*\` of/This user manual documents release \`$RELEASE_VERSION\` of/" - if git diff --quiet; then + if ! git diff --quiet; then git add -u . git commit -m "Update version" git push @@ -146,16 +160,4 @@ jobs: --body "This PR releases codeql-coding-standards version $RELEASE_VERSION." \ --base rc/$RELEASE_VERSION \ --head feature/update-user-manual-for-$RELEASE_VERSION \ - --draft - - - name: Determine pull request head SHA - id: determine-pr-head-sha - env: - GITHUB_TOKEN: ${{ github.token }} - run: | - read -r pull_request_head_sha pr_state < <(gh pr view rc/$RELEASE_VERSION --json headRefOid,state --jq '.headRefOid + " " + .state') - if [[ "$pr_state" != "OPEN" ]]; then - echo "Release PR for rc/$RELEASE_VERSION is not open, but in state '$pr_state'. Cannot proceed!" - exit 1 - fi - echo "pull-request-head-sha=$pull_request_head_sha" >> "$GITHUB_OUTPUT" \ No newline at end of file + --draft \ No newline at end of file From 1dcbdd511bd9dda44921795c8062cfe6cff43f4b Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 14 Sep 2023 11:18:22 -0700 Subject: [PATCH 1325/2573] Use correct auth header --- .github/workflows/validate-release.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index e740c0d82e..be06a2c9e3 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -39,7 +39,7 @@ jobs: - name: Invoke performance test env: CHECK_RUN_ID: ${{ needs.pre-validate-performance.outputs.check-run-id }} - GITHUB_TOKEN: ${{ secrets.release-engineering-token }} + GH_TOKEN: ${{ secrets.release-engineering-token }} run: | jq -n \ --arg ref "$GITHUB_REF" \ @@ -101,7 +101,7 @@ jobs: - name: Invoke compiler compatibility test env: CHECK_RUN_ID: ${{ needs.pre-validate-compiler-compatibility.outputs.check-run-id }} - GITHUB_TOKEN: ${{ secrets.release-engineering-token }} + GH_TOKEN: ${{ secrets.release-engineering-token }} run: | jq -n \ --arg ref "$GITHUB_REF" \ From 3147710bc38ea8d67cdcd21c68216bb824955fa4 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 14 Sep 2023 11:18:38 -0700 Subject: [PATCH 1326/2573] Use valid conclusion --- .github/workflows/validate-release.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index be06a2c9e3..f246ecfee8 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -63,7 +63,7 @@ jobs: run: | jq -n \ --arg status "completed" \ - --arg conclusion "failed" \ + --arg conclusion "failure" \ '{status: $status, conclusion: $conclusion}' \ | \ gh api \ @@ -125,7 +125,7 @@ jobs: run: | jq -n \ --arg status "completed" \ - --arg conclusion "failed" \ + --arg conclusion "failure" \ '{status: $status, conclusion: $conclusion}' \ | \ gh api \ From 896951cd44f9c35d9e69705e0fa249fccbe63965 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 14 Sep 2023 11:21:16 -0700 Subject: [PATCH 1327/2573] Use the sha for the check run --- .github/workflows/validate-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index f246ecfee8..653e481761 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -147,7 +147,7 @@ jobs: --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ --field name="release-status" \ - --field head_sha="$GITHUB_REF" \ + --field head_sha="$GITHUB_SHA" \ --field status="in_progress" \ --jq ".id" \ /repos/$GITHUB_REPOSITORY/check-runs) From d0c65e6b4ed388806d4fb8304a2fa41c47d396a9 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 14 Sep 2023 11:34:27 -0700 Subject: [PATCH 1328/2573] Always restart release if it exists --- .github/workflows/prepare-release.yml | 61 +++++++++------------------ 1 file changed, 20 insertions(+), 41 deletions(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index f41be77706..3072e33626 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -53,37 +53,30 @@ jobs: fi fi - if [[ -z $(git ls-remote --heads origin rc/$RELEASE_VERSION) ]]; then - echo "Release branch rc/$RELEASE_VERSION does not exist." - echo "create_release_branch=true" >> "$GITHUB_ENV" - echo "create_release_pr=true" >> "$GITHUB_ENV" - echo "create_release_feature_branch=true" >> "$GITHUB_ENV" - else - echo "Release branch rc/$RELEASE_VERSION already exists." - echo "create_release_branch=false" >> "$GITHUB_ENV" + release_pr=$(gh pr view rc/$RELEASE_VERSION --json title,state,number) - if [[ -z $(git ls-remote --heads origin feature/update-user-manual-for-$RELEASE_VERSION) ]]; then - echo "Feature branch feature/update-user-manual-for-$RELEASE_VERSION does not exist." - echo "create_release_feature_branch=true" >> "$GITHUB_ENV" - else - echo "Feature branch feature/update-user-manual-for-$RELEASE_VERSION already exists." - echo "create_release_feature_branch=false" >> "$GITHUB_ENV" - fi + if [[ ! -z "$release_pr" ]]; then - pr_state=$(gh pr view rc/$RELEASE_VERSION --json title,state) - pr_title=$(echo "$pr_state" | jq -r '.title') - pr_state=$(echo "$pr_state" | jq -r '.state') + pr_title=$(echo "$release_pr" | jq -r '.title') + pr_state=$(echo "$release_pr" | jq -r '.state') + pr_number=$(echo "$release_pr" | jq -r '.number') echo "Found PR '$pr_title' with state '$pr_state'" - if [[ "$pr_title" == "Release v$RELEASE_VERSION" ]] && [[ "$pr_state" == "OPEN" ]]; then - echo "Release PR for rc/$RELEASE_VERSION already exists and is open." - echo "create_release_pr=false" >> "$GITHUB_ENV" - else - echo "Release PR for rc/$RELEASE_VERSION does not exist or is closed." - echo "create_release_pr=true" >> "$GITHUB_ENV" + if [[ "$pr_title" == "Release v$RELEASE_VERSION" ]] && [[ "$pr_state" != "CLOSED" ]]; then + echo "Release PR is not closed, deleting it to proceed" + gh pr close --delete-branch $pr_number fi + fi + if [[ ! -z $(git ls-remote --heads origin rc/$RELEASE_VERSION) ]]; then + echo "Deleting existing release branch" + git push origin --delete rc/$RELEASE_VERSION + fi + + if [[ ! -z $(git ls-remote --heads origin feature/update-user-manual-for-$RELEASE_VERSION) ]]; then + echo "Deleting existing feature branch" + git push origin --delete feature/update-user-manual-for-$RELEASE_VERSION fi - name: Configure git @@ -104,7 +97,6 @@ jobs: python scripts/release/validate-version.py "$RELEASE_VERSION" - name: Create release branch - if: env.create_release_branch == 'true' run: | git switch -c rc/$RELEASE_VERSION git push --set-upstream origin rc/$RELEASE_VERSION @@ -123,36 +115,23 @@ jobs: $RELEASE_VERSION - name: Create feature branch for PR - if: env.create_release_feature_branch == 'true' run: | git switch -c feature/update-user-manual-for-$RELEASE_VERSION git push --set-upstream origin feature/update-user-manual-for-$RELEASE_VERSION - - name: Get feature branch for PR - if: env.create_release_feature_branch == 'false' - run: | - git fetch origin feature/update-user-manual-for-$RELEASE_VERSION - git switch feature/update-user-manual-for-$RELEASE_VERSION - git pull - - - name: Update user manual version - run: | find docs -name 'user_manual.md' | xargs sed -i "s/code-scanning-cpp-query-pack-.*\.zip\`/code-scanning-cpp-query-pack-$RELEASE_VERSION.zip\`/" find docs -name 'user_manual.md' | xargs sed -i "s/supported_rules_list_.*\.csv\`/supported_rules_list_$RELEASE_VERSION.csv\`/" find docs -name 'user_manual.md' | xargs sed -i "s/supported_rules_list_.*\.md\`/supported_rules_list_$RELEASE_VERSION.md\`/" find docs -name 'user_manual.md' | xargs sed -i "s/user_manual_.*\.md\`/user_manual_$RELEASE_VERSION.md\`/" find docs -name 'user_manual.md' | xargs sed -i "s/This user manual documents release \`.*\` of/This user manual documents release \`$RELEASE_VERSION\` of/" - if ! git diff --quiet; then - git add -u . - git commit -m "Update version" - git push - fi + git add -u . + git commit -m "Update version" + git push - name: Create release PR env: GITHUB_TOKEN: ${{ secrets.ACTION_DISPATCH_TOKEN }} - if: env.create_release_pr == 'true' run: | gh pr create \ -R $GITHUB_REPOSITORY \ From eb8599c516eb235946f07e28c4ef02399290e8b3 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 14 Sep 2023 11:44:53 -0700 Subject: [PATCH 1329/2573] Use correct secret --- .github/workflows/validate-release.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 653e481761..59a0023462 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -39,7 +39,7 @@ jobs: - name: Invoke performance test env: CHECK_RUN_ID: ${{ needs.pre-validate-performance.outputs.check-run-id }} - GH_TOKEN: ${{ secrets.release-engineering-token }} + GH_TOKEN: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} run: | jq -n \ --arg ref "$GITHUB_REF" \ @@ -82,7 +82,6 @@ jobs: id: create-check-run env: GITHUB_TOKEN: ${{ github.token }} - RELEASE_REF: ${{ needs.determine-ref.outputs.ref }} run: | check_run_id=$(gh api \ --header "Accept: application/vnd.github+json" \ @@ -101,7 +100,7 @@ jobs: - name: Invoke compiler compatibility test env: CHECK_RUN_ID: ${{ needs.pre-validate-compiler-compatibility.outputs.check-run-id }} - GH_TOKEN: ${{ secrets.release-engineering-token }} + GITHUB_TOKEN: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} run: | jq -n \ --arg ref "$GITHUB_REF" \ From 6f3ce95ecb974dd08f810f70c968371269ad7cbf Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 14 Sep 2023 11:47:29 -0700 Subject: [PATCH 1330/2573] Output which SHA we create a checkrun for --- .github/workflows/validate-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 59a0023462..0e9e6b9b9b 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -151,4 +151,4 @@ jobs: --jq ".id" \ /repos/$GITHUB_REPOSITORY/check-runs) - echo "Created release status check run with id $CHECK_RUN_ID" + echo "Created release status check run with id $CHECK_RUN_ID for $GITHUB_SHA" From 14efbacd28827af6bc43dce568fffbbbd74f4110 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 14 Sep 2023 13:54:25 -0700 Subject: [PATCH 1331/2573] Use the head sha on the PR for the check runs --- .github/workflows/validate-release.yml | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 0e9e6b9b9b..7fcd45abfd 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -10,6 +10,9 @@ permissions: actions: write checks: write +env: + HEAD_SHA: ${{ github.event.pull_request.head.sha }} + jobs: pre-validate-performance: @@ -26,7 +29,7 @@ jobs: --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ --field name="performance-test" \ - --field head_sha="$GITHUB_REF" \ + --field head_sha="$HEAD_SHA" \ --jq ".id" \ /repos/$GITHUB_REPOSITORY/check-runs) @@ -42,7 +45,7 @@ jobs: GH_TOKEN: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} run: | jq -n \ - --arg ref "$GITHUB_REF" \ + --arg ref "$HEAD_SHA" \ --arg check_run_id "$CHECK_RUN_ID" \ '{ref: $ref, "check-run-id": $check_run_id}' \ | \ @@ -87,7 +90,7 @@ jobs: --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ --field name="compiler-compatibility-test" \ - --field head_sha="$GITHUB_REF" \ + --field head_sha="$HEAD_SHA" \ --jq ".id" \ /repos/$GITHUB_REPOSITORY/check-runs) @@ -103,7 +106,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} run: | jq -n \ - --arg ref "$GITHUB_REF" \ + --arg ref "$HEAD_SHA" \ --arg check_run_id "$CHECK_RUN_ID" \ '{ref: $ref, "check-run-id": $check_run_id}' \ | \ @@ -146,7 +149,7 @@ jobs: --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ --field name="release-status" \ - --field head_sha="$GITHUB_SHA" \ + --field head_sha="$HEAD_SHA" \ --field status="in_progress" \ --jq ".id" \ /repos/$GITHUB_REPOSITORY/check-runs) From bde3c899c51c7371ae6c018ff9172f8680a0bf56 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 18 Sep 2023 16:09:49 -0700 Subject: [PATCH 1332/2573] Make indepenent of the current working directory --- scripts/release/create_supported_rules_list.py | 3 --- scripts/release/utils.py | 5 ++++- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/scripts/release/create_supported_rules_list.py b/scripts/release/create_supported_rules_list.py index 15a8b5d6b7..e3294ed3b1 100644 --- a/scripts/release/create_supported_rules_list.py +++ b/scripts/release/create_supported_rules_list.py @@ -12,9 +12,6 @@ When run without any arguments, the script iterates through each of the rule package description files stored in the `rule_packages` directory, and identifies which rules are supported by one or more queries. - -This script needs to be run with the codeql-coding-standards git repository as the current working -directory. """ if (len(sys.argv) == 2 and sys.argv[1] == "--help"): diff --git a/scripts/release/utils.py b/scripts/release/utils.py index 4e9bb99dd2..cdb747c076 100644 --- a/scripts/release/utils.py +++ b/scripts/release/utils.py @@ -1,5 +1,6 @@ import re import yaml +from pathlib import Path def get_query_short_names(rule_dict): """Gets a list of the query "short_name" properties for the given rule""" @@ -18,7 +19,9 @@ def split_rule_id(rule_id): def get_standard_version(standard): """Gets the qlpack version for the given standard.""" - qlpack_path = "cpp/" + standard.split("-")[0].lower() + "/src/qlpack.yml" + module_path = Path(__file__) + repo_root = module_path.parent.parent.parent + qlpack_path = repo_root / "cpp" / standard.split("-")[0].lower() /"src" / "qlpack.yml" with open(qlpack_path, 'r') as qlpack_file: try: qlpack = yaml.safe_load(qlpack_file) From 01b06a4d12154f46cc083415df3582b11f66218a Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 18 Sep 2023 16:13:30 -0700 Subject: [PATCH 1333/2573] Add post release workflow to update the draft release --- .github/workflows/post-release.yml | 48 ++++ scripts/release/release-layout.yml | 20 ++ scripts/release/requirements.txt | 2 + scripts/release/update-release-assets.py | 338 +++++++++++++++++++++++ 4 files changed, 408 insertions(+) create mode 100644 .github/workflows/post-release.yml create mode 100644 scripts/release/release-layout.yml create mode 100644 scripts/release/update-release-assets.py diff --git a/.github/workflows/post-release.yml b/.github/workflows/post-release.yml new file mode 100644 index 0000000000..c27045ffc9 --- /dev/null +++ b/.github/workflows/post-release.yml @@ -0,0 +1,48 @@ +name: Finalize Release + +on: + workflow_dispatch: + inputs: + version: + description: | + The version to release (MUST follow semantic versioning). + required: true + ref: + description: | + The git commit, branch, or tag to release from. + required: true + + push: + branches: + - rvermeulen/release-process-improvements + +jobs: + update-release: + name: "Update release" + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v3 + with: + ref: ${{ github.event.inputs.ref }} + - name: Install Python + uses: actions/setup-python@v4 + with: + python-version: "3.9" + + - name: Install dependencies + run: pip install -f scripts/release/requirements.txt + + - name: Update release assets + env: + RELEASE_VERSION: ${{ inputs.version }} + RELEASE_REF: ${{ inputs.ref }} + GITHUB_TOKEN: ${{ github.token }} + RELEASE_ENGEERING_TOKEN: ${{ secrets.RELEASE_ENGEERING_TOKEN }} + run: | + python scripts/release/update-release-assets.py + --version $RELEASE_VERSION + --layout scripts/release/release-layout.yml + --ref $RELEASE_REF + --repo "$GITHUB_REPOSITORY" + --github-token "$GITHUB_REPOSITORY:$GITHUB_TOKEN" "github/codeql-coding-standards-release-engineering:$RELEASE_ENGEERING_TOKEN" \ No newline at end of file diff --git a/scripts/release/release-layout.yml b/scripts/release/release-layout.yml new file mode 100644 index 0000000000..4375f0e21c --- /dev/null +++ b/scripts/release/release-layout.yml @@ -0,0 +1,20 @@ +version: 0.1.0 + +layout: + certification_kit.zip: + - workflow-log: + name: ".*" + - workflow-artifact: + not-name: "Code Scanning Query Pack Generation" + code-scanning-cpp-query-pack.zip: + - workflow-artifact: + name: "Code Scanning Query Pack Generation" + artifact: code-scanning-cpp-query-pack.zip + supported_rules_list.csv: + - shell: | + python ${{ coding-standards.root }}/scripts/release/create_supported_rules_list.py --csv > supported_rules_list.csv + supported_rules_list.md: + - shell: | + python ${{ coding-standards.root }}/scripts/release/create_supported_rules_list.py > supported_rules_list.md + user_manual.md: + - file: docs/user_manual.md \ No newline at end of file diff --git a/scripts/release/requirements.txt b/scripts/release/requirements.txt index 537a1dc317..40339090fb 100644 --- a/scripts/release/requirements.txt +++ b/scripts/release/requirements.txt @@ -1 +1,3 @@ semantic-version==2.10.0 +PyGithub==1.59.1 +PyYAML==6.0.1 \ No newline at end of file diff --git a/scripts/release/update-release-assets.py b/scripts/release/update-release-assets.py new file mode 100644 index 0000000000..15488e98e3 --- /dev/null +++ b/scripts/release/update-release-assets.py @@ -0,0 +1,338 @@ +from __future__ import annotations # This enables postponed evaluation of type annotations. Required for typing.TYPE_CHECKING. See https://peps.python.org/pep-0563/ +from typing import TYPE_CHECKING, List, Union, cast, Dict, Any +import shutil +from tempfile import TemporaryDirectory +import subprocess +import re +from pathlib import Path +import sys +import semantic_version # type: ignore +import requests +import yaml + +if TYPE_CHECKING: + from github import WorkflowRun, Repository + + +script_path = Path(__file__).resolve() +root_path = script_path.parent.parent.parent + +def monkey_patch_github() -> None: + from github import Repository, PaginatedList, CheckRun + + class MyRepository(Repository.Repository): + def get_check_runs(self: Repository.Repository, ref: str, **kwargs: str) -> PaginatedList.PaginatedList[CheckRun.CheckRun]: + assert isinstance(ref, str), ref + + return PaginatedList.PaginatedList( + CheckRun.CheckRun, + self._requester, + f"{self.url}/commits/{ref}/check-runs", + firstParams=None, + list_item="check_runs") + + Repository.Repository = MyRepository + + from github import WorkflowRun, Artifact + class MyWorkflowRun(WorkflowRun.WorkflowRun): + def download_logs(self, path: Path) -> None: + """ + Download the logs for this workflow and store them in the directory specified by path. + + This method tries to minimize the dependency on the internal workings of the class Requester by using + requests directly. Ideally we would like to monkey patch __rawRequest to deal with 302 redirects, but + that didn't work out because it would fail to call other private methods with an AttributeError for an unknown reason. + """ + url = f"{self.url}/logs" + headers = { + "Accept": "application/vnd.github+json", + "X-GitHub-Api-Version": "2022-11-28" + } + if self._requester._Requester__auth is not None: # type: ignore + headers["Authorization"] = f"{self._requester._Requester__auth.token_type} {self._requester._Requester__auth.token}" # type: ignore + headers["User-Agent"] = self._requester._Requester__userAgent # type: ignore + + resp = requests.get(url, headers=headers, allow_redirects=True) + + if resp.status_code != 200: + raise Exception(f"Unable to download logs: {resp.status_code} {resp.reason}") + + with (path / f"{self.name}-{self.head_sha}-{self.run_number}.zip").open("wb") as f: + f.write(resp.content) + + def download_artifacts(self, path: Path) -> None: + for artifact in self.get_artifacts(): # type: ignore + artifact = cast(Artifact.Artifact, artifact) + headers = { + "Accept": "application/vnd.github+json", + "X-GitHub-Api-Version": "2022-11-28" + } + if self._requester._Requester__auth is not None: # type: ignore + headers["Authorization"] = f"{self._requester._Requester__auth.token_type} {self._requester._Requester__auth.token}" # type: ignore + headers["User-Agent"] = self._requester._Requester__userAgent # type: ignore + + resp = requests.get(artifact.archive_download_url, headers=headers, allow_redirects=True) + + if resp.status_code != 200: + raise Exception(f"Unable to download artifact ${artifact.name}. Received status code {resp.status_code} {resp.reason}") + + with (path / f"{artifact.name}.zip").open("wb") as f: + f.write(resp.content) + + def download_artifact(self, name: str, path: Path) -> None: + candidates: List[Artifact.Artifact] = [artifact for artifact in self.get_artifacts() if artifact.name == name] # type: ignore + if len(candidates) == 0: + raise Exception(f"Unable to find artifact {name}") + assert(len(candidates) == 1) + + artifact = candidates[0] + headers = { + "Accept": "application/vnd.github+json", + "X-GitHub-Api-Version": "2022-11-28" + } + if self._requester._Requester__auth is not None: # type: ignore + headers["Authorization"] = f"{self._requester._Requester__auth.token_type} {self._requester._Requester__auth.token}" # type: ignore + headers["User-Agent"] = self._requester._Requester__userAgent # type: ignore + + resp = requests.get(artifact.archive_download_url, headers=headers, allow_redirects=True) + + if resp.status_code != 200: + raise Exception(f"Unable to download artifact ${artifact.name}. Received status code {resp.status_code} {resp.reason}") + + with (path / f"{artifact.name}.zip").open("wb") as f: + f.write(resp.content) + + + WorkflowRun.WorkflowRun = MyWorkflowRun + +class ReleaseLayout: + def __init__(self, specification: Path, skip_checks: bool = False) -> None: + self.specification = specification + self.artifacts = [] + self.skip_checks = skip_checks + + def make(self, directory: Path, workflow_runs: List[WorkflowRun.WorkflowRun]) -> None: + spec = yaml.safe_load(self.specification.read_text()) + artifacts : List[ReleaseArtifact] = [] + for artifact, action_specs in spec["layout"].items(): + actions : List[Union[WorkflowArtifactAction, WorkflowLogAction, ShellAction, FileAction]] = [] + for action_spec in action_specs: + assert(len(action_spec) == 1) + action_type, action_args = action_spec.popitem() + if action_type == "workflow-log": + actions.append(WorkflowLogAction(workflow_runs, **cast(Dict[str, Any], action_args))) + elif action_type == "workflow-artifact": + actions.append(WorkflowArtifactAction(workflow_runs, **cast(Dict[str, Any], action_args))) + elif action_type == "shell": + actions.append(ShellAction(action_args)) + elif action_type == "file": + actions.append(FileAction(action_args)) + else: + raise Exception(f"Unknown action type {action_type}") + + artifacts.append(ReleaseArtifact(artifact, actions, self.skip_checks)) + + for artifact in artifacts: + artifact.make(directory) + +class WorkflowLogAction(): + + def __init__(self, workflow_runs: List[WorkflowRun.WorkflowRun], **kwargs: str) -> None: + self.workflow_runs = workflow_runs + self.kwargs: dict[str, str] = kwargs + self.temp_workdir = TemporaryDirectory() + + def run(self) -> List[Path]: + workflow_runs = self.workflow_runs + if "name" in self.kwargs: + workflow_runs = [workflow_run for workflow_run in self.workflow_runs if re.match(self.kwargs["name"], workflow_run.name)] + if "not-name" in self.kwargs: + workflow_runs = [workflow_run for workflow_run in self.workflow_runs if not re.match(self.kwargs["not-name"], workflow_run.name)] + print(f"Downloading the logs for {len(workflow_runs)} workflow runs") + for workflow_run in workflow_runs: + print(f"Downloading logs for {workflow_run.name}") + workflow_run.download_logs(Path(self.temp_workdir.name)) # type: ignore + return list(map(Path, Path(self.temp_workdir.name).glob("**/*"))) + +class WorkflowArtifactAction(): + + def __init__(self, workflow_runs: List[WorkflowRun.WorkflowRun], **kwargs: str) -> None: + self.workflow_runs = workflow_runs + self.kwargs: dict[str, str] = kwargs + self.temp_workdir = TemporaryDirectory() + + def run(self) -> List[Path]: + workflow_runs = self.workflow_runs + if "name" in self.kwargs: + workflow_runs = [workflow_run for workflow_run in self.workflow_runs if re.match(self.kwargs["name"], workflow_run.name)] + if "not-name" in self.kwargs: + workflow_runs = [workflow_run for workflow_run in self.workflow_runs if not re.match(self.kwargs["not-name"], workflow_run.name)] + print(f"Downloading the artifacts for {len(workflow_runs)} workflow runs") + for workflow_run in workflow_runs: + print(f"Downloading artifacts for {workflow_run.name} to {self.temp_workdir.name}") + workflow_run.download_artifacts(Path(self.temp_workdir.name)) # type: ignore + return list(map(Path, Path(self.temp_workdir.name).glob("**/*"))) + +class ShellAction(): + def __init__(self, command: str) -> None: + self.command = command.strip() + self.temp_workdir = TemporaryDirectory() + + def run(self) -> List[Path]: + concrete_command = re.sub(pattern=r"\${{\s*coding-standards\.root\s*}}", repl=str(root_path), string=self.command) + subprocess.run(concrete_command, cwd=self.temp_workdir.name, check=True, shell=True) + return list(map(Path, Path(self.temp_workdir.name).glob("**/*"))) + +class FileAction(): + def __init__(self, path: Path) -> None: + self.path = path + + def run(self) -> List[Path]: + return [self.path] + +class ReleaseArtifact(): + def __init__(self, name: str, actions: List[Union[WorkflowLogAction, WorkflowArtifactAction, ShellAction, FileAction]], allow_no_files: bool = False) -> None: + self.name = Path(name) + self.actions = actions + self.allow_no_files = allow_no_files + + def make(self, directory: Path) -> Path: + files: list[Path] = [file for action in self.actions for file in action.run()] + if len(files) == 0: + if not self.allow_no_files: + raise Exception(f"Artifact {self.name} has no associated files!") + elif len(files) == 1: + shutil.copy(files[0], directory / self.name) + return directory / self.name + else: + extension = "".join(self.name.suffixes)[1:] + if not extension in ["zip", "tar", "tar.gz", "tar.bz2", "tar.xz"]: + raise Exception(f"Artifact {self.name} is not a support archive file, but has multiple files associated with it!") + + ext_format_map = { + "zip": "zip", + "tar": "tar", + "tar.gz": "gztar", + "tar.bz2": "bztar", + "tar.xz": "xztar" + } + + with TemporaryDirectory() as temp_dir: + temp_dir_path = Path(temp_dir) + for file in files: + shutil.copy(file, temp_dir_path / file.name) + + return Path(shutil.make_archive(str(directory / self.name.with_suffix("")), ext_format_map[extension], root_dir=temp_dir_path)) + +def main(args: 'argparse.Namespace') -> int: + + try: + semantic_version.Version.parse(args.version) # type: ignore + except ValueError as e: + print(f"Error: invalid version: {e}", file=sys.stderr) + return 1 + + monkey_patch_github() + + import github + from github import CheckRun + + repos: Dict[str, Repository.Repository] = {} + if len(args.github_token) == 1: + repos[args.repo] = github.Github(auth=github.Auth.Token(args.github_token[0])).get_repo(args.repo) + else: + for token in args.github_token: + nwo, token = token.split(":") + repos[nwo] = github.Github(auth=github.Auth.Token(token)).get_repo(nwo) + + repo = repos[args.repo] + releases = [release for release in repo.get_releases() if release.title == f"v{args.version}"] + if len(releases) != 1: + print(f"Error: expected exactly one release with title {args.version}, but found {len(releases)}", file=sys.stderr) + return 1 + release = releases[0] + + pull_candidates = [pr for pr in repo.get_pulls(state="open") if pr.head.sha == args.ref] + if len(pull_candidates) != 1: + print(f"Error: expected exactly one PR with head {args.ref}, but found {len(pull_candidates)}", file=sys.stderr) + return 1 + + print(f"Collecting workflow runs for ref {args.ref}") + check_runs: List[CheckRun.CheckRun] = repo.get_check_runs(args.ref) # type: ignore + + action_workflow_run_url_regex = r"^https://(?P[^/]+)/(?P[^/]+)/(?P[^/]+)/actions/runs/(?P\d+)$" + action_workflow_job_run_url_regex = r"^https://(?P[^/]+)/(?P[^/]+)/(?P[^/]+)/actions/runs/(?P\d+)/job/(?P\d+)$" + + workflow_runs: List[WorkflowRun.WorkflowRun] = [] + for check_run in check_runs: # type: ignore + check_run = cast(CheckRun.CheckRun, check_run) + if check_run.status != "completed" or check_run.conclusion == "skipped": + continue + job_run_match = re.match(action_workflow_job_run_url_regex, check_run.details_url) + if job_run_match: + workflow_run = repo.get_workflow_run(int(job_run_match.group("run_id"))) + workflow_runs.append(workflow_run) + else: + run_match = re.match(action_workflow_run_url_regex, check_run.external_id) + if run_match: + #print(f"External workflow on {run_match.group('owner')} {run_match.group('repo')} with id {run_match.group('run_id')}") + workflow_run = repos[f"{run_match.group('owner')}/{run_match.group('repo')}"].get_workflow_run(int(run_match.group("run_id"))) + workflow_runs.append(workflow_run) + else: + print(f"Unable to handle checkrun {check_run.name} with id {check_run.id} with {check_run.details_url}") + return 1 + + print("Filtering workflow runs to only include the latest run for each workflow.") + workflow_runs_per_id: Dict[int, WorkflowRun.WorkflowRun] = {} + for workflow_run in workflow_runs: + if not workflow_run.id in workflow_runs_per_id: + workflow_runs_per_id[workflow_run.id] = workflow_run + else: + latest_run = workflow_runs_per_id[workflow_run.id] + if latest_run.run_number < workflow_run.run_number: + workflow_runs_per_id[workflow_run.id] = workflow_run + latests_workflow_runs = list(workflow_runs_per_id.values()) + + if not args.skip_checks: + print(f"Checking that all workflow runs for ref {args.ref} succeeded") + for workflow_run in latests_workflow_runs: + if workflow_run.status != "completed": + print(f"Error: workflow run {workflow_run.name} with id {workflow_run.id} is not completed", file=sys.stderr) + return 1 + # Consider success or skipped as success + if workflow_run.conclusion == "failure": + print(f"Error: workflow run {workflow_run.name} with id {workflow_run.id} failed", file=sys.stderr) + return 1 + + with TemporaryDirectory() as temp_dir: + print(f"Using temporary directory {temp_dir}") + try: + ReleaseLayout(Path(args.layout), args.skip_checks).make(Path(temp_dir), latests_workflow_runs) + except Exception as e: + print(f"Error: {e}", file=sys.stderr) + return 1 + + print("Deleting existing assets") + for asset in release.assets: + asset.delete_asset() + + print("Uploading new assets from generated release layout") + for file in Path(temp_dir).glob("**/*"): + print(f"Uploading {file}") + release.upload_asset(str(file)) + + return 0 + +if __name__ == '__main__': + import argparse + from sys import exit + + parser = argparse.ArgumentParser() + parser.add_argument('--version', help="The version to release (MUST be a valid semantic version)", required=True) + parser.add_argument('--ref', help="The head sha for the release PR", required=True) + parser.add_argument('--repo', help="The owner and repository name. For example, 'octocat/Hello-World'. Used when testing this script on a fork", required=True, default="github/codeql-coding-standards") + parser.add_argument('--github-token', help="The github token to use for the release PR", required=True, nargs="+") + parser.add_argument('--layout', help="The layout to use for the release", required=True) + parser.add_argument('--skip-checks', help="Skip the checks that ensure that the workflow runs succeeded", action="store_true") + args = parser.parse_args() + exit(main(args)) \ No newline at end of file From d2305b0024374b38e1dae8efea63a84425ec9007 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 18 Sep 2023 16:15:05 -0700 Subject: [PATCH 1334/2573] Update checkout actions --- .github/workflows/post-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/post-release.yml b/.github/workflows/post-release.yml index c27045ffc9..2ea46fbc73 100644 --- a/.github/workflows/post-release.yml +++ b/.github/workflows/post-release.yml @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: ref: ${{ github.event.inputs.ref }} - name: Install Python From 925392b508f9b26d046689f01f1aef8cb90dbcc0 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 18 Sep 2023 16:15:23 -0700 Subject: [PATCH 1335/2573] Use inputs context instead of github event context --- .github/workflows/post-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/post-release.yml b/.github/workflows/post-release.yml index 2ea46fbc73..8670312564 100644 --- a/.github/workflows/post-release.yml +++ b/.github/workflows/post-release.yml @@ -24,7 +24,7 @@ jobs: - name: Checkout uses: actions/checkout@v4 with: - ref: ${{ github.event.inputs.ref }} + ref: ${{ inputs.ref }} - name: Install Python uses: actions/setup-python@v4 with: From 2ff025d324f19d33ab9c3bda2b3a62a7512a7f97 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 18 Sep 2023 16:15:53 -0700 Subject: [PATCH 1336/2573] Disable strict checks for testing purposes --- .github/workflows/post-release.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/post-release.yml b/.github/workflows/post-release.yml index 8670312564..4a094b7d92 100644 --- a/.github/workflows/post-release.yml +++ b/.github/workflows/post-release.yml @@ -45,4 +45,5 @@ jobs: --layout scripts/release/release-layout.yml --ref $RELEASE_REF --repo "$GITHUB_REPOSITORY" - --github-token "$GITHUB_REPOSITORY:$GITHUB_TOKEN" "github/codeql-coding-standards-release-engineering:$RELEASE_ENGEERING_TOKEN" \ No newline at end of file + --github-token "$GITHUB_REPOSITORY:$GITHUB_TOKEN" "github/codeql-coding-standards-release-engineering:$RELEASE_ENGEERING_TOKEN" + --skip-checks \ No newline at end of file From 43cfb876600e1a254c53a89e6c6db1b28b9f5679 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 18 Sep 2023 16:19:29 -0700 Subject: [PATCH 1337/2573] Address incorrect install dependency step --- .github/workflows/post-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/post-release.yml b/.github/workflows/post-release.yml index 4a094b7d92..66362d7382 100644 --- a/.github/workflows/post-release.yml +++ b/.github/workflows/post-release.yml @@ -31,7 +31,7 @@ jobs: python-version: "3.9" - name: Install dependencies - run: pip install -f scripts/release/requirements.txt + run: pip install -r scripts/release/requirements.txt - name: Update release assets env: From 56e3b2bf2599cab317696aa23a8979212a98918f Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 18 Sep 2023 16:20:09 -0700 Subject: [PATCH 1338/2573] Remove push trigger --- .github/workflows/post-release.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.github/workflows/post-release.yml b/.github/workflows/post-release.yml index 66362d7382..395e429489 100644 --- a/.github/workflows/post-release.yml +++ b/.github/workflows/post-release.yml @@ -12,10 +12,6 @@ on: The git commit, branch, or tag to release from. required: true - push: - branches: - - rvermeulen/release-process-improvements - jobs: update-release: name: "Update release" From e06a22d8953c257684a7f35113eafde2e5100602 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 18 Sep 2023 16:27:18 -0700 Subject: [PATCH 1339/2573] Address incorrect secret name --- .github/workflows/post-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/post-release.yml b/.github/workflows/post-release.yml index 395e429489..9fc4988d9f 100644 --- a/.github/workflows/post-release.yml +++ b/.github/workflows/post-release.yml @@ -34,7 +34,7 @@ jobs: RELEASE_VERSION: ${{ inputs.version }} RELEASE_REF: ${{ inputs.ref }} GITHUB_TOKEN: ${{ github.token }} - RELEASE_ENGEERING_TOKEN: ${{ secrets.RELEASE_ENGEERING_TOKEN }} + RELEASE_ENGINEERING_TOKEN: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} run: | python scripts/release/update-release-assets.py --version $RELEASE_VERSION From 2b8c069f208085023dd7840d337831443ea58899 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 18 Sep 2023 16:27:51 -0700 Subject: [PATCH 1340/2573] Address incorrect command invocation --- .github/workflows/post-release.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/post-release.yml b/.github/workflows/post-release.yml index 9fc4988d9f..4ee6d61fdc 100644 --- a/.github/workflows/post-release.yml +++ b/.github/workflows/post-release.yml @@ -36,10 +36,10 @@ jobs: GITHUB_TOKEN: ${{ github.token }} RELEASE_ENGINEERING_TOKEN: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} run: | - python scripts/release/update-release-assets.py - --version $RELEASE_VERSION - --layout scripts/release/release-layout.yml - --ref $RELEASE_REF - --repo "$GITHUB_REPOSITORY" - --github-token "$GITHUB_REPOSITORY:$GITHUB_TOKEN" "github/codeql-coding-standards-release-engineering:$RELEASE_ENGEERING_TOKEN" + python scripts/release/update-release-assets.py \ + --version $RELEASE_VERSION \ + --layout scripts/release/release-layout.yml \ + --ref $RELEASE_REF \ + --repo "$GITHUB_REPOSITORY" \ + --github-token "$GITHUB_REPOSITORY:$GITHUB_TOKEN" "github/codeql-coding-standards-release-engineering:$RELEASE_ENGINEERING_TOKEN" \ --skip-checks \ No newline at end of file From 22e7c3f5e777afb2256ce838b30e29b6fd4292a3 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 18 Sep 2023 16:49:24 -0700 Subject: [PATCH 1341/2573] Retrieve head sha from PR --- .github/workflows/post-release.yml | 9 +-------- scripts/release/update-release-assets.py | 15 +++++++++------ 2 files changed, 10 insertions(+), 14 deletions(-) diff --git a/.github/workflows/post-release.yml b/.github/workflows/post-release.yml index 4ee6d61fdc..a6786e7935 100644 --- a/.github/workflows/post-release.yml +++ b/.github/workflows/post-release.yml @@ -7,11 +7,6 @@ on: description: | The version to release (MUST follow semantic versioning). required: true - ref: - description: | - The git commit, branch, or tag to release from. - required: true - jobs: update-release: name: "Update release" @@ -20,7 +15,7 @@ jobs: - name: Checkout uses: actions/checkout@v4 with: - ref: ${{ inputs.ref }} + ref: rc/v${{ inputs.version }} - name: Install Python uses: actions/setup-python@v4 with: @@ -32,14 +27,12 @@ jobs: - name: Update release assets env: RELEASE_VERSION: ${{ inputs.version }} - RELEASE_REF: ${{ inputs.ref }} GITHUB_TOKEN: ${{ github.token }} RELEASE_ENGINEERING_TOKEN: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} run: | python scripts/release/update-release-assets.py \ --version $RELEASE_VERSION \ --layout scripts/release/release-layout.yml \ - --ref $RELEASE_REF \ --repo "$GITHUB_REPOSITORY" \ --github-token "$GITHUB_REPOSITORY:$GITHUB_TOKEN" "github/codeql-coding-standards-release-engineering:$RELEASE_ENGINEERING_TOKEN" \ --skip-checks \ No newline at end of file diff --git a/scripts/release/update-release-assets.py b/scripts/release/update-release-assets.py index 15488e98e3..d1996c7097 100644 --- a/scripts/release/update-release-assets.py +++ b/scripts/release/update-release-assets.py @@ -252,13 +252,17 @@ def main(args: 'argparse.Namespace') -> int: return 1 release = releases[0] - pull_candidates = [pr for pr in repo.get_pulls(state="open") if pr.head.sha == args.ref] + pull_candidates = [pr for pr in repo.get_pulls(state="open") if pr.title == f"Release v{args.version}"] if len(pull_candidates) != 1: - print(f"Error: expected exactly one PR with head {args.ref}, but found {len(pull_candidates)}", file=sys.stderr) + print(f"Error: expected exactly one PR for version {args.version}, but found {len(pull_candidates)}", file=sys.stderr) return 1 - print(f"Collecting workflow runs for ref {args.ref}") - check_runs: List[CheckRun.CheckRun] = repo.get_check_runs(args.ref) # type: ignore + pull_request = pull_candidates[0] + + head_sha = pull_request.head.sha + + print(f"Collecting workflow runs for ref {head_sha}") + check_runs: List[CheckRun.CheckRun] = repo.get_check_runs(head_sha) # type: ignore action_workflow_run_url_regex = r"^https://(?P[^/]+)/(?P[^/]+)/(?P[^/]+)/actions/runs/(?P\d+)$" action_workflow_job_run_url_regex = r"^https://(?P[^/]+)/(?P[^/]+)/(?P[^/]+)/actions/runs/(?P\d+)/job/(?P\d+)$" @@ -294,7 +298,7 @@ def main(args: 'argparse.Namespace') -> int: latests_workflow_runs = list(workflow_runs_per_id.values()) if not args.skip_checks: - print(f"Checking that all workflow runs for ref {args.ref} succeeded") + print(f"Checking that all workflow runs for ref {head_sha} succeeded") for workflow_run in latests_workflow_runs: if workflow_run.status != "completed": print(f"Error: workflow run {workflow_run.name} with id {workflow_run.id} is not completed", file=sys.stderr) @@ -329,7 +333,6 @@ def main(args: 'argparse.Namespace') -> int: parser = argparse.ArgumentParser() parser.add_argument('--version', help="The version to release (MUST be a valid semantic version)", required=True) - parser.add_argument('--ref', help="The head sha for the release PR", required=True) parser.add_argument('--repo', help="The owner and repository name. For example, 'octocat/Hello-World'. Used when testing this script on a fork", required=True, default="github/codeql-coding-standards") parser.add_argument('--github-token', help="The github token to use for the release PR", required=True, nargs="+") parser.add_argument('--layout', help="The layout to use for the release", required=True) From a3d9be0e54b43ad1fb3a18e2170c61c619bfb340 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 18 Sep 2023 16:49:38 -0700 Subject: [PATCH 1342/2573] Add validation the PR is open --- scripts/release/update-release-assets.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/scripts/release/update-release-assets.py b/scripts/release/update-release-assets.py index d1996c7097..f7ecc9113f 100644 --- a/scripts/release/update-release-assets.py +++ b/scripts/release/update-release-assets.py @@ -259,6 +259,10 @@ def main(args: 'argparse.Namespace') -> int: pull_request = pull_candidates[0] + if pull_request.state != "open": + print(f"Error: PR for version {args.version} is not open", file=sys.stderr) + return 1 + head_sha = pull_request.head.sha print(f"Collecting workflow runs for ref {head_sha}") From 2943dee7ee6b0059aaef658a636ba03cfa00eceb Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 18 Sep 2023 18:08:44 -0700 Subject: [PATCH 1343/2573] Address incorrect checkout ref --- .github/workflows/post-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/post-release.yml b/.github/workflows/post-release.yml index a6786e7935..f4173c90bd 100644 --- a/.github/workflows/post-release.yml +++ b/.github/workflows/post-release.yml @@ -15,7 +15,7 @@ jobs: - name: Checkout uses: actions/checkout@v4 with: - ref: rc/v${{ inputs.version }} + ref: rc/${{ inputs.version }} - name: Install Python uses: actions/setup-python@v4 with: From 18e4196f824cfda7b8af3143ed31f8038285cd0c Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 18 Sep 2023 18:19:14 -0700 Subject: [PATCH 1344/2573] Checkout PR using gh --- .github/workflows/post-release.yml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/.github/workflows/post-release.yml b/.github/workflows/post-release.yml index f4173c90bd..9849963464 100644 --- a/.github/workflows/post-release.yml +++ b/.github/workflows/post-release.yml @@ -16,6 +16,15 @@ jobs: uses: actions/checkout@v4 with: ref: rc/${{ inputs.version }} + + - name: Checkout PR + env: + GITHUB_TOKEN: ${{ github.token }} + RELEASE_VERSION: ${{ inputs.version }} + run: | + pr_number=$(gh pr list --json number,title --jq "map(select(.title == \"Release v$RELEASE_VERSION\")) | .[].number") + gh pr checkout $pr_number + - name: Install Python uses: actions/setup-python@v4 with: From d34b51aecdacc9be700d44fff17d181294e2246e Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 09:39:30 -0700 Subject: [PATCH 1345/2573] Integrate post-release workflow witth update-release-status workflow --- .github/workflows/post-release.yml | 28 ++++++++------- scripts/release/update-release-assets.py | 44 ++++++++++++++---------- 2 files changed, 40 insertions(+), 32 deletions(-) diff --git a/.github/workflows/post-release.yml b/.github/workflows/post-release.yml index 9849963464..338a5b5ef8 100644 --- a/.github/workflows/post-release.yml +++ b/.github/workflows/post-release.yml @@ -3,10 +3,21 @@ name: Finalize Release on: workflow_dispatch: inputs: - version: + head-sha: description: | - The version to release (MUST follow semantic versioning). + The head SHA of the release PR to use for finalizing the release. required: true + workflow_call: + inputs: + head-sha: + type: string + description: | + The head SHA of the release PR to use for finalizing the release. + required: true + +env: + HEAD_SHA: ${{ inputs.head-sha }} + jobs: update-release: name: "Update release" @@ -15,15 +26,7 @@ jobs: - name: Checkout uses: actions/checkout@v4 with: - ref: rc/${{ inputs.version }} - - - name: Checkout PR - env: - GITHUB_TOKEN: ${{ github.token }} - RELEASE_VERSION: ${{ inputs.version }} - run: | - pr_number=$(gh pr list --json number,title --jq "map(select(.title == \"Release v$RELEASE_VERSION\")) | .[].number") - gh pr checkout $pr_number + ref: ${{ inputs.head-sha }} - name: Install Python uses: actions/setup-python@v4 @@ -35,12 +38,11 @@ jobs: - name: Update release assets env: - RELEASE_VERSION: ${{ inputs.version }} GITHUB_TOKEN: ${{ github.token }} RELEASE_ENGINEERING_TOKEN: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} run: | python scripts/release/update-release-assets.py \ - --version $RELEASE_VERSION \ + --head-sha $HEAD_SHA \ --layout scripts/release/release-layout.yml \ --repo "$GITHUB_REPOSITORY" \ --github-token "$GITHUB_REPOSITORY:$GITHUB_TOKEN" "github/codeql-coding-standards-release-engineering:$RELEASE_ENGINEERING_TOKEN" \ diff --git a/scripts/release/update-release-assets.py b/scripts/release/update-release-assets.py index f7ecc9113f..931631da19 100644 --- a/scripts/release/update-release-assets.py +++ b/scripts/release/update-release-assets.py @@ -225,13 +225,6 @@ def make(self, directory: Path) -> Path: return Path(shutil.make_archive(str(directory / self.name.with_suffix("")), ext_format_map[extension], root_dir=temp_dir_path)) def main(args: 'argparse.Namespace') -> int: - - try: - semantic_version.Version.parse(args.version) # type: ignore - except ValueError as e: - print(f"Error: invalid version: {e}", file=sys.stderr) - return 1 - monkey_patch_github() import github @@ -246,15 +239,10 @@ def main(args: 'argparse.Namespace') -> int: repos[nwo] = github.Github(auth=github.Auth.Token(token)).get_repo(nwo) repo = repos[args.repo] - releases = [release for release in repo.get_releases() if release.title == f"v{args.version}"] - if len(releases) != 1: - print(f"Error: expected exactly one release with title {args.version}, but found {len(releases)}", file=sys.stderr) - return 1 - release = releases[0] - pull_candidates = [pr for pr in repo.get_pulls(state="open") if pr.title == f"Release v{args.version}"] + pull_candidates = [pr for pr in repo.get_pulls(state="open") if pr.head.sha == args.head_sha] if len(pull_candidates) != 1: - print(f"Error: expected exactly one PR for version {args.version}, but found {len(pull_candidates)}", file=sys.stderr) + print(f"Error: expected exactly one PR for SHA {args.head_sha}, but found {len(pull_candidates)}", file=sys.stderr) return 1 pull_request = pull_candidates[0] @@ -262,11 +250,29 @@ def main(args: 'argparse.Namespace') -> int: if pull_request.state != "open": print(f"Error: PR for version {args.version} is not open", file=sys.stderr) return 1 + + rc_branch_regex = r"^rc/(?P.*)$" + rc_branch_match = re.match(rc_branch_regex, pull_request.base.ref) + if not rc_branch_match: + print(f"Error: PR {pull_request.url} is not based on a release candidate branch", file=sys.stderr) + return 1 + + release_version = rc_branch_match.group("version") + + try: + semantic_version.Version.parse(release_version) # type: ignore + except ValueError as e: + print(f"Error: invalid version {release_version} use by release branch. Reason {e}", file=sys.stderr) + return 1 - head_sha = pull_request.head.sha + releases = [release for release in repo.get_releases() if release.title == f"v{release_version}"] + if len(releases) != 1: + print(f"Error: expected exactly one release with title {args.version}, but found {len(releases)}", file=sys.stderr) + return 1 + release = releases[0] - print(f"Collecting workflow runs for ref {head_sha}") - check_runs: List[CheckRun.CheckRun] = repo.get_check_runs(head_sha) # type: ignore + print(f"Collecting workflow runs for ref {args.head_sha}") + check_runs: List[CheckRun.CheckRun] = repo.get_check_runs(args.head_sha) # type: ignore action_workflow_run_url_regex = r"^https://(?P[^/]+)/(?P[^/]+)/(?P[^/]+)/actions/runs/(?P\d+)$" action_workflow_job_run_url_regex = r"^https://(?P[^/]+)/(?P[^/]+)/(?P[^/]+)/actions/runs/(?P\d+)/job/(?P\d+)$" @@ -302,7 +308,7 @@ def main(args: 'argparse.Namespace') -> int: latests_workflow_runs = list(workflow_runs_per_id.values()) if not args.skip_checks: - print(f"Checking that all workflow runs for ref {head_sha} succeeded") + print(f"Checking that all workflow runs for ref {args.head_sha} succeeded") for workflow_run in latests_workflow_runs: if workflow_run.status != "completed": print(f"Error: workflow run {workflow_run.name} with id {workflow_run.id} is not completed", file=sys.stderr) @@ -336,7 +342,7 @@ def main(args: 'argparse.Namespace') -> int: from sys import exit parser = argparse.ArgumentParser() - parser.add_argument('--version', help="The version to release (MUST be a valid semantic version)", required=True) + parser.add_argument('--head-sha', help="The head SHA of the release PR for which we update it's corresponding release", required=True) parser.add_argument('--repo', help="The owner and repository name. For example, 'octocat/Hello-World'. Used when testing this script on a fork", required=True, default="github/codeql-coding-standards") parser.add_argument('--github-token', help="The github token to use for the release PR", required=True, nargs="+") parser.add_argument('--layout', help="The layout to use for the release", required=True) From 6685a7267f99ae3fdb305dfd5df6d9b5ee65dd22 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 09:44:08 -0700 Subject: [PATCH 1346/2573] Address partial shell quoting --- .github/workflows/update-release-status.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index 53e9e45c04..c03d815bdd 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -86,7 +86,7 @@ jobs: pending=$(echo "$status_stats" | jq -r '.pending') echo "CHECK_RUNS_FAILED=$failed" >> "$GITHUB_ENV" - echo "CHECK_RUNS_PENDING=$pending" >> "$GITHUB_ENV + echo "CHECK_RUNS_PENDING=$pending" >> "$GITHUB_ENV" - name: Finalize release if: env.CHECK_RUNS_PENDING == '0' && env.CHECK_RUN_STATUS != 'completed' From 11f554b2abe85ab6b45e87ba33093f230c9fbf96 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 09:45:51 -0700 Subject: [PATCH 1347/2573] Add missing checkout to make workflow available --- .github/workflows/update-release-status.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index c03d815bdd..3916fa10e0 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -34,6 +34,11 @@ jobs: echo "CHECK_RUN_HEAD_SHA=$HEAD_SHA_FROM_EVENT" >> "$GITHUB_ENV" fi + - name: Checkout + uses: actions/checkout@v4 + with: + ref: ${{ env.CHECK_RUN_HEAD_SHA }} + - name: Get release status check run id: get-check-run if: (github.event_name == 'check_run' && github.event.check_run.conclusion == 'success' && github.event.check_run.name != github.workflow) || github.event_name == 'workflow_dispatch' From ec2e3c7fc31aa51889cc49b9fbacebbea1e11caa Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 14:34:28 -0700 Subject: [PATCH 1348/2573] Update the release notes in post release workflow --- .github/workflows/post-release.yml | 11 +++- scripts/release/requirements.txt | 3 +- scripts/release/update-release-notes.py | 72 +++++++++++++++++++++++++ 3 files changed, 84 insertions(+), 2 deletions(-) create mode 100644 scripts/release/update-release-notes.py diff --git a/.github/workflows/post-release.yml b/.github/workflows/post-release.yml index 338a5b5ef8..f0fd888004 100644 --- a/.github/workflows/post-release.yml +++ b/.github/workflows/post-release.yml @@ -46,4 +46,13 @@ jobs: --layout scripts/release/release-layout.yml \ --repo "$GITHUB_REPOSITORY" \ --github-token "$GITHUB_REPOSITORY:$GITHUB_TOKEN" "github/codeql-coding-standards-release-engineering:$RELEASE_ENGINEERING_TOKEN" \ - --skip-checks \ No newline at end of file + --skip-checks + + - name: Update release notes + env: + GITHUB_TOKEN: ${{ github.token }} + run: | + python scripts/release/update-release-notes.py \ + --head-sha $HEAD_SHA \ + --repo "$GITHUB_REPOSITORY" \ + --github-token "$GITHUB_TOKEN" diff --git a/scripts/release/requirements.txt b/scripts/release/requirements.txt index 40339090fb..79ccbcefbe 100644 --- a/scripts/release/requirements.txt +++ b/scripts/release/requirements.txt @@ -1,3 +1,4 @@ semantic-version==2.10.0 PyGithub==1.59.1 -PyYAML==6.0.1 \ No newline at end of file +PyYAML==6.0.1 +GitPython==3.1.36 \ No newline at end of file diff --git a/scripts/release/update-release-notes.py b/scripts/release/update-release-notes.py new file mode 100644 index 0000000000..5f317ad988 --- /dev/null +++ b/scripts/release/update-release-notes.py @@ -0,0 +1,72 @@ +from __future__ import annotations # This enables postponed evaluation of type annotations. Required for typing.TYPE_CHECKING. See https://peps.python.org/pep-0563/ +from typing import TYPE_CHECKING +import subprocess +from pathlib import Path + +if TYPE_CHECKING: + from argparse import Namespace + +def generate_release_notes() -> str: + script_path = Path(__file__).parent / "generate_release_notes.py" + cp = subprocess.run(["python", str(script_path)], capture_output=True) + + if cp.returncode != 0: + raise Exception(f"Error generating release notes: {cp.stderr.decode('utf-8')}") + + return cp.stdout.decode("utf-8") + +def main(args: Namespace) -> int: + from github import Github, Auth + import semantic_version # type: ignore + import re + import sys + + repo = Github(auth=Auth.Token(args.github_token)).get_repo(args.repo) + + pull_candidates = [pr for pr in repo.get_pulls(state="open") if pr.head.sha == args.head_sha] + if len(pull_candidates) != 1: + print(f"Error: expected exactly one PR for SHA {args.head_sha}, but found {len(pull_candidates)}", file=sys.stderr) + return 1 + + pull_request = pull_candidates[0] + + if pull_request.state != "open": + print(f"Error: PR for version {args.version} is not open", file=sys.stderr) + return 1 + + rc_branch_regex = r"^rc/(?P.*)$" + rc_branch_match = re.match(rc_branch_regex, pull_request.base.ref) + if not rc_branch_match: + print(f"Error: PR {pull_request.url} is not based on a release candidate branch", file=sys.stderr) + return 1 + + release_version = rc_branch_match.group("version") + + try: + semantic_version.Version.parse(release_version) # type: ignore + except ValueError as e: + print(f"Error: invalid version {release_version} use by release branch. Reason {e}", file=sys.stderr) + return 1 + + releases = [release for release in repo.get_releases() if release.title == f"v{release_version}"] + if len(releases) != 1: + print(f"Error: expected exactly one release with title {args.version}, but found {len(releases)}", file=sys.stderr) + return 1 + release = releases[0] + + release_notes = generate_release_notes() + + release.update_release(name=release.title, message=release_notes, draft=release.draft, prerelease=release.prerelease, tag_name=release.tag_name) + + return 0 + +if __name__ == '__main__': + import argparse + from sys import exit + + parser = argparse.ArgumentParser() + parser.add_argument('--head-sha', help="The head SHA of the release PR for which we update it's corresponding release", required=True) + parser.add_argument('--repo', help="The owner and repository name. For example, 'octocat/Hello-World'. Used when testing this script on a fork", required=True, default="github/codeql-coding-standards") + parser.add_argument('--github-token', help="The GitHub token to use to update the release", required=True) + args = parser.parse_args() + exit(main(args)) \ No newline at end of file From 050d1c4f47e65d9f48b4225616f56654621559be Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 15:18:09 -0700 Subject: [PATCH 1349/2573] Implement artifact filter for workflow artifact action --- scripts/release/update-release-assets.py | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/scripts/release/update-release-assets.py b/scripts/release/update-release-assets.py index 931631da19..324bcf235f 100644 --- a/scripts/release/update-release-assets.py +++ b/scripts/release/update-release-assets.py @@ -169,8 +169,12 @@ def run(self) -> List[Path]: workflow_runs = [workflow_run for workflow_run in self.workflow_runs if not re.match(self.kwargs["not-name"], workflow_run.name)] print(f"Downloading the artifacts for {len(workflow_runs)} workflow runs") for workflow_run in workflow_runs: - print(f"Downloading artifacts for {workflow_run.name} to {self.temp_workdir.name}") - workflow_run.download_artifacts(Path(self.temp_workdir.name)) # type: ignore + if "artifact" in self.kwargs: + print(f"Downloading artifact {self.kwargs['artifact']} for {workflow_run.name} to {self.temp_workdir.name}") + workflow_run.download_artifact(self.kwargs["artifact"], Path(self.temp_workdir.name)) # type: ignore + else: + print(f"Downloading artifacts for {workflow_run.name} to {self.temp_workdir.name}") + workflow_run.download_artifacts(Path(self.temp_workdir.name)) # type: ignore return list(map(Path, Path(self.temp_workdir.name).glob("**/*"))) class ShellAction(): From b2b975a9ac3923c9f79b7201878bf0602dd85ebd Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 15:22:29 -0700 Subject: [PATCH 1350/2573] Rename workflow post-release to update-release --- .github/workflows/update-release-status.yml | 2 +- .github/workflows/{post-release.yml => update-release.yml} | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) rename .github/workflows/{post-release.yml => update-release.yml} (98%) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index 3916fa10e0..058232631b 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -95,7 +95,7 @@ jobs: - name: Finalize release if: env.CHECK_RUNS_PENDING == '0' && env.CHECK_RUN_STATUS != 'completed' - uses: ./.github/workflows/post-release.yml + uses: ./.github/workflows/update-release.yml with: ref: ${{ env.CHECK_RUN_HEAD_SHA }} diff --git a/.github/workflows/post-release.yml b/.github/workflows/update-release.yml similarity index 98% rename from .github/workflows/post-release.yml rename to .github/workflows/update-release.yml index f0fd888004..ded8013b72 100644 --- a/.github/workflows/post-release.yml +++ b/.github/workflows/update-release.yml @@ -1,4 +1,4 @@ -name: Finalize Release +name: Update Release on: workflow_dispatch: From 1d7bfef2d3d7a6995635af2c3e564e20b5373632 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 15:43:06 -0700 Subject: [PATCH 1351/2573] Prefix release tag with v for release not generation script --- .github/workflows/prepare-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 3072e33626..fa3a2647f3 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -112,7 +112,7 @@ jobs: --title "v$RELEASE_VERSION" \ --draft \ --target rc/$RELEASE_VERSION \ - $RELEASE_VERSION + v$RELEASE_VERSION - name: Create feature branch for PR run: | From c453ddc9a10fd38f6845ca8fc7ac493843352dcb Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 15:46:59 -0700 Subject: [PATCH 1352/2573] Add workflow to finalize release on merge or release PR --- .github/workflows/finalize-release.yml | 41 ++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 .github/workflows/finalize-release.yml diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml new file mode 100644 index 0000000000..b44647f263 --- /dev/null +++ b/.github/workflows/finalize-release.yml @@ -0,0 +1,41 @@ +name: Finalize Release +on: + pull_request: + types: + - closed + branches: + - "rc/**" + +jobs: + finalize-release: + if: github.event.pull_request.merged == true + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + ref: ${{ github.event.pull_request.merge_commit_sha }} + + - name: Create release tag + env: + BASE_REF: ${{ github.event.pull_request.base.ref }} + run: | + version=${BASE_REF#rc/} + echo "Creating release tag v$version" + + git tag -a v$version -m "Release v$version" + git push origin v$version + + - name: Finalize release + env: + BASE_REF: ${{ github.event.pull_request.base.ref }} + GITHUB_TOKEN: ${{ github.token }} + run: | + version=${BASE_REF#rc/} + echo "Finalizing release v$version" + + gh release edit v$version \ + --draft false \ + --prerelease false \ + --latest \ + --tag v$version \ No newline at end of file From 0ac9343634077eb2edbd5b227167c0e7d9090d09 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 16:03:33 -0700 Subject: [PATCH 1353/2573] Add dispatch trigger for testing purposes --- .github/workflows/finalize-release.yml | 29 ++++++++++++++++++++++---- 1 file changed, 25 insertions(+), 4 deletions(-) diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index b44647f263..84d278fb32 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -5,20 +5,41 @@ on: - closed branches: - "rc/**" + workflow_dispatch: + inputs: + ref: + description: | + The branch for which the finalize the release. + required: true + push: + branches: + - rvermeulen/release-process-improvements jobs: finalize-release: - if: github.event.pull_request.merged == true + if: (github.event.name == "pull_request" && github.event.pull_request.merged == true) || github.event_name == 'workflow_dispatch' runs-on: ubuntu-latest steps: + - name: Determine ref + env: + REF_FROM_INPUT: ${{ inputs.ref }} + REF_FROM_PR: ${{ github.event.pull_request.merge_commit_sha }} + BASE_REF_FROM_PR: ${{ github.event.pull_request.base.ref }} + run: | + if [[ $GITHUB_EVENT_NAME == "workflow_dispatch" ]]; then + echo "REF=$REF_FROM_INPUT" >> "$GITHUB_ENV" + echo "BASE_REF=$REF_FROM_INPUT" >> "$GITHUB_ENV + else + echo "REF=$REF_FROM_PR" >> "$GITHUB_ENV" + echo "BASE_REF=$BASE_REF_FROM_PR" >> "$GITHUB_ENV" + fi + - name: Checkout uses: actions/checkout@v4 with: - ref: ${{ github.event.pull_request.merge_commit_sha }} + ref: ${{ env.REF }} - name: Create release tag - env: - BASE_REF: ${{ github.event.pull_request.base.ref }} run: | version=${BASE_REF#rc/} echo "Creating release tag v$version" From 4433af9dafd71c329e3ccade8442a2237a6204bb Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 16:06:22 -0700 Subject: [PATCH 1354/2573] Address incorrect GitHub context event name ref --- .github/workflows/finalize-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index 84d278fb32..ccd29bc21c 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -17,7 +17,7 @@ on: jobs: finalize-release: - if: (github.event.name == "pull_request" && github.event.pull_request.merged == true) || github.event_name == 'workflow_dispatch' + if: (github.event_name == "pull_request" && github.event.pull_request.merged == true) || github.event_name == 'workflow_dispatch' runs-on: ubuntu-latest steps: - name: Determine ref From 5140c5b860f1f02b1d3ed3f8fbfb29a4ef10c1fd Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 16:08:08 -0700 Subject: [PATCH 1355/2573] Address incorrect quotes in conditional expression --- .github/workflows/finalize-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index ccd29bc21c..697754bcc8 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -17,7 +17,7 @@ on: jobs: finalize-release: - if: (github.event_name == "pull_request" && github.event.pull_request.merged == true) || github.event_name == 'workflow_dispatch' + if: (github.event_name == 'pull_request' && github.event.pull_request.merged == true) || github.event_name == 'workflow_dispatch' runs-on: ubuntu-latest steps: - name: Determine ref From 1e6ae21e3456a1965a7912653c8ed7382a0fab5d Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 16:09:11 -0700 Subject: [PATCH 1356/2573] Remove push trigger since the workflow is registered --- .github/workflows/finalize-release.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index 697754bcc8..80ecc689d3 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -11,9 +11,6 @@ on: description: | The branch for which the finalize the release. required: true - push: - branches: - - rvermeulen/release-process-improvements jobs: finalize-release: From 55f7922e6f32ac3935af61ebd0fc7caf2eed3ed2 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 16:11:19 -0700 Subject: [PATCH 1357/2573] Address incorrect quoting of shell variable --- .github/workflows/finalize-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index 80ecc689d3..fcdad0336c 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -25,7 +25,7 @@ jobs: run: | if [[ $GITHUB_EVENT_NAME == "workflow_dispatch" ]]; then echo "REF=$REF_FROM_INPUT" >> "$GITHUB_ENV" - echo "BASE_REF=$REF_FROM_INPUT" >> "$GITHUB_ENV + echo "BASE_REF=$REF_FROM_INPUT" >> "$GITHUB_ENV" else echo "REF=$REF_FROM_PR" >> "$GITHUB_ENV" echo "BASE_REF=$BASE_REF_FROM_PR" >> "$GITHUB_ENV" From 606b964f082a990521cb253bbf6a555252d77c99 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 16:24:54 -0700 Subject: [PATCH 1358/2573] Configure git so we can make tags --- .github/workflows/finalize-release.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index fcdad0336c..8f1f0b12be 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -36,6 +36,11 @@ jobs: with: ref: ${{ env.REF }} + - name: Configure git + run: | + git config user.name "$GITHUB_ACTOR" + git config user.email "$GITHUB_ACTOR@users.noreply.github.com" + - name: Create release tag run: | version=${BASE_REF#rc/} From b9c7eafb671c81836eb6ff60cc7344827f206e72 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 16:27:48 -0700 Subject: [PATCH 1359/2573] Remove base ref env variable that is already defined --- .github/workflows/finalize-release.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index 8f1f0b12be..4d3656c936 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -51,7 +51,6 @@ jobs: - name: Finalize release env: - BASE_REF: ${{ github.event.pull_request.base.ref }} GITHUB_TOKEN: ${{ github.token }} run: | version=${BASE_REF#rc/} From 49b1bd7ad450bb63a4aeaa7f65f2e8624dd4e63a Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 16:29:54 -0700 Subject: [PATCH 1360/2573] Force create tag --- .github/workflows/finalize-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index 4d3656c936..cc487886f6 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -47,7 +47,7 @@ jobs: echo "Creating release tag v$version" git tag -a v$version -m "Release v$version" - git push origin v$version + git push -f origin v$version - name: Finalize release env: From 16f7859428a988c10f7a76e994b6520c3f5ba56b Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 16:32:12 -0700 Subject: [PATCH 1361/2573] Address incorrect quoating of release edit tag --- .github/workflows/finalize-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index cc487886f6..6565d269bf 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -56,7 +56,7 @@ jobs: version=${BASE_REF#rc/} echo "Finalizing release v$version" - gh release edit v$version \ + gh release edit "v$version" \ --draft false \ --prerelease false \ --latest \ From 8134acd486f4820584843476bb7d81a949f09083 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 16:35:49 -0700 Subject: [PATCH 1362/2573] Address incorrect gh release edit options --- .github/workflows/finalize-release.yml | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index 6565d269bf..a53c848a75 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -56,8 +56,4 @@ jobs: version=${BASE_REF#rc/} echo "Finalizing release v$version" - gh release edit "v$version" \ - --draft false \ - --prerelease false \ - --latest \ - --tag v$version \ No newline at end of file + gh release edit "v$version" --tag v$version \ No newline at end of file From ec75eca2a5aad3ba0ef9e8b56cf1b569c29b02ef Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 16:36:58 -0700 Subject: [PATCH 1363/2573] Remove 'v' prefix in release tag --- .github/workflows/finalize-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index a53c848a75..0e2524df96 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -56,4 +56,4 @@ jobs: version=${BASE_REF#rc/} echo "Finalizing release v$version" - gh release edit "v$version" --tag v$version \ No newline at end of file + gh release edit "$version" --tag v$version \ No newline at end of file From 885c048058a95aa63ca32cfa1253a23eb0de17cd Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 16:42:42 -0700 Subject: [PATCH 1364/2573] Update release tag and set release to non-draft --- .github/workflows/finalize-release.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index 0e2524df96..df4e3a6656 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -41,7 +41,7 @@ jobs: git config user.name "$GITHUB_ACTOR" git config user.email "$GITHUB_ACTOR@users.noreply.github.com" - - name: Create release tag + - name: Update release tag run: | version=${BASE_REF#rc/} echo "Creating release tag v$version" @@ -56,4 +56,4 @@ jobs: version=${BASE_REF#rc/} echo "Finalizing release v$version" - gh release edit "$version" --tag v$version \ No newline at end of file + gh release edit "v$version" --draft=false --tag=v$version \ No newline at end of file From fa814ba3de7d408184539dfb8cb76cfb3124e340 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 17:12:55 -0700 Subject: [PATCH 1365/2573] Change workflow permission so we can call reusable workflows --- .github/workflows/update-release-status.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index 058232631b..c8ddab2a00 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -16,7 +16,7 @@ on: required: true permissions: - actions: read + actions: write checks: write jobs: From 3f9ff2020a0e3730b7bbc8abe3b8d462c08a50a2 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 17:34:03 -0700 Subject: [PATCH 1366/2573] Address incorrect calling of reusable workflow --- .github/workflows/update-release-status.yml | 30 ++++++++++++++++----- .github/workflows/update-release.yml | 6 ++++- 2 files changed, 28 insertions(+), 8 deletions(-) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index c8ddab2a00..36d4602a66 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -22,6 +22,9 @@ permissions: jobs: validate-check-runs: runs-on: ubuntu-latest + outputs: + status: ${{ steps.set-output.outputs.status }} + check-run-head-sha: ${{ steps.set-output.outputs.check-run-head-sha }} steps: - name: Determine check run head SHA env: @@ -93,12 +96,6 @@ jobs: echo "CHECK_RUNS_FAILED=$failed" >> "$GITHUB_ENV" echo "CHECK_RUNS_PENDING=$pending" >> "$GITHUB_ENV" - - name: Finalize release - if: env.CHECK_RUNS_PENDING == '0' && env.CHECK_RUN_STATUS != 'completed' - uses: ./.github/workflows/update-release.yml - with: - ref: ${{ env.CHECK_RUN_HEAD_SHA }} - - name: Conclude release status if: env.CHECK_RUNS_PENDING == '0' && env.CHECK_RUN_STATUS != 'completed' env: @@ -124,4 +121,23 @@ jobs: --header "X-GitHub-Api-Version: 2022-11-28" \ --input - \ /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID - \ No newline at end of file + + - name: Set output + id: set-output + run: | + if [[ "$CHECK_RUNS_PENDING" == "0" ]]; then + echo "status=completed" >> "$GITHUB_OUTPUT" + else + echo "status=in_progress" >> "$GITHUB_OUTPUT" + fi + + echo "check-run-head-sha=$CHECK_RUN_HEAD_SHA" >> "$GITHUB_OUTPUT" + + update-release: + needs: validate-check-runs + if: needs.validate-check-runs.outputs.status == 'completed' + uses: ./.github/workflows/update-release.yml + with: + head-sha: ${{ needs.validate-check-runs.outputs.check-run-head-sha }} + secrets: + RELEASE_ENGINEERING_TOKEN: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/update-release.yml b/.github/workflows/update-release.yml index ded8013b72..fcdd2caaca 100644 --- a/.github/workflows/update-release.yml +++ b/.github/workflows/update-release.yml @@ -14,7 +14,11 @@ on: description: | The head SHA of the release PR to use for finalizing the release. required: true - + secrets: + RELEASE_ENGINEERING_TOKEN: + description: | + The token to use for accessing the release engineering repository. + required: true env: HEAD_SHA: ${{ inputs.head-sha }} From d70b51124ab3a21f007ce1faf90f4329223f2018 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 17:44:04 -0700 Subject: [PATCH 1367/2573] Allow reset of release-status checkrun with dispatch --- .github/workflows/update-release-status.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index 36d4602a66..57f30a495d 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -63,7 +63,7 @@ jobs: echo "CHECK_RUN_CONCLUSION=$check_run_conclusion" >> "$GITHUB_ENV" - name: Reset release status - if: github.event_name == 'check_run' && env.CHECK_RUN_STATUS == 'completed' && github.event.action == 'rerequested' + if: env.CHECK_RUN_STATUS == 'completed' && ((github.event_name == 'check_run' && github.event.action == 'rerequested') || github.event_name == 'workflow_dispatch') env: GITHUB_TOKEN: ${{ github.token }} run: | From 83b8191be0e5b3bf840a277e458ca4e0bb8eccd0 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 17:45:20 -0700 Subject: [PATCH 1368/2573] Address inccorect head sha when resetting release-status --- .github/workflows/update-release-status.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index 57f30a495d..78a88be360 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -71,7 +71,7 @@ jobs: --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ --field name="release-status" \ - --field head_sha="$REF" \ + --field head_sha="$CHECK_RUN_HEAD_SHA" \ --jq ".id" \ /repos/$GITHUB_REPOSITORY/check-runs) From 3d42ead409be7fd07c936a2318019fefaeeda242 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 17:49:24 -0700 Subject: [PATCH 1369/2573] Address refering non existing attribute --- scripts/release/update-release-assets.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/release/update-release-assets.py b/scripts/release/update-release-assets.py index 324bcf235f..5e2d64ebec 100644 --- a/scripts/release/update-release-assets.py +++ b/scripts/release/update-release-assets.py @@ -252,7 +252,7 @@ def main(args: 'argparse.Namespace') -> int: pull_request = pull_candidates[0] if pull_request.state != "open": - print(f"Error: PR for version {args.version} is not open", file=sys.stderr) + print(f"Error: PR {pull_request.url} is not open", file=sys.stderr) return 1 rc_branch_regex = r"^rc/(?P.*)$" @@ -271,7 +271,7 @@ def main(args: 'argparse.Namespace') -> int: releases = [release for release in repo.get_releases() if release.title == f"v{release_version}"] if len(releases) != 1: - print(f"Error: expected exactly one release with title {args.version}, but found {len(releases)}", file=sys.stderr) + print(f"Error: expected exactly one release for {release_version}, but found {len(releases)}", file=sys.stderr) return 1 release = releases[0] From 1b58bcceea6714e4ee5c142a88e353f13663405f Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 17:51:22 -0700 Subject: [PATCH 1370/2573] Print PR information to debug release matching logic --- scripts/release/update-release-assets.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/scripts/release/update-release-assets.py b/scripts/release/update-release-assets.py index 5e2d64ebec..35bc056f0b 100644 --- a/scripts/release/update-release-assets.py +++ b/scripts/release/update-release-assets.py @@ -255,6 +255,8 @@ def main(args: 'argparse.Namespace') -> int: print(f"Error: PR {pull_request.url} is not open", file=sys.stderr) return 1 + print(f"Found PR {pull_request.url} based on {pull_request.base.ref}") + rc_branch_regex = r"^rc/(?P.*)$" rc_branch_match = re.match(rc_branch_regex, pull_request.base.ref) if not rc_branch_match: From a9e999b81c122d73aacca75a3526b66e3c8f4b9d Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 19 Sep 2023 17:59:01 -0700 Subject: [PATCH 1371/2573] Find release by tag name instead of title --- scripts/release/update-release-assets.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/release/update-release-assets.py b/scripts/release/update-release-assets.py index 35bc056f0b..8946845a15 100644 --- a/scripts/release/update-release-assets.py +++ b/scripts/release/update-release-assets.py @@ -271,7 +271,7 @@ def main(args: 'argparse.Namespace') -> int: print(f"Error: invalid version {release_version} use by release branch. Reason {e}", file=sys.stderr) return 1 - releases = [release for release in repo.get_releases() if release.title == f"v{release_version}"] + releases = [release for release in repo.get_releases() if release.tag_name == f"v{release_version}"] if len(releases) != 1: print(f"Error: expected exactly one release for {release_version}, but found {len(releases)}", file=sys.stderr) return 1 From bd2e3e9177c320c7f2d2847c915587993d759a74 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 20 Sep 2023 10:34:10 -0700 Subject: [PATCH 1372/2573] Create lightweight tag to reference release --- .github/workflows/prepare-release.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index fa3a2647f3..c5b02fd679 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -107,6 +107,10 @@ jobs: RELEASE_VERSION: ${{ inputs.version }} GITHUB_TOKEN: ${{ github.token }} run: | + # Create lightweight tag to reference release + git tag v$RELEASE_VERSION + git push -f origin v$RELEASE_VERSION + gh release create \ -R $GITHUB_REPOSITORY \ --title "v$RELEASE_VERSION" \ From 0a3c1026a70399337fd39a05c368a26452e8ffb2 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 20 Sep 2023 11:35:54 -0700 Subject: [PATCH 1373/2573] Add debug output for PR release matching --- scripts/release/update-release-assets.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/scripts/release/update-release-assets.py b/scripts/release/update-release-assets.py index 8946845a15..e5392a7577 100644 --- a/scripts/release/update-release-assets.py +++ b/scripts/release/update-release-assets.py @@ -271,7 +271,11 @@ def main(args: 'argparse.Namespace') -> int: print(f"Error: invalid version {release_version} use by release branch. Reason {e}", file=sys.stderr) return 1 - releases = [release for release in repo.get_releases() if release.tag_name == f"v{release_version}"] + print(f"Looking for release with tag v{release_version} associated with the PR's base ref {pull_request.base.ref}") + all_releases = repo.get_releases() + for release in all_releases: + print(f"Found release {release.title} with tag {release.tag_name}") + releases = [release for release in all_releases if release.tag_name == f"v{release_version}"] if len(releases) != 1: print(f"Error: expected exactly one release for {release_version}, but found {len(releases)}", file=sys.stderr) return 1 From 5e43db17fb3014cda5a91461e0819d5175bd3f6d Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 20 Sep 2023 13:23:58 -0700 Subject: [PATCH 1374/2573] Update the help text to better explain the github token argument --- scripts/release/update-release-assets.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/release/update-release-assets.py b/scripts/release/update-release-assets.py index e5392a7577..7e4e907827 100644 --- a/scripts/release/update-release-assets.py +++ b/scripts/release/update-release-assets.py @@ -354,7 +354,7 @@ def main(args: 'argparse.Namespace') -> int: parser = argparse.ArgumentParser() parser.add_argument('--head-sha', help="The head SHA of the release PR for which we update it's corresponding release", required=True) parser.add_argument('--repo', help="The owner and repository name. For example, 'octocat/Hello-World'. Used when testing this script on a fork", required=True, default="github/codeql-coding-standards") - parser.add_argument('--github-token', help="The github token to use for the release PR", required=True, nargs="+") + parser.add_argument('--github-token', help="The github token to access repo and the repositories provided as external ids in check runs. When multiple tokens are provided use the format 'owner/repo:token'", required=True, nargs="+") parser.add_argument('--layout', help="The layout to use for the release", required=True) parser.add_argument('--skip-checks', help="Skip the checks that ensure that the workflow runs succeeded", action="store_true") args = parser.parse_args() From 01b45605aef3161d9343bc7d2c30f96c20f2d4df Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 20 Sep 2023 15:57:03 -0700 Subject: [PATCH 1375/2573] Remove trailing } from Action expression --- .github/workflows/validate-release.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 7fcd45abfd..4a2ddbab18 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -17,7 +17,7 @@ jobs: pre-validate-performance: outputs: - check-run-id: ${{ steps.create-check-run.outputs.check-run-id }}} + check-run-id: ${{ steps.create-check-run.outputs.check-run-id }} runs-on: ubuntu-latest steps: - name: Create check run @@ -78,7 +78,7 @@ jobs: pre-validate-compiler-compatibility: outputs: - check-run-id: ${{ steps.create-check-run.outputs.check-run-id }}} + check-run-id: ${{ steps.create-check-run.outputs.check-run-id }} runs-on: ubuntu-latest steps: - name: Create check run From f1b6571c3d21ff08f642957b27efa76c2eb521c1 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 20 Sep 2023 17:31:17 -0700 Subject: [PATCH 1376/2573] Add permission to read/write releases --- .github/workflows/update-release-status.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index 78a88be360..51d95a18ae 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -18,6 +18,7 @@ on: permissions: actions: write checks: write + contents: write jobs: validate-check-runs: From e59c32bf6b6034940cb83d69d105eaa27f9d0e36 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 20 Sep 2023 17:59:14 -0700 Subject: [PATCH 1377/2573] Don't consider the release-status check-run The releas-status is an overall status of the release without an associated workflow so there are no logs nor artifacts to consider. --- .github/workflows/update-release.yml | 1 + scripts/release/update-release-assets.py | 4 +++- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/update-release.yml b/.github/workflows/update-release.yml index fcdd2caaca..d1f8bed2cf 100644 --- a/.github/workflows/update-release.yml +++ b/.github/workflows/update-release.yml @@ -50,6 +50,7 @@ jobs: --layout scripts/release/release-layout.yml \ --repo "$GITHUB_REPOSITORY" \ --github-token "$GITHUB_REPOSITORY:$GITHUB_TOKEN" "github/codeql-coding-standards-release-engineering:$RELEASE_ENGINEERING_TOKEN" \ + --skip-checkrun "release-status" \ --skip-checks - name: Update release notes diff --git a/scripts/release/update-release-assets.py b/scripts/release/update-release-assets.py index 7e4e907827..79b06cbcfe 100644 --- a/scripts/release/update-release-assets.py +++ b/scripts/release/update-release-assets.py @@ -290,7 +290,8 @@ def main(args: 'argparse.Namespace') -> int: workflow_runs: List[WorkflowRun.WorkflowRun] = [] for check_run in check_runs: # type: ignore check_run = cast(CheckRun.CheckRun, check_run) - if check_run.status != "completed" or check_run.conclusion == "skipped": + if check_run.name in args.skip_checkrun: + print(f"Skipping check run {check_run.name} with id {check_run.id} because it is on the skip list.") continue job_run_match = re.match(action_workflow_job_run_url_regex, check_run.details_url) if job_run_match: @@ -356,6 +357,7 @@ def main(args: 'argparse.Namespace') -> int: parser.add_argument('--repo', help="The owner and repository name. For example, 'octocat/Hello-World'. Used when testing this script on a fork", required=True, default="github/codeql-coding-standards") parser.add_argument('--github-token', help="The github token to access repo and the repositories provided as external ids in check runs. When multiple tokens are provided use the format 'owner/repo:token'", required=True, nargs="+") parser.add_argument('--layout', help="The layout to use for the release", required=True) + parser.add_argument('--skip-checkrun', help="Name of check run to exclude from consideration. Can be specified multiple times", nargs='+', default=["release-status"]) parser.add_argument('--skip-checks', help="Skip the checks that ensure that the workflow runs succeeded", action="store_true") args = parser.parse_args() exit(main(args)) \ No newline at end of file From ca34c960ca16a8182d03a214b23684a3aac093af Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 22 Sep 2023 10:57:05 -0700 Subject: [PATCH 1378/2573] Use XL runners for pack generation and unit tests --- .github/workflows/code-scanning-pack-gen.yml | 3 +-- .github/workflows/codeql_unit_tests.yml | 2 +- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index 83d22a6765..abd60b31fc 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -37,8 +37,7 @@ jobs: create-code-scanning-pack: name: Create Code Scanning pack needs: prepare-code-scanning-pack-matrix - #runs-on: ubuntu-20.04-xl - runs-on: ubuntu-latest + runs-on: ubuntu-latest-xl strategy: fail-fast: false matrix: ${{ fromJSON(needs.prepare-code-scanning-pack-matrix.outputs.matrix) }} diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index ebcc90a393..dc54eb2ca6 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -31,7 +31,7 @@ jobs: python scripts/create_language_matrix.py echo "matrix=$( python scripts/create_language_matrix.py | \ - jq --compact-output 'map([.+{os: "ubuntu-latest", codeql_standard_library_ident : .codeql_standard_library | sub("\/"; "_")}]) | flatten | {include: .}')" >> $GITHUB_OUTPUT + jq --compact-output 'map([.+{os: "ubuntu-latest-xl", codeql_standard_library_ident : .codeql_standard_library | sub("\/"; "_")}]) | flatten | {include: .}')" >> $GITHUB_OUTPUT run-test-suites: name: Run unit tests From 1f0ed0061ff31d8dcc54ed9450b47d547851ff0b Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 10 Oct 2023 15:41:32 -0700 Subject: [PATCH 1379/2573] Add checksums.txt artifact to release --- scripts/release/release-layout.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/scripts/release/release-layout.yml b/scripts/release/release-layout.yml index 4375f0e21c..3ffc3ba0de 100644 --- a/scripts/release/release-layout.yml +++ b/scripts/release/release-layout.yml @@ -17,4 +17,7 @@ layout: - shell: | python ${{ coding-standards.root }}/scripts/release/create_supported_rules_list.py > supported_rules_list.md user_manual.md: - - file: docs/user_manual.md \ No newline at end of file + - file: docs/user_manual.md + checksums.txt: + - shell: | + sha256sum ./* > checksums.txt \ No newline at end of file From 6c30501e0ab4bf6b02f9cf4c8b4376bcb0c9bd59 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 10 Oct 2023 15:43:04 -0700 Subject: [PATCH 1380/2573] Remove create draft script and workflow These are subsumed by the prepare-release.yml and finalize-release.yml workflows. --- .github/workflows/create-draft-release.yml | 56 -------------------- scripts/release/create_draft_release.sh | 60 ---------------------- 2 files changed, 116 deletions(-) delete mode 100644 .github/workflows/create-draft-release.yml delete mode 100755 scripts/release/create_draft_release.sh diff --git a/.github/workflows/create-draft-release.yml b/.github/workflows/create-draft-release.yml deleted file mode 100644 index f2818b15ab..0000000000 --- a/.github/workflows/create-draft-release.yml +++ /dev/null @@ -1,56 +0,0 @@ -name: Create draft release - -on: - workflow_dispatch: - inputs: - release_version_tag: - description: | - The tag for the new draft release, e.g. 0.5.1 - do not include the `v`. - required: true - codeql_analysis_threads: - description: | - Number of threads to evaluate queries - required: true - default: 6 - aws_ec2_instance_type: - description: | - Recommended specs: 8+ vCPU 32+ GB RAM (e.g. t2.2xlarge, r5.2xlarge) - required: true - default: r5.2xlarge - -jobs: - create-draft-release: - name: Create draft release - runs-on: ubuntu-22.04 - env: - # AWS CONFIGURATION - AWS_EC2_INSTANCE_TYPE: ${{ github.event.inputs.aws_ec2_instance_type }} - - # CODEQL CONFIGURATION - CODEQL_ANALYSIS_THREADS: ${{ github.event.inputs.codeql_analysis_threads }} - - # INTEGRATION TESTING CONFIGURATION - INTEGRATION_TESTING_ACCESS_TOKEN: ${{ secrets.INTEGRATION_TESTING_ACCESS_TOKEN }} - WORKFLOW_ID: 11846210 - - # RELEASE VERSION TAG - RELEASE_VERSION_TAG: ${{ github.event.inputs.release_version_tag }} - steps: - - name: Checkout - uses: actions/checkout@v2 - with: - fetch-depth: 0 - - - name: Install Python - uses: actions/setup-python@v4 - with: - python-version: "3.9" - - - name: Install generate_release_notes.py dependencies - run: pip install -r scripts/requirements.txt - - - name: Create draft release - run: | - scripts/release/create_draft_release.sh ${GITHUB_REF#refs/heads/} "$RELEASE_VERSION_TAG" - env: - GITHUB_TOKEN: ${{ github.token }} diff --git a/scripts/release/create_draft_release.sh b/scripts/release/create_draft_release.sh deleted file mode 100755 index fa3000d450..0000000000 --- a/scripts/release/create_draft_release.sh +++ /dev/null @@ -1,60 +0,0 @@ -#!/bin/bash - -# Script for generating a draft release for the CodeQL Coding Standards repository, for the given branch. - -set -o errexit -set -o nounset - -BRANCH="$1" -VERSION="$2" - -if [[ ! $BRANCH == rc/* ]]; then - echo "$BRANCH is not an rc branch of the form rc/" - exit 1 -fi - -if [ -z "$VERSION" ]; then - VERSION="${BRANCH#rc/}" - echo "Version not set explicitly; auto-detecting $VERSION." -fi - -COMMIT_SHA="$(git rev-parse $BRANCH)" - -echo "Creating draft release for $VERSION from $BRANCH at commit $COMMIT_SHA." - -echo "Identifying code-scanning-pack-gen.yml" -CODE_SCANNING_PACK_GEN_RUN_ID=$(gh api -X GET repos/github/codeql-coding-standards/actions/workflows/code-scanning-pack-gen.yml/runs -F branch="$BRANCH" -F event="push" -F conclusion="success" --jq "first(.workflow_runs.[] | select(.head_sha==\"$COMMIT_SHA\") | .id)") -if [ -z "$CODE_SCANNING_PACK_GEN_RUN_ID" ]; then - echo "No successful run of the code-scanning-pack-gen.yml file for $COMMIT_SHA on branch $BRANCH." - exit 1 -fi - -# Create a temp directory to store the artifacts in -TEMP_DIR="$(mktemp -d)" - -echo "Identified code-scanning-pack-gen.yml run id: $CODE_SCANNING_PACK_GEN_RUN_ID" - -echo "Fetching Code Scanning pack" -CODE_SCANNING_ARTIFACT_NAME="code-scanning-cpp-query-pack.zip" -CODE_SCANNING_VERSIONED_ARTIFACT_NAME="code-scanning-cpp-query-pack-$VERSION.zip" -gh run download $CODE_SCANNING_PACK_GEN_RUN_ID -n "$CODE_SCANNING_ARTIFACT_NAME" -mv "$CODE_SCANNING_ARTIFACT_NAME" "$TEMP_DIR/$CODE_SCANNING_VERSIONED_ARTIFACT_NAME" - -echo "Generating release notes." -python3 scripts/release/generate_release_notes.py > "$TEMP_DIR/release_notes_$VERSION.md" -python3 scripts/release/create_supported_rules_list.py > "$TEMP_DIR/supported_rules_list_$VERSION.md" -python3 scripts/release/create_supported_rules_list.py --csv > "$TEMP_DIR/supported_rules_list_$VERSION.csv" - -echo "Copy Docs to Artifact Directory" -cp docs/user_manual.md "$TEMP_DIR/user_manual_$VERSION.md" - -echo "Generating Checksums" -sha256sum $TEMP_DIR/* > "$TEMP_DIR/checksums.txt" - -gh release create "v$VERSION" -d --target "$BRANCH" -F "$TEMP_DIR/release_notes_$VERSION.md" -t "v$VERSION" "$TEMP_DIR/$CODE_SCANNING_VERSIONED_ARTIFACT_NAME" "$TEMP_DIR/supported_rules_list_$VERSION.md" "$TEMP_DIR/checksums.txt" "$TEMP_DIR/supported_rules_list_$VERSION.csv" "$TEMP_DIR/user_manual_$VERSION.md" - -curl \ - -X POST \ - -H "Accept: application/vnd.github.v3+json" -H "Authorization: token $INTEGRATION_TESTING_ACCESS_TOKEN" \ - https://api.github.com/repos/coding-standards-integration-testing/integration-testing-production/actions/workflows/$WORKFLOW_ID/dispatches \ - -d '{"ref":"refs/heads/main", "inputs": { "release_version_tag":"'"$VERSION"'", "codeql_analysis_threads":"'"$CODEQL_ANALYSIS_THREADS"'", "aws_ec2_instance_type":"'"$AWS_EC2_INSTANCE_TYPE"'" }}' From 083451b2760ec9c9d3502a0117d1f8105275b7d8 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 10 Oct 2023 15:49:38 -0700 Subject: [PATCH 1381/2573] Standardize on Ubuntu 22.04 By pinning the Action runner OS version we will prevent workflow failures caused by changes in newer versions. --- .github/workflows/code-scanning-pack-gen.yml | 2 +- .github/workflows/codeql_unit_tests.yml | 4 ++-- .github/workflows/dispatch-matrix-check.yml | 2 +- .../workflows/dispatch-matrix-test-on-comment.yml | 2 +- .../dispatch-release-performance-check.yml | 2 +- .github/workflows/finalize-release.yml | 2 +- .github/workflows/prepare-release.yml | 2 +- .github/workflows/tooling-unit-tests.yml | 6 +++--- .github/workflows/update-check-run.yml | 2 +- .github/workflows/update-release-status.yml | 2 +- .github/workflows/update-release.yml | 2 +- .github/workflows/validate-package-files.yml | 2 +- .github/workflows/validate-query-formatting.yml | 2 +- .github/workflows/validate-query-help.yml | 2 +- .../validate-query-test-case-formatting.yml | 2 +- .github/workflows/validate-release.yml | 14 +++++++------- .../verify-standard-library-dependencies.yml | 2 +- 17 files changed, 26 insertions(+), 26 deletions(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index abd60b31fc..8864b669a6 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -21,7 +21,7 @@ jobs: prepare-code-scanning-pack-matrix: name: Prepare CodeQL Code Scanning pack matrix - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 outputs: matrix: ${{ steps.export-code-scanning-pack-matrix.outputs.matrix }} steps: diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index dc54eb2ca6..51afecc604 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -17,7 +17,7 @@ jobs: prepare-unit-test-matrix: name: Prepare CodeQL unit test matrix - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 outputs: matrix: ${{ steps.export-unit-test-matrix.outputs.matrix }} steps: @@ -160,7 +160,7 @@ jobs: validate-test-results: name: Validate test results needs: run-test-suites - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Collect test results uses: actions/download-artifact@v3 diff --git a/.github/workflows/dispatch-matrix-check.yml b/.github/workflows/dispatch-matrix-check.yml index a1cf8606a1..39ca9d81ed 100644 --- a/.github/workflows/dispatch-matrix-check.yml +++ b/.github/workflows/dispatch-matrix-check.yml @@ -9,7 +9,7 @@ on: jobs: dispatch-matrix-check: - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Test Variables diff --git a/.github/workflows/dispatch-matrix-test-on-comment.yml b/.github/workflows/dispatch-matrix-test-on-comment.yml index bb307864c6..70afaa19ee 100644 --- a/.github/workflows/dispatch-matrix-test-on-comment.yml +++ b/.github/workflows/dispatch-matrix-test-on-comment.yml @@ -11,7 +11,7 @@ on: jobs: dispatch-matrix-check: - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Test Variables diff --git a/.github/workflows/dispatch-release-performance-check.yml b/.github/workflows/dispatch-release-performance-check.yml index abba5328bd..9b89772223 100644 --- a/.github/workflows/dispatch-release-performance-check.yml +++ b/.github/workflows/dispatch-release-performance-check.yml @@ -10,7 +10,7 @@ on: jobs: dispatch-matrix-check: - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Test Variables diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index df4e3a6656..8fd73707f0 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -15,7 +15,7 @@ on: jobs: finalize-release: if: (github.event_name == 'pull_request' && github.event.pull_request.merged == true) || github.event_name == 'workflow_dispatch' - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Determine ref env: diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index c5b02fd679..c395864019 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -27,7 +27,7 @@ jobs: pull-request-head-sha: ${{ steps.determine-pr-head-sha.outputs.pull-request-head-sha }} name: "Prepare release" if: github.event_name == 'workflow_dispatch' - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Checkout uses: actions/checkout@v3 diff --git a/.github/workflows/tooling-unit-tests.yml b/.github/workflows/tooling-unit-tests.yml index 840e7c5b97..4e9ea4fd3c 100644 --- a/.github/workflows/tooling-unit-tests.yml +++ b/.github/workflows/tooling-unit-tests.yml @@ -16,7 +16,7 @@ on: jobs: prepare-supported-codeql-env-matrix: name: Prepare supported CodeQL environment matrix - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 outputs: matrix: ${{ steps.export-supported-codeql-env-matrix.outputs.matrix }} steps: @@ -33,7 +33,7 @@ jobs: analysis-report-tests: name: Run analysis report tests needs: prepare-supported-codeql-env-matrix - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 strategy: fail-fast: false matrix: ${{ fromJSON(needs.prepare-supported-codeql-env-matrix.outputs.matrix) }} @@ -79,7 +79,7 @@ jobs: recategorization-tests: name: Run Guideline Recategorization tests - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Checkout uses: actions/checkout@v2 diff --git a/.github/workflows/update-check-run.yml b/.github/workflows/update-check-run.yml index da43d91f54..225c81fa24 100644 --- a/.github/workflows/update-check-run.yml +++ b/.github/workflows/update-check-run.yml @@ -42,7 +42,7 @@ permissions: jobs: update-check-run: - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Update check run env: diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index 51d95a18ae..c7d62e80a6 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -22,7 +22,7 @@ permissions: jobs: validate-check-runs: - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 outputs: status: ${{ steps.set-output.outputs.status }} check-run-head-sha: ${{ steps.set-output.outputs.check-run-head-sha }} diff --git a/.github/workflows/update-release.yml b/.github/workflows/update-release.yml index d1f8bed2cf..9868b2f397 100644 --- a/.github/workflows/update-release.yml +++ b/.github/workflows/update-release.yml @@ -25,7 +25,7 @@ env: jobs: update-release: name: "Update release" - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Checkout uses: actions/checkout@v4 diff --git a/.github/workflows/validate-package-files.yml b/.github/workflows/validate-package-files.yml index f348903caa..d2f5336f9b 100644 --- a/.github/workflows/validate-package-files.yml +++ b/.github/workflows/validate-package-files.yml @@ -12,7 +12,7 @@ jobs: strategy: matrix: language: [cpp, c] - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Checkout uses: actions/checkout@v3 diff --git a/.github/workflows/validate-query-formatting.yml b/.github/workflows/validate-query-formatting.yml index 5aeb0b926a..ec2b4bb292 100644 --- a/.github/workflows/validate-query-formatting.yml +++ b/.github/workflows/validate-query-formatting.yml @@ -15,7 +15,7 @@ jobs: strategy: matrix: language: [cpp, c] - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Checkout uses: actions/checkout@v3 diff --git a/.github/workflows/validate-query-help.yml b/.github/workflows/validate-query-help.yml index a035c6be21..2be631dd95 100644 --- a/.github/workflows/validate-query-help.yml +++ b/.github/workflows/validate-query-help.yml @@ -12,7 +12,7 @@ jobs: strategy: matrix: language: [cpp, c] - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Checkout uses: actions/checkout@v3 diff --git a/.github/workflows/validate-query-test-case-formatting.yml b/.github/workflows/validate-query-test-case-formatting.yml index 825ddc2ad5..65f8f76d65 100644 --- a/.github/workflows/validate-query-test-case-formatting.yml +++ b/.github/workflows/validate-query-test-case-formatting.yml @@ -12,7 +12,7 @@ env: jobs: validate-test-case-files: - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 strategy: matrix: language: [cpp, c] diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 4a2ddbab18..b134f1eb13 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -18,7 +18,7 @@ jobs: pre-validate-performance: outputs: check-run-id: ${{ steps.create-check-run.outputs.check-run-id }} - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Create check run id: create-check-run @@ -37,7 +37,7 @@ jobs: validate-performance: needs: pre-validate-performance - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Invoke performance test env: @@ -57,7 +57,7 @@ jobs: on-failure-validate-performance-dispatch: needs: [pre-validate-performance, validate-performance] if: failure() - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Fail check run status env: @@ -79,7 +79,7 @@ jobs: pre-validate-compiler-compatibility: outputs: check-run-id: ${{ steps.create-check-run.outputs.check-run-id }} - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Create check run id: create-check-run @@ -98,7 +98,7 @@ jobs: validate-compiler-compatibility: needs: pre-validate-compiler-compatibility - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Invoke compiler compatibility test env: @@ -118,7 +118,7 @@ jobs: on-failure-validate-compiler-compatibility-dispatch: needs: [pre-validate-compiler-compatibility, validate-compiler-compatibility] if: failure() - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Fail check run status env: @@ -139,7 +139,7 @@ jobs: create-release-status-check-run: name: "Initialize release status monitoring" - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Create release status check run env: diff --git a/.github/workflows/verify-standard-library-dependencies.yml b/.github/workflows/verify-standard-library-dependencies.yml index ab78744e4e..3d204d5e0a 100644 --- a/.github/workflows/verify-standard-library-dependencies.yml +++ b/.github/workflows/verify-standard-library-dependencies.yml @@ -16,7 +16,7 @@ on: jobs: prepare-matrix: name: Prepare CodeQL configuration matrix - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 outputs: matrix: ${{ steps.export-matrix.outputs.matrix }} steps: From 39cc389883e16700833caffebfa7ed75284bc392 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 10 Oct 2023 15:50:30 -0700 Subject: [PATCH 1382/2573] Remove trailing whitespace --- .github/workflows/dispatch-matrix-check.yml | 2 +- .github/workflows/dispatch-matrix-test-on-comment.yml | 2 +- .github/workflows/dispatch-release-performance-check.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/dispatch-matrix-check.yml b/.github/workflows/dispatch-matrix-check.yml index 39ca9d81ed..350f2fb73f 100644 --- a/.github/workflows/dispatch-matrix-check.yml +++ b/.github/workflows/dispatch-matrix-check.yml @@ -14,7 +14,7 @@ jobs: - name: Test Variables shell: pwsh - run: | + run: | Write-Host "Running as: ${{github.actor}}" - name: Dispatch Matrix Testing Job diff --git a/.github/workflows/dispatch-matrix-test-on-comment.yml b/.github/workflows/dispatch-matrix-test-on-comment.yml index 70afaa19ee..bef0ba7232 100644 --- a/.github/workflows/dispatch-matrix-test-on-comment.yml +++ b/.github/workflows/dispatch-matrix-test-on-comment.yml @@ -16,7 +16,7 @@ jobs: - name: Test Variables shell: pwsh - run: | + run: | Write-Host "Running as: ${{github.actor}}" $actor = "${{github.actor}}" diff --git a/.github/workflows/dispatch-release-performance-check.yml b/.github/workflows/dispatch-release-performance-check.yml index 9b89772223..0858527721 100644 --- a/.github/workflows/dispatch-release-performance-check.yml +++ b/.github/workflows/dispatch-release-performance-check.yml @@ -15,7 +15,7 @@ jobs: - name: Test Variables shell: pwsh - run: | + run: | Write-Host "Running as: ${{github.actor}}" $actor = "${{github.actor}}" From 7892c39580436bb4db3c21bfeca46b794ee225a1 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 10 Oct 2023 15:52:25 -0700 Subject: [PATCH 1383/2573] Clarify version requirements --- .github/workflows/prepare-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index c395864019..80bb00a378 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -5,7 +5,7 @@ on: inputs: version: description: | - The version to release (MUST follow semantic versioning). + The version to release (MUST follow semantic versioning so NO 'v' prefix). required: true ref: description: | From 77359e2c5b09d38f19479c253c76d2d882f99497 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 10 Oct 2023 15:55:39 -0700 Subject: [PATCH 1384/2573] Format both query files and library files --- .github/workflows/validate-query-formatting.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/validate-query-formatting.yml b/.github/workflows/validate-query-formatting.yml index ec2b4bb292..c5e9c806d3 100644 --- a/.github/workflows/validate-query-formatting.yml +++ b/.github/workflows/validate-query-formatting.yml @@ -35,7 +35,7 @@ jobs: env: LANGUAGE: ${{ matrix.language }} run: | - find $LANGUAGE -name \*.ql -or -name \*.qll -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql query format --in-place + find $LANGUAGE -name \( \*.ql -or -name \*.qll \) -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql query format --in-place git diff git diff --compact-summary From f1e800f9e0339cff3bce4d1a4471116f748fcd3e Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 10 Oct 2023 16:09:35 -0700 Subject: [PATCH 1385/2573] Add change note for release artifacts update --- change_notes/2023-10-10-add-certification-kit.md | 1 + 1 file changed, 1 insertion(+) create mode 100644 change_notes/2023-10-10-add-certification-kit.md diff --git a/change_notes/2023-10-10-add-certification-kit.md b/change_notes/2023-10-10-add-certification-kit.md new file mode 100644 index 0000000000..d143eaa61b --- /dev/null +++ b/change_notes/2023-10-10-add-certification-kit.md @@ -0,0 +1 @@ +- The release artifacts now include a certification kit used for ISO26262 certification. \ No newline at end of file From 873e341ee6feaf59323858c9ddce86041f48d0d8 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 10 Oct 2023 17:06:54 -0700 Subject: [PATCH 1386/2573] Address incorrect find expression --- .github/workflows/validate-query-formatting.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/validate-query-formatting.yml b/.github/workflows/validate-query-formatting.yml index c5e9c806d3..27adb5c94f 100644 --- a/.github/workflows/validate-query-formatting.yml +++ b/.github/workflows/validate-query-formatting.yml @@ -35,7 +35,7 @@ jobs: env: LANGUAGE: ${{ matrix.language }} run: | - find $LANGUAGE -name \( \*.ql -or -name \*.qll \) -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql query format --in-place + find $LANGUAGE \( -name \*.ql -or -name \*.qll \) -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql query format --in-place git diff git diff --compact-summary From 67c55bb5651e17a7dfe05a004d89561ca5bd4214 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 10 Oct 2023 17:18:06 -0700 Subject: [PATCH 1387/2573] Address incorrect ref used for external help files --- .github/workflows/code-scanning-pack-gen.yml | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index 8864b669a6..4717bab1ea 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -65,6 +65,16 @@ jobs: with: cli_path: ${{ github.workspace }}/codeql_home/codeql + - name: Determine ref for external help files + id: determine-ref + run: | + if [[ $GITHUB_EVENT_NAME == "pull_request" ]]; then + echo "EXTERNAL_HELP_REF=$GITHUB_HEAD_REF" >> "$GITHUB_ENV" + else + echo "EXTERNAL_HELP_REF=$GITHUB_REF" >> "$GITHUB_ENV" + fi + echo "Using ref $EXTERNAL_HELP_REF for external help files." + - name: Checkout external help files continue-on-error: true id: checkout-external-help-files @@ -72,7 +82,7 @@ jobs: with: ssh-key: ${{ secrets.CODEQL_CODING_STANDARDS_HELP_KEY }} repository: "github/codeql-coding-standards-help" - ref: ${{ needs.determine-ref.outputs.ref }} + ref: ${{ env.EXTERNAL_HELP_REF }} path: external-help-files - name: Include external help files From 089c5ae6d3ee52024fc3e5acd6a912843d86f629 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 10 Oct 2023 17:35:29 -0700 Subject: [PATCH 1388/2573] Use the HEAD ref if we are triggered by a merge group --- .github/workflows/code-scanning-pack-gen.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index 4717bab1ea..ce71d140ea 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -68,7 +68,7 @@ jobs: - name: Determine ref for external help files id: determine-ref run: | - if [[ $GITHUB_EVENT_NAME == "pull_request" ]]; then + if [[ $GITHUB_EVENT_NAME == "pull_request" || $GITHUB_EVENT_NAME == "merge_group" ]]; then echo "EXTERNAL_HELP_REF=$GITHUB_HEAD_REF" >> "$GITHUB_ENV" else echo "EXTERNAL_HELP_REF=$GITHUB_REF" >> "$GITHUB_ENV" From 0c6f341b402f63a97f24431bc2deb064e18045be Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 10 Oct 2023 17:38:44 -0700 Subject: [PATCH 1389/2573] Specify the type for the merge group --- .github/workflows/code-scanning-pack-gen.yml | 1 + .github/workflows/codeql_unit_tests.yml | 1 + .github/workflows/extra-rule-validation.yml | 1 + .github/workflows/generate-html-docs.yml | 1 + .github/workflows/tooling-unit-tests.yml | 1 + .github/workflows/validate-package-files.yml | 1 + .github/workflows/validate-query-formatting.yml | 1 + .github/workflows/validate-query-help.yml | 1 + .github/workflows/validate-query-test-case-formatting.yml | 1 + .github/workflows/verify-standard-library-dependencies.yml | 1 + 10 files changed, 10 insertions(+) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index ce71d140ea..ec665a95d1 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -2,6 +2,7 @@ name: Code Scanning Query Pack Generation on: merge_group: + types: [checks_requested] pull_request: branches: - main diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index 51afecc604..62660d973d 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -2,6 +2,7 @@ name: CodeQL Unit Testing on: merge_group: + types: [checks_requested] push: branches: - main diff --git a/.github/workflows/extra-rule-validation.yml b/.github/workflows/extra-rule-validation.yml index 1b2c1a3aef..a18f47c65d 100644 --- a/.github/workflows/extra-rule-validation.yml +++ b/.github/workflows/extra-rule-validation.yml @@ -2,6 +2,7 @@ name: ⚙️ Extra Rule Validation on: merge_group: + types: [checks_requested] push: branches: - main diff --git a/.github/workflows/generate-html-docs.yml b/.github/workflows/generate-html-docs.yml index bb12ba8a2b..f8e3d6d30c 100644 --- a/.github/workflows/generate-html-docs.yml +++ b/.github/workflows/generate-html-docs.yml @@ -2,6 +2,7 @@ name: Generate HTML documentation on: merge_group: + types: [checks_requested] push: branches: - main diff --git a/.github/workflows/tooling-unit-tests.yml b/.github/workflows/tooling-unit-tests.yml index 4e9ea4fd3c..333b4ce024 100644 --- a/.github/workflows/tooling-unit-tests.yml +++ b/.github/workflows/tooling-unit-tests.yml @@ -2,6 +2,7 @@ name: 🧰 Tooling unit tests on: merge_group: + types: [checks_requested] push: branches: - main diff --git a/.github/workflows/validate-package-files.yml b/.github/workflows/validate-package-files.yml index d2f5336f9b..0573b00590 100644 --- a/.github/workflows/validate-package-files.yml +++ b/.github/workflows/validate-package-files.yml @@ -1,6 +1,7 @@ name: Validate Package Files on: merge_group: + types: [checks_requested] pull_request: branches: - main diff --git a/.github/workflows/validate-query-formatting.yml b/.github/workflows/validate-query-formatting.yml index 27adb5c94f..b1007c47ac 100644 --- a/.github/workflows/validate-query-formatting.yml +++ b/.github/workflows/validate-query-formatting.yml @@ -1,6 +1,7 @@ name: "Validate Query Formatting" on: merge_group: + types: [checks_requested] pull_request: branches: - main diff --git a/.github/workflows/validate-query-help.yml b/.github/workflows/validate-query-help.yml index 2be631dd95..d99144fc7f 100644 --- a/.github/workflows/validate-query-help.yml +++ b/.github/workflows/validate-query-help.yml @@ -1,6 +1,7 @@ name: Validate Query Help Files on: merge_group: + types: [checks_requested] pull_request: branches: - main diff --git a/.github/workflows/validate-query-test-case-formatting.yml b/.github/workflows/validate-query-test-case-formatting.yml index 65f8f76d65..7b95484376 100644 --- a/.github/workflows/validate-query-test-case-formatting.yml +++ b/.github/workflows/validate-query-test-case-formatting.yml @@ -1,6 +1,7 @@ name: Validate Query Test Case Formatting on: merge_group: + types: [checks_requested] pull_request: branches: - main diff --git a/.github/workflows/verify-standard-library-dependencies.yml b/.github/workflows/verify-standard-library-dependencies.yml index 3d204d5e0a..cd5d35248d 100644 --- a/.github/workflows/verify-standard-library-dependencies.yml +++ b/.github/workflows/verify-standard-library-dependencies.yml @@ -3,6 +3,7 @@ name: Verify Standard Library Dependencies # Run this workflow every time the "supported_codeql_configs.json" file or a "qlpack.yml" file is changed on: merge_group: + types: [checks_requested] pull_request: branches: - main From dc3440bb7c128bbe78ba592357f24278cf42a164 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 10 Oct 2023 17:52:43 -0700 Subject: [PATCH 1390/2573] Update formatting of queries --- .../CloseFileHandleWhenNoLongerNeededShared.ql | 3 +-- c/common/test/rules/commaoperatorused/CommaOperatorUsed.ql | 3 +-- .../ConstantUnsignedIntegerExpressionsWrapAround.ql | 3 +-- .../test/rules/constlikereturnvalue/ConstLikeReturnValue.ql | 3 +-- c/common/test/rules/deadcode/DeadCode.ql | 3 +-- .../DeclaredAReservedIdentifier.ql | 3 +-- .../dereferenceofnullpointer/DereferenceOfNullPointer.ql | 3 +-- .../rules/donotaccessaclosedfile/DoNotAccessAClosedFile.ql | 3 +-- .../DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql | 3 +-- .../DoNotDestroyAMutexWhileItIsLocked.ql | 3 +-- .../DoNotSubtractPointersAddressingDifferentArrays.ql | 3 +-- .../DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql | 3 +-- .../DoNotUseRandForGeneratingPseudorandomNumbers.ql | 3 +-- .../DoNotUseRelationalOperatorsWithDifferingArrays.ql | 3 +-- .../FreeMemoryWhenNoLongerNeededShared.ql | 3 +-- .../rules/gotostatementcondition/GotoStatementCondition.ql | 3 +-- .../rules/guardaccesstobitfields/GuardAccessToBitFields.ql | 3 +-- c/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql | 3 +-- c/common/test/rules/identifierhidden/IdentifierHidden.ql | 3 +-- .../ifelseterminationconstruct/IfElseTerminationConstruct.ql | 3 +-- .../test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql | 3 +-- .../InformationLeakageAcrossBoundaries.ql | 3 +-- .../InvalidatedEnvStringPointers.ql | 3 +-- .../InvalidatedEnvStringPointersWarn.ql | 3 +-- .../IOFstreamMissingPositioning.ql | 3 +-- .../MacroParameterNotEnclosedInParentheses.ql | 3 +-- .../MemcmpUsedToComparePaddingData.ql | 3 +-- .../test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql | 3 +-- c/common/test/rules/nonconstantformat/NonConstantFormat.ql | 3 +-- .../NonVoidFunctionDoesNotReturn.ql | 3 +-- .../rules/notdistinctidentifier/NotDistinctIdentifier.ql | 3 +-- .../OnlyFreeMemoryAllocatedDynamicallyShared.ql | 3 +-- .../PreprocessingDirectiveWithinMacroArgument.ql | 3 +-- .../PreprocessorIncludesForbiddenHeaderNames.ql | 3 +-- .../PreprocessorIncludesPreceded.ql | 3 +-- .../PreserveSafetyWhenUsingConditionVariables.ql | 3 +-- .../PreventDeadlockByLockingInPredefinedOrder.ql | 3 +-- .../readofuninitializedmemory/ReadOfUninitializedMemory.ql | 3 +-- .../SectionsOfCodeShallNotBeCommentedOut.ql | 3 +-- .../SwitchCasePositionCondition.ql | 3 +-- .../test/rules/switchnotwellformed/SwitchNotWellFormed.ql | 3 +-- c/common/test/rules/typeomitted/TypeOmitted.ql | 3 +-- .../UncheckedRangeDomainPoleErrors.ql | 3 +-- .../undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql | 3 +-- .../UnnecessaryExposedIdentifierDeclarationShared.ql | 3 +-- c/common/test/rules/unreachablecode/UnreachableCode.ql | 3 +-- c/common/test/rules/unusedparameter/UnusedParameter.ql | 3 +-- .../rules/unusedtypedeclarations/UnusedTypeDeclarations.ql | 3 +-- .../UsageOfAssemblerNotDocumented.ql | 3 +-- .../UseOnlyArrayIndexingForPointerArithmetic.ql | 3 +-- .../wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql | 3 +-- .../AccessOfUndefinedMemberThroughNullPointer.ql | 3 +-- ...cessOfUndefinedMemberThroughUninitializedStaticPointer.ql | 5 +++-- .../BasicStringMayNotBeNullTerminated.ql | 3 +-- .../test/rules/catchblockshadowing/CatchBlockShadowing.ql | 3 +-- .../CatchExceptionsByLvalueReference.ql | 3 +-- cpp/common/test/rules/commaoperatorused/CommaOperatorUsed.ql | 3 +-- .../ConditionVariablePostConditionFailed.ql | 3 +-- .../ConstantUnsignedIntegerExpressionsWrapAround.ql | 3 +-- .../ContainerAccessWithoutRangeCheck.ql | 3 +-- .../DanglingCaptureWhenMovingLambdaObject.ql | 3 +-- .../DanglingCaptureWhenReturningLambdaObject.ql | 3 +-- cpp/common/test/rules/deadcode/DeadCode.ql | 3 +-- .../DeleteOfPointerToIncompleteClass.ql | 3 +-- .../dereferenceofnullpointer/DereferenceOfNullPointer.ql | 3 +-- .../DestroyedValueReferencedInDestructorCatchBlock.ql | 3 +-- .../DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql | 3 +-- .../DoNotDestroyAMutexWhileItIsLocked.ql | 3 +-- .../DoNotSubtractPointersAddressingDifferentArrays.ql | 3 +-- .../DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql | 3 +-- .../DoNotUseRandForGeneratingPseudorandomNumbers.ql | 3 +-- .../DoNotUseRelationalOperatorsWithDifferingArrays.ql | 3 +-- .../DoNotUseSetjmpOrLongjmpShared.ql | 3 +-- .../exceptionsafetyguarantees/ExceptionSafetyGuarantees.ql | 3 +-- .../exceptionsafetyvalidstate/ExceptionSafetyValidState.ql | 3 +-- .../exithandlerthrowsexception/ExitHandlerThrowsException.ql | 3 +-- .../explicitabrupttermination/ExplicitAbruptTermination.ql | 3 +-- .../FunctionNoReturnAttributeCondition.ql | 3 +-- .../rules/gotostatementcondition/GotoStatementCondition.ql | 3 +-- .../rules/guardaccesstobitfields/GuardAccessToBitFields.ql | 3 +-- .../HandleAllExceptionsDuringStartup.ql | 3 +-- cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql | 3 +-- cpp/common/test/rules/identifierhidden/IdentifierHidden.ql | 3 +-- .../ifelseterminationconstruct/IfElseTerminationConstruct.ql | 3 +-- .../test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql | 3 +-- .../InformationLeakageAcrossBoundaries.ql | 3 +-- .../IOFstreamMissingPositioning.ql | 3 +-- .../JoinableThreadCopiedOrDestroyed.ql | 3 +-- .../MacroParameterNotEnclosedInParentheses.ql | 3 +-- .../MemcmpUsedToComparePaddingData.ql | 3 +-- .../MovedFromObjectsUnspecifiedState.ql | 3 +-- .../test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql | 3 +-- cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql | 3 +-- .../rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql | 3 +-- cpp/common/test/rules/nonconstantformat/NonConstantFormat.ql | 3 +-- .../NonStandardEntitiesInStandardNamespaces.ql | 3 +-- .../NonVoidFunctionDoesNotReturn.ql | 3 +-- .../ObjectAccessedAfterLifetime.ql | 3 +-- .../ObjectAccessedBeforeLifetime.ql | 3 +-- .../onedefinitionruleviolation/OneDefinitionRuleViolation.ql | 3 +-- .../OperationMayNotNullTerminateCStyleString.ql | 3 +-- .../OperatorDeleteMissingPartner.ql | 3 +-- .../OrderingPredicateMustBeStrictlyWeak.ql | 3 +-- .../OwnedPointerValueStoredInUnrelatedSmartPointer.ql | 3 +-- .../PlacementNewInsufficientStorage.ql | 3 +-- .../PlacementNewNotProperlyAligned.ql | 3 +-- .../PredicateFunctionObjectsShouldNotBeMutable.ql | 3 +-- .../PreprocessingDirectiveWithinMacroArgument.ql | 3 +-- .../PreprocessorIncludesForbiddenHeaderNames.ql | 3 +-- .../PreprocessorIncludesPreceded.ql | 3 +-- .../PreserveSafetyWhenUsingConditionVariables.ql | 3 +-- .../PreventDeadlockByLockingInPredefinedOrder.ql | 3 +-- .../readofuninitializedmemory/ReadOfUninitializedMemory.ql | 3 +-- .../RemoveConstOrVolatileQualification.ql | 3 +-- .../RethrowNestedWithoutCapture.ql | 3 +-- .../SectionsOfCodeShallNotBeCommentedOut.ql | 3 +-- .../StringNumberConversionMissingErrorCheck.ql | 3 +-- .../SwitchCasePositionCondition.ql | 3 +-- .../test/rules/switchnotwellformed/SwitchNotWellFormed.ql | 3 +-- .../ThrowingNoThrowOperatorNewDelete.ql | 3 +-- .../ThrowingOperatorNewReturnsNull.ql | 3 +-- .../ThrowingOperatorNewThrowsInvalidException.ql | 3 +-- .../UncheckedRangeDomainPoleErrors.ql | 3 +-- .../undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql | 3 +-- .../UnnecessaryExposedIdentifierDeclarationShared.ql | 3 +-- cpp/common/test/rules/unreachablecode/UnreachableCode.ql | 3 +-- cpp/common/test/rules/unusedparameter/UnusedParameter.ql | 3 +-- .../rules/unusedtypedeclarations/UnusedTypeDeclarations.ql | 3 +-- .../UsageOfAssemblerNotDocumented.ql | 3 +-- .../UseCanonicalOrderForMemberInit.ql | 3 +-- .../UseOnlyArrayIndexingForPointerArithmetic.ql | 3 +-- .../ValidContainerElementAccess.ql | 3 +-- .../wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql | 3 +-- 133 files changed, 135 insertions(+), 266 deletions(-) diff --git a/c/common/test/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.ql b/c/common/test/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.ql index a208410321..9e657b351a 100644 --- a/c/common/test/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.ql +++ b/c/common/test/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.closefilehandlewhennolongerneededshared.CloseFileHandleWhenNoLongerNeededShared -class TestFileQuery extends CloseFileHandleWhenNoLongerNeededSharedSharedQuery, TestQuery { -} +class TestFileQuery extends CloseFileHandleWhenNoLongerNeededSharedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/commaoperatorused/CommaOperatorUsed.ql b/c/common/test/rules/commaoperatorused/CommaOperatorUsed.ql index b6c91e6eb2..2fe294762e 100644 --- a/c/common/test/rules/commaoperatorused/CommaOperatorUsed.ql +++ b/c/common/test/rules/commaoperatorused/CommaOperatorUsed.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.commaoperatorused.CommaOperatorUsed -class TestFileQuery extends CommaOperatorUsedSharedQuery, TestQuery { -} +class TestFileQuery extends CommaOperatorUsedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql b/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql index b12383aabb..c77ee1c66a 100644 --- a/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql +++ b/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.constantunsignedintegerexpressionswraparound.ConstantUnsignedIntegerExpressionsWrapAround -class TestFileQuery extends ConstantUnsignedIntegerExpressionsWrapAroundSharedQuery, TestQuery { -} +class TestFileQuery extends ConstantUnsignedIntegerExpressionsWrapAroundSharedQuery, TestQuery { } diff --git a/c/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.ql b/c/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.ql index c598883031..53c27eb3ce 100644 --- a/c/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.ql +++ b/c/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.constlikereturnvalue.ConstLikeReturnValue -class TestFileQuery extends ConstLikeReturnValueSharedQuery, TestQuery { -} +class TestFileQuery extends ConstLikeReturnValueSharedQuery, TestQuery { } diff --git a/c/common/test/rules/deadcode/DeadCode.ql b/c/common/test/rules/deadcode/DeadCode.ql index b38dba26d7..dcd7fce840 100644 --- a/c/common/test/rules/deadcode/DeadCode.ql +++ b/c/common/test/rules/deadcode/DeadCode.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.deadcode.DeadCode -class TestFileQuery extends DeadCodeSharedQuery, TestQuery { -} +class TestFileQuery extends DeadCodeSharedQuery, TestQuery { } diff --git a/c/common/test/rules/declaredareservedidentifier/DeclaredAReservedIdentifier.ql b/c/common/test/rules/declaredareservedidentifier/DeclaredAReservedIdentifier.ql index 707ef3ccbe..f091b0aaaa 100644 --- a/c/common/test/rules/declaredareservedidentifier/DeclaredAReservedIdentifier.ql +++ b/c/common/test/rules/declaredareservedidentifier/DeclaredAReservedIdentifier.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.declaredareservedidentifier.DeclaredAReservedIdentifier -class TestFileQuery extends DeclaredAReservedIdentifierSharedQuery, TestQuery { -} +class TestFileQuery extends DeclaredAReservedIdentifierSharedQuery, TestQuery { } diff --git a/c/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql b/c/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql index cf9fdf6071..c8dc62e67c 100644 --- a/c/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql +++ b/c/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.dereferenceofnullpointer.DereferenceOfNullPointer -class TestFileQuery extends DereferenceOfNullPointerSharedQuery, TestQuery { -} +class TestFileQuery extends DereferenceOfNullPointerSharedQuery, TestQuery { } diff --git a/c/common/test/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.ql b/c/common/test/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.ql index 1087134c19..d3b8b9ea3a 100644 --- a/c/common/test/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.ql +++ b/c/common/test/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotaccessaclosedfile.DoNotAccessAClosedFile -class TestFileQuery extends DoNotAccessAClosedFileSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotAccessAClosedFileSharedQuery, TestQuery { } diff --git a/c/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql b/c/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql index 9aac0f1c09..ceae7e6a9e 100644 --- a/c/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql +++ b/c/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotallowamutextogooutofscopewhilelocked.DoNotAllowAMutexToGoOutOfScopeWhileLocked -class TestFileQuery extends DoNotAllowAMutexToGoOutOfScopeWhileLockedSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotAllowAMutexToGoOutOfScopeWhileLockedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql b/c/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql index b2fdab8eea..96ea58009e 100644 --- a/c/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql +++ b/c/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotdestroyamutexwhileitislocked.DoNotDestroyAMutexWhileItIsLocked -class TestFileQuery extends DoNotDestroyAMutexWhileItIsLockedSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotDestroyAMutexWhileItIsLockedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql b/c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql index cc9cb834e0..374a6fc52b 100644 --- a/c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql +++ b/c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotsubtractpointersaddressingdifferentarrays.DoNotSubtractPointersAddressingDifferentArrays -class TestFileQuery extends DoNotSubtractPointersAddressingDifferentArraysSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotSubtractPointersAddressingDifferentArraysSharedQuery, TestQuery { } diff --git a/c/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql b/c/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql index ddaa0399b2..edef2c1127 100644 --- a/c/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql +++ b/c/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotusemorethantwolevelsofpointerindirection.DoNotUseMoreThanTwoLevelsOfPointerIndirection -class TestFileQuery extends DoNotUseMoreThanTwoLevelsOfPointerIndirectionSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotUseMoreThanTwoLevelsOfPointerIndirectionSharedQuery, TestQuery { } diff --git a/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql b/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql index c6e0f0e58a..3ad5626256 100644 --- a/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql +++ b/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotuserandforgeneratingpseudorandomnumbers.DoNotUseRandForGeneratingPseudorandomNumbers -class TestFileQuery extends DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery, TestQuery { } diff --git a/c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql b/c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql index 647ee40426..bceb46bf63 100644 --- a/c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql +++ b/c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotuserelationaloperatorswithdifferingarrays.DoNotUseRelationalOperatorsWithDifferingArrays -class TestFileQuery extends DoNotUseRelationalOperatorsWithDifferingArraysSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotUseRelationalOperatorsWithDifferingArraysSharedQuery, TestQuery { } diff --git a/c/common/test/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.ql b/c/common/test/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.ql index 8b89cb900c..27683eddfb 100644 --- a/c/common/test/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.ql +++ b/c/common/test/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.freememorywhennolongerneededshared.FreeMemoryWhenNoLongerNeededShared -class TestFileQuery extends FreeMemoryWhenNoLongerNeededSharedSharedQuery, TestQuery { -} +class TestFileQuery extends FreeMemoryWhenNoLongerNeededSharedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/gotostatementcondition/GotoStatementCondition.ql b/c/common/test/rules/gotostatementcondition/GotoStatementCondition.ql index 2317d5c7db..89768a3022 100644 --- a/c/common/test/rules/gotostatementcondition/GotoStatementCondition.ql +++ b/c/common/test/rules/gotostatementcondition/GotoStatementCondition.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.gotostatementcondition.GotoStatementCondition -class TestFileQuery extends GotoStatementConditionSharedQuery, TestQuery { -} +class TestFileQuery extends GotoStatementConditionSharedQuery, TestQuery { } diff --git a/c/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql b/c/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql index 4f7709c7dd..a0d83a59a6 100644 --- a/c/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql +++ b/c/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.guardaccesstobitfields.GuardAccessToBitFields -class TestFileQuery extends GuardAccessToBitFieldsSharedQuery, TestQuery { -} +class TestFileQuery extends GuardAccessToBitFieldsSharedQuery, TestQuery { } diff --git a/c/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql b/c/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql index f9f34ef6d9..a61dc7860a 100644 --- a/c/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql +++ b/c/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.hashoperatorsused.HashOperatorsUsed -class TestFileQuery extends HashOperatorsUsedSharedQuery, TestQuery { -} +class TestFileQuery extends HashOperatorsUsedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/identifierhidden/IdentifierHidden.ql b/c/common/test/rules/identifierhidden/IdentifierHidden.ql index 27a35f8376..ba13b28bd4 100644 --- a/c/common/test/rules/identifierhidden/IdentifierHidden.ql +++ b/c/common/test/rules/identifierhidden/IdentifierHidden.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.identifierhidden.IdentifierHidden -class TestFileQuery extends IdentifierHiddenSharedQuery, TestQuery { -} +class TestFileQuery extends IdentifierHiddenSharedQuery, TestQuery { } diff --git a/c/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql b/c/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql index d0a494f270..acdd497be7 100644 --- a/c/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql +++ b/c/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.ifelseterminationconstruct.IfElseTerminationConstruct -class TestFileQuery extends IfElseTerminationConstructSharedQuery, TestQuery { -} +class TestFileQuery extends IfElseTerminationConstructSharedQuery, TestQuery { } diff --git a/c/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql b/c/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql index 8bec76dc05..13b07b4e90 100644 --- a/c/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql +++ b/c/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.includeguardsnotused.IncludeGuardsNotUsed -class TestFileQuery extends IncludeGuardsNotUsedSharedQuery, TestQuery { -} +class TestFileQuery extends IncludeGuardsNotUsedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql b/c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql index f51683773f..3393d015c3 100644 --- a/c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql +++ b/c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.informationleakageacrossboundaries.InformationLeakageAcrossBoundaries -class TestFileQuery extends InformationLeakageAcrossBoundariesSharedQuery, TestQuery { -} +class TestFileQuery extends InformationLeakageAcrossBoundariesSharedQuery, TestQuery { } diff --git a/c/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.ql b/c/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.ql index 777e498dc1..b82c43333a 100644 --- a/c/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.ql +++ b/c/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.invalidatedenvstringpointers.InvalidatedEnvStringPointers -class TestFileQuery extends InvalidatedEnvStringPointersSharedQuery, TestQuery { -} +class TestFileQuery extends InvalidatedEnvStringPointersSharedQuery, TestQuery { } diff --git a/c/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.ql b/c/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.ql index 9efdbbe048..7a56af210d 100644 --- a/c/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.ql +++ b/c/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.invalidatedenvstringpointerswarn.InvalidatedEnvStringPointersWarn -class TestFileQuery extends InvalidatedEnvStringPointersWarnSharedQuery, TestQuery { -} +class TestFileQuery extends InvalidatedEnvStringPointersWarnSharedQuery, TestQuery { } diff --git a/c/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql b/c/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql index ed1e85b531..c1f22c408a 100644 --- a/c/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql +++ b/c/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.iofstreammissingpositioning.IOFstreamMissingPositioning -class TestFileQuery extends IOFstreamMissingPositioningSharedQuery, TestQuery { -} +class TestFileQuery extends IOFstreamMissingPositioningSharedQuery, TestQuery { } diff --git a/c/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql b/c/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql index 8b3c25098c..2ff9477919 100644 --- a/c/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql +++ b/c/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.macroparameternotenclosedinparentheses.MacroParameterNotEnclosedInParentheses -class TestFileQuery extends MacroParameterNotEnclosedInParenthesesSharedQuery, TestQuery { -} +class TestFileQuery extends MacroParameterNotEnclosedInParenthesesSharedQuery, TestQuery { } diff --git a/c/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql b/c/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql index 108cf3b8a1..55290047a1 100644 --- a/c/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql +++ b/c/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.memcmpusedtocomparepaddingdata.MemcmpUsedToComparePaddingData -class TestFileQuery extends MemcmpUsedToComparePaddingDataSharedQuery, TestQuery { -} +class TestFileQuery extends MemcmpUsedToComparePaddingDataSharedQuery, TestQuery { } diff --git a/c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql b/c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql index d57bf78fad..3e0b1f7e8b 100644 --- a/c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql +++ b/c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nestedlabelinswitch.NestedLabelInSwitch -class TestFileQuery extends NestedLabelInSwitchSharedQuery, TestQuery { -} +class TestFileQuery extends NestedLabelInSwitchSharedQuery, TestQuery { } diff --git a/c/common/test/rules/nonconstantformat/NonConstantFormat.ql b/c/common/test/rules/nonconstantformat/NonConstantFormat.ql index 71bff7e9c6..25750ae9e5 100644 --- a/c/common/test/rules/nonconstantformat/NonConstantFormat.ql +++ b/c/common/test/rules/nonconstantformat/NonConstantFormat.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonconstantformat.NonConstantFormat -class TestFileQuery extends NonConstantFormatSharedQuery, TestQuery { -} +class TestFileQuery extends NonConstantFormatSharedQuery, TestQuery { } diff --git a/c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql b/c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql index 775599e10e..bcf99b44e7 100644 --- a/c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql +++ b/c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonvoidfunctiondoesnotreturn.NonVoidFunctionDoesNotReturn -class TestFileQuery extends NonVoidFunctionDoesNotReturnSharedQuery, TestQuery { -} +class TestFileQuery extends NonVoidFunctionDoesNotReturnSharedQuery, TestQuery { } diff --git a/c/common/test/rules/notdistinctidentifier/NotDistinctIdentifier.ql b/c/common/test/rules/notdistinctidentifier/NotDistinctIdentifier.ql index ba74868838..3b7a8a5f9a 100644 --- a/c/common/test/rules/notdistinctidentifier/NotDistinctIdentifier.ql +++ b/c/common/test/rules/notdistinctidentifier/NotDistinctIdentifier.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.notdistinctidentifier.NotDistinctIdentifier -class TestFileQuery extends NotDistinctIdentifierSharedQuery, TestQuery { -} +class TestFileQuery extends NotDistinctIdentifierSharedQuery, TestQuery { } diff --git a/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.ql b/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.ql index f8c036c2d2..f7d315554e 100644 --- a/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.ql +++ b/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.onlyfreememoryallocateddynamicallyshared.OnlyFreeMemoryAllocatedDynamicallyShared -class TestFileQuery extends OnlyFreeMemoryAllocatedDynamicallySharedSharedQuery, TestQuery { -} +class TestFileQuery extends OnlyFreeMemoryAllocatedDynamicallySharedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql b/c/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql index 35bc1586b0..d66babdb6d 100644 --- a/c/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql +++ b/c/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessingdirectivewithinmacroargument.PreprocessingDirectiveWithinMacroArgument -class TestFileQuery extends PreprocessingDirectiveWithinMacroArgumentSharedQuery, TestQuery { -} +class TestFileQuery extends PreprocessingDirectiveWithinMacroArgumentSharedQuery, TestQuery { } diff --git a/c/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql b/c/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql index f12f9663b1..c7652ab4ae 100644 --- a/c/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql +++ b/c/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessorincludesforbiddenheadernames.PreprocessorIncludesForbiddenHeaderNames -class TestFileQuery extends PreprocessorIncludesForbiddenHeaderNamesSharedQuery, TestQuery { -} +class TestFileQuery extends PreprocessorIncludesForbiddenHeaderNamesSharedQuery, TestQuery { } diff --git a/c/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql b/c/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql index 44f700604a..43701dbbf9 100644 --- a/c/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql +++ b/c/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessorincludespreceded.PreprocessorIncludesPreceded -class TestFileQuery extends PreprocessorIncludesPrecededSharedQuery, TestQuery { -} +class TestFileQuery extends PreprocessorIncludesPrecededSharedQuery, TestQuery { } diff --git a/c/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql b/c/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql index 6fd33d601b..009c7f9e26 100644 --- a/c/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql +++ b/c/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preservesafetywhenusingconditionvariables.PreserveSafetyWhenUsingConditionVariables -class TestFileQuery extends PreserveSafetyWhenUsingConditionVariablesSharedQuery, TestQuery { -} +class TestFileQuery extends PreserveSafetyWhenUsingConditionVariablesSharedQuery, TestQuery { } diff --git a/c/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql b/c/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql index 9968a80e75..4ca46f15ea 100644 --- a/c/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql +++ b/c/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preventdeadlockbylockinginpredefinedorder.PreventDeadlockByLockingInPredefinedOrder -class TestFileQuery extends PreventDeadlockByLockingInPredefinedOrderSharedQuery, TestQuery { -} +class TestFileQuery extends PreventDeadlockByLockingInPredefinedOrderSharedQuery, TestQuery { } diff --git a/c/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql b/c/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql index cec14d6dac..9150d4459d 100644 --- a/c/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql +++ b/c/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.readofuninitializedmemory.ReadOfUninitializedMemory -class TestFileQuery extends ReadOfUninitializedMemorySharedQuery, TestQuery { -} +class TestFileQuery extends ReadOfUninitializedMemorySharedQuery, TestQuery { } diff --git a/c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql b/c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql index 00d24cc943..aacadf0253 100644 --- a/c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql +++ b/c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.sectionsofcodeshallnotbecommentedout.SectionsOfCodeShallNotBeCommentedOut -class TestFileQuery extends SectionsOfCodeShallNotBeCommentedOutSharedQuery, TestQuery { -} +class TestFileQuery extends SectionsOfCodeShallNotBeCommentedOutSharedQuery, TestQuery { } diff --git a/c/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql b/c/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql index de3d7c5c9c..1b323a652d 100644 --- a/c/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql +++ b/c/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.switchcasepositioncondition.SwitchCasePositionCondition -class TestFileQuery extends SwitchCasePositionConditionSharedQuery, TestQuery { -} +class TestFileQuery extends SwitchCasePositionConditionSharedQuery, TestQuery { } diff --git a/c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql b/c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql index 3669f8739e..75ce3cb1ec 100644 --- a/c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql +++ b/c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.switchnotwellformed.SwitchNotWellFormed -class TestFileQuery extends SwitchNotWellFormedSharedQuery, TestQuery { -} +class TestFileQuery extends SwitchNotWellFormedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/typeomitted/TypeOmitted.ql b/c/common/test/rules/typeomitted/TypeOmitted.ql index eaade7faf6..a9cd81118c 100644 --- a/c/common/test/rules/typeomitted/TypeOmitted.ql +++ b/c/common/test/rules/typeomitted/TypeOmitted.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.typeomitted.TypeOmitted -class TestFileQuery extends TypeOmittedSharedQuery, TestQuery { -} +class TestFileQuery extends TypeOmittedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql b/c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql index 6ae007bd39..11720fb8da 100644 --- a/c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql +++ b/c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.uncheckedrangedomainpoleerrors.UncheckedRangeDomainPoleErrors -class TestFileQuery extends UncheckedRangeDomainPoleErrorsSharedQuery, TestQuery { -} +class TestFileQuery extends UncheckedRangeDomainPoleErrorsSharedQuery, TestQuery { } diff --git a/c/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql b/c/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql index 168b3a0b2e..316565cab7 100644 --- a/c/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql +++ b/c/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.undefinedmacroidentifiers.UndefinedMacroIdentifiers -class TestFileQuery extends UndefinedMacroIdentifiersSharedQuery, TestQuery { -} +class TestFileQuery extends UndefinedMacroIdentifiersSharedQuery, TestQuery { } diff --git a/c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql b/c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql index 3b1e4b7c56..3baad901da 100644 --- a/c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql +++ b/c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unnecessaryexposedidentifierdeclarationshared.UnnecessaryExposedIdentifierDeclarationShared -class TestFileQuery extends UnnecessaryExposedIdentifierDeclarationSharedSharedQuery, TestQuery { -} +class TestFileQuery extends UnnecessaryExposedIdentifierDeclarationSharedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/unreachablecode/UnreachableCode.ql b/c/common/test/rules/unreachablecode/UnreachableCode.ql index 61554593fd..c394bfba3e 100644 --- a/c/common/test/rules/unreachablecode/UnreachableCode.ql +++ b/c/common/test/rules/unreachablecode/UnreachableCode.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unreachablecode.UnreachableCode -class TestFileQuery extends UnreachableCodeSharedQuery, TestQuery { -} +class TestFileQuery extends UnreachableCodeSharedQuery, TestQuery { } diff --git a/c/common/test/rules/unusedparameter/UnusedParameter.ql b/c/common/test/rules/unusedparameter/UnusedParameter.ql index 4dc2000dbb..e990a7dcf3 100644 --- a/c/common/test/rules/unusedparameter/UnusedParameter.ql +++ b/c/common/test/rules/unusedparameter/UnusedParameter.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unusedparameter.UnusedParameter -class TestFileQuery extends UnusedParameterSharedQuery, TestQuery { -} +class TestFileQuery extends UnusedParameterSharedQuery, TestQuery { } diff --git a/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql b/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql index 76ccfec0f2..f1c09524d5 100644 --- a/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql +++ b/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unusedtypedeclarations.UnusedTypeDeclarations -class TestFileQuery extends UnusedTypeDeclarationsSharedQuery, TestQuery { -} +class TestFileQuery extends UnusedTypeDeclarationsSharedQuery, TestQuery { } diff --git a/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql b/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql index c8b9f229f4..f9997627b4 100644 --- a/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql +++ b/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.usageofassemblernotdocumented.UsageOfAssemblerNotDocumented -class TestFileQuery extends UsageOfAssemblerNotDocumentedSharedQuery, TestQuery { -} +class TestFileQuery extends UsageOfAssemblerNotDocumentedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql b/c/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql index 7edd86ecab..55554bee07 100644 --- a/c/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql +++ b/c/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.useonlyarrayindexingforpointerarithmetic.UseOnlyArrayIndexingForPointerArithmetic -class TestFileQuery extends UseOnlyArrayIndexingForPointerArithmeticSharedQuery, TestQuery { -} +class TestFileQuery extends UseOnlyArrayIndexingForPointerArithmeticSharedQuery, TestQuery { } diff --git a/c/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql b/c/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql index af84dd07c1..44947bf85a 100644 --- a/c/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql +++ b/c/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.wrapspuriousfunctioninloop.WrapSpuriousFunctionInLoop -class TestFileQuery extends WrapSpuriousFunctionInLoopSharedQuery, TestQuery { -} +class TestFileQuery extends WrapSpuriousFunctionInLoopSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.ql b/cpp/common/test/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.ql index 4607c4f48c..a94e11dbf6 100644 --- a/cpp/common/test/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.ql +++ b/cpp/common/test/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.accessofundefinedmemberthroughnullpointer.AccessOfUndefinedMemberThroughNullPointer -class TestFileQuery extends AccessOfUndefinedMemberThroughNullPointerSharedQuery, TestQuery { -} +class TestFileQuery extends AccessOfUndefinedMemberThroughNullPointerSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.ql b/cpp/common/test/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.ql index 489c4a23f4..90d192e3d8 100644 --- a/cpp/common/test/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.ql +++ b/cpp/common/test/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.ql @@ -1,5 +1,6 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.accessofundefinedmemberthroughuninitializedstaticpointer.AccessOfUndefinedMemberThroughUninitializedStaticPointer -class TestFileQuery extends AccessOfUndefinedMemberThroughUninitializedStaticPointerSharedQuery, TestQuery { -} +class TestFileQuery extends AccessOfUndefinedMemberThroughUninitializedStaticPointerSharedQuery, + TestQuery +{ } diff --git a/cpp/common/test/rules/basicstringmaynotbenullterminated/BasicStringMayNotBeNullTerminated.ql b/cpp/common/test/rules/basicstringmaynotbenullterminated/BasicStringMayNotBeNullTerminated.ql index 21f00547fc..c2c4fe7906 100644 --- a/cpp/common/test/rules/basicstringmaynotbenullterminated/BasicStringMayNotBeNullTerminated.ql +++ b/cpp/common/test/rules/basicstringmaynotbenullterminated/BasicStringMayNotBeNullTerminated.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.basicstringmaynotbenullterminated.BasicStringMayNotBeNullTerminated -class TestFileQuery extends BasicStringMayNotBeNullTerminatedSharedQuery, TestQuery { -} +class TestFileQuery extends BasicStringMayNotBeNullTerminatedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/catchblockshadowing/CatchBlockShadowing.ql b/cpp/common/test/rules/catchblockshadowing/CatchBlockShadowing.ql index 81b37d3aa5..76b7123d99 100644 --- a/cpp/common/test/rules/catchblockshadowing/CatchBlockShadowing.ql +++ b/cpp/common/test/rules/catchblockshadowing/CatchBlockShadowing.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.catchblockshadowing.CatchBlockShadowing -class TestFileQuery extends CatchBlockShadowingSharedQuery, TestQuery { -} +class TestFileQuery extends CatchBlockShadowingSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/catchexceptionsbylvaluereference/CatchExceptionsByLvalueReference.ql b/cpp/common/test/rules/catchexceptionsbylvaluereference/CatchExceptionsByLvalueReference.ql index 0931cc9ca8..30d6d30c47 100644 --- a/cpp/common/test/rules/catchexceptionsbylvaluereference/CatchExceptionsByLvalueReference.ql +++ b/cpp/common/test/rules/catchexceptionsbylvaluereference/CatchExceptionsByLvalueReference.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.catchexceptionsbylvaluereference.CatchExceptionsByLvalueReference -class TestFileQuery extends CatchExceptionsByLvalueReferenceSharedQuery, TestQuery { -} +class TestFileQuery extends CatchExceptionsByLvalueReferenceSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/commaoperatorused/CommaOperatorUsed.ql b/cpp/common/test/rules/commaoperatorused/CommaOperatorUsed.ql index b6c91e6eb2..2fe294762e 100644 --- a/cpp/common/test/rules/commaoperatorused/CommaOperatorUsed.ql +++ b/cpp/common/test/rules/commaoperatorused/CommaOperatorUsed.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.commaoperatorused.CommaOperatorUsed -class TestFileQuery extends CommaOperatorUsedSharedQuery, TestQuery { -} +class TestFileQuery extends CommaOperatorUsedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/conditionvariablepostconditionfailed/ConditionVariablePostConditionFailed.ql b/cpp/common/test/rules/conditionvariablepostconditionfailed/ConditionVariablePostConditionFailed.ql index 9192ea6c24..e990e23e2e 100644 --- a/cpp/common/test/rules/conditionvariablepostconditionfailed/ConditionVariablePostConditionFailed.ql +++ b/cpp/common/test/rules/conditionvariablepostconditionfailed/ConditionVariablePostConditionFailed.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.conditionvariablepostconditionfailed.ConditionVariablePostConditionFailed -class TestFileQuery extends ConditionVariablePostConditionFailedSharedQuery, TestQuery { -} +class TestFileQuery extends ConditionVariablePostConditionFailedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql b/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql index b12383aabb..c77ee1c66a 100644 --- a/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql +++ b/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.constantunsignedintegerexpressionswraparound.ConstantUnsignedIntegerExpressionsWrapAround -class TestFileQuery extends ConstantUnsignedIntegerExpressionsWrapAroundSharedQuery, TestQuery { -} +class TestFileQuery extends ConstantUnsignedIntegerExpressionsWrapAroundSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.ql b/cpp/common/test/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.ql index 90f2624e6b..be54f5a31c 100644 --- a/cpp/common/test/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.ql +++ b/cpp/common/test/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.containeraccesswithoutrangecheck.ContainerAccessWithoutRangeCheck -class TestFileQuery extends ContainerAccessWithoutRangeCheckSharedQuery, TestQuery { -} +class TestFileQuery extends ContainerAccessWithoutRangeCheckSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/danglingcapturewhenmovinglambdaobject/DanglingCaptureWhenMovingLambdaObject.ql b/cpp/common/test/rules/danglingcapturewhenmovinglambdaobject/DanglingCaptureWhenMovingLambdaObject.ql index 3e1929e5c3..ba1f1efc2f 100644 --- a/cpp/common/test/rules/danglingcapturewhenmovinglambdaobject/DanglingCaptureWhenMovingLambdaObject.ql +++ b/cpp/common/test/rules/danglingcapturewhenmovinglambdaobject/DanglingCaptureWhenMovingLambdaObject.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.danglingcapturewhenmovinglambdaobject.DanglingCaptureWhenMovingLambdaObject -class TestFileQuery extends DanglingCaptureWhenMovingLambdaObjectSharedQuery, TestQuery { -} +class TestFileQuery extends DanglingCaptureWhenMovingLambdaObjectSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/danglingcapturewhenreturninglambdaobject/DanglingCaptureWhenReturningLambdaObject.ql b/cpp/common/test/rules/danglingcapturewhenreturninglambdaobject/DanglingCaptureWhenReturningLambdaObject.ql index 6880b797fc..d95ba912fd 100644 --- a/cpp/common/test/rules/danglingcapturewhenreturninglambdaobject/DanglingCaptureWhenReturningLambdaObject.ql +++ b/cpp/common/test/rules/danglingcapturewhenreturninglambdaobject/DanglingCaptureWhenReturningLambdaObject.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.danglingcapturewhenreturninglambdaobject.DanglingCaptureWhenReturningLambdaObject -class TestFileQuery extends DanglingCaptureWhenReturningLambdaObjectSharedQuery, TestQuery { -} +class TestFileQuery extends DanglingCaptureWhenReturningLambdaObjectSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/deadcode/DeadCode.ql b/cpp/common/test/rules/deadcode/DeadCode.ql index b38dba26d7..dcd7fce840 100644 --- a/cpp/common/test/rules/deadcode/DeadCode.ql +++ b/cpp/common/test/rules/deadcode/DeadCode.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.deadcode.DeadCode -class TestFileQuery extends DeadCodeSharedQuery, TestQuery { -} +class TestFileQuery extends DeadCodeSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/deleteofpointertoincompleteclass/DeleteOfPointerToIncompleteClass.ql b/cpp/common/test/rules/deleteofpointertoincompleteclass/DeleteOfPointerToIncompleteClass.ql index 54ae2a773b..a589ae988e 100644 --- a/cpp/common/test/rules/deleteofpointertoincompleteclass/DeleteOfPointerToIncompleteClass.ql +++ b/cpp/common/test/rules/deleteofpointertoincompleteclass/DeleteOfPointerToIncompleteClass.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.deleteofpointertoincompleteclass.DeleteOfPointerToIncompleteClass -class TestFileQuery extends DeleteOfPointerToIncompleteClassSharedQuery, TestQuery { -} +class TestFileQuery extends DeleteOfPointerToIncompleteClassSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql b/cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql index cf9fdf6071..c8dc62e67c 100644 --- a/cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql +++ b/cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.dereferenceofnullpointer.DereferenceOfNullPointer -class TestFileQuery extends DereferenceOfNullPointerSharedQuery, TestQuery { -} +class TestFileQuery extends DereferenceOfNullPointerSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/destroyedvaluereferencedindestructorcatchblock/DestroyedValueReferencedInDestructorCatchBlock.ql b/cpp/common/test/rules/destroyedvaluereferencedindestructorcatchblock/DestroyedValueReferencedInDestructorCatchBlock.ql index a2418fe0e6..90c4ed602a 100644 --- a/cpp/common/test/rules/destroyedvaluereferencedindestructorcatchblock/DestroyedValueReferencedInDestructorCatchBlock.ql +++ b/cpp/common/test/rules/destroyedvaluereferencedindestructorcatchblock/DestroyedValueReferencedInDestructorCatchBlock.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.destroyedvaluereferencedindestructorcatchblock.DestroyedValueReferencedInDestructorCatchBlock -class TestFileQuery extends DestroyedValueReferencedInDestructorCatchBlockSharedQuery, TestQuery { -} +class TestFileQuery extends DestroyedValueReferencedInDestructorCatchBlockSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql b/cpp/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql index 9aac0f1c09..ceae7e6a9e 100644 --- a/cpp/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql +++ b/cpp/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotallowamutextogooutofscopewhilelocked.DoNotAllowAMutexToGoOutOfScopeWhileLocked -class TestFileQuery extends DoNotAllowAMutexToGoOutOfScopeWhileLockedSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotAllowAMutexToGoOutOfScopeWhileLockedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql b/cpp/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql index b2fdab8eea..96ea58009e 100644 --- a/cpp/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql +++ b/cpp/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotdestroyamutexwhileitislocked.DoNotDestroyAMutexWhileItIsLocked -class TestFileQuery extends DoNotDestroyAMutexWhileItIsLockedSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotDestroyAMutexWhileItIsLockedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql b/cpp/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql index cc9cb834e0..374a6fc52b 100644 --- a/cpp/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql +++ b/cpp/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotsubtractpointersaddressingdifferentarrays.DoNotSubtractPointersAddressingDifferentArrays -class TestFileQuery extends DoNotSubtractPointersAddressingDifferentArraysSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotSubtractPointersAddressingDifferentArraysSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql b/cpp/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql index ddaa0399b2..edef2c1127 100644 --- a/cpp/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql +++ b/cpp/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotusemorethantwolevelsofpointerindirection.DoNotUseMoreThanTwoLevelsOfPointerIndirection -class TestFileQuery extends DoNotUseMoreThanTwoLevelsOfPointerIndirectionSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotUseMoreThanTwoLevelsOfPointerIndirectionSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql b/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql index c6e0f0e58a..3ad5626256 100644 --- a/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql +++ b/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotuserandforgeneratingpseudorandomnumbers.DoNotUseRandForGeneratingPseudorandomNumbers -class TestFileQuery extends DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql b/cpp/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql index 647ee40426..bceb46bf63 100644 --- a/cpp/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql +++ b/cpp/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotuserelationaloperatorswithdifferingarrays.DoNotUseRelationalOperatorsWithDifferingArrays -class TestFileQuery extends DoNotUseRelationalOperatorsWithDifferingArraysSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotUseRelationalOperatorsWithDifferingArraysSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.ql b/cpp/common/test/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.ql index bb9245942d..e0026467ff 100644 --- a/cpp/common/test/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.ql +++ b/cpp/common/test/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotusesetjmporlongjmpshared.DoNotUseSetjmpOrLongjmpShared -class TestFileQuery extends DoNotUseSetjmpOrLongjmpSharedSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotUseSetjmpOrLongjmpSharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/exceptionsafetyguarantees/ExceptionSafetyGuarantees.ql b/cpp/common/test/rules/exceptionsafetyguarantees/ExceptionSafetyGuarantees.ql index 2d09d10250..bfa4a88318 100644 --- a/cpp/common/test/rules/exceptionsafetyguarantees/ExceptionSafetyGuarantees.ql +++ b/cpp/common/test/rules/exceptionsafetyguarantees/ExceptionSafetyGuarantees.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.exceptionsafetyguarantees.ExceptionSafetyGuarantees -class TestFileQuery extends ExceptionSafetyGuaranteesSharedQuery, TestQuery { -} +class TestFileQuery extends ExceptionSafetyGuaranteesSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/exceptionsafetyvalidstate/ExceptionSafetyValidState.ql b/cpp/common/test/rules/exceptionsafetyvalidstate/ExceptionSafetyValidState.ql index e2d2107580..aa18543c36 100644 --- a/cpp/common/test/rules/exceptionsafetyvalidstate/ExceptionSafetyValidState.ql +++ b/cpp/common/test/rules/exceptionsafetyvalidstate/ExceptionSafetyValidState.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.exceptionsafetyvalidstate.ExceptionSafetyValidState -class TestFileQuery extends ExceptionSafetyValidStateSharedQuery, TestQuery { -} +class TestFileQuery extends ExceptionSafetyValidStateSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/exithandlerthrowsexception/ExitHandlerThrowsException.ql b/cpp/common/test/rules/exithandlerthrowsexception/ExitHandlerThrowsException.ql index 4552e1d6e5..c61992b8b0 100644 --- a/cpp/common/test/rules/exithandlerthrowsexception/ExitHandlerThrowsException.ql +++ b/cpp/common/test/rules/exithandlerthrowsexception/ExitHandlerThrowsException.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.exithandlerthrowsexception.ExitHandlerThrowsException -class TestFileQuery extends ExitHandlerThrowsExceptionSharedQuery, TestQuery { -} +class TestFileQuery extends ExitHandlerThrowsExceptionSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/explicitabrupttermination/ExplicitAbruptTermination.ql b/cpp/common/test/rules/explicitabrupttermination/ExplicitAbruptTermination.ql index cd11b45494..d7df643551 100644 --- a/cpp/common/test/rules/explicitabrupttermination/ExplicitAbruptTermination.ql +++ b/cpp/common/test/rules/explicitabrupttermination/ExplicitAbruptTermination.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.explicitabrupttermination.ExplicitAbruptTermination -class TestFileQuery extends ExplicitAbruptTerminationSharedQuery, TestQuery { -} +class TestFileQuery extends ExplicitAbruptTerminationSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.ql b/cpp/common/test/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.ql index 6526233b4c..4af4aeceaf 100644 --- a/cpp/common/test/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.ql +++ b/cpp/common/test/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.functionnoreturnattributecondition.FunctionNoReturnAttributeCondition -class TestFileQuery extends FunctionNoReturnAttributeConditionSharedQuery, TestQuery { -} +class TestFileQuery extends FunctionNoReturnAttributeConditionSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.ql b/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.ql index 2317d5c7db..89768a3022 100644 --- a/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.ql +++ b/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.gotostatementcondition.GotoStatementCondition -class TestFileQuery extends GotoStatementConditionSharedQuery, TestQuery { -} +class TestFileQuery extends GotoStatementConditionSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql b/cpp/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql index 4f7709c7dd..a0d83a59a6 100644 --- a/cpp/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql +++ b/cpp/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.guardaccesstobitfields.GuardAccessToBitFields -class TestFileQuery extends GuardAccessToBitFieldsSharedQuery, TestQuery { -} +class TestFileQuery extends GuardAccessToBitFieldsSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/handleallexceptionsduringstartup/HandleAllExceptionsDuringStartup.ql b/cpp/common/test/rules/handleallexceptionsduringstartup/HandleAllExceptionsDuringStartup.ql index 4a4ae60b84..d366b0eb79 100644 --- a/cpp/common/test/rules/handleallexceptionsduringstartup/HandleAllExceptionsDuringStartup.ql +++ b/cpp/common/test/rules/handleallexceptionsduringstartup/HandleAllExceptionsDuringStartup.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.handleallexceptionsduringstartup.HandleAllExceptionsDuringStartup -class TestFileQuery extends HandleAllExceptionsDuringStartupSharedQuery, TestQuery { -} +class TestFileQuery extends HandleAllExceptionsDuringStartupSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql b/cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql index f9f34ef6d9..a61dc7860a 100644 --- a/cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql +++ b/cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.hashoperatorsused.HashOperatorsUsed -class TestFileQuery extends HashOperatorsUsedSharedQuery, TestQuery { -} +class TestFileQuery extends HashOperatorsUsedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/identifierhidden/IdentifierHidden.ql b/cpp/common/test/rules/identifierhidden/IdentifierHidden.ql index 27a35f8376..ba13b28bd4 100644 --- a/cpp/common/test/rules/identifierhidden/IdentifierHidden.ql +++ b/cpp/common/test/rules/identifierhidden/IdentifierHidden.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.identifierhidden.IdentifierHidden -class TestFileQuery extends IdentifierHiddenSharedQuery, TestQuery { -} +class TestFileQuery extends IdentifierHiddenSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql b/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql index d0a494f270..acdd497be7 100644 --- a/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql +++ b/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.ifelseterminationconstruct.IfElseTerminationConstruct -class TestFileQuery extends IfElseTerminationConstructSharedQuery, TestQuery { -} +class TestFileQuery extends IfElseTerminationConstructSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql b/cpp/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql index 8bec76dc05..13b07b4e90 100644 --- a/cpp/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql +++ b/cpp/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.includeguardsnotused.IncludeGuardsNotUsed -class TestFileQuery extends IncludeGuardsNotUsedSharedQuery, TestQuery { -} +class TestFileQuery extends IncludeGuardsNotUsedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql b/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql index f51683773f..3393d015c3 100644 --- a/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql +++ b/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.informationleakageacrossboundaries.InformationLeakageAcrossBoundaries -class TestFileQuery extends InformationLeakageAcrossBoundariesSharedQuery, TestQuery { -} +class TestFileQuery extends InformationLeakageAcrossBoundariesSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql b/cpp/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql index ed1e85b531..c1f22c408a 100644 --- a/cpp/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql +++ b/cpp/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.iofstreammissingpositioning.IOFstreamMissingPositioning -class TestFileQuery extends IOFstreamMissingPositioningSharedQuery, TestQuery { -} +class TestFileQuery extends IOFstreamMissingPositioningSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/joinablethreadcopiedordestroyed/JoinableThreadCopiedOrDestroyed.ql b/cpp/common/test/rules/joinablethreadcopiedordestroyed/JoinableThreadCopiedOrDestroyed.ql index 394425a83b..affaeef13d 100644 --- a/cpp/common/test/rules/joinablethreadcopiedordestroyed/JoinableThreadCopiedOrDestroyed.ql +++ b/cpp/common/test/rules/joinablethreadcopiedordestroyed/JoinableThreadCopiedOrDestroyed.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.joinablethreadcopiedordestroyed.JoinableThreadCopiedOrDestroyed -class TestFileQuery extends JoinableThreadCopiedOrDestroyedSharedQuery, TestQuery { -} +class TestFileQuery extends JoinableThreadCopiedOrDestroyedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql b/cpp/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql index 8b3c25098c..2ff9477919 100644 --- a/cpp/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql +++ b/cpp/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.macroparameternotenclosedinparentheses.MacroParameterNotEnclosedInParentheses -class TestFileQuery extends MacroParameterNotEnclosedInParenthesesSharedQuery, TestQuery { -} +class TestFileQuery extends MacroParameterNotEnclosedInParenthesesSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql b/cpp/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql index 108cf3b8a1..55290047a1 100644 --- a/cpp/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql +++ b/cpp/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.memcmpusedtocomparepaddingdata.MemcmpUsedToComparePaddingData -class TestFileQuery extends MemcmpUsedToComparePaddingDataSharedQuery, TestQuery { -} +class TestFileQuery extends MemcmpUsedToComparePaddingDataSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/movedfromobjectsunspecifiedstate/MovedFromObjectsUnspecifiedState.ql b/cpp/common/test/rules/movedfromobjectsunspecifiedstate/MovedFromObjectsUnspecifiedState.ql index f7510b8b24..3f818cc3e2 100644 --- a/cpp/common/test/rules/movedfromobjectsunspecifiedstate/MovedFromObjectsUnspecifiedState.ql +++ b/cpp/common/test/rules/movedfromobjectsunspecifiedstate/MovedFromObjectsUnspecifiedState.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.movedfromobjectsunspecifiedstate.MovedFromObjectsUnspecifiedState -class TestFileQuery extends MovedFromObjectsUnspecifiedStateSharedQuery, TestQuery { -} +class TestFileQuery extends MovedFromObjectsUnspecifiedStateSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql b/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql index d57bf78fad..3e0b1f7e8b 100644 --- a/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql +++ b/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nestedlabelinswitch.NestedLabelInSwitch -class TestFileQuery extends NestedLabelInSwitchSharedQuery, TestQuery { -} +class TestFileQuery extends NestedLabelInSwitchSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql b/cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql index d1956d4b71..2e27365953 100644 --- a/cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql +++ b/cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonbooleanifstmt.NonBooleanIfStmt -class TestFileQuery extends NonBooleanIfStmtSharedQuery, TestQuery { -} +class TestFileQuery extends NonBooleanIfStmtSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql b/cpp/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql index 3cd92aa294..46c2d4c3bb 100644 --- a/cpp/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql +++ b/cpp/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonbooleaniterationstmt.NonBooleanIterationStmt -class TestFileQuery extends NonBooleanIterationStmtSharedQuery, TestQuery { -} +class TestFileQuery extends NonBooleanIterationStmtSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/nonconstantformat/NonConstantFormat.ql b/cpp/common/test/rules/nonconstantformat/NonConstantFormat.ql index 71bff7e9c6..25750ae9e5 100644 --- a/cpp/common/test/rules/nonconstantformat/NonConstantFormat.ql +++ b/cpp/common/test/rules/nonconstantformat/NonConstantFormat.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonconstantformat.NonConstantFormat -class TestFileQuery extends NonConstantFormatSharedQuery, TestQuery { -} +class TestFileQuery extends NonConstantFormatSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/nonstandardentitiesinstandardnamespaces/NonStandardEntitiesInStandardNamespaces.ql b/cpp/common/test/rules/nonstandardentitiesinstandardnamespaces/NonStandardEntitiesInStandardNamespaces.ql index 19990c3d2f..3b10c31026 100644 --- a/cpp/common/test/rules/nonstandardentitiesinstandardnamespaces/NonStandardEntitiesInStandardNamespaces.ql +++ b/cpp/common/test/rules/nonstandardentitiesinstandardnamespaces/NonStandardEntitiesInStandardNamespaces.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonstandardentitiesinstandardnamespaces.NonStandardEntitiesInStandardNamespaces -class TestFileQuery extends NonStandardEntitiesInStandardNamespacesSharedQuery, TestQuery { -} +class TestFileQuery extends NonStandardEntitiesInStandardNamespacesSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql b/cpp/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql index 775599e10e..bcf99b44e7 100644 --- a/cpp/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql +++ b/cpp/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonvoidfunctiondoesnotreturn.NonVoidFunctionDoesNotReturn -class TestFileQuery extends NonVoidFunctionDoesNotReturnSharedQuery, TestQuery { -} +class TestFileQuery extends NonVoidFunctionDoesNotReturnSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/objectaccessedafterlifetime/ObjectAccessedAfterLifetime.ql b/cpp/common/test/rules/objectaccessedafterlifetime/ObjectAccessedAfterLifetime.ql index a6dd5f0ddb..fbf2270fb9 100644 --- a/cpp/common/test/rules/objectaccessedafterlifetime/ObjectAccessedAfterLifetime.ql +++ b/cpp/common/test/rules/objectaccessedafterlifetime/ObjectAccessedAfterLifetime.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.objectaccessedafterlifetime.ObjectAccessedAfterLifetime -class TestFileQuery extends ObjectAccessedAfterLifetimeSharedQuery, TestQuery { -} +class TestFileQuery extends ObjectAccessedAfterLifetimeSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/objectaccessedbeforelifetime/ObjectAccessedBeforeLifetime.ql b/cpp/common/test/rules/objectaccessedbeforelifetime/ObjectAccessedBeforeLifetime.ql index c7e11a4489..aa88f954dc 100644 --- a/cpp/common/test/rules/objectaccessedbeforelifetime/ObjectAccessedBeforeLifetime.ql +++ b/cpp/common/test/rules/objectaccessedbeforelifetime/ObjectAccessedBeforeLifetime.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.objectaccessedbeforelifetime.ObjectAccessedBeforeLifetime -class TestFileQuery extends ObjectAccessedBeforeLifetimeSharedQuery, TestQuery { -} +class TestFileQuery extends ObjectAccessedBeforeLifetimeSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/onedefinitionruleviolation/OneDefinitionRuleViolation.ql b/cpp/common/test/rules/onedefinitionruleviolation/OneDefinitionRuleViolation.ql index 8b818c9f65..0f01e0b871 100644 --- a/cpp/common/test/rules/onedefinitionruleviolation/OneDefinitionRuleViolation.ql +++ b/cpp/common/test/rules/onedefinitionruleviolation/OneDefinitionRuleViolation.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.onedefinitionruleviolation.OneDefinitionRuleViolation -class TestFileQuery extends OneDefinitionRuleViolationSharedQuery, TestQuery { -} +class TestFileQuery extends OneDefinitionRuleViolationSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/operationmaynotnullterminatecstylestring/OperationMayNotNullTerminateCStyleString.ql b/cpp/common/test/rules/operationmaynotnullterminatecstylestring/OperationMayNotNullTerminateCStyleString.ql index 191a71c62d..88637e5fb8 100644 --- a/cpp/common/test/rules/operationmaynotnullterminatecstylestring/OperationMayNotNullTerminateCStyleString.ql +++ b/cpp/common/test/rules/operationmaynotnullterminatecstylestring/OperationMayNotNullTerminateCStyleString.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.operationmaynotnullterminatecstylestring.OperationMayNotNullTerminateCStyleString -class TestFileQuery extends OperationMayNotNullTerminateCStyleStringSharedQuery, TestQuery { -} +class TestFileQuery extends OperationMayNotNullTerminateCStyleStringSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/operatordeletemissingpartner/OperatorDeleteMissingPartner.ql b/cpp/common/test/rules/operatordeletemissingpartner/OperatorDeleteMissingPartner.ql index 2239471465..df5ed195c3 100644 --- a/cpp/common/test/rules/operatordeletemissingpartner/OperatorDeleteMissingPartner.ql +++ b/cpp/common/test/rules/operatordeletemissingpartner/OperatorDeleteMissingPartner.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.operatordeletemissingpartner.OperatorDeleteMissingPartner -class TestFileQuery extends OperatorDeleteMissingPartnerSharedQuery, TestQuery { -} +class TestFileQuery extends OperatorDeleteMissingPartnerSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.ql b/cpp/common/test/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.ql index a546ac7dee..765e11c79e 100644 --- a/cpp/common/test/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.ql +++ b/cpp/common/test/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.orderingpredicatemustbestrictlyweak.OrderingPredicateMustBeStrictlyWeak -class TestFileQuery extends OrderingPredicateMustBeStrictlyWeakSharedQuery, TestQuery { -} +class TestFileQuery extends OrderingPredicateMustBeStrictlyWeakSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.ql b/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.ql index 06ce668f27..efdcb47a16 100644 --- a/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.ql +++ b/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.ownedpointervaluestoredinunrelatedsmartpointer.OwnedPointerValueStoredInUnrelatedSmartPointer -class TestFileQuery extends OwnedPointerValueStoredInUnrelatedSmartPointerSharedQuery, TestQuery { -} +class TestFileQuery extends OwnedPointerValueStoredInUnrelatedSmartPointerSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.ql b/cpp/common/test/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.ql index 7b30c736d3..d63da2dc8d 100644 --- a/cpp/common/test/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.ql +++ b/cpp/common/test/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.placementnewinsufficientstorage.PlacementNewInsufficientStorage -class TestFileQuery extends PlacementNewInsufficientStorageSharedQuery, TestQuery { -} +class TestFileQuery extends PlacementNewInsufficientStorageSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/placementnewnotproperlyaligned/PlacementNewNotProperlyAligned.ql b/cpp/common/test/rules/placementnewnotproperlyaligned/PlacementNewNotProperlyAligned.ql index 5f4fd81927..913b1c9c66 100644 --- a/cpp/common/test/rules/placementnewnotproperlyaligned/PlacementNewNotProperlyAligned.ql +++ b/cpp/common/test/rules/placementnewnotproperlyaligned/PlacementNewNotProperlyAligned.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.placementnewnotproperlyaligned.PlacementNewNotProperlyAligned -class TestFileQuery extends PlacementNewNotProperlyAlignedSharedQuery, TestQuery { -} +class TestFileQuery extends PlacementNewNotProperlyAlignedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/predicatefunctionobjectsshouldnotbemutable/PredicateFunctionObjectsShouldNotBeMutable.ql b/cpp/common/test/rules/predicatefunctionobjectsshouldnotbemutable/PredicateFunctionObjectsShouldNotBeMutable.ql index 0d4dec003f..1c9c73fb3d 100644 --- a/cpp/common/test/rules/predicatefunctionobjectsshouldnotbemutable/PredicateFunctionObjectsShouldNotBeMutable.ql +++ b/cpp/common/test/rules/predicatefunctionobjectsshouldnotbemutable/PredicateFunctionObjectsShouldNotBeMutable.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.predicatefunctionobjectsshouldnotbemutable.PredicateFunctionObjectsShouldNotBeMutable -class TestFileQuery extends PredicateFunctionObjectsShouldNotBeMutableSharedQuery, TestQuery { -} +class TestFileQuery extends PredicateFunctionObjectsShouldNotBeMutableSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql b/cpp/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql index 35bc1586b0..d66babdb6d 100644 --- a/cpp/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql +++ b/cpp/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessingdirectivewithinmacroargument.PreprocessingDirectiveWithinMacroArgument -class TestFileQuery extends PreprocessingDirectiveWithinMacroArgumentSharedQuery, TestQuery { -} +class TestFileQuery extends PreprocessingDirectiveWithinMacroArgumentSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql b/cpp/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql index f12f9663b1..c7652ab4ae 100644 --- a/cpp/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql +++ b/cpp/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessorincludesforbiddenheadernames.PreprocessorIncludesForbiddenHeaderNames -class TestFileQuery extends PreprocessorIncludesForbiddenHeaderNamesSharedQuery, TestQuery { -} +class TestFileQuery extends PreprocessorIncludesForbiddenHeaderNamesSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql b/cpp/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql index 44f700604a..43701dbbf9 100644 --- a/cpp/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql +++ b/cpp/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessorincludespreceded.PreprocessorIncludesPreceded -class TestFileQuery extends PreprocessorIncludesPrecededSharedQuery, TestQuery { -} +class TestFileQuery extends PreprocessorIncludesPrecededSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql b/cpp/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql index 6fd33d601b..009c7f9e26 100644 --- a/cpp/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql +++ b/cpp/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preservesafetywhenusingconditionvariables.PreserveSafetyWhenUsingConditionVariables -class TestFileQuery extends PreserveSafetyWhenUsingConditionVariablesSharedQuery, TestQuery { -} +class TestFileQuery extends PreserveSafetyWhenUsingConditionVariablesSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql b/cpp/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql index 9968a80e75..4ca46f15ea 100644 --- a/cpp/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql +++ b/cpp/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preventdeadlockbylockinginpredefinedorder.PreventDeadlockByLockingInPredefinedOrder -class TestFileQuery extends PreventDeadlockByLockingInPredefinedOrderSharedQuery, TestQuery { -} +class TestFileQuery extends PreventDeadlockByLockingInPredefinedOrderSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql b/cpp/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql index cec14d6dac..9150d4459d 100644 --- a/cpp/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql +++ b/cpp/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.readofuninitializedmemory.ReadOfUninitializedMemory -class TestFileQuery extends ReadOfUninitializedMemorySharedQuery, TestQuery { -} +class TestFileQuery extends ReadOfUninitializedMemorySharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/removeconstorvolatilequalification/RemoveConstOrVolatileQualification.ql b/cpp/common/test/rules/removeconstorvolatilequalification/RemoveConstOrVolatileQualification.ql index 137fc2edf1..61865cccab 100644 --- a/cpp/common/test/rules/removeconstorvolatilequalification/RemoveConstOrVolatileQualification.ql +++ b/cpp/common/test/rules/removeconstorvolatilequalification/RemoveConstOrVolatileQualification.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.removeconstorvolatilequalification.RemoveConstOrVolatileQualification -class TestFileQuery extends RemoveConstOrVolatileQualificationSharedQuery, TestQuery { -} +class TestFileQuery extends RemoveConstOrVolatileQualificationSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/rethrownestedwithoutcapture/RethrowNestedWithoutCapture.ql b/cpp/common/test/rules/rethrownestedwithoutcapture/RethrowNestedWithoutCapture.ql index e3cc2a62fb..ab45ada710 100644 --- a/cpp/common/test/rules/rethrownestedwithoutcapture/RethrowNestedWithoutCapture.ql +++ b/cpp/common/test/rules/rethrownestedwithoutcapture/RethrowNestedWithoutCapture.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.rethrownestedwithoutcapture.RethrowNestedWithoutCapture -class TestFileQuery extends RethrowNestedWithoutCaptureSharedQuery, TestQuery { -} +class TestFileQuery extends RethrowNestedWithoutCaptureSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql b/cpp/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql index 00d24cc943..aacadf0253 100644 --- a/cpp/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql +++ b/cpp/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.sectionsofcodeshallnotbecommentedout.SectionsOfCodeShallNotBeCommentedOut -class TestFileQuery extends SectionsOfCodeShallNotBeCommentedOutSharedQuery, TestQuery { -} +class TestFileQuery extends SectionsOfCodeShallNotBeCommentedOutSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/stringnumberconversionmissingerrorcheck/StringNumberConversionMissingErrorCheck.ql b/cpp/common/test/rules/stringnumberconversionmissingerrorcheck/StringNumberConversionMissingErrorCheck.ql index 9e35a26b6d..7fae4b8b9a 100644 --- a/cpp/common/test/rules/stringnumberconversionmissingerrorcheck/StringNumberConversionMissingErrorCheck.ql +++ b/cpp/common/test/rules/stringnumberconversionmissingerrorcheck/StringNumberConversionMissingErrorCheck.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.stringnumberconversionmissingerrorcheck.StringNumberConversionMissingErrorCheck -class TestFileQuery extends StringNumberConversionMissingErrorCheckSharedQuery, TestQuery { -} +class TestFileQuery extends StringNumberConversionMissingErrorCheckSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql b/cpp/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql index de3d7c5c9c..1b323a652d 100644 --- a/cpp/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql +++ b/cpp/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.switchcasepositioncondition.SwitchCasePositionCondition -class TestFileQuery extends SwitchCasePositionConditionSharedQuery, TestQuery { -} +class TestFileQuery extends SwitchCasePositionConditionSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql b/cpp/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql index 3669f8739e..75ce3cb1ec 100644 --- a/cpp/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql +++ b/cpp/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.switchnotwellformed.SwitchNotWellFormed -class TestFileQuery extends SwitchNotWellFormedSharedQuery, TestQuery { -} +class TestFileQuery extends SwitchNotWellFormedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/throwingnothrowoperatornewdelete/ThrowingNoThrowOperatorNewDelete.ql b/cpp/common/test/rules/throwingnothrowoperatornewdelete/ThrowingNoThrowOperatorNewDelete.ql index 039db1c5c3..0135c410f4 100644 --- a/cpp/common/test/rules/throwingnothrowoperatornewdelete/ThrowingNoThrowOperatorNewDelete.ql +++ b/cpp/common/test/rules/throwingnothrowoperatornewdelete/ThrowingNoThrowOperatorNewDelete.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.throwingnothrowoperatornewdelete.ThrowingNoThrowOperatorNewDelete -class TestFileQuery extends ThrowingNoThrowOperatorNewDeleteSharedQuery, TestQuery { -} +class TestFileQuery extends ThrowingNoThrowOperatorNewDeleteSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.ql b/cpp/common/test/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.ql index b034de0a67..c0fc6c8619 100644 --- a/cpp/common/test/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.ql +++ b/cpp/common/test/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.throwingoperatornewreturnsnull.ThrowingOperatorNewReturnsNull -class TestFileQuery extends ThrowingOperatorNewReturnsNullSharedQuery, TestQuery { -} +class TestFileQuery extends ThrowingOperatorNewReturnsNullSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/throwingoperatornewthrowsinvalidexception/ThrowingOperatorNewThrowsInvalidException.ql b/cpp/common/test/rules/throwingoperatornewthrowsinvalidexception/ThrowingOperatorNewThrowsInvalidException.ql index e4917831e5..072a5c7027 100644 --- a/cpp/common/test/rules/throwingoperatornewthrowsinvalidexception/ThrowingOperatorNewThrowsInvalidException.ql +++ b/cpp/common/test/rules/throwingoperatornewthrowsinvalidexception/ThrowingOperatorNewThrowsInvalidException.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.throwingoperatornewthrowsinvalidexception.ThrowingOperatorNewThrowsInvalidException -class TestFileQuery extends ThrowingOperatorNewThrowsInvalidExceptionSharedQuery, TestQuery { -} +class TestFileQuery extends ThrowingOperatorNewThrowsInvalidExceptionSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql b/cpp/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql index 6ae007bd39..11720fb8da 100644 --- a/cpp/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql +++ b/cpp/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.uncheckedrangedomainpoleerrors.UncheckedRangeDomainPoleErrors -class TestFileQuery extends UncheckedRangeDomainPoleErrorsSharedQuery, TestQuery { -} +class TestFileQuery extends UncheckedRangeDomainPoleErrorsSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql b/cpp/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql index 168b3a0b2e..316565cab7 100644 --- a/cpp/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql +++ b/cpp/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.undefinedmacroidentifiers.UndefinedMacroIdentifiers -class TestFileQuery extends UndefinedMacroIdentifiersSharedQuery, TestQuery { -} +class TestFileQuery extends UndefinedMacroIdentifiersSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql b/cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql index 3b1e4b7c56..3baad901da 100644 --- a/cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql +++ b/cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unnecessaryexposedidentifierdeclarationshared.UnnecessaryExposedIdentifierDeclarationShared -class TestFileQuery extends UnnecessaryExposedIdentifierDeclarationSharedSharedQuery, TestQuery { -} +class TestFileQuery extends UnnecessaryExposedIdentifierDeclarationSharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/unreachablecode/UnreachableCode.ql b/cpp/common/test/rules/unreachablecode/UnreachableCode.ql index 61554593fd..c394bfba3e 100644 --- a/cpp/common/test/rules/unreachablecode/UnreachableCode.ql +++ b/cpp/common/test/rules/unreachablecode/UnreachableCode.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unreachablecode.UnreachableCode -class TestFileQuery extends UnreachableCodeSharedQuery, TestQuery { -} +class TestFileQuery extends UnreachableCodeSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/unusedparameter/UnusedParameter.ql b/cpp/common/test/rules/unusedparameter/UnusedParameter.ql index 4dc2000dbb..e990a7dcf3 100644 --- a/cpp/common/test/rules/unusedparameter/UnusedParameter.ql +++ b/cpp/common/test/rules/unusedparameter/UnusedParameter.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unusedparameter.UnusedParameter -class TestFileQuery extends UnusedParameterSharedQuery, TestQuery { -} +class TestFileQuery extends UnusedParameterSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql b/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql index 76ccfec0f2..f1c09524d5 100644 --- a/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql +++ b/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unusedtypedeclarations.UnusedTypeDeclarations -class TestFileQuery extends UnusedTypeDeclarationsSharedQuery, TestQuery { -} +class TestFileQuery extends UnusedTypeDeclarationsSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql b/cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql index c8b9f229f4..f9997627b4 100644 --- a/cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql +++ b/cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.usageofassemblernotdocumented.UsageOfAssemblerNotDocumented -class TestFileQuery extends UsageOfAssemblerNotDocumentedSharedQuery, TestQuery { -} +class TestFileQuery extends UsageOfAssemblerNotDocumentedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/usecanonicalorderformemberinit/UseCanonicalOrderForMemberInit.ql b/cpp/common/test/rules/usecanonicalorderformemberinit/UseCanonicalOrderForMemberInit.ql index 6cee3d153d..c703151f75 100644 --- a/cpp/common/test/rules/usecanonicalorderformemberinit/UseCanonicalOrderForMemberInit.ql +++ b/cpp/common/test/rules/usecanonicalorderformemberinit/UseCanonicalOrderForMemberInit.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.usecanonicalorderformemberinit.UseCanonicalOrderForMemberInit -class TestFileQuery extends UseCanonicalOrderForMemberInitSharedQuery, TestQuery { -} +class TestFileQuery extends UseCanonicalOrderForMemberInitSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql b/cpp/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql index 7edd86ecab..55554bee07 100644 --- a/cpp/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql +++ b/cpp/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.useonlyarrayindexingforpointerarithmetic.UseOnlyArrayIndexingForPointerArithmetic -class TestFileQuery extends UseOnlyArrayIndexingForPointerArithmeticSharedQuery, TestQuery { -} +class TestFileQuery extends UseOnlyArrayIndexingForPointerArithmeticSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/validcontainerelementaccess/ValidContainerElementAccess.ql b/cpp/common/test/rules/validcontainerelementaccess/ValidContainerElementAccess.ql index 64e86b2ba5..5f61b8a2a9 100644 --- a/cpp/common/test/rules/validcontainerelementaccess/ValidContainerElementAccess.ql +++ b/cpp/common/test/rules/validcontainerelementaccess/ValidContainerElementAccess.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.validcontainerelementaccess.ValidContainerElementAccess -class TestFileQuery extends ValidContainerElementAccessSharedQuery, TestQuery { -} +class TestFileQuery extends ValidContainerElementAccessSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql b/cpp/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql index af84dd07c1..44947bf85a 100644 --- a/cpp/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql +++ b/cpp/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.wrapspuriousfunctioninloop.WrapSpuriousFunctionInLoop -class TestFileQuery extends WrapSpuriousFunctionInLoopSharedQuery, TestQuery { -} +class TestFileQuery extends WrapSpuriousFunctionInLoopSharedQuery, TestQuery { } From 2f851295e06b037bf129b4bf2907469c5f33f6af Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 11 Oct 2023 14:38:27 -0700 Subject: [PATCH 1391/2573] Upgrade PyYaml dependency This in response to https://github.com/yaml/pyyaml/issues/601 on MacOS. --- scripts/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/requirements.txt b/scripts/requirements.txt index 976c6a46b4..f02a35c7c9 100644 --- a/scripts/requirements.txt +++ b/scripts/requirements.txt @@ -10,7 +10,7 @@ requests==2.31.0 smmap==3.0.5 soupsieve==2.0.1 urllib3==1.26.5 -pyyaml==5.4 +pyyaml==6.0.1 wheel==0.38.1 jsonschema==4.9.1 marko==1.2.1 \ No newline at end of file From c13560ee9883356b49f7af0895e9c1187b048a7f Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 11 Oct 2023 14:39:13 -0700 Subject: [PATCH 1392/2573] Apply new formatting to generated code --- .../CloseFileHandleWhenNoLongerNeededShared.ql | 3 ++- c/common/test/rules/commaoperatorused/CommaOperatorUsed.ql | 3 ++- .../ConstantUnsignedIntegerExpressionsWrapAround.ql | 3 ++- .../test/rules/constlikereturnvalue/ConstLikeReturnValue.ql | 3 ++- c/common/test/rules/deadcode/DeadCode.ql | 3 ++- .../DeclaredAReservedIdentifier.ql | 3 ++- .../dereferenceofnullpointer/DereferenceOfNullPointer.ql | 3 ++- .../rules/donotaccessaclosedfile/DoNotAccessAClosedFile.ql | 3 ++- .../DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql | 3 ++- .../DoNotDestroyAMutexWhileItIsLocked.ql | 3 ++- .../DoNotSubtractPointersAddressingDifferentArrays.ql | 3 ++- .../DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql | 3 ++- .../DoNotUseRandForGeneratingPseudorandomNumbers.ql | 3 ++- .../DoNotUseRelationalOperatorsWithDifferingArrays.ql | 3 ++- .../FreeMemoryWhenNoLongerNeededShared.ql | 3 ++- .../rules/gotostatementcondition/GotoStatementCondition.ql | 3 ++- .../rules/guardaccesstobitfields/GuardAccessToBitFields.ql | 3 ++- c/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql | 3 ++- c/common/test/rules/identifierhidden/IdentifierHidden.ql | 3 ++- .../ifelseterminationconstruct/IfElseTerminationConstruct.ql | 3 ++- .../test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql | 3 ++- .../InformationLeakageAcrossBoundaries.ql | 3 ++- .../InvalidatedEnvStringPointers.ql | 3 ++- .../InvalidatedEnvStringPointersWarn.ql | 3 ++- .../IOFstreamMissingPositioning.ql | 3 ++- .../MacroParameterNotEnclosedInParentheses.ql | 3 ++- .../MemcmpUsedToComparePaddingData.ql | 3 ++- .../test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql | 3 ++- c/common/test/rules/nonconstantformat/NonConstantFormat.ql | 3 ++- .../NonVoidFunctionDoesNotReturn.ql | 3 ++- .../rules/notdistinctidentifier/NotDistinctIdentifier.ql | 3 ++- .../OnlyFreeMemoryAllocatedDynamicallyShared.ql | 3 ++- .../PreprocessingDirectiveWithinMacroArgument.ql | 3 ++- .../PreprocessorIncludesForbiddenHeaderNames.ql | 3 ++- .../PreprocessorIncludesPreceded.ql | 3 ++- .../PreserveSafetyWhenUsingConditionVariables.ql | 3 ++- .../PreventDeadlockByLockingInPredefinedOrder.ql | 3 ++- .../readofuninitializedmemory/ReadOfUninitializedMemory.ql | 3 ++- .../SectionsOfCodeShallNotBeCommentedOut.ql | 3 ++- .../SwitchCasePositionCondition.ql | 3 ++- .../test/rules/switchnotwellformed/SwitchNotWellFormed.ql | 3 ++- c/common/test/rules/typeomitted/TypeOmitted.ql | 3 ++- .../UncheckedRangeDomainPoleErrors.ql | 3 ++- .../undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql | 3 ++- .../UnnecessaryExposedIdentifierDeclarationShared.ql | 3 ++- c/common/test/rules/unreachablecode/UnreachableCode.ql | 3 ++- c/common/test/rules/unusedparameter/UnusedParameter.ql | 3 ++- .../rules/unusedtypedeclarations/UnusedTypeDeclarations.ql | 3 ++- .../UsageOfAssemblerNotDocumented.ql | 3 ++- .../UseOnlyArrayIndexingForPointerArithmetic.ql | 3 ++- .../wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql | 3 ++- .../AccessOfUndefinedMemberThroughNullPointer.ql | 3 ++- ...cessOfUndefinedMemberThroughUninitializedStaticPointer.ql | 5 ++--- .../BasicStringMayNotBeNullTerminated.ql | 3 ++- .../test/rules/catchblockshadowing/CatchBlockShadowing.ql | 3 ++- .../CatchExceptionsByLvalueReference.ql | 3 ++- cpp/common/test/rules/commaoperatorused/CommaOperatorUsed.ql | 3 ++- .../ConditionVariablePostConditionFailed.ql | 3 ++- .../ConstantUnsignedIntegerExpressionsWrapAround.ql | 3 ++- .../ContainerAccessWithoutRangeCheck.ql | 3 ++- .../DanglingCaptureWhenMovingLambdaObject.ql | 3 ++- .../DanglingCaptureWhenReturningLambdaObject.ql | 3 ++- cpp/common/test/rules/deadcode/DeadCode.ql | 3 ++- .../DeleteOfPointerToIncompleteClass.ql | 3 ++- .../dereferenceofnullpointer/DereferenceOfNullPointer.ql | 3 ++- .../DestroyedValueReferencedInDestructorCatchBlock.ql | 3 ++- .../DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql | 3 ++- .../DoNotDestroyAMutexWhileItIsLocked.ql | 3 ++- .../DoNotSubtractPointersAddressingDifferentArrays.ql | 3 ++- .../DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql | 3 ++- .../DoNotUseRandForGeneratingPseudorandomNumbers.ql | 3 ++- .../DoNotUseRelationalOperatorsWithDifferingArrays.ql | 3 ++- .../DoNotUseSetjmpOrLongjmpShared.ql | 3 ++- .../exceptionsafetyguarantees/ExceptionSafetyGuarantees.ql | 3 ++- .../exceptionsafetyvalidstate/ExceptionSafetyValidState.ql | 3 ++- .../exithandlerthrowsexception/ExitHandlerThrowsException.ql | 3 ++- .../explicitabrupttermination/ExplicitAbruptTermination.ql | 3 ++- .../FunctionNoReturnAttributeCondition.ql | 3 ++- .../rules/gotostatementcondition/GotoStatementCondition.ql | 3 ++- .../rules/guardaccesstobitfields/GuardAccessToBitFields.ql | 3 ++- .../HandleAllExceptionsDuringStartup.ql | 3 ++- cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql | 3 ++- cpp/common/test/rules/identifierhidden/IdentifierHidden.ql | 3 ++- .../ifelseterminationconstruct/IfElseTerminationConstruct.ql | 3 ++- .../test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql | 3 ++- .../InformationLeakageAcrossBoundaries.ql | 3 ++- .../IOFstreamMissingPositioning.ql | 3 ++- .../JoinableThreadCopiedOrDestroyed.ql | 3 ++- .../MacroParameterNotEnclosedInParentheses.ql | 3 ++- .../MemcmpUsedToComparePaddingData.ql | 3 ++- .../MovedFromObjectsUnspecifiedState.ql | 3 ++- .../test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql | 3 ++- cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql | 3 ++- .../rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql | 3 ++- cpp/common/test/rules/nonconstantformat/NonConstantFormat.ql | 3 ++- .../NonStandardEntitiesInStandardNamespaces.ql | 3 ++- .../NonVoidFunctionDoesNotReturn.ql | 3 ++- .../ObjectAccessedAfterLifetime.ql | 3 ++- .../ObjectAccessedBeforeLifetime.ql | 3 ++- .../onedefinitionruleviolation/OneDefinitionRuleViolation.ql | 3 ++- .../OperationMayNotNullTerminateCStyleString.ql | 3 ++- .../OperatorDeleteMissingPartner.ql | 3 ++- .../OrderingPredicateMustBeStrictlyWeak.ql | 3 ++- .../OwnedPointerValueStoredInUnrelatedSmartPointer.ql | 3 ++- .../PlacementNewInsufficientStorage.ql | 3 ++- .../PlacementNewNotProperlyAligned.ql | 3 ++- .../PredicateFunctionObjectsShouldNotBeMutable.ql | 3 ++- .../PreprocessingDirectiveWithinMacroArgument.ql | 3 ++- .../PreprocessorIncludesForbiddenHeaderNames.ql | 3 ++- .../PreprocessorIncludesPreceded.ql | 3 ++- .../PreserveSafetyWhenUsingConditionVariables.ql | 3 ++- .../PreventDeadlockByLockingInPredefinedOrder.ql | 3 ++- .../readofuninitializedmemory/ReadOfUninitializedMemory.ql | 3 ++- .../RemoveConstOrVolatileQualification.ql | 3 ++- .../RethrowNestedWithoutCapture.ql | 3 ++- .../SectionsOfCodeShallNotBeCommentedOut.ql | 3 ++- .../StringNumberConversionMissingErrorCheck.ql | 3 ++- .../SwitchCasePositionCondition.ql | 3 ++- .../test/rules/switchnotwellformed/SwitchNotWellFormed.ql | 3 ++- .../ThrowingNoThrowOperatorNewDelete.ql | 3 ++- .../ThrowingOperatorNewReturnsNull.ql | 3 ++- .../ThrowingOperatorNewThrowsInvalidException.ql | 3 ++- .../UncheckedRangeDomainPoleErrors.ql | 3 ++- .../undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql | 3 ++- .../UnnecessaryExposedIdentifierDeclarationShared.ql | 3 ++- cpp/common/test/rules/unreachablecode/UnreachableCode.ql | 3 ++- cpp/common/test/rules/unusedparameter/UnusedParameter.ql | 3 ++- .../rules/unusedtypedeclarations/UnusedTypeDeclarations.ql | 3 ++- .../UsageOfAssemblerNotDocumented.ql | 3 ++- .../UseCanonicalOrderForMemberInit.ql | 3 ++- .../UseOnlyArrayIndexingForPointerArithmetic.ql | 3 ++- .../ValidContainerElementAccess.ql | 3 ++- .../wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql | 3 ++- 133 files changed, 266 insertions(+), 135 deletions(-) diff --git a/c/common/test/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.ql b/c/common/test/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.ql index 9e657b351a..a208410321 100644 --- a/c/common/test/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.ql +++ b/c/common/test/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.closefilehandlewhennolongerneededshared.CloseFileHandleWhenNoLongerNeededShared -class TestFileQuery extends CloseFileHandleWhenNoLongerNeededSharedSharedQuery, TestQuery { } +class TestFileQuery extends CloseFileHandleWhenNoLongerNeededSharedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/commaoperatorused/CommaOperatorUsed.ql b/c/common/test/rules/commaoperatorused/CommaOperatorUsed.ql index 2fe294762e..b6c91e6eb2 100644 --- a/c/common/test/rules/commaoperatorused/CommaOperatorUsed.ql +++ b/c/common/test/rules/commaoperatorused/CommaOperatorUsed.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.commaoperatorused.CommaOperatorUsed -class TestFileQuery extends CommaOperatorUsedSharedQuery, TestQuery { } +class TestFileQuery extends CommaOperatorUsedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql b/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql index c77ee1c66a..b12383aabb 100644 --- a/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql +++ b/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.constantunsignedintegerexpressionswraparound.ConstantUnsignedIntegerExpressionsWrapAround -class TestFileQuery extends ConstantUnsignedIntegerExpressionsWrapAroundSharedQuery, TestQuery { } +class TestFileQuery extends ConstantUnsignedIntegerExpressionsWrapAroundSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.ql b/c/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.ql index 53c27eb3ce..c598883031 100644 --- a/c/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.ql +++ b/c/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.constlikereturnvalue.ConstLikeReturnValue -class TestFileQuery extends ConstLikeReturnValueSharedQuery, TestQuery { } +class TestFileQuery extends ConstLikeReturnValueSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/deadcode/DeadCode.ql b/c/common/test/rules/deadcode/DeadCode.ql index dcd7fce840..b38dba26d7 100644 --- a/c/common/test/rules/deadcode/DeadCode.ql +++ b/c/common/test/rules/deadcode/DeadCode.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.deadcode.DeadCode -class TestFileQuery extends DeadCodeSharedQuery, TestQuery { } +class TestFileQuery extends DeadCodeSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/declaredareservedidentifier/DeclaredAReservedIdentifier.ql b/c/common/test/rules/declaredareservedidentifier/DeclaredAReservedIdentifier.ql index f091b0aaaa..707ef3ccbe 100644 --- a/c/common/test/rules/declaredareservedidentifier/DeclaredAReservedIdentifier.ql +++ b/c/common/test/rules/declaredareservedidentifier/DeclaredAReservedIdentifier.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.declaredareservedidentifier.DeclaredAReservedIdentifier -class TestFileQuery extends DeclaredAReservedIdentifierSharedQuery, TestQuery { } +class TestFileQuery extends DeclaredAReservedIdentifierSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql b/c/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql index c8dc62e67c..cf9fdf6071 100644 --- a/c/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql +++ b/c/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.dereferenceofnullpointer.DereferenceOfNullPointer -class TestFileQuery extends DereferenceOfNullPointerSharedQuery, TestQuery { } +class TestFileQuery extends DereferenceOfNullPointerSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.ql b/c/common/test/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.ql index d3b8b9ea3a..1087134c19 100644 --- a/c/common/test/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.ql +++ b/c/common/test/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotaccessaclosedfile.DoNotAccessAClosedFile -class TestFileQuery extends DoNotAccessAClosedFileSharedQuery, TestQuery { } +class TestFileQuery extends DoNotAccessAClosedFileSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql b/c/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql index ceae7e6a9e..9aac0f1c09 100644 --- a/c/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql +++ b/c/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotallowamutextogooutofscopewhilelocked.DoNotAllowAMutexToGoOutOfScopeWhileLocked -class TestFileQuery extends DoNotAllowAMutexToGoOutOfScopeWhileLockedSharedQuery, TestQuery { } +class TestFileQuery extends DoNotAllowAMutexToGoOutOfScopeWhileLockedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql b/c/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql index 96ea58009e..b2fdab8eea 100644 --- a/c/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql +++ b/c/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotdestroyamutexwhileitislocked.DoNotDestroyAMutexWhileItIsLocked -class TestFileQuery extends DoNotDestroyAMutexWhileItIsLockedSharedQuery, TestQuery { } +class TestFileQuery extends DoNotDestroyAMutexWhileItIsLockedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql b/c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql index 374a6fc52b..cc9cb834e0 100644 --- a/c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql +++ b/c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotsubtractpointersaddressingdifferentarrays.DoNotSubtractPointersAddressingDifferentArrays -class TestFileQuery extends DoNotSubtractPointersAddressingDifferentArraysSharedQuery, TestQuery { } +class TestFileQuery extends DoNotSubtractPointersAddressingDifferentArraysSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql b/c/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql index edef2c1127..ddaa0399b2 100644 --- a/c/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql +++ b/c/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotusemorethantwolevelsofpointerindirection.DoNotUseMoreThanTwoLevelsOfPointerIndirection -class TestFileQuery extends DoNotUseMoreThanTwoLevelsOfPointerIndirectionSharedQuery, TestQuery { } +class TestFileQuery extends DoNotUseMoreThanTwoLevelsOfPointerIndirectionSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql b/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql index 3ad5626256..c6e0f0e58a 100644 --- a/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql +++ b/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotuserandforgeneratingpseudorandomnumbers.DoNotUseRandForGeneratingPseudorandomNumbers -class TestFileQuery extends DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery, TestQuery { } +class TestFileQuery extends DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql b/c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql index bceb46bf63..647ee40426 100644 --- a/c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql +++ b/c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotuserelationaloperatorswithdifferingarrays.DoNotUseRelationalOperatorsWithDifferingArrays -class TestFileQuery extends DoNotUseRelationalOperatorsWithDifferingArraysSharedQuery, TestQuery { } +class TestFileQuery extends DoNotUseRelationalOperatorsWithDifferingArraysSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.ql b/c/common/test/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.ql index 27683eddfb..8b89cb900c 100644 --- a/c/common/test/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.ql +++ b/c/common/test/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.freememorywhennolongerneededshared.FreeMemoryWhenNoLongerNeededShared -class TestFileQuery extends FreeMemoryWhenNoLongerNeededSharedSharedQuery, TestQuery { } +class TestFileQuery extends FreeMemoryWhenNoLongerNeededSharedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/gotostatementcondition/GotoStatementCondition.ql b/c/common/test/rules/gotostatementcondition/GotoStatementCondition.ql index 89768a3022..2317d5c7db 100644 --- a/c/common/test/rules/gotostatementcondition/GotoStatementCondition.ql +++ b/c/common/test/rules/gotostatementcondition/GotoStatementCondition.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.gotostatementcondition.GotoStatementCondition -class TestFileQuery extends GotoStatementConditionSharedQuery, TestQuery { } +class TestFileQuery extends GotoStatementConditionSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql b/c/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql index a0d83a59a6..4f7709c7dd 100644 --- a/c/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql +++ b/c/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.guardaccesstobitfields.GuardAccessToBitFields -class TestFileQuery extends GuardAccessToBitFieldsSharedQuery, TestQuery { } +class TestFileQuery extends GuardAccessToBitFieldsSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql b/c/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql index a61dc7860a..f9f34ef6d9 100644 --- a/c/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql +++ b/c/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.hashoperatorsused.HashOperatorsUsed -class TestFileQuery extends HashOperatorsUsedSharedQuery, TestQuery { } +class TestFileQuery extends HashOperatorsUsedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/identifierhidden/IdentifierHidden.ql b/c/common/test/rules/identifierhidden/IdentifierHidden.ql index ba13b28bd4..27a35f8376 100644 --- a/c/common/test/rules/identifierhidden/IdentifierHidden.ql +++ b/c/common/test/rules/identifierhidden/IdentifierHidden.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.identifierhidden.IdentifierHidden -class TestFileQuery extends IdentifierHiddenSharedQuery, TestQuery { } +class TestFileQuery extends IdentifierHiddenSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql b/c/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql index acdd497be7..d0a494f270 100644 --- a/c/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql +++ b/c/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.ifelseterminationconstruct.IfElseTerminationConstruct -class TestFileQuery extends IfElseTerminationConstructSharedQuery, TestQuery { } +class TestFileQuery extends IfElseTerminationConstructSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql b/c/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql index 13b07b4e90..8bec76dc05 100644 --- a/c/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql +++ b/c/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.includeguardsnotused.IncludeGuardsNotUsed -class TestFileQuery extends IncludeGuardsNotUsedSharedQuery, TestQuery { } +class TestFileQuery extends IncludeGuardsNotUsedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql b/c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql index 3393d015c3..f51683773f 100644 --- a/c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql +++ b/c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.informationleakageacrossboundaries.InformationLeakageAcrossBoundaries -class TestFileQuery extends InformationLeakageAcrossBoundariesSharedQuery, TestQuery { } +class TestFileQuery extends InformationLeakageAcrossBoundariesSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.ql b/c/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.ql index b82c43333a..777e498dc1 100644 --- a/c/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.ql +++ b/c/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.invalidatedenvstringpointers.InvalidatedEnvStringPointers -class TestFileQuery extends InvalidatedEnvStringPointersSharedQuery, TestQuery { } +class TestFileQuery extends InvalidatedEnvStringPointersSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.ql b/c/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.ql index 7a56af210d..9efdbbe048 100644 --- a/c/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.ql +++ b/c/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.invalidatedenvstringpointerswarn.InvalidatedEnvStringPointersWarn -class TestFileQuery extends InvalidatedEnvStringPointersWarnSharedQuery, TestQuery { } +class TestFileQuery extends InvalidatedEnvStringPointersWarnSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql b/c/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql index c1f22c408a..ed1e85b531 100644 --- a/c/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql +++ b/c/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.iofstreammissingpositioning.IOFstreamMissingPositioning -class TestFileQuery extends IOFstreamMissingPositioningSharedQuery, TestQuery { } +class TestFileQuery extends IOFstreamMissingPositioningSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql b/c/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql index 2ff9477919..8b3c25098c 100644 --- a/c/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql +++ b/c/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.macroparameternotenclosedinparentheses.MacroParameterNotEnclosedInParentheses -class TestFileQuery extends MacroParameterNotEnclosedInParenthesesSharedQuery, TestQuery { } +class TestFileQuery extends MacroParameterNotEnclosedInParenthesesSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql b/c/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql index 55290047a1..108cf3b8a1 100644 --- a/c/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql +++ b/c/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.memcmpusedtocomparepaddingdata.MemcmpUsedToComparePaddingData -class TestFileQuery extends MemcmpUsedToComparePaddingDataSharedQuery, TestQuery { } +class TestFileQuery extends MemcmpUsedToComparePaddingDataSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql b/c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql index 3e0b1f7e8b..d57bf78fad 100644 --- a/c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql +++ b/c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nestedlabelinswitch.NestedLabelInSwitch -class TestFileQuery extends NestedLabelInSwitchSharedQuery, TestQuery { } +class TestFileQuery extends NestedLabelInSwitchSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/nonconstantformat/NonConstantFormat.ql b/c/common/test/rules/nonconstantformat/NonConstantFormat.ql index 25750ae9e5..71bff7e9c6 100644 --- a/c/common/test/rules/nonconstantformat/NonConstantFormat.ql +++ b/c/common/test/rules/nonconstantformat/NonConstantFormat.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonconstantformat.NonConstantFormat -class TestFileQuery extends NonConstantFormatSharedQuery, TestQuery { } +class TestFileQuery extends NonConstantFormatSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql b/c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql index bcf99b44e7..775599e10e 100644 --- a/c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql +++ b/c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonvoidfunctiondoesnotreturn.NonVoidFunctionDoesNotReturn -class TestFileQuery extends NonVoidFunctionDoesNotReturnSharedQuery, TestQuery { } +class TestFileQuery extends NonVoidFunctionDoesNotReturnSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/notdistinctidentifier/NotDistinctIdentifier.ql b/c/common/test/rules/notdistinctidentifier/NotDistinctIdentifier.ql index 3b7a8a5f9a..ba74868838 100644 --- a/c/common/test/rules/notdistinctidentifier/NotDistinctIdentifier.ql +++ b/c/common/test/rules/notdistinctidentifier/NotDistinctIdentifier.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.notdistinctidentifier.NotDistinctIdentifier -class TestFileQuery extends NotDistinctIdentifierSharedQuery, TestQuery { } +class TestFileQuery extends NotDistinctIdentifierSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.ql b/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.ql index f7d315554e..f8c036c2d2 100644 --- a/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.ql +++ b/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.onlyfreememoryallocateddynamicallyshared.OnlyFreeMemoryAllocatedDynamicallyShared -class TestFileQuery extends OnlyFreeMemoryAllocatedDynamicallySharedSharedQuery, TestQuery { } +class TestFileQuery extends OnlyFreeMemoryAllocatedDynamicallySharedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql b/c/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql index d66babdb6d..35bc1586b0 100644 --- a/c/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql +++ b/c/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessingdirectivewithinmacroargument.PreprocessingDirectiveWithinMacroArgument -class TestFileQuery extends PreprocessingDirectiveWithinMacroArgumentSharedQuery, TestQuery { } +class TestFileQuery extends PreprocessingDirectiveWithinMacroArgumentSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql b/c/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql index c7652ab4ae..f12f9663b1 100644 --- a/c/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql +++ b/c/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessorincludesforbiddenheadernames.PreprocessorIncludesForbiddenHeaderNames -class TestFileQuery extends PreprocessorIncludesForbiddenHeaderNamesSharedQuery, TestQuery { } +class TestFileQuery extends PreprocessorIncludesForbiddenHeaderNamesSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql b/c/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql index 43701dbbf9..44f700604a 100644 --- a/c/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql +++ b/c/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessorincludespreceded.PreprocessorIncludesPreceded -class TestFileQuery extends PreprocessorIncludesPrecededSharedQuery, TestQuery { } +class TestFileQuery extends PreprocessorIncludesPrecededSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql b/c/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql index 009c7f9e26..6fd33d601b 100644 --- a/c/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql +++ b/c/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preservesafetywhenusingconditionvariables.PreserveSafetyWhenUsingConditionVariables -class TestFileQuery extends PreserveSafetyWhenUsingConditionVariablesSharedQuery, TestQuery { } +class TestFileQuery extends PreserveSafetyWhenUsingConditionVariablesSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql b/c/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql index 4ca46f15ea..9968a80e75 100644 --- a/c/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql +++ b/c/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preventdeadlockbylockinginpredefinedorder.PreventDeadlockByLockingInPredefinedOrder -class TestFileQuery extends PreventDeadlockByLockingInPredefinedOrderSharedQuery, TestQuery { } +class TestFileQuery extends PreventDeadlockByLockingInPredefinedOrderSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql b/c/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql index 9150d4459d..cec14d6dac 100644 --- a/c/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql +++ b/c/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.readofuninitializedmemory.ReadOfUninitializedMemory -class TestFileQuery extends ReadOfUninitializedMemorySharedQuery, TestQuery { } +class TestFileQuery extends ReadOfUninitializedMemorySharedQuery, TestQuery { +} diff --git a/c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql b/c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql index aacadf0253..00d24cc943 100644 --- a/c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql +++ b/c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.sectionsofcodeshallnotbecommentedout.SectionsOfCodeShallNotBeCommentedOut -class TestFileQuery extends SectionsOfCodeShallNotBeCommentedOutSharedQuery, TestQuery { } +class TestFileQuery extends SectionsOfCodeShallNotBeCommentedOutSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql b/c/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql index 1b323a652d..de3d7c5c9c 100644 --- a/c/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql +++ b/c/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.switchcasepositioncondition.SwitchCasePositionCondition -class TestFileQuery extends SwitchCasePositionConditionSharedQuery, TestQuery { } +class TestFileQuery extends SwitchCasePositionConditionSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql b/c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql index 75ce3cb1ec..3669f8739e 100644 --- a/c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql +++ b/c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.switchnotwellformed.SwitchNotWellFormed -class TestFileQuery extends SwitchNotWellFormedSharedQuery, TestQuery { } +class TestFileQuery extends SwitchNotWellFormedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/typeomitted/TypeOmitted.ql b/c/common/test/rules/typeomitted/TypeOmitted.ql index a9cd81118c..eaade7faf6 100644 --- a/c/common/test/rules/typeomitted/TypeOmitted.ql +++ b/c/common/test/rules/typeomitted/TypeOmitted.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.typeomitted.TypeOmitted -class TestFileQuery extends TypeOmittedSharedQuery, TestQuery { } +class TestFileQuery extends TypeOmittedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql b/c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql index 11720fb8da..6ae007bd39 100644 --- a/c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql +++ b/c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.uncheckedrangedomainpoleerrors.UncheckedRangeDomainPoleErrors -class TestFileQuery extends UncheckedRangeDomainPoleErrorsSharedQuery, TestQuery { } +class TestFileQuery extends UncheckedRangeDomainPoleErrorsSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql b/c/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql index 316565cab7..168b3a0b2e 100644 --- a/c/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql +++ b/c/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.undefinedmacroidentifiers.UndefinedMacroIdentifiers -class TestFileQuery extends UndefinedMacroIdentifiersSharedQuery, TestQuery { } +class TestFileQuery extends UndefinedMacroIdentifiersSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql b/c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql index 3baad901da..3b1e4b7c56 100644 --- a/c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql +++ b/c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unnecessaryexposedidentifierdeclarationshared.UnnecessaryExposedIdentifierDeclarationShared -class TestFileQuery extends UnnecessaryExposedIdentifierDeclarationSharedSharedQuery, TestQuery { } +class TestFileQuery extends UnnecessaryExposedIdentifierDeclarationSharedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/unreachablecode/UnreachableCode.ql b/c/common/test/rules/unreachablecode/UnreachableCode.ql index c394bfba3e..61554593fd 100644 --- a/c/common/test/rules/unreachablecode/UnreachableCode.ql +++ b/c/common/test/rules/unreachablecode/UnreachableCode.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unreachablecode.UnreachableCode -class TestFileQuery extends UnreachableCodeSharedQuery, TestQuery { } +class TestFileQuery extends UnreachableCodeSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/unusedparameter/UnusedParameter.ql b/c/common/test/rules/unusedparameter/UnusedParameter.ql index e990a7dcf3..4dc2000dbb 100644 --- a/c/common/test/rules/unusedparameter/UnusedParameter.ql +++ b/c/common/test/rules/unusedparameter/UnusedParameter.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unusedparameter.UnusedParameter -class TestFileQuery extends UnusedParameterSharedQuery, TestQuery { } +class TestFileQuery extends UnusedParameterSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql b/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql index f1c09524d5..76ccfec0f2 100644 --- a/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql +++ b/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unusedtypedeclarations.UnusedTypeDeclarations -class TestFileQuery extends UnusedTypeDeclarationsSharedQuery, TestQuery { } +class TestFileQuery extends UnusedTypeDeclarationsSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql b/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql index f9997627b4..c8b9f229f4 100644 --- a/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql +++ b/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.usageofassemblernotdocumented.UsageOfAssemblerNotDocumented -class TestFileQuery extends UsageOfAssemblerNotDocumentedSharedQuery, TestQuery { } +class TestFileQuery extends UsageOfAssemblerNotDocumentedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql b/c/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql index 55554bee07..7edd86ecab 100644 --- a/c/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql +++ b/c/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.useonlyarrayindexingforpointerarithmetic.UseOnlyArrayIndexingForPointerArithmetic -class TestFileQuery extends UseOnlyArrayIndexingForPointerArithmeticSharedQuery, TestQuery { } +class TestFileQuery extends UseOnlyArrayIndexingForPointerArithmeticSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql b/c/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql index 44947bf85a..af84dd07c1 100644 --- a/c/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql +++ b/c/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.wrapspuriousfunctioninloop.WrapSpuriousFunctionInLoop -class TestFileQuery extends WrapSpuriousFunctionInLoopSharedQuery, TestQuery { } +class TestFileQuery extends WrapSpuriousFunctionInLoopSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.ql b/cpp/common/test/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.ql index a94e11dbf6..4607c4f48c 100644 --- a/cpp/common/test/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.ql +++ b/cpp/common/test/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.accessofundefinedmemberthroughnullpointer.AccessOfUndefinedMemberThroughNullPointer -class TestFileQuery extends AccessOfUndefinedMemberThroughNullPointerSharedQuery, TestQuery { } +class TestFileQuery extends AccessOfUndefinedMemberThroughNullPointerSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.ql b/cpp/common/test/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.ql index 90d192e3d8..489c4a23f4 100644 --- a/cpp/common/test/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.ql +++ b/cpp/common/test/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.ql @@ -1,6 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.accessofundefinedmemberthroughuninitializedstaticpointer.AccessOfUndefinedMemberThroughUninitializedStaticPointer -class TestFileQuery extends AccessOfUndefinedMemberThroughUninitializedStaticPointerSharedQuery, - TestQuery -{ } +class TestFileQuery extends AccessOfUndefinedMemberThroughUninitializedStaticPointerSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/basicstringmaynotbenullterminated/BasicStringMayNotBeNullTerminated.ql b/cpp/common/test/rules/basicstringmaynotbenullterminated/BasicStringMayNotBeNullTerminated.ql index c2c4fe7906..21f00547fc 100644 --- a/cpp/common/test/rules/basicstringmaynotbenullterminated/BasicStringMayNotBeNullTerminated.ql +++ b/cpp/common/test/rules/basicstringmaynotbenullterminated/BasicStringMayNotBeNullTerminated.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.basicstringmaynotbenullterminated.BasicStringMayNotBeNullTerminated -class TestFileQuery extends BasicStringMayNotBeNullTerminatedSharedQuery, TestQuery { } +class TestFileQuery extends BasicStringMayNotBeNullTerminatedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/catchblockshadowing/CatchBlockShadowing.ql b/cpp/common/test/rules/catchblockshadowing/CatchBlockShadowing.ql index 76b7123d99..81b37d3aa5 100644 --- a/cpp/common/test/rules/catchblockshadowing/CatchBlockShadowing.ql +++ b/cpp/common/test/rules/catchblockshadowing/CatchBlockShadowing.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.catchblockshadowing.CatchBlockShadowing -class TestFileQuery extends CatchBlockShadowingSharedQuery, TestQuery { } +class TestFileQuery extends CatchBlockShadowingSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/catchexceptionsbylvaluereference/CatchExceptionsByLvalueReference.ql b/cpp/common/test/rules/catchexceptionsbylvaluereference/CatchExceptionsByLvalueReference.ql index 30d6d30c47..0931cc9ca8 100644 --- a/cpp/common/test/rules/catchexceptionsbylvaluereference/CatchExceptionsByLvalueReference.ql +++ b/cpp/common/test/rules/catchexceptionsbylvaluereference/CatchExceptionsByLvalueReference.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.catchexceptionsbylvaluereference.CatchExceptionsByLvalueReference -class TestFileQuery extends CatchExceptionsByLvalueReferenceSharedQuery, TestQuery { } +class TestFileQuery extends CatchExceptionsByLvalueReferenceSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/commaoperatorused/CommaOperatorUsed.ql b/cpp/common/test/rules/commaoperatorused/CommaOperatorUsed.ql index 2fe294762e..b6c91e6eb2 100644 --- a/cpp/common/test/rules/commaoperatorused/CommaOperatorUsed.ql +++ b/cpp/common/test/rules/commaoperatorused/CommaOperatorUsed.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.commaoperatorused.CommaOperatorUsed -class TestFileQuery extends CommaOperatorUsedSharedQuery, TestQuery { } +class TestFileQuery extends CommaOperatorUsedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/conditionvariablepostconditionfailed/ConditionVariablePostConditionFailed.ql b/cpp/common/test/rules/conditionvariablepostconditionfailed/ConditionVariablePostConditionFailed.ql index e990e23e2e..9192ea6c24 100644 --- a/cpp/common/test/rules/conditionvariablepostconditionfailed/ConditionVariablePostConditionFailed.ql +++ b/cpp/common/test/rules/conditionvariablepostconditionfailed/ConditionVariablePostConditionFailed.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.conditionvariablepostconditionfailed.ConditionVariablePostConditionFailed -class TestFileQuery extends ConditionVariablePostConditionFailedSharedQuery, TestQuery { } +class TestFileQuery extends ConditionVariablePostConditionFailedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql b/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql index c77ee1c66a..b12383aabb 100644 --- a/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql +++ b/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.constantunsignedintegerexpressionswraparound.ConstantUnsignedIntegerExpressionsWrapAround -class TestFileQuery extends ConstantUnsignedIntegerExpressionsWrapAroundSharedQuery, TestQuery { } +class TestFileQuery extends ConstantUnsignedIntegerExpressionsWrapAroundSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.ql b/cpp/common/test/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.ql index be54f5a31c..90f2624e6b 100644 --- a/cpp/common/test/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.ql +++ b/cpp/common/test/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.containeraccesswithoutrangecheck.ContainerAccessWithoutRangeCheck -class TestFileQuery extends ContainerAccessWithoutRangeCheckSharedQuery, TestQuery { } +class TestFileQuery extends ContainerAccessWithoutRangeCheckSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/danglingcapturewhenmovinglambdaobject/DanglingCaptureWhenMovingLambdaObject.ql b/cpp/common/test/rules/danglingcapturewhenmovinglambdaobject/DanglingCaptureWhenMovingLambdaObject.ql index ba1f1efc2f..3e1929e5c3 100644 --- a/cpp/common/test/rules/danglingcapturewhenmovinglambdaobject/DanglingCaptureWhenMovingLambdaObject.ql +++ b/cpp/common/test/rules/danglingcapturewhenmovinglambdaobject/DanglingCaptureWhenMovingLambdaObject.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.danglingcapturewhenmovinglambdaobject.DanglingCaptureWhenMovingLambdaObject -class TestFileQuery extends DanglingCaptureWhenMovingLambdaObjectSharedQuery, TestQuery { } +class TestFileQuery extends DanglingCaptureWhenMovingLambdaObjectSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/danglingcapturewhenreturninglambdaobject/DanglingCaptureWhenReturningLambdaObject.ql b/cpp/common/test/rules/danglingcapturewhenreturninglambdaobject/DanglingCaptureWhenReturningLambdaObject.ql index d95ba912fd..6880b797fc 100644 --- a/cpp/common/test/rules/danglingcapturewhenreturninglambdaobject/DanglingCaptureWhenReturningLambdaObject.ql +++ b/cpp/common/test/rules/danglingcapturewhenreturninglambdaobject/DanglingCaptureWhenReturningLambdaObject.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.danglingcapturewhenreturninglambdaobject.DanglingCaptureWhenReturningLambdaObject -class TestFileQuery extends DanglingCaptureWhenReturningLambdaObjectSharedQuery, TestQuery { } +class TestFileQuery extends DanglingCaptureWhenReturningLambdaObjectSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/deadcode/DeadCode.ql b/cpp/common/test/rules/deadcode/DeadCode.ql index dcd7fce840..b38dba26d7 100644 --- a/cpp/common/test/rules/deadcode/DeadCode.ql +++ b/cpp/common/test/rules/deadcode/DeadCode.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.deadcode.DeadCode -class TestFileQuery extends DeadCodeSharedQuery, TestQuery { } +class TestFileQuery extends DeadCodeSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/deleteofpointertoincompleteclass/DeleteOfPointerToIncompleteClass.ql b/cpp/common/test/rules/deleteofpointertoincompleteclass/DeleteOfPointerToIncompleteClass.ql index a589ae988e..54ae2a773b 100644 --- a/cpp/common/test/rules/deleteofpointertoincompleteclass/DeleteOfPointerToIncompleteClass.ql +++ b/cpp/common/test/rules/deleteofpointertoincompleteclass/DeleteOfPointerToIncompleteClass.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.deleteofpointertoincompleteclass.DeleteOfPointerToIncompleteClass -class TestFileQuery extends DeleteOfPointerToIncompleteClassSharedQuery, TestQuery { } +class TestFileQuery extends DeleteOfPointerToIncompleteClassSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql b/cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql index c8dc62e67c..cf9fdf6071 100644 --- a/cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql +++ b/cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.dereferenceofnullpointer.DereferenceOfNullPointer -class TestFileQuery extends DereferenceOfNullPointerSharedQuery, TestQuery { } +class TestFileQuery extends DereferenceOfNullPointerSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/destroyedvaluereferencedindestructorcatchblock/DestroyedValueReferencedInDestructorCatchBlock.ql b/cpp/common/test/rules/destroyedvaluereferencedindestructorcatchblock/DestroyedValueReferencedInDestructorCatchBlock.ql index 90c4ed602a..a2418fe0e6 100644 --- a/cpp/common/test/rules/destroyedvaluereferencedindestructorcatchblock/DestroyedValueReferencedInDestructorCatchBlock.ql +++ b/cpp/common/test/rules/destroyedvaluereferencedindestructorcatchblock/DestroyedValueReferencedInDestructorCatchBlock.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.destroyedvaluereferencedindestructorcatchblock.DestroyedValueReferencedInDestructorCatchBlock -class TestFileQuery extends DestroyedValueReferencedInDestructorCatchBlockSharedQuery, TestQuery { } +class TestFileQuery extends DestroyedValueReferencedInDestructorCatchBlockSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql b/cpp/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql index ceae7e6a9e..9aac0f1c09 100644 --- a/cpp/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql +++ b/cpp/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotallowamutextogooutofscopewhilelocked.DoNotAllowAMutexToGoOutOfScopeWhileLocked -class TestFileQuery extends DoNotAllowAMutexToGoOutOfScopeWhileLockedSharedQuery, TestQuery { } +class TestFileQuery extends DoNotAllowAMutexToGoOutOfScopeWhileLockedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql b/cpp/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql index 96ea58009e..b2fdab8eea 100644 --- a/cpp/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql +++ b/cpp/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotdestroyamutexwhileitislocked.DoNotDestroyAMutexWhileItIsLocked -class TestFileQuery extends DoNotDestroyAMutexWhileItIsLockedSharedQuery, TestQuery { } +class TestFileQuery extends DoNotDestroyAMutexWhileItIsLockedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql b/cpp/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql index 374a6fc52b..cc9cb834e0 100644 --- a/cpp/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql +++ b/cpp/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotsubtractpointersaddressingdifferentarrays.DoNotSubtractPointersAddressingDifferentArrays -class TestFileQuery extends DoNotSubtractPointersAddressingDifferentArraysSharedQuery, TestQuery { } +class TestFileQuery extends DoNotSubtractPointersAddressingDifferentArraysSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql b/cpp/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql index edef2c1127..ddaa0399b2 100644 --- a/cpp/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql +++ b/cpp/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotusemorethantwolevelsofpointerindirection.DoNotUseMoreThanTwoLevelsOfPointerIndirection -class TestFileQuery extends DoNotUseMoreThanTwoLevelsOfPointerIndirectionSharedQuery, TestQuery { } +class TestFileQuery extends DoNotUseMoreThanTwoLevelsOfPointerIndirectionSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql b/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql index 3ad5626256..c6e0f0e58a 100644 --- a/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql +++ b/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotuserandforgeneratingpseudorandomnumbers.DoNotUseRandForGeneratingPseudorandomNumbers -class TestFileQuery extends DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery, TestQuery { } +class TestFileQuery extends DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql b/cpp/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql index bceb46bf63..647ee40426 100644 --- a/cpp/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql +++ b/cpp/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotuserelationaloperatorswithdifferingarrays.DoNotUseRelationalOperatorsWithDifferingArrays -class TestFileQuery extends DoNotUseRelationalOperatorsWithDifferingArraysSharedQuery, TestQuery { } +class TestFileQuery extends DoNotUseRelationalOperatorsWithDifferingArraysSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.ql b/cpp/common/test/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.ql index e0026467ff..bb9245942d 100644 --- a/cpp/common/test/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.ql +++ b/cpp/common/test/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotusesetjmporlongjmpshared.DoNotUseSetjmpOrLongjmpShared -class TestFileQuery extends DoNotUseSetjmpOrLongjmpSharedSharedQuery, TestQuery { } +class TestFileQuery extends DoNotUseSetjmpOrLongjmpSharedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/exceptionsafetyguarantees/ExceptionSafetyGuarantees.ql b/cpp/common/test/rules/exceptionsafetyguarantees/ExceptionSafetyGuarantees.ql index bfa4a88318..2d09d10250 100644 --- a/cpp/common/test/rules/exceptionsafetyguarantees/ExceptionSafetyGuarantees.ql +++ b/cpp/common/test/rules/exceptionsafetyguarantees/ExceptionSafetyGuarantees.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.exceptionsafetyguarantees.ExceptionSafetyGuarantees -class TestFileQuery extends ExceptionSafetyGuaranteesSharedQuery, TestQuery { } +class TestFileQuery extends ExceptionSafetyGuaranteesSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/exceptionsafetyvalidstate/ExceptionSafetyValidState.ql b/cpp/common/test/rules/exceptionsafetyvalidstate/ExceptionSafetyValidState.ql index aa18543c36..e2d2107580 100644 --- a/cpp/common/test/rules/exceptionsafetyvalidstate/ExceptionSafetyValidState.ql +++ b/cpp/common/test/rules/exceptionsafetyvalidstate/ExceptionSafetyValidState.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.exceptionsafetyvalidstate.ExceptionSafetyValidState -class TestFileQuery extends ExceptionSafetyValidStateSharedQuery, TestQuery { } +class TestFileQuery extends ExceptionSafetyValidStateSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/exithandlerthrowsexception/ExitHandlerThrowsException.ql b/cpp/common/test/rules/exithandlerthrowsexception/ExitHandlerThrowsException.ql index c61992b8b0..4552e1d6e5 100644 --- a/cpp/common/test/rules/exithandlerthrowsexception/ExitHandlerThrowsException.ql +++ b/cpp/common/test/rules/exithandlerthrowsexception/ExitHandlerThrowsException.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.exithandlerthrowsexception.ExitHandlerThrowsException -class TestFileQuery extends ExitHandlerThrowsExceptionSharedQuery, TestQuery { } +class TestFileQuery extends ExitHandlerThrowsExceptionSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/explicitabrupttermination/ExplicitAbruptTermination.ql b/cpp/common/test/rules/explicitabrupttermination/ExplicitAbruptTermination.ql index d7df643551..cd11b45494 100644 --- a/cpp/common/test/rules/explicitabrupttermination/ExplicitAbruptTermination.ql +++ b/cpp/common/test/rules/explicitabrupttermination/ExplicitAbruptTermination.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.explicitabrupttermination.ExplicitAbruptTermination -class TestFileQuery extends ExplicitAbruptTerminationSharedQuery, TestQuery { } +class TestFileQuery extends ExplicitAbruptTerminationSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.ql b/cpp/common/test/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.ql index 4af4aeceaf..6526233b4c 100644 --- a/cpp/common/test/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.ql +++ b/cpp/common/test/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.functionnoreturnattributecondition.FunctionNoReturnAttributeCondition -class TestFileQuery extends FunctionNoReturnAttributeConditionSharedQuery, TestQuery { } +class TestFileQuery extends FunctionNoReturnAttributeConditionSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.ql b/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.ql index 89768a3022..2317d5c7db 100644 --- a/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.ql +++ b/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.gotostatementcondition.GotoStatementCondition -class TestFileQuery extends GotoStatementConditionSharedQuery, TestQuery { } +class TestFileQuery extends GotoStatementConditionSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql b/cpp/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql index a0d83a59a6..4f7709c7dd 100644 --- a/cpp/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql +++ b/cpp/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.guardaccesstobitfields.GuardAccessToBitFields -class TestFileQuery extends GuardAccessToBitFieldsSharedQuery, TestQuery { } +class TestFileQuery extends GuardAccessToBitFieldsSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/handleallexceptionsduringstartup/HandleAllExceptionsDuringStartup.ql b/cpp/common/test/rules/handleallexceptionsduringstartup/HandleAllExceptionsDuringStartup.ql index d366b0eb79..4a4ae60b84 100644 --- a/cpp/common/test/rules/handleallexceptionsduringstartup/HandleAllExceptionsDuringStartup.ql +++ b/cpp/common/test/rules/handleallexceptionsduringstartup/HandleAllExceptionsDuringStartup.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.handleallexceptionsduringstartup.HandleAllExceptionsDuringStartup -class TestFileQuery extends HandleAllExceptionsDuringStartupSharedQuery, TestQuery { } +class TestFileQuery extends HandleAllExceptionsDuringStartupSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql b/cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql index a61dc7860a..f9f34ef6d9 100644 --- a/cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql +++ b/cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.hashoperatorsused.HashOperatorsUsed -class TestFileQuery extends HashOperatorsUsedSharedQuery, TestQuery { } +class TestFileQuery extends HashOperatorsUsedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/identifierhidden/IdentifierHidden.ql b/cpp/common/test/rules/identifierhidden/IdentifierHidden.ql index ba13b28bd4..27a35f8376 100644 --- a/cpp/common/test/rules/identifierhidden/IdentifierHidden.ql +++ b/cpp/common/test/rules/identifierhidden/IdentifierHidden.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.identifierhidden.IdentifierHidden -class TestFileQuery extends IdentifierHiddenSharedQuery, TestQuery { } +class TestFileQuery extends IdentifierHiddenSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql b/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql index acdd497be7..d0a494f270 100644 --- a/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql +++ b/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.ifelseterminationconstruct.IfElseTerminationConstruct -class TestFileQuery extends IfElseTerminationConstructSharedQuery, TestQuery { } +class TestFileQuery extends IfElseTerminationConstructSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql b/cpp/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql index 13b07b4e90..8bec76dc05 100644 --- a/cpp/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql +++ b/cpp/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.includeguardsnotused.IncludeGuardsNotUsed -class TestFileQuery extends IncludeGuardsNotUsedSharedQuery, TestQuery { } +class TestFileQuery extends IncludeGuardsNotUsedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql b/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql index 3393d015c3..f51683773f 100644 --- a/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql +++ b/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.informationleakageacrossboundaries.InformationLeakageAcrossBoundaries -class TestFileQuery extends InformationLeakageAcrossBoundariesSharedQuery, TestQuery { } +class TestFileQuery extends InformationLeakageAcrossBoundariesSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql b/cpp/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql index c1f22c408a..ed1e85b531 100644 --- a/cpp/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql +++ b/cpp/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.iofstreammissingpositioning.IOFstreamMissingPositioning -class TestFileQuery extends IOFstreamMissingPositioningSharedQuery, TestQuery { } +class TestFileQuery extends IOFstreamMissingPositioningSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/joinablethreadcopiedordestroyed/JoinableThreadCopiedOrDestroyed.ql b/cpp/common/test/rules/joinablethreadcopiedordestroyed/JoinableThreadCopiedOrDestroyed.ql index affaeef13d..394425a83b 100644 --- a/cpp/common/test/rules/joinablethreadcopiedordestroyed/JoinableThreadCopiedOrDestroyed.ql +++ b/cpp/common/test/rules/joinablethreadcopiedordestroyed/JoinableThreadCopiedOrDestroyed.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.joinablethreadcopiedordestroyed.JoinableThreadCopiedOrDestroyed -class TestFileQuery extends JoinableThreadCopiedOrDestroyedSharedQuery, TestQuery { } +class TestFileQuery extends JoinableThreadCopiedOrDestroyedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql b/cpp/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql index 2ff9477919..8b3c25098c 100644 --- a/cpp/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql +++ b/cpp/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.macroparameternotenclosedinparentheses.MacroParameterNotEnclosedInParentheses -class TestFileQuery extends MacroParameterNotEnclosedInParenthesesSharedQuery, TestQuery { } +class TestFileQuery extends MacroParameterNotEnclosedInParenthesesSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql b/cpp/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql index 55290047a1..108cf3b8a1 100644 --- a/cpp/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql +++ b/cpp/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.memcmpusedtocomparepaddingdata.MemcmpUsedToComparePaddingData -class TestFileQuery extends MemcmpUsedToComparePaddingDataSharedQuery, TestQuery { } +class TestFileQuery extends MemcmpUsedToComparePaddingDataSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/movedfromobjectsunspecifiedstate/MovedFromObjectsUnspecifiedState.ql b/cpp/common/test/rules/movedfromobjectsunspecifiedstate/MovedFromObjectsUnspecifiedState.ql index 3f818cc3e2..f7510b8b24 100644 --- a/cpp/common/test/rules/movedfromobjectsunspecifiedstate/MovedFromObjectsUnspecifiedState.ql +++ b/cpp/common/test/rules/movedfromobjectsunspecifiedstate/MovedFromObjectsUnspecifiedState.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.movedfromobjectsunspecifiedstate.MovedFromObjectsUnspecifiedState -class TestFileQuery extends MovedFromObjectsUnspecifiedStateSharedQuery, TestQuery { } +class TestFileQuery extends MovedFromObjectsUnspecifiedStateSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql b/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql index 3e0b1f7e8b..d57bf78fad 100644 --- a/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql +++ b/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nestedlabelinswitch.NestedLabelInSwitch -class TestFileQuery extends NestedLabelInSwitchSharedQuery, TestQuery { } +class TestFileQuery extends NestedLabelInSwitchSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql b/cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql index 2e27365953..d1956d4b71 100644 --- a/cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql +++ b/cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonbooleanifstmt.NonBooleanIfStmt -class TestFileQuery extends NonBooleanIfStmtSharedQuery, TestQuery { } +class TestFileQuery extends NonBooleanIfStmtSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql b/cpp/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql index 46c2d4c3bb..3cd92aa294 100644 --- a/cpp/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql +++ b/cpp/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonbooleaniterationstmt.NonBooleanIterationStmt -class TestFileQuery extends NonBooleanIterationStmtSharedQuery, TestQuery { } +class TestFileQuery extends NonBooleanIterationStmtSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/nonconstantformat/NonConstantFormat.ql b/cpp/common/test/rules/nonconstantformat/NonConstantFormat.ql index 25750ae9e5..71bff7e9c6 100644 --- a/cpp/common/test/rules/nonconstantformat/NonConstantFormat.ql +++ b/cpp/common/test/rules/nonconstantformat/NonConstantFormat.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonconstantformat.NonConstantFormat -class TestFileQuery extends NonConstantFormatSharedQuery, TestQuery { } +class TestFileQuery extends NonConstantFormatSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/nonstandardentitiesinstandardnamespaces/NonStandardEntitiesInStandardNamespaces.ql b/cpp/common/test/rules/nonstandardentitiesinstandardnamespaces/NonStandardEntitiesInStandardNamespaces.ql index 3b10c31026..19990c3d2f 100644 --- a/cpp/common/test/rules/nonstandardentitiesinstandardnamespaces/NonStandardEntitiesInStandardNamespaces.ql +++ b/cpp/common/test/rules/nonstandardentitiesinstandardnamespaces/NonStandardEntitiesInStandardNamespaces.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonstandardentitiesinstandardnamespaces.NonStandardEntitiesInStandardNamespaces -class TestFileQuery extends NonStandardEntitiesInStandardNamespacesSharedQuery, TestQuery { } +class TestFileQuery extends NonStandardEntitiesInStandardNamespacesSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql b/cpp/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql index bcf99b44e7..775599e10e 100644 --- a/cpp/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql +++ b/cpp/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonvoidfunctiondoesnotreturn.NonVoidFunctionDoesNotReturn -class TestFileQuery extends NonVoidFunctionDoesNotReturnSharedQuery, TestQuery { } +class TestFileQuery extends NonVoidFunctionDoesNotReturnSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/objectaccessedafterlifetime/ObjectAccessedAfterLifetime.ql b/cpp/common/test/rules/objectaccessedafterlifetime/ObjectAccessedAfterLifetime.ql index fbf2270fb9..a6dd5f0ddb 100644 --- a/cpp/common/test/rules/objectaccessedafterlifetime/ObjectAccessedAfterLifetime.ql +++ b/cpp/common/test/rules/objectaccessedafterlifetime/ObjectAccessedAfterLifetime.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.objectaccessedafterlifetime.ObjectAccessedAfterLifetime -class TestFileQuery extends ObjectAccessedAfterLifetimeSharedQuery, TestQuery { } +class TestFileQuery extends ObjectAccessedAfterLifetimeSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/objectaccessedbeforelifetime/ObjectAccessedBeforeLifetime.ql b/cpp/common/test/rules/objectaccessedbeforelifetime/ObjectAccessedBeforeLifetime.ql index aa88f954dc..c7e11a4489 100644 --- a/cpp/common/test/rules/objectaccessedbeforelifetime/ObjectAccessedBeforeLifetime.ql +++ b/cpp/common/test/rules/objectaccessedbeforelifetime/ObjectAccessedBeforeLifetime.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.objectaccessedbeforelifetime.ObjectAccessedBeforeLifetime -class TestFileQuery extends ObjectAccessedBeforeLifetimeSharedQuery, TestQuery { } +class TestFileQuery extends ObjectAccessedBeforeLifetimeSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/onedefinitionruleviolation/OneDefinitionRuleViolation.ql b/cpp/common/test/rules/onedefinitionruleviolation/OneDefinitionRuleViolation.ql index 0f01e0b871..8b818c9f65 100644 --- a/cpp/common/test/rules/onedefinitionruleviolation/OneDefinitionRuleViolation.ql +++ b/cpp/common/test/rules/onedefinitionruleviolation/OneDefinitionRuleViolation.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.onedefinitionruleviolation.OneDefinitionRuleViolation -class TestFileQuery extends OneDefinitionRuleViolationSharedQuery, TestQuery { } +class TestFileQuery extends OneDefinitionRuleViolationSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/operationmaynotnullterminatecstylestring/OperationMayNotNullTerminateCStyleString.ql b/cpp/common/test/rules/operationmaynotnullterminatecstylestring/OperationMayNotNullTerminateCStyleString.ql index 88637e5fb8..191a71c62d 100644 --- a/cpp/common/test/rules/operationmaynotnullterminatecstylestring/OperationMayNotNullTerminateCStyleString.ql +++ b/cpp/common/test/rules/operationmaynotnullterminatecstylestring/OperationMayNotNullTerminateCStyleString.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.operationmaynotnullterminatecstylestring.OperationMayNotNullTerminateCStyleString -class TestFileQuery extends OperationMayNotNullTerminateCStyleStringSharedQuery, TestQuery { } +class TestFileQuery extends OperationMayNotNullTerminateCStyleStringSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/operatordeletemissingpartner/OperatorDeleteMissingPartner.ql b/cpp/common/test/rules/operatordeletemissingpartner/OperatorDeleteMissingPartner.ql index df5ed195c3..2239471465 100644 --- a/cpp/common/test/rules/operatordeletemissingpartner/OperatorDeleteMissingPartner.ql +++ b/cpp/common/test/rules/operatordeletemissingpartner/OperatorDeleteMissingPartner.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.operatordeletemissingpartner.OperatorDeleteMissingPartner -class TestFileQuery extends OperatorDeleteMissingPartnerSharedQuery, TestQuery { } +class TestFileQuery extends OperatorDeleteMissingPartnerSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.ql b/cpp/common/test/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.ql index 765e11c79e..a546ac7dee 100644 --- a/cpp/common/test/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.ql +++ b/cpp/common/test/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.orderingpredicatemustbestrictlyweak.OrderingPredicateMustBeStrictlyWeak -class TestFileQuery extends OrderingPredicateMustBeStrictlyWeakSharedQuery, TestQuery { } +class TestFileQuery extends OrderingPredicateMustBeStrictlyWeakSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.ql b/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.ql index efdcb47a16..06ce668f27 100644 --- a/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.ql +++ b/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.ownedpointervaluestoredinunrelatedsmartpointer.OwnedPointerValueStoredInUnrelatedSmartPointer -class TestFileQuery extends OwnedPointerValueStoredInUnrelatedSmartPointerSharedQuery, TestQuery { } +class TestFileQuery extends OwnedPointerValueStoredInUnrelatedSmartPointerSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.ql b/cpp/common/test/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.ql index d63da2dc8d..7b30c736d3 100644 --- a/cpp/common/test/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.ql +++ b/cpp/common/test/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.placementnewinsufficientstorage.PlacementNewInsufficientStorage -class TestFileQuery extends PlacementNewInsufficientStorageSharedQuery, TestQuery { } +class TestFileQuery extends PlacementNewInsufficientStorageSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/placementnewnotproperlyaligned/PlacementNewNotProperlyAligned.ql b/cpp/common/test/rules/placementnewnotproperlyaligned/PlacementNewNotProperlyAligned.ql index 913b1c9c66..5f4fd81927 100644 --- a/cpp/common/test/rules/placementnewnotproperlyaligned/PlacementNewNotProperlyAligned.ql +++ b/cpp/common/test/rules/placementnewnotproperlyaligned/PlacementNewNotProperlyAligned.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.placementnewnotproperlyaligned.PlacementNewNotProperlyAligned -class TestFileQuery extends PlacementNewNotProperlyAlignedSharedQuery, TestQuery { } +class TestFileQuery extends PlacementNewNotProperlyAlignedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/predicatefunctionobjectsshouldnotbemutable/PredicateFunctionObjectsShouldNotBeMutable.ql b/cpp/common/test/rules/predicatefunctionobjectsshouldnotbemutable/PredicateFunctionObjectsShouldNotBeMutable.ql index 1c9c73fb3d..0d4dec003f 100644 --- a/cpp/common/test/rules/predicatefunctionobjectsshouldnotbemutable/PredicateFunctionObjectsShouldNotBeMutable.ql +++ b/cpp/common/test/rules/predicatefunctionobjectsshouldnotbemutable/PredicateFunctionObjectsShouldNotBeMutable.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.predicatefunctionobjectsshouldnotbemutable.PredicateFunctionObjectsShouldNotBeMutable -class TestFileQuery extends PredicateFunctionObjectsShouldNotBeMutableSharedQuery, TestQuery { } +class TestFileQuery extends PredicateFunctionObjectsShouldNotBeMutableSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql b/cpp/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql index d66babdb6d..35bc1586b0 100644 --- a/cpp/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql +++ b/cpp/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessingdirectivewithinmacroargument.PreprocessingDirectiveWithinMacroArgument -class TestFileQuery extends PreprocessingDirectiveWithinMacroArgumentSharedQuery, TestQuery { } +class TestFileQuery extends PreprocessingDirectiveWithinMacroArgumentSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql b/cpp/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql index c7652ab4ae..f12f9663b1 100644 --- a/cpp/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql +++ b/cpp/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessorincludesforbiddenheadernames.PreprocessorIncludesForbiddenHeaderNames -class TestFileQuery extends PreprocessorIncludesForbiddenHeaderNamesSharedQuery, TestQuery { } +class TestFileQuery extends PreprocessorIncludesForbiddenHeaderNamesSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql b/cpp/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql index 43701dbbf9..44f700604a 100644 --- a/cpp/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql +++ b/cpp/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessorincludespreceded.PreprocessorIncludesPreceded -class TestFileQuery extends PreprocessorIncludesPrecededSharedQuery, TestQuery { } +class TestFileQuery extends PreprocessorIncludesPrecededSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql b/cpp/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql index 009c7f9e26..6fd33d601b 100644 --- a/cpp/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql +++ b/cpp/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preservesafetywhenusingconditionvariables.PreserveSafetyWhenUsingConditionVariables -class TestFileQuery extends PreserveSafetyWhenUsingConditionVariablesSharedQuery, TestQuery { } +class TestFileQuery extends PreserveSafetyWhenUsingConditionVariablesSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql b/cpp/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql index 4ca46f15ea..9968a80e75 100644 --- a/cpp/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql +++ b/cpp/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preventdeadlockbylockinginpredefinedorder.PreventDeadlockByLockingInPredefinedOrder -class TestFileQuery extends PreventDeadlockByLockingInPredefinedOrderSharedQuery, TestQuery { } +class TestFileQuery extends PreventDeadlockByLockingInPredefinedOrderSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql b/cpp/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql index 9150d4459d..cec14d6dac 100644 --- a/cpp/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql +++ b/cpp/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.readofuninitializedmemory.ReadOfUninitializedMemory -class TestFileQuery extends ReadOfUninitializedMemorySharedQuery, TestQuery { } +class TestFileQuery extends ReadOfUninitializedMemorySharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/removeconstorvolatilequalification/RemoveConstOrVolatileQualification.ql b/cpp/common/test/rules/removeconstorvolatilequalification/RemoveConstOrVolatileQualification.ql index 61865cccab..137fc2edf1 100644 --- a/cpp/common/test/rules/removeconstorvolatilequalification/RemoveConstOrVolatileQualification.ql +++ b/cpp/common/test/rules/removeconstorvolatilequalification/RemoveConstOrVolatileQualification.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.removeconstorvolatilequalification.RemoveConstOrVolatileQualification -class TestFileQuery extends RemoveConstOrVolatileQualificationSharedQuery, TestQuery { } +class TestFileQuery extends RemoveConstOrVolatileQualificationSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/rethrownestedwithoutcapture/RethrowNestedWithoutCapture.ql b/cpp/common/test/rules/rethrownestedwithoutcapture/RethrowNestedWithoutCapture.ql index ab45ada710..e3cc2a62fb 100644 --- a/cpp/common/test/rules/rethrownestedwithoutcapture/RethrowNestedWithoutCapture.ql +++ b/cpp/common/test/rules/rethrownestedwithoutcapture/RethrowNestedWithoutCapture.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.rethrownestedwithoutcapture.RethrowNestedWithoutCapture -class TestFileQuery extends RethrowNestedWithoutCaptureSharedQuery, TestQuery { } +class TestFileQuery extends RethrowNestedWithoutCaptureSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql b/cpp/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql index aacadf0253..00d24cc943 100644 --- a/cpp/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql +++ b/cpp/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.sectionsofcodeshallnotbecommentedout.SectionsOfCodeShallNotBeCommentedOut -class TestFileQuery extends SectionsOfCodeShallNotBeCommentedOutSharedQuery, TestQuery { } +class TestFileQuery extends SectionsOfCodeShallNotBeCommentedOutSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/stringnumberconversionmissingerrorcheck/StringNumberConversionMissingErrorCheck.ql b/cpp/common/test/rules/stringnumberconversionmissingerrorcheck/StringNumberConversionMissingErrorCheck.ql index 7fae4b8b9a..9e35a26b6d 100644 --- a/cpp/common/test/rules/stringnumberconversionmissingerrorcheck/StringNumberConversionMissingErrorCheck.ql +++ b/cpp/common/test/rules/stringnumberconversionmissingerrorcheck/StringNumberConversionMissingErrorCheck.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.stringnumberconversionmissingerrorcheck.StringNumberConversionMissingErrorCheck -class TestFileQuery extends StringNumberConversionMissingErrorCheckSharedQuery, TestQuery { } +class TestFileQuery extends StringNumberConversionMissingErrorCheckSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql b/cpp/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql index 1b323a652d..de3d7c5c9c 100644 --- a/cpp/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql +++ b/cpp/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.switchcasepositioncondition.SwitchCasePositionCondition -class TestFileQuery extends SwitchCasePositionConditionSharedQuery, TestQuery { } +class TestFileQuery extends SwitchCasePositionConditionSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql b/cpp/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql index 75ce3cb1ec..3669f8739e 100644 --- a/cpp/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql +++ b/cpp/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.switchnotwellformed.SwitchNotWellFormed -class TestFileQuery extends SwitchNotWellFormedSharedQuery, TestQuery { } +class TestFileQuery extends SwitchNotWellFormedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/throwingnothrowoperatornewdelete/ThrowingNoThrowOperatorNewDelete.ql b/cpp/common/test/rules/throwingnothrowoperatornewdelete/ThrowingNoThrowOperatorNewDelete.ql index 0135c410f4..039db1c5c3 100644 --- a/cpp/common/test/rules/throwingnothrowoperatornewdelete/ThrowingNoThrowOperatorNewDelete.ql +++ b/cpp/common/test/rules/throwingnothrowoperatornewdelete/ThrowingNoThrowOperatorNewDelete.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.throwingnothrowoperatornewdelete.ThrowingNoThrowOperatorNewDelete -class TestFileQuery extends ThrowingNoThrowOperatorNewDeleteSharedQuery, TestQuery { } +class TestFileQuery extends ThrowingNoThrowOperatorNewDeleteSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.ql b/cpp/common/test/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.ql index c0fc6c8619..b034de0a67 100644 --- a/cpp/common/test/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.ql +++ b/cpp/common/test/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.throwingoperatornewreturnsnull.ThrowingOperatorNewReturnsNull -class TestFileQuery extends ThrowingOperatorNewReturnsNullSharedQuery, TestQuery { } +class TestFileQuery extends ThrowingOperatorNewReturnsNullSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/throwingoperatornewthrowsinvalidexception/ThrowingOperatorNewThrowsInvalidException.ql b/cpp/common/test/rules/throwingoperatornewthrowsinvalidexception/ThrowingOperatorNewThrowsInvalidException.ql index 072a5c7027..e4917831e5 100644 --- a/cpp/common/test/rules/throwingoperatornewthrowsinvalidexception/ThrowingOperatorNewThrowsInvalidException.ql +++ b/cpp/common/test/rules/throwingoperatornewthrowsinvalidexception/ThrowingOperatorNewThrowsInvalidException.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.throwingoperatornewthrowsinvalidexception.ThrowingOperatorNewThrowsInvalidException -class TestFileQuery extends ThrowingOperatorNewThrowsInvalidExceptionSharedQuery, TestQuery { } +class TestFileQuery extends ThrowingOperatorNewThrowsInvalidExceptionSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql b/cpp/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql index 11720fb8da..6ae007bd39 100644 --- a/cpp/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql +++ b/cpp/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.uncheckedrangedomainpoleerrors.UncheckedRangeDomainPoleErrors -class TestFileQuery extends UncheckedRangeDomainPoleErrorsSharedQuery, TestQuery { } +class TestFileQuery extends UncheckedRangeDomainPoleErrorsSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql b/cpp/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql index 316565cab7..168b3a0b2e 100644 --- a/cpp/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql +++ b/cpp/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.undefinedmacroidentifiers.UndefinedMacroIdentifiers -class TestFileQuery extends UndefinedMacroIdentifiersSharedQuery, TestQuery { } +class TestFileQuery extends UndefinedMacroIdentifiersSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql b/cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql index 3baad901da..3b1e4b7c56 100644 --- a/cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql +++ b/cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unnecessaryexposedidentifierdeclarationshared.UnnecessaryExposedIdentifierDeclarationShared -class TestFileQuery extends UnnecessaryExposedIdentifierDeclarationSharedSharedQuery, TestQuery { } +class TestFileQuery extends UnnecessaryExposedIdentifierDeclarationSharedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/unreachablecode/UnreachableCode.ql b/cpp/common/test/rules/unreachablecode/UnreachableCode.ql index c394bfba3e..61554593fd 100644 --- a/cpp/common/test/rules/unreachablecode/UnreachableCode.ql +++ b/cpp/common/test/rules/unreachablecode/UnreachableCode.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unreachablecode.UnreachableCode -class TestFileQuery extends UnreachableCodeSharedQuery, TestQuery { } +class TestFileQuery extends UnreachableCodeSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/unusedparameter/UnusedParameter.ql b/cpp/common/test/rules/unusedparameter/UnusedParameter.ql index e990a7dcf3..4dc2000dbb 100644 --- a/cpp/common/test/rules/unusedparameter/UnusedParameter.ql +++ b/cpp/common/test/rules/unusedparameter/UnusedParameter.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unusedparameter.UnusedParameter -class TestFileQuery extends UnusedParameterSharedQuery, TestQuery { } +class TestFileQuery extends UnusedParameterSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql b/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql index f1c09524d5..76ccfec0f2 100644 --- a/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql +++ b/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unusedtypedeclarations.UnusedTypeDeclarations -class TestFileQuery extends UnusedTypeDeclarationsSharedQuery, TestQuery { } +class TestFileQuery extends UnusedTypeDeclarationsSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql b/cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql index f9997627b4..c8b9f229f4 100644 --- a/cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql +++ b/cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.usageofassemblernotdocumented.UsageOfAssemblerNotDocumented -class TestFileQuery extends UsageOfAssemblerNotDocumentedSharedQuery, TestQuery { } +class TestFileQuery extends UsageOfAssemblerNotDocumentedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/usecanonicalorderformemberinit/UseCanonicalOrderForMemberInit.ql b/cpp/common/test/rules/usecanonicalorderformemberinit/UseCanonicalOrderForMemberInit.ql index c703151f75..6cee3d153d 100644 --- a/cpp/common/test/rules/usecanonicalorderformemberinit/UseCanonicalOrderForMemberInit.ql +++ b/cpp/common/test/rules/usecanonicalorderformemberinit/UseCanonicalOrderForMemberInit.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.usecanonicalorderformemberinit.UseCanonicalOrderForMemberInit -class TestFileQuery extends UseCanonicalOrderForMemberInitSharedQuery, TestQuery { } +class TestFileQuery extends UseCanonicalOrderForMemberInitSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql b/cpp/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql index 55554bee07..7edd86ecab 100644 --- a/cpp/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql +++ b/cpp/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.useonlyarrayindexingforpointerarithmetic.UseOnlyArrayIndexingForPointerArithmetic -class TestFileQuery extends UseOnlyArrayIndexingForPointerArithmeticSharedQuery, TestQuery { } +class TestFileQuery extends UseOnlyArrayIndexingForPointerArithmeticSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/validcontainerelementaccess/ValidContainerElementAccess.ql b/cpp/common/test/rules/validcontainerelementaccess/ValidContainerElementAccess.ql index 5f61b8a2a9..64e86b2ba5 100644 --- a/cpp/common/test/rules/validcontainerelementaccess/ValidContainerElementAccess.ql +++ b/cpp/common/test/rules/validcontainerelementaccess/ValidContainerElementAccess.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.validcontainerelementaccess.ValidContainerElementAccess -class TestFileQuery extends ValidContainerElementAccessSharedQuery, TestQuery { } +class TestFileQuery extends ValidContainerElementAccessSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql b/cpp/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql index 44947bf85a..af84dd07c1 100644 --- a/cpp/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql +++ b/cpp/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql @@ -1,4 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.wrapspuriousfunctioninloop.WrapSpuriousFunctionInLoop -class TestFileQuery extends WrapSpuriousFunctionInLoopSharedQuery, TestQuery { } +class TestFileQuery extends WrapSpuriousFunctionInLoopSharedQuery, TestQuery { +} From dc3659cb9f4a88a33a1f470133f26ba63e67afab Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 11 Oct 2023 14:45:38 -0700 Subject: [PATCH 1393/2573] Update the release process section --- docs/development_handbook.md | 88 ++++++++++++++++++++---------------- 1 file changed, 49 insertions(+), 39 deletions(-) diff --git a/docs/development_handbook.md b/docs/development_handbook.md index 8aeb1ee5e5..ad66d09652 100644 --- a/docs/development_handbook.md +++ b/docs/development_handbook.md @@ -35,6 +35,7 @@ | 0.26.0 | 2022-08-10 | Remco Vermeulen | Address incorrect package file generation command. This was missing the required language argument. | | 0.27.0 | 2022-11-08 | Luke Cartey | Update the versions of C we intend to support to exclude C90, which reflects the intended scope at the outset of the project. | | 0.28.0 | 2023-08-14 | Luke Cartey | Remove references to LGTM which is now a legacy product. | +| 0.29.0 | 2023-10-11 | Remco Vermeulen | Update release process. | ## Scope of work @@ -515,9 +516,29 @@ To upgrade the CodeQL external dependencies: ### Release process -#### Version Numbering +The release process is a combination of release specific Action workflows and validation Action workflows executed on each PR. +The flowchart below provides an overview of the release process and how the release specific Action workflows are related. + +```mermaid +flowchart TD; + prepare-release["Prepare release (prepare-release.yml)"] + validate-release["Validate release (validate-release.yml)"] + compiler-validation["Compiler tests (release-engineering/release-compiler-validation.yml.)"] + performance-testing["Performance testing (release-engineering/release-performance-testing.yml)"] + existing-checks["Existing checks run on each PR"] + update-release["Update release (update-release.yml)"] + finalize-release["Finalize release (finalize-release.yml)"] + + prepare-release-->validate-release + validate-release-->compiler-validation-->update-release + validate-release-->performance-testing-->update-release + prepare-release-->existing-checks-->update-release + update-release-->finalize-release +``` + +#### Version Numbering -Version numbers follow semantic versioning and adhere to the following guidelines specific to Coding Standards. +Version numbers follow semantic versioning and adhere to the following guidelines specific to Coding Standards. Given the version `..`: @@ -531,57 +552,46 @@ We use the "Releases" feature in GitHub to manage and track our releases. This p To simplify the process of generating the release information, the repository contains a number of scripts and Action workflows: - - [`generate_release_notes.py`](../scripts/release/generate_release_notes.py) - a script for generating release notes based on the contents of the repository in comparison to the previous release. - - [`create_draft_release.sh`](../scripts/release/create_draft_release.sh) - a script for creating a release by: - 1. Downloading the appropriate artifacts - 2. Generating the release notes by calling `generate_release_notes.py` with appropriate parameters - 3. Generating the list of supported rules - 4. Creating a draft release on GitHub containing the artifacts from the previous steps - 5. Triggering integration testing on the new release. - - [`create-draft-release.yml`](../.github/workflows/create-draft-release.yml) - a GitHub Actions workflow for running the `create_draft_release.sh` on demand within the CI/CD environment. +- [prepare-release.yml](./github/workflows/prepare-release.yml): The entry point for starting a new release. When provided with a version and a Git reference this workflow will + - Create a release branch. + - Create a release PR that will contain all the changes required for a release and will validate the release using checks. + - Create a draft release that will be updated during various stages of the release. +- [update-release.yml](./github/workflows/update-release.yml): This workflow will update the draft release when all checks have passed successfully on the release PR. The draft release is updated to: + - Have the most recent release notes as generated by the [update-release-notes.py](scripts/release/update-release-notes.py) script. + - Have the most recent release assets as generated by the [update-release-assets.py](scripts/release/update-release-assets.py). +- [finalize-release.yml](.github/workflows/finalize-release.yml): This will update the release tag and mark the release public when the release PR is merged to successfully conclude the release. +- [update-release-status.yml](.github/workflows/update-release-status.yml): This workflow will update the status on the release by monitoring the status of individual validation steps. When all succeeded this will invoke the `update-release.yml` workflow. +- [update-check-run.yml](.github/workflows/update-check-run.yml): Utility workflow that allow authorized external workflows (i.e., workflows in other repositories) to update the status of check runs in the coding standards repository. +- [validate-release.yml](.github/workflows/validate-release.yml): Utility workflow that will start the performance and compiler compatibility testing that are orchestrated from the codeql-coding-standards-release-engineering repository. #### Branching workflow -Each new major or minor release should have a dedicated release branch, with the name `rc/.`. A new patch version should re-use the existing release branch for the release that is being patched. +Each release should have a dedicated release branch, with the name `rc/..`. A new patch version should branch from the existing release branch for the release that is being patched. Ensure that the same release branch is created in the [codeql-coding-standards-help](https://github.com/github/codeql-coding-standards-help) repository. -#### Artifact creation +#### Release assets -There is an automated CI/CD job ([Code Scanning Query Pack Generation](../.github/workflows/code-scanning-pack-gen.yml)) provided that generates the following release artifacts for Coding Standards: +There is an automated CI/CD job ([Update Release](../.github/workflows/update-release.yml)) that will automatically generate the release assets according to the [release layout specification](scripts/release/release-layout.yml). +Among the assets are: - - Code Scanning query pack - generates a zipped folder that can be used with the CodeQL CLI directly, or with GitHub Advanced Security. +- Certification kit containing the proof obligations for ISO26262 certification. +- Code Scanning query packs that can be used with the CodeQL CLI directly, or with GitHub Advanced Security. **Use of Code Scanning within GitHub Advanced Security is not in scope for ISO 26262 tool qualification. See [user_manual.md#github-advanced-security](user_manual.md#github-advanced-security) for more information**. -These run on every push to `main` and `rc/*`, and on every pull request, and are releasable without modification, assuming all other status checks succeed on the same commit. - #### Creating a release To create a new release: - 1. Create an internal "release checklist" issue. - 2. Determine the appropriate release version. Version numbers are generated + + 1. Determine the appropriate release version. Version numbers are generated according to the guidelines in the section "Version Numbering." - 3. If a new `MAJOR` version is necessary, create a new `rc/.0` branch off of `main`. Otherwise, reuse the existing `rc` branch and merge work from `main` into the `rc` branch you have selected. - 4. Ensure the same `rc` branch exists in the [codeql-coding-standards-help](https://github.com/github/codeql-coding-standards-help) repository. This branch will be used to include external help files. - 5. Submit a PR to update the `qlpack.yml` version numbers on the `main` branch to the next anticipated release. - 6. Submit a PR to update the `qlpack.yml` version numbers on the release branch to the new version. - 7. Trigger a [workflow dispatch event](https://docs.github.com/en/actions/managing-workflow-runs/manually-running-a-workflow) for the [Create draft release](../.github/workflows/create-draft-release.yml) workflow, specifying the release branch. The output of this workflow should report a link to the draft release and a link to the integration testing workflow triggered for this release. - - In the event the workflow is unusable, the [`create_draft_release.sh`](../scripts/release/create_draft_release.sh) script can be run directly on a local machine. - 8. Run the following workflows with the new version number, e.g., `v2.0.0`: - - [Test Linux/x86_64](https://github.com/github/codeql-coding-standards-release-engineering/actions/workflows/test-release-performance-linux-x86_64.yml) - - [Test Windows/x86_64](https://github.com/github/codeql-coding-standards-release-engineering/actions/workflows/test-release-performance-windows-x86_64.yml) - - [Regenerate Performance Views](https://github.com/github/codeql-coding-standards-release-engineering/actions/workflows/regenerate-performance-views.yml) - 9. Confirm the integration testing workflow completes successfully, and that the execution time is comparable to previous releases, taking into account that the execution time is expected to increase proportionally as more queries are added for each release. Results may be viewed on the release engineering repo: https://github.com/github/codeql-coding-standards-release-engineering - 10. For release 1.0.0 and above, the integration testing results must be verified. For each "integration testing codebase": - - Download the SARIF result file - - Compare the results against the previously computed set of results for that integration testing codebase, and, for any new or changed results, spot check to confirm validity. - - For false positives and false negatives identified during this process issues should be opened on this repository to track the problems identified. - - For each issue opened, assess whether they are "significant" i.e. whether they are likely to cause problems in practice with customers. If so, consider Step 7. failed. - 11. If the release fails steps 7. or 8. (if applicable), retain the draft release, and rename it to `vminor.major.patch-rc`. Address the release blocking issues on the `rc/.` branch, and restart the release process at Step 7. - 12. If steps 7. and 8. (if applicable) succeeded, then the release can be marked as "published". - 13. Release artifacts can now be distributed to customers. - 14. Create an internal "release retrospective" issue, and document any pain points or other issues. - 15. Create a PR that merges the release candidate branch into `main`. + 2. Determine the appropriate [Git reference](https://git-scm.com/book/en/v2/Git-Internals-Git-References) to base the new release on. For new major or minor releases, this will be `main`. For patch releases this will be the release branch that is patched. + 3. Trigger a [workflow dispatch event](https://docs.github.com/en/actions/managing-workflow-runs/manually-running-a-workflow) for the [Prepare CodeQL Coding Standards release](../.github/workflows/prepare-release.yml) workflow, specifying the release version for the input `version` and the Git reference for the input `ref`. + 4. Merge the PR that is created for the release, named `Release v..` where ``, ``, and `` match with the input `version` of the workflow [Prepare CodeQL Coding Standards release](../.github/workflows/prepare-release.yml) triggered in the previous step. + +The release automation consists of many test and validation steps that can fail. These can be addressed and the release can be restarted from step 3. +A restart of a release **WILL RECREATE THE EXISTING RELEASE BRANCH AND RELEASE PR**. Any additional changes added to the PR **MUST** be reapplied. +If a release has been marked public, the release can no longer be restarted or re-released without removing the release manually. ## False Positive Triage Rubric From 6b98895f0b6536b07ec60e94724f7da0059bdadf Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 11 Oct 2023 15:01:16 -0700 Subject: [PATCH 1394/2573] Address Markdown linter problems --- docs/development_handbook.md | 344 +++++++++++++++++++---------------- 1 file changed, 184 insertions(+), 160 deletions(-) diff --git a/docs/development_handbook.md b/docs/development_handbook.md index ad66d09652..3a9471df59 100644 --- a/docs/development_handbook.md +++ b/docs/development_handbook.md @@ -36,10 +36,11 @@ | 0.27.0 | 2022-11-08 | Luke Cartey | Update the versions of C we intend to support to exclude C90, which reflects the intended scope at the outset of the project. | | 0.28.0 | 2023-08-14 | Luke Cartey | Remove references to LGTM which is now a legacy product. | | 0.29.0 | 2023-10-11 | Remco Vermeulen | Update release process. | +| 0.29.1 | 2023-10-11 | Remco Vermeulen | Address Markdown linter problems. | ## Scope of work -A _coding standard_ is a set of rules or guidelines which restrict or prohibit the use of certain dangerous or confusing coding patterns or language features. This repository contains CodeQL queries (and supporting processes) which implement a number of different coding standards. The currently supported standards are: +A *coding standard* is a set of rules or guidelines which restrict or prohibit the use of certain dangerous or confusing coding patterns or language features. This repository contains CodeQL queries (and supporting processes) which implement a number of different coding standards. The currently supported standards are: | Standard | Version | Total rules | Total supportable rules | Status | Notes | | -------------------------------------------------------------------------------------------------------------------- | ------- | ----------- | ----------------------- | -------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | @@ -48,8 +49,7 @@ A _coding standard_ is a set of rules or guidelines which restrict or prohibit t | [CERT-C](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-c-coding-standard-2016-v01.pdf) | 2016 | 120 | 99 | In development | The implementation excludes rules not part of 2016, but that are added to the [CERT-C wiki](https://wiki.sei.cmu.edu/confluence/display/c/) | | [MISRA C](https://www.misra.org.uk/product/misra-c2012-third-edition-first-revision/ ) | 2012 | 172 | 172 | In development | This includes the [MISRA C:2012 Amendment 2](https://www.misra.org.uk/app/uploads/2021/06/MISRA-C-2012-AMD2.pdf) | - -Each coding standard consists of a list of "guidelines", however not all the guidelines in all the standards will be amenable to automated static analysis. The AUTOSAR C++ standard categorizes the guidelines according to enforcement by static analysis tools in section _5.1.3 Rule classification according to enforcement by static analysis_ of the standard. The CERT-C++ standard does not provide such categorization, but frequently has a [documented](https://wiki.sei.cmu.edu/confluence/display/cplusplus/How+this+Coding+Standard+Is+Organized#HowthisCodingStandardIsOrganized-AutomatedDetection) automated detection section for guidelines that documents tools, including their limitations, that can verify the guidelines in question. We have therefore carefully reviewed each supported standard. For each guidelines that is not categorized as automatic enforceable we have determined,in conjunction with end users, what parts of the guideline can be supported in which capacity with CodeQL. +Each coding standard consists of a list of "guidelines", however not all the guidelines in all the standards will be amenable to automated static analysis. The AUTOSAR C++ standard categorizes the guidelines according to enforcement by static analysis tools in section *5.1.3 Rule classification according to enforcement by static analysis* of the standard. The CERT-C++ standard does not provide such categorization, but frequently has a [documented](https://wiki.sei.cmu.edu/confluence/display/cplusplus/How+this+Coding+Standard+Is+Organized#HowthisCodingStandardIsOrganized-AutomatedDetection) automated detection section for guidelines that documents tools, including their limitations, that can verify the guidelines in question. We have therefore carefully reviewed each supported standard. For each guidelines that is not categorized as automatic enforceable we have determined,in conjunction with end users, what parts of the guideline can be supported in which capacity with CodeQL. For some of the rules which are not amenable to static analysis, we may opt to provide a query which aids with "auditing" the rules. For example, AUTOSAR includes a rule (A10-0-1) "Public inheritance shall be used to implement 'is-a' relationship.". This is not directly amenable to static analysis, because it requires external context around the concept being modeled. However, we can provide an "audit" rule which reports all the public and private inheritance relationships in the program, so they can be manually verified. @@ -63,8 +63,8 @@ A common use case for the coding standards specified above is to to help in the To support the functional safety use case, the scope of work for this project also includes: - - _Analysis reporting_ - producing reports for functional safety purposes that summarize the findings and highlight any issues during analysis that could compromise the integrity of those findings. - - _Deviations_ - a process for suppressing valid results, and maintaining metadata +- *Analysis reporting* - producing reports for functional safety purposes that summarize the findings and highlight any issues during analysis that could compromise the integrity of those findings. +- *Deviations* - a process for suppressing valid results, and maintaining metadata The requirements for these additional components are taken from the [MISRA Compliance 2020](https://www.misra.org.uk/app/uploads/2021/06/MISRA-Compliance-2020.pdf) document. Further details of these use cases can be found in the [user manual](user_manual.md). @@ -72,30 +72,34 @@ The requirements for these additional components are taken from the [MISRA Compl ### Overview - * For each selected rule we will write one or more CodeQL queries that implement the rule (see section _Splitting a rule into multiple queries_). - * Queries will be grouped into CodeQL packs, according to the coding standard the rule comes from. - * To ensure consistency and increase the speed of development, we generate outline query files from the `rules.csv` specification file. - * Where a rule is duplicated across different standards, we will still create separate queries for each standard, but the implementation may be shared between the standards. This allows each version to provide different metadata, and to be enabled/disabled individually. - +- For each selected rule we will write one or more CodeQL queries that implement the rule (see section *Splitting a rule into multiple queries*). +- Queries will be grouped into CodeQL packs, according to the coding standard the rule comes from. +- To ensure consistency and increase the speed of development, we generate outline query files from the `rules.csv` specification file. +- Where a rule is duplicated across different standards, we will still create separate queries for each standard, but the implementation may be shared between the standards. This allows each version to provide different metadata, and to be enabled/disabled individually. + ### Architecture For each supported coding standard we will provide: + 1. A CodeQL query pack containing the queries that implement the designated rules. 2. A CodeQL query pack containing the unit tests ("qltests") for each of the queries. These packs will be organized by supported language. The current supported languages are: + - C++14 standardized by [ISO/IEC 14882:2014](https://www.iso.org/standard/64029.html) located in the directory `cpp`. - [C99] standardized by [ISO/IEC 9899:1999](https://www.iso.org/standard/29237.html) and C11 standardized by [ISO/IEC 9899:2011](https://www.iso.org/standard/57853.html). All are located in the directory `c`. For each language, we will also include: + 1. A CodeQL query pack containing "common" libraries, which provide support. 2. A CodeQL query pack containing tests for the "common" libraries. The standards packs will depend on the "common" pack for the given language. This will allow the different standards to share implementation libraries. In the repository, this will be organized as follows: -``` + +```text / / src/ @@ -142,9 +146,10 @@ The decision to split a rule into multiple queries should be driven by the follo In order to speed up rule development and ensure implementation consistency we have created a series of scripts that generate templated rule files based on the `rules.csv` rule specification file. This generation process works on a per-rule package basis, and is driven by the creation of a "rule package description file", describing the mapping from rules to queries which will implement those rules. For this, there is a three step process: - 1. Generate a rule package description file for a given rule package. - 2. Review each entry in the rule package description file, updating the names and properties of the queries that will be written to implement these rules. - 3. Generate rule files from the rule package description file for a given rule package. + +1. Generate a rule package description file for a given rule package. +2. Review each entry in the rule package description file, updating the names and properties of the queries that will be written to implement these rules. +3. Generate rule files from the rule package description file for a given rule package. After these scripts have been run each query specified in the rule package description file will have: @@ -177,7 +182,7 @@ pip install -r scripts/requirements.txt To generate the rule package description file, run the following script from the root of the repository: -``` +```bash python3.9 scripts/generate_rules/generate_package_description.py ``` @@ -186,23 +191,24 @@ This will produce a `.json` file in the `rule_packages` directory with the name #### Step 2: Review and update the rule package description file The rule package description file produced in previous step is a `json` file which has the following structure: - - * A rule package object, with properties for each coding standard. - * A coding standard object, with properties for each implemented rule. - * A rule object, with: - * A `properties` property specifying some key-value pairs describing properties of the rule. - * A `title`s property specifying the rule title (also known as the rule "headline"). - * A `queries` property, specifying an array of query objects - * A query object, with: - * A `description` property, which will be used to populate the `@description` query metadata property value for this query. - * A `kind` property, which will be used to populate the `@kind` query metadata property value for this query. - * A `name` property, which will be used to populate the `@name` query metadata property value for this query. - * A `precision` property, which will be used to populate the `@precision` query metadata property value for this query. - * A `severity` property, which will be used to populate the `@severity` query metadata property value for this query. - * A `short_name` property, which will be used in the filenames for each file generated for this query, most notable as the name of the generated `.ql` query file, as well as the query id. - * A `tags` property, which will be used to populate the `@tags` query metadata property value for this query. + +- A rule package object, with properties for each coding standard. +- A coding standard object, with properties for each implemented rule. +- A rule object, with: + - A `properties` property specifying some key-value pairs describing properties of the rule. + - A `title`s property specifying the rule title (also known as the rule "headline"). + - A `queries` property, specifying an array of query objects +- A query object, with: + - A `description` property, which will be used to populate the `@description` query metadata property value for this query. + - A `kind` property, which will be used to populate the `@kind` query metadata property value for this query. + - A `name` property, which will be used to populate the `@name` query metadata property value for this query. + - A `precision` property, which will be used to populate the `@precision` query metadata property value for this query. + - A `severity` property, which will be used to populate the `@severity` query metadata property value for this query. + - A `short_name` property, which will be used in the filenames for each file generated for this query, most notable as the name of the generated `.ql` query file, as well as the query id. + - A `tags` property, which will be used to populate the `@tags` query metadata property value for this query. For example, this is the first part of the `Exceptions2.json` package file: + ```json { "AUTOSAR": { @@ -237,70 +243,74 @@ The query metadata instructs the CodeQL how to handle the query and display its The `generate_package_description.py` script provides a "best-effort" approach to setting each of the properties. For that reason, the rule package description file must be reviewed and updated. For each rule: - - Review the rule text in the relevant standard, and determine the number of queries - - For each `query` object review and update the following properties: - - `description` - **_must not be empty and end with a full stop_** - will be blank, unless the rule headline was too long to fit in the `name` property, in which case it will contain the rule headline. If the `description` is blank, fill it in explaining _why_ this could be a problem by explaining the consequences (see the CodeQL [metadata descriptions](https://github.com/github/codeql/blob/main/docs/query-metadata-style-guide.md#query-descriptions-description) documentation for more details). - - `kind` - pre-populated to `problem`. Modify to `path-problem` if this query is likely to use path explanations - for example, to explain data flow path. - - `name` - will be pre-populated the first 100 characters of the rule headline text, truncated at a sensible point. This should be a single sentence, and **_must not end in a full stop_**. - - `precision` - pre-populated based on a "difficulty" column present in the `rules.csv`. Set according to the definition specified in the CodeQL [metadata properties](https://codeql.github.com/docs/writing-codeql-queries/metadata-for-codeql-queries/#metadata-properties) documentation. - - `severity` - will be pre-populated to `error`, but should be adjusted based on the query. The criteria is that if the query does report a true positive - - `error` - if the reported issue is either directly a security vulnerability, or directly causes a bug or crash in the program. - - `warning` - if the reported issue is not an error, but could indirectly lead to a security vulnerability or a bug or crash in the program. - - `recommendation` - if the reported issue is primarily a stylistic or maintainability issue. - - `short_name` - must be a PascalCase string without spaces, which will be used for the name of the query file and to generate a query id. Pre-populated heuristically from from the rule headline text. Make adjustments as appropriate: - - The short name must not exceed 50 characters. - - Consider whether the query can be described more succinctly. For example `OnlyInstancesOfTypesDerivedFromExceptionShouldBeThrown` can be summarized more clearly as `OnlyThrowStdExceptionDerivedTypes`. - - `tags` - Apply at least one tag from the possible values listed below. If you want to use a query that is not listed a new tag can be added through a PR that modifies the possible tag values in the `query` sub-schema located in `schemas/rule-package.schema.json` and updates the list of possible values described below. - - `correctness` - if the query identifies incorrect program behavior. - - `security` - if the query identifies a potential security vulnerability. - - `readability` - if the query identifies an issue which makes the code harder to read. - - `maintainability` - if the query identifies an issue which makes the code harder to maintain. - - `performance` - if the query identifies an issue which has a negative impact on the performance of the code. - - `concurrency` - if the query identifies a concurrency issue. - - Validate the rule package description file using the `validate-rule-package.py` script that validates the rule package descriptions against the schema `rule-package.schema.json` located in the `schemas` directory. - - `python3 scripts/validate-rule-package.py ` - -#### Step 3: +- Review the rule text in the relevant standard, and determine the number of queries +- For each `query` object review and update the following properties: + - `description` - ***must not be empty and end with a full stop*** - will be blank, unless the rule headline was too long to fit in the `name` property, in which case it will contain the rule headline. If the `description` is blank, fill it in explaining *why* this could be a problem by explaining the consequences (see the CodeQL [metadata descriptions](https://github.com/github/codeql/blob/main/docs/query-metadata-style-guide.md#query-descriptions-description) documentation for more details). + - `kind` - pre-populated to `problem`. Modify to `path-problem` if this query is likely to use path explanations - for example, to explain data flow path. + - `name` - will be pre-populated the first 100 characters of the rule headline text, truncated at a sensible point. This should be a single sentence, and ***must not end in a full stop***. + - `precision` - pre-populated based on a "difficulty" column present in the `rules.csv`. Set according to the definition specified in the CodeQL [metadata properties](https://codeql.github.com/docs/writing-codeql-queries/metadata-for-codeql-queries/#metadata-properties) documentation. + - `severity` - will be pre-populated to `error`, but should be adjusted based on the query. The criteria is that if the query does report a true positive + - `error` - if the reported issue is either directly a security vulnerability, or directly causes a bug or crash in the program. + - `warning` - if the reported issue is not an error, but could indirectly lead to a security vulnerability or a bug or crash in the program. + - `recommendation` - if the reported issue is primarily a stylistic or maintainability issue. + - `short_name` - must be a PascalCase string without spaces, which will be used for the name of the query file and to generate a query id. Pre-populated heuristically from from the rule headline text. Make adjustments as appropriate: + - The short name must not exceed 50 characters. + - Consider whether the query can be described more succinctly. For example `OnlyInstancesOfTypesDerivedFromExceptionShouldBeThrown` can be summarized more clearly as `OnlyThrowStdExceptionDerivedTypes`. + - `tags` - Apply at least one tag from the possible values listed below. If you want to use a query that is not listed a new tag can be added through a PR that modifies the possible tag values in the `query` sub-schema located in `schemas/rule-package.schema.json` and updates the list of possible values described below. + - `correctness` - if the query identifies incorrect program behavior. + - `security` - if the query identifies a potential security vulnerability. + - `readability` - if the query identifies an issue which makes the code harder to read. + - `maintainability` - if the query identifies an issue which makes the code harder to maintain. + - `performance` - if the query identifies an issue which has a negative impact on the performance of the code. + - `concurrency` - if the query identifies a concurrency issue. + - Validate the rule package description file using the `validate-rule-package.py` script that validates the rule package descriptions against the schema `rule-package.schema.json` located in the `schemas` directory. + - `python3 scripts/validate-rule-package.py ` + +#### Step 3 Ensure that the repository [codeql-coding-standards-help](https://github.com/github/codeql-coding-standards-help) cloned as a sibling of the [codeql-coding-standards](https://github.com/github/codeql-coding-standards) repository switched to a branch that matches the branch your are working on. To generate the rule package files, run the following script from the root of the repository: -``` +```bash python3.9 scripts/generate_rules/generate_package_files.py ``` If the repository [codeql-coding-standards-help](https://github.com/github/codeql-coding-standards-help) is not cloned as a sibling, then run the script as follows: -``` +```bash python3.9 scripts/generate_rules/generate_package_files.py --external-help-dir ``` After running this script, the following files will be generated in the `//src/rules//` directory: - - A `.ql` query file with the query metadata pre-populated, and the standard imports included. - - A `.md` query help file with some boilerplate text describing the purpose of the query. + +- A `.ql` query file with the query metadata pre-populated, and the standard imports included. +- A `.md` query help file with some boilerplate text describing the purpose of the query. For the standards AUTOSAR and MISRA the help files will generated in the `//src/rules/` directory of the cloned [codeql-coding-standards-help](https://github.com/github/codeql-coding-standards-help) repository if available, otherwise the help file generation is skipped. In addition, the following files will be generated in the `//test/rules//` directory: - - An empty `test.cpp` or `test.c` file. - - A `.qlref` file, which refers to the generated query file. - - A `.expected` file, which contains some boiler plate text. This ensures that when qltest is run, it will not succeed, but it will allow the "Compare results" option in the CodeQL VS Code extension (which is only usually available with an `.expected` results file). + +- An empty `test.cpp` or `test.c` file. +- A `.qlref` file, which refers to the generated query file. +- A `.expected` file, which contains some boiler plate text. This ensures that when qltest is run, it will not succeed, but it will allow the "Compare results" option in the CodeQL VS Code extension (which is only usually available with an `.expected` results file). The script can be safely re-run, except in a few notable cases listed below. Re-running the script has the following effect: - - Overwrites`.qlref` file. - - Updates the autogenerated sections of the `.md` file. - - Touches the `test.cpp`, `test.c`, and `.expected` files, to ensure they exist on disk, but does not modify them if they exist. - - Updates the `.ql` query by overwriting the query metadata block only. The QL portion of the file is left untouched. + +- Overwrites`.qlref` file. +- Updates the autogenerated sections of the `.md` file. +- Touches the `test.cpp`, `test.c`, and `.expected` files, to ensure they exist on disk, but does not modify them if they exist. +- Updates the `.ql` query by overwriting the query metadata block only. The QL portion of the file is left untouched. The notable exceptions are: - - If a `query` object is deleted from the rule package description file, it will not be deleted on disk. - - If a `query` object has the `short_name` property modified in the rule package description file, query files will be created under the new name, but the query files for the old name will not be deleted. + +- If a `query` object is deleted from the rule package description file, it will not be deleted on disk. +- If a `query` object has the `short_name` property modified in the rule package description file, query files will be created under the new name, but the query files for the old name will not be deleted. ### Updating the query from the rule specification Updates to the rule specification require an update of the generated queries files. -As described in _step 3_ of the section _Generation of query templates from rule specifications_ the script `scripts/generate_rules/generate_package_files.py` can be safely re-run with the documented exceptions. +As described in *step 3* of the section *Generation of query templates from rule specifications* the script `scripts/generate_rules/generate_package_files.py` can be safely re-run with the documented exceptions. Each property of a query in the rule specification can be changed and the generated query files can be updated by rerunning the script `scripts/generate_rules/generate_package_files.py` with exception of the property `query.shortname`. Updating the `query.shortname` property is discussed in the next section. @@ -309,30 +319,31 @@ Each property of a query in the rule specification can be changed and the genera Changing the `query.shortname` property requires a manual update process with the following steps. 1. Determine the query who's `query.shortname` property needs to be updated. -2. Change the `query.shortname` value and generate the query files as described in _step 3_ of the section _Generation of query templates from rule specifications_. +2. Change the `query.shortname` value and generate the query files as described in *step 3* of the section *Generation of query templates from rule specifications*. 3. Migrate the query definition (excluding the query meta-data) from the previous query file to the new query file identified with the updated shortname. 4. Migrate the relevant sections from query help file from the previous query help file to the new help query file identified with the updated shortname. 5. Migrate the test case expected file identified by old `.expected` to the update `.expected` name. -6. Validate that the new test case passes by following the procedure described in the section _Running unit tests_. +6. Validate that the new test case passes by following the procedure described in the section *Running unit tests*. 7. Remove the following files with `git rm ` where `query.shortname` reflects the old shortname in the directory `//src/rules//`: - `.ql` - `.md` ### Query style guide -The following list describes the required style guides for a query that **must** be validated during the code-review process described in section _Code review and automated checks_. +The following list describes the required style guides for a query that **must** be validated during the code-review process described in section *Code review and automated checks*. A query **must** include: - - A use of the `isExcluded` predicate on the element reported as the primary location. This predicate ensures that we have a central mechanism for excluding results. This predicate may also be used on other elements relevant to the alert, but only if a suppression on that element should also cause alerts on the current element to be suppressed. - - A well formatted alert message: - - The message should be a complete standalone sentence, with punctuation and a full stop. - - The message should refer to this particular instance of the problem, rather than repeating the generic rule. e.g. "Call to banned function x." instead of "Do not use function x." - - Code elements should be placed in 'single quotes', unless they are formatted as links. - - Avoid value judgments such as "dubious" and "suspicious", and focus on factual statements about the problem. - - If possible, avoid constant alert messages. Either add placeholders and links (using $@), or concatenate element names to the alert message. Non-constant messages make it easier to find particular results, and links to other program elements can help provide additional context to help a developer understand the results. Examples: - - Instead of `Call to banned function.` prefer `Call to banned function foobar.`. - - Instead of `Return value from call is unused.` prefer `Return value from call to function [x] is unused.`, where `[x]` is a link to the function itself. - - Do not try to explain the solution in the message; instead that should be provided in the help for the query. + +- A use of the `isExcluded` predicate on the element reported as the primary location. This predicate ensures that we have a central mechanism for excluding results. This predicate may also be used on other elements relevant to the alert, but only if a suppression on that element should also cause alerts on the current element to be suppressed. +- A well formatted alert message: + - The message should be a complete standalone sentence, with punctuation and a full stop. + - The message should refer to this particular instance of the problem, rather than repeating the generic rule. e.g. "Call to banned function x." instead of "Do not use function x." + - Code elements should be placed in 'single quotes', unless they are formatted as links. + - Avoid value judgments such as "dubious" and "suspicious", and focus on factual statements about the problem. + - If possible, avoid constant alert messages. Either add placeholders and links (using $@), or concatenate element names to the alert message. Non-constant messages make it easier to find particular results, and links to other program elements can help provide additional context to help a developer understand the results. Examples: + - Instead of `Call to banned function.` prefer `Call to banned function foobar.`. + - Instead of `Return value from call is unused.` prefer `Return value from call to function [x] is unused.`, where `[x]` is a link to the function itself. + - Do not try to explain the solution in the message; instead that should be provided in the help for the query. All public predicates, classes, modules and files should be documented with QLDoc. All QLDoc should follow the [QLDoc style guide](https://github.com/github/codeql/blob/main/docs/qldoc-style-guide.md). @@ -345,21 +356,23 @@ Because the downloaded packs are cached, it is only necessary to run `install-pa ### Unit testing Every query which implements a rule **must** include: -- One or more unit tests. -- One or more unit tests for every non-trivial library. -- For each unit test both "compliant" and "non-compliant" test cases, and should exercise each different logical condition uniquely provided in the query, where possible within the testing framework. The scope of each test should be those conditions specific to this query. In particular, functionality provided by the CodeQL Standard Library for C++ does not need to be tested. + +- One or more unit tests. +- One or more unit tests for every non-trivial library. +- For each unit test both "compliant" and "non-compliant" test cases, and should exercise each different logical condition uniquely provided in the query, where possible within the testing framework. The scope of each test should be those conditions specific to this query. In particular, functionality provided by the CodeQL Standard Library for C++ does not need to be tested. #### Running unit tests During query development in VS Code, the unit tests can be run using the [testing features](https://codeql.github.com/docs/codeql-for-visual-studio-code/testing-codeql-queries-in-visual-studio-code/) in the CodeQL extension. Unit tests can also be run on the command line using the CodeQL CLI. With an appropriate CodeQL CLI (as specified in the `supported_codeql_configs.json` at the root of the repository), you can run the following from the root of the repository: -``` + +```bash codeql test run --show-extractor-output path/to/test/directory ``` -* `--show-extractor-output` - this shows the output from the extractor. It is most useful when the test fails because the file is not valid C++, where the extractor output will include the compilation failure. This is not shown in VS Code. -* `path/to/test/directory` - this can be a qlref file (like `cpp/autosar/test/rules/A15-2-2/`), a rule directory (`cpp/autosar/test/rules/A15-2-2/`) or a test qlpack (`cpp/autosar/test/`). +- `--show-extractor-output` - this shows the output from the extractor. It is most useful when the test fails because the file is not valid C++, where the extractor output will include the compilation failure. This is not shown in VS Code. +- `path/to/test/directory` - this can be a qlref file (like `cpp/autosar/test/rules/A15-2-2/`), a rule directory (`cpp/autosar/test/rules/A15-2-2/`) or a test qlpack (`cpp/autosar/test/`). For more details on running unit tests with the CodeQL CLI see the [Testing custom queries](https://codeql.github.com/docs/codeql-cli/testing-custom-queries/) help topic. @@ -367,27 +380,31 @@ For more details on running unit tests with the CodeQL CLI see the [Testing cust The C++ test cases **must** be formatted with `clang_format`. - - Test functions should be called `test_`, where `` is a brief description of this test case. +- Test functions should be called `test_`, where `` is a brief description of this test case. If possible, use meaningful names for elements in test cases. Where arbitrary names are required, you may use the following: - - Local variables should be named `l`, with i incremented for each new variable. - - Global variables should be named `g`, with i incremented for each new variable. - - Functions should be named `f`, with i incremented for each new variable. - - Member variables should be named `m`, with i incremented for each new variable. +- Local variables should be named `l`, with i incremented for each new variable. +- Global variables should be named `g`, with i incremented for each new variable. +- Functions should be named `f`, with i incremented for each new variable. +- Member variables should be named `m`, with i incremented for each new variable. Test cases **must** be annotated with a line-ending comment in this format: -``` + +```regexp (COMPLIANT(\[FALSE_POSITIVE\])?|NON_COMPLIANT(\[FALSE_NEGATIVE\])?)( - .*)? ``` + Where: - - `COMPLIANT` is added if the line represents a "compliant" test case - - The annotation `[FALSE_POSITIVE]` is added if the query currently reports this result. - - `NON_COMPLIANT` is chosen if the line represents a non-compliant test case - - The annotation `[FALSE_NEGATIVE]` is added if the query currently does not report this result. + +- `COMPLIANT` is added if the line represents a "compliant" test case + - The annotation `[FALSE_POSITIVE]` is added if the query currently reports this result. +- `NON_COMPLIANT` is chosen if the line represents a non-compliant test case + - The annotation `[FALSE_NEGATIVE]` is added if the query currently does not report this result. For example: -``` + +```cpp "\s"; // NON_COMPLIANT[FALSE_NEGATIVE] "\n"; // COMPLIANT "\U00000024"; // COMPLIANT[FALSE_POSITIVE] @@ -396,11 +413,12 @@ For example: #### Copying test code Like the `github/codeql` repository, the contents of our test files should not be copied from external sources (third-party code, personal projects, standard libraries). The only exceptions to this rule are the copying of declarations from: - - [ISO/IEC Programming languages - C](https://www.iso.org/standard/74528.html) (all versions) - - [ISO/IEC Programming languages - C++](https://www.iso.org/standard/68564.html) (all versions) - - Code from existing queries and tests in the `github/codeql` repository. - - Code from existing queries and tests in this repository. - - Code in the public domain + +- [ISO/IEC Programming languages - C](https://www.iso.org/standard/74528.html) (all versions) +- [ISO/IEC Programming languages - C++](https://www.iso.org/standard/68564.html) (all versions) +- Code from existing queries and tests in the `github/codeql` repository. +- Code from existing queries and tests in this repository. +- Code in the public domain This policy is based on the public policy for `github/codeql` as specified at [github/codeql: C++ Unit Tests - Copying code](https://github.com/github/codeql/blob/main/cpp/ql/test/README.md#copying-code). @@ -416,8 +434,8 @@ We have therefore implemented a partial "stub" standard library in the `cpp/comm Each proposed changed to `main` or a release branch is required to go through a code review process. This involves: - - A review and explicit approval by at least one other team member with "Write" access to the repository. - - Running automated checks that validate and verify the change and ensuring they pass. +- A review and explicit approval by at least one other team member with "Write" access to the repository. +- Running automated checks that validate and verify the change and ensuring they pass. This is implemented by requiring that proposed changes are submitted as pull requests to the GitHub repository hosting the queries, and is enforced by enabling GitHub [branch protection](https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/about-protected-branches) policies on the `main` and the release branches. @@ -427,10 +445,10 @@ An approving review and a "passing" state from every "Required" automated check The following automated checks are run on every push and pull request to `main` and to the release branches: - * Running the CodeQL Coding Standard unit tests against supported CodeQL CLIs and CodeQL Standard Libraries for C++. - * Validating that release artifacts can be created for that branch. - * Validating style rules for queries and test files. - * Confirming that the query help files are valid. +- Running the CodeQL Coding Standard unit tests against supported CodeQL CLIs and CodeQL Standard Libraries for C++. +- Validating that release artifacts can be created for that branch. +- Validating style rules for queries and test files. +- Confirming that the query help files are valid. These automated checks should pass before the pull request is merged. @@ -447,18 +465,22 @@ For proposed changes that modify the released artifacts an entry must be include For proposed changes which only add new queries or support for new rules, this process is fully automated, by reviewing differences in rule package metadata files between releases. For proposed changes which change: - - The structure or layout of the release artifacts. - - The evaluation performance (memory, execution time) of an existing query. - - The results of an existing query. -A _change note_ must be added to the `change_notes` directory. The format of the change notes is to create a file with a name matching the following pattern: -``` +- The structure or layout of the release artifacts. +- The evaluation performance (memory, execution time) of an existing query. +- The results of an existing query. + +A *change note* must be added to the `change_notes` directory. The format of the change notes is to create a file with a name matching the following pattern: + +```bash YYYY-MM-DD-short-name-for-issue.md ``` + For example `2021-06-29-remove-incompatibility-codeql-cli-2.5.6.md`. The contents of the file should be a markdown list (using `-`) with a user facing message specifying the nature of the change. If the changes relate to specific queries, then the top-level entry should specify the rule and query, and should provide a nested list of the changes. For example: -``` + +```md - `A12-8-6` - `CopyAndMoveNotDeclaredProtected.ql`: - Fixed issue #174 - a result is now only reported when the declaring class is either used as a base class in the database, or where the class is abstract. - Fixed a bug where exclusions did not apply to invalid assignment operators. @@ -469,50 +491,53 @@ The contents of the file should be a markdown list (using `-`) with a user facin ### External dependencies There are two external dependencies required for running the coding standards queries: - 1. The CodeQL CLI, the command line tool for building CodeQL databases and running queries over those databases. - 2. The CodeQL Standard Library + +1. The CodeQL CLI, the command line tool for building CodeQL databases and running queries over those databases. +2. The CodeQL Standard Library For the purpose of this repository, and any tool qualification, we consider these external dependencies to be "black boxes" which require verification when upgrading. To (a) clearly specify the supported versions of these external dependencies and to (b) enable automation around them, the repository contains a `supported_codeql_configs.json` which lists the sets of supported configurations. There are four fields: - * `codeql_cli` - this is the plain version number of the supported CodeQL CLI, e.g. `2.6.3`. - * `codeql_standard_library` - this is the name of a tag on the `github.com/github/codeql` repository. The tag should be compatible with the CodeQL CLI given above. This would typically use the `codeql-cli/v` tag for the release, although any tag which is compatible is allowed. - * `codeql_cli_bundle` - (optional) - if present, describes the CodeQL CLI bundle version that is compatible. The bundle should include precisely the CodeQL CLI version and CodeQL Standard Library versions specified in the two mandatory fields. - * `ghes` - (optional) - if present describes the GitHub Enterprise Server release whose integrated copy of the CodeQL Action points to the CodeQL CLI bundle specified in the `codeql_cli_bundle` field. +- `codeql_cli` - this is the plain version number of the supported CodeQL CLI, e.g. `2.6.3`. +- `codeql_standard_library` - this is the name of a tag on the `github.com/github/codeql` repository. The tag should be compatible with the CodeQL CLI given above. This would typically use the `codeql-cli/v` tag for the release, although any tag which is compatible is allowed. +- `codeql_cli_bundle` - (optional) - if present, describes the CodeQL CLI bundle version that is compatible. The bundle should include precisely the CodeQL CLI version and CodeQL Standard Library versions specified in the two mandatory fields. +- `ghes` - (optional) - if present describes the GitHub Enterprise Server release whose integrated copy of the CodeQL Action points to the CodeQL CLI bundle specified in the `codeql_cli_bundle` field. #### Upgrading external dependencies To upgrade the CodeQL external dependencies: - 1. Determine appropriate versions of the CodeQL CLI and `github/codeql` repository, according to the release schedule and customer demands. - 2. Determine if there is a compatible CodeQL CLI bundle version by looking at the releases specified at https://github.com/github/codeql-action/releases. The bundle always includes the standard library at the version specified by the `codeql-cli/v` tag in the `github/codeql` repository. - 3. If you find a compatible CodeQL CLI bundle, determine whether that bundle was released in a GitHub Enterprise server release, by inspecting the `defaults.json` file at https://github.com/github/codeql-action/blob/main/lib/defaults.json#L2 for the CodeQL Action submitted with - 4. Populated the `supported_codeql_configs.json` file with the given values, ensuring to delete the optional fields if they are not populated. - 5. Update the `codeql_modules/codeql` submodule pointer to the `codeql_standard_library` tag identified. - 6. Submit a Pull Request to the `github/codeql-coding-standards` repository with the title `Upgrade `github/codeql` dependency to `. Use this template for the description, filling : - ``` - This PR updates the `supported_codeql_configs.json` file to target: - - - CodeQL CLI - - CodeQL Standard Library - - GHES - - CodeQL CLI Bundle - - > - - - ## CodeQL dependency upgrade checklist: - - - [ ] Reformat our CodeQL using the latest version (if required) - - [ ] Identify any CodeQL compiler warnings and errors, and update queries as required. - - [ ] Validate that the `github/codeql` test cases succeed. - - [ ] Address any CodeQL test failures in the `github/codeql-coding-standards` repository. - - [ ] Validate performance vs pre-upgrade - ``` - 7. Follow the dependency upgrade checklist, confirming each step. The `.github/workflows/standard_library_upgrade_tests.yml` will trigger automation for running the `github/codeql` unit tests with the appropriate CLI version. - 8. Once all the automate tests have passed, and the checklist is complete, the PR can be merged. - 9. An internal notification should be shared with the development team. +1. Determine appropriate versions of the CodeQL CLI and `github/codeql` repository, according to the release schedule and customer demands. +2. Determine if there is a compatible CodeQL CLI bundle version by looking at the releases specified at [CodeQL Action releases](https://github.com/github/codeql-action/releases). The bundle always includes the standard library at the version specified by the `codeql-cli/v` tag in the `github/codeql` repository. +3. If you find a compatible CodeQL CLI bundle, determine whether that bundle was released in a GitHub Enterprise server release, by inspecting the `defaults.json` file at https://github.com/github/codeql-action/blob/main/lib/defaults.json#L2 for the CodeQL Action submitted with +4. Populated the `supported_codeql_configs.json` file with the given values, ensuring to delete the optional fields if they are not populated. +5. Update the `codeql_modules/codeql` submodule pointer to the `codeql_standard_library` tag identified. +6. Submit a Pull Request to the `github/codeql-coding-standards` repository with the title `Upgrade `github/codeql` dependency to `. Use this template for the description, filling : + + ```md + This PR updates the `supported_codeql_configs.json` file to target: + + - CodeQL CLI + - CodeQL Standard Library + - GHES + - CodeQL CLI Bundle + + > + + + ## CodeQL dependency upgrade checklist: + + - [ ] Reformat our CodeQL using the latest version (if required) + - [ ] Identify any CodeQL compiler warnings and errors, and update queries as required. + - [ ] Validate that the `github/codeql` test cases succeed. + - [ ] Address any CodeQL test failures in the `github/codeql-coding-standards` repository. + - [ ] Validate performance vs pre-upgrade + ``` + +7. Follow the dependency upgrade checklist, confirming each step. The `.github/workflows/standard_library_upgrade_tests.yml` will trigger automation for running the `github/codeql` unit tests with the appropriate CLI version. +8. Once all the automate tests have passed, and the checklist is complete, the PR can be merged. +9. An internal notification should be shared with the development team. ### Release process @@ -543,7 +568,7 @@ Version numbers follow semantic versioning and adhere to the following guideline Given the version `..`: 1. If the release only fixes bugs, increment the `PATCH` number only. -2. If a release contains additional queries, increment the `MINOR` version number and set the `PATCH` number to 0. Note this may also contain fixes in addition to new queries. +2. If a release contains additional queries, increment the `MINOR` version number and set the `PATCH` number to 0. Note this may also contain fixes in addition to new queries. 3. Otherwise, if the release contains breaking changes such as removing queries, increment the `MAJOR` version number and set `MINOR` and `PATCH` to zero. #### Release management @@ -595,9 +620,9 @@ If a release has been marked public, the release can no longer be restarted or r ## False Positive Triage Rubric -When triaging issues in Coding Standards, please refer to the following rubric for making classifications. +When triaging issues in Coding Standards, please refer to the following rubric for making classifications. -**Impact** +### Impact | Level | Definition | | ------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | @@ -605,7 +630,7 @@ When triaging issues in Coding Standards, please refer to the following rubric f | Impact-Medium | Issue occurs in production code bases with relatively low to moderate frequency. Issue may or may not be considered disruptive to customer. | | Impact-Low | Issue may not occur in production code bases and may require hand crafted examples to surface. If the issue occurs in production code bases it occurs either infrequently or impacts only a few codebases. | -**Difficulty** +### Difficulty | Level | Definition | | ------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | @@ -626,20 +651,19 @@ Requirements and project planning are maintained separately within an internal r ### Purpose ot the `next` branch -This git repository also has a [`next` branch](https://github.com/github/codeql-coding-standards/tree/next). The purpose of this branch is to track changes that that will become necessary when upgrading the CodeQL external dependencies as described in section _Upgrading external dependencies_. The changes on the `next` branch will undergo only light reviewing. As such, a full review as described in section _Code review and automated checks_ is required when merging these changes into `main`; no releases should be made from the `next` branch. We aim to ensure that the changes on the `next` branch are as complete as possible so that merging into `main` will be straightforward. +This git repository also has a [`next` branch](https://github.com/github/codeql-coding-standards/tree/next). The purpose of this branch is to track changes that that will become necessary when upgrading the CodeQL external dependencies as described in section *Upgrading external dependencies*. The changes on the `next` branch will undergo only light reviewing. As such, a full review as described in section *Code review and automated checks* is required when merging these changes into `main`; no releases should be made from the `next` branch. We aim to ensure that the changes on the `next` branch are as complete as possible so that merging into `main` will be straightforward. ## Task Automation -In the `.vscode` directory this repository comes with a `tasks.json` file which automates some of the tasks described in this document. To access them, in VSCode use `Ctrl+Shift+P` and select `Run Task`. +In the `.vscode` directory this repository comes with a `tasks.json` file which automates some of the tasks described in this document. To access them, in VSCode use `Ctrl+Shift+P` and select `Run Task`. Available Tasks: 1. 🔥 Standards Automation: Initialize: Sets up your Python environment. -2. 📏 Standards Automation: Generate Rule Description File: Generates the rule description file for a package. -3. 📦 Standards Automation: Generate Package Files: Re/generates the files for a package. This command will remember your last arguments so you can just do `Rerun Last Task` in vscode unless you wish to change the arguments. +2. 📏 Standards Automation: Generate Rule Description File: Generates the rule description file for a package. +3. 📦 Standards Automation: Generate Package Files: Re/generates the files for a package. This command will remember your last arguments so you can just do `Rerun Last Task` in vscode unless you wish to change the arguments. 4. 📝 Standards Automation: Format CodeQL: Formats the current file with the codeql formatter. -5. ⚡ Standards Automation: Generated Expected Output: Generates the expected output from the current `.qlref` file in your `tests/` directory. - +5. ⚡ Standards Automation: Generated Expected Output: Generates the expected output from the current `.qlref` file in your `tests/` directory. ## Cookbook @@ -714,7 +738,7 @@ codeql test accept \ ### Troubleshooting: Unrecoverable mismatch between extractor and library dbschemes -The following error could be indicative of the Git submodule _codeql-coding-standards/github_modules_ being out-of-date: +The following error could be indicative of the Git submodule *codeql-coding-standards/github_modules* being out-of-date: >Could not upgrade the dataset in /path/to/codeql-coding-standards/cpp/autosar/test/rules/...: Unrecoverable mismatch between extractor and library dbschemes. From 354af3b5751125fb09be7bc4f05e142804176ef1 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 11 Oct 2023 15:19:28 -0700 Subject: [PATCH 1395/2573] Update the query generate to the new format --- scripts/generate_rules/generate_package_files.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/scripts/generate_rules/generate_package_files.py b/scripts/generate_rules/generate_package_files.py index 98bc1b5595..cebd9aadab 100644 --- a/scripts/generate_rules/generate_package_files.py +++ b/scripts/generate_rules/generate_package_files.py @@ -182,8 +182,7 @@ def write_shared_implementation(package_name, rule_id, query, language_name, ql_ + "\n" ) f.write("\n"); - f.write("class TestFileQuery extends " + str(query["shared_implementation_short_name"]) + "SharedQuery, TestQuery {\n") - f.write("}\n") + f.write("class TestFileQuery extends " + str(query["shared_implementation_short_name"]) + "SharedQuery, TestQuery { }") # Create an empty test file, if one doesn't already exist shared_impl_test_dir.joinpath( From 14291c80aa09d86857974d8cf1550086ed67f295 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 16 Oct 2023 09:58:42 -0700 Subject: [PATCH 1396/2573] Update formatting of generated shared tests --- scripts/generate_rules/generate_package_files.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/scripts/generate_rules/generate_package_files.py b/scripts/generate_rules/generate_package_files.py index cebd9aadab..98bc1b5595 100644 --- a/scripts/generate_rules/generate_package_files.py +++ b/scripts/generate_rules/generate_package_files.py @@ -182,7 +182,8 @@ def write_shared_implementation(package_name, rule_id, query, language_name, ql_ + "\n" ) f.write("\n"); - f.write("class TestFileQuery extends " + str(query["shared_implementation_short_name"]) + "SharedQuery, TestQuery { }") + f.write("class TestFileQuery extends " + str(query["shared_implementation_short_name"]) + "SharedQuery, TestQuery {\n") + f.write("}\n") # Create an empty test file, if one doesn't already exist shared_impl_test_dir.joinpath( From e1935fabd7ae9f58863ae7280b97e089043d53bf Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 16 Oct 2023 14:09:55 -0700 Subject: [PATCH 1397/2573] Print CodeQL version for debugging purposes --- .github/workflows/validate-query-formatting.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/validate-query-formatting.yml b/.github/workflows/validate-query-formatting.yml index b1007c47ac..e4c6871ad5 100644 --- a/.github/workflows/validate-query-formatting.yml +++ b/.github/workflows/validate-query-formatting.yml @@ -36,6 +36,7 @@ jobs: env: LANGUAGE: ${{ matrix.language }} run: | + codeql version find $LANGUAGE \( -name \*.ql -or -name \*.qll \) -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql query format --in-place git diff From 272596ac2a618172bc06af877d60f24c9198741b Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 17 Oct 2023 11:29:25 +0100 Subject: [PATCH 1398/2573] Revert "Update formatting of test queries for shared rules." This reverts commit 1193b8d721b7ca8c05231b768f4394a544d864f8. --- .../CloseFileHandleWhenNoLongerNeededShared.ql | 3 +-- c/common/test/rules/commaoperatorused/CommaOperatorUsed.ql | 3 +-- .../ConstantUnsignedIntegerExpressionsWrapAround.ql | 3 +-- .../test/rules/constlikereturnvalue/ConstLikeReturnValue.ql | 3 +-- c/common/test/rules/deadcode/DeadCode.ql | 3 +-- .../DeclaredAReservedIdentifier.ql | 3 +-- .../dereferenceofnullpointer/DereferenceOfNullPointer.ql | 3 +-- .../rules/donotaccessaclosedfile/DoNotAccessAClosedFile.ql | 3 +-- .../DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql | 3 +-- .../DoNotDestroyAMutexWhileItIsLocked.ql | 3 +-- .../DoNotSubtractPointersAddressingDifferentArrays.ql | 3 +-- .../DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql | 3 +-- .../DoNotUseRandForGeneratingPseudorandomNumbers.ql | 3 +-- .../DoNotUseRelationalOperatorsWithDifferingArrays.ql | 3 +-- .../FreeMemoryWhenNoLongerNeededShared.ql | 3 +-- .../rules/gotostatementcondition/GotoStatementCondition.ql | 3 +-- .../rules/guardaccesstobitfields/GuardAccessToBitFields.ql | 3 +-- c/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql | 3 +-- c/common/test/rules/identifierhidden/IdentifierHidden.ql | 3 +-- .../ifelseterminationconstruct/IfElseTerminationConstruct.ql | 3 +-- .../test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql | 3 +-- .../InformationLeakageAcrossBoundaries.ql | 3 +-- .../InvalidatedEnvStringPointers.ql | 3 +-- .../InvalidatedEnvStringPointersWarn.ql | 3 +-- .../IOFstreamMissingPositioning.ql | 3 +-- .../MacroParameterNotEnclosedInParentheses.ql | 3 +-- .../MemcmpUsedToComparePaddingData.ql | 3 +-- .../test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql | 3 +-- c/common/test/rules/nonconstantformat/NonConstantFormat.ql | 3 +-- .../NonVoidFunctionDoesNotReturn.ql | 3 +-- .../rules/notdistinctidentifier/NotDistinctIdentifier.ql | 3 +-- .../OnlyFreeMemoryAllocatedDynamicallyShared.ql | 3 +-- .../PreprocessingDirectiveWithinMacroArgument.ql | 3 +-- .../PreprocessorIncludesForbiddenHeaderNames.ql | 3 +-- .../PreprocessorIncludesPreceded.ql | 3 +-- .../PreserveSafetyWhenUsingConditionVariables.ql | 3 +-- .../PreventDeadlockByLockingInPredefinedOrder.ql | 3 +-- .../readofuninitializedmemory/ReadOfUninitializedMemory.ql | 3 +-- .../SectionsOfCodeShallNotBeCommentedOut.ql | 3 +-- .../SwitchCasePositionCondition.ql | 3 +-- .../test/rules/switchnotwellformed/SwitchNotWellFormed.ql | 3 +-- c/common/test/rules/typeomitted/TypeOmitted.ql | 3 +-- .../UncheckedRangeDomainPoleErrors.ql | 3 +-- .../undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql | 3 +-- .../UnnecessaryExposedIdentifierDeclarationShared.ql | 3 +-- c/common/test/rules/unreachablecode/UnreachableCode.ql | 3 +-- c/common/test/rules/unusedparameter/UnusedParameter.ql | 3 +-- .../rules/unusedtypedeclarations/UnusedTypeDeclarations.ql | 3 +-- .../UsageOfAssemblerNotDocumented.ql | 3 +-- .../UseOnlyArrayIndexingForPointerArithmetic.ql | 3 +-- .../wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql | 3 +-- .../AccessOfUndefinedMemberThroughNullPointer.ql | 3 +-- ...cessOfUndefinedMemberThroughUninitializedStaticPointer.ql | 5 +++-- .../BasicStringMayNotBeNullTerminated.ql | 3 +-- .../test/rules/catchblockshadowing/CatchBlockShadowing.ql | 3 +-- .../CatchExceptionsByLvalueReference.ql | 3 +-- cpp/common/test/rules/commaoperatorused/CommaOperatorUsed.ql | 3 +-- .../ConditionVariablePostConditionFailed.ql | 3 +-- .../ConstantUnsignedIntegerExpressionsWrapAround.ql | 3 +-- .../ContainerAccessWithoutRangeCheck.ql | 3 +-- .../DanglingCaptureWhenMovingLambdaObject.ql | 3 +-- .../DanglingCaptureWhenReturningLambdaObject.ql | 3 +-- cpp/common/test/rules/deadcode/DeadCode.ql | 3 +-- .../DeleteOfPointerToIncompleteClass.ql | 3 +-- .../dereferenceofnullpointer/DereferenceOfNullPointer.ql | 3 +-- .../DestroyedValueReferencedInDestructorCatchBlock.ql | 3 +-- .../DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql | 3 +-- .../DoNotDestroyAMutexWhileItIsLocked.ql | 3 +-- .../DoNotSubtractPointersAddressingDifferentArrays.ql | 3 +-- .../DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql | 3 +-- .../DoNotUseRandForGeneratingPseudorandomNumbers.ql | 3 +-- .../DoNotUseRelationalOperatorsWithDifferingArrays.ql | 3 +-- .../DoNotUseSetjmpOrLongjmpShared.ql | 3 +-- .../exceptionsafetyguarantees/ExceptionSafetyGuarantees.ql | 3 +-- .../exceptionsafetyvalidstate/ExceptionSafetyValidState.ql | 3 +-- .../exithandlerthrowsexception/ExitHandlerThrowsException.ql | 3 +-- .../explicitabrupttermination/ExplicitAbruptTermination.ql | 3 +-- .../FunctionNoReturnAttributeCondition.ql | 3 +-- .../rules/gotostatementcondition/GotoStatementCondition.ql | 3 +-- .../rules/guardaccesstobitfields/GuardAccessToBitFields.ql | 3 +-- .../HandleAllExceptionsDuringStartup.ql | 3 +-- cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql | 3 +-- cpp/common/test/rules/identifierhidden/IdentifierHidden.ql | 3 +-- .../ifelseterminationconstruct/IfElseTerminationConstruct.ql | 3 +-- .../test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql | 3 +-- .../InformationLeakageAcrossBoundaries.ql | 3 +-- .../IOFstreamMissingPositioning.ql | 3 +-- .../JoinableThreadCopiedOrDestroyed.ql | 3 +-- .../MacroParameterNotEnclosedInParentheses.ql | 3 +-- .../MemcmpUsedToComparePaddingData.ql | 3 +-- .../MovedFromObjectsUnspecifiedState.ql | 3 +-- .../test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql | 3 +-- cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql | 3 +-- .../rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql | 3 +-- cpp/common/test/rules/nonconstantformat/NonConstantFormat.ql | 3 +-- .../NonStandardEntitiesInStandardNamespaces.ql | 3 +-- .../NonVoidFunctionDoesNotReturn.ql | 3 +-- .../ObjectAccessedAfterLifetime.ql | 3 +-- .../ObjectAccessedBeforeLifetime.ql | 3 +-- .../onedefinitionruleviolation/OneDefinitionRuleViolation.ql | 3 +-- .../OperationMayNotNullTerminateCStyleString.ql | 3 +-- .../OperatorDeleteMissingPartner.ql | 3 +-- .../OrderingPredicateMustBeStrictlyWeak.ql | 3 +-- .../OwnedPointerValueStoredInUnrelatedSmartPointer.ql | 3 +-- .../PlacementNewInsufficientStorage.ql | 3 +-- .../PlacementNewNotProperlyAligned.ql | 3 +-- .../PredicateFunctionObjectsShouldNotBeMutable.ql | 3 +-- .../PreprocessingDirectiveWithinMacroArgument.ql | 3 +-- .../PreprocessorIncludesForbiddenHeaderNames.ql | 3 +-- .../PreprocessorIncludesPreceded.ql | 3 +-- .../PreserveSafetyWhenUsingConditionVariables.ql | 3 +-- .../PreventDeadlockByLockingInPredefinedOrder.ql | 3 +-- .../readofuninitializedmemory/ReadOfUninitializedMemory.ql | 3 +-- .../RemoveConstOrVolatileQualification.ql | 3 +-- .../RethrowNestedWithoutCapture.ql | 3 +-- .../SectionsOfCodeShallNotBeCommentedOut.ql | 3 +-- .../StringNumberConversionMissingErrorCheck.ql | 3 +-- .../SwitchCasePositionCondition.ql | 3 +-- .../test/rules/switchnotwellformed/SwitchNotWellFormed.ql | 3 +-- .../ThrowingNoThrowOperatorNewDelete.ql | 3 +-- .../ThrowingOperatorNewReturnsNull.ql | 3 +-- .../ThrowingOperatorNewThrowsInvalidException.ql | 3 +-- .../UncheckedRangeDomainPoleErrors.ql | 3 +-- .../undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql | 3 +-- .../UnnecessaryExposedIdentifierDeclarationShared.ql | 3 +-- cpp/common/test/rules/unreachablecode/UnreachableCode.ql | 3 +-- cpp/common/test/rules/unusedparameter/UnusedParameter.ql | 3 +-- .../rules/unusedtypedeclarations/UnusedTypeDeclarations.ql | 3 +-- .../UsageOfAssemblerNotDocumented.ql | 3 +-- .../UseCanonicalOrderForMemberInit.ql | 3 +-- .../UseOnlyArrayIndexingForPointerArithmetic.ql | 3 +-- .../ValidContainerElementAccess.ql | 3 +-- .../wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql | 3 +-- scripts/generate_rules/generate_package_files.py | 3 +-- 134 files changed, 136 insertions(+), 268 deletions(-) diff --git a/c/common/test/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.ql b/c/common/test/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.ql index a208410321..9e657b351a 100644 --- a/c/common/test/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.ql +++ b/c/common/test/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.closefilehandlewhennolongerneededshared.CloseFileHandleWhenNoLongerNeededShared -class TestFileQuery extends CloseFileHandleWhenNoLongerNeededSharedSharedQuery, TestQuery { -} +class TestFileQuery extends CloseFileHandleWhenNoLongerNeededSharedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/commaoperatorused/CommaOperatorUsed.ql b/c/common/test/rules/commaoperatorused/CommaOperatorUsed.ql index b6c91e6eb2..2fe294762e 100644 --- a/c/common/test/rules/commaoperatorused/CommaOperatorUsed.ql +++ b/c/common/test/rules/commaoperatorused/CommaOperatorUsed.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.commaoperatorused.CommaOperatorUsed -class TestFileQuery extends CommaOperatorUsedSharedQuery, TestQuery { -} +class TestFileQuery extends CommaOperatorUsedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql b/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql index b12383aabb..c77ee1c66a 100644 --- a/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql +++ b/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.constantunsignedintegerexpressionswraparound.ConstantUnsignedIntegerExpressionsWrapAround -class TestFileQuery extends ConstantUnsignedIntegerExpressionsWrapAroundSharedQuery, TestQuery { -} +class TestFileQuery extends ConstantUnsignedIntegerExpressionsWrapAroundSharedQuery, TestQuery { } diff --git a/c/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.ql b/c/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.ql index c598883031..53c27eb3ce 100644 --- a/c/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.ql +++ b/c/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.constlikereturnvalue.ConstLikeReturnValue -class TestFileQuery extends ConstLikeReturnValueSharedQuery, TestQuery { -} +class TestFileQuery extends ConstLikeReturnValueSharedQuery, TestQuery { } diff --git a/c/common/test/rules/deadcode/DeadCode.ql b/c/common/test/rules/deadcode/DeadCode.ql index b38dba26d7..dcd7fce840 100644 --- a/c/common/test/rules/deadcode/DeadCode.ql +++ b/c/common/test/rules/deadcode/DeadCode.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.deadcode.DeadCode -class TestFileQuery extends DeadCodeSharedQuery, TestQuery { -} +class TestFileQuery extends DeadCodeSharedQuery, TestQuery { } diff --git a/c/common/test/rules/declaredareservedidentifier/DeclaredAReservedIdentifier.ql b/c/common/test/rules/declaredareservedidentifier/DeclaredAReservedIdentifier.ql index 707ef3ccbe..f091b0aaaa 100644 --- a/c/common/test/rules/declaredareservedidentifier/DeclaredAReservedIdentifier.ql +++ b/c/common/test/rules/declaredareservedidentifier/DeclaredAReservedIdentifier.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.declaredareservedidentifier.DeclaredAReservedIdentifier -class TestFileQuery extends DeclaredAReservedIdentifierSharedQuery, TestQuery { -} +class TestFileQuery extends DeclaredAReservedIdentifierSharedQuery, TestQuery { } diff --git a/c/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql b/c/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql index cf9fdf6071..c8dc62e67c 100644 --- a/c/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql +++ b/c/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.dereferenceofnullpointer.DereferenceOfNullPointer -class TestFileQuery extends DereferenceOfNullPointerSharedQuery, TestQuery { -} +class TestFileQuery extends DereferenceOfNullPointerSharedQuery, TestQuery { } diff --git a/c/common/test/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.ql b/c/common/test/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.ql index 1087134c19..d3b8b9ea3a 100644 --- a/c/common/test/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.ql +++ b/c/common/test/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotaccessaclosedfile.DoNotAccessAClosedFile -class TestFileQuery extends DoNotAccessAClosedFileSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotAccessAClosedFileSharedQuery, TestQuery { } diff --git a/c/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql b/c/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql index 9aac0f1c09..ceae7e6a9e 100644 --- a/c/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql +++ b/c/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotallowamutextogooutofscopewhilelocked.DoNotAllowAMutexToGoOutOfScopeWhileLocked -class TestFileQuery extends DoNotAllowAMutexToGoOutOfScopeWhileLockedSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotAllowAMutexToGoOutOfScopeWhileLockedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql b/c/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql index b2fdab8eea..96ea58009e 100644 --- a/c/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql +++ b/c/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotdestroyamutexwhileitislocked.DoNotDestroyAMutexWhileItIsLocked -class TestFileQuery extends DoNotDestroyAMutexWhileItIsLockedSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotDestroyAMutexWhileItIsLockedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql b/c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql index cc9cb834e0..374a6fc52b 100644 --- a/c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql +++ b/c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotsubtractpointersaddressingdifferentarrays.DoNotSubtractPointersAddressingDifferentArrays -class TestFileQuery extends DoNotSubtractPointersAddressingDifferentArraysSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotSubtractPointersAddressingDifferentArraysSharedQuery, TestQuery { } diff --git a/c/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql b/c/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql index ddaa0399b2..edef2c1127 100644 --- a/c/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql +++ b/c/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotusemorethantwolevelsofpointerindirection.DoNotUseMoreThanTwoLevelsOfPointerIndirection -class TestFileQuery extends DoNotUseMoreThanTwoLevelsOfPointerIndirectionSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotUseMoreThanTwoLevelsOfPointerIndirectionSharedQuery, TestQuery { } diff --git a/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql b/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql index c6e0f0e58a..3ad5626256 100644 --- a/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql +++ b/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotuserandforgeneratingpseudorandomnumbers.DoNotUseRandForGeneratingPseudorandomNumbers -class TestFileQuery extends DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery, TestQuery { } diff --git a/c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql b/c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql index 647ee40426..bceb46bf63 100644 --- a/c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql +++ b/c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotuserelationaloperatorswithdifferingarrays.DoNotUseRelationalOperatorsWithDifferingArrays -class TestFileQuery extends DoNotUseRelationalOperatorsWithDifferingArraysSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotUseRelationalOperatorsWithDifferingArraysSharedQuery, TestQuery { } diff --git a/c/common/test/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.ql b/c/common/test/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.ql index 8b89cb900c..27683eddfb 100644 --- a/c/common/test/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.ql +++ b/c/common/test/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.freememorywhennolongerneededshared.FreeMemoryWhenNoLongerNeededShared -class TestFileQuery extends FreeMemoryWhenNoLongerNeededSharedSharedQuery, TestQuery { -} +class TestFileQuery extends FreeMemoryWhenNoLongerNeededSharedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/gotostatementcondition/GotoStatementCondition.ql b/c/common/test/rules/gotostatementcondition/GotoStatementCondition.ql index 2317d5c7db..89768a3022 100644 --- a/c/common/test/rules/gotostatementcondition/GotoStatementCondition.ql +++ b/c/common/test/rules/gotostatementcondition/GotoStatementCondition.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.gotostatementcondition.GotoStatementCondition -class TestFileQuery extends GotoStatementConditionSharedQuery, TestQuery { -} +class TestFileQuery extends GotoStatementConditionSharedQuery, TestQuery { } diff --git a/c/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql b/c/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql index 4f7709c7dd..a0d83a59a6 100644 --- a/c/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql +++ b/c/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.guardaccesstobitfields.GuardAccessToBitFields -class TestFileQuery extends GuardAccessToBitFieldsSharedQuery, TestQuery { -} +class TestFileQuery extends GuardAccessToBitFieldsSharedQuery, TestQuery { } diff --git a/c/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql b/c/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql index f9f34ef6d9..a61dc7860a 100644 --- a/c/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql +++ b/c/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.hashoperatorsused.HashOperatorsUsed -class TestFileQuery extends HashOperatorsUsedSharedQuery, TestQuery { -} +class TestFileQuery extends HashOperatorsUsedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/identifierhidden/IdentifierHidden.ql b/c/common/test/rules/identifierhidden/IdentifierHidden.ql index 27a35f8376..ba13b28bd4 100644 --- a/c/common/test/rules/identifierhidden/IdentifierHidden.ql +++ b/c/common/test/rules/identifierhidden/IdentifierHidden.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.identifierhidden.IdentifierHidden -class TestFileQuery extends IdentifierHiddenSharedQuery, TestQuery { -} +class TestFileQuery extends IdentifierHiddenSharedQuery, TestQuery { } diff --git a/c/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql b/c/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql index d0a494f270..acdd497be7 100644 --- a/c/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql +++ b/c/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.ifelseterminationconstruct.IfElseTerminationConstruct -class TestFileQuery extends IfElseTerminationConstructSharedQuery, TestQuery { -} +class TestFileQuery extends IfElseTerminationConstructSharedQuery, TestQuery { } diff --git a/c/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql b/c/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql index 8bec76dc05..13b07b4e90 100644 --- a/c/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql +++ b/c/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.includeguardsnotused.IncludeGuardsNotUsed -class TestFileQuery extends IncludeGuardsNotUsedSharedQuery, TestQuery { -} +class TestFileQuery extends IncludeGuardsNotUsedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql b/c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql index f51683773f..3393d015c3 100644 --- a/c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql +++ b/c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.informationleakageacrossboundaries.InformationLeakageAcrossBoundaries -class TestFileQuery extends InformationLeakageAcrossBoundariesSharedQuery, TestQuery { -} +class TestFileQuery extends InformationLeakageAcrossBoundariesSharedQuery, TestQuery { } diff --git a/c/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.ql b/c/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.ql index 777e498dc1..b82c43333a 100644 --- a/c/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.ql +++ b/c/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.invalidatedenvstringpointers.InvalidatedEnvStringPointers -class TestFileQuery extends InvalidatedEnvStringPointersSharedQuery, TestQuery { -} +class TestFileQuery extends InvalidatedEnvStringPointersSharedQuery, TestQuery { } diff --git a/c/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.ql b/c/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.ql index 9efdbbe048..7a56af210d 100644 --- a/c/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.ql +++ b/c/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.invalidatedenvstringpointerswarn.InvalidatedEnvStringPointersWarn -class TestFileQuery extends InvalidatedEnvStringPointersWarnSharedQuery, TestQuery { -} +class TestFileQuery extends InvalidatedEnvStringPointersWarnSharedQuery, TestQuery { } diff --git a/c/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql b/c/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql index ed1e85b531..c1f22c408a 100644 --- a/c/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql +++ b/c/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.iofstreammissingpositioning.IOFstreamMissingPositioning -class TestFileQuery extends IOFstreamMissingPositioningSharedQuery, TestQuery { -} +class TestFileQuery extends IOFstreamMissingPositioningSharedQuery, TestQuery { } diff --git a/c/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql b/c/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql index 8b3c25098c..2ff9477919 100644 --- a/c/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql +++ b/c/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.macroparameternotenclosedinparentheses.MacroParameterNotEnclosedInParentheses -class TestFileQuery extends MacroParameterNotEnclosedInParenthesesSharedQuery, TestQuery { -} +class TestFileQuery extends MacroParameterNotEnclosedInParenthesesSharedQuery, TestQuery { } diff --git a/c/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql b/c/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql index 108cf3b8a1..55290047a1 100644 --- a/c/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql +++ b/c/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.memcmpusedtocomparepaddingdata.MemcmpUsedToComparePaddingData -class TestFileQuery extends MemcmpUsedToComparePaddingDataSharedQuery, TestQuery { -} +class TestFileQuery extends MemcmpUsedToComparePaddingDataSharedQuery, TestQuery { } diff --git a/c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql b/c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql index d57bf78fad..3e0b1f7e8b 100644 --- a/c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql +++ b/c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nestedlabelinswitch.NestedLabelInSwitch -class TestFileQuery extends NestedLabelInSwitchSharedQuery, TestQuery { -} +class TestFileQuery extends NestedLabelInSwitchSharedQuery, TestQuery { } diff --git a/c/common/test/rules/nonconstantformat/NonConstantFormat.ql b/c/common/test/rules/nonconstantformat/NonConstantFormat.ql index 71bff7e9c6..25750ae9e5 100644 --- a/c/common/test/rules/nonconstantformat/NonConstantFormat.ql +++ b/c/common/test/rules/nonconstantformat/NonConstantFormat.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonconstantformat.NonConstantFormat -class TestFileQuery extends NonConstantFormatSharedQuery, TestQuery { -} +class TestFileQuery extends NonConstantFormatSharedQuery, TestQuery { } diff --git a/c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql b/c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql index 775599e10e..bcf99b44e7 100644 --- a/c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql +++ b/c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonvoidfunctiondoesnotreturn.NonVoidFunctionDoesNotReturn -class TestFileQuery extends NonVoidFunctionDoesNotReturnSharedQuery, TestQuery { -} +class TestFileQuery extends NonVoidFunctionDoesNotReturnSharedQuery, TestQuery { } diff --git a/c/common/test/rules/notdistinctidentifier/NotDistinctIdentifier.ql b/c/common/test/rules/notdistinctidentifier/NotDistinctIdentifier.ql index ba74868838..3b7a8a5f9a 100644 --- a/c/common/test/rules/notdistinctidentifier/NotDistinctIdentifier.ql +++ b/c/common/test/rules/notdistinctidentifier/NotDistinctIdentifier.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.notdistinctidentifier.NotDistinctIdentifier -class TestFileQuery extends NotDistinctIdentifierSharedQuery, TestQuery { -} +class TestFileQuery extends NotDistinctIdentifierSharedQuery, TestQuery { } diff --git a/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.ql b/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.ql index f8c036c2d2..f7d315554e 100644 --- a/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.ql +++ b/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.onlyfreememoryallocateddynamicallyshared.OnlyFreeMemoryAllocatedDynamicallyShared -class TestFileQuery extends OnlyFreeMemoryAllocatedDynamicallySharedSharedQuery, TestQuery { -} +class TestFileQuery extends OnlyFreeMemoryAllocatedDynamicallySharedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql b/c/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql index 35bc1586b0..d66babdb6d 100644 --- a/c/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql +++ b/c/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessingdirectivewithinmacroargument.PreprocessingDirectiveWithinMacroArgument -class TestFileQuery extends PreprocessingDirectiveWithinMacroArgumentSharedQuery, TestQuery { -} +class TestFileQuery extends PreprocessingDirectiveWithinMacroArgumentSharedQuery, TestQuery { } diff --git a/c/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql b/c/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql index f12f9663b1..c7652ab4ae 100644 --- a/c/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql +++ b/c/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessorincludesforbiddenheadernames.PreprocessorIncludesForbiddenHeaderNames -class TestFileQuery extends PreprocessorIncludesForbiddenHeaderNamesSharedQuery, TestQuery { -} +class TestFileQuery extends PreprocessorIncludesForbiddenHeaderNamesSharedQuery, TestQuery { } diff --git a/c/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql b/c/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql index 44f700604a..43701dbbf9 100644 --- a/c/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql +++ b/c/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessorincludespreceded.PreprocessorIncludesPreceded -class TestFileQuery extends PreprocessorIncludesPrecededSharedQuery, TestQuery { -} +class TestFileQuery extends PreprocessorIncludesPrecededSharedQuery, TestQuery { } diff --git a/c/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql b/c/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql index 6fd33d601b..009c7f9e26 100644 --- a/c/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql +++ b/c/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preservesafetywhenusingconditionvariables.PreserveSafetyWhenUsingConditionVariables -class TestFileQuery extends PreserveSafetyWhenUsingConditionVariablesSharedQuery, TestQuery { -} +class TestFileQuery extends PreserveSafetyWhenUsingConditionVariablesSharedQuery, TestQuery { } diff --git a/c/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql b/c/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql index 9968a80e75..4ca46f15ea 100644 --- a/c/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql +++ b/c/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preventdeadlockbylockinginpredefinedorder.PreventDeadlockByLockingInPredefinedOrder -class TestFileQuery extends PreventDeadlockByLockingInPredefinedOrderSharedQuery, TestQuery { -} +class TestFileQuery extends PreventDeadlockByLockingInPredefinedOrderSharedQuery, TestQuery { } diff --git a/c/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql b/c/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql index cec14d6dac..9150d4459d 100644 --- a/c/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql +++ b/c/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.readofuninitializedmemory.ReadOfUninitializedMemory -class TestFileQuery extends ReadOfUninitializedMemorySharedQuery, TestQuery { -} +class TestFileQuery extends ReadOfUninitializedMemorySharedQuery, TestQuery { } diff --git a/c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql b/c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql index 00d24cc943..aacadf0253 100644 --- a/c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql +++ b/c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.sectionsofcodeshallnotbecommentedout.SectionsOfCodeShallNotBeCommentedOut -class TestFileQuery extends SectionsOfCodeShallNotBeCommentedOutSharedQuery, TestQuery { -} +class TestFileQuery extends SectionsOfCodeShallNotBeCommentedOutSharedQuery, TestQuery { } diff --git a/c/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql b/c/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql index de3d7c5c9c..1b323a652d 100644 --- a/c/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql +++ b/c/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.switchcasepositioncondition.SwitchCasePositionCondition -class TestFileQuery extends SwitchCasePositionConditionSharedQuery, TestQuery { -} +class TestFileQuery extends SwitchCasePositionConditionSharedQuery, TestQuery { } diff --git a/c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql b/c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql index 3669f8739e..75ce3cb1ec 100644 --- a/c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql +++ b/c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.switchnotwellformed.SwitchNotWellFormed -class TestFileQuery extends SwitchNotWellFormedSharedQuery, TestQuery { -} +class TestFileQuery extends SwitchNotWellFormedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/typeomitted/TypeOmitted.ql b/c/common/test/rules/typeomitted/TypeOmitted.ql index eaade7faf6..a9cd81118c 100644 --- a/c/common/test/rules/typeomitted/TypeOmitted.ql +++ b/c/common/test/rules/typeomitted/TypeOmitted.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.typeomitted.TypeOmitted -class TestFileQuery extends TypeOmittedSharedQuery, TestQuery { -} +class TestFileQuery extends TypeOmittedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql b/c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql index 6ae007bd39..11720fb8da 100644 --- a/c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql +++ b/c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.uncheckedrangedomainpoleerrors.UncheckedRangeDomainPoleErrors -class TestFileQuery extends UncheckedRangeDomainPoleErrorsSharedQuery, TestQuery { -} +class TestFileQuery extends UncheckedRangeDomainPoleErrorsSharedQuery, TestQuery { } diff --git a/c/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql b/c/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql index 168b3a0b2e..316565cab7 100644 --- a/c/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql +++ b/c/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.undefinedmacroidentifiers.UndefinedMacroIdentifiers -class TestFileQuery extends UndefinedMacroIdentifiersSharedQuery, TestQuery { -} +class TestFileQuery extends UndefinedMacroIdentifiersSharedQuery, TestQuery { } diff --git a/c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql b/c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql index 3b1e4b7c56..3baad901da 100644 --- a/c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql +++ b/c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unnecessaryexposedidentifierdeclarationshared.UnnecessaryExposedIdentifierDeclarationShared -class TestFileQuery extends UnnecessaryExposedIdentifierDeclarationSharedSharedQuery, TestQuery { -} +class TestFileQuery extends UnnecessaryExposedIdentifierDeclarationSharedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/unreachablecode/UnreachableCode.ql b/c/common/test/rules/unreachablecode/UnreachableCode.ql index 61554593fd..c394bfba3e 100644 --- a/c/common/test/rules/unreachablecode/UnreachableCode.ql +++ b/c/common/test/rules/unreachablecode/UnreachableCode.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unreachablecode.UnreachableCode -class TestFileQuery extends UnreachableCodeSharedQuery, TestQuery { -} +class TestFileQuery extends UnreachableCodeSharedQuery, TestQuery { } diff --git a/c/common/test/rules/unusedparameter/UnusedParameter.ql b/c/common/test/rules/unusedparameter/UnusedParameter.ql index 4dc2000dbb..e990a7dcf3 100644 --- a/c/common/test/rules/unusedparameter/UnusedParameter.ql +++ b/c/common/test/rules/unusedparameter/UnusedParameter.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unusedparameter.UnusedParameter -class TestFileQuery extends UnusedParameterSharedQuery, TestQuery { -} +class TestFileQuery extends UnusedParameterSharedQuery, TestQuery { } diff --git a/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql b/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql index 76ccfec0f2..f1c09524d5 100644 --- a/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql +++ b/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unusedtypedeclarations.UnusedTypeDeclarations -class TestFileQuery extends UnusedTypeDeclarationsSharedQuery, TestQuery { -} +class TestFileQuery extends UnusedTypeDeclarationsSharedQuery, TestQuery { } diff --git a/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql b/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql index c8b9f229f4..f9997627b4 100644 --- a/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql +++ b/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.usageofassemblernotdocumented.UsageOfAssemblerNotDocumented -class TestFileQuery extends UsageOfAssemblerNotDocumentedSharedQuery, TestQuery { -} +class TestFileQuery extends UsageOfAssemblerNotDocumentedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql b/c/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql index 7edd86ecab..55554bee07 100644 --- a/c/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql +++ b/c/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.useonlyarrayindexingforpointerarithmetic.UseOnlyArrayIndexingForPointerArithmetic -class TestFileQuery extends UseOnlyArrayIndexingForPointerArithmeticSharedQuery, TestQuery { -} +class TestFileQuery extends UseOnlyArrayIndexingForPointerArithmeticSharedQuery, TestQuery { } diff --git a/c/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql b/c/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql index af84dd07c1..44947bf85a 100644 --- a/c/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql +++ b/c/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.wrapspuriousfunctioninloop.WrapSpuriousFunctionInLoop -class TestFileQuery extends WrapSpuriousFunctionInLoopSharedQuery, TestQuery { -} +class TestFileQuery extends WrapSpuriousFunctionInLoopSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.ql b/cpp/common/test/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.ql index 4607c4f48c..a94e11dbf6 100644 --- a/cpp/common/test/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.ql +++ b/cpp/common/test/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.accessofundefinedmemberthroughnullpointer.AccessOfUndefinedMemberThroughNullPointer -class TestFileQuery extends AccessOfUndefinedMemberThroughNullPointerSharedQuery, TestQuery { -} +class TestFileQuery extends AccessOfUndefinedMemberThroughNullPointerSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.ql b/cpp/common/test/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.ql index 489c4a23f4..90d192e3d8 100644 --- a/cpp/common/test/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.ql +++ b/cpp/common/test/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.ql @@ -1,5 +1,6 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.accessofundefinedmemberthroughuninitializedstaticpointer.AccessOfUndefinedMemberThroughUninitializedStaticPointer -class TestFileQuery extends AccessOfUndefinedMemberThroughUninitializedStaticPointerSharedQuery, TestQuery { -} +class TestFileQuery extends AccessOfUndefinedMemberThroughUninitializedStaticPointerSharedQuery, + TestQuery +{ } diff --git a/cpp/common/test/rules/basicstringmaynotbenullterminated/BasicStringMayNotBeNullTerminated.ql b/cpp/common/test/rules/basicstringmaynotbenullterminated/BasicStringMayNotBeNullTerminated.ql index 21f00547fc..c2c4fe7906 100644 --- a/cpp/common/test/rules/basicstringmaynotbenullterminated/BasicStringMayNotBeNullTerminated.ql +++ b/cpp/common/test/rules/basicstringmaynotbenullterminated/BasicStringMayNotBeNullTerminated.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.basicstringmaynotbenullterminated.BasicStringMayNotBeNullTerminated -class TestFileQuery extends BasicStringMayNotBeNullTerminatedSharedQuery, TestQuery { -} +class TestFileQuery extends BasicStringMayNotBeNullTerminatedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/catchblockshadowing/CatchBlockShadowing.ql b/cpp/common/test/rules/catchblockshadowing/CatchBlockShadowing.ql index 81b37d3aa5..76b7123d99 100644 --- a/cpp/common/test/rules/catchblockshadowing/CatchBlockShadowing.ql +++ b/cpp/common/test/rules/catchblockshadowing/CatchBlockShadowing.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.catchblockshadowing.CatchBlockShadowing -class TestFileQuery extends CatchBlockShadowingSharedQuery, TestQuery { -} +class TestFileQuery extends CatchBlockShadowingSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/catchexceptionsbylvaluereference/CatchExceptionsByLvalueReference.ql b/cpp/common/test/rules/catchexceptionsbylvaluereference/CatchExceptionsByLvalueReference.ql index 0931cc9ca8..30d6d30c47 100644 --- a/cpp/common/test/rules/catchexceptionsbylvaluereference/CatchExceptionsByLvalueReference.ql +++ b/cpp/common/test/rules/catchexceptionsbylvaluereference/CatchExceptionsByLvalueReference.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.catchexceptionsbylvaluereference.CatchExceptionsByLvalueReference -class TestFileQuery extends CatchExceptionsByLvalueReferenceSharedQuery, TestQuery { -} +class TestFileQuery extends CatchExceptionsByLvalueReferenceSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/commaoperatorused/CommaOperatorUsed.ql b/cpp/common/test/rules/commaoperatorused/CommaOperatorUsed.ql index b6c91e6eb2..2fe294762e 100644 --- a/cpp/common/test/rules/commaoperatorused/CommaOperatorUsed.ql +++ b/cpp/common/test/rules/commaoperatorused/CommaOperatorUsed.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.commaoperatorused.CommaOperatorUsed -class TestFileQuery extends CommaOperatorUsedSharedQuery, TestQuery { -} +class TestFileQuery extends CommaOperatorUsedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/conditionvariablepostconditionfailed/ConditionVariablePostConditionFailed.ql b/cpp/common/test/rules/conditionvariablepostconditionfailed/ConditionVariablePostConditionFailed.ql index 9192ea6c24..e990e23e2e 100644 --- a/cpp/common/test/rules/conditionvariablepostconditionfailed/ConditionVariablePostConditionFailed.ql +++ b/cpp/common/test/rules/conditionvariablepostconditionfailed/ConditionVariablePostConditionFailed.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.conditionvariablepostconditionfailed.ConditionVariablePostConditionFailed -class TestFileQuery extends ConditionVariablePostConditionFailedSharedQuery, TestQuery { -} +class TestFileQuery extends ConditionVariablePostConditionFailedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql b/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql index b12383aabb..c77ee1c66a 100644 --- a/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql +++ b/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.constantunsignedintegerexpressionswraparound.ConstantUnsignedIntegerExpressionsWrapAround -class TestFileQuery extends ConstantUnsignedIntegerExpressionsWrapAroundSharedQuery, TestQuery { -} +class TestFileQuery extends ConstantUnsignedIntegerExpressionsWrapAroundSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.ql b/cpp/common/test/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.ql index 90f2624e6b..be54f5a31c 100644 --- a/cpp/common/test/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.ql +++ b/cpp/common/test/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.containeraccesswithoutrangecheck.ContainerAccessWithoutRangeCheck -class TestFileQuery extends ContainerAccessWithoutRangeCheckSharedQuery, TestQuery { -} +class TestFileQuery extends ContainerAccessWithoutRangeCheckSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/danglingcapturewhenmovinglambdaobject/DanglingCaptureWhenMovingLambdaObject.ql b/cpp/common/test/rules/danglingcapturewhenmovinglambdaobject/DanglingCaptureWhenMovingLambdaObject.ql index 3e1929e5c3..ba1f1efc2f 100644 --- a/cpp/common/test/rules/danglingcapturewhenmovinglambdaobject/DanglingCaptureWhenMovingLambdaObject.ql +++ b/cpp/common/test/rules/danglingcapturewhenmovinglambdaobject/DanglingCaptureWhenMovingLambdaObject.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.danglingcapturewhenmovinglambdaobject.DanglingCaptureWhenMovingLambdaObject -class TestFileQuery extends DanglingCaptureWhenMovingLambdaObjectSharedQuery, TestQuery { -} +class TestFileQuery extends DanglingCaptureWhenMovingLambdaObjectSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/danglingcapturewhenreturninglambdaobject/DanglingCaptureWhenReturningLambdaObject.ql b/cpp/common/test/rules/danglingcapturewhenreturninglambdaobject/DanglingCaptureWhenReturningLambdaObject.ql index 6880b797fc..d95ba912fd 100644 --- a/cpp/common/test/rules/danglingcapturewhenreturninglambdaobject/DanglingCaptureWhenReturningLambdaObject.ql +++ b/cpp/common/test/rules/danglingcapturewhenreturninglambdaobject/DanglingCaptureWhenReturningLambdaObject.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.danglingcapturewhenreturninglambdaobject.DanglingCaptureWhenReturningLambdaObject -class TestFileQuery extends DanglingCaptureWhenReturningLambdaObjectSharedQuery, TestQuery { -} +class TestFileQuery extends DanglingCaptureWhenReturningLambdaObjectSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/deadcode/DeadCode.ql b/cpp/common/test/rules/deadcode/DeadCode.ql index b38dba26d7..dcd7fce840 100644 --- a/cpp/common/test/rules/deadcode/DeadCode.ql +++ b/cpp/common/test/rules/deadcode/DeadCode.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.deadcode.DeadCode -class TestFileQuery extends DeadCodeSharedQuery, TestQuery { -} +class TestFileQuery extends DeadCodeSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/deleteofpointertoincompleteclass/DeleteOfPointerToIncompleteClass.ql b/cpp/common/test/rules/deleteofpointertoincompleteclass/DeleteOfPointerToIncompleteClass.ql index 54ae2a773b..a589ae988e 100644 --- a/cpp/common/test/rules/deleteofpointertoincompleteclass/DeleteOfPointerToIncompleteClass.ql +++ b/cpp/common/test/rules/deleteofpointertoincompleteclass/DeleteOfPointerToIncompleteClass.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.deleteofpointertoincompleteclass.DeleteOfPointerToIncompleteClass -class TestFileQuery extends DeleteOfPointerToIncompleteClassSharedQuery, TestQuery { -} +class TestFileQuery extends DeleteOfPointerToIncompleteClassSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql b/cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql index cf9fdf6071..c8dc62e67c 100644 --- a/cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql +++ b/cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.dereferenceofnullpointer.DereferenceOfNullPointer -class TestFileQuery extends DereferenceOfNullPointerSharedQuery, TestQuery { -} +class TestFileQuery extends DereferenceOfNullPointerSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/destroyedvaluereferencedindestructorcatchblock/DestroyedValueReferencedInDestructorCatchBlock.ql b/cpp/common/test/rules/destroyedvaluereferencedindestructorcatchblock/DestroyedValueReferencedInDestructorCatchBlock.ql index a2418fe0e6..90c4ed602a 100644 --- a/cpp/common/test/rules/destroyedvaluereferencedindestructorcatchblock/DestroyedValueReferencedInDestructorCatchBlock.ql +++ b/cpp/common/test/rules/destroyedvaluereferencedindestructorcatchblock/DestroyedValueReferencedInDestructorCatchBlock.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.destroyedvaluereferencedindestructorcatchblock.DestroyedValueReferencedInDestructorCatchBlock -class TestFileQuery extends DestroyedValueReferencedInDestructorCatchBlockSharedQuery, TestQuery { -} +class TestFileQuery extends DestroyedValueReferencedInDestructorCatchBlockSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql b/cpp/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql index 9aac0f1c09..ceae7e6a9e 100644 --- a/cpp/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql +++ b/cpp/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotallowamutextogooutofscopewhilelocked.DoNotAllowAMutexToGoOutOfScopeWhileLocked -class TestFileQuery extends DoNotAllowAMutexToGoOutOfScopeWhileLockedSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotAllowAMutexToGoOutOfScopeWhileLockedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql b/cpp/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql index b2fdab8eea..96ea58009e 100644 --- a/cpp/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql +++ b/cpp/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotdestroyamutexwhileitislocked.DoNotDestroyAMutexWhileItIsLocked -class TestFileQuery extends DoNotDestroyAMutexWhileItIsLockedSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotDestroyAMutexWhileItIsLockedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql b/cpp/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql index cc9cb834e0..374a6fc52b 100644 --- a/cpp/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql +++ b/cpp/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotsubtractpointersaddressingdifferentarrays.DoNotSubtractPointersAddressingDifferentArrays -class TestFileQuery extends DoNotSubtractPointersAddressingDifferentArraysSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotSubtractPointersAddressingDifferentArraysSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql b/cpp/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql index ddaa0399b2..edef2c1127 100644 --- a/cpp/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql +++ b/cpp/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotusemorethantwolevelsofpointerindirection.DoNotUseMoreThanTwoLevelsOfPointerIndirection -class TestFileQuery extends DoNotUseMoreThanTwoLevelsOfPointerIndirectionSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotUseMoreThanTwoLevelsOfPointerIndirectionSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql b/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql index c6e0f0e58a..3ad5626256 100644 --- a/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql +++ b/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotuserandforgeneratingpseudorandomnumbers.DoNotUseRandForGeneratingPseudorandomNumbers -class TestFileQuery extends DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql b/cpp/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql index 647ee40426..bceb46bf63 100644 --- a/cpp/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql +++ b/cpp/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotuserelationaloperatorswithdifferingarrays.DoNotUseRelationalOperatorsWithDifferingArrays -class TestFileQuery extends DoNotUseRelationalOperatorsWithDifferingArraysSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotUseRelationalOperatorsWithDifferingArraysSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.ql b/cpp/common/test/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.ql index bb9245942d..e0026467ff 100644 --- a/cpp/common/test/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.ql +++ b/cpp/common/test/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotusesetjmporlongjmpshared.DoNotUseSetjmpOrLongjmpShared -class TestFileQuery extends DoNotUseSetjmpOrLongjmpSharedSharedQuery, TestQuery { -} +class TestFileQuery extends DoNotUseSetjmpOrLongjmpSharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/exceptionsafetyguarantees/ExceptionSafetyGuarantees.ql b/cpp/common/test/rules/exceptionsafetyguarantees/ExceptionSafetyGuarantees.ql index 2d09d10250..bfa4a88318 100644 --- a/cpp/common/test/rules/exceptionsafetyguarantees/ExceptionSafetyGuarantees.ql +++ b/cpp/common/test/rules/exceptionsafetyguarantees/ExceptionSafetyGuarantees.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.exceptionsafetyguarantees.ExceptionSafetyGuarantees -class TestFileQuery extends ExceptionSafetyGuaranteesSharedQuery, TestQuery { -} +class TestFileQuery extends ExceptionSafetyGuaranteesSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/exceptionsafetyvalidstate/ExceptionSafetyValidState.ql b/cpp/common/test/rules/exceptionsafetyvalidstate/ExceptionSafetyValidState.ql index e2d2107580..aa18543c36 100644 --- a/cpp/common/test/rules/exceptionsafetyvalidstate/ExceptionSafetyValidState.ql +++ b/cpp/common/test/rules/exceptionsafetyvalidstate/ExceptionSafetyValidState.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.exceptionsafetyvalidstate.ExceptionSafetyValidState -class TestFileQuery extends ExceptionSafetyValidStateSharedQuery, TestQuery { -} +class TestFileQuery extends ExceptionSafetyValidStateSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/exithandlerthrowsexception/ExitHandlerThrowsException.ql b/cpp/common/test/rules/exithandlerthrowsexception/ExitHandlerThrowsException.ql index 4552e1d6e5..c61992b8b0 100644 --- a/cpp/common/test/rules/exithandlerthrowsexception/ExitHandlerThrowsException.ql +++ b/cpp/common/test/rules/exithandlerthrowsexception/ExitHandlerThrowsException.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.exithandlerthrowsexception.ExitHandlerThrowsException -class TestFileQuery extends ExitHandlerThrowsExceptionSharedQuery, TestQuery { -} +class TestFileQuery extends ExitHandlerThrowsExceptionSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/explicitabrupttermination/ExplicitAbruptTermination.ql b/cpp/common/test/rules/explicitabrupttermination/ExplicitAbruptTermination.ql index cd11b45494..d7df643551 100644 --- a/cpp/common/test/rules/explicitabrupttermination/ExplicitAbruptTermination.ql +++ b/cpp/common/test/rules/explicitabrupttermination/ExplicitAbruptTermination.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.explicitabrupttermination.ExplicitAbruptTermination -class TestFileQuery extends ExplicitAbruptTerminationSharedQuery, TestQuery { -} +class TestFileQuery extends ExplicitAbruptTerminationSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.ql b/cpp/common/test/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.ql index 6526233b4c..4af4aeceaf 100644 --- a/cpp/common/test/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.ql +++ b/cpp/common/test/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.functionnoreturnattributecondition.FunctionNoReturnAttributeCondition -class TestFileQuery extends FunctionNoReturnAttributeConditionSharedQuery, TestQuery { -} +class TestFileQuery extends FunctionNoReturnAttributeConditionSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.ql b/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.ql index 2317d5c7db..89768a3022 100644 --- a/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.ql +++ b/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.gotostatementcondition.GotoStatementCondition -class TestFileQuery extends GotoStatementConditionSharedQuery, TestQuery { -} +class TestFileQuery extends GotoStatementConditionSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql b/cpp/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql index 4f7709c7dd..a0d83a59a6 100644 --- a/cpp/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql +++ b/cpp/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.guardaccesstobitfields.GuardAccessToBitFields -class TestFileQuery extends GuardAccessToBitFieldsSharedQuery, TestQuery { -} +class TestFileQuery extends GuardAccessToBitFieldsSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/handleallexceptionsduringstartup/HandleAllExceptionsDuringStartup.ql b/cpp/common/test/rules/handleallexceptionsduringstartup/HandleAllExceptionsDuringStartup.ql index 4a4ae60b84..d366b0eb79 100644 --- a/cpp/common/test/rules/handleallexceptionsduringstartup/HandleAllExceptionsDuringStartup.ql +++ b/cpp/common/test/rules/handleallexceptionsduringstartup/HandleAllExceptionsDuringStartup.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.handleallexceptionsduringstartup.HandleAllExceptionsDuringStartup -class TestFileQuery extends HandleAllExceptionsDuringStartupSharedQuery, TestQuery { -} +class TestFileQuery extends HandleAllExceptionsDuringStartupSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql b/cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql index f9f34ef6d9..a61dc7860a 100644 --- a/cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql +++ b/cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.hashoperatorsused.HashOperatorsUsed -class TestFileQuery extends HashOperatorsUsedSharedQuery, TestQuery { -} +class TestFileQuery extends HashOperatorsUsedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/identifierhidden/IdentifierHidden.ql b/cpp/common/test/rules/identifierhidden/IdentifierHidden.ql index 27a35f8376..ba13b28bd4 100644 --- a/cpp/common/test/rules/identifierhidden/IdentifierHidden.ql +++ b/cpp/common/test/rules/identifierhidden/IdentifierHidden.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.identifierhidden.IdentifierHidden -class TestFileQuery extends IdentifierHiddenSharedQuery, TestQuery { -} +class TestFileQuery extends IdentifierHiddenSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql b/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql index d0a494f270..acdd497be7 100644 --- a/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql +++ b/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.ifelseterminationconstruct.IfElseTerminationConstruct -class TestFileQuery extends IfElseTerminationConstructSharedQuery, TestQuery { -} +class TestFileQuery extends IfElseTerminationConstructSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql b/cpp/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql index 8bec76dc05..13b07b4e90 100644 --- a/cpp/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql +++ b/cpp/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.includeguardsnotused.IncludeGuardsNotUsed -class TestFileQuery extends IncludeGuardsNotUsedSharedQuery, TestQuery { -} +class TestFileQuery extends IncludeGuardsNotUsedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql b/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql index f51683773f..3393d015c3 100644 --- a/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql +++ b/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.informationleakageacrossboundaries.InformationLeakageAcrossBoundaries -class TestFileQuery extends InformationLeakageAcrossBoundariesSharedQuery, TestQuery { -} +class TestFileQuery extends InformationLeakageAcrossBoundariesSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql b/cpp/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql index ed1e85b531..c1f22c408a 100644 --- a/cpp/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql +++ b/cpp/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.iofstreammissingpositioning.IOFstreamMissingPositioning -class TestFileQuery extends IOFstreamMissingPositioningSharedQuery, TestQuery { -} +class TestFileQuery extends IOFstreamMissingPositioningSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/joinablethreadcopiedordestroyed/JoinableThreadCopiedOrDestroyed.ql b/cpp/common/test/rules/joinablethreadcopiedordestroyed/JoinableThreadCopiedOrDestroyed.ql index 394425a83b..affaeef13d 100644 --- a/cpp/common/test/rules/joinablethreadcopiedordestroyed/JoinableThreadCopiedOrDestroyed.ql +++ b/cpp/common/test/rules/joinablethreadcopiedordestroyed/JoinableThreadCopiedOrDestroyed.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.joinablethreadcopiedordestroyed.JoinableThreadCopiedOrDestroyed -class TestFileQuery extends JoinableThreadCopiedOrDestroyedSharedQuery, TestQuery { -} +class TestFileQuery extends JoinableThreadCopiedOrDestroyedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql b/cpp/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql index 8b3c25098c..2ff9477919 100644 --- a/cpp/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql +++ b/cpp/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.macroparameternotenclosedinparentheses.MacroParameterNotEnclosedInParentheses -class TestFileQuery extends MacroParameterNotEnclosedInParenthesesSharedQuery, TestQuery { -} +class TestFileQuery extends MacroParameterNotEnclosedInParenthesesSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql b/cpp/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql index 108cf3b8a1..55290047a1 100644 --- a/cpp/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql +++ b/cpp/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.memcmpusedtocomparepaddingdata.MemcmpUsedToComparePaddingData -class TestFileQuery extends MemcmpUsedToComparePaddingDataSharedQuery, TestQuery { -} +class TestFileQuery extends MemcmpUsedToComparePaddingDataSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/movedfromobjectsunspecifiedstate/MovedFromObjectsUnspecifiedState.ql b/cpp/common/test/rules/movedfromobjectsunspecifiedstate/MovedFromObjectsUnspecifiedState.ql index f7510b8b24..3f818cc3e2 100644 --- a/cpp/common/test/rules/movedfromobjectsunspecifiedstate/MovedFromObjectsUnspecifiedState.ql +++ b/cpp/common/test/rules/movedfromobjectsunspecifiedstate/MovedFromObjectsUnspecifiedState.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.movedfromobjectsunspecifiedstate.MovedFromObjectsUnspecifiedState -class TestFileQuery extends MovedFromObjectsUnspecifiedStateSharedQuery, TestQuery { -} +class TestFileQuery extends MovedFromObjectsUnspecifiedStateSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql b/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql index d57bf78fad..3e0b1f7e8b 100644 --- a/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql +++ b/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nestedlabelinswitch.NestedLabelInSwitch -class TestFileQuery extends NestedLabelInSwitchSharedQuery, TestQuery { -} +class TestFileQuery extends NestedLabelInSwitchSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql b/cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql index d1956d4b71..2e27365953 100644 --- a/cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql +++ b/cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonbooleanifstmt.NonBooleanIfStmt -class TestFileQuery extends NonBooleanIfStmtSharedQuery, TestQuery { -} +class TestFileQuery extends NonBooleanIfStmtSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql b/cpp/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql index 3cd92aa294..46c2d4c3bb 100644 --- a/cpp/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql +++ b/cpp/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonbooleaniterationstmt.NonBooleanIterationStmt -class TestFileQuery extends NonBooleanIterationStmtSharedQuery, TestQuery { -} +class TestFileQuery extends NonBooleanIterationStmtSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/nonconstantformat/NonConstantFormat.ql b/cpp/common/test/rules/nonconstantformat/NonConstantFormat.ql index 71bff7e9c6..25750ae9e5 100644 --- a/cpp/common/test/rules/nonconstantformat/NonConstantFormat.ql +++ b/cpp/common/test/rules/nonconstantformat/NonConstantFormat.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonconstantformat.NonConstantFormat -class TestFileQuery extends NonConstantFormatSharedQuery, TestQuery { -} +class TestFileQuery extends NonConstantFormatSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/nonstandardentitiesinstandardnamespaces/NonStandardEntitiesInStandardNamespaces.ql b/cpp/common/test/rules/nonstandardentitiesinstandardnamespaces/NonStandardEntitiesInStandardNamespaces.ql index 19990c3d2f..3b10c31026 100644 --- a/cpp/common/test/rules/nonstandardentitiesinstandardnamespaces/NonStandardEntitiesInStandardNamespaces.ql +++ b/cpp/common/test/rules/nonstandardentitiesinstandardnamespaces/NonStandardEntitiesInStandardNamespaces.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonstandardentitiesinstandardnamespaces.NonStandardEntitiesInStandardNamespaces -class TestFileQuery extends NonStandardEntitiesInStandardNamespacesSharedQuery, TestQuery { -} +class TestFileQuery extends NonStandardEntitiesInStandardNamespacesSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql b/cpp/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql index 775599e10e..bcf99b44e7 100644 --- a/cpp/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql +++ b/cpp/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonvoidfunctiondoesnotreturn.NonVoidFunctionDoesNotReturn -class TestFileQuery extends NonVoidFunctionDoesNotReturnSharedQuery, TestQuery { -} +class TestFileQuery extends NonVoidFunctionDoesNotReturnSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/objectaccessedafterlifetime/ObjectAccessedAfterLifetime.ql b/cpp/common/test/rules/objectaccessedafterlifetime/ObjectAccessedAfterLifetime.ql index a6dd5f0ddb..fbf2270fb9 100644 --- a/cpp/common/test/rules/objectaccessedafterlifetime/ObjectAccessedAfterLifetime.ql +++ b/cpp/common/test/rules/objectaccessedafterlifetime/ObjectAccessedAfterLifetime.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.objectaccessedafterlifetime.ObjectAccessedAfterLifetime -class TestFileQuery extends ObjectAccessedAfterLifetimeSharedQuery, TestQuery { -} +class TestFileQuery extends ObjectAccessedAfterLifetimeSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/objectaccessedbeforelifetime/ObjectAccessedBeforeLifetime.ql b/cpp/common/test/rules/objectaccessedbeforelifetime/ObjectAccessedBeforeLifetime.ql index c7e11a4489..aa88f954dc 100644 --- a/cpp/common/test/rules/objectaccessedbeforelifetime/ObjectAccessedBeforeLifetime.ql +++ b/cpp/common/test/rules/objectaccessedbeforelifetime/ObjectAccessedBeforeLifetime.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.objectaccessedbeforelifetime.ObjectAccessedBeforeLifetime -class TestFileQuery extends ObjectAccessedBeforeLifetimeSharedQuery, TestQuery { -} +class TestFileQuery extends ObjectAccessedBeforeLifetimeSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/onedefinitionruleviolation/OneDefinitionRuleViolation.ql b/cpp/common/test/rules/onedefinitionruleviolation/OneDefinitionRuleViolation.ql index 8b818c9f65..0f01e0b871 100644 --- a/cpp/common/test/rules/onedefinitionruleviolation/OneDefinitionRuleViolation.ql +++ b/cpp/common/test/rules/onedefinitionruleviolation/OneDefinitionRuleViolation.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.onedefinitionruleviolation.OneDefinitionRuleViolation -class TestFileQuery extends OneDefinitionRuleViolationSharedQuery, TestQuery { -} +class TestFileQuery extends OneDefinitionRuleViolationSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/operationmaynotnullterminatecstylestring/OperationMayNotNullTerminateCStyleString.ql b/cpp/common/test/rules/operationmaynotnullterminatecstylestring/OperationMayNotNullTerminateCStyleString.ql index 191a71c62d..88637e5fb8 100644 --- a/cpp/common/test/rules/operationmaynotnullterminatecstylestring/OperationMayNotNullTerminateCStyleString.ql +++ b/cpp/common/test/rules/operationmaynotnullterminatecstylestring/OperationMayNotNullTerminateCStyleString.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.operationmaynotnullterminatecstylestring.OperationMayNotNullTerminateCStyleString -class TestFileQuery extends OperationMayNotNullTerminateCStyleStringSharedQuery, TestQuery { -} +class TestFileQuery extends OperationMayNotNullTerminateCStyleStringSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/operatordeletemissingpartner/OperatorDeleteMissingPartner.ql b/cpp/common/test/rules/operatordeletemissingpartner/OperatorDeleteMissingPartner.ql index 2239471465..df5ed195c3 100644 --- a/cpp/common/test/rules/operatordeletemissingpartner/OperatorDeleteMissingPartner.ql +++ b/cpp/common/test/rules/operatordeletemissingpartner/OperatorDeleteMissingPartner.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.operatordeletemissingpartner.OperatorDeleteMissingPartner -class TestFileQuery extends OperatorDeleteMissingPartnerSharedQuery, TestQuery { -} +class TestFileQuery extends OperatorDeleteMissingPartnerSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.ql b/cpp/common/test/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.ql index a546ac7dee..765e11c79e 100644 --- a/cpp/common/test/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.ql +++ b/cpp/common/test/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.orderingpredicatemustbestrictlyweak.OrderingPredicateMustBeStrictlyWeak -class TestFileQuery extends OrderingPredicateMustBeStrictlyWeakSharedQuery, TestQuery { -} +class TestFileQuery extends OrderingPredicateMustBeStrictlyWeakSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.ql b/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.ql index 06ce668f27..efdcb47a16 100644 --- a/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.ql +++ b/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.ownedpointervaluestoredinunrelatedsmartpointer.OwnedPointerValueStoredInUnrelatedSmartPointer -class TestFileQuery extends OwnedPointerValueStoredInUnrelatedSmartPointerSharedQuery, TestQuery { -} +class TestFileQuery extends OwnedPointerValueStoredInUnrelatedSmartPointerSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.ql b/cpp/common/test/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.ql index 7b30c736d3..d63da2dc8d 100644 --- a/cpp/common/test/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.ql +++ b/cpp/common/test/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.placementnewinsufficientstorage.PlacementNewInsufficientStorage -class TestFileQuery extends PlacementNewInsufficientStorageSharedQuery, TestQuery { -} +class TestFileQuery extends PlacementNewInsufficientStorageSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/placementnewnotproperlyaligned/PlacementNewNotProperlyAligned.ql b/cpp/common/test/rules/placementnewnotproperlyaligned/PlacementNewNotProperlyAligned.ql index 5f4fd81927..913b1c9c66 100644 --- a/cpp/common/test/rules/placementnewnotproperlyaligned/PlacementNewNotProperlyAligned.ql +++ b/cpp/common/test/rules/placementnewnotproperlyaligned/PlacementNewNotProperlyAligned.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.placementnewnotproperlyaligned.PlacementNewNotProperlyAligned -class TestFileQuery extends PlacementNewNotProperlyAlignedSharedQuery, TestQuery { -} +class TestFileQuery extends PlacementNewNotProperlyAlignedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/predicatefunctionobjectsshouldnotbemutable/PredicateFunctionObjectsShouldNotBeMutable.ql b/cpp/common/test/rules/predicatefunctionobjectsshouldnotbemutable/PredicateFunctionObjectsShouldNotBeMutable.ql index 0d4dec003f..1c9c73fb3d 100644 --- a/cpp/common/test/rules/predicatefunctionobjectsshouldnotbemutable/PredicateFunctionObjectsShouldNotBeMutable.ql +++ b/cpp/common/test/rules/predicatefunctionobjectsshouldnotbemutable/PredicateFunctionObjectsShouldNotBeMutable.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.predicatefunctionobjectsshouldnotbemutable.PredicateFunctionObjectsShouldNotBeMutable -class TestFileQuery extends PredicateFunctionObjectsShouldNotBeMutableSharedQuery, TestQuery { -} +class TestFileQuery extends PredicateFunctionObjectsShouldNotBeMutableSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql b/cpp/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql index 35bc1586b0..d66babdb6d 100644 --- a/cpp/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql +++ b/cpp/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessingdirectivewithinmacroargument.PreprocessingDirectiveWithinMacroArgument -class TestFileQuery extends PreprocessingDirectiveWithinMacroArgumentSharedQuery, TestQuery { -} +class TestFileQuery extends PreprocessingDirectiveWithinMacroArgumentSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql b/cpp/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql index f12f9663b1..c7652ab4ae 100644 --- a/cpp/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql +++ b/cpp/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessorincludesforbiddenheadernames.PreprocessorIncludesForbiddenHeaderNames -class TestFileQuery extends PreprocessorIncludesForbiddenHeaderNamesSharedQuery, TestQuery { -} +class TestFileQuery extends PreprocessorIncludesForbiddenHeaderNamesSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql b/cpp/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql index 44f700604a..43701dbbf9 100644 --- a/cpp/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql +++ b/cpp/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessorincludespreceded.PreprocessorIncludesPreceded -class TestFileQuery extends PreprocessorIncludesPrecededSharedQuery, TestQuery { -} +class TestFileQuery extends PreprocessorIncludesPrecededSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql b/cpp/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql index 6fd33d601b..009c7f9e26 100644 --- a/cpp/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql +++ b/cpp/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preservesafetywhenusingconditionvariables.PreserveSafetyWhenUsingConditionVariables -class TestFileQuery extends PreserveSafetyWhenUsingConditionVariablesSharedQuery, TestQuery { -} +class TestFileQuery extends PreserveSafetyWhenUsingConditionVariablesSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql b/cpp/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql index 9968a80e75..4ca46f15ea 100644 --- a/cpp/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql +++ b/cpp/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preventdeadlockbylockinginpredefinedorder.PreventDeadlockByLockingInPredefinedOrder -class TestFileQuery extends PreventDeadlockByLockingInPredefinedOrderSharedQuery, TestQuery { -} +class TestFileQuery extends PreventDeadlockByLockingInPredefinedOrderSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql b/cpp/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql index cec14d6dac..9150d4459d 100644 --- a/cpp/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql +++ b/cpp/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.readofuninitializedmemory.ReadOfUninitializedMemory -class TestFileQuery extends ReadOfUninitializedMemorySharedQuery, TestQuery { -} +class TestFileQuery extends ReadOfUninitializedMemorySharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/removeconstorvolatilequalification/RemoveConstOrVolatileQualification.ql b/cpp/common/test/rules/removeconstorvolatilequalification/RemoveConstOrVolatileQualification.ql index 137fc2edf1..61865cccab 100644 --- a/cpp/common/test/rules/removeconstorvolatilequalification/RemoveConstOrVolatileQualification.ql +++ b/cpp/common/test/rules/removeconstorvolatilequalification/RemoveConstOrVolatileQualification.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.removeconstorvolatilequalification.RemoveConstOrVolatileQualification -class TestFileQuery extends RemoveConstOrVolatileQualificationSharedQuery, TestQuery { -} +class TestFileQuery extends RemoveConstOrVolatileQualificationSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/rethrownestedwithoutcapture/RethrowNestedWithoutCapture.ql b/cpp/common/test/rules/rethrownestedwithoutcapture/RethrowNestedWithoutCapture.ql index e3cc2a62fb..ab45ada710 100644 --- a/cpp/common/test/rules/rethrownestedwithoutcapture/RethrowNestedWithoutCapture.ql +++ b/cpp/common/test/rules/rethrownestedwithoutcapture/RethrowNestedWithoutCapture.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.rethrownestedwithoutcapture.RethrowNestedWithoutCapture -class TestFileQuery extends RethrowNestedWithoutCaptureSharedQuery, TestQuery { -} +class TestFileQuery extends RethrowNestedWithoutCaptureSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql b/cpp/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql index 00d24cc943..aacadf0253 100644 --- a/cpp/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql +++ b/cpp/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.sectionsofcodeshallnotbecommentedout.SectionsOfCodeShallNotBeCommentedOut -class TestFileQuery extends SectionsOfCodeShallNotBeCommentedOutSharedQuery, TestQuery { -} +class TestFileQuery extends SectionsOfCodeShallNotBeCommentedOutSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/stringnumberconversionmissingerrorcheck/StringNumberConversionMissingErrorCheck.ql b/cpp/common/test/rules/stringnumberconversionmissingerrorcheck/StringNumberConversionMissingErrorCheck.ql index 9e35a26b6d..7fae4b8b9a 100644 --- a/cpp/common/test/rules/stringnumberconversionmissingerrorcheck/StringNumberConversionMissingErrorCheck.ql +++ b/cpp/common/test/rules/stringnumberconversionmissingerrorcheck/StringNumberConversionMissingErrorCheck.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.stringnumberconversionmissingerrorcheck.StringNumberConversionMissingErrorCheck -class TestFileQuery extends StringNumberConversionMissingErrorCheckSharedQuery, TestQuery { -} +class TestFileQuery extends StringNumberConversionMissingErrorCheckSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql b/cpp/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql index de3d7c5c9c..1b323a652d 100644 --- a/cpp/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql +++ b/cpp/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.switchcasepositioncondition.SwitchCasePositionCondition -class TestFileQuery extends SwitchCasePositionConditionSharedQuery, TestQuery { -} +class TestFileQuery extends SwitchCasePositionConditionSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql b/cpp/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql index 3669f8739e..75ce3cb1ec 100644 --- a/cpp/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql +++ b/cpp/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.switchnotwellformed.SwitchNotWellFormed -class TestFileQuery extends SwitchNotWellFormedSharedQuery, TestQuery { -} +class TestFileQuery extends SwitchNotWellFormedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/throwingnothrowoperatornewdelete/ThrowingNoThrowOperatorNewDelete.ql b/cpp/common/test/rules/throwingnothrowoperatornewdelete/ThrowingNoThrowOperatorNewDelete.ql index 039db1c5c3..0135c410f4 100644 --- a/cpp/common/test/rules/throwingnothrowoperatornewdelete/ThrowingNoThrowOperatorNewDelete.ql +++ b/cpp/common/test/rules/throwingnothrowoperatornewdelete/ThrowingNoThrowOperatorNewDelete.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.throwingnothrowoperatornewdelete.ThrowingNoThrowOperatorNewDelete -class TestFileQuery extends ThrowingNoThrowOperatorNewDeleteSharedQuery, TestQuery { -} +class TestFileQuery extends ThrowingNoThrowOperatorNewDeleteSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.ql b/cpp/common/test/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.ql index b034de0a67..c0fc6c8619 100644 --- a/cpp/common/test/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.ql +++ b/cpp/common/test/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.throwingoperatornewreturnsnull.ThrowingOperatorNewReturnsNull -class TestFileQuery extends ThrowingOperatorNewReturnsNullSharedQuery, TestQuery { -} +class TestFileQuery extends ThrowingOperatorNewReturnsNullSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/throwingoperatornewthrowsinvalidexception/ThrowingOperatorNewThrowsInvalidException.ql b/cpp/common/test/rules/throwingoperatornewthrowsinvalidexception/ThrowingOperatorNewThrowsInvalidException.ql index e4917831e5..072a5c7027 100644 --- a/cpp/common/test/rules/throwingoperatornewthrowsinvalidexception/ThrowingOperatorNewThrowsInvalidException.ql +++ b/cpp/common/test/rules/throwingoperatornewthrowsinvalidexception/ThrowingOperatorNewThrowsInvalidException.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.throwingoperatornewthrowsinvalidexception.ThrowingOperatorNewThrowsInvalidException -class TestFileQuery extends ThrowingOperatorNewThrowsInvalidExceptionSharedQuery, TestQuery { -} +class TestFileQuery extends ThrowingOperatorNewThrowsInvalidExceptionSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql b/cpp/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql index 6ae007bd39..11720fb8da 100644 --- a/cpp/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql +++ b/cpp/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.uncheckedrangedomainpoleerrors.UncheckedRangeDomainPoleErrors -class TestFileQuery extends UncheckedRangeDomainPoleErrorsSharedQuery, TestQuery { -} +class TestFileQuery extends UncheckedRangeDomainPoleErrorsSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql b/cpp/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql index 168b3a0b2e..316565cab7 100644 --- a/cpp/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql +++ b/cpp/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.undefinedmacroidentifiers.UndefinedMacroIdentifiers -class TestFileQuery extends UndefinedMacroIdentifiersSharedQuery, TestQuery { -} +class TestFileQuery extends UndefinedMacroIdentifiersSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql b/cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql index 3b1e4b7c56..3baad901da 100644 --- a/cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql +++ b/cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unnecessaryexposedidentifierdeclarationshared.UnnecessaryExposedIdentifierDeclarationShared -class TestFileQuery extends UnnecessaryExposedIdentifierDeclarationSharedSharedQuery, TestQuery { -} +class TestFileQuery extends UnnecessaryExposedIdentifierDeclarationSharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/unreachablecode/UnreachableCode.ql b/cpp/common/test/rules/unreachablecode/UnreachableCode.ql index 61554593fd..c394bfba3e 100644 --- a/cpp/common/test/rules/unreachablecode/UnreachableCode.ql +++ b/cpp/common/test/rules/unreachablecode/UnreachableCode.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unreachablecode.UnreachableCode -class TestFileQuery extends UnreachableCodeSharedQuery, TestQuery { -} +class TestFileQuery extends UnreachableCodeSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/unusedparameter/UnusedParameter.ql b/cpp/common/test/rules/unusedparameter/UnusedParameter.ql index 4dc2000dbb..e990a7dcf3 100644 --- a/cpp/common/test/rules/unusedparameter/UnusedParameter.ql +++ b/cpp/common/test/rules/unusedparameter/UnusedParameter.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unusedparameter.UnusedParameter -class TestFileQuery extends UnusedParameterSharedQuery, TestQuery { -} +class TestFileQuery extends UnusedParameterSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql b/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql index 76ccfec0f2..f1c09524d5 100644 --- a/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql +++ b/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unusedtypedeclarations.UnusedTypeDeclarations -class TestFileQuery extends UnusedTypeDeclarationsSharedQuery, TestQuery { -} +class TestFileQuery extends UnusedTypeDeclarationsSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql b/cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql index c8b9f229f4..f9997627b4 100644 --- a/cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql +++ b/cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.usageofassemblernotdocumented.UsageOfAssemblerNotDocumented -class TestFileQuery extends UsageOfAssemblerNotDocumentedSharedQuery, TestQuery { -} +class TestFileQuery extends UsageOfAssemblerNotDocumentedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/usecanonicalorderformemberinit/UseCanonicalOrderForMemberInit.ql b/cpp/common/test/rules/usecanonicalorderformemberinit/UseCanonicalOrderForMemberInit.ql index 6cee3d153d..c703151f75 100644 --- a/cpp/common/test/rules/usecanonicalorderformemberinit/UseCanonicalOrderForMemberInit.ql +++ b/cpp/common/test/rules/usecanonicalorderformemberinit/UseCanonicalOrderForMemberInit.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.usecanonicalorderformemberinit.UseCanonicalOrderForMemberInit -class TestFileQuery extends UseCanonicalOrderForMemberInitSharedQuery, TestQuery { -} +class TestFileQuery extends UseCanonicalOrderForMemberInitSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql b/cpp/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql index 7edd86ecab..55554bee07 100644 --- a/cpp/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql +++ b/cpp/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.useonlyarrayindexingforpointerarithmetic.UseOnlyArrayIndexingForPointerArithmetic -class TestFileQuery extends UseOnlyArrayIndexingForPointerArithmeticSharedQuery, TestQuery { -} +class TestFileQuery extends UseOnlyArrayIndexingForPointerArithmeticSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/validcontainerelementaccess/ValidContainerElementAccess.ql b/cpp/common/test/rules/validcontainerelementaccess/ValidContainerElementAccess.ql index 64e86b2ba5..5f61b8a2a9 100644 --- a/cpp/common/test/rules/validcontainerelementaccess/ValidContainerElementAccess.ql +++ b/cpp/common/test/rules/validcontainerelementaccess/ValidContainerElementAccess.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.validcontainerelementaccess.ValidContainerElementAccess -class TestFileQuery extends ValidContainerElementAccessSharedQuery, TestQuery { -} +class TestFileQuery extends ValidContainerElementAccessSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql b/cpp/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql index af84dd07c1..44947bf85a 100644 --- a/cpp/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql +++ b/cpp/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.wrapspuriousfunctioninloop.WrapSpuriousFunctionInLoop -class TestFileQuery extends WrapSpuriousFunctionInLoopSharedQuery, TestQuery { -} +class TestFileQuery extends WrapSpuriousFunctionInLoopSharedQuery, TestQuery { } diff --git a/scripts/generate_rules/generate_package_files.py b/scripts/generate_rules/generate_package_files.py index 98bc1b5595..7f9a63ef8d 100644 --- a/scripts/generate_rules/generate_package_files.py +++ b/scripts/generate_rules/generate_package_files.py @@ -182,8 +182,7 @@ def write_shared_implementation(package_name, rule_id, query, language_name, ql_ + "\n" ) f.write("\n"); - f.write("class TestFileQuery extends " + str(query["shared_implementation_short_name"]) + "SharedQuery, TestQuery {\n") - f.write("}\n") + f.write("class TestFileQuery extends " + str(query["shared_implementation_short_name"]) + "SharedQuery, TestQuery { }\n") # Create an empty test file, if one doesn't already exist shared_impl_test_dir.joinpath( From c12fb48a41b9295e7a9b9c6fbdfcff0244172d22 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 17 Oct 2023 12:59:08 +0100 Subject: [PATCH 1399/2573] Produce qlformat compliant shared query test files --- scripts/generate_rules/generate_package_files.py | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/scripts/generate_rules/generate_package_files.py b/scripts/generate_rules/generate_package_files.py index 7f9a63ef8d..6dabec0a92 100644 --- a/scripts/generate_rules/generate_package_files.py +++ b/scripts/generate_rules/generate_package_files.py @@ -181,8 +181,19 @@ def write_shared_implementation(package_name, rule_id, query, language_name, ql_ .replace("/", ".") + "\n" ) - f.write("\n"); - f.write("class TestFileQuery extends " + str(query["shared_implementation_short_name"]) + "SharedQuery, TestQuery { }\n") + f.write("\n") + class_name = str(query["shared_implementation_short_name"]) + "SharedQuery" + f.write("class TestFileQuery extends " + class_name + ",") + # ql formatting of this line depends on the line length + if len(class_name) > 61: + # Line break required after comma + f.write("\n TestQuery\n{ }\n") + elif len(class_name) > 57: + # Line break required after `{` + f.write(" TestQuery {\n}\n") + else: + # Under 100 characters, can be formatted on the same line + f.write(" TestQuery { }\n") # Create an empty test file, if one doesn't already exist shared_impl_test_dir.joinpath( From 59413ff7a5a5bc89ef6412eb1300163d6c7caa12 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 17 Oct 2023 14:22:58 +0100 Subject: [PATCH 1400/2573] Fix formatting checks in PRs --- .github/workflows/validate-coding-standards.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/validate-coding-standards.yml b/.github/workflows/validate-coding-standards.yml index aad7a435b1..84b91f5280 100644 --- a/.github/workflows/validate-coding-standards.yml +++ b/.github/workflows/validate-coding-standards.yml @@ -89,7 +89,7 @@ jobs: - name: Validate CodeQL Format (CPP) run: | - find cpp -name \*.ql -or -name \*.qll -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql query format --in-place + find cpp \( -name \*.ql -or -name \*.qll \) -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql query format --in-place git diff git diff --compact-summary @@ -97,7 +97,7 @@ jobs: - name: Validate CodeQL Format (C) run: | - find c -name \*.ql -or -name \*.qll -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql query format --in-place + find c \( -name \*.ql -or -name \*.qll \) -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql query format --in-place git diff git diff --compact-summary From 84ee49caeaf17445ab98eca4d2d9327bd50f6ec8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 17 Oct 2023 20:57:56 +0000 Subject: [PATCH 1401/2573] Bump urllib3 from 2.0.6 to 2.0.7 in /scripts/upgrade-codeql-dependencies Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.0.6 to 2.0.7. - [Release notes](https://github.com/urllib3/urllib3/releases) - [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst) - [Commits](https://github.com/urllib3/urllib3/compare/2.0.6...2.0.7) --- updated-dependencies: - dependency-name: urllib3 dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- scripts/upgrade-codeql-dependencies/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/upgrade-codeql-dependencies/requirements.txt b/scripts/upgrade-codeql-dependencies/requirements.txt index 4ad888505b..113e67fe3b 100644 --- a/scripts/upgrade-codeql-dependencies/requirements.txt +++ b/scripts/upgrade-codeql-dependencies/requirements.txt @@ -3,4 +3,4 @@ charset-normalizer==3.2.0 idna==3.4 requests==2.31.0 semantic-version==2.10.0 -urllib3==2.0.6 +urllib3==2.0.7 From 25dff7ca5cfa01ba27d3541013f7cc039f10350a Mon Sep 17 00:00:00 2001 From: lcartey Date: Sun, 22 Oct 2023 22:02:24 +0000 Subject: [PATCH 1402/2573] Upgrading `github/codeql` dependency to 2.14.6 --- supported_codeql_configs.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/supported_codeql_configs.json b/supported_codeql_configs.json index 3a38b4bb26..227f41babd 100644 --- a/supported_codeql_configs.json +++ b/supported_codeql_configs.json @@ -1,9 +1,9 @@ { "supported_environment": [ { - "codeql_cli": "2.13.5", - "codeql_standard_library": "codeql-cli/v2.13.5", - "codeql_cli_bundle": "codeql-bundle-v2.13.5" + "codeql_cli": "2.14.6", + "codeql_standard_library": "codeql-cli/v2.14.6", + "codeql_cli_bundle": "codeql-bundle-v2.14.6" } ], "supported_language": [ From c5dc05b3fcc25300a6e30b94779b7042a0abc44c Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 22 Oct 2023 23:28:45 +0100 Subject: [PATCH 1403/2573] Upgrade CodeQL pack dependencies for 2.14.6 --- c/cert/src/codeql-pack.lock.yml | 10 ++++++---- c/cert/src/qlpack.yml | 2 +- c/cert/test/codeql-pack.lock.yml | 10 ++++++---- c/common/src/codeql-pack.lock.yml | 10 ++++++---- c/common/src/qlpack.yml | 2 +- c/common/test/codeql-pack.lock.yml | 10 ++++++---- c/misra/src/codeql-pack.lock.yml | 10 ++++++---- c/misra/src/qlpack.yml | 2 +- c/misra/test/codeql-pack.lock.yml | 10 ++++++---- cpp/autosar/src/codeql-pack.lock.yml | 10 ++++++---- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/codeql-pack.lock.yml | 10 ++++++---- cpp/cert/src/codeql-pack.lock.yml | 10 ++++++---- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/codeql-pack.lock.yml | 10 ++++++---- cpp/common/src/codeql-pack.lock.yml | 10 ++++++---- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/codeql-pack.lock.yml | 10 ++++++---- cpp/misra/src/codeql-pack.lock.yml | 10 ++++++---- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/codeql-pack.lock.yml | 10 ++++++---- cpp/report/src/codeql-pack.lock.yml | 10 ++++++---- cpp/report/src/qlpack.yml | 2 +- scripts/generate_modules/queries/codeql-pack.lock.yml | 10 ++++++---- scripts/generate_modules/queries/qlpack.yml | 2 +- 25 files changed, 105 insertions(+), 73 deletions(-) diff --git a/c/cert/src/codeql-pack.lock.yml b/c/cert/src/codeql-pack.lock.yml index a2bd966ce1..514e6963d0 100644 --- a/c/cert/src/codeql-pack.lock.yml +++ b/c/cert/src/codeql-pack.lock.yml @@ -2,11 +2,13 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.7.4 + version: 0.9.3 + codeql/dataflow: + version: 0.0.4 codeql/ssa: - version: 0.0.19 + version: 0.1.5 codeql/tutorial: - version: 0.0.12 + version: 0.1.5 codeql/util: - version: 0.0.12 + version: 0.1.5 compiled: false diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index 1502c25759..d584e57d97 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -5,4 +5,4 @@ suites: codeql-suites license: MIT dependencies: codeql/common-c-coding-standards: '*' - codeql/cpp-all: 0.7.4 + codeql/cpp-all: 0.9.3 diff --git a/c/cert/test/codeql-pack.lock.yml b/c/cert/test/codeql-pack.lock.yml index a2bd966ce1..514e6963d0 100644 --- a/c/cert/test/codeql-pack.lock.yml +++ b/c/cert/test/codeql-pack.lock.yml @@ -2,11 +2,13 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.7.4 + version: 0.9.3 + codeql/dataflow: + version: 0.0.4 codeql/ssa: - version: 0.0.19 + version: 0.1.5 codeql/tutorial: - version: 0.0.12 + version: 0.1.5 codeql/util: - version: 0.0.12 + version: 0.1.5 compiled: false diff --git a/c/common/src/codeql-pack.lock.yml b/c/common/src/codeql-pack.lock.yml index a2bd966ce1..514e6963d0 100644 --- a/c/common/src/codeql-pack.lock.yml +++ b/c/common/src/codeql-pack.lock.yml @@ -2,11 +2,13 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.7.4 + version: 0.9.3 + codeql/dataflow: + version: 0.0.4 codeql/ssa: - version: 0.0.19 + version: 0.1.5 codeql/tutorial: - version: 0.0.12 + version: 0.1.5 codeql/util: - version: 0.0.12 + version: 0.1.5 compiled: false diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 66299833e7..75d0521b99 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -3,4 +3,4 @@ version: 2.22.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.7.4 + codeql/cpp-all: 0.9.3 diff --git a/c/common/test/codeql-pack.lock.yml b/c/common/test/codeql-pack.lock.yml index a2bd966ce1..514e6963d0 100644 --- a/c/common/test/codeql-pack.lock.yml +++ b/c/common/test/codeql-pack.lock.yml @@ -2,11 +2,13 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.7.4 + version: 0.9.3 + codeql/dataflow: + version: 0.0.4 codeql/ssa: - version: 0.0.19 + version: 0.1.5 codeql/tutorial: - version: 0.0.12 + version: 0.1.5 codeql/util: - version: 0.0.12 + version: 0.1.5 compiled: false diff --git a/c/misra/src/codeql-pack.lock.yml b/c/misra/src/codeql-pack.lock.yml index a2bd966ce1..514e6963d0 100644 --- a/c/misra/src/codeql-pack.lock.yml +++ b/c/misra/src/codeql-pack.lock.yml @@ -2,11 +2,13 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.7.4 + version: 0.9.3 + codeql/dataflow: + version: 0.0.4 codeql/ssa: - version: 0.0.19 + version: 0.1.5 codeql/tutorial: - version: 0.0.12 + version: 0.1.5 codeql/util: - version: 0.0.12 + version: 0.1.5 compiled: false diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 26ff8140fb..45a668f52c 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -5,4 +5,4 @@ suites: codeql-suites license: MIT dependencies: codeql/common-c-coding-standards: '*' - codeql/cpp-all: 0.7.4 + codeql/cpp-all: 0.9.3 diff --git a/c/misra/test/codeql-pack.lock.yml b/c/misra/test/codeql-pack.lock.yml index a2bd966ce1..514e6963d0 100644 --- a/c/misra/test/codeql-pack.lock.yml +++ b/c/misra/test/codeql-pack.lock.yml @@ -2,11 +2,13 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.7.4 + version: 0.9.3 + codeql/dataflow: + version: 0.0.4 codeql/ssa: - version: 0.0.19 + version: 0.1.5 codeql/tutorial: - version: 0.0.12 + version: 0.1.5 codeql/util: - version: 0.0.12 + version: 0.1.5 compiled: false diff --git a/cpp/autosar/src/codeql-pack.lock.yml b/cpp/autosar/src/codeql-pack.lock.yml index a2bd966ce1..514e6963d0 100644 --- a/cpp/autosar/src/codeql-pack.lock.yml +++ b/cpp/autosar/src/codeql-pack.lock.yml @@ -2,11 +2,13 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.7.4 + version: 0.9.3 + codeql/dataflow: + version: 0.0.4 codeql/ssa: - version: 0.0.19 + version: 0.1.5 codeql/tutorial: - version: 0.0.12 + version: 0.1.5 codeql/util: - version: 0.0.12 + version: 0.1.5 compiled: false diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index 557ad5c32e..356285a5b9 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -5,4 +5,4 @@ suites: codeql-suites license: MIT dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.7.4 + codeql/cpp-all: 0.9.3 diff --git a/cpp/autosar/test/codeql-pack.lock.yml b/cpp/autosar/test/codeql-pack.lock.yml index a2bd966ce1..514e6963d0 100644 --- a/cpp/autosar/test/codeql-pack.lock.yml +++ b/cpp/autosar/test/codeql-pack.lock.yml @@ -2,11 +2,13 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.7.4 + version: 0.9.3 + codeql/dataflow: + version: 0.0.4 codeql/ssa: - version: 0.0.19 + version: 0.1.5 codeql/tutorial: - version: 0.0.12 + version: 0.1.5 codeql/util: - version: 0.0.12 + version: 0.1.5 compiled: false diff --git a/cpp/cert/src/codeql-pack.lock.yml b/cpp/cert/src/codeql-pack.lock.yml index a2bd966ce1..514e6963d0 100644 --- a/cpp/cert/src/codeql-pack.lock.yml +++ b/cpp/cert/src/codeql-pack.lock.yml @@ -2,11 +2,13 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.7.4 + version: 0.9.3 + codeql/dataflow: + version: 0.0.4 codeql/ssa: - version: 0.0.19 + version: 0.1.5 codeql/tutorial: - version: 0.0.12 + version: 0.1.5 codeql/util: - version: 0.0.12 + version: 0.1.5 compiled: false diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index b1627c03e5..a73ff2fd41 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -4,5 +4,5 @@ description: CERT C++ 2016 suites: codeql-suites license: MIT dependencies: - codeql/cpp-all: 0.7.4 + codeql/cpp-all: 0.9.3 codeql/common-cpp-coding-standards: '*' diff --git a/cpp/cert/test/codeql-pack.lock.yml b/cpp/cert/test/codeql-pack.lock.yml index a2bd966ce1..514e6963d0 100644 --- a/cpp/cert/test/codeql-pack.lock.yml +++ b/cpp/cert/test/codeql-pack.lock.yml @@ -2,11 +2,13 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.7.4 + version: 0.9.3 + codeql/dataflow: + version: 0.0.4 codeql/ssa: - version: 0.0.19 + version: 0.1.5 codeql/tutorial: - version: 0.0.12 + version: 0.1.5 codeql/util: - version: 0.0.12 + version: 0.1.5 compiled: false diff --git a/cpp/common/src/codeql-pack.lock.yml b/cpp/common/src/codeql-pack.lock.yml index a2bd966ce1..514e6963d0 100644 --- a/cpp/common/src/codeql-pack.lock.yml +++ b/cpp/common/src/codeql-pack.lock.yml @@ -2,11 +2,13 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.7.4 + version: 0.9.3 + codeql/dataflow: + version: 0.0.4 codeql/ssa: - version: 0.0.19 + version: 0.1.5 codeql/tutorial: - version: 0.0.12 + version: 0.1.5 codeql/util: - version: 0.0.12 + version: 0.1.5 compiled: false diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index 8fbf9b0529..ebb90b8fa1 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/common-cpp-coding-standards version: 2.22.0-dev license: MIT dependencies: - codeql/cpp-all: 0.7.4 + codeql/cpp-all: 0.9.3 diff --git a/cpp/common/test/codeql-pack.lock.yml b/cpp/common/test/codeql-pack.lock.yml index a2bd966ce1..514e6963d0 100644 --- a/cpp/common/test/codeql-pack.lock.yml +++ b/cpp/common/test/codeql-pack.lock.yml @@ -2,11 +2,13 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.7.4 + version: 0.9.3 + codeql/dataflow: + version: 0.0.4 codeql/ssa: - version: 0.0.19 + version: 0.1.5 codeql/tutorial: - version: 0.0.12 + version: 0.1.5 codeql/util: - version: 0.0.12 + version: 0.1.5 compiled: false diff --git a/cpp/misra/src/codeql-pack.lock.yml b/cpp/misra/src/codeql-pack.lock.yml index a2bd966ce1..514e6963d0 100644 --- a/cpp/misra/src/codeql-pack.lock.yml +++ b/cpp/misra/src/codeql-pack.lock.yml @@ -2,11 +2,13 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.7.4 + version: 0.9.3 + codeql/dataflow: + version: 0.0.4 codeql/ssa: - version: 0.0.19 + version: 0.1.5 codeql/tutorial: - version: 0.0.12 + version: 0.1.5 codeql/util: - version: 0.0.12 + version: 0.1.5 compiled: false diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index df123061d3..b5dc482483 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -5,4 +5,4 @@ suites: codeql-suites license: MIT dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.7.4 + codeql/cpp-all: 0.9.3 diff --git a/cpp/misra/test/codeql-pack.lock.yml b/cpp/misra/test/codeql-pack.lock.yml index a2bd966ce1..514e6963d0 100644 --- a/cpp/misra/test/codeql-pack.lock.yml +++ b/cpp/misra/test/codeql-pack.lock.yml @@ -2,11 +2,13 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.7.4 + version: 0.9.3 + codeql/dataflow: + version: 0.0.4 codeql/ssa: - version: 0.0.19 + version: 0.1.5 codeql/tutorial: - version: 0.0.12 + version: 0.1.5 codeql/util: - version: 0.0.12 + version: 0.1.5 compiled: false diff --git a/cpp/report/src/codeql-pack.lock.yml b/cpp/report/src/codeql-pack.lock.yml index a2bd966ce1..514e6963d0 100644 --- a/cpp/report/src/codeql-pack.lock.yml +++ b/cpp/report/src/codeql-pack.lock.yml @@ -2,11 +2,13 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.7.4 + version: 0.9.3 + codeql/dataflow: + version: 0.0.4 codeql/ssa: - version: 0.0.19 + version: 0.1.5 codeql/tutorial: - version: 0.0.12 + version: 0.1.5 codeql/util: - version: 0.0.12 + version: 0.1.5 compiled: false diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index f6d9c57f32..7acfe4cf12 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/report-cpp-coding-standards version: 2.22.0-dev license: MIT dependencies: - codeql/cpp-all: 0.7.4 + codeql/cpp-all: 0.9.3 diff --git a/scripts/generate_modules/queries/codeql-pack.lock.yml b/scripts/generate_modules/queries/codeql-pack.lock.yml index a2bd966ce1..514e6963d0 100644 --- a/scripts/generate_modules/queries/codeql-pack.lock.yml +++ b/scripts/generate_modules/queries/codeql-pack.lock.yml @@ -2,11 +2,13 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.7.4 + version: 0.9.3 + codeql/dataflow: + version: 0.0.4 codeql/ssa: - version: 0.0.19 + version: 0.1.5 codeql/tutorial: - version: 0.0.12 + version: 0.1.5 codeql/util: - version: 0.0.12 + version: 0.1.5 compiled: false diff --git a/scripts/generate_modules/queries/qlpack.yml b/scripts/generate_modules/queries/qlpack.yml index fa9e608c9d..4f3768cd79 100644 --- a/scripts/generate_modules/queries/qlpack.yml +++ b/scripts/generate_modules/queries/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/standard-library-extraction-cpp-coding-standards version: 0.0.0 license: MIT dependencies: - codeql/cpp-all: 0.7.4 + codeql/cpp-all: 0.9.3 From 73736d9040ebfdfb587b3da5e5bb71f8f6ef4704 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 23 Oct 2023 00:09:11 +0100 Subject: [PATCH 1404/2573] A7-3-1: Exclude private member functions Private member functions can't be inherited. --- change_notes/2023-09-28-a7-3-1-updates.md | 3 ++- .../HiddenInheritedNonOverridableMemberFunction.ql | 4 +++- .../A7-3-1/HiddenInheritedOverridableMemberFunction.ql | 2 ++ ...iddenInheritedNonOverridableMemberFunction.expected | 2 +- .../HiddenInheritedOverridableMemberFunction.expected | 10 +++++----- cpp/autosar/test/rules/A7-3-1/test.cpp | 10 ++++++++++ 6 files changed, 23 insertions(+), 8 deletions(-) diff --git a/change_notes/2023-09-28-a7-3-1-updates.md b/change_notes/2023-09-28-a7-3-1-updates.md index 68ce080cbe..f56d706e74 100644 --- a/change_notes/2023-09-28-a7-3-1-updates.md +++ b/change_notes/2023-09-28-a7-3-1-updates.md @@ -3,4 +3,5 @@ - Reduce duplication when reporting the hidden function by reporting only one declaration entry. - Improve performance by eliminating a number of bad join orders. - Fix false positives where the using declaration occurred after the function declaration. - - Exclude special member functions, which cannot be inherited. \ No newline at end of file + - Exclude special member functions, which cannot be inherited. + - Exclude private member functions, which cannot be inherited. \ No newline at end of file diff --git a/cpp/autosar/src/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.ql b/cpp/autosar/src/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.ql index dab395777e..fa1859c229 100644 --- a/cpp/autosar/src/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.ql +++ b/cpp/autosar/src/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.ql @@ -24,7 +24,9 @@ pragma[noinline, nomagic] predicate hasNonVirtualMemberFunction(Class clazz, MemberFunction mf, string name) { mf.getDeclaringType() = clazz and mf.getName() = name and - not mf.isVirtual() + not mf.isVirtual() and + // Exclude private member functions, which cannot be inherited. + not mf.isPrivate() } /** diff --git a/cpp/autosar/src/rules/A7-3-1/HiddenInheritedOverridableMemberFunction.ql b/cpp/autosar/src/rules/A7-3-1/HiddenInheritedOverridableMemberFunction.ql index f0200f684a..437c8798f9 100644 --- a/cpp/autosar/src/rules/A7-3-1/HiddenInheritedOverridableMemberFunction.ql +++ b/cpp/autosar/src/rules/A7-3-1/HiddenInheritedOverridableMemberFunction.ql @@ -21,6 +21,8 @@ where not isExcluded(overridingDecl, ScopePackage::hiddenInheritedOverridableMemberFunctionQuery()) and // Check if we are overriding a virtual inherited member function hiddenDecl.getDeclaration().isVirtual() and + // Exclude private member functions, which cannot be inherited. + not hiddenDecl.getDeclaration().(MemberFunction).isPrivate() and // The overriding declaration hides the hidden declaration if: ( // 1. the overriding declaration overrides a function in a base class that is an overload of the hidden declaration diff --git a/cpp/autosar/test/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.expected b/cpp/autosar/test/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.expected index bf75699c4d..dc762e5a2d 100644 --- a/cpp/autosar/test/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.expected +++ b/cpp/autosar/test/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.expected @@ -1 +1 @@ -| test.cpp:16:8:16:9 | f1 | Declaration for member 'f1' hides non-overridable inherited member function $@ | test.cpp:7:8:7:9 | f1 | f1 | +| test.cpp:20:8:20:9 | f1 | Declaration for member 'f1' hides non-overridable inherited member function $@ | test.cpp:7:8:7:9 | f1 | f1 | diff --git a/cpp/autosar/test/rules/A7-3-1/HiddenInheritedOverridableMemberFunction.expected b/cpp/autosar/test/rules/A7-3-1/HiddenInheritedOverridableMemberFunction.expected index c2f8ee1f40..2e0e8809e8 100644 --- a/cpp/autosar/test/rules/A7-3-1/HiddenInheritedOverridableMemberFunction.expected +++ b/cpp/autosar/test/rules/A7-3-1/HiddenInheritedOverridableMemberFunction.expected @@ -1,5 +1,5 @@ -| test.cpp:18:8:18:9 | declaration of f2 | Declaration for member 'f2' hides overridable inherited member function $@ | test.cpp:9:16:9:17 | declaration of f2 | f2 | -| test.cpp:18:8:18:9 | declaration of f2 | Declaration for member 'f2' hides overridable inherited member function $@ | test.cpp:11:16:11:17 | declaration of f2 | f2 | -| test.cpp:23:8:23:9 | declaration of f2 | Declaration for member 'f2' hides overridable inherited member function $@ | test.cpp:9:16:9:17 | declaration of f2 | f2 | -| test.cpp:23:8:23:9 | declaration of f2 | Declaration for member 'f2' hides overridable inherited member function $@ | test.cpp:10:16:10:17 | declaration of f2 | f2 | -| test.cpp:23:8:23:9 | declaration of f2 | Declaration for member 'f2' hides overridable inherited member function $@ | test.cpp:11:16:11:17 | declaration of f2 | f2 | +| test.cpp:22:8:22:9 | declaration of f2 | Declaration for member 'f2' hides overridable inherited member function $@ | test.cpp:9:16:9:17 | declaration of f2 | f2 | +| test.cpp:22:8:22:9 | declaration of f2 | Declaration for member 'f2' hides overridable inherited member function $@ | test.cpp:11:16:11:17 | declaration of f2 | f2 | +| test.cpp:27:8:27:9 | declaration of f2 | Declaration for member 'f2' hides overridable inherited member function $@ | test.cpp:9:16:9:17 | declaration of f2 | f2 | +| test.cpp:27:8:27:9 | declaration of f2 | Declaration for member 'f2' hides overridable inherited member function $@ | test.cpp:10:16:10:17 | declaration of f2 | f2 | +| test.cpp:27:8:27:9 | declaration of f2 | Declaration for member 'f2' hides overridable inherited member function $@ | test.cpp:11:16:11:17 | declaration of f2 | f2 | diff --git a/cpp/autosar/test/rules/A7-3-1/test.cpp b/cpp/autosar/test/rules/A7-3-1/test.cpp index 667ee63579..c0904238c3 100644 --- a/cpp/autosar/test/rules/A7-3-1/test.cpp +++ b/cpp/autosar/test/rules/A7-3-1/test.cpp @@ -9,6 +9,10 @@ class C1 { virtual void f2(int); virtual void f2(double); virtual void f2(S1); + +private: + void f3(int); + void f4(int); }; class C2 : public C1 { @@ -81,4 +85,10 @@ void f2() { class C6 : public C1 { public: C6 &operator=(const C6 &); // COMPLIANT +}; + +class C7 : public C1 { + void f3(int); // COMPLIANT + + void f4(int); // COMPLIANT }; \ No newline at end of file From 6aee03ef5ac577d77fbf034a46a6637f31aefbee Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 23 Oct 2023 22:03:46 +0100 Subject: [PATCH 1405/2573] Suppress dataflow deprecation warning In CodeQL CLI 2.14 it is not possible to include deprecation warnings in test files because the paths are absolute, and so are not portable between different systems. We avoid the deprecation warning for now by copying the relevant parts of the dataflow library and removing the deprecation warning. This workaround can be removed when we upgrade to 2.15, as the deprecation warning has been fixed to not use absolute paths. --- ...interArithmeticOnNonArrayObjectPointers.ql | 2 +- ...otAddOrSubtractAScaledIntegerToAPointer.ql | 2 +- .../CON30-C/CleanUpThreadSpecificStorage.ql | 4 +- ...AppropriateThreadObjectStorageDurations.ql | 4 +- ...eadObjectStorageDurationsNotInitialized.ql | 4 +- ...propriateStorageDurationsFunctionReturn.ql | 2 +- .../ERR30-C/FunctionCallBeforeErrnoCheck.ql | 2 +- ...nOrderOfFunctionArgumentsForSideEffects.ql | 4 +- ...PointerToMoreStrictlyAlignedPointerType.ql | 4 +- ...CallFunctionPointerWithIncompatibleType.ql | 2 +- ...essVariableViaPointerOfIncompatibleType.ql | 2 +- .../EXP40-C/DoNotModifyConstantObjects.ql | 2 +- ...sAliasedPointerToRestrictQualifiedParam.ql | 2 +- ...trictPointerReferencesOverlappingObject.ql | 2 +- ...sfulFgetsOrFgetwsMayReturnAnEmptyString.ql | 2 +- ...uesForFsetposThatAreReturnedFromFgetpos.ql | 2 +- ...ToctouRaceConditionsWhileAccessingFiles.ql | 2 +- .../InsufficientMemoryAllocatedForObject.ql | 2 +- ...DoNotModifyAlignmentOfMemoryWithRealloc.ql | 2 +- ...oNotPassInvalidDataToTheAsctimeFunction.ql | 2 +- ...ArgOnAVaListThatHasAnIndeterminateValue.ql | 2 +- ...yAsyncSafeFunctionsWithinSignalHandlers.ql | 2 +- ...eturnFromAComputationalExceptionHandler.ql | 2 +- .../DoNotAttemptToModifyStringLiterals.ql | 2 +- ...sHasSufficientSpaceForTheNullTerminator.ql | 2 +- ...lTerminatedToFunctionThatExpectsAString.ql | 2 +- ...bleLengthArraySizeNotInValidRange.expected | 2 - ...rithmeticOnNonArrayObjectPointers.expected | 7 ---- ...rSubtractAScaledIntegerToAPointer.expected | 6 --- .../CleanUpThreadSpecificStorage.expected | 5 --- ...riateThreadObjectStorageDurations.expected | 8 ---- ...ectStorageDurationsNotInitialized.expected | 5 --- ...ateStorageDurationsFunctionReturn.expected | 5 --- .../ERR30-C/ErrnoReadBeforeReturn.expected | 1 - .../ERR30-C/SetlocaleMightSetErrno.expected | 1 - ...tRelyOnIndeterminateValuesOfErrno.expected | 4 -- ...ectAndHandleStandardLibraryErrors.expected | 1 - ...OfFunctionArgumentsForSideEffects.expected | 24 ------------ ...rToMoreStrictlyAlignedPointerType.expected | 11 ------ ...nctionPointerWithIncompatibleType.expected | 6 --- ...iableViaPointerOfIncompatibleType.expected | 16 -------- .../DoNotModifyConstantObjects.expected | 6 --- ...edPointerToRestrictQualifiedParam.expected | 11 ------ ...ointerReferencesOverlappingObject.expected | 6 --- ...esetStringsOnFgetsOrFgetwsFailure.expected | 3 -- ...FsetposThatAreReturnedFromFgetpos.expected | 4 -- ...RaceConditionsWhileAccessingFiles.expected | 1 - ...ufficientMemoryAllocatedForObject.expected | 2 - ...odifyAlignmentOfMemoryWithRealloc.expected | 7 ---- ...ssInvalidDataToTheAsctimeFunction.expected | 3 -- ...VaListThatHasAnIndeterminateValue.expected | 6 --- ...SafeFunctionsWithinSignalHandlers.expected | 3 -- ...romAComputationalExceptionHandler.expected | 1 - ...oNotAttemptToModifyStringLiterals.expected | 14 ------- ...fficientSpaceForTheNullTerminator.expected | 6 --- ...natedToFunctionThatExpectsAString.expected | 9 ----- c/common/src/codingstandards/c/Errno.qll | 2 +- .../src/codingstandards/c/OutOfBounds.qll | 2 +- c/common/src/codingstandards/c/Signal.qll | 2 +- .../ArrayFunctionArgumentNumberOfElements.ql | 2 +- .../ValueReturnedByAFunctionNotUsed.ql | 2 +- .../ObjectCopiedToAnOverlappingObject.ql | 2 +- ...emcmpUsedToCompareNullTerminatedStrings.ql | 2 +- ...leOpenForReadAndWriteOnDifferentStreams.ql | 2 +- .../AttemptToWriteToAReadOnlyStream.ql | 2 +- ...yFunctionArgumentNumberOfElements.expected | 5 --- ...sedToCompareNullTerminatedStrings.expected | 10 ----- ...ForReadAndWriteOnDifferentStreams.expected | 1 - .../AttemptToWriteToAReadOnlyStream.expected | 5 --- ...omparedWithUnmodifiedReturnValues.expected | 7 ---- ...OnlyPerformConversionOfPassedParameters.ql | 2 +- .../A13-2-1/AssignmentOperatorReturnThis.ql | 2 +- .../A15-1-3/ThrownExceptionsShouldBeUnique.ql | 2 +- ...structorErrorLeavesObjectInInvalidState.ql | 2 +- ...AnElementOfAnArrayPassedToASmartPointer.ql | 2 +- .../rules/A18-5-2/DoNotUseNonPlacementNew.ql | 2 +- .../A18-5-8/UnnecessaryUseOfDynamicStorage.ql | 2 +- .../ArgumentToForwardSubsequentlyUsed.ql | 2 +- ...SharedPointerUsedWithNoOwnershipSharing.ql | 2 +- .../src/rules/A27-0-4/CStyleStringsUsed.ql | 2 +- ...hmeticUsedWithPointersToNonFinalClasses.ql | 2 +- .../rules/A5-1-7/LambdaPassedToDecltype.ql | 2 +- .../src/rules/A5-1-7/LambdaPassedToTypeid.ql | 2 +- .../rules/A7-5-1/InvalidFunctionReturnType.ql | 2 +- ...nterAsParameterWithoutLifetimeSemantics.ql | 2 +- ...trPassedToFunctionWithImproperSemantics.ql | 2 +- .../FunctionReturnMultipleValueCondition.ql | 2 +- ...ersOrReferencesToPrivateOrProtectedData.ql | 2 +- .../FunctionErroneousReturnValueNotTested.ql | 2 +- ...epresentationsOfFloatingPointValuesUsed.ql | 2 +- .../PointerSubtractionOnDifferentArrays.ql | 2 +- ...ointerToAVirtualBaseClassCastToAPointer.ql | 2 +- ...nstMemberFunctionReturnsNonConstPointer.ql | 2 +- ...rformConversionOfPassedParameters.expected | 3 -- .../AssignmentOperatorReturnThis.expected | 1 - .../ThrownExceptionsShouldBeUnique.expected | 1 - ...orErrorLeavesObjectInInvalidState.expected | 9 ----- ...entOfAnArrayPassedToASmartPointer.expected | 6 --- .../UnnecessaryUseOfDynamicStorage.expected | 4 -- ...ArgumentToForwardSubsequentlyUsed.expected | 3 -- ...PointerUsedWithNoOwnershipSharing.expected | 1 - .../rules/A27-0-4/CStyleStringsUsed.expected | 3 -- ...UsedWithPointersToNonFinalClasses.expected | 6 --- .../A5-1-7/LambdaPassedToDecltype.expected | 5 --- .../A5-1-7/LambdaPassedToTypeid.expected | 6 --- .../A7-5-1/InvalidFunctionReturnType.expected | 3 -- ...ParameterWithoutLifetimeSemantics.expected | 2 - ...edToFunctionWithImproperSemantics.expected | 2 - ...tParametersDeclaredAsTNotModified.expected | 2 - ...eferencesToPrivateOrProtectedData.expected | 3 -- ...tionErroneousReturnValueNotTested.expected | 3 -- ...ntationsOfFloatingPointValuesUsed.expected | 3 -- ...berFunctionReturnsNonConstPointer.expected | 2 - ...GenericCppLibraryFunctionsDoNotOverflow.ql | 2 +- ...sePointerArithmeticOnPolymorphicObjects.ql | 2 +- ...fectsInFunctionCallsAsFunctionArguments.ql | 4 +- ...nArrayThroughAPointerOfTheIncorrectType.ql | 2 +- .../DetectAndHandleMemoryAllocationErrors.ql | 2 +- .../MEM53-CPP/ManuallyManagedLifetime.qll | 4 +- ...ConstructorCallForManuallyManagedObject.ql | 2 +- ...gDestructorCallForManuallyManagedObject.ql | 2 +- .../BadlySeededRandomNumberGenerator.ql | 2 +- ...cCppLibraryFunctionsDoNotOverflow.expected | 9 ----- .../CTR53-CPP/UseValidIteratorRanges.expected | 6 --- ...terArithmeticOnPolymorphicObjects.expected | 6 --- ...nFunctionCallsAsFunctionArguments.expected | 24 ------------ ...ThroughAPointerOfTheIncorrectType.expected | 6 --- ...ctAndHandleMemoryAllocationErrors.expected | 6 --- ...uctorCallForManuallyManagedObject.expected | 3 -- ...uctorCallForManuallyManagedObject.expected | 3 -- .../BadlySeededRandomNumberGenerator.expected | 1 - .../src/codingstandards/cpp/AccessPath.qll | 2 +- .../src/codingstandards/cpp/Allocations.qll | 2 +- .../src/codingstandards/cpp/Concurrency.qll | 2 +- .../src/codingstandards/cpp/ConstHelpers.qll | 2 +- .../cpp/FgetsErrorManagement.qll | 2 +- .../src/codingstandards/cpp/Iterators.qll | 4 +- .../src/codingstandards/cpp/Nullness.qll | 4 +- .../src/codingstandards/cpp/Overflow.qll | 2 +- .../codingstandards/cpp/ReadErrorsAndEOF.qll | 2 +- .../src/codingstandards/cpp/SideEffect.qll | 2 +- .../src/codingstandards/cpp/SmartPointers.qll | 2 +- .../cpp/allocations/PlacementNew.qll | 2 +- .../codingstandards/cpp/dataflow/DataFlow.qll | 36 ++++++++++++++++++ .../cpp/dataflow/DataFlow2.qll | 25 +++++++++++++ .../cpp/dataflow/TaintTracking.qll | 37 +++++++++++++++++++ .../cpp/resources/ResourceManagement.qll | 2 +- ...onExistingMemberThroughPointerToMember.qll | 2 +- ...essOfUndefinedMemberThroughNullPointer.qll | 2 +- ...emberThroughUninitializedStaticPointer.qll | 2 +- .../BasicStringMayNotBeNullTerminated.qll | 4 +- .../ConstLikeReturnValue.qll | 2 +- .../ContainerAccessWithoutRangeCheck.qll | 2 +- .../DanglingCaptureWhenMovingLambdaObject.qll | 2 +- ...nglingCaptureWhenReturningLambdaObject.qll | 2 +- .../DoNotAccessAClosedFile.qll | 2 +- ...otAllowAMutexToGoOutOfScopeWhileLocked.qll | 2 +- .../DoNotDestroyAMutexWhileItIsLocked.qll | 2 +- ...tractPointersAddressingDifferentArrays.qll | 2 +- ...nterArithmeticToAddressDifferentArrays.qll | 2 +- ...RelationalOperatorsWithDifferingArrays.qll | 2 +- .../InvalidatedEnvStringPointers.qll | 2 +- .../InvalidatedEnvStringPointersWarn.qll | 2 +- .../IOFstreamMissingPositioning.qll | 2 +- .../MovedFromObjectsUnspecifiedState.qll | 2 +- .../nonconstantformat/NonConstantFormat.qll | 2 +- ...lyFreeMemoryAllocatedDynamicallyShared.qll | 4 +- ...nterValueStoredInUnrelatedSmartPointer.qll | 2 +- .../PlacementNewInsufficientStorage.qll | 2 +- .../PlacementNewNotProperlyAligned.qll | 2 +- ...tringNumberConversionMissingErrorCheck.qll | 2 +- .../ThrowingOperatorNewReturnsNull.qll | 2 +- ...eOnlyArrayIndexingForPointerArithmetic.qll | 2 +- .../cpp/standardlibrary/FileStreams.qll | 4 +- .../UnusedReturnValue.ql | 2 +- .../UnusedReturnValue.ql | 2 +- .../UnusedReturnValue.ql | 2 +- 177 files changed, 220 insertions(+), 466 deletions(-) create mode 100644 cpp/common/src/codingstandards/cpp/dataflow/DataFlow.qll create mode 100644 cpp/common/src/codingstandards/cpp/dataflow/DataFlow2.qll create mode 100644 cpp/common/src/codingstandards/cpp/dataflow/TaintTracking.qll diff --git a/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql b/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql index 8dbd00584c..1abc2ad882 100644 --- a/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql +++ b/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.cert -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import DataFlow::PathGraph /** diff --git a/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql b/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql index 09ff575e6d..5606c8485f 100644 --- a/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql +++ b/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.c.cert import codingstandards.c.Pointers -import semmle.code.cpp.dataflow.TaintTracking +import codingstandards.cpp.dataflow.TaintTracking import DataFlow::PathGraph /** diff --git a/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql b/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql index 55f4afe7d8..4b31b89023 100644 --- a/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql +++ b/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql @@ -15,8 +15,8 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.Concurrency -import semmle.code.cpp.dataflow.TaintTracking -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.TaintTracking +import codingstandards.cpp.dataflow.DataFlow class TssCreateToTssDeleteDataFlowConfiguration extends DataFlow::Configuration { TssCreateToTssDeleteDataFlowConfiguration() { this = "TssCreateToTssDeleteDataFlowConfiguration" } diff --git a/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql b/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql index 71138f4ff8..e0617c266d 100644 --- a/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql +++ b/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql @@ -15,8 +15,8 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.Concurrency -import semmle.code.cpp.dataflow.TaintTracking -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.TaintTracking +import codingstandards.cpp.dataflow.DataFlow import semmle.code.cpp.commons.Alloc from C11ThreadCreateCall tcc, StackVariable sv, Expr arg, Expr acc diff --git a/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql b/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql index ddcddb8dc5..0fd94911ec 100644 --- a/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql +++ b/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql @@ -16,8 +16,8 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.Concurrency -import semmle.code.cpp.dataflow.TaintTracking -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.TaintTracking +import codingstandards.cpp.dataflow.DataFlow from TSSGetFunctionCall tsg, ThreadedFunction tf where diff --git a/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql b/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql index b5d7e5e378..9097f14297 100644 --- a/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql +++ b/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.cert -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow class Source extends StackVariable { Source() { not this instanceof Parameter } diff --git a/c/cert/src/rules/ERR30-C/FunctionCallBeforeErrnoCheck.ql b/c/cert/src/rules/ERR30-C/FunctionCallBeforeErrnoCheck.ql index dd2e2175f7..8d63bb5d06 100644 --- a/c/cert/src/rules/ERR30-C/FunctionCallBeforeErrnoCheck.ql +++ b/c/cert/src/rules/ERR30-C/FunctionCallBeforeErrnoCheck.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.c.cert import codingstandards.c.Errno -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow /** * A call to an `OutOfBandErrnoSettingFunction` diff --git a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql b/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql index fb14515c61..bf8f99fd27 100644 --- a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql +++ b/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql @@ -14,8 +14,8 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.SideEffect -import semmle.code.cpp.dataflow.DataFlow -import semmle.code.cpp.dataflow.TaintTracking +import codingstandards.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.TaintTracking import semmle.code.cpp.valuenumbering.GlobalValueNumbering /** Holds if the function's return value is derived from the `AliasParamter` p. */ diff --git a/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql b/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql index 9a8d5eaebb..b161beac1b 100644 --- a/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql +++ b/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql @@ -14,8 +14,8 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.Alignment -import semmle.code.cpp.dataflow.DataFlow -import semmle.code.cpp.dataflow.DataFlow2 +import codingstandards.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow2 import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis import DataFlow::PathGraph diff --git a/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql b/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql index 17e1c0e0e9..b68cfa8ce1 100644 --- a/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql +++ b/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.cert -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import DataFlow::PathGraph /** diff --git a/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql b/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql index 50d8514f52..784fb54b2f 100644 --- a/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql +++ b/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.cert -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import semmle.code.cpp.controlflow.Dominance import DataFlow::PathGraph diff --git a/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql b/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql index 08901f2016..dbeffd8153 100644 --- a/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql +++ b/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql @@ -12,7 +12,7 @@ import cpp import codingstandards.c.cert -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import DataFlow::PathGraph import codingstandards.cpp.SideEffect diff --git a/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql b/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql index ee73a07fd8..2e96e25f9f 100644 --- a/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql +++ b/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.c.cert import codingstandards.c.Pointers import codingstandards.c.Variable -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import semmle.code.cpp.pointsto.PointsTo import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis diff --git a/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql b/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql index 88f29d86b1..727bda754e 100644 --- a/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql +++ b/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql @@ -11,7 +11,7 @@ */ import cpp -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import semmle.code.cpp.controlflow.Dominance import codingstandards.c.cert import codingstandards.c.Variable diff --git a/c/cert/src/rules/FIO37-C/SuccessfulFgetsOrFgetwsMayReturnAnEmptyString.ql b/c/cert/src/rules/FIO37-C/SuccessfulFgetsOrFgetwsMayReturnAnEmptyString.ql index 54f555d7cb..2dce0d465c 100644 --- a/c/cert/src/rules/FIO37-C/SuccessfulFgetsOrFgetwsMayReturnAnEmptyString.ql +++ b/c/cert/src/rules/FIO37-C/SuccessfulFgetsOrFgetwsMayReturnAnEmptyString.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.FgetsErrorManagement import codingstandards.cpp.Dereferenced -import semmle.code.cpp.dataflow.TaintTracking +import codingstandards.cpp.dataflow.TaintTracking /* * CFG nodes that follows a successful call to `fgets` diff --git a/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql b/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql index 9d5058507e..94f3238f26 100644 --- a/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql +++ b/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql @@ -12,7 +12,7 @@ import cpp import codingstandards.c.cert -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow class FgetposCall extends FunctionCall { FgetposCall() { this.getTarget().hasGlobalOrStdName("fgetpos") } diff --git a/c/cert/src/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.ql b/c/cert/src/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.ql index b02ce2f58d..2ddfa6cf4c 100644 --- a/c/cert/src/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.ql +++ b/c/cert/src/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.standardlibrary.FileAccess -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import semmle.code.cpp.valuenumbering.GlobalValueNumbering /** diff --git a/c/cert/src/rules/MEM35-C/InsufficientMemoryAllocatedForObject.ql b/c/cert/src/rules/MEM35-C/InsufficientMemoryAllocatedForObject.ql index 5ff1725269..7683140327 100644 --- a/c/cert/src/rules/MEM35-C/InsufficientMemoryAllocatedForObject.ql +++ b/c/cert/src/rules/MEM35-C/InsufficientMemoryAllocatedForObject.ql @@ -16,7 +16,7 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.Overflow import semmle.code.cpp.controlflow.Guards -import semmle.code.cpp.dataflow.TaintTracking +import codingstandards.cpp.dataflow.TaintTracking import semmle.code.cpp.models.Models /** diff --git a/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql b/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql index 48279993d5..0d334a89f8 100644 --- a/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql +++ b/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql @@ -15,7 +15,7 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.Alignment -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import DataFlow::PathGraph int getStatedValue(Expr e) { diff --git a/c/cert/src/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.ql b/c/cert/src/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.ql index f5d053cdb1..f9e2c605ae 100644 --- a/c/cert/src/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.ql +++ b/c/cert/src/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.c.cert -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow /** * The argument of a call to `asctime` diff --git a/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql b/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql index ed5a6a368a..457c1803ba 100644 --- a/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql +++ b/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.Macro -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow abstract class VaAccess extends Expr { } diff --git a/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql b/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql index 0da48daa70..19730b4677 100644 --- a/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql +++ b/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.c.cert import codingstandards.c.Signal -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow /** * Does not access an external variable except diff --git a/c/cert/src/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.ql b/c/cert/src/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.ql index fa3cc3bf14..5a064c0904 100644 --- a/c/cert/src/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.ql +++ b/c/cert/src/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.c.cert import codingstandards.c.Signal -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow /** * CFG nodes preceeding a `ReturnStmt` diff --git a/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql b/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql index b26cc1a040..7fbdc276c5 100644 --- a/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql +++ b/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.c.cert import semmle.code.cpp.security.BufferWrite -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow /** * Class that includes into `BufferWrite` functions that will modify their diff --git a/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql b/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql index 3742207720..4e2e48708a 100644 --- a/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql +++ b/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql @@ -15,7 +15,7 @@ import cpp import codingstandards.c.cert -import semmle.code.cpp.dataflow.TaintTracking +import codingstandards.cpp.dataflow.TaintTracking import codingstandards.cpp.PossiblyUnsafeStringOperation /** diff --git a/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql b/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql index 365136f99d..d661edade5 100644 --- a/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql +++ b/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql @@ -15,7 +15,7 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.Naming -import semmle.code.cpp.dataflow.TaintTracking +import codingstandards.cpp.dataflow.TaintTracking import codingstandards.cpp.PossiblyUnsafeStringOperation /** diff --git a/c/cert/test/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.expected b/c/cert/test/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.expected index 852f776d55..25153f195b 100644 --- a/c/cert/test/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.expected +++ b/c/cert/test/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.expected @@ -1,5 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.ql:104,11-19) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.ql:87,5-18) | test.c:14:8:14:8 | VLA declaration | Variable-length array dimension size may be in an invalid range. | | test.c:15:8:15:8 | VLA declaration | Variable-length array dimension size may be in an invalid range. | | test.c:16:8:16:8 | VLA declaration | Variable-length array dimension size may be in an invalid range. | diff --git a/c/cert/test/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.expected b/c/cert/test/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.expected index 6d679648a9..8a7bfe553b 100644 --- a/c/cert/test/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.expected +++ b/c/cert/test/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.expected @@ -1,10 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:17,8-16) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:23,56-64) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:26,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:38,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:46,35-43) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:104,6-14) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:104,33-41) edges | test.c:14:38:14:39 | p1 | test.c:18:10:18:11 | v1 | | test.c:14:38:14:39 | p1 | test.c:19:10:19:11 | v2 | diff --git a/c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected b/c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected index abebd685c1..1d3f5dcf13 100644 --- a/c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected +++ b/c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected @@ -1,9 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql:18,8-16) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql:72,52-60) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql:75,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql:77,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql:86,51-59) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql:86,75-83) edges | test.c:7:13:7:14 | p1 | test.c:9:9:9:10 | p1 | | test.c:16:19:16:41 | ... - ... | test.c:18:26:18:31 | offset | diff --git a/c/cert/test/rules/CON30-C/CleanUpThreadSpecificStorage.expected b/c/cert/test/rules/CON30-C/CleanUpThreadSpecificStorage.expected index 4b3fb1d4bb..e03b665a1c 100644 --- a/c/cert/test/rules/CON30-C/CleanUpThreadSpecificStorage.expected +++ b/c/cert/test/rules/CON30-C/CleanUpThreadSpecificStorage.expected @@ -1,8 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql:21,57-65) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql:24,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql:33,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql:49,20-28) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql:51,20-28) | test.c:27:3:27:12 | call to tss_create | Resources used by thread specific storage may not be cleaned up. | | test.c:49:3:49:12 | call to tss_create | Resources used by thread specific storage may not be cleaned up. | | test.c:71:3:71:12 | call to tss_create | Resources used by thread specific storage may not be cleaned up. | diff --git a/c/cert/test/rules/CON34-C/AppropriateThreadObjectStorageDurations.expected b/c/cert/test/rules/CON34-C/AppropriateThreadObjectStorageDurations.expected index 7d13d2643e..c3cdc8bd7b 100644 --- a/c/cert/test/rules/CON34-C/AppropriateThreadObjectStorageDurations.expected +++ b/c/cert/test/rules/CON34-C/AppropriateThreadObjectStorageDurations.expected @@ -1,11 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql:28,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql:28,54-62) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql:35,62-70) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql:40,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql:40,30-38) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql:41,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql:41,30-38) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql:28,3-16) | test.c:23:3:23:13 | call to thrd_create | $@ not declared with appropriate storage duration | test.c:23:24:23:29 | & ... | Shared object | | test.c:74:3:74:13 | call to thrd_create | $@ not declared with appropriate storage duration | test.c:74:24:74:24 | p | Shared object | | test.c:85:3:85:13 | call to thrd_create | $@ not declared with appropriate storage duration | test.c:85:24:85:24 | p | Shared object | diff --git a/c/cert/test/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.expected b/c/cert/test/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.expected index c73ee85633..95d0a20041 100644 --- a/c/cert/test/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.expected +++ b/c/cert/test/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.expected @@ -1,6 +1 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql:28,38-46) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql:31,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql:31,30-38) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql:32,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql:32,30-38) | test.c:14:7:14:13 | call to tss_get | Call to a thread specific storage function from within a threaded context on an object that may not be owned by this thread. | diff --git a/c/cert/test/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.expected b/c/cert/test/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.expected index ce245c0a6b..ff842ddcad 100644 --- a/c/cert/test/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.expected +++ b/c/cert/test/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.expected @@ -1,7 +1,2 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql:22,20-28) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql:26,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql:39,6-14) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql:39,26-34) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql:45,3-11) | test.c:3:10:3:10 | a | $@ with automatic storage may be accessible outside of its lifetime. | test.c:3:10:3:10 | a | a | | test.c:15:4:15:8 | param [inner post update] | $@ with automatic storage may be accessible outside of its lifetime. | test.c:15:12:15:13 | a2 | a2 | diff --git a/c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.expected b/c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.expected index 049b398043..b6d7caa513 100644 --- a/c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.expected +++ b/c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.expected @@ -1,4 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ERR30-C/ErrnoReadBeforeReturn.ql:40,7-15) | test.c:69:7:69:11 | * ... | Do not read `errno` before checking the return value of function $@. | test.c:68:3:68:7 | call to ftell | call to ftell | | test.c:69:7:69:11 | call to __errno_location | Do not read `errno` before checking the return value of function $@. | test.c:68:3:68:7 | call to ftell | call to ftell | | test.c:70:5:70:10 | call to perror | Do not read `errno` before checking the return value of function $@. | test.c:68:3:68:7 | call to ftell | call to ftell | diff --git a/c/cert/test/rules/ERR30-C/SetlocaleMightSetErrno.expected b/c/cert/test/rules/ERR30-C/SetlocaleMightSetErrno.expected index 48d4af3c86..9ab88a3395 100644 --- a/c/cert/test/rules/ERR30-C/SetlocaleMightSetErrno.expected +++ b/c/cert/test/rules/ERR30-C/SetlocaleMightSetErrno.expected @@ -1,3 +1,2 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ERR30-C/SetlocaleMightSetErrno.ql:64,7-15) | test.c:98:3:98:11 | call to setlocale | Do not read `errno` before checking the return value of a call to `setlocale`. | | test.c:104:7:104:15 | call to setlocale | The value of `errno` may be different than `0` when `setlocale` is called. The following `errno` check might be invalid. | diff --git a/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected b/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected index e2b3ce8e0c..da9122cfd4 100644 --- a/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected +++ b/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected @@ -1,7 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql:51,7-15) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql:51,27-35) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql:52,9-17) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql:55,9-17) | test.c:12:5:12:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:10:21:10:26 | call to signal | call to signal | | test.c:30:5:30:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:26:21:26:26 | call to signal | call to signal | | test.c:49:5:49:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:45:21:45:26 | call to signal | call to signal | diff --git a/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected b/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected index d67751d7f0..fbcc44b856 100644 --- a/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected +++ b/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected @@ -1,4 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.ql:453,5-13) | test.c:18:3:18:11 | call to setlocale | Missing error detection for the call to function `setlocale`. | | test.c:24:23:24:31 | call to setlocale | Missing error detection for the call to function `setlocale`. | | test.c:29:22:29:27 | call to calloc | Missing error detection for the call to function `calloc`. | diff --git a/c/cert/test/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.expected b/c/cert/test/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.expected index cf68fc16c5..3ea1a05fd7 100644 --- a/c/cert/test/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.expected +++ b/c/cert/test/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.expected @@ -1,25 +1 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:24,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:24,59-67) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:27,33-41) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:27,57-65) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:31,33-41) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:31,59-67) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:40,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:40,25-33) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:40,53-61) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:43,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:43,57-65) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:52,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:52,55-63) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:59,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:59,57-65) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:71,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:71,55-63) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:24,5-18) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:27,7-20) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:31,7-20) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:43,5-18) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:52,5-18) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:59,5-18) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:71,5-18) | test.c:20:3:20:4 | call to f1 | Depending on the order of evaluation for the arguments $@ and $@ for side effects on shared state is unspecified and can result in unexpected behavior. | test.c:20:6:20:7 | call to f2 | call to f2 | test.c:20:12:20:13 | call to f3 | call to f3 | diff --git a/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected b/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected index b374e24470..a1c9a14fa2 100644 --- a/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected +++ b/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected @@ -1,14 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:20,8-16) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:100,20-28) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:126,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:131,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:140,58-66) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:145,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:149,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:156,35-43) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:172,3-11) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:172,30-38) -WARNING: Module DataFlow2 has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:121,86-95) edges | test.c:75:14:75:16 | & ... | test.c:76:11:76:12 | v1 | | test.c:75:14:75:16 | & ... | test.c:77:12:77:13 | v1 | diff --git a/c/cert/test/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.expected b/c/cert/test/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.expected index c85199bf3c..4c18bb2672 100644 --- a/c/cert/test/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.expected +++ b/c/cert/test/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.expected @@ -1,9 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql:17,8-16) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql:40,50-58) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql:43,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql:47,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql:53,46-54) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql:53,70-78) edges | test.c:48:68:48:70 | fns [f1] | test.c:49:3:49:5 | fns [f1] | | test.c:49:3:49:5 | fns [f1] | test.c:49:8:49:9 | f1 | diff --git a/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected b/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected index c39dc32d4b..e42f003f0f 100644 --- a/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected +++ b/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected @@ -1,19 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:18,8-16) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:48,44-52) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:56,48-56) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:65,41-49) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:68,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:68,54-62) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:73,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:73,50-58) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:106,32-40) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:106,53-61) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:115,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:115,27-35) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:115,55-63) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:116,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:193,6-14) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:193,33-41) edges | test.c:49:8:49:9 | s3 | test.c:50:8:50:9 | s1 | | test.c:60:16:60:18 | E1A | test.c:61:16:61:17 | e1 | diff --git a/c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.expected b/c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.expected index 16266ae7a4..3211c4fab1 100644 --- a/c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.expected +++ b/c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.expected @@ -1,9 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql:16,8-16) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql:35,34-42) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql:38,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql:44,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql:49,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql:49,55-63) edges | test.c:5:8:5:9 | & ... | test.c:6:4:6:5 | aa | | test.c:26:15:26:15 | a | test.c:27:4:27:4 | a | diff --git a/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.expected b/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.expected index f1126488fc..4d4c20a39c 100644 --- a/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.expected +++ b/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.expected @@ -1,14 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:103,36-44) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:118,47-55) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:121,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:123,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:129,34-42) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:147,20-28) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:147,49-57) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:150,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:150,51-59) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:157,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:157,51-59) | test.c:59:3:59:6 | call to copy | Call to 'copy' passes an $@ to a $@ (pointer value derived from a pair of address-of expressions ($@, $@). | test.c:59:13:59:15 | & ... | aliased pointer | test.c:59:8:59:10 | & ... | restrict-qualified parameter | test.c:59:8:59:10 | & ... | addressof1 | test.c:59:13:59:15 | & ... | addressof2 | | test.c:65:3:65:6 | call to copy | Call to 'copy' passes an $@ to a $@ (pointer value derived from a pair of address-of expressions ($@, $@). | test.c:65:15:65:19 | & ... | aliased pointer | test.c:65:8:65:12 | & ... | restrict-qualified parameter | test.c:65:8:65:12 | & ... | addressof1 | test.c:65:15:65:19 | & ... | addressof2 | | test.c:67:3:67:6 | call to copy | Call to 'copy' passes an $@ to a $@ (pointer value derived from a pair of address-of expressions ($@, $@). | test.c:67:15:67:16 | px | aliased pointer | test.c:67:8:67:12 | & ... | restrict-qualified parameter | test.c:67:8:67:12 | & ... | addressof1 | test.c:63:13:63:17 | & ... | addressof2 | diff --git a/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected b/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected index 20f835b2e8..3746991c09 100644 --- a/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected +++ b/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected @@ -1,9 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql:42,60-68) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql:47,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql:51,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql:58,58-66) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql:74,37-45) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql:75,37-45) | test.c:18:22:18:23 | i2 | Assignment to restrict-qualified pointer $@ results in pointers aliasing $@. | test.c:18:17:18:18 | i3 | i3 | test.c:18:22:18:23 | i2 | the object pointed to by i2 | | test.c:19:8:19:9 | g2 | Assignment to restrict-qualified pointer $@ results in pointers aliasing $@. | test.c:5:15:5:16 | g1 | g1 | test.c:19:8:19:9 | g2 | the object pointed to by g2 | | test.c:20:8:20:9 | i2 | Assignment to restrict-qualified pointer $@ results in pointers aliasing $@. | test.c:16:17:16:18 | i1 | i1 | test.c:20:8:20:9 | i2 | the object pointed to by i2 | diff --git a/c/cert/test/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.expected b/c/cert/test/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.expected index aa1cc50077..20c108cfa0 100644 --- a/c/cert/test/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.expected +++ b/c/cert/test/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.expected @@ -1,6 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.ql:42,11-19) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.ql:42,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.ql:43,13-21) | test.c:20:10:20:12 | buf | The buffer is not reset before being referenced following a failed $@. | test.c:15:7:15:11 | call to fgets | call to fgets | | test.c:57:10:57:12 | buf | The buffer is not reset before being referenced following a failed $@. | test.c:52:7:52:11 | call to fgets | call to fgets | | test.c:66:18:66:20 | buf | The buffer is not reset before being referenced following a failed $@. | test.c:61:7:61:11 | call to fgets | call to fgets | diff --git a/c/cert/test/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.expected b/c/cert/test/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.expected index a9d4fbe69f..8074710738 100644 --- a/c/cert/test/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.expected +++ b/c/cert/test/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.expected @@ -1,6 +1,2 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:25,26-34) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:28,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:30,14-22) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:33,29-37) | test.c:7:24:7:30 | & ... | The position argument of a call to `fsetpos()` should be obtained from a call to `fgetpos()`. | | test.c:33:24:33:30 | & ... | The position argument of a call to `fsetpos()` should be obtained from a call to `fgetpos()`. | diff --git a/c/cert/test/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.expected b/c/cert/test/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.expected index 7b41b51c19..1b2923b780 100644 --- a/c/cert/test/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.expected +++ b/c/cert/test/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.expected @@ -1,3 +1,2 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.ql:27,35-43) | test.c:4:13:4:17 | call to fopen | This call is trying to prevent an existing file from being overwritten by $@. An attacker might be able to exploit the race window between the two calls. | test.c:11:9:11:13 | call to fopen | another call | | test.c:88:13:88:17 | call to fopen | This call is trying to prevent an existing file from being overwritten by $@. An attacker might be able to exploit the race window between the two calls. | test.c:95:9:95:13 | call to fopen | another call | diff --git a/c/cert/test/rules/MEM35-C/InsufficientMemoryAllocatedForObject.expected b/c/cert/test/rules/MEM35-C/InsufficientMemoryAllocatedForObject.expected index cc2b957849..30dece9299 100644 --- a/c/cert/test/rules/MEM35-C/InsufficientMemoryAllocatedForObject.expected +++ b/c/cert/test/rules/MEM35-C/InsufficientMemoryAllocatedForObject.expected @@ -1,5 +1,3 @@ -WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/MEM35-C/InsufficientMemoryAllocatedForObject.ql:85,5-18) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/MEM35-C/InsufficientMemoryAllocatedForObject.ql:143,5-18) | test.c:12:19:12:24 | call to malloc | Allocation size (32 bytes) is not a multiple of the size of 'S1' (36 bytes). | test.c:12:26:12:32 | 32 | | | test.c:15:19:15:24 | call to malloc | Allocation size calculated from the size of a different type ($@). | test.c:15:26:15:35 | sizeof() | sizeof(S1 *) | | test.c:20:19:20:24 | call to malloc | Allocation size (128 bytes) is not a multiple of the size of 'S1' (36 bytes). | test.c:20:26:20:36 | ... * ... | | diff --git a/c/cert/test/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.expected b/c/cert/test/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.expected index a65140a683..0592cb038d 100644 --- a/c/cert/test/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.expected +++ b/c/cert/test/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.expected @@ -1,10 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql:19,8-16) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql:26,36-44) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql:40,43-51) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql:43,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql:47,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql:52,39-47) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql:52,66-74) edges | test.c:5:10:5:22 | call to aligned_alloc | test.c:15:8:15:28 | call to aligned_alloc_wrapper | | test.c:8:29:8:31 | ptr | test.c:8:64:8:66 | ptr | diff --git a/c/cert/test/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.expected b/c/cert/test/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.expected index f4e17367f2..70d60c528a 100644 --- a/c/cert/test/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.expected +++ b/c/cert/test/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.expected @@ -1,4 +1 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.ql:33,34-42) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.ql:36,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.ql:43,29-37) | test.c:6:24:6:30 | time_tm | The function `asctime` and `asctime_r` should be discouraged. Unsanitized input can overflow the output buffer. | diff --git a/c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.expected b/c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.expected index 1f594d145f..2b7bb2bdbc 100644 --- a/c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.expected +++ b/c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.expected @@ -1,9 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:38,27-35) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:41,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:46,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:68,30-38) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:69,28-36) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:70,28-36) | test.c:23:32:23:33 | ap | The value of ap is indeterminate after the $@. | test.c:17:7:17:19 | call to contains_zero | call to contains_zero | | test.c:26:10:26:11 | ap | The value of ap is indeterminate after the $@. | test.c:17:7:17:19 | call to contains_zero | call to contains_zero | | test.c:39:12:39:13 | ap | The value of ap is indeterminate after the $@. | test.c:35:7:35:19 | call to contains_zero | call to contains_zero | diff --git a/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected b/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected index c6e9c8739d..a601fe63f4 100644 --- a/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected +++ b/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected @@ -1,6 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql:105,11-19) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql:105,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql:106,9-17) | test.c:10:3:10:18 | call to log_local_unsafe | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:16:7:16:12 | call to signal | signal handler | | test.c:11:3:11:6 | call to free | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:16:7:16:12 | call to signal | signal handler | | test.c:46:3:46:9 | call to longjmp | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:50:7:50:12 | call to signal | signal handler | diff --git a/c/cert/test/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.expected b/c/cert/test/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.expected index 7969d5ac3b..31412c466a 100644 --- a/c/cert/test/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.expected +++ b/c/cert/test/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.expected @@ -1,2 +1 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.ql:39,5-13) | test.c:10:1:10:1 | return ... | Do not return from a $@ signal handler. | test.c:13:10:13:15 | SIGFPE | computational exception | diff --git a/c/cert/test/rules/STR30-C/DoNotAttemptToModifyStringLiterals.expected b/c/cert/test/rules/STR30-C/DoNotAttemptToModifyStringLiterals.expected index d6b1195940..27ef66bc7a 100644 --- a/c/cert/test/rules/STR30-C/DoNotAttemptToModifyStringLiterals.expected +++ b/c/cert/test/rules/STR30-C/DoNotAttemptToModifyStringLiterals.expected @@ -1,17 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:42,68-76) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:47,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:68,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:102,11-19) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:102,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:102,55-63) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:107,11-19) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:107,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:107,57-65) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:140,11-19) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:140,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:140,55-63) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:151,18-26) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:151,47-55) | test.c:7:3:7:3 | a | This operation may write to a string that may be a string literal that was $@. | test.c:6:13:6:20 | codeql | created here | | test.c:30:3:30:3 | a | This operation may write to a string that may be a string literal that was $@. | test.c:29:13:29:18 | call to strchr | created here | | test.c:36:3:36:3 | b | This operation may write to a string that may be a string literal that was $@. | test.c:35:13:35:18 | call to strchr | created here | diff --git a/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.expected b/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.expected index 1d6ec5445f..71e713d120 100644 --- a/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.expected +++ b/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.expected @@ -1,9 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql:57,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql:57,55-63) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql:63,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql:63,54-62) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql:57,5-18) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql:63,5-18) | test.c:10:20:10:24 | Cod | Expression produces or consumes a string that may not have sufficient space for a null-terminator. | | test.c:16:3:16:9 | call to strncpy | Expression produces or consumes a string that may not have sufficient space for a null-terminator. | | test.c:26:3:26:10 | call to snprintf | Expression produces or consumes a string that may not have sufficient space for a null-terminator. | diff --git a/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected b/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected index 00757ca722..4099e3fb1a 100644 --- a/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected +++ b/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected @@ -1,12 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql:55,33-41) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql:55,73-81) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql:61,33-41) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql:61,57-65) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql:69,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql:69,69-77) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql:55,7-20) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql:61,7-20) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql:69,5-18) | test.c:19:3:19:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:7:20:7:24 | Cod | this expression | | test.c:20:3:20:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:7:20:7:24 | Cod | this expression | | test.c:22:3:22:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:13:3:13:9 | call to strncpy | this expression | diff --git a/c/common/src/codingstandards/c/Errno.qll b/c/common/src/codingstandards/c/Errno.qll index d606593a1e..86ecabe8f1 100644 --- a/c/common/src/codingstandards/c/Errno.qll +++ b/c/common/src/codingstandards/c/Errno.qll @@ -1,7 +1,7 @@ /** Provides a library for errno-setting functions. */ import cpp -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow /** * An errno-setting function diff --git a/c/common/src/codingstandards/c/OutOfBounds.qll b/c/common/src/codingstandards/c/OutOfBounds.qll index 044528d798..d6d68d04d5 100644 --- a/c/common/src/codingstandards/c/OutOfBounds.qll +++ b/c/common/src/codingstandards/c/OutOfBounds.qll @@ -11,7 +11,7 @@ import codingstandards.cpp.Allocations import codingstandards.cpp.Overflow import codingstandards.cpp.PossiblyUnsafeStringOperation import codingstandards.cpp.SimpleRangeAnalysisCustomizations -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import semmle.code.cpp.valuenumbering.GlobalValueNumbering module OOB { diff --git a/c/common/src/codingstandards/c/Signal.qll b/c/common/src/codingstandards/c/Signal.qll index 95b27e2898..35286be4d9 100644 --- a/c/common/src/codingstandards/c/Signal.qll +++ b/c/common/src/codingstandards/c/Signal.qll @@ -1,5 +1,5 @@ import cpp -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow /** * A signal corresponding to a computational exception diff --git a/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql b/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql index 215f9811c2..6a0ff9833a 100644 --- a/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql +++ b/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.misra -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow /** * Models a function parameter of type array with specified size diff --git a/c/misra/src/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.ql b/c/misra/src/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.ql index 3b224544f2..02d0a54ec1 100644 --- a/c/misra/src/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.ql +++ b/c/misra/src/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.misra -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow from Call c where diff --git a/c/misra/src/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.ql b/c/misra/src/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.ql index fe1226dcea..bee9b41e2c 100644 --- a/c/misra/src/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.ql +++ b/c/misra/src/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.misra import semmle.code.cpp.valuenumbering.GlobalValueNumbering -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow /** * Offset in bytes of a field access diff --git a/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql b/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql index 5c06b92501..96d6dedcb3 100644 --- a/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql +++ b/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql @@ -15,7 +15,7 @@ import cpp import codingstandards.c.misra import codingstandards.c.misra.EssentialTypes -import semmle.code.cpp.dataflow.TaintTracking +import codingstandards.cpp.dataflow.TaintTracking import DataFlow::PathGraph // Data flow from a StringLiteral or from an array of characters, to a memcmp call diff --git a/c/misra/src/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.ql b/c/misra/src/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.ql index 877fbea9aa..c01afea39f 100644 --- a/c/misra/src/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.ql +++ b/c/misra/src/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.standardlibrary.FileAccess -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import semmle.code.cpp.valuenumbering.GlobalValueNumbering import semmle.code.cpp.controlflow.SubBasicBlocks diff --git a/c/misra/src/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.ql b/c/misra/src/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.ql index c4acbf7aca..58d46176c2 100644 --- a/c/misra/src/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.ql +++ b/c/misra/src/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.standardlibrary.FileAccess -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow class FileDFConf extends DataFlow::Configuration { FileDFConf() { this = "FileDFConf" } diff --git a/c/misra/test/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.expected b/c/misra/test/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.expected index 8e3c49aa2e..913f6f1c34 100644 --- a/c/misra/test/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.expected +++ b/c/misra/test/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.expected @@ -1,8 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql:47,32-40) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql:50,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql:52,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql:70,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql:70,45-53) | test.c:18:6:18:6 | 0 | The function argument does not have a sufficient number or elements declared in the $@. | test.c:1:13:1:14 | ar | parameter | | test.c:19:6:19:7 | ar | The function argument does not have a sufficient number or elements declared in the $@. | test.c:1:13:1:14 | ar | parameter | | test.c:21:6:21:9 | ar2p | The function argument does not have a sufficient number or elements declared in the $@. | test.c:1:13:1:14 | ar | parameter | diff --git a/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected b/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected index 775368689c..bdfec99b4a 100644 --- a/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected +++ b/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected @@ -1,13 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql:19,8-16) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql:25,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql:51,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql:60,24-32) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql:60,51-59) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql:61,3-11) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql:61,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql:61,56-64) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql:62,3-11) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql:22,57-70) edges | test.c:12:13:12:15 | a | test.c:14:10:14:10 | a | | test.c:12:13:12:15 | a | test.c:23:13:23:13 | a | diff --git a/c/misra/test/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.expected b/c/misra/test/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.expected index 782b890699..6111072ba8 100644 --- a/c/misra/test/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.expected +++ b/c/misra/test/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.expected @@ -1,4 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.ql:38,9-17) | test.c:6:14:6:18 | call to fopen | The same file was already opened $@. Files should not be read and written at the same time using different streams. | test.c:5:14:5:18 | call to fopen | here | | test.c:17:14:17:18 | call to fopen | The same file was already opened $@. Files should not be read and written at the same time using different streams. | test.c:16:14:16:18 | call to fopen | here | | test.c:33:14:33:18 | call to fopen | The same file was already opened $@. Files should not be read and written at the same time using different streams. | test.c:32:14:32:18 | call to fopen | here | diff --git a/c/misra/test/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.expected b/c/misra/test/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.expected index 74eb07ffe0..0bfce133c5 100644 --- a/c/misra/test/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.expected +++ b/c/misra/test/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.expected @@ -1,7 +1,2 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.ql:18,26-34) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.ql:21,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.ql:26,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.ql:32,25-33) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.ql:35,26-34) | test.c:10:3:10:9 | call to fprintf | Attempt to write to a $@ opened as read-only. | test.c:9:14:9:18 | call to fopen | stream | | test.c:15:3:15:9 | call to fprintf | Attempt to write to a $@ opened as read-only. | test.c:18:14:18:18 | call to fopen | stream | diff --git a/c/misra/test/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.expected b/c/misra/test/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.expected index 8c7c643e40..709d8b002c 100644 --- a/c/misra/test/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.expected +++ b/c/misra/test/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.expected @@ -1,9 +1,2 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql:22,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql:25,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql:29,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql:38,32-40) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql:50,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql:58,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql:58,48-56) | test.c:6:7:6:20 | ... != ... | The check is not reliable as the type of the return value of $@ is converted. | test.c:5:14:5:20 | call to getchar | call to getchar | | test.c:13:7:13:15 | ... != ... | The check is not reliable as the type of the return value of $@ is converted. | test.c:12:14:12:20 | call to getchar | call to getchar | diff --git a/cpp/autosar/src/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.ql b/cpp/autosar/src/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.ql index 8d8a3a79c7..b010e616cb 100644 --- a/cpp/autosar/src/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.ql +++ b/cpp/autosar/src/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.ql @@ -14,7 +14,7 @@ */ import cpp -import semmle.code.cpp.dataflow.TaintTracking +import codingstandards.cpp.dataflow.TaintTracking import codingstandards.cpp.autosar import codingstandards.cpp.UserDefinedLiteral import codingstandards.cpp.SideEffect diff --git a/cpp/autosar/src/rules/A13-2-1/AssignmentOperatorReturnThis.ql b/cpp/autosar/src/rules/A13-2-1/AssignmentOperatorReturnThis.ql index 4e6b7d6f0c..ae0acc3bb5 100644 --- a/cpp/autosar/src/rules/A13-2-1/AssignmentOperatorReturnThis.ql +++ b/cpp/autosar/src/rules/A13-2-1/AssignmentOperatorReturnThis.ql @@ -16,7 +16,7 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.Operator -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow predicate returnsThisPointer(UserAssignmentOperator o) { exists(PointerDereferenceExpr p, ThisExpr t, ReturnStmt r | diff --git a/cpp/autosar/src/rules/A15-1-3/ThrownExceptionsShouldBeUnique.ql b/cpp/autosar/src/rules/A15-1-3/ThrownExceptionsShouldBeUnique.ql index 97e9133a7a..1459b79b43 100644 --- a/cpp/autosar/src/rules/A15-1-3/ThrownExceptionsShouldBeUnique.ql +++ b/cpp/autosar/src/rules/A15-1-3/ThrownExceptionsShouldBeUnique.ql @@ -16,7 +16,7 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.exceptions.ExceptionFlow -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import semmle.code.cpp.valuenumbering.HashCons /** Find a value which defines the exception thrown by the `DirectThrowExpr`, if any. */ diff --git a/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql b/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql index 1b3a3cfed2..9fcd8fa609 100644 --- a/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql +++ b/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql @@ -15,7 +15,7 @@ */ import cpp -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import codingstandards.cpp.autosar import codingstandards.cpp.exceptions.ExceptionFlow import codingstandards.cpp.exceptions.ExceptionSpecifications diff --git a/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql b/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql index 639de937f7..72496d703d 100644 --- a/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql +++ b/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql @@ -16,7 +16,7 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.SmartPointers -import semmle.code.cpp.dataflow.TaintTracking +import codingstandards.cpp.dataflow.TaintTracking import DataFlow::PathGraph class AutosarSmartPointerArraySpecialisation extends AutosarSmartPointer { diff --git a/cpp/autosar/src/rules/A18-5-2/DoNotUseNonPlacementNew.ql b/cpp/autosar/src/rules/A18-5-2/DoNotUseNonPlacementNew.ql index 1320d6e486..082827f5bb 100644 --- a/cpp/autosar/src/rules/A18-5-2/DoNotUseNonPlacementNew.ql +++ b/cpp/autosar/src/rules/A18-5-2/DoNotUseNonPlacementNew.ql @@ -15,7 +15,7 @@ import cpp import codingstandards.cpp.autosar -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow from NewOrNewArrayExpr na where diff --git a/cpp/autosar/src/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.ql b/cpp/autosar/src/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.ql index cdf35374f9..979dc0824e 100644 --- a/cpp/autosar/src/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.ql +++ b/cpp/autosar/src/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.ql @@ -16,7 +16,7 @@ import cpp import codingstandards.cpp.autosar -import semmle.code.cpp.dataflow.TaintTracking +import codingstandards.cpp.dataflow.TaintTracking import codingstandards.cpp.standardlibrary.Utility /* diff --git a/cpp/autosar/src/rules/A18-9-4/ArgumentToForwardSubsequentlyUsed.ql b/cpp/autosar/src/rules/A18-9-4/ArgumentToForwardSubsequentlyUsed.ql index a3acf916ec..d87366c624 100644 --- a/cpp/autosar/src/rules/A18-9-4/ArgumentToForwardSubsequentlyUsed.ql +++ b/cpp/autosar/src/rules/A18-9-4/ArgumentToForwardSubsequentlyUsed.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.standardlibrary.Utility -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow from StdForwardCall f, Access a where diff --git a/cpp/autosar/src/rules/A20-8-4/SharedPointerUsedWithNoOwnershipSharing.ql b/cpp/autosar/src/rules/A20-8-4/SharedPointerUsedWithNoOwnershipSharing.ql index 0294bfe2e6..c7ff6f6bf2 100644 --- a/cpp/autosar/src/rules/A20-8-4/SharedPointerUsedWithNoOwnershipSharing.ql +++ b/cpp/autosar/src/rules/A20-8-4/SharedPointerUsedWithNoOwnershipSharing.ql @@ -16,7 +16,7 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.SmartPointers -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow /* * Finds `std::shared_ptr` local variables which are not copy or move initialized, and are not used in diff --git a/cpp/autosar/src/rules/A27-0-4/CStyleStringsUsed.ql b/cpp/autosar/src/rules/A27-0-4/CStyleStringsUsed.ql index b24a4a96cf..b698ecf351 100644 --- a/cpp/autosar/src/rules/A27-0-4/CStyleStringsUsed.ql +++ b/cpp/autosar/src/rules/A27-0-4/CStyleStringsUsed.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.cpp.autosar -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow class InstanceOfCStyleString extends Expr { InstanceOfCStyleString() { diff --git a/cpp/autosar/src/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.ql b/cpp/autosar/src/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.ql index db178b36fb..6caf641446 100644 --- a/cpp/autosar/src/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.ql +++ b/cpp/autosar/src/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.ql @@ -17,7 +17,7 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.Type -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import DataFlow::PathGraph class ArrayAccessOrPointerArith extends Expr { diff --git a/cpp/autosar/src/rules/A5-1-7/LambdaPassedToDecltype.ql b/cpp/autosar/src/rules/A5-1-7/LambdaPassedToDecltype.ql index 5d79a3a362..da33fd5a78 100644 --- a/cpp/autosar/src/rules/A5-1-7/LambdaPassedToDecltype.ql +++ b/cpp/autosar/src/rules/A5-1-7/LambdaPassedToDecltype.ql @@ -15,7 +15,7 @@ import cpp import codingstandards.cpp.autosar -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow class LambdaExpressionToInitializer extends DataFlow::Configuration { LambdaExpressionToInitializer() { this = "LambdaExpressionToInitializer" } diff --git a/cpp/autosar/src/rules/A5-1-7/LambdaPassedToTypeid.ql b/cpp/autosar/src/rules/A5-1-7/LambdaPassedToTypeid.ql index 2471464364..d43568af21 100644 --- a/cpp/autosar/src/rules/A5-1-7/LambdaPassedToTypeid.ql +++ b/cpp/autosar/src/rules/A5-1-7/LambdaPassedToTypeid.ql @@ -14,7 +14,7 @@ */ import cpp -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import codingstandards.cpp.autosar import DataFlow::PathGraph diff --git a/cpp/autosar/src/rules/A7-5-1/InvalidFunctionReturnType.ql b/cpp/autosar/src/rules/A7-5-1/InvalidFunctionReturnType.ql index c36bda6cdd..6994ab028f 100644 --- a/cpp/autosar/src/rules/A7-5-1/InvalidFunctionReturnType.ql +++ b/cpp/autosar/src/rules/A7-5-1/InvalidFunctionReturnType.ql @@ -16,7 +16,7 @@ import cpp import codingstandards.cpp.autosar -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow from Parameter p, ReturnStmt ret where diff --git a/cpp/autosar/src/rules/A8-4-11/SmartPointerAsParameterWithoutLifetimeSemantics.ql b/cpp/autosar/src/rules/A8-4-11/SmartPointerAsParameterWithoutLifetimeSemantics.ql index 0bf42ce4ca..811d98eccb 100644 --- a/cpp/autosar/src/rules/A8-4-11/SmartPointerAsParameterWithoutLifetimeSemantics.ql +++ b/cpp/autosar/src/rules/A8-4-11/SmartPointerAsParameterWithoutLifetimeSemantics.ql @@ -16,7 +16,7 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.SmartPointers -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import codingstandards.cpp.standardlibrary.Utility Expr lifetimeAffectingSmartPointerExpr(Function f) { diff --git a/cpp/autosar/src/rules/A8-4-12/UniquePtrPassedToFunctionWithImproperSemantics.ql b/cpp/autosar/src/rules/A8-4-12/UniquePtrPassedToFunctionWithImproperSemantics.ql index 3cd310b59b..5dec96ed81 100644 --- a/cpp/autosar/src/rules/A8-4-12/UniquePtrPassedToFunctionWithImproperSemantics.ql +++ b/cpp/autosar/src/rules/A8-4-12/UniquePtrPassedToFunctionWithImproperSemantics.ql @@ -18,7 +18,7 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.SmartPointers import codingstandards.cpp.standardlibrary.Utility -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow Expr underlyingObjectAffectingUniquePointerExpr(Function f) { result = diff --git a/cpp/autosar/src/rules/A8-4-4/FunctionReturnMultipleValueCondition.ql b/cpp/autosar/src/rules/A8-4-4/FunctionReturnMultipleValueCondition.ql index ff0040f26f..fa38b1d3f6 100644 --- a/cpp/autosar/src/rules/A8-4-4/FunctionReturnMultipleValueCondition.ql +++ b/cpp/autosar/src/rules/A8-4-4/FunctionReturnMultipleValueCondition.ql @@ -16,7 +16,7 @@ import cpp import codingstandards.cpp.autosar -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow abstract class OutputValue extends Element { abstract string getOutputName(); diff --git a/cpp/autosar/src/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.ql b/cpp/autosar/src/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.ql index be623f171e..dfa402bd1e 100644 --- a/cpp/autosar/src/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.ql +++ b/cpp/autosar/src/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.ql @@ -15,7 +15,7 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.CommonTypes as CommonTypes -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow class AccessAwareMemberFunction extends MemberFunction { Class c; diff --git a/cpp/autosar/src/rules/M0-3-2/FunctionErroneousReturnValueNotTested.ql b/cpp/autosar/src/rules/M0-3-2/FunctionErroneousReturnValueNotTested.ql index cd94d63ffc..aee4e40838 100644 --- a/cpp/autosar/src/rules/M0-3-2/FunctionErroneousReturnValueNotTested.ql +++ b/cpp/autosar/src/rules/M0-3-2/FunctionErroneousReturnValueNotTested.ql @@ -19,7 +19,7 @@ import cpp import codingstandards.cpp.autosar -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import semmle.code.cpp.controlflow.Guards from FunctionCall fc diff --git a/cpp/autosar/src/rules/M3-9-3/UnderlyingBitRepresentationsOfFloatingPointValuesUsed.ql b/cpp/autosar/src/rules/M3-9-3/UnderlyingBitRepresentationsOfFloatingPointValuesUsed.ql index 279ad08f3c..f7e6664269 100644 --- a/cpp/autosar/src/rules/M3-9-3/UnderlyingBitRepresentationsOfFloatingPointValuesUsed.ql +++ b/cpp/autosar/src/rules/M3-9-3/UnderlyingBitRepresentationsOfFloatingPointValuesUsed.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.cpp.autosar -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow predicate pointeeIsModified(PointerDereferenceExpr e, Expr m) { exists(Assignment a | a.getLValue() = e and m = a) diff --git a/cpp/autosar/src/rules/M5-0-17/PointerSubtractionOnDifferentArrays.ql b/cpp/autosar/src/rules/M5-0-17/PointerSubtractionOnDifferentArrays.ql index 3000685f54..dd8fbaa553 100644 --- a/cpp/autosar/src/rules/M5-0-17/PointerSubtractionOnDifferentArrays.ql +++ b/cpp/autosar/src/rules/M5-0-17/PointerSubtractionOnDifferentArrays.ql @@ -15,7 +15,7 @@ import cpp import codingstandards.cpp.autosar -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import DataFlow::PathGraph class ArrayToPointerDiffOperandConfig extends DataFlow::Configuration { diff --git a/cpp/autosar/src/rules/M5-2-2/PointerToAVirtualBaseClassCastToAPointer.ql b/cpp/autosar/src/rules/M5-2-2/PointerToAVirtualBaseClassCastToAPointer.ql index d24c4d35df..8f20bf808e 100644 --- a/cpp/autosar/src/rules/M5-2-2/PointerToAVirtualBaseClassCastToAPointer.ql +++ b/cpp/autosar/src/rules/M5-2-2/PointerToAVirtualBaseClassCastToAPointer.ql @@ -15,7 +15,7 @@ import cpp import codingstandards.cpp.autosar -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow from Cast cast, VirtualBaseClass castFrom, Class castTo where diff --git a/cpp/autosar/src/rules/M9-3-1/ConstMemberFunctionReturnsNonConstPointer.ql b/cpp/autosar/src/rules/M9-3-1/ConstMemberFunctionReturnsNonConstPointer.ql index 559b41527c..98207a62a3 100644 --- a/cpp/autosar/src/rules/M9-3-1/ConstMemberFunctionReturnsNonConstPointer.ql +++ b/cpp/autosar/src/rules/M9-3-1/ConstMemberFunctionReturnsNonConstPointer.ql @@ -18,7 +18,7 @@ import cpp import codingstandards.cpp.autosar -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow class ReferenceTypeWithNonConstBaseType extends ReferenceType { ReferenceTypeWithNonConstBaseType() { not this.getBaseType().isConst() } diff --git a/cpp/autosar/test/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.expected b/cpp/autosar/test/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.expected index b54f940413..53dc884023 100644 --- a/cpp/autosar/test/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.expected +++ b/cpp/autosar/test/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.expected @@ -1,4 +1 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.ql:27,33-41) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.ql:28,5-13) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.ql:27,7-20) | test.cpp:47:8:47:23 | operator ""_uds5 | User defined literal operator returns $@, which is not converted from a passed parameter | test.cpp:48:10:48:12 | 0.0 | expression | diff --git a/cpp/autosar/test/rules/A13-2-1/AssignmentOperatorReturnThis.expected b/cpp/autosar/test/rules/A13-2-1/AssignmentOperatorReturnThis.expected index c8accfa682..e9929173b0 100644 --- a/cpp/autosar/test/rules/A13-2-1/AssignmentOperatorReturnThis.expected +++ b/cpp/autosar/test/rules/A13-2-1/AssignmentOperatorReturnThis.expected @@ -1,4 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A13-2-1/AssignmentOperatorReturnThis.ql:25,5-13) | test.cpp:10:12:10:20 | operator= | User-defined assignment operator $@ does not return *this | test.cpp:10:12:10:20 | operator= | user defined assignment operator | | test.cpp:17:11:17:19 | operator= | User-defined assignment operator $@ does not return *this | test.cpp:17:11:17:19 | operator= | user defined assignment operator | | test.cpp:24:12:24:20 | operator= | User-defined assignment operator $@ does not return *this | test.cpp:24:12:24:20 | operator= | user defined assignment operator | diff --git a/cpp/autosar/test/rules/A15-1-3/ThrownExceptionsShouldBeUnique.expected b/cpp/autosar/test/rules/A15-1-3/ThrownExceptionsShouldBeUnique.expected index 0680304b74..b085736659 100644 --- a/cpp/autosar/test/rules/A15-1-3/ThrownExceptionsShouldBeUnique.expected +++ b/cpp/autosar/test/rules/A15-1-3/ThrownExceptionsShouldBeUnique.expected @@ -1,4 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A15-1-3/ThrownExceptionsShouldBeUnique.ql:24,3-11) | test.cpp:6:5:6:26 | throw ... | The $@ thrown here is a possible duplicate of the $@ thrown $@. | test.cpp:6:5:6:26 | call to exception | std::exception exception | test.cpp:14:5:14:26 | call to exception | exception | test.cpp:14:5:14:26 | throw ... | here | | test.cpp:8:5:8:53 | throw ... | The $@ thrown here is a possible duplicate of the $@ thrown $@. | test.cpp:8:5:8:53 | call to runtime_error | std::runtime_error exception | test.cpp:16:5:16:53 | call to runtime_error | exception | test.cpp:16:5:16:53 | throw ... | here | | test.cpp:14:5:14:26 | throw ... | The $@ thrown here is a possible duplicate of the $@ thrown $@. | test.cpp:14:5:14:26 | call to exception | std::exception exception | test.cpp:6:5:6:26 | call to exception | exception | test.cpp:6:5:6:26 | throw ... | here | diff --git a/cpp/autosar/test/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.expected b/cpp/autosar/test/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.expected index 9bdaadd61b..941771dada 100644 --- a/cpp/autosar/test/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.expected +++ b/cpp/autosar/test/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.expected @@ -1,12 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql:47,12-20) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql:48,30-38) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql:48,57-65) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql:71,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql:71,25-33) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql:72,7-15) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql:116,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql:116,25-33) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql:116,54-62) edges | test.cpp:12:16:12:27 | new [bad_alloc] | test.cpp:14:33:16:5 | { ... } [bad_alloc] | | test.cpp:13:7:13:28 | throw ... [exception] | test.cpp:14:33:16:5 | { ... } [exception] | diff --git a/cpp/autosar/test/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.expected b/cpp/autosar/test/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.expected index ed4ee043fb..a96c3fb64f 100644 --- a/cpp/autosar/test/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.expected +++ b/cpp/autosar/test/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.expected @@ -1,9 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql:20,8-16) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql:31,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql:43,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql:63,59-67) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql:64,3-11) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql:26,63-76) edges | test.cpp:3:36:3:45 | new[] | test.cpp:19:27:19:44 | call to allocate_int_array | | test.cpp:3:36:3:45 | new[] | test.cpp:23:12:23:29 | call to allocate_int_array | diff --git a/cpp/autosar/test/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.expected b/cpp/autosar/test/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.expected index 97d0f9d1e5..d9dd02c054 100644 --- a/cpp/autosar/test/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.expected +++ b/cpp/autosar/test/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.expected @@ -1,7 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.ql:55,34-42) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.ql:57,26-34) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.ql:70,5-18) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.ql:75,41-54) | test.cpp:17:17:17:29 | new | StructA object of size 8 bytes does not appear to outlive the function, but is created on the heap instead of the stack. | | test.cpp:21:17:21:32 | new[] | StructA[] object of size 800 bytes does not appear to outlive the function, but is created on the heap instead of the stack. | | test.cpp:35:20:35:44 | call to make_shared | StructA object of size 8 bytes does not appear to outlive the function, but is created on the heap instead of the stack. | diff --git a/cpp/autosar/test/rules/A18-9-4/ArgumentToForwardSubsequentlyUsed.expected b/cpp/autosar/test/rules/A18-9-4/ArgumentToForwardSubsequentlyUsed.expected index 401e3dc0ee..1c72dd7bf3 100644 --- a/cpp/autosar/test/rules/A18-9-4/ArgumentToForwardSubsequentlyUsed.expected +++ b/cpp/autosar/test/rules/A18-9-4/ArgumentToForwardSubsequentlyUsed.expected @@ -1,4 +1 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A18-9-4/ArgumentToForwardSubsequentlyUsed.ql:22,10-18) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A18-9-4/ArgumentToForwardSubsequentlyUsed.ql:24,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A18-9-4/ArgumentToForwardSubsequentlyUsed.ql:24,30-38) | test.cpp:8:5:8:6 | t2 | The argument $@ of `std::forward` may be indeterminate when accessed at this location. | test.cpp:7:45:7:46 | t2 | t2 | diff --git a/cpp/autosar/test/rules/A20-8-4/SharedPointerUsedWithNoOwnershipSharing.expected b/cpp/autosar/test/rules/A20-8-4/SharedPointerUsedWithNoOwnershipSharing.expected index 2344d46d59..f15f142b3b 100644 --- a/cpp/autosar/test/rules/A20-8-4/SharedPointerUsedWithNoOwnershipSharing.expected +++ b/cpp/autosar/test/rules/A20-8-4/SharedPointerUsedWithNoOwnershipSharing.expected @@ -1,4 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A20-8-4/SharedPointerUsedWithNoOwnershipSharing.ql:47,7-15) | test.cpp:14:24:14:26 | sp3 | The ownership of shared_ptr $@ is not shared within or passed out of the local scope of function $@. | test.cpp:14:24:14:26 | sp3 | sp3 | test.cpp:11:22:11:23 | f1 | f1 | | test.cpp:16:24:16:26 | sp5 | The ownership of shared_ptr $@ is not shared within or passed out of the local scope of function $@. | test.cpp:16:24:16:26 | sp5 | sp5 | test.cpp:11:22:11:23 | f1 | f1 | | test.cpp:17:24:17:26 | sp6 | The ownership of shared_ptr $@ is not shared within or passed out of the local scope of function $@. | test.cpp:17:24:17:26 | sp6 | sp6 | test.cpp:11:22:11:23 | f1 | f1 | diff --git a/cpp/autosar/test/rules/A27-0-4/CStyleStringsUsed.expected b/cpp/autosar/test/rules/A27-0-4/CStyleStringsUsed.expected index 0094ed8531..6184aad74e 100644 --- a/cpp/autosar/test/rules/A27-0-4/CStyleStringsUsed.expected +++ b/cpp/autosar/test/rules/A27-0-4/CStyleStringsUsed.expected @@ -1,6 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A27-0-4/CStyleStringsUsed.ql:39,3-11) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A27-0-4/CStyleStringsUsed.ql:39,23-31) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A27-0-4/CStyleStringsUsed.ql:39,47-55) | test.cpp:7:20:7:27 | CodeQL | Usage of C-style string in $@. | test.cpp:7:20:7:27 | CodeQL | expression | | test.cpp:7:20:7:27 | CodeQL | Usage of C-style string in $@. | test.cpp:16:16:16:17 | a1 | expression | | test.cpp:8:22:8:26 | call to c_str | Usage of C-style string in $@. | test.cpp:8:22:8:26 | call to c_str | expression | diff --git a/cpp/autosar/test/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.expected b/cpp/autosar/test/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.expected index 53da5e375c..4234d93b32 100644 --- a/cpp/autosar/test/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.expected +++ b/cpp/autosar/test/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.expected @@ -1,9 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.ql:21,8-16) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.ql:45,58-66) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.ql:50,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.ql:59,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.ql:65,55-63) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.ql:66,3-11) edges | test.cpp:10:18:10:20 | foo | test.cpp:11:23:11:25 | foo | | test.cpp:10:18:10:20 | foo | test.cpp:11:50:11:52 | foo | diff --git a/cpp/autosar/test/rules/A5-1-7/LambdaPassedToDecltype.expected b/cpp/autosar/test/rules/A5-1-7/LambdaPassedToDecltype.expected index 0c247cf3bb..8f6447a96b 100644 --- a/cpp/autosar/test/rules/A5-1-7/LambdaPassedToDecltype.expected +++ b/cpp/autosar/test/rules/A5-1-7/LambdaPassedToDecltype.expected @@ -1,6 +1 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToDecltype.ql:20,45-53) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToDecltype.ql:23,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToDecltype.ql:25,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToDecltype.ql:39,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToDecltype.ql:39,50-58) | test.cpp:14:23:14:24 | decltype(...) | Lambda $@ passed as operand to decltype. | test.cpp:5:13:5:30 | [...](...){...} | expression | diff --git a/cpp/autosar/test/rules/A5-1-7/LambdaPassedToTypeid.expected b/cpp/autosar/test/rules/A5-1-7/LambdaPassedToTypeid.expected index 307ac17d11..4b19073ded 100644 --- a/cpp/autosar/test/rules/A5-1-7/LambdaPassedToTypeid.expected +++ b/cpp/autosar/test/rules/A5-1-7/LambdaPassedToTypeid.expected @@ -1,9 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToTypeid.ql:19,8-16) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToTypeid.ql:21,40-48) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToTypeid.ql:24,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToTypeid.ql:26,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToTypeid.ql:31,6-14) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToTypeid.ql:31,33-41) edges | test.cpp:5:13:5:30 | [...](...){...} | test.cpp:8:38:8:39 | l1 | | test.cpp:6:13:6:30 | [...](...){...} | test.cpp:9:38:9:39 | l2 | diff --git a/cpp/autosar/test/rules/A7-5-1/InvalidFunctionReturnType.expected b/cpp/autosar/test/rules/A7-5-1/InvalidFunctionReturnType.expected index 862c45bdc1..b6d9490803 100644 --- a/cpp/autosar/test/rules/A7-5-1/InvalidFunctionReturnType.expected +++ b/cpp/autosar/test/rules/A7-5-1/InvalidFunctionReturnType.expected @@ -1,5 +1,2 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A7-5-1/InvalidFunctionReturnType.ql:27,3-11) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A7-5-1/InvalidFunctionReturnType.ql:27,23-31) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A7-5-1/InvalidFunctionReturnType.ql:27,51-59) | test.cpp:5:3:5:11 | return ... | Function test_refconst_return returns a reference or a pointer to $@ that is passed by reference to const. | test.cpp:4:44:4:44 | x | parameter | | test.cpp:8:3:8:14 | return ... | Function test_ptrconst_return returns a reference or a pointer to $@ that is passed by reference to const. | test.cpp:7:44:7:44 | x | parameter | diff --git a/cpp/autosar/test/rules/A8-4-11/SmartPointerAsParameterWithoutLifetimeSemantics.expected b/cpp/autosar/test/rules/A8-4-11/SmartPointerAsParameterWithoutLifetimeSemantics.expected index 5407225de9..b751d81835 100644 --- a/cpp/autosar/test/rules/A8-4-11/SmartPointerAsParameterWithoutLifetimeSemantics.expected +++ b/cpp/autosar/test/rules/A8-4-11/SmartPointerAsParameterWithoutLifetimeSemantics.expected @@ -1,5 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A8-4-11/SmartPointerAsParameterWithoutLifetimeSemantics.ql:47,3-11) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A8-4-11/SmartPointerAsParameterWithoutLifetimeSemantics.ql:56,5-13) | test.cpp:7:41:7:43 | up1 | Function $@ takes smart pointer parameter 'up1' but does not implement any lifetime-affecting operations. | test.cpp:7:6:7:18 | smart_ptr_get | smart_ptr_get | | test.cpp:16:53:16:55 | sp1 | Function $@ takes smart pointer parameter 'sp1' but does not implement any lifetime-affecting operations. | test.cpp:16:6:16:29 | smart_ptr_ref_assign_ref | smart_ptr_ref_assign_ref | | test.cpp:28:55:28:57 | sp1 | Function $@ takes smart pointer parameter 'sp1' but does not implement any lifetime-affecting operations. | test.cpp:28:6:28:31 | smart_ptr_ref_noncompliant | smart_ptr_ref_noncompliant | diff --git a/cpp/autosar/test/rules/A8-4-12/UniquePtrPassedToFunctionWithImproperSemantics.expected b/cpp/autosar/test/rules/A8-4-12/UniquePtrPassedToFunctionWithImproperSemantics.expected index 4b3c93e932..a01b93335d 100644 --- a/cpp/autosar/test/rules/A8-4-12/UniquePtrPassedToFunctionWithImproperSemantics.expected +++ b/cpp/autosar/test/rules/A8-4-12/UniquePtrPassedToFunctionWithImproperSemantics.expected @@ -1,5 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A8-4-12/UniquePtrPassedToFunctionWithImproperSemantics.ql:41,3-11) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A8-4-12/UniquePtrPassedToFunctionWithImproperSemantics.ql:51,5-13) | test.cpp:13:55:13:56 | v1 | Parameter of type std::unique_ptr passed as lvalue reference but not used to modify underlying object. | | test.cpp:17:47:17:48 | v1 | Parameter of type std::unique_ptr passed as lvalue reference but not used to modify underlying object. | | test.cpp:22:27:22:28 | v1 | Parameter of type std::unique_ptr passed as lvalue reference but not used to modify underlying object. | diff --git a/cpp/autosar/test/rules/A8-4-9/InOutParametersDeclaredAsTNotModified.expected b/cpp/autosar/test/rules/A8-4-9/InOutParametersDeclaredAsTNotModified.expected index 7025275fa2..e3cfa71bb7 100644 --- a/cpp/autosar/test/rules/A8-4-9/InOutParametersDeclaredAsTNotModified.expected +++ b/cpp/autosar/test/rules/A8-4-9/InOutParametersDeclaredAsTNotModified.expected @@ -1,5 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A8-4-9/InOutParametersDeclaredAsTNotModified.ql:49,7-15) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A8-4-9/InOutParametersDeclaredAsTNotModified.ql:63,7-15) | test.cpp:4:13:4:13 | i | In-out parameter i that is not written to. | | test.cpp:7:22:7:24 | str | In-out parameter str that is not read from. | | test.cpp:18:14:18:14 | i | In-out parameter i that is not read from. | diff --git a/cpp/autosar/test/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.expected b/cpp/autosar/test/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.expected index 6f8545a4f2..04c1f35a45 100644 --- a/cpp/autosar/test/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.expected +++ b/cpp/autosar/test/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.expected @@ -1,6 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.ql:72,3-11) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.ql:72,23-31) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.ql:72,46-54) | test.cpp:20:8:20:12 | getB2 | Member function A::getB2 $@ a non-const raw pointer or reference to a private or protected $@. | test.cpp:20:25:20:25 | b | returns | test.cpp:54:7:54:7 | b | field | | test.cpp:22:8:22:12 | getB3 | Member function A::getB3 $@ a non-const raw pointer or reference to a private or protected $@. | test.cpp:22:25:22:26 | & ... | returns | test.cpp:54:7:54:7 | b | field | | test.cpp:24:8:24:13 | getB33 | Member function A::getB33 $@ a non-const raw pointer or reference to a private or protected $@. | test.cpp:26:12:26:13 | bb | returns | test.cpp:54:7:54:7 | b | field | diff --git a/cpp/autosar/test/rules/M0-3-2/FunctionErroneousReturnValueNotTested.expected b/cpp/autosar/test/rules/M0-3-2/FunctionErroneousReturnValueNotTested.expected index b0ccfabffb..76cbcebed0 100644 --- a/cpp/autosar/test/rules/M0-3-2/FunctionErroneousReturnValueNotTested.expected +++ b/cpp/autosar/test/rules/M0-3-2/FunctionErroneousReturnValueNotTested.expected @@ -1,4 +1 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/M0-3-2/FunctionErroneousReturnValueNotTested.ql:70,9-17) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/M0-3-2/FunctionErroneousReturnValueNotTested.ql:70,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/M0-3-2/FunctionErroneousReturnValueNotTested.ql:70,53-61) | test.cpp:16:3:16:8 | call to remove | Return value is not tested for errors. | diff --git a/cpp/autosar/test/rules/M3-9-3/UnderlyingBitRepresentationsOfFloatingPointValuesUsed.expected b/cpp/autosar/test/rules/M3-9-3/UnderlyingBitRepresentationsOfFloatingPointValuesUsed.expected index bd0f8680ee..9aec2314da 100644 --- a/cpp/autosar/test/rules/M3-9-3/UnderlyingBitRepresentationsOfFloatingPointValuesUsed.expected +++ b/cpp/autosar/test/rules/M3-9-3/UnderlyingBitRepresentationsOfFloatingPointValuesUsed.expected @@ -1,5 +1,2 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/M3-9-3/UnderlyingBitRepresentationsOfFloatingPointValuesUsed.ql:27,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/M3-9-3/UnderlyingBitRepresentationsOfFloatingPointValuesUsed.ql:36,10-18) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/M3-9-3/UnderlyingBitRepresentationsOfFloatingPointValuesUsed.ql:37,5-13) | test.cpp:5:3:5:20 | ... &= ... | Modification of bit-representation of float originated at $@ | test.cpp:4:24:4:60 | reinterpret_cast... | cast | | test.cpp:12:3:12:14 | ... &= ... | Modification of bit-representation of float originated at $@ | test.cpp:11:18:11:30 | (uint8_t *)... | cast | diff --git a/cpp/autosar/test/rules/M9-3-1/ConstMemberFunctionReturnsNonConstPointer.expected b/cpp/autosar/test/rules/M9-3-1/ConstMemberFunctionReturnsNonConstPointer.expected index 9c77779fff..ee9652f505 100644 --- a/cpp/autosar/test/rules/M9-3-1/ConstMemberFunctionReturnsNonConstPointer.expected +++ b/cpp/autosar/test/rules/M9-3-1/ConstMemberFunctionReturnsNonConstPointer.expected @@ -1,5 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/M9-3-1/ConstMemberFunctionReturnsNonConstPointer.ql:53,7-15) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/M9-3-1/ConstMemberFunctionReturnsNonConstPointer.ql:55,7-15) | test.cpp:8:8:8:11 | getA | Const member function returns a pointer to class data $@. | test.cpp:3:8:3:8 | a | a | | test.cpp:9:8:9:11 | getB | Const member function returns a pointer to class data $@. | test.cpp:4:8:4:8 | b | b | | test.cpp:11:6:11:12 | getThis | Const member function returns a pointer to class data $@. | test.cpp:11:36:11:39 | this | this | diff --git a/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql b/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql index d60227d2c8..720880dbe4 100644 --- a/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql +++ b/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql @@ -16,7 +16,7 @@ import codingstandards.cpp.cert import codingstandards.cpp.Iterators import codingstandards.cpp.rules.containeraccesswithoutrangecheck.ContainerAccessWithoutRangeCheck as ContainerAccessWithoutRangeCheck import semmle.code.cpp.controlflow.Guards -import semmle.code.cpp.dataflow.TaintTracking +import codingstandards.cpp.dataflow.TaintTracking import semmle.code.cpp.valuenumbering.GlobalValueNumbering /** diff --git a/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.ql b/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.ql index 50d0b68944..3b34500a80 100644 --- a/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.ql +++ b/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.cpp.cert -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import DataFlow::PathGraph class ArrayAccessOrPointerArith extends Expr { diff --git a/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql b/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql index 7bfb298d3d..a385ee1ffc 100644 --- a/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql +++ b/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql @@ -14,8 +14,8 @@ import cpp import codingstandards.cpp.cert import codingstandards.cpp.SideEffect -import semmle.code.cpp.dataflow.DataFlow -import semmle.code.cpp.dataflow.TaintTracking +import codingstandards.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.TaintTracking import semmle.code.cpp.valuenumbering.GlobalValueNumbering /** Holds if the function's return value is derived from the `AliasParamter` p. */ diff --git a/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql b/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql index 1391a4d79f..6cb62e9046 100644 --- a/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql +++ b/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.cpp.cert -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import DataFlow::PathGraph class AllocationToDeleteConfig extends DataFlow::Configuration { diff --git a/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql b/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql index ce5a608489..64b05ce9d9 100644 --- a/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql +++ b/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.cpp.cert import semmle.code.cpp.controlflow.Guards -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import codingstandards.cpp.exceptions.ExceptionSpecifications /** diff --git a/cpp/cert/src/rules/MEM53-CPP/ManuallyManagedLifetime.qll b/cpp/cert/src/rules/MEM53-CPP/ManuallyManagedLifetime.qll index 0fbca43041..d51151ff95 100644 --- a/cpp/cert/src/rules/MEM53-CPP/ManuallyManagedLifetime.qll +++ b/cpp/cert/src/rules/MEM53-CPP/ManuallyManagedLifetime.qll @@ -3,8 +3,8 @@ import codingstandards.cpp.Conversion import codingstandards.cpp.TrivialType import ManuallyManagedLifetime import semmle.code.cpp.controlflow.Dominance -import semmle.code.cpp.dataflow.DataFlow2 -import semmle.code.cpp.dataflow.TaintTracking +import codingstandards.cpp.dataflow.DataFlow2 +import codingstandards.cpp.dataflow.TaintTracking /** * A taint-tracking configuration from allocation expressions to casts to a specific pointer type. diff --git a/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.ql b/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.ql index 2bcb9be07c..bc48af3a63 100644 --- a/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.ql +++ b/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.cpp.cert import codingstandards.cpp.TrivialType import ManuallyManagedLifetime -import semmle.code.cpp.dataflow.TaintTracking +import codingstandards.cpp.dataflow.TaintTracking import DataFlow::PathGraph /* diff --git a/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.ql b/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.ql index b96f284ad3..26d128a98e 100644 --- a/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.ql +++ b/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.cpp.cert import ManuallyManagedLifetime -import semmle.code.cpp.dataflow.DataFlow2 +import codingstandards.cpp.dataflow.DataFlow2 import DataFlow2::PathGraph from FreeWithoutDestructorConfig dc, DataFlow2::PathNode source, DataFlow2::PathNode sink diff --git a/cpp/cert/src/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.ql b/cpp/cert/src/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.ql index 76f8500362..52b14d9629 100644 --- a/cpp/cert/src/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.ql +++ b/cpp/cert/src/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.ql @@ -15,7 +15,7 @@ import cpp import codingstandards.cpp.cert import codingstandards.cpp.standardlibrary.Random -import semmle.code.cpp.dataflow.TaintTracking +import codingstandards.cpp.dataflow.TaintTracking from RandomNumberEngineCreation createRandomNumberEngine, string seedSource where diff --git a/cpp/cert/test/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.expected b/cpp/cert/test/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.expected index 43a2ccd342..4e87d1436c 100644 --- a/cpp/cert/test/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.expected +++ b/cpp/cert/test/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.expected @@ -1,12 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:97,7-15) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:97,27-35) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:98,9-17) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:102,9-17) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:102,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:103,11-19) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:113,35-43) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:114,11-19) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:113,9-22) | test.cpp:8:42:8:46 | call to begin | Output iterator for $@ is not guaranteed to be large enough for the input iterator. | test.cpp:8:3:8:11 | call to copy | call to copy | | test.cpp:17:42:17:46 | call to begin | Output iterator for $@ is not guaranteed to be large enough for the input iterator. | test.cpp:17:3:17:11 | call to copy | call to copy | | test.cpp:55:42:55:46 | call to begin | Output iterator for $@ is not guaranteed to be large enough for the input iterator. | test.cpp:55:3:55:11 | call to copy | call to copy | diff --git a/cpp/cert/test/rules/CTR53-CPP/UseValidIteratorRanges.expected b/cpp/cert/test/rules/CTR53-CPP/UseValidIteratorRanges.expected index ff23523aee..61260a0579 100644 --- a/cpp/cert/test/rules/CTR53-CPP/UseValidIteratorRanges.expected +++ b/cpp/cert/test/rules/CTR53-CPP/UseValidIteratorRanges.expected @@ -1,9 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.ql:23,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.ql:23,25-33) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.ql:24,7-15) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.ql:30,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.ql:30,25-33) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.ql:31,7-15) | test.cpp:7:3:7:15 | call to for_each | The $@ of iterator range function does not point to the end of an iterator. | test.cpp:7:28:7:32 | call to begin | argument | | test.cpp:7:3:7:15 | call to for_each | The $@ of iterator range function does not point to the start of an iterator. | test.cpp:7:19:7:21 | call to end | argument | | test.cpp:8:3:8:15 | call to for_each | The $@ of iterator range function does not point to the end of an iterator. | test.cpp:8:30:8:34 | call to begin | argument | diff --git a/cpp/cert/test/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.expected b/cpp/cert/test/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.expected index 86c028e2fa..0ee15c65b5 100644 --- a/cpp/cert/test/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.expected +++ b/cpp/cert/test/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.expected @@ -1,9 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.ql:17,8-16) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.ql:41,58-66) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.ql:46,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.ql:55,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.ql:61,55-63) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.ql:62,3-11) edges | test.cpp:15:19:15:21 | foo | test.cpp:16:24:16:26 | foo | | test.cpp:15:19:15:21 | foo | test.cpp:16:51:16:53 | foo | diff --git a/cpp/cert/test/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.expected b/cpp/cert/test/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.expected index 23ff8bf735..b432856e8b 100644 --- a/cpp/cert/test/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.expected +++ b/cpp/cert/test/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.expected @@ -1,27 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:24,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:24,59-67) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:27,33-41) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:27,57-65) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:31,33-41) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:31,59-67) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:40,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:40,25-33) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:40,53-61) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:43,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:43,57-65) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:52,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:52,55-63) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:59,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:59,57-65) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:71,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:71,55-63) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:24,5-18) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:27,7-20) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:31,7-20) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:43,5-18) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:52,5-18) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:59,5-18) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:71,5-18) | test.cpp:82:3:82:4 | call to f2 | Depending on the order of evaluation for the arguments $@ and $@ for side effects on shared state is unspecified and can result in unexpected behavior. | test.cpp:82:6:82:7 | call to f5 | call to f5 | test.cpp:82:12:82:13 | call to f6 | call to f6 | | test.cpp:84:3:84:4 | call to f2 | Depending on the order of evaluation for the arguments $@ and $@ for side effects on shared state is unspecified and can result in unexpected behavior. | test.cpp:84:6:84:7 | call to f5 | call to f5 | test.cpp:84:12:84:13 | call to f7 | call to f7 | | test.cpp:87:3:87:4 | call to f2 | Depending on the order of evaluation for the arguments $@ and $@ for side effects on shared state is unspecified and can result in unexpected behavior. | test.cpp:87:9:87:10 | call to m1 | call to m1 | test.cpp:87:18:87:19 | call to m1 | call to m1 | diff --git a/cpp/cert/test/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.expected b/cpp/cert/test/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.expected index 7074fa6ee5..a50daa096e 100644 --- a/cpp/cert/test/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.expected +++ b/cpp/cert/test/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.expected @@ -1,9 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:17,8-16) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:19,40-48) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:22,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:24,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:30,36-44) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:30,63-71) edges | test.cpp:6:19:6:37 | new[] | test.cpp:9:12:9:13 | l1 | | test.cpp:7:22:7:40 | new[] | test.cpp:10:12:10:13 | l2 | diff --git a/cpp/cert/test/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.expected b/cpp/cert/test/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.expected index c9144fd9a4..b7452ec199 100644 --- a/cpp/cert/test/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.expected +++ b/cpp/cert/test/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.expected @@ -1,8 +1,2 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql:59,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql:61,36-44) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql:77,42-50) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql:80,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql:84,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql:92,50-58) | test.cpp:24:7:24:34 | new | nothrow new allocation of $@ returns here without a subsequent check to see whether the pointer is valid. | test.cpp:24:7:24:34 | new | StructA * | | test.cpp:40:17:40:38 | call to allocate_without_check | nothrow new allocation of $@ returns here without a subsequent check to see whether the pointer is valid. | test.cpp:35:17:35:44 | new | StructA * | diff --git a/cpp/cert/test/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.expected b/cpp/cert/test/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.expected index 7225190e38..12dcb2d8ff 100644 --- a/cpp/cert/test/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.expected +++ b/cpp/cert/test/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.expected @@ -1,6 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.ql:18,8-16) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.ql:25,38-46) -WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.ql:25,65-73) edges nodes | test.cpp:16:26:16:31 | call to malloc | semmle.label | call to malloc | diff --git a/cpp/cert/test/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.expected b/cpp/cert/test/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.expected index e9ffa91297..00ed15c370 100644 --- a/cpp/cert/test/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.expected +++ b/cpp/cert/test/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.expected @@ -1,6 +1,3 @@ -WARNING: Module DataFlow2 has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.ql:17,8-17) -WARNING: Module DataFlow2 has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.ql:19,38-47) -WARNING: Module DataFlow2 has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.ql:19,66-75) edges | test.cpp:16:26:16:31 | call to malloc | test.cpp:22:8:22:9 | a1 | | test.cpp:17:38:17:43 | call to malloc | test.cpp:23:8:23:9 | a2 | diff --git a/cpp/cert/test/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.expected b/cpp/cert/test/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.expected index cf4878d949..0128221ffc 100644 --- a/cpp/cert/test/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.expected +++ b/cpp/cert/test/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.expected @@ -1,4 +1,3 @@ -WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.ql:37,7-20) | test.cpp:9:33:9:33 | call to linear_congruential_engine | Random number generator linear_congruential_engine is default-initialized and is therefore not properly seeded. | | test.cpp:10:30:10:31 | call to linear_congruential_engine | Random number generator linear_congruential_engine is default-initialized and is therefore not properly seeded. | | test.cpp:11:21:11:22 | call to linear_congruential_engine | Random number generator linear_congruential_engine is default-initialized and is therefore not properly seeded. | diff --git a/cpp/common/src/codingstandards/cpp/AccessPath.qll b/cpp/common/src/codingstandards/cpp/AccessPath.qll index ff7601ed4b..2393d25db4 100644 --- a/cpp/common/src/codingstandards/cpp/AccessPath.qll +++ b/cpp/common/src/codingstandards/cpp/AccessPath.qll @@ -1,5 +1,5 @@ import cpp -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow newtype TFieldQualifier = ExplicitQualifier(VariableAccess v) or diff --git a/cpp/common/src/codingstandards/cpp/Allocations.qll b/cpp/common/src/codingstandards/cpp/Allocations.qll index db47b0b028..5bc87221e2 100644 --- a/cpp/common/src/codingstandards/cpp/Allocations.qll +++ b/cpp/common/src/codingstandards/cpp/Allocations.qll @@ -7,7 +7,7 @@ import cpp import semmle.code.cpp.controlflow.SSA -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow /** * Holds if `alloc` is a use of `malloc` or `new`. `kind` is diff --git a/cpp/common/src/codingstandards/cpp/Concurrency.qll b/cpp/common/src/codingstandards/cpp/Concurrency.qll index 609cfafc4b..ab4b11dffe 100644 --- a/cpp/common/src/codingstandards/cpp/Concurrency.qll +++ b/cpp/common/src/codingstandards/cpp/Concurrency.qll @@ -1,5 +1,5 @@ import cpp -import semmle.code.cpp.dataflow.TaintTracking +import codingstandards.cpp.dataflow.TaintTracking /** * Models CFG nodes which should be added to a thread context. diff --git a/cpp/common/src/codingstandards/cpp/ConstHelpers.qll b/cpp/common/src/codingstandards/cpp/ConstHelpers.qll index a7457dc845..8cba3efde4 100644 --- a/cpp/common/src/codingstandards/cpp/ConstHelpers.qll +++ b/cpp/common/src/codingstandards/cpp/ConstHelpers.qll @@ -4,7 +4,7 @@ import cpp import codingstandards.cpp.SideEffect -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import codingstandards.cpp.FunctionParameter /** A variable that can be modified (both the pointer and object pointed to if pointer type) */ diff --git a/cpp/common/src/codingstandards/cpp/FgetsErrorManagement.qll b/cpp/common/src/codingstandards/cpp/FgetsErrorManagement.qll index 4f99b02e2e..7686714635 100644 --- a/cpp/common/src/codingstandards/cpp/FgetsErrorManagement.qll +++ b/cpp/common/src/codingstandards/cpp/FgetsErrorManagement.qll @@ -4,7 +4,7 @@ */ import cpp -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import semmle.code.cpp.controlflow.Guards /* diff --git a/cpp/common/src/codingstandards/cpp/Iterators.qll b/cpp/common/src/codingstandards/cpp/Iterators.qll index 72a9909c20..593da544ea 100644 --- a/cpp/common/src/codingstandards/cpp/Iterators.qll +++ b/cpp/common/src/codingstandards/cpp/Iterators.qll @@ -3,8 +3,8 @@ */ import cpp -import semmle.code.cpp.dataflow.DataFlow -import semmle.code.cpp.dataflow.TaintTracking +import codingstandards.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.TaintTracking import codingstandards.cpp.StdNamespace abstract class ContainerAccess extends VariableAccess { diff --git a/cpp/common/src/codingstandards/cpp/Nullness.qll b/cpp/common/src/codingstandards/cpp/Nullness.qll index e3af58b794..b04c013a2d 100644 --- a/cpp/common/src/codingstandards/cpp/Nullness.qll +++ b/cpp/common/src/codingstandards/cpp/Nullness.qll @@ -1,6 +1,6 @@ import cpp -import semmle.code.cpp.dataflow.DataFlow -import semmle.code.cpp.dataflow.DataFlow2 +import codingstandards.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow2 private class PointerToMember extends Variable { PointerToMember() { this.getType() instanceof PointerToMemberType } diff --git a/cpp/common/src/codingstandards/cpp/Overflow.qll b/cpp/common/src/codingstandards/cpp/Overflow.qll index c5461eb8ab..130e1bb42d 100644 --- a/cpp/common/src/codingstandards/cpp/Overflow.qll +++ b/cpp/common/src/codingstandards/cpp/Overflow.qll @@ -6,7 +6,7 @@ import cpp import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis import SimpleRangeAnalysisCustomizations import semmle.code.cpp.controlflow.Guards -import semmle.code.cpp.dataflow.TaintTracking +import codingstandards.cpp.dataflow.TaintTracking import semmle.code.cpp.valuenumbering.GlobalValueNumbering /** diff --git a/cpp/common/src/codingstandards/cpp/ReadErrorsAndEOF.qll b/cpp/common/src/codingstandards/cpp/ReadErrorsAndEOF.qll index c3c433d20d..7adb911c9f 100644 --- a/cpp/common/src/codingstandards/cpp/ReadErrorsAndEOF.qll +++ b/cpp/common/src/codingstandards/cpp/ReadErrorsAndEOF.qll @@ -1,5 +1,5 @@ import cpp -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import codingstandards.cpp.standardlibrary.FileAccess /** diff --git a/cpp/common/src/codingstandards/cpp/SideEffect.qll b/cpp/common/src/codingstandards/cpp/SideEffect.qll index 4b78b5c818..08cd9394d3 100644 --- a/cpp/common/src/codingstandards/cpp/SideEffect.qll +++ b/cpp/common/src/codingstandards/cpp/SideEffect.qll @@ -1,7 +1,7 @@ /** A module to reason about side effects. */ import cpp -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow private import exceptions.ExceptionFlow private import codingstandards.cpp.Expr private import codingstandards.cpp.Variable diff --git a/cpp/common/src/codingstandards/cpp/SmartPointers.qll b/cpp/common/src/codingstandards/cpp/SmartPointers.qll index 0f01d886be..dda645a399 100644 --- a/cpp/common/src/codingstandards/cpp/SmartPointers.qll +++ b/cpp/common/src/codingstandards/cpp/SmartPointers.qll @@ -1,5 +1,5 @@ import cpp -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow // Local cached version of localExprFlow to avoid bad magic cached diff --git a/cpp/common/src/codingstandards/cpp/allocations/PlacementNew.qll b/cpp/common/src/codingstandards/cpp/allocations/PlacementNew.qll index 1812397c8a..39451a743b 100644 --- a/cpp/common/src/codingstandards/cpp/allocations/PlacementNew.qll +++ b/cpp/common/src/codingstandards/cpp/allocations/PlacementNew.qll @@ -22,7 +22,7 @@ import cpp import codingstandards.cpp.Conversion -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow /* * TODO You can also have alignas on types diff --git a/cpp/common/src/codingstandards/cpp/dataflow/DataFlow.qll b/cpp/common/src/codingstandards/cpp/dataflow/DataFlow.qll new file mode 100644 index 0000000000..c11bf80fc6 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/dataflow/DataFlow.qll @@ -0,0 +1,36 @@ +/** + * Provides a library for local (intra-procedural) and global (inter-procedural) + * data flow analysis: deciding whether data can flow from a _source_ to a + * _sink_. + * + * Unless configured otherwise, _flow_ means that the exact value of + * the source may reach the sink. We do not track flow across pointer + * dereferences or array indexing. To track these types of flow, where the + * exact value may not be preserved, import + * `semmle.code.cpp.dataflow.TaintTracking`. + * + * To use global (interprocedural) data flow, extend the class + * `DataFlow::Configuration` as documented on that class. To use local + * (intraprocedural) data flow between expressions, call + * `DataFlow::localExprFlow`. For more general cases of local data flow, call + * `DataFlow::localFlow` or `DataFlow::localFlowStep` with arguments of type + * `DataFlow::Node`. + * + * NOTE: This is copied from `codeql/cpp-all` to avoid deprecation warnings + * that cannot be avoided in tests. + */ + +import cpp + +/** + * DEPRECATED: Use `semmle.code.cpp.dataflow.new.DataFlow` instead. + * + * Provides classes for performing local (intra-procedural) and + * global (inter-procedural) data flow analyses. + */ +module DataFlow { + private import semmle.code.cpp.dataflow.internal.DataFlowImplSpecific + private import codeql.dataflow.DataFlow + import DataFlowMake + import semmle.code.cpp.dataflow.internal.DataFlowImpl1 +} diff --git a/cpp/common/src/codingstandards/cpp/dataflow/DataFlow2.qll b/cpp/common/src/codingstandards/cpp/dataflow/DataFlow2.qll new file mode 100644 index 0000000000..83859535d8 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/dataflow/DataFlow2.qll @@ -0,0 +1,25 @@ +/** + * Provides a `DataFlow2` module, which is a copy of the `DataFlow` module. Use + * this class when data-flow configurations must depend on each other. Two + * classes extending `DataFlow::Configuration` should never depend on each + * other, but one of them should instead depend on a + * `DataFlow2::Configuration`, a `DataFlow3::Configuration`, or a + * `DataFlow4::Configuration`. + * + * See `semmle.code.cpp.dataflow.DataFlow` for the full documentation. + * + * NOTE: This is copied from `codeql/cpp-all` to avoid deprecation warnings + * that cannot be avoided in tests. + */ + +import cpp + +/** + * DEPRECATED: Use `semmle.code.cpp.dataflow.new.DataFlow2` instead. + * + * Provides classes for performing local (intra-procedural) and + * global (inter-procedural) data flow analyses. + */ +module DataFlow2 { + import semmle.code.cpp.dataflow.internal.DataFlowImpl2 +} diff --git a/cpp/common/src/codingstandards/cpp/dataflow/TaintTracking.qll b/cpp/common/src/codingstandards/cpp/dataflow/TaintTracking.qll new file mode 100644 index 0000000000..6bab6158c4 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/dataflow/TaintTracking.qll @@ -0,0 +1,37 @@ +/** + * Provides classes for performing local (intra-procedural) and + * global (inter-procedural) taint-tracking analyses. + * + * We define _taint propagation_ informally to mean that a substantial part of + * the information from the source is preserved at the sink. For example, taint + * propagates from `x` to `x + 100`, but it does not propagate from `x` to `x > + * 100` since we consider a single bit of information to be too little. + * + * To use global (interprocedural) taint tracking, extend the class + * `TaintTracking::Configuration` as documented on that class. To use local + * (intraprocedural) taint tracking between expressions, call + * `TaintTracking::localExprTaint`. For more general cases of local taint + * tracking, call `TaintTracking::localTaint` or + * `TaintTracking::localTaintStep` with arguments of type `DataFlow::Node`. + * + * NOTE: This is copied from `codeql/cpp-all` to avoid deprecation warnings + * that cannot be avoided in tests. + */ + +import codingstandards.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow2 + +/** + * DEPRECATED: Use `semmle.code.cpp.dataflow.new.TaintTracking` instead. + * + * Provides classes for performing local (intra-procedural) and + * global (inter-procedural) taint-tracking analyses. + */ +module TaintTracking { + import semmle.code.cpp.dataflow.internal.tainttracking1.TaintTrackingParameter::Public + private import semmle.code.cpp.dataflow.internal.DataFlowImplSpecific + private import semmle.code.cpp.dataflow.internal.TaintTrackingImplSpecific + private import codeql.dataflow.TaintTracking + import TaintFlowMake + import semmle.code.cpp.dataflow.internal.tainttracking1.TaintTrackingImpl +} diff --git a/cpp/common/src/codingstandards/cpp/resources/ResourceManagement.qll b/cpp/common/src/codingstandards/cpp/resources/ResourceManagement.qll index db65dd4920..0798575495 100644 --- a/cpp/common/src/codingstandards/cpp/resources/ResourceManagement.qll +++ b/cpp/common/src/codingstandards/cpp/resources/ResourceManagement.qll @@ -1,5 +1,5 @@ import cpp -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow /** * The `ResourceAcquisitionExpr` abstract class models resource diff --git a/cpp/common/src/codingstandards/cpp/rules/accessofnonexistingmemberthroughpointertomember/AccessOfNonExistingMemberThroughPointerToMember.qll b/cpp/common/src/codingstandards/cpp/rules/accessofnonexistingmemberthroughpointertomember/AccessOfNonExistingMemberThroughPointerToMember.qll index ac135386f3..138c0a89b5 100644 --- a/cpp/common/src/codingstandards/cpp/rules/accessofnonexistingmemberthroughpointertomember/AccessOfNonExistingMemberThroughPointerToMember.qll +++ b/cpp/common/src/codingstandards/cpp/rules/accessofnonexistingmemberthroughpointertomember/AccessOfNonExistingMemberThroughPointerToMember.qll @@ -7,7 +7,7 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.Expr -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow abstract class AccessOfNonExistingMemberThroughPointerToMemberSharedQuery extends Query { } diff --git a/cpp/common/src/codingstandards/cpp/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.qll b/cpp/common/src/codingstandards/cpp/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.qll index 98044c3ce1..2ee7036a1c 100644 --- a/cpp/common/src/codingstandards/cpp/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.qll +++ b/cpp/common/src/codingstandards/cpp/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.qll @@ -7,7 +7,7 @@ import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.Nullness import codingstandards.cpp.Expr -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import DataFlow::PathGraph abstract class AccessOfUndefinedMemberThroughNullPointerSharedQuery extends Query { } diff --git a/cpp/common/src/codingstandards/cpp/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.qll b/cpp/common/src/codingstandards/cpp/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.qll index 7d7bb627ee..7055cce296 100644 --- a/cpp/common/src/codingstandards/cpp/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.qll +++ b/cpp/common/src/codingstandards/cpp/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.qll @@ -12,7 +12,7 @@ */ import cpp -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.EncapsulatingFunctions diff --git a/cpp/common/src/codingstandards/cpp/rules/basicstringmaynotbenullterminated/BasicStringMayNotBeNullTerminated.qll b/cpp/common/src/codingstandards/cpp/rules/basicstringmaynotbenullterminated/BasicStringMayNotBeNullTerminated.qll index e27f09fd98..cea798ae11 100644 --- a/cpp/common/src/codingstandards/cpp/rules/basicstringmaynotbenullterminated/BasicStringMayNotBeNullTerminated.qll +++ b/cpp/common/src/codingstandards/cpp/rules/basicstringmaynotbenullterminated/BasicStringMayNotBeNullTerminated.qll @@ -8,8 +8,8 @@ import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import semmle.code.cpp.security.BufferWrite import semmle.code.cpp.commons.Buffer -import semmle.code.cpp.dataflow.DataFlow -import semmle.code.cpp.dataflow.TaintTracking +import codingstandards.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.TaintTracking import codingstandards.cpp.PossiblyUnsafeStringOperation abstract class BasicStringMayNotBeNullTerminatedSharedQuery extends Query { } diff --git a/cpp/common/src/codingstandards/cpp/rules/constlikereturnvalue/ConstLikeReturnValue.qll b/cpp/common/src/codingstandards/cpp/rules/constlikereturnvalue/ConstLikeReturnValue.qll index 5499e4ae42..56d1bd3d47 100644 --- a/cpp/common/src/codingstandards/cpp/rules/constlikereturnvalue/ConstLikeReturnValue.qll +++ b/cpp/common/src/codingstandards/cpp/rules/constlikereturnvalue/ConstLikeReturnValue.qll @@ -5,7 +5,7 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import DataFlow::PathGraph abstract class ConstLikeReturnValueSharedQuery extends Query { } diff --git a/cpp/common/src/codingstandards/cpp/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.qll b/cpp/common/src/codingstandards/cpp/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.qll index 840cd5330a..a3dabedd5a 100644 --- a/cpp/common/src/codingstandards/cpp/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.qll +++ b/cpp/common/src/codingstandards/cpp/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.qll @@ -12,7 +12,7 @@ import codingstandards.cpp.Operator import semmle.code.cpp.controlflow.Guards private import semmle.code.cpp.rangeanalysis.RangeAnalysisUtils import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import semmle.code.cpp.valuenumbering.GlobalValueNumbering abstract class ContainerAccessWithoutRangeCheckSharedQuery extends Query { } diff --git a/cpp/common/src/codingstandards/cpp/rules/danglingcapturewhenmovinglambdaobject/DanglingCaptureWhenMovingLambdaObject.qll b/cpp/common/src/codingstandards/cpp/rules/danglingcapturewhenmovinglambdaobject/DanglingCaptureWhenMovingLambdaObject.qll index 902d0ecf1f..ab2b067279 100644 --- a/cpp/common/src/codingstandards/cpp/rules/danglingcapturewhenmovinglambdaobject/DanglingCaptureWhenMovingLambdaObject.qll +++ b/cpp/common/src/codingstandards/cpp/rules/danglingcapturewhenmovinglambdaobject/DanglingCaptureWhenMovingLambdaObject.qll @@ -5,7 +5,7 @@ */ import cpp -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.Expr diff --git a/cpp/common/src/codingstandards/cpp/rules/danglingcapturewhenreturninglambdaobject/DanglingCaptureWhenReturningLambdaObject.qll b/cpp/common/src/codingstandards/cpp/rules/danglingcapturewhenreturninglambdaobject/DanglingCaptureWhenReturningLambdaObject.qll index 4ab01520f6..c35b723ff3 100644 --- a/cpp/common/src/codingstandards/cpp/rules/danglingcapturewhenreturninglambdaobject/DanglingCaptureWhenReturningLambdaObject.qll +++ b/cpp/common/src/codingstandards/cpp/rules/danglingcapturewhenreturninglambdaobject/DanglingCaptureWhenReturningLambdaObject.qll @@ -5,7 +5,7 @@ */ import cpp -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions diff --git a/cpp/common/src/codingstandards/cpp/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.qll b/cpp/common/src/codingstandards/cpp/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.qll index 83266ed524..3d84366d9a 100644 --- a/cpp/common/src/codingstandards/cpp/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.qll +++ b/cpp/common/src/codingstandards/cpp/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.qll @@ -6,7 +6,7 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import codingstandards.cpp.standardlibrary.FileAccess import semmle.code.cpp.controlflow.SubBasicBlocks diff --git a/cpp/common/src/codingstandards/cpp/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.qll b/cpp/common/src/codingstandards/cpp/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.qll index 759d235eb4..8a8155f971 100644 --- a/cpp/common/src/codingstandards/cpp/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.qll +++ b/cpp/common/src/codingstandards/cpp/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.qll @@ -17,7 +17,7 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.Concurrency -import semmle.code.cpp.dataflow.TaintTracking +import codingstandards.cpp.dataflow.TaintTracking abstract class DoNotAllowAMutexToGoOutOfScopeWhileLockedSharedQuery extends Query { } diff --git a/cpp/common/src/codingstandards/cpp/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.qll b/cpp/common/src/codingstandards/cpp/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.qll index d77ae8cf39..46335c3d94 100644 --- a/cpp/common/src/codingstandards/cpp/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.qll +++ b/cpp/common/src/codingstandards/cpp/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.qll @@ -15,7 +15,7 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.Concurrency -import semmle.code.cpp.dataflow.TaintTracking +import codingstandards.cpp.dataflow.TaintTracking abstract class DoNotDestroyAMutexWhileItIsLockedSharedQuery extends Query { } diff --git a/cpp/common/src/codingstandards/cpp/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.qll b/cpp/common/src/codingstandards/cpp/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.qll index 40dac2d027..20e73e938b 100644 --- a/cpp/common/src/codingstandards/cpp/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.qll +++ b/cpp/common/src/codingstandards/cpp/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.qll @@ -6,7 +6,7 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import DataFlow::PathGraph class ArrayToPointerDiffOperandConfig extends DataFlow::Configuration { diff --git a/cpp/common/src/codingstandards/cpp/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.qll b/cpp/common/src/codingstandards/cpp/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.qll index 758dcc0157..5fce6d99fc 100644 --- a/cpp/common/src/codingstandards/cpp/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.qll +++ b/cpp/common/src/codingstandards/cpp/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.qll @@ -7,7 +7,7 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis abstract class DoNotUsePointerArithmeticToAddressDifferentArraysSharedQuery extends Query { } diff --git a/cpp/common/src/codingstandards/cpp/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.qll b/cpp/common/src/codingstandards/cpp/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.qll index 15f1fa4057..c8ac2fd873 100644 --- a/cpp/common/src/codingstandards/cpp/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.qll +++ b/cpp/common/src/codingstandards/cpp/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.qll @@ -7,7 +7,7 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import DataFlow::PathGraph abstract class DoNotUseRelationalOperatorsWithDifferingArraysSharedQuery extends Query { } diff --git a/cpp/common/src/codingstandards/cpp/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.qll b/cpp/common/src/codingstandards/cpp/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.qll index 3949ff50a8..81a3251355 100644 --- a/cpp/common/src/codingstandards/cpp/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.qll +++ b/cpp/common/src/codingstandards/cpp/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.qll @@ -6,7 +6,7 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow abstract class InvalidatedEnvStringPointersSharedQuery extends Query { } diff --git a/cpp/common/src/codingstandards/cpp/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.qll b/cpp/common/src/codingstandards/cpp/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.qll index 8bc1b0c920..fd8a969d00 100644 --- a/cpp/common/src/codingstandards/cpp/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.qll +++ b/cpp/common/src/codingstandards/cpp/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.qll @@ -6,7 +6,7 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import codingstandards.cpp.rules.invalidatedenvstringpointers.InvalidatedEnvStringPointers as EnvString abstract class InvalidatedEnvStringPointersWarnSharedQuery extends Query { } diff --git a/cpp/common/src/codingstandards/cpp/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.qll b/cpp/common/src/codingstandards/cpp/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.qll index 89f847c5aa..3a7e225369 100644 --- a/cpp/common/src/codingstandards/cpp/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.qll +++ b/cpp/common/src/codingstandards/cpp/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.qll @@ -5,7 +5,7 @@ */ import cpp -import semmle.code.cpp.dataflow.TaintTracking +import codingstandards.cpp.dataflow.TaintTracking import codingstandards.cpp.Exclusions import codingstandards.cpp.standardlibrary.FileStreams import codingstandards.cpp.standardlibrary.FileAccess diff --git a/cpp/common/src/codingstandards/cpp/rules/movedfromobjectsunspecifiedstate/MovedFromObjectsUnspecifiedState.qll b/cpp/common/src/codingstandards/cpp/rules/movedfromobjectsunspecifiedstate/MovedFromObjectsUnspecifiedState.qll index f17da7e457..a0006eb643 100644 --- a/cpp/common/src/codingstandards/cpp/rules/movedfromobjectsunspecifiedstate/MovedFromObjectsUnspecifiedState.qll +++ b/cpp/common/src/codingstandards/cpp/rules/movedfromobjectsunspecifiedstate/MovedFromObjectsUnspecifiedState.qll @@ -4,7 +4,7 @@ */ import cpp -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import codingstandards.cpp.Exclusions import codingstandards.cpp.standardlibrary.Utility diff --git a/cpp/common/src/codingstandards/cpp/rules/nonconstantformat/NonConstantFormat.qll b/cpp/common/src/codingstandards/cpp/rules/nonconstantformat/NonConstantFormat.qll index 34d6c4f3e4..b73a648eeb 100644 --- a/cpp/common/src/codingstandards/cpp/rules/nonconstantformat/NonConstantFormat.qll +++ b/cpp/common/src/codingstandards/cpp/rules/nonconstantformat/NonConstantFormat.qll @@ -1,7 +1,7 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -import semmle.code.cpp.dataflow.TaintTracking +import codingstandards.cpp.dataflow.TaintTracking import semmle.code.cpp.commons.Printf abstract class NonConstantFormatSharedQuery extends Query { } diff --git a/cpp/common/src/codingstandards/cpp/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.qll b/cpp/common/src/codingstandards/cpp/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.qll index 9cd3810827..e8025db05b 100644 --- a/cpp/common/src/codingstandards/cpp/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.qll @@ -7,8 +7,8 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.Allocations -import semmle.code.cpp.dataflow.DataFlow -import semmle.code.cpp.dataflow.DataFlow2 +import codingstandards.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow2 import DataFlow::PathGraph /** diff --git a/cpp/common/src/codingstandards/cpp/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.qll b/cpp/common/src/codingstandards/cpp/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.qll index 30caf12d75..eff7873d16 100644 --- a/cpp/common/src/codingstandards/cpp/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.qll +++ b/cpp/common/src/codingstandards/cpp/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.qll @@ -8,7 +8,7 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.SmartPointers -import semmle.code.cpp.dataflow.TaintTracking +import codingstandards.cpp.dataflow.TaintTracking import DataFlow::PathGraph abstract class OwnedPointerValueStoredInUnrelatedSmartPointerSharedQuery extends Query { } diff --git a/cpp/common/src/codingstandards/cpp/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.qll b/cpp/common/src/codingstandards/cpp/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.qll index 5e21cce51b..515779595f 100644 --- a/cpp/common/src/codingstandards/cpp/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.qll +++ b/cpp/common/src/codingstandards/cpp/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.qll @@ -7,7 +7,7 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.allocations.PlacementNew -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import DataFlow::PathGraph abstract class PlacementNewInsufficientStorageSharedQuery extends Query { } diff --git a/cpp/common/src/codingstandards/cpp/rules/placementnewnotproperlyaligned/PlacementNewNotProperlyAligned.qll b/cpp/common/src/codingstandards/cpp/rules/placementnewnotproperlyaligned/PlacementNewNotProperlyAligned.qll index f45a83351c..19cbe2fff5 100644 --- a/cpp/common/src/codingstandards/cpp/rules/placementnewnotproperlyaligned/PlacementNewNotProperlyAligned.qll +++ b/cpp/common/src/codingstandards/cpp/rules/placementnewnotproperlyaligned/PlacementNewNotProperlyAligned.qll @@ -7,7 +7,7 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.allocations.PlacementNew -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import DataFlow::PathGraph abstract class PlacementNewNotProperlyAlignedSharedQuery extends Query { } diff --git a/cpp/common/src/codingstandards/cpp/rules/stringnumberconversionmissingerrorcheck/StringNumberConversionMissingErrorCheck.qll b/cpp/common/src/codingstandards/cpp/rules/stringnumberconversionmissingerrorcheck/StringNumberConversionMissingErrorCheck.qll index 240b9b75da..e5856ad7c8 100644 --- a/cpp/common/src/codingstandards/cpp/rules/stringnumberconversionmissingerrorcheck/StringNumberConversionMissingErrorCheck.qll +++ b/cpp/common/src/codingstandards/cpp/rules/stringnumberconversionmissingerrorcheck/StringNumberConversionMissingErrorCheck.qll @@ -7,7 +7,7 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import semmle.code.cpp.valuenumbering.GlobalValueNumbering -import semmle.code.cpp.dataflow.TaintTracking +import codingstandards.cpp.dataflow.TaintTracking import codingstandards.cpp.standardlibrary.CharStreams abstract class StringNumberConversionMissingErrorCheckSharedQuery extends Query { } diff --git a/cpp/common/src/codingstandards/cpp/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.qll b/cpp/common/src/codingstandards/cpp/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.qll index f44fd5a06a..a34beef5cd 100644 --- a/cpp/common/src/codingstandards/cpp/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.qll +++ b/cpp/common/src/codingstandards/cpp/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.qll @@ -4,7 +4,7 @@ */ import cpp -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import codingstandards.cpp.allocations.CustomOperatorNewDelete import codingstandards.cpp.exceptions.ExceptionSpecifications import codingstandards.cpp.Customizations diff --git a/cpp/common/src/codingstandards/cpp/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.qll b/cpp/common/src/codingstandards/cpp/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.qll index faa4442ba3..979918a72b 100644 --- a/cpp/common/src/codingstandards/cpp/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.qll +++ b/cpp/common/src/codingstandards/cpp/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.qll @@ -6,7 +6,7 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow abstract class UseOnlyArrayIndexingForPointerArithmeticSharedQuery extends Query { } diff --git a/cpp/common/src/codingstandards/cpp/standardlibrary/FileStreams.qll b/cpp/common/src/codingstandards/cpp/standardlibrary/FileStreams.qll index ae1aa55b99..775159326f 100644 --- a/cpp/common/src/codingstandards/cpp/standardlibrary/FileStreams.qll +++ b/cpp/common/src/codingstandards/cpp/standardlibrary/FileStreams.qll @@ -10,8 +10,8 @@ */ import cpp -import semmle.code.cpp.dataflow.DataFlow -import semmle.code.cpp.dataflow.TaintTracking +import codingstandards.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.TaintTracking /** * A `basic_fstream` like `std::fstream` diff --git a/cpp/common/test/deviations/deviation_permits_basic_test/UnusedReturnValue.ql b/cpp/common/test/deviations/deviation_permits_basic_test/UnusedReturnValue.ql index 38b75bda3c..2517965fc1 100644 --- a/cpp/common/test/deviations/deviation_permits_basic_test/UnusedReturnValue.ql +++ b/cpp/common/test/deviations/deviation_permits_basic_test/UnusedReturnValue.ql @@ -16,7 +16,7 @@ import cpp import codingstandards.cpp.CodingStandards -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import codingstandards.cpp.exclusions.cpp.RuleMetadata /* This is a copy of an AUTOSAR rule, which we are using for testing purposes. */ diff --git a/cpp/common/test/deviations/deviations_basic_test/UnusedReturnValue.ql b/cpp/common/test/deviations/deviations_basic_test/UnusedReturnValue.ql index 38b75bda3c..2517965fc1 100644 --- a/cpp/common/test/deviations/deviations_basic_test/UnusedReturnValue.ql +++ b/cpp/common/test/deviations/deviations_basic_test/UnusedReturnValue.ql @@ -16,7 +16,7 @@ import cpp import codingstandards.cpp.CodingStandards -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import codingstandards.cpp.exclusions.cpp.RuleMetadata /* This is a copy of an AUTOSAR rule, which we are using for testing purposes. */ diff --git a/cpp/common/test/deviations/deviations_report_deviated/UnusedReturnValue.ql b/cpp/common/test/deviations/deviations_report_deviated/UnusedReturnValue.ql index 38b75bda3c..2517965fc1 100644 --- a/cpp/common/test/deviations/deviations_report_deviated/UnusedReturnValue.ql +++ b/cpp/common/test/deviations/deviations_report_deviated/UnusedReturnValue.ql @@ -16,7 +16,7 @@ import cpp import codingstandards.cpp.CodingStandards -import semmle.code.cpp.dataflow.DataFlow +import codingstandards.cpp.dataflow.DataFlow import codingstandards.cpp.exclusions.cpp.RuleMetadata /* This is a copy of an AUTOSAR rule, which we are using for testing purposes. */ From 91fd477728ef5f79be166d5fff312c57748692e8 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 23 Oct 2023 22:20:45 +0100 Subject: [PATCH 1406/2573] Update private imports for TaintTracking Also fix another deprecation warning issue. --- .../src/codingstandards/cpp/dataflow/TaintTracking.qll | 2 +- .../internal/tainttracking1/TaintTrackingParameter.qll | 6 ++++++ .../cpp/lifetimes/lifetimeprofile/LifetimeProfile.qll | 2 +- .../cpp/trustboundary/UninitializedField.qll | 2 +- 4 files changed, 9 insertions(+), 3 deletions(-) create mode 100644 cpp/common/src/codingstandards/cpp/dataflow/internal/tainttracking1/TaintTrackingParameter.qll diff --git a/cpp/common/src/codingstandards/cpp/dataflow/TaintTracking.qll b/cpp/common/src/codingstandards/cpp/dataflow/TaintTracking.qll index 6bab6158c4..2b43a53ccb 100644 --- a/cpp/common/src/codingstandards/cpp/dataflow/TaintTracking.qll +++ b/cpp/common/src/codingstandards/cpp/dataflow/TaintTracking.qll @@ -28,7 +28,7 @@ import codingstandards.cpp.dataflow.DataFlow2 * global (inter-procedural) taint-tracking analyses. */ module TaintTracking { - import semmle.code.cpp.dataflow.internal.tainttracking1.TaintTrackingParameter::Public + import codingstandards.cpp.dataflow.internal.tainttracking1.TaintTrackingParameter::Public private import semmle.code.cpp.dataflow.internal.DataFlowImplSpecific private import semmle.code.cpp.dataflow.internal.TaintTrackingImplSpecific private import codeql.dataflow.TaintTracking diff --git a/cpp/common/src/codingstandards/cpp/dataflow/internal/tainttracking1/TaintTrackingParameter.qll b/cpp/common/src/codingstandards/cpp/dataflow/internal/tainttracking1/TaintTrackingParameter.qll new file mode 100644 index 0000000000..63e9c85e22 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/dataflow/internal/tainttracking1/TaintTrackingParameter.qll @@ -0,0 +1,6 @@ +import semmle.code.cpp.dataflow.internal.TaintTrackingUtil as Public + +module Private { + import codingstandards.cpp.dataflow.DataFlow::DataFlow as DataFlow + import semmle.code.cpp.dataflow.internal.DataFlowImpl as DataFlowInternal +} diff --git a/cpp/common/src/codingstandards/cpp/lifetimes/lifetimeprofile/LifetimeProfile.qll b/cpp/common/src/codingstandards/cpp/lifetimes/lifetimeprofile/LifetimeProfile.qll index 354dccdc56..7990f50216 100644 --- a/cpp/common/src/codingstandards/cpp/lifetimes/lifetimeprofile/LifetimeProfile.qll +++ b/cpp/common/src/codingstandards/cpp/lifetimes/lifetimeprofile/LifetimeProfile.qll @@ -1,5 +1,5 @@ import cpp -private import semmle.code.cpp.dataflow.DataFlow +private import codingstandards.cpp.dataflow.DataFlow private import semmle.code.cpp.controlflow.Nullness private import codingstandards.cpp.Dereferenced private import codingstandards.cpp.Expr diff --git a/cpp/common/src/codingstandards/cpp/trustboundary/UninitializedField.qll b/cpp/common/src/codingstandards/cpp/trustboundary/UninitializedField.qll index f58f1352a7..e6a2bbe706 100644 --- a/cpp/common/src/codingstandards/cpp/trustboundary/UninitializedField.qll +++ b/cpp/common/src/codingstandards/cpp/trustboundary/UninitializedField.qll @@ -5,7 +5,7 @@ */ import cpp -private import semmle.code.cpp.dataflow.DataFlow +private import codingstandards.cpp.dataflow.DataFlow private import semmle.code.cpp.controlflow.SubBasicBlocks private import semmle.code.cpp.padding.Padding as Padding private import semmle.code.cpp.dataflow.internal.FlowVar From 492b578fedce3689246cb5fd5b9bb808ffcc7573 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 23 Oct 2023 22:56:56 +0100 Subject: [PATCH 1407/2573] Update expected results. --- .../A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.expected | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.expected b/cpp/autosar/test/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.expected index ea0f998533..1a1e0e5297 100644 --- a/cpp/autosar/test/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.expected +++ b/cpp/autosar/test/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.expected @@ -1 +1 @@ -| test.cpp:42:6:42:7 | declaration of f1 | Definition for 'f1' is not available for unqualified lookup because it is declared after $@ | test.cpp:39:12:39:13 | using f1 | using-declaration | +| test.cpp:46:6:46:7 | declaration of f1 | Definition for 'f1' is not available for unqualified lookup because it is declared after $@ | test.cpp:43:12:43:13 | using f1 | using-declaration | From 618dac594729eb4e26f6427440636ff988a366cb Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 24 Oct 2023 22:26:38 +0100 Subject: [PATCH 1408/2573] A7-1-5: Ignore inits of a non-fundamental type --- ...pecifierNotUsedAppropriatelyInVariableDefinition.ql | 10 ++++++++-- cpp/autosar/test/rules/A7-1-5/test.cpp | 8 +++++++- 2 files changed, 15 insertions(+), 3 deletions(-) diff --git a/cpp/autosar/src/rules/A7-1-5/AutoSpecifierNotUsedAppropriatelyInVariableDefinition.ql b/cpp/autosar/src/rules/A7-1-5/AutoSpecifierNotUsedAppropriatelyInVariableDefinition.ql index 54b62720a9..7c91ade133 100644 --- a/cpp/autosar/src/rules/A7-1-5/AutoSpecifierNotUsedAppropriatelyInVariableDefinition.ql +++ b/cpp/autosar/src/rules/A7-1-5/AutoSpecifierNotUsedAppropriatelyInVariableDefinition.ql @@ -19,6 +19,10 @@ import cpp import codingstandards.cpp.autosar +class FundamentalType extends BuiltInType { + FundamentalType() { not this instanceof ErroneousType and not this instanceof UnknownType } +} + from Variable v where not isExcluded(v, @@ -28,12 +32,14 @@ where // exclude uninstantiated templates and rely on the instantiated templates, because an uninstantiated template may not contain the information required to determine if the usage is allowed. not v.isFromUninstantiatedTemplate(_) and not ( - // find ones where + // Initialized by function call v.getInitializer().getExpr() instanceof FunctionCall or + // Initialized by lambda expression v.getInitializer().getExpr() instanceof LambdaExpression or - v.getInitializer().getExpr() instanceof ClassAggregateLiteral + // Initialized by non-fundamental type + not v.getInitializer().getExpr().getType() instanceof FundamentalType ) and // Exclude compiler generated variables not v.isCompilerGenerated() diff --git a/cpp/autosar/test/rules/A7-1-5/test.cpp b/cpp/autosar/test/rules/A7-1-5/test.cpp index 34be754905..1358682f78 100644 --- a/cpp/autosar/test/rules/A7-1-5/test.cpp +++ b/cpp/autosar/test/rules/A7-1-5/test.cpp @@ -108,7 +108,13 @@ void instantiate() { } void test_loop() { - for (const auto a : {8, 9, 10}) { + for (const auto a : {8, 9, 10}) { // NON_COMPLIANT - a is initialized with a + // non-constant initializer + a; + } + + std::vector v = {1, 2, 3}; + for (const auto a : v) { // COMPLIANT - a is intialized with a function call a; } } \ No newline at end of file From 6336fd2a3dd2ca955f5e112cfe7e10928d71603c Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 24 Oct 2023 23:14:21 +0100 Subject: [PATCH 1409/2573] A7-1-5: Expand test cases Add extra test cases which highlight issues with range based for loops. --- ...AppropriatelyInVariableDefinition.expected | 2 +- cpp/autosar/test/rules/A7-1-5/test.cpp | 25 +++++++++++++++---- 2 files changed, 21 insertions(+), 6 deletions(-) diff --git a/cpp/autosar/test/rules/A7-1-5/AutoSpecifierNotUsedAppropriatelyInVariableDefinition.expected b/cpp/autosar/test/rules/A7-1-5/AutoSpecifierNotUsedAppropriatelyInVariableDefinition.expected index 03e53068f4..7a5da3abac 100644 --- a/cpp/autosar/test/rules/A7-1-5/AutoSpecifierNotUsedAppropriatelyInVariableDefinition.expected +++ b/cpp/autosar/test/rules/A7-1-5/AutoSpecifierNotUsedAppropriatelyInVariableDefinition.expected @@ -4,4 +4,4 @@ | test.cpp:27:8:27:8 | a | Use of auto in variable definition is not the result of a function call, lambda expression, or non-fundamental type initializer. | | test.cpp:28:8:28:8 | b | Use of auto in variable definition is not the result of a function call, lambda expression, or non-fundamental type initializer. | | test.cpp:81:10:81:10 | a | Use of auto in variable definition is not the result of a function call, lambda expression, or non-fundamental type initializer. | -| test.cpp:111:19:111:19 | a | Use of auto in variable definition is not the result of a function call, lambda expression, or non-fundamental type initializer. | +| test.cpp:111:13:111:13 | a | Use of auto in variable definition is not the result of a function call, lambda expression, or non-fundamental type initializer. | diff --git a/cpp/autosar/test/rules/A7-1-5/test.cpp b/cpp/autosar/test/rules/A7-1-5/test.cpp index 1358682f78..ba2ce2be81 100644 --- a/cpp/autosar/test/rules/A7-1-5/test.cpp +++ b/cpp/autosar/test/rules/A7-1-5/test.cpp @@ -106,15 +106,30 @@ void instantiate() { t381.test_381_1(); t381.test_381_2(); } - +class Foo {}; void test_loop() { - for (const auto a : {8, 9, 10}) { // NON_COMPLIANT - a is initialized with a - // non-constant initializer + for (auto a : {8, 9, 10}) { // NON_COMPLIANT - a is initialized with a + // non-constant initializer a; } std::vector v = {1, 2, 3}; - for (const auto a : v) { // COMPLIANT - a is intialized with a function call + for (auto &a : v) { // COMPLIANT - a is intialized with a function call + a; + } + + Foo f1; + Foo f2; + for (auto &a : {f1, f2}) { // COMPLIANT - initialized with a non-fundamental + // type + a; + } +} + +template void test_template(std::vector v2) { + for (auto &a : v2) { // COMPLIANT - a is intialized with a function call a; } -} \ No newline at end of file +} + +void test_template_instantiation() { test_template({1, 2, 3}); } \ No newline at end of file From 18fc071d80e1151656a1a535f6f16dc6f6cd963d Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 24 Oct 2023 23:19:00 +0100 Subject: [PATCH 1410/2573] A7-1-5: Add changenote for non-fundamental types --- change_notes/2023-10-24-a7-1-5-non-fundamental.md | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 change_notes/2023-10-24-a7-1-5-non-fundamental.md diff --git a/change_notes/2023-10-24-a7-1-5-non-fundamental.md b/change_notes/2023-10-24-a7-1-5-non-fundamental.md new file mode 100644 index 0000000000..f0c9802f5c --- /dev/null +++ b/change_notes/2023-10-24-a7-1-5-non-fundamental.md @@ -0,0 +1,8 @@ + * `A7-1-5` - exclude auto variables initialized with an expression of non-fundamental type. Typically this occurs when using range based for loops with arrays of non-fundamental types. For example: + ``` + void iterate(Foo values[]) { + for (auto value : values) { // COMPLIANT (previously false positive) + // ... + } + } + ``` \ No newline at end of file From b8a527cacc3e9118c14aec32af7336780797fa06 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 25 Oct 2023 13:28:34 +0100 Subject: [PATCH 1411/2573] A0-1-1: Ignore incomplete or compiler generated vars --- cpp/autosar/test/rules/A0-1-1/test.cpp | 13 ++++++++++++- .../cpp/deadcode/UselessAssignments.qll | 6 +++++- 2 files changed, 17 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index 824d649c6a..021b1bf792 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -112,4 +112,15 @@ int test_useless_assignment(int &x, int p) { return y; } -int main() { return 0; } \ No newline at end of file +int main() { return 0; } + +#include +template void test_range_based_for_loop_template() { + std::vector values_; + for (auto &elem : values_) { // COMPLIANT - should not report either elem or + // the compiler generated (__range) + // variable in the uninstantiated + // template + elem; + } +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/deadcode/UselessAssignments.qll b/cpp/common/src/codingstandards/cpp/deadcode/UselessAssignments.qll index e326f814be..465b023f3f 100644 --- a/cpp/common/src/codingstandards/cpp/deadcode/UselessAssignments.qll +++ b/cpp/common/src/codingstandards/cpp/deadcode/UselessAssignments.qll @@ -43,7 +43,11 @@ class InterestingStackVariable extends StackVariable { // A reference parameter can have an affect outside the enclosing function not mayEscape(this) and // Not a loop control variable, explicitly excluded - not this instanceof LoopControlVariable + not this instanceof LoopControlVariable and + // Ignore variables in uninstantiated templates + not this.isFromUninstantiatedTemplate(_) and + // Ignore compiler generated variables, such as those generated for range based for loops + not this.isCompilerGenerated() } } From bbc7a86f73490eb727f985e2afd1c1570d910617 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 25 Oct 2023 13:31:11 +0100 Subject: [PATCH 1412/2573] A0-1-1: Apply deviations to definition not variable --- cpp/autosar/src/rules/A0-1-1/UselessAssignment.ql | 1 + 1 file changed, 1 insertion(+) diff --git a/cpp/autosar/src/rules/A0-1-1/UselessAssignment.ql b/cpp/autosar/src/rules/A0-1-1/UselessAssignment.ql index f6219abe4b..755f72075d 100644 --- a/cpp/autosar/src/rules/A0-1-1/UselessAssignment.ql +++ b/cpp/autosar/src/rules/A0-1-1/UselessAssignment.ql @@ -20,6 +20,7 @@ import codingstandards.cpp.deadcode.UselessAssignments from SsaDefinition ultimateDef, InterestingStackVariable v where + not isExcluded(ultimateDef, DeadCodePackage::uselessAssignmentQuery()) and not isExcluded(v, DeadCodePackage::uselessAssignmentQuery()) and isUselessSsaDefinition(ultimateDef, v) select ultimateDef, "Definition of $@ is unused.", v, v.getName() From 9caece34adfb5eb0162ce2dff3f9a383f90e8c6c Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 25 Oct 2023 13:34:29 +0100 Subject: [PATCH 1413/2573] Add change notes --- change_notes/2023-10-25-a0-1-1.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 change_notes/2023-10-25-a0-1-1.md diff --git a/change_notes/2023-10-25-a0-1-1.md b/change_notes/2023-10-25-a0-1-1.md new file mode 100644 index 0000000000..91695ea524 --- /dev/null +++ b/change_notes/2023-10-25-a0-1-1.md @@ -0,0 +1,4 @@ + * `A0-1-1` - address a number of false positive issues: + * Exclude compiler-generated variables, such as those generated for range-based for loops. + * Exclude variables in uninstantiated templates, for which we have no precise data on uses. + * Deviations can now be applied to the useless assignment as well as the variable itself. \ No newline at end of file From d2d804322940a3952206714321edfd1f98f8f287 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 26 Oct 2023 11:39:31 +0100 Subject: [PATCH 1414/2573] A15-4-4: Ignore results on uninstantiated templates --- change_notes/2023-10-26-a15-4-4-noexcept.md | 1 + cpp/autosar/src/rules/A15-4-4/MissingNoExcept.ql | 6 ++++-- cpp/autosar/test/rules/A15-4-4/test.cpp | 13 +++++++++++++ 3 files changed, 18 insertions(+), 2 deletions(-) create mode 100644 change_notes/2023-10-26-a15-4-4-noexcept.md diff --git a/change_notes/2023-10-26-a15-4-4-noexcept.md b/change_notes/2023-10-26-a15-4-4-noexcept.md new file mode 100644 index 0000000000..e778264cc3 --- /dev/null +++ b/change_notes/2023-10-26-a15-4-4-noexcept.md @@ -0,0 +1 @@ + * `A15-4-4`: remove false positives reported on uninsantiated templates. \ No newline at end of file diff --git a/cpp/autosar/src/rules/A15-4-4/MissingNoExcept.ql b/cpp/autosar/src/rules/A15-4-4/MissingNoExcept.ql index 0226c20d30..7701a8a1ea 100644 --- a/cpp/autosar/src/rules/A15-4-4/MissingNoExcept.ql +++ b/cpp/autosar/src/rules/A15-4-4/MissingNoExcept.ql @@ -33,5 +33,7 @@ where // The function is defined in this database f.hasDefinition() and // This function is not an overriden call operator of a lambda expression - not exists(LambdaExpression lambda | lambda.getLambdaFunction() = f) -select f, "Function " + f.getName() + " could be declared noexcept(true)." + not exists(LambdaExpression lambda | lambda.getLambdaFunction() = f) and + // Exclude results from uinstantiated templates + not f.isFromUninstantiatedTemplate(_) +select f, "Function " + f.getQualifiedName() + " could be declared noexcept(true)." diff --git a/cpp/autosar/test/rules/A15-4-4/test.cpp b/cpp/autosar/test/rules/A15-4-4/test.cpp index f0b676373e..7d8597a75f 100644 --- a/cpp/autosar/test/rules/A15-4-4/test.cpp +++ b/cpp/autosar/test/rules/A15-4-4/test.cpp @@ -30,4 +30,17 @@ class A { void lambda_example() noexcept { auto with_capture = [=]() {}; auto empty_capture = []() {}; +} + +#include +template +void swap_wrapper(TypeA lhs, + TypeB rhs) noexcept(noexcept(std::swap(*lhs, *rhs))) { + std::swap(*lhs, *rhs); +} + +void test_swap_wrapper() noexcept { + int a = 0; + int b = 1; + swap_wrapper(&a, &b); } \ No newline at end of file From 2779a86e57ceff2244f61aa4f58fa94a3d21a231 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 26 Oct 2023 20:33:17 +0000 Subject: [PATCH 1415/2573] Bump urllib3 from 1.26.17 to 1.26.18 in /scripts Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.17 to 1.26.18. - [Release notes](https://github.com/urllib3/urllib3/releases) - [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst) - [Commits](https://github.com/urllib3/urllib3/compare/1.26.17...1.26.18) --- updated-dependencies: - dependency-name: urllib3 dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- scripts/requirements.txt | 2 +- scripts/upgrade-codeql-dependencies/requirements.txt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/requirements.txt b/scripts/requirements.txt index 60767e2ef8..99348fe960 100644 --- a/scripts/requirements.txt +++ b/scripts/requirements.txt @@ -9,7 +9,7 @@ MarkupSafe==1.1.1 requests==2.31.0 smmap==3.0.5 soupsieve==2.0.1 -urllib3==1.26.17 +urllib3==1.26.18 pyyaml==5.4 wheel==0.38.1 jsonschema==4.9.1 diff --git a/scripts/upgrade-codeql-dependencies/requirements.txt b/scripts/upgrade-codeql-dependencies/requirements.txt index 113e67fe3b..009d2dc5aa 100644 --- a/scripts/upgrade-codeql-dependencies/requirements.txt +++ b/scripts/upgrade-codeql-dependencies/requirements.txt @@ -3,4 +3,4 @@ charset-normalizer==3.2.0 idna==3.4 requests==2.31.0 semantic-version==2.10.0 -urllib3==2.0.7 +urllib3==1.26.18 From dad044ed54cfba7fd6b0b6ffeb52061a1e4e2a29 Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Tue, 31 Oct 2023 17:02:29 +0000 Subject: [PATCH 1416/2573] C++: Accept test changes after github/codeql/pull/14637. --- .../MissingConstructorCallForManuallyManagedObject.expected | 4 ++++ cpp/cert/test/rules/MEM53-CPP/test.cpp | 5 +++-- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/cpp/cert/test/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.expected b/cpp/cert/test/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.expected index 7225190e38..e06f6b9a63 100644 --- a/cpp/cert/test/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.expected +++ b/cpp/cert/test/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.expected @@ -2,6 +2,7 @@ WARNING: Module DataFlow has been deprecated and may be removed in future (/home WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.ql:25,38-46) WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.ql:25,65-73) edges +| test.cpp:65:21:65:34 | call to operator new | test.cpp:67:26:67:32 | call to realloc | nodes | test.cpp:16:26:16:31 | call to malloc | semmle.label | call to malloc | | test.cpp:17:38:17:43 | call to malloc | semmle.label | call to malloc | @@ -12,6 +13,8 @@ nodes | test.cpp:47:26:47:39 | call to operator new | semmle.label | call to operator new | | test.cpp:49:29:49:42 | call to operator new | semmle.label | call to operator new | | test.cpp:51:29:51:42 | call to operator new | semmle.label | call to operator new | +| test.cpp:65:21:65:34 | call to operator new | semmle.label | call to operator new | +| test.cpp:67:26:67:32 | call to realloc | semmle.label | call to realloc | subpaths #select | test.cpp:16:26:16:31 | call to malloc | test.cpp:16:26:16:31 | call to malloc | test.cpp:16:26:16:31 | call to malloc | Allocation to cast without constructor call | @@ -23,3 +26,4 @@ subpaths | test.cpp:47:26:47:39 | call to operator new | test.cpp:47:26:47:39 | call to operator new | test.cpp:47:26:47:39 | call to operator new | Allocation to cast without constructor call | | test.cpp:49:29:49:42 | call to operator new | test.cpp:49:29:49:42 | call to operator new | test.cpp:49:29:49:42 | call to operator new | Allocation to cast without constructor call | | test.cpp:51:29:51:42 | call to operator new | test.cpp:51:29:51:42 | call to operator new | test.cpp:51:29:51:42 | call to operator new | Allocation to cast without constructor call | +| test.cpp:67:26:67:32 | call to realloc | test.cpp:65:21:65:34 | call to operator new | test.cpp:67:26:67:32 | call to realloc | Allocation to cast without constructor call | diff --git a/cpp/cert/test/rules/MEM53-CPP/test.cpp b/cpp/cert/test/rules/MEM53-CPP/test.cpp index 12c6d1ee56..82c0953a60 100644 --- a/cpp/cert/test/rules/MEM53-CPP/test.cpp +++ b/cpp/cert/test/rules/MEM53-CPP/test.cpp @@ -63,6 +63,7 @@ void test_no_constructor_but_has_destructor() { void test_realloc() { void *goodAlloc = ::operator new(sizeof(ClassA)); - ClassA *a1 = new (goodAlloc) ClassA{1}; // COMPLIANT - ClassA *a2 = (ClassA *)realloc(goodAlloc, sizeof(ClassA) * 2); // COMPLIANT + ClassA *a1 = new (goodAlloc) ClassA{1}; // COMPLIANT + ClassA *a2 = (ClassA *)realloc( + goodAlloc, sizeof(ClassA) * 2); // COMPLIANT [FALSE_POSITIVE] } \ No newline at end of file From adc818b4ef404e6e3008a00cb8475c5b44891c4a Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 3 Nov 2023 13:25:28 +0000 Subject: [PATCH 1417/2573] IdentifierHiding: Consider point of decl for local vars Variables are only in scope from the point of declaration onwards. --- cpp/common/src/codingstandards/cpp/Scope.qll | 37 ++++++++++++++++++- .../IdentifierHidden.expected | 3 ++ .../test/rules/identifierhidden/test.cpp | 34 +++++++++++++++++ 3 files changed, 73 insertions(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/Scope.qll b/cpp/common/src/codingstandards/cpp/Scope.qll index 1734a1e9e4..f1556ca14f 100644 --- a/cpp/common/src/codingstandards/cpp/Scope.qll +++ b/cpp/common/src/codingstandards/cpp/Scope.qll @@ -209,7 +209,42 @@ private predicate hides_candidateStrict(UserVariable v1, UserVariable v2) { v2 = getPotentialScopeOfVariableStrict(v1) and v1.getName() = v2.getName() and // Member variables cannot hide other variables nor be hidden because the can be referenced through their qualified name. - not (v1.isMember() or v2.isMember()) + not (v1.isMember() or v2.isMember()) and + ( + // If v1 is a local variable, ensure that v1 is declared before v2 + ( + v1 instanceof LocalVariable and + // Ignore variables declared in conditional expressions, as they apply to + // the nested scope + not v1 = any(ConditionDeclExpr cde).getVariable() and + // Ignore variables declared in loops + not exists(Loop l | l.getADeclaration() = v1) + ) + implies + exists(BlockStmt bs, DeclStmt v1Stmt, Stmt v2Stmt | + v1 = v1Stmt.getADeclaration() and + getEnclosingStmt(v2).getParentStmt*() = v2Stmt + | + bs.getIndexOfStmt(v1Stmt) <= bs.getIndexOfStmt(v2Stmt) + ) + ) +} + +/** + * Gets the enclosing statement of the given variable, if any. + */ +private Stmt getEnclosingStmt(LocalScopeVariable v) { + result.(DeclStmt).getADeclaration() = v + or + exists(ConditionDeclExpr cde | + cde.getVariable() = v and + result = cde.getEnclosingStmt() + ) + or + exists(CatchBlock cb | + cb.getParameter() = v and + result = cb.getEnclosingStmt() + ) } /** Holds if `v2` hides `v1`. */ diff --git a/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected b/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected index 613dd93f7b..20ad06b69f 100644 --- a/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected +++ b/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected @@ -5,3 +5,6 @@ | test.cpp:23:13:23:15 | id1 | Variable is hiding variable $@. | test.cpp:1:5:1:7 | id1 | id1 | | test.cpp:26:12:26:14 | id1 | Variable is hiding variable $@. | test.cpp:1:5:1:7 | id1 | id1 | | test.cpp:27:14:27:16 | id1 | Variable is hiding variable $@. | test.cpp:26:12:26:14 | id1 | id1 | +| test.cpp:65:11:65:11 | i | Variable is hiding variable $@. | test.cpp:61:7:61:7 | i | i | +| test.cpp:67:9:67:9 | i | Variable is hiding variable $@. | test.cpp:61:7:61:7 | i | i | +| test.cpp:70:12:70:12 | i | Variable is hiding variable $@. | test.cpp:61:7:61:7 | i | i | diff --git a/cpp/common/test/rules/identifierhidden/test.cpp b/cpp/common/test/rules/identifierhidden/test.cpp index 90f56e7ccf..a4580a0dd2 100644 --- a/cpp/common/test/rules/identifierhidden/test.cpp +++ b/cpp/common/test/rules/identifierhidden/test.cpp @@ -40,4 +40,38 @@ template constexpr T foo1 = T(1.1L); template T f(T r) { T v = foo1 * r * r; // COMPLIANT T v1 = foo1 * r * r; // COMPLIANT +} + +void test_scope_order() { + { + { + int i; // COMPLIANT + } + int i; // COMPLIANT + } + + for (int i = 0; i < 10; i++) { // COMPLIANT + } + + try { + + } catch (int i) { // COMPLIANT + } + + int i; // COMPLIANT + + { + { + int i; // NON_COMPLIANT + } + int i; // NON_COMPLIANT + } + + for (int i = 0; i < 10; i++) { // NON_COMPLIANT + } + + try { + + } catch (int i) { // NON_COMPLIANT[FALSE_NEGATIVE] + } } \ No newline at end of file From 2a5964bc76e14a83e74afff393472189146664e4 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 3 Nov 2023 13:31:49 +0000 Subject: [PATCH 1418/2573] IdentifierHiding: Include catchblock parameters --- cpp/common/src/codingstandards/cpp/Scope.qll | 11 ++++++++++- .../rules/identifierhidden/IdentifierHidden.expected | 1 + cpp/common/test/rules/identifierhidden/test.cpp | 2 +- 3 files changed, 12 insertions(+), 2 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Scope.qll b/cpp/common/src/codingstandards/cpp/Scope.qll index f1556ca14f..4dd727b8d8 100644 --- a/cpp/common/src/codingstandards/cpp/Scope.qll +++ b/cpp/common/src/codingstandards/cpp/Scope.qll @@ -42,7 +42,16 @@ private Element getParentScope(Element e) { then result = e.getParentScope() else ( // Statements do no have a parent scope, so return the enclosing block. - result = e.(Stmt).getEnclosingBlock() or result = e.(Expr).getEnclosingBlock() + result = e.(Stmt).getEnclosingBlock() + or + result = e.(Expr).getEnclosingBlock() + or + // Catch block parameters don't have an enclosing scope, so attach them to the + // the block itself + exists(CatchBlock cb | + e = cb.getParameter() and + result = cb + ) ) } diff --git a/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected b/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected index 20ad06b69f..2ea18aa9cd 100644 --- a/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected +++ b/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected @@ -8,3 +8,4 @@ | test.cpp:65:11:65:11 | i | Variable is hiding variable $@. | test.cpp:61:7:61:7 | i | i | | test.cpp:67:9:67:9 | i | Variable is hiding variable $@. | test.cpp:61:7:61:7 | i | i | | test.cpp:70:12:70:12 | i | Variable is hiding variable $@. | test.cpp:61:7:61:7 | i | i | +| test.cpp:75:16:75:16 | i | Variable is hiding variable $@. | test.cpp:61:7:61:7 | i | i | diff --git a/cpp/common/test/rules/identifierhidden/test.cpp b/cpp/common/test/rules/identifierhidden/test.cpp index a4580a0dd2..cdd7137c57 100644 --- a/cpp/common/test/rules/identifierhidden/test.cpp +++ b/cpp/common/test/rules/identifierhidden/test.cpp @@ -72,6 +72,6 @@ void test_scope_order() { try { - } catch (int i) { // NON_COMPLIANT[FALSE_NEGATIVE] + } catch (int i) { // NON_COMPLIANT } } \ No newline at end of file From 6f7f0b1768d9ebbd8c6e0b6baeabba2bd0998745 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 3 Nov 2023 13:34:59 +0000 Subject: [PATCH 1419/2573] Add change note. --- change_notes/2023-11-03-identifier-hiding-improvements.md | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 change_notes/2023-11-03-identifier-hiding-improvements.md diff --git a/change_notes/2023-11-03-identifier-hiding-improvements.md b/change_notes/2023-11-03-identifier-hiding-improvements.md new file mode 100644 index 0000000000..cb0ab410d5 --- /dev/null +++ b/change_notes/2023-11-03-identifier-hiding-improvements.md @@ -0,0 +1,3 @@ + * `A2-10-1`, `RULE-5-3` + - Reduce false positives by considering point of declaration for local bariables. + - Reduce false negatives by considering catch block parameters to be in scope in the catch block. \ No newline at end of file From ac3feff7be6295c7060a6a4b0aee6d3775fcd73b Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 7 Nov 2023 16:47:50 -0800 Subject: [PATCH 1420/2573] M6-5-5: Improve detection of modification by reference - No longer consider the taking of a const reference as a modification. - Consider taking a non-const reference of a potential loop counter as modifying that loop counter. - Update tests to reflect changes. --- change_notes/2023-11-05-m6-5-5-const-refs.md | 3 +++ ...lVariableModifiedInLoopExpression.expected | 1 + cpp/autosar/test/rules/M6-5-5/test.cpp | 24 +++++++++++++++++++ cpp/common/src/codingstandards/cpp/Loops.qll | 13 ++++++++-- 4 files changed, 39 insertions(+), 2 deletions(-) create mode 100644 change_notes/2023-11-05-m6-5-5-const-refs.md diff --git a/change_notes/2023-11-05-m6-5-5-const-refs.md b/change_notes/2023-11-05-m6-5-5-const-refs.md new file mode 100644 index 0000000000..43a8a32503 --- /dev/null +++ b/change_notes/2023-11-05-m6-5-5-const-refs.md @@ -0,0 +1,3 @@ + * `M6-5-5` + - Reduce false positives by no longer considering the taking of a const reference as a modification. + - Improve detection of non-local modification of loop iteration variables to reduce false positives. \ No newline at end of file diff --git a/cpp/autosar/test/rules/M6-5-5/LoopControlVariableModifiedInLoopExpression.expected b/cpp/autosar/test/rules/M6-5-5/LoopControlVariableModifiedInLoopExpression.expected index 2404bb0302..c79fc6abc6 100644 --- a/cpp/autosar/test/rules/M6-5-5/LoopControlVariableModifiedInLoopExpression.expected +++ b/cpp/autosar/test/rules/M6-5-5/LoopControlVariableModifiedInLoopExpression.expected @@ -1 +1,2 @@ | test.cpp:24:8:24:15 | testFlag | Loop control variable testFlag is modified in the loop update expression. | +| test.cpp:47:12:47:12 | y | Loop control variable y is modified in the loop update expression. | diff --git a/cpp/autosar/test/rules/M6-5-5/test.cpp b/cpp/autosar/test/rules/M6-5-5/test.cpp index 8957964514..ae4ab47855 100644 --- a/cpp/autosar/test/rules/M6-5-5/test.cpp +++ b/cpp/autosar/test/rules/M6-5-5/test.cpp @@ -24,3 +24,27 @@ void test_loop_control_variable_modified_in_expression() { testFlag = updateFlagWithIncrement(++x)) { // NON_COMPLIANT } } + +#include + +void test_const_refs(std::vector v) { + std::vector::iterator first = v.begin(); + std::vector::iterator last = v.end(); + // call to operator!= passes a const reference to first + for (; first != last; first++) { // COMPLIANT + } +} + +void update(std::vector::iterator &f, const int &x, int &y) {} + +void test_const_refs_update(std::vector v) { + std::vector::iterator last = v.end(); + int x = 0; + int y = 0; + // call to operator!= passes a const reference to first + for (std::vector::iterator first = v.begin(); first != last; update( + first, x, // COMPLIANT - first is a loop counter, so can be modified + y)) { // NON_COMPLIANT - y is modified and is not a loop counter + first + 1; + } +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/Loops.qll b/cpp/common/src/codingstandards/cpp/Loops.qll index c7a338a8dd..a86166e24f 100644 --- a/cpp/common/src/codingstandards/cpp/Loops.qll +++ b/cpp/common/src/codingstandards/cpp/Loops.qll @@ -106,6 +106,15 @@ Variable getALoopCounter(ForStmt fs) { ) or updateOp = result.getAnAssignedValue() + or + // updateOp is an access whose address is taken in a non-const way + exists(FunctionCall fc, VariableAccess va | + fc = updateOp and + fc instanceof FunctionCall and + fc.getAnArgument() = va and + va = result.getAnAccess() and + va.isAddressOfAccessNonConst() + ) ) and result instanceof Variable and // checked or used in the condition @@ -260,7 +269,7 @@ predicate isLoopControlVarModifiedInLoopCondition( loopControlVariableAccess = forLoop.getCondition().getAChild+() and ( loopControlVariableAccess.isModified() or - loopControlVariableAccess.isAddressOfAccess() + loopControlVariableAccess.isAddressOfAccessNonConst() ) } @@ -277,7 +286,7 @@ predicate isLoopControlVarModifiedInLoopExpr( loopControlVariableAccess = forLoop.getUpdate().getAChild() and ( loopControlVariableAccess.isModified() or - loopControlVariableAccess.isAddressOfAccess() + loopControlVariableAccess.isAddressOfAccessNonConst() ) } From 298d3600b6a55ddb4a025d899ff347e950e267bc Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 7 Nov 2023 17:09:50 -0800 Subject: [PATCH 1421/2573] Remove unnecessary isExcluded Applying the exclusion to the variable is confusing and unnecessary in this particular case: int x = 0; // Does the deviation apply to the assignment or var? --- cpp/autosar/src/rules/A0-1-1/UselessAssignment.ql | 1 - 1 file changed, 1 deletion(-) diff --git a/cpp/autosar/src/rules/A0-1-1/UselessAssignment.ql b/cpp/autosar/src/rules/A0-1-1/UselessAssignment.ql index 755f72075d..a1c6fb1fa8 100644 --- a/cpp/autosar/src/rules/A0-1-1/UselessAssignment.ql +++ b/cpp/autosar/src/rules/A0-1-1/UselessAssignment.ql @@ -21,6 +21,5 @@ import codingstandards.cpp.deadcode.UselessAssignments from SsaDefinition ultimateDef, InterestingStackVariable v where not isExcluded(ultimateDef, DeadCodePackage::uselessAssignmentQuery()) and - not isExcluded(v, DeadCodePackage::uselessAssignmentQuery()) and isUselessSsaDefinition(ultimateDef, v) select ultimateDef, "Definition of $@ is unused.", v, v.getName() From fc5a174cd3d7dbc4e1f12a89d0fccea41ec253bd Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 7 Nov 2023 17:20:20 -0800 Subject: [PATCH 1422/2573] Encapsulate Bitwise class in module. --- .../OperandsOfAnInappropriateEssentialType.ql | 2 +- ...atorOperandsHaveDifferentUnderlyingType.ql | 2 +- .../BitwiseOperatorAppliedToSignedTypes.ql | 2 +- .../src/codingstandards/cpp/Bitwise.qll | 24 ++++++++++--------- 4 files changed, 16 insertions(+), 14 deletions(-) diff --git a/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql b/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql index 4043e40ef1..6fdde80119 100644 --- a/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql +++ b/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql @@ -178,7 +178,7 @@ predicate isInappropriateEssentialType( child = [ operator.(BinaryBitwiseOperation).getAnOperand(), - operator.(AssignBitwiseOperationFixed).getAnOperand() + operator.(Bitwise::AssignBitwiseOperation).getAnOperand() ] and not operator instanceof LShiftExpr and not operator instanceof RShiftExpr and diff --git a/cpp/autosar/src/rules/M5-0-20/BitwiseOperatorOperandsHaveDifferentUnderlyingType.ql b/cpp/autosar/src/rules/M5-0-20/BitwiseOperatorOperandsHaveDifferentUnderlyingType.ql index d400faf0c1..43ce423acc 100644 --- a/cpp/autosar/src/rules/M5-0-20/BitwiseOperatorOperandsHaveDifferentUnderlyingType.ql +++ b/cpp/autosar/src/rules/M5-0-20/BitwiseOperatorOperandsHaveDifferentUnderlyingType.ql @@ -23,7 +23,7 @@ predicate isBinaryBitwiseOperation(Operation o, VariableAccess l, VariableAccess l = bbo.getLeftOperand() and r = bbo.getRightOperand() ) or - exists(AssignBitwiseOperationFixed abo | abo = o | + exists(Bitwise::AssignBitwiseOperation abo | abo = o | l = abo.getLValue() and r = abo.getRValue() ) diff --git a/cpp/autosar/src/rules/M5-0-21/BitwiseOperatorAppliedToSignedTypes.ql b/cpp/autosar/src/rules/M5-0-21/BitwiseOperatorAppliedToSignedTypes.ql index 710aa72b0c..d000155189 100644 --- a/cpp/autosar/src/rules/M5-0-21/BitwiseOperatorAppliedToSignedTypes.ql +++ b/cpp/autosar/src/rules/M5-0-21/BitwiseOperatorAppliedToSignedTypes.ql @@ -25,7 +25,7 @@ where ( o instanceof UnaryBitwiseOperation or o instanceof BinaryBitwiseOperation or - o instanceof AssignBitwiseOperationFixed + o instanceof Bitwise::AssignBitwiseOperation ) and o.getAnOperand() = va and va.getTarget().getUnderlyingType().(IntegralType).isSigned() diff --git a/cpp/common/src/codingstandards/cpp/Bitwise.qll b/cpp/common/src/codingstandards/cpp/Bitwise.qll index 35b6a803c7..0e19cae29d 100644 --- a/cpp/common/src/codingstandards/cpp/Bitwise.qll +++ b/cpp/common/src/codingstandards/cpp/Bitwise.qll @@ -2,17 +2,19 @@ * A library for addressing issues in bitwise operator modelling in our database schema. */ -import cpp +private import cpp as cpp -/** - * A binary bitwise assign operation, excluding += and -= on pointers, which seem to be erroneously - * included. - */ -class AssignBitwiseOperationFixed extends AssignBitwiseOperation { - AssignBitwiseOperationFixed() { - // exclude += and -= on pointers, which seem to be erroneously included - // in the database schema - not this instanceof AssignPointerAddExpr and - not this instanceof AssignPointerSubExpr +module Bitwise { + /** + * A binary bitwise assign operation, excluding += and -= on pointers, which seem to be erroneously + * included. + */ + class AssignBitwiseOperation extends cpp::AssignBitwiseOperation { + AssignBitwiseOperation() { + // exclude += and -= on pointers, which seem to be erroneously included + // in the database schema + not this instanceof cpp::AssignPointerAddExpr and + not this instanceof cpp::AssignPointerSubExpr + } } } From d5edce52e140b19980471c2400e2dab81bb950dc Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 7 Nov 2023 17:33:03 -0800 Subject: [PATCH 1423/2573] Rename to match new namespace and class name. --- .../src/rules/M5-8-1/RightBitShiftOperandIsNegativeOrTooWide.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/src/rules/M5-8-1/RightBitShiftOperandIsNegativeOrTooWide.ql b/cpp/autosar/src/rules/M5-8-1/RightBitShiftOperandIsNegativeOrTooWide.ql index 3b0e830ef9..38da7115f3 100644 --- a/cpp/autosar/src/rules/M5-8-1/RightBitShiftOperandIsNegativeOrTooWide.ql +++ b/cpp/autosar/src/rules/M5-8-1/RightBitShiftOperandIsNegativeOrTooWide.ql @@ -34,7 +34,7 @@ class ShiftOperation extends Operation { rightOperand = o.getRightOperand() ) or - exists(AssignBitwiseOperationFixed o | this = o | + exists(Bitwise::AssignBitwiseOperation o | this = o | ( o instanceof AssignLShiftExpr or From 753cc4f5088eecf67644b96176365ca9855d424c Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 7 Nov 2023 17:46:32 -0800 Subject: [PATCH 1424/2573] Include the names of the types that are differnt in the alert --- ...atorOperandsHaveDifferentUnderlyingType.ql | 10 +++-- ...erandsHaveDifferentUnderlyingType.expected | 42 +++++++++---------- 2 files changed, 28 insertions(+), 24 deletions(-) diff --git a/cpp/autosar/src/rules/M5-0-20/BitwiseOperatorOperandsHaveDifferentUnderlyingType.ql b/cpp/autosar/src/rules/M5-0-20/BitwiseOperatorOperandsHaveDifferentUnderlyingType.ql index d400faf0c1..c53ce999be 100644 --- a/cpp/autosar/src/rules/M5-0-20/BitwiseOperatorOperandsHaveDifferentUnderlyingType.ql +++ b/cpp/autosar/src/rules/M5-0-20/BitwiseOperatorOperandsHaveDifferentUnderlyingType.ql @@ -29,10 +29,14 @@ predicate isBinaryBitwiseOperation(Operation o, VariableAccess l, VariableAccess ) } -from Operation o, Variable left, Variable right +from + Operation o, Variable left, Variable right, Type leftUnderlyingType, Type rightUnderlyingType where not isExcluded(o, ExpressionsPackage::bitwiseOperatorOperandsHaveDifferentUnderlyingTypeQuery()) and not o.isFromUninstantiatedTemplate(_) and isBinaryBitwiseOperation(o, left.getAnAccess(), right.getAnAccess()) and - left.getUnderlyingType() != right.getUnderlyingType() -select o, "Operands of the '" + o.getOperator() + "' operation have different underlying types." + leftUnderlyingType = left.getUnderlyingType() and + rightUnderlyingType = right.getUnderlyingType() and + leftUnderlyingType != rightUnderlyingType +select o, + "Operands of the '" + o.getOperator() + "' operation have different underlying types '" + leftUnderlyingType.getName() + "' and '" + rightUnderlyingType.getName() + "'." diff --git a/cpp/autosar/test/rules/M5-0-20/BitwiseOperatorOperandsHaveDifferentUnderlyingType.expected b/cpp/autosar/test/rules/M5-0-20/BitwiseOperatorOperandsHaveDifferentUnderlyingType.expected index ac31001f57..806c82599d 100644 --- a/cpp/autosar/test/rules/M5-0-20/BitwiseOperatorOperandsHaveDifferentUnderlyingType.expected +++ b/cpp/autosar/test/rules/M5-0-20/BitwiseOperatorOperandsHaveDifferentUnderlyingType.expected @@ -1,21 +1,21 @@ -| test.cpp:18:3:18:6 | ... & ... | Operands of the '&' operation have different underlying types. | -| test.cpp:19:3:19:7 | ... \| ... | Operands of the '\|' operation have different underlying types. | -| test.cpp:20:3:20:7 | ... ^ ... | Operands of the '^' operation have different underlying types. | -| test.cpp:21:3:21:8 | ... << ... | Operands of the '<<' operation have different underlying types. | -| test.cpp:22:3:22:8 | ... >> ... | Operands of the '>>' operation have different underlying types. | -| test.cpp:23:3:23:8 | ... &= ... | Operands of the '&=' operation have different underlying types. | -| test.cpp:24:3:24:8 | ... \|= ... | Operands of the '\|=' operation have different underlying types. | -| test.cpp:25:3:25:8 | ... ^= ... | Operands of the '^=' operation have different underlying types. | -| test.cpp:26:3:26:9 | ... <<= ... | Operands of the '<<=' operation have different underlying types. | -| test.cpp:27:3:27:9 | ... >>= ... | Operands of the '>>=' operation have different underlying types. | -| test.cpp:45:3:45:6 | ... & ... | Operands of the '&' operation have different underlying types. | -| test.cpp:46:3:46:7 | ... \| ... | Operands of the '\|' operation have different underlying types. | -| test.cpp:47:3:47:7 | ... ^ ... | Operands of the '^' operation have different underlying types. | -| test.cpp:48:3:48:8 | ... << ... | Operands of the '<<' operation have different underlying types. | -| test.cpp:49:3:49:8 | ... >> ... | Operands of the '>>' operation have different underlying types. | -| test.cpp:50:3:50:8 | ... &= ... | Operands of the '&=' operation have different underlying types. | -| test.cpp:51:3:51:8 | ... \|= ... | Operands of the '\|=' operation have different underlying types. | -| test.cpp:52:3:52:8 | ... ^= ... | Operands of the '^=' operation have different underlying types. | -| test.cpp:53:3:53:9 | ... <<= ... | Operands of the '<<=' operation have different underlying types. | -| test.cpp:54:3:54:9 | ... >>= ... | Operands of the '>>=' operation have different underlying types. | -| test.cpp:67:3:67:14 | ... << ... | Operands of the '<<' operation have different underlying types. | +| test.cpp:18:3:18:6 | ... & ... | Operands of the '&' operation have different underlying types 'unsigned int' and 'unsigned short'. | +| test.cpp:19:3:19:7 | ... \| ... | Operands of the '\|' operation have different underlying types 'unsigned int' and 'unsigned short'. | +| test.cpp:20:3:20:7 | ... ^ ... | Operands of the '^' operation have different underlying types 'unsigned int' and 'unsigned short'. | +| test.cpp:21:3:21:8 | ... << ... | Operands of the '<<' operation have different underlying types 'unsigned int' and 'unsigned short'. | +| test.cpp:22:3:22:8 | ... >> ... | Operands of the '>>' operation have different underlying types 'unsigned int' and 'unsigned short'. | +| test.cpp:23:3:23:8 | ... &= ... | Operands of the '&=' operation have different underlying types 'unsigned int' and 'unsigned short'. | +| test.cpp:24:3:24:8 | ... \|= ... | Operands of the '\|=' operation have different underlying types 'unsigned int' and 'unsigned short'. | +| test.cpp:25:3:25:8 | ... ^= ... | Operands of the '^=' operation have different underlying types 'unsigned int' and 'unsigned short'. | +| test.cpp:26:3:26:9 | ... <<= ... | Operands of the '<<=' operation have different underlying types 'unsigned int' and 'unsigned short'. | +| test.cpp:27:3:27:9 | ... >>= ... | Operands of the '>>=' operation have different underlying types 'unsigned int' and 'unsigned short'. | +| test.cpp:45:3:45:6 | ... & ... | Operands of the '&' operation have different underlying types 'unsigned char' and 'unsigned short'. | +| test.cpp:46:3:46:7 | ... \| ... | Operands of the '\|' operation have different underlying types 'unsigned char' and 'unsigned short'. | +| test.cpp:47:3:47:7 | ... ^ ... | Operands of the '^' operation have different underlying types 'unsigned char' and 'unsigned short'. | +| test.cpp:48:3:48:8 | ... << ... | Operands of the '<<' operation have different underlying types 'unsigned char' and 'unsigned short'. | +| test.cpp:49:3:49:8 | ... >> ... | Operands of the '>>' operation have different underlying types 'unsigned char' and 'unsigned short'. | +| test.cpp:50:3:50:8 | ... &= ... | Operands of the '&=' operation have different underlying types 'unsigned char' and 'unsigned short'. | +| test.cpp:51:3:51:8 | ... \|= ... | Operands of the '\|=' operation have different underlying types 'unsigned char' and 'unsigned short'. | +| test.cpp:52:3:52:8 | ... ^= ... | Operands of the '^=' operation have different underlying types 'unsigned char' and 'unsigned short'. | +| test.cpp:53:3:53:9 | ... <<= ... | Operands of the '<<=' operation have different underlying types 'unsigned char' and 'unsigned short'. | +| test.cpp:54:3:54:9 | ... >>= ... | Operands of the '>>=' operation have different underlying types 'unsigned char' and 'unsigned short'. | +| test.cpp:67:3:67:14 | ... << ... | Operands of the '<<' operation have different underlying types 'int &' and 'char &'. | From b6ba04c0122e6edd5029665cae4652d1bed8217c Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 7 Nov 2023 18:08:34 -0800 Subject: [PATCH 1425/2573] Use MISRA's definition of underlying type --- ...BitwiseOperatorOperandsHaveDifferentUnderlyingType.ql | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/cpp/autosar/src/rules/M5-0-20/BitwiseOperatorOperandsHaveDifferentUnderlyingType.ql b/cpp/autosar/src/rules/M5-0-20/BitwiseOperatorOperandsHaveDifferentUnderlyingType.ql index c53ce999be..7951f98bd5 100644 --- a/cpp/autosar/src/rules/M5-0-20/BitwiseOperatorOperandsHaveDifferentUnderlyingType.ql +++ b/cpp/autosar/src/rules/M5-0-20/BitwiseOperatorOperandsHaveDifferentUnderlyingType.ql @@ -17,6 +17,7 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.Bitwise +import codingstandards.cpp.Conversion predicate isBinaryBitwiseOperation(Operation o, VariableAccess l, VariableAccess r) { exists(BinaryBitwiseOperation bbo | bbo = o | @@ -30,13 +31,13 @@ predicate isBinaryBitwiseOperation(Operation o, VariableAccess l, VariableAccess } from - Operation o, Variable left, Variable right, Type leftUnderlyingType, Type rightUnderlyingType + Operation o, VariableAccess left, VariableAccess right, Type leftUnderlyingType, Type rightUnderlyingType where not isExcluded(o, ExpressionsPackage::bitwiseOperatorOperandsHaveDifferentUnderlyingTypeQuery()) and not o.isFromUninstantiatedTemplate(_) and - isBinaryBitwiseOperation(o, left.getAnAccess(), right.getAnAccess()) and - leftUnderlyingType = left.getUnderlyingType() and - rightUnderlyingType = right.getUnderlyingType() and + isBinaryBitwiseOperation(o, left, right) and + leftUnderlyingType = MisraConversion::getUnderlyingType(left) and + rightUnderlyingType = MisraConversion::getUnderlyingType(right) and leftUnderlyingType != rightUnderlyingType select o, "Operands of the '" + o.getOperator() + "' operation have different underlying types '" + leftUnderlyingType.getName() + "' and '" + rightUnderlyingType.getName() + "'." From 983cd8c034d58f5f47473e4bf39046715de0aa9b Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 7 Nov 2023 18:15:16 -0800 Subject: [PATCH 1426/2573] Add change not for M5-0-20 BitwiseOperatorOperandsHaveDifferentUnderlyingType.ql --- change_notes/2023-11-07-use-misra-underlying-type.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 change_notes/2023-11-07-use-misra-underlying-type.md diff --git a/change_notes/2023-11-07-use-misra-underlying-type.md b/change_notes/2023-11-07-use-misra-underlying-type.md new file mode 100644 index 0000000000..e322e8c2dd --- /dev/null +++ b/change_notes/2023-11-07-use-misra-underlying-type.md @@ -0,0 +1,2 @@ +- `M5-0-20` - `BitwiseOperatorOperandsHaveDifferentUnderlyingType.ql`: + - Use the Misra definition of underlying type. From 627ed6e7f1c911735b7f4ea3cb62e087b131d038 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 13 Nov 2023 14:33:25 -0800 Subject: [PATCH 1427/2573] Reuse bump version script --- .github/workflows/prepare-release.yml | 6 +----- scripts/bump_version.sh | 0 2 files changed, 1 insertion(+), 5 deletions(-) mode change 100644 => 100755 scripts/bump_version.sh diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 80bb00a378..7de658c7d8 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -123,11 +123,7 @@ jobs: git switch -c feature/update-user-manual-for-$RELEASE_VERSION git push --set-upstream origin feature/update-user-manual-for-$RELEASE_VERSION - find docs -name 'user_manual.md' | xargs sed -i "s/code-scanning-cpp-query-pack-.*\.zip\`/code-scanning-cpp-query-pack-$RELEASE_VERSION.zip\`/" - find docs -name 'user_manual.md' | xargs sed -i "s/supported_rules_list_.*\.csv\`/supported_rules_list_$RELEASE_VERSION.csv\`/" - find docs -name 'user_manual.md' | xargs sed -i "s/supported_rules_list_.*\.md\`/supported_rules_list_$RELEASE_VERSION.md\`/" - find docs -name 'user_manual.md' | xargs sed -i "s/user_manual_.*\.md\`/user_manual_$RELEASE_VERSION.md\`/" - find docs -name 'user_manual.md' | xargs sed -i "s/This user manual documents release \`.*\` of/This user manual documents release \`$RELEASE_VERSION\` of/" + scripts/bump_version.sh "$RELEASE_VERSION" git add -u . git commit -m "Update version" diff --git a/scripts/bump_version.sh b/scripts/bump_version.sh old mode 100644 new mode 100755 From ffcaf315662c87ea26c69382c37062df3dc30075 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 13 Nov 2023 14:37:34 -0800 Subject: [PATCH 1428/2573] Ensure we can dealt with all filenames --- scripts/bump_version.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/scripts/bump_version.sh b/scripts/bump_version.sh index bc3e7495e3..cdeb16d4a9 100755 --- a/scripts/bump_version.sh +++ b/scripts/bump_version.sh @@ -14,10 +14,10 @@ find . -name 'qlpack.yml' | grep -v './codeql_modules' | grep -v './scripts' | x # update the documentation. -find docs -name 'user_manual.md' | xargs sed -i "s/code-scanning-cpp-query-pack-.*\.zip\`/code-scanning-cpp-query-pack-${1}.zip\`/" -find docs -name 'user_manual.md' | xargs sed -i "s/supported_rules_list_.*\.csv\`/supported_rules_list_${1}.csv\`/" -find docs -name 'user_manual.md' | xargs sed -i "s/supported_rules_list_.*\.md\`/supported_rules_list_${1}.md\`/" -find docs -name 'user_manual.md' | xargs sed -i "s/user_manual_.*\.md\`/user_manual_${1}.md\`/" -find docs -name 'user_manual.md' | xargs sed -i "s/This user manual documents release \`.*\` of/This user manual documents release \`${1}\` of/" +find docs -name 'user_manual.md' -print0 | xargs -0 sed -i "s/code-scanning-cpp-query-pack-.*\.zip\`/code-scanning-cpp-query-pack-${1}.zip\`/" +find docs -name 'user_manual.md' -print0 | xargs -0 sed -i "s/supported_rules_list_.*\.csv\`/supported_rules_list_${1}.csv\`/" +find docs -name 'user_manual.md' -print0 | xargs -0 sed -i "s/supported_rules_list_.*\.md\`/supported_rules_list_${1}.md\`/" +find docs -name 'user_manual.md' -print0 | xargs -0 sed -i "s/user_manual_.*\.md\`/user_manual_${1}.md\`/" +find docs -name 'user_manual.md' -print0 | xargs -0 sed -i "s/This user manual documents release \`.*\` of/This user manual documents release \`${1}\` of/" echo "Done." \ No newline at end of file From 00a4a3beda12c38faa2283cf86d5bc83f2986985 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 13 Nov 2023 15:50:01 -0800 Subject: [PATCH 1429/2573] Add extra validation for hotfix releases --- .github/workflows/prepare-release.yml | 30 +++++++++------- scripts/release/validate-version.py | 49 +++++++++++++++++++++------ 2 files changed, 56 insertions(+), 23 deletions(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 7de658c7d8..10679db6a8 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -11,6 +11,11 @@ on: description: | The git commit, branch, or tag to release from. required: true + hotfix: + description: | + Whether this is a hotfix release. + required: false + default: false permissions: contents: write @@ -20,6 +25,7 @@ permissions: env: RELEASE_VERSION: ${{ inputs.version }} + HOTFIX_RELEASE: ${{ inputs.hotfix }} jobs: prepare-release: @@ -34,6 +40,18 @@ jobs: with: ref: ${{ inputs.ref }} + - name: Install Python + uses: actions/setup-python@v4 + with: + python-version: "3.9" + + - name: Install release script dependencies + run: pip install -r scripts/release/requirements.txt + + - name: Validate version + run: | + python scripts/release/validate-version.py "$RELEASE_VERSION" + - name: Validate release precondition env: RELEASE_VERSION: ${{ inputs.version }} @@ -84,18 +102,6 @@ jobs: git config user.name "$GITHUB_ACTOR" git config user.email "$GITHUB_ACTOR@users.noreply.github.com" - - name: Install Python - uses: actions/setup-python@v4 - with: - python-version: "3.9" - - - name: Install release script dependencies - run: pip install -r scripts/release/requirements.txt - - - name: Validate version - run: | - python scripts/release/validate-version.py "$RELEASE_VERSION" - - name: Create release branch run: | git switch -c rc/$RELEASE_VERSION diff --git a/scripts/release/validate-version.py b/scripts/release/validate-version.py index d0bf15fa64..3e8168d5b1 100644 --- a/scripts/release/validate-version.py +++ b/scripts/release/validate-version.py @@ -1,20 +1,47 @@ import semantic_version # type: ignore -from typing import Literal +from typing import Literal, TYPE_CHECKING +from subprocess import run -def main(args : list[str]) -> Literal[1, 0]: - if len(args) != 2: - print("Error: incorrect number of arguments", file=sys.stderr) - print(f"Usage: {args[0]} ", file=sys.stderr) - return 1 +if TYPE_CHECKING: + from argparse import Namespace + +def get_release_version_of_ref() -> semantic_version.Version: + cp = run(["git", "rev-parse", "--abbrev-ref", "HEAD"], capture_output=True, text=True) + if cp.returncode != 0: + raise RuntimeError("Failed to get current branch name") + branch_name = cp.stdout.strip() + ns, version_str = branch_name.split("/") + if ns != "rc": + raise RuntimeError("Not on a release branch!") + + try: + return semantic_version.Version(version_str) # type: ignore + except ValueError as e: + raise RuntimeError(f"Invalid version string: {e}") +def main(args :'Namespace') -> Literal[1, 0]: try: - semantic_version.Version.parse(args[1]) # type: ignore + release_version = semantic_version.Version(args.version) # type: ignore + if args.hotfix: + branch_release_version = get_release_version_of_ref() + expected_version = branch_release_version.next_patch() + if release_version != expected_version: + print(f"Error: Hotfix version `{release_version}` does not iterate on {branch_release_version}. Expected `{expected_version}`. ", file=stderr) + return 1 return 0 except ValueError as e: - print(f"Error: invalid version: {e}", file=sys.stderr) + print(f"Error: invalid version: {e}", file=stderr) + return 1 + except RuntimeError as e: + print(f"Error: {e}", file=stderr) return 1 - if __name__ == '__main__': - import sys - sys.exit(main(sys.argv)) \ No newline at end of file + from sys import stderr, exit + import argparse + + parser = argparse.ArgumentParser(description="Validate a version string") + parser.add_argument("version", help="The version string to validate") + parser.add_argument('--hotfix', action='store_true', help="Whether the release is to hotfix an existing release.") + + exit(main(parser.parse_args())) \ No newline at end of file From d1374aeea74e9a3ea80b8b75a7372295ac5e91a8 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 13 Nov 2023 15:50:24 -0800 Subject: [PATCH 1430/2573] Split up validation into multiple steps --- .github/workflows/prepare-release.yml | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 10679db6a8..f5949d73c0 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -50,11 +50,14 @@ jobs: - name: Validate version run: | - python scripts/release/validate-version.py "$RELEASE_VERSION" + if [[ "$HOTFIX_RELEASE" == "true" ]]; then + python scripts/release/validate-version.py --hotfix "$RELEASE_VERSION" + else + python scripts/release/validate-version.py "$RELEASE_VERSION" + fi - - name: Validate release precondition + - name: Check if release exists env: - RELEASE_VERSION: ${{ inputs.version }} GITHUB_TOKEN: ${{ github.token }} run: | read -r release type < <(gh release list | awk -v release="v$RELEASE_VERSION" '$1 ~ release { print $1,$2; ++n } END { if (n == 0) print "undefined", "undefined" }') @@ -71,27 +74,31 @@ jobs: fi fi + - name: Check if release PR exists + env: + GITHUB_TOKEN: ${{ github.token }} + run: | release_pr=$(gh pr view rc/$RELEASE_VERSION --json title,state,number) - if [[ ! -z "$release_pr" ]]; then - pr_title=$(echo "$release_pr" | jq -r '.title') pr_state=$(echo "$release_pr" | jq -r '.state') pr_number=$(echo "$release_pr" | jq -r '.number') - echo "Found PR '$pr_title' with state '$pr_state'" - if [[ "$pr_title" == "Release v$RELEASE_VERSION" ]] && [[ "$pr_state" != "CLOSED" ]]; then echo "Release PR is not closed, deleting it to proceed" gh pr close --delete-branch $pr_number fi fi + - name: Delete existing release branch + run: | if [[ ! -z $(git ls-remote --heads origin rc/$RELEASE_VERSION) ]]; then echo "Deleting existing release branch" git push origin --delete rc/$RELEASE_VERSION fi + - name: Delete existing feature branch + run: | if [[ ! -z $(git ls-remote --heads origin feature/update-user-manual-for-$RELEASE_VERSION) ]]; then echo "Deleting existing feature branch" git push origin --delete feature/update-user-manual-for-$RELEASE_VERSION From 0760b21c46084d342e707093b28fe372b901e323 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 13 Nov 2023 15:54:10 -0800 Subject: [PATCH 1431/2573] Simplify release validation using `gh release view` --- .github/workflows/prepare-release.yml | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index f5949d73c0..7231dcbcdb 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -60,16 +60,17 @@ jobs: env: GITHUB_TOKEN: ${{ github.token }} run: | - read -r release type < <(gh release list | awk -v release="v$RELEASE_VERSION" '$1 ~ release { print $1,$2; ++n } END { if (n == 0) print "undefined", "undefined" }') - if [[ "$release" == "undefined" ]]; then + release=$(gh release view v$RELEASE_VERSION --json name,isDraft) + if [[ -z "$release" ]]; then echo "Release v$RELEASE_VERSION does not exist. Proceeding" echo "create_draft_release=true" >> "$GITHUB_ENV" else - if [[ "$type" != "Draft" ]]; then - echo "Release '$release' already exists and is not a draft, but has release state '$type'. Cannot proceed" + isDraft=$(echo "$release" | jq -r '.isDraft') + if [[ "$isDraft" != "true" ]]; then + echo "Release 'v$RELEASE_VERSION' already exists and is not a draft. Cannot proceed" exit 1 else - echo "Release '$release' already exists and is a draft. Proceeding" + echo "Release 'v$RELEASE_VERSION' already exists and is a draft. Proceeding" echo "create_draft_release=false" >> "$GITHUB_ENV" fi fi From e67b6d810af1d89fa99103b336fe13e218648ffa Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 13 Nov 2023 16:03:14 -0800 Subject: [PATCH 1432/2573] Reword input description --- .github/workflows/finalize-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index 8fd73707f0..2cdfc6c95e 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -9,7 +9,7 @@ on: inputs: ref: description: | - The branch for which the finalize the release. + The release branch to finalize. required: true jobs: From 5b5082584ce112e067d3eecedcf7d11a257e3bd4 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 13 Nov 2023 16:58:08 -0800 Subject: [PATCH 1433/2573] Add PR to bump version after finalizing release --- .github/workflows/finalize-release.yml | 27 ++++++++++++- scripts/release/is-hotfix-release.py | 56 ++++++++++++++++++++++++++ 2 files changed, 82 insertions(+), 1 deletion(-) create mode 100644 scripts/release/is-hotfix-release.py diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index 2cdfc6c95e..5a70b979e3 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -56,4 +56,29 @@ jobs: version=${BASE_REF#rc/} echo "Finalizing release v$version" - gh release edit "v$version" --draft=false --tag=v$version \ No newline at end of file + gh release edit "v$version" --draft=false --tag=v$version + + - name: Determine if release was a hotfix release + run: | + version=${BASE_REF#rc/} + echo "HOTFIX_RELEASE=$(python scripts/release/is-hotfix.py $version)" >> "$GITHUB_ENV" + + - name: Bump main version + if: env.HOTFIX_RELEASE == 'false' + run: | + version=${BASE_REF#rc/} + next_version="$version-dev" + echo "Bumping main version to $next_version" + + git switch main + git pull --ff-only origin main + + git switch -c release-automation/bump-version + + python scripts/bump_version.sh "$next_version" + + git add -u . + git commit -m "Bump version to $next_version" + git push --set-upstream origin release-automation/bump-version + + gh pr create --repo $GITHUB_REPOSITORY --base main --head release-automation/bump-version --body "Bump the version of main to the dev label of the just released version $next_version" --title "Bump version to $next_version" diff --git a/scripts/release/is-hotfix-release.py b/scripts/release/is-hotfix-release.py new file mode 100644 index 0000000000..a496b63c27 --- /dev/null +++ b/scripts/release/is-hotfix-release.py @@ -0,0 +1,56 @@ +from semantic_version import Version # type: ignore +from subprocess import run +from typing import List, Literal, TYPE_CHECKING +from sys import stderr + +if TYPE_CHECKING: + from argparse import Namespace + +def get_merge_base_of_ref() -> str: + cp = run(["git", "merge-base", "HEAD", "origin/main"], capture_output=True, text=True) + if cp.returncode != 0: + raise RuntimeError("Failed to get merge base") + return cp.stdout.strip() + +def get_release_branches_containing(commit: str) -> List[Version]: + cp = run(["git", "branch", "--list", "rc/*", "--contains", commit], capture_output=True, text=True) + if cp.returncode != 0: + raise RuntimeError("Failed to get branches containing commit") + release_versions: List[Version] = [] + for version in [b.strip() for b in cp.stdout.splitlines()]: + try: + if version.startswith("rc/"): + version = version[3:] + release_versions.append(Version(version)) + except ValueError: + print(f"Warning: Skipping invalid version string: {version}", file=stderr) + + return release_versions + +def main(args: 'Namespace') -> Literal[0,1]: + try: + merge_base = get_merge_base_of_ref() + release_versions = get_release_branches_containing(merge_base) + if len(release_versions) == 0: + print(f"Info: No release branches found containing merge base {merge_base}", file=stderr) + print("false") + return 0 + + for version in release_versions: + if version.next_patch() == Version(args.version): + print("true") + return 0 + + print("false") + return 0 + except RuntimeError as e: + print(f"Error: {e}", file=stderr) + return 1 + +if __name__ == '__main__': + from sys import stderr, exit + import argparse + + parser = argparse.ArgumentParser(description="Check if a version is a hotfix release") + parser.add_argument("version", help="The version string to compare against the base branches") + exit(main(parser.parse_args())) \ No newline at end of file From ada60e1f289bdc3b7c1e25108fe8a73747a2ddb5 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 13 Nov 2023 17:03:03 -0800 Subject: [PATCH 1434/2573] Move bump version script to release directory --- .github/workflows/bump-version.yml | 4 +++- .github/workflows/finalize-release.yml | 2 +- .github/workflows/prepare-release.yml | 2 +- scripts/{bump_version.sh => release/bump-version.sh} | 2 +- 4 files changed, 6 insertions(+), 4 deletions(-) rename scripts/{bump_version.sh => release/bump-version.sh} (95%) diff --git a/.github/workflows/bump-version.yml b/.github/workflows/bump-version.yml index 51de9d8b40..712dbfe283 100644 --- a/.github/workflows/bump-version.yml +++ b/.github/workflows/bump-version.yml @@ -18,8 +18,10 @@ jobs: - name: Apply Bump shell: bash + env: + NEW_VERSION: ${{ inputs.new_version }} run: | - bash ./scripts/bump_version.sh ${{ github.event.inputs.new_version }} + bash ./scripts/release/bump-version.sh "$NEW_VERSION" - name: Create Pull Request uses: peter-evans/create-pull-request@v4 diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index 5a70b979e3..d8a8c8b5bb 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -75,7 +75,7 @@ jobs: git switch -c release-automation/bump-version - python scripts/bump_version.sh "$next_version" + python scripts/release/bump-version.sh "$next_version" git add -u . git commit -m "Bump version to $next_version" diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 7231dcbcdb..e2b69149fc 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -137,7 +137,7 @@ jobs: git switch -c feature/update-user-manual-for-$RELEASE_VERSION git push --set-upstream origin feature/update-user-manual-for-$RELEASE_VERSION - scripts/bump_version.sh "$RELEASE_VERSION" + scripts/release/bump-version.sh "$RELEASE_VERSION" git add -u . git commit -m "Update version" diff --git a/scripts/bump_version.sh b/scripts/release/bump-version.sh similarity index 95% rename from scripts/bump_version.sh rename to scripts/release/bump-version.sh index cdeb16d4a9..fd5ab5ea0d 100755 --- a/scripts/bump_version.sh +++ b/scripts/release/bump-version.sh @@ -3,7 +3,7 @@ if [[ -z $1 ]]; then - echo "Usage: bump_version.sh " + echo "Usage: bump-version.sh " exit fi From d074ffcf1397f7e6e43db34f230ce227d0ad8789 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 13 Nov 2023 17:03:36 -0800 Subject: [PATCH 1435/2573] Address incorrect invocation of bump version script --- .github/workflows/finalize-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index d8a8c8b5bb..f79e7aeaed 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -75,7 +75,7 @@ jobs: git switch -c release-automation/bump-version - python scripts/release/bump-version.sh "$next_version" + ./scripts/release/bump-version.sh "$next_version" git add -u . git commit -m "Bump version to $next_version" From b5abcfd5596cfc9f4e9b403fe7820645d25aa73e Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 13 Nov 2023 17:04:09 -0800 Subject: [PATCH 1436/2573] Make GitHub token available to create PR --- .github/workflows/finalize-release.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index f79e7aeaed..fbadfdb836 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -65,6 +65,8 @@ jobs: - name: Bump main version if: env.HOTFIX_RELEASE == 'false' + env: + GH_TOKEN: ${{ github.token }} run: | version=${BASE_REF#rc/} next_version="$version-dev" From 6563d95e058ea96090565c92e27363284edde977 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 14 Nov 2023 09:46:05 -0800 Subject: [PATCH 1437/2573] Clarify release steps for hotfix release --- docs/development_handbook.md | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/docs/development_handbook.md b/docs/development_handbook.md index 3a9471df59..2168e1fc56 100644 --- a/docs/development_handbook.md +++ b/docs/development_handbook.md @@ -37,6 +37,7 @@ | 0.28.0 | 2023-08-14 | Luke Cartey | Remove references to LGTM which is now a legacy product. | | 0.29.0 | 2023-10-11 | Remco Vermeulen | Update release process. | | 0.29.1 | 2023-10-11 | Remco Vermeulen | Address Markdown linter problems. | +| 0.30.0 | 2023-11-14 | Remco Vermeulen | Clarify release steps in case of a hotfix release. | ## Scope of work @@ -606,16 +607,22 @@ Among the assets are: #### Creating a release +**NOTE**: If this is a hotfix release, make sure to invoke `prepare-release.yml` with `hotfix` set to `true`. + To create a new release: 1. Determine the appropriate release version. Version numbers are generated according to the guidelines in the section "Version Numbering." 2. Determine the appropriate [Git reference](https://git-scm.com/book/en/v2/Git-Internals-Git-References) to base the new release on. For new major or minor releases, this will be `main`. For patch releases this will be the release branch that is patched. - 3. Trigger a [workflow dispatch event](https://docs.github.com/en/actions/managing-workflow-runs/manually-running-a-workflow) for the [Prepare CodeQL Coding Standards release](../.github/workflows/prepare-release.yml) workflow, specifying the release version for the input `version` and the Git reference for the input `ref`. - 4. Merge the PR that is created for the release, named `Release v..` where ``, ``, and `` match with the input `version` of the workflow [Prepare CodeQL Coding Standards release](../.github/workflows/prepare-release.yml) triggered in the previous step. + 3. Trigger a [workflow dispatch event](https://docs.github.com/en/actions/managing-workflow-runs/manually-running-a-workflow) for the [Prepare CodeQL Coding Standards release](../.github/workflows/prepare-release.yml) workflow, specifying the release version for the input `version` and the Git reference for the input `ref`, and `hotfix` with the value `true` **if** it is a hotfix release. + 4. Validate the compiler and performance results linked from their respective check runs in the PR's checks overview. + 1. Validate the performance results by ensuring the release performance doesn't regresses from the previous release by more than a factor of 2 without a good reason. + 2. Validate the compiler results by ensuring there is an acceptable number of compatibility issues. + 5. Merge the PR that is created for the release, named `Release v..` where ``, ``, and `` match with the input `version` of the workflow [Prepare CodeQL Coding Standards release](../.github/workflows/prepare-release.yml) triggered in the previous step. + 6. Merge the PRs for the performance and compiler validation results on the release engineering repository. The release automation consists of many test and validation steps that can fail. These can be addressed and the release can be restarted from step 3. -A restart of a release **WILL RECREATE THE EXISTING RELEASE BRANCH AND RELEASE PR**. Any additional changes added to the PR **MUST** be reapplied. +A restart of a release (i.e., calling `prepare-release.yml`) **WILL RECREATE THE EXISTING RELEASE BRANCH AND RELEASE PR**. Any additional changes added to the PR **MUST** be reapplied. If a release has been marked public, the release can no longer be restarted or re-released without removing the release manually. ## False Positive Triage Rubric From 1d3abe88d79793fdccfd97a570dbfa343a8ac512 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 15 Nov 2023 00:03:33 +0000 Subject: [PATCH 1438/2573] Bump gitpython from 3.1.36 to 3.1.37 in /scripts/release Bumps [gitpython](https://github.com/gitpython-developers/GitPython) from 3.1.36 to 3.1.37. - [Release notes](https://github.com/gitpython-developers/GitPython/releases) - [Changelog](https://github.com/gitpython-developers/GitPython/blob/main/CHANGES) - [Commits](https://github.com/gitpython-developers/GitPython/compare/3.1.36...3.1.37) --- updated-dependencies: - dependency-name: gitpython dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- scripts/release/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/release/requirements.txt b/scripts/release/requirements.txt index 79ccbcefbe..4241cf2710 100644 --- a/scripts/release/requirements.txt +++ b/scripts/release/requirements.txt @@ -1,4 +1,4 @@ semantic-version==2.10.0 PyGithub==1.59.1 PyYAML==6.0.1 -GitPython==3.1.36 \ No newline at end of file +GitPython==3.1.37 \ No newline at end of file From e5d4dcd3f5bb72ee92eb2f7208615416adc03416 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 16 Nov 2023 09:56:42 -0800 Subject: [PATCH 1439/2573] Replace PAT with GitHub App generated token in release workflows --- .github/workflows/update-release-status.yml | 16 ++++++++++++++-- .github/workflows/update-release.yml | 16 +++++++++++++++- .github/workflows/validate-release.yml | 19 +++++++++++++++---- 3 files changed, 44 insertions(+), 7 deletions(-) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index c7d62e80a6..707b8d9e0e 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -134,11 +134,23 @@ jobs: echo "check-run-head-sha=$CHECK_RUN_HEAD_SHA" >> "$GITHUB_OUTPUT" + generate-token: + runs-on: ubuntu-latest + outputs: + token: ${{ steps.generate-token.outputs.token }} + steps: + - name: Generate token + id: generate-token + uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e + with: + app_id: ${{ vars.AUTOMATION_APP_ID }} + private_key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} + update-release: - needs: validate-check-runs + needs: [validate-check-runs, generate-token] if: needs.validate-check-runs.outputs.status == 'completed' uses: ./.github/workflows/update-release.yml with: head-sha: ${{ needs.validate-check-runs.outputs.check-run-head-sha }} secrets: - RELEASE_ENGINEERING_TOKEN: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} \ No newline at end of file + RELEASE_ENGINEERING_TOKEN: ${{ generate-token.outputs.token }} \ No newline at end of file diff --git a/.github/workflows/update-release.yml b/.github/workflows/update-release.yml index 9868b2f397..3cb0900ca4 100644 --- a/.github/workflows/update-release.yml +++ b/.github/workflows/update-release.yml @@ -23,8 +23,22 @@ env: HEAD_SHA: ${{ inputs.head-sha }} jobs: + + generate-token: + runs-on: ubuntu-latest + outputs: + token: ${{ steps.generate-token.outputs.token }} + steps: + - name: Generate token + id: generate-token + uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e + with: + app_id: ${{ vars.AUTOMATION_APP_ID }} + private_key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} + update-release: name: "Update release" + needs: generate-token runs-on: ubuntu-22.04 steps: - name: Checkout @@ -43,7 +57,7 @@ jobs: - name: Update release assets env: GITHUB_TOKEN: ${{ github.token }} - RELEASE_ENGINEERING_TOKEN: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} + RELEASE_ENGINEERING_TOKEN: ${{ generate-token.outputs.token }} run: | python scripts/release/update-release-assets.py \ --head-sha $HEAD_SHA \ diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index b134f1eb13..7b6435dfa9 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -14,6 +14,17 @@ env: HEAD_SHA: ${{ github.event.pull_request.head.sha }} jobs: + generate-token: + runs-on: ubuntu-latest + outputs: + token: ${{ steps.generate-token.outputs.token }} + steps: + - name: Generate token + id: generate-token + uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e + with: + app_id: ${{ vars.AUTOMATION_APP_ID }} + private_key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} pre-validate-performance: outputs: @@ -36,13 +47,13 @@ jobs: echo "check-run-id=$check_run_id" >> "$GITHUB_OUTPUT" validate-performance: - needs: pre-validate-performance + needs: [pre-validate-performance, generate-token] runs-on: ubuntu-22.04 steps: - name: Invoke performance test env: CHECK_RUN_ID: ${{ needs.pre-validate-performance.outputs.check-run-id }} - GH_TOKEN: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} + GH_TOKEN: ${{ generate-token.outputs.token }} run: | jq -n \ --arg ref "$HEAD_SHA" \ @@ -97,13 +108,13 @@ jobs: echo "check-run-id=$check_run_id" >> "$GITHUB_OUTPUT" validate-compiler-compatibility: - needs: pre-validate-compiler-compatibility + needs: [pre-validate-compiler-compatibility, generate-token] runs-on: ubuntu-22.04 steps: - name: Invoke compiler compatibility test env: CHECK_RUN_ID: ${{ needs.pre-validate-compiler-compatibility.outputs.check-run-id }} - GITHUB_TOKEN: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} + GITHUB_TOKEN: ${{ generate-token.outputs.token }} run: | jq -n \ --arg ref "$HEAD_SHA" \ From 171a83778234e2d96195d50755e7cc6db19d6ca3 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 16 Nov 2023 09:58:27 -0800 Subject: [PATCH 1440/2573] Format workflows --- .github/workflows/update-release-status.yml | 24 ++++++++-------- .github/workflows/update-release.yml | 21 +++++++------- .github/workflows/validate-release.yml | 31 +++++++++++---------- 3 files changed, 38 insertions(+), 38 deletions(-) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index 707b8d9e0e..0f0587a355 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -135,22 +135,22 @@ jobs: echo "check-run-head-sha=$CHECK_RUN_HEAD_SHA" >> "$GITHUB_OUTPUT" generate-token: - runs-on: ubuntu-latest - outputs: - token: ${{ steps.generate-token.outputs.token }} - steps: - - name: Generate token - id: generate-token - uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e - with: - app_id: ${{ vars.AUTOMATION_APP_ID }} - private_key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} + runs-on: ubuntu-latest + outputs: + token: ${{ steps.generate-token.outputs.token }} + steps: + - name: Generate token + id: generate-token + uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e + with: + app_id: ${{ vars.AUTOMATION_APP_ID }} + private_key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} update-release: needs: [validate-check-runs, generate-token] if: needs.validate-check-runs.outputs.status == 'completed' uses: ./.github/workflows/update-release.yml with: - head-sha: ${{ needs.validate-check-runs.outputs.check-run-head-sha }} + head-sha: ${{ needs.validate-check-runs.outputs.check-run-head-sha }} secrets: - RELEASE_ENGINEERING_TOKEN: ${{ generate-token.outputs.token }} \ No newline at end of file + RELEASE_ENGINEERING_TOKEN: ${{ generate-token.outputs.token }} diff --git a/.github/workflows/update-release.yml b/.github/workflows/update-release.yml index 3cb0900ca4..f3541e0571 100644 --- a/.github/workflows/update-release.yml +++ b/.github/workflows/update-release.yml @@ -23,18 +23,17 @@ env: HEAD_SHA: ${{ inputs.head-sha }} jobs: - generate-token: - runs-on: ubuntu-latest - outputs: - token: ${{ steps.generate-token.outputs.token }} - steps: - - name: Generate token - id: generate-token - uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e - with: - app_id: ${{ vars.AUTOMATION_APP_ID }} - private_key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} + runs-on: ubuntu-latest + outputs: + token: ${{ steps.generate-token.outputs.token }} + steps: + - name: Generate token + id: generate-token + uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e + with: + app_id: ${{ vars.AUTOMATION_APP_ID }} + private_key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} update-release: name: "Update release" diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 7b6435dfa9..4a11c2790e 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -15,16 +15,16 @@ env: jobs: generate-token: - runs-on: ubuntu-latest - outputs: - token: ${{ steps.generate-token.outputs.token }} - steps: - - name: Generate token - id: generate-token - uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e - with: - app_id: ${{ vars.AUTOMATION_APP_ID }} - private_key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} + runs-on: ubuntu-latest + outputs: + token: ${{ steps.generate-token.outputs.token }} + steps: + - name: Generate token + id: generate-token + uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e + with: + app_id: ${{ vars.AUTOMATION_APP_ID }} + private_key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} pre-validate-performance: outputs: @@ -72,8 +72,8 @@ jobs: steps: - name: Fail check run status env: - CHECK_RUN_ID: ${{ needs.pre-validate-performance.outputs.check-run-id }} - GITHUB_TOKEN: ${{ github.token }} + CHECK_RUN_ID: ${{ needs.pre-validate-performance.outputs.check-run-id }} + GITHUB_TOKEN: ${{ github.token }} run: | jq -n \ --arg status "completed" \ @@ -127,14 +127,15 @@ jobs: --ref rvermeulen/release-process on-failure-validate-compiler-compatibility-dispatch: - needs: [pre-validate-compiler-compatibility, validate-compiler-compatibility] + needs: + [pre-validate-compiler-compatibility, validate-compiler-compatibility] if: failure() runs-on: ubuntu-22.04 steps: - name: Fail check run status env: - CHECK_RUN_ID: ${{ needs.pre-validate-compiler-compatibility.outputs.check-run-id }} - GITHUB_TOKEN: ${{ github.token }} + CHECK_RUN_ID: ${{ needs.pre-validate-compiler-compatibility.outputs.check-run-id }} + GITHUB_TOKEN: ${{ github.token }} run: | jq -n \ --arg status "completed" \ From 59032d27a1b1b4c627bba12aff4fc536900ff539 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 16 Nov 2023 13:30:03 -0800 Subject: [PATCH 1441/2573] Address failing step if release is new --- .github/workflows/prepare-release.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index e2b69149fc..50573cbaaf 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -60,6 +60,9 @@ jobs: env: GITHUB_TOKEN: ${{ github.token }} run: | + # Don't fail the step if gh fails to find the release + set +e + release=$(gh release view v$RELEASE_VERSION --json name,isDraft) if [[ -z "$release" ]]; then echo "Release v$RELEASE_VERSION does not exist. Proceeding" From 84facd2e5169a667a64692a559083490efc49abe Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 17 Nov 2023 12:48:50 -0800 Subject: [PATCH 1442/2573] Switch input type hotfix to boolean --- .github/workflows/prepare-release.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index e2b69149fc..a47a127fec 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -16,6 +16,7 @@ on: Whether this is a hotfix release. required: false default: false + type: boolean permissions: contents: write From f3881b23ee63b07eefdb107860f03706490562a3 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 17 Nov 2023 14:06:02 -0800 Subject: [PATCH 1443/2573] Use a subshell to wrap the gh command --- .github/workflows/prepare-release.yml | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index d256e3e4b5..16826366da 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -61,10 +61,7 @@ jobs: env: GITHUB_TOKEN: ${{ github.token }} run: | - # Don't fail the step if gh fails to find the release - set +e - - release=$(gh release view v$RELEASE_VERSION --json name,isDraft) + release=$( { gh release view v$RELEASE_VERSION --json name,isDraft; } || echo "" ) if [[ -z "$release" ]]; then echo "Release v$RELEASE_VERSION does not exist. Proceeding" echo "create_draft_release=true" >> "$GITHUB_ENV" From 579e42578e2fa28a9e54f424ea6db8ba6fd9cb66 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 17 Nov 2023 14:18:04 -0800 Subject: [PATCH 1444/2573] Prevent globbing and word splitting --- .github/workflows/prepare-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 16826366da..cca4edb838 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -61,7 +61,7 @@ jobs: env: GITHUB_TOKEN: ${{ github.token }} run: | - release=$( { gh release view v$RELEASE_VERSION --json name,isDraft; } || echo "" ) + release=$( { gh release view "v$RELEASE_VERSION" --json name,isDraft; } || echo "" ) if [[ -z "$release" ]]; then echo "Release v$RELEASE_VERSION does not exist. Proceeding" echo "create_draft_release=true" >> "$GITHUB_ENV" From ff877964b36c7b12b4af79dbcdfc71520aa90a4d Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 17 Nov 2023 15:39:21 -0800 Subject: [PATCH 1445/2573] Use a subshell to wrap the gh command --- .github/workflows/prepare-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index cca4edb838..7ead5aabc1 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -80,7 +80,7 @@ jobs: env: GITHUB_TOKEN: ${{ github.token }} run: | - release_pr=$(gh pr view rc/$RELEASE_VERSION --json title,state,number) + release_pr=$( { gh pr view rc/$RELEASE_VERSION --json title,state,number; } || echo "") if [[ ! -z "$release_pr" ]]; then pr_title=$(echo "$release_pr" | jq -r '.title') pr_state=$(echo "$release_pr" | jq -r '.state') From 901a97e69666d0221fd4ae709ada778a9ffe0b30 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 17 Nov 2023 15:39:40 -0800 Subject: [PATCH 1446/2573] Prevent globbing and word splitting --- .github/workflows/prepare-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 7ead5aabc1..ac223c6051 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -80,7 +80,7 @@ jobs: env: GITHUB_TOKEN: ${{ github.token }} run: | - release_pr=$( { gh pr view rc/$RELEASE_VERSION --json title,state,number; } || echo "") + release_pr=$( { gh pr view "rc/$RELEASE_VERSION" --json title,state,number; } || echo "") if [[ ! -z "$release_pr" ]]; then pr_title=$(echo "$release_pr" | jq -r '.title') pr_state=$(echo "$release_pr" | jq -r '.state') From 72a99074977b60d281b730c802b705f26b365b23 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 17 Nov 2023 15:41:11 -0800 Subject: [PATCH 1447/2573] Reduce the description that is part of the UI --- .github/workflows/prepare-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index ac223c6051..4b29141e7c 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -13,7 +13,7 @@ on: required: true hotfix: description: | - Whether this is a hotfix release. + Hotfix release. required: false default: false type: boolean From 6c1674cc5a0784faea5362a39df45ede767819a8 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 20 Nov 2023 10:02:56 -0800 Subject: [PATCH 1448/2573] Address missing GitHub App token --- .github/workflows/prepare-release.yml | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 4b29141e7c..f8ef4ed042 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -29,11 +29,24 @@ env: HOTFIX_RELEASE: ${{ inputs.hotfix }} jobs: + generate-token: + runs-on: ubuntu-latest + outputs: + token: ${{ steps.generate-token.outputs.token }} + steps: + - name: Generate token + id: generate-token + uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e + with: + app_id: ${{ vars.AUTOMATION_APP_ID }} + private_key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} + prepare-release: outputs: pull-request-head-sha: ${{ steps.determine-pr-head-sha.outputs.pull-request-head-sha }} name: "Prepare release" if: github.event_name == 'workflow_dispatch' + needs: generate-token runs-on: ubuntu-22.04 steps: - name: Checkout @@ -146,7 +159,7 @@ jobs: - name: Create release PR env: - GITHUB_TOKEN: ${{ secrets.ACTION_DISPATCH_TOKEN }} + GITHUB_TOKEN: ${{ needs.generate-token.outputs.token }} run: | gh pr create \ -R $GITHUB_REPOSITORY \ From 72ca9ebf39694e18c56099f1b45255aadc9784c3 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 20 Nov 2023 13:00:35 -0800 Subject: [PATCH 1449/2573] Generate tokens in a step The initial job setup doesn't work to communicate a token so this change: - Integrate the token generation as a step in a job. - Scopes the token to the repository it is used against. --- .github/workflows/prepare-release.yml | 27 +++++++--------- .github/workflows/update-release-status.yml | 16 ++------- .github/workflows/update-release.yml | 26 +++++++-------- .github/workflows/validate-release.yml | 36 ++++++++++++--------- 4 files changed, 44 insertions(+), 61 deletions(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index f8ef4ed042..fee9201265 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -29,24 +29,10 @@ env: HOTFIX_RELEASE: ${{ inputs.hotfix }} jobs: - generate-token: - runs-on: ubuntu-latest - outputs: - token: ${{ steps.generate-token.outputs.token }} - steps: - - name: Generate token - id: generate-token - uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e - with: - app_id: ${{ vars.AUTOMATION_APP_ID }} - private_key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} - prepare-release: outputs: pull-request-head-sha: ${{ steps.determine-pr-head-sha.outputs.pull-request-head-sha }} name: "Prepare release" - if: github.event_name == 'workflow_dispatch' - needs: generate-token runs-on: ubuntu-22.04 steps: - name: Checkout @@ -157,9 +143,18 @@ jobs: git commit -m "Update version" git push + - name: Generate token + id: generate-token + uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e + with: + app-id: ${{ vars.AUTOMATION_APP_ID }} + private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} + owner: ${{ github.repository_owner }} + repository: "codeql-coding-standards" + - name: Create release PR env: - GITHUB_TOKEN: ${{ needs.generate-token.outputs.token }} + GITHUB_TOKEN: ${{ steps.generate-token.outputs.token }} run: | gh pr create \ -R $GITHUB_REPOSITORY \ @@ -167,4 +162,4 @@ jobs: --body "This PR releases codeql-coding-standards version $RELEASE_VERSION." \ --base rc/$RELEASE_VERSION \ --head feature/update-user-manual-for-$RELEASE_VERSION \ - --draft \ No newline at end of file + --draft diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index 0f0587a355..15e212f369 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -134,23 +134,11 @@ jobs: echo "check-run-head-sha=$CHECK_RUN_HEAD_SHA" >> "$GITHUB_OUTPUT" - generate-token: - runs-on: ubuntu-latest - outputs: - token: ${{ steps.generate-token.outputs.token }} - steps: - - name: Generate token - id: generate-token - uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e - with: - app_id: ${{ vars.AUTOMATION_APP_ID }} - private_key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} - update-release: - needs: [validate-check-runs, generate-token] + needs: validate-check-runs if: needs.validate-check-runs.outputs.status == 'completed' uses: ./.github/workflows/update-release.yml with: head-sha: ${{ needs.validate-check-runs.outputs.check-run-head-sha }} secrets: - RELEASE_ENGINEERING_TOKEN: ${{ generate-token.outputs.token }} + AUTOMATION_PRIVATE_KEY: ${{ secrets.AUTOMATION_PRIVATE_KEY }} diff --git a/.github/workflows/update-release.yml b/.github/workflows/update-release.yml index f3541e0571..bb2a712c20 100644 --- a/.github/workflows/update-release.yml +++ b/.github/workflows/update-release.yml @@ -15,7 +15,7 @@ on: The head SHA of the release PR to use for finalizing the release. required: true secrets: - RELEASE_ENGINEERING_TOKEN: + AUTOMATION_PRIVATE_KEY: description: | The token to use for accessing the release engineering repository. required: true @@ -23,21 +23,8 @@ env: HEAD_SHA: ${{ inputs.head-sha }} jobs: - generate-token: - runs-on: ubuntu-latest - outputs: - token: ${{ steps.generate-token.outputs.token }} - steps: - - name: Generate token - id: generate-token - uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e - with: - app_id: ${{ vars.AUTOMATION_APP_ID }} - private_key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} - update-release: name: "Update release" - needs: generate-token runs-on: ubuntu-22.04 steps: - name: Checkout @@ -53,10 +40,19 @@ jobs: - name: Install dependencies run: pip install -r scripts/release/requirements.txt + - name: Generate token + id: generate-token + uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e + with: + app-id: ${{ vars.AUTOMATION_APP_ID }} + private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} + owner: ${{ github.repository_owner }} + repository: "codeql-coding-standards-release-engineering" + - name: Update release assets env: GITHUB_TOKEN: ${{ github.token }} - RELEASE_ENGINEERING_TOKEN: ${{ generate-token.outputs.token }} + RELEASE_ENGINEERING_TOKEN: ${{ steps.generate-token.outputs.token }} run: | python scripts/release/update-release-assets.py \ --head-sha $HEAD_SHA \ diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 4a11c2790e..f04e30207b 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -14,18 +14,6 @@ env: HEAD_SHA: ${{ github.event.pull_request.head.sha }} jobs: - generate-token: - runs-on: ubuntu-latest - outputs: - token: ${{ steps.generate-token.outputs.token }} - steps: - - name: Generate token - id: generate-token - uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e - with: - app_id: ${{ vars.AUTOMATION_APP_ID }} - private_key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} - pre-validate-performance: outputs: check-run-id: ${{ steps.create-check-run.outputs.check-run-id }} @@ -47,13 +35,21 @@ jobs: echo "check-run-id=$check_run_id" >> "$GITHUB_OUTPUT" validate-performance: - needs: [pre-validate-performance, generate-token] + needs: pre-validate-performance runs-on: ubuntu-22.04 steps: + - name: Generate token + id: generate-token + uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e + with: + app-id: ${{ vars.AUTOMATION_APP_ID }} + private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} + owner: ${{ github.repository_owner }} + repository: "codeql-coding-standards-release-engineering" - name: Invoke performance test env: CHECK_RUN_ID: ${{ needs.pre-validate-performance.outputs.check-run-id }} - GH_TOKEN: ${{ generate-token.outputs.token }} + GH_TOKEN: ${{ steps.generate-token.outputs.token }} run: | jq -n \ --arg ref "$HEAD_SHA" \ @@ -108,13 +104,21 @@ jobs: echo "check-run-id=$check_run_id" >> "$GITHUB_OUTPUT" validate-compiler-compatibility: - needs: [pre-validate-compiler-compatibility, generate-token] + needs: pre-validate-compiler-compatibility runs-on: ubuntu-22.04 steps: + - name: Generate token + id: generate-token + uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e + with: + app-id: ${{ vars.AUTOMATION_APP_ID }} + private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} + owner: ${{ github.repository_owner }} + repository: "codeql-coding-standards-release-engineering" - name: Invoke compiler compatibility test env: CHECK_RUN_ID: ${{ needs.pre-validate-compiler-compatibility.outputs.check-run-id }} - GITHUB_TOKEN: ${{ generate-token.outputs.token }} + GITHUB_TOKEN: ${{ steps.generate-token.outputs.token }} run: | jq -n \ --arg ref "$HEAD_SHA" \ From e97cd143c9c514cc244ba38baeb103b9c01fc219 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 20 Nov 2023 13:02:45 -0800 Subject: [PATCH 1450/2573] Remove remnant output parameter --- .github/workflows/prepare-release.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index fee9201265..e21eddb119 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -30,8 +30,6 @@ env: jobs: prepare-release: - outputs: - pull-request-head-sha: ${{ steps.determine-pr-head-sha.outputs.pull-request-head-sha }} name: "Prepare release" runs-on: ubuntu-22.04 steps: From 4771d4a9fcf4543a4ef75114e4f27b7455f74d0c Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 20 Nov 2023 13:05:54 -0800 Subject: [PATCH 1451/2573] Add clarifying comment for using different token --- .github/workflows/prepare-release.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index e21eddb119..6b1f28b4dd 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -152,6 +152,9 @@ jobs: - name: Create release PR env: + # Use the token from the `generate-token` step because we can't use the default workflow token + # to create a PR and generate PR events to trigger the next workflow because of recursive workflow + # trigger protection. GITHUB_TOKEN: ${{ steps.generate-token.outputs.token }} run: | gh pr create \ From 528720831a537197c0109c77675674eaa3d58b79 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 20 Nov 2023 13:09:37 -0800 Subject: [PATCH 1452/2573] Correct the secret input description --- .github/workflows/update-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-release.yml b/.github/workflows/update-release.yml index bb2a712c20..1a5f3fcfc4 100644 --- a/.github/workflows/update-release.yml +++ b/.github/workflows/update-release.yml @@ -17,7 +17,7 @@ on: secrets: AUTOMATION_PRIVATE_KEY: description: | - The token to use for accessing the release engineering repository. + The private key to use to generate a token for accessing the release engineering repository. required: true env: HEAD_SHA: ${{ inputs.head-sha }} From 914b77a27eb9161270683b1e0b589773da09aa6c Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 20 Nov 2023 14:48:31 -0800 Subject: [PATCH 1453/2573] Use the correct key for scoping repositories --- .github/workflows/prepare-release.yml | 2 +- .github/workflows/update-release.yml | 2 +- .github/workflows/validate-release.yml | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 6b1f28b4dd..9bbd27ce26 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -148,7 +148,7 @@ jobs: app-id: ${{ vars.AUTOMATION_APP_ID }} private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} owner: ${{ github.repository_owner }} - repository: "codeql-coding-standards" + repositories: "codeql-coding-standards" - name: Create release PR env: diff --git a/.github/workflows/update-release.yml b/.github/workflows/update-release.yml index 1a5f3fcfc4..9a7d95c846 100644 --- a/.github/workflows/update-release.yml +++ b/.github/workflows/update-release.yml @@ -47,7 +47,7 @@ jobs: app-id: ${{ vars.AUTOMATION_APP_ID }} private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} owner: ${{ github.repository_owner }} - repository: "codeql-coding-standards-release-engineering" + repositories: "codeql-coding-standards-release-engineering" - name: Update release assets env: diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index f04e30207b..59985678df 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -45,7 +45,7 @@ jobs: app-id: ${{ vars.AUTOMATION_APP_ID }} private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} owner: ${{ github.repository_owner }} - repository: "codeql-coding-standards-release-engineering" + repositories: "codeql-coding-standards-release-engineering" - name: Invoke performance test env: CHECK_RUN_ID: ${{ needs.pre-validate-performance.outputs.check-run-id }} @@ -114,7 +114,7 @@ jobs: app-id: ${{ vars.AUTOMATION_APP_ID }} private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} owner: ${{ github.repository_owner }} - repository: "codeql-coding-standards-release-engineering" + repositories: "codeql-coding-standards-release-engineering" - name: Invoke compiler compatibility test env: CHECK_RUN_ID: ${{ needs.pre-validate-compiler-compatibility.outputs.check-run-id }} From dca08c66a74f2b76a45edab869a7fcdd687c3323 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 20 Nov 2023 15:11:00 -0800 Subject: [PATCH 1454/2573] Remove test reference --- .github/workflows/validate-release.yml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index f04e30207b..8ec04e1615 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -58,8 +58,7 @@ jobs: | \ gh workflow run release-performance-testing.yml \ --json \ - -R github/codeql-coding-standards-release-engineering \ - --ref rvermeulen/release-process + -R github/codeql-coding-standards-release-engineering on-failure-validate-performance-dispatch: needs: [pre-validate-performance, validate-performance] @@ -127,8 +126,7 @@ jobs: | \ gh workflow run release-compiler-validation.yml \ --json \ - -R github/codeql-coding-standards-release-engineering \ - --ref rvermeulen/release-process + -R github/codeql-coding-standards-release-engineering on-failure-validate-compiler-compatibility-dispatch: needs: From 5d427e4aa32373283377bfeb26b2cbb5c224d5ae Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Tue, 21 Nov 2023 08:25:25 +0000 Subject: [PATCH 1455/2573] Update change notes --- change_notes/2023-10-25-a0-1-1.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/change_notes/2023-10-25-a0-1-1.md b/change_notes/2023-10-25-a0-1-1.md index 91695ea524..bd85f52143 100644 --- a/change_notes/2023-10-25-a0-1-1.md +++ b/change_notes/2023-10-25-a0-1-1.md @@ -1,4 +1,4 @@ * `A0-1-1` - address a number of false positive issues: * Exclude compiler-generated variables, such as those generated for range-based for loops. * Exclude variables in uninstantiated templates, for which we have no precise data on uses. - * Deviations can now be applied to the useless assignment as well as the variable itself. \ No newline at end of file + * Deviations should now be applied to the useless assignment instead of the variable itself. From f782538aef857738a45a6e60555f7c945bfec015 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 22 Nov 2023 16:51:21 +0000 Subject: [PATCH 1456/2573] Reformat file --- .../BitwiseOperatorOperandsHaveDifferentUnderlyingType.ql | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/src/rules/M5-0-20/BitwiseOperatorOperandsHaveDifferentUnderlyingType.ql b/cpp/autosar/src/rules/M5-0-20/BitwiseOperatorOperandsHaveDifferentUnderlyingType.ql index 9c0a97909f..9e85a15e50 100644 --- a/cpp/autosar/src/rules/M5-0-20/BitwiseOperatorOperandsHaveDifferentUnderlyingType.ql +++ b/cpp/autosar/src/rules/M5-0-20/BitwiseOperatorOperandsHaveDifferentUnderlyingType.ql @@ -31,7 +31,8 @@ predicate isBinaryBitwiseOperation(Operation o, VariableAccess l, VariableAccess } from - Operation o, VariableAccess left, VariableAccess right, Type leftUnderlyingType, Type rightUnderlyingType + Operation o, VariableAccess left, VariableAccess right, Type leftUnderlyingType, + Type rightUnderlyingType where not isExcluded(o, ExpressionsPackage::bitwiseOperatorOperandsHaveDifferentUnderlyingTypeQuery()) and not o.isFromUninstantiatedTemplate(_) and @@ -40,4 +41,5 @@ where rightUnderlyingType = MisraConversion::getUnderlyingType(right) and leftUnderlyingType != rightUnderlyingType select o, - "Operands of the '" + o.getOperator() + "' operation have different underlying types '" + leftUnderlyingType.getName() + "' and '" + rightUnderlyingType.getName() + "'." + "Operands of the '" + o.getOperator() + "' operation have different underlying types '" + + leftUnderlyingType.getName() + "' and '" + rightUnderlyingType.getName() + "'." From b142501aee255cc1e7fd99b1b11902ddb8afecea Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 22 Nov 2023 17:11:34 +0000 Subject: [PATCH 1457/2573] A7-1-1: Do not report for function parameters --- ...ionUnmodifiedParamMissingConstSpecifier.ql | 42 ------------------- ...odifiedParamMissingConstSpecifier.expected | 1 - ...UnmodifiedParamMissingConstSpecifier.qlref | 1 - cpp/autosar/test/rules/A7-1-1/test.cpp | 2 +- .../cpp/exclusions/cpp/Const.qll | 17 -------- rule_packages/cpp/Const.json | 18 ++------ 6 files changed, 5 insertions(+), 76 deletions(-) delete mode 100644 cpp/autosar/src/rules/A7-1-1/DeclarationUnmodifiedParamMissingConstSpecifier.ql delete mode 100644 cpp/autosar/test/rules/A7-1-1/DeclarationUnmodifiedParamMissingConstSpecifier.expected delete mode 100644 cpp/autosar/test/rules/A7-1-1/DeclarationUnmodifiedParamMissingConstSpecifier.qlref diff --git a/cpp/autosar/src/rules/A7-1-1/DeclarationUnmodifiedParamMissingConstSpecifier.ql b/cpp/autosar/src/rules/A7-1-1/DeclarationUnmodifiedParamMissingConstSpecifier.ql deleted file mode 100644 index d4ecbdebfa..0000000000 --- a/cpp/autosar/src/rules/A7-1-1/DeclarationUnmodifiedParamMissingConstSpecifier.ql +++ /dev/null @@ -1,42 +0,0 @@ -/** - * @id cpp/autosar/declaration-unmodified-param-missing-const-specifier - * @name A7-1-1: Constexpr or const specifiers shall be used for immutable parameter usage - * @description `Constexpr`/`const` specifiers prevent unintentional data modification for - * parameters intended as immutable. - * @kind problem - * @precision high - * @problem.severity warning - * @tags external/autosar/id/a7-1-1 - * correctness - * maintainability - * readability - * external/autosar/allocated-target/implementation - * external/autosar/enforcement/automated - * external/autosar/obligation/required - */ - -import cpp -import codingstandards.cpp.autosar -import codingstandards.cpp.ConstHelpers - -from FunctionParameter v, string cond -where - not isExcluded(v, ConstPackage::declarationUnmodifiedParamMissingConstSpecifierQuery()) and - v instanceof AccessedParameter and - ( - isNotDirectlyModified(v) and - not v.getAnAccess().isAddressOfAccessNonConst() and - notPassedAsArgToNonConstParam(v) and - notAssignedToNonLocalNonConst(v) and - if v instanceof NonConstPointerorReferenceParameter - then - notUsedAsQualifierForNonConst(v) and - notReturnedFromNonConstFunction(v) and - cond = " points to an object" - else cond = " is used for an object" - ) and - //exclude already consts - if v.getType() instanceof ReferenceType - then not v.getType().(DerivedType).getBaseType+().isConst() - else not v.getType().isConst() -select v, "Non-constant parameter " + v.getName() + cond + " and is not modified." diff --git a/cpp/autosar/test/rules/A7-1-1/DeclarationUnmodifiedParamMissingConstSpecifier.expected b/cpp/autosar/test/rules/A7-1-1/DeclarationUnmodifiedParamMissingConstSpecifier.expected deleted file mode 100644 index dd673a2e68..0000000000 --- a/cpp/autosar/test/rules/A7-1-1/DeclarationUnmodifiedParamMissingConstSpecifier.expected +++ /dev/null @@ -1 +0,0 @@ -| test.cpp:7:14:7:14 | p | Non-constant parameter p points to an object and is not modified. | diff --git a/cpp/autosar/test/rules/A7-1-1/DeclarationUnmodifiedParamMissingConstSpecifier.qlref b/cpp/autosar/test/rules/A7-1-1/DeclarationUnmodifiedParamMissingConstSpecifier.qlref deleted file mode 100644 index 5f5b01f4bc..0000000000 --- a/cpp/autosar/test/rules/A7-1-1/DeclarationUnmodifiedParamMissingConstSpecifier.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/A7-1-1/DeclarationUnmodifiedParamMissingConstSpecifier.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A7-1-1/test.cpp b/cpp/autosar/test/rules/A7-1-1/test.cpp index 2c32dc5aab..745c6719b1 100644 --- a/cpp/autosar/test/rules/A7-1-1/test.cpp +++ b/cpp/autosar/test/rules/A7-1-1/test.cpp @@ -4,7 +4,7 @@ void f1(int *p) { // COMPLIANT *p += 2; } -void f2(int *p) { // NON_COMPLIANT +void f2(int *p) { // COMPLIANT - we ignore parameters for this rule int l4 = 1; // NON_COMPLIANT int *p1 = p; // NON_COMPLIANT } diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Const.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Const.qll index 1245139eb1..09f40388cc 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Const.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Const.qll @@ -5,7 +5,6 @@ import codingstandards.cpp.exclusions.RuleMetadata newtype ConstQuery = TRemoveConstOrVolatileQualificationAutosarQuery() or - TDeclarationUnmodifiedParamMissingConstSpecifierQuery() or TDeclarationUnmodifiedObjectMissingConstSpecifierQuery() or TVariableMissingConstexprQuery() or TFunctionMissingConstexprQuery() or @@ -28,15 +27,6 @@ predicate isConstQueryMetadata(Query query, string queryId, string ruleId, strin ruleId = "A5-2-3" and category = "required" or - query = - // `Query` instance for the `declarationUnmodifiedParamMissingConstSpecifier` query - ConstPackage::declarationUnmodifiedParamMissingConstSpecifierQuery() and - queryId = - // `@id` for the `declarationUnmodifiedParamMissingConstSpecifier` query - "cpp/autosar/declaration-unmodified-param-missing-const-specifier" and - ruleId = "A7-1-1" and - category = "required" - or query = // `Query` instance for the `declarationUnmodifiedObjectMissingConstSpecifier` query ConstPackage::declarationUnmodifiedObjectMissingConstSpecifierQuery() and @@ -145,13 +135,6 @@ module ConstPackage { TQueryCPP(TConstPackageQuery(TRemoveConstOrVolatileQualificationAutosarQuery())) } - Query declarationUnmodifiedParamMissingConstSpecifierQuery() { - //autogenerate `Query` type - result = - // `Query` type for `declarationUnmodifiedParamMissingConstSpecifier` query - TQueryCPP(TConstPackageQuery(TDeclarationUnmodifiedParamMissingConstSpecifierQuery())) - } - Query declarationUnmodifiedObjectMissingConstSpecifierQuery() { //autogenerate `Query` type result = diff --git a/rule_packages/cpp/Const.json b/rule_packages/cpp/Const.json index ca848c2fdc..c574e547bf 100644 --- a/rule_packages/cpp/Const.json +++ b/rule_packages/cpp/Const.json @@ -33,19 +33,6 @@ "obligation": "required" }, "queries": [ - { - "description": "`Constexpr`/`const` specifiers prevent unintentional data modification for parameters intended as immutable.", - "kind": "problem", - "name": "Constexpr or const specifiers shall be used for immutable parameter usage", - "precision": "high", - "severity": "warning", - "short_name": "DeclarationUnmodifiedParamMissingConstSpecifier", - "tags": [ - "correctness", - "maintainability", - "readability" - ] - }, { "description": "`Constexpr`/`const` specifiers prevent unintentional data modification for data intended as immutable.", "kind": "problem", @@ -57,7 +44,10 @@ "correctness", "maintainability", "readability" - ] + ], + "implementation_scope": { + "description": "We exclude function parameters from this rule in line with the rule intention as described in the C++ Core Guidelines Con.1 which excludes function parameters." + } } ], "title": "Constexpr or const specifiers shall be used for immutable data declaration." From 38ed8caeb1bf6263c88fb78bfe05f77e75d0ffd7 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 22 Nov 2023 10:54:37 -0800 Subject: [PATCH 1458/2573] Apply sha256 on the root directory of the layout --- scripts/release/release-layout.yml | 2 +- scripts/release/update-release-assets.py | 24 ++++++++++++++++++++---- 2 files changed, 21 insertions(+), 5 deletions(-) diff --git a/scripts/release/release-layout.yml b/scripts/release/release-layout.yml index 3ffc3ba0de..9d81ddc228 100644 --- a/scripts/release/release-layout.yml +++ b/scripts/release/release-layout.yml @@ -20,4 +20,4 @@ layout: - file: docs/user_manual.md checksums.txt: - shell: | - sha256sum ./* > checksums.txt \ No newline at end of file + sha256sum ${{ layout.root }}/* > checksums.txt \ No newline at end of file diff --git a/scripts/release/update-release-assets.py b/scripts/release/update-release-assets.py index 79b06cbcfe..f314075e9d 100644 --- a/scripts/release/update-release-assets.py +++ b/scripts/release/update-release-assets.py @@ -1,5 +1,5 @@ from __future__ import annotations # This enables postponed evaluation of type annotations. Required for typing.TYPE_CHECKING. See https://peps.python.org/pep-0563/ -from typing import TYPE_CHECKING, List, Union, cast, Dict, Any +from typing import TYPE_CHECKING, List, Union, cast, Dict, Any, TypeVar, Callable, Sequence import shutil from tempfile import TemporaryDirectory import subprocess @@ -124,7 +124,11 @@ def make(self, directory: Path, workflow_runs: List[WorkflowRun.WorkflowRun]) -> elif action_type == "workflow-artifact": actions.append(WorkflowArtifactAction(workflow_runs, **cast(Dict[str, Any], action_args))) elif action_type == "shell": - actions.append(ShellAction(action_args)) + modifiers : List[Callable[[str], str]] = [ + lambda cmd: re.sub(pattern=r"\${{\s*coding-standards\.root\s*}}", repl=str(root_path), string=cmd), + lambda cmd: re.sub(pattern=r"\${{\s*layout\.root\s*}}", repl=str(directory), string=cmd) + ] + actions.append(ShellAction(action_args, modifiers=modifiers)) elif action_type == "file": actions.append(FileAction(action_args)) else: @@ -178,12 +182,24 @@ def run(self) -> List[Path]: return list(map(Path, Path(self.temp_workdir.name).glob("**/*"))) class ShellAction(): - def __init__(self, command: str) -> None: + def __init__(self, command: str, **kwargs: Any) -> None: self.command = command.strip() self.temp_workdir = TemporaryDirectory() + self.options = kwargs + + def _rewrite_command(self) -> str: + E = TypeVar("E") + R = TypeVar("R") + def lfold(fn: Callable[[R, E], R], lst: Sequence[E], init: R) -> R: + return lfold(fn, lst[1:], fn(init, lst[0])) if lst else init + if 'modifiers' in self.options: + return lfold(lambda acc, x: x(acc), self.options['modifiers'], self.command) + else: + return self.command def run(self) -> List[Path]: - concrete_command = re.sub(pattern=r"\${{\s*coding-standards\.root\s*}}", repl=str(root_path), string=self.command) + #concrete_command = re.sub(pattern=r"\${{\s*coding-standards\.root\s*}}", repl=str(root_path), string=self.command) + concrete_command = self._rewrite_command() subprocess.run(concrete_command, cwd=self.temp_workdir.name, check=True, shell=True) return list(map(Path, Path(self.temp_workdir.name).glob("**/*"))) From 2914177cca9f2d0aef1b1902e9b26c0978476baa Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 22 Nov 2023 10:55:22 -0800 Subject: [PATCH 1459/2573] Trim whitespace --- scripts/release/update-release-assets.py | 34 ++++++++++++------------ 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/scripts/release/update-release-assets.py b/scripts/release/update-release-assets.py index f314075e9d..68208b80fa 100644 --- a/scripts/release/update-release-assets.py +++ b/scripts/release/update-release-assets.py @@ -12,7 +12,7 @@ if TYPE_CHECKING: from github import WorkflowRun, Repository - + script_path = Path(__file__).resolve() root_path = script_path.parent.parent.parent @@ -30,7 +30,7 @@ def get_check_runs(self: Repository.Repository, ref: str, **kwargs: str) -> Pagi f"{self.url}/commits/{ref}/check-runs", firstParams=None, list_item="check_runs") - + Repository.Repository = MyRepository from github import WorkflowRun, Artifact @@ -51,7 +51,7 @@ def download_logs(self, path: Path) -> None: if self._requester._Requester__auth is not None: # type: ignore headers["Authorization"] = f"{self._requester._Requester__auth.token_type} {self._requester._Requester__auth.token}" # type: ignore headers["User-Agent"] = self._requester._Requester__userAgent # type: ignore - + resp = requests.get(url, headers=headers, allow_redirects=True) if resp.status_code != 200: @@ -70,7 +70,7 @@ def download_artifacts(self, path: Path) -> None: if self._requester._Requester__auth is not None: # type: ignore headers["Authorization"] = f"{self._requester._Requester__auth.token_type} {self._requester._Requester__auth.token}" # type: ignore headers["User-Agent"] = self._requester._Requester__userAgent # type: ignore - + resp = requests.get(artifact.archive_download_url, headers=headers, allow_redirects=True) if resp.status_code != 200: @@ -93,7 +93,7 @@ def download_artifact(self, name: str, path: Path) -> None: if self._requester._Requester__auth is not None: # type: ignore headers["Authorization"] = f"{self._requester._Requester__auth.token_type} {self._requester._Requester__auth.token}" # type: ignore headers["User-Agent"] = self._requester._Requester__userAgent # type: ignore - + resp = requests.get(artifact.archive_download_url, headers=headers, allow_redirects=True) if resp.status_code != 200: @@ -101,7 +101,7 @@ def download_artifact(self, name: str, path: Path) -> None: with (path / f"{artifact.name}.zip").open("wb") as f: f.write(resp.content) - + WorkflowRun.WorkflowRun = MyWorkflowRun @@ -133,7 +133,7 @@ def make(self, directory: Path, workflow_runs: List[WorkflowRun.WorkflowRun]) -> actions.append(FileAction(action_args)) else: raise Exception(f"Unknown action type {action_type}") - + artifacts.append(ReleaseArtifact(artifact, actions, self.skip_checks)) for artifact in artifacts: @@ -157,7 +157,7 @@ def run(self) -> List[Path]: print(f"Downloading logs for {workflow_run.name}") workflow_run.download_logs(Path(self.temp_workdir.name)) # type: ignore return list(map(Path, Path(self.temp_workdir.name).glob("**/*"))) - + class WorkflowArtifactAction(): def __init__(self, workflow_runs: List[WorkflowRun.WorkflowRun], **kwargs: str) -> None: @@ -180,7 +180,7 @@ def run(self) -> List[Path]: print(f"Downloading artifacts for {workflow_run.name} to {self.temp_workdir.name}") workflow_run.download_artifacts(Path(self.temp_workdir.name)) # type: ignore return list(map(Path, Path(self.temp_workdir.name).glob("**/*"))) - + class ShellAction(): def __init__(self, command: str, **kwargs: Any) -> None: self.command = command.strip() @@ -202,7 +202,7 @@ def run(self) -> List[Path]: concrete_command = self._rewrite_command() subprocess.run(concrete_command, cwd=self.temp_workdir.name, check=True, shell=True) return list(map(Path, Path(self.temp_workdir.name).glob("**/*"))) - + class FileAction(): def __init__(self, path: Path) -> None: self.path = path @@ -228,8 +228,8 @@ def make(self, directory: Path) -> Path: extension = "".join(self.name.suffixes)[1:] if not extension in ["zip", "tar", "tar.gz", "tar.bz2", "tar.xz"]: raise Exception(f"Artifact {self.name} is not a support archive file, but has multiple files associated with it!") - - ext_format_map = { + + ext_format_map = { "zip": "zip", "tar": "tar", "tar.gz": "gztar", @@ -241,7 +241,7 @@ def make(self, directory: Path) -> Path: temp_dir_path = Path(temp_dir) for file in files: shutil.copy(file, temp_dir_path / file.name) - + return Path(shutil.make_archive(str(directory / self.name.with_suffix("")), ext_format_map[extension], root_dir=temp_dir_path)) def main(args: 'argparse.Namespace') -> int: @@ -264,13 +264,13 @@ def main(args: 'argparse.Namespace') -> int: if len(pull_candidates) != 1: print(f"Error: expected exactly one PR for SHA {args.head_sha}, but found {len(pull_candidates)}", file=sys.stderr) return 1 - + pull_request = pull_candidates[0] if pull_request.state != "open": print(f"Error: PR {pull_request.url} is not open", file=sys.stderr) return 1 - + print(f"Found PR {pull_request.url} based on {pull_request.base.ref}") rc_branch_regex = r"^rc/(?P.*)$" @@ -302,7 +302,7 @@ def main(args: 'argparse.Namespace') -> int: action_workflow_run_url_regex = r"^https://(?P[^/]+)/(?P[^/]+)/(?P[^/]+)/actions/runs/(?P\d+)$" action_workflow_job_run_url_regex = r"^https://(?P[^/]+)/(?P[^/]+)/(?P[^/]+)/actions/runs/(?P\d+)/job/(?P\d+)$" - + workflow_runs: List[WorkflowRun.WorkflowRun] = [] for check_run in check_runs: # type: ignore check_run = cast(CheckRun.CheckRun, check_run) @@ -322,7 +322,7 @@ def main(args: 'argparse.Namespace') -> int: else: print(f"Unable to handle checkrun {check_run.name} with id {check_run.id} with {check_run.details_url}") return 1 - + print("Filtering workflow runs to only include the latest run for each workflow.") workflow_runs_per_id: Dict[int, WorkflowRun.WorkflowRun] = {} for workflow_run in workflow_runs: From a95ada7172bf2d554d0e38bb80e43aa504c3fd42 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 22 Nov 2023 11:06:45 -0800 Subject: [PATCH 1460/2573] Address incorrect return type --- scripts/release/update-release-assets.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/release/update-release-assets.py b/scripts/release/update-release-assets.py index 68208b80fa..1beb543c77 100644 --- a/scripts/release/update-release-assets.py +++ b/scripts/release/update-release-assets.py @@ -1,5 +1,5 @@ from __future__ import annotations # This enables postponed evaluation of type annotations. Required for typing.TYPE_CHECKING. See https://peps.python.org/pep-0563/ -from typing import TYPE_CHECKING, List, Union, cast, Dict, Any, TypeVar, Callable, Sequence +from typing import TYPE_CHECKING, List, Union, cast, Dict, Any, TypeVar, Callable, Sequence, Optional import shutil from tempfile import TemporaryDirectory import subprocess @@ -216,7 +216,7 @@ def __init__(self, name: str, actions: List[Union[WorkflowLogAction, WorkflowArt self.actions = actions self.allow_no_files = allow_no_files - def make(self, directory: Path) -> Path: + def make(self, directory: Path) -> Optional[Path]: files: list[Path] = [file for action in self.actions for file in action.run()] if len(files) == 0: if not self.allow_no_files: From 4348f8e6120e741246b3c8f1d9df037e4202f1e9 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 22 Nov 2023 22:01:45 -0800 Subject: [PATCH 1461/2573] Rename update release assets script We replace `-` with `_` so we can you use the default import statement to import the script as a module. --- .github/workflows/update-release.yml | 2 +- .../{update-release-assets.py => update_release_assets.py} | 0 2 files changed, 1 insertion(+), 1 deletion(-) rename scripts/release/{update-release-assets.py => update_release_assets.py} (100%) diff --git a/.github/workflows/update-release.yml b/.github/workflows/update-release.yml index 9a7d95c846..5babb95773 100644 --- a/.github/workflows/update-release.yml +++ b/.github/workflows/update-release.yml @@ -54,7 +54,7 @@ jobs: GITHUB_TOKEN: ${{ github.token }} RELEASE_ENGINEERING_TOKEN: ${{ steps.generate-token.outputs.token }} run: | - python scripts/release/update-release-assets.py \ + python scripts/release/update_release_assets.py \ --head-sha $HEAD_SHA \ --layout scripts/release/release-layout.yml \ --repo "$GITHUB_REPOSITORY" \ diff --git a/scripts/release/update-release-assets.py b/scripts/release/update_release_assets.py similarity index 100% rename from scripts/release/update-release-assets.py rename to scripts/release/update_release_assets.py From 552a7b60d665962a10e66c67f1cc06f24808e9f6 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 22 Nov 2023 22:05:34 -0800 Subject: [PATCH 1462/2573] Add test for update release assets script --- .github/workflows/tooling-unit-tests.yml | 19 ++++++++++++ scripts/release/requirements.txt | 3 +- scripts/release/test-data/release-layout.yml | 17 +++++++++++ scripts/release/update_release_assets_test.py | 30 +++++++++++++++++++ 4 files changed, 68 insertions(+), 1 deletion(-) create mode 100644 scripts/release/test-data/release-layout.yml create mode 100644 scripts/release/update_release_assets_test.py diff --git a/.github/workflows/tooling-unit-tests.yml b/.github/workflows/tooling-unit-tests.yml index 333b4ce024..490d399e8b 100644 --- a/.github/workflows/tooling-unit-tests.yml +++ b/.github/workflows/tooling-unit-tests.yml @@ -96,3 +96,22 @@ jobs: - name: Run PyTest run: | pytest scripts/guideline_recategorization/recategorize_test.py + + release-tests: + name: Run release tests + runs-on: ubuntu-22.04 + steps: + - name: Checkout + uses: actions/checkout@v2 + + - name: Install Python + uses: actions/setup-python@v4 + with: + python-version: "3.9" + + - name: Install Python dependencies + run: pip install -r scripts/release/requirements.txt + + - name: Run PyTest + run: | + pytest scripts/release/update_release_assets_test.py \ No newline at end of file diff --git a/scripts/release/requirements.txt b/scripts/release/requirements.txt index 79ccbcefbe..63874950c1 100644 --- a/scripts/release/requirements.txt +++ b/scripts/release/requirements.txt @@ -1,4 +1,5 @@ semantic-version==2.10.0 PyGithub==1.59.1 PyYAML==6.0.1 -GitPython==3.1.36 \ No newline at end of file +GitPython==3.1.36 +pytest==7.4.3 \ No newline at end of file diff --git a/scripts/release/test-data/release-layout.yml b/scripts/release/test-data/release-layout.yml new file mode 100644 index 0000000000..3a002003af --- /dev/null +++ b/scripts/release/test-data/release-layout.yml @@ -0,0 +1,17 @@ +version: 0.1.0 + +layout: + hello-world.txt: + - shell: | + echo "hello world!" > hello-world.txt + hello-world.zip: + - shell: | + echo "hello!" > hello.txt + echo "world!" > world.txt + # reset the creation and modification times to a fixed value + touch -a -m -t 197001010000.00 hello.txt world.txt + checksums.txt: + - shell: | + shasum -a 256 ${{ layout.root }}/* > checksums.txt + # Remove the layout root from the checksums.txt + sed -i '' -e "s|${{ layout.root }}/||g" checksums.txt \ No newline at end of file diff --git a/scripts/release/update_release_assets_test.py b/scripts/release/update_release_assets_test.py new file mode 100644 index 0000000000..35e5baf0bb --- /dev/null +++ b/scripts/release/update_release_assets_test.py @@ -0,0 +1,30 @@ +from pathlib import Path +from tempfile import TemporaryDirectory +import yaml +from update_release_assets import ReleaseLayout + +SCRIPT_PATH = Path(__file__) +TEST_DIR = SCRIPT_PATH.parent / 'test-data' + +def test_release_layout(): + spec = TEST_DIR / 'release-layout.yml' + release_layout = ReleaseLayout(spec) + with TemporaryDirectory() as tmp_dir: + tmp_path = Path(tmp_dir) + release_layout.make(tmp_path, []) + + for artifact in yaml.safe_load(spec.read_text())['layout'].keys(): + artifact_path = tmp_path / artifact + assert artifact_path.is_file() + + if artifact == "hello-world.txt": + content = artifact_path.read_text() + assert content == "hello world!\n" + if artifact == "checksums.txt": + content = artifact_path.read_text() + # The hash of the hello-world.txt is deterministic, so we can assert it here. + assert "ecf701f727d9e2d77c4aa49ac6fbbcc997278aca010bddeeb961c10cf54d435a hello-world.txt" in content + # The has of the hello-world.zip is not deterministic, so we can't assert its hash. + assert "hello-world.zip" in content + + From 12ef22da3e80816f93dc9c59007bdcf70235db11 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 22 Nov 2023 22:07:27 -0800 Subject: [PATCH 1463/2573] Rewrite the checksums.txt file to keep the base names --- scripts/release/release-layout.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/scripts/release/release-layout.yml b/scripts/release/release-layout.yml index 9d81ddc228..3fd7bbfb40 100644 --- a/scripts/release/release-layout.yml +++ b/scripts/release/release-layout.yml @@ -20,4 +20,6 @@ layout: - file: docs/user_manual.md checksums.txt: - shell: | - sha256sum ${{ layout.root }}/* > checksums.txt \ No newline at end of file + sha256sum ${{ layout.root }}/* > checksums.txt + # Remove the layout root from the paths in checksums.txt + sed -i '' -e "s|${{ layout.root }}/||g" checksums.txt \ No newline at end of file From 949b0a25fcb64b5fa34a96a816ea3578a1c9ec32 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 22 Nov 2023 22:30:24 -0800 Subject: [PATCH 1464/2573] Refrain from using inplace substitution --- scripts/release/test-data/release-layout.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/scripts/release/test-data/release-layout.yml b/scripts/release/test-data/release-layout.yml index 3a002003af..9c6850fd5d 100644 --- a/scripts/release/test-data/release-layout.yml +++ b/scripts/release/test-data/release-layout.yml @@ -14,4 +14,6 @@ layout: - shell: | shasum -a 256 ${{ layout.root }}/* > checksums.txt # Remove the layout root from the checksums.txt - sed -i '' -e "s|${{ layout.root }}/||g" checksums.txt \ No newline at end of file + # We don't use inplace because of BSD vs GNU shenanigans + sed -e "s|${{ layout.root }}/||g" checksums.txt > checksums-rewritten.txt + mv checksums-rewritten.txt checksums.txt \ No newline at end of file From 5393ac1b8d6a63afc3165aa0b67672d30f8a77bd Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 22 Nov 2023 22:39:38 -0800 Subject: [PATCH 1465/2573] Disable skipping of tests --- .github/workflows/update-release.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/update-release.yml b/.github/workflows/update-release.yml index 5babb95773..7a2ae00797 100644 --- a/.github/workflows/update-release.yml +++ b/.github/workflows/update-release.yml @@ -59,8 +59,7 @@ jobs: --layout scripts/release/release-layout.yml \ --repo "$GITHUB_REPOSITORY" \ --github-token "$GITHUB_REPOSITORY:$GITHUB_TOKEN" "github/codeql-coding-standards-release-engineering:$RELEASE_ENGINEERING_TOKEN" \ - --skip-checkrun "release-status" \ - --skip-checks + --skip-checkrun "release-status" - name: Update release notes env: From 43ade573e0b61605c89b25f4a01bbfdec4e28928 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 22 Nov 2023 23:14:17 -0800 Subject: [PATCH 1466/2573] Adjust sed command for Action runner --- scripts/release/release-layout.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/release/release-layout.yml b/scripts/release/release-layout.yml index 3fd7bbfb40..5e496120f2 100644 --- a/scripts/release/release-layout.yml +++ b/scripts/release/release-layout.yml @@ -22,4 +22,4 @@ layout: - shell: | sha256sum ${{ layout.root }}/* > checksums.txt # Remove the layout root from the paths in checksums.txt - sed -i '' -e "s|${{ layout.root }}/||g" checksums.txt \ No newline at end of file + sed -i -e "s|${{ layout.root }}/||g" checksums.txt \ No newline at end of file From d9301dc7f7f2067c5b9c6b6f17d85a071bab7d05 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 23 Nov 2023 18:47:57 -0800 Subject: [PATCH 1467/2573] Include tags when performing checkout --- .github/workflows/update-release.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/update-release.yml b/.github/workflows/update-release.yml index 7a2ae00797..0a300413fc 100644 --- a/.github/workflows/update-release.yml +++ b/.github/workflows/update-release.yml @@ -31,6 +31,7 @@ jobs: uses: actions/checkout@v4 with: ref: ${{ inputs.head-sha }} + fetch-tags: true - name: Install Python uses: actions/setup-python@v4 From d2a490e751c246838b9c7c2a877348d75cd3a035 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 23 Nov 2023 18:48:43 -0800 Subject: [PATCH 1468/2573] Use scripts on main --- .github/workflows/update-release.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/update-release.yml b/.github/workflows/update-release.yml index 0a300413fc..d138cee94e 100644 --- a/.github/workflows/update-release.yml +++ b/.github/workflows/update-release.yml @@ -30,7 +30,6 @@ jobs: - name: Checkout uses: actions/checkout@v4 with: - ref: ${{ inputs.head-sha }} fetch-tags: true - name: Install Python From 8badf68b6a9596335d6562ef7eca6109f68c887b Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 23 Nov 2023 19:10:02 -0800 Subject: [PATCH 1469/2573] Remove check run trigger This event is not triggered by worfklows to prevent recursive workflow calls. Therefore we only trigger on a dispatch generated by an Azure function that listens to check-run status changes. --- .github/workflows/update-release-status.yml | 39 ++++++--------------- 1 file changed, 11 insertions(+), 28 deletions(-) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index 15e212f369..9b1eb4bb61 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -1,12 +1,5 @@ name: "Update Release Status" on: - check_run: - types: - - completed - - rerequested - branches: - - "rc/**" - workflow_dispatch: inputs: head-sha: @@ -20,32 +13,22 @@ permissions: checks: write contents: write +env: + HEAD_SHA: ${{ inputs.head-sha }} + jobs: validate-check-runs: runs-on: ubuntu-22.04 outputs: status: ${{ steps.set-output.outputs.status }} - check-run-head-sha: ${{ steps.set-output.outputs.check-run-head-sha }} steps: - - name: Determine check run head SHA - env: - HEAD_SHA_FROM_EVENT: ${{ github.event.check_run.head_sha }} - HEAD_SHA_FROM_INPUTS: ${{ inputs.head-sha }} - run: | - if [[ $GITHUB_EVENT_NAME == "workflow_dispatch" ]]; then - echo "CHECK_RUN_HEAD_SHA=$HEAD_SHA_FROM_INPUTS" >> "$GITHUB_ENV" - else - echo "CHECK_RUN_HEAD_SHA=$HEAD_SHA_FROM_EVENT" >> "$GITHUB_ENV" - fi - - name: Checkout uses: actions/checkout@v4 with: - ref: ${{ env.CHECK_RUN_HEAD_SHA }} + ref: ${{ inputs.head-sha }} - name: Get release status check run id: get-check-run - if: (github.event_name == 'check_run' && github.event.check_run.conclusion == 'success' && github.event.check_run.name != github.workflow) || github.event_name == 'workflow_dispatch' env: GITHUB_TOKEN: ${{ github.token }} run: | @@ -53,7 +36,7 @@ jobs: --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ --jq '.check_runs[] | select(.name == "release-status") | {id: .id, status: .status, conclusion: .conclusion}' \ - /repos/$GITHUB_REPOSITORY/commits/$CHECK_RUN_HEAD_SHA/check-runs) + /repos/$GITHUB_REPOSITORY/commits/$HEAD_SHA/check-runs) check_run_id=$(echo "$check_run_info" | jq -r '.id') check_run_status=$(echo "$check_run_info" | jq -r '.status') @@ -64,7 +47,7 @@ jobs: echo "CHECK_RUN_CONCLUSION=$check_run_conclusion" >> "$GITHUB_ENV" - name: Reset release status - if: env.CHECK_RUN_STATUS == 'completed' && ((github.event_name == 'check_run' && github.event.action == 'rerequested') || github.event_name == 'workflow_dispatch') + if: env.CHECK_RUN_STATUS == 'completed' env: GITHUB_TOKEN: ${{ github.token }} run: | @@ -72,11 +55,13 @@ jobs: --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ --field name="release-status" \ - --field head_sha="$CHECK_RUN_HEAD_SHA" \ + --field head_sha="$HEAD_SHA" \ --jq ".id" \ /repos/$GITHUB_REPOSITORY/check-runs) echo "Created release status check run with id $CHECK_RUN_ID" + // Reset the status to in progress. + echo "CHECK_RUN_STATUS=in_progress" >> "$GITHUB_ENV" - name: Check all runs completed if: env.CHECK_RUN_STATUS != 'completed' @@ -87,7 +72,7 @@ jobs: --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ --jq '.check_runs | map(select(.name != "release-status"))' \ - /repos/$GITHUB_REPOSITORY/commits/$CHECK_RUN_HEAD_SHA/check-runs) + /repos/$GITHUB_REPOSITORY/commits/$HEAD_SHA/check-runs) status_stats=$(echo "$check_runs" | jq -r '. | {failed: (map(select(.conclusion == "failure")) | length), pending: (map(select(.status != "completed")) | length) }') @@ -132,13 +117,11 @@ jobs: echo "status=in_progress" >> "$GITHUB_OUTPUT" fi - echo "check-run-head-sha=$CHECK_RUN_HEAD_SHA" >> "$GITHUB_OUTPUT" - update-release: needs: validate-check-runs if: needs.validate-check-runs.outputs.status == 'completed' uses: ./.github/workflows/update-release.yml with: - head-sha: ${{ needs.validate-check-runs.outputs.check-run-head-sha }} + head-sha: ${{ inputs.head-sha }} secrets: AUTOMATION_PRIVATE_KEY: ${{ secrets.AUTOMATION_PRIVATE_KEY }} From c530b59e5fcf4f2407c0c2eb6c2f160d56e9d3f9 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 24 Nov 2023 11:57:35 +0000 Subject: [PATCH 1470/2573] A2-7-3: Exclude function scope declarations --- .../2023-11-24-a2-7-3-remove-function-scope.md | 3 +++ .../rules/A2-7-3/UndocumentedUserDefinedType.ql | 9 +++++++++ cpp/autosar/test/rules/A2-7-3/test.cpp | 17 ++++++++++++++++- 3 files changed, 28 insertions(+), 1 deletion(-) create mode 100644 change_notes/2023-11-24-a2-7-3-remove-function-scope.md diff --git a/change_notes/2023-11-24-a2-7-3-remove-function-scope.md b/change_notes/2023-11-24-a2-7-3-remove-function-scope.md new file mode 100644 index 0000000000..95f6f4364a --- /dev/null +++ b/change_notes/2023-11-24-a2-7-3-remove-function-scope.md @@ -0,0 +1,3 @@ + * `A2-7-3` - reduce false positives by: + - Excluding declarations in function scope. The rationale is that these declarations are not exposed outside the scope of the function. + \ No newline at end of file diff --git a/cpp/autosar/src/rules/A2-7-3/UndocumentedUserDefinedType.ql b/cpp/autosar/src/rules/A2-7-3/UndocumentedUserDefinedType.ql index 247f3ef2a1..bf86bc0add 100644 --- a/cpp/autosar/src/rules/A2-7-3/UndocumentedUserDefinedType.ql +++ b/cpp/autosar/src/rules/A2-7-3/UndocumentedUserDefinedType.ql @@ -17,6 +17,14 @@ import cpp import codingstandards.cpp.autosar +private predicate isInFunctionScope(Declaration d) { + // Type declared in function + exists(d.(UserType).getEnclosingFunction()) + or + // Member declared in type which is in function scope + isInFunctionScope(d.getDeclaringType()) +} + /** * A declaration which is required to be preceded by documentation by AUTOSAR A2-7-3. */ @@ -96,6 +104,7 @@ from DocumentableDeclaration d, DeclarationEntry de where not isExcluded(de, CommentsPackage::undocumentedUserDefinedTypeQuery()) and not isExcluded(d, CommentsPackage::undocumentedUserDefinedTypeQuery()) and + not isInFunctionScope(d) and d.getAnUndocumentedDeclarationEntry() = de select de, "Declaration entry for " + d.getDeclarationType() + " " + d.getName() + diff --git a/cpp/autosar/test/rules/A2-7-3/test.cpp b/cpp/autosar/test/rules/A2-7-3/test.cpp index bc174d918d..8e9e180458 100644 --- a/cpp/autosar/test/rules/A2-7-3/test.cpp +++ b/cpp/autosar/test/rules/A2-7-3/test.cpp @@ -160,4 +160,19 @@ template class A2_7_3 final { const std::string kBar{"bar"}; // NON_COMPLIANT }; /// @brief This is the instantiateA2_7_3 documentation -void instantiateA2_7_3() { A2_7_3 instance; } \ No newline at end of file +void instantiateA2_7_3() { A2_7_3 instance; } + +/// Test documentation +void testFunctionScope() { + using my_float = float; + class ClassF { // COMPLIANT - in function scope + public: + int m_x; // COMPLIANT - in function scope + void fTest(); // COMPLIANT - in function scope + class ClassFNested { + public: + int m_nested_x; // COMPLIANT - in function scope + void fNestedTest(); // COMPLIANT - in function scope + }; + }; +} \ No newline at end of file From a37f6c7c835665a7e03c7a12797f6e5012f4ccd8 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 24 Nov 2023 13:08:15 +0000 Subject: [PATCH 1471/2573] Address TODO The workaround is no longer required. --- cpp/autosar/src/rules/A2-7-3/UndocumentedUserDefinedType.ql | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/cpp/autosar/src/rules/A2-7-3/UndocumentedUserDefinedType.ql b/cpp/autosar/src/rules/A2-7-3/UndocumentedUserDefinedType.ql index bf86bc0add..a8bfe3b361 100644 --- a/cpp/autosar/src/rules/A2-7-3/UndocumentedUserDefinedType.ql +++ b/cpp/autosar/src/rules/A2-7-3/UndocumentedUserDefinedType.ql @@ -50,10 +50,8 @@ class DocumentableDeclaration extends Declaration { declarationType = "member variable" and // Exclude memeber variables in instantiated templates, which cannot reasonably be documented. not this.(MemberVariable).isFromTemplateInstantiation(_) and - // Exclude anonymous lambda functions. - // TODO: replace with the following when support is added. - // not this.(MemberVariable).isCompilerGenerated() - not exists(LambdaExpression lc | lc.getACapture().getField() = this) + // Exclude compiler generated variables, such as those for anonymous lambda functions + not this.(MemberVariable).isCompilerGenerated() } /** Gets a `DeclarationEntry` for this declaration that should be documented. */ From 1939fe10116a2567ae1095a1b4b0bd48d4ae57ee Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 27 Nov 2023 09:13:16 -0800 Subject: [PATCH 1472/2573] Retrieve the full history to compute the changelog --- .github/workflows/update-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-release.yml b/.github/workflows/update-release.yml index d138cee94e..67666bbf39 100644 --- a/.github/workflows/update-release.yml +++ b/.github/workflows/update-release.yml @@ -30,7 +30,7 @@ jobs: - name: Checkout uses: actions/checkout@v4 with: - fetch-tags: true + fetch-depth: 0 # We need the full history to compute the changelog - name: Install Python uses: actions/setup-python@v4 From a469a3ed0f966a76c117d0f1241134b7cf607c13 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 27 Nov 2023 10:39:16 -0800 Subject: [PATCH 1473/2573] Find release using tag instead of title --- scripts/release/update-release-notes.py | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/scripts/release/update-release-notes.py b/scripts/release/update-release-notes.py index 5f317ad988..9719e47295 100644 --- a/scripts/release/update-release-notes.py +++ b/scripts/release/update-release-notes.py @@ -48,11 +48,12 @@ def main(args: Namespace) -> int: print(f"Error: invalid version {release_version} use by release branch. Reason {e}", file=sys.stderr) return 1 - releases = [release for release in repo.get_releases() if release.title == f"v{release_version}"] - if len(releases) != 1: - print(f"Error: expected exactly one release with title {args.version}, but found {len(releases)}", file=sys.stderr) + releases = repo.get_releases() + candidate_releases= [release for release in releases if release.tag_name == f"v{release_version}"] + if len(candidate_releases) != 1: + print(f"Error: expected exactly one release with tag v{release_version}, but found {len(candidate_releases)}", file=sys.stderr) return 1 - release = releases[0] + release = candidate_releases[0] release_notes = generate_release_notes() From 13e3fff5f39fb8227c3208742f7688e1073a16a3 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 27 Nov 2023 10:44:41 -0800 Subject: [PATCH 1474/2573] Provide previous release tag for release note generation --- scripts/release/update-release-notes.py | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/scripts/release/update-release-notes.py b/scripts/release/update-release-notes.py index 9719e47295..4fc3420b2f 100644 --- a/scripts/release/update-release-notes.py +++ b/scripts/release/update-release-notes.py @@ -6,9 +6,9 @@ if TYPE_CHECKING: from argparse import Namespace -def generate_release_notes() -> str: +def generate_release_note(previous_release_tag: str) -> str: script_path = Path(__file__).parent / "generate_release_notes.py" - cp = subprocess.run(["python", str(script_path)], capture_output=True) + cp = subprocess.run(["python", str(script_path), previous_release_tag], capture_output=True) if cp.returncode != 0: raise Exception(f"Error generating release notes: {cp.stderr.decode('utf-8')}") @@ -20,6 +20,7 @@ def main(args: Namespace) -> int: import semantic_version # type: ignore import re import sys + from functools import cmp_to_key repo = Github(auth=Auth.Token(args.github_token)).get_repo(args.repo) @@ -55,10 +56,19 @@ def main(args: Namespace) -> int: return 1 release = candidate_releases[0] - release_notes = generate_release_notes() + # All the releases that are not draft and have a valid semantic version tag + previous_releases = [release for release in releases if semantic_version.validate(release.tag_name[1:]) and not release.draft] # type: ignore + if len(previous_releases) == 0: + print(f"Error: no previous releases found", file=sys.stderr) + return 1 + # Sort them based on their semantic version tags. + previous_releases.sort(key=cmp_to_key(lambda a,b: semantic_version.compare(a.tag_name[1:], b.tag_name[1:])), reverse=True) # type: ignore + previous_release = previous_releases[0].tag_name + print(f"Using previous release: {previous_release}") - release.update_release(name=release.title, message=release_notes, draft=release.draft, prerelease=release.prerelease, tag_name=release.tag_name) + release_notes = generate_release_note(previous_release) + release.update_release(name=release.title, message=release_notes, draft=release.draft, prerelease=release.prerelease, tag_name=release.tag_name) return 0 if __name__ == '__main__': From 89495c532e61f5699cb6cb2b5694b5089f0729ae Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 27 Nov 2023 14:05:24 -0800 Subject: [PATCH 1475/2573] Clarify assumption --- scripts/release/update-release-notes.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/release/update-release-notes.py b/scripts/release/update-release-notes.py index 4fc3420b2f..964fcb339e 100644 --- a/scripts/release/update-release-notes.py +++ b/scripts/release/update-release-notes.py @@ -56,7 +56,7 @@ def main(args: Namespace) -> int: return 1 release = candidate_releases[0] - # All the releases that are not draft and have a valid semantic version tag + # All the releases that are not draft and have a valid semantic version tag, our current release is assumed to be in draft (i.e. not yet released) previous_releases = [release for release in releases if semantic_version.validate(release.tag_name[1:]) and not release.draft] # type: ignore if len(previous_releases) == 0: print(f"Error: no previous releases found", file=sys.stderr) From a6e3b5eb929bacc0500d84c5a580c2bc7119c5c7 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Tue, 28 Nov 2023 11:31:59 +0100 Subject: [PATCH 1476/2573] Fix typo in one of the alert messages from RULE-8-2 --- c/misra/src/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.ql | 2 +- .../RULE-8-2/FunctionTypesNotInPrototypeForm.expected.clang | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/c/misra/src/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.ql b/c/misra/src/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.ql index 62aade0c0c..e46085750d 100644 --- a/c/misra/src/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.ql +++ b/c/misra/src/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.ql @@ -45,7 +45,7 @@ where msg = "Function " + f + " declares parameter that is unnamed." or hasZeroParamDecl(f) and - msg = "Function " + f + " does not specifiy void for no parameters present." + msg = "Function " + f + " does not specify void for no parameters present." or //parameters declared in declaration list (not in function signature) //have placeholder file location associated only diff --git a/c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.expected.clang b/c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.expected.clang index 8d933c8b4d..1d4a30ce8c 100644 --- a/c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.expected.clang +++ b/c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.expected.clang @@ -1,3 +1,3 @@ | test.c:3:6:3:7 | f1 | Function f1 declares parameter that is unnamed. | -| test.c:4:6:4:7 | f2 | Function f2 does not specifiy void for no parameters present. | +| test.c:4:6:4:7 | f2 | Function f2 does not specify void for no parameters present. | | test.c:7:5:7:6 | f5 | Function f5 declares parameter in unsupported declaration list. | From 7e0e04e1aa42a414cf909c47611870be1f624bb0 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Tue, 28 Nov 2023 12:07:07 +0100 Subject: [PATCH 1477/2573] Fix tests after alert message update --- .../rules/RULE-8-2/FunctionTypesNotInPrototypeForm.expected | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.expected b/c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.expected index f33a53174e..f2c08897b8 100644 --- a/c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.expected +++ b/c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.expected @@ -1,4 +1,4 @@ | test.c:3:6:3:7 | f1 | Function f1 declares parameter that is unnamed. | -| test.c:4:6:4:7 | f2 | Function f2 does not specifiy void for no parameters present. | -| test.c:5:6:5:7 | f3 | Function f3 does not specifiy void for no parameters present. | +| test.c:4:6:4:7 | f2 | Function f2 does not specify void for no parameters present. | +| test.c:5:6:5:7 | f3 | Function f3 does not specify void for no parameters present. | | test.c:7:5:7:6 | f5 | Function f5 declares parameter in unsupported declaration list. | From faf222e15365f1d86bf468912afb21491094829d Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Tue, 28 Nov 2023 17:00:26 +0100 Subject: [PATCH 1478/2573] Use new `isPrototyped` predicate in RULE-8-2 From CodeQL 2.15.4 onwards, parameters declared in a declaration list will have a location. --- .../rules/RULE-8-2/FunctionTypesNotInPrototypeForm.ql | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/c/misra/src/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.ql b/c/misra/src/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.ql index e46085750d..583bf257aa 100644 --- a/c/misra/src/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.ql +++ b/c/misra/src/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.ql @@ -48,11 +48,9 @@ where msg = "Function " + f + " does not specify void for no parameters present." or //parameters declared in declaration list (not in function signature) - //have placeholder file location associated only - exists(Parameter p | - p.getFunction() = f and - not p.getFile() = f.getFile() and - msg = "Function " + f + " declares parameter in unsupported declaration list." - ) + //have no prototype + not f.isPrototyped() and + not hasZeroParamDecl(f) and + msg = "Function " + f + " declares parameter in unsupported declaration list." ) select f, msg From 95d048ad923e60a359ec264cd2285b7025400b4a Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Tue, 28 Nov 2023 16:14:58 +0000 Subject: [PATCH 1479/2573] C++: Disable the workaround for bitwise operations since the underlying bug has been fixed. --- cpp/common/src/codingstandards/cpp/Bitwise.qll | 14 ++------------ 1 file changed, 2 insertions(+), 12 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Bitwise.qll b/cpp/common/src/codingstandards/cpp/Bitwise.qll index 0e19cae29d..871587b4ea 100644 --- a/cpp/common/src/codingstandards/cpp/Bitwise.qll +++ b/cpp/common/src/codingstandards/cpp/Bitwise.qll @@ -5,16 +5,6 @@ private import cpp as cpp module Bitwise { - /** - * A binary bitwise assign operation, excluding += and -= on pointers, which seem to be erroneously - * included. - */ - class AssignBitwiseOperation extends cpp::AssignBitwiseOperation { - AssignBitwiseOperation() { - // exclude += and -= on pointers, which seem to be erroneously included - // in the database schema - not this instanceof cpp::AssignPointerAddExpr and - not this instanceof cpp::AssignPointerSubExpr - } - } + /** A binary bitwise assign operation. */ + class AssignBitwiseOperation extends cpp::AssignBitwiseOperation { } } From 5e4bb2ad152051d67dfa237e6643c2b164ff02e3 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 28 Nov 2023 18:48:13 -0800 Subject: [PATCH 1480/2573] Use correct comment syntax --- .github/workflows/update-release-status.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index 9b1eb4bb61..3256dff852 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -60,7 +60,7 @@ jobs: /repos/$GITHUB_REPOSITORY/check-runs) echo "Created release status check run with id $CHECK_RUN_ID" - // Reset the status to in progress. + # Reset the status to in progress. echo "CHECK_RUN_STATUS=in_progress" >> "$GITHUB_ENV" - name: Check all runs completed From f553ba0d5fd3d8e02d069e4cf283e4dce85a278d Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Wed, 29 Nov 2023 10:08:44 +0000 Subject: [PATCH 1481/2573] Completely rip out the Bitwise library. --- .../OperandsOfAnInappropriateEssentialType.ql | 3 +-- ...twiseOperatorOperandsHaveDifferentUnderlyingType.ql | 3 +-- .../M5-0-21/BitwiseOperatorAppliedToSignedTypes.ql | 3 +-- .../M5-8-1/RightBitShiftOperandIsNegativeOrTooWide.ql | 3 +-- cpp/common/src/codingstandards/cpp/Bitwise.qll | 10 ---------- 5 files changed, 4 insertions(+), 18 deletions(-) delete mode 100644 cpp/common/src/codingstandards/cpp/Bitwise.qll diff --git a/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql b/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql index 6fdde80119..005b7c6cf5 100644 --- a/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql +++ b/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql @@ -14,7 +14,6 @@ import cpp import codingstandards.c.misra import codingstandards.c.misra.EssentialTypes -import codingstandards.cpp.Bitwise /** * Holds if the operator `operator` has an operand `child` that is of an inappropriate essential type @@ -178,7 +177,7 @@ predicate isInappropriateEssentialType( child = [ operator.(BinaryBitwiseOperation).getAnOperand(), - operator.(Bitwise::AssignBitwiseOperation).getAnOperand() + operator.(AssignBitwiseOperation).getAnOperand() ] and not operator instanceof LShiftExpr and not operator instanceof RShiftExpr and diff --git a/cpp/autosar/src/rules/M5-0-20/BitwiseOperatorOperandsHaveDifferentUnderlyingType.ql b/cpp/autosar/src/rules/M5-0-20/BitwiseOperatorOperandsHaveDifferentUnderlyingType.ql index 9e85a15e50..6d0554bf11 100644 --- a/cpp/autosar/src/rules/M5-0-20/BitwiseOperatorOperandsHaveDifferentUnderlyingType.ql +++ b/cpp/autosar/src/rules/M5-0-20/BitwiseOperatorOperandsHaveDifferentUnderlyingType.ql @@ -16,7 +16,6 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.Bitwise import codingstandards.cpp.Conversion predicate isBinaryBitwiseOperation(Operation o, VariableAccess l, VariableAccess r) { @@ -24,7 +23,7 @@ predicate isBinaryBitwiseOperation(Operation o, VariableAccess l, VariableAccess l = bbo.getLeftOperand() and r = bbo.getRightOperand() ) or - exists(Bitwise::AssignBitwiseOperation abo | abo = o | + exists(AssignBitwiseOperation abo | abo = o | l = abo.getLValue() and r = abo.getRValue() ) diff --git a/cpp/autosar/src/rules/M5-0-21/BitwiseOperatorAppliedToSignedTypes.ql b/cpp/autosar/src/rules/M5-0-21/BitwiseOperatorAppliedToSignedTypes.ql index d000155189..02bb5314cd 100644 --- a/cpp/autosar/src/rules/M5-0-21/BitwiseOperatorAppliedToSignedTypes.ql +++ b/cpp/autosar/src/rules/M5-0-21/BitwiseOperatorAppliedToSignedTypes.ql @@ -17,7 +17,6 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.Bitwise from Operation o, VariableAccess va where @@ -25,7 +24,7 @@ where ( o instanceof UnaryBitwiseOperation or o instanceof BinaryBitwiseOperation or - o instanceof Bitwise::AssignBitwiseOperation + o instanceof AssignBitwiseOperation ) and o.getAnOperand() = va and va.getTarget().getUnderlyingType().(IntegralType).isSigned() diff --git a/cpp/autosar/src/rules/M5-8-1/RightBitShiftOperandIsNegativeOrTooWide.ql b/cpp/autosar/src/rules/M5-8-1/RightBitShiftOperandIsNegativeOrTooWide.ql index 38da7115f3..b94d76fd94 100644 --- a/cpp/autosar/src/rules/M5-8-1/RightBitShiftOperandIsNegativeOrTooWide.ql +++ b/cpp/autosar/src/rules/M5-8-1/RightBitShiftOperandIsNegativeOrTooWide.ql @@ -17,7 +17,6 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.Bitwise class ShiftOperation extends Operation { Expr leftOperand; @@ -34,7 +33,7 @@ class ShiftOperation extends Operation { rightOperand = o.getRightOperand() ) or - exists(Bitwise::AssignBitwiseOperation o | this = o | + exists(AssignBitwiseOperation o | this = o | ( o instanceof AssignLShiftExpr or diff --git a/cpp/common/src/codingstandards/cpp/Bitwise.qll b/cpp/common/src/codingstandards/cpp/Bitwise.qll deleted file mode 100644 index 871587b4ea..0000000000 --- a/cpp/common/src/codingstandards/cpp/Bitwise.qll +++ /dev/null @@ -1,10 +0,0 @@ -/** - * A library for addressing issues in bitwise operator modelling in our database schema. - */ - -private import cpp as cpp - -module Bitwise { - /** A binary bitwise assign operation. */ - class AssignBitwiseOperation extends cpp::AssignBitwiseOperation { } -} From 87b64e7352152ffd34a7f6f553a553303be98d5a Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 29 Nov 2023 09:21:34 -0800 Subject: [PATCH 1482/2573] Add check if release-status checkrun was found --- .github/workflows/update-release-status.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index 3256dff852..3589ed8d17 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -38,6 +38,11 @@ jobs: --jq '.check_runs[] | select(.name == "release-status") | {id: .id, status: .status, conclusion: .conclusion}' \ /repos/$GITHUB_REPOSITORY/commits/$HEAD_SHA/check-runs) + if [[ -z "$check_run_info" ]]; then + echo "No release status check run found" + exit 1 + fi + check_run_id=$(echo "$check_run_info" | jq -r '.id') check_run_status=$(echo "$check_run_info" | jq -r '.status') check_run_conclusion=$(echo "$check_run_info" | jq -r '.conclusion') From ab143ef788854555838554301cd6ebf54e0bd88f Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 29 Nov 2023 09:28:51 -0800 Subject: [PATCH 1483/2573] Only update release on success --- .github/workflows/update-release-status.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index 3589ed8d17..980764c924 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -21,6 +21,7 @@ jobs: runs-on: ubuntu-22.04 outputs: status: ${{ steps.set-output.outputs.status }} + conclusion: ${{ steps.set-output.outputs.conclusion }} steps: - name: Checkout uses: actions/checkout@v4 @@ -113,6 +114,8 @@ jobs: --input - \ /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID + echo "conclusion=$conclusion" >> "$GITHUB_OUTPUT + - name: Set output id: set-output run: | @@ -124,7 +127,7 @@ jobs: update-release: needs: validate-check-runs - if: needs.validate-check-runs.outputs.status == 'completed' + if: needs.validate-check-runs.outputs.status == 'completed' && needs.validate-check-runs.outputs.conclusion == 'success' uses: ./.github/workflows/update-release.yml with: head-sha: ${{ inputs.head-sha }} From ae8b7cb8f1e774a27296cc732398b4605698f6eb Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 29 Nov 2023 09:40:08 -0800 Subject: [PATCH 1484/2573] Print status stats for debugging purposes --- .github/workflows/update-release-status.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index 980764c924..8b00bf49a7 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -82,6 +82,8 @@ jobs: status_stats=$(echo "$check_runs" | jq -r '. | {failed: (map(select(.conclusion == "failure")) | length), pending: (map(select(.status != "completed")) | length) }') + echo "status_stats=$status_stats" + failed=$(echo "$status_stats" | jq -r '.failed') pending=$(echo "$status_stats" | jq -r '.pending') From b126c7f06de76c9e7d85268cc3fcce6cd88602b9 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 29 Nov 2023 12:02:00 -0800 Subject: [PATCH 1485/2573] Add webhook handler used in an Azure Function --- scripts/release/webhook-handler.js | 229 +++++++++++++++++++++++++++++ 1 file changed, 229 insertions(+) create mode 100644 scripts/release/webhook-handler.js diff --git a/scripts/release/webhook-handler.js b/scripts/release/webhook-handler.js new file mode 100644 index 0000000000..01a29f316e --- /dev/null +++ b/scripts/release/webhook-handler.js @@ -0,0 +1,229 @@ +/** + * This function is triggered by a GitHub webhook when a check run completes. + * It expects the following environment variables to be set: + * - GITHUB_APP_ID: the ID of the GitHub App used to authenticate + * - GITHUB_APP_INSTALLATION_ID: the ID of the GitHub App installation + * - GITHUB_APP_PRIVATE_KEY: the private key of the GitHub App + * - GITHUB_WEBHOOK_SECRET: the secret used to sign the webhook + * - GITHUB_WORKFLOW_ID: the ID of the workflow to trigger, this should be the id of the workflow `update-release-status.yml` + */ +const crypto = require('crypto'); +const { Buffer } = require('buffer'); +const https = require('https'); + +function encode(obj) { + return Buffer.from(JSON.stringify(obj)).toString('base64url'); +} + +function createJwtToken() { + + const signingKey = crypto.createPrivateKey(Buffer.from(process.env['GITHUB_APP_PRIVATE_KEY'], 'base64')); + + const claims = { + // Issue 60 seconds in the past to account for clock drift. + iat: Math.floor(Date.now() / 1000) - 60, + // The token is valid for 1 minutes + exp: Math.floor(Date.now() / 1000) + (1 * 60), + iss: process.env["GITHUB_APP_ID"] + }; + + const header = { + alg: "RS256", + typ: "JWT" + }; + + const payload = `${encode(header)}.${encode(claims)}`; + const signer = crypto.createSign('RSA-SHA256'); + const signature = (signer.update(payload), signer.sign(signingKey, 'base64url')); + + return `${payload}.${signature}`; +} + +function createAccessToken(context) { + return new Promise((resolve, reject) => { + const options = { + hostname: 'api.github.com', + path: `/app/installations/${process.env["GITHUB_APP_INSTALLATION_ID"]}/access_tokens`, + method: 'POST' + }; + + const req = https.request(options, (res) => { + res.on('data', (data) => { + const body = JSON.parse(data.toString('utf8')); + access_token = body.token; + //context.log(access_token); + resolve(access_token); + }); + + res.on('error', (error) => { + reject(error); + }) + }); + + req.setHeader('Accept', 'application/vnd.github+json'); + const token = createJwtToken(); + //context.log(`JWT Token ${token}`); + req.setHeader('Authorization', `Bearer ${token}`); + req.setHeader('X-GitHub-Api-Version', '2022-11-28'); + req.setHeader('User-Agent', 'CodeQL Coding Standards Automation'); + + req.end(); + }); +} + +function triggerReleaseUpdate(context, access_token, head_sha) { + context.log(`Triggering release update for head sha ${head_sha}`) + return new Promise((resolve, reject) => { + const options = { + hostname: 'api.github.com', + path: `/repos/github/codeql-coding-standards/actions/workflows/${process.env["GITHUB_WORKFLOW_ID"]}/dispatches`, + method: 'POST' + }; + + const req = https.request(options, (res) => { + res.on('error', (error) => { + reject(error); + }) + }); + + req.setHeader('Accept', 'application/vnd.github+json'); + req.setHeader('Authorization', `Bearer ${access_token}`); + req.setHeader('X-GitHub-Api-Version', '2022-11-28'); + req.setHeader('User-Agent', 'CodeQL Coding Standards Automation'); + + const params = { + ref: 'main', + inputs: { + "head-sha": head_sha + } + }; + req.on('response', (response) => { + context.log(`Received status code ${response.statusCode} with message ${response.statusMessage}`); + resolve(); + }); + req.end(JSON.stringify(params)); + }); +} + +function listCheckRunsForRefPerPage(context, access_token, ref, page = 1) { + context.log(`Listing check runs for ${ref}`) + return new Promise((resolve, reject) => { + const options = { + hostname: 'api.github.com', + path: `/repos/github/codeql-coding-standards/commits/${ref}/check-runs?page=${page}&per_page=100`, + method: 'GET', + headers: { + 'Accept': 'application/vnd.github+json', + 'Authorization': `Bearer ${access_token}`, + 'X-GitHub-Api-Version': '2022-11-28', + 'User-Agent': 'CodeQL Coding Standards Automation' + } + }; + + const req = https.request(options, (res) => { + if (res.statusCode != 200) { + reject(`Received status code ${res.statusCode} with message ${res.statusMessage}`); + } else { + var body = []; + res.on('data', (chunk) => { + body.push(chunk); + }); + res.on('end', () => { + try { + body = JSON.parse(Buffer.concat(body).toString('utf8')); + resolve(body); + } catch (error) { + reject(error); + } + }); + } + }); + req.on('error', (error) => { + reject(error); + }); + + req.end(); + }); +} + +async function listCheckRunsForRef(context, access_token, ref) { + let page = 1; + let check_runs = []; + const first_page = await listCheckRunsForRefPerPage(context, access_token, ref, page); + check_runs = check_runs.concat(first_page.check_runs); + while (first_page.total_count > check_runs.length) { + page++; + const next_page = await listCheckRunsForRefPerPage(context, access_token, ref, page); + check_runs = check_runs.concat(next_page.check_runs); + } + return check_runs; +} + +function hasReleaseStatusCheckRun(check_runs) { + return check_runs.some(check_run => check_run.name == 'release-status'); +} + +function isValidSignature(req) { + const hmac = crypto.createHmac("sha256", process.env["GITHUB_WEBHOOK_SECRET"]); + const signature = hmac.update(JSON.stringify(req.body)).digest('hex'); + const shaSignature = `sha256=${signature}`; + const gitHubSignature = req.headers['x-hub-signature-256']; + + return !shaSignature.localeCompare(gitHubSignature); +} + +module.exports = async function (context, req) { + context.log('Webhook received.'); + + if (isValidSignature(req)) { + const event = req.headers['x-github-event']; + + if (event == 'check_run') { + webhook = req.body; + + // To avoid infinite loops, we skip triggering the workflow for the following checkruns. + const check_runs_to_skip = [ + // check run created by manual dispatch of Update Release workflow + 'Update release', + // check runs created by job in Update release status workflow + 'update-release', + // when update-release calls reusable workflow Update release + 'update-release / Update release', + 'validate-check-runs', + // check run that validates the whole release + 'release-status']; + const update_release_actions = ['completed', 'rerequested']; + + if (update_release_actions.includes(webhook.action) && !check_runs_to_skip.includes(webhook.check_run.name)) { + context.log(`Triggering update release status because ${webhook.check_run.name} received action ${webhook.action}`); + + try { + const access_token = await createAccessToken(context); + const check_runs = await listCheckRunsForRef(context, access_token, webhook.check_run.head_sha); + if (hasReleaseStatusCheckRun(check_runs)) { + context.log(`Release status check run found for ${webhook.check_run.head_sha}`); + await triggerReleaseUpdate(context, access_token, webhook.check_run.head_sha); + } else { + context.log(`Skippping, no release status check run found for ${webhook.check_run.head_sha}`); + } + } catch (error) { + context.log(`Failed with error: ${error}`); + } + } else { + context.log(`Skipping action ${webhook.action} for ${webhook.check_run.name}`) + } + } else { + context.log(`Skipping event: ${event}`) + } + + context.res = { + status: 200 + }; + } else { + context.log('Received invalid GitHub signature') + context.res = { + status: 401, + body: 'Invalid x-hub-signature-256 value' + }; + } +} \ No newline at end of file From becbcb4d1949c2243bbd07da5170afba7c9cc512 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 29 Nov 2023 12:04:07 -0800 Subject: [PATCH 1486/2573] Add missing doublequote --- .github/workflows/update-release-status.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index 8b00bf49a7..b16b97437d 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -116,7 +116,7 @@ jobs: --input - \ /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID - echo "conclusion=$conclusion" >> "$GITHUB_OUTPUT + echo "conclusion=$conclusion" >> "$GITHUB_OUTPUT" - name: Set output id: set-output From 50383f8b932941213a122758b3a521f39320a434 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 29 Nov 2023 12:06:02 -0800 Subject: [PATCH 1487/2573] Remove old remnant overwritting CHECK_RUNS_FAILED --- .github/workflows/update-release-status.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index b16b97437d..beced06002 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -94,7 +94,6 @@ jobs: if: env.CHECK_RUNS_PENDING == '0' && env.CHECK_RUN_STATUS != 'completed' env: GITHUB_TOKEN: ${{ github.token }} - CHECK_RUNS_FAILED: ${{ env.check-runs-failed }} run: | if [[ "$CHECK_RUNS_FAILED" == "0" ]]; then echo "All check runs succeeded" From ff193da3604ca45e893848abc380fb44bc1be5f1 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 29 Nov 2023 12:15:12 -0800 Subject: [PATCH 1488/2573] Update function description --- scripts/release/webhook-handler.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/release/webhook-handler.js b/scripts/release/webhook-handler.js index 01a29f316e..8016cb256b 100644 --- a/scripts/release/webhook-handler.js +++ b/scripts/release/webhook-handler.js @@ -1,5 +1,5 @@ /** - * This function is triggered by a GitHub webhook when a check run completes. + * This function should be installed as an Azure Function with a HTTP trigger and configured as a GitHub webhook. * It expects the following environment variables to be set: * - GITHUB_APP_ID: the ID of the GitHub App used to authenticate * - GITHUB_APP_INSTALLATION_ID: the ID of the GitHub App installation From d2b668b4da9409bb06237b3613ef7a85dcc8d172 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 29 Nov 2023 12:23:01 -0800 Subject: [PATCH 1489/2573] Correct comment --- scripts/release/webhook-handler.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/release/webhook-handler.js b/scripts/release/webhook-handler.js index 8016cb256b..6197bedb48 100644 --- a/scripts/release/webhook-handler.js +++ b/scripts/release/webhook-handler.js @@ -22,7 +22,7 @@ function createJwtToken() { const claims = { // Issue 60 seconds in the past to account for clock drift. iat: Math.floor(Date.now() / 1000) - 60, - // The token is valid for 1 minutes + // The token is valid for 1 minute(s). exp: Math.floor(Date.now() / 1000) + (1 * 60), iss: process.env["GITHUB_APP_ID"] }; From 7ca02e7c943da6c362775dae9feb3af7b8b2b80f Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 29 Nov 2023 14:18:46 -0800 Subject: [PATCH 1490/2573] Set conclusion output in the set-output step --- .github/workflows/update-release-status.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index beced06002..a784966ff4 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -115,11 +115,12 @@ jobs: --input - \ /repos/$GITHUB_REPOSITORY/check-runs/$CHECK_RUN_ID - echo "conclusion=$conclusion" >> "$GITHUB_OUTPUT" + echo "RELEASE_STATUS_CONCLUSION=$conclusion" >> "$GITHUB_ENV" - name: Set output id: set-output run: | + echo "conclusion=$RELEASE_STATUS_CONCLUSION" >> "$GITHUB_OUTPUT" if [[ "$CHECK_RUNS_PENDING" == "0" ]]; then echo "status=completed" >> "$GITHUB_OUTPUT" else From a37f19263afa2c439fe386fdbb098fc9fc407155 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 30 Nov 2023 11:33:58 -0800 Subject: [PATCH 1491/2573] Update check run id on reset --- .github/workflows/update-release-status.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/update-release-status.yml b/.github/workflows/update-release-status.yml index a784966ff4..874bc4d0b2 100644 --- a/.github/workflows/update-release-status.yml +++ b/.github/workflows/update-release-status.yml @@ -57,7 +57,7 @@ jobs: env: GITHUB_TOKEN: ${{ github.token }} run: | - CHECK_RUN_ID=$(gh api \ + check_run_id=$(gh api \ --header "Accept: application/vnd.github+json" \ --header "X-GitHub-Api-Version: 2022-11-28" \ --field name="release-status" \ @@ -65,9 +65,10 @@ jobs: --jq ".id" \ /repos/$GITHUB_REPOSITORY/check-runs) - echo "Created release status check run with id $CHECK_RUN_ID" + echo "Created release status check run with id $check_run_id" # Reset the status to in progress. echo "CHECK_RUN_STATUS=in_progress" >> "$GITHUB_ENV" + echo "CHECK_RUN_ID=$check_run_id" >> "$GITHUB_ENV" - name: Check all runs completed if: env.CHECK_RUN_STATUS != 'completed' From bb8a49793c831eb7c8019cc4628a7eedc5481906 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Fri, 1 Dec 2023 21:25:45 +0100 Subject: [PATCH 1492/2573] Modernize dataflow configurations --- ...interArithmeticOnNonArrayObjectPointers.ql | 21 ++++++---- ...otAddOrSubtractAScaledIntegerToAPointer.ql | 18 ++++---- .../CON30-C/CleanUpThreadSpecificStorage.ql | 16 +++---- ...PointerToMoreStrictlyAlignedPointerType.ql | 40 ++++++++---------- ...CallFunctionPointerWithIncompatibleType.ql | 16 +++---- ...essVariableViaPointerOfIncompatibleType.ql | 25 ++++++----- .../EXP40-C/DoNotModifyConstantObjects.ql | 16 +++---- ...sAliasedPointerToRestrictQualifiedParam.ql | 24 ++++++----- ...trictPointerReferencesOverlappingObject.ql | 18 ++++---- ...uesForFsetposThatAreReturnedFromFgetpos.ql | 12 +++--- ...DoNotModifyAlignmentOfMemoryWithRealloc.ql | 16 +++---- ...oNotPassInvalidDataToTheAsctimeFunction.ql | 14 +++---- ...ArgOnAVaListThatHasAnIndeterminateValue.ql | 16 +++---- .../DoNotAttemptToModifyStringLiterals.ql | 18 ++++---- .../src/codingstandards/c/OutOfBounds.qll | 21 +++++----- ...PointersAddressingDifferentArrays.expected | 16 ++++--- ...ionalOperatorsWithDifferingArrays.expected | 24 +++++++---- .../ArrayFunctionArgumentNumberOfElements.ql | 17 ++++---- ...emcmpUsedToCompareNullTerminatedStrings.ql | 27 ++++++------ .../AttemptToWriteToAReadOnlyStream.ql | 14 +++---- ...allBeComparedWithUnmodifiedReturnValues.ql | 16 +++---- ...AnElementOfAnArrayPassedToASmartPointer.ql | 25 ++++++----- ...hmeticUsedWithPointersToNonFinalClasses.ql | 22 +++++----- .../rules/A5-1-7/LambdaPassedToDecltype.ql | 15 +++---- .../src/rules/A5-1-7/LambdaPassedToTypeid.ql | 18 ++++---- .../PointerSubtractionOnDifferentArrays.ql | 25 +++++------ ...entOfAnArrayPassedToASmartPointer.expected | 4 +- ...sePointerArithmeticOnPolymorphicObjects.ql | 22 +++++----- ...nArrayThroughAPointerOfTheIncorrectType.ql | 16 +++---- .../DetectAndHandleMemoryAllocationErrors.ql | 14 +++---- .../MEM53-CPP/ManuallyManagedLifetime.qll | 27 ++++++------ ...ConstructorCallForManuallyManagedObject.ql | 6 +-- ...gDestructorCallForManuallyManagedObject.ql | 8 ++-- .../src/codingstandards/cpp/Concurrency.qll | 14 +++---- .../src/codingstandards/cpp/Nullness.qll | 24 +++++------ .../cpp/allocations/PlacementNew.qll | 12 +++--- ...essOfUndefinedMemberThroughNullPointer.qll | 10 +++-- ...emberThroughUninitializedStaticPointer.qll | 4 +- .../ConstLikeReturnValue.qll | 20 ++++----- ...tractPointersAddressingDifferentArrays.qll | 29 +++++++------ ...nterArithmeticToAddressDifferentArrays.qll | 16 ++++--- ...RelationalOperatorsWithDifferingArrays.qll | 29 +++++++------ .../nonconstantformat/NonConstantFormat.qll | 16 +++---- ...lyFreeMemoryAllocatedDynamicallyShared.qll | 42 ++++++++----------- ...nterValueStoredInUnrelatedSmartPointer.qll | 26 ++++++------ .../PlacementNewInsufficientStorage.qll | 19 ++++----- .../PlacementNewNotProperlyAligned.qll | 27 ++++++------ ...tringNumberConversionMissingErrorCheck.qll | 16 +++---- .../ThrowingOperatorNewReturnsNull.qll | 16 +++---- ...eOnlyArrayIndexingForPointerArithmetic.qll | 15 +++---- .../cpp/standardlibrary/FileStreams.qll | 18 ++++---- ...PointersAddressingDifferentArrays.expected | 16 ++++--- ...ionalOperatorsWithDifferingArrays.expected | 24 +++++++---- ...alueStoredInUnrelatedSmartPointer.expected | 12 +++++- 54 files changed, 511 insertions(+), 501 deletions(-) diff --git a/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql b/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql index 1abc2ad882..2f8ecec25d 100644 --- a/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql +++ b/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql @@ -14,16 +14,14 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.dataflow.DataFlow -import DataFlow::PathGraph +import NonArrayPointerToArrayIndexingExprFlow::PathGraph /** * A data-flow configuration that tracks flow from an `AddressOfExpr` of a variable * of `PointerType` that is not also an `ArrayType` to a `PointerArithmeticOrArrayExpr` */ -class NonArrayPointerToArrayIndexingExprConfig extends DataFlow::Configuration { - NonArrayPointerToArrayIndexingExprConfig() { this = "ArrayToArrayIndexConfig" } - - override predicate isSource(DataFlow::Node source) { +module NonArrayPointerToArrayIndexingExprConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { exists(AddressOfExpr ao, Type t | source.asExpr() = ao and not ao.getOperand() instanceof ArrayExpr and @@ -35,7 +33,7 @@ class NonArrayPointerToArrayIndexingExprConfig extends DataFlow::Configuration { ) } - override predicate isSink(DataFlow::Node sink) { + predicate isSink(DataFlow::Node sink) { exists(PointerArithmeticOrArrayExpr ae | sink.asExpr() = ae.getPointerOperand() and not sink.asExpr() instanceof Literal and @@ -43,7 +41,7 @@ class NonArrayPointerToArrayIndexingExprConfig extends DataFlow::Configuration { ) } - override predicate isBarrierOut(DataFlow::Node node) { + predicate isBarrierOut(DataFlow::Node node) { // the default interprocedural data-flow model flows through any field or array assignment // expressions to the qualifier (array base, pointer dereferenced, or qualifier) instead of the // individual element or field that the assignment modifies. this default behaviour causes @@ -63,6 +61,9 @@ class NonArrayPointerToArrayIndexingExprConfig extends DataFlow::Configuration { } } +module NonArrayPointerToArrayIndexingExprFlow = + DataFlow::Global; + class PointerArithmeticOrArrayExpr extends Expr { Expr operand; @@ -101,9 +102,11 @@ class PointerArithmeticOrArrayExpr extends Expr { predicate isNonPointerOperandZero() { operand.(Literal).getValue().toInt() = 0 } } -from DataFlow::PathNode source, DataFlow::PathNode sink +from + NonArrayPointerToArrayIndexingExprFlow::PathNode source, + NonArrayPointerToArrayIndexingExprFlow::PathNode sink where not isExcluded(sink.getNode().asExpr(), InvalidMemory2Package::doNotUsePointerArithmeticOnNonArrayObjectPointersQuery()) and - any(NonArrayPointerToArrayIndexingExprConfig cfg).hasFlowPath(source, sink) + NonArrayPointerToArrayIndexingExprFlow::flowPath(source, sink) select sink, source, sink, "Pointer arithmetic on non-array object pointer." diff --git a/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql b/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql index 5606c8485f..c641c17124 100644 --- a/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql +++ b/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql @@ -15,7 +15,7 @@ import cpp import codingstandards.c.cert import codingstandards.c.Pointers import codingstandards.cpp.dataflow.TaintTracking -import DataFlow::PathGraph +import ScaledIntegerPointerArithmeticFlow::PathGraph /** * An expression which invokes the `offsetof` macro or `__builtin_offsetof` operation. @@ -69,12 +69,10 @@ class ScaledIntegerExpr extends Expr { * A data-flow configuration modeling data-flow from a `ScaledIntegerExpr` to a * `PointerArithmeticExpr` where the pointer does not point to a 1-byte type. */ -class ScaledIntegerPointerArithmeticConfig extends DataFlow::Configuration { - ScaledIntegerPointerArithmeticConfig() { this = "ScaledIntegerPointerArithmeticConfig" } +module ScaledIntegerPointerArithmeticConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node src) { src.asExpr() instanceof ScaledIntegerExpr } - override predicate isSource(DataFlow::Node src) { src.asExpr() instanceof ScaledIntegerExpr } - - override predicate isSink(DataFlow::Node sink) { + predicate isSink(DataFlow::Node sink) { exists(PointerArithmeticExpr pa | // exclude pointers to 1-byte types as they do not scale pa.getPointer().getFullyConverted().getType().(DerivedType).getBaseType().getSize() != 1 and @@ -83,9 +81,13 @@ class ScaledIntegerPointerArithmeticConfig extends DataFlow::Configuration { } } -from ScaledIntegerPointerArithmeticConfig config, DataFlow::PathNode src, DataFlow::PathNode sink +module ScaledIntegerPointerArithmeticFlow = DataFlow::Global; + +from + ScaledIntegerPointerArithmeticFlow::PathNode src, + ScaledIntegerPointerArithmeticFlow::PathNode sink where not isExcluded(sink.getNode().asExpr(), Pointers2Package::doNotAddOrSubtractAScaledIntegerToAPointerQuery()) and - config.hasFlowPath(src, sink) + ScaledIntegerPointerArithmeticFlow::flowPath(src, sink) select sink, src, sink, "Scaled integer used in pointer arithmetic." diff --git a/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql b/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql index 4b31b89023..59fab6e455 100644 --- a/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql +++ b/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql @@ -18,10 +18,8 @@ import codingstandards.cpp.Concurrency import codingstandards.cpp.dataflow.TaintTracking import codingstandards.cpp.dataflow.DataFlow -class TssCreateToTssDeleteDataFlowConfiguration extends DataFlow::Configuration { - TssCreateToTssDeleteDataFlowConfiguration() { this = "TssCreateToTssDeleteDataFlowConfiguration" } - - override predicate isSource(DataFlow::Node node) { +module TssCreateToTssDeleteConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node node) { exists(TSSCreateFunctionCall tsc, Expr e | // the only requirement of the source is that at some point // it refers to the key of a create statement @@ -30,7 +28,7 @@ class TssCreateToTssDeleteDataFlowConfiguration extends DataFlow::Configuration ) } - override predicate isSink(DataFlow::Node node) { + predicate isSink(DataFlow::Node node) { exists(TSSDeleteFunctionCall tsd, Expr e | // the only requirement of a sink is that at some point // it references the key of a delete call. @@ -40,15 +38,17 @@ class TssCreateToTssDeleteDataFlowConfiguration extends DataFlow::Configuration } } +module TssCreateToTssDeleteFlow = DataFlow::Global; + from TSSCreateFunctionCall tcfc where not isExcluded(tcfc, Concurrency4Package::cleanUpThreadSpecificStorageQuery()) and // all calls to `tss_create` must be bookended by calls to tss_delete // even if a thread is not created. - not exists(TssCreateToTssDeleteDataFlowConfiguration config | - config.hasFlow(DataFlow::definitionByReferenceNodeFromArgument(tcfc.getKey()), _) + not ( + TssCreateToTssDeleteFlow::flow(DataFlow::definitionByReferenceNodeFromArgument(tcfc.getKey()), _) or - config.hasFlow(DataFlow::exprNode(tcfc.getKey()), _) + TssCreateToTssDeleteFlow::flow(DataFlow::exprNode(tcfc.getKey()), _) ) or // if a thread is created, we must check additional items diff --git a/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql b/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql index b161beac1b..cada60d10f 100644 --- a/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql +++ b/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql @@ -17,7 +17,7 @@ import codingstandards.cpp.Alignment import codingstandards.cpp.dataflow.DataFlow import codingstandards.cpp.dataflow.DataFlow2 import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis -import DataFlow::PathGraph +import ExprWithAlignmentToCStyleCastFlow::PathGraph /** * An expression with a type that has defined alignment requirements @@ -96,8 +96,7 @@ class UnconvertedCastFromNonVoidPointerExpr extends Expr { */ class DefaultAlignedPointerExpr extends UnconvertedCastFromNonVoidPointerExpr, ExprWithAlignment { DefaultAlignedPointerExpr() { - not any(AllocationOrAddressOfExprToUnconvertedCastFromNonVoidPointerExprConfig config) - .hasFlowTo(DataFlow::exprNode(this)) + not AllocationOrAddressOfExprToUnconvertedCastFromNonVoidPointerExprFlow::flowTo(DataFlow::exprNode(this)) } override int getAlignment() { result = this.getType().(PointerType).getBaseType().getAlignment() } @@ -118,43 +117,37 @@ class DefaultAlignedPointerExpr extends UnconvertedCastFromNonVoidPointerExpr, E * to exclude an `DefaultAlignedPointerAccessExpr` as a source if a preceding source * defined by this configuration provides more accurate alignment information. */ -class AllocationOrAddressOfExprToUnconvertedCastFromNonVoidPointerExprConfig extends DataFlow2::Configuration +module AllocationOrAddressOfExprToUnconvertedCastFromNonVoidPointerExprConfig implements + DataFlow::ConfigSig { - AllocationOrAddressOfExprToUnconvertedCastFromNonVoidPointerExprConfig() { - this = "AllocationOrAddressOfExprToUnconvertedCastFromNonVoidPointerExprConfig" - } - - override predicate isSource(DataFlow::Node source) { + predicate isSource(DataFlow::Node source) { source.asExpr() instanceof AddressOfAlignedVariableExpr or source.asExpr() instanceof DefinedAlignmentAllocationExpr } - override predicate isSink(DataFlow::Node sink) { + predicate isSink(DataFlow::Node sink) { sink.asExpr() instanceof UnconvertedCastFromNonVoidPointerExpr } } +module AllocationOrAddressOfExprToUnconvertedCastFromNonVoidPointerExprFlow = + DataFlow::Global; + /** * A data-flow configuration for analysing the flow of `ExprWithAlignment` pointer expressions * to casts which perform pointer type conversions and potentially create pointer alignment issues. */ -class ExprWithAlignmentToCStyleCastConfiguration extends DataFlow::Configuration { - ExprWithAlignmentToCStyleCastConfiguration() { - this = "ExprWithAlignmentToCStyleCastConfiguration" - } +module ExprWithAlignmentToCStyleCastConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { source.asExpr() instanceof ExprWithAlignment } - override predicate isSource(DataFlow::Node source) { - source.asExpr() instanceof ExprWithAlignment - } - - override predicate isSink(DataFlow::Node sink) { + predicate isSink(DataFlow::Node sink) { exists(CStyleCast cast | cast.getUnderlyingType() instanceof PointerType and cast.getUnconverted() = sink.asExpr() ) } - override predicate isBarrierOut(DataFlow::Node node) { + predicate isBarrierOut(DataFlow::Node node) { // the default interprocedural data-flow model flows through any array assignment expressions // to the qualifier (array base or pointer dereferenced) instead of the individual element // that the assignment modifies. this default behaviour causes false positives for any future @@ -169,12 +162,15 @@ class ExprWithAlignmentToCStyleCastConfiguration extends DataFlow::Configuration } } +module ExprWithAlignmentToCStyleCastFlow = DataFlow::Global; + from - DataFlow::PathNode source, DataFlow::PathNode sink, ExprWithAlignment expr, CStyleCast cast, + ExprWithAlignmentToCStyleCastFlow::PathNode source, + ExprWithAlignmentToCStyleCastFlow::PathNode sink, ExprWithAlignment expr, CStyleCast cast, Type toBaseType, int alignmentFrom, int alignmentTo where not isExcluded(cast, Pointers3Package::doNotCastPointerToMoreStrictlyAlignedPointerTypeQuery()) and - any(ExprWithAlignmentToCStyleCastConfiguration config).hasFlowPath(source, sink) and + ExprWithAlignmentToCStyleCastFlow::flowPath(source, sink) and source.getNode().asExpr() = expr and sink.getNode().asExpr() = cast.getUnconverted() and toBaseType = cast.getActualType().(PointerType).getBaseType() and diff --git a/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql b/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql index b68cfa8ce1..e28dbddaaf 100644 --- a/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql +++ b/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.dataflow.DataFlow -import DataFlow::PathGraph +import SuspectFunctionPointerToCallFlow::PathGraph /** * An expression of type `FunctionPointer` which is the unconverted expression of a cast @@ -37,26 +37,26 @@ class SuspiciousFunctionPointerCastExpr extends Expr { * Data-flow configuration for flow from a `SuspiciousFunctionPointerCastExpr` * to a call of the function pointer resulting from the function pointer cast */ -class SuspectFunctionPointerToCallConfig extends DataFlow::Configuration { - SuspectFunctionPointerToCallConfig() { this = "SuspectFunctionPointerToCallConfig" } - - override predicate isSource(DataFlow::Node src) { +module SuspectFunctionPointerToCallConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node src) { src.asExpr() instanceof SuspiciousFunctionPointerCastExpr } - override predicate isSink(DataFlow::Node sink) { + predicate isSink(DataFlow::Node sink) { exists(VariableCall call | sink.asExpr() = call.getExpr().(VariableAccess)) } } +module SuspectFunctionPointerToCallFlow = DataFlow::Global; + from - SuspectFunctionPointerToCallConfig config, DataFlow::PathNode src, DataFlow::PathNode sink, + SuspectFunctionPointerToCallFlow::PathNode src, SuspectFunctionPointerToCallFlow::PathNode sink, Access access where not isExcluded(src.getNode().asExpr(), ExpressionsPackage::doNotCallFunctionPointerWithIncompatibleTypeQuery()) and access = src.getNode().asExpr() and - config.hasFlowPath(src, sink) + SuspectFunctionPointerToCallFlow::flowPath(src, sink) select src, src, sink, "Incompatible function $@ assigned to function pointer is eventually called through the pointer.", access.getTarget(), access.getTarget().getName() diff --git a/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql b/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql index 784fb54b2f..1962c5b0b0 100644 --- a/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql +++ b/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql @@ -15,7 +15,7 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.dataflow.DataFlow import semmle.code.cpp.controlflow.Dominance -import DataFlow::PathGraph +import IndirectCastFlow::PathGraph /** * The standard function `memset` and its assorted variants @@ -62,15 +62,15 @@ class IndirectCastReallocatedFlowState extends DataFlow::FlowState { * other cast expressions or to dereferences of pointers reallocated with a call * to `realloc` but not cleared via a function call to `memset`. */ -class IndirectCastConfiguration extends DataFlow::Configuration { - IndirectCastConfiguration() { this = "CastToIncompatibleTypeConfiguration" } +module IndirectCastConfig implements DataFlow::StateConfigSig { + class FlowState = DataFlow::FlowState; - override predicate isSource(DataFlow::Node source, DataFlow::FlowState state) { + predicate isSource(DataFlow::Node source, FlowState state) { state instanceof IndirectCastDefaultFlowState and source.asExpr() instanceof IndirectCastAnalysisUnconvertedCastExpr } - override predicate isSink(DataFlow::Node sink, DataFlow::FlowState state) { + predicate isSink(DataFlow::Node sink, FlowState state) { sink.asExpr() instanceof IndirectCastAnalysisUnconvertedCastExpr and state instanceof IndirectCastDefaultFlowState or @@ -103,7 +103,7 @@ class IndirectCastConfiguration extends DataFlow::Configuration { ) } - override predicate isBarrier(DataFlow::Node node, DataFlow::FlowState state) { + predicate isBarrier(DataFlow::Node node, FlowState state) { state instanceof IndirectCastReallocatedFlowState and exists(FunctionCall fc | fc.getTarget() instanceof MemsetFunction and @@ -111,9 +111,8 @@ class IndirectCastConfiguration extends DataFlow::Configuration { ) } - override predicate isAdditionalFlowStep( - DataFlow::Node node1, DataFlow::FlowState state1, DataFlow::Node node2, - DataFlow::FlowState state2 + predicate isAdditionalFlowStep( + DataFlow::Node node1, FlowState state1, DataFlow::Node node2, FlowState state2 ) { // track pointer flow through realloc calls and update state to `IndirectCastReallocatedFlowState` state1 instanceof IndirectCastDefaultFlowState and @@ -135,6 +134,8 @@ class IndirectCastConfiguration extends DataFlow::Configuration { } } +module IndirectCastFlow = DataFlow::GlobalWithState; + pragma[inline] predicate areTypesSameExceptForConstSpecifiers(Type a, Type b) { a.stripType() = b.stripType() and @@ -190,12 +191,14 @@ Type compatibleTypes(Type type) { ) } -from DataFlow::PathNode source, DataFlow::PathNode sink, Cast cast, Type fromType, Type toType +from + IndirectCastFlow::PathNode source, IndirectCastFlow::PathNode sink, Cast cast, Type fromType, + Type toType where not isExcluded(sink.getNode().asExpr(), Pointers3Package::doNotAccessVariableViaPointerOfIncompatibleTypeQuery()) and cast.getFile().compiledAsC() and - any(IndirectCastConfiguration config).hasFlowPath(source, sink) and + IndirectCastFlow::flowPath(source, sink) and // include only sinks which are not a compatible type to the associated source source.getNode().asExpr() = cast.getUnconverted() and fromType = cast.getUnconverted().getType().(PointerType).getBaseType() and diff --git a/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql b/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql index dbeffd8153..d79224435f 100644 --- a/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql +++ b/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.dataflow.DataFlow -import DataFlow::PathGraph +import CastFlow::PathGraph import codingstandards.cpp.SideEffect class ConstRemovingCast extends Cast { @@ -32,23 +32,23 @@ class MaybeReturnsStringLiteralFunctionCall extends FunctionCall { } } -class MyDataFlowConfCast extends DataFlow::Configuration { - MyDataFlowConfCast() { this = "MyDataFlowConfCast" } - - override predicate isSource(DataFlow::Node source) { +module CastConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { source.asExpr().getFullyConverted() instanceof ConstRemovingCast or source.asExpr().getFullyConverted() = any(MaybeReturnsStringLiteralFunctionCall c) } - override predicate isSink(DataFlow::Node sink) { + predicate isSink(DataFlow::Node sink) { sink.asExpr() = any(Assignment a).getLValue().(PointerDereferenceExpr).getOperand() } } -from MyDataFlowConfCast conf, DataFlow::PathNode src, DataFlow::PathNode sink +module CastFlow = DataFlow::Global; + +from CastFlow::PathNode src, CastFlow::PathNode sink where - conf.hasFlowPath(src, sink) + CastFlow::flowPath(src, sink) or sink.getNode() .asExpr() diff --git a/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql b/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql index 2e96e25f9f..a4cc4e8944 100644 --- a/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql +++ b/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql @@ -115,25 +115,24 @@ int getPointerArithmeticOperandStatedValue(CallToFunctionWithRestrictParametersA result = 0 } -class PointerValueToRestrictArgConfig extends DataFlow::Configuration { - PointerValueToRestrictArgConfig() { this = "PointerValueToRestrictArgConfig" } +module PointerValueToRestrictArgConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { pointerValue(source.asExpr()) } - override predicate isSource(DataFlow::Node source) { pointerValue(source.asExpr()) } - - override predicate isSink(DataFlow::Node sink) { + predicate isSink(DataFlow::Node sink) { exists(CallToFunctionWithRestrictParameters call | sink.asExpr() = call.getAPtrArg(_).getAChild*() ) } - override predicate isBarrierIn(DataFlow::Node node) { + predicate isBarrierIn(DataFlow::Node node) { exists(AddressOfExpr a | node.asExpr() = a.getOperand().getAChild*()) } } +module PointerValueToRestrictArgFlow = DataFlow::Global; + from - PointerValueToRestrictArgConfig config, CallToFunctionWithRestrictParameters call, - CallToFunctionWithRestrictParametersArgExpr arg1, + CallToFunctionWithRestrictParameters call, CallToFunctionWithRestrictParametersArgExpr arg1, CallToFunctionWithRestrictParametersArgExpr arg2, int argOffset1, int argOffset2, Expr source1, Expr source2, string sourceMessage1, string sourceMessage2 where @@ -144,17 +143,20 @@ where (not arg2 = call.getARestrictPtrArg() or arg2.getParamIndex() > arg1.getParamIndex()) and ( // check if two pointers address the same object - config.hasFlow(DataFlow::exprNode(source1), DataFlow::exprNode(arg1.getAChild*())) and + PointerValueToRestrictArgFlow::flow(DataFlow::exprNode(source1), + DataFlow::exprNode(arg1.getAChild*())) and ( // one pointer value flows to both args - config.hasFlow(DataFlow::exprNode(source1), DataFlow::exprNode(arg2.getAChild*())) and + PointerValueToRestrictArgFlow::flow(DataFlow::exprNode(source1), + DataFlow::exprNode(arg2.getAChild*())) and sourceMessage1 = "$@" and sourceMessage2 = "source" and source1 = source2 or // there are two separate values that flow from an AddressOfExpr of the same target getAddressOfExprTargetBase(source1) = getAddressOfExprTargetBase(source2) and - config.hasFlow(DataFlow::exprNode(source2), DataFlow::exprNode(arg2.getAChild*())) and + PointerValueToRestrictArgFlow::flow(DataFlow::exprNode(source2), + DataFlow::exprNode(arg2.getAChild*())) and sourceMessage1 = "a pair of address-of expressions ($@, $@)" and sourceMessage2 = "addressof1" and not source1 = source2 diff --git a/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql b/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql index 727bda754e..bbe41259b8 100644 --- a/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql +++ b/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql @@ -39,22 +39,20 @@ class AssignmentOrInitializationToRestrictPtrValueExpr extends Expr { * A data-flow configuration for tracking flow from an assignment or initialization to * an assignment to an `AssignmentOrInitializationToRestrictPtrValueExpr`. */ -class AssignedValueToRestrictPtrValueConfiguration extends DataFlow::Configuration { - AssignedValueToRestrictPtrValueConfiguration() { - this = "AssignmentOrInitializationToRestrictPtrValueConfiguration" - } - - override predicate isSource(DataFlow::Node source) { +module AssignedValueToRestrictPtrValueConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { exists(Variable v | source.asExpr() = v.getAnAssignedValue()) } - override predicate isSink(DataFlow::Node sink) { + predicate isSink(DataFlow::Node sink) { sink.asExpr() instanceof AssignmentOrInitializationToRestrictPtrValueExpr } } +module AssignedValueToRestrictPtrValueFlow = + DataFlow::Global; + from - AssignedValueToRestrictPtrValueConfiguration config, AssignmentOrInitializationToRestrictPtrValueExpr expr, DataFlow::Node sourceValue, string sourceMessage where @@ -71,8 +69,8 @@ where exists(AssignmentOrInitializationToRestrictPtrValueExpr pre_expr | expr.getEnclosingBlock() = pre_expr.getEnclosingBlock() and ( - config.hasFlow(sourceValue, DataFlow::exprNode(pre_expr)) and - config.hasFlow(sourceValue, DataFlow::exprNode(expr)) and + AssignedValueToRestrictPtrValueFlow::flow(sourceValue, DataFlow::exprNode(pre_expr)) and + AssignedValueToRestrictPtrValueFlow::flow(sourceValue, DataFlow::exprNode(expr)) and sourceMessage = "the same source value" or // Expressions referring to the address of the same variable can also result in aliasing diff --git a/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql b/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql index 94f3238f26..33a906136f 100644 --- a/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql +++ b/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql @@ -22,24 +22,24 @@ class FsetposCall extends FunctionCall { FsetposCall() { this.getTarget().hasGlobalOrStdName("fsetpos") } } -class FposDFConf extends DataFlow::Configuration { - FposDFConf() { this = "FposDFConf" } - - override predicate isSource(DataFlow::Node source) { +module FposDFConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { // source must be the second parameter of a FgetposCall call source = DataFlow::definitionByReferenceNodeFromArgument(any(FgetposCall c).getArgument(1)) } - override predicate isSink(DataFlow::Node sink) { + predicate isSink(DataFlow::Node sink) { // sink must be the second parameter of a FsetposCall call sink.asExpr() = any(FsetposCall c).getArgument(1) } } +module FposDFFlow = DataFlow::Global; + from FsetposCall fsetpos where not isExcluded(fsetpos.getArgument(1), IO2Package::onlyUseValuesForFsetposThatAreReturnedFromFgetposQuery()) and - not any(FposDFConf dfConf).hasFlowToExpr(fsetpos.getArgument(1)) + not FposDFFlow::flowToExpr(fsetpos.getArgument(1)) select fsetpos.getArgument(1), "The position argument of a call to `fsetpos()` should be obtained from a call to `fgetpos()`." diff --git a/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql b/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql index 0d334a89f8..512b783030 100644 --- a/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql +++ b/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql @@ -16,7 +16,7 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.Alignment import codingstandards.cpp.dataflow.DataFlow -import DataFlow::PathGraph +import AlignedAllocToReallocFlow::PathGraph int getStatedValue(Expr e) { // `upperBound(e)` defaults to `exprMaxVal(e)` when `e` isn't analyzable. So to get a meaningful @@ -37,22 +37,22 @@ class ReallocCall extends FunctionCall { ReallocCall() { this.getTarget().hasName("realloc") } } -class AlignedAllocToReallocConfig extends DataFlow::Configuration { - AlignedAllocToReallocConfig() { this = "AlignedAllocToReallocConfig" } - - override predicate isSource(DataFlow::Node source) { +module AlignedAllocToReallocConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { source.asExpr() instanceof NonDefaultAlignedAllocCall } - override predicate isSink(DataFlow::Node sink) { + predicate isSink(DataFlow::Node sink) { exists(ReallocCall realloc | sink.asExpr() = realloc.getArgument(0)) } } -from AlignedAllocToReallocConfig cfg, DataFlow::PathNode source, DataFlow::PathNode sink +module AlignedAllocToReallocFlow = DataFlow::Global; + +from AlignedAllocToReallocFlow::PathNode source, AlignedAllocToReallocFlow::PathNode sink where not isExcluded(sink.getNode().asExpr(), Memory2Package::doNotModifyAlignmentOfMemoryWithReallocQuery()) and - cfg.hasFlowPath(source, sink) + AlignedAllocToReallocFlow::flowPath(source, sink) select sink, source, sink, "Memory allocated with $@ but reallocated with realloc.", source.getNode().asExpr(), "aligned_alloc" diff --git a/c/cert/src/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.ql b/c/cert/src/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.ql index f9e2c605ae..52dd0b1046 100644 --- a/c/cert/src/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.ql +++ b/c/cert/src/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.ql @@ -30,22 +30,22 @@ class AsctimeArg extends Expr { * Dataflow configuration for flow from a library function * to a call of function `asctime` */ -class TmStructSafeConfig extends DataFlow::Configuration { - TmStructSafeConfig() { this = "TmStructSafeConfig" } - - override predicate isSource(DataFlow::Node src) { +module TmStructSafeConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node src) { src.asExpr() .(FunctionCall) .getTarget() .hasGlobalName(["localtime", "localtime_r", "localtime_s", "gmtime", "gmtime_r", "gmtime_s"]) } - override predicate isSink(DataFlow::Node sink) { sink.asExpr() instanceof AsctimeArg } + predicate isSink(DataFlow::Node sink) { sink.asExpr() instanceof AsctimeArg } } -from AsctimeArg fc, TmStructSafeConfig config +module TmStructSafeFlow = DataFlow::Global; + +from AsctimeArg fc where not isExcluded(fc, Contracts7Package::doNotPassInvalidDataToTheAsctimeFunctionQuery()) and - not config.hasFlowToExpr(fc) + not TmStructSafeFlow::flowToExpr(fc) select fc, "The function `asctime` and `asctime_r` should be discouraged. Unsanitized input can overflow the output buffer." diff --git a/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql b/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql index 457c1803ba..821b79c8e4 100644 --- a/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql +++ b/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql @@ -35,17 +35,17 @@ class VaEndArg extends VaAccess { * Dataflow configuration for flow from a library function * to a call of function `asctime` */ -class VaArgConfig extends DataFlow::Configuration { - VaArgConfig() { this = "VaArgConfig" } - - override predicate isSource(DataFlow::Node src) { +module VaArgConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node src) { src.asUninitialized() = any(VariableDeclarationEntry m | m.getType().hasName("va_list")).getVariable() } - override predicate isSink(DataFlow::Node sink) { sink.asExpr() instanceof VaAccess } + predicate isSink(DataFlow::Node sink) { sink.asExpr() instanceof VaAccess } } +module VaArgFlow = DataFlow::Global; + /** * Controlflow nodes preceeding a call to `va_arg` */ @@ -65,9 +65,9 @@ ControlFlowNode preceedsFC(VaAccess va_arg) { } predicate sameSource(VaAccess e1, VaAccess e2) { - exists(VaArgConfig config, DataFlow::Node source | - config.hasFlow(source, DataFlow::exprNode(e1)) and - config.hasFlow(source, DataFlow::exprNode(e2)) + exists(DataFlow::Node source | + VaArgFlow::flow(source, DataFlow::exprNode(e1)) and + VaArgFlow::flow(source, DataFlow::exprNode(e2)) ) } diff --git a/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql b/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql index 7fbdc276c5..40f19ed4a0 100644 --- a/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql +++ b/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql @@ -39,12 +39,8 @@ class ModifiesFirstArgFunction extends BufferWrite, FunctionCall { * literal that is assigned to a non modifiable type or wherein the string * literal arises as a argument to a function that may modify its argument. */ -class ImplicitOrExplicitStringLiteralModifiedConfiguration extends DataFlow::Configuration { - ImplicitOrExplicitStringLiteralModifiedConfiguration() { - this = "ImplicitOrExplicitStringLiteralModifiedConfiguration" - } - - override predicate isSource(DataFlow::Node node) { +module ImplicitOrExplicitStringLiteralModifiedConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node node) { // usage through variables exists(Variable v | v.getAnAssignedValue() = node.asExpr() and @@ -65,7 +61,7 @@ class ImplicitOrExplicitStringLiteralModifiedConfiguration extends DataFlow::Con ) } - override predicate isSink(DataFlow::Node node) { + predicate isSink(DataFlow::Node node) { // it's either a buffer write of some kind that we // know about exists(BufferWrite bw | bw.getDest() = node.asExpr()) @@ -77,6 +73,9 @@ class ImplicitOrExplicitStringLiteralModifiedConfiguration extends DataFlow::Con } } +module ImplicitOrExplicitStringLiteralModifiedFlow = + DataFlow::Global; + class MaybeReturnsStringLiteralFunctionCall extends FunctionCall { MaybeReturnsStringLiteralFunctionCall() { getTarget().getName() in [ @@ -144,11 +143,12 @@ class ImplicitStringLiteralBase extends Expr { } } -from Expr literal, Expr literalWrite, ImplicitOrExplicitStringLiteralModifiedConfiguration config +from Expr literal, Expr literalWrite where not isExcluded(literal, Strings1Package::doNotAttemptToModifyStringLiteralsQuery()) and not isExcluded(literalWrite, Strings1Package::doNotAttemptToModifyStringLiteralsQuery()) and - config.hasFlow(DataFlow::exprNode(literal), DataFlow::exprNode(literalWrite)) + ImplicitOrExplicitStringLiteralModifiedFlow::flow(DataFlow::exprNode(literal), + DataFlow::exprNode(literalWrite)) select literalWrite, "This operation may write to a string that may be a string literal that was $@.", literal, "created here" diff --git a/c/common/src/codingstandards/c/OutOfBounds.qll b/c/common/src/codingstandards/c/OutOfBounds.qll index d6d68d04d5..87c7c17870 100644 --- a/c/common/src/codingstandards/c/OutOfBounds.qll +++ b/c/common/src/codingstandards/c/OutOfBounds.qll @@ -906,13 +906,10 @@ module OOB { override predicate isNotNullTerminated() { none() } } - private class PointerToObjectSourceOrSizeToBufferAccessFunctionConfig extends DataFlow::Configuration + private module PointerToObjectSourceOrSizeToBufferAccessFunctionConfig implements + DataFlow::ConfigSig { - PointerToObjectSourceOrSizeToBufferAccessFunctionConfig() { - this = "PointerToObjectSourceOrSizeToBufferAccessFunctionConfig" - } - - override predicate isSource(DataFlow::Node source) { + predicate isSource(DataFlow::Node source) { source.asExpr() instanceof PointerToObjectSource or exists(PointerToObjectSource ptr | @@ -921,7 +918,7 @@ module OOB { ) } - override predicate isSink(DataFlow::Node sink) { + predicate isSink(DataFlow::Node sink) { exists(BufferAccess ba, Expr arg | ( arg = ba.(BufferAccessLibraryFunctionCall).getAnArgument() or @@ -934,7 +931,7 @@ module OOB { ) } - override predicate isBarrierOut(DataFlow::Node node) { + predicate isBarrierOut(DataFlow::Node node) { // the default interprocedural data-flow model flows through any array assignment expressions // to the qualifier (array base or pointer dereferenced) instead of the individual element // that the assignment modifies. this default behaviour causes false positives for any future @@ -955,10 +952,14 @@ module OOB { } } + private module PointerToObjectSourceOrSizeToBufferAccessFunctionFlow = + DataFlow::Global; + private predicate hasFlowFromBufferOrSizeExprToUse(Expr source, Expr use) { - exists(PointerToObjectSourceOrSizeToBufferAccessFunctionConfig config, Expr useOrChild | + exists(Expr useOrChild | exists(getArithmeticOffsetValue(use, useOrChild)) and - config.hasFlow(DataFlow::exprNode(source), DataFlow::exprNode(useOrChild)) + PointerToObjectSourceOrSizeToBufferAccessFunctionFlow::flow(DataFlow::exprNode(source), + DataFlow::exprNode(useOrChild)) ) } diff --git a/c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.expected b/c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.expected index 0011556fd0..d0ba3bdb5c 100644 --- a/c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.expected +++ b/c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.expected @@ -4,15 +4,19 @@ problems | test.c:13:10:13:11 | p4 | test.c:5:14:5:15 | l2 | test.c:13:10:13:11 | p4 | Subtraction between left operand pointing to array $@ and other operand pointing to array $@. | test.c:3:7:3:8 | l2 | l2 | test.c:2:7:2:8 | l1 | l1 | | test.c:13:15:13:16 | l1 | test.c:13:15:13:16 | l1 | test.c:13:15:13:16 | l1 | Subtraction between right operand pointing to array $@ and other operand pointing to array $@. | test.c:2:7:2:8 | l1 | l1 | test.c:3:7:3:8 | l2 | l2 | edges -| test.c:4:14:4:15 | l1 | test.c:10:10:10:11 | p1 | -| test.c:4:14:4:15 | l1 | test.c:12:10:12:11 | p1 | -| test.c:5:14:5:15 | l2 | test.c:11:10:11:11 | p2 | -| test.c:5:14:5:15 | l2 | test.c:12:15:12:16 | p2 | -| test.c:5:14:5:15 | l2 | test.c:13:10:13:11 | p4 | -| test.c:5:14:5:15 | l2 | test.c:14:10:14:11 | p4 | +| test.c:4:14:4:15 | l1 | test.c:4:14:4:18 | access to array | +| test.c:4:14:4:18 | access to array | test.c:10:10:10:11 | p1 | +| test.c:4:14:4:18 | access to array | test.c:12:10:12:11 | p1 | +| test.c:5:14:5:15 | l2 | test.c:5:14:5:19 | access to array | +| test.c:5:14:5:19 | access to array | test.c:11:10:11:11 | p2 | +| test.c:5:14:5:19 | access to array | test.c:12:15:12:16 | p2 | +| test.c:5:14:5:19 | access to array | test.c:13:10:13:11 | p4 | +| test.c:5:14:5:19 | access to array | test.c:14:10:14:11 | p4 | nodes | test.c:4:14:4:15 | l1 | semmle.label | l1 | +| test.c:4:14:4:18 | access to array | semmle.label | access to array | | test.c:5:14:5:15 | l2 | semmle.label | l2 | +| test.c:5:14:5:19 | access to array | semmle.label | access to array | | test.c:10:10:10:11 | p1 | semmle.label | p1 | | test.c:10:15:10:16 | l1 | semmle.label | l1 | | test.c:11:10:11:11 | p2 | semmle.label | p2 | diff --git a/c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.expected b/c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.expected index 5431867345..8db569a98d 100644 --- a/c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.expected +++ b/c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.expected @@ -11,20 +11,26 @@ problems | test.c:25:7:25:14 | ... >= ... | test.c:25:13:25:14 | l3 | test.c:25:13:25:14 | l3 | Compare operation >= comparing right operand pointing to array $@ and other operand pointing to array $@. | test.c:4:7:4:8 | l3 | l3 | test.c:2:7:2:8 | l1 | l1 | edges | test.c:6:13:6:14 | l1 | test.c:13:12:13:13 | p0 | -| test.c:7:14:7:15 | l1 | test.c:11:7:11:8 | p1 | -| test.c:7:14:7:15 | l1 | test.c:13:7:13:8 | p1 | -| test.c:7:14:7:15 | l1 | test.c:15:13:15:14 | p1 | -| test.c:7:14:7:15 | l1 | test.c:17:7:17:8 | p1 | -| test.c:7:14:7:15 | l1 | test.c:23:13:23:14 | p1 | -| test.c:7:14:7:15 | l1 | test.c:25:7:25:8 | p1 | -| test.c:8:14:8:15 | l1 | test.c:11:12:11:13 | p2 | -| test.c:8:14:8:15 | l1 | test.c:21:7:21:8 | p2 | -| test.c:9:14:9:15 | l2 | test.c:21:12:21:13 | p3 | +| test.c:7:14:7:15 | l1 | test.c:7:14:7:18 | access to array | +| test.c:7:14:7:18 | access to array | test.c:11:7:11:8 | p1 | +| test.c:7:14:7:18 | access to array | test.c:13:7:13:8 | p1 | +| test.c:7:14:7:18 | access to array | test.c:15:13:15:14 | p1 | +| test.c:7:14:7:18 | access to array | test.c:17:7:17:8 | p1 | +| test.c:7:14:7:18 | access to array | test.c:23:13:23:14 | p1 | +| test.c:7:14:7:18 | access to array | test.c:25:7:25:8 | p1 | +| test.c:8:14:8:15 | l1 | test.c:8:14:8:18 | access to array | +| test.c:8:14:8:18 | access to array | test.c:11:12:11:13 | p2 | +| test.c:8:14:8:18 | access to array | test.c:21:7:21:8 | p2 | +| test.c:9:14:9:15 | l2 | test.c:9:14:9:18 | access to array | +| test.c:9:14:9:18 | access to array | test.c:21:12:21:13 | p3 | nodes | test.c:6:13:6:14 | l1 | semmle.label | l1 | | test.c:7:14:7:15 | l1 | semmle.label | l1 | +| test.c:7:14:7:18 | access to array | semmle.label | access to array | | test.c:8:14:8:15 | l1 | semmle.label | l1 | +| test.c:8:14:8:18 | access to array | semmle.label | access to array | | test.c:9:14:9:15 | l2 | semmle.label | l2 | +| test.c:9:14:9:18 | access to array | semmle.label | access to array | | test.c:11:7:11:8 | p1 | semmle.label | p1 | | test.c:11:12:11:13 | p2 | semmle.label | p2 | | test.c:13:7:13:8 | p1 | semmle.label | p1 | diff --git a/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql b/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql index 6a0ff9833a..208e8153d6 100644 --- a/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql +++ b/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql @@ -44,21 +44,22 @@ class ArrayParameter extends Parameter { */ int countElements(ArrayAggregateLiteral l) { result = count(l.getAnElementExpr(_)) } -class SmallArrayConfig extends DataFlow::Configuration { - SmallArrayConfig() { this = "SmallArrayConfig" } +module SmallArrayConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node src) { src.asExpr() instanceof ArrayAggregateLiteral } - override predicate isSource(DataFlow::Node src) { src.asExpr() instanceof ArrayAggregateLiteral } - - override predicate isSink(DataFlow::Node sink) { + predicate isSink(DataFlow::Node sink) { sink.asExpr() = any(ArrayParameter p).getAMatchingArgument() } } +module SmallArrayFlow = DataFlow::Global; + from Expr arg, ArrayParameter p where not isExcluded(arg, Contracts6Package::arrayFunctionArgumentNumberOfElementsQuery()) and - exists(SmallArrayConfig config | arg = p.getAMatchingArgument() | - // the argument is a value and not an arrey + arg = p.getAMatchingArgument() and + ( + // the argument is a value and not an array not arg.getType() instanceof DerivedType or // the argument is an array too small @@ -67,7 +68,7 @@ where // the argument is a pointer and its value does not come from a literal of the correct arg.getType() instanceof PointerType and not exists(ArrayAggregateLiteral l | - config.hasFlow(DataFlow::exprNode(l), DataFlow::exprNode(arg)) and + SmallArrayFlow::flow(DataFlow::exprNode(l), DataFlow::exprNode(arg)) and countElements(l) >= p.getArraySize() ) ) diff --git a/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql b/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql index 96d6dedcb3..44e21d14db 100644 --- a/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql +++ b/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql @@ -16,13 +16,11 @@ import cpp import codingstandards.c.misra import codingstandards.c.misra.EssentialTypes import codingstandards.cpp.dataflow.TaintTracking -import DataFlow::PathGraph +import NullTerminatedStringToMemcmpFlow::PathGraph // Data flow from a StringLiteral or from an array of characters, to a memcmp call -class NullTerminatedStringToMemcmpConfiguration extends TaintTracking::Configuration { - NullTerminatedStringToMemcmpConfiguration() { this = "NullTerminatedStringToMemcmpConfiguration" } - - override predicate isSource(DataFlow::Node source) { +module NullTerminatedStringToMemcmpConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { source.asExpr() instanceof StringLiteral or exists(Variable v, ArrayAggregateLiteral aal | @@ -48,7 +46,7 @@ class NullTerminatedStringToMemcmpConfiguration extends TaintTracking::Configura ) } - override predicate isSink(DataFlow::Node sink) { + predicate isSink(DataFlow::Node sink) { exists(FunctionCall memcmp | memcmp.getTarget().hasGlobalOrStdName("memcmp") and sink.asExpr() = memcmp.getArgument([0, 1]) @@ -56,20 +54,23 @@ class NullTerminatedStringToMemcmpConfiguration extends TaintTracking::Configura } } +module NullTerminatedStringToMemcmpFlow = TaintTracking::Global; + from - FunctionCall memcmp, DataFlow::PathNode source, DataFlow::PathNode sink, - DataFlow::PathNode source1, DataFlow::PathNode arg1, DataFlow::PathNode source2, - DataFlow::PathNode arg2 + FunctionCall memcmp, NullTerminatedStringToMemcmpFlow::PathNode source, + NullTerminatedStringToMemcmpFlow::PathNode sink, + NullTerminatedStringToMemcmpFlow::PathNode source1, + NullTerminatedStringToMemcmpFlow::PathNode arg1, + NullTerminatedStringToMemcmpFlow::PathNode source2, + NullTerminatedStringToMemcmpFlow::PathNode arg2 where not isExcluded(memcmp, EssentialTypesPackage::memcmpUsedToCompareNullTerminatedStringsQuery()) and memcmp.getTarget().hasGlobalOrStdName("memcmp") and arg1.getNode().asExpr() = memcmp.getArgument(0) and arg2.getNode().asExpr() = memcmp.getArgument(1) and // There is a path from a null-terminated string to each argument - exists(NullTerminatedStringToMemcmpConfiguration cfg | - cfg.hasFlowPath(source1, arg1) and - cfg.hasFlowPath(source2, arg2) - ) and + NullTerminatedStringToMemcmpFlow::flowPath(source1, arg1) and + NullTerminatedStringToMemcmpFlow::flowPath(source2, arg2) and // Produce multiple paths for each result, one for each source/arg pair ( source = source1 and sink = arg1 diff --git a/c/misra/src/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.ql b/c/misra/src/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.ql index 58d46176c2..6dc3b3ee71 100644 --- a/c/misra/src/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.ql +++ b/c/misra/src/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.ql @@ -15,22 +15,22 @@ import codingstandards.c.misra import codingstandards.cpp.standardlibrary.FileAccess import codingstandards.cpp.dataflow.DataFlow -class FileDFConf extends DataFlow::Configuration { - FileDFConf() { this = "FileDFConf" } - - override predicate isSource(DataFlow::Node source) { +module FileDFConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { // source is the return value of a call to fopen source.asExpr().(FOpenCall).isReadOnlyMode() } - override predicate isSink(DataFlow::Node sink) { + predicate isSink(DataFlow::Node sink) { // sink must be the second parameter of a FsetposCall call sink.asExpr() = any(FileWriteFunctionCall write).getFileExpr() } } -from FileDFConf dfConf, DataFlow::Node source, FileWriteFunctionCall sink +module FileDFFlow = DataFlow::Global; + +from DataFlow::Node source, FileWriteFunctionCall sink where not isExcluded(sink, IO3Package::attemptToWriteToAReadOnlyStreamQuery()) and - dfConf.hasFlow(source, DataFlow::exprNode(sink.getFileExpr())) + FileDFFlow::flow(source, DataFlow::exprNode(sink.getFileExpr())) select sink, "Attempt to write to a $@ opened as read-only.", source, "stream" diff --git a/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql b/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql index 22499946a0..307357a93a 100644 --- a/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql +++ b/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql @@ -19,14 +19,12 @@ import codingstandards.cpp.ReadErrorsAndEOF * The getchar() return value propagates directly to a check against EOF macro * type conversions are not allowed */ -class DFConf extends DataFlow::Configuration { - DFConf() { this = "DFConf" } - - override predicate isSource(DataFlow::Node source) { +module DFConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { source.asExpr() instanceof InBandErrorReadFunctionCall } - override predicate isSink(DataFlow::Node sink) { + predicate isSink(DataFlow::Node sink) { exists(EOFWEOFInvocation mi, EqualityOperation eq | // one operand is the sink sink.asExpr() = eq.getAnOperand() and @@ -35,11 +33,13 @@ class DFConf extends DataFlow::Configuration { ) } - override predicate isBarrier(DataFlow::Node barrier) { + predicate isBarrier(DataFlow::Node barrier) { barrier.asExpr() = any(IntegralConversion c).getExpr() } } +module DFFlow = DataFlow::Global; + // The equality operation `eq` checks a char fetched from `read` against a macro predicate isWeakMacroCheck(EqualityOperation eq, InBandErrorReadFunctionCall read) { exists(Expr c, EOFWEOFInvocation mi | @@ -51,10 +51,10 @@ predicate isWeakMacroCheck(EqualityOperation eq, InBandErrorReadFunctionCall rea ) } -from EqualityOperation eq, InBandErrorReadFunctionCall read, DFConf dfConf +from EqualityOperation eq, InBandErrorReadFunctionCall read where not isExcluded(eq, IO3Package::eofShallBeComparedWithUnmodifiedReturnValuesQuery()) and isWeakMacroCheck(eq, read) and - not dfConf.hasFlow(DataFlow::exprNode(read), DataFlow::exprNode(eq.getAnOperand())) + not DFFlow::flow(DataFlow::exprNode(read), DataFlow::exprNode(eq.getAnOperand())) select eq, "The check is not reliable as the type of the return value of $@ is converted.", read, read.toString() diff --git a/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql b/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql index 72496d703d..842dc14390 100644 --- a/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql +++ b/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql @@ -17,18 +17,14 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.SmartPointers import codingstandards.cpp.dataflow.TaintTracking -import DataFlow::PathGraph +import SingleObjectSmartPointerArrayConstructionFlow::PathGraph class AutosarSmartPointerArraySpecialisation extends AutosarSmartPointer { AutosarSmartPointerArraySpecialisation() { this.getOwnedObjectType() instanceof ArrayType } } -class SingleObjectSmartPointerArrayConstructionConfig extends TaintTracking::Configuration { - SingleObjectSmartPointerArrayConstructionConfig() { - this = "SingleObjectSmartPointerArrayConstructionConfig" - } - - override predicate isSource(DataFlow::Node source) { +module SingleObjectSmartPointerArrayConstructionConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { source.asExpr() instanceof NewArrayExpr or source.asExpr() = any(FunctionCall fc, MemberFunction mf | @@ -40,7 +36,7 @@ class SingleObjectSmartPointerArrayConstructionConfig extends TaintTracking::Con ) } - override predicate isSink(DataFlow::Node sink) { + predicate isSink(DataFlow::Node sink) { exists(AutosarSmartPointer sp | not sp instanceof AutosarSmartPointerArraySpecialisation and ( @@ -51,7 +47,7 @@ class SingleObjectSmartPointerArrayConstructionConfig extends TaintTracking::Con ) } - override predicate isAdditionalTaintStep(DataFlow::Node source, DataFlow::Node sink) { + predicate isAdditionalFlowStep(DataFlow::Node source, DataFlow::Node sink) { exists(AutosarUniquePointer sp, FunctionCall fc | fc = sp.getAReleaseCall() and source.asExpr() = fc.getQualifier() and @@ -59,7 +55,7 @@ class SingleObjectSmartPointerArrayConstructionConfig extends TaintTracking::Con ) } - override predicate isSanitizerIn(DataFlow::Node node) { + predicate isBarrierIn(DataFlow::Node node) { // Exclude flow into header files outside the source archive which are summarized by the // additional taint steps above. exists(AutosarUniquePointer sp | @@ -70,12 +66,15 @@ class SingleObjectSmartPointerArrayConstructionConfig extends TaintTracking::Con } } +module SingleObjectSmartPointerArrayConstructionFlow = + TaintTracking::Global; + from - SingleObjectSmartPointerArrayConstructionConfig config, DataFlow::PathNode source, - DataFlow::PathNode sink + SingleObjectSmartPointerArrayConstructionFlow::PathNode source, + SingleObjectSmartPointerArrayConstructionFlow::PathNode sink where not isExcluded(sink.getNode().asExpr(), PointersPackage::pointerToAnElementOfAnArrayPassedToASmartPointerQuery()) and - config.hasFlowPath(source, sink) + SingleObjectSmartPointerArrayConstructionFlow::flowPath(source, sink) select sink.getNode(), source, sink, "A pointer to an element of an array of objects flows to a smart pointer of a single object type." diff --git a/cpp/autosar/src/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.ql b/cpp/autosar/src/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.ql index 6caf641446..34b6660778 100644 --- a/cpp/autosar/src/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.ql +++ b/cpp/autosar/src/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.ql @@ -18,7 +18,7 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.Type import codingstandards.cpp.dataflow.DataFlow -import DataFlow::PathGraph +import NonFinalClassToPointerArithmeticExprFlow::PathGraph class ArrayAccessOrPointerArith extends Expr { ArrayAccessOrPointerArith() { @@ -42,12 +42,8 @@ class AddressOfPointerCreation extends ClassPointerCreation, AddressOfExpr { AddressOfPointerCreation() { this.getAnOperand().getUnderlyingType() instanceof Class } } -class NonFinalClassToPointerArithmeticExprConfig extends DataFlow::Configuration { - NonFinalClassToPointerArithmeticExprConfig() { - this = "NonFinalClassToPointerArithmeticExprConfig" - } - - override predicate isSource(DataFlow::Node source) { +module NonFinalClassToPointerArithmeticExprConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { exists(Class c | source.asExpr() instanceof ClassPointerCreation and source.asExpr().getUnderlyingType().(PointerType).getBaseType() = c @@ -56,17 +52,21 @@ class NonFinalClassToPointerArithmeticExprConfig extends DataFlow::Configuration ) } - override predicate isSink(DataFlow::Node sink) { + predicate isSink(DataFlow::Node sink) { exists(ArrayAccessOrPointerArith e | e.getAnOperand() = sink.asExpr()) } } +module NonFinalClassToPointerArithmeticExprFlow = + DataFlow::Global; + from - ArrayAccessOrPointerArith e, Class clz, Variable v, DataFlow::PathNode source, - DataFlow::PathNode sink + ArrayAccessOrPointerArith e, Class clz, Variable v, + NonFinalClassToPointerArithmeticExprFlow::PathNode source, + NonFinalClassToPointerArithmeticExprFlow::PathNode sink where not isExcluded(e, PointersPackage::pointerArithmeticUsedWithPointersToNonFinalClassesQuery()) and - any(NonFinalClassToPointerArithmeticExprConfig c).hasFlowPath(source, sink) and + NonFinalClassToPointerArithmeticExprFlow::flowPath(source, sink) and v.getAnAssignedValue() = source.getNode().asExpr() and ( e.(PointerArithmeticOperation).getAnOperand() = sink.getNode().asExpr() diff --git a/cpp/autosar/src/rules/A5-1-7/LambdaPassedToDecltype.ql b/cpp/autosar/src/rules/A5-1-7/LambdaPassedToDecltype.ql index da33fd5a78..afbd809664 100644 --- a/cpp/autosar/src/rules/A5-1-7/LambdaPassedToDecltype.ql +++ b/cpp/autosar/src/rules/A5-1-7/LambdaPassedToDecltype.ql @@ -17,26 +17,27 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.dataflow.DataFlow -class LambdaExpressionToInitializer extends DataFlow::Configuration { - LambdaExpressionToInitializer() { this = "LambdaExpressionToInitializer" } +module LambdaExpressionToInitializerConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { source.asExpr() instanceof LambdaExpression } - override predicate isSource(DataFlow::Node source) { source.asExpr() instanceof LambdaExpression } - - override predicate isSink(DataFlow::Node sink) { + predicate isSink(DataFlow::Node sink) { exists(Variable v | v.getInitializer().getExpr() = sink.asExpr()) } } +module LambdaExpressionToInitializerFlow = DataFlow::Global; + from Decltype dt, LambdaExpression lambda where not isExcluded(dt, LambdasPackage::lambdaPassedToDecltypeQuery()) and ( dt.getExpr() = lambda or - exists(LambdaExpressionToInitializer config, VariableAccess va, Variable v | + exists(VariableAccess va, Variable v | dt.getExpr() = va and v = va.getTarget() and - config.hasFlow(DataFlow::exprNode(lambda), DataFlow::exprNode(v.getInitializer().getExpr())) + LambdaExpressionToInitializerFlow::flow(DataFlow::exprNode(lambda), + DataFlow::exprNode(v.getInitializer().getExpr())) ) ) select dt, "Lambda $@ passed as operand to decltype.", lambda, "expression" diff --git a/cpp/autosar/src/rules/A5-1-7/LambdaPassedToTypeid.ql b/cpp/autosar/src/rules/A5-1-7/LambdaPassedToTypeid.ql index d43568af21..08dbecc755 100644 --- a/cpp/autosar/src/rules/A5-1-7/LambdaPassedToTypeid.ql +++ b/cpp/autosar/src/rules/A5-1-7/LambdaPassedToTypeid.ql @@ -16,21 +16,19 @@ import cpp import codingstandards.cpp.dataflow.DataFlow import codingstandards.cpp.autosar -import DataFlow::PathGraph +import LambdaExpressionToTypeidFlow::PathGraph -class LambdaExpressionToTypeid extends DataFlow::Configuration { - LambdaExpressionToTypeid() { this = "LambdaExpressionToTypeid" } +module LambdaExpressionToTypeidConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { source.asExpr() instanceof LambdaExpression } - override predicate isSource(DataFlow::Node source) { source.asExpr() instanceof LambdaExpression } - - override predicate isSink(DataFlow::Node sink) { - exists(TypeidOperator op | op.getExpr() = sink.asExpr()) - } + predicate isSink(DataFlow::Node sink) { exists(TypeidOperator op | op.getExpr() = sink.asExpr()) } } -from DataFlow::PathNode source, DataFlow::PathNode sink +module LambdaExpressionToTypeidFlow = DataFlow::Global; + +from LambdaExpressionToTypeidFlow::PathNode source, LambdaExpressionToTypeidFlow::PathNode sink where not isExcluded(source.getNode().asExpr(), LambdasPackage::lambdaPassedToTypeidQuery()) and - any(LambdaExpressionToTypeid config).hasFlowPath(source, sink) + LambdaExpressionToTypeidFlow::flowPath(source, sink) select sink.getNode(), source, sink, "Lambda $@ passed as operand to typeid operator.", source.getNode(), "expression" diff --git a/cpp/autosar/src/rules/M5-0-17/PointerSubtractionOnDifferentArrays.ql b/cpp/autosar/src/rules/M5-0-17/PointerSubtractionOnDifferentArrays.ql index dd8fbaa553..ec432cea42 100644 --- a/cpp/autosar/src/rules/M5-0-17/PointerSubtractionOnDifferentArrays.ql +++ b/cpp/autosar/src/rules/M5-0-17/PointerSubtractionOnDifferentArrays.ql @@ -16,40 +16,41 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.dataflow.DataFlow -import DataFlow::PathGraph +import ArrayToPointerDiffOperandFlow::PathGraph -class ArrayToPointerDiffOperandConfig extends DataFlow::Configuration { - ArrayToPointerDiffOperandConfig() { this = "ArrayToPointerDiffOperandConfig" } - - override predicate isSource(DataFlow::Node source) { +module ArrayToPointerDiffOperandConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { source.asExpr().(VariableAccess).getType() instanceof ArrayType or // Consider array to pointer decay for parameters. source.asExpr().(VariableAccess).getTarget().(Parameter).getType() instanceof ArrayType } - override predicate isSink(DataFlow::Node sink) { + predicate isSink(DataFlow::Node sink) { exists(PointerDiffExpr e | e.getAnOperand() = sink.asExpr()) } - override predicate isAdditionalFlowStep(DataFlow::Node pred, DataFlow::Node succ) { + predicate isAdditionalFlowStep(DataFlow::Node pred, DataFlow::Node succ) { // Add a flow step from the base to the array expression to track pointers to elements of the array. exists(ArrayExpr e | e.getArrayBase() = pred.asExpr() and e = succ.asExpr()) } } +module ArrayToPointerDiffOperandFlow = DataFlow::Global; + from PointerDiffExpr pointerSubstraction, Variable currentOperandPointee, Variable otherOperandPointee, - DataFlow::PathNode source, DataFlow::PathNode sink, string side + ArrayToPointerDiffOperandFlow::PathNode source, ArrayToPointerDiffOperandFlow::PathNode sink, + string side where not isExcluded(pointerSubstraction, PointersPackage::pointerSubtractionOnDifferentArraysQuery()) and - exists(ArrayToPointerDiffOperandConfig c, Variable sourceLeft, Variable sourceRight | - c.hasFlow(DataFlow::exprNode(sourceLeft.getAnAccess()), + exists(Variable sourceLeft, Variable sourceRight | + ArrayToPointerDiffOperandFlow::flow(DataFlow::exprNode(sourceLeft.getAnAccess()), DataFlow::exprNode(pointerSubstraction.getLeftOperand())) and - c.hasFlow(DataFlow::exprNode(sourceRight.getAnAccess()), + ArrayToPointerDiffOperandFlow::flow(DataFlow::exprNode(sourceRight.getAnAccess()), DataFlow::exprNode(pointerSubstraction.getRightOperand())) and not sourceLeft = sourceRight and - c.hasFlowPath(source, sink) and + ArrayToPointerDiffOperandFlow::flowPath(source, sink) and ( source.getNode().asExpr() = sourceLeft.getAnAccess() and sink.getNode().asExpr() = pointerSubstraction.getLeftOperand() and diff --git a/cpp/autosar/test/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.expected b/cpp/autosar/test/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.expected index a96c3fb64f..dcf263fc54 100644 --- a/cpp/autosar/test/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.expected +++ b/cpp/autosar/test/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.expected @@ -2,11 +2,13 @@ edges | test.cpp:3:36:3:45 | new[] | test.cpp:19:27:19:44 | call to allocate_int_array | | test.cpp:3:36:3:45 | new[] | test.cpp:23:12:23:29 | call to allocate_int_array | | test.cpp:3:36:3:45 | new[] | test.cpp:27:20:27:37 | call to allocate_int_array | -| test.cpp:11:29:11:41 | call to unique_ptr | test.cpp:12:30:12:36 | call to release | +| test.cpp:11:29:11:41 | call to unique_ptr | test.cpp:12:27:12:28 | v2 | +| test.cpp:12:27:12:28 | v2 | test.cpp:12:30:12:36 | call to release | | test.cpp:27:20:27:37 | call to allocate_int_array | test.cpp:32:12:32:20 | int_array | nodes | test.cpp:3:36:3:45 | new[] | semmle.label | new[] | | test.cpp:11:29:11:41 | call to unique_ptr | semmle.label | call to unique_ptr | +| test.cpp:12:27:12:28 | v2 | semmle.label | v2 | | test.cpp:12:30:12:36 | call to release | semmle.label | call to release | | test.cpp:19:27:19:44 | call to allocate_int_array | semmle.label | call to allocate_int_array | | test.cpp:23:12:23:29 | call to allocate_int_array | semmle.label | call to allocate_int_array | diff --git a/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.ql b/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.ql index 3b34500a80..a7756b6a6a 100644 --- a/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.ql +++ b/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.cpp.cert import codingstandards.cpp.dataflow.DataFlow -import DataFlow::PathGraph +import NonFinalClassToPointerArithmeticExprFlow::PathGraph class ArrayAccessOrPointerArith extends Expr { ArrayAccessOrPointerArith() { @@ -38,12 +38,8 @@ class AddressOfPointerCreation extends ClassPointerCreation, AddressOfExpr { AddressOfPointerCreation() { this.getAnOperand().getUnderlyingType() instanceof Class } } -class NonFinalClassToPointerArithmeticExprConfig extends DataFlow::Configuration { - NonFinalClassToPointerArithmeticExprConfig() { - this = "NonFinalClassToPointerArithmeticExprConfig" - } - - override predicate isSource(DataFlow::Node source) { +module NonFinalClassToPointerArithmeticExprConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { exists(Class c | source.asExpr() instanceof ClassPointerCreation and source.asExpr().getUnderlyingType().(PointerType).getBaseType() = c @@ -52,17 +48,21 @@ class NonFinalClassToPointerArithmeticExprConfig extends DataFlow::Configuration ) } - override predicate isSink(DataFlow::Node sink) { + predicate isSink(DataFlow::Node sink) { exists(ArrayAccessOrPointerArith e | e.getAnOperand() = sink.asExpr()) } } +module NonFinalClassToPointerArithmeticExprFlow = + DataFlow::Global; + from - ArrayAccessOrPointerArith e, Class clz, Variable v, DataFlow::PathNode source, - DataFlow::PathNode sink + ArrayAccessOrPointerArith e, Class clz, Variable v, + NonFinalClassToPointerArithmeticExprFlow::PathNode source, + NonFinalClassToPointerArithmeticExprFlow::PathNode sink where not isExcluded(e, PointersPackage::doNotUsePointerArithmeticOnPolymorphicObjectsQuery()) and - any(NonFinalClassToPointerArithmeticExprConfig c).hasFlowPath(source, sink) and + NonFinalClassToPointerArithmeticExprFlow::flowPath(source, sink) and v.getAnAssignedValue() = source.getNode().asExpr() and ( e.(PointerArithmeticOperation).getAnOperand() = sink.getNode().asExpr() diff --git a/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql b/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql index 6cb62e9046..bdf6a7973e 100644 --- a/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql +++ b/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql @@ -14,25 +14,25 @@ import cpp import codingstandards.cpp.cert import codingstandards.cpp.dataflow.DataFlow -import DataFlow::PathGraph +import AllocationToDeleteFlow::PathGraph -class AllocationToDeleteConfig extends DataFlow::Configuration { - AllocationToDeleteConfig() { this = "AllocationToDelete" } +module AllocationToDeleteConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { source.asExpr() instanceof NewArrayExpr } - override predicate isSource(DataFlow::Node source) { source.asExpr() instanceof NewArrayExpr } - - override predicate isSink(DataFlow::Node sink) { + predicate isSink(DataFlow::Node sink) { exists(DeleteArrayExpr dae | dae.getExpr() = sink.asExpr()) } } +module AllocationToDeleteFlow = DataFlow::Global; + from - AllocationToDeleteConfig config, DataFlow::PathNode source, DataFlow::PathNode sink, + AllocationToDeleteFlow::PathNode source, AllocationToDeleteFlow::PathNode sink, NewArrayExpr newArray, DeleteArrayExpr deleteArray where not isExcluded(deleteArray.getExpr(), FreedPackage::doNotDeleteAnArrayThroughAPointerOfTheIncorrectTypeQuery()) and - config.hasFlowPath(source, sink) and + AllocationToDeleteFlow::flowPath(source, sink) and newArray = source.getNode().asExpr() and deleteArray.getExpr() = sink.getNode().asExpr() and not newArray.getType().getUnspecifiedType() = deleteArray.getExpr().getType().getUnspecifiedType() diff --git a/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql b/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql index 64b05ce9d9..c25e1aa0ad 100644 --- a/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql +++ b/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql @@ -74,22 +74,20 @@ class NotWrappedNoThrowAllocExpr extends NoThrowAllocExpr { /** * A data flow configuration for finding nothrow allocation calls which are checked in some kind of guard. */ -class NoThrowNewErrorCheckConfig extends DataFlow::Configuration { - NoThrowNewErrorCheckConfig() { this = "NoThrowNewErrorCheckConfig" } - - override predicate isSource(DataFlow::Node source) { +module NoThrowNewErrorCheckConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { source.asExpr() instanceof NotWrappedNoThrowAllocExpr } - override predicate isSink(DataFlow::Node sink) { - sink.asExpr() = any(GuardCondition gc).getAChild*() - } + predicate isSink(DataFlow::Node sink) { sink.asExpr() = any(GuardCondition gc).getAChild*() } } +module NoThrowNewErrorCheckFlow = DataFlow::Global; + from NotWrappedNoThrowAllocExpr ae where not isExcluded(ae, AllocationsPackage::detectAndHandleMemoryAllocationErrorsQuery()) and - not any(NoThrowNewErrorCheckConfig nt).hasFlow(DataFlow::exprNode(ae), _) + not NoThrowNewErrorCheckFlow::flow(DataFlow::exprNode(ae), _) select ae, "nothrow new allocation of $@ returns here without a subsequent check to see whether the pointer is valid.", ae.getUnderlyingAlloc() as underlying, underlying.getType().getName() diff --git a/cpp/cert/src/rules/MEM53-CPP/ManuallyManagedLifetime.qll b/cpp/cert/src/rules/MEM53-CPP/ManuallyManagedLifetime.qll index d51151ff95..358a3583fc 100644 --- a/cpp/cert/src/rules/MEM53-CPP/ManuallyManagedLifetime.qll +++ b/cpp/cert/src/rules/MEM53-CPP/ManuallyManagedLifetime.qll @@ -3,7 +3,6 @@ import codingstandards.cpp.Conversion import codingstandards.cpp.TrivialType import ManuallyManagedLifetime import semmle.code.cpp.controlflow.Dominance -import codingstandards.cpp.dataflow.DataFlow2 import codingstandards.cpp.dataflow.TaintTracking /** @@ -11,10 +10,8 @@ import codingstandards.cpp.dataflow.TaintTracking * * We use a taint-tracking configuration because we also want to track sub-sections */ -class AllocToStaticCastConfig extends TaintTracking::Configuration { - AllocToStaticCastConfig() { this = "AllocToStaticCastConfig" } - - override predicate isSource(DataFlow::Node source) { +module AllocToStaticCastConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { exists(AllocationExpr ae | ae.getType().getUnspecifiedType() instanceof VoidPointerType and source.asExpr() = ae and @@ -23,7 +20,7 @@ class AllocToStaticCastConfig extends TaintTracking::Configuration { ) } - override predicate isSink(DataFlow::Node sink) { + predicate isSink(DataFlow::Node sink) { exists(StaticOrCStyleCast sc, Class nonTrivialClass | sc.getExpr() = sink.asExpr() and nonTrivialClass = sc.getType().getUnspecifiedType().(PointerType).getBaseType() and @@ -32,12 +29,14 @@ class AllocToStaticCastConfig extends TaintTracking::Configuration { } } +module AllocToStaticCastFlow = TaintTracking::Global; + /** * A cast of some existing memory, where we believe the resulting pointer has not been properly * constructed. */ class CastWithoutConstruction extends StaticOrCStyleCast { - CastWithoutConstruction() { any(AllocToStaticCastConfig c).hasFlowToExpr(getExpr()) } + CastWithoutConstruction() { AllocToStaticCastFlow::flowToExpr(getExpr()) } } /* @@ -96,18 +95,16 @@ class NonDestructingDeallocationCall extends Expr { * A data flow configuration from a `CastWithoutConstruction` to a free call on the memory without * an intervening destructor invocation. */ -class FreeWithoutDestructorConfig extends DataFlow2::Configuration { - FreeWithoutDestructorConfig() { this = "FreeWithoutDestructorConfig" } - - override predicate isSource(DataFlow::Node source) { +module FreeWithoutDestructorConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { source.asExpr() = any(CastWithoutConstruction c).getExpr() } - override predicate isSink(DataFlow::Node sink) { + predicate isSink(DataFlow::Node sink) { sink.asExpr() = any(NonDestructingDeallocationCall de).getFreedExpr() } - override predicate isBarrier(DataFlow::Node barrier) { + predicate isBarrier(DataFlow::Node barrier) { // Consider any expression which later has a destructor called upon it to be safe. exists(DirectOrIndirectDestructorCall dc | DataFlow::localFlow(barrier, DataFlow::exprNode(dc.getDestructedArgument())) @@ -122,7 +119,9 @@ class FreeWithoutDestructorConfig extends DataFlow2::Configuration { ) } - override predicate isAdditionalFlowStep(DataFlow::Node stepFrom, DataFlow::Node stepTo) { + predicate isAdditionalFlowStep(DataFlow::Node stepFrom, DataFlow::Node stepTo) { stepTo.asExpr().(StaticOrCStyleCast).getExpr() = stepFrom.asExpr() } } + +module FreeWithoutDestructorFlow = DataFlow::Global; diff --git a/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.ql b/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.ql index bc48af3a63..30c5280482 100644 --- a/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.ql +++ b/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.ql @@ -15,16 +15,16 @@ import codingstandards.cpp.cert import codingstandards.cpp.TrivialType import ManuallyManagedLifetime import codingstandards.cpp.dataflow.TaintTracking -import DataFlow::PathGraph +import AllocToStaticCastFlow::PathGraph /* * Find flow from a manual allocation returning void* to a static_cast (or c-style cast) * to a specific type. */ -from AllocToStaticCastConfig config, DataFlow::PathNode source, DataFlow::PathNode sink +from AllocToStaticCastFlow::PathNode source, AllocToStaticCastFlow::PathNode sink where not isExcluded(sink.getNode().asExpr(), AllocationsPackage::missingConstructorCallForManuallyManagedObjectQuery()) and - config.hasFlowPath(source, sink) + AllocToStaticCastFlow::flowPath(source, sink) select sink.getNode(), source, sink, "Allocation to cast without constructor call" diff --git a/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.ql b/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.ql index 26d128a98e..b498729d69 100644 --- a/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.ql +++ b/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.ql @@ -13,12 +13,12 @@ import cpp import codingstandards.cpp.cert import ManuallyManagedLifetime -import codingstandards.cpp.dataflow.DataFlow2 -import DataFlow2::PathGraph +import codingstandards.cpp.dataflow.DataFlow +import FreeWithoutDestructorFlow::PathGraph -from FreeWithoutDestructorConfig dc, DataFlow2::PathNode source, DataFlow2::PathNode sink +from FreeWithoutDestructorFlow::PathNode source, FreeWithoutDestructorFlow::PathNode sink where not isExcluded(sink.getNode().asExpr(), AllocationsPackage::missingDestructorCallForManuallyManagedObjectQuery()) and - dc.hasFlowPath(source, sink) + FreeWithoutDestructorFlow::flowPath(source, sink) select sink.getNode(), source, sink, "Memory freed without an appropriate destructor called." diff --git a/cpp/common/src/codingstandards/cpp/Concurrency.qll b/cpp/common/src/codingstandards/cpp/Concurrency.qll index ab4b11dffe..d856fa4515 100644 --- a/cpp/common/src/codingstandards/cpp/Concurrency.qll +++ b/cpp/common/src/codingstandards/cpp/Concurrency.qll @@ -610,7 +610,7 @@ abstract class ThreadDependentMutex extends DataFlow::Node { class FlowBasedThreadDependentMutex extends ThreadDependentMutex { FlowBasedThreadDependentMutex() { // some sort of dataflow, likely through parameter passing. - exists(ThreadDependentMutexTaintTrackingConfiguration config | config.hasFlow(this, sink)) + ThreadDependentMutexFlow::flow(this, sink) } } @@ -738,18 +738,16 @@ class DeclarationInitAccessBasedThreadDependentMutex extends ThreadDependentMute override DataFlow::Node getAUsage() { result = DataFlow::exprNode(variableSource.getAnAccess()) } } -class ThreadDependentMutexTaintTrackingConfiguration extends TaintTracking::Configuration { - ThreadDependentMutexTaintTrackingConfiguration() { - this = "ThreadDependentMutexTaintTrackingConfiguration" - } - - override predicate isSource(DataFlow::Node node) { node.asExpr() instanceof MutexSource } +module ThreadDependentMutexConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node node) { node.asExpr() instanceof MutexSource } - override predicate isSink(DataFlow::Node node) { + predicate isSink(DataFlow::Node node) { exists(ThreadCreationFunction f | f.getAnArgument() = node.asExpr()) } } +module ThreadDependentMutexFlow = TaintTracking::Global; + /** * Models expressions that destroy mutexes. */ diff --git a/cpp/common/src/codingstandards/cpp/Nullness.qll b/cpp/common/src/codingstandards/cpp/Nullness.qll index b04c013a2d..d76db4afad 100644 --- a/cpp/common/src/codingstandards/cpp/Nullness.qll +++ b/cpp/common/src/codingstandards/cpp/Nullness.qll @@ -1,19 +1,14 @@ import cpp import codingstandards.cpp.dataflow.DataFlow -import codingstandards.cpp.dataflow.DataFlow2 private class PointerToMember extends Variable { PointerToMember() { this.getType() instanceof PointerToMemberType } } -class NullPointerToPointerMemberExpressionConfig extends DataFlow::Configuration { - NullPointerToPointerMemberExpressionConfig() { - this = "NullPointerToPointerMemberExpressionConfig" - } - - override predicate isSource(DataFlow::Node source) { source.asExpr() instanceof NullValue } +module NullPointerToPointerMemberExpressionConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { source.asExpr() instanceof NullValue } - override predicate isSink(DataFlow::Node sink) { + predicate isSink(DataFlow::Node sink) { // The null value can flow to a pointer-to-member expressions that points to a function exists(VariableCall call, VariableAccess va | call.getQualifier() = va and va = sink.asExpr() | va.getTarget() instanceof PointerToMember @@ -24,12 +19,13 @@ class NullPointerToPointerMemberExpressionConfig extends DataFlow::Configuration } } -class NullValueToAssignmentConfig extends DataFlow2::Configuration { - NullValueToAssignmentConfig() { this = "NullValueToAssignmentConfig" } +module NullPointerToPointerMemberExpressionFlow = + DataFlow::Global; - override predicate isSource(DataFlow::Node source) { source.asExpr() instanceof NullValue } +module NullValueToAssignmentConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { source.asExpr() instanceof NullValue } - override predicate isSink(DataFlow::Node sink) { - exists(Assignment a | a.getRValue() = sink.asExpr()) - } + predicate isSink(DataFlow::Node sink) { exists(Assignment a | a.getRValue() = sink.asExpr()) } } + +module NullValueToAssignmentFlow = DataFlow::Global; diff --git a/cpp/common/src/codingstandards/cpp/allocations/PlacementNew.qll b/cpp/common/src/codingstandards/cpp/allocations/PlacementNew.qll index 39451a743b..5547f2e151 100644 --- a/cpp/common/src/codingstandards/cpp/allocations/PlacementNew.qll +++ b/cpp/common/src/codingstandards/cpp/allocations/PlacementNew.qll @@ -158,20 +158,20 @@ class AllocationExprPlacementNewOrigin extends PlacementNewMemoryOrigin { * A data flow configuration that identifies the origin of the placement argument to a placement * new expression. */ -class PlacementNewOriginConfig extends DataFlow::Configuration { - PlacementNewOriginConfig() { this = "PlacementNewOrigin" } +module PlacementNewOriginConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { source instanceof PlacementNewMemoryOrigin } - override predicate isSource(DataFlow::Node source) { source instanceof PlacementNewMemoryOrigin } - - override predicate isSink(DataFlow::Node sink) { + predicate isSink(DataFlow::Node sink) { sink.asExpr() = any(PlacementNewExpr pne).getPlacementExpr() // TODO direct calls to placement operator new? } - override predicate isAdditionalFlowStep(DataFlow::Node stepFrom, DataFlow::Node stepTo) { + predicate isAdditionalFlowStep(DataFlow::Node stepFrom, DataFlow::Node stepTo) { // Slightly surprisingly, we can't see the `StaticOrCStyleCast`s as a source out-of-the-box with data // flow - it's only reported under taint tracking. We therefore add a step through static // casts so that we can see them as sources. stepTo.asExpr().(StaticOrCStyleCast).getExpr() = stepFrom.asExpr() } } + +module PlacementNewOriginFlow = DataFlow::Global; diff --git a/cpp/common/src/codingstandards/cpp/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.qll b/cpp/common/src/codingstandards/cpp/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.qll index 2ee7036a1c..ab8659efd8 100644 --- a/cpp/common/src/codingstandards/cpp/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.qll +++ b/cpp/common/src/codingstandards/cpp/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.qll @@ -8,21 +8,23 @@ import codingstandards.cpp.Exclusions import codingstandards.cpp.Nullness import codingstandards.cpp.Expr import codingstandards.cpp.dataflow.DataFlow -import DataFlow::PathGraph +import NullPointerToPointerMemberExpressionFlow::PathGraph abstract class AccessOfUndefinedMemberThroughNullPointerSharedQuery extends Query { } Query getQuery() { result instanceof AccessOfUndefinedMemberThroughNullPointerSharedQuery } query predicate problems( - PointerToMemberExpr pointerToMemberExpr, DataFlow::PathNode source, DataFlow::PathNode sink, - string message, Location sourceLocation, string sourceDescription + PointerToMemberExpr pointerToMemberExpr, + NullPointerToPointerMemberExpressionFlow::PathNode source, + NullPointerToPointerMemberExpressionFlow::PathNode sink, string message, Location sourceLocation, + string sourceDescription ) { not isExcluded(pointerToMemberExpr, getQuery()) and message = "A null pointer-to-member value from $@ is passed as the second operand to a pointer-to-member expression." and sink.getNode().asExpr() = pointerToMemberExpr.getPointerExpr() and - any(NullPointerToPointerMemberExpressionConfig config).hasFlowPath(source, sink) and + NullPointerToPointerMemberExpressionFlow::flowPath(source, sink) and sourceLocation = source.getNode().getLocation() and sourceDescription = "initialization" } diff --git a/cpp/common/src/codingstandards/cpp/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.qll b/cpp/common/src/codingstandards/cpp/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.qll index 7055cce296..ca1e2a4282 100644 --- a/cpp/common/src/codingstandards/cpp/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.qll +++ b/cpp/common/src/codingstandards/cpp/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.qll @@ -44,7 +44,7 @@ newtype TStaticMemberPointerAbstractValue = AssignedNullValue(StaticMemberPointer ptr, Expr val) { // A null value tracked via the data flow graph exists(ControlFlowNode n | - any(NullValueToAssignmentConfig config).hasFlow(_, DataFlow::exprNode(val)) and + NullValueToAssignmentFlow::flow(_, DataFlow::exprNode(val)) and n.(Assignment).getLValue() = ptr.getAnAccess() and n.(Assignment).getRValue() = val ) @@ -63,7 +63,7 @@ newtype TStaticMemberPointerAbstractValue = AssignedNonNullValue(StaticMemberPointer ptr, Expr val) { // A non-null value tracked via the data flow graph exists(ControlFlowNode n | - not any(NullValueToAssignmentConfig config).hasFlow(_, DataFlow::exprNode(val)) and + NullValueToAssignmentFlow::flow(_, DataFlow::exprNode(val)) and n.(Assignment).getLValue() = ptr.getAnAccess() and n.(Assignment).getRValue() = val ) diff --git a/cpp/common/src/codingstandards/cpp/rules/constlikereturnvalue/ConstLikeReturnValue.qll b/cpp/common/src/codingstandards/cpp/rules/constlikereturnvalue/ConstLikeReturnValue.qll index 56d1bd3d47..f4636b6b13 100644 --- a/cpp/common/src/codingstandards/cpp/rules/constlikereturnvalue/ConstLikeReturnValue.qll +++ b/cpp/common/src/codingstandards/cpp/rules/constlikereturnvalue/ConstLikeReturnValue.qll @@ -6,7 +6,7 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.dataflow.DataFlow -import DataFlow::PathGraph +import DFFlow::PathGraph abstract class ConstLikeReturnValueSharedQuery extends Query { } @@ -41,22 +41,18 @@ class ObjectWrite extends Expr { /** * DF configuration for flows from a `NotModifiableCall` to a object modifications. */ -class DFConf extends DataFlow::Configuration { - DFConf() { this = "DFConf" } +module DFConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { source.asExpr() instanceof NotModifiableCall } - override predicate isSource(DataFlow::Node source) { - source.asExpr() instanceof NotModifiableCall - } - - override predicate isSink(DataFlow::Node sink) { sink.asExpr() instanceof ObjectWrite } + predicate isSink(DataFlow::Node sink) { sink.asExpr() instanceof ObjectWrite } } -query predicate problems( - Element e, DataFlow::PathNode source, DataFlow::PathNode sink, string message -) { +module DFFlow = DataFlow::Global; + +query predicate problems(Element e, DFFlow::PathNode source, DFFlow::PathNode sink, string message) { not isExcluded(e, getQuery()) and // the modified object comes from a call to one of the ENV functions - any(DFConf d).hasFlowPath(source, sink) and + DFFlow::flowPath(source, sink) and e = sink.getNode().asExpr() and message = "The object returned by the function " + diff --git a/cpp/common/src/codingstandards/cpp/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.qll b/cpp/common/src/codingstandards/cpp/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.qll index 20e73e938b..0aa8d64feb 100644 --- a/cpp/common/src/codingstandards/cpp/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.qll +++ b/cpp/common/src/codingstandards/cpp/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.qll @@ -7,48 +7,47 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.dataflow.DataFlow -import DataFlow::PathGraph +import ArrayToPointerDiffOperandFlow::PathGraph -class ArrayToPointerDiffOperandConfig extends DataFlow::Configuration { - ArrayToPointerDiffOperandConfig() { this = "ArrayToPointerDiffOperandConfig" } - - override predicate isSource(DataFlow::Node source) { +module ArrayToPointerDiffOperandConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { source.asExpr().(VariableAccess).getType() instanceof ArrayType or // Consider array to pointer decay for parameters. source.asExpr().(VariableAccess).getTarget().(Parameter).getType() instanceof ArrayType } - override predicate isSink(DataFlow::Node sink) { + predicate isSink(DataFlow::Node sink) { exists(PointerDiffExpr e | e.getAnOperand() = sink.asExpr()) } - override predicate isAdditionalFlowStep(DataFlow::Node pred, DataFlow::Node succ) { + predicate isAdditionalFlowStep(DataFlow::Node pred, DataFlow::Node succ) { // Add a flow step from the base to the array expression to track pointers to elements of the array. exists(ArrayExpr e | e.getArrayBase() = pred.asExpr() and e = succ.asExpr()) } } +module ArrayToPointerDiffOperandFlow = DataFlow::Global; + abstract class DoNotSubtractPointersAddressingDifferentArraysSharedQuery extends Query { } Query getQuery() { result instanceof DoNotSubtractPointersAddressingDifferentArraysSharedQuery } query predicate problems( - DataFlow::Node sinkNode, DataFlow::PathNode source, DataFlow::PathNode sink, string message, - Variable currentOperandPointee, string currentOperandPointeeName, Variable otherOperandPointee, - string otherOperandPointeeName + DataFlow::Node sinkNode, ArrayToPointerDiffOperandFlow::PathNode source, + ArrayToPointerDiffOperandFlow::PathNode sink, string message, Variable currentOperandPointee, + string currentOperandPointeeName, Variable otherOperandPointee, string otherOperandPointeeName ) { exists( - PointerDiffExpr pointerSubtraction, string side, ArrayToPointerDiffOperandConfig c, - Variable sourceLeft, Variable sourceRight + PointerDiffExpr pointerSubtraction, string side, Variable sourceLeft, Variable sourceRight | not isExcluded(pointerSubtraction, getQuery()) and - c.hasFlow(DataFlow::exprNode(sourceLeft.getAnAccess()), + ArrayToPointerDiffOperandFlow::flow(DataFlow::exprNode(sourceLeft.getAnAccess()), DataFlow::exprNode(pointerSubtraction.getLeftOperand())) and - c.hasFlow(DataFlow::exprNode(sourceRight.getAnAccess()), + ArrayToPointerDiffOperandFlow::flow(DataFlow::exprNode(sourceRight.getAnAccess()), DataFlow::exprNode(pointerSubtraction.getRightOperand())) and not sourceLeft = sourceRight and - c.hasFlowPath(source, sink) and + ArrayToPointerDiffOperandFlow::flowPath(source, sink) and ( source.getNode().asExpr() = sourceLeft.getAnAccess() and sink.getNode().asExpr() = pointerSubtraction.getLeftOperand() and diff --git a/cpp/common/src/codingstandards/cpp/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.qll b/cpp/common/src/codingstandards/cpp/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.qll index 5fce6d99fc..dd10b840c5 100644 --- a/cpp/common/src/codingstandards/cpp/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.qll +++ b/cpp/common/src/codingstandards/cpp/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.qll @@ -18,24 +18,22 @@ Query getQuery() { result instanceof DoNotUsePointerArithmeticToAddressDifferent * A data-flow configuration that tracks access to an array to type to an array index expression. * This is used to determine possible pointer to array creations. */ -class ArrayToArrayExprConfig extends DataFlow::Configuration { - ArrayToArrayExprConfig() { this = "ArrayToArrayIndexConfig" } - - override predicate isSource(DataFlow::Node source) { +module ArrayToArrayExprConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { source.asExpr().(VariableAccess).getType() instanceof ArrayType } - override predicate isSink(DataFlow::Node sink) { - exists(ArrayExpr c | c.getArrayBase() = sink.asExpr()) - } + predicate isSink(DataFlow::Node sink) { exists(ArrayExpr c | c.getArrayBase() = sink.asExpr()) } } +module ArrayToArrayExprFlow = DataFlow::Global; + /** Holds if the address taken expression `addressOf` takes the address of an array element at `index` of `array` with size `arraySize`. */ predicate pointerOperandCreation(AddressOfExpr addressOf, Variable array, int arraySize, int index) { arraySize = array.getType().(ArrayType).getArraySize() and exists(ArrayExpr ae | - any(ArrayToArrayExprConfig cfg) - .hasFlow(DataFlow::exprNode(array.getAnAccess()), DataFlow::exprNode(ae.getArrayBase())) and + ArrayToArrayExprFlow::flow(DataFlow::exprNode(array.getAnAccess()), + DataFlow::exprNode(ae.getArrayBase())) and index = lowerBound(ae.getArrayOffset().getFullyConverted()) and addressOf.getOperand() = ae ) diff --git a/cpp/common/src/codingstandards/cpp/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.qll b/cpp/common/src/codingstandards/cpp/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.qll index c8ac2fd873..155ed1a7f4 100644 --- a/cpp/common/src/codingstandards/cpp/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.qll +++ b/cpp/common/src/codingstandards/cpp/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.qll @@ -8,7 +8,7 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.dataflow.DataFlow -import DataFlow::PathGraph +import ArrayToRelationalOperationOperandFlow::PathGraph abstract class DoNotUseRelationalOperatorsWithDifferingArraysSharedQuery extends Query { } @@ -32,21 +32,22 @@ class DecayedArrayAccess extends ArraySource { } } -class ArrayToRelationalOperationOperandConfig extends DataFlow::Configuration { - ArrayToRelationalOperationOperandConfig() { this = "ArrayToRelationalOperationOperandConfig" } +module ArrayToRelationalOperationOperandConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { source instanceof ArraySource } - override predicate isSource(DataFlow::Node source) { source instanceof ArraySource } - - override predicate isSink(DataFlow::Node sink) { + predicate isSink(DataFlow::Node sink) { exists(RelationalOperation op | op.getAnOperand() = sink.asExpr()) } - override predicate isAdditionalFlowStep(DataFlow::Node pred, DataFlow::Node succ) { + predicate isAdditionalFlowStep(DataFlow::Node pred, DataFlow::Node succ) { // Add a flow step from the base to the array expression to track pointers to elements of the array. exists(ArrayExpr e | e.getArrayBase() = pred.asExpr() and e = succ.asExpr()) } } +module ArrayToRelationalOperationOperandFlow = + DataFlow::Global; + predicate isComparingPointers(RelationalOperation op) { forall(Expr operand | operand = op.getAnOperand() | operand.getType() instanceof PointerType or operand.getType() instanceof ArrayType @@ -54,22 +55,20 @@ predicate isComparingPointers(RelationalOperation op) { } query predicate problems( - RelationalOperation compare, DataFlow::PathNode source, DataFlow::PathNode sink, string message, + RelationalOperation compare, ArrayToRelationalOperationOperandFlow::PathNode source, + ArrayToRelationalOperationOperandFlow::PathNode sink, string message, Variable selectedOperandPointee, string selectedOperandPointeeName, Variable otherOperandPointee, string otherOperandPointeeName ) { not isExcluded(compare, getQuery()) and - exists( - ArrayToRelationalOperationOperandConfig c, Variable sourceLeft, Variable sourceRight, - string side - | - c.hasFlow(DataFlow::exprNode(sourceLeft.getAnAccess()), + exists(Variable sourceLeft, Variable sourceRight, string side | + ArrayToRelationalOperationOperandFlow::flow(DataFlow::exprNode(sourceLeft.getAnAccess()), DataFlow::exprNode(compare.getLeftOperand())) and - c.hasFlow(DataFlow::exprNode(sourceRight.getAnAccess()), + ArrayToRelationalOperationOperandFlow::flow(DataFlow::exprNode(sourceRight.getAnAccess()), DataFlow::exprNode(compare.getRightOperand())) and not sourceLeft = sourceRight and isComparingPointers(compare) and - c.hasFlowPath(source, sink) and + ArrayToRelationalOperationOperandFlow::flowPath(source, sink) and ( source.getNode().asExpr() = sourceLeft.getAnAccess() and sink.getNode().asExpr() = compare.getLeftOperand() and diff --git a/cpp/common/src/codingstandards/cpp/rules/nonconstantformat/NonConstantFormat.qll b/cpp/common/src/codingstandards/cpp/rules/nonconstantformat/NonConstantFormat.qll index b73a648eeb..91b2b05a3f 100644 --- a/cpp/common/src/codingstandards/cpp/rules/nonconstantformat/NonConstantFormat.qll +++ b/cpp/common/src/codingstandards/cpp/rules/nonconstantformat/NonConstantFormat.qll @@ -106,28 +106,28 @@ predicate isSanitizerNode(DataFlow::Node node) { cannotContainString(node.getType()) } -class NonConstFlow extends TaintTracking::Configuration { - NonConstFlow() { this = "NonConstFlow" } - - override predicate isSource(DataFlow::Node source) { +module NonConstConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { isNonConst(source) and not cannotContainString(source.getType()) } - override predicate isSink(DataFlow::Node sink) { + predicate isSink(DataFlow::Node sink) { exists(FormattingFunctionCall fc | sink.asExpr() = fc.getArgument(fc.getFormatParameterIndex())) } - override predicate isSanitizer(DataFlow::Node node) { isSanitizerNode(node) } + predicate isBarrier(DataFlow::Node node) { isSanitizerNode(node) } } +module NonConstFlow = TaintTracking::Global; + query predicate problems( Expr formatString, string message, FormattingFunctionCall call, string formatStringDescription ) { not isExcluded(formatString, getQuery()) and call.getArgument(call.getFormatParameterIndex()) = formatString and - exists(NonConstFlow cf, DataFlow::Node source, DataFlow::Node sink | - cf.hasFlow(source, sink) and + exists(DataFlow::Node source, DataFlow::Node sink | + NonConstFlow::flow(source, sink) and sink.asExpr() = formatString ) and message = diff --git a/cpp/common/src/codingstandards/cpp/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.qll b/cpp/common/src/codingstandards/cpp/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.qll index e8025db05b..bede451e24 100644 --- a/cpp/common/src/codingstandards/cpp/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.qll @@ -8,8 +8,7 @@ import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.Allocations import codingstandards.cpp.dataflow.DataFlow -import codingstandards.cpp.dataflow.DataFlow2 -import DataFlow::PathGraph +import NonDynamicPointerToFreeFlow::PathGraph /** * A pointer to potentially dynamically allocated memory @@ -69,40 +68,32 @@ class AddressOfExprSourceNode extends Expr { ) ) and // exclude alloc(&allocated_ptr) cases - not any(DynamicMemoryAllocationToAddressOfDefiningArgConfig cfg) - .hasFlowTo(DataFlow::definitionByReferenceNodeFromArgument(this)) + not DynamicMemoryAllocationToAddressOfDefiningArgFlow::flowTo(DataFlow::definitionByReferenceNodeFromArgument(this)) } } /** * A data-flow configuration that tracks flow from an `AllocExprSource` to a `FreeExprSink`. */ -class DynamicMemoryAllocationToAddressOfDefiningArgConfig extends DataFlow2::Configuration { - DynamicMemoryAllocationToAddressOfDefiningArgConfig() { - this = "DynamicMemoryAllocationToAddressOfDefiningArgConfig" - } - - override predicate isSource(DataFlow::Node source) { source instanceof AllocExprSource } +module DynamicMemoryAllocationToAddressOfDefiningArgConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { source instanceof AllocExprSource } - override predicate isSink(DataFlow::Node sink) { - sink.asDefiningArgument() instanceof AddressOfExpr - } + predicate isSink(DataFlow::Node sink) { sink.asDefiningArgument() instanceof AddressOfExpr } } +module DynamicMemoryAllocationToAddressOfDefiningArgFlow = + DataFlow::Global; + /** * A data-flow configuration that tracks flow from a * `NonDynamicallyAllocatedVariableAssignment` to a `FreeExprSink`. */ -class NonDynamicPointerToFreeConfig extends DataFlow::Configuration { - NonDynamicPointerToFreeConfig() { this = "NonDynamicPointerToFreeConfig" } +module NonDynamicPointerToFreeConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { source.asExpr() instanceof AddressOfExprSourceNode } - override predicate isSource(DataFlow::Node source) { - source.asExpr() instanceof AddressOfExprSourceNode - } - - override predicate isSink(DataFlow::Node sink) { sink instanceof FreeExprSink } + predicate isSink(DataFlow::Node sink) { sink instanceof FreeExprSink } - override predicate isBarrierOut(DataFlow::Node node) { + predicate isBarrierOut(DataFlow::Node node) { // the default interprocedural data-flow model flows through any field or array assignment // expressions to the qualifier (array base, pointer dereferenced, or qualifier) instead of the // individual element or field that the assignment modifies. this default behaviour causes @@ -118,21 +109,24 @@ class NonDynamicPointerToFreeConfig extends DataFlow::Configuration { ) } - override predicate isBarrierIn(DataFlow::Node node) { + predicate isBarrierIn(DataFlow::Node node) { // only the last source expression is relevant isSource(node) } } +module NonDynamicPointerToFreeFlow = DataFlow::Global; + abstract class OnlyFreeMemoryAllocatedDynamicallySharedSharedQuery extends Query { } Query getQuery() { result instanceof OnlyFreeMemoryAllocatedDynamicallySharedSharedQuery } query predicate problems( - DataFlow::PathNode element, DataFlow::PathNode source, DataFlow::PathNode sink, string message + NonDynamicPointerToFreeFlow::PathNode element, NonDynamicPointerToFreeFlow::PathNode source, + NonDynamicPointerToFreeFlow::PathNode sink, string message ) { not isExcluded(element.getNode().asExpr(), getQuery()) and element = sink and - any(NonDynamicPointerToFreeConfig cfg).hasFlowPath(source, sink) and + NonDynamicPointerToFreeFlow::flowPath(source, sink) and message = "Free expression frees memory which was not dynamically allocated." } diff --git a/cpp/common/src/codingstandards/cpp/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.qll b/cpp/common/src/codingstandards/cpp/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.qll index eff7873d16..e24fb91539 100644 --- a/cpp/common/src/codingstandards/cpp/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.qll +++ b/cpp/common/src/codingstandards/cpp/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.qll @@ -9,20 +9,18 @@ import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.SmartPointers import codingstandards.cpp.dataflow.TaintTracking -import DataFlow::PathGraph +import PointerToSmartPointerConstructorFlowFlow::PathGraph abstract class OwnedPointerValueStoredInUnrelatedSmartPointerSharedQuery extends Query { } Query getQuery() { result instanceof OwnedPointerValueStoredInUnrelatedSmartPointerSharedQuery } -private class PointerToSmartPointerConstructorFlowConfig extends TaintTracking::Configuration { - PointerToSmartPointerConstructorFlowConfig() { this = "PointerToSmartPointerConstructorFlow" } - - override predicate isSource(DataFlow::Node source) { +private module PointerToSmartPointerConstructorFlowConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { exists(Variable v | v.getAnAssignedValue() = source.asExpr()) } - override predicate isSink(DataFlow::Node sink) { + predicate isSink(DataFlow::Node sink) { exists(AutosarSmartPointer sp, ConstructorCall cc | sp.getAConstructorCall() = cc and cc.getArgument(0).getFullyConverted().getType() instanceof PointerType and @@ -30,7 +28,7 @@ private class PointerToSmartPointerConstructorFlowConfig extends TaintTracking:: ) } - override predicate isAdditionalTaintStep(DataFlow::Node node1, DataFlow::Node node2) { + predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) { // Summarize flow through constructor calls exists(AutosarSmartPointer sp, ConstructorCall cc | sp.getAConstructorCall() = cc and @@ -46,7 +44,7 @@ private class PointerToSmartPointerConstructorFlowConfig extends TaintTracking:: ) } - override predicate isSanitizerIn(DataFlow::Node node) { + predicate isBarrierIn(DataFlow::Node node) { // Exclude flow into header files outside the source archive which are summarized by the // additional taint steps above. exists(AutosarSmartPointer sp | @@ -59,15 +57,19 @@ private class PointerToSmartPointerConstructorFlowConfig extends TaintTracking:: } } +private module PointerToSmartPointerConstructorFlowFlow = + TaintTracking::Global; + query predicate problems( - DataFlow::Node sinkNode, DataFlow::PathNode source, DataFlow::PathNode sink, string message + DataFlow::Node sinkNode, PointerToSmartPointerConstructorFlowFlow::PathNode source, + PointerToSmartPointerConstructorFlowFlow::PathNode sink, string message ) { not isExcluded(sinkNode.asExpr(), getQuery()) and - exists(PointerToSmartPointerConstructorFlowConfig config, DataFlow::PathNode sink2 | + exists(PointerToSmartPointerConstructorFlowFlow::PathNode sink2 | sink != sink2 and sinkNode = sink.getNode() and - config.hasFlowPath(source, sink) and - config.hasFlowPath(source, sink2) and + PointerToSmartPointerConstructorFlowFlow::flowPath(source, sink) and + PointerToSmartPointerConstructorFlowFlow::flowPath(source, sink2) and message = "Raw pointer flows to initialize multiple unrelated smart pointers." ) } diff --git a/cpp/common/src/codingstandards/cpp/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.qll b/cpp/common/src/codingstandards/cpp/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.qll index 515779595f..dc26d13b87 100644 --- a/cpp/common/src/codingstandards/cpp/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.qll +++ b/cpp/common/src/codingstandards/cpp/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.qll @@ -8,24 +8,23 @@ import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.allocations.PlacementNew import codingstandards.cpp.dataflow.DataFlow -import DataFlow::PathGraph +import PlacementNewOriginFlow::PathGraph abstract class PlacementNewInsufficientStorageSharedQuery extends Query { } Query getQuery() { result instanceof PlacementNewInsufficientStorageSharedQuery } query predicate problems( - PlacementNewExpr placementNew, DataFlow::PathNode source, DataFlow::PathNode sink, string message, - PlacementNewMemoryOrigin memoryOrigin, string memoryOriginDescription + PlacementNewExpr placementNew, PlacementNewOriginFlow::PathNode source, + PlacementNewOriginFlow::PathNode sink, string message, PlacementNewMemoryOrigin memoryOrigin, + string memoryOriginDescription ) { not isExcluded(placementNew, getQuery()) and message = "Placement new expression is used with an insufficiently large memory allocation from $@." and - exists(PlacementNewOriginConfig config | - memoryOrigin = source.getNode() and - placementNew.getPlacementExpr() = sink.getNode().asExpr() and - memoryOriginDescription = memoryOrigin.toString() and - config.hasFlowPath(source, sink) and - memoryOrigin.getMaximumMemorySize() < placementNew.getMinimumAllocationSize() - ) + memoryOrigin = source.getNode() and + placementNew.getPlacementExpr() = sink.getNode().asExpr() and + memoryOriginDescription = memoryOrigin.toString() and + PlacementNewOriginFlow::flowPath(source, sink) and + memoryOrigin.getMaximumMemorySize() < placementNew.getMinimumAllocationSize() } diff --git a/cpp/common/src/codingstandards/cpp/rules/placementnewnotproperlyaligned/PlacementNewNotProperlyAligned.qll b/cpp/common/src/codingstandards/cpp/rules/placementnewnotproperlyaligned/PlacementNewNotProperlyAligned.qll index 19cbe2fff5..72286f2d79 100644 --- a/cpp/common/src/codingstandards/cpp/rules/placementnewnotproperlyaligned/PlacementNewNotProperlyAligned.qll +++ b/cpp/common/src/codingstandards/cpp/rules/placementnewnotproperlyaligned/PlacementNewNotProperlyAligned.qll @@ -8,7 +8,7 @@ import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.allocations.PlacementNew import codingstandards.cpp.dataflow.DataFlow -import DataFlow::PathGraph +import PlacementNewOriginFlow::PathGraph abstract class PlacementNewNotProperlyAlignedSharedQuery extends Query { } @@ -19,20 +19,19 @@ Query getQuery() { result instanceof PlacementNewNotProperlyAlignedSharedQuery } */ query predicate problems( - PlacementNewExpr placementNew, DataFlow::PathNode source, DataFlow::PathNode sink, string message, - PlacementNewMemoryOrigin memoryOrigin, string memoryOriginDescription + PlacementNewExpr placementNew, PlacementNewOriginFlow::PathNode source, + PlacementNewOriginFlow::PathNode sink, string message, PlacementNewMemoryOrigin memoryOrigin, + string memoryOriginDescription ) { not isExcluded(placementNew, getQuery()) and - exists(PlacementNewOriginConfig config | - memoryOrigin = source.getNode() and - placementNew.getPlacementExpr() = sink.getNode().asExpr() and - memoryOriginDescription = memoryOrigin.toString() and - config.hasFlowPath(source, sink) and - exists(int originAlignment | - originAlignment = memoryOrigin.getAlignment() and - // The origin alignment should be exactly divisible by the placement alignment - (originAlignment / placementNew.getAllocatedType().getAlignment()).ceil() = 0 and - message = "Placement new expression is used with inappropriately aligned memory from $@." - ) + memoryOrigin = source.getNode() and + placementNew.getPlacementExpr() = sink.getNode().asExpr() and + memoryOriginDescription = memoryOrigin.toString() and + PlacementNewOriginFlow::flowPath(source, sink) and + exists(int originAlignment | + originAlignment = memoryOrigin.getAlignment() and + // The origin alignment should be exactly divisible by the placement alignment + (originAlignment / placementNew.getAllocatedType().getAlignment()).ceil() = 0 and + message = "Placement new expression is used with inappropriately aligned memory from $@." ) } diff --git a/cpp/common/src/codingstandards/cpp/rules/stringnumberconversionmissingerrorcheck/StringNumberConversionMissingErrorCheck.qll b/cpp/common/src/codingstandards/cpp/rules/stringnumberconversionmissingerrorcheck/StringNumberConversionMissingErrorCheck.qll index e5856ad7c8..98fd51a58f 100644 --- a/cpp/common/src/codingstandards/cpp/rules/stringnumberconversionmissingerrorcheck/StringNumberConversionMissingErrorCheck.qll +++ b/cpp/common/src/codingstandards/cpp/rules/stringnumberconversionmissingerrorcheck/StringNumberConversionMissingErrorCheck.qll @@ -31,8 +31,7 @@ class CharIStreamConstructorCall extends CharIStreamSource, Expr { } override Expr getAUse() { - any(CharIStreamConstructorCallUseConfig c) - .hasFlow(DataFlow::exprNode(this), DataFlow::exprNode(result)) + CharIStreamConstructorCallUseFlow::flow(DataFlow::exprNode(this), DataFlow::exprNode(result)) } } @@ -40,18 +39,16 @@ class CharIStreamConstructorCall extends CharIStreamSource, Expr { * A global taint tracking configuration used to track from `CharIStream` constructor calls to uses * of that stream later in the program. */ -private class CharIStreamConstructorCallUseConfig extends TaintTracking::Configuration { - CharIStreamConstructorCallUseConfig() { this = "CharIStreamUse" } - - override predicate isSource(DataFlow::Node source) { +private module CharIStreamConstructorCallUseConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { source.asExpr() instanceof CharIStreamConstructorCall } - override predicate isSink(DataFlow::Node sink) { + predicate isSink(DataFlow::Node sink) { sink.asExpr().getType().stripType() instanceof CharIStream } - override predicate isAdditionalTaintStep(DataFlow::Node node1, DataFlow::Node node2) { + predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) { // By default we do not get flow from ConstructorFieldInit expressions to accesses // of the field in other member functions, so we add it explicitly here. exists(ConstructorFieldInit cfi, Field f | @@ -63,6 +60,9 @@ private class CharIStreamConstructorCallUseConfig extends TaintTracking::Configu } } +private module CharIStreamConstructorCallUseFlow = + TaintTracking::Global; + /** * A `CharIStream` defined externally, and which therefore cannot be tracked as a source by taint tracking. * diff --git a/cpp/common/src/codingstandards/cpp/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.qll b/cpp/common/src/codingstandards/cpp/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.qll index a34beef5cd..9dbefeaa75 100644 --- a/cpp/common/src/codingstandards/cpp/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.qll +++ b/cpp/common/src/codingstandards/cpp/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.qll @@ -9,16 +9,14 @@ import codingstandards.cpp.allocations.CustomOperatorNewDelete import codingstandards.cpp.exceptions.ExceptionSpecifications import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -import DataFlow::PathGraph +import NullFlow::PathGraph abstract class ThrowingOperatorNewReturnsNullSharedQuery extends Query { } Query getQuery() { result instanceof ThrowingOperatorNewReturnsNullSharedQuery } -class NullConfig extends DataFlow::Configuration { - NullConfig() { this = "NullConfig" } - - override predicate isSource(DataFlow::Node source) { +module NullConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { source.asExpr() instanceof NullValue or // Call to an allocation function that may return null @@ -32,7 +30,7 @@ class NullConfig extends DataFlow::Configuration { ) } - override predicate isSink(DataFlow::Node sink) { + predicate isSink(DataFlow::Node sink) { exists(CustomOperatorNew co, ReturnStmt rs | co.getNumberOfParameters() = 1 and rs.getEnclosingFunction() = co and @@ -41,11 +39,13 @@ class NullConfig extends DataFlow::Configuration { } } +module NullFlow = DataFlow::Global; + query predicate problems( - ReturnStmt e, DataFlow::PathNode source, DataFlow::PathNode sink, string message + ReturnStmt e, NullFlow::PathNode source, NullFlow::PathNode sink, string message ) { not isExcluded(e, getQuery()) and - any(NullConfig nc).hasFlowPath(source, sink) and + NullFlow::flowPath(source, sink) and sink.getNode().asExpr() = e.getExpr() and exists(CustomOperatorNew op | message = diff --git a/cpp/common/src/codingstandards/cpp/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.qll b/cpp/common/src/codingstandards/cpp/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.qll index 979918a72b..c421ae3cc9 100644 --- a/cpp/common/src/codingstandards/cpp/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.qll +++ b/cpp/common/src/codingstandards/cpp/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.qll @@ -10,21 +10,19 @@ import codingstandards.cpp.dataflow.DataFlow abstract class UseOnlyArrayIndexingForPointerArithmeticSharedQuery extends Query { } -class ArrayToArrayBaseConfig extends DataFlow::Configuration { - ArrayToArrayBaseConfig() { this = "ArrayToArrayBaseConfig" } - - override predicate isSource(DataFlow::Node source) { +module ArrayToArrayBaseConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { source.asExpr().(VariableAccess).getType() instanceof ArrayType or // Consider array to pointer decay for parameters. source.asExpr().(VariableAccess).getTarget().(Parameter).getType() instanceof ArrayType } - override predicate isSink(DataFlow::Node sink) { - exists(ArrayExpr e | e.getArrayBase() = sink.asExpr()) - } + predicate isSink(DataFlow::Node sink) { exists(ArrayExpr e | e.getArrayBase() = sink.asExpr()) } } +module ArrayToArrayBaseFlow = DataFlow::Global; + predicate hasPointerResult(PointerArithmeticOperation op) { op instanceof PointerAddExpr or @@ -34,8 +32,7 @@ predicate hasPointerResult(PointerArithmeticOperation op) { predicate shouldBeArray(ArrayExpr arrayExpr) { arrayExpr.getArrayBase().getUnspecifiedType() instanceof PointerType and not exists(VariableAccess va | - any(ArrayToArrayBaseConfig config) - .hasFlow(DataFlow::exprNode(va), DataFlow::exprNode(arrayExpr.getArrayBase())) + ArrayToArrayBaseFlow::flow(DataFlow::exprNode(va), DataFlow::exprNode(arrayExpr.getArrayBase())) ) and not exists(Variable v | v.getAnAssignedValue().getType() instanceof ArrayType and diff --git a/cpp/common/src/codingstandards/cpp/standardlibrary/FileStreams.qll b/cpp/common/src/codingstandards/cpp/standardlibrary/FileStreams.qll index 775159326f..4d495fce3e 100644 --- a/cpp/common/src/codingstandards/cpp/standardlibrary/FileStreams.qll +++ b/cpp/common/src/codingstandards/cpp/standardlibrary/FileStreams.qll @@ -144,8 +144,7 @@ class FileStreamConstructorCall extends FileStreamSource, Expr { } override Expr getAUse() { - any(FileStreamConstructorCallUseConfig c) - .hasFlow(DataFlow::exprNode(this), DataFlow::exprNode(result)) + FileStreamConstructorCallUseFlow::flow(DataFlow::exprNode(this), DataFlow::exprNode(result)) } } @@ -164,18 +163,14 @@ class FileStreamExternGlobal extends FileStreamSource, GlobalOrNamespaceVariable /** * A global taint tracking configuration to track `FileStream` uses in the program. */ -private class FileStreamConstructorCallUseConfig extends TaintTracking::Configuration { - FileStreamConstructorCallUseConfig() { this = "FileStreamUse" } +private module FileStreamConstructorCallUseConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { source.asExpr() instanceof FileStreamConstructorCall } - override predicate isSource(DataFlow::Node source) { - source.asExpr() instanceof FileStreamConstructorCall - } - - override predicate isSink(DataFlow::Node sink) { + predicate isSink(DataFlow::Node sink) { sink.asExpr().getType().stripType() instanceof FileStream } - override predicate isAdditionalTaintStep(DataFlow::Node node1, DataFlow::Node node2) { + predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) { // By default we do not get flow from ConstructorFieldInit expressions to accesses // of the field in other member functions, so we add it explicitly here. exists(ConstructorFieldInit cfi, Field f | @@ -186,3 +181,6 @@ private class FileStreamConstructorCallUseConfig extends TaintTracking::Configur ) } } + +private module FileStreamConstructorCallUseFlow = + TaintTracking::Global; diff --git a/cpp/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.expected b/cpp/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.expected index 21fe1e3ccd..537228a000 100644 --- a/cpp/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.expected +++ b/cpp/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.expected @@ -4,15 +4,19 @@ problems | test.cpp:13:10:13:11 | p4 | test.cpp:5:14:5:15 | l2 | test.cpp:13:10:13:11 | p4 | Subtraction between left operand pointing to array $@ and other operand pointing to array $@. | test.cpp:3:7:3:8 | l2 | l2 | test.cpp:2:7:2:8 | l1 | l1 | | test.cpp:13:15:13:16 | l1 | test.cpp:13:15:13:16 | l1 | test.cpp:13:15:13:16 | l1 | Subtraction between right operand pointing to array $@ and other operand pointing to array $@. | test.cpp:2:7:2:8 | l1 | l1 | test.cpp:3:7:3:8 | l2 | l2 | edges -| test.cpp:4:14:4:15 | l1 | test.cpp:10:10:10:11 | p1 | -| test.cpp:4:14:4:15 | l1 | test.cpp:12:10:12:11 | p1 | -| test.cpp:5:14:5:15 | l2 | test.cpp:11:10:11:11 | p2 | -| test.cpp:5:14:5:15 | l2 | test.cpp:12:15:12:16 | p2 | -| test.cpp:5:14:5:15 | l2 | test.cpp:13:10:13:11 | p4 | -| test.cpp:5:14:5:15 | l2 | test.cpp:14:10:14:11 | p4 | +| test.cpp:4:14:4:15 | l1 | test.cpp:4:14:4:18 | access to array | +| test.cpp:4:14:4:18 | access to array | test.cpp:10:10:10:11 | p1 | +| test.cpp:4:14:4:18 | access to array | test.cpp:12:10:12:11 | p1 | +| test.cpp:5:14:5:15 | l2 | test.cpp:5:14:5:19 | access to array | +| test.cpp:5:14:5:19 | access to array | test.cpp:11:10:11:11 | p2 | +| test.cpp:5:14:5:19 | access to array | test.cpp:12:15:12:16 | p2 | +| test.cpp:5:14:5:19 | access to array | test.cpp:13:10:13:11 | p4 | +| test.cpp:5:14:5:19 | access to array | test.cpp:14:10:14:11 | p4 | nodes | test.cpp:4:14:4:15 | l1 | semmle.label | l1 | +| test.cpp:4:14:4:18 | access to array | semmle.label | access to array | | test.cpp:5:14:5:15 | l2 | semmle.label | l2 | +| test.cpp:5:14:5:19 | access to array | semmle.label | access to array | | test.cpp:10:10:10:11 | p1 | semmle.label | p1 | | test.cpp:10:15:10:16 | l1 | semmle.label | l1 | | test.cpp:11:10:11:11 | p2 | semmle.label | p2 | diff --git a/cpp/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.expected b/cpp/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.expected index 1b31174b2f..22ddfd123a 100644 --- a/cpp/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.expected +++ b/cpp/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.expected @@ -11,20 +11,26 @@ problems | test.cpp:25:7:25:14 | ... >= ... | test.cpp:25:13:25:14 | l3 | test.cpp:25:13:25:14 | l3 | Compare operation >= comparing right operand pointing to array $@ and other operand pointing to array $@. | test.cpp:4:7:4:8 | l3 | l3 | test.cpp:2:7:2:8 | l1 | l1 | edges | test.cpp:6:13:6:14 | l1 | test.cpp:13:12:13:13 | p0 | -| test.cpp:7:14:7:15 | l1 | test.cpp:11:7:11:8 | p1 | -| test.cpp:7:14:7:15 | l1 | test.cpp:13:7:13:8 | p1 | -| test.cpp:7:14:7:15 | l1 | test.cpp:15:13:15:14 | p1 | -| test.cpp:7:14:7:15 | l1 | test.cpp:17:7:17:8 | p1 | -| test.cpp:7:14:7:15 | l1 | test.cpp:23:13:23:14 | p1 | -| test.cpp:7:14:7:15 | l1 | test.cpp:25:7:25:8 | p1 | -| test.cpp:8:14:8:15 | l1 | test.cpp:11:12:11:13 | p2 | -| test.cpp:8:14:8:15 | l1 | test.cpp:21:7:21:8 | p2 | -| test.cpp:9:14:9:15 | l2 | test.cpp:21:12:21:13 | p3 | +| test.cpp:7:14:7:15 | l1 | test.cpp:7:14:7:18 | access to array | +| test.cpp:7:14:7:18 | access to array | test.cpp:11:7:11:8 | p1 | +| test.cpp:7:14:7:18 | access to array | test.cpp:13:7:13:8 | p1 | +| test.cpp:7:14:7:18 | access to array | test.cpp:15:13:15:14 | p1 | +| test.cpp:7:14:7:18 | access to array | test.cpp:17:7:17:8 | p1 | +| test.cpp:7:14:7:18 | access to array | test.cpp:23:13:23:14 | p1 | +| test.cpp:7:14:7:18 | access to array | test.cpp:25:7:25:8 | p1 | +| test.cpp:8:14:8:15 | l1 | test.cpp:8:14:8:18 | access to array | +| test.cpp:8:14:8:18 | access to array | test.cpp:11:12:11:13 | p2 | +| test.cpp:8:14:8:18 | access to array | test.cpp:21:7:21:8 | p2 | +| test.cpp:9:14:9:15 | l2 | test.cpp:9:14:9:18 | access to array | +| test.cpp:9:14:9:18 | access to array | test.cpp:21:12:21:13 | p3 | nodes | test.cpp:6:13:6:14 | l1 | semmle.label | l1 | | test.cpp:7:14:7:15 | l1 | semmle.label | l1 | +| test.cpp:7:14:7:18 | access to array | semmle.label | access to array | | test.cpp:8:14:8:15 | l1 | semmle.label | l1 | +| test.cpp:8:14:8:18 | access to array | semmle.label | access to array | | test.cpp:9:14:9:15 | l2 | semmle.label | l2 | +| test.cpp:9:14:9:18 | access to array | semmle.label | access to array | | test.cpp:11:7:11:8 | p1 | semmle.label | p1 | | test.cpp:11:12:11:13 | p2 | semmle.label | p2 | | test.cpp:13:7:13:8 | p1 | semmle.label | p1 | diff --git a/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.expected b/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.expected index d5d138ec19..3d00ff0d6a 100644 --- a/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.expected +++ b/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.expected @@ -7,10 +7,14 @@ problems | test.cpp:17:27:17:28 | v1 | test.cpp:16:13:16:22 | new | test.cpp:17:27:17:28 | v1 | Raw pointer flows to initialize multiple unrelated smart pointers. | edges | test.cpp:3:14:3:15 | v1 | test.cpp:5:27:5:28 | v1 | -| test.cpp:3:14:3:15 | v1 | test.cpp:6:31:6:33 | call to get | +| test.cpp:3:14:3:15 | v1 | test.cpp:5:27:5:28 | v1 | | test.cpp:3:14:3:15 | v1 | test.cpp:7:28:7:29 | v2 | | test.cpp:4:13:4:14 | v1 | test.cpp:7:28:7:29 | v2 | -| test.cpp:5:27:5:29 | call to shared_ptr | test.cpp:6:31:6:33 | call to get | +| test.cpp:5:27:5:28 | v1 | test.cpp:5:27:5:29 | call to shared_ptr | +| test.cpp:5:27:5:29 | call to shared_ptr | test.cpp:6:28:6:29 | p1 | +| test.cpp:5:27:5:29 | call to shared_ptr | test.cpp:6:28:6:29 | p1 | +| test.cpp:6:28:6:29 | p1 | test.cpp:6:31:6:33 | call to get | +| test.cpp:6:28:6:29 | p1 | test.cpp:6:31:6:33 | call to get | | test.cpp:8:8:8:14 | 0 | test.cpp:9:28:9:29 | v2 | | test.cpp:10:8:10:17 | new | test.cpp:11:28:11:29 | v2 | | test.cpp:10:8:10:17 | new | test.cpp:12:28:12:29 | v2 | @@ -21,7 +25,11 @@ nodes | test.cpp:3:14:3:15 | v1 | semmle.label | v1 | | test.cpp:4:13:4:14 | v1 | semmle.label | v1 | | test.cpp:5:27:5:28 | v1 | semmle.label | v1 | +| test.cpp:5:27:5:28 | v1 | semmle.label | v1 | +| test.cpp:5:27:5:29 | call to shared_ptr | semmle.label | call to shared_ptr | | test.cpp:5:27:5:29 | call to shared_ptr | semmle.label | call to shared_ptr | +| test.cpp:6:28:6:29 | p1 | semmle.label | p1 | +| test.cpp:6:28:6:29 | p1 | semmle.label | p1 | | test.cpp:6:31:6:33 | call to get | semmle.label | call to get | | test.cpp:7:28:7:29 | v2 | semmle.label | v2 | | test.cpp:8:8:8:14 | 0 | semmle.label | 0 | From 27e9e81ccd58bacabc85a8abe46502836d100e14 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema <93738568+jketema@users.noreply.github.com> Date: Mon, 4 Dec 2023 13:18:35 +0100 Subject: [PATCH 1493/2573] Update c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql Co-authored-by: Anders Schack-Mulligen --- .../EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql | 1 - 1 file changed, 1 deletion(-) diff --git a/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql b/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql index cada60d10f..e5735a5fda 100644 --- a/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql +++ b/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql @@ -15,7 +15,6 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.Alignment import codingstandards.cpp.dataflow.DataFlow -import codingstandards.cpp.dataflow.DataFlow2 import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis import ExprWithAlignmentToCStyleCastFlow::PathGraph From ba247cdc8a786facae7c9d14c76594938fd8495b Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 5 Dec 2023 10:45:04 +0000 Subject: [PATCH 1494/2573] Comments: Update A2-7-3 impl scope. --- rule_packages/cpp/Comments.json | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/rule_packages/cpp/Comments.json b/rule_packages/cpp/Comments.json index d6364f01d6..7af32f62c1 100644 --- a/rule_packages/cpp/Comments.json +++ b/rule_packages/cpp/Comments.json @@ -70,7 +70,10 @@ "tags": [ "maintainability", "readability" - ] + ], + "implementation_scope": { + "description": "Function scope declarations are excluded from this rule as they are restricted in scope to only a single function." + } } ], "title": "All declarations of 'user-defined' types, static and non-static data members, functions and methods shall be preceded by documentation." From 4e415d7819c5ea3abebe0c20f867d3922574a0c6 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 5 Dec 2023 10:47:53 +0000 Subject: [PATCH 1495/2573] A7-2-1: Fix typo in query message. --- cpp/autosar/src/rules/A7-2-1/NonEnumeratorEnumValue.ql | 2 +- cpp/autosar/test/rules/A7-2-1/NonEnumeratorEnumValue.expected | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/src/rules/A7-2-1/NonEnumeratorEnumValue.ql b/cpp/autosar/src/rules/A7-2-1/NonEnumeratorEnumValue.ql index 9b41c97129..f4dcd7f32e 100644 --- a/cpp/autosar/src/rules/A7-2-1/NonEnumeratorEnumValue.ql +++ b/cpp/autosar/src/rules/A7-2-1/NonEnumeratorEnumValue.ql @@ -47,7 +47,7 @@ where then description = "Cast to enum $@ with from expression with value " + c.getExpr().getValue().toFloat() + - "_+ which is not one of the enumerator values in function " + + " which is not one of the enumerator values in function " + c.getEnclosingFunction().getName() + "." else if exists(upperBound(c.getExpr())) diff --git a/cpp/autosar/test/rules/A7-2-1/NonEnumeratorEnumValue.expected b/cpp/autosar/test/rules/A7-2-1/NonEnumeratorEnumValue.expected index 9c99c44897..6ac5cfca86 100644 --- a/cpp/autosar/test/rules/A7-2-1/NonEnumeratorEnumValue.expected +++ b/cpp/autosar/test/rules/A7-2-1/NonEnumeratorEnumValue.expected @@ -7,4 +7,4 @@ | test.cpp:27:12:27:25 | (Foo)... | Cast to enum $@ with from expression with range 0...3 which may not be one of the enumerator values in function test_bitwise_or. | test.cpp:2:6:2:8 | Foo | Foo | | test.cpp:28:12:28:25 | (Foo)... | Cast to enum $@ with from expression with range 0...7 which may not be one of the enumerator values in function test_bitwise_or. | test.cpp:2:6:2:8 | Foo | Foo | | test.cpp:39:12:39:17 | (Bar)... | Cast to enum $@ with from expression with range 1...1 which may not be one of the enumerator values in function test_constant. | test.cpp:5:6:5:8 | Bar | Bar | -| test.cpp:41:12:41:17 | (Bar)... | Cast to enum $@ with from expression with value 1_+ which is not one of the enumerator values in function test_constant. | test.cpp:5:6:5:8 | Bar | Bar | +| test.cpp:41:12:41:17 | (Bar)... | Cast to enum $@ with from expression with value 1 which is not one of the enumerator values in function test_constant. | test.cpp:5:6:5:8 | Bar | Bar | From bbbb6d832baae34a7392db85d81673bb6ab79d89 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 5 Dec 2023 10:48:57 +0000 Subject: [PATCH 1496/2573] A7-2-1: Add change note for typo --- change_notes/2023-12-05-a7-2-1-typo.md | 1 + 1 file changed, 1 insertion(+) create mode 100644 change_notes/2023-12-05-a7-2-1-typo.md diff --git a/change_notes/2023-12-05-a7-2-1-typo.md b/change_notes/2023-12-05-a7-2-1-typo.md new file mode 100644 index 0000000000..f87fc7cf8b --- /dev/null +++ b/change_notes/2023-12-05-a7-2-1-typo.md @@ -0,0 +1 @@ + * `A7-2-1` - fix typo in some alert messages. \ No newline at end of file From a15b475ccb0cbe98c958aae36e40960997682bd3 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 6 Dec 2023 10:12:58 +0000 Subject: [PATCH 1497/2573] M16-1-1: Improve perf and detection of nested uses of defined - Optimize query to improve performance - Improve detection of macros whose body contains the `defined` operator after the start of the macro (e.g. `#define X Y || defined(Z)`). - Enable exclusions to be applied for this rule. --- change_notes/2023-12-06-m16-1-1-perf.md | 3 ++ .../src/rules/M16-1-1/DefinedMacro.qll | 36 +++++++++---------- ...ssorOperatorGeneratedFromExpansionFound.ql | 25 +++++++------ ...eratorGeneratedFromExpansionFound.expected | 4 ++- ...peratorInOneOfTheTwoStandardForms.expected | 2 +- cpp/autosar/test/rules/M16-1-1/test.cpp | 8 +++++ 6 files changed, 47 insertions(+), 31 deletions(-) create mode 100644 change_notes/2023-12-06-m16-1-1-perf.md diff --git a/change_notes/2023-12-06-m16-1-1-perf.md b/change_notes/2023-12-06-m16-1-1-perf.md new file mode 100644 index 0000000000..08dd08b7de --- /dev/null +++ b/change_notes/2023-12-06-m16-1-1-perf.md @@ -0,0 +1,3 @@ + * `M16-1-1` + - Optimize query to improve performance + - Improve detection of macros whose body contains the `defined` operator after the start of the macro (e.g. `#define X Y || defined(Z)`). \ No newline at end of file diff --git a/cpp/autosar/src/rules/M16-1-1/DefinedMacro.qll b/cpp/autosar/src/rules/M16-1-1/DefinedMacro.qll index 6fed938b38..91d6f614a0 100644 --- a/cpp/autosar/src/rules/M16-1-1/DefinedMacro.qll +++ b/cpp/autosar/src/rules/M16-1-1/DefinedMacro.qll @@ -2,27 +2,27 @@ import cpp import codingstandards.cpp.autosar /** - * A helper class describing macros wrapping defined operator + * A helper class describing macros wrapping the defined operator */ -class DefinedMacro extends Macro { - DefinedMacro() { - this.getBody().regexpMatch("defined\\s*\\(.*") +class MacroUsesDefined extends Macro { + MacroUsesDefined() { + // Uses `defined` directly + exists(this.getBody().regexpFind("\\bdefined\\b", _, _)) or - this.getBody().regexpMatch("defined[\\s]+|defined$") + // Uses a macro that uses `defined` (directly or indirectly) + exists(MacroUsesDefined dm | exists(this.getBody().regexpFind(dm.getRegexForMatch(), _, _))) } - Macro getAUse() { - result = this or - anyAliasing(result, this) + /** + * Gets a regex for matching uses of this macro. + */ + string getRegexForMatch() { + exists(string arguments | + // If there are arguments + if getHead() = getName() then arguments = "" else arguments = "\\s*\\(" + | + // Use word boundary matching to find identifiers that match + result = "\\b" + getName() + "\\b" + arguments + ) } } - -predicate directAlias(Macro alias, Macro aliased) { - not alias.getBody() = alias.getBody().replaceAll(aliased.getHead(), "") -} - -predicate anyAliasing(Macro alias, Macro inQ) { - directAlias(alias, inQ) - or - exists(Macro intermediate | anyAliasing(intermediate, inQ) and anyAliasing(alias, intermediate)) -} diff --git a/cpp/autosar/src/rules/M16-1-1/DefinedPreProcessorOperatorGeneratedFromExpansionFound.ql b/cpp/autosar/src/rules/M16-1-1/DefinedPreProcessorOperatorGeneratedFromExpansionFound.ql index fc86674d9d..bc3847c98b 100644 --- a/cpp/autosar/src/rules/M16-1-1/DefinedPreProcessorOperatorGeneratedFromExpansionFound.ql +++ b/cpp/autosar/src/rules/M16-1-1/DefinedPreProcessorOperatorGeneratedFromExpansionFound.ql @@ -16,16 +16,19 @@ import cpp import codingstandards.cpp.autosar import DefinedMacro -from DefinedMacro m, PreprocessorBranch e +/** + * An `if` or `elif` preprocessor branch. + */ +class PreprocessorIfOrElif extends PreprocessorBranch { + PreprocessorIfOrElif() { + this instanceof PreprocessorIf or + this instanceof PreprocessorElif + } +} + +from PreprocessorIfOrElif e, MacroUsesDefined m where - ( - e instanceof PreprocessorIf or - e instanceof PreprocessorElif - ) and - ( - e.getHead().regexpMatch(m.getAUse().getHead() + "\\s*\\(.*") - or - e.getHead().regexpMatch(m.getAUse().getHead().replaceAll("(", "\\(").replaceAll(")", "\\)")) - ) and - not isExcluded(e) + not isExcluded(e, MacrosPackage::definedPreProcessorOperatorInOneOfTheTwoStandardFormsQuery()) and + // A`#if` or `#elif` which uses a macro which uses `defined` + exists(e.getHead().regexpFind(m.getRegexForMatch(), _, _)) select e, "The macro $@ expands to 'defined'", m, m.getName() diff --git a/cpp/autosar/test/rules/M16-1-1/DefinedPreProcessorOperatorGeneratedFromExpansionFound.expected b/cpp/autosar/test/rules/M16-1-1/DefinedPreProcessorOperatorGeneratedFromExpansionFound.expected index 594463345d..9f07d10900 100644 --- a/cpp/autosar/test/rules/M16-1-1/DefinedPreProcessorOperatorGeneratedFromExpansionFound.expected +++ b/cpp/autosar/test/rules/M16-1-1/DefinedPreProcessorOperatorGeneratedFromExpansionFound.expected @@ -1,2 +1,4 @@ -| test.cpp:22:1:22:18 | #if DBLWRAPUSES(X) | The macro $@ expands to 'defined' | test.cpp:18:1:18:22 | #define BADDEF defined | BADDEF | +| test.cpp:22:1:22:18 | #if DBLWRAPUSES(X) | The macro $@ expands to 'defined' | test.cpp:21:1:21:24 | #define DBLWRAPUSES USES | DBLWRAPUSES | | test.cpp:26:1:26:16 | #if BADDEFTWO(X) | The macro $@ expands to 'defined' | test.cpp:25:1:25:31 | #define BADDEFTWO(X) defined(X) | BADDEFTWO | +| test.cpp:29:1:29:16 | #if BADDEFTWO(Y) | The macro $@ expands to 'defined' | test.cpp:25:1:25:31 | #define BADDEFTWO(X) defined(X) | BADDEFTWO | +| test.cpp:42:1:42:11 | #if WRAPPER | The macro $@ expands to 'defined' | test.cpp:40:1:40:35 | #define WRAPPER X < Y \|\| defined(z) | WRAPPER | diff --git a/cpp/autosar/test/rules/M16-1-1/DefinedPreProcessorOperatorInOneOfTheTwoStandardForms.expected b/cpp/autosar/test/rules/M16-1-1/DefinedPreProcessorOperatorInOneOfTheTwoStandardForms.expected index 73df12d247..69cdd9e644 100644 --- a/cpp/autosar/test/rules/M16-1-1/DefinedPreProcessorOperatorInOneOfTheTwoStandardForms.expected +++ b/cpp/autosar/test/rules/M16-1-1/DefinedPreProcessorOperatorInOneOfTheTwoStandardForms.expected @@ -2,4 +2,4 @@ | test.cpp:9:1:9:19 | #elif defined X < Y | Use of defined with non-standard form: X < Y. | | test.cpp:13:1:13:18 | #if defined(X > Y) | Use of defined with non-standard form: X > Y. | | test.cpp:14:1:14:20 | #elif defined(X < Y) | Use of defined with non-standard form: X < Y. | -| test.cpp:34:1:34:47 | #if defined(X) \|\| defined _Y_ + X && defined(Y) | Use of defined with non-standard form: _Y_ + X. | +| test.cpp:37:1:37:47 | #if defined(X) \|\| defined _Y_ + X && defined(Y) | Use of defined with non-standard form: _Y_ + X. | diff --git a/cpp/autosar/test/rules/M16-1-1/test.cpp b/cpp/autosar/test/rules/M16-1-1/test.cpp index fa1087f431..c7e9f91fdd 100644 --- a/cpp/autosar/test/rules/M16-1-1/test.cpp +++ b/cpp/autosar/test/rules/M16-1-1/test.cpp @@ -26,10 +26,18 @@ #if BADDEFTWO(X) // NON_COMPLIANT #endif +#if BADDEFTWO(Y) // NON_COMPLIANT +#endif + // clang-format off #if defined (X) || (defined(_Y_)) // COMPLIANT // clang-format on #endif #if defined(X) || defined _Y_ + X && defined(Y) // NON_COMPLIANT +#endif + +#define WRAPPER X < Y || defined(z) + +#if WRAPPER // NON_COMPLIANT #endif \ No newline at end of file From 804bcdf95bcba374a8d8622f798dba0ca1e980d0 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 7 Dec 2023 09:50:34 +0000 Subject: [PATCH 1498/2573] M16-1-1: Update change notes. --- change_notes/2023-12-06-m16-1-1-perf.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/change_notes/2023-12-06-m16-1-1-perf.md b/change_notes/2023-12-06-m16-1-1-perf.md index 08dd08b7de..c8d8eab614 100644 --- a/change_notes/2023-12-06-m16-1-1-perf.md +++ b/change_notes/2023-12-06-m16-1-1-perf.md @@ -1,3 +1,4 @@ * `M16-1-1` - Optimize query to improve performance - - Improve detection of macros whose body contains the `defined` operator after the start of the macro (e.g. `#define X Y || defined(Z)`). \ No newline at end of file + - Improve detection of macros whose body contains the `defined` operator after the start of the macro (e.g. `#define X Y || defined(Z)`). + - Enable exclusions to be applied for this rule. \ No newline at end of file From f88964c3f44c724c0691d1d2bc4b834d5b14aad5 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 7 Dec 2023 10:07:45 +0000 Subject: [PATCH 1499/2573] Remove uses of isExcluded/1. --- .../A18-5-11/OperatorNewAndOperatorDeleteNotDefinedLocally.ql | 3 ++- .../A23-0-1/IteratorImplicitlyConvertedToConstIterator.ql | 4 ++-- ...NonConstRawPointersOrReferencesToPrivateOrProtectedData.ql | 3 ++- cpp/autosar/src/rules/M0-1-2/InfeasiblePath.ql | 2 +- cpp/autosar/src/rules/M3-1-2/FunctionsDeclaredAtBlockScope.ql | 2 +- .../M3-2-1/DeclarationsOfAFunctionShallHaveCompatibleTypes.ql | 2 +- cpp/autosar/src/rules/M3-2-3/MultipleDeclarationViolation.ql | 2 +- .../src/rules/M3-9-1/TypesNotIdenticalInObjectDeclarations.ql | 2 +- .../src/rules/M3-9-1/TypesNotIdenticalInReturnDeclarations.ql | 2 +- .../M4-5-3/CharUsedAsOperandsToDisallowedBuiltInOperators.ql | 2 +- cpp/autosar/src/rules/M5-0-2/GratuitousUseOfParentheses.ql | 2 +- ...ndDecrementOperatorsMixedWithOtherOperatorsInExpression.ql | 3 ++- 12 files changed, 16 insertions(+), 13 deletions(-) diff --git a/cpp/autosar/src/rules/A18-5-11/OperatorNewAndOperatorDeleteNotDefinedLocally.ql b/cpp/autosar/src/rules/A18-5-11/OperatorNewAndOperatorDeleteNotDefinedLocally.ql index 485837073a..5d4cd71c79 100644 --- a/cpp/autosar/src/rules/A18-5-11/OperatorNewAndOperatorDeleteNotDefinedLocally.ql +++ b/cpp/autosar/src/rules/A18-5-11/OperatorNewAndOperatorDeleteNotDefinedLocally.ql @@ -19,7 +19,8 @@ import codingstandards.cpp.autosar from MemberFunction operator_new, Class c where - not isExcluded(operator_new) and + not isExcluded(operator_new, + DeclarationsPackage::operatorNewAndOperatorDeleteNotDefinedLocallyQuery()) and not isExcluded(c, DeclarationsPackage::operatorNewAndOperatorDeleteNotDefinedLocallyQuery()) and operator_new.hasName("operator new") and operator_new.getDeclaringType() = c and diff --git a/cpp/autosar/src/rules/A23-0-1/IteratorImplicitlyConvertedToConstIterator.ql b/cpp/autosar/src/rules/A23-0-1/IteratorImplicitlyConvertedToConstIterator.ql index 5a45cbc9d6..d67058868c 100644 --- a/cpp/autosar/src/rules/A23-0-1/IteratorImplicitlyConvertedToConstIterator.ql +++ b/cpp/autosar/src/rules/A23-0-1/IteratorImplicitlyConvertedToConstIterator.ql @@ -40,8 +40,8 @@ import codingstandards.cpp.Iterators from ConstIteratorVariable v, STLContainer c, Expr e where - not isExcluded(v) and - not isExcluded(e) and + not isExcluded(v, IteratorsPackage::iteratorImplicitlyConvertedToConstIteratorQuery()) and + not isExcluded(e, IteratorsPackage::iteratorImplicitlyConvertedToConstIteratorQuery()) and e = v.getAnAssignedValue() and e.getAChild*() = /* see note at top of query */ c.getANonConstIteratorFunctionCall() select e, "Non-const version of container call immediately converted to a `const_iterator`." diff --git a/cpp/autosar/src/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.ql b/cpp/autosar/src/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.ql index dfa402bd1e..f40faad3dd 100644 --- a/cpp/autosar/src/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.ql +++ b/cpp/autosar/src/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.ql @@ -57,7 +57,8 @@ class AccessAwareMemberFunction extends MemberFunction { from Class c, AccessAwareMemberFunction mf, FieldAccess a, ReturnStmt rs where - not isExcluded(c) and + not isExcluded(c, + ClassesPackage::returnsNonConstRawPointersOrReferencesToPrivateOrProtectedDataQuery()) and not isExcluded(mf, ClassesPackage::returnsNonConstRawPointersOrReferencesToPrivateOrProtectedDataQuery()) and // Find all of the methods within this class diff --git a/cpp/autosar/src/rules/M0-1-2/InfeasiblePath.ql b/cpp/autosar/src/rules/M0-1-2/InfeasiblePath.ql index d8a5c07d95..645e05c920 100644 --- a/cpp/autosar/src/rules/M0-1-2/InfeasiblePath.ql +++ b/cpp/autosar/src/rules/M0-1-2/InfeasiblePath.ql @@ -158,6 +158,6 @@ predicate hasInfeasiblePath( from ConditionalControlFlowNode cond, boolean infeasiblePath, string explanation where - not isExcluded(cond) and + not isExcluded(cond, DeadCodePackage::infeasiblePathQuery()) and hasInfeasiblePath(cond, infeasiblePath, explanation) select cond, "The " + infeasiblePath + " path is infeasible because " + explanation + "." diff --git a/cpp/autosar/src/rules/M3-1-2/FunctionsDeclaredAtBlockScope.ql b/cpp/autosar/src/rules/M3-1-2/FunctionsDeclaredAtBlockScope.ql index 5cfc679596..87d9af147b 100644 --- a/cpp/autosar/src/rules/M3-1-2/FunctionsDeclaredAtBlockScope.ql +++ b/cpp/autosar/src/rules/M3-1-2/FunctionsDeclaredAtBlockScope.ql @@ -20,7 +20,7 @@ import codingstandards.cpp.autosar from DeclStmt decl, Function f where - not isExcluded(decl) and + not isExcluded(decl, DeclarationsPackage::functionsDeclaredAtBlockScopeQuery()) and not isExcluded(f, DeclarationsPackage::functionsDeclaredAtBlockScopeQuery()) and decl.getADeclaration() = f select f, "Function " + f.getName() + " is declared at block scope." diff --git a/cpp/autosar/src/rules/M3-2-1/DeclarationsOfAFunctionShallHaveCompatibleTypes.ql b/cpp/autosar/src/rules/M3-2-1/DeclarationsOfAFunctionShallHaveCompatibleTypes.ql index 2aa8535a35..68e948e0ce 100644 --- a/cpp/autosar/src/rules/M3-2-1/DeclarationsOfAFunctionShallHaveCompatibleTypes.ql +++ b/cpp/autosar/src/rules/M3-2-1/DeclarationsOfAFunctionShallHaveCompatibleTypes.ql @@ -22,7 +22,7 @@ import codingstandards.cpp.Typehelpers from FunctionDeclarationEntry f1, FunctionDeclarationEntry f2 where - not isExcluded(f1) and + not isExcluded(f1, DeclarationsPackage::declarationsOfAFunctionShallHaveCompatibleTypesQuery()) and not isExcluded(f2, DeclarationsPackage::declarationsOfAFunctionShallHaveCompatibleTypesQuery()) and not f1 = f2 and f1.getDeclaration() = f2.getDeclaration() and diff --git a/cpp/autosar/src/rules/M3-2-3/MultipleDeclarationViolation.ql b/cpp/autosar/src/rules/M3-2-3/MultipleDeclarationViolation.ql index 3af15858ca..30d94facb1 100644 --- a/cpp/autosar/src/rules/M3-2-3/MultipleDeclarationViolation.ql +++ b/cpp/autosar/src/rules/M3-2-3/MultipleDeclarationViolation.ql @@ -20,7 +20,7 @@ import codingstandards.cpp.Scope from DeclarationEntry de, DeclarationEntry otherDeclaration, string kind where - not isExcluded(de) and + not isExcluded(de, ScopePackage::multipleDeclarationViolationQuery()) and exists(Declaration d | de.getDeclaration() = d and otherDeclaration.getDeclaration() = d and diff --git a/cpp/autosar/src/rules/M3-9-1/TypesNotIdenticalInObjectDeclarations.ql b/cpp/autosar/src/rules/M3-9-1/TypesNotIdenticalInObjectDeclarations.ql index 7fa5f6078d..7e27160690 100644 --- a/cpp/autosar/src/rules/M3-9-1/TypesNotIdenticalInObjectDeclarations.ql +++ b/cpp/autosar/src/rules/M3-9-1/TypesNotIdenticalInObjectDeclarations.ql @@ -18,7 +18,7 @@ import codingstandards.cpp.autosar from VariableDeclarationEntry decl1, VariableDeclarationEntry decl2 where - not isExcluded(decl1) and + not isExcluded(decl1, DeclarationsPackage::typesNotIdenticalInObjectDeclarationsQuery()) and not isExcluded(decl2, DeclarationsPackage::typesNotIdenticalInObjectDeclarationsQuery()) and decl1.getDeclaration() = decl2.getDeclaration() and not decl1.getType() = decl2.getType() diff --git a/cpp/autosar/src/rules/M3-9-1/TypesNotIdenticalInReturnDeclarations.ql b/cpp/autosar/src/rules/M3-9-1/TypesNotIdenticalInReturnDeclarations.ql index b99c656692..1d691ba76a 100644 --- a/cpp/autosar/src/rules/M3-9-1/TypesNotIdenticalInReturnDeclarations.ql +++ b/cpp/autosar/src/rules/M3-9-1/TypesNotIdenticalInReturnDeclarations.ql @@ -20,7 +20,7 @@ import codingstandards.cpp.autosar from FunctionDeclarationEntry f1, FunctionDeclarationEntry f2 where - not isExcluded(f1) and + not isExcluded(f1, DeclarationsPackage::typesNotIdenticalInReturnDeclarationsQuery()) and not isExcluded(f2, DeclarationsPackage::typesNotIdenticalInReturnDeclarationsQuery()) and f1.getDeclaration() = f2.getDeclaration() and not f1.getType() = f2.getType() diff --git a/cpp/autosar/src/rules/M4-5-3/CharUsedAsOperandsToDisallowedBuiltInOperators.ql b/cpp/autosar/src/rules/M4-5-3/CharUsedAsOperandsToDisallowedBuiltInOperators.ql index 7df022ba37..100d9f5d76 100644 --- a/cpp/autosar/src/rules/M4-5-3/CharUsedAsOperandsToDisallowedBuiltInOperators.ql +++ b/cpp/autosar/src/rules/M4-5-3/CharUsedAsOperandsToDisallowedBuiltInOperators.ql @@ -22,7 +22,7 @@ import codingstandards.cpp.autosar from Operation o where - not isExcluded(o) and + not isExcluded(o, ExpressionsPackage::charUsedAsOperandsToDisallowedBuiltInOperatorsQuery()) and not ( o instanceof EqualityOperation or o instanceof BitwiseAndExpr or diff --git a/cpp/autosar/src/rules/M5-0-2/GratuitousUseOfParentheses.ql b/cpp/autosar/src/rules/M5-0-2/GratuitousUseOfParentheses.ql index 1cb823fc5b..41d3eb6944 100644 --- a/cpp/autosar/src/rules/M5-0-2/GratuitousUseOfParentheses.ql +++ b/cpp/autosar/src/rules/M5-0-2/GratuitousUseOfParentheses.ql @@ -84,7 +84,7 @@ predicate isGratuitousUseOfParentheses(ParenthesisExpr pe) { from ParenthesisExpr p where - not isExcluded(p) and + not isExcluded(p, OrderOfEvaluationPackage::gratuitousUseOfParenthesesQuery()) and isGratuitousUseOfParentheses(p) and not p.isInMacroExpansion() select p, "Gratuitous use of parentheses around $@.", p.getExpr(), p.getExpr().toString() diff --git a/cpp/autosar/src/rules/M5-2-10/IncrementAndDecrementOperatorsMixedWithOtherOperatorsInExpression.ql b/cpp/autosar/src/rules/M5-2-10/IncrementAndDecrementOperatorsMixedWithOtherOperatorsInExpression.ql index fea2a90398..ece302490e 100644 --- a/cpp/autosar/src/rules/M5-2-10/IncrementAndDecrementOperatorsMixedWithOtherOperatorsInExpression.ql +++ b/cpp/autosar/src/rules/M5-2-10/IncrementAndDecrementOperatorsMixedWithOtherOperatorsInExpression.ql @@ -19,7 +19,8 @@ import codingstandards.cpp.autosar from CrementOperation cop, Operation op, string name where - not isExcluded(cop) and + not isExcluded(cop, + OrderOfEvaluationPackage::incrementAndDecrementOperatorsMixedWithOtherOperatorsInExpressionQuery()) and not isExcluded(op, OrderOfEvaluationPackage::incrementAndDecrementOperatorsMixedWithOtherOperatorsInExpressionQuery()) and op.getAnOperand() = cop and From bd0cb8e8b5e2c4da17e5fef8a3c822631f780f73 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 7 Dec 2023 10:09:08 +0000 Subject: [PATCH 1500/2573] Remove outdated `isExcluded` query predicate. --- cpp/common/src/codingstandards/cpp/Exclusions.qll | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Exclusions.qll b/cpp/common/src/codingstandards/cpp/Exclusions.qll index bdc11eeb43..b718f6535d 100644 --- a/cpp/common/src/codingstandards/cpp/Exclusions.qll +++ b/cpp/common/src/codingstandards/cpp/Exclusions.qll @@ -14,16 +14,6 @@ private class ExcludeOutsideSourceLocation extends ExcludedFile { ExcludeOutsideSourceLocation() { not exists(getRelativePath()) } } -/** Holds if the element should be excluded. */ -predicate isExcluded(Element e) { - e instanceof ExcludedElement - or - e.getFile() instanceof ExcludedFile - or - // Compiler generated - not exists(e.getFile()) -} - bindingset[e, query] predicate isExcluded(Element e, Query query) { isExcluded(e, query, _) } From 563b0c0cc874c48839e64777bcc5f746c6907cde Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 7 Dec 2023 10:16:23 +0000 Subject: [PATCH 1501/2573] Add change note --- change_notes/2023-12-07-fix-deviations.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 change_notes/2023-12-07-fix-deviations.md diff --git a/change_notes/2023-12-07-fix-deviations.md b/change_notes/2023-12-07-fix-deviations.md new file mode 100644 index 0000000000..4e3816a425 --- /dev/null +++ b/change_notes/2023-12-07-fix-deviations.md @@ -0,0 +1,2 @@ + * The following queries have been updated to address issues with applying deviations: + - `A18-5-11`, `A23-0-1`, `A9-3-1`, `M0-1-2`, `M3-1-2`, `M3-2-1`, `M3-2-3`, `M3-9-1`, `M4-5-3`, `M5-0-2`, `M5-2-10` \ No newline at end of file From 93e1c7007ee869deb1c98fee6bcd9fad0e8a7892 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 8 Dec 2023 10:11:49 +0000 Subject: [PATCH 1502/2573] Remove final uses of `isExcluded`. --- change_notes/2023-12-07-fix-deviations.md | 2 +- .../validcontainerelementaccess/ValidContainerElementAccess.qll | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/change_notes/2023-12-07-fix-deviations.md b/change_notes/2023-12-07-fix-deviations.md index 4e3816a425..e26845d34c 100644 --- a/change_notes/2023-12-07-fix-deviations.md +++ b/change_notes/2023-12-07-fix-deviations.md @@ -1,2 +1,2 @@ * The following queries have been updated to address issues with applying deviations: - - `A18-5-11`, `A23-0-1`, `A9-3-1`, `M0-1-2`, `M3-1-2`, `M3-2-1`, `M3-2-3`, `M3-9-1`, `M4-5-3`, `M5-0-2`, `M5-2-10` \ No newline at end of file + - `A18-5-11`, `A23-0-1`, `A9-3-1`, `M0-1-2`, `M3-1-2`, `M3-2-1`, `M3-2-3`, `M3-9-1`, `M4-5-3`, `M5-0-2`, `M5-2-10`, `A23-0-2`, `CTR51-CPP`, `STR52-CPP` \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/rules/validcontainerelementaccess/ValidContainerElementAccess.qll b/cpp/common/src/codingstandards/cpp/rules/validcontainerelementaccess/ValidContainerElementAccess.qll index 74c6b4f707..93e121d44c 100644 --- a/cpp/common/src/codingstandards/cpp/rules/validcontainerelementaccess/ValidContainerElementAccess.qll +++ b/cpp/common/src/codingstandards/cpp/rules/validcontainerelementaccess/ValidContainerElementAccess.qll @@ -36,7 +36,7 @@ query predicate problems( ContainerInvalidationOperation cio, string actionType ) { not isExcluded(cio, getQuery()) and - not isExcluded(ca) and + not isExcluded(ca, getQuery()) and // The definition of an invalidation is slightly different // for references vs iterators -- this check ensures that the conditions // under which a call should be an invalidator are considered correctly. From 8d026b06c78778dfb0da9364170c68429be62ec0 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Mon, 11 Dec 2023 11:55:25 +0100 Subject: [PATCH 1503/2573] Use an IPA type for flow states --- ...essVariableViaPointerOfIncompatibleType.ql | 26 ++++++++----------- 1 file changed, 11 insertions(+), 15 deletions(-) diff --git a/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql b/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql index 1962c5b0b0..825f85b0bd 100644 --- a/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql +++ b/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql @@ -42,20 +42,16 @@ class ReallocationFunction extends AllocationFunction { ReallocationFunction() { exists(this.getReallocPtrArg()) } } -/** - * A data-flow state for a pointer which has not been reallocated. - */ -class IndirectCastDefaultFlowState extends DataFlow::FlowState { - IndirectCastDefaultFlowState() { this = "IndirectCastDefaultFlowState" } -} - -/** - * A data-flow state for a pointer which has been reallocated but - * has not yet been zeroed with a memset call. - */ -class IndirectCastReallocatedFlowState extends DataFlow::FlowState { - IndirectCastReallocatedFlowState() { this = "IndirectCastReallocatedFlowState" } -} +newtype IndirectCastFlowState = + /** + * A data-flow state for a pointer which has not been reallocated. + */ + IndirectCastDefaultFlowState() or + /** + * A data-flow state for a pointer which has been reallocated but + * has not yet been zeroed with a memset call. + */ + IndirectCastReallocatedFlowState() /** * A data-flow configuration to track the flow from cast expressions to either @@ -63,7 +59,7 @@ class IndirectCastReallocatedFlowState extends DataFlow::FlowState { * to `realloc` but not cleared via a function call to `memset`. */ module IndirectCastConfig implements DataFlow::StateConfigSig { - class FlowState = DataFlow::FlowState; + class FlowState = IndirectCastFlowState; predicate isSource(DataFlow::Node source, FlowState state) { state instanceof IndirectCastDefaultFlowState and From 0274eb6e00c4edf70e8ccab0f7abbc1003d2f017 Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Thu, 14 Dec 2023 17:18:55 +0000 Subject: [PATCH 1504/2573] C: Accept test changes from #15107. --- .../DoNotPerformFileOperationsOnDevices.expected | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected b/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected index 06bf56cf8a..d8632eb3c1 100644 --- a/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected +++ b/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected @@ -1,12 +1,12 @@ edges -| test.c:20:15:20:23 | scanf output argument | test.c:21:8:21:16 | file_name indirection | -| test.c:45:15:45:23 | scanf output argument | test.c:46:29:46:37 | file_name indirection | +| test.c:20:15:20:23 | scanf output argument | test.c:21:8:21:16 | *file_name | +| test.c:45:15:45:23 | scanf output argument | test.c:46:29:46:37 | *file_name | nodes | test.c:20:15:20:23 | scanf output argument | semmle.label | scanf output argument | -| test.c:21:8:21:16 | file_name indirection | semmle.label | file_name indirection | +| test.c:21:8:21:16 | *file_name | semmle.label | *file_name | | test.c:45:15:45:23 | scanf output argument | semmle.label | scanf output argument | -| test.c:46:29:46:37 | file_name indirection | semmle.label | file_name indirection | +| test.c:46:29:46:37 | *file_name | semmle.label | *file_name | subpaths #select -| test.c:21:8:21:16 | file_name | test.c:20:15:20:23 | scanf output argument | test.c:21:8:21:16 | file_name indirection | This argument to a file access function is derived from $@ and then passed to func(file_name), which calls fopen((unnamed parameter 0)). | test.c:20:15:20:23 | scanf output argument | user input (value read by scanf) | -| test.c:46:29:46:37 | file_name | test.c:45:15:45:23 | scanf output argument | test.c:46:29:46:37 | file_name indirection | This argument to a file access function is derived from $@ and then passed to CreateFile(lpFileName). | test.c:45:15:45:23 | scanf output argument | user input (value read by scanf) | +| test.c:21:8:21:16 | file_name | test.c:20:15:20:23 | scanf output argument | test.c:21:8:21:16 | *file_name | This argument to a file access function is derived from $@ and then passed to func(file_name), which calls fopen((unnamed parameter 0)). | test.c:20:15:20:23 | scanf output argument | user input (value read by scanf) | +| test.c:46:29:46:37 | file_name | test.c:45:15:45:23 | scanf output argument | test.c:46:29:46:37 | *file_name | This argument to a file access function is derived from $@ and then passed to CreateFile(lpFileName). | test.c:45:15:45:23 | scanf output argument | user input (value read by scanf) | From f2425ad6fe898fb04ffe258c8c5312521336818f Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Fri, 22 Dec 2023 11:43:53 +0100 Subject: [PATCH 1505/2573] Use database extensionals instead of their wrapper classes in two predicates We are planning to change the charpred of `Function` in the CodeQL C++ library, which means the code changed here will no longer compile. By switching to the extensionals, the code will keep compiling. DIL before: ``` noinline `ConstantExprs::isFunction/1#600714be`( /* Element::Element */ interned unique entity el ) { exists(interned dontcare string _, interned dontcare int _1 | functions(el, _, _1) ) or exists(interned dontcare int _ | exprparents(el, _, el)) } noopt `ConstantExprs::callHasNoTarget/1#e6e8caa4`( /* @funbindexpr */ interned unique entity fc ) { exists(/* Function::Function */ interned entity f | funbind(fc, f) and not(`ConstantExprs::isFunction/1#600714be`(f)) ) } ``` DIL after: ``` noinline `ConstantExprs::isFunction/1#600714be`(/* @element */ interned unique entity el) { exists(interned dontcare string _, interned dontcare int _1 | functions(el, _, _1) ) or exists(interned dontcare int _ | exprparents(el, _, el)) } noopt `ConstantExprs::callHasNoTarget/1#e6e8caa4`( /* @funbindexpr */ interned unique entity fc ) { exists(/* @function */ interned entity f | funbind(fc, f) and not(`ConstantExprs::isFunction/1#600714be`(f)) ) } ``` --- .../cpp/enhancements/ControlFlowGraphEnhancements.qll | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/enhancements/ControlFlowGraphEnhancements.qll b/cpp/common/src/codingstandards/cpp/enhancements/ControlFlowGraphEnhancements.qll index 74d7e8e1c1..9dac58377c 100644 --- a/cpp/common/src/codingstandards/cpp/enhancements/ControlFlowGraphEnhancements.qll +++ b/cpp/common/src/codingstandards/cpp/enhancements/ControlFlowGraphEnhancements.qll @@ -10,8 +10,8 @@ import cpp * should be in this relation. */ pragma[noinline] -private predicate isFunction(Element el) { - el instanceof Function +private predicate isFunction(@element el) { + el instanceof @function or el.(Expr).getParent() = el } @@ -22,7 +22,7 @@ private predicate isFunction(Element el) { */ pragma[noopt] private predicate callHasNoTarget(@funbindexpr fc) { - exists(Function f | + exists(@function f | funbind(fc, f) and not isFunction(f) ) From 378f4fa481acda19ac3378c3107699b0c40ba5cc Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Tue, 2 Jan 2024 16:01:55 +0100 Subject: [PATCH 1506/2573] Resolve name clash with CodeQL defined `UserDefinedLiteral` --- .../A13-1-2/UserDefinedLiteralOperatorSuffixViolation.ql | 4 ++-- .../UserDefinedLiteralsOperatorsShallNotHaveSideEffects.ql | 4 ++-- ...lsOperatorsShallOnlyPerformConversionOfPassedParameters.ql | 4 ++-- .../rules/DCL51-CPP/UseOfReservedLiteralSuffixIdentifier.ql | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/cpp/autosar/src/rules/A13-1-2/UserDefinedLiteralOperatorSuffixViolation.ql b/cpp/autosar/src/rules/A13-1-2/UserDefinedLiteralOperatorSuffixViolation.ql index 7fe8bcdbe7..c739035596 100644 --- a/cpp/autosar/src/rules/A13-1-2/UserDefinedLiteralOperatorSuffixViolation.ql +++ b/cpp/autosar/src/rules/A13-1-2/UserDefinedLiteralOperatorSuffixViolation.ql @@ -15,9 +15,9 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.UserDefinedLiteral +import codingstandards.cpp.UserDefinedLiteral as udl -from UserDefinedLiteral udl +from udl::UserDefinedLiteral udl where not isExcluded(udl, NamingPackage::userDefinedLiteralOperatorSuffixViolationQuery()) and not udl.hasCompliantSuffix() diff --git a/cpp/autosar/src/rules/A13-1-3/UserDefinedLiteralsOperatorsShallNotHaveSideEffects.ql b/cpp/autosar/src/rules/A13-1-3/UserDefinedLiteralsOperatorsShallNotHaveSideEffects.ql index 0cbb9f101e..b41a57f900 100644 --- a/cpp/autosar/src/rules/A13-1-3/UserDefinedLiteralsOperatorsShallNotHaveSideEffects.ql +++ b/cpp/autosar/src/rules/A13-1-3/UserDefinedLiteralsOperatorsShallNotHaveSideEffects.ql @@ -14,11 +14,11 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.UserDefinedLiteral +import codingstandards.cpp.UserDefinedLiteral as udl import codingstandards.cpp.SideEffect import codingstandards.cpp.sideeffect.DefaultEffects -from UserDefinedLiteral udl, SideEffect e +from udl::UserDefinedLiteral udl, SideEffect e where not isExcluded(udl, SideEffects2Package::userDefinedLiteralsOperatorsShallNotHaveSideEffectsQuery()) and diff --git a/cpp/autosar/src/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.ql b/cpp/autosar/src/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.ql index b010e616cb..840d7423fb 100644 --- a/cpp/autosar/src/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.ql +++ b/cpp/autosar/src/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.ql @@ -16,10 +16,10 @@ import cpp import codingstandards.cpp.dataflow.TaintTracking import codingstandards.cpp.autosar -import codingstandards.cpp.UserDefinedLiteral +import codingstandards.cpp.UserDefinedLiteral as udl import codingstandards.cpp.SideEffect -from UserDefinedLiteral udl, Expr retExpr +from udl::UserDefinedLiteral udl, Expr retExpr where not isExcluded(udl, SideEffects2Package::userDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParametersQuery()) and diff --git a/cpp/cert/src/rules/DCL51-CPP/UseOfReservedLiteralSuffixIdentifier.ql b/cpp/cert/src/rules/DCL51-CPP/UseOfReservedLiteralSuffixIdentifier.ql index f7dddb4d99..eb2163f667 100644 --- a/cpp/cert/src/rules/DCL51-CPP/UseOfReservedLiteralSuffixIdentifier.ql +++ b/cpp/cert/src/rules/DCL51-CPP/UseOfReservedLiteralSuffixIdentifier.ql @@ -15,9 +15,9 @@ import cpp import codingstandards.cpp.cert -import codingstandards.cpp.UserDefinedLiteral +import codingstandards.cpp.UserDefinedLiteral as udl -from UserDefinedLiteral udl +from udl::UserDefinedLiteral udl where not isExcluded(udl, NamingPackage::useOfReservedLiteralSuffixIdentifierQuery()) and not udl.hasCompliantSuffix() From 978777e689ae043e15292bc7a4a138c3006e994c Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Wed, 10 Jan 2024 10:22:15 +0100 Subject: [PATCH 1507/2573] Fix ODR violations in AUTOSAR A2-10-5 test The CodeQL test framework assumes that all code will become part to the same nameless link target, which means that the duplicate declarations of `test3` and `test4` are ODR violations. Moreover, newer versions of the C/C++ frontend used in the C/C++ extractor will implement CWG 2387, which means that the instantiations of `number_two` will also cause ODR violations. Fix the above by renaming `test3` and `test4` in `test`b.cpp` and making the `number_two` variable templates `static`. --- ...mberObjectWithExternalOrInternalLinkageIsReused.expected | 4 ++-- cpp/autosar/test/rules/A2-10-5/test1a.cpp | 2 +- cpp/autosar/test/rules/A2-10-5/test1b.cpp | 6 +++--- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/cpp/autosar/test/rules/A2-10-5/IdentifierNameOfANonMemberObjectWithExternalOrInternalLinkageIsReused.expected b/cpp/autosar/test/rules/A2-10-5/IdentifierNameOfANonMemberObjectWithExternalOrInternalLinkageIsReused.expected index 66d2b38c57..d6f496a3c6 100644 --- a/cpp/autosar/test/rules/A2-10-5/IdentifierNameOfANonMemberObjectWithExternalOrInternalLinkageIsReused.expected +++ b/cpp/autosar/test/rules/A2-10-5/IdentifierNameOfANonMemberObjectWithExternalOrInternalLinkageIsReused.expected @@ -1,6 +1,6 @@ | test1a.cpp:2:12:2:13 | g1 | Identifier name of non-member object $@ reuses the identifier name of non-member object $@. | test1a.cpp:2:12:2:13 | g1 | g1 | test1b.cpp:2:12:2:13 | g1 | g1 | | test1a.cpp:6:12:6:13 | g3 | Identifier name of non-member object $@ reuses the identifier name of non-member object $@. | test1a.cpp:6:12:6:13 | g3 | g3 | test1b.cpp:6:12:6:13 | g3 | g3 | -| test1a.cpp:17:43:17:43 | number_two | Identifier name of non-member object $@ reuses the identifier name of non-member object $@. | test1a.cpp:17:43:17:43 | number_two | number_two | test1b.cpp:11:43:11:43 | number_two | number_two | +| test1a.cpp:17:50:17:50 | number_two | Identifier name of non-member object $@ reuses the identifier name of non-member object $@. | test1a.cpp:17:50:17:50 | number_two | number_two | test1b.cpp:11:50:11:50 | number_two | number_two | | test1b.cpp:2:12:2:13 | g1 | Identifier name of non-member object $@ reuses the identifier name of non-member object $@. | test1b.cpp:2:12:2:13 | g1 | g1 | test1a.cpp:2:12:2:13 | g1 | g1 | | test1b.cpp:6:12:6:13 | g3 | Identifier name of non-member object $@ reuses the identifier name of non-member object $@. | test1b.cpp:6:12:6:13 | g3 | g3 | test1a.cpp:6:12:6:13 | g3 | g3 | -| test1b.cpp:11:43:11:43 | number_two | Identifier name of non-member object $@ reuses the identifier name of non-member object $@. | test1b.cpp:11:43:11:43 | number_two | number_two | test1a.cpp:17:43:17:43 | number_two | number_two | +| test1b.cpp:11:50:11:50 | number_two | Identifier name of non-member object $@ reuses the identifier name of non-member object $@. | test1b.cpp:11:50:11:50 | number_two | number_two | test1a.cpp:17:50:17:50 | number_two | number_two | diff --git a/cpp/autosar/test/rules/A2-10-5/test1a.cpp b/cpp/autosar/test/rules/A2-10-5/test1a.cpp index 80f63c3c69..749ad38b0f 100644 --- a/cpp/autosar/test/rules/A2-10-5/test1a.cpp +++ b/cpp/autosar/test/rules/A2-10-5/test1a.cpp @@ -14,7 +14,7 @@ int test() { return number_one; } long test2() { return number_one; } -template constexpr T number_two = T(1); // NON_COMPLIANT +template static constexpr T number_two = T(1); // NON_COMPLIANT int test3() { return number_two; } diff --git a/cpp/autosar/test/rules/A2-10-5/test1b.cpp b/cpp/autosar/test/rules/A2-10-5/test1b.cpp index 132588d5dd..342d739c4d 100644 --- a/cpp/autosar/test/rules/A2-10-5/test1b.cpp +++ b/cpp/autosar/test/rules/A2-10-5/test1b.cpp @@ -8,8 +8,8 @@ static int g3 = 0; // NON_COMPLIANT static void f1() {} // NON_COMPLIANT -template constexpr T number_two = T(1); // NON_COMPLIANT +template static constexpr T number_two = T(1); // NON_COMPLIANT -int test3() { return number_two; } +int test5() { return number_two; } -long test4() { return number_two; } \ No newline at end of file +long test6() { return number_two; } \ No newline at end of file From c43ccb9e350b9979d70c0c11f7c63de505a5fbbf Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 10 Jan 2024 16:51:10 +0000 Subject: [PATCH 1508/2573] Bump gitpython from 3.1.37 to 3.1.41 in /scripts Bumps [gitpython](https://github.com/gitpython-developers/GitPython) from 3.1.37 to 3.1.41. - [Release notes](https://github.com/gitpython-developers/GitPython/releases) - [Changelog](https://github.com/gitpython-developers/GitPython/blob/main/CHANGES) - [Commits](https://github.com/gitpython-developers/GitPython/compare/3.1.37...3.1.41) --- updated-dependencies: - dependency-name: gitpython dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- scripts/release/requirements.txt | 2 +- scripts/requirements.txt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/release/requirements.txt b/scripts/release/requirements.txt index 5cdcc51546..653323eaaa 100644 --- a/scripts/release/requirements.txt +++ b/scripts/release/requirements.txt @@ -1,5 +1,5 @@ semantic-version==2.10.0 PyGithub==1.59.1 PyYAML==6.0.1 -GitPython==3.1.37 +GitPython==3.1.41 pytest==7.4.3 diff --git a/scripts/requirements.txt b/scripts/requirements.txt index 0ad0f1c747..8a240a6dab 100644 --- a/scripts/requirements.txt +++ b/scripts/requirements.txt @@ -2,7 +2,7 @@ beautifulsoup4==4.9.3 certifi==2023.7.22 chardet==3.0.4 gitdb==4.0.5 -GitPython==3.1.37 +GitPython==3.1.41 idna==2.10 Jinja2==2.11.3 MarkupSafe==1.1.1 From 41fdf0776492aa7dcde36ddd7fc402b9540adca4 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 12 Jan 2024 14:44:47 -0800 Subject: [PATCH 1509/2573] Include test case FP/FN report --- .../MissingSpecialMemberFunction.expected | 6 ++ cpp/autosar/test/rules/A12-0-1/test.cpp | 61 +++++++++++++++++++ 2 files changed, 67 insertions(+) diff --git a/cpp/autosar/test/rules/A12-0-1/MissingSpecialMemberFunction.expected b/cpp/autosar/test/rules/A12-0-1/MissingSpecialMemberFunction.expected index 9e1cd591c6..ced97cced2 100644 --- a/cpp/autosar/test/rules/A12-0-1/MissingSpecialMemberFunction.expected +++ b/cpp/autosar/test/rules/A12-0-1/MissingSpecialMemberFunction.expected @@ -1,2 +1,8 @@ | test.cpp:12:7:12:8 | C3 | Class $@ has provided at least one user-defined special member function but is missing definitions for all five special member functions. | test.cpp:12:7:12:8 | C3 | C3 | | test.cpp:28:7:28:8 | C5 | Class $@ has provided at least one user-defined special member function but is missing definitions for all five special member functions. | test.cpp:28:7:28:8 | C5 | C5 | +| test.cpp:51:7:51:9 | C10 | Class $@ has provided at least one user-defined special member function but is missing definitions for all five special member functions. | test.cpp:51:7:51:9 | C10 | C10 | +| test.cpp:55:7:55:9 | C11 | Class $@ has provided at least one user-defined special member function but is missing definitions for all five special member functions. | test.cpp:55:7:55:9 | C11 | C11 | +| test.cpp:59:7:59:9 | C12 | Class $@ has provided at least one user-defined special member function but is missing definitions for all five special member functions. | test.cpp:59:7:59:9 | C12 | C12 | +| test.cpp:63:7:63:9 | C13 | Class $@ has provided at least one user-defined special member function but is missing definitions for all five special member functions. | test.cpp:63:7:63:9 | C13 | C13 | +| test.cpp:67:7:67:9 | C14 | Class $@ has provided at least one user-defined special member function but is missing definitions for all five special member functions. | test.cpp:67:7:67:9 | C14 | C14 | +| test.cpp:71:7:71:9 | C15 | Class $@ has provided at least one user-defined special member function but is missing definitions for all five special member functions. | test.cpp:71:7:71:9 | C15 | C15 | diff --git a/cpp/autosar/test/rules/A12-0-1/test.cpp b/cpp/autosar/test/rules/A12-0-1/test.cpp index 71652633b4..4711420ce0 100644 --- a/cpp/autosar/test/rules/A12-0-1/test.cpp +++ b/cpp/autosar/test/rules/A12-0-1/test.cpp @@ -46,4 +46,65 @@ struct C7::C8 { // COMPLIANT struct C9 { // COMPLIANT C9() {} C9(int x) {} +}; + +class C10 { + ~C10() = default; // NON_COMPLIANT +}; + +class C11 { + ~C11() = delete; // NON_COMPLIANT +}; + +class C12 { + C12(C12 const &); // NON_COMPLIANT +}; + +class C13 { + C13(C13 const &) = default; // NON_COMPLIANT +}; + +class C14 { + C14(C14 const &) = delete; // NON_COMPLIANT +}; + +class C15 { + C15& operator=(C15 const &); // NON_COMPLIANT +}; + +template +class C16 { // COMPLIANT + C16() = default;}; + +template +class C17 { // COMPLIANT + C17() = default; + C17(C17 const &) = default; + C17(C17 &&) = default; + virtual ~C17() = default; + C17 &operator=(C17 const &) = default; + C17 &operator=(C17 &&) = default; +}; + +template +class C18 { // COMPLIANT + C18() = default; + C18(C18 const &) = delete; + C18(C18 &&) = delete; + virtual ~C18() = default; + C18 &operator=(C18 const &) = delete; + C18 &operator=(C18 &&) = delete; +}; + +template +class C19 { // COMPLIANT + public: + explicit C19(T i) : i(i) {} + C19(C19 const &) = delete; + C19(C19 &&) = delete; + virtual ~C19() = default; + C19 &operator=(C19 const &) = delete; + C19 &operator=(C19 &&) = delete; + private: + T i; }; \ No newline at end of file From cb4105541d6ab0bd61a9edefccb50d9e91ca1122 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 12 Jan 2024 16:29:37 -0800 Subject: [PATCH 1510/2573] Change treatment plain char type and CV qualified integer types. The plain char type can hold numeric data, but is frequently used to hold character data. To be able to support the case where a plain char type holds character data we split the rule into two queries. One considering all the variable width integer types excluding the plain char type and one considering just the plain char type. This allows for deviation on the second case. Additionally, the original query wasn't considering CV qualified variable with integer types. Those are now included. --- .../2024-01-12-fix-reported-fp-a3-9-1.md | 5 +++ .../A3-9-1/VariableWidthIntegerTypesUsed.ql | 16 ++++---- .../A3-9-1/VariableWidthPlainCharTypeUsed.ql | 26 +++++++++++++ .../VariableWidthIntegerTypesUsed.expected | 27 ++++++++++++- .../VariableWidthPlainCharTypeUsed.expected | 3 ++ .../VariableWidthPlainCharTypeUsed.qlref | 1 + cpp/autosar/test/rules/A3-9-1/test.cpp | 38 +++++++++++++++++++ cpp/common/src/codingstandards/cpp/Type.qll | 9 +++++ .../cpp/exclusions/cpp/Declarations.qll | 17 +++++++++ rule_packages/cpp/Declarations.json | 18 ++++++++- 10 files changed, 151 insertions(+), 9 deletions(-) create mode 100644 change_notes/2024-01-12-fix-reported-fp-a3-9-1.md create mode 100644 cpp/autosar/src/rules/A3-9-1/VariableWidthPlainCharTypeUsed.ql create mode 100644 cpp/autosar/test/rules/A3-9-1/VariableWidthPlainCharTypeUsed.expected create mode 100644 cpp/autosar/test/rules/A3-9-1/VariableWidthPlainCharTypeUsed.qlref diff --git a/change_notes/2024-01-12-fix-reported-fp-a3-9-1.md b/change_notes/2024-01-12-fix-reported-fp-a3-9-1.md new file mode 100644 index 0000000000..fa9d9dbe74 --- /dev/null +++ b/change_notes/2024-01-12-fix-reported-fp-a3-9-1.md @@ -0,0 +1,5 @@ +- `A3-9-1` - `VariableWidthIntegerTypesUsed.ql`: + - Exclude the plain char type. Still includes `signed char` and `unsigned char`. + - Include CV-qualified variable width integer types. +- `A3-9-1` - `VariableWidthPlainCharTypeUsed.ql`: + - New query to support fine grained deviation support for the plain char type. \ No newline at end of file diff --git a/cpp/autosar/src/rules/A3-9-1/VariableWidthIntegerTypesUsed.ql b/cpp/autosar/src/rules/A3-9-1/VariableWidthIntegerTypesUsed.ql index 699b79ae61..3e650cb32a 100644 --- a/cpp/autosar/src/rules/A3-9-1/VariableWidthIntegerTypesUsed.ql +++ b/cpp/autosar/src/rules/A3-9-1/VariableWidthIntegerTypesUsed.ql @@ -1,8 +1,8 @@ /** * @id cpp/autosar/variable-width-integer-types-used * @name A3-9-1: Use fixed-width integer types instead of basic, variable-width, integer types - * @description The basic numerical types of char, int, short, long are not supposed to be used. The - * specific-length types from header need be used instead. + * @description The basic numerical types of signed/unsigned char, int, short, long are not supposed + * to be used. The specific-length types from header need be used instead. * @kind problem * @precision very-high * @problem.severity error @@ -19,15 +19,17 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.EncapsulatingFunctions import codingstandards.cpp.BuiltInNumericTypes +import codingstandards.cpp.Type -from Variable v + +from Variable v, Type typeStrippedOfSpecifiers where not isExcluded(v, DeclarationsPackage::variableWidthIntegerTypesUsedQuery()) and + typeStrippedOfSpecifiers = stripSpecifiers(v.getType()) and ( - v.getType() instanceof BuiltInIntegerType or - v.getType() instanceof PlainCharType or - v.getType() instanceof UnsignedCharType or - v.getType() instanceof SignedCharType + typeStrippedOfSpecifiers instanceof BuiltInIntegerType or + typeStrippedOfSpecifiers instanceof UnsignedCharType or + typeStrippedOfSpecifiers instanceof SignedCharType ) and not v instanceof ExcludedVariable select v, "Variable '" + v.getName() + "' has variable-width type." diff --git a/cpp/autosar/src/rules/A3-9-1/VariableWidthPlainCharTypeUsed.ql b/cpp/autosar/src/rules/A3-9-1/VariableWidthPlainCharTypeUsed.ql new file mode 100644 index 0000000000..c1187041f3 --- /dev/null +++ b/cpp/autosar/src/rules/A3-9-1/VariableWidthPlainCharTypeUsed.ql @@ -0,0 +1,26 @@ +/** + * @id cpp/autosar/variable-width-plain-char-types-used + * @name A3-9-1: Use a fixed-width integer type instead of a char type + * @description The basic numerical type char is not supposed to be used. The specific-length types + * from header need be used instead. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/autosar/id/a3-9-1 + * correctness + * security + * maintainability + * external/autosar/allocated-target/implementation + * external/autosar/enforcement/automated + * external/autosar/obligation/required + */ + +import cpp +import codingstandards.cpp.autosar +import codingstandards.cpp.Type + +from Variable variable +where + not isExcluded(variable, DeclarationsPackage::variableWidthPlainCharTypeUsedQuery()) and + stripSpecifiers(variable.getType()) instanceof PlainCharType +select variable, "Variable '" + variable.getName() + "' has variable-width char type." diff --git a/cpp/autosar/test/rules/A3-9-1/VariableWidthIntegerTypesUsed.expected b/cpp/autosar/test/rules/A3-9-1/VariableWidthIntegerTypesUsed.expected index 4f748125d9..7609c76101 100644 --- a/cpp/autosar/test/rules/A3-9-1/VariableWidthIntegerTypesUsed.expected +++ b/cpp/autosar/test/rules/A3-9-1/VariableWidthIntegerTypesUsed.expected @@ -1,4 +1,3 @@ -| test.cpp:4:8:4:8 | c | Variable 'c' has variable-width type. | | test.cpp:5:17:5:18 | uc | Variable 'uc' has variable-width type. | | test.cpp:6:15:6:16 | sc | Variable 'sc' has variable-width type. | | test.cpp:8:7:8:7 | i | Variable 'i' has variable-width type. | @@ -12,3 +11,29 @@ | test.cpp:18:8:18:8 | l | Variable 'l' has variable-width type. | | test.cpp:19:17:19:18 | ul | Variable 'ul' has variable-width type. | | test.cpp:20:15:20:16 | sl | Variable 'sl' has variable-width type. | +| test.cpp:39:23:39:25 | uc1 | Variable 'uc1' has variable-width type. | +| test.cpp:40:21:40:23 | sc1 | Variable 'sc1' has variable-width type. | +| test.cpp:42:13:42:14 | i1 | Variable 'i1' has variable-width type. | +| test.cpp:43:22:43:24 | ui1 | Variable 'ui1' has variable-width type. | +| test.cpp:44:18:44:19 | u1 | Variable 'u1' has variable-width type. | +| test.cpp:45:20:45:22 | si1 | Variable 'si1' has variable-width type. | +| test.cpp:46:16:46:17 | s1 | Variable 's1' has variable-width type. | +| test.cpp:48:15:48:17 | sh1 | Variable 'sh1' has variable-width type. | +| test.cpp:49:24:49:27 | ush1 | Variable 'ush1' has variable-width type. | +| test.cpp:50:22:50:25 | ssh1 | Variable 'ssh1' has variable-width type. | +| test.cpp:52:14:52:15 | l1 | Variable 'l1' has variable-width type. | +| test.cpp:53:23:53:25 | ul1 | Variable 'ul1' has variable-width type. | +| test.cpp:54:21:54:23 | sl1 | Variable 'sl1' has variable-width type. | +| test.cpp:57:26:57:28 | uc2 | Variable 'uc2' has variable-width type. | +| test.cpp:58:24:58:26 | sc2 | Variable 'sc2' has variable-width type. | +| test.cpp:60:16:60:17 | i2 | Variable 'i2' has variable-width type. | +| test.cpp:61:25:61:27 | ui2 | Variable 'ui2' has variable-width type. | +| test.cpp:62:21:62:22 | u2 | Variable 'u2' has variable-width type. | +| test.cpp:63:23:63:25 | si2 | Variable 'si2' has variable-width type. | +| test.cpp:64:19:64:20 | s2 | Variable 's2' has variable-width type. | +| test.cpp:66:18:66:20 | sh2 | Variable 'sh2' has variable-width type. | +| test.cpp:67:27:67:30 | ush2 | Variable 'ush2' has variable-width type. | +| test.cpp:68:25:68:28 | ssh2 | Variable 'ssh2' has variable-width type. | +| test.cpp:70:17:70:18 | l2 | Variable 'l2' has variable-width type. | +| test.cpp:71:26:71:28 | ul2 | Variable 'ul2' has variable-width type. | +| test.cpp:72:24:72:26 | sl2 | Variable 'sl2' has variable-width type. | diff --git a/cpp/autosar/test/rules/A3-9-1/VariableWidthPlainCharTypeUsed.expected b/cpp/autosar/test/rules/A3-9-1/VariableWidthPlainCharTypeUsed.expected new file mode 100644 index 0000000000..6631606cbf --- /dev/null +++ b/cpp/autosar/test/rules/A3-9-1/VariableWidthPlainCharTypeUsed.expected @@ -0,0 +1,3 @@ +| test.cpp:4:8:4:8 | c | Variable 'c' has variable-width char type. | +| test.cpp:38:14:38:15 | c1 | Variable 'c1' has variable-width char type. | +| test.cpp:56:17:56:18 | c2 | Variable 'c2' has variable-width char type. | diff --git a/cpp/autosar/test/rules/A3-9-1/VariableWidthPlainCharTypeUsed.qlref b/cpp/autosar/test/rules/A3-9-1/VariableWidthPlainCharTypeUsed.qlref new file mode 100644 index 0000000000..b76c61f4c7 --- /dev/null +++ b/cpp/autosar/test/rules/A3-9-1/VariableWidthPlainCharTypeUsed.qlref @@ -0,0 +1 @@ +rules/A3-9-1/VariableWidthPlainCharTypeUsed.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A3-9-1/test.cpp b/cpp/autosar/test/rules/A3-9-1/test.cpp index 8d2ef48523..c44ca0e32b 100644 --- a/cpp/autosar/test/rules/A3-9-1/test.cpp +++ b/cpp/autosar/test/rules/A3-9-1/test.cpp @@ -32,4 +32,42 @@ void test_variable_width_type_variables() { int main(int argc, char *argv[]) { // COMPLIANT // main as an exception +} + +void test_variable_width_type_qualified_variables() { + const char c1 = 0; // NON_COMPLIANT + const unsigned char uc1 = 0; // NON_COMPLIANT + const signed char sc1 = 0; // NON_COMPLIANt + + const int i1 = 0; // NON_COMPLIANT + const unsigned int ui1 = 0; // NON_COMPLIANT + const unsigned u1 = 0; // NON_COMPLIANT + const signed int si1 = 0; // NON_COMPLIANT + const signed s1 = 0; // NON_COMPLIANT + + const short sh1 = 0; // NON_COMPLIANT + const unsigned short ush1 = 0; // NON_COMPLIANT + const signed short ssh1 = 0; // NON_COMPLIANT + + const long l1 = 0; // NON_COMPLIANT + const unsigned long ul1 = 0; // NON_COMPLIANT + const signed long sl1 = 0; // NON_COMPLIANT + + volatile char c2; // NON_COMPLIANT + volatile unsigned char uc2; // NON_COMPLIANT + volatile signed char sc2; // NON_COMPLIANt + + volatile int i2; // NON_COMPLIANT + volatile unsigned int ui2; // NON_COMPLIANT + volatile unsigned u2; // NON_COMPLIANT + volatile signed int si2; // NON_COMPLIANT + volatile signed s2; // NON_COMPLIANT + + volatile short sh2; // NON_COMPLIANT + volatile unsigned short ush2; // NON_COMPLIANT + volatile signed short ssh2; // NON_COMPLIANT + + volatile long l2; // NON_COMPLIANT + volatile unsigned long ul2; // NON_COMPLIANT + volatile signed long sl2; // NON_COMPLIANT } \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/Type.qll b/cpp/common/src/codingstandards/cpp/Type.qll index a49e30e927..c88c4d5908 100644 --- a/cpp/common/src/codingstandards/cpp/Type.qll +++ b/cpp/common/src/codingstandards/cpp/Type.qll @@ -22,3 +22,12 @@ class FundamentalType extends BuiltInType { class IncompleteType extends Class { IncompleteType() { not hasDefinition() } } + +/** + * A type without `const` and `volatile` specifiers. + */ +Type stripSpecifiers(Type type) { + if type instanceof SpecifiedType + then result = stripSpecifiers(type.(SpecifiedType).getBaseType()) + else result = type +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Declarations.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Declarations.qll index 5d51fd522f..92a06429c2 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Declarations.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Declarations.qll @@ -9,6 +9,7 @@ newtype DeclarationsQuery = TGlobalSizedOperatorDeleteNotDefinedQuery() or TGlobalUnsizedOperatorDeleteNotDefinedQuery() or TVariableWidthIntegerTypesUsedQuery() or + TVariableWidthPlainCharTypeUsedQuery() or TAutoSpecifierNotUsedAppropriatelyInFunctionDefinitionQuery() or TAutoSpecifierNotUsedAppropriatelyInVariableDefinitionQuery() or TIdentifierDeclarationAndInitializationNotOnSeparateLinesQuery() or @@ -68,6 +69,15 @@ predicate isDeclarationsQueryMetadata(Query query, string queryId, string ruleId ruleId = "A3-9-1" and category = "required" or + query = + // `Query` instance for the `variableWidthPlainCharTypeUsed` query + DeclarationsPackage::variableWidthPlainCharTypeUsedQuery() and + queryId = + // `@id` for the `variableWidthPlainCharTypeUsed` query + "cpp/autosar/variable-width-plain-char-type-used" and + ruleId = "A3-9-1" and + category = "required" + or query = // `Query` instance for the `autoSpecifierNotUsedAppropriatelyInFunctionDefinition` query DeclarationsPackage::autoSpecifierNotUsedAppropriatelyInFunctionDefinitionQuery() and @@ -213,6 +223,13 @@ module DeclarationsPackage { TQueryCPP(TDeclarationsPackageQuery(TVariableWidthIntegerTypesUsedQuery())) } + Query variableWidthPlainCharTypeUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `variableWidthPlainCharTypeUsed` query + TQueryCPP(TDeclarationsPackageQuery(TVariableWidthPlainCharTypeUsedQuery())) + } + Query autoSpecifierNotUsedAppropriatelyInFunctionDefinitionQuery() { //autogenerate `Query` type result = diff --git a/rule_packages/cpp/Declarations.json b/rule_packages/cpp/Declarations.json index 2b22de6de1..65dfbf781e 100644 --- a/rule_packages/cpp/Declarations.json +++ b/rule_packages/cpp/Declarations.json @@ -78,12 +78,28 @@ }, "queries": [ { - "description": "The basic numerical types of char, int, short, long are not supposed to be used. The specific-length types from header need be used instead.", + "description": "The basic numerical types of signed/unsigned char, int, short, long are not supposed to be used. The specific-length types from header need be used instead.", "kind": "problem", "name": "Use fixed-width integer types instead of basic, variable-width, integer types", "precision": "very-high", "severity": "error", "short_name": "VariableWidthIntegerTypesUsed", + "tags": [ + "correctness", + "security", + "maintainability" + ], + "implementation_scope": { + "description": "This implementation excludes the plain char type from consideration." + } + }, + { + "description": "The basic numerical type char is not supposed to be used. The specific-length types from header need be used instead.", + "kind": "problem", + "name": "Use a fixed-width integer type instead of a char type", + "precision": "very-high", + "severity": "error", + "short_name": "VariableWidthPlainCharTypeUsed", "tags": [ "correctness", "security", From 3e1e18e47095c83c9801f9ed8371233e539ac955 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 14 Jan 2024 23:26:58 +0000 Subject: [PATCH 1511/2573] M5-3-3: Excude binary operators. Rule only applies to the unary operator&. --- change_notes/2024-01-14-m5-3-3-exclude-binary.md | 1 + .../src/rules/M5-3-3/UnaryOperatorOverloaded.ql | 9 ++++++++- .../rules/M5-3-3/UnaryOperatorOverloaded.expected | 3 ++- cpp/autosar/test/rules/M5-3-3/test.cpp | 14 ++++++++------ 4 files changed, 19 insertions(+), 8 deletions(-) create mode 100644 change_notes/2024-01-14-m5-3-3-exclude-binary.md diff --git a/change_notes/2024-01-14-m5-3-3-exclude-binary.md b/change_notes/2024-01-14-m5-3-3-exclude-binary.md new file mode 100644 index 0000000000..cb28560ccc --- /dev/null +++ b/change_notes/2024-01-14-m5-3-3-exclude-binary.md @@ -0,0 +1 @@ + * `M5-3-3` - exclude binary user defined `operator&` from this rule. \ No newline at end of file diff --git a/cpp/autosar/src/rules/M5-3-3/UnaryOperatorOverloaded.ql b/cpp/autosar/src/rules/M5-3-3/UnaryOperatorOverloaded.ql index c1f522de48..687f2dffb8 100644 --- a/cpp/autosar/src/rules/M5-3-3/UnaryOperatorOverloaded.ql +++ b/cpp/autosar/src/rules/M5-3-3/UnaryOperatorOverloaded.ql @@ -15,5 +15,12 @@ import cpp import codingstandards.cpp.autosar from Operator o -where not isExcluded(o, OperatorsPackage::unaryOperatorOverloadedQuery()) and o.hasName("operator&") +where + not isExcluded(o, OperatorsPackage::unaryOperatorOverloadedQuery()) and + o.hasName("operator&") and + ( + if o instanceof MemberFunction + then o.getNumberOfParameters() = 0 + else o.getNumberOfParameters() = 1 + ) select o, "The unary & operator overloaded." diff --git a/cpp/autosar/test/rules/M5-3-3/UnaryOperatorOverloaded.expected b/cpp/autosar/test/rules/M5-3-3/UnaryOperatorOverloaded.expected index 3c2131f056..f4129dd95c 100644 --- a/cpp/autosar/test/rules/M5-3-3/UnaryOperatorOverloaded.expected +++ b/cpp/autosar/test/rules/M5-3-3/UnaryOperatorOverloaded.expected @@ -1 +1,2 @@ -| test.cpp:6:5:6:13 | operator& | The unary & operator overloaded. | +| test.cpp:2:5:2:13 | operator& | The unary & operator overloaded. | +| test.cpp:8:3:8:11 | operator& | The unary & operator overloaded. | diff --git a/cpp/autosar/test/rules/M5-3-3/test.cpp b/cpp/autosar/test/rules/M5-3-3/test.cpp index 6c65066d11..5cd6b8b2d8 100644 --- a/cpp/autosar/test/rules/M5-3-3/test.cpp +++ b/cpp/autosar/test/rules/M5-3-3/test.cpp @@ -1,7 +1,9 @@ -/* The unary & operator shall not be overloaded */ -// do not defined it at all -class A - -{ - A operator&(); // NON_COMPLIANT +class A { + A operator&(); // NON_COMPLIANT - unary + constexpr A operator&(const A rhs); // COMPLIANT - binary }; + +class B {}; + +B operator&(B b); // NON_COMPLIANT - unary +constexpr B operator&(const B lhs, const B rhs); // COMPLIANT - binary \ No newline at end of file From f3caa6c30a0ac3cadee5deeffb16f220d9472802 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 16 Jan 2024 22:27:08 +0000 Subject: [PATCH 1512/2573] M5-2-10: Only report use of ++/-- with arithmetic ops The rule specifically notes: > The use of increment and decrement operators in combination > with other arithmetic operators is not recommended --- change_notes/2024-01-16-m5-2-10-arith-only.md | 1 + ...crementOperatorsMixedWithOtherOperatorsInExpression.ql | 8 +++++++- cpp/autosar/test/rules/M5-2-10/test.cpp | 2 ++ 3 files changed, 10 insertions(+), 1 deletion(-) create mode 100644 change_notes/2024-01-16-m5-2-10-arith-only.md diff --git a/change_notes/2024-01-16-m5-2-10-arith-only.md b/change_notes/2024-01-16-m5-2-10-arith-only.md new file mode 100644 index 0000000000..b8f51bee46 --- /dev/null +++ b/change_notes/2024-01-16-m5-2-10-arith-only.md @@ -0,0 +1 @@ + * `M5-2-10` - only report use of the increment and decrement operations in conjunction with arithmetic operators, as specified by the rule. Notably we no longer report the expressions of the form `*p++`, which combine increment and dereferencing operations. \ No newline at end of file diff --git a/cpp/autosar/src/rules/M5-2-10/IncrementAndDecrementOperatorsMixedWithOtherOperatorsInExpression.ql b/cpp/autosar/src/rules/M5-2-10/IncrementAndDecrementOperatorsMixedWithOtherOperatorsInExpression.ql index fea2a90398..f77ff6e028 100644 --- a/cpp/autosar/src/rules/M5-2-10/IncrementAndDecrementOperatorsMixedWithOtherOperatorsInExpression.ql +++ b/cpp/autosar/src/rules/M5-2-10/IncrementAndDecrementOperatorsMixedWithOtherOperatorsInExpression.ql @@ -17,7 +17,13 @@ import cpp import codingstandards.cpp.autosar -from CrementOperation cop, Operation op, string name +class ArithmeticOperation extends Operation { + ArithmeticOperation() { + this instanceof UnaryArithmeticOperation or this instanceof BinaryArithmeticOperation + } +} + +from CrementOperation cop, ArithmeticOperation op, string name where not isExcluded(cop) and not isExcluded(op, diff --git a/cpp/autosar/test/rules/M5-2-10/test.cpp b/cpp/autosar/test/rules/M5-2-10/test.cpp index bcd9d6bde0..01b84b9028 100644 --- a/cpp/autosar/test/rules/M5-2-10/test.cpp +++ b/cpp/autosar/test/rules/M5-2-10/test.cpp @@ -6,4 +6,6 @@ void f1() { ++l1; // COMPLIANT --l2; // COMPLIANT l3 = l1 * l2; + int *p; + *p++; // COMPLIANT - * is not an arithmetic operator } \ No newline at end of file From 158fc862bd34eaa25635f2401fd69dff4f75de43 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 17 Jan 2024 23:21:33 +0000 Subject: [PATCH 1513/2573] A4-7-1: Exclude pointer increment/decrement expressions This rule only covers integer expressions. --- change_notes/2024-01-17-a4-7-1-exclude-pointers.md | 1 + cpp/autosar/test/rules/A4-7-1/test.cpp | 6 ++++++ cpp/common/src/codingstandards/cpp/Overflow.qll | 6 ++++-- 3 files changed, 11 insertions(+), 2 deletions(-) create mode 100644 change_notes/2024-01-17-a4-7-1-exclude-pointers.md diff --git a/change_notes/2024-01-17-a4-7-1-exclude-pointers.md b/change_notes/2024-01-17-a4-7-1-exclude-pointers.md new file mode 100644 index 0000000000..325149b219 --- /dev/null +++ b/change_notes/2024-01-17-a4-7-1-exclude-pointers.md @@ -0,0 +1 @@ + * `A4-7-1` - exclude pointer increment and decrement operators from this rule. \ No newline at end of file diff --git a/cpp/autosar/test/rules/A4-7-1/test.cpp b/cpp/autosar/test/rules/A4-7-1/test.cpp index 7f6cbb7abe..60c3a1a391 100644 --- a/cpp/autosar/test/rules/A4-7-1/test.cpp +++ b/cpp/autosar/test/rules/A4-7-1/test.cpp @@ -62,4 +62,10 @@ void test_loop_bound_bad(unsigned int n) { i++) { // NON_COMPLIANT - crement will overflow before loop bound is // reached } +} + +void test_pointer() { + int *p = nullptr; + p++; // COMPLIANT - not covered by this rule + p--; // COMPLIANT - not covered by this rule } \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/Overflow.qll b/cpp/common/src/codingstandards/cpp/Overflow.qll index 130e1bb42d..3de3a43bf6 100644 --- a/cpp/common/src/codingstandards/cpp/Overflow.qll +++ b/cpp/common/src/codingstandards/cpp/Overflow.qll @@ -1,5 +1,5 @@ /** - * This module provides predicates for checking whether an operation overflows or wraps. + * This module provides predicates for checking whether an integer operation overflows, underflows or wraps. */ import cpp @@ -10,10 +10,12 @@ import codingstandards.cpp.dataflow.TaintTracking import semmle.code.cpp.valuenumbering.GlobalValueNumbering /** - * An operation that may overflow or underflow. + * An integer operation that may overflow, underflow or wrap. */ class InterestingOverflowingOperation extends Operation { InterestingOverflowingOperation() { + // We are only interested in integer experssions + this.getUnderlyingType() instanceof IntegralType and // Might overflow or underflow ( exprMightOverflowNegatively(this) From 013d1e2a07f7b90551fcc6b9fa29c31f5ec09933 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 17 Jan 2024 16:11:41 -0800 Subject: [PATCH 1514/2573] Exclude wide string literals and utf8 string literals --- .../2024-01-17-fix-reported-fp-for-a2-3-1.md | 2 ++ .../A2-3-1/InvalidCharacterInStringLiteral.ql | 6 ++++- .../InvalidCharacterInStringLiteral.expected | 2 +- cpp/autosar/test/rules/A2-3-1/test.cpp | 4 +++- .../src/codingstandards/cpp/Literals.qll | 24 +++++++++++++++++++ 5 files changed, 35 insertions(+), 3 deletions(-) create mode 100644 change_notes/2024-01-17-fix-reported-fp-for-a2-3-1.md diff --git a/change_notes/2024-01-17-fix-reported-fp-for-a2-3-1.md b/change_notes/2024-01-17-fix-reported-fp-for-a2-3-1.md new file mode 100644 index 0000000000..c819549e16 --- /dev/null +++ b/change_notes/2024-01-17-fix-reported-fp-for-a2-3-1.md @@ -0,0 +1,2 @@ +`A2-3-1`: ` cpp/autosar/invalid-character-in-string-literal` + - Exclude wide string literals and utf8 string literal. \ No newline at end of file diff --git a/cpp/autosar/src/rules/A2-3-1/InvalidCharacterInStringLiteral.ql b/cpp/autosar/src/rules/A2-3-1/InvalidCharacterInStringLiteral.ql index 93109bcd30..4f215d7d9c 100644 --- a/cpp/autosar/src/rules/A2-3-1/InvalidCharacterInStringLiteral.ql +++ b/cpp/autosar/src/rules/A2-3-1/InvalidCharacterInStringLiteral.ql @@ -17,6 +17,7 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.Literals bindingset[s] string getCharOutsideBasicSourceCharSet(string s) { @@ -27,6 +28,9 @@ string getCharOutsideBasicSourceCharSet(string s) { from StringLiteral s, string ch where not isExcluded(s, NamingPackage::invalidCharacterInStringLiteralQuery()) and - ch = getCharOutsideBasicSourceCharSet(s.getValueText()) + ch = getCharOutsideBasicSourceCharSet(s.getValueText()) and + // wide string and utf8 string literals are exempted. + not s instanceof WideStringLiteral and + not s instanceof Utf8StringLiteral select s, "String literal uses the character '" + ch + "' that is outside the language basic character set." diff --git a/cpp/autosar/test/rules/A2-3-1/InvalidCharacterInStringLiteral.expected b/cpp/autosar/test/rules/A2-3-1/InvalidCharacterInStringLiteral.expected index 3ad38685ba..fe21bce430 100644 --- a/cpp/autosar/test/rules/A2-3-1/InvalidCharacterInStringLiteral.expected +++ b/cpp/autosar/test/rules/A2-3-1/InvalidCharacterInStringLiteral.expected @@ -1 +1 @@ -| test.cpp:7:20:7:22 | \u00ce\u00b1 | String literal uses the character '\u03b1' that is outside the language basic character set. | +| test.cpp:7:21:7:23 | \u00ce\u00b1 | String literal uses the character '\u03b1' that is outside the language basic character set. | diff --git a/cpp/autosar/test/rules/A2-3-1/test.cpp b/cpp/autosar/test/rules/A2-3-1/test.cpp index 5d1550f292..9ba0bbd5ce 100644 --- a/cpp/autosar/test/rules/A2-3-1/test.cpp +++ b/cpp/autosar/test/rules/A2-3-1/test.cpp @@ -4,7 +4,9 @@ double α = 2.; // NON_COMPLIANT; U+03b1 void *to_𐆅_and_beyond = nullptr; // NON_COMPLIANT; U+10185 int l1_\u00A8; // COMPLIANT[FALSE_POSITIVE] -const char *euro = "α"; // NON_COMPLIANT +const char *euro1 = "α"; // NON_COMPLIANT +const wchar_t *euro2 = L"α"; // COMPLIANT +const char *euro3 = u8"α"; // COMPLIANT int valid; /* diff --git a/cpp/common/src/codingstandards/cpp/Literals.qll b/cpp/common/src/codingstandards/cpp/Literals.qll index 0a6a40aa19..a772940154 100644 --- a/cpp/common/src/codingstandards/cpp/Literals.qll +++ b/cpp/common/src/codingstandards/cpp/Literals.qll @@ -12,3 +12,27 @@ string getTruncatedLiteralText(Literal l) { else result = text ) } + +class WideStringLiteral extends StringLiteral { + WideStringLiteral() { + this.getValueText().regexpMatch("(?s)\\s*L\".*") + } +} + +class Utf8StringLiteral extends StringLiteral { + Utf8StringLiteral() { + this.getValueText().regexpMatch("(?s)\\s*u8\".*") + } +} + +class Utf16StringLiteral extends StringLiteral { + Utf16StringLiteral() { + this.getValueText().regexpMatch("(?s)\\s*u\".*") + } +} + +class Utf32StringLiteral extends StringLiteral { + Utf32StringLiteral() { + this.getValueText().regexpMatch("(?s)\\s*U\".*") + } +} \ No newline at end of file From 8b3924453595b267fe218c0ad7af3442c471d0d2 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 18 Jan 2024 14:40:37 -0800 Subject: [PATCH 1515/2573] Include the literal `0` in `OctalLiteral` --- cpp/common/src/codingstandards/cpp/Cpp14Literal.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/Cpp14Literal.qll b/cpp/common/src/codingstandards/cpp/Cpp14Literal.qll index afc8cb07a3..c3908008ef 100644 --- a/cpp/common/src/codingstandards/cpp/Cpp14Literal.qll +++ b/cpp/common/src/codingstandards/cpp/Cpp14Literal.qll @@ -24,7 +24,7 @@ module Cpp14Literal { * Octal literals must always start with the digit `0`. */ class OctalLiteral extends IntegerLiteral { - OctalLiteral() { getValueText().regexpMatch("\\s*0[0-7']+[uUlL]*\\s*") } + OctalLiteral() { getValueText().regexpMatch("\\s*0[0-7']*[uUlL]*\\s*") } override string getAPrimaryQlClass() { result = "OctalLiteral" } } From f4b27f46f95f0045a4ba08d27cea59e129a8859e Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 18 Jan 2024 14:45:25 -0800 Subject: [PATCH 1516/2573] Exclude non-integer literals --- c/common/src/codingstandards/c/Literals.qll | 4 ++++ .../rules/RULE-7-3/LowercaseCharacterLUsedInLiteralSuffix.ql | 4 ++-- .../cpp/LowercaseCharacterLUsedInLiteralSuffix.expected | 0 .../RULE-7-3/cpp/LowercaseCharacterLUsedInLiteralSuffix.qlref | 1 + c/misra/test/rules/RULE-7-3/cpp/README.md | 1 + c/misra/test/rules/RULE-7-3/cpp/options | 1 + c/misra/test/rules/RULE-7-3/cpp/test.cpp | 1 + c/misra/test/rules/RULE-7-3/test.c | 2 +- change_notes/2024-01-18-fix-reported-fp-for-rule-7-3.md | 2 ++ 9 files changed, 13 insertions(+), 3 deletions(-) create mode 100644 c/common/src/codingstandards/c/Literals.qll create mode 100644 c/misra/test/rules/RULE-7-3/cpp/LowercaseCharacterLUsedInLiteralSuffix.expected create mode 100644 c/misra/test/rules/RULE-7-3/cpp/LowercaseCharacterLUsedInLiteralSuffix.qlref create mode 100644 c/misra/test/rules/RULE-7-3/cpp/README.md create mode 100644 c/misra/test/rules/RULE-7-3/cpp/options create mode 100644 c/misra/test/rules/RULE-7-3/cpp/test.cpp create mode 100644 change_notes/2024-01-18-fix-reported-fp-for-rule-7-3.md diff --git a/c/common/src/codingstandards/c/Literals.qll b/c/common/src/codingstandards/c/Literals.qll new file mode 100644 index 0000000000..58cd283dc6 --- /dev/null +++ b/c/common/src/codingstandards/c/Literals.qll @@ -0,0 +1,4 @@ +// Reuse the `IntegerLiteral` class +import codingstandards.cpp.Cpp14Literal + +class IntegerLiteral = Cpp14Literal::IntegerLiteral; \ No newline at end of file diff --git a/c/misra/src/rules/RULE-7-3/LowercaseCharacterLUsedInLiteralSuffix.ql b/c/misra/src/rules/RULE-7-3/LowercaseCharacterLUsedInLiteralSuffix.ql index 311831d2b8..4fc257578b 100644 --- a/c/misra/src/rules/RULE-7-3/LowercaseCharacterLUsedInLiteralSuffix.ql +++ b/c/misra/src/rules/RULE-7-3/LowercaseCharacterLUsedInLiteralSuffix.ql @@ -14,10 +14,10 @@ import cpp import codingstandards.c.misra +import codingstandards.c.Literals -from Literal l +from IntegerLiteral l where not isExcluded(l, SyntaxPackage::lowercaseCharacterLUsedInLiteralSuffixQuery()) and - not l instanceof StringLiteral and exists(l.getValueText().indexOf("l")) select l, "Lowercase 'l' used as a literal suffix." diff --git a/c/misra/test/rules/RULE-7-3/cpp/LowercaseCharacterLUsedInLiteralSuffix.expected b/c/misra/test/rules/RULE-7-3/cpp/LowercaseCharacterLUsedInLiteralSuffix.expected new file mode 100644 index 0000000000..e69de29bb2 diff --git a/c/misra/test/rules/RULE-7-3/cpp/LowercaseCharacterLUsedInLiteralSuffix.qlref b/c/misra/test/rules/RULE-7-3/cpp/LowercaseCharacterLUsedInLiteralSuffix.qlref new file mode 100644 index 0000000000..464efc3b2f --- /dev/null +++ b/c/misra/test/rules/RULE-7-3/cpp/LowercaseCharacterLUsedInLiteralSuffix.qlref @@ -0,0 +1 @@ +rules/RULE-7-3/LowercaseCharacterLUsedInLiteralSuffix.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-7-3/cpp/README.md b/c/misra/test/rules/RULE-7-3/cpp/README.md new file mode 100644 index 0000000000..b9aa3d6d8f --- /dev/null +++ b/c/misra/test/rules/RULE-7-3/cpp/README.md @@ -0,0 +1 @@ +This test case was added to validate FP report [#319](https://github.com/github/codeql-coding-standards/issues/319) that occurs when this rule is run on a translation unit with language mode c++. \ No newline at end of file diff --git a/c/misra/test/rules/RULE-7-3/cpp/options b/c/misra/test/rules/RULE-7-3/cpp/options new file mode 100644 index 0000000000..8dbed822c6 --- /dev/null +++ b/c/misra/test/rules/RULE-7-3/cpp/options @@ -0,0 +1 @@ +semmle-extractor-options:--clang -std=c++14 --edg --diag_error=implicit_func_decl -nostdinc -I../../../../../cpp/common/test/includes/standard-library \ No newline at end of file diff --git a/c/misra/test/rules/RULE-7-3/cpp/test.cpp b/c/misra/test/rules/RULE-7-3/cpp/test.cpp new file mode 100644 index 0000000000..ba3ca4f14e --- /dev/null +++ b/c/misra/test/rules/RULE-7-3/cpp/test.cpp @@ -0,0 +1 @@ +int x = false; // COMPLIANT - reported as FP in #319 \ No newline at end of file diff --git a/c/misra/test/rules/RULE-7-3/test.c b/c/misra/test/rules/RULE-7-3/test.c index 00a61817aa..5e1c448926 100644 --- a/c/misra/test/rules/RULE-7-3/test.c +++ b/c/misra/test/rules/RULE-7-3/test.c @@ -41,4 +41,4 @@ long d9 = 001LU; // COMPLIANT char *e1 = ""; char *e2 = "ul"; -char *e3 = "UL"; +char *e3 = "UL"; \ No newline at end of file diff --git a/change_notes/2024-01-18-fix-reported-fp-for-rule-7-3.md b/change_notes/2024-01-18-fix-reported-fp-for-rule-7-3.md new file mode 100644 index 0000000000..dea57f1be4 --- /dev/null +++ b/change_notes/2024-01-18-fix-reported-fp-for-rule-7-3.md @@ -0,0 +1,2 @@ +`RULE-7-3`: `c/misra/lowercase-character-l-used-in-literal-suffix` + - Exclude non integer literals. This removes a false positive triggered when analyzing C++ code containing the `false` literal. \ No newline at end of file From c6ab9c79192038d1c8eea6e02f0bcb1d1d5d0b2b Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 18 Jan 2024 14:52:56 -0800 Subject: [PATCH 1517/2573] Fix formatting --- .../src/codingstandards/cpp/Literals.qll | 18 +++++------------- 1 file changed, 5 insertions(+), 13 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Literals.qll b/cpp/common/src/codingstandards/cpp/Literals.qll index a772940154..d4e11154fa 100644 --- a/cpp/common/src/codingstandards/cpp/Literals.qll +++ b/cpp/common/src/codingstandards/cpp/Literals.qll @@ -14,25 +14,17 @@ string getTruncatedLiteralText(Literal l) { } class WideStringLiteral extends StringLiteral { - WideStringLiteral() { - this.getValueText().regexpMatch("(?s)\\s*L\".*") - } + WideStringLiteral() { this.getValueText().regexpMatch("(?s)\\s*L\".*") } } class Utf8StringLiteral extends StringLiteral { - Utf8StringLiteral() { - this.getValueText().regexpMatch("(?s)\\s*u8\".*") - } + Utf8StringLiteral() { this.getValueText().regexpMatch("(?s)\\s*u8\".*") } } class Utf16StringLiteral extends StringLiteral { - Utf16StringLiteral() { - this.getValueText().regexpMatch("(?s)\\s*u\".*") - } + Utf16StringLiteral() { this.getValueText().regexpMatch("(?s)\\s*u\".*") } } class Utf32StringLiteral extends StringLiteral { - Utf32StringLiteral() { - this.getValueText().regexpMatch("(?s)\\s*U\".*") - } -} \ No newline at end of file + Utf32StringLiteral() { this.getValueText().regexpMatch("(?s)\\s*U\".*") } +} From b9a63088055b9ec611eaee8c211306e49fc94632 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 18 Jan 2024 14:56:23 -0800 Subject: [PATCH 1518/2573] Fix formatting --- c/common/src/codingstandards/c/Literals.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/common/src/codingstandards/c/Literals.qll b/c/common/src/codingstandards/c/Literals.qll index 58cd283dc6..beeeccb8cc 100644 --- a/c/common/src/codingstandards/c/Literals.qll +++ b/c/common/src/codingstandards/c/Literals.qll @@ -1,4 +1,4 @@ // Reuse the `IntegerLiteral` class import codingstandards.cpp.Cpp14Literal -class IntegerLiteral = Cpp14Literal::IntegerLiteral; \ No newline at end of file +class IntegerLiteral = Cpp14Literal::IntegerLiteral; From cbc1135ffc581324bce6b8f43b5674ca346a1f0b Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 18 Jan 2024 15:18:12 -0800 Subject: [PATCH 1519/2573] Fix incorrect query id --- cpp/autosar/src/rules/A3-9-1/VariableWidthPlainCharTypeUsed.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/src/rules/A3-9-1/VariableWidthPlainCharTypeUsed.ql b/cpp/autosar/src/rules/A3-9-1/VariableWidthPlainCharTypeUsed.ql index c1187041f3..20f74bb511 100644 --- a/cpp/autosar/src/rules/A3-9-1/VariableWidthPlainCharTypeUsed.ql +++ b/cpp/autosar/src/rules/A3-9-1/VariableWidthPlainCharTypeUsed.ql @@ -1,5 +1,5 @@ /** - * @id cpp/autosar/variable-width-plain-char-types-used + * @id cpp/autosar/variable-width-plain-char-type-used * @name A3-9-1: Use a fixed-width integer type instead of a char type * @description The basic numerical type char is not supposed to be used. The specific-length types * from header need be used instead. From 4ecce983a689c077fe89bacad497837b47162f53 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 18 Jan 2024 15:19:55 -0800 Subject: [PATCH 1520/2573] Fix query formatting --- cpp/autosar/src/rules/A3-9-1/VariableWidthIntegerTypesUsed.ql | 1 - 1 file changed, 1 deletion(-) diff --git a/cpp/autosar/src/rules/A3-9-1/VariableWidthIntegerTypesUsed.ql b/cpp/autosar/src/rules/A3-9-1/VariableWidthIntegerTypesUsed.ql index 3e650cb32a..460457e0f8 100644 --- a/cpp/autosar/src/rules/A3-9-1/VariableWidthIntegerTypesUsed.ql +++ b/cpp/autosar/src/rules/A3-9-1/VariableWidthIntegerTypesUsed.ql @@ -21,7 +21,6 @@ import codingstandards.cpp.EncapsulatingFunctions import codingstandards.cpp.BuiltInNumericTypes import codingstandards.cpp.Type - from Variable v, Type typeStrippedOfSpecifiers where not isExcluded(v, DeclarationsPackage::variableWidthIntegerTypesUsedQuery()) and From 9c95d821869123424a32884fe2501365ad7ca63a Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 18 Jan 2024 15:23:11 -0800 Subject: [PATCH 1521/2573] Fix test case formatting --- cpp/autosar/test/rules/A3-9-1/test.cpp | 90 +++++++++++++------------- 1 file changed, 45 insertions(+), 45 deletions(-) diff --git a/cpp/autosar/test/rules/A3-9-1/test.cpp b/cpp/autosar/test/rules/A3-9-1/test.cpp index c44ca0e32b..b6d93f0444 100644 --- a/cpp/autosar/test/rules/A3-9-1/test.cpp +++ b/cpp/autosar/test/rules/A3-9-1/test.cpp @@ -1,33 +1,33 @@ #include void test_variable_width_type_variables() { - char c; // NON_COMPLIANT - unsigned char uc; // NON_COMPLIANT - signed char sc; // NON_COMPLIANt + char c; // NON_COMPLIANT + unsigned char uc; // NON_COMPLIANT + signed char sc; // NON_COMPLIANt - int i; // NON_COMPLIANT - unsigned int ui; // NON_COMPLIANT - unsigned u; // NON_COMPLIANT - signed int si; // NON_COMPLIANT - signed s; // NON_COMPLIANT + int i; // NON_COMPLIANT + unsigned int ui; // NON_COMPLIANT + unsigned u; // NON_COMPLIANT + signed int si; // NON_COMPLIANT + signed s; // NON_COMPLIANT short sh; // NON_COMPLIANT unsigned short ush; // NON_COMPLIANT signed short ssh; // NON_COMPLIANT - long l; // NON_COMPLIANT - unsigned long ul; // NON_COMPLIANT - signed long sl; // NON_COMPLIANT + long l; // NON_COMPLIANT + unsigned long ul; // NON_COMPLIANT + signed long sl; // NON_COMPLIANT - std::int8_t i8; // COMPLIANT - std::int16_t i16; // COMPLIANT - std::int32_t i32; // COMPLIANT - std::int64_t i64; // COMPLIANT + std::int8_t i8; // COMPLIANT + std::int16_t i16; // COMPLIANT + std::int32_t i32; // COMPLIANT + std::int64_t i64; // COMPLIANT - std::uint8_t u8; // COMPLIANT - std::uint16_t u16; // COMPLIANT - std::uint32_t u32; // COMPLIANT - std::uint64_t u64; // COMPLIANT + std::uint8_t u8; // COMPLIANT + std::uint16_t u16; // COMPLIANT + std::uint32_t u32; // COMPLIANT + std::uint64_t u64; // COMPLIANT } int main(int argc, char *argv[]) { // COMPLIANT @@ -35,39 +35,39 @@ int main(int argc, char *argv[]) { // COMPLIANT } void test_variable_width_type_qualified_variables() { - const char c1 = 0; // NON_COMPLIANT - const unsigned char uc1 = 0; // NON_COMPLIANT - const signed char sc1 = 0; // NON_COMPLIANt + const char c1 = 0; // NON_COMPLIANT + const unsigned char uc1 = 0; // NON_COMPLIANT + const signed char sc1 = 0; // NON_COMPLIANt - const int i1 = 0; // NON_COMPLIANT - const unsigned int ui1 = 0; // NON_COMPLIANT - const unsigned u1 = 0; // NON_COMPLIANT - const signed int si1 = 0; // NON_COMPLIANT - const signed s1 = 0; // NON_COMPLIANT + const int i1 = 0; // NON_COMPLIANT + const unsigned int ui1 = 0; // NON_COMPLIANT + const unsigned u1 = 0; // NON_COMPLIANT + const signed int si1 = 0; // NON_COMPLIANT + const signed s1 = 0; // NON_COMPLIANT const short sh1 = 0; // NON_COMPLIANT const unsigned short ush1 = 0; // NON_COMPLIANT const signed short ssh1 = 0; // NON_COMPLIANT - const long l1 = 0; // NON_COMPLIANT - const unsigned long ul1 = 0; // NON_COMPLIANT - const signed long sl1 = 0; // NON_COMPLIANT - - volatile char c2; // NON_COMPLIANT - volatile unsigned char uc2; // NON_COMPLIANT - volatile signed char sc2; // NON_COMPLIANt + const long l1 = 0; // NON_COMPLIANT + const unsigned long ul1 = 0; // NON_COMPLIANT + const signed long sl1 = 0; // NON_COMPLIANT - volatile int i2; // NON_COMPLIANT - volatile unsigned int ui2; // NON_COMPLIANT - volatile unsigned u2; // NON_COMPLIANT - volatile signed int si2; // NON_COMPLIANT - volatile signed s2; // NON_COMPLIANT + volatile char c2; // NON_COMPLIANT + volatile unsigned char uc2; // NON_COMPLIANT + volatile signed char sc2; // NON_COMPLIANt - volatile short sh2; // NON_COMPLIANT - volatile unsigned short ush2; // NON_COMPLIANT - volatile signed short ssh2; // NON_COMPLIANT + volatile int i2; // NON_COMPLIANT + volatile unsigned int ui2; // NON_COMPLIANT + volatile unsigned u2; // NON_COMPLIANT + volatile signed int si2; // NON_COMPLIANT + volatile signed s2; // NON_COMPLIANT - volatile long l2; // NON_COMPLIANT - volatile unsigned long ul2; // NON_COMPLIANT - volatile signed long sl2; // NON_COMPLIANT + volatile short sh2; // NON_COMPLIANT + volatile unsigned short ush2; // NON_COMPLIANT + volatile signed short ssh2; // NON_COMPLIANT + + volatile long l2; // NON_COMPLIANT + volatile unsigned long ul2; // NON_COMPLIANT + volatile signed long sl2; // NON_COMPLIANT } \ No newline at end of file From ba94a630c996e21393e873e7ea48e919b1a77248 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 18 Jan 2024 15:36:36 -0800 Subject: [PATCH 1522/2573] Extend test case --- cpp/autosar/test/rules/A2-3-1/test.cpp | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/cpp/autosar/test/rules/A2-3-1/test.cpp b/cpp/autosar/test/rules/A2-3-1/test.cpp index 9ba0bbd5ce..cc8b1b53ac 100644 --- a/cpp/autosar/test/rules/A2-3-1/test.cpp +++ b/cpp/autosar/test/rules/A2-3-1/test.cpp @@ -11,4 +11,8 @@ const char *euro3 = u8"α"; // COMPLIANT int valid; /* Invalid character ↦ NON_COMPLIANT +*/ + +/* +Valid character @ in comments COMPLIANT */ \ No newline at end of file From 934829bdbbde72592e628a9ecec0abb8802a7cb2 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 18 Jan 2024 15:37:12 -0800 Subject: [PATCH 1523/2573] Accept expected test output --- .../test/rules/A2-3-1/InvalidCharacterInComment.expected | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A2-3-1/InvalidCharacterInComment.expected b/cpp/autosar/test/rules/A2-3-1/InvalidCharacterInComment.expected index b5fd4c77cc..4df213e5c2 100644 --- a/cpp/autosar/test/rules/A2-3-1/InvalidCharacterInComment.expected +++ b/cpp/autosar/test/rules/A2-3-1/InvalidCharacterInComment.expected @@ -1,2 +1,2 @@ | test.cpp:3:1:3:37 | // Invalid character \u00ce\u00b1 NON_COMPLIANT | Comment uses the character '\u00ce\u00b1' that is outside the language basic character set. | -| test.cpp:10:1:12:2 | /*\nInvalid character \u00e2\u0086\u00a6 NON_COMPLIANT\n*/ | Comment uses the character '\u00e2\u0086\u00a6' that is outside the language basic character set. | +| test.cpp:12:1:14:2 | /*\nInvalid character \u00e2\u0086\u00a6 NON_COMPLIANT\n*/ | Comment uses the character '\u00e2\u0086\u00a6' that is outside the language basic character set. | From 1a894247d1434e173a5fee23ebcba0220e6b9dc9 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 18 Jan 2024 15:39:25 -0800 Subject: [PATCH 1524/2573] Fix module formatting --- cpp/common/src/codingstandards/cpp/Type.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/Type.qll b/cpp/common/src/codingstandards/cpp/Type.qll index c88c4d5908..a8f63af67f 100644 --- a/cpp/common/src/codingstandards/cpp/Type.qll +++ b/cpp/common/src/codingstandards/cpp/Type.qll @@ -30,4 +30,4 @@ Type stripSpecifiers(Type type) { if type instanceof SpecifiedType then result = stripSpecifiers(type.(SpecifiedType).getBaseType()) else result = type -} \ No newline at end of file +} From 927b2e973ea51a3e77d45180325f3a92d2956980 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 18 Jan 2024 15:40:51 -0800 Subject: [PATCH 1525/2573] Fix compliance annotation --- cpp/autosar/test/rules/A3-9-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A3-9-1/test.cpp b/cpp/autosar/test/rules/A3-9-1/test.cpp index b6d93f0444..f94ead9e16 100644 --- a/cpp/autosar/test/rules/A3-9-1/test.cpp +++ b/cpp/autosar/test/rules/A3-9-1/test.cpp @@ -3,7 +3,7 @@ void test_variable_width_type_variables() { char c; // NON_COMPLIANT unsigned char uc; // NON_COMPLIANT - signed char sc; // NON_COMPLIANt + signed char sc; // NON_COMPLIANT int i; // NON_COMPLIANT unsigned int ui; // NON_COMPLIANT From 3a4f86ec1ea2be97ee082244254aae9d09b28471 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 18 Jan 2024 17:44:59 -0800 Subject: [PATCH 1526/2573] Fix format Our Action relies on clang-format 14 that has different behavior than clang-format 16 installed by Homebrew. --- cpp/autosar/test/rules/A3-9-1/test.cpp | 88 +++++++++++++------------- 1 file changed, 44 insertions(+), 44 deletions(-) diff --git a/cpp/autosar/test/rules/A3-9-1/test.cpp b/cpp/autosar/test/rules/A3-9-1/test.cpp index f94ead9e16..9d1e257b8c 100644 --- a/cpp/autosar/test/rules/A3-9-1/test.cpp +++ b/cpp/autosar/test/rules/A3-9-1/test.cpp @@ -1,33 +1,33 @@ #include void test_variable_width_type_variables() { - char c; // NON_COMPLIANT - unsigned char uc; // NON_COMPLIANT - signed char sc; // NON_COMPLIANT + char c; // NON_COMPLIANT + unsigned char uc; // NON_COMPLIANT + signed char sc; // NON_COMPLIANT - int i; // NON_COMPLIANT - unsigned int ui; // NON_COMPLIANT - unsigned u; // NON_COMPLIANT - signed int si; // NON_COMPLIANT - signed s; // NON_COMPLIANT + int i; // NON_COMPLIANT + unsigned int ui; // NON_COMPLIANT + unsigned u; // NON_COMPLIANT + signed int si; // NON_COMPLIANT + signed s; // NON_COMPLIANT short sh; // NON_COMPLIANT unsigned short ush; // NON_COMPLIANT signed short ssh; // NON_COMPLIANT - long l; // NON_COMPLIANT - unsigned long ul; // NON_COMPLIANT - signed long sl; // NON_COMPLIANT + long l; // NON_COMPLIANT + unsigned long ul; // NON_COMPLIANT + signed long sl; // NON_COMPLIANT - std::int8_t i8; // COMPLIANT - std::int16_t i16; // COMPLIANT - std::int32_t i32; // COMPLIANT - std::int64_t i64; // COMPLIANT + std::int8_t i8; // COMPLIANT + std::int16_t i16; // COMPLIANT + std::int32_t i32; // COMPLIANT + std::int64_t i64; // COMPLIANT - std::uint8_t u8; // COMPLIANT - std::uint16_t u16; // COMPLIANT - std::uint32_t u32; // COMPLIANT - std::uint64_t u64; // COMPLIANT + std::uint8_t u8; // COMPLIANT + std::uint16_t u16; // COMPLIANT + std::uint32_t u32; // COMPLIANT + std::uint64_t u64; // COMPLIANT } int main(int argc, char *argv[]) { // COMPLIANT @@ -35,39 +35,39 @@ int main(int argc, char *argv[]) { // COMPLIANT } void test_variable_width_type_qualified_variables() { - const char c1 = 0; // NON_COMPLIANT - const unsigned char uc1 = 0; // NON_COMPLIANT - const signed char sc1 = 0; // NON_COMPLIANt + const char c1 = 0; // NON_COMPLIANT + const unsigned char uc1 = 0; // NON_COMPLIANT + const signed char sc1 = 0; // NON_COMPLIANt - const int i1 = 0; // NON_COMPLIANT - const unsigned int ui1 = 0; // NON_COMPLIANT - const unsigned u1 = 0; // NON_COMPLIANT - const signed int si1 = 0; // NON_COMPLIANT - const signed s1 = 0; // NON_COMPLIANT + const int i1 = 0; // NON_COMPLIANT + const unsigned int ui1 = 0; // NON_COMPLIANT + const unsigned u1 = 0; // NON_COMPLIANT + const signed int si1 = 0; // NON_COMPLIANT + const signed s1 = 0; // NON_COMPLIANT const short sh1 = 0; // NON_COMPLIANT const unsigned short ush1 = 0; // NON_COMPLIANT const signed short ssh1 = 0; // NON_COMPLIANT - const long l1 = 0; // NON_COMPLIANT - const unsigned long ul1 = 0; // NON_COMPLIANT - const signed long sl1 = 0; // NON_COMPLIANT + const long l1 = 0; // NON_COMPLIANT + const unsigned long ul1 = 0; // NON_COMPLIANT + const signed long sl1 = 0; // NON_COMPLIANT - volatile char c2; // NON_COMPLIANT - volatile unsigned char uc2; // NON_COMPLIANT - volatile signed char sc2; // NON_COMPLIANt + volatile char c2; // NON_COMPLIANT + volatile unsigned char uc2; // NON_COMPLIANT + volatile signed char sc2; // NON_COMPLIANt - volatile int i2; // NON_COMPLIANT - volatile unsigned int ui2; // NON_COMPLIANT - volatile unsigned u2; // NON_COMPLIANT - volatile signed int si2; // NON_COMPLIANT - volatile signed s2; // NON_COMPLIANT + volatile int i2; // NON_COMPLIANT + volatile unsigned int ui2; // NON_COMPLIANT + volatile unsigned u2; // NON_COMPLIANT + volatile signed int si2; // NON_COMPLIANT + volatile signed s2; // NON_COMPLIANT - volatile short sh2; // NON_COMPLIANT - volatile unsigned short ush2; // NON_COMPLIANT - volatile signed short ssh2; // NON_COMPLIANT + volatile short sh2; // NON_COMPLIANT + volatile unsigned short ush2; // NON_COMPLIANT + volatile signed short ssh2; // NON_COMPLIANT - volatile long l2; // NON_COMPLIANT - volatile unsigned long ul2; // NON_COMPLIANT - volatile signed long sl2; // NON_COMPLIANT + volatile long l2; // NON_COMPLIANT + volatile unsigned long ul2; // NON_COMPLIANT + volatile signed long sl2; // NON_COMPLIANT } \ No newline at end of file From 01d32f0cbf4c2bfe16d5e4a40fdaa7bbcb68638a Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 18 Jan 2024 18:29:19 -0800 Subject: [PATCH 1527/2573] Fix test file formatting --- cpp/autosar/test/rules/A12-0-1/test.cpp | 24 +++++++++++------------- 1 file changed, 11 insertions(+), 13 deletions(-) diff --git a/cpp/autosar/test/rules/A12-0-1/test.cpp b/cpp/autosar/test/rules/A12-0-1/test.cpp index 4711420ce0..9a38204641 100644 --- a/cpp/autosar/test/rules/A12-0-1/test.cpp +++ b/cpp/autosar/test/rules/A12-0-1/test.cpp @@ -69,15 +69,14 @@ class C14 { }; class C15 { - C15& operator=(C15 const &); // NON_COMPLIANT + C15 &operator=(C15 const &); // NON_COMPLIANT }; -template -class C16 { // COMPLIANT - C16() = default;}; +template class C16 { // COMPLIANT + C16() = default; +}; -template -class C17 { // COMPLIANT +template class C17 { // COMPLIANT C17() = default; C17(C17 const &) = default; C17(C17 &&) = default; @@ -86,8 +85,7 @@ class C17 { // COMPLIANT C17 &operator=(C17 &&) = default; }; -template -class C18 { // COMPLIANT +template class C18 { // COMPLIANT C18() = default; C18(C18 const &) = delete; C18(C18 &&) = delete; @@ -96,15 +94,15 @@ class C18 { // COMPLIANT C18 &operator=(C18 &&) = delete; }; -template -class C19 { // COMPLIANT - public: +template class C19 { // COMPLIANT +public: explicit C19(T i) : i(i) {} C19(C19 const &) = delete; C19(C19 &&) = delete; virtual ~C19() = default; C19 &operator=(C19 const &) = delete; C19 &operator=(C19 &&) = delete; - private: - T i; + +private: + T i; }; \ No newline at end of file From e3c9408c3e097b5a94ebc1283f8c85e6e1d52df1 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 23 Jan 2024 15:18:49 -0800 Subject: [PATCH 1528/2573] Add reference to fixed issue --- change_notes/2024-01-17-fix-reported-fp-for-a2-3-1.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/change_notes/2024-01-17-fix-reported-fp-for-a2-3-1.md b/change_notes/2024-01-17-fix-reported-fp-for-a2-3-1.md index c819549e16..0ac0580506 100644 --- a/change_notes/2024-01-17-fix-reported-fp-for-a2-3-1.md +++ b/change_notes/2024-01-17-fix-reported-fp-for-a2-3-1.md @@ -1,2 +1,2 @@ `A2-3-1`: ` cpp/autosar/invalid-character-in-string-literal` - - Exclude wide string literals and utf8 string literal. \ No newline at end of file + - Fixes #311. Exclude wide string literals and utf8 string literal. \ No newline at end of file From eb56cc0cd05ee42fed6753d31ccbd6339063568d Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 24 Jan 2024 14:41:51 +0000 Subject: [PATCH 1529/2573] Exceptions: do not rethrow from functions with incompatible exception specifications. If an exception specification is violated, the exception is not rethrown and `std::terminate` is called. --- ...-24-throwing-functions-exclude-noexcept.md | 6 ++++ .../A15-4-2/NoExceptFunctionThrows.expected | 20 +++++++---- cpp/autosar/test/rules/A15-4-2/test.cpp | 11 ++++++ .../HonorExceptionSpecifications.expected | 31 ++++++++++++++-- .../ERR55-CPP/test_dynamic_specification.cpp | 24 +++++++++++++ .../test/rules/ERR55-CPP/test_no_except.cpp | 35 ++++++++++++++++--- .../cpp/exceptions/ExceptionFlow.qll | 17 ++++++++- 7 files changed, 130 insertions(+), 14 deletions(-) create mode 100644 change_notes/2024-01-24-throwing-functions-exclude-noexcept.md diff --git a/change_notes/2024-01-24-throwing-functions-exclude-noexcept.md b/change_notes/2024-01-24-throwing-functions-exclude-noexcept.md new file mode 100644 index 0000000000..4752123832 --- /dev/null +++ b/change_notes/2024-01-24-throwing-functions-exclude-noexcept.md @@ -0,0 +1,6 @@ + * Exceptions are no longer propagated from calls to `noexcept` functions, or calls functions with dynamic exception specifications where the exception is not permitted. This is consistent with the default behaviour specified in `[expect.spec]` which indicates that `std::terminate` is called. This has the following impact: + - `A15-4-2`, `ERR55-CPP` - reduce false positives for `noexcept` functions which call other `noexcept` function which may throw. + - `A15-2-2` - reduce false positives for constructors which call `noexcept` functions. + - `A15-4-5` - reduce false positives for checked exceptions that are thrown from `noexcept` functions called by the original function. + - `DCL57-CPP` - do not report exceptions thrown from `noexcept` functions called by deallocation functions or destructors. + - `A15-5-1`, `M15-3-1` - do not report exceptions thrown from `noexcept` functions called by special functions. \ No newline at end of file diff --git a/cpp/autosar/test/rules/A15-4-2/NoExceptFunctionThrows.expected b/cpp/autosar/test/rules/A15-4-2/NoExceptFunctionThrows.expected index 2a0726c356..b2f8391b15 100644 --- a/cpp/autosar/test/rules/A15-4-2/NoExceptFunctionThrows.expected +++ b/cpp/autosar/test/rules/A15-4-2/NoExceptFunctionThrows.expected @@ -1,11 +1,19 @@ edges | test.cpp:5:3:5:20 | throw ... [ExceptionA] | test.cpp:4:6:4:15 | test_throw [ExceptionA] | -| test.cpp:8:6:8:11 | throwA [ExceptionA] | test.cpp:11:3:11:8 | call to throwA [ExceptionA] | -| test.cpp:8:6:8:11 | throwA [ExceptionA] | test.cpp:15:3:15:8 | call to throwA [ExceptionA] | +| test.cpp:8:6:8:11 | throwA [ExceptionA] | test.cpp:9:25:9:30 | call to throwA [ExceptionA] | +| test.cpp:8:6:8:11 | throwA [ExceptionA] | test.cpp:10:42:10:47 | call to throwA [ExceptionA] | +| test.cpp:8:6:8:11 | throwA [ExceptionA] | test.cpp:13:3:13:8 | call to throwA [ExceptionA] | +| test.cpp:8:6:8:11 | throwA [ExceptionA] | test.cpp:17:3:17:8 | call to throwA [ExceptionA] | | test.cpp:8:17:8:34 | throw ... [ExceptionA] | test.cpp:8:6:8:11 | throwA [ExceptionA] | -| test.cpp:11:3:11:8 | call to throwA [ExceptionA] | test.cpp:10:6:10:24 | test_indirect_throw [ExceptionA] | -| test.cpp:15:3:15:8 | call to throwA [ExceptionA] | test.cpp:14:6:14:26 | test_indirect_throw_2 [ExceptionA] | +| test.cpp:9:6:9:19 | indirectThrowA [ExceptionA] | test.cpp:34:3:34:16 | call to indirectThrowA [ExceptionA] | +| test.cpp:9:25:9:30 | call to throwA [ExceptionA] | test.cpp:9:6:9:19 | indirectThrowA [ExceptionA] | +| test.cpp:10:42:10:47 | call to throwA [ExceptionA] | test.cpp:10:6:10:27 | noexceptIndirectThrowA [ExceptionA] | +| test.cpp:13:3:13:8 | call to throwA [ExceptionA] | test.cpp:12:6:12:24 | test_indirect_throw [ExceptionA] | +| test.cpp:17:3:17:8 | call to throwA [ExceptionA] | test.cpp:16:6:16:26 | test_indirect_throw_2 [ExceptionA] | +| test.cpp:34:3:34:16 | call to indirectThrowA [ExceptionA] | test.cpp:33:6:33:26 | test_indirect_throw_6 [ExceptionA] | #select | test.cpp:4:6:4:15 | test_throw | test.cpp:5:3:5:20 | throw ... [ExceptionA] | test.cpp:4:6:4:15 | test_throw [ExceptionA] | Function test_throw is declared noexcept(true) but can throw exceptions of type ExceptionA. | -| test.cpp:10:6:10:24 | test_indirect_throw | test.cpp:8:17:8:34 | throw ... [ExceptionA] | test.cpp:10:6:10:24 | test_indirect_throw [ExceptionA] | Function test_indirect_throw is declared noexcept(true) but can throw exceptions of type ExceptionA. | -| test.cpp:14:6:14:26 | test_indirect_throw_2 | test.cpp:8:17:8:34 | throw ... [ExceptionA] | test.cpp:14:6:14:26 | test_indirect_throw_2 [ExceptionA] | Function test_indirect_throw_2 is declared noexcept(true) but can throw exceptions of type ExceptionA. | +| test.cpp:10:6:10:27 | noexceptIndirectThrowA | test.cpp:8:17:8:34 | throw ... [ExceptionA] | test.cpp:10:6:10:27 | noexceptIndirectThrowA [ExceptionA] | Function noexceptIndirectThrowA is declared noexcept(true) but can throw exceptions of type ExceptionA. | +| test.cpp:12:6:12:24 | test_indirect_throw | test.cpp:8:17:8:34 | throw ... [ExceptionA] | test.cpp:12:6:12:24 | test_indirect_throw [ExceptionA] | Function test_indirect_throw is declared noexcept(true) but can throw exceptions of type ExceptionA. | +| test.cpp:16:6:16:26 | test_indirect_throw_2 | test.cpp:8:17:8:34 | throw ... [ExceptionA] | test.cpp:16:6:16:26 | test_indirect_throw_2 [ExceptionA] | Function test_indirect_throw_2 is declared noexcept(true) but can throw exceptions of type ExceptionA. | +| test.cpp:33:6:33:26 | test_indirect_throw_6 | test.cpp:8:17:8:34 | throw ... [ExceptionA] | test.cpp:33:6:33:26 | test_indirect_throw_6 [ExceptionA] | Function test_indirect_throw_6 is declared noexcept(true) but can throw exceptions of type ExceptionA. | diff --git a/cpp/autosar/test/rules/A15-4-2/test.cpp b/cpp/autosar/test/rules/A15-4-2/test.cpp index afa46e5ae6..de5e00bd35 100644 --- a/cpp/autosar/test/rules/A15-4-2/test.cpp +++ b/cpp/autosar/test/rules/A15-4-2/test.cpp @@ -6,6 +6,8 @@ void test_throw() noexcept(true) { } void throwA() { throw ExceptionA(); } +void indirectThrowA() { throwA(); } +void noexceptIndirectThrowA() noexcept { throwA(); } // NON_COMPLIANT void test_indirect_throw() noexcept(true) { throwA(); // NON_COMPLIANT - function marked as noexcept(true) @@ -21,4 +23,13 @@ void test_indirect_throw_3() noexcept(false) { void test_indirect_throw_4() { throwA(); // COMPLIANT - function marked as noexcept(false) +} + +void test_indirect_throw_5() noexcept { + noexceptIndirectThrowA(); // COMPLIANT - noexceptIndirectThrowA would call + // std::terminate() if ExceptionA is thrown +} + +void test_indirect_throw_6() noexcept { + indirectThrowA(); // NON_COMPLIANT } \ No newline at end of file diff --git a/cpp/cert/test/rules/ERR55-CPP/HonorExceptionSpecifications.expected b/cpp/cert/test/rules/ERR55-CPP/HonorExceptionSpecifications.expected index ba234df2b8..5091d1fc2e 100644 --- a/cpp/cert/test/rules/ERR55-CPP/HonorExceptionSpecifications.expected +++ b/cpp/cert/test/rules/ERR55-CPP/HonorExceptionSpecifications.expected @@ -1,8 +1,35 @@ edges +| test_dynamic_specification.cpp:9:6:9:22 | throw_logic_error [logic_error] | test_dynamic_specification.cpp:34:3:34:19 | call to throw_logic_error [logic_error] | +| test_dynamic_specification.cpp:9:6:9:22 | throw_logic_error [logic_error] | test_dynamic_specification.cpp:38:3:38:19 | call to throw_logic_error [logic_error] | +| test_dynamic_specification.cpp:9:6:9:22 | throw_logic_error [logic_error] | test_dynamic_specification.cpp:43:3:43:19 | call to throw_logic_error [logic_error] | +| test_dynamic_specification.cpp:9:28:9:58 | throw ... [logic_error] | test_dynamic_specification.cpp:9:6:9:22 | throw_logic_error [logic_error] | | test_dynamic_specification.cpp:22:3:22:24 | throw ... [exception] | test_dynamic_specification.cpp:20:6:20:49 | test_simple_exception_spec_covered_inherited [exception] | | test_dynamic_specification.cpp:29:3:29:24 | throw ... [exception] | test_dynamic_specification.cpp:28:6:28:30 | test_no_throw_contravened [exception] | -| test_no_except.cpp:8:3:8:14 | throw ... [char *] | test_no_except.cpp:7:6:7:23 | test_noexcept_true [char *] | +| test_dynamic_specification.cpp:33:6:33:31 | indirect_throw_logic_error [logic_error] | test_dynamic_specification.cpp:48:3:48:28 | call to indirect_throw_logic_error [logic_error] | +| test_dynamic_specification.cpp:34:3:34:19 | call to throw_logic_error [logic_error] | test_dynamic_specification.cpp:33:6:33:31 | indirect_throw_logic_error [logic_error] | +| test_dynamic_specification.cpp:38:3:38:19 | call to throw_logic_error [logic_error] | test_dynamic_specification.cpp:37:6:37:46 | indirect_throw_logic_error_but_terminates [logic_error] | +| test_dynamic_specification.cpp:43:3:43:19 | call to throw_logic_error [logic_error] | test_dynamic_specification.cpp:41:6:41:48 | indirect_throw_logic_error_but_terminates_2 [logic_error] | +| test_dynamic_specification.cpp:48:3:48:28 | call to indirect_throw_logic_error [logic_error] | test_dynamic_specification.cpp:47:6:47:25 | test_indirect_throws [logic_error] | +| test_no_except.cpp:4:3:4:20 | throw ... [ExceptionA] | test_no_except.cpp:3:6:3:15 | test_throw [ExceptionA] | +| test_no_except.cpp:7:6:7:11 | throwA [ExceptionA] | test_no_except.cpp:8:25:8:30 | call to throwA [ExceptionA] | +| test_no_except.cpp:7:6:7:11 | throwA [ExceptionA] | test_no_except.cpp:9:42:9:47 | call to throwA [ExceptionA] | +| test_no_except.cpp:7:6:7:11 | throwA [ExceptionA] | test_no_except.cpp:12:3:12:8 | call to throwA [ExceptionA] | +| test_no_except.cpp:7:6:7:11 | throwA [ExceptionA] | test_no_except.cpp:16:3:16:8 | call to throwA [ExceptionA] | +| test_no_except.cpp:7:17:7:34 | throw ... [ExceptionA] | test_no_except.cpp:7:6:7:11 | throwA [ExceptionA] | +| test_no_except.cpp:8:6:8:19 | indirectThrowA [ExceptionA] | test_no_except.cpp:33:3:33:16 | call to indirectThrowA [ExceptionA] | +| test_no_except.cpp:8:25:8:30 | call to throwA [ExceptionA] | test_no_except.cpp:8:6:8:19 | indirectThrowA [ExceptionA] | +| test_no_except.cpp:9:42:9:47 | call to throwA [ExceptionA] | test_no_except.cpp:9:6:9:27 | noexceptIndirectThrowA [ExceptionA] | +| test_no_except.cpp:12:3:12:8 | call to throwA [ExceptionA] | test_no_except.cpp:11:6:11:24 | test_indirect_throw [ExceptionA] | +| test_no_except.cpp:16:3:16:8 | call to throwA [ExceptionA] | test_no_except.cpp:15:6:15:26 | test_indirect_throw_2 [ExceptionA] | +| test_no_except.cpp:33:3:33:16 | call to indirectThrowA [ExceptionA] | test_no_except.cpp:32:6:32:26 | test_indirect_throw_6 [ExceptionA] | #select | test_dynamic_specification.cpp:20:6:20:49 | test_simple_exception_spec_covered_inherited | test_dynamic_specification.cpp:22:3:22:24 | throw ... [exception] | test_dynamic_specification.cpp:20:6:20:49 | test_simple_exception_spec_covered_inherited [exception] | test_simple_exception_spec_covered_inherited can throw an exception of type std::exception but has a dynamic exception specification that does not specify this type. | | test_dynamic_specification.cpp:28:6:28:30 | test_no_throw_contravened | test_dynamic_specification.cpp:29:3:29:24 | throw ... [exception] | test_dynamic_specification.cpp:28:6:28:30 | test_no_throw_contravened [exception] | test_no_throw_contravened can throw an exception of type std::exception but has a dynamic exception specification that does not specify this type. | -| test_no_except.cpp:7:6:7:23 | test_noexcept_true | test_no_except.cpp:8:3:8:14 | throw ... [char *] | test_no_except.cpp:7:6:7:23 | test_noexcept_true [char *] | test_noexcept_true can throw an exception of type char * but is marked noexcept(true). | +| test_dynamic_specification.cpp:37:6:37:46 | indirect_throw_logic_error_but_terminates | test_dynamic_specification.cpp:9:28:9:58 | throw ... [logic_error] | test_dynamic_specification.cpp:37:6:37:46 | indirect_throw_logic_error_but_terminates [logic_error] | indirect_throw_logic_error_but_terminates can throw an exception of type std::logic_error but has a dynamic exception specification that does not specify this type. | +| test_dynamic_specification.cpp:41:6:41:48 | indirect_throw_logic_error_but_terminates_2 | test_dynamic_specification.cpp:9:28:9:58 | throw ... [logic_error] | test_dynamic_specification.cpp:41:6:41:48 | indirect_throw_logic_error_but_terminates_2 [logic_error] | indirect_throw_logic_error_but_terminates_2 can throw an exception of type std::logic_error but has a dynamic exception specification that does not specify this type. | +| test_dynamic_specification.cpp:47:6:47:25 | test_indirect_throws | test_dynamic_specification.cpp:9:28:9:58 | throw ... [logic_error] | test_dynamic_specification.cpp:47:6:47:25 | test_indirect_throws [logic_error] | test_indirect_throws can throw an exception of type std::logic_error but has a dynamic exception specification that does not specify this type. | +| test_no_except.cpp:3:6:3:15 | test_throw | test_no_except.cpp:4:3:4:20 | throw ... [ExceptionA] | test_no_except.cpp:3:6:3:15 | test_throw [ExceptionA] | test_throw can throw an exception of type ExceptionA but is marked noexcept(true). | +| test_no_except.cpp:9:6:9:27 | noexceptIndirectThrowA | test_no_except.cpp:7:17:7:34 | throw ... [ExceptionA] | test_no_except.cpp:9:6:9:27 | noexceptIndirectThrowA [ExceptionA] | noexceptIndirectThrowA can throw an exception of type ExceptionA but is marked noexcept(true). | +| test_no_except.cpp:11:6:11:24 | test_indirect_throw | test_no_except.cpp:7:17:7:34 | throw ... [ExceptionA] | test_no_except.cpp:11:6:11:24 | test_indirect_throw [ExceptionA] | test_indirect_throw can throw an exception of type ExceptionA but is marked noexcept(true). | +| test_no_except.cpp:15:6:15:26 | test_indirect_throw_2 | test_no_except.cpp:7:17:7:34 | throw ... [ExceptionA] | test_no_except.cpp:15:6:15:26 | test_indirect_throw_2 [ExceptionA] | test_indirect_throw_2 can throw an exception of type ExceptionA but is marked noexcept(true). | +| test_no_except.cpp:32:6:32:26 | test_indirect_throw_6 | test_no_except.cpp:7:17:7:34 | throw ... [ExceptionA] | test_no_except.cpp:32:6:32:26 | test_indirect_throw_6 [ExceptionA] | test_indirect_throw_6 can throw an exception of type ExceptionA but is marked noexcept(true). | diff --git a/cpp/cert/test/rules/ERR55-CPP/test_dynamic_specification.cpp b/cpp/cert/test/rules/ERR55-CPP/test_dynamic_specification.cpp index 4b218e1847..82e32bd433 100644 --- a/cpp/cert/test/rules/ERR55-CPP/test_dynamic_specification.cpp +++ b/cpp/cert/test/rules/ERR55-CPP/test_dynamic_specification.cpp @@ -27,4 +27,28 @@ void test_no_throw() throw() { // COMPLIANT void test_no_throw_contravened() throw() { // NON_COMPLIANT throw std::exception(); +} + +class DummyException {}; +void indirect_throw_logic_error() throw(std::logic_error) { + throw_logic_error(); // Exception flows out of function as specification is + // compatible +} +void indirect_throw_logic_error_but_terminates() throw() { // NON_COMPLIANT + throw_logic_error(); // Exception does not flow out of function due to + // specification +} +void indirect_throw_logic_error_but_terminates_2() // NON_COMPLIANT + throw(DummyException) { + throw_logic_error(); // Exception does not flow out of function due to + // specification +} + +void test_indirect_throws() throw() { // NON_COMPLIANT + indirect_throw_logic_error(); +} + +void test_indirect_throws_but_terminated() throw() { // COMPLIANT + indirect_throw_logic_error_but_terminates(); + indirect_throw_logic_error_but_terminates_2(); } \ No newline at end of file diff --git a/cpp/cert/test/rules/ERR55-CPP/test_no_except.cpp b/cpp/cert/test/rules/ERR55-CPP/test_no_except.cpp index 7897bed237..767dbb7ec0 100644 --- a/cpp/cert/test/rules/ERR55-CPP/test_no_except.cpp +++ b/cpp/cert/test/rules/ERR55-CPP/test_no_except.cpp @@ -1,9 +1,34 @@ -#include +class ExceptionA {}; -void test_noexcept_false() { // COMPLIANT - throw "test"; +void test_throw() noexcept(true) { + throw ExceptionA(); // NON_COMPLIANT - function marked as noexcept(true) } -void test_noexcept_true() noexcept(true) { // NON_COMPLIANT - throw "test"; +void throwA() { throw ExceptionA(); } +void indirectThrowA() { throwA(); } +void noexceptIndirectThrowA() noexcept { throwA(); } // NON_COMPLIANT + +void test_indirect_throw() noexcept(true) { + throwA(); // NON_COMPLIANT - function marked as noexcept(true) +} + +void test_indirect_throw_2() noexcept { + throwA(); // NON_COMPLIANT - function marked as noexcept(true) +} + +void test_indirect_throw_3() noexcept(false) { + throwA(); // COMPLIANT - function marked as noexcept(false) +} + +void test_indirect_throw_4() { + throwA(); // COMPLIANT - function marked as noexcept(false) +} + +void test_indirect_throw_5() noexcept { + noexceptIndirectThrowA(); // COMPLIANT - noexceptIndirectThrowA would call + // std::terminate() if ExceptionA is thrown +} + +void test_indirect_throw_6() noexcept { + indirectThrowA(); // NON_COMPLIANT } \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exceptions/ExceptionFlow.qll b/cpp/common/src/codingstandards/cpp/exceptions/ExceptionFlow.qll index df23fa4e95..72ac478b6b 100644 --- a/cpp/common/src/codingstandards/cpp/exceptions/ExceptionFlow.qll +++ b/cpp/common/src/codingstandards/cpp/exceptions/ExceptionFlow.qll @@ -4,6 +4,7 @@ import cpp import codingstandards.cpp.standardlibrary.Exceptions +import codingstandards.cpp.exceptions.ExceptionSpecifications import ThirdPartyExceptions /* @@ -312,7 +313,21 @@ class ReThrowExprThrowingExpr extends ReThrowExpr, ThrowingExpr { /** An expression which calls a function which may throw an exception. */ class FunctionCallThrowingExpr extends FunctionCall, ThrowingExpr { - override ExceptionType getAnExceptionType() { result = getAFunctionThrownType(getTarget(), _) } + override ExceptionType getAnExceptionType() { + exists(Function target | + target = getTarget() and + result = getAFunctionThrownType(target, _) and + // [expect.spec] states that throwing an exception type that is prohibited + // by the specification will result in the program terminating. We therefore + // do not propagate such exceptions to the call sites for the function. + not ( + hasDynamicExceptionSpecification(target) and + not result = getAHandledExceptionType(target.getAThrownType()) + or + isNoExceptTrue(target) + ) + ) + } } module ExceptionPathGraph { From f99713a693b8f9342105184eb377d13667e12026 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Thu, 25 Jan 2024 01:34:17 -0500 Subject: [PATCH 1530/2573] A8-4-7: exclude user defined operators and move constructors --- change_notes/2024-01-25-fix-reported-fp-for-a8-4-7.md | 2 ++ .../InParametersForCheapToCopyTypesNotPassedByValue.ql | 2 ++ cpp/autosar/test/rules/A8-4-7/test.cpp | 8 ++++++++ 3 files changed, 12 insertions(+) create mode 100644 change_notes/2024-01-25-fix-reported-fp-for-a8-4-7.md diff --git a/change_notes/2024-01-25-fix-reported-fp-for-a8-4-7.md b/change_notes/2024-01-25-fix-reported-fp-for-a8-4-7.md new file mode 100644 index 0000000000..6400cfb6fc --- /dev/null +++ b/change_notes/2024-01-25-fix-reported-fp-for-a8-4-7.md @@ -0,0 +1,2 @@ +`A8-4-7`: ` cpp/autosar/in-parameters-for-cheap-to-copy-types-not-passed-by-value` + - Fixes #397. Exclude user defined operators and move constructors. \ No newline at end of file diff --git a/cpp/autosar/src/rules/A8-4-7/InParametersForCheapToCopyTypesNotPassedByValue.ql b/cpp/autosar/src/rules/A8-4-7/InParametersForCheapToCopyTypesNotPassedByValue.ql index e188241672..b5a964e5c6 100644 --- a/cpp/autosar/src/rules/A8-4-7/InParametersForCheapToCopyTypesNotPassedByValue.ql +++ b/cpp/autosar/src/rules/A8-4-7/InParametersForCheapToCopyTypesNotPassedByValue.ql @@ -35,6 +35,8 @@ where t.isConst() and not exists(CatchBlock cb | cb.getParameter() = v) and not exists(CopyConstructor cc | cc.getAParameter() = v) and + not exists(MoveConstructor mc | mc.getAParameter() = v) and + not exists(Operator op | op.getAParameter() = v) and not v.isFromUninstantiatedTemplate(_) select v, "Parameter " + v.getName() + " is the trivially copyable type " + t.getName() + diff --git a/cpp/autosar/test/rules/A8-4-7/test.cpp b/cpp/autosar/test/rules/A8-4-7/test.cpp index 70829ef907..80cd3d48e5 100644 --- a/cpp/autosar/test/rules/A8-4-7/test.cpp +++ b/cpp/autosar/test/rules/A8-4-7/test.cpp @@ -37,4 +37,12 @@ inline S1 Value(size_t n, const char *data) {} // COMPLIANT struct A { int n; A(const A &a) : n(a.n) {} // COMPLIANT user-defined copy ctor + A(const A &&other_a); // COMPLIANT user-defined move ctor }; + +class C1 {}; + +class C2 : public C1 { +public: + C2 &operator=(const C2 &); // COMPLIANT +}; \ No newline at end of file From 34ae3bd920bfe26b17e2534a79831663670c4ab5 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Thu, 25 Jan 2024 11:27:46 -0500 Subject: [PATCH 1531/2573] A8-4-7: exclude user defined operators and special functions --- .../A8-4-7/InParametersForCheapToCopyTypesNotPassedByValue.ql | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/src/rules/A8-4-7/InParametersForCheapToCopyTypesNotPassedByValue.ql b/cpp/autosar/src/rules/A8-4-7/InParametersForCheapToCopyTypesNotPassedByValue.ql index b5a964e5c6..58309da4cf 100644 --- a/cpp/autosar/src/rules/A8-4-7/InParametersForCheapToCopyTypesNotPassedByValue.ql +++ b/cpp/autosar/src/rules/A8-4-7/InParametersForCheapToCopyTypesNotPassedByValue.ql @@ -17,6 +17,7 @@ import cpp import codingstandards.cpp.autosar import TriviallySmallType import codingstandards.cpp.CommonTypes as CommonTypes +import codingstandards.cpp.Class /* * For the purposes of this rule, "cheap to copy" is defined as a trivially copyable type that is no @@ -34,8 +35,7 @@ where ) and t.isConst() and not exists(CatchBlock cb | cb.getParameter() = v) and - not exists(CopyConstructor cc | cc.getAParameter() = v) and - not exists(MoveConstructor mc | mc.getAParameter() = v) and + not exists(SpecialMemberFunction cc | cc.getAParameter() = v) and not exists(Operator op | op.getAParameter() = v) and not v.isFromUninstantiatedTemplate(_) select v, From b838b858ed2cfae0d9d3ee655c9285adf5077ea5 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Thu, 25 Jan 2024 13:45:42 -0500 Subject: [PATCH 1532/2573] M9-3-3: exclude deleted members --- change_notes/2024-01-25-exclusion-m9-3-3.md | 2 ++ cpp/autosar/src/rules/M9-3-3/MemberFunctionConstIfPossible.ql | 3 ++- .../src/rules/M9-3-3/MemberFunctionStaticIfPossible.ql | 3 ++- cpp/autosar/test/rules/M9-3-3/test.cpp | 4 ++++ 4 files changed, 10 insertions(+), 2 deletions(-) create mode 100644 change_notes/2024-01-25-exclusion-m9-3-3.md diff --git a/change_notes/2024-01-25-exclusion-m9-3-3.md b/change_notes/2024-01-25-exclusion-m9-3-3.md new file mode 100644 index 0000000000..7f6d2a339b --- /dev/null +++ b/change_notes/2024-01-25-exclusion-m9-3-3.md @@ -0,0 +1,2 @@ +`M9-3-3`: ` cpp/autosar/member-function-static-if-possible`, `cpp/autosar/member-function-const-if-possible` + - Fixes #413. Exclude deleted member functions. \ No newline at end of file diff --git a/cpp/autosar/src/rules/M9-3-3/MemberFunctionConstIfPossible.ql b/cpp/autosar/src/rules/M9-3-3/MemberFunctionConstIfPossible.ql index 3b0ee9c058..a681f75c5b 100644 --- a/cpp/autosar/src/rules/M9-3-3/MemberFunctionConstIfPossible.ql +++ b/cpp/autosar/src/rules/M9-3-3/MemberFunctionConstIfPossible.ql @@ -121,5 +121,6 @@ where not f.callsNonConstOwnMember() and not f.callsNonConstFromMemberVariable() and not f.isOverride() and - not f.isFinal() + not f.isFinal() and + not f.isDeleted() select f, "Member function can be declared as const." diff --git a/cpp/autosar/src/rules/M9-3-3/MemberFunctionStaticIfPossible.ql b/cpp/autosar/src/rules/M9-3-3/MemberFunctionStaticIfPossible.ql index 36c13fe5d3..5148e72f79 100644 --- a/cpp/autosar/src/rules/M9-3-3/MemberFunctionStaticIfPossible.ql +++ b/cpp/autosar/src/rules/M9-3-3/MemberFunctionStaticIfPossible.ql @@ -39,5 +39,6 @@ from NonStaticMemberFunction nonstatic where not isExcluded(nonstatic, ConstPackage::memberFunctionStaticIfPossibleQuery()) and not exists(ThisExpr t | t.getEnclosingFunction() = nonstatic) and - not nonstatic.isVirtual() + not nonstatic.isVirtual() and + not nonstatic.isDeleted() select nonstatic, "Member function can be declared as static." diff --git a/cpp/autosar/test/rules/M9-3-3/test.cpp b/cpp/autosar/test/rules/M9-3-3/test.cpp index 033414a315..39d61aaccf 100644 --- a/cpp/autosar/test/rules/M9-3-3/test.cpp +++ b/cpp/autosar/test/rules/M9-3-3/test.cpp @@ -161,3 +161,7 @@ class Z22 : Z1 { void f2() final {} // COMPLIANT void f3() { this->a = 100; } // COMPLIANT }; + +class Z3 { + void f(int) = delete; // COMPLIANT +}; \ No newline at end of file From 92379ae02314bcdd7b9f8d3afee48e95742bdfff Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Fri, 26 Jan 2024 01:06:29 -0500 Subject: [PATCH 1533/2573] A5-0-2: exclude compiler generated conditions --- .../cpp/rules/nonbooleanifstmt/NonBooleanIfStmt.qll | 2 ++ .../rules/nonbooleaniterationstmt/NonBooleanIterationStmt.qll | 2 ++ 2 files changed, 4 insertions(+) diff --git a/cpp/common/src/codingstandards/cpp/rules/nonbooleanifstmt/NonBooleanIfStmt.qll b/cpp/common/src/codingstandards/cpp/rules/nonbooleanifstmt/NonBooleanIfStmt.qll index 18346a8159..bd84597a44 100644 --- a/cpp/common/src/codingstandards/cpp/rules/nonbooleanifstmt/NonBooleanIfStmt.qll +++ b/cpp/common/src/codingstandards/cpp/rules/nonbooleanifstmt/NonBooleanIfStmt.qll @@ -14,6 +14,8 @@ query predicate problems(Expr condition, string message) { not isExcluded(condition, getQuery()) and exists(IfStmt ifStmt, Type explicitConversionType | condition = ifStmt.getCondition() and + //exclude any generated conditions + not condition.isCompilerGenerated() and not ifStmt.isFromUninstantiatedTemplate(_) and explicitConversionType = condition.getExplicitlyConverted().getUnderlyingType() and not explicitConversionType instanceof BoolType and diff --git a/cpp/common/src/codingstandards/cpp/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.qll b/cpp/common/src/codingstandards/cpp/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.qll index f1ee555406..c342811c52 100644 --- a/cpp/common/src/codingstandards/cpp/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.qll +++ b/cpp/common/src/codingstandards/cpp/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.qll @@ -16,6 +16,8 @@ query predicate problems(Loop loopStmt, string message) { condition = loopStmt.getCondition() and explicitConversionType = condition.getExplicitlyConverted().getType().getUnspecifiedType() and not explicitConversionType instanceof BoolType and + //exclude any generated conditions + not condition.isCompilerGenerated() and message = "Iteration condition has non boolean type " + explicitConversionType + "." ) } From f353c4ba6430714f3a08fc94bcc8795b602258de Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Fri, 26 Jan 2024 01:16:37 -0500 Subject: [PATCH 1534/2573] A5-0-2: add missing changenote --- change_notes/2024-01-26-exclusion-a5-0-2.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 change_notes/2024-01-26-exclusion-a5-0-2.md diff --git a/change_notes/2024-01-26-exclusion-a5-0-2.md b/change_notes/2024-01-26-exclusion-a5-0-2.md new file mode 100644 index 0000000000..f7fa5c5074 --- /dev/null +++ b/change_notes/2024-01-26-exclusion-a5-0-2.md @@ -0,0 +1,2 @@ +`A5-0-2`: `cpp/autosar/non-boolean-if-condition`, `cpp/autosar/non-boolean-iteration-condition` + - Exclude compiler generated conditions. \ No newline at end of file From 84f007e427f3112442deeb7772f7cdcf2d694ce6 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 30 Jan 2024 09:23:41 +0000 Subject: [PATCH 1535/2573] Contracts: add metadata. --- .../cpp/exclusions/c/Contracts.qll | 61 +++++++++++++++++ .../cpp/exclusions/c/RuleMetadata.qll | 3 + rule_packages/c/Contracts.json | 65 +++++++++++++++++++ rule_packages/cpp/Expressions.json | 1 + 4 files changed, 130 insertions(+) create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/Contracts.qll create mode 100644 rule_packages/c/Contracts.json diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts.qll new file mode 100644 index 0000000000..32a44a4355 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts.qll @@ -0,0 +1,61 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype ContractsQuery = + TDoNotViolateInLineLinkageConstraintsQuery() or + TCheckMathLibraryFunctionParametersQuery() or + TFunctionErrorInformationUntestedQuery() + +predicate isContractsQueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `doNotViolateInLineLinkageConstraints` query + ContractsPackage::doNotViolateInLineLinkageConstraintsQuery() and + queryId = + // `@id` for the `doNotViolateInLineLinkageConstraints` query + "c/cert/do-not-violate-in-line-linkage-constraints" and + ruleId = "MSC40-C" and + category = "rule" + or + query = + // `Query` instance for the `checkMathLibraryFunctionParameters` query + ContractsPackage::checkMathLibraryFunctionParametersQuery() and + queryId = + // `@id` for the `checkMathLibraryFunctionParameters` query + "c/misra/check-math-library-function-parameters" and + ruleId = "DIR-4-11" and + category = "required" + or + query = + // `Query` instance for the `functionErrorInformationUntested` query + ContractsPackage::functionErrorInformationUntestedQuery() and + queryId = + // `@id` for the `functionErrorInformationUntested` query + "c/misra/function-error-information-untested" and + ruleId = "DIR-4-7" and + category = "required" +} + +module ContractsPackage { + Query doNotViolateInLineLinkageConstraintsQuery() { + //autogenerate `Query` type + result = + // `Query` type for `doNotViolateInLineLinkageConstraints` query + TQueryC(TContractsPackageQuery(TDoNotViolateInLineLinkageConstraintsQuery())) + } + + Query checkMathLibraryFunctionParametersQuery() { + //autogenerate `Query` type + result = + // `Query` type for `checkMathLibraryFunctionParameters` query + TQueryC(TContractsPackageQuery(TCheckMathLibraryFunctionParametersQuery())) + } + + Query functionErrorInformationUntestedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `functionErrorInformationUntested` query + TQueryC(TContractsPackageQuery(TFunctionErrorInformationUntestedQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index c2771f4171..6425f27e28 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -9,6 +9,7 @@ import Concurrency2 import Concurrency3 import Concurrency4 import Concurrency5 +import Contracts import Contracts1 import Contracts2 import Contracts3 @@ -80,6 +81,7 @@ newtype TCQuery = TConcurrency3PackageQuery(Concurrency3Query q) or TConcurrency4PackageQuery(Concurrency4Query q) or TConcurrency5PackageQuery(Concurrency5Query q) or + TContractsPackageQuery(ContractsQuery q) or TContracts1PackageQuery(Contracts1Query q) or TContracts2PackageQuery(Contracts2Query q) or TContracts3PackageQuery(Contracts3Query q) or @@ -151,6 +153,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isConcurrency3QueryMetadata(query, queryId, ruleId, category) or isConcurrency4QueryMetadata(query, queryId, ruleId, category) or isConcurrency5QueryMetadata(query, queryId, ruleId, category) or + isContractsQueryMetadata(query, queryId, ruleId, category) or isContracts1QueryMetadata(query, queryId, ruleId, category) or isContracts2QueryMetadata(query, queryId, ruleId, category) or isContracts3QueryMetadata(query, queryId, ruleId, category) or diff --git a/rule_packages/c/Contracts.json b/rule_packages/c/Contracts.json new file mode 100644 index 0000000000..e2239908f0 --- /dev/null +++ b/rule_packages/c/Contracts.json @@ -0,0 +1,65 @@ +{ + "CERT-C": { + "MSC40-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Inlined external functions are prohibited by the language standard from defining modifiable static or thread storage objects, or referencing identifiers with internal linkage.", + "kind": "problem", + "name": "Do not violate inline linkage constraints", + "precision": "very-high", + "severity": "error", + "short_name": "DoNotViolateInLineLinkageConstraints", + "tags": [ + "correctness" + ] + } + ], + "title": "Do not violate constraints" + } + }, + "MISRA-C-2012": { + "DIR-4-11": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Range, domain or pole errors in math functions may return unexpected values, trigger floating-point exceptions or set unexpected error modes.", + "kind": "problem", + "name": "The validity of values passed to `math.h` library functions shall be checked", + "precision": "high", + "severity": "error", + "short_name": "CheckMathLibraryFunctionParameters", + "shared_implementation_short_name": "UncheckedRangeDomainPoleErrors", + "tags": [ + "correctness" + ] + } + ], + "title": "The validity of values passed to library functions shall be checked" + }, + "DIR-4-7": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "A function (whether it is part of the standard library, a third party library or a user defined function) may provide some means of indicating the occurrence of an error. This may be via a global error flag, a parametric error flag, a special return value or some other means. Whenever such a mechanism is provided by a function the calling program shall check for the indication of an error as soon as the function returns.", + "kind": "problem", + "name": "If a function generates error information, then that error information shall be tested", + "precision": "very-high", + "severity": "recommendation", + "short_name": "FunctionErrorInformationUntested", + "shared_implementation_short_name": "FunctionErroneousReturnValueNotTested", + "tags": [ + "maintainability" + ] + } + ], + "title": "If a function returns error information, then that error information shall be tested" + } + } +} \ No newline at end of file diff --git a/rule_packages/cpp/Expressions.json b/rule_packages/cpp/Expressions.json index c0a7b6bb0b..5668c78a0a 100644 --- a/rule_packages/cpp/Expressions.json +++ b/rule_packages/cpp/Expressions.json @@ -86,6 +86,7 @@ "precision": "very-high", "severity": "recommendation", "short_name": "FunctionErroneousReturnValueNotTested", + "shared_implementation_short_name": "FunctionErroneousReturnValueNotTested", "tags": [ "maintainability" ] From 52bdbd7f536c723267489f8822d8c81a99db96e2 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 30 Jan 2024 09:33:15 +0000 Subject: [PATCH 1536/2573] MSC40-C: Add query for finding inline linkage constraints. Adds a query that finds cases where extern inlined functions reference internal linkage objects, or declare objects which are static or thread local. --- .../DoNotViolateInLineLinkageConstraints.md | 210 ++++++++++++++++++ .../DoNotViolateInLineLinkageConstraints.ql | 59 +++++ ...otViolateInLineLinkageConstraints.expected | 6 + ...DoNotViolateInLineLinkageConstraints.qlref | 1 + c/cert/test/rules/MSC40-C/test.c | 31 +++ 5 files changed, 307 insertions(+) create mode 100644 c/cert/src/rules/MSC40-C/DoNotViolateInLineLinkageConstraints.md create mode 100644 c/cert/src/rules/MSC40-C/DoNotViolateInLineLinkageConstraints.ql create mode 100644 c/cert/test/rules/MSC40-C/DoNotViolateInLineLinkageConstraints.expected create mode 100644 c/cert/test/rules/MSC40-C/DoNotViolateInLineLinkageConstraints.qlref create mode 100644 c/cert/test/rules/MSC40-C/test.c diff --git a/c/cert/src/rules/MSC40-C/DoNotViolateInLineLinkageConstraints.md b/c/cert/src/rules/MSC40-C/DoNotViolateInLineLinkageConstraints.md new file mode 100644 index 0000000000..26545fb812 --- /dev/null +++ b/c/cert/src/rules/MSC40-C/DoNotViolateInLineLinkageConstraints.md @@ -0,0 +1,210 @@ +# MSC40-C: Do not violate inline linkage constraints + +This query implements the CERT-C rule MSC40-C: + +> Do not violate constraints + + +## Description + +According to the C Standard, 3.8 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO%2FIEC9899-2011)\], a constraint is a "restriction, either syntactic or semantic, by which the exposition of language elements is to be interpreted." Despite the similarity of the terms, a runtime constraint is not a kind of constraint. + +Violating any *shall* statement within a constraint clause in the C Standard requires an [implementation](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation) to issue a diagnostic message, the C Standard, 5.1.1.3 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO%2FIEC9899-2011)\] states + +> A conforming implementation shall produce at least one diagnostic message (identified in an implementation-defined manner) if a preprocessing translation unit or translation unit contains a violation of any syntax rule or constraint, even if the behavior is also explicitly specified as undefined or implementation-defined. Diagnostic messages need not be produced in other circumstances. + + +The C Standard further explains in a footnote + +> The intent is that an implementation should identify the nature of, and where possible localize, each violation. Of course, an implementation is free to produce any number of diagnostics as long as a valid program is still correctly translated. It may also successfully translate an invalid program. + + +Any constraint violation is a violation of this rule because it can result in an invalid program. + +## Noncompliant Code Example (Inline, Internal Linkage) + +The C Standard, 6.7.4, paragraph 3 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO%2FIEC9899-2011)\], states + +> An inline definition of a function with external linkage shall not contain a definition of a modifiable object with static or thread storage duration, and shall not contain a reference to an identifier with internal linkage. + + +The motivation behind this constraint lies in the semantics of inline definitions. Paragraph 7 of subclause 6.7.4 reads, in part: + +> An inline definition provides an alternative to an external definition, which a translator may use to implement any call to the function in the same translation unit. It is unspecified whether a call to the function uses the inline definition or the external definition. + + +That is, if a function has an external and inline definition, implementations are free to choose which definition to invoke (two distinct invocations of the function may call different definitions, one the external definition, the other the inline definition). Therefore, issues can arise when these definitions reference internally linked objects or mutable objects with static or thread storage duration. + +This noncompliant code example refers to a static variable with file scope and internal linkage from within an external inline function: + +```cpp +static int I = 12; +extern inline void func(int a) { + int b = a * I; + /* ... */ +} + +``` + +## Compliant Solution (Inline, Internal Linkage) + +This compliant solution omits the `static` qualifier; consequently, the variable `I` has external linkage by default: + +```cpp +int I = 12; +extern inline void func(int a) { + int b = a * I; + /* ... */ +} + +``` + +## Noncompliant Code Example (inline, Modifiable Static) + +This noncompliant code example defines a modifiable `static` variable within an `extern inline` function. + +```cpp +extern inline void func(void) { + static int I = 12; + /* Perform calculations which may modify I */ +} + +``` + +## Compliant Solution (Inline, Modifiable Static) + +This compliant solution removes the `static` keyword from the local variable definition. If the modifications to `I` must be retained between invocations of `func()`, it must be declared at file scope so that it will be defined with external linkage. + +```cpp +extern inline void func(void) { + int I = 12; + /* Perform calculations which may modify I */ +} +``` + +## Noncompliant Code Example (Inline, Modifiable static) + +This noncompliant code example includes two translation units: `file1.c` and `file2.c`. The first file, `file1.c`, defines a pseudorandom number generation function: + +```cpp +/* file1.c */ + +/* Externally linked definition of the function get_random() */ +extern unsigned int get_random(void) { + /* Initialize the seeds */ + static unsigned int m_z = 0xdeadbeef; + static unsigned int m_w = 0xbaddecaf; + + /* Compute the next pseudorandom value and update the seeds */ + m_z = 36969 * (m_z & 65535) + (m_z >> 16); + m_w = 18000 * (m_w & 65535) + (m_w >> 16); + return (m_z << 16) + m_w; +} + +``` +The left-shift operation in the last line may wrap, but this is permitted by exception INT30-C-EX3 to rule [INT30-C. Ensure that unsigned integer operations do not wrap](https://wiki.sei.cmu.edu/confluence/display/c/INT30-C.+Ensure+that+unsigned+integer+operations+do+not+wrap). + +The second file, `file2.c`, defines an `inline` version of this function that references mutable `static` objects—namely, objects that maintain the state of the pseudorandom number generator. Separate invocations of the `get_random()` function can call different definitions, each operating on separate static objects, resulting in a faulty pseudorandom number generator. + +```cpp +/* file2.c */ + +/* Inline definition of get_random function */ +inline unsigned int get_random(void) { + /* + * Initialize the seeds + * Constraint violation: static duration storage referenced + * in non-static inline definition + */ + static unsigned int m_z = 0xdeadbeef; + static unsigned int m_w = 0xbaddecaf; + + /* Compute the next pseudorandom value and update the seeds */ + m_z = 36969 * (m_z & 65535) + (m_z >> 16); + m_w = 18000 * (m_w & 65535) + (m_w >> 16); + return (m_z << 16) + m_w; +} + +int main(void) { + unsigned int rand_no; + for (int ii = 0; ii < 100; ii++) { + /* + * Get a pseudorandom number. Implementation defined whether the + * inline definition in this file or the external definition + * in file2.c is called. + */ + rand_no = get_random(); + /* Use rand_no... */ + } + + /* ... */ + + /* + * Get another pseudorandom number. Behavior is + * implementation defined. + */ + rand_no = get_random(); + /* Use rand_no... */ + return 0; +} + +``` + +## Compliant Solution (Inline, Modifiable static) + +This compliant solution adds the `static` modifier to the `inline` function definition in `file2.c`, giving it internal linkage. All references to `get_random()` in `file.2.c` will now reference the internally linked definition. The first file, which was not changed, is not shown here. + +```cpp +/* file2.c */ + +/* Static inline definition of get_random function */ +static inline unsigned int get_random(void) { + /* + * Initialize the seeds. + * No more constraint violation; the inline function is now + * internally linked. + */ + static unsigned int m_z = 0xdeadbeef; + static unsigned int m_w = 0xbaddecaf; + + /* Compute the next pseudorandom value and update the seeds */ + m_z = 36969 * (m_z & 65535) + (m_z >> 16); + m_w = 18000 * (m_w & 65535) + (m_w >> 16); + return (m_z << 16) + m_w; +} + +int main(void) { + /* Generate pseudorandom numbers using get_random()... */ + return 0; +} + +``` + +## Risk Assessment + +Constraint violations are a broad category of error that can result in unexpected control flow and corrupted data. + +
Rule Severity Likelihood Remediation Cost Priority Level
MSC40-C Low Unlikely Medium P2 L3
+ + +## Automated Detection + +
Tool Version Checker Description
Astrée 23.04 alignas-extended assignment-to-non-modifiable-lvalue cast-pointer-void-arithmetic-implicit element-type-incomplete function-pointer-integer-cast-implicit function-return-type inappropriate-pointer-cast-implicit incompatible-function-pointer-conversion incompatible-object-pointer-conversion initializer-excess invalid-array-size non-constant-static-assert parameter-match-type pointer-integral-cast-implicit pointer-qualifier-cast-const-implicit pointer-qualifier-cast-volatile-implicit redeclaration return-empty return-non-empty static-assert type-compatibility type-compatibility-link type-specifier undeclared-parameter unnamed-parameter Partially checked
Helix QAC 2023.4 C0232, C0233, C0244, C0268, C0321, C0322, C0338, C0422, C0423, C0426, C0427, C0429, C0430, C0431, C0432, C0435, C0436, C0437, C0446, C0447, C0448, C0449, C0451, C0452, C0453, C0454, C0456, C0457, C0458, C0460, C0461, C0462, C0463, C0466, C0467, C0468, C0469, C0476, C0477, C0478, C0481, C0482, C0483, C0484, C0485, C0486, C0487, C0493, C0494, C0495, C0496, C0497, C0513, C0514, C0515, C0536, C0537, C0540, C0541, C0542, C0546, C0547, C0550, C0554, C0555, C0556, C0557, C0558, C0559, C0560, C0561, C0562, C0563, C0564, C0565, C0580, C0588, C0589, C0590, C0591, C0605, C0616, C0619, C0620, C0621, C0622, C0627, C0628, C0629, C0631, C0638, C0640, C0641, C0642, C0643, C0644, C0645, C0646, C0649, C0650, C0651, C0653, C0655, C0656, C0657, C0659, C0664, C0665, C0669, C0671, C0673, C0674, C0675, C0677, C0682, C0683, C0684, C0685, C0690, C0698, C0699, C0708, C0709, C0736, C0737, C0738, C0746, C0747, C0755, C0756, C0757, C0758, C0766, C0767, C0768, C0774, C0775, C0801, C0802, C0803, C0804, C0811, C0821, C0834, C0835, C0844, C0845, C0851, C0852, C0866, C0873, C0877, C0940, C0941, C0943, C0944, C1023, C1024, C1025, C1033, C1047, C1048, C1050, C1061, C1062, C3236, C3237, C3238, C3244 C++4122
Klocwork 2023.4 MISRA.FUNC.STATIC.REDECL
LDRA tool suite 9.7.1 21 S, 145 S, 323 S, 345 S, 387 S, 404 S, 481 S, 580 S, 612 S, 615 S, 646 S
Parasoft C/C++test 2023.1 CERT_C-MSC40-a An inline definition of a function with external linkage shall not contain definitions and uses of static objects
Polyspace Bug Finder CERT C: Rule MSC40-C Checks for inline constraint not respected (rule partially covered)
RuleChecker 23.04 alignas-extended assignment-to-non-modifiable-lvalue cast-pointer-void-arithmetic-implicit element-type-incomplete function-pointer-integer-cast-implicit function-return-type inappropriate-pointer-cast-implicit incompatible-function-pointer-conversion incompatible-object-pointer-conversion initializer-excess invalid-array-size non-constant-static-assert parameter-match-type pointer-integral-cast-implicit pointer-qualifier-cast-const-implicit pointer-qualifier-cast-volatile-implicit redeclaration return-empty return-non-empty static-assert type-compatibility type-compatibility-link type-specifier undeclared-parameter unnamed-parameter Partially checked
+ + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+MSC40-C). + +## Bibliography + +
\[ ISO/IEC 9899:2011 \] 4, "Conformance" 5.1.1.3, "Diagnostics" 6.7.4, "Function Specifiers"
+ + +## Implementation notes + +None + +## References + +* CERT-C: [MSC40-C: Do not violate constraints](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/MSC40-C/DoNotViolateInLineLinkageConstraints.ql b/c/cert/src/rules/MSC40-C/DoNotViolateInLineLinkageConstraints.ql new file mode 100644 index 0000000000..63dec179c6 --- /dev/null +++ b/c/cert/src/rules/MSC40-C/DoNotViolateInLineLinkageConstraints.ql @@ -0,0 +1,59 @@ +/** + * @id c/cert/do-not-violate-in-line-linkage-constraints + * @name MSC40-C: Do not violate inline linkage constraints + * @description Inlined external functions are prohibited by the language standard from defining + * modifiable static or thread storage objects, or referencing identifiers with + * internal linkage. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/cert/id/msc40-c + * correctness + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import codingstandards.cpp.Linkage + +/* + * This is C specific, because in C++ all extern function definitions must be identical. + * Only in C is it permitted for an extern function to be defined in multiple translation + * units with different implementations, when using the inline keyword. + */ + +from Element accessOrDecl, Variable v, Function f, string message +where + not isExcluded(f, ContractsPackage::doNotViolateInLineLinkageConstraintsQuery()) and + f.isInline() and + hasExternalLinkage(f) and + // Pre-emptively exclude compiler generated functions + not f.isCompilerGenerated() and + // This rule does not apply to C++, but exclude C++ specific cases anyway + not f instanceof MemberFunction and + not f.isFromUninstantiatedTemplate(_) and + ( + // There exists a modifiable local variable which is static or thread local + exists(LocalVariable lsv, string storageModifier | + lsv.isStatic() and storageModifier = "Static" + or + lsv.isThreadLocal() and storageModifier = "Thread-local" + | + lsv.getFunction() = f and + not lsv.isConst() and + accessOrDecl = lsv and + message = storageModifier + " local variable $@ declared" and + v = lsv + ) + or + // References an identifier with internal linkage + exists(GlobalOrNamespaceVariable gv | + accessOrDecl = v.getAnAccess() and + accessOrDecl.(VariableAccess).getEnclosingFunction() = f and + hasInternalLinkage(v) and + message = "Identifier $@ with internal linkage referenced" and + v = gv + ) + ) +select accessOrDecl, message + " in the extern inlined function $@.", v, v.getName(), f, + f.getQualifiedName() diff --git a/c/cert/test/rules/MSC40-C/DoNotViolateInLineLinkageConstraints.expected b/c/cert/test/rules/MSC40-C/DoNotViolateInLineLinkageConstraints.expected new file mode 100644 index 0000000000..f258d4adef --- /dev/null +++ b/c/cert/test/rules/MSC40-C/DoNotViolateInLineLinkageConstraints.expected @@ -0,0 +1,6 @@ +| test.c:6:14:6:14 | i | Static local variable $@ declared in the extern inlined function $@. | test.c:6:14:6:14 | i | i | test.c:5:20:5:24 | test1 | test1 | +| test.c:7:3:7:4 | g1 | Identifier $@ with internal linkage referenced in the extern inlined function $@. | test.c:1:12:1:13 | g1 | g1 | test.c:5:20:5:24 | test1 | test1 | +| test.c:9:3:9:4 | g3 | Identifier $@ with internal linkage referenced in the extern inlined function $@. | test.c:3:11:3:12 | g3 | g3 | test.c:5:20:5:24 | test1 | test1 | +| test.c:27:14:27:14 | i | Static local variable $@ declared in the extern inlined function $@. | test.c:27:14:27:14 | i | i | test.c:26:13:26:17 | test4 | test4 | +| test.c:28:3:28:4 | g1 | Identifier $@ with internal linkage referenced in the extern inlined function $@. | test.c:1:12:1:13 | g1 | g1 | test.c:26:13:26:17 | test4 | test4 | +| test.c:30:3:30:4 | g3 | Identifier $@ with internal linkage referenced in the extern inlined function $@. | test.c:3:11:3:12 | g3 | g3 | test.c:26:13:26:17 | test4 | test4 | diff --git a/c/cert/test/rules/MSC40-C/DoNotViolateInLineLinkageConstraints.qlref b/c/cert/test/rules/MSC40-C/DoNotViolateInLineLinkageConstraints.qlref new file mode 100644 index 0000000000..f14d4270cc --- /dev/null +++ b/c/cert/test/rules/MSC40-C/DoNotViolateInLineLinkageConstraints.qlref @@ -0,0 +1 @@ +rules/MSC40-C/DoNotViolateInLineLinkageConstraints.ql \ No newline at end of file diff --git a/c/cert/test/rules/MSC40-C/test.c b/c/cert/test/rules/MSC40-C/test.c new file mode 100644 index 0000000000..3ca4afff4a --- /dev/null +++ b/c/cert/test/rules/MSC40-C/test.c @@ -0,0 +1,31 @@ +static int g1 = 0; +extern int g2 = 1; +const int g3 = 1; // defaults to internal linkage + +extern inline void test1() { + static int i = 0; // NON_COMPLIANT + g1++; // NON_COMPLIANT + g2++; // COMPLIANT + g3; // NON_COMPLIANT +} + +extern void test2() { + static int i = 0; // COMPLIANT + g1++; // COMPLIANT + g2++; // COMPLIANT + g3; // COMPLIANT +} + +void test3() { + static int i = 0; // COMPLIANT + g1++; // COMPLIANT + g2++; // COMPLIANT + g3; // COMPLIANT +} + +inline void test4() { + static int i = 0; // NON_COMPLIANT + g1++; // NON_COMPLIANT + g2++; // COMPLIANT + g3; // NON_COMPLIANT +} \ No newline at end of file From dcb32c1a017b50a1602a8d3e2e8afbf35ef0e534 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 30 Jan 2024 09:44:43 +0000 Subject: [PATCH 1537/2573] DIR-4-11: Add query for checking math.h functions Add query which detects domain and pole errors for math.h functions. --- .../CheckMathLibraryFunctionParameters.ql | 22 +++++++++++++++++++ ...CheckMathLibraryFunctionParameters.testref | 1 + 2 files changed, 23 insertions(+) create mode 100644 c/misra/src/rules/DIR-4-11/CheckMathLibraryFunctionParameters.ql create mode 100644 c/misra/test/rules/DIR-4-11/CheckMathLibraryFunctionParameters.testref diff --git a/c/misra/src/rules/DIR-4-11/CheckMathLibraryFunctionParameters.ql b/c/misra/src/rules/DIR-4-11/CheckMathLibraryFunctionParameters.ql new file mode 100644 index 0000000000..6810784a0e --- /dev/null +++ b/c/misra/src/rules/DIR-4-11/CheckMathLibraryFunctionParameters.ql @@ -0,0 +1,22 @@ +/** + * @id c/misra/check-math-library-function-parameters + * @name DIR-4-11: The validity of values passed to `math.h` library functions shall be checked + * @description Range, domain or pole errors in math functions may return unexpected values, trigger + * floating-point exceptions or set unexpected error modes. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/misra/id/dir-4-11 + * correctness + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.rules.uncheckedrangedomainpoleerrors.UncheckedRangeDomainPoleErrors + +class CheckMathLibraryFunctionParametersQuery extends UncheckedRangeDomainPoleErrorsSharedQuery { + CheckMathLibraryFunctionParametersQuery() { + this = ContractsPackage::checkMathLibraryFunctionParametersQuery() + } +} diff --git a/c/misra/test/rules/DIR-4-11/CheckMathLibraryFunctionParameters.testref b/c/misra/test/rules/DIR-4-11/CheckMathLibraryFunctionParameters.testref new file mode 100644 index 0000000000..50cf3fcb51 --- /dev/null +++ b/c/misra/test/rules/DIR-4-11/CheckMathLibraryFunctionParameters.testref @@ -0,0 +1 @@ +c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql \ No newline at end of file From 377124004116573572197eabd39ceb905e8b5e30 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 30 Jan 2024 09:47:55 +0000 Subject: [PATCH 1538/2573] DIR-4-7: Create shared query for unchecked return values Create a new shared query from the implementation of M0-3-2, which detects cases where error checking has not occurred after a call to a standard C library function. --- ...tionErroneousReturnValueNotTested.expected | 1 + .../FunctionErroneousReturnValueNotTested.ql | 4 ++ .../test.c | 0 .../FunctionErrorInformationUntested.ql | 26 ++++++++ .../FunctionErrorInformationUntested.testref | 1 + .../FunctionErroneousReturnValueNotTested.ql | 57 +++-------------- ...unctionErroneousReturnValueNotTested.qlref | 1 - .../FunctionErroneousReturnValueNotTested.qll | 62 +++++++++++++++++++ ...tionErroneousReturnValueNotTested.expected | 0 .../FunctionErroneousReturnValueNotTested.ql | 4 ++ .../test.cpp | 17 +++++ 11 files changed, 122 insertions(+), 51 deletions(-) create mode 100644 c/common/test/rules/functionerroneousreturnvaluenottested/FunctionErroneousReturnValueNotTested.expected create mode 100644 c/common/test/rules/functionerroneousreturnvaluenottested/FunctionErroneousReturnValueNotTested.ql rename cpp/autosar/test/rules/M0-3-2/test.cpp => c/common/test/rules/functionerroneousreturnvaluenottested/test.c (100%) create mode 100644 c/misra/src/rules/DIR-4-7/FunctionErrorInformationUntested.ql create mode 100644 c/misra/test/rules/DIR-4-7/FunctionErrorInformationUntested.testref delete mode 100644 cpp/autosar/test/rules/M0-3-2/FunctionErroneousReturnValueNotTested.qlref create mode 100644 cpp/common/src/codingstandards/cpp/rules/functionerroneousreturnvaluenottested/FunctionErroneousReturnValueNotTested.qll rename cpp/{autosar/test/rules/M0-3-2 => common/test/rules/functionerroneousreturnvaluenottested}/FunctionErroneousReturnValueNotTested.expected (100%) create mode 100644 cpp/common/test/rules/functionerroneousreturnvaluenottested/FunctionErroneousReturnValueNotTested.ql create mode 100644 cpp/common/test/rules/functionerroneousreturnvaluenottested/test.cpp diff --git a/c/common/test/rules/functionerroneousreturnvaluenottested/FunctionErroneousReturnValueNotTested.expected b/c/common/test/rules/functionerroneousreturnvaluenottested/FunctionErroneousReturnValueNotTested.expected new file mode 100644 index 0000000000..015f52348c --- /dev/null +++ b/c/common/test/rules/functionerroneousreturnvaluenottested/FunctionErroneousReturnValueNotTested.expected @@ -0,0 +1 @@ +| test.c:16:3:16:8 | call to remove | Return value is not tested for errors. | diff --git a/c/common/test/rules/functionerroneousreturnvaluenottested/FunctionErroneousReturnValueNotTested.ql b/c/common/test/rules/functionerroneousreturnvaluenottested/FunctionErroneousReturnValueNotTested.ql new file mode 100644 index 0000000000..12c2196efd --- /dev/null +++ b/c/common/test/rules/functionerroneousreturnvaluenottested/FunctionErroneousReturnValueNotTested.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.functionerroneousreturnvaluenottested.FunctionErroneousReturnValueNotTested + +class TestFileQuery extends FunctionErroneousReturnValueNotTestedSharedQuery, TestQuery { } diff --git a/cpp/autosar/test/rules/M0-3-2/test.cpp b/c/common/test/rules/functionerroneousreturnvaluenottested/test.c similarity index 100% rename from cpp/autosar/test/rules/M0-3-2/test.cpp rename to c/common/test/rules/functionerroneousreturnvaluenottested/test.c diff --git a/c/misra/src/rules/DIR-4-7/FunctionErrorInformationUntested.ql b/c/misra/src/rules/DIR-4-7/FunctionErrorInformationUntested.ql new file mode 100644 index 0000000000..b827e101e3 --- /dev/null +++ b/c/misra/src/rules/DIR-4-7/FunctionErrorInformationUntested.ql @@ -0,0 +1,26 @@ +/** + * @id c/misra/function-error-information-untested + * @name DIR-4-7: If a function generates error information, then that error information shall be tested + * @description A function (whether it is part of the standard library, a third party library or a + * user defined function) may provide some means of indicating the occurrence of an + * error. This may be via a global error flag, a parametric error flag, a special + * return value or some other means. Whenever such a mechanism is provided by a + * function the calling program shall check for the indication of an error as soon as + * the function returns. + * @kind problem + * @precision very-high + * @problem.severity recommendation + * @tags external/misra/id/dir-4-7 + * maintainability + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.rules.functionerroneousreturnvaluenottested.FunctionErroneousReturnValueNotTested + +class FunctionErrorInformationUntestedQuery extends FunctionErroneousReturnValueNotTestedSharedQuery { + FunctionErrorInformationUntestedQuery() { + this = ContractsPackage::functionErrorInformationUntestedQuery() + } +} diff --git a/c/misra/test/rules/DIR-4-7/FunctionErrorInformationUntested.testref b/c/misra/test/rules/DIR-4-7/FunctionErrorInformationUntested.testref new file mode 100644 index 0000000000..51bd5fbefb --- /dev/null +++ b/c/misra/test/rules/DIR-4-7/FunctionErrorInformationUntested.testref @@ -0,0 +1 @@ +c/common/test/rules/functionerroneousreturnvaluenottested/FunctionErroneousReturnValueNotTested.ql \ No newline at end of file diff --git a/cpp/autosar/src/rules/M0-3-2/FunctionErroneousReturnValueNotTested.ql b/cpp/autosar/src/rules/M0-3-2/FunctionErroneousReturnValueNotTested.ql index aee4e40838..77e6278960 100644 --- a/cpp/autosar/src/rules/M0-3-2/FunctionErroneousReturnValueNotTested.ql +++ b/cpp/autosar/src/rules/M0-3-2/FunctionErroneousReturnValueNotTested.ql @@ -19,54 +19,11 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.dataflow.DataFlow -import semmle.code.cpp.controlflow.Guards +import codingstandards.cpp.rules.functionerroneousreturnvaluenottested.FunctionErroneousReturnValueNotTested -from FunctionCall fc -where - not isExcluded(fc, ExpressionsPackage::functionErroneousReturnValueNotTestedQuery()) and - fc.getTarget() - .hasGlobalOrStdName([ - // fcntl.h - "open", "openat", "fcntl", "creat", - // locale.h - "setlocale", - // stdlib.h - "system", "getenv", "getenv_s", - // signal.h - "signal", "raise", - // setjmp.h - "setjmp", - // stdio.h - "fopen", "fopen_s", "freopen", "freopen_s", "fclose", "fcloseall", "fflush", "setvbuf", - "fgetc", "getc", "fgets", "fputc", "getchar", "gets", "gets_s", "putchar", "puts", - "ungetc", "scanf", "fscanf", "sscanf", "scanf_s", "fscanf_s", "sscanf_s", "vscanf", - "vfscanf", "vsscanf", "vscanf_s", "vfscanf_s", "vsscanf_s", "printf", "fprintf", - "sprintf", "snprintf", "printf_s", "fprintf_s", "sprintf_s", "snprintf_s", "vprintf", - "vfprintf", "vsprintf", "vsnprintf", "vprintf_s", "vfprintf_s", "vsprintf_s", - "vsnprintf_s", "ftell", "fgetpos", "fseek", "fsetpos", "remove", "rename", "tmpfile", - "tmpfile_s", "tmpnam", "tmpnam_s", - // string.h - "strcpy_s", "strncpy_s", "strcat_s", "strncat_s", "memset_s", "memcpy_s", "memmove_s", - "strerror_s", - // threads.h - "thrd_create", "thrd_sleep", "thrd_detach", "thrd_join", "mtx_init", "mtx_lock", - "mtx_timedlock", "mtx_trylock", "mtx_unlock", "cnd_init", "cnd_signal", "cnd_broadcast", - "cnd_wait", "cnd_timedwait", "tss_create", "tss_get", "tss_set", - // time.h - "time", "clock", "timespec_get", "asctime_s", "ctime_s", "gmtime", "gmtime_s", - "localtime", "localtime_s", - // unistd.h - "write", "read", "close", "unlink", - // wchar.h - "fgetwc", "getwc", "fgetws", "fputwc", "putwc", "fputws", "getwchar", "putwchar", - "ungetwc", "wscanf", "fwscanf", "swscanf", "wscanf_s", "fwscanf_s", "swscanf_s", - "vwscanf", "vfwscanf", "vswscanf", "vwscanf_s", "vfwscanf_s", "vswscanf_s", "wprintf", - "fwprintf", "swprintf", "wprintf_s", "fwprintf_s", "swprintf_s", "snwprintf_s", - "vwprintf", "vfwprintf", "vswprintf", "vwprintf_s", "vfwprintf_s", "vswprintf_s", - "vsnwprintf_s" - ]) and - forall(GuardCondition gc | - not DataFlow::localFlow(DataFlow::exprNode(fc), DataFlow::exprNode(gc.getAChild*())) - ) -select fc, "Return value is not tested for errors." +class FunctionErrorInformationUntestedQuery extends FunctionErroneousReturnValueNotTestedSharedQuery +{ + FunctionErrorInformationUntestedQuery() { + this = ExpressionsPackage::functionErroneousReturnValueNotTestedQuery() + } +} diff --git a/cpp/autosar/test/rules/M0-3-2/FunctionErroneousReturnValueNotTested.qlref b/cpp/autosar/test/rules/M0-3-2/FunctionErroneousReturnValueNotTested.qlref deleted file mode 100644 index 3cfea1dc31..0000000000 --- a/cpp/autosar/test/rules/M0-3-2/FunctionErroneousReturnValueNotTested.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M0-3-2/FunctionErroneousReturnValueNotTested.ql \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/rules/functionerroneousreturnvaluenottested/FunctionErroneousReturnValueNotTested.qll b/cpp/common/src/codingstandards/cpp/rules/functionerroneousreturnvaluenottested/FunctionErroneousReturnValueNotTested.qll new file mode 100644 index 0000000000..fe4f788847 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/functionerroneousreturnvaluenottested/FunctionErroneousReturnValueNotTested.qll @@ -0,0 +1,62 @@ +/** + * Provides a library which includes a `problems` predicate for reporting unchecked error values. + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.controlflow.Guards +import codingstandards.cpp.Exclusions + +abstract class FunctionErroneousReturnValueNotTestedSharedQuery extends Query { } + +Query getQuery() { result instanceof FunctionErroneousReturnValueNotTestedSharedQuery } + +query predicate problems(FunctionCall fc, string message) { + not isExcluded(fc, getQuery()) and + fc.getTarget() + .hasGlobalOrStdName([ + // fcntl.h + "open", "openat", "fcntl", "creat", + // locale.h + "setlocale", + // stdlib.h + "system", "getenv", "getenv_s", + // signal.h + "signal", "raise", + // setjmp.h + "setjmp", + // stdio.h + "fopen", "fopen_s", "freopen", "freopen_s", "fclose", "fcloseall", "fflush", "setvbuf", + "fgetc", "getc", "fgets", "fputc", "getchar", "gets", "gets_s", "putchar", "puts", + "ungetc", "scanf", "fscanf", "sscanf", "scanf_s", "fscanf_s", "sscanf_s", "vscanf", + "vfscanf", "vsscanf", "vscanf_s", "vfscanf_s", "vsscanf_s", "printf", "fprintf", + "sprintf", "snprintf", "printf_s", "fprintf_s", "sprintf_s", "snprintf_s", "vprintf", + "vfprintf", "vsprintf", "vsnprintf", "vprintf_s", "vfprintf_s", "vsprintf_s", + "vsnprintf_s", "ftell", "fgetpos", "fseek", "fsetpos", "remove", "rename", "tmpfile", + "tmpfile_s", "tmpnam", "tmpnam_s", + // string.h + "strcpy_s", "strncpy_s", "strcat_s", "strncat_s", "memset_s", "memcpy_s", "memmove_s", + "strerror_s", + // threads.h + "thrd_create", "thrd_sleep", "thrd_detach", "thrd_join", "mtx_init", "mtx_lock", + "mtx_timedlock", "mtx_trylock", "mtx_unlock", "cnd_init", "cnd_signal", "cnd_broadcast", + "cnd_wait", "cnd_timedwait", "tss_create", "tss_get", "tss_set", + // time.h + "time", "clock", "timespec_get", "asctime_s", "ctime_s", "gmtime", "gmtime_s", + "localtime", "localtime_s", + // unistd.h + "write", "read", "close", "unlink", + // wchar.h + "fgetwc", "getwc", "fgetws", "fputwc", "putwc", "fputws", "getwchar", "putwchar", + "ungetwc", "wscanf", "fwscanf", "swscanf", "wscanf_s", "fwscanf_s", "swscanf_s", + "vwscanf", "vfwscanf", "vswscanf", "vwscanf_s", "vfwscanf_s", "vswscanf_s", "wprintf", + "fwprintf", "swprintf", "wprintf_s", "fwprintf_s", "swprintf_s", "snwprintf_s", + "vwprintf", "vfwprintf", "vswprintf", "vwprintf_s", "vfwprintf_s", "vswprintf_s", + "vsnwprintf_s" + ]) and + forall(GuardCondition gc | + not DataFlow::localFlow(DataFlow::exprNode(fc), DataFlow::exprNode(gc.getAChild*())) + ) and + message = "Return value is not tested for errors." +} diff --git a/cpp/autosar/test/rules/M0-3-2/FunctionErroneousReturnValueNotTested.expected b/cpp/common/test/rules/functionerroneousreturnvaluenottested/FunctionErroneousReturnValueNotTested.expected similarity index 100% rename from cpp/autosar/test/rules/M0-3-2/FunctionErroneousReturnValueNotTested.expected rename to cpp/common/test/rules/functionerroneousreturnvaluenottested/FunctionErroneousReturnValueNotTested.expected diff --git a/cpp/common/test/rules/functionerroneousreturnvaluenottested/FunctionErroneousReturnValueNotTested.ql b/cpp/common/test/rules/functionerroneousreturnvaluenottested/FunctionErroneousReturnValueNotTested.ql new file mode 100644 index 0000000000..12c2196efd --- /dev/null +++ b/cpp/common/test/rules/functionerroneousreturnvaluenottested/FunctionErroneousReturnValueNotTested.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.functionerroneousreturnvaluenottested.FunctionErroneousReturnValueNotTested + +class TestFileQuery extends FunctionErroneousReturnValueNotTestedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/functionerroneousreturnvaluenottested/test.cpp b/cpp/common/test/rules/functionerroneousreturnvaluenottested/test.cpp new file mode 100644 index 0000000000..08e2f23dec --- /dev/null +++ b/cpp/common/test/rules/functionerroneousreturnvaluenottested/test.cpp @@ -0,0 +1,17 @@ +#include + +void test_compliant() { + // Return value is passed to an lvalue and then tested. + FILE *fh = fopen("/etc/foo", "r"); + if (!fh) { // COMPLIANT + return; + } + + // Return value is tested immediately as an rvalue. + if (fclose(fh)) // COMPLIANT + return; +} + +void test_noncompliant() { + remove("/bin/bash"); // NON_COMPLIANT +} \ No newline at end of file From 81200896b07034ad5120918e91df6295f2d9feb0 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 30 Jan 2024 09:53:23 +0000 Subject: [PATCH 1539/2573] FunctionErroneousReturnValueNotTested rewritten for clarity --- .../FunctionErroneousReturnValueNotTested.qll | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/functionerroneousreturnvaluenottested/FunctionErroneousReturnValueNotTested.qll b/cpp/common/src/codingstandards/cpp/rules/functionerroneousreturnvaluenottested/FunctionErroneousReturnValueNotTested.qll index fe4f788847..5cd98c05d6 100644 --- a/cpp/common/src/codingstandards/cpp/rules/functionerroneousreturnvaluenottested/FunctionErroneousReturnValueNotTested.qll +++ b/cpp/common/src/codingstandards/cpp/rules/functionerroneousreturnvaluenottested/FunctionErroneousReturnValueNotTested.qll @@ -55,8 +55,8 @@ query predicate problems(FunctionCall fc, string message) { "vwprintf", "vfwprintf", "vswprintf", "vwprintf_s", "vfwprintf_s", "vswprintf_s", "vsnwprintf_s" ]) and - forall(GuardCondition gc | - not DataFlow::localFlow(DataFlow::exprNode(fc), DataFlow::exprNode(gc.getAChild*())) + not exists(GuardCondition gc | + DataFlow::localFlow(DataFlow::exprNode(fc), DataFlow::exprNode(gc.getAChild*())) ) and message = "Return value is not tested for errors." } From 7e5ef5f8306fee09522415cfda8cf708d8a32ea0 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 30 Jan 2024 09:55:42 +0000 Subject: [PATCH 1540/2573] Add name of function to message. --- .../FunctionErroneousReturnValueNotTested.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/functionerroneousreturnvaluenottested/FunctionErroneousReturnValueNotTested.qll b/cpp/common/src/codingstandards/cpp/rules/functionerroneousreturnvaluenottested/FunctionErroneousReturnValueNotTested.qll index 5cd98c05d6..dd2f7d75e0 100644 --- a/cpp/common/src/codingstandards/cpp/rules/functionerroneousreturnvaluenottested/FunctionErroneousReturnValueNotTested.qll +++ b/cpp/common/src/codingstandards/cpp/rules/functionerroneousreturnvaluenottested/FunctionErroneousReturnValueNotTested.qll @@ -58,5 +58,5 @@ query predicate problems(FunctionCall fc, string message) { not exists(GuardCondition gc | DataFlow::localFlow(DataFlow::exprNode(fc), DataFlow::exprNode(gc.getAChild*())) ) and - message = "Return value is not tested for errors." + message = "Return value from " + fc.getTarget().getName() + " is not tested for errors." } From a19855bd20ace838d2f7748f45de341e5e7b97ef Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 30 Jan 2024 10:02:11 +0000 Subject: [PATCH 1541/2573] Add implementation scope properties Specify the scope of each of the newly supported rules. --- rule_packages/c/Contracts.json | 15 ++++++++++++--- rule_packages/c/FloatingTypes.json | 5 ++++- rule_packages/cpp/Expressions.json | 5 ++++- 3 files changed, 20 insertions(+), 5 deletions(-) diff --git a/rule_packages/c/Contracts.json b/rule_packages/c/Contracts.json index e2239908f0..735e84d9da 100644 --- a/rule_packages/c/Contracts.json +++ b/rule_packages/c/Contracts.json @@ -14,7 +14,10 @@ "short_name": "DoNotViolateInLineLinkageConstraints", "tags": [ "correctness" - ] + ], + "implementation_scope": { + "description": "This query only considers the constraints related to inline extern functions." + } } ], "title": "Do not violate constraints" @@ -36,7 +39,10 @@ "shared_implementation_short_name": "UncheckedRangeDomainPoleErrors", "tags": [ "correctness" - ] + ], + "implementation_scope": { + "description": "This query identifies possible domain, pole and range errors on a selection of C standard library fuctions from math.h." + } } ], "title": "The validity of values passed to library functions shall be checked" @@ -56,7 +62,10 @@ "shared_implementation_short_name": "FunctionErroneousReturnValueNotTested", "tags": [ "maintainability" - ] + ], + "implementation_scope": { + "description": "This query enforces checking on some C standard library functions that may return error codes." + } } ], "title": "If a function returns error information, then that error information shall be tested" diff --git a/rule_packages/c/FloatingTypes.json b/rule_packages/c/FloatingTypes.json index 1dfd663597..7df2298ad1 100644 --- a/rule_packages/c/FloatingTypes.json +++ b/rule_packages/c/FloatingTypes.json @@ -15,7 +15,10 @@ "shared_implementation_short_name": "UncheckedRangeDomainPoleErrors", "tags": [ "correctness" - ] + ], + "implementation_scope": { + "description": "This query identifies possible domain, pole and range errors on a selection of C standard library fuctions from math.h." + } } ], "title": "Prevent or detect domain and range errors in math functions" diff --git a/rule_packages/cpp/Expressions.json b/rule_packages/cpp/Expressions.json index 5668c78a0a..935c3fa6f1 100644 --- a/rule_packages/cpp/Expressions.json +++ b/rule_packages/cpp/Expressions.json @@ -89,7 +89,10 @@ "shared_implementation_short_name": "FunctionErroneousReturnValueNotTested", "tags": [ "maintainability" - ] + ], + "implementation_scope": { + "description": "The query enforces checking on some C standard library functions that may return error codes." + } } ], "title": "If a function generates error information, then that error information shall be tested." From 9b7102e149ad57a8b45f6b09b5df452d731f1f2c Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 30 Jan 2024 10:03:21 +0000 Subject: [PATCH 1542/2573] Add change note. --- change_notes/2024-01-30-m0-3-2.md | 1 + 1 file changed, 1 insertion(+) create mode 100644 change_notes/2024-01-30-m0-3-2.md diff --git a/change_notes/2024-01-30-m0-3-2.md b/change_notes/2024-01-30-m0-3-2.md new file mode 100644 index 0000000000..b074f6b2b1 --- /dev/null +++ b/change_notes/2024-01-30-m0-3-2.md @@ -0,0 +1 @@ + * `M0-3-2` - the alert messages now include the name of the called function. \ No newline at end of file From 0af1ef3004b5bb49022564c795e8dfc7e09f9560 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 30 Jan 2024 11:22:35 +0000 Subject: [PATCH 1543/2573] Update README.md Update the list of supported standards. --- README.md | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/README.md b/README.md index 375b7668b3..a4233e3cb9 100644 --- a/README.md +++ b/README.md @@ -6,15 +6,12 @@ This repository contains CodeQL queries and libraries which support various Codi _Carnegie Mellon and CERT are registered trademarks of Carnegie Mellon University._ -This repository contains CodeQL queries and libraries which support various Coding Standards for the [C++14](https://www.iso.org/standard/64029.html) programming language. +This repository contains CodeQL queries and libraries which support various Coding Standards for the [C++14](https://www.iso.org/standard/64029.html), [C99](https://www.iso.org/standard/29237.html) and [C11](https://www.iso.org/standard/57853.html) programming languages. The following coding standards are supported: - [AUTOSAR - Guidelines for the use of C++14 language in critical and safety-related systems (Releases R22-11, R20-11, R19-11 and R19-03)](https://www.autosar.org/fileadmin/standards/R22-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf). - [MISRA C++:2008](https://www.misra.org.uk) (support limited to the rules specified in AUTOSAR). - [SEI CERT C++ Coding Standard: Rules for Developing Safe, Reliable, and Secure Systems (2016 Edition)](https://resources.sei.cmu.edu/library/asset-view.cfm?assetID=494932) - -In addition, the following Coding Standards for the C programming language are under development: - - [SEI CERT C Coding Standard: Rules for Developing Safe, Reliable, and Secure Systems (2016 Edition)](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-c-coding-standard-2016-v01.pdf) - [MISRA C 2012](https://www.misra.org.uk/product/misra-c2012-third-edition-first-revision/). From a2ef954cbd45d9ebe87f1e7345a269c00bd05957 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 30 Jan 2024 11:22:57 +0000 Subject: [PATCH 1544/2573] User manual - update coverage statements * Update counts of total rules, supported rules and implemented rules. * Expand description of what makes a rule supportable. * Report which rules are not implemented. --- docs/user_manual.md | 18 +++++++++++------- rules.csv | 11 +++++------ 2 files changed, 16 insertions(+), 13 deletions(-) diff --git a/docs/user_manual.md b/docs/user_manual.md index 7651c06019..019de01fd4 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -23,6 +23,7 @@ | 0.15.0 | 2023-05-24 | Mauro Baluda | Clarify AUTOSAR C++ supported versions. | | 0.16.0 | 2023-07-03 | Luke Cartey | Remove reference to LGTM, update the name of the query pack | | 0.17.0 | 2023-08-16 | Luke Cartey | Update list of supported compiler configurations. | +| 0.87.0 | 2024-01-30 | Luke Cartey | Update product description and coverage table. | ## Release information @@ -48,15 +49,16 @@ A _coding standard_ is a set of rules or guidelines which restrict or prohibit t The _CodeQL Coding Standards_ product is a set of CodeQL queries for identifying contraventions of rules in the following coding standards: -| Standard | Version | Total rules | Total supportable rules | Status | -| -------------------------------------------------------------------------------------------------------------------- | ------- | ----------- | ----------------------- | ----------------- | -| [AUTOSAR C++](https://www.autosar.org/fileadmin/standards/R22-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf) | [^1] R22-11, R21-11, R20-11, R19-11, R19-03 | 397 | 375 | Implemented | -| [CERT-C++](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-cpp-coding-standard-2016-v01.pdf) | 2016 | 83 | 83 | Implemented | -| [CERT C](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-c-coding-standard-2016-v01.pdf) | 2016 | 99 | 99 | Under development | -| [MISRA C](https://www.misra.org.uk/product/misra-c2012-third-edition-first-revision/) | 2012 | 172 | 169 | Under development | +| Standard | Version | Rules | Supportable rules | Implemented rules | Status | +| -------------------------------------------------------------------------------------------------------------------- | ------- | ----------- | ----------------------- | ----------------- | ------- | +| [AUTOSAR C++](https://www.autosar.org/fileadmin/standards/R22-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf) | [^1] R22-11, R21-11, R20-11, R19-11, R19-03 | 397 | 372 | 370[^2] | Implemented | +| [CERT-C++](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-cpp-coding-standard-2016-v01.pdf) | 2016 | 83 | 82 | 82 | Implemented | +| [CERT C](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-c-coding-standard-2016-v01.pdf) | 2016 | 99 | 97 | 97 | Implemented | +| [MISRA C](https://www.misra.org.uk/product/misra-c2012-third-edition-first-revision/) | 2012 | 175 | 164 | 162[^3] | Implemented | +Not all rules in these standards are amenable to static analysis by CodeQL - some rules require external or domain specific knowledge to validate, or refer to properties which are not present in the our representation of the codebase under analysis. In addition, some rules are natively enforced by our supported set of compilers. As CodeQL requires that the program under analysis compiles, we are unable to implement queries for these rules, and doing so would be redundant. -Not all rules in these standards are amenable to static analysis by CodeQL - some rules require external or domain specific knowledge to validate, or refer to properties which are not present in the our representation of the codebase under analysis. For each rule we therefore identify whether it is supportable or not. Furthermore, a rule can be supported in two ways: +For each rule we therefore identify whether it is supportable or not. Furthermore, a rule can be supported in two ways: - **Automated** - the queries for the rule find contraventions directly. - **Audit only** - the queries for the rule does not find contraventions directly, but instead report a list of _candidates_ that can be used as input into a manual audit. For example, `A10-0-1` (_Public inheritance shall be used to implement 'is-a' relationship_) is not directly amenable to static analysis, but CodeQL can be used to produce a list of all the locations that use public inheritance so they can be manually reviewed. @@ -66,6 +68,8 @@ Each supported rule is implemented as one or more CodeQL queries, with each quer The datasheet _"CodeQL Coding Standards: supported rules"_, provided with each release, lists which rules are supported for that particular release, and the _scope of analysis_ for that rule. [^1]: AUTOSAR C++ versions R22-11, R21-11, R20-11, R19-11 and R19-03 are all identical as indicated in the document change history. +[^2]: The unimplemented supportable AUTOSAR rules are `A7-1-8` and `A8-2-1`. These rules require additional support in the CodeQL CLI to ensure the required information is available in the CodeQL database to identify violations of these rules. +[^3]: The unimplemented supportable MISRA C 2012 rules are `Rule 9.5` and `Dir 4.14`. `Rule 9.5` requires additional support in the CodeQL CLI to ensure the required information is available in the CodeQL database to identify violations of these rules. `Dir 4.14` is covered by the default CodeQL queries, which identify potential security vulnerabilities caused by not validating external input. ## Supported environment diff --git a/rules.csv b/rules.csv index 20af9fbc01..af7008c26b 100644 --- a/rules.csv +++ b/rules.csv @@ -500,7 +500,7 @@ c,CERT-C,CON41-C,Yes,Rule,,,Wrap functions that can fail spuriously in a loop,CO c,CERT-C,CON43-C,OutOfScope,Rule,,,Do not allow data races in multithreaded code,,,, c,CERT-C,DCL30-C,Yes,Rule,,,Declare objects with appropriate storage durations,,Declarations8,Hard, c,CERT-C,DCL31-C,Yes,Rule,,,Declare identifiers before using them,,Declarations1,Medium, -c,CERT-C,DCL36-C,No,Rule,,,Do not declare an identifier with conflicting linkage classifications,,,, +c,CERT-C,DCL36-C,No,Rule,,,Do not declare an identifier with conflicting linkage classifications,,,,Compiler enforced in all supported compilers c,CERT-C,DCL37-C,Yes,Rule,,,Do not declare or define a reserved identifier,,Declarations1,Easy, c,CERT-C,DCL38-C,Yes,Rule,,,Use the correct syntax when declaring a flexible array member,,Declarations2,Easy, c,CERT-C,DCL39-C,Yes,Rule,,,Avoid information leakage when passing a structure across a trust boundary,,Declarations7,Hard, @@ -585,7 +585,7 @@ c,CERT-C,POS51-C,OutOfScope,Rule,,,Avoid deadlock with POSIX threads by locking c,CERT-C,POS52-C,OutOfScope,Rule,,,Do not perform operations that can block while holding a POSIX lock,,,, c,CERT-C,POS53-C,OutOfScope,Rule,,,Do not use more than one mutex for concurrent waiting operations on a condition variable,,,, c,CERT-C,POS54-C,OutOfScope,Rule,,,Detect and handle POSIX library errors,,,, -c,CERT-C,PRE30-C,No,Rule,,,Do not create a universal character name through concatenation,,,Medium, +c,CERT-C,PRE30-C,No,Rule,,,Do not create a universal character name through concatenation,,,Medium,Compiler enforced in all supported compilers c,CERT-C,PRE31-C,Yes,Rule,,,Avoid side effects in arguments to unsafe macros,RULE-13-2,SideEffects4,Medium, c,CERT-C,PRE32-C,Yes,Rule,,,Do not use preprocessor directives in invocations of function-like macros,,Preprocessor5,Hard, c,CERT-C,SIG30-C,Yes,Rule,,,Call only asynchronous-safe functions within signal handlers,,SignalHandlers,Medium, @@ -614,8 +614,8 @@ c,MISRA-C-2012,DIR-4-9,Yes,Advisory,,,A function should be used in preference to c,MISRA-C-2012,DIR-4-10,Yes,Required,,,Precautions shall be taken in order to prevent the contents of a header file being included more than once,M16-2-3,Preprocessor2,Medium, c,MISRA-C-2012,DIR-4-11,Yes,Required,,,The validity of values passed to library functions shall be checked,,Contracts,Hard, c,MISRA-C-2012,DIR-4-12,Yes,Required,,,Dynamic memory allocation shall not be used,,Banned,Medium, -c,MISRA-C-2012,DIR-4-13,Yes,Advisory,,,Functions which are designed to provide operations on a resource should be called in an appropriate sequence,,Contracts,Hard, -c,MISRA-C-2012,DIR-4-14,Yes,Required,,,The validity of values received from external sources shall be checked,,Contracts,Hard, +c,MISRA-C-2012,DIR-4-13,No,Advisory,,,Functions which are designed to provide operations on a resource should be called in an appropriate sequence,,,,Rule 22.1, 22.2 and 22.6 cover aspects of this rule. In other cases this is a design issue and needs to be checked manually. +c,MISRA-C-2012,DIR-4-14,Yes,Required,,,The validity of values received from external sources shall be checked,,Contracts,Hard,This is supported by CodeQLs default C security queries. c,MISRA-C-2012,RULE-1-1,No,Required,,,"The program shall contain no violations of the standard C syntax and constraints, and shall not exceed the implementation's translation limits",,,Easy,"This should be checked via the compiler output, rather than CodeQL, which adds unnecessary steps." c,MISRA-C-2012,RULE-1-2,Yes,Advisory,,,Language extensions should not be used,,Language3,Hard, c,MISRA-C-2012,RULE-1-3,Yes,Required,,,There shall be no occurrence of undefined or critical unspecified behaviour,,Language3,Hard, @@ -773,5 +773,4 @@ c,MISRA-C-2012,RULE-22-6,Yes,Mandatory,,,The value of a pointer to a FILE shall c,MISRA-C-2012,RULE-22-7,Yes,Required,,,The macro EOF shall only be compared with the unmodified return value from any Standard Library function capable of returning EOF,,IO3,Hard, c,MISRA-C-2012,RULE-22-8,Yes,Required,,,The value of errno shall be set to zero prior to a call to an errno-setting-function,ERR30-C,Contracts3,Medium, c,MISRA-C-2012,RULE-22-9,Yes,Required,,,The value of errno shall be tested against zero after calling an errno-setting-function,,Contracts3,Medium, -c,MISRA-C-2012,RULE-22-10,Yes,Required,,,The value of errno shall only be tested when the last function to be called was an errno-setting-function,,Contracts3,Medium, -,,,,,,,,,,0, +c,MISRA-C-2012,RULE-22-10,Yes,Required,,,The value of errno shall only be tested when the last function to be called was an errno-setting-function,,Contracts3,Medium, \ No newline at end of file From 78d5e793b66136c9ea7eec6c3da011d0af335011 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 30 Jan 2024 11:33:02 +0000 Subject: [PATCH 1545/2573] Add missing file. --- .../rules/M0-3-2/FunctionErroneousReturnValueNotTested.testref | 1 + 1 file changed, 1 insertion(+) create mode 100644 cpp/autosar/test/rules/M0-3-2/FunctionErroneousReturnValueNotTested.testref diff --git a/cpp/autosar/test/rules/M0-3-2/FunctionErroneousReturnValueNotTested.testref b/cpp/autosar/test/rules/M0-3-2/FunctionErroneousReturnValueNotTested.testref new file mode 100644 index 0000000000..50847523ce --- /dev/null +++ b/cpp/autosar/test/rules/M0-3-2/FunctionErroneousReturnValueNotTested.testref @@ -0,0 +1 @@ +cpp/common/test/rules/functionerroneousreturnvaluenottested/FunctionErroneousReturnValueNotTested.ql \ No newline at end of file From 67eac424d5c36fb98895818f7f70de5ce6227294 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 30 Jan 2024 11:54:58 +0000 Subject: [PATCH 1546/2573] Replace queryable with supportable for clarity. This makes it consistent with the user manual. --- rules.csv | 2 +- scripts/generate_rules/generate_package_description.py | 6 +++--- scripts/verify_rule_package_consistency.py | 8 ++++---- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/rules.csv b/rules.csv index af7008c26b..7b7a10948e 100644 --- a/rules.csv +++ b/rules.csv @@ -1,4 +1,4 @@ -Language,Standard,ID,Queryable?,Obligation level,Enforcement level,Allocated target,Description,Similar,Package,Difficulty,Justification for querability level +Language,Standard,ID,Supportable,Obligation level,Enforcement level,Allocated target,Description,Similar,Package,Difficulty,Justification for querability level cpp,AUTOSAR,A0-1-1,Yes,Required,Automated,Implementation,A project shall not contain instances of non-volatile variables being given values that are not subsequently used.,M0-1-6,DeadCode,Medium, cpp,AUTOSAR,A0-1-2,Yes,Required,Automated,Implementation,The value returned by a function having a non-void return type that is not an overloaded operator shall be used.,M0-1-7,DeadCode,Easy, cpp,AUTOSAR,A0-1-3,Yes,Required,Automated,Implementation,"Every function defined in an anonymous namespace, or static function with internal linkage, or private member function shall be used.",M0-1-10,DeadCode,Easy, diff --git a/scripts/generate_rules/generate_package_description.py b/scripts/generate_rules/generate_package_description.py index d3890e230f..20c9adc065 100644 --- a/scripts/generate_rules/generate_package_description.py +++ b/scripts/generate_rules/generate_package_description.py @@ -96,7 +96,7 @@ def generate_short_name(title): language = rule[0] standard = rule[1] rule_id = rule[2] - queryable = rule[3] + supportable = rule[3] obligation_level = rule[4] enforcement_level = rule[5] allocated_targets = rule[6] @@ -106,8 +106,8 @@ def generate_short_name(title): difficulty = rule[10] # Find all rules in the given language and package if language == language_name and package == package_name: - if not queryable == "Yes": - print("Error: " + standard + " " + rule_id + " is marked as part of package " + package_name + " but is not marked as queryable.") + if not supportable == "Yes": + print("Error: " + standard + " " + rule_id + " is marked as part of package " + package_name + " but is not marked as supportable.") sys.exit(1) # Add the AUTOSAR obligation, enforcement and allocated target as query properties. diff --git a/scripts/verify_rule_package_consistency.py b/scripts/verify_rule_package_consistency.py index 67d09e3590..7d111e81bc 100644 --- a/scripts/verify_rule_package_consistency.py +++ b/scripts/verify_rule_package_consistency.py @@ -47,7 +47,7 @@ standard = rule[1] rule_id = rule[2] - queryable = rule[3] + supportable = rule[3] obligation_level = rule[4] enforcement_level = rule[5] allocated_targets = rule[6] @@ -57,9 +57,9 @@ difficulty = rule[10] # If the rule is associated with a package if package: - if not queryable == "Yes": + if not supportable == "Yes": print( - f"ERROR: {standard} {rule_id} is included as part of package {package} but is not marked as queryable.") + f"ERROR: {standard} {rule_id} is included as part of package {package} but is not marked as supportable.") failed = True else: package_rules_from_csv[package].add(rule_id) @@ -98,7 +98,7 @@ failed = True if not rule_id in package_rules_from_csv[package_name]: print( - f" - ERROR: Rule {rule_id} included in {package_name}.json but not marked as queryable in rules.csv.") + f" - ERROR: Rule {rule_id} included in {package_name}.json but not marked as supportable in rules.csv.") failed = True rules_csv_rule_ids = package_rules_from_csv[package_name] From 3fbd7c64cda409971beadf7ada14554555506968 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 30 Jan 2024 11:59:46 +0000 Subject: [PATCH 1547/2573] Clarify that for C it can be C99 or C11. --- docs/user_manual.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/user_manual.md b/docs/user_manual.md index 019de01fd4..bd9af9d15b 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -114,9 +114,9 @@ For C the codebase under analysis must comply with C99 or C11 and use one of the | Compiler | Version | Standard library | Target architecture | Required Flags | | -------- | ------- | ------------------- | --------------------- | -------------------------- | -| clang | 10.0.0 | glibc (default) | x86_64-linux-gnu | -std=c11 | -| gcc | 8.4.0 | glibc (default) | x86_64-linux-gnu | -std=c11 | -| qcc | 8.3.0 | glibc (default) | gcc_ntoaarch64le | -std=c11 -nopipe | +| clang | 10.0.0 | glibc (default) | x86_64-linux-gnu | `-std=c11` or `-std=c99` | +| gcc | 8.4.0 | glibc (default) | x86_64-linux-gnu | `-std=c11` or `-std=c99` | +| qcc | 8.3.0 | glibc (default) | gcc_ntoaarch64le | `-std=c11 -nopipe` or `-std=c99 -nopipe` | Use of the queries outside these scenarios is possible, but not validated for functional safety. In particular: - Use of the queries against codebases written with more recent versions of C (as supported by CodeQL) are not validated in the following circumstances: From 9776de1211801f333c827630352daf9bef931455 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 30 Jan 2024 12:58:50 +0000 Subject: [PATCH 1548/2573] Update expected result files. --- .../FunctionErroneousReturnValueNotTested.expected | 2 +- .../FunctionErroneousReturnValueNotTested.expected | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/c/common/test/rules/functionerroneousreturnvaluenottested/FunctionErroneousReturnValueNotTested.expected b/c/common/test/rules/functionerroneousreturnvaluenottested/FunctionErroneousReturnValueNotTested.expected index 015f52348c..dc72201a8a 100644 --- a/c/common/test/rules/functionerroneousreturnvaluenottested/FunctionErroneousReturnValueNotTested.expected +++ b/c/common/test/rules/functionerroneousreturnvaluenottested/FunctionErroneousReturnValueNotTested.expected @@ -1 +1 @@ -| test.c:16:3:16:8 | call to remove | Return value is not tested for errors. | +| test.c:16:3:16:8 | call to remove | Return value from remove is not tested for errors. | diff --git a/cpp/common/test/rules/functionerroneousreturnvaluenottested/FunctionErroneousReturnValueNotTested.expected b/cpp/common/test/rules/functionerroneousreturnvaluenottested/FunctionErroneousReturnValueNotTested.expected index 76cbcebed0..2f681c9210 100644 --- a/cpp/common/test/rules/functionerroneousreturnvaluenottested/FunctionErroneousReturnValueNotTested.expected +++ b/cpp/common/test/rules/functionerroneousreturnvaluenottested/FunctionErroneousReturnValueNotTested.expected @@ -1 +1 @@ -| test.cpp:16:3:16:8 | call to remove | Return value is not tested for errors. | +| test.cpp:16:3:16:8 | call to remove | Return value from remove is not tested for errors. | From af9226208ee43cb49f0940a36972be3061ca7c01 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 30 Jan 2024 13:00:51 +0000 Subject: [PATCH 1549/2573] Update rules.csv to exclude unimplemented contracts rules. --- rules.csv | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/rules.csv b/rules.csv index 20af9fbc01..9f4afac4fa 100644 --- a/rules.csv +++ b/rules.csv @@ -614,8 +614,8 @@ c,MISRA-C-2012,DIR-4-9,Yes,Advisory,,,A function should be used in preference to c,MISRA-C-2012,DIR-4-10,Yes,Required,,,Precautions shall be taken in order to prevent the contents of a header file being included more than once,M16-2-3,Preprocessor2,Medium, c,MISRA-C-2012,DIR-4-11,Yes,Required,,,The validity of values passed to library functions shall be checked,,Contracts,Hard, c,MISRA-C-2012,DIR-4-12,Yes,Required,,,Dynamic memory allocation shall not be used,,Banned,Medium, -c,MISRA-C-2012,DIR-4-13,Yes,Advisory,,,Functions which are designed to provide operations on a resource should be called in an appropriate sequence,,Contracts,Hard, -c,MISRA-C-2012,DIR-4-14,Yes,Required,,,The validity of values received from external sources shall be checked,,Contracts,Hard, +c,MISRA-C-2012,DIR-4-13,No,Advisory,,,Functions which are designed to provide operations on a resource should be called in an appropriate sequence,,,,Rule 22.1, 22.2 and 22.6 cover aspects of this rule. In other cases this is a design issue and needs to be checked manually. +c,MISRA-C-2012,DIR-4-14,Yes,Required,,,The validity of values received from external sources shall be checked,,Contracts9,Hard,This is supported by CodeQLs default C security queries. c,MISRA-C-2012,RULE-1-1,No,Required,,,"The program shall contain no violations of the standard C syntax and constraints, and shall not exceed the implementation's translation limits",,,Easy,"This should be checked via the compiler output, rather than CodeQL, which adds unnecessary steps." c,MISRA-C-2012,RULE-1-2,Yes,Advisory,,,Language extensions should not be used,,Language3,Hard, c,MISRA-C-2012,RULE-1-3,Yes,Required,,,There shall be no occurrence of undefined or critical unspecified behaviour,,Language3,Hard, From 3d2cd94fd92681127dbb38fa0833150a2536eb00 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 30 Jan 2024 13:13:14 +0000 Subject: [PATCH 1550/2573] Update documentation. --- c/cert/src/rules/FLP32-C/UncheckedRangeDomainPoleErrors.md | 2 +- .../src/rules/MSC40-C/DoNotViolateInLineLinkageConstraints.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/c/cert/src/rules/FLP32-C/UncheckedRangeDomainPoleErrors.md b/c/cert/src/rules/FLP32-C/UncheckedRangeDomainPoleErrors.md index d6427b9081..ca24a02498 100644 --- a/c/cert/src/rules/FLP32-C/UncheckedRangeDomainPoleErrors.md +++ b/c/cert/src/rules/FLP32-C/UncheckedRangeDomainPoleErrors.md @@ -345,7 +345,7 @@ Independent( INT34-C, FLP32-C, INT33-C) CWE-682 = Union( FLP32-C, list) where li ## Implementation notes -None +This query identifies possible domain, pole and range errors on a selection of C standard library fuctions from math.h. ## References diff --git a/c/cert/src/rules/MSC40-C/DoNotViolateInLineLinkageConstraints.md b/c/cert/src/rules/MSC40-C/DoNotViolateInLineLinkageConstraints.md index 26545fb812..f767c91baf 100644 --- a/c/cert/src/rules/MSC40-C/DoNotViolateInLineLinkageConstraints.md +++ b/c/cert/src/rules/MSC40-C/DoNotViolateInLineLinkageConstraints.md @@ -203,7 +203,7 @@ Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+D ## Implementation notes -None +This query only considers the constraints related to inline extern functions. ## References From bccdb93c2b7b0e2dcbe82feb134c0c0423ae9d81 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 30 Jan 2024 13:13:59 +0000 Subject: [PATCH 1551/2573] Fix formatting --- c/misra/src/rules/DIR-4-7/FunctionErrorInformationUntested.ql | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/c/misra/src/rules/DIR-4-7/FunctionErrorInformationUntested.ql b/c/misra/src/rules/DIR-4-7/FunctionErrorInformationUntested.ql index b827e101e3..63236d422d 100644 --- a/c/misra/src/rules/DIR-4-7/FunctionErrorInformationUntested.ql +++ b/c/misra/src/rules/DIR-4-7/FunctionErrorInformationUntested.ql @@ -19,7 +19,8 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.functionerroneousreturnvaluenottested.FunctionErroneousReturnValueNotTested -class FunctionErrorInformationUntestedQuery extends FunctionErroneousReturnValueNotTestedSharedQuery { +class FunctionErrorInformationUntestedQuery extends FunctionErroneousReturnValueNotTestedSharedQuery +{ FunctionErrorInformationUntestedQuery() { this = ContractsPackage::functionErrorInformationUntestedQuery() } From 337604e56719a36e6098e8b8b41114168e3ab39a Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 30 Jan 2024 13:14:37 +0000 Subject: [PATCH 1552/2573] Fix test formatting --- c/cert/test/rules/MSC40-C/test.c | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/c/cert/test/rules/MSC40-C/test.c b/c/cert/test/rules/MSC40-C/test.c index 3ca4afff4a..d892935d41 100644 --- a/c/cert/test/rules/MSC40-C/test.c +++ b/c/cert/test/rules/MSC40-C/test.c @@ -4,28 +4,28 @@ const int g3 = 1; // defaults to internal linkage extern inline void test1() { static int i = 0; // NON_COMPLIANT - g1++; // NON_COMPLIANT - g2++; // COMPLIANT - g3; // NON_COMPLIANT + g1++; // NON_COMPLIANT + g2++; // COMPLIANT + g3; // NON_COMPLIANT } extern void test2() { static int i = 0; // COMPLIANT - g1++; // COMPLIANT - g2++; // COMPLIANT - g3; // COMPLIANT + g1++; // COMPLIANT + g2++; // COMPLIANT + g3; // COMPLIANT } void test3() { static int i = 0; // COMPLIANT - g1++; // COMPLIANT - g2++; // COMPLIANT - g3; // COMPLIANT + g1++; // COMPLIANT + g2++; // COMPLIANT + g3; // COMPLIANT } inline void test4() { static int i = 0; // NON_COMPLIANT - g1++; // NON_COMPLIANT - g2++; // COMPLIANT - g3; // NON_COMPLIANT + g1++; // NON_COMPLIANT + g2++; // COMPLIANT + g3; // NON_COMPLIANT } \ No newline at end of file From a00c620b091f55331c284d01ef2863dcfb019b0c Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 30 Jan 2024 10:44:39 -0500 Subject: [PATCH 1553/2573] A13-3-1: exclude functions with different number parameters --- change_notes/2024-01-30-exclusion-a13-3-1.md | 2 ++ ...tContainsForwardingReferenceAsItsArgumentOverloaded.ql | 4 +++- ...insForwardingReferenceAsItsArgumentOverloaded.expected | 2 ++ cpp/autosar/test/rules/A13-3-1/test.cpp | 8 +++++++- 4 files changed, 14 insertions(+), 2 deletions(-) create mode 100644 change_notes/2024-01-30-exclusion-a13-3-1.md diff --git a/change_notes/2024-01-30-exclusion-a13-3-1.md b/change_notes/2024-01-30-exclusion-a13-3-1.md new file mode 100644 index 0000000000..6e2571c463 --- /dev/null +++ b/change_notes/2024-01-30-exclusion-a13-3-1.md @@ -0,0 +1,2 @@ +`A13-3-1`: `cpp/autosar/function-that-contains-forwarding-reference-as-its-argument-overloaded` + - Fixes #399. Exclude functions that have different number of parameters. \ No newline at end of file diff --git a/cpp/autosar/src/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql b/cpp/autosar/src/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql index 7562082656..03c216829d 100644 --- a/cpp/autosar/src/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql +++ b/cpp/autosar/src/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql @@ -26,5 +26,7 @@ where not isExcluded(f, OperatorsPackage::functionThatContainsForwardingReferenceAsItsArgumentOverloadedQuery()) and not f.isDeleted() and - f = c.getAnOverload() + f = c.getAnOverload() and + //allow for overloading with different number of parameters + f.getNumberOfParameters() = c.getNumberOfParameters() select f, "Function overloads a $@ with a forwarding reference parameter.", c, "function" diff --git a/cpp/autosar/test/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.expected b/cpp/autosar/test/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.expected index 590f891ead..f90b1456a3 100644 --- a/cpp/autosar/test/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.expected +++ b/cpp/autosar/test/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.expected @@ -3,3 +3,5 @@ | test.cpp:50:3:50:3 | A | Function overloads a $@ with a forwarding reference parameter. | test.cpp:47:3:47:3 | A | function | | test.cpp:63:8:63:8 | B | Function overloads a $@ with a forwarding reference parameter. | test.cpp:66:3:66:3 | B | function | | test.cpp:63:8:63:8 | B | Function overloads a $@ with a forwarding reference parameter. | test.cpp:66:3:66:3 | B | function | +| test.cpp:71:7:71:7 | C | Function overloads a $@ with a forwarding reference parameter. | test.cpp:74:25:74:25 | C | function | +| test.cpp:71:7:71:7 | C | Function overloads a $@ with a forwarding reference parameter. | test.cpp:74:25:74:25 | C | function | diff --git a/cpp/autosar/test/rules/A13-3-1/test.cpp b/cpp/autosar/test/rules/A13-3-1/test.cpp index 4a706b53e2..9cd33ad4e9 100644 --- a/cpp/autosar/test/rules/A13-3-1/test.cpp +++ b/cpp/autosar/test/rules/A13-3-1/test.cpp @@ -66,4 +66,10 @@ struct B { B(T &&value) {} }; -int main() {} \ No newline at end of file +int main() {} + +class C { +public: + C() {} // COMPLIANT by exception + template C(T &&) {} +}; \ No newline at end of file From d9b41d220f4b4dc142b8a99556419b9c94b5c0bc Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 30 Jan 2024 15:34:36 -0800 Subject: [PATCH 1554/2573] Include non-member assignment operators --- cpp/common/src/codingstandards/cpp/Operator.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/Operator.qll b/cpp/common/src/codingstandards/cpp/Operator.qll index 72ee04b68f..e53adb0255 100644 --- a/cpp/common/src/codingstandards/cpp/Operator.qll +++ b/cpp/common/src/codingstandards/cpp/Operator.qll @@ -119,7 +119,7 @@ class UserAssignmentOperator extends AssignmentOperator { } /** An assignment operator of any sort */ -class AssignmentOperator extends MemberFunction { +class AssignmentOperator extends Function { AssignmentOperator() { // operator op, where op is =, +=, -=, *=, /=, %=, ^=, &=, |=, >>=, <<= exists(string op | From c5fe049a882e0fc9799b32fcd9fbd246f4744420 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 30 Jan 2024 15:35:45 -0800 Subject: [PATCH 1555/2573] Add stream insertion and extraction operators --- .../src/codingstandards/cpp/Operator.qll | 49 +++++++++++++++++++ 1 file changed, 49 insertions(+) diff --git a/cpp/common/src/codingstandards/cpp/Operator.qll b/cpp/common/src/codingstandards/cpp/Operator.qll index e53adb0255..e57989c5c5 100644 --- a/cpp/common/src/codingstandards/cpp/Operator.qll +++ b/cpp/common/src/codingstandards/cpp/Operator.qll @@ -1,5 +1,6 @@ import cpp import Expr +private import semmle.code.cpp.security.FileWrite /** * any assignment operator that also reads from the access @@ -264,3 +265,51 @@ class UserOverloadedOperator extends Function { not this.isCompilerGenerated() } } + +/** + * A `std::basic_istream` class, or something that can be used + * as one. Based on the BasicOStreamClass. + */ +private class BasicIStreamClass extends Type { + BasicIStreamClass() { + this.(Class).getName().matches("basic\\_istream%") + or + this.getUnspecifiedType() instanceof BasicIStreamClass + or + this.(Class).getABaseClass() instanceof BasicIStreamClass + or + this.(ReferenceType).getBaseType() instanceof BasicIStreamClass + } +} + +/** An implementation of a stream insertion operator. */ +class StreamInsertionOperator extends Function { + StreamInsertionOperator() { + this.hasName("operator<<") and + ( + if this.isMember() + then this.getNumberOfParameters() = 1 + else ( + this.getNumberOfParameters() = 2 and + this.getParameter(0).getType() instanceof BasicOStreamClass + ) + ) and + this.getType() instanceof BasicOStreamClass + } +} + +/** An implementation of a stream extraction operator. */ +class StreamExtractionOperator extends Function { + StreamExtractionOperator() { + this.hasName("operator>>") and + ( + if this.isMember() + then this.getNumberOfParameters() = 1 + else ( + this.getNumberOfParameters() = 2 and + this.getParameter(0).getType() instanceof BasicIStreamClass + ) + ) and + this.getType() instanceof BasicIStreamClass + } +} From 00fa7604b5b3af21e3997456cfd7f1b259ac75c3 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 30 Jan 2024 15:36:40 -0800 Subject: [PATCH 1556/2573] Change definition of out parameter and add exclusions An out parameter is a non-const reference or pointer that is modified. We removed assignment operators and crement operators as exclusions to the modified property, because they should still be used to qualify an out parameter. Additionally we exclude user-defined non-member assignment operator and stream related operator parameters that are required to be passed by non-const reference. --- .../src/rules/A8-4-8/OutputParametersUsed.ql | 69 +++++++++++++------ .../A8-4-8/OutputParametersUsed.expected | 11 +-- cpp/autosar/test/rules/A8-4-8/test.cpp | 37 +++++++++- 3 files changed, 91 insertions(+), 26 deletions(-) diff --git a/cpp/autosar/src/rules/A8-4-8/OutputParametersUsed.ql b/cpp/autosar/src/rules/A8-4-8/OutputParametersUsed.ql index aa480a95f7..c2fc51fcdf 100644 --- a/cpp/autosar/src/rules/A8-4-8/OutputParametersUsed.ql +++ b/cpp/autosar/src/rules/A8-4-8/OutputParametersUsed.ql @@ -23,31 +23,60 @@ import codingstandards.cpp.ConstHelpers import codingstandards.cpp.Operator /** - * Non-const T& and T* `Parameter`s to `Function`s + * Holds if p is passed as a non-const reference or pointer and is modified. + * This holds for in-out or out-only parameters. */ -class NonConstReferenceOrPointerParameterCandidate extends FunctionParameter { - NonConstReferenceOrPointerParameterCandidate() { - this instanceof NonConstReferenceParameter - or - this instanceof NonConstPointerParameter - } +predicate isOutParameter(NonConstPointerorReferenceParameter p) { + any(VariableEffect ve).getTarget() = p +} + +/** + * Holds if parameter `p` is a parameter to a user defined assignment operator that + * is defined outside of a class body. + * These require an in-out parameter as the first argument. + */ +predicate isNonMemberUserAssignmentParameter(NonConstPointerorReferenceParameter p) { + p.getFunction() instanceof UserAssignmentOperator and + not p.isMember() +} + +/** + * Holds if parameter `p` is a parameter to a stream insertion operator that + * is defined outside of a class body. + * These require an in-out parameter as the first argument. + * + * e.g., `std::ostream& operator<<(std::ostream& os, const T& obj)` + */ +predicate isStreamInsertionStreamParameter(NonConstPointerorReferenceParameter p) { + exists(StreamInsertionOperator op | not op.isMember() | op.getParameter(0) = p) } -pragma[inline] -predicate isFirstAccess(VariableAccess va) { - not exists(VariableAccess otherVa | - otherVa.getTarget() = va.getTarget() or - otherVa.getQualifier().(VariableAccess).getTarget() = va.getTarget() - | - otherVa.getASuccessor() = va +/** + * Holds if parameter `p` is a parameter to a stream insertion operator that + * is defined outside of a class body. + * These require an in-out parameter as the first argument and an out parameter for the second. + * + * e.g., `std::istream& operator>>(std::istream& is, T& obj)` + */ +predicate isStreamExtractionParameter(NonConstPointerorReferenceParameter p) { + exists(StreamExtractionOperator op | not op.isMember() | + op.getParameter(0) = p + or + op.getParameter(1) = p ) } -from NonConstReferenceOrPointerParameterCandidate p, VariableEffect ve +predicate isException(NonConstPointerorReferenceParameter p) { + isNonMemberUserAssignmentParameter(p) and p.getIndex() = 0 + or + isStreamInsertionStreamParameter(p) + or + isStreamExtractionParameter(p) +} + +from NonConstPointerorReferenceParameter p where not isExcluded(p, ConstPackage::outputParametersUsedQuery()) and - ve.getTarget() = p and - isFirstAccess(ve.getAnAccess()) and - not ve instanceof AnyAssignOperation and - not ve instanceof CrementOperation -select p, "Out parameter " + p.getName() + " that is modified before being read." + isOutParameter(p) and + not isException(p) +select p, "Out parameter '" + p.getName() + "' used." diff --git a/cpp/autosar/test/rules/A8-4-8/OutputParametersUsed.expected b/cpp/autosar/test/rules/A8-4-8/OutputParametersUsed.expected index 6b0df8d0dd..221def5a42 100644 --- a/cpp/autosar/test/rules/A8-4-8/OutputParametersUsed.expected +++ b/cpp/autosar/test/rules/A8-4-8/OutputParametersUsed.expected @@ -1,5 +1,6 @@ -| test.cpp:5:22:5:24 | str | Out parameter str that is modified before being read. | -| test.cpp:16:14:16:14 | i | Out parameter i that is modified before being read. | -| test.cpp:21:14:21:14 | i | Out parameter i that is modified before being read. | -| test.cpp:29:12:29:12 | a | Out parameter a that is modified before being read. | -| test.cpp:33:12:33:12 | a | Out parameter a that is modified before being read. | +| test.cpp:5:22:5:24 | str | Out parameter 'str' used. | +| test.cpp:8:22:8:24 | str | Out parameter 'str' used. | +| test.cpp:16:14:16:14 | i | Out parameter 'i' used. | +| test.cpp:21:14:21:14 | i | Out parameter 'i' used. | +| test.cpp:29:12:29:12 | a | Out parameter 'a' used. | +| test.cpp:33:12:33:12 | a | Out parameter 'a' used. | diff --git a/cpp/autosar/test/rules/A8-4-8/test.cpp b/cpp/autosar/test/rules/A8-4-8/test.cpp index e41a61704b..baf0255291 100644 --- a/cpp/autosar/test/rules/A8-4-8/test.cpp +++ b/cpp/autosar/test/rules/A8-4-8/test.cpp @@ -5,7 +5,7 @@ void f(int &i) { // COMPLIANT void f1(std::string &str) { // NON_COMPLIANT str = "replacement"; } -void f2(std::string &str) { // COMPLIANT +void f2(std::string &str) { // NON_COMPLIANT str += "suffix"; } @@ -37,3 +37,38 @@ void f7(A &a) { // NON_COMPLIANT void f8(int i) { // COMPLIANT i += 1; } + +constexpr A &operator|=( + A &lhs, + const A &rhs) noexcept { // COMPLIANT - non-member user defined assignment + // operators are considered an exception. + return lhs; +} + +enum class byte : unsigned char {}; +constexpr byte &operator|(const byte &lhs, const byte &rhs) noexcept { + return lhs | rhs; +} +constexpr byte &operator|=( + byte &lhs, + const byte rhs) noexcept { // COMPLIANT - non-member user defined assignment + // operators are considered an exception. + lhs = (lhs | rhs); + return lhs; +} + +#include +std::ostream &operator<<(std::ostream &os, + const byte &obj) { // COMPLIANT - insertion operators + // are considered an exception. + std::ostream other; + os = other; // simulate modification + return os; +} + +std::istream &operator>>(std::istream &is, + byte &obj) { // COMPLIANT - extraction operators are + // considered an exception. + obj = static_cast('a'); // simulate modification + return is; +} \ No newline at end of file From 0b04a75fa6a0f2a2507db7c05c105fed4fd91ec0 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 30 Jan 2024 15:48:33 -0800 Subject: [PATCH 1557/2573] Add changenote --- change_notes/2024-01-30-fix-fp-for-a8-4-8.md | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 change_notes/2024-01-30-fix-fp-for-a8-4-8.md diff --git a/change_notes/2024-01-30-fix-fp-for-a8-4-8.md b/change_notes/2024-01-30-fix-fp-for-a8-4-8.md new file mode 100644 index 0000000000..3a9bcc5968 --- /dev/null +++ b/change_notes/2024-01-30-fix-fp-for-a8-4-8.md @@ -0,0 +1,3 @@ +- `A8-4-8` - `OutParametersUsed.ql` + - Fixes #370 - Non-member user-defined assignment operator and stream insertion/extraction parameters that are required to be out parameters are excluded. + - Broadens the definition of out parameter by considering assignment and crement operators as modifications to an out parameter candidate. From 4a985762f57a4eafa3a65800697949dedcce5d6a Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 30 Jan 2024 16:18:32 -0800 Subject: [PATCH 1558/2573] Exclude assignment division and assignment modulo --- .../src/rules/A4-7-1/IntegerExpressionLeadToDataLoss.ql | 4 +++- cpp/autosar/test/rules/A4-7-1/test.cpp | 4 ++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/cpp/autosar/src/rules/A4-7-1/IntegerExpressionLeadToDataLoss.ql b/cpp/autosar/src/rules/A4-7-1/IntegerExpressionLeadToDataLoss.ql index aae951351a..a6d7abc456 100644 --- a/cpp/autosar/src/rules/A4-7-1/IntegerExpressionLeadToDataLoss.ql +++ b/cpp/autosar/src/rules/A4-7-1/IntegerExpressionLeadToDataLoss.ql @@ -30,5 +30,7 @@ where not e instanceof MulExpr and // Not covered by this query - overflow/underflow in division is rare not e instanceof DivExpr and - not e instanceof RemExpr + not e instanceof AssignDivExpr and + not e instanceof RemExpr and + not e instanceof AssignRemExpr select e, "Binary expression ..." + e.getOperator() + "... may overflow." diff --git a/cpp/autosar/test/rules/A4-7-1/test.cpp b/cpp/autosar/test/rules/A4-7-1/test.cpp index 7f6cbb7abe..8370cf0fc3 100644 --- a/cpp/autosar/test/rules/A4-7-1/test.cpp +++ b/cpp/autosar/test/rules/A4-7-1/test.cpp @@ -62,4 +62,8 @@ void test_loop_bound_bad(unsigned int n) { i++) { // NON_COMPLIANT - crement will overflow before loop bound is // reached } +} + +void test_assign_div(int i) { // COMPLIANT + i /= 2; } \ No newline at end of file From 66e3c3b1b22c73417601e69a449ad53f7977c07e Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 30 Jan 2024 16:19:13 -0800 Subject: [PATCH 1559/2573] Add changenote --- change_notes/2024-01-30-fix-fp-for-a4-7-1.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 change_notes/2024-01-30-fix-fp-for-a4-7-1.md diff --git a/change_notes/2024-01-30-fix-fp-for-a4-7-1.md b/change_notes/2024-01-30-fix-fp-for-a4-7-1.md new file mode 100644 index 0000000000..2c4a3d7d19 --- /dev/null +++ b/change_notes/2024-01-30-fix-fp-for-a4-7-1.md @@ -0,0 +1,2 @@ +`A4-7-1`: `IntegerExpressionLeadToDataLoss.ql` + - Fix #368: Incorrectly reporting `/=` as a cause for data loss. From 43f31379f9ca11db83c485765097ba824ecad127 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 31 Jan 2024 04:45:32 -0500 Subject: [PATCH 1560/2573] A16-0-1: exclusions for handling else and elif --- change_notes/2024-01-31-exclusion-a16-0-1.md | 2 ++ ...lOnlyBeUsedForCertainDirectivesPatterns.ql | 17 +++++++++++-- ...eUsedForCertainDirectivesPatterns.expected | 3 +++ cpp/autosar/test/rules/A16-0-1/test.cpp | 25 +++++++++++++++++++ 4 files changed, 45 insertions(+), 2 deletions(-) create mode 100644 change_notes/2024-01-31-exclusion-a16-0-1.md diff --git a/change_notes/2024-01-31-exclusion-a16-0-1.md b/change_notes/2024-01-31-exclusion-a16-0-1.md new file mode 100644 index 0000000000..2d7dfe97ab --- /dev/null +++ b/change_notes/2024-01-31-exclusion-a16-0-1.md @@ -0,0 +1,2 @@ +`A16-0-1`: `cpp/autosar/pre-processor-shall-only-be-used-for-certain-directives-patterns` + - Exclude all preprocessor elses and also consider elifs separately (ie do not affect valid ifs) but not valid if not meeting the same criteria as an ifdef etc. \ No newline at end of file diff --git a/cpp/autosar/src/rules/A16-0-1/PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.ql b/cpp/autosar/src/rules/A16-0-1/PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.ql index a8e1e59839..bd8fe2da65 100644 --- a/cpp/autosar/src/rules/A16-0-1/PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.ql +++ b/cpp/autosar/src/rules/A16-0-1/PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.ql @@ -21,13 +21,26 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.FunctionLikeMacro +class PermittedInnerDirectiveType extends PreprocessorDirective { + PermittedInnerDirectiveType() { + //permissive listing for directives that can be used in a valid wrapper + this instanceof MacroWrapper or + this instanceof PreprocessorEndif or + this instanceof Include or + this instanceof PermittedMacro or + this instanceof PreprocessorElif or + this instanceof PreprocessorElse + } +} + class PermittedDirectiveType extends PreprocessorDirective { PermittedDirectiveType() { //permissive listing in case directive types modelled in ql ever expands (example non valid directives) this instanceof MacroWrapper or this instanceof PreprocessorEndif or this instanceof Include or - this instanceof PermittedMacro + this instanceof PermittedMacro or + this instanceof PreprocessorElse } } @@ -73,7 +86,7 @@ class MacroWrapper extends PreprocessorIfndef { class AcceptableWrapper extends PreprocessorBranch { AcceptableWrapper() { forall(Element inner | not inner instanceof Comment and this = getAGuard(inner) | - inner instanceof PermittedDirectiveType + inner instanceof PermittedInnerDirectiveType ) } } diff --git a/cpp/autosar/test/rules/A16-0-1/PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.expected b/cpp/autosar/test/rules/A16-0-1/PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.expected index 5f6114bea8..18ce57af8e 100644 --- a/cpp/autosar/test/rules/A16-0-1/PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.expected +++ b/cpp/autosar/test/rules/A16-0-1/PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.expected @@ -2,3 +2,6 @@ | test.cpp:9:1:9:26 | #define OBJECTLIKE_MACRO 1 | Preprocessor directive used for conditional compilation. | | test.cpp:10:1:10:35 | #define FUNCTIONLIKE_MACRO(X) X + 1 | Preprocessor directive used for conditional compilation. | | test.cpp:11:1:11:37 | #define FUNCTIONLIKE_MACROTWO() 1 + 1 | Preprocessor directive used for conditional compilation. | +| test.cpp:33:1:33:26 | #ifdef OBJECTLIKE_MACRO_NO | Preprocessor directive used for conditional compilation. | +| test.cpp:35:1:35:26 | #elif OBJECTLIKE_MACRO > 0 | Preprocessor directive used for conditional compilation. | +| test.cpp:39:1:39:23 | #ifdef OBJECTLIKE_MACRO | Preprocessor directive used for conditional compilation. | diff --git a/cpp/autosar/test/rules/A16-0-1/test.cpp b/cpp/autosar/test/rules/A16-0-1/test.cpp index b1ee540032..7233a015c1 100644 --- a/cpp/autosar/test/rules/A16-0-1/test.cpp +++ b/cpp/autosar/test/rules/A16-0-1/test.cpp @@ -17,3 +17,28 @@ int g; #ifndef TESTHEADER // COMPLIANT #include //COMPLIANT #endif // COMPLIANT + +#ifdef MACRO_ENABLED // COMPLIANT +#include // COMPLIANT +#else // COMPLIANT +#include // COMPLIANT +#endif // COMPLIANT + +#ifdef MACRO_ENABLED_NON // COMPLIANT +#include // COMPLIANT +#elif MACRO_ENABLED_OTHER // COMPLIANT +#include // COMPLIANT +#endif // COMPLIANT + +#ifdef OBJECTLIKE_MACRO_NO // NON_COMPLIANT +int x = 0; // not present +#elif OBJECTLIKE_MACRO > 0 // NON_COMPLIANT +int x = 1; // present +#endif // COMPLIANT + +#ifdef OBJECTLIKE_MACRO // NON_COMPLIANT +int x1 = 0; // present +#elif OBJECTLIKE_MACRO > \ + -1 // COMPLIANT - by technicality of conditional compilation +int x1 = 1; // not present +#endif // COMPLIANT \ No newline at end of file From 9298ce595a10be16a6eefa87788ef30269abc628 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 31 Jan 2024 10:09:23 -0800 Subject: [PATCH 1561/2573] Address mixup between the unary and binary & operator --- .../A4-5-1/EnumUsedInArithmeticContexts.ql | 49 ++--- .../EnumUsedInArithmeticContexts.expected | 202 +++++++++--------- cpp/autosar/test/rules/A4-5-1/enum.cpp | 5 +- cpp/autosar/test/rules/A4-5-1/enum_class.cpp | 40 +++- .../src/codingstandards/cpp/Operator.qll | 61 ++++++ 5 files changed, 213 insertions(+), 144 deletions(-) diff --git a/cpp/autosar/src/rules/A4-5-1/EnumUsedInArithmeticContexts.ql b/cpp/autosar/src/rules/A4-5-1/EnumUsedInArithmeticContexts.ql index 3f21a66580..17d8056637 100644 --- a/cpp/autosar/src/rules/A4-5-1/EnumUsedInArithmeticContexts.ql +++ b/cpp/autosar/src/rules/A4-5-1/EnumUsedInArithmeticContexts.ql @@ -18,44 +18,23 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.Operator -/* - * Get an operand to all overloaded operator member functions, except: - * operator[] - * operator= - * operator== - * operator!= - * operator& - * operator< - * operator<= - * operator> - * operator>= - */ - -Expr getAnOperandOfAllowedOverloadedOperator(FunctionCall fc) { - fc.getAnArgument() = result and - fc.getTarget().getName().regexpMatch("operator(?!\\[]$|=$|==$|!=$|&$|<$|<=$|>$|>=$).+") -} - -Expr getAnOperandOfAllowedOperation(Operation o) { - o.getAnOperand() = result and - not ( - o instanceof AssignExpr or - o instanceof BitwiseAndExpr or - o instanceof ComparisonOperation - ) +class AllowedOperatorUse extends OperatorUse { + AllowedOperatorUse() { + this.getOperator() in ["[]", "=", "==", "!=", "<", "<=", ">", ">="] + or + this.(UnaryOperatorUse).getOperator() = "&" + } } -from Expr e, Expr operand +from OperatorUse operatorUse, Access access, Enum enum where - not isExcluded(e, ExpressionsPackage::enumUsedInArithmeticContextsQuery()) and + not isExcluded(access, ExpressionsPackage::enumUsedInArithmeticContextsQuery()) and + operatorUse.getAnOperand() = access and ( - operand = getAnOperandOfAllowedOverloadedOperator(e) - or - operand = getAnOperandOfAllowedOperation(e) + access.(EnumConstantAccess).getTarget().getDeclaringEnum() = enum or + access.(VariableAccess).getType() = enum ) and - ( - operand instanceof EnumConstantAccess or - operand.(VariableAccess).getType() instanceof Enum - ) -select e, "Enum $@ is used as an operand of arithmetic operation.", operand, "expression" + not operatorUse instanceof AllowedOperatorUse +select access, "Enum $@ is used as an operand of arithmetic operation.", enum, enum.getName() diff --git a/cpp/autosar/test/rules/A4-5-1/EnumUsedInArithmeticContexts.expected b/cpp/autosar/test/rules/A4-5-1/EnumUsedInArithmeticContexts.expected index a813b23223..226a5b7c95 100644 --- a/cpp/autosar/test/rules/A4-5-1/EnumUsedInArithmeticContexts.expected +++ b/cpp/autosar/test/rules/A4-5-1/EnumUsedInArithmeticContexts.expected @@ -1,96 +1,106 @@ -| enum.cpp:21:3:21:16 | ... + ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:21:3:21:8 | Avenue | expression | -| enum.cpp:21:3:21:16 | ... + ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:21:12:21:16 | Place | expression | -| enum.cpp:22:3:22:15 | ... - ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:22:3:22:7 | Place | expression | -| enum.cpp:22:3:22:15 | ... - ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:22:11:22:15 | Place | expression | -| enum.cpp:23:3:23:9 | - ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:23:4:23:9 | Avenue | expression | -| enum.cpp:24:3:24:10 | ... % ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:24:3:24:6 | Road | expression | -| enum.cpp:25:3:25:12 | ... / ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:25:3:25:8 | Avenue | expression | -| enum.cpp:26:3:26:15 | ... * ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:26:3:26:11 | Boulevard | expression | -| enum.cpp:29:3:29:13 | ... && ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:29:3:29:6 | Lane | expression | -| enum.cpp:29:3:29:13 | ... && ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:29:10:29:13 | Road | expression | -| enum.cpp:30:3:30:15 | ... \|\| ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:30:3:30:7 | Place | expression | -| enum.cpp:30:3:30:15 | ... \|\| ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:30:12:30:15 | Lane | expression | -| enum.cpp:31:3:31:7 | ! ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:31:4:31:7 | Road | expression | -| enum.cpp:34:3:34:23 | ... \| ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:34:3:34:11 | Boulevard | expression | -| enum.cpp:34:3:34:23 | ... \| ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:34:15:34:23 | Boulevard | expression | -| enum.cpp:35:3:35:7 | ~ ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:35:4:35:7 | Lane | expression | -| enum.cpp:36:3:36:14 | ... ^ ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:36:3:36:7 | Place | expression | -| enum.cpp:36:3:36:14 | ... ^ ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:36:11:36:14 | Road | expression | -| enum.cpp:37:3:37:11 | ... >> ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:37:3:37:6 | Road | expression | -| enum.cpp:38:3:38:11 | ... << ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:38:3:38:6 | Road | expression | -| enum.cpp:39:10:39:10 | call to operator&= | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:39:3:39:8 | Avenue | expression | -| enum.cpp:39:10:39:10 | call to operator&= | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:39:13:39:17 | Place | expression | -| enum.cpp:40:8:40:8 | call to operator^= | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:40:3:40:6 | Road | expression | -| enum.cpp:40:8:40:8 | call to operator^= | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:40:11:40:14 | Road | expression | -| enum.cpp:41:8:41:8 | call to operator>>= | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:41:3:41:6 | Road | expression | -| enum.cpp:41:8:41:8 | call to operator>>= | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:41:12:41:15 | Road | expression | -| enum.cpp:42:8:42:8 | call to operator<<= | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:42:3:42:6 | Road | expression | -| enum.cpp:42:8:42:8 | call to operator<<= | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:42:12:42:15 | Road | expression | -| enum.cpp:57:3:57:7 | ... + ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:57:3:57:3 | a | expression | -| enum.cpp:57:3:57:7 | ... + ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:57:7:57:7 | a | expression | -| enum.cpp:58:3:58:7 | ... - ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:58:3:58:3 | a | expression | -| enum.cpp:58:3:58:7 | ... - ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:58:7:58:7 | a | expression | -| enum.cpp:59:3:59:4 | - ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:59:4:59:4 | a | expression | -| enum.cpp:60:3:60:7 | ... % ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:60:3:60:3 | a | expression | -| enum.cpp:61:3:61:7 | ... / ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:61:3:61:3 | a | expression | -| enum.cpp:62:3:62:7 | ... * ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:62:3:62:3 | a | expression | -| enum.cpp:65:3:65:7 | ... && ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:65:3:65:3 | a | expression | -| enum.cpp:65:3:65:7 | ... && ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:65:7:65:7 | b | expression | -| enum.cpp:66:3:66:8 | ... \|\| ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:66:3:66:3 | a | expression | -| enum.cpp:66:3:66:8 | ... \|\| ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:66:8:66:8 | b | expression | -| enum.cpp:67:3:67:4 | ! ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:67:4:67:4 | b | expression | -| enum.cpp:70:3:70:7 | ... \| ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:70:3:70:3 | a | expression | -| enum.cpp:70:3:70:7 | ... \| ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:70:7:70:7 | b | expression | -| enum.cpp:71:3:71:4 | ~ ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:71:4:71:4 | a | expression | -| enum.cpp:72:3:72:7 | ... ^ ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:72:3:72:3 | a | expression | -| enum.cpp:72:3:72:7 | ... ^ ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:72:7:72:7 | b | expression | -| enum.cpp:73:3:73:8 | ... >> ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:73:3:73:3 | a | expression | -| enum.cpp:74:3:74:8 | ... << ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:74:3:74:3 | a | expression | -| enum.cpp:75:5:75:5 | call to operator&= | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:75:3:75:3 | a | expression | -| enum.cpp:75:5:75:5 | call to operator&= | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:75:8:75:8 | b | expression | -| enum.cpp:76:5:76:5 | call to operator^= | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:76:3:76:3 | a | expression | -| enum.cpp:77:5:77:5 | call to operator>>= | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:77:3:77:3 | a | expression | -| enum.cpp:78:5:78:5 | call to operator<<= | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:78:3:78:3 | a | expression | -| enum_class.cpp:49:22:49:22 | call to operator+ | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:49:3:49:20 | ML | expression | -| enum_class.cpp:50:23:50:23 | call to operator- | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:50:3:50:21 | SML | expression | -| enum_class.cpp:50:23:50:23 | call to operator- | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:50:25:50:42 | ML | expression | -| enum_class.cpp:51:3:51:3 | call to operator- | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:51:4:51:26 | Haskell | expression | -| enum_class.cpp:52:26:52:26 | call to operator% | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:52:3:52:24 | Racket | expression | -| enum_class.cpp:53:23:53:23 | call to operator/ | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:53:3:53:21 | Elm | expression | -| enum_class.cpp:54:26:54:26 | call to operator* | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:54:3:54:24 | Scheme | expression | -| enum_class.cpp:57:27:57:27 | call to operator&& | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:57:3:57:25 | Haskell | expression | -| enum_class.cpp:57:27:57:27 | call to operator&& | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:57:29:57:47 | Elm | expression | -| enum_class.cpp:58:24:58:24 | call to operator\|\| | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:58:3:58:22 | Lisp | expression | -| enum_class.cpp:58:24:58:24 | call to operator\|\| | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:58:27:58:48 | Racket | expression | -| enum_class.cpp:59:3:59:3 | call to operator! | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:59:4:59:25 | Scheme | expression | -| enum_class.cpp:62:23:62:23 | call to operator\| | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:62:3:62:21 | Elm | expression | -| enum_class.cpp:62:23:62:23 | call to operator\| | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:62:25:62:46 | Racket | expression | -| enum_class.cpp:63:3:63:3 | call to operator~ | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:63:4:63:24 | Idris | expression | -| enum_class.cpp:64:22:64:22 | call to operator^ | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:64:3:64:20 | ML | expression | -| enum_class.cpp:64:22:64:22 | call to operator^ | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:64:24:64:44 | OCaml | expression | -| enum_class.cpp:65:25:65:25 | call to operator>> | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:65:3:65:23 | OCaml | expression | -| enum_class.cpp:66:24:66:24 | call to operator<< | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:66:3:66:22 | Lisp | expression | -| enum_class.cpp:67:5:67:5 | call to operator&= | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:67:3:67:3 | l | expression | -| enum_class.cpp:67:5:67:5 | call to operator&= | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:67:8:67:28 | OCaml | expression | -| enum_class.cpp:68:5:68:5 | call to operator^= | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:68:3:68:3 | l | expression | -| enum_class.cpp:69:5:69:5 | call to operator>>= | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:69:3:69:3 | l | expression | -| enum_class.cpp:70:5:70:5 | call to operator<<= | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:70:3:70:3 | l | expression | -| enum_class.cpp:85:5:85:5 | call to operator+ | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:85:3:85:3 | a | expression | -| enum_class.cpp:86:5:86:5 | call to operator- | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:86:3:86:3 | a | expression | -| enum_class.cpp:86:5:86:5 | call to operator- | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:86:7:86:7 | b | expression | -| enum_class.cpp:87:3:87:3 | call to operator- | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:87:4:87:4 | a | expression | -| enum_class.cpp:88:5:88:5 | call to operator% | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:88:3:88:3 | a | expression | -| enum_class.cpp:89:5:89:5 | call to operator/ | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:89:3:89:3 | a | expression | -| enum_class.cpp:90:5:90:5 | call to operator* | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:90:3:90:3 | b | expression | -| enum_class.cpp:93:5:93:5 | call to operator&& | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:93:3:93:3 | a | expression | -| enum_class.cpp:93:5:93:5 | call to operator&& | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:93:7:93:7 | b | expression | -| enum_class.cpp:94:5:94:5 | call to operator\|\| | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:94:3:94:3 | a | expression | -| enum_class.cpp:94:5:94:5 | call to operator\|\| | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:94:8:94:8 | b | expression | -| enum_class.cpp:95:3:95:3 | call to operator! | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:95:4:95:4 | a | expression | -| enum_class.cpp:98:5:98:5 | call to operator\| | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:98:3:98:3 | a | expression | -| enum_class.cpp:98:5:98:5 | call to operator\| | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:98:7:98:7 | b | expression | -| enum_class.cpp:99:3:99:3 | call to operator~ | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:99:4:99:4 | a | expression | -| enum_class.cpp:100:5:100:5 | call to operator^ | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:100:3:100:3 | a | expression | -| enum_class.cpp:100:5:100:5 | call to operator^ | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:100:7:100:7 | b | expression | -| enum_class.cpp:101:5:101:5 | call to operator>> | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:101:3:101:3 | a | expression | -| enum_class.cpp:102:5:102:5 | call to operator<< | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:102:3:102:3 | a | expression | +| enum.cpp:20:3:20:8 | Avenue | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:20:12:20:16 | Place | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:21:3:21:7 | Place | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:21:11:21:15 | Place | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:22:4:22:9 | Avenue | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:23:3:23:6 | Road | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:24:3:24:8 | Avenue | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:25:3:25:11 | Boulevard | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:28:3:28:6 | Lane | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:28:10:28:13 | Road | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:29:3:29:7 | Place | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:29:12:29:15 | Lane | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:30:4:30:7 | Road | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:33:3:33:11 | Boulevard | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:33:15:33:23 | Boulevard | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:34:4:34:7 | Lane | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:35:3:35:7 | Place | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:35:11:35:14 | Road | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:36:3:36:6 | Road | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:37:3:37:6 | Road | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:38:3:38:8 | Avenue | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:38:13:38:17 | Place | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:39:3:39:6 | Road | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:39:11:39:14 | Road | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:40:3:40:6 | Road | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:40:12:40:15 | Road | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:41:3:41:6 | Road | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:41:12:41:15 | Road | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:42:3:42:6 | Road | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:42:9:42:12 | Road | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:57:3:57:3 | a | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:57:7:57:7 | a | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:58:3:58:3 | a | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:58:7:58:7 | a | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:59:4:59:4 | a | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:60:3:60:3 | a | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:61:3:61:3 | a | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:62:3:62:3 | a | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:65:3:65:3 | a | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:65:7:65:7 | b | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:66:3:66:3 | a | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:66:8:66:8 | b | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:67:4:67:4 | b | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:70:3:70:3 | a | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:70:7:70:7 | b | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:71:4:71:4 | a | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:72:3:72:3 | a | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:72:7:72:7 | b | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:73:3:73:3 | a | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:74:3:74:3 | a | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:75:3:75:3 | a | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:75:8:75:8 | b | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:76:3:76:3 | a | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:77:3:77:3 | a | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:78:3:78:3 | a | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:79:3:79:3 | a | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum.cpp:79:6:79:6 | b | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:1:6:1:11 | Street | Street | +| enum_class.cpp:48:3:48:20 | ML | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:49:3:49:21 | SML | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:49:25:49:42 | ML | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:50:4:50:26 | Haskell | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:51:3:51:24 | Racket | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:52:3:52:21 | Elm | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:53:3:53:24 | Scheme | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:56:3:56:25 | Haskell | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:56:29:56:47 | Elm | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:57:3:57:22 | Lisp | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:57:27:57:48 | Racket | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:58:4:58:25 | Scheme | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:61:3:61:21 | Elm | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:61:25:61:46 | Racket | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:62:4:62:24 | Idris | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:63:3:63:20 | ML | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:63:24:63:44 | OCaml | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:64:3:64:23 | OCaml | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:65:3:65:22 | Lisp | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:66:3:66:3 | l | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:66:8:66:28 | OCaml | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:67:3:67:3 | l | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:68:3:68:3 | l | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:69:3:69:3 | l | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:70:3:70:24 | FSharp | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:70:27:70:47 | OCaml | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:85:3:85:3 | a | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:86:3:86:3 | a | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:86:7:86:7 | b | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:87:4:87:4 | a | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:88:3:88:3 | a | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:89:3:89:3 | a | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:90:3:90:3 | b | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:93:3:93:3 | a | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:93:7:93:7 | b | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:94:3:94:3 | a | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:94:8:94:8 | b | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:95:4:95:4 | a | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:98:3:98:3 | a | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:98:7:98:7 | b | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:99:4:99:4 | a | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:100:3:100:3 | a | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:100:7:100:7 | b | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:101:3:101:3 | a | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:102:3:102:3 | a | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:103:3:103:3 | a | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:103:6:103:6 | b | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | +| enum_class.cpp:120:3:120:5 | one | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:106:12:106:15 | byte | byte | +| enum_class.cpp:120:8:120:10 | two | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:106:12:106:15 | byte | byte | diff --git a/cpp/autosar/test/rules/A4-5-1/enum.cpp b/cpp/autosar/test/rules/A4-5-1/enum.cpp index afc4d97504..e6f3f178bc 100644 --- a/cpp/autosar/test/rules/A4-5-1/enum.cpp +++ b/cpp/autosar/test/rules/A4-5-1/enum.cpp @@ -14,7 +14,6 @@ void test_enum() { Avenue <= Avenue; // COMPLIANT Place > Road; // COMPLIANT Boulevard >= Avenue; // COMPLIANT - Place &Avenue; // COMPLIANT arr[Road] = 1; // COMPLIANT // arithmetic @@ -40,6 +39,7 @@ void test_enum() { Road ^= Road; // NON_COMPLIANT Road >>= Road; // NON_COMPLIANT Road <<= Road; // NON_COMPLIANT + Road &Road; // NON_COMPLIANT } void test_enum_var() { @@ -51,7 +51,7 @@ void test_enum_var() { a <= b; // COMPLIANT a > b; // COMPLIANT a >= b; // COMPLIANT - a &b; // COMPLIANT + Street *c = &a; // COMPLIANT // arithmetic a + a; // NON_COMPLIANT @@ -76,4 +76,5 @@ void test_enum_var() { a ^= 1; // NON_COMPLIANT a >>= 1; // NON_COMPLIANT a <<= 1; // NON_COMPLIANT + a &b; // NON_COMPLIANT } \ No newline at end of file diff --git a/cpp/autosar/test/rules/A4-5-1/enum_class.cpp b/cpp/autosar/test/rules/A4-5-1/enum_class.cpp index 6921917aea..7c7f91c5cc 100644 --- a/cpp/autosar/test/rules/A4-5-1/enum_class.cpp +++ b/cpp/autosar/test/rules/A4-5-1/enum_class.cpp @@ -43,7 +43,6 @@ void test_enum_class() { FunctionalLang::Elm <= FunctionalLang::Haskell; // COMPLIANT FunctionalLang::Idris > FunctionalLang::SML; // COMPLIANT FunctionalLang::Haskell >= FunctionalLang::Idris; // COMPLIANT - FunctionalLang::FSharp &FunctionalLang::OCaml; // COMPLIANT // arithmetic FunctionalLang::ML + 1; // NON_COMPLIANT @@ -59,15 +58,16 @@ void test_enum_class() { !FunctionalLang::Scheme; // NON_COMPLIANT // bitwise - FunctionalLang::Elm | FunctionalLang::Racket; // NON_COMPLIANT - ~FunctionalLang::Idris; // NON_COMPLIANT - FunctionalLang::ML ^ FunctionalLang::OCaml; // NON_COMPLIANT - FunctionalLang::OCaml >> 1; // NON_COMPLIANT - FunctionalLang::Lisp << 1; // NON_COMPLIANT - l &= FunctionalLang::OCaml; // NON_COMPLIANT - l ^= 1; // NON_COMPLIANT - l >>= 1; // NON_COMPLIANT - l <<= 1; // NON_COMPLIANT + FunctionalLang::Elm | FunctionalLang::Racket; // NON_COMPLIANT + ~FunctionalLang::Idris; // NON_COMPLIANT + FunctionalLang::ML ^ FunctionalLang::OCaml; // NON_COMPLIANT + FunctionalLang::OCaml >> 1; // NON_COMPLIANT + FunctionalLang::Lisp << 1; // NON_COMPLIANT + l &= FunctionalLang::OCaml; // NON_COMPLIANT + l ^= 1; // NON_COMPLIANT + l >>= 1; // NON_COMPLIANT + l <<= 1; // NON_COMPLIANT + FunctionalLang::FSharp &FunctionalLang::OCaml; // NON_COMPLIANT } void test_enum_class_vars() { @@ -79,7 +79,7 @@ void test_enum_class_vars() { a <= b; // COMPLIANT a > a; // COMPLIANT a >= a; // COMPLIANT - a &b; // COMPLIANT + FunctionalLang *c = &a; // COMPLIANT // arithmetic a + 1; // NON_COMPLIANT @@ -100,4 +100,22 @@ void test_enum_class_vars() { a ^ b; // NON_COMPLIANT a >> 1; // NON_COMPLIANT a << 1; // NON_COMPLIANT + a &b; // NON_COMPLIANT +} + +enum class byte : unsigned char {}; + +byte operator&(byte lhs, byte rhs) { return lhs; } +byte operator|(byte lhs, byte rhs) { return lhs; } +byte operator^(byte lhs, byte rhs) { return lhs; } +byte operator~(byte lhs) { return lhs; } +byte operator&=(byte lhs, byte rhs) { return lhs; } +byte operator|=(byte lhs, byte rhs) { return lhs; } + +void test_bitmasktype_enum_class() { // COMPLIANT[FALSE_POSITIVE] - Type + // implementing the BitmaskType trait + // should be excluded. + byte one, two; + + one &two; } \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/Operator.qll b/cpp/common/src/codingstandards/cpp/Operator.qll index 72ee04b68f..424ca43098 100644 --- a/cpp/common/src/codingstandards/cpp/Operator.qll +++ b/cpp/common/src/codingstandards/cpp/Operator.qll @@ -264,3 +264,64 @@ class UserOverloadedOperator extends Function { not this.isCompilerGenerated() } } + +private newtype TOperatorUse = + TBuiltinOperatorUse(Operation op) or + TOverloadedOperatorUse(FunctionCall call, Operator op) { op.getACallToThisFunction() = call } + +/** + * A class to reason about builtin operator and overloaded operator use. + */ +class OperatorUse extends TOperatorUse { + string toString() { + exists(Operation op | result = op.toString() and this = TBuiltinOperatorUse(op)) + or + exists(Operator op | result = op.toString() and this = TOverloadedOperatorUse(_, op)) + } + + predicate isOverloaded() { this = TOverloadedOperatorUse(_, _) } + + Operation asBuiltin() { this = TBuiltinOperatorUse(result) } + + Operator asOverloaded(FunctionCall call) { this = TOverloadedOperatorUse(call, result) } + + Type getType() { + result = this.asBuiltin().getType() + or + result = this.asOverloaded(_).getType() + } + + Parameter getParameter(int index) { result = this.asOverloaded(_).getParameter(index) } + + Parameter getAParameter() { result = this.asOverloaded(_).getParameter(_) } + + Expr getAnOperand() { + result = this.asBuiltin().getAnOperand() + or + exists(FunctionCall call, Operator op | op = this.asOverloaded(call) | + result = call.getAnArgument() + ) + } + + Location getLocation() { + result = this.asBuiltin().getLocation() + or + exists(FunctionCall call, Operator op | op = this.asOverloaded(call) | + result = call.getLocation() + ) + } + + string getOperator() { + result = this.asBuiltin().getOperator() + or + result = this.asOverloaded(_).getName().regexpCapture("^operator(.*)$", 1) + } +} + +class UnaryOperatorUse extends OperatorUse { + UnaryOperatorUse() { + this.asBuiltin() instanceof UnaryOperation + or + this.asOverloaded(_).getNumberOfParameters() = 0 + } +} \ No newline at end of file From 0b9c7afe171d2f3a5bc7099fa5194e3c226481f7 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 31 Jan 2024 10:31:19 -0800 Subject: [PATCH 1562/2573] Exclude enums that implement the BitmaskType trait --- .../A4-5-1/EnumUsedInArithmeticContexts.ql | 5 +++- .../EnumUsedInArithmeticContexts.expected | 2 -- cpp/autosar/test/rules/A4-5-1/enum_class.cpp | 5 ++-- cpp/common/src/codingstandards/cpp/Type.qll | 28 +++++++++++++++++++ 4 files changed, 34 insertions(+), 6 deletions(-) diff --git a/cpp/autosar/src/rules/A4-5-1/EnumUsedInArithmeticContexts.ql b/cpp/autosar/src/rules/A4-5-1/EnumUsedInArithmeticContexts.ql index 17d8056637..0833d44bb1 100644 --- a/cpp/autosar/src/rules/A4-5-1/EnumUsedInArithmeticContexts.ql +++ b/cpp/autosar/src/rules/A4-5-1/EnumUsedInArithmeticContexts.ql @@ -19,6 +19,7 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.Operator +import codingstandards.cpp.Type class AllowedOperatorUse extends OperatorUse { AllowedOperatorUse() { @@ -36,5 +37,7 @@ where access.(EnumConstantAccess).getTarget().getDeclaringEnum() = enum or access.(VariableAccess).getType() = enum ) and - not operatorUse instanceof AllowedOperatorUse + not operatorUse instanceof AllowedOperatorUse and + // Enums that implement the BitmaskType trait are an exception. + not enum instanceof BitmaskType select access, "Enum $@ is used as an operand of arithmetic operation.", enum, enum.getName() diff --git a/cpp/autosar/test/rules/A4-5-1/EnumUsedInArithmeticContexts.expected b/cpp/autosar/test/rules/A4-5-1/EnumUsedInArithmeticContexts.expected index 226a5b7c95..8ece6b3dd1 100644 --- a/cpp/autosar/test/rules/A4-5-1/EnumUsedInArithmeticContexts.expected +++ b/cpp/autosar/test/rules/A4-5-1/EnumUsedInArithmeticContexts.expected @@ -102,5 +102,3 @@ | enum_class.cpp:102:3:102:3 | a | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | | enum_class.cpp:103:3:103:3 | a | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | | enum_class.cpp:103:6:103:6 | b | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:1:12:1:25 | FunctionalLang | FunctionalLang | -| enum_class.cpp:120:3:120:5 | one | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:106:12:106:15 | byte | byte | -| enum_class.cpp:120:8:120:10 | two | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:106:12:106:15 | byte | byte | diff --git a/cpp/autosar/test/rules/A4-5-1/enum_class.cpp b/cpp/autosar/test/rules/A4-5-1/enum_class.cpp index 7c7f91c5cc..0bbd3eb17c 100644 --- a/cpp/autosar/test/rules/A4-5-1/enum_class.cpp +++ b/cpp/autosar/test/rules/A4-5-1/enum_class.cpp @@ -112,9 +112,8 @@ byte operator~(byte lhs) { return lhs; } byte operator&=(byte lhs, byte rhs) { return lhs; } byte operator|=(byte lhs, byte rhs) { return lhs; } -void test_bitmasktype_enum_class() { // COMPLIANT[FALSE_POSITIVE] - Type - // implementing the BitmaskType trait - // should be excluded. +void test_bitmasktype_enum_class() { // COMPLIANT - byte implements the + // BitmaskType trait. byte one, two; one &two; diff --git a/cpp/common/src/codingstandards/cpp/Type.qll b/cpp/common/src/codingstandards/cpp/Type.qll index a49e30e927..9322ff9d8a 100644 --- a/cpp/common/src/codingstandards/cpp/Type.qll +++ b/cpp/common/src/codingstandards/cpp/Type.qll @@ -22,3 +22,31 @@ class FundamentalType extends BuiltInType { class IncompleteType extends Class { IncompleteType() { not hasDefinition() } } + +/** A type that implements the BitmaskType trait. + * https://en.cppreference.com/w/cpp/named_req/BitmaskType + * +*/ +abstract class BitmaskType extends Type { } + +/** Holds if `enum` implements required overload `overload` to implement + * the BitmaskType trait. +*/ +private predicate isRequiredEnumOverload(Enum enum, Function overload) { + overload.getName().regexpMatch("operator([&|^~]|&=|\\|=)") + and + forex(Parameter p | p = overload.getAParameter() | + ( + p.getType() = enum + or + p.getType().(ReferenceType).getBaseType() = enum + ) + ) +} + +private class EnumBitmaskType extends BitmaskType, Enum { + EnumBitmaskType() { + // Implements all the required overload + count(Function overload | isRequiredEnumOverload(this, overload)) = 6 + } +} \ No newline at end of file From 60179be05f8dcc100b6e10af75be231883b2667f Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 31 Jan 2024 10:43:14 -0800 Subject: [PATCH 1563/2573] Add required changenote --- change_notes/2024-01-31-fix-fp-a4-5-1.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 change_notes/2024-01-31-fix-fp-a4-5-1.md diff --git a/change_notes/2024-01-31-fix-fp-a4-5-1.md b/change_notes/2024-01-31-fix-fp-a4-5-1.md new file mode 100644 index 0000000000..89caded89c --- /dev/null +++ b/change_notes/2024-01-31-fix-fp-a4-5-1.md @@ -0,0 +1,4 @@ +`A4-5-1`: `EnumUsedInArithmeticContexts.ql`: + - Address incorrect exclusion of the binary operator `&`. + - Address incorrect inclusion of the unary operator `&`. + - Fix FP reported in #366. \ No newline at end of file From 2029a18c4711341ea1f8ffdccea6ea14e66661ba Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 31 Jan 2024 12:31:57 -0800 Subject: [PATCH 1564/2573] Exclude methods part of uninstantiated templates from consideration The partial information doesn't allow us to correctly identify if called functions are const. --- .../src/rules/M9-3-3/MemberFunctionConstIfPossible.ql | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cpp/autosar/src/rules/M9-3-3/MemberFunctionConstIfPossible.ql b/cpp/autosar/src/rules/M9-3-3/MemberFunctionConstIfPossible.ql index 3b0ee9c058..0787cbb2b6 100644 --- a/cpp/autosar/src/rules/M9-3-3/MemberFunctionConstIfPossible.ql +++ b/cpp/autosar/src/rules/M9-3-3/MemberFunctionConstIfPossible.ql @@ -54,7 +54,10 @@ class ConstMemberFunctionCandidate extends NonConstMemberFunction { not this instanceof Destructor and not this instanceof Operator and //less interested in MemberFunctions with no definition - this.hasDefinition() + this.hasDefinition() and + // For uninstantiated templates we have only partial information that prevents us from determining + // if the candidate calls non-const functions. Therefore we exclude these. + not this.isFromUninstantiatedTemplate(_) } /** From c8df15f18af6c0c1a89b50b34783f433c2e3be6b Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 31 Jan 2024 15:26:05 -0800 Subject: [PATCH 1565/2573] Add test case for uninstantiated template --- cpp/autosar/test/rules/M9-3-3/test.cpp | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/cpp/autosar/test/rules/M9-3-3/test.cpp b/cpp/autosar/test/rules/M9-3-3/test.cpp index 033414a315..ef65eb69f0 100644 --- a/cpp/autosar/test/rules/M9-3-3/test.cpp +++ b/cpp/autosar/test/rules/M9-3-3/test.cpp @@ -161,3 +161,29 @@ class Z22 : Z1 { void f2() final {} // COMPLIANT void f3() { this->a = 100; } // COMPLIANT }; + +template class Array { +public: + T &back(); + +private: + T data[128]; + unsigned int size; +}; + +template class U> class Stack { +public: + T &Top() { + return this->data.back(); + } // Likely NON_COMPLIANT, but cannot be determined until instantiation. +private: + U data; +}; + +using IntVectorStack = Stack; + +void test_template() { + IntVectorStack s; + + int i = s.Top(); +} \ No newline at end of file From e66039aea87593d4486c7de0b1df1d21edd30314 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 31 Jan 2024 15:27:38 -0800 Subject: [PATCH 1566/2573] Formatting query --- cpp/autosar/src/rules/M9-3-3/MemberFunctionConstIfPossible.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/src/rules/M9-3-3/MemberFunctionConstIfPossible.ql b/cpp/autosar/src/rules/M9-3-3/MemberFunctionConstIfPossible.ql index 0787cbb2b6..d1cdc050b1 100644 --- a/cpp/autosar/src/rules/M9-3-3/MemberFunctionConstIfPossible.ql +++ b/cpp/autosar/src/rules/M9-3-3/MemberFunctionConstIfPossible.ql @@ -41,7 +41,7 @@ class NonConstMemberFunction extends MemberFunction { * `MemberFunction`s that are not const * and not `Constructor`s ect as const constructors are * not a thing in cpp - * also not static because there is no `this` in + * also not static because there is no `this` in * static `MemberFunction` */ class ConstMemberFunctionCandidate extends NonConstMemberFunction { From ec89bac6c20c0608a4022f33987c1c71b905de53 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 31 Jan 2024 15:30:55 -0800 Subject: [PATCH 1567/2573] Add changenote --- change_notes/2024-01-31-fix-fp-m9-3-3.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 change_notes/2024-01-31-fix-fp-m9-3-3.md diff --git a/change_notes/2024-01-31-fix-fp-m9-3-3.md b/change_notes/2024-01-31-fix-fp-m9-3-3.md new file mode 100644 index 0000000000..4294871638 --- /dev/null +++ b/change_notes/2024-01-31-fix-fp-m9-3-3.md @@ -0,0 +1,2 @@ +`M9-3-3`: `MemberFunctionConstIfPossible.ql`: + - Fix FP reported in 467. Excluding candidates in uninstantiated templates. \ No newline at end of file From 035fcbdea5fb9a8980f042160eb0780a2b9e3544 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 31 Jan 2024 16:55:28 -0800 Subject: [PATCH 1568/2573] Address incomplete `constexpr` function behavior A call to a `constexpr` function is insufficient to determine that the return value is compile time computed. We need to also validate that its arguments are compile time computed. --- .../src/rules/A7-1-2/VariableMissingConstexpr.ql | 11 ++++++++++- .../rules/A7-1-2/VariableMissingConstexpr.expected | 1 + cpp/autosar/test/rules/A7-1-2/test.cpp | 12 +++++++++++- 3 files changed, 22 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql b/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql index e3981b3836..5cf458d4cc 100644 --- a/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql +++ b/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql @@ -33,6 +33,15 @@ predicate isTypeZeroInitializable(Type t) { t.getUnderlyingType() instanceof ArrayType } +predicate isCompileTimeEvaluated(Call call) { + call.getTarget().isConstexpr() and + forall(Expr arg | arg = call.getAnArgument() | + DataFlow::localExprFlow(any(Literal l), arg) + or + DataFlow::localExprFlow(any(Call c | isCompileTimeEvaluated(call)), arg) + ) +} + from Variable v where not isExcluded(v, ConstPackage::variableMissingConstexprQuery()) and @@ -46,7 +55,7 @@ where ( v.getInitializer().getExpr().isConstant() or - v.getInitializer().getExpr().(Call).getTarget().isConstexpr() + any(Call call | isCompileTimeEvaluated(call)) = v.getInitializer().getExpr() or isZeroInitializable(v) or diff --git a/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected b/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected index 6b6ed61dc8..1b4a2e3945 100644 --- a/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected +++ b/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected @@ -10,3 +10,4 @@ | test.cpp:55:7:55:8 | m2 | Variable m2 could be marked 'constexpr'. | | test.cpp:130:7:130:8 | m1 | Variable m1 could be marked 'constexpr'. | | test.cpp:141:7:141:8 | m1 | Variable m1 could be marked 'constexpr'. | +| test.cpp:215:7:215:7 | x | Variable x could be marked 'constexpr'. | diff --git a/cpp/autosar/test/rules/A7-1-2/test.cpp b/cpp/autosar/test/rules/A7-1-2/test.cpp index 020ba09a2b..616cee2ac3 100644 --- a/cpp/autosar/test/rules/A7-1-2/test.cpp +++ b/cpp/autosar/test/rules/A7-1-2/test.cpp @@ -204,4 +204,14 @@ class ExcludedCases { void operator=(ExcludedCases &) {} // COMPLIANT void operator=(ExcludedCases &&) {} // COMPLIANT -}; \ No newline at end of file +}; + + +constexpr int add(int x, int y) { + return x + y; +} + +void fp_reported_in_466(int p) { + int x = add(1,2); // NON_COMPLIANT + int y = add(1,p); // COMPLIANT +} \ No newline at end of file From 9d25d34a748dd7d7bf71e069d4cf5409eece12cd Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 31 Jan 2024 17:05:03 -0800 Subject: [PATCH 1569/2573] Add changenote --- change_notes/2024-01-31-fix-fp-a7-1-2.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 change_notes/2024-01-31-fix-fp-a7-1-2.md diff --git a/change_notes/2024-01-31-fix-fp-a7-1-2.md b/change_notes/2024-01-31-fix-fp-a7-1-2.md new file mode 100644 index 0000000000..94a74d463f --- /dev/null +++ b/change_notes/2024-01-31-fix-fp-a7-1-2.md @@ -0,0 +1,2 @@ +`A7-1-2` - `VariableMissingConstexpr.ql`: + - Fix FP reported in #466. Addresses incorrect assumption that calls to `constexpr` functions are always compile-time evaluated. \ No newline at end of file From 2e136c8f4900a5e2f54aa74a604550abc8694146 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 31 Jan 2024 17:09:41 -0800 Subject: [PATCH 1570/2573] Format query --- cpp/autosar/src/rules/M9-3-3/MemberFunctionConstIfPossible.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/src/rules/M9-3-3/MemberFunctionConstIfPossible.ql b/cpp/autosar/src/rules/M9-3-3/MemberFunctionConstIfPossible.ql index d1cdc050b1..0787cbb2b6 100644 --- a/cpp/autosar/src/rules/M9-3-3/MemberFunctionConstIfPossible.ql +++ b/cpp/autosar/src/rules/M9-3-3/MemberFunctionConstIfPossible.ql @@ -41,7 +41,7 @@ class NonConstMemberFunction extends MemberFunction { * `MemberFunction`s that are not const * and not `Constructor`s ect as const constructors are * not a thing in cpp - * also not static because there is no `this` in + * also not static because there is no `this` in * static `MemberFunction` */ class ConstMemberFunctionCandidate extends NonConstMemberFunction { From e54b4c5c16e86e5eedd5ecb1cdb4d323ef1e1e6e Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 31 Jan 2024 17:22:02 -0800 Subject: [PATCH 1571/2573] Add missing predicate `isLValueRefQualified` --- cpp/common/src/codingstandards/cpp/Operator.qll | 2 ++ 1 file changed, 2 insertions(+) diff --git a/cpp/common/src/codingstandards/cpp/Operator.qll b/cpp/common/src/codingstandards/cpp/Operator.qll index e57989c5c5..3a5ed9d1bc 100644 --- a/cpp/common/src/codingstandards/cpp/Operator.qll +++ b/cpp/common/src/codingstandards/cpp/Operator.qll @@ -128,6 +128,8 @@ class AssignmentOperator extends Function { op in ["=", "+=", "-=", "*=", "/=", "%=", "^=", "&=", "|=", ">>=", "<<="] ) } + + predicate isLValueRefQualified() { this.(MemberFunction).isLValueRefQualified() } } class UserComparisonOperator extends Function { From 95f8fe2a8875b059c129f3d736edce6258bc5df4 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 31 Jan 2024 17:28:21 -0800 Subject: [PATCH 1572/2573] Address incorrect test case formatting --- .../test/rules/A7-1-2/VariableMissingConstexpr.expected | 2 +- cpp/autosar/test/rules/A7-1-2/test.cpp | 9 +++------ 2 files changed, 4 insertions(+), 7 deletions(-) diff --git a/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected b/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected index 1b4a2e3945..5d014cb33d 100644 --- a/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected +++ b/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected @@ -10,4 +10,4 @@ | test.cpp:55:7:55:8 | m2 | Variable m2 could be marked 'constexpr'. | | test.cpp:130:7:130:8 | m1 | Variable m1 could be marked 'constexpr'. | | test.cpp:141:7:141:8 | m1 | Variable m1 could be marked 'constexpr'. | -| test.cpp:215:7:215:7 | x | Variable x could be marked 'constexpr'. | +| test.cpp:212:7:212:7 | x | Variable x could be marked 'constexpr'. | diff --git a/cpp/autosar/test/rules/A7-1-2/test.cpp b/cpp/autosar/test/rules/A7-1-2/test.cpp index 616cee2ac3..bfea13ea9a 100644 --- a/cpp/autosar/test/rules/A7-1-2/test.cpp +++ b/cpp/autosar/test/rules/A7-1-2/test.cpp @@ -206,12 +206,9 @@ class ExcludedCases { void operator=(ExcludedCases &&) {} // COMPLIANT }; - -constexpr int add(int x, int y) { - return x + y; -} +constexpr int add(int x, int y) { return x + y; } void fp_reported_in_466(int p) { - int x = add(1,2); // NON_COMPLIANT - int y = add(1,p); // COMPLIANT + int x = add(1, 2); // NON_COMPLIANT + int y = add(1, p); // COMPLIANT } \ No newline at end of file From 4bed9b6dc3232c1548aa9539f5ead62fe93f5870 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 1 Feb 2024 10:58:04 -0800 Subject: [PATCH 1573/2573] Mark new test case `constexpr` This is required to exclude it from the FunctionMissingConstexpr.ql query because it is not marked `constexpr` --- cpp/autosar/test/rules/A7-1-2/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A7-1-2/test.cpp b/cpp/autosar/test/rules/A7-1-2/test.cpp index bfea13ea9a..ca368c6069 100644 --- a/cpp/autosar/test/rules/A7-1-2/test.cpp +++ b/cpp/autosar/test/rules/A7-1-2/test.cpp @@ -208,7 +208,7 @@ class ExcludedCases { constexpr int add(int x, int y) { return x + y; } -void fp_reported_in_466(int p) { +constexpr void fp_reported_in_466(int p) { int x = add(1, 2); // NON_COMPLIANT int y = add(1, p); // COMPLIANT } \ No newline at end of file From a6f24b627d5d24ccba68e59864a31cb91e4bd3a0 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 1 Feb 2024 13:14:46 -0800 Subject: [PATCH 1574/2573] Fix FP reported in #372 --- change_notes/2024-02-01-fix-fp-reported-for-a7-1-1.md | 2 ++ .../A7-1-1/DeclarationUnmodifiedObjectMissingConstSpecifier.ql | 3 ++- 2 files changed, 4 insertions(+), 1 deletion(-) create mode 100644 change_notes/2024-02-01-fix-fp-reported-for-a7-1-1.md diff --git a/change_notes/2024-02-01-fix-fp-reported-for-a7-1-1.md b/change_notes/2024-02-01-fix-fp-reported-for-a7-1-1.md new file mode 100644 index 0000000000..346d7a0182 --- /dev/null +++ b/change_notes/2024-02-01-fix-fp-reported-for-a7-1-1.md @@ -0,0 +1,2 @@ +`A7-1-1` - `DeclarationUnmodifiedObjectMissingConstSpecifier.ql` + - Fix FP reported in #372. Exclude compiler generated variables. \ No newline at end of file diff --git a/cpp/autosar/src/rules/A7-1-1/DeclarationUnmodifiedObjectMissingConstSpecifier.ql b/cpp/autosar/src/rules/A7-1-1/DeclarationUnmodifiedObjectMissingConstSpecifier.ql index d85a638530..ff7d7e4e27 100644 --- a/cpp/autosar/src/rules/A7-1-1/DeclarationUnmodifiedObjectMissingConstSpecifier.ql +++ b/cpp/autosar/src/rules/A7-1-1/DeclarationUnmodifiedObjectMissingConstSpecifier.ql @@ -36,5 +36,6 @@ where else cond = " is used for an object" ) and not exists(LambdaExpression lc | lc.getACapture().getField() = v) and - not v.isFromUninstantiatedTemplate(_) + not v.isFromUninstantiatedTemplate(_) and + not v.isCompilerGenerated() select v, "Non-constant variable " + v.getName() + cond + " and is not modified." From 9b4593b5e71515f573f0a17a583b80f23209cff7 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 2 Feb 2024 16:49:07 -0800 Subject: [PATCH 1575/2573] Address incorrect is compiled evaluated logic Need to consider all possible values passed as arguments and default values. --- .../rules/A7-1-2/VariableMissingConstexpr.ql | 18 ++++++++-- .../A7-1-2/VariableMissingConstexpr.expected | 13 +++++++- cpp/autosar/test/rules/A7-1-2/test.cpp | 33 +++++++++++++++++++ 3 files changed, 60 insertions(+), 4 deletions(-) diff --git a/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql b/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql index 5cf458d4cc..efe458b624 100644 --- a/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql +++ b/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql @@ -33,12 +33,24 @@ predicate isTypeZeroInitializable(Type t) { t.getUnderlyingType() instanceof ArrayType } +/* + * Returns true if the given call may be evaluated at compile time and is compile time evaluated because + * all its arguments are compile time evaluated and its default values are compile time evaluated. + */ predicate isCompileTimeEvaluated(Call call) { + // 1. The call may be evaluated at compile time, because it is constexpr, and call.getTarget().isConstexpr() and - forall(Expr arg | arg = call.getAnArgument() | - DataFlow::localExprFlow(any(Literal l), arg) + // 2. all its arguments are compile time evaluated, and + forall(DataFlow::Node ultimateArgSource | DataFlow::localFlow(ultimateArgSource, DataFlow::exprNode(call.getAnArgument())) and not DataFlow::localFlowStep(_, ultimateArgSource) | + ultimateArgSource.asExpr() instanceof Literal or - DataFlow::localExprFlow(any(Call c | isCompileTimeEvaluated(call)), arg) + any(Call c | isCompileTimeEvaluated(c)) = ultimateArgSource.asExpr() + ) and + // 3. all the default values used are compile time evaluated. + forall(Expr defaultValue, Parameter parameterUsingDefaultValue, int idx | parameterUsingDefaultValue = call.getTarget().getParameter(idx) and not exists(call.getArgument(idx)) and parameterUsingDefaultValue.getAnAssignedValue() = defaultValue | + defaultValue instanceof Literal + or + any(Call c | isCompileTimeEvaluated(c)) = defaultValue ) } diff --git a/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected b/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected index 5d014cb33d..34c76f2de3 100644 --- a/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected +++ b/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected @@ -10,4 +10,15 @@ | test.cpp:55:7:55:8 | m2 | Variable m2 could be marked 'constexpr'. | | test.cpp:130:7:130:8 | m1 | Variable m1 could be marked 'constexpr'. | | test.cpp:141:7:141:8 | m1 | Variable m1 could be marked 'constexpr'. | -| test.cpp:212:7:212:7 | x | Variable x could be marked 'constexpr'. | +| test.cpp:217:7:217:7 | x | Variable x could be marked 'constexpr'. | +| test.cpp:228:7:228:7 | v | Variable v could be marked 'constexpr'. | +| test.cpp:229:7:229:7 | w | Variable w could be marked 'constexpr'. | +| test.cpp:230:7:230:7 | a | Variable a could be marked 'constexpr'. | +| test.cpp:231:7:231:7 | b | Variable b could be marked 'constexpr'. | +| test.cpp:235:7:235:7 | f | Variable f could be marked 'constexpr'. | +| test.cpp:236:7:236:7 | g | Variable g could be marked 'constexpr'. | +| test.cpp:237:7:237:7 | h | Variable h could be marked 'constexpr'. | +| test.cpp:238:7:238:7 | i | Variable i could be marked 'constexpr'. | +| test.cpp:241:7:241:7 | l | Variable l could be marked 'constexpr'. | +| test.cpp:244:7:244:7 | o | Variable o could be marked 'constexpr'. | +| test.cpp:245:7:245:7 | q | Variable q could be marked 'constexpr'. | diff --git a/cpp/autosar/test/rules/A7-1-2/test.cpp b/cpp/autosar/test/rules/A7-1-2/test.cpp index ca368c6069..234cff423a 100644 --- a/cpp/autosar/test/rules/A7-1-2/test.cpp +++ b/cpp/autosar/test/rules/A7-1-2/test.cpp @@ -206,9 +206,42 @@ class ExcludedCases { void operator=(ExcludedCases &&) {} // COMPLIANT }; +extern int random(); constexpr int add(int x, int y) { return x + y; } +constexpr int add1(int x, int y = 1) { return x + y; } +constexpr int add2(int x, int y = add(add1(1), 2)) { return x + y; } +constexpr int add3(int x, int y = random()) { return x + y; } +constexpr int add4(int x = 1, int y = 2) { return x + y; } constexpr void fp_reported_in_466(int p) { int x = add(1, 2); // NON_COMPLIANT int y = add(1, p); // COMPLIANT + + int z = 0; + if (p > 0) { + z = 1; + } else { + z = p; + } + + int u = add(z, 2); // COMPLIANT + int v = add(x, 2); // NON_COMPLIANT + int w = add1(x, 2); // NON_COMPLIANT + int a = add1(x); // NON_COMPLIANT + int b = add1(1); // NON_COMPLIANT + int c = add1(1, z); // COMPLIANT + int d = add1(1, z); // COMPLIANT + int e = add1(z); // COMPLIANT + int f = add2(1); // NON_COMPLIANT + int g = add2(1, 2); // NON_COMPLIANT + int h = add2(x, 2); // NON_COMPLIANT + int i = add2(x, 2); // NON_COMPLIANT + int j = add2(z); // COMPLIANT + int k = add2(z, 1); // COMPLIANT + int l = add3(1, 1); // NON_COMPLIANT + int m = add3(1); // COMPLIANT + int n = add3(1, z); // COMPLIANT + int o = add4(); // NON_COMPLIANT + int q = add4(1); // NON_COMPLIANT + int r = add4(1, z); // COMPLIANT } \ No newline at end of file From 7361106cb1d91de8e7c864ebdd646841751779df Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 2 Feb 2024 17:00:12 -0800 Subject: [PATCH 1576/2573] Exclude non-static members Exclude non-static members from being marked as `constexpr`. --- change_notes/2024-01-31-fix-fp-a7-1-2.md | 3 ++- cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql | 4 +++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/change_notes/2024-01-31-fix-fp-a7-1-2.md b/change_notes/2024-01-31-fix-fp-a7-1-2.md index 94a74d463f..a8a23b193c 100644 --- a/change_notes/2024-01-31-fix-fp-a7-1-2.md +++ b/change_notes/2024-01-31-fix-fp-a7-1-2.md @@ -1,2 +1,3 @@ `A7-1-2` - `VariableMissingConstexpr.ql`: - - Fix FP reported in #466. Addresses incorrect assumption that calls to `constexpr` functions are always compile-time evaluated. \ No newline at end of file + - Fix FP reported in #466. Addresses incorrect assumption that calls to `constexpr` functions are always compile-time evaluated. + - Exclude member that aren't `static`, because they cannot be `constexpr`. \ No newline at end of file diff --git a/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql b/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql index efe458b624..86d278f94c 100644 --- a/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql +++ b/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql @@ -81,5 +81,7 @@ where // Not assigned by a user in a constructor not exists(ConstructorFieldInit cfi | cfi.getTarget() = v and not cfi.isCompilerGenerated()) and // Ignore union members - not v.getDeclaringType() instanceof Union + not v.getDeclaringType() instanceof Union and + // If it is a member, it must be static to be constexpr + (v instanceof MemberVariable implies v.isStatic()) select v, "Variable " + v.getName() + " could be marked 'constexpr'." From b7df30e8e863120e1dbfbbd510ce34826896229f Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 2 Feb 2024 17:04:33 -0800 Subject: [PATCH 1577/2573] Apply correct query format --- .../rules/A7-1-2/VariableMissingConstexpr.ql | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql b/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql index 86d278f94c..930b8c47c6 100644 --- a/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql +++ b/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql @@ -34,20 +34,28 @@ predicate isTypeZeroInitializable(Type t) { } /* - * Returns true if the given call may be evaluated at compile time and is compile time evaluated because - * all its arguments are compile time evaluated and its default values are compile time evaluated. - */ + * Returns true if the given call may be evaluated at compile time and is compile time evaluated because + * all its arguments are compile time evaluated and its default values are compile time evaluated. + */ + predicate isCompileTimeEvaluated(Call call) { // 1. The call may be evaluated at compile time, because it is constexpr, and call.getTarget().isConstexpr() and // 2. all its arguments are compile time evaluated, and - forall(DataFlow::Node ultimateArgSource | DataFlow::localFlow(ultimateArgSource, DataFlow::exprNode(call.getAnArgument())) and not DataFlow::localFlowStep(_, ultimateArgSource) | + forall(DataFlow::Node ultimateArgSource | + DataFlow::localFlow(ultimateArgSource, DataFlow::exprNode(call.getAnArgument())) and + not DataFlow::localFlowStep(_, ultimateArgSource) + | ultimateArgSource.asExpr() instanceof Literal or any(Call c | isCompileTimeEvaluated(c)) = ultimateArgSource.asExpr() ) and // 3. all the default values used are compile time evaluated. - forall(Expr defaultValue, Parameter parameterUsingDefaultValue, int idx | parameterUsingDefaultValue = call.getTarget().getParameter(idx) and not exists(call.getArgument(idx)) and parameterUsingDefaultValue.getAnAssignedValue() = defaultValue | + forall(Expr defaultValue, Parameter parameterUsingDefaultValue, int idx | + parameterUsingDefaultValue = call.getTarget().getParameter(idx) and + not exists(call.getArgument(idx)) and + parameterUsingDefaultValue.getAnAssignedValue() = defaultValue + | defaultValue instanceof Literal or any(Call c | isCompileTimeEvaluated(c)) = defaultValue From a10476f2c8311c554e7b37d13827b8e0cc1b78df Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 2 Feb 2024 17:31:48 -0800 Subject: [PATCH 1578/2573] Annotate compliant case --- cpp/autosar/test/rules/A8-4-8/test.cpp | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A8-4-8/test.cpp b/cpp/autosar/test/rules/A8-4-8/test.cpp index baf0255291..fd2e5e8763 100644 --- a/cpp/autosar/test/rules/A8-4-8/test.cpp +++ b/cpp/autosar/test/rules/A8-4-8/test.cpp @@ -46,7 +46,10 @@ constexpr A &operator|=( } enum class byte : unsigned char {}; -constexpr byte &operator|(const byte &lhs, const byte &rhs) noexcept { +constexpr byte & +operator|(const byte &lhs, + const byte &rhs) noexcept { // COMPLIANT - parameters are const + // qualified references return lhs | rhs; } constexpr byte &operator|=( From a3eea2221280e42c6e311b0326b9531792cf7538 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Mon, 5 Feb 2024 08:38:28 -0500 Subject: [PATCH 1579/2573] Update change_notes/2024-01-25-exclusion-m9-3-3.md Co-authored-by: Remco Vermeulen --- change_notes/2024-01-25-exclusion-m9-3-3.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/change_notes/2024-01-25-exclusion-m9-3-3.md b/change_notes/2024-01-25-exclusion-m9-3-3.md index 7f6d2a339b..cb16180172 100644 --- a/change_notes/2024-01-25-exclusion-m9-3-3.md +++ b/change_notes/2024-01-25-exclusion-m9-3-3.md @@ -1,2 +1,2 @@ -`M9-3-3`: ` cpp/autosar/member-function-static-if-possible`, `cpp/autosar/member-function-const-if-possible` +`M9-3-3` - `MemberFunctionConstIfPossible.ql`, `MemberFunctionStaticIfPossible.ql`: - Fixes #413. Exclude deleted member functions. \ No newline at end of file From cdde1f340e067b7b3618b267c0a1095ae4a8fcc2 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Mon, 5 Feb 2024 09:08:03 -0500 Subject: [PATCH 1580/2573] A8-4-7 address review comments --- change_notes/2024-01-25-fix-reported-fp-for-a8-4-7.md | 4 ++-- .../A8-4-7/InParametersForCheapToCopyTypesNotPassedByValue.ql | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/change_notes/2024-01-25-fix-reported-fp-for-a8-4-7.md b/change_notes/2024-01-25-fix-reported-fp-for-a8-4-7.md index 6400cfb6fc..614a196494 100644 --- a/change_notes/2024-01-25-fix-reported-fp-for-a8-4-7.md +++ b/change_notes/2024-01-25-fix-reported-fp-for-a8-4-7.md @@ -1,2 +1,2 @@ -`A8-4-7`: ` cpp/autosar/in-parameters-for-cheap-to-copy-types-not-passed-by-value` - - Fixes #397. Exclude user defined operators and move constructors. \ No newline at end of file +`A8-4-7`: `InParametersForCheapToCopyTypesNotPassedByValue.ql` + - Fixes #397. Exclude user defined operators and move constructors.` \ No newline at end of file diff --git a/cpp/autosar/src/rules/A8-4-7/InParametersForCheapToCopyTypesNotPassedByValue.ql b/cpp/autosar/src/rules/A8-4-7/InParametersForCheapToCopyTypesNotPassedByValue.ql index 58309da4cf..2e4ff2addc 100644 --- a/cpp/autosar/src/rules/A8-4-7/InParametersForCheapToCopyTypesNotPassedByValue.ql +++ b/cpp/autosar/src/rules/A8-4-7/InParametersForCheapToCopyTypesNotPassedByValue.ql @@ -39,5 +39,5 @@ where not exists(Operator op | op.getAParameter() = v) and not v.isFromUninstantiatedTemplate(_) select v, - "Parameter " + v.getName() + " is the trivially copyable type " + t.getName() + - " but it is passed by reference instead of by value." + "Parameter '" + v.getName() + "' is the trivially copyable type '" + t.getName() + + "' but it is passed by reference instead of by value." From 8706c3d1b7e7cd319ce87d84e653e0b605a82aca Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Mon, 5 Feb 2024 09:47:43 -0500 Subject: [PATCH 1581/2573] A13-3-1: address formatting review --- change_notes/2024-01-30-exclusion-a13-3-1.md | 2 +- ...onThatContainsForwardingReferenceAsItsArgumentOverloaded.ql | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/change_notes/2024-01-30-exclusion-a13-3-1.md b/change_notes/2024-01-30-exclusion-a13-3-1.md index 6e2571c463..f5307a7720 100644 --- a/change_notes/2024-01-30-exclusion-a13-3-1.md +++ b/change_notes/2024-01-30-exclusion-a13-3-1.md @@ -1,2 +1,2 @@ -`A13-3-1`: `cpp/autosar/function-that-contains-forwarding-reference-as-its-argument-overloaded` +`A13-3-1`: `FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql` - Fixes #399. Exclude functions that have different number of parameters. \ No newline at end of file diff --git a/cpp/autosar/src/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql b/cpp/autosar/src/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql index 03c216829d..5f22306768 100644 --- a/cpp/autosar/src/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql +++ b/cpp/autosar/src/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql @@ -27,6 +27,7 @@ where OperatorsPackage::functionThatContainsForwardingReferenceAsItsArgumentOverloadedQuery()) and not f.isDeleted() and f = c.getAnOverload() and - //allow for overloading with different number of parameters + // allow for overloading with different number of parameters, because there is no + // confusion on what function will be called. f.getNumberOfParameters() = c.getNumberOfParameters() select f, "Function overloads a $@ with a forwarding reference parameter.", c, "function" From ef8c9be1bc161f3affe98a347a1713993ae8dcf6 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 2 Feb 2024 17:32:58 -0800 Subject: [PATCH 1582/2573] Reuse and extend existing modelling --- .../CloseFilesWhenTheyAreNoLongerNeeded.ql | 5 ++-- .../src/codingstandards/cpp/Operator.qll | 21 ++------------ .../cpp/standardlibrary/FileStreams.qll | 29 +++++++++++++++---- 3 files changed, 29 insertions(+), 26 deletions(-) diff --git a/cpp/cert/src/rules/FIO51-CPP/CloseFilesWhenTheyAreNoLongerNeeded.ql b/cpp/cert/src/rules/FIO51-CPP/CloseFilesWhenTheyAreNoLongerNeeded.ql index 8736348682..343cef26e8 100644 --- a/cpp/cert/src/rules/FIO51-CPP/CloseFilesWhenTheyAreNoLongerNeeded.ql +++ b/cpp/cert/src/rules/FIO51-CPP/CloseFilesWhenTheyAreNoLongerNeeded.ql @@ -38,8 +38,9 @@ predicate filebufAccess(ControlFlowNode node, FileStreamSource fss) { //insertion or extraction operator calls node.(InsertionOperatorCall).getFStream() = fss.getAUse() or node.(ExtractionOperatorCall).getFStream() = fss.getAUse() or - //methods inherited from istream or ostream - node.(IOStreamFunctionCall).getFStream() = fss.getAUse() + // Methods inherited from istream or ostream that access the file stream. + // Exclude is_open as it is not a filebuf access + any(IOStreamFunctionCall call | node = call and not call.getTarget().hasName("is_open")).getFStream() = fss.getAUse() } /** diff --git a/cpp/common/src/codingstandards/cpp/Operator.qll b/cpp/common/src/codingstandards/cpp/Operator.qll index 3a5ed9d1bc..5838a043e9 100644 --- a/cpp/common/src/codingstandards/cpp/Operator.qll +++ b/cpp/common/src/codingstandards/cpp/Operator.qll @@ -1,6 +1,7 @@ import cpp import Expr private import semmle.code.cpp.security.FileWrite +private import codingstandards.cpp.standardlibrary.FileStreams /** * any assignment operator that also reads from the access @@ -268,22 +269,6 @@ class UserOverloadedOperator extends Function { } } -/** - * A `std::basic_istream` class, or something that can be used - * as one. Based on the BasicOStreamClass. - */ -private class BasicIStreamClass extends Type { - BasicIStreamClass() { - this.(Class).getName().matches("basic\\_istream%") - or - this.getUnspecifiedType() instanceof BasicIStreamClass - or - this.(Class).getABaseClass() instanceof BasicIStreamClass - or - this.(ReferenceType).getBaseType() instanceof BasicIStreamClass - } -} - /** An implementation of a stream insertion operator. */ class StreamInsertionOperator extends Function { StreamInsertionOperator() { @@ -309,9 +294,9 @@ class StreamExtractionOperator extends Function { then this.getNumberOfParameters() = 1 else ( this.getNumberOfParameters() = 2 and - this.getParameter(0).getType() instanceof BasicIStreamClass + this.getParameter(0).getType() instanceof IStream ) ) and - this.getType() instanceof BasicIStreamClass + this.getType() instanceof IStream } } diff --git a/cpp/common/src/codingstandards/cpp/standardlibrary/FileStreams.qll b/cpp/common/src/codingstandards/cpp/standardlibrary/FileStreams.qll index 4d495fce3e..f680f99fc4 100644 --- a/cpp/common/src/codingstandards/cpp/standardlibrary/FileStreams.qll +++ b/cpp/common/src/codingstandards/cpp/standardlibrary/FileStreams.qll @@ -12,6 +12,7 @@ import cpp import codingstandards.cpp.dataflow.DataFlow import codingstandards.cpp.dataflow.TaintTracking +private import codingstandards.cpp.Operator /** * A `basic_fstream` like `std::fstream` @@ -23,15 +24,31 @@ class FileStream extends ClassTemplateInstantiation { /** * A `basic_istream` like `std::istream` */ -class IStream extends ClassTemplateInstantiation { - IStream() { this.getTemplate().hasQualifiedName("std", "basic_istream") } +class IStream extends Type { + IStream() { + this.(Class).getQualifiedName().matches("std::basic\\_istream%") + or + this.getUnspecifiedType() instanceof IStream + or + this.(Class).getABaseClass() instanceof IStream + or + this.(ReferenceType).getBaseType() instanceof IStream + } } /** * A `basic_ostream` like `std::ostream` */ -class OStream extends ClassTemplateInstantiation { - OStream() { this.getTemplate().hasQualifiedName("std", "basic_ostream") } +class OStream extends Type { + OStream() { + this.(Class).getQualifiedName().matches("std::basic\\_ostream%") + or + this.getUnspecifiedType() instanceof OStream + or + this.(Class).getABaseClass() instanceof OStream + or + this.(ReferenceType).getBaseType() instanceof OStream + } } /** @@ -53,7 +70,7 @@ predicate sameStreamSource(FileStreamFunctionCall a, FileStreamFunctionCall b) { * Insertion `operator<<` and Extraction `operator>>` operators. */ class InsertionOperatorCall extends FileStreamFunctionCall { - InsertionOperatorCall() { this.getTarget().(Operator).hasQualifiedName("std", "operator<<") } + InsertionOperatorCall() { this.getTarget() instanceof StreamInsertionOperator } override Expr getFStream() { result = this.getQualifier() @@ -63,7 +80,7 @@ class InsertionOperatorCall extends FileStreamFunctionCall { } class ExtractionOperatorCall extends FileStreamFunctionCall { - ExtractionOperatorCall() { this.getTarget().(Operator).hasQualifiedName("std", "operator>>") } + ExtractionOperatorCall() { this.getTarget() instanceof StreamExtractionOperator } override Expr getFStream() { result = this.getQualifier() From 28f54a799b1f6ba1ea9b9ab43ccd6f9c40e7334c Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 5 Feb 2024 14:40:57 -0800 Subject: [PATCH 1583/2573] Revert "Exclude non-static members" This reverts commit 7361106cb1d91de8e7c864ebdd646841751779df. The change was incorrect and caused the rule to miss some cases. --- change_notes/2024-01-31-fix-fp-a7-1-2.md | 3 +-- cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql | 4 +--- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/change_notes/2024-01-31-fix-fp-a7-1-2.md b/change_notes/2024-01-31-fix-fp-a7-1-2.md index a8a23b193c..94a74d463f 100644 --- a/change_notes/2024-01-31-fix-fp-a7-1-2.md +++ b/change_notes/2024-01-31-fix-fp-a7-1-2.md @@ -1,3 +1,2 @@ `A7-1-2` - `VariableMissingConstexpr.ql`: - - Fix FP reported in #466. Addresses incorrect assumption that calls to `constexpr` functions are always compile-time evaluated. - - Exclude member that aren't `static`, because they cannot be `constexpr`. \ No newline at end of file + - Fix FP reported in #466. Addresses incorrect assumption that calls to `constexpr` functions are always compile-time evaluated. \ No newline at end of file diff --git a/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql b/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql index 930b8c47c6..93391cdcb9 100644 --- a/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql +++ b/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql @@ -89,7 +89,5 @@ where // Not assigned by a user in a constructor not exists(ConstructorFieldInit cfi | cfi.getTarget() = v and not cfi.isCompilerGenerated()) and // Ignore union members - not v.getDeclaringType() instanceof Union and - // If it is a member, it must be static to be constexpr - (v instanceof MemberVariable implies v.isStatic()) + not v.getDeclaringType() instanceof Union select v, "Variable " + v.getName() + " could be marked 'constexpr'." From fe630e9a1c3581bf1c25bdd8622d30b92f72c902 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 5 Feb 2024 15:07:33 -0800 Subject: [PATCH 1584/2573] Annotate test cases to explain their intent --- .../A7-1-2/VariableMissingConstexpr.expected | 23 +++++---- cpp/autosar/test/rules/A7-1-2/test.cpp | 49 +++++++++++-------- 2 files changed, 40 insertions(+), 32 deletions(-) diff --git a/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected b/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected index 34c76f2de3..7404c5193e 100644 --- a/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected +++ b/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected @@ -10,15 +10,14 @@ | test.cpp:55:7:55:8 | m2 | Variable m2 could be marked 'constexpr'. | | test.cpp:130:7:130:8 | m1 | Variable m1 could be marked 'constexpr'. | | test.cpp:141:7:141:8 | m1 | Variable m1 could be marked 'constexpr'. | -| test.cpp:217:7:217:7 | x | Variable x could be marked 'constexpr'. | -| test.cpp:228:7:228:7 | v | Variable v could be marked 'constexpr'. | -| test.cpp:229:7:229:7 | w | Variable w could be marked 'constexpr'. | -| test.cpp:230:7:230:7 | a | Variable a could be marked 'constexpr'. | -| test.cpp:231:7:231:7 | b | Variable b could be marked 'constexpr'. | -| test.cpp:235:7:235:7 | f | Variable f could be marked 'constexpr'. | -| test.cpp:236:7:236:7 | g | Variable g could be marked 'constexpr'. | -| test.cpp:237:7:237:7 | h | Variable h could be marked 'constexpr'. | -| test.cpp:238:7:238:7 | i | Variable i could be marked 'constexpr'. | -| test.cpp:241:7:241:7 | l | Variable l could be marked 'constexpr'. | -| test.cpp:244:7:244:7 | o | Variable o could be marked 'constexpr'. | -| test.cpp:245:7:245:7 | q | Variable q could be marked 'constexpr'. | +| test.cpp:221:7:221:7 | x | Variable x could be marked 'constexpr'. | +| test.cpp:234:7:234:7 | v | Variable v could be marked 'constexpr'. | +| test.cpp:235:7:235:7 | w | Variable w could be marked 'constexpr'. | +| test.cpp:237:7:237:7 | a | Variable a could be marked 'constexpr'. | +| test.cpp:239:7:239:7 | b | Variable b could be marked 'constexpr'. | +| test.cpp:242:7:242:7 | e | Variable e could be marked 'constexpr'. | +| test.cpp:244:7:244:7 | f | Variable f could be marked 'constexpr'. | +| test.cpp:245:7:245:7 | g | Variable g could be marked 'constexpr'. | +| test.cpp:248:7:248:7 | j | Variable j could be marked 'constexpr'. | +| test.cpp:252:7:252:7 | m | Variable m could be marked 'constexpr'. | +| test.cpp:253:7:253:7 | n | Variable n could be marked 'constexpr'. | diff --git a/cpp/autosar/test/rules/A7-1-2/test.cpp b/cpp/autosar/test/rules/A7-1-2/test.cpp index 234cff423a..b60c0f9979 100644 --- a/cpp/autosar/test/rules/A7-1-2/test.cpp +++ b/cpp/autosar/test/rules/A7-1-2/test.cpp @@ -208,9 +208,13 @@ class ExcludedCases { extern int random(); constexpr int add(int x, int y) { return x + y; } +// Example with compile time constant literal value as default argument constexpr int add1(int x, int y = 1) { return x + y; } +// Example with compile time constant function call as default argument constexpr int add2(int x, int y = add(add1(1), 2)) { return x + y; } +// Example with non compile time constant function call as default argument constexpr int add3(int x, int y = random()) { return x + y; } +// Example with compile time constant literal value as default arguments constexpr int add4(int x = 1, int y = 2) { return x + y; } constexpr void fp_reported_in_466(int p) { @@ -224,24 +228,29 @@ constexpr void fp_reported_in_466(int p) { z = p; } - int u = add(z, 2); // COMPLIANT - int v = add(x, 2); // NON_COMPLIANT - int w = add1(x, 2); // NON_COMPLIANT - int a = add1(x); // NON_COMPLIANT - int b = add1(1); // NON_COMPLIANT - int c = add1(1, z); // COMPLIANT - int d = add1(1, z); // COMPLIANT - int e = add1(z); // COMPLIANT - int f = add2(1); // NON_COMPLIANT - int g = add2(1, 2); // NON_COMPLIANT - int h = add2(x, 2); // NON_COMPLIANT - int i = add2(x, 2); // NON_COMPLIANT - int j = add2(z); // COMPLIANT - int k = add2(z, 1); // COMPLIANT - int l = add3(1, 1); // NON_COMPLIANT - int m = add3(1); // COMPLIANT - int n = add3(1, z); // COMPLIANT - int o = add4(); // NON_COMPLIANT - int q = add4(1); // NON_COMPLIANT - int r = add4(1, z); // COMPLIANT + constexpr int t = add(1, 2); // COMPLIANT + + int u = add(z, 2); // COMPLIANT - z is not compile time constant on all paths + int v = add(t, 2); // NON_COMPLIANT + int w = + add1(t, 2); // NON_COMPLIANT - all arguments are compile time constants + int a = add1(t); // NON_COMPLIANT - s and the default value of the second + // argument are compile time constants + int b = add1(1); // NON_COMPLIANT + int c = add1(1, z); // COMPLIANT - z is not compile time constant on all paths + int d = add1(z); // COMPLIANT - z is not compile time constant on all paths + int e = add2(1); // NON_COMPLIANT - provided argument and default value are + // compile time constants + int f = add2(1, 2); // NON_COMPLIANT + int g = add2(t, 2); // NON_COMPLIANT + int h = add2(z); // COMPLIANT - z is not compile time constant on all paths + int i = add2(z, 1); // COMPLIANT - z is not compile time constant on all paths + int j = add3(1, 1); // NON_COMPLIANT + int k = add3(1); // COMPLIANT - default value for second argument is not a + // compile time constant + int l = add3(1, z); // COMPLIANT - z is not compile time constant on all paths + int m = add4(); // NON_COMPLIANT - default values are compile time constants + int n = add4(1); // NON_COMPLIANT - default value for second argument is a + // compile time constant + int o = add4(1, z); // COMPLIANT - z is not compile time constant on all paths } \ No newline at end of file From 23b8975a7a5e039da1d8d33c21fdcb03b4d8f1ef Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 5 Feb 2024 23:36:04 +0000 Subject: [PATCH 1585/2573] Add more thorough description of unexpected specifications --- .../src/codingstandards/cpp/exceptions/ExceptionFlow.qll | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/exceptions/ExceptionFlow.qll b/cpp/common/src/codingstandards/cpp/exceptions/ExceptionFlow.qll index 72ac478b6b..5a4e7fee6e 100644 --- a/cpp/common/src/codingstandards/cpp/exceptions/ExceptionFlow.qll +++ b/cpp/common/src/codingstandards/cpp/exceptions/ExceptionFlow.qll @@ -318,7 +318,14 @@ class FunctionCallThrowingExpr extends FunctionCall, ThrowingExpr { target = getTarget() and result = getAFunctionThrownType(target, _) and // [expect.spec] states that throwing an exception type that is prohibited - // by the specification will result in the program terminating. We therefore + // by the specification will result in the program terminating, unless + // a custom `unexpected_handler` is registered that throws an exception type + // which is compatible with the dynamic exception specification, or the + // dynamic exception specification lists `std::bad_exception`, in which case + // a `std::bad_exception` is thrown. + // As dynamic exception specifications and the `unexpected_handler` are both + // deprecated in C++14 and removed in C++17, we assume a default + // `std::unexpected` handler that calls `std::terminate` and therefore // do not propagate such exceptions to the call sites for the function. not ( hasDynamicExceptionSpecification(target) and From 898c7f1f581480fec198dd2f092f09b7821cfe90 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Mon, 5 Feb 2024 18:38:28 -0500 Subject: [PATCH 1586/2573] A8-4-7: exclusion for templates --- change_notes/2024-01-25-fix-reported-fp-for-a8-4-7.md | 5 +++-- .../InParametersForCheapToCopyTypesNotPassedByValue.ql | 3 ++- ...InParametersForNotCheapToCopyTypesNotPassedByReference.ql | 3 ++- .../InParametersForCheapToCopyTypesNotPassedByValue.expected | 2 +- 4 files changed, 8 insertions(+), 5 deletions(-) diff --git a/change_notes/2024-01-25-fix-reported-fp-for-a8-4-7.md b/change_notes/2024-01-25-fix-reported-fp-for-a8-4-7.md index 614a196494..367471f245 100644 --- a/change_notes/2024-01-25-fix-reported-fp-for-a8-4-7.md +++ b/change_notes/2024-01-25-fix-reported-fp-for-a8-4-7.md @@ -1,2 +1,3 @@ -`A8-4-7`: `InParametersForCheapToCopyTypesNotPassedByValue.ql` - - Fixes #397. Exclude user defined operators and move constructors.` \ No newline at end of file +`A8-4-7`: `InParametersForCheapToCopyTypesNotPassedByValue.ql`, `InParametersForNotCheapToCopyTypesNotPassedByReference.ql` + - Fixes #397. Exclude user defined operators and move constructors.` + - Exclude parameters for instantiated templates because the declaration location of the function does not contain enough information about the type used in the instantiation to make an actionable alert. \ No newline at end of file diff --git a/cpp/autosar/src/rules/A8-4-7/InParametersForCheapToCopyTypesNotPassedByValue.ql b/cpp/autosar/src/rules/A8-4-7/InParametersForCheapToCopyTypesNotPassedByValue.ql index 2e4ff2addc..78e9db28a4 100644 --- a/cpp/autosar/src/rules/A8-4-7/InParametersForCheapToCopyTypesNotPassedByValue.ql +++ b/cpp/autosar/src/rules/A8-4-7/InParametersForCheapToCopyTypesNotPassedByValue.ql @@ -37,7 +37,8 @@ where not exists(CatchBlock cb | cb.getParameter() = v) and not exists(SpecialMemberFunction cc | cc.getAParameter() = v) and not exists(Operator op | op.getAParameter() = v) and - not v.isFromUninstantiatedTemplate(_) + not v.isFromUninstantiatedTemplate(_) and + not v.isFromTemplateInstantiation(_) select v, "Parameter '" + v.getName() + "' is the trivially copyable type '" + t.getName() + "' but it is passed by reference instead of by value." diff --git a/cpp/autosar/src/rules/A8-4-7/InParametersForNotCheapToCopyTypesNotPassedByReference.ql b/cpp/autosar/src/rules/A8-4-7/InParametersForNotCheapToCopyTypesNotPassedByReference.ql index f6d481a54a..b96b9347d3 100644 --- a/cpp/autosar/src/rules/A8-4-7/InParametersForNotCheapToCopyTypesNotPassedByReference.ql +++ b/cpp/autosar/src/rules/A8-4-7/InParametersForNotCheapToCopyTypesNotPassedByReference.ql @@ -31,7 +31,8 @@ where not v.getType() instanceof TriviallySmallType and not v.getType().getUnderlyingType() instanceof ReferenceType and not exists(CatchBlock cb | cb.getParameter() = v) and - not v.isFromUninstantiatedTemplate(_) + not v.isFromUninstantiatedTemplate(_) and + not v.isFromTemplateInstantiation(_) select v, "Parameter " + v.getName() + " is the trivially non-copyable type $@ but it is passed by value instead of by reference.", diff --git a/cpp/autosar/test/rules/A8-4-7/InParametersForCheapToCopyTypesNotPassedByValue.expected b/cpp/autosar/test/rules/A8-4-7/InParametersForCheapToCopyTypesNotPassedByValue.expected index c89e65db90..bc8a9d5f5b 100644 --- a/cpp/autosar/test/rules/A8-4-7/InParametersForCheapToCopyTypesNotPassedByValue.expected +++ b/cpp/autosar/test/rules/A8-4-7/InParametersForCheapToCopyTypesNotPassedByValue.expected @@ -1 +1 @@ -| test.cpp:20:19:20:21 | f5a | Parameter f5a is the trivially copyable type const S1 but it is passed by reference instead of by value. | +| test.cpp:20:19:20:21 | f5a | Parameter 'f5a' is the trivially copyable type 'const S1' but it is passed by reference instead of by value. | From 591c755765d1f29c83c3eeabaa65901959ff6600 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 5 Feb 2024 16:32:05 -0800 Subject: [PATCH 1587/2573] Exclude flows through non constexpr variables Before the analysis only considered whether the source of an argument passed to a function was computed at compile time. Now we consider whether intermediate variables are also constexpr even though their values are compile time constants, because otherwise the compiler will accept the variable receiving the compiled time constant to be a constexpr variable. --- .../rules/A7-1-2/VariableMissingConstexpr.ql | 54 ++++++++++++-- .../A7-1-2/VariableMissingConstexpr.expected | 22 +++--- cpp/autosar/test/rules/A7-1-2/test.cpp | 71 +++++++++++-------- 3 files changed, 101 insertions(+), 46 deletions(-) diff --git a/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql b/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql index 93391cdcb9..3c2ae9a592 100644 --- a/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql +++ b/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql @@ -17,6 +17,7 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.TrivialType import codingstandards.cpp.SideEffect +import semmle.code.cpp.controlflow.SSA predicate isZeroInitializable(Variable v) { not exists(v.getInitializer().getExpr()) and @@ -33,6 +34,39 @@ predicate isTypeZeroInitializable(Type t) { t.getUnderlyingType() instanceof ArrayType } +/** + * An optimized set of expressions used to determine the flow through constexpr variables. + */ +class VariableAccessOrCallOrLiteral extends Expr { + VariableAccessOrCallOrLiteral() { + this instanceof VariableAccess or + this instanceof Call or + this instanceof Literal + } +} + +/** + * Holds if the value of source flows through compile time evaluated variables to target. + */ +predicate flowsThroughConstExprVariables( + VariableAccessOrCallOrLiteral source, VariableAccessOrCallOrLiteral target +) { + ( + source = target + or + source != target and + exists(SsaDefinition intermediateDef, StackVariable intermediate | + intermediateDef.getAVariable().getFunction() = source.getEnclosingFunction() and + intermediateDef.getAVariable().getFunction() = target.getEnclosingFunction() and + intermediateDef.getAVariable() = intermediate and + intermediate.isConstexpr() + | + DataFlow::localExprFlow(source, intermediateDef.getDefiningValue(intermediate)) and + flowsThroughConstExprVariables(intermediateDef.getAUse(intermediate), target) + ) + ) +} + /* * Returns true if the given call may be evaluated at compile time and is compile time evaluated because * all its arguments are compile time evaluated and its default values are compile time evaluated. @@ -42,13 +76,23 @@ predicate isCompileTimeEvaluated(Call call) { // 1. The call may be evaluated at compile time, because it is constexpr, and call.getTarget().isConstexpr() and // 2. all its arguments are compile time evaluated, and - forall(DataFlow::Node ultimateArgSource | - DataFlow::localFlow(ultimateArgSource, DataFlow::exprNode(call.getAnArgument())) and + forall(DataFlow::Node ultimateArgSource, DataFlow::Node argSource | + argSource = DataFlow::exprNode(call.getAnArgument()) and + DataFlow::localFlow(ultimateArgSource, argSource) and not DataFlow::localFlowStep(_, ultimateArgSource) | - ultimateArgSource.asExpr() instanceof Literal - or - any(Call c | isCompileTimeEvaluated(c)) = ultimateArgSource.asExpr() + ( + ultimateArgSource.asExpr() instanceof Literal + or + any(Call c | isCompileTimeEvaluated(c)) = ultimateArgSource.asExpr() + ) and + // If the ultimate argument source is not the same as the argument source, then it must flow through + // constexpr variables. + ( + ultimateArgSource != argSource + implies + flowsThroughConstExprVariables(ultimateArgSource.asExpr(), argSource.asExpr()) + ) ) and // 3. all the default values used are compile time evaluated. forall(Expr defaultValue, Parameter parameterUsingDefaultValue, int idx | diff --git a/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected b/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected index 7404c5193e..dbf223e0cf 100644 --- a/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected +++ b/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected @@ -10,14 +10,14 @@ | test.cpp:55:7:55:8 | m2 | Variable m2 could be marked 'constexpr'. | | test.cpp:130:7:130:8 | m1 | Variable m1 could be marked 'constexpr'. | | test.cpp:141:7:141:8 | m1 | Variable m1 could be marked 'constexpr'. | -| test.cpp:221:7:221:7 | x | Variable x could be marked 'constexpr'. | -| test.cpp:234:7:234:7 | v | Variable v could be marked 'constexpr'. | -| test.cpp:235:7:235:7 | w | Variable w could be marked 'constexpr'. | -| test.cpp:237:7:237:7 | a | Variable a could be marked 'constexpr'. | -| test.cpp:239:7:239:7 | b | Variable b could be marked 'constexpr'. | -| test.cpp:242:7:242:7 | e | Variable e could be marked 'constexpr'. | -| test.cpp:244:7:244:7 | f | Variable f could be marked 'constexpr'. | -| test.cpp:245:7:245:7 | g | Variable g could be marked 'constexpr'. | -| test.cpp:248:7:248:7 | j | Variable j could be marked 'constexpr'. | -| test.cpp:252:7:252:7 | m | Variable m could be marked 'constexpr'. | -| test.cpp:253:7:253:7 | n | Variable n could be marked 'constexpr'. | +| test.cpp:221:7:221:8 | l1 | Variable l1 could be marked 'constexpr'. | +| test.cpp:235:7:235:8 | l6 | Variable l6 could be marked 'constexpr'. | +| test.cpp:237:7:237:8 | l8 | Variable l8 could be marked 'constexpr'. | +| test.cpp:240:7:240:9 | l10 | Variable l10 could be marked 'constexpr'. | +| test.cpp:243:7:243:9 | l12 | Variable l12 could be marked 'constexpr'. | +| test.cpp:248:7:248:9 | l15 | Variable l15 could be marked 'constexpr'. | +| test.cpp:250:7:250:9 | l16 | Variable l16 could be marked 'constexpr'. | +| test.cpp:251:7:251:9 | l17 | Variable l17 could be marked 'constexpr'. | +| test.cpp:257:7:257:9 | l21 | Variable l21 could be marked 'constexpr'. | +| test.cpp:262:7:262:9 | l24 | Variable l24 could be marked 'constexpr'. | +| test.cpp:263:7:263:9 | l25 | Variable l25 could be marked 'constexpr'. | diff --git a/cpp/autosar/test/rules/A7-1-2/test.cpp b/cpp/autosar/test/rules/A7-1-2/test.cpp index b60c0f9979..a3b7baea83 100644 --- a/cpp/autosar/test/rules/A7-1-2/test.cpp +++ b/cpp/autosar/test/rules/A7-1-2/test.cpp @@ -218,39 +218,50 @@ constexpr int add3(int x, int y = random()) { return x + y; } constexpr int add4(int x = 1, int y = 2) { return x + y; } constexpr void fp_reported_in_466(int p) { - int x = add(1, 2); // NON_COMPLIANT - int y = add(1, p); // COMPLIANT + int l1 = add(1, 2); // NON_COMPLIANT + int l2 = add(1, p); // COMPLIANT - int z = 0; + int l3 = 0; if (p > 0) { - z = 1; + l3 = 1; } else { - z = p; + l3 = p; } - constexpr int t = add(1, 2); // COMPLIANT - - int u = add(z, 2); // COMPLIANT - z is not compile time constant on all paths - int v = add(t, 2); // NON_COMPLIANT - int w = - add1(t, 2); // NON_COMPLIANT - all arguments are compile time constants - int a = add1(t); // NON_COMPLIANT - s and the default value of the second - // argument are compile time constants - int b = add1(1); // NON_COMPLIANT - int c = add1(1, z); // COMPLIANT - z is not compile time constant on all paths - int d = add1(z); // COMPLIANT - z is not compile time constant on all paths - int e = add2(1); // NON_COMPLIANT - provided argument and default value are - // compile time constants - int f = add2(1, 2); // NON_COMPLIANT - int g = add2(t, 2); // NON_COMPLIANT - int h = add2(z); // COMPLIANT - z is not compile time constant on all paths - int i = add2(z, 1); // COMPLIANT - z is not compile time constant on all paths - int j = add3(1, 1); // NON_COMPLIANT - int k = add3(1); // COMPLIANT - default value for second argument is not a - // compile time constant - int l = add3(1, z); // COMPLIANT - z is not compile time constant on all paths - int m = add4(); // NON_COMPLIANT - default values are compile time constants - int n = add4(1); // NON_COMPLIANT - default value for second argument is a - // compile time constant - int o = add4(1, z); // COMPLIANT - z is not compile time constant on all paths + constexpr int l4 = add(1, 2); // COMPLIANT + + int l5 = + add(l3, 2); // COMPLIANT - l3 is not compile time constant on all paths + int l6 = add(l4, 2); // NON_COMPLIANT + int l7 = add(l1, 2); // COMPLIANT - l1 is not constexpr + int l8 = + add1(l4, 2); // NON_COMPLIANT - all arguments are compile time constants + int l9 = add1(l1, 2); // COMPLIANT - l1 is not constexpr + int l10 = add1(l4); // NON_COMPLIANT - argument and the default value of the + // second argument are compile time constants + int l11 = add1(l1); // COMPLIANT - l1 is not constexpr + int l12 = add1(1); // NON_COMPLIANT + int l13 = + add1(1, l3); // COMPLIANT - l3 is not compile time constant on all paths + int l14 = + add1(l3); // COMPLIANT - l3 is not compile time constant on all paths + int l15 = add2(1); // NON_COMPLIANT - provided argument and default value are + // compile time constants + int l16 = add2(1, 2); // NON_COMPLIANT + int l17 = add2(l4, 2); // NON_COMPLIANT + int l18 = add2(l1, 2); // COMPLIANT - l1 is not constexpr + int l19 = + add2(l3); // COMPLIANT - l3 is not compile time constant on all paths + int l20 = + add2(l3, 1); // COMPLIANT - l3 is not compile time constant on all paths + int l21 = add3(1, 1); // NON_COMPLIANT + int l22 = add3(1); // COMPLIANT - default value for second argument is not a + // compile time constant + int l23 = + add3(1, l3); // COMPLIANT - l3 is not compile time constant on all paths + int l24 = add4(); // NON_COMPLIANT - default values are compile time constants + int l25 = add4(1); // NON_COMPLIANT - default value for second argument is a + // compile time constant + int l26 = + add4(1, l3); // COMPLIANT - l3 is not compile time constant on all paths } \ No newline at end of file From 9ca33f397536cd61834f0a22c05873788bf6ed9f Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 5 Feb 2024 17:13:57 -0800 Subject: [PATCH 1588/2573] Apply correct query format --- .../src/rules/FIO51-CPP/CloseFilesWhenTheyAreNoLongerNeeded.ql | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/cpp/cert/src/rules/FIO51-CPP/CloseFilesWhenTheyAreNoLongerNeeded.ql b/cpp/cert/src/rules/FIO51-CPP/CloseFilesWhenTheyAreNoLongerNeeded.ql index 343cef26e8..383fb9db1f 100644 --- a/cpp/cert/src/rules/FIO51-CPP/CloseFilesWhenTheyAreNoLongerNeeded.ql +++ b/cpp/cert/src/rules/FIO51-CPP/CloseFilesWhenTheyAreNoLongerNeeded.ql @@ -40,7 +40,8 @@ predicate filebufAccess(ControlFlowNode node, FileStreamSource fss) { node.(ExtractionOperatorCall).getFStream() = fss.getAUse() or // Methods inherited from istream or ostream that access the file stream. // Exclude is_open as it is not a filebuf access - any(IOStreamFunctionCall call | node = call and not call.getTarget().hasName("is_open")).getFStream() = fss.getAUse() + any(IOStreamFunctionCall call | node = call and not call.getTarget().hasName("is_open")) + .getFStream() = fss.getAUse() } /** From da4599193ed6857a60ee0005545a5ff8fe6f20b0 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Mon, 5 Feb 2024 20:24:49 -0500 Subject: [PATCH 1589/2573] Update change_notes/2024-01-25-fix-reported-fp-for-a8-4-7.md Co-authored-by: Remco Vermeulen --- change_notes/2024-01-25-fix-reported-fp-for-a8-4-7.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/change_notes/2024-01-25-fix-reported-fp-for-a8-4-7.md b/change_notes/2024-01-25-fix-reported-fp-for-a8-4-7.md index 367471f245..34c4343d1b 100644 --- a/change_notes/2024-01-25-fix-reported-fp-for-a8-4-7.md +++ b/change_notes/2024-01-25-fix-reported-fp-for-a8-4-7.md @@ -1,3 +1,3 @@ -`A8-4-7`: `InParametersForCheapToCopyTypesNotPassedByValue.ql`, `InParametersForNotCheapToCopyTypesNotPassedByReference.ql` +`A8-4-7` - `InParametersForCheapToCopyTypesNotPassedByValue.ql`, `InParametersForNotCheapToCopyTypesNotPassedByReference.ql`: - Fixes #397. Exclude user defined operators and move constructors.` - Exclude parameters for instantiated templates because the declaration location of the function does not contain enough information about the type used in the instantiation to make an actionable alert. \ No newline at end of file From b100f210c286c890fe83bae1c65fbea228f259db Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 6 Feb 2024 11:54:38 -0500 Subject: [PATCH 1590/2573] A13-3-1: improve alert msg --- ...wardingReferenceAsItsArgumentOverloaded.ql | 19 ++++++++++++++++--- cpp/autosar/test/rules/A13-3-1/test.cpp | 8 +++++--- 2 files changed, 21 insertions(+), 6 deletions(-) diff --git a/cpp/autosar/src/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql b/cpp/autosar/src/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql index 5f22306768..2f056257fb 100644 --- a/cpp/autosar/src/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql +++ b/cpp/autosar/src/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql @@ -21,7 +21,7 @@ class Candidate extends TemplateFunction { } } -from Candidate c, Function f +from Candidate c, Function f, Function overload, Function overloaded, string msg where not isExcluded(f, OperatorsPackage::functionThatContainsForwardingReferenceAsItsArgumentOverloadedQuery()) and @@ -29,5 +29,18 @@ where f = c.getAnOverload() and // allow for overloading with different number of parameters, because there is no // confusion on what function will be called. - f.getNumberOfParameters() = c.getNumberOfParameters() -select f, "Function overloads a $@ with a forwarding reference parameter.", c, "function" + f.getNumberOfParameters() = c.getNumberOfParameters() and + //build a dynamic select statement that guarantees to read that the overloading function is the explicit one + if + (f instanceof CopyConstructor or f instanceof MoveConstructor) and + f.isCompilerGenerated() + then ( + msg = "implicit constructor" and + overloaded = f and + overload = c + ) else ( + msg = "function" and + overloaded = c and + overload = f + ) +select overload, "Function overloads a $@ with a forwarding reference parameter.", overloaded, msg diff --git a/cpp/autosar/test/rules/A13-3-1/test.cpp b/cpp/autosar/test/rules/A13-3-1/test.cpp index 9cd33ad4e9..ab75917a66 100644 --- a/cpp/autosar/test/rules/A13-3-1/test.cpp +++ b/cpp/autosar/test/rules/A13-3-1/test.cpp @@ -61,9 +61,11 @@ A b(a); void F1(int &) = delete; // COMPLIANT by exception struct B { - template ::value> * = nullptr> - B(T &&value) {} + template < + typename T, + std::enable_if_t>, A>::value> * = nullptr> + B(T &&value) {} // COMPLIANT by exception }; int main() {} From 8f945f5cd829e3610d6eb027187c878ef156b844 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 6 Feb 2024 13:17:01 -0500 Subject: [PATCH 1591/2573] Update change_notes/2024-01-26-exclusion-a5-0-2.md Co-authored-by: Remco Vermeulen --- change_notes/2024-01-26-exclusion-a5-0-2.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/change_notes/2024-01-26-exclusion-a5-0-2.md b/change_notes/2024-01-26-exclusion-a5-0-2.md index f7fa5c5074..33d8113774 100644 --- a/change_notes/2024-01-26-exclusion-a5-0-2.md +++ b/change_notes/2024-01-26-exclusion-a5-0-2.md @@ -1,2 +1,2 @@ -`A5-0-2`: `cpp/autosar/non-boolean-if-condition`, `cpp/autosar/non-boolean-iteration-condition` +`A5-0-2` - `NonBooleanIfStmt.qll`, `NonBooleanIterationStmt.qll`: - Exclude compiler generated conditions. \ No newline at end of file From b254323d85c29e4c58ba52c01c74990326a6a144 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 6 Feb 2024 14:54:13 -0800 Subject: [PATCH 1592/2573] Annotate test case with appropriate comment --- cpp/autosar/test/rules/M9-3-3/test.cpp | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/M9-3-3/test.cpp b/cpp/autosar/test/rules/M9-3-3/test.cpp index ef65eb69f0..f4a3f3bf72 100644 --- a/cpp/autosar/test/rules/M9-3-3/test.cpp +++ b/cpp/autosar/test/rules/M9-3-3/test.cpp @@ -175,7 +175,9 @@ template class U> class Stack { public: T &Top() { return this->data.back(); - } // Likely NON_COMPLIANT, but cannot be determined until instantiation. + } // COMPLIANT[FALSE_NEGATIVE|TRUE_NEGATIVE] - exception not specified in the + // standard, we opt to not raise an issue because the template can be both + // compliant and non-compliant depending on instantiations. private: U data; }; From f9094a5a6184fc5abc2ba79e4bf374da4523692b Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 6 Feb 2024 22:55:31 +0000 Subject: [PATCH 1593/2573] Add change note. --- change_notes/2023-11-22-remove-parameters-a7-1-1.md | 1 + 1 file changed, 1 insertion(+) create mode 100644 change_notes/2023-11-22-remove-parameters-a7-1-1.md diff --git a/change_notes/2023-11-22-remove-parameters-a7-1-1.md b/change_notes/2023-11-22-remove-parameters-a7-1-1.md new file mode 100644 index 0000000000..415e2ba332 --- /dev/null +++ b/change_notes/2023-11-22-remove-parameters-a7-1-1.md @@ -0,0 +1 @@ + * `A7-1-1` - no longer report parameters as contravening this rule. This is inline with the rule intent as described in the referenced C++ Core Guidelines rule [CON.1](https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#con1-by-default-make-objects-immutable), which states "To avoid confusion and lots of false positives, don’t enforce this rule for function parameters." \ No newline at end of file From a65a8b85a70c947ac385665e2b86dab647ae0d9b Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 6 Feb 2024 17:26:03 -0800 Subject: [PATCH 1594/2573] Consider temporary object expression to determine type usage --- cpp/common/src/codingstandards/cpp/TypeUses.qll | 3 +++ cpp/common/test/rules/unusedtypedeclarations/test.cpp | 11 +++++++++++ 2 files changed, 14 insertions(+) diff --git a/cpp/common/src/codingstandards/cpp/TypeUses.qll b/cpp/common/src/codingstandards/cpp/TypeUses.qll index 0033401098..d0edd19a93 100644 --- a/cpp/common/src/codingstandards/cpp/TypeUses.qll +++ b/cpp/common/src/codingstandards/cpp/TypeUses.qll @@ -132,6 +132,9 @@ private Locatable getATypeUse_i(Type type) { result = nq and type = nq.getQualifyingElement() ) + // Temporary object creation of type `type` + or + exists(TemporaryObjectExpr toe | result = toe | type = toe.getType()) ) or // Recursive case - used by a used type diff --git a/cpp/common/test/rules/unusedtypedeclarations/test.cpp b/cpp/common/test/rules/unusedtypedeclarations/test.cpp index f3235f325f..6eb673c1c7 100644 --- a/cpp/common/test/rules/unusedtypedeclarations/test.cpp +++ b/cpp/common/test/rules/unusedtypedeclarations/test.cpp @@ -111,3 +111,14 @@ template using Z = Y; // COMPLIANT - used below template using AA = Y; // NON_COMPLIANT - never instantiated void test_alias_template() { Z v; } + +void test_temporary_object_creation() { + auto l1 = [](const auto &p1) noexcept { + class C1 { // COMPLIANT - used in temporary object construction + public: + constexpr static const char *m1() noexcept { return "foo"; } + }; + + return C1{p1}; + }; +} \ No newline at end of file From 117c942110fece6480e5c66d682cae82bd1c5c91 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 7 Feb 2024 10:17:58 -0500 Subject: [PATCH 1595/2573] Update change_notes/2024-01-30-exclusion-a13-3-1.md Co-authored-by: Remco Vermeulen --- change_notes/2024-01-30-exclusion-a13-3-1.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/change_notes/2024-01-30-exclusion-a13-3-1.md b/change_notes/2024-01-30-exclusion-a13-3-1.md index f5307a7720..7033fb040e 100644 --- a/change_notes/2024-01-30-exclusion-a13-3-1.md +++ b/change_notes/2024-01-30-exclusion-a13-3-1.md @@ -1,2 +1,2 @@ -`A13-3-1`: `FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql` +`A13-3-1` - `FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql`: - Fixes #399. Exclude functions that have different number of parameters. \ No newline at end of file From defd27e752efa025bc7b9c41e0b6570671419ec6 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 7 Feb 2024 10:54:59 -0500 Subject: [PATCH 1596/2573] A13-3-1: improve alert message --- ...nsForwardingReferenceAsItsArgumentOverloaded.ql | 10 +++++++--- ...ardingReferenceAsItsArgumentOverloaded.expected | 14 +++++++------- cpp/autosar/test/rules/A13-3-1/test.cpp | 5 +++-- 3 files changed, 17 insertions(+), 12 deletions(-) diff --git a/cpp/autosar/src/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql b/cpp/autosar/src/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql index 2f056257fb..aeaf0f12b6 100644 --- a/cpp/autosar/src/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql +++ b/cpp/autosar/src/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql @@ -21,7 +21,9 @@ class Candidate extends TemplateFunction { } } -from Candidate c, Function f, Function overload, Function overloaded, string msg +from + Candidate c, Function f, Function overload, Function overloaded, string msg, + string firstMsgSegment where not isExcluded(f, OperatorsPackage::functionThatContainsForwardingReferenceAsItsArgumentOverloadedQuery()) and @@ -36,11 +38,13 @@ where f.isCompilerGenerated() then ( msg = "implicit constructor" and + firstMsgSegment = " with a forwarding reference parameter " and overloaded = f and overload = c ) else ( - msg = "function" and + msg = "function with a forwarding reference parameter" and + firstMsgSegment = " " and overloaded = c and overload = f ) -select overload, "Function overloads a $@ with a forwarding reference parameter.", overloaded, msg +select overload, "Function" + firstMsgSegment + "overloads a $@.", overloaded, msg diff --git a/cpp/autosar/test/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.expected b/cpp/autosar/test/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.expected index f90b1456a3..545719520d 100644 --- a/cpp/autosar/test/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.expected +++ b/cpp/autosar/test/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.expected @@ -1,7 +1,7 @@ -| test.cpp:24:6:24:7 | F1 | Function overloads a $@ with a forwarding reference parameter. | test.cpp:27:25:27:26 | F1 | function | -| test.cpp:49:3:49:3 | A | Function overloads a $@ with a forwarding reference parameter. | test.cpp:47:3:47:3 | A | function | -| test.cpp:50:3:50:3 | A | Function overloads a $@ with a forwarding reference parameter. | test.cpp:47:3:47:3 | A | function | -| test.cpp:63:8:63:8 | B | Function overloads a $@ with a forwarding reference parameter. | test.cpp:66:3:66:3 | B | function | -| test.cpp:63:8:63:8 | B | Function overloads a $@ with a forwarding reference parameter. | test.cpp:66:3:66:3 | B | function | -| test.cpp:71:7:71:7 | C | Function overloads a $@ with a forwarding reference parameter. | test.cpp:74:25:74:25 | C | function | -| test.cpp:71:7:71:7 | C | Function overloads a $@ with a forwarding reference parameter. | test.cpp:74:25:74:25 | C | function | +| test.cpp:24:6:24:7 | F1 | Function overloads a $@. | test.cpp:27:25:27:26 | F1 | function with a forwarding reference parameter | +| test.cpp:50:3:50:3 | A | Function overloads a $@. | test.cpp:48:3:48:3 | A | function with a forwarding reference parameter | +| test.cpp:51:3:51:3 | A | Function overloads a $@. | test.cpp:48:3:48:3 | A | function with a forwarding reference parameter | +| test.cpp:69:3:69:3 | B | Function with a forwarding reference parameter overloads a $@. | test.cpp:64:8:64:8 | B | implicit constructor | +| test.cpp:69:3:69:3 | B | Function with a forwarding reference parameter overloads a $@. | test.cpp:64:8:64:8 | B | implicit constructor | +| test.cpp:77:25:77:25 | C | Function with a forwarding reference parameter overloads a $@. | test.cpp:74:7:74:7 | C | implicit constructor | +| test.cpp:77:25:77:25 | C | Function with a forwarding reference parameter overloads a $@. | test.cpp:74:7:74:7 | C | implicit constructor | diff --git a/cpp/autosar/test/rules/A13-3-1/test.cpp b/cpp/autosar/test/rules/A13-3-1/test.cpp index ab75917a66..8b63ea2bda 100644 --- a/cpp/autosar/test/rules/A13-3-1/test.cpp +++ b/cpp/autosar/test/rules/A13-3-1/test.cpp @@ -39,7 +39,8 @@ template void F1(T &&x) {} // class A { public: - // COMPLIANT by exception, constrained to not match copy/move ctors + // COMPLIANT[FALSE_POSITIVE] - by exception, constrained to not match + // copy/move ctors template < typename T, std::enable_if_t>, A>::value> * = nullptr> - B(T &&value) {} // COMPLIANT by exception + B(T &&value) {} // COMPLIANT[FALSE_POSITIVE] - by exception }; int main() {} From bfcacf7f85859ba0a4b84cc6d882e34596f80287 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 7 Feb 2024 11:13:48 -0500 Subject: [PATCH 1597/2573] Update change_notes/2024-01-31-exclusion-a16-0-1.md Co-authored-by: Remco Vermeulen --- change_notes/2024-01-31-exclusion-a16-0-1.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/change_notes/2024-01-31-exclusion-a16-0-1.md b/change_notes/2024-01-31-exclusion-a16-0-1.md index 2d7dfe97ab..8ff06ba32d 100644 --- a/change_notes/2024-01-31-exclusion-a16-0-1.md +++ b/change_notes/2024-01-31-exclusion-a16-0-1.md @@ -1,2 +1,2 @@ -`A16-0-1`: `cpp/autosar/pre-processor-shall-only-be-used-for-certain-directives-patterns` +`A16-0-1` - `PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.ql`: - Exclude all preprocessor elses and also consider elifs separately (ie do not affect valid ifs) but not valid if not meeting the same criteria as an ifdef etc. \ No newline at end of file From 92a3d5e05f77b0759a73c5ab00424221ed46fa1b Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 7 Feb 2024 12:12:55 -0800 Subject: [PATCH 1598/2573] Add reason to type use for debug purposes --- .../src/codingstandards/cpp/TypeUses.qll | 59 +++++++++++-------- 1 file changed, 34 insertions(+), 25 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/TypeUses.qll b/cpp/common/src/codingstandards/cpp/TypeUses.qll index d0edd19a93..4b6f0b8b5a 100644 --- a/cpp/common/src/codingstandards/cpp/TypeUses.qll +++ b/cpp/common/src/codingstandards/cpp/TypeUses.qll @@ -35,7 +35,7 @@ private TypedefType getAnEquivalentTypeDef(TypedefType type) { * is from within the function signature or field declaration of the type itself. */ Locatable getATypeUse(Type type) { - result = getATypeUse_i(type) + result = getATypeUse_i(type, _) or // Identify `TypeMention`s of typedef types, where the underlying type is used. // @@ -61,11 +61,11 @@ Locatable getATypeUse(Type type) { tm.getMentionedType() = typedefType | exists(tm.getFile().getRelativePath()) and - exists(getATypeUse_i(typedefType.getUnderlyingType())) + exists(getATypeUse_i(typedefType.getUnderlyingType(), _)) ) } -private Locatable getATypeUse_i(Type type) { +private Locatable getATypeUse_i(Type type, string reason) { ( // Restrict to uses within the source checkout root exists(result.getFile().getRelativePath()) @@ -82,7 +82,7 @@ private Locatable getATypeUse_i(Type type) { // Ignore self referential variables and parameters not v.getDeclaringType().refersTo(type) and not type = v.(Parameter).getFunction().getDeclaringType() - ) + ) and reason = "used as a variable type" or // Used a function return type exists(Function f | @@ -90,69 +90,78 @@ private Locatable getATypeUse_i(Type type) { not f.isCompilerGenerated() and not type = f.getDeclaringType() | - type = f.getType() + type = f.getType() and reason = "used as a function return type" or - type = f.getATemplateArgument() - ) - or + type = f.getATemplateArgument() and reason = "used as a function template argument" + ) or // Used either in a function call as a template argument, or as the declaring type // of the function exists(FunctionCall fc | result = fc | - type = fc.getTarget().getDeclaringType() + type = fc.getTarget().getDeclaringType() and reason = "used in call to member function" or - type = fc.getATemplateArgument() + type = fc.getATemplateArgument() and reason = "used in function call template argument" ) or // Aliased in a user typedef - exists(TypedefType t | result = t | type = t.getBaseType()) + exists(TypedefType t | result = t | type = t.getBaseType()) and + reason = "aliased in user typedef" or // A use in a `FunctionAccess` - exists(FunctionAccess fa | result = fa | type = fa.getTarget().getDeclaringType()) + exists(FunctionAccess fa | result = fa | type = fa.getTarget().getDeclaringType()) and + reason = "used in a function accesses" or // A use in a `sizeof` expr - exists(SizeofTypeOperator soto | result = soto | type = soto.getTypeOperand()) + exists(SizeofTypeOperator soto | result = soto | type = soto.getTypeOperand()) and + reason = "used in a sizeof expr" or // A use in a `Cast` - exists(Cast c | c = result | type = c.getType()) + exists(Cast c | c = result | type = c.getType()) and reason = "used in a cast" or // Use of the type name in source - exists(TypeName t | t = result | type = t.getType()) + exists(TypeName t | t = result | type = t.getType()) and reason = "used in a typename" or // Access of an enum constant - exists(EnumConstantAccess eca | result = eca | type = eca.getTarget().getDeclaringEnum()) + exists(EnumConstantAccess eca | result = eca | type = eca.getTarget().getDeclaringEnum()) and + reason = "used in an enum constant access" or // Accessing a field on the type exists(FieldAccess fa | result = fa and type = fa.getTarget().getDeclaringType() - ) + ) and reason = "used in a field access" or // Name qualifiers exists(NameQualifier nq | result = nq and type = nq.getQualifyingElement() - ) + ) and reason = "used in name qualifier" // Temporary object creation of type `type` or - exists(TemporaryObjectExpr toe | result = toe | type = toe.getType()) + exists(TemporaryObjectExpr toe | result = toe | type = toe.getType()) and + reason = "used in temporary object expr" ) or // Recursive case - used by a used type - exists(Type used | result = getATypeUse_i(used) | + exists(Type used | result = getATypeUse_i(used, _) | // The `used` class has `type` as a base class - type = used.(DerivedType).getBaseType() + type = used.(DerivedType).getBaseType() and + reason = "used in derived type" or // The `used` class has `type` as a template argument - type = used.(Class).getATemplateArgument() + type = used.(Class).getATemplateArgument() and + reason = "used in class template argument" or // A used class is derived from the type class - type = used.(Class).getABaseClass() + type = used.(Class).getABaseClass() and + reason = "used in derived class" or // This is a TemplateClass where one of the instantiations is used - type.(TemplateClass).getAnInstantiation() = used + type.(TemplateClass).getAnInstantiation() = used and + reason = "used in template class instantiation" or // This is a TemplateClass where one of the specializations is used type = used.(ClassTemplateSpecialization).getPrimaryTemplate() + and reason = "used in template class specialization" or // Alias templates - alias templates and instantiations are not properly captured by the // extractor (last verified in CodeQL CLI 2.7.6). The only distinguishing factor is that @@ -167,6 +176,6 @@ private Locatable getATypeUse_i(Type type) { not exists(instantiation.getLocation()) and // Template and instantiation both have the same qualified name template.getQualifiedName() = instantiation.getQualifiedName() - ) + ) and reason = "used in alias template instantiation" ) } From 2193a22d076088da6f9f1bce74d33331d7d19472 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 7 Feb 2024 15:16:23 -0500 Subject: [PATCH 1599/2573] A16-0-1: improve range logic --- ...hallOnlyBeUsedForCertainDirectivesPatterns.ql | 16 ++++++++++++---- ...lyBeUsedForCertainDirectivesPatterns.expected | 1 - cpp/autosar/test/rules/A16-0-1/test.cpp | 6 +++--- 3 files changed, 15 insertions(+), 8 deletions(-) diff --git a/cpp/autosar/src/rules/A16-0-1/PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.ql b/cpp/autosar/src/rules/A16-0-1/PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.ql index bd8fe2da65..74d132ad7c 100644 --- a/cpp/autosar/src/rules/A16-0-1/PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.ql +++ b/cpp/autosar/src/rules/A16-0-1/PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.ql @@ -53,10 +53,18 @@ pragma[noinline] predicate isPreprocConditionalRange( PreprocessorBranch pb, string filepath, int startLine, int endLine ) { - exists(PreprocessorEndif end | pb.getEndIf() = end | - isPreprocFileAndLine(pb, filepath, startLine) and - isPreprocFileAndLine(end, filepath, endLine) - ) + //the range of an if with an elif ends at the elif to avoid reporting things twice + if exists(PreprocessorElif elif | elif.getIf() = pb) + then + exists(PreprocessorElif end | end.getIf() = pb | + isPreprocFileAndLine(pb, filepath, startLine) and + isPreprocFileAndLine(end, filepath, endLine) + ) + else + exists(PreprocessorEndif end | pb.getEndIf() = end | + isPreprocFileAndLine(pb, filepath, startLine) and + isPreprocFileAndLine(end, filepath, endLine) + ) } /** diff --git a/cpp/autosar/test/rules/A16-0-1/PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.expected b/cpp/autosar/test/rules/A16-0-1/PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.expected index 18ce57af8e..9c96713ed4 100644 --- a/cpp/autosar/test/rules/A16-0-1/PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.expected +++ b/cpp/autosar/test/rules/A16-0-1/PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.expected @@ -2,6 +2,5 @@ | test.cpp:9:1:9:26 | #define OBJECTLIKE_MACRO 1 | Preprocessor directive used for conditional compilation. | | test.cpp:10:1:10:35 | #define FUNCTIONLIKE_MACRO(X) X + 1 | Preprocessor directive used for conditional compilation. | | test.cpp:11:1:11:37 | #define FUNCTIONLIKE_MACROTWO() 1 + 1 | Preprocessor directive used for conditional compilation. | -| test.cpp:33:1:33:26 | #ifdef OBJECTLIKE_MACRO_NO | Preprocessor directive used for conditional compilation. | | test.cpp:35:1:35:26 | #elif OBJECTLIKE_MACRO > 0 | Preprocessor directive used for conditional compilation. | | test.cpp:39:1:39:23 | #ifdef OBJECTLIKE_MACRO | Preprocessor directive used for conditional compilation. | diff --git a/cpp/autosar/test/rules/A16-0-1/test.cpp b/cpp/autosar/test/rules/A16-0-1/test.cpp index 7233a015c1..c843ccf8c6 100644 --- a/cpp/autosar/test/rules/A16-0-1/test.cpp +++ b/cpp/autosar/test/rules/A16-0-1/test.cpp @@ -30,10 +30,10 @@ int g; #include // COMPLIANT #endif // COMPLIANT -#ifdef OBJECTLIKE_MACRO_NO // NON_COMPLIANT -int x = 0; // not present +#ifdef OBJECTLIKE_MACRO_NO // COMPLIANT +int x0 = 0; // not present #elif OBJECTLIKE_MACRO > 0 // NON_COMPLIANT -int x = 1; // present +int x0 = 1; // present #endif // COMPLIANT #ifdef OBJECTLIKE_MACRO // NON_COMPLIANT From cc1c913cb8f00b65f3518db7aa73ab3ee6f2535a Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 7 Feb 2024 13:04:39 -0800 Subject: [PATCH 1600/2573] Add changenote for rule impacted by improved `getATypeUse` Other rules are not impacted because the situation happens in the case of partially specialized templates and those are already not considered. --- change_notes/2023-02-07-extend-getatypeuse.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 change_notes/2023-02-07-extend-getatypeuse.md diff --git a/change_notes/2023-02-07-extend-getatypeuse.md b/change_notes/2023-02-07-extend-getatypeuse.md new file mode 100644 index 0000000000..1d769d1e04 --- /dev/null +++ b/change_notes/2023-02-07-extend-getatypeuse.md @@ -0,0 +1,2 @@ +`A0-4-1` - `FloatingPointImplementationShallComplyWithIeeeStandard.ql`: + - May return more results due to improvements to underlying `getATypeUse`. \ No newline at end of file From 9c9ce958a98d4164e05a41950a8455cd924b7536 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 7 Feb 2024 13:10:28 -0800 Subject: [PATCH 1601/2573] Address incorrect test formatting --- cpp/autosar/test/rules/M9-3-3/test.cpp | 1 - 1 file changed, 1 deletion(-) diff --git a/cpp/autosar/test/rules/M9-3-3/test.cpp b/cpp/autosar/test/rules/M9-3-3/test.cpp index f4fce9abc2..704a4ae5fd 100644 --- a/cpp/autosar/test/rules/M9-3-3/test.cpp +++ b/cpp/autosar/test/rules/M9-3-3/test.cpp @@ -193,4 +193,3 @@ void test_template() { class Z3 { void f(int) = delete; // COMPLIANT }; - From b051766a55e8d0d583412a18993448f41f695eba Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 7 Feb 2024 13:20:27 -0800 Subject: [PATCH 1602/2573] Address query formatting --- .../src/codingstandards/cpp/TypeUses.qll | 27 ++++++++++++------- 1 file changed, 17 insertions(+), 10 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/TypeUses.qll b/cpp/common/src/codingstandards/cpp/TypeUses.qll index 4b6f0b8b5a..7cbe8cc97c 100644 --- a/cpp/common/src/codingstandards/cpp/TypeUses.qll +++ b/cpp/common/src/codingstandards/cpp/TypeUses.qll @@ -82,7 +82,8 @@ private Locatable getATypeUse_i(Type type, string reason) { // Ignore self referential variables and parameters not v.getDeclaringType().refersTo(type) and not type = v.(Parameter).getFunction().getDeclaringType() - ) and reason = "used as a variable type" + ) and + reason = "used as a variable type" or // Used a function return type exists(Function f | @@ -93,7 +94,8 @@ private Locatable getATypeUse_i(Type type, string reason) { type = f.getType() and reason = "used as a function return type" or type = f.getATemplateArgument() and reason = "used as a function template argument" - ) or + ) + or // Used either in a function call as a template argument, or as the declaring type // of the function exists(FunctionCall fc | result = fc | @@ -115,10 +117,12 @@ private Locatable getATypeUse_i(Type type, string reason) { reason = "used in a sizeof expr" or // A use in a `Cast` - exists(Cast c | c = result | type = c.getType()) and reason = "used in a cast" + exists(Cast c | c = result | type = c.getType()) and + reason = "used in a cast" or // Use of the type name in source - exists(TypeName t | t = result | type = t.getType()) and reason = "used in a typename" + exists(TypeName t | t = result | type = t.getType()) and + reason = "used in a typename" or // Access of an enum constant exists(EnumConstantAccess eca | result = eca | type = eca.getTarget().getDeclaringEnum()) and @@ -128,15 +132,17 @@ private Locatable getATypeUse_i(Type type, string reason) { exists(FieldAccess fa | result = fa and type = fa.getTarget().getDeclaringType() - ) and reason = "used in a field access" + ) and + reason = "used in a field access" or // Name qualifiers exists(NameQualifier nq | result = nq and type = nq.getQualifyingElement() - ) and reason = "used in name qualifier" - // Temporary object creation of type `type` + ) and + reason = "used in name qualifier" or + // Temporary object creation of type `type` exists(TemporaryObjectExpr toe | result = toe | type = toe.getType()) and reason = "used in temporary object expr" ) @@ -160,8 +166,8 @@ private Locatable getATypeUse_i(Type type, string reason) { reason = "used in template class instantiation" or // This is a TemplateClass where one of the specializations is used - type = used.(ClassTemplateSpecialization).getPrimaryTemplate() - and reason = "used in template class specialization" + type = used.(ClassTemplateSpecialization).getPrimaryTemplate() and + reason = "used in template class specialization" or // Alias templates - alias templates and instantiations are not properly captured by the // extractor (last verified in CodeQL CLI 2.7.6). The only distinguishing factor is that @@ -176,6 +182,7 @@ private Locatable getATypeUse_i(Type type, string reason) { not exists(instantiation.getLocation()) and // Template and instantiation both have the same qualified name template.getQualifiedName() = instantiation.getQualifiedName() - ) and reason = "used in alias template instantiation" + ) and + reason = "used in alias template instantiation" ) } From 2cbb15273477e7483aa685523817fd4b8b482601 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 7 Feb 2024 15:20:11 -0800 Subject: [PATCH 1603/2573] Apply query formatting --- cpp/common/src/codingstandards/cpp/Operator.qll | 4 ++-- .../src/codingstandards/cpp/standardlibrary/FileStreams.qll | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Operator.qll b/cpp/common/src/codingstandards/cpp/Operator.qll index 5838a043e9..065e92064a 100644 --- a/cpp/common/src/codingstandards/cpp/Operator.qll +++ b/cpp/common/src/codingstandards/cpp/Operator.qll @@ -294,9 +294,9 @@ class StreamExtractionOperator extends Function { then this.getNumberOfParameters() = 1 else ( this.getNumberOfParameters() = 2 and - this.getParameter(0).getType() instanceof IStream + this.getParameter(0).getType() instanceof IStream ) ) and - this.getType() instanceof IStream + this.getType() instanceof IStream } } diff --git a/cpp/common/src/codingstandards/cpp/standardlibrary/FileStreams.qll b/cpp/common/src/codingstandards/cpp/standardlibrary/FileStreams.qll index f680f99fc4..c4724d36c2 100644 --- a/cpp/common/src/codingstandards/cpp/standardlibrary/FileStreams.qll +++ b/cpp/common/src/codingstandards/cpp/standardlibrary/FileStreams.qll @@ -25,7 +25,7 @@ class FileStream extends ClassTemplateInstantiation { * A `basic_istream` like `std::istream` */ class IStream extends Type { - IStream() { + IStream() { this.(Class).getQualifiedName().matches("std::basic\\_istream%") or this.getUnspecifiedType() instanceof IStream @@ -40,7 +40,7 @@ class IStream extends Type { * A `basic_ostream` like `std::ostream` */ class OStream extends Type { - OStream() { + OStream() { this.(Class).getQualifiedName().matches("std::basic\\_ostream%") or this.getUnspecifiedType() instanceof OStream From ec5fb2ace60749965cd3f77aeab221feaad6e3f7 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 7 Feb 2024 19:33:51 -0500 Subject: [PATCH 1604/2573] Update cpp/autosar/test/rules/A13-3-1/test.cpp Co-authored-by: Remco Vermeulen --- cpp/autosar/test/rules/A13-3-1/test.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/test/rules/A13-3-1/test.cpp b/cpp/autosar/test/rules/A13-3-1/test.cpp index 8b63ea2bda..f2f8022edc 100644 --- a/cpp/autosar/test/rules/A13-3-1/test.cpp +++ b/cpp/autosar/test/rules/A13-3-1/test.cpp @@ -73,6 +73,6 @@ int main() {} class C { public: - C() {} // COMPLIANT by exception - template C(T &&) {} + C() {} + template C(T &&) {} // COMPLIANT by exception }; \ No newline at end of file From add36bcf8da57aaaa2875720711c16dae3bc781d Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 7 Feb 2024 21:07:54 -0500 Subject: [PATCH 1605/2573] A13-3-1: improve alert message --- ...tContainsForwardingReferenceAsItsArgumentOverloaded.ql | 8 +++++++- ...insForwardingReferenceAsItsArgumentOverloaded.expected | 8 ++++---- 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/cpp/autosar/src/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql b/cpp/autosar/src/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql index aeaf0f12b6..393c1222fd 100644 --- a/cpp/autosar/src/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql +++ b/cpp/autosar/src/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql @@ -37,7 +37,13 @@ where (f instanceof CopyConstructor or f instanceof MoveConstructor) and f.isCompilerGenerated() then ( - msg = "implicit constructor" and + ( + f instanceof CopyConstructor and + msg = "implicit copy constructor" + or + f instanceof MoveConstructor and + msg = "implicit move constructor" + ) and firstMsgSegment = " with a forwarding reference parameter " and overloaded = f and overload = c diff --git a/cpp/autosar/test/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.expected b/cpp/autosar/test/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.expected index 545719520d..6e79cb00a4 100644 --- a/cpp/autosar/test/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.expected +++ b/cpp/autosar/test/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.expected @@ -1,7 +1,7 @@ | test.cpp:24:6:24:7 | F1 | Function overloads a $@. | test.cpp:27:25:27:26 | F1 | function with a forwarding reference parameter | | test.cpp:50:3:50:3 | A | Function overloads a $@. | test.cpp:48:3:48:3 | A | function with a forwarding reference parameter | | test.cpp:51:3:51:3 | A | Function overloads a $@. | test.cpp:48:3:48:3 | A | function with a forwarding reference parameter | -| test.cpp:69:3:69:3 | B | Function with a forwarding reference parameter overloads a $@. | test.cpp:64:8:64:8 | B | implicit constructor | -| test.cpp:69:3:69:3 | B | Function with a forwarding reference parameter overloads a $@. | test.cpp:64:8:64:8 | B | implicit constructor | -| test.cpp:77:25:77:25 | C | Function with a forwarding reference parameter overloads a $@. | test.cpp:74:7:74:7 | C | implicit constructor | -| test.cpp:77:25:77:25 | C | Function with a forwarding reference parameter overloads a $@. | test.cpp:74:7:74:7 | C | implicit constructor | +| test.cpp:69:3:69:3 | B | Function with a forwarding reference parameter overloads a $@. | test.cpp:64:8:64:8 | B | implicit copy constructor | +| test.cpp:69:3:69:3 | B | Function with a forwarding reference parameter overloads a $@. | test.cpp:64:8:64:8 | B | implicit move constructor | +| test.cpp:77:25:77:25 | C | Function with a forwarding reference parameter overloads a $@. | test.cpp:74:7:74:7 | C | implicit copy constructor | +| test.cpp:77:25:77:25 | C | Function with a forwarding reference parameter overloads a $@. | test.cpp:74:7:74:7 | C | implicit move constructor | From 0eb430a6610efd4bff4d8f8e3eda3b5037577cdb Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 7 Feb 2024 21:11:28 -0500 Subject: [PATCH 1606/2573] A13-3-1: reformat test --- cpp/autosar/test/rules/A13-3-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A13-3-1/test.cpp b/cpp/autosar/test/rules/A13-3-1/test.cpp index f2f8022edc..163f1fffc3 100644 --- a/cpp/autosar/test/rules/A13-3-1/test.cpp +++ b/cpp/autosar/test/rules/A13-3-1/test.cpp @@ -73,6 +73,6 @@ int main() {} class C { public: - C() {} + C() {} template C(T &&) {} // COMPLIANT by exception }; \ No newline at end of file From 18a297b513bd50a842359ba759e67c9c019d4e28 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 7 Feb 2024 21:22:38 -0500 Subject: [PATCH 1607/2573] A16-0-1: add extra testcases --- ...eUsedForCertainDirectivesPatterns.expected | 1 + cpp/autosar/test/rules/A16-0-1/options | 1 + cpp/autosar/test/rules/A16-0-1/test.cpp | 39 ++++++++++++++++--- 3 files changed, 36 insertions(+), 5 deletions(-) create mode 100644 cpp/autosar/test/rules/A16-0-1/options diff --git a/cpp/autosar/test/rules/A16-0-1/PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.expected b/cpp/autosar/test/rules/A16-0-1/PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.expected index 9c96713ed4..8490570937 100644 --- a/cpp/autosar/test/rules/A16-0-1/PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.expected +++ b/cpp/autosar/test/rules/A16-0-1/PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.expected @@ -4,3 +4,4 @@ | test.cpp:11:1:11:37 | #define FUNCTIONLIKE_MACROTWO() 1 + 1 | Preprocessor directive used for conditional compilation. | | test.cpp:35:1:35:26 | #elif OBJECTLIKE_MACRO > 0 | Preprocessor directive used for conditional compilation. | | test.cpp:39:1:39:23 | #ifdef OBJECTLIKE_MACRO | Preprocessor directive used for conditional compilation. | +| test.cpp:56:1:56:27 | #elif MACRO_ENABLED_OTHER_1 | Preprocessor directive used for conditional compilation. | diff --git a/cpp/autosar/test/rules/A16-0-1/options b/cpp/autosar/test/rules/A16-0-1/options new file mode 100644 index 0000000000..9c0e6cf7b5 --- /dev/null +++ b/cpp/autosar/test/rules/A16-0-1/options @@ -0,0 +1 @@ +semmle-extractor-options:--clang -std=c++14 --edg --diag_error=implicit_func_decl -nostdinc -I../../../../../cpp/common/test/includes/standard-library -D MACRO_ENABLED_NON_1 -D MACRO_ENABLED_OTHER_1 diff --git a/cpp/autosar/test/rules/A16-0-1/test.cpp b/cpp/autosar/test/rules/A16-0-1/test.cpp index c843ccf8c6..d1d5314c59 100644 --- a/cpp/autosar/test/rules/A16-0-1/test.cpp +++ b/cpp/autosar/test/rules/A16-0-1/test.cpp @@ -36,9 +36,38 @@ int x0 = 0; // not present int x0 = 1; // present #endif // COMPLIANT -#ifdef OBJECTLIKE_MACRO // NON_COMPLIANT -int x1 = 0; // present -#elif OBJECTLIKE_MACRO > \ - -1 // COMPLIANT - by technicality of conditional compilation +#ifdef OBJECTLIKE_MACRO // NON_COMPLIANT +int x1 = 0; // present +#elif OBJECTLIKE_MACRO > -1 // NON_COMPLIANT[FALSE_NEGATIVE] - known due to + // database not containing elements int x1 = 1; // not present -#endif // COMPLIANT \ No newline at end of file +#endif // COMPLIANT + +// case 1 - first present only +#ifdef MACRO_ENABLED_NON_1 // COMPLIANT +#include //present +#elif MACRO_ENABLED_OTHER // NON_COMPLIANT[FALSE_NEGATIVE] +int x = 1; // not present +#endif + +// case 2 - second present only +#ifdef MACRO_ENABLED_NON // COMPLIANT +#include //not present +#elif MACRO_ENABLED_OTHER_1 // NON_COMPLIANT +int x = 1; // present +#endif + +// case 3 - neither present +#ifdef MACRO_ENABLED_NON // COMPLIANT +#include //not present +#elif MACRO_ENABLED_OTHER // NON_COMPLIANT[FALSE_NEGATIVE] +int x = 1; // not present +#endif + +// case 4 - both look present but the second still not bc the condition is not +// required to be evaluated +#ifdef MACRO_ENABLED_NON_1 // COMPLIANT +#include //present +#elif MACRO_ENABLED_OTHER_1 // NON_COMPLIANT[FALSE_NEGATIVE] +int x = 1; // not present +#endif \ No newline at end of file From ed29794724bb9d03120ba325d8fec6f703aae667 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Thu, 8 Feb 2024 13:58:24 -0500 Subject: [PATCH 1608/2573] A13-3-1: fix mislabelled testcase --- cpp/autosar/test/rules/A13-3-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A13-3-1/test.cpp b/cpp/autosar/test/rules/A13-3-1/test.cpp index 163f1fffc3..82fe866a0a 100644 --- a/cpp/autosar/test/rules/A13-3-1/test.cpp +++ b/cpp/autosar/test/rules/A13-3-1/test.cpp @@ -74,5 +74,5 @@ int main() {} class C { public: C() {} - template C(T &&) {} // COMPLIANT by exception + template C(T &&) {} // NON_COMPLIANT }; \ No newline at end of file From 40d18f1e07d1d28d41df4d2cbd42d2c7dcff5293 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Thu, 8 Feb 2024 16:55:06 -0500 Subject: [PATCH 1609/2573] A16-0-1: improve testcase and query logic --- ...allOnlyBeUsedForCertainDirectivesPatterns.ql | 17 ++++++----------- ...yBeUsedForCertainDirectivesPatterns.expected | 7 ++++--- cpp/autosar/test/rules/A16-0-1/test.cpp | 12 +++++++----- 3 files changed, 17 insertions(+), 19 deletions(-) diff --git a/cpp/autosar/src/rules/A16-0-1/PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.ql b/cpp/autosar/src/rules/A16-0-1/PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.ql index 74d132ad7c..b026d3bba4 100644 --- a/cpp/autosar/src/rules/A16-0-1/PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.ql +++ b/cpp/autosar/src/rules/A16-0-1/PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.ql @@ -53,17 +53,12 @@ pragma[noinline] predicate isPreprocConditionalRange( PreprocessorBranch pb, string filepath, int startLine, int endLine ) { - //the range of an if with an elif ends at the elif to avoid reporting things twice - if exists(PreprocessorElif elif | elif.getIf() = pb) - then - exists(PreprocessorElif end | end.getIf() = pb | - isPreprocFileAndLine(pb, filepath, startLine) and - isPreprocFileAndLine(end, filepath, endLine) - ) - else - exists(PreprocessorEndif end | pb.getEndIf() = end | - isPreprocFileAndLine(pb, filepath, startLine) and - isPreprocFileAndLine(end, filepath, endLine) + isPreprocFileAndLine(pb, filepath, startLine) and + endLine = + min(int elifEndLine, PreprocessorDirective end | + pb.getNext() = end and isPreprocFileAndLine(end, filepath, elifEndLine) + | + elifEndLine ) } diff --git a/cpp/autosar/test/rules/A16-0-1/PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.expected b/cpp/autosar/test/rules/A16-0-1/PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.expected index 8490570937..44dd686b23 100644 --- a/cpp/autosar/test/rules/A16-0-1/PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.expected +++ b/cpp/autosar/test/rules/A16-0-1/PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.expected @@ -2,6 +2,7 @@ | test.cpp:9:1:9:26 | #define OBJECTLIKE_MACRO 1 | Preprocessor directive used for conditional compilation. | | test.cpp:10:1:10:35 | #define FUNCTIONLIKE_MACRO(X) X + 1 | Preprocessor directive used for conditional compilation. | | test.cpp:11:1:11:37 | #define FUNCTIONLIKE_MACROTWO() 1 + 1 | Preprocessor directive used for conditional compilation. | -| test.cpp:35:1:35:26 | #elif OBJECTLIKE_MACRO > 0 | Preprocessor directive used for conditional compilation. | -| test.cpp:39:1:39:23 | #ifdef OBJECTLIKE_MACRO | Preprocessor directive used for conditional compilation. | -| test.cpp:56:1:56:27 | #elif MACRO_ENABLED_OTHER_1 | Preprocessor directive used for conditional compilation. | +| test.cpp:31:1:31:26 | #elif OBJECTLIKE_MACRO > 0 | Preprocessor directive used for conditional compilation. | +| test.cpp:37:1:37:26 | #elif OBJECTLIKE_MACRO > 0 | Preprocessor directive used for conditional compilation. | +| test.cpp:41:1:41:23 | #ifdef OBJECTLIKE_MACRO | Preprocessor directive used for conditional compilation. | +| test.cpp:58:1:58:27 | #elif MACRO_ENABLED_OTHER_1 | Preprocessor directive used for conditional compilation. | diff --git a/cpp/autosar/test/rules/A16-0-1/test.cpp b/cpp/autosar/test/rules/A16-0-1/test.cpp index d1d5314c59..a8b83e40ec 100644 --- a/cpp/autosar/test/rules/A16-0-1/test.cpp +++ b/cpp/autosar/test/rules/A16-0-1/test.cpp @@ -24,11 +24,13 @@ int g; #include // COMPLIANT #endif // COMPLIANT -#ifdef MACRO_ENABLED_NON // COMPLIANT -#include // COMPLIANT -#elif MACRO_ENABLED_OTHER // COMPLIANT -#include // COMPLIANT -#endif // COMPLIANT +#ifdef MACRO_ENABLED_NON // COMPLIANT +#include // COMPLIANT +#elif MACRO_ENABLED_OTHER // COMPLIANT +#include // COMPLIANT +#elif OBJECTLIKE_MACRO > 0 // NON_COMPLIANT +int x00 = 1; // present +#endif // COMPLIANT #ifdef OBJECTLIKE_MACRO_NO // COMPLIANT int x0 = 0; // not present From 446ff6a43e0d262250be963d858b1600de927373 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 8 Feb 2024 15:08:07 -0800 Subject: [PATCH 1610/2573] Limit operands to integer types --- cpp/common/src/codingstandards/cpp/Overflow.qll | 1 + 1 file changed, 1 insertion(+) diff --git a/cpp/common/src/codingstandards/cpp/Overflow.qll b/cpp/common/src/codingstandards/cpp/Overflow.qll index 130e1bb42d..324230a04c 100644 --- a/cpp/common/src/codingstandards/cpp/Overflow.qll +++ b/cpp/common/src/codingstandards/cpp/Overflow.qll @@ -14,6 +14,7 @@ import semmle.code.cpp.valuenumbering.GlobalValueNumbering */ class InterestingOverflowingOperation extends Operation { InterestingOverflowingOperation() { + forex(Expr operand | operand = this.getAnOperand() | operand.getUnderlyingType() instanceof IntegralType) and // Might overflow or underflow ( exprMightOverflowNegatively(this) From e5881a98e07c90a2a0c43ca711309b5652cfa2fd Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 8 Feb 2024 15:17:39 -0800 Subject: [PATCH 1611/2573] Revert "Limit operands to integer types" This reverts commit f9915445ef206ad3a0d91ecb92547abd50b0a804. This is already addressed in PR #490 --- cpp/common/src/codingstandards/cpp/Overflow.qll | 1 - 1 file changed, 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/Overflow.qll b/cpp/common/src/codingstandards/cpp/Overflow.qll index 324230a04c..130e1bb42d 100644 --- a/cpp/common/src/codingstandards/cpp/Overflow.qll +++ b/cpp/common/src/codingstandards/cpp/Overflow.qll @@ -14,7 +14,6 @@ import semmle.code.cpp.valuenumbering.GlobalValueNumbering */ class InterestingOverflowingOperation extends Operation { InterestingOverflowingOperation() { - forex(Expr operand | operand = this.getAnOperand() | operand.getUnderlyingType() instanceof IntegralType) and // Might overflow or underflow ( exprMightOverflowNegatively(this) From a4a03145f05e504f0631f65ac9398e26907d043c Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 9 Feb 2024 00:14:50 +0000 Subject: [PATCH 1612/2573] Move definition to Operator.qll --- .../src/rules/M5-3-3/UnaryOperatorOverloaded.ql | 12 +++--------- cpp/common/src/codingstandards/cpp/Operator.qll | 16 ++++++++++++++++ 2 files changed, 19 insertions(+), 9 deletions(-) diff --git a/cpp/autosar/src/rules/M5-3-3/UnaryOperatorOverloaded.ql b/cpp/autosar/src/rules/M5-3-3/UnaryOperatorOverloaded.ql index 687f2dffb8..7e9511cf7e 100644 --- a/cpp/autosar/src/rules/M5-3-3/UnaryOperatorOverloaded.ql +++ b/cpp/autosar/src/rules/M5-3-3/UnaryOperatorOverloaded.ql @@ -13,14 +13,8 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.Operator -from Operator o -where - not isExcluded(o, OperatorsPackage::unaryOperatorOverloadedQuery()) and - o.hasName("operator&") and - ( - if o instanceof MemberFunction - then o.getNumberOfParameters() = 0 - else o.getNumberOfParameters() = 1 - ) +from UnaryAddressOfOperator o +where not isExcluded(o, OperatorsPackage::unaryOperatorOverloadedQuery()) select o, "The unary & operator overloaded." diff --git a/cpp/common/src/codingstandards/cpp/Operator.qll b/cpp/common/src/codingstandards/cpp/Operator.qll index 72ee04b68f..a83af8bac7 100644 --- a/cpp/common/src/codingstandards/cpp/Operator.qll +++ b/cpp/common/src/codingstandards/cpp/Operator.qll @@ -264,3 +264,19 @@ class UserOverloadedOperator extends Function { not this.isCompilerGenerated() } } + +/** A user defined operator address of operator (`&`). */ +class UnaryAddressOfOperator extends Operator { + UnaryAddressOfOperator() { + hasName("operator&") and + ( + // If this is a member function, it needs to have zero arguments to be the unary addressof + // operator + if this instanceof MemberFunction + then getNumberOfParameters() = 0 + else + // Otherwise it needs one argument to be unary + getNumberOfParameters() = 1 + ) + } +} From 80cd364bf71488cde6eef2d7ecd07f16811c7c85 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 9 Feb 2024 00:15:34 +0000 Subject: [PATCH 1613/2573] Reformat change note. --- change_notes/2024-01-14-m5-3-3-exclude-binary.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/change_notes/2024-01-14-m5-3-3-exclude-binary.md b/change_notes/2024-01-14-m5-3-3-exclude-binary.md index cb28560ccc..f6bf94ef2c 100644 --- a/change_notes/2024-01-14-m5-3-3-exclude-binary.md +++ b/change_notes/2024-01-14-m5-3-3-exclude-binary.md @@ -1 +1,2 @@ - * `M5-3-3` - exclude binary user defined `operator&` from this rule. \ No newline at end of file +`M5-3-3` - `UnaryOperatorOverloaded.ql`: + - Exclude binary user defined `operator&` from this rule. \ No newline at end of file From dc13ffedf5ae06862e823131f96138c1521d2f88 Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Fri, 9 Feb 2024 10:51:39 +0000 Subject: [PATCH 1614/2573] Accept changes from github/codeql/15549 --- ...rithmeticOnNonArrayObjectPointers.expected | 18 +-- ...rSubtractAScaledIntegerToAPointer.expected | 10 +- ...rToMoreStrictlyAlignedPointerType.expected | 126 +++++++++--------- ...nctionPointerWithIncompatibleType.expected | 14 +- ...iableViaPointerOfIncompatibleType.expected | 22 +-- .../DoNotModifyConstantObjects.expected | 14 +- ...NotPerformFileOperationsOnDevices.expected | 4 +- ...odifyAlignmentOfMemoryWithRealloc.expected | 10 +- .../ConstLikeReturnValue.expected | 10 +- ...PointersAddressingDifferentArrays.expected | 16 +-- ...ionalOperatorsWithDifferingArrays.expected | 26 ++-- ...eMemoryAllocatedDynamicallyShared.expected | 8 +- ...sedToCompareNullTerminatedStrings.expected | 12 +- ...entOfAnArrayPassedToASmartPointer.expected | 12 +- ...UsedWithPointersToNonFinalClasses.expected | 22 +-- .../A5-1-7/LambdaPassedToTypeid.expected | 4 +- ...terArithmeticOnPolymorphicObjects.expected | 22 +-- ...ThroughAPointerOfTheIncorrectType.expected | 4 +- ...uctorCallForManuallyManagedObject.expected | 2 +- ...uctorCallForManuallyManagedObject.expected | 8 +- ...UndefinedMemberThroughNullPointer.expected | 4 +- ...PointersAddressingDifferentArrays.expected | 16 +-- ...ionalOperatorsWithDifferingArrays.expected | 26 ++-- ...alueStoredInUnrelatedSmartPointer.expected | 30 ++--- .../ThrowingOperatorNewReturnsNull.expected | 4 +- 25 files changed, 222 insertions(+), 222 deletions(-) diff --git a/c/cert/test/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.expected b/c/cert/test/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.expected index 8a7bfe553b..e5e0252e3a 100644 --- a/c/cert/test/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.expected +++ b/c/cert/test/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.expected @@ -1,13 +1,13 @@ edges -| test.c:14:38:14:39 | p1 | test.c:18:10:18:11 | v1 | -| test.c:14:38:14:39 | p1 | test.c:19:10:19:11 | v2 | -| test.c:14:38:14:39 | p1 | test.c:20:10:20:11 | p1 | -| test.c:14:38:14:39 | p1 | test.c:21:10:21:11 | p1 | -| test.c:14:38:14:39 | p1 | test.c:22:9:22:10 | p1 | -| test.c:14:38:14:39 | p1 | test.c:23:13:23:14 | p1 | -| test.c:14:38:14:39 | p1 | test.c:24:9:24:10 | p1 | -| test.c:14:38:14:39 | p1 | test.c:25:9:25:10 | p1 | -| test.c:51:30:51:38 | & ... | test.c:14:38:14:39 | p1 | +| test.c:14:38:14:39 | p1 | test.c:18:10:18:11 | v1 | provenance | | +| test.c:14:38:14:39 | p1 | test.c:19:10:19:11 | v2 | provenance | | +| test.c:14:38:14:39 | p1 | test.c:20:10:20:11 | p1 | provenance | | +| test.c:14:38:14:39 | p1 | test.c:21:10:21:11 | p1 | provenance | | +| test.c:14:38:14:39 | p1 | test.c:22:9:22:10 | p1 | provenance | | +| test.c:14:38:14:39 | p1 | test.c:23:13:23:14 | p1 | provenance | | +| test.c:14:38:14:39 | p1 | test.c:24:9:24:10 | p1 | provenance | | +| test.c:14:38:14:39 | p1 | test.c:25:9:25:10 | p1 | provenance | | +| test.c:51:30:51:38 | & ... | test.c:14:38:14:39 | p1 | provenance | | nodes | test.c:14:38:14:39 | p1 | semmle.label | p1 | | test.c:18:10:18:11 | v1 | semmle.label | v1 | diff --git a/c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected b/c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected index 1d3f5dcf13..bfd6b23128 100644 --- a/c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected +++ b/c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected @@ -1,9 +1,9 @@ edges -| test.c:7:13:7:14 | p1 | test.c:9:9:9:10 | p1 | -| test.c:16:19:16:41 | ... - ... | test.c:18:26:18:31 | offset | -| test.c:16:19:16:41 | ... - ... | test.c:29:6:29:11 | offset | -| test.c:17:17:17:26 | sizeof() | test.c:23:9:23:12 | size | -| test.c:29:6:29:11 | offset | test.c:7:13:7:14 | p1 | +| test.c:7:13:7:14 | p1 | test.c:9:9:9:10 | p1 | provenance | | +| test.c:16:19:16:41 | ... - ... | test.c:18:26:18:31 | offset | provenance | | +| test.c:16:19:16:41 | ... - ... | test.c:29:6:29:11 | offset | provenance | | +| test.c:17:17:17:26 | sizeof() | test.c:23:9:23:12 | size | provenance | | +| test.c:29:6:29:11 | offset | test.c:7:13:7:14 | p1 | provenance | | nodes | test.c:7:13:7:14 | p1 | semmle.label | p1 | | test.c:9:9:9:10 | p1 | semmle.label | p1 | diff --git a/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected b/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected index a1c9a14fa2..c4bc63cc94 100644 --- a/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected +++ b/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected @@ -1,67 +1,67 @@ edges -| test.c:75:14:75:16 | & ... | test.c:76:11:76:12 | v1 | -| test.c:75:14:75:16 | & ... | test.c:77:12:77:13 | v1 | -| test.c:75:14:75:16 | & ... | test.c:78:10:78:11 | v1 | -| test.c:75:14:75:16 | & ... | test.c:79:12:79:13 | v1 | -| test.c:75:14:75:16 | & ... | test.c:80:11:80:12 | v1 | -| test.c:75:14:75:16 | & ... | test.c:81:13:81:14 | v1 | -| test.c:84:14:84:16 | & ... | test.c:85:11:85:12 | v2 | -| test.c:84:14:84:16 | & ... | test.c:86:12:86:13 | v2 | -| test.c:84:14:84:16 | & ... | test.c:87:10:87:11 | v2 | -| test.c:84:14:84:16 | & ... | test.c:88:12:88:13 | v2 | -| test.c:84:14:84:16 | & ... | test.c:89:11:89:12 | v2 | -| test.c:84:14:84:16 | & ... | test.c:90:13:90:14 | v2 | -| test.c:93:14:93:16 | & ... | test.c:94:11:94:12 | v3 | -| test.c:93:14:93:16 | & ... | test.c:95:12:95:13 | v3 | -| test.c:93:14:93:16 | & ... | test.c:96:10:96:11 | v3 | -| test.c:93:14:93:16 | & ... | test.c:97:12:97:13 | v3 | -| test.c:93:14:93:16 | & ... | test.c:98:11:98:12 | v3 | -| test.c:93:14:93:16 | & ... | test.c:99:13:99:14 | v3 | -| test.c:102:14:102:16 | & ... | test.c:103:11:103:12 | v4 | -| test.c:102:14:102:16 | & ... | test.c:104:12:104:13 | v4 | -| test.c:102:14:102:16 | & ... | test.c:105:10:105:11 | v4 | -| test.c:102:14:102:16 | & ... | test.c:106:12:106:13 | v4 | -| test.c:102:14:102:16 | & ... | test.c:107:11:107:12 | v4 | -| test.c:102:14:102:16 | & ... | test.c:108:13:108:14 | v4 | -| test.c:111:14:111:16 | & ... | test.c:112:11:112:12 | v5 | -| test.c:111:14:111:16 | & ... | test.c:113:12:113:13 | v5 | -| test.c:111:14:111:16 | & ... | test.c:114:10:114:11 | v5 | -| test.c:111:14:111:16 | & ... | test.c:115:12:115:13 | v5 | -| test.c:111:14:111:16 | & ... | test.c:116:11:116:12 | v5 | -| test.c:111:14:111:16 | & ... | test.c:117:13:117:14 | v5 | -| test.c:120:14:120:16 | & ... | test.c:121:11:121:12 | v6 | -| test.c:120:14:120:16 | & ... | test.c:122:12:122:13 | v6 | -| test.c:120:14:120:16 | & ... | test.c:123:10:123:11 | v6 | -| test.c:120:14:120:16 | & ... | test.c:124:12:124:13 | v6 | -| test.c:120:14:120:16 | & ... | test.c:125:11:125:12 | v6 | -| test.c:120:14:120:16 | & ... | test.c:126:13:126:14 | v6 | -| test.c:129:22:129:22 | v | test.c:130:17:130:17 | v | -| test.c:135:21:135:23 | & ... | test.c:129:22:129:22 | v | -| test.c:138:21:138:23 | & ... | test.c:129:22:129:22 | v | -| test.c:166:24:166:29 | call to malloc | test.c:167:13:167:15 | & ... | -| test.c:166:24:166:29 | call to malloc | test.c:168:16:168:17 | s1 | -| test.c:166:24:166:29 | call to malloc | test.c:169:13:169:14 | s1 | -| test.c:166:24:166:29 | call to malloc | test.c:169:13:169:14 | s1 | -| test.c:169:13:169:14 | s1 | test.c:129:22:129:22 | v | -| test.c:174:13:174:14 | s2 | test.c:129:22:129:22 | v | -| test.c:179:13:179:14 | s3 | test.c:129:22:129:22 | v | -| test.c:183:14:183:26 | call to aligned_alloc | test.c:184:11:184:12 | v1 | -| test.c:183:14:183:26 | call to aligned_alloc | test.c:185:10:185:11 | v1 | -| test.c:183:14:183:26 | call to aligned_alloc | test.c:186:13:186:14 | v1 | -| test.c:183:14:183:26 | call to aligned_alloc | test.c:187:13:187:14 | v1 | -| test.c:187:13:187:14 | v1 | test.c:129:22:129:22 | v | -| test.c:189:14:189:26 | call to aligned_alloc | test.c:190:13:190:14 | v2 | -| test.c:190:13:190:14 | v2 | test.c:129:22:129:22 | v | -| test.c:222:8:222:9 | p2 | test.c:223:11:223:12 | v1 | -| test.c:222:8:222:9 | p2 | test.c:224:12:224:13 | v1 | -| test.c:222:8:222:9 | p2 | test.c:225:10:225:11 | v1 | -| test.c:222:8:222:9 | p2 | test.c:226:12:226:13 | v1 | -| test.c:222:8:222:9 | p2 | test.c:227:11:227:12 | v1 | -| test.c:222:8:222:9 | p2 | test.c:228:13:228:14 | v1 | -| test.c:238:13:238:14 | & ... | test.c:244:12:244:13 | ip | -| test.c:241:15:241:18 | & ... | test.c:247:9:247:12 | & ... | -| test.c:252:16:252:18 | & ... | test.c:254:11:254:13 | ps1 | -| test.c:252:16:252:18 | & ... | test.c:256:10:256:12 | ps1 | +| test.c:75:14:75:16 | & ... | test.c:76:11:76:12 | v1 | provenance | | +| test.c:75:14:75:16 | & ... | test.c:77:12:77:13 | v1 | provenance | | +| test.c:75:14:75:16 | & ... | test.c:78:10:78:11 | v1 | provenance | | +| test.c:75:14:75:16 | & ... | test.c:79:12:79:13 | v1 | provenance | | +| test.c:75:14:75:16 | & ... | test.c:80:11:80:12 | v1 | provenance | | +| test.c:75:14:75:16 | & ... | test.c:81:13:81:14 | v1 | provenance | | +| test.c:84:14:84:16 | & ... | test.c:85:11:85:12 | v2 | provenance | | +| test.c:84:14:84:16 | & ... | test.c:86:12:86:13 | v2 | provenance | | +| test.c:84:14:84:16 | & ... | test.c:87:10:87:11 | v2 | provenance | | +| test.c:84:14:84:16 | & ... | test.c:88:12:88:13 | v2 | provenance | | +| test.c:84:14:84:16 | & ... | test.c:89:11:89:12 | v2 | provenance | | +| test.c:84:14:84:16 | & ... | test.c:90:13:90:14 | v2 | provenance | | +| test.c:93:14:93:16 | & ... | test.c:94:11:94:12 | v3 | provenance | | +| test.c:93:14:93:16 | & ... | test.c:95:12:95:13 | v3 | provenance | | +| test.c:93:14:93:16 | & ... | test.c:96:10:96:11 | v3 | provenance | | +| test.c:93:14:93:16 | & ... | test.c:97:12:97:13 | v3 | provenance | | +| test.c:93:14:93:16 | & ... | test.c:98:11:98:12 | v3 | provenance | | +| test.c:93:14:93:16 | & ... | test.c:99:13:99:14 | v3 | provenance | | +| test.c:102:14:102:16 | & ... | test.c:103:11:103:12 | v4 | provenance | | +| test.c:102:14:102:16 | & ... | test.c:104:12:104:13 | v4 | provenance | | +| test.c:102:14:102:16 | & ... | test.c:105:10:105:11 | v4 | provenance | | +| test.c:102:14:102:16 | & ... | test.c:106:12:106:13 | v4 | provenance | | +| test.c:102:14:102:16 | & ... | test.c:107:11:107:12 | v4 | provenance | | +| test.c:102:14:102:16 | & ... | test.c:108:13:108:14 | v4 | provenance | | +| test.c:111:14:111:16 | & ... | test.c:112:11:112:12 | v5 | provenance | | +| test.c:111:14:111:16 | & ... | test.c:113:12:113:13 | v5 | provenance | | +| test.c:111:14:111:16 | & ... | test.c:114:10:114:11 | v5 | provenance | | +| test.c:111:14:111:16 | & ... | test.c:115:12:115:13 | v5 | provenance | | +| test.c:111:14:111:16 | & ... | test.c:116:11:116:12 | v5 | provenance | | +| test.c:111:14:111:16 | & ... | test.c:117:13:117:14 | v5 | provenance | | +| test.c:120:14:120:16 | & ... | test.c:121:11:121:12 | v6 | provenance | | +| test.c:120:14:120:16 | & ... | test.c:122:12:122:13 | v6 | provenance | | +| test.c:120:14:120:16 | & ... | test.c:123:10:123:11 | v6 | provenance | | +| test.c:120:14:120:16 | & ... | test.c:124:12:124:13 | v6 | provenance | | +| test.c:120:14:120:16 | & ... | test.c:125:11:125:12 | v6 | provenance | | +| test.c:120:14:120:16 | & ... | test.c:126:13:126:14 | v6 | provenance | | +| test.c:129:22:129:22 | v | test.c:130:17:130:17 | v | provenance | | +| test.c:135:21:135:23 | & ... | test.c:129:22:129:22 | v | provenance | | +| test.c:138:21:138:23 | & ... | test.c:129:22:129:22 | v | provenance | | +| test.c:166:24:166:29 | call to malloc | test.c:167:13:167:15 | & ... | provenance | | +| test.c:166:24:166:29 | call to malloc | test.c:168:16:168:17 | s1 | provenance | | +| test.c:166:24:166:29 | call to malloc | test.c:169:13:169:14 | s1 | provenance | | +| test.c:166:24:166:29 | call to malloc | test.c:169:13:169:14 | s1 | provenance | | +| test.c:169:13:169:14 | s1 | test.c:129:22:129:22 | v | provenance | | +| test.c:174:13:174:14 | s2 | test.c:129:22:129:22 | v | provenance | | +| test.c:179:13:179:14 | s3 | test.c:129:22:129:22 | v | provenance | | +| test.c:183:14:183:26 | call to aligned_alloc | test.c:184:11:184:12 | v1 | provenance | | +| test.c:183:14:183:26 | call to aligned_alloc | test.c:185:10:185:11 | v1 | provenance | | +| test.c:183:14:183:26 | call to aligned_alloc | test.c:186:13:186:14 | v1 | provenance | | +| test.c:183:14:183:26 | call to aligned_alloc | test.c:187:13:187:14 | v1 | provenance | | +| test.c:187:13:187:14 | v1 | test.c:129:22:129:22 | v | provenance | | +| test.c:189:14:189:26 | call to aligned_alloc | test.c:190:13:190:14 | v2 | provenance | | +| test.c:190:13:190:14 | v2 | test.c:129:22:129:22 | v | provenance | | +| test.c:222:8:222:9 | p2 | test.c:223:11:223:12 | v1 | provenance | | +| test.c:222:8:222:9 | p2 | test.c:224:12:224:13 | v1 | provenance | | +| test.c:222:8:222:9 | p2 | test.c:225:10:225:11 | v1 | provenance | | +| test.c:222:8:222:9 | p2 | test.c:226:12:226:13 | v1 | provenance | | +| test.c:222:8:222:9 | p2 | test.c:227:11:227:12 | v1 | provenance | | +| test.c:222:8:222:9 | p2 | test.c:228:13:228:14 | v1 | provenance | | +| test.c:238:13:238:14 | & ... | test.c:244:12:244:13 | ip | provenance | | +| test.c:241:15:241:18 | & ... | test.c:247:9:247:12 | & ... | provenance | | +| test.c:252:16:252:18 | & ... | test.c:254:11:254:13 | ps1 | provenance | | +| test.c:252:16:252:18 | & ... | test.c:256:10:256:12 | ps1 | provenance | | nodes | test.c:7:11:7:13 | & ... | semmle.label | & ... | | test.c:8:12:8:14 | & ... | semmle.label | & ... | diff --git a/c/cert/test/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.expected b/c/cert/test/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.expected index 4c18bb2672..546c753ebb 100644 --- a/c/cert/test/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.expected +++ b/c/cert/test/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.expected @@ -1,11 +1,11 @@ edges -| test.c:48:68:48:70 | fns [f1] | test.c:49:3:49:5 | fns [f1] | -| test.c:49:3:49:5 | fns [f1] | test.c:49:8:49:9 | f1 | -| test.c:61:28:61:29 | f2 | test.c:62:3:62:11 | v1_called | -| test.c:73:3:73:5 | fns [post update] [f1] | test.c:75:45:75:48 | & ... [f1] | -| test.c:73:3:73:13 | ... = ... | test.c:73:3:73:5 | fns [post update] [f1] | -| test.c:73:12:73:13 | v2 | test.c:73:3:73:13 | ... = ... | -| test.c:75:45:75:48 | & ... [f1] | test.c:48:68:48:70 | fns [f1] | +| test.c:48:68:48:70 | fns [f1] | test.c:49:3:49:5 | fns [f1] | provenance | | +| test.c:49:3:49:5 | fns [f1] | test.c:49:8:49:9 | f1 | provenance | | +| test.c:61:28:61:29 | f2 | test.c:62:3:62:11 | v1_called | provenance | | +| test.c:73:3:73:5 | fns [post update] [f1] | test.c:75:45:75:48 | & ... [f1] | provenance | | +| test.c:73:3:73:13 | ... = ... | test.c:73:3:73:5 | fns [post update] [f1] | provenance | | +| test.c:73:12:73:13 | v2 | test.c:73:3:73:13 | ... = ... | provenance | | +| test.c:75:45:75:48 | & ... [f1] | test.c:48:68:48:70 | fns [f1] | provenance | | nodes | test.c:48:68:48:70 | fns [f1] | semmle.label | fns [f1] | | test.c:49:3:49:5 | fns [f1] | semmle.label | fns [f1] | diff --git a/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected b/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected index e42f003f0f..137017d53a 100644 --- a/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected +++ b/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected @@ -1,15 +1,15 @@ edges -| test.c:49:8:49:9 | s3 | test.c:50:8:50:9 | s1 | -| test.c:60:16:60:18 | E1A | test.c:61:16:61:17 | e1 | -| test.c:60:16:60:18 | E1A | test.c:65:10:65:12 | & ... | -| test.c:68:22:68:22 | v | test.c:68:41:68:41 | v | -| test.c:72:13:72:15 | & ... | test.c:68:22:68:22 | v | -| test.c:74:13:74:15 | & ... | test.c:68:22:68:22 | v | -| test.c:97:32:97:37 | call to malloc | test.c:98:40:98:41 | s2 | -| test.c:97:32:97:37 | call to malloc | test.c:98:40:98:41 | s2 | -| test.c:98:32:98:38 | call to realloc | test.c:99:3:99:4 | s3 | -| test.c:98:32:98:38 | call to realloc | test.c:100:10:100:11 | s3 | -| test.c:98:40:98:41 | s2 | test.c:98:32:98:38 | call to realloc | +| test.c:49:8:49:9 | s3 | test.c:50:8:50:9 | s1 | provenance | | +| test.c:60:16:60:18 | E1A | test.c:61:16:61:17 | e1 | provenance | | +| test.c:60:16:60:18 | E1A | test.c:65:10:65:12 | & ... | provenance | | +| test.c:68:22:68:22 | v | test.c:68:41:68:41 | v | provenance | | +| test.c:72:13:72:15 | & ... | test.c:68:22:68:22 | v | provenance | | +| test.c:74:13:74:15 | & ... | test.c:68:22:68:22 | v | provenance | | +| test.c:97:32:97:37 | call to malloc | test.c:98:40:98:41 | s2 | provenance | | +| test.c:97:32:97:37 | call to malloc | test.c:98:40:98:41 | s2 | provenance | | +| test.c:98:32:98:38 | call to realloc | test.c:99:3:99:4 | s3 | provenance | | +| test.c:98:32:98:38 | call to realloc | test.c:100:10:100:11 | s3 | provenance | | +| test.c:98:40:98:41 | s2 | test.c:98:32:98:38 | call to realloc | provenance | | nodes | test.c:6:19:6:20 | & ... | semmle.label | & ... | | test.c:11:10:11:11 | & ... | semmle.label | & ... | diff --git a/c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.expected b/c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.expected index 3211c4fab1..bef45f3841 100644 --- a/c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.expected +++ b/c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.expected @@ -1,11 +1,11 @@ edges -| test.c:5:8:5:9 | & ... | test.c:6:4:6:5 | aa | -| test.c:26:15:26:15 | a | test.c:27:4:27:4 | a | -| test.c:34:13:34:14 | & ... | test.c:39:7:39:8 | p1 | -| test.c:39:7:39:8 | p1 | test.c:26:15:26:15 | a | -| test.c:40:7:40:9 | * ... | test.c:26:15:26:15 | a | -| test.c:59:7:59:8 | & ... | test.c:60:4:60:4 | p | -| test.c:79:11:79:16 | call to strchr | test.c:81:6:81:12 | ... ++ | +| test.c:5:8:5:9 | & ... | test.c:6:4:6:5 | aa | provenance | | +| test.c:26:15:26:15 | a | test.c:27:4:27:4 | a | provenance | | +| test.c:34:13:34:14 | & ... | test.c:39:7:39:8 | p1 | provenance | | +| test.c:39:7:39:8 | p1 | test.c:26:15:26:15 | a | provenance | | +| test.c:40:7:40:9 | * ... | test.c:26:15:26:15 | a | provenance | | +| test.c:59:7:59:8 | & ... | test.c:60:4:60:4 | p | provenance | | +| test.c:79:11:79:16 | call to strchr | test.c:81:6:81:12 | ... ++ | provenance | | nodes | test.c:5:8:5:9 | & ... | semmle.label | & ... | | test.c:6:4:6:5 | aa | semmle.label | aa | diff --git a/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected b/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected index d8632eb3c1..93d6de6b8a 100644 --- a/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected +++ b/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected @@ -1,6 +1,6 @@ edges -| test.c:20:15:20:23 | scanf output argument | test.c:21:8:21:16 | *file_name | -| test.c:45:15:45:23 | scanf output argument | test.c:46:29:46:37 | *file_name | +| test.c:20:15:20:23 | scanf output argument | test.c:21:8:21:16 | *file_name | provenance | | +| test.c:45:15:45:23 | scanf output argument | test.c:46:29:46:37 | *file_name | provenance | | nodes | test.c:20:15:20:23 | scanf output argument | semmle.label | scanf output argument | | test.c:21:8:21:16 | *file_name | semmle.label | *file_name | diff --git a/c/cert/test/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.expected b/c/cert/test/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.expected index 0592cb038d..0ae87f2ee8 100644 --- a/c/cert/test/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.expected +++ b/c/cert/test/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.expected @@ -1,9 +1,9 @@ edges -| test.c:5:10:5:22 | call to aligned_alloc | test.c:15:8:15:28 | call to aligned_alloc_wrapper | -| test.c:8:29:8:31 | ptr | test.c:8:64:8:66 | ptr | -| test.c:15:8:15:28 | call to aligned_alloc_wrapper | test.c:16:24:16:25 | v1 | -| test.c:16:24:16:25 | v1 | test.c:8:29:8:31 | ptr | -| test.c:22:8:22:20 | call to aligned_alloc | test.c:23:16:23:17 | v3 | +| test.c:5:10:5:22 | call to aligned_alloc | test.c:15:8:15:28 | call to aligned_alloc_wrapper | provenance | | +| test.c:8:29:8:31 | ptr | test.c:8:64:8:66 | ptr | provenance | | +| test.c:15:8:15:28 | call to aligned_alloc_wrapper | test.c:16:24:16:25 | v1 | provenance | | +| test.c:16:24:16:25 | v1 | test.c:8:29:8:31 | ptr | provenance | | +| test.c:22:8:22:20 | call to aligned_alloc | test.c:23:16:23:17 | v3 | provenance | | nodes | test.c:5:10:5:22 | call to aligned_alloc | semmle.label | call to aligned_alloc | | test.c:8:29:8:31 | ptr | semmle.label | ptr | diff --git a/c/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.expected b/c/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.expected index 94e63062c5..d62a413f98 100644 --- a/c/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.expected +++ b/c/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.expected @@ -3,11 +3,11 @@ problems | test.c:64:5:64:9 | conv4 | test.c:61:11:61:20 | call to localeconv | test.c:64:5:64:9 | conv4 | The object returned by the function localeconv should not be modified. | | test.c:73:5:73:8 | conv | test.c:69:25:69:34 | call to localeconv | test.c:73:5:73:8 | conv | The object returned by the function localeconv should not be modified. | edges -| test.c:5:18:5:22 | c_str | test.c:8:8:8:12 | c_str | -| test.c:15:16:15:21 | call to getenv | test.c:21:9:21:12 | env1 | -| test.c:21:9:21:12 | env1 | test.c:5:18:5:22 | c_str | -| test.c:61:11:61:20 | call to localeconv | test.c:64:5:64:9 | conv4 | -| test.c:69:25:69:34 | call to localeconv | test.c:73:5:73:8 | conv | +| test.c:5:18:5:22 | c_str | test.c:8:8:8:12 | c_str | provenance | | +| test.c:15:16:15:21 | call to getenv | test.c:21:9:21:12 | env1 | provenance | | +| test.c:21:9:21:12 | env1 | test.c:5:18:5:22 | c_str | provenance | | +| test.c:61:11:61:20 | call to localeconv | test.c:64:5:64:9 | conv4 | provenance | | +| test.c:69:25:69:34 | call to localeconv | test.c:73:5:73:8 | conv | provenance | | nodes | test.c:5:18:5:22 | c_str | semmle.label | c_str | | test.c:8:8:8:12 | c_str | semmle.label | c_str | diff --git a/c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.expected b/c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.expected index d0ba3bdb5c..c595e7e5f7 100644 --- a/c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.expected +++ b/c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.expected @@ -4,14 +4,14 @@ problems | test.c:13:10:13:11 | p4 | test.c:5:14:5:15 | l2 | test.c:13:10:13:11 | p4 | Subtraction between left operand pointing to array $@ and other operand pointing to array $@. | test.c:3:7:3:8 | l2 | l2 | test.c:2:7:2:8 | l1 | l1 | | test.c:13:15:13:16 | l1 | test.c:13:15:13:16 | l1 | test.c:13:15:13:16 | l1 | Subtraction between right operand pointing to array $@ and other operand pointing to array $@. | test.c:2:7:2:8 | l1 | l1 | test.c:3:7:3:8 | l2 | l2 | edges -| test.c:4:14:4:15 | l1 | test.c:4:14:4:18 | access to array | -| test.c:4:14:4:18 | access to array | test.c:10:10:10:11 | p1 | -| test.c:4:14:4:18 | access to array | test.c:12:10:12:11 | p1 | -| test.c:5:14:5:15 | l2 | test.c:5:14:5:19 | access to array | -| test.c:5:14:5:19 | access to array | test.c:11:10:11:11 | p2 | -| test.c:5:14:5:19 | access to array | test.c:12:15:12:16 | p2 | -| test.c:5:14:5:19 | access to array | test.c:13:10:13:11 | p4 | -| test.c:5:14:5:19 | access to array | test.c:14:10:14:11 | p4 | +| test.c:4:14:4:15 | l1 | test.c:4:14:4:18 | access to array | provenance | | +| test.c:4:14:4:18 | access to array | test.c:10:10:10:11 | p1 | provenance | | +| test.c:4:14:4:18 | access to array | test.c:12:10:12:11 | p1 | provenance | | +| test.c:5:14:5:15 | l2 | test.c:5:14:5:19 | access to array | provenance | | +| test.c:5:14:5:19 | access to array | test.c:11:10:11:11 | p2 | provenance | | +| test.c:5:14:5:19 | access to array | test.c:12:15:12:16 | p2 | provenance | | +| test.c:5:14:5:19 | access to array | test.c:13:10:13:11 | p4 | provenance | | +| test.c:5:14:5:19 | access to array | test.c:14:10:14:11 | p4 | provenance | | nodes | test.c:4:14:4:15 | l1 | semmle.label | l1 | | test.c:4:14:4:18 | access to array | semmle.label | access to array | diff --git a/c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.expected b/c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.expected index 8db569a98d..05c0ed4ca0 100644 --- a/c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.expected +++ b/c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.expected @@ -10,19 +10,19 @@ problems | test.c:25:7:25:14 | ... >= ... | test.c:7:14:7:15 | l1 | test.c:25:7:25:8 | p1 | Compare operation >= comparing left operand pointing to array $@ and other operand pointing to array $@. | test.c:2:7:2:8 | l1 | l1 | test.c:4:7:4:8 | l3 | l3 | | test.c:25:7:25:14 | ... >= ... | test.c:25:13:25:14 | l3 | test.c:25:13:25:14 | l3 | Compare operation >= comparing right operand pointing to array $@ and other operand pointing to array $@. | test.c:4:7:4:8 | l3 | l3 | test.c:2:7:2:8 | l1 | l1 | edges -| test.c:6:13:6:14 | l1 | test.c:13:12:13:13 | p0 | -| test.c:7:14:7:15 | l1 | test.c:7:14:7:18 | access to array | -| test.c:7:14:7:18 | access to array | test.c:11:7:11:8 | p1 | -| test.c:7:14:7:18 | access to array | test.c:13:7:13:8 | p1 | -| test.c:7:14:7:18 | access to array | test.c:15:13:15:14 | p1 | -| test.c:7:14:7:18 | access to array | test.c:17:7:17:8 | p1 | -| test.c:7:14:7:18 | access to array | test.c:23:13:23:14 | p1 | -| test.c:7:14:7:18 | access to array | test.c:25:7:25:8 | p1 | -| test.c:8:14:8:15 | l1 | test.c:8:14:8:18 | access to array | -| test.c:8:14:8:18 | access to array | test.c:11:12:11:13 | p2 | -| test.c:8:14:8:18 | access to array | test.c:21:7:21:8 | p2 | -| test.c:9:14:9:15 | l2 | test.c:9:14:9:18 | access to array | -| test.c:9:14:9:18 | access to array | test.c:21:12:21:13 | p3 | +| test.c:6:13:6:14 | l1 | test.c:13:12:13:13 | p0 | provenance | | +| test.c:7:14:7:15 | l1 | test.c:7:14:7:18 | access to array | provenance | | +| test.c:7:14:7:18 | access to array | test.c:11:7:11:8 | p1 | provenance | | +| test.c:7:14:7:18 | access to array | test.c:13:7:13:8 | p1 | provenance | | +| test.c:7:14:7:18 | access to array | test.c:15:13:15:14 | p1 | provenance | | +| test.c:7:14:7:18 | access to array | test.c:17:7:17:8 | p1 | provenance | | +| test.c:7:14:7:18 | access to array | test.c:23:13:23:14 | p1 | provenance | | +| test.c:7:14:7:18 | access to array | test.c:25:7:25:8 | p1 | provenance | | +| test.c:8:14:8:15 | l1 | test.c:8:14:8:18 | access to array | provenance | | +| test.c:8:14:8:18 | access to array | test.c:11:12:11:13 | p2 | provenance | | +| test.c:8:14:8:18 | access to array | test.c:21:7:21:8 | p2 | provenance | | +| test.c:9:14:9:15 | l2 | test.c:9:14:9:18 | access to array | provenance | | +| test.c:9:14:9:18 | access to array | test.c:21:12:21:13 | p3 | provenance | | nodes | test.c:6:13:6:14 | l1 | semmle.label | l1 | | test.c:7:14:7:15 | l1 | semmle.label | l1 | diff --git a/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.expected b/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.expected index 5881d5e78f..a6c41a6d75 100644 --- a/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.expected +++ b/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.expected @@ -6,10 +6,10 @@ problems | test.c:18:36:18:38 | ptr | test.c:27:7:27:8 | & ... | test.c:18:36:18:38 | ptr | Free expression frees memory which was not dynamically allocated. | | test.c:26:8:26:8 | p | test.c:25:13:25:14 | & ... | test.c:26:8:26:8 | p | Free expression frees memory which was not dynamically allocated. | edges -| test.c:18:24:18:26 | ptr | test.c:18:36:18:38 | ptr | -| test.c:25:13:25:14 | & ... | test.c:26:8:26:8 | p | -| test.c:27:7:27:8 | & ... | test.c:28:15:28:15 | p | -| test.c:28:15:28:15 | p | test.c:18:24:18:26 | ptr | +| test.c:18:24:18:26 | ptr | test.c:18:36:18:38 | ptr | provenance | | +| test.c:25:13:25:14 | & ... | test.c:26:8:26:8 | p | provenance | | +| test.c:27:7:27:8 | & ... | test.c:28:15:28:15 | p | provenance | | +| test.c:28:15:28:15 | p | test.c:18:24:18:26 | ptr | provenance | | nodes | test.c:8:8:8:10 | g_p | semmle.label | g_p | | test.c:10:8:10:10 | g_p | semmle.label | g_p | diff --git a/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected b/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected index bdfec99b4a..cded1a0a89 100644 --- a/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected +++ b/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected @@ -1,10 +1,10 @@ edges -| test.c:12:13:12:15 | a | test.c:14:10:14:10 | a | -| test.c:12:13:12:15 | a | test.c:23:13:23:13 | a | -| test.c:12:13:12:15 | a | test.c:24:10:24:10 | a | -| test.c:13:13:13:15 | b | test.c:14:13:14:13 | b | -| test.c:18:15:18:28 | {...} | test.c:21:10:21:10 | e | -| test.c:19:15:19:28 | {...} | test.c:21:13:21:13 | f | +| test.c:12:13:12:15 | a | test.c:14:10:14:10 | a | provenance | | +| test.c:12:13:12:15 | a | test.c:23:13:23:13 | a | provenance | | +| test.c:12:13:12:15 | a | test.c:24:10:24:10 | a | provenance | | +| test.c:13:13:13:15 | b | test.c:14:13:14:13 | b | provenance | | +| test.c:18:15:18:28 | {...} | test.c:21:10:21:10 | e | provenance | | +| test.c:19:15:19:28 | {...} | test.c:21:13:21:13 | f | provenance | | nodes | test.c:10:10:10:12 | a | semmle.label | a | | test.c:10:15:10:17 | b | semmle.label | b | diff --git a/cpp/autosar/test/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.expected b/cpp/autosar/test/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.expected index dcf263fc54..5f752403dc 100644 --- a/cpp/autosar/test/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.expected +++ b/cpp/autosar/test/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.expected @@ -1,10 +1,10 @@ edges -| test.cpp:3:36:3:45 | new[] | test.cpp:19:27:19:44 | call to allocate_int_array | -| test.cpp:3:36:3:45 | new[] | test.cpp:23:12:23:29 | call to allocate_int_array | -| test.cpp:3:36:3:45 | new[] | test.cpp:27:20:27:37 | call to allocate_int_array | -| test.cpp:11:29:11:41 | call to unique_ptr | test.cpp:12:27:12:28 | v2 | -| test.cpp:12:27:12:28 | v2 | test.cpp:12:30:12:36 | call to release | -| test.cpp:27:20:27:37 | call to allocate_int_array | test.cpp:32:12:32:20 | int_array | +| test.cpp:3:36:3:45 | new[] | test.cpp:19:27:19:44 | call to allocate_int_array | provenance | | +| test.cpp:3:36:3:45 | new[] | test.cpp:23:12:23:29 | call to allocate_int_array | provenance | | +| test.cpp:3:36:3:45 | new[] | test.cpp:27:20:27:37 | call to allocate_int_array | provenance | | +| test.cpp:11:29:11:41 | call to unique_ptr | test.cpp:12:27:12:28 | v2 | provenance | | +| test.cpp:12:27:12:28 | v2 | test.cpp:12:30:12:36 | call to release | provenance | | +| test.cpp:27:20:27:37 | call to allocate_int_array | test.cpp:32:12:32:20 | int_array | provenance | | nodes | test.cpp:3:36:3:45 | new[] | semmle.label | new[] | | test.cpp:11:29:11:41 | call to unique_ptr | semmle.label | call to unique_ptr | diff --git a/cpp/autosar/test/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.expected b/cpp/autosar/test/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.expected index 4234d93b32..b47755725c 100644 --- a/cpp/autosar/test/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.expected +++ b/cpp/autosar/test/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.expected @@ -1,15 +1,15 @@ edges -| test.cpp:10:18:10:20 | foo | test.cpp:11:23:11:25 | foo | -| test.cpp:10:18:10:20 | foo | test.cpp:11:50:11:52 | foo | -| test.cpp:22:18:22:20 | foo | test.cpp:24:18:24:20 | foo | -| test.cpp:35:11:35:17 | new | test.cpp:38:6:38:7 | l1 | -| test.cpp:35:11:35:17 | new | test.cpp:39:6:39:7 | l1 | -| test.cpp:37:11:37:13 | & ... | test.cpp:40:6:40:7 | l3 | -| test.cpp:37:11:37:13 | & ... | test.cpp:41:6:41:7 | l3 | -| test.cpp:38:6:38:7 | l1 | test.cpp:10:18:10:20 | foo | -| test.cpp:39:6:39:7 | l1 | test.cpp:22:18:22:20 | foo | -| test.cpp:40:6:40:7 | l3 | test.cpp:10:18:10:20 | foo | -| test.cpp:41:6:41:7 | l3 | test.cpp:22:18:22:20 | foo | +| test.cpp:10:18:10:20 | foo | test.cpp:11:23:11:25 | foo | provenance | | +| test.cpp:10:18:10:20 | foo | test.cpp:11:50:11:52 | foo | provenance | | +| test.cpp:22:18:22:20 | foo | test.cpp:24:18:24:20 | foo | provenance | | +| test.cpp:35:11:35:17 | new | test.cpp:38:6:38:7 | l1 | provenance | | +| test.cpp:35:11:35:17 | new | test.cpp:39:6:39:7 | l1 | provenance | | +| test.cpp:37:11:37:13 | & ... | test.cpp:40:6:40:7 | l3 | provenance | | +| test.cpp:37:11:37:13 | & ... | test.cpp:41:6:41:7 | l3 | provenance | | +| test.cpp:38:6:38:7 | l1 | test.cpp:10:18:10:20 | foo | provenance | | +| test.cpp:39:6:39:7 | l1 | test.cpp:22:18:22:20 | foo | provenance | | +| test.cpp:40:6:40:7 | l3 | test.cpp:10:18:10:20 | foo | provenance | | +| test.cpp:41:6:41:7 | l3 | test.cpp:22:18:22:20 | foo | provenance | | nodes | test.cpp:10:18:10:20 | foo | semmle.label | foo | | test.cpp:11:23:11:25 | foo | semmle.label | foo | diff --git a/cpp/autosar/test/rules/A5-1-7/LambdaPassedToTypeid.expected b/cpp/autosar/test/rules/A5-1-7/LambdaPassedToTypeid.expected index 4b19073ded..6d65a7b5d5 100644 --- a/cpp/autosar/test/rules/A5-1-7/LambdaPassedToTypeid.expected +++ b/cpp/autosar/test/rules/A5-1-7/LambdaPassedToTypeid.expected @@ -1,6 +1,6 @@ edges -| test.cpp:5:13:5:30 | [...](...){...} | test.cpp:8:38:8:39 | l1 | -| test.cpp:6:13:6:30 | [...](...){...} | test.cpp:9:38:9:39 | l2 | +| test.cpp:5:13:5:30 | [...](...){...} | test.cpp:8:38:8:39 | l1 | provenance | | +| test.cpp:6:13:6:30 | [...](...){...} | test.cpp:9:38:9:39 | l2 | provenance | | nodes | test.cpp:5:13:5:30 | [...](...){...} | semmle.label | [...](...){...} | | test.cpp:6:13:6:30 | [...](...){...} | semmle.label | [...](...){...} | diff --git a/cpp/cert/test/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.expected b/cpp/cert/test/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.expected index 0ee15c65b5..eabb6d7515 100644 --- a/cpp/cert/test/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.expected +++ b/cpp/cert/test/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.expected @@ -1,15 +1,15 @@ edges -| test.cpp:15:19:15:21 | foo | test.cpp:16:24:16:26 | foo | -| test.cpp:15:19:15:21 | foo | test.cpp:16:51:16:53 | foo | -| test.cpp:27:19:27:21 | foo | test.cpp:29:18:29:20 | foo | -| test.cpp:40:12:40:19 | new | test.cpp:43:6:43:7 | l1 | -| test.cpp:40:12:40:19 | new | test.cpp:44:6:44:7 | l1 | -| test.cpp:42:12:42:14 | & ... | test.cpp:45:6:45:7 | l3 | -| test.cpp:42:12:42:14 | & ... | test.cpp:46:6:46:7 | l3 | -| test.cpp:43:6:43:7 | l1 | test.cpp:15:19:15:21 | foo | -| test.cpp:44:6:44:7 | l1 | test.cpp:27:19:27:21 | foo | -| test.cpp:45:6:45:7 | l3 | test.cpp:15:19:15:21 | foo | -| test.cpp:46:6:46:7 | l3 | test.cpp:27:19:27:21 | foo | +| test.cpp:15:19:15:21 | foo | test.cpp:16:24:16:26 | foo | provenance | | +| test.cpp:15:19:15:21 | foo | test.cpp:16:51:16:53 | foo | provenance | | +| test.cpp:27:19:27:21 | foo | test.cpp:29:18:29:20 | foo | provenance | | +| test.cpp:40:12:40:19 | new | test.cpp:43:6:43:7 | l1 | provenance | | +| test.cpp:40:12:40:19 | new | test.cpp:44:6:44:7 | l1 | provenance | | +| test.cpp:42:12:42:14 | & ... | test.cpp:45:6:45:7 | l3 | provenance | | +| test.cpp:42:12:42:14 | & ... | test.cpp:46:6:46:7 | l3 | provenance | | +| test.cpp:43:6:43:7 | l1 | test.cpp:15:19:15:21 | foo | provenance | | +| test.cpp:44:6:44:7 | l1 | test.cpp:27:19:27:21 | foo | provenance | | +| test.cpp:45:6:45:7 | l3 | test.cpp:15:19:15:21 | foo | provenance | | +| test.cpp:46:6:46:7 | l3 | test.cpp:27:19:27:21 | foo | provenance | | nodes | test.cpp:15:19:15:21 | foo | semmle.label | foo | | test.cpp:16:24:16:26 | foo | semmle.label | foo | diff --git a/cpp/cert/test/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.expected b/cpp/cert/test/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.expected index a50daa096e..9c6e6dd071 100644 --- a/cpp/cert/test/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.expected +++ b/cpp/cert/test/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.expected @@ -1,6 +1,6 @@ edges -| test.cpp:6:19:6:37 | new[] | test.cpp:9:12:9:13 | l1 | -| test.cpp:7:22:7:40 | new[] | test.cpp:10:12:10:13 | l2 | +| test.cpp:6:19:6:37 | new[] | test.cpp:9:12:9:13 | l1 | provenance | | +| test.cpp:7:22:7:40 | new[] | test.cpp:10:12:10:13 | l2 | provenance | | nodes | test.cpp:6:19:6:37 | new[] | semmle.label | new[] | | test.cpp:7:22:7:40 | new[] | semmle.label | new[] | diff --git a/cpp/cert/test/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.expected b/cpp/cert/test/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.expected index e64315e044..860fec1d80 100644 --- a/cpp/cert/test/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.expected +++ b/cpp/cert/test/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.expected @@ -1,5 +1,5 @@ edges -| test.cpp:65:21:65:34 | call to operator new | test.cpp:67:26:67:32 | call to realloc | +| test.cpp:65:21:65:34 | call to operator new | test.cpp:67:26:67:32 | call to realloc | provenance | | nodes | test.cpp:16:26:16:31 | call to malloc | semmle.label | call to malloc | | test.cpp:17:38:17:43 | call to malloc | semmle.label | call to malloc | diff --git a/cpp/cert/test/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.expected b/cpp/cert/test/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.expected index 00ed15c370..f7f4705ef3 100644 --- a/cpp/cert/test/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.expected +++ b/cpp/cert/test/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.expected @@ -1,8 +1,8 @@ edges -| test.cpp:16:26:16:31 | call to malloc | test.cpp:22:8:22:9 | a1 | -| test.cpp:17:38:17:43 | call to malloc | test.cpp:23:8:23:9 | a2 | -| test.cpp:18:26:18:39 | call to operator new | test.cpp:26:21:26:22 | a3 | -| test.cpp:20:29:20:42 | call to operator new | test.cpp:27:21:27:22 | a4 | +| test.cpp:16:26:16:31 | call to malloc | test.cpp:22:8:22:9 | a1 | provenance | | +| test.cpp:17:38:17:43 | call to malloc | test.cpp:23:8:23:9 | a2 | provenance | | +| test.cpp:18:26:18:39 | call to operator new | test.cpp:26:21:26:22 | a3 | provenance | | +| test.cpp:20:29:20:42 | call to operator new | test.cpp:27:21:27:22 | a4 | provenance | | nodes | test.cpp:16:26:16:31 | call to malloc | semmle.label | call to malloc | | test.cpp:17:38:17:43 | call to malloc | semmle.label | call to malloc | diff --git a/cpp/common/test/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.expected b/cpp/common/test/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.expected index a4e40cc6cb..7a43b3757e 100644 --- a/cpp/common/test/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.expected +++ b/cpp/common/test/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.expected @@ -2,8 +2,8 @@ problems | test.cpp:10:3:10:13 | call to expression | test.cpp:8:22:8:28 | 0 | test.cpp:10:9:10:10 | l2 | A null pointer-to-member value from $@ is passed as the second operand to a pointer-to-member expression. | test.cpp:8:22:8:28 | test.cpp:8:22:8:28 | initialization | | test.cpp:11:8:11:9 | l3 | test.cpp:9:17:9:23 | 0 | test.cpp:11:8:11:9 | l3 | A null pointer-to-member value from $@ is passed as the second operand to a pointer-to-member expression. | test.cpp:9:17:9:23 | test.cpp:9:17:9:23 | initialization | edges -| test.cpp:8:22:8:28 | 0 | test.cpp:10:9:10:10 | l2 | -| test.cpp:9:17:9:23 | 0 | test.cpp:11:8:11:9 | l3 | +| test.cpp:8:22:8:28 | 0 | test.cpp:10:9:10:10 | l2 | provenance | | +| test.cpp:9:17:9:23 | 0 | test.cpp:11:8:11:9 | l3 | provenance | | nodes | test.cpp:8:22:8:28 | 0 | semmle.label | 0 | | test.cpp:9:17:9:23 | 0 | semmle.label | 0 | diff --git a/cpp/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.expected b/cpp/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.expected index 537228a000..dcbc6d05bc 100644 --- a/cpp/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.expected +++ b/cpp/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.expected @@ -4,14 +4,14 @@ problems | test.cpp:13:10:13:11 | p4 | test.cpp:5:14:5:15 | l2 | test.cpp:13:10:13:11 | p4 | Subtraction between left operand pointing to array $@ and other operand pointing to array $@. | test.cpp:3:7:3:8 | l2 | l2 | test.cpp:2:7:2:8 | l1 | l1 | | test.cpp:13:15:13:16 | l1 | test.cpp:13:15:13:16 | l1 | test.cpp:13:15:13:16 | l1 | Subtraction between right operand pointing to array $@ and other operand pointing to array $@. | test.cpp:2:7:2:8 | l1 | l1 | test.cpp:3:7:3:8 | l2 | l2 | edges -| test.cpp:4:14:4:15 | l1 | test.cpp:4:14:4:18 | access to array | -| test.cpp:4:14:4:18 | access to array | test.cpp:10:10:10:11 | p1 | -| test.cpp:4:14:4:18 | access to array | test.cpp:12:10:12:11 | p1 | -| test.cpp:5:14:5:15 | l2 | test.cpp:5:14:5:19 | access to array | -| test.cpp:5:14:5:19 | access to array | test.cpp:11:10:11:11 | p2 | -| test.cpp:5:14:5:19 | access to array | test.cpp:12:15:12:16 | p2 | -| test.cpp:5:14:5:19 | access to array | test.cpp:13:10:13:11 | p4 | -| test.cpp:5:14:5:19 | access to array | test.cpp:14:10:14:11 | p4 | +| test.cpp:4:14:4:15 | l1 | test.cpp:4:14:4:18 | access to array | provenance | | +| test.cpp:4:14:4:18 | access to array | test.cpp:10:10:10:11 | p1 | provenance | | +| test.cpp:4:14:4:18 | access to array | test.cpp:12:10:12:11 | p1 | provenance | | +| test.cpp:5:14:5:15 | l2 | test.cpp:5:14:5:19 | access to array | provenance | | +| test.cpp:5:14:5:19 | access to array | test.cpp:11:10:11:11 | p2 | provenance | | +| test.cpp:5:14:5:19 | access to array | test.cpp:12:15:12:16 | p2 | provenance | | +| test.cpp:5:14:5:19 | access to array | test.cpp:13:10:13:11 | p4 | provenance | | +| test.cpp:5:14:5:19 | access to array | test.cpp:14:10:14:11 | p4 | provenance | | nodes | test.cpp:4:14:4:15 | l1 | semmle.label | l1 | | test.cpp:4:14:4:18 | access to array | semmle.label | access to array | diff --git a/cpp/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.expected b/cpp/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.expected index 22ddfd123a..f02c9a5712 100644 --- a/cpp/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.expected +++ b/cpp/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.expected @@ -10,19 +10,19 @@ problems | test.cpp:25:7:25:14 | ... >= ... | test.cpp:7:14:7:15 | l1 | test.cpp:25:7:25:8 | p1 | Compare operation >= comparing left operand pointing to array $@ and other operand pointing to array $@. | test.cpp:2:7:2:8 | l1 | l1 | test.cpp:4:7:4:8 | l3 | l3 | | test.cpp:25:7:25:14 | ... >= ... | test.cpp:25:13:25:14 | l3 | test.cpp:25:13:25:14 | l3 | Compare operation >= comparing right operand pointing to array $@ and other operand pointing to array $@. | test.cpp:4:7:4:8 | l3 | l3 | test.cpp:2:7:2:8 | l1 | l1 | edges -| test.cpp:6:13:6:14 | l1 | test.cpp:13:12:13:13 | p0 | -| test.cpp:7:14:7:15 | l1 | test.cpp:7:14:7:18 | access to array | -| test.cpp:7:14:7:18 | access to array | test.cpp:11:7:11:8 | p1 | -| test.cpp:7:14:7:18 | access to array | test.cpp:13:7:13:8 | p1 | -| test.cpp:7:14:7:18 | access to array | test.cpp:15:13:15:14 | p1 | -| test.cpp:7:14:7:18 | access to array | test.cpp:17:7:17:8 | p1 | -| test.cpp:7:14:7:18 | access to array | test.cpp:23:13:23:14 | p1 | -| test.cpp:7:14:7:18 | access to array | test.cpp:25:7:25:8 | p1 | -| test.cpp:8:14:8:15 | l1 | test.cpp:8:14:8:18 | access to array | -| test.cpp:8:14:8:18 | access to array | test.cpp:11:12:11:13 | p2 | -| test.cpp:8:14:8:18 | access to array | test.cpp:21:7:21:8 | p2 | -| test.cpp:9:14:9:15 | l2 | test.cpp:9:14:9:18 | access to array | -| test.cpp:9:14:9:18 | access to array | test.cpp:21:12:21:13 | p3 | +| test.cpp:6:13:6:14 | l1 | test.cpp:13:12:13:13 | p0 | provenance | | +| test.cpp:7:14:7:15 | l1 | test.cpp:7:14:7:18 | access to array | provenance | | +| test.cpp:7:14:7:18 | access to array | test.cpp:11:7:11:8 | p1 | provenance | | +| test.cpp:7:14:7:18 | access to array | test.cpp:13:7:13:8 | p1 | provenance | | +| test.cpp:7:14:7:18 | access to array | test.cpp:15:13:15:14 | p1 | provenance | | +| test.cpp:7:14:7:18 | access to array | test.cpp:17:7:17:8 | p1 | provenance | | +| test.cpp:7:14:7:18 | access to array | test.cpp:23:13:23:14 | p1 | provenance | | +| test.cpp:7:14:7:18 | access to array | test.cpp:25:7:25:8 | p1 | provenance | | +| test.cpp:8:14:8:15 | l1 | test.cpp:8:14:8:18 | access to array | provenance | | +| test.cpp:8:14:8:18 | access to array | test.cpp:11:12:11:13 | p2 | provenance | | +| test.cpp:8:14:8:18 | access to array | test.cpp:21:7:21:8 | p2 | provenance | | +| test.cpp:9:14:9:15 | l2 | test.cpp:9:14:9:18 | access to array | provenance | | +| test.cpp:9:14:9:18 | access to array | test.cpp:21:12:21:13 | p3 | provenance | | nodes | test.cpp:6:13:6:14 | l1 | semmle.label | l1 | | test.cpp:7:14:7:15 | l1 | semmle.label | l1 | diff --git a/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.expected b/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.expected index 3d00ff0d6a..0b23493cfa 100644 --- a/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.expected +++ b/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.expected @@ -6,21 +6,21 @@ problems | test.cpp:12:28:12:29 | v2 | test.cpp:10:8:10:17 | new | test.cpp:12:28:12:29 | v2 | Raw pointer flows to initialize multiple unrelated smart pointers. | | test.cpp:17:27:17:28 | v1 | test.cpp:16:13:16:22 | new | test.cpp:17:27:17:28 | v1 | Raw pointer flows to initialize multiple unrelated smart pointers. | edges -| test.cpp:3:14:3:15 | v1 | test.cpp:5:27:5:28 | v1 | -| test.cpp:3:14:3:15 | v1 | test.cpp:5:27:5:28 | v1 | -| test.cpp:3:14:3:15 | v1 | test.cpp:7:28:7:29 | v2 | -| test.cpp:4:13:4:14 | v1 | test.cpp:7:28:7:29 | v2 | -| test.cpp:5:27:5:28 | v1 | test.cpp:5:27:5:29 | call to shared_ptr | -| test.cpp:5:27:5:29 | call to shared_ptr | test.cpp:6:28:6:29 | p1 | -| test.cpp:5:27:5:29 | call to shared_ptr | test.cpp:6:28:6:29 | p1 | -| test.cpp:6:28:6:29 | p1 | test.cpp:6:31:6:33 | call to get | -| test.cpp:6:28:6:29 | p1 | test.cpp:6:31:6:33 | call to get | -| test.cpp:8:8:8:14 | 0 | test.cpp:9:28:9:29 | v2 | -| test.cpp:10:8:10:17 | new | test.cpp:11:28:11:29 | v2 | -| test.cpp:10:8:10:17 | new | test.cpp:12:28:12:29 | v2 | -| test.cpp:16:13:16:22 | new | test.cpp:17:27:17:28 | v1 | -| test.cpp:16:13:16:22 | new | test.cpp:19:6:19:7 | v1 | -| test.cpp:19:6:19:7 | v1 | test.cpp:3:14:3:15 | v1 | +| test.cpp:3:14:3:15 | v1 | test.cpp:5:27:5:28 | v1 | provenance | | +| test.cpp:3:14:3:15 | v1 | test.cpp:5:27:5:28 | v1 | provenance | | +| test.cpp:3:14:3:15 | v1 | test.cpp:7:28:7:29 | v2 | provenance | | +| test.cpp:4:13:4:14 | v1 | test.cpp:7:28:7:29 | v2 | provenance | | +| test.cpp:5:27:5:28 | v1 | test.cpp:5:27:5:29 | call to shared_ptr | provenance | | +| test.cpp:5:27:5:29 | call to shared_ptr | test.cpp:6:28:6:29 | p1 | provenance | | +| test.cpp:5:27:5:29 | call to shared_ptr | test.cpp:6:28:6:29 | p1 | provenance | | +| test.cpp:6:28:6:29 | p1 | test.cpp:6:31:6:33 | call to get | provenance | | +| test.cpp:6:28:6:29 | p1 | test.cpp:6:31:6:33 | call to get | provenance | | +| test.cpp:8:8:8:14 | 0 | test.cpp:9:28:9:29 | v2 | provenance | | +| test.cpp:10:8:10:17 | new | test.cpp:11:28:11:29 | v2 | provenance | | +| test.cpp:10:8:10:17 | new | test.cpp:12:28:12:29 | v2 | provenance | | +| test.cpp:16:13:16:22 | new | test.cpp:17:27:17:28 | v1 | provenance | | +| test.cpp:16:13:16:22 | new | test.cpp:19:6:19:7 | v1 | provenance | | +| test.cpp:19:6:19:7 | v1 | test.cpp:3:14:3:15 | v1 | provenance | | nodes | test.cpp:3:14:3:15 | v1 | semmle.label | v1 | | test.cpp:4:13:4:14 | v1 | semmle.label | v1 | diff --git a/cpp/common/test/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.expected b/cpp/common/test/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.expected index ae8a0d626b..5e047a77da 100644 --- a/cpp/common/test/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.expected +++ b/cpp/common/test/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.expected @@ -3,8 +3,8 @@ problems | test.cpp:12:5:12:19 | return ... | test.cpp:12:12:12:18 | 0 | test.cpp:12:12:12:18 | 0 | operator new(size_t) may return null instead of throwing a std::bad_alloc exception. | | test.cpp:14:5:14:33 | return ... | test.cpp:4:10:4:23 | call to operator new | test.cpp:14:12:14:26 | call to can_return_null | operator new(size_t) may return null instead of throwing a std::bad_alloc exception. | edges -| test.cpp:4:10:4:23 | call to operator new | test.cpp:14:12:14:26 | call to can_return_null | -| test.cpp:8:23:8:23 | 0 | test.cpp:10:12:10:24 | localVariable | +| test.cpp:4:10:4:23 | call to operator new | test.cpp:14:12:14:26 | call to can_return_null | provenance | | +| test.cpp:8:23:8:23 | 0 | test.cpp:10:12:10:24 | localVariable | provenance | | nodes | test.cpp:4:10:4:23 | call to operator new | semmle.label | call to operator new | | test.cpp:8:23:8:23 | 0 | semmle.label | 0 | From 0b02e6b06e40c2c52cfd625155d12d09ea91074d Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Fri, 9 Feb 2024 12:39:56 +0000 Subject: [PATCH 1615/2573] Accept changes from github/codeql/15549 --- .../PlacementNewInsufficientStorage.expected | 24 +++++++++---------- 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/cpp/common/test/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.expected b/cpp/common/test/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.expected index 3c38e192bc..a4c3bb1df6 100644 --- a/cpp/common/test/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.expected +++ b/cpp/common/test/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.expected @@ -7,18 +7,18 @@ problems | test.cpp:100:16:100:39 | new | test.cpp:65:36:65:38 | call to pop | test.cpp:100:21:100:28 | badAlloc | Placement new expression is used with an insufficiently large memory allocation from $@. | test.cpp:65:36:65:38 | call to pop | call to pop | | test.cpp:113:7:113:32 | new[] | test.cpp:113:14:113:21 | badAlloc | test.cpp:113:14:113:21 | badAlloc | Placement new expression is used with an insufficiently large memory allocation from $@. | test.cpp:113:14:113:21 | badAlloc | badAlloc | edges -| test.cpp:18:36:18:49 | call to operator new | test.cpp:19:21:19:44 | correctlyAllocatedMemory | -| test.cpp:24:37:24:50 | call to operator new | test.cpp:25:21:25:45 | correctlyAllocatedMemory2 | -| test.cpp:29:32:29:45 | call to operator new | test.cpp:31:21:31:40 | badlyAllocatedMemory | -| test.cpp:35:33:35:46 | call to operator new | test.cpp:37:21:37:41 | badlyAllocatedMemory2 | -| test.cpp:62:16:62:29 | call to operator new | test.cpp:67:12:67:17 | memory | -| test.cpp:62:16:62:29 | call to operator new | test.cpp:67:12:67:17 | memory | -| test.cpp:65:36:65:38 | call to pop | test.cpp:67:12:67:17 | memory | -| test.cpp:65:36:65:38 | call to pop | test.cpp:67:12:67:17 | memory | -| test.cpp:67:12:67:17 | memory | test.cpp:94:32:94:39 | call to allocate | -| test.cpp:67:12:67:17 | memory | test.cpp:98:31:98:38 | call to allocate | -| test.cpp:94:32:94:39 | call to allocate | test.cpp:95:21:95:29 | goodAlloc | -| test.cpp:98:31:98:38 | call to allocate | test.cpp:100:21:100:28 | badAlloc | +| test.cpp:18:36:18:49 | call to operator new | test.cpp:19:21:19:44 | correctlyAllocatedMemory | provenance | | +| test.cpp:24:37:24:50 | call to operator new | test.cpp:25:21:25:45 | correctlyAllocatedMemory2 | provenance | | +| test.cpp:29:32:29:45 | call to operator new | test.cpp:31:21:31:40 | badlyAllocatedMemory | provenance | | +| test.cpp:35:33:35:46 | call to operator new | test.cpp:37:21:37:41 | badlyAllocatedMemory2 | provenance | | +| test.cpp:62:16:62:29 | call to operator new | test.cpp:67:12:67:17 | memory | provenance | | +| test.cpp:62:16:62:29 | call to operator new | test.cpp:67:12:67:17 | memory | provenance | | +| test.cpp:65:36:65:38 | call to pop | test.cpp:67:12:67:17 | memory | provenance | | +| test.cpp:65:36:65:38 | call to pop | test.cpp:67:12:67:17 | memory | provenance | | +| test.cpp:67:12:67:17 | memory | test.cpp:94:32:94:39 | call to allocate | provenance | | +| test.cpp:67:12:67:17 | memory | test.cpp:98:31:98:38 | call to allocate | provenance | | +| test.cpp:94:32:94:39 | call to allocate | test.cpp:95:21:95:29 | goodAlloc | provenance | | +| test.cpp:98:31:98:38 | call to allocate | test.cpp:100:21:100:28 | badAlloc | provenance | | nodes | test.cpp:18:36:18:49 | call to operator new | semmle.label | call to operator new | | test.cpp:19:21:19:44 | correctlyAllocatedMemory | semmle.label | correctlyAllocatedMemory | From 33509d53b876f68676adb929cbc5d82b07073c7d Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Fri, 9 Feb 2024 09:34:21 -0500 Subject: [PATCH 1616/2573] A16-0-1: simplify query logic --- ...ocessorShallOnlyBeUsedForCertainDirectivesPatterns.ql | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/cpp/autosar/src/rules/A16-0-1/PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.ql b/cpp/autosar/src/rules/A16-0-1/PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.ql index b026d3bba4..6a4182d538 100644 --- a/cpp/autosar/src/rules/A16-0-1/PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.ql +++ b/cpp/autosar/src/rules/A16-0-1/PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.ql @@ -54,12 +54,9 @@ predicate isPreprocConditionalRange( PreprocessorBranch pb, string filepath, int startLine, int endLine ) { isPreprocFileAndLine(pb, filepath, startLine) and - endLine = - min(int elifEndLine, PreprocessorDirective end | - pb.getNext() = end and isPreprocFileAndLine(end, filepath, elifEndLine) - | - elifEndLine - ) + exists(PreprocessorDirective end | + pb.getNext() = end and isPreprocFileAndLine(end, filepath, endLine) + ) } /** From b6a4f67a73f20acadc89a8f016372f64b7286a81 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Mon, 12 Feb 2024 22:14:45 -0500 Subject: [PATCH 1617/2573] A18-0-1: improve query logic --- change_notes/2024-02-12-improve-a18-0-1.md | 2 ++ .../CLibraryFacilitiesNotAccessedThroughCPPLibraryHeaders.ql | 5 +++-- cpp/autosar/test/rules/A18-0-1/lib/assert.h | 4 ++++ cpp/autosar/test/rules/A18-0-1/test.cpp | 4 +++- 4 files changed, 12 insertions(+), 3 deletions(-) create mode 100644 change_notes/2024-02-12-improve-a18-0-1.md create mode 100644 cpp/autosar/test/rules/A18-0-1/lib/assert.h diff --git a/change_notes/2024-02-12-improve-a18-0-1.md b/change_notes/2024-02-12-improve-a18-0-1.md new file mode 100644 index 0000000000..4ad186b0ae --- /dev/null +++ b/change_notes/2024-02-12-improve-a18-0-1.md @@ -0,0 +1,2 @@ +`A18-0-1` - `CLibraryFacilitiesNotAccessedThroughCPPLibraryHeaders.ql`: + - Improve query logic to only match on exact standard library names (exclude local files with same names. Now excludes sys/header.h type headers as well from the results as those are not C standard libraries). \ No newline at end of file diff --git a/cpp/autosar/src/rules/A18-0-1/CLibraryFacilitiesNotAccessedThroughCPPLibraryHeaders.ql b/cpp/autosar/src/rules/A18-0-1/CLibraryFacilitiesNotAccessedThroughCPPLibraryHeaders.ql index ada60f305d..9a5970c870 100644 --- a/cpp/autosar/src/rules/A18-0-1/CLibraryFacilitiesNotAccessedThroughCPPLibraryHeaders.ql +++ b/cpp/autosar/src/rules/A18-0-1/CLibraryFacilitiesNotAccessedThroughCPPLibraryHeaders.ql @@ -28,12 +28,13 @@ where * not use any of 'signal.h's facilities, for example. */ - filename = i.getIncludedFile().getBaseName() and + filename = i.getIncludeText().substring(1, i.getIncludeText().length() - 1) and filename in [ "assert.h", "ctype.h", "errno.h", "fenv.h", "float.h", "inttypes.h", "limits.h", "locale.h", "math.h", "setjmp.h", "signal.h", "stdarg.h", "stddef.h", "stdint.h", "stdio.h", "stdlib.h", "string.h", "time.h", "uchar.h", "wchar.h", "wctype.h" - ] + ] and + not exists(i.getIncludedFile().getRelativePath()) select i, "C library \"" + filename + "\" is included instead of the corresponding C++ library ." diff --git a/cpp/autosar/test/rules/A18-0-1/lib/assert.h b/cpp/autosar/test/rules/A18-0-1/lib/assert.h new file mode 100644 index 0000000000..001980b02f --- /dev/null +++ b/cpp/autosar/test/rules/A18-0-1/lib/assert.h @@ -0,0 +1,4 @@ +#ifndef LIB_EXAMPLE_H_ +#define LIB_EXAMPLE_H_ + +#endif \ No newline at end of file diff --git a/cpp/autosar/test/rules/A18-0-1/test.cpp b/cpp/autosar/test/rules/A18-0-1/test.cpp index b095017685..7c54ccf98e 100644 --- a/cpp/autosar/test/rules/A18-0-1/test.cpp +++ b/cpp/autosar/test/rules/A18-0-1/test.cpp @@ -39,4 +39,6 @@ #include // COMPLIANT #include // COMPLIANT #include // COMPLIANT -#include // COMPLIANT \ No newline at end of file +#include // COMPLIANT + +#include "lib/assert.h" // COMPLIANT \ No newline at end of file From 67d3b98346e23fdd62177f2f71e8573a064eeb3b Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Mon, 12 Feb 2024 22:20:18 -0500 Subject: [PATCH 1618/2573] A18-0-1: improve change note --- change_notes/2024-02-12-improve-a18-0-1.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/change_notes/2024-02-12-improve-a18-0-1.md b/change_notes/2024-02-12-improve-a18-0-1.md index 4ad186b0ae..cd6bcee256 100644 --- a/change_notes/2024-02-12-improve-a18-0-1.md +++ b/change_notes/2024-02-12-improve-a18-0-1.md @@ -1,2 +1,2 @@ `A18-0-1` - `CLibraryFacilitiesNotAccessedThroughCPPLibraryHeaders.ql`: - - Improve query logic to only match on exact standard library names (exclude local files with same names. Now excludes sys/header.h type headers as well from the results as those are not C standard libraries). \ No newline at end of file + - Fix issue #7 - improve query logic to only match on exact standard library names (exclude local files with same names. Now excludes sys/header.h type headers as well from the results as those are not C standard libraries). \ No newline at end of file From f228addbf7af7be98ae74c4f2d2879d6fd25b500 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Mon, 12 Feb 2024 23:55:01 -0500 Subject: [PATCH 1619/2573] A2-10-4: exclude partially specialized template variables --- ...dentifierNameOfStaticNonMemberObjectReusedInNamespace.ql | 4 +++- .../rules/M3-9-1/TypesNotIdenticalInReturnDeclarations.ql | 2 -- cpp/autosar/test/rules/A2-10-4/test1a.cpp | 6 ++++++ 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/cpp/autosar/src/rules/A2-10-4/IdentifierNameOfStaticNonMemberObjectReusedInNamespace.ql b/cpp/autosar/src/rules/A2-10-4/IdentifierNameOfStaticNonMemberObjectReusedInNamespace.ql index ba24ada376..e04bb89cfa 100644 --- a/cpp/autosar/src/rules/A2-10-4/IdentifierNameOfStaticNonMemberObjectReusedInNamespace.ql +++ b/cpp/autosar/src/rules/A2-10-4/IdentifierNameOfStaticNonMemberObjectReusedInNamespace.ql @@ -20,7 +20,9 @@ class CandidateVariable extends Variable { CandidateVariable() { hasDefinition() and isStatic() and - not this instanceof MemberVariable + not this instanceof MemberVariable and + //exclude partially specialized template variables + not exists(TemplateVariable v | this = v.getAnInstantiation()) } } diff --git a/cpp/autosar/src/rules/M3-9-1/TypesNotIdenticalInReturnDeclarations.ql b/cpp/autosar/src/rules/M3-9-1/TypesNotIdenticalInReturnDeclarations.ql index b99c656692..2792850dba 100644 --- a/cpp/autosar/src/rules/M3-9-1/TypesNotIdenticalInReturnDeclarations.ql +++ b/cpp/autosar/src/rules/M3-9-1/TypesNotIdenticalInReturnDeclarations.ql @@ -15,8 +15,6 @@ import cpp import codingstandards.cpp.autosar -import cpp -import codingstandards.cpp.autosar from FunctionDeclarationEntry f1, FunctionDeclarationEntry f2 where diff --git a/cpp/autosar/test/rules/A2-10-4/test1a.cpp b/cpp/autosar/test/rules/A2-10-4/test1a.cpp index 4c6ec898ed..8511fffa92 100644 --- a/cpp/autosar/test/rules/A2-10-4/test1a.cpp +++ b/cpp/autosar/test/rules/A2-10-4/test1a.cpp @@ -13,4 +13,10 @@ namespace ns3 { static void f1() {} void f2() {} + +// Variable templates can cause false positives +template static int number_one = 0; // COMPLIANT + +template <> static int number_one<1> = 1; // COMPLIANT +template <> static int number_one<2> = 2; // COMPLIANT } // namespace ns3 \ No newline at end of file From db27f156ceb3243de1b34b944ed3a3be992b47c2 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 13 Feb 2024 10:25:45 -0800 Subject: [PATCH 1620/2573] Fix query formatting --- .../src/rules/A4-5-1/EnumUsedInArithmeticContexts.ql | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cpp/autosar/src/rules/A4-5-1/EnumUsedInArithmeticContexts.ql b/cpp/autosar/src/rules/A4-5-1/EnumUsedInArithmeticContexts.ql index 0833d44bb1..af69a4dca4 100644 --- a/cpp/autosar/src/rules/A4-5-1/EnumUsedInArithmeticContexts.ql +++ b/cpp/autosar/src/rules/A4-5-1/EnumUsedInArithmeticContexts.ql @@ -25,17 +25,17 @@ class AllowedOperatorUse extends OperatorUse { AllowedOperatorUse() { this.getOperator() in ["[]", "=", "==", "!=", "<", "<=", ">", ">="] or - this.(UnaryOperatorUse).getOperator() = "&" + this.(UnaryOperatorUse).getOperator() = "&" } } -from OperatorUse operatorUse, Access access, Enum enum +from OperatorUse operatorUse, Access access, Enum enum where not isExcluded(access, ExpressionsPackage::enumUsedInArithmeticContextsQuery()) and operatorUse.getAnOperand() = access and ( access.(EnumConstantAccess).getTarget().getDeclaringEnum() = enum or - access.(VariableAccess).getType() = enum + access.(VariableAccess).getType() = enum ) and not operatorUse instanceof AllowedOperatorUse and // Enums that implement the BitmaskType trait are an exception. From 724e324441aabac65bbce3bc8b6eef86870a3709 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 13 Feb 2024 10:27:55 -0800 Subject: [PATCH 1621/2573] Fix module formatting --- cpp/common/src/codingstandards/cpp/Operator.qll | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Operator.qll b/cpp/common/src/codingstandards/cpp/Operator.qll index 424ca43098..b8e703d9f4 100644 --- a/cpp/common/src/codingstandards/cpp/Operator.qll +++ b/cpp/common/src/codingstandards/cpp/Operator.qll @@ -310,7 +310,7 @@ class OperatorUse extends TOperatorUse { result = call.getLocation() ) } - + string getOperator() { result = this.asBuiltin().getOperator() or @@ -324,4 +324,4 @@ class UnaryOperatorUse extends OperatorUse { or this.asOverloaded(_).getNumberOfParameters() = 0 } -} \ No newline at end of file +} From d23d3edf356d787bf989594312c7b18207fb414d Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 13 Feb 2024 11:05:36 -0800 Subject: [PATCH 1622/2573] Extract customizations into own module --- .../cpp/exceptions/ExceptionFlow.qll | 67 +----------------- .../ExceptionFlowCustomizations.qll | 68 +++++++++++++++++++ 2 files changed, 69 insertions(+), 66 deletions(-) create mode 100644 cpp/common/src/codingstandards/cpp/exceptions/ExceptionFlowCustomizations.qll diff --git a/cpp/common/src/codingstandards/cpp/exceptions/ExceptionFlow.qll b/cpp/common/src/codingstandards/cpp/exceptions/ExceptionFlow.qll index 5a4e7fee6e..d62bc8c02a 100644 --- a/cpp/common/src/codingstandards/cpp/exceptions/ExceptionFlow.qll +++ b/cpp/common/src/codingstandards/cpp/exceptions/ExceptionFlow.qll @@ -5,6 +5,7 @@ import cpp import codingstandards.cpp.standardlibrary.Exceptions import codingstandards.cpp.exceptions.ExceptionSpecifications +import codingstandards.cpp.exceptions.ExceptionFlowCustomizations import ThirdPartyExceptions /* @@ -271,72 +272,6 @@ ExceptionType getAFunctionThrownType(Function f, ThrowingExpr throwingExpr) { ) } -/** A `ThrowingExpr` which is the origin of a exceptions in the program. */ -abstract class OriginThrowingExpr extends ThrowingExpr { } - -/** An expression which directly throws. */ -class DirectThrowExprThrowingExpr extends DirectThrowExpr, OriginThrowingExpr { - override ExceptionType getAnExceptionType() { result = getExceptionType() } -} - -/** An `typeid` expression which may throw `std::bad_typeid`. */ -class TypeIdThrowingExpr extends TypeidOperator, OriginThrowingExpr { - override ExceptionType getAnExceptionType() { result instanceof StdBadTypeId } -} - -/** An `new[]` expression which may throw `std::bad_array_new_length`. */ -class NewThrowingExpr extends NewArrayExpr, OriginThrowingExpr { - NewThrowingExpr() { - // If the extent is known to be below 0 at runtime - getExtent().getValue().toInt() < 0 - or - // initializer has more elements than the array size - getExtent().getValue().toInt() < getInitializer().(ArrayAggregateLiteral).getArraySize() - } - - override ExceptionType getAnExceptionType() { result instanceof StdBadArrayNewLength } -} - -/** A `ReThrowExpr` which throws a previously caught exception. */ -class ReThrowExprThrowingExpr extends ReThrowExpr, ThrowingExpr { - predicate rethrows(CatchBlock cb, ExceptionType et, ThrowingExpr te) { - // Find the nearest CatchBlock - cb = getNearestCatch(this.getEnclosingStmt()) and - // Find an `ExceptionType` which is caught by this catch block, and `ThrowingExpr` which throws that exception type - catches(cb, te, et) - } - - override ExceptionType getAnExceptionType() { rethrows(_, result, _) } - - CatchBlock getCatchBlock() { rethrows(result, _, _) } -} - -/** An expression which calls a function which may throw an exception. */ -class FunctionCallThrowingExpr extends FunctionCall, ThrowingExpr { - override ExceptionType getAnExceptionType() { - exists(Function target | - target = getTarget() and - result = getAFunctionThrownType(target, _) and - // [expect.spec] states that throwing an exception type that is prohibited - // by the specification will result in the program terminating, unless - // a custom `unexpected_handler` is registered that throws an exception type - // which is compatible with the dynamic exception specification, or the - // dynamic exception specification lists `std::bad_exception`, in which case - // a `std::bad_exception` is thrown. - // As dynamic exception specifications and the `unexpected_handler` are both - // deprecated in C++14 and removed in C++17, we assume a default - // `std::unexpected` handler that calls `std::terminate` and therefore - // do not propagate such exceptions to the call sites for the function. - not ( - hasDynamicExceptionSpecification(target) and - not result = getAHandledExceptionType(target.getAThrownType()) - or - isNoExceptTrue(target) - ) - ) - } -} - module ExceptionPathGraph { /** * A function for which we want path information. diff --git a/cpp/common/src/codingstandards/cpp/exceptions/ExceptionFlowCustomizations.qll b/cpp/common/src/codingstandards/cpp/exceptions/ExceptionFlowCustomizations.qll new file mode 100644 index 0000000000..f8e9a02f7a --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exceptions/ExceptionFlowCustomizations.qll @@ -0,0 +1,68 @@ +import cpp +private import codingstandards.cpp.exceptions.ExceptionFlow + +/** A `ThrowingExpr` which is the origin of a exceptions in the program. */ +abstract class OriginThrowingExpr extends ThrowingExpr { } + +/** An expression which directly throws. */ +class DirectThrowExprThrowingExpr extends DirectThrowExpr, OriginThrowingExpr { + override ExceptionType getAnExceptionType() { result = getExceptionType() } +} + +/** A `ReThrowExpr` which throws a previously caught exception. */ +class ReThrowExprThrowingExpr extends ReThrowExpr, ThrowingExpr { + predicate rethrows(CatchBlock cb, ExceptionType et, ThrowingExpr te) { + // Find the nearest CatchBlock + cb = getNearestCatch(this.getEnclosingStmt()) and + // Find an `ExceptionType` which is caught by this catch block, and `ThrowingExpr` which throws that exception type + catches(cb, te, et) + } + + override ExceptionType getAnExceptionType() { rethrows(_, result, _) } + + CatchBlock getCatchBlock() { rethrows(result, _, _) } +} + +/** An expression which calls a function which may throw an exception. */ +class FunctionCallThrowingExpr extends FunctionCall, ThrowingExpr { + override ExceptionType getAnExceptionType() { + exists(Function target | + target = getTarget() and + result = getAFunctionThrownType(target, _) and + // [expect.spec] states that throwing an exception type that is prohibited + // by the specification will result in the program terminating, unless + // a custom `unexpected_handler` is registered that throws an exception type + // which is compatible with the dynamic exception specification, or the + // dynamic exception specification lists `std::bad_exception`, in which case + // a `std::bad_exception` is thrown. + // As dynamic exception specifications and the `unexpected_handler` are both + // deprecated in C++14 and removed in C++17, we assume a default + // `std::unexpected` handler that calls `std::terminate` and therefore + // do not propagate such exceptions to the call sites for the function. + not ( + hasDynamicExceptionSpecification(target) and + not result = getAHandledExceptionType(target.getAThrownType()) + or + isNoExceptTrue(target) + ) + ) + } +} + +/** An `typeid` expression which may throw `std::bad_typeid`. */ +private class TypeIdThrowingExpr extends TypeidOperator, OriginThrowingExpr { + override ExceptionType getAnExceptionType() { result instanceof StdBadTypeId } +} + +/** An `new[]` expression which may throw `std::bad_array_new_length`. */ +private class NewThrowingExpr extends NewArrayExpr, OriginThrowingExpr { + NewThrowingExpr() { + // If the extent is known to be below 0 at runtime + getExtent().getValue().toInt() < 0 + or + // initializer has more elements than the array size + getExtent().getValue().toInt() < getInitializer().(ArrayAggregateLiteral).getArraySize() + } + + override ExceptionType getAnExceptionType() { result instanceof StdBadArrayNewLength } +} From b514c1066cc119b4402d0ba99eac947df31a0926 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 13 Feb 2024 15:11:40 -0500 Subject: [PATCH 1623/2573] A2-10-4: add forgotten change note --- change_notes/2024-02-12-exclusion-A2-10-4.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 change_notes/2024-02-12-exclusion-A2-10-4.md diff --git a/change_notes/2024-02-12-exclusion-A2-10-4.md b/change_notes/2024-02-12-exclusion-A2-10-4.md new file mode 100644 index 0000000000..d4ba29110b --- /dev/null +++ b/change_notes/2024-02-12-exclusion-A2-10-4.md @@ -0,0 +1,2 @@ +`A2-10-4` - `IdentifierNameOfStaticNonMemberObjectReusedInNamespace.ql`: + - Fix FP reported in #385. Addresses incorrect detection of partially specialized template variables as conflicting reuses. \ No newline at end of file From 476e91084288a735f4e5b9c71a5a7014b2b52443 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 13 Feb 2024 12:26:35 -0800 Subject: [PATCH 1624/2573] Add test case of FP --- cpp/autosar/test/rules/A15-4-4/test.cpp | 11 +++++++++++ cpp/common/test/includes/standard-library/stdexcept.h | 2 ++ cpp/common/test/includes/standard-library/string | 2 ++ 3 files changed, 15 insertions(+) diff --git a/cpp/autosar/test/rules/A15-4-4/test.cpp b/cpp/autosar/test/rules/A15-4-4/test.cpp index 7d8597a75f..2ca6a32e0c 100644 --- a/cpp/autosar/test/rules/A15-4-4/test.cpp +++ b/cpp/autosar/test/rules/A15-4-4/test.cpp @@ -43,4 +43,15 @@ void test_swap_wrapper() noexcept { int a = 0; int b = 1; swap_wrapper(&a, &b); +} + +#include +#include + +std::string test_fp_reported_in_424(const std::string &s1, const std::string &s2) { + std::string s3; + s3.reserve(s1.size() + s2.size()); + s3.append(s1.c_str(), s1.size()); + s3.append(s2.c_str(), s2.size()); + return s3; } \ No newline at end of file diff --git a/cpp/common/test/includes/standard-library/stdexcept.h b/cpp/common/test/includes/standard-library/stdexcept.h index cb9af14db2..d341738bfc 100644 --- a/cpp/common/test/includes/standard-library/stdexcept.h +++ b/cpp/common/test/includes/standard-library/stdexcept.h @@ -28,5 +28,7 @@ class nested_exception { template [[noreturn]] void throw_with_nested(T &&t); template void rethrow_if_nested(E const &e); +class length_error : public logic_error{}; +class out_of_range: public logic_error{}; } // namespace std #endif // _GHLIBCPP_STDEXCEPT \ No newline at end of file diff --git a/cpp/common/test/includes/standard-library/string b/cpp/common/test/includes/standard-library/string index ca267f6191..a3f22f5e80 100644 --- a/cpp/common/test/includes/standard-library/string +++ b/cpp/common/test/includes/standard-library/string @@ -166,6 +166,8 @@ public: int compare(const charT *s) const; int compare(size_type pos1, size_type n1, const charT *s) const; int compare(size_type pos1, size_type n1, const charT *s, size_type n2) const; + + void reserve(size_type new_cap = 0); }; template From 1c1f6307951850fb5218d93024348fd5a47985ad Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 13 Feb 2024 12:27:28 -0800 Subject: [PATCH 1625/2573] Add model of external functions that may throw This allows us to extend the queries reasoning about exceptions that maybe thrown with information that is not directly retrievable from the source. For example, standard library functions known to throw exceptions that are not specified in their signatures. --- .../ExceptionFlowCustomizations.qll | 45 +++++++++++++++++++ cpp/common/src/ext/stdc++.model.yml | 7 +++ cpp/common/src/qlpack.yml | 2 + 3 files changed, 54 insertions(+) create mode 100644 cpp/common/src/ext/stdc++.model.yml diff --git a/cpp/common/src/codingstandards/cpp/exceptions/ExceptionFlowCustomizations.qll b/cpp/common/src/codingstandards/cpp/exceptions/ExceptionFlowCustomizations.qll index f8e9a02f7a..90f67c3075 100644 --- a/cpp/common/src/codingstandards/cpp/exceptions/ExceptionFlowCustomizations.qll +++ b/cpp/common/src/codingstandards/cpp/exceptions/ExceptionFlowCustomizations.qll @@ -1,9 +1,50 @@ +/* + * A library customize models that model the flow of exceptions through the program. + */ + import cpp private import codingstandards.cpp.exceptions.ExceptionFlow /** A `ThrowingExpr` which is the origin of a exceptions in the program. */ abstract class OriginThrowingExpr extends ThrowingExpr { } +/** + * A `FunctionCall` to an external function without an exception specification that * + * may throw an exception. + */ +abstract class ExternalUnderspecifiedFunctionCallThrowingExpr extends FunctionCall, ThrowingExpr { } + +/** + * An extensible predicate that describes functions that when called may throw an exception. + */ +extensible predicate throwingFunctionModel( + string functionNamespaceQualifier, string functionTypeQualifier, string functionName, + string exceptionNamespaceQualifier, string exceptionType +); + +/** + * A `FunctionCall` that may throw an exception of type `ExceptionType` as provded by + * the extensible predicate `throwingFunctionModel`. + */ +private class ExternalFunctionCallThrowingExpr extends FunctionCall, ThrowingExpr { + ExceptionType exceptionType; + + ExternalFunctionCallThrowingExpr() { + exists( + string functionNamespaceQualifier, string functionTypeQualifier, string functionName, + string exceptionNamespaceQualifier, string exceptionTypeSpec + | + throwingFunctionModel(functionNamespaceQualifier, functionTypeQualifier, functionName, + exceptionNamespaceQualifier, exceptionTypeSpec) and + this.getTarget() + .hasQualifiedName(functionNamespaceQualifier, functionTypeQualifier, functionName) and + exceptionType.(Class).hasQualifiedName(exceptionNamespaceQualifier, exceptionTypeSpec) + ) + } + + override ExceptionType getAnExceptionType() { result = exceptionType } +} + /** An expression which directly throws. */ class DirectThrowExprThrowingExpr extends DirectThrowExpr, OriginThrowingExpr { override ExceptionType getAnExceptionType() { result = getExceptionType() } @@ -46,6 +87,10 @@ class FunctionCallThrowingExpr extends FunctionCall, ThrowingExpr { isNoExceptTrue(target) ) ) + or + result = this.(ExternalUnderspecifiedFunctionCallThrowingExpr).getAnExceptionType() + or + result = this.(ExternalFunctionCallThrowingExpr).getAnExceptionType() } } diff --git a/cpp/common/src/ext/stdc++.model.yml b/cpp/common/src/ext/stdc++.model.yml new file mode 100644 index 0000000000..37919dceea --- /dev/null +++ b/cpp/common/src/ext/stdc++.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: codeql/common-cpp-coding-standards + extensible: throwingFunctionModel + data: + - ["std", "basic_string", "append", "std", "out_of_range"] + - ["std", "basic_string", "reserve", "std", "length_error"] \ No newline at end of file diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index ebb90b8fa1..bb698cc9b0 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -3,3 +3,5 @@ version: 2.22.0-dev license: MIT dependencies: codeql/cpp-all: 0.9.3 +dataExtensions: + - ext/*.model.yml \ No newline at end of file From 3413966ce8ee2961a368830b9c364a5bda5ff194 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 13 Feb 2024 12:38:59 -0800 Subject: [PATCH 1626/2573] Add changenote --- change_notes/2024-02-13-fix-fp-a15-4-4.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 change_notes/2024-02-13-fix-fp-a15-4-4.md diff --git a/change_notes/2024-02-13-fix-fp-a15-4-4.md b/change_notes/2024-02-13-fix-fp-a15-4-4.md new file mode 100644 index 0000000000..1afb29fd6a --- /dev/null +++ b/change_notes/2024-02-13-fix-fp-a15-4-4.md @@ -0,0 +1,2 @@ +-`A15-4-4` - `MissingNoExcept.ql`: + - Fix FP reported in #424. Exclude functions calling `std::string::reserve` or `std::string::append` that may throw even if their signatures don't specify it. \ No newline at end of file From b3ff4522b9d99cb969e1e26c7b55126de125326d Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 13 Feb 2024 12:42:32 -0800 Subject: [PATCH 1627/2573] Add test case annotation --- cpp/autosar/test/rules/A15-4-4/test.cpp | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/test/rules/A15-4-4/test.cpp b/cpp/autosar/test/rules/A15-4-4/test.cpp index 2ca6a32e0c..1f9d0d5a85 100644 --- a/cpp/autosar/test/rules/A15-4-4/test.cpp +++ b/cpp/autosar/test/rules/A15-4-4/test.cpp @@ -45,10 +45,12 @@ void test_swap_wrapper() noexcept { swap_wrapper(&a, &b); } -#include #include +#include -std::string test_fp_reported_in_424(const std::string &s1, const std::string &s2) { +std::string test_fp_reported_in_424( + const std::string &s1, + const std::string &s2) { // COMPLIANT - `reserve` and `append` may throw. std::string s3; s3.reserve(s1.size() + s2.size()); s3.append(s1.c_str(), s1.size()); From 02bab284f9509a5be981374b7d5781db44c3a2b3 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 13 Feb 2024 15:26:27 -0800 Subject: [PATCH 1628/2573] Address FN reported in #400 Only using-declaratons are exempt from class- and function-scope use. --- change_notes/2024-02-13-fix-fn-M7-3-6.md | 2 ++ .../rules/M7-3-6/UsingDeclarationsUsedInHeaderFiles.ql | 10 +++++++++- .../M7-3-6/UsingDeclarationsUsedInHeaderFiles.expected | 1 + cpp/autosar/test/rules/M7-3-6/test.h | 6 +++++- 4 files changed, 17 insertions(+), 2 deletions(-) create mode 100644 change_notes/2024-02-13-fix-fn-M7-3-6.md diff --git a/change_notes/2024-02-13-fix-fn-M7-3-6.md b/change_notes/2024-02-13-fix-fn-M7-3-6.md new file mode 100644 index 0000000000..aa86ab6222 --- /dev/null +++ b/change_notes/2024-02-13-fix-fn-M7-3-6.md @@ -0,0 +1,2 @@ +- `M7-3-6` - `UsingDeclarationsUsedInHeaderFiles.ql`: + - Address FN reported in #400. Only using-declarations are exempted from class- and function-scope. \ No newline at end of file diff --git a/cpp/autosar/src/rules/M7-3-6/UsingDeclarationsUsedInHeaderFiles.ql b/cpp/autosar/src/rules/M7-3-6/UsingDeclarationsUsedInHeaderFiles.ql index 84b8c45a86..5a2a1e7b30 100644 --- a/cpp/autosar/src/rules/M7-3-6/UsingDeclarationsUsedInHeaderFiles.ql +++ b/cpp/autosar/src/rules/M7-3-6/UsingDeclarationsUsedInHeaderFiles.ql @@ -28,5 +28,13 @@ predicate isInClassScope(UsingEntry u) { exists(Class c | u.getEnclosingElement( from UsingEntry u where not isExcluded(u, BannedSyntaxPackage::usingDeclarationsUsedInHeaderFilesQuery()) and - (isInHeaderFile(u) and not isInFunctionScope(u) and not isInClassScope(u)) + isInHeaderFile(u) and + ( + u instanceof UsingDeclarationEntry + implies + ( + not isInFunctionScope(u) and + not isInClassScope(u) + ) + ) select u, "Using directive or declaration used in a header file " + u.getFile() + "." diff --git a/cpp/autosar/test/rules/M7-3-6/UsingDeclarationsUsedInHeaderFiles.expected b/cpp/autosar/test/rules/M7-3-6/UsingDeclarationsUsedInHeaderFiles.expected index 23bc5f6560..350c1f0cdc 100644 --- a/cpp/autosar/test/rules/M7-3-6/UsingDeclarationsUsedInHeaderFiles.expected +++ b/cpp/autosar/test/rules/M7-3-6/UsingDeclarationsUsedInHeaderFiles.expected @@ -1 +1,2 @@ | test.h:4:1:4:21 | using namespace std | Using directive or declaration used in a header file test.h. | +| test.h:18:3:18:21 | using namespace std | Using directive or declaration used in a header file test.h. | diff --git a/cpp/autosar/test/rules/M7-3-6/test.h b/cpp/autosar/test/rules/M7-3-6/test.h index 537e8ff3be..1286de2cf9 100644 --- a/cpp/autosar/test/rules/M7-3-6/test.h +++ b/cpp/autosar/test/rules/M7-3-6/test.h @@ -7,11 +7,15 @@ namespace my_namespace { int MY_CONST = 0; }; -int f() { +void f() { using my_namespace::MY_CONST; // COMPLIANT - function scope int x = MY_CONST; } +void test_fn_reported_in_400() { + using namespace std; // NON_COMPLIANT - only using declarations are exempted + // in function scope. +} #endif \ No newline at end of file From 2b9036b24e09bff3b97c39ef6a7c1c4bca7ed668 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Wed, 14 Feb 2024 23:39:26 +0000 Subject: [PATCH 1629/2573] Update change_notes/2023-11-24-a2-7-3-remove-function-scope.md Co-authored-by: Kristen Newbury --- change_notes/2023-11-24-a2-7-3-remove-function-scope.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/change_notes/2023-11-24-a2-7-3-remove-function-scope.md b/change_notes/2023-11-24-a2-7-3-remove-function-scope.md index 95f6f4364a..cfd50f8ab8 100644 --- a/change_notes/2023-11-24-a2-7-3-remove-function-scope.md +++ b/change_notes/2023-11-24-a2-7-3-remove-function-scope.md @@ -1,3 +1,3 @@ - * `A2-7-3` - reduce false positives by: + * `A2-7-3` - `UndocumentedUserDefinedType.ql`: - Excluding declarations in function scope. The rationale is that these declarations are not exposed outside the scope of the function. \ No newline at end of file From 99a94bc27ec895ca7f7224f4e6f5da2e579f1f6d Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Wed, 14 Feb 2024 23:43:48 +0000 Subject: [PATCH 1630/2573] Update change_notes/2023-11-05-m6-5-5-const-refs.md Co-authored-by: Remco Vermeulen --- change_notes/2023-11-05-m6-5-5-const-refs.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/change_notes/2023-11-05-m6-5-5-const-refs.md b/change_notes/2023-11-05-m6-5-5-const-refs.md index 43a8a32503..4069bbfaa8 100644 --- a/change_notes/2023-11-05-m6-5-5-const-refs.md +++ b/change_notes/2023-11-05-m6-5-5-const-refs.md @@ -1,3 +1,3 @@ - * `M6-5-5` + - `M6-5-5`: - Reduce false positives by no longer considering the taking of a const reference as a modification. - Improve detection of non-local modification of loop iteration variables to reduce false positives. \ No newline at end of file From 6b42b934eaffe0e47a4883d9fc17fa26d93d9d8d Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Wed, 14 Feb 2024 23:43:59 +0000 Subject: [PATCH 1631/2573] Update change_notes/2023-11-03-identifier-hiding-improvements.md Co-authored-by: Remco Vermeulen --- change_notes/2023-11-03-identifier-hiding-improvements.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/change_notes/2023-11-03-identifier-hiding-improvements.md b/change_notes/2023-11-03-identifier-hiding-improvements.md index cb0ab410d5..35eca283e3 100644 --- a/change_notes/2023-11-03-identifier-hiding-improvements.md +++ b/change_notes/2023-11-03-identifier-hiding-improvements.md @@ -1,3 +1,3 @@ - * `A2-10-1`, `RULE-5-3` + - `A2-10-1`, `RULE-5-3`: - Reduce false positives by considering point of declaration for local bariables. - Reduce false negatives by considering catch block parameters to be in scope in the catch block. \ No newline at end of file From d3b3e42540b5c22d3324308d66f5f970e2fc7174 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Wed, 14 Feb 2024 23:44:24 +0000 Subject: [PATCH 1632/2573] Update change_notes/2023-10-04-aggregate-literals-from-variadic-templates.md Co-authored-by: Remco Vermeulen --- .../2023-10-04-aggregate-literals-from-variadic-templates.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/change_notes/2023-10-04-aggregate-literals-from-variadic-templates.md b/change_notes/2023-10-04-aggregate-literals-from-variadic-templates.md index f282d92565..7d5c36df93 100644 --- a/change_notes/2023-10-04-aggregate-literals-from-variadic-templates.md +++ b/change_notes/2023-10-04-aggregate-literals-from-variadic-templates.md @@ -1 +1,2 @@ - * `M8-5-2` - recognise aggregate literals initialized with parameters from variadic templates. \ No newline at end of file + `M8-5-2` - `AggregateLiteralEnhancements.qll`: + - recognise aggregate literals initialized with parameters from variadic templates. \ No newline at end of file From 1a7348bf72a1a59ad358ec6fb3fdbc8d07fb9638 Mon Sep 17 00:00:00 2001 From: GitButler Date: Wed, 14 Feb 2024 16:21:27 -0800 Subject: [PATCH 1633/2573] GitButler Integration Commit This is an integration commit for the virtual branches that GitButler is tracking. Due to GitButler managing multiple virtual branches, you cannot switch back and forth between git branches and virtual branches easily. If you switch to another branch, GitButler will need to be reinitialized. If you commit on this branch, GitButler will throw it away. Here are the branches that are currently applied: - rvermeulen/fix-388 (refs/gitbutler/rvermeulen/fix-388) - scripts/release/.venv/lib/python3.11/site-packages/github/PublicKey.py - scripts/release/.venv/lib/python3.11/site-packages/Deprecated-1.2.14.dist-info/WHEEL - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_reqs.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/operations/build/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/resolution/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/requests/help.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/asymmetric/x25519.py - scripts/release/.venv/lib/python3.11/site-packages/_yaml/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/CodeScanAlertInstanceLocation.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/install_headers.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/more_itertools/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/tomli/_parser.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/ciphers/modes.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/metadata/_json.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/appdirs.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/config/_validate_pyproject/extra_validations.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/resolvelib/providers.py - scripts/release/.venv/lib/python3.11/site-packages/github/Plan.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/actions.py - scripts/release/.venv/lib/python3.11/site-packages/github/PullRequestReview.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/commands/freeze.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/box.py - scripts/release/.venv/lib/python3.11/site-packages/certifi/py.typed - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/alias.py - scripts/release/.venv/lib/python3.11/site-packages/GitPython-3.1.36.dist-info/INSTALLER - cpp/autosar/test/rules/M0-1-4/test_member.cpp - scripts/release/.venv/lib/python3.11/site-packages/github/Team.pyi - scripts/release/.venv/lib/python3.11/site-packages/certifi-2023.11.17.dist-info/top_level.txt - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/platformdirs/unix.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/syntax.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/_base_connection.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/platformdirs/windows.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_resources/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/BranchProtection.pyi - scripts/release/.venv/lib/python3.11/site-packages/github/Project.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/cli/progress_bars.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools-67.6.1.dist-info/RECORD - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip-23.2.1.dist-info/WHEEL - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/file_util.py - scripts/release/.venv/lib/python3.11/site-packages/jwt/jwks_client.py - cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/openssl/x448.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/idna-3.4.dist-info/INSTALLER - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/commands/debug.py - scripts/release/.venv/lib/python3.11/site-packages/github/Repository.pyi - scripts/release/.venv/lib/python3.11/site-packages/_pytest/warnings.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/t64.exe - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/_musllinux.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/asymmetric/utils.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/msvccompiler.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/wait.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/resolvelib/reporters.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/_io/wcwidth.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/abc.py - scripts/release/.venv/bin/pytest - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/importlib_resources/readers.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/resolvelib/structs.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_importlib.py - scripts/release/.venv/lib/python3.11/site-packages/git/index/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/core.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/wait.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/webencodings/mklabels.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/progress_bar.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/_collections.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/traceback.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/json.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography-41.0.5.dist-info/LICENSE - scripts/release/.venv/lib/python3.11/site-packages/github/StatsParticipation.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/specifiers.py - scripts/release/.venv/lib/python3.11/site-packages/smmap-5.0.1.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/gitdb-4.0.11.dist-info/LICENSE - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/langhungarianmodel.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/filters/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/Milestone.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_metadata/_itertools.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/launcher manifest.xml - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/commands/check.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/doctest.py - scripts/release/.venv/lib/python3.11/site-packages/pycparser/plyparser.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/build_clib.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/certifi/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/models/scheme.py - scripts/release/.venv/lib/python3.11/site-packages/github/Project.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/requests/__version__.py - scripts/release/.venv/lib/python3.11/site-packages/certifi-2023.11.17.dist-info/LICENSE - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/msvc9compiler.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/exceptions.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_resources/_common.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/bdist_egg.py - scripts/release/.venv/lib/python3.11/site-packages/wrapt/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/Event.pyi - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/platformdirs/__main__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/resolution/base.py - scripts/release/.venv/lib/python3.11/site-packages/github/PullRequestComment.py - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer/constant.py - scripts/release/.venv/lib/python3.11/site-packages/smmap/test/test_util.py - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer-3.3.2.dist-info/top_level.txt - scripts/release/.venv/lib/python3.11/site-packages/packaging/specifiers.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/index/sources.py - scripts/release/.venv/lib/python3.11/site-packages/git/objects/base.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distro/distro.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/wheel.py - scripts/release/.venv/lib/python3.11/site-packages/github/StatsCommitActivity.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/operations/install/editable_legacy.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/more_itertools/more.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/cli/base_command.py - scripts/release/.venv/lib/python3.11/site-packages/github/Membership.pyi - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer-3.3.2.dist-info/LICENSE - scripts/release/.venv/lib/python3.11/site-packages/pycparser-2.21.dist-info/top_level.txt - scripts/release/.venv/lib/python3.11/site-packages/github/Permissions.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/panel.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/jaraco/functools.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/openssl/dh.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/req/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/kdf/pbkdf2.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_resources/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pluggy-1.3.0.dist-info/METADATA - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/tests/isatty_test.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/_musllinux.py - scripts/release/.venv/lib/python3.11/site-packages/cffi-1.16.0.dist-info/top_level.txt - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/models/installation_report.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/fields.py - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer/md.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/jaraco/text/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer/models.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/status.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/live_render.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/certifi-2023.7.22.dist-info/RECORD - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/euctwprober.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/util/response.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/packaging.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/wheel_builder.py - scripts/release/.venv/lib/python3.11/site-packages/github/Path.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_entry_points.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/terminal_theme.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/metadata/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/runner.py - scripts/release/.venv/lib/python3.11/site-packages/cffi/_embedding.h - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/_log.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/_structures.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pytest-7.4.3.dist-info/entry_points.txt - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/extern/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/wait.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/ciphers/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/idna/idnadata.py - scripts/release/.venv/lib/python3.11/site-packages/github/AccessToken.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/idna/codec.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/initialise.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/t64.exe - scripts/release/.venv/lib/python3.11/site-packages/_pytest/_code/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pyproject_hooks/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/stop.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/glob.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/version.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/tomli/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/requests/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/connection.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/_version.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pkg_resources/py31compat.py - scripts/release/.venv/lib/python3.11/site-packages/github/Plan.pyi - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_itertools.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/exceptions.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/openssl/poly1305.pyi - scripts/release/.venv/lib/python3.11/site-packages/_pytest/pytester.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/connectionpool.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/bindings/crypto_secretbox.py - scripts/release/.venv/lib/python3.11/site-packages/pycparser/_build_tables.py - scripts/release/.venv/lib/python3.11/site-packages/github/IssueComment.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/langgreekmodel.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/caches/file_cache.py - scripts/release/.venv/lib/python3.11/site-packages/PyNaCl-1.5.0.dist-info/METADATA - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/logging.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/operations/build/wheel_legacy.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/platformdirs/android.py - scripts/release/.venv/lib/python3.11/site-packages/PyGithub-1.59.1.dist-info/METADATA - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/install.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/util/url.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/ocsp.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_stack.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/models/wheel.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/gui-32.exe - scripts/release/.venv/lib/python3.11/site-packages/iniconfig-2.0.0.dist-info/RECORD - scripts/release/.venv/lib/python3.11/site-packages/packaging-23.2.dist-info/WHEEL - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/datetime.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/logging.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/operations/build/metadata.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/pretty.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/requirements.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/asymmetric/x448.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/misc.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/platformdirs/__main__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/found_candidates.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/_asymmetric.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/metadata/importlib/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer/api.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/console.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/tests/winterm_test.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/certifi/core.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/discovery.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/GitBlob.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/jaraco/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/openssl/__init__.pyi - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_metadata/_functools.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/build_clib.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/commands/list.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/platformdirs/android.py - scripts/release/.venv/lib/python3.11/site-packages/git/index/typ.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools-67.6.1.dist-info/LICENSE - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/unicode.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/commands/configuration.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/lexers/_mapping.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/script.tmpl - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/cli/status_codes.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/kdf/hkdf.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/abc.py - scripts/release/.venv/lib/python3.11/site-packages/pluggy/_hooks.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/contrib/_appengine_environ.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/jaraco/text/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography-41.0.5.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/pip-23.0.1.dist-info/LICENSE.txt - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/cp949prober.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/installer.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/mbcharsetprober.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/dist.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/commands/search.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/contrib/securetransport.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/upload.py - scripts/release/.venv/lib/python3.11/site-packages/github/Rate.py - scripts/release/.venv/lib/python3.11/site-packages/pycparser-2.21.dist-info/INSTALLER - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/win32.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/windows_support.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/requests/compat.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/typing_extensions.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/resolvelib/compat/collections_abc.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/resolution/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/commands/download.py - scripts/release/.venv/lib/python3.11/site-packages/wrapt/arguments.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/vcs/git.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/dep_util.py - scripts/release/.venv/lib/python3.11/site-packages/git/refs/tag.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/_structures.py - scripts/release/.venv/lib/python3.11/site-packages/git/refs/head.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/req/req_set.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/jaraco/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/_cffi_backend.cpython-311-darwin.so - scripts/release/.venv/lib/python3.11/site-packages/github/GitCommit.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/gui.exe - scripts/release/.venv/lib/python3.11/site-packages/setuptools-67.6.1.dist-info/entry_points.txt - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/connectionpool.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/found_candidates.py - scripts/release/.venv/lib/python3.11/site-packages/github/RepositoryAdvisoryVulnerabilityPackage.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/filters/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/requests/hooks.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/self_outdated_check.py - scripts/release/.venv/lib/python3.11/site-packages/idna/compat.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/macromanprober.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/webencodings/labels.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/build_ext.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/pyproject.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/scope.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/poly1305.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/diagram/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/cli/chardetect.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/asymmetric/ec.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/scope.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/appdirs.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_path.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/control.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/urls.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/metadata/importlib/_envs.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/platformdirs/version.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/backends/openssl/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/HookResponse.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/cells.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/util/url.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/winterm.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/cli/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/HookDescription.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/req/req_set.py - scripts/release/.venv/lib/python3.11/site-packages/PyYAML-6.0.1.dist-info/REQUESTED - scripts/release/.venv/lib/python3.11/site-packages/gitdb/const.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/util.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/cli/command_context.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer/legacy.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools-67.6.1.dist-info/INSTALLER - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/pyproject.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/exceptions.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/w32.exe - scripts/release/.venv/lib/python3.11/site-packages/requests/__version__.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/util/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/filesize.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/idna/uts46data.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/t32.exe - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/idna/py.typed - scripts/release/.venv/lib/python3.11/site-packages/jwt/api_jwt.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/backends/openssl/backend.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/install_egg_info.py - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer-3.3.2.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/github/GistComment.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/t64-arm.exe - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/langturkishmodel.py - scripts/release/.venv/bin/python3.11 - scripts/release/.venv/lib/python3.11/site-packages/gitdb/db/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/requests/certs.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/utf1632prober.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/sbcsgroupprober.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/resolution/legacy/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/lexers/_mapping.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/bdist.py - scripts/release/.venv/lib/python3.11/site-packages/github/CheckSuite.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/network/cache.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/sdist.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/pangomarkup.py - scripts/release/.venv/lib/python3.11/site-packages/jwt/utils.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/util.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/setupplan.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/bindings/utils.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/locators.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/theme.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/contrib/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/cygwinccompiler.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/webencodings/x_user_defined.py - scripts/release/.venv/lib/python3.11/site-packages/requests-2.31.0.dist-info/INSTALLER - scripts/release/.venv/lib/python3.11/site-packages/github/RepositoryAdvisoryCreditDetailed.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/tags.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/logging.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/debugging.py - scripts/release/.venv/lib/python3.11/site-packages/github/SelfHostedActionsRunner.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/util.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/region.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_windows_renderer.py - scripts/release/.venv/lib/python3.11/site-packages/PyNaCl-1.5.0.dist-info/WHEEL - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_resources/_compat.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer/py.typed - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/sandbox.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/install_scripts.py - scripts/release/.venv/lib/python3.11/site-packages/github/EnvironmentProtectionRuleReviewer.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/distributions/wheel.py - scripts/release/.venv/lib/python3.11/site-packages/cffi/commontypes.py - scripts/release/.venv/lib/python3.11/site-packages/jwt/algorithms.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/contrib/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/util/retry.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_wrap.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/idna-3.4.dist-info/RECORD - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/idna/intranges.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/idna/compat.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/operations/prepare.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/cli/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/req/req_install.py - scripts/release/.venv/lib/python3.11/site-packages/github/Team.py - scripts/release/.venv/lib/python3.11/site-packages/pluggy/py.typed - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/codingstatemachine.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/terminal_theme.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/wait.py - scripts/release/.venv/lib/python3.11/site-packages/semantic_version-2.10.0.dist-info/top_level.txt - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/johabfreq.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/chardistribution.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/prompt.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/bindings/crypto_shorthash.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/contrib/securetransport.py - scripts/release/.venv/lib/python3.11/site-packages/PyJWT-2.8.0.dist-info/RECORD - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/request.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/idna/core.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/extension.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/commands/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/candidates.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/operations/install/editable_legacy.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/resolution/base.py - scripts/release/.venv/lib/python3.11/site-packages/github/Notification.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools-67.6.1.dist-info/top_level.txt - scripts/release/.venv/lib/python3.11/site-packages/jwt/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/util/retry.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_timer.py - scripts/release/.venv/lib/python3.11/site-packages/cffi/api.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography-41.0.5.dist-info/LICENSE.BSD - scripts/release/.venv/lib/python3.11/site-packages/idna/package_data.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/index/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/cffi/verifier.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/util.py - scripts/release/.venv/lib/python3.11/site-packages/github/NamedUser.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests/status_codes.py - scripts/release/.venv/lib/python3.11/site-packages/github/PullRequestPart.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/certifi/cacert.pem - scripts/release/.venv/lib/python3.11/site-packages/setuptools/dist.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/_py/error.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/markup.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/models/selection_prefs.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/adapter.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/dist_info.py - scripts/release/.venv/lib/python3.11/site-packages/wrapt-1.16.0.dist-info/top_level.txt - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/measure.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/serialize.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/py.typed - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_extension.py - scripts/release/.venv/lib/python3.11/site-packages/packaging-23.2.dist-info/LICENSE.APACHE - scripts/release/.venv/lib/python3.11/site-packages/github/StatsCodeFrequency.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/semantic_version-2.10.0.dist-info/WHEEL - scripts/release/.venv/lib/python3.11/site-packages/nacl/bindings/crypto_secretstream.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/operations/build/metadata_legacy.py - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer/py.typed - scripts/release/.venv/lib/python3.11/site-packages/github/PullRequestPart.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/secret.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_inspect.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/check.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/diagram/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/ProjectCard.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/_macos_compat.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/metadata/pkg_resources.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/config/_validate_pyproject/error_reporting.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/urls.py - scripts/release/.venv/lib/python3.11/site-packages/requests/models.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/utils/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/exceptions.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography-41.0.5.dist-info/INSTALLER - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_metadata/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/metadata/importlib/_compat.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/util/ssl_match_hostname.py - scripts/release/.venv/lib/python3.11/site-packages/pycparser/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/config/pyprojecttoml.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/requests/help.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3-2.0.4.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/pytest-7.4.3.dist-info/REQUESTED - scripts/release/.venv/lib/python3.11/site-packages/github/GitTag.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/manifest.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/importlib_resources/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/cli/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/gb2312prober.py - scripts/release/.venv/lib/python3.11/site-packages/github/InputFileContent.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/py38compat.py - scripts/release/.venv/lib/python3.11/site-packages/semantic_version/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/nap.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/commands/install.py - scripts/release/.venv/lib/python3.11/site-packages/pip/__main__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/models/link.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/requirements.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/certifi-2023.7.22.dist-info/WHEEL - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/dir_util.py - scripts/release/.venv/lib/python3.11/site-packages/distutils-precedence.pth - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/cmd.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/vcs/versioncontrol.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests/_internal_utils.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pyproject_hooks/_in_process/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_itertools.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer/md__mypyc.cpython-311-darwin.so - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/sjisprober.py - scripts/release/.venv/lib/python3.11/site-packages/github/WorkflowRun.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_spinners.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/jupyter.py - scripts/release/.venv/bin/py.test - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/zipp.py - scripts/release/.venv/lib/python3.11/site-packages/yaml/representer.py - scripts/release/.venv/lib/python3.11/site-packages/github/Consts.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/scripts.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/rule.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/contrib/_securetransport/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/inject_securetransport.py - scripts/upgrade-codeql-dependencies/.venv/bin/normalizer - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_windows.py - scripts/release/.venv/bin/pip - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/logging.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/cli/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/Label.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/tomli/_types.py - scripts/release/.venv/lib/python3.11/site-packages/github/GitTreeElement.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/themes.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/commands/uninstall.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/tests/utils.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/packages/six.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/sysconfig.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/build.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/mbcharsetprober.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/capture.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/filelist.py - scripts/release/.venv/lib/python3.11/site-packages/GitPython-3.1.36.dist-info/top_level.txt - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/ssl_.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography-41.0.5.dist-info/RECORD - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/rule.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/certifi/core.py - scripts/release/.venv/lib/python3.11/site-packages/github/CodeScanAlertInstance.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/install_scripts.py - scripts/release/.venv/lib/python3.11/site-packages/github/GistFile.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/operations/build/wheel.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/__init__.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/resolvelib/resolvers.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/importlib_resources/simple.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/commands/list.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/idna/idnadata.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools-67.6.1.dist-info/RECORD - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/build_py.py - scripts/release/.venv/lib/python3.11/site-packages/git/objects/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests-2.31.0.dist-info/RECORD - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/gb2312freq.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/launcher manifest.xml - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/commands/cache.py - scripts/release/.venv/bin/normalizer - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/tomli/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/cli-64.exe - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/escprober.py - scripts/release/.venv/lib/python3.11/site-packages/packaging/_musllinux.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/index.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/build.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/jpcntx.py - scripts/release/.venv/lib/python3.11/site-packages/smmap/test/lib.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/certifi-2023.7.22.dist-info/INSTALLER - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer/md__mypyc.cpython-311-darwin.so - scripts/release/.venv/lib/python3.11/site-packages/PyYAML-6.0.1.dist-info/top_level.txt - scripts/release/.venv/lib/python3.11/site-packages/smmap/test/test_tutorial.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/py.typed - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/_log.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/egg_link.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/util/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/models/index.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_resources/_legacy.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/constrain.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/connectionpool.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/wheel.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/exceptions.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/resolvelib/compat/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/charsetgroupprober.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/pwhash/_argon2.py - scripts/release/.venv/lib/python3.11/site-packages/github/GistFile.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/certifi/py.typed - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/platformdirs/macos.py - scripts/release/.venv/lib/python3.11/site-packages/cffi/vengine_gen.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/encoding.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/build.py - scripts/release/.venv/lib/python3.11/site-packages/requests/status_codes.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/config/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/cli/progress_bars.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/Download.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/egg_info.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/db/base.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/packages/backports/weakref_finalize.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/langhebrewmodel.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/tornadoweb.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/highlighter.py - scripts/release/.venv/lib/python3.11/site-packages/certifi-2023.11.17.dist-info/INSTALLER - scripts/release/.venv/lib/python3.11/site-packages/_pytest/faulthandler.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/contrib/_securetransport/low_level.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/commands/debug.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/asymmetric/dh.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust.abi3.so - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/debug.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/commands/freeze.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/langbulgarianmodel.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/fancy_getopt.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests/cookies.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/PullRequestComment.pyi - scripts/release/.venv/lib/python3.11/site-packages/github/ApplicationOAuth.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools-67.6.1.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/github/CommitStats.pyi - scripts/release/.venv/lib/python3.11/site-packages/github/PullRequest.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/test/test_example.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/network/xmlrpc.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/filepost.py - scripts/upgrade-codeql-dependencies/.venv/pyvenv.cfg - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/util/wait.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/commands/completion.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_log_render.py - scripts/release/.venv/lib/python3.11/site-packages/smmap/buf.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/launch.py - scripts/release/.venv/lib/python3.11/site-packages/github/GistComment.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/utils.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/operations/check.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/platformdirs/macos.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/setopt.py - scripts/release/.venv/lib/python3.11/site-packages/git/objects/tag.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/cli/main.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distro/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/more_itertools/recipes.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/utf8prober.py - scripts/release/.venv/lib/python3.11/site-packages/github/RequiredStatusChecks.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/padding.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/py34compat.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/ciphers/base.py - scripts/release/.venv/lib/python3.11/site-packages/git/repo/fun.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/packages/six.py - scripts/release/.venv/lib/python3.11/site-packages/github/Tag.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/legacypath.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/misc.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/filesystem.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/big5freq.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/chardistribution.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/fields.py - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer-3.3.2.dist-info/entry_points.txt - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/markers.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/virtualenv.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/temp_dir.py - scripts/release/.venv/lib/python3.11/site-packages/py.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/certifi/core.py - scripts/release/.venv/lib/python3.11/site-packages/jwt/py.typed - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/retry.py - scripts/release/.venv/lib/python3.11/site-packages/pytest-7.4.3.dist-info/WHEEL - scripts/release/.venv/lib/python3.11/site-packages/git/objects/submodule/root.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/operations/freeze.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/assertion/truncate.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/compatibility_tags.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/distutils_args.py - scripts/release/.venv/bin/activate.csh - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/pager.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/markers.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/bbcode.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/openssl/binding.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_metadata/_py39compat.py - scripts/release/.venv/lib/python3.11/site-packages/github/PullRequestMergeStatus.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/distributions/installed.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/_structures.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/commands/install.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/direct_url_helpers.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/depends.py - scripts/upgrade-codeql-dependencies/.venv/bin/activate.csh - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/configuration.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_metadata/_text.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/zipp.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/fun.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/dep_util.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/console.py - scripts/release/.venv/lib/python3.11/site-packages/github/Hook.py - scripts/release/.venv/lib/python3.11/site-packages/cffi/_shimmed_dist_utils.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/helpconfig.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/constrain.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/commands/inspect.py - scripts/release/.venv/lib/python3.11/site-packages/smmap-5.0.1.dist-info/WHEEL - scripts/release/.venv/lib/python3.11/site-packages/cffi/_imp_emulation.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/big5freq.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/setopt.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/exc.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/factory.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/_collections.py - scripts/release/.venv/lib/python3.11/site-packages/github/CommitComment.pyi - scripts/release/.venv/lib/python3.11/site-packages/git/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_metadata/_py39compat.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/operations/check.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/operations/build/metadata_editable.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/metadata/importlib/_compat.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/editable_wheel.py - scripts/release/.venv/lib/python3.11/site-packages/pip-23.0.1.dist-info/METADATA - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/operations/build/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pycparser/ply/ygen.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/network/lazy_wheel.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/status.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/specifiers.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/package_index.py - scripts/release/.venv/lib/python3.11/site-packages/pycparser-2.21.dist-info/LICENSE - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/locations/base.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/metadata/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/metadata/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/StatsCodeFrequency.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/util.py - scripts/release/.venv/lib/python3.11/site-packages/github/DeploymentStatus.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/svg.py - scripts/release/.venv/lib/python3.11/site-packages/wrapt/__wrapt__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/filetypes.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/freeze_support.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/msgpack/ext.py - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer/version.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/idna/package_data.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/config/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/cli.exe - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/PyGithub-1.59.1.dist-info/COPYING.LESSER - scripts/release/.venv/lib/python3.11/site-packages/github/Organization.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/resolvelib/structs.py - scripts/release/.venv/lib/python3.11/site-packages/github/Tag.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/msvc9compiler.py - scripts/release/.venv/lib/python3.11/site-packages/deprecated/classic.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/importlib_resources/_common.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/openssl/ed448.pyi - scripts/release/.venv/lib/python3.11/site-packages/github/Referrer.pyi - scripts/release/.venv/lib/python3.11/site-packages/certifi/cacert.pem - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/packages/backports/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/RepositoryKey.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/cli/req_command.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/more_itertools/more.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_export_format.py - scripts/release/.venv/bin/pip3.11 - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/network/session.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/fields.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/config.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/request.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_resources/abc.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/logging.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/hash.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_normalization.py - scripts/release/.venv/lib/python3.11/site-packages/git/objects/submodule/util.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/jisfreq.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/__main__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_ratio.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/build_py.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/discovery.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/other.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/retry.py - scripts/release/.venv/lib/python3.11/site-packages/github/StatsPunchCard.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/emoji.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/latin1prober.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/padding.py - scripts/release/.venv/lib/python3.11/site-packages/github/CodeScanAlert.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/util/util.py - scripts/release/.venv/lib/python3.11/site-packages/GitPython-3.1.36.dist-info/WHEEL - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distro/distro.py - scripts/release/.venv/lib/python3.11/site-packages/github/CodeScanAlertInstanceLocation.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/openssl/_conditional.py - scripts/release/.venv/lib/python3.11/site-packages/git/cmd.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/color_triplet.py - scripts/release/.venv/lib/python3.11/site-packages/github/AuthorizationApplication.pyi - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/_serialization.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pytest-7.4.3.dist-info/RECORD - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/util/ssl_match_hostname.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/_manylinux.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/models/__init__.py - scripts/upgrade-codeql-dependencies/.venv/bin/pip - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_entry_points.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer/md.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/dep_util.py - scripts/release/.venv/lib/python3.11/site-packages/github/CheckRunAnnotation.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/_cmd.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/subprocess.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/tomli/_re.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/specifiers.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/gb2312freq.py - scripts/release/.venv/lib/python3.11/site-packages/pip-23.0.1.dist-info/INSTALLER - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/certifi-2023.7.22.dist-info/METADATA - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/operations/install/wheel.py - scripts/release/.venv/lib/python3.11/site-packages/packaging/_elffile.py - scripts/release/.venv/lib/python3.11/site-packages/github/Commit.pyi - scripts/release/.venv/lib/python3.11/site-packages/github/ProjectColumn.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/universaldetector.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/util/timeout.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/eucjpprober.py - scripts/release/.venv/lib/python3.11/site-packages/requests/help.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/config/_validate_pyproject/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/table.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/markers.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/packages/backports/makefile.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_export_format.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb-4.0.11.dist-info/WHEEL - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests/__version__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/locations/base.py - scripts/release/.venv/lib/python3.11/site-packages/github/Invitation.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/install.py - scripts/release/.venv/lib/python3.11/site-packages/pluggy/_tracing.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/protocol.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/tests/utils.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/enums.py - scripts/release/.venv/lib/python3.11/site-packages/github/GithubObject.py - scripts/release/.venv/lib/python3.11/site-packages/github/GitAuthor.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/platformdirs/windows.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/operations/build/wheel.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools-67.6.1.dist-info/INSTALLER - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/response.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/req/req_file.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/lexer.py - scripts/release/.venv/lib/python3.11/site-packages/git/objects/fun.py - scripts/release/.venv/lib/python3.11/site-packages/requests/cookies.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/progress.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/register.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/bindings/randombytes.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/requirements.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/kdf/x963kdf.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_resources/_common.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/tags.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/compat.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/idna/core.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/cli/parser.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/req/req_uninstall.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/_parser.py - scripts/release/.venv/lib/python3.11/site-packages/smmap/test/test_mman.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/bdist_dumb.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/unraisableexception.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/util/ssltransport.py - scripts/release/.venv/lib/python3.11/site-packages/github/GitTree.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/langbulgarianmodel.py - scripts/release/.venv/lib/python3.11/site-packages/github/PullRequestMergeStatus.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer-3.2.0.dist-info/WHEEL - scripts/release/.venv/lib/python3.11/site-packages/iniconfig/_version.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/stop.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_resources/_itertools.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distro/__main__.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/importlib_resources/_legacy.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/requests/sessions.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/bdist.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/_musllinux.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/namespaces.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/stepwise.py - scripts/release/.venv/lib/python3.11/site-packages/packaging/_parser.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_metadata/_text.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/req/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/iniconfig/_parse.py - scripts/release/.venv/lib/python3.11/site-packages/github/License.py - scripts/release/.venv/lib/python3.11/site-packages/github/CommitStatus.pyi - scripts/release/.venv/lib/python3.11/site-packages/github/CWE.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip-23.2.1.dist-info/METADATA - scripts/release/.venv/bin/python3 - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/locations/_sysconfig.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_normalization.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/_collections.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/bindings/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/hebrewprober.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/install_scripts.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/webencodings/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/pack.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/metadata/importlib/_envs.py - scripts/release/.venv/lib/python3.11/site-packages/cffi/backend_ctypes.py - scripts/release/.venv/lib/python3.11/site-packages/github/IssuePullRequest.pyi - scripts/release/.venv/lib/python3.11/site-packages/setuptools/config/_validate_pyproject/fastjsonschema_exceptions.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/nose.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/platformdirs/unix.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/scope.py - scripts/release/.venv/lib/python3.11/site-packages/github/GithubIntegration.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/msgpack/fallback.py - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer/utils.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/cells.py - scripts/release/.venv/lib/python3.11/site-packages/smmap-5.0.1.dist-info/top_level.txt - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/_cmd.py - scripts/release/.venv/lib/python3.11/site-packages/github/GitCommit.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/six.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/config.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/idna/idnadata.py - scripts/release/.venv/lib/python3.11/site-packages/github/Rate.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/certifi/cacert.pem - scripts/release/.venv/lib/python3.11/site-packages/github/RepositoryKey.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/sphinxext.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/upload.py - scripts/release/.venv/lib/python3.11/site-packages/requests/utils.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/idna/intranges.py - scripts/release/.venv/lib/python3.11/site-packages/packaging/requirements.py - scripts/release/.venv/bin/activate.fish - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/models.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/metadata/languages.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/skipping.py - scripts/release/.venv/lib/python3.11/site-packages/packaging/_structures.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/models.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/url.py - scripts/release/.venv/lib/python3.11/site-packages/certifi-2023.11.17.dist-info/RECORD - scripts/release/.venv/lib/python3.11/site-packages/git/compat.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pyproject_hooks/_in_process/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/build_py.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/msgpack/ext.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/region.py - scripts/release/.venv/lib/python3.11/site-packages/github/HookDescription.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/operations/prepare.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/models/format_control.py - scripts/release/.venv/lib/python3.11/site-packages/yaml/events.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/webencodings/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/requests/status_codes.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/index.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/idna-3.4.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/github/StatsContributor.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/modeline.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/serialization/base.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/backends/openssl/cmac.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/asymmetric/rsa.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/util.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/exceptions.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/x509/ocsp.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/tornadoweb.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/align.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/serialization/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_metadata/_compat.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/cache.py - scripts/release/.venv/lib/python3.11/site-packages/packaging/_manylinux.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/jaraco/context.py - scripts/release/.venv/lib/python3.11/site-packages/git/repo/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/ccompiler.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/main.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/prompt.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/more_itertools/recipes.py - scripts/release/.venv/lib/python3.11/site-packages/requests/sessions.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/cli/chardetect.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/_parser.py - scripts/release/.venv/lib/python3.11/site-packages/github/EnvironmentDeploymentBranchPolicy.py - scripts/release/.venv/lib/python3.11/site-packages/PyGithub-1.59.1.dist-info/WHEEL - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/script.tmpl - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/build_meta.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/packages/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/install_lib.py - scripts/release/.venv/bin/activate - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer/constant.py - scripts/release/.venv/lib/python3.11/site-packages/github/InputGitAuthor.py - scripts/release/.venv/lib/python3.11/site-packages/github/StatsPunchCard.py - scripts/release/.venv/lib/python3.11/site-packages/smmap/test/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/zipp.py - scripts/build_test_database.py - scripts/release/.venv/lib/python3.11/site-packages/github/BranchProtection.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_resources/_adapters.py - scripts/release/.venv/lib/python3.11/site-packages/cffi-1.16.0.dist-info/INSTALLER - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/hebrewprober.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/charsetgroupprober.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/namespaces.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/commands/inspect.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/typing_extensions.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/retry.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/sysconfig.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/glibc.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/msgpack/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/utf1632prober.py - scripts/release/.venv/lib/python3.11/site-packages/git/util.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/platformdirs/android.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/sjisprober.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_win32_console.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/typing_extensions.py - scripts/release/.venv/lib/python3.11/site-packages/github/GitignoreTemplate.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/filter.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/bdist_rpm.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/config/argparsing.py - scripts/upgrade-codeql-dependencies/.venv/bin/activate - scripts/release/.venv/lib/python3.11/site-packages/github/InputFileContent.py - scripts/release/.venv/lib/python3.11/site-packages/git/index/base.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/certifi/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/CheckRun.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/idna/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip-23.2.1.dist-info/REQUESTED - scripts/release/.venv/lib/python3.11/site-packages/Deprecated-1.2.14.dist-info/INSTALLER - scripts/release/.venv/lib/python3.11/site-packages/cffi/error.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/locations/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/git/types.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_metadata/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/utils.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/typing_extensions.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/temp_dir.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/w64.exe - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/proxy.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/twofactor/hotp.py - scripts/release/.venv/lib/python3.11/site-packages/cffi/cffi_opcode.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/_collections.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/caches/redis_cache.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/results.py - scripts/release/.venv/lib/python3.11/site-packages/github/MainClass.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/glob.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/util/connection.py - scripts/release/.venv/lib/python3.11/site-packages/git/index/util.py - scripts/release/.venv/lib/python3.11/site-packages/github/AuthenticatedUser.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/resolution/legacy/resolver.py - scripts/release/.venv/lib/python3.11/site-packages/github/CommitCombinedStatus.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/bdist_rpm.py - scripts/release/.venv/lib/python3.11/site-packages/cffi-1.16.0.dist-info/RECORD - scripts/release/.venv/lib/python3.11/site-packages/github/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/cli-arm64.exe - scripts/release/.venv/lib/python3.11/site-packages/git/repo/base.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/fancy_getopt.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/escprober.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/cli/autocompletion.py - scripts/release/.venv/lib/python3.11/site-packages/github/WorkflowJob.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer/cd.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/requests/sessions.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/windows_support.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/winterm.py - scripts/release/.venv/lib/python3.11/site-packages/smmap-5.0.1.dist-info/RECORD - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/virtualenv.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/semantic_version/django_fields.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/config/setupcfg.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/distributions/installed.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/constant_time.py - scripts/release/.venv/lib/python3.11/site-packages/cffi-1.16.0.dist-info/WHEEL - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/html.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/requirements.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/jaraco/functools.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/initialise.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/requests/utils.py - scripts/release/.venv/lib/python3.11/site-packages/yaml/composer.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/index/package_finder.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/langrussianmodel.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/requests/exceptions.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_deprecation_warning.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/util/ssltransport.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/upload_docs.py - scripts/release/.venv/lib/python3.11/site-packages/yaml/resolver.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/_mapping.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/Authorization.py - scripts/release/.venv/lib/python3.11/site-packages/github/StatsContributor.pyi - scripts/release/.venv/lib/python3.11/site-packages/idna-3.4.dist-info/RECORD - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/main.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_win32_console.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_emoji_replace.py - scripts/upgrade-codeql-dependencies/.venv/bin/Activate.ps1 - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/containers.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/packaging-23.2.dist-info/LICENSE.BSD - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/langrussianmodel.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb-4.0.11.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/_pytest/python_api.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/sbcharsetprober.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/_tokenizer.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/big5prober.py - scripts/release/.venv/lib/python3.11/site-packages/github/CommitCombinedStatus.pyi - scripts/release/.venv/lib/python3.11/site-packages/nacl/exceptions.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/vcs/git.py - scripts/release/.venv/lib/python3.11/site-packages/github/RepositoryPreferences.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/img.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/wheel.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/pager.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/typ.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/assertion/rewrite.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/ciphers/aead.py - scripts/release/.venv/lib/python3.11/site-packages/PyYAML-6.0.1.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/ansi.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/helpers.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/install_lib.py - scripts/release/.venv/lib/python3.11/site-packages/yaml/scanner.py - scripts/release/.venv/lib/python3.11/site-packages/github/RepositoryAdvisoryCredit.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/models/wheel.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/wheel_builder.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_loop.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/poolmanager.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/euctwprober.py - scripts/release/.venv/lib/python3.11/site-packages/cffi-1.16.0.dist-info/entry_points.txt - scripts/release/.venv/lib/python3.11/site-packages/_pytest/_py/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/idna/idnadata.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/__main__.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/asymmetric/ed448.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/requests/__version__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/unpacking.py - scripts/release/.venv/lib/python3.11/site-packages/packaging-23.2.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/styles/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/PyGithub-1.59.1.dist-info/REQUESTED - scripts/release/.venv/lib/python3.11/site-packages/jwt/exceptions.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/GithubApp.py - scripts/release/.venv/lib/python3.11/site-packages/github/TeamDiscussion.pyi - scripts/release/.venv/lib/python3.11/site-packages/nacl/bindings/crypto_aead.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/_argcomplete.py - scripts/release/.venv/lib/python3.11/site-packages/semantic_version/base.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/cli/main_parser.py - scripts/release/.venv/lib/python3.11/site-packages/github/WorkflowRun.py - scripts/release/.venv/lib/python3.11/site-packages/pycparser/ply/lex.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/platformdirs/api.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/cli/cmdoptions.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/filepost.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/config/_apply_pyprojecttoml.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/register.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/locations/_distutils.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/poolmanager.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/markers.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/ansi.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/editable_wheel.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/common.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/saveopts.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/semantic_version/base.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/cli/spinners.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/platformdirs/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/x509/base.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/tags.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/version.py - scripts/release/.venv/lib/python3.11/site-packages/cffi/setuptools_ext.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/certifi-2023.7.22.dist-info/LICENSE - scripts/release/.venv/lib/python3.11/site-packages/wrapt-1.16.0.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/setuptools/errors.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/spinner.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_palettes.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/table.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/tomli/_types.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/network/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/contrib/pyopenssl.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests-2.31.0.dist-info/INSTALLER - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/register.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/requirements.py - scripts/release/.venv/lib/python3.11/site-packages/pluggy/_callers.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/util.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/metadata.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/latin1prober.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/connectionpool.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/utils.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/w64-arm.exe - scripts/release/.venv/lib/python3.11/site-packages/_pytest/pathlib.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/configuration.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/importlib_resources/_adapters.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/platformdirs/macos.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/PublicKey.pyi - scripts/release/.venv/lib/python3.11/site-packages/certifi-2023.11.17.dist-info/WHEEL - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/filewrapper.py - scripts/release/.venv/bin/Activate.ps1 - scripts/release/.venv/lib/python3.11/site-packages/iniconfig-2.0.0.dist-info/INSTALLER - scripts/release/.venv/lib/python3.11/site-packages/github/SelfHostedActionsRunner.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip-23.0.1.dist-info/top_level.txt - scripts/release/.venv/lib/python3.11/site-packages/gitdb/db/loose.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/install_lib.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_metadata/_functools.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/euckrfreq.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/terminal.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/operations/freeze.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/layout.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/cli/cmdoptions.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/connection.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/dist_info.py - scripts/release/.venv/lib/python3.11/site-packages/requests/compat.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/models/scheme.py - scripts/release/.venv/lib/python3.11/site-packages/github/InputGitTreeElement.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_metadata/_itertools.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/compat.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/style.py - scripts/release/.venv/lib/python3.11/site-packages/PyYAML-6.0.1.dist-info/RECORD - scripts/release/.venv/lib/python3.11/site-packages/setuptools/gui-32.exe - scripts/release/.venv/lib/python3.11/site-packages/pycparser/ply/yacc.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/default_styles.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/asymmetric/padding.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/euckrprober.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/lexers/python.py - scripts/release/.venv/lib/python3.11/site-packages/github/UserKey.pyi - scripts/release/.venv/lib/python3.11/site-packages/wrapt-1.16.0.dist-info/WHEEL - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/install_egg_info.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/_base_connection.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/queue.py - scripts/release/.venv/lib/python3.11/site-packages/github/GitRelease.py - scripts/release/.venv/lib/python3.11/site-packages/Deprecated-1.2.14.dist-info/top_level.txt - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/locators.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/serialization/pkcs7.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/ssl_match_hostname.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/develop.py - scripts/release/.venv/lib/python3.11/site-packages/pycparser/c_lexer.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/installer.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/platformdirs/macos.py - scripts/release/.venv/lib/python3.11/site-packages/deprecated/sphinx.py - scripts/release/.venv/lib/python3.11/site-packages/iniconfig/exceptions.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/connection.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/importlib_resources/_common.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/errors.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/reporter.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/pwhash/scrypt.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/_sodium.abi3.so - scripts/release/.venv/lib/python3.11/site-packages/_pytest/config/compat.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/backends/openssl/aead.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/rtf.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/test.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/index/collector.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/x509/general_name.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/bindings/crypto_kx.py - scripts/release/.venv/lib/python3.11/site-packages/github/ContentFile.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/_structures.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/cli/main_parser.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/package_index.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/tomli/_re.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/terminal256.py - scripts/release/.venv/lib/python3.11/site-packages/pycparser-2.21.dist-info/RECORD - scripts/release/.venv/lib/python3.11/site-packages/git/py.typed - scripts/release/.venv/lib/python3.11/site-packages/cffi-1.16.0.dist-info/LICENSE - scripts/release/.venv/lib/python3.11/site-packages/pluggy-1.3.0.dist-info/RECORD - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/color_triplet.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/util/request.py - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer/md.cpython-311-darwin.so - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/terminal256.py - scripts/release/.venv/lib/python3.11/site-packages/PyJWT-2.8.0.dist-info/top_level.txt - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/version.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/bindings/crypto_sign.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/sphinxext.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/build_env.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/tests/winterm_test.py - scripts/release/.venv/lib/python3.11/site-packages/pip/py.typed - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/compat.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/packages/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/PyYAML-6.0.1.dist-info/INSTALLER - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/_asyncio.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_stack.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests-2.31.0.dist-info/REQUESTED - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/sdist.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/tomli/_parser.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/config/pyprojecttoml.py - scripts/release/.venv/lib/python3.11/site-packages/github/UserKey.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/__main__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/big5prober.py - scripts/release/.venv/lib/python3.11/site-packages/pycparser/ply/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests/exceptions.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pyproject_hooks/_in_process/_in_process.py - scripts/release/.venv/lib/python3.11/site-packages/cffi/pkgconfig.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_resources/readers.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/sandbox.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/control.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/codingstatemachine.py - scripts/release/.venv/lib/python3.11/site-packages/cffi/vengine_cpy.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/commands/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_log_render.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/commands/check.py - scripts/release/.venv/lib/python3.11/site-packages/semantic_version-2.10.0.dist-info/LICENSE - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/idna/intranges.py - scripts/release/.venv/lib/python3.11/site-packages/github/Membership.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/_musllinux.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/_parser.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/lexers/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/config/setupcfg.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/network/lazy_wheel.py - scripts/release/.venv/lib/python3.11/site-packages/semantic_version-2.10.0.dist-info/RECORD - scripts/release/.venv/lib/python3.11/site-packages/setuptools/logging.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/live_render.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/tomli/_types.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests/api.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer/assets/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/connection.py - scripts/release/.venv/lib/python3.11/site-packages/github/Deployment.py - scripts/release/.venv/lib/python3.11/site-packages/requests-2.31.0.dist-info/top_level.txt - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/semantic_version-2.10.0.dist-info/LICENSE - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/hmac.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/install.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools-67.6.1.dist-info/WHEEL - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/cli-32.exe - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/contrib/socks.py - scripts/release/.venv/lib/python3.11/site-packages/wrapt-1.16.0.dist-info/INSTALLER - scripts/release/.venv/lib/python3.11/site-packages/github/WorkflowStep.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/manifest.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/_openssl.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/idna/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/requests/utils.py - scripts/release/.venv/lib/python3.11/site-packages/github/NotificationSubject.pyi - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/dist.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/deprecation.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/index/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/_msvccompiler.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography-41.0.5.dist-info/LICENSE.APACHE - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/factory.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_resources/simple.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/candidates.py - scripts/release/.venv/lib/python3.11/site-packages/yaml/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/idna/py.typed - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/ssl_match_hostname.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/semantic_version-2.10.0.dist-info/RECORD - scripts/release/.venv/lib/python3.11/site-packages/git/objects/blob.py - scripts/release/.venv/lib/python3.11/site-packages/github/InputGitAuthor.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/models/candidate.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/pkcs7.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/tree.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/jaraco/text/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/smmap/mman.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/backends/openssl/utils.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/serialization/ssh.py - scripts/release/.venv/lib/python3.11/site-packages/idna-3.4.dist-info/INSTALLER - scripts/release/.venv/lib/python3.11/site-packages/github/ApplicationOAuth.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/setuptools_build.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/warning_types.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/keywrap.py - scripts/release/.venv/lib/python3.11/site-packages/github/TimelineEventSource.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/eucjpprober.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/archive_util.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/config/_validate_pyproject/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/CodeScanAlertInstance.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/_io/terminalwriter.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/text_file.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/check.py - scripts/release/.venv/lib/python3.11/site-packages/github/CodeScanRule.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/bdist_egg.py - scripts/release/.venv/lib/python3.11/site-packages/yaml/parser.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/extern/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/cffi/lock.py - scripts/release/.venv/lib/python3.11/site-packages/github/WorkflowJob.pyi - scripts/release/.venv/lib/python3.11/site-packages/_pytest/setuponly.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip-23.2.1.dist-info/RECORD - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/requests/auth.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/resultdict.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/heuristics.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/file_util.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/requests/compat.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/contrib/socks.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/columns.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/palette.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/certifi-2023.7.22.dist-info/top_level.txt - scripts/release/.venv/lib/python3.11/site-packages/github/AuthenticatedUser.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/py34compat.py - scripts/release/.venv/lib/python3.11/site-packages/pycparser/c_generator.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/groff.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/idna/core.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/stream.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/poolmanager.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/platformdirs/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/importlib_resources/_adapters.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/bcppcompiler.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/other.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/timeout.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/config/_validate_pyproject/error_reporting.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools-67.6.1.dist-info/METADATA - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_wrap.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/models/direct_url.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/idna/codec.py - scripts/release/.venv/lib/python3.11/site-packages/PyGithub-1.59.1.dist-info/top_level.txt - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/exceptions.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_metadata/_collections.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/x509/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/johabfreq.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/pwhash/argon2i.py - scripts/release/.venv/lib/python3.11/site-packages/pluggy-1.3.0.dist-info/top_level.txt - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/heuristics.py - scripts/release/.venv/lib/python3.11/site-packages/yaml/error.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/database.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/version.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/file_proxy.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatter.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/db/git.py - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/resolvelib/providers.py - scripts/release/.venv/lib/python3.11/site-packages/pluggy/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools-67.6.1.dist-info/REQUESTED - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/_manylinux.py - scripts/release/.venv/lib/python3.11/site-packages/pycparser/ply/ctokens.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer/utils.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/_elffile.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer/cli/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/wrapt/_wrappers.cpython-311-darwin.so - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/markup.py - scripts/release/.venv/lib/python3.11/site-packages/github/CheckRunAnnotation.py - scripts/upgrade-codeql-dependencies/.venv/bin/python3.11 - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer-3.3.2.dist-info/RECORD - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/euckrfreq.py - scripts/release/.venv/lib/python3.11/site-packages/pycparser/_c_ast.cfg - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/more_itertools/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/alias.py - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer/cd.py - .vscode/tasks.json - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/tomli/_parser.py - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer-3.3.2.dist-info/WHEEL - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/contrib/socks.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/db/pack.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/util/response.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/backends/openssl/decode_asn1.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/distributions/base.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/results.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pkg_resources/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/cli-32.exe - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/version.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/asymmetric/types.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer/md.cpython-311-darwin.so - scripts/release/.venv/lib/python3.11/site-packages/github/HookDelivery.py - scripts/release/.venv/lib/python3.11/site-packages/pycparser/ast_transforms.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/more_itertools/recipes.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/spinner.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/vcs/bazaar.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/importlib_resources/_compat.py - scripts/release/.venv/lib/python3.11/site-packages/github/IssueEvent.pyi - scripts/release/.venv/lib/python3.11/site-packages/setuptools-67.6.1.dist-info/top_level.txt - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/commands/search.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/test/test_stream.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/platformdirs/api.py - scripts/release/.venv/lib/python3.11/site-packages/github/Topic.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/requests/cookies.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/vcs/versioncontrol.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/requests/structures.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/modeline.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/filter.py - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer/models.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/provider.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/upload_docs.py - scripts/release/.venv/lib/python3.11/site-packages/github/Organization.py - scripts/release/.venv/lib/python3.11/site-packages/deprecated/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/_cipheralgorithm.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/cli/main.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer-3.2.0.dist-info/entry_points.txt - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/kdf/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/config.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/caches/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/requests/api.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/layout.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pyproject_hooks/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/Path.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/models/index.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/controller.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/metadata.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/response.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_emoji_replace.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/metadata/_json.py - scripts/release/.venv/lib/python3.11/site-packages/github/RateLimit.pyi - scripts/release/.venv/lib/python3.11/site-packages/github/GistHistoryState.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer-3.2.0.dist-info/RECORD - scripts/release/.venv/lib/python3.11/site-packages/iniconfig/py.typed - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/connection.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/requirements.py - scripts/release/.venv/lib/python3.11/site-packages/smmap/util.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/public.py - scripts/release/.venv/lib/python3.11/site-packages/pycparser/_ast_gen.py - scripts/release/.venv/lib/python3.11/site-packages/git/diff.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/install.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/semantic_version-2.10.0.dist-info/INSTALLER - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/utils.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/bindings/crypto_box.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/operations/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/html.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/platformdirs/version.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/color.py - scripts/release/.venv/lib/python3.11/site-packages/requests/api.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/bar.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/resolution/legacy/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/AuthorizationApplication.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/operations/build/metadata.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/_musllinux.py - scripts/upgrade-codeql-dependencies/.venv/bin/pip3.11 - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/webencodings/tests.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/vcs/bazaar.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/network/download.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_imp.py - scripts/release/.venv/lib/python3.11/site-packages/smmap-5.0.1.dist-info/zip-safe - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/spawn.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/win32.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/platformdirs/__main__.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/test/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/msvccompiler.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/commands/hash.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/metadata/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/jpcntx.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3-2.1.0.dist-info/WHEEL - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/controller.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/common.py - scripts/release/.venv/lib/python3.11/site-packages/iniconfig-2.0.0.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/requests/_internal_utils.py - scripts/release/.venv/lib/python3.11/site-packages/github/CodeScanTool.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/plugin.py - scripts/release/.venv/lib/python3.11/site-packages/wrapt/importer.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/hookspec.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/mark/structures.py - scripts/release/.venv/lib/python3.11/site-packages/yaml/cyaml.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/terminal.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/index/package_finder.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/config/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/database.py - scripts/release/.venv/lib/python3.11/site-packages/PyJWT-2.8.0.dist-info/INSTALLER - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/cygwinccompiler.py - scripts/release/.venv/lib/python3.11/site-packages/github/ProjectCard.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/protocol.py - scripts/release/.venv/lib/python3.11/site-packages/git/objects/util.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests/auth.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/importlib_resources/_itertools.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/bcppcompiler.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/webencodings/labels.py - scripts/release/.venv/lib/python3.11/site-packages/github/CheckSuite.pyi - scripts/release/.venv/lib/python3.11/site-packages/git/exc.py - .codeql-version - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer-3.2.0.dist-info/LICENSE - scripts/release/.venv/lib/python3.11/site-packages/nacl/hashlib.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/tomli/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pluggy/_manager.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/cli/parser.py - scripts/release/.venv/lib/python3.11/site-packages/github/StatsParticipation.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/irc.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/py38compat.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distro/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/escsm.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/reporter.py - scripts/upgrade-codeql-dependencies/.venv/bin/python - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/importlib_resources/simple.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/json.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/distributions/sdist.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_inspect.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/operations/build/wheel_editable.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/macromanprober.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/version.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer/cli/normalizer.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/platformdirs/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pyproject_hooks/_impl.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/cli/spinners.py - scripts/release/.venv/lib/python3.11/site-packages/packaging/py.typed - scripts/release/.venv/lib/python3.11/site-packages/iniconfig-2.0.0.dist-info/WHEEL - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pyproject_hooks/_compat.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/mark/expression.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/exceptions.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_null_file.py - scripts/release/.venv/lib/python3.11/site-packages/github/TeamDiscussion.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/resolvelib/resolvers.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/nap.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/build_env.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/bindings/crypto_hash.py - scripts/release/.venv/lib/python3.11/site-packages/github/PullRequestReview.pyi - scripts/release/.venv/lib/python3.11/site-packages/requests/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/_distutils_hack/override.py - scripts/release/.venv/lib/python3.11/site-packages/git/refs/symbolic.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/_elffile.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/compatibility_tags.py - scripts/release/.venv/lib/python3.11/site-packages/github/GitReleaseAsset.py - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer/__main__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/requests/packages.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/install_scripts.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/vcs/__init__.py - cpp/autosar/src/quick-query.ql - scripts/release/.venv/lib/python3.11/site-packages/github/Invitation.pyi - scripts/release/.venv/lib/python3.11/site-packages/urllib3/_version.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/importlib_resources/_legacy.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/_structures.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/msgpack/exceptions.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/_oid.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/emoji.py - scripts/release/.venv/lib/python3.11/site-packages/pluggy-1.3.0.dist-info/WHEEL - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/repr.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/cli/status_codes.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/jaraco/functools.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/gui-64.exe - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/before.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/kdf/kbkdf.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/tests/initialise_test.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/fields.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography-41.0.5.dist-info/top_level.txt - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/locations/_distutils.py - scripts/release/.venv/lib/python3.11/site-packages/PyNaCl-1.5.0.dist-info/INSTALLER - scripts/release/.venv/lib/python3.11/site-packages/github/ContentFile.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/proxy.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/ccompiler.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/self_outdated_check.py - scripts/release/.venv/lib/python3.11/site-packages/wrapt/patches.py - scripts/release/.venv/lib/python3.11/site-packages/packaging/utils.py - scripts/release/.venv/lib/python3.11/site-packages/requests-2.31.0.dist-info/WHEEL - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/themes.py - scripts/release/.venv/lib/python3.11/site-packages/github/Artifact.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/versionpredicate.py - scripts/release/.venv/lib/python3.11/site-packages/github/View.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer/version.py - scripts/release/.venv/lib/python3.11/site-packages/github/View.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/resources.py - scripts/release/.venv/lib/python3.11/site-packages/github/Environment.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/adapter.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/style.py - scripts/release/.venv/lib/python3.11/site-packages/github/InstallationAuthorization.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/network/utils.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/archive_util.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/bindings/crypto_core.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/bdist_rpm.py - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer/cli/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools-67.6.1.dist-info/WHEEL - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/backends/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/ProjectColumn.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/errors.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/util/proxy.py - scripts/release/.venv/lib/python3.11/site-packages/git/refs/reference.py - scripts/release/.venv/lib/python3.11/site-packages/pycparser-2.21.dist-info/WHEEL - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/charsetprober.py - scripts/release/.venv/lib/python3.11/site-packages/PyJWT-2.8.0.dist-info/METADATA - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/resolver.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/filewrapper.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/live.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/certifi/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/langthaimodel.py - scripts/release/.venv/lib/python3.11/site-packages/GitPython-3.1.36.dist-info/REQUESTED - scripts/release/.venv/lib/python3.11/site-packages/cryptography/fernet.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/upload.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/semantic_version-2.10.0.dist-info/REQUESTED - scripts/release/.venv/bin/python - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/network/session.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/contrib/securetransport.py - scripts/release/.venv/lib/python3.11/site-packages/cffi/_cffi_include.h - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/kdf/scrypt.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/locations/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/requests/structures.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/platformdirs/api.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/clean.py - scripts/release/.venv/lib/python3.11/site-packages/github/Artifact.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/script (dev).tmpl - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/mbcsgroupprober.py - scripts/release/.venv/lib/python3.11/site-packages/cffi/parse_c_type.h - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/commands/help.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/distributions/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/requests/adapters.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/operations/build/wheel_editable.py - scripts/release/.venv/lib/python3.11/site-packages/requests/auth.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/platformdirs/unix.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/measure.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/idna-3.4.dist-info/WHEEL - scripts/release/.venv/lib/python3.11/site-packages/_pytest/python_path.py - scripts/release/.venv/lib/python3.11/site-packages/github/CheckRun.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/msgpack/fallback.py - scripts/release/.venv/lib/python3.11/site-packages/git/remote.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/models/format_control.py - scripts/release/.venv/lib/python3.11/site-packages/github/Clones.pyi - scripts/release/.venv/lib/python3.11/site-packages/github/RateLimit.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_metadata/_meta.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_resources/_itertools.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/idna/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/PyJWT-2.8.0.dist-info/AUTHORS.rst - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip-23.2.1.dist-info/LICENSE.txt - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/idna/codec.py - scripts/release/.venv/lib/python3.11/site-packages/GitPython-3.1.36.dist-info/AUTHORS - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/req/constructors.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3-2.0.4.dist-info/licenses/LICENSE.txt - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/_collections.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/_functools.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/py.typed - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/tests/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/assertion/util.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/markers.py - scripts/release/.venv/lib/python3.11/site-packages/jwt/api_jwk.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/platformdirs/windows.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/ciphers/algorithms.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/response.py - scripts/release/.venv/lib/python3.11/site-packages/PyGithub-1.59.1.dist-info/COPYING - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/certifi/__main__.py - scripts/release/.venv/lib/python3.11/site-packages/wrapt/decorators.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer-3.2.0.dist-info/INSTALLER - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/scanner.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/importlib_resources/_itertools.py - scripts/release/.venv/lib/python3.11/site-packages/smmap/test/test_buf.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/vcs/subversion.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/more_itertools/more.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/cp949prober.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/build.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/jupyter.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/egg_info.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/contrib/_securetransport/low_level.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/requests/cookies.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/_manylinux.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/ordered_set.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/compat.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/screen.py - scripts/release/.venv/lib/python3.11/site-packages/pluggy-1.3.0.dist-info/INSTALLER - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/mbcsgroupprober.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/tests/isatty_test.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/gui-arm64.exe - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/_parser.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/resolvelib/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/build_scripts.py - scripts/release/.venv/lib/python3.11/site-packages/requests-2.31.0.dist-info/RECORD - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_metadata/_compat.py - scripts/release/.venv/lib/python3.11/site-packages/github/Autolink.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/connection.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/py36compat.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pyproject_hooks/_impl.py - scripts/release/.venv/lib/python3.11/site-packages/pip-23.0.1.dist-info/WHEEL - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/contrib/_appengine_environ.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/db/mem.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/build_meta.py - scripts/release/.venv/lib/python3.11/site-packages/github/File.pyi - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/saveopts.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/recwarn.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/_manylinux.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/euckrprober.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/w64-arm.exe - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/rtf.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/bindings/sodium_core.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/importlib_resources/abc.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/irc.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/poolmanager.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/panel.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/bdist_rpm.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/commands/download.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/before.py - scripts/release/.venv/lib/python3.11/site-packages/github/GitTreeElement.pyi - scripts/release/.venv/lib/python3.11/site-packages/github/Repository.py - scripts/release/.venv/lib/python3.11/site-packages/github/Migration.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/gb2312prober.py - scripts/release/.venv/lib/python3.11/site-packages/pycparser/yacctab.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/signing.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/idna/compat.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/sbcharsetprober.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/_manylinux.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/testing.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/twofactor/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/tomli/_re.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/models/selection_prefs.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_resources/_compat.py - scripts/release/.venv/lib/python3.11/site-packages/pycparser-2.21.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/git/objects/submodule/base.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/typing_extensions.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/filesystem.py - scripts/release/.venv/lib/python3.11/site-packages/github/GitTree.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/errors.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/live.py - scripts/release/.venv/lib/python3.11/site-packages/idna-3.4.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/cffi/recompiler.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/console.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/tests/initialise_test.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/idna-3.4.dist-info/LICENSE.md - scripts/release/.venv/lib/python3.11/site-packages/urllib3/util/request.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/metadata/importlib/_dists.py - scripts/release/.venv/pyvenv.cfg - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/models/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/build_ext.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/provider.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/x509/certificate_transparency.py - scripts/release/.venv/lib/python3.11/site-packages/github/RequiredStatusChecks.py - scripts/release/.venv/lib/python3.11/site-packages/github/TimelineEvent.pyi - scripts/release/.venv/lib/python3.11/site-packages/github/StatsCommitActivity.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/asn1.pyi - scripts/release/.venv/lib/python3.11/site-packages/urllib3-2.1.0.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/helpers.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/enums.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/py37compat.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/w64.exe - scripts/release/.venv/lib/python3.11/site-packages/cryptography/x509/name.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/text.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/_request_methods.py - scripts/release/.venv/lib/python3.11/site-packages/github/Deployment.pyi - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer-3.3.2.dist-info/INSTALLER - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/easy_install.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_metadata/_meta.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/response.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests-2.31.0.dist-info/WHEEL - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/py.typed - scripts/release/.venv/lib/python3.11/site-packages/github/Event.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/vcs/mercurial.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_resources/simple.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/version.py - scripts/release/.venv/lib/python3.11/site-packages/semantic_version-2.10.0.dist-info/WHEEL - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/unicode_utils.py - scripts/release/.venv/lib/python3.11/site-packages/github/Clones.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/__pip-runner__.py - scripts/release/.venv/lib/python3.11/site-packages/cffi/model.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/network/utils.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/requests/certs.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/network/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/__pip-runner__.py - scripts/release/.venv/lib/python3.11/site-packages/github/DeploymentStatus.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/version.py - scripts/release/.venv/lib/python3.11/site-packages/pytest-7.4.3.dist-info/INSTALLER - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/build_clib.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/nodes.py - scripts/release/.venv/lib/python3.11/site-packages/pip-23.0.1.dist-info/RECORD - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/lexers/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/operations/build/build_tracker.py - scripts/release/.venv/lib/python3.11/site-packages/github/Topic.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/msgpack/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/certifi/__main__.py - scripts/release/.venv/lib/python3.11/site-packages/pytest/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/certifi/__main__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/platformdirs/unix.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/filesize.py - scripts/release/.venv/lib/python3.11/site-packages/packaging-23.2.dist-info/INSTALLER - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/py39compat.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/request.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/commands/help.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/contrib/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_pick.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/fixtures.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/network/download.py - scripts/release/.venv/lib/python3.11/site-packages/github/CodeScanTool.pyi - scripts/release/.venv/lib/python3.11/site-packages/cryptography/py.typed - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/t32.exe - scripts/release/.venv/lib/python3.11/site-packages/github/Commit.py - scripts/release/.venv/lib/python3.11/site-packages/cffi/_cffi_errors.h - scripts/release/.venv/lib/python3.11/site-packages/github/Permissions.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/lexer.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/models/direct_url.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/resultdict.py - scripts/release/.venv/lib/python3.11/site-packages/git/index/fun.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3-2.1.0.dist-info/RECORD - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/openssl/dsa.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/metadata/importlib/_dists.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_pick.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/specifiers.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/twofactor/totp.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/regexopt.py - scripts/release/.venv/lib/python3.11/site-packages/GitPython-3.1.36.dist-info/RECORD - scripts/release/.venv/lib/python3.11/site-packages/yaml/reader.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/styled.py - scripts/release/.venv/lib/python3.11/site-packages/github/Download.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/caches/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/idna/uts46data.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/cache.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/extension.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/py.typed - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/operations/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/Stargazer.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/default_styles.py - scripts/release/.venv/lib/python3.11/site-packages/idna-3.4.dist-info/LICENSE.md - scripts/release/.venv/lib/python3.11/site-packages/yaml/emitter.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/test/test_base.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/resources.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_ratio.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/util/ssl_.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/pastebin.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/install_lib.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/contrib/ntlmpool.py - scripts/release/.venv/lib/python3.11/site-packages/packaging-23.2.dist-info/RECORD - scripts/release/.venv/lib/python3.11/site-packages/_pytest/_code/code.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/errors.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/ssltransport.py - scripts/release/.venv/lib/python3.11/site-packages/requests/_internal_utils.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/PyNaCl-1.5.0.dist-info/LICENSE - scripts/release/.venv/lib/python3.11/site-packages/cryptography/x509/extensions.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/req/req_install.py - scripts/release/.venv/lib/python3.11/site-packages/yaml/constructor.py - scripts/release/.venv/lib/python3.11/site-packages/pluggy/_result.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/config.py - scripts/release/.venv/lib/python3.11/site-packages/idna/core.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/py39compat.py - scripts/release/.venv/lib/python3.11/site-packages/Deprecated-1.2.14.dist-info/RECORD - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/cli-64.exe - scripts/release/.venv/lib/python3.11/site-packages/urllib3/filepost.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/_asyncio.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/test/test_pack.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/latex.py - scripts/release/.venv/lib/python3.11/site-packages/packaging/tags.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/queue.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/jaraco/context.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/idna/package_data.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/x509/oid.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/tomli/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/ordered_set.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/test/lib.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/unittest.py - scripts/release/.venv/lib/python3.11/site-packages/requests-2.31.0.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/certifi/__main__.py - scripts/release/.venv/lib/python3.11/site-packages/git/config.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/stash.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_windows_renderer.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/__about__.py - scripts/release/.venv/lib/python3.11/site-packages/github/CodeScanRule.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/diagnose.py - scripts/release/.venv/lib/python3.11/site-packages/github/Gist.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/encoding.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/_distutils_hack/override.py - scripts/release/.venv/lib/python3.11/site-packages/cffi/cparser.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/install_data.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/PullRequest.pyi - scripts/release/.venv/lib/python3.11/site-packages/smmap/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/_macos_compat.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/distributions/wheel.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/align.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/gui-64.exe - scripts/release/.venv/lib/python3.11/site-packages/github/GithubException.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/idna/package_data.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/kdf/concatkdf.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/db/ref.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/models/search_scope.py - scripts/release/.venv/lib/python3.11/site-packages/github/CommitComment.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/develop.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/junitxml.py - scripts/release/.venv/lib/python3.11/site-packages/github/InputGitTreeElement.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/commands/hash.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_resources/abc.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/platformdirs/windows.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/gui.exe - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/operations/install/wheel.py - scripts/release/.venv/lib/python3.11/site-packages/pytest-7.4.3.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/github/Autolink.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/escsm.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/vendor.txt - scripts/release/.venv/lib/python3.11/site-packages/github/RequiredPullRequestReviews.pyi - scripts/release/.venv/lib/python3.11/site-packages/github/RequiredPullRequestReviews.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_timer.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests/models.py - scripts/release/.venv/lib/python3.11/site-packages/github/Workflow.pyi - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/build_py.py - scripts/release/.venv/lib/python3.11/site-packages/github/Requester.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/latex.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/token.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/operations/build/metadata_editable.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_importlib.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/mbcssm.py - scripts/release/.venv/lib/python3.11/site-packages/yaml/tokens.py - scripts/release/.venv/lib/python3.11/site-packages/github/GitObject.py - scripts/release/.venv/lib/python3.11/site-packages/github/Gist.pyi - scripts/release/.venv/lib/python3.11/site-packages/github/GithubApp.pyi - scripts/release/.venv/lib/python3.11/site-packages/semantic_version/django_fields.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/resolution/legacy/resolver.py - scripts/release/.venv/lib/python3.11/site-packages/pycparser/c_ast.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/langturkishmodel.py - scripts/release/.venv/lib/python3.11/site-packages/packaging/_tokenizer.py - scripts/release/.venv/lib/python3.11/site-packages/github/EnvironmentProtectionRule.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/openssl/kdf.pyi - scripts/release/.venv/lib/python3.11/site-packages/github/Comparison.py - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer/legacy.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/models/target_python.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/_version.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/_framework_compat.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests/hooks.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/contrib/_securetransport/bindings.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/response.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/locations/_sysconfig.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/svg.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/setuptools_build.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/core.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/resolvelib/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/hashes.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pyproject_hooks/_in_process/_in_process.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/asymmetric/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/w32.exe - scripts/release/.venv/lib/python3.11/site-packages/pycparser/lextab.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/_version.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography-41.0.5.dist-info/WHEEL - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests/structures.py - scripts/release/.venv/lib/python3.11/site-packages/iniconfig-2.0.0.dist-info/licenses/LICENSE - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/contrib/_securetransport/bindings.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/style.py - scripts/release/.venv/lib/python3.11/site-packages/github/CheckRunOutput.pyi - scripts/release/.venv/lib/python3.11/site-packages/github/IssueEvent.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/cmdline.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/commands/show.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/backends/openssl/ec.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/_log.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/util/util.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/cmdline.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/langhebrewmodel.py - scripts/release/.venv/lib/python3.11/site-packages/PyNaCl-1.5.0.dist-info/top_level.txt - scripts/release/.venv/lib/python3.11/site-packages/idna/codec.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/build_ext.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/before_sleep.py - scripts/release/.venv/lib/python3.11/site-packages/github/Notification.pyi - scripts/release/.venv/lib/python3.11/site-packages/urllib3/util/proxy.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/cli/command_context.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_extension.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/version.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/caches/file_cache.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/importlib_resources/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools-67.6.1.dist-info/REQUESTED - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/direct_url_helpers.py - scripts/release/.venv/lib/python3.11/site-packages/github/NamedUser.pyi - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_resources/readers.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/webencodings/x_user_defined.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/commands/wheel.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/serialize.py - scripts/release/.venv/lib/python3.11/site-packages/github/GitignoreTemplate.pyi - scripts/release/.venv/lib/python3.11/site-packages/github/GitObject.pyi - scripts/release/.venv/lib/python3.11/site-packages/github/IssuePullRequest.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/jwt/types.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/webencodings/tests.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/extern/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/highlighter.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/url.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/_musllinux.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/idna/compat.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests/adapters.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/clean.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/jaraco/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/config/_validate_pyproject/fastjsonschema_validations.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests-2.31.0.dist-info/top_level.txt - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/upload.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/unicode_utils.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_resources/_legacy.py - scripts/release/.venv/lib/python3.11/site-packages/_distutils_hack/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/jaraco/functools.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/containers.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/_io/saferepr.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/__about__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/euctwfreq.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip-23.2.1.dist-info/INSTALLER - scripts/release/.venv/lib/python3.11/site-packages/packaging/__init__.py - scripts/upgrade-codeql-dependencies/.venv/bin/python3 - scripts/release/.venv/lib/python3.11/site-packages/github/py.typed - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/requests/adapters.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests-2.31.0.dist-info/LICENSE - scripts/release/.venv/lib/python3.11/site-packages/_pytest/outcomes.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/compat.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/gui-arm64.exe - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/palette.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_cell_widths.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/hashes.py - scripts/release/.venv/lib/python3.11/site-packages/pip-23.0.1.dist-info/entry_points.txt - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/cli/base_command.py - scripts/release/.venv/lib/python3.11/site-packages/cffi-1.16.0.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/six.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3-2.1.0.dist-info/licenses/LICENSE.txt - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/codingstatemachinedict.py - scripts/release/.venv/lib/python3.11/site-packages/github/CodeScanAlert.pyi - scripts/release/.venv/lib/python3.11/site-packages/jwt/api_jws.py - scripts/release/.venv/lib/python3.11/site-packages/PyGithub-1.59.1.dist-info/RECORD - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pyproject_hooks/_compat.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/reports.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/filelist.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/req/constructors.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/entrypoints.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/deprecation.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/monkey.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests/compat.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/network/xmlrpc.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/main.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/sdist.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/style.py - scripts/release/.venv/lib/python3.11/site-packages/github/GitRef.pyi - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/jaraco/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/rotate.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/PyYAML-6.0.1.dist-info/LICENSE - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/tests/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/progress.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/msvc.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/openssl/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/cli/autocompletion.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/config/_validate_pyproject/extra_validations.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb-4.0.11.dist-info/RECORD - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/egg_link.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/index/collector.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/util/ssl_.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_path.py - scripts/release/.venv/lib/python3.11/site-packages/semantic_version-2.10.0.dist-info/REQUESTED - scripts/release/.venv/lib/python3.11/site-packages/gitdb/base.py - scripts/release/.venv/lib/python3.11/site-packages/packaging/metadata.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/install_egg_info.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/_elffile.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/openssl/hmac.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/requests/structures.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_fileno.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/packages/backports/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/git/refs/remote.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/config/_validate_pyproject/fastjsonschema_validations.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/tree.py - scripts/release/.venv/lib/python3.11/site-packages/idna/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/tags.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/requests/_internal_utils.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/_py/path.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/markers.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/core.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/requests/hooks.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/pytester_assertions.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/utils.py - scripts/release/.venv/lib/python3.11/site-packages/github/Branch.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/bbcode.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/network/auth.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/core.py - scripts/release/.venv/lib/python3.11/site-packages/github/Referrer.py - shell.nix - scripts/release/.venv/lib/python3.11/site-packages/idna-3.4.dist-info/WHEEL - scripts/release/.venv/lib/python3.11/site-packages/PyJWT-2.8.0.dist-info/WHEEL - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/wrapper.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/_elffile.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/inject_securetransport.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/syntax.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/pangomarkup.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb-4.0.11.dist-info/INSTALLER - scripts/release/.venv/lib/python3.11/site-packages/github/TimelineEvent.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/caches/redis_cache.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/importlib_resources/readers.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/repr.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/utils.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/certifi/cacert.pem - scripts/release/.venv/lib/python3.11/site-packages/packaging-23.2.dist-info/LICENSE - scripts/release/.venv/lib/python3.11/site-packages/PyYAML-6.0.1.dist-info/WHEEL - scripts/release/.venv/lib/python3.11/site-packages/git/objects/submodule/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/specifiers.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/mark/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/wrapt/wrappers.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/_tokenizer.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/contrib/_securetransport/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/request.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/install_egg_info.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/yaml/dumper.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer-3.2.0.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/_pytest/timing.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/_distutils_hack/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/GitTag.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/register.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/utf8prober.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/bindings/crypto_pwhash.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/operations/build/wheel_legacy.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip-23.2.1.dist-info/entry_points.txt - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/scripts.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/vendor.txt - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/contrib/appengine.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/vcs/mercurial.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests/packages.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/_code/source.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/dep_util.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/version.py - scripts/release/.venv/lib/python3.11/site-packages/github/Issue.py - scripts/release/.venv/lib/python3.11/site-packages/GitPython-3.1.36.dist-info/LICENSE - scripts/release/.venv/lib/python3.11/site-packages/semantic_version-2.10.0.dist-info/INSTALLER - scripts/release/.venv/lib/python3.11/site-packages/github/Label.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/build_clib.py - scripts/release/.venv/lib/python3.11/site-packages/wrapt/weakrefs.py - scripts/release/.venv/lib/python3.11/site-packages/requests/packages.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/test/test_util.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/tags.py - scripts/release/.venv/bin/pip3 - scripts/release/.venv/lib/python3.11/site-packages/semantic_version-2.10.0.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/certifi/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/diagnose.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/logging.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/utils/encoding.py - scripts/release/.venv/lib/python3.11/site-packages/GitPython-3.1.36.dist-info/METADATA - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3-2.0.4.dist-info/RECORD - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/bdist_dumb.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/euctwfreq.py - scripts/release/.venv/lib/python3.11/site-packages/cffi/ffiplatform.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/tags.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_metadata/_adapters.py - scripts/release/.venv/lib/python3.11/site-packages/jwt/warnings.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/contrib/_securetransport/bindings.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/__main__.py - scripts/release/.venv/lib/python3.11/site-packages/github/Auth.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/tomli/_re.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_windows.py - scripts/release/.venv/lib/python3.11/site-packages/github/CheckRunOutput.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/dist.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/requests/api.py - scripts/release/.venv/lib/python3.11/site-packages/github/Comparison.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/contrib/_securetransport/low_level.py - scripts/release/.venv/lib/python3.11/site-packages/github/GitRelease.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/_collections.py - scripts/release/.venv/lib/python3.11/site-packages/Deprecated-1.2.14.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/file_proxy.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/commands/configuration.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip-23.2.1.dist-info/AUTHORS.txt - scripts/release/.venv/lib/python3.11/site-packages/nacl/bindings/crypto_scalarmult.py - scripts/release/.venv/lib/python3.11/site-packages/yaml/loader.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/mbcssm.py - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer/api.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/_version.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/versionpredicate.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_resources/_adapters.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/requests/status_codes.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/archive_util.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/models/candidate.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/wrapper.py - scripts/release/.venv/lib/python3.11/site-packages/PyNaCl-1.5.0.dist-info/RECORD - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/distutils-precedence.pth - scripts/release/.venv/lib/python3.11/site-packages/urllib3/util/timeout.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/script (dev).tmpl - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/sdist.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/_log.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/hashes.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/util.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/actions.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/unixccompiler.py - scripts/release/.venv/lib/python3.11/site-packages/github/GitBlob.pyi - scripts/release/.venv/lib/python3.11/site-packages/nacl/bindings/crypto_generichash.py - scripts/release/.venv/lib/python3.11/site-packages/github/GitReleaseAsset.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/rotate.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/contrib/pyopenssl.py - scripts/release/.venv/lib/python3.11/site-packages/git/refs/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/bar.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/backends/openssl/ciphers.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/_structures.py - scripts/release/.venv/lib/python3.11/site-packages/github/Milestone.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/platformdirs/__main__.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/asymmetric/dsa.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/dir_util.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/errors.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/ansi.py - scripts/release/.venv/lib/python3.11/site-packages/requests/hooks.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/padding.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/req/req_file.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/pwhash/argon2id.py - scripts/upgrade-codeql-dependencies/.venv/bin/activate.fish - scripts/release/.venv/lib/python3.11/site-packages/smmap-5.0.1.dist-info/INSTALLER - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/depends.py - scripts/release/.venv/lib/python3.11/site-packages/github/RepositoryAdvisory.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/msvc.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/extension.py - scripts/release/.venv/lib/python3.11/site-packages/pip-23.0.1.dist-info/REQUESTED - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/cache.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/_tokenizer.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/cli-arm64.exe - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/cache.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/contrib/pyopenssl.py - scripts/release/.venv/lib/python3.11/site-packages/github/InstallationAuthorization.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/log.py - scripts/release/.venv/lib/python3.11/site-packages/github/Migration.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/__main__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/ansitowin32.py - scripts/release/.venv/lib/python3.11/site-packages/certifi-2023.11.17.dist-info/METADATA - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/tomli/_parser.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/config/_validate_pyproject/formats.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/msgpack/exceptions.py - scripts/release/.venv/lib/python3.11/site-packages/jwt/jwk_set_cache.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/tests/ansi_test.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/idna/uts46data.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/unistring.py - scripts/release/.venv/lib/python3.11/site-packages/github/GitRef.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_reqs.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/log.py - scripts/release/.venv/lib/python3.11/site-packages/github/RepositoryPreferences.pyi - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/py36compat.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb-4.0.11.dist-info/AUTHORS - scripts/release/.venv/lib/python3.11/site-packages/pycparser/ply/cpp.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/contrib/pyopenssl.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/extension.py - scripts/release/.venv/lib/python3.11/site-packages/github/Hook.pyi - scripts/release/.venv/lib/python3.11/site-packages/urllib3/util/wait.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/metadata/languages.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/git/objects/commit.py - scripts/release/.venv/lib/python3.11/site-packages/cffi/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/requests-2.31.0.dist-info/LICENSE - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/util/connection.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/console.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/contrib/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests-2.31.0.dist-info/METADATA - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/datetime.py - scripts/release/.venv/lib/python3.11/site-packages/pytest/__main__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/webencodings/mklabels.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/openssl/hashes.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/ansitowin32.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/text.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/screen.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_metadata/_collections.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/monkey.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/wheel.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/distributions/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/backends/openssl/rsa.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/after.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/requests/auth.py - scripts/upgrade-codeql-dependencies/.venv/bin/pip3 - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/glibc.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/config/expand.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/_utils.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/contrib/socks.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/util.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/cacheprovider.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/token.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests/certs.py - scripts/release/.venv/lib/python3.11/site-packages/pycparser/c_parser.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/models/target_python.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/tests/ansi_test.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/config/_apply_pyprojecttoml.py - scripts/release/.venv/lib/python3.11/site-packages/pytest-7.4.3.dist-info/top_level.txt - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/metadata/pkg_resources.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/version.py - scripts/release/.venv/lib/python3.11/site-packages/PyGithub-1.59.1.dist-info/INSTALLER - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/t64-arm.exe - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/resolvelib/compat/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/more_itertools/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/lexers/python.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/theme.py - scripts/release/.venv/lib/python3.11/site-packages/wrapt-1.16.0.dist-info/RECORD - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/network/cache.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/version.py - scripts/release/.venv/lib/python3.11/site-packages/github/GithubIntegration.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/filepost.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/plugin.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/wheel.py - scripts/release/.venv/lib/python3.11/site-packages/github/IssueComment.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/semantic_version-2.10.0.dist-info/top_level.txt - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/contrib/appengine.py - scripts/release/.venv/lib/python3.11/site-packages/github/Issue.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/cmd.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/x509.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/resolver.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/archive_util.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/markers.py - scripts/release/.venv/lib/python3.11/site-packages/packaging/version.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/contrib/ntlmpool.py - scripts/release/.venv/lib/python3.11/site-packages/github/Installation.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/operations/build/build_tracker.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/req/req_uninstall.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pkg_resources/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/subprocess.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/metadata/base.py - scripts/release/.venv/lib/python3.11/site-packages/github/HookResponse.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/more_itertools/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests/sessions.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/more_itertools/more.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/build_ext.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/color.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/before_sleep.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/py37compat.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/testing.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/codingstatemachinedict.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/progress_bar.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/ssltransport.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_spinners.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/after.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/network/auth.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/_tokenizer.py - scripts/release/.venv/lib/python3.11/site-packages/github/Installation.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/python.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/specifiers.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/entrypoints.py - scripts/release/.venv/lib/python3.11/site-packages/pip/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/Reaction.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/typing_extensions.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatter.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/more_itertools/recipes.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/vcs/subversion.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3-2.0.4.dist-info/WHEEL - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/jisfreq.py - scripts/release/.venv/lib/python3.11/site-packages/idna/intranges.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/langhungarianmodel.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/importlib_resources/abc.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/utils.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/_utils.py - scripts/release/.venv/lib/python3.11/site-packages/github/SourceImport.pyi - scripts/release/.venv/lib/python3.11/site-packages/github/SourceImport.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/unixccompiler.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/commands/index.py - scripts/release/.venv/lib/python3.11/site-packages/github/PaginatedList.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/config/_validate_pyproject/fastjsonschema_exceptions.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/groff.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/index/sources.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/models/installation_report.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/distributions/sdist.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/requests/packages.py - scripts/release/.venv/lib/python3.11/site-packages/jwt/help.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/regexopt.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/install_headers.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/requirements.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/serialization/pkcs12.py - scripts/release/.venv/lib/python3.11/site-packages/github/NotificationSubject.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/tmpdir.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_deprecation_warning.py - scripts/release/.venv/lib/python3.11/site-packages/github/File.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/cli/req_command.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/jaraco/context.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/timeout.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/tests/ansitowin32_test.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/threadexception.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/extern/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_emoji_codes.py - scripts/release/.venv/lib/python3.11/site-packages/github/TimelineEventSource.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/tomli/_types.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/styles/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/pwhash/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/platformdirs/android.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/charsetprober.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/pretty.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/exceptions.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/base.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb-4.0.11.dist-info/top_level.txt - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip-23.2.1.dist-info/top_level.txt - scripts/release/.venv/lib/python3.11/site-packages/_pytest/assertion/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/compat.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/_manylinux.py - scripts/release/.venv/lib/python3.11/site-packages/github/GistHistoryState.py - scripts/release/.venv/lib/python3.11/site-packages/idna/uts46data.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/distributions/base.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/_msvccompiler.py - scripts/release/.venv/lib/python3.11/site-packages/github/Workflow.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests/help.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/cli.exe - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/ssl_.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/semantic_version/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/operations/build/metadata_legacy.py - scripts/release/.venv/lib/python3.11/site-packages/pluggy/_version.py - scripts/release/.venv/lib/python3.11/site-packages/yaml/nodes.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/commands/wheel.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/retry.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/launch.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/commands/cache.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/models/link.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/config/exceptions.py - scripts/release/.venv/lib/python3.11/site-packages/requests/exceptions.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools-67.6.1.dist-info/LICENSE - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/vcs/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/Reaction.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/segment.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_imp.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer-3.2.0.dist-info/top_level.txt - scripts/release/.venv/lib/python3.11/site-packages/requests/certs.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_loop.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/filetypes.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/_functools.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/universaldetector.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/utils.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/jaraco/text/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/contrib/_securetransport/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/packaging.py - scripts/release/.venv/lib/python3.11/site-packages/github/Stargazer.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/resolvelib/reporters.py - scripts/release/.venv/lib/python3.11/site-packages/github/CommitStatus.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/columns.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/_request_methods.py - scripts/release/.venv/lib/python3.11/site-packages/github/RepositoryAdvisoryVulnerability.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_metadata/_adapters.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/platformdirs/version.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/version.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/img.py - scripts/release/.venv/lib/python3.11/site-packages/github/CommitStats.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/ansi.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/langthaimodel.py - scripts/release/.venv/lib/python3.11/site-packages/pytest/py.typed - scripts/release/.venv/lib/python3.11/site-packages/git/objects/tree.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/_mapping.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distro/__main__.py - scripts/release/.venv/lib/python3.11/site-packages/git/refs/log.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/commands/show.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/install_data.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/build_scripts.py - scripts/release/.venv/lib/python3.11/site-packages/packaging/markers.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/openssl/ed25519.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/response.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_cell_widths.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_emoji_codes.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/deprecated.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/metadata/importlib/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/platformdirs/version.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/markers.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/base.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/requests/models.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/config/_validate_pyproject/formats.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_null_file.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/sbcsgroupprober.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/asymmetric/ed25519.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/requests/adapters.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/config/findpaths.py - scripts/release/.venv/lib/python3.11/site-packages/git/db.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3-2.0.4.dist-info/INSTALLER - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/operations/install/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/box.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/jaraco/context.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/compat.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/commands/index.py - scripts/release/.venv/lib/python3.11/site-packages/github/Branch.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/operations/install/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/johabprober.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/monkeypatch.py - scripts/release/.venv/lib/python3.11/site-packages/smmap-5.0.1.dist-info/LICENSE - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/unpacking.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/spawn.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/langgreekmodel.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_palettes.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/_io/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools-67.6.1.dist-info/entry_points.txt - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/semantic_version-2.10.0.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/github/AppAuthentication.py - scripts/release/.venv/lib/python3.11/site-packages/pluggy-1.3.0.dist-info/LICENSE - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/segment.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/requests/models.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/zipp.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/models/search_scope.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/requests/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/version.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/styled.py - scripts/release/.venv/lib/python3.11/site-packages/yaml/serializer.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/debug.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/packages/backports/makefile.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/resolvelib/compat/collections_abc.py - scripts/release/.venv/lib/python3.11/site-packages/pytest-7.4.3.dist-info/LICENSE - scripts/release/.venv/lib/python3.11/site-packages/yaml/_yaml.cpython-311-darwin.so - scripts/release/.venv/lib/python3.11/site-packages/urllib3-2.1.0.dist-info/INSTALLER - scripts/release/.venv/lib/python3.11/site-packages/github/WorkflowStep.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/_jaraco_text.py - scripts/release/.venv/lib/python3.11/site-packages/wrapt-1.16.0.dist-info/LICENSE - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/unistring.py - scripts/release/.venv/lib/python3.11/site-packages/certifi/core.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/config/expand.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/platformdirs/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/iniconfig/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/traceback.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/platformdirs/api.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/exceptions.pyi - scripts/release/.venv/lib/python3.11/site-packages/github/MainClass.py - scripts/release/.venv/lib/python3.11/site-packages/github/__init__.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/wheel.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/importlib_resources/_compat.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/easy_install.py - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer/cli/__main__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/commands/uninstall.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/openssl/x25519.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/_framework_compat.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/requirements.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/scanner.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/cmac.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/terminal.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/requests/exceptions.py - scripts/release/.venv/lib/python3.11/site-packages/Deprecated-1.2.14.dist-info/LICENSE.rst - scripts/release/.venv/lib/python3.11/site-packages/PyJWT-2.8.0.dist-info/LICENSE - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/License.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests/utils.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/unicode.py - scripts/release/.venv/lib/python3.11/site-packages/github/GitAuthor.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/text_file.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/tests/ansitowin32_test.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/operations/install/legacy.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/metadata/base.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/encoding.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/test.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/johabprober.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/__about__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/commands/completion.py - Release v2.0.0 (refs/gitbutler/release-v2-0-0-) branch head: 6303cd54fcdc6bee49201c3c15130f613512f52a Your previous branch was: refs/heads/rvermeulen/fix-388 The sha for that commit was: bd425e0c5244ae92c1e7ff44ed2829f4e369806c For more information about what we're doing here, check out our docs: https://docs.gitbutler.com/features/virtual-branches/integration-branch From d3baeb904fda0b19442fa211e2bd4959b5908268 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 14 Feb 2024 17:00:44 -0800 Subject: [PATCH 1634/2573] Address FP by counting aggregate initialization --- .../src/rules/M0-1-4/SingleUsePODVariable.qll | 38 +++++++++++-------- cpp/autosar/test/rules/M0-1-4/test_member.cpp | 21 ++++++++++ 2 files changed, 44 insertions(+), 15 deletions(-) diff --git a/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll b/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll index c4e220549a..4d822083b3 100644 --- a/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll +++ b/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll @@ -12,21 +12,29 @@ private string getConstExprValue(Variable v) { /** Gets a "use" count according to rule M0-1-4. */ int getUseCount(Variable v) { - exists(int initializers | - // We enforce that it's a POD type variable, so if it has an initializer it is explicit - (if v.hasInitializer() then initializers = 1 else initializers = 0) and - result = - initializers + - count(VariableAccess access | access = v.getAnAccess() and not access.isCompilerGenerated()) - + count(UserProvidedConstructorFieldInit cfi | cfi.getTarget() = v) + - // For constexpr variables used as template arguments, we don't see accesses (just the - // appropriate literals). We therefore take a conservative approach and count the number of - // template instantiations that use the given constant, and consider each one to be a use - // of the variable - count(ClassTemplateInstantiation cti | - cti.getTemplateArgument(_).(Expr).getValue() = getConstExprValue(v) - ) - ) + // We enforce that it's a POD type variable, so if it has an initializer it is explicit + //v.getFile().getBaseName() = "test_member.cpp" and + result = + count(getAUserInitializedValue(v)) + + count(VariableAccess access | access = v.getAnAccess() and not access.isCompilerGenerated()) + + // For constexpr variables used as template arguments, we don't see accesses (just the + // appropriate literals). We therefore take a conservative approach and count the number of + // template instantiations that use the given constant, and consider each one to be a use + // of the variable + count(ClassTemplateInstantiation cti | + cti.getTemplateArgument(_).(Expr).getValue() = getConstExprValue(v) + ) +} + +Expr getAUserInitializedValue(Variable v) { + ( + result = v.getInitializer().getExpr() + or + exists(UserProvidedConstructorFieldInit cfi | cfi.getTarget() = v and result = cfi.getExpr()) + or + exists(ClassAggregateLiteral l | not l.isCompilerGenerated() | result = l.getAFieldExpr(v)) + ) and + not result.isCompilerGenerated() } /** Gets a single use of `v`, if `isSingleUseNonVolatilePODVariable` holds. */ diff --git a/cpp/autosar/test/rules/M0-1-4/test_member.cpp b/cpp/autosar/test/rules/M0-1-4/test_member.cpp index a43ee5d799..8defc07f10 100644 --- a/cpp/autosar/test/rules/M0-1-4/test_member.cpp +++ b/cpp/autosar/test/rules/M0-1-4/test_member.cpp @@ -72,4 +72,25 @@ void test_e() { // Ensure that the template E is fully instantiated e2.getT(); } +void test_fp_reported_in_388() { + struct s1 { + int m1; // COMPLIANT + }; + + s1 l1 = {1}; // m1 is used here + l1.m1; +} + +void test_array_initialized_members() { + struct s1 { + int m1; // COMPLIANT + }; + + struct s1 l1[] = { + {.m1 = 1}, + {.m1 = 2}, + }; + + l1[0].m1; +} } // namespace test \ No newline at end of file From e51019dcb7c958f60ff796c1d29f1239b5dad23b Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 14 Feb 2024 17:02:50 -0800 Subject: [PATCH 1635/2573] Address FPs on subojects Members of a struct can be initialized indirectly in various ways. We account for those when counting uses. --- .../src/rules/M0-1-4/SingleUsePODVariable.qll | 40 ++++++++++++++++++- cpp/autosar/test/rules/M0-1-4/test_member.cpp | 37 +++++++++++++++++ 2 files changed, 76 insertions(+), 1 deletion(-) diff --git a/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll b/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll index 4d822083b3..25a040e3c2 100644 --- a/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll +++ b/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll @@ -10,6 +10,44 @@ private string getConstExprValue(Variable v) { v.isConstexpr() } +/** + * Gets the number of uses of variable `v` in an opaque assignment, where an opaqua assignment for example a cast from one type to the other and `v` is assumed to be a member of the resulting type. + * e.g., + * struct foo { + * int bar; + * } + * + * struct foo * v = (struct foo*)buffer; + */ +Expr getIndirectSubObjectAssignedValue(MemberVariable subobject) { + // struct foo * ptr = (struct foo*)buffer; + exists(Struct someStruct, Variable instanceOfSomeStruct | someStruct.getAMember() = subobject | + instanceOfSomeStruct.getType().(PointerType).getBaseType() = someStruct and + exists(Cast assignedValue | + // Exclude cases like struct foo * v = nullptr; + not assignedValue.isImplicit() and + // `v` is a subobject of another type that reinterprets another object. We count that as a use of `v`. + assignedValue.getExpr() = instanceOfSomeStruct.getAnAssignedValue() and + result = assignedValue + ) + or + // struct foo; read(..., (char *)&foo); + instanceOfSomeStruct.getType() = someStruct and + exists(Call externalInitializerCall, Cast castToCharPointer, int n | + externalInitializerCall.getArgument(n).(AddressOfExpr).getOperand() = + instanceOfSomeStruct.getAnAccess() and + externalInitializerCall.getArgument(n) = castToCharPointer.getExpr() and + castToCharPointer.getType().(PointerType).getBaseType().getUnspecifiedType() instanceof + CharType and + result = externalInitializerCall + ) + or + // the object this subject is part of is initialized and we assumes this initializes the subobject. + instanceOfSomeStruct.getType() = someStruct and + result = instanceOfSomeStruct.getInitializer().getExpr() + ) +} + /** Gets a "use" count according to rule M0-1-4. */ int getUseCount(Variable v) { // We enforce that it's a POD type variable, so if it has an initializer it is explicit @@ -23,7 +61,7 @@ int getUseCount(Variable v) { // of the variable count(ClassTemplateInstantiation cti | cti.getTemplateArgument(_).(Expr).getValue() = getConstExprValue(v) - ) + ) + count(getIndirectSubObjectAssignedValue(v)) } Expr getAUserInitializedValue(Variable v) { diff --git a/cpp/autosar/test/rules/M0-1-4/test_member.cpp b/cpp/autosar/test/rules/M0-1-4/test_member.cpp index 8defc07f10..b82987c8a6 100644 --- a/cpp/autosar/test/rules/M0-1-4/test_member.cpp +++ b/cpp/autosar/test/rules/M0-1-4/test_member.cpp @@ -93,4 +93,41 @@ void test_array_initialized_members() { l1[0].m1; } + +void test_indirect_assigned_members(void *opaque) { + struct s1 { + int m1; // COMPLIANT + }; + + struct s1 *p = (struct s1 *)opaque; + p->m1; + + struct s2 { + int m1; // COMPLIANT + }; + + char buffer[sizeof(struct s2) + 8] = {0}; + struct s2 *l2 = (struct s2 *)&buffer[8]; + l2->m1; +} + +void test_external_assigned_members(void (*fp)(unsigned char *)) { + + struct s1 { + int m1; // COMPLIANT + }; + + struct s1 l1; + fp((unsigned char *)&l1); + l1.m1; + + struct s2 { + int m1; // COMPLIANT + }; + + struct s2 (*copy_init)(); + struct s2 l2 = copy_init(); + l2.m1; +} + } // namespace test \ No newline at end of file From b9bb08a98fb48c1932c2e6b1c46e684d5731d272 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 14 Feb 2024 17:15:43 -0800 Subject: [PATCH 1636/2573] Format title according to styleguide Program elements without a location must be surrounded by single quotes. --- .../rules/M0-1-4/SingleUseMemberPODVariable.ql | 2 +- .../M0-1-4/SingleUseMemberPODVariable.expected | 18 +++++++++--------- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/cpp/autosar/src/rules/M0-1-4/SingleUseMemberPODVariable.ql b/cpp/autosar/src/rules/M0-1-4/SingleUseMemberPODVariable.ql index 5ac8f30160..d691a7b0d2 100644 --- a/cpp/autosar/src/rules/M0-1-4/SingleUseMemberPODVariable.ql +++ b/cpp/autosar/src/rules/M0-1-4/SingleUseMemberPODVariable.ql @@ -24,5 +24,5 @@ where not isExcluded(v, DeadCodePackage::singleUseMemberPODVariableQuery()) and isSingleUseNonVolatilePODVariable(v) select v, - "Member POD variable " + v.getName() + " in " + v.getDeclaringType().getName() + " is only $@.", + "Member POD variable '" + v.getName() + "' in '" + v.getDeclaringType().getName() + "' is only $@.", getSingleUse(v), "used once" diff --git a/cpp/autosar/test/rules/M0-1-4/SingleUseMemberPODVariable.expected b/cpp/autosar/test/rules/M0-1-4/SingleUseMemberPODVariable.expected index f4309e7a4d..bfa053b318 100644 --- a/cpp/autosar/test/rules/M0-1-4/SingleUseMemberPODVariable.expected +++ b/cpp/autosar/test/rules/M0-1-4/SingleUseMemberPODVariable.expected @@ -1,9 +1,9 @@ -| test_global_or_namespace.cpp:16:7:16:7 | x | Member POD variable x in GA is only $@. | test_global_or_namespace.cpp:38:6:38:6 | x | used once | -| test_global_or_namespace.cpp:54:7:54:7 | x | Member POD variable x in N1A is only $@. | test_global_or_namespace.cpp:76:6:76:6 | x | used once | -| test_member.cpp:5:7:5:8 | m2 | Member POD variable m2 in A is only $@. | test_member.cpp:9:21:9:25 | constructor init of field m2 | used once | -| test_member.cpp:6:7:6:8 | m3 | Member POD variable m3 in A is only $@. | test_member.cpp:10:23:10:24 | m3 | used once | -| test_member.cpp:7:7:7:8 | m4 | Member POD variable m4 in A is only $@. | test_member.cpp:14:23:14:24 | m4 | used once | -| test_member.cpp:18:9:18:11 | sm1 | Member POD variable sm1 in s1 is only $@. | test_member.cpp:23:6:23:8 | sm1 | used once | -| test_member.cpp:36:7:36:8 | m1 | Member POD variable m1 in C is only $@. | test_member.cpp:39:21:39:22 | m1 | used once | -| test_member.cpp:37:7:37:8 | m2 | Member POD variable m2 in C is only $@. | test_member.cpp:46:5:46:6 | m2 | used once | -| test_member.cpp:55:5:55:6 | m3 | Member POD variable m3 in E is only $@. | test_member.cpp:56:27:56:32 | constructor init of field m3 | used once | +| test_global_or_namespace.cpp:16:7:16:7 | x | Member POD variable 'x' in 'GA' is only $@. | test_global_or_namespace.cpp:38:6:38:6 | x | used once | +| test_global_or_namespace.cpp:54:7:54:7 | x | Member POD variable 'x' in 'N1A' is only $@. | test_global_or_namespace.cpp:76:6:76:6 | x | used once | +| test_member.cpp:5:7:5:8 | m2 | Member POD variable 'm2' in 'A' is only $@. | test_member.cpp:9:21:9:25 | constructor init of field m2 | used once | +| test_member.cpp:6:7:6:8 | m3 | Member POD variable 'm3' in 'A' is only $@. | test_member.cpp:10:23:10:24 | m3 | used once | +| test_member.cpp:7:7:7:8 | m4 | Member POD variable 'm4' in 'A' is only $@. | test_member.cpp:14:23:14:24 | m4 | used once | +| test_member.cpp:18:9:18:11 | sm1 | Member POD variable 'sm1' in 's1' is only $@. | test_member.cpp:23:6:23:8 | sm1 | used once | +| test_member.cpp:36:7:36:8 | m1 | Member POD variable 'm1' in 'C' is only $@. | test_member.cpp:39:21:39:22 | m1 | used once | +| test_member.cpp:37:7:37:8 | m2 | Member POD variable 'm2' in 'C' is only $@. | test_member.cpp:46:5:46:6 | m2 | used once | +| test_member.cpp:55:5:55:6 | m3 | Member POD variable 'm3' in 'E' is only $@. | test_member.cpp:56:27:56:32 | constructor init of field m3 | used once | From 0e0dfbc765257341dc87bf25b9a2d01f2dbd8d5c Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 14 Feb 2024 17:27:26 -0800 Subject: [PATCH 1637/2573] Add changenote --- change_notes/2024-02-14-fix-fp-m0-1-4.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 change_notes/2024-02-14-fix-fp-m0-1-4.md diff --git a/change_notes/2024-02-14-fix-fp-m0-1-4.md b/change_notes/2024-02-14-fix-fp-m0-1-4.md new file mode 100644 index 0000000000..43aa9f5723 --- /dev/null +++ b/change_notes/2024-02-14-fix-fp-m0-1-4.md @@ -0,0 +1,4 @@ +- `M0-1-4` - `SingleUseMemberPODVariable.ql`: + - Address FP reported in #388. Include aggregrate initialization as a use of a member. + - Include indirect initialization of members. For example, casting a pointer to a buffer to a struct pointer. + - Reformat the alert message to adhere to the style-guide. \ No newline at end of file From 1606bf6a943e7b3d6b775709b53b8792670d60be Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 14 Feb 2024 17:35:02 -0800 Subject: [PATCH 1638/2573] Format query --- cpp/autosar/src/rules/M0-1-4/SingleUseMemberPODVariable.ql | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/src/rules/M0-1-4/SingleUseMemberPODVariable.ql b/cpp/autosar/src/rules/M0-1-4/SingleUseMemberPODVariable.ql index d691a7b0d2..c1dd812e80 100644 --- a/cpp/autosar/src/rules/M0-1-4/SingleUseMemberPODVariable.ql +++ b/cpp/autosar/src/rules/M0-1-4/SingleUseMemberPODVariable.ql @@ -24,5 +24,5 @@ where not isExcluded(v, DeadCodePackage::singleUseMemberPODVariableQuery()) and isSingleUseNonVolatilePODVariable(v) select v, - "Member POD variable '" + v.getName() + "' in '" + v.getDeclaringType().getName() + "' is only $@.", - getSingleUse(v), "used once" + "Member POD variable '" + v.getName() + "' in '" + v.getDeclaringType().getName() + + "' is only $@.", getSingleUse(v), "used once" From a3e3f9df72dea181f6629cbee4d1ba84300a8616 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 15 Feb 2024 12:08:52 -0800 Subject: [PATCH 1639/2573] Exclude members of uninstantiated templates We can't properly determine the use of uninstantiated template members without looking at all the instantiated templates. Even then, included templates provide an interface that can be partially used, so alerting on those parts that are currently not used doesn't necessarily indicate a programming mistake. --- .../src/codingstandards/cpp/deadcode/UnusedVariables.qll | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll b/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll index 3437051cac..fa73e81811 100644 --- a/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll +++ b/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll @@ -92,7 +92,9 @@ class PotentiallyUnusedMemberVariable extends MemberVariable { // Must be in a fully defined class, otherwise one of the undefined functions may use the variable getDeclaringType() instanceof FullyDefinedClass and // Lambda captures are not "real" member variables - it's an implementation detail that they are represented that way - not this = any(LambdaCapture lc).getField() + not this = any(LambdaCapture lc).getField() and + // exclude uninstantiated template members + not this.isFromUninstantiatedTemplate(_) } } From ede9e1bcdbaaf096d25fb3e6450ca1d79c1cb11b Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 15 Feb 2024 12:56:22 -0800 Subject: [PATCH 1640/2573] Consider possible use as template argument --- .../M0-1-3/UnusedGlobalOrNamespaceVariable.ql | 4 +++- .../src/rules/M0-1-3/UnusedMemberVariable.ql | 4 +++- .../rules/M0-1-3/test_global_or_namespace.cpp | 20 ++++++++++++++++++- cpp/autosar/test/rules/M0-1-3/test_member.cpp | 14 +++++++++++++ .../cpp/deadcode/UnusedVariables.qll | 15 ++++++++++++++ 5 files changed, 54 insertions(+), 3 deletions(-) diff --git a/cpp/autosar/src/rules/M0-1-3/UnusedGlobalOrNamespaceVariable.ql b/cpp/autosar/src/rules/M0-1-3/UnusedGlobalOrNamespaceVariable.ql index 617fbd5f8a..1791755fbe 100644 --- a/cpp/autosar/src/rules/M0-1-3/UnusedGlobalOrNamespaceVariable.ql +++ b/cpp/autosar/src/rules/M0-1-3/UnusedGlobalOrNamespaceVariable.ql @@ -22,5 +22,7 @@ from PotentiallyUnusedGlobalOrNamespaceVariable v where not isExcluded(v, DeadCodePackage::unusedGlobalOrNamespaceVariableQuery()) and // No variable access - not exists(v.getAnAccess()) + not exists(v.getAnAccess()) and + // Exclude members whose value is compile time and is potentially used to inintialize a template + not maybeACompileTimeTemplateArgument(v) select v, "Variable " + v.getQualifiedName() + " is unused." diff --git a/cpp/autosar/src/rules/M0-1-3/UnusedMemberVariable.ql b/cpp/autosar/src/rules/M0-1-3/UnusedMemberVariable.ql index 5ebfac4d3f..90d14f61d7 100644 --- a/cpp/autosar/src/rules/M0-1-3/UnusedMemberVariable.ql +++ b/cpp/autosar/src/rules/M0-1-3/UnusedMemberVariable.ql @@ -25,5 +25,7 @@ where // No variable access not exists(v.getAnAccess()) and // No explicit initialization in a constructor - not exists(UserProvidedConstructorFieldInit cfi | cfi.getTarget() = v) + not exists(UserProvidedConstructorFieldInit cfi | cfi.getTarget() = v) and + // Exclude members whose value is compile time and is potentially used to inintialize a template + not maybeACompileTimeTemplateArgument(v) select v, "Member variable " + v.getName() + " is unused." diff --git a/cpp/autosar/test/rules/M0-1-3/test_global_or_namespace.cpp b/cpp/autosar/test/rules/M0-1-3/test_global_or_namespace.cpp index 92bb667c45..524830f1b4 100644 --- a/cpp/autosar/test/rules/M0-1-3/test_global_or_namespace.cpp +++ b/cpp/autosar/test/rules/M0-1-3/test_global_or_namespace.cpp @@ -41,4 +41,22 @@ void test_ns() { x2 = 1; } m1(); // ignore dead code in macros } // namespace N1 -int test_access_variable() { return N1::x5; } \ No newline at end of file +int test_access_variable() { return N1::x5; } + +template struct C1 { + int array[t]; // COMPLIANT +}; + +constexpr int g5 = 1; // COMPLIANT - used as template parameter + +namespace ns1 { +constexpr int m1 = 1; // COMPLIANT - used a template parameter +} + +void test_fp_reported_in_384() { + struct C1 l1; + struct C1 l2; + + l1.array[0] = 1; + l2.array[0] = 1; +} \ No newline at end of file diff --git a/cpp/autosar/test/rules/M0-1-3/test_member.cpp b/cpp/autosar/test/rules/M0-1-3/test_member.cpp index 8c0ded8b4e..7aff9a4232 100644 --- a/cpp/autosar/test/rules/M0-1-3/test_member.cpp +++ b/cpp/autosar/test/rules/M0-1-3/test_member.cpp @@ -47,4 +47,18 @@ void test_d() { d.getT(); } +template struct C1 { + int array[t]; // COMPLIANT +}; + +struct C2 { + static constexpr int m1 = 1; // COMPLIANT - used as template parameter +}; + +void test_fp_reported_in_384() { + struct C1 l1; + + l1.array[0] = 1; +} + } // namespace test \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll b/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll index fa73e81811..cda009558d 100644 --- a/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll +++ b/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll @@ -1,5 +1,6 @@ import cpp import codingstandards.cpp.FunctionEquivalence +import codingstandards.cpp.Scope /** * A type that contains a template parameter type (doesn't count pointers or references). @@ -121,3 +122,17 @@ class UserProvidedConstructorFieldInit extends ConstructorFieldInit { not getEnclosingFunction().isCompilerGenerated() } } + +predicate maybeACompileTimeTemplateArgument(Variable v) { + v.isConstexpr() and + exists(ClassTemplateInstantiation cti, TranslationUnit tu | + cti.getATemplateArgument().(Expr).getValue() = v.getInitializer().getExpr().getValue() and + ( + cti.getFile() = tu and + ( + v.getADeclarationEntry().getFile() = tu or + tu.getATransitivelyIncludedFile() = v.getADeclarationEntry().getFile() + ) + ) + ) +} From 96a6358f5e6365ee265c213fd84256b25f015fe6 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 15 Feb 2024 13:01:14 -0800 Subject: [PATCH 1641/2573] Adjust alert to follow styleguide --- .../rules/M0-1-3/UnusedGlobalOrNamespaceVariable.ql | 2 +- cpp/autosar/src/rules/M0-1-3/UnusedLocalVariable.ql | 2 +- cpp/autosar/src/rules/M0-1-3/UnusedMemberVariable.ql | 2 +- .../M0-1-3/UnusedGlobalOrNamespaceVariable.expected | 8 ++++---- .../test/rules/M0-1-3/UnusedLocalVariable.expected | 12 ++++++------ .../test/rules/M0-1-3/UnusedMemberVariable.expected | 8 ++++---- 6 files changed, 17 insertions(+), 17 deletions(-) diff --git a/cpp/autosar/src/rules/M0-1-3/UnusedGlobalOrNamespaceVariable.ql b/cpp/autosar/src/rules/M0-1-3/UnusedGlobalOrNamespaceVariable.ql index 1791755fbe..ba6b6df20a 100644 --- a/cpp/autosar/src/rules/M0-1-3/UnusedGlobalOrNamespaceVariable.ql +++ b/cpp/autosar/src/rules/M0-1-3/UnusedGlobalOrNamespaceVariable.ql @@ -25,4 +25,4 @@ where not exists(v.getAnAccess()) and // Exclude members whose value is compile time and is potentially used to inintialize a template not maybeACompileTimeTemplateArgument(v) -select v, "Variable " + v.getQualifiedName() + " is unused." +select v, "Variable '" + v.getQualifiedName() + "' is unused." diff --git a/cpp/autosar/src/rules/M0-1-3/UnusedLocalVariable.ql b/cpp/autosar/src/rules/M0-1-3/UnusedLocalVariable.ql index 9ac58a6de8..f088bb1b74 100644 --- a/cpp/autosar/src/rules/M0-1-3/UnusedLocalVariable.ql +++ b/cpp/autosar/src/rules/M0-1-3/UnusedLocalVariable.ql @@ -50,4 +50,4 @@ where // Local variable is never accessed not exists(v.getAnAccess()) and getUseCountConservatively(v) = 0 -select v, "Local variable " + v.getName() + " in " + v.getFunction().getName() + " is not used." +select v, "Local variable '" + v.getName() + "' in '" + v.getFunction().getName() + "' is not used." diff --git a/cpp/autosar/src/rules/M0-1-3/UnusedMemberVariable.ql b/cpp/autosar/src/rules/M0-1-3/UnusedMemberVariable.ql index 90d14f61d7..a27f9cbcab 100644 --- a/cpp/autosar/src/rules/M0-1-3/UnusedMemberVariable.ql +++ b/cpp/autosar/src/rules/M0-1-3/UnusedMemberVariable.ql @@ -28,4 +28,4 @@ where not exists(UserProvidedConstructorFieldInit cfi | cfi.getTarget() = v) and // Exclude members whose value is compile time and is potentially used to inintialize a template not maybeACompileTimeTemplateArgument(v) -select v, "Member variable " + v.getName() + " is unused." +select v, "Member variable '" + v.getName() + "' is unused." diff --git a/cpp/autosar/test/rules/M0-1-3/UnusedGlobalOrNamespaceVariable.expected b/cpp/autosar/test/rules/M0-1-3/UnusedGlobalOrNamespaceVariable.expected index 8ee5d76bfa..97c3d17a84 100644 --- a/cpp/autosar/test/rules/M0-1-3/UnusedGlobalOrNamespaceVariable.expected +++ b/cpp/autosar/test/rules/M0-1-3/UnusedGlobalOrNamespaceVariable.expected @@ -1,4 +1,4 @@ -| test_global_or_namespace.cpp:3:5:3:6 | g3 | Variable g3 is unused. | -| test_global_or_namespace.cpp:18:4:18:4 | a | Variable a is unused. | -| test_global_or_namespace.cpp:26:5:26:6 | x3 | Variable N1::x3 is unused. | -| test_global_or_namespace.cpp:36:5:36:5 | a | Variable N1::a is unused. | +| test_global_or_namespace.cpp:3:5:3:6 | g3 | Variable 'g3' is unused. | +| test_global_or_namespace.cpp:18:4:18:4 | a | Variable 'a' is unused. | +| test_global_or_namespace.cpp:26:5:26:6 | x3 | Variable 'N1::x3' is unused. | +| test_global_or_namespace.cpp:36:5:36:5 | a | Variable 'N1::a' is unused. | diff --git a/cpp/autosar/test/rules/M0-1-3/UnusedLocalVariable.expected b/cpp/autosar/test/rules/M0-1-3/UnusedLocalVariable.expected index 0d6f7de28b..77eb030716 100644 --- a/cpp/autosar/test/rules/M0-1-3/UnusedLocalVariable.expected +++ b/cpp/autosar/test/rules/M0-1-3/UnusedLocalVariable.expected @@ -1,6 +1,6 @@ -| test.cpp:7:7:7:7 | y | Local variable y in test_simple is not used. | -| test.cpp:14:13:14:13 | y | Local variable y in test_const is not used. | -| test.cpp:17:7:17:7 | z | Local variable z in test_const is not used. | -| test.cpp:23:5:23:5 | t | Local variable t in f1 is not used. | -| test.cpp:23:5:23:5 | t | Local variable t in f1 is not used. | -| test.cpp:44:6:44:6 | a | Local variable a in test_side_effect_init is not used. | +| test.cpp:7:7:7:7 | y | Local variable 'y' in 'test_simple' is not used. | +| test.cpp:14:13:14:13 | y | Local variable 'y' in 'test_const' is not used. | +| test.cpp:17:7:17:7 | z | Local variable 'z' in 'test_const' is not used. | +| test.cpp:23:5:23:5 | t | Local variable 't' in 'f1' is not used. | +| test.cpp:23:5:23:5 | t | Local variable 't' in 'f1' is not used. | +| test.cpp:44:6:44:6 | a | Local variable 'a' in 'test_side_effect_init' is not used. | diff --git a/cpp/autosar/test/rules/M0-1-3/UnusedMemberVariable.expected b/cpp/autosar/test/rules/M0-1-3/UnusedMemberVariable.expected index 14e0cb42ee..e424945d5b 100644 --- a/cpp/autosar/test/rules/M0-1-3/UnusedMemberVariable.expected +++ b/cpp/autosar/test/rules/M0-1-3/UnusedMemberVariable.expected @@ -1,4 +1,4 @@ -| test_member.cpp:4:7:4:8 | m1 | Member variable m1 is unused. | -| test_member.cpp:17:9:17:11 | pad | Member variable pad is unused. | -| test_member.cpp:19:9:19:11 | sm2 | Member variable sm2 is unused. | -| test_member.cpp:31:7:31:8 | m1 | Member variable m1 is unused. | +| test_member.cpp:4:7:4:8 | m1 | Member variable 'm1' is unused. | +| test_member.cpp:17:9:17:11 | pad | Member variable 'pad' is unused. | +| test_member.cpp:19:9:19:11 | sm2 | Member variable 'sm2' is unused. | +| test_member.cpp:31:7:31:8 | m1 | Member variable 'm1' is unused. | From e55a5b31dc08800088bec14442843099ec654bb6 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 15 Feb 2024 13:04:37 -0800 Subject: [PATCH 1642/2573] Add changenote --- change_notes/2024-02-15-fix-fp-m0-1-3.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 change_notes/2024-02-15-fix-fp-m0-1-3.md diff --git a/change_notes/2024-02-15-fix-fp-m0-1-3.md b/change_notes/2024-02-15-fix-fp-m0-1-3.md new file mode 100644 index 0000000000..e84f9fb6db --- /dev/null +++ b/change_notes/2024-02-15-fix-fp-m0-1-3.md @@ -0,0 +1,4 @@ +- `M0-1-3` - `UnusedMemberVariable.ql`, `UnusedGlobalOrNamespaceVariable.ql`: + - Address FP reported in #384. Exclude variables with compile time values that may have been used as a template argument. + - Exclude uninstantiated template members. + - Reformat the alert message to adhere to the style-guide. From 5df06ecb6ab3e6719098671aa9be2a957f1b7d22 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 15 Feb 2024 13:09:40 -0800 Subject: [PATCH 1643/2573] Add qldoc to `maybeACompileTimeTemplateArgument` --- .../src/codingstandards/cpp/deadcode/UnusedVariables.qll | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll b/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll index cda009558d..077c35a2aa 100644 --- a/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll +++ b/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll @@ -123,6 +123,10 @@ class UserProvidedConstructorFieldInit extends ConstructorFieldInit { } } +/** + * Holds if `v` may hold a compile time value and is accessible to a template instantiation that + * receives a constant value as an argument equal to the value of `v`. + */ predicate maybeACompileTimeTemplateArgument(Variable v) { v.isConstexpr() and exists(ClassTemplateInstantiation cti, TranslationUnit tu | From 65f71d9e5361103831fc6a299d95d6fa07c6c76c Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Fri, 16 Feb 2024 10:02:17 -0500 Subject: [PATCH 1644/2573] Update change_notes/2024-02-12-improve-a18-0-1.md Co-authored-by: Remco Vermeulen --- change_notes/2024-02-12-improve-a18-0-1.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/change_notes/2024-02-12-improve-a18-0-1.md b/change_notes/2024-02-12-improve-a18-0-1.md index cd6bcee256..5ad807faba 100644 --- a/change_notes/2024-02-12-improve-a18-0-1.md +++ b/change_notes/2024-02-12-improve-a18-0-1.md @@ -1,2 +1,2 @@ -`A18-0-1` - `CLibraryFacilitiesNotAccessedThroughCPPLibraryHeaders.ql`: +- `A18-0-1` - `CLibraryFacilitiesNotAccessedThroughCPPLibraryHeaders.ql`: - Fix issue #7 - improve query logic to only match on exact standard library names (exclude local files with same names. Now excludes sys/header.h type headers as well from the results as those are not C standard libraries). \ No newline at end of file From df07198e0aa6cec5858e46212f36c8b93b85e89f Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Fri, 16 Feb 2024 10:53:05 -0500 Subject: [PATCH 1645/2573] A18-0-1: improve testcase --- cpp/autosar/test/rules/A18-0-1/test.cpp | 3 ++- cpp/autosar/test/rules/A18-0-1/time.h | 4 ++++ 2 files changed, 6 insertions(+), 1 deletion(-) create mode 100644 cpp/autosar/test/rules/A18-0-1/time.h diff --git a/cpp/autosar/test/rules/A18-0-1/test.cpp b/cpp/autosar/test/rules/A18-0-1/test.cpp index 7c54ccf98e..77ed9f94f0 100644 --- a/cpp/autosar/test/rules/A18-0-1/test.cpp +++ b/cpp/autosar/test/rules/A18-0-1/test.cpp @@ -41,4 +41,5 @@ #include // COMPLIANT #include // COMPLIANT -#include "lib/assert.h" // COMPLIANT \ No newline at end of file +#include "lib/assert.h" // COMPLIANT +#include "time.h" // COMPLIANT - no way to check if this is a local checked in std lib copy \ No newline at end of file diff --git a/cpp/autosar/test/rules/A18-0-1/time.h b/cpp/autosar/test/rules/A18-0-1/time.h new file mode 100644 index 0000000000..ba58b95bbc --- /dev/null +++ b/cpp/autosar/test/rules/A18-0-1/time.h @@ -0,0 +1,4 @@ +#ifndef LIB_TIME_EXAMPLE_H_ +#define LIB_TIME_EXAMPLE_H_ +// may be a user lib or a std lib checked into a project +#endif \ No newline at end of file From 0516f5f52be38a47945089b7162895c320bdafed Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Fri, 16 Feb 2024 11:46:05 -0500 Subject: [PATCH 1646/2573] Update change_notes/2024-02-12-exclusion-A2-10-4.md Co-authored-by: Remco Vermeulen --- change_notes/2024-02-12-exclusion-A2-10-4.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/change_notes/2024-02-12-exclusion-A2-10-4.md b/change_notes/2024-02-12-exclusion-A2-10-4.md index d4ba29110b..ccaf302dd1 100644 --- a/change_notes/2024-02-12-exclusion-A2-10-4.md +++ b/change_notes/2024-02-12-exclusion-A2-10-4.md @@ -1,2 +1,2 @@ -`A2-10-4` - `IdentifierNameOfStaticNonMemberObjectReusedInNamespace.ql`: +- `A2-10-4` - `IdentifierNameOfStaticNonMemberObjectReusedInNamespace.ql`: - Fix FP reported in #385. Addresses incorrect detection of partially specialized template variables as conflicting reuses. \ No newline at end of file From 7339c147aeb0c84a9440d3139fe6034d69421634 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 16 Feb 2024 10:24:44 -0800 Subject: [PATCH 1647/2573] Generate db for current test based on open test file --- .vscode/tasks.json | 22 ++++++++++++++++++++ scripts/build_test_database.py | 38 +++++++++++++++++++++++++++++----- 2 files changed, 55 insertions(+), 5 deletions(-) diff --git a/.vscode/tasks.json b/.vscode/tasks.json index 575dda1e99..9b53539c04 100644 --- a/.vscode/tasks.json +++ b/.vscode/tasks.json @@ -140,6 +140,28 @@ }, "problemMatcher": [] }, + { + "label": "🧪 Standards Automation: Build Case Test DB from test file", + "type": "shell", + "windows": { + "command": ".${pathSeparator}scripts${pathSeparator}.venv${pathSeparator}Scripts${pathSeparator}python.exe scripts${pathSeparator}build_test_database.py ${file}" + }, + "linux": { + "command": ".${pathSeparator}scripts${pathSeparator}.venv${pathSeparator}bin${pathSeparator}python3 scripts${pathSeparator}build_test_database.py ${file}" + }, + "osx": { + "command": ".${pathSeparator}scripts${pathSeparator}.venv${pathSeparator}bin${pathSeparator}python3 scripts${pathSeparator}build_test_database.py ${file}" + }, + "presentation": { + "reveal": "always", + "panel": "new", + "focus": true + }, + "runOptions": { + "reevaluateOnRerun": false + }, + "problemMatcher": [] + }, { "label": "📝 Standards Automation: Format CodeQL", "type": "shell", diff --git a/scripts/build_test_database.py b/scripts/build_test_database.py index 3f8acde999..c2c17092a2 100644 --- a/scripts/build_test_database.py +++ b/scripts/build_test_database.py @@ -3,14 +3,42 @@ import os import subprocess import json +from pathlib import Path -if len(sys.argv) < 4: - print ("Usage: build_test_database.py LANGUAGE STANDARD RULE", file=sys.stderr) +if len(sys.argv) != 4 and len(sys.argv) != 2: + print ("Usage: build_test_database.py TEST_FILE | LANGUAGE STANDARD RULE", file=sys.stderr) exit(1) -LANGUAGE=sys.argv[1] -STANDARD=sys.argv[2] -RULE=sys.argv[3] +if len(sys.argv) == 4: + LANGUAGE=sys.argv[1] + STANDARD=sys.argv[2] + RULE=sys.argv[3] + +if len(sys.argv) == 2: + TEST_FILE_PATH=Path(sys.argv[1]) + if not TEST_FILE_PATH.exists(): + print(f"The test file {TEST_FILE_PATH} does not exist!", file=sys.stderr) + exit(1) + RULE_PATH=TEST_FILE_PATH.parent + while True: + if len(list(RULE_PATH.glob("*.expected"))) > 0: + break + if RULE_PATH.parent != RULE_PATH: + RULE_PATH = RULE_PATH.parent + else: + print(f"The test file {TEST_FILE_PATH} is not a test because we couldn't find an expected file!", file=sys.stderr) + exit(1) + RULE=RULE_PATH.name + TESTS_PATH=RULE_PATH.parent.parent + if TESTS_PATH.name != "test": + print(f"The test file {TEST_FILE_PATH} is not in the expected test layout, cannot determine standard or language!", file=sys.stderr) + exit(1) + + STANDARD_PATH=TESTS_PATH.parent + STANDARD=STANDARD_PATH.name + + LANGUAGE_PATH=STANDARD_PATH.parent + LANGUAGE=LANGUAGE_PATH.name if shutil.which("codeql") is None: print ("Please install codeql.", file=sys.stderr) From b19874adb61a247a1a9b1dd8912e2cee82f9aec0 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 16 Feb 2024 14:15:44 -0800 Subject: [PATCH 1648/2573] Exclude literals that are the result of constexpr variable uses. --- .../A5-1-1/LiteralValueUsedOutsideTypeInit.ql | 3 ++- .../LiteralValueUsedOutsideTypeInit.expected | 4 ++++ cpp/autosar/test/rules/A5-1-1/test.cpp | 24 ++++++++++++++++++- .../src/codingstandards/cpp/Literals.qll | 19 +++++++++++++++ 4 files changed, 48 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql b/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql index a83e3ade5d..233fe5c4a3 100644 --- a/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql +++ b/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql @@ -51,7 +51,8 @@ where // Aggregate literal not l = any(ArrayOrVectorAggregateLiteral aal).getAnElementExpr(_).getAChild*() and // Ignore x - 1 expressions - not exists(SubExpr se | se.getRightOperand() = l and l.getValue() = "1") + not exists(SubExpr se | se.getRightOperand() = l and l.getValue() = "1") and + not l instanceof CompileTimeComputedIntegralLiteral select l, "Literal value " + getTruncatedLiteralText(l) + " used outside of type initialization " + l.getAPrimaryQlClass() diff --git a/cpp/autosar/test/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.expected b/cpp/autosar/test/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.expected index 3212f14efb..4aecf3bf6c 100644 --- a/cpp/autosar/test/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.expected +++ b/cpp/autosar/test/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.expected @@ -3,3 +3,7 @@ | test.cpp:54:7:54:7 | 1 | Literal value 1 used outside of type initialization Literal | | test.cpp:75:23:75:28 | test | Literal value "test" used outside of type initialization StringLiteral | | test.cpp:76:19:76:28 | not okay | Literal value "not okay" used outside of type initialization StringLiteral | +| test.cpp:104:8:104:8 | 4 | Literal value 4 used outside of type initialization Literal | +| test.cpp:104:8:104:8 | 4 | Literal value 4 used outside of type initialization Literal | +| test.cpp:104:8:104:8 | 4 | Literal value 4 used outside of type initialization Literal | +| test.cpp:108:18:108:18 | 1 | Literal value 1 used outside of type initialization Literal | diff --git a/cpp/autosar/test/rules/A5-1-1/test.cpp b/cpp/autosar/test/rules/A5-1-1/test.cpp index 4c4ad4fb30..58c1ac64f1 100644 --- a/cpp/autosar/test/rules/A5-1-1/test.cpp +++ b/cpp/autosar/test/rules/A5-1-1/test.cpp @@ -80,10 +80,32 @@ void test_not_wrapper_stream(std::ostream &os, const char *str) noexcept { #define MACRO_LOG(test_str) \ do { \ struct test_struct { \ - static const char *get_str() { return static_cast(test_str); } \ + static const char *get_str() { \ + return static_cast(test_str); \ + } \ }; \ } while (false) void f() { MACRO_LOG("test"); // COMPLIANT - exclusion +} + +template struct S1 { static constexpr size_t value(); }; + +template <> struct S1 { + static constexpr size_t value() { return sizeof(int); }; +}; + +constexpr size_t g1 = S1::value(); +constexpr size_t f1() { return sizeof(int); } + +template struct S2 { + T m1[size]; // COMPLIANT + T m2[4]; // NON_COMPLIANT +}; + +void test_fp_reported_in_371() { + struct S2 l1; // COMPLIANT[FALSE_POSITIVE] + struct S2 l2; // COMPLIANT + struct S2 l3; // COMPLIANT } \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/Literals.qll b/cpp/common/src/codingstandards/cpp/Literals.qll index d4e11154fa..e6014d417b 100644 --- a/cpp/common/src/codingstandards/cpp/Literals.qll +++ b/cpp/common/src/codingstandards/cpp/Literals.qll @@ -28,3 +28,22 @@ class Utf16StringLiteral extends StringLiteral { class Utf32StringLiteral extends StringLiteral { Utf32StringLiteral() { this.getValueText().regexpMatch("(?s)\\s*U\".*") } } + +/** + * A literal resulting from the use of a constexpr + * variable, or macro expansion. + */ +class CompileTimeComputedIntegralLiteral extends Literal { + CompileTimeComputedIntegralLiteral() { + this.getUnspecifiedType() instanceof IntegralType and + not this.getUnspecifiedType() instanceof BoolType and + not this.getUnspecifiedType() instanceof CharType and + // In some cases we still type char constants like '.' as int + not this.getValueText().trim().matches("'%'") and + not this.getValueText() + .trim() + .regexpMatch("([0-9][0-9']*|0[xX][0-9a-fA-F']+|0b[01']+)[uU]?([lL]{1,2}|[zZ])?") and + // Exclude class field initializers whose value text equals the initializer expression, e.g., `x(0)` + not any(ConstructorFieldInit cfi).getExpr() = this + } +} From 5f90fae199089c5d4abb325203178e570a78a444 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 16 Feb 2024 14:23:05 -0800 Subject: [PATCH 1649/2573] Exclude literals used in class template instantiation --- .../src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql | 5 ++++- .../rules/A5-1-1/LiteralValueUsedOutsideTypeInit.expected | 1 - cpp/autosar/test/rules/A5-1-1/test.cpp | 2 +- 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql b/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql index 233fe5c4a3..4392821af5 100644 --- a/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql +++ b/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql @@ -52,7 +52,10 @@ where not l = any(ArrayOrVectorAggregateLiteral aal).getAnElementExpr(_).getAChild*() and // Ignore x - 1 expressions not exists(SubExpr se | se.getRightOperand() = l and l.getValue() = "1") and - not l instanceof CompileTimeComputedIntegralLiteral + not l instanceof CompileTimeComputedIntegralLiteral and + // Exclude literals to instantiate a class template per example in the standard + // where an type of std::array is intialized with size 5. + not l = any(ClassTemplateInstantiation cti).getATemplateArgument() select l, "Literal value " + getTruncatedLiteralText(l) + " used outside of type initialization " + l.getAPrimaryQlClass() diff --git a/cpp/autosar/test/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.expected b/cpp/autosar/test/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.expected index 4aecf3bf6c..99ab3d6c37 100644 --- a/cpp/autosar/test/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.expected +++ b/cpp/autosar/test/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.expected @@ -6,4 +6,3 @@ | test.cpp:104:8:104:8 | 4 | Literal value 4 used outside of type initialization Literal | | test.cpp:104:8:104:8 | 4 | Literal value 4 used outside of type initialization Literal | | test.cpp:104:8:104:8 | 4 | Literal value 4 used outside of type initialization Literal | -| test.cpp:108:18:108:18 | 1 | Literal value 1 used outside of type initialization Literal | diff --git a/cpp/autosar/test/rules/A5-1-1/test.cpp b/cpp/autosar/test/rules/A5-1-1/test.cpp index 58c1ac64f1..4f3b812c2d 100644 --- a/cpp/autosar/test/rules/A5-1-1/test.cpp +++ b/cpp/autosar/test/rules/A5-1-1/test.cpp @@ -105,7 +105,7 @@ template struct S2 { }; void test_fp_reported_in_371() { - struct S2 l1; // COMPLIANT[FALSE_POSITIVE] + struct S2 l1; // COMPLIANT struct S2 l2; // COMPLIANT struct S2 l3; // COMPLIANT } \ No newline at end of file From b79e986f20630cb72534c0e53ecdcb0563f32622 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 16 Feb 2024 14:26:25 -0800 Subject: [PATCH 1650/2573] Format alert according to style-guide --- .../A5-1-1/LiteralValueUsedOutsideTypeInit.ql | 4 +--- .../LiteralValueUsedOutsideTypeInit.expected | 16 ++++++++-------- 2 files changed, 9 insertions(+), 11 deletions(-) diff --git a/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql b/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql index 4392821af5..ef838e585b 100644 --- a/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql +++ b/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql @@ -56,6 +56,4 @@ where // Exclude literals to instantiate a class template per example in the standard // where an type of std::array is intialized with size 5. not l = any(ClassTemplateInstantiation cti).getATemplateArgument() -select l, - "Literal value " + getTruncatedLiteralText(l) + " used outside of type initialization " + - l.getAPrimaryQlClass() +select l, "Literal value '" + getTruncatedLiteralText(l) + "' used outside of type initialization." diff --git a/cpp/autosar/test/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.expected b/cpp/autosar/test/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.expected index 99ab3d6c37..22300512fc 100644 --- a/cpp/autosar/test/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.expected +++ b/cpp/autosar/test/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.expected @@ -1,8 +1,8 @@ -| test.cpp:5:9:5:25 | constant string | Literal value "constant string" used outside of type initialization StringLiteral | -| test.cpp:14:23:14:25 | 100 | Literal value 100 used outside of type initialization Literal | -| test.cpp:54:7:54:7 | 1 | Literal value 1 used outside of type initialization Literal | -| test.cpp:75:23:75:28 | test | Literal value "test" used outside of type initialization StringLiteral | -| test.cpp:76:19:76:28 | not okay | Literal value "not okay" used outside of type initialization StringLiteral | -| test.cpp:104:8:104:8 | 4 | Literal value 4 used outside of type initialization Literal | -| test.cpp:104:8:104:8 | 4 | Literal value 4 used outside of type initialization Literal | -| test.cpp:104:8:104:8 | 4 | Literal value 4 used outside of type initialization Literal | +| test.cpp:5:9:5:25 | constant string | Literal value '"constant string"' used outside of type initialization. | +| test.cpp:14:23:14:25 | 100 | Literal value '100' used outside of type initialization. | +| test.cpp:54:7:54:7 | 1 | Literal value '1' used outside of type initialization. | +| test.cpp:75:23:75:28 | test | Literal value '"test"' used outside of type initialization. | +| test.cpp:76:19:76:28 | not okay | Literal value '"not okay"' used outside of type initialization. | +| test.cpp:104:8:104:8 | 4 | Literal value '4' used outside of type initialization. | +| test.cpp:104:8:104:8 | 4 | Literal value '4' used outside of type initialization. | +| test.cpp:104:8:104:8 | 4 | Literal value '4' used outside of type initialization. | From 9109b3c29153171c85f93ff1e205a7333635ee9f Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 16 Feb 2024 14:46:25 -0800 Subject: [PATCH 1651/2573] Add changenote --- change_notes/2024-02-16-fix-fps-a5-1-1.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 change_notes/2024-02-16-fix-fps-a5-1-1.md diff --git a/change_notes/2024-02-16-fix-fps-a5-1-1.md b/change_notes/2024-02-16-fix-fps-a5-1-1.md new file mode 100644 index 0000000000..6cc792be29 --- /dev/null +++ b/change_notes/2024-02-16-fix-fps-a5-1-1.md @@ -0,0 +1,4 @@ +- `A5-1-1` - `LiteralValueUsedOutsideTypeInit.ql`: + - Address FP reported in #371. Exclude literals generated by uses of constexpr variables. + - Exclude literals used in class template instantiations. + - Update the alert message to adhere to the style-guide. \ No newline at end of file From 449d90f66d2038d13d771d68087976eee72ddce4 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Fri, 16 Feb 2024 20:58:39 -0500 Subject: [PATCH 1652/2573] A18-0-1: improve heuristic and test --- .../CLibraryFacilitiesNotAccessedThroughCPPLibraryHeaders.ql | 3 +-- ...raryFacilitiesNotAccessedThroughCPPLibraryHeaders.expected | 1 + cpp/autosar/test/rules/A18-0-1/lib/{assert.h => example.h} | 0 cpp/autosar/test/rules/A18-0-1/test.cpp | 4 ++-- 4 files changed, 4 insertions(+), 4 deletions(-) rename cpp/autosar/test/rules/A18-0-1/lib/{assert.h => example.h} (100%) diff --git a/cpp/autosar/src/rules/A18-0-1/CLibraryFacilitiesNotAccessedThroughCPPLibraryHeaders.ql b/cpp/autosar/src/rules/A18-0-1/CLibraryFacilitiesNotAccessedThroughCPPLibraryHeaders.ql index 9a5970c870..5c4d9d580f 100644 --- a/cpp/autosar/src/rules/A18-0-1/CLibraryFacilitiesNotAccessedThroughCPPLibraryHeaders.ql +++ b/cpp/autosar/src/rules/A18-0-1/CLibraryFacilitiesNotAccessedThroughCPPLibraryHeaders.ql @@ -33,8 +33,7 @@ where "assert.h", "ctype.h", "errno.h", "fenv.h", "float.h", "inttypes.h", "limits.h", "locale.h", "math.h", "setjmp.h", "signal.h", "stdarg.h", "stddef.h", "stdint.h", "stdio.h", "stdlib.h", "string.h", "time.h", "uchar.h", "wchar.h", "wctype.h" - ] and - not exists(i.getIncludedFile().getRelativePath()) + ] select i, "C library \"" + filename + "\" is included instead of the corresponding C++ library ." diff --git a/cpp/autosar/test/rules/A18-0-1/CLibraryFacilitiesNotAccessedThroughCPPLibraryHeaders.expected b/cpp/autosar/test/rules/A18-0-1/CLibraryFacilitiesNotAccessedThroughCPPLibraryHeaders.expected index 3952555595..ff53ffd841 100644 --- a/cpp/autosar/test/rules/A18-0-1/CLibraryFacilitiesNotAccessedThroughCPPLibraryHeaders.expected +++ b/cpp/autosar/test/rules/A18-0-1/CLibraryFacilitiesNotAccessedThroughCPPLibraryHeaders.expected @@ -19,3 +19,4 @@ | test.cpp:19:1:19:18 | #include | C library "uchar.h" is included instead of the corresponding C++ library . | | test.cpp:20:1:20:18 | #include | C library "wchar.h" is included instead of the corresponding C++ library . | | test.cpp:21:1:21:19 | #include | C library "wctype.h" is included instead of the corresponding C++ library . | +| test.cpp:45:1:45:17 | #include "time.h" | C library "time.h" is included instead of the corresponding C++ library . | diff --git a/cpp/autosar/test/rules/A18-0-1/lib/assert.h b/cpp/autosar/test/rules/A18-0-1/lib/example.h similarity index 100% rename from cpp/autosar/test/rules/A18-0-1/lib/assert.h rename to cpp/autosar/test/rules/A18-0-1/lib/example.h diff --git a/cpp/autosar/test/rules/A18-0-1/test.cpp b/cpp/autosar/test/rules/A18-0-1/test.cpp index 77ed9f94f0..579842ddab 100644 --- a/cpp/autosar/test/rules/A18-0-1/test.cpp +++ b/cpp/autosar/test/rules/A18-0-1/test.cpp @@ -41,5 +41,5 @@ #include // COMPLIANT #include // COMPLIANT -#include "lib/assert.h" // COMPLIANT -#include "time.h" // COMPLIANT - no way to check if this is a local checked in std lib copy \ No newline at end of file +#include "lib/example.h" // COMPLIANT +#include "time.h" // NON_COMPLIANT \ No newline at end of file From ed673a9e10967759f7a577d61bee638ab146895c Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 20 Feb 2024 14:20:16 -0800 Subject: [PATCH 1653/2573] Remove commented-out code. --- cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll | 1 - 1 file changed, 1 deletion(-) diff --git a/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll b/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll index 25a040e3c2..83d78521a0 100644 --- a/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll +++ b/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll @@ -51,7 +51,6 @@ Expr getIndirectSubObjectAssignedValue(MemberVariable subobject) { /** Gets a "use" count according to rule M0-1-4. */ int getUseCount(Variable v) { // We enforce that it's a POD type variable, so if it has an initializer it is explicit - //v.getFile().getBaseName() = "test_member.cpp" and result = count(getAUserInitializedValue(v)) + count(VariableAccess access | access = v.getAnAccess() and not access.isCompilerGenerated()) + From 9261147a91cdc545e37a4bb67c8028d08b35cc7c Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Wed, 21 Feb 2024 22:42:16 +0000 Subject: [PATCH 1654/2573] Update change_notes/2023-11-03-identifier-hiding-improvements.md Co-authored-by: Remco Vermeulen --- change_notes/2023-11-03-identifier-hiding-improvements.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/change_notes/2023-11-03-identifier-hiding-improvements.md b/change_notes/2023-11-03-identifier-hiding-improvements.md index 35eca283e3..e1e9f8b85f 100644 --- a/change_notes/2023-11-03-identifier-hiding-improvements.md +++ b/change_notes/2023-11-03-identifier-hiding-improvements.md @@ -1,3 +1,3 @@ - `A2-10-1`, `RULE-5-3`: - - Reduce false positives by considering point of declaration for local bariables. + - Reduce false positives by considering point of declaration for local variables. - Reduce false negatives by considering catch block parameters to be in scope in the catch block. \ No newline at end of file From 397967fc3361c92a60e85fc9b555821baf8330cd Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Wed, 21 Feb 2024 22:42:53 +0000 Subject: [PATCH 1655/2573] Update change_notes/2024-01-16-m5-2-10-arith-only.md Co-authored-by: Remco Vermeulen --- change_notes/2024-01-16-m5-2-10-arith-only.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/change_notes/2024-01-16-m5-2-10-arith-only.md b/change_notes/2024-01-16-m5-2-10-arith-only.md index b8f51bee46..4f92512b55 100644 --- a/change_notes/2024-01-16-m5-2-10-arith-only.md +++ b/change_notes/2024-01-16-m5-2-10-arith-only.md @@ -1 +1,2 @@ - * `M5-2-10` - only report use of the increment and decrement operations in conjunction with arithmetic operators, as specified by the rule. Notably we no longer report the expressions of the form `*p++`, which combine increment and dereferencing operations. \ No newline at end of file + `M5-2-10` - `IncrementAndDecrementOperatorsMixedWithOtherOperatorsInExpression.ql`: + - only report use of the increment and decrement operations in conjunction with arithmetic operators, as specified by the rule. Notably we no longer report the expressions of the form `*p++`, which combine increment and dereferencing operations. \ No newline at end of file From 002fc4a3091524b882fa782c4ce5965803bcc0e6 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 21 Feb 2024 22:51:57 +0000 Subject: [PATCH 1656/2573] Add COMPLIANT marker --- cpp/autosar/test/rules/M8-5-2/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/M8-5-2/test.cpp b/cpp/autosar/test/rules/M8-5-2/test.cpp index d78dd3df81..9c5efb726d 100644 --- a/cpp/autosar/test/rules/M8-5-2/test.cpp +++ b/cpp/autosar/test/rules/M8-5-2/test.cpp @@ -61,7 +61,7 @@ void test() { template bool all_of(std::initializer_list); template constexpr bool all_of(Args... args) noexcept { - return all_of({args...}); + return all_of({args...}); // COMPLIANT - explicitly initialized via varargs } void test_all_of() { all_of(true, false, false); } \ No newline at end of file From c9ce9b67ce183d967e3c17b035421837ecb0ded5 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 21 Feb 2024 23:00:38 +0000 Subject: [PATCH 1657/2573] Add explanatory comment --- cpp/common/src/codingstandards/cpp/Loops.qll | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/cpp/common/src/codingstandards/cpp/Loops.qll b/cpp/common/src/codingstandards/cpp/Loops.qll index a86166e24f..bfd68c49a0 100644 --- a/cpp/common/src/codingstandards/cpp/Loops.qll +++ b/cpp/common/src/codingstandards/cpp/Loops.qll @@ -70,6 +70,13 @@ class MemberAssignmentOperation extends FunctionCall { */ pragma[noopt] Variable getALoopCounter(ForStmt fs) { + // ------------------------------------------------------------------------------------------------ + // NOTE: This is an updated version of ForStmt.getAnIterationVariable(), handling additional cases. + // The use of pragma[noopt] is retained from the original code, as we haven't determined + // whether it's still necessary across a broad range of databases. As a noopt predicate, it + // includes a degree of duplication as the join order is defined based on the order of the + // conditions. + // ------------------------------------------------------------------------------------------------ // check that it is assigned to, incremented or decremented in the update exists(Expr updateOpRoot, Expr updateOp | updateOpRoot = fs.getUpdate() and From 4ee1015a834ffddd1c6f64d3b14e7a0fd487693b Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 21 Feb 2024 23:07:17 +0000 Subject: [PATCH 1658/2573] Extract ArithmeticOperation to Expr.qll. --- ...rementOperatorsMixedWithOtherOperatorsInExpression.ql | 7 +------ cpp/common/src/codingstandards/cpp/Expr.qll | 9 +++++++++ 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/cpp/autosar/src/rules/M5-2-10/IncrementAndDecrementOperatorsMixedWithOtherOperatorsInExpression.ql b/cpp/autosar/src/rules/M5-2-10/IncrementAndDecrementOperatorsMixedWithOtherOperatorsInExpression.ql index f77ff6e028..9c48cf1d1d 100644 --- a/cpp/autosar/src/rules/M5-2-10/IncrementAndDecrementOperatorsMixedWithOtherOperatorsInExpression.ql +++ b/cpp/autosar/src/rules/M5-2-10/IncrementAndDecrementOperatorsMixedWithOtherOperatorsInExpression.ql @@ -16,12 +16,7 @@ import cpp import codingstandards.cpp.autosar - -class ArithmeticOperation extends Operation { - ArithmeticOperation() { - this instanceof UnaryArithmeticOperation or this instanceof BinaryArithmeticOperation - } -} +import codingstandards.cpp.Expr from CrementOperation cop, ArithmeticOperation op, string name where diff --git a/cpp/common/src/codingstandards/cpp/Expr.qll b/cpp/common/src/codingstandards/cpp/Expr.qll index 4ed50b4986..86d04e70df 100644 --- a/cpp/common/src/codingstandards/cpp/Expr.qll +++ b/cpp/common/src/codingstandards/cpp/Expr.qll @@ -2,6 +2,15 @@ import cpp private import semmle.code.cpp.valuenumbering.GlobalValueNumbering import codingstandards.cpp.AccessPath +/** + * A unary or binary arithmetic operation. + */ +class ArithmeticOperation extends Operation { + ArithmeticOperation() { + this instanceof UnaryArithmeticOperation or this instanceof BinaryArithmeticOperation + } +} + /** A full expression as defined in [intro.execution] of N3797. */ class FullExpr extends Expr { FullExpr() { From bb2c719e5c8efce76fdad7d424102e0b0df2e30d Mon Sep 17 00:00:00 2001 From: GitButler Date: Wed, 14 Feb 2024 16:21:27 -0800 Subject: [PATCH 1659/2573] GitButler Integration Commit This is an integration commit for the virtual branches that GitButler is tracking. Due to GitButler managing multiple virtual branches, you cannot switch back and forth between git branches and virtual branches easily. If you switch to another branch, GitButler will need to be reinitialized. If you commit on this branch, GitButler will throw it away. Here are the branches that are currently applied: - rvermeulen/fix-388 (refs/gitbutler/rvermeulen/fix-388) - scripts/release/.venv/lib/python3.11/site-packages/github/PublicKey.py - scripts/release/.venv/lib/python3.11/site-packages/Deprecated-1.2.14.dist-info/WHEEL - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_reqs.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/operations/build/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/resolution/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/requests/help.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/asymmetric/x25519.py - scripts/release/.venv/lib/python3.11/site-packages/_yaml/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/CodeScanAlertInstanceLocation.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/install_headers.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/more_itertools/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/tomli/_parser.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/ciphers/modes.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/metadata/_json.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/appdirs.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/config/_validate_pyproject/extra_validations.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/resolvelib/providers.py - scripts/release/.venv/lib/python3.11/site-packages/github/Plan.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/actions.py - scripts/release/.venv/lib/python3.11/site-packages/github/PullRequestReview.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/commands/freeze.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/box.py - scripts/release/.venv/lib/python3.11/site-packages/certifi/py.typed - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/alias.py - scripts/release/.venv/lib/python3.11/site-packages/GitPython-3.1.36.dist-info/INSTALLER - cpp/autosar/test/rules/M0-1-4/test_member.cpp - scripts/release/.venv/lib/python3.11/site-packages/github/Team.pyi - scripts/release/.venv/lib/python3.11/site-packages/certifi-2023.11.17.dist-info/top_level.txt - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/platformdirs/unix.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/syntax.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/_base_connection.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/platformdirs/windows.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_resources/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/BranchProtection.pyi - scripts/release/.venv/lib/python3.11/site-packages/github/Project.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/cli/progress_bars.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools-67.6.1.dist-info/RECORD - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip-23.2.1.dist-info/WHEEL - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/file_util.py - scripts/release/.venv/lib/python3.11/site-packages/jwt/jwks_client.py - cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/openssl/x448.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/idna-3.4.dist-info/INSTALLER - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/commands/debug.py - scripts/release/.venv/lib/python3.11/site-packages/github/Repository.pyi - scripts/release/.venv/lib/python3.11/site-packages/_pytest/warnings.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/t64.exe - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/_musllinux.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/asymmetric/utils.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/msvccompiler.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/wait.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/resolvelib/reporters.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/_io/wcwidth.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/abc.py - scripts/release/.venv/bin/pytest - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/importlib_resources/readers.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/resolvelib/structs.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_importlib.py - scripts/release/.venv/lib/python3.11/site-packages/git/index/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/core.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/wait.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/webencodings/mklabels.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/progress_bar.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/_collections.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/traceback.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/json.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography-41.0.5.dist-info/LICENSE - scripts/release/.venv/lib/python3.11/site-packages/github/StatsParticipation.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/specifiers.py - scripts/release/.venv/lib/python3.11/site-packages/smmap-5.0.1.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/gitdb-4.0.11.dist-info/LICENSE - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/langhungarianmodel.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/filters/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/Milestone.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_metadata/_itertools.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/launcher manifest.xml - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/commands/check.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/doctest.py - scripts/release/.venv/lib/python3.11/site-packages/pycparser/plyparser.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/build_clib.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/certifi/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/models/scheme.py - scripts/release/.venv/lib/python3.11/site-packages/github/Project.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/requests/__version__.py - scripts/release/.venv/lib/python3.11/site-packages/certifi-2023.11.17.dist-info/LICENSE - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/msvc9compiler.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/exceptions.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_resources/_common.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/bdist_egg.py - scripts/release/.venv/lib/python3.11/site-packages/wrapt/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/Event.pyi - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/platformdirs/__main__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/resolution/base.py - scripts/release/.venv/lib/python3.11/site-packages/github/PullRequestComment.py - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer/constant.py - scripts/release/.venv/lib/python3.11/site-packages/smmap/test/test_util.py - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer-3.3.2.dist-info/top_level.txt - scripts/release/.venv/lib/python3.11/site-packages/packaging/specifiers.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/index/sources.py - scripts/release/.venv/lib/python3.11/site-packages/git/objects/base.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distro/distro.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/wheel.py - scripts/release/.venv/lib/python3.11/site-packages/github/StatsCommitActivity.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/operations/install/editable_legacy.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/more_itertools/more.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/cli/base_command.py - scripts/release/.venv/lib/python3.11/site-packages/github/Membership.pyi - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer-3.3.2.dist-info/LICENSE - scripts/release/.venv/lib/python3.11/site-packages/pycparser-2.21.dist-info/top_level.txt - scripts/release/.venv/lib/python3.11/site-packages/github/Permissions.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/panel.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/jaraco/functools.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/openssl/dh.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/req/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/kdf/pbkdf2.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_resources/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pluggy-1.3.0.dist-info/METADATA - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/tests/isatty_test.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/_musllinux.py - scripts/release/.venv/lib/python3.11/site-packages/cffi-1.16.0.dist-info/top_level.txt - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/models/installation_report.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/fields.py - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer/md.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/jaraco/text/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer/models.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/status.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/live_render.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/certifi-2023.7.22.dist-info/RECORD - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/euctwprober.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/util/response.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/packaging.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/wheel_builder.py - scripts/release/.venv/lib/python3.11/site-packages/github/Path.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_entry_points.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/terminal_theme.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/metadata/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/runner.py - scripts/release/.venv/lib/python3.11/site-packages/cffi/_embedding.h - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/_log.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/_structures.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pytest-7.4.3.dist-info/entry_points.txt - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/extern/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/wait.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/ciphers/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/idna/idnadata.py - scripts/release/.venv/lib/python3.11/site-packages/github/AccessToken.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/idna/codec.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/initialise.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/t64.exe - scripts/release/.venv/lib/python3.11/site-packages/_pytest/_code/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pyproject_hooks/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/stop.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/glob.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/version.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/tomli/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/requests/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/connection.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/_version.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pkg_resources/py31compat.py - scripts/release/.venv/lib/python3.11/site-packages/github/Plan.pyi - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_itertools.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/exceptions.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/openssl/poly1305.pyi - scripts/release/.venv/lib/python3.11/site-packages/_pytest/pytester.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/connectionpool.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/bindings/crypto_secretbox.py - scripts/release/.venv/lib/python3.11/site-packages/pycparser/_build_tables.py - scripts/release/.venv/lib/python3.11/site-packages/github/IssueComment.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/langgreekmodel.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/caches/file_cache.py - scripts/release/.venv/lib/python3.11/site-packages/PyNaCl-1.5.0.dist-info/METADATA - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/logging.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/operations/build/wheel_legacy.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/platformdirs/android.py - scripts/release/.venv/lib/python3.11/site-packages/PyGithub-1.59.1.dist-info/METADATA - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/install.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/util/url.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/ocsp.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_stack.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/models/wheel.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/gui-32.exe - scripts/release/.venv/lib/python3.11/site-packages/iniconfig-2.0.0.dist-info/RECORD - scripts/release/.venv/lib/python3.11/site-packages/packaging-23.2.dist-info/WHEEL - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/datetime.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/logging.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/operations/build/metadata.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/pretty.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/requirements.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/asymmetric/x448.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/misc.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/platformdirs/__main__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/found_candidates.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/_asymmetric.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/metadata/importlib/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer/api.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/console.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/tests/winterm_test.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/certifi/core.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/discovery.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/GitBlob.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/jaraco/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/openssl/__init__.pyi - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_metadata/_functools.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/build_clib.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/commands/list.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/platformdirs/android.py - scripts/release/.venv/lib/python3.11/site-packages/git/index/typ.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools-67.6.1.dist-info/LICENSE - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/unicode.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/commands/configuration.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/lexers/_mapping.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/script.tmpl - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/cli/status_codes.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/kdf/hkdf.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/abc.py - scripts/release/.venv/lib/python3.11/site-packages/pluggy/_hooks.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/contrib/_appengine_environ.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/jaraco/text/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography-41.0.5.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/pip-23.0.1.dist-info/LICENSE.txt - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/cp949prober.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/installer.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/mbcharsetprober.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/dist.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/commands/search.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/contrib/securetransport.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/upload.py - scripts/release/.venv/lib/python3.11/site-packages/github/Rate.py - scripts/release/.venv/lib/python3.11/site-packages/pycparser-2.21.dist-info/INSTALLER - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/win32.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/windows_support.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/requests/compat.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/typing_extensions.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/resolvelib/compat/collections_abc.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/resolution/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/commands/download.py - scripts/release/.venv/lib/python3.11/site-packages/wrapt/arguments.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/vcs/git.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/dep_util.py - scripts/release/.venv/lib/python3.11/site-packages/git/refs/tag.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/_structures.py - scripts/release/.venv/lib/python3.11/site-packages/git/refs/head.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/req/req_set.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/jaraco/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/_cffi_backend.cpython-311-darwin.so - scripts/release/.venv/lib/python3.11/site-packages/github/GitCommit.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/gui.exe - scripts/release/.venv/lib/python3.11/site-packages/setuptools-67.6.1.dist-info/entry_points.txt - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/connectionpool.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/found_candidates.py - scripts/release/.venv/lib/python3.11/site-packages/github/RepositoryAdvisoryVulnerabilityPackage.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/filters/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/requests/hooks.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/self_outdated_check.py - scripts/release/.venv/lib/python3.11/site-packages/idna/compat.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/macromanprober.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/webencodings/labels.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/build_ext.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/pyproject.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/scope.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/poly1305.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/diagram/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/cli/chardetect.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/asymmetric/ec.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/scope.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/appdirs.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_path.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/control.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/urls.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/metadata/importlib/_envs.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/platformdirs/version.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/backends/openssl/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/HookResponse.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/cells.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/util/url.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/winterm.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/cli/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/HookDescription.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/req/req_set.py - scripts/release/.venv/lib/python3.11/site-packages/PyYAML-6.0.1.dist-info/REQUESTED - scripts/release/.venv/lib/python3.11/site-packages/gitdb/const.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/util.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/cli/command_context.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer/legacy.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools-67.6.1.dist-info/INSTALLER - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/pyproject.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/exceptions.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/w32.exe - scripts/release/.venv/lib/python3.11/site-packages/requests/__version__.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/util/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/filesize.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/idna/uts46data.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/t32.exe - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/idna/py.typed - scripts/release/.venv/lib/python3.11/site-packages/jwt/api_jwt.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/backends/openssl/backend.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/install_egg_info.py - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer-3.3.2.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/github/GistComment.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/t64-arm.exe - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/langturkishmodel.py - scripts/release/.venv/bin/python3.11 - scripts/release/.venv/lib/python3.11/site-packages/gitdb/db/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/requests/certs.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/utf1632prober.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/sbcsgroupprober.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/resolution/legacy/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/lexers/_mapping.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/bdist.py - scripts/release/.venv/lib/python3.11/site-packages/github/CheckSuite.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/network/cache.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/sdist.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/pangomarkup.py - scripts/release/.venv/lib/python3.11/site-packages/jwt/utils.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/util.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/setupplan.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/bindings/utils.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/locators.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/theme.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/contrib/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/cygwinccompiler.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/webencodings/x_user_defined.py - scripts/release/.venv/lib/python3.11/site-packages/requests-2.31.0.dist-info/INSTALLER - scripts/release/.venv/lib/python3.11/site-packages/github/RepositoryAdvisoryCreditDetailed.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/tags.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/logging.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/debugging.py - scripts/release/.venv/lib/python3.11/site-packages/github/SelfHostedActionsRunner.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/util.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/region.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_windows_renderer.py - scripts/release/.venv/lib/python3.11/site-packages/PyNaCl-1.5.0.dist-info/WHEEL - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_resources/_compat.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer/py.typed - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/sandbox.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/install_scripts.py - scripts/release/.venv/lib/python3.11/site-packages/github/EnvironmentProtectionRuleReviewer.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/distributions/wheel.py - scripts/release/.venv/lib/python3.11/site-packages/cffi/commontypes.py - scripts/release/.venv/lib/python3.11/site-packages/jwt/algorithms.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/contrib/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/util/retry.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_wrap.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/idna-3.4.dist-info/RECORD - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/idna/intranges.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/idna/compat.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/operations/prepare.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/cli/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/req/req_install.py - scripts/release/.venv/lib/python3.11/site-packages/github/Team.py - scripts/release/.venv/lib/python3.11/site-packages/pluggy/py.typed - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/codingstatemachine.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/terminal_theme.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/wait.py - scripts/release/.venv/lib/python3.11/site-packages/semantic_version-2.10.0.dist-info/top_level.txt - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/johabfreq.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/chardistribution.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/prompt.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/bindings/crypto_shorthash.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/contrib/securetransport.py - scripts/release/.venv/lib/python3.11/site-packages/PyJWT-2.8.0.dist-info/RECORD - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/request.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/idna/core.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/extension.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/commands/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/candidates.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/operations/install/editable_legacy.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/resolution/base.py - scripts/release/.venv/lib/python3.11/site-packages/github/Notification.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools-67.6.1.dist-info/top_level.txt - scripts/release/.venv/lib/python3.11/site-packages/jwt/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/util/retry.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_timer.py - scripts/release/.venv/lib/python3.11/site-packages/cffi/api.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography-41.0.5.dist-info/LICENSE.BSD - scripts/release/.venv/lib/python3.11/site-packages/idna/package_data.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/index/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/cffi/verifier.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/util.py - scripts/release/.venv/lib/python3.11/site-packages/github/NamedUser.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests/status_codes.py - scripts/release/.venv/lib/python3.11/site-packages/github/PullRequestPart.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/certifi/cacert.pem - scripts/release/.venv/lib/python3.11/site-packages/setuptools/dist.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/_py/error.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/markup.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/models/selection_prefs.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/adapter.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/dist_info.py - scripts/release/.venv/lib/python3.11/site-packages/wrapt-1.16.0.dist-info/top_level.txt - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/measure.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/serialize.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/py.typed - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_extension.py - scripts/release/.venv/lib/python3.11/site-packages/packaging-23.2.dist-info/LICENSE.APACHE - scripts/release/.venv/lib/python3.11/site-packages/github/StatsCodeFrequency.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/semantic_version-2.10.0.dist-info/WHEEL - scripts/release/.venv/lib/python3.11/site-packages/nacl/bindings/crypto_secretstream.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/operations/build/metadata_legacy.py - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer/py.typed - scripts/release/.venv/lib/python3.11/site-packages/github/PullRequestPart.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/secret.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_inspect.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/check.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/diagram/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/ProjectCard.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/_macos_compat.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/metadata/pkg_resources.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/config/_validate_pyproject/error_reporting.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/urls.py - scripts/release/.venv/lib/python3.11/site-packages/requests/models.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/utils/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/exceptions.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography-41.0.5.dist-info/INSTALLER - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_metadata/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/metadata/importlib/_compat.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/util/ssl_match_hostname.py - scripts/release/.venv/lib/python3.11/site-packages/pycparser/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/config/pyprojecttoml.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/requests/help.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3-2.0.4.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/pytest-7.4.3.dist-info/REQUESTED - scripts/release/.venv/lib/python3.11/site-packages/github/GitTag.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/manifest.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/importlib_resources/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/cli/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/gb2312prober.py - scripts/release/.venv/lib/python3.11/site-packages/github/InputFileContent.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/py38compat.py - scripts/release/.venv/lib/python3.11/site-packages/semantic_version/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/nap.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/commands/install.py - scripts/release/.venv/lib/python3.11/site-packages/pip/__main__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/models/link.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/requirements.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/certifi-2023.7.22.dist-info/WHEEL - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/dir_util.py - scripts/release/.venv/lib/python3.11/site-packages/distutils-precedence.pth - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/cmd.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/vcs/versioncontrol.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests/_internal_utils.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pyproject_hooks/_in_process/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_itertools.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer/md__mypyc.cpython-311-darwin.so - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/sjisprober.py - scripts/release/.venv/lib/python3.11/site-packages/github/WorkflowRun.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_spinners.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/jupyter.py - scripts/release/.venv/bin/py.test - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/zipp.py - scripts/release/.venv/lib/python3.11/site-packages/yaml/representer.py - scripts/release/.venv/lib/python3.11/site-packages/github/Consts.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/scripts.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/rule.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/contrib/_securetransport/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/inject_securetransport.py - scripts/upgrade-codeql-dependencies/.venv/bin/normalizer - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_windows.py - scripts/release/.venv/bin/pip - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/logging.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/cli/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/Label.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/tomli/_types.py - scripts/release/.venv/lib/python3.11/site-packages/github/GitTreeElement.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/themes.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/commands/uninstall.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/tests/utils.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/packages/six.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/sysconfig.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/build.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/mbcharsetprober.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/capture.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/filelist.py - scripts/release/.venv/lib/python3.11/site-packages/GitPython-3.1.36.dist-info/top_level.txt - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/ssl_.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography-41.0.5.dist-info/RECORD - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/rule.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/certifi/core.py - scripts/release/.venv/lib/python3.11/site-packages/github/CodeScanAlertInstance.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/install_scripts.py - scripts/release/.venv/lib/python3.11/site-packages/github/GistFile.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/operations/build/wheel.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/__init__.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/resolvelib/resolvers.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/importlib_resources/simple.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/commands/list.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/idna/idnadata.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools-67.6.1.dist-info/RECORD - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/build_py.py - scripts/release/.venv/lib/python3.11/site-packages/git/objects/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests-2.31.0.dist-info/RECORD - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/gb2312freq.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/launcher manifest.xml - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/commands/cache.py - scripts/release/.venv/bin/normalizer - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/tomli/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/cli-64.exe - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/escprober.py - scripts/release/.venv/lib/python3.11/site-packages/packaging/_musllinux.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/index.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/build.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/jpcntx.py - scripts/release/.venv/lib/python3.11/site-packages/smmap/test/lib.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/certifi-2023.7.22.dist-info/INSTALLER - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer/md__mypyc.cpython-311-darwin.so - scripts/release/.venv/lib/python3.11/site-packages/PyYAML-6.0.1.dist-info/top_level.txt - scripts/release/.venv/lib/python3.11/site-packages/smmap/test/test_tutorial.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/py.typed - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/_log.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/egg_link.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/util/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/models/index.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_resources/_legacy.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/constrain.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/connectionpool.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/wheel.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/exceptions.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/resolvelib/compat/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/charsetgroupprober.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/pwhash/_argon2.py - scripts/release/.venv/lib/python3.11/site-packages/github/GistFile.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/certifi/py.typed - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/platformdirs/macos.py - scripts/release/.venv/lib/python3.11/site-packages/cffi/vengine_gen.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/encoding.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/build.py - scripts/release/.venv/lib/python3.11/site-packages/requests/status_codes.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/config/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/cli/progress_bars.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/Download.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/egg_info.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/db/base.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/packages/backports/weakref_finalize.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/langhebrewmodel.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/tornadoweb.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/highlighter.py - scripts/release/.venv/lib/python3.11/site-packages/certifi-2023.11.17.dist-info/INSTALLER - scripts/release/.venv/lib/python3.11/site-packages/_pytest/faulthandler.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/contrib/_securetransport/low_level.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/commands/debug.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/asymmetric/dh.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust.abi3.so - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/debug.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/commands/freeze.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/langbulgarianmodel.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/fancy_getopt.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests/cookies.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/PullRequestComment.pyi - scripts/release/.venv/lib/python3.11/site-packages/github/ApplicationOAuth.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools-67.6.1.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/github/CommitStats.pyi - scripts/release/.venv/lib/python3.11/site-packages/github/PullRequest.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/test/test_example.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/network/xmlrpc.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/filepost.py - scripts/upgrade-codeql-dependencies/.venv/pyvenv.cfg - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/util/wait.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/commands/completion.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_log_render.py - scripts/release/.venv/lib/python3.11/site-packages/smmap/buf.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/launch.py - scripts/release/.venv/lib/python3.11/site-packages/github/GistComment.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/utils.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/operations/check.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/platformdirs/macos.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/setopt.py - scripts/release/.venv/lib/python3.11/site-packages/git/objects/tag.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/cli/main.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distro/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/more_itertools/recipes.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/utf8prober.py - scripts/release/.venv/lib/python3.11/site-packages/github/RequiredStatusChecks.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/padding.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/py34compat.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/ciphers/base.py - scripts/release/.venv/lib/python3.11/site-packages/git/repo/fun.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/packages/six.py - scripts/release/.venv/lib/python3.11/site-packages/github/Tag.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/legacypath.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/misc.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/filesystem.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/big5freq.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/chardistribution.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/fields.py - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer-3.3.2.dist-info/entry_points.txt - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/markers.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/virtualenv.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/temp_dir.py - scripts/release/.venv/lib/python3.11/site-packages/py.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/certifi/core.py - scripts/release/.venv/lib/python3.11/site-packages/jwt/py.typed - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/retry.py - scripts/release/.venv/lib/python3.11/site-packages/pytest-7.4.3.dist-info/WHEEL - scripts/release/.venv/lib/python3.11/site-packages/git/objects/submodule/root.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/operations/freeze.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/assertion/truncate.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/compatibility_tags.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/distutils_args.py - scripts/release/.venv/bin/activate.csh - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/pager.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/markers.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/bbcode.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/openssl/binding.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_metadata/_py39compat.py - scripts/release/.venv/lib/python3.11/site-packages/github/PullRequestMergeStatus.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/distributions/installed.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/_structures.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/commands/install.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/direct_url_helpers.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/depends.py - scripts/upgrade-codeql-dependencies/.venv/bin/activate.csh - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/configuration.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_metadata/_text.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/zipp.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/fun.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/dep_util.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/console.py - scripts/release/.venv/lib/python3.11/site-packages/github/Hook.py - scripts/release/.venv/lib/python3.11/site-packages/cffi/_shimmed_dist_utils.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/helpconfig.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/constrain.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/commands/inspect.py - scripts/release/.venv/lib/python3.11/site-packages/smmap-5.0.1.dist-info/WHEEL - scripts/release/.venv/lib/python3.11/site-packages/cffi/_imp_emulation.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/big5freq.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/setopt.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/exc.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/factory.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/_collections.py - scripts/release/.venv/lib/python3.11/site-packages/github/CommitComment.pyi - scripts/release/.venv/lib/python3.11/site-packages/git/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_metadata/_py39compat.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/operations/check.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/operations/build/metadata_editable.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/metadata/importlib/_compat.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/editable_wheel.py - scripts/release/.venv/lib/python3.11/site-packages/pip-23.0.1.dist-info/METADATA - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/operations/build/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pycparser/ply/ygen.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/network/lazy_wheel.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/status.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/specifiers.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/package_index.py - scripts/release/.venv/lib/python3.11/site-packages/pycparser-2.21.dist-info/LICENSE - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/locations/base.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/metadata/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/metadata/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/StatsCodeFrequency.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/util.py - scripts/release/.venv/lib/python3.11/site-packages/github/DeploymentStatus.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/svg.py - scripts/release/.venv/lib/python3.11/site-packages/wrapt/__wrapt__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/filetypes.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/freeze_support.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/msgpack/ext.py - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer/version.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/idna/package_data.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/config/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/cli.exe - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/PyGithub-1.59.1.dist-info/COPYING.LESSER - scripts/release/.venv/lib/python3.11/site-packages/github/Organization.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/resolvelib/structs.py - scripts/release/.venv/lib/python3.11/site-packages/github/Tag.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/msvc9compiler.py - scripts/release/.venv/lib/python3.11/site-packages/deprecated/classic.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/importlib_resources/_common.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/openssl/ed448.pyi - scripts/release/.venv/lib/python3.11/site-packages/github/Referrer.pyi - scripts/release/.venv/lib/python3.11/site-packages/certifi/cacert.pem - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/packages/backports/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/RepositoryKey.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/cli/req_command.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/more_itertools/more.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_export_format.py - scripts/release/.venv/bin/pip3.11 - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/network/session.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/fields.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/config.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/request.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_resources/abc.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/logging.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/hash.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_normalization.py - scripts/release/.venv/lib/python3.11/site-packages/git/objects/submodule/util.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/jisfreq.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/__main__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_ratio.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/build_py.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/discovery.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/other.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/retry.py - scripts/release/.venv/lib/python3.11/site-packages/github/StatsPunchCard.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/emoji.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/latin1prober.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/padding.py - scripts/release/.venv/lib/python3.11/site-packages/github/CodeScanAlert.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/util/util.py - scripts/release/.venv/lib/python3.11/site-packages/GitPython-3.1.36.dist-info/WHEEL - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distro/distro.py - scripts/release/.venv/lib/python3.11/site-packages/github/CodeScanAlertInstanceLocation.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/openssl/_conditional.py - scripts/release/.venv/lib/python3.11/site-packages/git/cmd.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/color_triplet.py - scripts/release/.venv/lib/python3.11/site-packages/github/AuthorizationApplication.pyi - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/_serialization.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pytest-7.4.3.dist-info/RECORD - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/util/ssl_match_hostname.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/_manylinux.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/models/__init__.py - scripts/upgrade-codeql-dependencies/.venv/bin/pip - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_entry_points.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer/md.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/dep_util.py - scripts/release/.venv/lib/python3.11/site-packages/github/CheckRunAnnotation.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/_cmd.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/subprocess.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/tomli/_re.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/specifiers.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/gb2312freq.py - scripts/release/.venv/lib/python3.11/site-packages/pip-23.0.1.dist-info/INSTALLER - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/certifi-2023.7.22.dist-info/METADATA - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/operations/install/wheel.py - scripts/release/.venv/lib/python3.11/site-packages/packaging/_elffile.py - scripts/release/.venv/lib/python3.11/site-packages/github/Commit.pyi - scripts/release/.venv/lib/python3.11/site-packages/github/ProjectColumn.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/universaldetector.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/util/timeout.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/eucjpprober.py - scripts/release/.venv/lib/python3.11/site-packages/requests/help.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/config/_validate_pyproject/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/table.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/markers.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/packages/backports/makefile.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_export_format.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb-4.0.11.dist-info/WHEEL - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests/__version__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/locations/base.py - scripts/release/.venv/lib/python3.11/site-packages/github/Invitation.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/install.py - scripts/release/.venv/lib/python3.11/site-packages/pluggy/_tracing.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/protocol.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/tests/utils.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/enums.py - scripts/release/.venv/lib/python3.11/site-packages/github/GithubObject.py - scripts/release/.venv/lib/python3.11/site-packages/github/GitAuthor.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/platformdirs/windows.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/operations/build/wheel.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools-67.6.1.dist-info/INSTALLER - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/response.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/req/req_file.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/lexer.py - scripts/release/.venv/lib/python3.11/site-packages/git/objects/fun.py - scripts/release/.venv/lib/python3.11/site-packages/requests/cookies.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/progress.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/register.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/bindings/randombytes.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/requirements.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/kdf/x963kdf.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_resources/_common.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/tags.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/compat.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/idna/core.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/cli/parser.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/req/req_uninstall.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/_parser.py - scripts/release/.venv/lib/python3.11/site-packages/smmap/test/test_mman.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/bdist_dumb.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/unraisableexception.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/util/ssltransport.py - scripts/release/.venv/lib/python3.11/site-packages/github/GitTree.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/langbulgarianmodel.py - scripts/release/.venv/lib/python3.11/site-packages/github/PullRequestMergeStatus.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer-3.2.0.dist-info/WHEEL - scripts/release/.venv/lib/python3.11/site-packages/iniconfig/_version.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/stop.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_resources/_itertools.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distro/__main__.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/importlib_resources/_legacy.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/requests/sessions.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/bdist.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/_musllinux.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/namespaces.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/stepwise.py - scripts/release/.venv/lib/python3.11/site-packages/packaging/_parser.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_metadata/_text.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/req/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/iniconfig/_parse.py - scripts/release/.venv/lib/python3.11/site-packages/github/License.py - scripts/release/.venv/lib/python3.11/site-packages/github/CommitStatus.pyi - scripts/release/.venv/lib/python3.11/site-packages/github/CWE.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip-23.2.1.dist-info/METADATA - scripts/release/.venv/bin/python3 - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/locations/_sysconfig.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_normalization.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/_collections.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/bindings/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/hebrewprober.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/install_scripts.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/webencodings/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/pack.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/metadata/importlib/_envs.py - scripts/release/.venv/lib/python3.11/site-packages/cffi/backend_ctypes.py - scripts/release/.venv/lib/python3.11/site-packages/github/IssuePullRequest.pyi - scripts/release/.venv/lib/python3.11/site-packages/setuptools/config/_validate_pyproject/fastjsonschema_exceptions.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/nose.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/platformdirs/unix.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/scope.py - scripts/release/.venv/lib/python3.11/site-packages/github/GithubIntegration.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/msgpack/fallback.py - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer/utils.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/cells.py - scripts/release/.venv/lib/python3.11/site-packages/smmap-5.0.1.dist-info/top_level.txt - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/_cmd.py - scripts/release/.venv/lib/python3.11/site-packages/github/GitCommit.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/six.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/config.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/idna/idnadata.py - scripts/release/.venv/lib/python3.11/site-packages/github/Rate.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/certifi/cacert.pem - scripts/release/.venv/lib/python3.11/site-packages/github/RepositoryKey.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/sphinxext.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/upload.py - scripts/release/.venv/lib/python3.11/site-packages/requests/utils.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/idna/intranges.py - scripts/release/.venv/lib/python3.11/site-packages/packaging/requirements.py - scripts/release/.venv/bin/activate.fish - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/models.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/metadata/languages.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/skipping.py - scripts/release/.venv/lib/python3.11/site-packages/packaging/_structures.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/models.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/url.py - scripts/release/.venv/lib/python3.11/site-packages/certifi-2023.11.17.dist-info/RECORD - scripts/release/.venv/lib/python3.11/site-packages/git/compat.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pyproject_hooks/_in_process/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/build_py.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/msgpack/ext.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/region.py - scripts/release/.venv/lib/python3.11/site-packages/github/HookDescription.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/operations/prepare.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/models/format_control.py - scripts/release/.venv/lib/python3.11/site-packages/yaml/events.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/webencodings/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/requests/status_codes.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/index.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/idna-3.4.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/github/StatsContributor.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/modeline.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/serialization/base.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/backends/openssl/cmac.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/asymmetric/rsa.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/util.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/exceptions.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/x509/ocsp.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/tornadoweb.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/align.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/serialization/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_metadata/_compat.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/cache.py - scripts/release/.venv/lib/python3.11/site-packages/packaging/_manylinux.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/jaraco/context.py - scripts/release/.venv/lib/python3.11/site-packages/git/repo/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/ccompiler.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/main.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/prompt.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/more_itertools/recipes.py - scripts/release/.venv/lib/python3.11/site-packages/requests/sessions.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/cli/chardetect.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/_parser.py - scripts/release/.venv/lib/python3.11/site-packages/github/EnvironmentDeploymentBranchPolicy.py - scripts/release/.venv/lib/python3.11/site-packages/PyGithub-1.59.1.dist-info/WHEEL - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/script.tmpl - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/build_meta.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/packages/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/install_lib.py - scripts/release/.venv/bin/activate - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer/constant.py - scripts/release/.venv/lib/python3.11/site-packages/github/InputGitAuthor.py - scripts/release/.venv/lib/python3.11/site-packages/github/StatsPunchCard.py - scripts/release/.venv/lib/python3.11/site-packages/smmap/test/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/zipp.py - scripts/build_test_database.py - scripts/release/.venv/lib/python3.11/site-packages/github/BranchProtection.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_resources/_adapters.py - scripts/release/.venv/lib/python3.11/site-packages/cffi-1.16.0.dist-info/INSTALLER - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/hebrewprober.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/charsetgroupprober.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/namespaces.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/commands/inspect.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/typing_extensions.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/retry.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/sysconfig.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/glibc.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/msgpack/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/utf1632prober.py - scripts/release/.venv/lib/python3.11/site-packages/git/util.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/platformdirs/android.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/sjisprober.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_win32_console.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/typing_extensions.py - scripts/release/.venv/lib/python3.11/site-packages/github/GitignoreTemplate.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/filter.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/bdist_rpm.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/config/argparsing.py - scripts/upgrade-codeql-dependencies/.venv/bin/activate - scripts/release/.venv/lib/python3.11/site-packages/github/InputFileContent.py - scripts/release/.venv/lib/python3.11/site-packages/git/index/base.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/certifi/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/CheckRun.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/idna/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip-23.2.1.dist-info/REQUESTED - scripts/release/.venv/lib/python3.11/site-packages/Deprecated-1.2.14.dist-info/INSTALLER - scripts/release/.venv/lib/python3.11/site-packages/cffi/error.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/locations/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/git/types.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_metadata/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/utils.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/typing_extensions.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/temp_dir.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/w64.exe - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/proxy.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/twofactor/hotp.py - scripts/release/.venv/lib/python3.11/site-packages/cffi/cffi_opcode.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/_collections.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/caches/redis_cache.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/results.py - scripts/release/.venv/lib/python3.11/site-packages/github/MainClass.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/glob.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/util/connection.py - scripts/release/.venv/lib/python3.11/site-packages/git/index/util.py - scripts/release/.venv/lib/python3.11/site-packages/github/AuthenticatedUser.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/resolution/legacy/resolver.py - scripts/release/.venv/lib/python3.11/site-packages/github/CommitCombinedStatus.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/bdist_rpm.py - scripts/release/.venv/lib/python3.11/site-packages/cffi-1.16.0.dist-info/RECORD - scripts/release/.venv/lib/python3.11/site-packages/github/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/cli-arm64.exe - scripts/release/.venv/lib/python3.11/site-packages/git/repo/base.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/fancy_getopt.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/escprober.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/cli/autocompletion.py - scripts/release/.venv/lib/python3.11/site-packages/github/WorkflowJob.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer/cd.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/requests/sessions.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/windows_support.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/winterm.py - scripts/release/.venv/lib/python3.11/site-packages/smmap-5.0.1.dist-info/RECORD - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/virtualenv.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/semantic_version/django_fields.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/config/setupcfg.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/distributions/installed.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/constant_time.py - scripts/release/.venv/lib/python3.11/site-packages/cffi-1.16.0.dist-info/WHEEL - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/html.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/requirements.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/jaraco/functools.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/initialise.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/requests/utils.py - scripts/release/.venv/lib/python3.11/site-packages/yaml/composer.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/index/package_finder.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/langrussianmodel.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/requests/exceptions.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_deprecation_warning.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/util/ssltransport.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/upload_docs.py - scripts/release/.venv/lib/python3.11/site-packages/yaml/resolver.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/_mapping.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/Authorization.py - scripts/release/.venv/lib/python3.11/site-packages/github/StatsContributor.pyi - scripts/release/.venv/lib/python3.11/site-packages/idna-3.4.dist-info/RECORD - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/main.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_win32_console.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_emoji_replace.py - scripts/upgrade-codeql-dependencies/.venv/bin/Activate.ps1 - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/containers.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/packaging-23.2.dist-info/LICENSE.BSD - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/langrussianmodel.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb-4.0.11.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/_pytest/python_api.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/sbcharsetprober.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/_tokenizer.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/big5prober.py - scripts/release/.venv/lib/python3.11/site-packages/github/CommitCombinedStatus.pyi - scripts/release/.venv/lib/python3.11/site-packages/nacl/exceptions.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/vcs/git.py - scripts/release/.venv/lib/python3.11/site-packages/github/RepositoryPreferences.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/img.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/wheel.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/pager.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/typ.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/assertion/rewrite.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/ciphers/aead.py - scripts/release/.venv/lib/python3.11/site-packages/PyYAML-6.0.1.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/ansi.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/helpers.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/install_lib.py - scripts/release/.venv/lib/python3.11/site-packages/yaml/scanner.py - scripts/release/.venv/lib/python3.11/site-packages/github/RepositoryAdvisoryCredit.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/models/wheel.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/wheel_builder.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_loop.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/poolmanager.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/euctwprober.py - scripts/release/.venv/lib/python3.11/site-packages/cffi-1.16.0.dist-info/entry_points.txt - scripts/release/.venv/lib/python3.11/site-packages/_pytest/_py/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/idna/idnadata.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/__main__.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/asymmetric/ed448.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/requests/__version__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/unpacking.py - scripts/release/.venv/lib/python3.11/site-packages/packaging-23.2.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/styles/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/PyGithub-1.59.1.dist-info/REQUESTED - scripts/release/.venv/lib/python3.11/site-packages/jwt/exceptions.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/GithubApp.py - scripts/release/.venv/lib/python3.11/site-packages/github/TeamDiscussion.pyi - scripts/release/.venv/lib/python3.11/site-packages/nacl/bindings/crypto_aead.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/_argcomplete.py - scripts/release/.venv/lib/python3.11/site-packages/semantic_version/base.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/cli/main_parser.py - scripts/release/.venv/lib/python3.11/site-packages/github/WorkflowRun.py - scripts/release/.venv/lib/python3.11/site-packages/pycparser/ply/lex.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/platformdirs/api.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/cli/cmdoptions.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/filepost.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/config/_apply_pyprojecttoml.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/register.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/locations/_distutils.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/poolmanager.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/markers.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/ansi.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/editable_wheel.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/common.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/saveopts.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/semantic_version/base.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/cli/spinners.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/platformdirs/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/x509/base.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/tags.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/version.py - scripts/release/.venv/lib/python3.11/site-packages/cffi/setuptools_ext.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/certifi-2023.7.22.dist-info/LICENSE - scripts/release/.venv/lib/python3.11/site-packages/wrapt-1.16.0.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/setuptools/errors.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/spinner.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_palettes.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/table.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/tomli/_types.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/network/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/contrib/pyopenssl.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests-2.31.0.dist-info/INSTALLER - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/register.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/requirements.py - scripts/release/.venv/lib/python3.11/site-packages/pluggy/_callers.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/util.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/metadata.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/latin1prober.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/connectionpool.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/utils.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/w64-arm.exe - scripts/release/.venv/lib/python3.11/site-packages/_pytest/pathlib.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/configuration.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/importlib_resources/_adapters.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/platformdirs/macos.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/PublicKey.pyi - scripts/release/.venv/lib/python3.11/site-packages/certifi-2023.11.17.dist-info/WHEEL - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/filewrapper.py - scripts/release/.venv/bin/Activate.ps1 - scripts/release/.venv/lib/python3.11/site-packages/iniconfig-2.0.0.dist-info/INSTALLER - scripts/release/.venv/lib/python3.11/site-packages/github/SelfHostedActionsRunner.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip-23.0.1.dist-info/top_level.txt - scripts/release/.venv/lib/python3.11/site-packages/gitdb/db/loose.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/install_lib.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_metadata/_functools.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/euckrfreq.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/terminal.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/operations/freeze.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/layout.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/cli/cmdoptions.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/connection.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/dist_info.py - scripts/release/.venv/lib/python3.11/site-packages/requests/compat.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/models/scheme.py - scripts/release/.venv/lib/python3.11/site-packages/github/InputGitTreeElement.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_metadata/_itertools.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/compat.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/style.py - scripts/release/.venv/lib/python3.11/site-packages/PyYAML-6.0.1.dist-info/RECORD - scripts/release/.venv/lib/python3.11/site-packages/setuptools/gui-32.exe - scripts/release/.venv/lib/python3.11/site-packages/pycparser/ply/yacc.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/default_styles.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/asymmetric/padding.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/euckrprober.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/lexers/python.py - scripts/release/.venv/lib/python3.11/site-packages/github/UserKey.pyi - scripts/release/.venv/lib/python3.11/site-packages/wrapt-1.16.0.dist-info/WHEEL - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/install_egg_info.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/_base_connection.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/queue.py - scripts/release/.venv/lib/python3.11/site-packages/github/GitRelease.py - scripts/release/.venv/lib/python3.11/site-packages/Deprecated-1.2.14.dist-info/top_level.txt - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/locators.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/serialization/pkcs7.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/ssl_match_hostname.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/develop.py - scripts/release/.venv/lib/python3.11/site-packages/pycparser/c_lexer.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/installer.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/platformdirs/macos.py - scripts/release/.venv/lib/python3.11/site-packages/deprecated/sphinx.py - scripts/release/.venv/lib/python3.11/site-packages/iniconfig/exceptions.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/connection.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/importlib_resources/_common.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/errors.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/reporter.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/pwhash/scrypt.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/_sodium.abi3.so - scripts/release/.venv/lib/python3.11/site-packages/_pytest/config/compat.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/backends/openssl/aead.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/rtf.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/test.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/index/collector.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/x509/general_name.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/bindings/crypto_kx.py - scripts/release/.venv/lib/python3.11/site-packages/github/ContentFile.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/_structures.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/cli/main_parser.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/package_index.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/tomli/_re.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/terminal256.py - scripts/release/.venv/lib/python3.11/site-packages/pycparser-2.21.dist-info/RECORD - scripts/release/.venv/lib/python3.11/site-packages/git/py.typed - scripts/release/.venv/lib/python3.11/site-packages/cffi-1.16.0.dist-info/LICENSE - scripts/release/.venv/lib/python3.11/site-packages/pluggy-1.3.0.dist-info/RECORD - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/color_triplet.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/util/request.py - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer/md.cpython-311-darwin.so - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/terminal256.py - scripts/release/.venv/lib/python3.11/site-packages/PyJWT-2.8.0.dist-info/top_level.txt - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/version.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/bindings/crypto_sign.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/sphinxext.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/build_env.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/tests/winterm_test.py - scripts/release/.venv/lib/python3.11/site-packages/pip/py.typed - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/compat.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/packages/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/PyYAML-6.0.1.dist-info/INSTALLER - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/_asyncio.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_stack.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests-2.31.0.dist-info/REQUESTED - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/sdist.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/tomli/_parser.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/config/pyprojecttoml.py - scripts/release/.venv/lib/python3.11/site-packages/github/UserKey.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/__main__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/big5prober.py - scripts/release/.venv/lib/python3.11/site-packages/pycparser/ply/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests/exceptions.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pyproject_hooks/_in_process/_in_process.py - scripts/release/.venv/lib/python3.11/site-packages/cffi/pkgconfig.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_resources/readers.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/sandbox.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/control.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/codingstatemachine.py - scripts/release/.venv/lib/python3.11/site-packages/cffi/vengine_cpy.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/commands/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_log_render.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/commands/check.py - scripts/release/.venv/lib/python3.11/site-packages/semantic_version-2.10.0.dist-info/LICENSE - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/idna/intranges.py - scripts/release/.venv/lib/python3.11/site-packages/github/Membership.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/_musllinux.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/_parser.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/lexers/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/config/setupcfg.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/network/lazy_wheel.py - scripts/release/.venv/lib/python3.11/site-packages/semantic_version-2.10.0.dist-info/RECORD - scripts/release/.venv/lib/python3.11/site-packages/setuptools/logging.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/live_render.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/tomli/_types.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests/api.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer/assets/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/connection.py - scripts/release/.venv/lib/python3.11/site-packages/github/Deployment.py - scripts/release/.venv/lib/python3.11/site-packages/requests-2.31.0.dist-info/top_level.txt - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/semantic_version-2.10.0.dist-info/LICENSE - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/hmac.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/install.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools-67.6.1.dist-info/WHEEL - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/cli-32.exe - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/contrib/socks.py - scripts/release/.venv/lib/python3.11/site-packages/wrapt-1.16.0.dist-info/INSTALLER - scripts/release/.venv/lib/python3.11/site-packages/github/WorkflowStep.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/manifest.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/_openssl.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/idna/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/requests/utils.py - scripts/release/.venv/lib/python3.11/site-packages/github/NotificationSubject.pyi - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/dist.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/deprecation.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/index/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/_msvccompiler.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography-41.0.5.dist-info/LICENSE.APACHE - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/factory.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_resources/simple.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/candidates.py - scripts/release/.venv/lib/python3.11/site-packages/yaml/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/idna/py.typed - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/ssl_match_hostname.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/semantic_version-2.10.0.dist-info/RECORD - scripts/release/.venv/lib/python3.11/site-packages/git/objects/blob.py - scripts/release/.venv/lib/python3.11/site-packages/github/InputGitAuthor.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/models/candidate.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/pkcs7.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/tree.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/jaraco/text/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/smmap/mman.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/backends/openssl/utils.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/serialization/ssh.py - scripts/release/.venv/lib/python3.11/site-packages/idna-3.4.dist-info/INSTALLER - scripts/release/.venv/lib/python3.11/site-packages/github/ApplicationOAuth.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/setuptools_build.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/warning_types.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/keywrap.py - scripts/release/.venv/lib/python3.11/site-packages/github/TimelineEventSource.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/eucjpprober.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/archive_util.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/config/_validate_pyproject/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/CodeScanAlertInstance.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/_io/terminalwriter.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/text_file.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/check.py - scripts/release/.venv/lib/python3.11/site-packages/github/CodeScanRule.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/bdist_egg.py - scripts/release/.venv/lib/python3.11/site-packages/yaml/parser.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/extern/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/cffi/lock.py - scripts/release/.venv/lib/python3.11/site-packages/github/WorkflowJob.pyi - scripts/release/.venv/lib/python3.11/site-packages/_pytest/setuponly.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip-23.2.1.dist-info/RECORD - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/requests/auth.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/resultdict.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/heuristics.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/file_util.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/requests/compat.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/contrib/socks.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/columns.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/palette.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/certifi-2023.7.22.dist-info/top_level.txt - scripts/release/.venv/lib/python3.11/site-packages/github/AuthenticatedUser.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/py34compat.py - scripts/release/.venv/lib/python3.11/site-packages/pycparser/c_generator.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/groff.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/idna/core.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/stream.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/poolmanager.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/platformdirs/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/importlib_resources/_adapters.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/bcppcompiler.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/other.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/timeout.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/config/_validate_pyproject/error_reporting.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools-67.6.1.dist-info/METADATA - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_wrap.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/models/direct_url.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/idna/codec.py - scripts/release/.venv/lib/python3.11/site-packages/PyGithub-1.59.1.dist-info/top_level.txt - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/exceptions.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_metadata/_collections.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/x509/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/johabfreq.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/pwhash/argon2i.py - scripts/release/.venv/lib/python3.11/site-packages/pluggy-1.3.0.dist-info/top_level.txt - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/heuristics.py - scripts/release/.venv/lib/python3.11/site-packages/yaml/error.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/database.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/version.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/file_proxy.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatter.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/db/git.py - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/resolvelib/providers.py - scripts/release/.venv/lib/python3.11/site-packages/pluggy/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools-67.6.1.dist-info/REQUESTED - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/_manylinux.py - scripts/release/.venv/lib/python3.11/site-packages/pycparser/ply/ctokens.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer/utils.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/_elffile.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer/cli/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/wrapt/_wrappers.cpython-311-darwin.so - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/markup.py - scripts/release/.venv/lib/python3.11/site-packages/github/CheckRunAnnotation.py - scripts/upgrade-codeql-dependencies/.venv/bin/python3.11 - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer-3.3.2.dist-info/RECORD - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/euckrfreq.py - scripts/release/.venv/lib/python3.11/site-packages/pycparser/_c_ast.cfg - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/more_itertools/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/alias.py - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer/cd.py - .vscode/tasks.json - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/tomli/_parser.py - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer-3.3.2.dist-info/WHEEL - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/contrib/socks.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/db/pack.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/util/response.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/backends/openssl/decode_asn1.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/distributions/base.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/results.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pkg_resources/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/cli-32.exe - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/version.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/asymmetric/types.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer/md.cpython-311-darwin.so - scripts/release/.venv/lib/python3.11/site-packages/github/HookDelivery.py - scripts/release/.venv/lib/python3.11/site-packages/pycparser/ast_transforms.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/more_itertools/recipes.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/spinner.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/vcs/bazaar.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/importlib_resources/_compat.py - scripts/release/.venv/lib/python3.11/site-packages/github/IssueEvent.pyi - scripts/release/.venv/lib/python3.11/site-packages/setuptools-67.6.1.dist-info/top_level.txt - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/commands/search.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/test/test_stream.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/platformdirs/api.py - scripts/release/.venv/lib/python3.11/site-packages/github/Topic.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/requests/cookies.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/vcs/versioncontrol.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/requests/structures.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/modeline.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/filter.py - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer/models.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/provider.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/upload_docs.py - scripts/release/.venv/lib/python3.11/site-packages/github/Organization.py - scripts/release/.venv/lib/python3.11/site-packages/deprecated/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/_cipheralgorithm.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/cli/main.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer-3.2.0.dist-info/entry_points.txt - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/kdf/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/config.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/caches/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/requests/api.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/layout.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pyproject_hooks/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/Path.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/models/index.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/controller.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/metadata.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/response.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_emoji_replace.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/metadata/_json.py - scripts/release/.venv/lib/python3.11/site-packages/github/RateLimit.pyi - scripts/release/.venv/lib/python3.11/site-packages/github/GistHistoryState.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer-3.2.0.dist-info/RECORD - scripts/release/.venv/lib/python3.11/site-packages/iniconfig/py.typed - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/connection.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/requirements.py - scripts/release/.venv/lib/python3.11/site-packages/smmap/util.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/public.py - scripts/release/.venv/lib/python3.11/site-packages/pycparser/_ast_gen.py - scripts/release/.venv/lib/python3.11/site-packages/git/diff.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/install.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/semantic_version-2.10.0.dist-info/INSTALLER - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/utils.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/bindings/crypto_box.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/operations/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/html.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/platformdirs/version.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/color.py - scripts/release/.venv/lib/python3.11/site-packages/requests/api.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/bar.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/resolution/legacy/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/AuthorizationApplication.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/operations/build/metadata.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/_musllinux.py - scripts/upgrade-codeql-dependencies/.venv/bin/pip3.11 - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/webencodings/tests.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/vcs/bazaar.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/network/download.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_imp.py - scripts/release/.venv/lib/python3.11/site-packages/smmap-5.0.1.dist-info/zip-safe - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/spawn.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/win32.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/platformdirs/__main__.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/test/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/msvccompiler.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/commands/hash.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/metadata/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/jpcntx.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3-2.1.0.dist-info/WHEEL - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/controller.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/common.py - scripts/release/.venv/lib/python3.11/site-packages/iniconfig-2.0.0.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/requests/_internal_utils.py - scripts/release/.venv/lib/python3.11/site-packages/github/CodeScanTool.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/plugin.py - scripts/release/.venv/lib/python3.11/site-packages/wrapt/importer.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/hookspec.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/mark/structures.py - scripts/release/.venv/lib/python3.11/site-packages/yaml/cyaml.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/terminal.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/index/package_finder.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/config/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/database.py - scripts/release/.venv/lib/python3.11/site-packages/PyJWT-2.8.0.dist-info/INSTALLER - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/cygwinccompiler.py - scripts/release/.venv/lib/python3.11/site-packages/github/ProjectCard.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/protocol.py - scripts/release/.venv/lib/python3.11/site-packages/git/objects/util.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests/auth.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/importlib_resources/_itertools.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/bcppcompiler.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/webencodings/labels.py - scripts/release/.venv/lib/python3.11/site-packages/github/CheckSuite.pyi - scripts/release/.venv/lib/python3.11/site-packages/git/exc.py - .codeql-version - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer-3.2.0.dist-info/LICENSE - scripts/release/.venv/lib/python3.11/site-packages/nacl/hashlib.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/tomli/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pluggy/_manager.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/cli/parser.py - scripts/release/.venv/lib/python3.11/site-packages/github/StatsParticipation.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/irc.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/py38compat.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distro/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/escsm.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/reporter.py - scripts/upgrade-codeql-dependencies/.venv/bin/python - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/importlib_resources/simple.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/json.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/distributions/sdist.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_inspect.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/operations/build/wheel_editable.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/macromanprober.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/version.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer/cli/normalizer.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/platformdirs/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pyproject_hooks/_impl.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/cli/spinners.py - scripts/release/.venv/lib/python3.11/site-packages/packaging/py.typed - scripts/release/.venv/lib/python3.11/site-packages/iniconfig-2.0.0.dist-info/WHEEL - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pyproject_hooks/_compat.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/mark/expression.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/exceptions.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_null_file.py - scripts/release/.venv/lib/python3.11/site-packages/github/TeamDiscussion.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/resolvelib/resolvers.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/nap.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/build_env.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/bindings/crypto_hash.py - scripts/release/.venv/lib/python3.11/site-packages/github/PullRequestReview.pyi - scripts/release/.venv/lib/python3.11/site-packages/requests/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/_distutils_hack/override.py - scripts/release/.venv/lib/python3.11/site-packages/git/refs/symbolic.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/_elffile.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/compatibility_tags.py - scripts/release/.venv/lib/python3.11/site-packages/github/GitReleaseAsset.py - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer/__main__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/requests/packages.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/install_scripts.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/vcs/__init__.py - cpp/autosar/src/quick-query.ql - scripts/release/.venv/lib/python3.11/site-packages/github/Invitation.pyi - scripts/release/.venv/lib/python3.11/site-packages/urllib3/_version.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/importlib_resources/_legacy.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/_structures.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/msgpack/exceptions.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/_oid.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/emoji.py - scripts/release/.venv/lib/python3.11/site-packages/pluggy-1.3.0.dist-info/WHEEL - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/repr.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/cli/status_codes.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/jaraco/functools.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/gui-64.exe - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/before.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/kdf/kbkdf.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/tests/initialise_test.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/fields.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography-41.0.5.dist-info/top_level.txt - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/locations/_distutils.py - scripts/release/.venv/lib/python3.11/site-packages/PyNaCl-1.5.0.dist-info/INSTALLER - scripts/release/.venv/lib/python3.11/site-packages/github/ContentFile.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/proxy.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/ccompiler.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/self_outdated_check.py - scripts/release/.venv/lib/python3.11/site-packages/wrapt/patches.py - scripts/release/.venv/lib/python3.11/site-packages/packaging/utils.py - scripts/release/.venv/lib/python3.11/site-packages/requests-2.31.0.dist-info/WHEEL - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/themes.py - scripts/release/.venv/lib/python3.11/site-packages/github/Artifact.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/versionpredicate.py - scripts/release/.venv/lib/python3.11/site-packages/github/View.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer/version.py - scripts/release/.venv/lib/python3.11/site-packages/github/View.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/resources.py - scripts/release/.venv/lib/python3.11/site-packages/github/Environment.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/adapter.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/style.py - scripts/release/.venv/lib/python3.11/site-packages/github/InstallationAuthorization.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/network/utils.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/archive_util.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/bindings/crypto_core.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/bdist_rpm.py - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer/cli/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools-67.6.1.dist-info/WHEEL - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/backends/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/ProjectColumn.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/errors.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/util/proxy.py - scripts/release/.venv/lib/python3.11/site-packages/git/refs/reference.py - scripts/release/.venv/lib/python3.11/site-packages/pycparser-2.21.dist-info/WHEEL - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/charsetprober.py - scripts/release/.venv/lib/python3.11/site-packages/PyJWT-2.8.0.dist-info/METADATA - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/resolver.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/filewrapper.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/live.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/certifi/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/langthaimodel.py - scripts/release/.venv/lib/python3.11/site-packages/GitPython-3.1.36.dist-info/REQUESTED - scripts/release/.venv/lib/python3.11/site-packages/cryptography/fernet.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/upload.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/semantic_version-2.10.0.dist-info/REQUESTED - scripts/release/.venv/bin/python - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/network/session.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/contrib/securetransport.py - scripts/release/.venv/lib/python3.11/site-packages/cffi/_cffi_include.h - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/kdf/scrypt.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/locations/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/requests/structures.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/platformdirs/api.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/clean.py - scripts/release/.venv/lib/python3.11/site-packages/github/Artifact.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/script (dev).tmpl - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/mbcsgroupprober.py - scripts/release/.venv/lib/python3.11/site-packages/cffi/parse_c_type.h - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/commands/help.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/distributions/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/requests/adapters.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/operations/build/wheel_editable.py - scripts/release/.venv/lib/python3.11/site-packages/requests/auth.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/platformdirs/unix.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/measure.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/idna-3.4.dist-info/WHEEL - scripts/release/.venv/lib/python3.11/site-packages/_pytest/python_path.py - scripts/release/.venv/lib/python3.11/site-packages/github/CheckRun.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/msgpack/fallback.py - scripts/release/.venv/lib/python3.11/site-packages/git/remote.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/models/format_control.py - scripts/release/.venv/lib/python3.11/site-packages/github/Clones.pyi - scripts/release/.venv/lib/python3.11/site-packages/github/RateLimit.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_metadata/_meta.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_resources/_itertools.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/idna/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/PyJWT-2.8.0.dist-info/AUTHORS.rst - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip-23.2.1.dist-info/LICENSE.txt - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/idna/codec.py - scripts/release/.venv/lib/python3.11/site-packages/GitPython-3.1.36.dist-info/AUTHORS - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/req/constructors.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3-2.0.4.dist-info/licenses/LICENSE.txt - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/_collections.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/_functools.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/py.typed - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/tests/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/assertion/util.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/markers.py - scripts/release/.venv/lib/python3.11/site-packages/jwt/api_jwk.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/platformdirs/windows.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/ciphers/algorithms.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/response.py - scripts/release/.venv/lib/python3.11/site-packages/PyGithub-1.59.1.dist-info/COPYING - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/certifi/__main__.py - scripts/release/.venv/lib/python3.11/site-packages/wrapt/decorators.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer-3.2.0.dist-info/INSTALLER - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/scanner.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/importlib_resources/_itertools.py - scripts/release/.venv/lib/python3.11/site-packages/smmap/test/test_buf.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/vcs/subversion.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/more_itertools/more.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/cp949prober.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/build.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/jupyter.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/egg_info.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/contrib/_securetransport/low_level.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/requests/cookies.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/_manylinux.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/ordered_set.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/compat.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/screen.py - scripts/release/.venv/lib/python3.11/site-packages/pluggy-1.3.0.dist-info/INSTALLER - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/mbcsgroupprober.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/tests/isatty_test.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/gui-arm64.exe - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/_parser.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/resolvelib/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/build_scripts.py - scripts/release/.venv/lib/python3.11/site-packages/requests-2.31.0.dist-info/RECORD - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_metadata/_compat.py - scripts/release/.venv/lib/python3.11/site-packages/github/Autolink.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/connection.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/py36compat.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pyproject_hooks/_impl.py - scripts/release/.venv/lib/python3.11/site-packages/pip-23.0.1.dist-info/WHEEL - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/contrib/_appengine_environ.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/db/mem.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/build_meta.py - scripts/release/.venv/lib/python3.11/site-packages/github/File.pyi - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/saveopts.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/recwarn.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/_manylinux.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/euckrprober.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/w64-arm.exe - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/rtf.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/bindings/sodium_core.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/importlib_resources/abc.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/irc.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/poolmanager.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/panel.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/bdist_rpm.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/commands/download.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/before.py - scripts/release/.venv/lib/python3.11/site-packages/github/GitTreeElement.pyi - scripts/release/.venv/lib/python3.11/site-packages/github/Repository.py - scripts/release/.venv/lib/python3.11/site-packages/github/Migration.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/gb2312prober.py - scripts/release/.venv/lib/python3.11/site-packages/pycparser/yacctab.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/signing.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/idna/compat.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/sbcharsetprober.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/_manylinux.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/testing.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/twofactor/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/tomli/_re.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/models/selection_prefs.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_resources/_compat.py - scripts/release/.venv/lib/python3.11/site-packages/pycparser-2.21.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/git/objects/submodule/base.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/typing_extensions.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/filesystem.py - scripts/release/.venv/lib/python3.11/site-packages/github/GitTree.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/errors.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/live.py - scripts/release/.venv/lib/python3.11/site-packages/idna-3.4.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/cffi/recompiler.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/console.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/tests/initialise_test.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/idna-3.4.dist-info/LICENSE.md - scripts/release/.venv/lib/python3.11/site-packages/urllib3/util/request.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/metadata/importlib/_dists.py - scripts/release/.venv/pyvenv.cfg - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/models/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/build_ext.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/provider.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/x509/certificate_transparency.py - scripts/release/.venv/lib/python3.11/site-packages/github/RequiredStatusChecks.py - scripts/release/.venv/lib/python3.11/site-packages/github/TimelineEvent.pyi - scripts/release/.venv/lib/python3.11/site-packages/github/StatsCommitActivity.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/asn1.pyi - scripts/release/.venv/lib/python3.11/site-packages/urllib3-2.1.0.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/helpers.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/enums.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/py37compat.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/w64.exe - scripts/release/.venv/lib/python3.11/site-packages/cryptography/x509/name.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/text.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/_request_methods.py - scripts/release/.venv/lib/python3.11/site-packages/github/Deployment.pyi - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer-3.3.2.dist-info/INSTALLER - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/easy_install.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_metadata/_meta.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/response.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests-2.31.0.dist-info/WHEEL - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/py.typed - scripts/release/.venv/lib/python3.11/site-packages/github/Event.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/vcs/mercurial.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_resources/simple.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/version.py - scripts/release/.venv/lib/python3.11/site-packages/semantic_version-2.10.0.dist-info/WHEEL - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/unicode_utils.py - scripts/release/.venv/lib/python3.11/site-packages/github/Clones.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/__pip-runner__.py - scripts/release/.venv/lib/python3.11/site-packages/cffi/model.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/network/utils.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/requests/certs.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/network/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/__pip-runner__.py - scripts/release/.venv/lib/python3.11/site-packages/github/DeploymentStatus.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/version.py - scripts/release/.venv/lib/python3.11/site-packages/pytest-7.4.3.dist-info/INSTALLER - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/build_clib.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/nodes.py - scripts/release/.venv/lib/python3.11/site-packages/pip-23.0.1.dist-info/RECORD - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/lexers/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/operations/build/build_tracker.py - scripts/release/.venv/lib/python3.11/site-packages/github/Topic.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/msgpack/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/certifi/__main__.py - scripts/release/.venv/lib/python3.11/site-packages/pytest/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/certifi/__main__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/platformdirs/unix.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/filesize.py - scripts/release/.venv/lib/python3.11/site-packages/packaging-23.2.dist-info/INSTALLER - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/py39compat.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/request.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/commands/help.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/contrib/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_pick.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/fixtures.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/network/download.py - scripts/release/.venv/lib/python3.11/site-packages/github/CodeScanTool.pyi - scripts/release/.venv/lib/python3.11/site-packages/cryptography/py.typed - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/t32.exe - scripts/release/.venv/lib/python3.11/site-packages/github/Commit.py - scripts/release/.venv/lib/python3.11/site-packages/cffi/_cffi_errors.h - scripts/release/.venv/lib/python3.11/site-packages/github/Permissions.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/lexer.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/models/direct_url.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/resultdict.py - scripts/release/.venv/lib/python3.11/site-packages/git/index/fun.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3-2.1.0.dist-info/RECORD - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/openssl/dsa.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/metadata/importlib/_dists.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_pick.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/specifiers.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/twofactor/totp.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/regexopt.py - scripts/release/.venv/lib/python3.11/site-packages/GitPython-3.1.36.dist-info/RECORD - scripts/release/.venv/lib/python3.11/site-packages/yaml/reader.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/styled.py - scripts/release/.venv/lib/python3.11/site-packages/github/Download.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/caches/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/idna/uts46data.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/cache.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/extension.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/py.typed - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/operations/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/Stargazer.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/default_styles.py - scripts/release/.venv/lib/python3.11/site-packages/idna-3.4.dist-info/LICENSE.md - scripts/release/.venv/lib/python3.11/site-packages/yaml/emitter.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/test/test_base.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/resources.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_ratio.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/util/ssl_.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/pastebin.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/install_lib.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/contrib/ntlmpool.py - scripts/release/.venv/lib/python3.11/site-packages/packaging-23.2.dist-info/RECORD - scripts/release/.venv/lib/python3.11/site-packages/_pytest/_code/code.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/errors.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/ssltransport.py - scripts/release/.venv/lib/python3.11/site-packages/requests/_internal_utils.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/PyNaCl-1.5.0.dist-info/LICENSE - scripts/release/.venv/lib/python3.11/site-packages/cryptography/x509/extensions.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/req/req_install.py - scripts/release/.venv/lib/python3.11/site-packages/yaml/constructor.py - scripts/release/.venv/lib/python3.11/site-packages/pluggy/_result.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/config.py - scripts/release/.venv/lib/python3.11/site-packages/idna/core.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/py39compat.py - scripts/release/.venv/lib/python3.11/site-packages/Deprecated-1.2.14.dist-info/RECORD - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/cli-64.exe - scripts/release/.venv/lib/python3.11/site-packages/urllib3/filepost.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/_asyncio.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/test/test_pack.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/latex.py - scripts/release/.venv/lib/python3.11/site-packages/packaging/tags.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/queue.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/jaraco/context.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/idna/package_data.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/x509/oid.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/tomli/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/ordered_set.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/test/lib.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/unittest.py - scripts/release/.venv/lib/python3.11/site-packages/requests-2.31.0.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/certifi/__main__.py - scripts/release/.venv/lib/python3.11/site-packages/git/config.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/stash.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_windows_renderer.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/__about__.py - scripts/release/.venv/lib/python3.11/site-packages/github/CodeScanRule.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/diagnose.py - scripts/release/.venv/lib/python3.11/site-packages/github/Gist.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/encoding.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/_distutils_hack/override.py - scripts/release/.venv/lib/python3.11/site-packages/cffi/cparser.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/install_data.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/PullRequest.pyi - scripts/release/.venv/lib/python3.11/site-packages/smmap/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/_macos_compat.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/distributions/wheel.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/align.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/gui-64.exe - scripts/release/.venv/lib/python3.11/site-packages/github/GithubException.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/idna/package_data.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/kdf/concatkdf.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/db/ref.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/models/search_scope.py - scripts/release/.venv/lib/python3.11/site-packages/github/CommitComment.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/develop.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/junitxml.py - scripts/release/.venv/lib/python3.11/site-packages/github/InputGitTreeElement.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/commands/hash.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_resources/abc.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/platformdirs/windows.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/gui.exe - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/operations/install/wheel.py - scripts/release/.venv/lib/python3.11/site-packages/pytest-7.4.3.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/github/Autolink.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/escsm.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/vendor.txt - scripts/release/.venv/lib/python3.11/site-packages/github/RequiredPullRequestReviews.pyi - scripts/release/.venv/lib/python3.11/site-packages/github/RequiredPullRequestReviews.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_timer.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests/models.py - scripts/release/.venv/lib/python3.11/site-packages/github/Workflow.pyi - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/build_py.py - scripts/release/.venv/lib/python3.11/site-packages/github/Requester.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/latex.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/token.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/operations/build/metadata_editable.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_importlib.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/mbcssm.py - scripts/release/.venv/lib/python3.11/site-packages/yaml/tokens.py - scripts/release/.venv/lib/python3.11/site-packages/github/GitObject.py - scripts/release/.venv/lib/python3.11/site-packages/github/Gist.pyi - scripts/release/.venv/lib/python3.11/site-packages/github/GithubApp.pyi - scripts/release/.venv/lib/python3.11/site-packages/semantic_version/django_fields.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/resolution/legacy/resolver.py - scripts/release/.venv/lib/python3.11/site-packages/pycparser/c_ast.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/langturkishmodel.py - scripts/release/.venv/lib/python3.11/site-packages/packaging/_tokenizer.py - scripts/release/.venv/lib/python3.11/site-packages/github/EnvironmentProtectionRule.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/openssl/kdf.pyi - scripts/release/.venv/lib/python3.11/site-packages/github/Comparison.py - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer/legacy.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/models/target_python.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/_version.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/_framework_compat.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests/hooks.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/contrib/_securetransport/bindings.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/response.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/locations/_sysconfig.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/svg.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/setuptools_build.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/core.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/resolvelib/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/hashes.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pyproject_hooks/_in_process/_in_process.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/asymmetric/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/w32.exe - scripts/release/.venv/lib/python3.11/site-packages/pycparser/lextab.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/_version.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography-41.0.5.dist-info/WHEEL - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests/structures.py - scripts/release/.venv/lib/python3.11/site-packages/iniconfig-2.0.0.dist-info/licenses/LICENSE - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/contrib/_securetransport/bindings.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/style.py - scripts/release/.venv/lib/python3.11/site-packages/github/CheckRunOutput.pyi - scripts/release/.venv/lib/python3.11/site-packages/github/IssueEvent.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/cmdline.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/commands/show.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/backends/openssl/ec.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/_log.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/util/util.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/cmdline.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/langhebrewmodel.py - scripts/release/.venv/lib/python3.11/site-packages/PyNaCl-1.5.0.dist-info/top_level.txt - scripts/release/.venv/lib/python3.11/site-packages/idna/codec.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/build_ext.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/before_sleep.py - scripts/release/.venv/lib/python3.11/site-packages/github/Notification.pyi - scripts/release/.venv/lib/python3.11/site-packages/urllib3/util/proxy.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/cli/command_context.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_extension.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/version.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/caches/file_cache.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/importlib_resources/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools-67.6.1.dist-info/REQUESTED - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/direct_url_helpers.py - scripts/release/.venv/lib/python3.11/site-packages/github/NamedUser.pyi - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_resources/readers.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/webencodings/x_user_defined.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/commands/wheel.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/serialize.py - scripts/release/.venv/lib/python3.11/site-packages/github/GitignoreTemplate.pyi - scripts/release/.venv/lib/python3.11/site-packages/github/GitObject.pyi - scripts/release/.venv/lib/python3.11/site-packages/github/IssuePullRequest.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/jwt/types.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/webencodings/tests.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/extern/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/highlighter.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/url.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/_musllinux.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/idna/compat.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests/adapters.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/clean.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/jaraco/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/config/_validate_pyproject/fastjsonschema_validations.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests-2.31.0.dist-info/top_level.txt - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/upload.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/unicode_utils.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_resources/_legacy.py - scripts/release/.venv/lib/python3.11/site-packages/_distutils_hack/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/jaraco/functools.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/containers.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/_io/saferepr.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/__about__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/euctwfreq.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip-23.2.1.dist-info/INSTALLER - scripts/release/.venv/lib/python3.11/site-packages/packaging/__init__.py - scripts/upgrade-codeql-dependencies/.venv/bin/python3 - scripts/release/.venv/lib/python3.11/site-packages/github/py.typed - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/requests/adapters.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests-2.31.0.dist-info/LICENSE - scripts/release/.venv/lib/python3.11/site-packages/_pytest/outcomes.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/compat.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/gui-arm64.exe - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/palette.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_cell_widths.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/hashes.py - scripts/release/.venv/lib/python3.11/site-packages/pip-23.0.1.dist-info/entry_points.txt - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/cli/base_command.py - scripts/release/.venv/lib/python3.11/site-packages/cffi-1.16.0.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/six.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3-2.1.0.dist-info/licenses/LICENSE.txt - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/codingstatemachinedict.py - scripts/release/.venv/lib/python3.11/site-packages/github/CodeScanAlert.pyi - scripts/release/.venv/lib/python3.11/site-packages/jwt/api_jws.py - scripts/release/.venv/lib/python3.11/site-packages/PyGithub-1.59.1.dist-info/RECORD - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pyproject_hooks/_compat.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/reports.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/filelist.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/req/constructors.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/entrypoints.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/deprecation.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/monkey.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests/compat.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/network/xmlrpc.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/main.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/sdist.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/style.py - scripts/release/.venv/lib/python3.11/site-packages/github/GitRef.pyi - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/jaraco/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/rotate.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/PyYAML-6.0.1.dist-info/LICENSE - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/tests/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/progress.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/msvc.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/openssl/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/cli/autocompletion.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/config/_validate_pyproject/extra_validations.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb-4.0.11.dist-info/RECORD - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/egg_link.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/index/collector.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/util/ssl_.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_path.py - scripts/release/.venv/lib/python3.11/site-packages/semantic_version-2.10.0.dist-info/REQUESTED - scripts/release/.venv/lib/python3.11/site-packages/gitdb/base.py - scripts/release/.venv/lib/python3.11/site-packages/packaging/metadata.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/install_egg_info.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/_elffile.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/openssl/hmac.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/requests/structures.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_fileno.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/packages/backports/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/git/refs/remote.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/config/_validate_pyproject/fastjsonschema_validations.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/tree.py - scripts/release/.venv/lib/python3.11/site-packages/idna/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/tags.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/requests/_internal_utils.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/_py/path.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/markers.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/core.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/requests/hooks.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/pytester_assertions.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/utils.py - scripts/release/.venv/lib/python3.11/site-packages/github/Branch.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/bbcode.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/network/auth.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/core.py - scripts/release/.venv/lib/python3.11/site-packages/github/Referrer.py - shell.nix - scripts/release/.venv/lib/python3.11/site-packages/idna-3.4.dist-info/WHEEL - scripts/release/.venv/lib/python3.11/site-packages/PyJWT-2.8.0.dist-info/WHEEL - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/wrapper.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/_elffile.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/inject_securetransport.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/syntax.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/pangomarkup.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb-4.0.11.dist-info/INSTALLER - scripts/release/.venv/lib/python3.11/site-packages/github/TimelineEvent.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/caches/redis_cache.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/importlib_resources/readers.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/repr.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/utils.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/certifi/cacert.pem - scripts/release/.venv/lib/python3.11/site-packages/packaging-23.2.dist-info/LICENSE - scripts/release/.venv/lib/python3.11/site-packages/PyYAML-6.0.1.dist-info/WHEEL - scripts/release/.venv/lib/python3.11/site-packages/git/objects/submodule/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/specifiers.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/mark/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/wrapt/wrappers.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/_tokenizer.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/contrib/_securetransport/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/request.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/install_egg_info.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/yaml/dumper.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer-3.2.0.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/_pytest/timing.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/_distutils_hack/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/GitTag.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/register.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/utf8prober.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/bindings/crypto_pwhash.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/operations/build/wheel_legacy.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip-23.2.1.dist-info/entry_points.txt - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/scripts.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/vendor.txt - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/contrib/appengine.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/vcs/mercurial.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests/packages.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/_code/source.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/dep_util.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/version.py - scripts/release/.venv/lib/python3.11/site-packages/github/Issue.py - scripts/release/.venv/lib/python3.11/site-packages/GitPython-3.1.36.dist-info/LICENSE - scripts/release/.venv/lib/python3.11/site-packages/semantic_version-2.10.0.dist-info/INSTALLER - scripts/release/.venv/lib/python3.11/site-packages/github/Label.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/build_clib.py - scripts/release/.venv/lib/python3.11/site-packages/wrapt/weakrefs.py - scripts/release/.venv/lib/python3.11/site-packages/requests/packages.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/test/test_util.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/tags.py - scripts/release/.venv/bin/pip3 - scripts/release/.venv/lib/python3.11/site-packages/semantic_version-2.10.0.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/certifi/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/diagnose.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/logging.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb/utils/encoding.py - scripts/release/.venv/lib/python3.11/site-packages/GitPython-3.1.36.dist-info/METADATA - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3-2.0.4.dist-info/RECORD - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/bdist_dumb.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/euctwfreq.py - scripts/release/.venv/lib/python3.11/site-packages/cffi/ffiplatform.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/tags.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_metadata/_adapters.py - scripts/release/.venv/lib/python3.11/site-packages/jwt/warnings.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/contrib/_securetransport/bindings.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/__main__.py - scripts/release/.venv/lib/python3.11/site-packages/github/Auth.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/tomli/_re.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_windows.py - scripts/release/.venv/lib/python3.11/site-packages/github/CheckRunOutput.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/dist.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/requests/api.py - scripts/release/.venv/lib/python3.11/site-packages/github/Comparison.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/contrib/_securetransport/low_level.py - scripts/release/.venv/lib/python3.11/site-packages/github/GitRelease.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/_collections.py - scripts/release/.venv/lib/python3.11/site-packages/Deprecated-1.2.14.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/file_proxy.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/commands/configuration.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip-23.2.1.dist-info/AUTHORS.txt - scripts/release/.venv/lib/python3.11/site-packages/nacl/bindings/crypto_scalarmult.py - scripts/release/.venv/lib/python3.11/site-packages/yaml/loader.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/mbcssm.py - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer/api.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/_version.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/versionpredicate.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_resources/_adapters.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/requests/status_codes.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/archive_util.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/models/candidate.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/wrapper.py - scripts/release/.venv/lib/python3.11/site-packages/PyNaCl-1.5.0.dist-info/RECORD - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/distutils-precedence.pth - scripts/release/.venv/lib/python3.11/site-packages/urllib3/util/timeout.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/script (dev).tmpl - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/sdist.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/_log.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/hashes.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/util.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/actions.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/unixccompiler.py - scripts/release/.venv/lib/python3.11/site-packages/github/GitBlob.pyi - scripts/release/.venv/lib/python3.11/site-packages/nacl/bindings/crypto_generichash.py - scripts/release/.venv/lib/python3.11/site-packages/github/GitReleaseAsset.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/rotate.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/contrib/pyopenssl.py - scripts/release/.venv/lib/python3.11/site-packages/git/refs/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/bar.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/backends/openssl/ciphers.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/_structures.py - scripts/release/.venv/lib/python3.11/site-packages/github/Milestone.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/platformdirs/__main__.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/asymmetric/dsa.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/dir_util.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/errors.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/ansi.py - scripts/release/.venv/lib/python3.11/site-packages/requests/hooks.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/padding.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/req/req_file.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/pwhash/argon2id.py - scripts/upgrade-codeql-dependencies/.venv/bin/activate.fish - scripts/release/.venv/lib/python3.11/site-packages/smmap-5.0.1.dist-info/INSTALLER - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/depends.py - scripts/release/.venv/lib/python3.11/site-packages/github/RepositoryAdvisory.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/msvc.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/extension.py - scripts/release/.venv/lib/python3.11/site-packages/pip-23.0.1.dist-info/REQUESTED - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/cache.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/_tokenizer.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/cli-arm64.exe - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/cache.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/contrib/pyopenssl.py - scripts/release/.venv/lib/python3.11/site-packages/github/InstallationAuthorization.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/log.py - scripts/release/.venv/lib/python3.11/site-packages/github/Migration.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/__main__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/ansitowin32.py - scripts/release/.venv/lib/python3.11/site-packages/certifi-2023.11.17.dist-info/METADATA - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/tomli/_parser.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/config/_validate_pyproject/formats.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/msgpack/exceptions.py - scripts/release/.venv/lib/python3.11/site-packages/jwt/jwk_set_cache.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/tests/ansi_test.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/idna/uts46data.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/unistring.py - scripts/release/.venv/lib/python3.11/site-packages/github/GitRef.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_reqs.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/log.py - scripts/release/.venv/lib/python3.11/site-packages/github/RepositoryPreferences.pyi - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/py36compat.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb-4.0.11.dist-info/AUTHORS - scripts/release/.venv/lib/python3.11/site-packages/pycparser/ply/cpp.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/contrib/pyopenssl.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/extension.py - scripts/release/.venv/lib/python3.11/site-packages/github/Hook.pyi - scripts/release/.venv/lib/python3.11/site-packages/urllib3/util/wait.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/metadata/languages.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/git/objects/commit.py - scripts/release/.venv/lib/python3.11/site-packages/cffi/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/urllib3/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/requests-2.31.0.dist-info/LICENSE - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/util/connection.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/console.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/contrib/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests-2.31.0.dist-info/METADATA - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/datetime.py - scripts/release/.venv/lib/python3.11/site-packages/pytest/__main__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/webencodings/mklabels.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/openssl/hashes.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/ansitowin32.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/text.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/screen.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_metadata/_collections.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/monkey.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/wheel.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/distributions/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/backends/openssl/rsa.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/after.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/requests/auth.py - scripts/upgrade-codeql-dependencies/.venv/bin/pip3 - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/glibc.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/config/expand.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/_utils.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/contrib/socks.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/util.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/cacheprovider.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/token.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests/certs.py - scripts/release/.venv/lib/python3.11/site-packages/pycparser/c_parser.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/models/target_python.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/tests/ansi_test.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/config/_apply_pyprojecttoml.py - scripts/release/.venv/lib/python3.11/site-packages/pytest-7.4.3.dist-info/top_level.txt - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/metadata/pkg_resources.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/version.py - scripts/release/.venv/lib/python3.11/site-packages/PyGithub-1.59.1.dist-info/INSTALLER - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/t64-arm.exe - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/resolvelib/compat/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/more_itertools/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/lexers/python.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/theme.py - scripts/release/.venv/lib/python3.11/site-packages/wrapt-1.16.0.dist-info/RECORD - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/network/cache.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/version.py - scripts/release/.venv/lib/python3.11/site-packages/github/GithubIntegration.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/filepost.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/plugin.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/wheel.py - scripts/release/.venv/lib/python3.11/site-packages/github/IssueComment.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/cachecontrol/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/semantic_version-2.10.0.dist-info/top_level.txt - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/contrib/appengine.py - scripts/release/.venv/lib/python3.11/site-packages/github/Issue.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/cmd.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/x509.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/resolver.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/archive_util.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/markers.py - scripts/release/.venv/lib/python3.11/site-packages/packaging/version.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/contrib/ntlmpool.py - scripts/release/.venv/lib/python3.11/site-packages/github/Installation.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/operations/build/build_tracker.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/req/req_uninstall.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pkg_resources/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/subprocess.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/metadata/base.py - scripts/release/.venv/lib/python3.11/site-packages/github/HookResponse.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/more_itertools/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests/sessions.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/more_itertools/more.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/build_ext.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/color.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/before_sleep.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/py37compat.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/testing.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/codingstatemachinedict.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/progress_bar.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/ssltransport.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_spinners.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/after.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/network/auth.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/packaging/_tokenizer.py - scripts/release/.venv/lib/python3.11/site-packages/github/Installation.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/python.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/specifiers.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/entrypoints.py - scripts/release/.venv/lib/python3.11/site-packages/pip/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/Reaction.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/typing_extensions.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatter.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/more_itertools/recipes.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/vcs/subversion.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3-2.0.4.dist-info/WHEEL - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/jisfreq.py - scripts/release/.venv/lib/python3.11/site-packages/idna/intranges.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/langhungarianmodel.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/importlib_resources/abc.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/utils.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/tenacity/_utils.py - scripts/release/.venv/lib/python3.11/site-packages/github/SourceImport.pyi - scripts/release/.venv/lib/python3.11/site-packages/github/SourceImport.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/unixccompiler.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/commands/index.py - scripts/release/.venv/lib/python3.11/site-packages/github/PaginatedList.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/config/_validate_pyproject/fastjsonschema_exceptions.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/groff.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/index/sources.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/models/installation_report.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/distributions/sdist.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/requests/packages.py - scripts/release/.venv/lib/python3.11/site-packages/jwt/help.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/regexopt.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/install_headers.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/requirements.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/serialization/pkcs12.py - scripts/release/.venv/lib/python3.11/site-packages/github/NotificationSubject.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/tmpdir.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_deprecation_warning.py - scripts/release/.venv/lib/python3.11/site-packages/github/File.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/cli/req_command.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/jaraco/context.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/timeout.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/tests/ansitowin32_test.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/threadexception.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/extern/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_emoji_codes.py - scripts/release/.venv/lib/python3.11/site-packages/github/TimelineEventSource.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/tomli/_types.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/styles/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/nacl/pwhash/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/platformdirs/android.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/charsetprober.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/pretty.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/exceptions.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/base.py - scripts/release/.venv/lib/python3.11/site-packages/gitdb-4.0.11.dist-info/top_level.txt - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip-23.2.1.dist-info/top_level.txt - scripts/release/.venv/lib/python3.11/site-packages/_pytest/assertion/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/compat.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/_manylinux.py - scripts/release/.venv/lib/python3.11/site-packages/github/GistHistoryState.py - scripts/release/.venv/lib/python3.11/site-packages/idna/uts46data.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/distributions/base.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/_msvccompiler.py - scripts/release/.venv/lib/python3.11/site-packages/github/Workflow.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests/help.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/cli.exe - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/ssl_.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/semantic_version/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/operations/build/metadata_legacy.py - scripts/release/.venv/lib/python3.11/site-packages/pluggy/_version.py - scripts/release/.venv/lib/python3.11/site-packages/yaml/nodes.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/commands/wheel.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/util/retry.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/launch.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/commands/cache.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/models/link.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/config/exceptions.py - scripts/release/.venv/lib/python3.11/site-packages/requests/exceptions.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools-67.6.1.dist-info/LICENSE - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/vcs/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/Reaction.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/segment.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_imp.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/charset_normalizer-3.2.0.dist-info/top_level.txt - scripts/release/.venv/lib/python3.11/site-packages/requests/certs.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_loop.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/filetypes.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_distutils/_functools.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/universaldetector.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/utils.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/jaraco/text/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/contrib/_securetransport/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/packaging.py - scripts/release/.venv/lib/python3.11/site-packages/github/Stargazer.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/resolvelib/reporters.py - scripts/release/.venv/lib/python3.11/site-packages/github/CommitStatus.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/columns.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3/_request_methods.py - scripts/release/.venv/lib/python3.11/site-packages/github/RepositoryAdvisoryVulnerability.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/_vendor/importlib_metadata/_adapters.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/platformdirs/version.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_vendor/packaging/version.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/img.py - scripts/release/.venv/lib/python3.11/site-packages/github/CommitStats.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/ansi.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/langthaimodel.py - scripts/release/.venv/lib/python3.11/site-packages/pytest/py.typed - scripts/release/.venv/lib/python3.11/site-packages/git/objects/tree.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/_mapping.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distro/__main__.py - scripts/release/.venv/lib/python3.11/site-packages/git/refs/log.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/commands/show.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/install_data.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/build_scripts.py - scripts/release/.venv/lib/python3.11/site-packages/packaging/markers.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/openssl/ed25519.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/response.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_cell_widths.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_emoji_codes.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/deprecated.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/metadata/importlib/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/platformdirs/version.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/markers.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/resolution/resolvelib/base.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/requests/models.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/config/_validate_pyproject/formats.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_null_file.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/sbcsgroupprober.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/asymmetric/ed25519.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/requests/adapters.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/config/findpaths.py - scripts/release/.venv/lib/python3.11/site-packages/git/db.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/urllib3-2.0.4.dist-info/INSTALLER - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/operations/install/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/box.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/jaraco/context.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/distlib/compat.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/commands/index.py - scripts/release/.venv/lib/python3.11/site-packages/github/Branch.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/operations/install/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/johabprober.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/monkeypatch.py - scripts/release/.venv/lib/python3.11/site-packages/smmap-5.0.1.dist-info/LICENSE - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/unpacking.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/spawn.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/langgreekmodel.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/_palettes.py - scripts/release/.venv/lib/python3.11/site-packages/_pytest/_io/__init__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools-67.6.1.dist-info/entry_points.txt - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/semantic_version-2.10.0.dist-info/METADATA - scripts/release/.venv/lib/python3.11/site-packages/github/AppAuthentication.py - scripts/release/.venv/lib/python3.11/site-packages/pluggy-1.3.0.dist-info/LICENSE - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/segment.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/requests/models.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/zipp.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/models/search_scope.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/requests/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/version.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/rich/styled.py - scripts/release/.venv/lib/python3.11/site-packages/yaml/serializer.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/debug.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/urllib3/packages/backports/makefile.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/resolvelib/compat/collections_abc.py - scripts/release/.venv/lib/python3.11/site-packages/pytest-7.4.3.dist-info/LICENSE - scripts/release/.venv/lib/python3.11/site-packages/yaml/_yaml.cpython-311-darwin.so - scripts/release/.venv/lib/python3.11/site-packages/urllib3-2.1.0.dist-info/INSTALLER - scripts/release/.venv/lib/python3.11/site-packages/github/WorkflowStep.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/utils/_jaraco_text.py - scripts/release/.venv/lib/python3.11/site-packages/wrapt-1.16.0.dist-info/LICENSE - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/unistring.py - scripts/release/.venv/lib/python3.11/site-packages/certifi/core.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/config/expand.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/platformdirs/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/iniconfig/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/rich/traceback.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/platformdirs/api.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/exceptions.pyi - scripts/release/.venv/lib/python3.11/site-packages/github/MainClass.py - scripts/release/.venv/lib/python3.11/site-packages/github/__init__.pyi - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/wheel.py - scripts/release/.venv/lib/python3.11/site-packages/pkg_resources/_vendor/importlib_resources/_compat.py - scripts/release/.venv/lib/python3.11/site-packages/setuptools/command/easy_install.py - scripts/release/.venv/lib/python3.11/site-packages/charset_normalizer/cli/__main__.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/commands/uninstall.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/bindings/_rust/openssl/x25519.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/command/_framework_compat.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/packaging/requirements.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/scanner.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/hazmat/primitives/cmac.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/pygments/formatters/terminal.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_vendor/requests/exceptions.py - scripts/release/.venv/lib/python3.11/site-packages/Deprecated-1.2.14.dist-info/LICENSE.rst - scripts/release/.venv/lib/python3.11/site-packages/PyJWT-2.8.0.dist-info/LICENSE - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/__init__.py - scripts/release/.venv/lib/python3.11/site-packages/github/License.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/requests/utils.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/pyparsing/unicode.py - scripts/release/.venv/lib/python3.11/site-packages/github/GitAuthor.pyi - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/_distutils/text_file.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/colorama/tests/ansitowin32_test.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/operations/install/legacy.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_internal/metadata/base.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/utils/encoding.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/setuptools/command/test.py - scripts/upgrade-codeql-dependencies/.venv/lib/python3.11/site-packages/pip/_vendor/chardet/johabprober.py - scripts/release/.venv/lib/python3.11/site-packages/cryptography/__about__.py - scripts/release/.venv/lib/python3.11/site-packages/pip/_internal/commands/completion.py - Release v2.0.0 (refs/gitbutler/release-v2-0-0-) branch head: 6303cd54fcdc6bee49201c3c15130f613512f52a Your previous branch was: refs/heads/rvermeulen/fix-388 The sha for that commit was: bd425e0c5244ae92c1e7ff44ed2829f4e369806c For more information about what we're doing here, check out our docs: https://docs.gitbutler.com/features/virtual-branches/integration-branch From b788f5fd82b4e4b77a700fd303a9e04dc7c7e1e3 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 14 Feb 2024 17:00:44 -0800 Subject: [PATCH 1660/2573] Address FP by counting aggregate initialization --- .../src/rules/M0-1-4/SingleUsePODVariable.qll | 38 +++++++++++-------- cpp/autosar/test/rules/M0-1-4/test_member.cpp | 21 ++++++++++ 2 files changed, 44 insertions(+), 15 deletions(-) diff --git a/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll b/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll index c4e220549a..4d822083b3 100644 --- a/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll +++ b/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll @@ -12,21 +12,29 @@ private string getConstExprValue(Variable v) { /** Gets a "use" count according to rule M0-1-4. */ int getUseCount(Variable v) { - exists(int initializers | - // We enforce that it's a POD type variable, so if it has an initializer it is explicit - (if v.hasInitializer() then initializers = 1 else initializers = 0) and - result = - initializers + - count(VariableAccess access | access = v.getAnAccess() and not access.isCompilerGenerated()) - + count(UserProvidedConstructorFieldInit cfi | cfi.getTarget() = v) + - // For constexpr variables used as template arguments, we don't see accesses (just the - // appropriate literals). We therefore take a conservative approach and count the number of - // template instantiations that use the given constant, and consider each one to be a use - // of the variable - count(ClassTemplateInstantiation cti | - cti.getTemplateArgument(_).(Expr).getValue() = getConstExprValue(v) - ) - ) + // We enforce that it's a POD type variable, so if it has an initializer it is explicit + //v.getFile().getBaseName() = "test_member.cpp" and + result = + count(getAUserInitializedValue(v)) + + count(VariableAccess access | access = v.getAnAccess() and not access.isCompilerGenerated()) + + // For constexpr variables used as template arguments, we don't see accesses (just the + // appropriate literals). We therefore take a conservative approach and count the number of + // template instantiations that use the given constant, and consider each one to be a use + // of the variable + count(ClassTemplateInstantiation cti | + cti.getTemplateArgument(_).(Expr).getValue() = getConstExprValue(v) + ) +} + +Expr getAUserInitializedValue(Variable v) { + ( + result = v.getInitializer().getExpr() + or + exists(UserProvidedConstructorFieldInit cfi | cfi.getTarget() = v and result = cfi.getExpr()) + or + exists(ClassAggregateLiteral l | not l.isCompilerGenerated() | result = l.getAFieldExpr(v)) + ) and + not result.isCompilerGenerated() } /** Gets a single use of `v`, if `isSingleUseNonVolatilePODVariable` holds. */ diff --git a/cpp/autosar/test/rules/M0-1-4/test_member.cpp b/cpp/autosar/test/rules/M0-1-4/test_member.cpp index a43ee5d799..8defc07f10 100644 --- a/cpp/autosar/test/rules/M0-1-4/test_member.cpp +++ b/cpp/autosar/test/rules/M0-1-4/test_member.cpp @@ -72,4 +72,25 @@ void test_e() { // Ensure that the template E is fully instantiated e2.getT(); } +void test_fp_reported_in_388() { + struct s1 { + int m1; // COMPLIANT + }; + + s1 l1 = {1}; // m1 is used here + l1.m1; +} + +void test_array_initialized_members() { + struct s1 { + int m1; // COMPLIANT + }; + + struct s1 l1[] = { + {.m1 = 1}, + {.m1 = 2}, + }; + + l1[0].m1; +} } // namespace test \ No newline at end of file From b41e6634dba4a08d8bce4356f20ff2a50e7c26c5 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 14 Feb 2024 17:02:50 -0800 Subject: [PATCH 1661/2573] Address FPs on subojects Members of a struct can be initialized indirectly in various ways. We account for those when counting uses. --- .../src/rules/M0-1-4/SingleUsePODVariable.qll | 40 ++++++++++++++++++- cpp/autosar/test/rules/M0-1-4/test_member.cpp | 37 +++++++++++++++++ 2 files changed, 76 insertions(+), 1 deletion(-) diff --git a/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll b/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll index 4d822083b3..25a040e3c2 100644 --- a/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll +++ b/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll @@ -10,6 +10,44 @@ private string getConstExprValue(Variable v) { v.isConstexpr() } +/** + * Gets the number of uses of variable `v` in an opaque assignment, where an opaqua assignment for example a cast from one type to the other and `v` is assumed to be a member of the resulting type. + * e.g., + * struct foo { + * int bar; + * } + * + * struct foo * v = (struct foo*)buffer; + */ +Expr getIndirectSubObjectAssignedValue(MemberVariable subobject) { + // struct foo * ptr = (struct foo*)buffer; + exists(Struct someStruct, Variable instanceOfSomeStruct | someStruct.getAMember() = subobject | + instanceOfSomeStruct.getType().(PointerType).getBaseType() = someStruct and + exists(Cast assignedValue | + // Exclude cases like struct foo * v = nullptr; + not assignedValue.isImplicit() and + // `v` is a subobject of another type that reinterprets another object. We count that as a use of `v`. + assignedValue.getExpr() = instanceOfSomeStruct.getAnAssignedValue() and + result = assignedValue + ) + or + // struct foo; read(..., (char *)&foo); + instanceOfSomeStruct.getType() = someStruct and + exists(Call externalInitializerCall, Cast castToCharPointer, int n | + externalInitializerCall.getArgument(n).(AddressOfExpr).getOperand() = + instanceOfSomeStruct.getAnAccess() and + externalInitializerCall.getArgument(n) = castToCharPointer.getExpr() and + castToCharPointer.getType().(PointerType).getBaseType().getUnspecifiedType() instanceof + CharType and + result = externalInitializerCall + ) + or + // the object this subject is part of is initialized and we assumes this initializes the subobject. + instanceOfSomeStruct.getType() = someStruct and + result = instanceOfSomeStruct.getInitializer().getExpr() + ) +} + /** Gets a "use" count according to rule M0-1-4. */ int getUseCount(Variable v) { // We enforce that it's a POD type variable, so if it has an initializer it is explicit @@ -23,7 +61,7 @@ int getUseCount(Variable v) { // of the variable count(ClassTemplateInstantiation cti | cti.getTemplateArgument(_).(Expr).getValue() = getConstExprValue(v) - ) + ) + count(getIndirectSubObjectAssignedValue(v)) } Expr getAUserInitializedValue(Variable v) { diff --git a/cpp/autosar/test/rules/M0-1-4/test_member.cpp b/cpp/autosar/test/rules/M0-1-4/test_member.cpp index 8defc07f10..b82987c8a6 100644 --- a/cpp/autosar/test/rules/M0-1-4/test_member.cpp +++ b/cpp/autosar/test/rules/M0-1-4/test_member.cpp @@ -93,4 +93,41 @@ void test_array_initialized_members() { l1[0].m1; } + +void test_indirect_assigned_members(void *opaque) { + struct s1 { + int m1; // COMPLIANT + }; + + struct s1 *p = (struct s1 *)opaque; + p->m1; + + struct s2 { + int m1; // COMPLIANT + }; + + char buffer[sizeof(struct s2) + 8] = {0}; + struct s2 *l2 = (struct s2 *)&buffer[8]; + l2->m1; +} + +void test_external_assigned_members(void (*fp)(unsigned char *)) { + + struct s1 { + int m1; // COMPLIANT + }; + + struct s1 l1; + fp((unsigned char *)&l1); + l1.m1; + + struct s2 { + int m1; // COMPLIANT + }; + + struct s2 (*copy_init)(); + struct s2 l2 = copy_init(); + l2.m1; +} + } // namespace test \ No newline at end of file From c3a25d1e990b0e89323de1e1cace994304c66569 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 14 Feb 2024 17:15:43 -0800 Subject: [PATCH 1662/2573] Format title according to styleguide Program elements without a location must be surrounded by single quotes. --- .../rules/M0-1-4/SingleUseMemberPODVariable.ql | 2 +- .../M0-1-4/SingleUseMemberPODVariable.expected | 18 +++++++++--------- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/cpp/autosar/src/rules/M0-1-4/SingleUseMemberPODVariable.ql b/cpp/autosar/src/rules/M0-1-4/SingleUseMemberPODVariable.ql index 5ac8f30160..d691a7b0d2 100644 --- a/cpp/autosar/src/rules/M0-1-4/SingleUseMemberPODVariable.ql +++ b/cpp/autosar/src/rules/M0-1-4/SingleUseMemberPODVariable.ql @@ -24,5 +24,5 @@ where not isExcluded(v, DeadCodePackage::singleUseMemberPODVariableQuery()) and isSingleUseNonVolatilePODVariable(v) select v, - "Member POD variable " + v.getName() + " in " + v.getDeclaringType().getName() + " is only $@.", + "Member POD variable '" + v.getName() + "' in '" + v.getDeclaringType().getName() + "' is only $@.", getSingleUse(v), "used once" diff --git a/cpp/autosar/test/rules/M0-1-4/SingleUseMemberPODVariable.expected b/cpp/autosar/test/rules/M0-1-4/SingleUseMemberPODVariable.expected index f4309e7a4d..bfa053b318 100644 --- a/cpp/autosar/test/rules/M0-1-4/SingleUseMemberPODVariable.expected +++ b/cpp/autosar/test/rules/M0-1-4/SingleUseMemberPODVariable.expected @@ -1,9 +1,9 @@ -| test_global_or_namespace.cpp:16:7:16:7 | x | Member POD variable x in GA is only $@. | test_global_or_namespace.cpp:38:6:38:6 | x | used once | -| test_global_or_namespace.cpp:54:7:54:7 | x | Member POD variable x in N1A is only $@. | test_global_or_namespace.cpp:76:6:76:6 | x | used once | -| test_member.cpp:5:7:5:8 | m2 | Member POD variable m2 in A is only $@. | test_member.cpp:9:21:9:25 | constructor init of field m2 | used once | -| test_member.cpp:6:7:6:8 | m3 | Member POD variable m3 in A is only $@. | test_member.cpp:10:23:10:24 | m3 | used once | -| test_member.cpp:7:7:7:8 | m4 | Member POD variable m4 in A is only $@. | test_member.cpp:14:23:14:24 | m4 | used once | -| test_member.cpp:18:9:18:11 | sm1 | Member POD variable sm1 in s1 is only $@. | test_member.cpp:23:6:23:8 | sm1 | used once | -| test_member.cpp:36:7:36:8 | m1 | Member POD variable m1 in C is only $@. | test_member.cpp:39:21:39:22 | m1 | used once | -| test_member.cpp:37:7:37:8 | m2 | Member POD variable m2 in C is only $@. | test_member.cpp:46:5:46:6 | m2 | used once | -| test_member.cpp:55:5:55:6 | m3 | Member POD variable m3 in E is only $@. | test_member.cpp:56:27:56:32 | constructor init of field m3 | used once | +| test_global_or_namespace.cpp:16:7:16:7 | x | Member POD variable 'x' in 'GA' is only $@. | test_global_or_namespace.cpp:38:6:38:6 | x | used once | +| test_global_or_namespace.cpp:54:7:54:7 | x | Member POD variable 'x' in 'N1A' is only $@. | test_global_or_namespace.cpp:76:6:76:6 | x | used once | +| test_member.cpp:5:7:5:8 | m2 | Member POD variable 'm2' in 'A' is only $@. | test_member.cpp:9:21:9:25 | constructor init of field m2 | used once | +| test_member.cpp:6:7:6:8 | m3 | Member POD variable 'm3' in 'A' is only $@. | test_member.cpp:10:23:10:24 | m3 | used once | +| test_member.cpp:7:7:7:8 | m4 | Member POD variable 'm4' in 'A' is only $@. | test_member.cpp:14:23:14:24 | m4 | used once | +| test_member.cpp:18:9:18:11 | sm1 | Member POD variable 'sm1' in 's1' is only $@. | test_member.cpp:23:6:23:8 | sm1 | used once | +| test_member.cpp:36:7:36:8 | m1 | Member POD variable 'm1' in 'C' is only $@. | test_member.cpp:39:21:39:22 | m1 | used once | +| test_member.cpp:37:7:37:8 | m2 | Member POD variable 'm2' in 'C' is only $@. | test_member.cpp:46:5:46:6 | m2 | used once | +| test_member.cpp:55:5:55:6 | m3 | Member POD variable 'm3' in 'E' is only $@. | test_member.cpp:56:27:56:32 | constructor init of field m3 | used once | From e8197e25c1b6026bd7ec80db7d437a04404337ec Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 14 Feb 2024 17:27:26 -0800 Subject: [PATCH 1663/2573] Add changenote --- change_notes/2024-02-14-fix-fp-m0-1-4.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 change_notes/2024-02-14-fix-fp-m0-1-4.md diff --git a/change_notes/2024-02-14-fix-fp-m0-1-4.md b/change_notes/2024-02-14-fix-fp-m0-1-4.md new file mode 100644 index 0000000000..43aa9f5723 --- /dev/null +++ b/change_notes/2024-02-14-fix-fp-m0-1-4.md @@ -0,0 +1,4 @@ +- `M0-1-4` - `SingleUseMemberPODVariable.ql`: + - Address FP reported in #388. Include aggregrate initialization as a use of a member. + - Include indirect initialization of members. For example, casting a pointer to a buffer to a struct pointer. + - Reformat the alert message to adhere to the style-guide. \ No newline at end of file From e7388472b190f2029c6e338c2ca9181525d56851 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 14 Feb 2024 17:35:02 -0800 Subject: [PATCH 1664/2573] Format query --- cpp/autosar/src/rules/M0-1-4/SingleUseMemberPODVariable.ql | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/src/rules/M0-1-4/SingleUseMemberPODVariable.ql b/cpp/autosar/src/rules/M0-1-4/SingleUseMemberPODVariable.ql index d691a7b0d2..c1dd812e80 100644 --- a/cpp/autosar/src/rules/M0-1-4/SingleUseMemberPODVariable.ql +++ b/cpp/autosar/src/rules/M0-1-4/SingleUseMemberPODVariable.ql @@ -24,5 +24,5 @@ where not isExcluded(v, DeadCodePackage::singleUseMemberPODVariableQuery()) and isSingleUseNonVolatilePODVariable(v) select v, - "Member POD variable '" + v.getName() + "' in '" + v.getDeclaringType().getName() + "' is only $@.", - getSingleUse(v), "used once" + "Member POD variable '" + v.getName() + "' in '" + v.getDeclaringType().getName() + + "' is only $@.", getSingleUse(v), "used once" From 36d6150ba2b980d29596360aef0c58f3e6614963 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 20 Feb 2024 14:20:16 -0800 Subject: [PATCH 1665/2573] Remove commented-out code. --- cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll | 1 - 1 file changed, 1 deletion(-) diff --git a/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll b/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll index 25a040e3c2..83d78521a0 100644 --- a/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll +++ b/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll @@ -51,7 +51,6 @@ Expr getIndirectSubObjectAssignedValue(MemberVariable subobject) { /** Gets a "use" count according to rule M0-1-4. */ int getUseCount(Variable v) { // We enforce that it's a POD type variable, so if it has an initializer it is explicit - //v.getFile().getBaseName() = "test_member.cpp" and result = count(getAUserInitializedValue(v)) + count(VariableAccess access | access = v.getAnAccess() and not access.isCompilerGenerated()) + From 1c881e36dde8989268532ee54b76ceec5ae73817 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 21 Feb 2024 11:26:11 -0800 Subject: [PATCH 1666/2573] Rewrite INT34-C as an instance of undefined behavior. This is in preparation to share the guard validation with A4-7-1. --- ...ftedbyNegativeOrGreaterPrecisionOperand.ql | 90 +------------------ .../codingstandards/c/UndefinedBehavior.qll | 5 ++ cpp/common/src/codingstandards/cpp/Expr.qll | 8 ++ .../src/codingstandards/cpp/Function.qll | 10 +++ .../src/codingstandards/cpp/Literals.qll | 4 + cpp/common/src/codingstandards/cpp/Macro.qll | 7 ++ cpp/common/src/codingstandards/cpp/Type.qll | 11 +++ .../codingstandards/cpp/UndefinedBehavior.qll | 62 ++++++++++++- 8 files changed, 110 insertions(+), 87 deletions(-) create mode 100644 cpp/common/src/codingstandards/cpp/Function.qll diff --git a/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql b/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql index 80bd212aa2..57f9f01363 100644 --- a/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql +++ b/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql @@ -15,91 +15,9 @@ import codingstandards.c.cert import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis import semmle.code.cpp.valuenumbering.GlobalValueNumbering import semmle.code.cpp.controlflow.Guards +import codingstandards.cpp.UndefinedBehavior -/* - * Precision predicate based on a sample implementation from - * https://wiki.sei.cmu.edu/confluence/display/c/INT35-C.+Use+correct+integer+precisions - */ - -/** - * A function whose name is suggestive that it counts the number of bits set. - */ -class PopCount extends Function { - PopCount() { this.getName().toLowerCase().matches("%popc%nt%") } -} - -/** - * A macro which is suggestive that it is used to determine the precision of an integer. - */ -class PrecisionMacro extends Macro { - PrecisionMacro() { this.getName().toLowerCase().matches("precision") } -} - -class LiteralZero extends Literal { - LiteralZero() { this.getValue() = "0" } -} - -class BitShiftExpr extends BinaryBitwiseOperation { - BitShiftExpr() { - this instanceof LShiftExpr or - this instanceof RShiftExpr - } -} - -int getPrecision(IntegralType type) { - type.isExplicitlyUnsigned() and result = type.getSize() * 8 - or - type.isExplicitlySigned() and result = type.getSize() * 8 - 1 -} - -predicate isForbiddenShiftExpr(BitShiftExpr shift, string message) { - ( - ( - getPrecision(shift.getLeftOperand().getExplicitlyConverted().getUnderlyingType()) <= - upperBound(shift.getRightOperand()) and - message = - "The operand " + shift.getLeftOperand() + " is shifted by an expression " + - shift.getRightOperand() + " whose upper bound (" + upperBound(shift.getRightOperand()) + - ") is greater than or equal to the precision." - or - lowerBound(shift.getRightOperand()) < 0 and - message = - "The operand " + shift.getLeftOperand() + " is shifted by an expression " + - shift.getRightOperand() + " which may be negative." - ) and - /* - * Shift statement is not at a basic block where - * `shift_rhs < PRECISION(...)` is ensured - */ - - not exists(GuardCondition gc, BasicBlock block, Expr precisionCall, Expr lTLhs | - block = shift.getBasicBlock() and - ( - precisionCall.(FunctionCall).getTarget() instanceof PopCount - or - precisionCall = any(PrecisionMacro pm).getAnInvocation().getExpr() - ) - | - globalValueNumber(lTLhs) = globalValueNumber(shift.getRightOperand()) and - gc.ensuresLt(lTLhs, precisionCall, 0, block, true) - ) and - /* - * Shift statement is not at a basic block where - * `shift_rhs < 0` is ensured - */ - - not exists(GuardCondition gc, BasicBlock block, Expr literalZero, Expr lTLhs | - block = shift.getBasicBlock() and - literalZero instanceof LiteralZero - | - globalValueNumber(lTLhs) = globalValueNumber(shift.getRightOperand()) and - gc.ensuresLt(lTLhs, literalZero, 0, block, true) - ) - ) -} - -from BinaryBitwiseOperation badShift, string message +from ShiftByNegativeOrGreaterPrecisionOperand badShift where - not isExcluded(badShift, Types1Package::exprShiftedbyNegativeOrGreaterPrecisionOperandQuery()) and - isForbiddenShiftExpr(badShift, message) -select badShift, message + not isExcluded(badShift, Types1Package::exprShiftedbyNegativeOrGreaterPrecisionOperandQuery()) +select badShift, badShift.getReason() diff --git a/c/common/src/codingstandards/c/UndefinedBehavior.qll b/c/common/src/codingstandards/c/UndefinedBehavior.qll index 49b1ee3e5e..c058dc4cb5 100644 --- a/c/common/src/codingstandards/c/UndefinedBehavior.qll +++ b/c/common/src/codingstandards/c/UndefinedBehavior.qll @@ -25,4 +25,9 @@ class CUndefinedMainDefinition extends CUndefinedBehavior, Function { (this.getName() = "main" or this.getName().indexOf("____codeql_coding_standards") = 0) and not this instanceof C99MainFunction } + + override string getReason() { + result = "The behavior of the program is undefined because the main function is not defined according to the C standard." + } + } diff --git a/cpp/common/src/codingstandards/cpp/Expr.qll b/cpp/common/src/codingstandards/cpp/Expr.qll index 4ed50b4986..e2e1e1b2bf 100644 --- a/cpp/common/src/codingstandards/cpp/Expr.qll +++ b/cpp/common/src/codingstandards/cpp/Expr.qll @@ -180,3 +180,11 @@ module MisraExpr { CValue() { isCValue(this) } } } + +/** A class representing left and right bitwise shift operations. */ +class BitShiftExpr extends BinaryBitwiseOperation { + BitShiftExpr() { + this instanceof LShiftExpr or + this instanceof RShiftExpr + } +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/Function.qll b/cpp/common/src/codingstandards/cpp/Function.qll new file mode 100644 index 0000000000..d31afb1aaa --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/Function.qll @@ -0,0 +1,10 @@ +/** A module to reason about functions, such as well-known functions. */ + +import cpp + +/** + * A function whose name is suggestive that it counts the number of bits set. + */ +class PopCount extends Function { + PopCount() { this.getName().toLowerCase().matches("%popc%nt%") } +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/Literals.qll b/cpp/common/src/codingstandards/cpp/Literals.qll index d4e11154fa..82d091d3a5 100644 --- a/cpp/common/src/codingstandards/cpp/Literals.qll +++ b/cpp/common/src/codingstandards/cpp/Literals.qll @@ -28,3 +28,7 @@ class Utf16StringLiteral extends StringLiteral { class Utf32StringLiteral extends StringLiteral { Utf32StringLiteral() { this.getValueText().regexpMatch("(?s)\\s*U\".*") } } + +class LiteralZero extends Literal { + LiteralZero() { this.getValue() = "0" } +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/Macro.qll b/cpp/common/src/codingstandards/cpp/Macro.qll index 5760d65bd3..6514e957fb 100644 --- a/cpp/common/src/codingstandards/cpp/Macro.qll +++ b/cpp/common/src/codingstandards/cpp/Macro.qll @@ -88,3 +88,10 @@ class UserProvidedMacro extends Macro { class LibraryMacro extends Macro { LibraryMacro() { not this instanceof UserProvidedMacro } } + +/** + * A macro which is suggestive that it is used to determine the precision of an integer. + */ +class PrecisionMacro extends Macro { + PrecisionMacro() { this.getName().toLowerCase().matches("precision") } +} diff --git a/cpp/common/src/codingstandards/cpp/Type.qll b/cpp/common/src/codingstandards/cpp/Type.qll index a03790a38a..aa12277c78 100644 --- a/cpp/common/src/codingstandards/cpp/Type.qll +++ b/cpp/common/src/codingstandards/cpp/Type.qll @@ -59,3 +59,14 @@ Type stripSpecifiers(Type type) { then result = stripSpecifiers(type.(SpecifiedType).getBaseType()) else result = type } + +/** + * Get the precision of an integral type, where precision is defined as the number of bits + * that can be used to represent the numeric value. + * https://wiki.sei.cmu.edu/confluence/display/c/INT35-C.+Use+correct+integer+precisions + */ +int getPrecision(IntegralType type) { + type.isExplicitlyUnsigned() and result = type.getSize() * 8 + or + type.isExplicitlySigned() and result = type.getSize() * 8 - 1 +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/UndefinedBehavior.qll b/cpp/common/src/codingstandards/cpp/UndefinedBehavior.qll index 85e2f64612..41a119023b 100644 --- a/cpp/common/src/codingstandards/cpp/UndefinedBehavior.qll +++ b/cpp/common/src/codingstandards/cpp/UndefinedBehavior.qll @@ -1,8 +1,68 @@ import cpp +import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis +import semmle.code.cpp.valuenumbering.GlobalValueNumbering +import semmle.code.cpp.controlflow.Guards +import codingstandards.cpp.Literals +import codingstandards.cpp.Expr +import codingstandards.cpp.Macro +import codingstandards.cpp.Type +import codingstandards.cpp.Function /** * Library for modeling undefined behavior. */ -abstract class UndefinedBehavior extends Locatable { } +abstract class UndefinedBehavior extends Locatable { + abstract string getReason(); +} abstract class CPPUndefinedBehavior extends UndefinedBehavior { } + +class ShiftByNegativeOrGreaterPrecisionOperand extends UndefinedBehavior, BitShiftExpr { + string reason; + + ShiftByNegativeOrGreaterPrecisionOperand() { + ( + getPrecision(this.getLeftOperand().getExplicitlyConverted().getUnderlyingType()) <= + upperBound(this.getRightOperand()) and + reason = + "The operand " + this.getLeftOperand() + " is shifted by an expression " + + this.getRightOperand() + " whose upper bound (" + upperBound(this.getRightOperand()) + + ") is greater than or equal to the precision." + or + lowerBound(this.getRightOperand()) < 0 and + reason = + "The operand " + this.getLeftOperand() + " is shifted by an expression " + + this.getRightOperand() + " which may be negative." + ) and + /* + * this statement is not at a basic block where + * `this_rhs < PRECISION(...)` is ensured + */ + + not exists(GuardCondition gc, BasicBlock block, Expr precisionCall, Expr lTLhs | + block = this.getBasicBlock() and + ( + precisionCall.(FunctionCall).getTarget() instanceof PopCount + or + precisionCall = any(PrecisionMacro pm).getAnInvocation().getExpr() + ) + | + globalValueNumber(lTLhs) = globalValueNumber(this.getRightOperand()) and + gc.ensuresLt(lTLhs, precisionCall, 0, block, true) + ) and + /* + * this statement is not at a basic block where + * `this_rhs < 0` is ensured + */ + + not exists(GuardCondition gc, BasicBlock block, Expr literalZero, Expr lTLhs | + block = this.getBasicBlock() and + literalZero instanceof LiteralZero + | + globalValueNumber(lTLhs) = globalValueNumber(this.getRightOperand()) and + gc.ensuresLt(lTLhs, literalZero, 0, block, true) + ) + } + + override string getReason() { result = reason } +} From 8869b9e0b3fb82102a214fba8c0c559776bddb0e Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 21 Feb 2024 15:32:03 -0800 Subject: [PATCH 1667/2573] Include cases where both guards are required. The previous logic would succeed if any of the guards were present, but that wasn't sufficient in all cases. --- .../codingstandards/cpp/UndefinedBehavior.qll | 33 +++++++++---------- 1 file changed, 15 insertions(+), 18 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/UndefinedBehavior.qll b/cpp/common/src/codingstandards/cpp/UndefinedBehavior.qll index 41a119023b..ce4b625a2e 100644 --- a/cpp/common/src/codingstandards/cpp/UndefinedBehavior.qll +++ b/cpp/common/src/codingstandards/cpp/UndefinedBehavior.qll @@ -21,19 +21,12 @@ class ShiftByNegativeOrGreaterPrecisionOperand extends UndefinedBehavior, BitShi string reason; ShiftByNegativeOrGreaterPrecisionOperand() { - ( - getPrecision(this.getLeftOperand().getExplicitlyConverted().getUnderlyingType()) <= - upperBound(this.getRightOperand()) and - reason = - "The operand " + this.getLeftOperand() + " is shifted by an expression " + - this.getRightOperand() + " whose upper bound (" + upperBound(this.getRightOperand()) + - ") is greater than or equal to the precision." - or - lowerBound(this.getRightOperand()) < 0 and - reason = - "The operand " + this.getLeftOperand() + " is shifted by an expression " + - this.getRightOperand() + " which may be negative." - ) and + getPrecision(this.getLeftOperand().getExplicitlyConverted().getUnderlyingType()) <= + upperBound(this.getRightOperand()) and + reason = + "The operand " + this.getLeftOperand() + " is shifted by an expression " + + this.getRightOperand() + " whose upper bound (" + upperBound(this.getRightOperand()) + + ") is greater than or equal to the precision." and /* * this statement is not at a basic block where * `this_rhs < PRECISION(...)` is ensured @@ -49,18 +42,22 @@ class ShiftByNegativeOrGreaterPrecisionOperand extends UndefinedBehavior, BitShi | globalValueNumber(lTLhs) = globalValueNumber(this.getRightOperand()) and gc.ensuresLt(lTLhs, precisionCall, 0, block, true) - ) and + ) + or + lowerBound(this.getRightOperand()) < 0 and + reason = + "The operand " + this.getLeftOperand() + " is shifted by an expression " + + this.getRightOperand() + " which may be negative." and /* * this statement is not at a basic block where - * `this_rhs < 0` is ensured + * `this_rhs > 0` is ensured */ not exists(GuardCondition gc, BasicBlock block, Expr literalZero, Expr lTLhs | block = this.getBasicBlock() and - literalZero instanceof LiteralZero - | + literalZero instanceof LiteralZero and globalValueNumber(lTLhs) = globalValueNumber(this.getRightOperand()) and - gc.ensuresLt(lTLhs, literalZero, 0, block, true) + gc.ensuresLt(literalZero, lTLhs, 0, block, true) ) } From 8931f91f3440ab31dd6182a068565d779fcd7e28 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 21 Feb 2024 15:35:40 -0800 Subject: [PATCH 1668/2573] Reuse logic from INT34-C to detect guarded shifts --- .../IntegerExpressionLeadToDataLoss.expected | 3 +++ cpp/autosar/test/rules/A4-7-1/test.cpp | 25 +++++++++++++++++++ .../src/codingstandards/cpp/Overflow.qll | 6 ++++- 3 files changed, 33 insertions(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A4-7-1/IntegerExpressionLeadToDataLoss.expected b/cpp/autosar/test/rules/A4-7-1/IntegerExpressionLeadToDataLoss.expected index 17153b5a5b..9eb71ee301 100644 --- a/cpp/autosar/test/rules/A4-7-1/IntegerExpressionLeadToDataLoss.expected +++ b/cpp/autosar/test/rules/A4-7-1/IntegerExpressionLeadToDataLoss.expected @@ -10,3 +10,6 @@ | test.cpp:22:12:22:16 | ... + ... | Binary expression ...+... may overflow. | | test.cpp:50:7:50:14 | ... + ... | Binary expression ...+... may overflow. | | test.cpp:62:8:62:10 | ... ++ | Binary expression ...++... may overflow. | +| test.cpp:91:10:91:17 | ... << ... | Binary expression ...<<... may overflow. | +| test.cpp:95:10:95:17 | ... << ... | Binary expression ...<<... may overflow. | +| test.cpp:98:8:98:15 | ... << ... | Binary expression ...<<... may overflow. | diff --git a/cpp/autosar/test/rules/A4-7-1/test.cpp b/cpp/autosar/test/rules/A4-7-1/test.cpp index 9e3c27dec8..416a228311 100644 --- a/cpp/autosar/test/rules/A4-7-1/test.cpp +++ b/cpp/autosar/test/rules/A4-7-1/test.cpp @@ -72,4 +72,29 @@ void test_pointer() { int *p = nullptr; p++; // COMPLIANT - not covered by this rule p--; // COMPLIANT - not covered by this rule +} + +extern unsigned int popcount(unsigned int); +#define PRECISION(x) popcount(x) +void test_guarded_shifts(unsigned int p1, int p2) { + unsigned int l1; + + if (p2 < popcount(p1) && p2 > 0) { + l1 = p1 << p2; // COMPLIANT + } + + if (p2 < PRECISION(p1) && p2 > 0) { + l1 = p1 << p2; // COMPLIANT + } + + if (p2 < popcount(p1)) { + l1 = p1 << p2; // NON_COMPLIANT - p2 could be negative + } + + if (p2 > 0) { + l1 = p1 << p2; // NON_COMPLIANT - p2 could have a higher precision + } + + l1 = p1 << p2; // NON_COMPLIANT - p2 may have a higher precision or could be + // negative } \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/Overflow.qll b/cpp/common/src/codingstandards/cpp/Overflow.qll index 3de3a43bf6..dca1386513 100644 --- a/cpp/common/src/codingstandards/cpp/Overflow.qll +++ b/cpp/common/src/codingstandards/cpp/Overflow.qll @@ -8,6 +8,8 @@ import SimpleRangeAnalysisCustomizations import semmle.code.cpp.controlflow.Guards import codingstandards.cpp.dataflow.TaintTracking import semmle.code.cpp.valuenumbering.GlobalValueNumbering +import codingstandards.cpp.Expr +import codingstandards.cpp.UndefinedBehavior /** * An integer operation that may overflow, underflow or wrap. @@ -40,7 +42,9 @@ class InterestingOverflowingOperation extends Operation { // Not within a macro not this.isAffectedByMacro() and // Ignore pointer arithmetic - not this instanceof PointerArithmeticOperation + not this instanceof PointerArithmeticOperation and + // In case of the shift operation, it must cause undefined behavior + (this instanceof BitShiftExpr implies this instanceof ShiftByNegativeOrGreaterPrecisionOperand) } /** From 97f38d3fe55e71830e39ef61acbbb2e856bbd4e9 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 21 Feb 2024 15:36:48 -0800 Subject: [PATCH 1669/2573] Address query formatting --- .../INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql | 3 +-- cpp/common/src/codingstandards/cpp/Function.qll | 2 +- cpp/common/src/codingstandards/cpp/Type.qll | 2 +- 3 files changed, 3 insertions(+), 4 deletions(-) diff --git a/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql b/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql index 57f9f01363..d6445d4937 100644 --- a/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql +++ b/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql @@ -18,6 +18,5 @@ import semmle.code.cpp.controlflow.Guards import codingstandards.cpp.UndefinedBehavior from ShiftByNegativeOrGreaterPrecisionOperand badShift -where - not isExcluded(badShift, Types1Package::exprShiftedbyNegativeOrGreaterPrecisionOperandQuery()) +where not isExcluded(badShift, Types1Package::exprShiftedbyNegativeOrGreaterPrecisionOperandQuery()) select badShift, badShift.getReason() diff --git a/cpp/common/src/codingstandards/cpp/Function.qll b/cpp/common/src/codingstandards/cpp/Function.qll index d31afb1aaa..c96fcbd840 100644 --- a/cpp/common/src/codingstandards/cpp/Function.qll +++ b/cpp/common/src/codingstandards/cpp/Function.qll @@ -7,4 +7,4 @@ import cpp */ class PopCount extends Function { PopCount() { this.getName().toLowerCase().matches("%popc%nt%") } -} \ No newline at end of file +} diff --git a/cpp/common/src/codingstandards/cpp/Type.qll b/cpp/common/src/codingstandards/cpp/Type.qll index aa12277c78..4199b4a12d 100644 --- a/cpp/common/src/codingstandards/cpp/Type.qll +++ b/cpp/common/src/codingstandards/cpp/Type.qll @@ -69,4 +69,4 @@ int getPrecision(IntegralType type) { type.isExplicitlyUnsigned() and result = type.getSize() * 8 or type.isExplicitlySigned() and result = type.getSize() * 8 - 1 -} \ No newline at end of file +} From 2449ca6aace26b7645d5d2bfe0aa8085ceb88f45 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 21 Feb 2024 15:39:41 -0800 Subject: [PATCH 1670/2573] Add changenote --- change_notes/2024-02-21-fix-reported-fp-a4-7-1.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 change_notes/2024-02-21-fix-reported-fp-a4-7-1.md diff --git a/change_notes/2024-02-21-fix-reported-fp-a4-7-1.md b/change_notes/2024-02-21-fix-reported-fp-a4-7-1.md new file mode 100644 index 0000000000..36f5fb8040 --- /dev/null +++ b/change_notes/2024-02-21-fix-reported-fp-a4-7-1.md @@ -0,0 +1,2 @@ +- `A4-7-1` - `IntegerExpressionLeadToDataLoss.ql`: + - Address reported FP in #396. Exclude shift operations guarded to prevent undefined behavior that could lead to dataloss. \ No newline at end of file From c5c850922c67e99f5cf8975191c1d419bb2b4261 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 21 Feb 2024 16:07:18 -0800 Subject: [PATCH 1671/2573] Format the alert message according to the style-guide. --- ...NegativeOrGreaterPrecisionOperand.expected | 318 +++++++++--------- .../2024-02-21-fix-reported-fp-a4-7-1.md | 4 +- .../codingstandards/cpp/UndefinedBehavior.qll | 8 +- 3 files changed, 166 insertions(+), 164 deletions(-) diff --git a/c/cert/test/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.expected b/c/cert/test/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.expected index 0cd42bb3e0..dc92d0f1be 100644 --- a/c/cert/test/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.expected +++ b/c/cert/test/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.expected @@ -1,159 +1,159 @@ -| test.c:43:3:43:14 | ... << ... | The operand lhs0 is shifted by an expression rhs0 whose upper bound (8) is greater than or equal to the precision. | -| test.c:47:3:47:14 | ... << ... | The operand lhs0 is shifted by an expression rhs3 whose upper bound (16) is greater than or equal to the precision. | -| test.c:49:3:49:14 | ... << ... | The operand lhs0 is shifted by an expression rhs4 whose upper bound (15) is greater than or equal to the precision. | -| test.c:51:3:51:14 | ... << ... | The operand lhs0 is shifted by an expression rhs5 whose upper bound (15) is greater than or equal to the precision. | -| test.c:53:3:53:14 | ... << ... | The operand lhs0 is shifted by an expression rhs6 whose upper bound (32) is greater than or equal to the precision. | -| test.c:55:3:55:14 | ... << ... | The operand lhs0 is shifted by an expression rhs7 whose upper bound (31) is greater than or equal to the precision. | -| test.c:57:3:57:14 | ... << ... | The operand lhs0 is shifted by an expression rhs8 whose upper bound (31) is greater than or equal to the precision. | -| test.c:59:3:59:14 | ... << ... | The operand lhs0 is shifted by an expression rhs9 whose upper bound (32) is greater than or equal to the precision. | -| test.c:61:3:61:15 | ... << ... | The operand lhs0 is shifted by an expression rhs10 whose upper bound (31) is greater than or equal to the precision. | -| test.c:63:3:63:15 | ... << ... | The operand lhs0 is shifted by an expression rhs11 whose upper bound (31) is greater than or equal to the precision. | -| test.c:65:3:65:15 | ... << ... | The operand lhs0 is shifted by an expression rhs12 whose upper bound (64) is greater than or equal to the precision. | -| test.c:67:3:67:15 | ... << ... | The operand lhs0 is shifted by an expression rhs13 whose upper bound (63) is greater than or equal to the precision. | -| test.c:69:3:69:15 | ... << ... | The operand lhs0 is shifted by an expression rhs14 whose upper bound (63) is greater than or equal to the precision. | -| test.c:71:3:71:14 | ... << ... | The operand lhs1 is shifted by an expression rhs0 whose upper bound (8) is greater than or equal to the precision. | -| test.c:73:3:73:14 | ... << ... | The operand lhs1 is shifted by an expression rhs1 whose upper bound (7) is greater than or equal to the precision. | -| test.c:75:3:75:14 | ... << ... | The operand lhs1 is shifted by an expression rhs2 whose upper bound (7) is greater than or equal to the precision. | -| test.c:77:3:77:14 | ... << ... | The operand lhs1 is shifted by an expression rhs3 whose upper bound (16) is greater than or equal to the precision. | -| test.c:79:3:79:14 | ... << ... | The operand lhs1 is shifted by an expression rhs4 whose upper bound (15) is greater than or equal to the precision. | -| test.c:81:3:81:14 | ... << ... | The operand lhs1 is shifted by an expression rhs5 whose upper bound (15) is greater than or equal to the precision. | -| test.c:83:3:83:14 | ... << ... | The operand lhs1 is shifted by an expression rhs6 whose upper bound (32) is greater than or equal to the precision. | -| test.c:85:3:85:14 | ... << ... | The operand lhs1 is shifted by an expression rhs7 whose upper bound (31) is greater than or equal to the precision. | -| test.c:87:3:87:14 | ... << ... | The operand lhs1 is shifted by an expression rhs8 whose upper bound (31) is greater than or equal to the precision. | -| test.c:89:3:89:14 | ... << ... | The operand lhs1 is shifted by an expression rhs9 whose upper bound (32) is greater than or equal to the precision. | -| test.c:91:3:91:15 | ... << ... | The operand lhs1 is shifted by an expression rhs10 whose upper bound (31) is greater than or equal to the precision. | -| test.c:93:3:93:15 | ... << ... | The operand lhs1 is shifted by an expression rhs11 whose upper bound (31) is greater than or equal to the precision. | -| test.c:95:3:95:15 | ... << ... | The operand lhs1 is shifted by an expression rhs12 whose upper bound (64) is greater than or equal to the precision. | -| test.c:97:3:97:15 | ... << ... | The operand lhs1 is shifted by an expression rhs13 whose upper bound (63) is greater than or equal to the precision. | -| test.c:99:3:99:15 | ... << ... | The operand lhs1 is shifted by an expression rhs14 whose upper bound (63) is greater than or equal to the precision. | -| test.c:134:3:134:14 | ... << ... | The operand lhs3 is shifted by an expression rhs3 whose upper bound (16) is greater than or equal to the precision. | -| test.c:138:3:138:14 | ... << ... | The operand lhs3 is shifted by an expression rhs6 whose upper bound (32) is greater than or equal to the precision. | -| test.c:140:3:140:14 | ... << ... | The operand lhs3 is shifted by an expression rhs7 whose upper bound (31) is greater than or equal to the precision. | -| test.c:142:3:142:14 | ... << ... | The operand lhs3 is shifted by an expression rhs8 whose upper bound (31) is greater than or equal to the precision. | -| test.c:144:3:144:14 | ... << ... | The operand lhs3 is shifted by an expression rhs9 whose upper bound (32) is greater than or equal to the precision. | -| test.c:146:3:146:15 | ... << ... | The operand lhs3 is shifted by an expression rhs10 whose upper bound (31) is greater than or equal to the precision. | -| test.c:148:3:148:15 | ... << ... | The operand lhs3 is shifted by an expression rhs11 whose upper bound (31) is greater than or equal to the precision. | -| test.c:150:3:150:15 | ... << ... | The operand lhs3 is shifted by an expression rhs12 whose upper bound (64) is greater than or equal to the precision. | -| test.c:152:3:152:15 | ... << ... | The operand lhs3 is shifted by an expression rhs13 whose upper bound (63) is greater than or equal to the precision. | -| test.c:154:3:154:15 | ... << ... | The operand lhs3 is shifted by an expression rhs14 whose upper bound (63) is greater than or equal to the precision. | -| test.c:159:3:159:14 | ... << ... | The operand lhs4 is shifted by an expression rhs3 whose upper bound (16) is greater than or equal to the precision. | -| test.c:161:3:161:14 | ... << ... | The operand lhs4 is shifted by an expression rhs4 whose upper bound (15) is greater than or equal to the precision. | -| test.c:163:3:163:14 | ... << ... | The operand lhs4 is shifted by an expression rhs5 whose upper bound (15) is greater than or equal to the precision. | -| test.c:165:3:165:14 | ... << ... | The operand lhs4 is shifted by an expression rhs6 whose upper bound (32) is greater than or equal to the precision. | -| test.c:167:3:167:14 | ... << ... | The operand lhs4 is shifted by an expression rhs7 whose upper bound (31) is greater than or equal to the precision. | -| test.c:169:3:169:14 | ... << ... | The operand lhs4 is shifted by an expression rhs8 whose upper bound (31) is greater than or equal to the precision. | -| test.c:171:3:171:14 | ... << ... | The operand lhs4 is shifted by an expression rhs9 whose upper bound (32) is greater than or equal to the precision. | -| test.c:173:3:173:15 | ... << ... | The operand lhs4 is shifted by an expression rhs10 whose upper bound (31) is greater than or equal to the precision. | -| test.c:175:3:175:15 | ... << ... | The operand lhs4 is shifted by an expression rhs11 whose upper bound (31) is greater than or equal to the precision. | -| test.c:177:3:177:15 | ... << ... | The operand lhs4 is shifted by an expression rhs12 whose upper bound (64) is greater than or equal to the precision. | -| test.c:179:3:179:15 | ... << ... | The operand lhs4 is shifted by an expression rhs13 whose upper bound (63) is greater than or equal to the precision. | -| test.c:181:3:181:15 | ... << ... | The operand lhs4 is shifted by an expression rhs14 whose upper bound (63) is greater than or equal to the precision. | -| test.c:216:3:216:14 | ... << ... | The operand lhs6 is shifted by an expression rhs6 whose upper bound (32) is greater than or equal to the precision. | -| test.c:220:3:220:14 | ... << ... | The operand lhs6 is shifted by an expression rhs9 whose upper bound (32) is greater than or equal to the precision. | -| test.c:224:3:224:15 | ... << ... | The operand lhs6 is shifted by an expression rhs12 whose upper bound (64) is greater than or equal to the precision. | -| test.c:226:3:226:15 | ... << ... | The operand lhs6 is shifted by an expression rhs13 whose upper bound (63) is greater than or equal to the precision. | -| test.c:228:3:228:15 | ... << ... | The operand lhs6 is shifted by an expression rhs14 whose upper bound (63) is greater than or equal to the precision. | -| test.c:236:3:236:14 | ... << ... | The operand lhs7 is shifted by an expression rhs6 whose upper bound (32) is greater than or equal to the precision. | -| test.c:238:3:238:14 | ... << ... | The operand lhs7 is shifted by an expression rhs7 whose upper bound (31) is greater than or equal to the precision. | -| test.c:240:3:240:14 | ... << ... | The operand lhs7 is shifted by an expression rhs8 whose upper bound (31) is greater than or equal to the precision. | -| test.c:242:3:242:14 | ... << ... | The operand lhs7 is shifted by an expression rhs9 whose upper bound (32) is greater than or equal to the precision. | -| test.c:244:3:244:15 | ... << ... | The operand lhs7 is shifted by an expression rhs10 whose upper bound (31) is greater than or equal to the precision. | -| test.c:246:3:246:15 | ... << ... | The operand lhs7 is shifted by an expression rhs11 whose upper bound (31) is greater than or equal to the precision. | -| test.c:248:3:248:15 | ... << ... | The operand lhs7 is shifted by an expression rhs12 whose upper bound (64) is greater than or equal to the precision. | -| test.c:250:3:250:15 | ... << ... | The operand lhs7 is shifted by an expression rhs13 whose upper bound (63) is greater than or equal to the precision. | -| test.c:252:3:252:15 | ... << ... | The operand lhs7 is shifted by an expression rhs14 whose upper bound (63) is greater than or equal to the precision. | -| test.c:292:3:292:15 | ... << ... | The operand lhs9 is shifted by an expression rhs12 whose upper bound (64) is greater than or equal to the precision. | -| test.c:316:3:316:16 | ... << ... | The operand lhs10 is shifted by an expression rhs12 whose upper bound (64) is greater than or equal to the precision. | -| test.c:318:3:318:16 | ... << ... | The operand lhs10 is shifted by an expression rhs13 whose upper bound (63) is greater than or equal to the precision. | -| test.c:320:3:320:16 | ... << ... | The operand lhs10 is shifted by an expression rhs14 whose upper bound (63) is greater than or equal to the precision. | -| test.c:358:3:358:16 | ... << ... | The operand lhs12 is shifted by an expression rhs12 whose upper bound (64) is greater than or equal to the precision. | -| test.c:374:3:374:16 | ... << ... | The operand lhs13 is shifted by an expression rhs12 whose upper bound (64) is greater than or equal to the precision. | -| test.c:376:3:376:16 | ... << ... | The operand lhs13 is shifted by an expression rhs13 whose upper bound (63) is greater than or equal to the precision. | -| test.c:378:3:378:16 | ... << ... | The operand lhs13 is shifted by an expression rhs14 whose upper bound (63) is greater than or equal to the precision. | -| test.c:1579:3:1580:10 | ... >> ... | The operand lhs0 is shifted by an expression rhs0 whose upper bound (8) is greater than or equal to the precision. | -| test.c:1583:3:1584:10 | ... >> ... | The operand lhs0 is shifted by an expression rhs3 whose upper bound (16) is greater than or equal to the precision. | -| test.c:1585:3:1586:10 | ... >> ... | The operand lhs0 is shifted by an expression rhs4 whose upper bound (15) is greater than or equal to the precision. | -| test.c:1587:3:1588:10 | ... >> ... | The operand lhs0 is shifted by an expression rhs5 whose upper bound (15) is greater than or equal to the precision. | -| test.c:1589:3:1590:10 | ... >> ... | The operand lhs0 is shifted by an expression rhs6 whose upper bound (32) is greater than or equal to the precision. | -| test.c:1591:3:1592:10 | ... >> ... | The operand lhs0 is shifted by an expression rhs7 whose upper bound (31) is greater than or equal to the precision. | -| test.c:1593:3:1594:10 | ... >> ... | The operand lhs0 is shifted by an expression rhs8 whose upper bound (31) is greater than or equal to the precision. | -| test.c:1595:3:1596:10 | ... >> ... | The operand lhs0 is shifted by an expression rhs9 whose upper bound (32) is greater than or equal to the precision. | -| test.c:1597:3:1597:15 | ... >> ... | The operand lhs0 is shifted by an expression rhs10 whose upper bound (31) is greater than or equal to the precision. | -| test.c:1599:3:1599:15 | ... >> ... | The operand lhs0 is shifted by an expression rhs11 whose upper bound (31) is greater than or equal to the precision. | -| test.c:1601:3:1601:15 | ... >> ... | The operand lhs0 is shifted by an expression rhs12 whose upper bound (64) is greater than or equal to the precision. | -| test.c:1603:3:1603:15 | ... >> ... | The operand lhs0 is shifted by an expression rhs13 whose upper bound (63) is greater than or equal to the precision. | -| test.c:1605:3:1605:15 | ... >> ... | The operand lhs0 is shifted by an expression rhs14 whose upper bound (63) is greater than or equal to the precision. | -| test.c:1607:3:1608:10 | ... >> ... | The operand lhs1 is shifted by an expression rhs0 whose upper bound (8) is greater than or equal to the precision. | -| test.c:1609:3:1610:10 | ... >> ... | The operand lhs1 is shifted by an expression rhs1 whose upper bound (7) is greater than or equal to the precision. | -| test.c:1611:3:1612:10 | ... >> ... | The operand lhs1 is shifted by an expression rhs2 whose upper bound (7) is greater than or equal to the precision. | -| test.c:1613:3:1614:10 | ... >> ... | The operand lhs1 is shifted by an expression rhs3 whose upper bound (16) is greater than or equal to the precision. | -| test.c:1615:3:1616:10 | ... >> ... | The operand lhs1 is shifted by an expression rhs4 whose upper bound (15) is greater than or equal to the precision. | -| test.c:1617:3:1618:10 | ... >> ... | The operand lhs1 is shifted by an expression rhs5 whose upper bound (15) is greater than or equal to the precision. | -| test.c:1619:3:1620:10 | ... >> ... | The operand lhs1 is shifted by an expression rhs6 whose upper bound (32) is greater than or equal to the precision. | -| test.c:1621:3:1622:10 | ... >> ... | The operand lhs1 is shifted by an expression rhs7 whose upper bound (31) is greater than or equal to the precision. | -| test.c:1623:3:1624:10 | ... >> ... | The operand lhs1 is shifted by an expression rhs8 whose upper bound (31) is greater than or equal to the precision. | -| test.c:1625:3:1626:10 | ... >> ... | The operand lhs1 is shifted by an expression rhs9 whose upper bound (32) is greater than or equal to the precision. | -| test.c:1627:3:1627:15 | ... >> ... | The operand lhs1 is shifted by an expression rhs10 whose upper bound (31) is greater than or equal to the precision. | -| test.c:1629:3:1629:15 | ... >> ... | The operand lhs1 is shifted by an expression rhs11 whose upper bound (31) is greater than or equal to the precision. | -| test.c:1631:3:1631:15 | ... >> ... | The operand lhs1 is shifted by an expression rhs12 whose upper bound (64) is greater than or equal to the precision. | -| test.c:1633:3:1633:15 | ... >> ... | The operand lhs1 is shifted by an expression rhs13 whose upper bound (63) is greater than or equal to the precision. | -| test.c:1635:3:1635:15 | ... >> ... | The operand lhs1 is shifted by an expression rhs14 whose upper bound (63) is greater than or equal to the precision. | -| test.c:1670:3:1671:10 | ... >> ... | The operand lhs3 is shifted by an expression rhs3 whose upper bound (16) is greater than or equal to the precision. | -| test.c:1674:3:1675:10 | ... >> ... | The operand lhs3 is shifted by an expression rhs6 whose upper bound (32) is greater than or equal to the precision. | -| test.c:1676:3:1677:10 | ... >> ... | The operand lhs3 is shifted by an expression rhs7 whose upper bound (31) is greater than or equal to the precision. | -| test.c:1678:3:1679:10 | ... >> ... | The operand lhs3 is shifted by an expression rhs8 whose upper bound (31) is greater than or equal to the precision. | -| test.c:1680:3:1681:10 | ... >> ... | The operand lhs3 is shifted by an expression rhs9 whose upper bound (32) is greater than or equal to the precision. | -| test.c:1682:3:1682:15 | ... >> ... | The operand lhs3 is shifted by an expression rhs10 whose upper bound (31) is greater than or equal to the precision. | -| test.c:1684:3:1684:15 | ... >> ... | The operand lhs3 is shifted by an expression rhs11 whose upper bound (31) is greater than or equal to the precision. | -| test.c:1686:3:1686:15 | ... >> ... | The operand lhs3 is shifted by an expression rhs12 whose upper bound (64) is greater than or equal to the precision. | -| test.c:1688:3:1688:15 | ... >> ... | The operand lhs3 is shifted by an expression rhs13 whose upper bound (63) is greater than or equal to the precision. | -| test.c:1690:3:1690:15 | ... >> ... | The operand lhs3 is shifted by an expression rhs14 whose upper bound (63) is greater than or equal to the precision. | -| test.c:1695:3:1696:10 | ... >> ... | The operand lhs4 is shifted by an expression rhs3 whose upper bound (16) is greater than or equal to the precision. | -| test.c:1697:3:1698:10 | ... >> ... | The operand lhs4 is shifted by an expression rhs4 whose upper bound (15) is greater than or equal to the precision. | -| test.c:1699:3:1700:10 | ... >> ... | The operand lhs4 is shifted by an expression rhs5 whose upper bound (15) is greater than or equal to the precision. | -| test.c:1701:3:1702:10 | ... >> ... | The operand lhs4 is shifted by an expression rhs6 whose upper bound (32) is greater than or equal to the precision. | -| test.c:1703:3:1704:10 | ... >> ... | The operand lhs4 is shifted by an expression rhs7 whose upper bound (31) is greater than or equal to the precision. | -| test.c:1705:3:1706:10 | ... >> ... | The operand lhs4 is shifted by an expression rhs8 whose upper bound (31) is greater than or equal to the precision. | -| test.c:1707:3:1708:10 | ... >> ... | The operand lhs4 is shifted by an expression rhs9 whose upper bound (32) is greater than or equal to the precision. | -| test.c:1709:3:1709:15 | ... >> ... | The operand lhs4 is shifted by an expression rhs10 whose upper bound (31) is greater than or equal to the precision. | -| test.c:1711:3:1711:15 | ... >> ... | The operand lhs4 is shifted by an expression rhs11 whose upper bound (31) is greater than or equal to the precision. | -| test.c:1713:3:1713:15 | ... >> ... | The operand lhs4 is shifted by an expression rhs12 whose upper bound (64) is greater than or equal to the precision. | -| test.c:1715:3:1715:15 | ... >> ... | The operand lhs4 is shifted by an expression rhs13 whose upper bound (63) is greater than or equal to the precision. | -| test.c:1717:3:1717:15 | ... >> ... | The operand lhs4 is shifted by an expression rhs14 whose upper bound (63) is greater than or equal to the precision. | -| test.c:1752:3:1753:10 | ... >> ... | The operand lhs6 is shifted by an expression rhs6 whose upper bound (32) is greater than or equal to the precision. | -| test.c:1756:3:1757:10 | ... >> ... | The operand lhs6 is shifted by an expression rhs9 whose upper bound (32) is greater than or equal to the precision. | -| test.c:1760:3:1760:15 | ... >> ... | The operand lhs6 is shifted by an expression rhs12 whose upper bound (64) is greater than or equal to the precision. | -| test.c:1762:3:1762:15 | ... >> ... | The operand lhs6 is shifted by an expression rhs13 whose upper bound (63) is greater than or equal to the precision. | -| test.c:1764:3:1764:15 | ... >> ... | The operand lhs6 is shifted by an expression rhs14 whose upper bound (63) is greater than or equal to the precision. | -| test.c:1772:3:1773:10 | ... >> ... | The operand lhs7 is shifted by an expression rhs6 whose upper bound (32) is greater than or equal to the precision. | -| test.c:1774:3:1775:10 | ... >> ... | The operand lhs7 is shifted by an expression rhs7 whose upper bound (31) is greater than or equal to the precision. | -| test.c:1776:3:1777:10 | ... >> ... | The operand lhs7 is shifted by an expression rhs8 whose upper bound (31) is greater than or equal to the precision. | -| test.c:1778:3:1779:10 | ... >> ... | The operand lhs7 is shifted by an expression rhs9 whose upper bound (32) is greater than or equal to the precision. | -| test.c:1780:3:1780:15 | ... >> ... | The operand lhs7 is shifted by an expression rhs10 whose upper bound (31) is greater than or equal to the precision. | -| test.c:1782:3:1782:15 | ... >> ... | The operand lhs7 is shifted by an expression rhs11 whose upper bound (31) is greater than or equal to the precision. | -| test.c:1784:3:1784:15 | ... >> ... | The operand lhs7 is shifted by an expression rhs12 whose upper bound (64) is greater than or equal to the precision. | -| test.c:1786:3:1786:15 | ... >> ... | The operand lhs7 is shifted by an expression rhs13 whose upper bound (63) is greater than or equal to the precision. | -| test.c:1788:3:1788:15 | ... >> ... | The operand lhs7 is shifted by an expression rhs14 whose upper bound (63) is greater than or equal to the precision. | -| test.c:1828:3:1828:15 | ... >> ... | The operand lhs9 is shifted by an expression rhs12 whose upper bound (64) is greater than or equal to the precision. | -| test.c:1852:3:1852:16 | ... >> ... | The operand lhs10 is shifted by an expression rhs12 whose upper bound (64) is greater than or equal to the precision. | -| test.c:1854:3:1854:16 | ... >> ... | The operand lhs10 is shifted by an expression rhs13 whose upper bound (63) is greater than or equal to the precision. | -| test.c:1856:3:1856:16 | ... >> ... | The operand lhs10 is shifted by an expression rhs14 whose upper bound (63) is greater than or equal to the precision. | -| test.c:1894:3:1894:16 | ... >> ... | The operand lhs12 is shifted by an expression rhs12 whose upper bound (64) is greater than or equal to the precision. | -| test.c:1910:3:1910:16 | ... >> ... | The operand lhs13 is shifted by an expression rhs12 whose upper bound (64) is greater than or equal to the precision. | -| test.c:1912:3:1912:16 | ... >> ... | The operand lhs13 is shifted by an expression rhs13 whose upper bound (63) is greater than or equal to the precision. | -| test.c:1914:3:1914:16 | ... >> ... | The operand lhs13 is shifted by an expression rhs14 whose upper bound (63) is greater than or equal to the precision. | -| test.c:3115:3:3115:12 | ... << ... | The operand lhs0 is shifted by an expression - ... which may be negative. | -| test.c:3116:3:3116:12 | ... << ... | The operand lhs1 is shifted by an expression - ... which may be negative. | -| test.c:3117:3:3117:12 | ... << ... | The operand lhs2 is shifted by an expression - ... which may be negative. | -| test.c:3118:3:3118:12 | ... << ... | The operand lhs3 is shifted by an expression - ... which may be negative. | -| test.c:3119:3:3119:12 | ... << ... | The operand lhs4 is shifted by an expression - ... which may be negative. | -| test.c:3120:3:3120:12 | ... << ... | The operand lhs5 is shifted by an expression - ... which may be negative. | -| test.c:3121:3:3121:12 | ... << ... | The operand lhs6 is shifted by an expression - ... which may be negative. | -| test.c:3122:3:3122:12 | ... << ... | The operand lhs7 is shifted by an expression - ... which may be negative. | -| test.c:3123:3:3123:12 | ... << ... | The operand lhs8 is shifted by an expression - ... which may be negative. | -| test.c:3124:3:3124:12 | ... << ... | The operand lhs9 is shifted by an expression - ... which may be negative. | -| test.c:3125:3:3125:13 | ... << ... | The operand lhs10 is shifted by an expression - ... which may be negative. | -| test.c:3126:3:3126:13 | ... << ... | The operand lhs11 is shifted by an expression - ... which may be negative. | -| test.c:3127:3:3127:13 | ... << ... | The operand lhs12 is shifted by an expression - ... which may be negative. | -| test.c:3128:3:3128:13 | ... << ... | The operand lhs13 is shifted by an expression - ... which may be negative. | -| test.c:3129:3:3129:13 | ... << ... | The operand lhs14 is shifted by an expression - ... which may be negative. | +| test.c:43:3:43:14 | ... << ... | The operand 'lhs0' is shifted by an expression 'rhs0' whose upper bound (8) is greater than or equal to the precision. | +| test.c:47:3:47:14 | ... << ... | The operand 'lhs0' is shifted by an expression 'rhs3' whose upper bound (16) is greater than or equal to the precision. | +| test.c:49:3:49:14 | ... << ... | The operand 'lhs0' is shifted by an expression 'rhs4' whose upper bound (15) is greater than or equal to the precision. | +| test.c:51:3:51:14 | ... << ... | The operand 'lhs0' is shifted by an expression 'rhs5' whose upper bound (15) is greater than or equal to the precision. | +| test.c:53:3:53:14 | ... << ... | The operand 'lhs0' is shifted by an expression 'rhs6' whose upper bound (32) is greater than or equal to the precision. | +| test.c:55:3:55:14 | ... << ... | The operand 'lhs0' is shifted by an expression 'rhs7' whose upper bound (31) is greater than or equal to the precision. | +| test.c:57:3:57:14 | ... << ... | The operand 'lhs0' is shifted by an expression 'rhs8' whose upper bound (31) is greater than or equal to the precision. | +| test.c:59:3:59:14 | ... << ... | The operand 'lhs0' is shifted by an expression 'rhs9' whose upper bound (32) is greater than or equal to the precision. | +| test.c:61:3:61:15 | ... << ... | The operand 'lhs0' is shifted by an expression 'rhs10' whose upper bound (31) is greater than or equal to the precision. | +| test.c:63:3:63:15 | ... << ... | The operand 'lhs0' is shifted by an expression 'rhs11' whose upper bound (31) is greater than or equal to the precision. | +| test.c:65:3:65:15 | ... << ... | The operand 'lhs0' is shifted by an expression 'rhs12' whose upper bound (64) is greater than or equal to the precision. | +| test.c:67:3:67:15 | ... << ... | The operand 'lhs0' is shifted by an expression 'rhs13' whose upper bound (63) is greater than or equal to the precision. | +| test.c:69:3:69:15 | ... << ... | The operand 'lhs0' is shifted by an expression 'rhs14' whose upper bound (63) is greater than or equal to the precision. | +| test.c:71:3:71:14 | ... << ... | The operand 'lhs1' is shifted by an expression 'rhs0' whose upper bound (8) is greater than or equal to the precision. | +| test.c:73:3:73:14 | ... << ... | The operand 'lhs1' is shifted by an expression 'rhs1' whose upper bound (7) is greater than or equal to the precision. | +| test.c:75:3:75:14 | ... << ... | The operand 'lhs1' is shifted by an expression 'rhs2' whose upper bound (7) is greater than or equal to the precision. | +| test.c:77:3:77:14 | ... << ... | The operand 'lhs1' is shifted by an expression 'rhs3' whose upper bound (16) is greater than or equal to the precision. | +| test.c:79:3:79:14 | ... << ... | The operand 'lhs1' is shifted by an expression 'rhs4' whose upper bound (15) is greater than or equal to the precision. | +| test.c:81:3:81:14 | ... << ... | The operand 'lhs1' is shifted by an expression 'rhs5' whose upper bound (15) is greater than or equal to the precision. | +| test.c:83:3:83:14 | ... << ... | The operand 'lhs1' is shifted by an expression 'rhs6' whose upper bound (32) is greater than or equal to the precision. | +| test.c:85:3:85:14 | ... << ... | The operand 'lhs1' is shifted by an expression 'rhs7' whose upper bound (31) is greater than or equal to the precision. | +| test.c:87:3:87:14 | ... << ... | The operand 'lhs1' is shifted by an expression 'rhs8' whose upper bound (31) is greater than or equal to the precision. | +| test.c:89:3:89:14 | ... << ... | The operand 'lhs1' is shifted by an expression 'rhs9' whose upper bound (32) is greater than or equal to the precision. | +| test.c:91:3:91:15 | ... << ... | The operand 'lhs1' is shifted by an expression 'rhs10' whose upper bound (31) is greater than or equal to the precision. | +| test.c:93:3:93:15 | ... << ... | The operand 'lhs1' is shifted by an expression 'rhs11' whose upper bound (31) is greater than or equal to the precision. | +| test.c:95:3:95:15 | ... << ... | The operand 'lhs1' is shifted by an expression 'rhs12' whose upper bound (64) is greater than or equal to the precision. | +| test.c:97:3:97:15 | ... << ... | The operand 'lhs1' is shifted by an expression 'rhs13' whose upper bound (63) is greater than or equal to the precision. | +| test.c:99:3:99:15 | ... << ... | The operand 'lhs1' is shifted by an expression 'rhs14' whose upper bound (63) is greater than or equal to the precision. | +| test.c:134:3:134:14 | ... << ... | The operand 'lhs3' is shifted by an expression 'rhs3' whose upper bound (16) is greater than or equal to the precision. | +| test.c:138:3:138:14 | ... << ... | The operand 'lhs3' is shifted by an expression 'rhs6' whose upper bound (32) is greater than or equal to the precision. | +| test.c:140:3:140:14 | ... << ... | The operand 'lhs3' is shifted by an expression 'rhs7' whose upper bound (31) is greater than or equal to the precision. | +| test.c:142:3:142:14 | ... << ... | The operand 'lhs3' is shifted by an expression 'rhs8' whose upper bound (31) is greater than or equal to the precision. | +| test.c:144:3:144:14 | ... << ... | The operand 'lhs3' is shifted by an expression 'rhs9' whose upper bound (32) is greater than or equal to the precision. | +| test.c:146:3:146:15 | ... << ... | The operand 'lhs3' is shifted by an expression 'rhs10' whose upper bound (31) is greater than or equal to the precision. | +| test.c:148:3:148:15 | ... << ... | The operand 'lhs3' is shifted by an expression 'rhs11' whose upper bound (31) is greater than or equal to the precision. | +| test.c:150:3:150:15 | ... << ... | The operand 'lhs3' is shifted by an expression 'rhs12' whose upper bound (64) is greater than or equal to the precision. | +| test.c:152:3:152:15 | ... << ... | The operand 'lhs3' is shifted by an expression 'rhs13' whose upper bound (63) is greater than or equal to the precision. | +| test.c:154:3:154:15 | ... << ... | The operand 'lhs3' is shifted by an expression 'rhs14' whose upper bound (63) is greater than or equal to the precision. | +| test.c:159:3:159:14 | ... << ... | The operand 'lhs4' is shifted by an expression 'rhs3' whose upper bound (16) is greater than or equal to the precision. | +| test.c:161:3:161:14 | ... << ... | The operand 'lhs4' is shifted by an expression 'rhs4' whose upper bound (15) is greater than or equal to the precision. | +| test.c:163:3:163:14 | ... << ... | The operand 'lhs4' is shifted by an expression 'rhs5' whose upper bound (15) is greater than or equal to the precision. | +| test.c:165:3:165:14 | ... << ... | The operand 'lhs4' is shifted by an expression 'rhs6' whose upper bound (32) is greater than or equal to the precision. | +| test.c:167:3:167:14 | ... << ... | The operand 'lhs4' is shifted by an expression 'rhs7' whose upper bound (31) is greater than or equal to the precision. | +| test.c:169:3:169:14 | ... << ... | The operand 'lhs4' is shifted by an expression 'rhs8' whose upper bound (31) is greater than or equal to the precision. | +| test.c:171:3:171:14 | ... << ... | The operand 'lhs4' is shifted by an expression 'rhs9' whose upper bound (32) is greater than or equal to the precision. | +| test.c:173:3:173:15 | ... << ... | The operand 'lhs4' is shifted by an expression 'rhs10' whose upper bound (31) is greater than or equal to the precision. | +| test.c:175:3:175:15 | ... << ... | The operand 'lhs4' is shifted by an expression 'rhs11' whose upper bound (31) is greater than or equal to the precision. | +| test.c:177:3:177:15 | ... << ... | The operand 'lhs4' is shifted by an expression 'rhs12' whose upper bound (64) is greater than or equal to the precision. | +| test.c:179:3:179:15 | ... << ... | The operand 'lhs4' is shifted by an expression 'rhs13' whose upper bound (63) is greater than or equal to the precision. | +| test.c:181:3:181:15 | ... << ... | The operand 'lhs4' is shifted by an expression 'rhs14' whose upper bound (63) is greater than or equal to the precision. | +| test.c:216:3:216:14 | ... << ... | The operand 'lhs6' is shifted by an expression 'rhs6' whose upper bound (32) is greater than or equal to the precision. | +| test.c:220:3:220:14 | ... << ... | The operand 'lhs6' is shifted by an expression 'rhs9' whose upper bound (32) is greater than or equal to the precision. | +| test.c:224:3:224:15 | ... << ... | The operand 'lhs6' is shifted by an expression 'rhs12' whose upper bound (64) is greater than or equal to the precision. | +| test.c:226:3:226:15 | ... << ... | The operand 'lhs6' is shifted by an expression 'rhs13' whose upper bound (63) is greater than or equal to the precision. | +| test.c:228:3:228:15 | ... << ... | The operand 'lhs6' is shifted by an expression 'rhs14' whose upper bound (63) is greater than or equal to the precision. | +| test.c:236:3:236:14 | ... << ... | The operand 'lhs7' is shifted by an expression 'rhs6' whose upper bound (32) is greater than or equal to the precision. | +| test.c:238:3:238:14 | ... << ... | The operand 'lhs7' is shifted by an expression 'rhs7' whose upper bound (31) is greater than or equal to the precision. | +| test.c:240:3:240:14 | ... << ... | The operand 'lhs7' is shifted by an expression 'rhs8' whose upper bound (31) is greater than or equal to the precision. | +| test.c:242:3:242:14 | ... << ... | The operand 'lhs7' is shifted by an expression 'rhs9' whose upper bound (32) is greater than or equal to the precision. | +| test.c:244:3:244:15 | ... << ... | The operand 'lhs7' is shifted by an expression 'rhs10' whose upper bound (31) is greater than or equal to the precision. | +| test.c:246:3:246:15 | ... << ... | The operand 'lhs7' is shifted by an expression 'rhs11' whose upper bound (31) is greater than or equal to the precision. | +| test.c:248:3:248:15 | ... << ... | The operand 'lhs7' is shifted by an expression 'rhs12' whose upper bound (64) is greater than or equal to the precision. | +| test.c:250:3:250:15 | ... << ... | The operand 'lhs7' is shifted by an expression 'rhs13' whose upper bound (63) is greater than or equal to the precision. | +| test.c:252:3:252:15 | ... << ... | The operand 'lhs7' is shifted by an expression 'rhs14' whose upper bound (63) is greater than or equal to the precision. | +| test.c:292:3:292:15 | ... << ... | The operand 'lhs9' is shifted by an expression 'rhs12' whose upper bound (64) is greater than or equal to the precision. | +| test.c:316:3:316:16 | ... << ... | The operand 'lhs10' is shifted by an expression 'rhs12' whose upper bound (64) is greater than or equal to the precision. | +| test.c:318:3:318:16 | ... << ... | The operand 'lhs10' is shifted by an expression 'rhs13' whose upper bound (63) is greater than or equal to the precision. | +| test.c:320:3:320:16 | ... << ... | The operand 'lhs10' is shifted by an expression 'rhs14' whose upper bound (63) is greater than or equal to the precision. | +| test.c:358:3:358:16 | ... << ... | The operand 'lhs12' is shifted by an expression 'rhs12' whose upper bound (64) is greater than or equal to the precision. | +| test.c:374:3:374:16 | ... << ... | The operand 'lhs13' is shifted by an expression 'rhs12' whose upper bound (64) is greater than or equal to the precision. | +| test.c:376:3:376:16 | ... << ... | The operand 'lhs13' is shifted by an expression 'rhs13' whose upper bound (63) is greater than or equal to the precision. | +| test.c:378:3:378:16 | ... << ... | The operand 'lhs13' is shifted by an expression 'rhs14' whose upper bound (63) is greater than or equal to the precision. | +| test.c:1579:3:1580:10 | ... >> ... | The operand 'lhs0' is shifted by an expression 'rhs0' whose upper bound (8) is greater than or equal to the precision. | +| test.c:1583:3:1584:10 | ... >> ... | The operand 'lhs0' is shifted by an expression 'rhs3' whose upper bound (16) is greater than or equal to the precision. | +| test.c:1585:3:1586:10 | ... >> ... | The operand 'lhs0' is shifted by an expression 'rhs4' whose upper bound (15) is greater than or equal to the precision. | +| test.c:1587:3:1588:10 | ... >> ... | The operand 'lhs0' is shifted by an expression 'rhs5' whose upper bound (15) is greater than or equal to the precision. | +| test.c:1589:3:1590:10 | ... >> ... | The operand 'lhs0' is shifted by an expression 'rhs6' whose upper bound (32) is greater than or equal to the precision. | +| test.c:1591:3:1592:10 | ... >> ... | The operand 'lhs0' is shifted by an expression 'rhs7' whose upper bound (31) is greater than or equal to the precision. | +| test.c:1593:3:1594:10 | ... >> ... | The operand 'lhs0' is shifted by an expression 'rhs8' whose upper bound (31) is greater than or equal to the precision. | +| test.c:1595:3:1596:10 | ... >> ... | The operand 'lhs0' is shifted by an expression 'rhs9' whose upper bound (32) is greater than or equal to the precision. | +| test.c:1597:3:1597:15 | ... >> ... | The operand 'lhs0' is shifted by an expression 'rhs10' whose upper bound (31) is greater than or equal to the precision. | +| test.c:1599:3:1599:15 | ... >> ... | The operand 'lhs0' is shifted by an expression 'rhs11' whose upper bound (31) is greater than or equal to the precision. | +| test.c:1601:3:1601:15 | ... >> ... | The operand 'lhs0' is shifted by an expression 'rhs12' whose upper bound (64) is greater than or equal to the precision. | +| test.c:1603:3:1603:15 | ... >> ... | The operand 'lhs0' is shifted by an expression 'rhs13' whose upper bound (63) is greater than or equal to the precision. | +| test.c:1605:3:1605:15 | ... >> ... | The operand 'lhs0' is shifted by an expression 'rhs14' whose upper bound (63) is greater than or equal to the precision. | +| test.c:1607:3:1608:10 | ... >> ... | The operand 'lhs1' is shifted by an expression 'rhs0' whose upper bound (8) is greater than or equal to the precision. | +| test.c:1609:3:1610:10 | ... >> ... | The operand 'lhs1' is shifted by an expression 'rhs1' whose upper bound (7) is greater than or equal to the precision. | +| test.c:1611:3:1612:10 | ... >> ... | The operand 'lhs1' is shifted by an expression 'rhs2' whose upper bound (7) is greater than or equal to the precision. | +| test.c:1613:3:1614:10 | ... >> ... | The operand 'lhs1' is shifted by an expression 'rhs3' whose upper bound (16) is greater than or equal to the precision. | +| test.c:1615:3:1616:10 | ... >> ... | The operand 'lhs1' is shifted by an expression 'rhs4' whose upper bound (15) is greater than or equal to the precision. | +| test.c:1617:3:1618:10 | ... >> ... | The operand 'lhs1' is shifted by an expression 'rhs5' whose upper bound (15) is greater than or equal to the precision. | +| test.c:1619:3:1620:10 | ... >> ... | The operand 'lhs1' is shifted by an expression 'rhs6' whose upper bound (32) is greater than or equal to the precision. | +| test.c:1621:3:1622:10 | ... >> ... | The operand 'lhs1' is shifted by an expression 'rhs7' whose upper bound (31) is greater than or equal to the precision. | +| test.c:1623:3:1624:10 | ... >> ... | The operand 'lhs1' is shifted by an expression 'rhs8' whose upper bound (31) is greater than or equal to the precision. | +| test.c:1625:3:1626:10 | ... >> ... | The operand 'lhs1' is shifted by an expression 'rhs9' whose upper bound (32) is greater than or equal to the precision. | +| test.c:1627:3:1627:15 | ... >> ... | The operand 'lhs1' is shifted by an expression 'rhs10' whose upper bound (31) is greater than or equal to the precision. | +| test.c:1629:3:1629:15 | ... >> ... | The operand 'lhs1' is shifted by an expression 'rhs11' whose upper bound (31) is greater than or equal to the precision. | +| test.c:1631:3:1631:15 | ... >> ... | The operand 'lhs1' is shifted by an expression 'rhs12' whose upper bound (64) is greater than or equal to the precision. | +| test.c:1633:3:1633:15 | ... >> ... | The operand 'lhs1' is shifted by an expression 'rhs13' whose upper bound (63) is greater than or equal to the precision. | +| test.c:1635:3:1635:15 | ... >> ... | The operand 'lhs1' is shifted by an expression 'rhs14' whose upper bound (63) is greater than or equal to the precision. | +| test.c:1670:3:1671:10 | ... >> ... | The operand 'lhs3' is shifted by an expression 'rhs3' whose upper bound (16) is greater than or equal to the precision. | +| test.c:1674:3:1675:10 | ... >> ... | The operand 'lhs3' is shifted by an expression 'rhs6' whose upper bound (32) is greater than or equal to the precision. | +| test.c:1676:3:1677:10 | ... >> ... | The operand 'lhs3' is shifted by an expression 'rhs7' whose upper bound (31) is greater than or equal to the precision. | +| test.c:1678:3:1679:10 | ... >> ... | The operand 'lhs3' is shifted by an expression 'rhs8' whose upper bound (31) is greater than or equal to the precision. | +| test.c:1680:3:1681:10 | ... >> ... | The operand 'lhs3' is shifted by an expression 'rhs9' whose upper bound (32) is greater than or equal to the precision. | +| test.c:1682:3:1682:15 | ... >> ... | The operand 'lhs3' is shifted by an expression 'rhs10' whose upper bound (31) is greater than or equal to the precision. | +| test.c:1684:3:1684:15 | ... >> ... | The operand 'lhs3' is shifted by an expression 'rhs11' whose upper bound (31) is greater than or equal to the precision. | +| test.c:1686:3:1686:15 | ... >> ... | The operand 'lhs3' is shifted by an expression 'rhs12' whose upper bound (64) is greater than or equal to the precision. | +| test.c:1688:3:1688:15 | ... >> ... | The operand 'lhs3' is shifted by an expression 'rhs13' whose upper bound (63) is greater than or equal to the precision. | +| test.c:1690:3:1690:15 | ... >> ... | The operand 'lhs3' is shifted by an expression 'rhs14' whose upper bound (63) is greater than or equal to the precision. | +| test.c:1695:3:1696:10 | ... >> ... | The operand 'lhs4' is shifted by an expression 'rhs3' whose upper bound (16) is greater than or equal to the precision. | +| test.c:1697:3:1698:10 | ... >> ... | The operand 'lhs4' is shifted by an expression 'rhs4' whose upper bound (15) is greater than or equal to the precision. | +| test.c:1699:3:1700:10 | ... >> ... | The operand 'lhs4' is shifted by an expression 'rhs5' whose upper bound (15) is greater than or equal to the precision. | +| test.c:1701:3:1702:10 | ... >> ... | The operand 'lhs4' is shifted by an expression 'rhs6' whose upper bound (32) is greater than or equal to the precision. | +| test.c:1703:3:1704:10 | ... >> ... | The operand 'lhs4' is shifted by an expression 'rhs7' whose upper bound (31) is greater than or equal to the precision. | +| test.c:1705:3:1706:10 | ... >> ... | The operand 'lhs4' is shifted by an expression 'rhs8' whose upper bound (31) is greater than or equal to the precision. | +| test.c:1707:3:1708:10 | ... >> ... | The operand 'lhs4' is shifted by an expression 'rhs9' whose upper bound (32) is greater than or equal to the precision. | +| test.c:1709:3:1709:15 | ... >> ... | The operand 'lhs4' is shifted by an expression 'rhs10' whose upper bound (31) is greater than or equal to the precision. | +| test.c:1711:3:1711:15 | ... >> ... | The operand 'lhs4' is shifted by an expression 'rhs11' whose upper bound (31) is greater than or equal to the precision. | +| test.c:1713:3:1713:15 | ... >> ... | The operand 'lhs4' is shifted by an expression 'rhs12' whose upper bound (64) is greater than or equal to the precision. | +| test.c:1715:3:1715:15 | ... >> ... | The operand 'lhs4' is shifted by an expression 'rhs13' whose upper bound (63) is greater than or equal to the precision. | +| test.c:1717:3:1717:15 | ... >> ... | The operand 'lhs4' is shifted by an expression 'rhs14' whose upper bound (63) is greater than or equal to the precision. | +| test.c:1752:3:1753:10 | ... >> ... | The operand 'lhs6' is shifted by an expression 'rhs6' whose upper bound (32) is greater than or equal to the precision. | +| test.c:1756:3:1757:10 | ... >> ... | The operand 'lhs6' is shifted by an expression 'rhs9' whose upper bound (32) is greater than or equal to the precision. | +| test.c:1760:3:1760:15 | ... >> ... | The operand 'lhs6' is shifted by an expression 'rhs12' whose upper bound (64) is greater than or equal to the precision. | +| test.c:1762:3:1762:15 | ... >> ... | The operand 'lhs6' is shifted by an expression 'rhs13' whose upper bound (63) is greater than or equal to the precision. | +| test.c:1764:3:1764:15 | ... >> ... | The operand 'lhs6' is shifted by an expression 'rhs14' whose upper bound (63) is greater than or equal to the precision. | +| test.c:1772:3:1773:10 | ... >> ... | The operand 'lhs7' is shifted by an expression 'rhs6' whose upper bound (32) is greater than or equal to the precision. | +| test.c:1774:3:1775:10 | ... >> ... | The operand 'lhs7' is shifted by an expression 'rhs7' whose upper bound (31) is greater than or equal to the precision. | +| test.c:1776:3:1777:10 | ... >> ... | The operand 'lhs7' is shifted by an expression 'rhs8' whose upper bound (31) is greater than or equal to the precision. | +| test.c:1778:3:1779:10 | ... >> ... | The operand 'lhs7' is shifted by an expression 'rhs9' whose upper bound (32) is greater than or equal to the precision. | +| test.c:1780:3:1780:15 | ... >> ... | The operand 'lhs7' is shifted by an expression 'rhs10' whose upper bound (31) is greater than or equal to the precision. | +| test.c:1782:3:1782:15 | ... >> ... | The operand 'lhs7' is shifted by an expression 'rhs11' whose upper bound (31) is greater than or equal to the precision. | +| test.c:1784:3:1784:15 | ... >> ... | The operand 'lhs7' is shifted by an expression 'rhs12' whose upper bound (64) is greater than or equal to the precision. | +| test.c:1786:3:1786:15 | ... >> ... | The operand 'lhs7' is shifted by an expression 'rhs13' whose upper bound (63) is greater than or equal to the precision. | +| test.c:1788:3:1788:15 | ... >> ... | The operand 'lhs7' is shifted by an expression 'rhs14' whose upper bound (63) is greater than or equal to the precision. | +| test.c:1828:3:1828:15 | ... >> ... | The operand 'lhs9' is shifted by an expression 'rhs12' whose upper bound (64) is greater than or equal to the precision. | +| test.c:1852:3:1852:16 | ... >> ... | The operand 'lhs10' is shifted by an expression 'rhs12' whose upper bound (64) is greater than or equal to the precision. | +| test.c:1854:3:1854:16 | ... >> ... | The operand 'lhs10' is shifted by an expression 'rhs13' whose upper bound (63) is greater than or equal to the precision. | +| test.c:1856:3:1856:16 | ... >> ... | The operand 'lhs10' is shifted by an expression 'rhs14' whose upper bound (63) is greater than or equal to the precision. | +| test.c:1894:3:1894:16 | ... >> ... | The operand 'lhs12' is shifted by an expression 'rhs12' whose upper bound (64) is greater than or equal to the precision. | +| test.c:1910:3:1910:16 | ... >> ... | The operand 'lhs13' is shifted by an expression 'rhs12' whose upper bound (64) is greater than or equal to the precision. | +| test.c:1912:3:1912:16 | ... >> ... | The operand 'lhs13' is shifted by an expression 'rhs13' whose upper bound (63) is greater than or equal to the precision. | +| test.c:1914:3:1914:16 | ... >> ... | The operand 'lhs13' is shifted by an expression 'rhs14' whose upper bound (63) is greater than or equal to the precision. | +| test.c:3115:3:3115:12 | ... << ... | The operand 'lhs0' is shifted by an expression '- ...' which may be negative. | +| test.c:3116:3:3116:12 | ... << ... | The operand 'lhs1' is shifted by an expression '- ...' which may be negative. | +| test.c:3117:3:3117:12 | ... << ... | The operand 'lhs2' is shifted by an expression '- ...' which may be negative. | +| test.c:3118:3:3118:12 | ... << ... | The operand 'lhs3' is shifted by an expression '- ...' which may be negative. | +| test.c:3119:3:3119:12 | ... << ... | The operand 'lhs4' is shifted by an expression '- ...' which may be negative. | +| test.c:3120:3:3120:12 | ... << ... | The operand 'lhs5' is shifted by an expression '- ...' which may be negative. | +| test.c:3121:3:3121:12 | ... << ... | The operand 'lhs6' is shifted by an expression '- ...' which may be negative. | +| test.c:3122:3:3122:12 | ... << ... | The operand 'lhs7' is shifted by an expression '- ...' which may be negative. | +| test.c:3123:3:3123:12 | ... << ... | The operand 'lhs8' is shifted by an expression '- ...' which may be negative. | +| test.c:3124:3:3124:12 | ... << ... | The operand 'lhs9' is shifted by an expression '- ...' which may be negative. | +| test.c:3125:3:3125:13 | ... << ... | The operand 'lhs10' is shifted by an expression '- ...' which may be negative. | +| test.c:3126:3:3126:13 | ... << ... | The operand 'lhs11' is shifted by an expression '- ...' which may be negative. | +| test.c:3127:3:3127:13 | ... << ... | The operand 'lhs12' is shifted by an expression '- ...' which may be negative. | +| test.c:3128:3:3128:13 | ... << ... | The operand 'lhs13' is shifted by an expression '- ...' which may be negative. | +| test.c:3129:3:3129:13 | ... << ... | The operand 'lhs14' is shifted by an expression '- ...' which may be negative. | diff --git a/change_notes/2024-02-21-fix-reported-fp-a4-7-1.md b/change_notes/2024-02-21-fix-reported-fp-a4-7-1.md index 36f5fb8040..246d0481f2 100644 --- a/change_notes/2024-02-21-fix-reported-fp-a4-7-1.md +++ b/change_notes/2024-02-21-fix-reported-fp-a4-7-1.md @@ -1,2 +1,4 @@ - `A4-7-1` - `IntegerExpressionLeadToDataLoss.ql`: - - Address reported FP in #396. Exclude shift operations guarded to prevent undefined behavior that could lead to dataloss. \ No newline at end of file + - Address reported FP in #396. Exclude shift operations guarded to prevent undefined behavior that could lead to dataloss. +- `INT34-C` - `ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql`: + - Format the alert message according to the style-guide. \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/UndefinedBehavior.qll b/cpp/common/src/codingstandards/cpp/UndefinedBehavior.qll index ce4b625a2e..24bdd3e3f9 100644 --- a/cpp/common/src/codingstandards/cpp/UndefinedBehavior.qll +++ b/cpp/common/src/codingstandards/cpp/UndefinedBehavior.qll @@ -24,8 +24,8 @@ class ShiftByNegativeOrGreaterPrecisionOperand extends UndefinedBehavior, BitShi getPrecision(this.getLeftOperand().getExplicitlyConverted().getUnderlyingType()) <= upperBound(this.getRightOperand()) and reason = - "The operand " + this.getLeftOperand() + " is shifted by an expression " + - this.getRightOperand() + " whose upper bound (" + upperBound(this.getRightOperand()) + + "The operand '" + this.getLeftOperand() + "' is shifted by an expression '" + + this.getRightOperand() + "' whose upper bound (" + upperBound(this.getRightOperand()) + ") is greater than or equal to the precision." and /* * this statement is not at a basic block where @@ -46,8 +46,8 @@ class ShiftByNegativeOrGreaterPrecisionOperand extends UndefinedBehavior, BitShi or lowerBound(this.getRightOperand()) < 0 and reason = - "The operand " + this.getLeftOperand() + " is shifted by an expression " + - this.getRightOperand() + " which may be negative." and + "The operand '" + this.getLeftOperand() + "' is shifted by an expression '" + + this.getRightOperand() + "' which may be negative." and /* * this statement is not at a basic block where * `this_rhs > 0` is ensured From 6f6f0236bf9b1c271d4bf8603c1f725d05fecc3b Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 22 Feb 2024 11:10:11 -0800 Subject: [PATCH 1672/2573] Address query formatting --- c/common/src/codingstandards/c/UndefinedBehavior.qll | 4 ++-- cpp/common/src/codingstandards/cpp/Expr.qll | 2 +- cpp/common/src/codingstandards/cpp/Literals.qll | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/c/common/src/codingstandards/c/UndefinedBehavior.qll b/c/common/src/codingstandards/c/UndefinedBehavior.qll index c058dc4cb5..5c9dc230d8 100644 --- a/c/common/src/codingstandards/c/UndefinedBehavior.qll +++ b/c/common/src/codingstandards/c/UndefinedBehavior.qll @@ -27,7 +27,7 @@ class CUndefinedMainDefinition extends CUndefinedBehavior, Function { } override string getReason() { - result = "The behavior of the program is undefined because the main function is not defined according to the C standard." + result = + "The behavior of the program is undefined because the main function is not defined according to the C standard." } - } diff --git a/cpp/common/src/codingstandards/cpp/Expr.qll b/cpp/common/src/codingstandards/cpp/Expr.qll index e2e1e1b2bf..61cb361da0 100644 --- a/cpp/common/src/codingstandards/cpp/Expr.qll +++ b/cpp/common/src/codingstandards/cpp/Expr.qll @@ -187,4 +187,4 @@ class BitShiftExpr extends BinaryBitwiseOperation { this instanceof LShiftExpr or this instanceof RShiftExpr } -} \ No newline at end of file +} diff --git a/cpp/common/src/codingstandards/cpp/Literals.qll b/cpp/common/src/codingstandards/cpp/Literals.qll index 82d091d3a5..fe8b964985 100644 --- a/cpp/common/src/codingstandards/cpp/Literals.qll +++ b/cpp/common/src/codingstandards/cpp/Literals.qll @@ -31,4 +31,4 @@ class Utf32StringLiteral extends StringLiteral { class LiteralZero extends Literal { LiteralZero() { this.getValue() = "0" } -} \ No newline at end of file +} From 819e9f9cc299165b1b11fa88b17f4f323318a31e Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 22 Feb 2024 15:09:35 -0800 Subject: [PATCH 1673/2573] Exclude conditions in uninitialized templates The type of conditions in uninitialized templates is unknown which leads to false positives. --- .../NonBooleanIterationStmt.qll | 2 ++ .../test/rules/nonbooleaniterationstmt/test.cpp | 15 ++++++++++++++- 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.qll b/cpp/common/src/codingstandards/cpp/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.qll index c342811c52..3ca038ce07 100644 --- a/cpp/common/src/codingstandards/cpp/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.qll +++ b/cpp/common/src/codingstandards/cpp/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.qll @@ -18,6 +18,8 @@ query predicate problems(Loop loopStmt, string message) { not explicitConversionType instanceof BoolType and //exclude any generated conditions not condition.isCompilerGenerated() and + // exclude any conditions in uninstantiated templates, because their type will be unknown. + not condition.isFromUninstantiatedTemplate(_) and message = "Iteration condition has non boolean type " + explicitConversionType + "." ) } diff --git a/cpp/common/test/rules/nonbooleaniterationstmt/test.cpp b/cpp/common/test/rules/nonbooleaniterationstmt/test.cpp index ed25cad311..04afb042b1 100644 --- a/cpp/common/test/rules/nonbooleaniterationstmt/test.cpp +++ b/cpp/common/test/rules/nonbooleaniterationstmt/test.cpp @@ -41,4 +41,17 @@ class ClassC { if (!d.empty()) { // COMPLIANT } } -}; \ No newline at end of file +}; + +#include +template void test_fp_reported_in_10a(std::vector &p1) { + for (typename std::vector::iterator it = p1.begin(); it != p1.end(); + ++it) { // COMPLIANT + (*it)++; + } +} + +void test_fp_reported_in_10b() { + std::vector vl1; + test_fp_reported_in_10a(vl1); +} \ No newline at end of file From 07840ddd448262be371328246a08de8367b3865c Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 22 Feb 2024 15:17:21 -0800 Subject: [PATCH 1674/2573] Add test case for FP reported in #10 The query already deals with the case where the condition is in an uninitialized template. --- cpp/common/test/rules/nonbooleanifstmt/test.cpp | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/cpp/common/test/rules/nonbooleanifstmt/test.cpp b/cpp/common/test/rules/nonbooleanifstmt/test.cpp index b10cd7034e..e17f294a2f 100644 --- a/cpp/common/test/rules/nonbooleanifstmt/test.cpp +++ b/cpp/common/test/rules/nonbooleanifstmt/test.cpp @@ -46,3 +46,16 @@ void test_boolean_conditions() { if (a) { // COMPLIANT - a has an explicit operator bool() } } + +template bool test_fp_reported_in_10a(T &p1) { + if (p1.length() > 10) { // COMPLIANT + return true; + } + return false; +} + +#include +void test_fp_reported_in_10b() { + std::string s; + test_fp_reported_in_10a(s); +} \ No newline at end of file From 11bac20ae05a1a1d7f5c389185dd7521a40f9cd6 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 22 Feb 2024 15:28:13 -0800 Subject: [PATCH 1675/2573] Reformat alert message according to style guide --- ...orTheLogicalAndOrTheLogicalOperatorsShallHaveTypeBool.ql | 2 +- ...ogicalAndOrTheLogicalOperatorsShallHaveTypeBool.expected | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/cpp/autosar/src/rules/M5-3-1/EachOperandOfTheOperatorTheLogicalAndOrTheLogicalOperatorsShallHaveTypeBool.ql b/cpp/autosar/src/rules/M5-3-1/EachOperandOfTheOperatorTheLogicalAndOrTheLogicalOperatorsShallHaveTypeBool.ql index 9414e85956..03b4ae7f1c 100644 --- a/cpp/autosar/src/rules/M5-3-1/EachOperandOfTheOperatorTheLogicalAndOrTheLogicalOperatorsShallHaveTypeBool.ql +++ b/cpp/autosar/src/rules/M5-3-1/EachOperandOfTheOperatorTheLogicalAndOrTheLogicalOperatorsShallHaveTypeBool.ql @@ -29,4 +29,4 @@ where rt = t.getUnderlyingType().getUnspecifiedType() and rt.getBaseType() instanceof BoolType ) and not operand.isFromUninstantiatedTemplate(_) -select operand, "bool operator called with a non-bool operand of type " + t.getName() + "." +select operand, "Call to bool operator with a non-bool operand of type '" + t.getName() + "'." diff --git a/cpp/autosar/test/rules/M5-3-1/EachOperandOfTheOperatorTheLogicalAndOrTheLogicalOperatorsShallHaveTypeBool.expected b/cpp/autosar/test/rules/M5-3-1/EachOperandOfTheOperatorTheLogicalAndOrTheLogicalOperatorsShallHaveTypeBool.expected index e64af14ff5..10ca64a558 100644 --- a/cpp/autosar/test/rules/M5-3-1/EachOperandOfTheOperatorTheLogicalAndOrTheLogicalOperatorsShallHaveTypeBool.expected +++ b/cpp/autosar/test/rules/M5-3-1/EachOperandOfTheOperatorTheLogicalAndOrTheLogicalOperatorsShallHaveTypeBool.expected @@ -1,3 +1,3 @@ -| test.cpp:10:8:10:8 | 0 | bool operator called with a non-bool operand of type int. | -| test.cpp:12:7:12:7 | 0 | bool operator called with a non-bool operand of type int. | -| test.cpp:12:13:12:17 | ... + ... | bool operator called with a non-bool operand of type int. | +| test.cpp:10:8:10:8 | 0 | Call to bool operator with a non-bool operand of type 'int'. | +| test.cpp:12:7:12:7 | 0 | Call to bool operator with a non-bool operand of type 'int'. | +| test.cpp:12:13:12:17 | ... + ... | Call to bool operator with a non-bool operand of type 'int'. | From c101419a3c597669c846247a85b6177820d3cdf1 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 22 Feb 2024 15:33:15 -0800 Subject: [PATCH 1676/2573] Add changenote --- .../2024-02-22-fix-fp-a5-0-2-and-change-alert-m5-3-1.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 change_notes/2024-02-22-fix-fp-a5-0-2-and-change-alert-m5-3-1.md diff --git a/change_notes/2024-02-22-fix-fp-a5-0-2-and-change-alert-m5-3-1.md b/change_notes/2024-02-22-fix-fp-a5-0-2-and-change-alert-m5-3-1.md new file mode 100644 index 0000000000..86d4ce46ba --- /dev/null +++ b/change_notes/2024-02-22-fix-fp-a5-0-2-and-change-alert-m5-3-1.md @@ -0,0 +1,4 @@ +- `A5-0-2` - `NonBooleanIterationCondition.ql`: + - Address FP reported in #10. Exclude conditions in uninstantiated templates. +- `M5-3-1` - `EachOperandOfTheOperatorTheLogicalAndOrTheLogicalOperatorsShallHaveTypeBool.ql`: + - Adjust the alert message to comply with the style guide. \ No newline at end of file From 214cba9409cdfeaff8e31f4757b9f6f395ee4f6a Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 23 Feb 2024 15:57:42 -0800 Subject: [PATCH 1677/2573] Address MD linting issues --- docs/user_manual.md | 161 +++++++++++++++++++++++--------------------- 1 file changed, 85 insertions(+), 76 deletions(-) diff --git a/docs/user_manual.md b/docs/user_manual.md index 7651c06019..adc6cfc938 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -35,7 +35,8 @@ The release page documents the release notes and contains the following artifact - `user_manual_2.22.0-dev.md`: This user manual. - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards -- `checksums.txt`: A text file containing sha256 checksums for the aforementioned artifacts. +- `checksums.txt`: A text file containing sha256 checksums for the aforementioned artifacts. + ## Introduction ### Background @@ -55,11 +56,10 @@ The _CodeQL Coding Standards_ product is a set of CodeQL queries for identifying | [CERT C](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-c-coding-standard-2016-v01.pdf) | 2016 | 99 | 99 | Under development | | [MISRA C](https://www.misra.org.uk/product/misra-c2012-third-edition-first-revision/) | 2012 | 172 | 169 | Under development | - Not all rules in these standards are amenable to static analysis by CodeQL - some rules require external or domain specific knowledge to validate, or refer to properties which are not present in the our representation of the codebase under analysis. For each rule we therefore identify whether it is supportable or not. Furthermore, a rule can be supported in two ways: - - **Automated** - the queries for the rule find contraventions directly. - - **Audit only** - the queries for the rule does not find contraventions directly, but instead report a list of _candidates_ that can be used as input into a manual audit. For example, `A10-0-1` (_Public inheritance shall be used to implement 'is-a' relationship_) is not directly amenable to static analysis, but CodeQL can be used to produce a list of all the locations that use public inheritance so they can be manually reviewed. +- **Automated** - the queries for the rule find contraventions directly. +- **Audit only** - the queries for the rule does not find contraventions directly, but instead report a list of _candidates_ that can be used as input into a manual audit. For example, `A10-0-1` (_Public inheritance shall be used to implement 'is-a' relationship_) is not directly amenable to static analysis, but CodeQL can be used to produce a list of all the locations that use public inheritance so they can be manually reviewed. Each supported rule is implemented as one or more CodeQL queries, with each query covering an aspect of the rule. In many coding standards, the rules cover non-trivial semantic properties of the codebase under analysis. @@ -75,8 +75,8 @@ This section describes the supported environment for the product. To run the "CodeQL Coding Standards" queries two additional components are required: - - The CodeQL CLI - this is the command line tool for creating CodeQL databases and running CodeQL queries. - - The CodeQL Standard Library for C++ - this provides the common CodeQL query libraries used in the implementation of the CodeQL Coding Standards queries. +- The CodeQL CLI - this is the command line tool for creating CodeQL databases and running CodeQL queries. +- The CodeQL Standard Library for C++ - this provides the common CodeQL query libraries used in the implementation of the CodeQL Coding Standards queries. Refer to the release notes for the selected release to determine which versions of these dependencies are supported or required. @@ -99,10 +99,11 @@ For C++ the codebase under analysis must comply with C++14 and use one of the fo | qcc | 8.3.0 | libc++ (default) | gcc_ntoaarch64le_cxx | -std=c++14 -D_QNX_SOURCE -nopipe | Use of the queries outside these scenarios is possible, but not validated for functional safety. In particular: - - Use of the queries against codebases written with more recent versions of C++ (as supported by CodeQL) are not validated in the following circumstances: - - When new language features are used - - When language features are used which have a differing interpretation from C++14. - - Use of the queries against codebases which use other compilers or other compiler versions supported by CodeQL is not tested or validated for functional safety. + +- Use of the queries against codebases written with more recent versions of C++ (as supported by CodeQL) are not validated in the following circumstances: + - When new language features are used + - When language features are used which have a differing interpretation from C++14. +- Use of the queries against codebases which use other compilers or other compiler versions supported by CodeQL is not tested or validated for functional safety. #### C @@ -115,18 +116,19 @@ For C the codebase under analysis must comply with C99 or C11 and use one of the | qcc | 8.3.0 | glibc (default) | gcc_ntoaarch64le | -std=c11 -nopipe | Use of the queries outside these scenarios is possible, but not validated for functional safety. In particular: - - Use of the queries against codebases written with more recent versions of C (as supported by CodeQL) are not validated in the following circumstances: - - When new language features are used - - When language features are used which have a differing interpretation from C11. - - Use of the queries against codebases which use other compilers or other compiler versions supported by CodeQL (e.g. gcc) is not tested or validated for functional safety. + +- Use of the queries against codebases written with more recent versions of C (as supported by CodeQL) are not validated in the following circumstances: + - When new language features are used + - When language features are used which have a differing interpretation from C11. +- Use of the queries against codebases which use other compilers or other compiler versions supported by CodeQL (e.g. gcc) is not tested or validated for functional safety. ### Analysis report requirements The Coding Standards ships with scripts to generate reports that summarizes: - - The integrity and validity of the CodeQL database created for the project. - - The findings reported by the default queries for the selected Coding Standards, grouped by categories as specified by MISRA Compliance 2020. - - The CodeQL dependencies used for the analysis, and whether they comply with the stated requirements. +- The integrity and validity of the CodeQL database created for the project. +- The findings reported by the default queries for the selected Coding Standards, grouped by categories as specified by MISRA Compliance 2020. +- The CodeQL dependencies used for the analysis, and whether they comply with the stated requirements. The environment used to generate these reports requires: @@ -144,11 +146,13 @@ This section describes how to operate the "CodeQL Coding Standards". You must download a compatible version of the CodeQL CLI and CodeQL Standard Library for C++. **Option 1:** Use the CodeQL CLI bundle, which includes both required components: + 1. Download the CodeQL CLI bundle from the [`github/codeql-action` releases page](https://github.com/github/codeql-action/releases). 2. Expand the compressed archive to a specified location on your machine. 3. [Optional] Add the CodeQL CLI to your user or system path. **Option 2:** Fetch the components separately: + 1. Download the CodeQL CLI from the [`github/codeql-cli-binaries` releases page](https://github.com/github/codeql-cli-binaries/releases) 2. Expand the compressed archive to a specified location on your machine. 3. Using `git`, clone the [`github/codeql`](https://github.com/github/codeql) repository to a sibling directory of the CodeQL CLI. The `github/codeql` repository contains the CodeQL Standard Library for C++. @@ -160,8 +164,8 @@ The release notes for the "CodeQL Coding Standards" pack you are using will spec In order to run the Coding Standards queries you must first build a CodeQL database representing the program. You will need the following pre-requisites: - - A machine with the source code available locally. - - A clean build command for the project, which compiles all relevant source code locally on the machine without failure. Incremental and distributed builds must be disabled. The build command must be tested prior to configuring the CodeQL CLI and confirmed to compile all relevant files and return a zero exit code to indicate success. +- A machine with the source code available locally. +- A clean build command for the project, which compiles all relevant source code locally on the machine without failure. Incremental and distributed builds must be disabled. The build command must be tested prior to configuring the CodeQL CLI and confirmed to compile all relevant files and return a zero exit code to indicate success. The database can be created using the CodeQL CLI like so: @@ -179,9 +183,10 @@ Once you have a CodeQL database for your project, you can run the "default" quer The query suites can be run by using the `codeql database analyze` command: -``` +```bash codeql database analyze --format=sarifv2.1.0 --output=.sarif path/to/ path/to/codeql-coding-standards/cpp//src/codeql-suites/-default.qls... ``` + For each Coding Standard you want to run, add a trailing entry in the following format: `path/to/codeql-coding-standards/cpp//src/codeql-suites/-default.qls`. The only supported SARIF version for use in a functional safety environment is version 2.1.0. @@ -189,8 +194,9 @@ To select this SARIF version you **must** specify the flag `--format=sarifv2.1.0 Running the default analysis for one or more Coding Standards may require further performance customizations for larger codebases. The following flags may be passed to the `database analyze` command to adjust the performance: - - `--ram` - to specify the maximum amount of RAM to use during the analysis as [documented](https://codeql.github.com/docs/codeql-cli/manual/database-analyze/#options-to-control-ram-usage) in the CodeQL CLI manual. - - `--thread` - to specify number of threads to use while evaluating as [documented](https://codeql.github.com/docs/codeql-cli/manual/database-analyze/#cmdoption-codeql-database-analyze-j) in the CodeQL CLI manual. + +- `--ram` - to specify the maximum amount of RAM to use during the analysis as [documented](https://codeql.github.com/docs/codeql-cli/manual/database-analyze/#options-to-control-ram-usage) in the CodeQL CLI manual. +- `--thread` - to specify number of threads to use while evaluating as [documented](https://codeql.github.com/docs/codeql-cli/manual/database-analyze/#cmdoption-codeql-database-analyze-j) in the CodeQL CLI manual. The output of this command will be a [SARIF file](https://sarifweb.azurewebsites.net/) called `.sarif`. @@ -198,7 +204,7 @@ The output of this command will be a [SARIF file](https://sarifweb.azurewebsites Optionally, you may want to run the "audit" level queries. These queries produce lists of results that do not directly highlight contraventions of the rule. Instead, they identify locations in the code that can be manually audited to verify the absence of problems for that particular rule. -``` +```bash codeql database analyze --format=sarifv2.1.0 --output=.sarif path/to/ path/to/codeql-coding-standards/cpp//src/codeql-suites/-audit.qls... ``` @@ -207,9 +213,10 @@ For each Coding Standard you want to run, add a trailing entry in the following #### Producing an analysis report In addition to producing a results file, an analysis report can be produced that summarizes: - - The integrity and validity of the CodeQL database created for the project. - - The findings reported by the default queries for the selected Coding Standards, grouped by categories as specified by MISRA Compliance 2020. - - The CodeQL dependencies used for the analysis, and whether they comply with the stated requirements. + +- The integrity and validity of the CodeQL database created for the project. +- The findings reported by the default queries for the selected Coding Standards, grouped by categories as specified by MISRA Compliance 2020. +- The CodeQL dependencies used for the analysis, and whether they comply with the stated requirements. To run this script, the CodeQL CLI part of a supported CodeQL Bundle and Python interpreter version 3.9 must be available on the system path. @@ -219,48 +226,49 @@ python3 scripts/reports/analysis_report.py path/to/ `) containing the following report files in markdown format: - - A **Guideline Compliance Summary** (GCS) which meets the requirements specified by the [MISRA Compliance 2020](https://www.misra.org.uk/app/uploads/2021/06/MISRA-Compliance-2020.pdf) document, and providing a summary of: - - Whether the analysis reports that the project is "Compliance". - - Which Coding Standards were applied. - - The versions of the CodeQL CLI, CodeQL Standard Library for C/C++ and the CodeQL Coding Standards queries used to perform the analysis. - - Count of violations of guidelines by guideline category ("Required", "Advisory") - - A list of the guidelines checked, and the status of each guideline ("Compliant", "Violations", "Deviations"). - - **Note:** The `Deviations` status is **only** shown when the database has been build with a configuration to *report deviated alerts* and analyzed with a *deviation alert suppression query*. The section on *Deviation records* outlines how this can be achieved. - - An **Analysis Integrity Report** which summarizes any issues that were identified in the creation of the database, which can be reviewed to determine the extent to which these issues may have impacted the generated results. This includes: - - A list of recoverable errors, where a specific piece of syntax was not handled, but the error could be recovered from. These a further sub-divided into "user code" errors and "third-party" errors. - - A list of unrecoverable errors, which affect either entire files or entire compilations. These are also further sub-divided into "user code" errors and "third-party" errors. - - A list of the files analyzed. - - A **Deviations Report** which reports the deviation records that where included during the creation of the database, which can be used to audit the applied deviations. The includes: - - A table of deviation records for which we list: - - An identifier for the coding standards rule the deviation applies to. - - The query identifier that implements the guideline. - - An inferred scope that shows the files or code-identifier the deviation is applied to. - - A textual description of the scope when the deviation can be applied. - - A textual justification of the deviation. - - A textual description of background information. - - A textual description of the requirements which must be satisfied to use the deviation. - - A table of invalid deviation records for which we list: - - The location of the invalid deviation record in the database. - - The reason why it is considered invalid. - - A table of deviation permits for which we list: - - An identifier that identifies the permit. - - An identifier for the coding standards rule the deviation applies to. - - The query identifier that implements the guideline. - - An inferred scope that shows the files or code-identifier the deviation is applied to. - - A textual description of the scope when the deviation can be applied. - - A textual justification of the deviation. - - A textual description of background information. - - A textual description of the requirements which must be satisfied to use the deviation. - - A table of invalid deviation permits for which we list: - - The location of the invalid permit in the database. - - The reason why it is considered invalid. +- A **Guideline Compliance Summary** (GCS) which meets the requirements specified by the [MISRA Compliance 2020](https://www.misra.org.uk/app/uploads/2021/06/MISRA-Compliance-2020.pdf) document, and providing a summary of: + - Whether the analysis reports that the project is "Compliance". + - Which Coding Standards were applied. + - The versions of the CodeQL CLI, CodeQL Standard Library for C/C++ and the CodeQL Coding Standards queries used to perform the analysis. + - Count of violations of guidelines by guideline category ("Required", "Advisory") + - A list of the guidelines checked, and the status of each guideline ("Compliant", "Violations", "Deviations"). + - **Note:** The `Deviations` status is **only** shown when the database has been build with a configuration to _report deviated alerts_ and analyzed with a _deviation alert suppression query_. The section on _Deviation records_ outlines how this can be achieved. +- An **Analysis Integrity Report** which summarizes any issues that were identified in the creation of the database, which can be reviewed to determine the extent to which these issues may have impacted the generated results. This includes: + - A list of recoverable errors, where a specific piece of syntax was not handled, but the error could be recovered from. These a further sub-divided into "user code" errors and "third-party" errors. + - A list of unrecoverable errors, which affect either entire files or entire compilations. These are also further sub-divided into "user code" errors and "third-party" errors. + - A list of the files analyzed. +- A **Deviations Report** which reports the deviation records that where included during the creation of the database, which can be used to audit the applied deviations. The includes: + - A table of deviation records for which we list: + - An identifier for the coding standards rule the deviation applies to. + - The query identifier that implements the guideline. + - An inferred scope that shows the files or code-identifier the deviation is applied to. + - A textual description of the scope when the deviation can be applied. + - A textual justification of the deviation. + - A textual description of background information. + - A textual description of the requirements which must be satisfied to use the deviation. + - A table of invalid deviation records for which we list: + - The location of the invalid deviation record in the database. + - The reason why it is considered invalid. + - A table of deviation permits for which we list: + - An identifier that identifies the permit. + - An identifier for the coding standards rule the deviation applies to. + - The query identifier that implements the guideline. + - An inferred scope that shows the files or code-identifier the deviation is applied to. + - A textual description of the scope when the deviation can be applied. + - A textual justification of the deviation. + - A textual description of background information. + - A textual description of the requirements which must be satisfied to use the deviation. + - A table of invalid deviation permits for which we list: + - The location of the invalid permit in the database. + - The reason why it is considered invalid. #### Applying deviations The CodeQL Coding Standards supports the following features from the [MISRA Compliance 2020](https://www.misra.org.uk/app/uploads/2021/06/MISRA-Compliance-2020.pdf) document: - - _Deviation records_ - an entry that states a particular instance, or set of instances, of a rule should be considered permitted. - - _Deviation permit_ - an entry that provides authorization to apply a deviation to a project. - - _Guideline recategorization plan_ - an agreement on how the guidelines are applied. Whether a guideline may be violated, deviated from, or must always be applied. + +- _Deviation records_ - an entry that states a particular instance, or set of instances, of a rule should be considered permitted. +- _Deviation permit_ - an entry that provides authorization to apply a deviation to a project. +- _Guideline recategorization plan_ - an agreement on how the guidelines are applied. Whether a guideline may be violated, deviated from, or must always be applied. ##### Deviation records @@ -275,15 +283,16 @@ The rational for the default behavior is that GitHub Code Scanning does not supp **Note:** It is important to create a database with the property `report-deviated-alerts: true` set and analyzed with the alert suppression query `path/to/codeql-coding-standards/cpp/common/src/codingstandards/cpp/deviations/DeviationsSuppression.ql` when the **Guideline Compliance Summary Report** **must** include deviation statuses! The current implementation of the `coding-standards.yml` specification supports the `deviations` section with the following keys: + - `rule-id` - An identifier for the coding standards rule the deviation applies to. This matches the rule id format specified in the documentation (e.g., `A1-0-1`) -- `query-id` - An identifier for the query (as specified by the `@id` property of the query) that can be used to specify a deviation for *sub-category* of rule (as defined by a query). If the `query-id` is specified , the `rule-id` property should also be specified. +- `query-id` - An identifier for the query (as specified by the `@id` property of the query) that can be used to specify a deviation for _sub-category_ of rule (as defined by a query). If the `query-id` is specified , the `rule-id` property should also be specified. - `justification` - An short textual justification of the deviation. -- `scope` - An *optional* short textual description of when this deviation can be applied. This will be combined with any automatically deduced scope for the deviation. +- `scope` - An _optional_ short textual description of when this deviation can be applied. This will be combined with any automatically deduced scope for the deviation. - `background` - Any relevant background information. -- `requirements` - One or more *requirements* which must be satisfied to use this deviation. -- `paths` - An *optional* set of paths, relative to the deviations file, specify either a directory or file to which this deviation should be applied. -- `code-identifier` - An *optional* identifier which can be placed in the source code at locations where this deviation should be applied. -- `permit-id` - An *optional* identifier which links to a deviation permit, from which some of the properties can be inherited. +- `requirements` - One or more _requirements_ which must be satisfied to use this deviation. +- `paths` - An _optional_ set of paths, relative to the deviations file, specify either a directory or file to which this deviation should be applied. +- `code-identifier` - An _optional_ identifier which can be placed in the source code at locations where this deviation should be applied. +- `permit-id` - An _optional_ identifier which links to a deviation permit, from which some of the properties can be inherited. - `raised-by` - A compact mapping, if specified requires the specification of `approved-by`, that includes: - `name` - The name, handle or other identifier of the user who raised the request - `date` - The date on which they raised the request. @@ -309,6 +318,7 @@ deviations: ``` The example describes three ways of scoping a deviation: + 1. The deviation for `A18-1-1` applies to any source file in the same or a child directory of the directory containing the example `coding-standards.yml`. 2. The deviation for `A18-5-1` applies to any source file in the directory `foo/bar` or a child directory of `foo/bar` relative to the directory containing the `coding-standards.yml`. 3. The deviation for `A0-4-2` applies to any source element that has a comment residing on **the same line** containing the identifier specified in `code-identifier`. @@ -325,10 +335,9 @@ The `process_coding_standards_config.py` has a dependency on the package `pyyaml `pip install -r path/to/codeql-coding-standards/scripts/configuration/requirements.txt` - ##### Deviation permit -The current implementation supports _deviation permits_ as described in the [MISRA Compliance:2020](https://www.misra.org.uk/app/uploads/2021/06/MISRA-Compliance-2020.pdf) section *4.3 Deviation permits*. +The current implementation supports _deviation permits_ as described in the [MISRA Compliance:2020](https://www.misra.org.uk/app/uploads/2021/06/MISRA-Compliance-2020.pdf) section _4.3 Deviation permits_. Deviation permits are a mechanism to simplify the documentation of many deviations by allowing _deviation records_ to inherit properties from a _deviation permit_. A _deviation record_ can inherit the following properties that are documented in the section on _Deviation records_: @@ -388,7 +397,7 @@ An example of importing _deviation permits_ is through a [Git Submodule](https:/ ##### Guideline recategorization plan -The current implementation supports a _guideline recategorization plan_ as described in the [MISRA Compliance:2020](https://www.misra.org.uk/app/uploads/2021/06/MISRA-Compliance-2020.pdf) section *5 The guideline re-categorization plan*. +The current implementation supports a _guideline recategorization plan_ as described in the [MISRA Compliance:2020](https://www.misra.org.uk/app/uploads/2021/06/MISRA-Compliance-2020.pdf) section _5 The guideline re-categorization plan_. A recategorization plan provides a mechanism to adjust the policy associated with a guideline that determines whether it may be violated or not and if it may be violated whether a deviation is required. Each guideline recategorization **must** be specified in the `guideline-recategorizations` section of a `coding-standards.yml` file that **must** be anywhere in the source repository. @@ -438,8 +447,8 @@ The schema files **must** be available in the same directory as the `recategoriz The only use cases that will be certified under ISO 26262 are those listed above. CodeQL Coding Standards is also compatible with, but not certified for, the following use cases: - - Creating databases and running the CodeQL Coding Standards queries with the [CodeQL Action](https://github.com/github/codeql-action) (for GitHub Actions CI/CD system). - - Uploading the SARIF results files for a CodeQL Coding Standards analysis to the GitHub [Code Scanning](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning) feature. +- Creating databases and running the CodeQL Coding Standards queries with the [CodeQL Action](https://github.com/github/codeql-action) (for GitHub Actions CI/CD system). +- Uploading the SARIF results files for a CodeQL Coding Standards analysis to the GitHub [Code Scanning](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning) feature. ### Hazard and risk analysis @@ -472,7 +481,7 @@ This section describes known failure modes for "CodeQL Coding Standards" and des | | Incorrect deviation permit specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation permits with a reason. Ensure that all deviation permits are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Unapproved use of a deviation record | Less output. Results for guideline violations are not reported. | Validate that the deviation record use is approved by verifying the approved-by attribute of the deviation record specification. | Ensure that each raised deviation record is approved by an independent approver through an auditable process. | | | Incorrect database. The information extracted by the CodeQL extractor deviates from what the compiler extracts resulting in an incorrect model of the source-code. | More or less output. Incorrect extraction can result in false positives or false negatives. | Combinations of supported compilers and CodeQL CLIs are tested against a [provided](https://github.com/github/codeql/tree/main/cpp/ql/test/library-tests) suite of test cases and a coding standards specific test suite to determine if the extracted information deviates from the expected information. | Report incorrect database issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | + ## Reporting bugs A bug tracker is provided on the [`github/codeql-coding-standards`](https://github.com/github/codeql-coding-standards) repository [issues page](https://github.com/github/codeql-coding-standards/issues). New issues can be filed on the [New Issues](https://github.com/github/codeql-coding-standards/issues/new/choose) page. - From 0708b27082624c808a9a3691bfc7cf68e786933d Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 23 Feb 2024 16:11:11 -0800 Subject: [PATCH 1678/2573] Clarify the required use of Python 3.9 --- docs/development_handbook.md | 10 ++++++---- docs/user_manual.md | 12 +++++++----- 2 files changed, 13 insertions(+), 9 deletions(-) diff --git a/docs/development_handbook.md b/docs/development_handbook.md index 2168e1fc56..01bf261e2b 100644 --- a/docs/development_handbook.md +++ b/docs/development_handbook.md @@ -38,6 +38,7 @@ | 0.29.0 | 2023-10-11 | Remco Vermeulen | Update release process. | | 0.29.1 | 2023-10-11 | Remco Vermeulen | Address Markdown linter problems. | | 0.30.0 | 2023-11-14 | Remco Vermeulen | Clarify release steps in case of a hotfix release. | +| 0.31.0 | 2024-02-23 | Remco Vermeulen | Clarify the required use of Python version 3.9 | ## Scope of work @@ -163,6 +164,7 @@ These files will be ready for query implementation. #### Step 0: Prepare the Python environment +The tooling standardizes on Python 3.9 and requires the use of version 3.9 to run all tooling. The `scripts` directory contains the pip package specification file `requirements.txt` that contains the dependencies our generation scripts rely upon. The dependencies can be installed as follows: @@ -171,12 +173,12 @@ The dependencies can be installed as follows: pip3.9 install -r scripts/requirements.txt ``` -It is advisable to use a Python virtual environment which needs to be created and activated before installing the dependencies. This can be done as follows: +It is advisable to use a Python 3.9 virtual environment which needs to be created and activated before installing the dependencies. This can be done as follows: ```bash python3.9 -mvenv scripts/.venv . scripts/.venv/bin/activate -pip install -r scripts/requirements.txt +pip3.9 install -r scripts/requirements.txt ``` #### Step 1: Generate rule package description file @@ -265,7 +267,7 @@ The `generate_package_description.py` script provides a "best-effort" approach t - `performance` - if the query identifies an issue which has a negative impact on the performance of the code. - `concurrency` - if the query identifies a concurrency issue. - Validate the rule package description file using the `validate-rule-package.py` script that validates the rule package descriptions against the schema `rule-package.schema.json` located in the `schemas` directory. - - `python3 scripts/validate-rule-package.py ` + - `python3.9 scripts/validate-rule-package.py ` #### Step 3 @@ -350,7 +352,7 @@ All public predicates, classes, modules and files should be documented with QLDo ### Installing QL dependencies -All of our query and library packs depend on the standard CodeQL library for C++, `codeql/cpp-all`. This dependency is specified in the `qlpack.yml` file for each of our packs. Before compiling, running, or testing any of our queries or libraries, you must download the proper dependencies by running `python3 scripts/install-packs.py`. This will download the appropriate version of the standard library from the public package registry, installing it in a cache in your `~/.codeql` directory. When compiling queries or running tests, the QL compiler will pick up the appropriate dependencies from this cache without any need to specify an additional library search path on the command line. +All of our query and library packs depend on the standard CodeQL library for C++, `codeql/cpp-all`. This dependency is specified in the `qlpack.yml` file for each of our packs. Before compiling, running, or testing any of our queries or libraries, you must download the proper dependencies by running `python3.9 scripts/install-packs.py`. This will download the appropriate version of the standard library from the public package registry, installing it in a cache in your `~/.codeql` directory. When compiling queries or running tests, the QL compiler will pick up the appropriate dependencies from this cache without any need to specify an additional library search path on the command line. Because the downloaded packs are cached, it is only necessary to run `install-packs.py` once each time we upgrade to a new standard library version. It does not hurt to run it more often; if all necessary packs are already in the download cache, then it will complete quickly without trying to download anything. diff --git a/docs/user_manual.md b/docs/user_manual.md index adc6cfc938..19a7b761c7 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -22,7 +22,8 @@ | 0.14.0 | 2022-11-03 | Remco Vermeulen | Add guideline recategorization plan. | | 0.15.0 | 2023-05-24 | Mauro Baluda | Clarify AUTOSAR C++ supported versions. | | 0.16.0 | 2023-07-03 | Luke Cartey | Remove reference to LGTM, update the name of the query pack | -| 0.17.0 | 2023-08-16 | Luke Cartey | Update list of supported compiler configurations. | +| 0.17.0 | 2023-08-16 | Luke Cartey | Update list of supported compiler configurations. | +| 0.18.0 | 2024-02-23 | Remco Vermeulen | Clarify the required use of Python version 3.9 | ## Release information @@ -220,8 +221,8 @@ In addition to producing a results file, an analysis report can be produced that To run this script, the CodeQL CLI part of a supported CodeQL Bundle and Python interpreter version 3.9 must be available on the system path. -``` -python3 scripts/reports/analysis_report.py path/to/ .sarif +```bash +python3.9 scripts/reports/analysis_report.py path/to/ .sarif ``` This will produce a directory (``) containing the following report files in markdown format: @@ -325,6 +326,7 @@ The example describes three ways of scoping a deviation: The activation of the deviation mechanism requires an extra step in the database creation process. This extra step is the invocation of the Python script `path/to/codeql-coding-standards/scripts/configuration/process_coding_standards_config.py` that is part of the coding standards code scanning pack. +To run this script, a Python interpreter version 3.9 must be available on the system path. The script should be invoked as follows: ```bash @@ -333,7 +335,7 @@ codeql database create --language cpp --command 'python3 path/to/codeql-coding-s The `process_coding_standards_config.py` has a dependency on the package `pyyaml` that can be installed using the provided PIP package manifest by running the following command: -`pip install -r path/to/codeql-coding-standards/scripts/configuration/requirements.txt` +`pip3 install -r path/to/codeql-coding-standards/scripts/configuration/requirements.txt` ##### Deviation permit @@ -424,7 +426,7 @@ add the tag `external//original-obligation/ +python3.9 path/to/codeql-coding-standards/scripts/guideline_recategorization/recategorize.py coding_standards_config_file ``` The `recategorize.py` scripts has a dependencies on the following Python packages that can be installed with the command `pip install -r path/to/codeql-coding-standards/scripts/guideline_recategorization/requirements.txt`: From 506cd686fcfb559878985c7d9702ec8aea46d8ec Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 23 Feb 2024 16:11:51 -0800 Subject: [PATCH 1679/2573] Correct table formatting --- docs/development_handbook.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/development_handbook.md b/docs/development_handbook.md index 01bf261e2b..9629c89b95 100644 --- a/docs/development_handbook.md +++ b/docs/development_handbook.md @@ -46,7 +46,7 @@ A *coding standard* is a set of rules or guidelines which restrict or prohibit t | Standard | Version | Total rules | Total supportable rules | Status | Notes | | -------------------------------------------------------------------------------------------------------------------- | ------- | ----------- | ----------------------- | -------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | -| [AUTOSAR C++](https://www.autosar.org/fileadmin/standards/R22-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf) | R22-11, R21-11, R20-11, R19-11, R19-03 | 397 | 375 | Implemented | +| [AUTOSAR C++](https://www.autosar.org/fileadmin/standards/R22-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf) | R22-11, R21-11, R20-11, R19-11, R19-03 | 397 | 375 | Implemented | | | [CERT-C++](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-cpp-coding-standard-2016-v01.pdf) | 2016 | 83 | 83 | Implemented | AUTOSAR includes a sub-set of rules take from MISRA C++ 2008, which can be purchased for a small fee from [the MISRA website](https://misra.org.uk/shop). | | [CERT-C](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-c-coding-standard-2016-v01.pdf) | 2016 | 120 | 99 | In development | The implementation excludes rules not part of 2016, but that are added to the [CERT-C wiki](https://wiki.sei.cmu.edu/confluence/display/c/) | | [MISRA C](https://www.misra.org.uk/product/misra-c2012-third-edition-first-revision/ ) | 2012 | 172 | 172 | In development | This includes the [MISRA C:2012 Amendment 2](https://www.misra.org.uk/app/uploads/2021/06/MISRA-C-2012-AMD2.pdf) | From c529985250eae2e39328089a255f6c464b2628d6 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 23 Feb 2024 16:33:21 -0800 Subject: [PATCH 1680/2573] Add permitted re-categorizations --- docs/user_manual.md | 31 ++++++++++++++++++++++--------- 1 file changed, 22 insertions(+), 9 deletions(-) diff --git a/docs/user_manual.md b/docs/user_manual.md index 19a7b761c7..df00ae2e2b 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -23,7 +23,8 @@ | 0.15.0 | 2023-05-24 | Mauro Baluda | Clarify AUTOSAR C++ supported versions. | | 0.16.0 | 2023-07-03 | Luke Cartey | Remove reference to LGTM, update the name of the query pack | | 0.17.0 | 2023-08-16 | Luke Cartey | Update list of supported compiler configurations. | -| 0.18.0 | 2024-02-23 | Remco Vermeulen | Clarify the required use of Python version 3.9 | +| 0.18.0 | 2024-02-23 | Remco Vermeulen | Clarify the required use of Python version 3.9. | +| 0.19.0 | 2024-02-23 | Remco Vermeulen | Add table describing the permitted guideline re-categorizations. | ## Release information @@ -269,7 +270,7 @@ The CodeQL Coding Standards supports the following features from the [MISRA Comp - _Deviation records_ - an entry that states a particular instance, or set of instances, of a rule should be considered permitted. - _Deviation permit_ - an entry that provides authorization to apply a deviation to a project. -- _Guideline recategorization plan_ - an agreement on how the guidelines are applied. Whether a guideline may be violated, deviated from, or must always be applied. +- _Guideline re-categorization plan_ - an agreement on how the guidelines are applied. Whether a guideline may be violated, deviated from, or must always be applied. ##### Deviation records @@ -397,16 +398,28 @@ Unlike _deviation records_ their location in the source directory does not impac This means that _deviation permits_ can be made available at build time by any means available. An example of importing _deviation permits_ is through a [Git Submodule](https://git-scm.com/book/en/v2/Git-Tools-Submodules) that contains a repository of allowed _deviation permits_. -##### Guideline recategorization plan +##### Guideline re-categorization plan -The current implementation supports a _guideline recategorization plan_ as described in the [MISRA Compliance:2020](https://www.misra.org.uk/app/uploads/2021/06/MISRA-Compliance-2020.pdf) section _5 The guideline re-categorization plan_. +The current implementation supports a _guideline re-categorization plan_ as described in the [MISRA Compliance:2020](https://www.misra.org.uk/app/uploads/2021/06/MISRA-Compliance-2020.pdf) section _5 The guideline re-categorization plan_. -A recategorization plan provides a mechanism to adjust the policy associated with a guideline that determines whether it may be violated or not and if it may be violated whether a deviation is required. -Each guideline recategorization **must** be specified in the `guideline-recategorizations` section of a `coding-standards.yml` file that **must** be anywhere in the source repository. +A re-categorization plan provides a mechanism to adjust the policy associated with a guideline that determines whether it may be violated or not and if it may be violated whether a deviation is required. -A guideline recategorization specification **must** specify a `rule-id`, an identifier for the coding standards rule the recategorization applies to, and a `category`, a category that can be any of `disapplied`, `advisory`, `required`, or `mandatory`. +The implementation follows the constraints on re-categorization as described in [MISRA Compliance:2020](https://www.misra.org.uk/app/uploads/2021/06/MISRA-Compliance-2020.pdf) section _5.1 Re-categorization_. -An example guideline recategorization section is: +The following tables described the re-categorizations are permitted. + +| Current Category | Revised Category | Revised Category | Revised Category | Revised Category | +| --- | --- | --- | --- | --- | +| | Mandatory | Required | Advisory | Disapplied | +| Mandatory | Permitted | | | | +| Required | Permitted | Permitted | | | +| Advisory | Permitted | Permitted | Permitted | Permitted | + +Each guideline re-categorization **must** be specified in the `guideline-recategorizations` section of a `coding-standards.yml` file that **must** be anywhere in the source repository. + +A guideline re-categorization specification **must** specify a `rule-id`, an identifier for the coding standards rule the re-categorization applies to, and a `category`, a category that can be any of `disapplied`, `advisory`, `required`, or `mandatory`. + +An example guideline re-categorization section is: ```yaml guideline-recategorizations: @@ -418,7 +431,7 @@ guideline-recategorizations: category: "mandatory" ``` -Application of the guideline recategorization plan to the analysis results requires an additional post-processing step. +Application of the guideline re-categorization plan to the analysis results requires an additional post-processing step. The post-processing step is implemented by the Python script `path/to/codeql-coding-standards/scripts/guideline_recategorization/recategorize.py`. The script will update the `external//obligation/` tag for each query implementing a recategorized guideline such that `` is equal to the new category and add the tag `external//original-obligation/` reflects the orignal category. From 361d3d1fd828834ed4f28d343b14feb6de411f42 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Sun, 25 Feb 2024 22:15:30 -0500 Subject: [PATCH 1681/2573] M5-14-1: exclusion unevaluated contexts --- change_notes/2024-02-26-exclusion-M5-14-1.md | 2 ++ ...fALogicalAndOperatorsContainSideEffects.ql | 29 +++++++++++++++++++ cpp/autosar/test/rules/M5-14-1/test.cpp | 10 +++++++ 3 files changed, 41 insertions(+) create mode 100644 change_notes/2024-02-26-exclusion-M5-14-1.md diff --git a/change_notes/2024-02-26-exclusion-M5-14-1.md b/change_notes/2024-02-26-exclusion-M5-14-1.md new file mode 100644 index 0000000000..e60ccd0319 --- /dev/null +++ b/change_notes/2024-02-26-exclusion-M5-14-1.md @@ -0,0 +1,2 @@ +- `M5-14-1` - `RightHandOperandOfALogicalAndOperatorsContainSideEffects.ql`: + - Fix FP reported in #375. Addresses incorrect detection of side effects in unevaluated contexts. \ No newline at end of file diff --git a/cpp/autosar/src/rules/M5-14-1/RightHandOperandOfALogicalAndOperatorsContainSideEffects.ql b/cpp/autosar/src/rules/M5-14-1/RightHandOperandOfALogicalAndOperatorsContainSideEffects.ql index 0819259a25..63c76d4bd5 100644 --- a/cpp/autosar/src/rules/M5-14-1/RightHandOperandOfALogicalAndOperatorsContainSideEffects.ql +++ b/cpp/autosar/src/rules/M5-14-1/RightHandOperandOfALogicalAndOperatorsContainSideEffects.ql @@ -19,10 +19,39 @@ import codingstandards.cpp.autosar import codingstandards.cpp.SideEffect import codingstandards.cpp.sideeffect.DefaultEffects +/** + * an operator that does not evaluate its operand + * `decltype` also has a non evaluated operand but cannot be used in a `BinaryLogicalOperation` + */ +class UnevaluatedOperand extends Expr { + Expr operator; + UnevaluatedOperand() { + exists(SizeofExprOperator op | op.getExprOperand() = this | + not this.getUnderlyingType().(ArrayType).hasArraySize() + and operator = op + ) + or + exists(NoExceptExpr e | e.getExpr() = this + and operator = e) + or + exists(TypeidOperator t | t.getExpr() = this + and operator = t) + or + exists(FunctionCall declval | declval.getTarget().hasQualifiedName("std", "declval") + and declval.getAChild() = this + and operator = declval) + } + + Expr getOp(){ + result = operator + } +} + from BinaryLogicalOperation op, Expr rhs where not isExcluded(op, SideEffects1Package::rightHandOperandOfALogicalAndOperatorsContainSideEffectsQuery()) and rhs = op.getRightOperand() and hasSideEffect(rhs) + and not exists(UnevaluatedOperand un | un.getOp() = rhs) select op, "The $@ may have a side effect that is not always evaluated.", rhs, "right-hand operand" diff --git a/cpp/autosar/test/rules/M5-14-1/test.cpp b/cpp/autosar/test/rules/M5-14-1/test.cpp index 2833b4fd44..a5eac80ab9 100644 --- a/cpp/autosar/test/rules/M5-14-1/test.cpp +++ b/cpp/autosar/test/rules/M5-14-1/test.cpp @@ -23,4 +23,14 @@ void f3(bool b) { if (b || f2()) { // COMPLIANT, f2 has local side-effects } +} + +int g1 = 0; +int f4() { return g1++; } +int f5() { return 1; } + +void f6() { + if (noexcept(f5()) &&noexcept( + f4())) { // COMPLIANT - noexcept operands not evaluated + } } \ No newline at end of file From 38b29ca4088c8a00f48e290289d851b7e42015c8 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Sun, 25 Feb 2024 22:28:03 -0500 Subject: [PATCH 1682/2573] M5-14-1: format query --- ...fALogicalAndOperatorsContainSideEffects.ql | 37 +++++++++++-------- 1 file changed, 21 insertions(+), 16 deletions(-) diff --git a/cpp/autosar/src/rules/M5-14-1/RightHandOperandOfALogicalAndOperatorsContainSideEffects.ql b/cpp/autosar/src/rules/M5-14-1/RightHandOperandOfALogicalAndOperatorsContainSideEffects.ql index 63c76d4bd5..9540f1fa37 100644 --- a/cpp/autosar/src/rules/M5-14-1/RightHandOperandOfALogicalAndOperatorsContainSideEffects.ql +++ b/cpp/autosar/src/rules/M5-14-1/RightHandOperandOfALogicalAndOperatorsContainSideEffects.ql @@ -25,26 +25,31 @@ import codingstandards.cpp.sideeffect.DefaultEffects */ class UnevaluatedOperand extends Expr { Expr operator; + UnevaluatedOperand() { exists(SizeofExprOperator op | op.getExprOperand() = this | - not this.getUnderlyingType().(ArrayType).hasArraySize() - and operator = op + not this.getUnderlyingType().(ArrayType).hasArraySize() and + operator = op + ) + or + exists(NoExceptExpr e | + e.getExpr() = this and + operator = e ) or - exists(NoExceptExpr e | e.getExpr() = this - and operator = e) - or - exists(TypeidOperator t | t.getExpr() = this - and operator = t) - or - exists(FunctionCall declval | declval.getTarget().hasQualifiedName("std", "declval") - and declval.getAChild() = this - and operator = declval) + exists(TypeidOperator t | + t.getExpr() = this and + operator = t + ) + or + exists(FunctionCall declval | + declval.getTarget().hasQualifiedName("std", "declval") and + declval.getAChild() = this and + operator = declval + ) } - Expr getOp(){ - result = operator - } + Expr getOp() { result = operator } } from BinaryLogicalOperation op, Expr rhs @@ -52,6 +57,6 @@ where not isExcluded(op, SideEffects1Package::rightHandOperandOfALogicalAndOperatorsContainSideEffectsQuery()) and rhs = op.getRightOperand() and - hasSideEffect(rhs) - and not exists(UnevaluatedOperand un | un.getOp() = rhs) + hasSideEffect(rhs) and + not exists(UnevaluatedOperand un | un.getOp() = rhs) select op, "The $@ may have a side effect that is not always evaluated.", rhs, "right-hand operand" From ba85afc6f75c318d8832dcb5947354e1d08046a9 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Mon, 26 Feb 2024 08:56:56 -0500 Subject: [PATCH 1683/2573] Update change_notes/2024-02-12-improve-a18-0-1.md Co-authored-by: Remco Vermeulen --- change_notes/2024-02-12-improve-a18-0-1.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/change_notes/2024-02-12-improve-a18-0-1.md b/change_notes/2024-02-12-improve-a18-0-1.md index 5ad807faba..a4a9613a45 100644 --- a/change_notes/2024-02-12-improve-a18-0-1.md +++ b/change_notes/2024-02-12-improve-a18-0-1.md @@ -1,2 +1,2 @@ - `A18-0-1` - `CLibraryFacilitiesNotAccessedThroughCPPLibraryHeaders.ql`: - - Fix issue #7 - improve query logic to only match on exact standard library names (exclude local files with same names. Now excludes sys/header.h type headers as well from the results as those are not C standard libraries). \ No newline at end of file + - Fix issue #7 - improve query logic to only match on exact standard library names (e.g., now excludes sys/header.h type headers from the results as those are not C standard libraries). \ No newline at end of file From 6554db0590bdba6b9158a36da17f5cde38498122 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 27 Feb 2024 00:02:03 +0000 Subject: [PATCH 1684/2573] Refactor to extractor PreprocessorIfOrElif. --- .../ControllingExpressionIfDirective.ql | 17 ++++++----------- ...cessorOperatorGeneratedFromExpansionFound.ql | 11 +---------- ...ocessorOperatorInOneOfTheTwoStandardForms.ql | 7 ++----- .../cpp/PreprocessorDirective.qll | 10 ++++++++++ .../UndefinedMacroIdentifiers.qll | 14 ++++---------- 5 files changed, 23 insertions(+), 36 deletions(-) diff --git a/c/misra/src/rules/RULE-20-8/ControllingExpressionIfDirective.ql b/c/misra/src/rules/RULE-20-8/ControllingExpressionIfDirective.ql index 72495b5d5b..cd55e03ee0 100644 --- a/c/misra/src/rules/RULE-20-8/ControllingExpressionIfDirective.ql +++ b/c/misra/src/rules/RULE-20-8/ControllingExpressionIfDirective.ql @@ -14,24 +14,19 @@ import cpp import codingstandards.c.misra +import codingstandards.cpp.PreprocessorDirective /* A controlling expression is evaluated if it is not excluded (guarded by another controlling expression that is not taken). This translates to it either being taken or not taken. */ predicate isEvaluated(PreprocessorBranch b) { b.wasTaken() or b.wasNotTaken() } -class IfOrElifPreprocessorBranch extends PreprocessorBranch { - IfOrElifPreprocessorBranch() { - this instanceof PreprocessorIf or this instanceof PreprocessorElif - } -} - /** * Looks like it contains a single macro, which may be undefined */ -class SimpleMacroPreprocessorBranch extends IfOrElifPreprocessorBranch { +class SimpleMacroPreprocessorBranch extends PreprocessorIfOrElif { SimpleMacroPreprocessorBranch() { this.getHead().regexpMatch("[a-zA-Z_][a-zA-Z0-9_]+") } } -class SimpleNumericPreprocessorBranch extends IfOrElifPreprocessorBranch { +class SimpleNumericPreprocessorBranch extends PreprocessorIfOrElif { SimpleNumericPreprocessorBranch() { this.getHead().regexpMatch("[0-9]+") } } @@ -39,7 +34,7 @@ class ZeroOrOnePreprocessorBranch extends SimpleNumericPreprocessorBranch { ZeroOrOnePreprocessorBranch() { this.getHead().regexpMatch("[0|1]") } } -predicate containsOnlySafeOperators(IfOrElifPreprocessorBranch b) { +predicate containsOnlySafeOperators(PreprocessorIfOrElif b) { containsOnlyDefinedOperator(b) or //logic: comparison operators eval last, so they make it safe? @@ -47,7 +42,7 @@ predicate containsOnlySafeOperators(IfOrElifPreprocessorBranch b) { } //all defined operators is definitely safe -predicate containsOnlyDefinedOperator(IfOrElifPreprocessorBranch b) { +predicate containsOnlyDefinedOperator(PreprocessorIfOrElif b) { forall(string portion | portion = b.getHead() @@ -65,7 +60,7 @@ class BinaryValuedMacro extends Macro { BinaryValuedMacro() { this.getBody().regexpMatch("\\(?(0|1)\\)?") } } -from IfOrElifPreprocessorBranch b, string msg +from PreprocessorIfOrElif b, string msg where not isExcluded(b, Preprocessor3Package::controllingExpressionIfDirectiveQuery()) and isEvaluated(b) and diff --git a/cpp/autosar/src/rules/M16-1-1/DefinedPreProcessorOperatorGeneratedFromExpansionFound.ql b/cpp/autosar/src/rules/M16-1-1/DefinedPreProcessorOperatorGeneratedFromExpansionFound.ql index bc3847c98b..761ef27ebb 100644 --- a/cpp/autosar/src/rules/M16-1-1/DefinedPreProcessorOperatorGeneratedFromExpansionFound.ql +++ b/cpp/autosar/src/rules/M16-1-1/DefinedPreProcessorOperatorGeneratedFromExpansionFound.ql @@ -14,18 +14,9 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.PreprocessorDirective import DefinedMacro -/** - * An `if` or `elif` preprocessor branch. - */ -class PreprocessorIfOrElif extends PreprocessorBranch { - PreprocessorIfOrElif() { - this instanceof PreprocessorIf or - this instanceof PreprocessorElif - } -} - from PreprocessorIfOrElif e, MacroUsesDefined m where not isExcluded(e, MacrosPackage::definedPreProcessorOperatorInOneOfTheTwoStandardFormsQuery()) and diff --git a/cpp/autosar/src/rules/M16-1-1/DefinedPreProcessorOperatorInOneOfTheTwoStandardForms.ql b/cpp/autosar/src/rules/M16-1-1/DefinedPreProcessorOperatorInOneOfTheTwoStandardForms.ql index f5dcb2f5dc..2a53875067 100644 --- a/cpp/autosar/src/rules/M16-1-1/DefinedPreProcessorOperatorInOneOfTheTwoStandardForms.ql +++ b/cpp/autosar/src/rules/M16-1-1/DefinedPreProcessorOperatorInOneOfTheTwoStandardForms.ql @@ -15,6 +15,7 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.PreprocessorDirective //get what comes after each 'defined' used with or without parenth string matchesDefinedOperator(PreprocessorBranch e) { @@ -34,12 +35,8 @@ string matchesDefinedOperator(PreprocessorBranch e) { ) } -from PreprocessorBranch e, string arg +from PreprocessorIfOrElif e, string arg where - ( - e instanceof PreprocessorIf or - e instanceof PreprocessorElif - ) and arg = matchesDefinedOperator(e) and not arg.regexpMatch("^\\w*$") and not isExcluded(e, MacrosPackage::definedPreProcessorOperatorInOneOfTheTwoStandardFormsQuery()) diff --git a/cpp/common/src/codingstandards/cpp/PreprocessorDirective.qll b/cpp/common/src/codingstandards/cpp/PreprocessorDirective.qll index 4194ad65e3..fe619e5317 100644 --- a/cpp/common/src/codingstandards/cpp/PreprocessorDirective.qll +++ b/cpp/common/src/codingstandards/cpp/PreprocessorDirective.qll @@ -30,3 +30,13 @@ PreprocessorDirective isLocatedInAMacroInvocation(MacroInvocation m) { result = p ) } + +/** + * An `if` or `elif` preprocessor branch. + */ +class PreprocessorIfOrElif extends PreprocessorBranch { + PreprocessorIfOrElif() { + this instanceof PreprocessorIf or + this instanceof PreprocessorElif + } +} diff --git a/cpp/common/src/codingstandards/cpp/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.qll b/cpp/common/src/codingstandards/cpp/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.qll index a7e52406a8..d5cafe7416 100644 --- a/cpp/common/src/codingstandards/cpp/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.qll +++ b/cpp/common/src/codingstandards/cpp/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.qll @@ -1,5 +1,6 @@ import cpp import codingstandards.cpp.Exclusions +import codingstandards.cpp.PreprocessorDirective abstract class UndefinedMacroIdentifiersSharedQuery extends Query { } @@ -76,17 +77,10 @@ string getAnIfDefdMacroIdentifier(PreprocessorBranch pb) { ) } -class IfAndElifs extends PreprocessorBranch { - IfAndElifs() { - this instanceof PreprocessorIf or - this instanceof PreprocessorElif - } -} - -class BadIfAndElifs extends IfAndElifs { +class UndefinedIdIfOrElif extends PreprocessorIfOrElif { string undefinedMacroIdentifier; - BadIfAndElifs() { + UndefinedIdIfOrElif() { exists(string defRM | defRM = this.getHead() @@ -113,7 +107,7 @@ class BadIfAndElifs extends IfAndElifs { string getAnUndefinedMacroIdentifier() { result = undefinedMacroIdentifier } } -query predicate problems(BadIfAndElifs b, string message) { +query predicate problems(UndefinedIdIfOrElif b, string message) { not isExcluded(b, getQuery()) and message = "#if/#elif that uses a macro identifier " + b.getAnUndefinedMacroIdentifier() + From 919e7aadb48e568293efc30e26122a65f77cbd7d Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Tue, 27 Feb 2024 00:03:22 +0000 Subject: [PATCH 1685/2573] Update change_notes/2023-12-06-m16-1-1-perf.md Co-authored-by: Kristen Newbury --- change_notes/2023-12-06-m16-1-1-perf.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/change_notes/2023-12-06-m16-1-1-perf.md b/change_notes/2023-12-06-m16-1-1-perf.md index c8d8eab614..9603f84e4f 100644 --- a/change_notes/2023-12-06-m16-1-1-perf.md +++ b/change_notes/2023-12-06-m16-1-1-perf.md @@ -1,4 +1,4 @@ - * `M16-1-1` + - `M16-1-1` - `DefinedPreProcessorOperatorGeneratedFromExpansionFound.ql`: - Optimize query to improve performance - Improve detection of macros whose body contains the `defined` operator after the start of the macro (e.g. `#define X Y || defined(Z)`). - Enable exclusions to be applied for this rule. \ No newline at end of file From 426e886e9eb92630bcf2f3ead829fccf90c21369 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Tue, 27 Feb 2024 00:05:50 +0000 Subject: [PATCH 1686/2573] Apply suggestions from code review Co-authored-by: Remco Vermeulen --- change_notes/2023-12-06-m16-1-1-perf.md | 2 +- change_notes/2023-12-07-fix-deviations.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/change_notes/2023-12-06-m16-1-1-perf.md b/change_notes/2023-12-06-m16-1-1-perf.md index c8d8eab614..16fa3d5ef8 100644 --- a/change_notes/2023-12-06-m16-1-1-perf.md +++ b/change_notes/2023-12-06-m16-1-1-perf.md @@ -1,4 +1,4 @@ - * `M16-1-1` + - `M16-1-1`: - Optimize query to improve performance - Improve detection of macros whose body contains the `defined` operator after the start of the macro (e.g. `#define X Y || defined(Z)`). - Enable exclusions to be applied for this rule. \ No newline at end of file diff --git a/change_notes/2023-12-07-fix-deviations.md b/change_notes/2023-12-07-fix-deviations.md index e26845d34c..a0f1b1fcfb 100644 --- a/change_notes/2023-12-07-fix-deviations.md +++ b/change_notes/2023-12-07-fix-deviations.md @@ -1,2 +1,2 @@ - * The following queries have been updated to address issues with applying deviations: + - The following queries have been updated to address issues with applying deviations: - `A18-5-11`, `A23-0-1`, `A9-3-1`, `M0-1-2`, `M3-1-2`, `M3-2-1`, `M3-2-3`, `M3-9-1`, `M4-5-3`, `M5-0-2`, `M5-2-10`, `A23-0-2`, `CTR51-CPP`, `STR52-CPP` \ No newline at end of file From ad26759fae9faed5d34a7fbeee636855b98111d7 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 27 Feb 2024 10:50:55 -0800 Subject: [PATCH 1687/2573] Add queries impacted by broadened definitions of `IStream` type. The new definition identifies new types that are subclasses of `IStream` which allows for more accurate finding of file stream operations and logging operations. --- change_notes/2024-01-30-fix-fp-for-a8-4-8.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/change_notes/2024-01-30-fix-fp-for-a8-4-8.md b/change_notes/2024-01-30-fix-fp-for-a8-4-8.md index 3a9bcc5968..a71f810b24 100644 --- a/change_notes/2024-01-30-fix-fp-for-a8-4-8.md +++ b/change_notes/2024-01-30-fix-fp-for-a8-4-8.md @@ -1,3 +1,7 @@ - `A8-4-8` - `OutParametersUsed.ql` - Fixes #370 - Non-member user-defined assignment operator and stream insertion/extraction parameters that are required to be out parameters are excluded. - Broadens the definition of out parameter by considering assignment and crement operators as modifications to an out parameter candidate. +- `FIO51-CPP` - `CloseFilesWhenTheyAreNoLongerNeeded.ql`: + - Broadened definition of `IStream` and `OStream` types may result in reduced false negatives. +- `A5-1-1` - `LiteralValueUsedOutsideTypeInit.ql`: + - Broadened definition of `IStream` types may result in reduced false positives because more file stream function calls may be detected as logging operations that will be excluded from the results. From 5d3c27b32c7634eacaa7614b3ce63c858e2d46a1 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 27 Feb 2024 15:17:29 -0500 Subject: [PATCH 1688/2573] A2-10-1: add functions and types to identifier consideration --- change_notes/2024-02-27-identifier-hidden.md | 2 + cpp/common/src/codingstandards/cpp/Scope.qll | 78 ++++++++++--------- .../identifierhidden/IdentifierHidden.qll | 4 +- .../IdentifierHidden.expected | 24 +++--- .../test/rules/identifierhidden/test.cpp | 9 +++ 5 files changed, 68 insertions(+), 49 deletions(-) create mode 100644 change_notes/2024-02-27-identifier-hidden.md diff --git a/change_notes/2024-02-27-identifier-hidden.md b/change_notes/2024-02-27-identifier-hidden.md new file mode 100644 index 0000000000..a2cffb9d29 --- /dev/null +++ b/change_notes/2024-02-27-identifier-hidden.md @@ -0,0 +1,2 @@ +- `A2-10-1`, `RULE-5-3` - `IdentifierHiding.ql`, `IdentifierHidingC.ql`: + - Address FN reported in #118. Rule was missing detection of functions and types. \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/Scope.qll b/cpp/common/src/codingstandards/cpp/Scope.qll index 4dd727b8d8..7659cdb4ff 100644 --- a/cpp/common/src/codingstandards/cpp/Scope.qll +++ b/cpp/common/src/codingstandards/cpp/Scope.qll @@ -57,9 +57,15 @@ private Element getParentScope(Element e) { /** A variable which is defined by the user, rather than being from a third party or compiler generated. */ class UserVariable extends Variable { - UserVariable() { + UserVariable() { this instanceof UserDeclaration } +} + +/** A construct which is defined by the user, rather than being from a third party or compiler generated. */ +class UserDeclaration extends Declaration { + UserDeclaration() { exists(getFile().getRelativePath()) and - not isCompilerGenerated() and + not this.(Variable).isCompilerGenerated() and + not this.(Function).isCompilerGenerated() and not this.(Parameter).getFunction().isCompilerGenerated() and // compiler inferred parameters have name of p#0 not this.(Parameter).getName() = "p#0" @@ -78,7 +84,7 @@ class Scope extends Element { Scope getStrictParent() { result = getParentScope(this) } - Declaration getADeclaration() { getParentScope(result) = this } + UserDeclaration getADeclaration() { getParentScope(result) = this } Expr getAnExpr() { this = getParentScope(result) } @@ -122,30 +128,30 @@ class GeneratedBlockStmt extends BlockStmt { GeneratedBlockStmt() { this.getLocation() instanceof UnknownLocation } } -/** Gets a variable that is in the potential scope of variable `v`. */ -private UserVariable getPotentialScopeOfVariable_candidate(UserVariable v) { +/** Gets a Declaration that is in the potential scope of Declaration `v`. */ +private UserDeclaration getPotentialScopeOfDeclaration_candidate(UserDeclaration v) { exists(Scope s | - result = s.getAVariable() and + result = s.getADeclaration() and ( - // Variable in an ancestor scope, but only if there are less than 100 variables in this scope - v = s.getAnAncestor().getAVariable() and + // Declaration in an ancestor scope, but only if there are less than 100 variables in this scope + v = s.getAnAncestor().getADeclaration() and s.getNumberOfVariables() < 100 or - // In the same scope, but not the same variable, and choose just one to report - v = s.getAVariable() and + // In the same scope, but not the same Declaration, and choose just one to report + v = s.getADeclaration() and not result = v and v.getName() <= result.getName() ) ) } -/** Gets a variable that is in the potential scope of variable `v`. */ -private UserVariable getOuterScopesOfVariable_candidate(UserVariable v) { +/** Gets a Declarationthat is in the potential scope of Declaration `v`. */ +private UserDeclaration getOuterScopesOfDeclaration_candidate(UserDeclaration v) { exists(Scope s | - result = s.getAVariable() and + result = s.getADeclaration() and ( - // Variable in an ancestor scope, but only if there are less than 100 variables in this scope - v = s.getAnAncestor().getAVariable() and + // Declaration in an ancestor scope, but only if there are less than 100 variables in this scope + v = s.getAnAncestor().getADeclaration() and s.getNumberOfVariables() < 100 ) ) @@ -161,20 +167,20 @@ predicate inSameTranslationUnit(File f1, File f2) { } /** - * Gets a user variable which occurs in the "potential scope" of variable `v`. + * Gets a user Declaration which occurs in the "outer scope" of Declaration `v`. */ cached -UserVariable getPotentialScopeOfVariable(UserVariable v) { - result = getPotentialScopeOfVariable_candidate(v) and +UserDeclaration getPotentialScopeOfDeclarationStrict(UserDeclaration v) { + result = getOuterScopesOfDeclaration_candidate(v) and inSameTranslationUnit(v.getFile(), result.getFile()) } /** - * Gets a user variable which occurs in the "outer scope" of variable `v`. + * Gets a user variable which occurs in the "potential scope" of variable `v`. */ cached -UserVariable getPotentialScopeOfVariableStrict(UserVariable v) { - result = getOuterScopesOfVariable_candidate(v) and +UserDeclaration getPotentialScopeOfDeclaration(UserDeclaration v) { + result = getPotentialScopeOfDeclaration_candidate(v) and inSameTranslationUnit(v.getFile(), result.getFile()) } @@ -204,18 +210,9 @@ class TranslationUnit extends SourceFile { } /** Holds if `v2` may hide `v1`. */ -private predicate hides_candidate(UserVariable v1, UserVariable v2) { - not v1 = v2 and - v2 = getPotentialScopeOfVariable(v1) and - v1.getName() = v2.getName() and - // Member variables cannot hide other variables nor be hidden because the can be referenced through their qualified name. - not (v1.isMember() or v2.isMember()) -} - -/** Holds if `v2` may hide `v1`. */ -private predicate hides_candidateStrict(UserVariable v1, UserVariable v2) { +private predicate hides_candidateStrict(UserDeclaration v1, UserDeclaration v2) { not v1 = v2 and - v2 = getPotentialScopeOfVariableStrict(v1) and + v2 = getPotentialScopeOfDeclarationStrict(v1) and v1.getName() = v2.getName() and // Member variables cannot hide other variables nor be hidden because the can be referenced through their qualified name. not (v1.isMember() or v2.isMember()) and @@ -239,6 +236,15 @@ private predicate hides_candidateStrict(UserVariable v1, UserVariable v2) { ) } +/** Holds if `v2` may hide `v1`. */ +private predicate hides_candidate(UserDeclaration v1, UserDeclaration v2) { + not v1 = v2 and + v2 = getPotentialScopeOfDeclaration(v1) and + v1.getName() = v2.getName() and + // Member variables cannot hide other variables nor be hidden because the can be referenced through their qualified name. + not (v1.isMember() or v2.isMember()) +} + /** * Gets the enclosing statement of the given variable, if any. */ @@ -257,20 +263,20 @@ private Stmt getEnclosingStmt(LocalScopeVariable v) { } /** Holds if `v2` hides `v1`. */ -predicate hides(UserVariable v1, UserVariable v2) { +predicate hides(UserDeclaration v1, UserDeclaration v2) { hides_candidate(v1, v2) and // Confirm that there's no closer candidate variable which `v2` hides - not exists(UserVariable mid | + not exists(UserDeclaration mid | hides_candidate(v1, mid) and hides_candidate(mid, v2) ) } /** Holds if `v2` strictly (`v2` is in an inner scope compared to `v1`) hides `v1`. */ -predicate hidesStrict(UserVariable v1, UserVariable v2) { +predicate hidesStrict(UserDeclaration v1, UserDeclaration v2) { hides_candidateStrict(v1, v2) and // Confirm that there's no closer candidate variable which `v2` hides - not exists(UserVariable mid | + not exists(UserDeclaration mid | hides_candidateStrict(v1, mid) and hides_candidateStrict(mid, v2) ) diff --git a/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll b/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll index fc0a01cbd4..109407c12f 100644 --- a/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll +++ b/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll @@ -11,7 +11,7 @@ abstract class IdentifierHiddenSharedQuery extends Query { } Query getQuery() { result instanceof IdentifierHiddenSharedQuery } -query predicate problems(UserVariable v2, string message, UserVariable v1, string varName) { +query predicate problems(UserDeclaration v2, string message, UserDeclaration v1, string varName) { not isExcluded(v1, getQuery()) and not isExcluded(v2, getQuery()) and //ignore template variables for this rule @@ -19,5 +19,5 @@ query predicate problems(UserVariable v2, string message, UserVariable v1, strin not v2 instanceof TemplateVariable and hidesStrict(v1, v2) and varName = v1.getName() and - message = "Variable is hiding variable $@." + message = "Declaration is hiding declaration $@." } diff --git a/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected b/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected index 2ea18aa9cd..512c38952d 100644 --- a/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected +++ b/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected @@ -1,11 +1,13 @@ -| test.cpp:4:5:4:7 | id1 | Variable is hiding variable $@. | test.cpp:1:5:1:7 | id1 | id1 | -| test.cpp:8:5:8:7 | id1 | Variable is hiding variable $@. | test.cpp:1:5:1:7 | id1 | id1 | -| test.cpp:11:5:11:7 | id1 | Variable is hiding variable $@. | test.cpp:8:5:8:7 | id1 | id1 | -| test.cpp:20:7:20:9 | id1 | Variable is hiding variable $@. | test.cpp:1:5:1:7 | id1 | id1 | -| test.cpp:23:13:23:15 | id1 | Variable is hiding variable $@. | test.cpp:1:5:1:7 | id1 | id1 | -| test.cpp:26:12:26:14 | id1 | Variable is hiding variable $@. | test.cpp:1:5:1:7 | id1 | id1 | -| test.cpp:27:14:27:16 | id1 | Variable is hiding variable $@. | test.cpp:26:12:26:14 | id1 | id1 | -| test.cpp:65:11:65:11 | i | Variable is hiding variable $@. | test.cpp:61:7:61:7 | i | i | -| test.cpp:67:9:67:9 | i | Variable is hiding variable $@. | test.cpp:61:7:61:7 | i | i | -| test.cpp:70:12:70:12 | i | Variable is hiding variable $@. | test.cpp:61:7:61:7 | i | i | -| test.cpp:75:16:75:16 | i | Variable is hiding variable $@. | test.cpp:61:7:61:7 | i | i | +| test.cpp:4:5:4:7 | id1 | Declaration is hiding declaration $@. | test.cpp:1:5:1:7 | id1 | id1 | +| test.cpp:8:5:8:7 | id1 | Declaration is hiding declaration $@. | test.cpp:1:5:1:7 | id1 | id1 | +| test.cpp:11:5:11:7 | id1 | Declaration is hiding declaration $@. | test.cpp:8:5:8:7 | id1 | id1 | +| test.cpp:20:7:20:9 | id1 | Declaration is hiding declaration $@. | test.cpp:1:5:1:7 | id1 | id1 | +| test.cpp:23:13:23:15 | id1 | Declaration is hiding declaration $@. | test.cpp:1:5:1:7 | id1 | id1 | +| test.cpp:26:12:26:14 | id1 | Declaration is hiding declaration $@. | test.cpp:1:5:1:7 | id1 | id1 | +| test.cpp:27:14:27:16 | id1 | Declaration is hiding declaration $@. | test.cpp:26:12:26:14 | id1 | id1 | +| test.cpp:65:11:65:11 | i | Declaration is hiding declaration $@. | test.cpp:61:7:61:7 | i | i | +| test.cpp:67:9:67:9 | i | Declaration is hiding declaration $@. | test.cpp:61:7:61:7 | i | i | +| test.cpp:70:12:70:12 | i | Declaration is hiding declaration $@. | test.cpp:61:7:61:7 | i | i | +| test.cpp:75:16:75:16 | i | Declaration is hiding declaration $@. | test.cpp:61:7:61:7 | i | i | +| test.cpp:81:5:81:5 | a | Declaration is hiding declaration $@. | test.cpp:79:5:79:5 | a | a | +| test.cpp:85:13:85:13 | a | Declaration is hiding declaration $@. | test.cpp:79:5:79:5 | a | a | diff --git a/cpp/common/test/rules/identifierhidden/test.cpp b/cpp/common/test/rules/identifierhidden/test.cpp index cdd7137c57..c778f60b8f 100644 --- a/cpp/common/test/rules/identifierhidden/test.cpp +++ b/cpp/common/test/rules/identifierhidden/test.cpp @@ -74,4 +74,13 @@ void test_scope_order() { } catch (int i) { // NON_COMPLIANT } +} + +int a; +namespace b { +int a() {} // NON_COMPLIANT +} // namespace b + +namespace b1 { +typedef int a; // NON_COMPLIANT } \ No newline at end of file From 1daf1d52b8ccc73366ef67eccc22a90ed9f58385 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 27 Feb 2024 16:17:50 -0500 Subject: [PATCH 1689/2573] M5-14-1: use lib implementation, improve testcase --- ...fALogicalAndOperatorsContainSideEffects.ql | 36 ++----------------- ...calAndOperatorsContainSideEffects.expected | 1 + cpp/autosar/test/rules/M5-14-1/test.cpp | 12 +++++-- .../test/includes/standard-library/typeinfo.h | 1 + 4 files changed, 13 insertions(+), 37 deletions(-) diff --git a/cpp/autosar/src/rules/M5-14-1/RightHandOperandOfALogicalAndOperatorsContainSideEffects.ql b/cpp/autosar/src/rules/M5-14-1/RightHandOperandOfALogicalAndOperatorsContainSideEffects.ql index 9540f1fa37..b0f0922500 100644 --- a/cpp/autosar/src/rules/M5-14-1/RightHandOperandOfALogicalAndOperatorsContainSideEffects.ql +++ b/cpp/autosar/src/rules/M5-14-1/RightHandOperandOfALogicalAndOperatorsContainSideEffects.ql @@ -19,44 +19,12 @@ import codingstandards.cpp.autosar import codingstandards.cpp.SideEffect import codingstandards.cpp.sideeffect.DefaultEffects -/** - * an operator that does not evaluate its operand - * `decltype` also has a non evaluated operand but cannot be used in a `BinaryLogicalOperation` - */ -class UnevaluatedOperand extends Expr { - Expr operator; - - UnevaluatedOperand() { - exists(SizeofExprOperator op | op.getExprOperand() = this | - not this.getUnderlyingType().(ArrayType).hasArraySize() and - operator = op - ) - or - exists(NoExceptExpr e | - e.getExpr() = this and - operator = e - ) - or - exists(TypeidOperator t | - t.getExpr() = this and - operator = t - ) - or - exists(FunctionCall declval | - declval.getTarget().hasQualifiedName("std", "declval") and - declval.getAChild() = this and - operator = declval - ) - } - - Expr getOp() { result = operator } -} - from BinaryLogicalOperation op, Expr rhs where not isExcluded(op, SideEffects1Package::rightHandOperandOfALogicalAndOperatorsContainSideEffectsQuery()) and rhs = op.getRightOperand() and hasSideEffect(rhs) and - not exists(UnevaluatedOperand un | un.getOp() = rhs) + not rhs.(NoExceptExpr).getExpr().isUnevaluated() and + not rhs.(SizeofExprOperator).getExprOperand().isUnevaluated() select op, "The $@ may have a side effect that is not always evaluated.", rhs, "right-hand operand" diff --git a/cpp/autosar/test/rules/M5-14-1/RightHandOperandOfALogicalAndOperatorsContainSideEffects.expected b/cpp/autosar/test/rules/M5-14-1/RightHandOperandOfALogicalAndOperatorsContainSideEffects.expected index f693f1a4be..75b3a45304 100644 --- a/cpp/autosar/test/rules/M5-14-1/RightHandOperandOfALogicalAndOperatorsContainSideEffects.expected +++ b/cpp/autosar/test/rules/M5-14-1/RightHandOperandOfALogicalAndOperatorsContainSideEffects.expected @@ -1,3 +1,4 @@ | test.cpp:15:7:15:14 | ... \|\| ... | The $@ may have a side effect that is not always evaluated. | test.cpp:15:12:15:14 | ... ++ | right-hand operand | | test.cpp:18:7:18:21 | ... \|\| ... | The $@ may have a side effect that is not always evaluated. | test.cpp:18:13:18:20 | ... == ... | right-hand operand | | test.cpp:21:7:21:15 | ... \|\| ... | The $@ may have a side effect that is not always evaluated. | test.cpp:21:12:21:13 | call to f1 | right-hand operand | +| test.cpp:40:7:40:41 | ... \|\| ... | The $@ may have a side effect that is not always evaluated. | test.cpp:40:26:40:26 | call to operator== | right-hand operand | diff --git a/cpp/autosar/test/rules/M5-14-1/test.cpp b/cpp/autosar/test/rules/M5-14-1/test.cpp index a5eac80ab9..76fd08c2ca 100644 --- a/cpp/autosar/test/rules/M5-14-1/test.cpp +++ b/cpp/autosar/test/rules/M5-14-1/test.cpp @@ -29,8 +29,14 @@ int g1 = 0; int f4() { return g1++; } int f5() { return 1; } +#include + void f6() { - if (noexcept(f5()) &&noexcept( - f4())) { // COMPLIANT - noexcept operands not evaluated - } + if (1 && sizeof(f4())) { + } // COMPLIANT - sizeof operands not evaluated + if (1 &&noexcept(f4()) &&noexcept(f4())) { + } // COMPLIANT - noexcept operands not evaluated + + if (1 || (typeid(f5()) == typeid(f4()))) { + } // NON_COMPLIANT - typeid operands not evaluated, but the ==operator is } \ No newline at end of file diff --git a/cpp/common/test/includes/standard-library/typeinfo.h b/cpp/common/test/includes/standard-library/typeinfo.h index dbe2d07503..6be058f090 100644 --- a/cpp/common/test/includes/standard-library/typeinfo.h +++ b/cpp/common/test/includes/standard-library/typeinfo.h @@ -4,5 +4,6 @@ namespace std { struct type_info { const char *name() const noexcept; std::size_t hash_code() const noexcept; + bool operator==(const type_info &rhs) const; }; } // namespace std \ No newline at end of file From a1f4362f53de5fa8d17139b81a6f89664d4accc9 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 27 Feb 2024 16:21:48 -0500 Subject: [PATCH 1690/2573] Fix predicate name change --- .../DifferentIdentifiersNotTypographicallyUnambiguous.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.qll b/cpp/common/src/codingstandards/cpp/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.qll index 87a4580ab3..4876ca9a5c 100644 --- a/cpp/common/src/codingstandards/cpp/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.qll +++ b/cpp/common/src/codingstandards/cpp/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.qll @@ -47,7 +47,7 @@ string step1(string s) { string step2(string s) { s = "m_" and result = "rn" } predicate violation(UserVariable v1, UserVariable v2) { - v2 = getPotentialScopeOfVariable(v1) and + v2 = getPotentialScopeOfDeclaration(v1) and exists(string s1, string s2 | // over-approximate a match, because it is cheaper to compute getCanon(v1) = getCanon(v2) and From b0eb1c93a434d49416fd7eee2ec8548117c64a1e Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Tue, 27 Feb 2024 22:08:48 +0000 Subject: [PATCH 1691/2573] Update user_manual.md --- docs/user_manual.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/user_manual.md b/docs/user_manual.md index bd9af9d15b..349be017ba 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -23,7 +23,7 @@ | 0.15.0 | 2023-05-24 | Mauro Baluda | Clarify AUTOSAR C++ supported versions. | | 0.16.0 | 2023-07-03 | Luke Cartey | Remove reference to LGTM, update the name of the query pack | | 0.17.0 | 2023-08-16 | Luke Cartey | Update list of supported compiler configurations. | -| 0.87.0 | 2024-01-30 | Luke Cartey | Update product description and coverage table. | +| 0.18.0 | 2024-01-30 | Luke Cartey | Update product description and coverage table. | ## Release information From 4bb4222fa9d98d3a16998a3e1fb1f4703d141542 Mon Sep 17 00:00:00 2001 From: Nicolas Kraiouchkine Date: Wed, 28 Feb 2024 11:14:14 +0100 Subject: [PATCH 1692/2573] Fix comments in NonBooleanIterationStmt.qll --- .../rules/nonbooleaniterationstmt/NonBooleanIterationStmt.qll | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.qll b/cpp/common/src/codingstandards/cpp/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.qll index 3ca038ce07..83e58f72d5 100644 --- a/cpp/common/src/codingstandards/cpp/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.qll +++ b/cpp/common/src/codingstandards/cpp/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.qll @@ -1,5 +1,5 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library which includes a `problems` predicate for reporting non-boolean iteration conditions. */ import cpp @@ -16,7 +16,7 @@ query predicate problems(Loop loopStmt, string message) { condition = loopStmt.getCondition() and explicitConversionType = condition.getExplicitlyConverted().getType().getUnspecifiedType() and not explicitConversionType instanceof BoolType and - //exclude any generated conditions + // exclude any generated conditions not condition.isCompilerGenerated() and // exclude any conditions in uninstantiated templates, because their type will be unknown. not condition.isFromUninstantiatedTemplate(_) and From a2eefa47691998e45b1e0b053ee535711b35dc34 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Wed, 28 Feb 2024 11:40:17 +0100 Subject: [PATCH 1693/2573] Update test after frontend update --- .../UserDefinedConversionOperatorsShouldNotBeUsed.expected | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A13-5-3/UserDefinedConversionOperatorsShouldNotBeUsed.expected b/cpp/autosar/test/rules/A13-5-3/UserDefinedConversionOperatorsShouldNotBeUsed.expected index e757cdf984..14e68ab4a9 100644 --- a/cpp/autosar/test/rules/A13-5-3/UserDefinedConversionOperatorsShouldNotBeUsed.expected +++ b/cpp/autosar/test/rules/A13-5-3/UserDefinedConversionOperatorsShouldNotBeUsed.expected @@ -1,4 +1,4 @@ | test.cpp:33:7:33:7 | call to operator A | User-defined conversion operators should not be used. | | test.cpp:35:24:35:24 | call to operator A * | User-defined conversion operators should not be used. | -| test.cpp:37:15:37:15 | call to operator B::array_A * | User-defined conversion operators should not be used. | +| test.cpp:37:15:37:15 | call to operator A (*)[3] | User-defined conversion operators should not be used. | | test.cpp:41:7:41:7 | call to operator A * | User-defined conversion operators should not be used. | From 9be5a7b9d67df32d0eeb23a85a4e84da18e58356 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 28 Feb 2024 11:31:11 -0500 Subject: [PATCH 1694/2573] Identifier Hidden: missed expeted for shared, generalize variable count check --- .../rules/identifierhidden/IdentifierHidden.expected | 10 +++++----- cpp/common/src/codingstandards/cpp/Scope.qll | 8 +++++--- 2 files changed, 10 insertions(+), 8 deletions(-) diff --git a/c/common/test/rules/identifierhidden/IdentifierHidden.expected b/c/common/test/rules/identifierhidden/IdentifierHidden.expected index 67809ee003..d6f574e318 100644 --- a/c/common/test/rules/identifierhidden/IdentifierHidden.expected +++ b/c/common/test/rules/identifierhidden/IdentifierHidden.expected @@ -1,5 +1,5 @@ -| test.c:4:7:4:9 | id1 | Variable is hiding variable $@. | test.c:1:5:1:7 | id1 | id1 | -| test.c:7:13:7:15 | id1 | Variable is hiding variable $@. | test.c:1:5:1:7 | id1 | id1 | -| test.c:10:12:10:14 | id1 | Variable is hiding variable $@. | test.c:1:5:1:7 | id1 | id1 | -| test.c:11:14:11:16 | id1 | Variable is hiding variable $@. | test.c:10:12:10:14 | id1 | id1 | -| test.c:24:24:24:26 | id2 | Variable is hiding variable $@. | test.c:22:5:22:7 | id2 | id2 | +| test.c:4:7:4:9 | id1 | Declaration is hiding declaration $@. | test.c:1:5:1:7 | id1 | id1 | +| test.c:7:13:7:15 | id1 | Declaration is hiding declaration $@. | test.c:1:5:1:7 | id1 | id1 | +| test.c:10:12:10:14 | id1 | Declaration is hiding declaration $@. | test.c:1:5:1:7 | id1 | id1 | +| test.c:11:14:11:16 | id1 | Declaration is hiding declaration $@. | test.c:10:12:10:14 | id1 | id1 | +| test.c:24:24:24:26 | id2 | Declaration is hiding declaration $@. | test.c:22:5:22:7 | id2 | id2 | diff --git a/cpp/common/src/codingstandards/cpp/Scope.qll b/cpp/common/src/codingstandards/cpp/Scope.qll index 7659cdb4ff..7d755eba83 100644 --- a/cpp/common/src/codingstandards/cpp/Scope.qll +++ b/cpp/common/src/codingstandards/cpp/Scope.qll @@ -80,6 +80,8 @@ class Scope extends Element { int getNumberOfVariables() { result = count(getAVariable()) } + int getNumberOfDeclarations() { result = count(getADeclaration()) } + Scope getAnAncestor() { result = this.getStrictParent+() } Scope getStrictParent() { result = getParentScope(this) } @@ -133,9 +135,9 @@ private UserDeclaration getPotentialScopeOfDeclaration_candidate(UserDeclaration exists(Scope s | result = s.getADeclaration() and ( - // Declaration in an ancestor scope, but only if there are less than 100 variables in this scope + // Declaration in an ancestor scope, but only if there are less than 100 declarations in this scope v = s.getAnAncestor().getADeclaration() and - s.getNumberOfVariables() < 100 + s.getNumberOfDeclarations() < 100 or // In the same scope, but not the same Declaration, and choose just one to report v = s.getADeclaration() and @@ -152,7 +154,7 @@ private UserDeclaration getOuterScopesOfDeclaration_candidate(UserDeclaration v) ( // Declaration in an ancestor scope, but only if there are less than 100 variables in this scope v = s.getAnAncestor().getADeclaration() and - s.getNumberOfVariables() < 100 + s.getNumberOfDeclarations() < 100 ) ) } From dadc62c5e8073a3fad684c2112b19af51745464c Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Wed, 28 Feb 2024 21:40:53 +0000 Subject: [PATCH 1695/2573] Update docs/user_manual.md Co-authored-by: Remco Vermeulen --- docs/user_manual.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/user_manual.md b/docs/user_manual.md index 349be017ba..89bede99e1 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -56,7 +56,7 @@ The _CodeQL Coding Standards_ product is a set of CodeQL queries for identifying | [CERT C](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-c-coding-standard-2016-v01.pdf) | 2016 | 99 | 97 | 97 | Implemented | | [MISRA C](https://www.misra.org.uk/product/misra-c2012-third-edition-first-revision/) | 2012 | 175 | 164 | 162[^3] | Implemented | -Not all rules in these standards are amenable to static analysis by CodeQL - some rules require external or domain specific knowledge to validate, or refer to properties which are not present in the our representation of the codebase under analysis. In addition, some rules are natively enforced by our supported set of compilers. As CodeQL requires that the program under analysis compiles, we are unable to implement queries for these rules, and doing so would be redundant. +Not all rules in these standards are amenable to static analysis by CodeQL - some rules require external or domain specific knowledge to validate, or refer to properties which are not present in our representation of the codebase under analysis. In addition, some rules are natively enforced by the supported compilers. As CodeQL requires that the program under analysis compiles, we are unable to implement queries for these rules, and doing so would be redundant. For each rule we therefore identify whether it is supportable or not. Furthermore, a rule can be supported in two ways: From 6c4a79d1eaa49edcd214820efcc402afa16294d6 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 23 Feb 2024 15:39:18 -0800 Subject: [PATCH 1696/2573] Add boilerplate for new rule --- .vscode/tasks.json | 1 + .../M5-0-2/InsufficientUseOfParentheses.ql | 23 +++++++++++++++++++ .../InsufficientUseOfParentheses.expected | 1 + .../M5-0-2/InsufficientUseOfParentheses.qlref | 1 + .../cpp/exclusions/cpp/OrderOfEvaluation.qll | 17 ++++++++++++++ rule_packages/cpp/OrderOfEvaluation.json | 12 ++++++++++ 6 files changed, 55 insertions(+) create mode 100644 cpp/autosar/src/rules/M5-0-2/InsufficientUseOfParentheses.ql create mode 100644 cpp/autosar/test/rules/M5-0-2/InsufficientUseOfParentheses.expected create mode 100644 cpp/autosar/test/rules/M5-0-2/InsufficientUseOfParentheses.qlref diff --git a/.vscode/tasks.json b/.vscode/tasks.json index 9b53539c04..74f065ac3b 100644 --- a/.vscode/tasks.json +++ b/.vscode/tasks.json @@ -271,6 +271,7 @@ "Null", "OperatorInvariants", "Operators", + "OrderOfEvaluation", "OutOfBounds", "Pointers", "Pointers1", diff --git a/cpp/autosar/src/rules/M5-0-2/InsufficientUseOfParentheses.ql b/cpp/autosar/src/rules/M5-0-2/InsufficientUseOfParentheses.ql new file mode 100644 index 0000000000..0d378e5462 --- /dev/null +++ b/cpp/autosar/src/rules/M5-0-2/InsufficientUseOfParentheses.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/autosar/insufficient-use-of-parentheses + * @name M5-0-2: Limited dependence should be placed on C++ operator precedence rules in expressions + * @description The use of parentheses can be used to emphasize precedence and increase code + * readability. + * @kind problem + * @precision medium + * @problem.severity recommendation + * @tags external/autosar/id/m5-0-2 + * external/autosar/audit + * readability + * external/autosar/allocated-target/implementation + * external/autosar/enforcement/partially-automated + * external/autosar/obligation/advisory + */ + +import cpp +import codingstandards.cpp.autosar + +from Expr e +where + not isExcluded(e, OrderOfEvaluationPackage::insufficientUseOfParenthesesQuery()) +select e, "Insufficient use of parenthesis in expression." diff --git a/cpp/autosar/test/rules/M5-0-2/InsufficientUseOfParentheses.expected b/cpp/autosar/test/rules/M5-0-2/InsufficientUseOfParentheses.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/cpp/autosar/test/rules/M5-0-2/InsufficientUseOfParentheses.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/cpp/autosar/test/rules/M5-0-2/InsufficientUseOfParentheses.qlref b/cpp/autosar/test/rules/M5-0-2/InsufficientUseOfParentheses.qlref new file mode 100644 index 0000000000..733c035604 --- /dev/null +++ b/cpp/autosar/test/rules/M5-0-2/InsufficientUseOfParentheses.qlref @@ -0,0 +1 @@ +rules/M5-0-2/InsufficientUseOfParentheses.ql \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/OrderOfEvaluation.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/OrderOfEvaluation.qll index 2c7da3d64a..9aa62ad377 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/OrderOfEvaluation.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/OrderOfEvaluation.qll @@ -8,6 +8,7 @@ newtype OrderOfEvaluationQuery = TOperandsOfALogicalAndOrNotParenthesizedQuery() or TExplicitConstructionOfUnnamedTemporaryQuery() or TGratuitousUseOfParenthesesQuery() or + TInsufficientUseOfParenthesesQuery() or TIncrementAndDecrementOperatorsMixedWithOtherOperatorsInExpressionQuery() or TAssignmentInSubExpressionQuery() @@ -50,6 +51,15 @@ predicate isOrderOfEvaluationQueryMetadata( ruleId = "M5-0-2" and category = "advisory" or + query = + // `Query` instance for the `insufficientUseOfParentheses` query + OrderOfEvaluationPackage::insufficientUseOfParenthesesQuery() and + queryId = + // `@id` for the `insufficientUseOfParentheses` query + "cpp/autosar/insufficient-use-of-parentheses" and + ruleId = "M5-0-2" and + category = "advisory" + or query = // `Query` instance for the `incrementAndDecrementOperatorsMixedWithOtherOperatorsInExpression` query OrderOfEvaluationPackage::incrementAndDecrementOperatorsMixedWithOtherOperatorsInExpressionQuery() and @@ -98,6 +108,13 @@ module OrderOfEvaluationPackage { TQueryCPP(TOrderOfEvaluationPackageQuery(TGratuitousUseOfParenthesesQuery())) } + Query insufficientUseOfParenthesesQuery() { + //autogenerate `Query` type + result = + // `Query` type for `insufficientUseOfParentheses` query + TQueryCPP(TOrderOfEvaluationPackageQuery(TInsufficientUseOfParenthesesQuery())) + } + Query incrementAndDecrementOperatorsMixedWithOtherOperatorsInExpressionQuery() { //autogenerate `Query` type result = diff --git a/rule_packages/cpp/OrderOfEvaluation.json b/rule_packages/cpp/OrderOfEvaluation.json index c471ca8f48..00ec0dbc65 100644 --- a/rule_packages/cpp/OrderOfEvaluation.json +++ b/rule_packages/cpp/OrderOfEvaluation.json @@ -90,6 +90,18 @@ "external/autosar/audit", "readability" ] + }, + { + "description": "The use of parentheses can be used to emphasize precedence and increase code readability.", + "kind": "problem", + "name": "Limited dependence should be placed on C++ operator precedence rules in expressions", + "precision": "medium", + "severity": "recommendation", + "short_name": "InsufficientUseOfParentheses", + "tags": [ + "external/autosar/audit", + "readability" + ] } ], "title": "Limited dependence should be placed on C++ operator precedence rules in expressions." From ef44566dd5cd29a729b78af0cf263d2b0dffa472 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 29 Feb 2024 17:05:46 -0800 Subject: [PATCH 1697/2573] Implement query for dependence on operator precedence --- .../M5-0-2/InsufficientUseOfParentheses.ql | 22 +++++++++++++++---- .../InsufficientUseOfParentheses.expected | 9 +++++++- cpp/autosar/test/rules/M5-0-2/test.cpp | 17 ++++++++++++++ 3 files changed, 43 insertions(+), 5 deletions(-) diff --git a/cpp/autosar/src/rules/M5-0-2/InsufficientUseOfParentheses.ql b/cpp/autosar/src/rules/M5-0-2/InsufficientUseOfParentheses.ql index 0d378e5462..19bd325edd 100644 --- a/cpp/autosar/src/rules/M5-0-2/InsufficientUseOfParentheses.ql +++ b/cpp/autosar/src/rules/M5-0-2/InsufficientUseOfParentheses.ql @@ -17,7 +17,21 @@ import cpp import codingstandards.cpp.autosar -from Expr e -where - not isExcluded(e, OrderOfEvaluationPackage::insufficientUseOfParenthesesQuery()) -select e, "Insufficient use of parenthesis in expression." +class InsufficientlyParenthesizedExpr extends Expr { + InsufficientlyParenthesizedExpr() { + exists(BinaryOperation root, BinaryOperation child | child = this | + root.getAnOperand() = child and + root.getOperator() != child.getOperator() and + not any(ParenthesisExpr pe).getExpr() = child + ) + or + exists(ConditionalExpr root, BinaryOperation child | child = this | + root.getAnOperand() = child and + not any(ParenthesisExpr pe).getExpr() = child + ) + } +} + +from InsufficientlyParenthesizedExpr e +where not isExcluded(e, OrderOfEvaluationPackage::insufficientUseOfParenthesesQuery()) +select e, "Dependence on operator precedence rules." diff --git a/cpp/autosar/test/rules/M5-0-2/InsufficientUseOfParentheses.expected b/cpp/autosar/test/rules/M5-0-2/InsufficientUseOfParentheses.expected index 2ec1a0ac6c..ef355c7306 100644 --- a/cpp/autosar/test/rules/M5-0-2/InsufficientUseOfParentheses.expected +++ b/cpp/autosar/test/rules/M5-0-2/InsufficientUseOfParentheses.expected @@ -1 +1,8 @@ -No expected results have yet been specified \ No newline at end of file +| test.cpp:40:8:40:13 | ... * ... | Dependence on operator precedence rules. | +| test.cpp:41:19:41:24 | ... * ... | Dependence on operator precedence rules. | +| test.cpp:42:8:42:13 | ... * ... | Dependence on operator precedence rules. | +| test.cpp:42:17:42:22 | ... * ... | Dependence on operator precedence rules. | +| test.cpp:48:8:48:15 | ... == ... | Dependence on operator precedence rules. | +| test.cpp:49:26:49:32 | ... - ... | Dependence on operator precedence rules. | +| test.cpp:50:8:50:15 | ... == ... | Dependence on operator precedence rules. | +| test.cpp:50:24:50:30 | ... - ... | Dependence on operator precedence rules. | diff --git a/cpp/autosar/test/rules/M5-0-2/test.cpp b/cpp/autosar/test/rules/M5-0-2/test.cpp index 06dab1e64c..d028b632f9 100644 --- a/cpp/autosar/test/rules/M5-0-2/test.cpp +++ b/cpp/autosar/test/rules/M5-0-2/test.cpp @@ -31,4 +31,21 @@ void f1() { int **l7; l1 = (*l7)[l2]; // NON_COMPLIANT[FALSE_NEGATIVE] char l8 = (char)(l1 + 1); // NON_COMPLIANT[FALSE_NEGATIVE] +} + +void test_insufficient_parentheses() { + int l1, l2, l3; + + l1 = (2 * l2) + (3 * l3); // COMPLIANT + l1 = 2 * l2 + (3 * l3); // NON_COMPLIANT + l1 = (2 * l2) + 3 * l3; // NON_COMPLIANT + l1 = 2 * l2 + 3 * l3; // NON_COMPLIANT + l1 = (2 * l2) + l3 + 1; // COMPLIANT + l1 = (l2 + 1) - (l2 + l3); // COMPLIANT + l1 = l2 + l3 + 1; // COMPLIANT + + l1 = (l2 == l3) ? l2 : (l2 - l3); // COMPLIANT + l1 = l2 == l3 ? l2 : (l2 - l3); // NON_COMPLIANT + l1 = (l2 == l3) ? l2 : l2 - l3; // NON_COMPLIANT + l1 = l2 == l3 ? l2 : l2 - l3; // NON_COMPLIANT } \ No newline at end of file From 6266962d3e43cecc7bd6892b14cfab18c1107c6c Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 1 Mar 2024 16:16:53 -0800 Subject: [PATCH 1698/2573] Add support for templates to base class detection Detect template base classes through class template instantiations. --- .../CopyAndMoveNotDeclaredProtected.expected | 8 +++ cpp/autosar/test/rules/A12-8-6/test.cpp | 50 ++++++++++++++++++- cpp/common/src/codingstandards/cpp/Class.qll | 14 +++++- 3 files changed, 70 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/test/rules/A12-8-6/CopyAndMoveNotDeclaredProtected.expected b/cpp/autosar/test/rules/A12-8-6/CopyAndMoveNotDeclaredProtected.expected index 39b98e0500..a5890f10c0 100644 --- a/cpp/autosar/test/rules/A12-8-6/CopyAndMoveNotDeclaredProtected.expected +++ b/cpp/autosar/test/rules/A12-8-6/CopyAndMoveNotDeclaredProtected.expected @@ -12,3 +12,11 @@ | test.cpp:76:3:76:12 | declaration of BaseClass6 | Move constructor for base class BaseClass6 (the class is abstract) is not declared protected or deleted. | | test.cpp:77:15:77:23 | declaration of operator= | Copy assignment operator for base class BaseClass6 (the class is abstract) is not declared protected or deleted. | | test.cpp:78:15:78:23 | declaration of operator= | Move assignment operator for base class BaseClass6 (the class is abstract) is not declared protected or deleted. | +| test.cpp:85:3:85:12 | declaration of BaseClass7 | Copy constructor for base class BaseClass7 (a derived class exists) is not declared protected or deleted. | +| test.cpp:86:3:86:12 | declaration of BaseClass7 | Move constructor for base class BaseClass7 (a derived class exists) is not declared protected or deleted. | +| test.cpp:87:15:87:23 | declaration of operator= | Copy assignment operator for base class BaseClass7 (a derived class exists) is not declared protected or deleted. | +| test.cpp:88:15:88:23 | declaration of operator= | Move assignment operator for base class BaseClass7 (a derived class exists) is not declared protected or deleted. | +| test.cpp:108:3:108:12 | declaration of BaseClass8 | Copy constructor for base class BaseClass8 (a derived class exists) is not declared protected or deleted. | +| test.cpp:109:3:109:12 | declaration of BaseClass8 | Move constructor for base class BaseClass8 (a derived class exists) is not declared protected or deleted. | +| test.cpp:110:15:110:23 | declaration of operator= | Copy assignment operator for base class BaseClass8 (a derived class exists) is not declared protected or deleted. | +| test.cpp:111:15:111:23 | declaration of operator= | Move assignment operator for base class BaseClass8 (a derived class exists) is not declared protected or deleted. | diff --git a/cpp/autosar/test/rules/A12-8-6/test.cpp b/cpp/autosar/test/rules/A12-8-6/test.cpp index 2dc5425706..4ce65c2c51 100644 --- a/cpp/autosar/test/rules/A12-8-6/test.cpp +++ b/cpp/autosar/test/rules/A12-8-6/test.cpp @@ -77,4 +77,52 @@ class BaseClass6 { BaseClass6 &operator=(BaseClass6 const &) = default; // NON_COMPLIANT BaseClass6 &operator=(BaseClass6 &&) = default; // NON_COMPLIANT virtual void test() = 0; // pure virtual function, making this abstract -}; \ No newline at end of file +}; + +template class BaseClass7 { +public: + BaseClass7() {} + BaseClass7(BaseClass7 const &) = default; // NON_COMPLIANT + BaseClass7(BaseClass7 &&) = default; // NON_COMPLIANT + BaseClass7 &operator=(BaseClass7 const &) = default; // NON_COMPLIANT + BaseClass7 &operator=(BaseClass7 &&) = default; // NON_COMPLIANT + int operator=(int i); // COMPLIANT - not an assignment operator +}; // COMPLIANT + +template +class DerivedClass7 // COMPLIANT - not a base class itself + : public BaseClass7 { +public: + DerivedClass7() {} +}; + +class DerivedClass8 // COMPLIANT - not a base class itself + : public BaseClass7 { +public: + DerivedClass8() {} +}; + +class BaseClass8 { +public: + BaseClass8() {} + BaseClass8(BaseClass8 const &) = default; // NON_COMPLIANT + BaseClass8(BaseClass8 &&) = default; // NON_COMPLIANT + BaseClass8 &operator=(BaseClass8 const &) = default; // NON_COMPLIANT + BaseClass8 &operator=(BaseClass8 &&) = default; // NON_COMPLIANT +}; + +template +class DerivedClass9 // COMPLIANT - not a base class itself + : public BaseClass8 { +public: + DerivedClass9() {} + +private: + T t; +}; + +void test() { + BaseClass7 b; + DerivedClass7 d; + DerivedClass9 e; +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/Class.qll b/cpp/common/src/codingstandards/cpp/Class.qll index 2fff01c91f..f29e0990c0 100644 --- a/cpp/common/src/codingstandards/cpp/Class.qll +++ b/cpp/common/src/codingstandards/cpp/Class.qll @@ -10,7 +10,19 @@ import codingstandards.cpp.Expr */ predicate isPossibleBaseClass(Class c, string reason) { // There exists a derivation in this database - exists(c.getADerivedClass()) and reason = "a derived class exists" + ( + // We make a distinction between class template instantiations, regular classes and template classes. + // For template classes we do have derived classes, because derived classes would derive from a + // class template instantiation. + // Therefore, we check for derived classes for regular classes + not c instanceof ClassTemplateInstantiation and not c instanceof TemplateClass and exists(c.getADerivedClass()) + or + // and use template instantiations to check for derived classes for template classes + exists(ClassTemplateInstantiation instantiation | + exists(instantiation.getADerivedClass()) and c = instantiation.getTemplate() + ) + ) and + reason = "a derived class exists" or // The class must be extended at some point c.isAbstract() and reason = "the class is abstract" From 89910dd7b014633bfdaa59d1723194b296f8ab7b Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 1 Mar 2024 17:58:07 -0800 Subject: [PATCH 1699/2573] Adjust alert message for A12-4-1 and A12-8-6 For A12-8-6, the alert no longer contains the reason for the base class being a base class. This is because a base class with both a derived class and being abstract is reported as a separate alert. For A12-4-1, the alert contains the fully qualified name of the base class and is formatted according to the style guide. --- .../DestructorOfABaseClassNotPublicVirtual.ql | 6 +-- .../CopyAndMoveNotDeclaredProtected.ql | 30 +++++++++---- ...uctorOfABaseClassNotPublicVirtual.expected | 4 +- .../CopyAndMoveNotDeclaredProtected.expected | 44 +++++++++---------- cpp/common/src/codingstandards/cpp/Class.qll | 38 ++++++++-------- 5 files changed, 69 insertions(+), 53 deletions(-) diff --git a/cpp/autosar/src/rules/A12-4-1/DestructorOfABaseClassNotPublicVirtual.ql b/cpp/autosar/src/rules/A12-4-1/DestructorOfABaseClassNotPublicVirtual.ql index 4743e0b529..c534f9e591 100644 --- a/cpp/autosar/src/rules/A12-4-1/DestructorOfABaseClassNotPublicVirtual.ql +++ b/cpp/autosar/src/rules/A12-4-1/DestructorOfABaseClassNotPublicVirtual.ql @@ -29,9 +29,9 @@ predicate isProtectedNonVirtual(Destructor d) { d.isProtected() and not d.isVirt from Destructor d where not isExcluded(d, VirtualFunctionsPackage::destructorOfABaseClassNotPublicVirtualQuery()) and - isPossibleBaseClass(d.getDeclaringType(), _) and + d.getDeclaringType() instanceof BaseClass and (not isPublicOverride(d) and not isProtectedNonVirtual(d) and not isPublicVirtual(d)) // Report the declaration entry in the class body, as that is where the access specifier should be set select getDeclarationEntryInClassDeclaration(d), - "Destructor of base class " + d.getDeclaringType() + - " is not declared as public virtual, public override, or protected non-virtual." + "Destructor of base class '" + d.getDeclaringType().getQualifiedName() + + "' is not declared as public virtual, public override, or protected non-virtual." diff --git a/cpp/autosar/src/rules/A12-8-6/CopyAndMoveNotDeclaredProtected.ql b/cpp/autosar/src/rules/A12-8-6/CopyAndMoveNotDeclaredProtected.ql index 0098c7e43f..2be35fbe59 100644 --- a/cpp/autosar/src/rules/A12-8-6/CopyAndMoveNotDeclaredProtected.ql +++ b/cpp/autosar/src/rules/A12-8-6/CopyAndMoveNotDeclaredProtected.ql @@ -20,23 +20,35 @@ predicate isInvalidConstructor(Constructor f, string constructorType) { not f.isDeleted() and not f.isProtected() and ( - f instanceof MoveConstructor and constructorType = "Move constructor" + f instanceof MoveConstructor and + if f.isCompilerGenerated() + then constructorType = "Implicit move constructor" + else constructorType = "Move constructor" or - f instanceof CopyConstructor and constructorType = "Copy constructor" + f instanceof CopyConstructor and + if f.isCompilerGenerated() + then constructorType = "Implicit copy constructor" + else constructorType = "Copy constructor" ) } predicate isInvalidAssignment(Operator f, string operatorType) { not f.isDeleted() and ( - f instanceof CopyAssignmentOperator and operatorType = "Copy assignment operator" + f instanceof MoveAssignmentOperator and + if f.isCompilerGenerated() + then operatorType = "Implicit move assignment operator" + else operatorType = "Move constructor" or - f instanceof MoveAssignmentOperator and operatorType = "Move assignment operator" + f instanceof CopyAssignmentOperator and + if f.isCompilerGenerated() + then operatorType = "Implicit copy assignment operator" + else operatorType = "Copy assignment operator" ) and not f.hasSpecifier("protected") } -from MemberFunction mf, string type, string baseReason +from BaseClass baseClass, MemberFunction mf, string type where not isExcluded(mf, OperatorsPackage::copyAndMoveNotDeclaredProtectedQuery()) and ( @@ -44,7 +56,9 @@ where or isInvalidAssignment(mf, type) ) and - isPossibleBaseClass(mf.getDeclaringType(), baseReason) + baseClass = mf.getDeclaringType() +// To avoid duplicate alerts due to inaccurate location information in the database we don't use the location of the base class. +// This for example happens if multiple copies of the same header file are present in the database. select getDeclarationEntryInClassDeclaration(mf), - type + " for base class " + mf.getDeclaringType().getQualifiedName() + " (" + baseReason + - ") is not declared protected or deleted." + type + " for base class '" + baseClass.getQualifiedName() + + "' is not declared protected or deleted." diff --git a/cpp/autosar/test/rules/A12-4-1/DestructorOfABaseClassNotPublicVirtual.expected b/cpp/autosar/test/rules/A12-4-1/DestructorOfABaseClassNotPublicVirtual.expected index f8900da92f..dbe7f89585 100644 --- a/cpp/autosar/test/rules/A12-4-1/DestructorOfABaseClassNotPublicVirtual.expected +++ b/cpp/autosar/test/rules/A12-4-1/DestructorOfABaseClassNotPublicVirtual.expected @@ -1,2 +1,2 @@ -| test.cpp:4:3:4:4 | definition of ~A | Destructor of base class A is not declared as public virtual, public override, or protected non-virtual. | -| test.cpp:30:3:30:4 | definition of ~E | Destructor of base class E is not declared as public virtual, public override, or protected non-virtual. | +| test.cpp:4:3:4:4 | definition of ~A | Destructor of base class 'A' is not declared as public virtual, public override, or protected non-virtual. | +| test.cpp:30:3:30:4 | definition of ~E | Destructor of base class 'E' is not declared as public virtual, public override, or protected non-virtual. | diff --git a/cpp/autosar/test/rules/A12-8-6/CopyAndMoveNotDeclaredProtected.expected b/cpp/autosar/test/rules/A12-8-6/CopyAndMoveNotDeclaredProtected.expected index a5890f10c0..abbe8728a6 100644 --- a/cpp/autosar/test/rules/A12-8-6/CopyAndMoveNotDeclaredProtected.expected +++ b/cpp/autosar/test/rules/A12-8-6/CopyAndMoveNotDeclaredProtected.expected @@ -1,22 +1,22 @@ -| test.cpp:4:3:4:12 | declaration of BaseClass1 | Copy constructor for base class BaseClass1 (a derived class exists) is not declared protected or deleted. | -| test.cpp:5:3:5:12 | declaration of BaseClass1 | Move constructor for base class BaseClass1 (a derived class exists) is not declared protected or deleted. | -| test.cpp:6:15:6:23 | declaration of operator= | Copy assignment operator for base class BaseClass1 (a derived class exists) is not declared protected or deleted. | -| test.cpp:7:15:7:23 | declaration of operator= | Move assignment operator for base class BaseClass1 (a derived class exists) is not declared protected or deleted. | -| test.cpp:15:7:15:7 | declaration of operator= | Copy assignment operator for base class BaseClass2 (a derived class exists) is not declared protected or deleted. | -| test.cpp:15:7:15:7 | declaration of operator= | Move assignment operator for base class BaseClass2 (a derived class exists) is not declared protected or deleted. | -| test.cpp:55:3:55:12 | declaration of BaseClass5 | Copy constructor for base class BaseClass5 (a derived class exists) is not declared protected or deleted. | -| test.cpp:56:3:56:12 | declaration of BaseClass5 | Move constructor for base class BaseClass5 (a derived class exists) is not declared protected or deleted. | -| test.cpp:57:15:57:23 | declaration of operator= | Copy assignment operator for base class BaseClass5 (a derived class exists) is not declared protected or deleted. | -| test.cpp:58:15:58:23 | declaration of operator= | Move assignment operator for base class BaseClass5 (a derived class exists) is not declared protected or deleted. | -| test.cpp:75:3:75:12 | declaration of BaseClass6 | Copy constructor for base class BaseClass6 (the class is abstract) is not declared protected or deleted. | -| test.cpp:76:3:76:12 | declaration of BaseClass6 | Move constructor for base class BaseClass6 (the class is abstract) is not declared protected or deleted. | -| test.cpp:77:15:77:23 | declaration of operator= | Copy assignment operator for base class BaseClass6 (the class is abstract) is not declared protected or deleted. | -| test.cpp:78:15:78:23 | declaration of operator= | Move assignment operator for base class BaseClass6 (the class is abstract) is not declared protected or deleted. | -| test.cpp:85:3:85:12 | declaration of BaseClass7 | Copy constructor for base class BaseClass7 (a derived class exists) is not declared protected or deleted. | -| test.cpp:86:3:86:12 | declaration of BaseClass7 | Move constructor for base class BaseClass7 (a derived class exists) is not declared protected or deleted. | -| test.cpp:87:15:87:23 | declaration of operator= | Copy assignment operator for base class BaseClass7 (a derived class exists) is not declared protected or deleted. | -| test.cpp:88:15:88:23 | declaration of operator= | Move assignment operator for base class BaseClass7 (a derived class exists) is not declared protected or deleted. | -| test.cpp:108:3:108:12 | declaration of BaseClass8 | Copy constructor for base class BaseClass8 (a derived class exists) is not declared protected or deleted. | -| test.cpp:109:3:109:12 | declaration of BaseClass8 | Move constructor for base class BaseClass8 (a derived class exists) is not declared protected or deleted. | -| test.cpp:110:15:110:23 | declaration of operator= | Copy assignment operator for base class BaseClass8 (a derived class exists) is not declared protected or deleted. | -| test.cpp:111:15:111:23 | declaration of operator= | Move assignment operator for base class BaseClass8 (a derived class exists) is not declared protected or deleted. | +| test.cpp:4:3:4:12 | declaration of BaseClass1 | Copy constructor for base class 'BaseClass1' is not declared protected or deleted. | +| test.cpp:5:3:5:12 | declaration of BaseClass1 | Move constructor for base class 'BaseClass1' is not declared protected or deleted. | +| test.cpp:6:15:6:23 | declaration of operator= | Copy assignment operator for base class 'BaseClass1' is not declared protected or deleted. | +| test.cpp:7:15:7:23 | declaration of operator= | Move constructor for base class 'BaseClass1' is not declared protected or deleted. | +| test.cpp:15:7:15:7 | declaration of operator= | Implicit copy assignment operator for base class 'BaseClass2' is not declared protected or deleted. | +| test.cpp:15:7:15:7 | declaration of operator= | Implicit move assignment operator for base class 'BaseClass2' is not declared protected or deleted. | +| test.cpp:55:3:55:12 | declaration of BaseClass5 | Copy constructor for base class 'BaseClass5' is not declared protected or deleted. | +| test.cpp:56:3:56:12 | declaration of BaseClass5 | Move constructor for base class 'BaseClass5' is not declared protected or deleted. | +| test.cpp:57:15:57:23 | declaration of operator= | Copy assignment operator for base class 'BaseClass5' is not declared protected or deleted. | +| test.cpp:58:15:58:23 | declaration of operator= | Move constructor for base class 'BaseClass5' is not declared protected or deleted. | +| test.cpp:75:3:75:12 | declaration of BaseClass6 | Copy constructor for base class 'BaseClass6' is not declared protected or deleted. | +| test.cpp:76:3:76:12 | declaration of BaseClass6 | Move constructor for base class 'BaseClass6' is not declared protected or deleted. | +| test.cpp:77:15:77:23 | declaration of operator= | Copy assignment operator for base class 'BaseClass6' is not declared protected or deleted. | +| test.cpp:78:15:78:23 | declaration of operator= | Move constructor for base class 'BaseClass6' is not declared protected or deleted. | +| test.cpp:85:3:85:12 | declaration of BaseClass7 | Copy constructor for base class 'BaseClass7' is not declared protected or deleted. | +| test.cpp:86:3:86:12 | declaration of BaseClass7 | Move constructor for base class 'BaseClass7' is not declared protected or deleted. | +| test.cpp:87:15:87:23 | declaration of operator= | Copy assignment operator for base class 'BaseClass7' is not declared protected or deleted. | +| test.cpp:88:15:88:23 | declaration of operator= | Move constructor for base class 'BaseClass7' is not declared protected or deleted. | +| test.cpp:108:3:108:12 | declaration of BaseClass8 | Copy constructor for base class 'BaseClass8' is not declared protected or deleted. | +| test.cpp:109:3:109:12 | declaration of BaseClass8 | Move constructor for base class 'BaseClass8' is not declared protected or deleted. | +| test.cpp:110:15:110:23 | declaration of operator= | Copy assignment operator for base class 'BaseClass8' is not declared protected or deleted. | +| test.cpp:111:15:111:23 | declaration of operator= | Move constructor for base class 'BaseClass8' is not declared protected or deleted. | diff --git a/cpp/common/src/codingstandards/cpp/Class.qll b/cpp/common/src/codingstandards/cpp/Class.qll index f29e0990c0..be775e99f7 100644 --- a/cpp/common/src/codingstandards/cpp/Class.qll +++ b/cpp/common/src/codingstandards/cpp/Class.qll @@ -5,27 +5,29 @@ import cpp import codingstandards.cpp.Expr -/** - * Holds if we believe that `c` is used or intended to be used as a base class. - */ -predicate isPossibleBaseClass(Class c, string reason) { - // There exists a derivation in this database - ( - // We make a distinction between class template instantiations, regular classes and template classes. - // For template classes we do have derived classes, because derived classes would derive from a - // class template instantiation. - // Therefore, we check for derived classes for regular classes - not c instanceof ClassTemplateInstantiation and not c instanceof TemplateClass and exists(c.getADerivedClass()) + +private Class getADerivedClass(Class c) { + not c instanceof ClassTemplateInstantiation and not c instanceof TemplateClass and result = c.getADerivedClass() or - // and use template instantiations to check for derived classes for template classes exists(ClassTemplateInstantiation instantiation | - exists(instantiation.getADerivedClass()) and c = instantiation.getTemplate() + instantiation.getADerivedClass() = result and c = instantiation.getTemplate() ) - ) and - reason = "a derived class exists" - or - // The class must be extended at some point - c.isAbstract() and reason = "the class is abstract" +} + +/** + * A class that is used or intended to be used as a base class. + */ +class BaseClass extends Class { + BaseClass() { + exists(getADerivedClass(this)) + or + this.isAbstract() + } + + // We don't override `getADerivedClass` because that introduces a non-monotonic recursion. + Class getASubClass() { + result = getADerivedClass(this) + } } /** From 5c411fe2b94ec701ce6854390ddf22e5b4cb6989 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 1 Mar 2024 18:07:13 -0800 Subject: [PATCH 1700/2573] Add changenote --- change_notes/2024-03-01-fix-fp-a12-4-1-and-a12-8-6.md | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 change_notes/2024-03-01-fix-fp-a12-4-1-and-a12-8-6.md diff --git a/change_notes/2024-03-01-fix-fp-a12-4-1-and-a12-8-6.md b/change_notes/2024-03-01-fix-fp-a12-4-1-and-a12-8-6.md new file mode 100644 index 0000000000..7ba99b44f1 --- /dev/null +++ b/change_notes/2024-03-01-fix-fp-a12-4-1-and-a12-8-6.md @@ -0,0 +1,6 @@ +- `A12-4-1` - `DestructorOfABaseClassNotPublicVirtual.ql`: + - Fix FP reported in #392. Improve base class detection for template classes. + - Update the alert message to prevent duplicate alerts for base classes that are both derived and abstract. +- `A12-8-6` - `CopyAndMoveNotDeclaredProtected.ql`: + - Fix FP reported in #392. Improve base class detection for template classes. + - Update the alert message to prevent duplicate alerts for base classes that are both derived and abstract. From e23b8bdc9105b57ca1cd5afaa22d8b9dea69ac1f Mon Sep 17 00:00:00 2001 From: Nicolas Kraiouchkine Date: Mon, 4 Mar 2024 19:42:52 +0100 Subject: [PATCH 1701/2573] Exclude reporting of nested redundant includes --- .../src/rules/A16-2-2/UnusedIncludeDirectives.ql | 15 ++++++++++++--- cpp/autosar/test/rules/A16-2-2/internal.h | 1 + cpp/autosar/test/rules/A16-2-2/test.hpp | 4 +++- cpp/autosar/test/rules/A16-2-2/test2.cpp | 7 +++++++ cpp/autosar/test/rules/A16-2-2/z.h | 1 + 5 files changed, 24 insertions(+), 4 deletions(-) create mode 100644 cpp/autosar/test/rules/A16-2-2/internal.h create mode 100644 cpp/autosar/test/rules/A16-2-2/test2.cpp create mode 100644 cpp/autosar/test/rules/A16-2-2/z.h diff --git a/cpp/autosar/src/rules/A16-2-2/UnusedIncludeDirectives.ql b/cpp/autosar/src/rules/A16-2-2/UnusedIncludeDirectives.ql index 9b536b78b3..ce51602fd2 100644 --- a/cpp/autosar/src/rules/A16-2-2/UnusedIncludeDirectives.ql +++ b/cpp/autosar/src/rules/A16-2-2/UnusedIncludeDirectives.ql @@ -223,10 +223,19 @@ private predicate firstReliableProvide(File f, File g, int line) { cached predicate mayProvideFirst(IncludeDepends i, File g) { - // i may provide g and does not come after a reliable include of g. + // i may provide g i.provides(g) and - not exists(int line | firstReliableProvide(i.getFile(), g, line) | - line < i.getLocation().getStartLine() + ( + // and does not come after a reliable include of g. + not exists(int line | firstReliableProvide(i.getFile(), g, line) | + line < i.getLocation().getStartLine() + ) + or + // or it comes after a reliable include of g, and although redundant, + // is not necessarily an issue e.g. in the case of libraries with + // public header forwards to an internal header. + // therefore, hold for transitive includes as well to exclude those results. + not i.getIncludedFile() = g ) } diff --git a/cpp/autosar/test/rules/A16-2-2/internal.h b/cpp/autosar/test/rules/A16-2-2/internal.h new file mode 100644 index 0000000000..6eb06a9a27 --- /dev/null +++ b/cpp/autosar/test/rules/A16-2-2/internal.h @@ -0,0 +1 @@ +void f(); \ No newline at end of file diff --git a/cpp/autosar/test/rules/A16-2-2/test.hpp b/cpp/autosar/test/rules/A16-2-2/test.hpp index 6eb06a9a27..a6c63f5413 100644 --- a/cpp/autosar/test/rules/A16-2-2/test.hpp +++ b/cpp/autosar/test/rules/A16-2-2/test.hpp @@ -1 +1,3 @@ -void f(); \ No newline at end of file +#include "z.h" + +void g() { f(); } \ No newline at end of file diff --git a/cpp/autosar/test/rules/A16-2-2/test2.cpp b/cpp/autosar/test/rules/A16-2-2/test2.cpp new file mode 100644 index 0000000000..332a4d7bbb --- /dev/null +++ b/cpp/autosar/test/rules/A16-2-2/test2.cpp @@ -0,0 +1,7 @@ +#include "test.hpp" +#include "z.h" + +void test() { + f(); + g(); +} \ No newline at end of file diff --git a/cpp/autosar/test/rules/A16-2-2/z.h b/cpp/autosar/test/rules/A16-2-2/z.h new file mode 100644 index 0000000000..22080b7884 --- /dev/null +++ b/cpp/autosar/test/rules/A16-2-2/z.h @@ -0,0 +1 @@ +#include "internal.h" \ No newline at end of file From ab90f7a4a58a6166d3516665ed9c926c178ce3ee Mon Sep 17 00:00:00 2001 From: Nicolas Kraiouchkine Date: Mon, 4 Mar 2024 19:47:52 +0100 Subject: [PATCH 1702/2573] Add change note for A16-2-2 --- change_notes/2024-03-04-fix-fp-a16-2-2.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 change_notes/2024-03-04-fix-fp-a16-2-2.md diff --git a/change_notes/2024-03-04-fix-fp-a16-2-2.md b/change_notes/2024-03-04-fix-fp-a16-2-2.md new file mode 100644 index 0000000000..79ff54eea1 --- /dev/null +++ b/change_notes/2024-03-04-fix-fp-a16-2-2.md @@ -0,0 +1,2 @@ +- `A16-2-2` - `UnusedIncludeDirectives.ql`: + - Address FP reported in #453. Exclude reporting of redundant include directives indirectly included by included files. From cfcbf23fef2a20edbb99d8c3638c1aa1c99d66de Mon Sep 17 00:00:00 2001 From: Nicolas Kraiouchkine Date: Mon, 4 Mar 2024 19:48:49 +0100 Subject: [PATCH 1703/2573] Add missing COMPLIANT labels to test-case --- cpp/autosar/test/rules/A16-2-2/test2.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/test/rules/A16-2-2/test2.cpp b/cpp/autosar/test/rules/A16-2-2/test2.cpp index 332a4d7bbb..6a4e01987d 100644 --- a/cpp/autosar/test/rules/A16-2-2/test2.cpp +++ b/cpp/autosar/test/rules/A16-2-2/test2.cpp @@ -1,5 +1,5 @@ -#include "test.hpp" -#include "z.h" +#include "test.hpp" // COMPLIANT +#include "z.h" // COMPLIANT void test() { f(); From 4ed43b2da6c12526c64167a65a06404bdbd66746 Mon Sep 17 00:00:00 2001 From: Nicolas Kraiouchkine Date: Mon, 4 Mar 2024 20:35:04 +0100 Subject: [PATCH 1704/2573] Add coverage for non-trivially-copyable types --- ...tersForCheapToCopyTypesNotPassedByValue.ql | 4 +-- ...NotCheapToCopyTypesNotPassedByReference.ql | 4 +-- ...ype.qll => TriviallyCopyableSmallType.qll} | 8 ++++-- ...rCheapToCopyTypesNotPassedByValue.expected | 2 +- ...apToCopyTypesNotPassedByReference.expected | 5 ++-- cpp/autosar/test/rules/A8-4-7/test.cpp | 25 ++++++++++++++++++- .../src/codingstandards/cpp/TrivialType.qll | 11 ++++++++ 7 files changed, 49 insertions(+), 10 deletions(-) rename cpp/autosar/src/rules/A8-4-7/{TriviallySmallType.qll => TriviallyCopyableSmallType.qll} (59%) diff --git a/cpp/autosar/src/rules/A8-4-7/InParametersForCheapToCopyTypesNotPassedByValue.ql b/cpp/autosar/src/rules/A8-4-7/InParametersForCheapToCopyTypesNotPassedByValue.ql index 78e9db28a4..187a0bcfb1 100644 --- a/cpp/autosar/src/rules/A8-4-7/InParametersForCheapToCopyTypesNotPassedByValue.ql +++ b/cpp/autosar/src/rules/A8-4-7/InParametersForCheapToCopyTypesNotPassedByValue.ql @@ -15,7 +15,7 @@ import cpp import codingstandards.cpp.autosar -import TriviallySmallType +import TriviallyCopyableSmallType import codingstandards.cpp.CommonTypes as CommonTypes import codingstandards.cpp.Class @@ -26,7 +26,7 @@ import codingstandards.cpp.Class * In this rule, we will look cases where a "cheap to copy" type is not passed by value. */ -from Parameter v, TriviallySmallType t +from Parameter v, TriviallyCopyableSmallType t where not isExcluded(v, ClassesPackage::inParametersForCheapToCopyTypesNotPassedByValueQuery()) and exists(ReferenceType rt | diff --git a/cpp/autosar/src/rules/A8-4-7/InParametersForNotCheapToCopyTypesNotPassedByReference.ql b/cpp/autosar/src/rules/A8-4-7/InParametersForNotCheapToCopyTypesNotPassedByReference.ql index b96b9347d3..6a05169dd7 100644 --- a/cpp/autosar/src/rules/A8-4-7/InParametersForNotCheapToCopyTypesNotPassedByReference.ql +++ b/cpp/autosar/src/rules/A8-4-7/InParametersForNotCheapToCopyTypesNotPassedByReference.ql @@ -15,7 +15,7 @@ import cpp import codingstandards.cpp.autosar -import TriviallySmallType +import TriviallyCopyableSmallType import codingstandards.cpp.CommonTypes as CommonTypes /* @@ -28,7 +28,7 @@ import codingstandards.cpp.CommonTypes as CommonTypes from Parameter v where not isExcluded(v, ClassesPackage::inParametersForNotCheapToCopyTypesNotPassedByReferenceQuery()) and - not v.getType() instanceof TriviallySmallType and + not v.getType() instanceof TriviallyCopyableSmallType and not v.getType().getUnderlyingType() instanceof ReferenceType and not exists(CatchBlock cb | cb.getParameter() = v) and not v.isFromUninstantiatedTemplate(_) and diff --git a/cpp/autosar/src/rules/A8-4-7/TriviallySmallType.qll b/cpp/autosar/src/rules/A8-4-7/TriviallyCopyableSmallType.qll similarity index 59% rename from cpp/autosar/src/rules/A8-4-7/TriviallySmallType.qll rename to cpp/autosar/src/rules/A8-4-7/TriviallyCopyableSmallType.qll index 8279fd8d94..4746bb9d79 100644 --- a/cpp/autosar/src/rules/A8-4-7/TriviallySmallType.qll +++ b/cpp/autosar/src/rules/A8-4-7/TriviallyCopyableSmallType.qll @@ -1,5 +1,6 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.TrivialType /** * Get the largest word size, in bytes. Some projects may have multiple different @@ -13,6 +14,9 @@ int wordSize() { result = max(VoidPointerType v | | v.getSize()) } bindingset[bytes] int bytesToWords(int bytes) { result = bytes / wordSize() } -class TriviallySmallType extends Type { - TriviallySmallType() { exists(int size | size = this.getSize() | bytesToWords(size) <= 2) } +class TriviallyCopyableSmallType extends Type { + TriviallyCopyableSmallType() { + isTriviallyCopyableType(this) and + exists(int size | size = this.getSize() | bytesToWords(size) <= 2) + } } diff --git a/cpp/autosar/test/rules/A8-4-7/InParametersForCheapToCopyTypesNotPassedByValue.expected b/cpp/autosar/test/rules/A8-4-7/InParametersForCheapToCopyTypesNotPassedByValue.expected index bc8a9d5f5b..ab45487bdf 100644 --- a/cpp/autosar/test/rules/A8-4-7/InParametersForCheapToCopyTypesNotPassedByValue.expected +++ b/cpp/autosar/test/rules/A8-4-7/InParametersForCheapToCopyTypesNotPassedByValue.expected @@ -1 +1 @@ -| test.cpp:20:19:20:21 | f5a | Parameter 'f5a' is the trivially copyable type 'const S1' but it is passed by reference instead of by value. | +| test.cpp:22:19:22:21 | f5a | Parameter 'f5a' is the trivially copyable type 'const S1' but it is passed by reference instead of by value. | diff --git a/cpp/autosar/test/rules/A8-4-7/InParametersForNotCheapToCopyTypesNotPassedByReference.expected b/cpp/autosar/test/rules/A8-4-7/InParametersForNotCheapToCopyTypesNotPassedByReference.expected index 92e3a439e7..d0d5b13efc 100644 --- a/cpp/autosar/test/rules/A8-4-7/InParametersForNotCheapToCopyTypesNotPassedByReference.expected +++ b/cpp/autosar/test/rules/A8-4-7/InParametersForNotCheapToCopyTypesNotPassedByReference.expected @@ -1,2 +1,3 @@ -| test.cpp:23:12:23:14 | f8a | Parameter f8a is the trivially non-copyable type $@ but it is passed by value instead of by reference. | test.cpp:14:8:14:9 | S2 | S2 | -| test.cpp:27:13:27:16 | f12a | Parameter f12a is the trivially non-copyable type $@ but it is passed by value instead of by reference. | test.cpp:14:8:14:9 | S2 | S2 | +| test.cpp:25:12:25:14 | f8a | Parameter f8a is the trivially non-copyable type $@ but it is passed by value instead of by reference. | test.cpp:16:8:16:9 | S2 | S2 | +| test.cpp:29:13:29:16 | f12a | Parameter f12a is the trivially non-copyable type $@ but it is passed by value instead of by reference. | test.cpp:16:8:16:9 | S2 | S2 | +| test.cpp:70:13:70:16 | f17a | Parameter f17a is the trivially non-copyable type $@ but it is passed by value instead of by reference. | test.cpp:60:8:60:9 | S4 | S4 | diff --git a/cpp/autosar/test/rules/A8-4-7/test.cpp b/cpp/autosar/test/rules/A8-4-7/test.cpp index 80cd3d48e5..aa0c3b3e02 100644 --- a/cpp/autosar/test/rules/A8-4-7/test.cpp +++ b/cpp/autosar/test/rules/A8-4-7/test.cpp @@ -1,5 +1,7 @@ +#include #include #include +#include void f1(std::uint8_t f1a) {} // COMPLIANT void f2(std::uint16_t f2a) {} // COMPLIANT @@ -45,4 +47,25 @@ class C1 {}; class C2 : public C1 { public: C2 &operator=(const C2 &); // COMPLIANT -}; \ No newline at end of file +}; + +void f13(double f13a) {} // COMPLIANT +void f14(const double f14a) {} // COMPLIANT + +struct S3 { + int x; + S3() : x(0) {} // COMPLIANT +}; + +struct S4 { + ~S4() {} // non-trivial destructor +}; + +struct S5 { + const int y; + S5(int value) : y(value) {} +}; + +void f15(S3 f15a) {} // COMPLIANT +void f17(S4 f17a) {} // NON_COMPLIANT (S4 has a non-trivial destructor) +void f18(S5 f18a) {} // COMPLIANT \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/TrivialType.qll b/cpp/common/src/codingstandards/cpp/TrivialType.qll index c6c072cf7f..1965f12934 100644 --- a/cpp/common/src/codingstandards/cpp/TrivialType.qll +++ b/cpp/common/src/codingstandards/cpp/TrivialType.qll @@ -281,6 +281,17 @@ predicate isTrivialType(Type t) { isTrivialType(t.getUnspecifiedType()) } +/** Holds if `t` is a trivially copyable type. */ +predicate isTriviallyCopyableType(Type t) { + isScalarType(t) + or + t instanceof TriviallyCopyableClass + or + isTriviallyCopyableType(t.(ArrayType).getBaseType()) + or + isTriviallyCopyableType(t.getUnspecifiedType()) +} + /** A POD type as defined by [basic.types]/9. */ class PODType extends Type { PODType() { From b7e0afb83d5cc9f10f7a386c89b1639df3c78529 Mon Sep 17 00:00:00 2001 From: Nicolas Kraiouchkine Date: Mon, 4 Mar 2024 20:38:47 +0100 Subject: [PATCH 1705/2573] Add change note for A8-4-7 --- change_notes/2024-03-04-improve-a8-4-7.md | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 change_notes/2024-03-04-improve-a8-4-7.md diff --git a/change_notes/2024-03-04-improve-a8-4-7.md b/change_notes/2024-03-04-improve-a8-4-7.md new file mode 100644 index 0000000000..4b0f15106b --- /dev/null +++ b/change_notes/2024-03-04-improve-a8-4-7.md @@ -0,0 +1,3 @@ +- `A8-4-7` - `InParametersForNotCheapToCopyTypesNotPassedByReference.ql`, `InParametersForCheapToCopyTypesNotPassedByValue.ql`: + - Improve coverage of the query by additionally alerting to non-trivially-copyable types being passed by value. + - Non-trivially-copyable types not passed by value will no longer be incorrectly reported. From 5c613c785bfad9725aa558d31294db12609ae3bd Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Mon, 4 Mar 2024 15:07:17 -0500 Subject: [PATCH 1706/2573] M5-14-1: refactor expr extension --- ...randOfALogicalAndOperatorsContainSideEffects.ql | 4 ++-- cpp/common/src/codingstandards/cpp/Expr.qll | 14 ++++++++++++++ 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/src/rules/M5-14-1/RightHandOperandOfALogicalAndOperatorsContainSideEffects.ql b/cpp/autosar/src/rules/M5-14-1/RightHandOperandOfALogicalAndOperatorsContainSideEffects.ql index b0f0922500..871e9828c8 100644 --- a/cpp/autosar/src/rules/M5-14-1/RightHandOperandOfALogicalAndOperatorsContainSideEffects.ql +++ b/cpp/autosar/src/rules/M5-14-1/RightHandOperandOfALogicalAndOperatorsContainSideEffects.ql @@ -18,6 +18,7 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.SideEffect import codingstandards.cpp.sideeffect.DefaultEffects +import codingstandards.cpp.Expr from BinaryLogicalOperation op, Expr rhs where @@ -25,6 +26,5 @@ where SideEffects1Package::rightHandOperandOfALogicalAndOperatorsContainSideEffectsQuery()) and rhs = op.getRightOperand() and hasSideEffect(rhs) and - not rhs.(NoExceptExpr).getExpr().isUnevaluated() and - not rhs.(SizeofExprOperator).getExprOperand().isUnevaluated() + not rhs instanceof UnevaluatedExprExtension select op, "The $@ may have a side effect that is not always evaluated.", rhs, "right-hand operand" diff --git a/cpp/common/src/codingstandards/cpp/Expr.qll b/cpp/common/src/codingstandards/cpp/Expr.qll index 86d04e70df..8e7f6279c5 100644 --- a/cpp/common/src/codingstandards/cpp/Expr.qll +++ b/cpp/common/src/codingstandards/cpp/Expr.qll @@ -189,3 +189,17 @@ module MisraExpr { CValue() { isCValue(this) } } } + +/** + * an operator that does not evaluate its operand + */ +class UnevaluatedExprExtension extends Expr { + UnevaluatedExprExtension() { + this.getChild(_).isUnevaluated() + or + exists(FunctionCall declval | + declval.getTarget().hasQualifiedName("std", "declval") and + declval.getAChild() = this + ) + } +} From eb13914e98cba05b0d8505691c00da758ce75234 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 26 Feb 2024 16:22:19 -0800 Subject: [PATCH 1707/2573] Exclude boolean literals used as non-type template arguments --- .../rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql | 2 +- cpp/common/src/codingstandards/cpp/Literals.qll | 12 ++++++++++++ 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql b/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql index ef838e585b..34acb3dd4f 100644 --- a/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql +++ b/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql @@ -39,7 +39,7 @@ where // Exclude `nullptr` not l.getType() instanceof NullPointerType and // Exclude boolean `true` and `false` - not l.getType() instanceof BoolType and + not l instanceof BoolLiteral and // Exclude empty string not l.getValue() = "" and // Template functions use literals to represent calls which are unknown diff --git a/cpp/common/src/codingstandards/cpp/Literals.qll b/cpp/common/src/codingstandards/cpp/Literals.qll index e6014d417b..8f0dbe775b 100644 --- a/cpp/common/src/codingstandards/cpp/Literals.qll +++ b/cpp/common/src/codingstandards/cpp/Literals.qll @@ -47,3 +47,15 @@ class CompileTimeComputedIntegralLiteral extends Literal { not any(ConstructorFieldInit cfi).getExpr() = this } } + +class BoolLiteral extends Literal { + BoolLiteral() { + this.getType() instanceof BoolType + or + // When used as non-type template arguments, bool literals might + // have been converted to a non-bool type. + this.getValue() = "1" and this.getValueText() = "true" + or + this.getValue() = "0" and this.getValueText() = "false" + } +} From 28ac4c1a2038a72f87f5a14d43412bc8dd4e792b Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 26 Feb 2024 16:32:53 -0800 Subject: [PATCH 1708/2573] Extend excluded char literals with char16_t and char32_t --- .../A5-1-1/LiteralValueUsedOutsideTypeInit.ql | 3 ++- .../src/codingstandards/cpp/Cpp14Literal.qll | 20 +++++++++++++++++++ 2 files changed, 22 insertions(+), 1 deletion(-) diff --git a/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql b/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql index 34acb3dd4f..54c7fea969 100644 --- a/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql +++ b/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql @@ -18,6 +18,7 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.LoggingOperation import codingstandards.cpp.Literals +import codingstandards.cpp.Cpp14Literal from Literal l where @@ -35,7 +36,7 @@ where // Exclude literal 0 not l.getValue() = "0" and // Exclude character literals - not l instanceof CharLiteral and + not l instanceof Cpp14Literal::CharLiteral and // Exclude `nullptr` not l.getType() instanceof NullPointerType and // Exclude boolean `true` and `false` diff --git a/cpp/common/src/codingstandards/cpp/Cpp14Literal.qll b/cpp/common/src/codingstandards/cpp/Cpp14Literal.qll index c3908008ef..d8e265d4ab 100644 --- a/cpp/common/src/codingstandards/cpp/Cpp14Literal.qll +++ b/cpp/common/src/codingstandards/cpp/Cpp14Literal.qll @@ -82,4 +82,24 @@ module Cpp14Literal { override string getAPrimaryQlClass() { result = "FloatingLiteral" } } + + /** + * A character literal. For example: + * ``` + * char c1 = 'a'; + * char16_t c2 = u'a'; + * char32_t c3 = U'a'; + * wchar_t c4 = L'b'; + * ``` + */ + class CharLiteral extends StandardLibrary::TextLiteral { + CharLiteral() { this.getValueText().regexpMatch("(?s)\\s*(L|u|U)?'.*") } + + override string getAPrimaryQlClass() { result = "CharLiteral" } + + /** + * Gets the character of this literal. For example `L'a'` has character `"a"`. + */ + string getCharacter() { result = this.getValueText().regexpCapture("(?s)\\s*(L|u|U)?'(.*)'", 1) } + } } From 00d36a73b3f909c927fd0bae16b1820ac958618e Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 26 Feb 2024 16:35:23 -0800 Subject: [PATCH 1709/2573] Exclude bool literals and char literals instead of types Bool literals do not always have a bool type so we exclude them using the bool literal class. We exclude using the char literal class to reduce duplication and increase coverage in case of new char literals. --- cpp/common/src/codingstandards/cpp/Literals.qll | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Literals.qll b/cpp/common/src/codingstandards/cpp/Literals.qll index 8f0dbe775b..192c3c0445 100644 --- a/cpp/common/src/codingstandards/cpp/Literals.qll +++ b/cpp/common/src/codingstandards/cpp/Literals.qll @@ -3,6 +3,7 @@ */ import cpp +import codingstandards.cpp.Cpp14Literal /** Gets `Literal.getValueText()` truncated to at most 20 characters. */ string getTruncatedLiteralText(Literal l) { @@ -36,10 +37,12 @@ class Utf32StringLiteral extends StringLiteral { class CompileTimeComputedIntegralLiteral extends Literal { CompileTimeComputedIntegralLiteral() { this.getUnspecifiedType() instanceof IntegralType and - not this.getUnspecifiedType() instanceof BoolType and - not this.getUnspecifiedType() instanceof CharType and - // In some cases we still type char constants like '.' as int - not this.getValueText().trim().matches("'%'") and + // Exclude bool, whose value text is true or false, but the value itself + // is 1 or 0. + not this instanceof BoolLiteral and + // Exclude character literals, whose value text is the quoted character, but the value + // is the numeric value of the character. + not this instanceof Cpp14Literal::CharLiteral and not this.getValueText() .trim() .regexpMatch("([0-9][0-9']*|0[xX][0-9a-fA-F']+|0b[01']+)[uU]?([lL]{1,2}|[zZ])?") and From 24b4a0038f9203614964513f80c4197ab43270b6 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 26 Feb 2024 16:37:16 -0800 Subject: [PATCH 1710/2573] Document assumption underlying `CompileTimeComputedIntegralLiteral` --- cpp/common/src/codingstandards/cpp/Literals.qll | 2 ++ 1 file changed, 2 insertions(+) diff --git a/cpp/common/src/codingstandards/cpp/Literals.qll b/cpp/common/src/codingstandards/cpp/Literals.qll index 192c3c0445..8bc51ebe95 100644 --- a/cpp/common/src/codingstandards/cpp/Literals.qll +++ b/cpp/common/src/codingstandards/cpp/Literals.qll @@ -33,6 +33,8 @@ class Utf32StringLiteral extends StringLiteral { /** * A literal resulting from the use of a constexpr * variable, or macro expansion. + * We rely on the fact that the value text of a literal is equal to the + * `constexpr` variable or macro name. */ class CompileTimeComputedIntegralLiteral extends Literal { CompileTimeComputedIntegralLiteral() { From ba39b6822664be4cf8aaa158a56383f82d5de3fe Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 26 Feb 2024 16:54:04 -0800 Subject: [PATCH 1711/2573] Exclude literals part of a class aggregate literal --- .../src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql b/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql index 54c7fea969..9daea358e7 100644 --- a/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql +++ b/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql @@ -56,5 +56,6 @@ where not l instanceof CompileTimeComputedIntegralLiteral and // Exclude literals to instantiate a class template per example in the standard // where an type of std::array is intialized with size 5. - not l = any(ClassTemplateInstantiation cti).getATemplateArgument() + not l = any(ClassTemplateInstantiation cti).getATemplateArgument() and + not l = any(ClassAggregateLiteral cal).getAFieldExpr(_) select l, "Literal value '" + getTruncatedLiteralText(l) + "' used outside of type initialization." From 9a9138ab375bb7c03fc5b159ea9a033e8fa94d7c Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 26 Feb 2024 16:55:21 -0800 Subject: [PATCH 1712/2573] Extend test cases - Add tests with different char literals - Add test case with float literal --- cpp/autosar/test/rules/A5-1-1/test.cpp | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/cpp/autosar/test/rules/A5-1-1/test.cpp b/cpp/autosar/test/rules/A5-1-1/test.cpp index 4f3b812c2d..65e691fd32 100644 --- a/cpp/autosar/test/rules/A5-1-1/test.cpp +++ b/cpp/autosar/test/rules/A5-1-1/test.cpp @@ -104,8 +104,22 @@ template struct S2 { T m2[4]; // NON_COMPLIANT }; +template struct S3 { + static constexpr T value = val; // COMPLIANT; +}; + void test_fp_reported_in_371() { struct S2 l1; // COMPLIANT struct S2 l2; // COMPLIANT struct S2 l3; // COMPLIANT + + S3 l4; // COMPLIANT + S3::value> l5; // COMPLIANT + S3 l6; // COMPLIANT + S3::value> l7; // COMPLIANT + + constexpr float l8 = 3.14159f; +#define delta 0.1f + for (float i = 0.0f; i < l8; i += delta) { // COMPLIANT + } } \ No newline at end of file From e1521ad87cfa458f72c8a942903935910647df45 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 26 Feb 2024 16:58:33 -0800 Subject: [PATCH 1713/2573] Add comment describing exclusion of compile time float literals --- .../src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql b/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql index 9daea358e7..a14681d95b 100644 --- a/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql +++ b/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql @@ -53,6 +53,10 @@ where not l = any(ArrayOrVectorAggregateLiteral aal).getAnElementExpr(_).getAChild*() and // Ignore x - 1 expressions not exists(SubExpr se | se.getRightOperand() = l and l.getValue() = "1") and + // Exclude compile time computed integral literals as they can appear as integral literals + // when used as non-type template arguments. + // We limit ourselves to integral literals, because floating point literals as non-type + // template arguments are not supported in C++ 14. Those are supported shince C++ 20. not l instanceof CompileTimeComputedIntegralLiteral and // Exclude literals to instantiate a class template per example in the standard // where an type of std::array is intialized with size 5. From 226c9f585e6bcfb2abfc93c09e42d62da5a08267 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 27 Feb 2024 10:04:35 -0800 Subject: [PATCH 1714/2573] Update changenote --- change_notes/2024-02-16-fix-fps-a5-1-1.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/change_notes/2024-02-16-fix-fps-a5-1-1.md b/change_notes/2024-02-16-fix-fps-a5-1-1.md index 6cc792be29..11831f70ea 100644 --- a/change_notes/2024-02-16-fix-fps-a5-1-1.md +++ b/change_notes/2024-02-16-fix-fps-a5-1-1.md @@ -1,4 +1,7 @@ - `A5-1-1` - `LiteralValueUsedOutsideTypeInit.ql`: - Address FP reported in #371. Exclude literals generated by uses of constexpr variables. - Exclude literals used in class template instantiations. - - Update the alert message to adhere to the style-guide. \ No newline at end of file + - Update the alert message to adhere to the style-guide. + - Exclude boolean literals used as template arguments. + - Exclude `u` and `U` prefixed char literals. + - Exclude literals part of a class aggregate literal. From 2757c3f9ffae8ebe4e2c9e451c8b5aef225f1030 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Mon, 4 Mar 2024 17:14:52 -0500 Subject: [PATCH 1715/2573] Update cpp/common/src/codingstandards/cpp/Expr.qll Co-authored-by: Remco Vermeulen --- cpp/common/src/codingstandards/cpp/Expr.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/Expr.qll b/cpp/common/src/codingstandards/cpp/Expr.qll index 8e7f6279c5..029a5b7c03 100644 --- a/cpp/common/src/codingstandards/cpp/Expr.qll +++ b/cpp/common/src/codingstandards/cpp/Expr.qll @@ -195,7 +195,7 @@ module MisraExpr { */ class UnevaluatedExprExtension extends Expr { UnevaluatedExprExtension() { - this.getChild(_).isUnevaluated() + this.getAChild().isUnevaluated() or exists(FunctionCall declval | declval.getTarget().hasQualifiedName("std", "declval") and From 7b4c73abd46518922b65020f8ab1657290b36a0b Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 4 Mar 2024 14:46:29 -0800 Subject: [PATCH 1716/2573] Format query module. --- cpp/common/src/codingstandards/cpp/Literals.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/Literals.qll b/cpp/common/src/codingstandards/cpp/Literals.qll index 8bc51ebe95..38f2fb0e8b 100644 --- a/cpp/common/src/codingstandards/cpp/Literals.qll +++ b/cpp/common/src/codingstandards/cpp/Literals.qll @@ -41,7 +41,7 @@ class CompileTimeComputedIntegralLiteral extends Literal { this.getUnspecifiedType() instanceof IntegralType and // Exclude bool, whose value text is true or false, but the value itself // is 1 or 0. - not this instanceof BoolLiteral and + not this instanceof BoolLiteral and // Exclude character literals, whose value text is the quoted character, but the value // is the numeric value of the character. not this instanceof Cpp14Literal::CharLiteral and From de82e2287ebe4d00e1da471b4059bd2d4761c941 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 4 Mar 2024 14:53:01 -0800 Subject: [PATCH 1717/2573] Format module --- cpp/common/src/codingstandards/cpp/Class.qll | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Class.qll b/cpp/common/src/codingstandards/cpp/Class.qll index be775e99f7..b967ae6365 100644 --- a/cpp/common/src/codingstandards/cpp/Class.qll +++ b/cpp/common/src/codingstandards/cpp/Class.qll @@ -5,13 +5,14 @@ import cpp import codingstandards.cpp.Expr - private Class getADerivedClass(Class c) { - not c instanceof ClassTemplateInstantiation and not c instanceof TemplateClass and result = c.getADerivedClass() - or - exists(ClassTemplateInstantiation instantiation | - instantiation.getADerivedClass() = result and c = instantiation.getTemplate() - ) + not c instanceof ClassTemplateInstantiation and + not c instanceof TemplateClass and + result = c.getADerivedClass() + or + exists(ClassTemplateInstantiation instantiation | + instantiation.getADerivedClass() = result and c = instantiation.getTemplate() + ) } /** @@ -24,10 +25,8 @@ class BaseClass extends Class { this.isAbstract() } - // We don't override `getADerivedClass` because that introduces a non-monotonic recursion. - Class getASubClass() { - result = getADerivedClass(this) - } + // We don't override `getADerivedClass` because that introduces a non-monotonic recursion. + Class getASubClass() { result = getADerivedClass(this) } } /** From 160ac0cf5f3c84f33283b98b335fac59e971c95b Mon Sep 17 00:00:00 2001 From: Nicolas Kraiouchkine Date: Tue, 5 Mar 2024 10:30:22 +0100 Subject: [PATCH 1718/2573] Modify alert messages to conform to style guide --- .../InParametersForCheapToCopyTypesNotPassedByValue.ql | 5 +++-- ...nParametersForNotCheapToCopyTypesNotPassedByReference.ql | 4 ++-- ...InParametersForCheapToCopyTypesNotPassedByValue.expected | 2 +- ...etersForNotCheapToCopyTypesNotPassedByReference.expected | 6 +++--- 4 files changed, 9 insertions(+), 8 deletions(-) diff --git a/cpp/autosar/src/rules/A8-4-7/InParametersForCheapToCopyTypesNotPassedByValue.ql b/cpp/autosar/src/rules/A8-4-7/InParametersForCheapToCopyTypesNotPassedByValue.ql index 187a0bcfb1..6bd21b93ee 100644 --- a/cpp/autosar/src/rules/A8-4-7/InParametersForCheapToCopyTypesNotPassedByValue.ql +++ b/cpp/autosar/src/rules/A8-4-7/InParametersForCheapToCopyTypesNotPassedByValue.ql @@ -40,5 +40,6 @@ where not v.isFromUninstantiatedTemplate(_) and not v.isFromTemplateInstantiation(_) select v, - "Parameter '" + v.getName() + "' is the trivially copyable type '" + t.getName() + - "' but it is passed by reference instead of by value." + "Parameter '" + v.getName() + + "' is the trivially copyable type $@ but it is passed by reference instead of by value.", t, + t.getName() diff --git a/cpp/autosar/src/rules/A8-4-7/InParametersForNotCheapToCopyTypesNotPassedByReference.ql b/cpp/autosar/src/rules/A8-4-7/InParametersForNotCheapToCopyTypesNotPassedByReference.ql index 6a05169dd7..d1de0182b6 100644 --- a/cpp/autosar/src/rules/A8-4-7/InParametersForNotCheapToCopyTypesNotPassedByReference.ql +++ b/cpp/autosar/src/rules/A8-4-7/InParametersForNotCheapToCopyTypesNotPassedByReference.ql @@ -34,6 +34,6 @@ where not v.isFromUninstantiatedTemplate(_) and not v.isFromTemplateInstantiation(_) select v, - "Parameter " + v.getName() + - " is the trivially non-copyable type $@ but it is passed by value instead of by reference.", + "Parameter '" + v.getName() + + "' is the trivially non-copyable type $@ but it is passed by value instead of by reference.", v.getType(), v.getType().getName() diff --git a/cpp/autosar/test/rules/A8-4-7/InParametersForCheapToCopyTypesNotPassedByValue.expected b/cpp/autosar/test/rules/A8-4-7/InParametersForCheapToCopyTypesNotPassedByValue.expected index ab45487bdf..9c21ae0a14 100644 --- a/cpp/autosar/test/rules/A8-4-7/InParametersForCheapToCopyTypesNotPassedByValue.expected +++ b/cpp/autosar/test/rules/A8-4-7/InParametersForCheapToCopyTypesNotPassedByValue.expected @@ -1 +1 @@ -| test.cpp:22:19:22:21 | f5a | Parameter 'f5a' is the trivially copyable type 'const S1' but it is passed by reference instead of by value. | +| test.cpp:22:19:22:21 | f5a | Parameter 'f5a' is the trivially copyable type $@ but it is passed by reference instead of by value. | file://:0:0:0:0 | const S1 | const S1 | diff --git a/cpp/autosar/test/rules/A8-4-7/InParametersForNotCheapToCopyTypesNotPassedByReference.expected b/cpp/autosar/test/rules/A8-4-7/InParametersForNotCheapToCopyTypesNotPassedByReference.expected index d0d5b13efc..3a3c791577 100644 --- a/cpp/autosar/test/rules/A8-4-7/InParametersForNotCheapToCopyTypesNotPassedByReference.expected +++ b/cpp/autosar/test/rules/A8-4-7/InParametersForNotCheapToCopyTypesNotPassedByReference.expected @@ -1,3 +1,3 @@ -| test.cpp:25:12:25:14 | f8a | Parameter f8a is the trivially non-copyable type $@ but it is passed by value instead of by reference. | test.cpp:16:8:16:9 | S2 | S2 | -| test.cpp:29:13:29:16 | f12a | Parameter f12a is the trivially non-copyable type $@ but it is passed by value instead of by reference. | test.cpp:16:8:16:9 | S2 | S2 | -| test.cpp:70:13:70:16 | f17a | Parameter f17a is the trivially non-copyable type $@ but it is passed by value instead of by reference. | test.cpp:60:8:60:9 | S4 | S4 | +| test.cpp:25:12:25:14 | f8a | Parameter 'f8a' is the trivially non-copyable type $@ but it is passed by value instead of by reference. | test.cpp:16:8:16:9 | S2 | S2 | +| test.cpp:29:13:29:16 | f12a | Parameter 'f12a' is the trivially non-copyable type $@ but it is passed by value instead of by reference. | test.cpp:16:8:16:9 | S2 | S2 | +| test.cpp:70:13:70:16 | f17a | Parameter 'f17a' is the trivially non-copyable type $@ but it is passed by value instead of by reference. | test.cpp:60:8:60:9 | S4 | S4 | From 3b3fca019c08cdbb7a13e9da6f08291b4fff0242 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 5 Mar 2024 09:37:57 -0800 Subject: [PATCH 1719/2573] Format module --- cpp/common/src/codingstandards/cpp/Cpp14Literal.qll | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/Cpp14Literal.qll b/cpp/common/src/codingstandards/cpp/Cpp14Literal.qll index d8e265d4ab..c974ec7eb8 100644 --- a/cpp/common/src/codingstandards/cpp/Cpp14Literal.qll +++ b/cpp/common/src/codingstandards/cpp/Cpp14Literal.qll @@ -100,6 +100,8 @@ module Cpp14Literal { /** * Gets the character of this literal. For example `L'a'` has character `"a"`. */ - string getCharacter() { result = this.getValueText().regexpCapture("(?s)\\s*(L|u|U)?'(.*)'", 1) } + string getCharacter() { + result = this.getValueText().regexpCapture("(?s)\\s*(L|u|U)?'(.*)'", 1) + } } } From 4017b3987a59d4dc553c181cbb8fe6313cf3b63a Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 5 Mar 2024 12:20:49 -0800 Subject: [PATCH 1720/2573] Apply suggestions from code review Co-authored-by: Nicolas Kraiouchkine --- cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll b/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll index 83d78521a0..45ea8c35ab 100644 --- a/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll +++ b/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll @@ -11,7 +11,7 @@ private string getConstExprValue(Variable v) { } /** - * Gets the number of uses of variable `v` in an opaque assignment, where an opaqua assignment for example a cast from one type to the other and `v` is assumed to be a member of the resulting type. + * Gets the number of uses of variable `v` in an opaque assignment, where an opaque assignment is a cast from one type to the other, and `v` is assumed to be a member of the resulting type. * e.g., * struct foo { * int bar; @@ -42,7 +42,7 @@ Expr getIndirectSubObjectAssignedValue(MemberVariable subobject) { result = externalInitializerCall ) or - // the object this subject is part of is initialized and we assumes this initializes the subobject. + // the object this subject is part of is initialized and we assume this initializes the subobject. instanceOfSomeStruct.getType() = someStruct and result = instanceOfSomeStruct.getInitializer().getExpr() ) From e49c8b94520e94966184ef64a25f2d098bbee2bc Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 5 Mar 2024 16:40:55 -0800 Subject: [PATCH 1721/2573] Exclude asserted expressions The way assert is implemented will result in an alert pointing to the expression being asserted. This will result in a false positive, as the expression does not need to be parenthesized. --- .../M5-0-2/InsufficientUseOfParentheses.ql | 24 ++++++++++++------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/cpp/autosar/src/rules/M5-0-2/InsufficientUseOfParentheses.ql b/cpp/autosar/src/rules/M5-0-2/InsufficientUseOfParentheses.ql index 19bd325edd..bb5b1418b3 100644 --- a/cpp/autosar/src/rules/M5-0-2/InsufficientUseOfParentheses.ql +++ b/cpp/autosar/src/rules/M5-0-2/InsufficientUseOfParentheses.ql @@ -16,18 +16,24 @@ import cpp import codingstandards.cpp.autosar +import semmle.code.cpp.commons.Assertions class InsufficientlyParenthesizedExpr extends Expr { InsufficientlyParenthesizedExpr() { - exists(BinaryOperation root, BinaryOperation child | child = this | - root.getAnOperand() = child and - root.getOperator() != child.getOperator() and - not any(ParenthesisExpr pe).getExpr() = child - ) - or - exists(ConditionalExpr root, BinaryOperation child | child = this | - root.getAnOperand() = child and - not any(ParenthesisExpr pe).getExpr() = child + // Exclude assertions because if the child is the expression being asserted it + // is not necessary to add parenthesis. + not any(Assertion a).getAsserted() = this and + ( + exists(BinaryOperation root, BinaryOperation child | child = this | + root.getAnOperand() = child and + root.getOperator() != child.getOperator() and + not any(ParenthesisExpr pe).getExpr() = child + ) + or + exists(ConditionalExpr root, BinaryOperation child | child = this | + root.getAnOperand() = child and + not any(ParenthesisExpr pe).getExpr() = child + ) ) } } From a78dd7aca0f1da12654dc3e2ab74aafdcba4f499 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 5 Mar 2024 17:12:03 -0800 Subject: [PATCH 1722/2573] Generalize exclusion to macro expanded code --- .../src/rules/M5-0-2/InsufficientUseOfParentheses.ql | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/cpp/autosar/src/rules/M5-0-2/InsufficientUseOfParentheses.ql b/cpp/autosar/src/rules/M5-0-2/InsufficientUseOfParentheses.ql index bb5b1418b3..1dda0df93f 100644 --- a/cpp/autosar/src/rules/M5-0-2/InsufficientUseOfParentheses.ql +++ b/cpp/autosar/src/rules/M5-0-2/InsufficientUseOfParentheses.ql @@ -20,9 +20,10 @@ import semmle.code.cpp.commons.Assertions class InsufficientlyParenthesizedExpr extends Expr { InsufficientlyParenthesizedExpr() { - // Exclude assertions because if the child is the expression being asserted it - // is not necessary to add parenthesis. - not any(Assertion a).getAsserted() = this and + // Exclude expressions affected by macros, including assertions, because + // it is unclear that the expression must be parenthesized since it seems + // to be the top-level expression instead of an operand of a binary or ternary operation. + not this.isAffectedByMacro() and ( exists(BinaryOperation root, BinaryOperation child | child = this | root.getAnOperand() = child and From 3fd5c503a0595b6ff242263432452b9c731e5417 Mon Sep 17 00:00:00 2001 From: rvermeulen Date: Tue, 12 Mar 2024 18:03:53 +0000 Subject: [PATCH 1723/2573] Update version --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- docs/user_manual.md | 12 ++++++------ 16 files changed, 21 insertions(+), 21 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index d584e57d97..d308eae062 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards -version: 2.22.0-dev +version: 2.25.0 description: CERT C 2016 suites: codeql-suites license: MIT diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index fee5a2f16e..260e563511 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards-tests -version: 2.22.0-dev +version: 2.25.0 extractor: cpp license: MIT dependencies: diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 75d0521b99..850461a8ed 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards -version: 2.22.0-dev +version: 2.25.0 license: MIT dependencies: codeql/common-cpp-coding-standards: '*' diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index 9c82dfd3dd..fbf8de2a52 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards-tests -version: 2.22.0-dev +version: 2.25.0 extractor: cpp license: MIT dependencies: diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 45a668f52c..71ac5d0fe7 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards -version: 2.22.0-dev +version: 2.25.0 description: MISRA C 2012 suites: codeql-suites license: MIT diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index b64a6fb167..953afa3424 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards-tests -version: 2.22.0-dev +version: 2.25.0 extractor: cpp license: MIT dependencies: diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index 356285a5b9..bbe5a9e2c3 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards -version: 2.22.0-dev +version: 2.25.0 description: AUTOSAR C++14 Guidelines R22-11, R21-11, R20-11, R19-11 and R19-03 suites: codeql-suites license: MIT diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index 062c269f5e..b9acbdcb30 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards-tests -version: 2.22.0-dev +version: 2.25.0 extractor: cpp license: MIT dependencies: diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index a73ff2fd41..af3b5bc843 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards -version: 2.22.0-dev +version: 2.25.0 description: CERT C++ 2016 suites: codeql-suites license: MIT diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index 2c879e82a2..2b7186a1ad 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards-tests -version: 2.22.0-dev +version: 2.25.0 extractor: cpp license: MIT dependencies: diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index bb698cc9b0..274ab35914 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards -version: 2.22.0-dev +version: 2.25.0 license: MIT dependencies: codeql/cpp-all: 0.9.3 diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index 5a5374e947..00958ab22e 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards-tests -version: 2.22.0-dev +version: 2.25.0 extractor: cpp license: MIT dependencies: diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index b5dc482483..71a37e030b 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards -version: 2.22.0-dev +version: 2.25.0 description: MISRA C++ 2008 suites: codeql-suites license: MIT diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index f8b7339f66..f764a49487 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards-tests -version: 2.22.0-dev +version: 2.25.0 extractor: cpp license: MIT dependencies: diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index 7acfe4cf12..3c93eb73cb 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/report-cpp-coding-standards -version: 2.22.0-dev +version: 2.25.0 license: MIT dependencies: codeql/cpp-all: 0.9.3 diff --git a/docs/user_manual.md b/docs/user_manual.md index af050c07e2..09693e8643 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -29,13 +29,13 @@ ## Release information -This user manual documents release `2.22.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). +This user manual documents release `2.25.0` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). The release page documents the release notes and contains the following artifacts part of the release: -- `code-scanning-cpp-query-pack-2.22.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `supported_rules_list_2.22.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. -- `supported_rules_list_2.22.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. -- `user_manual_2.22.0-dev.md`: This user manual. +- `code-scanning-cpp-query-pack-2.25.0.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. +- `supported_rules_list_2.25.0.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. +- `supported_rules_list_2.25.0.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. +- `user_manual_2.25.0.md`: This user manual. - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards - `checksums.txt`: A text file containing sha256 checksums for the aforementioned artifacts. @@ -496,7 +496,7 @@ This section describes known failure modes for "CodeQL Coding Standards" and des | | Ouf of space | Less output. Some files may be only be partially analyzed, or not analyzed at all. | Error reported on the command line. | Increase space. If it remains an issue report space consumption issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False positives | More output. Results are reported which are not violations of the guidelines. | All reported results must be reviewed. | Report false positive issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False negatives | Less output. Violations of the guidelines are not reported. | Other validation and verification processes during software development should be used to complement the analysis performed by CodeQL Coding Standards. | Report false negative issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | -| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.22.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | +| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.25.0.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | | | Incorrect deviation record specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation records with a reason. Ensure that all deviation records are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Incorrect deviation permit specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation permits with a reason. Ensure that all deviation permits are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Unapproved use of a deviation record | Less output. Results for guideline violations are not reported. | Validate that the deviation record use is approved by verifying the approved-by attribute of the deviation record specification. | Ensure that each raised deviation record is approved by an independent approver through an auditable process. | From f3bb3015cfc26af023332028422d9f5520a14c97 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 12 Mar 2024 17:13:00 -0700 Subject: [PATCH 1724/2573] Checkout head sha for the correct local files --- .github/workflows/update-release.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/update-release.yml b/.github/workflows/update-release.yml index 67666bbf39..912d5aa429 100644 --- a/.github/workflows/update-release.yml +++ b/.github/workflows/update-release.yml @@ -31,6 +31,7 @@ jobs: uses: actions/checkout@v4 with: fetch-depth: 0 # We need the full history to compute the changelog + ref: ${{ inputs.head-sha }} - name: Install Python uses: actions/setup-python@v4 From 229e79188ccafc4121691e7ea43bca49040057a1 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 12 Mar 2024 21:51:59 -0700 Subject: [PATCH 1725/2573] Exclude checkrun for Update Release This allows us to re-run it manually in case of an error. --- .github/workflows/update-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-release.yml b/.github/workflows/update-release.yml index 912d5aa429..21838c1d9f 100644 --- a/.github/workflows/update-release.yml +++ b/.github/workflows/update-release.yml @@ -60,7 +60,7 @@ jobs: --layout scripts/release/release-layout.yml \ --repo "$GITHUB_REPOSITORY" \ --github-token "$GITHUB_REPOSITORY:$GITHUB_TOKEN" "github/codeql-coding-standards-release-engineering:$RELEASE_ENGINEERING_TOKEN" \ - --skip-checkrun "release-status" + --skip-checkrun "release-status" "Update Release" - name: Update release notes env: From 72ec5876b4d24fb83d4a7b9e79b16d7b2c7e363c Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 12 Mar 2024 22:13:41 -0700 Subject: [PATCH 1726/2573] Invoke correct hot-fix check script --- .github/workflows/finalize-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index fbadfdb836..7329ceb9d2 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -61,7 +61,7 @@ jobs: - name: Determine if release was a hotfix release run: | version=${BASE_REF#rc/} - echo "HOTFIX_RELEASE=$(python scripts/release/is-hotfix.py $version)" >> "$GITHUB_ENV" + echo "HOTFIX_RELEASE=$(python scripts/release/is-hotfix-release.py $version)" >> "$GITHUB_ENV" - name: Bump main version if: env.HOTFIX_RELEASE == 'false' From 880092b6588d7c8ade0c4e87938327c5a069b5d5 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 12 Mar 2024 22:21:07 -0700 Subject: [PATCH 1727/2573] Setup Python and install script dependencies --- .github/workflows/finalize-release.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index 7329ceb9d2..de687ee153 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -35,6 +35,14 @@ jobs: uses: actions/checkout@v4 with: ref: ${{ env.REF }} + + - name: Install Python + uses: actions/setup-python@v4 + with: + python-version: "3.9" + + - name: Install dependencies + run: pip install -r scripts/release/requirements.txt - name: Configure git run: | From 47837fd11496d275fc776bf314559098abf75629 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 12 Mar 2024 22:28:31 -0700 Subject: [PATCH 1728/2573] Add reason to get merge base failure message --- scripts/release/is-hotfix-release.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/release/is-hotfix-release.py b/scripts/release/is-hotfix-release.py index a496b63c27..aba957ea5f 100644 --- a/scripts/release/is-hotfix-release.py +++ b/scripts/release/is-hotfix-release.py @@ -9,7 +9,7 @@ def get_merge_base_of_ref() -> str: cp = run(["git", "merge-base", "HEAD", "origin/main"], capture_output=True, text=True) if cp.returncode != 0: - raise RuntimeError("Failed to get merge base") + raise RuntimeError(f"Failed to get merge base with reason '{cp.stderr.strip()}'") return cp.stdout.strip() def get_release_branches_containing(commit: str) -> List[Version]: From 1f9bc6b4445ae3203a7c11e3ff6ecdfe5f16ed4f Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Wed, 13 Mar 2024 15:12:34 +0000 Subject: [PATCH 1729/2573] Remove the copy of DataFlow that was added in 6aee03ef5ac577d77fbf034a46a6637f31aefbee now that the 'absolute path' problem has been fixed. --- ...interArithmeticOnNonArrayObjectPointers.ql | 2 +- ...otAddOrSubtractAScaledIntegerToAPointer.ql | 2 +- .../CON30-C/CleanUpThreadSpecificStorage.ql | 4 +- ...AppropriateThreadObjectStorageDurations.ql | 4 +- ...eadObjectStorageDurationsNotInitialized.ql | 4 +- ...propriateStorageDurationsFunctionReturn.ql | 2 +- .../ERR30-C/FunctionCallBeforeErrnoCheck.ql | 2 +- ...nOrderOfFunctionArgumentsForSideEffects.ql | 4 +- ...PointerToMoreStrictlyAlignedPointerType.ql | 2 +- ...CallFunctionPointerWithIncompatibleType.ql | 2 +- ...essVariableViaPointerOfIncompatibleType.ql | 2 +- .../EXP40-C/DoNotModifyConstantObjects.ql | 2 +- ...sAliasedPointerToRestrictQualifiedParam.ql | 2 +- ...trictPointerReferencesOverlappingObject.ql | 2 +- ...sfulFgetsOrFgetwsMayReturnAnEmptyString.ql | 2 +- ...uesForFsetposThatAreReturnedFromFgetpos.ql | 2 +- ...ToctouRaceConditionsWhileAccessingFiles.ql | 2 +- .../InsufficientMemoryAllocatedForObject.ql | 2 +- ...DoNotModifyAlignmentOfMemoryWithRealloc.ql | 2 +- ...oNotPassInvalidDataToTheAsctimeFunction.ql | 2 +- ...ArgOnAVaListThatHasAnIndeterminateValue.ql | 2 +- ...yAsyncSafeFunctionsWithinSignalHandlers.ql | 2 +- ...eturnFromAComputationalExceptionHandler.ql | 2 +- .../DoNotAttemptToModifyStringLiterals.ql | 2 +- ...sHasSufficientSpaceForTheNullTerminator.ql | 2 +- ...lTerminatedToFunctionThatExpectsAString.ql | 2 +- c/common/src/codingstandards/c/Errno.qll | 2 +- .../src/codingstandards/c/OutOfBounds.qll | 2 +- c/common/src/codingstandards/c/Signal.qll | 2 +- .../ArrayFunctionArgumentNumberOfElements.ql | 2 +- .../ValueReturnedByAFunctionNotUsed.ql | 2 +- .../ObjectCopiedToAnOverlappingObject.ql | 2 +- ...emcmpUsedToCompareNullTerminatedStrings.ql | 2 +- ...leOpenForReadAndWriteOnDifferentStreams.ql | 2 +- .../AttemptToWriteToAReadOnlyStream.ql | 2 +- ...OnlyPerformConversionOfPassedParameters.ql | 2 +- .../A13-2-1/AssignmentOperatorReturnThis.ql | 2 +- .../A15-1-3/ThrownExceptionsShouldBeUnique.ql | 2 +- ...structorErrorLeavesObjectInInvalidState.ql | 2 +- ...AnElementOfAnArrayPassedToASmartPointer.ql | 2 +- .../rules/A18-5-2/DoNotUseNonPlacementNew.ql | 2 +- .../A18-5-8/UnnecessaryUseOfDynamicStorage.ql | 2 +- .../ArgumentToForwardSubsequentlyUsed.ql | 2 +- ...SharedPointerUsedWithNoOwnershipSharing.ql | 2 +- .../src/rules/A27-0-4/CStyleStringsUsed.ql | 2 +- ...hmeticUsedWithPointersToNonFinalClasses.ql | 2 +- .../rules/A5-1-7/LambdaPassedToDecltype.ql | 2 +- .../src/rules/A5-1-7/LambdaPassedToTypeid.ql | 2 +- .../rules/A7-5-1/InvalidFunctionReturnType.ql | 2 +- ...nterAsParameterWithoutLifetimeSemantics.ql | 2 +- ...trPassedToFunctionWithImproperSemantics.ql | 2 +- .../FunctionReturnMultipleValueCondition.ql | 2 +- ...ersOrReferencesToPrivateOrProtectedData.ql | 2 +- .../FunctionErroneousReturnValueNotTested.ql | 2 +- ...epresentationsOfFloatingPointValuesUsed.ql | 2 +- .../PointerSubtractionOnDifferentArrays.ql | 2 +- ...ointerToAVirtualBaseClassCastToAPointer.ql | 2 +- ...nstMemberFunctionReturnsNonConstPointer.ql | 2 +- ...GenericCppLibraryFunctionsDoNotOverflow.ql | 2 +- ...sePointerArithmeticOnPolymorphicObjects.ql | 2 +- ...fectsInFunctionCallsAsFunctionArguments.ql | 4 +- ...nArrayThroughAPointerOfTheIncorrectType.ql | 2 +- .../DetectAndHandleMemoryAllocationErrors.ql | 2 +- .../MEM53-CPP/ManuallyManagedLifetime.qll | 2 +- ...ConstructorCallForManuallyManagedObject.ql | 2 +- ...gDestructorCallForManuallyManagedObject.ql | 2 +- .../BadlySeededRandomNumberGenerator.ql | 2 +- .../src/codingstandards/cpp/AccessPath.qll | 2 +- .../src/codingstandards/cpp/Allocations.qll | 2 +- .../src/codingstandards/cpp/Concurrency.qll | 2 +- .../src/codingstandards/cpp/ConstHelpers.qll | 2 +- .../cpp/FgetsErrorManagement.qll | 2 +- .../src/codingstandards/cpp/Iterators.qll | 4 +- .../src/codingstandards/cpp/Nullness.qll | 2 +- .../src/codingstandards/cpp/Overflow.qll | 2 +- .../codingstandards/cpp/ReadErrorsAndEOF.qll | 2 +- .../src/codingstandards/cpp/SideEffect.qll | 2 +- .../src/codingstandards/cpp/SmartPointers.qll | 2 +- .../cpp/allocations/PlacementNew.qll | 2 +- .../codingstandards/cpp/dataflow/DataFlow.qll | 36 ------------------ .../cpp/dataflow/DataFlow2.qll | 25 ------------- .../cpp/dataflow/TaintTracking.qll | 37 ------------------- .../tainttracking1/TaintTrackingParameter.qll | 6 --- .../lifetimeprofile/LifetimeProfile.qll | 2 +- .../cpp/resources/ResourceManagement.qll | 2 +- ...onExistingMemberThroughPointerToMember.qll | 2 +- ...essOfUndefinedMemberThroughNullPointer.qll | 2 +- ...emberThroughUninitializedStaticPointer.qll | 2 +- .../BasicStringMayNotBeNullTerminated.qll | 4 +- .../ConstLikeReturnValue.qll | 2 +- .../ContainerAccessWithoutRangeCheck.qll | 2 +- .../DanglingCaptureWhenMovingLambdaObject.qll | 2 +- ...nglingCaptureWhenReturningLambdaObject.qll | 2 +- .../DoNotAccessAClosedFile.qll | 2 +- ...otAllowAMutexToGoOutOfScopeWhileLocked.qll | 2 +- .../DoNotDestroyAMutexWhileItIsLocked.qll | 2 +- ...tractPointersAddressingDifferentArrays.qll | 2 +- ...nterArithmeticToAddressDifferentArrays.qll | 2 +- ...RelationalOperatorsWithDifferingArrays.qll | 2 +- .../InvalidatedEnvStringPointers.qll | 2 +- .../InvalidatedEnvStringPointersWarn.qll | 2 +- .../IOFstreamMissingPositioning.qll | 2 +- .../MovedFromObjectsUnspecifiedState.qll | 2 +- .../nonconstantformat/NonConstantFormat.qll | 2 +- ...lyFreeMemoryAllocatedDynamicallyShared.qll | 2 +- ...nterValueStoredInUnrelatedSmartPointer.qll | 2 +- .../PlacementNewInsufficientStorage.qll | 2 +- .../PlacementNewNotProperlyAligned.qll | 2 +- ...tringNumberConversionMissingErrorCheck.qll | 2 +- .../ThrowingOperatorNewReturnsNull.qll | 2 +- ...eOnlyArrayIndexingForPointerArithmetic.qll | 2 +- .../cpp/standardlibrary/FileStreams.qll | 4 +- .../cpp/trustboundary/UninitializedField.qll | 2 +- .../UnusedReturnValue.ql | 2 +- .../UnusedReturnValue.ql | 2 +- .../UnusedReturnValue.ql | 2 +- 116 files changed, 120 insertions(+), 224 deletions(-) delete mode 100644 cpp/common/src/codingstandards/cpp/dataflow/DataFlow.qll delete mode 100644 cpp/common/src/codingstandards/cpp/dataflow/DataFlow2.qll delete mode 100644 cpp/common/src/codingstandards/cpp/dataflow/TaintTracking.qll delete mode 100644 cpp/common/src/codingstandards/cpp/dataflow/internal/tainttracking1/TaintTrackingParameter.qll diff --git a/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql b/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql index 2f8ecec25d..0ddf56150c 100644 --- a/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql +++ b/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.cert -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import NonArrayPointerToArrayIndexingExprFlow::PathGraph /** diff --git a/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql b/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql index c641c17124..d832eb6014 100644 --- a/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql +++ b/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.c.cert import codingstandards.c.Pointers -import codingstandards.cpp.dataflow.TaintTracking +import semmle.code.cpp.dataflow.TaintTracking import ScaledIntegerPointerArithmeticFlow::PathGraph /** diff --git a/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql b/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql index 59fab6e455..d55f1326bf 100644 --- a/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql +++ b/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql @@ -15,8 +15,8 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.Concurrency -import codingstandards.cpp.dataflow.TaintTracking -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.TaintTracking +import semmle.code.cpp.dataflow.DataFlow module TssCreateToTssDeleteConfig implements DataFlow::ConfigSig { predicate isSource(DataFlow::Node node) { diff --git a/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql b/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql index e0617c266d..71138f4ff8 100644 --- a/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql +++ b/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql @@ -15,8 +15,8 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.Concurrency -import codingstandards.cpp.dataflow.TaintTracking -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.TaintTracking +import semmle.code.cpp.dataflow.DataFlow import semmle.code.cpp.commons.Alloc from C11ThreadCreateCall tcc, StackVariable sv, Expr arg, Expr acc diff --git a/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql b/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql index 0fd94911ec..ddcddb8dc5 100644 --- a/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql +++ b/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql @@ -16,8 +16,8 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.Concurrency -import codingstandards.cpp.dataflow.TaintTracking -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.TaintTracking +import semmle.code.cpp.dataflow.DataFlow from TSSGetFunctionCall tsg, ThreadedFunction tf where diff --git a/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql b/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql index 9097f14297..b5d7e5e378 100644 --- a/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql +++ b/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.cert -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow class Source extends StackVariable { Source() { not this instanceof Parameter } diff --git a/c/cert/src/rules/ERR30-C/FunctionCallBeforeErrnoCheck.ql b/c/cert/src/rules/ERR30-C/FunctionCallBeforeErrnoCheck.ql index 8d63bb5d06..dd2e2175f7 100644 --- a/c/cert/src/rules/ERR30-C/FunctionCallBeforeErrnoCheck.ql +++ b/c/cert/src/rules/ERR30-C/FunctionCallBeforeErrnoCheck.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.c.cert import codingstandards.c.Errno -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow /** * A call to an `OutOfBandErrnoSettingFunction` diff --git a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql b/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql index bf8f99fd27..fb14515c61 100644 --- a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql +++ b/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql @@ -14,8 +14,8 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.SideEffect -import codingstandards.cpp.dataflow.DataFlow -import codingstandards.cpp.dataflow.TaintTracking +import semmle.code.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.TaintTracking import semmle.code.cpp.valuenumbering.GlobalValueNumbering /** Holds if the function's return value is derived from the `AliasParamter` p. */ diff --git a/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql b/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql index e5735a5fda..f3b3aa364d 100644 --- a/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql +++ b/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.Alignment -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis import ExprWithAlignmentToCStyleCastFlow::PathGraph diff --git a/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql b/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql index e28dbddaaf..9bbe27aa31 100644 --- a/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql +++ b/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.cert -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import SuspectFunctionPointerToCallFlow::PathGraph /** diff --git a/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql b/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql index 825f85b0bd..fde564665c 100644 --- a/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql +++ b/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.cert -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import semmle.code.cpp.controlflow.Dominance import IndirectCastFlow::PathGraph diff --git a/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql b/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql index d79224435f..20c9f1bcc8 100644 --- a/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql +++ b/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql @@ -12,7 +12,7 @@ import cpp import codingstandards.c.cert -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import CastFlow::PathGraph import codingstandards.cpp.SideEffect diff --git a/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql b/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql index a4cc4e8944..1b792d16d5 100644 --- a/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql +++ b/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.c.cert import codingstandards.c.Pointers import codingstandards.c.Variable -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import semmle.code.cpp.pointsto.PointsTo import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis diff --git a/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql b/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql index bbe41259b8..f220401c82 100644 --- a/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql +++ b/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql @@ -11,7 +11,7 @@ */ import cpp -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import semmle.code.cpp.controlflow.Dominance import codingstandards.c.cert import codingstandards.c.Variable diff --git a/c/cert/src/rules/FIO37-C/SuccessfulFgetsOrFgetwsMayReturnAnEmptyString.ql b/c/cert/src/rules/FIO37-C/SuccessfulFgetsOrFgetwsMayReturnAnEmptyString.ql index 2dce0d465c..54f555d7cb 100644 --- a/c/cert/src/rules/FIO37-C/SuccessfulFgetsOrFgetwsMayReturnAnEmptyString.ql +++ b/c/cert/src/rules/FIO37-C/SuccessfulFgetsOrFgetwsMayReturnAnEmptyString.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.FgetsErrorManagement import codingstandards.cpp.Dereferenced -import codingstandards.cpp.dataflow.TaintTracking +import semmle.code.cpp.dataflow.TaintTracking /* * CFG nodes that follows a successful call to `fgets` diff --git a/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql b/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql index 33a906136f..7ed5887e42 100644 --- a/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql +++ b/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql @@ -12,7 +12,7 @@ import cpp import codingstandards.c.cert -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow class FgetposCall extends FunctionCall { FgetposCall() { this.getTarget().hasGlobalOrStdName("fgetpos") } diff --git a/c/cert/src/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.ql b/c/cert/src/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.ql index 2ddfa6cf4c..b02ce2f58d 100644 --- a/c/cert/src/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.ql +++ b/c/cert/src/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.standardlibrary.FileAccess -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import semmle.code.cpp.valuenumbering.GlobalValueNumbering /** diff --git a/c/cert/src/rules/MEM35-C/InsufficientMemoryAllocatedForObject.ql b/c/cert/src/rules/MEM35-C/InsufficientMemoryAllocatedForObject.ql index 7683140327..5ff1725269 100644 --- a/c/cert/src/rules/MEM35-C/InsufficientMemoryAllocatedForObject.ql +++ b/c/cert/src/rules/MEM35-C/InsufficientMemoryAllocatedForObject.ql @@ -16,7 +16,7 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.Overflow import semmle.code.cpp.controlflow.Guards -import codingstandards.cpp.dataflow.TaintTracking +import semmle.code.cpp.dataflow.TaintTracking import semmle.code.cpp.models.Models /** diff --git a/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql b/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql index 512b783030..df0eb3b1e3 100644 --- a/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql +++ b/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql @@ -15,7 +15,7 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.Alignment -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import AlignedAllocToReallocFlow::PathGraph int getStatedValue(Expr e) { diff --git a/c/cert/src/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.ql b/c/cert/src/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.ql index 52dd0b1046..fa4a29cb3d 100644 --- a/c/cert/src/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.ql +++ b/c/cert/src/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.c.cert -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow /** * The argument of a call to `asctime` diff --git a/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql b/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql index 821b79c8e4..338dc83308 100644 --- a/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql +++ b/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.Macro -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow abstract class VaAccess extends Expr { } diff --git a/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql b/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql index 19730b4677..0da48daa70 100644 --- a/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql +++ b/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.c.cert import codingstandards.c.Signal -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow /** * Does not access an external variable except diff --git a/c/cert/src/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.ql b/c/cert/src/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.ql index 5a064c0904..fa3cc3bf14 100644 --- a/c/cert/src/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.ql +++ b/c/cert/src/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.c.cert import codingstandards.c.Signal -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow /** * CFG nodes preceeding a `ReturnStmt` diff --git a/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql b/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql index 40f19ed4a0..244fe6d8e5 100644 --- a/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql +++ b/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.c.cert import semmle.code.cpp.security.BufferWrite -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow /** * Class that includes into `BufferWrite` functions that will modify their diff --git a/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql b/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql index 4e2e48708a..3742207720 100644 --- a/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql +++ b/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql @@ -15,7 +15,7 @@ import cpp import codingstandards.c.cert -import codingstandards.cpp.dataflow.TaintTracking +import semmle.code.cpp.dataflow.TaintTracking import codingstandards.cpp.PossiblyUnsafeStringOperation /** diff --git a/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql b/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql index d661edade5..365136f99d 100644 --- a/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql +++ b/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql @@ -15,7 +15,7 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.Naming -import codingstandards.cpp.dataflow.TaintTracking +import semmle.code.cpp.dataflow.TaintTracking import codingstandards.cpp.PossiblyUnsafeStringOperation /** diff --git a/c/common/src/codingstandards/c/Errno.qll b/c/common/src/codingstandards/c/Errno.qll index 86ecabe8f1..d606593a1e 100644 --- a/c/common/src/codingstandards/c/Errno.qll +++ b/c/common/src/codingstandards/c/Errno.qll @@ -1,7 +1,7 @@ /** Provides a library for errno-setting functions. */ import cpp -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow /** * An errno-setting function diff --git a/c/common/src/codingstandards/c/OutOfBounds.qll b/c/common/src/codingstandards/c/OutOfBounds.qll index 87c7c17870..92d519699c 100644 --- a/c/common/src/codingstandards/c/OutOfBounds.qll +++ b/c/common/src/codingstandards/c/OutOfBounds.qll @@ -11,7 +11,7 @@ import codingstandards.cpp.Allocations import codingstandards.cpp.Overflow import codingstandards.cpp.PossiblyUnsafeStringOperation import codingstandards.cpp.SimpleRangeAnalysisCustomizations -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import semmle.code.cpp.valuenumbering.GlobalValueNumbering module OOB { diff --git a/c/common/src/codingstandards/c/Signal.qll b/c/common/src/codingstandards/c/Signal.qll index 35286be4d9..95b27e2898 100644 --- a/c/common/src/codingstandards/c/Signal.qll +++ b/c/common/src/codingstandards/c/Signal.qll @@ -1,5 +1,5 @@ import cpp -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow /** * A signal corresponding to a computational exception diff --git a/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql b/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql index 208e8153d6..a6f5f2c1a2 100644 --- a/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql +++ b/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow /** * Models a function parameter of type array with specified size diff --git a/c/misra/src/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.ql b/c/misra/src/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.ql index 02d0a54ec1..3b224544f2 100644 --- a/c/misra/src/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.ql +++ b/c/misra/src/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow from Call c where diff --git a/c/misra/src/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.ql b/c/misra/src/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.ql index bee9b41e2c..fe1226dcea 100644 --- a/c/misra/src/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.ql +++ b/c/misra/src/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.misra import semmle.code.cpp.valuenumbering.GlobalValueNumbering -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow /** * Offset in bytes of a field access diff --git a/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql b/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql index 44e21d14db..ec1470a8ec 100644 --- a/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql +++ b/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql @@ -15,7 +15,7 @@ import cpp import codingstandards.c.misra import codingstandards.c.misra.EssentialTypes -import codingstandards.cpp.dataflow.TaintTracking +import semmle.code.cpp.dataflow.TaintTracking import NullTerminatedStringToMemcmpFlow::PathGraph // Data flow from a StringLiteral or from an array of characters, to a memcmp call diff --git a/c/misra/src/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.ql b/c/misra/src/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.ql index c01afea39f..877fbea9aa 100644 --- a/c/misra/src/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.ql +++ b/c/misra/src/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.standardlibrary.FileAccess -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import semmle.code.cpp.valuenumbering.GlobalValueNumbering import semmle.code.cpp.controlflow.SubBasicBlocks diff --git a/c/misra/src/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.ql b/c/misra/src/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.ql index 6dc3b3ee71..8c27b936b8 100644 --- a/c/misra/src/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.ql +++ b/c/misra/src/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.standardlibrary.FileAccess -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow module FileDFConfig implements DataFlow::ConfigSig { predicate isSource(DataFlow::Node source) { diff --git a/cpp/autosar/src/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.ql b/cpp/autosar/src/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.ql index 840d7423fb..4593065e01 100644 --- a/cpp/autosar/src/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.ql +++ b/cpp/autosar/src/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.ql @@ -14,7 +14,7 @@ */ import cpp -import codingstandards.cpp.dataflow.TaintTracking +import semmle.code.cpp.dataflow.TaintTracking import codingstandards.cpp.autosar import codingstandards.cpp.UserDefinedLiteral as udl import codingstandards.cpp.SideEffect diff --git a/cpp/autosar/src/rules/A13-2-1/AssignmentOperatorReturnThis.ql b/cpp/autosar/src/rules/A13-2-1/AssignmentOperatorReturnThis.ql index ae0acc3bb5..4e6b7d6f0c 100644 --- a/cpp/autosar/src/rules/A13-2-1/AssignmentOperatorReturnThis.ql +++ b/cpp/autosar/src/rules/A13-2-1/AssignmentOperatorReturnThis.ql @@ -16,7 +16,7 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.Operator -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow predicate returnsThisPointer(UserAssignmentOperator o) { exists(PointerDereferenceExpr p, ThisExpr t, ReturnStmt r | diff --git a/cpp/autosar/src/rules/A15-1-3/ThrownExceptionsShouldBeUnique.ql b/cpp/autosar/src/rules/A15-1-3/ThrownExceptionsShouldBeUnique.ql index 1459b79b43..97e9133a7a 100644 --- a/cpp/autosar/src/rules/A15-1-3/ThrownExceptionsShouldBeUnique.ql +++ b/cpp/autosar/src/rules/A15-1-3/ThrownExceptionsShouldBeUnique.ql @@ -16,7 +16,7 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.exceptions.ExceptionFlow -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import semmle.code.cpp.valuenumbering.HashCons /** Find a value which defines the exception thrown by the `DirectThrowExpr`, if any. */ diff --git a/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql b/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql index 9fcd8fa609..1b3a3cfed2 100644 --- a/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql +++ b/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql @@ -15,7 +15,7 @@ */ import cpp -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import codingstandards.cpp.autosar import codingstandards.cpp.exceptions.ExceptionFlow import codingstandards.cpp.exceptions.ExceptionSpecifications diff --git a/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql b/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql index 842dc14390..353c985137 100644 --- a/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql +++ b/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql @@ -16,7 +16,7 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.SmartPointers -import codingstandards.cpp.dataflow.TaintTracking +import semmle.code.cpp.dataflow.TaintTracking import SingleObjectSmartPointerArrayConstructionFlow::PathGraph class AutosarSmartPointerArraySpecialisation extends AutosarSmartPointer { diff --git a/cpp/autosar/src/rules/A18-5-2/DoNotUseNonPlacementNew.ql b/cpp/autosar/src/rules/A18-5-2/DoNotUseNonPlacementNew.ql index 082827f5bb..1320d6e486 100644 --- a/cpp/autosar/src/rules/A18-5-2/DoNotUseNonPlacementNew.ql +++ b/cpp/autosar/src/rules/A18-5-2/DoNotUseNonPlacementNew.ql @@ -15,7 +15,7 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow from NewOrNewArrayExpr na where diff --git a/cpp/autosar/src/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.ql b/cpp/autosar/src/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.ql index 979dc0824e..cdf35374f9 100644 --- a/cpp/autosar/src/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.ql +++ b/cpp/autosar/src/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.ql @@ -16,7 +16,7 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.dataflow.TaintTracking +import semmle.code.cpp.dataflow.TaintTracking import codingstandards.cpp.standardlibrary.Utility /* diff --git a/cpp/autosar/src/rules/A18-9-4/ArgumentToForwardSubsequentlyUsed.ql b/cpp/autosar/src/rules/A18-9-4/ArgumentToForwardSubsequentlyUsed.ql index d87366c624..a3acf916ec 100644 --- a/cpp/autosar/src/rules/A18-9-4/ArgumentToForwardSubsequentlyUsed.ql +++ b/cpp/autosar/src/rules/A18-9-4/ArgumentToForwardSubsequentlyUsed.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.standardlibrary.Utility -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow from StdForwardCall f, Access a where diff --git a/cpp/autosar/src/rules/A20-8-4/SharedPointerUsedWithNoOwnershipSharing.ql b/cpp/autosar/src/rules/A20-8-4/SharedPointerUsedWithNoOwnershipSharing.ql index c7ff6f6bf2..0294bfe2e6 100644 --- a/cpp/autosar/src/rules/A20-8-4/SharedPointerUsedWithNoOwnershipSharing.ql +++ b/cpp/autosar/src/rules/A20-8-4/SharedPointerUsedWithNoOwnershipSharing.ql @@ -16,7 +16,7 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.SmartPointers -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow /* * Finds `std::shared_ptr` local variables which are not copy or move initialized, and are not used in diff --git a/cpp/autosar/src/rules/A27-0-4/CStyleStringsUsed.ql b/cpp/autosar/src/rules/A27-0-4/CStyleStringsUsed.ql index b698ecf351..b24a4a96cf 100644 --- a/cpp/autosar/src/rules/A27-0-4/CStyleStringsUsed.ql +++ b/cpp/autosar/src/rules/A27-0-4/CStyleStringsUsed.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow class InstanceOfCStyleString extends Expr { InstanceOfCStyleString() { diff --git a/cpp/autosar/src/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.ql b/cpp/autosar/src/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.ql index 34b6660778..ac2375f6aa 100644 --- a/cpp/autosar/src/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.ql +++ b/cpp/autosar/src/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.ql @@ -17,7 +17,7 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.Type -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import NonFinalClassToPointerArithmeticExprFlow::PathGraph class ArrayAccessOrPointerArith extends Expr { diff --git a/cpp/autosar/src/rules/A5-1-7/LambdaPassedToDecltype.ql b/cpp/autosar/src/rules/A5-1-7/LambdaPassedToDecltype.ql index afbd809664..971d3b9259 100644 --- a/cpp/autosar/src/rules/A5-1-7/LambdaPassedToDecltype.ql +++ b/cpp/autosar/src/rules/A5-1-7/LambdaPassedToDecltype.ql @@ -15,7 +15,7 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow module LambdaExpressionToInitializerConfig implements DataFlow::ConfigSig { predicate isSource(DataFlow::Node source) { source.asExpr() instanceof LambdaExpression } diff --git a/cpp/autosar/src/rules/A5-1-7/LambdaPassedToTypeid.ql b/cpp/autosar/src/rules/A5-1-7/LambdaPassedToTypeid.ql index 08dbecc755..56952dace9 100644 --- a/cpp/autosar/src/rules/A5-1-7/LambdaPassedToTypeid.ql +++ b/cpp/autosar/src/rules/A5-1-7/LambdaPassedToTypeid.ql @@ -14,7 +14,7 @@ */ import cpp -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import codingstandards.cpp.autosar import LambdaExpressionToTypeidFlow::PathGraph diff --git a/cpp/autosar/src/rules/A7-5-1/InvalidFunctionReturnType.ql b/cpp/autosar/src/rules/A7-5-1/InvalidFunctionReturnType.ql index 6994ab028f..c36bda6cdd 100644 --- a/cpp/autosar/src/rules/A7-5-1/InvalidFunctionReturnType.ql +++ b/cpp/autosar/src/rules/A7-5-1/InvalidFunctionReturnType.ql @@ -16,7 +16,7 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow from Parameter p, ReturnStmt ret where diff --git a/cpp/autosar/src/rules/A8-4-11/SmartPointerAsParameterWithoutLifetimeSemantics.ql b/cpp/autosar/src/rules/A8-4-11/SmartPointerAsParameterWithoutLifetimeSemantics.ql index 811d98eccb..0bf42ce4ca 100644 --- a/cpp/autosar/src/rules/A8-4-11/SmartPointerAsParameterWithoutLifetimeSemantics.ql +++ b/cpp/autosar/src/rules/A8-4-11/SmartPointerAsParameterWithoutLifetimeSemantics.ql @@ -16,7 +16,7 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.SmartPointers -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import codingstandards.cpp.standardlibrary.Utility Expr lifetimeAffectingSmartPointerExpr(Function f) { diff --git a/cpp/autosar/src/rules/A8-4-12/UniquePtrPassedToFunctionWithImproperSemantics.ql b/cpp/autosar/src/rules/A8-4-12/UniquePtrPassedToFunctionWithImproperSemantics.ql index 5dec96ed81..3cd310b59b 100644 --- a/cpp/autosar/src/rules/A8-4-12/UniquePtrPassedToFunctionWithImproperSemantics.ql +++ b/cpp/autosar/src/rules/A8-4-12/UniquePtrPassedToFunctionWithImproperSemantics.ql @@ -18,7 +18,7 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.SmartPointers import codingstandards.cpp.standardlibrary.Utility -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow Expr underlyingObjectAffectingUniquePointerExpr(Function f) { result = diff --git a/cpp/autosar/src/rules/A8-4-4/FunctionReturnMultipleValueCondition.ql b/cpp/autosar/src/rules/A8-4-4/FunctionReturnMultipleValueCondition.ql index fa38b1d3f6..ff0040f26f 100644 --- a/cpp/autosar/src/rules/A8-4-4/FunctionReturnMultipleValueCondition.ql +++ b/cpp/autosar/src/rules/A8-4-4/FunctionReturnMultipleValueCondition.ql @@ -16,7 +16,7 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow abstract class OutputValue extends Element { abstract string getOutputName(); diff --git a/cpp/autosar/src/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.ql b/cpp/autosar/src/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.ql index f40faad3dd..478f8dcdf0 100644 --- a/cpp/autosar/src/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.ql +++ b/cpp/autosar/src/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.ql @@ -15,7 +15,7 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.CommonTypes as CommonTypes -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow class AccessAwareMemberFunction extends MemberFunction { Class c; diff --git a/cpp/autosar/src/rules/M0-3-2/FunctionErroneousReturnValueNotTested.ql b/cpp/autosar/src/rules/M0-3-2/FunctionErroneousReturnValueNotTested.ql index aee4e40838..cd94d63ffc 100644 --- a/cpp/autosar/src/rules/M0-3-2/FunctionErroneousReturnValueNotTested.ql +++ b/cpp/autosar/src/rules/M0-3-2/FunctionErroneousReturnValueNotTested.ql @@ -19,7 +19,7 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import semmle.code.cpp.controlflow.Guards from FunctionCall fc diff --git a/cpp/autosar/src/rules/M3-9-3/UnderlyingBitRepresentationsOfFloatingPointValuesUsed.ql b/cpp/autosar/src/rules/M3-9-3/UnderlyingBitRepresentationsOfFloatingPointValuesUsed.ql index f7e6664269..279ad08f3c 100644 --- a/cpp/autosar/src/rules/M3-9-3/UnderlyingBitRepresentationsOfFloatingPointValuesUsed.ql +++ b/cpp/autosar/src/rules/M3-9-3/UnderlyingBitRepresentationsOfFloatingPointValuesUsed.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow predicate pointeeIsModified(PointerDereferenceExpr e, Expr m) { exists(Assignment a | a.getLValue() = e and m = a) diff --git a/cpp/autosar/src/rules/M5-0-17/PointerSubtractionOnDifferentArrays.ql b/cpp/autosar/src/rules/M5-0-17/PointerSubtractionOnDifferentArrays.ql index ec432cea42..d6d4f6130a 100644 --- a/cpp/autosar/src/rules/M5-0-17/PointerSubtractionOnDifferentArrays.ql +++ b/cpp/autosar/src/rules/M5-0-17/PointerSubtractionOnDifferentArrays.ql @@ -15,7 +15,7 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import ArrayToPointerDiffOperandFlow::PathGraph module ArrayToPointerDiffOperandConfig implements DataFlow::ConfigSig { diff --git a/cpp/autosar/src/rules/M5-2-2/PointerToAVirtualBaseClassCastToAPointer.ql b/cpp/autosar/src/rules/M5-2-2/PointerToAVirtualBaseClassCastToAPointer.ql index 8f20bf808e..d24c4d35df 100644 --- a/cpp/autosar/src/rules/M5-2-2/PointerToAVirtualBaseClassCastToAPointer.ql +++ b/cpp/autosar/src/rules/M5-2-2/PointerToAVirtualBaseClassCastToAPointer.ql @@ -15,7 +15,7 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow from Cast cast, VirtualBaseClass castFrom, Class castTo where diff --git a/cpp/autosar/src/rules/M9-3-1/ConstMemberFunctionReturnsNonConstPointer.ql b/cpp/autosar/src/rules/M9-3-1/ConstMemberFunctionReturnsNonConstPointer.ql index 98207a62a3..559b41527c 100644 --- a/cpp/autosar/src/rules/M9-3-1/ConstMemberFunctionReturnsNonConstPointer.ql +++ b/cpp/autosar/src/rules/M9-3-1/ConstMemberFunctionReturnsNonConstPointer.ql @@ -18,7 +18,7 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow class ReferenceTypeWithNonConstBaseType extends ReferenceType { ReferenceTypeWithNonConstBaseType() { not this.getBaseType().isConst() } diff --git a/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql b/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql index 720880dbe4..d60227d2c8 100644 --- a/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql +++ b/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql @@ -16,7 +16,7 @@ import codingstandards.cpp.cert import codingstandards.cpp.Iterators import codingstandards.cpp.rules.containeraccesswithoutrangecheck.ContainerAccessWithoutRangeCheck as ContainerAccessWithoutRangeCheck import semmle.code.cpp.controlflow.Guards -import codingstandards.cpp.dataflow.TaintTracking +import semmle.code.cpp.dataflow.TaintTracking import semmle.code.cpp.valuenumbering.GlobalValueNumbering /** diff --git a/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.ql b/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.ql index a7756b6a6a..0f5c50164c 100644 --- a/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.ql +++ b/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.cpp.cert -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import NonFinalClassToPointerArithmeticExprFlow::PathGraph class ArrayAccessOrPointerArith extends Expr { diff --git a/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql b/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql index a385ee1ffc..7bfb298d3d 100644 --- a/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql +++ b/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql @@ -14,8 +14,8 @@ import cpp import codingstandards.cpp.cert import codingstandards.cpp.SideEffect -import codingstandards.cpp.dataflow.DataFlow -import codingstandards.cpp.dataflow.TaintTracking +import semmle.code.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.TaintTracking import semmle.code.cpp.valuenumbering.GlobalValueNumbering /** Holds if the function's return value is derived from the `AliasParamter` p. */ diff --git a/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql b/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql index bdf6a7973e..e900d1b259 100644 --- a/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql +++ b/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.cpp.cert -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import AllocationToDeleteFlow::PathGraph module AllocationToDeleteConfig implements DataFlow::ConfigSig { diff --git a/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql b/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql index c25e1aa0ad..083aad1e3c 100644 --- a/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql +++ b/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.cpp.cert import semmle.code.cpp.controlflow.Guards -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import codingstandards.cpp.exceptions.ExceptionSpecifications /** diff --git a/cpp/cert/src/rules/MEM53-CPP/ManuallyManagedLifetime.qll b/cpp/cert/src/rules/MEM53-CPP/ManuallyManagedLifetime.qll index 358a3583fc..413a4b0d3c 100644 --- a/cpp/cert/src/rules/MEM53-CPP/ManuallyManagedLifetime.qll +++ b/cpp/cert/src/rules/MEM53-CPP/ManuallyManagedLifetime.qll @@ -3,7 +3,7 @@ import codingstandards.cpp.Conversion import codingstandards.cpp.TrivialType import ManuallyManagedLifetime import semmle.code.cpp.controlflow.Dominance -import codingstandards.cpp.dataflow.TaintTracking +import semmle.code.cpp.dataflow.TaintTracking /** * A taint-tracking configuration from allocation expressions to casts to a specific pointer type. diff --git a/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.ql b/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.ql index 30c5280482..6e3121e46d 100644 --- a/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.ql +++ b/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.cpp.cert import codingstandards.cpp.TrivialType import ManuallyManagedLifetime -import codingstandards.cpp.dataflow.TaintTracking +import semmle.code.cpp.dataflow.TaintTracking import AllocToStaticCastFlow::PathGraph /* diff --git a/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.ql b/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.ql index b498729d69..22e2ac336f 100644 --- a/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.ql +++ b/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.cpp.cert import ManuallyManagedLifetime -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import FreeWithoutDestructorFlow::PathGraph from FreeWithoutDestructorFlow::PathNode source, FreeWithoutDestructorFlow::PathNode sink diff --git a/cpp/cert/src/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.ql b/cpp/cert/src/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.ql index 52b14d9629..76f8500362 100644 --- a/cpp/cert/src/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.ql +++ b/cpp/cert/src/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.ql @@ -15,7 +15,7 @@ import cpp import codingstandards.cpp.cert import codingstandards.cpp.standardlibrary.Random -import codingstandards.cpp.dataflow.TaintTracking +import semmle.code.cpp.dataflow.TaintTracking from RandomNumberEngineCreation createRandomNumberEngine, string seedSource where diff --git a/cpp/common/src/codingstandards/cpp/AccessPath.qll b/cpp/common/src/codingstandards/cpp/AccessPath.qll index 2393d25db4..ff7601ed4b 100644 --- a/cpp/common/src/codingstandards/cpp/AccessPath.qll +++ b/cpp/common/src/codingstandards/cpp/AccessPath.qll @@ -1,5 +1,5 @@ import cpp -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow newtype TFieldQualifier = ExplicitQualifier(VariableAccess v) or diff --git a/cpp/common/src/codingstandards/cpp/Allocations.qll b/cpp/common/src/codingstandards/cpp/Allocations.qll index 5bc87221e2..db47b0b028 100644 --- a/cpp/common/src/codingstandards/cpp/Allocations.qll +++ b/cpp/common/src/codingstandards/cpp/Allocations.qll @@ -7,7 +7,7 @@ import cpp import semmle.code.cpp.controlflow.SSA -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow /** * Holds if `alloc` is a use of `malloc` or `new`. `kind` is diff --git a/cpp/common/src/codingstandards/cpp/Concurrency.qll b/cpp/common/src/codingstandards/cpp/Concurrency.qll index d856fa4515..5e7d154d59 100644 --- a/cpp/common/src/codingstandards/cpp/Concurrency.qll +++ b/cpp/common/src/codingstandards/cpp/Concurrency.qll @@ -1,5 +1,5 @@ import cpp -import codingstandards.cpp.dataflow.TaintTracking +import semmle.code.cpp.dataflow.TaintTracking /** * Models CFG nodes which should be added to a thread context. diff --git a/cpp/common/src/codingstandards/cpp/ConstHelpers.qll b/cpp/common/src/codingstandards/cpp/ConstHelpers.qll index 8cba3efde4..a7457dc845 100644 --- a/cpp/common/src/codingstandards/cpp/ConstHelpers.qll +++ b/cpp/common/src/codingstandards/cpp/ConstHelpers.qll @@ -4,7 +4,7 @@ import cpp import codingstandards.cpp.SideEffect -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import codingstandards.cpp.FunctionParameter /** A variable that can be modified (both the pointer and object pointed to if pointer type) */ diff --git a/cpp/common/src/codingstandards/cpp/FgetsErrorManagement.qll b/cpp/common/src/codingstandards/cpp/FgetsErrorManagement.qll index 7686714635..4f99b02e2e 100644 --- a/cpp/common/src/codingstandards/cpp/FgetsErrorManagement.qll +++ b/cpp/common/src/codingstandards/cpp/FgetsErrorManagement.qll @@ -4,7 +4,7 @@ */ import cpp -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import semmle.code.cpp.controlflow.Guards /* diff --git a/cpp/common/src/codingstandards/cpp/Iterators.qll b/cpp/common/src/codingstandards/cpp/Iterators.qll index 593da544ea..72a9909c20 100644 --- a/cpp/common/src/codingstandards/cpp/Iterators.qll +++ b/cpp/common/src/codingstandards/cpp/Iterators.qll @@ -3,8 +3,8 @@ */ import cpp -import codingstandards.cpp.dataflow.DataFlow -import codingstandards.cpp.dataflow.TaintTracking +import semmle.code.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.TaintTracking import codingstandards.cpp.StdNamespace abstract class ContainerAccess extends VariableAccess { diff --git a/cpp/common/src/codingstandards/cpp/Nullness.qll b/cpp/common/src/codingstandards/cpp/Nullness.qll index d76db4afad..8751c54d9b 100644 --- a/cpp/common/src/codingstandards/cpp/Nullness.qll +++ b/cpp/common/src/codingstandards/cpp/Nullness.qll @@ -1,5 +1,5 @@ import cpp -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow private class PointerToMember extends Variable { PointerToMember() { this.getType() instanceof PointerToMemberType } diff --git a/cpp/common/src/codingstandards/cpp/Overflow.qll b/cpp/common/src/codingstandards/cpp/Overflow.qll index dca1386513..28a5c0d9db 100644 --- a/cpp/common/src/codingstandards/cpp/Overflow.qll +++ b/cpp/common/src/codingstandards/cpp/Overflow.qll @@ -6,7 +6,7 @@ import cpp import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis import SimpleRangeAnalysisCustomizations import semmle.code.cpp.controlflow.Guards -import codingstandards.cpp.dataflow.TaintTracking +import semmle.code.cpp.dataflow.TaintTracking import semmle.code.cpp.valuenumbering.GlobalValueNumbering import codingstandards.cpp.Expr import codingstandards.cpp.UndefinedBehavior diff --git a/cpp/common/src/codingstandards/cpp/ReadErrorsAndEOF.qll b/cpp/common/src/codingstandards/cpp/ReadErrorsAndEOF.qll index 7adb911c9f..c3c433d20d 100644 --- a/cpp/common/src/codingstandards/cpp/ReadErrorsAndEOF.qll +++ b/cpp/common/src/codingstandards/cpp/ReadErrorsAndEOF.qll @@ -1,5 +1,5 @@ import cpp -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import codingstandards.cpp.standardlibrary.FileAccess /** diff --git a/cpp/common/src/codingstandards/cpp/SideEffect.qll b/cpp/common/src/codingstandards/cpp/SideEffect.qll index 08cd9394d3..4b78b5c818 100644 --- a/cpp/common/src/codingstandards/cpp/SideEffect.qll +++ b/cpp/common/src/codingstandards/cpp/SideEffect.qll @@ -1,7 +1,7 @@ /** A module to reason about side effects. */ import cpp -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow private import exceptions.ExceptionFlow private import codingstandards.cpp.Expr private import codingstandards.cpp.Variable diff --git a/cpp/common/src/codingstandards/cpp/SmartPointers.qll b/cpp/common/src/codingstandards/cpp/SmartPointers.qll index dda645a399..0f01d886be 100644 --- a/cpp/common/src/codingstandards/cpp/SmartPointers.qll +++ b/cpp/common/src/codingstandards/cpp/SmartPointers.qll @@ -1,5 +1,5 @@ import cpp -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow // Local cached version of localExprFlow to avoid bad magic cached diff --git a/cpp/common/src/codingstandards/cpp/allocations/PlacementNew.qll b/cpp/common/src/codingstandards/cpp/allocations/PlacementNew.qll index 5547f2e151..2c9139d0ae 100644 --- a/cpp/common/src/codingstandards/cpp/allocations/PlacementNew.qll +++ b/cpp/common/src/codingstandards/cpp/allocations/PlacementNew.qll @@ -22,7 +22,7 @@ import cpp import codingstandards.cpp.Conversion -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow /* * TODO You can also have alignas on types diff --git a/cpp/common/src/codingstandards/cpp/dataflow/DataFlow.qll b/cpp/common/src/codingstandards/cpp/dataflow/DataFlow.qll deleted file mode 100644 index c11bf80fc6..0000000000 --- a/cpp/common/src/codingstandards/cpp/dataflow/DataFlow.qll +++ /dev/null @@ -1,36 +0,0 @@ -/** - * Provides a library for local (intra-procedural) and global (inter-procedural) - * data flow analysis: deciding whether data can flow from a _source_ to a - * _sink_. - * - * Unless configured otherwise, _flow_ means that the exact value of - * the source may reach the sink. We do not track flow across pointer - * dereferences or array indexing. To track these types of flow, where the - * exact value may not be preserved, import - * `semmle.code.cpp.dataflow.TaintTracking`. - * - * To use global (interprocedural) data flow, extend the class - * `DataFlow::Configuration` as documented on that class. To use local - * (intraprocedural) data flow between expressions, call - * `DataFlow::localExprFlow`. For more general cases of local data flow, call - * `DataFlow::localFlow` or `DataFlow::localFlowStep` with arguments of type - * `DataFlow::Node`. - * - * NOTE: This is copied from `codeql/cpp-all` to avoid deprecation warnings - * that cannot be avoided in tests. - */ - -import cpp - -/** - * DEPRECATED: Use `semmle.code.cpp.dataflow.new.DataFlow` instead. - * - * Provides classes for performing local (intra-procedural) and - * global (inter-procedural) data flow analyses. - */ -module DataFlow { - private import semmle.code.cpp.dataflow.internal.DataFlowImplSpecific - private import codeql.dataflow.DataFlow - import DataFlowMake - import semmle.code.cpp.dataflow.internal.DataFlowImpl1 -} diff --git a/cpp/common/src/codingstandards/cpp/dataflow/DataFlow2.qll b/cpp/common/src/codingstandards/cpp/dataflow/DataFlow2.qll deleted file mode 100644 index 83859535d8..0000000000 --- a/cpp/common/src/codingstandards/cpp/dataflow/DataFlow2.qll +++ /dev/null @@ -1,25 +0,0 @@ -/** - * Provides a `DataFlow2` module, which is a copy of the `DataFlow` module. Use - * this class when data-flow configurations must depend on each other. Two - * classes extending `DataFlow::Configuration` should never depend on each - * other, but one of them should instead depend on a - * `DataFlow2::Configuration`, a `DataFlow3::Configuration`, or a - * `DataFlow4::Configuration`. - * - * See `semmle.code.cpp.dataflow.DataFlow` for the full documentation. - * - * NOTE: This is copied from `codeql/cpp-all` to avoid deprecation warnings - * that cannot be avoided in tests. - */ - -import cpp - -/** - * DEPRECATED: Use `semmle.code.cpp.dataflow.new.DataFlow2` instead. - * - * Provides classes for performing local (intra-procedural) and - * global (inter-procedural) data flow analyses. - */ -module DataFlow2 { - import semmle.code.cpp.dataflow.internal.DataFlowImpl2 -} diff --git a/cpp/common/src/codingstandards/cpp/dataflow/TaintTracking.qll b/cpp/common/src/codingstandards/cpp/dataflow/TaintTracking.qll deleted file mode 100644 index 2b43a53ccb..0000000000 --- a/cpp/common/src/codingstandards/cpp/dataflow/TaintTracking.qll +++ /dev/null @@ -1,37 +0,0 @@ -/** - * Provides classes for performing local (intra-procedural) and - * global (inter-procedural) taint-tracking analyses. - * - * We define _taint propagation_ informally to mean that a substantial part of - * the information from the source is preserved at the sink. For example, taint - * propagates from `x` to `x + 100`, but it does not propagate from `x` to `x > - * 100` since we consider a single bit of information to be too little. - * - * To use global (interprocedural) taint tracking, extend the class - * `TaintTracking::Configuration` as documented on that class. To use local - * (intraprocedural) taint tracking between expressions, call - * `TaintTracking::localExprTaint`. For more general cases of local taint - * tracking, call `TaintTracking::localTaint` or - * `TaintTracking::localTaintStep` with arguments of type `DataFlow::Node`. - * - * NOTE: This is copied from `codeql/cpp-all` to avoid deprecation warnings - * that cannot be avoided in tests. - */ - -import codingstandards.cpp.dataflow.DataFlow -import codingstandards.cpp.dataflow.DataFlow2 - -/** - * DEPRECATED: Use `semmle.code.cpp.dataflow.new.TaintTracking` instead. - * - * Provides classes for performing local (intra-procedural) and - * global (inter-procedural) taint-tracking analyses. - */ -module TaintTracking { - import codingstandards.cpp.dataflow.internal.tainttracking1.TaintTrackingParameter::Public - private import semmle.code.cpp.dataflow.internal.DataFlowImplSpecific - private import semmle.code.cpp.dataflow.internal.TaintTrackingImplSpecific - private import codeql.dataflow.TaintTracking - import TaintFlowMake - import semmle.code.cpp.dataflow.internal.tainttracking1.TaintTrackingImpl -} diff --git a/cpp/common/src/codingstandards/cpp/dataflow/internal/tainttracking1/TaintTrackingParameter.qll b/cpp/common/src/codingstandards/cpp/dataflow/internal/tainttracking1/TaintTrackingParameter.qll deleted file mode 100644 index 63e9c85e22..0000000000 --- a/cpp/common/src/codingstandards/cpp/dataflow/internal/tainttracking1/TaintTrackingParameter.qll +++ /dev/null @@ -1,6 +0,0 @@ -import semmle.code.cpp.dataflow.internal.TaintTrackingUtil as Public - -module Private { - import codingstandards.cpp.dataflow.DataFlow::DataFlow as DataFlow - import semmle.code.cpp.dataflow.internal.DataFlowImpl as DataFlowInternal -} diff --git a/cpp/common/src/codingstandards/cpp/lifetimes/lifetimeprofile/LifetimeProfile.qll b/cpp/common/src/codingstandards/cpp/lifetimes/lifetimeprofile/LifetimeProfile.qll index 7990f50216..354dccdc56 100644 --- a/cpp/common/src/codingstandards/cpp/lifetimes/lifetimeprofile/LifetimeProfile.qll +++ b/cpp/common/src/codingstandards/cpp/lifetimes/lifetimeprofile/LifetimeProfile.qll @@ -1,5 +1,5 @@ import cpp -private import codingstandards.cpp.dataflow.DataFlow +private import semmle.code.cpp.dataflow.DataFlow private import semmle.code.cpp.controlflow.Nullness private import codingstandards.cpp.Dereferenced private import codingstandards.cpp.Expr diff --git a/cpp/common/src/codingstandards/cpp/resources/ResourceManagement.qll b/cpp/common/src/codingstandards/cpp/resources/ResourceManagement.qll index 0798575495..db65dd4920 100644 --- a/cpp/common/src/codingstandards/cpp/resources/ResourceManagement.qll +++ b/cpp/common/src/codingstandards/cpp/resources/ResourceManagement.qll @@ -1,5 +1,5 @@ import cpp -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow /** * The `ResourceAcquisitionExpr` abstract class models resource diff --git a/cpp/common/src/codingstandards/cpp/rules/accessofnonexistingmemberthroughpointertomember/AccessOfNonExistingMemberThroughPointerToMember.qll b/cpp/common/src/codingstandards/cpp/rules/accessofnonexistingmemberthroughpointertomember/AccessOfNonExistingMemberThroughPointerToMember.qll index 138c0a89b5..ac135386f3 100644 --- a/cpp/common/src/codingstandards/cpp/rules/accessofnonexistingmemberthroughpointertomember/AccessOfNonExistingMemberThroughPointerToMember.qll +++ b/cpp/common/src/codingstandards/cpp/rules/accessofnonexistingmemberthroughpointertomember/AccessOfNonExistingMemberThroughPointerToMember.qll @@ -7,7 +7,7 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.Expr -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow abstract class AccessOfNonExistingMemberThroughPointerToMemberSharedQuery extends Query { } diff --git a/cpp/common/src/codingstandards/cpp/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.qll b/cpp/common/src/codingstandards/cpp/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.qll index ab8659efd8..e0fb382008 100644 --- a/cpp/common/src/codingstandards/cpp/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.qll +++ b/cpp/common/src/codingstandards/cpp/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.qll @@ -7,7 +7,7 @@ import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.Nullness import codingstandards.cpp.Expr -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import NullPointerToPointerMemberExpressionFlow::PathGraph abstract class AccessOfUndefinedMemberThroughNullPointerSharedQuery extends Query { } diff --git a/cpp/common/src/codingstandards/cpp/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.qll b/cpp/common/src/codingstandards/cpp/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.qll index ca1e2a4282..0271d7c6e7 100644 --- a/cpp/common/src/codingstandards/cpp/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.qll +++ b/cpp/common/src/codingstandards/cpp/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.qll @@ -12,7 +12,7 @@ */ import cpp -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.EncapsulatingFunctions diff --git a/cpp/common/src/codingstandards/cpp/rules/basicstringmaynotbenullterminated/BasicStringMayNotBeNullTerminated.qll b/cpp/common/src/codingstandards/cpp/rules/basicstringmaynotbenullterminated/BasicStringMayNotBeNullTerminated.qll index cea798ae11..e27f09fd98 100644 --- a/cpp/common/src/codingstandards/cpp/rules/basicstringmaynotbenullterminated/BasicStringMayNotBeNullTerminated.qll +++ b/cpp/common/src/codingstandards/cpp/rules/basicstringmaynotbenullterminated/BasicStringMayNotBeNullTerminated.qll @@ -8,8 +8,8 @@ import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import semmle.code.cpp.security.BufferWrite import semmle.code.cpp.commons.Buffer -import codingstandards.cpp.dataflow.DataFlow -import codingstandards.cpp.dataflow.TaintTracking +import semmle.code.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.TaintTracking import codingstandards.cpp.PossiblyUnsafeStringOperation abstract class BasicStringMayNotBeNullTerminatedSharedQuery extends Query { } diff --git a/cpp/common/src/codingstandards/cpp/rules/constlikereturnvalue/ConstLikeReturnValue.qll b/cpp/common/src/codingstandards/cpp/rules/constlikereturnvalue/ConstLikeReturnValue.qll index f4636b6b13..e5fa82df19 100644 --- a/cpp/common/src/codingstandards/cpp/rules/constlikereturnvalue/ConstLikeReturnValue.qll +++ b/cpp/common/src/codingstandards/cpp/rules/constlikereturnvalue/ConstLikeReturnValue.qll @@ -5,7 +5,7 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import DFFlow::PathGraph abstract class ConstLikeReturnValueSharedQuery extends Query { } diff --git a/cpp/common/src/codingstandards/cpp/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.qll b/cpp/common/src/codingstandards/cpp/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.qll index a3dabedd5a..840cd5330a 100644 --- a/cpp/common/src/codingstandards/cpp/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.qll +++ b/cpp/common/src/codingstandards/cpp/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.qll @@ -12,7 +12,7 @@ import codingstandards.cpp.Operator import semmle.code.cpp.controlflow.Guards private import semmle.code.cpp.rangeanalysis.RangeAnalysisUtils import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import semmle.code.cpp.valuenumbering.GlobalValueNumbering abstract class ContainerAccessWithoutRangeCheckSharedQuery extends Query { } diff --git a/cpp/common/src/codingstandards/cpp/rules/danglingcapturewhenmovinglambdaobject/DanglingCaptureWhenMovingLambdaObject.qll b/cpp/common/src/codingstandards/cpp/rules/danglingcapturewhenmovinglambdaobject/DanglingCaptureWhenMovingLambdaObject.qll index ab2b067279..902d0ecf1f 100644 --- a/cpp/common/src/codingstandards/cpp/rules/danglingcapturewhenmovinglambdaobject/DanglingCaptureWhenMovingLambdaObject.qll +++ b/cpp/common/src/codingstandards/cpp/rules/danglingcapturewhenmovinglambdaobject/DanglingCaptureWhenMovingLambdaObject.qll @@ -5,7 +5,7 @@ */ import cpp -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.Expr diff --git a/cpp/common/src/codingstandards/cpp/rules/danglingcapturewhenreturninglambdaobject/DanglingCaptureWhenReturningLambdaObject.qll b/cpp/common/src/codingstandards/cpp/rules/danglingcapturewhenreturninglambdaobject/DanglingCaptureWhenReturningLambdaObject.qll index c35b723ff3..4ab01520f6 100644 --- a/cpp/common/src/codingstandards/cpp/rules/danglingcapturewhenreturninglambdaobject/DanglingCaptureWhenReturningLambdaObject.qll +++ b/cpp/common/src/codingstandards/cpp/rules/danglingcapturewhenreturninglambdaobject/DanglingCaptureWhenReturningLambdaObject.qll @@ -5,7 +5,7 @@ */ import cpp -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions diff --git a/cpp/common/src/codingstandards/cpp/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.qll b/cpp/common/src/codingstandards/cpp/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.qll index 3d84366d9a..83266ed524 100644 --- a/cpp/common/src/codingstandards/cpp/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.qll +++ b/cpp/common/src/codingstandards/cpp/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.qll @@ -6,7 +6,7 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import codingstandards.cpp.standardlibrary.FileAccess import semmle.code.cpp.controlflow.SubBasicBlocks diff --git a/cpp/common/src/codingstandards/cpp/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.qll b/cpp/common/src/codingstandards/cpp/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.qll index 8a8155f971..759d235eb4 100644 --- a/cpp/common/src/codingstandards/cpp/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.qll +++ b/cpp/common/src/codingstandards/cpp/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.qll @@ -17,7 +17,7 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.Concurrency -import codingstandards.cpp.dataflow.TaintTracking +import semmle.code.cpp.dataflow.TaintTracking abstract class DoNotAllowAMutexToGoOutOfScopeWhileLockedSharedQuery extends Query { } diff --git a/cpp/common/src/codingstandards/cpp/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.qll b/cpp/common/src/codingstandards/cpp/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.qll index 46335c3d94..d77ae8cf39 100644 --- a/cpp/common/src/codingstandards/cpp/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.qll +++ b/cpp/common/src/codingstandards/cpp/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.qll @@ -15,7 +15,7 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.Concurrency -import codingstandards.cpp.dataflow.TaintTracking +import semmle.code.cpp.dataflow.TaintTracking abstract class DoNotDestroyAMutexWhileItIsLockedSharedQuery extends Query { } diff --git a/cpp/common/src/codingstandards/cpp/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.qll b/cpp/common/src/codingstandards/cpp/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.qll index 0aa8d64feb..adb9785814 100644 --- a/cpp/common/src/codingstandards/cpp/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.qll +++ b/cpp/common/src/codingstandards/cpp/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.qll @@ -6,7 +6,7 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import ArrayToPointerDiffOperandFlow::PathGraph module ArrayToPointerDiffOperandConfig implements DataFlow::ConfigSig { diff --git a/cpp/common/src/codingstandards/cpp/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.qll b/cpp/common/src/codingstandards/cpp/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.qll index dd10b840c5..57b4eb0bfb 100644 --- a/cpp/common/src/codingstandards/cpp/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.qll +++ b/cpp/common/src/codingstandards/cpp/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.qll @@ -7,7 +7,7 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis abstract class DoNotUsePointerArithmeticToAddressDifferentArraysSharedQuery extends Query { } diff --git a/cpp/common/src/codingstandards/cpp/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.qll b/cpp/common/src/codingstandards/cpp/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.qll index 155ed1a7f4..aa8fa29bfd 100644 --- a/cpp/common/src/codingstandards/cpp/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.qll +++ b/cpp/common/src/codingstandards/cpp/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.qll @@ -7,7 +7,7 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import ArrayToRelationalOperationOperandFlow::PathGraph abstract class DoNotUseRelationalOperatorsWithDifferingArraysSharedQuery extends Query { } diff --git a/cpp/common/src/codingstandards/cpp/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.qll b/cpp/common/src/codingstandards/cpp/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.qll index 81a3251355..3949ff50a8 100644 --- a/cpp/common/src/codingstandards/cpp/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.qll +++ b/cpp/common/src/codingstandards/cpp/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.qll @@ -6,7 +6,7 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow abstract class InvalidatedEnvStringPointersSharedQuery extends Query { } diff --git a/cpp/common/src/codingstandards/cpp/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.qll b/cpp/common/src/codingstandards/cpp/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.qll index fd8a969d00..8bc1b0c920 100644 --- a/cpp/common/src/codingstandards/cpp/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.qll +++ b/cpp/common/src/codingstandards/cpp/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.qll @@ -6,7 +6,7 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import codingstandards.cpp.rules.invalidatedenvstringpointers.InvalidatedEnvStringPointers as EnvString abstract class InvalidatedEnvStringPointersWarnSharedQuery extends Query { } diff --git a/cpp/common/src/codingstandards/cpp/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.qll b/cpp/common/src/codingstandards/cpp/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.qll index 3a7e225369..89f847c5aa 100644 --- a/cpp/common/src/codingstandards/cpp/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.qll +++ b/cpp/common/src/codingstandards/cpp/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.qll @@ -5,7 +5,7 @@ */ import cpp -import codingstandards.cpp.dataflow.TaintTracking +import semmle.code.cpp.dataflow.TaintTracking import codingstandards.cpp.Exclusions import codingstandards.cpp.standardlibrary.FileStreams import codingstandards.cpp.standardlibrary.FileAccess diff --git a/cpp/common/src/codingstandards/cpp/rules/movedfromobjectsunspecifiedstate/MovedFromObjectsUnspecifiedState.qll b/cpp/common/src/codingstandards/cpp/rules/movedfromobjectsunspecifiedstate/MovedFromObjectsUnspecifiedState.qll index a0006eb643..f17da7e457 100644 --- a/cpp/common/src/codingstandards/cpp/rules/movedfromobjectsunspecifiedstate/MovedFromObjectsUnspecifiedState.qll +++ b/cpp/common/src/codingstandards/cpp/rules/movedfromobjectsunspecifiedstate/MovedFromObjectsUnspecifiedState.qll @@ -4,7 +4,7 @@ */ import cpp -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import codingstandards.cpp.Exclusions import codingstandards.cpp.standardlibrary.Utility diff --git a/cpp/common/src/codingstandards/cpp/rules/nonconstantformat/NonConstantFormat.qll b/cpp/common/src/codingstandards/cpp/rules/nonconstantformat/NonConstantFormat.qll index 91b2b05a3f..248cde106f 100644 --- a/cpp/common/src/codingstandards/cpp/rules/nonconstantformat/NonConstantFormat.qll +++ b/cpp/common/src/codingstandards/cpp/rules/nonconstantformat/NonConstantFormat.qll @@ -1,7 +1,7 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -import codingstandards.cpp.dataflow.TaintTracking +import semmle.code.cpp.dataflow.TaintTracking import semmle.code.cpp.commons.Printf abstract class NonConstantFormatSharedQuery extends Query { } diff --git a/cpp/common/src/codingstandards/cpp/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.qll b/cpp/common/src/codingstandards/cpp/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.qll index bede451e24..89c732ff5a 100644 --- a/cpp/common/src/codingstandards/cpp/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.qll @@ -7,7 +7,7 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.Allocations -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import NonDynamicPointerToFreeFlow::PathGraph /** diff --git a/cpp/common/src/codingstandards/cpp/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.qll b/cpp/common/src/codingstandards/cpp/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.qll index e24fb91539..2ee92b1611 100644 --- a/cpp/common/src/codingstandards/cpp/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.qll +++ b/cpp/common/src/codingstandards/cpp/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.qll @@ -8,7 +8,7 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.SmartPointers -import codingstandards.cpp.dataflow.TaintTracking +import semmle.code.cpp.dataflow.TaintTracking import PointerToSmartPointerConstructorFlowFlow::PathGraph abstract class OwnedPointerValueStoredInUnrelatedSmartPointerSharedQuery extends Query { } diff --git a/cpp/common/src/codingstandards/cpp/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.qll b/cpp/common/src/codingstandards/cpp/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.qll index dc26d13b87..6b2c6c87c9 100644 --- a/cpp/common/src/codingstandards/cpp/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.qll +++ b/cpp/common/src/codingstandards/cpp/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.qll @@ -7,7 +7,7 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.allocations.PlacementNew -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import PlacementNewOriginFlow::PathGraph abstract class PlacementNewInsufficientStorageSharedQuery extends Query { } diff --git a/cpp/common/src/codingstandards/cpp/rules/placementnewnotproperlyaligned/PlacementNewNotProperlyAligned.qll b/cpp/common/src/codingstandards/cpp/rules/placementnewnotproperlyaligned/PlacementNewNotProperlyAligned.qll index 72286f2d79..d250061a23 100644 --- a/cpp/common/src/codingstandards/cpp/rules/placementnewnotproperlyaligned/PlacementNewNotProperlyAligned.qll +++ b/cpp/common/src/codingstandards/cpp/rules/placementnewnotproperlyaligned/PlacementNewNotProperlyAligned.qll @@ -7,7 +7,7 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.allocations.PlacementNew -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import PlacementNewOriginFlow::PathGraph abstract class PlacementNewNotProperlyAlignedSharedQuery extends Query { } diff --git a/cpp/common/src/codingstandards/cpp/rules/stringnumberconversionmissingerrorcheck/StringNumberConversionMissingErrorCheck.qll b/cpp/common/src/codingstandards/cpp/rules/stringnumberconversionmissingerrorcheck/StringNumberConversionMissingErrorCheck.qll index 98fd51a58f..fd56f5d899 100644 --- a/cpp/common/src/codingstandards/cpp/rules/stringnumberconversionmissingerrorcheck/StringNumberConversionMissingErrorCheck.qll +++ b/cpp/common/src/codingstandards/cpp/rules/stringnumberconversionmissingerrorcheck/StringNumberConversionMissingErrorCheck.qll @@ -7,7 +7,7 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import semmle.code.cpp.valuenumbering.GlobalValueNumbering -import codingstandards.cpp.dataflow.TaintTracking +import semmle.code.cpp.dataflow.TaintTracking import codingstandards.cpp.standardlibrary.CharStreams abstract class StringNumberConversionMissingErrorCheckSharedQuery extends Query { } diff --git a/cpp/common/src/codingstandards/cpp/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.qll b/cpp/common/src/codingstandards/cpp/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.qll index 9dbefeaa75..e28ef7ab07 100644 --- a/cpp/common/src/codingstandards/cpp/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.qll +++ b/cpp/common/src/codingstandards/cpp/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.qll @@ -4,7 +4,7 @@ */ import cpp -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import codingstandards.cpp.allocations.CustomOperatorNewDelete import codingstandards.cpp.exceptions.ExceptionSpecifications import codingstandards.cpp.Customizations diff --git a/cpp/common/src/codingstandards/cpp/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.qll b/cpp/common/src/codingstandards/cpp/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.qll index c421ae3cc9..3b0abbad0d 100644 --- a/cpp/common/src/codingstandards/cpp/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.qll +++ b/cpp/common/src/codingstandards/cpp/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.qll @@ -6,7 +6,7 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow abstract class UseOnlyArrayIndexingForPointerArithmeticSharedQuery extends Query { } diff --git a/cpp/common/src/codingstandards/cpp/standardlibrary/FileStreams.qll b/cpp/common/src/codingstandards/cpp/standardlibrary/FileStreams.qll index c4724d36c2..709e80dc1a 100644 --- a/cpp/common/src/codingstandards/cpp/standardlibrary/FileStreams.qll +++ b/cpp/common/src/codingstandards/cpp/standardlibrary/FileStreams.qll @@ -10,8 +10,8 @@ */ import cpp -import codingstandards.cpp.dataflow.DataFlow -import codingstandards.cpp.dataflow.TaintTracking +import semmle.code.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.TaintTracking private import codingstandards.cpp.Operator /** diff --git a/cpp/common/src/codingstandards/cpp/trustboundary/UninitializedField.qll b/cpp/common/src/codingstandards/cpp/trustboundary/UninitializedField.qll index e6a2bbe706..f58f1352a7 100644 --- a/cpp/common/src/codingstandards/cpp/trustboundary/UninitializedField.qll +++ b/cpp/common/src/codingstandards/cpp/trustboundary/UninitializedField.qll @@ -5,7 +5,7 @@ */ import cpp -private import codingstandards.cpp.dataflow.DataFlow +private import semmle.code.cpp.dataflow.DataFlow private import semmle.code.cpp.controlflow.SubBasicBlocks private import semmle.code.cpp.padding.Padding as Padding private import semmle.code.cpp.dataflow.internal.FlowVar diff --git a/cpp/common/test/deviations/deviation_permits_basic_test/UnusedReturnValue.ql b/cpp/common/test/deviations/deviation_permits_basic_test/UnusedReturnValue.ql index 2517965fc1..38b75bda3c 100644 --- a/cpp/common/test/deviations/deviation_permits_basic_test/UnusedReturnValue.ql +++ b/cpp/common/test/deviations/deviation_permits_basic_test/UnusedReturnValue.ql @@ -16,7 +16,7 @@ import cpp import codingstandards.cpp.CodingStandards -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import codingstandards.cpp.exclusions.cpp.RuleMetadata /* This is a copy of an AUTOSAR rule, which we are using for testing purposes. */ diff --git a/cpp/common/test/deviations/deviations_basic_test/UnusedReturnValue.ql b/cpp/common/test/deviations/deviations_basic_test/UnusedReturnValue.ql index 2517965fc1..38b75bda3c 100644 --- a/cpp/common/test/deviations/deviations_basic_test/UnusedReturnValue.ql +++ b/cpp/common/test/deviations/deviations_basic_test/UnusedReturnValue.ql @@ -16,7 +16,7 @@ import cpp import codingstandards.cpp.CodingStandards -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import codingstandards.cpp.exclusions.cpp.RuleMetadata /* This is a copy of an AUTOSAR rule, which we are using for testing purposes. */ diff --git a/cpp/common/test/deviations/deviations_report_deviated/UnusedReturnValue.ql b/cpp/common/test/deviations/deviations_report_deviated/UnusedReturnValue.ql index 2517965fc1..38b75bda3c 100644 --- a/cpp/common/test/deviations/deviations_report_deviated/UnusedReturnValue.ql +++ b/cpp/common/test/deviations/deviations_report_deviated/UnusedReturnValue.ql @@ -16,7 +16,7 @@ import cpp import codingstandards.cpp.CodingStandards -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import codingstandards.cpp.exclusions.cpp.RuleMetadata /* This is a copy of an AUTOSAR rule, which we are using for testing purposes. */ From 9b64f0e6f3f0e85461a52204b3c05f5599022f8b Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 13 Mar 2024 08:47:09 -0700 Subject: [PATCH 1730/2573] Increase fetch depth to test merge base logic --- .github/workflows/finalize-release.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index de687ee153..89a24a3ae6 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -35,6 +35,7 @@ jobs: uses: actions/checkout@v4 with: ref: ${{ env.REF }} + fetch-depth: 0 - name: Install Python uses: actions/setup-python@v4 From a23942685807041365b910a4024ada7bd5056630 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 13 Mar 2024 08:59:33 -0700 Subject: [PATCH 1731/2573] Bump version to v2.25.0-dev --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- docs/user_manual.md | 12 ++++++------ 16 files changed, 21 insertions(+), 21 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index d584e57d97..f03d92fa3b 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards -version: 2.22.0-dev +version: 2.25.0-dev description: CERT C 2016 suites: codeql-suites license: MIT diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index fee5a2f16e..14c531c27a 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards-tests -version: 2.22.0-dev +version: 2.25.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 75d0521b99..457137553c 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards -version: 2.22.0-dev +version: 2.25.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index 9c82dfd3dd..c0db2ffdb2 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards-tests -version: 2.22.0-dev +version: 2.25.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 45a668f52c..e14f7ef5b2 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards -version: 2.22.0-dev +version: 2.25.0-dev description: MISRA C 2012 suites: codeql-suites license: MIT diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index b64a6fb167..ac279cb189 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards-tests -version: 2.22.0-dev +version: 2.25.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index 356285a5b9..b3c1bc932b 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards -version: 2.22.0-dev +version: 2.25.0-dev description: AUTOSAR C++14 Guidelines R22-11, R21-11, R20-11, R19-11 and R19-03 suites: codeql-suites license: MIT diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index 062c269f5e..c5f2407f7a 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards-tests -version: 2.22.0-dev +version: 2.25.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index a73ff2fd41..c619091931 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards -version: 2.22.0-dev +version: 2.25.0-dev description: CERT C++ 2016 suites: codeql-suites license: MIT diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index 2c879e82a2..4fc2cfd51c 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards-tests -version: 2.22.0-dev +version: 2.25.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index bb698cc9b0..66ee14100d 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards -version: 2.22.0-dev +version: 2.25.0-dev license: MIT dependencies: codeql/cpp-all: 0.9.3 diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index 5a5374e947..97863b90d1 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards-tests -version: 2.22.0-dev +version: 2.25.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index b5dc482483..7c84af47f1 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards -version: 2.22.0-dev +version: 2.25.0-dev description: MISRA C++ 2008 suites: codeql-suites license: MIT diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index f8b7339f66..49b8c33bc4 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards-tests -version: 2.22.0-dev +version: 2.25.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index 7acfe4cf12..3b2da70c1b 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/report-cpp-coding-standards -version: 2.22.0-dev +version: 2.25.0-dev license: MIT dependencies: codeql/cpp-all: 0.9.3 diff --git a/docs/user_manual.md b/docs/user_manual.md index af050c07e2..188b88505a 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -29,13 +29,13 @@ ## Release information -This user manual documents release `2.22.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). +This user manual documents release `2.25.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). The release page documents the release notes and contains the following artifacts part of the release: -- `code-scanning-cpp-query-pack-2.22.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `supported_rules_list_2.22.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. -- `supported_rules_list_2.22.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. -- `user_manual_2.22.0-dev.md`: This user manual. +- `code-scanning-cpp-query-pack-2.25.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. +- `supported_rules_list_2.25.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. +- `supported_rules_list_2.25.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. +- `user_manual_2.25.0-dev.md`: This user manual. - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards - `checksums.txt`: A text file containing sha256 checksums for the aforementioned artifacts. @@ -496,7 +496,7 @@ This section describes known failure modes for "CodeQL Coding Standards" and des | | Ouf of space | Less output. Some files may be only be partially analyzed, or not analyzed at all. | Error reported on the command line. | Increase space. If it remains an issue report space consumption issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False positives | More output. Results are reported which are not violations of the guidelines. | All reported results must be reviewed. | Report false positive issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False negatives | Less output. Violations of the guidelines are not reported. | Other validation and verification processes during software development should be used to complement the analysis performed by CodeQL Coding Standards. | Report false negative issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | -| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.22.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | +| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.25.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | | | Incorrect deviation record specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation records with a reason. Ensure that all deviation records are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Incorrect deviation permit specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation permits with a reason. Ensure that all deviation permits are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Unapproved use of a deviation record | Less output. Results for guideline violations are not reported. | Validate that the deviation record use is approved by verifying the approved-by attribute of the deviation record specification. | Ensure that each raised deviation record is approved by an independent approver through an auditable process. | From 4b4373615affbe350aef308db34d8e26b2d4fd75 Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Wed, 13 Mar 2024 21:53:02 +0000 Subject: [PATCH 1732/2573] Accept test changes. --- ...bleLengthArraySizeNotInValidRange.expected | 2 ++ ...rithmeticOnNonArrayObjectPointers.expected | 5 ++++ ...rSubtractAScaledIntegerToAPointer.expected | 4 ++++ .../CleanUpThreadSpecificStorage.expected | 6 +++++ ...riateThreadObjectStorageDurations.expected | 8 +++++++ ...ectStorageDurationsNotInitialized.expected | 5 ++++ ...ateStorageDurationsFunctionReturn.expected | 5 ++++ .../ERR30-C/ErrnoReadBeforeReturn.expected | 1 + .../ERR30-C/SetlocaleMightSetErrno.expected | 1 + ...tRelyOnIndeterminateValuesOfErrno.expected | 4 ++++ ...ectAndHandleStandardLibraryErrors.expected | 1 + ...OfFunctionArgumentsForSideEffects.expected | 24 +++++++++++++++++++ ...rToMoreStrictlyAlignedPointerType.expected | 10 ++++++++ ...nctionPointerWithIncompatibleType.expected | 4 ++++ ...iableViaPointerOfIncompatibleType.expected | 7 ++++++ .../DoNotModifyConstantObjects.expected | 4 ++++ ...edPointerToRestrictQualifiedParam.expected | 12 ++++++++++ ...ointerReferencesOverlappingObject.expected | 7 ++++++ ...esetStringsOnFgetsOrFgetwsFailure.expected | 3 +++ ...FsetposThatAreReturnedFromFgetpos.expected | 5 ++++ ...RaceConditionsWhileAccessingFiles.expected | 1 + ...ufficientMemoryAllocatedForObject.expected | 2 ++ ...odifyAlignmentOfMemoryWithRealloc.expected | 5 ++++ ...ssInvalidDataToTheAsctimeFunction.expected | 4 ++++ ...VaListThatHasAnIndeterminateValue.expected | 7 ++++++ ...SafeFunctionsWithinSignalHandlers.expected | 3 +++ ...romAComputationalExceptionHandler.expected | 1 + ...oNotAttemptToModifyStringLiterals.expected | 15 ++++++++++++ ...fficientSpaceForTheNullTerminator.expected | 6 +++++ ...natedToFunctionThatExpectsAString.expected | 9 +++++++ ...yFunctionArgumentNumberOfElements.expected | 6 +++++ ...sedToCompareNullTerminatedStrings.expected | 4 ++++ ...ForReadAndWriteOnDifferentStreams.expected | 1 + .../AttemptToWriteToAReadOnlyStream.expected | 6 +++++ ...omparedWithUnmodifiedReturnValues.expected | 8 +++++++ ...rformConversionOfPassedParameters.expected | 3 +++ .../AssignmentOperatorReturnThis.expected | 1 + .../ThrownExceptionsShouldBeUnique.expected | 1 + ...orErrorLeavesObjectInInvalidState.expected | 9 +++++++ ...entOfAnArrayPassedToASmartPointer.expected | 7 ++++++ .../UnnecessaryUseOfDynamicStorage.expected | 4 ++++ ...ArgumentToForwardSubsequentlyUsed.expected | 3 +++ ...PointerUsedWithNoOwnershipSharing.expected | 1 + .../rules/A27-0-4/CStyleStringsUsed.expected | 3 +++ ...UsedWithPointersToNonFinalClasses.expected | 4 ++++ .../A5-1-7/LambdaPassedToDecltype.expected | 6 +++++ .../A5-1-7/LambdaPassedToTypeid.expected | 4 ++++ .../A7-1-2/VariableMissingConstexpr.expected | 6 +++++ .../A7-5-1/InvalidFunctionReturnType.expected | 3 +++ ...ParameterWithoutLifetimeSemantics.expected | 2 ++ ...edToFunctionWithImproperSemantics.expected | 2 ++ ...tParametersDeclaredAsTNotModified.expected | 2 ++ ...eferencesToPrivateOrProtectedData.expected | 3 +++ ...tionErroneousReturnValueNotTested.expected | 3 +++ ...ntationsOfFloatingPointValuesUsed.expected | 3 +++ ...berFunctionReturnsNonConstPointer.expected | 2 ++ ...cCppLibraryFunctionsDoNotOverflow.expected | 9 +++++++ .../CTR53-CPP/UseValidIteratorRanges.expected | 6 +++++ ...terArithmeticOnPolymorphicObjects.expected | 4 ++++ ...nFunctionCallsAsFunctionArguments.expected | 24 +++++++++++++++++++ ...ThroughAPointerOfTheIncorrectType.expected | 4 ++++ ...ctAndHandleMemoryAllocationErrors.expected | 7 ++++++ .../BadlySeededRandomNumberGenerator.expected | 1 + 63 files changed, 323 insertions(+) diff --git a/c/cert/test/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.expected b/c/cert/test/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.expected index 25153f195b..bcb1c8eddd 100644 --- a/c/cert/test/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.expected +++ b/c/cert/test/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.expected @@ -1,3 +1,5 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (VariableLengthArraySizeNotInValidRange.ql:104,11-19) +WARNING: Module TaintTracking has been deprecated and may be removed in future (VariableLengthArraySizeNotInValidRange.ql:87,5-18) | test.c:14:8:14:8 | VLA declaration | Variable-length array dimension size may be in an invalid range. | | test.c:15:8:15:8 | VLA declaration | Variable-length array dimension size may be in an invalid range. | | test.c:16:8:16:8 | VLA declaration | Variable-length array dimension size may be in an invalid range. | diff --git a/c/cert/test/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.expected b/c/cert/test/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.expected index e5e0252e3a..d75db521af 100644 --- a/c/cert/test/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.expected +++ b/c/cert/test/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.expected @@ -1,3 +1,8 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:23,60-68) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:24,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:36,20-28) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:44,26-34) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:65,3-11) edges | test.c:14:38:14:39 | p1 | test.c:18:10:18:11 | v1 | provenance | | | test.c:14:38:14:39 | p1 | test.c:19:10:19:11 | v2 | provenance | | diff --git a/c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected b/c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected index bfd6b23128..7782984e5b 100644 --- a/c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected +++ b/c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected @@ -1,3 +1,7 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAddOrSubtractAScaledIntegerToAPointer.ql:72,56-64) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAddOrSubtractAScaledIntegerToAPointer.ql:73,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAddOrSubtractAScaledIntegerToAPointer.ql:75,20-28) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAddOrSubtractAScaledIntegerToAPointer.ql:84,45-53) edges | test.c:7:13:7:14 | p1 | test.c:9:9:9:10 | p1 | provenance | | | test.c:16:19:16:41 | ... - ... | test.c:18:26:18:31 | offset | provenance | | diff --git a/c/cert/test/rules/CON30-C/CleanUpThreadSpecificStorage.expected b/c/cert/test/rules/CON30-C/CleanUpThreadSpecificStorage.expected index e03b665a1c..9b1288d578 100644 --- a/c/cert/test/rules/CON30-C/CleanUpThreadSpecificStorage.expected +++ b/c/cert/test/rules/CON30-C/CleanUpThreadSpecificStorage.expected @@ -1,3 +1,9 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:21,46-54) +WARNING: Module DataFlow has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:22,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:31,20-28) +WARNING: Module DataFlow has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:41,35-43) +WARNING: Module DataFlow has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:49,36-44) +WARNING: Module DataFlow has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:51,36-44) | test.c:27:3:27:12 | call to tss_create | Resources used by thread specific storage may not be cleaned up. | | test.c:49:3:49:12 | call to tss_create | Resources used by thread specific storage may not be cleaned up. | | test.c:71:3:71:12 | call to tss_create | Resources used by thread specific storage may not be cleaned up. | diff --git a/c/cert/test/rules/CON34-C/AppropriateThreadObjectStorageDurations.expected b/c/cert/test/rules/CON34-C/AppropriateThreadObjectStorageDurations.expected index c3cdc8bd7b..a513b55b73 100644 --- a/c/cert/test/rules/CON34-C/AppropriateThreadObjectStorageDurations.expected +++ b/c/cert/test/rules/CON34-C/AppropriateThreadObjectStorageDurations.expected @@ -1,3 +1,11 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:28,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:28,54-62) +WARNING: Module DataFlow has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:35,62-70) +WARNING: Module DataFlow has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:40,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:40,30-38) +WARNING: Module DataFlow has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:41,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:41,30-38) +WARNING: Module TaintTracking has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:28,3-16) | test.c:23:3:23:13 | call to thrd_create | $@ not declared with appropriate storage duration | test.c:23:24:23:29 | & ... | Shared object | | test.c:74:3:74:13 | call to thrd_create | $@ not declared with appropriate storage duration | test.c:74:24:74:24 | p | Shared object | | test.c:85:3:85:13 | call to thrd_create | $@ not declared with appropriate storage duration | test.c:85:24:85:24 | p | Shared object | diff --git a/c/cert/test/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.expected b/c/cert/test/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.expected index 95d0a20041..337df4c14c 100644 --- a/c/cert/test/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.expected +++ b/c/cert/test/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.expected @@ -1 +1,6 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (ThreadObjectStorageDurationsNotInitialized.ql:28,38-46) +WARNING: Module DataFlow has been deprecated and may be removed in future (ThreadObjectStorageDurationsNotInitialized.ql:31,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (ThreadObjectStorageDurationsNotInitialized.ql:31,30-38) +WARNING: Module DataFlow has been deprecated and may be removed in future (ThreadObjectStorageDurationsNotInitialized.ql:32,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (ThreadObjectStorageDurationsNotInitialized.ql:32,30-38) | test.c:14:7:14:13 | call to tss_get | Call to a thread specific storage function from within a threaded context on an object that may not be owned by this thread. | diff --git a/c/cert/test/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.expected b/c/cert/test/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.expected index ff842ddcad..18d28b61bc 100644 --- a/c/cert/test/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.expected +++ b/c/cert/test/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.expected @@ -1,2 +1,7 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (AppropriateStorageDurationsFunctionReturn.ql:22,20-28) +WARNING: Module DataFlow has been deprecated and may be removed in future (AppropriateStorageDurationsFunctionReturn.ql:26,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (AppropriateStorageDurationsFunctionReturn.ql:39,6-14) +WARNING: Module DataFlow has been deprecated and may be removed in future (AppropriateStorageDurationsFunctionReturn.ql:39,26-34) +WARNING: Module DataFlow has been deprecated and may be removed in future (AppropriateStorageDurationsFunctionReturn.ql:45,3-11) | test.c:3:10:3:10 | a | $@ with automatic storage may be accessible outside of its lifetime. | test.c:3:10:3:10 | a | a | | test.c:15:4:15:8 | param [inner post update] | $@ with automatic storage may be accessible outside of its lifetime. | test.c:15:12:15:13 | a2 | a2 | diff --git a/c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.expected b/c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.expected index b6d7caa513..b3e5c4b7fc 100644 --- a/c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.expected +++ b/c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.expected @@ -1,3 +1,4 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (ErrnoReadBeforeReturn.ql:40,7-15) | test.c:69:7:69:11 | * ... | Do not read `errno` before checking the return value of function $@. | test.c:68:3:68:7 | call to ftell | call to ftell | | test.c:69:7:69:11 | call to __errno_location | Do not read `errno` before checking the return value of function $@. | test.c:68:3:68:7 | call to ftell | call to ftell | | test.c:70:5:70:10 | call to perror | Do not read `errno` before checking the return value of function $@. | test.c:68:3:68:7 | call to ftell | call to ftell | diff --git a/c/cert/test/rules/ERR30-C/SetlocaleMightSetErrno.expected b/c/cert/test/rules/ERR30-C/SetlocaleMightSetErrno.expected index 9ab88a3395..0ffaf56bd1 100644 --- a/c/cert/test/rules/ERR30-C/SetlocaleMightSetErrno.expected +++ b/c/cert/test/rules/ERR30-C/SetlocaleMightSetErrno.expected @@ -1,2 +1,3 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (SetlocaleMightSetErrno.ql:64,7-15) | test.c:98:3:98:11 | call to setlocale | Do not read `errno` before checking the return value of a call to `setlocale`. | | test.c:104:7:104:15 | call to setlocale | The value of `errno` may be different than `0` when `setlocale` is called. The following `errno` check might be invalid. | diff --git a/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected b/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected index da9122cfd4..77fa7b7ba7 100644 --- a/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected +++ b/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected @@ -1,3 +1,7 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotRelyOnIndeterminateValuesOfErrno.ql:50,7-15) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotRelyOnIndeterminateValuesOfErrno.ql:50,27-35) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotRelyOnIndeterminateValuesOfErrno.ql:51,9-17) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotRelyOnIndeterminateValuesOfErrno.ql:54,9-17) | test.c:12:5:12:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:10:21:10:26 | call to signal | call to signal | | test.c:30:5:30:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:26:21:26:26 | call to signal | call to signal | | test.c:49:5:49:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:45:21:45:26 | call to signal | call to signal | diff --git a/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected b/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected index fbcc44b856..a32a03a3b9 100644 --- a/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected +++ b/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected @@ -1,3 +1,4 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (DetectAndHandleStandardLibraryErrors.ql:453,5-13) | test.c:18:3:18:11 | call to setlocale | Missing error detection for the call to function `setlocale`. | | test.c:24:23:24:31 | call to setlocale | Missing error detection for the call to function `setlocale`. | | test.c:29:22:29:27 | call to calloc | Missing error detection for the call to function `calloc`. | diff --git a/c/cert/test/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.expected b/c/cert/test/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.expected index 3ea1a05fd7..6ea3499517 100644 --- a/c/cert/test/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.expected +++ b/c/cert/test/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.expected @@ -1 +1,25 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:24,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:24,59-67) +WARNING: Module DataFlow has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:27,33-41) +WARNING: Module DataFlow has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:27,57-65) +WARNING: Module DataFlow has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:31,33-41) +WARNING: Module DataFlow has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:31,59-67) +WARNING: Module DataFlow has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:40,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:40,25-33) +WARNING: Module DataFlow has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:40,53-61) +WARNING: Module DataFlow has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:43,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:43,57-65) +WARNING: Module DataFlow has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:52,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:52,55-63) +WARNING: Module DataFlow has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:59,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:59,57-65) +WARNING: Module DataFlow has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:71,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:71,55-63) +WARNING: Module TaintTracking has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:24,5-18) +WARNING: Module TaintTracking has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:27,7-20) +WARNING: Module TaintTracking has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:31,7-20) +WARNING: Module TaintTracking has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:43,5-18) +WARNING: Module TaintTracking has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:52,5-18) +WARNING: Module TaintTracking has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:59,5-18) +WARNING: Module TaintTracking has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:71,5-18) | test.c:20:3:20:4 | call to f1 | Depending on the order of evaluation for the arguments $@ and $@ for side effects on shared state is unspecified and can result in unexpected behavior. | test.c:20:6:20:7 | call to f2 | call to f2 | test.c:20:12:20:13 | call to f3 | call to f3 | diff --git a/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected b/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected index c4bc63cc94..b6f96f6ea5 100644 --- a/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected +++ b/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected @@ -1,3 +1,13 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:98,86-94) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:120,3-11) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:122,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:127,20-28) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:133,3-11) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:139,55-63) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:140,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:142,20-28) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:149,26-34) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:164,44-52) edges | test.c:75:14:75:16 | & ... | test.c:76:11:76:12 | v1 | provenance | | | test.c:75:14:75:16 | & ... | test.c:77:12:77:13 | v1 | provenance | | diff --git a/c/cert/test/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.expected b/c/cert/test/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.expected index 546c753ebb..1b6505f472 100644 --- a/c/cert/test/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.expected +++ b/c/cert/test/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.expected @@ -1,3 +1,7 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCallFunctionPointerWithIncompatibleType.ql:40,54-62) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCallFunctionPointerWithIncompatibleType.ql:41,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCallFunctionPointerWithIncompatibleType.ql:45,20-28) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCallFunctionPointerWithIncompatibleType.ql:50,43-51) edges | test.c:48:68:48:70 | fns [f1] | test.c:49:3:49:5 | fns [f1] | provenance | | | test.c:49:3:49:5 | fns [f1] | test.c:49:8:49:9 | f1 | provenance | | diff --git a/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected b/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected index 137017d53a..3316256acb 100644 --- a/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected +++ b/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected @@ -1,3 +1,10 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:61,38-46) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:64,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:69,20-28) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:102,23-31) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:111,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:111,45-53) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:133,27-35) edges | test.c:49:8:49:9 | s3 | test.c:50:8:50:9 | s1 | provenance | | | test.c:60:16:60:18 | E1A | test.c:61:16:61:17 | e1 | provenance | | diff --git a/c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.expected b/c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.expected index bef45f3841..e7af404ec1 100644 --- a/c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.expected +++ b/c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.expected @@ -1,3 +1,7 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotModifyConstantObjects.ql:35,30-38) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotModifyConstantObjects.ql:36,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotModifyConstantObjects.ql:42,20-28) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotModifyConstantObjects.ql:47,19-27) edges | test.c:5:8:5:9 | & ... | test.c:6:4:6:5 | aa | provenance | | | test.c:26:15:26:15 | a | test.c:27:4:27:4 | a | provenance | | diff --git a/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.expected b/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.expected index 4d4c20a39c..a77a92ee81 100644 --- a/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.expected +++ b/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.expected @@ -1,3 +1,15 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:103,36-44) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:118,51-59) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:119,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:121,20-28) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:127,25-33) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:132,40-48) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:146,41-49) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:147,7-15) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:150,43-51) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:151,9-17) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:158,43-51) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:159,9-17) | test.c:59:3:59:6 | call to copy | Call to 'copy' passes an $@ to a $@ (pointer value derived from a pair of address-of expressions ($@, $@). | test.c:59:13:59:15 | & ... | aliased pointer | test.c:59:8:59:10 | & ... | restrict-qualified parameter | test.c:59:8:59:10 | & ... | addressof1 | test.c:59:13:59:15 | & ... | addressof2 | | test.c:65:3:65:6 | call to copy | Call to 'copy' passes an $@ to a $@ (pointer value derived from a pair of address-of expressions ($@, $@). | test.c:65:15:65:19 | & ... | aliased pointer | test.c:65:8:65:12 | & ... | restrict-qualified parameter | test.c:65:8:65:12 | & ... | addressof1 | test.c:65:15:65:19 | & ... | addressof2 | | test.c:67:3:67:6 | call to copy | Call to 'copy' passes an $@ to a $@ (pointer value derived from a pair of address-of expressions ($@, $@). | test.c:67:15:67:16 | px | aliased pointer | test.c:67:8:67:12 | & ... | restrict-qualified parameter | test.c:67:8:67:12 | & ... | addressof1 | test.c:63:13:63:17 | & ... | addressof2 | diff --git a/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected b/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected index 3746991c09..591e17661a 100644 --- a/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected +++ b/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected @@ -1,3 +1,10 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:42,57-65) +WARNING: Module DataFlow has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:43,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:47,20-28) +WARNING: Module DataFlow has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:53,3-11) +WARNING: Module DataFlow has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:56,58-66) +WARNING: Module DataFlow has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:72,64-72) +WARNING: Module DataFlow has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:73,64-72) | test.c:18:22:18:23 | i2 | Assignment to restrict-qualified pointer $@ results in pointers aliasing $@. | test.c:18:17:18:18 | i3 | i3 | test.c:18:22:18:23 | i2 | the object pointed to by i2 | | test.c:19:8:19:9 | g2 | Assignment to restrict-qualified pointer $@ results in pointers aliasing $@. | test.c:5:15:5:16 | g1 | g1 | test.c:19:8:19:9 | g2 | the object pointed to by g2 | | test.c:20:8:20:9 | i2 | Assignment to restrict-qualified pointer $@ results in pointers aliasing $@. | test.c:16:17:16:18 | i1 | i1 | test.c:20:8:20:9 | i2 | the object pointed to by i2 | diff --git a/c/cert/test/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.expected b/c/cert/test/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.expected index 20c108cfa0..6a73ee98a7 100644 --- a/c/cert/test/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.expected +++ b/c/cert/test/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.expected @@ -1,3 +1,6 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (ResetStringsOnFgetsOrFgetwsFailure.ql:42,11-19) +WARNING: Module DataFlow has been deprecated and may be removed in future (ResetStringsOnFgetsOrFgetwsFailure.ql:42,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (ResetStringsOnFgetsOrFgetwsFailure.ql:43,13-21) | test.c:20:10:20:12 | buf | The buffer is not reset before being referenced following a failed $@. | test.c:15:7:15:11 | call to fgets | call to fgets | | test.c:57:10:57:12 | buf | The buffer is not reset before being referenced following a failed $@. | test.c:52:7:52:11 | call to fgets | call to fgets | | test.c:66:18:66:20 | buf | The buffer is not reset before being referenced following a failed $@. | test.c:61:7:61:11 | call to fgets | call to fgets | diff --git a/c/cert/test/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.expected b/c/cert/test/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.expected index 8074710738..637918f241 100644 --- a/c/cert/test/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.expected +++ b/c/cert/test/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.expected @@ -1,2 +1,7 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:25,32-40) +WARNING: Module DataFlow has been deprecated and may be removed in future (OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:26,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:28,14-22) +WARNING: Module DataFlow has been deprecated and may be removed in future (OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:31,20-28) +WARNING: Module DataFlow has been deprecated and may be removed in future (OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:37,21-29) | test.c:7:24:7:30 | & ... | The position argument of a call to `fsetpos()` should be obtained from a call to `fgetpos()`. | | test.c:33:24:33:30 | & ... | The position argument of a call to `fsetpos()` should be obtained from a call to `fgetpos()`. | diff --git a/c/cert/test/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.expected b/c/cert/test/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.expected index 1b2923b780..f294ce05b7 100644 --- a/c/cert/test/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.expected +++ b/c/cert/test/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.expected @@ -1,2 +1,3 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (ToctouRaceConditionsWhileAccessingFiles.ql:27,35-43) | test.c:4:13:4:17 | call to fopen | This call is trying to prevent an existing file from being overwritten by $@. An attacker might be able to exploit the race window between the two calls. | test.c:11:9:11:13 | call to fopen | another call | | test.c:88:13:88:17 | call to fopen | This call is trying to prevent an existing file from being overwritten by $@. An attacker might be able to exploit the race window between the two calls. | test.c:95:9:95:13 | call to fopen | another call | diff --git a/c/cert/test/rules/MEM35-C/InsufficientMemoryAllocatedForObject.expected b/c/cert/test/rules/MEM35-C/InsufficientMemoryAllocatedForObject.expected index 30dece9299..73dd6ba1e0 100644 --- a/c/cert/test/rules/MEM35-C/InsufficientMemoryAllocatedForObject.expected +++ b/c/cert/test/rules/MEM35-C/InsufficientMemoryAllocatedForObject.expected @@ -1,3 +1,5 @@ +WARNING: Module TaintTracking has been deprecated and may be removed in future (InsufficientMemoryAllocatedForObject.ql:85,5-18) +WARNING: Module TaintTracking has been deprecated and may be removed in future (InsufficientMemoryAllocatedForObject.ql:143,5-18) | test.c:12:19:12:24 | call to malloc | Allocation size (32 bytes) is not a multiple of the size of 'S1' (36 bytes). | test.c:12:26:12:32 | 32 | | | test.c:15:19:15:24 | call to malloc | Allocation size calculated from the size of a different type ($@). | test.c:15:26:15:35 | sizeof() | sizeof(S1 *) | | test.c:20:19:20:24 | call to malloc | Allocation size (128 bytes) is not a multiple of the size of 'S1' (36 bytes). | test.c:20:26:20:36 | ... * ... | | diff --git a/c/cert/test/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.expected b/c/cert/test/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.expected index 0ae87f2ee8..61c2cfb1f0 100644 --- a/c/cert/test/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.expected +++ b/c/cert/test/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.expected @@ -1,3 +1,8 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotModifyAlignmentOfMemoryWithRealloc.ql:26,36-44) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotModifyAlignmentOfMemoryWithRealloc.ql:40,47-55) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotModifyAlignmentOfMemoryWithRealloc.ql:41,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotModifyAlignmentOfMemoryWithRealloc.ql:45,20-28) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotModifyAlignmentOfMemoryWithRealloc.ql:50,36-44) edges | test.c:5:10:5:22 | call to aligned_alloc | test.c:15:8:15:28 | call to aligned_alloc_wrapper | provenance | | | test.c:8:29:8:31 | ptr | test.c:8:64:8:66 | ptr | provenance | | diff --git a/c/cert/test/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.expected b/c/cert/test/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.expected index 70d60c528a..713646db10 100644 --- a/c/cert/test/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.expected +++ b/c/cert/test/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.expected @@ -1 +1,5 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotPassInvalidDataToTheAsctimeFunction.ql:33,38-46) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotPassInvalidDataToTheAsctimeFunction.ql:34,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotPassInvalidDataToTheAsctimeFunction.ql:41,20-28) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotPassInvalidDataToTheAsctimeFunction.ql:44,27-35) | test.c:6:24:6:30 | time_tm | The function `asctime` and `asctime_r` should be discouraged. Unsanitized input can overflow the output buffer. | diff --git a/c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.expected b/c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.expected index 2b7bb2bdbc..4d4a713487 100644 --- a/c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.expected +++ b/c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.expected @@ -1,3 +1,10 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:38,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:39,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:44,20-28) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:47,20-28) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:68,10-18) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:69,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:70,29-37) | test.c:23:32:23:33 | ap | The value of ap is indeterminate after the $@. | test.c:17:7:17:19 | call to contains_zero | call to contains_zero | | test.c:26:10:26:11 | ap | The value of ap is indeterminate after the $@. | test.c:17:7:17:19 | call to contains_zero | call to contains_zero | | test.c:39:12:39:13 | ap | The value of ap is indeterminate after the $@. | test.c:35:7:35:19 | call to contains_zero | call to contains_zero | diff --git a/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected b/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected index a601fe63f4..a5f4af8c3c 100644 --- a/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected +++ b/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected @@ -1,3 +1,6 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql:105,11-19) +WARNING: Module DataFlow has been deprecated and may be removed in future (CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql:105,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql:106,9-17) | test.c:10:3:10:18 | call to log_local_unsafe | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:16:7:16:12 | call to signal | signal handler | | test.c:11:3:11:6 | call to free | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:16:7:16:12 | call to signal | signal handler | | test.c:46:3:46:9 | call to longjmp | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:50:7:50:12 | call to signal | signal handler | diff --git a/c/cert/test/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.expected b/c/cert/test/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.expected index 31412c466a..d4796c6ede 100644 --- a/c/cert/test/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.expected +++ b/c/cert/test/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.expected @@ -1 +1,2 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotReturnFromAComputationalExceptionHandler.ql:39,5-13) | test.c:10:1:10:1 | return ... | Do not return from a $@ signal handler. | test.c:13:10:13:15 | SIGFPE | computational exception | diff --git a/c/cert/test/rules/STR30-C/DoNotAttemptToModifyStringLiterals.expected b/c/cert/test/rules/STR30-C/DoNotAttemptToModifyStringLiterals.expected index 27ef66bc7a..7215fd8603 100644 --- a/c/cert/test/rules/STR30-C/DoNotAttemptToModifyStringLiterals.expected +++ b/c/cert/test/rules/STR30-C/DoNotAttemptToModifyStringLiterals.expected @@ -1,3 +1,18 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:42,65-73) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:43,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:64,20-28) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:77,3-11) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:101,11-19) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:101,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:101,55-63) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:106,11-19) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:106,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:106,57-65) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:139,11-19) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:139,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:139,55-63) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:150,53-61) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:151,5-13) | test.c:7:3:7:3 | a | This operation may write to a string that may be a string literal that was $@. | test.c:6:13:6:20 | codeql | created here | | test.c:30:3:30:3 | a | This operation may write to a string that may be a string literal that was $@. | test.c:29:13:29:18 | call to strchr | created here | | test.c:36:3:36:3 | b | This operation may write to a string that may be a string literal that was $@. | test.c:35:13:35:18 | call to strchr | created here | diff --git a/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.expected b/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.expected index 71e713d120..4c411382f0 100644 --- a/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.expected +++ b/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.expected @@ -1,3 +1,9 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (StringsHasSufficientSpaceForTheNullTerminator.ql:57,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (StringsHasSufficientSpaceForTheNullTerminator.ql:57,55-63) +WARNING: Module DataFlow has been deprecated and may be removed in future (StringsHasSufficientSpaceForTheNullTerminator.ql:63,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (StringsHasSufficientSpaceForTheNullTerminator.ql:63,54-62) +WARNING: Module TaintTracking has been deprecated and may be removed in future (StringsHasSufficientSpaceForTheNullTerminator.ql:57,5-18) +WARNING: Module TaintTracking has been deprecated and may be removed in future (StringsHasSufficientSpaceForTheNullTerminator.ql:63,5-18) | test.c:10:20:10:24 | Cod | Expression produces or consumes a string that may not have sufficient space for a null-terminator. | | test.c:16:3:16:9 | call to strncpy | Expression produces or consumes a string that may not have sufficient space for a null-terminator. | | test.c:26:3:26:10 | call to snprintf | Expression produces or consumes a string that may not have sufficient space for a null-terminator. | diff --git a/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected b/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected index 4099e3fb1a..341440d589 100644 --- a/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected +++ b/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected @@ -1,3 +1,12 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:55,33-41) +WARNING: Module DataFlow has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:55,73-81) +WARNING: Module DataFlow has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:61,33-41) +WARNING: Module DataFlow has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:61,57-65) +WARNING: Module DataFlow has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:69,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:69,69-77) +WARNING: Module TaintTracking has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:55,7-20) +WARNING: Module TaintTracking has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:61,7-20) +WARNING: Module TaintTracking has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:69,5-18) | test.c:19:3:19:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:7:20:7:24 | Cod | this expression | | test.c:20:3:20:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:7:20:7:24 | Cod | this expression | | test.c:22:3:22:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:13:3:13:9 | call to strncpy | this expression | diff --git a/c/misra/test/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.expected b/c/misra/test/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.expected index 913f6f1c34..d9cd037d42 100644 --- a/c/misra/test/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.expected +++ b/c/misra/test/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.expected @@ -1,3 +1,9 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:47,36-44) +WARNING: Module DataFlow has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:48,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:50,20-28) +WARNING: Module DataFlow has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:55,25-33) +WARNING: Module DataFlow has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:71,28-36) +WARNING: Module DataFlow has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:71,51-59) | test.c:18:6:18:6 | 0 | The function argument does not have a sufficient number or elements declared in the $@. | test.c:1:13:1:14 | ar | parameter | | test.c:19:6:19:7 | ar | The function argument does not have a sufficient number or elements declared in the $@. | test.c:1:13:1:14 | ar | parameter | | test.c:21:6:21:9 | ar2p | The function argument does not have a sufficient number or elements declared in the $@. | test.c:1:13:1:14 | ar | parameter | diff --git a/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected b/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected index cded1a0a89..ef6703a285 100644 --- a/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected +++ b/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected @@ -1,3 +1,7 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (MemcmpUsedToCompareNullTerminatedStrings.ql:22,54-62) +WARNING: Module DataFlow has been deprecated and may be removed in future (MemcmpUsedToCompareNullTerminatedStrings.ql:23,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (MemcmpUsedToCompareNullTerminatedStrings.ql:49,20-28) +WARNING: Module TaintTracking has been deprecated and may be removed in future (MemcmpUsedToCompareNullTerminatedStrings.ql:57,43-56) edges | test.c:12:13:12:15 | a | test.c:14:10:14:10 | a | provenance | | | test.c:12:13:12:15 | a | test.c:23:13:23:13 | a | provenance | | diff --git a/c/misra/test/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.expected b/c/misra/test/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.expected index 6111072ba8..3382b66847 100644 --- a/c/misra/test/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.expected +++ b/c/misra/test/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.expected @@ -1,3 +1,4 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (FileOpenForReadAndWriteOnDifferentStreams.ql:38,9-17) | test.c:6:14:6:18 | call to fopen | The same file was already opened $@. Files should not be read and written at the same time using different streams. | test.c:5:14:5:18 | call to fopen | here | | test.c:17:14:17:18 | call to fopen | The same file was already opened $@. Files should not be read and written at the same time using different streams. | test.c:16:14:16:18 | call to fopen | here | | test.c:33:14:33:18 | call to fopen | The same file was already opened $@. Files should not be read and written at the same time using different streams. | test.c:32:14:32:18 | call to fopen | here | diff --git a/c/misra/test/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.expected b/c/misra/test/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.expected index 0bfce133c5..08363e7dda 100644 --- a/c/misra/test/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.expected +++ b/c/misra/test/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.expected @@ -1,2 +1,8 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:18,32-40) +WARNING: Module DataFlow has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:19,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:24,20-28) +WARNING: Module DataFlow has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:30,21-29) +WARNING: Module DataFlow has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:32,6-14) +WARNING: Module DataFlow has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:35,28-36) | test.c:10:3:10:9 | call to fprintf | Attempt to write to a $@ opened as read-only. | test.c:9:14:9:18 | call to fopen | stream | | test.c:15:3:15:9 | call to fprintf | Attempt to write to a $@ opened as read-only. | test.c:18:14:18:18 | call to fopen | stream | diff --git a/c/misra/test/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.expected b/c/misra/test/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.expected index 709d8b002c..9e975d34e4 100644 --- a/c/misra/test/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.expected +++ b/c/misra/test/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.expected @@ -1,2 +1,10 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:22,28-36) +WARNING: Module DataFlow has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:23,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:27,20-28) +WARNING: Module DataFlow has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:36,23-31) +WARNING: Module DataFlow has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:41,17-25) +WARNING: Module DataFlow has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:50,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:58,20-28) +WARNING: Module DataFlow has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:58,46-54) | test.c:6:7:6:20 | ... != ... | The check is not reliable as the type of the return value of $@ is converted. | test.c:5:14:5:20 | call to getchar | call to getchar | | test.c:13:7:13:15 | ... != ... | The check is not reliable as the type of the return value of $@ is converted. | test.c:12:14:12:20 | call to getchar | call to getchar | diff --git a/cpp/autosar/test/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.expected b/cpp/autosar/test/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.expected index 53dc884023..11b622f271 100644 --- a/cpp/autosar/test/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.expected +++ b/cpp/autosar/test/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.expected @@ -1 +1,4 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.ql:27,33-41) +WARNING: Module DataFlow has been deprecated and may be removed in future (UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.ql:28,5-13) +WARNING: Module TaintTracking has been deprecated and may be removed in future (UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.ql:27,7-20) | test.cpp:47:8:47:23 | operator ""_uds5 | User defined literal operator returns $@, which is not converted from a passed parameter | test.cpp:48:10:48:12 | 0.0 | expression | diff --git a/cpp/autosar/test/rules/A13-2-1/AssignmentOperatorReturnThis.expected b/cpp/autosar/test/rules/A13-2-1/AssignmentOperatorReturnThis.expected index e9929173b0..4a4697facc 100644 --- a/cpp/autosar/test/rules/A13-2-1/AssignmentOperatorReturnThis.expected +++ b/cpp/autosar/test/rules/A13-2-1/AssignmentOperatorReturnThis.expected @@ -1,3 +1,4 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (AssignmentOperatorReturnThis.ql:25,5-13) | test.cpp:10:12:10:20 | operator= | User-defined assignment operator $@ does not return *this | test.cpp:10:12:10:20 | operator= | user defined assignment operator | | test.cpp:17:11:17:19 | operator= | User-defined assignment operator $@ does not return *this | test.cpp:17:11:17:19 | operator= | user defined assignment operator | | test.cpp:24:12:24:20 | operator= | User-defined assignment operator $@ does not return *this | test.cpp:24:12:24:20 | operator= | user defined assignment operator | diff --git a/cpp/autosar/test/rules/A15-1-3/ThrownExceptionsShouldBeUnique.expected b/cpp/autosar/test/rules/A15-1-3/ThrownExceptionsShouldBeUnique.expected index b085736659..92504006b9 100644 --- a/cpp/autosar/test/rules/A15-1-3/ThrownExceptionsShouldBeUnique.expected +++ b/cpp/autosar/test/rules/A15-1-3/ThrownExceptionsShouldBeUnique.expected @@ -1,3 +1,4 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (ThrownExceptionsShouldBeUnique.ql:24,3-11) | test.cpp:6:5:6:26 | throw ... | The $@ thrown here is a possible duplicate of the $@ thrown $@. | test.cpp:6:5:6:26 | call to exception | std::exception exception | test.cpp:14:5:14:26 | call to exception | exception | test.cpp:14:5:14:26 | throw ... | here | | test.cpp:8:5:8:53 | throw ... | The $@ thrown here is a possible duplicate of the $@ thrown $@. | test.cpp:8:5:8:53 | call to runtime_error | std::runtime_error exception | test.cpp:16:5:16:53 | call to runtime_error | exception | test.cpp:16:5:16:53 | throw ... | here | | test.cpp:14:5:14:26 | throw ... | The $@ thrown here is a possible duplicate of the $@ thrown $@. | test.cpp:14:5:14:26 | call to exception | std::exception exception | test.cpp:6:5:6:26 | call to exception | exception | test.cpp:6:5:6:26 | throw ... | here | diff --git a/cpp/autosar/test/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.expected b/cpp/autosar/test/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.expected index 941771dada..2fd57c3b20 100644 --- a/cpp/autosar/test/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.expected +++ b/cpp/autosar/test/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.expected @@ -1,3 +1,12 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (ConstructorErrorLeavesObjectInInvalidState.ql:47,12-20) +WARNING: Module DataFlow has been deprecated and may be removed in future (ConstructorErrorLeavesObjectInInvalidState.ql:48,30-38) +WARNING: Module DataFlow has been deprecated and may be removed in future (ConstructorErrorLeavesObjectInInvalidState.ql:48,57-65) +WARNING: Module DataFlow has been deprecated and may be removed in future (ConstructorErrorLeavesObjectInInvalidState.ql:74,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (ConstructorErrorLeavesObjectInInvalidState.ql:74,25-33) +WARNING: Module DataFlow has been deprecated and may be removed in future (ConstructorErrorLeavesObjectInInvalidState.ql:75,7-15) +WARNING: Module DataFlow has been deprecated and may be removed in future (ConstructorErrorLeavesObjectInInvalidState.ql:130,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (ConstructorErrorLeavesObjectInInvalidState.ql:130,25-33) +WARNING: Module DataFlow has been deprecated and may be removed in future (ConstructorErrorLeavesObjectInInvalidState.ql:130,54-62) edges | test.cpp:12:16:12:27 | new [bad_alloc] | test.cpp:14:33:16:5 | { ... } [bad_alloc] | | test.cpp:13:7:13:28 | throw ... [exception] | test.cpp:14:33:16:5 | { ... } [exception] | diff --git a/cpp/autosar/test/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.expected b/cpp/autosar/test/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.expected index 5f752403dc..6babf2c883 100644 --- a/cpp/autosar/test/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.expected +++ b/cpp/autosar/test/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.expected @@ -1,3 +1,10 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (PointerToAnElementOfAnArrayPassedToASmartPointer.ql:26,67-75) +WARNING: Module DataFlow has been deprecated and may be removed in future (PointerToAnElementOfAnArrayPassedToASmartPointer.ql:27,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (PointerToAnElementOfAnArrayPassedToASmartPointer.ql:39,20-28) +WARNING: Module DataFlow has been deprecated and may be removed in future (PointerToAnElementOfAnArrayPassedToASmartPointer.ql:50,34-42) +WARNING: Module DataFlow has been deprecated and may be removed in future (PointerToAnElementOfAnArrayPassedToASmartPointer.ql:50,57-65) +WARNING: Module DataFlow has been deprecated and may be removed in future (PointerToAnElementOfAnArrayPassedToASmartPointer.ql:58,25-33) +WARNING: Module TaintTracking has been deprecated and may be removed in future (PointerToAnElementOfAnArrayPassedToASmartPointer.ql:70,3-16) edges | test.cpp:3:36:3:45 | new[] | test.cpp:19:27:19:44 | call to allocate_int_array | provenance | | | test.cpp:3:36:3:45 | new[] | test.cpp:23:12:23:29 | call to allocate_int_array | provenance | | diff --git a/cpp/autosar/test/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.expected b/cpp/autosar/test/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.expected index d9dd02c054..cf611ded5b 100644 --- a/cpp/autosar/test/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.expected +++ b/cpp/autosar/test/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.expected @@ -1,3 +1,7 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (UnnecessaryUseOfDynamicStorage.ql:55,34-42) +WARNING: Module DataFlow has been deprecated and may be removed in future (UnnecessaryUseOfDynamicStorage.ql:57,26-34) +WARNING: Module TaintTracking has been deprecated and may be removed in future (UnnecessaryUseOfDynamicStorage.ql:71,5-18) +WARNING: Module TaintTracking has been deprecated and may be removed in future (UnnecessaryUseOfDynamicStorage.ql:76,41-54) | test.cpp:17:17:17:29 | new | StructA object of size 8 bytes does not appear to outlive the function, but is created on the heap instead of the stack. | | test.cpp:21:17:21:32 | new[] | StructA[] object of size 800 bytes does not appear to outlive the function, but is created on the heap instead of the stack. | | test.cpp:35:20:35:44 | call to make_shared | StructA object of size 8 bytes does not appear to outlive the function, but is created on the heap instead of the stack. | diff --git a/cpp/autosar/test/rules/A18-9-4/ArgumentToForwardSubsequentlyUsed.expected b/cpp/autosar/test/rules/A18-9-4/ArgumentToForwardSubsequentlyUsed.expected index 1c72dd7bf3..2875a68f28 100644 --- a/cpp/autosar/test/rules/A18-9-4/ArgumentToForwardSubsequentlyUsed.expected +++ b/cpp/autosar/test/rules/A18-9-4/ArgumentToForwardSubsequentlyUsed.expected @@ -1 +1,4 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (ArgumentToForwardSubsequentlyUsed.ql:22,10-18) +WARNING: Module DataFlow has been deprecated and may be removed in future (ArgumentToForwardSubsequentlyUsed.ql:24,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (ArgumentToForwardSubsequentlyUsed.ql:24,30-38) | test.cpp:8:5:8:6 | t2 | The argument $@ of `std::forward` may be indeterminate when accessed at this location. | test.cpp:7:45:7:46 | t2 | t2 | diff --git a/cpp/autosar/test/rules/A20-8-4/SharedPointerUsedWithNoOwnershipSharing.expected b/cpp/autosar/test/rules/A20-8-4/SharedPointerUsedWithNoOwnershipSharing.expected index f15f142b3b..03406ac254 100644 --- a/cpp/autosar/test/rules/A20-8-4/SharedPointerUsedWithNoOwnershipSharing.expected +++ b/cpp/autosar/test/rules/A20-8-4/SharedPointerUsedWithNoOwnershipSharing.expected @@ -1,3 +1,4 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (SharedPointerUsedWithNoOwnershipSharing.ql:47,7-15) | test.cpp:14:24:14:26 | sp3 | The ownership of shared_ptr $@ is not shared within or passed out of the local scope of function $@. | test.cpp:14:24:14:26 | sp3 | sp3 | test.cpp:11:22:11:23 | f1 | f1 | | test.cpp:16:24:16:26 | sp5 | The ownership of shared_ptr $@ is not shared within or passed out of the local scope of function $@. | test.cpp:16:24:16:26 | sp5 | sp5 | test.cpp:11:22:11:23 | f1 | f1 | | test.cpp:17:24:17:26 | sp6 | The ownership of shared_ptr $@ is not shared within or passed out of the local scope of function $@. | test.cpp:17:24:17:26 | sp6 | sp6 | test.cpp:11:22:11:23 | f1 | f1 | diff --git a/cpp/autosar/test/rules/A27-0-4/CStyleStringsUsed.expected b/cpp/autosar/test/rules/A27-0-4/CStyleStringsUsed.expected index 6184aad74e..eaaaaac98d 100644 --- a/cpp/autosar/test/rules/A27-0-4/CStyleStringsUsed.expected +++ b/cpp/autosar/test/rules/A27-0-4/CStyleStringsUsed.expected @@ -1,3 +1,6 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (CStyleStringsUsed.ql:39,3-11) +WARNING: Module DataFlow has been deprecated and may be removed in future (CStyleStringsUsed.ql:39,23-31) +WARNING: Module DataFlow has been deprecated and may be removed in future (CStyleStringsUsed.ql:39,47-55) | test.cpp:7:20:7:27 | CodeQL | Usage of C-style string in $@. | test.cpp:7:20:7:27 | CodeQL | expression | | test.cpp:7:20:7:27 | CodeQL | Usage of C-style string in $@. | test.cpp:16:16:16:17 | a1 | expression | | test.cpp:8:22:8:26 | call to c_str | Usage of C-style string in $@. | test.cpp:8:22:8:26 | call to c_str | expression | diff --git a/cpp/autosar/test/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.expected b/cpp/autosar/test/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.expected index b47755725c..9f97a58467 100644 --- a/cpp/autosar/test/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.expected +++ b/cpp/autosar/test/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.expected @@ -1,3 +1,7 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (PointerArithmeticUsedWithPointersToNonFinalClasses.ql:45,62-70) +WARNING: Module DataFlow has been deprecated and may be removed in future (PointerArithmeticUsedWithPointersToNonFinalClasses.ql:46,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (PointerArithmeticUsedWithPointersToNonFinalClasses.ql:55,20-28) +WARNING: Module DataFlow has been deprecated and may be removed in future (PointerArithmeticUsedWithPointersToNonFinalClasses.ql:61,3-11) edges | test.cpp:10:18:10:20 | foo | test.cpp:11:23:11:25 | foo | provenance | | | test.cpp:10:18:10:20 | foo | test.cpp:11:50:11:52 | foo | provenance | | diff --git a/cpp/autosar/test/rules/A5-1-7/LambdaPassedToDecltype.expected b/cpp/autosar/test/rules/A5-1-7/LambdaPassedToDecltype.expected index 8f6447a96b..03eaab82aa 100644 --- a/cpp/autosar/test/rules/A5-1-7/LambdaPassedToDecltype.expected +++ b/cpp/autosar/test/rules/A5-1-7/LambdaPassedToDecltype.expected @@ -1 +1,7 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (LambdaPassedToDecltype.ql:20,55-63) +WARNING: Module DataFlow has been deprecated and may be removed in future (LambdaPassedToDecltype.ql:21,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (LambdaPassedToDecltype.ql:23,20-28) +WARNING: Module DataFlow has been deprecated and may be removed in future (LambdaPassedToDecltype.ql:28,44-52) +WARNING: Module DataFlow has been deprecated and may be removed in future (LambdaPassedToDecltype.ql:39,47-55) +WARNING: Module DataFlow has been deprecated and may be removed in future (LambdaPassedToDecltype.ql:40,9-17) | test.cpp:14:23:14:24 | decltype(...) | Lambda $@ passed as operand to decltype. | test.cpp:5:13:5:30 | [...](...){...} | expression | diff --git a/cpp/autosar/test/rules/A5-1-7/LambdaPassedToTypeid.expected b/cpp/autosar/test/rules/A5-1-7/LambdaPassedToTypeid.expected index 6d65a7b5d5..916b9db113 100644 --- a/cpp/autosar/test/rules/A5-1-7/LambdaPassedToTypeid.expected +++ b/cpp/autosar/test/rules/A5-1-7/LambdaPassedToTypeid.expected @@ -1,3 +1,7 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (LambdaPassedToTypeid.ql:21,50-58) +WARNING: Module DataFlow has been deprecated and may be removed in future (LambdaPassedToTypeid.ql:22,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (LambdaPassedToTypeid.ql:24,20-28) +WARNING: Module DataFlow has been deprecated and may be removed in future (LambdaPassedToTypeid.ql:27,39-47) edges | test.cpp:5:13:5:30 | [...](...){...} | test.cpp:8:38:8:39 | l1 | provenance | | | test.cpp:6:13:6:30 | [...](...){...} | test.cpp:9:38:9:39 | l2 | provenance | | diff --git a/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected b/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected index dbf223e0cf..dd499ceb57 100644 --- a/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected +++ b/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected @@ -1,3 +1,9 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (VariableMissingConstexpr.ql:64,7-15) +WARNING: Module DataFlow has been deprecated and may be removed in future (VariableMissingConstexpr.ql:79,10-18) +WARNING: Module DataFlow has been deprecated and may be removed in future (VariableMissingConstexpr.ql:79,44-52) +WARNING: Module DataFlow has been deprecated and may be removed in future (VariableMissingConstexpr.ql:80,17-25) +WARNING: Module DataFlow has been deprecated and may be removed in future (VariableMissingConstexpr.ql:81,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (VariableMissingConstexpr.ql:82,9-17) | test.cpp:4:5:4:6 | g1 | Variable g1 could be marked 'constexpr'. | | test.cpp:6:5:6:6 | g2 | Variable g2 could be marked 'constexpr'. | | test.cpp:13:14:13:15 | lc | Variable lc could be marked 'constexpr'. | diff --git a/cpp/autosar/test/rules/A7-5-1/InvalidFunctionReturnType.expected b/cpp/autosar/test/rules/A7-5-1/InvalidFunctionReturnType.expected index b6d9490803..0ab837454a 100644 --- a/cpp/autosar/test/rules/A7-5-1/InvalidFunctionReturnType.expected +++ b/cpp/autosar/test/rules/A7-5-1/InvalidFunctionReturnType.expected @@ -1,2 +1,5 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (InvalidFunctionReturnType.ql:27,3-11) +WARNING: Module DataFlow has been deprecated and may be removed in future (InvalidFunctionReturnType.ql:27,23-31) +WARNING: Module DataFlow has been deprecated and may be removed in future (InvalidFunctionReturnType.ql:27,51-59) | test.cpp:5:3:5:11 | return ... | Function test_refconst_return returns a reference or a pointer to $@ that is passed by reference to const. | test.cpp:4:44:4:44 | x | parameter | | test.cpp:8:3:8:14 | return ... | Function test_ptrconst_return returns a reference or a pointer to $@ that is passed by reference to const. | test.cpp:7:44:7:44 | x | parameter | diff --git a/cpp/autosar/test/rules/A8-4-11/SmartPointerAsParameterWithoutLifetimeSemantics.expected b/cpp/autosar/test/rules/A8-4-11/SmartPointerAsParameterWithoutLifetimeSemantics.expected index b751d81835..be4a4107fd 100644 --- a/cpp/autosar/test/rules/A8-4-11/SmartPointerAsParameterWithoutLifetimeSemantics.expected +++ b/cpp/autosar/test/rules/A8-4-11/SmartPointerAsParameterWithoutLifetimeSemantics.expected @@ -1,3 +1,5 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (SmartPointerAsParameterWithoutLifetimeSemantics.ql:47,3-11) +WARNING: Module DataFlow has been deprecated and may be removed in future (SmartPointerAsParameterWithoutLifetimeSemantics.ql:56,5-13) | test.cpp:7:41:7:43 | up1 | Function $@ takes smart pointer parameter 'up1' but does not implement any lifetime-affecting operations. | test.cpp:7:6:7:18 | smart_ptr_get | smart_ptr_get | | test.cpp:16:53:16:55 | sp1 | Function $@ takes smart pointer parameter 'sp1' but does not implement any lifetime-affecting operations. | test.cpp:16:6:16:29 | smart_ptr_ref_assign_ref | smart_ptr_ref_assign_ref | | test.cpp:28:55:28:57 | sp1 | Function $@ takes smart pointer parameter 'sp1' but does not implement any lifetime-affecting operations. | test.cpp:28:6:28:31 | smart_ptr_ref_noncompliant | smart_ptr_ref_noncompliant | diff --git a/cpp/autosar/test/rules/A8-4-12/UniquePtrPassedToFunctionWithImproperSemantics.expected b/cpp/autosar/test/rules/A8-4-12/UniquePtrPassedToFunctionWithImproperSemantics.expected index a01b93335d..b2273e66f3 100644 --- a/cpp/autosar/test/rules/A8-4-12/UniquePtrPassedToFunctionWithImproperSemantics.expected +++ b/cpp/autosar/test/rules/A8-4-12/UniquePtrPassedToFunctionWithImproperSemantics.expected @@ -1,3 +1,5 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (UniquePtrPassedToFunctionWithImproperSemantics.ql:41,3-11) +WARNING: Module DataFlow has been deprecated and may be removed in future (UniquePtrPassedToFunctionWithImproperSemantics.ql:51,5-13) | test.cpp:13:55:13:56 | v1 | Parameter of type std::unique_ptr passed as lvalue reference but not used to modify underlying object. | | test.cpp:17:47:17:48 | v1 | Parameter of type std::unique_ptr passed as lvalue reference but not used to modify underlying object. | | test.cpp:22:27:22:28 | v1 | Parameter of type std::unique_ptr passed as lvalue reference but not used to modify underlying object. | diff --git a/cpp/autosar/test/rules/A8-4-9/InOutParametersDeclaredAsTNotModified.expected b/cpp/autosar/test/rules/A8-4-9/InOutParametersDeclaredAsTNotModified.expected index e3cfa71bb7..15e513c639 100644 --- a/cpp/autosar/test/rules/A8-4-9/InOutParametersDeclaredAsTNotModified.expected +++ b/cpp/autosar/test/rules/A8-4-9/InOutParametersDeclaredAsTNotModified.expected @@ -1,3 +1,5 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (InOutParametersDeclaredAsTNotModified.ql:49,7-15) +WARNING: Module DataFlow has been deprecated and may be removed in future (InOutParametersDeclaredAsTNotModified.ql:63,7-15) | test.cpp:4:13:4:13 | i | In-out parameter i that is not written to. | | test.cpp:7:22:7:24 | str | In-out parameter str that is not read from. | | test.cpp:18:14:18:14 | i | In-out parameter i that is not read from. | diff --git a/cpp/autosar/test/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.expected b/cpp/autosar/test/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.expected index 04c1f35a45..84d7f2d7f0 100644 --- a/cpp/autosar/test/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.expected +++ b/cpp/autosar/test/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.expected @@ -1,3 +1,6 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.ql:73,3-11) +WARNING: Module DataFlow has been deprecated and may be removed in future (ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.ql:73,23-31) +WARNING: Module DataFlow has been deprecated and may be removed in future (ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.ql:73,46-54) | test.cpp:20:8:20:12 | getB2 | Member function A::getB2 $@ a non-const raw pointer or reference to a private or protected $@. | test.cpp:20:25:20:25 | b | returns | test.cpp:54:7:54:7 | b | field | | test.cpp:22:8:22:12 | getB3 | Member function A::getB3 $@ a non-const raw pointer or reference to a private or protected $@. | test.cpp:22:25:22:26 | & ... | returns | test.cpp:54:7:54:7 | b | field | | test.cpp:24:8:24:13 | getB33 | Member function A::getB33 $@ a non-const raw pointer or reference to a private or protected $@. | test.cpp:26:12:26:13 | bb | returns | test.cpp:54:7:54:7 | b | field | diff --git a/cpp/autosar/test/rules/M0-3-2/FunctionErroneousReturnValueNotTested.expected b/cpp/autosar/test/rules/M0-3-2/FunctionErroneousReturnValueNotTested.expected index 76cbcebed0..15f4e9a793 100644 --- a/cpp/autosar/test/rules/M0-3-2/FunctionErroneousReturnValueNotTested.expected +++ b/cpp/autosar/test/rules/M0-3-2/FunctionErroneousReturnValueNotTested.expected @@ -1 +1,4 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (FunctionErroneousReturnValueNotTested.ql:70,9-17) +WARNING: Module DataFlow has been deprecated and may be removed in future (FunctionErroneousReturnValueNotTested.ql:70,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (FunctionErroneousReturnValueNotTested.ql:70,53-61) | test.cpp:16:3:16:8 | call to remove | Return value is not tested for errors. | diff --git a/cpp/autosar/test/rules/M3-9-3/UnderlyingBitRepresentationsOfFloatingPointValuesUsed.expected b/cpp/autosar/test/rules/M3-9-3/UnderlyingBitRepresentationsOfFloatingPointValuesUsed.expected index 9aec2314da..2545360a7b 100644 --- a/cpp/autosar/test/rules/M3-9-3/UnderlyingBitRepresentationsOfFloatingPointValuesUsed.expected +++ b/cpp/autosar/test/rules/M3-9-3/UnderlyingBitRepresentationsOfFloatingPointValuesUsed.expected @@ -1,2 +1,5 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (UnderlyingBitRepresentationsOfFloatingPointValuesUsed.ql:27,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (UnderlyingBitRepresentationsOfFloatingPointValuesUsed.ql:36,10-18) +WARNING: Module DataFlow has been deprecated and may be removed in future (UnderlyingBitRepresentationsOfFloatingPointValuesUsed.ql:37,5-13) | test.cpp:5:3:5:20 | ... &= ... | Modification of bit-representation of float originated at $@ | test.cpp:4:24:4:60 | reinterpret_cast... | cast | | test.cpp:12:3:12:14 | ... &= ... | Modification of bit-representation of float originated at $@ | test.cpp:11:18:11:30 | (uint8_t *)... | cast | diff --git a/cpp/autosar/test/rules/M9-3-1/ConstMemberFunctionReturnsNonConstPointer.expected b/cpp/autosar/test/rules/M9-3-1/ConstMemberFunctionReturnsNonConstPointer.expected index ee9652f505..eee85d22c0 100644 --- a/cpp/autosar/test/rules/M9-3-1/ConstMemberFunctionReturnsNonConstPointer.expected +++ b/cpp/autosar/test/rules/M9-3-1/ConstMemberFunctionReturnsNonConstPointer.expected @@ -1,3 +1,5 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (ConstMemberFunctionReturnsNonConstPointer.ql:53,7-15) +WARNING: Module DataFlow has been deprecated and may be removed in future (ConstMemberFunctionReturnsNonConstPointer.ql:55,7-15) | test.cpp:8:8:8:11 | getA | Const member function returns a pointer to class data $@. | test.cpp:3:8:3:8 | a | a | | test.cpp:9:8:9:11 | getB | Const member function returns a pointer to class data $@. | test.cpp:4:8:4:8 | b | b | | test.cpp:11:6:11:12 | getThis | Const member function returns a pointer to class data $@. | test.cpp:11:36:11:39 | this | this | diff --git a/cpp/cert/test/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.expected b/cpp/cert/test/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.expected index 4e87d1436c..06abadc4fe 100644 --- a/cpp/cert/test/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.expected +++ b/cpp/cert/test/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.expected @@ -1,3 +1,12 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:97,7-15) +WARNING: Module DataFlow has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:97,27-35) +WARNING: Module DataFlow has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:98,9-17) +WARNING: Module DataFlow has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:102,9-17) +WARNING: Module DataFlow has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:102,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:103,11-19) +WARNING: Module DataFlow has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:113,35-43) +WARNING: Module DataFlow has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:114,11-19) +WARNING: Module TaintTracking has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:113,9-22) | test.cpp:8:42:8:46 | call to begin | Output iterator for $@ is not guaranteed to be large enough for the input iterator. | test.cpp:8:3:8:11 | call to copy | call to copy | | test.cpp:17:42:17:46 | call to begin | Output iterator for $@ is not guaranteed to be large enough for the input iterator. | test.cpp:17:3:17:11 | call to copy | call to copy | | test.cpp:55:42:55:46 | call to begin | Output iterator for $@ is not guaranteed to be large enough for the input iterator. | test.cpp:55:3:55:11 | call to copy | call to copy | diff --git a/cpp/cert/test/rules/CTR53-CPP/UseValidIteratorRanges.expected b/cpp/cert/test/rules/CTR53-CPP/UseValidIteratorRanges.expected index 61260a0579..5730a54b2c 100644 --- a/cpp/cert/test/rules/CTR53-CPP/UseValidIteratorRanges.expected +++ b/cpp/cert/test/rules/CTR53-CPP/UseValidIteratorRanges.expected @@ -1,3 +1,9 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (UseValidIteratorRanges.ql:23,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (UseValidIteratorRanges.ql:23,25-33) +WARNING: Module DataFlow has been deprecated and may be removed in future (UseValidIteratorRanges.ql:24,7-15) +WARNING: Module DataFlow has been deprecated and may be removed in future (UseValidIteratorRanges.ql:30,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (UseValidIteratorRanges.ql:30,25-33) +WARNING: Module DataFlow has been deprecated and may be removed in future (UseValidIteratorRanges.ql:31,7-15) | test.cpp:7:3:7:15 | call to for_each | The $@ of iterator range function does not point to the end of an iterator. | test.cpp:7:28:7:32 | call to begin | argument | | test.cpp:7:3:7:15 | call to for_each | The $@ of iterator range function does not point to the start of an iterator. | test.cpp:7:19:7:21 | call to end | argument | | test.cpp:8:3:8:15 | call to for_each | The $@ of iterator range function does not point to the end of an iterator. | test.cpp:8:30:8:34 | call to begin | argument | diff --git a/cpp/cert/test/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.expected b/cpp/cert/test/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.expected index eabb6d7515..1f97f2ca40 100644 --- a/cpp/cert/test/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.expected +++ b/cpp/cert/test/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.expected @@ -1,3 +1,7 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnPolymorphicObjects.ql:41,62-70) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnPolymorphicObjects.ql:42,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnPolymorphicObjects.ql:51,20-28) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnPolymorphicObjects.ql:57,3-11) edges | test.cpp:15:19:15:21 | foo | test.cpp:16:24:16:26 | foo | provenance | | | test.cpp:15:19:15:21 | foo | test.cpp:16:51:16:53 | foo | provenance | | diff --git a/cpp/cert/test/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.expected b/cpp/cert/test/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.expected index b432856e8b..243602e104 100644 --- a/cpp/cert/test/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.expected +++ b/cpp/cert/test/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.expected @@ -1,3 +1,27 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:24,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:24,59-67) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:27,33-41) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:27,57-65) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:31,33-41) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:31,59-67) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:40,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:40,25-33) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:40,53-61) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:43,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:43,57-65) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:52,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:52,55-63) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:59,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:59,57-65) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:71,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:71,55-63) +WARNING: Module TaintTracking has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:24,5-18) +WARNING: Module TaintTracking has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:27,7-20) +WARNING: Module TaintTracking has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:31,7-20) +WARNING: Module TaintTracking has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:43,5-18) +WARNING: Module TaintTracking has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:52,5-18) +WARNING: Module TaintTracking has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:59,5-18) +WARNING: Module TaintTracking has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:71,5-18) | test.cpp:82:3:82:4 | call to f2 | Depending on the order of evaluation for the arguments $@ and $@ for side effects on shared state is unspecified and can result in unexpected behavior. | test.cpp:82:6:82:7 | call to f5 | call to f5 | test.cpp:82:12:82:13 | call to f6 | call to f6 | | test.cpp:84:3:84:4 | call to f2 | Depending on the order of evaluation for the arguments $@ and $@ for side effects on shared state is unspecified and can result in unexpected behavior. | test.cpp:84:6:84:7 | call to f5 | call to f5 | test.cpp:84:12:84:13 | call to f7 | call to f7 | | test.cpp:87:3:87:4 | call to f2 | Depending on the order of evaluation for the arguments $@ and $@ for side effects on shared state is unspecified and can result in unexpected behavior. | test.cpp:87:9:87:10 | call to m1 | call to m1 | test.cpp:87:18:87:19 | call to m1 | call to m1 | diff --git a/cpp/cert/test/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.expected b/cpp/cert/test/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.expected index 9c6e6dd071..a3c0c08011 100644 --- a/cpp/cert/test/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.expected +++ b/cpp/cert/test/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.expected @@ -1,3 +1,7 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:19,44-52) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:20,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:22,20-28) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:27,33-41) edges | test.cpp:6:19:6:37 | new[] | test.cpp:9:12:9:13 | l1 | provenance | | | test.cpp:7:22:7:40 | new[] | test.cpp:10:12:10:13 | l2 | provenance | | diff --git a/cpp/cert/test/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.expected b/cpp/cert/test/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.expected index b7452ec199..b30e94a38e 100644 --- a/cpp/cert/test/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.expected +++ b/cpp/cert/test/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.expected @@ -1,2 +1,9 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (DetectAndHandleMemoryAllocationErrors.ql:59,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (DetectAndHandleMemoryAllocationErrors.ql:61,36-44) +WARNING: Module DataFlow has been deprecated and may be removed in future (DetectAndHandleMemoryAllocationErrors.ql:77,46-54) +WARNING: Module DataFlow has been deprecated and may be removed in future (DetectAndHandleMemoryAllocationErrors.ql:78,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (DetectAndHandleMemoryAllocationErrors.ql:82,20-28) +WARNING: Module DataFlow has been deprecated and may be removed in future (DetectAndHandleMemoryAllocationErrors.ql:85,35-43) +WARNING: Module DataFlow has been deprecated and may be removed in future (DetectAndHandleMemoryAllocationErrors.ql:90,38-46) | test.cpp:24:7:24:34 | new | nothrow new allocation of $@ returns here without a subsequent check to see whether the pointer is valid. | test.cpp:24:7:24:34 | new | StructA * | | test.cpp:40:17:40:38 | call to allocate_without_check | nothrow new allocation of $@ returns here without a subsequent check to see whether the pointer is valid. | test.cpp:35:17:35:44 | new | StructA * | diff --git a/cpp/cert/test/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.expected b/cpp/cert/test/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.expected index 0128221ffc..adabb21674 100644 --- a/cpp/cert/test/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.expected +++ b/cpp/cert/test/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.expected @@ -1,3 +1,4 @@ +WARNING: Module TaintTracking has been deprecated and may be removed in future (BadlySeededRandomNumberGenerator.ql:37,7-20) | test.cpp:9:33:9:33 | call to linear_congruential_engine | Random number generator linear_congruential_engine is default-initialized and is therefore not properly seeded. | | test.cpp:10:30:10:31 | call to linear_congruential_engine | Random number generator linear_congruential_engine is default-initialized and is therefore not properly seeded. | | test.cpp:11:21:11:22 | call to linear_congruential_engine | Random number generator linear_congruential_engine is default-initialized and is therefore not properly seeded. | From 945d67a3957819100971a6309a7489fe3238a3c2 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 14 Mar 2024 15:42:00 -0700 Subject: [PATCH 1733/2573] Add support for template base class with compiler generated copy and move constructors/operators --- .../CopyAndMoveNotDeclaredProtected.expected | 4 ++++ cpp/autosar/test/rules/A12-8-6/test.cpp | 15 +++++++++++++++ cpp/common/src/codingstandards/cpp/Class.qll | 2 -- 3 files changed, 19 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/test/rules/A12-8-6/CopyAndMoveNotDeclaredProtected.expected b/cpp/autosar/test/rules/A12-8-6/CopyAndMoveNotDeclaredProtected.expected index abbe8728a6..42e5cc0946 100644 --- a/cpp/autosar/test/rules/A12-8-6/CopyAndMoveNotDeclaredProtected.expected +++ b/cpp/autosar/test/rules/A12-8-6/CopyAndMoveNotDeclaredProtected.expected @@ -20,3 +20,7 @@ | test.cpp:109:3:109:12 | declaration of BaseClass8 | Move constructor for base class 'BaseClass8' is not declared protected or deleted. | | test.cpp:110:15:110:23 | declaration of operator= | Copy assignment operator for base class 'BaseClass8' is not declared protected or deleted. | | test.cpp:111:15:111:23 | declaration of operator= | Move constructor for base class 'BaseClass8' is not declared protected or deleted. | +| test.cpp:124:26:124:26 | declaration of BaseClass9 | Implicit copy constructor for base class 'BaseClass9' is not declared protected or deleted. | +| test.cpp:124:26:124:26 | declaration of BaseClass9 | Implicit move constructor for base class 'BaseClass9' is not declared protected or deleted. | +| test.cpp:124:26:124:26 | declaration of operator= | Implicit copy assignment operator for base class 'BaseClass9' is not declared protected or deleted. | +| test.cpp:124:26:124:26 | declaration of operator= | Implicit move assignment operator for base class 'BaseClass9' is not declared protected or deleted. | diff --git a/cpp/autosar/test/rules/A12-8-6/test.cpp b/cpp/autosar/test/rules/A12-8-6/test.cpp index 4ce65c2c51..6a31ca60ae 100644 --- a/cpp/autosar/test/rules/A12-8-6/test.cpp +++ b/cpp/autosar/test/rules/A12-8-6/test.cpp @@ -121,8 +121,23 @@ class DerivedClass9 // COMPLIANT - not a base class itself T t; }; +template class BaseClass9 { // NON_COMPLIANT + +public: + BaseClass9() {} +}; + +template +class DerivedClass10 // COMPLIANT - not a base class itself + : public BaseClass9 { +public: + DerivedClass10() {} +}; + void test() { BaseClass7 b; DerivedClass7 d; DerivedClass9 e; + BaseClass9 f; + DerivedClass10 g; } \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/Class.qll b/cpp/common/src/codingstandards/cpp/Class.qll index b967ae6365..19bec9fa5f 100644 --- a/cpp/common/src/codingstandards/cpp/Class.qll +++ b/cpp/common/src/codingstandards/cpp/Class.qll @@ -6,8 +6,6 @@ import cpp import codingstandards.cpp.Expr private Class getADerivedClass(Class c) { - not c instanceof ClassTemplateInstantiation and - not c instanceof TemplateClass and result = c.getADerivedClass() or exists(ClassTemplateInstantiation instantiation | From 1d1e41c31e40440c220b59f330100acf98b8851b Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 14 Mar 2024 16:02:56 -0700 Subject: [PATCH 1734/2573] Improve precision alert message We know explicitly mention the missing actions in the alert message. --- .../CopyAndMoveNotDeclaredProtected.ql | 28 +++++----- .../CopyAndMoveNotDeclaredProtected.expected | 52 +++++++++---------- 2 files changed, 40 insertions(+), 40 deletions(-) diff --git a/cpp/autosar/src/rules/A12-8-6/CopyAndMoveNotDeclaredProtected.ql b/cpp/autosar/src/rules/A12-8-6/CopyAndMoveNotDeclaredProtected.ql index 2be35fbe59..5200485511 100644 --- a/cpp/autosar/src/rules/A12-8-6/CopyAndMoveNotDeclaredProtected.ql +++ b/cpp/autosar/src/rules/A12-8-6/CopyAndMoveNotDeclaredProtected.ql @@ -16,49 +16,49 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.Class -predicate isInvalidConstructor(Constructor f, string constructorType) { +predicate isInvalidConstructor(Constructor f, string constructorType, string missingAction) { not f.isDeleted() and not f.isProtected() and ( f instanceof MoveConstructor and if f.isCompilerGenerated() - then constructorType = "Implicit move constructor" - else constructorType = "Move constructor" + then constructorType = "Implicit move constructor" and missingAction = "deleted" + else (constructorType = "Move constructor" and missingAction = "protected") or f instanceof CopyConstructor and if f.isCompilerGenerated() - then constructorType = "Implicit copy constructor" - else constructorType = "Copy constructor" + then constructorType = "Implicit copy constructor" and missingAction = "deleted" + else (constructorType = "Copy constructor" and missingAction = "protected") ) } -predicate isInvalidAssignment(Operator f, string operatorType) { +predicate isInvalidAssignment(Operator f, string operatorType, string missingAction) { not f.isDeleted() and ( f instanceof MoveAssignmentOperator and if f.isCompilerGenerated() - then operatorType = "Implicit move assignment operator" - else operatorType = "Move constructor" + then operatorType = "Implicit move assignment operator" and missingAction = "deleted" + else (operatorType = "Move assignment operator" and missingAction = "protected") or f instanceof CopyAssignmentOperator and if f.isCompilerGenerated() - then operatorType = "Implicit copy assignment operator" - else operatorType = "Copy assignment operator" + then operatorType = "Implicit copy assignment operator" and missingAction = "deleted" + else (operatorType = "Copy assignment operator" and missingAction = "protected") ) and not f.hasSpecifier("protected") } -from BaseClass baseClass, MemberFunction mf, string type +from BaseClass baseClass, MemberFunction mf, string type, string missingAction where not isExcluded(mf, OperatorsPackage::copyAndMoveNotDeclaredProtectedQuery()) and ( - isInvalidConstructor(mf, type) + isInvalidConstructor(mf, type, missingAction) or - isInvalidAssignment(mf, type) + isInvalidAssignment(mf, type, missingAction) ) and baseClass = mf.getDeclaringType() // To avoid duplicate alerts due to inaccurate location information in the database we don't use the location of the base class. // This for example happens if multiple copies of the same header file are present in the database. select getDeclarationEntryInClassDeclaration(mf), type + " for base class '" + baseClass.getQualifiedName() + - "' is not declared protected or deleted." + "' is not declared "+ missingAction +"." diff --git a/cpp/autosar/test/rules/A12-8-6/CopyAndMoveNotDeclaredProtected.expected b/cpp/autosar/test/rules/A12-8-6/CopyAndMoveNotDeclaredProtected.expected index 42e5cc0946..9f85da12d6 100644 --- a/cpp/autosar/test/rules/A12-8-6/CopyAndMoveNotDeclaredProtected.expected +++ b/cpp/autosar/test/rules/A12-8-6/CopyAndMoveNotDeclaredProtected.expected @@ -1,26 +1,26 @@ -| test.cpp:4:3:4:12 | declaration of BaseClass1 | Copy constructor for base class 'BaseClass1' is not declared protected or deleted. | -| test.cpp:5:3:5:12 | declaration of BaseClass1 | Move constructor for base class 'BaseClass1' is not declared protected or deleted. | -| test.cpp:6:15:6:23 | declaration of operator= | Copy assignment operator for base class 'BaseClass1' is not declared protected or deleted. | -| test.cpp:7:15:7:23 | declaration of operator= | Move constructor for base class 'BaseClass1' is not declared protected or deleted. | -| test.cpp:15:7:15:7 | declaration of operator= | Implicit copy assignment operator for base class 'BaseClass2' is not declared protected or deleted. | -| test.cpp:15:7:15:7 | declaration of operator= | Implicit move assignment operator for base class 'BaseClass2' is not declared protected or deleted. | -| test.cpp:55:3:55:12 | declaration of BaseClass5 | Copy constructor for base class 'BaseClass5' is not declared protected or deleted. | -| test.cpp:56:3:56:12 | declaration of BaseClass5 | Move constructor for base class 'BaseClass5' is not declared protected or deleted. | -| test.cpp:57:15:57:23 | declaration of operator= | Copy assignment operator for base class 'BaseClass5' is not declared protected or deleted. | -| test.cpp:58:15:58:23 | declaration of operator= | Move constructor for base class 'BaseClass5' is not declared protected or deleted. | -| test.cpp:75:3:75:12 | declaration of BaseClass6 | Copy constructor for base class 'BaseClass6' is not declared protected or deleted. | -| test.cpp:76:3:76:12 | declaration of BaseClass6 | Move constructor for base class 'BaseClass6' is not declared protected or deleted. | -| test.cpp:77:15:77:23 | declaration of operator= | Copy assignment operator for base class 'BaseClass6' is not declared protected or deleted. | -| test.cpp:78:15:78:23 | declaration of operator= | Move constructor for base class 'BaseClass6' is not declared protected or deleted. | -| test.cpp:85:3:85:12 | declaration of BaseClass7 | Copy constructor for base class 'BaseClass7' is not declared protected or deleted. | -| test.cpp:86:3:86:12 | declaration of BaseClass7 | Move constructor for base class 'BaseClass7' is not declared protected or deleted. | -| test.cpp:87:15:87:23 | declaration of operator= | Copy assignment operator for base class 'BaseClass7' is not declared protected or deleted. | -| test.cpp:88:15:88:23 | declaration of operator= | Move constructor for base class 'BaseClass7' is not declared protected or deleted. | -| test.cpp:108:3:108:12 | declaration of BaseClass8 | Copy constructor for base class 'BaseClass8' is not declared protected or deleted. | -| test.cpp:109:3:109:12 | declaration of BaseClass8 | Move constructor for base class 'BaseClass8' is not declared protected or deleted. | -| test.cpp:110:15:110:23 | declaration of operator= | Copy assignment operator for base class 'BaseClass8' is not declared protected or deleted. | -| test.cpp:111:15:111:23 | declaration of operator= | Move constructor for base class 'BaseClass8' is not declared protected or deleted. | -| test.cpp:124:26:124:26 | declaration of BaseClass9 | Implicit copy constructor for base class 'BaseClass9' is not declared protected or deleted. | -| test.cpp:124:26:124:26 | declaration of BaseClass9 | Implicit move constructor for base class 'BaseClass9' is not declared protected or deleted. | -| test.cpp:124:26:124:26 | declaration of operator= | Implicit copy assignment operator for base class 'BaseClass9' is not declared protected or deleted. | -| test.cpp:124:26:124:26 | declaration of operator= | Implicit move assignment operator for base class 'BaseClass9' is not declared protected or deleted. | +| test.cpp:4:3:4:12 | declaration of BaseClass1 | Copy constructor for base class 'BaseClass1' is not declared protected. | +| test.cpp:5:3:5:12 | declaration of BaseClass1 | Move constructor for base class 'BaseClass1' is not declared protected. | +| test.cpp:6:15:6:23 | declaration of operator= | Copy assignment operator for base class 'BaseClass1' is not declared protected. | +| test.cpp:7:15:7:23 | declaration of operator= | Move assignment operator for base class 'BaseClass1' is not declared protected. | +| test.cpp:15:7:15:7 | declaration of operator= | Implicit copy assignment operator for base class 'BaseClass2' is not declared deleted. | +| test.cpp:15:7:15:7 | declaration of operator= | Implicit move assignment operator for base class 'BaseClass2' is not declared deleted. | +| test.cpp:55:3:55:12 | declaration of BaseClass5 | Copy constructor for base class 'BaseClass5' is not declared protected. | +| test.cpp:56:3:56:12 | declaration of BaseClass5 | Move constructor for base class 'BaseClass5' is not declared protected. | +| test.cpp:57:15:57:23 | declaration of operator= | Copy assignment operator for base class 'BaseClass5' is not declared protected. | +| test.cpp:58:15:58:23 | declaration of operator= | Move assignment operator for base class 'BaseClass5' is not declared protected. | +| test.cpp:75:3:75:12 | declaration of BaseClass6 | Copy constructor for base class 'BaseClass6' is not declared protected. | +| test.cpp:76:3:76:12 | declaration of BaseClass6 | Move constructor for base class 'BaseClass6' is not declared protected. | +| test.cpp:77:15:77:23 | declaration of operator= | Copy assignment operator for base class 'BaseClass6' is not declared protected. | +| test.cpp:78:15:78:23 | declaration of operator= | Move assignment operator for base class 'BaseClass6' is not declared protected. | +| test.cpp:85:3:85:12 | declaration of BaseClass7 | Copy constructor for base class 'BaseClass7' is not declared protected. | +| test.cpp:86:3:86:12 | declaration of BaseClass7 | Move constructor for base class 'BaseClass7' is not declared protected. | +| test.cpp:87:15:87:23 | declaration of operator= | Copy assignment operator for base class 'BaseClass7' is not declared protected. | +| test.cpp:88:15:88:23 | declaration of operator= | Move assignment operator for base class 'BaseClass7' is not declared protected. | +| test.cpp:108:3:108:12 | declaration of BaseClass8 | Copy constructor for base class 'BaseClass8' is not declared protected. | +| test.cpp:109:3:109:12 | declaration of BaseClass8 | Move constructor for base class 'BaseClass8' is not declared protected. | +| test.cpp:110:15:110:23 | declaration of operator= | Copy assignment operator for base class 'BaseClass8' is not declared protected. | +| test.cpp:111:15:111:23 | declaration of operator= | Move assignment operator for base class 'BaseClass8' is not declared protected. | +| test.cpp:124:26:124:26 | declaration of BaseClass9 | Implicit copy constructor for base class 'BaseClass9' is not declared deleted. | +| test.cpp:124:26:124:26 | declaration of BaseClass9 | Implicit move constructor for base class 'BaseClass9' is not declared deleted. | +| test.cpp:124:26:124:26 | declaration of operator= | Implicit copy assignment operator for base class 'BaseClass9' is not declared deleted. | +| test.cpp:124:26:124:26 | declaration of operator= | Implicit move assignment operator for base class 'BaseClass9' is not declared deleted. | From c90927b7e440e0bc15f5d84cbe4b9dfd535df880 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 14 Mar 2024 16:09:32 -0700 Subject: [PATCH 1735/2573] Force creation of release tag To prevent failure of the whole workflow when a tag already exists, we force the creation. --- .github/workflows/finalize-release.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index 89a24a3ae6..fc216d3ee0 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -55,8 +55,8 @@ jobs: version=${BASE_REF#rc/} echo "Creating release tag v$version" - git tag -a v$version -m "Release v$version" - git push -f origin v$version + git tag -f -a v$version -m "Release v$version" + git push --force-with-lease origin v$version - name: Finalize release env: From 8c8a2e2555bd7782ac087b68114cc82391402418 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 14 Mar 2024 16:42:20 -0700 Subject: [PATCH 1736/2573] Bump to the correct next semantic version --- .github/workflows/finalize-release.yml | 2 +- scripts/release/next-version.py | 28 ++++++++++++++++++++++++++ 2 files changed, 29 insertions(+), 1 deletion(-) create mode 100644 scripts/release/next-version.py diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index fc216d3ee0..5c5ce04a29 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -78,7 +78,7 @@ jobs: GH_TOKEN: ${{ github.token }} run: | version=${BASE_REF#rc/} - next_version="$version-dev" + next_version=$(python scripts/release/next-version.py --component minor --pre-release dev -- $version) echo "Bumping main version to $next_version" git switch main diff --git a/scripts/release/next-version.py b/scripts/release/next-version.py new file mode 100644 index 0000000000..548371f0d9 --- /dev/null +++ b/scripts/release/next-version.py @@ -0,0 +1,28 @@ +from semantic_version import Version +import argparse + +parser = argparse.ArgumentParser(description='Prints the next release version') +parser.add_argument('-c', '--component', default="minor", help='The component to increment (major, minor, patch)') +parser.add_argument('-p', '--pre-release', nargs='*', help='The pre-release label(s) (e.g. alpha, dev). Multiple labels can be specified so separate the options and the version using `--`!') +parser.add_argument('-b', '--build', nargs='*', help='The build identifier(s). Multiple identifiers can be specified so separate the options and the version using `--`!') +parser.add_argument('current_version', type=Version, help='The current version') + +if __name__ == "__main__": + args = parser.parse_args() + version : Version = args.current_version + next_version = None + if args.component== "major": + next_version = version.next_major() + elif args.component == "minor": + next_version = version.next_minor() + elif args.component == "patch": + next_version = version.next_patch() + else: + raise ValueError(f"Invalid release type: {args.release_type}") + + if args.pre_release: + next_version.prerelease = args.pre_release + if args.build: + next_version.build = args.build + + print(next_version) \ No newline at end of file From 759de8254bc4a09f8ef0fd55379fd361818034aa Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 14 Mar 2024 16:47:23 -0700 Subject: [PATCH 1737/2573] Force push tag --- .github/workflows/finalize-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index 5c5ce04a29..e5b8d15b64 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -56,7 +56,7 @@ jobs: echo "Creating release tag v$version" git tag -f -a v$version -m "Release v$version" - git push --force-with-lease origin v$version + git push --force origin v$version - name: Finalize release env: From 486000ea7a4645373adb54d81b167bdd3e7075cb Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 14 Mar 2024 17:31:05 -0700 Subject: [PATCH 1738/2573] Add support for running tools from different ref When you manually have to run this workflow updates to the tooling cannot be used without updating the release branch. To workaround this, we support a split between the release on which we act and the tooling we use. --- .github/workflows/finalize-release.yml | 45 ++++++++++++++++++++------ 1 file changed, 36 insertions(+), 9 deletions(-) diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index e5b8d15b64..ca91b249f5 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -9,8 +9,12 @@ on: inputs: ref: description: | - The release branch to finalize. + The ref of release to finalize (e.g., 'rc/MAJOR.MINOR.PATCH'). required: true + tool-ref: + description: | + The ref to the tooling to use for the finalize (e.g., 'rc/MAJOR.MINOR.PATCH'). + required: false jobs: finalize-release: @@ -20,14 +24,17 @@ jobs: - name: Determine ref env: REF_FROM_INPUT: ${{ inputs.ref }} + TOOL_REF_FROM_INPUT: ${{ inputs.tool-ref }} REF_FROM_PR: ${{ github.event.pull_request.merge_commit_sha }} BASE_REF_FROM_PR: ${{ github.event.pull_request.base.ref }} run: | if [[ $GITHUB_EVENT_NAME == "workflow_dispatch" ]]; then echo "REF=$REF_FROM_INPUT" >> "$GITHUB_ENV" + echo "TOOL_REF=$TOOL_REF_FROM_INPUT" >> "$GITHUB_ENV" echo "BASE_REF=$REF_FROM_INPUT" >> "$GITHUB_ENV" else echo "REF=$REF_FROM_PR" >> "$GITHUB_ENV" + echo "TOOL_REF=$REF_FROM_PR" >> "$GITHUB_ENV" echo "BASE_REF=$BASE_REF_FROM_PR" >> "$GITHUB_ENV" fi @@ -36,6 +43,13 @@ jobs: with: ref: ${{ env.REF }} fetch-depth: 0 + path: release + + - name: Checkout + uses: actions/checkout@v4 + with: + ref: ${{ env.TOOL_REF }} + path: tooling - name: Install Python uses: actions/setup-python@v4 @@ -44,11 +58,13 @@ jobs: - name: Install dependencies run: pip install -r scripts/release/requirements.txt + working-directory: tooling - name: Configure git run: | git config user.name "$GITHUB_ACTOR" git config user.email "$GITHUB_ACTOR@users.noreply.github.com" + working-directory: release - name: Update release tag run: | @@ -57,6 +73,7 @@ jobs: git tag -f -a v$version -m "Release v$version" git push --force origin v$version + working-directory: release - name: Finalize release env: @@ -66,30 +83,40 @@ jobs: echo "Finalizing release v$version" gh release edit "v$version" --draft=false --tag=v$version + working-directory: release - name: Determine if release was a hotfix release run: | version=${BASE_REF#rc/} - echo "HOTFIX_RELEASE=$(python scripts/release/is-hotfix-release.py $version)" >> "$GITHUB_ENV" + # We are running the script in the tooling directory with the release directory as the working directory + echo "HOTFIX_RELEASE=$(python ../tooling/scripts/release/is-hotfix-release.py $version)" >> "$GITHUB_ENV" + working-directory: release + + - name: Determine next release version + if: env.HOTFIX_RELEASE == 'false' + run: | + version=${BASE_REF#rc/} + next_version=$(python scripts/release/next-version.py --component minor --pre-release dev -- $version) + echo "NEXT_VERSION=$next_version" >> "$GITHUB_ENV" + working-directory: tooling - name: Bump main version - if: env.HOTFIX_RELEASE == 'false' env: GH_TOKEN: ${{ github.token }} run: | - version=${BASE_REF#rc/} - next_version=$(python scripts/release/next-version.py --component minor --pre-release dev -- $version) - echo "Bumping main version to $next_version" + echo "Bumping main version to $NEXT_VERSION" git switch main git pull --ff-only origin main git switch -c release-automation/bump-version - ./scripts/release/bump-version.sh "$next_version" + # We are running the script in the tooling directory with the release directory as the working directory + ../tooling/scripts/release/bump-version.sh "$NEXT_VERSION" git add -u . - git commit -m "Bump version to $next_version" + git commit -m "Bump version to $NEXT_VERSION" git push --set-upstream origin release-automation/bump-version - gh pr create --repo $GITHUB_REPOSITORY --base main --head release-automation/bump-version --body "Bump the version of main to the dev label of the just released version $next_version" --title "Bump version to $next_version" + gh pr create --repo $GITHUB_REPOSITORY --base main --head release-automation/bump-version --body "Bump the version of main to $NEXT_VERSION" --title "Bump version to $NEXT_VERSION" + working-directory: release From b214af4b6d8caaaf05ee8c4e000cecf6987e3908 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 15 Mar 2024 08:51:40 -0700 Subject: [PATCH 1739/2573] Format query --- .../CopyAndMoveNotDeclaredProtected.ql | 20 +++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/cpp/autosar/src/rules/A12-8-6/CopyAndMoveNotDeclaredProtected.ql b/cpp/autosar/src/rules/A12-8-6/CopyAndMoveNotDeclaredProtected.ql index 5200485511..7507eb1d7c 100644 --- a/cpp/autosar/src/rules/A12-8-6/CopyAndMoveNotDeclaredProtected.ql +++ b/cpp/autosar/src/rules/A12-8-6/CopyAndMoveNotDeclaredProtected.ql @@ -23,12 +23,16 @@ predicate isInvalidConstructor(Constructor f, string constructorType, string mis f instanceof MoveConstructor and if f.isCompilerGenerated() then constructorType = "Implicit move constructor" and missingAction = "deleted" - else (constructorType = "Move constructor" and missingAction = "protected") + else ( + constructorType = "Move constructor" and missingAction = "protected" + ) or f instanceof CopyConstructor and if f.isCompilerGenerated() then constructorType = "Implicit copy constructor" and missingAction = "deleted" - else (constructorType = "Copy constructor" and missingAction = "protected") + else ( + constructorType = "Copy constructor" and missingAction = "protected" + ) ) } @@ -38,12 +42,16 @@ predicate isInvalidAssignment(Operator f, string operatorType, string missingAct f instanceof MoveAssignmentOperator and if f.isCompilerGenerated() then operatorType = "Implicit move assignment operator" and missingAction = "deleted" - else (operatorType = "Move assignment operator" and missingAction = "protected") + else ( + operatorType = "Move assignment operator" and missingAction = "protected" + ) or f instanceof CopyAssignmentOperator and if f.isCompilerGenerated() then operatorType = "Implicit copy assignment operator" and missingAction = "deleted" - else (operatorType = "Copy assignment operator" and missingAction = "protected") + else ( + operatorType = "Copy assignment operator" and missingAction = "protected" + ) ) and not f.hasSpecifier("protected") } @@ -60,5 +68,5 @@ where // To avoid duplicate alerts due to inaccurate location information in the database we don't use the location of the base class. // This for example happens if multiple copies of the same header file are present in the database. select getDeclarationEntryInClassDeclaration(mf), - type + " for base class '" + baseClass.getQualifiedName() + - "' is not declared "+ missingAction +"." + type + " for base class '" + baseClass.getQualifiedName() + "' is not declared " + missingAction + + "." From bb149561f6e645b5b2b6c59409d82a8c0e803b6c Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 19 Mar 2024 15:52:45 -0400 Subject: [PATCH 1740/2573] Fix 97: missing testcases --- cpp/autosar/test/rules/A3-3-1/test.cpp | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A3-3-1/test.cpp b/cpp/autosar/test/rules/A3-3-1/test.cpp index 194b06329c..992399f4c6 100644 --- a/cpp/autosar/test/rules/A3-3-1/test.cpp +++ b/cpp/autosar/test/rules/A3-3-1/test.cpp @@ -35,4 +35,8 @@ namespace n { void f5() { // COMPLIANT int i = 0; } -} // namespace n \ No newline at end of file +} // namespace n + +const int c = 1; // COMPLIANT - internal linkage +const char *const str2 = "foo"; // COMPLIANT - internal linkage +constexpr int k = 1; // COMPLIANT - internal linkage \ No newline at end of file From 455f39c75c3d1dd77eeb7b823d9d92601223a00e Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 19 Mar 2024 16:00:13 -0400 Subject: [PATCH 1741/2573] A3-3-1: Improve alert msg --- change_notes/2024-03-19-change-alert-a3-3-1.md | 2 ++ .../A3-3-1/ExternalLinkageNotDeclaredInHeaderFile.ql | 2 +- .../ExternalLinkageNotDeclaredInHeaderFile.expected | 12 ++++++------ 3 files changed, 9 insertions(+), 7 deletions(-) create mode 100644 change_notes/2024-03-19-change-alert-a3-3-1.md diff --git a/change_notes/2024-03-19-change-alert-a3-3-1.md b/change_notes/2024-03-19-change-alert-a3-3-1.md new file mode 100644 index 0000000000..f0cceccfed --- /dev/null +++ b/change_notes/2024-03-19-change-alert-a3-3-1.md @@ -0,0 +1,2 @@ +- `A3-3-1` - `ExternalLinkageNotDeclaredInHeaderFile.ql`: + - Adjust the alert message to comply with the style guide. \ No newline at end of file diff --git a/cpp/autosar/src/rules/A3-3-1/ExternalLinkageNotDeclaredInHeaderFile.ql b/cpp/autosar/src/rules/A3-3-1/ExternalLinkageNotDeclaredInHeaderFile.ql index e7bff9ef71..06c6ad517c 100644 --- a/cpp/autosar/src/rules/A3-3-1/ExternalLinkageNotDeclaredInHeaderFile.ql +++ b/cpp/autosar/src/rules/A3-3-1/ExternalLinkageNotDeclaredInHeaderFile.ql @@ -38,4 +38,4 @@ where // Main functions are an exception to the rule not de.getDeclaration() instanceof MainFunction and if de.getDeclaration() instanceof Function then kind = "function" else kind = "object" -select de, "Externally linked " + kind + " " + de.getName() + " not declared in header file." +select de, "Externally linked " + kind + " '" + de.getName() + "' not declared in header file." diff --git a/cpp/autosar/test/rules/A3-3-1/ExternalLinkageNotDeclaredInHeaderFile.expected b/cpp/autosar/test/rules/A3-3-1/ExternalLinkageNotDeclaredInHeaderFile.expected index 8ec684e14c..e5657e9eec 100644 --- a/cpp/autosar/test/rules/A3-3-1/ExternalLinkageNotDeclaredInHeaderFile.expected +++ b/cpp/autosar/test/rules/A3-3-1/ExternalLinkageNotDeclaredInHeaderFile.expected @@ -1,6 +1,6 @@ -| test.cpp:3:5:3:6 | definition of g1 | Externally linked object g1 not declared in header file. | -| test.cpp:4:12:4:13 | declaration of g2 | Externally linked object g2 not declared in header file. | -| test.cpp:10:5:10:6 | definition of l1 | Externally linked object l1 not declared in header file. | -| test.cpp:11:6:11:7 | definition of f1 | Externally linked function f1 not declared in header file. | -| test.cpp:22:5:22:5 | definition of f | Externally linked function f not declared in header file. | -| test.cpp:25:5:25:6 | declaration of f1 | Externally linked function f1 not declared in header file. | +| test.cpp:3:5:3:6 | definition of g1 | Externally linked object 'g1' not declared in header file. | +| test.cpp:4:12:4:13 | declaration of g2 | Externally linked object 'g2' not declared in header file. | +| test.cpp:10:5:10:6 | definition of l1 | Externally linked object 'l1' not declared in header file. | +| test.cpp:11:6:11:7 | definition of f1 | Externally linked function 'f1' not declared in header file. | +| test.cpp:22:5:22:5 | definition of f | Externally linked function 'f' not declared in header file. | +| test.cpp:25:5:25:6 | declaration of f1 | Externally linked function 'f1' not declared in header file. | From fbe1aabfb7364806d28b7b50ff6631556d4103d8 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Fri, 22 Mar 2024 10:25:18 -0400 Subject: [PATCH 1742/2573] CTR55-CPP: improve end check logic for iterators --- change_notes/2024-03-22-fix-fp-ctr55-cpp.md | 2 + ...GenericCppLibraryFunctionsDoNotOverflow.ql | 11 +--- .../DoNotUseAnAdditiveOperatorOnAnIterator.ql | 51 +++++++++++++------ cpp/cert/test/rules/CTR55-CPP/test.cpp | 15 ++++++ .../src/codingstandards/cpp/Iterators.qll | 27 ++++++++-- 5 files changed, 78 insertions(+), 28 deletions(-) create mode 100644 change_notes/2024-03-22-fix-fp-ctr55-cpp.md diff --git a/change_notes/2024-03-22-fix-fp-ctr55-cpp.md b/change_notes/2024-03-22-fix-fp-ctr55-cpp.md new file mode 100644 index 0000000000..9b30304d29 --- /dev/null +++ b/change_notes/2024-03-22-fix-fp-ctr55-cpp.md @@ -0,0 +1,2 @@ +- `CTR55-CPP` - `DoNotUseAnAdditiveOperatorOnAnIterator.ql`: + - Address reported FP in #374. Improve logic on valid end checks on iterators. \ No newline at end of file diff --git a/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql b/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql index 720880dbe4..81211c382a 100644 --- a/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql +++ b/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql @@ -80,16 +80,7 @@ where iteratorCreationCall = outputContainer.getAnIteratorFunctionCall() and iteratorCreationCall = c.getOutputIteratorSource() | - // Guarded by a bounds check that ensures our destination is larger than "some" value - exists( - GuardCondition guard, ContainerAccessWithoutRangeCheck::ContainerSizeCall sizeCall, - boolean branch - | - globalValueNumber(sizeCall.getQualifier()) = - globalValueNumber(iteratorCreationCall.getQualifier()) and - guard.controls(c.getBasicBlock(), branch) and - relOpWithSwapAndNegate(guard, sizeCall, _, Greater(), _, branch) - ) + size_compare_bounds_checked(iteratorCreationCall, c) or // Container created with sufficient size for the input exists(ContainerAccessWithoutRangeCheck::ContainerConstructorCall outputIteratorConstructor | diff --git a/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql b/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql index 8f2aec6e7d..878757ed0a 100644 --- a/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql +++ b/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql @@ -15,23 +15,44 @@ import cpp import codingstandards.cpp.cert import codingstandards.cpp.Iterators -from ContainerIteratorAccess it +/** + * any `.size()` check above our access + */ +predicate size_checked_above(ContainerIteratorAccess it, IteratorSource source) { + exists(STLContainer c, FunctionCall guardCall | + c.getACallToSize() = guardCall and + guardCall = it.getAPredecessor*() and + //make sure its the same container providing its size as giving the iterator + globalValueNumber(guardCall.getQualifier()) = globalValueNumber(source.getQualifier()) and + // and the size call we match must be after the assignment call + source.getASuccessor*() = guardCall + ) +} + +/** + * some loop check exists like: `iterator != end` + * where a relevant`.end()` call flowed into end + */ +predicate valid_end_bound_check(ContainerIteratorAccess it, IteratorSource source) { + exists(STLContainer c, Loop l, ContainerIteratorAccess otherAccess, IteratorSource end | + end = c.getAnIteratorEndFunctionCall() and + //flow exists between end() and the loop condition + DataFlow::localFlow(DataFlow::exprNode(end), DataFlow::exprNode(l.getCondition().getAChild())) and + l.getCondition().getAChild() = otherAccess and + //make sure its the same iterator being checked as incremented + otherAccess.getOwningContainer() = it.getOwningContainer() and + //make sure its the same container providing its end as giving the iterator + globalValueNumber(end.getQualifier()) = globalValueNumber(source.getQualifier()) + ) +} + +from ContainerIteratorAccess it, IteratorSource source where not isExcluded(it, IteratorsPackage::doNotUseAnAdditiveOperatorOnAnIteratorQuery()) and it.isAdditiveOperation() and not exists(RangeBasedForStmt fs | fs.getUpdate().getAChild*() = it) and - // we get the neraby assignment - not exists(STLContainer c, FunctionCall nearbyAssigningIteratorCall, FunctionCall guardCall | - nearbyAssigningIteratorCall = it.getANearbyAssigningIteratorCall() and - // we look for calls to size or end - (guardCall = c.getACallToSize() or guardCall = c.getAnIteratorEndFunctionCall()) and - // such that the call to size is before this - // access - guardCall = it.getAPredecessor*() and - // and it uses the same qualifier as the one we were just assigned - nearbyAssigningIteratorCall.getQualifier().(VariableAccess).getTarget() = - guardCall.getQualifier().(VariableAccess).getTarget() and - // and the size call we match must be after the assignment call - nearbyAssigningIteratorCall.getASuccessor*() = guardCall - ) + source = it.getANearbyAssigningIteratorCall() and + not size_compare_bounds_checked(source, it) and + not valid_end_bound_check(it, source) and + not size_checked_above(it, source) select it, "Increment of iterator may overflow since its bounds are not checked." diff --git a/cpp/cert/test/rules/CTR55-CPP/test.cpp b/cpp/cert/test/rules/CTR55-CPP/test.cpp index d80e8cfab9..7f12beae61 100644 --- a/cpp/cert/test/rules/CTR55-CPP/test.cpp +++ b/cpp/cert/test/rules/CTR55-CPP/test.cpp @@ -26,4 +26,19 @@ void f1(std::vector &v) { for (auto i = v.begin();; ++i) { // NON_COMPLIANT } +} + +void test_fp_reported_in_374(std::vector &v) { + { + auto end = v.end(); + for (auto i = v.begin(); i != end; ++i) { // COMPLIANT + } + } + + { + auto end2 = v.end(); + end2++; // NON_COMPLIANT[FALSE_NEGATIVE] + for (auto i = v.begin(); i != end2; ++i) { // NON_COMPLIANT[FALSE_NEGATIVE] + } + } } \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/Iterators.qll b/cpp/common/src/codingstandards/cpp/Iterators.qll index 593da544ea..6bf35c35f2 100644 --- a/cpp/common/src/codingstandards/cpp/Iterators.qll +++ b/cpp/common/src/codingstandards/cpp/Iterators.qll @@ -6,6 +6,10 @@ import cpp import codingstandards.cpp.dataflow.DataFlow import codingstandards.cpp.dataflow.TaintTracking import codingstandards.cpp.StdNamespace +import codingstandards.cpp.rules.containeraccesswithoutrangecheck.ContainerAccessWithoutRangeCheck as ContainerAccessWithoutRangeCheck +import semmle.code.cpp.controlflow.Guards +import semmle.code.cpp.valuenumbering.GlobalValueNumbering +import semmle.code.cpp.rangeanalysis.RangeAnalysisUtils abstract class ContainerAccess extends VariableAccess { abstract Variable getOwningContainer(); @@ -63,9 +67,11 @@ class ContainerIteratorAccess extends ContainerAccess { ) } - // get a function call to cbegin/begin that - // assigns its value to the iterator represented by this - // access + /** + * gets a function call to cbegin/begin that + * assigns its value to the iterator represented by this + * access + */ FunctionCall getANearbyAssigningIteratorCall() { // the underlying container for this variable is one wherein // there is an assigned value of cbegin/cend @@ -462,3 +468,18 @@ ControlFlowNode getANonInvalidatedSuccessor(ContainerInvalidationOperation op) { not result instanceof ContainerInvalidationOperation ) } + +/** + * Guarded by a bounds check that ensures our destination is larger than "some" value + */ +predicate size_compare_bounds_checked(IteratorSource iteratorCreationCall, Expr guarded) { + exists( + GuardCondition guard, ContainerAccessWithoutRangeCheck::ContainerSizeCall sizeCall, + boolean branch + | + globalValueNumber(sizeCall.getQualifier()) = + globalValueNumber(iteratorCreationCall.getQualifier()) and + guard.controls(guarded.getBasicBlock(), branch) and + relOpWithSwapAndNegate(guard, sizeCall, _, Greater(), _, branch) + ) +} From 75ba9abcd293ca25599322ad9a0bc1500efa87b3 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Fri, 22 Mar 2024 16:04:53 -0400 Subject: [PATCH 1743/2573] A8-4-7: fix type size rounding error --- change_notes/2024-03-22-fix-fp-89-a8-4-7.md | 2 ++ .../src/rules/A8-4-7/TriviallyCopyableSmallType.qll | 2 +- cpp/autosar/test/rules/A8-4-7/test.cpp | 12 +++++++++++- 3 files changed, 14 insertions(+), 2 deletions(-) create mode 100644 change_notes/2024-03-22-fix-fp-89-a8-4-7.md diff --git a/change_notes/2024-03-22-fix-fp-89-a8-4-7.md b/change_notes/2024-03-22-fix-fp-89-a8-4-7.md new file mode 100644 index 0000000000..755bdbd2b5 --- /dev/null +++ b/change_notes/2024-03-22-fix-fp-89-a8-4-7.md @@ -0,0 +1,2 @@ +- `A8-4-7` - `InParametersForCheapToCopyTypesNotPassedByValue.ql`, `InParametersForCheapToCopyTypesNotPassedByReference.ql`: + - Fixes #89. Accidental floor rounding was applying to type size calculations. \ No newline at end of file diff --git a/cpp/autosar/src/rules/A8-4-7/TriviallyCopyableSmallType.qll b/cpp/autosar/src/rules/A8-4-7/TriviallyCopyableSmallType.qll index 4746bb9d79..588aef8017 100644 --- a/cpp/autosar/src/rules/A8-4-7/TriviallyCopyableSmallType.qll +++ b/cpp/autosar/src/rules/A8-4-7/TriviallyCopyableSmallType.qll @@ -12,7 +12,7 @@ int wordSize() { result = max(VoidPointerType v | | v.getSize()) } * Converts bytes to words */ bindingset[bytes] -int bytesToWords(int bytes) { result = bytes / wordSize() } +float bytesToWords(float bytes) { result = bytes / wordSize() } class TriviallyCopyableSmallType extends Type { TriviallyCopyableSmallType() { diff --git a/cpp/autosar/test/rules/A8-4-7/test.cpp b/cpp/autosar/test/rules/A8-4-7/test.cpp index aa0c3b3e02..48b574805e 100644 --- a/cpp/autosar/test/rules/A8-4-7/test.cpp +++ b/cpp/autosar/test/rules/A8-4-7/test.cpp @@ -68,4 +68,14 @@ struct S5 { void f15(S3 f15a) {} // COMPLIANT void f17(S4 f17a) {} // NON_COMPLIANT (S4 has a non-trivial destructor) -void f18(S5 f18a) {} // COMPLIANT \ No newline at end of file +void f18(S5 f18a) {} // COMPLIANT + +#include +class A8_4_7 { +public: + std::array values; +}; +void fp_reported_in_82( + const A8_4_7 &a847) noexcept { // COMPLIANT - larger than 2 words + std::cout << a847.values[0] << std::endl; +} \ No newline at end of file From adbcd3f83db47f9ec17f427ba3c6e8d219ca1195 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Mon, 25 Mar 2024 11:24:39 -0400 Subject: [PATCH 1744/2573] CTR55-CPP: address review comments --- ...GenericCppLibraryFunctionsDoNotOverflow.ql | 2 +- .../DoNotUseAnAdditiveOperatorOnAnIterator.ql | 34 +++++++++++-------- .../src/codingstandards/cpp/Iterators.qll | 2 +- 3 files changed, 22 insertions(+), 16 deletions(-) diff --git a/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql b/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql index 81211c382a..dc53b7a6d0 100644 --- a/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql +++ b/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql @@ -80,7 +80,7 @@ where iteratorCreationCall = outputContainer.getAnIteratorFunctionCall() and iteratorCreationCall = c.getOutputIteratorSource() | - size_compare_bounds_checked(iteratorCreationCall, c) + sizeCompareBoundsChecked(iteratorCreationCall, c) or // Container created with sufficient size for the input exists(ContainerAccessWithoutRangeCheck::ContainerConstructorCall outputIteratorConstructor | diff --git a/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql b/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql index 878757ed0a..dfc5b2795a 100644 --- a/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql +++ b/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql @@ -14,14 +14,14 @@ import cpp import codingstandards.cpp.cert import codingstandards.cpp.Iterators +import semmle.code.cpp.controlflow.Dominance /** * any `.size()` check above our access */ -predicate size_checked_above(ContainerIteratorAccess it, IteratorSource source) { - exists(STLContainer c, FunctionCall guardCall | - c.getACallToSize() = guardCall and - guardCall = it.getAPredecessor*() and +predicate sizeCheckedAbove(ContainerIteratorAccess it, IteratorSource source) { + exists(ContainerAccessWithoutRangeCheck::ContainerSizeCall guardCall | + strictlyDominates(guardCall, it) and //make sure its the same container providing its size as giving the iterator globalValueNumber(guardCall.getQualifier()) = globalValueNumber(source.getQualifier()) and // and the size call we match must be after the assignment call @@ -30,16 +30,22 @@ predicate size_checked_above(ContainerIteratorAccess it, IteratorSource source) } /** - * some loop check exists like: `iterator != end` + * some guard exists like: `iterator != end` * where a relevant`.end()` call flowed into end */ -predicate valid_end_bound_check(ContainerIteratorAccess it, IteratorSource source) { - exists(STLContainer c, Loop l, ContainerIteratorAccess otherAccess, IteratorSource end | +predicate validEndBoundCheck(ContainerIteratorAccess it, IteratorSource source) { + exists( + STLContainer c, BasicBlock b, GuardCondition l, ContainerIteratorAccess otherAccess, + IteratorSource end + | end = c.getAnIteratorEndFunctionCall() and - //flow exists between end() and the loop condition - DataFlow::localFlow(DataFlow::exprNode(end), DataFlow::exprNode(l.getCondition().getAChild())) and - l.getCondition().getAChild() = otherAccess and - //make sure its the same iterator being checked as incremented + //guard controls the access + l.controls(b, _) and + b.contains(it) and + //guard is comprised of (anything flowing to) end check and an iterator access + DataFlow::localFlow(DataFlow::exprNode(end), DataFlow::exprNode(l.getChild(_))) and + l.getChild(_) = otherAccess and + //make sure its the same iterator being checked in the guard as accessed otherAccess.getOwningContainer() = it.getOwningContainer() and //make sure its the same container providing its end as giving the iterator globalValueNumber(end.getQualifier()) = globalValueNumber(source.getQualifier()) @@ -52,7 +58,7 @@ where it.isAdditiveOperation() and not exists(RangeBasedForStmt fs | fs.getUpdate().getAChild*() = it) and source = it.getANearbyAssigningIteratorCall() and - not size_compare_bounds_checked(source, it) and - not valid_end_bound_check(it, source) and - not size_checked_above(it, source) + not sizeCompareBoundsChecked(source, it) and + not validEndBoundCheck(it, source) and + not sizeCheckedAbove(it, source) select it, "Increment of iterator may overflow since its bounds are not checked." diff --git a/cpp/common/src/codingstandards/cpp/Iterators.qll b/cpp/common/src/codingstandards/cpp/Iterators.qll index 6bf35c35f2..1b5199a806 100644 --- a/cpp/common/src/codingstandards/cpp/Iterators.qll +++ b/cpp/common/src/codingstandards/cpp/Iterators.qll @@ -472,7 +472,7 @@ ControlFlowNode getANonInvalidatedSuccessor(ContainerInvalidationOperation op) { /** * Guarded by a bounds check that ensures our destination is larger than "some" value */ -predicate size_compare_bounds_checked(IteratorSource iteratorCreationCall, Expr guarded) { +predicate sizeCompareBoundsChecked(IteratorSource iteratorCreationCall, Expr guarded) { exists( GuardCondition guard, ContainerAccessWithoutRangeCheck::ContainerSizeCall sizeCall, boolean branch From 4f7523cae25b0511dd45227b043bf725775fb541 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Mon, 25 Mar 2024 14:39:29 -0400 Subject: [PATCH 1745/2573] CTR55-CPP: generalize end check --- .../DoNotUseAnAdditiveOperatorOnAnIterator.ql | 5 ++--- .../ContainerAccessWithoutRangeCheck.qll | 10 ++++++++++ 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql b/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql index dfc5b2795a..163df94fb8 100644 --- a/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql +++ b/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql @@ -35,10 +35,9 @@ predicate sizeCheckedAbove(ContainerIteratorAccess it, IteratorSource source) { */ predicate validEndBoundCheck(ContainerIteratorAccess it, IteratorSource source) { exists( - STLContainer c, BasicBlock b, GuardCondition l, ContainerIteratorAccess otherAccess, - IteratorSource end + ContainerAccessWithoutRangeCheck::ContainerEndCall end, BasicBlock b, GuardCondition l, + ContainerIteratorAccess otherAccess | - end = c.getAnIteratorEndFunctionCall() and //guard controls the access l.controls(b, _) and b.contains(it) and diff --git a/cpp/common/src/codingstandards/cpp/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.qll b/cpp/common/src/codingstandards/cpp/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.qll index a3dabedd5a..0784aa9e86 100644 --- a/cpp/common/src/codingstandards/cpp/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.qll +++ b/cpp/common/src/codingstandards/cpp/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.qll @@ -85,6 +85,16 @@ class ContainerEmptyCall extends FunctionCall { } } +/** + * A call to either `end()` on a container. + */ +class ContainerEndCall extends FunctionCall { + ContainerEndCall() { + getTarget().getDeclaringType() instanceof ContainerType and + getTarget().getName() = "end" + } +} + /** * A call to either `size()` or `length()` on a container. */ From bd07f27142ab316fa9363d197eec2c24b3bffa65 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Mon, 25 Mar 2024 14:58:29 -0400 Subject: [PATCH 1746/2573] Update cpp/autosar/src/rules/A8-4-7/TriviallyCopyableSmallType.qll Co-authored-by: Remco Vermeulen --- cpp/autosar/src/rules/A8-4-7/TriviallyCopyableSmallType.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/src/rules/A8-4-7/TriviallyCopyableSmallType.qll b/cpp/autosar/src/rules/A8-4-7/TriviallyCopyableSmallType.qll index 588aef8017..f06da410c4 100644 --- a/cpp/autosar/src/rules/A8-4-7/TriviallyCopyableSmallType.qll +++ b/cpp/autosar/src/rules/A8-4-7/TriviallyCopyableSmallType.qll @@ -12,7 +12,7 @@ int wordSize() { result = max(VoidPointerType v | | v.getSize()) } * Converts bytes to words */ bindingset[bytes] -float bytesToWords(float bytes) { result = bytes / wordSize() } +int minWordsRequiredToRepresentBytes(int bytes) { result = (1.0*bytes / wordSize()).ceil() } class TriviallyCopyableSmallType extends Type { TriviallyCopyableSmallType() { From b174b09d33b6f10e2352a3379b38d5b3bfaa4d00 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Mon, 25 Mar 2024 15:01:49 -0400 Subject: [PATCH 1747/2573] A8-4-7: fix missing namechange --- cpp/autosar/src/rules/A8-4-7/TriviallyCopyableSmallType.qll | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/src/rules/A8-4-7/TriviallyCopyableSmallType.qll b/cpp/autosar/src/rules/A8-4-7/TriviallyCopyableSmallType.qll index f06da410c4..be7cd76bd2 100644 --- a/cpp/autosar/src/rules/A8-4-7/TriviallyCopyableSmallType.qll +++ b/cpp/autosar/src/rules/A8-4-7/TriviallyCopyableSmallType.qll @@ -12,11 +12,11 @@ int wordSize() { result = max(VoidPointerType v | | v.getSize()) } * Converts bytes to words */ bindingset[bytes] -int minWordsRequiredToRepresentBytes(int bytes) { result = (1.0*bytes / wordSize()).ceil() } +int minWordsRequiredToRepresentBytes(int bytes) { result = (1.0 * bytes / wordSize()).ceil() } class TriviallyCopyableSmallType extends Type { TriviallyCopyableSmallType() { isTriviallyCopyableType(this) and - exists(int size | size = this.getSize() | bytesToWords(size) <= 2) + exists(int size | size = this.getSize() | minWordsRequiredToRepresentBytes(size) <= 2) } } From e948e3902fc2991f4a320dd50bf62b4e511fbb3a Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Mon, 25 Mar 2024 22:02:16 -0400 Subject: [PATCH 1748/2573] CTR55-CPP: remove unnecessary predicate --- .../rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql | 1 - 1 file changed, 1 deletion(-) diff --git a/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql b/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql index 163df94fb8..2981d8c950 100644 --- a/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql +++ b/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql @@ -57,7 +57,6 @@ where it.isAdditiveOperation() and not exists(RangeBasedForStmt fs | fs.getUpdate().getAChild*() = it) and source = it.getANearbyAssigningIteratorCall() and - not sizeCompareBoundsChecked(source, it) and not validEndBoundCheck(it, source) and not sizeCheckedAbove(it, source) select it, "Increment of iterator may overflow since its bounds are not checked." From ef110cd652876877b471e346c8184c8540c5f6fd Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Mon, 25 Mar 2024 22:55:48 -0400 Subject: [PATCH 1749/2573] IdentifierHidden: add missing exception testcases and address nested named namespaces exception --- cpp/common/src/codingstandards/cpp/Scope.qll | 15 +++++++++++++ .../identifierhidden/IdentifierHidden.qll | 1 + .../test/rules/identifierhidden/test.cpp | 21 ++++++++++++++++++- 3 files changed, 36 insertions(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/Scope.qll b/cpp/common/src/codingstandards/cpp/Scope.qll index 7d755eba83..948d96ab8f 100644 --- a/cpp/common/src/codingstandards/cpp/Scope.qll +++ b/cpp/common/src/codingstandards/cpp/Scope.qll @@ -295,3 +295,18 @@ predicate hasClassScope(Declaration decl) { exists(decl.getDeclaringType()) } /** Holds if `decl` has block scope. */ predicate hasBlockScope(Declaration decl) { exists(BlockStmt b | b.getADeclaration() = decl) } + +/** + * identifiers in nested (named/nonglobal) namespaces are exceptions to hiding due to being able access via fully qualified ids + */ +predicate excludedViaNestedNamespaces(UserDeclaration v2, UserDeclaration v1) { + exists(Namespace inner, Namespace outer | + outer.getAChildNamespace+() = inner and + //outer is not global + not outer instanceof GlobalNamespace and + not outer.isAnonymous() and + not inner.isAnonymous() and + v2.getNamespace() = inner and + v1.getNamespace() = outer + ) +} diff --git a/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll b/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll index 109407c12f..3a8acaed3b 100644 --- a/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll +++ b/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll @@ -18,6 +18,7 @@ query predicate problems(UserDeclaration v2, string message, UserDeclaration v1, not v1 instanceof TemplateVariable and not v2 instanceof TemplateVariable and hidesStrict(v1, v2) and + not excludedViaNestedNamespaces(v2, v1) and varName = v1.getName() and message = "Declaration is hiding declaration $@." } diff --git a/cpp/common/test/rules/identifierhidden/test.cpp b/cpp/common/test/rules/identifierhidden/test.cpp index c778f60b8f..a7087a0176 100644 --- a/cpp/common/test/rules/identifierhidden/test.cpp +++ b/cpp/common/test/rules/identifierhidden/test.cpp @@ -83,4 +83,23 @@ int a() {} // NON_COMPLIANT namespace b1 { typedef int a; // NON_COMPLIANT -} \ No newline at end of file +} + +namespace ns_exception1_outer { +int a1; // COMPLIANT - exception +namespace ns_exception1_inner { +void a1(); // COMPLIANT - exception +} +} // namespace ns_exception1_outer + +void f4() { + int a1, b; + auto lambda1 = [a1]() { + int b = 10; // COMPLIANT - exception - non captured variable b + }; + + auto lambda2 = [b]() { + int b = 10; // NON_COMPLIANT[FALSE_NEGATIVE] - not an exception - captured + // variable b + }; +} From edf41d57536270d9f47b9f5b6ef9cf218933ddd0 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Mon, 25 Mar 2024 23:02:11 -0400 Subject: [PATCH 1750/2573] Scope: improve user declaration definition --- cpp/common/src/codingstandards/cpp/Scope.qll | 2 ++ 1 file changed, 2 insertions(+) diff --git a/cpp/common/src/codingstandards/cpp/Scope.qll b/cpp/common/src/codingstandards/cpp/Scope.qll index 948d96ab8f..9b986e2214 100644 --- a/cpp/common/src/codingstandards/cpp/Scope.qll +++ b/cpp/common/src/codingstandards/cpp/Scope.qll @@ -67,6 +67,8 @@ class UserDeclaration extends Declaration { not this.(Variable).isCompilerGenerated() and not this.(Function).isCompilerGenerated() and not this.(Parameter).getFunction().isCompilerGenerated() and + // will falsely conflict + not this instanceof ClassTemplateInstantiation and // compiler inferred parameters have name of p#0 not this.(Parameter).getName() = "p#0" } From bf97331be539fb14a79cdd88829d1faab6d4db35 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 26 Mar 2024 17:47:14 -0400 Subject: [PATCH 1751/2573] CTR55-CPP: model precise end calculation checks and switch to use of size bounds check only --- change_notes/2024-03-22-fix-fp-ctr55-cpp.md | 2 +- .../DoNotUseAnAdditiveOperatorOnAnIterator.ql | 44 +++++++++++++------ ...UseAnAdditiveOperatorOnAnIterator.expected | 2 + cpp/cert/test/rules/CTR55-CPP/test.cpp | 7 +-- .../ContainerAccessWithoutRangeCheck.qll | 10 +++++ 5 files changed, 47 insertions(+), 18 deletions(-) diff --git a/change_notes/2024-03-22-fix-fp-ctr55-cpp.md b/change_notes/2024-03-22-fix-fp-ctr55-cpp.md index 9b30304d29..98e3eb6339 100644 --- a/change_notes/2024-03-22-fix-fp-ctr55-cpp.md +++ b/change_notes/2024-03-22-fix-fp-ctr55-cpp.md @@ -1,2 +1,2 @@ - `CTR55-CPP` - `DoNotUseAnAdditiveOperatorOnAnIterator.ql`: - - Address reported FP in #374. Improve logic on valid end checks on iterators. \ No newline at end of file + - Address reported FP in #374. Improve logic on valid end checks and size checks on iterators. \ No newline at end of file diff --git a/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql b/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql index 2981d8c950..6410b17839 100644 --- a/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql +++ b/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql @@ -17,37 +17,53 @@ import codingstandards.cpp.Iterators import semmle.code.cpp.controlflow.Dominance /** - * any `.size()` check above our access + * something like: + * `end = begin() + size()` */ -predicate sizeCheckedAbove(ContainerIteratorAccess it, IteratorSource source) { - exists(ContainerAccessWithoutRangeCheck::ContainerSizeCall guardCall | - strictlyDominates(guardCall, it) and - //make sure its the same container providing its size as giving the iterator - globalValueNumber(guardCall.getQualifier()) = globalValueNumber(source.getQualifier()) and - // and the size call we match must be after the assignment call - source.getASuccessor*() = guardCall +Expr calculatedEndCheck(AdditiveOperatorFunctionCall calc) { + exists( + ContainerAccessWithoutRangeCheck::ContainerSizeCall size, + ContainerAccessWithoutRangeCheck::ContainerBeginCall begin + | + calc.getTarget().hasName("operator+") and + DataFlow::localFlow(DataFlow::exprNode(size), DataFlow::exprNode(calc.getAChild*())) and + DataFlow::localFlow(DataFlow::exprNode(begin), DataFlow::exprNode(calc.getAChild*())) and + //make sure its the same container providing its size as giving the begin + globalValueNumber(begin.getQualifier()) = globalValueNumber(size.getQualifier()) and + result = begin.getQualifier() ) } +Expr validEndCheck(FunctionCall end) { + end instanceof ContainerAccessWithoutRangeCheck::ContainerEndCall and + result = end.getQualifier() + or + result = calculatedEndCheck(end) +} + /** * some guard exists like: `iterator != end` * where a relevant`.end()` call flowed into end */ predicate validEndBoundCheck(ContainerIteratorAccess it, IteratorSource source) { exists( - ContainerAccessWithoutRangeCheck::ContainerEndCall end, BasicBlock b, GuardCondition l, - ContainerIteratorAccess otherAccess + FunctionCall end, BasicBlock b, GuardCondition l, ContainerIteratorAccess otherAccess, + Expr qualifierToCheck | + //sufficient end guard + qualifierToCheck = validEndCheck(end) and //guard controls the access l.controls(b, _) and b.contains(it) and - //guard is comprised of (anything flowing to) end check and an iterator access + //guard is comprised of end check and an iterator access DataFlow::localFlow(DataFlow::exprNode(end), DataFlow::exprNode(l.getChild(_))) and l.getChild(_) = otherAccess and //make sure its the same iterator being checked in the guard as accessed otherAccess.getOwningContainer() = it.getOwningContainer() and - //make sure its the same container providing its end as giving the iterator - globalValueNumber(end.getQualifier()) = globalValueNumber(source.getQualifier()) + //if its the end call itself (or its parts), make sure its the same container providing its end as giving the iterator + globalValueNumber(qualifierToCheck) = globalValueNumber(source.getQualifier()) and + // and the guard call we match must be after the assignment call (to avoid valid guards protecting new iterator accesses further down) + source.getASuccessor*() = l ) } @@ -58,5 +74,5 @@ where not exists(RangeBasedForStmt fs | fs.getUpdate().getAChild*() = it) and source = it.getANearbyAssigningIteratorCall() and not validEndBoundCheck(it, source) and - not sizeCheckedAbove(it, source) + not sizeCompareBoundsChecked(source, it) select it, "Increment of iterator may overflow since its bounds are not checked." diff --git a/cpp/cert/test/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.expected b/cpp/cert/test/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.expected index 06560517dd..7aa45f734a 100644 --- a/cpp/cert/test/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.expected +++ b/cpp/cert/test/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.expected @@ -1,4 +1,6 @@ | test.cpp:8:7:8:7 | i | Increment of iterator may overflow since its bounds are not checked. | | test.cpp:9:9:9:9 | i | Increment of iterator may overflow since its bounds are not checked. | | test.cpp:10:9:10:9 | i | Increment of iterator may overflow since its bounds are not checked. | +| test.cpp:22:18:22:18 | i | Increment of iterator may overflow since its bounds are not checked. | | test.cpp:27:31:27:31 | i | Increment of iterator may overflow since its bounds are not checked. | +| test.cpp:40:5:40:8 | end2 | Increment of iterator may overflow since its bounds are not checked. | diff --git a/cpp/cert/test/rules/CTR55-CPP/test.cpp b/cpp/cert/test/rules/CTR55-CPP/test.cpp index 7f12beae61..371b145433 100644 --- a/cpp/cert/test/rules/CTR55-CPP/test.cpp +++ b/cpp/cert/test/rules/CTR55-CPP/test.cpp @@ -20,8 +20,9 @@ void f1(std::vector &v) { } for (auto i = v.begin(), l = (i + std::min(static_cast::size_type>(10), - v.size())); - i != l; ++i) { // COMPLIANT + v.size())); // NON_COMPLIANT - technically in the + // calculation + i != l; ++i) { // COMPLIANT } for (auto i = v.begin();; ++i) { // NON_COMPLIANT @@ -37,7 +38,7 @@ void test_fp_reported_in_374(std::vector &v) { { auto end2 = v.end(); - end2++; // NON_COMPLIANT[FALSE_NEGATIVE] + end2++; // NON_COMPLIANT for (auto i = v.begin(); i != end2; ++i) { // NON_COMPLIANT[FALSE_NEGATIVE] } } diff --git a/cpp/common/src/codingstandards/cpp/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.qll b/cpp/common/src/codingstandards/cpp/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.qll index 0784aa9e86..71e18a5c05 100644 --- a/cpp/common/src/codingstandards/cpp/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.qll +++ b/cpp/common/src/codingstandards/cpp/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.qll @@ -85,6 +85,16 @@ class ContainerEmptyCall extends FunctionCall { } } +/** + * A call to either `begin()` on a container. + */ +class ContainerBeginCall extends FunctionCall { + ContainerBeginCall() { + getTarget().getDeclaringType() instanceof ContainerType and + getTarget().getName() = "begin" + } +} + /** * A call to either `end()` on a container. */ From a9d71bb39101ee3190d8a468727bb47d37084bb8 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 26 Mar 2024 16:53:02 -0700 Subject: [PATCH 1752/2573] Add support for implementation specific bitfield types --- ...hallOnlyBeDeclaredWithAnAppropriateType.ql | 25 ++++++++---- ...lyBeDeclaredWithAnAppropriateType.expected | 2 +- ...lyBeDeclaredWithAnAppropriateType.expected | 0 ...lOnlyBeDeclaredWithAnAppropriateType.qlref | 1 + c/misra/test/rules/RULE-6-1/clang/options | 1 + c/misra/test/rules/RULE-6-1/clang/test.c | 13 +++++++ ...lyBeDeclaredWithAnAppropriateType.expected | 0 ...lOnlyBeDeclaredWithAnAppropriateType.qlref | 1 + c/misra/test/rules/RULE-6-1/gcc/options | 1 + c/misra/test/rules/RULE-6-1/gcc/test.c | 13 +++++++ c/misra/test/rules/RULE-6-1/options | 1 + change_notes/2024-04-26-fix-fp-rule-6-1.md | 2 + .../src/codingstandards/cpp/Compiler.qll | 39 +++++++++++++++++++ 13 files changed, 91 insertions(+), 8 deletions(-) create mode 100644 c/misra/test/rules/RULE-6-1/clang/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.expected create mode 100644 c/misra/test/rules/RULE-6-1/clang/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.qlref create mode 100644 c/misra/test/rules/RULE-6-1/clang/options create mode 100644 c/misra/test/rules/RULE-6-1/clang/test.c create mode 100644 c/misra/test/rules/RULE-6-1/gcc/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.expected create mode 100644 c/misra/test/rules/RULE-6-1/gcc/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.qlref create mode 100644 c/misra/test/rules/RULE-6-1/gcc/options create mode 100644 c/misra/test/rules/RULE-6-1/gcc/test.c create mode 100644 c/misra/test/rules/RULE-6-1/options create mode 100644 change_notes/2024-04-26-fix-fp-rule-6-1.md create mode 100644 cpp/common/src/codingstandards/cpp/Compiler.qll diff --git a/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql b/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql index 81c7fb69a3..c05e2d1cde 100644 --- a/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql +++ b/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql @@ -12,16 +12,26 @@ import cpp import codingstandards.c.misra +import codingstandards.cpp.Compiler -predicate isAppropriatePrimitive(Type type) { - /* An appropriate primitive types to which a bit-field can be declared. */ - type instanceof IntType and +Type getSupportedBitFieldType(Compiler compiler) { + compiler instanceof UnsupportedCompiler and ( - type.(IntegralType).isExplicitlySigned() or - type.(IntegralType).isExplicitlyUnsigned() + result instanceof IntType and + ( + result.(IntegralType).isExplicitlySigned() or + result.(IntegralType).isExplicitlyUnsigned() + ) + or + result instanceof BoolType ) or - type instanceof BoolType + (compiler instanceof Gcc or compiler instanceof Clang) and + ( + result instanceof IntegralOrEnumType + or + result instanceof BoolType + ) } from BitField bitField @@ -29,5 +39,6 @@ where not isExcluded(bitField, BitfieldTypesPackage::bitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery()) and /* A violation would neither be an appropriate primitive type nor an appropriate typedef. */ - not isAppropriatePrimitive(bitField.getType().resolveTypedefs()) + not getSupportedBitFieldType(getCompiler(bitField.getFile())) = + bitField.getType().resolveTypedefs() select bitField, "Bit-field " + bitField + " is declared on type " + bitField.getType() + "." diff --git a/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.expected b/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.expected index aaba0ee30c..345e75a4bb 100644 --- a/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.expected +++ b/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.expected @@ -1,4 +1,4 @@ | test.c:6:7:6:8 | x1 | Bit-field x1 is declared on type int. | | test.c:10:15:10:16 | x5 | Bit-field x5 is declared on type signed long. | | test.c:12:15:12:16 | x6 | Bit-field x6 is declared on type signed char. | -| test.c:14:14:14:15 | x7 | Bit-field x7 is declared on type Color. | +| test.c:14:14:14:15 | x7 | Bit-field x7 is declared on type Color. | \ No newline at end of file diff --git a/c/misra/test/rules/RULE-6-1/clang/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.expected b/c/misra/test/rules/RULE-6-1/clang/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.expected new file mode 100644 index 0000000000..e69de29bb2 diff --git a/c/misra/test/rules/RULE-6-1/clang/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.qlref b/c/misra/test/rules/RULE-6-1/clang/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.qlref new file mode 100644 index 0000000000..7000f50ab1 --- /dev/null +++ b/c/misra/test/rules/RULE-6-1/clang/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.qlref @@ -0,0 +1 @@ +rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-6-1/clang/options b/c/misra/test/rules/RULE-6-1/clang/options new file mode 100644 index 0000000000..d37493684d --- /dev/null +++ b/c/misra/test/rules/RULE-6-1/clang/options @@ -0,0 +1 @@ +semmle-extractor-options:--mimic clang --std=c11 --edg --diag_error=implicit_func_decl -nostdinc -I../../../../common/test/includes/standard-library \ No newline at end of file diff --git a/c/misra/test/rules/RULE-6-1/clang/test.c b/c/misra/test/rules/RULE-6-1/clang/test.c new file mode 100644 index 0000000000..65c6900fdf --- /dev/null +++ b/c/misra/test/rules/RULE-6-1/clang/test.c @@ -0,0 +1,13 @@ +typedef unsigned int UINT16; + +enum Color { R, G, B }; + +struct SampleStruct { + int x1 : 2; // COMPLIANT + unsigned int x2 : 2; // COMPLIANT - explicitly unsigned + signed int x3 : 2; // COMPLIANT - explicitly signed + UINT16 x4 : 2; // COMPLIANT - type alias resolves to a compliant type + signed long x5 : 2; // COMPLIANT + signed char x6 : 2; // COMPLIANT + enum Color x7 : 3; // COMPLIANT +} sample_struct; diff --git a/c/misra/test/rules/RULE-6-1/gcc/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.expected b/c/misra/test/rules/RULE-6-1/gcc/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.expected new file mode 100644 index 0000000000..e69de29bb2 diff --git a/c/misra/test/rules/RULE-6-1/gcc/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.qlref b/c/misra/test/rules/RULE-6-1/gcc/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.qlref new file mode 100644 index 0000000000..7000f50ab1 --- /dev/null +++ b/c/misra/test/rules/RULE-6-1/gcc/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.qlref @@ -0,0 +1 @@ +rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-6-1/gcc/options b/c/misra/test/rules/RULE-6-1/gcc/options new file mode 100644 index 0000000000..b2d1a92f7a --- /dev/null +++ b/c/misra/test/rules/RULE-6-1/gcc/options @@ -0,0 +1 @@ +semmle-extractor-options:--mimic gcc --std=c11 --edg --diag_error=implicit_func_decl -nostdinc -I../../../../common/test/includes/standard-library \ No newline at end of file diff --git a/c/misra/test/rules/RULE-6-1/gcc/test.c b/c/misra/test/rules/RULE-6-1/gcc/test.c new file mode 100644 index 0000000000..65c6900fdf --- /dev/null +++ b/c/misra/test/rules/RULE-6-1/gcc/test.c @@ -0,0 +1,13 @@ +typedef unsigned int UINT16; + +enum Color { R, G, B }; + +struct SampleStruct { + int x1 : 2; // COMPLIANT + unsigned int x2 : 2; // COMPLIANT - explicitly unsigned + signed int x3 : 2; // COMPLIANT - explicitly signed + UINT16 x4 : 2; // COMPLIANT - type alias resolves to a compliant type + signed long x5 : 2; // COMPLIANT + signed char x6 : 2; // COMPLIANT + enum Color x7 : 3; // COMPLIANT +} sample_struct; diff --git a/c/misra/test/rules/RULE-6-1/options b/c/misra/test/rules/RULE-6-1/options new file mode 100644 index 0000000000..52175e51f9 --- /dev/null +++ b/c/misra/test/rules/RULE-6-1/options @@ -0,0 +1 @@ +semmle-extractor-options:--no-clang --std=c11 --edg --diag_error=implicit_func_decl -nostdinc -I../../../../common/test/includes/standard-library \ No newline at end of file diff --git a/change_notes/2024-04-26-fix-fp-rule-6-1.md b/change_notes/2024-04-26-fix-fp-rule-6-1.md new file mode 100644 index 0000000000..856c15623f --- /dev/null +++ b/change_notes/2024-04-26-fix-fp-rule-6-1.md @@ -0,0 +1,2 @@ +- `RULE-6-1` - `BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql`: + - Address FP reported in #318. Add support for implementation specific bitfield types for Clang and Gcc. \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/Compiler.qll b/cpp/common/src/codingstandards/cpp/Compiler.qll new file mode 100644 index 0000000000..20aade5827 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/Compiler.qll @@ -0,0 +1,39 @@ +/** A module to reason about the compiler used to compile translation units. */ + +import cpp +import codingstandards.cpp.Scope + +newtype Compiler = + Gcc() or + Clang() or + UnsupportedCompiler() + +/** Get the match pattern to detect the compiler being mimicked by the extractor to determine the compiler used to compile a file. */ +string getMimicMatch(Compiler compiler) { + result = ["%gcc", "%g++"] and compiler instanceof Gcc + or + result = ["%clang", "%clang++"] and compiler instanceof Clang +} + +/** Get the compiler used to compile the translation unit the file `f` is part of. */ +Compiler getCompiler(File f) { + exists(Compilation compilation, TranslationUnit translationUnit | + compilation.getAFileCompiled() = translationUnit and + (f = translationUnit or f = translationUnit.getAUserFile()) + | + if exists(int mimicIndex | compilation.getArgument(mimicIndex) = "--mimic") + then + exists(int mimicIndex | + compilation.getArgument(mimicIndex) = "--mimic" and + ( + compilation.getArgument(mimicIndex + 1).matches(getMimicMatch(result)) + or + forall(string match | match = getMimicMatch(_) | + not compilation.getArgument(mimicIndex + 1).matches(match) + ) and + result = UnsupportedCompiler() + ) + ) + else result = UnsupportedCompiler() + ) +} From b7aec2c9b52e38d63e8a10542d53194c0f90298e Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 27 Mar 2024 10:15:52 -0400 Subject: [PATCH 1753/2573] CTR55-CPP: fix test expected for reformatted test --- .../CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.expected | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cpp/cert/test/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.expected b/cpp/cert/test/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.expected index 7aa45f734a..13cd4d0ca6 100644 --- a/cpp/cert/test/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.expected +++ b/cpp/cert/test/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.expected @@ -2,5 +2,5 @@ | test.cpp:9:9:9:9 | i | Increment of iterator may overflow since its bounds are not checked. | | test.cpp:10:9:10:9 | i | Increment of iterator may overflow since its bounds are not checked. | | test.cpp:22:18:22:18 | i | Increment of iterator may overflow since its bounds are not checked. | -| test.cpp:27:31:27:31 | i | Increment of iterator may overflow since its bounds are not checked. | -| test.cpp:40:5:40:8 | end2 | Increment of iterator may overflow since its bounds are not checked. | +| test.cpp:28:31:28:31 | i | Increment of iterator may overflow since its bounds are not checked. | +| test.cpp:41:5:41:8 | end2 | Increment of iterator may overflow since its bounds are not checked. | From fff63e60860d765cab26ea74cd4eb0798303f407 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 27 Mar 2024 11:02:03 -0400 Subject: [PATCH 1754/2573] IdentifierHidden: omit types --- cpp/common/src/codingstandards/cpp/Scope.qll | 1 + .../test/rules/identifierhidden/IdentifierHidden.expected | 2 -- cpp/common/test/rules/identifierhidden/test.cpp | 2 +- 3 files changed, 2 insertions(+), 3 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Scope.qll b/cpp/common/src/codingstandards/cpp/Scope.qll index 9b986e2214..ba6c9c0c83 100644 --- a/cpp/common/src/codingstandards/cpp/Scope.qll +++ b/cpp/common/src/codingstandards/cpp/Scope.qll @@ -71,6 +71,7 @@ class UserDeclaration extends Declaration { not this instanceof ClassTemplateInstantiation and // compiler inferred parameters have name of p#0 not this.(Parameter).getName() = "p#0" + and not this instanceof Type } } diff --git a/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected b/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected index 512c38952d..4a56ef6f51 100644 --- a/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected +++ b/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected @@ -1,6 +1,5 @@ | test.cpp:4:5:4:7 | id1 | Declaration is hiding declaration $@. | test.cpp:1:5:1:7 | id1 | id1 | | test.cpp:8:5:8:7 | id1 | Declaration is hiding declaration $@. | test.cpp:1:5:1:7 | id1 | id1 | -| test.cpp:11:5:11:7 | id1 | Declaration is hiding declaration $@. | test.cpp:8:5:8:7 | id1 | id1 | | test.cpp:20:7:20:9 | id1 | Declaration is hiding declaration $@. | test.cpp:1:5:1:7 | id1 | id1 | | test.cpp:23:13:23:15 | id1 | Declaration is hiding declaration $@. | test.cpp:1:5:1:7 | id1 | id1 | | test.cpp:26:12:26:14 | id1 | Declaration is hiding declaration $@. | test.cpp:1:5:1:7 | id1 | id1 | @@ -10,4 +9,3 @@ | test.cpp:70:12:70:12 | i | Declaration is hiding declaration $@. | test.cpp:61:7:61:7 | i | i | | test.cpp:75:16:75:16 | i | Declaration is hiding declaration $@. | test.cpp:61:7:61:7 | i | i | | test.cpp:81:5:81:5 | a | Declaration is hiding declaration $@. | test.cpp:79:5:79:5 | a | a | -| test.cpp:85:13:85:13 | a | Declaration is hiding declaration $@. | test.cpp:79:5:79:5 | a | a | diff --git a/cpp/common/test/rules/identifierhidden/test.cpp b/cpp/common/test/rules/identifierhidden/test.cpp index a7087a0176..d050a35a1d 100644 --- a/cpp/common/test/rules/identifierhidden/test.cpp +++ b/cpp/common/test/rules/identifierhidden/test.cpp @@ -82,7 +82,7 @@ int a() {} // NON_COMPLIANT } // namespace b namespace b1 { -typedef int a; // NON_COMPLIANT +typedef int a; // COMPLIANT - do not consider types } namespace ns_exception1_outer { From 20d9dd6ee9572a59e38decd3814280a8ab06651a Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 27 Mar 2024 14:36:51 -0400 Subject: [PATCH 1755/2573] IdentifierHidden: move type exclusion to rule not userdecl type, and omit intentional overloads --- cpp/common/src/codingstandards/cpp/Scope.qll | 3 ++- .../cpp/rules/identifierhidden/IdentifierHidden.qll | 3 +++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/Scope.qll b/cpp/common/src/codingstandards/cpp/Scope.qll index ba6c9c0c83..786f0d4e61 100644 --- a/cpp/common/src/codingstandards/cpp/Scope.qll +++ b/cpp/common/src/codingstandards/cpp/Scope.qll @@ -71,7 +71,6 @@ class UserDeclaration extends Declaration { not this instanceof ClassTemplateInstantiation and // compiler inferred parameters have name of p#0 not this.(Parameter).getName() = "p#0" - and not this instanceof Type } } @@ -275,6 +274,8 @@ predicate hides(UserDeclaration v1, UserDeclaration v2) { hides_candidate(v1, mid) and hides_candidate(mid, v2) ) + //ignore intentional overloads + and not v1.(Function).getAnOverload() = v2 } /** Holds if `v2` strictly (`v2` is in an inner scope compared to `v1`) hides `v1`. */ diff --git a/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll b/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll index 3a8acaed3b..e3a337f192 100644 --- a/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll +++ b/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll @@ -17,6 +17,9 @@ query predicate problems(UserDeclaration v2, string message, UserDeclaration v1, //ignore template variables for this rule not v1 instanceof TemplateVariable and not v2 instanceof TemplateVariable and + //ignore types for this rule + not v2 instanceof Type and + not v1 instanceof Type and hidesStrict(v1, v2) and not excludedViaNestedNamespaces(v2, v1) and varName = v1.getName() and From 169cbe728cf8cedf14afe2f28f9fde2ed3822268 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 27 Mar 2024 15:28:14 -0400 Subject: [PATCH 1756/2573] identifierhidden: update testcase for overload omission, update changenote --- change_notes/2024-02-27-identifier-hidden.md | 3 ++- cpp/common/test/rules/identifierhidden/test.cpp | 3 +++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/change_notes/2024-02-27-identifier-hidden.md b/change_notes/2024-02-27-identifier-hidden.md index a2cffb9d29..d43e1ad9e6 100644 --- a/change_notes/2024-02-27-identifier-hidden.md +++ b/change_notes/2024-02-27-identifier-hidden.md @@ -1,2 +1,3 @@ - `A2-10-1`, `RULE-5-3` - `IdentifierHiding.ql`, `IdentifierHidingC.ql`: - - Address FN reported in #118. Rule was missing detection of functions and types. \ No newline at end of file + - Address FN reported in #118. Rule was missing detection of functions. Additionally omitted class template instantiations. + - Fix FP for identifiers in nested namespaces. \ No newline at end of file diff --git a/cpp/common/test/rules/identifierhidden/test.cpp b/cpp/common/test/rules/identifierhidden/test.cpp index d050a35a1d..831910f3a2 100644 --- a/cpp/common/test/rules/identifierhidden/test.cpp +++ b/cpp/common/test/rules/identifierhidden/test.cpp @@ -103,3 +103,6 @@ void f4() { // variable b }; } + +void f5(int i) {} // COMPLIANT - exception - assume purposefully overloaded +void f5(double d) {} // COMPLIANT - exception - assume purposefully overloaded \ No newline at end of file From 63cec5235a325725d396a26080473e0051cdd244 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 27 Mar 2024 15:30:39 -0400 Subject: [PATCH 1757/2573] IdentifierHidden: reformat --- cpp/common/src/codingstandards/cpp/Scope.qll | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Scope.qll b/cpp/common/src/codingstandards/cpp/Scope.qll index 786f0d4e61..555f4bc01f 100644 --- a/cpp/common/src/codingstandards/cpp/Scope.qll +++ b/cpp/common/src/codingstandards/cpp/Scope.qll @@ -273,9 +273,9 @@ predicate hides(UserDeclaration v1, UserDeclaration v2) { not exists(UserDeclaration mid | hides_candidate(v1, mid) and hides_candidate(mid, v2) - ) + ) and //ignore intentional overloads - and not v1.(Function).getAnOverload() = v2 + not v1.(Function).getAnOverload() = v2 } /** Holds if `v2` strictly (`v2` is in an inner scope compared to `v1`) hides `v1`. */ From af94c60a649ae633cdb52a1a09622e1bbc641c90 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 27 Mar 2024 14:19:43 -0700 Subject: [PATCH 1758/2573] Create unique branch to bump version Re-using the name will cause a reuse of an existing branch from previous releases. This will cause a failure when pushing the branch. Instead of force pushing we build up the history with unique branches. --- .github/workflows/finalize-release.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index ca91b249f5..56b150a702 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -109,14 +109,14 @@ jobs: git switch main git pull --ff-only origin main - git switch -c release-automation/bump-version + git switch -c "release-automation/bump-version-to-$NEXT_VERSION" # We are running the script in the tooling directory with the release directory as the working directory ../tooling/scripts/release/bump-version.sh "$NEXT_VERSION" git add -u . git commit -m "Bump version to $NEXT_VERSION" - git push --set-upstream origin release-automation/bump-version + git push --set-upstream origin "release-automation/bump-version-to-$NEXT_VERSION" - gh pr create --repo $GITHUB_REPOSITORY --base main --head release-automation/bump-version --body "Bump the version of main to $NEXT_VERSION" --title "Bump version to $NEXT_VERSION" + gh pr create --repo $GITHUB_REPOSITORY --base main --head "release-automation/bump-version-to-$NEXT_VERSION" --body "Bump the version of main to $NEXT_VERSION" --title "Bump version to $NEXT_VERSION" working-directory: release From 74b4b8e2eabdc1943e99d25a9c0641c124751a9a Mon Sep 17 00:00:00 2001 From: rvermeulen Date: Wed, 27 Mar 2024 21:34:01 +0000 Subject: [PATCH 1759/2573] Bump version to 2.27.0-dev --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- docs/user_manual.md | 12 ++++++------ 16 files changed, 21 insertions(+), 21 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index f03d92fa3b..8cdfcf5563 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards -version: 2.25.0-dev +version: 2.27.0-dev description: CERT C 2016 suites: codeql-suites license: MIT diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index 14c531c27a..94e0d1925b 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards-tests -version: 2.25.0-dev +version: 2.27.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 457137553c..242357832d 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards -version: 2.25.0-dev +version: 2.27.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index c0db2ffdb2..4f21201531 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards-tests -version: 2.25.0-dev +version: 2.27.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index e14f7ef5b2..eca4c20629 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards -version: 2.25.0-dev +version: 2.27.0-dev description: MISRA C 2012 suites: codeql-suites license: MIT diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index ac279cb189..3c4fe74621 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards-tests -version: 2.25.0-dev +version: 2.27.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index b3c1bc932b..90edd26091 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards -version: 2.25.0-dev +version: 2.27.0-dev description: AUTOSAR C++14 Guidelines R22-11, R21-11, R20-11, R19-11 and R19-03 suites: codeql-suites license: MIT diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index c5f2407f7a..29b95be3c0 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards-tests -version: 2.25.0-dev +version: 2.27.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index c619091931..82bfc1d2f1 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards -version: 2.25.0-dev +version: 2.27.0-dev description: CERT C++ 2016 suites: codeql-suites license: MIT diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index 4fc2cfd51c..89bfffc817 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards-tests -version: 2.25.0-dev +version: 2.27.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index 66ee14100d..6723f50643 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards -version: 2.25.0-dev +version: 2.27.0-dev license: MIT dependencies: codeql/cpp-all: 0.9.3 diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index 97863b90d1..f311cdac81 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards-tests -version: 2.25.0-dev +version: 2.27.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index 7c84af47f1..a8837481b8 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards -version: 2.25.0-dev +version: 2.27.0-dev description: MISRA C++ 2008 suites: codeql-suites license: MIT diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index 49b8c33bc4..ef46ae6be7 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards-tests -version: 2.25.0-dev +version: 2.27.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index 3b2da70c1b..33f6cefdaa 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/report-cpp-coding-standards -version: 2.25.0-dev +version: 2.27.0-dev license: MIT dependencies: codeql/cpp-all: 0.9.3 diff --git a/docs/user_manual.md b/docs/user_manual.md index 16c8114e5b..fd9e9190bb 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -29,13 +29,13 @@ ## Release information -This user manual documents release `2.25.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). +This user manual documents release `2.27.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). The release page documents the release notes and contains the following artifacts part of the release: -- `code-scanning-cpp-query-pack-2.25.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `supported_rules_list_2.25.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. -- `supported_rules_list_2.25.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. -- `user_manual_2.25.0-dev.md`: This user manual. +- `code-scanning-cpp-query-pack-2.27.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. +- `supported_rules_list_2.27.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. +- `supported_rules_list_2.27.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. +- `user_manual_2.27.0-dev.md`: This user manual. - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards - `checksums.txt`: A text file containing sha256 checksums for the aforementioned artifacts. @@ -496,7 +496,7 @@ This section describes known failure modes for "CodeQL Coding Standards" and des | | Ouf of space | Less output. Some files may be only be partially analyzed, or not analyzed at all. | Error reported on the command line. | Increase space. If it remains an issue report space consumption issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False positives | More output. Results are reported which are not violations of the guidelines. | All reported results must be reviewed. | Report false positive issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False negatives | Less output. Violations of the guidelines are not reported. | Other validation and verification processes during software development should be used to complement the analysis performed by CodeQL Coding Standards. | Report false negative issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | -| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.25.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | +| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.27.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | | | Incorrect deviation record specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation records with a reason. Ensure that all deviation records are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Incorrect deviation permit specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation permits with a reason. Ensure that all deviation permits are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Unapproved use of a deviation record | Less output. Results for guideline violations are not reported. | Validate that the deviation record use is approved by verifying the approved-by attribute of the deviation record specification. | Ensure that each raised deviation record is approved by an independent approver through an auditable process. | From 97ccd29f17a466dd1146fc26ad38b56916083e9e Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Thu, 28 Mar 2024 10:42:03 -0400 Subject: [PATCH 1760/2573] IdentifierHidden: add heuristic for hiding in lambda --- .../identifierhidden/IdentifierHidden.qll | 21 ++++++++++++++++++- .../IdentifierHidden.expected | 1 + .../test/rules/identifierhidden/test.cpp | 2 +- 3 files changed, 22 insertions(+), 2 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll b/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll index e3a337f192..a7719ba81f 100644 --- a/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll +++ b/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll @@ -11,6 +11,25 @@ abstract class IdentifierHiddenSharedQuery extends Query { } Query getQuery() { result instanceof IdentifierHiddenSharedQuery } +/** + * There is a lambda that contains a declaration + * that hides something that is captured + * and the lambda exists in the function where this lamda is enclosed + */ +predicate hiddenInLambda(UserDeclaration v2, UserDeclaration v1) { + exists(Scope s, Closure le | + s.getADeclaration() = v2 and + s.getAnAncestor() = le and + le.getEnclosingFunction().getBasicBlock().(Scope) = v1.getParentScope() and + exists(LambdaCapture cap, Variable v | + v.getAnAccess() = cap.getInitializer().(VariableAccess) and + v = v1 and + le.getLambdaExpression().getACapture() = cap + ) and + v2.getName() = v1.getName() + ) +} + query predicate problems(UserDeclaration v2, string message, UserDeclaration v1, string varName) { not isExcluded(v1, getQuery()) and not isExcluded(v2, getQuery()) and @@ -20,7 +39,7 @@ query predicate problems(UserDeclaration v2, string message, UserDeclaration v1, //ignore types for this rule not v2 instanceof Type and not v1 instanceof Type and - hidesStrict(v1, v2) and + (hidesStrict(v1, v2) or hiddenInLambda(v2, v1)) and not excludedViaNestedNamespaces(v2, v1) and varName = v1.getName() and message = "Declaration is hiding declaration $@." diff --git a/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected b/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected index 4a56ef6f51..b857842ecb 100644 --- a/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected +++ b/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected @@ -9,3 +9,4 @@ | test.cpp:70:12:70:12 | i | Declaration is hiding declaration $@. | test.cpp:61:7:61:7 | i | i | | test.cpp:75:16:75:16 | i | Declaration is hiding declaration $@. | test.cpp:61:7:61:7 | i | i | | test.cpp:81:5:81:5 | a | Declaration is hiding declaration $@. | test.cpp:79:5:79:5 | a | a | +| test.cpp:102:9:102:9 | b | Declaration is hiding declaration $@. | test.cpp:96:11:96:11 | b | b | diff --git a/cpp/common/test/rules/identifierhidden/test.cpp b/cpp/common/test/rules/identifierhidden/test.cpp index 831910f3a2..e5e75d7514 100644 --- a/cpp/common/test/rules/identifierhidden/test.cpp +++ b/cpp/common/test/rules/identifierhidden/test.cpp @@ -99,7 +99,7 @@ void f4() { }; auto lambda2 = [b]() { - int b = 10; // NON_COMPLIANT[FALSE_NEGATIVE] - not an exception - captured + int b = 10; // NON_COMPLIANT - not an exception - captured // variable b }; } From 4a6661bd86e8c3bad3c945c385591da4f28814f4 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Thu, 28 Mar 2024 10:49:06 -0400 Subject: [PATCH 1761/2573] Update cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql Co-authored-by: Remco Vermeulen --- .../CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql b/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql index 6410b17839..f948d8944f 100644 --- a/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql +++ b/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql @@ -17,8 +17,9 @@ import codingstandards.cpp.Iterators import semmle.code.cpp.controlflow.Dominance /** - * something like: - * `end = begin() + size()` + * Get a derived one passed the end element for `containerReference`. + * An example derivation is: + * `end = begin() + size()` */ Expr calculatedEndCheck(AdditiveOperatorFunctionCall calc) { exists( From ac38e79afa5c38e8afe95116d1ea0119e179a1db Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Mon, 1 Apr 2024 12:37:16 -0400 Subject: [PATCH 1762/2573] CTR55-CPP: predicate renaming, variable clarity --- .../DoNotUseAnAdditiveOperatorOnAnIterator.ql | 58 +++++++++++-------- ...UseAnAdditiveOperatorOnAnIterator.expected | 1 + cpp/cert/test/rules/CTR55-CPP/test.cpp | 8 +++ 3 files changed, 44 insertions(+), 23 deletions(-) diff --git a/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql b/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql index f948d8944f..248d45d9d7 100644 --- a/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql +++ b/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql @@ -17,54 +17,66 @@ import codingstandards.cpp.Iterators import semmle.code.cpp.controlflow.Dominance /** - * Get a derived one passed the end element for `containerReference`. + * Models a call to an iterator's `operator+` + */ +class AdditionOperatorFunctionCall extends AdditiveOperatorFunctionCall { + AdditionOperatorFunctionCall() { this.getTarget().hasName("operator+") } +} + +/** + * There exists a calculation for the reference one passed the end of some container * An example derivation is: * `end = begin() + size()` */ -Expr calculatedEndCheck(AdditiveOperatorFunctionCall calc) { +Expr getDerivedReferenceToOnePassedTheEndElement(Expr containerReference) { exists( ContainerAccessWithoutRangeCheck::ContainerSizeCall size, - ContainerAccessWithoutRangeCheck::ContainerBeginCall begin + ContainerAccessWithoutRangeCheck::ContainerBeginCall begin, AdditionOperatorFunctionCall calc | - calc.getTarget().hasName("operator+") and - DataFlow::localFlow(DataFlow::exprNode(size), DataFlow::exprNode(calc.getAChild*())) and - DataFlow::localFlow(DataFlow::exprNode(begin), DataFlow::exprNode(calc.getAChild*())) and + result = calc + | + DataFlow::localFlow(DataFlow::exprNode(size), DataFlow::exprNode(calc.getAChild+())) and + DataFlow::localFlow(DataFlow::exprNode(begin), DataFlow::exprNode(calc.getAChild+())) and //make sure its the same container providing its size as giving the begin globalValueNumber(begin.getQualifier()) = globalValueNumber(size.getQualifier()) and - result = begin.getQualifier() + containerReference = begin.getQualifier() ) } -Expr validEndCheck(FunctionCall end) { - end instanceof ContainerAccessWithoutRangeCheck::ContainerEndCall and - result = end.getQualifier() +/** + * a wrapper predicate for a couple of types of permitted end bounds checks + */ +Expr getReferenceToOnePassedTheEndElement(Expr containerReference) { + //a container end access - v.end() + result instanceof ContainerAccessWithoutRangeCheck::ContainerEndCall and + containerReference = result.(FunctionCall).getQualifier() or - result = calculatedEndCheck(end) + result = getDerivedReferenceToOnePassedTheEndElement(containerReference) } /** * some guard exists like: `iterator != end` * where a relevant`.end()` call flowed into end */ -predicate validEndBoundCheck(ContainerIteratorAccess it, IteratorSource source) { +predicate isUpperBoundEndCheckedIteratorAccess(IteratorSource source, ContainerIteratorAccess it) { exists( - FunctionCall end, BasicBlock b, GuardCondition l, ContainerIteratorAccess otherAccess, - Expr qualifierToCheck + Expr referenceToOnePassedTheEndElement, BasicBlock basicBlockOfIteratorAccess, GuardCondition upperBoundCheck, + ContainerIteratorAccess checkedIteratorAccess, Expr containerReferenceFromEndGuard | //sufficient end guard - qualifierToCheck = validEndCheck(end) and + referenceToOnePassedTheEndElement = getReferenceToOnePassedTheEndElement(containerReferenceFromEndGuard) and //guard controls the access - l.controls(b, _) and - b.contains(it) and + upperBoundCheck.controls(basicBlockOfIteratorAccess, _) and + basicBlockOfIteratorAccess.contains(it) and //guard is comprised of end check and an iterator access - DataFlow::localFlow(DataFlow::exprNode(end), DataFlow::exprNode(l.getChild(_))) and - l.getChild(_) = otherAccess and + DataFlow::localFlow(DataFlow::exprNode(referenceToOnePassedTheEndElement), DataFlow::exprNode(upperBoundCheck.getChild(_))) and + upperBoundCheck.getChild(_) = checkedIteratorAccess and //make sure its the same iterator being checked in the guard as accessed - otherAccess.getOwningContainer() = it.getOwningContainer() and + checkedIteratorAccess.getOwningContainer() = it.getOwningContainer() and //if its the end call itself (or its parts), make sure its the same container providing its end as giving the iterator - globalValueNumber(qualifierToCheck) = globalValueNumber(source.getQualifier()) and + globalValueNumber(containerReferenceFromEndGuard) = globalValueNumber(source.getQualifier()) and // and the guard call we match must be after the assignment call (to avoid valid guards protecting new iterator accesses further down) - source.getASuccessor*() = l + source.getASuccessor*() = upperBoundCheck ) } @@ -74,6 +86,6 @@ where it.isAdditiveOperation() and not exists(RangeBasedForStmt fs | fs.getUpdate().getAChild*() = it) and source = it.getANearbyAssigningIteratorCall() and - not validEndBoundCheck(it, source) and + not isUpperBoundEndCheckedIteratorAccess(source, it) and not sizeCompareBoundsChecked(source, it) select it, "Increment of iterator may overflow since its bounds are not checked." diff --git a/cpp/cert/test/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.expected b/cpp/cert/test/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.expected index 13cd4d0ca6..7c7bbbdc23 100644 --- a/cpp/cert/test/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.expected +++ b/cpp/cert/test/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.expected @@ -4,3 +4,4 @@ | test.cpp:22:18:22:18 | i | Increment of iterator may overflow since its bounds are not checked. | | test.cpp:28:31:28:31 | i | Increment of iterator may overflow since its bounds are not checked. | | test.cpp:41:5:41:8 | end2 | Increment of iterator may overflow since its bounds are not checked. | +| test.cpp:50:42:50:42 | i | Increment of iterator may overflow since its bounds are not checked. | diff --git a/cpp/cert/test/rules/CTR55-CPP/test.cpp b/cpp/cert/test/rules/CTR55-CPP/test.cpp index 371b145433..d0331bce6d 100644 --- a/cpp/cert/test/rules/CTR55-CPP/test.cpp +++ b/cpp/cert/test/rules/CTR55-CPP/test.cpp @@ -42,4 +42,12 @@ void test_fp_reported_in_374(std::vector &v) { for (auto i = v.begin(); i != end2; ++i) { // NON_COMPLIANT[FALSE_NEGATIVE] } } +} + +void test(std::vector &v, std::vector &v2) { + { + auto end = v2.end(); + for (auto i = v.begin(); i != end; ++i) { // NON_COMPLIANT - wrong check + } + } } \ No newline at end of file From 440cfe9f7dad07bdd0e0ac68a3c7ade55de27d52 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Mon, 1 Apr 2024 14:03:21 -0400 Subject: [PATCH 1763/2573] CTR55-CPP: improve documentation known fn case --- .../DoNotUseAnAdditiveOperatorOnAnIterator.expected | 2 +- cpp/cert/test/rules/CTR55-CPP/test.cpp | 7 +++++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/cpp/cert/test/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.expected b/cpp/cert/test/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.expected index 7c7bbbdc23..e8d9425f2b 100644 --- a/cpp/cert/test/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.expected +++ b/cpp/cert/test/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.expected @@ -4,4 +4,4 @@ | test.cpp:22:18:22:18 | i | Increment of iterator may overflow since its bounds are not checked. | | test.cpp:28:31:28:31 | i | Increment of iterator may overflow since its bounds are not checked. | | test.cpp:41:5:41:8 | end2 | Increment of iterator may overflow since its bounds are not checked. | -| test.cpp:50:42:50:42 | i | Increment of iterator may overflow since its bounds are not checked. | +| test.cpp:53:42:53:42 | i | Increment of iterator may overflow since its bounds are not checked. | diff --git a/cpp/cert/test/rules/CTR55-CPP/test.cpp b/cpp/cert/test/rules/CTR55-CPP/test.cpp index d0331bce6d..78eda6c0da 100644 --- a/cpp/cert/test/rules/CTR55-CPP/test.cpp +++ b/cpp/cert/test/rules/CTR55-CPP/test.cpp @@ -38,8 +38,11 @@ void test_fp_reported_in_374(std::vector &v) { { auto end2 = v.end(); - end2++; // NON_COMPLIANT - for (auto i = v.begin(); i != end2; ++i) { // NON_COMPLIANT[FALSE_NEGATIVE] + end2++; // NON_COMPLIANT + for (auto i = v.begin(); i != end2; + ++i) { // NON_COMPLIANT[FALSE_NEGATIVE] - case of invalidations to + // check before use expected to be less frequent, can model in + // future if need be } } } From 87a623cc36529537ca935003cc66b4a755015d27 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Mon, 1 Apr 2024 14:06:44 -0400 Subject: [PATCH 1764/2573] CTR55-CPP: missing reformat query --- .../DoNotUseAnAdditiveOperatorOnAnIterator.ql | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql b/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql index 248d45d9d7..ce1fb52667 100644 --- a/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql +++ b/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql @@ -60,16 +60,19 @@ Expr getReferenceToOnePassedTheEndElement(Expr containerReference) { */ predicate isUpperBoundEndCheckedIteratorAccess(IteratorSource source, ContainerIteratorAccess it) { exists( - Expr referenceToOnePassedTheEndElement, BasicBlock basicBlockOfIteratorAccess, GuardCondition upperBoundCheck, - ContainerIteratorAccess checkedIteratorAccess, Expr containerReferenceFromEndGuard + Expr referenceToOnePassedTheEndElement, BasicBlock basicBlockOfIteratorAccess, + GuardCondition upperBoundCheck, ContainerIteratorAccess checkedIteratorAccess, + Expr containerReferenceFromEndGuard | //sufficient end guard - referenceToOnePassedTheEndElement = getReferenceToOnePassedTheEndElement(containerReferenceFromEndGuard) and + referenceToOnePassedTheEndElement = + getReferenceToOnePassedTheEndElement(containerReferenceFromEndGuard) and //guard controls the access upperBoundCheck.controls(basicBlockOfIteratorAccess, _) and basicBlockOfIteratorAccess.contains(it) and //guard is comprised of end check and an iterator access - DataFlow::localFlow(DataFlow::exprNode(referenceToOnePassedTheEndElement), DataFlow::exprNode(upperBoundCheck.getChild(_))) and + DataFlow::localFlow(DataFlow::exprNode(referenceToOnePassedTheEndElement), + DataFlow::exprNode(upperBoundCheck.getChild(_))) and upperBoundCheck.getChild(_) = checkedIteratorAccess and //make sure its the same iterator being checked in the guard as accessed checkedIteratorAccess.getOwningContainer() = it.getOwningContainer() and From cee9f014f769865083d2a4c544d9323c61fdf164 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 2 Apr 2024 12:33:37 -0400 Subject: [PATCH 1765/2573] CTR55-CPP: improve testfile to doc an expected fp corner case --- .../DoNotUseAnAdditiveOperatorOnAnIterator.expected | 1 + cpp/cert/test/rules/CTR55-CPP/test.cpp | 10 ++++++++++ 2 files changed, 11 insertions(+) diff --git a/cpp/cert/test/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.expected b/cpp/cert/test/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.expected index e8d9425f2b..0a06677b54 100644 --- a/cpp/cert/test/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.expected +++ b/cpp/cert/test/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.expected @@ -5,3 +5,4 @@ | test.cpp:28:31:28:31 | i | Increment of iterator may overflow since its bounds are not checked. | | test.cpp:41:5:41:8 | end2 | Increment of iterator may overflow since its bounds are not checked. | | test.cpp:53:42:53:42 | i | Increment of iterator may overflow since its bounds are not checked. | +| test.cpp:64:15:64:15 | i | Increment of iterator may overflow since its bounds are not checked. | diff --git a/cpp/cert/test/rules/CTR55-CPP/test.cpp b/cpp/cert/test/rules/CTR55-CPP/test.cpp index 78eda6c0da..e4d14ec25e 100644 --- a/cpp/cert/test/rules/CTR55-CPP/test.cpp +++ b/cpp/cert/test/rules/CTR55-CPP/test.cpp @@ -53,4 +53,14 @@ void test(std::vector &v, std::vector &v2) { for (auto i = v.begin(); i != end; ++i) { // NON_COMPLIANT - wrong check } } +} + +void test2(std::vector &v) { + auto i = v.begin(); + while (1) { + auto i2 = ((i != v.end()) != 0); + if (!i2) + break; + (void)((++i)); // COMPLIANT[FALSE_POSITIVE] + } } \ No newline at end of file From ab57036d13aaa9751f0a7d579da578e9794365e8 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 2 Apr 2024 14:13:55 -0400 Subject: [PATCH 1766/2573] Update cpp/common/src/codingstandards/cpp/Scope.qll Co-authored-by: Remco Vermeulen --- cpp/common/src/codingstandards/cpp/Scope.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/Scope.qll b/cpp/common/src/codingstandards/cpp/Scope.qll index 555f4bc01f..5a2d82c090 100644 --- a/cpp/common/src/codingstandards/cpp/Scope.qll +++ b/cpp/common/src/codingstandards/cpp/Scope.qll @@ -67,7 +67,7 @@ class UserDeclaration extends Declaration { not this.(Variable).isCompilerGenerated() and not this.(Function).isCompilerGenerated() and not this.(Parameter).getFunction().isCompilerGenerated() and - // will falsely conflict + // Class template instantiations are compiler generated instances that share the same parent scope. This will result in a cross-product on class template instantiations because they have the same name and same parent scope. We therefore exclude these from consideration like we do with other compiler generated identifiers of interest. not this instanceof ClassTemplateInstantiation and // compiler inferred parameters have name of p#0 not this.(Parameter).getName() = "p#0" From 3d2e4138d1b3b76cdb7e44b6b2e2b4d1845275cf Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 2 Apr 2024 14:14:24 -0400 Subject: [PATCH 1767/2573] Update cpp/common/src/codingstandards/cpp/Scope.qll Co-authored-by: Remco Vermeulen --- cpp/common/src/codingstandards/cpp/Scope.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/Scope.qll b/cpp/common/src/codingstandards/cpp/Scope.qll index 5a2d82c090..bd3a5051a3 100644 --- a/cpp/common/src/codingstandards/cpp/Scope.qll +++ b/cpp/common/src/codingstandards/cpp/Scope.qll @@ -274,7 +274,7 @@ predicate hides(UserDeclaration v1, UserDeclaration v2) { hides_candidate(v1, mid) and hides_candidate(mid, v2) ) and - //ignore intentional overloads + // Unlike `hidesStrict`, that requires a different scope, `hides` considers declarations in the same scope. This will include function overloads based on their name. To remove overloads from consideration, we exclude them. not v1.(Function).getAnOverload() = v2 } From 5606a6c065c69b3484ed1ea840990ad0e8ca958f Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 3 Apr 2024 19:32:55 -0400 Subject: [PATCH 1768/2573] IdentifierHidden: improve variable names and docs/overall readability --- cpp/common/src/codingstandards/cpp/Scope.qll | 6 +-- .../identifierhidden/IdentifierHidden.qll | 42 +++++++++---------- 2 files changed, 24 insertions(+), 24 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Scope.qll b/cpp/common/src/codingstandards/cpp/Scope.qll index 555f4bc01f..bf6e502938 100644 --- a/cpp/common/src/codingstandards/cpp/Scope.qll +++ b/cpp/common/src/codingstandards/cpp/Scope.qll @@ -303,14 +303,14 @@ predicate hasBlockScope(Declaration decl) { exists(BlockStmt b | b.getADeclarati /** * identifiers in nested (named/nonglobal) namespaces are exceptions to hiding due to being able access via fully qualified ids */ -predicate excludedViaNestedNamespaces(UserDeclaration v2, UserDeclaration v1) { +predicate excludedViaNestedNamespaces(UserDeclaration outerDecl, UserDeclaration innerDecl) { exists(Namespace inner, Namespace outer | outer.getAChildNamespace+() = inner and //outer is not global not outer instanceof GlobalNamespace and not outer.isAnonymous() and not inner.isAnonymous() and - v2.getNamespace() = inner and - v1.getNamespace() = outer + innerDecl.getNamespace() = inner and + outerDecl.getNamespace() = outer ) } diff --git a/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll b/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll index a7719ba81f..eaa239f491 100644 --- a/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll +++ b/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll @@ -12,35 +12,35 @@ abstract class IdentifierHiddenSharedQuery extends Query { } Query getQuery() { result instanceof IdentifierHiddenSharedQuery } /** - * There is a lambda that contains a declaration - * that hides something that is captured - * and the lambda exists in the function where this lamda is enclosed + * Holds if declaration `innerDecl`, declared in a lambda, hides a declaration `outerDecl` captured by the lambda. */ -predicate hiddenInLambda(UserDeclaration v2, UserDeclaration v1) { +predicate hiddenInLambda(UserVariable outerDecl, UserVariable innerDecl) { exists(Scope s, Closure le | - s.getADeclaration() = v2 and + //innerDecl declared inside of the lambda + s.getADeclaration() = innerDecl and s.getAnAncestor() = le and - le.getEnclosingFunction().getBasicBlock().(Scope) = v1.getParentScope() and - exists(LambdaCapture cap, Variable v | - v.getAnAccess() = cap.getInitializer().(VariableAccess) and - v = v1 and + le.getEnclosingFunction().getBasicBlock().(Scope) = outerDecl.getParentScope() and + exists(LambdaCapture cap | + outerDecl.getAnAccess() = cap.getInitializer().(VariableAccess) and le.getLambdaExpression().getACapture() = cap ) and - v2.getName() = v1.getName() + innerDecl.getName() = outerDecl.getName() ) } -query predicate problems(UserDeclaration v2, string message, UserDeclaration v1, string varName) { - not isExcluded(v1, getQuery()) and - not isExcluded(v2, getQuery()) and +query predicate problems( + UserDeclaration innerDecl, string message, UserDeclaration outerDecl, string varName +) { + not isExcluded(outerDecl, getQuery()) and + not isExcluded(innerDecl, getQuery()) and //ignore template variables for this rule - not v1 instanceof TemplateVariable and - not v2 instanceof TemplateVariable and - //ignore types for this rule - not v2 instanceof Type and - not v1 instanceof Type and - (hidesStrict(v1, v2) or hiddenInLambda(v2, v1)) and - not excludedViaNestedNamespaces(v2, v1) and - varName = v1.getName() and + not outerDecl instanceof TemplateVariable and + not innerDecl instanceof TemplateVariable and + //ignore types for this rule as the Misra C/C++ 23 version of this rule (rule 6.4.1 and 6.4.2) focuses solely on variables and functions + not innerDecl instanceof Type and + not outerDecl instanceof Type and + (hidesStrict(outerDecl, innerDecl) or hiddenInLambda(outerDecl, innerDecl)) and + not excludedViaNestedNamespaces(outerDecl, innerDecl) and + varName = outerDecl.getName() and message = "Declaration is hiding declaration $@." } From 4dc49a114efd854705d6ff10a41ec17958956ad1 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 3 Apr 2024 13:46:34 -0700 Subject: [PATCH 1769/2573] Address incorrect format code elements in alert message --- .../BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql | 2 +- ...ieldsShallOnlyBeDeclaredWithAnAppropriateType.expected | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql b/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql index c05e2d1cde..fce1d9ad1a 100644 --- a/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql +++ b/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql @@ -41,4 +41,4 @@ where /* A violation would neither be an appropriate primitive type nor an appropriate typedef. */ not getSupportedBitFieldType(getCompiler(bitField.getFile())) = bitField.getType().resolveTypedefs() -select bitField, "Bit-field " + bitField + " is declared on type " + bitField.getType() + "." +select bitField, "Bit-field '" + bitField + "' is declared on type '" + bitField.getType() + "'." diff --git a/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.expected b/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.expected index 345e75a4bb..4ff4c2aaa1 100644 --- a/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.expected +++ b/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.expected @@ -1,4 +1,4 @@ -| test.c:6:7:6:8 | x1 | Bit-field x1 is declared on type int. | -| test.c:10:15:10:16 | x5 | Bit-field x5 is declared on type signed long. | -| test.c:12:15:12:16 | x6 | Bit-field x6 is declared on type signed char. | -| test.c:14:14:14:15 | x7 | Bit-field x7 is declared on type Color. | \ No newline at end of file +| test.c:6:7:6:8 | x1 | Bit-field 'x1' is declared on type 'int'. | +| test.c:10:15:10:16 | x5 | Bit-field 'x5' is declared on type 'signed long'. | +| test.c:12:15:12:16 | x6 | Bit-field 'x6' is declared on type 'signed char'. | +| test.c:14:14:14:15 | x7 | Bit-field 'x7' is declared on type 'Color'. | From b87fec54ad106521687ce8ada026f44c564920d2 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 3 Apr 2024 16:44:29 -0700 Subject: [PATCH 1770/2573] Add test case with atomic types for documentation --- c/misra/test/rules/RULE-6-1/clang/test.c | 2 ++ c/misra/test/rules/RULE-6-1/gcc/test.c | 2 ++ 2 files changed, 4 insertions(+) diff --git a/c/misra/test/rules/RULE-6-1/clang/test.c b/c/misra/test/rules/RULE-6-1/clang/test.c index 65c6900fdf..3c7f000329 100644 --- a/c/misra/test/rules/RULE-6-1/clang/test.c +++ b/c/misra/test/rules/RULE-6-1/clang/test.c @@ -10,4 +10,6 @@ struct SampleStruct { signed long x5 : 2; // COMPLIANT signed char x6 : 2; // COMPLIANT enum Color x7 : 3; // COMPLIANT + //_Atomic(int) x8 : 2; // NON_COMPLIANT[COMPILER_CHECKED] - atomic types are + //not permitted for bit-fields. } sample_struct; diff --git a/c/misra/test/rules/RULE-6-1/gcc/test.c b/c/misra/test/rules/RULE-6-1/gcc/test.c index 65c6900fdf..3c7f000329 100644 --- a/c/misra/test/rules/RULE-6-1/gcc/test.c +++ b/c/misra/test/rules/RULE-6-1/gcc/test.c @@ -10,4 +10,6 @@ struct SampleStruct { signed long x5 : 2; // COMPLIANT signed char x6 : 2; // COMPLIANT enum Color x7 : 3; // COMPLIANT + //_Atomic(int) x8 : 2; // NON_COMPLIANT[COMPILER_CHECKED] - atomic types are + //not permitted for bit-fields. } sample_struct; From 908b6e94400e07d27bf25cf6ba05c6b95134af55 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Thu, 4 Apr 2024 12:50:01 -0400 Subject: [PATCH 1771/2573] IdentifierHidden: improve lambda handling case --- .../identifierhidden/IdentifierHidden.qll | 44 +++++++++++++++++-- .../IdentifierHidden.expected | 1 + .../test/rules/identifierhidden/test.cpp | 16 ++++++- 3 files changed, 56 insertions(+), 5 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll b/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll index eaa239f491..88bdf28e24 100644 --- a/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll +++ b/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll @@ -6,11 +6,22 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.Scope +import codingstandards.cpp.ConstHelpers abstract class IdentifierHiddenSharedQuery extends Query { } Query getQuery() { result instanceof IdentifierHiddenSharedQuery } +/** + * a `IntegralOrEnumType` that is nonvolatile and const + */ +class NonVolatileConstIntegralOrEnumType extends IntegralOrEnumType { + NonVolatileConstIntegralOrEnumType() { + not this.isVolatile() and + this.isConst() + } +} + /** * Holds if declaration `innerDecl`, declared in a lambda, hides a declaration `outerDecl` captured by the lambda. */ @@ -19,10 +30,35 @@ predicate hiddenInLambda(UserVariable outerDecl, UserVariable innerDecl) { //innerDecl declared inside of the lambda s.getADeclaration() = innerDecl and s.getAnAncestor() = le and - le.getEnclosingFunction().getBasicBlock().(Scope) = outerDecl.getParentScope() and - exists(LambdaCapture cap | - outerDecl.getAnAccess() = cap.getInitializer().(VariableAccess) and - le.getLambdaExpression().getACapture() = cap + //a variable can be accessed (therefore hide) another when: + //it is explicitly captured + ( + exists(LambdaCapture cap | + outerDecl.getAnAccess() = cap.getInitializer().(VariableAccess) and + le.getLambdaExpression().getACapture() = cap and + //captured variable (outerDecl) is in the same (function) scope as the lambda itself + outerDecl.getParentScope() = le.getEnclosingFunction().getBasicBlock().(Scope) + ) + or + //is non-local + outerDecl instanceof GlobalVariable + or + //has static or thread local storage duration + (outerDecl.isThreadLocal() or outerDecl.isStatic()) + or + //is a reference that has been initialized with a constant expression. + outerDecl.getType().stripTopLevelSpecifiers() instanceof ReferenceType and + exists(outerDecl.getInitializer().getExpr().getValue()) + or + //const non-volatile integral or enumeration type and has been initialized with a constant expression + outerDecl.getType() instanceof NonVolatileConstIntegralOrEnumType and + exists(outerDecl.getInitializer().getExpr().getValue()) + or + //is constexpr and has no mutable members + outerDecl.isConstexpr() and + not exists(Class c | + c = outerDecl.getType() and not c.getAMember() instanceof MutableVariable + ) ) and innerDecl.getName() = outerDecl.getName() ) diff --git a/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected b/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected index b857842ecb..8cab1bf1d9 100644 --- a/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected +++ b/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected @@ -10,3 +10,4 @@ | test.cpp:75:16:75:16 | i | Declaration is hiding declaration $@. | test.cpp:61:7:61:7 | i | i | | test.cpp:81:5:81:5 | a | Declaration is hiding declaration $@. | test.cpp:79:5:79:5 | a | a | | test.cpp:102:9:102:9 | b | Declaration is hiding declaration $@. | test.cpp:96:11:96:11 | b | b | +| test.cpp:114:9:114:17 | globalvar | Declaration is hiding declaration $@. | test.cpp:110:5:110:13 | globalvar | globalvar | diff --git a/cpp/common/test/rules/identifierhidden/test.cpp b/cpp/common/test/rules/identifierhidden/test.cpp index e5e75d7514..bd82d09525 100644 --- a/cpp/common/test/rules/identifierhidden/test.cpp +++ b/cpp/common/test/rules/identifierhidden/test.cpp @@ -105,4 +105,18 @@ void f4() { } void f5(int i) {} // COMPLIANT - exception - assume purposefully overloaded -void f5(double d) {} // COMPLIANT - exception - assume purposefully overloaded \ No newline at end of file +void f5(double d) {} // COMPLIANT - exception - assume purposefully overloaded + +int globalvar = 0; + +int f6() { + auto lambda_with_shadowing = []() { + int globalvar = 1; // NON_COMPLIANT - not an exception - not captured but + // still accessible + return globalvar + globalvar; + }; + + auto lambda_without_shadowing = []() { return globalvar + globalvar; }; + + return lambda_with_shadowing(); +} \ No newline at end of file From 570dd8006544171da46f1a21b1b9f50e02a6a6a3 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 4 Apr 2024 11:35:30 -0700 Subject: [PATCH 1772/2573] Properly format the test case --- c/misra/test/rules/RULE-6-1/clang/test.c | 2 +- c/misra/test/rules/RULE-6-1/gcc/test.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/c/misra/test/rules/RULE-6-1/clang/test.c b/c/misra/test/rules/RULE-6-1/clang/test.c index 3c7f000329..c8b377b0fd 100644 --- a/c/misra/test/rules/RULE-6-1/clang/test.c +++ b/c/misra/test/rules/RULE-6-1/clang/test.c @@ -11,5 +11,5 @@ struct SampleStruct { signed char x6 : 2; // COMPLIANT enum Color x7 : 3; // COMPLIANT //_Atomic(int) x8 : 2; // NON_COMPLIANT[COMPILER_CHECKED] - atomic types are - //not permitted for bit-fields. + // not permitted for bit-fields. } sample_struct; diff --git a/c/misra/test/rules/RULE-6-1/gcc/test.c b/c/misra/test/rules/RULE-6-1/gcc/test.c index 3c7f000329..c8b377b0fd 100644 --- a/c/misra/test/rules/RULE-6-1/gcc/test.c +++ b/c/misra/test/rules/RULE-6-1/gcc/test.c @@ -11,5 +11,5 @@ struct SampleStruct { signed char x6 : 2; // COMPLIANT enum Color x7 : 3; // COMPLIANT //_Atomic(int) x8 : 2; // NON_COMPLIANT[COMPILER_CHECKED] - atomic types are - //not permitted for bit-fields. + // not permitted for bit-fields. } sample_struct; From 6a21fa5a9e0479a6282a08c898844163a7f8b587 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 4 Apr 2024 14:16:39 -0700 Subject: [PATCH 1773/2573] Handle lambda scope using `Scope` class --- .../identifierhidden/IdentifierHidden.qll | 41 ++++++++----- .../IdentifierHidden.expected | 4 ++ .../test/rules/identifierhidden/test.cpp | 61 +++++++++++++++++++ 3 files changed, 90 insertions(+), 16 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll b/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll index 88bdf28e24..63c6127b4c 100644 --- a/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll +++ b/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll @@ -23,43 +23,52 @@ class NonVolatileConstIntegralOrEnumType extends IntegralOrEnumType { } /** - * Holds if declaration `innerDecl`, declared in a lambda, hides a declaration `outerDecl` captured by the lambda. + * Holds if declaration `innerDecl`, declared in a lambda, hides a declaration `outerDecl` by the lambda. */ predicate hiddenInLambda(UserVariable outerDecl, UserVariable innerDecl) { - exists(Scope s, Closure le | - //innerDecl declared inside of the lambda - s.getADeclaration() = innerDecl and - s.getAnAncestor() = le and - //a variable can be accessed (therefore hide) another when: - //it is explicitly captured + exists( + Scope innerScope, LambdaExpression lambdaExpr, Scope lambdaExprScope, Scope outerScope, + Closure lambdaClosure + | + // The variable `innerDecl` is declared inside of the lambda. + innerScope.getADeclaration() = innerDecl and + // Because a lambda is compiled down to a closure, we need to use the closure to determine if the declaration + // is part of the lambda. + innerScope.getAnAncestor() = lambdaClosure and + // Next we determine the scope of the lambda expression to determine if `outerDecl` is visible in the scope of the lambda. + lambdaClosure.getLambdaExpression() = lambdaExpr and + lambdaExprScope.getAnExpr() = lambdaExpr and + outerScope.getADeclaration() = outerDecl and + lambdaExprScope.getStrictParent*() = outerScope and ( + // A definition can be hidden if it is in scope and it iscaptured by the lambda, exists(LambdaCapture cap | - outerDecl.getAnAccess() = cap.getInitializer().(VariableAccess) and - le.getLambdaExpression().getACapture() = cap and - //captured variable (outerDecl) is in the same (function) scope as the lambda itself - outerDecl.getParentScope() = le.getEnclosingFunction().getBasicBlock().(Scope) + lambdaExpr.getACapture() = cap and + // The outer declaration is captured by the lambda + outerDecl.getAnAccess() = cap.getInitializer() ) or - //is non-local + // it is is non-local, outerDecl instanceof GlobalVariable or - //has static or thread local storage duration + // it has static or thread local storage duration, (outerDecl.isThreadLocal() or outerDecl.isStatic()) or - //is a reference that has been initialized with a constant expression. + //it is a reference that has been initialized with a constant expression. outerDecl.getType().stripTopLevelSpecifiers() instanceof ReferenceType and exists(outerDecl.getInitializer().getExpr().getValue()) or - //const non-volatile integral or enumeration type and has been initialized with a constant expression + //it const non-volatile integral or enumeration type and has been initialized with a constant expression outerDecl.getType() instanceof NonVolatileConstIntegralOrEnumType and exists(outerDecl.getInitializer().getExpr().getValue()) or - //is constexpr and has no mutable members + //it is constexpr and has no mutable members outerDecl.isConstexpr() and not exists(Class c | c = outerDecl.getType() and not c.getAMember() instanceof MutableVariable ) ) and + // Finally, the variables must have the same names. innerDecl.getName() = outerDecl.getName() ) } diff --git a/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected b/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected index 8cab1bf1d9..518d21ace0 100644 --- a/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected +++ b/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected @@ -11,3 +11,7 @@ | test.cpp:81:5:81:5 | a | Declaration is hiding declaration $@. | test.cpp:79:5:79:5 | a | a | | test.cpp:102:9:102:9 | b | Declaration is hiding declaration $@. | test.cpp:96:11:96:11 | b | b | | test.cpp:114:9:114:17 | globalvar | Declaration is hiding declaration $@. | test.cpp:110:5:110:13 | globalvar | globalvar | +| test.cpp:133:11:133:11 | b | Declaration is hiding declaration $@. | test.cpp:127:13:127:13 | b | b | +| test.cpp:142:9:142:10 | a1 | Declaration is hiding declaration $@. | test.cpp:140:14:140:15 | a1 | a1 | +| test.cpp:147:9:147:10 | a2 | Declaration is hiding declaration $@. | test.cpp:145:20:145:21 | a2 | a2 | +| test.cpp:152:9:152:10 | a3 | Declaration is hiding declaration $@. | test.cpp:150:17:150:18 | a3 | a3 | diff --git a/cpp/common/test/rules/identifierhidden/test.cpp b/cpp/common/test/rules/identifierhidden/test.cpp index bd82d09525..71b9f283ce 100644 --- a/cpp/common/test/rules/identifierhidden/test.cpp +++ b/cpp/common/test/rules/identifierhidden/test.cpp @@ -119,4 +119,65 @@ int f6() { auto lambda_without_shadowing = []() { return globalvar + globalvar; }; return lambda_with_shadowing(); +} + +void f7(int p) { + // Introduce a nested scope to test scope comparison. + if (p != 0) { + int a1, b; + auto lambda1 = [a1]() { + int b = 10; // COMPLIANT - exception - non captured variable b + }; + + auto lambda2 = [b]() { + int b = 10; // NON_COMPLIANT - not an exception - captured + // variable b + }; + } +} + +void f8() { + static int a1; + auto lambda1 = []() { + int a1 = 10; // NON_COMPLIANT - Lambda can access static variable. + }; + + thread_local int a2; + auto lambda2 = []() { + int a2 = 10; // NON_COMPLIANT - Lambda can access thread local variable. + }; + + constexpr int a3 = 10; + auto lambda3 = []() { + int a3 = a3 + 1; // NON_COMPLIANT - Lambda can access const + // expression without mutable members. + }; + + const int &a4 = a3; + auto lambda4 = []() { + int a4 = a4 + 1; // NON_COMPLIANT[FALSE_NEGATIVE] - Lambda can access + // reference initialized with constant expression. + }; + + const int a5 = 10; + auto lambda5 = []() { + int a5 = a5 + 1; // NON_COMPLIANT[FALSE_NEGATIVE] - Lambda can access const + // non-volatile integral or enumeration type initialized + // with constant expression. + }; + + volatile const int a6 = 10; + auto lambda6 = []() { + int a6 = + a6 + 1; // COMPLIANT - Lambda cannot access const volatile integral or + // enumeration type initialized with constant expression. + }; +} + +void f9() { + auto lambda1 = []() { + int a1 = 10; // COMPLIANT + }; + + int a1 = 10; } \ No newline at end of file From 20ef634d649ebb4c56340e7bc47240de05250689 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Thu, 4 Apr 2024 14:33:03 -0700 Subject: [PATCH 1774/2573] Fix missing space in comment --- .../cpp/rules/identifierhidden/IdentifierHidden.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll b/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll index 63c6127b4c..26cd40747f 100644 --- a/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll +++ b/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll @@ -41,7 +41,7 @@ predicate hiddenInLambda(UserVariable outerDecl, UserVariable innerDecl) { outerScope.getADeclaration() = outerDecl and lambdaExprScope.getStrictParent*() = outerScope and ( - // A definition can be hidden if it is in scope and it iscaptured by the lambda, + // A definition can be hidden if it is in scope and it is captured by the lambda, exists(LambdaCapture cap | lambdaExpr.getACapture() = cap and // The outer declaration is captured by the lambda From 30aa0446e31321807692f82aa3ca897014710a20 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Thu, 4 Apr 2024 23:27:10 -0400 Subject: [PATCH 1775/2573] IdentifierHidden: reduce FN case and remove redundant testcase --- .../cpp/rules/identifierhidden/IdentifierHidden.qll | 12 +++++++----- .../rules/identifierhidden/IdentifierHidden.expected | 1 + cpp/common/test/rules/identifierhidden/test.cpp | 10 +--------- 3 files changed, 9 insertions(+), 14 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll b/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll index 26cd40747f..820bb986f1 100644 --- a/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll +++ b/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll @@ -13,12 +13,14 @@ abstract class IdentifierHiddenSharedQuery extends Query { } Query getQuery() { result instanceof IdentifierHiddenSharedQuery } /** - * a `IntegralOrEnumType` that is nonvolatile and const + * a `Variable` that is nonvolatile and const + * and of type `IntegralOrEnumType` */ -class NonVolatileConstIntegralOrEnumType extends IntegralOrEnumType { - NonVolatileConstIntegralOrEnumType() { +class NonVolatileConstIntegralOrEnumVariable extends Variable { + NonVolatileConstIntegralOrEnumVariable() { not this.isVolatile() and - this.isConst() + this.isConst() and + this.getUnspecifiedType() instanceof IntegralOrEnumType } } @@ -59,7 +61,7 @@ predicate hiddenInLambda(UserVariable outerDecl, UserVariable innerDecl) { exists(outerDecl.getInitializer().getExpr().getValue()) or //it const non-volatile integral or enumeration type and has been initialized with a constant expression - outerDecl.getType() instanceof NonVolatileConstIntegralOrEnumType and + outerDecl instanceof NonVolatileConstIntegralOrEnumVariable and exists(outerDecl.getInitializer().getExpr().getValue()) or //it is constexpr and has no mutable members diff --git a/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected b/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected index 518d21ace0..1b0d94d838 100644 --- a/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected +++ b/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected @@ -15,3 +15,4 @@ | test.cpp:142:9:142:10 | a1 | Declaration is hiding declaration $@. | test.cpp:140:14:140:15 | a1 | a1 | | test.cpp:147:9:147:10 | a2 | Declaration is hiding declaration $@. | test.cpp:145:20:145:21 | a2 | a2 | | test.cpp:152:9:152:10 | a3 | Declaration is hiding declaration $@. | test.cpp:150:17:150:18 | a3 | a3 | +| test.cpp:164:9:164:10 | a5 | Declaration is hiding declaration $@. | test.cpp:162:13:162:14 | a5 | a5 | diff --git a/cpp/common/test/rules/identifierhidden/test.cpp b/cpp/common/test/rules/identifierhidden/test.cpp index 71b9f283ce..ede4bb24d6 100644 --- a/cpp/common/test/rules/identifierhidden/test.cpp +++ b/cpp/common/test/rules/identifierhidden/test.cpp @@ -161,7 +161,7 @@ void f8() { const int a5 = 10; auto lambda5 = []() { - int a5 = a5 + 1; // NON_COMPLIANT[FALSE_NEGATIVE] - Lambda can access const + int a5 = a5 + 1; // NON_COMPLIANT - Lambda can access const // non-volatile integral or enumeration type initialized // with constant expression. }; @@ -172,12 +172,4 @@ void f8() { a6 + 1; // COMPLIANT - Lambda cannot access const volatile integral or // enumeration type initialized with constant expression. }; -} - -void f9() { - auto lambda1 = []() { - int a1 = 10; // COMPLIANT - }; - - int a1 = 10; } \ No newline at end of file From a48987969bc1ac704b2dab08e3fe5777cfd21932 Mon Sep 17 00:00:00 2001 From: knewbury01 Date: Tue, 9 Apr 2024 22:16:03 +0000 Subject: [PATCH 1776/2573] Bump version to 2.28.0-dev --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- docs/user_manual.md | 12 ++++++------ 16 files changed, 21 insertions(+), 21 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index 8cdfcf5563..0dcbe0087a 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards -version: 2.27.0-dev +version: 2.28.0-dev description: CERT C 2016 suites: codeql-suites license: MIT diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index 94e0d1925b..49fcdb84ec 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards-tests -version: 2.27.0-dev +version: 2.28.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 242357832d..3d2b9dafe8 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards -version: 2.27.0-dev +version: 2.28.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index 4f21201531..10db75d3d8 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards-tests -version: 2.27.0-dev +version: 2.28.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index eca4c20629..8e5b0b3f4d 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards -version: 2.27.0-dev +version: 2.28.0-dev description: MISRA C 2012 suites: codeql-suites license: MIT diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index 3c4fe74621..eda99b647a 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards-tests -version: 2.27.0-dev +version: 2.28.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index 90edd26091..bca828302a 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards -version: 2.27.0-dev +version: 2.28.0-dev description: AUTOSAR C++14 Guidelines R22-11, R21-11, R20-11, R19-11 and R19-03 suites: codeql-suites license: MIT diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index 29b95be3c0..36b54cd0a6 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards-tests -version: 2.27.0-dev +version: 2.28.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index 82bfc1d2f1..a3e916510b 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards -version: 2.27.0-dev +version: 2.28.0-dev description: CERT C++ 2016 suites: codeql-suites license: MIT diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index 89bfffc817..287b2e6c93 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards-tests -version: 2.27.0-dev +version: 2.28.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index 6723f50643..0c30772356 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards -version: 2.27.0-dev +version: 2.28.0-dev license: MIT dependencies: codeql/cpp-all: 0.9.3 diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index f311cdac81..28497835bc 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards-tests -version: 2.27.0-dev +version: 2.28.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index a8837481b8..e2e6e58b0a 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards -version: 2.27.0-dev +version: 2.28.0-dev description: MISRA C++ 2008 suites: codeql-suites license: MIT diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index ef46ae6be7..e90f340cd4 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards-tests -version: 2.27.0-dev +version: 2.28.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index 33f6cefdaa..167258e146 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/report-cpp-coding-standards -version: 2.27.0-dev +version: 2.28.0-dev license: MIT dependencies: codeql/cpp-all: 0.9.3 diff --git a/docs/user_manual.md b/docs/user_manual.md index fd9e9190bb..d790454afd 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -29,13 +29,13 @@ ## Release information -This user manual documents release `2.27.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). +This user manual documents release `2.28.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). The release page documents the release notes and contains the following artifacts part of the release: -- `code-scanning-cpp-query-pack-2.27.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `supported_rules_list_2.27.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. -- `supported_rules_list_2.27.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. -- `user_manual_2.27.0-dev.md`: This user manual. +- `code-scanning-cpp-query-pack-2.28.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. +- `supported_rules_list_2.28.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. +- `supported_rules_list_2.28.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. +- `user_manual_2.28.0-dev.md`: This user manual. - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards - `checksums.txt`: A text file containing sha256 checksums for the aforementioned artifacts. @@ -496,7 +496,7 @@ This section describes known failure modes for "CodeQL Coding Standards" and des | | Ouf of space | Less output. Some files may be only be partially analyzed, or not analyzed at all. | Error reported on the command line. | Increase space. If it remains an issue report space consumption issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False positives | More output. Results are reported which are not violations of the guidelines. | All reported results must be reviewed. | Report false positive issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False negatives | Less output. Violations of the guidelines are not reported. | Other validation and verification processes during software development should be used to complement the analysis performed by CodeQL Coding Standards. | Report false negative issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | -| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.27.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | +| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.28.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | | | Incorrect deviation record specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation records with a reason. Ensure that all deviation records are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Incorrect deviation permit specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation permits with a reason. Ensure that all deviation permits are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Unapproved use of a deviation record | Less output. Results for guideline violations are not reported. | Validate that the deviation record use is approved by verifying the approved-by attribute of the deviation record specification. | Ensure that each raised deviation record is approved by an independent approver through an auditable process. | From e1be014ce00a0b313404c7aa0350e6b85b3d6571 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 9 Apr 2024 16:08:12 -0700 Subject: [PATCH 1777/2573] Force run status checks From 3f6f65c99e3a92d3f6f6cdc7f7798c395db3bf43 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 9 Apr 2024 16:14:26 -0700 Subject: [PATCH 1778/2573] Use GitApp token to create PR to bump version If we use the workflow token to create a PR, the PR will be created but the checks won't run to prevent infinite loops. --- .github/workflows/finalize-release.yml | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index 56b150a702..d3f511caba 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -99,10 +99,21 @@ jobs: next_version=$(python scripts/release/next-version.py --component minor --pre-release dev -- $version) echo "NEXT_VERSION=$next_version" >> "$GITHUB_ENV" working-directory: tooling + + - name: Generate token + if: env.HOTFIX_RELEASE == 'false' + id: generate-token + uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e + with: + app-id: ${{ vars.AUTOMATION_APP_ID }} + private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} + owner: ${{ github.repository_owner }} + repositories: "codeql-coding-standards" - name: Bump main version + if: env.HOTFIX_RELEASE == 'false' env: - GH_TOKEN: ${{ github.token }} + GH_TOKEN: ${{ steps.generate-token.outputs.token }} run: | echo "Bumping main version to $NEXT_VERSION" From ca2f3939b29eb1e5ed51daa799a8344abee35617 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 9 Apr 2024 16:16:05 -0700 Subject: [PATCH 1779/2573] Remove deprecated workflow --- .github/workflows/bump-version.yml | 33 ------------------------------ 1 file changed, 33 deletions(-) delete mode 100644 .github/workflows/bump-version.yml diff --git a/.github/workflows/bump-version.yml b/.github/workflows/bump-version.yml deleted file mode 100644 index 712dbfe283..0000000000 --- a/.github/workflows/bump-version.yml +++ /dev/null @@ -1,33 +0,0 @@ -name: 📦 Bump Workflow - -on: - workflow_dispatch: - inputs: - new_version: - description: | - The version to update to (eg: 2.6.0 or 2.6.0-dev do not include `v`). - required: true -jobs: - - apply-version-bump: - runs-on: ubuntu-22.04 - name: Apply Version Bump - steps: - - name: Checkout - uses: actions/checkout@v2 - - - name: Apply Bump - shell: bash - env: - NEW_VERSION: ${{ inputs.new_version }} - run: | - bash ./scripts/release/bump-version.sh "$NEW_VERSION" - - - name: Create Pull Request - uses: peter-evans/create-pull-request@v4 - with: - title: "Release Engineering: Version bump to ${{ github.event.inputs.new_version }}." - body: "This PR updates codeql-coding-standards to version ${{ github.event.inputs.new_version }}." - commit-message: "Version bump to ${{ github.event.inputs.new_version }}." - delete-branch: true - branch: "automation/version-bump-${{ github.event.inputs.new_version }}" From 24247d25cc56de10803a17a1b8a2f9ca4663eee9 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 10 Apr 2024 17:51:50 -0400 Subject: [PATCH 1780/2573] Refactor A7-1-2 to extract constant expression logic --- .../rules/A7-1-2/VariableMissingConstexpr.ql | 75 +---------------- cpp/common/src/codingstandards/cpp/Expr.qll | 80 +++++++++++++++++++ 2 files changed, 82 insertions(+), 73 deletions(-) diff --git a/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql b/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql index 3c2ae9a592..13272c8169 100644 --- a/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql +++ b/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql @@ -18,6 +18,7 @@ import codingstandards.cpp.autosar import codingstandards.cpp.TrivialType import codingstandards.cpp.SideEffect import semmle.code.cpp.controlflow.SSA +import codingstandards.cpp.Expr predicate isZeroInitializable(Variable v) { not exists(v.getInitializer().getExpr()) and @@ -34,78 +35,6 @@ predicate isTypeZeroInitializable(Type t) { t.getUnderlyingType() instanceof ArrayType } -/** - * An optimized set of expressions used to determine the flow through constexpr variables. - */ -class VariableAccessOrCallOrLiteral extends Expr { - VariableAccessOrCallOrLiteral() { - this instanceof VariableAccess or - this instanceof Call or - this instanceof Literal - } -} - -/** - * Holds if the value of source flows through compile time evaluated variables to target. - */ -predicate flowsThroughConstExprVariables( - VariableAccessOrCallOrLiteral source, VariableAccessOrCallOrLiteral target -) { - ( - source = target - or - source != target and - exists(SsaDefinition intermediateDef, StackVariable intermediate | - intermediateDef.getAVariable().getFunction() = source.getEnclosingFunction() and - intermediateDef.getAVariable().getFunction() = target.getEnclosingFunction() and - intermediateDef.getAVariable() = intermediate and - intermediate.isConstexpr() - | - DataFlow::localExprFlow(source, intermediateDef.getDefiningValue(intermediate)) and - flowsThroughConstExprVariables(intermediateDef.getAUse(intermediate), target) - ) - ) -} - -/* - * Returns true if the given call may be evaluated at compile time and is compile time evaluated because - * all its arguments are compile time evaluated and its default values are compile time evaluated. - */ - -predicate isCompileTimeEvaluated(Call call) { - // 1. The call may be evaluated at compile time, because it is constexpr, and - call.getTarget().isConstexpr() and - // 2. all its arguments are compile time evaluated, and - forall(DataFlow::Node ultimateArgSource, DataFlow::Node argSource | - argSource = DataFlow::exprNode(call.getAnArgument()) and - DataFlow::localFlow(ultimateArgSource, argSource) and - not DataFlow::localFlowStep(_, ultimateArgSource) - | - ( - ultimateArgSource.asExpr() instanceof Literal - or - any(Call c | isCompileTimeEvaluated(c)) = ultimateArgSource.asExpr() - ) and - // If the ultimate argument source is not the same as the argument source, then it must flow through - // constexpr variables. - ( - ultimateArgSource != argSource - implies - flowsThroughConstExprVariables(ultimateArgSource.asExpr(), argSource.asExpr()) - ) - ) and - // 3. all the default values used are compile time evaluated. - forall(Expr defaultValue, Parameter parameterUsingDefaultValue, int idx | - parameterUsingDefaultValue = call.getTarget().getParameter(idx) and - not exists(call.getArgument(idx)) and - parameterUsingDefaultValue.getAnAssignedValue() = defaultValue - | - defaultValue instanceof Literal - or - any(Call c | isCompileTimeEvaluated(c)) = defaultValue - ) -} - from Variable v where not isExcluded(v, ConstPackage::variableMissingConstexprQuery()) and @@ -119,7 +48,7 @@ where ( v.getInitializer().getExpr().isConstant() or - any(Call call | isCompileTimeEvaluated(call)) = v.getInitializer().getExpr() + any(Call call | isCompileTimeEvaluatedCall(call)) = v.getInitializer().getExpr() or isZeroInitializable(v) or diff --git a/cpp/common/src/codingstandards/cpp/Expr.qll b/cpp/common/src/codingstandards/cpp/Expr.qll index 86d04e70df..5c19495f4e 100644 --- a/cpp/common/src/codingstandards/cpp/Expr.qll +++ b/cpp/common/src/codingstandards/cpp/Expr.qll @@ -189,3 +189,83 @@ module MisraExpr { CValue() { isCValue(this) } } } + +/** + * An optimized set of expressions used to determine the flow through constexpr variables. + */ +class VariableAccessOrCallOrLiteral extends Expr { + VariableAccessOrCallOrLiteral() { + this instanceof VariableAccess and this.(VariableAccess).getTarget().isConstexpr() + or + this instanceof Call + or + this instanceof Literal + } +} + +/** + * Holds if the value of source flows through compile time evaluated variables to target. + */ +predicate flowsThroughConstExprVariables( + VariableAccessOrCallOrLiteral source, VariableAccessOrCallOrLiteral target +) { + ( + source = target + or + source != target and + exists(SsaDefinition intermediateDef, StackVariable intermediate | + intermediateDef.getAVariable().getFunction() = source.getEnclosingFunction() and + intermediateDef.getAVariable().getFunction() = target.getEnclosingFunction() and + intermediateDef.getAVariable() = intermediate and + intermediate.isConstexpr() + | + DataFlow::localExprFlow(source, intermediateDef.getDefiningValue(intermediate)) and + flowsThroughConstExprVariables(intermediateDef.getAUse(intermediate), target) + ) + ) +} + +predicate isCompileTimeEvaluatedExpression(Expr expression) { + forall(DataFlow::Node ultimateSource, DataFlow::Node source | + source = DataFlow::exprNode(expression) and + DataFlow::localFlow(ultimateSource, source) and + not DataFlow::localFlowStep(_, ultimateSource) + | + isDirectCompileTimeEvaluatedExpression(ultimateSource.asExpr()) and + // If the ultimate source is not the same as the source, then it must flow through + // constexpr variables. + ( + ultimateSource != source + implies + flowsThroughConstExprVariables(ultimateSource.asExpr(), source.asExpr()) + ) + ) +} + +predicate isDirectCompileTimeEvaluatedExpression(Expr expression) { + expression instanceof Literal + or + any(Call c | isCompileTimeEvaluatedCall(c)) = expression +} + +/* + * Returns true if the given call may be evaluated at compile time and is compile time evaluated because + * all its arguments are compile time evaluated and its default values are compile time evaluated. + */ + +predicate isCompileTimeEvaluatedCall(Call call) { + // 1. The call may be evaluated at compile time, because it is constexpr, and + call.getTarget().isConstexpr() and + // 2. all its arguments are compile time evaluated, and + forall(Expr argSource | argSource = call.getAnArgument() | + isCompileTimeEvaluatedExpression(argSource) + ) and + // 3. all the default values used are compile time evaluated. + forall(Expr defaultValue, Parameter parameterUsingDefaultValue, int idx | + parameterUsingDefaultValue = call.getTarget().getParameter(idx) and + not exists(call.getArgument(idx)) and + parameterUsingDefaultValue.getAnAssignedValue() = defaultValue + | + isDirectCompileTimeEvaluatedExpression(defaultValue) + ) +} From 22a80f64cdeaa042e8400dab38990e1569e0a989 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 10 Apr 2024 17:53:50 -0400 Subject: [PATCH 1781/2573] IdentifierHidden: use improved constant expression logic --- .../cpp/rules/identifierhidden/IdentifierHidden.qll | 5 +++-- .../test/rules/identifierhidden/IdentifierHidden.expected | 1 + cpp/common/test/rules/identifierhidden/test.cpp | 2 +- 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll b/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll index 820bb986f1..91d9720c88 100644 --- a/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll +++ b/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll @@ -7,6 +7,7 @@ import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.Scope import codingstandards.cpp.ConstHelpers +import codingstandards.cpp.Expr abstract class IdentifierHiddenSharedQuery extends Query { } @@ -58,11 +59,11 @@ predicate hiddenInLambda(UserVariable outerDecl, UserVariable innerDecl) { or //it is a reference that has been initialized with a constant expression. outerDecl.getType().stripTopLevelSpecifiers() instanceof ReferenceType and - exists(outerDecl.getInitializer().getExpr().getValue()) + isCompileTimeEvaluatedExpression(outerDecl.getInitializer().getExpr()) or //it const non-volatile integral or enumeration type and has been initialized with a constant expression outerDecl instanceof NonVolatileConstIntegralOrEnumVariable and - exists(outerDecl.getInitializer().getExpr().getValue()) + isCompileTimeEvaluatedExpression(outerDecl.getInitializer().getExpr()) or //it is constexpr and has no mutable members outerDecl.isConstexpr() and diff --git a/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected b/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected index 1b0d94d838..3ed0ce6f91 100644 --- a/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected +++ b/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected @@ -15,4 +15,5 @@ | test.cpp:142:9:142:10 | a1 | Declaration is hiding declaration $@. | test.cpp:140:14:140:15 | a1 | a1 | | test.cpp:147:9:147:10 | a2 | Declaration is hiding declaration $@. | test.cpp:145:20:145:21 | a2 | a2 | | test.cpp:152:9:152:10 | a3 | Declaration is hiding declaration $@. | test.cpp:150:17:150:18 | a3 | a3 | +| test.cpp:158:9:158:10 | a4 | Declaration is hiding declaration $@. | test.cpp:156:14:156:15 | a4 | a4 | | test.cpp:164:9:164:10 | a5 | Declaration is hiding declaration $@. | test.cpp:162:13:162:14 | a5 | a5 | diff --git a/cpp/common/test/rules/identifierhidden/test.cpp b/cpp/common/test/rules/identifierhidden/test.cpp index ede4bb24d6..946063e6be 100644 --- a/cpp/common/test/rules/identifierhidden/test.cpp +++ b/cpp/common/test/rules/identifierhidden/test.cpp @@ -155,7 +155,7 @@ void f8() { const int &a4 = a3; auto lambda4 = []() { - int a4 = a4 + 1; // NON_COMPLIANT[FALSE_NEGATIVE] - Lambda can access + int a4 = a4 + 1; // NON_COMPLIANT - Lambda can access // reference initialized with constant expression. }; From b2c5896b6887e9868c76c1eb9bdca02c0e71e25e Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 10 Apr 2024 17:56:57 -0400 Subject: [PATCH 1782/2573] Reformat query --- cpp/common/src/codingstandards/cpp/Expr.qll | 3 +++ 1 file changed, 3 insertions(+) diff --git a/cpp/common/src/codingstandards/cpp/Expr.qll b/cpp/common/src/codingstandards/cpp/Expr.qll index 78e99b118a..fe2877f849 100644 --- a/cpp/common/src/codingstandards/cpp/Expr.qll +++ b/cpp/common/src/codingstandards/cpp/Expr.qll @@ -268,9 +268,12 @@ predicate isCompileTimeEvaluatedCall(Call call) { | isDirectCompileTimeEvaluatedExpression(defaultValue) ) +} +/* * an operator that does not evaluate its operand */ + class UnevaluatedExprExtension extends Expr { UnevaluatedExprExtension() { this.getAChild().isUnevaluated() From a9e6e8391cd8bed9ce2841a7beb33e50fd4e92bb Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Fri, 12 Apr 2024 16:54:40 -0400 Subject: [PATCH 1783/2573] M9-3-3: address fp issue 381 --- change_notes/2024-04-12-fix-fp-m9-3-3.md | 2 ++ .../M9-3-3/MemberFunctionConstIfPossible.ql | 11 +++++++++- cpp/autosar/test/rules/M9-3-3/test.cpp | 21 +++++++++++++++++++ 3 files changed, 33 insertions(+), 1 deletion(-) create mode 100644 change_notes/2024-04-12-fix-fp-m9-3-3.md diff --git a/change_notes/2024-04-12-fix-fp-m9-3-3.md b/change_notes/2024-04-12-fix-fp-m9-3-3.md new file mode 100644 index 0000000000..bbc9fb9ab0 --- /dev/null +++ b/change_notes/2024-04-12-fix-fp-m9-3-3.md @@ -0,0 +1,2 @@ +`M9-3-3`: `MemberFunctionConstIfPossible.ql`: + - Fix FP reported in 381. Omit member functions that return nonconst reference types. \ No newline at end of file diff --git a/cpp/autosar/src/rules/M9-3-3/MemberFunctionConstIfPossible.ql b/cpp/autosar/src/rules/M9-3-3/MemberFunctionConstIfPossible.ql index 66a3affa24..596879d5fd 100644 --- a/cpp/autosar/src/rules/M9-3-3/MemberFunctionConstIfPossible.ql +++ b/cpp/autosar/src/rules/M9-3-3/MemberFunctionConstIfPossible.ql @@ -37,6 +37,13 @@ class NonConstMemberFunction extends MemberFunction { NonConstMemberFunction() { not this.hasSpecifier("const") } } +/** + * References that are not const + */ +class NonConstReferenceType extends ReferenceType { + NonConstReferenceType() { not this.isConst() } +} + /** * `MemberFunction`s that are not const * and not `Constructor`s ect as const constructors are @@ -57,7 +64,9 @@ class ConstMemberFunctionCandidate extends NonConstMemberFunction { this.hasDefinition() and // For uninstantiated templates we have only partial information that prevents us from determining // if the candidate calls non-const functions. Therefore we exclude these. - not this.isFromUninstantiatedTemplate(_) + not this.isFromUninstantiatedTemplate(_) and + //cannot recommend const if it returns a nonconst reference + not this.getType() instanceof NonConstReferenceType } /** diff --git a/cpp/autosar/test/rules/M9-3-3/test.cpp b/cpp/autosar/test/rules/M9-3-3/test.cpp index 704a4ae5fd..f37fd3ac66 100644 --- a/cpp/autosar/test/rules/M9-3-3/test.cpp +++ b/cpp/autosar/test/rules/M9-3-3/test.cpp @@ -193,3 +193,24 @@ void test_template() { class Z3 { void f(int) = delete; // COMPLIANT }; + +class Z4 { +public: + int values[128]; + template + void fill(const T &val) { // COMPLIANT[FALSE_NEGATIVE|TRUE_NEGATIVE] - + // exception not specified in the + // standard, we opt to not raise an issue because the template can be both + // compliant and non-compliant depending on instantiations. + for (auto &elem : values) { + elem = val; + } + } + constexpr int &front() noexcept { return values[0]; } // COMPLIANT +}; + +void fp_reported_in_381() { + Z4 z; + int i = z.front(); + z.fill(i); +} \ No newline at end of file From 31eea6cae79c24baee838872d57519533b54315f Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Mon, 22 Apr 2024 11:40:06 +0900 Subject: [PATCH 1784/2573] Replaces expensive getIdentityString() call --- change_notes/2024-04-22-improve-a13-2-2.md | 2 ++ .../A13-2-2/BinaryOperatorAndBitwiseOperatorReturnAPrvalue.ql | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) create mode 100644 change_notes/2024-04-22-improve-a13-2-2.md diff --git a/change_notes/2024-04-22-improve-a13-2-2.md b/change_notes/2024-04-22-improve-a13-2-2.md new file mode 100644 index 0000000000..97670cc9fc --- /dev/null +++ b/change_notes/2024-04-22-improve-a13-2-2.md @@ -0,0 +1,2 @@ +- `A13-2-2` - `BinaryOperatorAndBitwiseOperatorReturnAPrvalue.ql`: + - Replaced the usage of getIdentityString() with toString() to avoid expensive computation to display the Operator names which were causing crashes on production code. diff --git a/cpp/autosar/src/rules/A13-2-2/BinaryOperatorAndBitwiseOperatorReturnAPrvalue.ql b/cpp/autosar/src/rules/A13-2-2/BinaryOperatorAndBitwiseOperatorReturnAPrvalue.ql index c28047dcfb..582e4d3dec 100644 --- a/cpp/autosar/src/rules/A13-2-2/BinaryOperatorAndBitwiseOperatorReturnAPrvalue.ql +++ b/cpp/autosar/src/rules/A13-2-2/BinaryOperatorAndBitwiseOperatorReturnAPrvalue.ql @@ -31,5 +31,5 @@ where o.getType() instanceof ReferenceType ) select o, - "User-defined bitwise or arithmetic operator " + getIdentityString(o) + + "User-defined bitwise or arithmetic operator " + o.toString() + " does not return a prvalue." From 331663d695a3bdd81bf0cbe1ab3837e5c8b410b3 Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Mon, 22 Apr 2024 11:45:28 +0900 Subject: [PATCH 1785/2573] Executed codeql query format --- ...peratorAndBitwiseOperatorReturnAPrvalue.ql | 35 +++++++++---------- 1 file changed, 17 insertions(+), 18 deletions(-) diff --git a/cpp/autosar/src/rules/A13-2-2/BinaryOperatorAndBitwiseOperatorReturnAPrvalue.ql b/cpp/autosar/src/rules/A13-2-2/BinaryOperatorAndBitwiseOperatorReturnAPrvalue.ql index 582e4d3dec..1f144dd4f2 100644 --- a/cpp/autosar/src/rules/A13-2-2/BinaryOperatorAndBitwiseOperatorReturnAPrvalue.ql +++ b/cpp/autosar/src/rules/A13-2-2/BinaryOperatorAndBitwiseOperatorReturnAPrvalue.ql @@ -14,22 +14,21 @@ * external/autosar/obligation/required */ -import cpp -import codingstandards.cpp.autosar -import codingstandards.cpp.Operator -import semmle.code.cpp.Print + import cpp + import codingstandards.cpp.autosar + import codingstandards.cpp.Operator + import semmle.code.cpp.Print -from Operator o -where - not isExcluded(o, OperatorInvariantsPackage::binaryOperatorAndBitwiseOperatorReturnAPrvalueQuery()) and - (o instanceof UserBitwiseOperator or o instanceof UserArithmeticOperator) and - ( - o.getType().isDeeplyConst() - or - o.getType() instanceof PointerType - or - o.getType() instanceof ReferenceType - ) -select o, - "User-defined bitwise or arithmetic operator " + o.toString() + - " does not return a prvalue." + from Operator o + where + not isExcluded(o, OperatorInvariantsPackage::binaryOperatorAndBitwiseOperatorReturnAPrvalueQuery()) and + (o instanceof UserBitwiseOperator or o instanceof UserArithmeticOperator) and + ( + o.getType().isDeeplyConst() + or + o.getType() instanceof PointerType + or + o.getType() instanceof ReferenceType + ) + select o, + "User-defined bitwise or arithmetic operator " + o.toString() + " does not return a prvalue." From dbc828a637dc6f9e809c652ca6d3178c0b46cad6 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 23 Apr 2024 15:57:37 -0400 Subject: [PATCH 1786/2573] UncheckedRangeDomainPoleErrors: add cases for missing domain checks, pole error checks and one unspecified result case --- change_notes/2024-04-23-fix-fp-193.md | 2 + .../UncheckedRangeDomainPoleErrors.qll | 92 ++++++++++++++++++- .../test/includes/standard-library/limits.h | 2 + .../test/includes/standard-library/math.h | 11 +++ .../UncheckedRangeDomainPoleErrors.expected | 48 ++++++---- .../uncheckedrangedomainpoleerrors/test.cpp | 31 +++++-- 6 files changed, 158 insertions(+), 28 deletions(-) create mode 100644 change_notes/2024-04-23-fix-fp-193.md diff --git a/change_notes/2024-04-23-fix-fp-193.md b/change_notes/2024-04-23-fix-fp-193.md new file mode 100644 index 0000000000..1a89edf190 --- /dev/null +++ b/change_notes/2024-04-23-fix-fp-193.md @@ -0,0 +1,2 @@ +- `A0-4-4`,`FLP32-C` - `UncheckedRangeDomainPoleErrors.ql`: + - Fixes #193. Adds missing cases for domain errors, an unspecified result case and pole error cases. \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.qll b/cpp/common/src/codingstandards/cpp/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.qll index 13a937151c..ad93f70bd4 100644 --- a/cpp/common/src/codingstandards/cpp/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.qll +++ b/cpp/common/src/codingstandards/cpp/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.qll @@ -42,6 +42,7 @@ predicate hasDomainError(FunctionCall fc, string description) { upperBound(fc.getArgument(0)) < 1.0 and description = "argument is less than 1" or + //pole error is the same as domain for logb and tgamma (but not ilogb - no pole error exists) functionWithDomainError = getMathVariants(["ilogb", "logb", "tgamma"]) and fc.getArgument(0).getValue().toFloat() = 0 and description = "argument is equal to zero" @@ -53,18 +54,95 @@ predicate hasDomainError(FunctionCall fc, string description) { functionWithDomainError = getMathVariants("log1p") and upperBound(fc.getArgument(0)) < -1.0 and description = "argument is less than 1" + or + functionWithDomainError = getMathVariants("fmod") and + fc.getArgument(1).getValue().toFloat() = 0 and + description = "y is 0" ) } +predicate hasRangeError(FunctionCall fc, string description) { + exists(Function functionWithRangeError | fc.getTarget() = functionWithRangeError | + functionWithRangeError.hasGlobalOrStdName(["abs", "labs", "llabs", "imaxabs"]) and + fc.getArgument(0) = any(MINMacro m).getAnInvocation().getExpr() and + description = "argument is most negative number" + ) +} + +predicate hasPoleError(FunctionCall fc, string description) { + exists(Function functionWithPoleError | fc.getTarget() = functionWithPoleError | + functionWithPoleError = getMathVariants("atanh") and + ( + fc.getArgument(0).getValue().toFloat() = -1.0 + or + fc.getArgument(0).getValue().toFloat() = 1.0 + ) and + description = "argument is plus or minus 1" + or + functionWithPoleError = getMathVariants("log1p") and + fc.getArgument(0).getValue().toFloat() = -1 and + description = "argument is equal to negative one" + or + functionWithPoleError = getMathVariants("pow") and + fc.getArgument(0).getValue().toFloat() = 0.0 and + fc.getArgument(1).getValue().toFloat() < 0.0 and + description = "base is zero and exp is negative" + or + functionWithPoleError = getMathVariants("lgamma") and + fc.getArgument(0).getValue().toFloat() = 0 and + description = "argument is equal to zero" + or + functionWithPoleError = getMathVariants(["log", "log10", "log2"]) and + fc.getArgument(0).getValue().toFloat() = 0.0 and + description = "argument is equal to zero" + ) +} + +predicate unspecifiedValueCases(FunctionCall fc, string description) { + exists(Function functionWithUnspecifiedResultError | + fc.getTarget() = functionWithUnspecifiedResultError + | + functionWithUnspecifiedResultError = getMathVariants("frexp") and + ( + fc.getArgument(0) = any(InfinityMacro m).getAnInvocation().getExpr() or + fc.getArgument(0) = any(NanMacro m).getAnInvocation().getExpr() + ) and + description = "Arg is Nan or infinity and exp is unspecified as a result" + ) +} + +/** + * A macro which is representing infinity + */ +class InfinityMacro extends Macro { + InfinityMacro() { this.getName().toLowerCase().matches("infinity") } +} + +/** + * A macro which is representing nan + */ +class NanMacro extends Macro { + NanMacro() { this.getName().toLowerCase().matches("nan") } +} + +/** + * A macro which is representing INT_MIN or LONG_MIN or LLONG_MIN + */ +class MINMacro extends Macro { + MINMacro() { this.getName().toLowerCase().matches(["int_min", "long_min", "llong_min"]) } +} + /* * Domain cases not covered by this query: * - pow - x is finite and negative and y is finite and not an integer value. * - tgamma - negative integer can't be covered. * - lrint/llrint/lround/llround - no domain errors checked - * - fmod - no domain errors checked. * - remainder - no domain errors checked. * - remquo - no domain errors checked. * + * Pole cases not covered by this query: + * - lgamma - negative integer can't be covered. + * * Implementations may also define their own domain errors (as per the C99 standard), which are not * covered by this query. */ @@ -73,6 +151,16 @@ query predicate problems(FunctionCall fc, string message) { not isExcluded(fc, getQuery()) and exists(string description | hasDomainError(fc, description) and - message = "Domain error in call to " + fc.getTarget().getName() + ": " + description + "." + message = "Domain error in call to '" + fc.getTarget().getName() + "': " + description + "." + or + hasRangeError(fc, description) and + message = "Range error in call to '" + fc.getTarget().getName() + "': " + description + "." + or + hasPoleError(fc, description) and + message = "Pole error in call to '" + fc.getTarget().getName() + "': " + description + "." + or + unspecifiedValueCases(fc, description) and + message = + "Unspecified error in call to '" + fc.getTarget().getName() + "': " + description + "." ) } diff --git a/cpp/common/test/includes/standard-library/limits.h b/cpp/common/test/includes/standard-library/limits.h index 5317339525..f7d490c181 100644 --- a/cpp/common/test/includes/standard-library/limits.h +++ b/cpp/common/test/includes/standard-library/limits.h @@ -23,6 +23,8 @@ #define LLONG_MAX 9223372036854775807 #define ULLONG_MIN 0ULL #define ULLONG_MAX 0xffffffffffffffff +#define NAN (0.0f / 0.0f) +#define INFINITY 1e5000f namespace std { template class numeric_limits; diff --git a/cpp/common/test/includes/standard-library/math.h b/cpp/common/test/includes/standard-library/math.h index 563f6e7823..2b222d9fbd 100644 --- a/cpp/common/test/includes/standard-library/math.h +++ b/cpp/common/test/includes/standard-library/math.h @@ -1,5 +1,7 @@ #ifndef _GHLIBCPP_MATH #define _GHLIBCPP_MATH +int abs(int); +long abs(long); double acos(double x); float acosf(float x); long double acosl(long double x); @@ -15,9 +17,18 @@ long double acoshl(long double x); double atanh(double x); float atanhf(float x); long double atanhl(long double x); +double fmod(double, double); +float fmodf(float, float); +long double fmodl(long double, long double); +double frexp(double, int *); +float frexpf(float, int *); +long double frexpl(long double, int *); int ilogb(double x); int ilogbf(float x); int ilogbl(long double x); +double lgamma(double); +float lgammaf(float); +long double lgammal(long double); double log(double x); float logf(float x); long double logl(long double x); diff --git a/cpp/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.expected b/cpp/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.expected index 3e99c4cd56..4bbdb307ff 100644 --- a/cpp/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.expected +++ b/cpp/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.expected @@ -1,18 +1,30 @@ -| test.cpp:4:3:4:6 | call to acos | Domain error in call to acos: the argument has a range -1.1...-1.1 which is outside the domain of this function (-1.0...1.0). | -| test.cpp:8:3:8:6 | call to acos | Domain error in call to acos: the argument has a range 1.1...1.1 which is outside the domain of this function (-1.0...1.0). | -| test.cpp:9:3:9:6 | call to asin | Domain error in call to asin: the argument has a range -1.1...-1.1 which is outside the domain of this function (-1.0...1.0). | -| test.cpp:13:3:13:6 | call to asin | Domain error in call to asin: the argument has a range 1.1...1.1 which is outside the domain of this function (-1.0...1.0). | -| test.cpp:14:3:14:7 | call to atanh | Domain error in call to atanh: the argument has a range -1.1...-1.1 which is outside the domain of this function (-1.0...1.0). | -| test.cpp:18:3:18:7 | call to atanh | Domain error in call to atanh: the argument has a range 1.1...1.1 which is outside the domain of this function (-1.0...1.0). | -| test.cpp:19:3:19:7 | call to atan2 | Domain error in call to atan2: both arguments are equal to zero. | -| test.cpp:23:3:23:5 | call to pow | Domain error in call to pow: both arguments are equal to zero. | -| test.cpp:27:3:27:5 | call to pow | Domain error in call to pow: both arguments are less than zero. | -| test.cpp:33:3:33:7 | call to acosh | Domain error in call to acosh: argument is less than 1. | -| test.cpp:34:3:34:7 | call to ilogb | Domain error in call to ilogb: argument is equal to zero. | -| test.cpp:37:3:37:5 | call to log | Domain error in call to log: argument is negative. | -| test.cpp:40:3:40:7 | call to log10 | Domain error in call to log10: argument is negative. | -| test.cpp:43:3:43:6 | call to log2 | Domain error in call to log2: argument is negative. | -| test.cpp:46:3:46:6 | call to sqrt | Domain error in call to sqrt: argument is negative. | -| test.cpp:49:3:49:7 | call to log1p | Domain error in call to log1p: argument is less than 1. | -| test.cpp:52:3:52:6 | call to logb | Domain error in call to logb: argument is equal to zero. | -| test.cpp:55:3:55:8 | call to tgamma | Domain error in call to tgamma: argument is equal to zero. | +| test.cpp:5:3:5:6 | call to acos | Domain error in call to 'acos': the argument has a range -1.1...-1.1 which is outside the domain of this function (-1.0...1.0). | +| test.cpp:9:3:9:6 | call to acos | Domain error in call to 'acos': the argument has a range 1.1...1.1 which is outside the domain of this function (-1.0...1.0). | +| test.cpp:10:3:10:6 | call to asin | Domain error in call to 'asin': the argument has a range -1.1...-1.1 which is outside the domain of this function (-1.0...1.0). | +| test.cpp:14:3:14:6 | call to asin | Domain error in call to 'asin': the argument has a range 1.1...1.1 which is outside the domain of this function (-1.0...1.0). | +| test.cpp:15:3:15:7 | call to atanh | Domain error in call to 'atanh': the argument has a range -1.1...-1.1 which is outside the domain of this function (-1.0...1.0). | +| test.cpp:17:3:17:7 | call to atanh | Domain error in call to 'atanh': the argument has a range 1.1...1.1 which is outside the domain of this function (-1.0...1.0). | +| test.cpp:18:3:18:7 | call to atan2 | Domain error in call to 'atan2': both arguments are equal to zero. | +| test.cpp:22:3:22:5 | call to pow | Domain error in call to 'pow': both arguments are equal to zero. | +| test.cpp:26:3:26:5 | call to pow | Domain error in call to 'pow': both arguments are less than zero. | +| test.cpp:31:3:31:7 | call to acosh | Domain error in call to 'acosh': argument is less than 1. | +| test.cpp:32:3:32:7 | call to ilogb | Domain error in call to 'ilogb': argument is equal to zero. | +| test.cpp:35:3:35:5 | call to log | Domain error in call to 'log': argument is negative. | +| test.cpp:37:3:37:7 | call to log10 | Domain error in call to 'log10': argument is negative. | +| test.cpp:39:3:39:6 | call to log2 | Domain error in call to 'log2': argument is negative. | +| test.cpp:41:3:41:6 | call to sqrt | Domain error in call to 'sqrt': argument is negative. | +| test.cpp:44:3:44:7 | call to log1p | Domain error in call to 'log1p': argument is less than 1. | +| test.cpp:46:3:46:6 | call to logb | Domain error in call to 'logb': argument is equal to zero. | +| test.cpp:49:3:49:8 | call to tgamma | Domain error in call to 'tgamma': argument is equal to zero. | +| test.cpp:55:3:55:5 | call to abs | Range error in call to 'abs': argument is most negative number. | +| test.cpp:56:3:56:6 | call to fmod | Domain error in call to 'fmod': y is 0. | +| test.cpp:58:3:58:7 | call to frexp | Unspecified error in call to 'frexp': Arg is Nan or infinity and exp is unspecified as a result. | +| test.cpp:59:3:59:7 | call to frexp | Unspecified error in call to 'frexp': Arg is Nan or infinity and exp is unspecified as a result. | +| test.cpp:63:3:63:7 | call to atanh | Pole error in call to 'atanh': argument is plus or minus 1. | +| test.cpp:64:3:64:7 | call to atanh | Pole error in call to 'atanh': argument is plus or minus 1. | +| test.cpp:65:3:65:5 | call to log | Pole error in call to 'log': argument is equal to zero. | +| test.cpp:66:3:66:7 | call to log10 | Pole error in call to 'log10': argument is equal to zero. | +| test.cpp:67:3:67:6 | call to log2 | Pole error in call to 'log2': argument is equal to zero. | +| test.cpp:68:3:68:7 | call to log1p | Pole error in call to 'log1p': argument is equal to negative one. | +| test.cpp:70:3:70:5 | call to pow | Pole error in call to 'pow': base is zero and exp is negative. | +| test.cpp:71:3:71:8 | call to lgamma | Pole error in call to 'lgamma': argument is equal to zero. | diff --git a/cpp/common/test/rules/uncheckedrangedomainpoleerrors/test.cpp b/cpp/common/test/rules/uncheckedrangedomainpoleerrors/test.cpp index 63f53b8a41..d194702e83 100644 --- a/cpp/common/test/rules/uncheckedrangedomainpoleerrors/test.cpp +++ b/cpp/common/test/rules/uncheckedrangedomainpoleerrors/test.cpp @@ -1,6 +1,7 @@ +#include "limits.h" #include "math.h" -void test() { +void test_domain_errors() { acos(-1.1f); // NON_COMPLIANT acos(-1.0f); // COMPLIANT acos(0.0f); // COMPLIANT @@ -12,9 +13,7 @@ void test() { asin(1.0f); // COMPLIANT asin(1.1f); // NON_COMPLIANT atanh(-1.1f); // NON_COMPLIANT - atanh(-1.0f); // COMPLIANT atanh(0.0f); // COMPLIANT - atanh(1.0f); // COMPLIANT atanh(1.1f); // NON_COMPLIANT atan2(0.0f, 0.0f); // NON_COMPLIANT atan2(1.0f, 0.0f); // COMPLIANT @@ -26,7 +25,6 @@ void test() { pow(1.0f, 1.0f); // COMPLIANT pow(-1.0f, -1.0f); // NON_COMPLIANT pow(-1.0f, 0.0f); // COMPLIANT - pow(0.0f, -1.0f); // COMPLIANT pow(1.0f, -1.0f); // COMPLIANT pow(-1.0f, 1.0f); // COMPLIANT acosh(1.0f); // COMPLIANT @@ -35,19 +33,15 @@ void test() { ilogb(1.0f); // COMPLIANT ilogb(-1.0f); // COMPLIANT log(-1.0f); // NON_COMPLIANT - log(0.0f); // COMPLIANT log(1.0f); // COMPLIANT log10(-1.0f); // NON_COMPLIANT - log10(0.0f); // COMPLIANT log10(1.0f); // COMPLIANT log2(-1.0f); // NON_COMPLIANT - log2(0.0f); // COMPLIANT log2(1.0f); // COMPLIANT sqrt(-1.0f); // NON_COMPLIANT sqrt(0.0f); // COMPLIANT sqrt(1.0f); // COMPLIANT log1p(-2.0f); // NON_COMPLIANT - log1p(-1.0f); // COMPLIANT log1p(0.0f); // COMPLIANT logb(0.0f); // NON_COMPLIANT logb(1.0f); // COMPLIANT @@ -56,3 +50,24 @@ void test() { tgamma(1.0f); // COMPLIANT tgamma(-1.1f); // COMPLIANT } + +void fn_in_193_missing_domain_or_range_cases() { + abs(INT_MIN); // NON_COMPLIANT + fmod(1.0f, 0.0f); // NON_COMPLIANT + int *exp; + frexp(NAN, exp); // NON_COMPLIANT + frexp(INFINITY, exp); // NON_COMPLIANT +} + +void test_pole_errors() { + atanh(-1.0f); // NON_COMPLIANT + atanh(1.0f); // NON_COMPLIANT + log(0.0f); // NON_COMPLIANT + log10(0.0f); // NON_COMPLIANT + log2(0.0f); // NON_COMPLIANT + log1p(-1.0f); // NON_COMPLIANT + // logb(x) already covered in domain cases + pow(0.0f, -1.0f); // NON_COMPLIANT + lgamma(0.0f); // NON_COMPLIANT + lgamma(-1); // NON_COMPLIANT[FALSE_NEGATIVE] +} \ No newline at end of file From 08522d360f1eb28730f8003fa3a7821ecf944c52 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 23 Apr 2024 16:17:11 -0400 Subject: [PATCH 1787/2573] UncheckedRangeDomainPoleErrors: forgot missing c query testcase parallel changes --- .../test/includes/standard-library/math.h | 467 +++++++++--------- .../UncheckedRangeDomainPoleErrors.expected | 48 +- .../uncheckedrangedomainpoleerrors/test.c | 32 +- .../test/includes/standard-library/math.h | 20 +- 4 files changed, 302 insertions(+), 265 deletions(-) diff --git a/c/common/test/includes/standard-library/math.h b/c/common/test/includes/standard-library/math.h index 14f28ec8c6..4acad05f16 100644 --- a/c/common/test/includes/standard-library/math.h +++ b/c/common/test/includes/standard-library/math.h @@ -11,30 +11,30 @@ extern "C" { #define __NEED_double_t #include -#if 100*__GNUC__+__GNUC_MINOR__ >= 303 -#define NAN __builtin_nanf("") -#define INFINITY __builtin_inff() +#if 100 * __GNUC__ + __GNUC_MINOR__ >= 303 +#define NAN __builtin_nanf("") +#define INFINITY __builtin_inff() #else -#define NAN (0.0f/0.0f) -#define INFINITY 1e5000f +#define NAN (0.0f / 0.0f) +#define INFINITY 1e5000f #endif #define HUGE_VALF INFINITY -#define HUGE_VAL ((double)INFINITY) +#define HUGE_VAL ((double)INFINITY) #define HUGE_VALL ((long double)INFINITY) -#define MATH_ERRNO 1 +#define MATH_ERRNO 1 #define MATH_ERREXCEPT 2 #define math_errhandling 2 -#define FP_ILOGBNAN (-1-0x7fffffff) +#define FP_ILOGBNAN (-1 - 0x7fffffff) #define FP_ILOGB0 FP_ILOGBNAN -#define FP_NAN 0 -#define FP_INFINITE 1 -#define FP_ZERO 2 +#define FP_NAN 0 +#define FP_INFINITE 1 +#define FP_ZERO 2 #define FP_SUBNORMAL 3 -#define FP_NORMAL 4 +#define FP_NORMAL 4 #ifdef __FP_FAST_FMA #define FP_FAST_FMA 1 @@ -52,58 +52,68 @@ int __fpclassify(double); int __fpclassifyf(float); int __fpclassifyl(long double); -static __inline unsigned __FLOAT_BITS(float __f) -{ - union {float __f; unsigned __i;} __u; - __u.__f = __f; - return __u.__i; +static __inline unsigned __FLOAT_BITS(float __f) { + union { + float __f; + unsigned __i; + } __u; + __u.__f = __f; + return __u.__i; } -static __inline unsigned long long __DOUBLE_BITS(double __f) -{ - union {double __f; unsigned long long __i;} __u; - __u.__f = __f; - return __u.__i; +static __inline unsigned long long __DOUBLE_BITS(double __f) { + union { + double __f; + unsigned long long __i; + } __u; + __u.__f = __f; + return __u.__i; } -#define fpclassify(x) ( \ - sizeof(x) == sizeof(float) ? __fpclassifyf(x) : \ - sizeof(x) == sizeof(double) ? __fpclassify(x) : \ - __fpclassifyl(x) ) - -#define isinf(x) ( \ - sizeof(x) == sizeof(float) ? (__FLOAT_BITS(x) & 0x7fffffff) == 0x7f800000 : \ - sizeof(x) == sizeof(double) ? (__DOUBLE_BITS(x) & -1ULL>>1) == 0x7ffULL<<52 : \ - __fpclassifyl(x) == FP_INFINITE) - -#define isnan(x) ( \ - sizeof(x) == sizeof(float) ? (__FLOAT_BITS(x) & 0x7fffffff) > 0x7f800000 : \ - sizeof(x) == sizeof(double) ? (__DOUBLE_BITS(x) & -1ULL>>1) > 0x7ffULL<<52 : \ - __fpclassifyl(x) == FP_NAN) - -#define isnormal(x) ( \ - sizeof(x) == sizeof(float) ? ((__FLOAT_BITS(x)+0x00800000) & 0x7fffffff) >= 0x01000000 : \ - sizeof(x) == sizeof(double) ? ((__DOUBLE_BITS(x)+(1ULL<<52)) & -1ULL>>1) >= 1ULL<<53 : \ - __fpclassifyl(x) == FP_NORMAL) - -#define isfinite(x) ( \ - sizeof(x) == sizeof(float) ? (__FLOAT_BITS(x) & 0x7fffffff) < 0x7f800000 : \ - sizeof(x) == sizeof(double) ? (__DOUBLE_BITS(x) & -1ULL>>1) < 0x7ffULL<<52 : \ - __fpclassifyl(x) > FP_INFINITE) +#define fpclassify(x) \ + (sizeof(x) == sizeof(float) ? __fpclassifyf(x) \ + : sizeof(x) == sizeof(double) ? __fpclassify(x) \ + : __fpclassifyl(x)) + +#define isinf(x) \ + (sizeof(x) == sizeof(float) ? (__FLOAT_BITS(x) & 0x7fffffff) == 0x7f800000 \ + : sizeof(x) == sizeof(double) \ + ? (__DOUBLE_BITS(x) & -1ULL >> 1) == 0x7ffULL << 52 \ + : __fpclassifyl(x) == FP_INFINITE) + +#define isnan(x) \ + (sizeof(x) == sizeof(float) ? (__FLOAT_BITS(x) & 0x7fffffff) > 0x7f800000 \ + : sizeof(x) == sizeof(double) \ + ? (__DOUBLE_BITS(x) & -1ULL >> 1) > 0x7ffULL << 52 \ + : __fpclassifyl(x) == FP_NAN) + +#define isnormal(x) \ + (sizeof(x) == sizeof(float) \ + ? ((__FLOAT_BITS(x) + 0x00800000) & 0x7fffffff) >= 0x01000000 \ + : sizeof(x) == sizeof(double) \ + ? ((__DOUBLE_BITS(x) + (1ULL << 52)) & -1ULL >> 1) >= 1ULL << 53 \ + : __fpclassifyl(x) == FP_NORMAL) + +#define isfinite(x) \ + (sizeof(x) == sizeof(float) ? (__FLOAT_BITS(x) & 0x7fffffff) < 0x7f800000 \ + : sizeof(x) == sizeof(double) \ + ? (__DOUBLE_BITS(x) & -1ULL >> 1) < 0x7ffULL << 52 \ + : __fpclassifyl(x) > FP_INFINITE) int __signbit(double); int __signbitf(float); int __signbitl(long double); -#define signbit(x) ( \ - sizeof(x) == sizeof(float) ? (int)(__FLOAT_BITS(x)>>31) : \ - sizeof(x) == sizeof(double) ? (int)(__DOUBLE_BITS(x)>>63) : \ - __signbitl(x) ) +#define signbit(x) \ + (sizeof(x) == sizeof(float) ? (int)(__FLOAT_BITS(x) >> 31) \ + : sizeof(x) == sizeof(double) ? (int)(__DOUBLE_BITS(x) >> 63) \ + : __signbitl(x)) -#define isunordered(x,y) (isnan((x)) ? ((void)(y),1) : isnan((y))) +#define isunordered(x, y) (isnan((x)) ? ((void)(y), 1) : isnan((y))) -#define __ISREL_DEF(rel, op, type) \ -static __inline int __is##rel(type __x, type __y) \ -{ return !isunordered(__x,__y) && __x op __y; } +#define __ISREL_DEF(rel, op, type) \ + static __inline int __is##rel(type __x, type __y) { \ + return !isunordered(__x, __y) && __x op __y; \ + } __ISREL_DEF(lessf, <, float_t) __ISREL_DEF(less, <, double_t) @@ -121,317 +131,316 @@ __ISREL_DEF(greaterequalf, >=, float_t) __ISREL_DEF(greaterequal, >=, double_t) __ISREL_DEF(greaterequall, >=, long double) -#define __tg_pred_2(x, y, p) ( \ - sizeof((x)+(y)) == sizeof(float) ? p##f(x, y) : \ - sizeof((x)+(y)) == sizeof(double) ? p(x, y) : \ - p##l(x, y) ) +#define __tg_pred_2(x, y, p) \ + (sizeof((x) + (y)) == sizeof(float) ? p##f(x, y) \ + : sizeof((x) + (y)) == sizeof(double) ? p(x, y) \ + : p##l(x, y)) -#define isless(x, y) __tg_pred_2(x, y, __isless) -#define islessequal(x, y) __tg_pred_2(x, y, __islessequal) -#define islessgreater(x, y) __tg_pred_2(x, y, __islessgreater) -#define isgreater(x, y) __tg_pred_2(x, y, __isgreater) -#define isgreaterequal(x, y) __tg_pred_2(x, y, __isgreaterequal) +#define isless(x, y) __tg_pred_2(x, y, __isless) +#define islessequal(x, y) __tg_pred_2(x, y, __islessequal) +#define islessgreater(x, y) __tg_pred_2(x, y, __islessgreater) +#define isgreater(x, y) __tg_pred_2(x, y, __isgreater) +#define isgreaterequal(x, y) __tg_pred_2(x, y, __isgreaterequal) -double acos(double); -float acosf(float); +double acos(double); +float acosf(float); long double acosl(long double); -double acosh(double); -float acoshf(float); +double acosh(double); +float acoshf(float); long double acoshl(long double); -double asin(double); -float asinf(float); +double asin(double); +float asinf(float); long double asinl(long double); -double asinh(double); -float asinhf(float); +double asinh(double); +float asinhf(float); long double asinhl(long double); -double atan(double); -float atanf(float); +double atan(double); +float atanf(float); long double atanl(long double); -double atan2(double, double); -float atan2f(float, float); +double atan2(double, double); +float atan2f(float, float); long double atan2l(long double, long double); -double atanh(double); -float atanhf(float); +double atanh(double); +float atanhf(float); long double atanhl(long double); -double cbrt(double); -float cbrtf(float); +double cbrt(double); +float cbrtf(float); long double cbrtl(long double); -double ceil(double); -float ceilf(float); +double ceil(double); +float ceilf(float); long double ceill(long double); -double copysign(double, double); -float copysignf(float, float); +double copysign(double, double); +float copysignf(float, float); long double copysignl(long double, long double); -double cos(double); -float cosf(float); +double cos(double); +float cosf(float); long double cosl(long double); -double cosh(double); -float coshf(float); +double cosh(double); +float coshf(float); long double coshl(long double); -double erf(double); -float erff(float); +double erf(double); +float erff(float); long double erfl(long double); -double erfc(double); -float erfcf(float); +double erfc(double); +float erfcf(float); long double erfcl(long double); -double exp(double); -float expf(float); +double exp(double); +float expf(float); long double expl(long double); -double exp2(double); -float exp2f(float); +double exp2(double); +float exp2f(float); long double exp2l(long double); -double expm1(double); -float expm1f(float); +double expm1(double); +float expm1f(float); long double expm1l(long double); -double fabs(double); -float fabsf(float); +double fabs(double); +float fabsf(float); long double fabsl(long double); -double fdim(double, double); -float fdimf(float, float); +double fdim(double, double); +float fdimf(float, float); long double fdiml(long double, long double); -double floor(double); -float floorf(float); +double floor(double); +float floorf(float); long double floorl(long double); -double fma(double, double, double); -float fmaf(float, float, float); +double fma(double, double, double); +float fmaf(float, float, float); long double fmal(long double, long double, long double); -double fmax(double, double); -float fmaxf(float, float); +double fmax(double, double); +float fmaxf(float, float); long double fmaxl(long double, long double); -double fmin(double, double); -float fminf(float, float); +double fmin(double, double); +float fminf(float, float); long double fminl(long double, long double); -double fmod(double, double); -float fmodf(float, float); +double fmod(double, double); +float fmodf(float, float); long double fmodl(long double, long double); -double frexp(double, int *); -float frexpf(float, int *); +double frexp(double, int *); +float frexpf(float, int *); long double frexpl(long double, int *); -double hypot(double, double); -float hypotf(float, float); +double hypot(double, double); +float hypotf(float, float); long double hypotl(long double, long double); -int ilogb(double); -int ilogbf(float); -int ilogbl(long double); +int ilogb(double); +int ilogbf(float); +int ilogbl(long double); -double ldexp(double, int); -float ldexpf(float, int); +double ldexp(double, int); +float ldexpf(float, int); long double ldexpl(long double, int); -double lgamma(double); -float lgammaf(float); +double lgamma(double); +float lgammaf(float); long double lgammal(long double); -long long llrint(double); -long long llrintf(float); -long long llrintl(long double); +long long llrint(double); +long long llrintf(float); +long long llrintl(long double); -long long llround(double); -long long llroundf(float); -long long llroundl(long double); +long long llround(double); +long long llroundf(float); +long long llroundl(long double); -double log(double); -float logf(float); +double log(double); +float logf(float); long double logl(long double); -double log10(double); -float log10f(float); +double log10(double); +float log10f(float); long double log10l(long double); -double log1p(double); -float log1pf(float); +double log1p(double); +float log1pf(float); long double log1pl(long double); -double log2(double); -float log2f(float); +double log2(double); +float log2f(float); long double log2l(long double); -double logb(double); -float logbf(float); +double logb(double); +float logbf(float); long double logbl(long double); -long lrint(double); -long lrintf(float); -long lrintl(long double); +long lrint(double); +long lrintf(float); +long lrintl(long double); -long lround(double); -long lroundf(float); -long lroundl(long double); +long lround(double); +long lroundf(float); +long lroundl(long double); -double modf(double, double *); -float modff(float, float *); +double modf(double, double *); +float modff(float, float *); long double modfl(long double, long double *); -double nan(const char *); -float nanf(const char *); +double nan(const char *); +float nanf(const char *); long double nanl(const char *); -double nearbyint(double); -float nearbyintf(float); +double nearbyint(double); +float nearbyintf(float); long double nearbyintl(long double); -double nextafter(double, double); -float nextafterf(float, float); +double nextafter(double, double); +float nextafterf(float, float); long double nextafterl(long double, long double); -double nexttoward(double, long double); -float nexttowardf(float, long double); +double nexttoward(double, long double); +float nexttowardf(float, long double); long double nexttowardl(long double, long double); -double pow(double, double); -float powf(float, float); +double pow(double, double); +float powf(float, float); long double powl(long double, long double); -double remainder(double, double); -float remainderf(float, float); +double remainder(double, double); +float remainderf(float, float); long double remainderl(long double, long double); -double remquo(double, double, int *); -float remquof(float, float, int *); +double remquo(double, double, int *); +float remquof(float, float, int *); long double remquol(long double, long double, int *); -double rint(double); -float rintf(float); +double rint(double); +float rintf(float); long double rintl(long double); -double round(double); -float roundf(float); +double round(double); +float roundf(float); long double roundl(long double); -double scalbln(double, long); -float scalblnf(float, long); +double scalbln(double, long); +float scalblnf(float, long); long double scalblnl(long double, long); -double scalbn(double, int); -float scalbnf(float, int); +double scalbn(double, int); +float scalbnf(float, int); long double scalbnl(long double, int); -double sin(double); -float sinf(float); +double sin(double); +float sinf(float); long double sinl(long double); -double sinh(double); -float sinhf(float); +double sinh(double); +float sinhf(float); long double sinhl(long double); -double sqrt(double); -float sqrtf(float); +double sqrt(double); +float sqrtf(float); long double sqrtl(long double); -double tan(double); -float tanf(float); +double tan(double); +float tanf(float); long double tanl(long double); -double tanh(double); -float tanhf(float); +double tanh(double); +float tanhf(float); long double tanhl(long double); -double tgamma(double); -float tgammaf(float); +double tgamma(double); +float tgammaf(float); long double tgammal(long double); -double trunc(double); -float truncf(float); +double trunc(double); +float truncf(float); long double truncl(long double); - #if defined(_XOPEN_SOURCE) || defined(_BSD_SOURCE) -#undef MAXFLOAT -#define MAXFLOAT 3.40282346638528859812e+38F +#undef MAXFLOAT +#define MAXFLOAT 3.40282346638528859812e+38F #endif #if defined(_XOPEN_SOURCE) || defined(_GNU_SOURCE) || defined(_BSD_SOURCE) -#define M_E 2.7182818284590452354 /* e */ -#define M_LOG2E 1.4426950408889634074 /* log_2 e */ -#define M_LOG10E 0.43429448190325182765 /* log_10 e */ -#define M_LN2 0.69314718055994530942 /* log_e 2 */ -#define M_LN10 2.30258509299404568402 /* log_e 10 */ -#define M_PI 3.14159265358979323846 /* pi */ -#define M_PI_2 1.57079632679489661923 /* pi/2 */ -#define M_PI_4 0.78539816339744830962 /* pi/4 */ -#define M_1_PI 0.31830988618379067154 /* 1/pi */ -#define M_2_PI 0.63661977236758134308 /* 2/pi */ -#define M_2_SQRTPI 1.12837916709551257390 /* 2/sqrt(pi) */ -#define M_SQRT2 1.41421356237309504880 /* sqrt(2) */ -#define M_SQRT1_2 0.70710678118654752440 /* 1/sqrt(2) */ +#define M_E 2.7182818284590452354 /* e */ +#define M_LOG2E 1.4426950408889634074 /* log_2 e */ +#define M_LOG10E 0.43429448190325182765 /* log_10 e */ +#define M_LN2 0.69314718055994530942 /* log_e 2 */ +#define M_LN10 2.30258509299404568402 /* log_e 10 */ +#define M_PI 3.14159265358979323846 /* pi */ +#define M_PI_2 1.57079632679489661923 /* pi/2 */ +#define M_PI_4 0.78539816339744830962 /* pi/4 */ +#define M_1_PI 0.31830988618379067154 /* 1/pi */ +#define M_2_PI 0.63661977236758134308 /* 2/pi */ +#define M_2_SQRTPI 1.12837916709551257390 /* 2/sqrt(pi) */ +#define M_SQRT2 1.41421356237309504880 /* sqrt(2) */ +#define M_SQRT1_2 0.70710678118654752440 /* 1/sqrt(2) */ extern int signgam; -double j0(double); -double j1(double); -double jn(int, double); +double j0(double); +double j1(double); +double jn(int, double); -double y0(double); -double y1(double); -double yn(int, double); +double y0(double); +double y1(double); +double yn(int, double); #endif #if defined(_GNU_SOURCE) || defined(_BSD_SOURCE) -#define HUGE 3.40282346638528859812e+38F +#define HUGE 3.40282346638528859812e+38F -double drem(double, double); -float dremf(float, float); +double drem(double, double); +float dremf(float, float); -int finite(double); -int finitef(float); +int finite(double); +int finitef(float); -double scalb(double, double); -float scalbf(float, float); +double scalb(double, double); +float scalbf(float, float); -double significand(double); -float significandf(float); +double significand(double); +float significandf(float); -double lgamma_r(double, int*); -float lgammaf_r(float, int*); +double lgamma_r(double, int *); +float lgammaf_r(float, int *); -float j0f(float); -float j1f(float); -float jnf(int, float); +float j0f(float); +float j1f(float); +float jnf(int, float); -float y0f(float); -float y1f(float); -float ynf(int, float); +float y0f(float); +float y1f(float); +float ynf(int, float); #endif #ifdef _GNU_SOURCE -long double lgammal_r(long double, int*); +long double lgammal_r(long double, int *); -void sincos(double, double*, double*); -void sincosf(float, float*, float*); -void sincosl(long double, long double*, long double*); +void sincos(double, double *, double *); +void sincosf(float, float *, float *); +void sincosl(long double, long double *, long double *); -double exp10(double); -float exp10f(float); +double exp10(double); +float exp10f(float); long double exp10l(long double); -double pow10(double); -float pow10f(float); +double pow10(double); +float pow10f(float); long double pow10l(long double); #endif diff --git a/c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.expected b/c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.expected index bf440fe311..9059b0d815 100644 --- a/c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.expected +++ b/c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.expected @@ -1,18 +1,30 @@ -| test.c:4:3:4:6 | call to acos | Domain error in call to acos: the argument has a range -1.1...-1.1 which is outside the domain of this function (-1.0...1.0). | -| test.c:8:3:8:6 | call to acos | Domain error in call to acos: the argument has a range 1.1...1.1 which is outside the domain of this function (-1.0...1.0). | -| test.c:9:3:9:6 | call to asin | Domain error in call to asin: the argument has a range -1.1...-1.1 which is outside the domain of this function (-1.0...1.0). | -| test.c:13:3:13:6 | call to asin | Domain error in call to asin: the argument has a range 1.1...1.1 which is outside the domain of this function (-1.0...1.0). | -| test.c:14:3:14:7 | call to atanh | Domain error in call to atanh: the argument has a range -1.1...-1.1 which is outside the domain of this function (-1.0...1.0). | -| test.c:18:3:18:7 | call to atanh | Domain error in call to atanh: the argument has a range 1.1...1.1 which is outside the domain of this function (-1.0...1.0). | -| test.c:19:3:19:7 | call to atan2 | Domain error in call to atan2: both arguments are equal to zero. | -| test.c:23:3:23:5 | call to pow | Domain error in call to pow: both arguments are equal to zero. | -| test.c:27:3:27:5 | call to pow | Domain error in call to pow: both arguments are less than zero. | -| test.c:33:3:33:7 | call to acosh | Domain error in call to acosh: argument is less than 1. | -| test.c:34:3:34:7 | call to ilogb | Domain error in call to ilogb: argument is equal to zero. | -| test.c:37:3:37:5 | call to log | Domain error in call to log: argument is negative. | -| test.c:40:3:40:7 | call to log10 | Domain error in call to log10: argument is negative. | -| test.c:43:3:43:6 | call to log2 | Domain error in call to log2: argument is negative. | -| test.c:46:3:46:6 | call to sqrt | Domain error in call to sqrt: argument is negative. | -| test.c:49:3:49:7 | call to log1p | Domain error in call to log1p: argument is less than 1. | -| test.c:52:3:52:6 | call to logb | Domain error in call to logb: argument is equal to zero. | -| test.c:55:3:55:8 | call to tgamma | Domain error in call to tgamma: argument is equal to zero. | +| test.c:6:3:6:6 | call to acos | Domain error in call to 'acos': the argument has a range -1.1...-1.1 which is outside the domain of this function (-1.0...1.0). | +| test.c:10:3:10:6 | call to acos | Domain error in call to 'acos': the argument has a range 1.1...1.1 which is outside the domain of this function (-1.0...1.0). | +| test.c:11:3:11:6 | call to asin | Domain error in call to 'asin': the argument has a range -1.1...-1.1 which is outside the domain of this function (-1.0...1.0). | +| test.c:15:3:15:6 | call to asin | Domain error in call to 'asin': the argument has a range 1.1...1.1 which is outside the domain of this function (-1.0...1.0). | +| test.c:16:3:16:7 | call to atanh | Domain error in call to 'atanh': the argument has a range -1.1...-1.1 which is outside the domain of this function (-1.0...1.0). | +| test.c:18:3:18:7 | call to atanh | Domain error in call to 'atanh': the argument has a range 1.1...1.1 which is outside the domain of this function (-1.0...1.0). | +| test.c:19:3:19:7 | call to atan2 | Domain error in call to 'atan2': both arguments are equal to zero. | +| test.c:23:3:23:5 | call to pow | Domain error in call to 'pow': both arguments are equal to zero. | +| test.c:27:3:27:5 | call to pow | Domain error in call to 'pow': both arguments are less than zero. | +| test.c:32:3:32:7 | call to acosh | Domain error in call to 'acosh': argument is less than 1. | +| test.c:33:3:33:7 | call to ilogb | Domain error in call to 'ilogb': argument is equal to zero. | +| test.c:36:3:36:5 | call to log | Domain error in call to 'log': argument is negative. | +| test.c:38:3:38:7 | call to log10 | Domain error in call to 'log10': argument is negative. | +| test.c:40:3:40:6 | call to log2 | Domain error in call to 'log2': argument is negative. | +| test.c:42:3:42:6 | call to sqrt | Domain error in call to 'sqrt': argument is negative. | +| test.c:45:3:45:7 | call to log1p | Domain error in call to 'log1p': argument is less than 1. | +| test.c:47:3:47:6 | call to logb | Domain error in call to 'logb': argument is equal to zero. | +| test.c:50:3:50:8 | call to tgamma | Domain error in call to 'tgamma': argument is equal to zero. | +| test.c:56:3:56:5 | call to abs | Range error in call to 'abs': argument is most negative number. | +| test.c:57:3:57:6 | call to fmod | Domain error in call to 'fmod': y is 0. | +| test.c:59:3:59:7 | call to frexp | Unspecified error in call to 'frexp': Arg is Nan or infinity and exp is unspecified as a result. | +| test.c:60:3:60:7 | call to frexp | Unspecified error in call to 'frexp': Arg is Nan or infinity and exp is unspecified as a result. | +| test.c:64:3:64:7 | call to atanh | Pole error in call to 'atanh': argument is plus or minus 1. | +| test.c:65:3:65:7 | call to atanh | Pole error in call to 'atanh': argument is plus or minus 1. | +| test.c:66:3:66:5 | call to log | Pole error in call to 'log': argument is equal to zero. | +| test.c:67:3:67:7 | call to log10 | Pole error in call to 'log10': argument is equal to zero. | +| test.c:68:3:68:6 | call to log2 | Pole error in call to 'log2': argument is equal to zero. | +| test.c:69:3:69:7 | call to log1p | Pole error in call to 'log1p': argument is equal to negative one. | +| test.c:71:3:71:5 | call to pow | Pole error in call to 'pow': base is zero and exp is negative. | +| test.c:72:3:72:8 | call to lgamma | Pole error in call to 'lgamma': argument is equal to zero. | diff --git a/c/common/test/rules/uncheckedrangedomainpoleerrors/test.c b/c/common/test/rules/uncheckedrangedomainpoleerrors/test.c index 47d7b1e683..4f2ef1d540 100644 --- a/c/common/test/rules/uncheckedrangedomainpoleerrors/test.c +++ b/c/common/test/rules/uncheckedrangedomainpoleerrors/test.c @@ -1,6 +1,8 @@ #include +#include +#include -void test() { +void test_domain_errors() { acos(-1.1f); // NON_COMPLIANT acos(-1.0f); // COMPLIANT acos(0.0f); // COMPLIANT @@ -12,9 +14,7 @@ void test() { asin(1.0f); // COMPLIANT asin(1.1f); // NON_COMPLIANT atanh(-1.1f); // NON_COMPLIANT - atanh(-1.0f); // COMPLIANT atanh(0.0f); // COMPLIANT - atanh(1.0f); // COMPLIANT atanh(1.1f); // NON_COMPLIANT atan2(0.0f, 0.0f); // NON_COMPLIANT atan2(1.0f, 0.0f); // COMPLIANT @@ -26,7 +26,6 @@ void test() { pow(1.0f, 1.0f); // COMPLIANT pow(-1.0f, -1.0f); // NON_COMPLIANT pow(-1.0f, 0.0f); // COMPLIANT - pow(0.0f, -1.0f); // COMPLIANT pow(1.0f, -1.0f); // COMPLIANT pow(-1.0f, 1.0f); // COMPLIANT acosh(1.0f); // COMPLIANT @@ -35,19 +34,15 @@ void test() { ilogb(1.0f); // COMPLIANT ilogb(-1.0f); // COMPLIANT log(-1.0f); // NON_COMPLIANT - log(0.0f); // COMPLIANT log(1.0f); // COMPLIANT log10(-1.0f); // NON_COMPLIANT - log10(0.0f); // COMPLIANT log10(1.0f); // COMPLIANT log2(-1.0f); // NON_COMPLIANT - log2(0.0f); // COMPLIANT log2(1.0f); // COMPLIANT sqrt(-1.0f); // NON_COMPLIANT sqrt(0.0f); // COMPLIANT sqrt(1.0f); // COMPLIANT log1p(-2.0f); // NON_COMPLIANT - log1p(-1.0f); // COMPLIANT log1p(0.0f); // COMPLIANT logb(0.0f); // NON_COMPLIANT logb(1.0f); // COMPLIANT @@ -56,3 +51,24 @@ void test() { tgamma(1.0f); // COMPLIANT tgamma(-1.1f); // COMPLIANT } + +void fn_in_193_missing_domain_or_range_cases() { + abs(INT_MIN); // NON_COMPLIANT + fmod(1.0f, 0.0f); // NON_COMPLIANT + int *exp; + frexp(NAN, exp); // NON_COMPLIANT + frexp(INFINITY, exp); // NON_COMPLIANT +} + +void test_pole_errors() { + atanh(-1.0f); // NON_COMPLIANT + atanh(1.0f); // NON_COMPLIANT + log(0.0f); // NON_COMPLIANT + log10(0.0f); // NON_COMPLIANT + log2(0.0f); // NON_COMPLIANT + log1p(-1.0f); // NON_COMPLIANT + // logb(x) already covered in domain cases + pow(0.0f, -1.0f); // NON_COMPLIANT + lgamma(0.0f); // NON_COMPLIANT + lgamma(-1); // NON_COMPLIANT[FALSE_NEGATIVE] +} \ No newline at end of file diff --git a/cpp/common/test/includes/standard-library/math.h b/cpp/common/test/includes/standard-library/math.h index 2b222d9fbd..460c0a9c2f 100644 --- a/cpp/common/test/includes/standard-library/math.h +++ b/cpp/common/test/includes/standard-library/math.h @@ -1,7 +1,7 @@ #ifndef _GHLIBCPP_MATH #define _GHLIBCPP_MATH -int abs(int); -long abs(long); +int abs(int x); +long abs(long x); double acos(double x); float acosf(float x); long double acosl(long double x); @@ -17,18 +17,18 @@ long double acoshl(long double x); double atanh(double x); float atanhf(float x); long double atanhl(long double x); -double fmod(double, double); -float fmodf(float, float); -long double fmodl(long double, long double); -double frexp(double, int *); -float frexpf(float, int *); +double fmod(double x, double y); +float fmodf(float x, float y); +long double fmodl(long double x, long double y); +double frexp(double x, int *y); +float frexpf(float x, int *y); long double frexpl(long double, int *); int ilogb(double x); int ilogbf(float x); int ilogbl(long double x); -double lgamma(double); -float lgammaf(float); -long double lgammal(long double); +double lgamma(double x); +float lgammaf(float x); +long double lgammal(long double x); double log(double x); float logf(float x); long double logl(long double x); From eb55b38b527882bdf6aa4aa2a3514a3b1d7a9d6d Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 23 Apr 2024 16:24:34 -0400 Subject: [PATCH 1788/2573] UncheckedRangeDomainPoleErrors: forgot testcase format --- c/common/test/rules/uncheckedrangedomainpoleerrors/test.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/common/test/rules/uncheckedrangedomainpoleerrors/test.c b/c/common/test/rules/uncheckedrangedomainpoleerrors/test.c index 4f2ef1d540..ab34302f21 100644 --- a/c/common/test/rules/uncheckedrangedomainpoleerrors/test.c +++ b/c/common/test/rules/uncheckedrangedomainpoleerrors/test.c @@ -1,5 +1,5 @@ -#include #include +#include #include void test_domain_errors() { From 4e353557a92379f2068726bb1c8b496a8d392a3a Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Wed, 24 Apr 2024 10:57:56 +0900 Subject: [PATCH 1789/2573] Addressed review comments --- ...peratorAndBitwiseOperatorReturnAPrvalue.ql | 34 +++++++++---------- ...rAndBitwiseOperatorReturnAPrvalue.expected | 8 ++--- 2 files changed, 21 insertions(+), 21 deletions(-) diff --git a/cpp/autosar/src/rules/A13-2-2/BinaryOperatorAndBitwiseOperatorReturnAPrvalue.ql b/cpp/autosar/src/rules/A13-2-2/BinaryOperatorAndBitwiseOperatorReturnAPrvalue.ql index 1f144dd4f2..c6c2e54378 100644 --- a/cpp/autosar/src/rules/A13-2-2/BinaryOperatorAndBitwiseOperatorReturnAPrvalue.ql +++ b/cpp/autosar/src/rules/A13-2-2/BinaryOperatorAndBitwiseOperatorReturnAPrvalue.ql @@ -14,21 +14,21 @@ * external/autosar/obligation/required */ - import cpp - import codingstandards.cpp.autosar - import codingstandards.cpp.Operator - import semmle.code.cpp.Print +import cpp +import codingstandards.cpp.autosar +import codingstandards.cpp.Operator +import semmle.code.cpp.Print - from Operator o - where - not isExcluded(o, OperatorInvariantsPackage::binaryOperatorAndBitwiseOperatorReturnAPrvalueQuery()) and - (o instanceof UserBitwiseOperator or o instanceof UserArithmeticOperator) and - ( - o.getType().isDeeplyConst() - or - o.getType() instanceof PointerType - or - o.getType() instanceof ReferenceType - ) - select o, - "User-defined bitwise or arithmetic operator " + o.toString() + " does not return a prvalue." +from Operator o +where + not isExcluded(o, OperatorInvariantsPackage::binaryOperatorAndBitwiseOperatorReturnAPrvalueQuery()) and + (o instanceof UserBitwiseOperator or o instanceof UserArithmeticOperator) and + ( + o.getType().isDeeplyConst() + or + o.getType() instanceof PointerType + or + o.getType() instanceof ReferenceType + ) +select o, + "User-defined bitwise or arithmetic operator " + o.toString() + " does not return a prvalue." diff --git a/cpp/autosar/test/rules/A13-2-2/BinaryOperatorAndBitwiseOperatorReturnAPrvalue.expected b/cpp/autosar/test/rules/A13-2-2/BinaryOperatorAndBitwiseOperatorReturnAPrvalue.expected index c8f1cc9204..3ebbfa09cf 100644 --- a/cpp/autosar/test/rules/A13-2-2/BinaryOperatorAndBitwiseOperatorReturnAPrvalue.expected +++ b/cpp/autosar/test/rules/A13-2-2/BinaryOperatorAndBitwiseOperatorReturnAPrvalue.expected @@ -1,4 +1,4 @@ -| test.cpp:16:9:16:17 | operator- | User-defined bitwise or arithmetic operator A const operator-(A const&, int) does not return a prvalue. | -| test.cpp:20:4:20:12 | operator\| | User-defined bitwise or arithmetic operator A* operator\|(A const&, A const&) does not return a prvalue. | -| test.cpp:24:9:24:18 | operator<< | User-defined bitwise or arithmetic operator A const operator<<(A const&, A const&) does not return a prvalue. | -| test.cpp:34:6:34:14 | operator+ | User-defined bitwise or arithmetic operator int& NS_C::operator+(C const&, C const&) does not return a prvalue. | +| test.cpp:16:9:16:17 | operator- | User-defined bitwise or arithmetic operator operator- does not return a prvalue. | +| test.cpp:20:4:20:12 | operator\| | User-defined bitwise or arithmetic operator operator\| does not return a prvalue. | +| test.cpp:24:9:24:18 | operator<< | User-defined bitwise or arithmetic operator operator<< does not return a prvalue. | +| test.cpp:34:6:34:14 | operator+ | User-defined bitwise or arithmetic operator operator+ does not return a prvalue. | From a9f55d2e483af1b2d77952592175b040f1997b7c Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 24 Apr 2024 10:59:36 -0400 Subject: [PATCH 1790/2573] Scope lib: rename predicate --- cpp/common/src/codingstandards/cpp/Scope.qll | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Scope.qll b/cpp/common/src/codingstandards/cpp/Scope.qll index 4ac52e2238..cfa2d062f2 100644 --- a/cpp/common/src/codingstandards/cpp/Scope.qll +++ b/cpp/common/src/codingstandards/cpp/Scope.qll @@ -149,8 +149,8 @@ private UserDeclaration getPotentialScopeOfDeclaration_candidate(UserDeclaration ) } -/** Gets a Declarationthat is in the potential scope of Declaration `v`. */ -private UserDeclaration getOuterScopesOfDeclaration_candidate(UserDeclaration v) { +/** Gets a Declaration that is in the potential scope of Declaration `v`. */ +private UserDeclaration getPotentialScopeOfDeclarationStrict_candidate(UserDeclaration v) { exists(Scope s | result = s.getADeclaration() and ( @@ -175,7 +175,7 @@ predicate inSameTranslationUnit(File f1, File f2) { */ cached UserDeclaration getPotentialScopeOfDeclarationStrict(UserDeclaration v) { - result = getOuterScopesOfDeclaration_candidate(v) and + result = getPotentialScopeOfDeclarationStrict_candidate(v) and inSameTranslationUnit(v.getFile(), result.getFile()) } From 80432d87a8446fc5a99593c13e2c96ae5b2f079b Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Thu, 25 Apr 2024 12:26:51 -0400 Subject: [PATCH 1791/2573] IdentifierHidden: revert realisitic compile time constant model in lambda hiding due to performance the simpler heurisitic is better --- .../cpp/rules/identifierhidden/IdentifierHidden.qll | 7 +++---- .../test/rules/identifierhidden/IdentifierHidden.expected | 1 - cpp/common/test/rules/identifierhidden/test.cpp | 2 +- 3 files changed, 4 insertions(+), 6 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll b/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll index 91d9720c88..d5d8a0d93e 100644 --- a/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll +++ b/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll @@ -7,7 +7,6 @@ import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.Scope import codingstandards.cpp.ConstHelpers -import codingstandards.cpp.Expr abstract class IdentifierHiddenSharedQuery extends Query { } @@ -59,11 +58,11 @@ predicate hiddenInLambda(UserVariable outerDecl, UserVariable innerDecl) { or //it is a reference that has been initialized with a constant expression. outerDecl.getType().stripTopLevelSpecifiers() instanceof ReferenceType and - isCompileTimeEvaluatedExpression(outerDecl.getInitializer().getExpr()) + outerDecl.getInitializer().getExpr() instanceof Literal or - //it const non-volatile integral or enumeration type and has been initialized with a constant expression + // //it const non-volatile integral or enumeration type and has been initialized with a constant expression outerDecl instanceof NonVolatileConstIntegralOrEnumVariable and - isCompileTimeEvaluatedExpression(outerDecl.getInitializer().getExpr()) + outerDecl.getInitializer().getExpr() instanceof Literal or //it is constexpr and has no mutable members outerDecl.isConstexpr() and diff --git a/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected b/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected index 3ed0ce6f91..1b0d94d838 100644 --- a/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected +++ b/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected @@ -15,5 +15,4 @@ | test.cpp:142:9:142:10 | a1 | Declaration is hiding declaration $@. | test.cpp:140:14:140:15 | a1 | a1 | | test.cpp:147:9:147:10 | a2 | Declaration is hiding declaration $@. | test.cpp:145:20:145:21 | a2 | a2 | | test.cpp:152:9:152:10 | a3 | Declaration is hiding declaration $@. | test.cpp:150:17:150:18 | a3 | a3 | -| test.cpp:158:9:158:10 | a4 | Declaration is hiding declaration $@. | test.cpp:156:14:156:15 | a4 | a4 | | test.cpp:164:9:164:10 | a5 | Declaration is hiding declaration $@. | test.cpp:162:13:162:14 | a5 | a5 | diff --git a/cpp/common/test/rules/identifierhidden/test.cpp b/cpp/common/test/rules/identifierhidden/test.cpp index 946063e6be..ede4bb24d6 100644 --- a/cpp/common/test/rules/identifierhidden/test.cpp +++ b/cpp/common/test/rules/identifierhidden/test.cpp @@ -155,7 +155,7 @@ void f8() { const int &a4 = a3; auto lambda4 = []() { - int a4 = a4 + 1; // NON_COMPLIANT - Lambda can access + int a4 = a4 + 1; // NON_COMPLIANT[FALSE_NEGATIVE] - Lambda can access // reference initialized with constant expression. }; From 3ec494f670ca60827ccf0e4b5a04adb5a233bbd2 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 26 Apr 2024 17:09:39 -0700 Subject: [PATCH 1792/2573] Simplify hotfix detection The logic to detect a hotfix by finding a merge base between main and release branch is incorrect because the merge base wasn't found in previous releases. Now we just assume any version with a patch number larger than 0 is a hotfix. --- scripts/release/is-hotfix-release.py | 41 ++++------------------------ 1 file changed, 6 insertions(+), 35 deletions(-) diff --git a/scripts/release/is-hotfix-release.py b/scripts/release/is-hotfix-release.py index aba957ea5f..fdf46ceed2 100644 --- a/scripts/release/is-hotfix-release.py +++ b/scripts/release/is-hotfix-release.py @@ -6,45 +6,16 @@ if TYPE_CHECKING: from argparse import Namespace -def get_merge_base_of_ref() -> str: - cp = run(["git", "merge-base", "HEAD", "origin/main"], capture_output=True, text=True) - if cp.returncode != 0: - raise RuntimeError(f"Failed to get merge base with reason '{cp.stderr.strip()}'") - return cp.stdout.strip() - -def get_release_branches_containing(commit: str) -> List[Version]: - cp = run(["git", "branch", "--list", "rc/*", "--contains", commit], capture_output=True, text=True) - if cp.returncode != 0: - raise RuntimeError("Failed to get branches containing commit") - release_versions: List[Version] = [] - for version in [b.strip() for b in cp.stdout.splitlines()]: - try: - if version.startswith("rc/"): - version = version[3:] - release_versions.append(Version(version)) - except ValueError: - print(f"Warning: Skipping invalid version string: {version}", file=stderr) - - return release_versions - def main(args: 'Namespace') -> Literal[0,1]: try: - merge_base = get_merge_base_of_ref() - release_versions = get_release_branches_containing(merge_base) - if len(release_versions) == 0: - print(f"Info: No release branches found containing merge base {merge_base}", file=stderr) + version = Version(args.version) + if version.patch > 0: + print("true") + else: print("false") - return 0 - - for version in release_versions: - if version.next_patch() == Version(args.version): - print("true") - return 0 - - print("false") return 0 - except RuntimeError as e: - print(f"Error: {e}", file=stderr) + except ValueError: + print(f"Invalid version string: {args.version}", file=stderr) return 1 if __name__ == '__main__': From 81fa42c669e8fbf039b32a272610f8038cacb5f0 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Wed, 1 May 2024 22:21:37 +0000 Subject: [PATCH 1793/2573] Update documents for MISRA C++ 2023 support --- README.md | 9 +- docs/development_handbook.md | 10 +- docs/user_manual.md | 11 ++- rules.csv | 181 ++++++++++++++++++++++++++++++++++- 4 files changed, 196 insertions(+), 15 deletions(-) diff --git a/README.md b/README.md index a4233e3cb9..d1de9b6372 100644 --- a/README.md +++ b/README.md @@ -10,10 +10,15 @@ This repository contains CodeQL queries and libraries which support various Codi The following coding standards are supported: - [AUTOSAR - Guidelines for the use of C++14 language in critical and safety-related systems (Releases R22-11, R20-11, R19-11 and R19-03)](https://www.autosar.org/fileadmin/standards/R22-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf). -- [MISRA C++:2008](https://www.misra.org.uk) (support limited to the rules specified in AUTOSAR). - [SEI CERT C++ Coding Standard: Rules for Developing Safe, Reliable, and Secure Systems (2016 Edition)](https://resources.sei.cmu.edu/library/asset-view.cfm?assetID=494932) - [SEI CERT C Coding Standard: Rules for Developing Safe, Reliable, and Secure Systems (2016 Edition)](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-c-coding-standard-2016-v01.pdf) -- [MISRA C 2012](https://www.misra.org.uk/product/misra-c2012-third-edition-first-revision/). +- [MISRA C 2012, 3rd Edition, 1st revision](https://www.misra.org.uk/product/misra-c2012-third-edition-first-revision/) (incoporating Amendment 1 & Technical Corrigendum 1). In addition, we support the following additional amendments and technical corrigendums: + - [MISRA C 2012 Amendment 2](https://misra.org.uk/app/uploads/2021/06/MISRA-C-2012-AMD2.pdf) + - [MISRA C 2012 Technical Corrigendum 2](https://misra.org.uk/app/uploads/2022/04/MISRA-C-2012-TC2.pdf) + +## :construction: Standards under development :construction: + +- [MISRA C++ 2023](https://misra.org.uk/product/misra-cpp2023/) - under development _scheduled for release 2024 Q4_. ## How do I use the CodeQL Coding Standards Queries? diff --git a/docs/development_handbook.md b/docs/development_handbook.md index 9629c89b95..10ad1637a5 100644 --- a/docs/development_handbook.md +++ b/docs/development_handbook.md @@ -39,17 +39,11 @@ | 0.29.1 | 2023-10-11 | Remco Vermeulen | Address Markdown linter problems. | | 0.30.0 | 2023-11-14 | Remco Vermeulen | Clarify release steps in case of a hotfix release. | | 0.31.0 | 2024-02-23 | Remco Vermeulen | Clarify the required use of Python version 3.9 | +| 0.32.0 | 2024-05-01 | Luke Cartey | Refer to the user manual for the list of supported standards. | ## Scope of work -A *coding standard* is a set of rules or guidelines which restrict or prohibit the use of certain dangerous or confusing coding patterns or language features. This repository contains CodeQL queries (and supporting processes) which implement a number of different coding standards. The currently supported standards are: - -| Standard | Version | Total rules | Total supportable rules | Status | Notes | -| -------------------------------------------------------------------------------------------------------------------- | ------- | ----------- | ----------------------- | -------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | -| [AUTOSAR C++](https://www.autosar.org/fileadmin/standards/R22-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf) | R22-11, R21-11, R20-11, R19-11, R19-03 | 397 | 375 | Implemented | | -| [CERT-C++](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-cpp-coding-standard-2016-v01.pdf) | 2016 | 83 | 83 | Implemented | AUTOSAR includes a sub-set of rules take from MISRA C++ 2008, which can be purchased for a small fee from [the MISRA website](https://misra.org.uk/shop). | -| [CERT-C](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-c-coding-standard-2016-v01.pdf) | 2016 | 120 | 99 | In development | The implementation excludes rules not part of 2016, but that are added to the [CERT-C wiki](https://wiki.sei.cmu.edu/confluence/display/c/) | -| [MISRA C](https://www.misra.org.uk/product/misra-c2012-third-edition-first-revision/ ) | 2012 | 172 | 172 | In development | This includes the [MISRA C:2012 Amendment 2](https://www.misra.org.uk/app/uploads/2021/06/MISRA-C-2012-AMD2.pdf) | +A *coding standard* is a set of rules or guidelines which restrict or prohibit the use of certain dangerous or confusing coding patterns or language features. This repository contains CodeQL queries (and supporting processes) which implement a number of different coding standards. The currently supported standards are documented in the [user manual](user_manual.md). Each coding standard consists of a list of "guidelines", however not all the guidelines in all the standards will be amenable to automated static analysis. The AUTOSAR C++ standard categorizes the guidelines according to enforcement by static analysis tools in section *5.1.3 Rule classification according to enforcement by static analysis* of the standard. The CERT-C++ standard does not provide such categorization, but frequently has a [documented](https://wiki.sei.cmu.edu/confluence/display/cplusplus/How+this+Coding+Standard+Is+Organized#HowthisCodingStandardIsOrganized-AutomatedDetection) automated detection section for guidelines that documents tools, including their limitations, that can verify the guidelines in question. We have therefore carefully reviewed each supported standard. For each guidelines that is not categorized as automatic enforceable we have determined,in conjunction with end users, what parts of the guideline can be supported in which capacity with CodeQL. diff --git a/docs/user_manual.md b/docs/user_manual.md index d790454afd..b55f0e919c 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -26,6 +26,7 @@ | 0.18.0 | 2024-01-30 | Luke Cartey | Update product description and coverage table. | | 0.19.0 | 2024-02-23 | Remco Vermeulen | Clarify the required use of Python version 3.9. | | 0.20.0 | 2024-02-23 | Remco Vermeulen | Add table describing the permitted guideline re-categorizations. | +| 0.21.0 | 2024-05-01 | Luke Cartey | Add MISRA C++ 2023 as under development, and clarify MISRA C 2012 coverage. | ## Release information @@ -54,10 +55,11 @@ The _CodeQL Coding Standards_ product is a set of CodeQL queries for identifying | Standard | Version | Rules | Supportable rules | Implemented rules | Status | | -------------------------------------------------------------------------------------------------------------------- | ------- | ----------- | ----------------------- | ----------------- | ------- | -| [AUTOSAR C++](https://www.autosar.org/fileadmin/standards/R22-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf) | [^1] R22-11, R21-11, R20-11, R19-11, R19-03 | 397 | 372 | 370[^2] | Implemented | -| [CERT-C++](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-cpp-coding-standard-2016-v01.pdf) | 2016 | 83 | 82 | 82 | Implemented | -| [CERT C](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-c-coding-standard-2016-v01.pdf) | 2016 | 99 | 97 | 97 | Implemented | -| [MISRA C](https://www.misra.org.uk/product/misra-c2012-third-edition-first-revision/) | 2012 | 175 | 164 | 162[^3] | Implemented | +| AUTOSAR C++ | [^1] [R22-11](https://www.autosar.org/fileadmin/standards/R22-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf), R21-11, R20-11, R19-11, R19-03 | 397 | 372 | 370[^2] | Implemented | +| CERT-C++ | [2016](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-cpp-coding-standard-2016-v01.pdf) | 83 | 82 | 82 | Implemented | +| CERT C | [2016](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-c-coding-standard-2016-v01.pdf) | 99 | 97 | 97 | Implemented | +| MISRA C | [2012 Third Edition, First Revision](](https://www.misra.org.uk/product/misra-c2012-third-edition-first-revision/)), and [Amendment 2](https://misra.org.uk/app/uploads/2021/06/MISRA-C-2012-AMD2.pdf) and TC2 | 175 | 164 | 162[^3] | Implemented | +| MISRA C++ | [2023](https://misra.org.uk/product/misra-cpp2023/) | 179 | 176[^4] | 0 | Under development | Not all rules in these standards are amenable to static analysis by CodeQL - some rules require external or domain specific knowledge to validate, or refer to properties which are not present in our representation of the codebase under analysis. In addition, some rules are natively enforced by the supported compilers. As CodeQL requires that the program under analysis compiles, we are unable to implement queries for these rules, and doing so would be redundant. @@ -73,6 +75,7 @@ The datasheet _"CodeQL Coding Standards: supported rules"_, provided with each r [^1]: AUTOSAR C++ versions R22-11, R21-11, R20-11, R19-11 and R19-03 are all identical as indicated in the document change history. [^2]: The unimplemented supportable AUTOSAR rules are `A7-1-8` and `A8-2-1`. These rules require additional support in the CodeQL CLI to ensure the required information is available in the CodeQL database to identify violations of these rules. [^3]: The unimplemented supportable MISRA C 2012 rules are `Rule 9.5` and `Dir 4.14`. `Rule 9.5` requires additional support in the CodeQL CLI to ensure the required information is available in the CodeQL database to identify violations of these rules. `Dir 4.14` is covered by the default CodeQL queries, which identify potential security vulnerabilities caused by not validating external input. +[^4]: The rules 5.13.7, 19.0.1 and 19.1.2 are not planned to be implemented by CodeQL as they are compiler checked in all supported compilers. ## Supported environment diff --git a/rules.csv b/rules.csv index 7b7a10948e..903a8cceed 100644 --- a/rules.csv +++ b/rules.csv @@ -773,4 +773,183 @@ c,MISRA-C-2012,RULE-22-6,Yes,Mandatory,,,The value of a pointer to a FILE shall c,MISRA-C-2012,RULE-22-7,Yes,Required,,,The macro EOF shall only be compared with the unmodified return value from any Standard Library function capable of returning EOF,,IO3,Hard, c,MISRA-C-2012,RULE-22-8,Yes,Required,,,The value of errno shall be set to zero prior to a call to an errno-setting-function,ERR30-C,Contracts3,Medium, c,MISRA-C-2012,RULE-22-9,Yes,Required,,,The value of errno shall be tested against zero after calling an errno-setting-function,,Contracts3,Medium, -c,MISRA-C-2012,RULE-22-10,Yes,Required,,,The value of errno shall only be tested when the last function to be called was an errno-setting-function,,Contracts3,Medium, \ No newline at end of file +c,MISRA-C-2012,RULE-22-10,Yes,Required,,,The value of errno shall only be tested when the last function to be called was an errno-setting-function,,Contracts3,Medium, +cpp,MISRA-CPP-2023,RULE-0-0-1,Yes,Required,Decidable,Single Translation Unit,A function shall not contain unreachable statements,,,Medium, +cpp,MISRA-CPP-2023,RULE-0-0-2,Yes,Advisory,Undecidable,System,Controlling expressions should not be invariant,,,Easy, +cpp,MISRA-CPP-2023,RULE-0-1-1,Yes,Advisory,Undecidable,System,A value should not be unnecessarily written to a local object,,,Medium, +cpp,MISRA-CPP-2023,RULE-0-1-2,Yes,Required,Decidable,Single Translation Unit,The value returned by a function shall be used,,,Easy, +cpp,MISRA-CPP-2023,RULE-0-2-1,Yes,Advisory,Decidable,Single Translation Unit,Variables with limited visibility should be used at least once,,,Easy, +cpp,MISRA-CPP-2023,RULE-0-2-2,Yes,Required,Decidable,Single Translation Unit,A named function parameter shall be used at least once,,,Easy, +cpp,MISRA-CPP-2023,RULE-0-2-3,Yes,Advisory,Decidable,Single Translation Unit,Types with limited visibility should be used at least once,,,Easy, +cpp,MISRA-CPP-2023,RULE-0-2-4,Yes,Advisory,Decidable,System,Functions with limited visibility should be used at least once,,,Easy, +cpp,MISRA-CPP-2023,DIR-0-3-1,Yes,Advisory,,,Floating-point arithmetic should be used appropriately,,,Hard, +cpp,MISRA-CPP-2023,DIR-0-3-2,Yes,Required,,,A function call shall not violate the function’s preconditions,,,Hard, +cpp,MISRA-CPP-2023,RULE-4-1-1,Yes,Required,Undecidable,System,A program shall conform to ISO/IEC 14882:2017 (C++17),,,Hard, +cpp,MISRA-CPP-2023,RULE-4-1-2,Yes,Advisory,Decidable,Single Translation Unit,Deprecated features should not be used,,,Very Hard, +cpp,MISRA-CPP-2023,RULE-4-1-3,Yes,Required,Undecidable,System,There shall be no occurrence of undefined or critical unspecified behaviour,,,Very Hard, +cpp,MISRA-CPP-2023,RULE-4-6-1,Yes,Required,Undecidable,System,Operations on a memory location shall be sequenced appropriately,,,Import, +cpp,MISRA-CPP-2023,RULE-5-0-1,Yes,Advisory,Decidable,Single Translation Unit,Trigraph-like sequences should not be used,,,Very Hard, +cpp,MISRA-CPP-2023,RULE-5-7-1,Yes,Required,Decidable,Single Translation Unit,The character sequence /* shall not be used within a C-style comment,,,Import, +cpp,MISRA-CPP-2023,DIR-5-7-2,Yes,Advisory,,,Sections of code should not be “commented out”,,,Import, +cpp,MISRA-CPP-2023,RULE-5-7-3,Yes,Required,Decidable,Single Translation Unit,Line-splicing shall not be used in // comments,,,Import, +cpp,MISRA-CPP-2023,RULE-5-10-1,Yes,Required,Decidable,Single Translation Unit,User-defined identifiers shall have an appropriate form,,,Easy, +cpp,MISRA-CPP-2023,RULE-5-13-1,Yes,Required,Decidable,Single Translation Unit,"In character literals and non-raw string literals, \ shall only be used to form a defined escape sequence or universal character name",,,Import, +cpp,MISRA-CPP-2023,RULE-5-13-2,Yes,Required,Decidable,Single Translation Unit,"Octal escape sequences, hexadecimal escape sequences, and universal character names shall be terminated",,,Import, +cpp,MISRA-CPP-2023,RULE-5-13-3,Yes,Required,Decidable,Single Translation Unit,Octal constants shall not be used,,,Import, +cpp,MISRA-CPP-2023,RULE-5-13-4,Yes,Required,Decidable,Single Translation Unit,Unsigned integer literals shall be appropriately suffixed,,,Import, +cpp,MISRA-CPP-2023,RULE-5-13-5,Yes,Required,Decidable,Single Translation Unit,The lowercase form of L shall not be used as the first character in a literal suffix,,,Import, +cpp,MISRA-CPP-2023,RULE-5-13-6,Yes,Required,Decidable,Single Translation Unit,An integer-literal of type long long shall not use a single L or l in any suffix,,,Easy, +cpp,MISRA-CPP-2023,RULE-5-13-7,No,Required,Decidable,Single Translation Unit,String literals with different encoding prefixes shall not be concatenated,,,, +cpp,MISRA-CPP-2023,RULE-6-0-1,Yes,Required,Decidable,Single Translation Unit,Block scope declarations shall not be visually ambiguous,,,Easy, +cpp,MISRA-CPP-2023,RULE-6-0-2,Yes,Advisory,Decidable,Single Translation Unit,"When an array with external linkage is declared, its size should be explicitly specified",,,Easy, +cpp,MISRA-CPP-2023,RULE-6-0-3,Yes,Advisory,Decidable,Single Translation Unit,"The only declarations in the global namespace should be main, namespace declarations and extern ""C"" declarations",,,Import, +cpp,MISRA-CPP-2023,RULE-6-0-4,Yes,Required,Decidable,Single Translation Unit,The identifier main shall not be used for a function other than the global function main,,,Import, +cpp,MISRA-CPP-2023,RULE-6-2-1,Yes,Required,Decidable,System,The one-definition rule shall not be violated,,,Import, +cpp,MISRA-CPP-2023,RULE-6-2-2,Yes,Required,Decidable,System,All declarations of a variable or function shall have the same type,,,Easy, +cpp,MISRA-CPP-2023,RULE-6-2-3,Yes,Required,Decidable,System,The source code used to implement an entity shall appear only once,,,Medium, +cpp,MISRA-CPP-2023,RULE-6-2-4,Yes,Required,Decidable,Single Translation Unit,A header file shall not contain definitions of functions or objects that are non-inline and have external linkage,,,Easy, +cpp,MISRA-CPP-2023,RULE-6-4-1,Yes,Required,Decidable,Single Translation Unit,A variable declared in an inner scope shall not hide a variable declared in an outer scope,,,Import, +cpp,MISRA-CPP-2023,RULE-6-4-2,Yes,Required,Decidable,Single Translation Unit,Derived classes shall not conceal functions that are inherited from their bases,,,Import, +cpp,MISRA-CPP-2023,RULE-6-4-3,Yes,Required,Decidable,Single Translation Unit,A name that is present in a dependent base shall not be resolved by unqualified lookup,,,Import, +cpp,MISRA-CPP-2023,RULE-6-5-1,Yes,Advisory,Decidable,Single Translation Unit,A function or object with external linkage should be introduced in a header file,,,Medium, +cpp,MISRA-CPP-2023,RULE-6-5-2,Yes,Advisory,Decidable,Single Translation Unit,Internal linkage should be specified appropriately,,,Medium, +cpp,MISRA-CPP-2023,RULE-6-7-1,Yes,Required,Decidable,Single Translation Unit,Local variables shall not have static storage duration,,,Easy, +cpp,MISRA-CPP-2023,RULE-6-7-2,Yes,Required,Decidable,Single Translation Unit,Global variables shall not be used,,,Easy, +cpp,MISRA-CPP-2023,RULE-6-8-1,Yes,Required,Undecidable,System,An object shall not be accessed outside of its lifetime,,,Import, +cpp,MISRA-CPP-2023,RULE-6-8-2,Yes,Mandatory,Decidable,Single Translation Unit,A function must not return a reference or a pointer to a local variable with automatic storage duration,,,Import, +cpp,MISRA-CPP-2023,RULE-6-8-3,Yes,Required,Decidable,Single Translation Unit,An assignment operator shall not assign the address of an object with automatic storage duration to an object with a greater lifetime,,,Medium, +cpp,MISRA-CPP-2023,RULE-6-8-4,Yes,Advisory,Decidable,Single Translation Unit,Member functions returning references to their object should be refqualified appropriately,,,Medium, +cpp,MISRA-CPP-2023,RULE-6-9-1,Yes,Required,Decidable,Single Translation Unit,The same type aliases shall be used in all declarations of the same entity,,,Medium, +cpp,MISRA-CPP-2023,RULE-6-9-2,Yes,Advisory,Decidable,Single Translation Unit,The names of the standard signed integer types and standard unsigned integer types should not be used,,,Easy, +cpp,MISRA-CPP-2023,RULE-7-0-1,Yes,Required,Decidable,Single Translation Unit,There shall be no conversion from type bool,,,Easy, +cpp,MISRA-CPP-2023,RULE-7-0-2,Yes,Required,Decidable,Single Translation Unit,There shall be no conversion to type bool,,,Easy, +cpp,MISRA-CPP-2023,RULE-7-0-3,Yes,Required,Decidable,Single Translation Unit,The numerical value of a character shall not be used,,,Medium, +cpp,MISRA-CPP-2023,RULE-7-0-4,Yes,Required,Decidable,Single Translation Unit,The operands of bitwise operators and shift operators shall be appropriate,,,Medium, +cpp,MISRA-CPP-2023,RULE-7-0-5,Yes,Required,Decidable,Single Translation Unit,Integral promotion and the usual arithmetic conversions shall not change the signedness or the type category of an operand,,,Medium, +cpp,MISRA-CPP-2023,RULE-7-0-6,Yes,Required,Decidable,Single Translation Unit,Assignment between numeric types shall be appropriate,,,Hard, +cpp,MISRA-CPP-2023,RULE-7-11-1,Yes,Required,Decidable,Single Translation Unit,nullptr shall be the only form of the null-pointer-constant,,,Import, +cpp,MISRA-CPP-2023,RULE-7-11-2,Yes,Required,Decidable,Single Translation Unit,An array passed as a function argument shall not decay to a pointer,,,Import, +cpp,MISRA-CPP-2023,RULE-7-11-3,Yes,Required,Decidable,Single Translation Unit,A conversion from function type to pointer-to-function type shall only occur in appropriate contexts,,,Easy, +cpp,MISRA-CPP-2023,RULE-8-0-1,Yes,Advisory,Decidable,Single Translation Unit,Parentheses should be used to make the meaning of an expression appropriately explicit,,,Medium, +cpp,MISRA-CPP-2023,RULE-8-1-1,Yes,Required,Decidable,Single Translation Unit,A non-transient lambda shall not implicitly capture this,,,Easy, +cpp,MISRA-CPP-2023,RULE-8-1-2,Yes,Advisory,Decidable,Single Translation Unit,Variables should be captured explicitly in a non-transient lambda,,,Easy, +cpp,MISRA-CPP-2023,RULE-8-2-1,Yes,Required,Decidable,Single Translation Unit,A virtual base class shall only be cast to a derived class by means of dynamic_cast,,,Easy, +cpp,MISRA-CPP-2023,RULE-8-2-2,Yes,Required,Decidable,Single Translation Unit,C-style casts and functional notation casts shall not be used,,,Easy, +cpp,MISRA-CPP-2023,RULE-8-2-3,Yes,Required,Decidable,Single Translation Unit,A cast shall not remove any const or volatile qualification from the type accessed via a pointer or by reference,,,Import, +cpp,MISRA-CPP-2023,RULE-8-2-4,Yes,Required,Decidable,Single Translation Unit,Casts shall not be performed between a pointer to function and any other type,,,Import, +cpp,MISRA-CPP-2023,RULE-8-2-5,Yes,Required,Decidable,Single Translation Unit,reinterpret_cast shall not be used,,,Import, +cpp,MISRA-CPP-2023,RULE-8-2-6,Yes,Required,Decidable,Single Translation Unit,"An object with integral, enumerated, or pointer to void type shall not be cast to a pointer type",,,Easy, +cpp,MISRA-CPP-2023,RULE-8-2-7,Yes,Advisory,Decidable,Single Translation Unit,A cast should not convert a pointer type to an integral type,,,Easy, +cpp,MISRA-CPP-2023,RULE-8-2-8,Yes,Required,Decidable,Single Translation Unit,An object pointer type shall not be cast to an integral type other than std::uintptr_t or std::intptr_t,,,Easy, +cpp,MISRA-CPP-2023,RULE-8-2-9,Yes,Required,Decidable,Single Translation Unit,The operand to typeid shall not be an expression of polymorphic class type,,,Easy, +cpp,MISRA-CPP-2023,RULE-8-2-10,Yes,Required,Undecidable,System,"Functions shall not call themselves, either directly or indirectly",,,Import, +cpp,MISRA-CPP-2023,RULE-8-2-11,Yes,Required,Decidable,Single Translation Unit,An argument passed via ellipsis shall have an appropriate type,,,Easy, +cpp,MISRA-CPP-2023,RULE-8-3-1,Yes,Advisory,Decidable,Single Translation Unit,The built-in unary - operator should not be applied to an expression of unsigned type,,,Import, +cpp,MISRA-CPP-2023,RULE-8-3-2,Yes,Advisory,Decidable,Single Translation Unit,The built-in unary + operator should not be used,,,Easy, +cpp,MISRA-CPP-2023,RULE-8-7-1,Yes,Required,Undecidable,System,Pointer arithmetic shall not form an invalid pointer,,,Easy, +cpp,MISRA-CPP-2023,RULE-8-7-2,Yes,Required,Undecidable,System,Subtraction between pointers shall only be applied to pointers that address elements of the same array,,,Easy, +cpp,MISRA-CPP-2023,RULE-8-9-1,Yes,Required,Undecidable,System,"The built-in relational operators >, >=, < and <= shall not be applied to objects of pointer type, except where they point to elements of the same array",,,Easy, +cpp,MISRA-CPP-2023,RULE-8-14-1,Yes,Advisory,Undecidable,System,The right-hand operand of a logical && or operator should not contain persistent side effects,,,Medium, +cpp,MISRA-CPP-2023,RULE-8-18-1,Yes,Mandatory,Undecidable,System,An object or subobject must not be copied to an overlapping object,,,Hard, +cpp,MISRA-CPP-2023,RULE-8-18-2,Yes,Advisory,Decidable,Single Translation Unit,The result of an assignment operator should not be used,,,Import, +cpp,MISRA-CPP-2023,RULE-8-19-1,Yes,Advisory,Decidable,Single Translation Unit,The comma operator should not be used,,,Import, +cpp,MISRA-CPP-2023,RULE-8-20-1,Yes,Advisory,Decidable,Single Translation Unit,An unsigned arithmetic operation with constant operands should not wrap,,,Import, +cpp,MISRA-CPP-2023,RULE-9-2-1,Yes,Required,Decidable,Single Translation Unit,An explicit type conversion shall not be an expression statement,,,Easy, +cpp,MISRA-CPP-2023,RULE-9-3-1,Yes,Required,Decidable,Single Translation Unit,The body of an iteration-statement or a selection-statement shall be a compound-statement,,,Import, +cpp,MISRA-CPP-2023,RULE-9-4-1,Yes,Required,Decidable,Single Translation Unit,All if ... else if constructs shall be terminated with an else statement,,,Import, +cpp,MISRA-CPP-2023,RULE-9-4-2,Yes,Required,Decidable,Single Translation Unit,The structure of a switch statement shall be appropriate,,,Medium, +cpp,MISRA-CPP-2023,RULE-9-5-1,Yes,Advisory,Decidable,Single Translation Unit,Legacy for statements should be simple,,,Hard, +cpp,MISRA-CPP-2023,RULE-9-5-2,Yes,Required,Decidable,Single Translation Unit,A for-range-initializer shall contain at most one function call,,,Easy, +cpp,MISRA-CPP-2023,RULE-9-6-1,Yes,Advisory,Decidable,Single Translation Unit,The goto statement should not be used,,,Import, +cpp,MISRA-CPP-2023,RULE-9-6-2,Yes,Required,Decidable,Single Translation Unit,A goto statement shall reference a label in a surrounding block,,,Import, +cpp,MISRA-CPP-2023,RULE-9-6-3,Yes,Required,Decidable,Single Translation Unit,The goto statement shall jump to a label declared later in the function body,,,Import, +cpp,MISRA-CPP-2023,RULE-9-6-4,Yes,Required,Undecidable,System,A function declared with the [[noreturn]] attribute shall not return,,,Import, +cpp,MISRA-CPP-2023,RULE-9-6-5,Yes,Required,Decidable,Single Translation Unit,A function with non-void return type shall return a value on all paths,,,Import, +cpp,MISRA-CPP-2023,RULE-10-0-1,Yes,Advisory,Decidable,Single Translation Unit,A declaration should not declare more than one variable or member variable,,,Import, +cpp,MISRA-CPP-2023,RULE-10-1-1,Yes,Advisory,Decidable,Single Translation Unit,The target type of a pointer or lvalue reference parameter should be const-qualified appropriately,,,Hard, +cpp,MISRA-CPP-2023,RULE-10-1-2,Yes,Required,Decidable,Single Translation Unit,The volatile qualifier shall be used appropriately,,,Easy, +cpp,MISRA-CPP-2023,RULE-10-2-1,Yes,Required,Decidable,Single Translation Unit,An enumeration shall be defined with an explicit underlying type,,,Import, +cpp,MISRA-CPP-2023,RULE-10-2-2,Yes,Advisory,Decidable,Single Translation Unit,Unscoped enumerations should not be declared,,,Easy, +cpp,MISRA-CPP-2023,RULE-10-2-3,Yes,Required,Decidable,Single Translation Unit,The numeric value of an unscoped enumeration with no fixed underlying type shall not be used,,,Easy, +cpp,MISRA-CPP-2023,RULE-10-3-1,Yes,Advisory,Decidable,Single Translation Unit,There should be no unnamed namespaces in header files,,,Easy, +cpp,MISRA-CPP-2023,RULE-10-4-1,Yes,Required,Decidable,Single Translation Unit,The asm declaration shall not be used,,,Import, +cpp,MISRA-CPP-2023,RULE-11-3-1,Yes,Advisory,Decidable,Single Translation Unit,Variables of array type should not be declared,,,Easy, +cpp,MISRA-CPP-2023,RULE-11-3-2,Yes,Advisory,Decidable,Single Translation Unit,The declaration of an object should contain no more than two levels of pointer indirection,,,Import, +cpp,MISRA-CPP-2023,RULE-11-6-1,Yes,Advisory,Decidable,Single Translation Unit,All variables should be initialized,,,Easy, +cpp,MISRA-CPP-2023,RULE-11-6-2,Yes,Mandatory,Undecidable,System,The value of an object must not be read before it has been set,,,Very Hard, +cpp,MISRA-CPP-2023,RULE-11-6-3,Yes,Required,Decidable,Single Translation Unit,"Within an enumerator list, the value of an implicitly-specified enumeration constant shall be unique",,,Import, +cpp,MISRA-CPP-2023,RULE-12-2-1,Yes,Advisory,Decidable,Single Translation Unit,Bit-fields should not be declared,,,Easy, +cpp,MISRA-CPP-2023,RULE-12-2-2,Yes,Required,Decidable,Single Translation Unit,A bit-field shall have an appropriate type,,,Import, +cpp,MISRA-CPP-2023,RULE-12-2-3,Yes,Required,Decidable,Single Translation Unit,A named bit-field with signed integer type shall not have a length of one bit,,,Import, +cpp,MISRA-CPP-2023,RULE-12-3-1,Yes,Required,Decidable,Single Translation Unit,The union keyword shall not be used,,,Easy, +cpp,MISRA-CPP-2023,RULE-13-1-1,Yes,Advisory,Decidable,Single Translation Unit,Classes should not be inherited virtually,,,Easy, +cpp,MISRA-CPP-2023,RULE-13-1-2,Yes,Required,Decidable,Single Translation Unit,An accessible base class shall not be both virtual and non-virtual in the same hierarchy,,,Import, +cpp,MISRA-CPP-2023,RULE-13-3-1,Yes,Required,Decidable,Single Translation Unit,"User-declared member functions shall use the virtual, override and final specifiers appropriately",,,Easy, +cpp,MISRA-CPP-2023,RULE-13-3-2,Yes,Required,Decidable,Single Translation Unit,Parameters in an overriding virtual function shall not specify different default arguments,,,Import, +cpp,MISRA-CPP-2023,RULE-13-3-3,Yes,Required,Decidable,System,The parameters in all declarations or overrides of a function shall either be unnamed or have identical names,,,Import, +cpp,MISRA-CPP-2023,RULE-13-3-4,Yes,Required,Decidable,Single Translation Unit,A comparison of a potentially virtual pointer to member function shall only be with nullptr,,,Import, +cpp,MISRA-CPP-2023,RULE-14-1-1,Yes,Advisory,Decidable,Single Translation Unit,Non-static data members should be either all private or all public,,,Easy, +cpp,MISRA-CPP-2023,RULE-15-0-1,Yes,Required,Decidable,Single Translation Unit,Special member functions shall be provided appropriately,,,Medium, +cpp,MISRA-CPP-2023,RULE-15-0-2,Yes,Advisory,Decidable,Single Translation Unit,User-provided copy and move member functions of a class should have appropriate signatures,,,Easy, +cpp,MISRA-CPP-2023,RULE-15-1-1,Yes,Required,Undecidable,System,An object’s dynamic type shall not be used from within its constructor or destructor,,,Import, +cpp,MISRA-CPP-2023,RULE-15-1-2,Yes,Advisory,Decidable,Single Translation Unit,All constructors of a class should explicitly initialize all of its virtual base classes and immediate base classes,,,Import, +cpp,MISRA-CPP-2023,RULE-15-1-3,Yes,Required,Decidable,Single Translation Unit,Conversion operators and constructors that are callable with a single argument shall be explicit,,,Easy, +cpp,MISRA-CPP-2023,RULE-15-1-4,Yes,Advisory,Decidable,Single Translation Unit,"All direct, non-static data members of a class should be initialized before the class object is accessible",,,Hard, +cpp,MISRA-CPP-2023,RULE-15-1-5,Yes,Required,Decidable,Single Translation Unit,A class shall only define an initializer-list constructor when it is the only constructor,,,Import, +cpp,MISRA-CPP-2023,DIR-15-8-1,Yes,Required,#VALUE!,,User-provided copy assignment operators and move assignment operators shall handle self-assignment,,,Import, +cpp,MISRA-CPP-2023,RULE-16-5-1,Yes,Required,Decidable,Single Translation Unit,The logical AND and logical OR operators shall not be overloaded,,,Easy, +cpp,MISRA-CPP-2023,RULE-16-5-2,Yes,Required,Decidable,Single Translation Unit,The address-of operator shall not be overloaded,,,Import, +cpp,MISRA-CPP-2023,RULE-16-6-1,Yes,Advisory,Decidable,Single Translation Unit,Symmetrical operators should only be implemented as non-member functions,,,Medium, +cpp,MISRA-CPP-2023,RULE-17-8-1,Yes,Required,Decidable,Single Translation Unit,Function templates shall not be explicitly specialized,,,Import, +cpp,MISRA-CPP-2023,RULE-18-1-1,Yes,Required,Decidable,Single Translation Unit,An exception object shall not have pointer type,,,Import, +cpp,MISRA-CPP-2023,RULE-18-1-2,Yes,Required,Decidable,Single Translation Unit,An empty throw shall only occur within the compound-statement of a catch handler,,,Import, +cpp,MISRA-CPP-2023,RULE-18-3-1,Yes,Advisory,Decidable,Single Translation Unit,There should be at least one exception handler to catch all otherwise unhandled exceptions,,,Easy, +cpp,MISRA-CPP-2023,RULE-18-3-2,Yes,Required,Decidable,Single Translation Unit,An exception of class type shall be caught by const reference or reference,,,Easy, +cpp,MISRA-CPP-2023,RULE-18-3-3,Yes,Required,Decidable,Single Translation Unit,Handlers for a function-try-block of a constructor or destructor shall not refer to non-static members from their class or its bases,,,Import, +cpp,MISRA-CPP-2023,RULE-18-4-1,Yes,Required,Decidable,Single Translation Unit,Exception-unfriendly functions shall be noexcept,,,Easy, +cpp,MISRA-CPP-2023,RULE-18-5-1,Yes,Advisory,Undecidable,System,A noexcept function should not attempt to propagate an exception to the calling function,,,Import, +cpp,MISRA-CPP-2023,RULE-18-5-2,Yes,Advisory,Decidable,Single Translation Unit,Program-terminating functions should not be used,,,Easy, +cpp,MISRA-CPP-2023,RULE-19-0-1,No,Required,Decidable,Single Translation Unit,A line whose first token is # shall be a valid preprocessing directive,,,, +cpp,MISRA-CPP-2023,RULE-19-0-2,Yes,Required,Decidable,Single Translation Unit,Function-like macros shall not be defined,,,Import, +cpp,MISRA-CPP-2023,RULE-19-0-3,Yes,Advisory,Decidable,Single Translation Unit,#include directives should only be preceded by preprocessor directives or comments,,,Import, +cpp,MISRA-CPP-2023,RULE-19-0-4,Yes,Advisory,Decidable,Single Translation Unit,#undef should only be used for macros defined previously in the same file,,,Easy, +cpp,MISRA-CPP-2023,RULE-19-1-1,Yes,Required,Decidable,Single Translation Unit,The defined preprocessor operator shall be used appropriately,,,Easy, +cpp,MISRA-CPP-2023,RULE-19-1-2,No,Required,Decidable,Single Translation Unit,"All #else, #elif and #endif preprocessor directives shall reside in the same file as the #if, #ifdef or #ifndef directive to which they are related",,,, +cpp,MISRA-CPP-2023,RULE-19-1-3,Yes,Required,Decidable,Single Translation Unit,All identifiers used in the controlling expression of #if or #elif preprocessing directives shall be defined prior to evaluation,,,Import, +cpp,MISRA-CPP-2023,RULE-19-2-1,Yes,Required,Decidable,Single Translation Unit,Precautions shall be taken in order to prevent the contents of a header file being included more than once,,,Easy, +cpp,MISRA-CPP-2023,RULE-19-2-2,Yes,Required,Decidable,Single Translation Unit,"The #include directive shall be followed by either a or ""filename"" sequence",,,Easy, +cpp,MISRA-CPP-2023,RULE-19-2-3,Yes,Required,Decidable,Single Translation Unit,"The ' or "" or \ characters and the /* or // character sequences shall not occur in a header file name",,,Import, +cpp,MISRA-CPP-2023,RULE-19-3-1,Yes,Advisory,Decidable,Single Translation Unit,The # and ## preprocessor operators should not be used,,,Import, +cpp,MISRA-CPP-2023,RULE-19-3-2,Yes,Required,Decidable,Single Translation Unit,A macro parameter immediately following a # operator shall not be immediately followed by a ## operator,,,Import, +cpp,MISRA-CPP-2023,RULE-19-3-3,Yes,Required,Decidable,Single Translation Unit,The argument to a mixed-use macro parameter shall not be subject to further expansion,,,Import, +cpp,MISRA-CPP-2023,RULE-19-3-4,Yes,Required,Decidable,Single Translation Unit,Parentheses shall be used to ensure macro arguments are expanded appropriately,,,Medium, +cpp,MISRA-CPP-2023,RULE-19-3-5,Yes,Required,Decidable,Single Translation Unit,Tokens that look like a preprocessing directive shall not occur within a macro argument,,,Import, +cpp,MISRA-CPP-2023,RULE-19-6-1,Yes,Advisory,Decidable,Single Translation Unit,The #pragma directive and the _Pragma operator should not be used,,,Easy, +cpp,MISRA-CPP-2023,RULE-21-2-1,Yes,Required,Decidable,Single Translation Unit,"The library functions atof, atoi, atol and atoll from shall not be used",,,Import, +cpp,MISRA-CPP-2023,RULE-21-2-2,Yes,Required,Decidable,Single Translation Unit,"The string handling functions from , , and shall not be used",,,Easy, +cpp,MISRA-CPP-2023,RULE-21-2-3,Yes,Required,Decidable,Single Translation Unit,The library function system from shall not be used,,,Easy, +cpp,MISRA-CPP-2023,RULE-21-2-4,Yes,Required,Decidable,Single Translation Unit,The macro offsetof shall not be used,,,Import, +cpp,MISRA-CPP-2023,RULE-21-6-1,Yes,Advisory,Undecidable,Single Translation Unit,Dynamic memory should not be used,,,Easy, +cpp,MISRA-CPP-2023,RULE-21-6-2,Yes,Required,Decidable,Single Translation Unit,Dynamic memory shall be managed automatically,,,Easy, +cpp,MISRA-CPP-2023,RULE-21-6-3,Yes,Required,Decidable,Single Translation Unit,Advanced memory management shall not be used,,,Medium, +cpp,MISRA-CPP-2023,RULE-21-6-4,Yes,Required,Decidable,System,"If a project defines either a sized or unsized version of a global operator delete, then both shall be defined",,,Import, +cpp,MISRA-CPP-2023,RULE-21-6-5,Yes,Required,Decidable,Single Translation Unit,A pointer to an incomplete class type shall not be deleted,,,Import, +cpp,MISRA-CPP-2023,RULE-21-10-1,Yes,Required,Decidable,Single Translation Unit,The features of shall not be used,,,Easy, +cpp,MISRA-CPP-2023,RULE-21-10-2,Yes,Required,Decidable,Single Translation Unit,The standard header file shall not be used,,,Easy, +cpp,MISRA-CPP-2023,RULE-21-10-3,Yes,Required,Decidable,Single Translation Unit,The facilities provided by the standard header file shall not be used,,,Import, +cpp,MISRA-CPP-2023,RULE-22-3-1,Yes,Required,Decidable,Single Translation Unit,The assert macro shall not be used with a constant-expression,,,Easy, +cpp,MISRA-CPP-2023,RULE-22-4-1,Yes,Required,Decidable,Single Translation Unit,The literal value zero shall be the only value assigned to errno,,,Easy, +cpp,MISRA-CPP-2023,RULE-23-11-1,Yes,Advisory,Decidable,Single Translation Unit,The raw pointer constructors of std::shared_ptr and std::unique_ptr should not be used,,,Easy, +cpp,MISRA-CPP-2023,RULE-24-5-1,Yes,Required,Decidable,Single Translation Unit,The character handling functions from and shall not be used,,,Easy, +cpp,MISRA-CPP-2023,RULE-24-5-2,Yes,Required,Decidable,Single Translation Unit,"The C++ Standard Library functions memcpy, memmove and memcmp from shall not be used",,,Easy, +cpp,MISRA-CPP-2023,RULE-25-5-1,Yes,Required,Decidable,Single Translation Unit,The setlocale and std::locale::global functions shall not be called,,,Easy, +cpp,MISRA-CPP-2023,RULE-25-5-2,Yes,Mandatory,Decidable,Single Translation Unit,"The pointers returned by the C++ Standard Library functions localeconv, getenv, setlocale or strerror must only be used as if they have pointer to const-qualified type",,,Import, +cpp,MISRA-CPP-2023,RULE-25-5-3,Yes,Mandatory,Undecidable,System,"The pointer returned by the C++ Standard Library functions asctime, ctime, gmtime, localtime, localeconv, getenv, setlocale or strerror must not be used following a subsequent call to the same function",,,Import, +cpp,MISRA-CPP-2023,RULE-26-3-1,Yes,Advisory,Decidable,Single Translation Unit,std::vector should not be specialized with bool,,,Import, +cpp,MISRA-CPP-2023,RULE-28-3-1,Yes,Required,Undecidable,System,Predicates shall not have persistent side effects,,,Easy, +cpp,MISRA-CPP-2023,RULE-28-6-1,Yes,Required,Decidable,Single Translation Unit,The argument to std::move shall be a non-const lvalue,,,Easy, +cpp,MISRA-CPP-2023,RULE-28-6-2,Yes,Required,Decidable,Single Translation Unit,Forwarding references and std::forward shall be used together,,,Import, +cpp,MISRA-CPP-2023,RULE-28-6-3,Yes,Required,Decidable,Single Translation Unit,An object shall not be used while in a potentially moved-from state,,,Import, +cpp,MISRA-CPP-2023,RULE-28-6-4,Yes,Required,Decidable,Single Translation Unit,"The result of std::remove, std::remove_if, std::unique and empty shall be used",,,Easy, +cpp,MISRA-CPP-2023,RULE-30-0-1,Yes,Required,Decidable,Single Translation Unit,The C Library input/output functions shall not be used,,,Import, +cpp,MISRA-CPP-2023,RULE-30-0-2,Yes,Required,Undecidable,System,Reads and writes on the same file stream shall be separated by a positioning operation,,,Import, \ No newline at end of file From 56db2228ea6f7a6410eb7483c45d533dbcba34c6 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Wed, 1 May 2024 22:42:10 +0000 Subject: [PATCH 1794/2573] Rename standard for consistency --- rules.csv | 358 +++++++++++++++++++++++++++--------------------------- 1 file changed, 179 insertions(+), 179 deletions(-) diff --git a/rules.csv b/rules.csv index 903a8cceed..913aa27282 100644 --- a/rules.csv +++ b/rules.csv @@ -774,182 +774,182 @@ c,MISRA-C-2012,RULE-22-7,Yes,Required,,,The macro EOF shall only be compared wit c,MISRA-C-2012,RULE-22-8,Yes,Required,,,The value of errno shall be set to zero prior to a call to an errno-setting-function,ERR30-C,Contracts3,Medium, c,MISRA-C-2012,RULE-22-9,Yes,Required,,,The value of errno shall be tested against zero after calling an errno-setting-function,,Contracts3,Medium, c,MISRA-C-2012,RULE-22-10,Yes,Required,,,The value of errno shall only be tested when the last function to be called was an errno-setting-function,,Contracts3,Medium, -cpp,MISRA-CPP-2023,RULE-0-0-1,Yes,Required,Decidable,Single Translation Unit,A function shall not contain unreachable statements,,,Medium, -cpp,MISRA-CPP-2023,RULE-0-0-2,Yes,Advisory,Undecidable,System,Controlling expressions should not be invariant,,,Easy, -cpp,MISRA-CPP-2023,RULE-0-1-1,Yes,Advisory,Undecidable,System,A value should not be unnecessarily written to a local object,,,Medium, -cpp,MISRA-CPP-2023,RULE-0-1-2,Yes,Required,Decidable,Single Translation Unit,The value returned by a function shall be used,,,Easy, -cpp,MISRA-CPP-2023,RULE-0-2-1,Yes,Advisory,Decidable,Single Translation Unit,Variables with limited visibility should be used at least once,,,Easy, -cpp,MISRA-CPP-2023,RULE-0-2-2,Yes,Required,Decidable,Single Translation Unit,A named function parameter shall be used at least once,,,Easy, -cpp,MISRA-CPP-2023,RULE-0-2-3,Yes,Advisory,Decidable,Single Translation Unit,Types with limited visibility should be used at least once,,,Easy, -cpp,MISRA-CPP-2023,RULE-0-2-4,Yes,Advisory,Decidable,System,Functions with limited visibility should be used at least once,,,Easy, -cpp,MISRA-CPP-2023,DIR-0-3-1,Yes,Advisory,,,Floating-point arithmetic should be used appropriately,,,Hard, -cpp,MISRA-CPP-2023,DIR-0-3-2,Yes,Required,,,A function call shall not violate the function’s preconditions,,,Hard, -cpp,MISRA-CPP-2023,RULE-4-1-1,Yes,Required,Undecidable,System,A program shall conform to ISO/IEC 14882:2017 (C++17),,,Hard, -cpp,MISRA-CPP-2023,RULE-4-1-2,Yes,Advisory,Decidable,Single Translation Unit,Deprecated features should not be used,,,Very Hard, -cpp,MISRA-CPP-2023,RULE-4-1-3,Yes,Required,Undecidable,System,There shall be no occurrence of undefined or critical unspecified behaviour,,,Very Hard, -cpp,MISRA-CPP-2023,RULE-4-6-1,Yes,Required,Undecidable,System,Operations on a memory location shall be sequenced appropriately,,,Import, -cpp,MISRA-CPP-2023,RULE-5-0-1,Yes,Advisory,Decidable,Single Translation Unit,Trigraph-like sequences should not be used,,,Very Hard, -cpp,MISRA-CPP-2023,RULE-5-7-1,Yes,Required,Decidable,Single Translation Unit,The character sequence /* shall not be used within a C-style comment,,,Import, -cpp,MISRA-CPP-2023,DIR-5-7-2,Yes,Advisory,,,Sections of code should not be “commented out”,,,Import, -cpp,MISRA-CPP-2023,RULE-5-7-3,Yes,Required,Decidable,Single Translation Unit,Line-splicing shall not be used in // comments,,,Import, -cpp,MISRA-CPP-2023,RULE-5-10-1,Yes,Required,Decidable,Single Translation Unit,User-defined identifiers shall have an appropriate form,,,Easy, -cpp,MISRA-CPP-2023,RULE-5-13-1,Yes,Required,Decidable,Single Translation Unit,"In character literals and non-raw string literals, \ shall only be used to form a defined escape sequence or universal character name",,,Import, -cpp,MISRA-CPP-2023,RULE-5-13-2,Yes,Required,Decidable,Single Translation Unit,"Octal escape sequences, hexadecimal escape sequences, and universal character names shall be terminated",,,Import, -cpp,MISRA-CPP-2023,RULE-5-13-3,Yes,Required,Decidable,Single Translation Unit,Octal constants shall not be used,,,Import, -cpp,MISRA-CPP-2023,RULE-5-13-4,Yes,Required,Decidable,Single Translation Unit,Unsigned integer literals shall be appropriately suffixed,,,Import, -cpp,MISRA-CPP-2023,RULE-5-13-5,Yes,Required,Decidable,Single Translation Unit,The lowercase form of L shall not be used as the first character in a literal suffix,,,Import, -cpp,MISRA-CPP-2023,RULE-5-13-6,Yes,Required,Decidable,Single Translation Unit,An integer-literal of type long long shall not use a single L or l in any suffix,,,Easy, -cpp,MISRA-CPP-2023,RULE-5-13-7,No,Required,Decidable,Single Translation Unit,String literals with different encoding prefixes shall not be concatenated,,,, -cpp,MISRA-CPP-2023,RULE-6-0-1,Yes,Required,Decidable,Single Translation Unit,Block scope declarations shall not be visually ambiguous,,,Easy, -cpp,MISRA-CPP-2023,RULE-6-0-2,Yes,Advisory,Decidable,Single Translation Unit,"When an array with external linkage is declared, its size should be explicitly specified",,,Easy, -cpp,MISRA-CPP-2023,RULE-6-0-3,Yes,Advisory,Decidable,Single Translation Unit,"The only declarations in the global namespace should be main, namespace declarations and extern ""C"" declarations",,,Import, -cpp,MISRA-CPP-2023,RULE-6-0-4,Yes,Required,Decidable,Single Translation Unit,The identifier main shall not be used for a function other than the global function main,,,Import, -cpp,MISRA-CPP-2023,RULE-6-2-1,Yes,Required,Decidable,System,The one-definition rule shall not be violated,,,Import, -cpp,MISRA-CPP-2023,RULE-6-2-2,Yes,Required,Decidable,System,All declarations of a variable or function shall have the same type,,,Easy, -cpp,MISRA-CPP-2023,RULE-6-2-3,Yes,Required,Decidable,System,The source code used to implement an entity shall appear only once,,,Medium, -cpp,MISRA-CPP-2023,RULE-6-2-4,Yes,Required,Decidable,Single Translation Unit,A header file shall not contain definitions of functions or objects that are non-inline and have external linkage,,,Easy, -cpp,MISRA-CPP-2023,RULE-6-4-1,Yes,Required,Decidable,Single Translation Unit,A variable declared in an inner scope shall not hide a variable declared in an outer scope,,,Import, -cpp,MISRA-CPP-2023,RULE-6-4-2,Yes,Required,Decidable,Single Translation Unit,Derived classes shall not conceal functions that are inherited from their bases,,,Import, -cpp,MISRA-CPP-2023,RULE-6-4-3,Yes,Required,Decidable,Single Translation Unit,A name that is present in a dependent base shall not be resolved by unqualified lookup,,,Import, -cpp,MISRA-CPP-2023,RULE-6-5-1,Yes,Advisory,Decidable,Single Translation Unit,A function or object with external linkage should be introduced in a header file,,,Medium, -cpp,MISRA-CPP-2023,RULE-6-5-2,Yes,Advisory,Decidable,Single Translation Unit,Internal linkage should be specified appropriately,,,Medium, -cpp,MISRA-CPP-2023,RULE-6-7-1,Yes,Required,Decidable,Single Translation Unit,Local variables shall not have static storage duration,,,Easy, -cpp,MISRA-CPP-2023,RULE-6-7-2,Yes,Required,Decidable,Single Translation Unit,Global variables shall not be used,,,Easy, -cpp,MISRA-CPP-2023,RULE-6-8-1,Yes,Required,Undecidable,System,An object shall not be accessed outside of its lifetime,,,Import, -cpp,MISRA-CPP-2023,RULE-6-8-2,Yes,Mandatory,Decidable,Single Translation Unit,A function must not return a reference or a pointer to a local variable with automatic storage duration,,,Import, -cpp,MISRA-CPP-2023,RULE-6-8-3,Yes,Required,Decidable,Single Translation Unit,An assignment operator shall not assign the address of an object with automatic storage duration to an object with a greater lifetime,,,Medium, -cpp,MISRA-CPP-2023,RULE-6-8-4,Yes,Advisory,Decidable,Single Translation Unit,Member functions returning references to their object should be refqualified appropriately,,,Medium, -cpp,MISRA-CPP-2023,RULE-6-9-1,Yes,Required,Decidable,Single Translation Unit,The same type aliases shall be used in all declarations of the same entity,,,Medium, -cpp,MISRA-CPP-2023,RULE-6-9-2,Yes,Advisory,Decidable,Single Translation Unit,The names of the standard signed integer types and standard unsigned integer types should not be used,,,Easy, -cpp,MISRA-CPP-2023,RULE-7-0-1,Yes,Required,Decidable,Single Translation Unit,There shall be no conversion from type bool,,,Easy, -cpp,MISRA-CPP-2023,RULE-7-0-2,Yes,Required,Decidable,Single Translation Unit,There shall be no conversion to type bool,,,Easy, -cpp,MISRA-CPP-2023,RULE-7-0-3,Yes,Required,Decidable,Single Translation Unit,The numerical value of a character shall not be used,,,Medium, -cpp,MISRA-CPP-2023,RULE-7-0-4,Yes,Required,Decidable,Single Translation Unit,The operands of bitwise operators and shift operators shall be appropriate,,,Medium, -cpp,MISRA-CPP-2023,RULE-7-0-5,Yes,Required,Decidable,Single Translation Unit,Integral promotion and the usual arithmetic conversions shall not change the signedness or the type category of an operand,,,Medium, -cpp,MISRA-CPP-2023,RULE-7-0-6,Yes,Required,Decidable,Single Translation Unit,Assignment between numeric types shall be appropriate,,,Hard, -cpp,MISRA-CPP-2023,RULE-7-11-1,Yes,Required,Decidable,Single Translation Unit,nullptr shall be the only form of the null-pointer-constant,,,Import, -cpp,MISRA-CPP-2023,RULE-7-11-2,Yes,Required,Decidable,Single Translation Unit,An array passed as a function argument shall not decay to a pointer,,,Import, -cpp,MISRA-CPP-2023,RULE-7-11-3,Yes,Required,Decidable,Single Translation Unit,A conversion from function type to pointer-to-function type shall only occur in appropriate contexts,,,Easy, -cpp,MISRA-CPP-2023,RULE-8-0-1,Yes,Advisory,Decidable,Single Translation Unit,Parentheses should be used to make the meaning of an expression appropriately explicit,,,Medium, -cpp,MISRA-CPP-2023,RULE-8-1-1,Yes,Required,Decidable,Single Translation Unit,A non-transient lambda shall not implicitly capture this,,,Easy, -cpp,MISRA-CPP-2023,RULE-8-1-2,Yes,Advisory,Decidable,Single Translation Unit,Variables should be captured explicitly in a non-transient lambda,,,Easy, -cpp,MISRA-CPP-2023,RULE-8-2-1,Yes,Required,Decidable,Single Translation Unit,A virtual base class shall only be cast to a derived class by means of dynamic_cast,,,Easy, -cpp,MISRA-CPP-2023,RULE-8-2-2,Yes,Required,Decidable,Single Translation Unit,C-style casts and functional notation casts shall not be used,,,Easy, -cpp,MISRA-CPP-2023,RULE-8-2-3,Yes,Required,Decidable,Single Translation Unit,A cast shall not remove any const or volatile qualification from the type accessed via a pointer or by reference,,,Import, -cpp,MISRA-CPP-2023,RULE-8-2-4,Yes,Required,Decidable,Single Translation Unit,Casts shall not be performed between a pointer to function and any other type,,,Import, -cpp,MISRA-CPP-2023,RULE-8-2-5,Yes,Required,Decidable,Single Translation Unit,reinterpret_cast shall not be used,,,Import, -cpp,MISRA-CPP-2023,RULE-8-2-6,Yes,Required,Decidable,Single Translation Unit,"An object with integral, enumerated, or pointer to void type shall not be cast to a pointer type",,,Easy, -cpp,MISRA-CPP-2023,RULE-8-2-7,Yes,Advisory,Decidable,Single Translation Unit,A cast should not convert a pointer type to an integral type,,,Easy, -cpp,MISRA-CPP-2023,RULE-8-2-8,Yes,Required,Decidable,Single Translation Unit,An object pointer type shall not be cast to an integral type other than std::uintptr_t or std::intptr_t,,,Easy, -cpp,MISRA-CPP-2023,RULE-8-2-9,Yes,Required,Decidable,Single Translation Unit,The operand to typeid shall not be an expression of polymorphic class type,,,Easy, -cpp,MISRA-CPP-2023,RULE-8-2-10,Yes,Required,Undecidable,System,"Functions shall not call themselves, either directly or indirectly",,,Import, -cpp,MISRA-CPP-2023,RULE-8-2-11,Yes,Required,Decidable,Single Translation Unit,An argument passed via ellipsis shall have an appropriate type,,,Easy, -cpp,MISRA-CPP-2023,RULE-8-3-1,Yes,Advisory,Decidable,Single Translation Unit,The built-in unary - operator should not be applied to an expression of unsigned type,,,Import, -cpp,MISRA-CPP-2023,RULE-8-3-2,Yes,Advisory,Decidable,Single Translation Unit,The built-in unary + operator should not be used,,,Easy, -cpp,MISRA-CPP-2023,RULE-8-7-1,Yes,Required,Undecidable,System,Pointer arithmetic shall not form an invalid pointer,,,Easy, -cpp,MISRA-CPP-2023,RULE-8-7-2,Yes,Required,Undecidable,System,Subtraction between pointers shall only be applied to pointers that address elements of the same array,,,Easy, -cpp,MISRA-CPP-2023,RULE-8-9-1,Yes,Required,Undecidable,System,"The built-in relational operators >, >=, < and <= shall not be applied to objects of pointer type, except where they point to elements of the same array",,,Easy, -cpp,MISRA-CPP-2023,RULE-8-14-1,Yes,Advisory,Undecidable,System,The right-hand operand of a logical && or operator should not contain persistent side effects,,,Medium, -cpp,MISRA-CPP-2023,RULE-8-18-1,Yes,Mandatory,Undecidable,System,An object or subobject must not be copied to an overlapping object,,,Hard, -cpp,MISRA-CPP-2023,RULE-8-18-2,Yes,Advisory,Decidable,Single Translation Unit,The result of an assignment operator should not be used,,,Import, -cpp,MISRA-CPP-2023,RULE-8-19-1,Yes,Advisory,Decidable,Single Translation Unit,The comma operator should not be used,,,Import, -cpp,MISRA-CPP-2023,RULE-8-20-1,Yes,Advisory,Decidable,Single Translation Unit,An unsigned arithmetic operation with constant operands should not wrap,,,Import, -cpp,MISRA-CPP-2023,RULE-9-2-1,Yes,Required,Decidable,Single Translation Unit,An explicit type conversion shall not be an expression statement,,,Easy, -cpp,MISRA-CPP-2023,RULE-9-3-1,Yes,Required,Decidable,Single Translation Unit,The body of an iteration-statement or a selection-statement shall be a compound-statement,,,Import, -cpp,MISRA-CPP-2023,RULE-9-4-1,Yes,Required,Decidable,Single Translation Unit,All if ... else if constructs shall be terminated with an else statement,,,Import, -cpp,MISRA-CPP-2023,RULE-9-4-2,Yes,Required,Decidable,Single Translation Unit,The structure of a switch statement shall be appropriate,,,Medium, -cpp,MISRA-CPP-2023,RULE-9-5-1,Yes,Advisory,Decidable,Single Translation Unit,Legacy for statements should be simple,,,Hard, -cpp,MISRA-CPP-2023,RULE-9-5-2,Yes,Required,Decidable,Single Translation Unit,A for-range-initializer shall contain at most one function call,,,Easy, -cpp,MISRA-CPP-2023,RULE-9-6-1,Yes,Advisory,Decidable,Single Translation Unit,The goto statement should not be used,,,Import, -cpp,MISRA-CPP-2023,RULE-9-6-2,Yes,Required,Decidable,Single Translation Unit,A goto statement shall reference a label in a surrounding block,,,Import, -cpp,MISRA-CPP-2023,RULE-9-6-3,Yes,Required,Decidable,Single Translation Unit,The goto statement shall jump to a label declared later in the function body,,,Import, -cpp,MISRA-CPP-2023,RULE-9-6-4,Yes,Required,Undecidable,System,A function declared with the [[noreturn]] attribute shall not return,,,Import, -cpp,MISRA-CPP-2023,RULE-9-6-5,Yes,Required,Decidable,Single Translation Unit,A function with non-void return type shall return a value on all paths,,,Import, -cpp,MISRA-CPP-2023,RULE-10-0-1,Yes,Advisory,Decidable,Single Translation Unit,A declaration should not declare more than one variable or member variable,,,Import, -cpp,MISRA-CPP-2023,RULE-10-1-1,Yes,Advisory,Decidable,Single Translation Unit,The target type of a pointer or lvalue reference parameter should be const-qualified appropriately,,,Hard, -cpp,MISRA-CPP-2023,RULE-10-1-2,Yes,Required,Decidable,Single Translation Unit,The volatile qualifier shall be used appropriately,,,Easy, -cpp,MISRA-CPP-2023,RULE-10-2-1,Yes,Required,Decidable,Single Translation Unit,An enumeration shall be defined with an explicit underlying type,,,Import, -cpp,MISRA-CPP-2023,RULE-10-2-2,Yes,Advisory,Decidable,Single Translation Unit,Unscoped enumerations should not be declared,,,Easy, -cpp,MISRA-CPP-2023,RULE-10-2-3,Yes,Required,Decidable,Single Translation Unit,The numeric value of an unscoped enumeration with no fixed underlying type shall not be used,,,Easy, -cpp,MISRA-CPP-2023,RULE-10-3-1,Yes,Advisory,Decidable,Single Translation Unit,There should be no unnamed namespaces in header files,,,Easy, -cpp,MISRA-CPP-2023,RULE-10-4-1,Yes,Required,Decidable,Single Translation Unit,The asm declaration shall not be used,,,Import, -cpp,MISRA-CPP-2023,RULE-11-3-1,Yes,Advisory,Decidable,Single Translation Unit,Variables of array type should not be declared,,,Easy, -cpp,MISRA-CPP-2023,RULE-11-3-2,Yes,Advisory,Decidable,Single Translation Unit,The declaration of an object should contain no more than two levels of pointer indirection,,,Import, -cpp,MISRA-CPP-2023,RULE-11-6-1,Yes,Advisory,Decidable,Single Translation Unit,All variables should be initialized,,,Easy, -cpp,MISRA-CPP-2023,RULE-11-6-2,Yes,Mandatory,Undecidable,System,The value of an object must not be read before it has been set,,,Very Hard, -cpp,MISRA-CPP-2023,RULE-11-6-3,Yes,Required,Decidable,Single Translation Unit,"Within an enumerator list, the value of an implicitly-specified enumeration constant shall be unique",,,Import, -cpp,MISRA-CPP-2023,RULE-12-2-1,Yes,Advisory,Decidable,Single Translation Unit,Bit-fields should not be declared,,,Easy, -cpp,MISRA-CPP-2023,RULE-12-2-2,Yes,Required,Decidable,Single Translation Unit,A bit-field shall have an appropriate type,,,Import, -cpp,MISRA-CPP-2023,RULE-12-2-3,Yes,Required,Decidable,Single Translation Unit,A named bit-field with signed integer type shall not have a length of one bit,,,Import, -cpp,MISRA-CPP-2023,RULE-12-3-1,Yes,Required,Decidable,Single Translation Unit,The union keyword shall not be used,,,Easy, -cpp,MISRA-CPP-2023,RULE-13-1-1,Yes,Advisory,Decidable,Single Translation Unit,Classes should not be inherited virtually,,,Easy, -cpp,MISRA-CPP-2023,RULE-13-1-2,Yes,Required,Decidable,Single Translation Unit,An accessible base class shall not be both virtual and non-virtual in the same hierarchy,,,Import, -cpp,MISRA-CPP-2023,RULE-13-3-1,Yes,Required,Decidable,Single Translation Unit,"User-declared member functions shall use the virtual, override and final specifiers appropriately",,,Easy, -cpp,MISRA-CPP-2023,RULE-13-3-2,Yes,Required,Decidable,Single Translation Unit,Parameters in an overriding virtual function shall not specify different default arguments,,,Import, -cpp,MISRA-CPP-2023,RULE-13-3-3,Yes,Required,Decidable,System,The parameters in all declarations or overrides of a function shall either be unnamed or have identical names,,,Import, -cpp,MISRA-CPP-2023,RULE-13-3-4,Yes,Required,Decidable,Single Translation Unit,A comparison of a potentially virtual pointer to member function shall only be with nullptr,,,Import, -cpp,MISRA-CPP-2023,RULE-14-1-1,Yes,Advisory,Decidable,Single Translation Unit,Non-static data members should be either all private or all public,,,Easy, -cpp,MISRA-CPP-2023,RULE-15-0-1,Yes,Required,Decidable,Single Translation Unit,Special member functions shall be provided appropriately,,,Medium, -cpp,MISRA-CPP-2023,RULE-15-0-2,Yes,Advisory,Decidable,Single Translation Unit,User-provided copy and move member functions of a class should have appropriate signatures,,,Easy, -cpp,MISRA-CPP-2023,RULE-15-1-1,Yes,Required,Undecidable,System,An object’s dynamic type shall not be used from within its constructor or destructor,,,Import, -cpp,MISRA-CPP-2023,RULE-15-1-2,Yes,Advisory,Decidable,Single Translation Unit,All constructors of a class should explicitly initialize all of its virtual base classes and immediate base classes,,,Import, -cpp,MISRA-CPP-2023,RULE-15-1-3,Yes,Required,Decidable,Single Translation Unit,Conversion operators and constructors that are callable with a single argument shall be explicit,,,Easy, -cpp,MISRA-CPP-2023,RULE-15-1-4,Yes,Advisory,Decidable,Single Translation Unit,"All direct, non-static data members of a class should be initialized before the class object is accessible",,,Hard, -cpp,MISRA-CPP-2023,RULE-15-1-5,Yes,Required,Decidable,Single Translation Unit,A class shall only define an initializer-list constructor when it is the only constructor,,,Import, -cpp,MISRA-CPP-2023,DIR-15-8-1,Yes,Required,#VALUE!,,User-provided copy assignment operators and move assignment operators shall handle self-assignment,,,Import, -cpp,MISRA-CPP-2023,RULE-16-5-1,Yes,Required,Decidable,Single Translation Unit,The logical AND and logical OR operators shall not be overloaded,,,Easy, -cpp,MISRA-CPP-2023,RULE-16-5-2,Yes,Required,Decidable,Single Translation Unit,The address-of operator shall not be overloaded,,,Import, -cpp,MISRA-CPP-2023,RULE-16-6-1,Yes,Advisory,Decidable,Single Translation Unit,Symmetrical operators should only be implemented as non-member functions,,,Medium, -cpp,MISRA-CPP-2023,RULE-17-8-1,Yes,Required,Decidable,Single Translation Unit,Function templates shall not be explicitly specialized,,,Import, -cpp,MISRA-CPP-2023,RULE-18-1-1,Yes,Required,Decidable,Single Translation Unit,An exception object shall not have pointer type,,,Import, -cpp,MISRA-CPP-2023,RULE-18-1-2,Yes,Required,Decidable,Single Translation Unit,An empty throw shall only occur within the compound-statement of a catch handler,,,Import, -cpp,MISRA-CPP-2023,RULE-18-3-1,Yes,Advisory,Decidable,Single Translation Unit,There should be at least one exception handler to catch all otherwise unhandled exceptions,,,Easy, -cpp,MISRA-CPP-2023,RULE-18-3-2,Yes,Required,Decidable,Single Translation Unit,An exception of class type shall be caught by const reference or reference,,,Easy, -cpp,MISRA-CPP-2023,RULE-18-3-3,Yes,Required,Decidable,Single Translation Unit,Handlers for a function-try-block of a constructor or destructor shall not refer to non-static members from their class or its bases,,,Import, -cpp,MISRA-CPP-2023,RULE-18-4-1,Yes,Required,Decidable,Single Translation Unit,Exception-unfriendly functions shall be noexcept,,,Easy, -cpp,MISRA-CPP-2023,RULE-18-5-1,Yes,Advisory,Undecidable,System,A noexcept function should not attempt to propagate an exception to the calling function,,,Import, -cpp,MISRA-CPP-2023,RULE-18-5-2,Yes,Advisory,Decidable,Single Translation Unit,Program-terminating functions should not be used,,,Easy, -cpp,MISRA-CPP-2023,RULE-19-0-1,No,Required,Decidable,Single Translation Unit,A line whose first token is # shall be a valid preprocessing directive,,,, -cpp,MISRA-CPP-2023,RULE-19-0-2,Yes,Required,Decidable,Single Translation Unit,Function-like macros shall not be defined,,,Import, -cpp,MISRA-CPP-2023,RULE-19-0-3,Yes,Advisory,Decidable,Single Translation Unit,#include directives should only be preceded by preprocessor directives or comments,,,Import, -cpp,MISRA-CPP-2023,RULE-19-0-4,Yes,Advisory,Decidable,Single Translation Unit,#undef should only be used for macros defined previously in the same file,,,Easy, -cpp,MISRA-CPP-2023,RULE-19-1-1,Yes,Required,Decidable,Single Translation Unit,The defined preprocessor operator shall be used appropriately,,,Easy, -cpp,MISRA-CPP-2023,RULE-19-1-2,No,Required,Decidable,Single Translation Unit,"All #else, #elif and #endif preprocessor directives shall reside in the same file as the #if, #ifdef or #ifndef directive to which they are related",,,, -cpp,MISRA-CPP-2023,RULE-19-1-3,Yes,Required,Decidable,Single Translation Unit,All identifiers used in the controlling expression of #if or #elif preprocessing directives shall be defined prior to evaluation,,,Import, -cpp,MISRA-CPP-2023,RULE-19-2-1,Yes,Required,Decidable,Single Translation Unit,Precautions shall be taken in order to prevent the contents of a header file being included more than once,,,Easy, -cpp,MISRA-CPP-2023,RULE-19-2-2,Yes,Required,Decidable,Single Translation Unit,"The #include directive shall be followed by either a or ""filename"" sequence",,,Easy, -cpp,MISRA-CPP-2023,RULE-19-2-3,Yes,Required,Decidable,Single Translation Unit,"The ' or "" or \ characters and the /* or // character sequences shall not occur in a header file name",,,Import, -cpp,MISRA-CPP-2023,RULE-19-3-1,Yes,Advisory,Decidable,Single Translation Unit,The # and ## preprocessor operators should not be used,,,Import, -cpp,MISRA-CPP-2023,RULE-19-3-2,Yes,Required,Decidable,Single Translation Unit,A macro parameter immediately following a # operator shall not be immediately followed by a ## operator,,,Import, -cpp,MISRA-CPP-2023,RULE-19-3-3,Yes,Required,Decidable,Single Translation Unit,The argument to a mixed-use macro parameter shall not be subject to further expansion,,,Import, -cpp,MISRA-CPP-2023,RULE-19-3-4,Yes,Required,Decidable,Single Translation Unit,Parentheses shall be used to ensure macro arguments are expanded appropriately,,,Medium, -cpp,MISRA-CPP-2023,RULE-19-3-5,Yes,Required,Decidable,Single Translation Unit,Tokens that look like a preprocessing directive shall not occur within a macro argument,,,Import, -cpp,MISRA-CPP-2023,RULE-19-6-1,Yes,Advisory,Decidable,Single Translation Unit,The #pragma directive and the _Pragma operator should not be used,,,Easy, -cpp,MISRA-CPP-2023,RULE-21-2-1,Yes,Required,Decidable,Single Translation Unit,"The library functions atof, atoi, atol and atoll from shall not be used",,,Import, -cpp,MISRA-CPP-2023,RULE-21-2-2,Yes,Required,Decidable,Single Translation Unit,"The string handling functions from , , and shall not be used",,,Easy, -cpp,MISRA-CPP-2023,RULE-21-2-3,Yes,Required,Decidable,Single Translation Unit,The library function system from shall not be used,,,Easy, -cpp,MISRA-CPP-2023,RULE-21-2-4,Yes,Required,Decidable,Single Translation Unit,The macro offsetof shall not be used,,,Import, -cpp,MISRA-CPP-2023,RULE-21-6-1,Yes,Advisory,Undecidable,Single Translation Unit,Dynamic memory should not be used,,,Easy, -cpp,MISRA-CPP-2023,RULE-21-6-2,Yes,Required,Decidable,Single Translation Unit,Dynamic memory shall be managed automatically,,,Easy, -cpp,MISRA-CPP-2023,RULE-21-6-3,Yes,Required,Decidable,Single Translation Unit,Advanced memory management shall not be used,,,Medium, -cpp,MISRA-CPP-2023,RULE-21-6-4,Yes,Required,Decidable,System,"If a project defines either a sized or unsized version of a global operator delete, then both shall be defined",,,Import, -cpp,MISRA-CPP-2023,RULE-21-6-5,Yes,Required,Decidable,Single Translation Unit,A pointer to an incomplete class type shall not be deleted,,,Import, -cpp,MISRA-CPP-2023,RULE-21-10-1,Yes,Required,Decidable,Single Translation Unit,The features of shall not be used,,,Easy, -cpp,MISRA-CPP-2023,RULE-21-10-2,Yes,Required,Decidable,Single Translation Unit,The standard header file shall not be used,,,Easy, -cpp,MISRA-CPP-2023,RULE-21-10-3,Yes,Required,Decidable,Single Translation Unit,The facilities provided by the standard header file shall not be used,,,Import, -cpp,MISRA-CPP-2023,RULE-22-3-1,Yes,Required,Decidable,Single Translation Unit,The assert macro shall not be used with a constant-expression,,,Easy, -cpp,MISRA-CPP-2023,RULE-22-4-1,Yes,Required,Decidable,Single Translation Unit,The literal value zero shall be the only value assigned to errno,,,Easy, -cpp,MISRA-CPP-2023,RULE-23-11-1,Yes,Advisory,Decidable,Single Translation Unit,The raw pointer constructors of std::shared_ptr and std::unique_ptr should not be used,,,Easy, -cpp,MISRA-CPP-2023,RULE-24-5-1,Yes,Required,Decidable,Single Translation Unit,The character handling functions from and shall not be used,,,Easy, -cpp,MISRA-CPP-2023,RULE-24-5-2,Yes,Required,Decidable,Single Translation Unit,"The C++ Standard Library functions memcpy, memmove and memcmp from shall not be used",,,Easy, -cpp,MISRA-CPP-2023,RULE-25-5-1,Yes,Required,Decidable,Single Translation Unit,The setlocale and std::locale::global functions shall not be called,,,Easy, -cpp,MISRA-CPP-2023,RULE-25-5-2,Yes,Mandatory,Decidable,Single Translation Unit,"The pointers returned by the C++ Standard Library functions localeconv, getenv, setlocale or strerror must only be used as if they have pointer to const-qualified type",,,Import, -cpp,MISRA-CPP-2023,RULE-25-5-3,Yes,Mandatory,Undecidable,System,"The pointer returned by the C++ Standard Library functions asctime, ctime, gmtime, localtime, localeconv, getenv, setlocale or strerror must not be used following a subsequent call to the same function",,,Import, -cpp,MISRA-CPP-2023,RULE-26-3-1,Yes,Advisory,Decidable,Single Translation Unit,std::vector should not be specialized with bool,,,Import, -cpp,MISRA-CPP-2023,RULE-28-3-1,Yes,Required,Undecidable,System,Predicates shall not have persistent side effects,,,Easy, -cpp,MISRA-CPP-2023,RULE-28-6-1,Yes,Required,Decidable,Single Translation Unit,The argument to std::move shall be a non-const lvalue,,,Easy, -cpp,MISRA-CPP-2023,RULE-28-6-2,Yes,Required,Decidable,Single Translation Unit,Forwarding references and std::forward shall be used together,,,Import, -cpp,MISRA-CPP-2023,RULE-28-6-3,Yes,Required,Decidable,Single Translation Unit,An object shall not be used while in a potentially moved-from state,,,Import, -cpp,MISRA-CPP-2023,RULE-28-6-4,Yes,Required,Decidable,Single Translation Unit,"The result of std::remove, std::remove_if, std::unique and empty shall be used",,,Easy, -cpp,MISRA-CPP-2023,RULE-30-0-1,Yes,Required,Decidable,Single Translation Unit,The C Library input/output functions shall not be used,,,Import, -cpp,MISRA-CPP-2023,RULE-30-0-2,Yes,Required,Undecidable,System,Reads and writes on the same file stream shall be separated by a positioning operation,,,Import, \ No newline at end of file +cpp,MISRA-C++-2023,RULE-0-0-1,Yes,Required,Decidable,Single Translation Unit,A function shall not contain unreachable statements,,,Medium, +cpp,MISRA-C++-2023,RULE-0-0-2,Yes,Advisory,Undecidable,System,Controlling expressions should not be invariant,,,Easy, +cpp,MISRA-C++-2023,RULE-0-1-1,Yes,Advisory,Undecidable,System,A value should not be unnecessarily written to a local object,,,Medium, +cpp,MISRA-C++-2023,RULE-0-1-2,Yes,Required,Decidable,Single Translation Unit,The value returned by a function shall be used,,,Easy, +cpp,MISRA-C++-2023,RULE-0-2-1,Yes,Advisory,Decidable,Single Translation Unit,Variables with limited visibility should be used at least once,,,Easy, +cpp,MISRA-C++-2023,RULE-0-2-2,Yes,Required,Decidable,Single Translation Unit,A named function parameter shall be used at least once,,,Easy, +cpp,MISRA-C++-2023,RULE-0-2-3,Yes,Advisory,Decidable,Single Translation Unit,Types with limited visibility should be used at least once,,,Easy, +cpp,MISRA-C++-2023,RULE-0-2-4,Yes,Advisory,Decidable,System,Functions with limited visibility should be used at least once,,,Easy, +cpp,MISRA-C++-2023,DIR-0-3-1,Yes,Advisory,,,Floating-point arithmetic should be used appropriately,,,Hard, +cpp,MISRA-C++-2023,DIR-0-3-2,Yes,Required,,,A function call shall not violate the function’s preconditions,,,Hard, +cpp,MISRA-C++-2023,RULE-4-1-1,Yes,Required,Undecidable,System,A program shall conform to ISO/IEC 14882:2017 (C++17),,,Hard, +cpp,MISRA-C++-2023,RULE-4-1-2,Yes,Advisory,Decidable,Single Translation Unit,Deprecated features should not be used,,,Very Hard, +cpp,MISRA-C++-2023,RULE-4-1-3,Yes,Required,Undecidable,System,There shall be no occurrence of undefined or critical unspecified behaviour,,,Very Hard, +cpp,MISRA-C++-2023,RULE-4-6-1,Yes,Required,Undecidable,System,Operations on a memory location shall be sequenced appropriately,,,Import, +cpp,MISRA-C++-2023,RULE-5-0-1,Yes,Advisory,Decidable,Single Translation Unit,Trigraph-like sequences should not be used,,,Very Hard, +cpp,MISRA-C++-2023,RULE-5-7-1,Yes,Required,Decidable,Single Translation Unit,The character sequence /* shall not be used within a C-style comment,,,Import, +cpp,MISRA-C++-2023,DIR-5-7-2,Yes,Advisory,,,Sections of code should not be “commented out”,,,Import, +cpp,MISRA-C++-2023,RULE-5-7-3,Yes,Required,Decidable,Single Translation Unit,Line-splicing shall not be used in // comments,,,Import, +cpp,MISRA-C++-2023,RULE-5-10-1,Yes,Required,Decidable,Single Translation Unit,User-defined identifiers shall have an appropriate form,,,Easy, +cpp,MISRA-C++-2023,RULE-5-13-1,Yes,Required,Decidable,Single Translation Unit,"In character literals and non-raw string literals, \ shall only be used to form a defined escape sequence or universal character name",,,Import, +cpp,MISRA-C++-2023,RULE-5-13-2,Yes,Required,Decidable,Single Translation Unit,"Octal escape sequences, hexadecimal escape sequences, and universal character names shall be terminated",,,Import, +cpp,MISRA-C++-2023,RULE-5-13-3,Yes,Required,Decidable,Single Translation Unit,Octal constants shall not be used,,,Import, +cpp,MISRA-C++-2023,RULE-5-13-4,Yes,Required,Decidable,Single Translation Unit,Unsigned integer literals shall be appropriately suffixed,,,Import, +cpp,MISRA-C++-2023,RULE-5-13-5,Yes,Required,Decidable,Single Translation Unit,The lowercase form of L shall not be used as the first character in a literal suffix,,,Import, +cpp,MISRA-C++-2023,RULE-5-13-6,Yes,Required,Decidable,Single Translation Unit,An integer-literal of type long long shall not use a single L or l in any suffix,,,Easy, +cpp,MISRA-C++-2023,RULE-5-13-7,No,Required,Decidable,Single Translation Unit,String literals with different encoding prefixes shall not be concatenated,,,, +cpp,MISRA-C++-2023,RULE-6-0-1,Yes,Required,Decidable,Single Translation Unit,Block scope declarations shall not be visually ambiguous,,,Easy, +cpp,MISRA-C++-2023,RULE-6-0-2,Yes,Advisory,Decidable,Single Translation Unit,"When an array with external linkage is declared, its size should be explicitly specified",,,Easy, +cpp,MISRA-C++-2023,RULE-6-0-3,Yes,Advisory,Decidable,Single Translation Unit,"The only declarations in the global namespace should be main, namespace declarations and extern ""C"" declarations",,,Import, +cpp,MISRA-C++-2023,RULE-6-0-4,Yes,Required,Decidable,Single Translation Unit,The identifier main shall not be used for a function other than the global function main,,,Import, +cpp,MISRA-C++-2023,RULE-6-2-1,Yes,Required,Decidable,System,The one-definition rule shall not be violated,,,Import, +cpp,MISRA-C++-2023,RULE-6-2-2,Yes,Required,Decidable,System,All declarations of a variable or function shall have the same type,,,Easy, +cpp,MISRA-C++-2023,RULE-6-2-3,Yes,Required,Decidable,System,The source code used to implement an entity shall appear only once,,,Medium, +cpp,MISRA-C++-2023,RULE-6-2-4,Yes,Required,Decidable,Single Translation Unit,A header file shall not contain definitions of functions or objects that are non-inline and have external linkage,,,Easy, +cpp,MISRA-C++-2023,RULE-6-4-1,Yes,Required,Decidable,Single Translation Unit,A variable declared in an inner scope shall not hide a variable declared in an outer scope,,,Import, +cpp,MISRA-C++-2023,RULE-6-4-2,Yes,Required,Decidable,Single Translation Unit,Derived classes shall not conceal functions that are inherited from their bases,,,Import, +cpp,MISRA-C++-2023,RULE-6-4-3,Yes,Required,Decidable,Single Translation Unit,A name that is present in a dependent base shall not be resolved by unqualified lookup,,,Import, +cpp,MISRA-C++-2023,RULE-6-5-1,Yes,Advisory,Decidable,Single Translation Unit,A function or object with external linkage should be introduced in a header file,,,Medium, +cpp,MISRA-C++-2023,RULE-6-5-2,Yes,Advisory,Decidable,Single Translation Unit,Internal linkage should be specified appropriately,,,Medium, +cpp,MISRA-C++-2023,RULE-6-7-1,Yes,Required,Decidable,Single Translation Unit,Local variables shall not have static storage duration,,,Easy, +cpp,MISRA-C++-2023,RULE-6-7-2,Yes,Required,Decidable,Single Translation Unit,Global variables shall not be used,,,Easy, +cpp,MISRA-C++-2023,RULE-6-8-1,Yes,Required,Undecidable,System,An object shall not be accessed outside of its lifetime,,,Import, +cpp,MISRA-C++-2023,RULE-6-8-2,Yes,Mandatory,Decidable,Single Translation Unit,A function must not return a reference or a pointer to a local variable with automatic storage duration,,,Import, +cpp,MISRA-C++-2023,RULE-6-8-3,Yes,Required,Decidable,Single Translation Unit,An assignment operator shall not assign the address of an object with automatic storage duration to an object with a greater lifetime,,,Medium, +cpp,MISRA-C++-2023,RULE-6-8-4,Yes,Advisory,Decidable,Single Translation Unit,Member functions returning references to their object should be refqualified appropriately,,,Medium, +cpp,MISRA-C++-2023,RULE-6-9-1,Yes,Required,Decidable,Single Translation Unit,The same type aliases shall be used in all declarations of the same entity,,,Medium, +cpp,MISRA-C++-2023,RULE-6-9-2,Yes,Advisory,Decidable,Single Translation Unit,The names of the standard signed integer types and standard unsigned integer types should not be used,,,Easy, +cpp,MISRA-C++-2023,RULE-7-0-1,Yes,Required,Decidable,Single Translation Unit,There shall be no conversion from type bool,,,Easy, +cpp,MISRA-C++-2023,RULE-7-0-2,Yes,Required,Decidable,Single Translation Unit,There shall be no conversion to type bool,,,Easy, +cpp,MISRA-C++-2023,RULE-7-0-3,Yes,Required,Decidable,Single Translation Unit,The numerical value of a character shall not be used,,,Medium, +cpp,MISRA-C++-2023,RULE-7-0-4,Yes,Required,Decidable,Single Translation Unit,The operands of bitwise operators and shift operators shall be appropriate,,,Medium, +cpp,MISRA-C++-2023,RULE-7-0-5,Yes,Required,Decidable,Single Translation Unit,Integral promotion and the usual arithmetic conversions shall not change the signedness or the type category of an operand,,,Medium, +cpp,MISRA-C++-2023,RULE-7-0-6,Yes,Required,Decidable,Single Translation Unit,Assignment between numeric types shall be appropriate,,,Hard, +cpp,MISRA-C++-2023,RULE-7-11-1,Yes,Required,Decidable,Single Translation Unit,nullptr shall be the only form of the null-pointer-constant,,,Import, +cpp,MISRA-C++-2023,RULE-7-11-2,Yes,Required,Decidable,Single Translation Unit,An array passed as a function argument shall not decay to a pointer,,,Import, +cpp,MISRA-C++-2023,RULE-7-11-3,Yes,Required,Decidable,Single Translation Unit,A conversion from function type to pointer-to-function type shall only occur in appropriate contexts,,,Easy, +cpp,MISRA-C++-2023,RULE-8-0-1,Yes,Advisory,Decidable,Single Translation Unit,Parentheses should be used to make the meaning of an expression appropriately explicit,,,Medium, +cpp,MISRA-C++-2023,RULE-8-1-1,Yes,Required,Decidable,Single Translation Unit,A non-transient lambda shall not implicitly capture this,,,Easy, +cpp,MISRA-C++-2023,RULE-8-1-2,Yes,Advisory,Decidable,Single Translation Unit,Variables should be captured explicitly in a non-transient lambda,,,Easy, +cpp,MISRA-C++-2023,RULE-8-2-1,Yes,Required,Decidable,Single Translation Unit,A virtual base class shall only be cast to a derived class by means of dynamic_cast,,,Easy, +cpp,MISRA-C++-2023,RULE-8-2-2,Yes,Required,Decidable,Single Translation Unit,C-style casts and functional notation casts shall not be used,,,Easy, +cpp,MISRA-C++-2023,RULE-8-2-3,Yes,Required,Decidable,Single Translation Unit,A cast shall not remove any const or volatile qualification from the type accessed via a pointer or by reference,,,Import, +cpp,MISRA-C++-2023,RULE-8-2-4,Yes,Required,Decidable,Single Translation Unit,Casts shall not be performed between a pointer to function and any other type,,,Import, +cpp,MISRA-C++-2023,RULE-8-2-5,Yes,Required,Decidable,Single Translation Unit,reinterpret_cast shall not be used,,,Import, +cpp,MISRA-C++-2023,RULE-8-2-6,Yes,Required,Decidable,Single Translation Unit,"An object with integral, enumerated, or pointer to void type shall not be cast to a pointer type",,,Easy, +cpp,MISRA-C++-2023,RULE-8-2-7,Yes,Advisory,Decidable,Single Translation Unit,A cast should not convert a pointer type to an integral type,,,Easy, +cpp,MISRA-C++-2023,RULE-8-2-8,Yes,Required,Decidable,Single Translation Unit,An object pointer type shall not be cast to an integral type other than std::uintptr_t or std::intptr_t,,,Easy, +cpp,MISRA-C++-2023,RULE-8-2-9,Yes,Required,Decidable,Single Translation Unit,The operand to typeid shall not be an expression of polymorphic class type,,,Easy, +cpp,MISRA-C++-2023,RULE-8-2-10,Yes,Required,Undecidable,System,"Functions shall not call themselves, either directly or indirectly",,,Import, +cpp,MISRA-C++-2023,RULE-8-2-11,Yes,Required,Decidable,Single Translation Unit,An argument passed via ellipsis shall have an appropriate type,,,Easy, +cpp,MISRA-C++-2023,RULE-8-3-1,Yes,Advisory,Decidable,Single Translation Unit,The built-in unary - operator should not be applied to an expression of unsigned type,,,Import, +cpp,MISRA-C++-2023,RULE-8-3-2,Yes,Advisory,Decidable,Single Translation Unit,The built-in unary + operator should not be used,,,Easy, +cpp,MISRA-C++-2023,RULE-8-7-1,Yes,Required,Undecidable,System,Pointer arithmetic shall not form an invalid pointer,,,Easy, +cpp,MISRA-C++-2023,RULE-8-7-2,Yes,Required,Undecidable,System,Subtraction between pointers shall only be applied to pointers that address elements of the same array,,,Easy, +cpp,MISRA-C++-2023,RULE-8-9-1,Yes,Required,Undecidable,System,"The built-in relational operators >, >=, < and <= shall not be applied to objects of pointer type, except where they point to elements of the same array",,,Easy, +cpp,MISRA-C++-2023,RULE-8-14-1,Yes,Advisory,Undecidable,System,The right-hand operand of a logical && or operator should not contain persistent side effects,,,Medium, +cpp,MISRA-C++-2023,RULE-8-18-1,Yes,Mandatory,Undecidable,System,An object or subobject must not be copied to an overlapping object,,,Hard, +cpp,MISRA-C++-2023,RULE-8-18-2,Yes,Advisory,Decidable,Single Translation Unit,The result of an assignment operator should not be used,,,Import, +cpp,MISRA-C++-2023,RULE-8-19-1,Yes,Advisory,Decidable,Single Translation Unit,The comma operator should not be used,,,Import, +cpp,MISRA-C++-2023,RULE-8-20-1,Yes,Advisory,Decidable,Single Translation Unit,An unsigned arithmetic operation with constant operands should not wrap,,,Import, +cpp,MISRA-C++-2023,RULE-9-2-1,Yes,Required,Decidable,Single Translation Unit,An explicit type conversion shall not be an expression statement,,,Easy, +cpp,MISRA-C++-2023,RULE-9-3-1,Yes,Required,Decidable,Single Translation Unit,The body of an iteration-statement or a selection-statement shall be a compound-statement,,,Import, +cpp,MISRA-C++-2023,RULE-9-4-1,Yes,Required,Decidable,Single Translation Unit,All if ... else if constructs shall be terminated with an else statement,,,Import, +cpp,MISRA-C++-2023,RULE-9-4-2,Yes,Required,Decidable,Single Translation Unit,The structure of a switch statement shall be appropriate,,,Medium, +cpp,MISRA-C++-2023,RULE-9-5-1,Yes,Advisory,Decidable,Single Translation Unit,Legacy for statements should be simple,,,Hard, +cpp,MISRA-C++-2023,RULE-9-5-2,Yes,Required,Decidable,Single Translation Unit,A for-range-initializer shall contain at most one function call,,,Easy, +cpp,MISRA-C++-2023,RULE-9-6-1,Yes,Advisory,Decidable,Single Translation Unit,The goto statement should not be used,,,Import, +cpp,MISRA-C++-2023,RULE-9-6-2,Yes,Required,Decidable,Single Translation Unit,A goto statement shall reference a label in a surrounding block,,,Import, +cpp,MISRA-C++-2023,RULE-9-6-3,Yes,Required,Decidable,Single Translation Unit,The goto statement shall jump to a label declared later in the function body,,,Import, +cpp,MISRA-C++-2023,RULE-9-6-4,Yes,Required,Undecidable,System,A function declared with the [[noreturn]] attribute shall not return,,,Import, +cpp,MISRA-C++-2023,RULE-9-6-5,Yes,Required,Decidable,Single Translation Unit,A function with non-void return type shall return a value on all paths,,,Import, +cpp,MISRA-C++-2023,RULE-10-0-1,Yes,Advisory,Decidable,Single Translation Unit,A declaration should not declare more than one variable or member variable,,,Import, +cpp,MISRA-C++-2023,RULE-10-1-1,Yes,Advisory,Decidable,Single Translation Unit,The target type of a pointer or lvalue reference parameter should be const-qualified appropriately,,,Hard, +cpp,MISRA-C++-2023,RULE-10-1-2,Yes,Required,Decidable,Single Translation Unit,The volatile qualifier shall be used appropriately,,,Easy, +cpp,MISRA-C++-2023,RULE-10-2-1,Yes,Required,Decidable,Single Translation Unit,An enumeration shall be defined with an explicit underlying type,,,Import, +cpp,MISRA-C++-2023,RULE-10-2-2,Yes,Advisory,Decidable,Single Translation Unit,Unscoped enumerations should not be declared,,,Easy, +cpp,MISRA-C++-2023,RULE-10-2-3,Yes,Required,Decidable,Single Translation Unit,The numeric value of an unscoped enumeration with no fixed underlying type shall not be used,,,Easy, +cpp,MISRA-C++-2023,RULE-10-3-1,Yes,Advisory,Decidable,Single Translation Unit,There should be no unnamed namespaces in header files,,,Easy, +cpp,MISRA-C++-2023,RULE-10-4-1,Yes,Required,Decidable,Single Translation Unit,The asm declaration shall not be used,,,Import, +cpp,MISRA-C++-2023,RULE-11-3-1,Yes,Advisory,Decidable,Single Translation Unit,Variables of array type should not be declared,,,Easy, +cpp,MISRA-C++-2023,RULE-11-3-2,Yes,Advisory,Decidable,Single Translation Unit,The declaration of an object should contain no more than two levels of pointer indirection,,,Import, +cpp,MISRA-C++-2023,RULE-11-6-1,Yes,Advisory,Decidable,Single Translation Unit,All variables should be initialized,,,Easy, +cpp,MISRA-C++-2023,RULE-11-6-2,Yes,Mandatory,Undecidable,System,The value of an object must not be read before it has been set,,,Very Hard, +cpp,MISRA-C++-2023,RULE-11-6-3,Yes,Required,Decidable,Single Translation Unit,"Within an enumerator list, the value of an implicitly-specified enumeration constant shall be unique",,,Import, +cpp,MISRA-C++-2023,RULE-12-2-1,Yes,Advisory,Decidable,Single Translation Unit,Bit-fields should not be declared,,,Easy, +cpp,MISRA-C++-2023,RULE-12-2-2,Yes,Required,Decidable,Single Translation Unit,A bit-field shall have an appropriate type,,,Import, +cpp,MISRA-C++-2023,RULE-12-2-3,Yes,Required,Decidable,Single Translation Unit,A named bit-field with signed integer type shall not have a length of one bit,,,Import, +cpp,MISRA-C++-2023,RULE-12-3-1,Yes,Required,Decidable,Single Translation Unit,The union keyword shall not be used,,,Easy, +cpp,MISRA-C++-2023,RULE-13-1-1,Yes,Advisory,Decidable,Single Translation Unit,Classes should not be inherited virtually,,,Easy, +cpp,MISRA-C++-2023,RULE-13-1-2,Yes,Required,Decidable,Single Translation Unit,An accessible base class shall not be both virtual and non-virtual in the same hierarchy,,,Import, +cpp,MISRA-C++-2023,RULE-13-3-1,Yes,Required,Decidable,Single Translation Unit,"User-declared member functions shall use the virtual, override and final specifiers appropriately",,,Easy, +cpp,MISRA-C++-2023,RULE-13-3-2,Yes,Required,Decidable,Single Translation Unit,Parameters in an overriding virtual function shall not specify different default arguments,,,Import, +cpp,MISRA-C++-2023,RULE-13-3-3,Yes,Required,Decidable,System,The parameters in all declarations or overrides of a function shall either be unnamed or have identical names,,,Import, +cpp,MISRA-C++-2023,RULE-13-3-4,Yes,Required,Decidable,Single Translation Unit,A comparison of a potentially virtual pointer to member function shall only be with nullptr,,,Import, +cpp,MISRA-C++-2023,RULE-14-1-1,Yes,Advisory,Decidable,Single Translation Unit,Non-static data members should be either all private or all public,,,Easy, +cpp,MISRA-C++-2023,RULE-15-0-1,Yes,Required,Decidable,Single Translation Unit,Special member functions shall be provided appropriately,,,Medium, +cpp,MISRA-C++-2023,RULE-15-0-2,Yes,Advisory,Decidable,Single Translation Unit,User-provided copy and move member functions of a class should have appropriate signatures,,,Easy, +cpp,MISRA-C++-2023,RULE-15-1-1,Yes,Required,Undecidable,System,An object’s dynamic type shall not be used from within its constructor or destructor,,,Import, +cpp,MISRA-C++-2023,RULE-15-1-2,Yes,Advisory,Decidable,Single Translation Unit,All constructors of a class should explicitly initialize all of its virtual base classes and immediate base classes,,,Import, +cpp,MISRA-C++-2023,RULE-15-1-3,Yes,Required,Decidable,Single Translation Unit,Conversion operators and constructors that are callable with a single argument shall be explicit,,,Easy, +cpp,MISRA-C++-2023,RULE-15-1-4,Yes,Advisory,Decidable,Single Translation Unit,"All direct, non-static data members of a class should be initialized before the class object is accessible",,,Hard, +cpp,MISRA-C++-2023,RULE-15-1-5,Yes,Required,Decidable,Single Translation Unit,A class shall only define an initializer-list constructor when it is the only constructor,,,Import, +cpp,MISRA-C++-2023,DIR-15-8-1,Yes,Required,#VALUE!,,User-provided copy assignment operators and move assignment operators shall handle self-assignment,,,Import, +cpp,MISRA-C++-2023,RULE-16-5-1,Yes,Required,Decidable,Single Translation Unit,The logical AND and logical OR operators shall not be overloaded,,,Easy, +cpp,MISRA-C++-2023,RULE-16-5-2,Yes,Required,Decidable,Single Translation Unit,The address-of operator shall not be overloaded,,,Import, +cpp,MISRA-C++-2023,RULE-16-6-1,Yes,Advisory,Decidable,Single Translation Unit,Symmetrical operators should only be implemented as non-member functions,,,Medium, +cpp,MISRA-C++-2023,RULE-17-8-1,Yes,Required,Decidable,Single Translation Unit,Function templates shall not be explicitly specialized,,,Import, +cpp,MISRA-C++-2023,RULE-18-1-1,Yes,Required,Decidable,Single Translation Unit,An exception object shall not have pointer type,,,Import, +cpp,MISRA-C++-2023,RULE-18-1-2,Yes,Required,Decidable,Single Translation Unit,An empty throw shall only occur within the compound-statement of a catch handler,,,Import, +cpp,MISRA-C++-2023,RULE-18-3-1,Yes,Advisory,Decidable,Single Translation Unit,There should be at least one exception handler to catch all otherwise unhandled exceptions,,,Easy, +cpp,MISRA-C++-2023,RULE-18-3-2,Yes,Required,Decidable,Single Translation Unit,An exception of class type shall be caught by const reference or reference,,,Easy, +cpp,MISRA-C++-2023,RULE-18-3-3,Yes,Required,Decidable,Single Translation Unit,Handlers for a function-try-block of a constructor or destructor shall not refer to non-static members from their class or its bases,,,Import, +cpp,MISRA-C++-2023,RULE-18-4-1,Yes,Required,Decidable,Single Translation Unit,Exception-unfriendly functions shall be noexcept,,,Easy, +cpp,MISRA-C++-2023,RULE-18-5-1,Yes,Advisory,Undecidable,System,A noexcept function should not attempt to propagate an exception to the calling function,,,Import, +cpp,MISRA-C++-2023,RULE-18-5-2,Yes,Advisory,Decidable,Single Translation Unit,Program-terminating functions should not be used,,,Easy, +cpp,MISRA-C++-2023,RULE-19-0-1,No,Required,Decidable,Single Translation Unit,A line whose first token is # shall be a valid preprocessing directive,,,, +cpp,MISRA-C++-2023,RULE-19-0-2,Yes,Required,Decidable,Single Translation Unit,Function-like macros shall not be defined,,,Import, +cpp,MISRA-C++-2023,RULE-19-0-3,Yes,Advisory,Decidable,Single Translation Unit,#include directives should only be preceded by preprocessor directives or comments,,,Import, +cpp,MISRA-C++-2023,RULE-19-0-4,Yes,Advisory,Decidable,Single Translation Unit,#undef should only be used for macros defined previously in the same file,,,Easy, +cpp,MISRA-C++-2023,RULE-19-1-1,Yes,Required,Decidable,Single Translation Unit,The defined preprocessor operator shall be used appropriately,,,Easy, +cpp,MISRA-C++-2023,RULE-19-1-2,No,Required,Decidable,Single Translation Unit,"All #else, #elif and #endif preprocessor directives shall reside in the same file as the #if, #ifdef or #ifndef directive to which they are related",,,, +cpp,MISRA-C++-2023,RULE-19-1-3,Yes,Required,Decidable,Single Translation Unit,All identifiers used in the controlling expression of #if or #elif preprocessing directives shall be defined prior to evaluation,,,Import, +cpp,MISRA-C++-2023,RULE-19-2-1,Yes,Required,Decidable,Single Translation Unit,Precautions shall be taken in order to prevent the contents of a header file being included more than once,,,Easy, +cpp,MISRA-C++-2023,RULE-19-2-2,Yes,Required,Decidable,Single Translation Unit,"The #include directive shall be followed by either a or ""filename"" sequence",,,Easy, +cpp,MISRA-C++-2023,RULE-19-2-3,Yes,Required,Decidable,Single Translation Unit,"The ' or "" or \ characters and the /* or // character sequences shall not occur in a header file name",,,Import, +cpp,MISRA-C++-2023,RULE-19-3-1,Yes,Advisory,Decidable,Single Translation Unit,The # and ## preprocessor operators should not be used,,,Import, +cpp,MISRA-C++-2023,RULE-19-3-2,Yes,Required,Decidable,Single Translation Unit,A macro parameter immediately following a # operator shall not be immediately followed by a ## operator,,,Import, +cpp,MISRA-C++-2023,RULE-19-3-3,Yes,Required,Decidable,Single Translation Unit,The argument to a mixed-use macro parameter shall not be subject to further expansion,,,Import, +cpp,MISRA-C++-2023,RULE-19-3-4,Yes,Required,Decidable,Single Translation Unit,Parentheses shall be used to ensure macro arguments are expanded appropriately,,,Medium, +cpp,MISRA-C++-2023,RULE-19-3-5,Yes,Required,Decidable,Single Translation Unit,Tokens that look like a preprocessing directive shall not occur within a macro argument,,,Import, +cpp,MISRA-C++-2023,RULE-19-6-1,Yes,Advisory,Decidable,Single Translation Unit,The #pragma directive and the _Pragma operator should not be used,,,Easy, +cpp,MISRA-C++-2023,RULE-21-2-1,Yes,Required,Decidable,Single Translation Unit,"The library functions atof, atoi, atol and atoll from shall not be used",,,Import, +cpp,MISRA-C++-2023,RULE-21-2-2,Yes,Required,Decidable,Single Translation Unit,"The string handling functions from , , and shall not be used",,,Easy, +cpp,MISRA-C++-2023,RULE-21-2-3,Yes,Required,Decidable,Single Translation Unit,The library function system from shall not be used,,,Easy, +cpp,MISRA-C++-2023,RULE-21-2-4,Yes,Required,Decidable,Single Translation Unit,The macro offsetof shall not be used,,,Import, +cpp,MISRA-C++-2023,RULE-21-6-1,Yes,Advisory,Undecidable,Single Translation Unit,Dynamic memory should not be used,,,Easy, +cpp,MISRA-C++-2023,RULE-21-6-2,Yes,Required,Decidable,Single Translation Unit,Dynamic memory shall be managed automatically,,,Easy, +cpp,MISRA-C++-2023,RULE-21-6-3,Yes,Required,Decidable,Single Translation Unit,Advanced memory management shall not be used,,,Medium, +cpp,MISRA-C++-2023,RULE-21-6-4,Yes,Required,Decidable,System,"If a project defines either a sized or unsized version of a global operator delete, then both shall be defined",,,Import, +cpp,MISRA-C++-2023,RULE-21-6-5,Yes,Required,Decidable,Single Translation Unit,A pointer to an incomplete class type shall not be deleted,,,Import, +cpp,MISRA-C++-2023,RULE-21-10-1,Yes,Required,Decidable,Single Translation Unit,The features of shall not be used,,,Easy, +cpp,MISRA-C++-2023,RULE-21-10-2,Yes,Required,Decidable,Single Translation Unit,The standard header file shall not be used,,,Easy, +cpp,MISRA-C++-2023,RULE-21-10-3,Yes,Required,Decidable,Single Translation Unit,The facilities provided by the standard header file shall not be used,,,Import, +cpp,MISRA-C++-2023,RULE-22-3-1,Yes,Required,Decidable,Single Translation Unit,The assert macro shall not be used with a constant-expression,,,Easy, +cpp,MISRA-C++-2023,RULE-22-4-1,Yes,Required,Decidable,Single Translation Unit,The literal value zero shall be the only value assigned to errno,,,Easy, +cpp,MISRA-C++-2023,RULE-23-11-1,Yes,Advisory,Decidable,Single Translation Unit,The raw pointer constructors of std::shared_ptr and std::unique_ptr should not be used,,,Easy, +cpp,MISRA-C++-2023,RULE-24-5-1,Yes,Required,Decidable,Single Translation Unit,The character handling functions from and shall not be used,,,Easy, +cpp,MISRA-C++-2023,RULE-24-5-2,Yes,Required,Decidable,Single Translation Unit,"The C++ Standard Library functions memcpy, memmove and memcmp from shall not be used",,,Easy, +cpp,MISRA-C++-2023,RULE-25-5-1,Yes,Required,Decidable,Single Translation Unit,The setlocale and std::locale::global functions shall not be called,,,Easy, +cpp,MISRA-C++-2023,RULE-25-5-2,Yes,Mandatory,Decidable,Single Translation Unit,"The pointers returned by the C++ Standard Library functions localeconv, getenv, setlocale or strerror must only be used as if they have pointer to const-qualified type",,,Import, +cpp,MISRA-C++-2023,RULE-25-5-3,Yes,Mandatory,Undecidable,System,"The pointer returned by the C++ Standard Library functions asctime, ctime, gmtime, localtime, localeconv, getenv, setlocale or strerror must not be used following a subsequent call to the same function",,,Import, +cpp,MISRA-C++-2023,RULE-26-3-1,Yes,Advisory,Decidable,Single Translation Unit,std::vector should not be specialized with bool,,,Import, +cpp,MISRA-C++-2023,RULE-28-3-1,Yes,Required,Undecidable,System,Predicates shall not have persistent side effects,,,Easy, +cpp,MISRA-C++-2023,RULE-28-6-1,Yes,Required,Decidable,Single Translation Unit,The argument to std::move shall be a non-const lvalue,,,Easy, +cpp,MISRA-C++-2023,RULE-28-6-2,Yes,Required,Decidable,Single Translation Unit,Forwarding references and std::forward shall be used together,,,Import, +cpp,MISRA-C++-2023,RULE-28-6-3,Yes,Required,Decidable,Single Translation Unit,An object shall not be used while in a potentially moved-from state,,,Import, +cpp,MISRA-C++-2023,RULE-28-6-4,Yes,Required,Decidable,Single Translation Unit,"The result of std::remove, std::remove_if, std::unique and empty shall be used",,,Easy, +cpp,MISRA-C++-2023,RULE-30-0-1,Yes,Required,Decidable,Single Translation Unit,The C Library input/output functions shall not be used,,,Import, +cpp,MISRA-C++-2023,RULE-30-0-2,Yes,Required,Undecidable,System,Reads and writes on the same file stream shall be separated by a positioning operation,,,Import, \ No newline at end of file From 6a0804068ad608dd9014093ff3e160b6452b5694 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Mon, 6 May 2024 14:12:43 -0400 Subject: [PATCH 1795/2573] STR32-C: reduce false negative related to realloc model --- ...lTerminatedToFunctionThatExpectsAString.ql | 103 ++++++++++++++---- ...natedToFunctionThatExpectsAString.expected | 38 ++++--- c/cert/test/rules/STR32-C/test.c | 38 ++++++- change_notes/2024-05-06-fix-fn-31-STR32C.md | 2 + .../cpp/PossiblyUnsafeStringOperation.qll | 21 ++-- 5 files changed, 156 insertions(+), 46 deletions(-) create mode 100644 change_notes/2024-05-06-fix-fn-31-STR32C.md diff --git a/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql b/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql index d661edade5..b5f246ca65 100644 --- a/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql +++ b/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql @@ -17,6 +17,7 @@ import codingstandards.c.cert import codingstandards.cpp.Naming import codingstandards.cpp.dataflow.TaintTracking import codingstandards.cpp.PossiblyUnsafeStringOperation +import semmle.code.cpp.valuenumbering.GlobalValueNumbering /** * Models a function that is part of the standard library that expects a @@ -43,32 +44,90 @@ class ExpectsNullTerminatedStringAsArgumentFunctionCall extends FunctionCall { Expr getAnExpectingExpr() { result = e } } -from ExpectsNullTerminatedStringAsArgumentFunctionCall fc, Expr e, Expr target -where - target = fc.getAnExpectingExpr() and - not isExcluded(fc, Strings1Package::nonNullTerminatedToFunctionThatExpectsAStringQuery()) and - ( - exists(PossiblyUnsafeStringOperation op | - // don't report violations of the same function call. - not op = fc and - e = op and - TaintTracking::localTaint(DataFlow::exprNode(op.getAnArgument()), DataFlow::exprNode(target)) +class PossiblyUnsafeStringOperationSource extends Source { + PossiblyUnsafeStringOperation op; + + PossiblyUnsafeStringOperationSource() { this.asExpr() = op.getAnArgument() } + + PossiblyUnsafeStringOperation getOp() { result = op } +} + +class CharArraySource extends Source { + CharArrayInitializedWithStringLiteral op; + + CharArraySource() { + op.getContainerLength() <= op.getStringLiteralLength() and + this.asExpr() = op + } +} + +abstract class Source extends DataFlow::Node { } + +class Sink extends DataFlow::Node { + Sink() { + exists(ExpectsNullTerminatedStringAsArgumentFunctionCall fc | + fc.getAnExpectingExpr() = this.asExpr() ) - or - exists(CharArrayInitializedWithStringLiteral op | - e = op and - op.getContainerLength() <= op.getStringLiteralLength() and - TaintTracking::localTaint(DataFlow::exprNode(op), DataFlow::exprNode(target)) + } +} + +module MyFlowConfiguration implements DataFlow::ConfigSig { + predicate isSink(DataFlow::Node sink) { + sink instanceof Sink and + //don't report violations of the same function call + not sink instanceof Source + } + + predicate isSource(DataFlow::Node source) { source instanceof Source } + + predicate isAdditionalFlowStep(DataFlow::Node innode, DataFlow::Node outnode) { + exists(FunctionCall realloc, ReallocFunction fn | + fn.getACallToThisFunction() = realloc and + realloc.getArgument(0) = innode.asExpr() and + realloc = outnode.asExpr() ) - ) and - // don't report cases flowing to this node where there is a flow from a - // literal assignment of a null terminator - not exists(AssignExpr aexp | + } +} + +class ReallocFunction extends AllocationFunction { + ReallocFunction() { exists(this.getReallocPtrArg()) } +} + +/** + * Determines if the string is acceptably null terminated + * The only condition we accept as a guarantee to null terminate is: + * `str[size_expr] = '\0';` + * where we do not check the value of the `size_expr` used + */ +predicate isGuarded(Expr guarded, Expr source) { + exists(AssignExpr aexp | aexp.getLValue() instanceof ArrayExpr and aexp.getRValue() instanceof Zero and - TaintTracking::localTaint(DataFlow::exprNode(aexp.getRValue()), DataFlow::exprNode(target)) and - // this must be AFTER the operation causing the non-null termination to be valid. - aexp.getAPredecessor*() = e + // this must be AFTER the operation causing the non-null termination + aexp.getAPredecessor+() = source and + //this guards anything after it + aexp.getASuccessor+() = guarded and + // no reallocs exist after this because they will be conservatively assumed to make the buffer smaller and remove the likliehood of this properly terminating + not exists(ReallocFunction realloc, FunctionCall fn | + fn = realloc.getACallToThisFunction() and + globalValueNumber(aexp.getLValue().(ArrayExpr).getArrayBase()) = + globalValueNumber(fn.getArgument(0)) and + aexp.getASuccessor+() = fn + ) ) +} + +module MyFlow = TaintTracking::Global; + +from + DataFlow::Node source, DataFlow::Node sink, ExpectsNullTerminatedStringAsArgumentFunctionCall fc, + Expr e +where + MyFlow::flow(source, sink) and + sink.asExpr() = fc.getAnExpectingExpr() and + not isGuarded(sink.asExpr(), source.asExpr()) and + if source instanceof PossiblyUnsafeStringOperationSource + then e = source.(PossiblyUnsafeStringOperationSource).getOp() + else e = source.asExpr() select fc, "String modified by $@ is passed to function expecting a null-terminated string.", e, "this expression" diff --git a/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected b/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected index 4099e3fb1a..8409d95628 100644 --- a/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected +++ b/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected @@ -1,16 +1,22 @@ -| test.c:19:3:19:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:7:20:7:24 | Cod | this expression | -| test.c:20:3:20:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:7:20:7:24 | Cod | this expression | -| test.c:22:3:22:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:13:3:13:9 | call to strncpy | this expression | -| test.c:23:3:23:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:13:3:13:9 | call to strncpy | this expression | -| test.c:24:3:24:8 | call to strlen | String modified by $@ is passed to function expecting a null-terminated string. | test.c:13:3:13:9 | call to strncpy | this expression | -| test.c:33:3:33:9 | call to wprintf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:30:24:30:29 | Cod | this expression | -| test.c:46:3:46:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:41:3:41:10 | call to snprintf | this expression | -| test.c:47:3:47:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:41:3:41:10 | call to snprintf | this expression | -| test.c:55:3:55:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:53:3:53:9 | call to strncat | this expression | -| test.c:56:3:56:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:53:3:53:9 | call to strncat | this expression | -| test.c:62:3:62:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:60:20:60:24 | Cod | this expression | -| test.c:63:3:63:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:60:20:60:24 | Cod | this expression | -| test.c:75:3:75:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:72:20:72:24 | Cod | this expression | -| test.c:76:3:76:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:72:20:72:24 | Cod | this expression | -| test.c:85:3:85:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:83:3:83:9 | call to strncpy | this expression | -| test.c:86:3:86:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:83:3:83:9 | call to strncpy | this expression | +| test.c:20:3:20:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:8:20:8:24 | Cod | this expression | +| test.c:21:3:21:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:8:20:8:24 | Cod | this expression | +| test.c:23:3:23:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:14:3:14:9 | call to strncpy | this expression | +| test.c:24:3:24:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:14:3:14:9 | call to strncpy | this expression | +| test.c:25:3:25:8 | call to strlen | String modified by $@ is passed to function expecting a null-terminated string. | test.c:14:3:14:9 | call to strncpy | this expression | +| test.c:34:3:34:9 | call to wprintf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:31:24:31:29 | Cod | this expression | +| test.c:47:3:47:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:42:3:42:10 | call to snprintf | this expression | +| test.c:48:3:48:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:42:3:42:10 | call to snprintf | this expression | +| test.c:56:3:56:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:54:3:54:9 | call to strncat | this expression | +| test.c:57:3:57:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:54:3:54:9 | call to strncat | this expression | +| test.c:63:3:63:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:61:20:61:24 | Cod | this expression | +| test.c:64:3:64:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:61:20:61:24 | Cod | this expression | +| test.c:76:3:76:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:73:20:73:24 | Cod | this expression | +| test.c:77:3:77:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:73:20:73:24 | Cod | this expression | +| test.c:86:3:86:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:84:3:84:9 | call to strncpy | this expression | +| test.c:87:3:87:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:84:3:84:9 | call to strncpy | this expression | +| test.c:95:3:95:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:93:17:93:21 | Cod | this expression | +| test.c:95:3:95:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:94:3:94:9 | call to strncpy | this expression | +| test.c:98:3:98:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:93:17:93:21 | Cod | this expression | +| test.c:98:3:98:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:94:3:94:9 | call to strncpy | this expression | +| test.c:122:3:122:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:117:17:117:21 | Cod | this expression | +| test.c:122:3:122:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:118:3:118:9 | call to strncpy | this expression | diff --git a/c/cert/test/rules/STR32-C/test.c b/c/cert/test/rules/STR32-C/test.c index 288ef7e5e0..ea72abe201 100644 --- a/c/cert/test/rules/STR32-C/test.c +++ b/c/cert/test/rules/STR32-C/test.c @@ -1,4 +1,5 @@ #include +#include #include #include @@ -84,4 +85,39 @@ f5() { printf("%s", a1_nnt); // NON_COMPLIANT printf(a1_nnt); // NON_COMPLIANT -} \ No newline at end of file +} + +void test_fn_reported_in_31_simple() { + char *str; + str = (char *)malloc(3); + char a31[3] = "Cod"; // is NOT null terminated + strncpy(str, a31, 3); + printf(str); // NON_COMPLIANT + size_t cur_msg_size = 1024; + str = realloc(str, (cur_msg_size / 2 + 1) * sizeof(char)); + printf(str); // NON_COMPLIANT +} + +void test_fn_reported_in_31_simple_safe() { + char *str; + str = (char *)malloc(3); + char a31[3] = "Cod"; // is NOT null terminated + strncpy(str, a31, 3); + size_t cur_msg_size = 1024; + size_t temp_size = cur_msg_size / 2 + 1; + str = realloc(str, temp_size * sizeof(char)); + str[temp_size - 1] = L'\0'; // Properly null-terminate str + printf(str); // COMPLIANT +} + +void test_fn_reported_in_31_simple_relloc() { + char *str; + size_t cur_msg_size = 1024; + str = (char *)malloc(cur_msg_size); + char a31[3] = "Cod"; // is NOT null terminated + strncpy(str, a31, 3); + str[cur_msg_size - 1] = L'\0'; // Properly null-terminate str + size_t temp_size = cur_msg_size / 2 + 1; + str = realloc(str, temp_size * sizeof(char)); + printf(str); // NON_COMPLIANT +} diff --git a/change_notes/2024-05-06-fix-fn-31-STR32C.md b/change_notes/2024-05-06-fix-fn-31-STR32C.md new file mode 100644 index 0000000000..93dcca62c8 --- /dev/null +++ b/change_notes/2024-05-06-fix-fn-31-STR32C.md @@ -0,0 +1,2 @@ +- `STR32-C` - `NonNullTerminatedToFunctionThatExpectsAString.ql`: + - Fixes #31. Realloc and null termination were not modelled previously. \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/PossiblyUnsafeStringOperation.qll b/cpp/common/src/codingstandards/cpp/PossiblyUnsafeStringOperation.qll index ab454957e1..b790a4e02d 100644 --- a/cpp/common/src/codingstandards/cpp/PossiblyUnsafeStringOperation.qll +++ b/cpp/common/src/codingstandards/cpp/PossiblyUnsafeStringOperation.qll @@ -37,18 +37,25 @@ class PossiblyUnsafeStringOperation extends FunctionCall { bwc.getTarget() instanceof StrcatFunction or // Case 2: Consider the `strncpy(dest, src, n)` function. We do not - // consider `strcpy` since it is a banned function. The behavior of - // strncpy(dest, src, n) is that it will copy null terminators only if n - // > sizeof(src). If `src` is null-terminated then it will be null - // terminated if n >= sizeof(src). We take the conservative approach and - // use strictly greater. Thus this can be violated under the condition - // that n < strlen(src). Note that a buffer overflow is possible if + // consider `strcpy` since it is a banned function. + // We cannot know if the string is already null terminated or not and thus + // the conservative assumption is that it is not + // The behavior of strncpy(dest, src, n) is that if sizeof(src) < n + // then it will fill remainder of dst with ‘\0’ characters + // ie it is only in this case that it is guaranteed to null terminate + // Otherwise, dst is not terminated + // If `src` is already null-terminated then it will be null + // terminated if n >= sizeof(src). but we do not assume on this. + // Note that a buffer overflow is possible if // `n` is greater than sizeof(dest). The point of this query is not to // check for buffer overflows but we would certainly want to indicate // this would be a case where a string will not be null terminated. bwc.getTarget() instanceof StrcpyFunction and ( - (bwc.getExplicitLimit() / bwc.getCharSize()) < getBufferSize(src, _) or + // n <= sizeof(src) might not null terminate + (bwc.getExplicitLimit() / bwc.getCharSize()) <= getBufferSize(src, _) + or + // sizeof(dest) < n might not null terminate getBufferSize(dest, _) < (bwc.getExplicitLimit() / bwc.getCharSize()) ) or From 31d2f57cd81947c4311c217a031cacd859297659 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Mon, 6 May 2024 14:14:51 -0400 Subject: [PATCH 1796/2573] STR32-C: ammend change note --- change_notes/2024-05-06-fix-fn-31-STR32C.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/change_notes/2024-05-06-fix-fn-31-STR32C.md b/change_notes/2024-05-06-fix-fn-31-STR32C.md index 93dcca62c8..5abb1f2137 100644 --- a/change_notes/2024-05-06-fix-fn-31-STR32C.md +++ b/change_notes/2024-05-06-fix-fn-31-STR32C.md @@ -1,2 +1,2 @@ - `STR32-C` - `NonNullTerminatedToFunctionThatExpectsAString.ql`: - - Fixes #31. Realloc and null termination were not modelled previously. \ No newline at end of file + - Fixes #31. Realloc was not modelled previously. \ No newline at end of file From ab892cae8f5703f9cf4c7d2a59f4552bd5619a88 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Mon, 6 May 2024 17:37:32 -0400 Subject: [PATCH 1797/2573] Update cpp/autosar/src/rules/M9-3-3/MemberFunctionConstIfPossible.ql Co-authored-by: Remco Vermeulen --- cpp/autosar/src/rules/M9-3-3/MemberFunctionConstIfPossible.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/src/rules/M9-3-3/MemberFunctionConstIfPossible.ql b/cpp/autosar/src/rules/M9-3-3/MemberFunctionConstIfPossible.ql index 596879d5fd..3c8bab4d1f 100644 --- a/cpp/autosar/src/rules/M9-3-3/MemberFunctionConstIfPossible.ql +++ b/cpp/autosar/src/rules/M9-3-3/MemberFunctionConstIfPossible.ql @@ -65,7 +65,7 @@ class ConstMemberFunctionCandidate extends NonConstMemberFunction { // For uninstantiated templates we have only partial information that prevents us from determining // if the candidate calls non-const functions. Therefore we exclude these. not this.isFromUninstantiatedTemplate(_) and - //cannot recommend const if it returns a nonconst reference + // Cannot recommend const if it returns a non-const reference. not this.getType() instanceof NonConstReferenceType } From 0deee2c074da7728e80cf21400eba1e6cc689b4c Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Tue, 7 May 2024 10:42:14 +0000 Subject: [PATCH 1798/2573] Support MISRA C++ 2023 in generation scripts --- .../generate_rules/generate_package_description.py | 14 ++++++++++++-- scripts/generate_rules/generate_package_files.py | 6 +++++- 2 files changed, 17 insertions(+), 3 deletions(-) diff --git a/scripts/generate_rules/generate_package_description.py b/scripts/generate_rules/generate_package_description.py index 20c9adc065..bf993af574 100644 --- a/scripts/generate_rules/generate_package_description.py +++ b/scripts/generate_rules/generate_package_description.py @@ -110,6 +110,8 @@ def generate_short_name(title): print("Error: " + standard + " " + rule_id + " is marked as part of package " + package_name + " but is not marked as supportable.") sys.exit(1) + tags = [] + # Add the AUTOSAR obligation, enforcement and allocated target as query properties. properties = {} if obligation_level: @@ -117,7 +119,15 @@ def generate_short_name(title): if enforcement_level: properties["enforcement"] = enforcement_level.lower() if allocated_targets: - properties["allocated-target"] = [target.strip(' ').lower() for target in allocated_targets.split("/")] + if allocated_targets == "Single Translation Unit": + # MISRA C++ 2023 uses the allocated targets field for scope + tags.append("scope/single-translation-unit") + elif allocated_targets == "System": + # MISRA C++ 2023 uses the allocated targets field for scope + tags.append("scope/system") + else: + properties["allocated-target"] = [target.strip(' ').lower() for target in allocated_targets.split("/")] + if difficulty == "Audit": properties["audit"] = "" @@ -164,7 +174,7 @@ def generate_short_name(title): "severity" : severity, "description" : description, "kind" : "problem", - "tags" : [] + "tags" : tags } ] } diff --git a/scripts/generate_rules/generate_package_files.py b/scripts/generate_rules/generate_package_files.py index 6dabec0a92..ed8bb625bd 100644 --- a/scripts/generate_rules/generate_package_files.py +++ b/scripts/generate_rules/generate_package_files.py @@ -58,11 +58,15 @@ "MISRA-C-2012" : { "standard_title" : "MISRA-C:2012 Guidelines for the use of the C language in critical systems", "standard_url" : "https://www.misra.org.uk/" + }, + "MISRA-C++-2023" : { + "standard_title" : "MISRA C++:2023 Guidelines for the use C++:17 in critical systems", + "standard_url" : "https://misra.org.uk/product/misra-cpp2023/" } } # The help files of these standards cannot be distributed in our repository. -external_help_file_standards = ["AUTOSAR", "MISRA-C-2012"] +external_help_file_standards = ["AUTOSAR", "MISRA-C-2012", "MISRA-C++-2023"] # Mapping from the QL language to source file extension used to generate a help example file. ql_language_ext_mappings = { From 86bf6aa5e4ae128ec883ec54d25045410c39aa19 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Tue, 7 May 2024 10:42:51 +0000 Subject: [PATCH 1799/2573] Update MISRA C++ pack to 2023. --- cpp/misra/src/codeql-suites/misra-default.qls | 10 ++++++++++ .../codeql-suites/misra-single-translation-unit.qls | 12 ++++++++++++ cpp/misra/src/misra.qll | 4 ++++ cpp/misra/src/misra/Customizations.qll | 8 ++++++++ cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/options | 1 + 6 files changed, 36 insertions(+), 1 deletion(-) create mode 100644 cpp/misra/src/codeql-suites/misra-default.qls create mode 100644 cpp/misra/src/codeql-suites/misra-single-translation-unit.qls create mode 100644 cpp/misra/src/misra.qll create mode 100644 cpp/misra/src/misra/Customizations.qll create mode 100644 cpp/misra/test/options diff --git a/cpp/misra/src/codeql-suites/misra-default.qls b/cpp/misra/src/codeql-suites/misra-default.qls new file mode 100644 index 0000000000..670b043caa --- /dev/null +++ b/cpp/misra/src/codeql-suites/misra-default.qls @@ -0,0 +1,10 @@ +- description: MISRA C++ 2023 (Default) +- qlpack: codeql/misra-cpp-coding-standards +- include: + kind: + - problem + - path-problem +- exclude: + tags contain: + - external/misra/audit + - external/misra/default-disabled diff --git a/cpp/misra/src/codeql-suites/misra-single-translation-unit.qls b/cpp/misra/src/codeql-suites/misra-single-translation-unit.qls new file mode 100644 index 0000000000..0782dd876d --- /dev/null +++ b/cpp/misra/src/codeql-suites/misra-single-translation-unit.qls @@ -0,0 +1,12 @@ +- description: MISRA C++ 2023 (Single Translation Unit) +- qlpack: codeql/misra-cpp-coding-standards +- include: + kind: + - problem + - path-problem + tags contain: + - scope/single-translation-unit +- exclude: + tags contain: + - external/misra/audit + - external/misra/default-disabled diff --git a/cpp/misra/src/misra.qll b/cpp/misra/src/misra.qll new file mode 100644 index 0000000000..e48b094ebc --- /dev/null +++ b/cpp/misra/src/misra.qll @@ -0,0 +1,4 @@ +import cpp +import misra.Customizations +import codingstandards.cpp.CodingStandards +import codingstandards.cpp.exclusions.cpp.RuleMetadata \ No newline at end of file diff --git a/cpp/misra/src/misra/Customizations.qll b/cpp/misra/src/misra/Customizations.qll new file mode 100644 index 0000000000..b95d1bb3b3 --- /dev/null +++ b/cpp/misra/src/misra/Customizations.qll @@ -0,0 +1,8 @@ +/** + * Contains customizations to the MISRA C++ query rules. + * + * This module is imported by `misra.qll`, so any customizations defined here + * automatically apply to all MISRA C++ queries. + */ + +import cpp diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index e2e6e58b0a..382dc41122 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,6 +1,6 @@ name: codeql/misra-cpp-coding-standards version: 2.28.0-dev -description: MISRA C++ 2008 +description: MISRA C++ 2023 suites: codeql-suites license: MIT dependencies: diff --git a/cpp/misra/test/options b/cpp/misra/test/options new file mode 100644 index 0000000000..59fc70d386 --- /dev/null +++ b/cpp/misra/test/options @@ -0,0 +1 @@ +semmle-extractor-options:--clang -std=c++17 -nostdinc++ -I../../../../common/test/includes/standard-library -I../../../../common/test/includes/custom-library \ No newline at end of file From 839f02a709187b2c03944e532d0b36ed74ab980f Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 26 Apr 2024 09:30:05 -0700 Subject: [PATCH 1800/2573] Precompile the queries for distribution With the upgrade of the CLI the location of cache changed causing it to no longer be part of the distribution archive. By precompiling the queries each `.ql` file will have a compiled `.qlx` file. --- .github/workflows/code-scanning-pack-gen.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index ec665a95d1..1fd57cf755 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -99,8 +99,8 @@ jobs: run: | PATH=$PATH:$CODEQL_HOME/codeql - codeql query compile --threads 0 cpp - codeql query compile --threads 0 c + codeql query compile --precompile --threads 0 cpp + codeql query compile --precompile --threads 0 c cd .. zip -r codeql-coding-standards/code-scanning-cpp-query-pack.zip codeql-coding-standards/c/ codeql-coding-standards/cpp/ codeql-coding-standards/.codeqlmanifest.json codeql-coding-standards/supported_codeql_configs.json codeql-coding-standards/scripts/configuration codeql-coding-standards/scripts/reports codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/guideline_recategorization codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/schemas From 7f2099ff156503753e542886b4ddf0c97e67e7aa Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 7 May 2024 13:24:22 -0400 Subject: [PATCH 1801/2573] M9-3-3: add testcase clarification note --- cpp/autosar/test/rules/M9-3-3/test.cpp | 1 + 1 file changed, 1 insertion(+) diff --git a/cpp/autosar/test/rules/M9-3-3/test.cpp b/cpp/autosar/test/rules/M9-3-3/test.cpp index f37fd3ac66..5469b41d5c 100644 --- a/cpp/autosar/test/rules/M9-3-3/test.cpp +++ b/cpp/autosar/test/rules/M9-3-3/test.cpp @@ -210,6 +210,7 @@ class Z4 { }; void fp_reported_in_381() { + // added to test template initialization effects/lack thereof Z4 z; int i = z.front(); z.fill(i); From 3e992f858958f355b03e0c3df4207479d8928976 Mon Sep 17 00:00:00 2001 From: knewbury01 Date: Wed, 8 May 2024 20:19:41 +0000 Subject: [PATCH 1802/2573] Bump version to 2.29.0-dev --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- docs/user_manual.md | 12 ++++++------ 16 files changed, 21 insertions(+), 21 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index 0dcbe0087a..dbe17ca2fb 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards -version: 2.28.0-dev +version: 2.29.0-dev description: CERT C 2016 suites: codeql-suites license: MIT diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index 49fcdb84ec..a84477a767 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards-tests -version: 2.28.0-dev +version: 2.29.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 3d2b9dafe8..dbb5883476 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards -version: 2.28.0-dev +version: 2.29.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index 10db75d3d8..fbba717665 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards-tests -version: 2.28.0-dev +version: 2.29.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 8e5b0b3f4d..99fed4df73 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards -version: 2.28.0-dev +version: 2.29.0-dev description: MISRA C 2012 suites: codeql-suites license: MIT diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index eda99b647a..008295d695 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards-tests -version: 2.28.0-dev +version: 2.29.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index bca828302a..c6e3fdb38d 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards -version: 2.28.0-dev +version: 2.29.0-dev description: AUTOSAR C++14 Guidelines R22-11, R21-11, R20-11, R19-11 and R19-03 suites: codeql-suites license: MIT diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index 36b54cd0a6..cd5847c2a4 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards-tests -version: 2.28.0-dev +version: 2.29.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index a3e916510b..cca8343a99 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards -version: 2.28.0-dev +version: 2.29.0-dev description: CERT C++ 2016 suites: codeql-suites license: MIT diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index 287b2e6c93..225e9157b9 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards-tests -version: 2.28.0-dev +version: 2.29.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index 0c30772356..548ea472a4 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards -version: 2.28.0-dev +version: 2.29.0-dev license: MIT dependencies: codeql/cpp-all: 0.9.3 diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index 28497835bc..b4aff929bd 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards-tests -version: 2.28.0-dev +version: 2.29.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index e2e6e58b0a..87e281357a 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards -version: 2.28.0-dev +version: 2.29.0-dev description: MISRA C++ 2008 suites: codeql-suites license: MIT diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index e90f340cd4..f8015a2a97 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards-tests -version: 2.28.0-dev +version: 2.29.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index 167258e146..d2a0b35dbc 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/report-cpp-coding-standards -version: 2.28.0-dev +version: 2.29.0-dev license: MIT dependencies: codeql/cpp-all: 0.9.3 diff --git a/docs/user_manual.md b/docs/user_manual.md index d790454afd..2112f23c18 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -29,13 +29,13 @@ ## Release information -This user manual documents release `2.28.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). +This user manual documents release `2.29.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). The release page documents the release notes and contains the following artifacts part of the release: -- `code-scanning-cpp-query-pack-2.28.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `supported_rules_list_2.28.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. -- `supported_rules_list_2.28.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. -- `user_manual_2.28.0-dev.md`: This user manual. +- `code-scanning-cpp-query-pack-2.29.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. +- `supported_rules_list_2.29.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. +- `supported_rules_list_2.29.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. +- `user_manual_2.29.0-dev.md`: This user manual. - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards - `checksums.txt`: A text file containing sha256 checksums for the aforementioned artifacts. @@ -496,7 +496,7 @@ This section describes known failure modes for "CodeQL Coding Standards" and des | | Ouf of space | Less output. Some files may be only be partially analyzed, or not analyzed at all. | Error reported on the command line. | Increase space. If it remains an issue report space consumption issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False positives | More output. Results are reported which are not violations of the guidelines. | All reported results must be reviewed. | Report false positive issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False negatives | Less output. Violations of the guidelines are not reported. | Other validation and verification processes during software development should be used to complement the analysis performed by CodeQL Coding Standards. | Report false negative issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | -| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.28.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | +| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.29.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | | | Incorrect deviation record specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation records with a reason. Ensure that all deviation records are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Incorrect deviation permit specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation permits with a reason. Ensure that all deviation permits are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Unapproved use of a deviation record | Less output. Results for guideline violations are not reported. | Validate that the deviation record use is approved by verifying the approved-by attribute of the deviation record specification. | Ensure that each raised deviation record is approved by an independent approver through an auditable process. | From e4e30c4fed8449e578c8e63c8d0f1700967ff633 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Fri, 10 May 2024 18:25:12 +0200 Subject: [PATCH 1803/2573] MISRA C++ 2023 pack structure --- cpp/common/test/options | 1 + .../src/{ => codingstandards/cpp}/misra.qll | 0 .../cpp}/misra/Customizations.qll | 0 docs/design/guideline_recategorization.md | 2 +- rules.csv | 2 +- schemas/rule-package.schema.json | 49 +++++++++++++++++++ scripts/reports/utils.py | 2 +- 7 files changed, 53 insertions(+), 3 deletions(-) create mode 100644 cpp/common/test/options rename cpp/misra/src/{ => codingstandards/cpp}/misra.qll (100%) rename cpp/misra/src/{ => codingstandards/cpp}/misra/Customizations.qll (100%) diff --git a/cpp/common/test/options b/cpp/common/test/options new file mode 100644 index 0000000000..59fc70d386 --- /dev/null +++ b/cpp/common/test/options @@ -0,0 +1 @@ +semmle-extractor-options:--clang -std=c++17 -nostdinc++ -I../../../../common/test/includes/standard-library -I../../../../common/test/includes/custom-library \ No newline at end of file diff --git a/cpp/misra/src/misra.qll b/cpp/misra/src/codingstandards/cpp/misra.qll similarity index 100% rename from cpp/misra/src/misra.qll rename to cpp/misra/src/codingstandards/cpp/misra.qll diff --git a/cpp/misra/src/misra/Customizations.qll b/cpp/misra/src/codingstandards/cpp/misra/Customizations.qll similarity index 100% rename from cpp/misra/src/misra/Customizations.qll rename to cpp/misra/src/codingstandards/cpp/misra/Customizations.qll diff --git a/docs/design/guideline_recategorization.md b/docs/design/guideline_recategorization.md index f520869f39..e488cf88de 100644 --- a/docs/design/guideline_recategorization.md +++ b/docs/design/guideline_recategorization.md @@ -101,7 +101,7 @@ The *effective category* is the category whose policy is applied during the eval The policy of a category dictates if a result can be deviated from and implements the effect described in the design section. The existing exclusion mechanism implemented in the predicate `isExcluded` defined in the `Exclusions.qll` library will be updated to consider the applicable policy of a guideline. -Note: This changes the behavior of deviations which will no longer have an impact on Mandatory guidelines! However, this will only affect MISRA C rules because there are no MISRA C++ Guidelines with a Mandatory category. +Note: This changes the behavior of deviations which will no longer have an impact on Mandatory MISRA guidelines! ### Specification validation diff --git a/rules.csv b/rules.csv index 913aa27282..2fcf32c915 100644 --- a/rules.csv +++ b/rules.csv @@ -774,7 +774,7 @@ c,MISRA-C-2012,RULE-22-7,Yes,Required,,,The macro EOF shall only be compared wit c,MISRA-C-2012,RULE-22-8,Yes,Required,,,The value of errno shall be set to zero prior to a call to an errno-setting-function,ERR30-C,Contracts3,Medium, c,MISRA-C-2012,RULE-22-9,Yes,Required,,,The value of errno shall be tested against zero after calling an errno-setting-function,,Contracts3,Medium, c,MISRA-C-2012,RULE-22-10,Yes,Required,,,The value of errno shall only be tested when the last function to be called was an errno-setting-function,,Contracts3,Medium, -cpp,MISRA-C++-2023,RULE-0-0-1,Yes,Required,Decidable,Single Translation Unit,A function shall not contain unreachable statements,,,Medium, +cpp,MISRA-C++-2023,RULE-0-0-1,Yes,Required,Decidable,Single Translation Unit,A function shall not contain unreachable statements,,DeadCode,Medium, cpp,MISRA-C++-2023,RULE-0-0-2,Yes,Advisory,Undecidable,System,Controlling expressions should not be invariant,,,Easy, cpp,MISRA-C++-2023,RULE-0-1-1,Yes,Advisory,Undecidable,System,A value should not be unnecessarily written to a local object,,,Medium, cpp,MISRA-C++-2023,RULE-0-1-2,Yes,Required,Decidable,Single Translation Unit,The value returned by a function shall be used,,,Easy, diff --git a/schemas/rule-package.schema.json b/schemas/rule-package.schema.json index 4d3c7f401a..daeb1ade51 100644 --- a/schemas/rule-package.schema.json +++ b/schemas/rule-package.schema.json @@ -220,6 +220,55 @@ "minProperties": 1 } } + }, + { + "properties": { + "MISRA-C++-2023": { + "description": "Rules part of the MISRA C++ 2023 standard", + "type": "object", + "patternProperties": { + "^RULE-\\d+-\\d+-\\d+": { + "description": "A coding standard rule", + "type": "object", + "properties": { + "properties": { + "type": "object", + "properties": { + "obligation": { + "type": "string", + "enum": [ + "required", + "advisory", + "mandatory" + ] + } + }, + "required": [ + "obligation" + ] + }, + "queries": { + "type": "array", + "uniqueItems": true, + "items": { + "$ref": "#/$defs/query" + } + }, + "title": { + "type": "string" + } + }, + "required": [ + "properties", + "queries", + "title" + ], + "additionalProperties": false + } + }, + "minProperties": 1 + } + } } ], "minProperties": 1, diff --git a/scripts/reports/utils.py b/scripts/reports/utils.py index 977826891c..6f5785808e 100644 --- a/scripts/reports/utils.py +++ b/scripts/reports/utils.py @@ -149,7 +149,7 @@ def __init__(self, sarif_results_file_path): if standard_rule_id in self.guideline_obligation_level[standard_short_name]: if not self.guideline_obligation_level[standard_short_name][standard_rule_id] == obligation_level: print( - f"WARNING: Rule { rule['id'] } specifies a conflicting obligation level of { obligation_level }, was previously specified as { guideline_obligation_level[standard_short_name][standard_rule_id] }.") + f"WARNING: Rule { rule['id'] } specifies a conflicting obligation level of { obligation_level }, was previously specified as { self.guideline_obligation_level[standard_short_name][standard_rule_id] }.") else: self.guideline_obligation_level[standard_short_name][standard_rule_id] = obligation_level # Add deviation counts for the rule From 854682e4d80972983a23ea0a89d573edc7780adc Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Fri, 10 May 2024 18:40:39 +0200 Subject: [PATCH 1804/2573] Fix format --- cpp/misra/src/codingstandards/cpp/misra.qll | 2 +- rules.csv | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/cpp/misra/src/codingstandards/cpp/misra.qll b/cpp/misra/src/codingstandards/cpp/misra.qll index e48b094ebc..ff308d4fd2 100644 --- a/cpp/misra/src/codingstandards/cpp/misra.qll +++ b/cpp/misra/src/codingstandards/cpp/misra.qll @@ -1,4 +1,4 @@ import cpp import misra.Customizations import codingstandards.cpp.CodingStandards -import codingstandards.cpp.exclusions.cpp.RuleMetadata \ No newline at end of file +import codingstandards.cpp.exclusions.cpp.RuleMetadata diff --git a/rules.csv b/rules.csv index 2fcf32c915..913aa27282 100644 --- a/rules.csv +++ b/rules.csv @@ -774,7 +774,7 @@ c,MISRA-C-2012,RULE-22-7,Yes,Required,,,The macro EOF shall only be compared wit c,MISRA-C-2012,RULE-22-8,Yes,Required,,,The value of errno shall be set to zero prior to a call to an errno-setting-function,ERR30-C,Contracts3,Medium, c,MISRA-C-2012,RULE-22-9,Yes,Required,,,The value of errno shall be tested against zero after calling an errno-setting-function,,Contracts3,Medium, c,MISRA-C-2012,RULE-22-10,Yes,Required,,,The value of errno shall only be tested when the last function to be called was an errno-setting-function,,Contracts3,Medium, -cpp,MISRA-C++-2023,RULE-0-0-1,Yes,Required,Decidable,Single Translation Unit,A function shall not contain unreachable statements,,DeadCode,Medium, +cpp,MISRA-C++-2023,RULE-0-0-1,Yes,Required,Decidable,Single Translation Unit,A function shall not contain unreachable statements,,,Medium, cpp,MISRA-C++-2023,RULE-0-0-2,Yes,Advisory,Undecidable,System,Controlling expressions should not be invariant,,,Easy, cpp,MISRA-C++-2023,RULE-0-1-1,Yes,Advisory,Undecidable,System,A value should not be unnecessarily written to a local object,,,Medium, cpp,MISRA-C++-2023,RULE-0-1-2,Yes,Required,Decidable,Single Translation Unit,The value returned by a function shall be used,,,Easy, From 0b965ffb4c6e6c5ca2b8f1972a7f194bef8ba058 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 16 May 2024 17:11:50 +0200 Subject: [PATCH 1805/2573] Rules with preexisting import --- .../cpp/exclusions/cpp/ImportMisra23.qll | 1319 +++++++++++++++++ .../cpp/exclusions/cpp/RuleMetadata.qll | 3 + .../SectionsOfCodeShouldNotBeCommentedOut.ql | 23 + .../DeclarationOfAnObjectIndirectionsLevel.ql | 24 + ...rsReferToNonStaticMembersFromTheirClass.ql | 24 + ...ectivesPrecededByPreprocessorDirectives.ql | 23 + ...tifiersUsedInTheControllingExpressionOf.ql | 25 + ...CharsThatShouldNotOccurInHeaderFileName.ql | 24 + ...AndPreprocessorOperatorsShouldNotBeUsed.ql | 23 + ...sThatLookLikeDirectivesInAMacroArgument.ql | 24 + .../PointerToAnIncompleteClassTypeDeleted.ql | 23 + ...urnedByLocaleFunctionsMustBeUsedAsConst.ql | 26 + ...lToSetlocaleInvalidatesOldPointersMisra.ql | 25 + ...etlocaleInvalidatesOldPointersWarnMisra.ql | 25 + ...ectUsedWhileInPotentiallyMovedFromState.ql | 23 + ...WritesOnStreamNotSeparatedByPositioning.ql | 23 + .../RULE-6-2-1/OneDefinitionRuleViolated.ql | 23 + ...ableDeclaredInInnerScopeHidesOuterScope.ql | 24 + .../ObjectAccessedAfterLifetimeMisra.ql | 23 + .../ObjectAccessedBeforeLifetimeMisra.ql | 23 + ...esConstOrVolatileFromPointerOrReference.ql | 24 + .../rules/RULE-9-4-1/IfElseIfEndCondition.ql | 24 + ...llJumpToLabelDeclaredLaterInTheFunction.ql | 24 + ...nDeclaredWithTheNoreturnAttributeReturn.ql | 23 + ...VoidFunctionShallReturnAValueOnAllPaths.ql | 23 + ...tionsOfCodeShouldNotBeCommentedOut.testref | 1 + ...arationOfAnObjectIndirectionsLevel.testref | 1 + ...erToNonStaticMembersFromTheirClass.testref | 1 + ...esPrecededByPreprocessorDirectives.testref | 1 + ...rsUsedInTheControllingExpressionOf.testref | 1 + ...ThatShouldNotOccurInHeaderFileName.testref | 1 + ...eprocessorOperatorsShouldNotBeUsed.testref | 1 + ...LookLikeDirectivesInAMacroArgument.testref | 1 + ...nterToAnIncompleteClassTypeDeleted.testref | 1 + ...ByLocaleFunctionsMustBeUsedAsConst.testref | 1 + ...tlocaleInvalidatesOldPointersMisra.testref | 1 + ...aleInvalidatesOldPointersWarnMisra.testref | 1 + ...edWhileInPotentiallyMovedFromState.testref | 1 + ...sOnStreamNotSeparatedByPositioning.testref | 1 + .../OneDefinitionRuleViolated.testref | 1 + ...eclaredInInnerScopeHidesOuterScope.testref | 1 + .../ObjectAccessedAfterLifetimeMisra.testref | 1 + .../ObjectAccessedBeforeLifetimeMisra.testref | 1 + ...stOrVolatileFromPointerOrReference.testref | 1 + .../RULE-9-4-1/IfElseIfEndCondition.testref | 1 + ...pToLabelDeclaredLaterInTheFunction.testref | 1 + ...aredWithTheNoreturnAttributeReturn.testref | 1 + ...unctionShallReturnAValueOnAllPaths.testref | 1 + rule_packages/cpp/ImportMisra23.json | 505 +++++++ rules.csv | 264 ++-- 50 files changed, 2528 insertions(+), 132 deletions(-) create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/cpp/ImportMisra23.qll create mode 100644 cpp/misra/src/rules/DIR-5-7-2/SectionsOfCodeShouldNotBeCommentedOut.ql create mode 100644 cpp/misra/src/rules/RULE-11-3-2/DeclarationOfAnObjectIndirectionsLevel.ql create mode 100644 cpp/misra/src/rules/RULE-18-3-3/HandlersReferToNonStaticMembersFromTheirClass.ql create mode 100644 cpp/misra/src/rules/RULE-19-0-3/IncludeDirectivesPrecededByPreprocessorDirectives.ql create mode 100644 cpp/misra/src/rules/RULE-19-1-3/IdentifiersUsedInTheControllingExpressionOf.ql create mode 100644 cpp/misra/src/rules/RULE-19-2-3/CharsThatShouldNotOccurInHeaderFileName.ql create mode 100644 cpp/misra/src/rules/RULE-19-3-1/AndPreprocessorOperatorsShouldNotBeUsed.ql create mode 100644 cpp/misra/src/rules/RULE-19-3-5/TokensThatLookLikeDirectivesInAMacroArgument.ql create mode 100644 cpp/misra/src/rules/RULE-21-6-5/PointerToAnIncompleteClassTypeDeleted.ql create mode 100644 cpp/misra/src/rules/RULE-25-5-2/PointersReturnedByLocaleFunctionsMustBeUsedAsConst.ql create mode 100644 cpp/misra/src/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersMisra.ql create mode 100644 cpp/misra/src/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersWarnMisra.ql create mode 100644 cpp/misra/src/rules/RULE-28-6-3/ObjectUsedWhileInPotentiallyMovedFromState.ql create mode 100644 cpp/misra/src/rules/RULE-30-0-2/ReadsAndWritesOnStreamNotSeparatedByPositioning.ql create mode 100644 cpp/misra/src/rules/RULE-6-2-1/OneDefinitionRuleViolated.ql create mode 100644 cpp/misra/src/rules/RULE-6-4-1/VariableDeclaredInInnerScopeHidesOuterScope.ql create mode 100644 cpp/misra/src/rules/RULE-6-8-1/ObjectAccessedAfterLifetimeMisra.ql create mode 100644 cpp/misra/src/rules/RULE-6-8-1/ObjectAccessedBeforeLifetimeMisra.ql create mode 100644 cpp/misra/src/rules/RULE-8-2-3/CastRemovesConstOrVolatileFromPointerOrReference.ql create mode 100644 cpp/misra/src/rules/RULE-9-4-1/IfElseIfEndCondition.ql create mode 100644 cpp/misra/src/rules/RULE-9-6-3/GotoShallJumpToLabelDeclaredLaterInTheFunction.ql create mode 100644 cpp/misra/src/rules/RULE-9-6-4/FunctionDeclaredWithTheNoreturnAttributeReturn.ql create mode 100644 cpp/misra/src/rules/RULE-9-6-5/NonVoidFunctionShallReturnAValueOnAllPaths.ql create mode 100644 cpp/misra/test/rules/DIR-5-7-2/SectionsOfCodeShouldNotBeCommentedOut.testref create mode 100644 cpp/misra/test/rules/RULE-11-3-2/DeclarationOfAnObjectIndirectionsLevel.testref create mode 100644 cpp/misra/test/rules/RULE-18-3-3/HandlersReferToNonStaticMembersFromTheirClass.testref create mode 100644 cpp/misra/test/rules/RULE-19-0-3/IncludeDirectivesPrecededByPreprocessorDirectives.testref create mode 100644 cpp/misra/test/rules/RULE-19-1-3/IdentifiersUsedInTheControllingExpressionOf.testref create mode 100644 cpp/misra/test/rules/RULE-19-2-3/CharsThatShouldNotOccurInHeaderFileName.testref create mode 100644 cpp/misra/test/rules/RULE-19-3-1/AndPreprocessorOperatorsShouldNotBeUsed.testref create mode 100644 cpp/misra/test/rules/RULE-19-3-5/TokensThatLookLikeDirectivesInAMacroArgument.testref create mode 100644 cpp/misra/test/rules/RULE-21-6-5/PointerToAnIncompleteClassTypeDeleted.testref create mode 100644 cpp/misra/test/rules/RULE-25-5-2/PointersReturnedByLocaleFunctionsMustBeUsedAsConst.testref create mode 100644 cpp/misra/test/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersMisra.testref create mode 100644 cpp/misra/test/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersWarnMisra.testref create mode 100644 cpp/misra/test/rules/RULE-28-6-3/ObjectUsedWhileInPotentiallyMovedFromState.testref create mode 100644 cpp/misra/test/rules/RULE-30-0-2/ReadsAndWritesOnStreamNotSeparatedByPositioning.testref create mode 100644 cpp/misra/test/rules/RULE-6-2-1/OneDefinitionRuleViolated.testref create mode 100644 cpp/misra/test/rules/RULE-6-4-1/VariableDeclaredInInnerScopeHidesOuterScope.testref create mode 100644 cpp/misra/test/rules/RULE-6-8-1/ObjectAccessedAfterLifetimeMisra.testref create mode 100644 cpp/misra/test/rules/RULE-6-8-1/ObjectAccessedBeforeLifetimeMisra.testref create mode 100644 cpp/misra/test/rules/RULE-8-2-3/CastRemovesConstOrVolatileFromPointerOrReference.testref create mode 100644 cpp/misra/test/rules/RULE-9-4-1/IfElseIfEndCondition.testref create mode 100644 cpp/misra/test/rules/RULE-9-6-3/GotoShallJumpToLabelDeclaredLaterInTheFunction.testref create mode 100644 cpp/misra/test/rules/RULE-9-6-4/FunctionDeclaredWithTheNoreturnAttributeReturn.testref create mode 100644 cpp/misra/test/rules/RULE-9-6-5/NonVoidFunctionShallReturnAValueOnAllPaths.testref create mode 100644 rule_packages/cpp/ImportMisra23.json diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/ImportMisra23.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/ImportMisra23.qll new file mode 100644 index 0000000000..b8fef48f1f --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/ImportMisra23.qll @@ -0,0 +1,1319 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype ImportMisra23Query = + TUserCopyAndMoveAssignmentShallHandleSelfAssignmentQuery() or + TSectionsOfCodeShouldNotBeCommentedOutQuery() or + TDeclarationShouldNotDeclareMoreThanOneVariableQuery() or + TEnumerationNotDefinedWithAnExplicitUnderlyingTypeQuery() or + TAsmDeclarationShallNotBeUsedQuery() or + TDeclarationOfAnObjectIndirectionsLevelQuery() or + TValueOfAnEnumerationConstantNotUniqueQuery() or + TBitFieldShallHaveAnAppropriateTypeQuery() or + TSignedIntegerBitFieldHaveALengthOfOneBitQuery() or + TVirtualAndNonVirtualBaseClassInHierarchyQuery() or + TDifferentDefaultArgsInOverridingVirtualFunctionQuery() or + TDeclarationsOrOverridesParamsAreUnnamedOrIdenticalQuery() or + TComparisonOfVirtualPointerOnlyBeWithNullptrQuery() or + TDynamicTypeUsedWithinConstructorOrDestructorQuery() or + TConstructorsShouldInitializeAllBaseClassesQuery() or + TInitializerListConstructorIsTheOnlyConstructorQuery() or + TAddressOfOperatorOverloadedQuery() or + TFunctionTemplatesExplicitlySpecializedQuery() or + TExceptionObjectHavePointerTypeQuery() or + TEmptyThrowShallOnlyOccurWithinACatchHandlerQuery() or + THandlersReferToNonStaticMembersFromTheirClassQuery() or + TNoexceptFunctionShouldNotPropagateAnExceptionQuery() or + TFunctionLikeMacrosDefinedQuery() or + TIncludeDirectivesPrecededByPreprocessorDirectivesQuery() or + TIdentifiersUsedInTheControllingExpressionOfQuery() or + TCharsThatShouldNotOccurInHeaderFileNameQuery() or + TAndPreprocessorOperatorsShouldNotBeUsedQuery() or + TMacroParameterFollowingAHashOperatorQuery() or + TArgumentToAMixedUseMacroShoulNotNeedExpansionQuery() or + TTokensThatLookLikeDirectivesInAMacroArgumentQuery() or + TFacilitiesProvidedByCsignalUsedQuery() or + TAtofAtoiAtolAndAtollFromCstdlibUsedQuery() or + TMacroOffsetShouldNotBeUsedQuery() or + TDefineBothSizedAndUnsizedVersionOfAGlobalOperatorQuery() or + TPointerToAnIncompleteClassTypeDeletedQuery() or + TPointersReturnedByLocaleFunctionsMustBeUsedAsConstQuery() or + TCallToSetlocaleInvalidatesOldPointersMisraQuery() or + TCallToSetlocaleInvalidatesOldPointersWarnMisraQuery() or + TVectorShouldNotBeSpecializedWithBoolQuery() or + TForwardingReferencesAndForwardNotUsedTogetherQuery() or + TObjectUsedWhileInPotentiallyMovedFromStateQuery() or + TCLibraryInputoutputFunctionsUsedQuery() or + TReadsAndWritesOnStreamNotSeparatedByPositioningQuery() or + TOperationsOnMemoryNotSequencedAppropriatelyQuery() or + TCharacterOnlyInEscapeSequenceOrUniversalCharNameQuery() or + TEscapeSequencesAndUniversalCharNamesNotTerminatedQuery() or + TOctalConstantsUsedQuery() or + TUnsignedIntegerLiteralsNotAppropriatelySuffixedQuery() or + TLowercaseLUsedAsFirstCharacterInLiteralSuffixQuery() or + TCharacterSequenceUsedWithinACStyleCommentQuery() or + TLineSplicingUsedInCommentsQuery() or + TGlobalDeclarationsOnlyMainNamespaceOrExternCQuery() or + TMainUsedOnlyForTheGlobalFunctionMainQuery() or + TOneDefinitionRuleViolatedQuery() or + TVariableDeclaredInInnerScopeHidesOuterScopeQuery() or + TDerivedClasseConcealFunctionInheritedFromTheBaseQuery() or + TNameInDependentBaseResolvedByUnqualifiedLookupQuery() or + TObjectAccessedBeforeLifetimeMisraQuery() or + TObjectAccessedAfterLifetimeMisraQuery() or + TMustNotReturnReferenceToLocalAutomaticVariableQuery() or + TNullptrNotTheOnlyFormOfTheNullPointerConstantQuery() or + TArrayPassedAsFunctionArgumentDecayToAPointerQuery() or + TResultOfAnAssignmentOperatorShouldNotBeUsedQuery() or + TCommaOperatorShouldNotBeUsedQuery() or + TFunctionsCallThemselvesEitherDirectlyOrIndirectlyQuery() or + TCastRemovesConstOrVolatileFromPointerOrReferenceQuery() or + TCastsBetweenAPointerToFunctionAndAnyOtherTypeQuery() or + TReinterpretCastShallNotBeUsedQuery() or + TUnsignedOperationWithConstantOperandsShouldNotWrapQuery() or + TBuiltInOperatorAppliedToUnsignedExpressionQuery() or + TBodyOfIterationOrSelectionStatementNotCompoundQuery() or + TIfElseIfEndConditionQuery() or + TGotoStatementShouldNotBeUsedQuery() or + TGotoShallReferenceALabelInSurroundingBlockQuery() or + TGotoShallJumpToLabelDeclaredLaterInTheFunctionQuery() or + TFunctionDeclaredWithTheNoreturnAttributeReturnQuery() or + TNonVoidFunctionShallReturnAValueOnAllPathsQuery() + +predicate isImportMisra23QueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `userCopyAndMoveAssignmentShallHandleSelfAssignment` query + ImportMisra23Package::userCopyAndMoveAssignmentShallHandleSelfAssignmentQuery() and + queryId = + // `@id` for the `userCopyAndMoveAssignmentShallHandleSelfAssignment` query + "cpp/misra/user-copy-and-move-assignment-shall-handle-self-assignment" and + ruleId = "DIR-15-8-1" and + category = "required" + or + query = + // `Query` instance for the `sectionsOfCodeShouldNotBeCommentedOut` query + ImportMisra23Package::sectionsOfCodeShouldNotBeCommentedOutQuery() and + queryId = + // `@id` for the `sectionsOfCodeShouldNotBeCommentedOut` query + "cpp/misra/sections-of-code-should-not-be-commented-out" and + ruleId = "DIR-5-7-2" and + category = "advisory" + or + query = + // `Query` instance for the `declarationShouldNotDeclareMoreThanOneVariable` query + ImportMisra23Package::declarationShouldNotDeclareMoreThanOneVariableQuery() and + queryId = + // `@id` for the `declarationShouldNotDeclareMoreThanOneVariable` query + "cpp/misra/declaration-should-not-declare-more-than-one-variable" and + ruleId = "RULE-10-0-1" and + category = "advisory" + or + query = + // `Query` instance for the `enumerationNotDefinedWithAnExplicitUnderlyingType` query + ImportMisra23Package::enumerationNotDefinedWithAnExplicitUnderlyingTypeQuery() and + queryId = + // `@id` for the `enumerationNotDefinedWithAnExplicitUnderlyingType` query + "cpp/misra/enumeration-not-defined-with-an-explicit-underlying-type" and + ruleId = "RULE-10-2-1" and + category = "required" + or + query = + // `Query` instance for the `asmDeclarationShallNotBeUsed` query + ImportMisra23Package::asmDeclarationShallNotBeUsedQuery() and + queryId = + // `@id` for the `asmDeclarationShallNotBeUsed` query + "cpp/misra/asm-declaration-shall-not-be-used" and + ruleId = "RULE-10-4-1" and + category = "required" + or + query = + // `Query` instance for the `declarationOfAnObjectIndirectionsLevel` query + ImportMisra23Package::declarationOfAnObjectIndirectionsLevelQuery() and + queryId = + // `@id` for the `declarationOfAnObjectIndirectionsLevel` query + "cpp/misra/declaration-of-an-object-indirections-level" and + ruleId = "RULE-11-3-2" and + category = "advisory" + or + query = + // `Query` instance for the `valueOfAnEnumerationConstantNotUnique` query + ImportMisra23Package::valueOfAnEnumerationConstantNotUniqueQuery() and + queryId = + // `@id` for the `valueOfAnEnumerationConstantNotUnique` query + "cpp/misra/value-of-an-enumeration-constant-not-unique" and + ruleId = "RULE-11-6-3" and + category = "required" + or + query = + // `Query` instance for the `bitFieldShallHaveAnAppropriateType` query + ImportMisra23Package::bitFieldShallHaveAnAppropriateTypeQuery() and + queryId = + // `@id` for the `bitFieldShallHaveAnAppropriateType` query + "cpp/misra/bit-field-shall-have-an-appropriate-type" and + ruleId = "RULE-12-2-2" and + category = "required" + or + query = + // `Query` instance for the `signedIntegerBitFieldHaveALengthOfOneBit` query + ImportMisra23Package::signedIntegerBitFieldHaveALengthOfOneBitQuery() and + queryId = + // `@id` for the `signedIntegerBitFieldHaveALengthOfOneBit` query + "cpp/misra/signed-integer-bit-field-have-a-length-of-one-bit" and + ruleId = "RULE-12-2-3" and + category = "required" + or + query = + // `Query` instance for the `virtualAndNonVirtualBaseClassInHierarchy` query + ImportMisra23Package::virtualAndNonVirtualBaseClassInHierarchyQuery() and + queryId = + // `@id` for the `virtualAndNonVirtualBaseClassInHierarchy` query + "cpp/misra/virtual-and-non-virtual-base-class-in-hierarchy" and + ruleId = "RULE-13-1-2" and + category = "required" + or + query = + // `Query` instance for the `differentDefaultArgsInOverridingVirtualFunction` query + ImportMisra23Package::differentDefaultArgsInOverridingVirtualFunctionQuery() and + queryId = + // `@id` for the `differentDefaultArgsInOverridingVirtualFunction` query + "cpp/misra/different-default-args-in-overriding-virtual-function" and + ruleId = "RULE-13-3-2" and + category = "required" + or + query = + // `Query` instance for the `declarationsOrOverridesParamsAreUnnamedOrIdentical` query + ImportMisra23Package::declarationsOrOverridesParamsAreUnnamedOrIdenticalQuery() and + queryId = + // `@id` for the `declarationsOrOverridesParamsAreUnnamedOrIdentical` query + "cpp/misra/declarations-or-overrides-params-are-unnamed-or-identical" and + ruleId = "RULE-13-3-3" and + category = "required" + or + query = + // `Query` instance for the `comparisonOfVirtualPointerOnlyBeWithNullptr` query + ImportMisra23Package::comparisonOfVirtualPointerOnlyBeWithNullptrQuery() and + queryId = + // `@id` for the `comparisonOfVirtualPointerOnlyBeWithNullptr` query + "cpp/misra/comparison-of-virtual-pointer-only-be-with-nullptr" and + ruleId = "RULE-13-3-4" and + category = "required" + or + query = + // `Query` instance for the `dynamicTypeUsedWithinConstructorOrDestructor` query + ImportMisra23Package::dynamicTypeUsedWithinConstructorOrDestructorQuery() and + queryId = + // `@id` for the `dynamicTypeUsedWithinConstructorOrDestructor` query + "cpp/misra/dynamic-type-used-within-constructor-or-destructor" and + ruleId = "RULE-15-1-1" and + category = "required" + or + query = + // `Query` instance for the `constructorsShouldInitializeAllBaseClasses` query + ImportMisra23Package::constructorsShouldInitializeAllBaseClassesQuery() and + queryId = + // `@id` for the `constructorsShouldInitializeAllBaseClasses` query + "cpp/misra/constructors-should-initialize-all-base-classes" and + ruleId = "RULE-15-1-2" and + category = "advisory" + or + query = + // `Query` instance for the `initializerListConstructorIsTheOnlyConstructor` query + ImportMisra23Package::initializerListConstructorIsTheOnlyConstructorQuery() and + queryId = + // `@id` for the `initializerListConstructorIsTheOnlyConstructor` query + "cpp/misra/initializer-list-constructor-is-the-only-constructor" and + ruleId = "RULE-15-1-5" and + category = "required" + or + query = + // `Query` instance for the `addressOfOperatorOverloaded` query + ImportMisra23Package::addressOfOperatorOverloadedQuery() and + queryId = + // `@id` for the `addressOfOperatorOverloaded` query + "cpp/misra/address-of-operator-overloaded" and + ruleId = "RULE-16-5-2" and + category = "required" + or + query = + // `Query` instance for the `functionTemplatesExplicitlySpecialized` query + ImportMisra23Package::functionTemplatesExplicitlySpecializedQuery() and + queryId = + // `@id` for the `functionTemplatesExplicitlySpecialized` query + "cpp/misra/function-templates-explicitly-specialized" and + ruleId = "RULE-17-8-1" and + category = "required" + or + query = + // `Query` instance for the `exceptionObjectHavePointerType` query + ImportMisra23Package::exceptionObjectHavePointerTypeQuery() and + queryId = + // `@id` for the `exceptionObjectHavePointerType` query + "cpp/misra/exception-object-have-pointer-type" and + ruleId = "RULE-18-1-1" and + category = "required" + or + query = + // `Query` instance for the `emptyThrowShallOnlyOccurWithinACatchHandler` query + ImportMisra23Package::emptyThrowShallOnlyOccurWithinACatchHandlerQuery() and + queryId = + // `@id` for the `emptyThrowShallOnlyOccurWithinACatchHandler` query + "cpp/misra/empty-throw-shall-only-occur-within-a-catch-handler" and + ruleId = "RULE-18-1-2" and + category = "required" + or + query = + // `Query` instance for the `handlersReferToNonStaticMembersFromTheirClass` query + ImportMisra23Package::handlersReferToNonStaticMembersFromTheirClassQuery() and + queryId = + // `@id` for the `handlersReferToNonStaticMembersFromTheirClass` query + "cpp/misra/handlers-refer-to-non-static-members-from-their-class" and + ruleId = "RULE-18-3-3" and + category = "required" + or + query = + // `Query` instance for the `noexceptFunctionShouldNotPropagateAnException` query + ImportMisra23Package::noexceptFunctionShouldNotPropagateAnExceptionQuery() and + queryId = + // `@id` for the `noexceptFunctionShouldNotPropagateAnException` query + "cpp/misra/noexcept-function-should-not-propagate-an-exception" and + ruleId = "RULE-18-5-1" and + category = "advisory" + or + query = + // `Query` instance for the `functionLikeMacrosDefined` query + ImportMisra23Package::functionLikeMacrosDefinedQuery() and + queryId = + // `@id` for the `functionLikeMacrosDefined` query + "cpp/misra/function-like-macros-defined" and + ruleId = "RULE-19-0-2" and + category = "required" + or + query = + // `Query` instance for the `includeDirectivesPrecededByPreprocessorDirectives` query + ImportMisra23Package::includeDirectivesPrecededByPreprocessorDirectivesQuery() and + queryId = + // `@id` for the `includeDirectivesPrecededByPreprocessorDirectives` query + "cpp/misra/include-directives-preceded-by-preprocessor-directives" and + ruleId = "RULE-19-0-3" and + category = "advisory" + or + query = + // `Query` instance for the `identifiersUsedInTheControllingExpressionOf` query + ImportMisra23Package::identifiersUsedInTheControllingExpressionOfQuery() and + queryId = + // `@id` for the `identifiersUsedInTheControllingExpressionOf` query + "cpp/misra/identifiers-used-in-the-controlling-expression-of" and + ruleId = "RULE-19-1-3" and + category = "required" + or + query = + // `Query` instance for the `charsThatShouldNotOccurInHeaderFileName` query + ImportMisra23Package::charsThatShouldNotOccurInHeaderFileNameQuery() and + queryId = + // `@id` for the `charsThatShouldNotOccurInHeaderFileName` query + "cpp/misra/chars-that-should-not-occur-in-header-file-name" and + ruleId = "RULE-19-2-3" and + category = "required" + or + query = + // `Query` instance for the `andPreprocessorOperatorsShouldNotBeUsed` query + ImportMisra23Package::andPreprocessorOperatorsShouldNotBeUsedQuery() and + queryId = + // `@id` for the `andPreprocessorOperatorsShouldNotBeUsed` query + "cpp/misra/and-preprocessor-operators-should-not-be-used" and + ruleId = "RULE-19-3-1" and + category = "advisory" + or + query = + // `Query` instance for the `macroParameterFollowingAHashOperator` query + ImportMisra23Package::macroParameterFollowingAHashOperatorQuery() and + queryId = + // `@id` for the `macroParameterFollowingAHashOperator` query + "cpp/misra/macro-parameter-following-a-hash-operator" and + ruleId = "RULE-19-3-2" and + category = "required" + or + query = + // `Query` instance for the `argumentToAMixedUseMacroShoulNotNeedExpansion` query + ImportMisra23Package::argumentToAMixedUseMacroShoulNotNeedExpansionQuery() and + queryId = + // `@id` for the `argumentToAMixedUseMacroShoulNotNeedExpansion` query + "cpp/misra/argument-to-a-mixed-use-macro-shoul-not-need-expansion" and + ruleId = "RULE-19-3-3" and + category = "required" + or + query = + // `Query` instance for the `tokensThatLookLikeDirectivesInAMacroArgument` query + ImportMisra23Package::tokensThatLookLikeDirectivesInAMacroArgumentQuery() and + queryId = + // `@id` for the `tokensThatLookLikeDirectivesInAMacroArgument` query + "cpp/misra/tokens-that-look-like-directives-in-a-macro-argument" and + ruleId = "RULE-19-3-5" and + category = "required" + or + query = + // `Query` instance for the `facilitiesProvidedByCsignalUsed` query + ImportMisra23Package::facilitiesProvidedByCsignalUsedQuery() and + queryId = + // `@id` for the `facilitiesProvidedByCsignalUsed` query + "cpp/misra/facilities-provided-by-csignal-used" and + ruleId = "RULE-21-10-3" and + category = "required" + or + query = + // `Query` instance for the `atofAtoiAtolAndAtollFromCstdlibUsed` query + ImportMisra23Package::atofAtoiAtolAndAtollFromCstdlibUsedQuery() and + queryId = + // `@id` for the `atofAtoiAtolAndAtollFromCstdlibUsed` query + "cpp/misra/atof-atoi-atol-and-atoll-from-cstdlib-used" and + ruleId = "RULE-21-2-1" and + category = "required" + or + query = + // `Query` instance for the `macroOffsetShouldNotBeUsed` query + ImportMisra23Package::macroOffsetShouldNotBeUsedQuery() and + queryId = + // `@id` for the `macroOffsetShouldNotBeUsed` query + "cpp/misra/macro-offset-should-not-be-used" and + ruleId = "RULE-21-2-4" and + category = "required" + or + query = + // `Query` instance for the `defineBothSizedAndUnsizedVersionOfAGlobalOperator` query + ImportMisra23Package::defineBothSizedAndUnsizedVersionOfAGlobalOperatorQuery() and + queryId = + // `@id` for the `defineBothSizedAndUnsizedVersionOfAGlobalOperator` query + "cpp/misra/define-both-sized-and-unsized-version-of-a-global-operator" and + ruleId = "RULE-21-6-4" and + category = "required" + or + query = + // `Query` instance for the `pointerToAnIncompleteClassTypeDeleted` query + ImportMisra23Package::pointerToAnIncompleteClassTypeDeletedQuery() and + queryId = + // `@id` for the `pointerToAnIncompleteClassTypeDeleted` query + "cpp/misra/pointer-to-an-incomplete-class-type-deleted" and + ruleId = "RULE-21-6-5" and + category = "required" + or + query = + // `Query` instance for the `pointersReturnedByLocaleFunctionsMustBeUsedAsConst` query + ImportMisra23Package::pointersReturnedByLocaleFunctionsMustBeUsedAsConstQuery() and + queryId = + // `@id` for the `pointersReturnedByLocaleFunctionsMustBeUsedAsConst` query + "cpp/misra/pointers-returned-by-locale-functions-must-be-used-as-const" and + ruleId = "RULE-25-5-2" and + category = "mandatory" + or + query = + // `Query` instance for the `callToSetlocaleInvalidatesOldPointersMisra` query + ImportMisra23Package::callToSetlocaleInvalidatesOldPointersMisraQuery() and + queryId = + // `@id` for the `callToSetlocaleInvalidatesOldPointersMisra` query + "cpp/misra/call-to-setlocale-invalidates-old-pointers-misra" and + ruleId = "RULE-25-5-3" and + category = "mandatory" + or + query = + // `Query` instance for the `callToSetlocaleInvalidatesOldPointersWarnMisra` query + ImportMisra23Package::callToSetlocaleInvalidatesOldPointersWarnMisraQuery() and + queryId = + // `@id` for the `callToSetlocaleInvalidatesOldPointersWarnMisra` query + "cpp/misra/call-to-setlocale-invalidates-old-pointers-warn-misra" and + ruleId = "RULE-25-5-3" and + category = "mandatory" + or + query = + // `Query` instance for the `vectorShouldNotBeSpecializedWithBool` query + ImportMisra23Package::vectorShouldNotBeSpecializedWithBoolQuery() and + queryId = + // `@id` for the `vectorShouldNotBeSpecializedWithBool` query + "cpp/misra/vector-should-not-be-specialized-with-bool" and + ruleId = "RULE-26-3-1" and + category = "advisory" + or + query = + // `Query` instance for the `forwardingReferencesAndForwardNotUsedTogether` query + ImportMisra23Package::forwardingReferencesAndForwardNotUsedTogetherQuery() and + queryId = + // `@id` for the `forwardingReferencesAndForwardNotUsedTogether` query + "cpp/misra/forwarding-references-and-forward-not-used-together" and + ruleId = "RULE-28-6-2" and + category = "required" + or + query = + // `Query` instance for the `objectUsedWhileInPotentiallyMovedFromState` query + ImportMisra23Package::objectUsedWhileInPotentiallyMovedFromStateQuery() and + queryId = + // `@id` for the `objectUsedWhileInPotentiallyMovedFromState` query + "cpp/misra/object-used-while-in-potentially-moved-from-state" and + ruleId = "RULE-28-6-3" and + category = "required" + or + query = + // `Query` instance for the `cLibraryInputoutputFunctionsUsed` query + ImportMisra23Package::cLibraryInputoutputFunctionsUsedQuery() and + queryId = + // `@id` for the `cLibraryInputoutputFunctionsUsed` query + "cpp/misra/c-library-inputoutput-functions-used" and + ruleId = "RULE-30-0-1" and + category = "required" + or + query = + // `Query` instance for the `readsAndWritesOnStreamNotSeparatedByPositioning` query + ImportMisra23Package::readsAndWritesOnStreamNotSeparatedByPositioningQuery() and + queryId = + // `@id` for the `readsAndWritesOnStreamNotSeparatedByPositioning` query + "cpp/misra/reads-and-writes-on-stream-not-separated-by-positioning" and + ruleId = "RULE-30-0-2" and + category = "required" + or + query = + // `Query` instance for the `operationsOnMemoryNotSequencedAppropriately` query + ImportMisra23Package::operationsOnMemoryNotSequencedAppropriatelyQuery() and + queryId = + // `@id` for the `operationsOnMemoryNotSequencedAppropriately` query + "cpp/misra/operations-on-memory-not-sequenced-appropriately" and + ruleId = "RULE-4-6-1" and + category = "required" + or + query = + // `Query` instance for the `characterOnlyInEscapeSequenceOrUniversalCharName` query + ImportMisra23Package::characterOnlyInEscapeSequenceOrUniversalCharNameQuery() and + queryId = + // `@id` for the `characterOnlyInEscapeSequenceOrUniversalCharName` query + "cpp/misra/character-only-in-escape-sequence-or-universal-char-name" and + ruleId = "RULE-5-13-1" and + category = "required" + or + query = + // `Query` instance for the `escapeSequencesAndUniversalCharNamesNotTerminated` query + ImportMisra23Package::escapeSequencesAndUniversalCharNamesNotTerminatedQuery() and + queryId = + // `@id` for the `escapeSequencesAndUniversalCharNamesNotTerminated` query + "cpp/misra/escape-sequences-and-universal-char-names-not-terminated" and + ruleId = "RULE-5-13-2" and + category = "required" + or + query = + // `Query` instance for the `octalConstantsUsed` query + ImportMisra23Package::octalConstantsUsedQuery() and + queryId = + // `@id` for the `octalConstantsUsed` query + "cpp/misra/octal-constants-used" and + ruleId = "RULE-5-13-3" and + category = "required" + or + query = + // `Query` instance for the `unsignedIntegerLiteralsNotAppropriatelySuffixed` query + ImportMisra23Package::unsignedIntegerLiteralsNotAppropriatelySuffixedQuery() and + queryId = + // `@id` for the `unsignedIntegerLiteralsNotAppropriatelySuffixed` query + "cpp/misra/unsigned-integer-literals-not-appropriately-suffixed" and + ruleId = "RULE-5-13-4" and + category = "required" + or + query = + // `Query` instance for the `lowercaseLUsedAsFirstCharacterInLiteralSuffix` query + ImportMisra23Package::lowercaseLUsedAsFirstCharacterInLiteralSuffixQuery() and + queryId = + // `@id` for the `lowercaseLUsedAsFirstCharacterInLiteralSuffix` query + "cpp/misra/lowercase-l-used-as-first-character-in-literal-suffix" and + ruleId = "RULE-5-13-5" and + category = "required" + or + query = + // `Query` instance for the `characterSequenceUsedWithinACStyleComment` query + ImportMisra23Package::characterSequenceUsedWithinACStyleCommentQuery() and + queryId = + // `@id` for the `characterSequenceUsedWithinACStyleComment` query + "cpp/misra/character-sequence-used-within-ac-style-comment" and + ruleId = "RULE-5-7-1" and + category = "required" + or + query = + // `Query` instance for the `lineSplicingUsedInComments` query + ImportMisra23Package::lineSplicingUsedInCommentsQuery() and + queryId = + // `@id` for the `lineSplicingUsedInComments` query + "cpp/misra/line-splicing-used-in-comments" and + ruleId = "RULE-5-7-3" and + category = "required" + or + query = + // `Query` instance for the `globalDeclarationsOnlyMainNamespaceOrExternC` query + ImportMisra23Package::globalDeclarationsOnlyMainNamespaceOrExternCQuery() and + queryId = + // `@id` for the `globalDeclarationsOnlyMainNamespaceOrExternC` query + "cpp/misra/global-declarations-only-main-namespace-or-extern-c" and + ruleId = "RULE-6-0-3" and + category = "advisory" + or + query = + // `Query` instance for the `mainUsedOnlyForTheGlobalFunctionMain` query + ImportMisra23Package::mainUsedOnlyForTheGlobalFunctionMainQuery() and + queryId = + // `@id` for the `mainUsedOnlyForTheGlobalFunctionMain` query + "cpp/misra/main-used-only-for-the-global-function-main" and + ruleId = "RULE-6-0-4" and + category = "required" + or + query = + // `Query` instance for the `oneDefinitionRuleViolated` query + ImportMisra23Package::oneDefinitionRuleViolatedQuery() and + queryId = + // `@id` for the `oneDefinitionRuleViolated` query + "cpp/misra/one-definition-rule-violated" and + ruleId = "RULE-6-2-1" and + category = "required" + or + query = + // `Query` instance for the `variableDeclaredInInnerScopeHidesOuterScope` query + ImportMisra23Package::variableDeclaredInInnerScopeHidesOuterScopeQuery() and + queryId = + // `@id` for the `variableDeclaredInInnerScopeHidesOuterScope` query + "cpp/misra/variable-declared-in-inner-scope-hides-outer-scope" and + ruleId = "RULE-6-4-1" and + category = "required" + or + query = + // `Query` instance for the `derivedClasseConcealFunctionInheritedFromTheBase` query + ImportMisra23Package::derivedClasseConcealFunctionInheritedFromTheBaseQuery() and + queryId = + // `@id` for the `derivedClasseConcealFunctionInheritedFromTheBase` query + "cpp/misra/derived-classe-conceal-function-inherited-from-the-base" and + ruleId = "RULE-6-4-2" and + category = "required" + or + query = + // `Query` instance for the `nameInDependentBaseResolvedByUnqualifiedLookup` query + ImportMisra23Package::nameInDependentBaseResolvedByUnqualifiedLookupQuery() and + queryId = + // `@id` for the `nameInDependentBaseResolvedByUnqualifiedLookup` query + "cpp/misra/name-in-dependent-base-resolved-by-unqualified-lookup" and + ruleId = "RULE-6-4-3" and + category = "required" + or + query = + // `Query` instance for the `objectAccessedBeforeLifetimeMisra` query + ImportMisra23Package::objectAccessedBeforeLifetimeMisraQuery() and + queryId = + // `@id` for the `objectAccessedBeforeLifetimeMisra` query + "cpp/misra/object-accessed-before-lifetime-misra" and + ruleId = "RULE-6-8-1" and + category = "required" + or + query = + // `Query` instance for the `objectAccessedAfterLifetimeMisra` query + ImportMisra23Package::objectAccessedAfterLifetimeMisraQuery() and + queryId = + // `@id` for the `objectAccessedAfterLifetimeMisra` query + "cpp/misra/object-accessed-after-lifetime-misra" and + ruleId = "RULE-6-8-1" and + category = "required" + or + query = + // `Query` instance for the `mustNotReturnReferenceToLocalAutomaticVariable` query + ImportMisra23Package::mustNotReturnReferenceToLocalAutomaticVariableQuery() and + queryId = + // `@id` for the `mustNotReturnReferenceToLocalAutomaticVariable` query + "cpp/misra/must-not-return-reference-to-local-automatic-variable" and + ruleId = "RULE-6-8-2" and + category = "mandatory" + or + query = + // `Query` instance for the `nullptrNotTheOnlyFormOfTheNullPointerConstant` query + ImportMisra23Package::nullptrNotTheOnlyFormOfTheNullPointerConstantQuery() and + queryId = + // `@id` for the `nullptrNotTheOnlyFormOfTheNullPointerConstant` query + "cpp/misra/nullptr-not-the-only-form-of-the-null-pointer-constant" and + ruleId = "RULE-7-11-1" and + category = "required" + or + query = + // `Query` instance for the `arrayPassedAsFunctionArgumentDecayToAPointer` query + ImportMisra23Package::arrayPassedAsFunctionArgumentDecayToAPointerQuery() and + queryId = + // `@id` for the `arrayPassedAsFunctionArgumentDecayToAPointer` query + "cpp/misra/array-passed-as-function-argument-decay-to-a-pointer" and + ruleId = "RULE-7-11-2" and + category = "required" + or + query = + // `Query` instance for the `resultOfAnAssignmentOperatorShouldNotBeUsed` query + ImportMisra23Package::resultOfAnAssignmentOperatorShouldNotBeUsedQuery() and + queryId = + // `@id` for the `resultOfAnAssignmentOperatorShouldNotBeUsed` query + "cpp/misra/result-of-an-assignment-operator-should-not-be-used" and + ruleId = "RULE-8-18-2" and + category = "advisory" + or + query = + // `Query` instance for the `commaOperatorShouldNotBeUsed` query + ImportMisra23Package::commaOperatorShouldNotBeUsedQuery() and + queryId = + // `@id` for the `commaOperatorShouldNotBeUsed` query + "cpp/misra/comma-operator-should-not-be-used" and + ruleId = "RULE-8-19-1" and + category = "advisory" + or + query = + // `Query` instance for the `functionsCallThemselvesEitherDirectlyOrIndirectly` query + ImportMisra23Package::functionsCallThemselvesEitherDirectlyOrIndirectlyQuery() and + queryId = + // `@id` for the `functionsCallThemselvesEitherDirectlyOrIndirectly` query + "cpp/misra/functions-call-themselves-either-directly-or-indirectly" and + ruleId = "RULE-8-2-10" and + category = "required" + or + query = + // `Query` instance for the `castRemovesConstOrVolatileFromPointerOrReference` query + ImportMisra23Package::castRemovesConstOrVolatileFromPointerOrReferenceQuery() and + queryId = + // `@id` for the `castRemovesConstOrVolatileFromPointerOrReference` query + "cpp/misra/cast-removes-const-or-volatile-from-pointer-or-reference" and + ruleId = "RULE-8-2-3" and + category = "required" + or + query = + // `Query` instance for the `castsBetweenAPointerToFunctionAndAnyOtherType` query + ImportMisra23Package::castsBetweenAPointerToFunctionAndAnyOtherTypeQuery() and + queryId = + // `@id` for the `castsBetweenAPointerToFunctionAndAnyOtherType` query + "cpp/misra/casts-between-a-pointer-to-function-and-any-other-type" and + ruleId = "RULE-8-2-4" and + category = "required" + or + query = + // `Query` instance for the `reinterpretCastShallNotBeUsed` query + ImportMisra23Package::reinterpretCastShallNotBeUsedQuery() and + queryId = + // `@id` for the `reinterpretCastShallNotBeUsed` query + "cpp/misra/reinterpret-cast-shall-not-be-used" and + ruleId = "RULE-8-2-5" and + category = "required" + or + query = + // `Query` instance for the `unsignedOperationWithConstantOperandsShouldNotWrap` query + ImportMisra23Package::unsignedOperationWithConstantOperandsShouldNotWrapQuery() and + queryId = + // `@id` for the `unsignedOperationWithConstantOperandsShouldNotWrap` query + "cpp/misra/unsigned-operation-with-constant-operands-should-not-wrap" and + ruleId = "RULE-8-20-1" and + category = "advisory" + or + query = + // `Query` instance for the `builtInOperatorAppliedToUnsignedExpression` query + ImportMisra23Package::builtInOperatorAppliedToUnsignedExpressionQuery() and + queryId = + // `@id` for the `builtInOperatorAppliedToUnsignedExpression` query + "cpp/misra/built-in-operator-applied-to-unsigned-expression" and + ruleId = "RULE-8-3-1" and + category = "advisory" + or + query = + // `Query` instance for the `bodyOfIterationOrSelectionStatementNotCompound` query + ImportMisra23Package::bodyOfIterationOrSelectionStatementNotCompoundQuery() and + queryId = + // `@id` for the `bodyOfIterationOrSelectionStatementNotCompound` query + "cpp/misra/body-of-iteration-or-selection-statement-not-compound" and + ruleId = "RULE-9-3-1" and + category = "required" + or + query = + // `Query` instance for the `ifElseIfEndCondition` query + ImportMisra23Package::ifElseIfEndConditionQuery() and + queryId = + // `@id` for the `ifElseIfEndCondition` query + "cpp/misra/if-else-if-end-condition" and + ruleId = "RULE-9-4-1" and + category = "required" + or + query = + // `Query` instance for the `gotoStatementShouldNotBeUsed` query + ImportMisra23Package::gotoStatementShouldNotBeUsedQuery() and + queryId = + // `@id` for the `gotoStatementShouldNotBeUsed` query + "cpp/misra/goto-statement-should-not-be-used" and + ruleId = "RULE-9-6-1" and + category = "advisory" + or + query = + // `Query` instance for the `gotoShallReferenceALabelInSurroundingBlock` query + ImportMisra23Package::gotoShallReferenceALabelInSurroundingBlockQuery() and + queryId = + // `@id` for the `gotoShallReferenceALabelInSurroundingBlock` query + "cpp/misra/goto-shall-reference-a-label-in-surrounding-block" and + ruleId = "RULE-9-6-2" and + category = "required" + or + query = + // `Query` instance for the `gotoShallJumpToLabelDeclaredLaterInTheFunction` query + ImportMisra23Package::gotoShallJumpToLabelDeclaredLaterInTheFunctionQuery() and + queryId = + // `@id` for the `gotoShallJumpToLabelDeclaredLaterInTheFunction` query + "cpp/misra/goto-shall-jump-to-label-declared-later-in-the-function" and + ruleId = "RULE-9-6-3" and + category = "required" + or + query = + // `Query` instance for the `functionDeclaredWithTheNoreturnAttributeReturn` query + ImportMisra23Package::functionDeclaredWithTheNoreturnAttributeReturnQuery() and + queryId = + // `@id` for the `functionDeclaredWithTheNoreturnAttributeReturn` query + "cpp/misra/function-declared-with-the-noreturn-attribute-return" and + ruleId = "RULE-9-6-4" and + category = "required" + or + query = + // `Query` instance for the `nonVoidFunctionShallReturnAValueOnAllPaths` query + ImportMisra23Package::nonVoidFunctionShallReturnAValueOnAllPathsQuery() and + queryId = + // `@id` for the `nonVoidFunctionShallReturnAValueOnAllPaths` query + "cpp/misra/non-void-function-shall-return-a-value-on-all-paths" and + ruleId = "RULE-9-6-5" and + category = "required" +} + +module ImportMisra23Package { + Query userCopyAndMoveAssignmentShallHandleSelfAssignmentQuery() { + //autogenerate `Query` type + result = + // `Query` type for `userCopyAndMoveAssignmentShallHandleSelfAssignment` query + TQueryCPP(TImportMisra23PackageQuery(TUserCopyAndMoveAssignmentShallHandleSelfAssignmentQuery())) + } + + Query sectionsOfCodeShouldNotBeCommentedOutQuery() { + //autogenerate `Query` type + result = + // `Query` type for `sectionsOfCodeShouldNotBeCommentedOut` query + TQueryCPP(TImportMisra23PackageQuery(TSectionsOfCodeShouldNotBeCommentedOutQuery())) + } + + Query declarationShouldNotDeclareMoreThanOneVariableQuery() { + //autogenerate `Query` type + result = + // `Query` type for `declarationShouldNotDeclareMoreThanOneVariable` query + TQueryCPP(TImportMisra23PackageQuery(TDeclarationShouldNotDeclareMoreThanOneVariableQuery())) + } + + Query enumerationNotDefinedWithAnExplicitUnderlyingTypeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `enumerationNotDefinedWithAnExplicitUnderlyingType` query + TQueryCPP(TImportMisra23PackageQuery(TEnumerationNotDefinedWithAnExplicitUnderlyingTypeQuery())) + } + + Query asmDeclarationShallNotBeUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `asmDeclarationShallNotBeUsed` query + TQueryCPP(TImportMisra23PackageQuery(TAsmDeclarationShallNotBeUsedQuery())) + } + + Query declarationOfAnObjectIndirectionsLevelQuery() { + //autogenerate `Query` type + result = + // `Query` type for `declarationOfAnObjectIndirectionsLevel` query + TQueryCPP(TImportMisra23PackageQuery(TDeclarationOfAnObjectIndirectionsLevelQuery())) + } + + Query valueOfAnEnumerationConstantNotUniqueQuery() { + //autogenerate `Query` type + result = + // `Query` type for `valueOfAnEnumerationConstantNotUnique` query + TQueryCPP(TImportMisra23PackageQuery(TValueOfAnEnumerationConstantNotUniqueQuery())) + } + + Query bitFieldShallHaveAnAppropriateTypeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `bitFieldShallHaveAnAppropriateType` query + TQueryCPP(TImportMisra23PackageQuery(TBitFieldShallHaveAnAppropriateTypeQuery())) + } + + Query signedIntegerBitFieldHaveALengthOfOneBitQuery() { + //autogenerate `Query` type + result = + // `Query` type for `signedIntegerBitFieldHaveALengthOfOneBit` query + TQueryCPP(TImportMisra23PackageQuery(TSignedIntegerBitFieldHaveALengthOfOneBitQuery())) + } + + Query virtualAndNonVirtualBaseClassInHierarchyQuery() { + //autogenerate `Query` type + result = + // `Query` type for `virtualAndNonVirtualBaseClassInHierarchy` query + TQueryCPP(TImportMisra23PackageQuery(TVirtualAndNonVirtualBaseClassInHierarchyQuery())) + } + + Query differentDefaultArgsInOverridingVirtualFunctionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `differentDefaultArgsInOverridingVirtualFunction` query + TQueryCPP(TImportMisra23PackageQuery(TDifferentDefaultArgsInOverridingVirtualFunctionQuery())) + } + + Query declarationsOrOverridesParamsAreUnnamedOrIdenticalQuery() { + //autogenerate `Query` type + result = + // `Query` type for `declarationsOrOverridesParamsAreUnnamedOrIdentical` query + TQueryCPP(TImportMisra23PackageQuery(TDeclarationsOrOverridesParamsAreUnnamedOrIdenticalQuery())) + } + + Query comparisonOfVirtualPointerOnlyBeWithNullptrQuery() { + //autogenerate `Query` type + result = + // `Query` type for `comparisonOfVirtualPointerOnlyBeWithNullptr` query + TQueryCPP(TImportMisra23PackageQuery(TComparisonOfVirtualPointerOnlyBeWithNullptrQuery())) + } + + Query dynamicTypeUsedWithinConstructorOrDestructorQuery() { + //autogenerate `Query` type + result = + // `Query` type for `dynamicTypeUsedWithinConstructorOrDestructor` query + TQueryCPP(TImportMisra23PackageQuery(TDynamicTypeUsedWithinConstructorOrDestructorQuery())) + } + + Query constructorsShouldInitializeAllBaseClassesQuery() { + //autogenerate `Query` type + result = + // `Query` type for `constructorsShouldInitializeAllBaseClasses` query + TQueryCPP(TImportMisra23PackageQuery(TConstructorsShouldInitializeAllBaseClassesQuery())) + } + + Query initializerListConstructorIsTheOnlyConstructorQuery() { + //autogenerate `Query` type + result = + // `Query` type for `initializerListConstructorIsTheOnlyConstructor` query + TQueryCPP(TImportMisra23PackageQuery(TInitializerListConstructorIsTheOnlyConstructorQuery())) + } + + Query addressOfOperatorOverloadedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `addressOfOperatorOverloaded` query + TQueryCPP(TImportMisra23PackageQuery(TAddressOfOperatorOverloadedQuery())) + } + + Query functionTemplatesExplicitlySpecializedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `functionTemplatesExplicitlySpecialized` query + TQueryCPP(TImportMisra23PackageQuery(TFunctionTemplatesExplicitlySpecializedQuery())) + } + + Query exceptionObjectHavePointerTypeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `exceptionObjectHavePointerType` query + TQueryCPP(TImportMisra23PackageQuery(TExceptionObjectHavePointerTypeQuery())) + } + + Query emptyThrowShallOnlyOccurWithinACatchHandlerQuery() { + //autogenerate `Query` type + result = + // `Query` type for `emptyThrowShallOnlyOccurWithinACatchHandler` query + TQueryCPP(TImportMisra23PackageQuery(TEmptyThrowShallOnlyOccurWithinACatchHandlerQuery())) + } + + Query handlersReferToNonStaticMembersFromTheirClassQuery() { + //autogenerate `Query` type + result = + // `Query` type for `handlersReferToNonStaticMembersFromTheirClass` query + TQueryCPP(TImportMisra23PackageQuery(THandlersReferToNonStaticMembersFromTheirClassQuery())) + } + + Query noexceptFunctionShouldNotPropagateAnExceptionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `noexceptFunctionShouldNotPropagateAnException` query + TQueryCPP(TImportMisra23PackageQuery(TNoexceptFunctionShouldNotPropagateAnExceptionQuery())) + } + + Query functionLikeMacrosDefinedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `functionLikeMacrosDefined` query + TQueryCPP(TImportMisra23PackageQuery(TFunctionLikeMacrosDefinedQuery())) + } + + Query includeDirectivesPrecededByPreprocessorDirectivesQuery() { + //autogenerate `Query` type + result = + // `Query` type for `includeDirectivesPrecededByPreprocessorDirectives` query + TQueryCPP(TImportMisra23PackageQuery(TIncludeDirectivesPrecededByPreprocessorDirectivesQuery())) + } + + Query identifiersUsedInTheControllingExpressionOfQuery() { + //autogenerate `Query` type + result = + // `Query` type for `identifiersUsedInTheControllingExpressionOf` query + TQueryCPP(TImportMisra23PackageQuery(TIdentifiersUsedInTheControllingExpressionOfQuery())) + } + + Query charsThatShouldNotOccurInHeaderFileNameQuery() { + //autogenerate `Query` type + result = + // `Query` type for `charsThatShouldNotOccurInHeaderFileName` query + TQueryCPP(TImportMisra23PackageQuery(TCharsThatShouldNotOccurInHeaderFileNameQuery())) + } + + Query andPreprocessorOperatorsShouldNotBeUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `andPreprocessorOperatorsShouldNotBeUsed` query + TQueryCPP(TImportMisra23PackageQuery(TAndPreprocessorOperatorsShouldNotBeUsedQuery())) + } + + Query macroParameterFollowingAHashOperatorQuery() { + //autogenerate `Query` type + result = + // `Query` type for `macroParameterFollowingAHashOperator` query + TQueryCPP(TImportMisra23PackageQuery(TMacroParameterFollowingAHashOperatorQuery())) + } + + Query argumentToAMixedUseMacroShoulNotNeedExpansionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `argumentToAMixedUseMacroShoulNotNeedExpansion` query + TQueryCPP(TImportMisra23PackageQuery(TArgumentToAMixedUseMacroShoulNotNeedExpansionQuery())) + } + + Query tokensThatLookLikeDirectivesInAMacroArgumentQuery() { + //autogenerate `Query` type + result = + // `Query` type for `tokensThatLookLikeDirectivesInAMacroArgument` query + TQueryCPP(TImportMisra23PackageQuery(TTokensThatLookLikeDirectivesInAMacroArgumentQuery())) + } + + Query facilitiesProvidedByCsignalUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `facilitiesProvidedByCsignalUsed` query + TQueryCPP(TImportMisra23PackageQuery(TFacilitiesProvidedByCsignalUsedQuery())) + } + + Query atofAtoiAtolAndAtollFromCstdlibUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `atofAtoiAtolAndAtollFromCstdlibUsed` query + TQueryCPP(TImportMisra23PackageQuery(TAtofAtoiAtolAndAtollFromCstdlibUsedQuery())) + } + + Query macroOffsetShouldNotBeUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `macroOffsetShouldNotBeUsed` query + TQueryCPP(TImportMisra23PackageQuery(TMacroOffsetShouldNotBeUsedQuery())) + } + + Query defineBothSizedAndUnsizedVersionOfAGlobalOperatorQuery() { + //autogenerate `Query` type + result = + // `Query` type for `defineBothSizedAndUnsizedVersionOfAGlobalOperator` query + TQueryCPP(TImportMisra23PackageQuery(TDefineBothSizedAndUnsizedVersionOfAGlobalOperatorQuery())) + } + + Query pointerToAnIncompleteClassTypeDeletedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `pointerToAnIncompleteClassTypeDeleted` query + TQueryCPP(TImportMisra23PackageQuery(TPointerToAnIncompleteClassTypeDeletedQuery())) + } + + Query pointersReturnedByLocaleFunctionsMustBeUsedAsConstQuery() { + //autogenerate `Query` type + result = + // `Query` type for `pointersReturnedByLocaleFunctionsMustBeUsedAsConst` query + TQueryCPP(TImportMisra23PackageQuery(TPointersReturnedByLocaleFunctionsMustBeUsedAsConstQuery())) + } + + Query callToSetlocaleInvalidatesOldPointersMisraQuery() { + //autogenerate `Query` type + result = + // `Query` type for `callToSetlocaleInvalidatesOldPointersMisra` query + TQueryCPP(TImportMisra23PackageQuery(TCallToSetlocaleInvalidatesOldPointersMisraQuery())) + } + + Query callToSetlocaleInvalidatesOldPointersWarnMisraQuery() { + //autogenerate `Query` type + result = + // `Query` type for `callToSetlocaleInvalidatesOldPointersWarnMisra` query + TQueryCPP(TImportMisra23PackageQuery(TCallToSetlocaleInvalidatesOldPointersWarnMisraQuery())) + } + + Query vectorShouldNotBeSpecializedWithBoolQuery() { + //autogenerate `Query` type + result = + // `Query` type for `vectorShouldNotBeSpecializedWithBool` query + TQueryCPP(TImportMisra23PackageQuery(TVectorShouldNotBeSpecializedWithBoolQuery())) + } + + Query forwardingReferencesAndForwardNotUsedTogetherQuery() { + //autogenerate `Query` type + result = + // `Query` type for `forwardingReferencesAndForwardNotUsedTogether` query + TQueryCPP(TImportMisra23PackageQuery(TForwardingReferencesAndForwardNotUsedTogetherQuery())) + } + + Query objectUsedWhileInPotentiallyMovedFromStateQuery() { + //autogenerate `Query` type + result = + // `Query` type for `objectUsedWhileInPotentiallyMovedFromState` query + TQueryCPP(TImportMisra23PackageQuery(TObjectUsedWhileInPotentiallyMovedFromStateQuery())) + } + + Query cLibraryInputoutputFunctionsUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `cLibraryInputoutputFunctionsUsed` query + TQueryCPP(TImportMisra23PackageQuery(TCLibraryInputoutputFunctionsUsedQuery())) + } + + Query readsAndWritesOnStreamNotSeparatedByPositioningQuery() { + //autogenerate `Query` type + result = + // `Query` type for `readsAndWritesOnStreamNotSeparatedByPositioning` query + TQueryCPP(TImportMisra23PackageQuery(TReadsAndWritesOnStreamNotSeparatedByPositioningQuery())) + } + + Query operationsOnMemoryNotSequencedAppropriatelyQuery() { + //autogenerate `Query` type + result = + // `Query` type for `operationsOnMemoryNotSequencedAppropriately` query + TQueryCPP(TImportMisra23PackageQuery(TOperationsOnMemoryNotSequencedAppropriatelyQuery())) + } + + Query characterOnlyInEscapeSequenceOrUniversalCharNameQuery() { + //autogenerate `Query` type + result = + // `Query` type for `characterOnlyInEscapeSequenceOrUniversalCharName` query + TQueryCPP(TImportMisra23PackageQuery(TCharacterOnlyInEscapeSequenceOrUniversalCharNameQuery())) + } + + Query escapeSequencesAndUniversalCharNamesNotTerminatedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `escapeSequencesAndUniversalCharNamesNotTerminated` query + TQueryCPP(TImportMisra23PackageQuery(TEscapeSequencesAndUniversalCharNamesNotTerminatedQuery())) + } + + Query octalConstantsUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `octalConstantsUsed` query + TQueryCPP(TImportMisra23PackageQuery(TOctalConstantsUsedQuery())) + } + + Query unsignedIntegerLiteralsNotAppropriatelySuffixedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `unsignedIntegerLiteralsNotAppropriatelySuffixed` query + TQueryCPP(TImportMisra23PackageQuery(TUnsignedIntegerLiteralsNotAppropriatelySuffixedQuery())) + } + + Query lowercaseLUsedAsFirstCharacterInLiteralSuffixQuery() { + //autogenerate `Query` type + result = + // `Query` type for `lowercaseLUsedAsFirstCharacterInLiteralSuffix` query + TQueryCPP(TImportMisra23PackageQuery(TLowercaseLUsedAsFirstCharacterInLiteralSuffixQuery())) + } + + Query characterSequenceUsedWithinACStyleCommentQuery() { + //autogenerate `Query` type + result = + // `Query` type for `characterSequenceUsedWithinACStyleComment` query + TQueryCPP(TImportMisra23PackageQuery(TCharacterSequenceUsedWithinACStyleCommentQuery())) + } + + Query lineSplicingUsedInCommentsQuery() { + //autogenerate `Query` type + result = + // `Query` type for `lineSplicingUsedInComments` query + TQueryCPP(TImportMisra23PackageQuery(TLineSplicingUsedInCommentsQuery())) + } + + Query globalDeclarationsOnlyMainNamespaceOrExternCQuery() { + //autogenerate `Query` type + result = + // `Query` type for `globalDeclarationsOnlyMainNamespaceOrExternC` query + TQueryCPP(TImportMisra23PackageQuery(TGlobalDeclarationsOnlyMainNamespaceOrExternCQuery())) + } + + Query mainUsedOnlyForTheGlobalFunctionMainQuery() { + //autogenerate `Query` type + result = + // `Query` type for `mainUsedOnlyForTheGlobalFunctionMain` query + TQueryCPP(TImportMisra23PackageQuery(TMainUsedOnlyForTheGlobalFunctionMainQuery())) + } + + Query oneDefinitionRuleViolatedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `oneDefinitionRuleViolated` query + TQueryCPP(TImportMisra23PackageQuery(TOneDefinitionRuleViolatedQuery())) + } + + Query variableDeclaredInInnerScopeHidesOuterScopeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `variableDeclaredInInnerScopeHidesOuterScope` query + TQueryCPP(TImportMisra23PackageQuery(TVariableDeclaredInInnerScopeHidesOuterScopeQuery())) + } + + Query derivedClasseConcealFunctionInheritedFromTheBaseQuery() { + //autogenerate `Query` type + result = + // `Query` type for `derivedClasseConcealFunctionInheritedFromTheBase` query + TQueryCPP(TImportMisra23PackageQuery(TDerivedClasseConcealFunctionInheritedFromTheBaseQuery())) + } + + Query nameInDependentBaseResolvedByUnqualifiedLookupQuery() { + //autogenerate `Query` type + result = + // `Query` type for `nameInDependentBaseResolvedByUnqualifiedLookup` query + TQueryCPP(TImportMisra23PackageQuery(TNameInDependentBaseResolvedByUnqualifiedLookupQuery())) + } + + Query objectAccessedBeforeLifetimeMisraQuery() { + //autogenerate `Query` type + result = + // `Query` type for `objectAccessedBeforeLifetimeMisra` query + TQueryCPP(TImportMisra23PackageQuery(TObjectAccessedBeforeLifetimeMisraQuery())) + } + + Query objectAccessedAfterLifetimeMisraQuery() { + //autogenerate `Query` type + result = + // `Query` type for `objectAccessedAfterLifetimeMisra` query + TQueryCPP(TImportMisra23PackageQuery(TObjectAccessedAfterLifetimeMisraQuery())) + } + + Query mustNotReturnReferenceToLocalAutomaticVariableQuery() { + //autogenerate `Query` type + result = + // `Query` type for `mustNotReturnReferenceToLocalAutomaticVariable` query + TQueryCPP(TImportMisra23PackageQuery(TMustNotReturnReferenceToLocalAutomaticVariableQuery())) + } + + Query nullptrNotTheOnlyFormOfTheNullPointerConstantQuery() { + //autogenerate `Query` type + result = + // `Query` type for `nullptrNotTheOnlyFormOfTheNullPointerConstant` query + TQueryCPP(TImportMisra23PackageQuery(TNullptrNotTheOnlyFormOfTheNullPointerConstantQuery())) + } + + Query arrayPassedAsFunctionArgumentDecayToAPointerQuery() { + //autogenerate `Query` type + result = + // `Query` type for `arrayPassedAsFunctionArgumentDecayToAPointer` query + TQueryCPP(TImportMisra23PackageQuery(TArrayPassedAsFunctionArgumentDecayToAPointerQuery())) + } + + Query resultOfAnAssignmentOperatorShouldNotBeUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `resultOfAnAssignmentOperatorShouldNotBeUsed` query + TQueryCPP(TImportMisra23PackageQuery(TResultOfAnAssignmentOperatorShouldNotBeUsedQuery())) + } + + Query commaOperatorShouldNotBeUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `commaOperatorShouldNotBeUsed` query + TQueryCPP(TImportMisra23PackageQuery(TCommaOperatorShouldNotBeUsedQuery())) + } + + Query functionsCallThemselvesEitherDirectlyOrIndirectlyQuery() { + //autogenerate `Query` type + result = + // `Query` type for `functionsCallThemselvesEitherDirectlyOrIndirectly` query + TQueryCPP(TImportMisra23PackageQuery(TFunctionsCallThemselvesEitherDirectlyOrIndirectlyQuery())) + } + + Query castRemovesConstOrVolatileFromPointerOrReferenceQuery() { + //autogenerate `Query` type + result = + // `Query` type for `castRemovesConstOrVolatileFromPointerOrReference` query + TQueryCPP(TImportMisra23PackageQuery(TCastRemovesConstOrVolatileFromPointerOrReferenceQuery())) + } + + Query castsBetweenAPointerToFunctionAndAnyOtherTypeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `castsBetweenAPointerToFunctionAndAnyOtherType` query + TQueryCPP(TImportMisra23PackageQuery(TCastsBetweenAPointerToFunctionAndAnyOtherTypeQuery())) + } + + Query reinterpretCastShallNotBeUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `reinterpretCastShallNotBeUsed` query + TQueryCPP(TImportMisra23PackageQuery(TReinterpretCastShallNotBeUsedQuery())) + } + + Query unsignedOperationWithConstantOperandsShouldNotWrapQuery() { + //autogenerate `Query` type + result = + // `Query` type for `unsignedOperationWithConstantOperandsShouldNotWrap` query + TQueryCPP(TImportMisra23PackageQuery(TUnsignedOperationWithConstantOperandsShouldNotWrapQuery())) + } + + Query builtInOperatorAppliedToUnsignedExpressionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `builtInOperatorAppliedToUnsignedExpression` query + TQueryCPP(TImportMisra23PackageQuery(TBuiltInOperatorAppliedToUnsignedExpressionQuery())) + } + + Query bodyOfIterationOrSelectionStatementNotCompoundQuery() { + //autogenerate `Query` type + result = + // `Query` type for `bodyOfIterationOrSelectionStatementNotCompound` query + TQueryCPP(TImportMisra23PackageQuery(TBodyOfIterationOrSelectionStatementNotCompoundQuery())) + } + + Query ifElseIfEndConditionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `ifElseIfEndCondition` query + TQueryCPP(TImportMisra23PackageQuery(TIfElseIfEndConditionQuery())) + } + + Query gotoStatementShouldNotBeUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `gotoStatementShouldNotBeUsed` query + TQueryCPP(TImportMisra23PackageQuery(TGotoStatementShouldNotBeUsedQuery())) + } + + Query gotoShallReferenceALabelInSurroundingBlockQuery() { + //autogenerate `Query` type + result = + // `Query` type for `gotoShallReferenceALabelInSurroundingBlock` query + TQueryCPP(TImportMisra23PackageQuery(TGotoShallReferenceALabelInSurroundingBlockQuery())) + } + + Query gotoShallJumpToLabelDeclaredLaterInTheFunctionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `gotoShallJumpToLabelDeclaredLaterInTheFunction` query + TQueryCPP(TImportMisra23PackageQuery(TGotoShallJumpToLabelDeclaredLaterInTheFunctionQuery())) + } + + Query functionDeclaredWithTheNoreturnAttributeReturnQuery() { + //autogenerate `Query` type + result = + // `Query` type for `functionDeclaredWithTheNoreturnAttributeReturn` query + TQueryCPP(TImportMisra23PackageQuery(TFunctionDeclaredWithTheNoreturnAttributeReturnQuery())) + } + + Query nonVoidFunctionShallReturnAValueOnAllPathsQuery() { + //autogenerate `Query` type + result = + // `Query` type for `nonVoidFunctionShallReturnAValueOnAllPaths` query + TQueryCPP(TImportMisra23PackageQuery(TNonVoidFunctionShallReturnAValueOnAllPathsQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/RuleMetadata.qll index 8dfbf9feaa..4a6cbe936b 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/RuleMetadata.qll @@ -21,6 +21,7 @@ import Expressions import Freed import Functions import IO +import ImportMisra23 import Includes import Inheritance import Initialization @@ -74,6 +75,7 @@ newtype TCPPQuery = TFreedPackageQuery(FreedQuery q) or TFunctionsPackageQuery(FunctionsQuery q) or TIOPackageQuery(IOQuery q) or + TImportMisra23PackageQuery(ImportMisra23Query q) or TIncludesPackageQuery(IncludesQuery q) or TInheritancePackageQuery(InheritanceQuery q) or TInitializationPackageQuery(InitializationQuery q) or @@ -127,6 +129,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isFreedQueryMetadata(query, queryId, ruleId, category) or isFunctionsQueryMetadata(query, queryId, ruleId, category) or isIOQueryMetadata(query, queryId, ruleId, category) or + isImportMisra23QueryMetadata(query, queryId, ruleId, category) or isIncludesQueryMetadata(query, queryId, ruleId, category) or isInheritanceQueryMetadata(query, queryId, ruleId, category) or isInitializationQueryMetadata(query, queryId, ruleId, category) or diff --git a/cpp/misra/src/rules/DIR-5-7-2/SectionsOfCodeShouldNotBeCommentedOut.ql b/cpp/misra/src/rules/DIR-5-7-2/SectionsOfCodeShouldNotBeCommentedOut.ql new file mode 100644 index 0000000000..75eb48ec67 --- /dev/null +++ b/cpp/misra/src/rules/DIR-5-7-2/SectionsOfCodeShouldNotBeCommentedOut.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/sections-of-code-should-not-be-commented-out + * @name DIR-5-7-2: Sections of code should not be “commented out” + * @description + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/dir-5-7-2 + * maintainability + * readability + * correctness + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.sectionsofcodeshallnotbecommentedout.SectionsOfCodeShallNotBeCommentedOut + +class SectionsOfCodeShouldNotBeCommentedOutQuery extends SectionsOfCodeShallNotBeCommentedOutSharedQuery { + SectionsOfCodeShouldNotBeCommentedOutQuery() { + this = ImportMisra23Package::sectionsOfCodeShouldNotBeCommentedOutQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-11-3-2/DeclarationOfAnObjectIndirectionsLevel.ql b/cpp/misra/src/rules/RULE-11-3-2/DeclarationOfAnObjectIndirectionsLevel.ql new file mode 100644 index 0000000000..21293a632f --- /dev/null +++ b/cpp/misra/src/rules/RULE-11-3-2/DeclarationOfAnObjectIndirectionsLevel.ql @@ -0,0 +1,24 @@ +/** + * @id cpp/misra/declaration-of-an-object-indirections-level + * @name RULE-11-3-2: The declaration of an object should contain no more than two levels of pointer indirection + * @description + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-11-3-2 + * readability + * maintainability + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.donotusemorethantwolevelsofpointerindirection.DoNotUseMoreThanTwoLevelsOfPointerIndirection + +class DeclarationOfAnObjectIndirectionsLevelQuery extends DoNotUseMoreThanTwoLevelsOfPointerIndirectionSharedQuery { + DeclarationOfAnObjectIndirectionsLevelQuery() { + this = ImportMisra23Package::declarationOfAnObjectIndirectionsLevelQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-18-3-3/HandlersReferToNonStaticMembersFromTheirClass.ql b/cpp/misra/src/rules/RULE-18-3-3/HandlersReferToNonStaticMembersFromTheirClass.ql new file mode 100644 index 0000000000..81a5038151 --- /dev/null +++ b/cpp/misra/src/rules/RULE-18-3-3/HandlersReferToNonStaticMembersFromTheirClass.ql @@ -0,0 +1,24 @@ +/** + * @id cpp/misra/handlers-refer-to-non-static-members-from-their-class + * @name RULE-18-3-3: Handlers for a function-try-block of a constructor or destructor shall not refer to non-static + * @description Handlers for a function-try-block of a constructor or destructor shall not refer to + * non-static members from their class or its bases + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-18-3-3 + * correctness + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.destroyedvaluereferencedindestructorcatchblock.DestroyedValueReferencedInDestructorCatchBlock + +class HandlersReferToNonStaticMembersFromTheirClassQuery extends DestroyedValueReferencedInDestructorCatchBlockSharedQuery { + HandlersReferToNonStaticMembersFromTheirClassQuery() { + this = ImportMisra23Package::handlersReferToNonStaticMembersFromTheirClassQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-19-0-3/IncludeDirectivesPrecededByPreprocessorDirectives.ql b/cpp/misra/src/rules/RULE-19-0-3/IncludeDirectivesPrecededByPreprocessorDirectives.ql new file mode 100644 index 0000000000..e392630616 --- /dev/null +++ b/cpp/misra/src/rules/RULE-19-0-3/IncludeDirectivesPrecededByPreprocessorDirectives.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/include-directives-preceded-by-preprocessor-directives + * @name RULE-19-0-3: #include directives should only be preceded by preprocessor directives or comments + * @description + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-19-0-3 + * readability + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.preprocessorincludespreceded.PreprocessorIncludesPreceded + +class IncludeDirectivesPrecededByPreprocessorDirectivesQuery extends PreprocessorIncludesPrecededSharedQuery { + IncludeDirectivesPrecededByPreprocessorDirectivesQuery() { + this = ImportMisra23Package::includeDirectivesPrecededByPreprocessorDirectivesQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-19-1-3/IdentifiersUsedInTheControllingExpressionOf.ql b/cpp/misra/src/rules/RULE-19-1-3/IdentifiersUsedInTheControllingExpressionOf.ql new file mode 100644 index 0000000000..13b604911b --- /dev/null +++ b/cpp/misra/src/rules/RULE-19-1-3/IdentifiersUsedInTheControllingExpressionOf.ql @@ -0,0 +1,25 @@ +/** + * @id cpp/misra/identifiers-used-in-the-controlling-expression-of + * @name RULE-19-1-3: All identifiers used in the controlling expression of #if or #elif preprocessing directives shall be + * @description All identifiers used in the controlling expression of #if or #elif preprocessing + * directives shall be defined prior to evaluation + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-19-1-3 + * correctness + * readability + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.undefinedmacroidentifiers.UndefinedMacroIdentifiers + +class IdentifiersUsedInTheControllingExpressionOfQuery extends UndefinedMacroIdentifiersSharedQuery { + IdentifiersUsedInTheControllingExpressionOfQuery() { + this = ImportMisra23Package::identifiersUsedInTheControllingExpressionOfQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-19-2-3/CharsThatShouldNotOccurInHeaderFileName.ql b/cpp/misra/src/rules/RULE-19-2-3/CharsThatShouldNotOccurInHeaderFileName.ql new file mode 100644 index 0000000000..20a4912a28 --- /dev/null +++ b/cpp/misra/src/rules/RULE-19-2-3/CharsThatShouldNotOccurInHeaderFileName.ql @@ -0,0 +1,24 @@ +/** + * @id cpp/misra/chars-that-should-not-occur-in-header-file-name + * @name RULE-19-2-3: The ' or " or \ characters and the /* or // character sequences shall not occur in a header file + * @description The ' or " or \ characters and the /* or // character sequences shall not occur in a + * header file name + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-19-2-3 + * scope/single-translation-unit + * correctness + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.preprocessorincludesforbiddenheadernames.PreprocessorIncludesForbiddenHeaderNames + +class CharsThatShouldNotOccurInHeaderFileNameQuery extends PreprocessorIncludesForbiddenHeaderNamesSharedQuery { + CharsThatShouldNotOccurInHeaderFileNameQuery() { + this = ImportMisra23Package::charsThatShouldNotOccurInHeaderFileNameQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-19-3-1/AndPreprocessorOperatorsShouldNotBeUsed.ql b/cpp/misra/src/rules/RULE-19-3-1/AndPreprocessorOperatorsShouldNotBeUsed.ql new file mode 100644 index 0000000000..9b6430475e --- /dev/null +++ b/cpp/misra/src/rules/RULE-19-3-1/AndPreprocessorOperatorsShouldNotBeUsed.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/and-preprocessor-operators-should-not-be-used + * @name RULE-19-3-1: The # and ## preprocessor operators should not be used + * @description + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-19-3-1 + * correctness + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.hashoperatorsused.HashOperatorsUsed + +class AndPreprocessorOperatorsShouldNotBeUsedQuery extends HashOperatorsUsedSharedQuery { + AndPreprocessorOperatorsShouldNotBeUsedQuery() { + this = ImportMisra23Package::andPreprocessorOperatorsShouldNotBeUsedQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-19-3-5/TokensThatLookLikeDirectivesInAMacroArgument.ql b/cpp/misra/src/rules/RULE-19-3-5/TokensThatLookLikeDirectivesInAMacroArgument.ql new file mode 100644 index 0000000000..3e553d0397 --- /dev/null +++ b/cpp/misra/src/rules/RULE-19-3-5/TokensThatLookLikeDirectivesInAMacroArgument.ql @@ -0,0 +1,24 @@ +/** + * @id cpp/misra/tokens-that-look-like-directives-in-a-macro-argument + * @name RULE-19-3-5: Tokens that look like a preprocessing directive shall not occur within a macro argument + * @description + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-19-3-5 + * readability + * correctness + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.preprocessingdirectivewithinmacroargument.PreprocessingDirectiveWithinMacroArgument + +class TokensThatLookLikeDirectivesInAMacroArgumentQuery extends PreprocessingDirectiveWithinMacroArgumentSharedQuery { + TokensThatLookLikeDirectivesInAMacroArgumentQuery() { + this = ImportMisra23Package::tokensThatLookLikeDirectivesInAMacroArgumentQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-21-6-5/PointerToAnIncompleteClassTypeDeleted.ql b/cpp/misra/src/rules/RULE-21-6-5/PointerToAnIncompleteClassTypeDeleted.ql new file mode 100644 index 0000000000..0d2de4deae --- /dev/null +++ b/cpp/misra/src/rules/RULE-21-6-5/PointerToAnIncompleteClassTypeDeleted.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/pointer-to-an-incomplete-class-type-deleted + * @name RULE-21-6-5: A pointer to an incomplete class type shall not be deleted + * @description + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-21-6-5 + * correctness + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.deleteofpointertoincompleteclass.DeleteOfPointerToIncompleteClass + +class PointerToAnIncompleteClassTypeDeletedQuery extends DeleteOfPointerToIncompleteClassSharedQuery { + PointerToAnIncompleteClassTypeDeletedQuery() { + this = ImportMisra23Package::pointerToAnIncompleteClassTypeDeletedQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-25-5-2/PointersReturnedByLocaleFunctionsMustBeUsedAsConst.ql b/cpp/misra/src/rules/RULE-25-5-2/PointersReturnedByLocaleFunctionsMustBeUsedAsConst.ql new file mode 100644 index 0000000000..8fbb7d4d42 --- /dev/null +++ b/cpp/misra/src/rules/RULE-25-5-2/PointersReturnedByLocaleFunctionsMustBeUsedAsConst.ql @@ -0,0 +1,26 @@ +/** + * @id cpp/misra/pointers-returned-by-locale-functions-must-be-used-as-const + * @name RULE-25-5-2: The pointers returned by environment functions should be treated as const + * @description The pointers returned by the C++ Standard Library functions localeconv, getenv, + * setlocale or strerror must only be used as if they have pointer to const-qualified + * type + * @kind path-problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-25-5-2 + * correctness + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/mandatory + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.constlikereturnvalue.ConstLikeReturnValue + +class PointersReturnedByLocaleFunctionsMustBeUsedAsConstQuery extends ConstLikeReturnValueSharedQuery +{ + PointersReturnedByLocaleFunctionsMustBeUsedAsConstQuery() { + this = ImportMisra23Package::pointersReturnedByLocaleFunctionsMustBeUsedAsConstQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersMisra.ql b/cpp/misra/src/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersMisra.ql new file mode 100644 index 0000000000..58edb5e60f --- /dev/null +++ b/cpp/misra/src/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersMisra.ql @@ -0,0 +1,25 @@ +/** + * @id cpp/misra/call-to-setlocale-invalidates-old-pointers-misra + * @name RULE-25-5-3: The pointer returned by the Standard Library env functions is invalid + * @description The pointer returned by the Standard Library functions asctime, ctime, gmtime, + * localtime, localeconv, getenv, setlocale or strerror may be invalid following a + * subsequent call to the same function. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-25-5-3 + * correctness + * scope/system + * external/misra/enforcement/undecidable + * external/misra/obligation/mandatory + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.invalidatedenvstringpointers.InvalidatedEnvStringPointers + +class CallToSetlocaleInvalidatesOldPointersMisraQuery extends InvalidatedEnvStringPointersSharedQuery { + CallToSetlocaleInvalidatesOldPointersMisraQuery() { + this = ImportMisra23Package::callToSetlocaleInvalidatesOldPointersMisraQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersWarnMisra.ql b/cpp/misra/src/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersWarnMisra.ql new file mode 100644 index 0000000000..2b4b08bd98 --- /dev/null +++ b/cpp/misra/src/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersWarnMisra.ql @@ -0,0 +1,25 @@ +/** + * @id cpp/misra/call-to-setlocale-invalidates-old-pointers-warn-misra + * @name RULE-25-5-3: The pointer returned by the Standard Library env functions is invalid warning + * @description The pointer returned by the Standard Library functions asctime, ctime, gmtime, + * localtime, localeconv, getenv, setlocale or strerror may be invalid following a + * subsequent call to the same function. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/misra/id/rule-25-5-3 + * correctness + * scope/system + * external/misra/enforcement/undecidable + * external/misra/obligation/mandatory + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.invalidatedenvstringpointerswarn.InvalidatedEnvStringPointersWarn + +class CallToSetlocaleInvalidatesOldPointersWarnMisraQuery extends InvalidatedEnvStringPointersWarnSharedQuery { + CallToSetlocaleInvalidatesOldPointersWarnMisraQuery() { + this = ImportMisra23Package::callToSetlocaleInvalidatesOldPointersWarnMisraQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-28-6-3/ObjectUsedWhileInPotentiallyMovedFromState.ql b/cpp/misra/src/rules/RULE-28-6-3/ObjectUsedWhileInPotentiallyMovedFromState.ql new file mode 100644 index 0000000000..416daa9c07 --- /dev/null +++ b/cpp/misra/src/rules/RULE-28-6-3/ObjectUsedWhileInPotentiallyMovedFromState.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/object-used-while-in-potentially-moved-from-state + * @name RULE-28-6-3: An object shall not be used while in a potentially moved-from state + * @description + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-28-6-3 + * correctness + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.movedfromobjectsunspecifiedstate.MovedFromObjectsUnspecifiedState + +class ObjectUsedWhileInPotentiallyMovedFromStateQuery extends MovedFromObjectsUnspecifiedStateSharedQuery { + ObjectUsedWhileInPotentiallyMovedFromStateQuery() { + this = ImportMisra23Package::objectUsedWhileInPotentiallyMovedFromStateQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-30-0-2/ReadsAndWritesOnStreamNotSeparatedByPositioning.ql b/cpp/misra/src/rules/RULE-30-0-2/ReadsAndWritesOnStreamNotSeparatedByPositioning.ql new file mode 100644 index 0000000000..a209347915 --- /dev/null +++ b/cpp/misra/src/rules/RULE-30-0-2/ReadsAndWritesOnStreamNotSeparatedByPositioning.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/reads-and-writes-on-stream-not-separated-by-positioning + * @name RULE-30-0-2: Reads and writes on the same file stream shall be separated by a positioning operation + * @description + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-30-0-2 + * correctness + * scope/system + * external/misra/enforcement/undecidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.iofstreammissingpositioning.IOFstreamMissingPositioning + +class ReadsAndWritesOnStreamNotSeparatedByPositioningQuery extends IOFstreamMissingPositioningSharedQuery { + ReadsAndWritesOnStreamNotSeparatedByPositioningQuery() { + this = ImportMisra23Package::readsAndWritesOnStreamNotSeparatedByPositioningQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-6-2-1/OneDefinitionRuleViolated.ql b/cpp/misra/src/rules/RULE-6-2-1/OneDefinitionRuleViolated.ql new file mode 100644 index 0000000000..b682c354a5 --- /dev/null +++ b/cpp/misra/src/rules/RULE-6-2-1/OneDefinitionRuleViolated.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/one-definition-rule-violated + * @name RULE-6-2-1: The one-definition rule shall not be violated + * @description + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-6-2-1 + * correctness + * scope/system + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.onedefinitionruleviolation.OneDefinitionRuleViolation + +class OneDefinitionRuleViolatedQuery extends OneDefinitionRuleViolationSharedQuery { + OneDefinitionRuleViolatedQuery() { + this = ImportMisra23Package::oneDefinitionRuleViolatedQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-6-4-1/VariableDeclaredInInnerScopeHidesOuterScope.ql b/cpp/misra/src/rules/RULE-6-4-1/VariableDeclaredInInnerScopeHidesOuterScope.ql new file mode 100644 index 0000000000..1813ebc77a --- /dev/null +++ b/cpp/misra/src/rules/RULE-6-4-1/VariableDeclaredInInnerScopeHidesOuterScope.ql @@ -0,0 +1,24 @@ +/** + * @id cpp/misra/variable-declared-in-inner-scope-hides-outer-scope + * @name RULE-6-4-1: A variable declared in an inner scope shall not hide a variable declared in an outer scope + * @description + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-6-4-1 + * readability + * maintainability + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.identifierhidden.IdentifierHidden + +class VariableDeclaredInInnerScopeHidesOuterScopeQuery extends IdentifierHiddenSharedQuery { + VariableDeclaredInInnerScopeHidesOuterScopeQuery() { + this = ImportMisra23Package::variableDeclaredInInnerScopeHidesOuterScopeQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-6-8-1/ObjectAccessedAfterLifetimeMisra.ql b/cpp/misra/src/rules/RULE-6-8-1/ObjectAccessedAfterLifetimeMisra.ql new file mode 100644 index 0000000000..77483fdedb --- /dev/null +++ b/cpp/misra/src/rules/RULE-6-8-1/ObjectAccessedAfterLifetimeMisra.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/object-accessed-after-lifetime-misra + * @name RULE-6-8-1: Access of object after lifetime (use-after-free) + * @description Accessing an object after its lifetime results in undefined behavior. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/misra/id/rule-6-8-1 + * correctness + * security + * external/misra/enforcement/undecidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.objectaccessedafterlifetime.ObjectAccessedAfterLifetime + +class ObjectAccessedAfterLifetimeMisraQuery extends ObjectAccessedAfterLifetimeSharedQuery { + ObjectAccessedAfterLifetimeMisraQuery() { + this = ImportMisra23Package::objectAccessedAfterLifetimeMisraQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-6-8-1/ObjectAccessedBeforeLifetimeMisra.ql b/cpp/misra/src/rules/RULE-6-8-1/ObjectAccessedBeforeLifetimeMisra.ql new file mode 100644 index 0000000000..e0e82f2396 --- /dev/null +++ b/cpp/misra/src/rules/RULE-6-8-1/ObjectAccessedBeforeLifetimeMisra.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/object-accessed-before-lifetime-misra + * @name RULE-6-8-1: Access of uninitialized object + * @description Accessing an object before its lifetime can result in undefined behavior. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/misra/id/rule-6-8-1 + * correctness + * security + * external/misra/enforcement/undecidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.objectaccessedbeforelifetime.ObjectAccessedBeforeLifetime + +class ObjectAccessedBeforeLifetimeMisraQuery extends ObjectAccessedBeforeLifetimeSharedQuery { + ObjectAccessedBeforeLifetimeMisraQuery() { + this = ImportMisra23Package::objectAccessedBeforeLifetimeMisraQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-8-2-3/CastRemovesConstOrVolatileFromPointerOrReference.ql b/cpp/misra/src/rules/RULE-8-2-3/CastRemovesConstOrVolatileFromPointerOrReference.ql new file mode 100644 index 0000000000..0c2e56b5bd --- /dev/null +++ b/cpp/misra/src/rules/RULE-8-2-3/CastRemovesConstOrVolatileFromPointerOrReference.ql @@ -0,0 +1,24 @@ +/** + * @id cpp/misra/cast-removes-const-or-volatile-from-pointer-or-reference + * @name RULE-8-2-3: A cast shall not remove any const or volatile qualification from the type accessed via a pointer or + * @description A cast shall not remove any const or volatile qualification from the type accessed + * via a pointer or by reference + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-8-2-3 + * correctness + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.removeconstorvolatilequalification.RemoveConstOrVolatileQualification + +class CastRemovesConstOrVolatileFromPointerOrReferenceQuery extends RemoveConstOrVolatileQualificationSharedQuery { + CastRemovesConstOrVolatileFromPointerOrReferenceQuery() { + this = ImportMisra23Package::castRemovesConstOrVolatileFromPointerOrReferenceQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-9-4-1/IfElseIfEndCondition.ql b/cpp/misra/src/rules/RULE-9-4-1/IfElseIfEndCondition.ql new file mode 100644 index 0000000000..2345e3f25f --- /dev/null +++ b/cpp/misra/src/rules/RULE-9-4-1/IfElseIfEndCondition.ql @@ -0,0 +1,24 @@ +/** + * @id cpp/misra/if-else-if-end-condition + * @name RULE-9-4-1: All if + * @description All if ... else if constructs shall be terminated with an else statement + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-9-4-1 + * readability + * maintainability + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.ifelseterminationconstruct.IfElseTerminationConstruct + +class IfElseIfEndConditionQuery extends IfElseTerminationConstructSharedQuery { + IfElseIfEndConditionQuery() { + this = ImportMisra23Package::ifElseIfEndConditionQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-9-6-3/GotoShallJumpToLabelDeclaredLaterInTheFunction.ql b/cpp/misra/src/rules/RULE-9-6-3/GotoShallJumpToLabelDeclaredLaterInTheFunction.ql new file mode 100644 index 0000000000..c0e5e0fe83 --- /dev/null +++ b/cpp/misra/src/rules/RULE-9-6-3/GotoShallJumpToLabelDeclaredLaterInTheFunction.ql @@ -0,0 +1,24 @@ +/** + * @id cpp/misra/goto-shall-jump-to-label-declared-later-in-the-function + * @name RULE-9-6-3: The goto statement shall jump to a label declared later in the function body + * @description + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-9-6-3 + * maintainability + * readability + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.gotostatementcondition.GotoStatementCondition + +class GotoShallJumpToLabelDeclaredLaterInTheFunctionQuery extends GotoStatementConditionSharedQuery { + GotoShallJumpToLabelDeclaredLaterInTheFunctionQuery() { + this = ImportMisra23Package::gotoShallJumpToLabelDeclaredLaterInTheFunctionQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-9-6-4/FunctionDeclaredWithTheNoreturnAttributeReturn.ql b/cpp/misra/src/rules/RULE-9-6-4/FunctionDeclaredWithTheNoreturnAttributeReturn.ql new file mode 100644 index 0000000000..23221348c0 --- /dev/null +++ b/cpp/misra/src/rules/RULE-9-6-4/FunctionDeclaredWithTheNoreturnAttributeReturn.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/function-declared-with-the-noreturn-attribute-return + * @name RULE-9-6-4: A function declared with the [[noreturn]] attribute shall not return + * @description + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-9-6-4 + * correctness + * scope/system + * external/misra/enforcement/undecidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.functionnoreturnattributecondition.FunctionNoReturnAttributeCondition + +class FunctionDeclaredWithTheNoreturnAttributeReturnQuery extends FunctionNoReturnAttributeConditionSharedQuery { + FunctionDeclaredWithTheNoreturnAttributeReturnQuery() { + this = ImportMisra23Package::functionDeclaredWithTheNoreturnAttributeReturnQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-9-6-5/NonVoidFunctionShallReturnAValueOnAllPaths.ql b/cpp/misra/src/rules/RULE-9-6-5/NonVoidFunctionShallReturnAValueOnAllPaths.ql new file mode 100644 index 0000000000..74802bcee9 --- /dev/null +++ b/cpp/misra/src/rules/RULE-9-6-5/NonVoidFunctionShallReturnAValueOnAllPaths.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/non-void-function-shall-return-a-value-on-all-paths + * @name RULE-9-6-5: A function with non-void return type shall return a value on all paths + * @description + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-9-6-5 + * correctness + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.nonvoidfunctiondoesnotreturn.NonVoidFunctionDoesNotReturn + +class NonVoidFunctionShallReturnAValueOnAllPathsQuery extends NonVoidFunctionDoesNotReturnSharedQuery { + NonVoidFunctionShallReturnAValueOnAllPathsQuery() { + this = ImportMisra23Package::nonVoidFunctionShallReturnAValueOnAllPathsQuery() + } +} diff --git a/cpp/misra/test/rules/DIR-5-7-2/SectionsOfCodeShouldNotBeCommentedOut.testref b/cpp/misra/test/rules/DIR-5-7-2/SectionsOfCodeShouldNotBeCommentedOut.testref new file mode 100644 index 0000000000..303a38a19b --- /dev/null +++ b/cpp/misra/test/rules/DIR-5-7-2/SectionsOfCodeShouldNotBeCommentedOut.testref @@ -0,0 +1 @@ +cpp/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-11-3-2/DeclarationOfAnObjectIndirectionsLevel.testref b/cpp/misra/test/rules/RULE-11-3-2/DeclarationOfAnObjectIndirectionsLevel.testref new file mode 100644 index 0000000000..3b46dca736 --- /dev/null +++ b/cpp/misra/test/rules/RULE-11-3-2/DeclarationOfAnObjectIndirectionsLevel.testref @@ -0,0 +1 @@ +cpp/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-18-3-3/HandlersReferToNonStaticMembersFromTheirClass.testref b/cpp/misra/test/rules/RULE-18-3-3/HandlersReferToNonStaticMembersFromTheirClass.testref new file mode 100644 index 0000000000..7d4f5826b0 --- /dev/null +++ b/cpp/misra/test/rules/RULE-18-3-3/HandlersReferToNonStaticMembersFromTheirClass.testref @@ -0,0 +1 @@ +cpp/common/test/rules/destroyedvaluereferencedindestructorcatchblock/DestroyedValueReferencedInDestructorCatchBlock.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-19-0-3/IncludeDirectivesPrecededByPreprocessorDirectives.testref b/cpp/misra/test/rules/RULE-19-0-3/IncludeDirectivesPrecededByPreprocessorDirectives.testref new file mode 100644 index 0000000000..7992898cfc --- /dev/null +++ b/cpp/misra/test/rules/RULE-19-0-3/IncludeDirectivesPrecededByPreprocessorDirectives.testref @@ -0,0 +1 @@ +cpp/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-19-1-3/IdentifiersUsedInTheControllingExpressionOf.testref b/cpp/misra/test/rules/RULE-19-1-3/IdentifiersUsedInTheControllingExpressionOf.testref new file mode 100644 index 0000000000..73eb246867 --- /dev/null +++ b/cpp/misra/test/rules/RULE-19-1-3/IdentifiersUsedInTheControllingExpressionOf.testref @@ -0,0 +1 @@ +cpp/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-19-2-3/CharsThatShouldNotOccurInHeaderFileName.testref b/cpp/misra/test/rules/RULE-19-2-3/CharsThatShouldNotOccurInHeaderFileName.testref new file mode 100644 index 0000000000..6be2f4f7ba --- /dev/null +++ b/cpp/misra/test/rules/RULE-19-2-3/CharsThatShouldNotOccurInHeaderFileName.testref @@ -0,0 +1 @@ +cpp/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-19-3-1/AndPreprocessorOperatorsShouldNotBeUsed.testref b/cpp/misra/test/rules/RULE-19-3-1/AndPreprocessorOperatorsShouldNotBeUsed.testref new file mode 100644 index 0000000000..eec0b94b11 --- /dev/null +++ b/cpp/misra/test/rules/RULE-19-3-1/AndPreprocessorOperatorsShouldNotBeUsed.testref @@ -0,0 +1 @@ +cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-19-3-5/TokensThatLookLikeDirectivesInAMacroArgument.testref b/cpp/misra/test/rules/RULE-19-3-5/TokensThatLookLikeDirectivesInAMacroArgument.testref new file mode 100644 index 0000000000..1e15c636ee --- /dev/null +++ b/cpp/misra/test/rules/RULE-19-3-5/TokensThatLookLikeDirectivesInAMacroArgument.testref @@ -0,0 +1 @@ +cpp/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-21-6-5/PointerToAnIncompleteClassTypeDeleted.testref b/cpp/misra/test/rules/RULE-21-6-5/PointerToAnIncompleteClassTypeDeleted.testref new file mode 100644 index 0000000000..3f4895b1c4 --- /dev/null +++ b/cpp/misra/test/rules/RULE-21-6-5/PointerToAnIncompleteClassTypeDeleted.testref @@ -0,0 +1 @@ +cpp/common/test/rules/deleteofpointertoincompleteclass/DeleteOfPointerToIncompleteClass.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-25-5-2/PointersReturnedByLocaleFunctionsMustBeUsedAsConst.testref b/cpp/misra/test/rules/RULE-25-5-2/PointersReturnedByLocaleFunctionsMustBeUsedAsConst.testref new file mode 100644 index 0000000000..febf2e9d50 --- /dev/null +++ b/cpp/misra/test/rules/RULE-25-5-2/PointersReturnedByLocaleFunctionsMustBeUsedAsConst.testref @@ -0,0 +1 @@ +cpp/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersMisra.testref b/cpp/misra/test/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersMisra.testref new file mode 100644 index 0000000000..74cb92bd88 --- /dev/null +++ b/cpp/misra/test/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersMisra.testref @@ -0,0 +1 @@ +cpp/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersWarnMisra.testref b/cpp/misra/test/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersWarnMisra.testref new file mode 100644 index 0000000000..1628a12aa9 --- /dev/null +++ b/cpp/misra/test/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersWarnMisra.testref @@ -0,0 +1 @@ +cpp/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-28-6-3/ObjectUsedWhileInPotentiallyMovedFromState.testref b/cpp/misra/test/rules/RULE-28-6-3/ObjectUsedWhileInPotentiallyMovedFromState.testref new file mode 100644 index 0000000000..5ae8b65a71 --- /dev/null +++ b/cpp/misra/test/rules/RULE-28-6-3/ObjectUsedWhileInPotentiallyMovedFromState.testref @@ -0,0 +1 @@ +cpp/common/test/rules/movedfromobjectsunspecifiedstate/MovedFromObjectsUnspecifiedState.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-30-0-2/ReadsAndWritesOnStreamNotSeparatedByPositioning.testref b/cpp/misra/test/rules/RULE-30-0-2/ReadsAndWritesOnStreamNotSeparatedByPositioning.testref new file mode 100644 index 0000000000..0a8adf7272 --- /dev/null +++ b/cpp/misra/test/rules/RULE-30-0-2/ReadsAndWritesOnStreamNotSeparatedByPositioning.testref @@ -0,0 +1 @@ +cpp/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-6-2-1/OneDefinitionRuleViolated.testref b/cpp/misra/test/rules/RULE-6-2-1/OneDefinitionRuleViolated.testref new file mode 100644 index 0000000000..b51950abaa --- /dev/null +++ b/cpp/misra/test/rules/RULE-6-2-1/OneDefinitionRuleViolated.testref @@ -0,0 +1 @@ +cpp/common/test/rules/onedefinitionruleviolation/OneDefinitionRuleViolation.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-6-4-1/VariableDeclaredInInnerScopeHidesOuterScope.testref b/cpp/misra/test/rules/RULE-6-4-1/VariableDeclaredInInnerScopeHidesOuterScope.testref new file mode 100644 index 0000000000..2f41afee3b --- /dev/null +++ b/cpp/misra/test/rules/RULE-6-4-1/VariableDeclaredInInnerScopeHidesOuterScope.testref @@ -0,0 +1 @@ +cpp/common/test/rules/identifierhidden/IdentifierHidden.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-6-8-1/ObjectAccessedAfterLifetimeMisra.testref b/cpp/misra/test/rules/RULE-6-8-1/ObjectAccessedAfterLifetimeMisra.testref new file mode 100644 index 0000000000..979e12ac8c --- /dev/null +++ b/cpp/misra/test/rules/RULE-6-8-1/ObjectAccessedAfterLifetimeMisra.testref @@ -0,0 +1 @@ +cpp/common/test/rules/objectaccessedafterlifetime/ObjectAccessedAfterLifetime.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-6-8-1/ObjectAccessedBeforeLifetimeMisra.testref b/cpp/misra/test/rules/RULE-6-8-1/ObjectAccessedBeforeLifetimeMisra.testref new file mode 100644 index 0000000000..3f22c45632 --- /dev/null +++ b/cpp/misra/test/rules/RULE-6-8-1/ObjectAccessedBeforeLifetimeMisra.testref @@ -0,0 +1 @@ +cpp/common/test/rules/objectaccessedbeforelifetime/ObjectAccessedBeforeLifetime.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-8-2-3/CastRemovesConstOrVolatileFromPointerOrReference.testref b/cpp/misra/test/rules/RULE-8-2-3/CastRemovesConstOrVolatileFromPointerOrReference.testref new file mode 100644 index 0000000000..000469493a --- /dev/null +++ b/cpp/misra/test/rules/RULE-8-2-3/CastRemovesConstOrVolatileFromPointerOrReference.testref @@ -0,0 +1 @@ +cpp/common/test/rules/removeconstorvolatilequalification/RemoveConstOrVolatileQualification.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-9-4-1/IfElseIfEndCondition.testref b/cpp/misra/test/rules/RULE-9-4-1/IfElseIfEndCondition.testref new file mode 100644 index 0000000000..d7ca04a26e --- /dev/null +++ b/cpp/misra/test/rules/RULE-9-4-1/IfElseIfEndCondition.testref @@ -0,0 +1 @@ +cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-9-6-3/GotoShallJumpToLabelDeclaredLaterInTheFunction.testref b/cpp/misra/test/rules/RULE-9-6-3/GotoShallJumpToLabelDeclaredLaterInTheFunction.testref new file mode 100644 index 0000000000..b4f807e8e2 --- /dev/null +++ b/cpp/misra/test/rules/RULE-9-6-3/GotoShallJumpToLabelDeclaredLaterInTheFunction.testref @@ -0,0 +1 @@ +cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-9-6-4/FunctionDeclaredWithTheNoreturnAttributeReturn.testref b/cpp/misra/test/rules/RULE-9-6-4/FunctionDeclaredWithTheNoreturnAttributeReturn.testref new file mode 100644 index 0000000000..dec8006f15 --- /dev/null +++ b/cpp/misra/test/rules/RULE-9-6-4/FunctionDeclaredWithTheNoreturnAttributeReturn.testref @@ -0,0 +1 @@ +cpp/common/test/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-9-6-5/NonVoidFunctionShallReturnAValueOnAllPaths.testref b/cpp/misra/test/rules/RULE-9-6-5/NonVoidFunctionShallReturnAValueOnAllPaths.testref new file mode 100644 index 0000000000..ef9b3c1fc2 --- /dev/null +++ b/cpp/misra/test/rules/RULE-9-6-5/NonVoidFunctionShallReturnAValueOnAllPaths.testref @@ -0,0 +1 @@ +cpp/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql \ No newline at end of file diff --git a/rule_packages/cpp/ImportMisra23.json b/rule_packages/cpp/ImportMisra23.json new file mode 100644 index 0000000000..259e3f8a17 --- /dev/null +++ b/rule_packages/cpp/ImportMisra23.json @@ -0,0 +1,505 @@ +{ + "MISRA-C++-2023": { + "DIR-5-7-2": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "Sections of code should not be \u201ccommented out\u201d", + "precision": "very-high", + "severity": "error", + "short_name": "SectionsOfCodeShouldNotBeCommentedOut", + "shared_implementation_short_name": "SectionsOfCodeShallNotBeCommentedOut", + "tags": [ + "maintainability", + "readability", + "correctness" + ] + } + ], + "title": "Sections of code should not be \u201ccommented out\u201d" + }, + "RULE-6-2-1": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "The one-definition rule shall not be violated", + "precision": "very-high", + "severity": "error", + "short_name": "OneDefinitionRuleViolated", + "shared_implementation_short_name": "OneDefinitionRuleViolation", + "tags": [ + "correctness", + "scope/system" + ] + } + ], + "title": "The one-definition rule shall not be violated" + }, + "RULE-6-4-1": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "A variable declared in an inner scope shall not hide a variable declared in an outer scope", + "precision": "very-high", + "severity": "error", + "short_name": "VariableDeclaredInInnerScopeHidesOuterScope", + "shared_implementation_short_name": "IdentifierHidden", + "tags": [ + "readability", + "maintainability", + "scope/single-translation-unit" + ] + } + ], + "title": "A variable declared in an inner scope shall not hide a variable declared in an outer scope" + }, + "RULE-6-8-1": { + "properties": { + "enforcement": "undecidable", + "obligation": "required" + }, + "queries": [ + { + "description": "Accessing an object before its lifetime can result in undefined behavior.", + "kind": "problem", + "name": "Access of uninitialized object", + "precision": "high", + "severity": "error", + "shared_implementation_short_name": "ObjectAccessedBeforeLifetime", + "short_name": "ObjectAccessedBeforeLifetimeMisra", + "tags": [ + "correctness", + "security" + ] + }, + { + "description": "Accessing an object after its lifetime results in undefined behavior.", + "kind": "problem", + "name": "Access of object after lifetime (use-after-free)", + "precision": "high", + "severity": "error", + "shared_implementation_short_name": "ObjectAccessedAfterLifetime", + "short_name": "ObjectAccessedAfterLifetimeMisra", + "tags": [ + "correctness", + "security" + ] + } + ], + "title": "An object shall not be accessed outside of its lifetime" + }, + "RULE-8-2-3": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "A cast shall not remove any const or volatile qualification from the type accessed via a pointer or by reference", + "kind": "problem", + "name": "A cast shall not remove any const or volatile qualification from the type accessed via a pointer or", + "precision": "very-high", + "severity": "error", + "short_name": "CastRemovesConstOrVolatileFromPointerOrReference", + "shared_implementation_short_name": "RemoveConstOrVolatileQualification", + "tags": [ + "correctness", + "scope/single-translation-unit" + ] + } + ], + "title": "A cast shall not remove any const or volatile qualification from the type accessed via a pointer or by reference" + }, + "RULE-9-4-1": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "All if ... else if constructs shall be terminated with an else statement", + "kind": "problem", + "name": "All if ", + "precision": "very-high", + "severity": "error", + "short_name": "IfElseIfEndCondition", + "shared_implementation_short_name": "IfElseTerminationConstruct", + "tags": [ + "readability", + "maintainability", + "scope/single-translation-unit" + ] + } + ], + "title": "All if ... else if constructs shall be terminated with an else statement" + }, + "RULE-9-6-3": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "The goto statement shall jump to a label declared later in the function body", + "precision": "very-high", + "severity": "error", + "short_name": "GotoShallJumpToLabelDeclaredLaterInTheFunction", + "shared_implementation_short_name": "GotoStatementCondition", + "tags": [ + "maintainability", + "readability", + "scope/single-translation-unit" + ] + } + ], + "title": "The goto statement shall jump to a label declared later in the function body" + }, + "RULE-9-6-4": { + "properties": { + "enforcement": "undecidable", + "obligation": "required" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "A function declared with the [[noreturn]] attribute shall not return", + "precision": "very-high", + "severity": "error", + "short_name": "FunctionDeclaredWithTheNoreturnAttributeReturn", + "shared_implementation_short_name": "FunctionNoReturnAttributeCondition", + "tags": [ + "correctness", + "scope/system" + ] + } + ], + "title": "A function declared with the [[noreturn]] attribute shall not return" + }, + "RULE-9-6-5": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "A function with non-void return type shall return a value on all paths", + "precision": "very-high", + "severity": "error", + "short_name": "NonVoidFunctionShallReturnAValueOnAllPaths", + "shared_implementation_short_name": "NonVoidFunctionDoesNotReturn", + "tags": [ + "correctness", + "scope/single-translation-unit" + ] + } + ], + "title": "A function with non-void return type shall return a value on all paths" + }, + "RULE-11-3-2": { + "properties": { + "enforcement": "decidable", + "obligation": "advisory" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "The declaration of an object should contain no more than two levels of pointer indirection", + "precision": "very-high", + "severity": "error", + "short_name": "DeclarationOfAnObjectIndirectionsLevel", + "shared_implementation_short_name": "DoNotUseMoreThanTwoLevelsOfPointerIndirection", + "tags": [ + "readability", + "maintainability", + "scope/single-translation-unit" + ] + } + ], + "title": "The declaration of an object should contain no more than two levels of pointer indirection" + }, + "RULE-18-3-3": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "Handlers for a function-try-block of a constructor or destructor shall not refer to non-static members from their class or its bases", + "kind": "problem", + "name": "Handlers for a function-try-block of a constructor or destructor shall not refer to non-static", + "precision": "very-high", + "severity": "error", + "short_name": "HandlersReferToNonStaticMembersFromTheirClass", + "shared_implementation_short_name": "DestroyedValueReferencedInDestructorCatchBlock", + "tags": [ + "correctness", + "scope/single-translation-unit" + ] + } + ], + "title": "Handlers for a function-try-block of a constructor or destructor shall not refer to non-static members from their class or its bases" + }, + "RULE-19-0-3": { + "properties": { + "enforcement": "decidable", + "obligation": "advisory" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "#include directives should only be preceded by preprocessor directives or comments", + "precision": "very-high", + "severity": "error", + "short_name": "IncludeDirectivesPrecededByPreprocessorDirectives", + "shared_implementation_short_name": "PreprocessorIncludesPreceded", + "tags": [ + "readability", + "scope/single-translation-unit" + ] + } + ], + "title": "#include directives should only be preceded by preprocessor directives or comments" + }, + "RULE-19-1-3": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "All identifiers used in the controlling expression of #if or #elif preprocessing directives shall be defined prior to evaluation", + "kind": "problem", + "name": "All identifiers used in the controlling expression of #if or #elif preprocessing directives shall be", + "precision": "very-high", + "severity": "error", + "short_name": "IdentifiersUsedInTheControllingExpressionOf", + "shared_implementation_short_name": "UndefinedMacroIdentifiers", + "tags": [ + "correctness", + "readability", + "scope/single-translation-unit" + ] + } + ], + "title": "All identifiers used in the controlling expression of #if or #elif preprocessing directives shall be defined prior to evaluation" + }, + "RULE-19-2-3": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "The ' or \" or \\ characters and the /* or // character sequences shall not occur in a header file name", + "kind": "problem", + "name": "The ' or \" or \\ characters and the /* or // character sequences shall not occur in a header file", + "precision": "very-high", + "severity": "error", + "short_name": "CharsThatShouldNotOccurInHeaderFileName", + "shared_implementation_short_name": "PreprocessorIncludesForbiddenHeaderNames", + "tags": [ + "scope/single-translation-unit", + "correctness" + ], + "implementation_scope": { + "description": "This query identifies the use of the ', \\, /*, // characters in header file names. The query is not able to detect the use of the \" character in header file names.", + "items": [] + } + } + ], + "title": "The ' or \" or \\ characters and the /* or // character sequences shall not occur in a header file name" + }, + "RULE-19-3-1": { + "properties": { + "enforcement": "decidable", + "obligation": "advisory" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "The # and ## preprocessor operators should not be used", + "precision": "very-high", + "severity": "error", + "short_name": "AndPreprocessorOperatorsShouldNotBeUsed", + "shared_implementation_short_name": "HashOperatorsUsed", + "tags": [ + "correctness", + "scope/single-translation-unit" + ] + } + ], + "title": "The # and ## preprocessor operators should not be used" + }, + "RULE-19-3-5": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "Tokens that look like a preprocessing directive shall not occur within a macro argument", + "precision": "very-high", + "severity": "error", + "short_name": "TokensThatLookLikeDirectivesInAMacroArgument", + "shared_implementation_short_name": "PreprocessingDirectiveWithinMacroArgument", + "tags": [ + "readability", + "correctness", + "scope/single-translation-unit" + ] + } + ], + "title": "Tokens that look like a preprocessing directive shall not occur within a macro argument" + }, + "RULE-21-6-5": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "A pointer to an incomplete class type shall not be deleted", + "precision": "very-high", + "severity": "error", + "short_name": "PointerToAnIncompleteClassTypeDeleted", + "shared_implementation_short_name": "DeleteOfPointerToIncompleteClass", + "tags": [ + "correctness", + "scope/single-translation-unit" + ] + } + ], + "title": "A pointer to an incomplete class type shall not be deleted" + }, + "RULE-25-5-2": { + "properties": { + "enforcement": "decidable", + "obligation": "mandatory" + }, + "queries": [ + { + "description": "The pointers returned by the C++ Standard Library functions localeconv, getenv, setlocale or strerror must only be used as if they have pointer to const-qualified type", + "kind": "problem", + "name": "The pointers returned by environment functions should be treated as const", + "precision": "very-high", + "severity": "error", + "short_name": "PointersReturnedByLocaleFunctionsMustBeUsedAsConst", + "shared_implementation_short_name": "ConstLikeReturnValue", + "tags": [ + "correctness", + "scope/single-translation-unit" + ] + } + ], + "title": "The pointers returned by the C++ Standard Library functions localeconv, getenv, setlocale or strerror must only be used as if they have pointer to const-qualified type" + }, + "RULE-25-5-3": { + "properties": { + "enforcement": "undecidable", + "obligation": "mandatory" + }, + "queries": [ + { + "description": "The pointer returned by the Standard Library functions asctime, ctime, gmtime, localtime, localeconv, getenv, setlocale or strerror may be invalid following a subsequent call to the same function.", + "kind": "problem", + "name": "The pointer returned by the Standard Library env functions is invalid", + "precision": "very-high", + "severity": "error", + "short_name": "CallToSetlocaleInvalidatesOldPointersMisra", + "shared_implementation_short_name": "InvalidatedEnvStringPointers", + "tags": [ + "correctness", + "scope/system" + ] + }, + { + "description": "The pointer returned by the Standard Library functions asctime, ctime, gmtime, localtime, localeconv, getenv, setlocale or strerror may be invalid following a subsequent call to the same function.", + "kind": "problem", + "name": "The pointer returned by the Standard Library env functions is invalid warning", + "precision": "very-high", + "severity": "warning", + "short_name": "CallToSetlocaleInvalidatesOldPointersWarnMisra", + "shared_implementation_short_name": "InvalidatedEnvStringPointersWarn", + "tags": [ + "correctness", + "scope/system" + ] + } + ], + "title": "The pointer returned by the C++ Standard Library functions asctime, ctime, gmtime, localtime, localeconv, getenv, setlocale or strerror must not be used following a subsequent call to the same function" + }, + "RULE-28-6-3": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "An object shall not be used while in a potentially moved-from state", + "precision": "very-high", + "severity": "error", + "short_name": "ObjectUsedWhileInPotentiallyMovedFromState", + "shared_implementation_short_name": "MovedFromObjectsUnspecifiedState", + "tags": [ + "correctness", + "scope/single-translation-unit" + ] + } + ], + "title": "An object shall not be used while in a potentially moved-from state" + }, + "RULE-30-0-2": { + "properties": { + "enforcement": "undecidable", + "obligation": "required" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "Reads and writes on the same file stream shall be separated by a positioning operation", + "precision": "very-high", + "severity": "error", + "short_name": "ReadsAndWritesOnStreamNotSeparatedByPositioning", + "shared_implementation_short_name": "IOFstreamMissingPositioning", + "tags": [ + "correctness", + "scope/system" + ], + "implementation_scope": { + "description": "The rule is enforced in the context of a single function." + } + } + ], + "title": "Reads and writes on the same file stream shall be separated by a positioning operation" + } + } +} \ No newline at end of file diff --git a/rules.csv b/rules.csv index 913aa27282..239ac09023 100644 --- a/rules.csv +++ b/rules.csv @@ -511,7 +511,7 @@ c,CERT-C,ENV31-C,Yes,Rule,,,Do not rely on an environment pointer following an o c,CERT-C,ENV32-C,Yes,Rule,,,All exit handlers must return normally,,Contracts2,Medium, c,CERT-C,ENV33-C,Yes,Rule,,,Do not call system(),"RULE-21-21, M18-0-3",Banned,Easy, c,CERT-C,ENV34-C,Yes,Rule,,,Do not store pointers returned by certain functions,RULE-21-20,Contracts2,Medium, -c,CERT-C,ERR30-C,Yes,Rule,,,"Take care when reading errno",M19-3-1,Contracts4,Hard, +c,CERT-C,ERR30-C,Yes,Rule,,,Take care when reading errno,M19-3-1,Contracts4,Hard, c,CERT-C,ERR32-C,Yes,Rule,,,Do not rely on indeterminate values of errno,,Contracts5,Hard, c,CERT-C,ERR33-C,Yes,Rule,,,Detect and handle standard library errors,MEM52-CPP,Contracts5,Hard, c,CERT-C,ERR34-C,OutOfScope,Rule,,,Detect errors when converting a string to a number,,,, @@ -703,7 +703,7 @@ c,MISRA-C-2012,RULE-15-3,Yes,Required,,,"Any label referenced by a goto statemen c,MISRA-C-2012,RULE-15-4,Yes,Advisory,,,There should be no more than one break or goto statement used to terminate any iteration statement,,Statements2,Medium, c,MISRA-C-2012,RULE-15-5,Yes,Advisory,,,A function should have a single point of exit at the end,,Statements5,Medium, c,MISRA-C-2012,RULE-15-6,Yes,Required,,,The body of an iteration-statement or a selection-statement shall be a compund-statement,M6-3-1,Statements3,Import, -c,MISRA-C-2012,RULE-15-7,Yes,Required,,,All if / else if constructs shall be terminated with an else statement,M6-4-2,Statements3,Import, +c,MISRA-C-2012,RULE-15-7,Yes,Required,,,All if else if constructs shall be terminated with an else statement,M6-4-2,Statements3,Import, c,MISRA-C-2012,RULE-16-1,Yes,Required,,,All switch statements shall be well-formed,M6-4-3,Statements3,Import, c,MISRA-C-2012,RULE-16-2,Yes,Required,,,A switch label shall only be used when the most closely-enclosing compound statement is the body of a switch statement,M6-4-4,Statements1,Import, c,MISRA-C-2012,RULE-16-3,Yes,Required,,,An unconditional break statement shall terminate every switch-clause,M6-4-5,Statements1,Import, @@ -774,182 +774,182 @@ c,MISRA-C-2012,RULE-22-7,Yes,Required,,,The macro EOF shall only be compared wit c,MISRA-C-2012,RULE-22-8,Yes,Required,,,The value of errno shall be set to zero prior to a call to an errno-setting-function,ERR30-C,Contracts3,Medium, c,MISRA-C-2012,RULE-22-9,Yes,Required,,,The value of errno shall be tested against zero after calling an errno-setting-function,,Contracts3,Medium, c,MISRA-C-2012,RULE-22-10,Yes,Required,,,The value of errno shall only be tested when the last function to be called was an errno-setting-function,,Contracts3,Medium, -cpp,MISRA-C++-2023,RULE-0-0-1,Yes,Required,Decidable,Single Translation Unit,A function shall not contain unreachable statements,,,Medium, -cpp,MISRA-C++-2023,RULE-0-0-2,Yes,Advisory,Undecidable,System,Controlling expressions should not be invariant,,,Easy, -cpp,MISRA-C++-2023,RULE-0-1-1,Yes,Advisory,Undecidable,System,A value should not be unnecessarily written to a local object,,,Medium, -cpp,MISRA-C++-2023,RULE-0-1-2,Yes,Required,Decidable,Single Translation Unit,The value returned by a function shall be used,,,Easy, -cpp,MISRA-C++-2023,RULE-0-2-1,Yes,Advisory,Decidable,Single Translation Unit,Variables with limited visibility should be used at least once,,,Easy, -cpp,MISRA-C++-2023,RULE-0-2-2,Yes,Required,Decidable,Single Translation Unit,A named function parameter shall be used at least once,,,Easy, -cpp,MISRA-C++-2023,RULE-0-2-3,Yes,Advisory,Decidable,Single Translation Unit,Types with limited visibility should be used at least once,,,Easy, -cpp,MISRA-C++-2023,RULE-0-2-4,Yes,Advisory,Decidable,System,Functions with limited visibility should be used at least once,,,Easy, +cpp,MISRA-C++-2023,RULE-0-0-1,Yes,Required,Decidable,Single Translation Unit,A function shall not contain unreachable statements,M0-1-1,,Medium, +cpp,MISRA-C++-2023,RULE-0-0-2,Yes,Advisory,Undecidable,System,Controlling expressions should not be invariant,M0-1-2,,Easy, +cpp,MISRA-C++-2023,RULE-0-1-1,Yes,Advisory,Undecidable,System,A value should not be unnecessarily written to a local object,A0-1-1,,Medium, +cpp,MISRA-C++-2023,RULE-0-1-2,Yes,Required,Decidable,Single Translation Unit,The value returned by a function shall be used,A0-1-2,,Easy, +cpp,MISRA-C++-2023,RULE-0-2-1,Yes,Advisory,Decidable,Single Translation Unit,Variables with limited visibility should be used at least once,M0-1-3,,Easy, +cpp,MISRA-C++-2023,RULE-0-2-2,Yes,Required,Decidable,Single Translation Unit,A named function parameter shall be used at least once,"A0-1-4, A0-1-5",,Easy, +cpp,MISRA-C++-2023,RULE-0-2-3,Yes,Advisory,Decidable,Single Translation Unit,Types with limited visibility should be used at least once,A0-1-6,,Easy, +cpp,MISRA-C++-2023,RULE-0-2-4,Yes,Advisory,Decidable,System,Functions with limited visibility should be used at least once,A0-1-3,,Easy, cpp,MISRA-C++-2023,DIR-0-3-1,Yes,Advisory,,,Floating-point arithmetic should be used appropriately,,,Hard, cpp,MISRA-C++-2023,DIR-0-3-2,Yes,Required,,,A function call shall not violate the function’s preconditions,,,Hard, cpp,MISRA-C++-2023,RULE-4-1-1,Yes,Required,Undecidable,System,A program shall conform to ISO/IEC 14882:2017 (C++17),,,Hard, cpp,MISRA-C++-2023,RULE-4-1-2,Yes,Advisory,Decidable,Single Translation Unit,Deprecated features should not be used,,,Very Hard, cpp,MISRA-C++-2023,RULE-4-1-3,Yes,Required,Undecidable,System,There shall be no occurrence of undefined or critical unspecified behaviour,,,Very Hard, -cpp,MISRA-C++-2023,RULE-4-6-1,Yes,Required,Undecidable,System,Operations on a memory location shall be sequenced appropriately,,,Import, -cpp,MISRA-C++-2023,RULE-5-0-1,Yes,Advisory,Decidable,Single Translation Unit,Trigraph-like sequences should not be used,,,Very Hard, -cpp,MISRA-C++-2023,RULE-5-7-1,Yes,Required,Decidable,Single Translation Unit,The character sequence /* shall not be used within a C-style comment,,,Import, -cpp,MISRA-C++-2023,DIR-5-7-2,Yes,Advisory,,,Sections of code should not be “commented out”,,,Import, -cpp,MISRA-C++-2023,RULE-5-7-3,Yes,Required,Decidable,Single Translation Unit,Line-splicing shall not be used in // comments,,,Import, +cpp,MISRA-C++-2023,RULE-4-6-1,Yes,Required,Undecidable,System,Operations on a memory location shall be sequenced appropriately,RULE-13-2,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-5-0-1,Yes,Advisory,Decidable,Single Translation Unit,Trigraph-like sequences should not be used,A2-5-1,,Very Hard, +cpp,MISRA-C++-2023,RULE-5-7-1,Yes,Required,Decidable,Single Translation Unit,The character sequence /* shall not be used within a C-style comment,M2-7-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,DIR-5-7-2,Yes,Advisory,,,Sections of code should not be “commented out”,A2-7-2,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-5-7-3,Yes,Required,Decidable,Single Translation Unit,Line-splicing shall not be used in // comments,A2-7-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-5-10-1,Yes,Required,Decidable,Single Translation Unit,User-defined identifiers shall have an appropriate form,,,Easy, -cpp,MISRA-C++-2023,RULE-5-13-1,Yes,Required,Decidable,Single Translation Unit,"In character literals and non-raw string literals, \ shall only be used to form a defined escape sequence or universal character name",,,Import, -cpp,MISRA-C++-2023,RULE-5-13-2,Yes,Required,Decidable,Single Translation Unit,"Octal escape sequences, hexadecimal escape sequences, and universal character names shall be terminated",,,Import, -cpp,MISRA-C++-2023,RULE-5-13-3,Yes,Required,Decidable,Single Translation Unit,Octal constants shall not be used,,,Import, -cpp,MISRA-C++-2023,RULE-5-13-4,Yes,Required,Decidable,Single Translation Unit,Unsigned integer literals shall be appropriately suffixed,,,Import, -cpp,MISRA-C++-2023,RULE-5-13-5,Yes,Required,Decidable,Single Translation Unit,The lowercase form of L shall not be used as the first character in a literal suffix,,,Import, +cpp,MISRA-C++-2023,RULE-5-13-1,Yes,Required,Decidable,Single Translation Unit,"In character literals and non-raw string literals, \ shall only be used to form a defined escape sequence or universal character name",A2-13-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-5-13-2,Yes,Required,Decidable,Single Translation Unit,"Octal escape sequences, hexadecimal escape sequences, and universal character names shall be terminated",RULE-4-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-5-13-3,Yes,Required,Decidable,Single Translation Unit,Octal constants shall not be used,RULE-7-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-5-13-4,Yes,Required,Decidable,Single Translation Unit,Unsigned integer literals shall be appropriately suffixed,M2-13-3,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-5-13-5,Yes,Required,Decidable,Single Translation Unit,The lowercase form of L shall not be used as the first character in a literal suffix,RULE-7-3,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-5-13-6,Yes,Required,Decidable,Single Translation Unit,An integer-literal of type long long shall not use a single L or l in any suffix,,,Easy, -cpp,MISRA-C++-2023,RULE-5-13-7,No,Required,Decidable,Single Translation Unit,String literals with different encoding prefixes shall not be concatenated,,,, -cpp,MISRA-C++-2023,RULE-6-0-1,Yes,Required,Decidable,Single Translation Unit,Block scope declarations shall not be visually ambiguous,,,Easy, -cpp,MISRA-C++-2023,RULE-6-0-2,Yes,Advisory,Decidable,Single Translation Unit,"When an array with external linkage is declared, its size should be explicitly specified",,,Easy, -cpp,MISRA-C++-2023,RULE-6-0-3,Yes,Advisory,Decidable,Single Translation Unit,"The only declarations in the global namespace should be main, namespace declarations and extern ""C"" declarations",,,Import, -cpp,MISRA-C++-2023,RULE-6-0-4,Yes,Required,Decidable,Single Translation Unit,The identifier main shall not be used for a function other than the global function main,,,Import, -cpp,MISRA-C++-2023,RULE-6-2-1,Yes,Required,Decidable,System,The one-definition rule shall not be violated,,,Import, -cpp,MISRA-C++-2023,RULE-6-2-2,Yes,Required,Decidable,System,All declarations of a variable or function shall have the same type,,,Easy, +cpp,MISRA-C++-2023,RULE-5-13-7,No,Required,Decidable,Single Translation Unit,String literals with different encoding prefixes shall not be concatenated,A2-13-2,,, +cpp,MISRA-C++-2023,RULE-6-0-1,Yes,Required,Decidable,Single Translation Unit,Block scope declarations shall not be visually ambiguous,"M3-1-2,DCL53-CPP",,Easy, +cpp,MISRA-C++-2023,RULE-6-0-2,Yes,Advisory,Decidable,Single Translation Unit,"When an array with external linkage is declared, its size should be explicitly specified",RULE-18-8,,Easy, +cpp,MISRA-C++-2023,RULE-6-0-3,Yes,Advisory,Decidable,Single Translation Unit,"The only declarations in the global namespace should be main, namespace declarations and extern ""C"" declarations",M7-3-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-6-0-4,Yes,Required,Decidable,Single Translation Unit,The identifier main shall not be used for a function other than the global function main,M7-3-2,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-6-2-1,Yes,Required,Decidable,System,The one-definition rule shall not be violated,M3-2-2,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-6-2-2,Yes,Required,Decidable,System,All declarations of a variable or function shall have the same type,"M3-9-1,DCL40-C",,Easy, cpp,MISRA-C++-2023,RULE-6-2-3,Yes,Required,Decidable,System,The source code used to implement an entity shall appear only once,,,Medium, cpp,MISRA-C++-2023,RULE-6-2-4,Yes,Required,Decidable,Single Translation Unit,A header file shall not contain definitions of functions or objects that are non-inline and have external linkage,,,Easy, -cpp,MISRA-C++-2023,RULE-6-4-1,Yes,Required,Decidable,Single Translation Unit,A variable declared in an inner scope shall not hide a variable declared in an outer scope,,,Import, -cpp,MISRA-C++-2023,RULE-6-4-2,Yes,Required,Decidable,Single Translation Unit,Derived classes shall not conceal functions that are inherited from their bases,,,Import, -cpp,MISRA-C++-2023,RULE-6-4-3,Yes,Required,Decidable,Single Translation Unit,A name that is present in a dependent base shall not be resolved by unqualified lookup,,,Import, +cpp,MISRA-C++-2023,RULE-6-4-1,Yes,Required,Decidable,Single Translation Unit,A variable declared in an inner scope shall not hide a variable declared in an outer scope,A2-10-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-6-4-2,Yes,Required,Decidable,Single Translation Unit,Derived classes shall not conceal functions that are inherited from their bases,A7-3-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-6-4-3,Yes,Required,Decidable,Single Translation Unit,A name that is present in a dependent base shall not be resolved by unqualified lookup,M14-6-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-6-5-1,Yes,Advisory,Decidable,Single Translation Unit,A function or object with external linkage should be introduced in a header file,,,Medium, cpp,MISRA-C++-2023,RULE-6-5-2,Yes,Advisory,Decidable,Single Translation Unit,Internal linkage should be specified appropriately,,,Medium, cpp,MISRA-C++-2023,RULE-6-7-1,Yes,Required,Decidable,Single Translation Unit,Local variables shall not have static storage duration,,,Easy, cpp,MISRA-C++-2023,RULE-6-7-2,Yes,Required,Decidable,Single Translation Unit,Global variables shall not be used,,,Easy, -cpp,MISRA-C++-2023,RULE-6-8-1,Yes,Required,Undecidable,System,An object shall not be accessed outside of its lifetime,,,Import, -cpp,MISRA-C++-2023,RULE-6-8-2,Yes,Mandatory,Decidable,Single Translation Unit,A function must not return a reference or a pointer to a local variable with automatic storage duration,,,Import, +cpp,MISRA-C++-2023,RULE-6-8-1,Yes,Required,Undecidable,System,An object shall not be accessed outside of its lifetime,A3-8-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-6-8-2,Yes,Mandatory,Decidable,Single Translation Unit,A function must not return a reference or a pointer to a local variable with automatic storage duration,M7-5-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-6-8-3,Yes,Required,Decidable,Single Translation Unit,An assignment operator shall not assign the address of an object with automatic storage duration to an object with a greater lifetime,,,Medium, cpp,MISRA-C++-2023,RULE-6-8-4,Yes,Advisory,Decidable,Single Translation Unit,Member functions returning references to their object should be refqualified appropriately,,,Medium, cpp,MISRA-C++-2023,RULE-6-9-1,Yes,Required,Decidable,Single Translation Unit,The same type aliases shall be used in all declarations of the same entity,,,Medium, -cpp,MISRA-C++-2023,RULE-6-9-2,Yes,Advisory,Decidable,Single Translation Unit,The names of the standard signed integer types and standard unsigned integer types should not be used,,,Easy, +cpp,MISRA-C++-2023,RULE-6-9-2,Yes,Advisory,Decidable,Single Translation Unit,The names of the standard signed integer types and standard unsigned integer types should not be used,A3-9-1,,Easy, cpp,MISRA-C++-2023,RULE-7-0-1,Yes,Required,Decidable,Single Translation Unit,There shall be no conversion from type bool,,,Easy, cpp,MISRA-C++-2023,RULE-7-0-2,Yes,Required,Decidable,Single Translation Unit,There shall be no conversion to type bool,,,Easy, -cpp,MISRA-C++-2023,RULE-7-0-3,Yes,Required,Decidable,Single Translation Unit,The numerical value of a character shall not be used,,,Medium, -cpp,MISRA-C++-2023,RULE-7-0-4,Yes,Required,Decidable,Single Translation Unit,The operands of bitwise operators and shift operators shall be appropriate,,,Medium, -cpp,MISRA-C++-2023,RULE-7-0-5,Yes,Required,Decidable,Single Translation Unit,Integral promotion and the usual arithmetic conversions shall not change the signedness or the type category of an operand,,,Medium, +cpp,MISRA-C++-2023,RULE-7-0-3,Yes,Required,Decidable,Single Translation Unit,The numerical value of a character shall not be used,M5-0-11,,Medium, +cpp,MISRA-C++-2023,RULE-7-0-4,Yes,Required,Decidable,Single Translation Unit,The operands of bitwise operators and shift operators shall be appropriate,RULE-10-1,,Medium, +cpp,MISRA-C++-2023,RULE-7-0-5,Yes,Required,Decidable,Single Translation Unit,Integral promotion and the usual arithmetic conversions shall not change the signedness or the type category of an operand,"M5-0-4,M5-0-9,INT31-C",,Medium, cpp,MISRA-C++-2023,RULE-7-0-6,Yes,Required,Decidable,Single Translation Unit,Assignment between numeric types shall be appropriate,,,Hard, -cpp,MISRA-C++-2023,RULE-7-11-1,Yes,Required,Decidable,Single Translation Unit,nullptr shall be the only form of the null-pointer-constant,,,Import, -cpp,MISRA-C++-2023,RULE-7-11-2,Yes,Required,Decidable,Single Translation Unit,An array passed as a function argument shall not decay to a pointer,,,Import, +cpp,MISRA-C++-2023,RULE-7-11-1,Yes,Required,Decidable,Single Translation Unit,nullptr shall be the only form of the null-pointer-constant,A4-10-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-7-11-2,Yes,Required,Decidable,Single Translation Unit,An array passed as a function argument shall not decay to a pointer,M5-2-12,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-7-11-3,Yes,Required,Decidable,Single Translation Unit,A conversion from function type to pointer-to-function type shall only occur in appropriate contexts,,,Easy, -cpp,MISRA-C++-2023,RULE-8-0-1,Yes,Advisory,Decidable,Single Translation Unit,Parentheses should be used to make the meaning of an expression appropriately explicit,,,Medium, +cpp,MISRA-C++-2023,RULE-8-0-1,Yes,Advisory,Decidable,Single Translation Unit,Parentheses should be used to make the meaning of an expression appropriately explicit,M5-0-2,,Medium, cpp,MISRA-C++-2023,RULE-8-1-1,Yes,Required,Decidable,Single Translation Unit,A non-transient lambda shall not implicitly capture this,,,Easy, -cpp,MISRA-C++-2023,RULE-8-1-2,Yes,Advisory,Decidable,Single Translation Unit,Variables should be captured explicitly in a non-transient lambda,,,Easy, +cpp,MISRA-C++-2023,RULE-8-1-2,Yes,Advisory,Decidable,Single Translation Unit,Variables should be captured explicitly in a non-transient lambda,A5-1-2,,Easy, cpp,MISRA-C++-2023,RULE-8-2-1,Yes,Required,Decidable,Single Translation Unit,A virtual base class shall only be cast to a derived class by means of dynamic_cast,,,Easy, -cpp,MISRA-C++-2023,RULE-8-2-2,Yes,Required,Decidable,Single Translation Unit,C-style casts and functional notation casts shall not be used,,,Easy, -cpp,MISRA-C++-2023,RULE-8-2-3,Yes,Required,Decidable,Single Translation Unit,A cast shall not remove any const or volatile qualification from the type accessed via a pointer or by reference,,,Import, -cpp,MISRA-C++-2023,RULE-8-2-4,Yes,Required,Decidable,Single Translation Unit,Casts shall not be performed between a pointer to function and any other type,,,Import, -cpp,MISRA-C++-2023,RULE-8-2-5,Yes,Required,Decidable,Single Translation Unit,reinterpret_cast shall not be used,,,Import, -cpp,MISRA-C++-2023,RULE-8-2-6,Yes,Required,Decidable,Single Translation Unit,"An object with integral, enumerated, or pointer to void type shall not be cast to a pointer type",,,Easy, -cpp,MISRA-C++-2023,RULE-8-2-7,Yes,Advisory,Decidable,Single Translation Unit,A cast should not convert a pointer type to an integral type,,,Easy, -cpp,MISRA-C++-2023,RULE-8-2-8,Yes,Required,Decidable,Single Translation Unit,An object pointer type shall not be cast to an integral type other than std::uintptr_t or std::intptr_t,,,Easy, +cpp,MISRA-C++-2023,RULE-8-2-2,Yes,Required,Decidable,Single Translation Unit,C-style casts and functional notation casts shall not be used,A5-2-2,,Easy, +cpp,MISRA-C++-2023,RULE-8-2-3,Yes,Required,Decidable,Single Translation Unit,A cast shall not remove any const or volatile qualification from the type accessed via a pointer or by reference,A5-2-3,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-8-2-4,Yes,Required,Decidable,Single Translation Unit,Casts shall not be performed between a pointer to function and any other type,M5-2-6,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-8-2-5,Yes,Required,Decidable,Single Translation Unit,reinterpret_cast shall not be used,A5-2-4,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-8-2-6,Yes,Required,Decidable,Single Translation Unit,"An object with integral, enumerated, or pointer to void type shall not be cast to a pointer type","RULE-11-6, INT36-C",,Easy, +cpp,MISRA-C++-2023,RULE-8-2-7,Yes,Advisory,Decidable,Single Translation Unit,A cast should not convert a pointer type to an integral type,"RULE-11-6, INT36-C",,Easy, +cpp,MISRA-C++-2023,RULE-8-2-8,Yes,Required,Decidable,Single Translation Unit,An object pointer type shall not be cast to an integral type other than std::uintptr_t or std::intptr_t,"RULE-11-6, INT36-C",,Easy, cpp,MISRA-C++-2023,RULE-8-2-9,Yes,Required,Decidable,Single Translation Unit,The operand to typeid shall not be an expression of polymorphic class type,,,Easy, -cpp,MISRA-C++-2023,RULE-8-2-10,Yes,Required,Undecidable,System,"Functions shall not call themselves, either directly or indirectly",,,Import, +cpp,MISRA-C++-2023,RULE-8-2-10,Yes,Required,Undecidable,System,"Functions shall not call themselves, either directly or indirectly",A7-5-2,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-8-2-11,Yes,Required,Decidable,Single Translation Unit,An argument passed via ellipsis shall have an appropriate type,,,Easy, -cpp,MISRA-C++-2023,RULE-8-3-1,Yes,Advisory,Decidable,Single Translation Unit,The built-in unary - operator should not be applied to an expression of unsigned type,,,Import, +cpp,MISRA-C++-2023,RULE-8-3-1,Yes,Advisory,Decidable,Single Translation Unit,The built-in unary - operator should not be applied to an expression of unsigned type,M5-3-2,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-8-3-2,Yes,Advisory,Decidable,Single Translation Unit,The built-in unary + operator should not be used,,,Easy, -cpp,MISRA-C++-2023,RULE-8-7-1,Yes,Required,Undecidable,System,Pointer arithmetic shall not form an invalid pointer,,,Easy, -cpp,MISRA-C++-2023,RULE-8-7-2,Yes,Required,Undecidable,System,Subtraction between pointers shall only be applied to pointers that address elements of the same array,,,Easy, -cpp,MISRA-C++-2023,RULE-8-9-1,Yes,Required,Undecidable,System,"The built-in relational operators >, >=, < and <= shall not be applied to objects of pointer type, except where they point to elements of the same array",,,Easy, -cpp,MISRA-C++-2023,RULE-8-14-1,Yes,Advisory,Undecidable,System,The right-hand operand of a logical && or operator should not contain persistent side effects,,,Medium, -cpp,MISRA-C++-2023,RULE-8-18-1,Yes,Mandatory,Undecidable,System,An object or subobject must not be copied to an overlapping object,,,Hard, -cpp,MISRA-C++-2023,RULE-8-18-2,Yes,Advisory,Decidable,Single Translation Unit,The result of an assignment operator should not be used,,,Import, -cpp,MISRA-C++-2023,RULE-8-19-1,Yes,Advisory,Decidable,Single Translation Unit,The comma operator should not be used,,,Import, -cpp,MISRA-C++-2023,RULE-8-20-1,Yes,Advisory,Decidable,Single Translation Unit,An unsigned arithmetic operation with constant operands should not wrap,,,Import, -cpp,MISRA-C++-2023,RULE-9-2-1,Yes,Required,Decidable,Single Translation Unit,An explicit type conversion shall not be an expression statement,,,Easy, -cpp,MISRA-C++-2023,RULE-9-3-1,Yes,Required,Decidable,Single Translation Unit,The body of an iteration-statement or a selection-statement shall be a compound-statement,,,Import, -cpp,MISRA-C++-2023,RULE-9-4-1,Yes,Required,Decidable,Single Translation Unit,All if ... else if constructs shall be terminated with an else statement,,,Import, -cpp,MISRA-C++-2023,RULE-9-4-2,Yes,Required,Decidable,Single Translation Unit,The structure of a switch statement shall be appropriate,,,Medium, +cpp,MISRA-C++-2023,RULE-8-7-1,Yes,Required,Undecidable,System,Pointer arithmetic shall not form an invalid pointer,ARR30-C,,Easy, +cpp,MISRA-C++-2023,RULE-8-7-2,Yes,Required,Undecidable,System,Subtraction between pointers shall only be applied to pointers that address elements of the same array,ARR36-C,,Easy, +cpp,MISRA-C++-2023,RULE-8-9-1,Yes,Required,Undecidable,System,"The built-in relational operators >, >=, < and <= shall not be applied to objects of pointer type, except where they point to elements of the same array",ARR36-C,,Easy, +cpp,MISRA-C++-2023,RULE-8-14-1,Yes,Advisory,Undecidable,System,The right-hand operand of a logical && or operator should not contain persistent side effects,"M5-14-1, RULE-13-5",,Medium, +cpp,MISRA-C++-2023,RULE-8-18-1,Yes,Mandatory,Undecidable,System,An object or subobject must not be copied to an overlapping object,"M0-2-1, RULE-19-1",,Hard, +cpp,MISRA-C++-2023,RULE-8-18-2,Yes,Advisory,Decidable,Single Translation Unit,The result of an assignment operator should not be used,RULE-13-4,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-8-19-1,Yes,Advisory,Decidable,Single Translation Unit,The comma operator should not be used,M15-8-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-8-20-1,Yes,Advisory,Decidable,Single Translation Unit,An unsigned arithmetic operation with constant operands should not wrap,INT30-C,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-9-2-1,Yes,Required,Decidable,Single Translation Unit,An explicit type conversion shall not be an expression statement,DCL53-CPP,,Easy, +cpp,MISRA-C++-2023,RULE-9-3-1,Yes,Required,Decidable,Single Translation Unit,The body of an iteration-statement or a selection-statement shall be a compound-statement,RULE-15-6,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-9-4-1,Yes,Required,Decidable,Single Translation Unit,All if ... else if constructs shall be terminated with an else statement,RULE-15-7,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-9-4-2,Yes,Required,Decidable,Single Translation Unit,The structure of a switch statement shall be appropriate,"RULE-16-1, RULE-16-2,RULE-16-3,RULE-16-4,RULE-16-5,RULE-16-6,RULE-16-7",,Medium, cpp,MISRA-C++-2023,RULE-9-5-1,Yes,Advisory,Decidable,Single Translation Unit,Legacy for statements should be simple,,,Hard, cpp,MISRA-C++-2023,RULE-9-5-2,Yes,Required,Decidable,Single Translation Unit,A for-range-initializer shall contain at most one function call,,,Easy, -cpp,MISRA-C++-2023,RULE-9-6-1,Yes,Advisory,Decidable,Single Translation Unit,The goto statement should not be used,,,Import, -cpp,MISRA-C++-2023,RULE-9-6-2,Yes,Required,Decidable,Single Translation Unit,A goto statement shall reference a label in a surrounding block,,,Import, -cpp,MISRA-C++-2023,RULE-9-6-3,Yes,Required,Decidable,Single Translation Unit,The goto statement shall jump to a label declared later in the function body,,,Import, -cpp,MISRA-C++-2023,RULE-9-6-4,Yes,Required,Undecidable,System,A function declared with the [[noreturn]] attribute shall not return,,,Import, -cpp,MISRA-C++-2023,RULE-9-6-5,Yes,Required,Decidable,Single Translation Unit,A function with non-void return type shall return a value on all paths,,,Import, -cpp,MISRA-C++-2023,RULE-10-0-1,Yes,Advisory,Decidable,Single Translation Unit,A declaration should not declare more than one variable or member variable,,,Import, -cpp,MISRA-C++-2023,RULE-10-1-1,Yes,Advisory,Decidable,Single Translation Unit,The target type of a pointer or lvalue reference parameter should be const-qualified appropriately,,,Hard, +cpp,MISRA-C++-2023,RULE-9-6-1,Yes,Advisory,Decidable,Single Translation Unit,The goto statement should not be used,RULE-15-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-9-6-2,Yes,Required,Decidable,Single Translation Unit,A goto statement shall reference a label in a surrounding block,RULE-15-3,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-9-6-3,Yes,Required,Decidable,Single Translation Unit,The goto statement shall jump to a label declared later in the function body,RULE-15-2,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-9-6-4,Yes,Required,Undecidable,System,A function declared with the [[noreturn]] attribute shall not return,MSC53-CPP,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-9-6-5,Yes,Required,Decidable,Single Translation Unit,A function with non-void return type shall return a value on all paths,MSC52-CPP,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-10-0-1,Yes,Advisory,Decidable,Single Translation Unit,A declaration should not declare more than one variable or member variable,M8-0-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-10-1-1,Yes,Advisory,Decidable,Single Translation Unit,The target type of a pointer or lvalue reference parameter should be const-qualified appropriately,RULE-8-13,,Hard, cpp,MISRA-C++-2023,RULE-10-1-2,Yes,Required,Decidable,Single Translation Unit,The volatile qualifier shall be used appropriately,,,Easy, -cpp,MISRA-C++-2023,RULE-10-2-1,Yes,Required,Decidable,Single Translation Unit,An enumeration shall be defined with an explicit underlying type,,,Import, -cpp,MISRA-C++-2023,RULE-10-2-2,Yes,Advisory,Decidable,Single Translation Unit,Unscoped enumerations should not be declared,,,Easy, -cpp,MISRA-C++-2023,RULE-10-2-3,Yes,Required,Decidable,Single Translation Unit,The numeric value of an unscoped enumeration with no fixed underlying type shall not be used,,,Easy, -cpp,MISRA-C++-2023,RULE-10-3-1,Yes,Advisory,Decidable,Single Translation Unit,There should be no unnamed namespaces in header files,,,Easy, -cpp,MISRA-C++-2023,RULE-10-4-1,Yes,Required,Decidable,Single Translation Unit,The asm declaration shall not be used,,,Import, +cpp,MISRA-C++-2023,RULE-10-2-1,Yes,Required,Decidable,Single Translation Unit,An enumeration shall be defined with an explicit underlying type,A7-2-2,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-10-2-2,Yes,Advisory,Decidable,Single Translation Unit,Unscoped enumerations should not be declared,A7-2-3,,Easy, +cpp,MISRA-C++-2023,RULE-10-2-3,Yes,Required,Decidable,Single Translation Unit,The numeric value of an unscoped enumeration with no fixed underlying type shall not be used,A4-5-1,,Easy, +cpp,MISRA-C++-2023,RULE-10-3-1,Yes,Advisory,Decidable,Single Translation Unit,There should be no unnamed namespaces in header files,"DCL59-CPP, M7-3-3",,Easy, +cpp,MISRA-C++-2023,RULE-10-4-1,Yes,Required,Decidable,Single Translation Unit,The asm declaration shall not be used,A7-4-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-11-3-1,Yes,Advisory,Decidable,Single Translation Unit,Variables of array type should not be declared,,,Easy, -cpp,MISRA-C++-2023,RULE-11-3-2,Yes,Advisory,Decidable,Single Translation Unit,The declaration of an object should contain no more than two levels of pointer indirection,,,Import, +cpp,MISRA-C++-2023,RULE-11-3-2,Yes,Advisory,Decidable,Single Translation Unit,The declaration of an object should contain no more than two levels of pointer indirection,A5-0-3,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-11-6-1,Yes,Advisory,Decidable,Single Translation Unit,All variables should be initialized,,,Easy, -cpp,MISRA-C++-2023,RULE-11-6-2,Yes,Mandatory,Undecidable,System,The value of an object must not be read before it has been set,,,Very Hard, -cpp,MISRA-C++-2023,RULE-11-6-3,Yes,Required,Decidable,Single Translation Unit,"Within an enumerator list, the value of an implicitly-specified enumeration constant shall be unique",,,Import, -cpp,MISRA-C++-2023,RULE-12-2-1,Yes,Advisory,Decidable,Single Translation Unit,Bit-fields should not be declared,,,Easy, -cpp,MISRA-C++-2023,RULE-12-2-2,Yes,Required,Decidable,Single Translation Unit,A bit-field shall have an appropriate type,,,Import, -cpp,MISRA-C++-2023,RULE-12-2-3,Yes,Required,Decidable,Single Translation Unit,A named bit-field with signed integer type shall not have a length of one bit,,,Import, -cpp,MISRA-C++-2023,RULE-12-3-1,Yes,Required,Decidable,Single Translation Unit,The union keyword shall not be used,,,Easy, +cpp,MISRA-C++-2023,RULE-11-6-2,Yes,Mandatory,Undecidable,System,The value of an object must not be read before it has been set,A8-5-0,,Very Hard, +cpp,MISRA-C++-2023,RULE-11-6-3,Yes,Required,Decidable,Single Translation Unit,"Within an enumerator list, the value of an implicitly-specified enumeration constant shall be unique",RULE-8-12,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-12-2-1,Yes,Advisory,Decidable,Single Translation Unit,Bit-fields should not be declared,A9-6-2,,Easy, +cpp,MISRA-C++-2023,RULE-12-2-2,Yes,Required,Decidable,Single Translation Unit,A bit-field shall have an appropriate type,RULE-6-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-12-2-3,Yes,Required,Decidable,Single Translation Unit,A named bit-field with signed integer type shall not have a length of one bit,"RULE-6-2, M9-6-4",ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-12-3-1,Yes,Required,Decidable,Single Translation Unit,The union keyword shall not be used,RULE-19-2,,Easy, cpp,MISRA-C++-2023,RULE-13-1-1,Yes,Advisory,Decidable,Single Translation Unit,Classes should not be inherited virtually,,,Easy, -cpp,MISRA-C++-2023,RULE-13-1-2,Yes,Required,Decidable,Single Translation Unit,An accessible base class shall not be both virtual and non-virtual in the same hierarchy,,,Import, +cpp,MISRA-C++-2023,RULE-13-1-2,Yes,Required,Decidable,Single Translation Unit,An accessible base class shall not be both virtual and non-virtual in the same hierarchy,M10-1-3,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-13-3-1,Yes,Required,Decidable,Single Translation Unit,"User-declared member functions shall use the virtual, override and final specifiers appropriately",,,Easy, -cpp,MISRA-C++-2023,RULE-13-3-2,Yes,Required,Decidable,Single Translation Unit,Parameters in an overriding virtual function shall not specify different default arguments,,,Import, -cpp,MISRA-C++-2023,RULE-13-3-3,Yes,Required,Decidable,System,The parameters in all declarations or overrides of a function shall either be unnamed or have identical names,,,Import, -cpp,MISRA-C++-2023,RULE-13-3-4,Yes,Required,Decidable,Single Translation Unit,A comparison of a potentially virtual pointer to member function shall only be with nullptr,,,Import, +cpp,MISRA-C++-2023,RULE-13-3-2,Yes,Required,Decidable,Single Translation Unit,Parameters in an overriding virtual function shall not specify different default arguments,M8-3-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-13-3-3,Yes,Required,Decidable,System,The parameters in all declarations or overrides of a function shall either be unnamed or have identical names,A15-1-2,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-13-3-4,Yes,Required,Decidable,Single Translation Unit,A comparison of a potentially virtual pointer to member function shall only be with nullptr,A5-10-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-14-1-1,Yes,Advisory,Decidable,Single Translation Unit,Non-static data members should be either all private or all public,,,Easy, -cpp,MISRA-C++-2023,RULE-15-0-1,Yes,Required,Decidable,Single Translation Unit,Special member functions shall be provided appropriately,,,Medium, +cpp,MISRA-C++-2023,RULE-15-0-1,Yes,Required,Decidable,Single Translation Unit,Special member functions shall be provided appropriately,A12-0-1,,Medium, cpp,MISRA-C++-2023,RULE-15-0-2,Yes,Advisory,Decidable,Single Translation Unit,User-provided copy and move member functions of a class should have appropriate signatures,,,Easy, -cpp,MISRA-C++-2023,RULE-15-1-1,Yes,Required,Undecidable,System,An object’s dynamic type shall not be used from within its constructor or destructor,,,Import, -cpp,MISRA-C++-2023,RULE-15-1-2,Yes,Advisory,Decidable,Single Translation Unit,All constructors of a class should explicitly initialize all of its virtual base classes and immediate base classes,,,Import, -cpp,MISRA-C++-2023,RULE-15-1-3,Yes,Required,Decidable,Single Translation Unit,Conversion operators and constructors that are callable with a single argument shall be explicit,,,Easy, +cpp,MISRA-C++-2023,RULE-15-1-1,Yes,Required,Undecidable,System,An object’s dynamic type shall not be used from within its constructor or destructor,M12-1-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-15-1-2,Yes,Advisory,Decidable,Single Translation Unit,All constructors of a class should explicitly initialize all of its virtual base classes and immediate base classes,A12-1-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-15-1-3,Yes,Required,Decidable,Single Translation Unit,Conversion operators and constructors that are callable with a single argument shall be explicit,"A12-1-4,A13-5-2",,Easy, cpp,MISRA-C++-2023,RULE-15-1-4,Yes,Advisory,Decidable,Single Translation Unit,"All direct, non-static data members of a class should be initialized before the class object is accessible",,,Hard, -cpp,MISRA-C++-2023,RULE-15-1-5,Yes,Required,Decidable,Single Translation Unit,A class shall only define an initializer-list constructor when it is the only constructor,,,Import, -cpp,MISRA-C++-2023,DIR-15-8-1,Yes,Required,#VALUE!,,User-provided copy assignment operators and move assignment operators shall handle self-assignment,,,Import, -cpp,MISRA-C++-2023,RULE-16-5-1,Yes,Required,Decidable,Single Translation Unit,The logical AND and logical OR operators shall not be overloaded,,,Easy, -cpp,MISRA-C++-2023,RULE-16-5-2,Yes,Required,Decidable,Single Translation Unit,The address-of operator shall not be overloaded,,,Import, +cpp,MISRA-C++-2023,RULE-15-1-5,Yes,Required,Decidable,Single Translation Unit,A class shall only define an initializer-list constructor when it is the only constructor,A8-5-4,ImportMisra23,Import, +cpp,MISRA-C++-2023,DIR-15-8-1,Yes,Required,Decidable,Implementation,User-provided copy assignment operators and move assignment operators shall handle self-assignment,A12-8-5,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-16-5-1,Yes,Required,Decidable,Single Translation Unit,The logical AND and logical OR operators shall not be overloaded,M5-2-11,,Easy, +cpp,MISRA-C++-2023,RULE-16-5-2,Yes,Required,Decidable,Single Translation Unit,The address-of operator shall not be overloaded,M5-3-3,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-16-6-1,Yes,Advisory,Decidable,Single Translation Unit,Symmetrical operators should only be implemented as non-member functions,,,Medium, -cpp,MISRA-C++-2023,RULE-17-8-1,Yes,Required,Decidable,Single Translation Unit,Function templates shall not be explicitly specialized,,,Import, -cpp,MISRA-C++-2023,RULE-18-1-1,Yes,Required,Decidable,Single Translation Unit,An exception object shall not have pointer type,,,Import, -cpp,MISRA-C++-2023,RULE-18-1-2,Yes,Required,Decidable,Single Translation Unit,An empty throw shall only occur within the compound-statement of a catch handler,,,Import, -cpp,MISRA-C++-2023,RULE-18-3-1,Yes,Advisory,Decidable,Single Translation Unit,There should be at least one exception handler to catch all otherwise unhandled exceptions,,,Easy, -cpp,MISRA-C++-2023,RULE-18-3-2,Yes,Required,Decidable,Single Translation Unit,An exception of class type shall be caught by const reference or reference,,,Easy, -cpp,MISRA-C++-2023,RULE-18-3-3,Yes,Required,Decidable,Single Translation Unit,Handlers for a function-try-block of a constructor or destructor shall not refer to non-static members from their class or its bases,,,Import, -cpp,MISRA-C++-2023,RULE-18-4-1,Yes,Required,Decidable,Single Translation Unit,Exception-unfriendly functions shall be noexcept,,,Easy, -cpp,MISRA-C++-2023,RULE-18-5-1,Yes,Advisory,Undecidable,System,A noexcept function should not attempt to propagate an exception to the calling function,,,Import, +cpp,MISRA-C++-2023,RULE-17-8-1,Yes,Required,Decidable,Single Translation Unit,Function templates shall not be explicitly specialized,A14-8-2,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-18-1-1,Yes,Required,Decidable,Single Translation Unit,An exception object shall not have pointer type,A15-1-2,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-18-1-2,Yes,Required,Decidable,Single Translation Unit,An empty throw shall only occur within the compound-statement of a catch handler,M15-1-3,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-18-3-1,Yes,Advisory,Decidable,Single Translation Unit,There should be at least one exception handler to catch all otherwise unhandled exceptions,A15-3-3,,Easy, +cpp,MISRA-C++-2023,RULE-18-3-2,Yes,Required,Decidable,Single Translation Unit,An exception of class type shall be caught by const reference or reference,A15-3-5,,Easy, +cpp,MISRA-C++-2023,RULE-18-3-3,Yes,Required,Decidable,Single Translation Unit,Handlers for a function-try-block of a constructor or destructor shall not refer to non-static members from their class or its bases,M15-3-3,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-18-4-1,Yes,Required,Decidable,Single Translation Unit,Exception-unfriendly functions shall be noexcept,A15-5-1,,Easy, +cpp,MISRA-C++-2023,RULE-18-5-1,Yes,Advisory,Undecidable,System,A noexcept function should not attempt to propagate an exception to the calling function,A15-4-2,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-18-5-2,Yes,Advisory,Decidable,Single Translation Unit,Program-terminating functions should not be used,,,Easy, cpp,MISRA-C++-2023,RULE-19-0-1,No,Required,Decidable,Single Translation Unit,A line whose first token is # shall be a valid preprocessing directive,,,, -cpp,MISRA-C++-2023,RULE-19-0-2,Yes,Required,Decidable,Single Translation Unit,Function-like macros shall not be defined,,,Import, -cpp,MISRA-C++-2023,RULE-19-0-3,Yes,Advisory,Decidable,Single Translation Unit,#include directives should only be preceded by preprocessor directives or comments,,,Import, +cpp,MISRA-C++-2023,RULE-19-0-2,Yes,Required,Decidable,Single Translation Unit,Function-like macros shall not be defined,DIR-4-9,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-19-0-3,Yes,Advisory,Decidable,Single Translation Unit,#include directives should only be preceded by preprocessor directives or comments,RULE-20-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-19-0-4,Yes,Advisory,Decidable,Single Translation Unit,#undef should only be used for macros defined previously in the same file,,,Easy, -cpp,MISRA-C++-2023,RULE-19-1-1,Yes,Required,Decidable,Single Translation Unit,The defined preprocessor operator shall be used appropriately,,,Easy, -cpp,MISRA-C++-2023,RULE-19-1-2,No,Required,Decidable,Single Translation Unit,"All #else, #elif and #endif preprocessor directives shall reside in the same file as the #if, #ifdef or #ifndef directive to which they are related",,,, -cpp,MISRA-C++-2023,RULE-19-1-3,Yes,Required,Decidable,Single Translation Unit,All identifiers used in the controlling expression of #if or #elif preprocessing directives shall be defined prior to evaluation,,,Import, -cpp,MISRA-C++-2023,RULE-19-2-1,Yes,Required,Decidable,Single Translation Unit,Precautions shall be taken in order to prevent the contents of a header file being included more than once,,,Easy, +cpp,MISRA-C++-2023,RULE-19-1-1,Yes,Required,Decidable,Single Translation Unit,The defined preprocessor operator shall be used appropriately,M16-1-1,,Easy, +cpp,MISRA-C++-2023,RULE-19-1-2,No,Required,Decidable,Single Translation Unit,"All #else, #elif and #endif preprocessor directives shall reside in the same file as the #if, #ifdef or #ifndef directive to which they are related",M16-1-2,,, +cpp,MISRA-C++-2023,RULE-19-1-3,Yes,Required,Decidable,Single Translation Unit,All identifiers used in the controlling expression of #if or #elif preprocessing directives shall be defined prior to evaluation,M16-0-7,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-19-2-1,Yes,Required,Decidable,Single Translation Unit,Precautions shall be taken in order to prevent the contents of a header file being included more than once,M16-2-3,,Easy, cpp,MISRA-C++-2023,RULE-19-2-2,Yes,Required,Decidable,Single Translation Unit,"The #include directive shall be followed by either a or ""filename"" sequence",,,Easy, -cpp,MISRA-C++-2023,RULE-19-2-3,Yes,Required,Decidable,Single Translation Unit,"The ' or "" or \ characters and the /* or // character sequences shall not occur in a header file name",,,Import, -cpp,MISRA-C++-2023,RULE-19-3-1,Yes,Advisory,Decidable,Single Translation Unit,The # and ## preprocessor operators should not be used,,,Import, -cpp,MISRA-C++-2023,RULE-19-3-2,Yes,Required,Decidable,Single Translation Unit,A macro parameter immediately following a # operator shall not be immediately followed by a ## operator,,,Import, -cpp,MISRA-C++-2023,RULE-19-3-3,Yes,Required,Decidable,Single Translation Unit,The argument to a mixed-use macro parameter shall not be subject to further expansion,,,Import, -cpp,MISRA-C++-2023,RULE-19-3-4,Yes,Required,Decidable,Single Translation Unit,Parentheses shall be used to ensure macro arguments are expanded appropriately,,,Medium, -cpp,MISRA-C++-2023,RULE-19-3-5,Yes,Required,Decidable,Single Translation Unit,Tokens that look like a preprocessing directive shall not occur within a macro argument,,,Import, -cpp,MISRA-C++-2023,RULE-19-6-1,Yes,Advisory,Decidable,Single Translation Unit,The #pragma directive and the _Pragma operator should not be used,,,Easy, -cpp,MISRA-C++-2023,RULE-21-2-1,Yes,Required,Decidable,Single Translation Unit,"The library functions atof, atoi, atol and atoll from shall not be used",,,Import, -cpp,MISRA-C++-2023,RULE-21-2-2,Yes,Required,Decidable,Single Translation Unit,"The string handling functions from , , and shall not be used",,,Easy, -cpp,MISRA-C++-2023,RULE-21-2-3,Yes,Required,Decidable,Single Translation Unit,The library function system from shall not be used,,,Easy, -cpp,MISRA-C++-2023,RULE-21-2-4,Yes,Required,Decidable,Single Translation Unit,The macro offsetof shall not be used,,,Import, -cpp,MISRA-C++-2023,RULE-21-6-1,Yes,Advisory,Undecidable,Single Translation Unit,Dynamic memory should not be used,,,Easy, +cpp,MISRA-C++-2023,RULE-19-2-3,Yes,Required,Decidable,Single Translation Unit,"The ' or "" or \ characters and the /* or // character sequences shall not occur in a header file name",A16-2-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-19-3-1,Yes,Advisory,Decidable,Single Translation Unit,The # and ## preprocessor operators should not be used,M16-3-2,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-19-3-2,Yes,Required,Decidable,Single Translation Unit,A macro parameter immediately following a # operator shall not be immediately followed by a ## operator,RULE-20-11,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-19-3-3,Yes,Required,Decidable,Single Translation Unit,The argument to a mixed-use macro parameter shall not be subject to further expansion,RULE-20-12,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-19-3-4,Yes,Required,Decidable,Single Translation Unit,Parentheses shall be used to ensure macro arguments are expanded appropriately,M16-0-6,,Medium, +cpp,MISRA-C++-2023,RULE-19-3-5,Yes,Required,Decidable,Single Translation Unit,Tokens that look like a preprocessing directive shall not occur within a macro argument,RULE-20-6,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-19-6-1,Yes,Advisory,Decidable,Single Translation Unit,The #pragma directive and the _Pragma operator should not be used,A16-7-1,,Easy, +cpp,MISRA-C++-2023,RULE-21-2-1,Yes,Required,Decidable,Single Translation Unit,"The library functions atof, atoi, atol and atoll from shall not be used",RULE-21-7,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-21-2-2,Yes,Required,Decidable,Single Translation Unit,"The string handling functions from , , and shall not be used",M18-0-5,,Easy, +cpp,MISRA-C++-2023,RULE-21-2-3,Yes,Required,Decidable,Single Translation Unit,The library function system from shall not be used,M18-0-3,,Easy, +cpp,MISRA-C++-2023,RULE-21-2-4,Yes,Required,Decidable,Single Translation Unit,The macro offsetof shall not be used,M18-2-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-21-6-1,Yes,Advisory,Undecidable,Single Translation Unit,Dynamic memory should not be used,DIR-4-12,,Easy, cpp,MISRA-C++-2023,RULE-21-6-2,Yes,Required,Decidable,Single Translation Unit,Dynamic memory shall be managed automatically,,,Easy, cpp,MISRA-C++-2023,RULE-21-6-3,Yes,Required,Decidable,Single Translation Unit,Advanced memory management shall not be used,,,Medium, -cpp,MISRA-C++-2023,RULE-21-6-4,Yes,Required,Decidable,System,"If a project defines either a sized or unsized version of a global operator delete, then both shall be defined",,,Import, -cpp,MISRA-C++-2023,RULE-21-6-5,Yes,Required,Decidable,Single Translation Unit,A pointer to an incomplete class type shall not be deleted,,,Import, -cpp,MISRA-C++-2023,RULE-21-10-1,Yes,Required,Decidable,Single Translation Unit,The features of shall not be used,,,Easy, -cpp,MISRA-C++-2023,RULE-21-10-2,Yes,Required,Decidable,Single Translation Unit,The standard header file shall not be used,,,Easy, -cpp,MISRA-C++-2023,RULE-21-10-3,Yes,Required,Decidable,Single Translation Unit,The facilities provided by the standard header file shall not be used,,,Import, +cpp,MISRA-C++-2023,RULE-21-6-4,Yes,Required,Decidable,System,"If a project defines either a sized or unsized version of a global operator delete, then both shall be defined",A18-5-4,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-21-6-5,Yes,Required,Decidable,Single Translation Unit,A pointer to an incomplete class type shall not be deleted,A5-3-3,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-21-10-1,Yes,Required,Decidable,Single Translation Unit,The features of shall not be used,DCL50-CPP,,Easy, +cpp,MISRA-C++-2023,RULE-21-10-2,Yes,Required,Decidable,Single Translation Unit,The standard header file shall not be used,ERR52-CPP,,Easy, +cpp,MISRA-C++-2023,RULE-21-10-3,Yes,Required,Decidable,Single Translation Unit,The facilities provided by the standard header file shall not be used,M18-7-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-22-3-1,Yes,Required,Decidable,Single Translation Unit,The assert macro shall not be used with a constant-expression,,,Easy, cpp,MISRA-C++-2023,RULE-22-4-1,Yes,Required,Decidable,Single Translation Unit,The literal value zero shall be the only value assigned to errno,,,Easy, cpp,MISRA-C++-2023,RULE-23-11-1,Yes,Advisory,Decidable,Single Translation Unit,The raw pointer constructors of std::shared_ptr and std::unique_ptr should not be used,,,Easy, cpp,MISRA-C++-2023,RULE-24-5-1,Yes,Required,Decidable,Single Translation Unit,The character handling functions from and shall not be used,,,Easy, cpp,MISRA-C++-2023,RULE-24-5-2,Yes,Required,Decidable,Single Translation Unit,"The C++ Standard Library functions memcpy, memmove and memcmp from shall not be used",,,Easy, cpp,MISRA-C++-2023,RULE-25-5-1,Yes,Required,Decidable,Single Translation Unit,The setlocale and std::locale::global functions shall not be called,,,Easy, -cpp,MISRA-C++-2023,RULE-25-5-2,Yes,Mandatory,Decidable,Single Translation Unit,"The pointers returned by the C++ Standard Library functions localeconv, getenv, setlocale or strerror must only be used as if they have pointer to const-qualified type",,,Import, -cpp,MISRA-C++-2023,RULE-25-5-3,Yes,Mandatory,Undecidable,System,"The pointer returned by the C++ Standard Library functions asctime, ctime, gmtime, localtime, localeconv, getenv, setlocale or strerror must not be used following a subsequent call to the same function",,,Import, -cpp,MISRA-C++-2023,RULE-26-3-1,Yes,Advisory,Decidable,Single Translation Unit,std::vector should not be specialized with bool,,,Import, -cpp,MISRA-C++-2023,RULE-28-3-1,Yes,Required,Undecidable,System,Predicates shall not have persistent side effects,,,Easy, -cpp,MISRA-C++-2023,RULE-28-6-1,Yes,Required,Decidable,Single Translation Unit,The argument to std::move shall be a non-const lvalue,,,Easy, -cpp,MISRA-C++-2023,RULE-28-6-2,Yes,Required,Decidable,Single Translation Unit,Forwarding references and std::forward shall be used together,,,Import, -cpp,MISRA-C++-2023,RULE-28-6-3,Yes,Required,Decidable,Single Translation Unit,An object shall not be used while in a potentially moved-from state,,,Import, +cpp,MISRA-C++-2023,RULE-25-5-2,Yes,Mandatory,Decidable,Single Translation Unit,"The pointers returned by the C++ Standard Library functions localeconv, getenv, setlocale or strerror must only be used as if they have pointer to const-qualified type",RULE-21-19,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-25-5-3,Yes,Mandatory,Undecidable,System,"The pointer returned by the C++ Standard Library functions asctime, ctime, gmtime, localtime, localeconv, getenv, setlocale or strerror must not be used following a subsequent call to the same function",RULE-21-20,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-26-3-1,Yes,Advisory,Decidable,Single Translation Unit,std::vector should not be specialized with bool,A18-1-2,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-28-3-1,Yes,Required,Undecidable,System,Predicates shall not have persistent side effects,A25-1-1,,Easy, +cpp,MISRA-C++-2023,RULE-28-6-1,Yes,Required,Decidable,Single Translation Unit,The argument to std::move shall be a non-const lvalue,A18-9-3,,Easy, +cpp,MISRA-C++-2023,RULE-28-6-2,Yes,Required,Decidable,Single Translation Unit,Forwarding references and std::forward shall be used together,A18-9-2,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-28-6-3,Yes,Required,Decidable,Single Translation Unit,An object shall not be used while in a potentially moved-from state,A12-8-3,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-28-6-4,Yes,Required,Decidable,Single Translation Unit,"The result of std::remove, std::remove_if, std::unique and empty shall be used",,,Easy, -cpp,MISRA-C++-2023,RULE-30-0-1,Yes,Required,Decidable,Single Translation Unit,The C Library input/output functions shall not be used,,,Import, -cpp,MISRA-C++-2023,RULE-30-0-2,Yes,Required,Undecidable,System,Reads and writes on the same file stream shall be separated by a positioning operation,,,Import, \ No newline at end of file +cpp,MISRA-C++-2023,RULE-30-0-1,Yes,Required,Decidable,Single Translation Unit,The C Library input/output functions shall not be used,M27-0-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-30-0-2,Yes,Required,Undecidable,System,Reads and writes on the same file stream shall be separated by a positioning operation,A27-0-3,ImportMisra23,Import, From c9b176b8c406c77ea966df8a081ea67a9a3fb6f2 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 16 May 2024 17:15:41 +0200 Subject: [PATCH 1806/2573] Revert "Rules with preexisting import" This reverts commit 0b965ffb4c6e6c5ca2b8f1972a7f194bef8ba058. --- .../cpp/exclusions/cpp/ImportMisra23.qll | 1319 ----------------- .../cpp/exclusions/cpp/RuleMetadata.qll | 3 - .../SectionsOfCodeShouldNotBeCommentedOut.ql | 23 - .../DeclarationOfAnObjectIndirectionsLevel.ql | 24 - ...rsReferToNonStaticMembersFromTheirClass.ql | 24 - ...ectivesPrecededByPreprocessorDirectives.ql | 23 - ...tifiersUsedInTheControllingExpressionOf.ql | 25 - ...CharsThatShouldNotOccurInHeaderFileName.ql | 24 - ...AndPreprocessorOperatorsShouldNotBeUsed.ql | 23 - ...sThatLookLikeDirectivesInAMacroArgument.ql | 24 - .../PointerToAnIncompleteClassTypeDeleted.ql | 23 - ...urnedByLocaleFunctionsMustBeUsedAsConst.ql | 26 - ...lToSetlocaleInvalidatesOldPointersMisra.ql | 25 - ...etlocaleInvalidatesOldPointersWarnMisra.ql | 25 - ...ectUsedWhileInPotentiallyMovedFromState.ql | 23 - ...WritesOnStreamNotSeparatedByPositioning.ql | 23 - .../RULE-6-2-1/OneDefinitionRuleViolated.ql | 23 - ...ableDeclaredInInnerScopeHidesOuterScope.ql | 24 - .../ObjectAccessedAfterLifetimeMisra.ql | 23 - .../ObjectAccessedBeforeLifetimeMisra.ql | 23 - ...esConstOrVolatileFromPointerOrReference.ql | 24 - .../rules/RULE-9-4-1/IfElseIfEndCondition.ql | 24 - ...llJumpToLabelDeclaredLaterInTheFunction.ql | 24 - ...nDeclaredWithTheNoreturnAttributeReturn.ql | 23 - ...VoidFunctionShallReturnAValueOnAllPaths.ql | 23 - ...tionsOfCodeShouldNotBeCommentedOut.testref | 1 - ...arationOfAnObjectIndirectionsLevel.testref | 1 - ...erToNonStaticMembersFromTheirClass.testref | 1 - ...esPrecededByPreprocessorDirectives.testref | 1 - ...rsUsedInTheControllingExpressionOf.testref | 1 - ...ThatShouldNotOccurInHeaderFileName.testref | 1 - ...eprocessorOperatorsShouldNotBeUsed.testref | 1 - ...LookLikeDirectivesInAMacroArgument.testref | 1 - ...nterToAnIncompleteClassTypeDeleted.testref | 1 - ...ByLocaleFunctionsMustBeUsedAsConst.testref | 1 - ...tlocaleInvalidatesOldPointersMisra.testref | 1 - ...aleInvalidatesOldPointersWarnMisra.testref | 1 - ...edWhileInPotentiallyMovedFromState.testref | 1 - ...sOnStreamNotSeparatedByPositioning.testref | 1 - .../OneDefinitionRuleViolated.testref | 1 - ...eclaredInInnerScopeHidesOuterScope.testref | 1 - .../ObjectAccessedAfterLifetimeMisra.testref | 1 - .../ObjectAccessedBeforeLifetimeMisra.testref | 1 - ...stOrVolatileFromPointerOrReference.testref | 1 - .../RULE-9-4-1/IfElseIfEndCondition.testref | 1 - ...pToLabelDeclaredLaterInTheFunction.testref | 1 - ...aredWithTheNoreturnAttributeReturn.testref | 1 - ...unctionShallReturnAValueOnAllPaths.testref | 1 - rule_packages/cpp/ImportMisra23.json | 505 ------- rules.csv | 264 ++-- 50 files changed, 132 insertions(+), 2528 deletions(-) delete mode 100644 cpp/common/src/codingstandards/cpp/exclusions/cpp/ImportMisra23.qll delete mode 100644 cpp/misra/src/rules/DIR-5-7-2/SectionsOfCodeShouldNotBeCommentedOut.ql delete mode 100644 cpp/misra/src/rules/RULE-11-3-2/DeclarationOfAnObjectIndirectionsLevel.ql delete mode 100644 cpp/misra/src/rules/RULE-18-3-3/HandlersReferToNonStaticMembersFromTheirClass.ql delete mode 100644 cpp/misra/src/rules/RULE-19-0-3/IncludeDirectivesPrecededByPreprocessorDirectives.ql delete mode 100644 cpp/misra/src/rules/RULE-19-1-3/IdentifiersUsedInTheControllingExpressionOf.ql delete mode 100644 cpp/misra/src/rules/RULE-19-2-3/CharsThatShouldNotOccurInHeaderFileName.ql delete mode 100644 cpp/misra/src/rules/RULE-19-3-1/AndPreprocessorOperatorsShouldNotBeUsed.ql delete mode 100644 cpp/misra/src/rules/RULE-19-3-5/TokensThatLookLikeDirectivesInAMacroArgument.ql delete mode 100644 cpp/misra/src/rules/RULE-21-6-5/PointerToAnIncompleteClassTypeDeleted.ql delete mode 100644 cpp/misra/src/rules/RULE-25-5-2/PointersReturnedByLocaleFunctionsMustBeUsedAsConst.ql delete mode 100644 cpp/misra/src/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersMisra.ql delete mode 100644 cpp/misra/src/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersWarnMisra.ql delete mode 100644 cpp/misra/src/rules/RULE-28-6-3/ObjectUsedWhileInPotentiallyMovedFromState.ql delete mode 100644 cpp/misra/src/rules/RULE-30-0-2/ReadsAndWritesOnStreamNotSeparatedByPositioning.ql delete mode 100644 cpp/misra/src/rules/RULE-6-2-1/OneDefinitionRuleViolated.ql delete mode 100644 cpp/misra/src/rules/RULE-6-4-1/VariableDeclaredInInnerScopeHidesOuterScope.ql delete mode 100644 cpp/misra/src/rules/RULE-6-8-1/ObjectAccessedAfterLifetimeMisra.ql delete mode 100644 cpp/misra/src/rules/RULE-6-8-1/ObjectAccessedBeforeLifetimeMisra.ql delete mode 100644 cpp/misra/src/rules/RULE-8-2-3/CastRemovesConstOrVolatileFromPointerOrReference.ql delete mode 100644 cpp/misra/src/rules/RULE-9-4-1/IfElseIfEndCondition.ql delete mode 100644 cpp/misra/src/rules/RULE-9-6-3/GotoShallJumpToLabelDeclaredLaterInTheFunction.ql delete mode 100644 cpp/misra/src/rules/RULE-9-6-4/FunctionDeclaredWithTheNoreturnAttributeReturn.ql delete mode 100644 cpp/misra/src/rules/RULE-9-6-5/NonVoidFunctionShallReturnAValueOnAllPaths.ql delete mode 100644 cpp/misra/test/rules/DIR-5-7-2/SectionsOfCodeShouldNotBeCommentedOut.testref delete mode 100644 cpp/misra/test/rules/RULE-11-3-2/DeclarationOfAnObjectIndirectionsLevel.testref delete mode 100644 cpp/misra/test/rules/RULE-18-3-3/HandlersReferToNonStaticMembersFromTheirClass.testref delete mode 100644 cpp/misra/test/rules/RULE-19-0-3/IncludeDirectivesPrecededByPreprocessorDirectives.testref delete mode 100644 cpp/misra/test/rules/RULE-19-1-3/IdentifiersUsedInTheControllingExpressionOf.testref delete mode 100644 cpp/misra/test/rules/RULE-19-2-3/CharsThatShouldNotOccurInHeaderFileName.testref delete mode 100644 cpp/misra/test/rules/RULE-19-3-1/AndPreprocessorOperatorsShouldNotBeUsed.testref delete mode 100644 cpp/misra/test/rules/RULE-19-3-5/TokensThatLookLikeDirectivesInAMacroArgument.testref delete mode 100644 cpp/misra/test/rules/RULE-21-6-5/PointerToAnIncompleteClassTypeDeleted.testref delete mode 100644 cpp/misra/test/rules/RULE-25-5-2/PointersReturnedByLocaleFunctionsMustBeUsedAsConst.testref delete mode 100644 cpp/misra/test/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersMisra.testref delete mode 100644 cpp/misra/test/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersWarnMisra.testref delete mode 100644 cpp/misra/test/rules/RULE-28-6-3/ObjectUsedWhileInPotentiallyMovedFromState.testref delete mode 100644 cpp/misra/test/rules/RULE-30-0-2/ReadsAndWritesOnStreamNotSeparatedByPositioning.testref delete mode 100644 cpp/misra/test/rules/RULE-6-2-1/OneDefinitionRuleViolated.testref delete mode 100644 cpp/misra/test/rules/RULE-6-4-1/VariableDeclaredInInnerScopeHidesOuterScope.testref delete mode 100644 cpp/misra/test/rules/RULE-6-8-1/ObjectAccessedAfterLifetimeMisra.testref delete mode 100644 cpp/misra/test/rules/RULE-6-8-1/ObjectAccessedBeforeLifetimeMisra.testref delete mode 100644 cpp/misra/test/rules/RULE-8-2-3/CastRemovesConstOrVolatileFromPointerOrReference.testref delete mode 100644 cpp/misra/test/rules/RULE-9-4-1/IfElseIfEndCondition.testref delete mode 100644 cpp/misra/test/rules/RULE-9-6-3/GotoShallJumpToLabelDeclaredLaterInTheFunction.testref delete mode 100644 cpp/misra/test/rules/RULE-9-6-4/FunctionDeclaredWithTheNoreturnAttributeReturn.testref delete mode 100644 cpp/misra/test/rules/RULE-9-6-5/NonVoidFunctionShallReturnAValueOnAllPaths.testref delete mode 100644 rule_packages/cpp/ImportMisra23.json diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/ImportMisra23.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/ImportMisra23.qll deleted file mode 100644 index b8fef48f1f..0000000000 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/ImportMisra23.qll +++ /dev/null @@ -1,1319 +0,0 @@ -//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ -import cpp -import RuleMetadata -import codingstandards.cpp.exclusions.RuleMetadata - -newtype ImportMisra23Query = - TUserCopyAndMoveAssignmentShallHandleSelfAssignmentQuery() or - TSectionsOfCodeShouldNotBeCommentedOutQuery() or - TDeclarationShouldNotDeclareMoreThanOneVariableQuery() or - TEnumerationNotDefinedWithAnExplicitUnderlyingTypeQuery() or - TAsmDeclarationShallNotBeUsedQuery() or - TDeclarationOfAnObjectIndirectionsLevelQuery() or - TValueOfAnEnumerationConstantNotUniqueQuery() or - TBitFieldShallHaveAnAppropriateTypeQuery() or - TSignedIntegerBitFieldHaveALengthOfOneBitQuery() or - TVirtualAndNonVirtualBaseClassInHierarchyQuery() or - TDifferentDefaultArgsInOverridingVirtualFunctionQuery() or - TDeclarationsOrOverridesParamsAreUnnamedOrIdenticalQuery() or - TComparisonOfVirtualPointerOnlyBeWithNullptrQuery() or - TDynamicTypeUsedWithinConstructorOrDestructorQuery() or - TConstructorsShouldInitializeAllBaseClassesQuery() or - TInitializerListConstructorIsTheOnlyConstructorQuery() or - TAddressOfOperatorOverloadedQuery() or - TFunctionTemplatesExplicitlySpecializedQuery() or - TExceptionObjectHavePointerTypeQuery() or - TEmptyThrowShallOnlyOccurWithinACatchHandlerQuery() or - THandlersReferToNonStaticMembersFromTheirClassQuery() or - TNoexceptFunctionShouldNotPropagateAnExceptionQuery() or - TFunctionLikeMacrosDefinedQuery() or - TIncludeDirectivesPrecededByPreprocessorDirectivesQuery() or - TIdentifiersUsedInTheControllingExpressionOfQuery() or - TCharsThatShouldNotOccurInHeaderFileNameQuery() or - TAndPreprocessorOperatorsShouldNotBeUsedQuery() or - TMacroParameterFollowingAHashOperatorQuery() or - TArgumentToAMixedUseMacroShoulNotNeedExpansionQuery() or - TTokensThatLookLikeDirectivesInAMacroArgumentQuery() or - TFacilitiesProvidedByCsignalUsedQuery() or - TAtofAtoiAtolAndAtollFromCstdlibUsedQuery() or - TMacroOffsetShouldNotBeUsedQuery() or - TDefineBothSizedAndUnsizedVersionOfAGlobalOperatorQuery() or - TPointerToAnIncompleteClassTypeDeletedQuery() or - TPointersReturnedByLocaleFunctionsMustBeUsedAsConstQuery() or - TCallToSetlocaleInvalidatesOldPointersMisraQuery() or - TCallToSetlocaleInvalidatesOldPointersWarnMisraQuery() or - TVectorShouldNotBeSpecializedWithBoolQuery() or - TForwardingReferencesAndForwardNotUsedTogetherQuery() or - TObjectUsedWhileInPotentiallyMovedFromStateQuery() or - TCLibraryInputoutputFunctionsUsedQuery() or - TReadsAndWritesOnStreamNotSeparatedByPositioningQuery() or - TOperationsOnMemoryNotSequencedAppropriatelyQuery() or - TCharacterOnlyInEscapeSequenceOrUniversalCharNameQuery() or - TEscapeSequencesAndUniversalCharNamesNotTerminatedQuery() or - TOctalConstantsUsedQuery() or - TUnsignedIntegerLiteralsNotAppropriatelySuffixedQuery() or - TLowercaseLUsedAsFirstCharacterInLiteralSuffixQuery() or - TCharacterSequenceUsedWithinACStyleCommentQuery() or - TLineSplicingUsedInCommentsQuery() or - TGlobalDeclarationsOnlyMainNamespaceOrExternCQuery() or - TMainUsedOnlyForTheGlobalFunctionMainQuery() or - TOneDefinitionRuleViolatedQuery() or - TVariableDeclaredInInnerScopeHidesOuterScopeQuery() or - TDerivedClasseConcealFunctionInheritedFromTheBaseQuery() or - TNameInDependentBaseResolvedByUnqualifiedLookupQuery() or - TObjectAccessedBeforeLifetimeMisraQuery() or - TObjectAccessedAfterLifetimeMisraQuery() or - TMustNotReturnReferenceToLocalAutomaticVariableQuery() or - TNullptrNotTheOnlyFormOfTheNullPointerConstantQuery() or - TArrayPassedAsFunctionArgumentDecayToAPointerQuery() or - TResultOfAnAssignmentOperatorShouldNotBeUsedQuery() or - TCommaOperatorShouldNotBeUsedQuery() or - TFunctionsCallThemselvesEitherDirectlyOrIndirectlyQuery() or - TCastRemovesConstOrVolatileFromPointerOrReferenceQuery() or - TCastsBetweenAPointerToFunctionAndAnyOtherTypeQuery() or - TReinterpretCastShallNotBeUsedQuery() or - TUnsignedOperationWithConstantOperandsShouldNotWrapQuery() or - TBuiltInOperatorAppliedToUnsignedExpressionQuery() or - TBodyOfIterationOrSelectionStatementNotCompoundQuery() or - TIfElseIfEndConditionQuery() or - TGotoStatementShouldNotBeUsedQuery() or - TGotoShallReferenceALabelInSurroundingBlockQuery() or - TGotoShallJumpToLabelDeclaredLaterInTheFunctionQuery() or - TFunctionDeclaredWithTheNoreturnAttributeReturnQuery() or - TNonVoidFunctionShallReturnAValueOnAllPathsQuery() - -predicate isImportMisra23QueryMetadata(Query query, string queryId, string ruleId, string category) { - query = - // `Query` instance for the `userCopyAndMoveAssignmentShallHandleSelfAssignment` query - ImportMisra23Package::userCopyAndMoveAssignmentShallHandleSelfAssignmentQuery() and - queryId = - // `@id` for the `userCopyAndMoveAssignmentShallHandleSelfAssignment` query - "cpp/misra/user-copy-and-move-assignment-shall-handle-self-assignment" and - ruleId = "DIR-15-8-1" and - category = "required" - or - query = - // `Query` instance for the `sectionsOfCodeShouldNotBeCommentedOut` query - ImportMisra23Package::sectionsOfCodeShouldNotBeCommentedOutQuery() and - queryId = - // `@id` for the `sectionsOfCodeShouldNotBeCommentedOut` query - "cpp/misra/sections-of-code-should-not-be-commented-out" and - ruleId = "DIR-5-7-2" and - category = "advisory" - or - query = - // `Query` instance for the `declarationShouldNotDeclareMoreThanOneVariable` query - ImportMisra23Package::declarationShouldNotDeclareMoreThanOneVariableQuery() and - queryId = - // `@id` for the `declarationShouldNotDeclareMoreThanOneVariable` query - "cpp/misra/declaration-should-not-declare-more-than-one-variable" and - ruleId = "RULE-10-0-1" and - category = "advisory" - or - query = - // `Query` instance for the `enumerationNotDefinedWithAnExplicitUnderlyingType` query - ImportMisra23Package::enumerationNotDefinedWithAnExplicitUnderlyingTypeQuery() and - queryId = - // `@id` for the `enumerationNotDefinedWithAnExplicitUnderlyingType` query - "cpp/misra/enumeration-not-defined-with-an-explicit-underlying-type" and - ruleId = "RULE-10-2-1" and - category = "required" - or - query = - // `Query` instance for the `asmDeclarationShallNotBeUsed` query - ImportMisra23Package::asmDeclarationShallNotBeUsedQuery() and - queryId = - // `@id` for the `asmDeclarationShallNotBeUsed` query - "cpp/misra/asm-declaration-shall-not-be-used" and - ruleId = "RULE-10-4-1" and - category = "required" - or - query = - // `Query` instance for the `declarationOfAnObjectIndirectionsLevel` query - ImportMisra23Package::declarationOfAnObjectIndirectionsLevelQuery() and - queryId = - // `@id` for the `declarationOfAnObjectIndirectionsLevel` query - "cpp/misra/declaration-of-an-object-indirections-level" and - ruleId = "RULE-11-3-2" and - category = "advisory" - or - query = - // `Query` instance for the `valueOfAnEnumerationConstantNotUnique` query - ImportMisra23Package::valueOfAnEnumerationConstantNotUniqueQuery() and - queryId = - // `@id` for the `valueOfAnEnumerationConstantNotUnique` query - "cpp/misra/value-of-an-enumeration-constant-not-unique" and - ruleId = "RULE-11-6-3" and - category = "required" - or - query = - // `Query` instance for the `bitFieldShallHaveAnAppropriateType` query - ImportMisra23Package::bitFieldShallHaveAnAppropriateTypeQuery() and - queryId = - // `@id` for the `bitFieldShallHaveAnAppropriateType` query - "cpp/misra/bit-field-shall-have-an-appropriate-type" and - ruleId = "RULE-12-2-2" and - category = "required" - or - query = - // `Query` instance for the `signedIntegerBitFieldHaveALengthOfOneBit` query - ImportMisra23Package::signedIntegerBitFieldHaveALengthOfOneBitQuery() and - queryId = - // `@id` for the `signedIntegerBitFieldHaveALengthOfOneBit` query - "cpp/misra/signed-integer-bit-field-have-a-length-of-one-bit" and - ruleId = "RULE-12-2-3" and - category = "required" - or - query = - // `Query` instance for the `virtualAndNonVirtualBaseClassInHierarchy` query - ImportMisra23Package::virtualAndNonVirtualBaseClassInHierarchyQuery() and - queryId = - // `@id` for the `virtualAndNonVirtualBaseClassInHierarchy` query - "cpp/misra/virtual-and-non-virtual-base-class-in-hierarchy" and - ruleId = "RULE-13-1-2" and - category = "required" - or - query = - // `Query` instance for the `differentDefaultArgsInOverridingVirtualFunction` query - ImportMisra23Package::differentDefaultArgsInOverridingVirtualFunctionQuery() and - queryId = - // `@id` for the `differentDefaultArgsInOverridingVirtualFunction` query - "cpp/misra/different-default-args-in-overriding-virtual-function" and - ruleId = "RULE-13-3-2" and - category = "required" - or - query = - // `Query` instance for the `declarationsOrOverridesParamsAreUnnamedOrIdentical` query - ImportMisra23Package::declarationsOrOverridesParamsAreUnnamedOrIdenticalQuery() and - queryId = - // `@id` for the `declarationsOrOverridesParamsAreUnnamedOrIdentical` query - "cpp/misra/declarations-or-overrides-params-are-unnamed-or-identical" and - ruleId = "RULE-13-3-3" and - category = "required" - or - query = - // `Query` instance for the `comparisonOfVirtualPointerOnlyBeWithNullptr` query - ImportMisra23Package::comparisonOfVirtualPointerOnlyBeWithNullptrQuery() and - queryId = - // `@id` for the `comparisonOfVirtualPointerOnlyBeWithNullptr` query - "cpp/misra/comparison-of-virtual-pointer-only-be-with-nullptr" and - ruleId = "RULE-13-3-4" and - category = "required" - or - query = - // `Query` instance for the `dynamicTypeUsedWithinConstructorOrDestructor` query - ImportMisra23Package::dynamicTypeUsedWithinConstructorOrDestructorQuery() and - queryId = - // `@id` for the `dynamicTypeUsedWithinConstructorOrDestructor` query - "cpp/misra/dynamic-type-used-within-constructor-or-destructor" and - ruleId = "RULE-15-1-1" and - category = "required" - or - query = - // `Query` instance for the `constructorsShouldInitializeAllBaseClasses` query - ImportMisra23Package::constructorsShouldInitializeAllBaseClassesQuery() and - queryId = - // `@id` for the `constructorsShouldInitializeAllBaseClasses` query - "cpp/misra/constructors-should-initialize-all-base-classes" and - ruleId = "RULE-15-1-2" and - category = "advisory" - or - query = - // `Query` instance for the `initializerListConstructorIsTheOnlyConstructor` query - ImportMisra23Package::initializerListConstructorIsTheOnlyConstructorQuery() and - queryId = - // `@id` for the `initializerListConstructorIsTheOnlyConstructor` query - "cpp/misra/initializer-list-constructor-is-the-only-constructor" and - ruleId = "RULE-15-1-5" and - category = "required" - or - query = - // `Query` instance for the `addressOfOperatorOverloaded` query - ImportMisra23Package::addressOfOperatorOverloadedQuery() and - queryId = - // `@id` for the `addressOfOperatorOverloaded` query - "cpp/misra/address-of-operator-overloaded" and - ruleId = "RULE-16-5-2" and - category = "required" - or - query = - // `Query` instance for the `functionTemplatesExplicitlySpecialized` query - ImportMisra23Package::functionTemplatesExplicitlySpecializedQuery() and - queryId = - // `@id` for the `functionTemplatesExplicitlySpecialized` query - "cpp/misra/function-templates-explicitly-specialized" and - ruleId = "RULE-17-8-1" and - category = "required" - or - query = - // `Query` instance for the `exceptionObjectHavePointerType` query - ImportMisra23Package::exceptionObjectHavePointerTypeQuery() and - queryId = - // `@id` for the `exceptionObjectHavePointerType` query - "cpp/misra/exception-object-have-pointer-type" and - ruleId = "RULE-18-1-1" and - category = "required" - or - query = - // `Query` instance for the `emptyThrowShallOnlyOccurWithinACatchHandler` query - ImportMisra23Package::emptyThrowShallOnlyOccurWithinACatchHandlerQuery() and - queryId = - // `@id` for the `emptyThrowShallOnlyOccurWithinACatchHandler` query - "cpp/misra/empty-throw-shall-only-occur-within-a-catch-handler" and - ruleId = "RULE-18-1-2" and - category = "required" - or - query = - // `Query` instance for the `handlersReferToNonStaticMembersFromTheirClass` query - ImportMisra23Package::handlersReferToNonStaticMembersFromTheirClassQuery() and - queryId = - // `@id` for the `handlersReferToNonStaticMembersFromTheirClass` query - "cpp/misra/handlers-refer-to-non-static-members-from-their-class" and - ruleId = "RULE-18-3-3" and - category = "required" - or - query = - // `Query` instance for the `noexceptFunctionShouldNotPropagateAnException` query - ImportMisra23Package::noexceptFunctionShouldNotPropagateAnExceptionQuery() and - queryId = - // `@id` for the `noexceptFunctionShouldNotPropagateAnException` query - "cpp/misra/noexcept-function-should-not-propagate-an-exception" and - ruleId = "RULE-18-5-1" and - category = "advisory" - or - query = - // `Query` instance for the `functionLikeMacrosDefined` query - ImportMisra23Package::functionLikeMacrosDefinedQuery() and - queryId = - // `@id` for the `functionLikeMacrosDefined` query - "cpp/misra/function-like-macros-defined" and - ruleId = "RULE-19-0-2" and - category = "required" - or - query = - // `Query` instance for the `includeDirectivesPrecededByPreprocessorDirectives` query - ImportMisra23Package::includeDirectivesPrecededByPreprocessorDirectivesQuery() and - queryId = - // `@id` for the `includeDirectivesPrecededByPreprocessorDirectives` query - "cpp/misra/include-directives-preceded-by-preprocessor-directives" and - ruleId = "RULE-19-0-3" and - category = "advisory" - or - query = - // `Query` instance for the `identifiersUsedInTheControllingExpressionOf` query - ImportMisra23Package::identifiersUsedInTheControllingExpressionOfQuery() and - queryId = - // `@id` for the `identifiersUsedInTheControllingExpressionOf` query - "cpp/misra/identifiers-used-in-the-controlling-expression-of" and - ruleId = "RULE-19-1-3" and - category = "required" - or - query = - // `Query` instance for the `charsThatShouldNotOccurInHeaderFileName` query - ImportMisra23Package::charsThatShouldNotOccurInHeaderFileNameQuery() and - queryId = - // `@id` for the `charsThatShouldNotOccurInHeaderFileName` query - "cpp/misra/chars-that-should-not-occur-in-header-file-name" and - ruleId = "RULE-19-2-3" and - category = "required" - or - query = - // `Query` instance for the `andPreprocessorOperatorsShouldNotBeUsed` query - ImportMisra23Package::andPreprocessorOperatorsShouldNotBeUsedQuery() and - queryId = - // `@id` for the `andPreprocessorOperatorsShouldNotBeUsed` query - "cpp/misra/and-preprocessor-operators-should-not-be-used" and - ruleId = "RULE-19-3-1" and - category = "advisory" - or - query = - // `Query` instance for the `macroParameterFollowingAHashOperator` query - ImportMisra23Package::macroParameterFollowingAHashOperatorQuery() and - queryId = - // `@id` for the `macroParameterFollowingAHashOperator` query - "cpp/misra/macro-parameter-following-a-hash-operator" and - ruleId = "RULE-19-3-2" and - category = "required" - or - query = - // `Query` instance for the `argumentToAMixedUseMacroShoulNotNeedExpansion` query - ImportMisra23Package::argumentToAMixedUseMacroShoulNotNeedExpansionQuery() and - queryId = - // `@id` for the `argumentToAMixedUseMacroShoulNotNeedExpansion` query - "cpp/misra/argument-to-a-mixed-use-macro-shoul-not-need-expansion" and - ruleId = "RULE-19-3-3" and - category = "required" - or - query = - // `Query` instance for the `tokensThatLookLikeDirectivesInAMacroArgument` query - ImportMisra23Package::tokensThatLookLikeDirectivesInAMacroArgumentQuery() and - queryId = - // `@id` for the `tokensThatLookLikeDirectivesInAMacroArgument` query - "cpp/misra/tokens-that-look-like-directives-in-a-macro-argument" and - ruleId = "RULE-19-3-5" and - category = "required" - or - query = - // `Query` instance for the `facilitiesProvidedByCsignalUsed` query - ImportMisra23Package::facilitiesProvidedByCsignalUsedQuery() and - queryId = - // `@id` for the `facilitiesProvidedByCsignalUsed` query - "cpp/misra/facilities-provided-by-csignal-used" and - ruleId = "RULE-21-10-3" and - category = "required" - or - query = - // `Query` instance for the `atofAtoiAtolAndAtollFromCstdlibUsed` query - ImportMisra23Package::atofAtoiAtolAndAtollFromCstdlibUsedQuery() and - queryId = - // `@id` for the `atofAtoiAtolAndAtollFromCstdlibUsed` query - "cpp/misra/atof-atoi-atol-and-atoll-from-cstdlib-used" and - ruleId = "RULE-21-2-1" and - category = "required" - or - query = - // `Query` instance for the `macroOffsetShouldNotBeUsed` query - ImportMisra23Package::macroOffsetShouldNotBeUsedQuery() and - queryId = - // `@id` for the `macroOffsetShouldNotBeUsed` query - "cpp/misra/macro-offset-should-not-be-used" and - ruleId = "RULE-21-2-4" and - category = "required" - or - query = - // `Query` instance for the `defineBothSizedAndUnsizedVersionOfAGlobalOperator` query - ImportMisra23Package::defineBothSizedAndUnsizedVersionOfAGlobalOperatorQuery() and - queryId = - // `@id` for the `defineBothSizedAndUnsizedVersionOfAGlobalOperator` query - "cpp/misra/define-both-sized-and-unsized-version-of-a-global-operator" and - ruleId = "RULE-21-6-4" and - category = "required" - or - query = - // `Query` instance for the `pointerToAnIncompleteClassTypeDeleted` query - ImportMisra23Package::pointerToAnIncompleteClassTypeDeletedQuery() and - queryId = - // `@id` for the `pointerToAnIncompleteClassTypeDeleted` query - "cpp/misra/pointer-to-an-incomplete-class-type-deleted" and - ruleId = "RULE-21-6-5" and - category = "required" - or - query = - // `Query` instance for the `pointersReturnedByLocaleFunctionsMustBeUsedAsConst` query - ImportMisra23Package::pointersReturnedByLocaleFunctionsMustBeUsedAsConstQuery() and - queryId = - // `@id` for the `pointersReturnedByLocaleFunctionsMustBeUsedAsConst` query - "cpp/misra/pointers-returned-by-locale-functions-must-be-used-as-const" and - ruleId = "RULE-25-5-2" and - category = "mandatory" - or - query = - // `Query` instance for the `callToSetlocaleInvalidatesOldPointersMisra` query - ImportMisra23Package::callToSetlocaleInvalidatesOldPointersMisraQuery() and - queryId = - // `@id` for the `callToSetlocaleInvalidatesOldPointersMisra` query - "cpp/misra/call-to-setlocale-invalidates-old-pointers-misra" and - ruleId = "RULE-25-5-3" and - category = "mandatory" - or - query = - // `Query` instance for the `callToSetlocaleInvalidatesOldPointersWarnMisra` query - ImportMisra23Package::callToSetlocaleInvalidatesOldPointersWarnMisraQuery() and - queryId = - // `@id` for the `callToSetlocaleInvalidatesOldPointersWarnMisra` query - "cpp/misra/call-to-setlocale-invalidates-old-pointers-warn-misra" and - ruleId = "RULE-25-5-3" and - category = "mandatory" - or - query = - // `Query` instance for the `vectorShouldNotBeSpecializedWithBool` query - ImportMisra23Package::vectorShouldNotBeSpecializedWithBoolQuery() and - queryId = - // `@id` for the `vectorShouldNotBeSpecializedWithBool` query - "cpp/misra/vector-should-not-be-specialized-with-bool" and - ruleId = "RULE-26-3-1" and - category = "advisory" - or - query = - // `Query` instance for the `forwardingReferencesAndForwardNotUsedTogether` query - ImportMisra23Package::forwardingReferencesAndForwardNotUsedTogetherQuery() and - queryId = - // `@id` for the `forwardingReferencesAndForwardNotUsedTogether` query - "cpp/misra/forwarding-references-and-forward-not-used-together" and - ruleId = "RULE-28-6-2" and - category = "required" - or - query = - // `Query` instance for the `objectUsedWhileInPotentiallyMovedFromState` query - ImportMisra23Package::objectUsedWhileInPotentiallyMovedFromStateQuery() and - queryId = - // `@id` for the `objectUsedWhileInPotentiallyMovedFromState` query - "cpp/misra/object-used-while-in-potentially-moved-from-state" and - ruleId = "RULE-28-6-3" and - category = "required" - or - query = - // `Query` instance for the `cLibraryInputoutputFunctionsUsed` query - ImportMisra23Package::cLibraryInputoutputFunctionsUsedQuery() and - queryId = - // `@id` for the `cLibraryInputoutputFunctionsUsed` query - "cpp/misra/c-library-inputoutput-functions-used" and - ruleId = "RULE-30-0-1" and - category = "required" - or - query = - // `Query` instance for the `readsAndWritesOnStreamNotSeparatedByPositioning` query - ImportMisra23Package::readsAndWritesOnStreamNotSeparatedByPositioningQuery() and - queryId = - // `@id` for the `readsAndWritesOnStreamNotSeparatedByPositioning` query - "cpp/misra/reads-and-writes-on-stream-not-separated-by-positioning" and - ruleId = "RULE-30-0-2" and - category = "required" - or - query = - // `Query` instance for the `operationsOnMemoryNotSequencedAppropriately` query - ImportMisra23Package::operationsOnMemoryNotSequencedAppropriatelyQuery() and - queryId = - // `@id` for the `operationsOnMemoryNotSequencedAppropriately` query - "cpp/misra/operations-on-memory-not-sequenced-appropriately" and - ruleId = "RULE-4-6-1" and - category = "required" - or - query = - // `Query` instance for the `characterOnlyInEscapeSequenceOrUniversalCharName` query - ImportMisra23Package::characterOnlyInEscapeSequenceOrUniversalCharNameQuery() and - queryId = - // `@id` for the `characterOnlyInEscapeSequenceOrUniversalCharName` query - "cpp/misra/character-only-in-escape-sequence-or-universal-char-name" and - ruleId = "RULE-5-13-1" and - category = "required" - or - query = - // `Query` instance for the `escapeSequencesAndUniversalCharNamesNotTerminated` query - ImportMisra23Package::escapeSequencesAndUniversalCharNamesNotTerminatedQuery() and - queryId = - // `@id` for the `escapeSequencesAndUniversalCharNamesNotTerminated` query - "cpp/misra/escape-sequences-and-universal-char-names-not-terminated" and - ruleId = "RULE-5-13-2" and - category = "required" - or - query = - // `Query` instance for the `octalConstantsUsed` query - ImportMisra23Package::octalConstantsUsedQuery() and - queryId = - // `@id` for the `octalConstantsUsed` query - "cpp/misra/octal-constants-used" and - ruleId = "RULE-5-13-3" and - category = "required" - or - query = - // `Query` instance for the `unsignedIntegerLiteralsNotAppropriatelySuffixed` query - ImportMisra23Package::unsignedIntegerLiteralsNotAppropriatelySuffixedQuery() and - queryId = - // `@id` for the `unsignedIntegerLiteralsNotAppropriatelySuffixed` query - "cpp/misra/unsigned-integer-literals-not-appropriately-suffixed" and - ruleId = "RULE-5-13-4" and - category = "required" - or - query = - // `Query` instance for the `lowercaseLUsedAsFirstCharacterInLiteralSuffix` query - ImportMisra23Package::lowercaseLUsedAsFirstCharacterInLiteralSuffixQuery() and - queryId = - // `@id` for the `lowercaseLUsedAsFirstCharacterInLiteralSuffix` query - "cpp/misra/lowercase-l-used-as-first-character-in-literal-suffix" and - ruleId = "RULE-5-13-5" and - category = "required" - or - query = - // `Query` instance for the `characterSequenceUsedWithinACStyleComment` query - ImportMisra23Package::characterSequenceUsedWithinACStyleCommentQuery() and - queryId = - // `@id` for the `characterSequenceUsedWithinACStyleComment` query - "cpp/misra/character-sequence-used-within-ac-style-comment" and - ruleId = "RULE-5-7-1" and - category = "required" - or - query = - // `Query` instance for the `lineSplicingUsedInComments` query - ImportMisra23Package::lineSplicingUsedInCommentsQuery() and - queryId = - // `@id` for the `lineSplicingUsedInComments` query - "cpp/misra/line-splicing-used-in-comments" and - ruleId = "RULE-5-7-3" and - category = "required" - or - query = - // `Query` instance for the `globalDeclarationsOnlyMainNamespaceOrExternC` query - ImportMisra23Package::globalDeclarationsOnlyMainNamespaceOrExternCQuery() and - queryId = - // `@id` for the `globalDeclarationsOnlyMainNamespaceOrExternC` query - "cpp/misra/global-declarations-only-main-namespace-or-extern-c" and - ruleId = "RULE-6-0-3" and - category = "advisory" - or - query = - // `Query` instance for the `mainUsedOnlyForTheGlobalFunctionMain` query - ImportMisra23Package::mainUsedOnlyForTheGlobalFunctionMainQuery() and - queryId = - // `@id` for the `mainUsedOnlyForTheGlobalFunctionMain` query - "cpp/misra/main-used-only-for-the-global-function-main" and - ruleId = "RULE-6-0-4" and - category = "required" - or - query = - // `Query` instance for the `oneDefinitionRuleViolated` query - ImportMisra23Package::oneDefinitionRuleViolatedQuery() and - queryId = - // `@id` for the `oneDefinitionRuleViolated` query - "cpp/misra/one-definition-rule-violated" and - ruleId = "RULE-6-2-1" and - category = "required" - or - query = - // `Query` instance for the `variableDeclaredInInnerScopeHidesOuterScope` query - ImportMisra23Package::variableDeclaredInInnerScopeHidesOuterScopeQuery() and - queryId = - // `@id` for the `variableDeclaredInInnerScopeHidesOuterScope` query - "cpp/misra/variable-declared-in-inner-scope-hides-outer-scope" and - ruleId = "RULE-6-4-1" and - category = "required" - or - query = - // `Query` instance for the `derivedClasseConcealFunctionInheritedFromTheBase` query - ImportMisra23Package::derivedClasseConcealFunctionInheritedFromTheBaseQuery() and - queryId = - // `@id` for the `derivedClasseConcealFunctionInheritedFromTheBase` query - "cpp/misra/derived-classe-conceal-function-inherited-from-the-base" and - ruleId = "RULE-6-4-2" and - category = "required" - or - query = - // `Query` instance for the `nameInDependentBaseResolvedByUnqualifiedLookup` query - ImportMisra23Package::nameInDependentBaseResolvedByUnqualifiedLookupQuery() and - queryId = - // `@id` for the `nameInDependentBaseResolvedByUnqualifiedLookup` query - "cpp/misra/name-in-dependent-base-resolved-by-unqualified-lookup" and - ruleId = "RULE-6-4-3" and - category = "required" - or - query = - // `Query` instance for the `objectAccessedBeforeLifetimeMisra` query - ImportMisra23Package::objectAccessedBeforeLifetimeMisraQuery() and - queryId = - // `@id` for the `objectAccessedBeforeLifetimeMisra` query - "cpp/misra/object-accessed-before-lifetime-misra" and - ruleId = "RULE-6-8-1" and - category = "required" - or - query = - // `Query` instance for the `objectAccessedAfterLifetimeMisra` query - ImportMisra23Package::objectAccessedAfterLifetimeMisraQuery() and - queryId = - // `@id` for the `objectAccessedAfterLifetimeMisra` query - "cpp/misra/object-accessed-after-lifetime-misra" and - ruleId = "RULE-6-8-1" and - category = "required" - or - query = - // `Query` instance for the `mustNotReturnReferenceToLocalAutomaticVariable` query - ImportMisra23Package::mustNotReturnReferenceToLocalAutomaticVariableQuery() and - queryId = - // `@id` for the `mustNotReturnReferenceToLocalAutomaticVariable` query - "cpp/misra/must-not-return-reference-to-local-automatic-variable" and - ruleId = "RULE-6-8-2" and - category = "mandatory" - or - query = - // `Query` instance for the `nullptrNotTheOnlyFormOfTheNullPointerConstant` query - ImportMisra23Package::nullptrNotTheOnlyFormOfTheNullPointerConstantQuery() and - queryId = - // `@id` for the `nullptrNotTheOnlyFormOfTheNullPointerConstant` query - "cpp/misra/nullptr-not-the-only-form-of-the-null-pointer-constant" and - ruleId = "RULE-7-11-1" and - category = "required" - or - query = - // `Query` instance for the `arrayPassedAsFunctionArgumentDecayToAPointer` query - ImportMisra23Package::arrayPassedAsFunctionArgumentDecayToAPointerQuery() and - queryId = - // `@id` for the `arrayPassedAsFunctionArgumentDecayToAPointer` query - "cpp/misra/array-passed-as-function-argument-decay-to-a-pointer" and - ruleId = "RULE-7-11-2" and - category = "required" - or - query = - // `Query` instance for the `resultOfAnAssignmentOperatorShouldNotBeUsed` query - ImportMisra23Package::resultOfAnAssignmentOperatorShouldNotBeUsedQuery() and - queryId = - // `@id` for the `resultOfAnAssignmentOperatorShouldNotBeUsed` query - "cpp/misra/result-of-an-assignment-operator-should-not-be-used" and - ruleId = "RULE-8-18-2" and - category = "advisory" - or - query = - // `Query` instance for the `commaOperatorShouldNotBeUsed` query - ImportMisra23Package::commaOperatorShouldNotBeUsedQuery() and - queryId = - // `@id` for the `commaOperatorShouldNotBeUsed` query - "cpp/misra/comma-operator-should-not-be-used" and - ruleId = "RULE-8-19-1" and - category = "advisory" - or - query = - // `Query` instance for the `functionsCallThemselvesEitherDirectlyOrIndirectly` query - ImportMisra23Package::functionsCallThemselvesEitherDirectlyOrIndirectlyQuery() and - queryId = - // `@id` for the `functionsCallThemselvesEitherDirectlyOrIndirectly` query - "cpp/misra/functions-call-themselves-either-directly-or-indirectly" and - ruleId = "RULE-8-2-10" and - category = "required" - or - query = - // `Query` instance for the `castRemovesConstOrVolatileFromPointerOrReference` query - ImportMisra23Package::castRemovesConstOrVolatileFromPointerOrReferenceQuery() and - queryId = - // `@id` for the `castRemovesConstOrVolatileFromPointerOrReference` query - "cpp/misra/cast-removes-const-or-volatile-from-pointer-or-reference" and - ruleId = "RULE-8-2-3" and - category = "required" - or - query = - // `Query` instance for the `castsBetweenAPointerToFunctionAndAnyOtherType` query - ImportMisra23Package::castsBetweenAPointerToFunctionAndAnyOtherTypeQuery() and - queryId = - // `@id` for the `castsBetweenAPointerToFunctionAndAnyOtherType` query - "cpp/misra/casts-between-a-pointer-to-function-and-any-other-type" and - ruleId = "RULE-8-2-4" and - category = "required" - or - query = - // `Query` instance for the `reinterpretCastShallNotBeUsed` query - ImportMisra23Package::reinterpretCastShallNotBeUsedQuery() and - queryId = - // `@id` for the `reinterpretCastShallNotBeUsed` query - "cpp/misra/reinterpret-cast-shall-not-be-used" and - ruleId = "RULE-8-2-5" and - category = "required" - or - query = - // `Query` instance for the `unsignedOperationWithConstantOperandsShouldNotWrap` query - ImportMisra23Package::unsignedOperationWithConstantOperandsShouldNotWrapQuery() and - queryId = - // `@id` for the `unsignedOperationWithConstantOperandsShouldNotWrap` query - "cpp/misra/unsigned-operation-with-constant-operands-should-not-wrap" and - ruleId = "RULE-8-20-1" and - category = "advisory" - or - query = - // `Query` instance for the `builtInOperatorAppliedToUnsignedExpression` query - ImportMisra23Package::builtInOperatorAppliedToUnsignedExpressionQuery() and - queryId = - // `@id` for the `builtInOperatorAppliedToUnsignedExpression` query - "cpp/misra/built-in-operator-applied-to-unsigned-expression" and - ruleId = "RULE-8-3-1" and - category = "advisory" - or - query = - // `Query` instance for the `bodyOfIterationOrSelectionStatementNotCompound` query - ImportMisra23Package::bodyOfIterationOrSelectionStatementNotCompoundQuery() and - queryId = - // `@id` for the `bodyOfIterationOrSelectionStatementNotCompound` query - "cpp/misra/body-of-iteration-or-selection-statement-not-compound" and - ruleId = "RULE-9-3-1" and - category = "required" - or - query = - // `Query` instance for the `ifElseIfEndCondition` query - ImportMisra23Package::ifElseIfEndConditionQuery() and - queryId = - // `@id` for the `ifElseIfEndCondition` query - "cpp/misra/if-else-if-end-condition" and - ruleId = "RULE-9-4-1" and - category = "required" - or - query = - // `Query` instance for the `gotoStatementShouldNotBeUsed` query - ImportMisra23Package::gotoStatementShouldNotBeUsedQuery() and - queryId = - // `@id` for the `gotoStatementShouldNotBeUsed` query - "cpp/misra/goto-statement-should-not-be-used" and - ruleId = "RULE-9-6-1" and - category = "advisory" - or - query = - // `Query` instance for the `gotoShallReferenceALabelInSurroundingBlock` query - ImportMisra23Package::gotoShallReferenceALabelInSurroundingBlockQuery() and - queryId = - // `@id` for the `gotoShallReferenceALabelInSurroundingBlock` query - "cpp/misra/goto-shall-reference-a-label-in-surrounding-block" and - ruleId = "RULE-9-6-2" and - category = "required" - or - query = - // `Query` instance for the `gotoShallJumpToLabelDeclaredLaterInTheFunction` query - ImportMisra23Package::gotoShallJumpToLabelDeclaredLaterInTheFunctionQuery() and - queryId = - // `@id` for the `gotoShallJumpToLabelDeclaredLaterInTheFunction` query - "cpp/misra/goto-shall-jump-to-label-declared-later-in-the-function" and - ruleId = "RULE-9-6-3" and - category = "required" - or - query = - // `Query` instance for the `functionDeclaredWithTheNoreturnAttributeReturn` query - ImportMisra23Package::functionDeclaredWithTheNoreturnAttributeReturnQuery() and - queryId = - // `@id` for the `functionDeclaredWithTheNoreturnAttributeReturn` query - "cpp/misra/function-declared-with-the-noreturn-attribute-return" and - ruleId = "RULE-9-6-4" and - category = "required" - or - query = - // `Query` instance for the `nonVoidFunctionShallReturnAValueOnAllPaths` query - ImportMisra23Package::nonVoidFunctionShallReturnAValueOnAllPathsQuery() and - queryId = - // `@id` for the `nonVoidFunctionShallReturnAValueOnAllPaths` query - "cpp/misra/non-void-function-shall-return-a-value-on-all-paths" and - ruleId = "RULE-9-6-5" and - category = "required" -} - -module ImportMisra23Package { - Query userCopyAndMoveAssignmentShallHandleSelfAssignmentQuery() { - //autogenerate `Query` type - result = - // `Query` type for `userCopyAndMoveAssignmentShallHandleSelfAssignment` query - TQueryCPP(TImportMisra23PackageQuery(TUserCopyAndMoveAssignmentShallHandleSelfAssignmentQuery())) - } - - Query sectionsOfCodeShouldNotBeCommentedOutQuery() { - //autogenerate `Query` type - result = - // `Query` type for `sectionsOfCodeShouldNotBeCommentedOut` query - TQueryCPP(TImportMisra23PackageQuery(TSectionsOfCodeShouldNotBeCommentedOutQuery())) - } - - Query declarationShouldNotDeclareMoreThanOneVariableQuery() { - //autogenerate `Query` type - result = - // `Query` type for `declarationShouldNotDeclareMoreThanOneVariable` query - TQueryCPP(TImportMisra23PackageQuery(TDeclarationShouldNotDeclareMoreThanOneVariableQuery())) - } - - Query enumerationNotDefinedWithAnExplicitUnderlyingTypeQuery() { - //autogenerate `Query` type - result = - // `Query` type for `enumerationNotDefinedWithAnExplicitUnderlyingType` query - TQueryCPP(TImportMisra23PackageQuery(TEnumerationNotDefinedWithAnExplicitUnderlyingTypeQuery())) - } - - Query asmDeclarationShallNotBeUsedQuery() { - //autogenerate `Query` type - result = - // `Query` type for `asmDeclarationShallNotBeUsed` query - TQueryCPP(TImportMisra23PackageQuery(TAsmDeclarationShallNotBeUsedQuery())) - } - - Query declarationOfAnObjectIndirectionsLevelQuery() { - //autogenerate `Query` type - result = - // `Query` type for `declarationOfAnObjectIndirectionsLevel` query - TQueryCPP(TImportMisra23PackageQuery(TDeclarationOfAnObjectIndirectionsLevelQuery())) - } - - Query valueOfAnEnumerationConstantNotUniqueQuery() { - //autogenerate `Query` type - result = - // `Query` type for `valueOfAnEnumerationConstantNotUnique` query - TQueryCPP(TImportMisra23PackageQuery(TValueOfAnEnumerationConstantNotUniqueQuery())) - } - - Query bitFieldShallHaveAnAppropriateTypeQuery() { - //autogenerate `Query` type - result = - // `Query` type for `bitFieldShallHaveAnAppropriateType` query - TQueryCPP(TImportMisra23PackageQuery(TBitFieldShallHaveAnAppropriateTypeQuery())) - } - - Query signedIntegerBitFieldHaveALengthOfOneBitQuery() { - //autogenerate `Query` type - result = - // `Query` type for `signedIntegerBitFieldHaveALengthOfOneBit` query - TQueryCPP(TImportMisra23PackageQuery(TSignedIntegerBitFieldHaveALengthOfOneBitQuery())) - } - - Query virtualAndNonVirtualBaseClassInHierarchyQuery() { - //autogenerate `Query` type - result = - // `Query` type for `virtualAndNonVirtualBaseClassInHierarchy` query - TQueryCPP(TImportMisra23PackageQuery(TVirtualAndNonVirtualBaseClassInHierarchyQuery())) - } - - Query differentDefaultArgsInOverridingVirtualFunctionQuery() { - //autogenerate `Query` type - result = - // `Query` type for `differentDefaultArgsInOverridingVirtualFunction` query - TQueryCPP(TImportMisra23PackageQuery(TDifferentDefaultArgsInOverridingVirtualFunctionQuery())) - } - - Query declarationsOrOverridesParamsAreUnnamedOrIdenticalQuery() { - //autogenerate `Query` type - result = - // `Query` type for `declarationsOrOverridesParamsAreUnnamedOrIdentical` query - TQueryCPP(TImportMisra23PackageQuery(TDeclarationsOrOverridesParamsAreUnnamedOrIdenticalQuery())) - } - - Query comparisonOfVirtualPointerOnlyBeWithNullptrQuery() { - //autogenerate `Query` type - result = - // `Query` type for `comparisonOfVirtualPointerOnlyBeWithNullptr` query - TQueryCPP(TImportMisra23PackageQuery(TComparisonOfVirtualPointerOnlyBeWithNullptrQuery())) - } - - Query dynamicTypeUsedWithinConstructorOrDestructorQuery() { - //autogenerate `Query` type - result = - // `Query` type for `dynamicTypeUsedWithinConstructorOrDestructor` query - TQueryCPP(TImportMisra23PackageQuery(TDynamicTypeUsedWithinConstructorOrDestructorQuery())) - } - - Query constructorsShouldInitializeAllBaseClassesQuery() { - //autogenerate `Query` type - result = - // `Query` type for `constructorsShouldInitializeAllBaseClasses` query - TQueryCPP(TImportMisra23PackageQuery(TConstructorsShouldInitializeAllBaseClassesQuery())) - } - - Query initializerListConstructorIsTheOnlyConstructorQuery() { - //autogenerate `Query` type - result = - // `Query` type for `initializerListConstructorIsTheOnlyConstructor` query - TQueryCPP(TImportMisra23PackageQuery(TInitializerListConstructorIsTheOnlyConstructorQuery())) - } - - Query addressOfOperatorOverloadedQuery() { - //autogenerate `Query` type - result = - // `Query` type for `addressOfOperatorOverloaded` query - TQueryCPP(TImportMisra23PackageQuery(TAddressOfOperatorOverloadedQuery())) - } - - Query functionTemplatesExplicitlySpecializedQuery() { - //autogenerate `Query` type - result = - // `Query` type for `functionTemplatesExplicitlySpecialized` query - TQueryCPP(TImportMisra23PackageQuery(TFunctionTemplatesExplicitlySpecializedQuery())) - } - - Query exceptionObjectHavePointerTypeQuery() { - //autogenerate `Query` type - result = - // `Query` type for `exceptionObjectHavePointerType` query - TQueryCPP(TImportMisra23PackageQuery(TExceptionObjectHavePointerTypeQuery())) - } - - Query emptyThrowShallOnlyOccurWithinACatchHandlerQuery() { - //autogenerate `Query` type - result = - // `Query` type for `emptyThrowShallOnlyOccurWithinACatchHandler` query - TQueryCPP(TImportMisra23PackageQuery(TEmptyThrowShallOnlyOccurWithinACatchHandlerQuery())) - } - - Query handlersReferToNonStaticMembersFromTheirClassQuery() { - //autogenerate `Query` type - result = - // `Query` type for `handlersReferToNonStaticMembersFromTheirClass` query - TQueryCPP(TImportMisra23PackageQuery(THandlersReferToNonStaticMembersFromTheirClassQuery())) - } - - Query noexceptFunctionShouldNotPropagateAnExceptionQuery() { - //autogenerate `Query` type - result = - // `Query` type for `noexceptFunctionShouldNotPropagateAnException` query - TQueryCPP(TImportMisra23PackageQuery(TNoexceptFunctionShouldNotPropagateAnExceptionQuery())) - } - - Query functionLikeMacrosDefinedQuery() { - //autogenerate `Query` type - result = - // `Query` type for `functionLikeMacrosDefined` query - TQueryCPP(TImportMisra23PackageQuery(TFunctionLikeMacrosDefinedQuery())) - } - - Query includeDirectivesPrecededByPreprocessorDirectivesQuery() { - //autogenerate `Query` type - result = - // `Query` type for `includeDirectivesPrecededByPreprocessorDirectives` query - TQueryCPP(TImportMisra23PackageQuery(TIncludeDirectivesPrecededByPreprocessorDirectivesQuery())) - } - - Query identifiersUsedInTheControllingExpressionOfQuery() { - //autogenerate `Query` type - result = - // `Query` type for `identifiersUsedInTheControllingExpressionOf` query - TQueryCPP(TImportMisra23PackageQuery(TIdentifiersUsedInTheControllingExpressionOfQuery())) - } - - Query charsThatShouldNotOccurInHeaderFileNameQuery() { - //autogenerate `Query` type - result = - // `Query` type for `charsThatShouldNotOccurInHeaderFileName` query - TQueryCPP(TImportMisra23PackageQuery(TCharsThatShouldNotOccurInHeaderFileNameQuery())) - } - - Query andPreprocessorOperatorsShouldNotBeUsedQuery() { - //autogenerate `Query` type - result = - // `Query` type for `andPreprocessorOperatorsShouldNotBeUsed` query - TQueryCPP(TImportMisra23PackageQuery(TAndPreprocessorOperatorsShouldNotBeUsedQuery())) - } - - Query macroParameterFollowingAHashOperatorQuery() { - //autogenerate `Query` type - result = - // `Query` type for `macroParameterFollowingAHashOperator` query - TQueryCPP(TImportMisra23PackageQuery(TMacroParameterFollowingAHashOperatorQuery())) - } - - Query argumentToAMixedUseMacroShoulNotNeedExpansionQuery() { - //autogenerate `Query` type - result = - // `Query` type for `argumentToAMixedUseMacroShoulNotNeedExpansion` query - TQueryCPP(TImportMisra23PackageQuery(TArgumentToAMixedUseMacroShoulNotNeedExpansionQuery())) - } - - Query tokensThatLookLikeDirectivesInAMacroArgumentQuery() { - //autogenerate `Query` type - result = - // `Query` type for `tokensThatLookLikeDirectivesInAMacroArgument` query - TQueryCPP(TImportMisra23PackageQuery(TTokensThatLookLikeDirectivesInAMacroArgumentQuery())) - } - - Query facilitiesProvidedByCsignalUsedQuery() { - //autogenerate `Query` type - result = - // `Query` type for `facilitiesProvidedByCsignalUsed` query - TQueryCPP(TImportMisra23PackageQuery(TFacilitiesProvidedByCsignalUsedQuery())) - } - - Query atofAtoiAtolAndAtollFromCstdlibUsedQuery() { - //autogenerate `Query` type - result = - // `Query` type for `atofAtoiAtolAndAtollFromCstdlibUsed` query - TQueryCPP(TImportMisra23PackageQuery(TAtofAtoiAtolAndAtollFromCstdlibUsedQuery())) - } - - Query macroOffsetShouldNotBeUsedQuery() { - //autogenerate `Query` type - result = - // `Query` type for `macroOffsetShouldNotBeUsed` query - TQueryCPP(TImportMisra23PackageQuery(TMacroOffsetShouldNotBeUsedQuery())) - } - - Query defineBothSizedAndUnsizedVersionOfAGlobalOperatorQuery() { - //autogenerate `Query` type - result = - // `Query` type for `defineBothSizedAndUnsizedVersionOfAGlobalOperator` query - TQueryCPP(TImportMisra23PackageQuery(TDefineBothSizedAndUnsizedVersionOfAGlobalOperatorQuery())) - } - - Query pointerToAnIncompleteClassTypeDeletedQuery() { - //autogenerate `Query` type - result = - // `Query` type for `pointerToAnIncompleteClassTypeDeleted` query - TQueryCPP(TImportMisra23PackageQuery(TPointerToAnIncompleteClassTypeDeletedQuery())) - } - - Query pointersReturnedByLocaleFunctionsMustBeUsedAsConstQuery() { - //autogenerate `Query` type - result = - // `Query` type for `pointersReturnedByLocaleFunctionsMustBeUsedAsConst` query - TQueryCPP(TImportMisra23PackageQuery(TPointersReturnedByLocaleFunctionsMustBeUsedAsConstQuery())) - } - - Query callToSetlocaleInvalidatesOldPointersMisraQuery() { - //autogenerate `Query` type - result = - // `Query` type for `callToSetlocaleInvalidatesOldPointersMisra` query - TQueryCPP(TImportMisra23PackageQuery(TCallToSetlocaleInvalidatesOldPointersMisraQuery())) - } - - Query callToSetlocaleInvalidatesOldPointersWarnMisraQuery() { - //autogenerate `Query` type - result = - // `Query` type for `callToSetlocaleInvalidatesOldPointersWarnMisra` query - TQueryCPP(TImportMisra23PackageQuery(TCallToSetlocaleInvalidatesOldPointersWarnMisraQuery())) - } - - Query vectorShouldNotBeSpecializedWithBoolQuery() { - //autogenerate `Query` type - result = - // `Query` type for `vectorShouldNotBeSpecializedWithBool` query - TQueryCPP(TImportMisra23PackageQuery(TVectorShouldNotBeSpecializedWithBoolQuery())) - } - - Query forwardingReferencesAndForwardNotUsedTogetherQuery() { - //autogenerate `Query` type - result = - // `Query` type for `forwardingReferencesAndForwardNotUsedTogether` query - TQueryCPP(TImportMisra23PackageQuery(TForwardingReferencesAndForwardNotUsedTogetherQuery())) - } - - Query objectUsedWhileInPotentiallyMovedFromStateQuery() { - //autogenerate `Query` type - result = - // `Query` type for `objectUsedWhileInPotentiallyMovedFromState` query - TQueryCPP(TImportMisra23PackageQuery(TObjectUsedWhileInPotentiallyMovedFromStateQuery())) - } - - Query cLibraryInputoutputFunctionsUsedQuery() { - //autogenerate `Query` type - result = - // `Query` type for `cLibraryInputoutputFunctionsUsed` query - TQueryCPP(TImportMisra23PackageQuery(TCLibraryInputoutputFunctionsUsedQuery())) - } - - Query readsAndWritesOnStreamNotSeparatedByPositioningQuery() { - //autogenerate `Query` type - result = - // `Query` type for `readsAndWritesOnStreamNotSeparatedByPositioning` query - TQueryCPP(TImportMisra23PackageQuery(TReadsAndWritesOnStreamNotSeparatedByPositioningQuery())) - } - - Query operationsOnMemoryNotSequencedAppropriatelyQuery() { - //autogenerate `Query` type - result = - // `Query` type for `operationsOnMemoryNotSequencedAppropriately` query - TQueryCPP(TImportMisra23PackageQuery(TOperationsOnMemoryNotSequencedAppropriatelyQuery())) - } - - Query characterOnlyInEscapeSequenceOrUniversalCharNameQuery() { - //autogenerate `Query` type - result = - // `Query` type for `characterOnlyInEscapeSequenceOrUniversalCharName` query - TQueryCPP(TImportMisra23PackageQuery(TCharacterOnlyInEscapeSequenceOrUniversalCharNameQuery())) - } - - Query escapeSequencesAndUniversalCharNamesNotTerminatedQuery() { - //autogenerate `Query` type - result = - // `Query` type for `escapeSequencesAndUniversalCharNamesNotTerminated` query - TQueryCPP(TImportMisra23PackageQuery(TEscapeSequencesAndUniversalCharNamesNotTerminatedQuery())) - } - - Query octalConstantsUsedQuery() { - //autogenerate `Query` type - result = - // `Query` type for `octalConstantsUsed` query - TQueryCPP(TImportMisra23PackageQuery(TOctalConstantsUsedQuery())) - } - - Query unsignedIntegerLiteralsNotAppropriatelySuffixedQuery() { - //autogenerate `Query` type - result = - // `Query` type for `unsignedIntegerLiteralsNotAppropriatelySuffixed` query - TQueryCPP(TImportMisra23PackageQuery(TUnsignedIntegerLiteralsNotAppropriatelySuffixedQuery())) - } - - Query lowercaseLUsedAsFirstCharacterInLiteralSuffixQuery() { - //autogenerate `Query` type - result = - // `Query` type for `lowercaseLUsedAsFirstCharacterInLiteralSuffix` query - TQueryCPP(TImportMisra23PackageQuery(TLowercaseLUsedAsFirstCharacterInLiteralSuffixQuery())) - } - - Query characterSequenceUsedWithinACStyleCommentQuery() { - //autogenerate `Query` type - result = - // `Query` type for `characterSequenceUsedWithinACStyleComment` query - TQueryCPP(TImportMisra23PackageQuery(TCharacterSequenceUsedWithinACStyleCommentQuery())) - } - - Query lineSplicingUsedInCommentsQuery() { - //autogenerate `Query` type - result = - // `Query` type for `lineSplicingUsedInComments` query - TQueryCPP(TImportMisra23PackageQuery(TLineSplicingUsedInCommentsQuery())) - } - - Query globalDeclarationsOnlyMainNamespaceOrExternCQuery() { - //autogenerate `Query` type - result = - // `Query` type for `globalDeclarationsOnlyMainNamespaceOrExternC` query - TQueryCPP(TImportMisra23PackageQuery(TGlobalDeclarationsOnlyMainNamespaceOrExternCQuery())) - } - - Query mainUsedOnlyForTheGlobalFunctionMainQuery() { - //autogenerate `Query` type - result = - // `Query` type for `mainUsedOnlyForTheGlobalFunctionMain` query - TQueryCPP(TImportMisra23PackageQuery(TMainUsedOnlyForTheGlobalFunctionMainQuery())) - } - - Query oneDefinitionRuleViolatedQuery() { - //autogenerate `Query` type - result = - // `Query` type for `oneDefinitionRuleViolated` query - TQueryCPP(TImportMisra23PackageQuery(TOneDefinitionRuleViolatedQuery())) - } - - Query variableDeclaredInInnerScopeHidesOuterScopeQuery() { - //autogenerate `Query` type - result = - // `Query` type for `variableDeclaredInInnerScopeHidesOuterScope` query - TQueryCPP(TImportMisra23PackageQuery(TVariableDeclaredInInnerScopeHidesOuterScopeQuery())) - } - - Query derivedClasseConcealFunctionInheritedFromTheBaseQuery() { - //autogenerate `Query` type - result = - // `Query` type for `derivedClasseConcealFunctionInheritedFromTheBase` query - TQueryCPP(TImportMisra23PackageQuery(TDerivedClasseConcealFunctionInheritedFromTheBaseQuery())) - } - - Query nameInDependentBaseResolvedByUnqualifiedLookupQuery() { - //autogenerate `Query` type - result = - // `Query` type for `nameInDependentBaseResolvedByUnqualifiedLookup` query - TQueryCPP(TImportMisra23PackageQuery(TNameInDependentBaseResolvedByUnqualifiedLookupQuery())) - } - - Query objectAccessedBeforeLifetimeMisraQuery() { - //autogenerate `Query` type - result = - // `Query` type for `objectAccessedBeforeLifetimeMisra` query - TQueryCPP(TImportMisra23PackageQuery(TObjectAccessedBeforeLifetimeMisraQuery())) - } - - Query objectAccessedAfterLifetimeMisraQuery() { - //autogenerate `Query` type - result = - // `Query` type for `objectAccessedAfterLifetimeMisra` query - TQueryCPP(TImportMisra23PackageQuery(TObjectAccessedAfterLifetimeMisraQuery())) - } - - Query mustNotReturnReferenceToLocalAutomaticVariableQuery() { - //autogenerate `Query` type - result = - // `Query` type for `mustNotReturnReferenceToLocalAutomaticVariable` query - TQueryCPP(TImportMisra23PackageQuery(TMustNotReturnReferenceToLocalAutomaticVariableQuery())) - } - - Query nullptrNotTheOnlyFormOfTheNullPointerConstantQuery() { - //autogenerate `Query` type - result = - // `Query` type for `nullptrNotTheOnlyFormOfTheNullPointerConstant` query - TQueryCPP(TImportMisra23PackageQuery(TNullptrNotTheOnlyFormOfTheNullPointerConstantQuery())) - } - - Query arrayPassedAsFunctionArgumentDecayToAPointerQuery() { - //autogenerate `Query` type - result = - // `Query` type for `arrayPassedAsFunctionArgumentDecayToAPointer` query - TQueryCPP(TImportMisra23PackageQuery(TArrayPassedAsFunctionArgumentDecayToAPointerQuery())) - } - - Query resultOfAnAssignmentOperatorShouldNotBeUsedQuery() { - //autogenerate `Query` type - result = - // `Query` type for `resultOfAnAssignmentOperatorShouldNotBeUsed` query - TQueryCPP(TImportMisra23PackageQuery(TResultOfAnAssignmentOperatorShouldNotBeUsedQuery())) - } - - Query commaOperatorShouldNotBeUsedQuery() { - //autogenerate `Query` type - result = - // `Query` type for `commaOperatorShouldNotBeUsed` query - TQueryCPP(TImportMisra23PackageQuery(TCommaOperatorShouldNotBeUsedQuery())) - } - - Query functionsCallThemselvesEitherDirectlyOrIndirectlyQuery() { - //autogenerate `Query` type - result = - // `Query` type for `functionsCallThemselvesEitherDirectlyOrIndirectly` query - TQueryCPP(TImportMisra23PackageQuery(TFunctionsCallThemselvesEitherDirectlyOrIndirectlyQuery())) - } - - Query castRemovesConstOrVolatileFromPointerOrReferenceQuery() { - //autogenerate `Query` type - result = - // `Query` type for `castRemovesConstOrVolatileFromPointerOrReference` query - TQueryCPP(TImportMisra23PackageQuery(TCastRemovesConstOrVolatileFromPointerOrReferenceQuery())) - } - - Query castsBetweenAPointerToFunctionAndAnyOtherTypeQuery() { - //autogenerate `Query` type - result = - // `Query` type for `castsBetweenAPointerToFunctionAndAnyOtherType` query - TQueryCPP(TImportMisra23PackageQuery(TCastsBetweenAPointerToFunctionAndAnyOtherTypeQuery())) - } - - Query reinterpretCastShallNotBeUsedQuery() { - //autogenerate `Query` type - result = - // `Query` type for `reinterpretCastShallNotBeUsed` query - TQueryCPP(TImportMisra23PackageQuery(TReinterpretCastShallNotBeUsedQuery())) - } - - Query unsignedOperationWithConstantOperandsShouldNotWrapQuery() { - //autogenerate `Query` type - result = - // `Query` type for `unsignedOperationWithConstantOperandsShouldNotWrap` query - TQueryCPP(TImportMisra23PackageQuery(TUnsignedOperationWithConstantOperandsShouldNotWrapQuery())) - } - - Query builtInOperatorAppliedToUnsignedExpressionQuery() { - //autogenerate `Query` type - result = - // `Query` type for `builtInOperatorAppliedToUnsignedExpression` query - TQueryCPP(TImportMisra23PackageQuery(TBuiltInOperatorAppliedToUnsignedExpressionQuery())) - } - - Query bodyOfIterationOrSelectionStatementNotCompoundQuery() { - //autogenerate `Query` type - result = - // `Query` type for `bodyOfIterationOrSelectionStatementNotCompound` query - TQueryCPP(TImportMisra23PackageQuery(TBodyOfIterationOrSelectionStatementNotCompoundQuery())) - } - - Query ifElseIfEndConditionQuery() { - //autogenerate `Query` type - result = - // `Query` type for `ifElseIfEndCondition` query - TQueryCPP(TImportMisra23PackageQuery(TIfElseIfEndConditionQuery())) - } - - Query gotoStatementShouldNotBeUsedQuery() { - //autogenerate `Query` type - result = - // `Query` type for `gotoStatementShouldNotBeUsed` query - TQueryCPP(TImportMisra23PackageQuery(TGotoStatementShouldNotBeUsedQuery())) - } - - Query gotoShallReferenceALabelInSurroundingBlockQuery() { - //autogenerate `Query` type - result = - // `Query` type for `gotoShallReferenceALabelInSurroundingBlock` query - TQueryCPP(TImportMisra23PackageQuery(TGotoShallReferenceALabelInSurroundingBlockQuery())) - } - - Query gotoShallJumpToLabelDeclaredLaterInTheFunctionQuery() { - //autogenerate `Query` type - result = - // `Query` type for `gotoShallJumpToLabelDeclaredLaterInTheFunction` query - TQueryCPP(TImportMisra23PackageQuery(TGotoShallJumpToLabelDeclaredLaterInTheFunctionQuery())) - } - - Query functionDeclaredWithTheNoreturnAttributeReturnQuery() { - //autogenerate `Query` type - result = - // `Query` type for `functionDeclaredWithTheNoreturnAttributeReturn` query - TQueryCPP(TImportMisra23PackageQuery(TFunctionDeclaredWithTheNoreturnAttributeReturnQuery())) - } - - Query nonVoidFunctionShallReturnAValueOnAllPathsQuery() { - //autogenerate `Query` type - result = - // `Query` type for `nonVoidFunctionShallReturnAValueOnAllPaths` query - TQueryCPP(TImportMisra23PackageQuery(TNonVoidFunctionShallReturnAValueOnAllPathsQuery())) - } -} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/RuleMetadata.qll index 4a6cbe936b..8dfbf9feaa 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/RuleMetadata.qll @@ -21,7 +21,6 @@ import Expressions import Freed import Functions import IO -import ImportMisra23 import Includes import Inheritance import Initialization @@ -75,7 +74,6 @@ newtype TCPPQuery = TFreedPackageQuery(FreedQuery q) or TFunctionsPackageQuery(FunctionsQuery q) or TIOPackageQuery(IOQuery q) or - TImportMisra23PackageQuery(ImportMisra23Query q) or TIncludesPackageQuery(IncludesQuery q) or TInheritancePackageQuery(InheritanceQuery q) or TInitializationPackageQuery(InitializationQuery q) or @@ -129,7 +127,6 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isFreedQueryMetadata(query, queryId, ruleId, category) or isFunctionsQueryMetadata(query, queryId, ruleId, category) or isIOQueryMetadata(query, queryId, ruleId, category) or - isImportMisra23QueryMetadata(query, queryId, ruleId, category) or isIncludesQueryMetadata(query, queryId, ruleId, category) or isInheritanceQueryMetadata(query, queryId, ruleId, category) or isInitializationQueryMetadata(query, queryId, ruleId, category) or diff --git a/cpp/misra/src/rules/DIR-5-7-2/SectionsOfCodeShouldNotBeCommentedOut.ql b/cpp/misra/src/rules/DIR-5-7-2/SectionsOfCodeShouldNotBeCommentedOut.ql deleted file mode 100644 index 75eb48ec67..0000000000 --- a/cpp/misra/src/rules/DIR-5-7-2/SectionsOfCodeShouldNotBeCommentedOut.ql +++ /dev/null @@ -1,23 +0,0 @@ -/** - * @id cpp/misra/sections-of-code-should-not-be-commented-out - * @name DIR-5-7-2: Sections of code should not be “commented out” - * @description - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/misra/id/dir-5-7-2 - * maintainability - * readability - * correctness - * external/misra/obligation/advisory - */ - -import cpp -import codingstandards.cpp.misra -import codingstandards.cpp.rules.sectionsofcodeshallnotbecommentedout.SectionsOfCodeShallNotBeCommentedOut - -class SectionsOfCodeShouldNotBeCommentedOutQuery extends SectionsOfCodeShallNotBeCommentedOutSharedQuery { - SectionsOfCodeShouldNotBeCommentedOutQuery() { - this = ImportMisra23Package::sectionsOfCodeShouldNotBeCommentedOutQuery() - } -} diff --git a/cpp/misra/src/rules/RULE-11-3-2/DeclarationOfAnObjectIndirectionsLevel.ql b/cpp/misra/src/rules/RULE-11-3-2/DeclarationOfAnObjectIndirectionsLevel.ql deleted file mode 100644 index 21293a632f..0000000000 --- a/cpp/misra/src/rules/RULE-11-3-2/DeclarationOfAnObjectIndirectionsLevel.ql +++ /dev/null @@ -1,24 +0,0 @@ -/** - * @id cpp/misra/declaration-of-an-object-indirections-level - * @name RULE-11-3-2: The declaration of an object should contain no more than two levels of pointer indirection - * @description - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/misra/id/rule-11-3-2 - * readability - * maintainability - * scope/single-translation-unit - * external/misra/enforcement/decidable - * external/misra/obligation/advisory - */ - -import cpp -import codingstandards.cpp.misra -import codingstandards.cpp.rules.donotusemorethantwolevelsofpointerindirection.DoNotUseMoreThanTwoLevelsOfPointerIndirection - -class DeclarationOfAnObjectIndirectionsLevelQuery extends DoNotUseMoreThanTwoLevelsOfPointerIndirectionSharedQuery { - DeclarationOfAnObjectIndirectionsLevelQuery() { - this = ImportMisra23Package::declarationOfAnObjectIndirectionsLevelQuery() - } -} diff --git a/cpp/misra/src/rules/RULE-18-3-3/HandlersReferToNonStaticMembersFromTheirClass.ql b/cpp/misra/src/rules/RULE-18-3-3/HandlersReferToNonStaticMembersFromTheirClass.ql deleted file mode 100644 index 81a5038151..0000000000 --- a/cpp/misra/src/rules/RULE-18-3-3/HandlersReferToNonStaticMembersFromTheirClass.ql +++ /dev/null @@ -1,24 +0,0 @@ -/** - * @id cpp/misra/handlers-refer-to-non-static-members-from-their-class - * @name RULE-18-3-3: Handlers for a function-try-block of a constructor or destructor shall not refer to non-static - * @description Handlers for a function-try-block of a constructor or destructor shall not refer to - * non-static members from their class or its bases - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/misra/id/rule-18-3-3 - * correctness - * scope/single-translation-unit - * external/misra/enforcement/decidable - * external/misra/obligation/required - */ - -import cpp -import codingstandards.cpp.misra -import codingstandards.cpp.rules.destroyedvaluereferencedindestructorcatchblock.DestroyedValueReferencedInDestructorCatchBlock - -class HandlersReferToNonStaticMembersFromTheirClassQuery extends DestroyedValueReferencedInDestructorCatchBlockSharedQuery { - HandlersReferToNonStaticMembersFromTheirClassQuery() { - this = ImportMisra23Package::handlersReferToNonStaticMembersFromTheirClassQuery() - } -} diff --git a/cpp/misra/src/rules/RULE-19-0-3/IncludeDirectivesPrecededByPreprocessorDirectives.ql b/cpp/misra/src/rules/RULE-19-0-3/IncludeDirectivesPrecededByPreprocessorDirectives.ql deleted file mode 100644 index e392630616..0000000000 --- a/cpp/misra/src/rules/RULE-19-0-3/IncludeDirectivesPrecededByPreprocessorDirectives.ql +++ /dev/null @@ -1,23 +0,0 @@ -/** - * @id cpp/misra/include-directives-preceded-by-preprocessor-directives - * @name RULE-19-0-3: #include directives should only be preceded by preprocessor directives or comments - * @description - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/misra/id/rule-19-0-3 - * readability - * scope/single-translation-unit - * external/misra/enforcement/decidable - * external/misra/obligation/advisory - */ - -import cpp -import codingstandards.cpp.misra -import codingstandards.cpp.rules.preprocessorincludespreceded.PreprocessorIncludesPreceded - -class IncludeDirectivesPrecededByPreprocessorDirectivesQuery extends PreprocessorIncludesPrecededSharedQuery { - IncludeDirectivesPrecededByPreprocessorDirectivesQuery() { - this = ImportMisra23Package::includeDirectivesPrecededByPreprocessorDirectivesQuery() - } -} diff --git a/cpp/misra/src/rules/RULE-19-1-3/IdentifiersUsedInTheControllingExpressionOf.ql b/cpp/misra/src/rules/RULE-19-1-3/IdentifiersUsedInTheControllingExpressionOf.ql deleted file mode 100644 index 13b604911b..0000000000 --- a/cpp/misra/src/rules/RULE-19-1-3/IdentifiersUsedInTheControllingExpressionOf.ql +++ /dev/null @@ -1,25 +0,0 @@ -/** - * @id cpp/misra/identifiers-used-in-the-controlling-expression-of - * @name RULE-19-1-3: All identifiers used in the controlling expression of #if or #elif preprocessing directives shall be - * @description All identifiers used in the controlling expression of #if or #elif preprocessing - * directives shall be defined prior to evaluation - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/misra/id/rule-19-1-3 - * correctness - * readability - * scope/single-translation-unit - * external/misra/enforcement/decidable - * external/misra/obligation/required - */ - -import cpp -import codingstandards.cpp.misra -import codingstandards.cpp.rules.undefinedmacroidentifiers.UndefinedMacroIdentifiers - -class IdentifiersUsedInTheControllingExpressionOfQuery extends UndefinedMacroIdentifiersSharedQuery { - IdentifiersUsedInTheControllingExpressionOfQuery() { - this = ImportMisra23Package::identifiersUsedInTheControllingExpressionOfQuery() - } -} diff --git a/cpp/misra/src/rules/RULE-19-2-3/CharsThatShouldNotOccurInHeaderFileName.ql b/cpp/misra/src/rules/RULE-19-2-3/CharsThatShouldNotOccurInHeaderFileName.ql deleted file mode 100644 index 20a4912a28..0000000000 --- a/cpp/misra/src/rules/RULE-19-2-3/CharsThatShouldNotOccurInHeaderFileName.ql +++ /dev/null @@ -1,24 +0,0 @@ -/** - * @id cpp/misra/chars-that-should-not-occur-in-header-file-name - * @name RULE-19-2-3: The ' or " or \ characters and the /* or // character sequences shall not occur in a header file - * @description The ' or " or \ characters and the /* or // character sequences shall not occur in a - * header file name - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/misra/id/rule-19-2-3 - * scope/single-translation-unit - * correctness - * external/misra/enforcement/decidable - * external/misra/obligation/required - */ - -import cpp -import codingstandards.cpp.misra -import codingstandards.cpp.rules.preprocessorincludesforbiddenheadernames.PreprocessorIncludesForbiddenHeaderNames - -class CharsThatShouldNotOccurInHeaderFileNameQuery extends PreprocessorIncludesForbiddenHeaderNamesSharedQuery { - CharsThatShouldNotOccurInHeaderFileNameQuery() { - this = ImportMisra23Package::charsThatShouldNotOccurInHeaderFileNameQuery() - } -} diff --git a/cpp/misra/src/rules/RULE-19-3-1/AndPreprocessorOperatorsShouldNotBeUsed.ql b/cpp/misra/src/rules/RULE-19-3-1/AndPreprocessorOperatorsShouldNotBeUsed.ql deleted file mode 100644 index 9b6430475e..0000000000 --- a/cpp/misra/src/rules/RULE-19-3-1/AndPreprocessorOperatorsShouldNotBeUsed.ql +++ /dev/null @@ -1,23 +0,0 @@ -/** - * @id cpp/misra/and-preprocessor-operators-should-not-be-used - * @name RULE-19-3-1: The # and ## preprocessor operators should not be used - * @description - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/misra/id/rule-19-3-1 - * correctness - * scope/single-translation-unit - * external/misra/enforcement/decidable - * external/misra/obligation/advisory - */ - -import cpp -import codingstandards.cpp.misra -import codingstandards.cpp.rules.hashoperatorsused.HashOperatorsUsed - -class AndPreprocessorOperatorsShouldNotBeUsedQuery extends HashOperatorsUsedSharedQuery { - AndPreprocessorOperatorsShouldNotBeUsedQuery() { - this = ImportMisra23Package::andPreprocessorOperatorsShouldNotBeUsedQuery() - } -} diff --git a/cpp/misra/src/rules/RULE-19-3-5/TokensThatLookLikeDirectivesInAMacroArgument.ql b/cpp/misra/src/rules/RULE-19-3-5/TokensThatLookLikeDirectivesInAMacroArgument.ql deleted file mode 100644 index 3e553d0397..0000000000 --- a/cpp/misra/src/rules/RULE-19-3-5/TokensThatLookLikeDirectivesInAMacroArgument.ql +++ /dev/null @@ -1,24 +0,0 @@ -/** - * @id cpp/misra/tokens-that-look-like-directives-in-a-macro-argument - * @name RULE-19-3-5: Tokens that look like a preprocessing directive shall not occur within a macro argument - * @description - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/misra/id/rule-19-3-5 - * readability - * correctness - * scope/single-translation-unit - * external/misra/enforcement/decidable - * external/misra/obligation/required - */ - -import cpp -import codingstandards.cpp.misra -import codingstandards.cpp.rules.preprocessingdirectivewithinmacroargument.PreprocessingDirectiveWithinMacroArgument - -class TokensThatLookLikeDirectivesInAMacroArgumentQuery extends PreprocessingDirectiveWithinMacroArgumentSharedQuery { - TokensThatLookLikeDirectivesInAMacroArgumentQuery() { - this = ImportMisra23Package::tokensThatLookLikeDirectivesInAMacroArgumentQuery() - } -} diff --git a/cpp/misra/src/rules/RULE-21-6-5/PointerToAnIncompleteClassTypeDeleted.ql b/cpp/misra/src/rules/RULE-21-6-5/PointerToAnIncompleteClassTypeDeleted.ql deleted file mode 100644 index 0d2de4deae..0000000000 --- a/cpp/misra/src/rules/RULE-21-6-5/PointerToAnIncompleteClassTypeDeleted.ql +++ /dev/null @@ -1,23 +0,0 @@ -/** - * @id cpp/misra/pointer-to-an-incomplete-class-type-deleted - * @name RULE-21-6-5: A pointer to an incomplete class type shall not be deleted - * @description - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/misra/id/rule-21-6-5 - * correctness - * scope/single-translation-unit - * external/misra/enforcement/decidable - * external/misra/obligation/required - */ - -import cpp -import codingstandards.cpp.misra -import codingstandards.cpp.rules.deleteofpointertoincompleteclass.DeleteOfPointerToIncompleteClass - -class PointerToAnIncompleteClassTypeDeletedQuery extends DeleteOfPointerToIncompleteClassSharedQuery { - PointerToAnIncompleteClassTypeDeletedQuery() { - this = ImportMisra23Package::pointerToAnIncompleteClassTypeDeletedQuery() - } -} diff --git a/cpp/misra/src/rules/RULE-25-5-2/PointersReturnedByLocaleFunctionsMustBeUsedAsConst.ql b/cpp/misra/src/rules/RULE-25-5-2/PointersReturnedByLocaleFunctionsMustBeUsedAsConst.ql deleted file mode 100644 index 8fbb7d4d42..0000000000 --- a/cpp/misra/src/rules/RULE-25-5-2/PointersReturnedByLocaleFunctionsMustBeUsedAsConst.ql +++ /dev/null @@ -1,26 +0,0 @@ -/** - * @id cpp/misra/pointers-returned-by-locale-functions-must-be-used-as-const - * @name RULE-25-5-2: The pointers returned by environment functions should be treated as const - * @description The pointers returned by the C++ Standard Library functions localeconv, getenv, - * setlocale or strerror must only be used as if they have pointer to const-qualified - * type - * @kind path-problem - * @precision very-high - * @problem.severity error - * @tags external/misra/id/rule-25-5-2 - * correctness - * scope/single-translation-unit - * external/misra/enforcement/decidable - * external/misra/obligation/mandatory - */ - -import cpp -import codingstandards.cpp.misra -import codingstandards.cpp.rules.constlikereturnvalue.ConstLikeReturnValue - -class PointersReturnedByLocaleFunctionsMustBeUsedAsConstQuery extends ConstLikeReturnValueSharedQuery -{ - PointersReturnedByLocaleFunctionsMustBeUsedAsConstQuery() { - this = ImportMisra23Package::pointersReturnedByLocaleFunctionsMustBeUsedAsConstQuery() - } -} diff --git a/cpp/misra/src/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersMisra.ql b/cpp/misra/src/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersMisra.ql deleted file mode 100644 index 58edb5e60f..0000000000 --- a/cpp/misra/src/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersMisra.ql +++ /dev/null @@ -1,25 +0,0 @@ -/** - * @id cpp/misra/call-to-setlocale-invalidates-old-pointers-misra - * @name RULE-25-5-3: The pointer returned by the Standard Library env functions is invalid - * @description The pointer returned by the Standard Library functions asctime, ctime, gmtime, - * localtime, localeconv, getenv, setlocale or strerror may be invalid following a - * subsequent call to the same function. - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/misra/id/rule-25-5-3 - * correctness - * scope/system - * external/misra/enforcement/undecidable - * external/misra/obligation/mandatory - */ - -import cpp -import codingstandards.cpp.misra -import codingstandards.cpp.rules.invalidatedenvstringpointers.InvalidatedEnvStringPointers - -class CallToSetlocaleInvalidatesOldPointersMisraQuery extends InvalidatedEnvStringPointersSharedQuery { - CallToSetlocaleInvalidatesOldPointersMisraQuery() { - this = ImportMisra23Package::callToSetlocaleInvalidatesOldPointersMisraQuery() - } -} diff --git a/cpp/misra/src/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersWarnMisra.ql b/cpp/misra/src/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersWarnMisra.ql deleted file mode 100644 index 2b4b08bd98..0000000000 --- a/cpp/misra/src/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersWarnMisra.ql +++ /dev/null @@ -1,25 +0,0 @@ -/** - * @id cpp/misra/call-to-setlocale-invalidates-old-pointers-warn-misra - * @name RULE-25-5-3: The pointer returned by the Standard Library env functions is invalid warning - * @description The pointer returned by the Standard Library functions asctime, ctime, gmtime, - * localtime, localeconv, getenv, setlocale or strerror may be invalid following a - * subsequent call to the same function. - * @kind problem - * @precision very-high - * @problem.severity warning - * @tags external/misra/id/rule-25-5-3 - * correctness - * scope/system - * external/misra/enforcement/undecidable - * external/misra/obligation/mandatory - */ - -import cpp -import codingstandards.cpp.misra -import codingstandards.cpp.rules.invalidatedenvstringpointerswarn.InvalidatedEnvStringPointersWarn - -class CallToSetlocaleInvalidatesOldPointersWarnMisraQuery extends InvalidatedEnvStringPointersWarnSharedQuery { - CallToSetlocaleInvalidatesOldPointersWarnMisraQuery() { - this = ImportMisra23Package::callToSetlocaleInvalidatesOldPointersWarnMisraQuery() - } -} diff --git a/cpp/misra/src/rules/RULE-28-6-3/ObjectUsedWhileInPotentiallyMovedFromState.ql b/cpp/misra/src/rules/RULE-28-6-3/ObjectUsedWhileInPotentiallyMovedFromState.ql deleted file mode 100644 index 416daa9c07..0000000000 --- a/cpp/misra/src/rules/RULE-28-6-3/ObjectUsedWhileInPotentiallyMovedFromState.ql +++ /dev/null @@ -1,23 +0,0 @@ -/** - * @id cpp/misra/object-used-while-in-potentially-moved-from-state - * @name RULE-28-6-3: An object shall not be used while in a potentially moved-from state - * @description - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/misra/id/rule-28-6-3 - * correctness - * scope/single-translation-unit - * external/misra/enforcement/decidable - * external/misra/obligation/required - */ - -import cpp -import codingstandards.cpp.misra -import codingstandards.cpp.rules.movedfromobjectsunspecifiedstate.MovedFromObjectsUnspecifiedState - -class ObjectUsedWhileInPotentiallyMovedFromStateQuery extends MovedFromObjectsUnspecifiedStateSharedQuery { - ObjectUsedWhileInPotentiallyMovedFromStateQuery() { - this = ImportMisra23Package::objectUsedWhileInPotentiallyMovedFromStateQuery() - } -} diff --git a/cpp/misra/src/rules/RULE-30-0-2/ReadsAndWritesOnStreamNotSeparatedByPositioning.ql b/cpp/misra/src/rules/RULE-30-0-2/ReadsAndWritesOnStreamNotSeparatedByPositioning.ql deleted file mode 100644 index a209347915..0000000000 --- a/cpp/misra/src/rules/RULE-30-0-2/ReadsAndWritesOnStreamNotSeparatedByPositioning.ql +++ /dev/null @@ -1,23 +0,0 @@ -/** - * @id cpp/misra/reads-and-writes-on-stream-not-separated-by-positioning - * @name RULE-30-0-2: Reads and writes on the same file stream shall be separated by a positioning operation - * @description - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/misra/id/rule-30-0-2 - * correctness - * scope/system - * external/misra/enforcement/undecidable - * external/misra/obligation/required - */ - -import cpp -import codingstandards.cpp.misra -import codingstandards.cpp.rules.iofstreammissingpositioning.IOFstreamMissingPositioning - -class ReadsAndWritesOnStreamNotSeparatedByPositioningQuery extends IOFstreamMissingPositioningSharedQuery { - ReadsAndWritesOnStreamNotSeparatedByPositioningQuery() { - this = ImportMisra23Package::readsAndWritesOnStreamNotSeparatedByPositioningQuery() - } -} diff --git a/cpp/misra/src/rules/RULE-6-2-1/OneDefinitionRuleViolated.ql b/cpp/misra/src/rules/RULE-6-2-1/OneDefinitionRuleViolated.ql deleted file mode 100644 index b682c354a5..0000000000 --- a/cpp/misra/src/rules/RULE-6-2-1/OneDefinitionRuleViolated.ql +++ /dev/null @@ -1,23 +0,0 @@ -/** - * @id cpp/misra/one-definition-rule-violated - * @name RULE-6-2-1: The one-definition rule shall not be violated - * @description - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/misra/id/rule-6-2-1 - * correctness - * scope/system - * external/misra/enforcement/decidable - * external/misra/obligation/required - */ - -import cpp -import codingstandards.cpp.misra -import codingstandards.cpp.rules.onedefinitionruleviolation.OneDefinitionRuleViolation - -class OneDefinitionRuleViolatedQuery extends OneDefinitionRuleViolationSharedQuery { - OneDefinitionRuleViolatedQuery() { - this = ImportMisra23Package::oneDefinitionRuleViolatedQuery() - } -} diff --git a/cpp/misra/src/rules/RULE-6-4-1/VariableDeclaredInInnerScopeHidesOuterScope.ql b/cpp/misra/src/rules/RULE-6-4-1/VariableDeclaredInInnerScopeHidesOuterScope.ql deleted file mode 100644 index 1813ebc77a..0000000000 --- a/cpp/misra/src/rules/RULE-6-4-1/VariableDeclaredInInnerScopeHidesOuterScope.ql +++ /dev/null @@ -1,24 +0,0 @@ -/** - * @id cpp/misra/variable-declared-in-inner-scope-hides-outer-scope - * @name RULE-6-4-1: A variable declared in an inner scope shall not hide a variable declared in an outer scope - * @description - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/misra/id/rule-6-4-1 - * readability - * maintainability - * scope/single-translation-unit - * external/misra/enforcement/decidable - * external/misra/obligation/required - */ - -import cpp -import codingstandards.cpp.misra -import codingstandards.cpp.rules.identifierhidden.IdentifierHidden - -class VariableDeclaredInInnerScopeHidesOuterScopeQuery extends IdentifierHiddenSharedQuery { - VariableDeclaredInInnerScopeHidesOuterScopeQuery() { - this = ImportMisra23Package::variableDeclaredInInnerScopeHidesOuterScopeQuery() - } -} diff --git a/cpp/misra/src/rules/RULE-6-8-1/ObjectAccessedAfterLifetimeMisra.ql b/cpp/misra/src/rules/RULE-6-8-1/ObjectAccessedAfterLifetimeMisra.ql deleted file mode 100644 index 77483fdedb..0000000000 --- a/cpp/misra/src/rules/RULE-6-8-1/ObjectAccessedAfterLifetimeMisra.ql +++ /dev/null @@ -1,23 +0,0 @@ -/** - * @id cpp/misra/object-accessed-after-lifetime-misra - * @name RULE-6-8-1: Access of object after lifetime (use-after-free) - * @description Accessing an object after its lifetime results in undefined behavior. - * @kind problem - * @precision high - * @problem.severity error - * @tags external/misra/id/rule-6-8-1 - * correctness - * security - * external/misra/enforcement/undecidable - * external/misra/obligation/required - */ - -import cpp -import codingstandards.cpp.misra -import codingstandards.cpp.rules.objectaccessedafterlifetime.ObjectAccessedAfterLifetime - -class ObjectAccessedAfterLifetimeMisraQuery extends ObjectAccessedAfterLifetimeSharedQuery { - ObjectAccessedAfterLifetimeMisraQuery() { - this = ImportMisra23Package::objectAccessedAfterLifetimeMisraQuery() - } -} diff --git a/cpp/misra/src/rules/RULE-6-8-1/ObjectAccessedBeforeLifetimeMisra.ql b/cpp/misra/src/rules/RULE-6-8-1/ObjectAccessedBeforeLifetimeMisra.ql deleted file mode 100644 index e0e82f2396..0000000000 --- a/cpp/misra/src/rules/RULE-6-8-1/ObjectAccessedBeforeLifetimeMisra.ql +++ /dev/null @@ -1,23 +0,0 @@ -/** - * @id cpp/misra/object-accessed-before-lifetime-misra - * @name RULE-6-8-1: Access of uninitialized object - * @description Accessing an object before its lifetime can result in undefined behavior. - * @kind problem - * @precision high - * @problem.severity error - * @tags external/misra/id/rule-6-8-1 - * correctness - * security - * external/misra/enforcement/undecidable - * external/misra/obligation/required - */ - -import cpp -import codingstandards.cpp.misra -import codingstandards.cpp.rules.objectaccessedbeforelifetime.ObjectAccessedBeforeLifetime - -class ObjectAccessedBeforeLifetimeMisraQuery extends ObjectAccessedBeforeLifetimeSharedQuery { - ObjectAccessedBeforeLifetimeMisraQuery() { - this = ImportMisra23Package::objectAccessedBeforeLifetimeMisraQuery() - } -} diff --git a/cpp/misra/src/rules/RULE-8-2-3/CastRemovesConstOrVolatileFromPointerOrReference.ql b/cpp/misra/src/rules/RULE-8-2-3/CastRemovesConstOrVolatileFromPointerOrReference.ql deleted file mode 100644 index 0c2e56b5bd..0000000000 --- a/cpp/misra/src/rules/RULE-8-2-3/CastRemovesConstOrVolatileFromPointerOrReference.ql +++ /dev/null @@ -1,24 +0,0 @@ -/** - * @id cpp/misra/cast-removes-const-or-volatile-from-pointer-or-reference - * @name RULE-8-2-3: A cast shall not remove any const or volatile qualification from the type accessed via a pointer or - * @description A cast shall not remove any const or volatile qualification from the type accessed - * via a pointer or by reference - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/misra/id/rule-8-2-3 - * correctness - * scope/single-translation-unit - * external/misra/enforcement/decidable - * external/misra/obligation/required - */ - -import cpp -import codingstandards.cpp.misra -import codingstandards.cpp.rules.removeconstorvolatilequalification.RemoveConstOrVolatileQualification - -class CastRemovesConstOrVolatileFromPointerOrReferenceQuery extends RemoveConstOrVolatileQualificationSharedQuery { - CastRemovesConstOrVolatileFromPointerOrReferenceQuery() { - this = ImportMisra23Package::castRemovesConstOrVolatileFromPointerOrReferenceQuery() - } -} diff --git a/cpp/misra/src/rules/RULE-9-4-1/IfElseIfEndCondition.ql b/cpp/misra/src/rules/RULE-9-4-1/IfElseIfEndCondition.ql deleted file mode 100644 index 2345e3f25f..0000000000 --- a/cpp/misra/src/rules/RULE-9-4-1/IfElseIfEndCondition.ql +++ /dev/null @@ -1,24 +0,0 @@ -/** - * @id cpp/misra/if-else-if-end-condition - * @name RULE-9-4-1: All if - * @description All if ... else if constructs shall be terminated with an else statement - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/misra/id/rule-9-4-1 - * readability - * maintainability - * scope/single-translation-unit - * external/misra/enforcement/decidable - * external/misra/obligation/required - */ - -import cpp -import codingstandards.cpp.misra -import codingstandards.cpp.rules.ifelseterminationconstruct.IfElseTerminationConstruct - -class IfElseIfEndConditionQuery extends IfElseTerminationConstructSharedQuery { - IfElseIfEndConditionQuery() { - this = ImportMisra23Package::ifElseIfEndConditionQuery() - } -} diff --git a/cpp/misra/src/rules/RULE-9-6-3/GotoShallJumpToLabelDeclaredLaterInTheFunction.ql b/cpp/misra/src/rules/RULE-9-6-3/GotoShallJumpToLabelDeclaredLaterInTheFunction.ql deleted file mode 100644 index c0e5e0fe83..0000000000 --- a/cpp/misra/src/rules/RULE-9-6-3/GotoShallJumpToLabelDeclaredLaterInTheFunction.ql +++ /dev/null @@ -1,24 +0,0 @@ -/** - * @id cpp/misra/goto-shall-jump-to-label-declared-later-in-the-function - * @name RULE-9-6-3: The goto statement shall jump to a label declared later in the function body - * @description - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/misra/id/rule-9-6-3 - * maintainability - * readability - * scope/single-translation-unit - * external/misra/enforcement/decidable - * external/misra/obligation/required - */ - -import cpp -import codingstandards.cpp.misra -import codingstandards.cpp.rules.gotostatementcondition.GotoStatementCondition - -class GotoShallJumpToLabelDeclaredLaterInTheFunctionQuery extends GotoStatementConditionSharedQuery { - GotoShallJumpToLabelDeclaredLaterInTheFunctionQuery() { - this = ImportMisra23Package::gotoShallJumpToLabelDeclaredLaterInTheFunctionQuery() - } -} diff --git a/cpp/misra/src/rules/RULE-9-6-4/FunctionDeclaredWithTheNoreturnAttributeReturn.ql b/cpp/misra/src/rules/RULE-9-6-4/FunctionDeclaredWithTheNoreturnAttributeReturn.ql deleted file mode 100644 index 23221348c0..0000000000 --- a/cpp/misra/src/rules/RULE-9-6-4/FunctionDeclaredWithTheNoreturnAttributeReturn.ql +++ /dev/null @@ -1,23 +0,0 @@ -/** - * @id cpp/misra/function-declared-with-the-noreturn-attribute-return - * @name RULE-9-6-4: A function declared with the [[noreturn]] attribute shall not return - * @description - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/misra/id/rule-9-6-4 - * correctness - * scope/system - * external/misra/enforcement/undecidable - * external/misra/obligation/required - */ - -import cpp -import codingstandards.cpp.misra -import codingstandards.cpp.rules.functionnoreturnattributecondition.FunctionNoReturnAttributeCondition - -class FunctionDeclaredWithTheNoreturnAttributeReturnQuery extends FunctionNoReturnAttributeConditionSharedQuery { - FunctionDeclaredWithTheNoreturnAttributeReturnQuery() { - this = ImportMisra23Package::functionDeclaredWithTheNoreturnAttributeReturnQuery() - } -} diff --git a/cpp/misra/src/rules/RULE-9-6-5/NonVoidFunctionShallReturnAValueOnAllPaths.ql b/cpp/misra/src/rules/RULE-9-6-5/NonVoidFunctionShallReturnAValueOnAllPaths.ql deleted file mode 100644 index 74802bcee9..0000000000 --- a/cpp/misra/src/rules/RULE-9-6-5/NonVoidFunctionShallReturnAValueOnAllPaths.ql +++ /dev/null @@ -1,23 +0,0 @@ -/** - * @id cpp/misra/non-void-function-shall-return-a-value-on-all-paths - * @name RULE-9-6-5: A function with non-void return type shall return a value on all paths - * @description - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/misra/id/rule-9-6-5 - * correctness - * scope/single-translation-unit - * external/misra/enforcement/decidable - * external/misra/obligation/required - */ - -import cpp -import codingstandards.cpp.misra -import codingstandards.cpp.rules.nonvoidfunctiondoesnotreturn.NonVoidFunctionDoesNotReturn - -class NonVoidFunctionShallReturnAValueOnAllPathsQuery extends NonVoidFunctionDoesNotReturnSharedQuery { - NonVoidFunctionShallReturnAValueOnAllPathsQuery() { - this = ImportMisra23Package::nonVoidFunctionShallReturnAValueOnAllPathsQuery() - } -} diff --git a/cpp/misra/test/rules/DIR-5-7-2/SectionsOfCodeShouldNotBeCommentedOut.testref b/cpp/misra/test/rules/DIR-5-7-2/SectionsOfCodeShouldNotBeCommentedOut.testref deleted file mode 100644 index 303a38a19b..0000000000 --- a/cpp/misra/test/rules/DIR-5-7-2/SectionsOfCodeShouldNotBeCommentedOut.testref +++ /dev/null @@ -1 +0,0 @@ -cpp/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-11-3-2/DeclarationOfAnObjectIndirectionsLevel.testref b/cpp/misra/test/rules/RULE-11-3-2/DeclarationOfAnObjectIndirectionsLevel.testref deleted file mode 100644 index 3b46dca736..0000000000 --- a/cpp/misra/test/rules/RULE-11-3-2/DeclarationOfAnObjectIndirectionsLevel.testref +++ /dev/null @@ -1 +0,0 @@ -cpp/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-18-3-3/HandlersReferToNonStaticMembersFromTheirClass.testref b/cpp/misra/test/rules/RULE-18-3-3/HandlersReferToNonStaticMembersFromTheirClass.testref deleted file mode 100644 index 7d4f5826b0..0000000000 --- a/cpp/misra/test/rules/RULE-18-3-3/HandlersReferToNonStaticMembersFromTheirClass.testref +++ /dev/null @@ -1 +0,0 @@ -cpp/common/test/rules/destroyedvaluereferencedindestructorcatchblock/DestroyedValueReferencedInDestructorCatchBlock.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-19-0-3/IncludeDirectivesPrecededByPreprocessorDirectives.testref b/cpp/misra/test/rules/RULE-19-0-3/IncludeDirectivesPrecededByPreprocessorDirectives.testref deleted file mode 100644 index 7992898cfc..0000000000 --- a/cpp/misra/test/rules/RULE-19-0-3/IncludeDirectivesPrecededByPreprocessorDirectives.testref +++ /dev/null @@ -1 +0,0 @@ -cpp/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-19-1-3/IdentifiersUsedInTheControllingExpressionOf.testref b/cpp/misra/test/rules/RULE-19-1-3/IdentifiersUsedInTheControllingExpressionOf.testref deleted file mode 100644 index 73eb246867..0000000000 --- a/cpp/misra/test/rules/RULE-19-1-3/IdentifiersUsedInTheControllingExpressionOf.testref +++ /dev/null @@ -1 +0,0 @@ -cpp/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-19-2-3/CharsThatShouldNotOccurInHeaderFileName.testref b/cpp/misra/test/rules/RULE-19-2-3/CharsThatShouldNotOccurInHeaderFileName.testref deleted file mode 100644 index 6be2f4f7ba..0000000000 --- a/cpp/misra/test/rules/RULE-19-2-3/CharsThatShouldNotOccurInHeaderFileName.testref +++ /dev/null @@ -1 +0,0 @@ -cpp/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-19-3-1/AndPreprocessorOperatorsShouldNotBeUsed.testref b/cpp/misra/test/rules/RULE-19-3-1/AndPreprocessorOperatorsShouldNotBeUsed.testref deleted file mode 100644 index eec0b94b11..0000000000 --- a/cpp/misra/test/rules/RULE-19-3-1/AndPreprocessorOperatorsShouldNotBeUsed.testref +++ /dev/null @@ -1 +0,0 @@ -cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-19-3-5/TokensThatLookLikeDirectivesInAMacroArgument.testref b/cpp/misra/test/rules/RULE-19-3-5/TokensThatLookLikeDirectivesInAMacroArgument.testref deleted file mode 100644 index 1e15c636ee..0000000000 --- a/cpp/misra/test/rules/RULE-19-3-5/TokensThatLookLikeDirectivesInAMacroArgument.testref +++ /dev/null @@ -1 +0,0 @@ -cpp/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-21-6-5/PointerToAnIncompleteClassTypeDeleted.testref b/cpp/misra/test/rules/RULE-21-6-5/PointerToAnIncompleteClassTypeDeleted.testref deleted file mode 100644 index 3f4895b1c4..0000000000 --- a/cpp/misra/test/rules/RULE-21-6-5/PointerToAnIncompleteClassTypeDeleted.testref +++ /dev/null @@ -1 +0,0 @@ -cpp/common/test/rules/deleteofpointertoincompleteclass/DeleteOfPointerToIncompleteClass.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-25-5-2/PointersReturnedByLocaleFunctionsMustBeUsedAsConst.testref b/cpp/misra/test/rules/RULE-25-5-2/PointersReturnedByLocaleFunctionsMustBeUsedAsConst.testref deleted file mode 100644 index febf2e9d50..0000000000 --- a/cpp/misra/test/rules/RULE-25-5-2/PointersReturnedByLocaleFunctionsMustBeUsedAsConst.testref +++ /dev/null @@ -1 +0,0 @@ -cpp/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersMisra.testref b/cpp/misra/test/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersMisra.testref deleted file mode 100644 index 74cb92bd88..0000000000 --- a/cpp/misra/test/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersMisra.testref +++ /dev/null @@ -1 +0,0 @@ -cpp/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersWarnMisra.testref b/cpp/misra/test/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersWarnMisra.testref deleted file mode 100644 index 1628a12aa9..0000000000 --- a/cpp/misra/test/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersWarnMisra.testref +++ /dev/null @@ -1 +0,0 @@ -cpp/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-28-6-3/ObjectUsedWhileInPotentiallyMovedFromState.testref b/cpp/misra/test/rules/RULE-28-6-3/ObjectUsedWhileInPotentiallyMovedFromState.testref deleted file mode 100644 index 5ae8b65a71..0000000000 --- a/cpp/misra/test/rules/RULE-28-6-3/ObjectUsedWhileInPotentiallyMovedFromState.testref +++ /dev/null @@ -1 +0,0 @@ -cpp/common/test/rules/movedfromobjectsunspecifiedstate/MovedFromObjectsUnspecifiedState.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-30-0-2/ReadsAndWritesOnStreamNotSeparatedByPositioning.testref b/cpp/misra/test/rules/RULE-30-0-2/ReadsAndWritesOnStreamNotSeparatedByPositioning.testref deleted file mode 100644 index 0a8adf7272..0000000000 --- a/cpp/misra/test/rules/RULE-30-0-2/ReadsAndWritesOnStreamNotSeparatedByPositioning.testref +++ /dev/null @@ -1 +0,0 @@ -cpp/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-6-2-1/OneDefinitionRuleViolated.testref b/cpp/misra/test/rules/RULE-6-2-1/OneDefinitionRuleViolated.testref deleted file mode 100644 index b51950abaa..0000000000 --- a/cpp/misra/test/rules/RULE-6-2-1/OneDefinitionRuleViolated.testref +++ /dev/null @@ -1 +0,0 @@ -cpp/common/test/rules/onedefinitionruleviolation/OneDefinitionRuleViolation.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-6-4-1/VariableDeclaredInInnerScopeHidesOuterScope.testref b/cpp/misra/test/rules/RULE-6-4-1/VariableDeclaredInInnerScopeHidesOuterScope.testref deleted file mode 100644 index 2f41afee3b..0000000000 --- a/cpp/misra/test/rules/RULE-6-4-1/VariableDeclaredInInnerScopeHidesOuterScope.testref +++ /dev/null @@ -1 +0,0 @@ -cpp/common/test/rules/identifierhidden/IdentifierHidden.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-6-8-1/ObjectAccessedAfterLifetimeMisra.testref b/cpp/misra/test/rules/RULE-6-8-1/ObjectAccessedAfterLifetimeMisra.testref deleted file mode 100644 index 979e12ac8c..0000000000 --- a/cpp/misra/test/rules/RULE-6-8-1/ObjectAccessedAfterLifetimeMisra.testref +++ /dev/null @@ -1 +0,0 @@ -cpp/common/test/rules/objectaccessedafterlifetime/ObjectAccessedAfterLifetime.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-6-8-1/ObjectAccessedBeforeLifetimeMisra.testref b/cpp/misra/test/rules/RULE-6-8-1/ObjectAccessedBeforeLifetimeMisra.testref deleted file mode 100644 index 3f22c45632..0000000000 --- a/cpp/misra/test/rules/RULE-6-8-1/ObjectAccessedBeforeLifetimeMisra.testref +++ /dev/null @@ -1 +0,0 @@ -cpp/common/test/rules/objectaccessedbeforelifetime/ObjectAccessedBeforeLifetime.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-8-2-3/CastRemovesConstOrVolatileFromPointerOrReference.testref b/cpp/misra/test/rules/RULE-8-2-3/CastRemovesConstOrVolatileFromPointerOrReference.testref deleted file mode 100644 index 000469493a..0000000000 --- a/cpp/misra/test/rules/RULE-8-2-3/CastRemovesConstOrVolatileFromPointerOrReference.testref +++ /dev/null @@ -1 +0,0 @@ -cpp/common/test/rules/removeconstorvolatilequalification/RemoveConstOrVolatileQualification.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-9-4-1/IfElseIfEndCondition.testref b/cpp/misra/test/rules/RULE-9-4-1/IfElseIfEndCondition.testref deleted file mode 100644 index d7ca04a26e..0000000000 --- a/cpp/misra/test/rules/RULE-9-4-1/IfElseIfEndCondition.testref +++ /dev/null @@ -1 +0,0 @@ -cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-9-6-3/GotoShallJumpToLabelDeclaredLaterInTheFunction.testref b/cpp/misra/test/rules/RULE-9-6-3/GotoShallJumpToLabelDeclaredLaterInTheFunction.testref deleted file mode 100644 index b4f807e8e2..0000000000 --- a/cpp/misra/test/rules/RULE-9-6-3/GotoShallJumpToLabelDeclaredLaterInTheFunction.testref +++ /dev/null @@ -1 +0,0 @@ -cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-9-6-4/FunctionDeclaredWithTheNoreturnAttributeReturn.testref b/cpp/misra/test/rules/RULE-9-6-4/FunctionDeclaredWithTheNoreturnAttributeReturn.testref deleted file mode 100644 index dec8006f15..0000000000 --- a/cpp/misra/test/rules/RULE-9-6-4/FunctionDeclaredWithTheNoreturnAttributeReturn.testref +++ /dev/null @@ -1 +0,0 @@ -cpp/common/test/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-9-6-5/NonVoidFunctionShallReturnAValueOnAllPaths.testref b/cpp/misra/test/rules/RULE-9-6-5/NonVoidFunctionShallReturnAValueOnAllPaths.testref deleted file mode 100644 index ef9b3c1fc2..0000000000 --- a/cpp/misra/test/rules/RULE-9-6-5/NonVoidFunctionShallReturnAValueOnAllPaths.testref +++ /dev/null @@ -1 +0,0 @@ -cpp/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql \ No newline at end of file diff --git a/rule_packages/cpp/ImportMisra23.json b/rule_packages/cpp/ImportMisra23.json deleted file mode 100644 index 259e3f8a17..0000000000 --- a/rule_packages/cpp/ImportMisra23.json +++ /dev/null @@ -1,505 +0,0 @@ -{ - "MISRA-C++-2023": { - "DIR-5-7-2": { - "properties": { - "obligation": "advisory" - }, - "queries": [ - { - "description": "", - "kind": "problem", - "name": "Sections of code should not be \u201ccommented out\u201d", - "precision": "very-high", - "severity": "error", - "short_name": "SectionsOfCodeShouldNotBeCommentedOut", - "shared_implementation_short_name": "SectionsOfCodeShallNotBeCommentedOut", - "tags": [ - "maintainability", - "readability", - "correctness" - ] - } - ], - "title": "Sections of code should not be \u201ccommented out\u201d" - }, - "RULE-6-2-1": { - "properties": { - "enforcement": "decidable", - "obligation": "required" - }, - "queries": [ - { - "description": "", - "kind": "problem", - "name": "The one-definition rule shall not be violated", - "precision": "very-high", - "severity": "error", - "short_name": "OneDefinitionRuleViolated", - "shared_implementation_short_name": "OneDefinitionRuleViolation", - "tags": [ - "correctness", - "scope/system" - ] - } - ], - "title": "The one-definition rule shall not be violated" - }, - "RULE-6-4-1": { - "properties": { - "enforcement": "decidable", - "obligation": "required" - }, - "queries": [ - { - "description": "", - "kind": "problem", - "name": "A variable declared in an inner scope shall not hide a variable declared in an outer scope", - "precision": "very-high", - "severity": "error", - "short_name": "VariableDeclaredInInnerScopeHidesOuterScope", - "shared_implementation_short_name": "IdentifierHidden", - "tags": [ - "readability", - "maintainability", - "scope/single-translation-unit" - ] - } - ], - "title": "A variable declared in an inner scope shall not hide a variable declared in an outer scope" - }, - "RULE-6-8-1": { - "properties": { - "enforcement": "undecidable", - "obligation": "required" - }, - "queries": [ - { - "description": "Accessing an object before its lifetime can result in undefined behavior.", - "kind": "problem", - "name": "Access of uninitialized object", - "precision": "high", - "severity": "error", - "shared_implementation_short_name": "ObjectAccessedBeforeLifetime", - "short_name": "ObjectAccessedBeforeLifetimeMisra", - "tags": [ - "correctness", - "security" - ] - }, - { - "description": "Accessing an object after its lifetime results in undefined behavior.", - "kind": "problem", - "name": "Access of object after lifetime (use-after-free)", - "precision": "high", - "severity": "error", - "shared_implementation_short_name": "ObjectAccessedAfterLifetime", - "short_name": "ObjectAccessedAfterLifetimeMisra", - "tags": [ - "correctness", - "security" - ] - } - ], - "title": "An object shall not be accessed outside of its lifetime" - }, - "RULE-8-2-3": { - "properties": { - "enforcement": "decidable", - "obligation": "required" - }, - "queries": [ - { - "description": "A cast shall not remove any const or volatile qualification from the type accessed via a pointer or by reference", - "kind": "problem", - "name": "A cast shall not remove any const or volatile qualification from the type accessed via a pointer or", - "precision": "very-high", - "severity": "error", - "short_name": "CastRemovesConstOrVolatileFromPointerOrReference", - "shared_implementation_short_name": "RemoveConstOrVolatileQualification", - "tags": [ - "correctness", - "scope/single-translation-unit" - ] - } - ], - "title": "A cast shall not remove any const or volatile qualification from the type accessed via a pointer or by reference" - }, - "RULE-9-4-1": { - "properties": { - "enforcement": "decidable", - "obligation": "required" - }, - "queries": [ - { - "description": "All if ... else if constructs shall be terminated with an else statement", - "kind": "problem", - "name": "All if ", - "precision": "very-high", - "severity": "error", - "short_name": "IfElseIfEndCondition", - "shared_implementation_short_name": "IfElseTerminationConstruct", - "tags": [ - "readability", - "maintainability", - "scope/single-translation-unit" - ] - } - ], - "title": "All if ... else if constructs shall be terminated with an else statement" - }, - "RULE-9-6-3": { - "properties": { - "enforcement": "decidable", - "obligation": "required" - }, - "queries": [ - { - "description": "", - "kind": "problem", - "name": "The goto statement shall jump to a label declared later in the function body", - "precision": "very-high", - "severity": "error", - "short_name": "GotoShallJumpToLabelDeclaredLaterInTheFunction", - "shared_implementation_short_name": "GotoStatementCondition", - "tags": [ - "maintainability", - "readability", - "scope/single-translation-unit" - ] - } - ], - "title": "The goto statement shall jump to a label declared later in the function body" - }, - "RULE-9-6-4": { - "properties": { - "enforcement": "undecidable", - "obligation": "required" - }, - "queries": [ - { - "description": "", - "kind": "problem", - "name": "A function declared with the [[noreturn]] attribute shall not return", - "precision": "very-high", - "severity": "error", - "short_name": "FunctionDeclaredWithTheNoreturnAttributeReturn", - "shared_implementation_short_name": "FunctionNoReturnAttributeCondition", - "tags": [ - "correctness", - "scope/system" - ] - } - ], - "title": "A function declared with the [[noreturn]] attribute shall not return" - }, - "RULE-9-6-5": { - "properties": { - "enforcement": "decidable", - "obligation": "required" - }, - "queries": [ - { - "description": "", - "kind": "problem", - "name": "A function with non-void return type shall return a value on all paths", - "precision": "very-high", - "severity": "error", - "short_name": "NonVoidFunctionShallReturnAValueOnAllPaths", - "shared_implementation_short_name": "NonVoidFunctionDoesNotReturn", - "tags": [ - "correctness", - "scope/single-translation-unit" - ] - } - ], - "title": "A function with non-void return type shall return a value on all paths" - }, - "RULE-11-3-2": { - "properties": { - "enforcement": "decidable", - "obligation": "advisory" - }, - "queries": [ - { - "description": "", - "kind": "problem", - "name": "The declaration of an object should contain no more than two levels of pointer indirection", - "precision": "very-high", - "severity": "error", - "short_name": "DeclarationOfAnObjectIndirectionsLevel", - "shared_implementation_short_name": "DoNotUseMoreThanTwoLevelsOfPointerIndirection", - "tags": [ - "readability", - "maintainability", - "scope/single-translation-unit" - ] - } - ], - "title": "The declaration of an object should contain no more than two levels of pointer indirection" - }, - "RULE-18-3-3": { - "properties": { - "enforcement": "decidable", - "obligation": "required" - }, - "queries": [ - { - "description": "Handlers for a function-try-block of a constructor or destructor shall not refer to non-static members from their class or its bases", - "kind": "problem", - "name": "Handlers for a function-try-block of a constructor or destructor shall not refer to non-static", - "precision": "very-high", - "severity": "error", - "short_name": "HandlersReferToNonStaticMembersFromTheirClass", - "shared_implementation_short_name": "DestroyedValueReferencedInDestructorCatchBlock", - "tags": [ - "correctness", - "scope/single-translation-unit" - ] - } - ], - "title": "Handlers for a function-try-block of a constructor or destructor shall not refer to non-static members from their class or its bases" - }, - "RULE-19-0-3": { - "properties": { - "enforcement": "decidable", - "obligation": "advisory" - }, - "queries": [ - { - "description": "", - "kind": "problem", - "name": "#include directives should only be preceded by preprocessor directives or comments", - "precision": "very-high", - "severity": "error", - "short_name": "IncludeDirectivesPrecededByPreprocessorDirectives", - "shared_implementation_short_name": "PreprocessorIncludesPreceded", - "tags": [ - "readability", - "scope/single-translation-unit" - ] - } - ], - "title": "#include directives should only be preceded by preprocessor directives or comments" - }, - "RULE-19-1-3": { - "properties": { - "enforcement": "decidable", - "obligation": "required" - }, - "queries": [ - { - "description": "All identifiers used in the controlling expression of #if or #elif preprocessing directives shall be defined prior to evaluation", - "kind": "problem", - "name": "All identifiers used in the controlling expression of #if or #elif preprocessing directives shall be", - "precision": "very-high", - "severity": "error", - "short_name": "IdentifiersUsedInTheControllingExpressionOf", - "shared_implementation_short_name": "UndefinedMacroIdentifiers", - "tags": [ - "correctness", - "readability", - "scope/single-translation-unit" - ] - } - ], - "title": "All identifiers used in the controlling expression of #if or #elif preprocessing directives shall be defined prior to evaluation" - }, - "RULE-19-2-3": { - "properties": { - "enforcement": "decidable", - "obligation": "required" - }, - "queries": [ - { - "description": "The ' or \" or \\ characters and the /* or // character sequences shall not occur in a header file name", - "kind": "problem", - "name": "The ' or \" or \\ characters and the /* or // character sequences shall not occur in a header file", - "precision": "very-high", - "severity": "error", - "short_name": "CharsThatShouldNotOccurInHeaderFileName", - "shared_implementation_short_name": "PreprocessorIncludesForbiddenHeaderNames", - "tags": [ - "scope/single-translation-unit", - "correctness" - ], - "implementation_scope": { - "description": "This query identifies the use of the ', \\, /*, // characters in header file names. The query is not able to detect the use of the \" character in header file names.", - "items": [] - } - } - ], - "title": "The ' or \" or \\ characters and the /* or // character sequences shall not occur in a header file name" - }, - "RULE-19-3-1": { - "properties": { - "enforcement": "decidable", - "obligation": "advisory" - }, - "queries": [ - { - "description": "", - "kind": "problem", - "name": "The # and ## preprocessor operators should not be used", - "precision": "very-high", - "severity": "error", - "short_name": "AndPreprocessorOperatorsShouldNotBeUsed", - "shared_implementation_short_name": "HashOperatorsUsed", - "tags": [ - "correctness", - "scope/single-translation-unit" - ] - } - ], - "title": "The # and ## preprocessor operators should not be used" - }, - "RULE-19-3-5": { - "properties": { - "enforcement": "decidable", - "obligation": "required" - }, - "queries": [ - { - "description": "", - "kind": "problem", - "name": "Tokens that look like a preprocessing directive shall not occur within a macro argument", - "precision": "very-high", - "severity": "error", - "short_name": "TokensThatLookLikeDirectivesInAMacroArgument", - "shared_implementation_short_name": "PreprocessingDirectiveWithinMacroArgument", - "tags": [ - "readability", - "correctness", - "scope/single-translation-unit" - ] - } - ], - "title": "Tokens that look like a preprocessing directive shall not occur within a macro argument" - }, - "RULE-21-6-5": { - "properties": { - "enforcement": "decidable", - "obligation": "required" - }, - "queries": [ - { - "description": "", - "kind": "problem", - "name": "A pointer to an incomplete class type shall not be deleted", - "precision": "very-high", - "severity": "error", - "short_name": "PointerToAnIncompleteClassTypeDeleted", - "shared_implementation_short_name": "DeleteOfPointerToIncompleteClass", - "tags": [ - "correctness", - "scope/single-translation-unit" - ] - } - ], - "title": "A pointer to an incomplete class type shall not be deleted" - }, - "RULE-25-5-2": { - "properties": { - "enforcement": "decidable", - "obligation": "mandatory" - }, - "queries": [ - { - "description": "The pointers returned by the C++ Standard Library functions localeconv, getenv, setlocale or strerror must only be used as if they have pointer to const-qualified type", - "kind": "problem", - "name": "The pointers returned by environment functions should be treated as const", - "precision": "very-high", - "severity": "error", - "short_name": "PointersReturnedByLocaleFunctionsMustBeUsedAsConst", - "shared_implementation_short_name": "ConstLikeReturnValue", - "tags": [ - "correctness", - "scope/single-translation-unit" - ] - } - ], - "title": "The pointers returned by the C++ Standard Library functions localeconv, getenv, setlocale or strerror must only be used as if they have pointer to const-qualified type" - }, - "RULE-25-5-3": { - "properties": { - "enforcement": "undecidable", - "obligation": "mandatory" - }, - "queries": [ - { - "description": "The pointer returned by the Standard Library functions asctime, ctime, gmtime, localtime, localeconv, getenv, setlocale or strerror may be invalid following a subsequent call to the same function.", - "kind": "problem", - "name": "The pointer returned by the Standard Library env functions is invalid", - "precision": "very-high", - "severity": "error", - "short_name": "CallToSetlocaleInvalidatesOldPointersMisra", - "shared_implementation_short_name": "InvalidatedEnvStringPointers", - "tags": [ - "correctness", - "scope/system" - ] - }, - { - "description": "The pointer returned by the Standard Library functions asctime, ctime, gmtime, localtime, localeconv, getenv, setlocale or strerror may be invalid following a subsequent call to the same function.", - "kind": "problem", - "name": "The pointer returned by the Standard Library env functions is invalid warning", - "precision": "very-high", - "severity": "warning", - "short_name": "CallToSetlocaleInvalidatesOldPointersWarnMisra", - "shared_implementation_short_name": "InvalidatedEnvStringPointersWarn", - "tags": [ - "correctness", - "scope/system" - ] - } - ], - "title": "The pointer returned by the C++ Standard Library functions asctime, ctime, gmtime, localtime, localeconv, getenv, setlocale or strerror must not be used following a subsequent call to the same function" - }, - "RULE-28-6-3": { - "properties": { - "enforcement": "decidable", - "obligation": "required" - }, - "queries": [ - { - "description": "", - "kind": "problem", - "name": "An object shall not be used while in a potentially moved-from state", - "precision": "very-high", - "severity": "error", - "short_name": "ObjectUsedWhileInPotentiallyMovedFromState", - "shared_implementation_short_name": "MovedFromObjectsUnspecifiedState", - "tags": [ - "correctness", - "scope/single-translation-unit" - ] - } - ], - "title": "An object shall not be used while in a potentially moved-from state" - }, - "RULE-30-0-2": { - "properties": { - "enforcement": "undecidable", - "obligation": "required" - }, - "queries": [ - { - "description": "", - "kind": "problem", - "name": "Reads and writes on the same file stream shall be separated by a positioning operation", - "precision": "very-high", - "severity": "error", - "short_name": "ReadsAndWritesOnStreamNotSeparatedByPositioning", - "shared_implementation_short_name": "IOFstreamMissingPositioning", - "tags": [ - "correctness", - "scope/system" - ], - "implementation_scope": { - "description": "The rule is enforced in the context of a single function." - } - } - ], - "title": "Reads and writes on the same file stream shall be separated by a positioning operation" - } - } -} \ No newline at end of file diff --git a/rules.csv b/rules.csv index 239ac09023..913aa27282 100644 --- a/rules.csv +++ b/rules.csv @@ -511,7 +511,7 @@ c,CERT-C,ENV31-C,Yes,Rule,,,Do not rely on an environment pointer following an o c,CERT-C,ENV32-C,Yes,Rule,,,All exit handlers must return normally,,Contracts2,Medium, c,CERT-C,ENV33-C,Yes,Rule,,,Do not call system(),"RULE-21-21, M18-0-3",Banned,Easy, c,CERT-C,ENV34-C,Yes,Rule,,,Do not store pointers returned by certain functions,RULE-21-20,Contracts2,Medium, -c,CERT-C,ERR30-C,Yes,Rule,,,Take care when reading errno,M19-3-1,Contracts4,Hard, +c,CERT-C,ERR30-C,Yes,Rule,,,"Take care when reading errno",M19-3-1,Contracts4,Hard, c,CERT-C,ERR32-C,Yes,Rule,,,Do not rely on indeterminate values of errno,,Contracts5,Hard, c,CERT-C,ERR33-C,Yes,Rule,,,Detect and handle standard library errors,MEM52-CPP,Contracts5,Hard, c,CERT-C,ERR34-C,OutOfScope,Rule,,,Detect errors when converting a string to a number,,,, @@ -703,7 +703,7 @@ c,MISRA-C-2012,RULE-15-3,Yes,Required,,,"Any label referenced by a goto statemen c,MISRA-C-2012,RULE-15-4,Yes,Advisory,,,There should be no more than one break or goto statement used to terminate any iteration statement,,Statements2,Medium, c,MISRA-C-2012,RULE-15-5,Yes,Advisory,,,A function should have a single point of exit at the end,,Statements5,Medium, c,MISRA-C-2012,RULE-15-6,Yes,Required,,,The body of an iteration-statement or a selection-statement shall be a compund-statement,M6-3-1,Statements3,Import, -c,MISRA-C-2012,RULE-15-7,Yes,Required,,,All if else if constructs shall be terminated with an else statement,M6-4-2,Statements3,Import, +c,MISRA-C-2012,RULE-15-7,Yes,Required,,,All if / else if constructs shall be terminated with an else statement,M6-4-2,Statements3,Import, c,MISRA-C-2012,RULE-16-1,Yes,Required,,,All switch statements shall be well-formed,M6-4-3,Statements3,Import, c,MISRA-C-2012,RULE-16-2,Yes,Required,,,A switch label shall only be used when the most closely-enclosing compound statement is the body of a switch statement,M6-4-4,Statements1,Import, c,MISRA-C-2012,RULE-16-3,Yes,Required,,,An unconditional break statement shall terminate every switch-clause,M6-4-5,Statements1,Import, @@ -774,182 +774,182 @@ c,MISRA-C-2012,RULE-22-7,Yes,Required,,,The macro EOF shall only be compared wit c,MISRA-C-2012,RULE-22-8,Yes,Required,,,The value of errno shall be set to zero prior to a call to an errno-setting-function,ERR30-C,Contracts3,Medium, c,MISRA-C-2012,RULE-22-9,Yes,Required,,,The value of errno shall be tested against zero after calling an errno-setting-function,,Contracts3,Medium, c,MISRA-C-2012,RULE-22-10,Yes,Required,,,The value of errno shall only be tested when the last function to be called was an errno-setting-function,,Contracts3,Medium, -cpp,MISRA-C++-2023,RULE-0-0-1,Yes,Required,Decidable,Single Translation Unit,A function shall not contain unreachable statements,M0-1-1,,Medium, -cpp,MISRA-C++-2023,RULE-0-0-2,Yes,Advisory,Undecidable,System,Controlling expressions should not be invariant,M0-1-2,,Easy, -cpp,MISRA-C++-2023,RULE-0-1-1,Yes,Advisory,Undecidable,System,A value should not be unnecessarily written to a local object,A0-1-1,,Medium, -cpp,MISRA-C++-2023,RULE-0-1-2,Yes,Required,Decidable,Single Translation Unit,The value returned by a function shall be used,A0-1-2,,Easy, -cpp,MISRA-C++-2023,RULE-0-2-1,Yes,Advisory,Decidable,Single Translation Unit,Variables with limited visibility should be used at least once,M0-1-3,,Easy, -cpp,MISRA-C++-2023,RULE-0-2-2,Yes,Required,Decidable,Single Translation Unit,A named function parameter shall be used at least once,"A0-1-4, A0-1-5",,Easy, -cpp,MISRA-C++-2023,RULE-0-2-3,Yes,Advisory,Decidable,Single Translation Unit,Types with limited visibility should be used at least once,A0-1-6,,Easy, -cpp,MISRA-C++-2023,RULE-0-2-4,Yes,Advisory,Decidable,System,Functions with limited visibility should be used at least once,A0-1-3,,Easy, +cpp,MISRA-C++-2023,RULE-0-0-1,Yes,Required,Decidable,Single Translation Unit,A function shall not contain unreachable statements,,,Medium, +cpp,MISRA-C++-2023,RULE-0-0-2,Yes,Advisory,Undecidable,System,Controlling expressions should not be invariant,,,Easy, +cpp,MISRA-C++-2023,RULE-0-1-1,Yes,Advisory,Undecidable,System,A value should not be unnecessarily written to a local object,,,Medium, +cpp,MISRA-C++-2023,RULE-0-1-2,Yes,Required,Decidable,Single Translation Unit,The value returned by a function shall be used,,,Easy, +cpp,MISRA-C++-2023,RULE-0-2-1,Yes,Advisory,Decidable,Single Translation Unit,Variables with limited visibility should be used at least once,,,Easy, +cpp,MISRA-C++-2023,RULE-0-2-2,Yes,Required,Decidable,Single Translation Unit,A named function parameter shall be used at least once,,,Easy, +cpp,MISRA-C++-2023,RULE-0-2-3,Yes,Advisory,Decidable,Single Translation Unit,Types with limited visibility should be used at least once,,,Easy, +cpp,MISRA-C++-2023,RULE-0-2-4,Yes,Advisory,Decidable,System,Functions with limited visibility should be used at least once,,,Easy, cpp,MISRA-C++-2023,DIR-0-3-1,Yes,Advisory,,,Floating-point arithmetic should be used appropriately,,,Hard, cpp,MISRA-C++-2023,DIR-0-3-2,Yes,Required,,,A function call shall not violate the function’s preconditions,,,Hard, cpp,MISRA-C++-2023,RULE-4-1-1,Yes,Required,Undecidable,System,A program shall conform to ISO/IEC 14882:2017 (C++17),,,Hard, cpp,MISRA-C++-2023,RULE-4-1-2,Yes,Advisory,Decidable,Single Translation Unit,Deprecated features should not be used,,,Very Hard, cpp,MISRA-C++-2023,RULE-4-1-3,Yes,Required,Undecidable,System,There shall be no occurrence of undefined or critical unspecified behaviour,,,Very Hard, -cpp,MISRA-C++-2023,RULE-4-6-1,Yes,Required,Undecidable,System,Operations on a memory location shall be sequenced appropriately,RULE-13-2,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-5-0-1,Yes,Advisory,Decidable,Single Translation Unit,Trigraph-like sequences should not be used,A2-5-1,,Very Hard, -cpp,MISRA-C++-2023,RULE-5-7-1,Yes,Required,Decidable,Single Translation Unit,The character sequence /* shall not be used within a C-style comment,M2-7-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,DIR-5-7-2,Yes,Advisory,,,Sections of code should not be “commented out”,A2-7-2,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-5-7-3,Yes,Required,Decidable,Single Translation Unit,Line-splicing shall not be used in // comments,A2-7-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-4-6-1,Yes,Required,Undecidable,System,Operations on a memory location shall be sequenced appropriately,,,Import, +cpp,MISRA-C++-2023,RULE-5-0-1,Yes,Advisory,Decidable,Single Translation Unit,Trigraph-like sequences should not be used,,,Very Hard, +cpp,MISRA-C++-2023,RULE-5-7-1,Yes,Required,Decidable,Single Translation Unit,The character sequence /* shall not be used within a C-style comment,,,Import, +cpp,MISRA-C++-2023,DIR-5-7-2,Yes,Advisory,,,Sections of code should not be “commented out”,,,Import, +cpp,MISRA-C++-2023,RULE-5-7-3,Yes,Required,Decidable,Single Translation Unit,Line-splicing shall not be used in // comments,,,Import, cpp,MISRA-C++-2023,RULE-5-10-1,Yes,Required,Decidable,Single Translation Unit,User-defined identifiers shall have an appropriate form,,,Easy, -cpp,MISRA-C++-2023,RULE-5-13-1,Yes,Required,Decidable,Single Translation Unit,"In character literals and non-raw string literals, \ shall only be used to form a defined escape sequence or universal character name",A2-13-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-5-13-2,Yes,Required,Decidable,Single Translation Unit,"Octal escape sequences, hexadecimal escape sequences, and universal character names shall be terminated",RULE-4-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-5-13-3,Yes,Required,Decidable,Single Translation Unit,Octal constants shall not be used,RULE-7-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-5-13-4,Yes,Required,Decidable,Single Translation Unit,Unsigned integer literals shall be appropriately suffixed,M2-13-3,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-5-13-5,Yes,Required,Decidable,Single Translation Unit,The lowercase form of L shall not be used as the first character in a literal suffix,RULE-7-3,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-5-13-1,Yes,Required,Decidable,Single Translation Unit,"In character literals and non-raw string literals, \ shall only be used to form a defined escape sequence or universal character name",,,Import, +cpp,MISRA-C++-2023,RULE-5-13-2,Yes,Required,Decidable,Single Translation Unit,"Octal escape sequences, hexadecimal escape sequences, and universal character names shall be terminated",,,Import, +cpp,MISRA-C++-2023,RULE-5-13-3,Yes,Required,Decidable,Single Translation Unit,Octal constants shall not be used,,,Import, +cpp,MISRA-C++-2023,RULE-5-13-4,Yes,Required,Decidable,Single Translation Unit,Unsigned integer literals shall be appropriately suffixed,,,Import, +cpp,MISRA-C++-2023,RULE-5-13-5,Yes,Required,Decidable,Single Translation Unit,The lowercase form of L shall not be used as the first character in a literal suffix,,,Import, cpp,MISRA-C++-2023,RULE-5-13-6,Yes,Required,Decidable,Single Translation Unit,An integer-literal of type long long shall not use a single L or l in any suffix,,,Easy, -cpp,MISRA-C++-2023,RULE-5-13-7,No,Required,Decidable,Single Translation Unit,String literals with different encoding prefixes shall not be concatenated,A2-13-2,,, -cpp,MISRA-C++-2023,RULE-6-0-1,Yes,Required,Decidable,Single Translation Unit,Block scope declarations shall not be visually ambiguous,"M3-1-2,DCL53-CPP",,Easy, -cpp,MISRA-C++-2023,RULE-6-0-2,Yes,Advisory,Decidable,Single Translation Unit,"When an array with external linkage is declared, its size should be explicitly specified",RULE-18-8,,Easy, -cpp,MISRA-C++-2023,RULE-6-0-3,Yes,Advisory,Decidable,Single Translation Unit,"The only declarations in the global namespace should be main, namespace declarations and extern ""C"" declarations",M7-3-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-6-0-4,Yes,Required,Decidable,Single Translation Unit,The identifier main shall not be used for a function other than the global function main,M7-3-2,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-6-2-1,Yes,Required,Decidable,System,The one-definition rule shall not be violated,M3-2-2,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-6-2-2,Yes,Required,Decidable,System,All declarations of a variable or function shall have the same type,"M3-9-1,DCL40-C",,Easy, +cpp,MISRA-C++-2023,RULE-5-13-7,No,Required,Decidable,Single Translation Unit,String literals with different encoding prefixes shall not be concatenated,,,, +cpp,MISRA-C++-2023,RULE-6-0-1,Yes,Required,Decidable,Single Translation Unit,Block scope declarations shall not be visually ambiguous,,,Easy, +cpp,MISRA-C++-2023,RULE-6-0-2,Yes,Advisory,Decidable,Single Translation Unit,"When an array with external linkage is declared, its size should be explicitly specified",,,Easy, +cpp,MISRA-C++-2023,RULE-6-0-3,Yes,Advisory,Decidable,Single Translation Unit,"The only declarations in the global namespace should be main, namespace declarations and extern ""C"" declarations",,,Import, +cpp,MISRA-C++-2023,RULE-6-0-4,Yes,Required,Decidable,Single Translation Unit,The identifier main shall not be used for a function other than the global function main,,,Import, +cpp,MISRA-C++-2023,RULE-6-2-1,Yes,Required,Decidable,System,The one-definition rule shall not be violated,,,Import, +cpp,MISRA-C++-2023,RULE-6-2-2,Yes,Required,Decidable,System,All declarations of a variable or function shall have the same type,,,Easy, cpp,MISRA-C++-2023,RULE-6-2-3,Yes,Required,Decidable,System,The source code used to implement an entity shall appear only once,,,Medium, cpp,MISRA-C++-2023,RULE-6-2-4,Yes,Required,Decidable,Single Translation Unit,A header file shall not contain definitions of functions or objects that are non-inline and have external linkage,,,Easy, -cpp,MISRA-C++-2023,RULE-6-4-1,Yes,Required,Decidable,Single Translation Unit,A variable declared in an inner scope shall not hide a variable declared in an outer scope,A2-10-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-6-4-2,Yes,Required,Decidable,Single Translation Unit,Derived classes shall not conceal functions that are inherited from their bases,A7-3-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-6-4-3,Yes,Required,Decidable,Single Translation Unit,A name that is present in a dependent base shall not be resolved by unqualified lookup,M14-6-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-6-4-1,Yes,Required,Decidable,Single Translation Unit,A variable declared in an inner scope shall not hide a variable declared in an outer scope,,,Import, +cpp,MISRA-C++-2023,RULE-6-4-2,Yes,Required,Decidable,Single Translation Unit,Derived classes shall not conceal functions that are inherited from their bases,,,Import, +cpp,MISRA-C++-2023,RULE-6-4-3,Yes,Required,Decidable,Single Translation Unit,A name that is present in a dependent base shall not be resolved by unqualified lookup,,,Import, cpp,MISRA-C++-2023,RULE-6-5-1,Yes,Advisory,Decidable,Single Translation Unit,A function or object with external linkage should be introduced in a header file,,,Medium, cpp,MISRA-C++-2023,RULE-6-5-2,Yes,Advisory,Decidable,Single Translation Unit,Internal linkage should be specified appropriately,,,Medium, cpp,MISRA-C++-2023,RULE-6-7-1,Yes,Required,Decidable,Single Translation Unit,Local variables shall not have static storage duration,,,Easy, cpp,MISRA-C++-2023,RULE-6-7-2,Yes,Required,Decidable,Single Translation Unit,Global variables shall not be used,,,Easy, -cpp,MISRA-C++-2023,RULE-6-8-1,Yes,Required,Undecidable,System,An object shall not be accessed outside of its lifetime,A3-8-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-6-8-2,Yes,Mandatory,Decidable,Single Translation Unit,A function must not return a reference or a pointer to a local variable with automatic storage duration,M7-5-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-6-8-1,Yes,Required,Undecidable,System,An object shall not be accessed outside of its lifetime,,,Import, +cpp,MISRA-C++-2023,RULE-6-8-2,Yes,Mandatory,Decidable,Single Translation Unit,A function must not return a reference or a pointer to a local variable with automatic storage duration,,,Import, cpp,MISRA-C++-2023,RULE-6-8-3,Yes,Required,Decidable,Single Translation Unit,An assignment operator shall not assign the address of an object with automatic storage duration to an object with a greater lifetime,,,Medium, cpp,MISRA-C++-2023,RULE-6-8-4,Yes,Advisory,Decidable,Single Translation Unit,Member functions returning references to their object should be refqualified appropriately,,,Medium, cpp,MISRA-C++-2023,RULE-6-9-1,Yes,Required,Decidable,Single Translation Unit,The same type aliases shall be used in all declarations of the same entity,,,Medium, -cpp,MISRA-C++-2023,RULE-6-9-2,Yes,Advisory,Decidable,Single Translation Unit,The names of the standard signed integer types and standard unsigned integer types should not be used,A3-9-1,,Easy, +cpp,MISRA-C++-2023,RULE-6-9-2,Yes,Advisory,Decidable,Single Translation Unit,The names of the standard signed integer types and standard unsigned integer types should not be used,,,Easy, cpp,MISRA-C++-2023,RULE-7-0-1,Yes,Required,Decidable,Single Translation Unit,There shall be no conversion from type bool,,,Easy, cpp,MISRA-C++-2023,RULE-7-0-2,Yes,Required,Decidable,Single Translation Unit,There shall be no conversion to type bool,,,Easy, -cpp,MISRA-C++-2023,RULE-7-0-3,Yes,Required,Decidable,Single Translation Unit,The numerical value of a character shall not be used,M5-0-11,,Medium, -cpp,MISRA-C++-2023,RULE-7-0-4,Yes,Required,Decidable,Single Translation Unit,The operands of bitwise operators and shift operators shall be appropriate,RULE-10-1,,Medium, -cpp,MISRA-C++-2023,RULE-7-0-5,Yes,Required,Decidable,Single Translation Unit,Integral promotion and the usual arithmetic conversions shall not change the signedness or the type category of an operand,"M5-0-4,M5-0-9,INT31-C",,Medium, +cpp,MISRA-C++-2023,RULE-7-0-3,Yes,Required,Decidable,Single Translation Unit,The numerical value of a character shall not be used,,,Medium, +cpp,MISRA-C++-2023,RULE-7-0-4,Yes,Required,Decidable,Single Translation Unit,The operands of bitwise operators and shift operators shall be appropriate,,,Medium, +cpp,MISRA-C++-2023,RULE-7-0-5,Yes,Required,Decidable,Single Translation Unit,Integral promotion and the usual arithmetic conversions shall not change the signedness or the type category of an operand,,,Medium, cpp,MISRA-C++-2023,RULE-7-0-6,Yes,Required,Decidable,Single Translation Unit,Assignment between numeric types shall be appropriate,,,Hard, -cpp,MISRA-C++-2023,RULE-7-11-1,Yes,Required,Decidable,Single Translation Unit,nullptr shall be the only form of the null-pointer-constant,A4-10-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-7-11-2,Yes,Required,Decidable,Single Translation Unit,An array passed as a function argument shall not decay to a pointer,M5-2-12,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-7-11-1,Yes,Required,Decidable,Single Translation Unit,nullptr shall be the only form of the null-pointer-constant,,,Import, +cpp,MISRA-C++-2023,RULE-7-11-2,Yes,Required,Decidable,Single Translation Unit,An array passed as a function argument shall not decay to a pointer,,,Import, cpp,MISRA-C++-2023,RULE-7-11-3,Yes,Required,Decidable,Single Translation Unit,A conversion from function type to pointer-to-function type shall only occur in appropriate contexts,,,Easy, -cpp,MISRA-C++-2023,RULE-8-0-1,Yes,Advisory,Decidable,Single Translation Unit,Parentheses should be used to make the meaning of an expression appropriately explicit,M5-0-2,,Medium, +cpp,MISRA-C++-2023,RULE-8-0-1,Yes,Advisory,Decidable,Single Translation Unit,Parentheses should be used to make the meaning of an expression appropriately explicit,,,Medium, cpp,MISRA-C++-2023,RULE-8-1-1,Yes,Required,Decidable,Single Translation Unit,A non-transient lambda shall not implicitly capture this,,,Easy, -cpp,MISRA-C++-2023,RULE-8-1-2,Yes,Advisory,Decidable,Single Translation Unit,Variables should be captured explicitly in a non-transient lambda,A5-1-2,,Easy, +cpp,MISRA-C++-2023,RULE-8-1-2,Yes,Advisory,Decidable,Single Translation Unit,Variables should be captured explicitly in a non-transient lambda,,,Easy, cpp,MISRA-C++-2023,RULE-8-2-1,Yes,Required,Decidable,Single Translation Unit,A virtual base class shall only be cast to a derived class by means of dynamic_cast,,,Easy, -cpp,MISRA-C++-2023,RULE-8-2-2,Yes,Required,Decidable,Single Translation Unit,C-style casts and functional notation casts shall not be used,A5-2-2,,Easy, -cpp,MISRA-C++-2023,RULE-8-2-3,Yes,Required,Decidable,Single Translation Unit,A cast shall not remove any const or volatile qualification from the type accessed via a pointer or by reference,A5-2-3,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-8-2-4,Yes,Required,Decidable,Single Translation Unit,Casts shall not be performed between a pointer to function and any other type,M5-2-6,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-8-2-5,Yes,Required,Decidable,Single Translation Unit,reinterpret_cast shall not be used,A5-2-4,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-8-2-6,Yes,Required,Decidable,Single Translation Unit,"An object with integral, enumerated, or pointer to void type shall not be cast to a pointer type","RULE-11-6, INT36-C",,Easy, -cpp,MISRA-C++-2023,RULE-8-2-7,Yes,Advisory,Decidable,Single Translation Unit,A cast should not convert a pointer type to an integral type,"RULE-11-6, INT36-C",,Easy, -cpp,MISRA-C++-2023,RULE-8-2-8,Yes,Required,Decidable,Single Translation Unit,An object pointer type shall not be cast to an integral type other than std::uintptr_t or std::intptr_t,"RULE-11-6, INT36-C",,Easy, +cpp,MISRA-C++-2023,RULE-8-2-2,Yes,Required,Decidable,Single Translation Unit,C-style casts and functional notation casts shall not be used,,,Easy, +cpp,MISRA-C++-2023,RULE-8-2-3,Yes,Required,Decidable,Single Translation Unit,A cast shall not remove any const or volatile qualification from the type accessed via a pointer or by reference,,,Import, +cpp,MISRA-C++-2023,RULE-8-2-4,Yes,Required,Decidable,Single Translation Unit,Casts shall not be performed between a pointer to function and any other type,,,Import, +cpp,MISRA-C++-2023,RULE-8-2-5,Yes,Required,Decidable,Single Translation Unit,reinterpret_cast shall not be used,,,Import, +cpp,MISRA-C++-2023,RULE-8-2-6,Yes,Required,Decidable,Single Translation Unit,"An object with integral, enumerated, or pointer to void type shall not be cast to a pointer type",,,Easy, +cpp,MISRA-C++-2023,RULE-8-2-7,Yes,Advisory,Decidable,Single Translation Unit,A cast should not convert a pointer type to an integral type,,,Easy, +cpp,MISRA-C++-2023,RULE-8-2-8,Yes,Required,Decidable,Single Translation Unit,An object pointer type shall not be cast to an integral type other than std::uintptr_t or std::intptr_t,,,Easy, cpp,MISRA-C++-2023,RULE-8-2-9,Yes,Required,Decidable,Single Translation Unit,The operand to typeid shall not be an expression of polymorphic class type,,,Easy, -cpp,MISRA-C++-2023,RULE-8-2-10,Yes,Required,Undecidable,System,"Functions shall not call themselves, either directly or indirectly",A7-5-2,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-8-2-10,Yes,Required,Undecidable,System,"Functions shall not call themselves, either directly or indirectly",,,Import, cpp,MISRA-C++-2023,RULE-8-2-11,Yes,Required,Decidable,Single Translation Unit,An argument passed via ellipsis shall have an appropriate type,,,Easy, -cpp,MISRA-C++-2023,RULE-8-3-1,Yes,Advisory,Decidable,Single Translation Unit,The built-in unary - operator should not be applied to an expression of unsigned type,M5-3-2,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-8-3-1,Yes,Advisory,Decidable,Single Translation Unit,The built-in unary - operator should not be applied to an expression of unsigned type,,,Import, cpp,MISRA-C++-2023,RULE-8-3-2,Yes,Advisory,Decidable,Single Translation Unit,The built-in unary + operator should not be used,,,Easy, -cpp,MISRA-C++-2023,RULE-8-7-1,Yes,Required,Undecidable,System,Pointer arithmetic shall not form an invalid pointer,ARR30-C,,Easy, -cpp,MISRA-C++-2023,RULE-8-7-2,Yes,Required,Undecidable,System,Subtraction between pointers shall only be applied to pointers that address elements of the same array,ARR36-C,,Easy, -cpp,MISRA-C++-2023,RULE-8-9-1,Yes,Required,Undecidable,System,"The built-in relational operators >, >=, < and <= shall not be applied to objects of pointer type, except where they point to elements of the same array",ARR36-C,,Easy, -cpp,MISRA-C++-2023,RULE-8-14-1,Yes,Advisory,Undecidable,System,The right-hand operand of a logical && or operator should not contain persistent side effects,"M5-14-1, RULE-13-5",,Medium, -cpp,MISRA-C++-2023,RULE-8-18-1,Yes,Mandatory,Undecidable,System,An object or subobject must not be copied to an overlapping object,"M0-2-1, RULE-19-1",,Hard, -cpp,MISRA-C++-2023,RULE-8-18-2,Yes,Advisory,Decidable,Single Translation Unit,The result of an assignment operator should not be used,RULE-13-4,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-8-19-1,Yes,Advisory,Decidable,Single Translation Unit,The comma operator should not be used,M15-8-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-8-20-1,Yes,Advisory,Decidable,Single Translation Unit,An unsigned arithmetic operation with constant operands should not wrap,INT30-C,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-9-2-1,Yes,Required,Decidable,Single Translation Unit,An explicit type conversion shall not be an expression statement,DCL53-CPP,,Easy, -cpp,MISRA-C++-2023,RULE-9-3-1,Yes,Required,Decidable,Single Translation Unit,The body of an iteration-statement or a selection-statement shall be a compound-statement,RULE-15-6,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-9-4-1,Yes,Required,Decidable,Single Translation Unit,All if ... else if constructs shall be terminated with an else statement,RULE-15-7,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-9-4-2,Yes,Required,Decidable,Single Translation Unit,The structure of a switch statement shall be appropriate,"RULE-16-1, RULE-16-2,RULE-16-3,RULE-16-4,RULE-16-5,RULE-16-6,RULE-16-7",,Medium, +cpp,MISRA-C++-2023,RULE-8-7-1,Yes,Required,Undecidable,System,Pointer arithmetic shall not form an invalid pointer,,,Easy, +cpp,MISRA-C++-2023,RULE-8-7-2,Yes,Required,Undecidable,System,Subtraction between pointers shall only be applied to pointers that address elements of the same array,,,Easy, +cpp,MISRA-C++-2023,RULE-8-9-1,Yes,Required,Undecidable,System,"The built-in relational operators >, >=, < and <= shall not be applied to objects of pointer type, except where they point to elements of the same array",,,Easy, +cpp,MISRA-C++-2023,RULE-8-14-1,Yes,Advisory,Undecidable,System,The right-hand operand of a logical && or operator should not contain persistent side effects,,,Medium, +cpp,MISRA-C++-2023,RULE-8-18-1,Yes,Mandatory,Undecidable,System,An object or subobject must not be copied to an overlapping object,,,Hard, +cpp,MISRA-C++-2023,RULE-8-18-2,Yes,Advisory,Decidable,Single Translation Unit,The result of an assignment operator should not be used,,,Import, +cpp,MISRA-C++-2023,RULE-8-19-1,Yes,Advisory,Decidable,Single Translation Unit,The comma operator should not be used,,,Import, +cpp,MISRA-C++-2023,RULE-8-20-1,Yes,Advisory,Decidable,Single Translation Unit,An unsigned arithmetic operation with constant operands should not wrap,,,Import, +cpp,MISRA-C++-2023,RULE-9-2-1,Yes,Required,Decidable,Single Translation Unit,An explicit type conversion shall not be an expression statement,,,Easy, +cpp,MISRA-C++-2023,RULE-9-3-1,Yes,Required,Decidable,Single Translation Unit,The body of an iteration-statement or a selection-statement shall be a compound-statement,,,Import, +cpp,MISRA-C++-2023,RULE-9-4-1,Yes,Required,Decidable,Single Translation Unit,All if ... else if constructs shall be terminated with an else statement,,,Import, +cpp,MISRA-C++-2023,RULE-9-4-2,Yes,Required,Decidable,Single Translation Unit,The structure of a switch statement shall be appropriate,,,Medium, cpp,MISRA-C++-2023,RULE-9-5-1,Yes,Advisory,Decidable,Single Translation Unit,Legacy for statements should be simple,,,Hard, cpp,MISRA-C++-2023,RULE-9-5-2,Yes,Required,Decidable,Single Translation Unit,A for-range-initializer shall contain at most one function call,,,Easy, -cpp,MISRA-C++-2023,RULE-9-6-1,Yes,Advisory,Decidable,Single Translation Unit,The goto statement should not be used,RULE-15-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-9-6-2,Yes,Required,Decidable,Single Translation Unit,A goto statement shall reference a label in a surrounding block,RULE-15-3,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-9-6-3,Yes,Required,Decidable,Single Translation Unit,The goto statement shall jump to a label declared later in the function body,RULE-15-2,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-9-6-4,Yes,Required,Undecidable,System,A function declared with the [[noreturn]] attribute shall not return,MSC53-CPP,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-9-6-5,Yes,Required,Decidable,Single Translation Unit,A function with non-void return type shall return a value on all paths,MSC52-CPP,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-10-0-1,Yes,Advisory,Decidable,Single Translation Unit,A declaration should not declare more than one variable or member variable,M8-0-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-10-1-1,Yes,Advisory,Decidable,Single Translation Unit,The target type of a pointer or lvalue reference parameter should be const-qualified appropriately,RULE-8-13,,Hard, +cpp,MISRA-C++-2023,RULE-9-6-1,Yes,Advisory,Decidable,Single Translation Unit,The goto statement should not be used,,,Import, +cpp,MISRA-C++-2023,RULE-9-6-2,Yes,Required,Decidable,Single Translation Unit,A goto statement shall reference a label in a surrounding block,,,Import, +cpp,MISRA-C++-2023,RULE-9-6-3,Yes,Required,Decidable,Single Translation Unit,The goto statement shall jump to a label declared later in the function body,,,Import, +cpp,MISRA-C++-2023,RULE-9-6-4,Yes,Required,Undecidable,System,A function declared with the [[noreturn]] attribute shall not return,,,Import, +cpp,MISRA-C++-2023,RULE-9-6-5,Yes,Required,Decidable,Single Translation Unit,A function with non-void return type shall return a value on all paths,,,Import, +cpp,MISRA-C++-2023,RULE-10-0-1,Yes,Advisory,Decidable,Single Translation Unit,A declaration should not declare more than one variable or member variable,,,Import, +cpp,MISRA-C++-2023,RULE-10-1-1,Yes,Advisory,Decidable,Single Translation Unit,The target type of a pointer or lvalue reference parameter should be const-qualified appropriately,,,Hard, cpp,MISRA-C++-2023,RULE-10-1-2,Yes,Required,Decidable,Single Translation Unit,The volatile qualifier shall be used appropriately,,,Easy, -cpp,MISRA-C++-2023,RULE-10-2-1,Yes,Required,Decidable,Single Translation Unit,An enumeration shall be defined with an explicit underlying type,A7-2-2,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-10-2-2,Yes,Advisory,Decidable,Single Translation Unit,Unscoped enumerations should not be declared,A7-2-3,,Easy, -cpp,MISRA-C++-2023,RULE-10-2-3,Yes,Required,Decidable,Single Translation Unit,The numeric value of an unscoped enumeration with no fixed underlying type shall not be used,A4-5-1,,Easy, -cpp,MISRA-C++-2023,RULE-10-3-1,Yes,Advisory,Decidable,Single Translation Unit,There should be no unnamed namespaces in header files,"DCL59-CPP, M7-3-3",,Easy, -cpp,MISRA-C++-2023,RULE-10-4-1,Yes,Required,Decidable,Single Translation Unit,The asm declaration shall not be used,A7-4-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-10-2-1,Yes,Required,Decidable,Single Translation Unit,An enumeration shall be defined with an explicit underlying type,,,Import, +cpp,MISRA-C++-2023,RULE-10-2-2,Yes,Advisory,Decidable,Single Translation Unit,Unscoped enumerations should not be declared,,,Easy, +cpp,MISRA-C++-2023,RULE-10-2-3,Yes,Required,Decidable,Single Translation Unit,The numeric value of an unscoped enumeration with no fixed underlying type shall not be used,,,Easy, +cpp,MISRA-C++-2023,RULE-10-3-1,Yes,Advisory,Decidable,Single Translation Unit,There should be no unnamed namespaces in header files,,,Easy, +cpp,MISRA-C++-2023,RULE-10-4-1,Yes,Required,Decidable,Single Translation Unit,The asm declaration shall not be used,,,Import, cpp,MISRA-C++-2023,RULE-11-3-1,Yes,Advisory,Decidable,Single Translation Unit,Variables of array type should not be declared,,,Easy, -cpp,MISRA-C++-2023,RULE-11-3-2,Yes,Advisory,Decidable,Single Translation Unit,The declaration of an object should contain no more than two levels of pointer indirection,A5-0-3,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-11-3-2,Yes,Advisory,Decidable,Single Translation Unit,The declaration of an object should contain no more than two levels of pointer indirection,,,Import, cpp,MISRA-C++-2023,RULE-11-6-1,Yes,Advisory,Decidable,Single Translation Unit,All variables should be initialized,,,Easy, -cpp,MISRA-C++-2023,RULE-11-6-2,Yes,Mandatory,Undecidable,System,The value of an object must not be read before it has been set,A8-5-0,,Very Hard, -cpp,MISRA-C++-2023,RULE-11-6-3,Yes,Required,Decidable,Single Translation Unit,"Within an enumerator list, the value of an implicitly-specified enumeration constant shall be unique",RULE-8-12,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-12-2-1,Yes,Advisory,Decidable,Single Translation Unit,Bit-fields should not be declared,A9-6-2,,Easy, -cpp,MISRA-C++-2023,RULE-12-2-2,Yes,Required,Decidable,Single Translation Unit,A bit-field shall have an appropriate type,RULE-6-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-12-2-3,Yes,Required,Decidable,Single Translation Unit,A named bit-field with signed integer type shall not have a length of one bit,"RULE-6-2, M9-6-4",ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-12-3-1,Yes,Required,Decidable,Single Translation Unit,The union keyword shall not be used,RULE-19-2,,Easy, +cpp,MISRA-C++-2023,RULE-11-6-2,Yes,Mandatory,Undecidable,System,The value of an object must not be read before it has been set,,,Very Hard, +cpp,MISRA-C++-2023,RULE-11-6-3,Yes,Required,Decidable,Single Translation Unit,"Within an enumerator list, the value of an implicitly-specified enumeration constant shall be unique",,,Import, +cpp,MISRA-C++-2023,RULE-12-2-1,Yes,Advisory,Decidable,Single Translation Unit,Bit-fields should not be declared,,,Easy, +cpp,MISRA-C++-2023,RULE-12-2-2,Yes,Required,Decidable,Single Translation Unit,A bit-field shall have an appropriate type,,,Import, +cpp,MISRA-C++-2023,RULE-12-2-3,Yes,Required,Decidable,Single Translation Unit,A named bit-field with signed integer type shall not have a length of one bit,,,Import, +cpp,MISRA-C++-2023,RULE-12-3-1,Yes,Required,Decidable,Single Translation Unit,The union keyword shall not be used,,,Easy, cpp,MISRA-C++-2023,RULE-13-1-1,Yes,Advisory,Decidable,Single Translation Unit,Classes should not be inherited virtually,,,Easy, -cpp,MISRA-C++-2023,RULE-13-1-2,Yes,Required,Decidable,Single Translation Unit,An accessible base class shall not be both virtual and non-virtual in the same hierarchy,M10-1-3,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-13-1-2,Yes,Required,Decidable,Single Translation Unit,An accessible base class shall not be both virtual and non-virtual in the same hierarchy,,,Import, cpp,MISRA-C++-2023,RULE-13-3-1,Yes,Required,Decidable,Single Translation Unit,"User-declared member functions shall use the virtual, override and final specifiers appropriately",,,Easy, -cpp,MISRA-C++-2023,RULE-13-3-2,Yes,Required,Decidable,Single Translation Unit,Parameters in an overriding virtual function shall not specify different default arguments,M8-3-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-13-3-3,Yes,Required,Decidable,System,The parameters in all declarations or overrides of a function shall either be unnamed or have identical names,A15-1-2,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-13-3-4,Yes,Required,Decidable,Single Translation Unit,A comparison of a potentially virtual pointer to member function shall only be with nullptr,A5-10-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-13-3-2,Yes,Required,Decidable,Single Translation Unit,Parameters in an overriding virtual function shall not specify different default arguments,,,Import, +cpp,MISRA-C++-2023,RULE-13-3-3,Yes,Required,Decidable,System,The parameters in all declarations or overrides of a function shall either be unnamed or have identical names,,,Import, +cpp,MISRA-C++-2023,RULE-13-3-4,Yes,Required,Decidable,Single Translation Unit,A comparison of a potentially virtual pointer to member function shall only be with nullptr,,,Import, cpp,MISRA-C++-2023,RULE-14-1-1,Yes,Advisory,Decidable,Single Translation Unit,Non-static data members should be either all private or all public,,,Easy, -cpp,MISRA-C++-2023,RULE-15-0-1,Yes,Required,Decidable,Single Translation Unit,Special member functions shall be provided appropriately,A12-0-1,,Medium, +cpp,MISRA-C++-2023,RULE-15-0-1,Yes,Required,Decidable,Single Translation Unit,Special member functions shall be provided appropriately,,,Medium, cpp,MISRA-C++-2023,RULE-15-0-2,Yes,Advisory,Decidable,Single Translation Unit,User-provided copy and move member functions of a class should have appropriate signatures,,,Easy, -cpp,MISRA-C++-2023,RULE-15-1-1,Yes,Required,Undecidable,System,An object’s dynamic type shall not be used from within its constructor or destructor,M12-1-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-15-1-2,Yes,Advisory,Decidable,Single Translation Unit,All constructors of a class should explicitly initialize all of its virtual base classes and immediate base classes,A12-1-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-15-1-3,Yes,Required,Decidable,Single Translation Unit,Conversion operators and constructors that are callable with a single argument shall be explicit,"A12-1-4,A13-5-2",,Easy, +cpp,MISRA-C++-2023,RULE-15-1-1,Yes,Required,Undecidable,System,An object’s dynamic type shall not be used from within its constructor or destructor,,,Import, +cpp,MISRA-C++-2023,RULE-15-1-2,Yes,Advisory,Decidable,Single Translation Unit,All constructors of a class should explicitly initialize all of its virtual base classes and immediate base classes,,,Import, +cpp,MISRA-C++-2023,RULE-15-1-3,Yes,Required,Decidable,Single Translation Unit,Conversion operators and constructors that are callable with a single argument shall be explicit,,,Easy, cpp,MISRA-C++-2023,RULE-15-1-4,Yes,Advisory,Decidable,Single Translation Unit,"All direct, non-static data members of a class should be initialized before the class object is accessible",,,Hard, -cpp,MISRA-C++-2023,RULE-15-1-5,Yes,Required,Decidable,Single Translation Unit,A class shall only define an initializer-list constructor when it is the only constructor,A8-5-4,ImportMisra23,Import, -cpp,MISRA-C++-2023,DIR-15-8-1,Yes,Required,Decidable,Implementation,User-provided copy assignment operators and move assignment operators shall handle self-assignment,A12-8-5,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-16-5-1,Yes,Required,Decidable,Single Translation Unit,The logical AND and logical OR operators shall not be overloaded,M5-2-11,,Easy, -cpp,MISRA-C++-2023,RULE-16-5-2,Yes,Required,Decidable,Single Translation Unit,The address-of operator shall not be overloaded,M5-3-3,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-15-1-5,Yes,Required,Decidable,Single Translation Unit,A class shall only define an initializer-list constructor when it is the only constructor,,,Import, +cpp,MISRA-C++-2023,DIR-15-8-1,Yes,Required,#VALUE!,,User-provided copy assignment operators and move assignment operators shall handle self-assignment,,,Import, +cpp,MISRA-C++-2023,RULE-16-5-1,Yes,Required,Decidable,Single Translation Unit,The logical AND and logical OR operators shall not be overloaded,,,Easy, +cpp,MISRA-C++-2023,RULE-16-5-2,Yes,Required,Decidable,Single Translation Unit,The address-of operator shall not be overloaded,,,Import, cpp,MISRA-C++-2023,RULE-16-6-1,Yes,Advisory,Decidable,Single Translation Unit,Symmetrical operators should only be implemented as non-member functions,,,Medium, -cpp,MISRA-C++-2023,RULE-17-8-1,Yes,Required,Decidable,Single Translation Unit,Function templates shall not be explicitly specialized,A14-8-2,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-18-1-1,Yes,Required,Decidable,Single Translation Unit,An exception object shall not have pointer type,A15-1-2,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-18-1-2,Yes,Required,Decidable,Single Translation Unit,An empty throw shall only occur within the compound-statement of a catch handler,M15-1-3,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-18-3-1,Yes,Advisory,Decidable,Single Translation Unit,There should be at least one exception handler to catch all otherwise unhandled exceptions,A15-3-3,,Easy, -cpp,MISRA-C++-2023,RULE-18-3-2,Yes,Required,Decidable,Single Translation Unit,An exception of class type shall be caught by const reference or reference,A15-3-5,,Easy, -cpp,MISRA-C++-2023,RULE-18-3-3,Yes,Required,Decidable,Single Translation Unit,Handlers for a function-try-block of a constructor or destructor shall not refer to non-static members from their class or its bases,M15-3-3,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-18-4-1,Yes,Required,Decidable,Single Translation Unit,Exception-unfriendly functions shall be noexcept,A15-5-1,,Easy, -cpp,MISRA-C++-2023,RULE-18-5-1,Yes,Advisory,Undecidable,System,A noexcept function should not attempt to propagate an exception to the calling function,A15-4-2,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-17-8-1,Yes,Required,Decidable,Single Translation Unit,Function templates shall not be explicitly specialized,,,Import, +cpp,MISRA-C++-2023,RULE-18-1-1,Yes,Required,Decidable,Single Translation Unit,An exception object shall not have pointer type,,,Import, +cpp,MISRA-C++-2023,RULE-18-1-2,Yes,Required,Decidable,Single Translation Unit,An empty throw shall only occur within the compound-statement of a catch handler,,,Import, +cpp,MISRA-C++-2023,RULE-18-3-1,Yes,Advisory,Decidable,Single Translation Unit,There should be at least one exception handler to catch all otherwise unhandled exceptions,,,Easy, +cpp,MISRA-C++-2023,RULE-18-3-2,Yes,Required,Decidable,Single Translation Unit,An exception of class type shall be caught by const reference or reference,,,Easy, +cpp,MISRA-C++-2023,RULE-18-3-3,Yes,Required,Decidable,Single Translation Unit,Handlers for a function-try-block of a constructor or destructor shall not refer to non-static members from their class or its bases,,,Import, +cpp,MISRA-C++-2023,RULE-18-4-1,Yes,Required,Decidable,Single Translation Unit,Exception-unfriendly functions shall be noexcept,,,Easy, +cpp,MISRA-C++-2023,RULE-18-5-1,Yes,Advisory,Undecidable,System,A noexcept function should not attempt to propagate an exception to the calling function,,,Import, cpp,MISRA-C++-2023,RULE-18-5-2,Yes,Advisory,Decidable,Single Translation Unit,Program-terminating functions should not be used,,,Easy, cpp,MISRA-C++-2023,RULE-19-0-1,No,Required,Decidable,Single Translation Unit,A line whose first token is # shall be a valid preprocessing directive,,,, -cpp,MISRA-C++-2023,RULE-19-0-2,Yes,Required,Decidable,Single Translation Unit,Function-like macros shall not be defined,DIR-4-9,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-19-0-3,Yes,Advisory,Decidable,Single Translation Unit,#include directives should only be preceded by preprocessor directives or comments,RULE-20-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-19-0-2,Yes,Required,Decidable,Single Translation Unit,Function-like macros shall not be defined,,,Import, +cpp,MISRA-C++-2023,RULE-19-0-3,Yes,Advisory,Decidable,Single Translation Unit,#include directives should only be preceded by preprocessor directives or comments,,,Import, cpp,MISRA-C++-2023,RULE-19-0-4,Yes,Advisory,Decidable,Single Translation Unit,#undef should only be used for macros defined previously in the same file,,,Easy, -cpp,MISRA-C++-2023,RULE-19-1-1,Yes,Required,Decidable,Single Translation Unit,The defined preprocessor operator shall be used appropriately,M16-1-1,,Easy, -cpp,MISRA-C++-2023,RULE-19-1-2,No,Required,Decidable,Single Translation Unit,"All #else, #elif and #endif preprocessor directives shall reside in the same file as the #if, #ifdef or #ifndef directive to which they are related",M16-1-2,,, -cpp,MISRA-C++-2023,RULE-19-1-3,Yes,Required,Decidable,Single Translation Unit,All identifiers used in the controlling expression of #if or #elif preprocessing directives shall be defined prior to evaluation,M16-0-7,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-19-2-1,Yes,Required,Decidable,Single Translation Unit,Precautions shall be taken in order to prevent the contents of a header file being included more than once,M16-2-3,,Easy, +cpp,MISRA-C++-2023,RULE-19-1-1,Yes,Required,Decidable,Single Translation Unit,The defined preprocessor operator shall be used appropriately,,,Easy, +cpp,MISRA-C++-2023,RULE-19-1-2,No,Required,Decidable,Single Translation Unit,"All #else, #elif and #endif preprocessor directives shall reside in the same file as the #if, #ifdef or #ifndef directive to which they are related",,,, +cpp,MISRA-C++-2023,RULE-19-1-3,Yes,Required,Decidable,Single Translation Unit,All identifiers used in the controlling expression of #if or #elif preprocessing directives shall be defined prior to evaluation,,,Import, +cpp,MISRA-C++-2023,RULE-19-2-1,Yes,Required,Decidable,Single Translation Unit,Precautions shall be taken in order to prevent the contents of a header file being included more than once,,,Easy, cpp,MISRA-C++-2023,RULE-19-2-2,Yes,Required,Decidable,Single Translation Unit,"The #include directive shall be followed by either a or ""filename"" sequence",,,Easy, -cpp,MISRA-C++-2023,RULE-19-2-3,Yes,Required,Decidable,Single Translation Unit,"The ' or "" or \ characters and the /* or // character sequences shall not occur in a header file name",A16-2-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-19-3-1,Yes,Advisory,Decidable,Single Translation Unit,The # and ## preprocessor operators should not be used,M16-3-2,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-19-3-2,Yes,Required,Decidable,Single Translation Unit,A macro parameter immediately following a # operator shall not be immediately followed by a ## operator,RULE-20-11,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-19-3-3,Yes,Required,Decidable,Single Translation Unit,The argument to a mixed-use macro parameter shall not be subject to further expansion,RULE-20-12,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-19-3-4,Yes,Required,Decidable,Single Translation Unit,Parentheses shall be used to ensure macro arguments are expanded appropriately,M16-0-6,,Medium, -cpp,MISRA-C++-2023,RULE-19-3-5,Yes,Required,Decidable,Single Translation Unit,Tokens that look like a preprocessing directive shall not occur within a macro argument,RULE-20-6,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-19-6-1,Yes,Advisory,Decidable,Single Translation Unit,The #pragma directive and the _Pragma operator should not be used,A16-7-1,,Easy, -cpp,MISRA-C++-2023,RULE-21-2-1,Yes,Required,Decidable,Single Translation Unit,"The library functions atof, atoi, atol and atoll from shall not be used",RULE-21-7,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-21-2-2,Yes,Required,Decidable,Single Translation Unit,"The string handling functions from , , and shall not be used",M18-0-5,,Easy, -cpp,MISRA-C++-2023,RULE-21-2-3,Yes,Required,Decidable,Single Translation Unit,The library function system from shall not be used,M18-0-3,,Easy, -cpp,MISRA-C++-2023,RULE-21-2-4,Yes,Required,Decidable,Single Translation Unit,The macro offsetof shall not be used,M18-2-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-21-6-1,Yes,Advisory,Undecidable,Single Translation Unit,Dynamic memory should not be used,DIR-4-12,,Easy, +cpp,MISRA-C++-2023,RULE-19-2-3,Yes,Required,Decidable,Single Translation Unit,"The ' or "" or \ characters and the /* or // character sequences shall not occur in a header file name",,,Import, +cpp,MISRA-C++-2023,RULE-19-3-1,Yes,Advisory,Decidable,Single Translation Unit,The # and ## preprocessor operators should not be used,,,Import, +cpp,MISRA-C++-2023,RULE-19-3-2,Yes,Required,Decidable,Single Translation Unit,A macro parameter immediately following a # operator shall not be immediately followed by a ## operator,,,Import, +cpp,MISRA-C++-2023,RULE-19-3-3,Yes,Required,Decidable,Single Translation Unit,The argument to a mixed-use macro parameter shall not be subject to further expansion,,,Import, +cpp,MISRA-C++-2023,RULE-19-3-4,Yes,Required,Decidable,Single Translation Unit,Parentheses shall be used to ensure macro arguments are expanded appropriately,,,Medium, +cpp,MISRA-C++-2023,RULE-19-3-5,Yes,Required,Decidable,Single Translation Unit,Tokens that look like a preprocessing directive shall not occur within a macro argument,,,Import, +cpp,MISRA-C++-2023,RULE-19-6-1,Yes,Advisory,Decidable,Single Translation Unit,The #pragma directive and the _Pragma operator should not be used,,,Easy, +cpp,MISRA-C++-2023,RULE-21-2-1,Yes,Required,Decidable,Single Translation Unit,"The library functions atof, atoi, atol and atoll from shall not be used",,,Import, +cpp,MISRA-C++-2023,RULE-21-2-2,Yes,Required,Decidable,Single Translation Unit,"The string handling functions from , , and shall not be used",,,Easy, +cpp,MISRA-C++-2023,RULE-21-2-3,Yes,Required,Decidable,Single Translation Unit,The library function system from shall not be used,,,Easy, +cpp,MISRA-C++-2023,RULE-21-2-4,Yes,Required,Decidable,Single Translation Unit,The macro offsetof shall not be used,,,Import, +cpp,MISRA-C++-2023,RULE-21-6-1,Yes,Advisory,Undecidable,Single Translation Unit,Dynamic memory should not be used,,,Easy, cpp,MISRA-C++-2023,RULE-21-6-2,Yes,Required,Decidable,Single Translation Unit,Dynamic memory shall be managed automatically,,,Easy, cpp,MISRA-C++-2023,RULE-21-6-3,Yes,Required,Decidable,Single Translation Unit,Advanced memory management shall not be used,,,Medium, -cpp,MISRA-C++-2023,RULE-21-6-4,Yes,Required,Decidable,System,"If a project defines either a sized or unsized version of a global operator delete, then both shall be defined",A18-5-4,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-21-6-5,Yes,Required,Decidable,Single Translation Unit,A pointer to an incomplete class type shall not be deleted,A5-3-3,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-21-10-1,Yes,Required,Decidable,Single Translation Unit,The features of shall not be used,DCL50-CPP,,Easy, -cpp,MISRA-C++-2023,RULE-21-10-2,Yes,Required,Decidable,Single Translation Unit,The standard header file shall not be used,ERR52-CPP,,Easy, -cpp,MISRA-C++-2023,RULE-21-10-3,Yes,Required,Decidable,Single Translation Unit,The facilities provided by the standard header file shall not be used,M18-7-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-21-6-4,Yes,Required,Decidable,System,"If a project defines either a sized or unsized version of a global operator delete, then both shall be defined",,,Import, +cpp,MISRA-C++-2023,RULE-21-6-5,Yes,Required,Decidable,Single Translation Unit,A pointer to an incomplete class type shall not be deleted,,,Import, +cpp,MISRA-C++-2023,RULE-21-10-1,Yes,Required,Decidable,Single Translation Unit,The features of shall not be used,,,Easy, +cpp,MISRA-C++-2023,RULE-21-10-2,Yes,Required,Decidable,Single Translation Unit,The standard header file shall not be used,,,Easy, +cpp,MISRA-C++-2023,RULE-21-10-3,Yes,Required,Decidable,Single Translation Unit,The facilities provided by the standard header file shall not be used,,,Import, cpp,MISRA-C++-2023,RULE-22-3-1,Yes,Required,Decidable,Single Translation Unit,The assert macro shall not be used with a constant-expression,,,Easy, cpp,MISRA-C++-2023,RULE-22-4-1,Yes,Required,Decidable,Single Translation Unit,The literal value zero shall be the only value assigned to errno,,,Easy, cpp,MISRA-C++-2023,RULE-23-11-1,Yes,Advisory,Decidable,Single Translation Unit,The raw pointer constructors of std::shared_ptr and std::unique_ptr should not be used,,,Easy, cpp,MISRA-C++-2023,RULE-24-5-1,Yes,Required,Decidable,Single Translation Unit,The character handling functions from and shall not be used,,,Easy, cpp,MISRA-C++-2023,RULE-24-5-2,Yes,Required,Decidable,Single Translation Unit,"The C++ Standard Library functions memcpy, memmove and memcmp from shall not be used",,,Easy, cpp,MISRA-C++-2023,RULE-25-5-1,Yes,Required,Decidable,Single Translation Unit,The setlocale and std::locale::global functions shall not be called,,,Easy, -cpp,MISRA-C++-2023,RULE-25-5-2,Yes,Mandatory,Decidable,Single Translation Unit,"The pointers returned by the C++ Standard Library functions localeconv, getenv, setlocale or strerror must only be used as if they have pointer to const-qualified type",RULE-21-19,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-25-5-3,Yes,Mandatory,Undecidable,System,"The pointer returned by the C++ Standard Library functions asctime, ctime, gmtime, localtime, localeconv, getenv, setlocale or strerror must not be used following a subsequent call to the same function",RULE-21-20,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-26-3-1,Yes,Advisory,Decidable,Single Translation Unit,std::vector should not be specialized with bool,A18-1-2,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-28-3-1,Yes,Required,Undecidable,System,Predicates shall not have persistent side effects,A25-1-1,,Easy, -cpp,MISRA-C++-2023,RULE-28-6-1,Yes,Required,Decidable,Single Translation Unit,The argument to std::move shall be a non-const lvalue,A18-9-3,,Easy, -cpp,MISRA-C++-2023,RULE-28-6-2,Yes,Required,Decidable,Single Translation Unit,Forwarding references and std::forward shall be used together,A18-9-2,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-28-6-3,Yes,Required,Decidable,Single Translation Unit,An object shall not be used while in a potentially moved-from state,A12-8-3,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-25-5-2,Yes,Mandatory,Decidable,Single Translation Unit,"The pointers returned by the C++ Standard Library functions localeconv, getenv, setlocale or strerror must only be used as if they have pointer to const-qualified type",,,Import, +cpp,MISRA-C++-2023,RULE-25-5-3,Yes,Mandatory,Undecidable,System,"The pointer returned by the C++ Standard Library functions asctime, ctime, gmtime, localtime, localeconv, getenv, setlocale or strerror must not be used following a subsequent call to the same function",,,Import, +cpp,MISRA-C++-2023,RULE-26-3-1,Yes,Advisory,Decidable,Single Translation Unit,std::vector should not be specialized with bool,,,Import, +cpp,MISRA-C++-2023,RULE-28-3-1,Yes,Required,Undecidable,System,Predicates shall not have persistent side effects,,,Easy, +cpp,MISRA-C++-2023,RULE-28-6-1,Yes,Required,Decidable,Single Translation Unit,The argument to std::move shall be a non-const lvalue,,,Easy, +cpp,MISRA-C++-2023,RULE-28-6-2,Yes,Required,Decidable,Single Translation Unit,Forwarding references and std::forward shall be used together,,,Import, +cpp,MISRA-C++-2023,RULE-28-6-3,Yes,Required,Decidable,Single Translation Unit,An object shall not be used while in a potentially moved-from state,,,Import, cpp,MISRA-C++-2023,RULE-28-6-4,Yes,Required,Decidable,Single Translation Unit,"The result of std::remove, std::remove_if, std::unique and empty shall be used",,,Easy, -cpp,MISRA-C++-2023,RULE-30-0-1,Yes,Required,Decidable,Single Translation Unit,The C Library input/output functions shall not be used,M27-0-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-30-0-2,Yes,Required,Undecidable,System,Reads and writes on the same file stream shall be separated by a positioning operation,A27-0-3,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-30-0-1,Yes,Required,Decidable,Single Translation Unit,The C Library input/output functions shall not be used,,,Import, +cpp,MISRA-C++-2023,RULE-30-0-2,Yes,Required,Undecidable,System,Reads and writes on the same file stream shall be separated by a positioning operation,,,Import, \ No newline at end of file From e70e1c224734ac04cc545d43430b280a817e3cb1 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 16 May 2024 17:11:50 +0200 Subject: [PATCH 1807/2573] Rules with preexisting import --- .../cpp/exclusions/cpp/ImportMisra23.qll | 1319 +++++++++++++++++ .../cpp/exclusions/cpp/RuleMetadata.qll | 3 + .../SectionsOfCodeShouldNotBeCommentedOut.ql | 23 + .../DeclarationOfAnObjectIndirectionsLevel.ql | 24 + ...rsReferToNonStaticMembersFromTheirClass.ql | 24 + ...ectivesPrecededByPreprocessorDirectives.ql | 23 + ...tifiersUsedInTheControllingExpressionOf.ql | 25 + ...CharsThatShouldNotOccurInHeaderFileName.ql | 24 + ...AndPreprocessorOperatorsShouldNotBeUsed.ql | 23 + ...sThatLookLikeDirectivesInAMacroArgument.ql | 24 + .../PointerToAnIncompleteClassTypeDeleted.ql | 23 + ...urnedByLocaleFunctionsMustBeUsedAsConst.ql | 26 + ...lToSetlocaleInvalidatesOldPointersMisra.ql | 25 + ...etlocaleInvalidatesOldPointersWarnMisra.ql | 25 + ...ectUsedWhileInPotentiallyMovedFromState.ql | 23 + ...WritesOnStreamNotSeparatedByPositioning.ql | 23 + .../RULE-6-2-1/OneDefinitionRuleViolated.ql | 23 + ...ableDeclaredInInnerScopeHidesOuterScope.ql | 24 + .../ObjectAccessedAfterLifetimeMisra.ql | 23 + .../ObjectAccessedBeforeLifetimeMisra.ql | 23 + ...esConstOrVolatileFromPointerOrReference.ql | 24 + .../rules/RULE-9-4-1/IfElseIfEndCondition.ql | 24 + ...llJumpToLabelDeclaredLaterInTheFunction.ql | 24 + ...nDeclaredWithTheNoreturnAttributeReturn.ql | 23 + ...VoidFunctionShallReturnAValueOnAllPaths.ql | 23 + ...tionsOfCodeShouldNotBeCommentedOut.testref | 1 + ...arationOfAnObjectIndirectionsLevel.testref | 1 + ...erToNonStaticMembersFromTheirClass.testref | 1 + ...esPrecededByPreprocessorDirectives.testref | 1 + ...rsUsedInTheControllingExpressionOf.testref | 1 + ...ThatShouldNotOccurInHeaderFileName.testref | 1 + ...eprocessorOperatorsShouldNotBeUsed.testref | 1 + ...LookLikeDirectivesInAMacroArgument.testref | 1 + ...nterToAnIncompleteClassTypeDeleted.testref | 1 + ...ByLocaleFunctionsMustBeUsedAsConst.testref | 1 + ...tlocaleInvalidatesOldPointersMisra.testref | 1 + ...aleInvalidatesOldPointersWarnMisra.testref | 1 + ...edWhileInPotentiallyMovedFromState.testref | 1 + ...sOnStreamNotSeparatedByPositioning.testref | 1 + .../OneDefinitionRuleViolated.testref | 1 + ...eclaredInInnerScopeHidesOuterScope.testref | 1 + .../ObjectAccessedAfterLifetimeMisra.testref | 1 + .../ObjectAccessedBeforeLifetimeMisra.testref | 1 + ...stOrVolatileFromPointerOrReference.testref | 1 + .../RULE-9-4-1/IfElseIfEndCondition.testref | 1 + ...pToLabelDeclaredLaterInTheFunction.testref | 1 + ...aredWithTheNoreturnAttributeReturn.testref | 1 + ...unctionShallReturnAValueOnAllPaths.testref | 1 + rule_packages/cpp/ImportMisra23.json | 505 +++++++ rules.csv | 264 ++-- 50 files changed, 2528 insertions(+), 132 deletions(-) create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/cpp/ImportMisra23.qll create mode 100644 cpp/misra/src/rules/DIR-5-7-2/SectionsOfCodeShouldNotBeCommentedOut.ql create mode 100644 cpp/misra/src/rules/RULE-11-3-2/DeclarationOfAnObjectIndirectionsLevel.ql create mode 100644 cpp/misra/src/rules/RULE-18-3-3/HandlersReferToNonStaticMembersFromTheirClass.ql create mode 100644 cpp/misra/src/rules/RULE-19-0-3/IncludeDirectivesPrecededByPreprocessorDirectives.ql create mode 100644 cpp/misra/src/rules/RULE-19-1-3/IdentifiersUsedInTheControllingExpressionOf.ql create mode 100644 cpp/misra/src/rules/RULE-19-2-3/CharsThatShouldNotOccurInHeaderFileName.ql create mode 100644 cpp/misra/src/rules/RULE-19-3-1/AndPreprocessorOperatorsShouldNotBeUsed.ql create mode 100644 cpp/misra/src/rules/RULE-19-3-5/TokensThatLookLikeDirectivesInAMacroArgument.ql create mode 100644 cpp/misra/src/rules/RULE-21-6-5/PointerToAnIncompleteClassTypeDeleted.ql create mode 100644 cpp/misra/src/rules/RULE-25-5-2/PointersReturnedByLocaleFunctionsMustBeUsedAsConst.ql create mode 100644 cpp/misra/src/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersMisra.ql create mode 100644 cpp/misra/src/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersWarnMisra.ql create mode 100644 cpp/misra/src/rules/RULE-28-6-3/ObjectUsedWhileInPotentiallyMovedFromState.ql create mode 100644 cpp/misra/src/rules/RULE-30-0-2/ReadsAndWritesOnStreamNotSeparatedByPositioning.ql create mode 100644 cpp/misra/src/rules/RULE-6-2-1/OneDefinitionRuleViolated.ql create mode 100644 cpp/misra/src/rules/RULE-6-4-1/VariableDeclaredInInnerScopeHidesOuterScope.ql create mode 100644 cpp/misra/src/rules/RULE-6-8-1/ObjectAccessedAfterLifetimeMisra.ql create mode 100644 cpp/misra/src/rules/RULE-6-8-1/ObjectAccessedBeforeLifetimeMisra.ql create mode 100644 cpp/misra/src/rules/RULE-8-2-3/CastRemovesConstOrVolatileFromPointerOrReference.ql create mode 100644 cpp/misra/src/rules/RULE-9-4-1/IfElseIfEndCondition.ql create mode 100644 cpp/misra/src/rules/RULE-9-6-3/GotoShallJumpToLabelDeclaredLaterInTheFunction.ql create mode 100644 cpp/misra/src/rules/RULE-9-6-4/FunctionDeclaredWithTheNoreturnAttributeReturn.ql create mode 100644 cpp/misra/src/rules/RULE-9-6-5/NonVoidFunctionShallReturnAValueOnAllPaths.ql create mode 100644 cpp/misra/test/rules/DIR-5-7-2/SectionsOfCodeShouldNotBeCommentedOut.testref create mode 100644 cpp/misra/test/rules/RULE-11-3-2/DeclarationOfAnObjectIndirectionsLevel.testref create mode 100644 cpp/misra/test/rules/RULE-18-3-3/HandlersReferToNonStaticMembersFromTheirClass.testref create mode 100644 cpp/misra/test/rules/RULE-19-0-3/IncludeDirectivesPrecededByPreprocessorDirectives.testref create mode 100644 cpp/misra/test/rules/RULE-19-1-3/IdentifiersUsedInTheControllingExpressionOf.testref create mode 100644 cpp/misra/test/rules/RULE-19-2-3/CharsThatShouldNotOccurInHeaderFileName.testref create mode 100644 cpp/misra/test/rules/RULE-19-3-1/AndPreprocessorOperatorsShouldNotBeUsed.testref create mode 100644 cpp/misra/test/rules/RULE-19-3-5/TokensThatLookLikeDirectivesInAMacroArgument.testref create mode 100644 cpp/misra/test/rules/RULE-21-6-5/PointerToAnIncompleteClassTypeDeleted.testref create mode 100644 cpp/misra/test/rules/RULE-25-5-2/PointersReturnedByLocaleFunctionsMustBeUsedAsConst.testref create mode 100644 cpp/misra/test/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersMisra.testref create mode 100644 cpp/misra/test/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersWarnMisra.testref create mode 100644 cpp/misra/test/rules/RULE-28-6-3/ObjectUsedWhileInPotentiallyMovedFromState.testref create mode 100644 cpp/misra/test/rules/RULE-30-0-2/ReadsAndWritesOnStreamNotSeparatedByPositioning.testref create mode 100644 cpp/misra/test/rules/RULE-6-2-1/OneDefinitionRuleViolated.testref create mode 100644 cpp/misra/test/rules/RULE-6-4-1/VariableDeclaredInInnerScopeHidesOuterScope.testref create mode 100644 cpp/misra/test/rules/RULE-6-8-1/ObjectAccessedAfterLifetimeMisra.testref create mode 100644 cpp/misra/test/rules/RULE-6-8-1/ObjectAccessedBeforeLifetimeMisra.testref create mode 100644 cpp/misra/test/rules/RULE-8-2-3/CastRemovesConstOrVolatileFromPointerOrReference.testref create mode 100644 cpp/misra/test/rules/RULE-9-4-1/IfElseIfEndCondition.testref create mode 100644 cpp/misra/test/rules/RULE-9-6-3/GotoShallJumpToLabelDeclaredLaterInTheFunction.testref create mode 100644 cpp/misra/test/rules/RULE-9-6-4/FunctionDeclaredWithTheNoreturnAttributeReturn.testref create mode 100644 cpp/misra/test/rules/RULE-9-6-5/NonVoidFunctionShallReturnAValueOnAllPaths.testref create mode 100644 rule_packages/cpp/ImportMisra23.json diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/ImportMisra23.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/ImportMisra23.qll new file mode 100644 index 0000000000..b8fef48f1f --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/ImportMisra23.qll @@ -0,0 +1,1319 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype ImportMisra23Query = + TUserCopyAndMoveAssignmentShallHandleSelfAssignmentQuery() or + TSectionsOfCodeShouldNotBeCommentedOutQuery() or + TDeclarationShouldNotDeclareMoreThanOneVariableQuery() or + TEnumerationNotDefinedWithAnExplicitUnderlyingTypeQuery() or + TAsmDeclarationShallNotBeUsedQuery() or + TDeclarationOfAnObjectIndirectionsLevelQuery() or + TValueOfAnEnumerationConstantNotUniqueQuery() or + TBitFieldShallHaveAnAppropriateTypeQuery() or + TSignedIntegerBitFieldHaveALengthOfOneBitQuery() or + TVirtualAndNonVirtualBaseClassInHierarchyQuery() or + TDifferentDefaultArgsInOverridingVirtualFunctionQuery() or + TDeclarationsOrOverridesParamsAreUnnamedOrIdenticalQuery() or + TComparisonOfVirtualPointerOnlyBeWithNullptrQuery() or + TDynamicTypeUsedWithinConstructorOrDestructorQuery() or + TConstructorsShouldInitializeAllBaseClassesQuery() or + TInitializerListConstructorIsTheOnlyConstructorQuery() or + TAddressOfOperatorOverloadedQuery() or + TFunctionTemplatesExplicitlySpecializedQuery() or + TExceptionObjectHavePointerTypeQuery() or + TEmptyThrowShallOnlyOccurWithinACatchHandlerQuery() or + THandlersReferToNonStaticMembersFromTheirClassQuery() or + TNoexceptFunctionShouldNotPropagateAnExceptionQuery() or + TFunctionLikeMacrosDefinedQuery() or + TIncludeDirectivesPrecededByPreprocessorDirectivesQuery() or + TIdentifiersUsedInTheControllingExpressionOfQuery() or + TCharsThatShouldNotOccurInHeaderFileNameQuery() or + TAndPreprocessorOperatorsShouldNotBeUsedQuery() or + TMacroParameterFollowingAHashOperatorQuery() or + TArgumentToAMixedUseMacroShoulNotNeedExpansionQuery() or + TTokensThatLookLikeDirectivesInAMacroArgumentQuery() or + TFacilitiesProvidedByCsignalUsedQuery() or + TAtofAtoiAtolAndAtollFromCstdlibUsedQuery() or + TMacroOffsetShouldNotBeUsedQuery() or + TDefineBothSizedAndUnsizedVersionOfAGlobalOperatorQuery() or + TPointerToAnIncompleteClassTypeDeletedQuery() or + TPointersReturnedByLocaleFunctionsMustBeUsedAsConstQuery() or + TCallToSetlocaleInvalidatesOldPointersMisraQuery() or + TCallToSetlocaleInvalidatesOldPointersWarnMisraQuery() or + TVectorShouldNotBeSpecializedWithBoolQuery() or + TForwardingReferencesAndForwardNotUsedTogetherQuery() or + TObjectUsedWhileInPotentiallyMovedFromStateQuery() or + TCLibraryInputoutputFunctionsUsedQuery() or + TReadsAndWritesOnStreamNotSeparatedByPositioningQuery() or + TOperationsOnMemoryNotSequencedAppropriatelyQuery() or + TCharacterOnlyInEscapeSequenceOrUniversalCharNameQuery() or + TEscapeSequencesAndUniversalCharNamesNotTerminatedQuery() or + TOctalConstantsUsedQuery() or + TUnsignedIntegerLiteralsNotAppropriatelySuffixedQuery() or + TLowercaseLUsedAsFirstCharacterInLiteralSuffixQuery() or + TCharacterSequenceUsedWithinACStyleCommentQuery() or + TLineSplicingUsedInCommentsQuery() or + TGlobalDeclarationsOnlyMainNamespaceOrExternCQuery() or + TMainUsedOnlyForTheGlobalFunctionMainQuery() or + TOneDefinitionRuleViolatedQuery() or + TVariableDeclaredInInnerScopeHidesOuterScopeQuery() or + TDerivedClasseConcealFunctionInheritedFromTheBaseQuery() or + TNameInDependentBaseResolvedByUnqualifiedLookupQuery() or + TObjectAccessedBeforeLifetimeMisraQuery() or + TObjectAccessedAfterLifetimeMisraQuery() or + TMustNotReturnReferenceToLocalAutomaticVariableQuery() or + TNullptrNotTheOnlyFormOfTheNullPointerConstantQuery() or + TArrayPassedAsFunctionArgumentDecayToAPointerQuery() or + TResultOfAnAssignmentOperatorShouldNotBeUsedQuery() or + TCommaOperatorShouldNotBeUsedQuery() or + TFunctionsCallThemselvesEitherDirectlyOrIndirectlyQuery() or + TCastRemovesConstOrVolatileFromPointerOrReferenceQuery() or + TCastsBetweenAPointerToFunctionAndAnyOtherTypeQuery() or + TReinterpretCastShallNotBeUsedQuery() or + TUnsignedOperationWithConstantOperandsShouldNotWrapQuery() or + TBuiltInOperatorAppliedToUnsignedExpressionQuery() or + TBodyOfIterationOrSelectionStatementNotCompoundQuery() or + TIfElseIfEndConditionQuery() or + TGotoStatementShouldNotBeUsedQuery() or + TGotoShallReferenceALabelInSurroundingBlockQuery() or + TGotoShallJumpToLabelDeclaredLaterInTheFunctionQuery() or + TFunctionDeclaredWithTheNoreturnAttributeReturnQuery() or + TNonVoidFunctionShallReturnAValueOnAllPathsQuery() + +predicate isImportMisra23QueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `userCopyAndMoveAssignmentShallHandleSelfAssignment` query + ImportMisra23Package::userCopyAndMoveAssignmentShallHandleSelfAssignmentQuery() and + queryId = + // `@id` for the `userCopyAndMoveAssignmentShallHandleSelfAssignment` query + "cpp/misra/user-copy-and-move-assignment-shall-handle-self-assignment" and + ruleId = "DIR-15-8-1" and + category = "required" + or + query = + // `Query` instance for the `sectionsOfCodeShouldNotBeCommentedOut` query + ImportMisra23Package::sectionsOfCodeShouldNotBeCommentedOutQuery() and + queryId = + // `@id` for the `sectionsOfCodeShouldNotBeCommentedOut` query + "cpp/misra/sections-of-code-should-not-be-commented-out" and + ruleId = "DIR-5-7-2" and + category = "advisory" + or + query = + // `Query` instance for the `declarationShouldNotDeclareMoreThanOneVariable` query + ImportMisra23Package::declarationShouldNotDeclareMoreThanOneVariableQuery() and + queryId = + // `@id` for the `declarationShouldNotDeclareMoreThanOneVariable` query + "cpp/misra/declaration-should-not-declare-more-than-one-variable" and + ruleId = "RULE-10-0-1" and + category = "advisory" + or + query = + // `Query` instance for the `enumerationNotDefinedWithAnExplicitUnderlyingType` query + ImportMisra23Package::enumerationNotDefinedWithAnExplicitUnderlyingTypeQuery() and + queryId = + // `@id` for the `enumerationNotDefinedWithAnExplicitUnderlyingType` query + "cpp/misra/enumeration-not-defined-with-an-explicit-underlying-type" and + ruleId = "RULE-10-2-1" and + category = "required" + or + query = + // `Query` instance for the `asmDeclarationShallNotBeUsed` query + ImportMisra23Package::asmDeclarationShallNotBeUsedQuery() and + queryId = + // `@id` for the `asmDeclarationShallNotBeUsed` query + "cpp/misra/asm-declaration-shall-not-be-used" and + ruleId = "RULE-10-4-1" and + category = "required" + or + query = + // `Query` instance for the `declarationOfAnObjectIndirectionsLevel` query + ImportMisra23Package::declarationOfAnObjectIndirectionsLevelQuery() and + queryId = + // `@id` for the `declarationOfAnObjectIndirectionsLevel` query + "cpp/misra/declaration-of-an-object-indirections-level" and + ruleId = "RULE-11-3-2" and + category = "advisory" + or + query = + // `Query` instance for the `valueOfAnEnumerationConstantNotUnique` query + ImportMisra23Package::valueOfAnEnumerationConstantNotUniqueQuery() and + queryId = + // `@id` for the `valueOfAnEnumerationConstantNotUnique` query + "cpp/misra/value-of-an-enumeration-constant-not-unique" and + ruleId = "RULE-11-6-3" and + category = "required" + or + query = + // `Query` instance for the `bitFieldShallHaveAnAppropriateType` query + ImportMisra23Package::bitFieldShallHaveAnAppropriateTypeQuery() and + queryId = + // `@id` for the `bitFieldShallHaveAnAppropriateType` query + "cpp/misra/bit-field-shall-have-an-appropriate-type" and + ruleId = "RULE-12-2-2" and + category = "required" + or + query = + // `Query` instance for the `signedIntegerBitFieldHaveALengthOfOneBit` query + ImportMisra23Package::signedIntegerBitFieldHaveALengthOfOneBitQuery() and + queryId = + // `@id` for the `signedIntegerBitFieldHaveALengthOfOneBit` query + "cpp/misra/signed-integer-bit-field-have-a-length-of-one-bit" and + ruleId = "RULE-12-2-3" and + category = "required" + or + query = + // `Query` instance for the `virtualAndNonVirtualBaseClassInHierarchy` query + ImportMisra23Package::virtualAndNonVirtualBaseClassInHierarchyQuery() and + queryId = + // `@id` for the `virtualAndNonVirtualBaseClassInHierarchy` query + "cpp/misra/virtual-and-non-virtual-base-class-in-hierarchy" and + ruleId = "RULE-13-1-2" and + category = "required" + or + query = + // `Query` instance for the `differentDefaultArgsInOverridingVirtualFunction` query + ImportMisra23Package::differentDefaultArgsInOverridingVirtualFunctionQuery() and + queryId = + // `@id` for the `differentDefaultArgsInOverridingVirtualFunction` query + "cpp/misra/different-default-args-in-overriding-virtual-function" and + ruleId = "RULE-13-3-2" and + category = "required" + or + query = + // `Query` instance for the `declarationsOrOverridesParamsAreUnnamedOrIdentical` query + ImportMisra23Package::declarationsOrOverridesParamsAreUnnamedOrIdenticalQuery() and + queryId = + // `@id` for the `declarationsOrOverridesParamsAreUnnamedOrIdentical` query + "cpp/misra/declarations-or-overrides-params-are-unnamed-or-identical" and + ruleId = "RULE-13-3-3" and + category = "required" + or + query = + // `Query` instance for the `comparisonOfVirtualPointerOnlyBeWithNullptr` query + ImportMisra23Package::comparisonOfVirtualPointerOnlyBeWithNullptrQuery() and + queryId = + // `@id` for the `comparisonOfVirtualPointerOnlyBeWithNullptr` query + "cpp/misra/comparison-of-virtual-pointer-only-be-with-nullptr" and + ruleId = "RULE-13-3-4" and + category = "required" + or + query = + // `Query` instance for the `dynamicTypeUsedWithinConstructorOrDestructor` query + ImportMisra23Package::dynamicTypeUsedWithinConstructorOrDestructorQuery() and + queryId = + // `@id` for the `dynamicTypeUsedWithinConstructorOrDestructor` query + "cpp/misra/dynamic-type-used-within-constructor-or-destructor" and + ruleId = "RULE-15-1-1" and + category = "required" + or + query = + // `Query` instance for the `constructorsShouldInitializeAllBaseClasses` query + ImportMisra23Package::constructorsShouldInitializeAllBaseClassesQuery() and + queryId = + // `@id` for the `constructorsShouldInitializeAllBaseClasses` query + "cpp/misra/constructors-should-initialize-all-base-classes" and + ruleId = "RULE-15-1-2" and + category = "advisory" + or + query = + // `Query` instance for the `initializerListConstructorIsTheOnlyConstructor` query + ImportMisra23Package::initializerListConstructorIsTheOnlyConstructorQuery() and + queryId = + // `@id` for the `initializerListConstructorIsTheOnlyConstructor` query + "cpp/misra/initializer-list-constructor-is-the-only-constructor" and + ruleId = "RULE-15-1-5" and + category = "required" + or + query = + // `Query` instance for the `addressOfOperatorOverloaded` query + ImportMisra23Package::addressOfOperatorOverloadedQuery() and + queryId = + // `@id` for the `addressOfOperatorOverloaded` query + "cpp/misra/address-of-operator-overloaded" and + ruleId = "RULE-16-5-2" and + category = "required" + or + query = + // `Query` instance for the `functionTemplatesExplicitlySpecialized` query + ImportMisra23Package::functionTemplatesExplicitlySpecializedQuery() and + queryId = + // `@id` for the `functionTemplatesExplicitlySpecialized` query + "cpp/misra/function-templates-explicitly-specialized" and + ruleId = "RULE-17-8-1" and + category = "required" + or + query = + // `Query` instance for the `exceptionObjectHavePointerType` query + ImportMisra23Package::exceptionObjectHavePointerTypeQuery() and + queryId = + // `@id` for the `exceptionObjectHavePointerType` query + "cpp/misra/exception-object-have-pointer-type" and + ruleId = "RULE-18-1-1" and + category = "required" + or + query = + // `Query` instance for the `emptyThrowShallOnlyOccurWithinACatchHandler` query + ImportMisra23Package::emptyThrowShallOnlyOccurWithinACatchHandlerQuery() and + queryId = + // `@id` for the `emptyThrowShallOnlyOccurWithinACatchHandler` query + "cpp/misra/empty-throw-shall-only-occur-within-a-catch-handler" and + ruleId = "RULE-18-1-2" and + category = "required" + or + query = + // `Query` instance for the `handlersReferToNonStaticMembersFromTheirClass` query + ImportMisra23Package::handlersReferToNonStaticMembersFromTheirClassQuery() and + queryId = + // `@id` for the `handlersReferToNonStaticMembersFromTheirClass` query + "cpp/misra/handlers-refer-to-non-static-members-from-their-class" and + ruleId = "RULE-18-3-3" and + category = "required" + or + query = + // `Query` instance for the `noexceptFunctionShouldNotPropagateAnException` query + ImportMisra23Package::noexceptFunctionShouldNotPropagateAnExceptionQuery() and + queryId = + // `@id` for the `noexceptFunctionShouldNotPropagateAnException` query + "cpp/misra/noexcept-function-should-not-propagate-an-exception" and + ruleId = "RULE-18-5-1" and + category = "advisory" + or + query = + // `Query` instance for the `functionLikeMacrosDefined` query + ImportMisra23Package::functionLikeMacrosDefinedQuery() and + queryId = + // `@id` for the `functionLikeMacrosDefined` query + "cpp/misra/function-like-macros-defined" and + ruleId = "RULE-19-0-2" and + category = "required" + or + query = + // `Query` instance for the `includeDirectivesPrecededByPreprocessorDirectives` query + ImportMisra23Package::includeDirectivesPrecededByPreprocessorDirectivesQuery() and + queryId = + // `@id` for the `includeDirectivesPrecededByPreprocessorDirectives` query + "cpp/misra/include-directives-preceded-by-preprocessor-directives" and + ruleId = "RULE-19-0-3" and + category = "advisory" + or + query = + // `Query` instance for the `identifiersUsedInTheControllingExpressionOf` query + ImportMisra23Package::identifiersUsedInTheControllingExpressionOfQuery() and + queryId = + // `@id` for the `identifiersUsedInTheControllingExpressionOf` query + "cpp/misra/identifiers-used-in-the-controlling-expression-of" and + ruleId = "RULE-19-1-3" and + category = "required" + or + query = + // `Query` instance for the `charsThatShouldNotOccurInHeaderFileName` query + ImportMisra23Package::charsThatShouldNotOccurInHeaderFileNameQuery() and + queryId = + // `@id` for the `charsThatShouldNotOccurInHeaderFileName` query + "cpp/misra/chars-that-should-not-occur-in-header-file-name" and + ruleId = "RULE-19-2-3" and + category = "required" + or + query = + // `Query` instance for the `andPreprocessorOperatorsShouldNotBeUsed` query + ImportMisra23Package::andPreprocessorOperatorsShouldNotBeUsedQuery() and + queryId = + // `@id` for the `andPreprocessorOperatorsShouldNotBeUsed` query + "cpp/misra/and-preprocessor-operators-should-not-be-used" and + ruleId = "RULE-19-3-1" and + category = "advisory" + or + query = + // `Query` instance for the `macroParameterFollowingAHashOperator` query + ImportMisra23Package::macroParameterFollowingAHashOperatorQuery() and + queryId = + // `@id` for the `macroParameterFollowingAHashOperator` query + "cpp/misra/macro-parameter-following-a-hash-operator" and + ruleId = "RULE-19-3-2" and + category = "required" + or + query = + // `Query` instance for the `argumentToAMixedUseMacroShoulNotNeedExpansion` query + ImportMisra23Package::argumentToAMixedUseMacroShoulNotNeedExpansionQuery() and + queryId = + // `@id` for the `argumentToAMixedUseMacroShoulNotNeedExpansion` query + "cpp/misra/argument-to-a-mixed-use-macro-shoul-not-need-expansion" and + ruleId = "RULE-19-3-3" and + category = "required" + or + query = + // `Query` instance for the `tokensThatLookLikeDirectivesInAMacroArgument` query + ImportMisra23Package::tokensThatLookLikeDirectivesInAMacroArgumentQuery() and + queryId = + // `@id` for the `tokensThatLookLikeDirectivesInAMacroArgument` query + "cpp/misra/tokens-that-look-like-directives-in-a-macro-argument" and + ruleId = "RULE-19-3-5" and + category = "required" + or + query = + // `Query` instance for the `facilitiesProvidedByCsignalUsed` query + ImportMisra23Package::facilitiesProvidedByCsignalUsedQuery() and + queryId = + // `@id` for the `facilitiesProvidedByCsignalUsed` query + "cpp/misra/facilities-provided-by-csignal-used" and + ruleId = "RULE-21-10-3" and + category = "required" + or + query = + // `Query` instance for the `atofAtoiAtolAndAtollFromCstdlibUsed` query + ImportMisra23Package::atofAtoiAtolAndAtollFromCstdlibUsedQuery() and + queryId = + // `@id` for the `atofAtoiAtolAndAtollFromCstdlibUsed` query + "cpp/misra/atof-atoi-atol-and-atoll-from-cstdlib-used" and + ruleId = "RULE-21-2-1" and + category = "required" + or + query = + // `Query` instance for the `macroOffsetShouldNotBeUsed` query + ImportMisra23Package::macroOffsetShouldNotBeUsedQuery() and + queryId = + // `@id` for the `macroOffsetShouldNotBeUsed` query + "cpp/misra/macro-offset-should-not-be-used" and + ruleId = "RULE-21-2-4" and + category = "required" + or + query = + // `Query` instance for the `defineBothSizedAndUnsizedVersionOfAGlobalOperator` query + ImportMisra23Package::defineBothSizedAndUnsizedVersionOfAGlobalOperatorQuery() and + queryId = + // `@id` for the `defineBothSizedAndUnsizedVersionOfAGlobalOperator` query + "cpp/misra/define-both-sized-and-unsized-version-of-a-global-operator" and + ruleId = "RULE-21-6-4" and + category = "required" + or + query = + // `Query` instance for the `pointerToAnIncompleteClassTypeDeleted` query + ImportMisra23Package::pointerToAnIncompleteClassTypeDeletedQuery() and + queryId = + // `@id` for the `pointerToAnIncompleteClassTypeDeleted` query + "cpp/misra/pointer-to-an-incomplete-class-type-deleted" and + ruleId = "RULE-21-6-5" and + category = "required" + or + query = + // `Query` instance for the `pointersReturnedByLocaleFunctionsMustBeUsedAsConst` query + ImportMisra23Package::pointersReturnedByLocaleFunctionsMustBeUsedAsConstQuery() and + queryId = + // `@id` for the `pointersReturnedByLocaleFunctionsMustBeUsedAsConst` query + "cpp/misra/pointers-returned-by-locale-functions-must-be-used-as-const" and + ruleId = "RULE-25-5-2" and + category = "mandatory" + or + query = + // `Query` instance for the `callToSetlocaleInvalidatesOldPointersMisra` query + ImportMisra23Package::callToSetlocaleInvalidatesOldPointersMisraQuery() and + queryId = + // `@id` for the `callToSetlocaleInvalidatesOldPointersMisra` query + "cpp/misra/call-to-setlocale-invalidates-old-pointers-misra" and + ruleId = "RULE-25-5-3" and + category = "mandatory" + or + query = + // `Query` instance for the `callToSetlocaleInvalidatesOldPointersWarnMisra` query + ImportMisra23Package::callToSetlocaleInvalidatesOldPointersWarnMisraQuery() and + queryId = + // `@id` for the `callToSetlocaleInvalidatesOldPointersWarnMisra` query + "cpp/misra/call-to-setlocale-invalidates-old-pointers-warn-misra" and + ruleId = "RULE-25-5-3" and + category = "mandatory" + or + query = + // `Query` instance for the `vectorShouldNotBeSpecializedWithBool` query + ImportMisra23Package::vectorShouldNotBeSpecializedWithBoolQuery() and + queryId = + // `@id` for the `vectorShouldNotBeSpecializedWithBool` query + "cpp/misra/vector-should-not-be-specialized-with-bool" and + ruleId = "RULE-26-3-1" and + category = "advisory" + or + query = + // `Query` instance for the `forwardingReferencesAndForwardNotUsedTogether` query + ImportMisra23Package::forwardingReferencesAndForwardNotUsedTogetherQuery() and + queryId = + // `@id` for the `forwardingReferencesAndForwardNotUsedTogether` query + "cpp/misra/forwarding-references-and-forward-not-used-together" and + ruleId = "RULE-28-6-2" and + category = "required" + or + query = + // `Query` instance for the `objectUsedWhileInPotentiallyMovedFromState` query + ImportMisra23Package::objectUsedWhileInPotentiallyMovedFromStateQuery() and + queryId = + // `@id` for the `objectUsedWhileInPotentiallyMovedFromState` query + "cpp/misra/object-used-while-in-potentially-moved-from-state" and + ruleId = "RULE-28-6-3" and + category = "required" + or + query = + // `Query` instance for the `cLibraryInputoutputFunctionsUsed` query + ImportMisra23Package::cLibraryInputoutputFunctionsUsedQuery() and + queryId = + // `@id` for the `cLibraryInputoutputFunctionsUsed` query + "cpp/misra/c-library-inputoutput-functions-used" and + ruleId = "RULE-30-0-1" and + category = "required" + or + query = + // `Query` instance for the `readsAndWritesOnStreamNotSeparatedByPositioning` query + ImportMisra23Package::readsAndWritesOnStreamNotSeparatedByPositioningQuery() and + queryId = + // `@id` for the `readsAndWritesOnStreamNotSeparatedByPositioning` query + "cpp/misra/reads-and-writes-on-stream-not-separated-by-positioning" and + ruleId = "RULE-30-0-2" and + category = "required" + or + query = + // `Query` instance for the `operationsOnMemoryNotSequencedAppropriately` query + ImportMisra23Package::operationsOnMemoryNotSequencedAppropriatelyQuery() and + queryId = + // `@id` for the `operationsOnMemoryNotSequencedAppropriately` query + "cpp/misra/operations-on-memory-not-sequenced-appropriately" and + ruleId = "RULE-4-6-1" and + category = "required" + or + query = + // `Query` instance for the `characterOnlyInEscapeSequenceOrUniversalCharName` query + ImportMisra23Package::characterOnlyInEscapeSequenceOrUniversalCharNameQuery() and + queryId = + // `@id` for the `characterOnlyInEscapeSequenceOrUniversalCharName` query + "cpp/misra/character-only-in-escape-sequence-or-universal-char-name" and + ruleId = "RULE-5-13-1" and + category = "required" + or + query = + // `Query` instance for the `escapeSequencesAndUniversalCharNamesNotTerminated` query + ImportMisra23Package::escapeSequencesAndUniversalCharNamesNotTerminatedQuery() and + queryId = + // `@id` for the `escapeSequencesAndUniversalCharNamesNotTerminated` query + "cpp/misra/escape-sequences-and-universal-char-names-not-terminated" and + ruleId = "RULE-5-13-2" and + category = "required" + or + query = + // `Query` instance for the `octalConstantsUsed` query + ImportMisra23Package::octalConstantsUsedQuery() and + queryId = + // `@id` for the `octalConstantsUsed` query + "cpp/misra/octal-constants-used" and + ruleId = "RULE-5-13-3" and + category = "required" + or + query = + // `Query` instance for the `unsignedIntegerLiteralsNotAppropriatelySuffixed` query + ImportMisra23Package::unsignedIntegerLiteralsNotAppropriatelySuffixedQuery() and + queryId = + // `@id` for the `unsignedIntegerLiteralsNotAppropriatelySuffixed` query + "cpp/misra/unsigned-integer-literals-not-appropriately-suffixed" and + ruleId = "RULE-5-13-4" and + category = "required" + or + query = + // `Query` instance for the `lowercaseLUsedAsFirstCharacterInLiteralSuffix` query + ImportMisra23Package::lowercaseLUsedAsFirstCharacterInLiteralSuffixQuery() and + queryId = + // `@id` for the `lowercaseLUsedAsFirstCharacterInLiteralSuffix` query + "cpp/misra/lowercase-l-used-as-first-character-in-literal-suffix" and + ruleId = "RULE-5-13-5" and + category = "required" + or + query = + // `Query` instance for the `characterSequenceUsedWithinACStyleComment` query + ImportMisra23Package::characterSequenceUsedWithinACStyleCommentQuery() and + queryId = + // `@id` for the `characterSequenceUsedWithinACStyleComment` query + "cpp/misra/character-sequence-used-within-ac-style-comment" and + ruleId = "RULE-5-7-1" and + category = "required" + or + query = + // `Query` instance for the `lineSplicingUsedInComments` query + ImportMisra23Package::lineSplicingUsedInCommentsQuery() and + queryId = + // `@id` for the `lineSplicingUsedInComments` query + "cpp/misra/line-splicing-used-in-comments" and + ruleId = "RULE-5-7-3" and + category = "required" + or + query = + // `Query` instance for the `globalDeclarationsOnlyMainNamespaceOrExternC` query + ImportMisra23Package::globalDeclarationsOnlyMainNamespaceOrExternCQuery() and + queryId = + // `@id` for the `globalDeclarationsOnlyMainNamespaceOrExternC` query + "cpp/misra/global-declarations-only-main-namespace-or-extern-c" and + ruleId = "RULE-6-0-3" and + category = "advisory" + or + query = + // `Query` instance for the `mainUsedOnlyForTheGlobalFunctionMain` query + ImportMisra23Package::mainUsedOnlyForTheGlobalFunctionMainQuery() and + queryId = + // `@id` for the `mainUsedOnlyForTheGlobalFunctionMain` query + "cpp/misra/main-used-only-for-the-global-function-main" and + ruleId = "RULE-6-0-4" and + category = "required" + or + query = + // `Query` instance for the `oneDefinitionRuleViolated` query + ImportMisra23Package::oneDefinitionRuleViolatedQuery() and + queryId = + // `@id` for the `oneDefinitionRuleViolated` query + "cpp/misra/one-definition-rule-violated" and + ruleId = "RULE-6-2-1" and + category = "required" + or + query = + // `Query` instance for the `variableDeclaredInInnerScopeHidesOuterScope` query + ImportMisra23Package::variableDeclaredInInnerScopeHidesOuterScopeQuery() and + queryId = + // `@id` for the `variableDeclaredInInnerScopeHidesOuterScope` query + "cpp/misra/variable-declared-in-inner-scope-hides-outer-scope" and + ruleId = "RULE-6-4-1" and + category = "required" + or + query = + // `Query` instance for the `derivedClasseConcealFunctionInheritedFromTheBase` query + ImportMisra23Package::derivedClasseConcealFunctionInheritedFromTheBaseQuery() and + queryId = + // `@id` for the `derivedClasseConcealFunctionInheritedFromTheBase` query + "cpp/misra/derived-classe-conceal-function-inherited-from-the-base" and + ruleId = "RULE-6-4-2" and + category = "required" + or + query = + // `Query` instance for the `nameInDependentBaseResolvedByUnqualifiedLookup` query + ImportMisra23Package::nameInDependentBaseResolvedByUnqualifiedLookupQuery() and + queryId = + // `@id` for the `nameInDependentBaseResolvedByUnqualifiedLookup` query + "cpp/misra/name-in-dependent-base-resolved-by-unqualified-lookup" and + ruleId = "RULE-6-4-3" and + category = "required" + or + query = + // `Query` instance for the `objectAccessedBeforeLifetimeMisra` query + ImportMisra23Package::objectAccessedBeforeLifetimeMisraQuery() and + queryId = + // `@id` for the `objectAccessedBeforeLifetimeMisra` query + "cpp/misra/object-accessed-before-lifetime-misra" and + ruleId = "RULE-6-8-1" and + category = "required" + or + query = + // `Query` instance for the `objectAccessedAfterLifetimeMisra` query + ImportMisra23Package::objectAccessedAfterLifetimeMisraQuery() and + queryId = + // `@id` for the `objectAccessedAfterLifetimeMisra` query + "cpp/misra/object-accessed-after-lifetime-misra" and + ruleId = "RULE-6-8-1" and + category = "required" + or + query = + // `Query` instance for the `mustNotReturnReferenceToLocalAutomaticVariable` query + ImportMisra23Package::mustNotReturnReferenceToLocalAutomaticVariableQuery() and + queryId = + // `@id` for the `mustNotReturnReferenceToLocalAutomaticVariable` query + "cpp/misra/must-not-return-reference-to-local-automatic-variable" and + ruleId = "RULE-6-8-2" and + category = "mandatory" + or + query = + // `Query` instance for the `nullptrNotTheOnlyFormOfTheNullPointerConstant` query + ImportMisra23Package::nullptrNotTheOnlyFormOfTheNullPointerConstantQuery() and + queryId = + // `@id` for the `nullptrNotTheOnlyFormOfTheNullPointerConstant` query + "cpp/misra/nullptr-not-the-only-form-of-the-null-pointer-constant" and + ruleId = "RULE-7-11-1" and + category = "required" + or + query = + // `Query` instance for the `arrayPassedAsFunctionArgumentDecayToAPointer` query + ImportMisra23Package::arrayPassedAsFunctionArgumentDecayToAPointerQuery() and + queryId = + // `@id` for the `arrayPassedAsFunctionArgumentDecayToAPointer` query + "cpp/misra/array-passed-as-function-argument-decay-to-a-pointer" and + ruleId = "RULE-7-11-2" and + category = "required" + or + query = + // `Query` instance for the `resultOfAnAssignmentOperatorShouldNotBeUsed` query + ImportMisra23Package::resultOfAnAssignmentOperatorShouldNotBeUsedQuery() and + queryId = + // `@id` for the `resultOfAnAssignmentOperatorShouldNotBeUsed` query + "cpp/misra/result-of-an-assignment-operator-should-not-be-used" and + ruleId = "RULE-8-18-2" and + category = "advisory" + or + query = + // `Query` instance for the `commaOperatorShouldNotBeUsed` query + ImportMisra23Package::commaOperatorShouldNotBeUsedQuery() and + queryId = + // `@id` for the `commaOperatorShouldNotBeUsed` query + "cpp/misra/comma-operator-should-not-be-used" and + ruleId = "RULE-8-19-1" and + category = "advisory" + or + query = + // `Query` instance for the `functionsCallThemselvesEitherDirectlyOrIndirectly` query + ImportMisra23Package::functionsCallThemselvesEitherDirectlyOrIndirectlyQuery() and + queryId = + // `@id` for the `functionsCallThemselvesEitherDirectlyOrIndirectly` query + "cpp/misra/functions-call-themselves-either-directly-or-indirectly" and + ruleId = "RULE-8-2-10" and + category = "required" + or + query = + // `Query` instance for the `castRemovesConstOrVolatileFromPointerOrReference` query + ImportMisra23Package::castRemovesConstOrVolatileFromPointerOrReferenceQuery() and + queryId = + // `@id` for the `castRemovesConstOrVolatileFromPointerOrReference` query + "cpp/misra/cast-removes-const-or-volatile-from-pointer-or-reference" and + ruleId = "RULE-8-2-3" and + category = "required" + or + query = + // `Query` instance for the `castsBetweenAPointerToFunctionAndAnyOtherType` query + ImportMisra23Package::castsBetweenAPointerToFunctionAndAnyOtherTypeQuery() and + queryId = + // `@id` for the `castsBetweenAPointerToFunctionAndAnyOtherType` query + "cpp/misra/casts-between-a-pointer-to-function-and-any-other-type" and + ruleId = "RULE-8-2-4" and + category = "required" + or + query = + // `Query` instance for the `reinterpretCastShallNotBeUsed` query + ImportMisra23Package::reinterpretCastShallNotBeUsedQuery() and + queryId = + // `@id` for the `reinterpretCastShallNotBeUsed` query + "cpp/misra/reinterpret-cast-shall-not-be-used" and + ruleId = "RULE-8-2-5" and + category = "required" + or + query = + // `Query` instance for the `unsignedOperationWithConstantOperandsShouldNotWrap` query + ImportMisra23Package::unsignedOperationWithConstantOperandsShouldNotWrapQuery() and + queryId = + // `@id` for the `unsignedOperationWithConstantOperandsShouldNotWrap` query + "cpp/misra/unsigned-operation-with-constant-operands-should-not-wrap" and + ruleId = "RULE-8-20-1" and + category = "advisory" + or + query = + // `Query` instance for the `builtInOperatorAppliedToUnsignedExpression` query + ImportMisra23Package::builtInOperatorAppliedToUnsignedExpressionQuery() and + queryId = + // `@id` for the `builtInOperatorAppliedToUnsignedExpression` query + "cpp/misra/built-in-operator-applied-to-unsigned-expression" and + ruleId = "RULE-8-3-1" and + category = "advisory" + or + query = + // `Query` instance for the `bodyOfIterationOrSelectionStatementNotCompound` query + ImportMisra23Package::bodyOfIterationOrSelectionStatementNotCompoundQuery() and + queryId = + // `@id` for the `bodyOfIterationOrSelectionStatementNotCompound` query + "cpp/misra/body-of-iteration-or-selection-statement-not-compound" and + ruleId = "RULE-9-3-1" and + category = "required" + or + query = + // `Query` instance for the `ifElseIfEndCondition` query + ImportMisra23Package::ifElseIfEndConditionQuery() and + queryId = + // `@id` for the `ifElseIfEndCondition` query + "cpp/misra/if-else-if-end-condition" and + ruleId = "RULE-9-4-1" and + category = "required" + or + query = + // `Query` instance for the `gotoStatementShouldNotBeUsed` query + ImportMisra23Package::gotoStatementShouldNotBeUsedQuery() and + queryId = + // `@id` for the `gotoStatementShouldNotBeUsed` query + "cpp/misra/goto-statement-should-not-be-used" and + ruleId = "RULE-9-6-1" and + category = "advisory" + or + query = + // `Query` instance for the `gotoShallReferenceALabelInSurroundingBlock` query + ImportMisra23Package::gotoShallReferenceALabelInSurroundingBlockQuery() and + queryId = + // `@id` for the `gotoShallReferenceALabelInSurroundingBlock` query + "cpp/misra/goto-shall-reference-a-label-in-surrounding-block" and + ruleId = "RULE-9-6-2" and + category = "required" + or + query = + // `Query` instance for the `gotoShallJumpToLabelDeclaredLaterInTheFunction` query + ImportMisra23Package::gotoShallJumpToLabelDeclaredLaterInTheFunctionQuery() and + queryId = + // `@id` for the `gotoShallJumpToLabelDeclaredLaterInTheFunction` query + "cpp/misra/goto-shall-jump-to-label-declared-later-in-the-function" and + ruleId = "RULE-9-6-3" and + category = "required" + or + query = + // `Query` instance for the `functionDeclaredWithTheNoreturnAttributeReturn` query + ImportMisra23Package::functionDeclaredWithTheNoreturnAttributeReturnQuery() and + queryId = + // `@id` for the `functionDeclaredWithTheNoreturnAttributeReturn` query + "cpp/misra/function-declared-with-the-noreturn-attribute-return" and + ruleId = "RULE-9-6-4" and + category = "required" + or + query = + // `Query` instance for the `nonVoidFunctionShallReturnAValueOnAllPaths` query + ImportMisra23Package::nonVoidFunctionShallReturnAValueOnAllPathsQuery() and + queryId = + // `@id` for the `nonVoidFunctionShallReturnAValueOnAllPaths` query + "cpp/misra/non-void-function-shall-return-a-value-on-all-paths" and + ruleId = "RULE-9-6-5" and + category = "required" +} + +module ImportMisra23Package { + Query userCopyAndMoveAssignmentShallHandleSelfAssignmentQuery() { + //autogenerate `Query` type + result = + // `Query` type for `userCopyAndMoveAssignmentShallHandleSelfAssignment` query + TQueryCPP(TImportMisra23PackageQuery(TUserCopyAndMoveAssignmentShallHandleSelfAssignmentQuery())) + } + + Query sectionsOfCodeShouldNotBeCommentedOutQuery() { + //autogenerate `Query` type + result = + // `Query` type for `sectionsOfCodeShouldNotBeCommentedOut` query + TQueryCPP(TImportMisra23PackageQuery(TSectionsOfCodeShouldNotBeCommentedOutQuery())) + } + + Query declarationShouldNotDeclareMoreThanOneVariableQuery() { + //autogenerate `Query` type + result = + // `Query` type for `declarationShouldNotDeclareMoreThanOneVariable` query + TQueryCPP(TImportMisra23PackageQuery(TDeclarationShouldNotDeclareMoreThanOneVariableQuery())) + } + + Query enumerationNotDefinedWithAnExplicitUnderlyingTypeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `enumerationNotDefinedWithAnExplicitUnderlyingType` query + TQueryCPP(TImportMisra23PackageQuery(TEnumerationNotDefinedWithAnExplicitUnderlyingTypeQuery())) + } + + Query asmDeclarationShallNotBeUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `asmDeclarationShallNotBeUsed` query + TQueryCPP(TImportMisra23PackageQuery(TAsmDeclarationShallNotBeUsedQuery())) + } + + Query declarationOfAnObjectIndirectionsLevelQuery() { + //autogenerate `Query` type + result = + // `Query` type for `declarationOfAnObjectIndirectionsLevel` query + TQueryCPP(TImportMisra23PackageQuery(TDeclarationOfAnObjectIndirectionsLevelQuery())) + } + + Query valueOfAnEnumerationConstantNotUniqueQuery() { + //autogenerate `Query` type + result = + // `Query` type for `valueOfAnEnumerationConstantNotUnique` query + TQueryCPP(TImportMisra23PackageQuery(TValueOfAnEnumerationConstantNotUniqueQuery())) + } + + Query bitFieldShallHaveAnAppropriateTypeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `bitFieldShallHaveAnAppropriateType` query + TQueryCPP(TImportMisra23PackageQuery(TBitFieldShallHaveAnAppropriateTypeQuery())) + } + + Query signedIntegerBitFieldHaveALengthOfOneBitQuery() { + //autogenerate `Query` type + result = + // `Query` type for `signedIntegerBitFieldHaveALengthOfOneBit` query + TQueryCPP(TImportMisra23PackageQuery(TSignedIntegerBitFieldHaveALengthOfOneBitQuery())) + } + + Query virtualAndNonVirtualBaseClassInHierarchyQuery() { + //autogenerate `Query` type + result = + // `Query` type for `virtualAndNonVirtualBaseClassInHierarchy` query + TQueryCPP(TImportMisra23PackageQuery(TVirtualAndNonVirtualBaseClassInHierarchyQuery())) + } + + Query differentDefaultArgsInOverridingVirtualFunctionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `differentDefaultArgsInOverridingVirtualFunction` query + TQueryCPP(TImportMisra23PackageQuery(TDifferentDefaultArgsInOverridingVirtualFunctionQuery())) + } + + Query declarationsOrOverridesParamsAreUnnamedOrIdenticalQuery() { + //autogenerate `Query` type + result = + // `Query` type for `declarationsOrOverridesParamsAreUnnamedOrIdentical` query + TQueryCPP(TImportMisra23PackageQuery(TDeclarationsOrOverridesParamsAreUnnamedOrIdenticalQuery())) + } + + Query comparisonOfVirtualPointerOnlyBeWithNullptrQuery() { + //autogenerate `Query` type + result = + // `Query` type for `comparisonOfVirtualPointerOnlyBeWithNullptr` query + TQueryCPP(TImportMisra23PackageQuery(TComparisonOfVirtualPointerOnlyBeWithNullptrQuery())) + } + + Query dynamicTypeUsedWithinConstructorOrDestructorQuery() { + //autogenerate `Query` type + result = + // `Query` type for `dynamicTypeUsedWithinConstructorOrDestructor` query + TQueryCPP(TImportMisra23PackageQuery(TDynamicTypeUsedWithinConstructorOrDestructorQuery())) + } + + Query constructorsShouldInitializeAllBaseClassesQuery() { + //autogenerate `Query` type + result = + // `Query` type for `constructorsShouldInitializeAllBaseClasses` query + TQueryCPP(TImportMisra23PackageQuery(TConstructorsShouldInitializeAllBaseClassesQuery())) + } + + Query initializerListConstructorIsTheOnlyConstructorQuery() { + //autogenerate `Query` type + result = + // `Query` type for `initializerListConstructorIsTheOnlyConstructor` query + TQueryCPP(TImportMisra23PackageQuery(TInitializerListConstructorIsTheOnlyConstructorQuery())) + } + + Query addressOfOperatorOverloadedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `addressOfOperatorOverloaded` query + TQueryCPP(TImportMisra23PackageQuery(TAddressOfOperatorOverloadedQuery())) + } + + Query functionTemplatesExplicitlySpecializedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `functionTemplatesExplicitlySpecialized` query + TQueryCPP(TImportMisra23PackageQuery(TFunctionTemplatesExplicitlySpecializedQuery())) + } + + Query exceptionObjectHavePointerTypeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `exceptionObjectHavePointerType` query + TQueryCPP(TImportMisra23PackageQuery(TExceptionObjectHavePointerTypeQuery())) + } + + Query emptyThrowShallOnlyOccurWithinACatchHandlerQuery() { + //autogenerate `Query` type + result = + // `Query` type for `emptyThrowShallOnlyOccurWithinACatchHandler` query + TQueryCPP(TImportMisra23PackageQuery(TEmptyThrowShallOnlyOccurWithinACatchHandlerQuery())) + } + + Query handlersReferToNonStaticMembersFromTheirClassQuery() { + //autogenerate `Query` type + result = + // `Query` type for `handlersReferToNonStaticMembersFromTheirClass` query + TQueryCPP(TImportMisra23PackageQuery(THandlersReferToNonStaticMembersFromTheirClassQuery())) + } + + Query noexceptFunctionShouldNotPropagateAnExceptionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `noexceptFunctionShouldNotPropagateAnException` query + TQueryCPP(TImportMisra23PackageQuery(TNoexceptFunctionShouldNotPropagateAnExceptionQuery())) + } + + Query functionLikeMacrosDefinedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `functionLikeMacrosDefined` query + TQueryCPP(TImportMisra23PackageQuery(TFunctionLikeMacrosDefinedQuery())) + } + + Query includeDirectivesPrecededByPreprocessorDirectivesQuery() { + //autogenerate `Query` type + result = + // `Query` type for `includeDirectivesPrecededByPreprocessorDirectives` query + TQueryCPP(TImportMisra23PackageQuery(TIncludeDirectivesPrecededByPreprocessorDirectivesQuery())) + } + + Query identifiersUsedInTheControllingExpressionOfQuery() { + //autogenerate `Query` type + result = + // `Query` type for `identifiersUsedInTheControllingExpressionOf` query + TQueryCPP(TImportMisra23PackageQuery(TIdentifiersUsedInTheControllingExpressionOfQuery())) + } + + Query charsThatShouldNotOccurInHeaderFileNameQuery() { + //autogenerate `Query` type + result = + // `Query` type for `charsThatShouldNotOccurInHeaderFileName` query + TQueryCPP(TImportMisra23PackageQuery(TCharsThatShouldNotOccurInHeaderFileNameQuery())) + } + + Query andPreprocessorOperatorsShouldNotBeUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `andPreprocessorOperatorsShouldNotBeUsed` query + TQueryCPP(TImportMisra23PackageQuery(TAndPreprocessorOperatorsShouldNotBeUsedQuery())) + } + + Query macroParameterFollowingAHashOperatorQuery() { + //autogenerate `Query` type + result = + // `Query` type for `macroParameterFollowingAHashOperator` query + TQueryCPP(TImportMisra23PackageQuery(TMacroParameterFollowingAHashOperatorQuery())) + } + + Query argumentToAMixedUseMacroShoulNotNeedExpansionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `argumentToAMixedUseMacroShoulNotNeedExpansion` query + TQueryCPP(TImportMisra23PackageQuery(TArgumentToAMixedUseMacroShoulNotNeedExpansionQuery())) + } + + Query tokensThatLookLikeDirectivesInAMacroArgumentQuery() { + //autogenerate `Query` type + result = + // `Query` type for `tokensThatLookLikeDirectivesInAMacroArgument` query + TQueryCPP(TImportMisra23PackageQuery(TTokensThatLookLikeDirectivesInAMacroArgumentQuery())) + } + + Query facilitiesProvidedByCsignalUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `facilitiesProvidedByCsignalUsed` query + TQueryCPP(TImportMisra23PackageQuery(TFacilitiesProvidedByCsignalUsedQuery())) + } + + Query atofAtoiAtolAndAtollFromCstdlibUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `atofAtoiAtolAndAtollFromCstdlibUsed` query + TQueryCPP(TImportMisra23PackageQuery(TAtofAtoiAtolAndAtollFromCstdlibUsedQuery())) + } + + Query macroOffsetShouldNotBeUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `macroOffsetShouldNotBeUsed` query + TQueryCPP(TImportMisra23PackageQuery(TMacroOffsetShouldNotBeUsedQuery())) + } + + Query defineBothSizedAndUnsizedVersionOfAGlobalOperatorQuery() { + //autogenerate `Query` type + result = + // `Query` type for `defineBothSizedAndUnsizedVersionOfAGlobalOperator` query + TQueryCPP(TImportMisra23PackageQuery(TDefineBothSizedAndUnsizedVersionOfAGlobalOperatorQuery())) + } + + Query pointerToAnIncompleteClassTypeDeletedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `pointerToAnIncompleteClassTypeDeleted` query + TQueryCPP(TImportMisra23PackageQuery(TPointerToAnIncompleteClassTypeDeletedQuery())) + } + + Query pointersReturnedByLocaleFunctionsMustBeUsedAsConstQuery() { + //autogenerate `Query` type + result = + // `Query` type for `pointersReturnedByLocaleFunctionsMustBeUsedAsConst` query + TQueryCPP(TImportMisra23PackageQuery(TPointersReturnedByLocaleFunctionsMustBeUsedAsConstQuery())) + } + + Query callToSetlocaleInvalidatesOldPointersMisraQuery() { + //autogenerate `Query` type + result = + // `Query` type for `callToSetlocaleInvalidatesOldPointersMisra` query + TQueryCPP(TImportMisra23PackageQuery(TCallToSetlocaleInvalidatesOldPointersMisraQuery())) + } + + Query callToSetlocaleInvalidatesOldPointersWarnMisraQuery() { + //autogenerate `Query` type + result = + // `Query` type for `callToSetlocaleInvalidatesOldPointersWarnMisra` query + TQueryCPP(TImportMisra23PackageQuery(TCallToSetlocaleInvalidatesOldPointersWarnMisraQuery())) + } + + Query vectorShouldNotBeSpecializedWithBoolQuery() { + //autogenerate `Query` type + result = + // `Query` type for `vectorShouldNotBeSpecializedWithBool` query + TQueryCPP(TImportMisra23PackageQuery(TVectorShouldNotBeSpecializedWithBoolQuery())) + } + + Query forwardingReferencesAndForwardNotUsedTogetherQuery() { + //autogenerate `Query` type + result = + // `Query` type for `forwardingReferencesAndForwardNotUsedTogether` query + TQueryCPP(TImportMisra23PackageQuery(TForwardingReferencesAndForwardNotUsedTogetherQuery())) + } + + Query objectUsedWhileInPotentiallyMovedFromStateQuery() { + //autogenerate `Query` type + result = + // `Query` type for `objectUsedWhileInPotentiallyMovedFromState` query + TQueryCPP(TImportMisra23PackageQuery(TObjectUsedWhileInPotentiallyMovedFromStateQuery())) + } + + Query cLibraryInputoutputFunctionsUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `cLibraryInputoutputFunctionsUsed` query + TQueryCPP(TImportMisra23PackageQuery(TCLibraryInputoutputFunctionsUsedQuery())) + } + + Query readsAndWritesOnStreamNotSeparatedByPositioningQuery() { + //autogenerate `Query` type + result = + // `Query` type for `readsAndWritesOnStreamNotSeparatedByPositioning` query + TQueryCPP(TImportMisra23PackageQuery(TReadsAndWritesOnStreamNotSeparatedByPositioningQuery())) + } + + Query operationsOnMemoryNotSequencedAppropriatelyQuery() { + //autogenerate `Query` type + result = + // `Query` type for `operationsOnMemoryNotSequencedAppropriately` query + TQueryCPP(TImportMisra23PackageQuery(TOperationsOnMemoryNotSequencedAppropriatelyQuery())) + } + + Query characterOnlyInEscapeSequenceOrUniversalCharNameQuery() { + //autogenerate `Query` type + result = + // `Query` type for `characterOnlyInEscapeSequenceOrUniversalCharName` query + TQueryCPP(TImportMisra23PackageQuery(TCharacterOnlyInEscapeSequenceOrUniversalCharNameQuery())) + } + + Query escapeSequencesAndUniversalCharNamesNotTerminatedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `escapeSequencesAndUniversalCharNamesNotTerminated` query + TQueryCPP(TImportMisra23PackageQuery(TEscapeSequencesAndUniversalCharNamesNotTerminatedQuery())) + } + + Query octalConstantsUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `octalConstantsUsed` query + TQueryCPP(TImportMisra23PackageQuery(TOctalConstantsUsedQuery())) + } + + Query unsignedIntegerLiteralsNotAppropriatelySuffixedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `unsignedIntegerLiteralsNotAppropriatelySuffixed` query + TQueryCPP(TImportMisra23PackageQuery(TUnsignedIntegerLiteralsNotAppropriatelySuffixedQuery())) + } + + Query lowercaseLUsedAsFirstCharacterInLiteralSuffixQuery() { + //autogenerate `Query` type + result = + // `Query` type for `lowercaseLUsedAsFirstCharacterInLiteralSuffix` query + TQueryCPP(TImportMisra23PackageQuery(TLowercaseLUsedAsFirstCharacterInLiteralSuffixQuery())) + } + + Query characterSequenceUsedWithinACStyleCommentQuery() { + //autogenerate `Query` type + result = + // `Query` type for `characterSequenceUsedWithinACStyleComment` query + TQueryCPP(TImportMisra23PackageQuery(TCharacterSequenceUsedWithinACStyleCommentQuery())) + } + + Query lineSplicingUsedInCommentsQuery() { + //autogenerate `Query` type + result = + // `Query` type for `lineSplicingUsedInComments` query + TQueryCPP(TImportMisra23PackageQuery(TLineSplicingUsedInCommentsQuery())) + } + + Query globalDeclarationsOnlyMainNamespaceOrExternCQuery() { + //autogenerate `Query` type + result = + // `Query` type for `globalDeclarationsOnlyMainNamespaceOrExternC` query + TQueryCPP(TImportMisra23PackageQuery(TGlobalDeclarationsOnlyMainNamespaceOrExternCQuery())) + } + + Query mainUsedOnlyForTheGlobalFunctionMainQuery() { + //autogenerate `Query` type + result = + // `Query` type for `mainUsedOnlyForTheGlobalFunctionMain` query + TQueryCPP(TImportMisra23PackageQuery(TMainUsedOnlyForTheGlobalFunctionMainQuery())) + } + + Query oneDefinitionRuleViolatedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `oneDefinitionRuleViolated` query + TQueryCPP(TImportMisra23PackageQuery(TOneDefinitionRuleViolatedQuery())) + } + + Query variableDeclaredInInnerScopeHidesOuterScopeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `variableDeclaredInInnerScopeHidesOuterScope` query + TQueryCPP(TImportMisra23PackageQuery(TVariableDeclaredInInnerScopeHidesOuterScopeQuery())) + } + + Query derivedClasseConcealFunctionInheritedFromTheBaseQuery() { + //autogenerate `Query` type + result = + // `Query` type for `derivedClasseConcealFunctionInheritedFromTheBase` query + TQueryCPP(TImportMisra23PackageQuery(TDerivedClasseConcealFunctionInheritedFromTheBaseQuery())) + } + + Query nameInDependentBaseResolvedByUnqualifiedLookupQuery() { + //autogenerate `Query` type + result = + // `Query` type for `nameInDependentBaseResolvedByUnqualifiedLookup` query + TQueryCPP(TImportMisra23PackageQuery(TNameInDependentBaseResolvedByUnqualifiedLookupQuery())) + } + + Query objectAccessedBeforeLifetimeMisraQuery() { + //autogenerate `Query` type + result = + // `Query` type for `objectAccessedBeforeLifetimeMisra` query + TQueryCPP(TImportMisra23PackageQuery(TObjectAccessedBeforeLifetimeMisraQuery())) + } + + Query objectAccessedAfterLifetimeMisraQuery() { + //autogenerate `Query` type + result = + // `Query` type for `objectAccessedAfterLifetimeMisra` query + TQueryCPP(TImportMisra23PackageQuery(TObjectAccessedAfterLifetimeMisraQuery())) + } + + Query mustNotReturnReferenceToLocalAutomaticVariableQuery() { + //autogenerate `Query` type + result = + // `Query` type for `mustNotReturnReferenceToLocalAutomaticVariable` query + TQueryCPP(TImportMisra23PackageQuery(TMustNotReturnReferenceToLocalAutomaticVariableQuery())) + } + + Query nullptrNotTheOnlyFormOfTheNullPointerConstantQuery() { + //autogenerate `Query` type + result = + // `Query` type for `nullptrNotTheOnlyFormOfTheNullPointerConstant` query + TQueryCPP(TImportMisra23PackageQuery(TNullptrNotTheOnlyFormOfTheNullPointerConstantQuery())) + } + + Query arrayPassedAsFunctionArgumentDecayToAPointerQuery() { + //autogenerate `Query` type + result = + // `Query` type for `arrayPassedAsFunctionArgumentDecayToAPointer` query + TQueryCPP(TImportMisra23PackageQuery(TArrayPassedAsFunctionArgumentDecayToAPointerQuery())) + } + + Query resultOfAnAssignmentOperatorShouldNotBeUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `resultOfAnAssignmentOperatorShouldNotBeUsed` query + TQueryCPP(TImportMisra23PackageQuery(TResultOfAnAssignmentOperatorShouldNotBeUsedQuery())) + } + + Query commaOperatorShouldNotBeUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `commaOperatorShouldNotBeUsed` query + TQueryCPP(TImportMisra23PackageQuery(TCommaOperatorShouldNotBeUsedQuery())) + } + + Query functionsCallThemselvesEitherDirectlyOrIndirectlyQuery() { + //autogenerate `Query` type + result = + // `Query` type for `functionsCallThemselvesEitherDirectlyOrIndirectly` query + TQueryCPP(TImportMisra23PackageQuery(TFunctionsCallThemselvesEitherDirectlyOrIndirectlyQuery())) + } + + Query castRemovesConstOrVolatileFromPointerOrReferenceQuery() { + //autogenerate `Query` type + result = + // `Query` type for `castRemovesConstOrVolatileFromPointerOrReference` query + TQueryCPP(TImportMisra23PackageQuery(TCastRemovesConstOrVolatileFromPointerOrReferenceQuery())) + } + + Query castsBetweenAPointerToFunctionAndAnyOtherTypeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `castsBetweenAPointerToFunctionAndAnyOtherType` query + TQueryCPP(TImportMisra23PackageQuery(TCastsBetweenAPointerToFunctionAndAnyOtherTypeQuery())) + } + + Query reinterpretCastShallNotBeUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `reinterpretCastShallNotBeUsed` query + TQueryCPP(TImportMisra23PackageQuery(TReinterpretCastShallNotBeUsedQuery())) + } + + Query unsignedOperationWithConstantOperandsShouldNotWrapQuery() { + //autogenerate `Query` type + result = + // `Query` type for `unsignedOperationWithConstantOperandsShouldNotWrap` query + TQueryCPP(TImportMisra23PackageQuery(TUnsignedOperationWithConstantOperandsShouldNotWrapQuery())) + } + + Query builtInOperatorAppliedToUnsignedExpressionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `builtInOperatorAppliedToUnsignedExpression` query + TQueryCPP(TImportMisra23PackageQuery(TBuiltInOperatorAppliedToUnsignedExpressionQuery())) + } + + Query bodyOfIterationOrSelectionStatementNotCompoundQuery() { + //autogenerate `Query` type + result = + // `Query` type for `bodyOfIterationOrSelectionStatementNotCompound` query + TQueryCPP(TImportMisra23PackageQuery(TBodyOfIterationOrSelectionStatementNotCompoundQuery())) + } + + Query ifElseIfEndConditionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `ifElseIfEndCondition` query + TQueryCPP(TImportMisra23PackageQuery(TIfElseIfEndConditionQuery())) + } + + Query gotoStatementShouldNotBeUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `gotoStatementShouldNotBeUsed` query + TQueryCPP(TImportMisra23PackageQuery(TGotoStatementShouldNotBeUsedQuery())) + } + + Query gotoShallReferenceALabelInSurroundingBlockQuery() { + //autogenerate `Query` type + result = + // `Query` type for `gotoShallReferenceALabelInSurroundingBlock` query + TQueryCPP(TImportMisra23PackageQuery(TGotoShallReferenceALabelInSurroundingBlockQuery())) + } + + Query gotoShallJumpToLabelDeclaredLaterInTheFunctionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `gotoShallJumpToLabelDeclaredLaterInTheFunction` query + TQueryCPP(TImportMisra23PackageQuery(TGotoShallJumpToLabelDeclaredLaterInTheFunctionQuery())) + } + + Query functionDeclaredWithTheNoreturnAttributeReturnQuery() { + //autogenerate `Query` type + result = + // `Query` type for `functionDeclaredWithTheNoreturnAttributeReturn` query + TQueryCPP(TImportMisra23PackageQuery(TFunctionDeclaredWithTheNoreturnAttributeReturnQuery())) + } + + Query nonVoidFunctionShallReturnAValueOnAllPathsQuery() { + //autogenerate `Query` type + result = + // `Query` type for `nonVoidFunctionShallReturnAValueOnAllPaths` query + TQueryCPP(TImportMisra23PackageQuery(TNonVoidFunctionShallReturnAValueOnAllPathsQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/RuleMetadata.qll index 8dfbf9feaa..4a6cbe936b 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/RuleMetadata.qll @@ -21,6 +21,7 @@ import Expressions import Freed import Functions import IO +import ImportMisra23 import Includes import Inheritance import Initialization @@ -74,6 +75,7 @@ newtype TCPPQuery = TFreedPackageQuery(FreedQuery q) or TFunctionsPackageQuery(FunctionsQuery q) or TIOPackageQuery(IOQuery q) or + TImportMisra23PackageQuery(ImportMisra23Query q) or TIncludesPackageQuery(IncludesQuery q) or TInheritancePackageQuery(InheritanceQuery q) or TInitializationPackageQuery(InitializationQuery q) or @@ -127,6 +129,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isFreedQueryMetadata(query, queryId, ruleId, category) or isFunctionsQueryMetadata(query, queryId, ruleId, category) or isIOQueryMetadata(query, queryId, ruleId, category) or + isImportMisra23QueryMetadata(query, queryId, ruleId, category) or isIncludesQueryMetadata(query, queryId, ruleId, category) or isInheritanceQueryMetadata(query, queryId, ruleId, category) or isInitializationQueryMetadata(query, queryId, ruleId, category) or diff --git a/cpp/misra/src/rules/DIR-5-7-2/SectionsOfCodeShouldNotBeCommentedOut.ql b/cpp/misra/src/rules/DIR-5-7-2/SectionsOfCodeShouldNotBeCommentedOut.ql new file mode 100644 index 0000000000..75eb48ec67 --- /dev/null +++ b/cpp/misra/src/rules/DIR-5-7-2/SectionsOfCodeShouldNotBeCommentedOut.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/sections-of-code-should-not-be-commented-out + * @name DIR-5-7-2: Sections of code should not be “commented out” + * @description + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/dir-5-7-2 + * maintainability + * readability + * correctness + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.sectionsofcodeshallnotbecommentedout.SectionsOfCodeShallNotBeCommentedOut + +class SectionsOfCodeShouldNotBeCommentedOutQuery extends SectionsOfCodeShallNotBeCommentedOutSharedQuery { + SectionsOfCodeShouldNotBeCommentedOutQuery() { + this = ImportMisra23Package::sectionsOfCodeShouldNotBeCommentedOutQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-11-3-2/DeclarationOfAnObjectIndirectionsLevel.ql b/cpp/misra/src/rules/RULE-11-3-2/DeclarationOfAnObjectIndirectionsLevel.ql new file mode 100644 index 0000000000..21293a632f --- /dev/null +++ b/cpp/misra/src/rules/RULE-11-3-2/DeclarationOfAnObjectIndirectionsLevel.ql @@ -0,0 +1,24 @@ +/** + * @id cpp/misra/declaration-of-an-object-indirections-level + * @name RULE-11-3-2: The declaration of an object should contain no more than two levels of pointer indirection + * @description + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-11-3-2 + * readability + * maintainability + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.donotusemorethantwolevelsofpointerindirection.DoNotUseMoreThanTwoLevelsOfPointerIndirection + +class DeclarationOfAnObjectIndirectionsLevelQuery extends DoNotUseMoreThanTwoLevelsOfPointerIndirectionSharedQuery { + DeclarationOfAnObjectIndirectionsLevelQuery() { + this = ImportMisra23Package::declarationOfAnObjectIndirectionsLevelQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-18-3-3/HandlersReferToNonStaticMembersFromTheirClass.ql b/cpp/misra/src/rules/RULE-18-3-3/HandlersReferToNonStaticMembersFromTheirClass.ql new file mode 100644 index 0000000000..81a5038151 --- /dev/null +++ b/cpp/misra/src/rules/RULE-18-3-3/HandlersReferToNonStaticMembersFromTheirClass.ql @@ -0,0 +1,24 @@ +/** + * @id cpp/misra/handlers-refer-to-non-static-members-from-their-class + * @name RULE-18-3-3: Handlers for a function-try-block of a constructor or destructor shall not refer to non-static + * @description Handlers for a function-try-block of a constructor or destructor shall not refer to + * non-static members from their class or its bases + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-18-3-3 + * correctness + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.destroyedvaluereferencedindestructorcatchblock.DestroyedValueReferencedInDestructorCatchBlock + +class HandlersReferToNonStaticMembersFromTheirClassQuery extends DestroyedValueReferencedInDestructorCatchBlockSharedQuery { + HandlersReferToNonStaticMembersFromTheirClassQuery() { + this = ImportMisra23Package::handlersReferToNonStaticMembersFromTheirClassQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-19-0-3/IncludeDirectivesPrecededByPreprocessorDirectives.ql b/cpp/misra/src/rules/RULE-19-0-3/IncludeDirectivesPrecededByPreprocessorDirectives.ql new file mode 100644 index 0000000000..e392630616 --- /dev/null +++ b/cpp/misra/src/rules/RULE-19-0-3/IncludeDirectivesPrecededByPreprocessorDirectives.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/include-directives-preceded-by-preprocessor-directives + * @name RULE-19-0-3: #include directives should only be preceded by preprocessor directives or comments + * @description + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-19-0-3 + * readability + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.preprocessorincludespreceded.PreprocessorIncludesPreceded + +class IncludeDirectivesPrecededByPreprocessorDirectivesQuery extends PreprocessorIncludesPrecededSharedQuery { + IncludeDirectivesPrecededByPreprocessorDirectivesQuery() { + this = ImportMisra23Package::includeDirectivesPrecededByPreprocessorDirectivesQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-19-1-3/IdentifiersUsedInTheControllingExpressionOf.ql b/cpp/misra/src/rules/RULE-19-1-3/IdentifiersUsedInTheControllingExpressionOf.ql new file mode 100644 index 0000000000..13b604911b --- /dev/null +++ b/cpp/misra/src/rules/RULE-19-1-3/IdentifiersUsedInTheControllingExpressionOf.ql @@ -0,0 +1,25 @@ +/** + * @id cpp/misra/identifiers-used-in-the-controlling-expression-of + * @name RULE-19-1-3: All identifiers used in the controlling expression of #if or #elif preprocessing directives shall be + * @description All identifiers used in the controlling expression of #if or #elif preprocessing + * directives shall be defined prior to evaluation + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-19-1-3 + * correctness + * readability + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.undefinedmacroidentifiers.UndefinedMacroIdentifiers + +class IdentifiersUsedInTheControllingExpressionOfQuery extends UndefinedMacroIdentifiersSharedQuery { + IdentifiersUsedInTheControllingExpressionOfQuery() { + this = ImportMisra23Package::identifiersUsedInTheControllingExpressionOfQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-19-2-3/CharsThatShouldNotOccurInHeaderFileName.ql b/cpp/misra/src/rules/RULE-19-2-3/CharsThatShouldNotOccurInHeaderFileName.ql new file mode 100644 index 0000000000..20a4912a28 --- /dev/null +++ b/cpp/misra/src/rules/RULE-19-2-3/CharsThatShouldNotOccurInHeaderFileName.ql @@ -0,0 +1,24 @@ +/** + * @id cpp/misra/chars-that-should-not-occur-in-header-file-name + * @name RULE-19-2-3: The ' or " or \ characters and the /* or // character sequences shall not occur in a header file + * @description The ' or " or \ characters and the /* or // character sequences shall not occur in a + * header file name + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-19-2-3 + * scope/single-translation-unit + * correctness + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.preprocessorincludesforbiddenheadernames.PreprocessorIncludesForbiddenHeaderNames + +class CharsThatShouldNotOccurInHeaderFileNameQuery extends PreprocessorIncludesForbiddenHeaderNamesSharedQuery { + CharsThatShouldNotOccurInHeaderFileNameQuery() { + this = ImportMisra23Package::charsThatShouldNotOccurInHeaderFileNameQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-19-3-1/AndPreprocessorOperatorsShouldNotBeUsed.ql b/cpp/misra/src/rules/RULE-19-3-1/AndPreprocessorOperatorsShouldNotBeUsed.ql new file mode 100644 index 0000000000..9b6430475e --- /dev/null +++ b/cpp/misra/src/rules/RULE-19-3-1/AndPreprocessorOperatorsShouldNotBeUsed.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/and-preprocessor-operators-should-not-be-used + * @name RULE-19-3-1: The # and ## preprocessor operators should not be used + * @description + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-19-3-1 + * correctness + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.hashoperatorsused.HashOperatorsUsed + +class AndPreprocessorOperatorsShouldNotBeUsedQuery extends HashOperatorsUsedSharedQuery { + AndPreprocessorOperatorsShouldNotBeUsedQuery() { + this = ImportMisra23Package::andPreprocessorOperatorsShouldNotBeUsedQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-19-3-5/TokensThatLookLikeDirectivesInAMacroArgument.ql b/cpp/misra/src/rules/RULE-19-3-5/TokensThatLookLikeDirectivesInAMacroArgument.ql new file mode 100644 index 0000000000..3e553d0397 --- /dev/null +++ b/cpp/misra/src/rules/RULE-19-3-5/TokensThatLookLikeDirectivesInAMacroArgument.ql @@ -0,0 +1,24 @@ +/** + * @id cpp/misra/tokens-that-look-like-directives-in-a-macro-argument + * @name RULE-19-3-5: Tokens that look like a preprocessing directive shall not occur within a macro argument + * @description + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-19-3-5 + * readability + * correctness + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.preprocessingdirectivewithinmacroargument.PreprocessingDirectiveWithinMacroArgument + +class TokensThatLookLikeDirectivesInAMacroArgumentQuery extends PreprocessingDirectiveWithinMacroArgumentSharedQuery { + TokensThatLookLikeDirectivesInAMacroArgumentQuery() { + this = ImportMisra23Package::tokensThatLookLikeDirectivesInAMacroArgumentQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-21-6-5/PointerToAnIncompleteClassTypeDeleted.ql b/cpp/misra/src/rules/RULE-21-6-5/PointerToAnIncompleteClassTypeDeleted.ql new file mode 100644 index 0000000000..0d2de4deae --- /dev/null +++ b/cpp/misra/src/rules/RULE-21-6-5/PointerToAnIncompleteClassTypeDeleted.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/pointer-to-an-incomplete-class-type-deleted + * @name RULE-21-6-5: A pointer to an incomplete class type shall not be deleted + * @description + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-21-6-5 + * correctness + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.deleteofpointertoincompleteclass.DeleteOfPointerToIncompleteClass + +class PointerToAnIncompleteClassTypeDeletedQuery extends DeleteOfPointerToIncompleteClassSharedQuery { + PointerToAnIncompleteClassTypeDeletedQuery() { + this = ImportMisra23Package::pointerToAnIncompleteClassTypeDeletedQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-25-5-2/PointersReturnedByLocaleFunctionsMustBeUsedAsConst.ql b/cpp/misra/src/rules/RULE-25-5-2/PointersReturnedByLocaleFunctionsMustBeUsedAsConst.ql new file mode 100644 index 0000000000..8fbb7d4d42 --- /dev/null +++ b/cpp/misra/src/rules/RULE-25-5-2/PointersReturnedByLocaleFunctionsMustBeUsedAsConst.ql @@ -0,0 +1,26 @@ +/** + * @id cpp/misra/pointers-returned-by-locale-functions-must-be-used-as-const + * @name RULE-25-5-2: The pointers returned by environment functions should be treated as const + * @description The pointers returned by the C++ Standard Library functions localeconv, getenv, + * setlocale or strerror must only be used as if they have pointer to const-qualified + * type + * @kind path-problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-25-5-2 + * correctness + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/mandatory + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.constlikereturnvalue.ConstLikeReturnValue + +class PointersReturnedByLocaleFunctionsMustBeUsedAsConstQuery extends ConstLikeReturnValueSharedQuery +{ + PointersReturnedByLocaleFunctionsMustBeUsedAsConstQuery() { + this = ImportMisra23Package::pointersReturnedByLocaleFunctionsMustBeUsedAsConstQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersMisra.ql b/cpp/misra/src/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersMisra.ql new file mode 100644 index 0000000000..58edb5e60f --- /dev/null +++ b/cpp/misra/src/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersMisra.ql @@ -0,0 +1,25 @@ +/** + * @id cpp/misra/call-to-setlocale-invalidates-old-pointers-misra + * @name RULE-25-5-3: The pointer returned by the Standard Library env functions is invalid + * @description The pointer returned by the Standard Library functions asctime, ctime, gmtime, + * localtime, localeconv, getenv, setlocale or strerror may be invalid following a + * subsequent call to the same function. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-25-5-3 + * correctness + * scope/system + * external/misra/enforcement/undecidable + * external/misra/obligation/mandatory + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.invalidatedenvstringpointers.InvalidatedEnvStringPointers + +class CallToSetlocaleInvalidatesOldPointersMisraQuery extends InvalidatedEnvStringPointersSharedQuery { + CallToSetlocaleInvalidatesOldPointersMisraQuery() { + this = ImportMisra23Package::callToSetlocaleInvalidatesOldPointersMisraQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersWarnMisra.ql b/cpp/misra/src/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersWarnMisra.ql new file mode 100644 index 0000000000..2b4b08bd98 --- /dev/null +++ b/cpp/misra/src/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersWarnMisra.ql @@ -0,0 +1,25 @@ +/** + * @id cpp/misra/call-to-setlocale-invalidates-old-pointers-warn-misra + * @name RULE-25-5-3: The pointer returned by the Standard Library env functions is invalid warning + * @description The pointer returned by the Standard Library functions asctime, ctime, gmtime, + * localtime, localeconv, getenv, setlocale or strerror may be invalid following a + * subsequent call to the same function. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/misra/id/rule-25-5-3 + * correctness + * scope/system + * external/misra/enforcement/undecidable + * external/misra/obligation/mandatory + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.invalidatedenvstringpointerswarn.InvalidatedEnvStringPointersWarn + +class CallToSetlocaleInvalidatesOldPointersWarnMisraQuery extends InvalidatedEnvStringPointersWarnSharedQuery { + CallToSetlocaleInvalidatesOldPointersWarnMisraQuery() { + this = ImportMisra23Package::callToSetlocaleInvalidatesOldPointersWarnMisraQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-28-6-3/ObjectUsedWhileInPotentiallyMovedFromState.ql b/cpp/misra/src/rules/RULE-28-6-3/ObjectUsedWhileInPotentiallyMovedFromState.ql new file mode 100644 index 0000000000..416daa9c07 --- /dev/null +++ b/cpp/misra/src/rules/RULE-28-6-3/ObjectUsedWhileInPotentiallyMovedFromState.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/object-used-while-in-potentially-moved-from-state + * @name RULE-28-6-3: An object shall not be used while in a potentially moved-from state + * @description + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-28-6-3 + * correctness + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.movedfromobjectsunspecifiedstate.MovedFromObjectsUnspecifiedState + +class ObjectUsedWhileInPotentiallyMovedFromStateQuery extends MovedFromObjectsUnspecifiedStateSharedQuery { + ObjectUsedWhileInPotentiallyMovedFromStateQuery() { + this = ImportMisra23Package::objectUsedWhileInPotentiallyMovedFromStateQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-30-0-2/ReadsAndWritesOnStreamNotSeparatedByPositioning.ql b/cpp/misra/src/rules/RULE-30-0-2/ReadsAndWritesOnStreamNotSeparatedByPositioning.ql new file mode 100644 index 0000000000..a209347915 --- /dev/null +++ b/cpp/misra/src/rules/RULE-30-0-2/ReadsAndWritesOnStreamNotSeparatedByPositioning.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/reads-and-writes-on-stream-not-separated-by-positioning + * @name RULE-30-0-2: Reads and writes on the same file stream shall be separated by a positioning operation + * @description + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-30-0-2 + * correctness + * scope/system + * external/misra/enforcement/undecidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.iofstreammissingpositioning.IOFstreamMissingPositioning + +class ReadsAndWritesOnStreamNotSeparatedByPositioningQuery extends IOFstreamMissingPositioningSharedQuery { + ReadsAndWritesOnStreamNotSeparatedByPositioningQuery() { + this = ImportMisra23Package::readsAndWritesOnStreamNotSeparatedByPositioningQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-6-2-1/OneDefinitionRuleViolated.ql b/cpp/misra/src/rules/RULE-6-2-1/OneDefinitionRuleViolated.ql new file mode 100644 index 0000000000..b682c354a5 --- /dev/null +++ b/cpp/misra/src/rules/RULE-6-2-1/OneDefinitionRuleViolated.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/one-definition-rule-violated + * @name RULE-6-2-1: The one-definition rule shall not be violated + * @description + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-6-2-1 + * correctness + * scope/system + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.onedefinitionruleviolation.OneDefinitionRuleViolation + +class OneDefinitionRuleViolatedQuery extends OneDefinitionRuleViolationSharedQuery { + OneDefinitionRuleViolatedQuery() { + this = ImportMisra23Package::oneDefinitionRuleViolatedQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-6-4-1/VariableDeclaredInInnerScopeHidesOuterScope.ql b/cpp/misra/src/rules/RULE-6-4-1/VariableDeclaredInInnerScopeHidesOuterScope.ql new file mode 100644 index 0000000000..1813ebc77a --- /dev/null +++ b/cpp/misra/src/rules/RULE-6-4-1/VariableDeclaredInInnerScopeHidesOuterScope.ql @@ -0,0 +1,24 @@ +/** + * @id cpp/misra/variable-declared-in-inner-scope-hides-outer-scope + * @name RULE-6-4-1: A variable declared in an inner scope shall not hide a variable declared in an outer scope + * @description + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-6-4-1 + * readability + * maintainability + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.identifierhidden.IdentifierHidden + +class VariableDeclaredInInnerScopeHidesOuterScopeQuery extends IdentifierHiddenSharedQuery { + VariableDeclaredInInnerScopeHidesOuterScopeQuery() { + this = ImportMisra23Package::variableDeclaredInInnerScopeHidesOuterScopeQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-6-8-1/ObjectAccessedAfterLifetimeMisra.ql b/cpp/misra/src/rules/RULE-6-8-1/ObjectAccessedAfterLifetimeMisra.ql new file mode 100644 index 0000000000..77483fdedb --- /dev/null +++ b/cpp/misra/src/rules/RULE-6-8-1/ObjectAccessedAfterLifetimeMisra.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/object-accessed-after-lifetime-misra + * @name RULE-6-8-1: Access of object after lifetime (use-after-free) + * @description Accessing an object after its lifetime results in undefined behavior. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/misra/id/rule-6-8-1 + * correctness + * security + * external/misra/enforcement/undecidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.objectaccessedafterlifetime.ObjectAccessedAfterLifetime + +class ObjectAccessedAfterLifetimeMisraQuery extends ObjectAccessedAfterLifetimeSharedQuery { + ObjectAccessedAfterLifetimeMisraQuery() { + this = ImportMisra23Package::objectAccessedAfterLifetimeMisraQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-6-8-1/ObjectAccessedBeforeLifetimeMisra.ql b/cpp/misra/src/rules/RULE-6-8-1/ObjectAccessedBeforeLifetimeMisra.ql new file mode 100644 index 0000000000..e0e82f2396 --- /dev/null +++ b/cpp/misra/src/rules/RULE-6-8-1/ObjectAccessedBeforeLifetimeMisra.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/object-accessed-before-lifetime-misra + * @name RULE-6-8-1: Access of uninitialized object + * @description Accessing an object before its lifetime can result in undefined behavior. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/misra/id/rule-6-8-1 + * correctness + * security + * external/misra/enforcement/undecidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.objectaccessedbeforelifetime.ObjectAccessedBeforeLifetime + +class ObjectAccessedBeforeLifetimeMisraQuery extends ObjectAccessedBeforeLifetimeSharedQuery { + ObjectAccessedBeforeLifetimeMisraQuery() { + this = ImportMisra23Package::objectAccessedBeforeLifetimeMisraQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-8-2-3/CastRemovesConstOrVolatileFromPointerOrReference.ql b/cpp/misra/src/rules/RULE-8-2-3/CastRemovesConstOrVolatileFromPointerOrReference.ql new file mode 100644 index 0000000000..0c2e56b5bd --- /dev/null +++ b/cpp/misra/src/rules/RULE-8-2-3/CastRemovesConstOrVolatileFromPointerOrReference.ql @@ -0,0 +1,24 @@ +/** + * @id cpp/misra/cast-removes-const-or-volatile-from-pointer-or-reference + * @name RULE-8-2-3: A cast shall not remove any const or volatile qualification from the type accessed via a pointer or + * @description A cast shall not remove any const or volatile qualification from the type accessed + * via a pointer or by reference + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-8-2-3 + * correctness + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.removeconstorvolatilequalification.RemoveConstOrVolatileQualification + +class CastRemovesConstOrVolatileFromPointerOrReferenceQuery extends RemoveConstOrVolatileQualificationSharedQuery { + CastRemovesConstOrVolatileFromPointerOrReferenceQuery() { + this = ImportMisra23Package::castRemovesConstOrVolatileFromPointerOrReferenceQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-9-4-1/IfElseIfEndCondition.ql b/cpp/misra/src/rules/RULE-9-4-1/IfElseIfEndCondition.ql new file mode 100644 index 0000000000..2345e3f25f --- /dev/null +++ b/cpp/misra/src/rules/RULE-9-4-1/IfElseIfEndCondition.ql @@ -0,0 +1,24 @@ +/** + * @id cpp/misra/if-else-if-end-condition + * @name RULE-9-4-1: All if + * @description All if ... else if constructs shall be terminated with an else statement + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-9-4-1 + * readability + * maintainability + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.ifelseterminationconstruct.IfElseTerminationConstruct + +class IfElseIfEndConditionQuery extends IfElseTerminationConstructSharedQuery { + IfElseIfEndConditionQuery() { + this = ImportMisra23Package::ifElseIfEndConditionQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-9-6-3/GotoShallJumpToLabelDeclaredLaterInTheFunction.ql b/cpp/misra/src/rules/RULE-9-6-3/GotoShallJumpToLabelDeclaredLaterInTheFunction.ql new file mode 100644 index 0000000000..c0e5e0fe83 --- /dev/null +++ b/cpp/misra/src/rules/RULE-9-6-3/GotoShallJumpToLabelDeclaredLaterInTheFunction.ql @@ -0,0 +1,24 @@ +/** + * @id cpp/misra/goto-shall-jump-to-label-declared-later-in-the-function + * @name RULE-9-6-3: The goto statement shall jump to a label declared later in the function body + * @description + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-9-6-3 + * maintainability + * readability + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.gotostatementcondition.GotoStatementCondition + +class GotoShallJumpToLabelDeclaredLaterInTheFunctionQuery extends GotoStatementConditionSharedQuery { + GotoShallJumpToLabelDeclaredLaterInTheFunctionQuery() { + this = ImportMisra23Package::gotoShallJumpToLabelDeclaredLaterInTheFunctionQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-9-6-4/FunctionDeclaredWithTheNoreturnAttributeReturn.ql b/cpp/misra/src/rules/RULE-9-6-4/FunctionDeclaredWithTheNoreturnAttributeReturn.ql new file mode 100644 index 0000000000..23221348c0 --- /dev/null +++ b/cpp/misra/src/rules/RULE-9-6-4/FunctionDeclaredWithTheNoreturnAttributeReturn.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/function-declared-with-the-noreturn-attribute-return + * @name RULE-9-6-4: A function declared with the [[noreturn]] attribute shall not return + * @description + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-9-6-4 + * correctness + * scope/system + * external/misra/enforcement/undecidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.functionnoreturnattributecondition.FunctionNoReturnAttributeCondition + +class FunctionDeclaredWithTheNoreturnAttributeReturnQuery extends FunctionNoReturnAttributeConditionSharedQuery { + FunctionDeclaredWithTheNoreturnAttributeReturnQuery() { + this = ImportMisra23Package::functionDeclaredWithTheNoreturnAttributeReturnQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-9-6-5/NonVoidFunctionShallReturnAValueOnAllPaths.ql b/cpp/misra/src/rules/RULE-9-6-5/NonVoidFunctionShallReturnAValueOnAllPaths.ql new file mode 100644 index 0000000000..74802bcee9 --- /dev/null +++ b/cpp/misra/src/rules/RULE-9-6-5/NonVoidFunctionShallReturnAValueOnAllPaths.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/non-void-function-shall-return-a-value-on-all-paths + * @name RULE-9-6-5: A function with non-void return type shall return a value on all paths + * @description + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-9-6-5 + * correctness + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.nonvoidfunctiondoesnotreturn.NonVoidFunctionDoesNotReturn + +class NonVoidFunctionShallReturnAValueOnAllPathsQuery extends NonVoidFunctionDoesNotReturnSharedQuery { + NonVoidFunctionShallReturnAValueOnAllPathsQuery() { + this = ImportMisra23Package::nonVoidFunctionShallReturnAValueOnAllPathsQuery() + } +} diff --git a/cpp/misra/test/rules/DIR-5-7-2/SectionsOfCodeShouldNotBeCommentedOut.testref b/cpp/misra/test/rules/DIR-5-7-2/SectionsOfCodeShouldNotBeCommentedOut.testref new file mode 100644 index 0000000000..303a38a19b --- /dev/null +++ b/cpp/misra/test/rules/DIR-5-7-2/SectionsOfCodeShouldNotBeCommentedOut.testref @@ -0,0 +1 @@ +cpp/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-11-3-2/DeclarationOfAnObjectIndirectionsLevel.testref b/cpp/misra/test/rules/RULE-11-3-2/DeclarationOfAnObjectIndirectionsLevel.testref new file mode 100644 index 0000000000..3b46dca736 --- /dev/null +++ b/cpp/misra/test/rules/RULE-11-3-2/DeclarationOfAnObjectIndirectionsLevel.testref @@ -0,0 +1 @@ +cpp/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-18-3-3/HandlersReferToNonStaticMembersFromTheirClass.testref b/cpp/misra/test/rules/RULE-18-3-3/HandlersReferToNonStaticMembersFromTheirClass.testref new file mode 100644 index 0000000000..7d4f5826b0 --- /dev/null +++ b/cpp/misra/test/rules/RULE-18-3-3/HandlersReferToNonStaticMembersFromTheirClass.testref @@ -0,0 +1 @@ +cpp/common/test/rules/destroyedvaluereferencedindestructorcatchblock/DestroyedValueReferencedInDestructorCatchBlock.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-19-0-3/IncludeDirectivesPrecededByPreprocessorDirectives.testref b/cpp/misra/test/rules/RULE-19-0-3/IncludeDirectivesPrecededByPreprocessorDirectives.testref new file mode 100644 index 0000000000..7992898cfc --- /dev/null +++ b/cpp/misra/test/rules/RULE-19-0-3/IncludeDirectivesPrecededByPreprocessorDirectives.testref @@ -0,0 +1 @@ +cpp/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-19-1-3/IdentifiersUsedInTheControllingExpressionOf.testref b/cpp/misra/test/rules/RULE-19-1-3/IdentifiersUsedInTheControllingExpressionOf.testref new file mode 100644 index 0000000000..73eb246867 --- /dev/null +++ b/cpp/misra/test/rules/RULE-19-1-3/IdentifiersUsedInTheControllingExpressionOf.testref @@ -0,0 +1 @@ +cpp/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-19-2-3/CharsThatShouldNotOccurInHeaderFileName.testref b/cpp/misra/test/rules/RULE-19-2-3/CharsThatShouldNotOccurInHeaderFileName.testref new file mode 100644 index 0000000000..6be2f4f7ba --- /dev/null +++ b/cpp/misra/test/rules/RULE-19-2-3/CharsThatShouldNotOccurInHeaderFileName.testref @@ -0,0 +1 @@ +cpp/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-19-3-1/AndPreprocessorOperatorsShouldNotBeUsed.testref b/cpp/misra/test/rules/RULE-19-3-1/AndPreprocessorOperatorsShouldNotBeUsed.testref new file mode 100644 index 0000000000..eec0b94b11 --- /dev/null +++ b/cpp/misra/test/rules/RULE-19-3-1/AndPreprocessorOperatorsShouldNotBeUsed.testref @@ -0,0 +1 @@ +cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-19-3-5/TokensThatLookLikeDirectivesInAMacroArgument.testref b/cpp/misra/test/rules/RULE-19-3-5/TokensThatLookLikeDirectivesInAMacroArgument.testref new file mode 100644 index 0000000000..1e15c636ee --- /dev/null +++ b/cpp/misra/test/rules/RULE-19-3-5/TokensThatLookLikeDirectivesInAMacroArgument.testref @@ -0,0 +1 @@ +cpp/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-21-6-5/PointerToAnIncompleteClassTypeDeleted.testref b/cpp/misra/test/rules/RULE-21-6-5/PointerToAnIncompleteClassTypeDeleted.testref new file mode 100644 index 0000000000..3f4895b1c4 --- /dev/null +++ b/cpp/misra/test/rules/RULE-21-6-5/PointerToAnIncompleteClassTypeDeleted.testref @@ -0,0 +1 @@ +cpp/common/test/rules/deleteofpointertoincompleteclass/DeleteOfPointerToIncompleteClass.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-25-5-2/PointersReturnedByLocaleFunctionsMustBeUsedAsConst.testref b/cpp/misra/test/rules/RULE-25-5-2/PointersReturnedByLocaleFunctionsMustBeUsedAsConst.testref new file mode 100644 index 0000000000..febf2e9d50 --- /dev/null +++ b/cpp/misra/test/rules/RULE-25-5-2/PointersReturnedByLocaleFunctionsMustBeUsedAsConst.testref @@ -0,0 +1 @@ +cpp/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersMisra.testref b/cpp/misra/test/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersMisra.testref new file mode 100644 index 0000000000..74cb92bd88 --- /dev/null +++ b/cpp/misra/test/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersMisra.testref @@ -0,0 +1 @@ +cpp/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersWarnMisra.testref b/cpp/misra/test/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersWarnMisra.testref new file mode 100644 index 0000000000..1628a12aa9 --- /dev/null +++ b/cpp/misra/test/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersWarnMisra.testref @@ -0,0 +1 @@ +cpp/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-28-6-3/ObjectUsedWhileInPotentiallyMovedFromState.testref b/cpp/misra/test/rules/RULE-28-6-3/ObjectUsedWhileInPotentiallyMovedFromState.testref new file mode 100644 index 0000000000..5ae8b65a71 --- /dev/null +++ b/cpp/misra/test/rules/RULE-28-6-3/ObjectUsedWhileInPotentiallyMovedFromState.testref @@ -0,0 +1 @@ +cpp/common/test/rules/movedfromobjectsunspecifiedstate/MovedFromObjectsUnspecifiedState.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-30-0-2/ReadsAndWritesOnStreamNotSeparatedByPositioning.testref b/cpp/misra/test/rules/RULE-30-0-2/ReadsAndWritesOnStreamNotSeparatedByPositioning.testref new file mode 100644 index 0000000000..0a8adf7272 --- /dev/null +++ b/cpp/misra/test/rules/RULE-30-0-2/ReadsAndWritesOnStreamNotSeparatedByPositioning.testref @@ -0,0 +1 @@ +cpp/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-6-2-1/OneDefinitionRuleViolated.testref b/cpp/misra/test/rules/RULE-6-2-1/OneDefinitionRuleViolated.testref new file mode 100644 index 0000000000..b51950abaa --- /dev/null +++ b/cpp/misra/test/rules/RULE-6-2-1/OneDefinitionRuleViolated.testref @@ -0,0 +1 @@ +cpp/common/test/rules/onedefinitionruleviolation/OneDefinitionRuleViolation.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-6-4-1/VariableDeclaredInInnerScopeHidesOuterScope.testref b/cpp/misra/test/rules/RULE-6-4-1/VariableDeclaredInInnerScopeHidesOuterScope.testref new file mode 100644 index 0000000000..2f41afee3b --- /dev/null +++ b/cpp/misra/test/rules/RULE-6-4-1/VariableDeclaredInInnerScopeHidesOuterScope.testref @@ -0,0 +1 @@ +cpp/common/test/rules/identifierhidden/IdentifierHidden.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-6-8-1/ObjectAccessedAfterLifetimeMisra.testref b/cpp/misra/test/rules/RULE-6-8-1/ObjectAccessedAfterLifetimeMisra.testref new file mode 100644 index 0000000000..979e12ac8c --- /dev/null +++ b/cpp/misra/test/rules/RULE-6-8-1/ObjectAccessedAfterLifetimeMisra.testref @@ -0,0 +1 @@ +cpp/common/test/rules/objectaccessedafterlifetime/ObjectAccessedAfterLifetime.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-6-8-1/ObjectAccessedBeforeLifetimeMisra.testref b/cpp/misra/test/rules/RULE-6-8-1/ObjectAccessedBeforeLifetimeMisra.testref new file mode 100644 index 0000000000..3f22c45632 --- /dev/null +++ b/cpp/misra/test/rules/RULE-6-8-1/ObjectAccessedBeforeLifetimeMisra.testref @@ -0,0 +1 @@ +cpp/common/test/rules/objectaccessedbeforelifetime/ObjectAccessedBeforeLifetime.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-8-2-3/CastRemovesConstOrVolatileFromPointerOrReference.testref b/cpp/misra/test/rules/RULE-8-2-3/CastRemovesConstOrVolatileFromPointerOrReference.testref new file mode 100644 index 0000000000..000469493a --- /dev/null +++ b/cpp/misra/test/rules/RULE-8-2-3/CastRemovesConstOrVolatileFromPointerOrReference.testref @@ -0,0 +1 @@ +cpp/common/test/rules/removeconstorvolatilequalification/RemoveConstOrVolatileQualification.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-9-4-1/IfElseIfEndCondition.testref b/cpp/misra/test/rules/RULE-9-4-1/IfElseIfEndCondition.testref new file mode 100644 index 0000000000..d7ca04a26e --- /dev/null +++ b/cpp/misra/test/rules/RULE-9-4-1/IfElseIfEndCondition.testref @@ -0,0 +1 @@ +cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-9-6-3/GotoShallJumpToLabelDeclaredLaterInTheFunction.testref b/cpp/misra/test/rules/RULE-9-6-3/GotoShallJumpToLabelDeclaredLaterInTheFunction.testref new file mode 100644 index 0000000000..b4f807e8e2 --- /dev/null +++ b/cpp/misra/test/rules/RULE-9-6-3/GotoShallJumpToLabelDeclaredLaterInTheFunction.testref @@ -0,0 +1 @@ +cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-9-6-4/FunctionDeclaredWithTheNoreturnAttributeReturn.testref b/cpp/misra/test/rules/RULE-9-6-4/FunctionDeclaredWithTheNoreturnAttributeReturn.testref new file mode 100644 index 0000000000..dec8006f15 --- /dev/null +++ b/cpp/misra/test/rules/RULE-9-6-4/FunctionDeclaredWithTheNoreturnAttributeReturn.testref @@ -0,0 +1 @@ +cpp/common/test/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-9-6-5/NonVoidFunctionShallReturnAValueOnAllPaths.testref b/cpp/misra/test/rules/RULE-9-6-5/NonVoidFunctionShallReturnAValueOnAllPaths.testref new file mode 100644 index 0000000000..ef9b3c1fc2 --- /dev/null +++ b/cpp/misra/test/rules/RULE-9-6-5/NonVoidFunctionShallReturnAValueOnAllPaths.testref @@ -0,0 +1 @@ +cpp/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql \ No newline at end of file diff --git a/rule_packages/cpp/ImportMisra23.json b/rule_packages/cpp/ImportMisra23.json new file mode 100644 index 0000000000..259e3f8a17 --- /dev/null +++ b/rule_packages/cpp/ImportMisra23.json @@ -0,0 +1,505 @@ +{ + "MISRA-C++-2023": { + "DIR-5-7-2": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "Sections of code should not be \u201ccommented out\u201d", + "precision": "very-high", + "severity": "error", + "short_name": "SectionsOfCodeShouldNotBeCommentedOut", + "shared_implementation_short_name": "SectionsOfCodeShallNotBeCommentedOut", + "tags": [ + "maintainability", + "readability", + "correctness" + ] + } + ], + "title": "Sections of code should not be \u201ccommented out\u201d" + }, + "RULE-6-2-1": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "The one-definition rule shall not be violated", + "precision": "very-high", + "severity": "error", + "short_name": "OneDefinitionRuleViolated", + "shared_implementation_short_name": "OneDefinitionRuleViolation", + "tags": [ + "correctness", + "scope/system" + ] + } + ], + "title": "The one-definition rule shall not be violated" + }, + "RULE-6-4-1": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "A variable declared in an inner scope shall not hide a variable declared in an outer scope", + "precision": "very-high", + "severity": "error", + "short_name": "VariableDeclaredInInnerScopeHidesOuterScope", + "shared_implementation_short_name": "IdentifierHidden", + "tags": [ + "readability", + "maintainability", + "scope/single-translation-unit" + ] + } + ], + "title": "A variable declared in an inner scope shall not hide a variable declared in an outer scope" + }, + "RULE-6-8-1": { + "properties": { + "enforcement": "undecidable", + "obligation": "required" + }, + "queries": [ + { + "description": "Accessing an object before its lifetime can result in undefined behavior.", + "kind": "problem", + "name": "Access of uninitialized object", + "precision": "high", + "severity": "error", + "shared_implementation_short_name": "ObjectAccessedBeforeLifetime", + "short_name": "ObjectAccessedBeforeLifetimeMisra", + "tags": [ + "correctness", + "security" + ] + }, + { + "description": "Accessing an object after its lifetime results in undefined behavior.", + "kind": "problem", + "name": "Access of object after lifetime (use-after-free)", + "precision": "high", + "severity": "error", + "shared_implementation_short_name": "ObjectAccessedAfterLifetime", + "short_name": "ObjectAccessedAfterLifetimeMisra", + "tags": [ + "correctness", + "security" + ] + } + ], + "title": "An object shall not be accessed outside of its lifetime" + }, + "RULE-8-2-3": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "A cast shall not remove any const or volatile qualification from the type accessed via a pointer or by reference", + "kind": "problem", + "name": "A cast shall not remove any const or volatile qualification from the type accessed via a pointer or", + "precision": "very-high", + "severity": "error", + "short_name": "CastRemovesConstOrVolatileFromPointerOrReference", + "shared_implementation_short_name": "RemoveConstOrVolatileQualification", + "tags": [ + "correctness", + "scope/single-translation-unit" + ] + } + ], + "title": "A cast shall not remove any const or volatile qualification from the type accessed via a pointer or by reference" + }, + "RULE-9-4-1": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "All if ... else if constructs shall be terminated with an else statement", + "kind": "problem", + "name": "All if ", + "precision": "very-high", + "severity": "error", + "short_name": "IfElseIfEndCondition", + "shared_implementation_short_name": "IfElseTerminationConstruct", + "tags": [ + "readability", + "maintainability", + "scope/single-translation-unit" + ] + } + ], + "title": "All if ... else if constructs shall be terminated with an else statement" + }, + "RULE-9-6-3": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "The goto statement shall jump to a label declared later in the function body", + "precision": "very-high", + "severity": "error", + "short_name": "GotoShallJumpToLabelDeclaredLaterInTheFunction", + "shared_implementation_short_name": "GotoStatementCondition", + "tags": [ + "maintainability", + "readability", + "scope/single-translation-unit" + ] + } + ], + "title": "The goto statement shall jump to a label declared later in the function body" + }, + "RULE-9-6-4": { + "properties": { + "enforcement": "undecidable", + "obligation": "required" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "A function declared with the [[noreturn]] attribute shall not return", + "precision": "very-high", + "severity": "error", + "short_name": "FunctionDeclaredWithTheNoreturnAttributeReturn", + "shared_implementation_short_name": "FunctionNoReturnAttributeCondition", + "tags": [ + "correctness", + "scope/system" + ] + } + ], + "title": "A function declared with the [[noreturn]] attribute shall not return" + }, + "RULE-9-6-5": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "A function with non-void return type shall return a value on all paths", + "precision": "very-high", + "severity": "error", + "short_name": "NonVoidFunctionShallReturnAValueOnAllPaths", + "shared_implementation_short_name": "NonVoidFunctionDoesNotReturn", + "tags": [ + "correctness", + "scope/single-translation-unit" + ] + } + ], + "title": "A function with non-void return type shall return a value on all paths" + }, + "RULE-11-3-2": { + "properties": { + "enforcement": "decidable", + "obligation": "advisory" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "The declaration of an object should contain no more than two levels of pointer indirection", + "precision": "very-high", + "severity": "error", + "short_name": "DeclarationOfAnObjectIndirectionsLevel", + "shared_implementation_short_name": "DoNotUseMoreThanTwoLevelsOfPointerIndirection", + "tags": [ + "readability", + "maintainability", + "scope/single-translation-unit" + ] + } + ], + "title": "The declaration of an object should contain no more than two levels of pointer indirection" + }, + "RULE-18-3-3": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "Handlers for a function-try-block of a constructor or destructor shall not refer to non-static members from their class or its bases", + "kind": "problem", + "name": "Handlers for a function-try-block of a constructor or destructor shall not refer to non-static", + "precision": "very-high", + "severity": "error", + "short_name": "HandlersReferToNonStaticMembersFromTheirClass", + "shared_implementation_short_name": "DestroyedValueReferencedInDestructorCatchBlock", + "tags": [ + "correctness", + "scope/single-translation-unit" + ] + } + ], + "title": "Handlers for a function-try-block of a constructor or destructor shall not refer to non-static members from their class or its bases" + }, + "RULE-19-0-3": { + "properties": { + "enforcement": "decidable", + "obligation": "advisory" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "#include directives should only be preceded by preprocessor directives or comments", + "precision": "very-high", + "severity": "error", + "short_name": "IncludeDirectivesPrecededByPreprocessorDirectives", + "shared_implementation_short_name": "PreprocessorIncludesPreceded", + "tags": [ + "readability", + "scope/single-translation-unit" + ] + } + ], + "title": "#include directives should only be preceded by preprocessor directives or comments" + }, + "RULE-19-1-3": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "All identifiers used in the controlling expression of #if or #elif preprocessing directives shall be defined prior to evaluation", + "kind": "problem", + "name": "All identifiers used in the controlling expression of #if or #elif preprocessing directives shall be", + "precision": "very-high", + "severity": "error", + "short_name": "IdentifiersUsedInTheControllingExpressionOf", + "shared_implementation_short_name": "UndefinedMacroIdentifiers", + "tags": [ + "correctness", + "readability", + "scope/single-translation-unit" + ] + } + ], + "title": "All identifiers used in the controlling expression of #if or #elif preprocessing directives shall be defined prior to evaluation" + }, + "RULE-19-2-3": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "The ' or \" or \\ characters and the /* or // character sequences shall not occur in a header file name", + "kind": "problem", + "name": "The ' or \" or \\ characters and the /* or // character sequences shall not occur in a header file", + "precision": "very-high", + "severity": "error", + "short_name": "CharsThatShouldNotOccurInHeaderFileName", + "shared_implementation_short_name": "PreprocessorIncludesForbiddenHeaderNames", + "tags": [ + "scope/single-translation-unit", + "correctness" + ], + "implementation_scope": { + "description": "This query identifies the use of the ', \\, /*, // characters in header file names. The query is not able to detect the use of the \" character in header file names.", + "items": [] + } + } + ], + "title": "The ' or \" or \\ characters and the /* or // character sequences shall not occur in a header file name" + }, + "RULE-19-3-1": { + "properties": { + "enforcement": "decidable", + "obligation": "advisory" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "The # and ## preprocessor operators should not be used", + "precision": "very-high", + "severity": "error", + "short_name": "AndPreprocessorOperatorsShouldNotBeUsed", + "shared_implementation_short_name": "HashOperatorsUsed", + "tags": [ + "correctness", + "scope/single-translation-unit" + ] + } + ], + "title": "The # and ## preprocessor operators should not be used" + }, + "RULE-19-3-5": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "Tokens that look like a preprocessing directive shall not occur within a macro argument", + "precision": "very-high", + "severity": "error", + "short_name": "TokensThatLookLikeDirectivesInAMacroArgument", + "shared_implementation_short_name": "PreprocessingDirectiveWithinMacroArgument", + "tags": [ + "readability", + "correctness", + "scope/single-translation-unit" + ] + } + ], + "title": "Tokens that look like a preprocessing directive shall not occur within a macro argument" + }, + "RULE-21-6-5": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "A pointer to an incomplete class type shall not be deleted", + "precision": "very-high", + "severity": "error", + "short_name": "PointerToAnIncompleteClassTypeDeleted", + "shared_implementation_short_name": "DeleteOfPointerToIncompleteClass", + "tags": [ + "correctness", + "scope/single-translation-unit" + ] + } + ], + "title": "A pointer to an incomplete class type shall not be deleted" + }, + "RULE-25-5-2": { + "properties": { + "enforcement": "decidable", + "obligation": "mandatory" + }, + "queries": [ + { + "description": "The pointers returned by the C++ Standard Library functions localeconv, getenv, setlocale or strerror must only be used as if they have pointer to const-qualified type", + "kind": "problem", + "name": "The pointers returned by environment functions should be treated as const", + "precision": "very-high", + "severity": "error", + "short_name": "PointersReturnedByLocaleFunctionsMustBeUsedAsConst", + "shared_implementation_short_name": "ConstLikeReturnValue", + "tags": [ + "correctness", + "scope/single-translation-unit" + ] + } + ], + "title": "The pointers returned by the C++ Standard Library functions localeconv, getenv, setlocale or strerror must only be used as if they have pointer to const-qualified type" + }, + "RULE-25-5-3": { + "properties": { + "enforcement": "undecidable", + "obligation": "mandatory" + }, + "queries": [ + { + "description": "The pointer returned by the Standard Library functions asctime, ctime, gmtime, localtime, localeconv, getenv, setlocale or strerror may be invalid following a subsequent call to the same function.", + "kind": "problem", + "name": "The pointer returned by the Standard Library env functions is invalid", + "precision": "very-high", + "severity": "error", + "short_name": "CallToSetlocaleInvalidatesOldPointersMisra", + "shared_implementation_short_name": "InvalidatedEnvStringPointers", + "tags": [ + "correctness", + "scope/system" + ] + }, + { + "description": "The pointer returned by the Standard Library functions asctime, ctime, gmtime, localtime, localeconv, getenv, setlocale or strerror may be invalid following a subsequent call to the same function.", + "kind": "problem", + "name": "The pointer returned by the Standard Library env functions is invalid warning", + "precision": "very-high", + "severity": "warning", + "short_name": "CallToSetlocaleInvalidatesOldPointersWarnMisra", + "shared_implementation_short_name": "InvalidatedEnvStringPointersWarn", + "tags": [ + "correctness", + "scope/system" + ] + } + ], + "title": "The pointer returned by the C++ Standard Library functions asctime, ctime, gmtime, localtime, localeconv, getenv, setlocale or strerror must not be used following a subsequent call to the same function" + }, + "RULE-28-6-3": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "An object shall not be used while in a potentially moved-from state", + "precision": "very-high", + "severity": "error", + "short_name": "ObjectUsedWhileInPotentiallyMovedFromState", + "shared_implementation_short_name": "MovedFromObjectsUnspecifiedState", + "tags": [ + "correctness", + "scope/single-translation-unit" + ] + } + ], + "title": "An object shall not be used while in a potentially moved-from state" + }, + "RULE-30-0-2": { + "properties": { + "enforcement": "undecidable", + "obligation": "required" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "Reads and writes on the same file stream shall be separated by a positioning operation", + "precision": "very-high", + "severity": "error", + "short_name": "ReadsAndWritesOnStreamNotSeparatedByPositioning", + "shared_implementation_short_name": "IOFstreamMissingPositioning", + "tags": [ + "correctness", + "scope/system" + ], + "implementation_scope": { + "description": "The rule is enforced in the context of a single function." + } + } + ], + "title": "Reads and writes on the same file stream shall be separated by a positioning operation" + } + } +} \ No newline at end of file diff --git a/rules.csv b/rules.csv index 913aa27282..239ac09023 100644 --- a/rules.csv +++ b/rules.csv @@ -511,7 +511,7 @@ c,CERT-C,ENV31-C,Yes,Rule,,,Do not rely on an environment pointer following an o c,CERT-C,ENV32-C,Yes,Rule,,,All exit handlers must return normally,,Contracts2,Medium, c,CERT-C,ENV33-C,Yes,Rule,,,Do not call system(),"RULE-21-21, M18-0-3",Banned,Easy, c,CERT-C,ENV34-C,Yes,Rule,,,Do not store pointers returned by certain functions,RULE-21-20,Contracts2,Medium, -c,CERT-C,ERR30-C,Yes,Rule,,,"Take care when reading errno",M19-3-1,Contracts4,Hard, +c,CERT-C,ERR30-C,Yes,Rule,,,Take care when reading errno,M19-3-1,Contracts4,Hard, c,CERT-C,ERR32-C,Yes,Rule,,,Do not rely on indeterminate values of errno,,Contracts5,Hard, c,CERT-C,ERR33-C,Yes,Rule,,,Detect and handle standard library errors,MEM52-CPP,Contracts5,Hard, c,CERT-C,ERR34-C,OutOfScope,Rule,,,Detect errors when converting a string to a number,,,, @@ -703,7 +703,7 @@ c,MISRA-C-2012,RULE-15-3,Yes,Required,,,"Any label referenced by a goto statemen c,MISRA-C-2012,RULE-15-4,Yes,Advisory,,,There should be no more than one break or goto statement used to terminate any iteration statement,,Statements2,Medium, c,MISRA-C-2012,RULE-15-5,Yes,Advisory,,,A function should have a single point of exit at the end,,Statements5,Medium, c,MISRA-C-2012,RULE-15-6,Yes,Required,,,The body of an iteration-statement or a selection-statement shall be a compund-statement,M6-3-1,Statements3,Import, -c,MISRA-C-2012,RULE-15-7,Yes,Required,,,All if / else if constructs shall be terminated with an else statement,M6-4-2,Statements3,Import, +c,MISRA-C-2012,RULE-15-7,Yes,Required,,,All if else if constructs shall be terminated with an else statement,M6-4-2,Statements3,Import, c,MISRA-C-2012,RULE-16-1,Yes,Required,,,All switch statements shall be well-formed,M6-4-3,Statements3,Import, c,MISRA-C-2012,RULE-16-2,Yes,Required,,,A switch label shall only be used when the most closely-enclosing compound statement is the body of a switch statement,M6-4-4,Statements1,Import, c,MISRA-C-2012,RULE-16-3,Yes,Required,,,An unconditional break statement shall terminate every switch-clause,M6-4-5,Statements1,Import, @@ -774,182 +774,182 @@ c,MISRA-C-2012,RULE-22-7,Yes,Required,,,The macro EOF shall only be compared wit c,MISRA-C-2012,RULE-22-8,Yes,Required,,,The value of errno shall be set to zero prior to a call to an errno-setting-function,ERR30-C,Contracts3,Medium, c,MISRA-C-2012,RULE-22-9,Yes,Required,,,The value of errno shall be tested against zero after calling an errno-setting-function,,Contracts3,Medium, c,MISRA-C-2012,RULE-22-10,Yes,Required,,,The value of errno shall only be tested when the last function to be called was an errno-setting-function,,Contracts3,Medium, -cpp,MISRA-C++-2023,RULE-0-0-1,Yes,Required,Decidable,Single Translation Unit,A function shall not contain unreachable statements,,,Medium, -cpp,MISRA-C++-2023,RULE-0-0-2,Yes,Advisory,Undecidable,System,Controlling expressions should not be invariant,,,Easy, -cpp,MISRA-C++-2023,RULE-0-1-1,Yes,Advisory,Undecidable,System,A value should not be unnecessarily written to a local object,,,Medium, -cpp,MISRA-C++-2023,RULE-0-1-2,Yes,Required,Decidable,Single Translation Unit,The value returned by a function shall be used,,,Easy, -cpp,MISRA-C++-2023,RULE-0-2-1,Yes,Advisory,Decidable,Single Translation Unit,Variables with limited visibility should be used at least once,,,Easy, -cpp,MISRA-C++-2023,RULE-0-2-2,Yes,Required,Decidable,Single Translation Unit,A named function parameter shall be used at least once,,,Easy, -cpp,MISRA-C++-2023,RULE-0-2-3,Yes,Advisory,Decidable,Single Translation Unit,Types with limited visibility should be used at least once,,,Easy, -cpp,MISRA-C++-2023,RULE-0-2-4,Yes,Advisory,Decidable,System,Functions with limited visibility should be used at least once,,,Easy, +cpp,MISRA-C++-2023,RULE-0-0-1,Yes,Required,Decidable,Single Translation Unit,A function shall not contain unreachable statements,M0-1-1,,Medium, +cpp,MISRA-C++-2023,RULE-0-0-2,Yes,Advisory,Undecidable,System,Controlling expressions should not be invariant,M0-1-2,,Easy, +cpp,MISRA-C++-2023,RULE-0-1-1,Yes,Advisory,Undecidable,System,A value should not be unnecessarily written to a local object,A0-1-1,,Medium, +cpp,MISRA-C++-2023,RULE-0-1-2,Yes,Required,Decidable,Single Translation Unit,The value returned by a function shall be used,A0-1-2,,Easy, +cpp,MISRA-C++-2023,RULE-0-2-1,Yes,Advisory,Decidable,Single Translation Unit,Variables with limited visibility should be used at least once,M0-1-3,,Easy, +cpp,MISRA-C++-2023,RULE-0-2-2,Yes,Required,Decidable,Single Translation Unit,A named function parameter shall be used at least once,"A0-1-4, A0-1-5",,Easy, +cpp,MISRA-C++-2023,RULE-0-2-3,Yes,Advisory,Decidable,Single Translation Unit,Types with limited visibility should be used at least once,A0-1-6,,Easy, +cpp,MISRA-C++-2023,RULE-0-2-4,Yes,Advisory,Decidable,System,Functions with limited visibility should be used at least once,A0-1-3,,Easy, cpp,MISRA-C++-2023,DIR-0-3-1,Yes,Advisory,,,Floating-point arithmetic should be used appropriately,,,Hard, cpp,MISRA-C++-2023,DIR-0-3-2,Yes,Required,,,A function call shall not violate the function’s preconditions,,,Hard, cpp,MISRA-C++-2023,RULE-4-1-1,Yes,Required,Undecidable,System,A program shall conform to ISO/IEC 14882:2017 (C++17),,,Hard, cpp,MISRA-C++-2023,RULE-4-1-2,Yes,Advisory,Decidable,Single Translation Unit,Deprecated features should not be used,,,Very Hard, cpp,MISRA-C++-2023,RULE-4-1-3,Yes,Required,Undecidable,System,There shall be no occurrence of undefined or critical unspecified behaviour,,,Very Hard, -cpp,MISRA-C++-2023,RULE-4-6-1,Yes,Required,Undecidable,System,Operations on a memory location shall be sequenced appropriately,,,Import, -cpp,MISRA-C++-2023,RULE-5-0-1,Yes,Advisory,Decidable,Single Translation Unit,Trigraph-like sequences should not be used,,,Very Hard, -cpp,MISRA-C++-2023,RULE-5-7-1,Yes,Required,Decidable,Single Translation Unit,The character sequence /* shall not be used within a C-style comment,,,Import, -cpp,MISRA-C++-2023,DIR-5-7-2,Yes,Advisory,,,Sections of code should not be “commented out”,,,Import, -cpp,MISRA-C++-2023,RULE-5-7-3,Yes,Required,Decidable,Single Translation Unit,Line-splicing shall not be used in // comments,,,Import, +cpp,MISRA-C++-2023,RULE-4-6-1,Yes,Required,Undecidable,System,Operations on a memory location shall be sequenced appropriately,RULE-13-2,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-5-0-1,Yes,Advisory,Decidable,Single Translation Unit,Trigraph-like sequences should not be used,A2-5-1,,Very Hard, +cpp,MISRA-C++-2023,RULE-5-7-1,Yes,Required,Decidable,Single Translation Unit,The character sequence /* shall not be used within a C-style comment,M2-7-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,DIR-5-7-2,Yes,Advisory,,,Sections of code should not be “commented out”,A2-7-2,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-5-7-3,Yes,Required,Decidable,Single Translation Unit,Line-splicing shall not be used in // comments,A2-7-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-5-10-1,Yes,Required,Decidable,Single Translation Unit,User-defined identifiers shall have an appropriate form,,,Easy, -cpp,MISRA-C++-2023,RULE-5-13-1,Yes,Required,Decidable,Single Translation Unit,"In character literals and non-raw string literals, \ shall only be used to form a defined escape sequence or universal character name",,,Import, -cpp,MISRA-C++-2023,RULE-5-13-2,Yes,Required,Decidable,Single Translation Unit,"Octal escape sequences, hexadecimal escape sequences, and universal character names shall be terminated",,,Import, -cpp,MISRA-C++-2023,RULE-5-13-3,Yes,Required,Decidable,Single Translation Unit,Octal constants shall not be used,,,Import, -cpp,MISRA-C++-2023,RULE-5-13-4,Yes,Required,Decidable,Single Translation Unit,Unsigned integer literals shall be appropriately suffixed,,,Import, -cpp,MISRA-C++-2023,RULE-5-13-5,Yes,Required,Decidable,Single Translation Unit,The lowercase form of L shall not be used as the first character in a literal suffix,,,Import, +cpp,MISRA-C++-2023,RULE-5-13-1,Yes,Required,Decidable,Single Translation Unit,"In character literals and non-raw string literals, \ shall only be used to form a defined escape sequence or universal character name",A2-13-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-5-13-2,Yes,Required,Decidable,Single Translation Unit,"Octal escape sequences, hexadecimal escape sequences, and universal character names shall be terminated",RULE-4-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-5-13-3,Yes,Required,Decidable,Single Translation Unit,Octal constants shall not be used,RULE-7-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-5-13-4,Yes,Required,Decidable,Single Translation Unit,Unsigned integer literals shall be appropriately suffixed,M2-13-3,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-5-13-5,Yes,Required,Decidable,Single Translation Unit,The lowercase form of L shall not be used as the first character in a literal suffix,RULE-7-3,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-5-13-6,Yes,Required,Decidable,Single Translation Unit,An integer-literal of type long long shall not use a single L or l in any suffix,,,Easy, -cpp,MISRA-C++-2023,RULE-5-13-7,No,Required,Decidable,Single Translation Unit,String literals with different encoding prefixes shall not be concatenated,,,, -cpp,MISRA-C++-2023,RULE-6-0-1,Yes,Required,Decidable,Single Translation Unit,Block scope declarations shall not be visually ambiguous,,,Easy, -cpp,MISRA-C++-2023,RULE-6-0-2,Yes,Advisory,Decidable,Single Translation Unit,"When an array with external linkage is declared, its size should be explicitly specified",,,Easy, -cpp,MISRA-C++-2023,RULE-6-0-3,Yes,Advisory,Decidable,Single Translation Unit,"The only declarations in the global namespace should be main, namespace declarations and extern ""C"" declarations",,,Import, -cpp,MISRA-C++-2023,RULE-6-0-4,Yes,Required,Decidable,Single Translation Unit,The identifier main shall not be used for a function other than the global function main,,,Import, -cpp,MISRA-C++-2023,RULE-6-2-1,Yes,Required,Decidable,System,The one-definition rule shall not be violated,,,Import, -cpp,MISRA-C++-2023,RULE-6-2-2,Yes,Required,Decidable,System,All declarations of a variable or function shall have the same type,,,Easy, +cpp,MISRA-C++-2023,RULE-5-13-7,No,Required,Decidable,Single Translation Unit,String literals with different encoding prefixes shall not be concatenated,A2-13-2,,, +cpp,MISRA-C++-2023,RULE-6-0-1,Yes,Required,Decidable,Single Translation Unit,Block scope declarations shall not be visually ambiguous,"M3-1-2,DCL53-CPP",,Easy, +cpp,MISRA-C++-2023,RULE-6-0-2,Yes,Advisory,Decidable,Single Translation Unit,"When an array with external linkage is declared, its size should be explicitly specified",RULE-18-8,,Easy, +cpp,MISRA-C++-2023,RULE-6-0-3,Yes,Advisory,Decidable,Single Translation Unit,"The only declarations in the global namespace should be main, namespace declarations and extern ""C"" declarations",M7-3-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-6-0-4,Yes,Required,Decidable,Single Translation Unit,The identifier main shall not be used for a function other than the global function main,M7-3-2,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-6-2-1,Yes,Required,Decidable,System,The one-definition rule shall not be violated,M3-2-2,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-6-2-2,Yes,Required,Decidable,System,All declarations of a variable or function shall have the same type,"M3-9-1,DCL40-C",,Easy, cpp,MISRA-C++-2023,RULE-6-2-3,Yes,Required,Decidable,System,The source code used to implement an entity shall appear only once,,,Medium, cpp,MISRA-C++-2023,RULE-6-2-4,Yes,Required,Decidable,Single Translation Unit,A header file shall not contain definitions of functions or objects that are non-inline and have external linkage,,,Easy, -cpp,MISRA-C++-2023,RULE-6-4-1,Yes,Required,Decidable,Single Translation Unit,A variable declared in an inner scope shall not hide a variable declared in an outer scope,,,Import, -cpp,MISRA-C++-2023,RULE-6-4-2,Yes,Required,Decidable,Single Translation Unit,Derived classes shall not conceal functions that are inherited from their bases,,,Import, -cpp,MISRA-C++-2023,RULE-6-4-3,Yes,Required,Decidable,Single Translation Unit,A name that is present in a dependent base shall not be resolved by unqualified lookup,,,Import, +cpp,MISRA-C++-2023,RULE-6-4-1,Yes,Required,Decidable,Single Translation Unit,A variable declared in an inner scope shall not hide a variable declared in an outer scope,A2-10-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-6-4-2,Yes,Required,Decidable,Single Translation Unit,Derived classes shall not conceal functions that are inherited from their bases,A7-3-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-6-4-3,Yes,Required,Decidable,Single Translation Unit,A name that is present in a dependent base shall not be resolved by unqualified lookup,M14-6-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-6-5-1,Yes,Advisory,Decidable,Single Translation Unit,A function or object with external linkage should be introduced in a header file,,,Medium, cpp,MISRA-C++-2023,RULE-6-5-2,Yes,Advisory,Decidable,Single Translation Unit,Internal linkage should be specified appropriately,,,Medium, cpp,MISRA-C++-2023,RULE-6-7-1,Yes,Required,Decidable,Single Translation Unit,Local variables shall not have static storage duration,,,Easy, cpp,MISRA-C++-2023,RULE-6-7-2,Yes,Required,Decidable,Single Translation Unit,Global variables shall not be used,,,Easy, -cpp,MISRA-C++-2023,RULE-6-8-1,Yes,Required,Undecidable,System,An object shall not be accessed outside of its lifetime,,,Import, -cpp,MISRA-C++-2023,RULE-6-8-2,Yes,Mandatory,Decidable,Single Translation Unit,A function must not return a reference or a pointer to a local variable with automatic storage duration,,,Import, +cpp,MISRA-C++-2023,RULE-6-8-1,Yes,Required,Undecidable,System,An object shall not be accessed outside of its lifetime,A3-8-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-6-8-2,Yes,Mandatory,Decidable,Single Translation Unit,A function must not return a reference or a pointer to a local variable with automatic storage duration,M7-5-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-6-8-3,Yes,Required,Decidable,Single Translation Unit,An assignment operator shall not assign the address of an object with automatic storage duration to an object with a greater lifetime,,,Medium, cpp,MISRA-C++-2023,RULE-6-8-4,Yes,Advisory,Decidable,Single Translation Unit,Member functions returning references to their object should be refqualified appropriately,,,Medium, cpp,MISRA-C++-2023,RULE-6-9-1,Yes,Required,Decidable,Single Translation Unit,The same type aliases shall be used in all declarations of the same entity,,,Medium, -cpp,MISRA-C++-2023,RULE-6-9-2,Yes,Advisory,Decidable,Single Translation Unit,The names of the standard signed integer types and standard unsigned integer types should not be used,,,Easy, +cpp,MISRA-C++-2023,RULE-6-9-2,Yes,Advisory,Decidable,Single Translation Unit,The names of the standard signed integer types and standard unsigned integer types should not be used,A3-9-1,,Easy, cpp,MISRA-C++-2023,RULE-7-0-1,Yes,Required,Decidable,Single Translation Unit,There shall be no conversion from type bool,,,Easy, cpp,MISRA-C++-2023,RULE-7-0-2,Yes,Required,Decidable,Single Translation Unit,There shall be no conversion to type bool,,,Easy, -cpp,MISRA-C++-2023,RULE-7-0-3,Yes,Required,Decidable,Single Translation Unit,The numerical value of a character shall not be used,,,Medium, -cpp,MISRA-C++-2023,RULE-7-0-4,Yes,Required,Decidable,Single Translation Unit,The operands of bitwise operators and shift operators shall be appropriate,,,Medium, -cpp,MISRA-C++-2023,RULE-7-0-5,Yes,Required,Decidable,Single Translation Unit,Integral promotion and the usual arithmetic conversions shall not change the signedness or the type category of an operand,,,Medium, +cpp,MISRA-C++-2023,RULE-7-0-3,Yes,Required,Decidable,Single Translation Unit,The numerical value of a character shall not be used,M5-0-11,,Medium, +cpp,MISRA-C++-2023,RULE-7-0-4,Yes,Required,Decidable,Single Translation Unit,The operands of bitwise operators and shift operators shall be appropriate,RULE-10-1,,Medium, +cpp,MISRA-C++-2023,RULE-7-0-5,Yes,Required,Decidable,Single Translation Unit,Integral promotion and the usual arithmetic conversions shall not change the signedness or the type category of an operand,"M5-0-4,M5-0-9,INT31-C",,Medium, cpp,MISRA-C++-2023,RULE-7-0-6,Yes,Required,Decidable,Single Translation Unit,Assignment between numeric types shall be appropriate,,,Hard, -cpp,MISRA-C++-2023,RULE-7-11-1,Yes,Required,Decidable,Single Translation Unit,nullptr shall be the only form of the null-pointer-constant,,,Import, -cpp,MISRA-C++-2023,RULE-7-11-2,Yes,Required,Decidable,Single Translation Unit,An array passed as a function argument shall not decay to a pointer,,,Import, +cpp,MISRA-C++-2023,RULE-7-11-1,Yes,Required,Decidable,Single Translation Unit,nullptr shall be the only form of the null-pointer-constant,A4-10-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-7-11-2,Yes,Required,Decidable,Single Translation Unit,An array passed as a function argument shall not decay to a pointer,M5-2-12,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-7-11-3,Yes,Required,Decidable,Single Translation Unit,A conversion from function type to pointer-to-function type shall only occur in appropriate contexts,,,Easy, -cpp,MISRA-C++-2023,RULE-8-0-1,Yes,Advisory,Decidable,Single Translation Unit,Parentheses should be used to make the meaning of an expression appropriately explicit,,,Medium, +cpp,MISRA-C++-2023,RULE-8-0-1,Yes,Advisory,Decidable,Single Translation Unit,Parentheses should be used to make the meaning of an expression appropriately explicit,M5-0-2,,Medium, cpp,MISRA-C++-2023,RULE-8-1-1,Yes,Required,Decidable,Single Translation Unit,A non-transient lambda shall not implicitly capture this,,,Easy, -cpp,MISRA-C++-2023,RULE-8-1-2,Yes,Advisory,Decidable,Single Translation Unit,Variables should be captured explicitly in a non-transient lambda,,,Easy, +cpp,MISRA-C++-2023,RULE-8-1-2,Yes,Advisory,Decidable,Single Translation Unit,Variables should be captured explicitly in a non-transient lambda,A5-1-2,,Easy, cpp,MISRA-C++-2023,RULE-8-2-1,Yes,Required,Decidable,Single Translation Unit,A virtual base class shall only be cast to a derived class by means of dynamic_cast,,,Easy, -cpp,MISRA-C++-2023,RULE-8-2-2,Yes,Required,Decidable,Single Translation Unit,C-style casts and functional notation casts shall not be used,,,Easy, -cpp,MISRA-C++-2023,RULE-8-2-3,Yes,Required,Decidable,Single Translation Unit,A cast shall not remove any const or volatile qualification from the type accessed via a pointer or by reference,,,Import, -cpp,MISRA-C++-2023,RULE-8-2-4,Yes,Required,Decidable,Single Translation Unit,Casts shall not be performed between a pointer to function and any other type,,,Import, -cpp,MISRA-C++-2023,RULE-8-2-5,Yes,Required,Decidable,Single Translation Unit,reinterpret_cast shall not be used,,,Import, -cpp,MISRA-C++-2023,RULE-8-2-6,Yes,Required,Decidable,Single Translation Unit,"An object with integral, enumerated, or pointer to void type shall not be cast to a pointer type",,,Easy, -cpp,MISRA-C++-2023,RULE-8-2-7,Yes,Advisory,Decidable,Single Translation Unit,A cast should not convert a pointer type to an integral type,,,Easy, -cpp,MISRA-C++-2023,RULE-8-2-8,Yes,Required,Decidable,Single Translation Unit,An object pointer type shall not be cast to an integral type other than std::uintptr_t or std::intptr_t,,,Easy, +cpp,MISRA-C++-2023,RULE-8-2-2,Yes,Required,Decidable,Single Translation Unit,C-style casts and functional notation casts shall not be used,A5-2-2,,Easy, +cpp,MISRA-C++-2023,RULE-8-2-3,Yes,Required,Decidable,Single Translation Unit,A cast shall not remove any const or volatile qualification from the type accessed via a pointer or by reference,A5-2-3,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-8-2-4,Yes,Required,Decidable,Single Translation Unit,Casts shall not be performed between a pointer to function and any other type,M5-2-6,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-8-2-5,Yes,Required,Decidable,Single Translation Unit,reinterpret_cast shall not be used,A5-2-4,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-8-2-6,Yes,Required,Decidable,Single Translation Unit,"An object with integral, enumerated, or pointer to void type shall not be cast to a pointer type","RULE-11-6, INT36-C",,Easy, +cpp,MISRA-C++-2023,RULE-8-2-7,Yes,Advisory,Decidable,Single Translation Unit,A cast should not convert a pointer type to an integral type,"RULE-11-6, INT36-C",,Easy, +cpp,MISRA-C++-2023,RULE-8-2-8,Yes,Required,Decidable,Single Translation Unit,An object pointer type shall not be cast to an integral type other than std::uintptr_t or std::intptr_t,"RULE-11-6, INT36-C",,Easy, cpp,MISRA-C++-2023,RULE-8-2-9,Yes,Required,Decidable,Single Translation Unit,The operand to typeid shall not be an expression of polymorphic class type,,,Easy, -cpp,MISRA-C++-2023,RULE-8-2-10,Yes,Required,Undecidable,System,"Functions shall not call themselves, either directly or indirectly",,,Import, +cpp,MISRA-C++-2023,RULE-8-2-10,Yes,Required,Undecidable,System,"Functions shall not call themselves, either directly or indirectly",A7-5-2,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-8-2-11,Yes,Required,Decidable,Single Translation Unit,An argument passed via ellipsis shall have an appropriate type,,,Easy, -cpp,MISRA-C++-2023,RULE-8-3-1,Yes,Advisory,Decidable,Single Translation Unit,The built-in unary - operator should not be applied to an expression of unsigned type,,,Import, +cpp,MISRA-C++-2023,RULE-8-3-1,Yes,Advisory,Decidable,Single Translation Unit,The built-in unary - operator should not be applied to an expression of unsigned type,M5-3-2,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-8-3-2,Yes,Advisory,Decidable,Single Translation Unit,The built-in unary + operator should not be used,,,Easy, -cpp,MISRA-C++-2023,RULE-8-7-1,Yes,Required,Undecidable,System,Pointer arithmetic shall not form an invalid pointer,,,Easy, -cpp,MISRA-C++-2023,RULE-8-7-2,Yes,Required,Undecidable,System,Subtraction between pointers shall only be applied to pointers that address elements of the same array,,,Easy, -cpp,MISRA-C++-2023,RULE-8-9-1,Yes,Required,Undecidable,System,"The built-in relational operators >, >=, < and <= shall not be applied to objects of pointer type, except where they point to elements of the same array",,,Easy, -cpp,MISRA-C++-2023,RULE-8-14-1,Yes,Advisory,Undecidable,System,The right-hand operand of a logical && or operator should not contain persistent side effects,,,Medium, -cpp,MISRA-C++-2023,RULE-8-18-1,Yes,Mandatory,Undecidable,System,An object or subobject must not be copied to an overlapping object,,,Hard, -cpp,MISRA-C++-2023,RULE-8-18-2,Yes,Advisory,Decidable,Single Translation Unit,The result of an assignment operator should not be used,,,Import, -cpp,MISRA-C++-2023,RULE-8-19-1,Yes,Advisory,Decidable,Single Translation Unit,The comma operator should not be used,,,Import, -cpp,MISRA-C++-2023,RULE-8-20-1,Yes,Advisory,Decidable,Single Translation Unit,An unsigned arithmetic operation with constant operands should not wrap,,,Import, -cpp,MISRA-C++-2023,RULE-9-2-1,Yes,Required,Decidable,Single Translation Unit,An explicit type conversion shall not be an expression statement,,,Easy, -cpp,MISRA-C++-2023,RULE-9-3-1,Yes,Required,Decidable,Single Translation Unit,The body of an iteration-statement or a selection-statement shall be a compound-statement,,,Import, -cpp,MISRA-C++-2023,RULE-9-4-1,Yes,Required,Decidable,Single Translation Unit,All if ... else if constructs shall be terminated with an else statement,,,Import, -cpp,MISRA-C++-2023,RULE-9-4-2,Yes,Required,Decidable,Single Translation Unit,The structure of a switch statement shall be appropriate,,,Medium, +cpp,MISRA-C++-2023,RULE-8-7-1,Yes,Required,Undecidable,System,Pointer arithmetic shall not form an invalid pointer,ARR30-C,,Easy, +cpp,MISRA-C++-2023,RULE-8-7-2,Yes,Required,Undecidable,System,Subtraction between pointers shall only be applied to pointers that address elements of the same array,ARR36-C,,Easy, +cpp,MISRA-C++-2023,RULE-8-9-1,Yes,Required,Undecidable,System,"The built-in relational operators >, >=, < and <= shall not be applied to objects of pointer type, except where they point to elements of the same array",ARR36-C,,Easy, +cpp,MISRA-C++-2023,RULE-8-14-1,Yes,Advisory,Undecidable,System,The right-hand operand of a logical && or operator should not contain persistent side effects,"M5-14-1, RULE-13-5",,Medium, +cpp,MISRA-C++-2023,RULE-8-18-1,Yes,Mandatory,Undecidable,System,An object or subobject must not be copied to an overlapping object,"M0-2-1, RULE-19-1",,Hard, +cpp,MISRA-C++-2023,RULE-8-18-2,Yes,Advisory,Decidable,Single Translation Unit,The result of an assignment operator should not be used,RULE-13-4,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-8-19-1,Yes,Advisory,Decidable,Single Translation Unit,The comma operator should not be used,M15-8-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-8-20-1,Yes,Advisory,Decidable,Single Translation Unit,An unsigned arithmetic operation with constant operands should not wrap,INT30-C,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-9-2-1,Yes,Required,Decidable,Single Translation Unit,An explicit type conversion shall not be an expression statement,DCL53-CPP,,Easy, +cpp,MISRA-C++-2023,RULE-9-3-1,Yes,Required,Decidable,Single Translation Unit,The body of an iteration-statement or a selection-statement shall be a compound-statement,RULE-15-6,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-9-4-1,Yes,Required,Decidable,Single Translation Unit,All if ... else if constructs shall be terminated with an else statement,RULE-15-7,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-9-4-2,Yes,Required,Decidable,Single Translation Unit,The structure of a switch statement shall be appropriate,"RULE-16-1, RULE-16-2,RULE-16-3,RULE-16-4,RULE-16-5,RULE-16-6,RULE-16-7",,Medium, cpp,MISRA-C++-2023,RULE-9-5-1,Yes,Advisory,Decidable,Single Translation Unit,Legacy for statements should be simple,,,Hard, cpp,MISRA-C++-2023,RULE-9-5-2,Yes,Required,Decidable,Single Translation Unit,A for-range-initializer shall contain at most one function call,,,Easy, -cpp,MISRA-C++-2023,RULE-9-6-1,Yes,Advisory,Decidable,Single Translation Unit,The goto statement should not be used,,,Import, -cpp,MISRA-C++-2023,RULE-9-6-2,Yes,Required,Decidable,Single Translation Unit,A goto statement shall reference a label in a surrounding block,,,Import, -cpp,MISRA-C++-2023,RULE-9-6-3,Yes,Required,Decidable,Single Translation Unit,The goto statement shall jump to a label declared later in the function body,,,Import, -cpp,MISRA-C++-2023,RULE-9-6-4,Yes,Required,Undecidable,System,A function declared with the [[noreturn]] attribute shall not return,,,Import, -cpp,MISRA-C++-2023,RULE-9-6-5,Yes,Required,Decidable,Single Translation Unit,A function with non-void return type shall return a value on all paths,,,Import, -cpp,MISRA-C++-2023,RULE-10-0-1,Yes,Advisory,Decidable,Single Translation Unit,A declaration should not declare more than one variable or member variable,,,Import, -cpp,MISRA-C++-2023,RULE-10-1-1,Yes,Advisory,Decidable,Single Translation Unit,The target type of a pointer or lvalue reference parameter should be const-qualified appropriately,,,Hard, +cpp,MISRA-C++-2023,RULE-9-6-1,Yes,Advisory,Decidable,Single Translation Unit,The goto statement should not be used,RULE-15-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-9-6-2,Yes,Required,Decidable,Single Translation Unit,A goto statement shall reference a label in a surrounding block,RULE-15-3,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-9-6-3,Yes,Required,Decidable,Single Translation Unit,The goto statement shall jump to a label declared later in the function body,RULE-15-2,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-9-6-4,Yes,Required,Undecidable,System,A function declared with the [[noreturn]] attribute shall not return,MSC53-CPP,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-9-6-5,Yes,Required,Decidable,Single Translation Unit,A function with non-void return type shall return a value on all paths,MSC52-CPP,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-10-0-1,Yes,Advisory,Decidable,Single Translation Unit,A declaration should not declare more than one variable or member variable,M8-0-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-10-1-1,Yes,Advisory,Decidable,Single Translation Unit,The target type of a pointer or lvalue reference parameter should be const-qualified appropriately,RULE-8-13,,Hard, cpp,MISRA-C++-2023,RULE-10-1-2,Yes,Required,Decidable,Single Translation Unit,The volatile qualifier shall be used appropriately,,,Easy, -cpp,MISRA-C++-2023,RULE-10-2-1,Yes,Required,Decidable,Single Translation Unit,An enumeration shall be defined with an explicit underlying type,,,Import, -cpp,MISRA-C++-2023,RULE-10-2-2,Yes,Advisory,Decidable,Single Translation Unit,Unscoped enumerations should not be declared,,,Easy, -cpp,MISRA-C++-2023,RULE-10-2-3,Yes,Required,Decidable,Single Translation Unit,The numeric value of an unscoped enumeration with no fixed underlying type shall not be used,,,Easy, -cpp,MISRA-C++-2023,RULE-10-3-1,Yes,Advisory,Decidable,Single Translation Unit,There should be no unnamed namespaces in header files,,,Easy, -cpp,MISRA-C++-2023,RULE-10-4-1,Yes,Required,Decidable,Single Translation Unit,The asm declaration shall not be used,,,Import, +cpp,MISRA-C++-2023,RULE-10-2-1,Yes,Required,Decidable,Single Translation Unit,An enumeration shall be defined with an explicit underlying type,A7-2-2,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-10-2-2,Yes,Advisory,Decidable,Single Translation Unit,Unscoped enumerations should not be declared,A7-2-3,,Easy, +cpp,MISRA-C++-2023,RULE-10-2-3,Yes,Required,Decidable,Single Translation Unit,The numeric value of an unscoped enumeration with no fixed underlying type shall not be used,A4-5-1,,Easy, +cpp,MISRA-C++-2023,RULE-10-3-1,Yes,Advisory,Decidable,Single Translation Unit,There should be no unnamed namespaces in header files,"DCL59-CPP, M7-3-3",,Easy, +cpp,MISRA-C++-2023,RULE-10-4-1,Yes,Required,Decidable,Single Translation Unit,The asm declaration shall not be used,A7-4-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-11-3-1,Yes,Advisory,Decidable,Single Translation Unit,Variables of array type should not be declared,,,Easy, -cpp,MISRA-C++-2023,RULE-11-3-2,Yes,Advisory,Decidable,Single Translation Unit,The declaration of an object should contain no more than two levels of pointer indirection,,,Import, +cpp,MISRA-C++-2023,RULE-11-3-2,Yes,Advisory,Decidable,Single Translation Unit,The declaration of an object should contain no more than two levels of pointer indirection,A5-0-3,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-11-6-1,Yes,Advisory,Decidable,Single Translation Unit,All variables should be initialized,,,Easy, -cpp,MISRA-C++-2023,RULE-11-6-2,Yes,Mandatory,Undecidable,System,The value of an object must not be read before it has been set,,,Very Hard, -cpp,MISRA-C++-2023,RULE-11-6-3,Yes,Required,Decidable,Single Translation Unit,"Within an enumerator list, the value of an implicitly-specified enumeration constant shall be unique",,,Import, -cpp,MISRA-C++-2023,RULE-12-2-1,Yes,Advisory,Decidable,Single Translation Unit,Bit-fields should not be declared,,,Easy, -cpp,MISRA-C++-2023,RULE-12-2-2,Yes,Required,Decidable,Single Translation Unit,A bit-field shall have an appropriate type,,,Import, -cpp,MISRA-C++-2023,RULE-12-2-3,Yes,Required,Decidable,Single Translation Unit,A named bit-field with signed integer type shall not have a length of one bit,,,Import, -cpp,MISRA-C++-2023,RULE-12-3-1,Yes,Required,Decidable,Single Translation Unit,The union keyword shall not be used,,,Easy, +cpp,MISRA-C++-2023,RULE-11-6-2,Yes,Mandatory,Undecidable,System,The value of an object must not be read before it has been set,A8-5-0,,Very Hard, +cpp,MISRA-C++-2023,RULE-11-6-3,Yes,Required,Decidable,Single Translation Unit,"Within an enumerator list, the value of an implicitly-specified enumeration constant shall be unique",RULE-8-12,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-12-2-1,Yes,Advisory,Decidable,Single Translation Unit,Bit-fields should not be declared,A9-6-2,,Easy, +cpp,MISRA-C++-2023,RULE-12-2-2,Yes,Required,Decidable,Single Translation Unit,A bit-field shall have an appropriate type,RULE-6-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-12-2-3,Yes,Required,Decidable,Single Translation Unit,A named bit-field with signed integer type shall not have a length of one bit,"RULE-6-2, M9-6-4",ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-12-3-1,Yes,Required,Decidable,Single Translation Unit,The union keyword shall not be used,RULE-19-2,,Easy, cpp,MISRA-C++-2023,RULE-13-1-1,Yes,Advisory,Decidable,Single Translation Unit,Classes should not be inherited virtually,,,Easy, -cpp,MISRA-C++-2023,RULE-13-1-2,Yes,Required,Decidable,Single Translation Unit,An accessible base class shall not be both virtual and non-virtual in the same hierarchy,,,Import, +cpp,MISRA-C++-2023,RULE-13-1-2,Yes,Required,Decidable,Single Translation Unit,An accessible base class shall not be both virtual and non-virtual in the same hierarchy,M10-1-3,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-13-3-1,Yes,Required,Decidable,Single Translation Unit,"User-declared member functions shall use the virtual, override and final specifiers appropriately",,,Easy, -cpp,MISRA-C++-2023,RULE-13-3-2,Yes,Required,Decidable,Single Translation Unit,Parameters in an overriding virtual function shall not specify different default arguments,,,Import, -cpp,MISRA-C++-2023,RULE-13-3-3,Yes,Required,Decidable,System,The parameters in all declarations or overrides of a function shall either be unnamed or have identical names,,,Import, -cpp,MISRA-C++-2023,RULE-13-3-4,Yes,Required,Decidable,Single Translation Unit,A comparison of a potentially virtual pointer to member function shall only be with nullptr,,,Import, +cpp,MISRA-C++-2023,RULE-13-3-2,Yes,Required,Decidable,Single Translation Unit,Parameters in an overriding virtual function shall not specify different default arguments,M8-3-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-13-3-3,Yes,Required,Decidable,System,The parameters in all declarations or overrides of a function shall either be unnamed or have identical names,A15-1-2,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-13-3-4,Yes,Required,Decidable,Single Translation Unit,A comparison of a potentially virtual pointer to member function shall only be with nullptr,A5-10-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-14-1-1,Yes,Advisory,Decidable,Single Translation Unit,Non-static data members should be either all private or all public,,,Easy, -cpp,MISRA-C++-2023,RULE-15-0-1,Yes,Required,Decidable,Single Translation Unit,Special member functions shall be provided appropriately,,,Medium, +cpp,MISRA-C++-2023,RULE-15-0-1,Yes,Required,Decidable,Single Translation Unit,Special member functions shall be provided appropriately,A12-0-1,,Medium, cpp,MISRA-C++-2023,RULE-15-0-2,Yes,Advisory,Decidable,Single Translation Unit,User-provided copy and move member functions of a class should have appropriate signatures,,,Easy, -cpp,MISRA-C++-2023,RULE-15-1-1,Yes,Required,Undecidable,System,An object’s dynamic type shall not be used from within its constructor or destructor,,,Import, -cpp,MISRA-C++-2023,RULE-15-1-2,Yes,Advisory,Decidable,Single Translation Unit,All constructors of a class should explicitly initialize all of its virtual base classes and immediate base classes,,,Import, -cpp,MISRA-C++-2023,RULE-15-1-3,Yes,Required,Decidable,Single Translation Unit,Conversion operators and constructors that are callable with a single argument shall be explicit,,,Easy, +cpp,MISRA-C++-2023,RULE-15-1-1,Yes,Required,Undecidable,System,An object’s dynamic type shall not be used from within its constructor or destructor,M12-1-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-15-1-2,Yes,Advisory,Decidable,Single Translation Unit,All constructors of a class should explicitly initialize all of its virtual base classes and immediate base classes,A12-1-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-15-1-3,Yes,Required,Decidable,Single Translation Unit,Conversion operators and constructors that are callable with a single argument shall be explicit,"A12-1-4,A13-5-2",,Easy, cpp,MISRA-C++-2023,RULE-15-1-4,Yes,Advisory,Decidable,Single Translation Unit,"All direct, non-static data members of a class should be initialized before the class object is accessible",,,Hard, -cpp,MISRA-C++-2023,RULE-15-1-5,Yes,Required,Decidable,Single Translation Unit,A class shall only define an initializer-list constructor when it is the only constructor,,,Import, -cpp,MISRA-C++-2023,DIR-15-8-1,Yes,Required,#VALUE!,,User-provided copy assignment operators and move assignment operators shall handle self-assignment,,,Import, -cpp,MISRA-C++-2023,RULE-16-5-1,Yes,Required,Decidable,Single Translation Unit,The logical AND and logical OR operators shall not be overloaded,,,Easy, -cpp,MISRA-C++-2023,RULE-16-5-2,Yes,Required,Decidable,Single Translation Unit,The address-of operator shall not be overloaded,,,Import, +cpp,MISRA-C++-2023,RULE-15-1-5,Yes,Required,Decidable,Single Translation Unit,A class shall only define an initializer-list constructor when it is the only constructor,A8-5-4,ImportMisra23,Import, +cpp,MISRA-C++-2023,DIR-15-8-1,Yes,Required,Decidable,Implementation,User-provided copy assignment operators and move assignment operators shall handle self-assignment,A12-8-5,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-16-5-1,Yes,Required,Decidable,Single Translation Unit,The logical AND and logical OR operators shall not be overloaded,M5-2-11,,Easy, +cpp,MISRA-C++-2023,RULE-16-5-2,Yes,Required,Decidable,Single Translation Unit,The address-of operator shall not be overloaded,M5-3-3,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-16-6-1,Yes,Advisory,Decidable,Single Translation Unit,Symmetrical operators should only be implemented as non-member functions,,,Medium, -cpp,MISRA-C++-2023,RULE-17-8-1,Yes,Required,Decidable,Single Translation Unit,Function templates shall not be explicitly specialized,,,Import, -cpp,MISRA-C++-2023,RULE-18-1-1,Yes,Required,Decidable,Single Translation Unit,An exception object shall not have pointer type,,,Import, -cpp,MISRA-C++-2023,RULE-18-1-2,Yes,Required,Decidable,Single Translation Unit,An empty throw shall only occur within the compound-statement of a catch handler,,,Import, -cpp,MISRA-C++-2023,RULE-18-3-1,Yes,Advisory,Decidable,Single Translation Unit,There should be at least one exception handler to catch all otherwise unhandled exceptions,,,Easy, -cpp,MISRA-C++-2023,RULE-18-3-2,Yes,Required,Decidable,Single Translation Unit,An exception of class type shall be caught by const reference or reference,,,Easy, -cpp,MISRA-C++-2023,RULE-18-3-3,Yes,Required,Decidable,Single Translation Unit,Handlers for a function-try-block of a constructor or destructor shall not refer to non-static members from their class or its bases,,,Import, -cpp,MISRA-C++-2023,RULE-18-4-1,Yes,Required,Decidable,Single Translation Unit,Exception-unfriendly functions shall be noexcept,,,Easy, -cpp,MISRA-C++-2023,RULE-18-5-1,Yes,Advisory,Undecidable,System,A noexcept function should not attempt to propagate an exception to the calling function,,,Import, +cpp,MISRA-C++-2023,RULE-17-8-1,Yes,Required,Decidable,Single Translation Unit,Function templates shall not be explicitly specialized,A14-8-2,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-18-1-1,Yes,Required,Decidable,Single Translation Unit,An exception object shall not have pointer type,A15-1-2,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-18-1-2,Yes,Required,Decidable,Single Translation Unit,An empty throw shall only occur within the compound-statement of a catch handler,M15-1-3,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-18-3-1,Yes,Advisory,Decidable,Single Translation Unit,There should be at least one exception handler to catch all otherwise unhandled exceptions,A15-3-3,,Easy, +cpp,MISRA-C++-2023,RULE-18-3-2,Yes,Required,Decidable,Single Translation Unit,An exception of class type shall be caught by const reference or reference,A15-3-5,,Easy, +cpp,MISRA-C++-2023,RULE-18-3-3,Yes,Required,Decidable,Single Translation Unit,Handlers for a function-try-block of a constructor or destructor shall not refer to non-static members from their class or its bases,M15-3-3,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-18-4-1,Yes,Required,Decidable,Single Translation Unit,Exception-unfriendly functions shall be noexcept,A15-5-1,,Easy, +cpp,MISRA-C++-2023,RULE-18-5-1,Yes,Advisory,Undecidable,System,A noexcept function should not attempt to propagate an exception to the calling function,A15-4-2,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-18-5-2,Yes,Advisory,Decidable,Single Translation Unit,Program-terminating functions should not be used,,,Easy, cpp,MISRA-C++-2023,RULE-19-0-1,No,Required,Decidable,Single Translation Unit,A line whose first token is # shall be a valid preprocessing directive,,,, -cpp,MISRA-C++-2023,RULE-19-0-2,Yes,Required,Decidable,Single Translation Unit,Function-like macros shall not be defined,,,Import, -cpp,MISRA-C++-2023,RULE-19-0-3,Yes,Advisory,Decidable,Single Translation Unit,#include directives should only be preceded by preprocessor directives or comments,,,Import, +cpp,MISRA-C++-2023,RULE-19-0-2,Yes,Required,Decidable,Single Translation Unit,Function-like macros shall not be defined,DIR-4-9,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-19-0-3,Yes,Advisory,Decidable,Single Translation Unit,#include directives should only be preceded by preprocessor directives or comments,RULE-20-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-19-0-4,Yes,Advisory,Decidable,Single Translation Unit,#undef should only be used for macros defined previously in the same file,,,Easy, -cpp,MISRA-C++-2023,RULE-19-1-1,Yes,Required,Decidable,Single Translation Unit,The defined preprocessor operator shall be used appropriately,,,Easy, -cpp,MISRA-C++-2023,RULE-19-1-2,No,Required,Decidable,Single Translation Unit,"All #else, #elif and #endif preprocessor directives shall reside in the same file as the #if, #ifdef or #ifndef directive to which they are related",,,, -cpp,MISRA-C++-2023,RULE-19-1-3,Yes,Required,Decidable,Single Translation Unit,All identifiers used in the controlling expression of #if or #elif preprocessing directives shall be defined prior to evaluation,,,Import, -cpp,MISRA-C++-2023,RULE-19-2-1,Yes,Required,Decidable,Single Translation Unit,Precautions shall be taken in order to prevent the contents of a header file being included more than once,,,Easy, +cpp,MISRA-C++-2023,RULE-19-1-1,Yes,Required,Decidable,Single Translation Unit,The defined preprocessor operator shall be used appropriately,M16-1-1,,Easy, +cpp,MISRA-C++-2023,RULE-19-1-2,No,Required,Decidable,Single Translation Unit,"All #else, #elif and #endif preprocessor directives shall reside in the same file as the #if, #ifdef or #ifndef directive to which they are related",M16-1-2,,, +cpp,MISRA-C++-2023,RULE-19-1-3,Yes,Required,Decidable,Single Translation Unit,All identifiers used in the controlling expression of #if or #elif preprocessing directives shall be defined prior to evaluation,M16-0-7,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-19-2-1,Yes,Required,Decidable,Single Translation Unit,Precautions shall be taken in order to prevent the contents of a header file being included more than once,M16-2-3,,Easy, cpp,MISRA-C++-2023,RULE-19-2-2,Yes,Required,Decidable,Single Translation Unit,"The #include directive shall be followed by either a or ""filename"" sequence",,,Easy, -cpp,MISRA-C++-2023,RULE-19-2-3,Yes,Required,Decidable,Single Translation Unit,"The ' or "" or \ characters and the /* or // character sequences shall not occur in a header file name",,,Import, -cpp,MISRA-C++-2023,RULE-19-3-1,Yes,Advisory,Decidable,Single Translation Unit,The # and ## preprocessor operators should not be used,,,Import, -cpp,MISRA-C++-2023,RULE-19-3-2,Yes,Required,Decidable,Single Translation Unit,A macro parameter immediately following a # operator shall not be immediately followed by a ## operator,,,Import, -cpp,MISRA-C++-2023,RULE-19-3-3,Yes,Required,Decidable,Single Translation Unit,The argument to a mixed-use macro parameter shall not be subject to further expansion,,,Import, -cpp,MISRA-C++-2023,RULE-19-3-4,Yes,Required,Decidable,Single Translation Unit,Parentheses shall be used to ensure macro arguments are expanded appropriately,,,Medium, -cpp,MISRA-C++-2023,RULE-19-3-5,Yes,Required,Decidable,Single Translation Unit,Tokens that look like a preprocessing directive shall not occur within a macro argument,,,Import, -cpp,MISRA-C++-2023,RULE-19-6-1,Yes,Advisory,Decidable,Single Translation Unit,The #pragma directive and the _Pragma operator should not be used,,,Easy, -cpp,MISRA-C++-2023,RULE-21-2-1,Yes,Required,Decidable,Single Translation Unit,"The library functions atof, atoi, atol and atoll from shall not be used",,,Import, -cpp,MISRA-C++-2023,RULE-21-2-2,Yes,Required,Decidable,Single Translation Unit,"The string handling functions from , , and shall not be used",,,Easy, -cpp,MISRA-C++-2023,RULE-21-2-3,Yes,Required,Decidable,Single Translation Unit,The library function system from shall not be used,,,Easy, -cpp,MISRA-C++-2023,RULE-21-2-4,Yes,Required,Decidable,Single Translation Unit,The macro offsetof shall not be used,,,Import, -cpp,MISRA-C++-2023,RULE-21-6-1,Yes,Advisory,Undecidable,Single Translation Unit,Dynamic memory should not be used,,,Easy, +cpp,MISRA-C++-2023,RULE-19-2-3,Yes,Required,Decidable,Single Translation Unit,"The ' or "" or \ characters and the /* or // character sequences shall not occur in a header file name",A16-2-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-19-3-1,Yes,Advisory,Decidable,Single Translation Unit,The # and ## preprocessor operators should not be used,M16-3-2,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-19-3-2,Yes,Required,Decidable,Single Translation Unit,A macro parameter immediately following a # operator shall not be immediately followed by a ## operator,RULE-20-11,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-19-3-3,Yes,Required,Decidable,Single Translation Unit,The argument to a mixed-use macro parameter shall not be subject to further expansion,RULE-20-12,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-19-3-4,Yes,Required,Decidable,Single Translation Unit,Parentheses shall be used to ensure macro arguments are expanded appropriately,M16-0-6,,Medium, +cpp,MISRA-C++-2023,RULE-19-3-5,Yes,Required,Decidable,Single Translation Unit,Tokens that look like a preprocessing directive shall not occur within a macro argument,RULE-20-6,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-19-6-1,Yes,Advisory,Decidable,Single Translation Unit,The #pragma directive and the _Pragma operator should not be used,A16-7-1,,Easy, +cpp,MISRA-C++-2023,RULE-21-2-1,Yes,Required,Decidable,Single Translation Unit,"The library functions atof, atoi, atol and atoll from shall not be used",RULE-21-7,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-21-2-2,Yes,Required,Decidable,Single Translation Unit,"The string handling functions from , , and shall not be used",M18-0-5,,Easy, +cpp,MISRA-C++-2023,RULE-21-2-3,Yes,Required,Decidable,Single Translation Unit,The library function system from shall not be used,M18-0-3,,Easy, +cpp,MISRA-C++-2023,RULE-21-2-4,Yes,Required,Decidable,Single Translation Unit,The macro offsetof shall not be used,M18-2-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-21-6-1,Yes,Advisory,Undecidable,Single Translation Unit,Dynamic memory should not be used,DIR-4-12,,Easy, cpp,MISRA-C++-2023,RULE-21-6-2,Yes,Required,Decidable,Single Translation Unit,Dynamic memory shall be managed automatically,,,Easy, cpp,MISRA-C++-2023,RULE-21-6-3,Yes,Required,Decidable,Single Translation Unit,Advanced memory management shall not be used,,,Medium, -cpp,MISRA-C++-2023,RULE-21-6-4,Yes,Required,Decidable,System,"If a project defines either a sized or unsized version of a global operator delete, then both shall be defined",,,Import, -cpp,MISRA-C++-2023,RULE-21-6-5,Yes,Required,Decidable,Single Translation Unit,A pointer to an incomplete class type shall not be deleted,,,Import, -cpp,MISRA-C++-2023,RULE-21-10-1,Yes,Required,Decidable,Single Translation Unit,The features of shall not be used,,,Easy, -cpp,MISRA-C++-2023,RULE-21-10-2,Yes,Required,Decidable,Single Translation Unit,The standard header file shall not be used,,,Easy, -cpp,MISRA-C++-2023,RULE-21-10-3,Yes,Required,Decidable,Single Translation Unit,The facilities provided by the standard header file shall not be used,,,Import, +cpp,MISRA-C++-2023,RULE-21-6-4,Yes,Required,Decidable,System,"If a project defines either a sized or unsized version of a global operator delete, then both shall be defined",A18-5-4,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-21-6-5,Yes,Required,Decidable,Single Translation Unit,A pointer to an incomplete class type shall not be deleted,A5-3-3,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-21-10-1,Yes,Required,Decidable,Single Translation Unit,The features of shall not be used,DCL50-CPP,,Easy, +cpp,MISRA-C++-2023,RULE-21-10-2,Yes,Required,Decidable,Single Translation Unit,The standard header file shall not be used,ERR52-CPP,,Easy, +cpp,MISRA-C++-2023,RULE-21-10-3,Yes,Required,Decidable,Single Translation Unit,The facilities provided by the standard header file shall not be used,M18-7-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-22-3-1,Yes,Required,Decidable,Single Translation Unit,The assert macro shall not be used with a constant-expression,,,Easy, cpp,MISRA-C++-2023,RULE-22-4-1,Yes,Required,Decidable,Single Translation Unit,The literal value zero shall be the only value assigned to errno,,,Easy, cpp,MISRA-C++-2023,RULE-23-11-1,Yes,Advisory,Decidable,Single Translation Unit,The raw pointer constructors of std::shared_ptr and std::unique_ptr should not be used,,,Easy, cpp,MISRA-C++-2023,RULE-24-5-1,Yes,Required,Decidable,Single Translation Unit,The character handling functions from and shall not be used,,,Easy, cpp,MISRA-C++-2023,RULE-24-5-2,Yes,Required,Decidable,Single Translation Unit,"The C++ Standard Library functions memcpy, memmove and memcmp from shall not be used",,,Easy, cpp,MISRA-C++-2023,RULE-25-5-1,Yes,Required,Decidable,Single Translation Unit,The setlocale and std::locale::global functions shall not be called,,,Easy, -cpp,MISRA-C++-2023,RULE-25-5-2,Yes,Mandatory,Decidable,Single Translation Unit,"The pointers returned by the C++ Standard Library functions localeconv, getenv, setlocale or strerror must only be used as if they have pointer to const-qualified type",,,Import, -cpp,MISRA-C++-2023,RULE-25-5-3,Yes,Mandatory,Undecidable,System,"The pointer returned by the C++ Standard Library functions asctime, ctime, gmtime, localtime, localeconv, getenv, setlocale or strerror must not be used following a subsequent call to the same function",,,Import, -cpp,MISRA-C++-2023,RULE-26-3-1,Yes,Advisory,Decidable,Single Translation Unit,std::vector should not be specialized with bool,,,Import, -cpp,MISRA-C++-2023,RULE-28-3-1,Yes,Required,Undecidable,System,Predicates shall not have persistent side effects,,,Easy, -cpp,MISRA-C++-2023,RULE-28-6-1,Yes,Required,Decidable,Single Translation Unit,The argument to std::move shall be a non-const lvalue,,,Easy, -cpp,MISRA-C++-2023,RULE-28-6-2,Yes,Required,Decidable,Single Translation Unit,Forwarding references and std::forward shall be used together,,,Import, -cpp,MISRA-C++-2023,RULE-28-6-3,Yes,Required,Decidable,Single Translation Unit,An object shall not be used while in a potentially moved-from state,,,Import, +cpp,MISRA-C++-2023,RULE-25-5-2,Yes,Mandatory,Decidable,Single Translation Unit,"The pointers returned by the C++ Standard Library functions localeconv, getenv, setlocale or strerror must only be used as if they have pointer to const-qualified type",RULE-21-19,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-25-5-3,Yes,Mandatory,Undecidable,System,"The pointer returned by the C++ Standard Library functions asctime, ctime, gmtime, localtime, localeconv, getenv, setlocale or strerror must not be used following a subsequent call to the same function",RULE-21-20,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-26-3-1,Yes,Advisory,Decidable,Single Translation Unit,std::vector should not be specialized with bool,A18-1-2,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-28-3-1,Yes,Required,Undecidable,System,Predicates shall not have persistent side effects,A25-1-1,,Easy, +cpp,MISRA-C++-2023,RULE-28-6-1,Yes,Required,Decidable,Single Translation Unit,The argument to std::move shall be a non-const lvalue,A18-9-3,,Easy, +cpp,MISRA-C++-2023,RULE-28-6-2,Yes,Required,Decidable,Single Translation Unit,Forwarding references and std::forward shall be used together,A18-9-2,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-28-6-3,Yes,Required,Decidable,Single Translation Unit,An object shall not be used while in a potentially moved-from state,A12-8-3,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-28-6-4,Yes,Required,Decidable,Single Translation Unit,"The result of std::remove, std::remove_if, std::unique and empty shall be used",,,Easy, -cpp,MISRA-C++-2023,RULE-30-0-1,Yes,Required,Decidable,Single Translation Unit,The C Library input/output functions shall not be used,,,Import, -cpp,MISRA-C++-2023,RULE-30-0-2,Yes,Required,Undecidable,System,Reads and writes on the same file stream shall be separated by a positioning operation,,,Import, \ No newline at end of file +cpp,MISRA-C++-2023,RULE-30-0-1,Yes,Required,Decidable,Single Translation Unit,The C Library input/output functions shall not be used,M27-0-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-30-0-2,Yes,Required,Undecidable,System,Reads and writes on the same file stream shall be separated by a positioning operation,A27-0-3,ImportMisra23,Import, From bf9e9c74cd70600a0e3f0d51bca32a87cdcbdcb2 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 16 May 2024 17:37:39 +0200 Subject: [PATCH 1808/2573] Fix query descriptions --- rule_packages/cpp/ImportMisra23.json | 38 ++++++++++++++-------------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/rule_packages/cpp/ImportMisra23.json b/rule_packages/cpp/ImportMisra23.json index 259e3f8a17..ae2dd37ea5 100644 --- a/rule_packages/cpp/ImportMisra23.json +++ b/rule_packages/cpp/ImportMisra23.json @@ -6,7 +6,7 @@ }, "queries": [ { - "description": "", + "description": "Commented out code may become out of date leading to developer confusion.", "kind": "problem", "name": "Sections of code should not be \u201ccommented out\u201d", "precision": "very-high", @@ -29,7 +29,7 @@ }, "queries": [ { - "description": "", + "description": "The one-definition rule specifies when there should be a single definition of an element and a violation of that rule leads to undefined behavior.", "kind": "problem", "name": "The one-definition rule shall not be violated", "precision": "very-high", @@ -51,7 +51,7 @@ }, "queries": [ { - "description": "", + "description": "Use of an identifier declared in an inner scope with an identical name to an identifier in an outer scope can lead to inadvertent errors if the incorrect identifier is modified.", "kind": "problem", "name": "A variable declared in an inner scope shall not hide a variable declared in an outer scope", "precision": "very-high", @@ -109,7 +109,7 @@ }, "queries": [ { - "description": "A cast shall not remove any const or volatile qualification from the type accessed via a pointer or by reference", + "description": "A cast shall not remove any const or volatile qualification from the type accessed via a pointer or by reference.", "kind": "problem", "name": "A cast shall not remove any const or volatile qualification from the type accessed via a pointer or", "precision": "very-high", @@ -131,7 +131,7 @@ }, "queries": [ { - "description": "All if ... else if constructs shall be terminated with an else statement", + "description": "All if ... else if constructs shall be terminated with an else statement.", "kind": "problem", "name": "All if ", "precision": "very-high", @@ -154,7 +154,7 @@ }, "queries": [ { - "description": "", + "description": "Jumping back to an earlier section in the code can lead to accidental iterations.", "kind": "problem", "name": "The goto statement shall jump to a label declared later in the function body", "precision": "very-high", @@ -177,7 +177,7 @@ }, "queries": [ { - "description": "", + "description": "A function with the [[noreturn]] attribute that returns leads to undefined behaviour.", "kind": "problem", "name": "A function declared with the [[noreturn]] attribute shall not return", "precision": "very-high", @@ -199,7 +199,7 @@ }, "queries": [ { - "description": "", + "description": "A function with non-void return type that does not exit via a return statement can result in undefined behaviour. An exception to this rule is exiting via exception handling.", "kind": "problem", "name": "A function with non-void return type shall return a value on all paths", "precision": "very-high", @@ -221,7 +221,7 @@ }, "queries": [ { - "description": "", + "description": "Declarations with more than two levels of pointer nesting can result in code that is difficult to read and understand.", "kind": "problem", "name": "The declaration of an object should contain no more than two levels of pointer indirection", "precision": "very-high", @@ -244,7 +244,7 @@ }, "queries": [ { - "description": "Handlers for a function-try-block of a constructor or destructor shall not refer to non-static members from their class or its bases", + "description": "Handlers for a function-try-block of a constructor or destructor shall not refer to non-static members from their class or its bases.", "kind": "problem", "name": "Handlers for a function-try-block of a constructor or destructor shall not refer to non-static", "precision": "very-high", @@ -266,7 +266,7 @@ }, "queries": [ { - "description": "", + "description": "Using anything other than other pre-processor directives or comments before an '#include' directive makes the code more difficult to read.", "kind": "problem", "name": "#include directives should only be preceded by preprocessor directives or comments", "precision": "very-high", @@ -288,7 +288,7 @@ }, "queries": [ { - "description": "All identifiers used in the controlling expression of #if or #elif preprocessing directives shall be defined prior to evaluation", + "description": "All identifiers used in the controlling expression of #if or #elif preprocessing directives shall be defined prior to evaluation.", "kind": "problem", "name": "All identifiers used in the controlling expression of #if or #elif preprocessing directives shall be", "precision": "very-high", @@ -311,7 +311,7 @@ }, "queries": [ { - "description": "The ' or \" or \\ characters and the /* or // character sequences shall not occur in a header file name", + "description": "The ' or \" or \\ characters and the /* or // character sequences shall not occur in a header file name.", "kind": "problem", "name": "The ' or \" or \\ characters and the /* or // character sequences shall not occur in a header file", "precision": "very-high", @@ -337,7 +337,7 @@ }, "queries": [ { - "description": "", + "description": "The order of evaluation for the '#' and '##' operators may differ between compilers, which can cause unexpected behaviour.", "kind": "problem", "name": "The # and ## preprocessor operators should not be used", "precision": "very-high", @@ -359,7 +359,7 @@ }, "queries": [ { - "description": "", + "description": "Arguments to a function-like macro shall not contain tokens that look like pre-processing directives or else behaviour after macro expansion is unpredictable.", "kind": "problem", "name": "Tokens that look like a preprocessing directive shall not occur within a macro argument", "precision": "very-high", @@ -382,7 +382,7 @@ }, "queries": [ { - "description": "", + "description": "Do not delete pointers to incomplete classes to prevent undefined behavior.", "kind": "problem", "name": "A pointer to an incomplete class type shall not be deleted", "precision": "very-high", @@ -404,7 +404,7 @@ }, "queries": [ { - "description": "The pointers returned by the C++ Standard Library functions localeconv, getenv, setlocale or strerror must only be used as if they have pointer to const-qualified type", + "description": "The pointers returned by the C++ Standard Library functions localeconv, getenv, setlocale or strerror must only be used as if they have pointer to const-qualified type.", "kind": "problem", "name": "The pointers returned by environment functions should be treated as const", "precision": "very-high", @@ -461,7 +461,7 @@ }, "queries": [ { - "description": "", + "description": "Moved-from object shall not be read-accessed.", "kind": "problem", "name": "An object shall not be used while in a potentially moved-from state", "precision": "very-high", @@ -483,7 +483,7 @@ }, "queries": [ { - "description": "", + "description": "Alternate input and output operations on a file stream shall not be used without an intervening flush or positioning call.", "kind": "problem", "name": "Reads and writes on the same file stream shall be separated by a positioning operation", "precision": "very-high", From 04d585e1524c36ec29a97f4cb42e953db36031e2 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 16 May 2024 17:55:43 +0200 Subject: [PATCH 1809/2573] Fix description in queries --- .../cpp/exclusions/cpp/ImportMisra23.qll | 1098 ++--------------- .../SectionsOfCodeShouldNotBeCommentedOut.ql | 5 +- .../DeclarationOfAnObjectIndirectionsLevel.ql | 3 +- ...rsReferToNonStaticMembersFromTheirClass.ql | 2 +- ...ectivesPrecededByPreprocessorDirectives.ql | 3 +- ...tifiersUsedInTheControllingExpressionOf.ql | 2 +- ...CharsThatShouldNotOccurInHeaderFileName.ql | 2 +- ...AndPreprocessorOperatorsShouldNotBeUsed.ql | 3 +- ...sThatLookLikeDirectivesInAMacroArgument.ql | 3 +- .../PointerToAnIncompleteClassTypeDeleted.ql | 2 +- ...urnedByLocaleFunctionsMustBeUsedAsConst.ql | 4 +- ...ectUsedWhileInPotentiallyMovedFromState.ql | 2 +- ...WritesOnStreamNotSeparatedByPositioning.ql | 3 +- .../RULE-6-2-1/OneDefinitionRuleViolated.ql | 3 +- ...ableDeclaredInInnerScopeHidesOuterScope.ql | 4 +- ...esConstOrVolatileFromPointerOrReference.ql | 2 +- .../rules/RULE-9-4-1/IfElseIfEndCondition.ql | 2 +- ...llJumpToLabelDeclaredLaterInTheFunction.ql | 2 +- ...nDeclaredWithTheNoreturnAttributeReturn.ql | 3 +- ...VoidFunctionShallReturnAValueOnAllPaths.ql | 4 +- 20 files changed, 123 insertions(+), 1029 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/ImportMisra23.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/ImportMisra23.qll index b8fef48f1f..86b4b9c5ae 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/ImportMisra23.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/ImportMisra23.qll @@ -4,94 +4,31 @@ import RuleMetadata import codingstandards.cpp.exclusions.RuleMetadata newtype ImportMisra23Query = - TUserCopyAndMoveAssignmentShallHandleSelfAssignmentQuery() or TSectionsOfCodeShouldNotBeCommentedOutQuery() or - TDeclarationShouldNotDeclareMoreThanOneVariableQuery() or - TEnumerationNotDefinedWithAnExplicitUnderlyingTypeQuery() or - TAsmDeclarationShallNotBeUsedQuery() or + TOneDefinitionRuleViolatedQuery() or + TVariableDeclaredInInnerScopeHidesOuterScopeQuery() or + TObjectAccessedBeforeLifetimeMisraQuery() or + TObjectAccessedAfterLifetimeMisraQuery() or + TCastRemovesConstOrVolatileFromPointerOrReferenceQuery() or + TIfElseIfEndConditionQuery() or + TGotoShallJumpToLabelDeclaredLaterInTheFunctionQuery() or + TFunctionDeclaredWithTheNoreturnAttributeReturnQuery() or + TNonVoidFunctionShallReturnAValueOnAllPathsQuery() or TDeclarationOfAnObjectIndirectionsLevelQuery() or - TValueOfAnEnumerationConstantNotUniqueQuery() or - TBitFieldShallHaveAnAppropriateTypeQuery() or - TSignedIntegerBitFieldHaveALengthOfOneBitQuery() or - TVirtualAndNonVirtualBaseClassInHierarchyQuery() or - TDifferentDefaultArgsInOverridingVirtualFunctionQuery() or - TDeclarationsOrOverridesParamsAreUnnamedOrIdenticalQuery() or - TComparisonOfVirtualPointerOnlyBeWithNullptrQuery() or - TDynamicTypeUsedWithinConstructorOrDestructorQuery() or - TConstructorsShouldInitializeAllBaseClassesQuery() or - TInitializerListConstructorIsTheOnlyConstructorQuery() or - TAddressOfOperatorOverloadedQuery() or - TFunctionTemplatesExplicitlySpecializedQuery() or - TExceptionObjectHavePointerTypeQuery() or - TEmptyThrowShallOnlyOccurWithinACatchHandlerQuery() or THandlersReferToNonStaticMembersFromTheirClassQuery() or - TNoexceptFunctionShouldNotPropagateAnExceptionQuery() or - TFunctionLikeMacrosDefinedQuery() or TIncludeDirectivesPrecededByPreprocessorDirectivesQuery() or TIdentifiersUsedInTheControllingExpressionOfQuery() or TCharsThatShouldNotOccurInHeaderFileNameQuery() or TAndPreprocessorOperatorsShouldNotBeUsedQuery() or - TMacroParameterFollowingAHashOperatorQuery() or - TArgumentToAMixedUseMacroShoulNotNeedExpansionQuery() or TTokensThatLookLikeDirectivesInAMacroArgumentQuery() or - TFacilitiesProvidedByCsignalUsedQuery() or - TAtofAtoiAtolAndAtollFromCstdlibUsedQuery() or - TMacroOffsetShouldNotBeUsedQuery() or - TDefineBothSizedAndUnsizedVersionOfAGlobalOperatorQuery() or TPointerToAnIncompleteClassTypeDeletedQuery() or TPointersReturnedByLocaleFunctionsMustBeUsedAsConstQuery() or TCallToSetlocaleInvalidatesOldPointersMisraQuery() or TCallToSetlocaleInvalidatesOldPointersWarnMisraQuery() or - TVectorShouldNotBeSpecializedWithBoolQuery() or - TForwardingReferencesAndForwardNotUsedTogetherQuery() or TObjectUsedWhileInPotentiallyMovedFromStateQuery() or - TCLibraryInputoutputFunctionsUsedQuery() or - TReadsAndWritesOnStreamNotSeparatedByPositioningQuery() or - TOperationsOnMemoryNotSequencedAppropriatelyQuery() or - TCharacterOnlyInEscapeSequenceOrUniversalCharNameQuery() or - TEscapeSequencesAndUniversalCharNamesNotTerminatedQuery() or - TOctalConstantsUsedQuery() or - TUnsignedIntegerLiteralsNotAppropriatelySuffixedQuery() or - TLowercaseLUsedAsFirstCharacterInLiteralSuffixQuery() or - TCharacterSequenceUsedWithinACStyleCommentQuery() or - TLineSplicingUsedInCommentsQuery() or - TGlobalDeclarationsOnlyMainNamespaceOrExternCQuery() or - TMainUsedOnlyForTheGlobalFunctionMainQuery() or - TOneDefinitionRuleViolatedQuery() or - TVariableDeclaredInInnerScopeHidesOuterScopeQuery() or - TDerivedClasseConcealFunctionInheritedFromTheBaseQuery() or - TNameInDependentBaseResolvedByUnqualifiedLookupQuery() or - TObjectAccessedBeforeLifetimeMisraQuery() or - TObjectAccessedAfterLifetimeMisraQuery() or - TMustNotReturnReferenceToLocalAutomaticVariableQuery() or - TNullptrNotTheOnlyFormOfTheNullPointerConstantQuery() or - TArrayPassedAsFunctionArgumentDecayToAPointerQuery() or - TResultOfAnAssignmentOperatorShouldNotBeUsedQuery() or - TCommaOperatorShouldNotBeUsedQuery() or - TFunctionsCallThemselvesEitherDirectlyOrIndirectlyQuery() or - TCastRemovesConstOrVolatileFromPointerOrReferenceQuery() or - TCastsBetweenAPointerToFunctionAndAnyOtherTypeQuery() or - TReinterpretCastShallNotBeUsedQuery() or - TUnsignedOperationWithConstantOperandsShouldNotWrapQuery() or - TBuiltInOperatorAppliedToUnsignedExpressionQuery() or - TBodyOfIterationOrSelectionStatementNotCompoundQuery() or - TIfElseIfEndConditionQuery() or - TGotoStatementShouldNotBeUsedQuery() or - TGotoShallReferenceALabelInSurroundingBlockQuery() or - TGotoShallJumpToLabelDeclaredLaterInTheFunctionQuery() or - TFunctionDeclaredWithTheNoreturnAttributeReturnQuery() or - TNonVoidFunctionShallReturnAValueOnAllPathsQuery() + TReadsAndWritesOnStreamNotSeparatedByPositioningQuery() predicate isImportMisra23QueryMetadata(Query query, string queryId, string ruleId, string category) { - query = - // `Query` instance for the `userCopyAndMoveAssignmentShallHandleSelfAssignment` query - ImportMisra23Package::userCopyAndMoveAssignmentShallHandleSelfAssignmentQuery() and - queryId = - // `@id` for the `userCopyAndMoveAssignmentShallHandleSelfAssignment` query - "cpp/misra/user-copy-and-move-assignment-shall-handle-self-assignment" and - ruleId = "DIR-15-8-1" and - category = "required" - or query = // `Query` instance for the `sectionsOfCodeShouldNotBeCommentedOut` query ImportMisra23Package::sectionsOfCodeShouldNotBeCommentedOutQuery() and @@ -102,167 +39,95 @@ predicate isImportMisra23QueryMetadata(Query query, string queryId, string ruleI category = "advisory" or query = - // `Query` instance for the `declarationShouldNotDeclareMoreThanOneVariable` query - ImportMisra23Package::declarationShouldNotDeclareMoreThanOneVariableQuery() and - queryId = - // `@id` for the `declarationShouldNotDeclareMoreThanOneVariable` query - "cpp/misra/declaration-should-not-declare-more-than-one-variable" and - ruleId = "RULE-10-0-1" and - category = "advisory" - or - query = - // `Query` instance for the `enumerationNotDefinedWithAnExplicitUnderlyingType` query - ImportMisra23Package::enumerationNotDefinedWithAnExplicitUnderlyingTypeQuery() and - queryId = - // `@id` for the `enumerationNotDefinedWithAnExplicitUnderlyingType` query - "cpp/misra/enumeration-not-defined-with-an-explicit-underlying-type" and - ruleId = "RULE-10-2-1" and - category = "required" - or - query = - // `Query` instance for the `asmDeclarationShallNotBeUsed` query - ImportMisra23Package::asmDeclarationShallNotBeUsedQuery() and + // `Query` instance for the `oneDefinitionRuleViolated` query + ImportMisra23Package::oneDefinitionRuleViolatedQuery() and queryId = - // `@id` for the `asmDeclarationShallNotBeUsed` query - "cpp/misra/asm-declaration-shall-not-be-used" and - ruleId = "RULE-10-4-1" and + // `@id` for the `oneDefinitionRuleViolated` query + "cpp/misra/one-definition-rule-violated" and + ruleId = "RULE-6-2-1" and category = "required" or query = - // `Query` instance for the `declarationOfAnObjectIndirectionsLevel` query - ImportMisra23Package::declarationOfAnObjectIndirectionsLevelQuery() and - queryId = - // `@id` for the `declarationOfAnObjectIndirectionsLevel` query - "cpp/misra/declaration-of-an-object-indirections-level" and - ruleId = "RULE-11-3-2" and - category = "advisory" - or - query = - // `Query` instance for the `valueOfAnEnumerationConstantNotUnique` query - ImportMisra23Package::valueOfAnEnumerationConstantNotUniqueQuery() and + // `Query` instance for the `variableDeclaredInInnerScopeHidesOuterScope` query + ImportMisra23Package::variableDeclaredInInnerScopeHidesOuterScopeQuery() and queryId = - // `@id` for the `valueOfAnEnumerationConstantNotUnique` query - "cpp/misra/value-of-an-enumeration-constant-not-unique" and - ruleId = "RULE-11-6-3" and + // `@id` for the `variableDeclaredInInnerScopeHidesOuterScope` query + "cpp/misra/variable-declared-in-inner-scope-hides-outer-scope" and + ruleId = "RULE-6-4-1" and category = "required" or query = - // `Query` instance for the `bitFieldShallHaveAnAppropriateType` query - ImportMisra23Package::bitFieldShallHaveAnAppropriateTypeQuery() and + // `Query` instance for the `objectAccessedBeforeLifetimeMisra` query + ImportMisra23Package::objectAccessedBeforeLifetimeMisraQuery() and queryId = - // `@id` for the `bitFieldShallHaveAnAppropriateType` query - "cpp/misra/bit-field-shall-have-an-appropriate-type" and - ruleId = "RULE-12-2-2" and + // `@id` for the `objectAccessedBeforeLifetimeMisra` query + "cpp/misra/object-accessed-before-lifetime-misra" and + ruleId = "RULE-6-8-1" and category = "required" or query = - // `Query` instance for the `signedIntegerBitFieldHaveALengthOfOneBit` query - ImportMisra23Package::signedIntegerBitFieldHaveALengthOfOneBitQuery() and + // `Query` instance for the `objectAccessedAfterLifetimeMisra` query + ImportMisra23Package::objectAccessedAfterLifetimeMisraQuery() and queryId = - // `@id` for the `signedIntegerBitFieldHaveALengthOfOneBit` query - "cpp/misra/signed-integer-bit-field-have-a-length-of-one-bit" and - ruleId = "RULE-12-2-3" and + // `@id` for the `objectAccessedAfterLifetimeMisra` query + "cpp/misra/object-accessed-after-lifetime-misra" and + ruleId = "RULE-6-8-1" and category = "required" or query = - // `Query` instance for the `virtualAndNonVirtualBaseClassInHierarchy` query - ImportMisra23Package::virtualAndNonVirtualBaseClassInHierarchyQuery() and + // `Query` instance for the `castRemovesConstOrVolatileFromPointerOrReference` query + ImportMisra23Package::castRemovesConstOrVolatileFromPointerOrReferenceQuery() and queryId = - // `@id` for the `virtualAndNonVirtualBaseClassInHierarchy` query - "cpp/misra/virtual-and-non-virtual-base-class-in-hierarchy" and - ruleId = "RULE-13-1-2" and + // `@id` for the `castRemovesConstOrVolatileFromPointerOrReference` query + "cpp/misra/cast-removes-const-or-volatile-from-pointer-or-reference" and + ruleId = "RULE-8-2-3" and category = "required" or query = - // `Query` instance for the `differentDefaultArgsInOverridingVirtualFunction` query - ImportMisra23Package::differentDefaultArgsInOverridingVirtualFunctionQuery() and + // `Query` instance for the `ifElseIfEndCondition` query + ImportMisra23Package::ifElseIfEndConditionQuery() and queryId = - // `@id` for the `differentDefaultArgsInOverridingVirtualFunction` query - "cpp/misra/different-default-args-in-overriding-virtual-function" and - ruleId = "RULE-13-3-2" and + // `@id` for the `ifElseIfEndCondition` query + "cpp/misra/if-else-if-end-condition" and + ruleId = "RULE-9-4-1" and category = "required" or query = - // `Query` instance for the `declarationsOrOverridesParamsAreUnnamedOrIdentical` query - ImportMisra23Package::declarationsOrOverridesParamsAreUnnamedOrIdenticalQuery() and + // `Query` instance for the `gotoShallJumpToLabelDeclaredLaterInTheFunction` query + ImportMisra23Package::gotoShallJumpToLabelDeclaredLaterInTheFunctionQuery() and queryId = - // `@id` for the `declarationsOrOverridesParamsAreUnnamedOrIdentical` query - "cpp/misra/declarations-or-overrides-params-are-unnamed-or-identical" and - ruleId = "RULE-13-3-3" and + // `@id` for the `gotoShallJumpToLabelDeclaredLaterInTheFunction` query + "cpp/misra/goto-shall-jump-to-label-declared-later-in-the-function" and + ruleId = "RULE-9-6-3" and category = "required" or query = - // `Query` instance for the `comparisonOfVirtualPointerOnlyBeWithNullptr` query - ImportMisra23Package::comparisonOfVirtualPointerOnlyBeWithNullptrQuery() and + // `Query` instance for the `functionDeclaredWithTheNoreturnAttributeReturn` query + ImportMisra23Package::functionDeclaredWithTheNoreturnAttributeReturnQuery() and queryId = - // `@id` for the `comparisonOfVirtualPointerOnlyBeWithNullptr` query - "cpp/misra/comparison-of-virtual-pointer-only-be-with-nullptr" and - ruleId = "RULE-13-3-4" and + // `@id` for the `functionDeclaredWithTheNoreturnAttributeReturn` query + "cpp/misra/function-declared-with-the-noreturn-attribute-return" and + ruleId = "RULE-9-6-4" and category = "required" or query = - // `Query` instance for the `dynamicTypeUsedWithinConstructorOrDestructor` query - ImportMisra23Package::dynamicTypeUsedWithinConstructorOrDestructorQuery() and + // `Query` instance for the `nonVoidFunctionShallReturnAValueOnAllPaths` query + ImportMisra23Package::nonVoidFunctionShallReturnAValueOnAllPathsQuery() and queryId = - // `@id` for the `dynamicTypeUsedWithinConstructorOrDestructor` query - "cpp/misra/dynamic-type-used-within-constructor-or-destructor" and - ruleId = "RULE-15-1-1" and + // `@id` for the `nonVoidFunctionShallReturnAValueOnAllPaths` query + "cpp/misra/non-void-function-shall-return-a-value-on-all-paths" and + ruleId = "RULE-9-6-5" and category = "required" or query = - // `Query` instance for the `constructorsShouldInitializeAllBaseClasses` query - ImportMisra23Package::constructorsShouldInitializeAllBaseClassesQuery() and + // `Query` instance for the `declarationOfAnObjectIndirectionsLevel` query + ImportMisra23Package::declarationOfAnObjectIndirectionsLevelQuery() and queryId = - // `@id` for the `constructorsShouldInitializeAllBaseClasses` query - "cpp/misra/constructors-should-initialize-all-base-classes" and - ruleId = "RULE-15-1-2" and + // `@id` for the `declarationOfAnObjectIndirectionsLevel` query + "cpp/misra/declaration-of-an-object-indirections-level" and + ruleId = "RULE-11-3-2" and category = "advisory" or - query = - // `Query` instance for the `initializerListConstructorIsTheOnlyConstructor` query - ImportMisra23Package::initializerListConstructorIsTheOnlyConstructorQuery() and - queryId = - // `@id` for the `initializerListConstructorIsTheOnlyConstructor` query - "cpp/misra/initializer-list-constructor-is-the-only-constructor" and - ruleId = "RULE-15-1-5" and - category = "required" - or - query = - // `Query` instance for the `addressOfOperatorOverloaded` query - ImportMisra23Package::addressOfOperatorOverloadedQuery() and - queryId = - // `@id` for the `addressOfOperatorOverloaded` query - "cpp/misra/address-of-operator-overloaded" and - ruleId = "RULE-16-5-2" and - category = "required" - or - query = - // `Query` instance for the `functionTemplatesExplicitlySpecialized` query - ImportMisra23Package::functionTemplatesExplicitlySpecializedQuery() and - queryId = - // `@id` for the `functionTemplatesExplicitlySpecialized` query - "cpp/misra/function-templates-explicitly-specialized" and - ruleId = "RULE-17-8-1" and - category = "required" - or - query = - // `Query` instance for the `exceptionObjectHavePointerType` query - ImportMisra23Package::exceptionObjectHavePointerTypeQuery() and - queryId = - // `@id` for the `exceptionObjectHavePointerType` query - "cpp/misra/exception-object-have-pointer-type" and - ruleId = "RULE-18-1-1" and - category = "required" - or - query = - // `Query` instance for the `emptyThrowShallOnlyOccurWithinACatchHandler` query - ImportMisra23Package::emptyThrowShallOnlyOccurWithinACatchHandlerQuery() and - queryId = - // `@id` for the `emptyThrowShallOnlyOccurWithinACatchHandler` query - "cpp/misra/empty-throw-shall-only-occur-within-a-catch-handler" and - ruleId = "RULE-18-1-2" and - category = "required" - or query = // `Query` instance for the `handlersReferToNonStaticMembersFromTheirClass` query ImportMisra23Package::handlersReferToNonStaticMembersFromTheirClassQuery() and @@ -272,24 +137,6 @@ predicate isImportMisra23QueryMetadata(Query query, string queryId, string ruleI ruleId = "RULE-18-3-3" and category = "required" or - query = - // `Query` instance for the `noexceptFunctionShouldNotPropagateAnException` query - ImportMisra23Package::noexceptFunctionShouldNotPropagateAnExceptionQuery() and - queryId = - // `@id` for the `noexceptFunctionShouldNotPropagateAnException` query - "cpp/misra/noexcept-function-should-not-propagate-an-exception" and - ruleId = "RULE-18-5-1" and - category = "advisory" - or - query = - // `Query` instance for the `functionLikeMacrosDefined` query - ImportMisra23Package::functionLikeMacrosDefinedQuery() and - queryId = - // `@id` for the `functionLikeMacrosDefined` query - "cpp/misra/function-like-macros-defined" and - ruleId = "RULE-19-0-2" and - category = "required" - or query = // `Query` instance for the `includeDirectivesPrecededByPreprocessorDirectives` query ImportMisra23Package::includeDirectivesPrecededByPreprocessorDirectivesQuery() and @@ -326,24 +173,6 @@ predicate isImportMisra23QueryMetadata(Query query, string queryId, string ruleI ruleId = "RULE-19-3-1" and category = "advisory" or - query = - // `Query` instance for the `macroParameterFollowingAHashOperator` query - ImportMisra23Package::macroParameterFollowingAHashOperatorQuery() and - queryId = - // `@id` for the `macroParameterFollowingAHashOperator` query - "cpp/misra/macro-parameter-following-a-hash-operator" and - ruleId = "RULE-19-3-2" and - category = "required" - or - query = - // `Query` instance for the `argumentToAMixedUseMacroShoulNotNeedExpansion` query - ImportMisra23Package::argumentToAMixedUseMacroShoulNotNeedExpansionQuery() and - queryId = - // `@id` for the `argumentToAMixedUseMacroShoulNotNeedExpansion` query - "cpp/misra/argument-to-a-mixed-use-macro-shoul-not-need-expansion" and - ruleId = "RULE-19-3-3" and - category = "required" - or query = // `Query` instance for the `tokensThatLookLikeDirectivesInAMacroArgument` query ImportMisra23Package::tokensThatLookLikeDirectivesInAMacroArgumentQuery() and @@ -353,42 +182,6 @@ predicate isImportMisra23QueryMetadata(Query query, string queryId, string ruleI ruleId = "RULE-19-3-5" and category = "required" or - query = - // `Query` instance for the `facilitiesProvidedByCsignalUsed` query - ImportMisra23Package::facilitiesProvidedByCsignalUsedQuery() and - queryId = - // `@id` for the `facilitiesProvidedByCsignalUsed` query - "cpp/misra/facilities-provided-by-csignal-used" and - ruleId = "RULE-21-10-3" and - category = "required" - or - query = - // `Query` instance for the `atofAtoiAtolAndAtollFromCstdlibUsed` query - ImportMisra23Package::atofAtoiAtolAndAtollFromCstdlibUsedQuery() and - queryId = - // `@id` for the `atofAtoiAtolAndAtollFromCstdlibUsed` query - "cpp/misra/atof-atoi-atol-and-atoll-from-cstdlib-used" and - ruleId = "RULE-21-2-1" and - category = "required" - or - query = - // `Query` instance for the `macroOffsetShouldNotBeUsed` query - ImportMisra23Package::macroOffsetShouldNotBeUsedQuery() and - queryId = - // `@id` for the `macroOffsetShouldNotBeUsed` query - "cpp/misra/macro-offset-should-not-be-used" and - ruleId = "RULE-21-2-4" and - category = "required" - or - query = - // `Query` instance for the `defineBothSizedAndUnsizedVersionOfAGlobalOperator` query - ImportMisra23Package::defineBothSizedAndUnsizedVersionOfAGlobalOperatorQuery() and - queryId = - // `@id` for the `defineBothSizedAndUnsizedVersionOfAGlobalOperator` query - "cpp/misra/define-both-sized-and-unsized-version-of-a-global-operator" and - ruleId = "RULE-21-6-4" and - category = "required" - or query = // `Query` instance for the `pointerToAnIncompleteClassTypeDeleted` query ImportMisra23Package::pointerToAnIncompleteClassTypeDeletedQuery() and @@ -425,24 +218,6 @@ predicate isImportMisra23QueryMetadata(Query query, string queryId, string ruleI ruleId = "RULE-25-5-3" and category = "mandatory" or - query = - // `Query` instance for the `vectorShouldNotBeSpecializedWithBool` query - ImportMisra23Package::vectorShouldNotBeSpecializedWithBoolQuery() and - queryId = - // `@id` for the `vectorShouldNotBeSpecializedWithBool` query - "cpp/misra/vector-should-not-be-specialized-with-bool" and - ruleId = "RULE-26-3-1" and - category = "advisory" - or - query = - // `Query` instance for the `forwardingReferencesAndForwardNotUsedTogether` query - ImportMisra23Package::forwardingReferencesAndForwardNotUsedTogetherQuery() and - queryId = - // `@id` for the `forwardingReferencesAndForwardNotUsedTogether` query - "cpp/misra/forwarding-references-and-forward-not-used-together" and - ruleId = "RULE-28-6-2" and - category = "required" - or query = // `Query` instance for the `objectUsedWhileInPotentiallyMovedFromState` query ImportMisra23Package::objectUsedWhileInPotentiallyMovedFromStateQuery() and @@ -452,15 +227,6 @@ predicate isImportMisra23QueryMetadata(Query query, string queryId, string ruleI ruleId = "RULE-28-6-3" and category = "required" or - query = - // `Query` instance for the `cLibraryInputoutputFunctionsUsed` query - ImportMisra23Package::cLibraryInputoutputFunctionsUsedQuery() and - queryId = - // `@id` for the `cLibraryInputoutputFunctionsUsed` query - "cpp/misra/c-library-inputoutput-functions-used" and - ruleId = "RULE-30-0-1" and - category = "required" - or query = // `Query` instance for the `readsAndWritesOnStreamNotSeparatedByPositioning` query ImportMisra23Package::readsAndWritesOnStreamNotSeparatedByPositioningQuery() and @@ -469,322 +235,9 @@ predicate isImportMisra23QueryMetadata(Query query, string queryId, string ruleI "cpp/misra/reads-and-writes-on-stream-not-separated-by-positioning" and ruleId = "RULE-30-0-2" and category = "required" - or - query = - // `Query` instance for the `operationsOnMemoryNotSequencedAppropriately` query - ImportMisra23Package::operationsOnMemoryNotSequencedAppropriatelyQuery() and - queryId = - // `@id` for the `operationsOnMemoryNotSequencedAppropriately` query - "cpp/misra/operations-on-memory-not-sequenced-appropriately" and - ruleId = "RULE-4-6-1" and - category = "required" - or - query = - // `Query` instance for the `characterOnlyInEscapeSequenceOrUniversalCharName` query - ImportMisra23Package::characterOnlyInEscapeSequenceOrUniversalCharNameQuery() and - queryId = - // `@id` for the `characterOnlyInEscapeSequenceOrUniversalCharName` query - "cpp/misra/character-only-in-escape-sequence-or-universal-char-name" and - ruleId = "RULE-5-13-1" and - category = "required" - or - query = - // `Query` instance for the `escapeSequencesAndUniversalCharNamesNotTerminated` query - ImportMisra23Package::escapeSequencesAndUniversalCharNamesNotTerminatedQuery() and - queryId = - // `@id` for the `escapeSequencesAndUniversalCharNamesNotTerminated` query - "cpp/misra/escape-sequences-and-universal-char-names-not-terminated" and - ruleId = "RULE-5-13-2" and - category = "required" - or - query = - // `Query` instance for the `octalConstantsUsed` query - ImportMisra23Package::octalConstantsUsedQuery() and - queryId = - // `@id` for the `octalConstantsUsed` query - "cpp/misra/octal-constants-used" and - ruleId = "RULE-5-13-3" and - category = "required" - or - query = - // `Query` instance for the `unsignedIntegerLiteralsNotAppropriatelySuffixed` query - ImportMisra23Package::unsignedIntegerLiteralsNotAppropriatelySuffixedQuery() and - queryId = - // `@id` for the `unsignedIntegerLiteralsNotAppropriatelySuffixed` query - "cpp/misra/unsigned-integer-literals-not-appropriately-suffixed" and - ruleId = "RULE-5-13-4" and - category = "required" - or - query = - // `Query` instance for the `lowercaseLUsedAsFirstCharacterInLiteralSuffix` query - ImportMisra23Package::lowercaseLUsedAsFirstCharacterInLiteralSuffixQuery() and - queryId = - // `@id` for the `lowercaseLUsedAsFirstCharacterInLiteralSuffix` query - "cpp/misra/lowercase-l-used-as-first-character-in-literal-suffix" and - ruleId = "RULE-5-13-5" and - category = "required" - or - query = - // `Query` instance for the `characterSequenceUsedWithinACStyleComment` query - ImportMisra23Package::characterSequenceUsedWithinACStyleCommentQuery() and - queryId = - // `@id` for the `characterSequenceUsedWithinACStyleComment` query - "cpp/misra/character-sequence-used-within-ac-style-comment" and - ruleId = "RULE-5-7-1" and - category = "required" - or - query = - // `Query` instance for the `lineSplicingUsedInComments` query - ImportMisra23Package::lineSplicingUsedInCommentsQuery() and - queryId = - // `@id` for the `lineSplicingUsedInComments` query - "cpp/misra/line-splicing-used-in-comments" and - ruleId = "RULE-5-7-3" and - category = "required" - or - query = - // `Query` instance for the `globalDeclarationsOnlyMainNamespaceOrExternC` query - ImportMisra23Package::globalDeclarationsOnlyMainNamespaceOrExternCQuery() and - queryId = - // `@id` for the `globalDeclarationsOnlyMainNamespaceOrExternC` query - "cpp/misra/global-declarations-only-main-namespace-or-extern-c" and - ruleId = "RULE-6-0-3" and - category = "advisory" - or - query = - // `Query` instance for the `mainUsedOnlyForTheGlobalFunctionMain` query - ImportMisra23Package::mainUsedOnlyForTheGlobalFunctionMainQuery() and - queryId = - // `@id` for the `mainUsedOnlyForTheGlobalFunctionMain` query - "cpp/misra/main-used-only-for-the-global-function-main" and - ruleId = "RULE-6-0-4" and - category = "required" - or - query = - // `Query` instance for the `oneDefinitionRuleViolated` query - ImportMisra23Package::oneDefinitionRuleViolatedQuery() and - queryId = - // `@id` for the `oneDefinitionRuleViolated` query - "cpp/misra/one-definition-rule-violated" and - ruleId = "RULE-6-2-1" and - category = "required" - or - query = - // `Query` instance for the `variableDeclaredInInnerScopeHidesOuterScope` query - ImportMisra23Package::variableDeclaredInInnerScopeHidesOuterScopeQuery() and - queryId = - // `@id` for the `variableDeclaredInInnerScopeHidesOuterScope` query - "cpp/misra/variable-declared-in-inner-scope-hides-outer-scope" and - ruleId = "RULE-6-4-1" and - category = "required" - or - query = - // `Query` instance for the `derivedClasseConcealFunctionInheritedFromTheBase` query - ImportMisra23Package::derivedClasseConcealFunctionInheritedFromTheBaseQuery() and - queryId = - // `@id` for the `derivedClasseConcealFunctionInheritedFromTheBase` query - "cpp/misra/derived-classe-conceal-function-inherited-from-the-base" and - ruleId = "RULE-6-4-2" and - category = "required" - or - query = - // `Query` instance for the `nameInDependentBaseResolvedByUnqualifiedLookup` query - ImportMisra23Package::nameInDependentBaseResolvedByUnqualifiedLookupQuery() and - queryId = - // `@id` for the `nameInDependentBaseResolvedByUnqualifiedLookup` query - "cpp/misra/name-in-dependent-base-resolved-by-unqualified-lookup" and - ruleId = "RULE-6-4-3" and - category = "required" - or - query = - // `Query` instance for the `objectAccessedBeforeLifetimeMisra` query - ImportMisra23Package::objectAccessedBeforeLifetimeMisraQuery() and - queryId = - // `@id` for the `objectAccessedBeforeLifetimeMisra` query - "cpp/misra/object-accessed-before-lifetime-misra" and - ruleId = "RULE-6-8-1" and - category = "required" - or - query = - // `Query` instance for the `objectAccessedAfterLifetimeMisra` query - ImportMisra23Package::objectAccessedAfterLifetimeMisraQuery() and - queryId = - // `@id` for the `objectAccessedAfterLifetimeMisra` query - "cpp/misra/object-accessed-after-lifetime-misra" and - ruleId = "RULE-6-8-1" and - category = "required" - or - query = - // `Query` instance for the `mustNotReturnReferenceToLocalAutomaticVariable` query - ImportMisra23Package::mustNotReturnReferenceToLocalAutomaticVariableQuery() and - queryId = - // `@id` for the `mustNotReturnReferenceToLocalAutomaticVariable` query - "cpp/misra/must-not-return-reference-to-local-automatic-variable" and - ruleId = "RULE-6-8-2" and - category = "mandatory" - or - query = - // `Query` instance for the `nullptrNotTheOnlyFormOfTheNullPointerConstant` query - ImportMisra23Package::nullptrNotTheOnlyFormOfTheNullPointerConstantQuery() and - queryId = - // `@id` for the `nullptrNotTheOnlyFormOfTheNullPointerConstant` query - "cpp/misra/nullptr-not-the-only-form-of-the-null-pointer-constant" and - ruleId = "RULE-7-11-1" and - category = "required" - or - query = - // `Query` instance for the `arrayPassedAsFunctionArgumentDecayToAPointer` query - ImportMisra23Package::arrayPassedAsFunctionArgumentDecayToAPointerQuery() and - queryId = - // `@id` for the `arrayPassedAsFunctionArgumentDecayToAPointer` query - "cpp/misra/array-passed-as-function-argument-decay-to-a-pointer" and - ruleId = "RULE-7-11-2" and - category = "required" - or - query = - // `Query` instance for the `resultOfAnAssignmentOperatorShouldNotBeUsed` query - ImportMisra23Package::resultOfAnAssignmentOperatorShouldNotBeUsedQuery() and - queryId = - // `@id` for the `resultOfAnAssignmentOperatorShouldNotBeUsed` query - "cpp/misra/result-of-an-assignment-operator-should-not-be-used" and - ruleId = "RULE-8-18-2" and - category = "advisory" - or - query = - // `Query` instance for the `commaOperatorShouldNotBeUsed` query - ImportMisra23Package::commaOperatorShouldNotBeUsedQuery() and - queryId = - // `@id` for the `commaOperatorShouldNotBeUsed` query - "cpp/misra/comma-operator-should-not-be-used" and - ruleId = "RULE-8-19-1" and - category = "advisory" - or - query = - // `Query` instance for the `functionsCallThemselvesEitherDirectlyOrIndirectly` query - ImportMisra23Package::functionsCallThemselvesEitherDirectlyOrIndirectlyQuery() and - queryId = - // `@id` for the `functionsCallThemselvesEitherDirectlyOrIndirectly` query - "cpp/misra/functions-call-themselves-either-directly-or-indirectly" and - ruleId = "RULE-8-2-10" and - category = "required" - or - query = - // `Query` instance for the `castRemovesConstOrVolatileFromPointerOrReference` query - ImportMisra23Package::castRemovesConstOrVolatileFromPointerOrReferenceQuery() and - queryId = - // `@id` for the `castRemovesConstOrVolatileFromPointerOrReference` query - "cpp/misra/cast-removes-const-or-volatile-from-pointer-or-reference" and - ruleId = "RULE-8-2-3" and - category = "required" - or - query = - // `Query` instance for the `castsBetweenAPointerToFunctionAndAnyOtherType` query - ImportMisra23Package::castsBetweenAPointerToFunctionAndAnyOtherTypeQuery() and - queryId = - // `@id` for the `castsBetweenAPointerToFunctionAndAnyOtherType` query - "cpp/misra/casts-between-a-pointer-to-function-and-any-other-type" and - ruleId = "RULE-8-2-4" and - category = "required" - or - query = - // `Query` instance for the `reinterpretCastShallNotBeUsed` query - ImportMisra23Package::reinterpretCastShallNotBeUsedQuery() and - queryId = - // `@id` for the `reinterpretCastShallNotBeUsed` query - "cpp/misra/reinterpret-cast-shall-not-be-used" and - ruleId = "RULE-8-2-5" and - category = "required" - or - query = - // `Query` instance for the `unsignedOperationWithConstantOperandsShouldNotWrap` query - ImportMisra23Package::unsignedOperationWithConstantOperandsShouldNotWrapQuery() and - queryId = - // `@id` for the `unsignedOperationWithConstantOperandsShouldNotWrap` query - "cpp/misra/unsigned-operation-with-constant-operands-should-not-wrap" and - ruleId = "RULE-8-20-1" and - category = "advisory" - or - query = - // `Query` instance for the `builtInOperatorAppliedToUnsignedExpression` query - ImportMisra23Package::builtInOperatorAppliedToUnsignedExpressionQuery() and - queryId = - // `@id` for the `builtInOperatorAppliedToUnsignedExpression` query - "cpp/misra/built-in-operator-applied-to-unsigned-expression" and - ruleId = "RULE-8-3-1" and - category = "advisory" - or - query = - // `Query` instance for the `bodyOfIterationOrSelectionStatementNotCompound` query - ImportMisra23Package::bodyOfIterationOrSelectionStatementNotCompoundQuery() and - queryId = - // `@id` for the `bodyOfIterationOrSelectionStatementNotCompound` query - "cpp/misra/body-of-iteration-or-selection-statement-not-compound" and - ruleId = "RULE-9-3-1" and - category = "required" - or - query = - // `Query` instance for the `ifElseIfEndCondition` query - ImportMisra23Package::ifElseIfEndConditionQuery() and - queryId = - // `@id` for the `ifElseIfEndCondition` query - "cpp/misra/if-else-if-end-condition" and - ruleId = "RULE-9-4-1" and - category = "required" - or - query = - // `Query` instance for the `gotoStatementShouldNotBeUsed` query - ImportMisra23Package::gotoStatementShouldNotBeUsedQuery() and - queryId = - // `@id` for the `gotoStatementShouldNotBeUsed` query - "cpp/misra/goto-statement-should-not-be-used" and - ruleId = "RULE-9-6-1" and - category = "advisory" - or - query = - // `Query` instance for the `gotoShallReferenceALabelInSurroundingBlock` query - ImportMisra23Package::gotoShallReferenceALabelInSurroundingBlockQuery() and - queryId = - // `@id` for the `gotoShallReferenceALabelInSurroundingBlock` query - "cpp/misra/goto-shall-reference-a-label-in-surrounding-block" and - ruleId = "RULE-9-6-2" and - category = "required" - or - query = - // `Query` instance for the `gotoShallJumpToLabelDeclaredLaterInTheFunction` query - ImportMisra23Package::gotoShallJumpToLabelDeclaredLaterInTheFunctionQuery() and - queryId = - // `@id` for the `gotoShallJumpToLabelDeclaredLaterInTheFunction` query - "cpp/misra/goto-shall-jump-to-label-declared-later-in-the-function" and - ruleId = "RULE-9-6-3" and - category = "required" - or - query = - // `Query` instance for the `functionDeclaredWithTheNoreturnAttributeReturn` query - ImportMisra23Package::functionDeclaredWithTheNoreturnAttributeReturnQuery() and - queryId = - // `@id` for the `functionDeclaredWithTheNoreturnAttributeReturn` query - "cpp/misra/function-declared-with-the-noreturn-attribute-return" and - ruleId = "RULE-9-6-4" and - category = "required" - or - query = - // `Query` instance for the `nonVoidFunctionShallReturnAValueOnAllPaths` query - ImportMisra23Package::nonVoidFunctionShallReturnAValueOnAllPathsQuery() and - queryId = - // `@id` for the `nonVoidFunctionShallReturnAValueOnAllPaths` query - "cpp/misra/non-void-function-shall-return-a-value-on-all-paths" and - ruleId = "RULE-9-6-5" and - category = "required" } module ImportMisra23Package { - Query userCopyAndMoveAssignmentShallHandleSelfAssignmentQuery() { - //autogenerate `Query` type - result = - // `Query` type for `userCopyAndMoveAssignmentShallHandleSelfAssignment` query - TQueryCPP(TImportMisra23PackageQuery(TUserCopyAndMoveAssignmentShallHandleSelfAssignmentQuery())) - } - Query sectionsOfCodeShouldNotBeCommentedOutQuery() { //autogenerate `Query` type result = @@ -792,130 +245,74 @@ module ImportMisra23Package { TQueryCPP(TImportMisra23PackageQuery(TSectionsOfCodeShouldNotBeCommentedOutQuery())) } - Query declarationShouldNotDeclareMoreThanOneVariableQuery() { - //autogenerate `Query` type - result = - // `Query` type for `declarationShouldNotDeclareMoreThanOneVariable` query - TQueryCPP(TImportMisra23PackageQuery(TDeclarationShouldNotDeclareMoreThanOneVariableQuery())) - } - - Query enumerationNotDefinedWithAnExplicitUnderlyingTypeQuery() { - //autogenerate `Query` type - result = - // `Query` type for `enumerationNotDefinedWithAnExplicitUnderlyingType` query - TQueryCPP(TImportMisra23PackageQuery(TEnumerationNotDefinedWithAnExplicitUnderlyingTypeQuery())) - } - - Query asmDeclarationShallNotBeUsedQuery() { - //autogenerate `Query` type - result = - // `Query` type for `asmDeclarationShallNotBeUsed` query - TQueryCPP(TImportMisra23PackageQuery(TAsmDeclarationShallNotBeUsedQuery())) - } - - Query declarationOfAnObjectIndirectionsLevelQuery() { - //autogenerate `Query` type - result = - // `Query` type for `declarationOfAnObjectIndirectionsLevel` query - TQueryCPP(TImportMisra23PackageQuery(TDeclarationOfAnObjectIndirectionsLevelQuery())) - } - - Query valueOfAnEnumerationConstantNotUniqueQuery() { - //autogenerate `Query` type - result = - // `Query` type for `valueOfAnEnumerationConstantNotUnique` query - TQueryCPP(TImportMisra23PackageQuery(TValueOfAnEnumerationConstantNotUniqueQuery())) - } - - Query bitFieldShallHaveAnAppropriateTypeQuery() { - //autogenerate `Query` type - result = - // `Query` type for `bitFieldShallHaveAnAppropriateType` query - TQueryCPP(TImportMisra23PackageQuery(TBitFieldShallHaveAnAppropriateTypeQuery())) - } - - Query signedIntegerBitFieldHaveALengthOfOneBitQuery() { - //autogenerate `Query` type - result = - // `Query` type for `signedIntegerBitFieldHaveALengthOfOneBit` query - TQueryCPP(TImportMisra23PackageQuery(TSignedIntegerBitFieldHaveALengthOfOneBitQuery())) - } - - Query virtualAndNonVirtualBaseClassInHierarchyQuery() { - //autogenerate `Query` type - result = - // `Query` type for `virtualAndNonVirtualBaseClassInHierarchy` query - TQueryCPP(TImportMisra23PackageQuery(TVirtualAndNonVirtualBaseClassInHierarchyQuery())) - } - - Query differentDefaultArgsInOverridingVirtualFunctionQuery() { + Query oneDefinitionRuleViolatedQuery() { //autogenerate `Query` type result = - // `Query` type for `differentDefaultArgsInOverridingVirtualFunction` query - TQueryCPP(TImportMisra23PackageQuery(TDifferentDefaultArgsInOverridingVirtualFunctionQuery())) + // `Query` type for `oneDefinitionRuleViolated` query + TQueryCPP(TImportMisra23PackageQuery(TOneDefinitionRuleViolatedQuery())) } - Query declarationsOrOverridesParamsAreUnnamedOrIdenticalQuery() { + Query variableDeclaredInInnerScopeHidesOuterScopeQuery() { //autogenerate `Query` type result = - // `Query` type for `declarationsOrOverridesParamsAreUnnamedOrIdentical` query - TQueryCPP(TImportMisra23PackageQuery(TDeclarationsOrOverridesParamsAreUnnamedOrIdenticalQuery())) + // `Query` type for `variableDeclaredInInnerScopeHidesOuterScope` query + TQueryCPP(TImportMisra23PackageQuery(TVariableDeclaredInInnerScopeHidesOuterScopeQuery())) } - Query comparisonOfVirtualPointerOnlyBeWithNullptrQuery() { + Query objectAccessedBeforeLifetimeMisraQuery() { //autogenerate `Query` type result = - // `Query` type for `comparisonOfVirtualPointerOnlyBeWithNullptr` query - TQueryCPP(TImportMisra23PackageQuery(TComparisonOfVirtualPointerOnlyBeWithNullptrQuery())) + // `Query` type for `objectAccessedBeforeLifetimeMisra` query + TQueryCPP(TImportMisra23PackageQuery(TObjectAccessedBeforeLifetimeMisraQuery())) } - Query dynamicTypeUsedWithinConstructorOrDestructorQuery() { + Query objectAccessedAfterLifetimeMisraQuery() { //autogenerate `Query` type result = - // `Query` type for `dynamicTypeUsedWithinConstructorOrDestructor` query - TQueryCPP(TImportMisra23PackageQuery(TDynamicTypeUsedWithinConstructorOrDestructorQuery())) + // `Query` type for `objectAccessedAfterLifetimeMisra` query + TQueryCPP(TImportMisra23PackageQuery(TObjectAccessedAfterLifetimeMisraQuery())) } - Query constructorsShouldInitializeAllBaseClassesQuery() { + Query castRemovesConstOrVolatileFromPointerOrReferenceQuery() { //autogenerate `Query` type result = - // `Query` type for `constructorsShouldInitializeAllBaseClasses` query - TQueryCPP(TImportMisra23PackageQuery(TConstructorsShouldInitializeAllBaseClassesQuery())) + // `Query` type for `castRemovesConstOrVolatileFromPointerOrReference` query + TQueryCPP(TImportMisra23PackageQuery(TCastRemovesConstOrVolatileFromPointerOrReferenceQuery())) } - Query initializerListConstructorIsTheOnlyConstructorQuery() { + Query ifElseIfEndConditionQuery() { //autogenerate `Query` type result = - // `Query` type for `initializerListConstructorIsTheOnlyConstructor` query - TQueryCPP(TImportMisra23PackageQuery(TInitializerListConstructorIsTheOnlyConstructorQuery())) + // `Query` type for `ifElseIfEndCondition` query + TQueryCPP(TImportMisra23PackageQuery(TIfElseIfEndConditionQuery())) } - Query addressOfOperatorOverloadedQuery() { + Query gotoShallJumpToLabelDeclaredLaterInTheFunctionQuery() { //autogenerate `Query` type result = - // `Query` type for `addressOfOperatorOverloaded` query - TQueryCPP(TImportMisra23PackageQuery(TAddressOfOperatorOverloadedQuery())) + // `Query` type for `gotoShallJumpToLabelDeclaredLaterInTheFunction` query + TQueryCPP(TImportMisra23PackageQuery(TGotoShallJumpToLabelDeclaredLaterInTheFunctionQuery())) } - Query functionTemplatesExplicitlySpecializedQuery() { + Query functionDeclaredWithTheNoreturnAttributeReturnQuery() { //autogenerate `Query` type result = - // `Query` type for `functionTemplatesExplicitlySpecialized` query - TQueryCPP(TImportMisra23PackageQuery(TFunctionTemplatesExplicitlySpecializedQuery())) + // `Query` type for `functionDeclaredWithTheNoreturnAttributeReturn` query + TQueryCPP(TImportMisra23PackageQuery(TFunctionDeclaredWithTheNoreturnAttributeReturnQuery())) } - Query exceptionObjectHavePointerTypeQuery() { + Query nonVoidFunctionShallReturnAValueOnAllPathsQuery() { //autogenerate `Query` type result = - // `Query` type for `exceptionObjectHavePointerType` query - TQueryCPP(TImportMisra23PackageQuery(TExceptionObjectHavePointerTypeQuery())) + // `Query` type for `nonVoidFunctionShallReturnAValueOnAllPaths` query + TQueryCPP(TImportMisra23PackageQuery(TNonVoidFunctionShallReturnAValueOnAllPathsQuery())) } - Query emptyThrowShallOnlyOccurWithinACatchHandlerQuery() { + Query declarationOfAnObjectIndirectionsLevelQuery() { //autogenerate `Query` type result = - // `Query` type for `emptyThrowShallOnlyOccurWithinACatchHandler` query - TQueryCPP(TImportMisra23PackageQuery(TEmptyThrowShallOnlyOccurWithinACatchHandlerQuery())) + // `Query` type for `declarationOfAnObjectIndirectionsLevel` query + TQueryCPP(TImportMisra23PackageQuery(TDeclarationOfAnObjectIndirectionsLevelQuery())) } Query handlersReferToNonStaticMembersFromTheirClassQuery() { @@ -925,20 +322,6 @@ module ImportMisra23Package { TQueryCPP(TImportMisra23PackageQuery(THandlersReferToNonStaticMembersFromTheirClassQuery())) } - Query noexceptFunctionShouldNotPropagateAnExceptionQuery() { - //autogenerate `Query` type - result = - // `Query` type for `noexceptFunctionShouldNotPropagateAnException` query - TQueryCPP(TImportMisra23PackageQuery(TNoexceptFunctionShouldNotPropagateAnExceptionQuery())) - } - - Query functionLikeMacrosDefinedQuery() { - //autogenerate `Query` type - result = - // `Query` type for `functionLikeMacrosDefined` query - TQueryCPP(TImportMisra23PackageQuery(TFunctionLikeMacrosDefinedQuery())) - } - Query includeDirectivesPrecededByPreprocessorDirectivesQuery() { //autogenerate `Query` type result = @@ -967,20 +350,6 @@ module ImportMisra23Package { TQueryCPP(TImportMisra23PackageQuery(TAndPreprocessorOperatorsShouldNotBeUsedQuery())) } - Query macroParameterFollowingAHashOperatorQuery() { - //autogenerate `Query` type - result = - // `Query` type for `macroParameterFollowingAHashOperator` query - TQueryCPP(TImportMisra23PackageQuery(TMacroParameterFollowingAHashOperatorQuery())) - } - - Query argumentToAMixedUseMacroShoulNotNeedExpansionQuery() { - //autogenerate `Query` type - result = - // `Query` type for `argumentToAMixedUseMacroShoulNotNeedExpansion` query - TQueryCPP(TImportMisra23PackageQuery(TArgumentToAMixedUseMacroShoulNotNeedExpansionQuery())) - } - Query tokensThatLookLikeDirectivesInAMacroArgumentQuery() { //autogenerate `Query` type result = @@ -988,34 +357,6 @@ module ImportMisra23Package { TQueryCPP(TImportMisra23PackageQuery(TTokensThatLookLikeDirectivesInAMacroArgumentQuery())) } - Query facilitiesProvidedByCsignalUsedQuery() { - //autogenerate `Query` type - result = - // `Query` type for `facilitiesProvidedByCsignalUsed` query - TQueryCPP(TImportMisra23PackageQuery(TFacilitiesProvidedByCsignalUsedQuery())) - } - - Query atofAtoiAtolAndAtollFromCstdlibUsedQuery() { - //autogenerate `Query` type - result = - // `Query` type for `atofAtoiAtolAndAtollFromCstdlibUsed` query - TQueryCPP(TImportMisra23PackageQuery(TAtofAtoiAtolAndAtollFromCstdlibUsedQuery())) - } - - Query macroOffsetShouldNotBeUsedQuery() { - //autogenerate `Query` type - result = - // `Query` type for `macroOffsetShouldNotBeUsed` query - TQueryCPP(TImportMisra23PackageQuery(TMacroOffsetShouldNotBeUsedQuery())) - } - - Query defineBothSizedAndUnsizedVersionOfAGlobalOperatorQuery() { - //autogenerate `Query` type - result = - // `Query` type for `defineBothSizedAndUnsizedVersionOfAGlobalOperator` query - TQueryCPP(TImportMisra23PackageQuery(TDefineBothSizedAndUnsizedVersionOfAGlobalOperatorQuery())) - } - Query pointerToAnIncompleteClassTypeDeletedQuery() { //autogenerate `Query` type result = @@ -1044,20 +385,6 @@ module ImportMisra23Package { TQueryCPP(TImportMisra23PackageQuery(TCallToSetlocaleInvalidatesOldPointersWarnMisraQuery())) } - Query vectorShouldNotBeSpecializedWithBoolQuery() { - //autogenerate `Query` type - result = - // `Query` type for `vectorShouldNotBeSpecializedWithBool` query - TQueryCPP(TImportMisra23PackageQuery(TVectorShouldNotBeSpecializedWithBoolQuery())) - } - - Query forwardingReferencesAndForwardNotUsedTogetherQuery() { - //autogenerate `Query` type - result = - // `Query` type for `forwardingReferencesAndForwardNotUsedTogether` query - TQueryCPP(TImportMisra23PackageQuery(TForwardingReferencesAndForwardNotUsedTogetherQuery())) - } - Query objectUsedWhileInPotentiallyMovedFromStateQuery() { //autogenerate `Query` type result = @@ -1065,255 +392,10 @@ module ImportMisra23Package { TQueryCPP(TImportMisra23PackageQuery(TObjectUsedWhileInPotentiallyMovedFromStateQuery())) } - Query cLibraryInputoutputFunctionsUsedQuery() { - //autogenerate `Query` type - result = - // `Query` type for `cLibraryInputoutputFunctionsUsed` query - TQueryCPP(TImportMisra23PackageQuery(TCLibraryInputoutputFunctionsUsedQuery())) - } - Query readsAndWritesOnStreamNotSeparatedByPositioningQuery() { //autogenerate `Query` type result = // `Query` type for `readsAndWritesOnStreamNotSeparatedByPositioning` query TQueryCPP(TImportMisra23PackageQuery(TReadsAndWritesOnStreamNotSeparatedByPositioningQuery())) } - - Query operationsOnMemoryNotSequencedAppropriatelyQuery() { - //autogenerate `Query` type - result = - // `Query` type for `operationsOnMemoryNotSequencedAppropriately` query - TQueryCPP(TImportMisra23PackageQuery(TOperationsOnMemoryNotSequencedAppropriatelyQuery())) - } - - Query characterOnlyInEscapeSequenceOrUniversalCharNameQuery() { - //autogenerate `Query` type - result = - // `Query` type for `characterOnlyInEscapeSequenceOrUniversalCharName` query - TQueryCPP(TImportMisra23PackageQuery(TCharacterOnlyInEscapeSequenceOrUniversalCharNameQuery())) - } - - Query escapeSequencesAndUniversalCharNamesNotTerminatedQuery() { - //autogenerate `Query` type - result = - // `Query` type for `escapeSequencesAndUniversalCharNamesNotTerminated` query - TQueryCPP(TImportMisra23PackageQuery(TEscapeSequencesAndUniversalCharNamesNotTerminatedQuery())) - } - - Query octalConstantsUsedQuery() { - //autogenerate `Query` type - result = - // `Query` type for `octalConstantsUsed` query - TQueryCPP(TImportMisra23PackageQuery(TOctalConstantsUsedQuery())) - } - - Query unsignedIntegerLiteralsNotAppropriatelySuffixedQuery() { - //autogenerate `Query` type - result = - // `Query` type for `unsignedIntegerLiteralsNotAppropriatelySuffixed` query - TQueryCPP(TImportMisra23PackageQuery(TUnsignedIntegerLiteralsNotAppropriatelySuffixedQuery())) - } - - Query lowercaseLUsedAsFirstCharacterInLiteralSuffixQuery() { - //autogenerate `Query` type - result = - // `Query` type for `lowercaseLUsedAsFirstCharacterInLiteralSuffix` query - TQueryCPP(TImportMisra23PackageQuery(TLowercaseLUsedAsFirstCharacterInLiteralSuffixQuery())) - } - - Query characterSequenceUsedWithinACStyleCommentQuery() { - //autogenerate `Query` type - result = - // `Query` type for `characterSequenceUsedWithinACStyleComment` query - TQueryCPP(TImportMisra23PackageQuery(TCharacterSequenceUsedWithinACStyleCommentQuery())) - } - - Query lineSplicingUsedInCommentsQuery() { - //autogenerate `Query` type - result = - // `Query` type for `lineSplicingUsedInComments` query - TQueryCPP(TImportMisra23PackageQuery(TLineSplicingUsedInCommentsQuery())) - } - - Query globalDeclarationsOnlyMainNamespaceOrExternCQuery() { - //autogenerate `Query` type - result = - // `Query` type for `globalDeclarationsOnlyMainNamespaceOrExternC` query - TQueryCPP(TImportMisra23PackageQuery(TGlobalDeclarationsOnlyMainNamespaceOrExternCQuery())) - } - - Query mainUsedOnlyForTheGlobalFunctionMainQuery() { - //autogenerate `Query` type - result = - // `Query` type for `mainUsedOnlyForTheGlobalFunctionMain` query - TQueryCPP(TImportMisra23PackageQuery(TMainUsedOnlyForTheGlobalFunctionMainQuery())) - } - - Query oneDefinitionRuleViolatedQuery() { - //autogenerate `Query` type - result = - // `Query` type for `oneDefinitionRuleViolated` query - TQueryCPP(TImportMisra23PackageQuery(TOneDefinitionRuleViolatedQuery())) - } - - Query variableDeclaredInInnerScopeHidesOuterScopeQuery() { - //autogenerate `Query` type - result = - // `Query` type for `variableDeclaredInInnerScopeHidesOuterScope` query - TQueryCPP(TImportMisra23PackageQuery(TVariableDeclaredInInnerScopeHidesOuterScopeQuery())) - } - - Query derivedClasseConcealFunctionInheritedFromTheBaseQuery() { - //autogenerate `Query` type - result = - // `Query` type for `derivedClasseConcealFunctionInheritedFromTheBase` query - TQueryCPP(TImportMisra23PackageQuery(TDerivedClasseConcealFunctionInheritedFromTheBaseQuery())) - } - - Query nameInDependentBaseResolvedByUnqualifiedLookupQuery() { - //autogenerate `Query` type - result = - // `Query` type for `nameInDependentBaseResolvedByUnqualifiedLookup` query - TQueryCPP(TImportMisra23PackageQuery(TNameInDependentBaseResolvedByUnqualifiedLookupQuery())) - } - - Query objectAccessedBeforeLifetimeMisraQuery() { - //autogenerate `Query` type - result = - // `Query` type for `objectAccessedBeforeLifetimeMisra` query - TQueryCPP(TImportMisra23PackageQuery(TObjectAccessedBeforeLifetimeMisraQuery())) - } - - Query objectAccessedAfterLifetimeMisraQuery() { - //autogenerate `Query` type - result = - // `Query` type for `objectAccessedAfterLifetimeMisra` query - TQueryCPP(TImportMisra23PackageQuery(TObjectAccessedAfterLifetimeMisraQuery())) - } - - Query mustNotReturnReferenceToLocalAutomaticVariableQuery() { - //autogenerate `Query` type - result = - // `Query` type for `mustNotReturnReferenceToLocalAutomaticVariable` query - TQueryCPP(TImportMisra23PackageQuery(TMustNotReturnReferenceToLocalAutomaticVariableQuery())) - } - - Query nullptrNotTheOnlyFormOfTheNullPointerConstantQuery() { - //autogenerate `Query` type - result = - // `Query` type for `nullptrNotTheOnlyFormOfTheNullPointerConstant` query - TQueryCPP(TImportMisra23PackageQuery(TNullptrNotTheOnlyFormOfTheNullPointerConstantQuery())) - } - - Query arrayPassedAsFunctionArgumentDecayToAPointerQuery() { - //autogenerate `Query` type - result = - // `Query` type for `arrayPassedAsFunctionArgumentDecayToAPointer` query - TQueryCPP(TImportMisra23PackageQuery(TArrayPassedAsFunctionArgumentDecayToAPointerQuery())) - } - - Query resultOfAnAssignmentOperatorShouldNotBeUsedQuery() { - //autogenerate `Query` type - result = - // `Query` type for `resultOfAnAssignmentOperatorShouldNotBeUsed` query - TQueryCPP(TImportMisra23PackageQuery(TResultOfAnAssignmentOperatorShouldNotBeUsedQuery())) - } - - Query commaOperatorShouldNotBeUsedQuery() { - //autogenerate `Query` type - result = - // `Query` type for `commaOperatorShouldNotBeUsed` query - TQueryCPP(TImportMisra23PackageQuery(TCommaOperatorShouldNotBeUsedQuery())) - } - - Query functionsCallThemselvesEitherDirectlyOrIndirectlyQuery() { - //autogenerate `Query` type - result = - // `Query` type for `functionsCallThemselvesEitherDirectlyOrIndirectly` query - TQueryCPP(TImportMisra23PackageQuery(TFunctionsCallThemselvesEitherDirectlyOrIndirectlyQuery())) - } - - Query castRemovesConstOrVolatileFromPointerOrReferenceQuery() { - //autogenerate `Query` type - result = - // `Query` type for `castRemovesConstOrVolatileFromPointerOrReference` query - TQueryCPP(TImportMisra23PackageQuery(TCastRemovesConstOrVolatileFromPointerOrReferenceQuery())) - } - - Query castsBetweenAPointerToFunctionAndAnyOtherTypeQuery() { - //autogenerate `Query` type - result = - // `Query` type for `castsBetweenAPointerToFunctionAndAnyOtherType` query - TQueryCPP(TImportMisra23PackageQuery(TCastsBetweenAPointerToFunctionAndAnyOtherTypeQuery())) - } - - Query reinterpretCastShallNotBeUsedQuery() { - //autogenerate `Query` type - result = - // `Query` type for `reinterpretCastShallNotBeUsed` query - TQueryCPP(TImportMisra23PackageQuery(TReinterpretCastShallNotBeUsedQuery())) - } - - Query unsignedOperationWithConstantOperandsShouldNotWrapQuery() { - //autogenerate `Query` type - result = - // `Query` type for `unsignedOperationWithConstantOperandsShouldNotWrap` query - TQueryCPP(TImportMisra23PackageQuery(TUnsignedOperationWithConstantOperandsShouldNotWrapQuery())) - } - - Query builtInOperatorAppliedToUnsignedExpressionQuery() { - //autogenerate `Query` type - result = - // `Query` type for `builtInOperatorAppliedToUnsignedExpression` query - TQueryCPP(TImportMisra23PackageQuery(TBuiltInOperatorAppliedToUnsignedExpressionQuery())) - } - - Query bodyOfIterationOrSelectionStatementNotCompoundQuery() { - //autogenerate `Query` type - result = - // `Query` type for `bodyOfIterationOrSelectionStatementNotCompound` query - TQueryCPP(TImportMisra23PackageQuery(TBodyOfIterationOrSelectionStatementNotCompoundQuery())) - } - - Query ifElseIfEndConditionQuery() { - //autogenerate `Query` type - result = - // `Query` type for `ifElseIfEndCondition` query - TQueryCPP(TImportMisra23PackageQuery(TIfElseIfEndConditionQuery())) - } - - Query gotoStatementShouldNotBeUsedQuery() { - //autogenerate `Query` type - result = - // `Query` type for `gotoStatementShouldNotBeUsed` query - TQueryCPP(TImportMisra23PackageQuery(TGotoStatementShouldNotBeUsedQuery())) - } - - Query gotoShallReferenceALabelInSurroundingBlockQuery() { - //autogenerate `Query` type - result = - // `Query` type for `gotoShallReferenceALabelInSurroundingBlock` query - TQueryCPP(TImportMisra23PackageQuery(TGotoShallReferenceALabelInSurroundingBlockQuery())) - } - - Query gotoShallJumpToLabelDeclaredLaterInTheFunctionQuery() { - //autogenerate `Query` type - result = - // `Query` type for `gotoShallJumpToLabelDeclaredLaterInTheFunction` query - TQueryCPP(TImportMisra23PackageQuery(TGotoShallJumpToLabelDeclaredLaterInTheFunctionQuery())) - } - - Query functionDeclaredWithTheNoreturnAttributeReturnQuery() { - //autogenerate `Query` type - result = - // `Query` type for `functionDeclaredWithTheNoreturnAttributeReturn` query - TQueryCPP(TImportMisra23PackageQuery(TFunctionDeclaredWithTheNoreturnAttributeReturnQuery())) - } - - Query nonVoidFunctionShallReturnAValueOnAllPathsQuery() { - //autogenerate `Query` type - result = - // `Query` type for `nonVoidFunctionShallReturnAValueOnAllPaths` query - TQueryCPP(TImportMisra23PackageQuery(TNonVoidFunctionShallReturnAValueOnAllPathsQuery())) - } } diff --git a/cpp/misra/src/rules/DIR-5-7-2/SectionsOfCodeShouldNotBeCommentedOut.ql b/cpp/misra/src/rules/DIR-5-7-2/SectionsOfCodeShouldNotBeCommentedOut.ql index 75eb48ec67..e51ae39d3d 100644 --- a/cpp/misra/src/rules/DIR-5-7-2/SectionsOfCodeShouldNotBeCommentedOut.ql +++ b/cpp/misra/src/rules/DIR-5-7-2/SectionsOfCodeShouldNotBeCommentedOut.ql @@ -1,7 +1,7 @@ /** * @id cpp/misra/sections-of-code-should-not-be-commented-out * @name DIR-5-7-2: Sections of code should not be “commented out” - * @description + * @description Commented out code may become out of date leading to developer confusion. * @kind problem * @precision very-high * @problem.severity error @@ -16,7 +16,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.sectionsofcodeshallnotbecommentedout.SectionsOfCodeShallNotBeCommentedOut -class SectionsOfCodeShouldNotBeCommentedOutQuery extends SectionsOfCodeShallNotBeCommentedOutSharedQuery { +class SectionsOfCodeShouldNotBeCommentedOutQuery extends SectionsOfCodeShallNotBeCommentedOutSharedQuery +{ SectionsOfCodeShouldNotBeCommentedOutQuery() { this = ImportMisra23Package::sectionsOfCodeShouldNotBeCommentedOutQuery() } diff --git a/cpp/misra/src/rules/RULE-11-3-2/DeclarationOfAnObjectIndirectionsLevel.ql b/cpp/misra/src/rules/RULE-11-3-2/DeclarationOfAnObjectIndirectionsLevel.ql index 21293a632f..6436ae39b4 100644 --- a/cpp/misra/src/rules/RULE-11-3-2/DeclarationOfAnObjectIndirectionsLevel.ql +++ b/cpp/misra/src/rules/RULE-11-3-2/DeclarationOfAnObjectIndirectionsLevel.ql @@ -1,7 +1,8 @@ /** * @id cpp/misra/declaration-of-an-object-indirections-level * @name RULE-11-3-2: The declaration of an object should contain no more than two levels of pointer indirection - * @description + * @description Declarations with more than two levels of pointer nesting can result in code that is + * difficult to read and understand. * @kind problem * @precision very-high * @problem.severity error diff --git a/cpp/misra/src/rules/RULE-18-3-3/HandlersReferToNonStaticMembersFromTheirClass.ql b/cpp/misra/src/rules/RULE-18-3-3/HandlersReferToNonStaticMembersFromTheirClass.ql index 81a5038151..66c57abfa8 100644 --- a/cpp/misra/src/rules/RULE-18-3-3/HandlersReferToNonStaticMembersFromTheirClass.ql +++ b/cpp/misra/src/rules/RULE-18-3-3/HandlersReferToNonStaticMembersFromTheirClass.ql @@ -2,7 +2,7 @@ * @id cpp/misra/handlers-refer-to-non-static-members-from-their-class * @name RULE-18-3-3: Handlers for a function-try-block of a constructor or destructor shall not refer to non-static * @description Handlers for a function-try-block of a constructor or destructor shall not refer to - * non-static members from their class or its bases + * non-static members from their class or its bases. * @kind problem * @precision very-high * @problem.severity error diff --git a/cpp/misra/src/rules/RULE-19-0-3/IncludeDirectivesPrecededByPreprocessorDirectives.ql b/cpp/misra/src/rules/RULE-19-0-3/IncludeDirectivesPrecededByPreprocessorDirectives.ql index e392630616..2d504f03e2 100644 --- a/cpp/misra/src/rules/RULE-19-0-3/IncludeDirectivesPrecededByPreprocessorDirectives.ql +++ b/cpp/misra/src/rules/RULE-19-0-3/IncludeDirectivesPrecededByPreprocessorDirectives.ql @@ -1,7 +1,8 @@ /** * @id cpp/misra/include-directives-preceded-by-preprocessor-directives * @name RULE-19-0-3: #include directives should only be preceded by preprocessor directives or comments - * @description + * @description Using anything other than other pre-processor directives or comments before an + * '#include' directive makes the code more difficult to read. * @kind problem * @precision very-high * @problem.severity error diff --git a/cpp/misra/src/rules/RULE-19-1-3/IdentifiersUsedInTheControllingExpressionOf.ql b/cpp/misra/src/rules/RULE-19-1-3/IdentifiersUsedInTheControllingExpressionOf.ql index 13b604911b..c30be08109 100644 --- a/cpp/misra/src/rules/RULE-19-1-3/IdentifiersUsedInTheControllingExpressionOf.ql +++ b/cpp/misra/src/rules/RULE-19-1-3/IdentifiersUsedInTheControllingExpressionOf.ql @@ -2,7 +2,7 @@ * @id cpp/misra/identifiers-used-in-the-controlling-expression-of * @name RULE-19-1-3: All identifiers used in the controlling expression of #if or #elif preprocessing directives shall be * @description All identifiers used in the controlling expression of #if or #elif preprocessing - * directives shall be defined prior to evaluation + * directives shall be defined prior to evaluation. * @kind problem * @precision very-high * @problem.severity error diff --git a/cpp/misra/src/rules/RULE-19-2-3/CharsThatShouldNotOccurInHeaderFileName.ql b/cpp/misra/src/rules/RULE-19-2-3/CharsThatShouldNotOccurInHeaderFileName.ql index 20a4912a28..b29d85a214 100644 --- a/cpp/misra/src/rules/RULE-19-2-3/CharsThatShouldNotOccurInHeaderFileName.ql +++ b/cpp/misra/src/rules/RULE-19-2-3/CharsThatShouldNotOccurInHeaderFileName.ql @@ -2,7 +2,7 @@ * @id cpp/misra/chars-that-should-not-occur-in-header-file-name * @name RULE-19-2-3: The ' or " or \ characters and the /* or // character sequences shall not occur in a header file * @description The ' or " or \ characters and the /* or // character sequences shall not occur in a - * header file name + * header file name. * @kind problem * @precision very-high * @problem.severity error diff --git a/cpp/misra/src/rules/RULE-19-3-1/AndPreprocessorOperatorsShouldNotBeUsed.ql b/cpp/misra/src/rules/RULE-19-3-1/AndPreprocessorOperatorsShouldNotBeUsed.ql index 9b6430475e..bc423a0051 100644 --- a/cpp/misra/src/rules/RULE-19-3-1/AndPreprocessorOperatorsShouldNotBeUsed.ql +++ b/cpp/misra/src/rules/RULE-19-3-1/AndPreprocessorOperatorsShouldNotBeUsed.ql @@ -1,7 +1,8 @@ /** * @id cpp/misra/and-preprocessor-operators-should-not-be-used * @name RULE-19-3-1: The # and ## preprocessor operators should not be used - * @description + * @description The order of evaluation for the '#' and '##' operators may differ between compilers, + * which can cause unexpected behaviour. * @kind problem * @precision very-high * @problem.severity error diff --git a/cpp/misra/src/rules/RULE-19-3-5/TokensThatLookLikeDirectivesInAMacroArgument.ql b/cpp/misra/src/rules/RULE-19-3-5/TokensThatLookLikeDirectivesInAMacroArgument.ql index 3e553d0397..4438034a4a 100644 --- a/cpp/misra/src/rules/RULE-19-3-5/TokensThatLookLikeDirectivesInAMacroArgument.ql +++ b/cpp/misra/src/rules/RULE-19-3-5/TokensThatLookLikeDirectivesInAMacroArgument.ql @@ -1,7 +1,8 @@ /** * @id cpp/misra/tokens-that-look-like-directives-in-a-macro-argument * @name RULE-19-3-5: Tokens that look like a preprocessing directive shall not occur within a macro argument - * @description + * @description Arguments to a function-like macro shall not contain tokens that look like + * pre-processing directives or else behaviour after macro expansion is unpredictable. * @kind problem * @precision very-high * @problem.severity error diff --git a/cpp/misra/src/rules/RULE-21-6-5/PointerToAnIncompleteClassTypeDeleted.ql b/cpp/misra/src/rules/RULE-21-6-5/PointerToAnIncompleteClassTypeDeleted.ql index 0d2de4deae..97f46eecb7 100644 --- a/cpp/misra/src/rules/RULE-21-6-5/PointerToAnIncompleteClassTypeDeleted.ql +++ b/cpp/misra/src/rules/RULE-21-6-5/PointerToAnIncompleteClassTypeDeleted.ql @@ -1,7 +1,7 @@ /** * @id cpp/misra/pointer-to-an-incomplete-class-type-deleted * @name RULE-21-6-5: A pointer to an incomplete class type shall not be deleted - * @description + * @description Do not delete pointers to incomplete classes to prevent undefined behavior. * @kind problem * @precision very-high * @problem.severity error diff --git a/cpp/misra/src/rules/RULE-25-5-2/PointersReturnedByLocaleFunctionsMustBeUsedAsConst.ql b/cpp/misra/src/rules/RULE-25-5-2/PointersReturnedByLocaleFunctionsMustBeUsedAsConst.ql index 8fbb7d4d42..192015008a 100644 --- a/cpp/misra/src/rules/RULE-25-5-2/PointersReturnedByLocaleFunctionsMustBeUsedAsConst.ql +++ b/cpp/misra/src/rules/RULE-25-5-2/PointersReturnedByLocaleFunctionsMustBeUsedAsConst.ql @@ -3,8 +3,8 @@ * @name RULE-25-5-2: The pointers returned by environment functions should be treated as const * @description The pointers returned by the C++ Standard Library functions localeconv, getenv, * setlocale or strerror must only be used as if they have pointer to const-qualified - * type - * @kind path-problem + * type. + * @kind problem * @precision very-high * @problem.severity error * @tags external/misra/id/rule-25-5-2 diff --git a/cpp/misra/src/rules/RULE-28-6-3/ObjectUsedWhileInPotentiallyMovedFromState.ql b/cpp/misra/src/rules/RULE-28-6-3/ObjectUsedWhileInPotentiallyMovedFromState.ql index 416daa9c07..1a149c4328 100644 --- a/cpp/misra/src/rules/RULE-28-6-3/ObjectUsedWhileInPotentiallyMovedFromState.ql +++ b/cpp/misra/src/rules/RULE-28-6-3/ObjectUsedWhileInPotentiallyMovedFromState.ql @@ -1,7 +1,7 @@ /** * @id cpp/misra/object-used-while-in-potentially-moved-from-state * @name RULE-28-6-3: An object shall not be used while in a potentially moved-from state - * @description + * @description Moved-from object shall not be read-accessed. * @kind problem * @precision very-high * @problem.severity error diff --git a/cpp/misra/src/rules/RULE-30-0-2/ReadsAndWritesOnStreamNotSeparatedByPositioning.ql b/cpp/misra/src/rules/RULE-30-0-2/ReadsAndWritesOnStreamNotSeparatedByPositioning.ql index a209347915..30f34dbfcb 100644 --- a/cpp/misra/src/rules/RULE-30-0-2/ReadsAndWritesOnStreamNotSeparatedByPositioning.ql +++ b/cpp/misra/src/rules/RULE-30-0-2/ReadsAndWritesOnStreamNotSeparatedByPositioning.ql @@ -1,7 +1,8 @@ /** * @id cpp/misra/reads-and-writes-on-stream-not-separated-by-positioning * @name RULE-30-0-2: Reads and writes on the same file stream shall be separated by a positioning operation - * @description + * @description Alternate input and output operations on a file stream shall not be used without an + * intervening flush or positioning call. * @kind problem * @precision very-high * @problem.severity error diff --git a/cpp/misra/src/rules/RULE-6-2-1/OneDefinitionRuleViolated.ql b/cpp/misra/src/rules/RULE-6-2-1/OneDefinitionRuleViolated.ql index b682c354a5..fdde6fddda 100644 --- a/cpp/misra/src/rules/RULE-6-2-1/OneDefinitionRuleViolated.ql +++ b/cpp/misra/src/rules/RULE-6-2-1/OneDefinitionRuleViolated.ql @@ -1,7 +1,8 @@ /** * @id cpp/misra/one-definition-rule-violated * @name RULE-6-2-1: The one-definition rule shall not be violated - * @description + * @description The one-definition rule specifies when there should be a single definition of an + * element and a violation of that rule leads to undefined behavior. * @kind problem * @precision very-high * @problem.severity error diff --git a/cpp/misra/src/rules/RULE-6-4-1/VariableDeclaredInInnerScopeHidesOuterScope.ql b/cpp/misra/src/rules/RULE-6-4-1/VariableDeclaredInInnerScopeHidesOuterScope.ql index 1813ebc77a..85ece40dc8 100644 --- a/cpp/misra/src/rules/RULE-6-4-1/VariableDeclaredInInnerScopeHidesOuterScope.ql +++ b/cpp/misra/src/rules/RULE-6-4-1/VariableDeclaredInInnerScopeHidesOuterScope.ql @@ -1,7 +1,9 @@ /** * @id cpp/misra/variable-declared-in-inner-scope-hides-outer-scope * @name RULE-6-4-1: A variable declared in an inner scope shall not hide a variable declared in an outer scope - * @description + * @description Use of an identifier declared in an inner scope with an identical name to an + * identifier in an outer scope can lead to inadvertent errors if the incorrect + * identifier is modified. * @kind problem * @precision very-high * @problem.severity error diff --git a/cpp/misra/src/rules/RULE-8-2-3/CastRemovesConstOrVolatileFromPointerOrReference.ql b/cpp/misra/src/rules/RULE-8-2-3/CastRemovesConstOrVolatileFromPointerOrReference.ql index 0c2e56b5bd..9a702b300a 100644 --- a/cpp/misra/src/rules/RULE-8-2-3/CastRemovesConstOrVolatileFromPointerOrReference.ql +++ b/cpp/misra/src/rules/RULE-8-2-3/CastRemovesConstOrVolatileFromPointerOrReference.ql @@ -2,7 +2,7 @@ * @id cpp/misra/cast-removes-const-or-volatile-from-pointer-or-reference * @name RULE-8-2-3: A cast shall not remove any const or volatile qualification from the type accessed via a pointer or * @description A cast shall not remove any const or volatile qualification from the type accessed - * via a pointer or by reference + * via a pointer or by reference. * @kind problem * @precision very-high * @problem.severity error diff --git a/cpp/misra/src/rules/RULE-9-4-1/IfElseIfEndCondition.ql b/cpp/misra/src/rules/RULE-9-4-1/IfElseIfEndCondition.ql index 2345e3f25f..1460dcd36e 100644 --- a/cpp/misra/src/rules/RULE-9-4-1/IfElseIfEndCondition.ql +++ b/cpp/misra/src/rules/RULE-9-4-1/IfElseIfEndCondition.ql @@ -1,7 +1,7 @@ /** * @id cpp/misra/if-else-if-end-condition * @name RULE-9-4-1: All if - * @description All if ... else if constructs shall be terminated with an else statement + * @description All if ... else if constructs shall be terminated with an else statement. * @kind problem * @precision very-high * @problem.severity error diff --git a/cpp/misra/src/rules/RULE-9-6-3/GotoShallJumpToLabelDeclaredLaterInTheFunction.ql b/cpp/misra/src/rules/RULE-9-6-3/GotoShallJumpToLabelDeclaredLaterInTheFunction.ql index c0e5e0fe83..5ce80af9e7 100644 --- a/cpp/misra/src/rules/RULE-9-6-3/GotoShallJumpToLabelDeclaredLaterInTheFunction.ql +++ b/cpp/misra/src/rules/RULE-9-6-3/GotoShallJumpToLabelDeclaredLaterInTheFunction.ql @@ -1,7 +1,7 @@ /** * @id cpp/misra/goto-shall-jump-to-label-declared-later-in-the-function * @name RULE-9-6-3: The goto statement shall jump to a label declared later in the function body - * @description + * @description Jumping back to an earlier section in the code can lead to accidental iterations. * @kind problem * @precision very-high * @problem.severity error diff --git a/cpp/misra/src/rules/RULE-9-6-4/FunctionDeclaredWithTheNoreturnAttributeReturn.ql b/cpp/misra/src/rules/RULE-9-6-4/FunctionDeclaredWithTheNoreturnAttributeReturn.ql index 23221348c0..00179e5426 100644 --- a/cpp/misra/src/rules/RULE-9-6-4/FunctionDeclaredWithTheNoreturnAttributeReturn.ql +++ b/cpp/misra/src/rules/RULE-9-6-4/FunctionDeclaredWithTheNoreturnAttributeReturn.ql @@ -1,7 +1,8 @@ /** * @id cpp/misra/function-declared-with-the-noreturn-attribute-return * @name RULE-9-6-4: A function declared with the [[noreturn]] attribute shall not return - * @description + * @description A function with the [[noreturn]] attribute that returns leads to undefined + * behaviour. * @kind problem * @precision very-high * @problem.severity error diff --git a/cpp/misra/src/rules/RULE-9-6-5/NonVoidFunctionShallReturnAValueOnAllPaths.ql b/cpp/misra/src/rules/RULE-9-6-5/NonVoidFunctionShallReturnAValueOnAllPaths.ql index 74802bcee9..05c544fb46 100644 --- a/cpp/misra/src/rules/RULE-9-6-5/NonVoidFunctionShallReturnAValueOnAllPaths.ql +++ b/cpp/misra/src/rules/RULE-9-6-5/NonVoidFunctionShallReturnAValueOnAllPaths.ql @@ -1,7 +1,9 @@ /** * @id cpp/misra/non-void-function-shall-return-a-value-on-all-paths * @name RULE-9-6-5: A function with non-void return type shall return a value on all paths - * @description + * @description A function with non-void return type that does not exit via a return statement can + * result in undefined behaviour. An exception to this rule is exiting via exception + * handling. * @kind problem * @precision very-high * @problem.severity error From 4e0a5bdd06d1767d00af4d4929dca2a97849b074 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 16 May 2024 18:00:54 +0200 Subject: [PATCH 1810/2573] Fix formatting --- .../RULE-11-3-2/DeclarationOfAnObjectIndirectionsLevel.ql | 3 ++- .../HandlersReferToNonStaticMembersFromTheirClass.ql | 3 ++- .../IncludeDirectivesPrecededByPreprocessorDirectives.ql | 3 ++- .../RULE-19-2-3/CharsThatShouldNotOccurInHeaderFileName.ql | 3 ++- .../TokensThatLookLikeDirectivesInAMacroArgument.ql | 3 ++- .../RULE-21-6-5/PointerToAnIncompleteClassTypeDeleted.ql | 3 ++- .../PointersReturnedByLocaleFunctionsMustBeUsedAsConst.ql | 2 +- .../ObjectUsedWhileInPotentiallyMovedFromState.ql | 3 ++- .../ReadsAndWritesOnStreamNotSeparatedByPositioning.ql | 3 ++- cpp/misra/src/rules/RULE-6-2-1/OneDefinitionRuleViolated.ql | 4 +--- .../CastRemovesConstOrVolatileFromPointerOrReference.ql | 3 ++- cpp/misra/src/rules/RULE-9-4-1/IfElseIfEndCondition.ql | 6 ++---- .../FunctionDeclaredWithTheNoreturnAttributeReturn.ql | 3 ++- .../NonVoidFunctionShallReturnAValueOnAllPaths.ql | 3 ++- 14 files changed, 26 insertions(+), 19 deletions(-) diff --git a/cpp/misra/src/rules/RULE-11-3-2/DeclarationOfAnObjectIndirectionsLevel.ql b/cpp/misra/src/rules/RULE-11-3-2/DeclarationOfAnObjectIndirectionsLevel.ql index 6436ae39b4..ddbe4a3db0 100644 --- a/cpp/misra/src/rules/RULE-11-3-2/DeclarationOfAnObjectIndirectionsLevel.ql +++ b/cpp/misra/src/rules/RULE-11-3-2/DeclarationOfAnObjectIndirectionsLevel.ql @@ -18,7 +18,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.donotusemorethantwolevelsofpointerindirection.DoNotUseMoreThanTwoLevelsOfPointerIndirection -class DeclarationOfAnObjectIndirectionsLevelQuery extends DoNotUseMoreThanTwoLevelsOfPointerIndirectionSharedQuery { +class DeclarationOfAnObjectIndirectionsLevelQuery extends DoNotUseMoreThanTwoLevelsOfPointerIndirectionSharedQuery +{ DeclarationOfAnObjectIndirectionsLevelQuery() { this = ImportMisra23Package::declarationOfAnObjectIndirectionsLevelQuery() } diff --git a/cpp/misra/src/rules/RULE-18-3-3/HandlersReferToNonStaticMembersFromTheirClass.ql b/cpp/misra/src/rules/RULE-18-3-3/HandlersReferToNonStaticMembersFromTheirClass.ql index 66c57abfa8..b5db9095b1 100644 --- a/cpp/misra/src/rules/RULE-18-3-3/HandlersReferToNonStaticMembersFromTheirClass.ql +++ b/cpp/misra/src/rules/RULE-18-3-3/HandlersReferToNonStaticMembersFromTheirClass.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.destroyedvaluereferencedindestructorcatchblock.DestroyedValueReferencedInDestructorCatchBlock -class HandlersReferToNonStaticMembersFromTheirClassQuery extends DestroyedValueReferencedInDestructorCatchBlockSharedQuery { +class HandlersReferToNonStaticMembersFromTheirClassQuery extends DestroyedValueReferencedInDestructorCatchBlockSharedQuery +{ HandlersReferToNonStaticMembersFromTheirClassQuery() { this = ImportMisra23Package::handlersReferToNonStaticMembersFromTheirClassQuery() } diff --git a/cpp/misra/src/rules/RULE-19-0-3/IncludeDirectivesPrecededByPreprocessorDirectives.ql b/cpp/misra/src/rules/RULE-19-0-3/IncludeDirectivesPrecededByPreprocessorDirectives.ql index 2d504f03e2..7068c7bea0 100644 --- a/cpp/misra/src/rules/RULE-19-0-3/IncludeDirectivesPrecededByPreprocessorDirectives.ql +++ b/cpp/misra/src/rules/RULE-19-0-3/IncludeDirectivesPrecededByPreprocessorDirectives.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.preprocessorincludespreceded.PreprocessorIncludesPreceded -class IncludeDirectivesPrecededByPreprocessorDirectivesQuery extends PreprocessorIncludesPrecededSharedQuery { +class IncludeDirectivesPrecededByPreprocessorDirectivesQuery extends PreprocessorIncludesPrecededSharedQuery +{ IncludeDirectivesPrecededByPreprocessorDirectivesQuery() { this = ImportMisra23Package::includeDirectivesPrecededByPreprocessorDirectivesQuery() } diff --git a/cpp/misra/src/rules/RULE-19-2-3/CharsThatShouldNotOccurInHeaderFileName.ql b/cpp/misra/src/rules/RULE-19-2-3/CharsThatShouldNotOccurInHeaderFileName.ql index b29d85a214..30c6c50662 100644 --- a/cpp/misra/src/rules/RULE-19-2-3/CharsThatShouldNotOccurInHeaderFileName.ql +++ b/cpp/misra/src/rules/RULE-19-2-3/CharsThatShouldNotOccurInHeaderFileName.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.preprocessorincludesforbiddenheadernames.PreprocessorIncludesForbiddenHeaderNames -class CharsThatShouldNotOccurInHeaderFileNameQuery extends PreprocessorIncludesForbiddenHeaderNamesSharedQuery { +class CharsThatShouldNotOccurInHeaderFileNameQuery extends PreprocessorIncludesForbiddenHeaderNamesSharedQuery +{ CharsThatShouldNotOccurInHeaderFileNameQuery() { this = ImportMisra23Package::charsThatShouldNotOccurInHeaderFileNameQuery() } diff --git a/cpp/misra/src/rules/RULE-19-3-5/TokensThatLookLikeDirectivesInAMacroArgument.ql b/cpp/misra/src/rules/RULE-19-3-5/TokensThatLookLikeDirectivesInAMacroArgument.ql index 4438034a4a..2fa672e644 100644 --- a/cpp/misra/src/rules/RULE-19-3-5/TokensThatLookLikeDirectivesInAMacroArgument.ql +++ b/cpp/misra/src/rules/RULE-19-3-5/TokensThatLookLikeDirectivesInAMacroArgument.ql @@ -18,7 +18,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.preprocessingdirectivewithinmacroargument.PreprocessingDirectiveWithinMacroArgument -class TokensThatLookLikeDirectivesInAMacroArgumentQuery extends PreprocessingDirectiveWithinMacroArgumentSharedQuery { +class TokensThatLookLikeDirectivesInAMacroArgumentQuery extends PreprocessingDirectiveWithinMacroArgumentSharedQuery +{ TokensThatLookLikeDirectivesInAMacroArgumentQuery() { this = ImportMisra23Package::tokensThatLookLikeDirectivesInAMacroArgumentQuery() } diff --git a/cpp/misra/src/rules/RULE-21-6-5/PointerToAnIncompleteClassTypeDeleted.ql b/cpp/misra/src/rules/RULE-21-6-5/PointerToAnIncompleteClassTypeDeleted.ql index 97f46eecb7..29d20d5d07 100644 --- a/cpp/misra/src/rules/RULE-21-6-5/PointerToAnIncompleteClassTypeDeleted.ql +++ b/cpp/misra/src/rules/RULE-21-6-5/PointerToAnIncompleteClassTypeDeleted.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.deleteofpointertoincompleteclass.DeleteOfPointerToIncompleteClass -class PointerToAnIncompleteClassTypeDeletedQuery extends DeleteOfPointerToIncompleteClassSharedQuery { +class PointerToAnIncompleteClassTypeDeletedQuery extends DeleteOfPointerToIncompleteClassSharedQuery +{ PointerToAnIncompleteClassTypeDeletedQuery() { this = ImportMisra23Package::pointerToAnIncompleteClassTypeDeletedQuery() } diff --git a/cpp/misra/src/rules/RULE-25-5-2/PointersReturnedByLocaleFunctionsMustBeUsedAsConst.ql b/cpp/misra/src/rules/RULE-25-5-2/PointersReturnedByLocaleFunctionsMustBeUsedAsConst.ql index 192015008a..1feebdc67c 100644 --- a/cpp/misra/src/rules/RULE-25-5-2/PointersReturnedByLocaleFunctionsMustBeUsedAsConst.ql +++ b/cpp/misra/src/rules/RULE-25-5-2/PointersReturnedByLocaleFunctionsMustBeUsedAsConst.ql @@ -4,7 +4,7 @@ * @description The pointers returned by the C++ Standard Library functions localeconv, getenv, * setlocale or strerror must only be used as if they have pointer to const-qualified * type. - * @kind problem + * @kind path-problem * @precision very-high * @problem.severity error * @tags external/misra/id/rule-25-5-2 diff --git a/cpp/misra/src/rules/RULE-28-6-3/ObjectUsedWhileInPotentiallyMovedFromState.ql b/cpp/misra/src/rules/RULE-28-6-3/ObjectUsedWhileInPotentiallyMovedFromState.ql index 1a149c4328..db3bbbb700 100644 --- a/cpp/misra/src/rules/RULE-28-6-3/ObjectUsedWhileInPotentiallyMovedFromState.ql +++ b/cpp/misra/src/rules/RULE-28-6-3/ObjectUsedWhileInPotentiallyMovedFromState.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.movedfromobjectsunspecifiedstate.MovedFromObjectsUnspecifiedState -class ObjectUsedWhileInPotentiallyMovedFromStateQuery extends MovedFromObjectsUnspecifiedStateSharedQuery { +class ObjectUsedWhileInPotentiallyMovedFromStateQuery extends MovedFromObjectsUnspecifiedStateSharedQuery +{ ObjectUsedWhileInPotentiallyMovedFromStateQuery() { this = ImportMisra23Package::objectUsedWhileInPotentiallyMovedFromStateQuery() } diff --git a/cpp/misra/src/rules/RULE-30-0-2/ReadsAndWritesOnStreamNotSeparatedByPositioning.ql b/cpp/misra/src/rules/RULE-30-0-2/ReadsAndWritesOnStreamNotSeparatedByPositioning.ql index 30f34dbfcb..a5304c6708 100644 --- a/cpp/misra/src/rules/RULE-30-0-2/ReadsAndWritesOnStreamNotSeparatedByPositioning.ql +++ b/cpp/misra/src/rules/RULE-30-0-2/ReadsAndWritesOnStreamNotSeparatedByPositioning.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.iofstreammissingpositioning.IOFstreamMissingPositioning -class ReadsAndWritesOnStreamNotSeparatedByPositioningQuery extends IOFstreamMissingPositioningSharedQuery { +class ReadsAndWritesOnStreamNotSeparatedByPositioningQuery extends IOFstreamMissingPositioningSharedQuery +{ ReadsAndWritesOnStreamNotSeparatedByPositioningQuery() { this = ImportMisra23Package::readsAndWritesOnStreamNotSeparatedByPositioningQuery() } diff --git a/cpp/misra/src/rules/RULE-6-2-1/OneDefinitionRuleViolated.ql b/cpp/misra/src/rules/RULE-6-2-1/OneDefinitionRuleViolated.ql index fdde6fddda..dbef1e4d54 100644 --- a/cpp/misra/src/rules/RULE-6-2-1/OneDefinitionRuleViolated.ql +++ b/cpp/misra/src/rules/RULE-6-2-1/OneDefinitionRuleViolated.ql @@ -18,7 +18,5 @@ import codingstandards.cpp.misra import codingstandards.cpp.rules.onedefinitionruleviolation.OneDefinitionRuleViolation class OneDefinitionRuleViolatedQuery extends OneDefinitionRuleViolationSharedQuery { - OneDefinitionRuleViolatedQuery() { - this = ImportMisra23Package::oneDefinitionRuleViolatedQuery() - } + OneDefinitionRuleViolatedQuery() { this = ImportMisra23Package::oneDefinitionRuleViolatedQuery() } } diff --git a/cpp/misra/src/rules/RULE-8-2-3/CastRemovesConstOrVolatileFromPointerOrReference.ql b/cpp/misra/src/rules/RULE-8-2-3/CastRemovesConstOrVolatileFromPointerOrReference.ql index 9a702b300a..935050fdd9 100644 --- a/cpp/misra/src/rules/RULE-8-2-3/CastRemovesConstOrVolatileFromPointerOrReference.ql +++ b/cpp/misra/src/rules/RULE-8-2-3/CastRemovesConstOrVolatileFromPointerOrReference.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.removeconstorvolatilequalification.RemoveConstOrVolatileQualification -class CastRemovesConstOrVolatileFromPointerOrReferenceQuery extends RemoveConstOrVolatileQualificationSharedQuery { +class CastRemovesConstOrVolatileFromPointerOrReferenceQuery extends RemoveConstOrVolatileQualificationSharedQuery +{ CastRemovesConstOrVolatileFromPointerOrReferenceQuery() { this = ImportMisra23Package::castRemovesConstOrVolatileFromPointerOrReferenceQuery() } diff --git a/cpp/misra/src/rules/RULE-9-4-1/IfElseIfEndCondition.ql b/cpp/misra/src/rules/RULE-9-4-1/IfElseIfEndCondition.ql index 1460dcd36e..e74de3544f 100644 --- a/cpp/misra/src/rules/RULE-9-4-1/IfElseIfEndCondition.ql +++ b/cpp/misra/src/rules/RULE-9-4-1/IfElseIfEndCondition.ql @@ -1,6 +1,6 @@ /** * @id cpp/misra/if-else-if-end-condition - * @name RULE-9-4-1: All if + * @name RULE-9-4-1: All if * @description All if ... else if constructs shall be terminated with an else statement. * @kind problem * @precision very-high @@ -18,7 +18,5 @@ import codingstandards.cpp.misra import codingstandards.cpp.rules.ifelseterminationconstruct.IfElseTerminationConstruct class IfElseIfEndConditionQuery extends IfElseTerminationConstructSharedQuery { - IfElseIfEndConditionQuery() { - this = ImportMisra23Package::ifElseIfEndConditionQuery() - } + IfElseIfEndConditionQuery() { this = ImportMisra23Package::ifElseIfEndConditionQuery() } } diff --git a/cpp/misra/src/rules/RULE-9-6-4/FunctionDeclaredWithTheNoreturnAttributeReturn.ql b/cpp/misra/src/rules/RULE-9-6-4/FunctionDeclaredWithTheNoreturnAttributeReturn.ql index 00179e5426..f0ac8dc9bf 100644 --- a/cpp/misra/src/rules/RULE-9-6-4/FunctionDeclaredWithTheNoreturnAttributeReturn.ql +++ b/cpp/misra/src/rules/RULE-9-6-4/FunctionDeclaredWithTheNoreturnAttributeReturn.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.functionnoreturnattributecondition.FunctionNoReturnAttributeCondition -class FunctionDeclaredWithTheNoreturnAttributeReturnQuery extends FunctionNoReturnAttributeConditionSharedQuery { +class FunctionDeclaredWithTheNoreturnAttributeReturnQuery extends FunctionNoReturnAttributeConditionSharedQuery +{ FunctionDeclaredWithTheNoreturnAttributeReturnQuery() { this = ImportMisra23Package::functionDeclaredWithTheNoreturnAttributeReturnQuery() } diff --git a/cpp/misra/src/rules/RULE-9-6-5/NonVoidFunctionShallReturnAValueOnAllPaths.ql b/cpp/misra/src/rules/RULE-9-6-5/NonVoidFunctionShallReturnAValueOnAllPaths.ql index 05c544fb46..444356350a 100644 --- a/cpp/misra/src/rules/RULE-9-6-5/NonVoidFunctionShallReturnAValueOnAllPaths.ql +++ b/cpp/misra/src/rules/RULE-9-6-5/NonVoidFunctionShallReturnAValueOnAllPaths.ql @@ -18,7 +18,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.nonvoidfunctiondoesnotreturn.NonVoidFunctionDoesNotReturn -class NonVoidFunctionShallReturnAValueOnAllPathsQuery extends NonVoidFunctionDoesNotReturnSharedQuery { +class NonVoidFunctionShallReturnAValueOnAllPathsQuery extends NonVoidFunctionDoesNotReturnSharedQuery +{ NonVoidFunctionShallReturnAValueOnAllPathsQuery() { this = ImportMisra23Package::nonVoidFunctionShallReturnAValueOnAllPathsQuery() } From 919d3adb0967eaff0d579759acb5ca70808456f2 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 16 May 2024 18:04:21 +0200 Subject: [PATCH 1811/2573] Fix formatting --- .../RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersMisra.ql | 3 ++- .../CallToSetlocaleInvalidatesOldPointersWarnMisra.ql | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/cpp/misra/src/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersMisra.ql b/cpp/misra/src/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersMisra.ql index 58edb5e60f..a38ce60039 100644 --- a/cpp/misra/src/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersMisra.ql +++ b/cpp/misra/src/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersMisra.ql @@ -18,7 +18,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.invalidatedenvstringpointers.InvalidatedEnvStringPointers -class CallToSetlocaleInvalidatesOldPointersMisraQuery extends InvalidatedEnvStringPointersSharedQuery { +class CallToSetlocaleInvalidatesOldPointersMisraQuery extends InvalidatedEnvStringPointersSharedQuery +{ CallToSetlocaleInvalidatesOldPointersMisraQuery() { this = ImportMisra23Package::callToSetlocaleInvalidatesOldPointersMisraQuery() } diff --git a/cpp/misra/src/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersWarnMisra.ql b/cpp/misra/src/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersWarnMisra.ql index 2b4b08bd98..d0b4179412 100644 --- a/cpp/misra/src/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersWarnMisra.ql +++ b/cpp/misra/src/rules/RULE-25-5-3/CallToSetlocaleInvalidatesOldPointersWarnMisra.ql @@ -18,7 +18,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.invalidatedenvstringpointerswarn.InvalidatedEnvStringPointersWarn -class CallToSetlocaleInvalidatesOldPointersWarnMisraQuery extends InvalidatedEnvStringPointersWarnSharedQuery { +class CallToSetlocaleInvalidatesOldPointersWarnMisraQuery extends InvalidatedEnvStringPointersWarnSharedQuery +{ CallToSetlocaleInvalidatesOldPointersWarnMisraQuery() { this = ImportMisra23Package::callToSetlocaleInvalidatesOldPointersWarnMisraQuery() } From cbaf2fd8e2032411266e17651d623659b367bcfe Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 21 May 2024 16:02:45 -0400 Subject: [PATCH 1812/2573] IdentifierHidden: revert PR#546 --- change_notes/2024-05-21-identifier-hidden.md | 2 + cpp/common/src/codingstandards/cpp/Scope.qll | 92 ++++++++----------- .../identifierhidden/IdentifierHidden.qll | 7 +- .../IdentifierHidden.expected | 35 ++++--- .../test/rules/identifierhidden/test.cpp | 26 +----- 5 files changed, 64 insertions(+), 98 deletions(-) create mode 100644 change_notes/2024-05-21-identifier-hidden.md diff --git a/change_notes/2024-05-21-identifier-hidden.md b/change_notes/2024-05-21-identifier-hidden.md new file mode 100644 index 0000000000..c09d05bd27 --- /dev/null +++ b/change_notes/2024-05-21-identifier-hidden.md @@ -0,0 +1,2 @@ +- `A2-10-1`, `RULE-5-3` - `IdentifierHiding.ql`, `IdentifierHidingC.ql`: + - Revert some changes previously made in PR #546 (addressing issue #118). Revert expansion to function identifiers. \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/Scope.qll b/cpp/common/src/codingstandards/cpp/Scope.qll index cfa2d062f2..d9a81b98e3 100644 --- a/cpp/common/src/codingstandards/cpp/Scope.qll +++ b/cpp/common/src/codingstandards/cpp/Scope.qll @@ -57,18 +57,10 @@ private Element getParentScope(Element e) { /** A variable which is defined by the user, rather than being from a third party or compiler generated. */ class UserVariable extends Variable { - UserVariable() { this instanceof UserDeclaration } -} - -/** A construct which is defined by the user, rather than being from a third party or compiler generated. */ -class UserDeclaration extends Declaration { - UserDeclaration() { + UserVariable() { exists(getFile().getRelativePath()) and - not this.(Variable).isCompilerGenerated() and - not this.(Function).isCompilerGenerated() and + not isCompilerGenerated() and not this.(Parameter).getFunction().isCompilerGenerated() and - // Class template instantiations are compiler generated instances that share the same parent scope. This will result in a cross-product on class template instantiations because they have the same name and same parent scope. We therefore exclude these from consideration like we do with other compiler generated identifiers of interest. - not this instanceof ClassTemplateInstantiation and // compiler inferred parameters have name of p#0 not this.(Parameter).getName() = "p#0" } @@ -82,13 +74,11 @@ class Scope extends Element { int getNumberOfVariables() { result = count(getAVariable()) } - int getNumberOfDeclarations() { result = count(getADeclaration()) } - Scope getAnAncestor() { result = this.getStrictParent+() } Scope getStrictParent() { result = getParentScope(this) } - UserDeclaration getADeclaration() { getParentScope(result) = this } + Declaration getADeclaration() { getParentScope(result) = this } Expr getAnExpr() { this = getParentScope(result) } @@ -132,31 +122,31 @@ class GeneratedBlockStmt extends BlockStmt { GeneratedBlockStmt() { this.getLocation() instanceof UnknownLocation } } -/** Gets a Declaration that is in the potential scope of Declaration `v`. */ -private UserDeclaration getPotentialScopeOfDeclaration_candidate(UserDeclaration v) { +/** Gets a variable that is in the potential scope of variable `v`. */ +private UserVariable getPotentialScopeOfVariable_candidate(UserVariable v) { exists(Scope s | - result = s.getADeclaration() and + result = s.getAVariable() and ( - // Declaration in an ancestor scope, but only if there are less than 100 declarations in this scope - v = s.getAnAncestor().getADeclaration() and - s.getNumberOfDeclarations() < 100 + // Variable in an ancestor scope, but only if there are less than 100 variables in this scope + v = s.getAnAncestor().getAVariable() and + s.getNumberOfVariables() < 100 or - // In the same scope, but not the same Declaration, and choose just one to report - v = s.getADeclaration() and + // In the same scope, but not the same variable, and choose just one to report + v = s.getAVariable() and not result = v and v.getName() <= result.getName() ) ) } -/** Gets a Declaration that is in the potential scope of Declaration `v`. */ -private UserDeclaration getPotentialScopeOfDeclarationStrict_candidate(UserDeclaration v) { +/** Gets a variable that is in the potential scope of variable `v`. */ +private UserVariable getOuterScopesOfVariable_candidate(UserVariable v) { exists(Scope s | - result = s.getADeclaration() and + result = s.getAVariable() and ( - // Declaration in an ancestor scope, but only if there are less than 100 variables in this scope - v = s.getAnAncestor().getADeclaration() and - s.getNumberOfDeclarations() < 100 + // Variable in an ancestor scope, but only if there are less than 100 variables in this scope + v = s.getAnAncestor().getAVariable() and + s.getNumberOfVariables() < 100 ) ) } @@ -171,20 +161,20 @@ predicate inSameTranslationUnit(File f1, File f2) { } /** - * Gets a user Declaration which occurs in the "outer scope" of Declaration `v`. + * Gets a user variable which occurs in the "potential scope" of variable `v`. */ cached -UserDeclaration getPotentialScopeOfDeclarationStrict(UserDeclaration v) { - result = getPotentialScopeOfDeclarationStrict_candidate(v) and +UserVariable getPotentialScopeOfVariable(UserVariable v) { + result = getPotentialScopeOfVariable_candidate(v) and inSameTranslationUnit(v.getFile(), result.getFile()) } /** - * Gets a user variable which occurs in the "potential scope" of variable `v`. + * Gets a user variable which occurs in the "outer scope" of variable `v`. */ cached -UserDeclaration getPotentialScopeOfDeclaration(UserDeclaration v) { - result = getPotentialScopeOfDeclaration_candidate(v) and +UserVariable getPotentialScopeOfVariableStrict(UserVariable v) { + result = getOuterScopesOfVariable_candidate(v) and inSameTranslationUnit(v.getFile(), result.getFile()) } @@ -214,9 +204,18 @@ class TranslationUnit extends SourceFile { } /** Holds if `v2` may hide `v1`. */ -private predicate hides_candidateStrict(UserDeclaration v1, UserDeclaration v2) { +private predicate hides_candidate(UserVariable v1, UserVariable v2) { + not v1 = v2 and + v2 = getPotentialScopeOfVariable(v1) and + v1.getName() = v2.getName() and + // Member variables cannot hide other variables nor be hidden because the can be referenced through their qualified name. + not (v1.isMember() or v2.isMember()) +} + +/** Holds if `v2` may hide `v1`. */ +private predicate hides_candidateStrict(UserVariable v1, UserVariable v2) { not v1 = v2 and - v2 = getPotentialScopeOfDeclarationStrict(v1) and + v2 = getPotentialScopeOfVariableStrict(v1) and v1.getName() = v2.getName() and // Member variables cannot hide other variables nor be hidden because the can be referenced through their qualified name. not (v1.isMember() or v2.isMember()) and @@ -240,15 +239,6 @@ private predicate hides_candidateStrict(UserDeclaration v1, UserDeclaration v2) ) } -/** Holds if `v2` may hide `v1`. */ -private predicate hides_candidate(UserDeclaration v1, UserDeclaration v2) { - not v1 = v2 and - v2 = getPotentialScopeOfDeclaration(v1) and - v1.getName() = v2.getName() and - // Member variables cannot hide other variables nor be hidden because the can be referenced through their qualified name. - not (v1.isMember() or v2.isMember()) -} - /** * Gets the enclosing statement of the given variable, if any. */ @@ -267,22 +257,20 @@ private Stmt getEnclosingStmt(LocalScopeVariable v) { } /** Holds if `v2` hides `v1`. */ -predicate hides(UserDeclaration v1, UserDeclaration v2) { +predicate hides(UserVariable v1, UserVariable v2) { hides_candidate(v1, v2) and // Confirm that there's no closer candidate variable which `v2` hides - not exists(UserDeclaration mid | + not exists(UserVariable mid | hides_candidate(v1, mid) and hides_candidate(mid, v2) - ) and - // Unlike `hidesStrict`, that requires a different scope, `hides` considers declarations in the same scope. This will include function overloads based on their name. To remove overloads from consideration, we exclude them. - not v1.(Function).getAnOverload() = v2 + ) } /** Holds if `v2` strictly (`v2` is in an inner scope compared to `v1`) hides `v1`. */ -predicate hidesStrict(UserDeclaration v1, UserDeclaration v2) { +predicate hidesStrict(UserVariable v1, UserVariable v2) { hides_candidateStrict(v1, v2) and // Confirm that there's no closer candidate variable which `v2` hides - not exists(UserDeclaration mid | + not exists(UserVariable mid | hides_candidateStrict(v1, mid) and hides_candidateStrict(mid, v2) ) @@ -303,7 +291,7 @@ predicate hasBlockScope(Declaration decl) { exists(BlockStmt b | b.getADeclarati /** * identifiers in nested (named/nonglobal) namespaces are exceptions to hiding due to being able access via fully qualified ids */ -predicate excludedViaNestedNamespaces(UserDeclaration outerDecl, UserDeclaration innerDecl) { +predicate excludedViaNestedNamespaces(UserVariable outerDecl, UserVariable innerDecl) { exists(Namespace inner, Namespace outer | outer.getAChildNamespace+() = inner and //outer is not global diff --git a/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll b/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll index d5d8a0d93e..dc71ba843e 100644 --- a/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll +++ b/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll @@ -76,18 +76,15 @@ predicate hiddenInLambda(UserVariable outerDecl, UserVariable innerDecl) { } query predicate problems( - UserDeclaration innerDecl, string message, UserDeclaration outerDecl, string varName + UserVariable innerDecl, string message, UserVariable outerDecl, string varName ) { not isExcluded(outerDecl, getQuery()) and not isExcluded(innerDecl, getQuery()) and //ignore template variables for this rule not outerDecl instanceof TemplateVariable and not innerDecl instanceof TemplateVariable and - //ignore types for this rule as the Misra C/C++ 23 version of this rule (rule 6.4.1 and 6.4.2) focuses solely on variables and functions - not innerDecl instanceof Type and - not outerDecl instanceof Type and (hidesStrict(outerDecl, innerDecl) or hiddenInLambda(outerDecl, innerDecl)) and not excludedViaNestedNamespaces(outerDecl, innerDecl) and varName = outerDecl.getName() and - message = "Declaration is hiding declaration $@." + message = "Variable is hiding variable $@." } diff --git a/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected b/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected index 1b0d94d838..fd657590ef 100644 --- a/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected +++ b/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected @@ -1,18 +1,17 @@ -| test.cpp:4:5:4:7 | id1 | Declaration is hiding declaration $@. | test.cpp:1:5:1:7 | id1 | id1 | -| test.cpp:8:5:8:7 | id1 | Declaration is hiding declaration $@. | test.cpp:1:5:1:7 | id1 | id1 | -| test.cpp:20:7:20:9 | id1 | Declaration is hiding declaration $@. | test.cpp:1:5:1:7 | id1 | id1 | -| test.cpp:23:13:23:15 | id1 | Declaration is hiding declaration $@. | test.cpp:1:5:1:7 | id1 | id1 | -| test.cpp:26:12:26:14 | id1 | Declaration is hiding declaration $@. | test.cpp:1:5:1:7 | id1 | id1 | -| test.cpp:27:14:27:16 | id1 | Declaration is hiding declaration $@. | test.cpp:26:12:26:14 | id1 | id1 | -| test.cpp:65:11:65:11 | i | Declaration is hiding declaration $@. | test.cpp:61:7:61:7 | i | i | -| test.cpp:67:9:67:9 | i | Declaration is hiding declaration $@. | test.cpp:61:7:61:7 | i | i | -| test.cpp:70:12:70:12 | i | Declaration is hiding declaration $@. | test.cpp:61:7:61:7 | i | i | -| test.cpp:75:16:75:16 | i | Declaration is hiding declaration $@. | test.cpp:61:7:61:7 | i | i | -| test.cpp:81:5:81:5 | a | Declaration is hiding declaration $@. | test.cpp:79:5:79:5 | a | a | -| test.cpp:102:9:102:9 | b | Declaration is hiding declaration $@. | test.cpp:96:11:96:11 | b | b | -| test.cpp:114:9:114:17 | globalvar | Declaration is hiding declaration $@. | test.cpp:110:5:110:13 | globalvar | globalvar | -| test.cpp:133:11:133:11 | b | Declaration is hiding declaration $@. | test.cpp:127:13:127:13 | b | b | -| test.cpp:142:9:142:10 | a1 | Declaration is hiding declaration $@. | test.cpp:140:14:140:15 | a1 | a1 | -| test.cpp:147:9:147:10 | a2 | Declaration is hiding declaration $@. | test.cpp:145:20:145:21 | a2 | a2 | -| test.cpp:152:9:152:10 | a3 | Declaration is hiding declaration $@. | test.cpp:150:17:150:18 | a3 | a3 | -| test.cpp:164:9:164:10 | a5 | Declaration is hiding declaration $@. | test.cpp:162:13:162:14 | a5 | a5 | +| test.cpp:4:5:4:7 | id1 | Variable is hiding variable $@. | test.cpp:1:5:1:7 | id1 | id1 | +| test.cpp:8:5:8:7 | id1 | Variable is hiding variable $@. | test.cpp:1:5:1:7 | id1 | id1 | +| test.cpp:20:7:20:9 | id1 | Variable is hiding variable $@. | test.cpp:1:5:1:7 | id1 | id1 | +| test.cpp:23:13:23:15 | id1 | Variable is hiding variable $@. | test.cpp:1:5:1:7 | id1 | id1 | +| test.cpp:26:12:26:14 | id1 | Variable is hiding variable $@. | test.cpp:1:5:1:7 | id1 | id1 | +| test.cpp:27:14:27:16 | id1 | Variable is hiding variable $@. | test.cpp:26:12:26:14 | id1 | id1 | +| test.cpp:65:11:65:11 | i | Variable is hiding variable $@. | test.cpp:61:7:61:7 | i | i | +| test.cpp:67:9:67:9 | i | Variable is hiding variable $@. | test.cpp:61:7:61:7 | i | i | +| test.cpp:70:12:70:12 | i | Variable is hiding variable $@. | test.cpp:61:7:61:7 | i | i | +| test.cpp:75:16:75:16 | i | Variable is hiding variable $@. | test.cpp:61:7:61:7 | i | i | +| test.cpp:86:9:86:9 | b | Variable is hiding variable $@. | test.cpp:80:11:80:11 | b | b | +| test.cpp:94:9:94:17 | globalvar | Variable is hiding variable $@. | test.cpp:91:5:91:13 | globalvar | globalvar | +| test.cpp:113:11:113:11 | b | Variable is hiding variable $@. | test.cpp:107:13:107:13 | b | b | +| test.cpp:122:9:122:10 | a1 | Variable is hiding variable $@. | test.cpp:120:14:120:15 | a1 | a1 | +| test.cpp:127:9:127:10 | a2 | Variable is hiding variable $@. | test.cpp:125:20:125:21 | a2 | a2 | +| test.cpp:132:9:132:10 | a3 | Variable is hiding variable $@. | test.cpp:130:17:130:18 | a3 | a3 | +| test.cpp:144:9:144:10 | a5 | Variable is hiding variable $@. | test.cpp:142:13:142:14 | a5 | a5 | diff --git a/cpp/common/test/rules/identifierhidden/test.cpp b/cpp/common/test/rules/identifierhidden/test.cpp index ede4bb24d6..427afe15d9 100644 --- a/cpp/common/test/rules/identifierhidden/test.cpp +++ b/cpp/common/test/rules/identifierhidden/test.cpp @@ -76,22 +76,6 @@ void test_scope_order() { } } -int a; -namespace b { -int a() {} // NON_COMPLIANT -} // namespace b - -namespace b1 { -typedef int a; // COMPLIANT - do not consider types -} - -namespace ns_exception1_outer { -int a1; // COMPLIANT - exception -namespace ns_exception1_inner { -void a1(); // COMPLIANT - exception -} -} // namespace ns_exception1_outer - void f4() { int a1, b; auto lambda1 = [a1]() { @@ -104,12 +88,8 @@ void f4() { }; } -void f5(int i) {} // COMPLIANT - exception - assume purposefully overloaded -void f5(double d) {} // COMPLIANT - exception - assume purposefully overloaded - int globalvar = 0; - -int f6() { +int f5() { auto lambda_with_shadowing = []() { int globalvar = 1; // NON_COMPLIANT - not an exception - not captured but // still accessible @@ -121,7 +101,7 @@ int f6() { return lambda_with_shadowing(); } -void f7(int p) { +void f6(int p) { // Introduce a nested scope to test scope comparison. if (p != 0) { int a1, b; @@ -136,7 +116,7 @@ void f7(int p) { } } -void f8() { +void f7() { static int a1; auto lambda1 = []() { int a1 = 10; // NON_COMPLIANT - Lambda can access static variable. From 499059b3d961b153505fa77b565c736ce93932f2 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 21 May 2024 16:21:53 -0400 Subject: [PATCH 1813/2573] IdentifierHidden: fix missing predicate name change --- .../DifferentIdentifiersNotTypographicallyUnambiguous.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.qll b/cpp/common/src/codingstandards/cpp/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.qll index 4876ca9a5c..87a4580ab3 100644 --- a/cpp/common/src/codingstandards/cpp/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.qll +++ b/cpp/common/src/codingstandards/cpp/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.qll @@ -47,7 +47,7 @@ string step1(string s) { string step2(string s) { s = "m_" and result = "rn" } predicate violation(UserVariable v1, UserVariable v2) { - v2 = getPotentialScopeOfDeclaration(v1) and + v2 = getPotentialScopeOfVariable(v1) and exists(string s1, string s2 | // over-approximate a match, because it is cheaper to compute getCanon(v1) = getCanon(v2) and From 22381ef437fda74c1ba0d83acfcbd8207e9ba7fa Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 22 May 2024 10:26:45 -0400 Subject: [PATCH 1814/2573] IdentifierHidden: add missing expected file change --- .../rules/identifierhidden/IdentifierHidden.expected | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/c/common/test/rules/identifierhidden/IdentifierHidden.expected b/c/common/test/rules/identifierhidden/IdentifierHidden.expected index d6f574e318..67809ee003 100644 --- a/c/common/test/rules/identifierhidden/IdentifierHidden.expected +++ b/c/common/test/rules/identifierhidden/IdentifierHidden.expected @@ -1,5 +1,5 @@ -| test.c:4:7:4:9 | id1 | Declaration is hiding declaration $@. | test.c:1:5:1:7 | id1 | id1 | -| test.c:7:13:7:15 | id1 | Declaration is hiding declaration $@. | test.c:1:5:1:7 | id1 | id1 | -| test.c:10:12:10:14 | id1 | Declaration is hiding declaration $@. | test.c:1:5:1:7 | id1 | id1 | -| test.c:11:14:11:16 | id1 | Declaration is hiding declaration $@. | test.c:10:12:10:14 | id1 | id1 | -| test.c:24:24:24:26 | id2 | Declaration is hiding declaration $@. | test.c:22:5:22:7 | id2 | id2 | +| test.c:4:7:4:9 | id1 | Variable is hiding variable $@. | test.c:1:5:1:7 | id1 | id1 | +| test.c:7:13:7:15 | id1 | Variable is hiding variable $@. | test.c:1:5:1:7 | id1 | id1 | +| test.c:10:12:10:14 | id1 | Variable is hiding variable $@. | test.c:1:5:1:7 | id1 | id1 | +| test.c:11:14:11:16 | id1 | Variable is hiding variable $@. | test.c:10:12:10:14 | id1 | id1 | +| test.c:24:24:24:26 | id2 | Variable is hiding variable $@. | test.c:22:5:22:7 | id2 | id2 | From c2b32b0f2f7e19bcf86804da510b877acaa6f3e2 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 22 May 2024 21:17:38 -0400 Subject: [PATCH 1815/2573] A18-5-8: address fp report #20, add return expression flow for NRVO elision --- change_notes/2024-05-22-fix-fp-rule-A18-5-8.md | 2 ++ .../src/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.ql | 3 +++ cpp/autosar/test/rules/A18-5-8/test.cpp | 9 +++++++++ 3 files changed, 14 insertions(+) create mode 100644 change_notes/2024-05-22-fix-fp-rule-A18-5-8.md diff --git a/change_notes/2024-05-22-fix-fp-rule-A18-5-8.md b/change_notes/2024-05-22-fix-fp-rule-A18-5-8.md new file mode 100644 index 0000000000..3091ce9ef3 --- /dev/null +++ b/change_notes/2024-05-22-fix-fp-rule-A18-5-8.md @@ -0,0 +1,2 @@ +- `A18-5-8` - `UnnecessaryUseOfDynamicStorage.ql`: + - Address FP reported in #20. Add model of flow from MakeSharedOrUnique to return expression to capture copy/move elision case NRVO. \ No newline at end of file diff --git a/cpp/autosar/src/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.ql b/cpp/autosar/src/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.ql index 979dc0824e..7b68030476 100644 --- a/cpp/autosar/src/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.ql +++ b/cpp/autosar/src/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.ql @@ -53,6 +53,9 @@ class MakeSharedOrUnique extends FunctionCall, CandidateFunctionLocalHeapAllocat // This includes the case where a result of `make_shared` or `make_unique` is return by a function // because the compiler will call the appropriate constructor. not exists(FunctionCall fc | DataFlow::localExprFlow(this, fc.getAnArgument())) and + // The flow to a return statement is explicitly modelled for the case where + // the copy/move constructor is elided and therefore there is no actual function call in the database + not exists(ReturnStmt ret | DataFlow::localExprFlow(this, ret.getExpr())) and // Not assigned to a field not exists(Field f | DataFlow::localExprFlow(this, f.getAnAssignedValue())) } diff --git a/cpp/autosar/test/rules/A18-5-8/test.cpp b/cpp/autosar/test/rules/A18-5-8/test.cpp index fcaf482777..3183810942 100644 --- a/cpp/autosar/test/rules/A18-5-8/test.cpp +++ b/cpp/autosar/test/rules/A18-5-8/test.cpp @@ -68,4 +68,13 @@ StructA *test_failure() { a = nullptr; } return a; +} + +#include +std::unique_ptr +test_for_fp_reported_in_20(const std::string &s) noexcept { + // make_unique performs heap allocation + // but this outlives the function due to copy elision + // (specifically NRVO) + return std::make_unique(s); // COMPLIANT } \ No newline at end of file From e5cdb71cf7b21c1d03fa209be40fc6fb16a59087 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Thu, 23 May 2024 17:42:29 +0200 Subject: [PATCH 1816/2573] C++: Update expected test results after dataflow library changes and merge from main --- ...riableViaPointerOfIncompatibleType.expected | 2 +- ...tPointersAddressingDifferentArrays.expected | 4 ++-- ...tionalOperatorsWithDifferingArrays.expected | 6 +++--- ...mentOfAnArrayPassedToASmartPointer.expected | 1 + .../A7-1-2/VariableMissingConstexpr.expected | 6 ------ ...icCppLibraryFunctionsDoNotOverflow.expected | 18 +++++++++--------- ...tUseAnAdditiveOperatorOnAnIterator.expected | 9 +++++++++ ...tPointersAddressingDifferentArrays.expected | 4 ++-- ...tionalOperatorsWithDifferingArrays.expected | 6 +++--- ...ValueStoredInUnrelatedSmartPointer.expected | 5 +++-- 10 files changed, 33 insertions(+), 28 deletions(-) diff --git a/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected b/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected index 3316256acb..6cf822fa15 100644 --- a/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected +++ b/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected @@ -16,7 +16,7 @@ edges | test.c:97:32:97:37 | call to malloc | test.c:98:40:98:41 | s2 | provenance | | | test.c:98:32:98:38 | call to realloc | test.c:99:3:99:4 | s3 | provenance | | | test.c:98:32:98:38 | call to realloc | test.c:100:10:100:11 | s3 | provenance | | -| test.c:98:40:98:41 | s2 | test.c:98:32:98:38 | call to realloc | provenance | | +| test.c:98:40:98:41 | s2 | test.c:98:32:98:38 | call to realloc | provenance | Config | nodes | test.c:6:19:6:20 | & ... | semmle.label | & ... | | test.c:11:10:11:11 | & ... | semmle.label | & ... | diff --git a/c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.expected b/c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.expected index c595e7e5f7..75866b8503 100644 --- a/c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.expected +++ b/c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.expected @@ -4,10 +4,10 @@ problems | test.c:13:10:13:11 | p4 | test.c:5:14:5:15 | l2 | test.c:13:10:13:11 | p4 | Subtraction between left operand pointing to array $@ and other operand pointing to array $@. | test.c:3:7:3:8 | l2 | l2 | test.c:2:7:2:8 | l1 | l1 | | test.c:13:15:13:16 | l1 | test.c:13:15:13:16 | l1 | test.c:13:15:13:16 | l1 | Subtraction between right operand pointing to array $@ and other operand pointing to array $@. | test.c:2:7:2:8 | l1 | l1 | test.c:3:7:3:8 | l2 | l2 | edges -| test.c:4:14:4:15 | l1 | test.c:4:14:4:18 | access to array | provenance | | +| test.c:4:14:4:15 | l1 | test.c:4:14:4:18 | access to array | provenance | Config | | test.c:4:14:4:18 | access to array | test.c:10:10:10:11 | p1 | provenance | | | test.c:4:14:4:18 | access to array | test.c:12:10:12:11 | p1 | provenance | | -| test.c:5:14:5:15 | l2 | test.c:5:14:5:19 | access to array | provenance | | +| test.c:5:14:5:15 | l2 | test.c:5:14:5:19 | access to array | provenance | Config | | test.c:5:14:5:19 | access to array | test.c:11:10:11:11 | p2 | provenance | | | test.c:5:14:5:19 | access to array | test.c:12:15:12:16 | p2 | provenance | | | test.c:5:14:5:19 | access to array | test.c:13:10:13:11 | p4 | provenance | | diff --git a/c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.expected b/c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.expected index 05c0ed4ca0..bda6c7ad05 100644 --- a/c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.expected +++ b/c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.expected @@ -11,17 +11,17 @@ problems | test.c:25:7:25:14 | ... >= ... | test.c:25:13:25:14 | l3 | test.c:25:13:25:14 | l3 | Compare operation >= comparing right operand pointing to array $@ and other operand pointing to array $@. | test.c:4:7:4:8 | l3 | l3 | test.c:2:7:2:8 | l1 | l1 | edges | test.c:6:13:6:14 | l1 | test.c:13:12:13:13 | p0 | provenance | | -| test.c:7:14:7:15 | l1 | test.c:7:14:7:18 | access to array | provenance | | +| test.c:7:14:7:15 | l1 | test.c:7:14:7:18 | access to array | provenance | Config | | test.c:7:14:7:18 | access to array | test.c:11:7:11:8 | p1 | provenance | | | test.c:7:14:7:18 | access to array | test.c:13:7:13:8 | p1 | provenance | | | test.c:7:14:7:18 | access to array | test.c:15:13:15:14 | p1 | provenance | | | test.c:7:14:7:18 | access to array | test.c:17:7:17:8 | p1 | provenance | | | test.c:7:14:7:18 | access to array | test.c:23:13:23:14 | p1 | provenance | | | test.c:7:14:7:18 | access to array | test.c:25:7:25:8 | p1 | provenance | | -| test.c:8:14:8:15 | l1 | test.c:8:14:8:18 | access to array | provenance | | +| test.c:8:14:8:15 | l1 | test.c:8:14:8:18 | access to array | provenance | Config | | test.c:8:14:8:18 | access to array | test.c:11:12:11:13 | p2 | provenance | | | test.c:8:14:8:18 | access to array | test.c:21:7:21:8 | p2 | provenance | | -| test.c:9:14:9:15 | l2 | test.c:9:14:9:18 | access to array | provenance | | +| test.c:9:14:9:15 | l2 | test.c:9:14:9:18 | access to array | provenance | Config | | test.c:9:14:9:18 | access to array | test.c:21:12:21:13 | p3 | provenance | | nodes | test.c:6:13:6:14 | l1 | semmle.label | l1 | diff --git a/cpp/autosar/test/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.expected b/cpp/autosar/test/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.expected index 6babf2c883..e71e667685 100644 --- a/cpp/autosar/test/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.expected +++ b/cpp/autosar/test/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.expected @@ -11,6 +11,7 @@ edges | test.cpp:3:36:3:45 | new[] | test.cpp:27:20:27:37 | call to allocate_int_array | provenance | | | test.cpp:11:29:11:41 | call to unique_ptr | test.cpp:12:27:12:28 | v2 | provenance | | | test.cpp:12:27:12:28 | v2 | test.cpp:12:30:12:36 | call to release | provenance | | +| test.cpp:12:27:12:28 | v2 | test.cpp:12:30:12:36 | call to release | provenance | Config | | test.cpp:27:20:27:37 | call to allocate_int_array | test.cpp:32:12:32:20 | int_array | provenance | | nodes | test.cpp:3:36:3:45 | new[] | semmle.label | new[] | diff --git a/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected b/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected index dd499ceb57..dbf223e0cf 100644 --- a/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected +++ b/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected @@ -1,9 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (VariableMissingConstexpr.ql:64,7-15) -WARNING: Module DataFlow has been deprecated and may be removed in future (VariableMissingConstexpr.ql:79,10-18) -WARNING: Module DataFlow has been deprecated and may be removed in future (VariableMissingConstexpr.ql:79,44-52) -WARNING: Module DataFlow has been deprecated and may be removed in future (VariableMissingConstexpr.ql:80,17-25) -WARNING: Module DataFlow has been deprecated and may be removed in future (VariableMissingConstexpr.ql:81,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (VariableMissingConstexpr.ql:82,9-17) | test.cpp:4:5:4:6 | g1 | Variable g1 could be marked 'constexpr'. | | test.cpp:6:5:6:6 | g2 | Variable g2 could be marked 'constexpr'. | | test.cpp:13:14:13:15 | lc | Variable lc could be marked 'constexpr'. | diff --git a/cpp/cert/test/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.expected b/cpp/cert/test/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.expected index 06abadc4fe..9259112890 100644 --- a/cpp/cert/test/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.expected +++ b/cpp/cert/test/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.expected @@ -1,12 +1,12 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:97,7-15) -WARNING: Module DataFlow has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:97,27-35) -WARNING: Module DataFlow has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:98,9-17) -WARNING: Module DataFlow has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:102,9-17) -WARNING: Module DataFlow has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:102,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:103,11-19) -WARNING: Module DataFlow has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:113,35-43) -WARNING: Module DataFlow has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:114,11-19) -WARNING: Module TaintTracking has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:113,9-22) +WARNING: Module DataFlow has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:88,7-15) +WARNING: Module DataFlow has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:88,27-35) +WARNING: Module DataFlow has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:89,9-17) +WARNING: Module DataFlow has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:93,9-17) +WARNING: Module DataFlow has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:93,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:94,11-19) +WARNING: Module DataFlow has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:104,35-43) +WARNING: Module DataFlow has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:105,11-19) +WARNING: Module TaintTracking has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:104,9-22) | test.cpp:8:42:8:46 | call to begin | Output iterator for $@ is not guaranteed to be large enough for the input iterator. | test.cpp:8:3:8:11 | call to copy | call to copy | | test.cpp:17:42:17:46 | call to begin | Output iterator for $@ is not guaranteed to be large enough for the input iterator. | test.cpp:17:3:17:11 | call to copy | call to copy | | test.cpp:55:42:55:46 | call to begin | Output iterator for $@ is not guaranteed to be large enough for the input iterator. | test.cpp:55:3:55:11 | call to copy | call to copy | diff --git a/cpp/cert/test/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.expected b/cpp/cert/test/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.expected index 0a06677b54..be69b2024d 100644 --- a/cpp/cert/test/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.expected +++ b/cpp/cert/test/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.expected @@ -1,3 +1,12 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:38,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:38,25-33) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:38,51-59) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:39,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:39,25-33) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:39,52-60) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:74,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:74,25-33) +WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:75,7-15) | test.cpp:8:7:8:7 | i | Increment of iterator may overflow since its bounds are not checked. | | test.cpp:9:9:9:9 | i | Increment of iterator may overflow since its bounds are not checked. | | test.cpp:10:9:10:9 | i | Increment of iterator may overflow since its bounds are not checked. | diff --git a/cpp/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.expected b/cpp/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.expected index dcbc6d05bc..2d293e6928 100644 --- a/cpp/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.expected +++ b/cpp/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.expected @@ -4,10 +4,10 @@ problems | test.cpp:13:10:13:11 | p4 | test.cpp:5:14:5:15 | l2 | test.cpp:13:10:13:11 | p4 | Subtraction between left operand pointing to array $@ and other operand pointing to array $@. | test.cpp:3:7:3:8 | l2 | l2 | test.cpp:2:7:2:8 | l1 | l1 | | test.cpp:13:15:13:16 | l1 | test.cpp:13:15:13:16 | l1 | test.cpp:13:15:13:16 | l1 | Subtraction between right operand pointing to array $@ and other operand pointing to array $@. | test.cpp:2:7:2:8 | l1 | l1 | test.cpp:3:7:3:8 | l2 | l2 | edges -| test.cpp:4:14:4:15 | l1 | test.cpp:4:14:4:18 | access to array | provenance | | +| test.cpp:4:14:4:15 | l1 | test.cpp:4:14:4:18 | access to array | provenance | Config | | test.cpp:4:14:4:18 | access to array | test.cpp:10:10:10:11 | p1 | provenance | | | test.cpp:4:14:4:18 | access to array | test.cpp:12:10:12:11 | p1 | provenance | | -| test.cpp:5:14:5:15 | l2 | test.cpp:5:14:5:19 | access to array | provenance | | +| test.cpp:5:14:5:15 | l2 | test.cpp:5:14:5:19 | access to array | provenance | Config | | test.cpp:5:14:5:19 | access to array | test.cpp:11:10:11:11 | p2 | provenance | | | test.cpp:5:14:5:19 | access to array | test.cpp:12:15:12:16 | p2 | provenance | | | test.cpp:5:14:5:19 | access to array | test.cpp:13:10:13:11 | p4 | provenance | | diff --git a/cpp/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.expected b/cpp/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.expected index f02c9a5712..cab80e0fe0 100644 --- a/cpp/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.expected +++ b/cpp/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.expected @@ -11,17 +11,17 @@ problems | test.cpp:25:7:25:14 | ... >= ... | test.cpp:25:13:25:14 | l3 | test.cpp:25:13:25:14 | l3 | Compare operation >= comparing right operand pointing to array $@ and other operand pointing to array $@. | test.cpp:4:7:4:8 | l3 | l3 | test.cpp:2:7:2:8 | l1 | l1 | edges | test.cpp:6:13:6:14 | l1 | test.cpp:13:12:13:13 | p0 | provenance | | -| test.cpp:7:14:7:15 | l1 | test.cpp:7:14:7:18 | access to array | provenance | | +| test.cpp:7:14:7:15 | l1 | test.cpp:7:14:7:18 | access to array | provenance | Config | | test.cpp:7:14:7:18 | access to array | test.cpp:11:7:11:8 | p1 | provenance | | | test.cpp:7:14:7:18 | access to array | test.cpp:13:7:13:8 | p1 | provenance | | | test.cpp:7:14:7:18 | access to array | test.cpp:15:13:15:14 | p1 | provenance | | | test.cpp:7:14:7:18 | access to array | test.cpp:17:7:17:8 | p1 | provenance | | | test.cpp:7:14:7:18 | access to array | test.cpp:23:13:23:14 | p1 | provenance | | | test.cpp:7:14:7:18 | access to array | test.cpp:25:7:25:8 | p1 | provenance | | -| test.cpp:8:14:8:15 | l1 | test.cpp:8:14:8:18 | access to array | provenance | | +| test.cpp:8:14:8:15 | l1 | test.cpp:8:14:8:18 | access to array | provenance | Config | | test.cpp:8:14:8:18 | access to array | test.cpp:11:12:11:13 | p2 | provenance | | | test.cpp:8:14:8:18 | access to array | test.cpp:21:7:21:8 | p2 | provenance | | -| test.cpp:9:14:9:15 | l2 | test.cpp:9:14:9:18 | access to array | provenance | | +| test.cpp:9:14:9:15 | l2 | test.cpp:9:14:9:18 | access to array | provenance | Config | | test.cpp:9:14:9:18 | access to array | test.cpp:21:12:21:13 | p3 | provenance | | nodes | test.cpp:6:13:6:14 | l1 | semmle.label | l1 | diff --git a/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.expected b/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.expected index 0b23493cfa..7790582443 100644 --- a/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.expected +++ b/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.expected @@ -11,10 +11,11 @@ edges | test.cpp:3:14:3:15 | v1 | test.cpp:7:28:7:29 | v2 | provenance | | | test.cpp:4:13:4:14 | v1 | test.cpp:7:28:7:29 | v2 | provenance | | | test.cpp:5:27:5:28 | v1 | test.cpp:5:27:5:29 | call to shared_ptr | provenance | | +| test.cpp:5:27:5:28 | v1 | test.cpp:5:27:5:29 | call to shared_ptr | provenance | Config | | test.cpp:5:27:5:29 | call to shared_ptr | test.cpp:6:28:6:29 | p1 | provenance | | | test.cpp:5:27:5:29 | call to shared_ptr | test.cpp:6:28:6:29 | p1 | provenance | | -| test.cpp:6:28:6:29 | p1 | test.cpp:6:31:6:33 | call to get | provenance | | -| test.cpp:6:28:6:29 | p1 | test.cpp:6:31:6:33 | call to get | provenance | | +| test.cpp:6:28:6:29 | p1 | test.cpp:6:31:6:33 | call to get | provenance | Config | +| test.cpp:6:28:6:29 | p1 | test.cpp:6:31:6:33 | call to get | provenance | Config | | test.cpp:8:8:8:14 | 0 | test.cpp:9:28:9:29 | v2 | provenance | | | test.cpp:10:8:10:17 | new | test.cpp:11:28:11:29 | v2 | provenance | | | test.cpp:10:8:10:17 | new | test.cpp:12:28:12:29 | v2 | provenance | | From a6feefdc091fc8e37a7534befece084a727cec03 Mon Sep 17 00:00:00 2001 From: knewbury01 Date: Tue, 28 May 2024 17:07:12 +0000 Subject: [PATCH 1817/2573] Bump version to 2.30.0-dev --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- docs/user_manual.md | 12 ++++++------ 16 files changed, 21 insertions(+), 21 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index dbe17ca2fb..41bf9df58b 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards -version: 2.29.0-dev +version: 2.30.0-dev description: CERT C 2016 suites: codeql-suites license: MIT diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index a84477a767..78880f5157 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards-tests -version: 2.29.0-dev +version: 2.30.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index dbb5883476..55a94b0251 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards -version: 2.29.0-dev +version: 2.30.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index fbba717665..0b23b2465b 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards-tests -version: 2.29.0-dev +version: 2.30.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 99fed4df73..4d000d999f 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards -version: 2.29.0-dev +version: 2.30.0-dev description: MISRA C 2012 suites: codeql-suites license: MIT diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index 008295d695..0a877454c4 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards-tests -version: 2.29.0-dev +version: 2.30.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index c6e3fdb38d..9f27965f4a 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards -version: 2.29.0-dev +version: 2.30.0-dev description: AUTOSAR C++14 Guidelines R22-11, R21-11, R20-11, R19-11 and R19-03 suites: codeql-suites license: MIT diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index cd5847c2a4..ca16be3d34 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards-tests -version: 2.29.0-dev +version: 2.30.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index cca8343a99..929bbdf7ea 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards -version: 2.29.0-dev +version: 2.30.0-dev description: CERT C++ 2016 suites: codeql-suites license: MIT diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index 225e9157b9..d1b4a638ce 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards-tests -version: 2.29.0-dev +version: 2.30.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index 548ea472a4..2fd8546ecf 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards -version: 2.29.0-dev +version: 2.30.0-dev license: MIT dependencies: codeql/cpp-all: 0.9.3 diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index b4aff929bd..42e989cb8e 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards-tests -version: 2.29.0-dev +version: 2.30.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index 87e281357a..ae40b0c08e 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards -version: 2.29.0-dev +version: 2.30.0-dev description: MISRA C++ 2008 suites: codeql-suites license: MIT diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index f8015a2a97..c07550679f 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards-tests -version: 2.29.0-dev +version: 2.30.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index d2a0b35dbc..e02c8afddc 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/report-cpp-coding-standards -version: 2.29.0-dev +version: 2.30.0-dev license: MIT dependencies: codeql/cpp-all: 0.9.3 diff --git a/docs/user_manual.md b/docs/user_manual.md index 2112f23c18..98d080059a 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -29,13 +29,13 @@ ## Release information -This user manual documents release `2.29.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). +This user manual documents release `2.30.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). The release page documents the release notes and contains the following artifacts part of the release: -- `code-scanning-cpp-query-pack-2.29.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `supported_rules_list_2.29.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. -- `supported_rules_list_2.29.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. -- `user_manual_2.29.0-dev.md`: This user manual. +- `code-scanning-cpp-query-pack-2.30.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. +- `supported_rules_list_2.30.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. +- `supported_rules_list_2.30.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. +- `user_manual_2.30.0-dev.md`: This user manual. - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards - `checksums.txt`: A text file containing sha256 checksums for the aforementioned artifacts. @@ -496,7 +496,7 @@ This section describes known failure modes for "CodeQL Coding Standards" and des | | Ouf of space | Less output. Some files may be only be partially analyzed, or not analyzed at all. | Error reported on the command line. | Increase space. If it remains an issue report space consumption issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False positives | More output. Results are reported which are not violations of the guidelines. | All reported results must be reviewed. | Report false positive issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False negatives | Less output. Violations of the guidelines are not reported. | Other validation and verification processes during software development should be used to complement the analysis performed by CodeQL Coding Standards. | Report false negative issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | -| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.29.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | +| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.30.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | | | Incorrect deviation record specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation records with a reason. Ensure that all deviation records are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Incorrect deviation permit specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation permits with a reason. Ensure that all deviation permits are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Unapproved use of a deviation record | Less output. Results for guideline violations are not reported. | Validate that the deviation record use is approved by verifying the approved-by attribute of the deviation record specification. | Ensure that each raised deviation record is approved by an independent approver through an auditable process. | From 29d0538a020e89596b10a8817e01fff0c9dc263f Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 3 Jun 2024 15:23:17 +0100 Subject: [PATCH 1818/2573] A7-1-2: Exclude generated variables and variables in uninstantiated templates. --- change_notes/2024-06-03-constexpr-variable.md | 3 +++ .../src/rules/A7-1-2/VariableMissingConstexpr.ql | 6 +++++- cpp/autosar/test/rules/A7-1-2/test.cpp | 12 ++++++++++++ 3 files changed, 20 insertions(+), 1 deletion(-) create mode 100644 change_notes/2024-06-03-constexpr-variable.md diff --git a/change_notes/2024-06-03-constexpr-variable.md b/change_notes/2024-06-03-constexpr-variable.md new file mode 100644 index 0000000000..1731e7de5b --- /dev/null +++ b/change_notes/2024-06-03-constexpr-variable.md @@ -0,0 +1,3 @@ + - `A7-1-2` - `VariableMissingConstexpr.ql`: + - Remove false positives for compiler generated variables + - Remove results in uninstantiated templates that cause false positives \ No newline at end of file diff --git a/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql b/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql index 13272c8169..4a97e84493 100644 --- a/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql +++ b/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql @@ -62,5 +62,9 @@ where // Not assigned by a user in a constructor not exists(ConstructorFieldInit cfi | cfi.getTarget() = v and not cfi.isCompilerGenerated()) and // Ignore union members - not v.getDeclaringType() instanceof Union + not v.getDeclaringType() instanceof Union and + // Exclude variables in uninstantiated templates, as they may be incomplete + not v.isFromUninstantiatedTemplate(_) and + // Exclude compiler generated variables, which are not user controllable + not v.isCompilerGenerated() select v, "Variable " + v.getName() + " could be marked 'constexpr'." diff --git a/cpp/autosar/test/rules/A7-1-2/test.cpp b/cpp/autosar/test/rules/A7-1-2/test.cpp index a3b7baea83..210a386543 100644 --- a/cpp/autosar/test/rules/A7-1-2/test.cpp +++ b/cpp/autosar/test/rules/A7-1-2/test.cpp @@ -264,4 +264,16 @@ constexpr void fp_reported_in_466(int p) { // compile time constant int l26 = add4(1, l3); // COMPLIANT - l3 is not compile time constant on all paths +} + +template T* init(T** t) { } + +template T* init() { + T* t = nullptr; // COMPLIANT - initialized below + init(&t); // Init is ignored in uninitialized template + return t; +} + +void test_template_instantiation() { + int* t = init(); } \ No newline at end of file From 9ca0d42a6e32a395dccff48fb1eb16476ccac1ce Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 3 Jun 2024 16:51:30 +0100 Subject: [PATCH 1819/2573] A3-1-5: Remove invalid interpretation of rule As per: https://forum.misra.org.uk/archive/index.php?thread-1588.html --- ...teFunctionDefinedOutsideClassDefinition.ql | 51 ------------------- ...tionDefinedOutsideClassDefinition.expected | 7 --- ...unctionDefinedOutsideClassDefinition.qlref | 1 - 3 files changed, 59 deletions(-) delete mode 100644 cpp/autosar/src/rules/A3-1-5/TrivialOrTemplateFunctionDefinedOutsideClassDefinition.ql delete mode 100644 cpp/autosar/test/rules/A3-1-5/TrivialOrTemplateFunctionDefinedOutsideClassDefinition.expected delete mode 100644 cpp/autosar/test/rules/A3-1-5/TrivialOrTemplateFunctionDefinedOutsideClassDefinition.qlref diff --git a/cpp/autosar/src/rules/A3-1-5/TrivialOrTemplateFunctionDefinedOutsideClassDefinition.ql b/cpp/autosar/src/rules/A3-1-5/TrivialOrTemplateFunctionDefinedOutsideClassDefinition.ql deleted file mode 100644 index 920875ca3b..0000000000 --- a/cpp/autosar/src/rules/A3-1-5/TrivialOrTemplateFunctionDefinedOutsideClassDefinition.ql +++ /dev/null @@ -1,51 +0,0 @@ -/** - * @id cpp/autosar/trivial-or-template-function-defined-outside-class-definition - * @name A3-1-5: A function shall be defined with a class body if and only if it is intended to be inlined - * @description A function that is either trivial, a template function, or a member of a template - * class may not be defined outside of a class body. - * @kind problem - * @precision very-high - * @problem.severity recommendation - * @tags external/autosar/id/a3-1-5 - * external/autosar/allocated-target/design - * external/autosar/enforcement/partially-automated - * external/autosar/obligation/required - */ - -import cpp -import codingstandards.cpp.autosar -import codingstandards.cpp.Class - -/* - * Find instances of `MemberFunction` where the `MemberFunction` is trivial - * and it is not inlined within the class. - */ - -from MemberFunction mf, string kind -where - not isExcluded(mf, ClassesPackage::trivialOrTemplateFunctionDefinedOutsideClassDefinitionQuery()) and - // The member function `mf` is not defined in the class body. - exists(FunctionDeclarationEntry fde | - fde = mf.getClassBodyDeclarationEntry() and not fde.isDefinition() - ) and - //ignore destructors - not mf instanceof Destructor and - // Report functions that are NOT defined in the class body if they are either trivial or - // either a template member or part of a template class (i.e., they should - // be defined in the class body) - ( - if - mf instanceof TemplateOrTemplateClassMemberFunction and - mf instanceof TrivialMemberFunction - then kind = "template" - else - if mf instanceof TrivialMemberFunction - then kind = "trivial" - else - if mf instanceof TemplateOrTemplateClassMemberFunction - then kind = "template" - else none() - ) -select mf, - "The " + kind + " member function " + mf.getName() + " is not defined in the class body of $@.", - mf.getDeclaringType(), mf.getDeclaringType().getName() diff --git a/cpp/autosar/test/rules/A3-1-5/TrivialOrTemplateFunctionDefinedOutsideClassDefinition.expected b/cpp/autosar/test/rules/A3-1-5/TrivialOrTemplateFunctionDefinedOutsideClassDefinition.expected deleted file mode 100644 index af8a1d4588..0000000000 --- a/cpp/autosar/test/rules/A3-1-5/TrivialOrTemplateFunctionDefinedOutsideClassDefinition.expected +++ /dev/null @@ -1,7 +0,0 @@ -| test.cpp:58:5:58:11 | getB | The trivial member function getB is not defined in the class body of $@. | test.cpp:2:7:2:7 | A | A | -| test.cpp:60:25:60:28 | d | The template member function d is not defined in the class body of $@. | test.cpp:2:7:2:7 | A | A | -| test.cpp:62:5:62:8 | b | The trivial member function b is not defined in the class body of $@. | test.cpp:2:7:2:7 | A | A | -| test.cpp:81:34:81:57 | complexCalculation | The template member function complexCalculation is not defined in the class body of $@. | test.cpp:64:29:64:29 | B | B | -| test.cpp:97:47:97:53 | d | The template member function d is not defined in the class body of $@. | test.cpp:64:29:64:29 | B | B | -| test.cpp:101:27:101:33 | b | The template member function b is not defined in the class body of $@. | test.cpp:64:29:64:29 | B | B | -| test.cpp:106:27:106:36 | getB | The template member function getB is not defined in the class body of $@. | test.cpp:64:29:64:29 | B | B | diff --git a/cpp/autosar/test/rules/A3-1-5/TrivialOrTemplateFunctionDefinedOutsideClassDefinition.qlref b/cpp/autosar/test/rules/A3-1-5/TrivialOrTemplateFunctionDefinedOutsideClassDefinition.qlref deleted file mode 100644 index c644147bb4..0000000000 --- a/cpp/autosar/test/rules/A3-1-5/TrivialOrTemplateFunctionDefinedOutsideClassDefinition.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/A3-1-5/TrivialOrTemplateFunctionDefinedOutsideClassDefinition.ql \ No newline at end of file From f1024ae1ca5109f925e9ab7d78e0dd6b8e4c540a Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 3 Jun 2024 17:10:34 +0100 Subject: [PATCH 1820/2573] A3-1-5: Exclude member functions in template instantiations --- cpp/autosar/test/rules/A3-1-5/test.cpp | 59 +++++++++++++++++--- cpp/common/src/codingstandards/cpp/Class.qll | 5 +- 2 files changed, 55 insertions(+), 9 deletions(-) diff --git a/cpp/autosar/test/rules/A3-1-5/test.cpp b/cpp/autosar/test/rules/A3-1-5/test.cpp index eb5bc9edb7..62edb8f582 100644 --- a/cpp/autosar/test/rules/A3-1-5/test.cpp +++ b/cpp/autosar/test/rules/A3-1-5/test.cpp @@ -23,7 +23,7 @@ class A { int complexCalculation(); - int gcd(int a, int b) { + int gcd(int a, int b) { // NON_COMPLIANT if (b == 0) return a; int result = gcd(b, (a % b)); @@ -55,11 +55,11 @@ inline int A::complexCalculation() { // COMPLIANT return 1; } -int A::getB() { return 1; } // NON_COMPLIANT +int A::getB() { return 1; } // COMPLIANT -template T A::d(T t) { return t; } // NON_COMPLIANT +template T A::d(T t) { return t; } // COMPLIANT -int A::b() { return 3; } // NON_COMPLIANT +int A::b() { return 3; } // COMPLIANT template class B { public: @@ -76,9 +76,30 @@ template class B { template T d(T t); int complexCalculation(); + + int complexCalculation2() { // COMPLIANT - template + ; + ; + ; + ; + ; + ; + ; + ; + ; + ; + ; + ; + return 1; + } }; -template inline int B::complexCalculation() { // NON_COMPLIANT +void test_B() { + B b; + b.complexCalculation2(); +} + +template inline int B::complexCalculation() { // COMPLIANT ; ; ; @@ -94,16 +115,16 @@ template inline int B::complexCalculation() { // NON_COMPLIANT return 1; } -template template T B::d(T t) { // NON_COMPLIANT +template template T B::d(T t) { // COMPLIANT return t; } -template int B::b() { // NON_COMPLIANT +template int B::b() { // COMPLIANT C c; return 3; } -template int B::getB() { return 3; } // NON_COMPLIANT +template int B::getB() { return 3; } // COMPLIANT template class Foo { public: @@ -121,8 +142,30 @@ class FooBar { public: ~FooBar(); int f1(int a, int b); + + template int complexCalculation() { // COMPLIANT - template + ; + ; + ; + ; + ; + ; + ; + ; + ; + ; + ; + ; + return 1; + } }; +void test_FooBar() { + FooBar foobar; + foobar.complexCalculation(); +} + + FooBar::~FooBar() {} // COMPLIANT want to ignore pImpl uses of destructors int FooBar::f1(int a, int b) { // COMPLIANT not a trivial function diff --git a/cpp/common/src/codingstandards/cpp/Class.qll b/cpp/common/src/codingstandards/cpp/Class.qll index 19bec9fa5f..09d39ce6f8 100644 --- a/cpp/common/src/codingstandards/cpp/Class.qll +++ b/cpp/common/src/codingstandards/cpp/Class.qll @@ -192,7 +192,10 @@ class TrivialMemberFunction extends IntrospectedMemberFunction { * class. */ class TemplateOrTemplateClassMemberFunction extends MemberFunction { - TemplateOrTemplateClassMemberFunction() { isFromUninstantiatedTemplate(_) } + TemplateOrTemplateClassMemberFunction() { + isFromUninstantiatedTemplate(_) or + isFromTemplateInstantiation(_) + } } /** From 648f58350e46af55924f3010bfd28387d99122ce Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 5 Jun 2024 14:05:39 +0100 Subject: [PATCH 1821/2573] Address review comments --- change_notes/2024-06-03-constexpr-variable.md | 3 +-- .../src/rules/A7-1-2/VariableMissingConstexpr.ql | 2 +- cpp/autosar/test/rules/A7-1-2/test.cpp | 14 ++++++-------- 3 files changed, 8 insertions(+), 11 deletions(-) diff --git a/change_notes/2024-06-03-constexpr-variable.md b/change_notes/2024-06-03-constexpr-variable.md index 1731e7de5b..1da02b5d9f 100644 --- a/change_notes/2024-06-03-constexpr-variable.md +++ b/change_notes/2024-06-03-constexpr-variable.md @@ -1,3 +1,2 @@ - `A7-1-2` - `VariableMissingConstexpr.ql`: - - Remove false positives for compiler generated variables - - Remove results in uninstantiated templates that cause false positives \ No newline at end of file + - Fixes #607. Remove false positives for compiler generated variables and in uninstantiated templates \ No newline at end of file diff --git a/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql b/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql index 4a97e84493..f0adab07d4 100644 --- a/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql +++ b/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql @@ -67,4 +67,4 @@ where not v.isFromUninstantiatedTemplate(_) and // Exclude compiler generated variables, which are not user controllable not v.isCompilerGenerated() -select v, "Variable " + v.getName() + " could be marked 'constexpr'." +select v, "Variable '" + v.getName() + "' could be marked 'constexpr'." diff --git a/cpp/autosar/test/rules/A7-1-2/test.cpp b/cpp/autosar/test/rules/A7-1-2/test.cpp index 210a386543..8395f60ff3 100644 --- a/cpp/autosar/test/rules/A7-1-2/test.cpp +++ b/cpp/autosar/test/rules/A7-1-2/test.cpp @@ -266,14 +266,12 @@ constexpr void fp_reported_in_466(int p) { add4(1, l3); // COMPLIANT - l3 is not compile time constant on all paths } -template T* init(T** t) { } +template T *init(T **t) {} -template T* init() { - T* t = nullptr; // COMPLIANT - initialized below - init(&t); // Init is ignored in uninitialized template - return t; +template T *init() { + T *t = nullptr; // COMPLIANT - initialized below + init(&t); // Init is ignored in uninitialized template + return t; } -void test_template_instantiation() { - int* t = init(); -} \ No newline at end of file +void test_template_instantiation() { int *t = init(); } \ No newline at end of file From 766504c922a430451637f232d76996167e83d753 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 5 Jun 2024 15:05:57 +0100 Subject: [PATCH 1822/2573] Add expected results file --- .../A7-1-2/VariableMissingConstexpr.expected | 46 +++++++++---------- 1 file changed, 23 insertions(+), 23 deletions(-) diff --git a/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected b/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected index dbf223e0cf..f86faf1a7b 100644 --- a/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected +++ b/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected @@ -1,23 +1,23 @@ -| test.cpp:4:5:4:6 | g1 | Variable g1 could be marked 'constexpr'. | -| test.cpp:6:5:6:6 | g2 | Variable g2 could be marked 'constexpr'. | -| test.cpp:13:14:13:15 | lc | Variable lc could be marked 'constexpr'. | -| test.cpp:15:14:15:16 | lca | Variable lca could be marked 'constexpr'. | -| test.cpp:23:15:23:17 | lc2 | Variable lc2 could be marked 'constexpr'. | -| test.cpp:25:15:25:18 | lc2a | Variable lc2a could be marked 'constexpr'. | -| test.cpp:41:14:41:15 | l2 | Variable l2 could be marked 'constexpr'. | -| test.cpp:44:16:44:17 | lc | Variable lc could be marked 'constexpr'. | -| test.cpp:45:17:45:19 | lc2 | Variable lc2 could be marked 'constexpr'. | -| test.cpp:55:7:55:8 | m2 | Variable m2 could be marked 'constexpr'. | -| test.cpp:130:7:130:8 | m1 | Variable m1 could be marked 'constexpr'. | -| test.cpp:141:7:141:8 | m1 | Variable m1 could be marked 'constexpr'. | -| test.cpp:221:7:221:8 | l1 | Variable l1 could be marked 'constexpr'. | -| test.cpp:235:7:235:8 | l6 | Variable l6 could be marked 'constexpr'. | -| test.cpp:237:7:237:8 | l8 | Variable l8 could be marked 'constexpr'. | -| test.cpp:240:7:240:9 | l10 | Variable l10 could be marked 'constexpr'. | -| test.cpp:243:7:243:9 | l12 | Variable l12 could be marked 'constexpr'. | -| test.cpp:248:7:248:9 | l15 | Variable l15 could be marked 'constexpr'. | -| test.cpp:250:7:250:9 | l16 | Variable l16 could be marked 'constexpr'. | -| test.cpp:251:7:251:9 | l17 | Variable l17 could be marked 'constexpr'. | -| test.cpp:257:7:257:9 | l21 | Variable l21 could be marked 'constexpr'. | -| test.cpp:262:7:262:9 | l24 | Variable l24 could be marked 'constexpr'. | -| test.cpp:263:7:263:9 | l25 | Variable l25 could be marked 'constexpr'. | +| test.cpp:4:5:4:6 | g1 | Variable 'g1' could be marked 'constexpr'. | +| test.cpp:6:5:6:6 | g2 | Variable 'g2' could be marked 'constexpr'. | +| test.cpp:13:14:13:15 | lc | Variable 'lc' could be marked 'constexpr'. | +| test.cpp:15:14:15:16 | lca | Variable 'lca' could be marked 'constexpr'. | +| test.cpp:23:15:23:17 | lc2 | Variable 'lc2' could be marked 'constexpr'. | +| test.cpp:25:15:25:18 | lc2a | Variable 'lc2a' could be marked 'constexpr'. | +| test.cpp:41:14:41:15 | l2 | Variable 'l2' could be marked 'constexpr'. | +| test.cpp:44:16:44:17 | lc | Variable 'lc' could be marked 'constexpr'. | +| test.cpp:45:17:45:19 | lc2 | Variable 'lc2' could be marked 'constexpr'. | +| test.cpp:55:7:55:8 | m2 | Variable 'm2' could be marked 'constexpr'. | +| test.cpp:130:7:130:8 | m1 | Variable 'm1' could be marked 'constexpr'. | +| test.cpp:141:7:141:8 | m1 | Variable 'm1' could be marked 'constexpr'. | +| test.cpp:221:7:221:8 | l1 | Variable 'l1' could be marked 'constexpr'. | +| test.cpp:235:7:235:8 | l6 | Variable 'l6' could be marked 'constexpr'. | +| test.cpp:237:7:237:8 | l8 | Variable 'l8' could be marked 'constexpr'. | +| test.cpp:240:7:240:9 | l10 | Variable 'l10' could be marked 'constexpr'. | +| test.cpp:243:7:243:9 | l12 | Variable 'l12' could be marked 'constexpr'. | +| test.cpp:248:7:248:9 | l15 | Variable 'l15' could be marked 'constexpr'. | +| test.cpp:250:7:250:9 | l16 | Variable 'l16' could be marked 'constexpr'. | +| test.cpp:251:7:251:9 | l17 | Variable 'l17' could be marked 'constexpr'. | +| test.cpp:257:7:257:9 | l21 | Variable 'l21' could be marked 'constexpr'. | +| test.cpp:262:7:262:9 | l24 | Variable 'l24' could be marked 'constexpr'. | +| test.cpp:263:7:263:9 | l25 | Variable 'l25' could be marked 'constexpr'. | From d8986c951fad9c8f5802f34c0b96e6f230b0124c Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 6 Jun 2024 11:51:57 +0100 Subject: [PATCH 1823/2573] Update function constexpr expected results --- .../test/rules/A7-1-2/FunctionMissingConstexpr.expected | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/cpp/autosar/test/rules/A7-1-2/FunctionMissingConstexpr.expected b/cpp/autosar/test/rules/A7-1-2/FunctionMissingConstexpr.expected index 666721d0ad..a6de3fd724 100644 --- a/cpp/autosar/test/rules/A7-1-2/FunctionMissingConstexpr.expected +++ b/cpp/autosar/test/rules/A7-1-2/FunctionMissingConstexpr.expected @@ -10,3 +10,7 @@ | test.cpp:162:3:162:26 | VariantMemberInitialized | VariantMemberInitialized function could be marked as 'constexpr'. | | test.cpp:163:3:163:26 | VariantMemberInitialized | VariantMemberInitialized function could be marked as 'constexpr'. | | test.cpp:190:3:190:22 | VariantMemberNotInit | VariantMemberNotInit function could be marked as 'constexpr'. | +| test.cpp:269:26:269:26 | init | init function could be marked as 'constexpr'. | +| test.cpp:269:26:269:29 | init | init function could be marked as 'constexpr'. | +| test.cpp:271:26:271:26 | init | init function could be marked as 'constexpr'. | +| test.cpp:277:6:277:32 | test_template_instantiation | test_template_instantiation function could be marked as 'constexpr'. | From 17f3a32f121e47e53015448e2c5e3aaca31105f4 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 7 Jun 2024 10:57:06 +0100 Subject: [PATCH 1824/2573] M0-1-3: Exclude uninstantiated variable templates These cause false positives because they are never considered "used". --- .../rules/M0-1-3/UnusedLocalVariable.expected | 1 + cpp/autosar/test/rules/M0-1-3/test.cpp | 21 +++++++++++++++++++ .../cpp/deadcode/UnusedVariables.qll | 15 +++++++++++-- 3 files changed, 35 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/test/rules/M0-1-3/UnusedLocalVariable.expected b/cpp/autosar/test/rules/M0-1-3/UnusedLocalVariable.expected index 77eb030716..d6f398369f 100644 --- a/cpp/autosar/test/rules/M0-1-3/UnusedLocalVariable.expected +++ b/cpp/autosar/test/rules/M0-1-3/UnusedLocalVariable.expected @@ -4,3 +4,4 @@ | test.cpp:23:5:23:5 | t | Local variable 't' in 'f1' is not used. | | test.cpp:23:5:23:5 | t | Local variable 't' in 'f1' is not used. | | test.cpp:44:6:44:6 | a | Local variable 'a' in 'test_side_effect_init' is not used. | +| test.cpp:91:5:91:5 | t | Local variable 't' in 'template_function' is not used. | diff --git a/cpp/autosar/test/rules/M0-1-3/test.cpp b/cpp/autosar/test/rules/M0-1-3/test.cpp index 9dbe9692cd..a2b0dda35d 100644 --- a/cpp/autosar/test/rules/M0-1-3/test.cpp +++ b/cpp/autosar/test/rules/M0-1-3/test.cpp @@ -78,3 +78,24 @@ int baz() { test_constexpr_in_static_assert(); return 0; } + +template extern constexpr bool all_of_v = true; // COMPLIANT + +template +extern constexpr bool all_of_v = + B1 && all_of_v; // COMPLIANT + +void test_template_variable() { all_of_v; } + +template void template_function() { + T t; // NON_COMPLIANT - t is never used + T t2; // COMPLIANT - t is used + t2.test(); // Call may not be resolved in uninstantiated template +} + +class ClassT { +public: + void test() {} +}; + +void test_template_function() { template_function(); } \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll b/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll index 077c35a2aa..e4048472d3 100644 --- a/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll +++ b/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll @@ -49,6 +49,11 @@ class PotentiallyUnusedLocalVariable extends LocalVariable { // Ignore functions with error expressions as they indicate expressions that the extractor couldn't process not any(ErrorExpr e).getEnclosingFunction() = f ) + // ) and + // // exclude uninstantiated template members + // not this.isFromUninstantiatedTemplate(_) and + // // Do not report compiler generated variables + // not this.isCompilerGenerated() } } @@ -95,7 +100,9 @@ class PotentiallyUnusedMemberVariable extends MemberVariable { // Lambda captures are not "real" member variables - it's an implementation detail that they are represented that way not this = any(LambdaCapture lc).getField() and // exclude uninstantiated template members - not this.isFromUninstantiatedTemplate(_) + not this.isFromUninstantiatedTemplate(_) and + // Do not report compiler generated variables + not this.isCompilerGenerated() } } @@ -107,7 +114,11 @@ class PotentiallyUnusedGlobalOrNamespaceVariable extends GlobalOrNamespaceVariab // Not declared in a macro expansion not isInMacroExpansion() and // No side-effects from declaration - not declarationHasSideEffects(this) + not declarationHasSideEffects(this) and + // exclude uninstantiated template members + not this.isFromUninstantiatedTemplate(_) and + // Do not report compiler generated variables + not this.isCompilerGenerated() } } From b9e5820a0e1905bf01b8b2606a84e35b4d1d73df Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 10 Jun 2024 21:28:29 +0200 Subject: [PATCH 1825/2573] Update rules.csv --- rules.csv | 56 +++++++++++++++++++++++++++---------------------------- 1 file changed, 28 insertions(+), 28 deletions(-) diff --git a/rules.csv b/rules.csv index 239ac09023..70eb09b59c 100644 --- a/rules.csv +++ b/rules.csv @@ -868,49 +868,49 @@ cpp,MISRA-C++-2023,RULE-9-6-5,Yes,Required,Decidable,Single Translation Unit,A f cpp,MISRA-C++-2023,RULE-10-0-1,Yes,Advisory,Decidable,Single Translation Unit,A declaration should not declare more than one variable or member variable,M8-0-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-10-1-1,Yes,Advisory,Decidable,Single Translation Unit,The target type of a pointer or lvalue reference parameter should be const-qualified appropriately,RULE-8-13,,Hard, cpp,MISRA-C++-2023,RULE-10-1-2,Yes,Required,Decidable,Single Translation Unit,The volatile qualifier shall be used appropriately,,,Easy, -cpp,MISRA-C++-2023,RULE-10-2-1,Yes,Required,Decidable,Single Translation Unit,An enumeration shall be defined with an explicit underlying type,A7-2-2,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-10-2-1,Yes,Required,Decidable,Single Translation Unit,An enumeration shall be defined with an explicit underlying type,A7-2-2,ImportMisra23b,Import, cpp,MISRA-C++-2023,RULE-10-2-2,Yes,Advisory,Decidable,Single Translation Unit,Unscoped enumerations should not be declared,A7-2-3,,Easy, cpp,MISRA-C++-2023,RULE-10-2-3,Yes,Required,Decidable,Single Translation Unit,The numeric value of an unscoped enumeration with no fixed underlying type shall not be used,A4-5-1,,Easy, cpp,MISRA-C++-2023,RULE-10-3-1,Yes,Advisory,Decidable,Single Translation Unit,There should be no unnamed namespaces in header files,"DCL59-CPP, M7-3-3",,Easy, -cpp,MISRA-C++-2023,RULE-10-4-1,Yes,Required,Decidable,Single Translation Unit,The asm declaration shall not be used,A7-4-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-10-4-1,Yes,Required,Decidable,Single Translation Unit,The asm declaration shall not be used,A7-4-1,ImportMisra23b,Import, cpp,MISRA-C++-2023,RULE-11-3-1,Yes,Advisory,Decidable,Single Translation Unit,Variables of array type should not be declared,,,Easy, cpp,MISRA-C++-2023,RULE-11-3-2,Yes,Advisory,Decidable,Single Translation Unit,The declaration of an object should contain no more than two levels of pointer indirection,A5-0-3,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-11-6-1,Yes,Advisory,Decidable,Single Translation Unit,All variables should be initialized,,,Easy, cpp,MISRA-C++-2023,RULE-11-6-2,Yes,Mandatory,Undecidable,System,The value of an object must not be read before it has been set,A8-5-0,,Very Hard, -cpp,MISRA-C++-2023,RULE-11-6-3,Yes,Required,Decidable,Single Translation Unit,"Within an enumerator list, the value of an implicitly-specified enumeration constant shall be unique",RULE-8-12,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-11-6-3,Yes,Required,Decidable,Single Translation Unit,"Within an enumerator list, the value of an implicitly-specified enumeration constant shall be unique",RULE-8-12,ImportMisra23b,Import, cpp,MISRA-C++-2023,RULE-12-2-1,Yes,Advisory,Decidable,Single Translation Unit,Bit-fields should not be declared,A9-6-2,,Easy, -cpp,MISRA-C++-2023,RULE-12-2-2,Yes,Required,Decidable,Single Translation Unit,A bit-field shall have an appropriate type,RULE-6-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-12-2-3,Yes,Required,Decidable,Single Translation Unit,A named bit-field with signed integer type shall not have a length of one bit,"RULE-6-2, M9-6-4",ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-12-2-2,Yes,Required,Decidable,Single Translation Unit,A bit-field shall have an appropriate type,RULE-6-1,ImportMisra23b,Import, +cpp,MISRA-C++-2023,RULE-12-2-3,Yes,Required,Decidable,Single Translation Unit,A named bit-field with signed integer type shall not have a length of one bit,"RULE-6-2, M9-6-4",ImportMisra23b,Import, cpp,MISRA-C++-2023,RULE-12-3-1,Yes,Required,Decidable,Single Translation Unit,The union keyword shall not be used,RULE-19-2,,Easy, cpp,MISRA-C++-2023,RULE-13-1-1,Yes,Advisory,Decidable,Single Translation Unit,Classes should not be inherited virtually,,,Easy, -cpp,MISRA-C++-2023,RULE-13-1-2,Yes,Required,Decidable,Single Translation Unit,An accessible base class shall not be both virtual and non-virtual in the same hierarchy,M10-1-3,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-13-1-2,Yes,Required,Decidable,Single Translation Unit,An accessible base class shall not be both virtual and non-virtual in the same hierarchy,M10-1-3,ImportMisra23b,Import, cpp,MISRA-C++-2023,RULE-13-3-1,Yes,Required,Decidable,Single Translation Unit,"User-declared member functions shall use the virtual, override and final specifiers appropriately",,,Easy, -cpp,MISRA-C++-2023,RULE-13-3-2,Yes,Required,Decidable,Single Translation Unit,Parameters in an overriding virtual function shall not specify different default arguments,M8-3-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-13-3-3,Yes,Required,Decidable,System,The parameters in all declarations or overrides of a function shall either be unnamed or have identical names,A15-1-2,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-13-3-4,Yes,Required,Decidable,Single Translation Unit,A comparison of a potentially virtual pointer to member function shall only be with nullptr,A5-10-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-13-3-2,Yes,Required,Decidable,Single Translation Unit,Parameters in an overriding virtual function shall not specify different default arguments,M8-3-1,ImportMisra23b,Import, +cpp,MISRA-C++-2023,RULE-13-3-3,Yes,Required,Decidable,System,The parameters in all declarations or overrides of a function shall either be unnamed or have identical names,A15-1-2,ImportMisra23b,Import, +cpp,MISRA-C++-2023,RULE-13-3-4,Yes,Required,Decidable,Single Translation Unit,A comparison of a potentially virtual pointer to member function shall only be with nullptr,A5-10-1,ImportMisra23b,Import, cpp,MISRA-C++-2023,RULE-14-1-1,Yes,Advisory,Decidable,Single Translation Unit,Non-static data members should be either all private or all public,,,Easy, cpp,MISRA-C++-2023,RULE-15-0-1,Yes,Required,Decidable,Single Translation Unit,Special member functions shall be provided appropriately,A12-0-1,,Medium, cpp,MISRA-C++-2023,RULE-15-0-2,Yes,Advisory,Decidable,Single Translation Unit,User-provided copy and move member functions of a class should have appropriate signatures,,,Easy, -cpp,MISRA-C++-2023,RULE-15-1-1,Yes,Required,Undecidable,System,An object’s dynamic type shall not be used from within its constructor or destructor,M12-1-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-15-1-2,Yes,Advisory,Decidable,Single Translation Unit,All constructors of a class should explicitly initialize all of its virtual base classes and immediate base classes,A12-1-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-15-1-1,Yes,Required,Undecidable,System,An object’s dynamic type shall not be used from within its constructor or destructor,M12-1-1,ImportMisra23b,Import, +cpp,MISRA-C++-2023,RULE-15-1-2,Yes,Advisory,Decidable,Single Translation Unit,All constructors of a class should explicitly initialize all of its virtual base classes and immediate base classes,A12-1-1,ImportMisra23b,Import, cpp,MISRA-C++-2023,RULE-15-1-3,Yes,Required,Decidable,Single Translation Unit,Conversion operators and constructors that are callable with a single argument shall be explicit,"A12-1-4,A13-5-2",,Easy, cpp,MISRA-C++-2023,RULE-15-1-4,Yes,Advisory,Decidable,Single Translation Unit,"All direct, non-static data members of a class should be initialized before the class object is accessible",,,Hard, -cpp,MISRA-C++-2023,RULE-15-1-5,Yes,Required,Decidable,Single Translation Unit,A class shall only define an initializer-list constructor when it is the only constructor,A8-5-4,ImportMisra23,Import, -cpp,MISRA-C++-2023,DIR-15-8-1,Yes,Required,Decidable,Implementation,User-provided copy assignment operators and move assignment operators shall handle self-assignment,A12-8-5,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-15-1-5,Yes,Required,Decidable,Single Translation Unit,A class shall only define an initializer-list constructor when it is the only constructor,A8-5-4,ImportMisra23b,Import, +cpp,MISRA-C++-2023,DIR-15-8-1,Yes,Required,Decidable,Implementation,User-provided copy assignment operators and move assignment operators shall handle self-assignment,A12-8-5,ImportMisra23b,Import, cpp,MISRA-C++-2023,RULE-16-5-1,Yes,Required,Decidable,Single Translation Unit,The logical AND and logical OR operators shall not be overloaded,M5-2-11,,Easy, -cpp,MISRA-C++-2023,RULE-16-5-2,Yes,Required,Decidable,Single Translation Unit,The address-of operator shall not be overloaded,M5-3-3,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-16-5-2,Yes,Required,Decidable,Single Translation Unit,The address-of operator shall not be overloaded,M5-3-3,ImportMisra23b,Import, cpp,MISRA-C++-2023,RULE-16-6-1,Yes,Advisory,Decidable,Single Translation Unit,Symmetrical operators should only be implemented as non-member functions,,,Medium, -cpp,MISRA-C++-2023,RULE-17-8-1,Yes,Required,Decidable,Single Translation Unit,Function templates shall not be explicitly specialized,A14-8-2,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-18-1-1,Yes,Required,Decidable,Single Translation Unit,An exception object shall not have pointer type,A15-1-2,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-18-1-2,Yes,Required,Decidable,Single Translation Unit,An empty throw shall only occur within the compound-statement of a catch handler,M15-1-3,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-17-8-1,Yes,Required,Decidable,Single Translation Unit,Function templates shall not be explicitly specialized,A14-8-2,ImportMisra23b,Import, +cpp,MISRA-C++-2023,RULE-18-1-1,Yes,Required,Decidable,Single Translation Unit,An exception object shall not have pointer type,A15-1-2,ImportMisra23b,Import, +cpp,MISRA-C++-2023,RULE-18-1-2,Yes,Required,Decidable,Single Translation Unit,An empty throw shall only occur within the compound-statement of a catch handler,M15-1-3,ImportMisra23b,Import, cpp,MISRA-C++-2023,RULE-18-3-1,Yes,Advisory,Decidable,Single Translation Unit,There should be at least one exception handler to catch all otherwise unhandled exceptions,A15-3-3,,Easy, cpp,MISRA-C++-2023,RULE-18-3-2,Yes,Required,Decidable,Single Translation Unit,An exception of class type shall be caught by const reference or reference,A15-3-5,,Easy, cpp,MISRA-C++-2023,RULE-18-3-3,Yes,Required,Decidable,Single Translation Unit,Handlers for a function-try-block of a constructor or destructor shall not refer to non-static members from their class or its bases,M15-3-3,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-18-4-1,Yes,Required,Decidable,Single Translation Unit,Exception-unfriendly functions shall be noexcept,A15-5-1,,Easy, -cpp,MISRA-C++-2023,RULE-18-5-1,Yes,Advisory,Undecidable,System,A noexcept function should not attempt to propagate an exception to the calling function,A15-4-2,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-18-5-1,Yes,Advisory,Undecidable,System,A noexcept function should not attempt to propagate an exception to the calling function,A15-4-2,ImportMisra23b,Import, cpp,MISRA-C++-2023,RULE-18-5-2,Yes,Advisory,Decidable,Single Translation Unit,Program-terminating functions should not be used,,,Easy, cpp,MISRA-C++-2023,RULE-19-0-1,No,Required,Decidable,Single Translation Unit,A line whose first token is # shall be a valid preprocessing directive,,,, -cpp,MISRA-C++-2023,RULE-19-0-2,Yes,Required,Decidable,Single Translation Unit,Function-like macros shall not be defined,DIR-4-9,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-19-0-2,Yes,Required,Decidable,Single Translation Unit,Function-like macros shall not be defined,DIR-4-9,ImportMisra23b,Import, cpp,MISRA-C++-2023,RULE-19-0-3,Yes,Advisory,Decidable,Single Translation Unit,#include directives should only be preceded by preprocessor directives or comments,RULE-20-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-19-0-4,Yes,Advisory,Decidable,Single Translation Unit,#undef should only be used for macros defined previously in the same file,,,Easy, cpp,MISRA-C++-2023,RULE-19-1-1,Yes,Required,Decidable,Single Translation Unit,The defined preprocessor operator shall be used appropriately,M16-1-1,,Easy, @@ -920,23 +920,23 @@ cpp,MISRA-C++-2023,RULE-19-2-1,Yes,Required,Decidable,Single Translation Unit,Pr cpp,MISRA-C++-2023,RULE-19-2-2,Yes,Required,Decidable,Single Translation Unit,"The #include directive shall be followed by either a or ""filename"" sequence",,,Easy, cpp,MISRA-C++-2023,RULE-19-2-3,Yes,Required,Decidable,Single Translation Unit,"The ' or "" or \ characters and the /* or // character sequences shall not occur in a header file name",A16-2-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-19-3-1,Yes,Advisory,Decidable,Single Translation Unit,The # and ## preprocessor operators should not be used,M16-3-2,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-19-3-2,Yes,Required,Decidable,Single Translation Unit,A macro parameter immediately following a # operator shall not be immediately followed by a ## operator,RULE-20-11,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-19-3-3,Yes,Required,Decidable,Single Translation Unit,The argument to a mixed-use macro parameter shall not be subject to further expansion,RULE-20-12,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-19-3-2,Yes,Required,Decidable,Single Translation Unit,A macro parameter immediately following a # operator shall not be immediately followed by a ## operator,RULE-20-11,ImportMisra23b,Import, +cpp,MISRA-C++-2023,RULE-19-3-3,Yes,Required,Decidable,Single Translation Unit,The argument to a mixed-use macro parameter shall not be subject to further expansion,RULE-20-12,ImportMisra23b,Import, cpp,MISRA-C++-2023,RULE-19-3-4,Yes,Required,Decidable,Single Translation Unit,Parentheses shall be used to ensure macro arguments are expanded appropriately,M16-0-6,,Medium, cpp,MISRA-C++-2023,RULE-19-3-5,Yes,Required,Decidable,Single Translation Unit,Tokens that look like a preprocessing directive shall not occur within a macro argument,RULE-20-6,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-19-6-1,Yes,Advisory,Decidable,Single Translation Unit,The #pragma directive and the _Pragma operator should not be used,A16-7-1,,Easy, -cpp,MISRA-C++-2023,RULE-21-2-1,Yes,Required,Decidable,Single Translation Unit,"The library functions atof, atoi, atol and atoll from shall not be used",RULE-21-7,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-21-2-1,Yes,Required,Decidable,Single Translation Unit,"The library functions atof, atoi, atol and atoll from shall not be used",RULE-21-7,ImportMisra23b,Import, cpp,MISRA-C++-2023,RULE-21-2-2,Yes,Required,Decidable,Single Translation Unit,"The string handling functions from , , and shall not be used",M18-0-5,,Easy, cpp,MISRA-C++-2023,RULE-21-2-3,Yes,Required,Decidable,Single Translation Unit,The library function system from shall not be used,M18-0-3,,Easy, -cpp,MISRA-C++-2023,RULE-21-2-4,Yes,Required,Decidable,Single Translation Unit,The macro offsetof shall not be used,M18-2-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-21-2-4,Yes,Required,Decidable,Single Translation Unit,The macro offsetof shall not be used,M18-2-1,ImportMisra23b,Import, cpp,MISRA-C++-2023,RULE-21-6-1,Yes,Advisory,Undecidable,Single Translation Unit,Dynamic memory should not be used,DIR-4-12,,Easy, cpp,MISRA-C++-2023,RULE-21-6-2,Yes,Required,Decidable,Single Translation Unit,Dynamic memory shall be managed automatically,,,Easy, cpp,MISRA-C++-2023,RULE-21-6-3,Yes,Required,Decidable,Single Translation Unit,Advanced memory management shall not be used,,,Medium, -cpp,MISRA-C++-2023,RULE-21-6-4,Yes,Required,Decidable,System,"If a project defines either a sized or unsized version of a global operator delete, then both shall be defined",A18-5-4,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-21-6-4,Yes,Required,Decidable,System,"If a project defines either a sized or unsized version of a global operator delete, then both shall be defined",A18-5-4,ImportMisra23b,Import, cpp,MISRA-C++-2023,RULE-21-6-5,Yes,Required,Decidable,Single Translation Unit,A pointer to an incomplete class type shall not be deleted,A5-3-3,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-21-10-1,Yes,Required,Decidable,Single Translation Unit,The features of shall not be used,DCL50-CPP,,Easy, cpp,MISRA-C++-2023,RULE-21-10-2,Yes,Required,Decidable,Single Translation Unit,The standard header file shall not be used,ERR52-CPP,,Easy, -cpp,MISRA-C++-2023,RULE-21-10-3,Yes,Required,Decidable,Single Translation Unit,The facilities provided by the standard header file shall not be used,M18-7-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-21-10-3,Yes,Required,Decidable,Single Translation Unit,The facilities provided by the standard header file shall not be used,M18-7-1,ImportMisra23b,Import, cpp,MISRA-C++-2023,RULE-22-3-1,Yes,Required,Decidable,Single Translation Unit,The assert macro shall not be used with a constant-expression,,,Easy, cpp,MISRA-C++-2023,RULE-22-4-1,Yes,Required,Decidable,Single Translation Unit,The literal value zero shall be the only value assigned to errno,,,Easy, cpp,MISRA-C++-2023,RULE-23-11-1,Yes,Advisory,Decidable,Single Translation Unit,The raw pointer constructors of std::shared_ptr and std::unique_ptr should not be used,,,Easy, @@ -944,12 +944,12 @@ cpp,MISRA-C++-2023,RULE-24-5-1,Yes,Required,Decidable,Single Translation Unit,Th cpp,MISRA-C++-2023,RULE-24-5-2,Yes,Required,Decidable,Single Translation Unit,"The C++ Standard Library functions memcpy, memmove and memcmp from shall not be used",,,Easy, cpp,MISRA-C++-2023,RULE-25-5-1,Yes,Required,Decidable,Single Translation Unit,The setlocale and std::locale::global functions shall not be called,,,Easy, cpp,MISRA-C++-2023,RULE-25-5-2,Yes,Mandatory,Decidable,Single Translation Unit,"The pointers returned by the C++ Standard Library functions localeconv, getenv, setlocale or strerror must only be used as if they have pointer to const-qualified type",RULE-21-19,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-25-5-3,Yes,Mandatory,Undecidable,System,"The pointer returned by the C++ Standard Library functions asctime, ctime, gmtime, localtime, localeconv, getenv, setlocale or strerror must not be used following a subsequent call to the same function",RULE-21-20,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-25-5-3,Yes,Mandatory,Undecidable,System,"The pointer returned by the C++ Standard Library functions asctime, ctime, gmtime, localtime, localeconv, getenv, setlocale or strerror must not be used following a subsequent call to the same function",RULE-21-20,ImportMisra23b,Import, cpp,MISRA-C++-2023,RULE-26-3-1,Yes,Advisory,Decidable,Single Translation Unit,std::vector should not be specialized with bool,A18-1-2,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-28-3-1,Yes,Required,Undecidable,System,Predicates shall not have persistent side effects,A25-1-1,,Easy, cpp,MISRA-C++-2023,RULE-28-6-1,Yes,Required,Decidable,Single Translation Unit,The argument to std::move shall be a non-const lvalue,A18-9-3,,Easy, -cpp,MISRA-C++-2023,RULE-28-6-2,Yes,Required,Decidable,Single Translation Unit,Forwarding references and std::forward shall be used together,A18-9-2,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-28-6-2,Yes,Required,Decidable,Single Translation Unit,Forwarding references and std::forward shall be used together,A18-9-2,ImportMisra23b,Import, cpp,MISRA-C++-2023,RULE-28-6-3,Yes,Required,Decidable,Single Translation Unit,An object shall not be used while in a potentially moved-from state,A12-8-3,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-28-6-4,Yes,Required,Decidable,Single Translation Unit,"The result of std::remove, std::remove_if, std::unique and empty shall be used",,,Easy, -cpp,MISRA-C++-2023,RULE-30-0-1,Yes,Required,Decidable,Single Translation Unit,The C Library input/output functions shall not be used,M27-0-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-30-0-1,Yes,Required,Decidable,Single Translation Unit,The C Library input/output functions shall not be used,M27-0-1,ImportMisra23b,Import, cpp,MISRA-C++-2023,RULE-30-0-2,Yes,Required,Undecidable,System,Reads and writes on the same file stream shall be separated by a positioning operation,A27-0-3,ImportMisra23,Import, From 81e898c4a7b9343aa25be9b7e8c09327f20be179 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 11 Jun 2024 16:02:51 -0400 Subject: [PATCH 1826/2573] M0-1-2: improve template handling --- change_notes/2024-06-11-fix-fp-376-M-0-1-2.md | 2 + .../src/rules/M0-1-2/InfeasiblePath.ql | 195 +++++++++++++++++- .../test/rules/M0-1-2/InfeasiblePath.expected | 10 +- cpp/autosar/test/rules/M0-1-2/test.cpp | 37 +++- 4 files changed, 225 insertions(+), 19 deletions(-) create mode 100644 change_notes/2024-06-11-fix-fp-376-M-0-1-2.md diff --git a/change_notes/2024-06-11-fix-fp-376-M-0-1-2.md b/change_notes/2024-06-11-fix-fp-376-M-0-1-2.md new file mode 100644 index 0000000000..49b53f5f37 --- /dev/null +++ b/change_notes/2024-06-11-fix-fp-376-M-0-1-2.md @@ -0,0 +1,2 @@ +- `M0-1-2` - `InfeasiblePath.ql`: + - Fixes #376. For template functions we now only report when a path is infeasible regardless of instantiations present. \ No newline at end of file diff --git a/cpp/autosar/src/rules/M0-1-2/InfeasiblePath.ql b/cpp/autosar/src/rules/M0-1-2/InfeasiblePath.ql index 645e05c920..6f12ff6a09 100644 --- a/cpp/autosar/src/rules/M0-1-2/InfeasiblePath.ql +++ b/cpp/autosar/src/rules/M0-1-2/InfeasiblePath.ql @@ -3,7 +3,7 @@ * @name M0-1-2: A project shall not contain infeasible paths * @description Infeasible paths complicate the program and can indicate a possible mistake on the * part of the programmer. - * @kind problem + * @ kind problem * @precision high * @problem.severity warning * @tags external/autosar/id/m0-1-2 @@ -17,6 +17,8 @@ import cpp import codingstandards.cpp.autosar import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis +import codingstandards.cpp.deadcode.UnreachableCode +import semmle.code.cpp.controlflow.Guards /** * A "conditional" node in the control flow graph, i.e. one that can potentially have a true and false path. @@ -44,6 +46,7 @@ class BreakingLoop extends Loop { predicate hasCFGDeducedInfeasiblePath( ConditionalControlFlowNode cond, boolean infeasiblePath, string explanation ) { + not cond.isFromTemplateInstantiation(_) and // No true successor, so the true path has already been deduced as infeasible not exists(cond.getATrueSuccessor()) and infeasiblePath = true and @@ -147,17 +150,189 @@ predicate isConstantRelationalOperation( /** * Holds if the `ConditionalNode` has an infeasible `path` for the reason given in `explanation`. */ -predicate hasInfeasiblePath( - ConditionalControlFlowNode node, boolean infeasiblePath, string explanation -) { - hasCFGDeducedInfeasiblePath(node, infeasiblePath, explanation) and - not isConstantRelationalOperation(node, infeasiblePath, _) +predicate hasInfeasiblePath(ConditionalControlFlowNode node, string message) { + //deal with the infeasible in all uninstantiated templates separately + node.isFromUninstantiatedTemplate(_) and + node instanceof ConditionControllingUnreachable and + message = "The path is unreachable in a template." or - isConstantRelationalOperation(node, infeasiblePath, explanation) + exists(boolean infeasiblePath, string explanation | + ( + not node.isFromUninstantiatedTemplate(_) and + not node.isFromTemplateInstantiation(_) and + message = "The " + infeasiblePath + " path is infeasible because " + explanation + "." + ) and + ( + hasCFGDeducedInfeasiblePath(node, infeasiblePath, explanation) and + not isConstantRelationalOperation(node, infeasiblePath, _) + or + isConstantRelationalOperation(node, infeasiblePath, explanation) + ) + ) +} + +/** + * A newtype representing "unreachable" blocks in the program. We use a newtype here to avoid + * reporting the same block in multiple `Function` instances created from one function in a template. + */ +private newtype TUnreachableBasicBlock = + TUnreachableNonTemplateBlock(BasicBlock bb) { + bb.isUnreachable() and + // Exclude anything template related from this case + not bb.getEnclosingFunction().isFromTemplateInstantiation(_) and + not bb.getEnclosingFunction().isFromUninstantiatedTemplate(_) and + // Exclude compiler generated basic blocks + not isCompilerGenerated(bb) + } or + /** + * A `BasicBlock` that occurs in at least one `Function` instance for a template. `BasicBlock`s + * are matched up across templates by location. + */ + TUnreachableTemplateBlock( + string filepath, int startline, int startcolumn, int endline, int endcolumn, + GuardCondition uninstantiatedGuardCondition + ) { + exists(BasicBlock bb | + // BasicBlock occurs in this location + bb.hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) and + // And is contained in the `uninstantiatedFunction` only + // not from anything constructed from it + // because we want infeasible paths independent of parameters + exists(Function enclosing | enclosing = bb.getEnclosingFunction() | + //guard is in the template function + ( + enclosing.getBlock().getAChild*() = uninstantiatedGuardCondition and + //function template + enclosing.isFromUninstantiatedTemplate(_) and + uninstantiatedGuardCondition.isFromUninstantiatedTemplate(_) and + //true condition is unreachable: basic block starts on same line as guard + ( + not exists(uninstantiatedGuardCondition.getATrueSuccessor()) and + bb.hasLocationInfo(filepath, uninstantiatedGuardCondition.getLocation().getStartLine(), + startcolumn, endline, endcolumn) + or + //false condition is unreachable: false basic block starts on one line after its true basic block + not exists(uninstantiatedGuardCondition.getAFalseSuccessor()) and + bb.hasLocationInfo(filepath, + uninstantiatedGuardCondition.getATrueSuccessor().getLocation().getEndLine() + 1, + startcolumn, endline, endcolumn) + ) + ) + ) and + // And is unreachable + bb.isUnreachable() and + // //Exclude compiler generated control flow nodes + not isCompilerGenerated(bb) and + //Exclude nodes affected by macros, because our find-the-same-basic-block-by-location doesn't + //work in that case + not bb.(ControlFlowNode).isAffectedByMacro() + ) + } + +/** + * An unreachable basic block. + */ +class UnreachableBasicBlock extends TUnreachableBasicBlock { + /** Gets a `BasicBlock` which is represented by this set of unreachable basic blocks. */ + BasicBlock getABasicBlock() { none() } + + /** Gets a `GuardCondition` instance which we treat as the original GuardCondition. */ + GuardCondition getGuardCondition() { none() } + + predicate hasLocationInfo( + string filepath, int startline, int startcolumn, int endline, int endcolumn + ) { + none() + } + + string toString() { result = "default" } +} + +/** + * A non-templated unreachable basic block. + */ +class UnreachableNonTemplateBlock extends UnreachableBasicBlock, TUnreachableNonTemplateBlock { + BasicBlock getBasicBlock() { this = TUnreachableNonTemplateBlock(result) } + + override BasicBlock getABasicBlock() { result = getBasicBlock() } + + override GuardCondition getGuardCondition() { result.controls(getBasicBlock(), true) } + + override predicate hasLocationInfo( + string filepath, int startline, int startcolumn, int endline, int endcolumn + ) { + getBasicBlock().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) + } + + override string toString() { result = getBasicBlock().toString() } +} + +/** + * A templated unreachable basic block. + */ +class UnreachableTemplateBlock extends UnreachableBasicBlock, TUnreachableTemplateBlock { + override BasicBlock getABasicBlock() { + exists( + string filepath, int startline, int startcolumn, int endline, int endcolumn, + GuardCondition uninstantiatedGuardCondition + | + this = + TUnreachableTemplateBlock(filepath, startline, startcolumn, endline, endcolumn, + uninstantiatedGuardCondition) and + result.hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) and + exists(Function enclosing | + //guard is in the template function + ( + enclosing.getBlock().getAChild*() = uninstantiatedGuardCondition and + //function template + enclosing.isFromUninstantiatedTemplate(_) and + uninstantiatedGuardCondition.isFromUninstantiatedTemplate(_) and + //true condition is unreachable: basic block starts on same line as guard + ( + not exists(uninstantiatedGuardCondition.getATrueSuccessor()) and + this.hasLocationInfo(filepath, + uninstantiatedGuardCondition.getLocation().getStartLine(), startcolumn, endline, + endcolumn) + or + //false condition is unreachable: false basic block starts on one line after its true basic block + not exists(uninstantiatedGuardCondition.getAFalseSuccessor()) and + this.hasLocationInfo(filepath, + uninstantiatedGuardCondition.getATrueSuccessor().getLocation().getEndLine() + 1, + startcolumn, endline, endcolumn) + ) + ) + ) + | + result.isUnreachable() and + // Exclude compiler generated control flow nodes + not isCompilerGenerated(result) and + // Exclude nodes affected by macros, because our find-the-same-basic-block-by-location doesn't + // work in that case + not result.(ControlFlowNode).isAffectedByMacro() + ) + } + + override GuardCondition getGuardCondition() { + this = TUnreachableTemplateBlock(_, _, _, _, _, result) + } + + override predicate hasLocationInfo( + string filepath, int startline, int startcolumn, int endline, int endcolumn + ) { + this = TUnreachableTemplateBlock(filepath, startline, startcolumn, endline, endcolumn, _) + } + + override string toString() { result = getABasicBlock().toString() } +} + +class ConditionControllingUnreachable extends GuardCondition { + ConditionControllingUnreachable() { + exists(UnreachableTemplateBlock b | this = b.getGuardCondition()) + } } -from ConditionalControlFlowNode cond, boolean infeasiblePath, string explanation +from ConditionalControlFlowNode cond, string explanation where not isExcluded(cond, DeadCodePackage::infeasiblePathQuery()) and - hasInfeasiblePath(cond, infeasiblePath, explanation) -select cond, "The " + infeasiblePath + " path is infeasible because " + explanation + "." + hasInfeasiblePath(cond, explanation) +select cond, explanation diff --git a/cpp/autosar/test/rules/M0-1-2/InfeasiblePath.expected b/cpp/autosar/test/rules/M0-1-2/InfeasiblePath.expected index a7ea70d28f..9cb237e8b3 100644 --- a/cpp/autosar/test/rules/M0-1-2/InfeasiblePath.expected +++ b/cpp/autosar/test/rules/M0-1-2/InfeasiblePath.expected @@ -2,13 +2,9 @@ | test.cpp:7:7:7:22 | ... <= ... | The false path is infeasible because a (max value: 4294967295) is always less than or equal to 4294967295 (minimum value: 4294967295). | | test.cpp:15:7:15:13 | ... < ... | The false path is infeasible because l1 (max value: 2) is always less than l2 (minimum value: 10). | | test.cpp:19:9:19:14 | ... < ... | The false path is infeasible because a (max value: 1) is always less than l2 (minimum value: 10). | -| test.cpp:33:7:33:7 | 0 | The true path is infeasible because this expression consists of constants which evaluate to false. | -| test.cpp:33:7:33:7 | 0 | The true path is infeasible because this expression consists of constants which evaluate to false. | -| test.cpp:33:7:33:7 | 0 | The true path is infeasible because this expression consists of constants which evaluate to false. | -| test.cpp:36:7:36:14 | call to isVal | The false path is infeasible because this expression consists of constants which evaluate to true. | -| test.cpp:36:7:36:14 | call to isVal | The false path is infeasible because this expression consists of constants which evaluate to true. | -| test.cpp:43:7:43:15 | call to isVal2 | The false path is infeasible because this expression consists of constants which evaluate to true. | -| test.cpp:43:7:43:15 | call to isVal2 | The true path is infeasible because this expression consists of constants which evaluate to false. | +| test.cpp:33:7:33:7 | 0 | The path is unreachable in a template. | | test.cpp:77:9:77:14 | ... < ... | The true path is infeasible because 0 (max value: 0) is always less than or equal to a (minimum value: 0). | | test.cpp:80:9:80:15 | ... >= ... | The false path is infeasible because 0 (max value: 0) is always less than or equal to a (minimum value: 0). | | test.cpp:86:9:86:14 | ... < ... | The true path is infeasible because 0 (max value: 0) is always less than or equal to a (minimum value: 0). | +| test.cpp:117:7:117:7 | 0 | The path is unreachable in a template. | +| test.cpp:123:7:123:8 | ! ... | The path is unreachable in a template. | diff --git a/cpp/autosar/test/rules/M0-1-2/test.cpp b/cpp/autosar/test/rules/M0-1-2/test.cpp index 2ec7b01188..31c564d8a5 100644 --- a/cpp/autosar/test/rules/M0-1-2/test.cpp +++ b/cpp/autosar/test/rules/M0-1-2/test.cpp @@ -33,14 +33,14 @@ template int f() { if (0) { // NON_COMPLIANT - true path is infeasible in all circumstances return 3; } - if (T::isVal()) { // COMPLIANT[FALSE_POSITIVE] - `isVal` is `true` for all + if (T::isVal()) { // COMPLIANT - `isVal` is `true` for all // visible instantiations, but in the uninstantiated // template both paths are feasible. This represents that // this is template dependent, so we consider it compliant return 2; } - if (T::isVal2()) { // COMPLIANT[FALSE_POSITIVE] - `isVal2` is either true or + if (T::isVal2()) { // COMPLIANT - `isVal2` is either true or // false return 2; } @@ -99,3 +99,36 @@ void test_loop(int a) { a++; } } + +template int foo() { + if (x) { // COMPLIANT - block is reachable in the one of the instantiated + // template + return 1; + } + return 0; // COMPLIANT - block is reachable in the uninstantiated template +} + +void test() { + foo(); + foo(); +} + +template int template_infeasible_true_path() { + if (0) { // NON_COMPLIANT - true path is infeasible in all circumstances + return 3; + } +} + +template int template_infeasible_false_path() { + if (!0) { + return 3; + } + return 1; // NON_COMPLIANT - false path is infeasible in all circumstances +} + +void test_infeasible_instantiates() { + template_infeasible_true_path(); + template_infeasible_true_path(); + template_infeasible_false_path(); + template_infeasible_false_path(); +} \ No newline at end of file From 7697c69a0289f7140dd144001b3d409d28cd21c9 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 11 Jun 2024 16:12:50 -0400 Subject: [PATCH 1827/2573] M0-1-2: fix metadata --- cpp/autosar/src/rules/M0-1-2/InfeasiblePath.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/src/rules/M0-1-2/InfeasiblePath.ql b/cpp/autosar/src/rules/M0-1-2/InfeasiblePath.ql index 6f12ff6a09..76ccdead69 100644 --- a/cpp/autosar/src/rules/M0-1-2/InfeasiblePath.ql +++ b/cpp/autosar/src/rules/M0-1-2/InfeasiblePath.ql @@ -3,7 +3,7 @@ * @name M0-1-2: A project shall not contain infeasible paths * @description Infeasible paths complicate the program and can indicate a possible mistake on the * part of the programmer. - * @ kind problem + * @kind problem * @precision high * @problem.severity warning * @tags external/autosar/id/m0-1-2 From 5e65aa7ce917a655762868122de4d0c29f787766 Mon Sep 17 00:00:00 2001 From: knewbury01 Date: Mon, 17 Jun 2024 18:42:56 +0000 Subject: [PATCH 1828/2573] Bump version to 2.32.0-dev --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- docs/user_manual.md | 12 ++++++------ 16 files changed, 21 insertions(+), 21 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index 41bf9df58b..58b6100d68 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards -version: 2.30.0-dev +version: 2.32.0-dev description: CERT C 2016 suites: codeql-suites license: MIT diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index 78880f5157..6ff293b9fd 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards-tests -version: 2.30.0-dev +version: 2.32.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 55a94b0251..153e4620f3 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards -version: 2.30.0-dev +version: 2.32.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index 0b23b2465b..71afef5e70 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards-tests -version: 2.30.0-dev +version: 2.32.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 4d000d999f..e284cb5151 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards -version: 2.30.0-dev +version: 2.32.0-dev description: MISRA C 2012 suites: codeql-suites license: MIT diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index 0a877454c4..5d19f0877f 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards-tests -version: 2.30.0-dev +version: 2.32.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index 9f27965f4a..dbaf86e72a 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards -version: 2.30.0-dev +version: 2.32.0-dev description: AUTOSAR C++14 Guidelines R22-11, R21-11, R20-11, R19-11 and R19-03 suites: codeql-suites license: MIT diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index ca16be3d34..baf5a22a15 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards-tests -version: 2.30.0-dev +version: 2.32.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index 929bbdf7ea..dfc4d0cbd9 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards -version: 2.30.0-dev +version: 2.32.0-dev description: CERT C++ 2016 suites: codeql-suites license: MIT diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index d1b4a638ce..a2fe672e5b 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards-tests -version: 2.30.0-dev +version: 2.32.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index 2fd8546ecf..2fe01c68ff 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards -version: 2.30.0-dev +version: 2.32.0-dev license: MIT dependencies: codeql/cpp-all: 0.9.3 diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index 42e989cb8e..a66a3fbf70 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards-tests -version: 2.30.0-dev +version: 2.32.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index ae40b0c08e..11cca34ca9 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards -version: 2.30.0-dev +version: 2.32.0-dev description: MISRA C++ 2008 suites: codeql-suites license: MIT diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index c07550679f..0c07a83fe2 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards-tests -version: 2.30.0-dev +version: 2.32.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index e02c8afddc..d9a8beff97 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/report-cpp-coding-standards -version: 2.30.0-dev +version: 2.32.0-dev license: MIT dependencies: codeql/cpp-all: 0.9.3 diff --git a/docs/user_manual.md b/docs/user_manual.md index e5f70e2bb6..c9e3db53a9 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -30,13 +30,13 @@ ## Release information -This user manual documents release `2.30.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). +This user manual documents release `2.32.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). The release page documents the release notes and contains the following artifacts part of the release: -- `code-scanning-cpp-query-pack-2.30.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `supported_rules_list_2.30.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. -- `supported_rules_list_2.30.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. -- `user_manual_2.30.0-dev.md`: This user manual. +- `code-scanning-cpp-query-pack-2.32.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. +- `supported_rules_list_2.32.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. +- `supported_rules_list_2.32.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. +- `user_manual_2.32.0-dev.md`: This user manual. - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards - `checksums.txt`: A text file containing sha256 checksums for the aforementioned artifacts. @@ -499,7 +499,7 @@ This section describes known failure modes for "CodeQL Coding Standards" and des | | Ouf of space | Less output. Some files may be only be partially analyzed, or not analyzed at all. | Error reported on the command line. | Increase space. If it remains an issue report space consumption issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False positives | More output. Results are reported which are not violations of the guidelines. | All reported results must be reviewed. | Report false positive issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False negatives | Less output. Violations of the guidelines are not reported. | Other validation and verification processes during software development should be used to complement the analysis performed by CodeQL Coding Standards. | Report false negative issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | -| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.30.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | +| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.32.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | | | Incorrect deviation record specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation records with a reason. Ensure that all deviation records are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Incorrect deviation permit specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation permits with a reason. Ensure that all deviation permits are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Unapproved use of a deviation record | Less output. Results for guideline violations are not reported. | Validate that the deviation record use is approved by verifying the approved-by attribute of the deviation record specification. | Ensure that each raised deviation record is approved by an independent approver through an auditable process. | From 8cd6df75eea493ee32baa39d2a7fec617e429efd Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 18 Jun 2024 21:59:24 -0400 Subject: [PATCH 1829/2573] A3-9-1: exclude fps on post increment and decrement operators --- change_notes/2024-06-18-fix-fp-614-A3-9-1.md | 2 ++ .../rules/A3-9-1/VariableWidthIntegerTypesUsed.ql | 6 +++++- cpp/autosar/test/rules/A3-9-1/test.cpp | 7 ++++++- cpp/common/src/codingstandards/cpp/Operator.qll | 14 ++++++++++++++ 4 files changed, 27 insertions(+), 2 deletions(-) create mode 100644 change_notes/2024-06-18-fix-fp-614-A3-9-1.md diff --git a/change_notes/2024-06-18-fix-fp-614-A3-9-1.md b/change_notes/2024-06-18-fix-fp-614-A3-9-1.md new file mode 100644 index 0000000000..121c285b20 --- /dev/null +++ b/change_notes/2024-06-18-fix-fp-614-A3-9-1.md @@ -0,0 +1,2 @@ +- `A3-9-1` - `VariableWidthIntegerTypesUsed.ql`: + - Fixes #614. Excludes post increment and decrement operators. \ No newline at end of file diff --git a/cpp/autosar/src/rules/A3-9-1/VariableWidthIntegerTypesUsed.ql b/cpp/autosar/src/rules/A3-9-1/VariableWidthIntegerTypesUsed.ql index 460457e0f8..84a38b0f6a 100644 --- a/cpp/autosar/src/rules/A3-9-1/VariableWidthIntegerTypesUsed.ql +++ b/cpp/autosar/src/rules/A3-9-1/VariableWidthIntegerTypesUsed.ql @@ -20,6 +20,7 @@ import codingstandards.cpp.autosar import codingstandards.cpp.EncapsulatingFunctions import codingstandards.cpp.BuiltInNumericTypes import codingstandards.cpp.Type +import codingstandards.cpp.Operator from Variable v, Type typeStrippedOfSpecifiers where @@ -30,5 +31,8 @@ where typeStrippedOfSpecifiers instanceof UnsignedCharType or typeStrippedOfSpecifiers instanceof SignedCharType ) and - not v instanceof ExcludedVariable + not v instanceof ExcludedVariable and + //post-increment/post-decrement operators are required by the standard to have a dummy int parameter + not v.(Parameter).getFunction() instanceof PostIncrementOperator and + not v.(Parameter).getFunction() instanceof PostDecrementOperator select v, "Variable '" + v.getName() + "' has variable-width type." diff --git a/cpp/autosar/test/rules/A3-9-1/test.cpp b/cpp/autosar/test/rules/A3-9-1/test.cpp index 9d1e257b8c..882738eea1 100644 --- a/cpp/autosar/test/rules/A3-9-1/test.cpp +++ b/cpp/autosar/test/rules/A3-9-1/test.cpp @@ -70,4 +70,9 @@ void test_variable_width_type_qualified_variables() { volatile long l2; // NON_COMPLIANT volatile unsigned long ul2; // NON_COMPLIANT volatile signed long sl2; // NON_COMPLIANT -} \ No newline at end of file +} + +struct test_fix_fp_614 { + test_fix_fp_614 operator++(int); // COMPLIANT + test_fix_fp_614 operator--(int); // COMPLIANT +}; \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/Operator.qll b/cpp/common/src/codingstandards/cpp/Operator.qll index 9f4c5558eb..6d2cc39933 100644 --- a/cpp/common/src/codingstandards/cpp/Operator.qll +++ b/cpp/common/src/codingstandards/cpp/Operator.qll @@ -215,6 +215,20 @@ class IncrementOperator extends Operator { } } +class PostIncrementOperator extends Operator { + PostIncrementOperator() { + hasName("operator++") and + getNumberOfParameters() = 1 + } +} + +class PostDecrementOperator extends Operator { + PostDecrementOperator() { + hasName("operator--") and + getNumberOfParameters() = 1 + } +} + class StructureDerefOperator extends Operator { StructureDerefOperator() { hasName("operator->") and From 199ad0b4866fc6fd26d76e1d63f70b92618f6949 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 18 Jun 2024 22:39:26 -0400 Subject: [PATCH 1830/2573] M9-3-3: exclude uninstantiated templates from static query --- change_notes/2024-06-18-fix-fp-616-M9-3-3.md | 2 ++ .../src/rules/M9-3-3/MemberFunctionStaticIfPossible.ql | 3 ++- cpp/autosar/test/rules/M9-3-3/test.cpp | 9 ++++++++- 3 files changed, 12 insertions(+), 2 deletions(-) create mode 100644 change_notes/2024-06-18-fix-fp-616-M9-3-3.md diff --git a/change_notes/2024-06-18-fix-fp-616-M9-3-3.md b/change_notes/2024-06-18-fix-fp-616-M9-3-3.md new file mode 100644 index 0000000000..6c13807ed6 --- /dev/null +++ b/change_notes/2024-06-18-fix-fp-616-M9-3-3.md @@ -0,0 +1,2 @@ +- `M9-3-3` - `MemberFunctionStaticIfPossible.ql`: + - Fixes #616. Exclude uninstantiated templates. \ No newline at end of file diff --git a/cpp/autosar/src/rules/M9-3-3/MemberFunctionStaticIfPossible.ql b/cpp/autosar/src/rules/M9-3-3/MemberFunctionStaticIfPossible.ql index 5148e72f79..69634f89c6 100644 --- a/cpp/autosar/src/rules/M9-3-3/MemberFunctionStaticIfPossible.ql +++ b/cpp/autosar/src/rules/M9-3-3/MemberFunctionStaticIfPossible.ql @@ -31,7 +31,8 @@ class NonStaticMemberFunction extends MemberFunction { not this instanceof Constructor and not this instanceof Destructor and not this instanceof Operator and - this.hasDefinition() + this.hasDefinition() and + not this.isFromUninstantiatedTemplate(_) } } diff --git a/cpp/autosar/test/rules/M9-3-3/test.cpp b/cpp/autosar/test/rules/M9-3-3/test.cpp index 5469b41d5c..27e44c9a4b 100644 --- a/cpp/autosar/test/rules/M9-3-3/test.cpp +++ b/cpp/autosar/test/rules/M9-3-3/test.cpp @@ -214,4 +214,11 @@ void fp_reported_in_381() { Z4 z; int i = z.front(); z.fill(i); -} \ No newline at end of file +} + +class ZZ { +public: + template + void fp_616(const T &val) { + } // COMPLIANT - ignore uninstantiated templates for static also +}; From 8078f8167744651ef4db0d2e795126a7ede83093 Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Wed, 19 Jun 2024 09:42:28 +0200 Subject: [PATCH 1831/2573] Accept new warning format in ql tests --- ...bleLengthArraySizeNotInValidRange.expected | 4 +- ...rithmeticOnNonArrayObjectPointers.expected | 10 ++-- ...rSubtractAScaledIntegerToAPointer.expected | 8 ++-- .../CleanUpThreadSpecificStorage.expected | 12 ++--- ...riateThreadObjectStorageDurations.expected | 16 +++---- ...ectStorageDurationsNotInitialized.expected | 10 ++-- ...ateStorageDurationsFunctionReturn.expected | 10 ++-- .../ERR30-C/ErrnoReadBeforeReturn.expected | 2 +- .../ERR30-C/SetlocaleMightSetErrno.expected | 2 +- ...tRelyOnIndeterminateValuesOfErrno.expected | 8 ++-- ...ectAndHandleStandardLibraryErrors.expected | 2 +- ...OfFunctionArgumentsForSideEffects.expected | 48 +++++++++---------- ...rToMoreStrictlyAlignedPointerType.expected | 20 ++++---- ...nctionPointerWithIncompatibleType.expected | 8 ++-- ...iableViaPointerOfIncompatibleType.expected | 14 +++--- .../DoNotModifyConstantObjects.expected | 8 ++-- ...edPointerToRestrictQualifiedParam.expected | 24 +++++----- ...ointerReferencesOverlappingObject.expected | 14 +++--- ...esetStringsOnFgetsOrFgetwsFailure.expected | 6 +-- ...FsetposThatAreReturnedFromFgetpos.expected | 10 ++-- ...RaceConditionsWhileAccessingFiles.expected | 2 +- ...ufficientMemoryAllocatedForObject.expected | 4 +- ...odifyAlignmentOfMemoryWithRealloc.expected | 10 ++-- ...ssInvalidDataToTheAsctimeFunction.expected | 8 ++-- ...VaListThatHasAnIndeterminateValue.expected | 14 +++--- ...SafeFunctionsWithinSignalHandlers.expected | 6 +-- ...romAComputationalExceptionHandler.expected | 2 +- ...oNotAttemptToModifyStringLiterals.expected | 30 ++++++------ ...fficientSpaceForTheNullTerminator.expected | 12 ++--- ...natedToFunctionThatExpectsAString.expected | 20 ++++---- ...yFunctionArgumentNumberOfElements.expected | 12 ++--- ...sedToCompareNullTerminatedStrings.expected | 8 ++-- ...ForReadAndWriteOnDifferentStreams.expected | 2 +- .../AttemptToWriteToAReadOnlyStream.expected | 12 ++--- ...omparedWithUnmodifiedReturnValues.expected | 16 +++---- ...rformConversionOfPassedParameters.expected | 6 +-- .../AssignmentOperatorReturnThis.expected | 2 +- .../ThrownExceptionsShouldBeUnique.expected | 2 +- ...orErrorLeavesObjectInInvalidState.expected | 18 +++---- ...entOfAnArrayPassedToASmartPointer.expected | 14 +++--- .../UnnecessaryUseOfDynamicStorage.expected | 8 ++-- ...ArgumentToForwardSubsequentlyUsed.expected | 6 +-- ...PointerUsedWithNoOwnershipSharing.expected | 2 +- .../rules/A27-0-4/CStyleStringsUsed.expected | 6 +-- ...UsedWithPointersToNonFinalClasses.expected | 8 ++-- .../A5-1-7/LambdaPassedToDecltype.expected | 12 ++--- .../A5-1-7/LambdaPassedToTypeid.expected | 8 ++-- .../A7-5-1/InvalidFunctionReturnType.expected | 6 +-- ...ParameterWithoutLifetimeSemantics.expected | 4 +- ...edToFunctionWithImproperSemantics.expected | 4 +- ...tParametersDeclaredAsTNotModified.expected | 4 +- ...eferencesToPrivateOrProtectedData.expected | 6 +-- ...tionErroneousReturnValueNotTested.expected | 6 +-- ...ntationsOfFloatingPointValuesUsed.expected | 6 +-- ...berFunctionReturnsNonConstPointer.expected | 4 +- ...cCppLibraryFunctionsDoNotOverflow.expected | 18 +++---- .../CTR53-CPP/UseValidIteratorRanges.expected | 12 ++--- ...UseAnAdditiveOperatorOnAnIterator.expected | 18 +++---- ...terArithmeticOnPolymorphicObjects.expected | 8 ++-- ...nFunctionCallsAsFunctionArguments.expected | 48 +++++++++---------- ...ThroughAPointerOfTheIncorrectType.expected | 8 ++-- ...ctAndHandleMemoryAllocationErrors.expected | 14 +++--- .../BadlySeededRandomNumberGenerator.expected | 2 +- 63 files changed, 327 insertions(+), 327 deletions(-) diff --git a/c/cert/test/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.expected b/c/cert/test/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.expected index bcb1c8eddd..083e7dfb87 100644 --- a/c/cert/test/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.expected +++ b/c/cert/test/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.expected @@ -1,5 +1,5 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (VariableLengthArraySizeNotInValidRange.ql:104,11-19) -WARNING: Module TaintTracking has been deprecated and may be removed in future (VariableLengthArraySizeNotInValidRange.ql:87,5-18) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (VariableLengthArraySizeNotInValidRange.ql:104,11-19) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (VariableLengthArraySizeNotInValidRange.ql:87,5-18) | test.c:14:8:14:8 | VLA declaration | Variable-length array dimension size may be in an invalid range. | | test.c:15:8:15:8 | VLA declaration | Variable-length array dimension size may be in an invalid range. | | test.c:16:8:16:8 | VLA declaration | Variable-length array dimension size may be in an invalid range. | diff --git a/c/cert/test/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.expected b/c/cert/test/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.expected index d75db521af..ca4ef2a7a0 100644 --- a/c/cert/test/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.expected +++ b/c/cert/test/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.expected @@ -1,8 +1,8 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:23,60-68) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:24,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:36,20-28) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:44,26-34) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:65,3-11) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:23,60-68) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:24,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:36,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:44,26-34) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:65,3-11) edges | test.c:14:38:14:39 | p1 | test.c:18:10:18:11 | v1 | provenance | | | test.c:14:38:14:39 | p1 | test.c:19:10:19:11 | v2 | provenance | | diff --git a/c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected b/c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected index 7782984e5b..d343811aaf 100644 --- a/c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected +++ b/c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected @@ -1,7 +1,7 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAddOrSubtractAScaledIntegerToAPointer.ql:72,56-64) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAddOrSubtractAScaledIntegerToAPointer.ql:73,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAddOrSubtractAScaledIntegerToAPointer.ql:75,20-28) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAddOrSubtractAScaledIntegerToAPointer.ql:84,45-53) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAddOrSubtractAScaledIntegerToAPointer.ql:72,56-64) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAddOrSubtractAScaledIntegerToAPointer.ql:73,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAddOrSubtractAScaledIntegerToAPointer.ql:75,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAddOrSubtractAScaledIntegerToAPointer.ql:84,45-53) edges | test.c:7:13:7:14 | p1 | test.c:9:9:9:10 | p1 | provenance | | | test.c:16:19:16:41 | ... - ... | test.c:18:26:18:31 | offset | provenance | | diff --git a/c/cert/test/rules/CON30-C/CleanUpThreadSpecificStorage.expected b/c/cert/test/rules/CON30-C/CleanUpThreadSpecificStorage.expected index 9b1288d578..2706474f29 100644 --- a/c/cert/test/rules/CON30-C/CleanUpThreadSpecificStorage.expected +++ b/c/cert/test/rules/CON30-C/CleanUpThreadSpecificStorage.expected @@ -1,9 +1,9 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:21,46-54) -WARNING: Module DataFlow has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:22,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:31,20-28) -WARNING: Module DataFlow has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:41,35-43) -WARNING: Module DataFlow has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:49,36-44) -WARNING: Module DataFlow has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:51,36-44) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:21,46-54) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:22,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:31,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:41,35-43) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:49,36-44) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:51,36-44) | test.c:27:3:27:12 | call to tss_create | Resources used by thread specific storage may not be cleaned up. | | test.c:49:3:49:12 | call to tss_create | Resources used by thread specific storage may not be cleaned up. | | test.c:71:3:71:12 | call to tss_create | Resources used by thread specific storage may not be cleaned up. | diff --git a/c/cert/test/rules/CON34-C/AppropriateThreadObjectStorageDurations.expected b/c/cert/test/rules/CON34-C/AppropriateThreadObjectStorageDurations.expected index a513b55b73..25cb74d7fa 100644 --- a/c/cert/test/rules/CON34-C/AppropriateThreadObjectStorageDurations.expected +++ b/c/cert/test/rules/CON34-C/AppropriateThreadObjectStorageDurations.expected @@ -1,11 +1,11 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:28,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:28,54-62) -WARNING: Module DataFlow has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:35,62-70) -WARNING: Module DataFlow has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:40,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:40,30-38) -WARNING: Module DataFlow has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:41,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:41,30-38) -WARNING: Module TaintTracking has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:28,3-16) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:28,29-37) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:28,54-62) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:35,62-70) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:40,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:40,30-38) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:41,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:41,30-38) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:28,3-16) | test.c:23:3:23:13 | call to thrd_create | $@ not declared with appropriate storage duration | test.c:23:24:23:29 | & ... | Shared object | | test.c:74:3:74:13 | call to thrd_create | $@ not declared with appropriate storage duration | test.c:74:24:74:24 | p | Shared object | | test.c:85:3:85:13 | call to thrd_create | $@ not declared with appropriate storage duration | test.c:85:24:85:24 | p | Shared object | diff --git a/c/cert/test/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.expected b/c/cert/test/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.expected index 337df4c14c..d6b6548581 100644 --- a/c/cert/test/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.expected +++ b/c/cert/test/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.expected @@ -1,6 +1,6 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (ThreadObjectStorageDurationsNotInitialized.ql:28,38-46) -WARNING: Module DataFlow has been deprecated and may be removed in future (ThreadObjectStorageDurationsNotInitialized.ql:31,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (ThreadObjectStorageDurationsNotInitialized.ql:31,30-38) -WARNING: Module DataFlow has been deprecated and may be removed in future (ThreadObjectStorageDurationsNotInitialized.ql:32,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (ThreadObjectStorageDurationsNotInitialized.ql:32,30-38) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ThreadObjectStorageDurationsNotInitialized.ql:28,38-46) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ThreadObjectStorageDurationsNotInitialized.ql:31,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ThreadObjectStorageDurationsNotInitialized.ql:31,30-38) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ThreadObjectStorageDurationsNotInitialized.ql:32,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ThreadObjectStorageDurationsNotInitialized.ql:32,30-38) | test.c:14:7:14:13 | call to tss_get | Call to a thread specific storage function from within a threaded context on an object that may not be owned by this thread. | diff --git a/c/cert/test/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.expected b/c/cert/test/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.expected index 18d28b61bc..905c9cc22b 100644 --- a/c/cert/test/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.expected +++ b/c/cert/test/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.expected @@ -1,7 +1,7 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (AppropriateStorageDurationsFunctionReturn.ql:22,20-28) -WARNING: Module DataFlow has been deprecated and may be removed in future (AppropriateStorageDurationsFunctionReturn.ql:26,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (AppropriateStorageDurationsFunctionReturn.ql:39,6-14) -WARNING: Module DataFlow has been deprecated and may be removed in future (AppropriateStorageDurationsFunctionReturn.ql:39,26-34) -WARNING: Module DataFlow has been deprecated and may be removed in future (AppropriateStorageDurationsFunctionReturn.ql:45,3-11) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateStorageDurationsFunctionReturn.ql:22,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateStorageDurationsFunctionReturn.ql:26,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateStorageDurationsFunctionReturn.ql:39,6-14) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateStorageDurationsFunctionReturn.ql:39,26-34) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateStorageDurationsFunctionReturn.ql:45,3-11) | test.c:3:10:3:10 | a | $@ with automatic storage may be accessible outside of its lifetime. | test.c:3:10:3:10 | a | a | | test.c:15:4:15:8 | param [inner post update] | $@ with automatic storage may be accessible outside of its lifetime. | test.c:15:12:15:13 | a2 | a2 | diff --git a/c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.expected b/c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.expected index b3e5c4b7fc..659a731d7c 100644 --- a/c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.expected +++ b/c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.expected @@ -1,4 +1,4 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (ErrnoReadBeforeReturn.ql:40,7-15) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ErrnoReadBeforeReturn.ql:40,7-15) | test.c:69:7:69:11 | * ... | Do not read `errno` before checking the return value of function $@. | test.c:68:3:68:7 | call to ftell | call to ftell | | test.c:69:7:69:11 | call to __errno_location | Do not read `errno` before checking the return value of function $@. | test.c:68:3:68:7 | call to ftell | call to ftell | | test.c:70:5:70:10 | call to perror | Do not read `errno` before checking the return value of function $@. | test.c:68:3:68:7 | call to ftell | call to ftell | diff --git a/c/cert/test/rules/ERR30-C/SetlocaleMightSetErrno.expected b/c/cert/test/rules/ERR30-C/SetlocaleMightSetErrno.expected index 0ffaf56bd1..d20f4a4e34 100644 --- a/c/cert/test/rules/ERR30-C/SetlocaleMightSetErrno.expected +++ b/c/cert/test/rules/ERR30-C/SetlocaleMightSetErrno.expected @@ -1,3 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (SetlocaleMightSetErrno.ql:64,7-15) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (SetlocaleMightSetErrno.ql:64,7-15) | test.c:98:3:98:11 | call to setlocale | Do not read `errno` before checking the return value of a call to `setlocale`. | | test.c:104:7:104:15 | call to setlocale | The value of `errno` may be different than `0` when `setlocale` is called. The following `errno` check might be invalid. | diff --git a/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected b/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected index 77fa7b7ba7..a90dd6b7f5 100644 --- a/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected +++ b/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected @@ -1,7 +1,7 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotRelyOnIndeterminateValuesOfErrno.ql:50,7-15) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotRelyOnIndeterminateValuesOfErrno.ql:50,27-35) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotRelyOnIndeterminateValuesOfErrno.ql:51,9-17) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotRelyOnIndeterminateValuesOfErrno.ql:54,9-17) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotRelyOnIndeterminateValuesOfErrno.ql:50,7-15) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotRelyOnIndeterminateValuesOfErrno.ql:50,27-35) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotRelyOnIndeterminateValuesOfErrno.ql:51,9-17) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotRelyOnIndeterminateValuesOfErrno.ql:54,9-17) | test.c:12:5:12:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:10:21:10:26 | call to signal | call to signal | | test.c:30:5:30:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:26:21:26:26 | call to signal | call to signal | | test.c:49:5:49:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:45:21:45:26 | call to signal | call to signal | diff --git a/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected b/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected index a32a03a3b9..030596976e 100644 --- a/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected +++ b/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected @@ -1,4 +1,4 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (DetectAndHandleStandardLibraryErrors.ql:453,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DetectAndHandleStandardLibraryErrors.ql:453,5-13) | test.c:18:3:18:11 | call to setlocale | Missing error detection for the call to function `setlocale`. | | test.c:24:23:24:31 | call to setlocale | Missing error detection for the call to function `setlocale`. | | test.c:29:22:29:27 | call to calloc | Missing error detection for the call to function `calloc`. | diff --git a/c/cert/test/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.expected b/c/cert/test/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.expected index 6ea3499517..6567ef6fd1 100644 --- a/c/cert/test/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.expected +++ b/c/cert/test/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.expected @@ -1,25 +1,25 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:24,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:24,59-67) -WARNING: Module DataFlow has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:27,33-41) -WARNING: Module DataFlow has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:27,57-65) -WARNING: Module DataFlow has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:31,33-41) -WARNING: Module DataFlow has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:31,59-67) -WARNING: Module DataFlow has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:40,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:40,25-33) -WARNING: Module DataFlow has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:40,53-61) -WARNING: Module DataFlow has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:43,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:43,57-65) -WARNING: Module DataFlow has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:52,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:52,55-63) -WARNING: Module DataFlow has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:59,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:59,57-65) -WARNING: Module DataFlow has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:71,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:71,55-63) -WARNING: Module TaintTracking has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:24,5-18) -WARNING: Module TaintTracking has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:27,7-20) -WARNING: Module TaintTracking has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:31,7-20) -WARNING: Module TaintTracking has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:43,5-18) -WARNING: Module TaintTracking has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:52,5-18) -WARNING: Module TaintTracking has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:59,5-18) -WARNING: Module TaintTracking has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:71,5-18) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:24,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:24,59-67) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:27,33-41) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:27,57-65) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:31,33-41) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:31,59-67) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:40,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:40,25-33) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:40,53-61) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:43,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:43,57-65) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:52,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:52,55-63) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:59,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:59,57-65) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:71,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:71,55-63) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:24,5-18) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:27,7-20) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:31,7-20) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:43,5-18) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:52,5-18) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:59,5-18) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:71,5-18) | test.c:20:3:20:4 | call to f1 | Depending on the order of evaluation for the arguments $@ and $@ for side effects on shared state is unspecified and can result in unexpected behavior. | test.c:20:6:20:7 | call to f2 | call to f2 | test.c:20:12:20:13 | call to f3 | call to f3 | diff --git a/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected b/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected index b6f96f6ea5..eed9fb4585 100644 --- a/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected +++ b/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected @@ -1,13 +1,13 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:98,86-94) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:120,3-11) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:122,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:127,20-28) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:133,3-11) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:139,55-63) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:140,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:142,20-28) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:149,26-34) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:164,44-52) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:98,86-94) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:120,3-11) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:122,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:127,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:133,3-11) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:139,55-63) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:140,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:142,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:149,26-34) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:164,44-52) edges | test.c:75:14:75:16 | & ... | test.c:76:11:76:12 | v1 | provenance | | | test.c:75:14:75:16 | & ... | test.c:77:12:77:13 | v1 | provenance | | diff --git a/c/cert/test/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.expected b/c/cert/test/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.expected index 1b6505f472..229bd74165 100644 --- a/c/cert/test/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.expected +++ b/c/cert/test/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.expected @@ -1,7 +1,7 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCallFunctionPointerWithIncompatibleType.ql:40,54-62) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCallFunctionPointerWithIncompatibleType.ql:41,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCallFunctionPointerWithIncompatibleType.ql:45,20-28) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCallFunctionPointerWithIncompatibleType.ql:50,43-51) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallFunctionPointerWithIncompatibleType.ql:40,54-62) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallFunctionPointerWithIncompatibleType.ql:41,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallFunctionPointerWithIncompatibleType.ql:45,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallFunctionPointerWithIncompatibleType.ql:50,43-51) edges | test.c:48:68:48:70 | fns [f1] | test.c:49:3:49:5 | fns [f1] | provenance | | | test.c:49:3:49:5 | fns [f1] | test.c:49:8:49:9 | f1 | provenance | | diff --git a/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected b/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected index 6cf822fa15..9f0880455f 100644 --- a/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected +++ b/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected @@ -1,10 +1,10 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:61,38-46) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:64,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:69,20-28) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:102,23-31) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:111,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:111,45-53) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:133,27-35) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:61,38-46) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:64,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:69,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:102,23-31) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:111,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:111,45-53) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:133,27-35) edges | test.c:49:8:49:9 | s3 | test.c:50:8:50:9 | s1 | provenance | | | test.c:60:16:60:18 | E1A | test.c:61:16:61:17 | e1 | provenance | | diff --git a/c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.expected b/c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.expected index e7af404ec1..6dd4ec261a 100644 --- a/c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.expected +++ b/c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.expected @@ -1,7 +1,7 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotModifyConstantObjects.ql:35,30-38) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotModifyConstantObjects.ql:36,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotModifyConstantObjects.ql:42,20-28) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotModifyConstantObjects.ql:47,19-27) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotModifyConstantObjects.ql:35,30-38) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotModifyConstantObjects.ql:36,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotModifyConstantObjects.ql:42,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotModifyConstantObjects.ql:47,19-27) edges | test.c:5:8:5:9 | & ... | test.c:6:4:6:5 | aa | provenance | | | test.c:26:15:26:15 | a | test.c:27:4:27:4 | a | provenance | | diff --git a/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.expected b/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.expected index a77a92ee81..1c8a649094 100644 --- a/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.expected +++ b/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.expected @@ -1,15 +1,15 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:103,36-44) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:118,51-59) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:119,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:121,20-28) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:127,25-33) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:132,40-48) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:146,41-49) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:147,7-15) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:150,43-51) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:151,9-17) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:158,43-51) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:159,9-17) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:103,36-44) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:118,51-59) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:119,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:121,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:127,25-33) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:132,40-48) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:146,41-49) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:147,7-15) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:150,43-51) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:151,9-17) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:158,43-51) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:159,9-17) | test.c:59:3:59:6 | call to copy | Call to 'copy' passes an $@ to a $@ (pointer value derived from a pair of address-of expressions ($@, $@). | test.c:59:13:59:15 | & ... | aliased pointer | test.c:59:8:59:10 | & ... | restrict-qualified parameter | test.c:59:8:59:10 | & ... | addressof1 | test.c:59:13:59:15 | & ... | addressof2 | | test.c:65:3:65:6 | call to copy | Call to 'copy' passes an $@ to a $@ (pointer value derived from a pair of address-of expressions ($@, $@). | test.c:65:15:65:19 | & ... | aliased pointer | test.c:65:8:65:12 | & ... | restrict-qualified parameter | test.c:65:8:65:12 | & ... | addressof1 | test.c:65:15:65:19 | & ... | addressof2 | | test.c:67:3:67:6 | call to copy | Call to 'copy' passes an $@ to a $@ (pointer value derived from a pair of address-of expressions ($@, $@). | test.c:67:15:67:16 | px | aliased pointer | test.c:67:8:67:12 | & ... | restrict-qualified parameter | test.c:67:8:67:12 | & ... | addressof1 | test.c:63:13:63:17 | & ... | addressof2 | diff --git a/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected b/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected index 591e17661a..b9765e77fb 100644 --- a/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected +++ b/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected @@ -1,10 +1,10 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:42,57-65) -WARNING: Module DataFlow has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:43,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:47,20-28) -WARNING: Module DataFlow has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:53,3-11) -WARNING: Module DataFlow has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:56,58-66) -WARNING: Module DataFlow has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:72,64-72) -WARNING: Module DataFlow has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:73,64-72) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:42,57-65) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:43,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:47,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:53,3-11) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:56,58-66) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:72,64-72) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:73,64-72) | test.c:18:22:18:23 | i2 | Assignment to restrict-qualified pointer $@ results in pointers aliasing $@. | test.c:18:17:18:18 | i3 | i3 | test.c:18:22:18:23 | i2 | the object pointed to by i2 | | test.c:19:8:19:9 | g2 | Assignment to restrict-qualified pointer $@ results in pointers aliasing $@. | test.c:5:15:5:16 | g1 | g1 | test.c:19:8:19:9 | g2 | the object pointed to by g2 | | test.c:20:8:20:9 | i2 | Assignment to restrict-qualified pointer $@ results in pointers aliasing $@. | test.c:16:17:16:18 | i1 | i1 | test.c:20:8:20:9 | i2 | the object pointed to by i2 | diff --git a/c/cert/test/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.expected b/c/cert/test/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.expected index 6a73ee98a7..669dd829c8 100644 --- a/c/cert/test/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.expected +++ b/c/cert/test/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.expected @@ -1,6 +1,6 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (ResetStringsOnFgetsOrFgetwsFailure.ql:42,11-19) -WARNING: Module DataFlow has been deprecated and may be removed in future (ResetStringsOnFgetsOrFgetwsFailure.ql:42,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (ResetStringsOnFgetsOrFgetwsFailure.ql:43,13-21) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ResetStringsOnFgetsOrFgetwsFailure.ql:42,11-19) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ResetStringsOnFgetsOrFgetwsFailure.ql:42,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ResetStringsOnFgetsOrFgetwsFailure.ql:43,13-21) | test.c:20:10:20:12 | buf | The buffer is not reset before being referenced following a failed $@. | test.c:15:7:15:11 | call to fgets | call to fgets | | test.c:57:10:57:12 | buf | The buffer is not reset before being referenced following a failed $@. | test.c:52:7:52:11 | call to fgets | call to fgets | | test.c:66:18:66:20 | buf | The buffer is not reset before being referenced following a failed $@. | test.c:61:7:61:11 | call to fgets | call to fgets | diff --git a/c/cert/test/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.expected b/c/cert/test/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.expected index 637918f241..5bff6016e4 100644 --- a/c/cert/test/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.expected +++ b/c/cert/test/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.expected @@ -1,7 +1,7 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:25,32-40) -WARNING: Module DataFlow has been deprecated and may be removed in future (OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:26,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:28,14-22) -WARNING: Module DataFlow has been deprecated and may be removed in future (OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:31,20-28) -WARNING: Module DataFlow has been deprecated and may be removed in future (OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:37,21-29) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:25,32-40) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:26,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:28,14-22) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:31,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:37,21-29) | test.c:7:24:7:30 | & ... | The position argument of a call to `fsetpos()` should be obtained from a call to `fgetpos()`. | | test.c:33:24:33:30 | & ... | The position argument of a call to `fsetpos()` should be obtained from a call to `fgetpos()`. | diff --git a/c/cert/test/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.expected b/c/cert/test/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.expected index f294ce05b7..71df14e907 100644 --- a/c/cert/test/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.expected +++ b/c/cert/test/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.expected @@ -1,3 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (ToctouRaceConditionsWhileAccessingFiles.ql:27,35-43) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ToctouRaceConditionsWhileAccessingFiles.ql:27,35-43) | test.c:4:13:4:17 | call to fopen | This call is trying to prevent an existing file from being overwritten by $@. An attacker might be able to exploit the race window between the two calls. | test.c:11:9:11:13 | call to fopen | another call | | test.c:88:13:88:17 | call to fopen | This call is trying to prevent an existing file from being overwritten by $@. An attacker might be able to exploit the race window between the two calls. | test.c:95:9:95:13 | call to fopen | another call | diff --git a/c/cert/test/rules/MEM35-C/InsufficientMemoryAllocatedForObject.expected b/c/cert/test/rules/MEM35-C/InsufficientMemoryAllocatedForObject.expected index 73dd6ba1e0..6bfbbefc14 100644 --- a/c/cert/test/rules/MEM35-C/InsufficientMemoryAllocatedForObject.expected +++ b/c/cert/test/rules/MEM35-C/InsufficientMemoryAllocatedForObject.expected @@ -1,5 +1,5 @@ -WARNING: Module TaintTracking has been deprecated and may be removed in future (InsufficientMemoryAllocatedForObject.ql:85,5-18) -WARNING: Module TaintTracking has been deprecated and may be removed in future (InsufficientMemoryAllocatedForObject.ql:143,5-18) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (InsufficientMemoryAllocatedForObject.ql:85,5-18) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (InsufficientMemoryAllocatedForObject.ql:143,5-18) | test.c:12:19:12:24 | call to malloc | Allocation size (32 bytes) is not a multiple of the size of 'S1' (36 bytes). | test.c:12:26:12:32 | 32 | | | test.c:15:19:15:24 | call to malloc | Allocation size calculated from the size of a different type ($@). | test.c:15:26:15:35 | sizeof() | sizeof(S1 *) | | test.c:20:19:20:24 | call to malloc | Allocation size (128 bytes) is not a multiple of the size of 'S1' (36 bytes). | test.c:20:26:20:36 | ... * ... | | diff --git a/c/cert/test/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.expected b/c/cert/test/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.expected index 61c2cfb1f0..2f5889c4c6 100644 --- a/c/cert/test/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.expected +++ b/c/cert/test/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.expected @@ -1,8 +1,8 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotModifyAlignmentOfMemoryWithRealloc.ql:26,36-44) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotModifyAlignmentOfMemoryWithRealloc.ql:40,47-55) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotModifyAlignmentOfMemoryWithRealloc.ql:41,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotModifyAlignmentOfMemoryWithRealloc.ql:45,20-28) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotModifyAlignmentOfMemoryWithRealloc.ql:50,36-44) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotModifyAlignmentOfMemoryWithRealloc.ql:26,36-44) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotModifyAlignmentOfMemoryWithRealloc.ql:40,47-55) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotModifyAlignmentOfMemoryWithRealloc.ql:41,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotModifyAlignmentOfMemoryWithRealloc.ql:45,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotModifyAlignmentOfMemoryWithRealloc.ql:50,36-44) edges | test.c:5:10:5:22 | call to aligned_alloc | test.c:15:8:15:28 | call to aligned_alloc_wrapper | provenance | | | test.c:8:29:8:31 | ptr | test.c:8:64:8:66 | ptr | provenance | | diff --git a/c/cert/test/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.expected b/c/cert/test/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.expected index 713646db10..853d999d4e 100644 --- a/c/cert/test/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.expected +++ b/c/cert/test/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.expected @@ -1,5 +1,5 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotPassInvalidDataToTheAsctimeFunction.ql:33,38-46) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotPassInvalidDataToTheAsctimeFunction.ql:34,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotPassInvalidDataToTheAsctimeFunction.ql:41,20-28) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotPassInvalidDataToTheAsctimeFunction.ql:44,27-35) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotPassInvalidDataToTheAsctimeFunction.ql:33,38-46) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotPassInvalidDataToTheAsctimeFunction.ql:34,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotPassInvalidDataToTheAsctimeFunction.ql:41,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotPassInvalidDataToTheAsctimeFunction.ql:44,27-35) | test.c:6:24:6:30 | time_tm | The function `asctime` and `asctime_r` should be discouraged. Unsanitized input can overflow the output buffer. | diff --git a/c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.expected b/c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.expected index 4d4a713487..4eaa05b179 100644 --- a/c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.expected +++ b/c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.expected @@ -1,10 +1,10 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:38,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:39,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:44,20-28) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:47,20-28) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:68,10-18) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:69,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:70,29-37) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:38,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:39,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:44,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:47,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:68,10-18) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:69,29-37) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:70,29-37) | test.c:23:32:23:33 | ap | The value of ap is indeterminate after the $@. | test.c:17:7:17:19 | call to contains_zero | call to contains_zero | | test.c:26:10:26:11 | ap | The value of ap is indeterminate after the $@. | test.c:17:7:17:19 | call to contains_zero | call to contains_zero | | test.c:39:12:39:13 | ap | The value of ap is indeterminate after the $@. | test.c:35:7:35:19 | call to contains_zero | call to contains_zero | diff --git a/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected b/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected index a5f4af8c3c..6190259408 100644 --- a/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected +++ b/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected @@ -1,6 +1,6 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql:105,11-19) -WARNING: Module DataFlow has been deprecated and may be removed in future (CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql:105,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql:106,9-17) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql:105,11-19) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql:105,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql:106,9-17) | test.c:10:3:10:18 | call to log_local_unsafe | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:16:7:16:12 | call to signal | signal handler | | test.c:11:3:11:6 | call to free | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:16:7:16:12 | call to signal | signal handler | | test.c:46:3:46:9 | call to longjmp | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:50:7:50:12 | call to signal | signal handler | diff --git a/c/cert/test/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.expected b/c/cert/test/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.expected index d4796c6ede..e861e90e9e 100644 --- a/c/cert/test/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.expected +++ b/c/cert/test/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.expected @@ -1,2 +1,2 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotReturnFromAComputationalExceptionHandler.ql:39,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotReturnFromAComputationalExceptionHandler.ql:39,5-13) | test.c:10:1:10:1 | return ... | Do not return from a $@ signal handler. | test.c:13:10:13:15 | SIGFPE | computational exception | diff --git a/c/cert/test/rules/STR30-C/DoNotAttemptToModifyStringLiterals.expected b/c/cert/test/rules/STR30-C/DoNotAttemptToModifyStringLiterals.expected index 7215fd8603..2a45193a17 100644 --- a/c/cert/test/rules/STR30-C/DoNotAttemptToModifyStringLiterals.expected +++ b/c/cert/test/rules/STR30-C/DoNotAttemptToModifyStringLiterals.expected @@ -1,18 +1,18 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:42,65-73) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:43,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:64,20-28) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:77,3-11) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:101,11-19) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:101,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:101,55-63) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:106,11-19) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:106,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:106,57-65) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:139,11-19) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:139,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:139,55-63) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:150,53-61) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:151,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:42,65-73) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:43,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:64,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:77,3-11) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:101,11-19) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:101,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:101,55-63) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:106,11-19) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:106,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:106,57-65) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:139,11-19) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:139,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:139,55-63) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:150,53-61) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:151,5-13) | test.c:7:3:7:3 | a | This operation may write to a string that may be a string literal that was $@. | test.c:6:13:6:20 | codeql | created here | | test.c:30:3:30:3 | a | This operation may write to a string that may be a string literal that was $@. | test.c:29:13:29:18 | call to strchr | created here | | test.c:36:3:36:3 | b | This operation may write to a string that may be a string literal that was $@. | test.c:35:13:35:18 | call to strchr | created here | diff --git a/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.expected b/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.expected index 4c411382f0..9012a2d78a 100644 --- a/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.expected +++ b/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.expected @@ -1,9 +1,9 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (StringsHasSufficientSpaceForTheNullTerminator.ql:57,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (StringsHasSufficientSpaceForTheNullTerminator.ql:57,55-63) -WARNING: Module DataFlow has been deprecated and may be removed in future (StringsHasSufficientSpaceForTheNullTerminator.ql:63,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (StringsHasSufficientSpaceForTheNullTerminator.ql:63,54-62) -WARNING: Module TaintTracking has been deprecated and may be removed in future (StringsHasSufficientSpaceForTheNullTerminator.ql:57,5-18) -WARNING: Module TaintTracking has been deprecated and may be removed in future (StringsHasSufficientSpaceForTheNullTerminator.ql:63,5-18) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (StringsHasSufficientSpaceForTheNullTerminator.ql:57,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (StringsHasSufficientSpaceForTheNullTerminator.ql:57,55-63) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (StringsHasSufficientSpaceForTheNullTerminator.ql:63,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (StringsHasSufficientSpaceForTheNullTerminator.ql:63,54-62) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (StringsHasSufficientSpaceForTheNullTerminator.ql:57,5-18) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (StringsHasSufficientSpaceForTheNullTerminator.ql:63,5-18) | test.c:10:20:10:24 | Cod | Expression produces or consumes a string that may not have sufficient space for a null-terminator. | | test.c:16:3:16:9 | call to strncpy | Expression produces or consumes a string that may not have sufficient space for a null-terminator. | | test.c:26:3:26:10 | call to snprintf | Expression produces or consumes a string that may not have sufficient space for a null-terminator. | diff --git a/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected b/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected index e20b708dab..da86e69b88 100644 --- a/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected +++ b/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected @@ -1,13 +1,13 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:64,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:66,20-28) -WARNING: Module DataFlow has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:74,39-47) -WARNING: Module DataFlow has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:75,20-28) -WARNING: Module DataFlow has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:81,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:83,34-42) -WARNING: Module DataFlow has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:83,57-65) -WARNING: Module DataFlow has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:123,3-11) -WARNING: Module DataFlow has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:123,26-34) -WARNING: Module TaintTracking has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:120,17-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:64,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:66,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:74,39-47) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:75,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:81,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:83,34-42) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:83,57-65) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:123,3-11) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:123,26-34) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:120,17-30) | test.c:20:3:20:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:8:20:8:24 | Cod | this expression | | test.c:21:3:21:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:8:20:8:24 | Cod | this expression | | test.c:23:3:23:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:14:3:14:9 | call to strncpy | this expression | diff --git a/c/misra/test/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.expected b/c/misra/test/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.expected index d9cd037d42..cb4422f5f1 100644 --- a/c/misra/test/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.expected +++ b/c/misra/test/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.expected @@ -1,9 +1,9 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:47,36-44) -WARNING: Module DataFlow has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:48,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:50,20-28) -WARNING: Module DataFlow has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:55,25-33) -WARNING: Module DataFlow has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:71,28-36) -WARNING: Module DataFlow has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:71,51-59) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:47,36-44) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:48,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:50,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:55,25-33) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:71,28-36) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:71,51-59) | test.c:18:6:18:6 | 0 | The function argument does not have a sufficient number or elements declared in the $@. | test.c:1:13:1:14 | ar | parameter | | test.c:19:6:19:7 | ar | The function argument does not have a sufficient number or elements declared in the $@. | test.c:1:13:1:14 | ar | parameter | | test.c:21:6:21:9 | ar2p | The function argument does not have a sufficient number or elements declared in the $@. | test.c:1:13:1:14 | ar | parameter | diff --git a/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected b/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected index ef6703a285..cf45b21eb4 100644 --- a/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected +++ b/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected @@ -1,7 +1,7 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (MemcmpUsedToCompareNullTerminatedStrings.ql:22,54-62) -WARNING: Module DataFlow has been deprecated and may be removed in future (MemcmpUsedToCompareNullTerminatedStrings.ql:23,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (MemcmpUsedToCompareNullTerminatedStrings.ql:49,20-28) -WARNING: Module TaintTracking has been deprecated and may be removed in future (MemcmpUsedToCompareNullTerminatedStrings.ql:57,43-56) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (MemcmpUsedToCompareNullTerminatedStrings.ql:22,54-62) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (MemcmpUsedToCompareNullTerminatedStrings.ql:23,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (MemcmpUsedToCompareNullTerminatedStrings.ql:49,20-28) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (MemcmpUsedToCompareNullTerminatedStrings.ql:57,43-56) edges | test.c:12:13:12:15 | a | test.c:14:10:14:10 | a | provenance | | | test.c:12:13:12:15 | a | test.c:23:13:23:13 | a | provenance | | diff --git a/c/misra/test/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.expected b/c/misra/test/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.expected index 3382b66847..6360b21973 100644 --- a/c/misra/test/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.expected +++ b/c/misra/test/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.expected @@ -1,4 +1,4 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (FileOpenForReadAndWriteOnDifferentStreams.ql:38,9-17) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (FileOpenForReadAndWriteOnDifferentStreams.ql:38,9-17) | test.c:6:14:6:18 | call to fopen | The same file was already opened $@. Files should not be read and written at the same time using different streams. | test.c:5:14:5:18 | call to fopen | here | | test.c:17:14:17:18 | call to fopen | The same file was already opened $@. Files should not be read and written at the same time using different streams. | test.c:16:14:16:18 | call to fopen | here | | test.c:33:14:33:18 | call to fopen | The same file was already opened $@. Files should not be read and written at the same time using different streams. | test.c:32:14:32:18 | call to fopen | here | diff --git a/c/misra/test/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.expected b/c/misra/test/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.expected index 08363e7dda..88dca316a2 100644 --- a/c/misra/test/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.expected +++ b/c/misra/test/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.expected @@ -1,8 +1,8 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:18,32-40) -WARNING: Module DataFlow has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:19,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:24,20-28) -WARNING: Module DataFlow has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:30,21-29) -WARNING: Module DataFlow has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:32,6-14) -WARNING: Module DataFlow has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:35,28-36) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:18,32-40) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:19,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:24,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:30,21-29) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:32,6-14) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:35,28-36) | test.c:10:3:10:9 | call to fprintf | Attempt to write to a $@ opened as read-only. | test.c:9:14:9:18 | call to fopen | stream | | test.c:15:3:15:9 | call to fprintf | Attempt to write to a $@ opened as read-only. | test.c:18:14:18:18 | call to fopen | stream | diff --git a/c/misra/test/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.expected b/c/misra/test/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.expected index 9e975d34e4..a7ee20c0b0 100644 --- a/c/misra/test/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.expected +++ b/c/misra/test/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.expected @@ -1,10 +1,10 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:22,28-36) -WARNING: Module DataFlow has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:23,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:27,20-28) -WARNING: Module DataFlow has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:36,23-31) -WARNING: Module DataFlow has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:41,17-25) -WARNING: Module DataFlow has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:50,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:58,20-28) -WARNING: Module DataFlow has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:58,46-54) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:22,28-36) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:23,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:27,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:36,23-31) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:41,17-25) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:50,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:58,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:58,46-54) | test.c:6:7:6:20 | ... != ... | The check is not reliable as the type of the return value of $@ is converted. | test.c:5:14:5:20 | call to getchar | call to getchar | | test.c:13:7:13:15 | ... != ... | The check is not reliable as the type of the return value of $@ is converted. | test.c:12:14:12:20 | call to getchar | call to getchar | diff --git a/cpp/autosar/test/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.expected b/cpp/autosar/test/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.expected index 11b622f271..5d1d6022b5 100644 --- a/cpp/autosar/test/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.expected +++ b/cpp/autosar/test/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.expected @@ -1,4 +1,4 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.ql:27,33-41) -WARNING: Module DataFlow has been deprecated and may be removed in future (UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.ql:28,5-13) -WARNING: Module TaintTracking has been deprecated and may be removed in future (UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.ql:27,7-20) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.ql:27,33-41) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.ql:28,5-13) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.ql:27,7-20) | test.cpp:47:8:47:23 | operator ""_uds5 | User defined literal operator returns $@, which is not converted from a passed parameter | test.cpp:48:10:48:12 | 0.0 | expression | diff --git a/cpp/autosar/test/rules/A13-2-1/AssignmentOperatorReturnThis.expected b/cpp/autosar/test/rules/A13-2-1/AssignmentOperatorReturnThis.expected index 4a4697facc..9c0d50ca86 100644 --- a/cpp/autosar/test/rules/A13-2-1/AssignmentOperatorReturnThis.expected +++ b/cpp/autosar/test/rules/A13-2-1/AssignmentOperatorReturnThis.expected @@ -1,4 +1,4 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (AssignmentOperatorReturnThis.ql:25,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AssignmentOperatorReturnThis.ql:25,5-13) | test.cpp:10:12:10:20 | operator= | User-defined assignment operator $@ does not return *this | test.cpp:10:12:10:20 | operator= | user defined assignment operator | | test.cpp:17:11:17:19 | operator= | User-defined assignment operator $@ does not return *this | test.cpp:17:11:17:19 | operator= | user defined assignment operator | | test.cpp:24:12:24:20 | operator= | User-defined assignment operator $@ does not return *this | test.cpp:24:12:24:20 | operator= | user defined assignment operator | diff --git a/cpp/autosar/test/rules/A15-1-3/ThrownExceptionsShouldBeUnique.expected b/cpp/autosar/test/rules/A15-1-3/ThrownExceptionsShouldBeUnique.expected index 92504006b9..5db0f83985 100644 --- a/cpp/autosar/test/rules/A15-1-3/ThrownExceptionsShouldBeUnique.expected +++ b/cpp/autosar/test/rules/A15-1-3/ThrownExceptionsShouldBeUnique.expected @@ -1,4 +1,4 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (ThrownExceptionsShouldBeUnique.ql:24,3-11) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ThrownExceptionsShouldBeUnique.ql:24,3-11) | test.cpp:6:5:6:26 | throw ... | The $@ thrown here is a possible duplicate of the $@ thrown $@. | test.cpp:6:5:6:26 | call to exception | std::exception exception | test.cpp:14:5:14:26 | call to exception | exception | test.cpp:14:5:14:26 | throw ... | here | | test.cpp:8:5:8:53 | throw ... | The $@ thrown here is a possible duplicate of the $@ thrown $@. | test.cpp:8:5:8:53 | call to runtime_error | std::runtime_error exception | test.cpp:16:5:16:53 | call to runtime_error | exception | test.cpp:16:5:16:53 | throw ... | here | | test.cpp:14:5:14:26 | throw ... | The $@ thrown here is a possible duplicate of the $@ thrown $@. | test.cpp:14:5:14:26 | call to exception | std::exception exception | test.cpp:6:5:6:26 | call to exception | exception | test.cpp:6:5:6:26 | throw ... | here | diff --git a/cpp/autosar/test/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.expected b/cpp/autosar/test/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.expected index 2fd57c3b20..529a7ccf99 100644 --- a/cpp/autosar/test/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.expected +++ b/cpp/autosar/test/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.expected @@ -1,12 +1,12 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (ConstructorErrorLeavesObjectInInvalidState.ql:47,12-20) -WARNING: Module DataFlow has been deprecated and may be removed in future (ConstructorErrorLeavesObjectInInvalidState.ql:48,30-38) -WARNING: Module DataFlow has been deprecated and may be removed in future (ConstructorErrorLeavesObjectInInvalidState.ql:48,57-65) -WARNING: Module DataFlow has been deprecated and may be removed in future (ConstructorErrorLeavesObjectInInvalidState.ql:74,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (ConstructorErrorLeavesObjectInInvalidState.ql:74,25-33) -WARNING: Module DataFlow has been deprecated and may be removed in future (ConstructorErrorLeavesObjectInInvalidState.ql:75,7-15) -WARNING: Module DataFlow has been deprecated and may be removed in future (ConstructorErrorLeavesObjectInInvalidState.ql:130,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (ConstructorErrorLeavesObjectInInvalidState.ql:130,25-33) -WARNING: Module DataFlow has been deprecated and may be removed in future (ConstructorErrorLeavesObjectInInvalidState.ql:130,54-62) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ConstructorErrorLeavesObjectInInvalidState.ql:47,12-20) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ConstructorErrorLeavesObjectInInvalidState.ql:48,30-38) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ConstructorErrorLeavesObjectInInvalidState.ql:48,57-65) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ConstructorErrorLeavesObjectInInvalidState.ql:74,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ConstructorErrorLeavesObjectInInvalidState.ql:74,25-33) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ConstructorErrorLeavesObjectInInvalidState.ql:75,7-15) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ConstructorErrorLeavesObjectInInvalidState.ql:130,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ConstructorErrorLeavesObjectInInvalidState.ql:130,25-33) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ConstructorErrorLeavesObjectInInvalidState.ql:130,54-62) edges | test.cpp:12:16:12:27 | new [bad_alloc] | test.cpp:14:33:16:5 | { ... } [bad_alloc] | | test.cpp:13:7:13:28 | throw ... [exception] | test.cpp:14:33:16:5 | { ... } [exception] | diff --git a/cpp/autosar/test/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.expected b/cpp/autosar/test/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.expected index e71e667685..bd46224da6 100644 --- a/cpp/autosar/test/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.expected +++ b/cpp/autosar/test/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.expected @@ -1,10 +1,10 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (PointerToAnElementOfAnArrayPassedToASmartPointer.ql:26,67-75) -WARNING: Module DataFlow has been deprecated and may be removed in future (PointerToAnElementOfAnArrayPassedToASmartPointer.ql:27,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (PointerToAnElementOfAnArrayPassedToASmartPointer.ql:39,20-28) -WARNING: Module DataFlow has been deprecated and may be removed in future (PointerToAnElementOfAnArrayPassedToASmartPointer.ql:50,34-42) -WARNING: Module DataFlow has been deprecated and may be removed in future (PointerToAnElementOfAnArrayPassedToASmartPointer.ql:50,57-65) -WARNING: Module DataFlow has been deprecated and may be removed in future (PointerToAnElementOfAnArrayPassedToASmartPointer.ql:58,25-33) -WARNING: Module TaintTracking has been deprecated and may be removed in future (PointerToAnElementOfAnArrayPassedToASmartPointer.ql:70,3-16) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (PointerToAnElementOfAnArrayPassedToASmartPointer.ql:26,67-75) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (PointerToAnElementOfAnArrayPassedToASmartPointer.ql:27,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (PointerToAnElementOfAnArrayPassedToASmartPointer.ql:39,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (PointerToAnElementOfAnArrayPassedToASmartPointer.ql:50,34-42) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (PointerToAnElementOfAnArrayPassedToASmartPointer.ql:50,57-65) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (PointerToAnElementOfAnArrayPassedToASmartPointer.ql:58,25-33) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (PointerToAnElementOfAnArrayPassedToASmartPointer.ql:70,3-16) edges | test.cpp:3:36:3:45 | new[] | test.cpp:19:27:19:44 | call to allocate_int_array | provenance | | | test.cpp:3:36:3:45 | new[] | test.cpp:23:12:23:29 | call to allocate_int_array | provenance | | diff --git a/cpp/autosar/test/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.expected b/cpp/autosar/test/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.expected index cf611ded5b..6ab75d989e 100644 --- a/cpp/autosar/test/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.expected +++ b/cpp/autosar/test/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.expected @@ -1,7 +1,7 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (UnnecessaryUseOfDynamicStorage.ql:55,34-42) -WARNING: Module DataFlow has been deprecated and may be removed in future (UnnecessaryUseOfDynamicStorage.ql:57,26-34) -WARNING: Module TaintTracking has been deprecated and may be removed in future (UnnecessaryUseOfDynamicStorage.ql:71,5-18) -WARNING: Module TaintTracking has been deprecated and may be removed in future (UnnecessaryUseOfDynamicStorage.ql:76,41-54) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (UnnecessaryUseOfDynamicStorage.ql:55,34-42) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (UnnecessaryUseOfDynamicStorage.ql:57,26-34) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (UnnecessaryUseOfDynamicStorage.ql:71,5-18) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (UnnecessaryUseOfDynamicStorage.ql:76,41-54) | test.cpp:17:17:17:29 | new | StructA object of size 8 bytes does not appear to outlive the function, but is created on the heap instead of the stack. | | test.cpp:21:17:21:32 | new[] | StructA[] object of size 800 bytes does not appear to outlive the function, but is created on the heap instead of the stack. | | test.cpp:35:20:35:44 | call to make_shared | StructA object of size 8 bytes does not appear to outlive the function, but is created on the heap instead of the stack. | diff --git a/cpp/autosar/test/rules/A18-9-4/ArgumentToForwardSubsequentlyUsed.expected b/cpp/autosar/test/rules/A18-9-4/ArgumentToForwardSubsequentlyUsed.expected index 2875a68f28..9e1cf41d3d 100644 --- a/cpp/autosar/test/rules/A18-9-4/ArgumentToForwardSubsequentlyUsed.expected +++ b/cpp/autosar/test/rules/A18-9-4/ArgumentToForwardSubsequentlyUsed.expected @@ -1,4 +1,4 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (ArgumentToForwardSubsequentlyUsed.ql:22,10-18) -WARNING: Module DataFlow has been deprecated and may be removed in future (ArgumentToForwardSubsequentlyUsed.ql:24,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (ArgumentToForwardSubsequentlyUsed.ql:24,30-38) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ArgumentToForwardSubsequentlyUsed.ql:22,10-18) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ArgumentToForwardSubsequentlyUsed.ql:24,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ArgumentToForwardSubsequentlyUsed.ql:24,30-38) | test.cpp:8:5:8:6 | t2 | The argument $@ of `std::forward` may be indeterminate when accessed at this location. | test.cpp:7:45:7:46 | t2 | t2 | diff --git a/cpp/autosar/test/rules/A20-8-4/SharedPointerUsedWithNoOwnershipSharing.expected b/cpp/autosar/test/rules/A20-8-4/SharedPointerUsedWithNoOwnershipSharing.expected index 03406ac254..5b770a1925 100644 --- a/cpp/autosar/test/rules/A20-8-4/SharedPointerUsedWithNoOwnershipSharing.expected +++ b/cpp/autosar/test/rules/A20-8-4/SharedPointerUsedWithNoOwnershipSharing.expected @@ -1,4 +1,4 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (SharedPointerUsedWithNoOwnershipSharing.ql:47,7-15) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (SharedPointerUsedWithNoOwnershipSharing.ql:47,7-15) | test.cpp:14:24:14:26 | sp3 | The ownership of shared_ptr $@ is not shared within or passed out of the local scope of function $@. | test.cpp:14:24:14:26 | sp3 | sp3 | test.cpp:11:22:11:23 | f1 | f1 | | test.cpp:16:24:16:26 | sp5 | The ownership of shared_ptr $@ is not shared within or passed out of the local scope of function $@. | test.cpp:16:24:16:26 | sp5 | sp5 | test.cpp:11:22:11:23 | f1 | f1 | | test.cpp:17:24:17:26 | sp6 | The ownership of shared_ptr $@ is not shared within or passed out of the local scope of function $@. | test.cpp:17:24:17:26 | sp6 | sp6 | test.cpp:11:22:11:23 | f1 | f1 | diff --git a/cpp/autosar/test/rules/A27-0-4/CStyleStringsUsed.expected b/cpp/autosar/test/rules/A27-0-4/CStyleStringsUsed.expected index eaaaaac98d..555cb412b8 100644 --- a/cpp/autosar/test/rules/A27-0-4/CStyleStringsUsed.expected +++ b/cpp/autosar/test/rules/A27-0-4/CStyleStringsUsed.expected @@ -1,6 +1,6 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (CStyleStringsUsed.ql:39,3-11) -WARNING: Module DataFlow has been deprecated and may be removed in future (CStyleStringsUsed.ql:39,23-31) -WARNING: Module DataFlow has been deprecated and may be removed in future (CStyleStringsUsed.ql:39,47-55) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (CStyleStringsUsed.ql:39,3-11) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (CStyleStringsUsed.ql:39,23-31) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (CStyleStringsUsed.ql:39,47-55) | test.cpp:7:20:7:27 | CodeQL | Usage of C-style string in $@. | test.cpp:7:20:7:27 | CodeQL | expression | | test.cpp:7:20:7:27 | CodeQL | Usage of C-style string in $@. | test.cpp:16:16:16:17 | a1 | expression | | test.cpp:8:22:8:26 | call to c_str | Usage of C-style string in $@. | test.cpp:8:22:8:26 | call to c_str | expression | diff --git a/cpp/autosar/test/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.expected b/cpp/autosar/test/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.expected index 9f97a58467..e2b51e5fb9 100644 --- a/cpp/autosar/test/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.expected +++ b/cpp/autosar/test/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.expected @@ -1,7 +1,7 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (PointerArithmeticUsedWithPointersToNonFinalClasses.ql:45,62-70) -WARNING: Module DataFlow has been deprecated and may be removed in future (PointerArithmeticUsedWithPointersToNonFinalClasses.ql:46,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (PointerArithmeticUsedWithPointersToNonFinalClasses.ql:55,20-28) -WARNING: Module DataFlow has been deprecated and may be removed in future (PointerArithmeticUsedWithPointersToNonFinalClasses.ql:61,3-11) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (PointerArithmeticUsedWithPointersToNonFinalClasses.ql:45,62-70) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (PointerArithmeticUsedWithPointersToNonFinalClasses.ql:46,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (PointerArithmeticUsedWithPointersToNonFinalClasses.ql:55,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (PointerArithmeticUsedWithPointersToNonFinalClasses.ql:61,3-11) edges | test.cpp:10:18:10:20 | foo | test.cpp:11:23:11:25 | foo | provenance | | | test.cpp:10:18:10:20 | foo | test.cpp:11:50:11:52 | foo | provenance | | diff --git a/cpp/autosar/test/rules/A5-1-7/LambdaPassedToDecltype.expected b/cpp/autosar/test/rules/A5-1-7/LambdaPassedToDecltype.expected index 03eaab82aa..56896d69fd 100644 --- a/cpp/autosar/test/rules/A5-1-7/LambdaPassedToDecltype.expected +++ b/cpp/autosar/test/rules/A5-1-7/LambdaPassedToDecltype.expected @@ -1,7 +1,7 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (LambdaPassedToDecltype.ql:20,55-63) -WARNING: Module DataFlow has been deprecated and may be removed in future (LambdaPassedToDecltype.ql:21,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (LambdaPassedToDecltype.ql:23,20-28) -WARNING: Module DataFlow has been deprecated and may be removed in future (LambdaPassedToDecltype.ql:28,44-52) -WARNING: Module DataFlow has been deprecated and may be removed in future (LambdaPassedToDecltype.ql:39,47-55) -WARNING: Module DataFlow has been deprecated and may be removed in future (LambdaPassedToDecltype.ql:40,9-17) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (LambdaPassedToDecltype.ql:20,55-63) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (LambdaPassedToDecltype.ql:21,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (LambdaPassedToDecltype.ql:23,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (LambdaPassedToDecltype.ql:28,44-52) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (LambdaPassedToDecltype.ql:39,47-55) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (LambdaPassedToDecltype.ql:40,9-17) | test.cpp:14:23:14:24 | decltype(...) | Lambda $@ passed as operand to decltype. | test.cpp:5:13:5:30 | [...](...){...} | expression | diff --git a/cpp/autosar/test/rules/A5-1-7/LambdaPassedToTypeid.expected b/cpp/autosar/test/rules/A5-1-7/LambdaPassedToTypeid.expected index 916b9db113..8f86a87616 100644 --- a/cpp/autosar/test/rules/A5-1-7/LambdaPassedToTypeid.expected +++ b/cpp/autosar/test/rules/A5-1-7/LambdaPassedToTypeid.expected @@ -1,7 +1,7 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (LambdaPassedToTypeid.ql:21,50-58) -WARNING: Module DataFlow has been deprecated and may be removed in future (LambdaPassedToTypeid.ql:22,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (LambdaPassedToTypeid.ql:24,20-28) -WARNING: Module DataFlow has been deprecated and may be removed in future (LambdaPassedToTypeid.ql:27,39-47) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (LambdaPassedToTypeid.ql:21,50-58) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (LambdaPassedToTypeid.ql:22,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (LambdaPassedToTypeid.ql:24,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (LambdaPassedToTypeid.ql:27,39-47) edges | test.cpp:5:13:5:30 | [...](...){...} | test.cpp:8:38:8:39 | l1 | provenance | | | test.cpp:6:13:6:30 | [...](...){...} | test.cpp:9:38:9:39 | l2 | provenance | | diff --git a/cpp/autosar/test/rules/A7-5-1/InvalidFunctionReturnType.expected b/cpp/autosar/test/rules/A7-5-1/InvalidFunctionReturnType.expected index 0ab837454a..3287ba88d1 100644 --- a/cpp/autosar/test/rules/A7-5-1/InvalidFunctionReturnType.expected +++ b/cpp/autosar/test/rules/A7-5-1/InvalidFunctionReturnType.expected @@ -1,5 +1,5 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (InvalidFunctionReturnType.ql:27,3-11) -WARNING: Module DataFlow has been deprecated and may be removed in future (InvalidFunctionReturnType.ql:27,23-31) -WARNING: Module DataFlow has been deprecated and may be removed in future (InvalidFunctionReturnType.ql:27,51-59) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (InvalidFunctionReturnType.ql:27,3-11) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (InvalidFunctionReturnType.ql:27,23-31) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (InvalidFunctionReturnType.ql:27,51-59) | test.cpp:5:3:5:11 | return ... | Function test_refconst_return returns a reference or a pointer to $@ that is passed by reference to const. | test.cpp:4:44:4:44 | x | parameter | | test.cpp:8:3:8:14 | return ... | Function test_ptrconst_return returns a reference or a pointer to $@ that is passed by reference to const. | test.cpp:7:44:7:44 | x | parameter | diff --git a/cpp/autosar/test/rules/A8-4-11/SmartPointerAsParameterWithoutLifetimeSemantics.expected b/cpp/autosar/test/rules/A8-4-11/SmartPointerAsParameterWithoutLifetimeSemantics.expected index be4a4107fd..2ce56fdce9 100644 --- a/cpp/autosar/test/rules/A8-4-11/SmartPointerAsParameterWithoutLifetimeSemantics.expected +++ b/cpp/autosar/test/rules/A8-4-11/SmartPointerAsParameterWithoutLifetimeSemantics.expected @@ -1,5 +1,5 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (SmartPointerAsParameterWithoutLifetimeSemantics.ql:47,3-11) -WARNING: Module DataFlow has been deprecated and may be removed in future (SmartPointerAsParameterWithoutLifetimeSemantics.ql:56,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (SmartPointerAsParameterWithoutLifetimeSemantics.ql:47,3-11) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (SmartPointerAsParameterWithoutLifetimeSemantics.ql:56,5-13) | test.cpp:7:41:7:43 | up1 | Function $@ takes smart pointer parameter 'up1' but does not implement any lifetime-affecting operations. | test.cpp:7:6:7:18 | smart_ptr_get | smart_ptr_get | | test.cpp:16:53:16:55 | sp1 | Function $@ takes smart pointer parameter 'sp1' but does not implement any lifetime-affecting operations. | test.cpp:16:6:16:29 | smart_ptr_ref_assign_ref | smart_ptr_ref_assign_ref | | test.cpp:28:55:28:57 | sp1 | Function $@ takes smart pointer parameter 'sp1' but does not implement any lifetime-affecting operations. | test.cpp:28:6:28:31 | smart_ptr_ref_noncompliant | smart_ptr_ref_noncompliant | diff --git a/cpp/autosar/test/rules/A8-4-12/UniquePtrPassedToFunctionWithImproperSemantics.expected b/cpp/autosar/test/rules/A8-4-12/UniquePtrPassedToFunctionWithImproperSemantics.expected index b2273e66f3..0a8ead4af8 100644 --- a/cpp/autosar/test/rules/A8-4-12/UniquePtrPassedToFunctionWithImproperSemantics.expected +++ b/cpp/autosar/test/rules/A8-4-12/UniquePtrPassedToFunctionWithImproperSemantics.expected @@ -1,5 +1,5 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (UniquePtrPassedToFunctionWithImproperSemantics.ql:41,3-11) -WARNING: Module DataFlow has been deprecated and may be removed in future (UniquePtrPassedToFunctionWithImproperSemantics.ql:51,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (UniquePtrPassedToFunctionWithImproperSemantics.ql:41,3-11) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (UniquePtrPassedToFunctionWithImproperSemantics.ql:51,5-13) | test.cpp:13:55:13:56 | v1 | Parameter of type std::unique_ptr passed as lvalue reference but not used to modify underlying object. | | test.cpp:17:47:17:48 | v1 | Parameter of type std::unique_ptr passed as lvalue reference but not used to modify underlying object. | | test.cpp:22:27:22:28 | v1 | Parameter of type std::unique_ptr passed as lvalue reference but not used to modify underlying object. | diff --git a/cpp/autosar/test/rules/A8-4-9/InOutParametersDeclaredAsTNotModified.expected b/cpp/autosar/test/rules/A8-4-9/InOutParametersDeclaredAsTNotModified.expected index 15e513c639..bafa98112f 100644 --- a/cpp/autosar/test/rules/A8-4-9/InOutParametersDeclaredAsTNotModified.expected +++ b/cpp/autosar/test/rules/A8-4-9/InOutParametersDeclaredAsTNotModified.expected @@ -1,5 +1,5 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (InOutParametersDeclaredAsTNotModified.ql:49,7-15) -WARNING: Module DataFlow has been deprecated and may be removed in future (InOutParametersDeclaredAsTNotModified.ql:63,7-15) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (InOutParametersDeclaredAsTNotModified.ql:49,7-15) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (InOutParametersDeclaredAsTNotModified.ql:63,7-15) | test.cpp:4:13:4:13 | i | In-out parameter i that is not written to. | | test.cpp:7:22:7:24 | str | In-out parameter str that is not read from. | | test.cpp:18:14:18:14 | i | In-out parameter i that is not read from. | diff --git a/cpp/autosar/test/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.expected b/cpp/autosar/test/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.expected index 84d7f2d7f0..70892c12c8 100644 --- a/cpp/autosar/test/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.expected +++ b/cpp/autosar/test/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.expected @@ -1,6 +1,6 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.ql:73,3-11) -WARNING: Module DataFlow has been deprecated and may be removed in future (ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.ql:73,23-31) -WARNING: Module DataFlow has been deprecated and may be removed in future (ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.ql:73,46-54) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.ql:73,3-11) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.ql:73,23-31) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.ql:73,46-54) | test.cpp:20:8:20:12 | getB2 | Member function A::getB2 $@ a non-const raw pointer or reference to a private or protected $@. | test.cpp:20:25:20:25 | b | returns | test.cpp:54:7:54:7 | b | field | | test.cpp:22:8:22:12 | getB3 | Member function A::getB3 $@ a non-const raw pointer or reference to a private or protected $@. | test.cpp:22:25:22:26 | & ... | returns | test.cpp:54:7:54:7 | b | field | | test.cpp:24:8:24:13 | getB33 | Member function A::getB33 $@ a non-const raw pointer or reference to a private or protected $@. | test.cpp:26:12:26:13 | bb | returns | test.cpp:54:7:54:7 | b | field | diff --git a/cpp/autosar/test/rules/M0-3-2/FunctionErroneousReturnValueNotTested.expected b/cpp/autosar/test/rules/M0-3-2/FunctionErroneousReturnValueNotTested.expected index 15f4e9a793..1b2aef1b24 100644 --- a/cpp/autosar/test/rules/M0-3-2/FunctionErroneousReturnValueNotTested.expected +++ b/cpp/autosar/test/rules/M0-3-2/FunctionErroneousReturnValueNotTested.expected @@ -1,4 +1,4 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (FunctionErroneousReturnValueNotTested.ql:70,9-17) -WARNING: Module DataFlow has been deprecated and may be removed in future (FunctionErroneousReturnValueNotTested.ql:70,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (FunctionErroneousReturnValueNotTested.ql:70,53-61) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (FunctionErroneousReturnValueNotTested.ql:70,9-17) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (FunctionErroneousReturnValueNotTested.ql:70,29-37) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (FunctionErroneousReturnValueNotTested.ql:70,53-61) | test.cpp:16:3:16:8 | call to remove | Return value is not tested for errors. | diff --git a/cpp/autosar/test/rules/M3-9-3/UnderlyingBitRepresentationsOfFloatingPointValuesUsed.expected b/cpp/autosar/test/rules/M3-9-3/UnderlyingBitRepresentationsOfFloatingPointValuesUsed.expected index 2545360a7b..d0fe6416ca 100644 --- a/cpp/autosar/test/rules/M3-9-3/UnderlyingBitRepresentationsOfFloatingPointValuesUsed.expected +++ b/cpp/autosar/test/rules/M3-9-3/UnderlyingBitRepresentationsOfFloatingPointValuesUsed.expected @@ -1,5 +1,5 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (UnderlyingBitRepresentationsOfFloatingPointValuesUsed.ql:27,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (UnderlyingBitRepresentationsOfFloatingPointValuesUsed.ql:36,10-18) -WARNING: Module DataFlow has been deprecated and may be removed in future (UnderlyingBitRepresentationsOfFloatingPointValuesUsed.ql:37,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (UnderlyingBitRepresentationsOfFloatingPointValuesUsed.ql:27,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (UnderlyingBitRepresentationsOfFloatingPointValuesUsed.ql:36,10-18) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (UnderlyingBitRepresentationsOfFloatingPointValuesUsed.ql:37,5-13) | test.cpp:5:3:5:20 | ... &= ... | Modification of bit-representation of float originated at $@ | test.cpp:4:24:4:60 | reinterpret_cast... | cast | | test.cpp:12:3:12:14 | ... &= ... | Modification of bit-representation of float originated at $@ | test.cpp:11:18:11:30 | (uint8_t *)... | cast | diff --git a/cpp/autosar/test/rules/M9-3-1/ConstMemberFunctionReturnsNonConstPointer.expected b/cpp/autosar/test/rules/M9-3-1/ConstMemberFunctionReturnsNonConstPointer.expected index eee85d22c0..af7e9efc36 100644 --- a/cpp/autosar/test/rules/M9-3-1/ConstMemberFunctionReturnsNonConstPointer.expected +++ b/cpp/autosar/test/rules/M9-3-1/ConstMemberFunctionReturnsNonConstPointer.expected @@ -1,5 +1,5 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (ConstMemberFunctionReturnsNonConstPointer.ql:53,7-15) -WARNING: Module DataFlow has been deprecated and may be removed in future (ConstMemberFunctionReturnsNonConstPointer.ql:55,7-15) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ConstMemberFunctionReturnsNonConstPointer.ql:53,7-15) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ConstMemberFunctionReturnsNonConstPointer.ql:55,7-15) | test.cpp:8:8:8:11 | getA | Const member function returns a pointer to class data $@. | test.cpp:3:8:3:8 | a | a | | test.cpp:9:8:9:11 | getB | Const member function returns a pointer to class data $@. | test.cpp:4:8:4:8 | b | b | | test.cpp:11:6:11:12 | getThis | Const member function returns a pointer to class data $@. | test.cpp:11:36:11:39 | this | this | diff --git a/cpp/cert/test/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.expected b/cpp/cert/test/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.expected index 9259112890..209d81ba8b 100644 --- a/cpp/cert/test/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.expected +++ b/cpp/cert/test/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.expected @@ -1,12 +1,12 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:88,7-15) -WARNING: Module DataFlow has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:88,27-35) -WARNING: Module DataFlow has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:89,9-17) -WARNING: Module DataFlow has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:93,9-17) -WARNING: Module DataFlow has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:93,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:94,11-19) -WARNING: Module DataFlow has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:104,35-43) -WARNING: Module DataFlow has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:105,11-19) -WARNING: Module TaintTracking has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:104,9-22) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:88,7-15) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:88,27-35) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:89,9-17) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:93,9-17) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:93,29-37) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:94,11-19) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:104,35-43) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:105,11-19) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:104,9-22) | test.cpp:8:42:8:46 | call to begin | Output iterator for $@ is not guaranteed to be large enough for the input iterator. | test.cpp:8:3:8:11 | call to copy | call to copy | | test.cpp:17:42:17:46 | call to begin | Output iterator for $@ is not guaranteed to be large enough for the input iterator. | test.cpp:17:3:17:11 | call to copy | call to copy | | test.cpp:55:42:55:46 | call to begin | Output iterator for $@ is not guaranteed to be large enough for the input iterator. | test.cpp:55:3:55:11 | call to copy | call to copy | diff --git a/cpp/cert/test/rules/CTR53-CPP/UseValidIteratorRanges.expected b/cpp/cert/test/rules/CTR53-CPP/UseValidIteratorRanges.expected index 5730a54b2c..b5c36727f5 100644 --- a/cpp/cert/test/rules/CTR53-CPP/UseValidIteratorRanges.expected +++ b/cpp/cert/test/rules/CTR53-CPP/UseValidIteratorRanges.expected @@ -1,9 +1,9 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (UseValidIteratorRanges.ql:23,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (UseValidIteratorRanges.ql:23,25-33) -WARNING: Module DataFlow has been deprecated and may be removed in future (UseValidIteratorRanges.ql:24,7-15) -WARNING: Module DataFlow has been deprecated and may be removed in future (UseValidIteratorRanges.ql:30,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (UseValidIteratorRanges.ql:30,25-33) -WARNING: Module DataFlow has been deprecated and may be removed in future (UseValidIteratorRanges.ql:31,7-15) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (UseValidIteratorRanges.ql:23,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (UseValidIteratorRanges.ql:23,25-33) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (UseValidIteratorRanges.ql:24,7-15) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (UseValidIteratorRanges.ql:30,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (UseValidIteratorRanges.ql:30,25-33) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (UseValidIteratorRanges.ql:31,7-15) | test.cpp:7:3:7:15 | call to for_each | The $@ of iterator range function does not point to the end of an iterator. | test.cpp:7:28:7:32 | call to begin | argument | | test.cpp:7:3:7:15 | call to for_each | The $@ of iterator range function does not point to the start of an iterator. | test.cpp:7:19:7:21 | call to end | argument | | test.cpp:8:3:8:15 | call to for_each | The $@ of iterator range function does not point to the end of an iterator. | test.cpp:8:30:8:34 | call to begin | argument | diff --git a/cpp/cert/test/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.expected b/cpp/cert/test/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.expected index be69b2024d..0ba2fad433 100644 --- a/cpp/cert/test/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.expected +++ b/cpp/cert/test/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.expected @@ -1,12 +1,12 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:38,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:38,25-33) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:38,51-59) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:39,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:39,25-33) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:39,52-60) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:74,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:74,25-33) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:75,7-15) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:38,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:38,25-33) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:38,51-59) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:39,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:39,25-33) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:39,52-60) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:74,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:74,25-33) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:75,7-15) | test.cpp:8:7:8:7 | i | Increment of iterator may overflow since its bounds are not checked. | | test.cpp:9:9:9:9 | i | Increment of iterator may overflow since its bounds are not checked. | | test.cpp:10:9:10:9 | i | Increment of iterator may overflow since its bounds are not checked. | diff --git a/cpp/cert/test/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.expected b/cpp/cert/test/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.expected index 1f97f2ca40..59caaa22d8 100644 --- a/cpp/cert/test/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.expected +++ b/cpp/cert/test/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.expected @@ -1,7 +1,7 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnPolymorphicObjects.ql:41,62-70) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnPolymorphicObjects.ql:42,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnPolymorphicObjects.ql:51,20-28) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnPolymorphicObjects.ql:57,3-11) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnPolymorphicObjects.ql:41,62-70) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnPolymorphicObjects.ql:42,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnPolymorphicObjects.ql:51,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnPolymorphicObjects.ql:57,3-11) edges | test.cpp:15:19:15:21 | foo | test.cpp:16:24:16:26 | foo | provenance | | | test.cpp:15:19:15:21 | foo | test.cpp:16:51:16:53 | foo | provenance | | diff --git a/cpp/cert/test/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.expected b/cpp/cert/test/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.expected index 243602e104..00f1a6ba03 100644 --- a/cpp/cert/test/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.expected +++ b/cpp/cert/test/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.expected @@ -1,27 +1,27 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:24,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:24,59-67) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:27,33-41) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:27,57-65) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:31,33-41) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:31,59-67) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:40,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:40,25-33) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:40,53-61) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:43,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:43,57-65) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:52,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:52,55-63) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:59,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:59,57-65) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:71,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:71,55-63) -WARNING: Module TaintTracking has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:24,5-18) -WARNING: Module TaintTracking has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:27,7-20) -WARNING: Module TaintTracking has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:31,7-20) -WARNING: Module TaintTracking has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:43,5-18) -WARNING: Module TaintTracking has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:52,5-18) -WARNING: Module TaintTracking has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:59,5-18) -WARNING: Module TaintTracking has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:71,5-18) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:24,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:24,59-67) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:27,33-41) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:27,57-65) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:31,33-41) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:31,59-67) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:40,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:40,25-33) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:40,53-61) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:43,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:43,57-65) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:52,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:52,55-63) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:59,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:59,57-65) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:71,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:71,55-63) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:24,5-18) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:27,7-20) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:31,7-20) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:43,5-18) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:52,5-18) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:59,5-18) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:71,5-18) | test.cpp:82:3:82:4 | call to f2 | Depending on the order of evaluation for the arguments $@ and $@ for side effects on shared state is unspecified and can result in unexpected behavior. | test.cpp:82:6:82:7 | call to f5 | call to f5 | test.cpp:82:12:82:13 | call to f6 | call to f6 | | test.cpp:84:3:84:4 | call to f2 | Depending on the order of evaluation for the arguments $@ and $@ for side effects on shared state is unspecified and can result in unexpected behavior. | test.cpp:84:6:84:7 | call to f5 | call to f5 | test.cpp:84:12:84:13 | call to f7 | call to f7 | | test.cpp:87:3:87:4 | call to f2 | Depending on the order of evaluation for the arguments $@ and $@ for side effects on shared state is unspecified and can result in unexpected behavior. | test.cpp:87:9:87:10 | call to m1 | call to m1 | test.cpp:87:18:87:19 | call to m1 | call to m1 | diff --git a/cpp/cert/test/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.expected b/cpp/cert/test/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.expected index a3c0c08011..c271269ab8 100644 --- a/cpp/cert/test/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.expected +++ b/cpp/cert/test/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.expected @@ -1,7 +1,7 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:19,44-52) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:20,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:22,20-28) -WARNING: Module DataFlow has been deprecated and may be removed in future (DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:27,33-41) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:19,44-52) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:20,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:22,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:27,33-41) edges | test.cpp:6:19:6:37 | new[] | test.cpp:9:12:9:13 | l1 | provenance | | | test.cpp:7:22:7:40 | new[] | test.cpp:10:12:10:13 | l2 | provenance | | diff --git a/cpp/cert/test/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.expected b/cpp/cert/test/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.expected index b30e94a38e..b7b4891776 100644 --- a/cpp/cert/test/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.expected +++ b/cpp/cert/test/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.expected @@ -1,9 +1,9 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (DetectAndHandleMemoryAllocationErrors.ql:59,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (DetectAndHandleMemoryAllocationErrors.ql:61,36-44) -WARNING: Module DataFlow has been deprecated and may be removed in future (DetectAndHandleMemoryAllocationErrors.ql:77,46-54) -WARNING: Module DataFlow has been deprecated and may be removed in future (DetectAndHandleMemoryAllocationErrors.ql:78,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (DetectAndHandleMemoryAllocationErrors.ql:82,20-28) -WARNING: Module DataFlow has been deprecated and may be removed in future (DetectAndHandleMemoryAllocationErrors.ql:85,35-43) -WARNING: Module DataFlow has been deprecated and may be removed in future (DetectAndHandleMemoryAllocationErrors.ql:90,38-46) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DetectAndHandleMemoryAllocationErrors.ql:59,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DetectAndHandleMemoryAllocationErrors.ql:61,36-44) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DetectAndHandleMemoryAllocationErrors.ql:77,46-54) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DetectAndHandleMemoryAllocationErrors.ql:78,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DetectAndHandleMemoryAllocationErrors.ql:82,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DetectAndHandleMemoryAllocationErrors.ql:85,35-43) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DetectAndHandleMemoryAllocationErrors.ql:90,38-46) | test.cpp:24:7:24:34 | new | nothrow new allocation of $@ returns here without a subsequent check to see whether the pointer is valid. | test.cpp:24:7:24:34 | new | StructA * | | test.cpp:40:17:40:38 | call to allocate_without_check | nothrow new allocation of $@ returns here without a subsequent check to see whether the pointer is valid. | test.cpp:35:17:35:44 | new | StructA * | diff --git a/cpp/cert/test/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.expected b/cpp/cert/test/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.expected index adabb21674..3743c3d414 100644 --- a/cpp/cert/test/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.expected +++ b/cpp/cert/test/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.expected @@ -1,4 +1,4 @@ -WARNING: Module TaintTracking has been deprecated and may be removed in future (BadlySeededRandomNumberGenerator.ql:37,7-20) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (BadlySeededRandomNumberGenerator.ql:37,7-20) | test.cpp:9:33:9:33 | call to linear_congruential_engine | Random number generator linear_congruential_engine is default-initialized and is therefore not properly seeded. | | test.cpp:10:30:10:31 | call to linear_congruential_engine | Random number generator linear_congruential_engine is default-initialized and is therefore not properly seeded. | | test.cpp:11:21:11:22 | call to linear_congruential_engine | Random number generator linear_congruential_engine is default-initialized and is therefore not properly seeded. | From 159af6af51b8279a7ab2ccf0562b6437d0f5daed Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 19 Jun 2024 15:49:08 +0200 Subject: [PATCH 1832/2573] Fix integration error --- rules.csv | 110 +++++++++++++++++++++++++++--------------------------- 1 file changed, 55 insertions(+), 55 deletions(-) diff --git a/rules.csv b/rules.csv index 70eb09b59c..256b8e6ccf 100644 --- a/rules.csv +++ b/rules.csv @@ -787,36 +787,36 @@ cpp,MISRA-C++-2023,DIR-0-3-2,Yes,Required,,,A function call shall not violate th cpp,MISRA-C++-2023,RULE-4-1-1,Yes,Required,Undecidable,System,A program shall conform to ISO/IEC 14882:2017 (C++17),,,Hard, cpp,MISRA-C++-2023,RULE-4-1-2,Yes,Advisory,Decidable,Single Translation Unit,Deprecated features should not be used,,,Very Hard, cpp,MISRA-C++-2023,RULE-4-1-3,Yes,Required,Undecidable,System,There shall be no occurrence of undefined or critical unspecified behaviour,,,Very Hard, -cpp,MISRA-C++-2023,RULE-4-6-1,Yes,Required,Undecidable,System,Operations on a memory location shall be sequenced appropriately,RULE-13-2,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-4-6-1,Yes,Required,Undecidable,System,Operations on a memory location shall be sequenced appropriately,RULE-13-2,ImportMisra23-1,Import, cpp,MISRA-C++-2023,RULE-5-0-1,Yes,Advisory,Decidable,Single Translation Unit,Trigraph-like sequences should not be used,A2-5-1,,Very Hard, -cpp,MISRA-C++-2023,RULE-5-7-1,Yes,Required,Decidable,Single Translation Unit,The character sequence /* shall not be used within a C-style comment,M2-7-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-5-7-1,Yes,Required,Decidable,Single Translation Unit,The character sequence /* shall not be used within a C-style comment,M2-7-1,ImportMisra23-1,Import, cpp,MISRA-C++-2023,DIR-5-7-2,Yes,Advisory,,,Sections of code should not be “commented out”,A2-7-2,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-5-7-3,Yes,Required,Decidable,Single Translation Unit,Line-splicing shall not be used in // comments,A2-7-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-5-7-3,Yes,Required,Decidable,Single Translation Unit,Line-splicing shall not be used in // comments,A2-7-1,ImportMisra23-1,Import, cpp,MISRA-C++-2023,RULE-5-10-1,Yes,Required,Decidable,Single Translation Unit,User-defined identifiers shall have an appropriate form,,,Easy, -cpp,MISRA-C++-2023,RULE-5-13-1,Yes,Required,Decidable,Single Translation Unit,"In character literals and non-raw string literals, \ shall only be used to form a defined escape sequence or universal character name",A2-13-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-5-13-2,Yes,Required,Decidable,Single Translation Unit,"Octal escape sequences, hexadecimal escape sequences, and universal character names shall be terminated",RULE-4-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-5-13-3,Yes,Required,Decidable,Single Translation Unit,Octal constants shall not be used,RULE-7-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-5-13-4,Yes,Required,Decidable,Single Translation Unit,Unsigned integer literals shall be appropriately suffixed,M2-13-3,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-5-13-5,Yes,Required,Decidable,Single Translation Unit,The lowercase form of L shall not be used as the first character in a literal suffix,RULE-7-3,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-5-13-1,Yes,Required,Decidable,Single Translation Unit,"In character literals and non-raw string literals, \ shall only be used to form a defined escape sequence or universal character name",A2-13-1,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-5-13-2,Yes,Required,Decidable,Single Translation Unit,"Octal escape sequences, hexadecimal escape sequences, and universal character names shall be terminated",RULE-4-1,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-5-13-3,Yes,Required,Decidable,Single Translation Unit,Octal constants shall not be used,RULE-7-1,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-5-13-4,Yes,Required,Decidable,Single Translation Unit,Unsigned integer literals shall be appropriately suffixed,M2-13-3,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-5-13-5,Yes,Required,Decidable,Single Translation Unit,The lowercase form of L shall not be used as the first character in a literal suffix,RULE-7-3,ImportMisra23-1,Import, cpp,MISRA-C++-2023,RULE-5-13-6,Yes,Required,Decidable,Single Translation Unit,An integer-literal of type long long shall not use a single L or l in any suffix,,,Easy, cpp,MISRA-C++-2023,RULE-5-13-7,No,Required,Decidable,Single Translation Unit,String literals with different encoding prefixes shall not be concatenated,A2-13-2,,, cpp,MISRA-C++-2023,RULE-6-0-1,Yes,Required,Decidable,Single Translation Unit,Block scope declarations shall not be visually ambiguous,"M3-1-2,DCL53-CPP",,Easy, cpp,MISRA-C++-2023,RULE-6-0-2,Yes,Advisory,Decidable,Single Translation Unit,"When an array with external linkage is declared, its size should be explicitly specified",RULE-18-8,,Easy, -cpp,MISRA-C++-2023,RULE-6-0-3,Yes,Advisory,Decidable,Single Translation Unit,"The only declarations in the global namespace should be main, namespace declarations and extern ""C"" declarations",M7-3-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-6-0-4,Yes,Required,Decidable,Single Translation Unit,The identifier main shall not be used for a function other than the global function main,M7-3-2,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-6-0-3,Yes,Advisory,Decidable,Single Translation Unit,"The only declarations in the global namespace should be main, namespace declarations and extern ""C"" declarations",M7-3-1,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-6-0-4,Yes,Required,Decidable,Single Translation Unit,The identifier main shall not be used for a function other than the global function main,M7-3-2,ImportMisra23-1,Import, cpp,MISRA-C++-2023,RULE-6-2-1,Yes,Required,Decidable,System,The one-definition rule shall not be violated,M3-2-2,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-6-2-2,Yes,Required,Decidable,System,All declarations of a variable or function shall have the same type,"M3-9-1,DCL40-C",,Easy, cpp,MISRA-C++-2023,RULE-6-2-3,Yes,Required,Decidable,System,The source code used to implement an entity shall appear only once,,,Medium, cpp,MISRA-C++-2023,RULE-6-2-4,Yes,Required,Decidable,Single Translation Unit,A header file shall not contain definitions of functions or objects that are non-inline and have external linkage,,,Easy, cpp,MISRA-C++-2023,RULE-6-4-1,Yes,Required,Decidable,Single Translation Unit,A variable declared in an inner scope shall not hide a variable declared in an outer scope,A2-10-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-6-4-2,Yes,Required,Decidable,Single Translation Unit,Derived classes shall not conceal functions that are inherited from their bases,A7-3-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-6-4-3,Yes,Required,Decidable,Single Translation Unit,A name that is present in a dependent base shall not be resolved by unqualified lookup,M14-6-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-6-4-2,Yes,Required,Decidable,Single Translation Unit,Derived classes shall not conceal functions that are inherited from their bases,A7-3-1,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-6-4-3,Yes,Required,Decidable,Single Translation Unit,A name that is present in a dependent base shall not be resolved by unqualified lookup,M14-6-1,ImportMisra23-1,Import, cpp,MISRA-C++-2023,RULE-6-5-1,Yes,Advisory,Decidable,Single Translation Unit,A function or object with external linkage should be introduced in a header file,,,Medium, cpp,MISRA-C++-2023,RULE-6-5-2,Yes,Advisory,Decidable,Single Translation Unit,Internal linkage should be specified appropriately,,,Medium, cpp,MISRA-C++-2023,RULE-6-7-1,Yes,Required,Decidable,Single Translation Unit,Local variables shall not have static storage duration,,,Easy, cpp,MISRA-C++-2023,RULE-6-7-2,Yes,Required,Decidable,Single Translation Unit,Global variables shall not be used,,,Easy, cpp,MISRA-C++-2023,RULE-6-8-1,Yes,Required,Undecidable,System,An object shall not be accessed outside of its lifetime,A3-8-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-6-8-2,Yes,Mandatory,Decidable,Single Translation Unit,A function must not return a reference or a pointer to a local variable with automatic storage duration,M7-5-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-6-8-2,Yes,Mandatory,Decidable,Single Translation Unit,A function must not return a reference or a pointer to a local variable with automatic storage duration,M7-5-1,ImportMisra23-1,Import, cpp,MISRA-C++-2023,RULE-6-8-3,Yes,Required,Decidable,Single Translation Unit,An assignment operator shall not assign the address of an object with automatic storage duration to an object with a greater lifetime,,,Medium, cpp,MISRA-C++-2023,RULE-6-8-4,Yes,Advisory,Decidable,Single Translation Unit,Member functions returning references to their object should be refqualified appropriately,,,Medium, cpp,MISRA-C++-2023,RULE-6-9-1,Yes,Required,Decidable,Single Translation Unit,The same type aliases shall be used in all declarations of the same entity,,,Medium, @@ -827,8 +827,8 @@ cpp,MISRA-C++-2023,RULE-7-0-3,Yes,Required,Decidable,Single Translation Unit,The cpp,MISRA-C++-2023,RULE-7-0-4,Yes,Required,Decidable,Single Translation Unit,The operands of bitwise operators and shift operators shall be appropriate,RULE-10-1,,Medium, cpp,MISRA-C++-2023,RULE-7-0-5,Yes,Required,Decidable,Single Translation Unit,Integral promotion and the usual arithmetic conversions shall not change the signedness or the type category of an operand,"M5-0-4,M5-0-9,INT31-C",,Medium, cpp,MISRA-C++-2023,RULE-7-0-6,Yes,Required,Decidable,Single Translation Unit,Assignment between numeric types shall be appropriate,,,Hard, -cpp,MISRA-C++-2023,RULE-7-11-1,Yes,Required,Decidable,Single Translation Unit,nullptr shall be the only form of the null-pointer-constant,A4-10-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-7-11-2,Yes,Required,Decidable,Single Translation Unit,An array passed as a function argument shall not decay to a pointer,M5-2-12,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-7-11-1,Yes,Required,Decidable,Single Translation Unit,nullptr shall be the only form of the null-pointer-constant,A4-10-1,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-7-11-2,Yes,Required,Decidable,Single Translation Unit,An array passed as a function argument shall not decay to a pointer,M5-2-12,ImportMisra23-1,Import, cpp,MISRA-C++-2023,RULE-7-11-3,Yes,Required,Decidable,Single Translation Unit,A conversion from function type to pointer-to-function type shall only occur in appropriate contexts,,,Easy, cpp,MISRA-C++-2023,RULE-8-0-1,Yes,Advisory,Decidable,Single Translation Unit,Parentheses should be used to make the meaning of an expression appropriately explicit,M5-0-2,,Medium, cpp,MISRA-C++-2023,RULE-8-1-1,Yes,Required,Decidable,Single Translation Unit,A non-transient lambda shall not implicitly capture this,,,Easy, @@ -836,81 +836,81 @@ cpp,MISRA-C++-2023,RULE-8-1-2,Yes,Advisory,Decidable,Single Translation Unit,Var cpp,MISRA-C++-2023,RULE-8-2-1,Yes,Required,Decidable,Single Translation Unit,A virtual base class shall only be cast to a derived class by means of dynamic_cast,,,Easy, cpp,MISRA-C++-2023,RULE-8-2-2,Yes,Required,Decidable,Single Translation Unit,C-style casts and functional notation casts shall not be used,A5-2-2,,Easy, cpp,MISRA-C++-2023,RULE-8-2-3,Yes,Required,Decidable,Single Translation Unit,A cast shall not remove any const or volatile qualification from the type accessed via a pointer or by reference,A5-2-3,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-8-2-4,Yes,Required,Decidable,Single Translation Unit,Casts shall not be performed between a pointer to function and any other type,M5-2-6,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-8-2-5,Yes,Required,Decidable,Single Translation Unit,reinterpret_cast shall not be used,A5-2-4,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-8-2-4,Yes,Required,Decidable,Single Translation Unit,Casts shall not be performed between a pointer to function and any other type,M5-2-6,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-8-2-5,Yes,Required,Decidable,Single Translation Unit,reinterpret_cast shall not be used,A5-2-4,ImportMisra23-1,Import, cpp,MISRA-C++-2023,RULE-8-2-6,Yes,Required,Decidable,Single Translation Unit,"An object with integral, enumerated, or pointer to void type shall not be cast to a pointer type","RULE-11-6, INT36-C",,Easy, cpp,MISRA-C++-2023,RULE-8-2-7,Yes,Advisory,Decidable,Single Translation Unit,A cast should not convert a pointer type to an integral type,"RULE-11-6, INT36-C",,Easy, cpp,MISRA-C++-2023,RULE-8-2-8,Yes,Required,Decidable,Single Translation Unit,An object pointer type shall not be cast to an integral type other than std::uintptr_t or std::intptr_t,"RULE-11-6, INT36-C",,Easy, cpp,MISRA-C++-2023,RULE-8-2-9,Yes,Required,Decidable,Single Translation Unit,The operand to typeid shall not be an expression of polymorphic class type,,,Easy, -cpp,MISRA-C++-2023,RULE-8-2-10,Yes,Required,Undecidable,System,"Functions shall not call themselves, either directly or indirectly",A7-5-2,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-8-2-10,Yes,Required,Undecidable,System,"Functions shall not call themselves, either directly or indirectly",A7-5-2,ImportMisra23-1,Import, cpp,MISRA-C++-2023,RULE-8-2-11,Yes,Required,Decidable,Single Translation Unit,An argument passed via ellipsis shall have an appropriate type,,,Easy, -cpp,MISRA-C++-2023,RULE-8-3-1,Yes,Advisory,Decidable,Single Translation Unit,The built-in unary - operator should not be applied to an expression of unsigned type,M5-3-2,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-8-3-1,Yes,Advisory,Decidable,Single Translation Unit,The built-in unary - operator should not be applied to an expression of unsigned type,M5-3-2,ImportMisra23-1,Import, cpp,MISRA-C++-2023,RULE-8-3-2,Yes,Advisory,Decidable,Single Translation Unit,The built-in unary + operator should not be used,,,Easy, cpp,MISRA-C++-2023,RULE-8-7-1,Yes,Required,Undecidable,System,Pointer arithmetic shall not form an invalid pointer,ARR30-C,,Easy, cpp,MISRA-C++-2023,RULE-8-7-2,Yes,Required,Undecidable,System,Subtraction between pointers shall only be applied to pointers that address elements of the same array,ARR36-C,,Easy, cpp,MISRA-C++-2023,RULE-8-9-1,Yes,Required,Undecidable,System,"The built-in relational operators >, >=, < and <= shall not be applied to objects of pointer type, except where they point to elements of the same array",ARR36-C,,Easy, cpp,MISRA-C++-2023,RULE-8-14-1,Yes,Advisory,Undecidable,System,The right-hand operand of a logical && or operator should not contain persistent side effects,"M5-14-1, RULE-13-5",,Medium, cpp,MISRA-C++-2023,RULE-8-18-1,Yes,Mandatory,Undecidable,System,An object or subobject must not be copied to an overlapping object,"M0-2-1, RULE-19-1",,Hard, -cpp,MISRA-C++-2023,RULE-8-18-2,Yes,Advisory,Decidable,Single Translation Unit,The result of an assignment operator should not be used,RULE-13-4,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-8-19-1,Yes,Advisory,Decidable,Single Translation Unit,The comma operator should not be used,M15-8-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-8-20-1,Yes,Advisory,Decidable,Single Translation Unit,An unsigned arithmetic operation with constant operands should not wrap,INT30-C,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-8-18-2,Yes,Advisory,Decidable,Single Translation Unit,The result of an assignment operator should not be used,RULE-13-4,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-8-19-1,Yes,Advisory,Decidable,Single Translation Unit,The comma operator should not be used,M15-8-1,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-8-20-1,Yes,Advisory,Decidable,Single Translation Unit,An unsigned arithmetic operation with constant operands should not wrap,INT30-C,ImportMisra23-1,Import, cpp,MISRA-C++-2023,RULE-9-2-1,Yes,Required,Decidable,Single Translation Unit,An explicit type conversion shall not be an expression statement,DCL53-CPP,,Easy, -cpp,MISRA-C++-2023,RULE-9-3-1,Yes,Required,Decidable,Single Translation Unit,The body of an iteration-statement or a selection-statement shall be a compound-statement,RULE-15-6,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-9-3-1,Yes,Required,Decidable,Single Translation Unit,The body of an iteration-statement or a selection-statement shall be a compound-statement,RULE-15-6,ImportMisra23-1,Import, cpp,MISRA-C++-2023,RULE-9-4-1,Yes,Required,Decidable,Single Translation Unit,All if ... else if constructs shall be terminated with an else statement,RULE-15-7,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-9-4-2,Yes,Required,Decidable,Single Translation Unit,The structure of a switch statement shall be appropriate,"RULE-16-1, RULE-16-2,RULE-16-3,RULE-16-4,RULE-16-5,RULE-16-6,RULE-16-7",,Medium, cpp,MISRA-C++-2023,RULE-9-5-1,Yes,Advisory,Decidable,Single Translation Unit,Legacy for statements should be simple,,,Hard, cpp,MISRA-C++-2023,RULE-9-5-2,Yes,Required,Decidable,Single Translation Unit,A for-range-initializer shall contain at most one function call,,,Easy, -cpp,MISRA-C++-2023,RULE-9-6-1,Yes,Advisory,Decidable,Single Translation Unit,The goto statement should not be used,RULE-15-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-9-6-2,Yes,Required,Decidable,Single Translation Unit,A goto statement shall reference a label in a surrounding block,RULE-15-3,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-9-6-1,Yes,Advisory,Decidable,Single Translation Unit,The goto statement should not be used,RULE-15-1,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-9-6-2,Yes,Required,Decidable,Single Translation Unit,A goto statement shall reference a label in a surrounding block,RULE-15-3,ImportMisra23-1,Import, cpp,MISRA-C++-2023,RULE-9-6-3,Yes,Required,Decidable,Single Translation Unit,The goto statement shall jump to a label declared later in the function body,RULE-15-2,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-9-6-4,Yes,Required,Undecidable,System,A function declared with the [[noreturn]] attribute shall not return,MSC53-CPP,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-9-6-5,Yes,Required,Decidable,Single Translation Unit,A function with non-void return type shall return a value on all paths,MSC52-CPP,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-10-0-1,Yes,Advisory,Decidable,Single Translation Unit,A declaration should not declare more than one variable or member variable,M8-0-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-10-0-1,Yes,Advisory,Decidable,Single Translation Unit,A declaration should not declare more than one variable or member variable,M8-0-1,ImportMisra23-1,Import, cpp,MISRA-C++-2023,RULE-10-1-1,Yes,Advisory,Decidable,Single Translation Unit,The target type of a pointer or lvalue reference parameter should be const-qualified appropriately,RULE-8-13,,Hard, cpp,MISRA-C++-2023,RULE-10-1-2,Yes,Required,Decidable,Single Translation Unit,The volatile qualifier shall be used appropriately,,,Easy, -cpp,MISRA-C++-2023,RULE-10-2-1,Yes,Required,Decidable,Single Translation Unit,An enumeration shall be defined with an explicit underlying type,A7-2-2,ImportMisra23b,Import, +cpp,MISRA-C++-2023,RULE-10-2-1,Yes,Required,Decidable,Single Translation Unit,An enumeration shall be defined with an explicit underlying type,A7-2-2,ImportMisra23-1,Import, cpp,MISRA-C++-2023,RULE-10-2-2,Yes,Advisory,Decidable,Single Translation Unit,Unscoped enumerations should not be declared,A7-2-3,,Easy, cpp,MISRA-C++-2023,RULE-10-2-3,Yes,Required,Decidable,Single Translation Unit,The numeric value of an unscoped enumeration with no fixed underlying type shall not be used,A4-5-1,,Easy, cpp,MISRA-C++-2023,RULE-10-3-1,Yes,Advisory,Decidable,Single Translation Unit,There should be no unnamed namespaces in header files,"DCL59-CPP, M7-3-3",,Easy, -cpp,MISRA-C++-2023,RULE-10-4-1,Yes,Required,Decidable,Single Translation Unit,The asm declaration shall not be used,A7-4-1,ImportMisra23b,Import, +cpp,MISRA-C++-2023,RULE-10-4-1,Yes,Required,Decidable,Single Translation Unit,The asm declaration shall not be used,A7-4-1,ImportMisra23-1,Import, cpp,MISRA-C++-2023,RULE-11-3-1,Yes,Advisory,Decidable,Single Translation Unit,Variables of array type should not be declared,,,Easy, cpp,MISRA-C++-2023,RULE-11-3-2,Yes,Advisory,Decidable,Single Translation Unit,The declaration of an object should contain no more than two levels of pointer indirection,A5-0-3,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-11-6-1,Yes,Advisory,Decidable,Single Translation Unit,All variables should be initialized,,,Easy, cpp,MISRA-C++-2023,RULE-11-6-2,Yes,Mandatory,Undecidable,System,The value of an object must not be read before it has been set,A8-5-0,,Very Hard, -cpp,MISRA-C++-2023,RULE-11-6-3,Yes,Required,Decidable,Single Translation Unit,"Within an enumerator list, the value of an implicitly-specified enumeration constant shall be unique",RULE-8-12,ImportMisra23b,Import, +cpp,MISRA-C++-2023,RULE-11-6-3,Yes,Required,Decidable,Single Translation Unit,"Within an enumerator list, the value of an implicitly-specified enumeration constant shall be unique",RULE-8-12,ImportMisra23-1,Import, cpp,MISRA-C++-2023,RULE-12-2-1,Yes,Advisory,Decidable,Single Translation Unit,Bit-fields should not be declared,A9-6-2,,Easy, -cpp,MISRA-C++-2023,RULE-12-2-2,Yes,Required,Decidable,Single Translation Unit,A bit-field shall have an appropriate type,RULE-6-1,ImportMisra23b,Import, -cpp,MISRA-C++-2023,RULE-12-2-3,Yes,Required,Decidable,Single Translation Unit,A named bit-field with signed integer type shall not have a length of one bit,"RULE-6-2, M9-6-4",ImportMisra23b,Import, +cpp,MISRA-C++-2023,RULE-12-2-2,Yes,Required,Decidable,Single Translation Unit,A bit-field shall have an appropriate type,RULE-6-1,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-12-2-3,Yes,Required,Decidable,Single Translation Unit,A named bit-field with signed integer type shall not have a length of one bit,"RULE-6-2, M9-6-4",ImportMisra23-1,Import, cpp,MISRA-C++-2023,RULE-12-3-1,Yes,Required,Decidable,Single Translation Unit,The union keyword shall not be used,RULE-19-2,,Easy, cpp,MISRA-C++-2023,RULE-13-1-1,Yes,Advisory,Decidable,Single Translation Unit,Classes should not be inherited virtually,,,Easy, -cpp,MISRA-C++-2023,RULE-13-1-2,Yes,Required,Decidable,Single Translation Unit,An accessible base class shall not be both virtual and non-virtual in the same hierarchy,M10-1-3,ImportMisra23b,Import, +cpp,MISRA-C++-2023,RULE-13-1-2,Yes,Required,Decidable,Single Translation Unit,An accessible base class shall not be both virtual and non-virtual in the same hierarchy,M10-1-3,ImportMisra23-1,Import, cpp,MISRA-C++-2023,RULE-13-3-1,Yes,Required,Decidable,Single Translation Unit,"User-declared member functions shall use the virtual, override and final specifiers appropriately",,,Easy, -cpp,MISRA-C++-2023,RULE-13-3-2,Yes,Required,Decidable,Single Translation Unit,Parameters in an overriding virtual function shall not specify different default arguments,M8-3-1,ImportMisra23b,Import, -cpp,MISRA-C++-2023,RULE-13-3-3,Yes,Required,Decidable,System,The parameters in all declarations or overrides of a function shall either be unnamed or have identical names,A15-1-2,ImportMisra23b,Import, -cpp,MISRA-C++-2023,RULE-13-3-4,Yes,Required,Decidable,Single Translation Unit,A comparison of a potentially virtual pointer to member function shall only be with nullptr,A5-10-1,ImportMisra23b,Import, +cpp,MISRA-C++-2023,RULE-13-3-2,Yes,Required,Decidable,Single Translation Unit,Parameters in an overriding virtual function shall not specify different default arguments,M8-3-1,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-13-3-3,Yes,Required,Decidable,System,The parameters in all declarations or overrides of a function shall either be unnamed or have identical names,A15-1-2,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-13-3-4,Yes,Required,Decidable,Single Translation Unit,A comparison of a potentially virtual pointer to member function shall only be with nullptr,A5-10-1,ImportMisra23-1,Import, cpp,MISRA-C++-2023,RULE-14-1-1,Yes,Advisory,Decidable,Single Translation Unit,Non-static data members should be either all private or all public,,,Easy, cpp,MISRA-C++-2023,RULE-15-0-1,Yes,Required,Decidable,Single Translation Unit,Special member functions shall be provided appropriately,A12-0-1,,Medium, cpp,MISRA-C++-2023,RULE-15-0-2,Yes,Advisory,Decidable,Single Translation Unit,User-provided copy and move member functions of a class should have appropriate signatures,,,Easy, -cpp,MISRA-C++-2023,RULE-15-1-1,Yes,Required,Undecidable,System,An object’s dynamic type shall not be used from within its constructor or destructor,M12-1-1,ImportMisra23b,Import, -cpp,MISRA-C++-2023,RULE-15-1-2,Yes,Advisory,Decidable,Single Translation Unit,All constructors of a class should explicitly initialize all of its virtual base classes and immediate base classes,A12-1-1,ImportMisra23b,Import, +cpp,MISRA-C++-2023,RULE-15-1-1,Yes,Required,Undecidable,System,An object’s dynamic type shall not be used from within its constructor or destructor,M12-1-1,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-15-1-2,Yes,Advisory,Decidable,Single Translation Unit,All constructors of a class should explicitly initialize all of its virtual base classes and immediate base classes,A12-1-1,ImportMisra23-1,Import, cpp,MISRA-C++-2023,RULE-15-1-3,Yes,Required,Decidable,Single Translation Unit,Conversion operators and constructors that are callable with a single argument shall be explicit,"A12-1-4,A13-5-2",,Easy, cpp,MISRA-C++-2023,RULE-15-1-4,Yes,Advisory,Decidable,Single Translation Unit,"All direct, non-static data members of a class should be initialized before the class object is accessible",,,Hard, -cpp,MISRA-C++-2023,RULE-15-1-5,Yes,Required,Decidable,Single Translation Unit,A class shall only define an initializer-list constructor when it is the only constructor,A8-5-4,ImportMisra23b,Import, -cpp,MISRA-C++-2023,DIR-15-8-1,Yes,Required,Decidable,Implementation,User-provided copy assignment operators and move assignment operators shall handle self-assignment,A12-8-5,ImportMisra23b,Import, +cpp,MISRA-C++-2023,RULE-15-1-5,Yes,Required,Decidable,Single Translation Unit,A class shall only define an initializer-list constructor when it is the only constructor,A8-5-4,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,DIR-15-8-1,Yes,Required,Decidable,Implementation,User-provided copy assignment operators and move assignment operators shall handle self-assignment,A12-8-5,ImportMisra23-1,Import, cpp,MISRA-C++-2023,RULE-16-5-1,Yes,Required,Decidable,Single Translation Unit,The logical AND and logical OR operators shall not be overloaded,M5-2-11,,Easy, -cpp,MISRA-C++-2023,RULE-16-5-2,Yes,Required,Decidable,Single Translation Unit,The address-of operator shall not be overloaded,M5-3-3,ImportMisra23b,Import, +cpp,MISRA-C++-2023,RULE-16-5-2,Yes,Required,Decidable,Single Translation Unit,The address-of operator shall not be overloaded,M5-3-3,ImportMisra23-1,Import, cpp,MISRA-C++-2023,RULE-16-6-1,Yes,Advisory,Decidable,Single Translation Unit,Symmetrical operators should only be implemented as non-member functions,,,Medium, -cpp,MISRA-C++-2023,RULE-17-8-1,Yes,Required,Decidable,Single Translation Unit,Function templates shall not be explicitly specialized,A14-8-2,ImportMisra23b,Import, -cpp,MISRA-C++-2023,RULE-18-1-1,Yes,Required,Decidable,Single Translation Unit,An exception object shall not have pointer type,A15-1-2,ImportMisra23b,Import, -cpp,MISRA-C++-2023,RULE-18-1-2,Yes,Required,Decidable,Single Translation Unit,An empty throw shall only occur within the compound-statement of a catch handler,M15-1-3,ImportMisra23b,Import, +cpp,MISRA-C++-2023,RULE-17-8-1,Yes,Required,Decidable,Single Translation Unit,Function templates shall not be explicitly specialized,A14-8-2,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-18-1-1,Yes,Required,Decidable,Single Translation Unit,An exception object shall not have pointer type,A15-1-2,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-18-1-2,Yes,Required,Decidable,Single Translation Unit,An empty throw shall only occur within the compound-statement of a catch handler,M15-1-3,ImportMisra23-1,Import, cpp,MISRA-C++-2023,RULE-18-3-1,Yes,Advisory,Decidable,Single Translation Unit,There should be at least one exception handler to catch all otherwise unhandled exceptions,A15-3-3,,Easy, cpp,MISRA-C++-2023,RULE-18-3-2,Yes,Required,Decidable,Single Translation Unit,An exception of class type shall be caught by const reference or reference,A15-3-5,,Easy, cpp,MISRA-C++-2023,RULE-18-3-3,Yes,Required,Decidable,Single Translation Unit,Handlers for a function-try-block of a constructor or destructor shall not refer to non-static members from their class or its bases,M15-3-3,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-18-4-1,Yes,Required,Decidable,Single Translation Unit,Exception-unfriendly functions shall be noexcept,A15-5-1,,Easy, -cpp,MISRA-C++-2023,RULE-18-5-1,Yes,Advisory,Undecidable,System,A noexcept function should not attempt to propagate an exception to the calling function,A15-4-2,ImportMisra23b,Import, +cpp,MISRA-C++-2023,RULE-18-5-1,Yes,Advisory,Undecidable,System,A noexcept function should not attempt to propagate an exception to the calling function,A15-4-2,ImportMisra23-1,Import, cpp,MISRA-C++-2023,RULE-18-5-2,Yes,Advisory,Decidable,Single Translation Unit,Program-terminating functions should not be used,,,Easy, cpp,MISRA-C++-2023,RULE-19-0-1,No,Required,Decidable,Single Translation Unit,A line whose first token is # shall be a valid preprocessing directive,,,, -cpp,MISRA-C++-2023,RULE-19-0-2,Yes,Required,Decidable,Single Translation Unit,Function-like macros shall not be defined,DIR-4-9,ImportMisra23b,Import, +cpp,MISRA-C++-2023,RULE-19-0-2,Yes,Required,Decidable,Single Translation Unit,Function-like macros shall not be defined,DIR-4-9,ImportMisra23-1,Import, cpp,MISRA-C++-2023,RULE-19-0-3,Yes,Advisory,Decidable,Single Translation Unit,#include directives should only be preceded by preprocessor directives or comments,RULE-20-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-19-0-4,Yes,Advisory,Decidable,Single Translation Unit,#undef should only be used for macros defined previously in the same file,,,Easy, cpp,MISRA-C++-2023,RULE-19-1-1,Yes,Required,Decidable,Single Translation Unit,The defined preprocessor operator shall be used appropriately,M16-1-1,,Easy, @@ -920,23 +920,23 @@ cpp,MISRA-C++-2023,RULE-19-2-1,Yes,Required,Decidable,Single Translation Unit,Pr cpp,MISRA-C++-2023,RULE-19-2-2,Yes,Required,Decidable,Single Translation Unit,"The #include directive shall be followed by either a or ""filename"" sequence",,,Easy, cpp,MISRA-C++-2023,RULE-19-2-3,Yes,Required,Decidable,Single Translation Unit,"The ' or "" or \ characters and the /* or // character sequences shall not occur in a header file name",A16-2-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-19-3-1,Yes,Advisory,Decidable,Single Translation Unit,The # and ## preprocessor operators should not be used,M16-3-2,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-19-3-2,Yes,Required,Decidable,Single Translation Unit,A macro parameter immediately following a # operator shall not be immediately followed by a ## operator,RULE-20-11,ImportMisra23b,Import, -cpp,MISRA-C++-2023,RULE-19-3-3,Yes,Required,Decidable,Single Translation Unit,The argument to a mixed-use macro parameter shall not be subject to further expansion,RULE-20-12,ImportMisra23b,Import, +cpp,MISRA-C++-2023,RULE-19-3-2,Yes,Required,Decidable,Single Translation Unit,A macro parameter immediately following a # operator shall not be immediately followed by a ## operator,RULE-20-11,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-19-3-3,Yes,Required,Decidable,Single Translation Unit,The argument to a mixed-use macro parameter shall not be subject to further expansion,RULE-20-12,ImportMisra23-1,Import, cpp,MISRA-C++-2023,RULE-19-3-4,Yes,Required,Decidable,Single Translation Unit,Parentheses shall be used to ensure macro arguments are expanded appropriately,M16-0-6,,Medium, cpp,MISRA-C++-2023,RULE-19-3-5,Yes,Required,Decidable,Single Translation Unit,Tokens that look like a preprocessing directive shall not occur within a macro argument,RULE-20-6,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-19-6-1,Yes,Advisory,Decidable,Single Translation Unit,The #pragma directive and the _Pragma operator should not be used,A16-7-1,,Easy, -cpp,MISRA-C++-2023,RULE-21-2-1,Yes,Required,Decidable,Single Translation Unit,"The library functions atof, atoi, atol and atoll from shall not be used",RULE-21-7,ImportMisra23b,Import, +cpp,MISRA-C++-2023,RULE-21-2-1,Yes,Required,Decidable,Single Translation Unit,"The library functions atof, atoi, atol and atoll from shall not be used",RULE-21-7,ImportMisra23-1,Import, cpp,MISRA-C++-2023,RULE-21-2-2,Yes,Required,Decidable,Single Translation Unit,"The string handling functions from , , and shall not be used",M18-0-5,,Easy, cpp,MISRA-C++-2023,RULE-21-2-3,Yes,Required,Decidable,Single Translation Unit,The library function system from shall not be used,M18-0-3,,Easy, -cpp,MISRA-C++-2023,RULE-21-2-4,Yes,Required,Decidable,Single Translation Unit,The macro offsetof shall not be used,M18-2-1,ImportMisra23b,Import, +cpp,MISRA-C++-2023,RULE-21-2-4,Yes,Required,Decidable,Single Translation Unit,The macro offsetof shall not be used,M18-2-1,ImportMisra23-1,Import, cpp,MISRA-C++-2023,RULE-21-6-1,Yes,Advisory,Undecidable,Single Translation Unit,Dynamic memory should not be used,DIR-4-12,,Easy, cpp,MISRA-C++-2023,RULE-21-6-2,Yes,Required,Decidable,Single Translation Unit,Dynamic memory shall be managed automatically,,,Easy, cpp,MISRA-C++-2023,RULE-21-6-3,Yes,Required,Decidable,Single Translation Unit,Advanced memory management shall not be used,,,Medium, -cpp,MISRA-C++-2023,RULE-21-6-4,Yes,Required,Decidable,System,"If a project defines either a sized or unsized version of a global operator delete, then both shall be defined",A18-5-4,ImportMisra23b,Import, +cpp,MISRA-C++-2023,RULE-21-6-4,Yes,Required,Decidable,System,"If a project defines either a sized or unsized version of a global operator delete, then both shall be defined",A18-5-4,ImportMisra23-1,Import, cpp,MISRA-C++-2023,RULE-21-6-5,Yes,Required,Decidable,Single Translation Unit,A pointer to an incomplete class type shall not be deleted,A5-3-3,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-21-10-1,Yes,Required,Decidable,Single Translation Unit,The features of shall not be used,DCL50-CPP,,Easy, cpp,MISRA-C++-2023,RULE-21-10-2,Yes,Required,Decidable,Single Translation Unit,The standard header file shall not be used,ERR52-CPP,,Easy, -cpp,MISRA-C++-2023,RULE-21-10-3,Yes,Required,Decidable,Single Translation Unit,The facilities provided by the standard header file shall not be used,M18-7-1,ImportMisra23b,Import, +cpp,MISRA-C++-2023,RULE-21-10-3,Yes,Required,Decidable,Single Translation Unit,The facilities provided by the standard header file shall not be used,M18-7-1,ImportMisra23-1,Import, cpp,MISRA-C++-2023,RULE-22-3-1,Yes,Required,Decidable,Single Translation Unit,The assert macro shall not be used with a constant-expression,,,Easy, cpp,MISRA-C++-2023,RULE-22-4-1,Yes,Required,Decidable,Single Translation Unit,The literal value zero shall be the only value assigned to errno,,,Easy, cpp,MISRA-C++-2023,RULE-23-11-1,Yes,Advisory,Decidable,Single Translation Unit,The raw pointer constructors of std::shared_ptr and std::unique_ptr should not be used,,,Easy, @@ -944,12 +944,12 @@ cpp,MISRA-C++-2023,RULE-24-5-1,Yes,Required,Decidable,Single Translation Unit,Th cpp,MISRA-C++-2023,RULE-24-5-2,Yes,Required,Decidable,Single Translation Unit,"The C++ Standard Library functions memcpy, memmove and memcmp from shall not be used",,,Easy, cpp,MISRA-C++-2023,RULE-25-5-1,Yes,Required,Decidable,Single Translation Unit,The setlocale and std::locale::global functions shall not be called,,,Easy, cpp,MISRA-C++-2023,RULE-25-5-2,Yes,Mandatory,Decidable,Single Translation Unit,"The pointers returned by the C++ Standard Library functions localeconv, getenv, setlocale or strerror must only be used as if they have pointer to const-qualified type",RULE-21-19,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-25-5-3,Yes,Mandatory,Undecidable,System,"The pointer returned by the C++ Standard Library functions asctime, ctime, gmtime, localtime, localeconv, getenv, setlocale or strerror must not be used following a subsequent call to the same function",RULE-21-20,ImportMisra23b,Import, -cpp,MISRA-C++-2023,RULE-26-3-1,Yes,Advisory,Decidable,Single Translation Unit,std::vector should not be specialized with bool,A18-1-2,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-25-5-3,Yes,Mandatory,Undecidable,System,"The pointer returned by the C++ Standard Library functions asctime, ctime, gmtime, localtime, localeconv, getenv, setlocale or strerror must not be used following a subsequent call to the same function",RULE-21-20,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-26-3-1,Yes,Advisory,Decidable,Single Translation Unit,std::vector should not be specialized with bool,A18-1-2,ImportMisra23-1,Import, cpp,MISRA-C++-2023,RULE-28-3-1,Yes,Required,Undecidable,System,Predicates shall not have persistent side effects,A25-1-1,,Easy, cpp,MISRA-C++-2023,RULE-28-6-1,Yes,Required,Decidable,Single Translation Unit,The argument to std::move shall be a non-const lvalue,A18-9-3,,Easy, -cpp,MISRA-C++-2023,RULE-28-6-2,Yes,Required,Decidable,Single Translation Unit,Forwarding references and std::forward shall be used together,A18-9-2,ImportMisra23b,Import, +cpp,MISRA-C++-2023,RULE-28-6-2,Yes,Required,Decidable,Single Translation Unit,Forwarding references and std::forward shall be used together,A18-9-2,ImportMisra23-1,Import, cpp,MISRA-C++-2023,RULE-28-6-3,Yes,Required,Decidable,Single Translation Unit,An object shall not be used while in a potentially moved-from state,A12-8-3,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-28-6-4,Yes,Required,Decidable,Single Translation Unit,"The result of std::remove, std::remove_if, std::unique and empty shall be used",,,Easy, -cpp,MISRA-C++-2023,RULE-30-0-1,Yes,Required,Decidable,Single Translation Unit,The C Library input/output functions shall not be used,M27-0-1,ImportMisra23b,Import, +cpp,MISRA-C++-2023,RULE-30-0-1,Yes,Required,Decidable,Single Translation Unit,The C Library input/output functions shall not be used,M27-0-1,ImportMisra23-1,Import, cpp,MISRA-C++-2023,RULE-30-0-2,Yes,Required,Undecidable,System,Reads and writes on the same file stream shall be separated by a positioning operation,A27-0-3,ImportMisra23,Import, From bb72ffb6056f65e1454d8e26909721f40ebd84b1 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 19 Jun 2024 16:08:21 +0200 Subject: [PATCH 1833/2573] Fix integration --- cpp/misra/src/rules/RULE-9-4-1/IfElseIfEndCondition.ql | 2 +- rule_packages/cpp/ImportMisra23.json | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/cpp/misra/src/rules/RULE-9-4-1/IfElseIfEndCondition.ql b/cpp/misra/src/rules/RULE-9-4-1/IfElseIfEndCondition.ql index e74de3544f..a41b40be91 100644 --- a/cpp/misra/src/rules/RULE-9-4-1/IfElseIfEndCondition.ql +++ b/cpp/misra/src/rules/RULE-9-4-1/IfElseIfEndCondition.ql @@ -1,6 +1,6 @@ /** * @id cpp/misra/if-else-if-end-condition - * @name RULE-9-4-1: All if + * @name RULE-9-4-1: All if ... else if constructs shall be terminated with an else statement. * @description All if ... else if constructs shall be terminated with an else statement. * @kind problem * @precision very-high diff --git a/rule_packages/cpp/ImportMisra23.json b/rule_packages/cpp/ImportMisra23.json index ae2dd37ea5..7ac5e23e01 100644 --- a/rule_packages/cpp/ImportMisra23.json +++ b/rule_packages/cpp/ImportMisra23.json @@ -133,7 +133,7 @@ { "description": "All if ... else if constructs shall be terminated with an else statement.", "kind": "problem", - "name": "All if ", + "name": "All if ... else if constructs shall be terminated with an else statement.", "precision": "very-high", "severity": "error", "short_name": "IfElseIfEndCondition", @@ -405,7 +405,7 @@ "queries": [ { "description": "The pointers returned by the C++ Standard Library functions localeconv, getenv, setlocale or strerror must only be used as if they have pointer to const-qualified type.", - "kind": "problem", + "kind": "path-problem", "name": "The pointers returned by environment functions should be treated as const", "precision": "very-high", "severity": "error", From d8d003a8725fa116ba539339f8b667b5260b2bf7 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 19 Jun 2024 16:15:54 +0200 Subject: [PATCH 1834/2573] Fix integration --- rule_packages/cpp/ImportMisra23.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rule_packages/cpp/ImportMisra23.json b/rule_packages/cpp/ImportMisra23.json index 7ac5e23e01..ced7198cff 100644 --- a/rule_packages/cpp/ImportMisra23.json +++ b/rule_packages/cpp/ImportMisra23.json @@ -133,7 +133,7 @@ { "description": "All if ... else if constructs shall be terminated with an else statement.", "kind": "problem", - "name": "All if ... else if constructs shall be terminated with an else statement.", + "name": "All if ... else if constructs shall be terminated with an else statement", "precision": "very-high", "severity": "error", "short_name": "IfElseIfEndCondition", From 803008e190a26eccad59a129b5d6ad1497ee166f Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 19 Jun 2024 16:20:52 +0200 Subject: [PATCH 1835/2573] Fix integration --- cpp/misra/src/rules/RULE-9-4-1/IfElseIfEndCondition.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/misra/src/rules/RULE-9-4-1/IfElseIfEndCondition.ql b/cpp/misra/src/rules/RULE-9-4-1/IfElseIfEndCondition.ql index a41b40be91..5ce6ab6487 100644 --- a/cpp/misra/src/rules/RULE-9-4-1/IfElseIfEndCondition.ql +++ b/cpp/misra/src/rules/RULE-9-4-1/IfElseIfEndCondition.ql @@ -1,6 +1,6 @@ /** * @id cpp/misra/if-else-if-end-condition - * @name RULE-9-4-1: All if ... else if constructs shall be terminated with an else statement. + * @name RULE-9-4-1: All if ... else if constructs shall be terminated with an else statement * @description All if ... else if constructs shall be terminated with an else statement. * @kind problem * @precision very-high From a98aea3b442f594fe90a1ae3fa4b152a926caec9 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Fri, 21 Jun 2024 14:57:58 +0200 Subject: [PATCH 1836/2573] Create 2024-06-21-misra-cpp-2023-support.md --- change_notes/2024-06-21-misra-cpp-2023-support.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 change_notes/2024-06-21-misra-cpp-2023-support.md diff --git a/change_notes/2024-06-21-misra-cpp-2023-support.md b/change_notes/2024-06-21-misra-cpp-2023-support.md new file mode 100644 index 0000000000..e314d447fa --- /dev/null +++ b/change_notes/2024-06-21-misra-cpp-2023-support.md @@ -0,0 +1,2 @@ +- `MISRA C++ 2023`: + - Extend the project structure and provide initial support for query writing. From 9ebddf79a332d260123b7aef76ac3a09ec9a84f8 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Fri, 21 Jun 2024 15:07:11 +0200 Subject: [PATCH 1837/2573] Update rules.csv --- rules.csv | 108 +++++++++++++++++++++++++++--------------------------- 1 file changed, 54 insertions(+), 54 deletions(-) diff --git a/rules.csv b/rules.csv index 256b8e6ccf..7130070f75 100644 --- a/rules.csv +++ b/rules.csv @@ -787,36 +787,36 @@ cpp,MISRA-C++-2023,DIR-0-3-2,Yes,Required,,,A function call shall not violate th cpp,MISRA-C++-2023,RULE-4-1-1,Yes,Required,Undecidable,System,A program shall conform to ISO/IEC 14882:2017 (C++17),,,Hard, cpp,MISRA-C++-2023,RULE-4-1-2,Yes,Advisory,Decidable,Single Translation Unit,Deprecated features should not be used,,,Very Hard, cpp,MISRA-C++-2023,RULE-4-1-3,Yes,Required,Undecidable,System,There shall be no occurrence of undefined or critical unspecified behaviour,,,Very Hard, -cpp,MISRA-C++-2023,RULE-4-6-1,Yes,Required,Undecidable,System,Operations on a memory location shall be sequenced appropriately,RULE-13-2,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-4-6-1,Yes,Required,Undecidable,System,Operations on a memory location shall be sequenced appropriately,RULE-13-2,,Import, cpp,MISRA-C++-2023,RULE-5-0-1,Yes,Advisory,Decidable,Single Translation Unit,Trigraph-like sequences should not be used,A2-5-1,,Very Hard, -cpp,MISRA-C++-2023,RULE-5-7-1,Yes,Required,Decidable,Single Translation Unit,The character sequence /* shall not be used within a C-style comment,M2-7-1,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-5-7-1,Yes,Required,Decidable,Single Translation Unit,The character sequence /* shall not be used within a C-style comment,M2-7-1,,Import, cpp,MISRA-C++-2023,DIR-5-7-2,Yes,Advisory,,,Sections of code should not be “commented out”,A2-7-2,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-5-7-3,Yes,Required,Decidable,Single Translation Unit,Line-splicing shall not be used in // comments,A2-7-1,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-5-7-3,Yes,Required,Decidable,Single Translation Unit,Line-splicing shall not be used in // comments,A2-7-1,,Import, cpp,MISRA-C++-2023,RULE-5-10-1,Yes,Required,Decidable,Single Translation Unit,User-defined identifiers shall have an appropriate form,,,Easy, -cpp,MISRA-C++-2023,RULE-5-13-1,Yes,Required,Decidable,Single Translation Unit,"In character literals and non-raw string literals, \ shall only be used to form a defined escape sequence or universal character name",A2-13-1,ImportMisra23-1,Import, -cpp,MISRA-C++-2023,RULE-5-13-2,Yes,Required,Decidable,Single Translation Unit,"Octal escape sequences, hexadecimal escape sequences, and universal character names shall be terminated",RULE-4-1,ImportMisra23-1,Import, -cpp,MISRA-C++-2023,RULE-5-13-3,Yes,Required,Decidable,Single Translation Unit,Octal constants shall not be used,RULE-7-1,ImportMisra23-1,Import, -cpp,MISRA-C++-2023,RULE-5-13-4,Yes,Required,Decidable,Single Translation Unit,Unsigned integer literals shall be appropriately suffixed,M2-13-3,ImportMisra23-1,Import, -cpp,MISRA-C++-2023,RULE-5-13-5,Yes,Required,Decidable,Single Translation Unit,The lowercase form of L shall not be used as the first character in a literal suffix,RULE-7-3,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-5-13-1,Yes,Required,Decidable,Single Translation Unit,"In character literals and non-raw string literals, \ shall only be used to form a defined escape sequence or universal character name",A2-13-1,,Import, +cpp,MISRA-C++-2023,RULE-5-13-2,Yes,Required,Decidable,Single Translation Unit,"Octal escape sequences, hexadecimal escape sequences, and universal character names shall be terminated",RULE-4-1,,Import, +cpp,MISRA-C++-2023,RULE-5-13-3,Yes,Required,Decidable,Single Translation Unit,Octal constants shall not be used,RULE-7-1,,Import, +cpp,MISRA-C++-2023,RULE-5-13-4,Yes,Required,Decidable,Single Translation Unit,Unsigned integer literals shall be appropriately suffixed,M2-13-3,,Import, +cpp,MISRA-C++-2023,RULE-5-13-5,Yes,Required,Decidable,Single Translation Unit,The lowercase form of L shall not be used as the first character in a literal suffix,RULE-7-3,,Import, cpp,MISRA-C++-2023,RULE-5-13-6,Yes,Required,Decidable,Single Translation Unit,An integer-literal of type long long shall not use a single L or l in any suffix,,,Easy, cpp,MISRA-C++-2023,RULE-5-13-7,No,Required,Decidable,Single Translation Unit,String literals with different encoding prefixes shall not be concatenated,A2-13-2,,, cpp,MISRA-C++-2023,RULE-6-0-1,Yes,Required,Decidable,Single Translation Unit,Block scope declarations shall not be visually ambiguous,"M3-1-2,DCL53-CPP",,Easy, cpp,MISRA-C++-2023,RULE-6-0-2,Yes,Advisory,Decidable,Single Translation Unit,"When an array with external linkage is declared, its size should be explicitly specified",RULE-18-8,,Easy, -cpp,MISRA-C++-2023,RULE-6-0-3,Yes,Advisory,Decidable,Single Translation Unit,"The only declarations in the global namespace should be main, namespace declarations and extern ""C"" declarations",M7-3-1,ImportMisra23-1,Import, -cpp,MISRA-C++-2023,RULE-6-0-4,Yes,Required,Decidable,Single Translation Unit,The identifier main shall not be used for a function other than the global function main,M7-3-2,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-6-0-3,Yes,Advisory,Decidable,Single Translation Unit,"The only declarations in the global namespace should be main, namespace declarations and extern ""C"" declarations",M7-3-1,,Import, +cpp,MISRA-C++-2023,RULE-6-0-4,Yes,Required,Decidable,Single Translation Unit,The identifier main shall not be used for a function other than the global function main,M7-3-2,,Import, cpp,MISRA-C++-2023,RULE-6-2-1,Yes,Required,Decidable,System,The one-definition rule shall not be violated,M3-2-2,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-6-2-2,Yes,Required,Decidable,System,All declarations of a variable or function shall have the same type,"M3-9-1,DCL40-C",,Easy, cpp,MISRA-C++-2023,RULE-6-2-3,Yes,Required,Decidable,System,The source code used to implement an entity shall appear only once,,,Medium, cpp,MISRA-C++-2023,RULE-6-2-4,Yes,Required,Decidable,Single Translation Unit,A header file shall not contain definitions of functions or objects that are non-inline and have external linkage,,,Easy, cpp,MISRA-C++-2023,RULE-6-4-1,Yes,Required,Decidable,Single Translation Unit,A variable declared in an inner scope shall not hide a variable declared in an outer scope,A2-10-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-6-4-2,Yes,Required,Decidable,Single Translation Unit,Derived classes shall not conceal functions that are inherited from their bases,A7-3-1,ImportMisra23-1,Import, -cpp,MISRA-C++-2023,RULE-6-4-3,Yes,Required,Decidable,Single Translation Unit,A name that is present in a dependent base shall not be resolved by unqualified lookup,M14-6-1,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-6-4-2,Yes,Required,Decidable,Single Translation Unit,Derived classes shall not conceal functions that are inherited from their bases,A7-3-1,,Import, +cpp,MISRA-C++-2023,RULE-6-4-3,Yes,Required,Decidable,Single Translation Unit,A name that is present in a dependent base shall not be resolved by unqualified lookup,M14-6-1,,Import, cpp,MISRA-C++-2023,RULE-6-5-1,Yes,Advisory,Decidable,Single Translation Unit,A function or object with external linkage should be introduced in a header file,,,Medium, cpp,MISRA-C++-2023,RULE-6-5-2,Yes,Advisory,Decidable,Single Translation Unit,Internal linkage should be specified appropriately,,,Medium, cpp,MISRA-C++-2023,RULE-6-7-1,Yes,Required,Decidable,Single Translation Unit,Local variables shall not have static storage duration,,,Easy, cpp,MISRA-C++-2023,RULE-6-7-2,Yes,Required,Decidable,Single Translation Unit,Global variables shall not be used,,,Easy, cpp,MISRA-C++-2023,RULE-6-8-1,Yes,Required,Undecidable,System,An object shall not be accessed outside of its lifetime,A3-8-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-6-8-2,Yes,Mandatory,Decidable,Single Translation Unit,A function must not return a reference or a pointer to a local variable with automatic storage duration,M7-5-1,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-6-8-2,Yes,Mandatory,Decidable,Single Translation Unit,A function must not return a reference or a pointer to a local variable with automatic storage duration,M7-5-1,,Import, cpp,MISRA-C++-2023,RULE-6-8-3,Yes,Required,Decidable,Single Translation Unit,An assignment operator shall not assign the address of an object with automatic storage duration to an object with a greater lifetime,,,Medium, cpp,MISRA-C++-2023,RULE-6-8-4,Yes,Advisory,Decidable,Single Translation Unit,Member functions returning references to their object should be refqualified appropriately,,,Medium, cpp,MISRA-C++-2023,RULE-6-9-1,Yes,Required,Decidable,Single Translation Unit,The same type aliases shall be used in all declarations of the same entity,,,Medium, @@ -827,8 +827,8 @@ cpp,MISRA-C++-2023,RULE-7-0-3,Yes,Required,Decidable,Single Translation Unit,The cpp,MISRA-C++-2023,RULE-7-0-4,Yes,Required,Decidable,Single Translation Unit,The operands of bitwise operators and shift operators shall be appropriate,RULE-10-1,,Medium, cpp,MISRA-C++-2023,RULE-7-0-5,Yes,Required,Decidable,Single Translation Unit,Integral promotion and the usual arithmetic conversions shall not change the signedness or the type category of an operand,"M5-0-4,M5-0-9,INT31-C",,Medium, cpp,MISRA-C++-2023,RULE-7-0-6,Yes,Required,Decidable,Single Translation Unit,Assignment between numeric types shall be appropriate,,,Hard, -cpp,MISRA-C++-2023,RULE-7-11-1,Yes,Required,Decidable,Single Translation Unit,nullptr shall be the only form of the null-pointer-constant,A4-10-1,ImportMisra23-1,Import, -cpp,MISRA-C++-2023,RULE-7-11-2,Yes,Required,Decidable,Single Translation Unit,An array passed as a function argument shall not decay to a pointer,M5-2-12,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-7-11-1,Yes,Required,Decidable,Single Translation Unit,nullptr shall be the only form of the null-pointer-constant,A4-10-1,,Import, +cpp,MISRA-C++-2023,RULE-7-11-2,Yes,Required,Decidable,Single Translation Unit,An array passed as a function argument shall not decay to a pointer,M5-2-12,,Import, cpp,MISRA-C++-2023,RULE-7-11-3,Yes,Required,Decidable,Single Translation Unit,A conversion from function type to pointer-to-function type shall only occur in appropriate contexts,,,Easy, cpp,MISRA-C++-2023,RULE-8-0-1,Yes,Advisory,Decidable,Single Translation Unit,Parentheses should be used to make the meaning of an expression appropriately explicit,M5-0-2,,Medium, cpp,MISRA-C++-2023,RULE-8-1-1,Yes,Required,Decidable,Single Translation Unit,A non-transient lambda shall not implicitly capture this,,,Easy, @@ -836,81 +836,81 @@ cpp,MISRA-C++-2023,RULE-8-1-2,Yes,Advisory,Decidable,Single Translation Unit,Var cpp,MISRA-C++-2023,RULE-8-2-1,Yes,Required,Decidable,Single Translation Unit,A virtual base class shall only be cast to a derived class by means of dynamic_cast,,,Easy, cpp,MISRA-C++-2023,RULE-8-2-2,Yes,Required,Decidable,Single Translation Unit,C-style casts and functional notation casts shall not be used,A5-2-2,,Easy, cpp,MISRA-C++-2023,RULE-8-2-3,Yes,Required,Decidable,Single Translation Unit,A cast shall not remove any const or volatile qualification from the type accessed via a pointer or by reference,A5-2-3,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-8-2-4,Yes,Required,Decidable,Single Translation Unit,Casts shall not be performed between a pointer to function and any other type,M5-2-6,ImportMisra23-1,Import, -cpp,MISRA-C++-2023,RULE-8-2-5,Yes,Required,Decidable,Single Translation Unit,reinterpret_cast shall not be used,A5-2-4,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-8-2-4,Yes,Required,Decidable,Single Translation Unit,Casts shall not be performed between a pointer to function and any other type,M5-2-6,,Import, +cpp,MISRA-C++-2023,RULE-8-2-5,Yes,Required,Decidable,Single Translation Unit,reinterpret_cast shall not be used,A5-2-4,,Import, cpp,MISRA-C++-2023,RULE-8-2-6,Yes,Required,Decidable,Single Translation Unit,"An object with integral, enumerated, or pointer to void type shall not be cast to a pointer type","RULE-11-6, INT36-C",,Easy, cpp,MISRA-C++-2023,RULE-8-2-7,Yes,Advisory,Decidable,Single Translation Unit,A cast should not convert a pointer type to an integral type,"RULE-11-6, INT36-C",,Easy, cpp,MISRA-C++-2023,RULE-8-2-8,Yes,Required,Decidable,Single Translation Unit,An object pointer type shall not be cast to an integral type other than std::uintptr_t or std::intptr_t,"RULE-11-6, INT36-C",,Easy, cpp,MISRA-C++-2023,RULE-8-2-9,Yes,Required,Decidable,Single Translation Unit,The operand to typeid shall not be an expression of polymorphic class type,,,Easy, -cpp,MISRA-C++-2023,RULE-8-2-10,Yes,Required,Undecidable,System,"Functions shall not call themselves, either directly or indirectly",A7-5-2,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-8-2-10,Yes,Required,Undecidable,System,"Functions shall not call themselves, either directly or indirectly",A7-5-2,,Import, cpp,MISRA-C++-2023,RULE-8-2-11,Yes,Required,Decidable,Single Translation Unit,An argument passed via ellipsis shall have an appropriate type,,,Easy, -cpp,MISRA-C++-2023,RULE-8-3-1,Yes,Advisory,Decidable,Single Translation Unit,The built-in unary - operator should not be applied to an expression of unsigned type,M5-3-2,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-8-3-1,Yes,Advisory,Decidable,Single Translation Unit,The built-in unary - operator should not be applied to an expression of unsigned type,M5-3-2,,Import, cpp,MISRA-C++-2023,RULE-8-3-2,Yes,Advisory,Decidable,Single Translation Unit,The built-in unary + operator should not be used,,,Easy, cpp,MISRA-C++-2023,RULE-8-7-1,Yes,Required,Undecidable,System,Pointer arithmetic shall not form an invalid pointer,ARR30-C,,Easy, cpp,MISRA-C++-2023,RULE-8-7-2,Yes,Required,Undecidable,System,Subtraction between pointers shall only be applied to pointers that address elements of the same array,ARR36-C,,Easy, cpp,MISRA-C++-2023,RULE-8-9-1,Yes,Required,Undecidable,System,"The built-in relational operators >, >=, < and <= shall not be applied to objects of pointer type, except where they point to elements of the same array",ARR36-C,,Easy, cpp,MISRA-C++-2023,RULE-8-14-1,Yes,Advisory,Undecidable,System,The right-hand operand of a logical && or operator should not contain persistent side effects,"M5-14-1, RULE-13-5",,Medium, cpp,MISRA-C++-2023,RULE-8-18-1,Yes,Mandatory,Undecidable,System,An object or subobject must not be copied to an overlapping object,"M0-2-1, RULE-19-1",,Hard, -cpp,MISRA-C++-2023,RULE-8-18-2,Yes,Advisory,Decidable,Single Translation Unit,The result of an assignment operator should not be used,RULE-13-4,ImportMisra23-1,Import, -cpp,MISRA-C++-2023,RULE-8-19-1,Yes,Advisory,Decidable,Single Translation Unit,The comma operator should not be used,M15-8-1,ImportMisra23-1,Import, -cpp,MISRA-C++-2023,RULE-8-20-1,Yes,Advisory,Decidable,Single Translation Unit,An unsigned arithmetic operation with constant operands should not wrap,INT30-C,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-8-18-2,Yes,Advisory,Decidable,Single Translation Unit,The result of an assignment operator should not be used,RULE-13-4,,Import, +cpp,MISRA-C++-2023,RULE-8-19-1,Yes,Advisory,Decidable,Single Translation Unit,The comma operator should not be used,M15-8-1,,Import, +cpp,MISRA-C++-2023,RULE-8-20-1,Yes,Advisory,Decidable,Single Translation Unit,An unsigned arithmetic operation with constant operands should not wrap,INT30-C,,Import, cpp,MISRA-C++-2023,RULE-9-2-1,Yes,Required,Decidable,Single Translation Unit,An explicit type conversion shall not be an expression statement,DCL53-CPP,,Easy, -cpp,MISRA-C++-2023,RULE-9-3-1,Yes,Required,Decidable,Single Translation Unit,The body of an iteration-statement or a selection-statement shall be a compound-statement,RULE-15-6,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-9-3-1,Yes,Required,Decidable,Single Translation Unit,The body of an iteration-statement or a selection-statement shall be a compound-statement,RULE-15-6,,Import, cpp,MISRA-C++-2023,RULE-9-4-1,Yes,Required,Decidable,Single Translation Unit,All if ... else if constructs shall be terminated with an else statement,RULE-15-7,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-9-4-2,Yes,Required,Decidable,Single Translation Unit,The structure of a switch statement shall be appropriate,"RULE-16-1, RULE-16-2,RULE-16-3,RULE-16-4,RULE-16-5,RULE-16-6,RULE-16-7",,Medium, cpp,MISRA-C++-2023,RULE-9-5-1,Yes,Advisory,Decidable,Single Translation Unit,Legacy for statements should be simple,,,Hard, cpp,MISRA-C++-2023,RULE-9-5-2,Yes,Required,Decidable,Single Translation Unit,A for-range-initializer shall contain at most one function call,,,Easy, -cpp,MISRA-C++-2023,RULE-9-6-1,Yes,Advisory,Decidable,Single Translation Unit,The goto statement should not be used,RULE-15-1,ImportMisra23-1,Import, -cpp,MISRA-C++-2023,RULE-9-6-2,Yes,Required,Decidable,Single Translation Unit,A goto statement shall reference a label in a surrounding block,RULE-15-3,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-9-6-1,Yes,Advisory,Decidable,Single Translation Unit,The goto statement should not be used,RULE-15-1,,Import, +cpp,MISRA-C++-2023,RULE-9-6-2,Yes,Required,Decidable,Single Translation Unit,A goto statement shall reference a label in a surrounding block,RULE-15-3,,Import, cpp,MISRA-C++-2023,RULE-9-6-3,Yes,Required,Decidable,Single Translation Unit,The goto statement shall jump to a label declared later in the function body,RULE-15-2,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-9-6-4,Yes,Required,Undecidable,System,A function declared with the [[noreturn]] attribute shall not return,MSC53-CPP,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-9-6-5,Yes,Required,Decidable,Single Translation Unit,A function with non-void return type shall return a value on all paths,MSC52-CPP,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-10-0-1,Yes,Advisory,Decidable,Single Translation Unit,A declaration should not declare more than one variable or member variable,M8-0-1,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-10-0-1,Yes,Advisory,Decidable,Single Translation Unit,A declaration should not declare more than one variable or member variable,M8-0-1,,Import, cpp,MISRA-C++-2023,RULE-10-1-1,Yes,Advisory,Decidable,Single Translation Unit,The target type of a pointer or lvalue reference parameter should be const-qualified appropriately,RULE-8-13,,Hard, cpp,MISRA-C++-2023,RULE-10-1-2,Yes,Required,Decidable,Single Translation Unit,The volatile qualifier shall be used appropriately,,,Easy, -cpp,MISRA-C++-2023,RULE-10-2-1,Yes,Required,Decidable,Single Translation Unit,An enumeration shall be defined with an explicit underlying type,A7-2-2,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-10-2-1,Yes,Required,Decidable,Single Translation Unit,An enumeration shall be defined with an explicit underlying type,A7-2-2,,Import, cpp,MISRA-C++-2023,RULE-10-2-2,Yes,Advisory,Decidable,Single Translation Unit,Unscoped enumerations should not be declared,A7-2-3,,Easy, cpp,MISRA-C++-2023,RULE-10-2-3,Yes,Required,Decidable,Single Translation Unit,The numeric value of an unscoped enumeration with no fixed underlying type shall not be used,A4-5-1,,Easy, cpp,MISRA-C++-2023,RULE-10-3-1,Yes,Advisory,Decidable,Single Translation Unit,There should be no unnamed namespaces in header files,"DCL59-CPP, M7-3-3",,Easy, -cpp,MISRA-C++-2023,RULE-10-4-1,Yes,Required,Decidable,Single Translation Unit,The asm declaration shall not be used,A7-4-1,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-10-4-1,Yes,Required,Decidable,Single Translation Unit,The asm declaration shall not be used,A7-4-1,,Import, cpp,MISRA-C++-2023,RULE-11-3-1,Yes,Advisory,Decidable,Single Translation Unit,Variables of array type should not be declared,,,Easy, cpp,MISRA-C++-2023,RULE-11-3-2,Yes,Advisory,Decidable,Single Translation Unit,The declaration of an object should contain no more than two levels of pointer indirection,A5-0-3,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-11-6-1,Yes,Advisory,Decidable,Single Translation Unit,All variables should be initialized,,,Easy, cpp,MISRA-C++-2023,RULE-11-6-2,Yes,Mandatory,Undecidable,System,The value of an object must not be read before it has been set,A8-5-0,,Very Hard, -cpp,MISRA-C++-2023,RULE-11-6-3,Yes,Required,Decidable,Single Translation Unit,"Within an enumerator list, the value of an implicitly-specified enumeration constant shall be unique",RULE-8-12,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-11-6-3,Yes,Required,Decidable,Single Translation Unit,"Within an enumerator list, the value of an implicitly-specified enumeration constant shall be unique",RULE-8-12,,Import, cpp,MISRA-C++-2023,RULE-12-2-1,Yes,Advisory,Decidable,Single Translation Unit,Bit-fields should not be declared,A9-6-2,,Easy, -cpp,MISRA-C++-2023,RULE-12-2-2,Yes,Required,Decidable,Single Translation Unit,A bit-field shall have an appropriate type,RULE-6-1,ImportMisra23-1,Import, -cpp,MISRA-C++-2023,RULE-12-2-3,Yes,Required,Decidable,Single Translation Unit,A named bit-field with signed integer type shall not have a length of one bit,"RULE-6-2, M9-6-4",ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-12-2-2,Yes,Required,Decidable,Single Translation Unit,A bit-field shall have an appropriate type,RULE-6-1,,Import, +cpp,MISRA-C++-2023,RULE-12-2-3,Yes,Required,Decidable,Single Translation Unit,A named bit-field with signed integer type shall not have a length of one bit,"RULE-6-2, M9-6-4",,Import, cpp,MISRA-C++-2023,RULE-12-3-1,Yes,Required,Decidable,Single Translation Unit,The union keyword shall not be used,RULE-19-2,,Easy, cpp,MISRA-C++-2023,RULE-13-1-1,Yes,Advisory,Decidable,Single Translation Unit,Classes should not be inherited virtually,,,Easy, -cpp,MISRA-C++-2023,RULE-13-1-2,Yes,Required,Decidable,Single Translation Unit,An accessible base class shall not be both virtual and non-virtual in the same hierarchy,M10-1-3,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-13-1-2,Yes,Required,Decidable,Single Translation Unit,An accessible base class shall not be both virtual and non-virtual in the same hierarchy,M10-1-3,,Import, cpp,MISRA-C++-2023,RULE-13-3-1,Yes,Required,Decidable,Single Translation Unit,"User-declared member functions shall use the virtual, override and final specifiers appropriately",,,Easy, -cpp,MISRA-C++-2023,RULE-13-3-2,Yes,Required,Decidable,Single Translation Unit,Parameters in an overriding virtual function shall not specify different default arguments,M8-3-1,ImportMisra23-1,Import, -cpp,MISRA-C++-2023,RULE-13-3-3,Yes,Required,Decidable,System,The parameters in all declarations or overrides of a function shall either be unnamed or have identical names,A15-1-2,ImportMisra23-1,Import, -cpp,MISRA-C++-2023,RULE-13-3-4,Yes,Required,Decidable,Single Translation Unit,A comparison of a potentially virtual pointer to member function shall only be with nullptr,A5-10-1,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-13-3-2,Yes,Required,Decidable,Single Translation Unit,Parameters in an overriding virtual function shall not specify different default arguments,M8-3-1,,Import, +cpp,MISRA-C++-2023,RULE-13-3-3,Yes,Required,Decidable,System,The parameters in all declarations or overrides of a function shall either be unnamed or have identical names,A15-1-2,,Import, +cpp,MISRA-C++-2023,RULE-13-3-4,Yes,Required,Decidable,Single Translation Unit,A comparison of a potentially virtual pointer to member function shall only be with nullptr,A5-10-1,,Import, cpp,MISRA-C++-2023,RULE-14-1-1,Yes,Advisory,Decidable,Single Translation Unit,Non-static data members should be either all private or all public,,,Easy, cpp,MISRA-C++-2023,RULE-15-0-1,Yes,Required,Decidable,Single Translation Unit,Special member functions shall be provided appropriately,A12-0-1,,Medium, cpp,MISRA-C++-2023,RULE-15-0-2,Yes,Advisory,Decidable,Single Translation Unit,User-provided copy and move member functions of a class should have appropriate signatures,,,Easy, -cpp,MISRA-C++-2023,RULE-15-1-1,Yes,Required,Undecidable,System,An object’s dynamic type shall not be used from within its constructor or destructor,M12-1-1,ImportMisra23-1,Import, -cpp,MISRA-C++-2023,RULE-15-1-2,Yes,Advisory,Decidable,Single Translation Unit,All constructors of a class should explicitly initialize all of its virtual base classes and immediate base classes,A12-1-1,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-15-1-1,Yes,Required,Undecidable,System,An object’s dynamic type shall not be used from within its constructor or destructor,M12-1-1,,Import, +cpp,MISRA-C++-2023,RULE-15-1-2,Yes,Advisory,Decidable,Single Translation Unit,All constructors of a class should explicitly initialize all of its virtual base classes and immediate base classes,A12-1-1,,Import, cpp,MISRA-C++-2023,RULE-15-1-3,Yes,Required,Decidable,Single Translation Unit,Conversion operators and constructors that are callable with a single argument shall be explicit,"A12-1-4,A13-5-2",,Easy, cpp,MISRA-C++-2023,RULE-15-1-4,Yes,Advisory,Decidable,Single Translation Unit,"All direct, non-static data members of a class should be initialized before the class object is accessible",,,Hard, -cpp,MISRA-C++-2023,RULE-15-1-5,Yes,Required,Decidable,Single Translation Unit,A class shall only define an initializer-list constructor when it is the only constructor,A8-5-4,ImportMisra23-1,Import, -cpp,MISRA-C++-2023,DIR-15-8-1,Yes,Required,Decidable,Implementation,User-provided copy assignment operators and move assignment operators shall handle self-assignment,A12-8-5,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-15-1-5,Yes,Required,Decidable,Single Translation Unit,A class shall only define an initializer-list constructor when it is the only constructor,A8-5-4,,Import, +cpp,MISRA-C++-2023,DIR-15-8-1,Yes,Required,Decidable,Implementation,User-provided copy assignment operators and move assignment operators shall handle self-assignment,A12-8-5,,Import, cpp,MISRA-C++-2023,RULE-16-5-1,Yes,Required,Decidable,Single Translation Unit,The logical AND and logical OR operators shall not be overloaded,M5-2-11,,Easy, -cpp,MISRA-C++-2023,RULE-16-5-2,Yes,Required,Decidable,Single Translation Unit,The address-of operator shall not be overloaded,M5-3-3,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-16-5-2,Yes,Required,Decidable,Single Translation Unit,The address-of operator shall not be overloaded,M5-3-3,,Import, cpp,MISRA-C++-2023,RULE-16-6-1,Yes,Advisory,Decidable,Single Translation Unit,Symmetrical operators should only be implemented as non-member functions,,,Medium, -cpp,MISRA-C++-2023,RULE-17-8-1,Yes,Required,Decidable,Single Translation Unit,Function templates shall not be explicitly specialized,A14-8-2,ImportMisra23-1,Import, -cpp,MISRA-C++-2023,RULE-18-1-1,Yes,Required,Decidable,Single Translation Unit,An exception object shall not have pointer type,A15-1-2,ImportMisra23-1,Import, -cpp,MISRA-C++-2023,RULE-18-1-2,Yes,Required,Decidable,Single Translation Unit,An empty throw shall only occur within the compound-statement of a catch handler,M15-1-3,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-17-8-1,Yes,Required,Decidable,Single Translation Unit,Function templates shall not be explicitly specialized,A14-8-2,,Import, +cpp,MISRA-C++-2023,RULE-18-1-1,Yes,Required,Decidable,Single Translation Unit,An exception object shall not have pointer type,A15-1-2,,Import, +cpp,MISRA-C++-2023,RULE-18-1-2,Yes,Required,Decidable,Single Translation Unit,An empty throw shall only occur within the compound-statement of a catch handler,M15-1-3,,Import, cpp,MISRA-C++-2023,RULE-18-3-1,Yes,Advisory,Decidable,Single Translation Unit,There should be at least one exception handler to catch all otherwise unhandled exceptions,A15-3-3,,Easy, cpp,MISRA-C++-2023,RULE-18-3-2,Yes,Required,Decidable,Single Translation Unit,An exception of class type shall be caught by const reference or reference,A15-3-5,,Easy, cpp,MISRA-C++-2023,RULE-18-3-3,Yes,Required,Decidable,Single Translation Unit,Handlers for a function-try-block of a constructor or destructor shall not refer to non-static members from their class or its bases,M15-3-3,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-18-4-1,Yes,Required,Decidable,Single Translation Unit,Exception-unfriendly functions shall be noexcept,A15-5-1,,Easy, -cpp,MISRA-C++-2023,RULE-18-5-1,Yes,Advisory,Undecidable,System,A noexcept function should not attempt to propagate an exception to the calling function,A15-4-2,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-18-5-1,Yes,Advisory,Undecidable,System,A noexcept function should not attempt to propagate an exception to the calling function,A15-4-2,,Import, cpp,MISRA-C++-2023,RULE-18-5-2,Yes,Advisory,Decidable,Single Translation Unit,Program-terminating functions should not be used,,,Easy, cpp,MISRA-C++-2023,RULE-19-0-1,No,Required,Decidable,Single Translation Unit,A line whose first token is # shall be a valid preprocessing directive,,,, -cpp,MISRA-C++-2023,RULE-19-0-2,Yes,Required,Decidable,Single Translation Unit,Function-like macros shall not be defined,DIR-4-9,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-19-0-2,Yes,Required,Decidable,Single Translation Unit,Function-like macros shall not be defined,DIR-4-9,,Import, cpp,MISRA-C++-2023,RULE-19-0-3,Yes,Advisory,Decidable,Single Translation Unit,#include directives should only be preceded by preprocessor directives or comments,RULE-20-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-19-0-4,Yes,Advisory,Decidable,Single Translation Unit,#undef should only be used for macros defined previously in the same file,,,Easy, cpp,MISRA-C++-2023,RULE-19-1-1,Yes,Required,Decidable,Single Translation Unit,The defined preprocessor operator shall be used appropriately,M16-1-1,,Easy, @@ -920,23 +920,23 @@ cpp,MISRA-C++-2023,RULE-19-2-1,Yes,Required,Decidable,Single Translation Unit,Pr cpp,MISRA-C++-2023,RULE-19-2-2,Yes,Required,Decidable,Single Translation Unit,"The #include directive shall be followed by either a or ""filename"" sequence",,,Easy, cpp,MISRA-C++-2023,RULE-19-2-3,Yes,Required,Decidable,Single Translation Unit,"The ' or "" or \ characters and the /* or // character sequences shall not occur in a header file name",A16-2-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-19-3-1,Yes,Advisory,Decidable,Single Translation Unit,The # and ## preprocessor operators should not be used,M16-3-2,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-19-3-2,Yes,Required,Decidable,Single Translation Unit,A macro parameter immediately following a # operator shall not be immediately followed by a ## operator,RULE-20-11,ImportMisra23-1,Import, -cpp,MISRA-C++-2023,RULE-19-3-3,Yes,Required,Decidable,Single Translation Unit,The argument to a mixed-use macro parameter shall not be subject to further expansion,RULE-20-12,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-19-3-2,Yes,Required,Decidable,Single Translation Unit,A macro parameter immediately following a # operator shall not be immediately followed by a ## operator,RULE-20-11,,Import, +cpp,MISRA-C++-2023,RULE-19-3-3,Yes,Required,Decidable,Single Translation Unit,The argument to a mixed-use macro parameter shall not be subject to further expansion,RULE-20-12,,Import, cpp,MISRA-C++-2023,RULE-19-3-4,Yes,Required,Decidable,Single Translation Unit,Parentheses shall be used to ensure macro arguments are expanded appropriately,M16-0-6,,Medium, cpp,MISRA-C++-2023,RULE-19-3-5,Yes,Required,Decidable,Single Translation Unit,Tokens that look like a preprocessing directive shall not occur within a macro argument,RULE-20-6,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-19-6-1,Yes,Advisory,Decidable,Single Translation Unit,The #pragma directive and the _Pragma operator should not be used,A16-7-1,,Easy, -cpp,MISRA-C++-2023,RULE-21-2-1,Yes,Required,Decidable,Single Translation Unit,"The library functions atof, atoi, atol and atoll from shall not be used",RULE-21-7,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-21-2-1,Yes,Required,Decidable,Single Translation Unit,"The library functions atof, atoi, atol and atoll from shall not be used",RULE-21-7,,Import, cpp,MISRA-C++-2023,RULE-21-2-2,Yes,Required,Decidable,Single Translation Unit,"The string handling functions from , , and shall not be used",M18-0-5,,Easy, cpp,MISRA-C++-2023,RULE-21-2-3,Yes,Required,Decidable,Single Translation Unit,The library function system from shall not be used,M18-0-3,,Easy, -cpp,MISRA-C++-2023,RULE-21-2-4,Yes,Required,Decidable,Single Translation Unit,The macro offsetof shall not be used,M18-2-1,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-21-2-4,Yes,Required,Decidable,Single Translation Unit,The macro offsetof shall not be used,M18-2-1,,Import, cpp,MISRA-C++-2023,RULE-21-6-1,Yes,Advisory,Undecidable,Single Translation Unit,Dynamic memory should not be used,DIR-4-12,,Easy, cpp,MISRA-C++-2023,RULE-21-6-2,Yes,Required,Decidable,Single Translation Unit,Dynamic memory shall be managed automatically,,,Easy, cpp,MISRA-C++-2023,RULE-21-6-3,Yes,Required,Decidable,Single Translation Unit,Advanced memory management shall not be used,,,Medium, -cpp,MISRA-C++-2023,RULE-21-6-4,Yes,Required,Decidable,System,"If a project defines either a sized or unsized version of a global operator delete, then both shall be defined",A18-5-4,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-21-6-4,Yes,Required,Decidable,System,"If a project defines either a sized or unsized version of a global operator delete, then both shall be defined",A18-5-4,,Import, cpp,MISRA-C++-2023,RULE-21-6-5,Yes,Required,Decidable,Single Translation Unit,A pointer to an incomplete class type shall not be deleted,A5-3-3,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-21-10-1,Yes,Required,Decidable,Single Translation Unit,The features of shall not be used,DCL50-CPP,,Easy, cpp,MISRA-C++-2023,RULE-21-10-2,Yes,Required,Decidable,Single Translation Unit,The standard header file shall not be used,ERR52-CPP,,Easy, -cpp,MISRA-C++-2023,RULE-21-10-3,Yes,Required,Decidable,Single Translation Unit,The facilities provided by the standard header file shall not be used,M18-7-1,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-21-10-3,Yes,Required,Decidable,Single Translation Unit,The facilities provided by the standard header file shall not be used,M18-7-1,,Import, cpp,MISRA-C++-2023,RULE-22-3-1,Yes,Required,Decidable,Single Translation Unit,The assert macro shall not be used with a constant-expression,,,Easy, cpp,MISRA-C++-2023,RULE-22-4-1,Yes,Required,Decidable,Single Translation Unit,The literal value zero shall be the only value assigned to errno,,,Easy, cpp,MISRA-C++-2023,RULE-23-11-1,Yes,Advisory,Decidable,Single Translation Unit,The raw pointer constructors of std::shared_ptr and std::unique_ptr should not be used,,,Easy, @@ -945,11 +945,11 @@ cpp,MISRA-C++-2023,RULE-24-5-2,Yes,Required,Decidable,Single Translation Unit,"T cpp,MISRA-C++-2023,RULE-25-5-1,Yes,Required,Decidable,Single Translation Unit,The setlocale and std::locale::global functions shall not be called,,,Easy, cpp,MISRA-C++-2023,RULE-25-5-2,Yes,Mandatory,Decidable,Single Translation Unit,"The pointers returned by the C++ Standard Library functions localeconv, getenv, setlocale or strerror must only be used as if they have pointer to const-qualified type",RULE-21-19,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-25-5-3,Yes,Mandatory,Undecidable,System,"The pointer returned by the C++ Standard Library functions asctime, ctime, gmtime, localtime, localeconv, getenv, setlocale or strerror must not be used following a subsequent call to the same function",RULE-21-20,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-26-3-1,Yes,Advisory,Decidable,Single Translation Unit,std::vector should not be specialized with bool,A18-1-2,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-26-3-1,Yes,Advisory,Decidable,Single Translation Unit,std::vector should not be specialized with bool,A18-1-2,,Import, cpp,MISRA-C++-2023,RULE-28-3-1,Yes,Required,Undecidable,System,Predicates shall not have persistent side effects,A25-1-1,,Easy, cpp,MISRA-C++-2023,RULE-28-6-1,Yes,Required,Decidable,Single Translation Unit,The argument to std::move shall be a non-const lvalue,A18-9-3,,Easy, -cpp,MISRA-C++-2023,RULE-28-6-2,Yes,Required,Decidable,Single Translation Unit,Forwarding references and std::forward shall be used together,A18-9-2,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-28-6-2,Yes,Required,Decidable,Single Translation Unit,Forwarding references and std::forward shall be used together,A18-9-2,,Import, cpp,MISRA-C++-2023,RULE-28-6-3,Yes,Required,Decidable,Single Translation Unit,An object shall not be used while in a potentially moved-from state,A12-8-3,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-28-6-4,Yes,Required,Decidable,Single Translation Unit,"The result of std::remove, std::remove_if, std::unique and empty shall be used",,,Easy, -cpp,MISRA-C++-2023,RULE-30-0-1,Yes,Required,Decidable,Single Translation Unit,The C Library input/output functions shall not be used,M27-0-1,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-30-0-1,Yes,Required,Decidable,Single Translation Unit,The C Library input/output functions shall not be used,M27-0-1,,Import, cpp,MISRA-C++-2023,RULE-30-0-2,Yes,Required,Undecidable,System,Reads and writes on the same file stream shall be separated by a positioning operation,A27-0-3,ImportMisra23,Import, From f5a1fc2a0758a977eec0e2b4e40a57b12845ad08 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 26 Jun 2024 10:56:52 +0100 Subject: [PATCH 1838/2573] Address review comments --- .../2024-06-07-m0-1-3-uninstantiated-templates.md | 2 ++ cpp/autosar/test/rules/M0-1-3/test.cpp | 2 +- .../codingstandards/cpp/deadcode/UnusedVariables.qll | 11 +++++------ 3 files changed, 8 insertions(+), 7 deletions(-) create mode 100644 change_notes/2024-06-07-m0-1-3-uninstantiated-templates.md diff --git a/change_notes/2024-06-07-m0-1-3-uninstantiated-templates.md b/change_notes/2024-06-07-m0-1-3-uninstantiated-templates.md new file mode 100644 index 0000000000..0dcb7c1c1a --- /dev/null +++ b/change_notes/2024-06-07-m0-1-3-uninstantiated-templates.md @@ -0,0 +1,2 @@ + - `M0-1-3` - `UnusedGlobalOrNamespaceVariable.ql` + - Reduces false positives by excluding compiler generated variables, and variables in uninstantiated templates. \ No newline at end of file diff --git a/cpp/autosar/test/rules/M0-1-3/test.cpp b/cpp/autosar/test/rules/M0-1-3/test.cpp index a2b0dda35d..a591c7e82b 100644 --- a/cpp/autosar/test/rules/M0-1-3/test.cpp +++ b/cpp/autosar/test/rules/M0-1-3/test.cpp @@ -83,7 +83,7 @@ template extern constexpr bool all_of_v = true; // COMPLIANT template extern constexpr bool all_of_v = - B1 && all_of_v; // COMPLIANT + B1 &&all_of_v; // COMPLIANT void test_template_variable() { all_of_v; } diff --git a/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll b/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll index e4048472d3..f4607d82cb 100644 --- a/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll +++ b/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll @@ -48,12 +48,11 @@ class PotentiallyUnusedLocalVariable extends LocalVariable { not exists(AsmStmt s | f = s.getEnclosingFunction()) and // Ignore functions with error expressions as they indicate expressions that the extractor couldn't process not any(ErrorExpr e).getEnclosingFunction() = f - ) - // ) and - // // exclude uninstantiated template members - // not this.isFromUninstantiatedTemplate(_) and - // // Do not report compiler generated variables - // not this.isCompilerGenerated() + ) and + // exclude uninstantiated template members + not this.isFromUninstantiatedTemplate(_) and + // Do not report compiler generated variables + not this.isCompilerGenerated() } } From c5d1692ec82aa187866839efc182d0c1d8e4a211 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 26 Jun 2024 18:27:57 +0200 Subject: [PATCH 1839/2573] MISRA23 Import rules complete --- ...OnOrderOfScalarEvaluationForSideEffects.ql | 2 +- .../AssignmentsInSelectionStatements.ql | 2 +- .../UnsignedIntegerOperationsWrapAround.ql | 27 +- ...signedIntegerOperationsWrapAround.expected | 4 - .../UnsignedIntegerOperationsWrapAround.qlref | 1 - ...nsignedIntegerOperationsWrapAround.testref | 1 + ...edForGeneratingPseudorandomNumbers.testref | 2 +- c/common/src/codingstandards/c/Literals.qll | 4 - .../VariableAccessOrdering.qll | 2 +- c/common/test/library/expr/FullExpr.ql | 2 +- ...rgumentSubjectToExpansion_shared.expected} | 4 +- ...eMacroArgumentSubjectToExpansion_shared.ql | 5 + .../test.c | 26 + .../AtofAtoiAtolAndAtollUsed_shared.expected | 4 + .../AtofAtoiAtolAndAtollUsed_shared.ql | 4 + .../atofatoiatolandatollused_shared/test.c | 13 + ...ShallHaveAnAppropriateType_shared.expected | 4 + ...tFieldShallHaveAnAppropriateType_shared.ql | 4 + .../test.c | 17 + .../ConstLikeReturnValue.expected | 32 +- .../test/rules/constlikereturnvalue/test.c | 3 + .../FunctionLikeMacrosDefined_shared.expected | 2 + .../FunctionLikeMacrosDefined_shared.ql | 4 + .../functionlikemacrosdefined_shared/test.c | 42 + ...ceALabelInSurroundingBlock_shared.expected | 3 + ...eferenceALabelInSurroundingBlock_shared.ql | 4 + .../test.c | 2 + .../GotoStatementCondition.expected | 7 +- .../test/rules/gotostatementcondition/test.c | 38 +- ...toStatementShouldNotBeUsed_shared.expected | 1 + .../GotoStatementShouldNotBeUsed_shared.ql | 4 + .../test.c | 11 + .../InvalidatedEnvStringPointers.expected | 12 +- .../rules/invalidatedenvstringpointers/test.c | 2 + .../InvalidatedEnvStringPointersWarn.expected | 4 +- .../invalidatedenvstringpointerswarn/test.c | 2 + ...caseLStartsInLiteralSuffix_shared.expected | 16 + .../LowercaseLStartsInLiteralSuffix_shared.ql | 4 + .../test.c | 46 + ...acroParameterFollowingHash_shared.expected | 1 + .../MacroParameterFollowingHash_shared.ql | 4 + .../macroparameterfollowinghash_shared/test.c | 29 + ...sNotSequencedAppropriately_shared.expected | 6 + ...rationsNotSequencedAppropriately_shared.ql | 5 + .../test.c | 39 + ...ieldsWithSignedIntegerType_shared.expected | 5 + ...edBitFieldsWithSignedIntegerType_shared.ql | 4 + .../test.c | 28 + ...nTerminatedEscapeSequences_shared.expected | 21 + .../NonTerminatedEscapeSequences_shared.ql | 4 + .../test.c | 81 ++ ...nUniqueEnumerationConstant_shared.expected | 1 + .../NonUniqueEnumerationConstant_shared.ql | 4 + .../test.c | 2 + ...entOperatorShouldNotBeUsed_shared.expected | 3 + ...ssignmentOperatorShouldNotBeUsed_shared.ql | 5 + .../test.c | 16 + ...nWithConstantOperandsWraps_shared.expected | 4 + ...erationWithConstantOperandsWraps_shared.ql | 5 + .../test.c | 83 ++ .../DIR-4-9/FunctionOverFunctionLikeMacro.ql | 22 +- ...plicitPrecedenceOfOperatorsInExpression.ql | 2 +- .../rules/RULE-13-2/UnsequencedSideEffects.ql | 235 +--- .../SideEffectAndCrementInFullExpression.ql | 4 +- ...ltOfAnAssignmentOperatorShouldNotBeUsed.ql | 11 +- .../src/rules/RULE-15-1/GotoStatementUsed.ql | 11 +- .../RULE-15-3/GotoLabelBlockCondition.ql | 49 +- .../RULE-15-6/SelectionCompoundCondition.ql | 2 +- ...oreThanOneHashOperatorInMacroDefinition.ql | 16 +- .../MacroParameterUsedAsHashOperand.ql | 24 +- .../AtofAtoiAtolAndAtollOfStdlibhUsed.ql | 15 +- ...HexadecimalEscapeSequencesNotTerminated.ql | 34 +- ...hallOnlyBeDeclaredWithAnAppropriateType.ql | 33 +- .../SingleBitNamedBitFieldsOfASignedType.ql | 25 +- .../LowercaseCharacterLUsedInLiteralSuffix.ql | 2 +- ...lueImplicitEnumerationConstantNotUnique.ql | 23 +- ...AssemblyLanguageShouldBeDocumented.testref | 2 +- ...ctionsOfCodeShallNotBeCommentedOut.testref | 2 +- ...fiersInTheSameNameSpaceUnambiguous.testref | 2 +- .../FunctionOverFunctionLikeMacro.testref | 1 + .../RULE-13-2/UnsequencedSideEffects.expected | 6 - .../RULE-13-2/UnsequencedSideEffects.qlref | 1 - .../RULE-13-2/UnsequencedSideEffects.testref | 1 + ...AssignmentOperatorShouldNotBeUsed.expected | 3 - ...fAnAssignmentOperatorShouldNotBeUsed.qlref | 1 - ...nAssignmentOperatorShouldNotBeUsed.testref | 1 + .../RULE-15-1/GotoStatementUsed.expected | 1 - .../rules/RULE-15-1/GotoStatementUsed.qlref | 1 - .../rules/RULE-15-1/GotoStatementUsed.testref | 1 + c/misra/test/rules/RULE-15-1/test.c | 9 - .../GotoLabelBlockCondition.expected | 3 - .../RULE-15-3/GotoLabelBlockCondition.qlref | 1 - .../RULE-15-3/GotoLabelBlockCondition.testref | 1 + ...nOneHashOperatorInMacroDefinition.expected | 1 - ...ThanOneHashOperatorInMacroDefinition.qlref | 1 - ...anOneHashOperatorInMacroDefinition.testref | 1 + .../MacroParameterUsedAsHashOperand.qlref | 1 - .../MacroParameterUsedAsHashOperand.testref | 1 + ...AtofAtoiAtolAndAtollOfStdlibhUsed.expected | 4 - .../AtofAtoiAtolAndAtollOfStdlibhUsed.qlref | 1 - .../AtofAtoiAtolAndAtollOfStdlibhUsed.testref | 1 + ...cimalEscapeSequencesNotTerminated.expected | 21 - ...adecimalEscapeSequencesNotTerminated.qlref | 1 - ...ecimalEscapeSequencesNotTerminated.testref | 1 + ...nlyBeDeclaredWithAnAppropriateType.testref | 1 + ...gleBitNamedBitFieldsOfASignedType.expected | 4 - ...SingleBitNamedBitFieldsOfASignedType.qlref | 1 - ...ngleBitNamedBitFieldsOfASignedType.testref | 1 + ...caseCharacterLUsedInLiteralSuffix.expected | 16 - ...wercaseCharacterLUsedInLiteralSuffix.qlref | 1 - ...rcaseCharacterLUsedInLiteralSuffix.testref | 1 + ...wercaseCharacterLUsedInLiteralSuffix.qlref | 1 - c/misra/test/rules/RULE-7-3/cpp/options | 1 - c/misra/test/rules/RULE-7-3/cpp/test.cpp | 1 - ...licitEnumerationConstantNotUnique.expected | 1 - ...ImplicitEnumerationConstantNotUnique.qlref | 1 - ...plicitEnumerationConstantNotUnique.testref | 1 + ...licitConstructorBaseClassInitialization.ql | 31 +- ...yAssignmentAndAMoveHandleSelfAssignment.ql | 43 +- ...tSpecializationsOfFunctionTemplatesUsed.ql | 10 +- .../rules/A15-1-2/PointerExceptionObject.ql | 12 +- .../rules/A15-4-2/NoExceptFunctionThrows.ql | 23 +- .../A18-1-2/VectorboolSpecializationUsed.ql | 23 +- .../GlobalSizedOperatorDeleteNotDefined.ql | 17 +- .../GlobalUnsizedOperatorDeleteNotDefined.ql | 17 +- .../ForwardingValuesToOtherFunctions.ql | 21 +- .../rules/A2-13-1/EscapeSequenceOutsideISO.ql | 13 +- .../A2-7-1/SingleLineCommentEndsWithSlash.ql | 11 +- .../A4-10-1/NullPointerConstantNotNullptr.ql | 19 +- ...rVirtualFunctionWithNullPointerConstant.ql | 34 - ...ualPointerOnlyComparesToNullptrConstant.ql | 25 + .../src/rules/A5-2-4/ReinterpretCastUsed.ql | 9 +- .../src/rules/A6-6-1/GotoStatementUsed.ql | 11 +- ...nUnderlyingBaseTypeNotExplicitlyDefined.ql | 11 +- ...nitionNotConsideredForUnqualifiedLookup.ql | 56 +- ...enInheritedNonOverridableMemberFunction.ql | 45 +- ...iddenInheritedOverridableMemberFunction.ql | 44 +- .../src/rules/A7-4-1/AsmDeclarationUsed.ql | 9 +- .../src/rules/A7-5-2/RecursiveFunctions.ql | 19 +- ...nfusingUseOfInitializerListConstructors.ql | 48 +- ...ssibleBaseClassBothVirtualAndNonVirtual.ql | 23 + ...lassBothVirtualAndNonVirtualInHierarchy.ql | 37 - ...peOfThisUsedFromConstructorOrDestructor.ql | 77 +- .../NameNotReferredUsingAQualifiedIdOrThis.ql | 29 +- ...NotReferredUsingAQualifiedIdOrThisAudit.ql | 29 +- .../rules/M15-1-3/EmptyThrowOutsideCatch.ql | 11 +- .../src/rules/M18-2-1/MacroOffsetofUsed.ql | 11 +- .../src/rules/M18-7-1/CsignalFunctionsUsed.ql | 12 +- .../src/rules/M18-7-1/CsignalTypesUsed.ql | 12 +- .../rules/M2-13-2/UseOfNonZeroOctalLiteral.ql | 12 +- .../src/rules/M2-13-3/MissingUSuffix.ql | 20 +- .../SlashStarUsedWithinACStyleComment.ql | 11 +- .../src/rules/M27-0-1/CstdioFunctionsUsed.ql | 28 +- .../src/rules/M27-0-1/CstdioMacrosUsed.ql | 14 +- .../src/rules/M27-0-1/CstdioTypesUsed.ql | 12 +- ...PassedAsFunctionArgumentDecayToAPointer.ql | 24 + ...PassedAsFunctionArgumentDecayToAPointer.ql | 47 - .../M5-2-6/CastNotConvertPointerToFunction.ql | 13 +- ...sOperatorAppliedToAnUnsignedExpression.ql} | 17 +- .../rules/M5-3-3/UnaryOperatorOverloaded.ql | 8 +- .../src/rules/M6-3-1/LoopCompoundCondition.ql | 11 +- .../rules/M6-3-1/SwitchCompoundCondition.ql | 34 +- .../GlobalNamespaceMembershipViolation.ql | 15 +- ...ainUsedForAFunctionOtherThanGlobalMain.ql} | 15 +- .../FunctionReturnAutomaticVarCondition.ql | 21 +- .../MultipleGlobalOrMemberDeclarators.ql | 55 +- .../rules/M8-0-1/MultipleLocalDeclarators.ql | 13 +- ...nctionParametersUseSameDefaultArguments.ql | 25 + ...ionParametersUseTheSameDefaultArguments.ql | 44 - ...gerTypeShallHaveALengthOfMoreThanOneBit.ql | 2 +- ...itConstructorBaseClassInitialization.qlref | 1 - ...ConstructorBaseClassInitialization.testref | 1 + ...signmentAndAMoveHandleSelfAssignment.qlref | 1 - ...gnmentAndAMoveHandleSelfAssignment.testref | 1 + ...ecializationsOfFunctionTemplatesUsed.qlref | 1 - ...ializationsOfFunctionTemplatesUsed.testref | 1 + .../A15-1-2/PointerExceptionObject.qlref | 1 - .../A15-1-2/PointerExceptionObject.testref | 1 + .../A15-4-2/NoExceptFunctionThrows.qlref | 1 - .../A15-4-2/NoExceptFunctionThrows.testref | 1 + .../VectorboolSpecializationUsed.qlref | 1 - .../VectorboolSpecializationUsed.testref | 1 + .../GlobalSizedOperatorDeleteNotDefined.qlref | 1 - ...lobalSizedOperatorDeleteNotDefined.testref | 1 + ...alUnsizedOperatorDeleteNotDefined.expected | 0 ...lobalUnsizedOperatorDeleteNotDefined.qlref | 1 - ...balUnsizedOperatorDeleteNotDefined.testref | 1 + .../ForwardingValuesToOtherFunctions.qlref | 1 - .../ForwardingValuesToOtherFunctions.testref | 1 + .../A2-13-1/EscapeSequenceOutsideISO.qlref | 1 - .../A2-13-1/EscapeSequenceOutsideISO.testref | 1 + .../SingleLineCommentEndsWithSlash.qlref | 1 - .../SingleLineCommentEndsWithSlash.testref | 1 + .../NullPointerConstantNotNullptr.qlref | 1 - .../NullPointerConstantNotNullptr.testref | 1 + ...rtualFunctionWithNullPointerConstant.qlref | 1 - ...ualFunctionWithNullPointerConstant.testref | 1 + ...irtualPointerOnlyComparesToNullptr.testref | 1 + ...interOnlyComparesToNullptrConstant.testref | 1 + .../rules/A5-2-4/ReinterpretCastUsed.qlref | 1 - .../rules/A5-2-4/ReinterpretCastUsed.testref | 1 + .../rules/A6-6-1/GotoStatementUsed.expected | 1 - .../test/rules/A6-6-1/GotoStatementUsed.qlref | 1 - .../rules/A6-6-1/GotoStatementUsed.testref | 1 + cpp/autosar/test/rules/A6-6-1/test.cpp | 9 - ...derlyingBaseTypeNotExplicitlyDefined.qlref | 1 - ...rlyingBaseTypeNotExplicitlyDefined.testref | 1 + ...ionNotConsideredForUnqualifiedLookup.qlref | 1 - ...nNotConsideredForUnqualifiedLookup.testref | 1 + ...nheritedNonOverridableMemberFunction.qlref | 1 - ...eritedNonOverridableMemberFunction.testref | 1 + ...enInheritedOverridableMemberFunction.qlref | 1 - ...InheritedOverridableMemberFunction.testref | 1 + .../rules/A7-4-1/AsmDeclarationUsed.qlref | 1 - .../rules/A7-4-1/AsmDeclarationUsed.testref | 1 + .../rules/A7-5-2/RecursiveFunctions.qlref | 1 - .../rules/A7-5-2/RecursiveFunctions.testref | 1 + ...singUseOfInitializerListConstructors.qlref | 1 - ...ngUseOfInitializerListConstructors.testref | 1 + ...eBaseClassBothVirtualAndNonVirtual.testref | 1 + ...sBothVirtualAndNonVirtualInHierarchy.qlref | 1 - ...othVirtualAndNonVirtualInHierarchy.testref | 1 + ...fThisUsedFromConstructorOrDestructor.qlref | 1 - ...hisUsedFromConstructorOrDestructor.testref | 1 + ...meNotReferredUsingAQualifiedIdOrThis.qlref | 1 - ...NotReferredUsingAQualifiedIdOrThis.testref | 1 + ...ReferredUsingAQualifiedIdOrThisAudit.qlref | 1 - ...ferredUsingAQualifiedIdOrThisAudit.testref | 1 + .../M15-1-3/EmptyThrowOutsideCatch.qlref | 1 - .../M15-1-3/EmptyThrowOutsideCatch.testref | 1 + .../rules/M18-2-1/MacroOffsetofUsed.qlref | 1 - .../rules/M18-2-1/MacroOffsetofUsed.testref | 1 + .../rules/M18-7-1/CsignalFunctionsUsed.qlref | 1 - .../M18-7-1/CsignalFunctionsUsed.testref | 1 + .../test/rules/M18-7-1/CsignalTypesUsed.qlref | 1 - .../rules/M18-7-1/CsignalTypesUsed.testref | 1 + .../M2-13-2/UseOfNonZeroOctalEscape.expected | 6 - .../M2-13-2/UseOfNonZeroOctalEscape.qlref | 1 - .../M2-13-2/UseOfNonZeroOctalLiteral.qlref | 1 - .../M2-13-2/UseOfNonZeroOctalLiteral.testref | 1 + .../test/rules/M2-13-3/MissingUSuffix.qlref | 1 - .../test/rules/M2-13-3/MissingUSuffix.testref | 1 + .../SlashStarUsedWithinACStyleComment.qlref | 1 - .../SlashStarUsedWithinACStyleComment.testref | 1 + .../rules/M27-0-1/CstdioFunctionsUsed.qlref | 1 - .../rules/M27-0-1/CstdioFunctionsUsed.testref | 1 + .../test/rules/M27-0-1/CstdioMacrosUsed.qlref | 1 - .../rules/M27-0-1/CstdioMacrosUsed.testref | 1 + .../test/rules/M27-0-1/CstdioTypesUsed.qlref | 1 - .../rules/M27-0-1/CstdioTypesUsed.testref | 1 + ...dAsFunctionArgumentDecayToAPointer.testref | 1 + ...sedAsFunctionArgumentDecayToAPointer.qlref | 1 - .../CastNotConvertPointerToFunction.expected | 2 - .../CastNotConvertPointerToFunction.qlref | 1 - .../CastNotConvertPointerToFunction.testref | 1 + ...ressionWhoseUnderlyingTypeIsUnsigned.qlref | 1 - ...ratorAppliedToAnUnsignedExpression.testref | 1 + .../M5-3-3/UnaryOperatorOverloaded.qlref | 1 - .../M5-3-3/UnaryOperatorOverloaded.testref | 1 + .../rules/M6-3-1/LoopCompoundCondition.qlref | 1 - .../M6-3-1/LoopCompoundCondition.testref | 1 + .../M6-3-1/SwitchCompoundCondition.qlref | 1 - .../M6-3-1/SwitchCompoundCondition.testref | 1 + ...GlobalNamespaceMembershipViolation.testref | 1 + ...sedForAFunctionOtherThanGlobalMain.testref | 1 + ...nctionOtherThanTheGlobalFunctionMain.qlref | 1 - ...tionOtherThanTheGlobalFunctionMain.testref | 1 + .../FunctionReturnAutomaticVarCondition.qlref | 1 - ...unctionReturnAutomaticVarCondition.testref | 1 + .../MultipleGlobalOrMemberDeclarators.qlref | 1 - .../MultipleGlobalOrMemberDeclarators.testref | 1 + .../M8-0-1/MultipleLocalDeclarators.qlref | 1 - .../M8-0-1/MultipleLocalDeclarators.testref | 1 + ...nParametersUseSameDefaultArguments.testref | 1 + ...ametersUseTheSameDefaultArguments.expected | 2 - ...ParametersUseTheSameDefaultArguments.qlref | 1 - ...rametersUseTheSameDefaultArguments.testref | 1 + ...eShallHaveALengthOfMoreThanOneBit.expected | 1 - ...TypeShallHaveALengthOfMoreThanOneBit.qlref | 1 - ...peShallHaveALengthOfMoreThanOneBit.testref | 1 + cpp/autosar/test/rules/M9-6-4/test.cpp | 8 - .../common/src/codingstandards/cpp/CExpr.qll | 0 .../src/codingstandards/cpp/COrdering.qll | 2 +- .../cpp}/IrreplaceableFunctionLikeMacro.qll | 0 .../src/codingstandards/cpp/Literals.qll | 2 + .../cpp}/NameInDependentBase.qll | 1 - .../codingstandards/cpp}/OperatorDelete.qll | 1 - .../src/codingstandards/cpp}/SideEffects.qll | 0 .../cpp/exclusions/cpp/ImportMisra23.qll | 1056 +++++++++++++- .../cpp/exclusions/cpp/Inheritance.qll | 16 +- .../cpp/exclusions/cpp/Naming.qll | 16 +- .../cpp/exclusions/cpp/Operators.qll | 16 +- .../cpp/exclusions/cpp/Pointers.qll | 32 +- .../cpp/exclusions/cpp/VirtualFunctions.qll | 16 +- .../AddressOfOperatorOverloaded_shared.qll | 16 + ...MacroArgumentSubjectToExpansion_shared.qll | 32 + ...FunctionArgumentDecayToAPointer_shared.qll | 47 + .../AsmDeclarationUsed_shared.qll | 15 + .../AtofAtoiAtolAndAtollUsed_shared.qll | 23 + .../BackslashCharacterMisuse_shared.qll | 21 + ...FieldShallHaveAnAppropriateType_shared.qll | 40 + ...atorAppliedToUnsignedExpression_shared.qll | 25 + ...ointerToFunctionAndAnyOtherType_shared.qll | 21 + ...equenceUsedWithinACStyleComment_shared.qll | 17 + ...nmentsShallHandleSelfAssignment_shared.qll | 53 + .../CsignalFunctionsUsed_shared.qll | 20 + .../CsignalTypesUsed_shared.qll | 20 + .../CstdioFunctionsUsed_shared.qll | 36 + .../CstdioMacrosUsed_shared.qll | 20 + .../CstdioTypesUsed_shared.qll | 25 + ...tConsideredForUnqualifiedLookup_shared.qll | 67 + ...ptyThrowOnlyWithinACatchHandler_shared.qll | 17 + ...NotDefinedWithAnExplicitUnderlyingType.qll | 15 + ...nedWithAnExplicitUnderlyingType_shared.qll | 19 + .../ExceptionObjectHavePointerType_shared.qll | 18 + ...rencesAndForwardNotUsedTogether_shared.qll | 29 + .../FunctionLikeMacrosDefined_shared.qll | 30 + ...elvesEitherDirectlyOrIndirectly_shared.qll | 35 + ...nTemplatesExplicitlySpecialized_shared.qll | 20 + .../GlobalNamespaceDeclarations_shared.qll | 21 + ...alSizedOperatorDeleteNotDefined_shared.qll | 22 + ...UnsizedOperatorDeleteNotDefined_shared.qll | 22 + ...ferenceALabelInSurroundingBlock_shared.qll | 59 + .../GotoStatementShouldNotBeUsed_shared.qll | 17 + ...tedNonOverridableMemberFunction_shared.qll | 56 + ...eritedOverridableMemberFunction_shared.qll | 54 + ...InitializeAllVirtualBaseClasses_shared.qll | 44 + ...ConstructorIsTheOnlyConstructor_shared.qll | 65 + .../LineSplicingUsedInComments_shared.qll | 17 + .../LoopCompoundCondition_shared.qll | 17 + ...LowercaseLStartsInLiteralSuffix_shared.qll | 18 + .../MacroOffsetofUsed_shared.qll | 15 + .../MacroParameterFollowingHash_shared.qll | 22 + ...ationsNotSequencedAppropriately_shared.qll | 251 ++++ ...ltipleGlobalOrMemberDeclarators_shared.qll | 65 + .../MultipleLocalDeclarators_shared.qll | 19 + ...dBitFieldsWithSignedIntegerType_shared.qll | 19 + ...ReferredUsingAQualifiedIdOrThis_shared.qll | 35 + ...redUsingAQualifiedIdOrThisAudit_shared.qll | 36 + ...onShouldNotPropagateToTheCaller_shared.qll | 38 + .../NonGlobalFunctionMain_shared.qll | 18 + .../NonTerminatedEscapeSequences_shared.qll | 42 + .../NonUniqueEnumerationConstant_shared.qll | 36 + ...nlyFormOfTheNullPointerConstant_shared.qll | 26 + ...UsedFromConstructorOrDestructor_shared.qll | 91 ++ ...pecifyDifferentDefaultArguments_shared.qll | 37 + ...ualPointerOnlyComparesToNullptr_shared.qll | 32 + .../ReinterpretCastUsed_shared.qll | 15 + ...signmentOperatorShouldNotBeUsed_shared.qll | 17 + ...PointerToAutomaticLocalVariable_shared.qll | 36 + .../SwitchCompoundCondition_shared.qll | 44 + ...iteralsNotAppropriatelySuffixed_shared.qll | 30 + ...rationWithConstantOperandsWraps_shared.qll | 32 + .../UseOfNonZeroOctalLiteral_shared.qll | 18 + ...rShouldNotBeSpecializedWithBool_shared.qll | 33 + ...ndNonVirtualClassInTheHierarchy_shared.qll | 38 + .../test/includes/standard-library/assert.h | 1 + .../test/includes/standard-library/ctime | 40 +- .../test/includes/standard-library/locale.h | 36 +- .../test/includes/standard-library/stddef.h | 6 + .../test/includes/standard-library/stdlib.h | 2 + .../test/includes/standard-library/string.h | 2 + .../test/includes/standard-library/time.h | 32 + ...dressOfOperatorOverloaded_shared.expected} | 0 .../AddressOfOperatorOverloaded_shared.ql | 4 + .../test.cpp | 0 ...ArgumentSubjectToExpansion_shared.expected | 2 + ...eMacroArgumentSubjectToExpansion_shared.ql | 5 + .../test.cpp | 3 +- ...onArgumentDecayToAPointer_shared.expected} | 0 ...sFunctionArgumentDecayToAPointer_shared.ql | 6 + .../test.cpp | 0 .../AsmDeclarationUsed_shared.expected} | 0 .../AsmDeclarationUsed_shared.ql | 4 + .../rules/asmdeclarationused_shared}/test.cpp | 0 .../AtofAtoiAtolAndAtollUsed_shared.expected | 4 + .../AtofAtoiAtolAndAtollUsed_shared.ql | 4 + .../atofatoiatolandatollused_shared/test.cpp | 4 +- .../BackslashCharacterMisuse_shared.expected} | 0 .../BackslashCharacterMisuse_shared.ql | 4 + .../backslashcharactermisuse_shared}/test.cpp | 0 ...ShallHaveAnAppropriateType_shared.expected | 4 + ...tFieldShallHaveAnAppropriateType_shared.ql | 4 + .../test.cpp | 18 + ...pliedToUnsignedExpression_shared.expected} | 0 ...ratorAppliedToUnsignedExpression_shared.ql | 6 + .../test.cpp | 0 ...rToFunctionAndAnyOtherType_shared.expected | 2 + ...PointerToFunctionAndAnyOtherType_shared.ql | 6 + .../test.cpp | 1 + ...eUsedWithinACStyleComment_shared.expected} | 0 ...SequenceUsedWithinACStyleComment_shared.ql | 5 + .../test.cpp | 0 .../ConstLikeReturnValue.expected | 20 + .../ConstLikeReturnValue.ql | 4 + .../test/rules/constlikereturnvalue/test.cpp | 96 ++ ...ShallHandleSelfAssignment_shared.expected} | 0 ...gnmentsShallHandleSelfAssignment_shared.ql | 6 + .../test.cpp | 0 .../CsignalFunctionsUsed_shared.expected} | 0 .../CsignalFunctionsUsed_shared.ql | 4 + .../csignalfunctionsused_shared}/test.cpp | 0 .../CsignalTypesUsed_shared.expected} | 0 .../CsignalTypesUsed_shared.ql | 4 + .../rules/csignaltypesused_shared/test.cpp | 13 + .../CstdioFunctionsUsed_shared.expected} | 0 .../CstdioFunctionsUsed_shared.ql | 4 + .../cstdiofunctionsused_shared}/test.cpp | 0 .../CstdioMacrosUsed_shared.expected} | 0 .../CstdioMacrosUsed_shared.ql | 4 + .../rules/cstdiomacrosused_shared/test.cpp | 61 + .../CstdioTypesUsed_shared.expected} | 0 .../CstdioTypesUsed_shared.ql | 4 + .../rules/cstdiotypesused_shared/test.cpp | 61 + ...deredForUnqualifiedLookup_shared.expected} | 0 ...otConsideredForUnqualifiedLookup_shared.ql | 5 + .../test.cpp | 0 ...owOnlyWithinACatchHandler_shared.expected} | 0 ...mptyThrowOnlyWithinACatchHandler_shared.ql | 4 + .../test.cpp | 0 ...hAnExplicitUnderlyingType_shared.expected} | 0 ...inedWithAnExplicitUnderlyingType_shared.ql | 6 + .../test.cpp | 0 ...tionObjectHavePointerType_shared.expected} | 0 .../ExceptionObjectHavePointerType_shared.ql | 4 + .../test.cpp | 0 ...AndForwardNotUsedTogether_shared.expected} | 0 ...erencesAndForwardNotUsedTogether_shared.ql | 6 + .../test.cpp | 0 .../FunctionLikeMacrosDefined_shared.expected | 2 + .../FunctionLikeMacrosDefined_shared.ql | 4 + .../functionlikemacrosdefined_shared/test.cpp | 42 + ...itherDirectlyOrIndirectly_shared.expected} | 0 ...selvesEitherDirectlyOrIndirectly_shared.ql | 6 + .../test.cpp | 0 ...atesExplicitlySpecialized_shared.expected} | 0 ...onTemplatesExplicitlySpecialized_shared.ql | 4 + .../test.cpp | 0 ...obalNamespaceDeclarations_shared.expected} | 0 .../GlobalNamespaceDeclarations_shared.ql | 4 + .../test.cpp | 0 ...dOperatorDeleteNotDefined_shared.expected} | 0 ...balSizedOperatorDeleteNotDefined_shared.ql | 4 + .../test.cpp | 0 ...edOperatorDeleteNotDefined_shared.expected | 0 ...lUnsizedOperatorDeleteNotDefined_shared.ql | 4 + .../test.cpp | 3 + ...ceALabelInSurroundingBlock_shared.expected | 2 + ...eferenceALabelInSurroundingBlock_shared.ql | 4 + .../test.cpp | 87 ++ .../GotoStatementCondition.expected | 8 +- .../rules/gotostatementcondition/test.cpp | 2 + ...toStatementShouldNotBeUsed_shared.expected | 1 + .../GotoStatementShouldNotBeUsed_shared.ql | 4 + .../test.cpp | 11 + ...OverridableMemberFunction_shared.expected} | 0 ...itedNonOverridableMemberFunction_shared.ql | 5 + .../test.cpp | 94 ++ ...OverridableMemberFunction_shared.expected} | 0 ...heritedOverridableMemberFunction_shared.ql | 5 + .../test.cpp | 94 ++ ...lizeAllVirtualBaseClasses_shared.expected} | 0 .../InitializeAllVirtualBaseClasses_shared.ql | 4 + .../test.cpp | 0 ...uctorIsTheOnlyConstructor_shared.expected} | 0 ...tConstructorIsTheOnlyConstructor_shared.ql | 6 + .../test.cpp | 0 .../InvalidatedEnvStringPointers.expected | 6 + .../InvalidatedEnvStringPointers.ql | 4 + .../invalidatedenvstringpointers/test.cpp | 209 +++ .../InvalidatedEnvStringPointersWarn.expected | 2 + .../InvalidatedEnvStringPointersWarn.ql | 4 + .../invalidatedenvstringpointerswarn/test.cpp | 21 + ...ineSplicingUsedInComments_shared.expected} | 0 .../LineSplicingUsedInComments_shared.ql | 4 + .../test.cpp | 0 .../LoopCompoundCondition_shared.expected} | 0 .../LoopCompoundCondition_shared.ql | 4 + .../loopcompoundcondition_shared}/test.cpp | 0 ...caseLStartsInLiteralSuffix_shared.expected | 16 + .../LowercaseLStartsInLiteralSuffix_shared.ql | 4 + .../README.md | 0 .../test.cpp | 4 +- .../MacroOffsetofUsed.expected | 0 .../MacroOffsetofUsed.expected.gcc | 0 .../MacroOffsetofUsed.expected.qcc | 0 .../MacroOffsetofUsed_shared.expected | 1 + .../MacroOffsetofUsed_shared.ql | 4 + .../rules/macrooffsetofused_shared}/test.cpp | 0 ...acroParameterFollowingHash_shared.expected | 1 + .../MacroParameterFollowingHash_shared.ql | 4 + .../test.cpp | 2 + ...sNotSequencedAppropriately_shared.expected | 6 + ...rationsNotSequencedAppropriately_shared.ql | 5 + .../test.cpp | 4 +- ...GlobalOrMemberDeclarators_shared.expected} | 0 ...ultipleGlobalOrMemberDeclarators_shared.ql | 4 + .../test.cpp | 0 .../MultipleLocalDeclarators_shared.expected} | 0 .../MultipleLocalDeclarators_shared.ql | 4 + .../multiplelocaldeclarators_shared/test.cpp | 24 + ...ieldsWithSignedIntegerType_shared.expected | 5 + ...edBitFieldsWithSignedIntegerType_shared.ql | 4 + .../test.cpp | 11 + ...edUsingAQualifiedIdOrThis_shared.expected} | 0 ...tReferredUsingAQualifiedIdOrThis_shared.ql | 4 + .../test.cpp | 0 ...ngAQualifiedIdOrThisAudit_shared.expected} | 0 ...rredUsingAQualifiedIdOrThisAudit_shared.ql | 5 + .../test.cpp | 87 ++ ...ldNotPropagateToTheCaller_shared.expected} | 12 +- ...ionShouldNotPropagateToTheCaller_shared.ql | 6 + .../test.cpp | 0 .../NonGlobalFunctionMain_shared.expected} | 0 .../NonGlobalFunctionMain_shared.ql | 4 + .../nonglobalfunctionmain_shared}/test.cpp | 0 ...nTerminatedEscapeSequences_shared.expected | 21 + .../NonTerminatedEscapeSequences_shared.ql | 4 + .../test.cpp | 28 + ...nUniqueEnumerationConstant_shared.expected | 1 + .../NonUniqueEnumerationConstant_shared.ql | 4 + .../test.cpp | 6 + ...mOfTheNullPointerConstant_shared.expected} | 0 ...NullPointerConstant_shared.expected.clang} | 0 ...heNullPointerConstant_shared.expected.gcc} | 0 ...heNullPointerConstant_shared.expected.qcc} | 0 ...OnlyFormOfTheNullPointerConstant_shared.ql | 6 + .../test.cpp | 0 .../test.cpp.clang | 0 .../test.cpp.gcc | 0 .../test.cpp.qcc | 0 ...omConstructorOrDestructor_shared.expected} | 0 ...eUsedFromConstructorOrDestructor_shared.ql | 6 + .../test.cpp | 0 ...yDifferentDefaultArguments_shared.expected | 2 + ...SpecifyDifferentDefaultArguments_shared.ql | 6 + .../test.cpp | 0 ...nterOnlyComparesToNullptr_shared.expected} | 4 +- ...tualPointerOnlyComparesToNullptr_shared.ql | 6 + .../test.cpp | 0 .../ReinterpretCastUsed_shared.expected} | 0 .../ReinterpretCastUsed_shared.ql | 4 + .../reinterpretcastused_shared}/test.cpp | 0 ...entOperatorShouldNotBeUsed_shared.expected | 3 + ...ssignmentOperatorShouldNotBeUsed_shared.ql | 5 + .../test.cpp | 2 + ...rToAutomaticLocalVariable_shared.expected} | 0 ...rPointerToAutomaticLocalVariable_shared.ql | 6 + .../test.cpp | 0 .../SwitchCompoundCondition_shared.expected} | 0 .../SwitchCompoundCondition_shared.ql | 4 + .../switchcompoundcondition_shared/test.cpp | 56 + ...sNotAppropriatelySuffixed_shared.expected} | 0 ...LiteralsNotAppropriatelySuffixed_shared.ql | 6 + .../test.cpp | 0 ...nWithConstantOperandsWraps_shared.expected | 4 + ...erationWithConstantOperandsWraps_shared.ql | 5 + .../test.cpp | 3 + .../UseOfNonZeroOctalLiteral_shared.expected} | 0 .../UseOfNonZeroOctalLiteral_shared.ql | 4 + .../useofnonzerooctalliteral_shared}/test.cpp | 0 ...dNotBeSpecializedWithBool_shared.expected} | 0 ...BeSpecializedWithBool_shared.expected.qcc} | 0 ...orShouldNotBeSpecializedWithBool_shared.ql | 4 + .../test.cpp | 0 ...irtualClassInTheHierarchy_shared.expected} | 0 ...AndNonVirtualClassInTheHierarchy_shared.ql | 4 + .../test.cpp | 0 ...oveAssignmentsShallHandleSelfAssignment.ql | 23 + .../UseSingleGlobalOrMemberDeclarators.ql | 24 + .../RULE-10-0-1/UseSingleLocalDeclarators.ql | 24 + ...nNotDefinedWithAnExplicitUnderlyingType.ql | 22 + .../AsmDeclarationShallNotBeUsed.ql | 22 + .../NonUniqueEnumerationConstant.ql | 23 + .../BitFieldShallHaveAnAppropriateType.ql | 22 + ...IntegerNamedBitFieldHaveALengthOfOneBit.ql | 22 + ...VirtualAndNonVirtualClassInTheHierarchy.ql | 23 + ...ngShallSpecifyDifferentDefaultArguments.ql | 23 + ...allyVirtualPointerOnlyComparesToNullptr.ql | 23 + ...amicTypeUsedFromConstructorOrDestructor.ql | 23 + .../InitializeAllVirtualBaseClasses.ql | 23 + ...izerListConstructorIsTheOnlyConstructor.ql | 23 + .../AddressOfOperatorOverloaded.ql | 22 + .../FunctionTemplatesExplicitlySpecialized.ql | 22 + .../ExceptionObjectHavePointerType.ql | 22 + .../EmptyThrowOnlyWithinACatchHandler.ql | 22 + ...ptFunctionShouldNotPropagateToTheCaller.ql | 23 + .../RULE-19-0-2/FunctionLikeMacrosDefined.ql | 22 + .../MacroParameterFollowingHash.ql | 23 + ...MixedUseMacroArgumentSubjectToExpansion.ql | 23 + .../RULE-21-10-3/CsignalFacilitiesUsed.ql | 24 + .../CsignalTypesShallNotBeUsed.ql | 24 + .../RULE-21-2-1/AtofAtoiAtolAndAtollUsed.ql | 22 + .../MacroOffsetofShallNotBeUsed.ql | 22 + ...GlobalSizedOperatorDeleteShallBeDefined.ql | 24 + ...obalUnsizedOperatorDeleteShallBeDefined.ql | 24 + .../VectorShouldNotBeSpecializedWithBool.ql | 22 + ...dingReferencesAndForwardNotUsedTogether.ql | 22 + .../CstdioFunctionsShallNotBeUsed.ql | 24 + .../RULE-30-0-1/CstdioMacrosShallNotBeUsed.ql | 24 + .../RULE-30-0-1/CstdioTypesShallNotBeUsed.ql | 24 + ...moryOperationsNotSequencedAppropriately.ql | 22 + .../RULE-5-13-1/BackslashCharacterMisuse.ql | 23 + .../NonTerminatedEscapeSequences.ql | 23 + .../rules/RULE-5-13-3/OctalConstantsUsed.ql | 22 + ...IntegerLiteralsNotAppropriatelySuffixed.ql | 22 + .../LowercaseLStartsInLiteralSuffix.ql | 23 + ...aracterSequenceUsedWithinACStyleComment.ql | 22 + .../RULE-5-7-3/LineSplicingUsedInComments.ql | 22 + .../RULE-6-0-3/GlobalNamespaceDeclarations.ql | 23 + .../rules/RULE-6-0-4/NonGlobalFunctionMain.ql | 23 + ...onShallBeConsideredForUnqualifiedLookup.ql | 26 + .../InheritedNonOverridableMemberFunction.ql | 24 + .../InheritedOverridableMemberFunction.ql | 24 + ...eShallBeReferredUsingAQualifiedIdOrThis.ql | 25 + ...lBeReferredUsingAQualifiedIdOrThisAudit.ql | 25 + ...erenceOrPointerToAutomaticLocalVariable.ql | 23 + ...rNotTheOnlyFormOfTheNullPointerConstant.ql | 22 + ...PassedAsFunctionArgumentDecayToAPointer.ql | 22 + ...ltOfAnAssignmentOperatorShouldNotBeUsed.ql | 22 + .../CommaOperatorShouldNotBeUsed.ql | 22 + ...allThemselvesEitherDirectlyOrIndirectly.ql | 22 + ...etweenAPointerToFunctionAndAnyOtherType.ql | 22 + .../ReinterpretCastShallNotBeUsed.ql | 22 + ...ignedOperationWithConstantOperandsWraps.ql | 22 + ...naryOperatorAppliedToUnsignedExpression.ql | 23 + .../RULE-9-3-1/LoopBodyCompoundCondition.ql | 25 + .../RULE-9-3-1/SwitchBodyCompoundCondition.ql | 25 + .../GotoStatementShouldNotBeUsed.ql | 22 + .../GotoReferenceALabelInSurroundingBlock.ql | 22 + ...signmentsShallHandleSelfAssignment.testref | 1 + .../MultipleGlobalOrMemberDeclarators.testref | 1 + .../MultipleLocalDeclarators.testref | 1 + ...UseSingleGlobalOrMemberDeclarators.testref | 1 + .../UseSingleLocalDeclarators.testref | 1 + ...efinedWithAnExplicitUnderlyingType.testref | 1 + .../AsmDeclarationShallNotBeUsed.testref | 1 + .../NonUniqueEnumerationConstant.testref | 1 + ...BitFieldShallHaveAnAppropriateType.testref | 1 + ...erNamedBitFieldHaveALengthOfOneBit.testref | 1 + ...alAndNonVirtualClassInTheHierarchy.testref | 1 + ...llSpecifyDifferentDefaultArguments.testref | 1 + ...irtualPointerOnlyComparesToNullptr.testref | 1 + ...ypeUsedFromConstructorOrDestructor.testref | 1 + .../InitializeAllVirtualBaseClasses.testref | 1 + ...istConstructorIsTheOnlyConstructor.testref | 1 + .../AddressOfOperatorOverloaded.testref | 1 + ...tionTemplatesExplicitlySpecialized.testref | 1 + .../ExceptionObjectHavePointerType.testref | 1 + .../EmptyThrowOnlyWithinACatchHandler.testref | 1 + ...ctionShouldNotPropagateToTheCaller.testref | 1 + .../FunctionLikeMacrosDefined.testref | 1 + .../MacroParameterFollowingHash.testref | 1 + ...UseMacroArgumentSubjectToExpansion.testref | 1 + .../CsignalFacilitiesUsed.testref | 1 + .../CsignalTypesShallNotBeUsed.testref | 1 + .../RULE-21-10-3/CsignalTypesUsed.testref | 1 + .../AtofAtoiAtolAndAtollUsed.testref | 1 + .../MacroOffsetofShallNotBeUsed.testref | 1 + ...lSizedOperatorDeleteShallBeDefined.testref | 1 + ...nsizedOperatorDeleteShallBeDefined.testref | 1 + ...ctorShouldNotBeSpecializedWithBool.testref | 1 + ...eferencesAndForwardNotUsedTogether.testref | 1 + .../CstdioFunctionsShallNotBeUsed.testref | 1 + .../CstdioMacrosShallNotBeUsed.testref | 1 + .../CstdioTypesShallNotBeUsed.testref | 1 + ...perationsNotSequencedAppropriately.testref | 1 + .../BackslashCharacterMisuse.testref | 1 + .../NonTerminatedEscapeSequences.testref | 1 + .../RULE-5-13-3/OctalConstantsUsed.testref | 1 + ...erLiteralsNotAppropriatelySuffixed.testref | 1 + .../LowercaseLStartsInLiteralSuffix.testref | 1 + ...erSequenceUsedWithinACStyleComment.testref | 1 + .../LineSplicingUsedInComments.testref | 1 + .../GlobalNamespaceDeclarations.testref | 1 + .../RULE-6-0-4/NonGlobalFunctionMain.testref | 1 + ...llBeConsideredForUnqualifiedLookup.testref | 1 + ...eritedNonOverridableMemberFunction.testref | 1 + ...InheritedOverridableMemberFunction.testref | 1 + ...lBeReferredUsingAQualifiedIdOrThis.testref | 1 + ...ferredUsingAQualifiedIdOrThisAudit.testref | 1 + ...eOrPointerToAutomaticLocalVariable.testref | 1 + ...heOnlyFormOfTheNullPointerConstant.testref | 1 + ...dAsFunctionArgumentDecayToAPointer.testref | 1 + ...nAssignmentOperatorShouldNotBeUsed.testref | 1 + .../CommaOperatorShouldNotBeUsed.testref | 1 + ...emselvesEitherDirectlyOrIndirectly.testref | 1 + ...nAPointerToFunctionAndAnyOtherType.testref | 1 + .../ReinterpretCastShallNotBeUsed.testref | 1 + ...OperationWithConstantOperandsWraps.testref | 1 + ...peratorAppliedToUnsignedExpression.testref | 1 + .../LoopBodyCompoundCondition.testref | 1 + .../SwitchBodyCompoundCondition.testref | 1 + .../GotoStatementShouldNotBeUsed.testref | 1 + ...oReferenceALabelInSurroundingBlock.testref | 1 + rule_packages/c/Banned.json | 1 + rule_packages/c/BitfieldTypes.json | 2 + rule_packages/c/Declarations7.json | 1 + rule_packages/c/IntegerOverflow.json | 1 + rule_packages/c/Preprocessor2.json | 10 +- rule_packages/c/Preprocessor6.json | 1 + rule_packages/c/SideEffects1.json | 1 + rule_packages/c/SideEffects3.json | 1 + rule_packages/c/Statements2.json | 3 +- rule_packages/c/Statements3.json | 2 +- rule_packages/c/Statements6.json | 1 + rule_packages/c/Syntax.json | 6 +- rule_packages/cpp/BannedFunctions.json | 1 + rule_packages/cpp/BannedLibraries.json | 5 + rule_packages/cpp/BannedSyntax.json | 3 + rule_packages/cpp/BannedTypes.json | 1 + rule_packages/cpp/Comments.json | 2 + rule_packages/cpp/Conditionals.json | 2 + rule_packages/cpp/Declarations.json | 3 + rule_packages/cpp/Exceptions1.json | 3 + rule_packages/cpp/Functions.json | 4 +- rule_packages/cpp/ImportMisra23.json | 1249 +++++++++++++++++ rule_packages/cpp/Inheritance.json | 4 +- rule_packages/cpp/Initialization.json | 4 + rule_packages/cpp/Literals.json | 4 + rule_packages/cpp/MoveForward.json | 1 + rule_packages/cpp/Naming.json | 5 +- rule_packages/cpp/OperatorInvariants.json | 1 + rule_packages/cpp/Operators.json | 4 +- rule_packages/cpp/Pointers.json | 7 +- rule_packages/cpp/Representation.json | 1 + rule_packages/cpp/Scope.json | 4 + rule_packages/cpp/Templates.json | 29 +- rule_packages/cpp/VirtualFunctions.json | 3 +- rules.csv | 108 +- 730 files changed, 8787 insertions(+), 1754 deletions(-) delete mode 100644 c/cert/test/rules/INT30-C/UnsignedIntegerOperationsWrapAround.expected delete mode 100644 c/cert/test/rules/INT30-C/UnsignedIntegerOperationsWrapAround.qlref create mode 100644 c/cert/test/rules/INT30-C/UnsignedIntegerOperationsWrapAround.testref delete mode 100644 c/common/src/codingstandards/c/Literals.qll rename c/{misra/test/rules/RULE-20-12/MacroParameterUsedAsHashOperand.expected => common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.expected} (58%) create mode 100644 c/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.ql create mode 100644 c/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/test.c create mode 100644 c/common/test/rules/atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.expected create mode 100644 c/common/test/rules/atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.ql create mode 100644 c/common/test/rules/atofatoiatolandatollused_shared/test.c create mode 100644 c/common/test/rules/bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.expected create mode 100644 c/common/test/rules/bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.ql create mode 100644 c/common/test/rules/bitfieldshallhaveanappropriatetype_shared/test.c create mode 100644 c/common/test/rules/functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.expected create mode 100644 c/common/test/rules/functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.ql create mode 100644 c/common/test/rules/functionlikemacrosdefined_shared/test.c create mode 100644 c/common/test/rules/gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.expected create mode 100644 c/common/test/rules/gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.ql rename c/{misra/test/rules/RULE-15-3 => common/test/rules/gotoreferencealabelinsurroundingblock_shared}/test.c (88%) create mode 100644 c/common/test/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.expected create mode 100644 c/common/test/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.ql create mode 100644 c/common/test/rules/gotostatementshouldnotbeused_shared/test.c create mode 100644 c/common/test/rules/lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.expected create mode 100644 c/common/test/rules/lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.ql create mode 100644 c/common/test/rules/lowercaselstartsinliteralsuffix_shared/test.c create mode 100644 c/common/test/rules/macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.expected create mode 100644 c/common/test/rules/macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.ql create mode 100644 c/common/test/rules/macroparameterfollowinghash_shared/test.c create mode 100644 c/common/test/rules/memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.expected create mode 100644 c/common/test/rules/memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.ql create mode 100644 c/common/test/rules/memoryoperationsnotsequencedappropriately_shared/test.c create mode 100644 c/common/test/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.expected create mode 100644 c/common/test/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.ql create mode 100644 c/common/test/rules/namedbitfieldswithsignedintegertype_shared/test.c create mode 100644 c/common/test/rules/nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.expected create mode 100644 c/common/test/rules/nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.ql create mode 100644 c/common/test/rules/nonterminatedescapesequences_shared/test.c create mode 100644 c/common/test/rules/nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.expected create mode 100644 c/common/test/rules/nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.ql rename c/{misra/test/rules/RULE-8-12 => common/test/rules/nonuniqueenumerationconstant_shared}/test.c (62%) create mode 100644 c/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.expected create mode 100644 c/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql create mode 100644 c/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/test.c create mode 100644 c/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.expected create mode 100644 c/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.ql create mode 100644 c/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/test.c create mode 100644 c/misra/test/rules/DIR-4-9/FunctionOverFunctionLikeMacro.testref delete mode 100644 c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.expected delete mode 100644 c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.qlref create mode 100644 c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.testref delete mode 100644 c/misra/test/rules/RULE-13-4/ResultOfAnAssignmentOperatorShouldNotBeUsed.expected delete mode 100644 c/misra/test/rules/RULE-13-4/ResultOfAnAssignmentOperatorShouldNotBeUsed.qlref create mode 100644 c/misra/test/rules/RULE-13-4/ResultOfAnAssignmentOperatorShouldNotBeUsed.testref delete mode 100644 c/misra/test/rules/RULE-15-1/GotoStatementUsed.expected delete mode 100644 c/misra/test/rules/RULE-15-1/GotoStatementUsed.qlref create mode 100644 c/misra/test/rules/RULE-15-1/GotoStatementUsed.testref delete mode 100644 c/misra/test/rules/RULE-15-1/test.c delete mode 100644 c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.expected delete mode 100644 c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.qlref create mode 100644 c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.testref delete mode 100644 c/misra/test/rules/RULE-20-11/MoreThanOneHashOperatorInMacroDefinition.expected delete mode 100644 c/misra/test/rules/RULE-20-11/MoreThanOneHashOperatorInMacroDefinition.qlref create mode 100644 c/misra/test/rules/RULE-20-11/MoreThanOneHashOperatorInMacroDefinition.testref delete mode 100644 c/misra/test/rules/RULE-20-12/MacroParameterUsedAsHashOperand.qlref create mode 100644 c/misra/test/rules/RULE-20-12/MacroParameterUsedAsHashOperand.testref delete mode 100644 c/misra/test/rules/RULE-21-7/AtofAtoiAtolAndAtollOfStdlibhUsed.expected delete mode 100644 c/misra/test/rules/RULE-21-7/AtofAtoiAtolAndAtollOfStdlibhUsed.qlref create mode 100644 c/misra/test/rules/RULE-21-7/AtofAtoiAtolAndAtollOfStdlibhUsed.testref delete mode 100644 c/misra/test/rules/RULE-4-1/OctalAndHexadecimalEscapeSequencesNotTerminated.expected delete mode 100644 c/misra/test/rules/RULE-4-1/OctalAndHexadecimalEscapeSequencesNotTerminated.qlref create mode 100644 c/misra/test/rules/RULE-4-1/OctalAndHexadecimalEscapeSequencesNotTerminated.testref create mode 100644 c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.testref delete mode 100644 c/misra/test/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.expected delete mode 100644 c/misra/test/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.qlref create mode 100644 c/misra/test/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.testref delete mode 100644 c/misra/test/rules/RULE-7-3/LowercaseCharacterLUsedInLiteralSuffix.expected delete mode 100644 c/misra/test/rules/RULE-7-3/LowercaseCharacterLUsedInLiteralSuffix.qlref create mode 100644 c/misra/test/rules/RULE-7-3/LowercaseCharacterLUsedInLiteralSuffix.testref delete mode 100644 c/misra/test/rules/RULE-7-3/cpp/LowercaseCharacterLUsedInLiteralSuffix.qlref delete mode 100644 c/misra/test/rules/RULE-7-3/cpp/options delete mode 100644 c/misra/test/rules/RULE-7-3/cpp/test.cpp delete mode 100644 c/misra/test/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.expected delete mode 100644 c/misra/test/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.qlref create mode 100644 c/misra/test/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.testref delete mode 100644 cpp/autosar/src/rules/A5-10-1/PointerToMemberVirtualFunctionWithNullPointerConstant.ql create mode 100644 cpp/autosar/src/rules/A5-10-1/VirtualPointerOnlyComparesToNullptrConstant.ql create mode 100644 cpp/autosar/src/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtual.ql delete mode 100644 cpp/autosar/src/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtualInHierarchy.ql create mode 100644 cpp/autosar/src/rules/M5-2-12/IdentifierPassedAsFunctionArgumentDecayToAPointer.ql delete mode 100644 cpp/autosar/src/rules/M5-2-12/IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointer.ql rename cpp/autosar/src/rules/M5-3-2/{UnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsigned.ql => UnaryMinusOperatorAppliedToAnUnsignedExpression.ql} (51%) rename cpp/autosar/src/rules/M7-3-2/{IdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMain.ql => IdentifierMainUsedForAFunctionOtherThanGlobalMain.ql} (62%) create mode 100644 cpp/autosar/src/rules/M8-3-1/VirtualFunctionParametersUseSameDefaultArguments.ql delete mode 100644 cpp/autosar/src/rules/M8-3-1/VirtualFunctionParametersUseTheSameDefaultArguments.ql delete mode 100644 cpp/autosar/test/rules/A12-1-1/ExplicitConstructorBaseClassInitialization.qlref create mode 100644 cpp/autosar/test/rules/A12-1-1/ExplicitConstructorBaseClassInitialization.testref delete mode 100644 cpp/autosar/test/rules/A12-8-5/CopyAssignmentAndAMoveHandleSelfAssignment.qlref create mode 100644 cpp/autosar/test/rules/A12-8-5/CopyAssignmentAndAMoveHandleSelfAssignment.testref delete mode 100644 cpp/autosar/test/rules/A14-8-2/ExplicitSpecializationsOfFunctionTemplatesUsed.qlref create mode 100644 cpp/autosar/test/rules/A14-8-2/ExplicitSpecializationsOfFunctionTemplatesUsed.testref delete mode 100644 cpp/autosar/test/rules/A15-1-2/PointerExceptionObject.qlref create mode 100644 cpp/autosar/test/rules/A15-1-2/PointerExceptionObject.testref delete mode 100644 cpp/autosar/test/rules/A15-4-2/NoExceptFunctionThrows.qlref create mode 100644 cpp/autosar/test/rules/A15-4-2/NoExceptFunctionThrows.testref delete mode 100644 cpp/autosar/test/rules/A18-1-2/VectorboolSpecializationUsed.qlref create mode 100644 cpp/autosar/test/rules/A18-1-2/VectorboolSpecializationUsed.testref delete mode 100644 cpp/autosar/test/rules/A18-5-4/GlobalSizedOperatorDeleteNotDefined.qlref create mode 100644 cpp/autosar/test/rules/A18-5-4/GlobalSizedOperatorDeleteNotDefined.testref delete mode 100644 cpp/autosar/test/rules/A18-5-4/GlobalUnsizedOperatorDeleteNotDefined.expected delete mode 100644 cpp/autosar/test/rules/A18-5-4/GlobalUnsizedOperatorDeleteNotDefined.qlref create mode 100644 cpp/autosar/test/rules/A18-5-4/GlobalUnsizedOperatorDeleteNotDefined.testref delete mode 100644 cpp/autosar/test/rules/A18-9-2/ForwardingValuesToOtherFunctions.qlref create mode 100644 cpp/autosar/test/rules/A18-9-2/ForwardingValuesToOtherFunctions.testref delete mode 100644 cpp/autosar/test/rules/A2-13-1/EscapeSequenceOutsideISO.qlref create mode 100644 cpp/autosar/test/rules/A2-13-1/EscapeSequenceOutsideISO.testref delete mode 100644 cpp/autosar/test/rules/A2-7-1/SingleLineCommentEndsWithSlash.qlref create mode 100644 cpp/autosar/test/rules/A2-7-1/SingleLineCommentEndsWithSlash.testref delete mode 100644 cpp/autosar/test/rules/A4-10-1/NullPointerConstantNotNullptr.qlref create mode 100644 cpp/autosar/test/rules/A4-10-1/NullPointerConstantNotNullptr.testref delete mode 100644 cpp/autosar/test/rules/A5-10-1/PointerToMemberVirtualFunctionWithNullPointerConstant.qlref create mode 100644 cpp/autosar/test/rules/A5-10-1/PointerToMemberVirtualFunctionWithNullPointerConstant.testref create mode 100644 cpp/autosar/test/rules/A5-10-1/PotentiallyVirtualPointerOnlyComparesToNullptr.testref create mode 100644 cpp/autosar/test/rules/A5-10-1/VirtualPointerOnlyComparesToNullptrConstant.testref delete mode 100644 cpp/autosar/test/rules/A5-2-4/ReinterpretCastUsed.qlref create mode 100644 cpp/autosar/test/rules/A5-2-4/ReinterpretCastUsed.testref delete mode 100644 cpp/autosar/test/rules/A6-6-1/GotoStatementUsed.expected delete mode 100644 cpp/autosar/test/rules/A6-6-1/GotoStatementUsed.qlref create mode 100644 cpp/autosar/test/rules/A6-6-1/GotoStatementUsed.testref delete mode 100644 cpp/autosar/test/rules/A6-6-1/test.cpp delete mode 100644 cpp/autosar/test/rules/A7-2-2/EnumerationUnderlyingBaseTypeNotExplicitlyDefined.qlref create mode 100644 cpp/autosar/test/rules/A7-2-2/EnumerationUnderlyingBaseTypeNotExplicitlyDefined.testref delete mode 100644 cpp/autosar/test/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.qlref create mode 100644 cpp/autosar/test/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.testref delete mode 100644 cpp/autosar/test/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.qlref create mode 100644 cpp/autosar/test/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.testref delete mode 100644 cpp/autosar/test/rules/A7-3-1/HiddenInheritedOverridableMemberFunction.qlref create mode 100644 cpp/autosar/test/rules/A7-3-1/HiddenInheritedOverridableMemberFunction.testref delete mode 100644 cpp/autosar/test/rules/A7-4-1/AsmDeclarationUsed.qlref create mode 100644 cpp/autosar/test/rules/A7-4-1/AsmDeclarationUsed.testref delete mode 100644 cpp/autosar/test/rules/A7-5-2/RecursiveFunctions.qlref create mode 100644 cpp/autosar/test/rules/A7-5-2/RecursiveFunctions.testref delete mode 100644 cpp/autosar/test/rules/A8-5-4/ConfusingUseOfInitializerListConstructors.qlref create mode 100644 cpp/autosar/test/rules/A8-5-4/ConfusingUseOfInitializerListConstructors.testref create mode 100644 cpp/autosar/test/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtual.testref delete mode 100644 cpp/autosar/test/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtualInHierarchy.qlref create mode 100644 cpp/autosar/test/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtualInHierarchy.testref delete mode 100644 cpp/autosar/test/rules/M12-1-1/DynamicTypeOfThisUsedFromConstructorOrDestructor.qlref create mode 100644 cpp/autosar/test/rules/M12-1-1/DynamicTypeOfThisUsedFromConstructorOrDestructor.testref delete mode 100644 cpp/autosar/test/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.qlref create mode 100644 cpp/autosar/test/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.testref delete mode 100644 cpp/autosar/test/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.qlref create mode 100644 cpp/autosar/test/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.testref delete mode 100644 cpp/autosar/test/rules/M15-1-3/EmptyThrowOutsideCatch.qlref create mode 100644 cpp/autosar/test/rules/M15-1-3/EmptyThrowOutsideCatch.testref delete mode 100644 cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.qlref create mode 100644 cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.testref delete mode 100644 cpp/autosar/test/rules/M18-7-1/CsignalFunctionsUsed.qlref create mode 100644 cpp/autosar/test/rules/M18-7-1/CsignalFunctionsUsed.testref delete mode 100644 cpp/autosar/test/rules/M18-7-1/CsignalTypesUsed.qlref create mode 100644 cpp/autosar/test/rules/M18-7-1/CsignalTypesUsed.testref delete mode 100644 cpp/autosar/test/rules/M2-13-2/UseOfNonZeroOctalEscape.expected delete mode 100644 cpp/autosar/test/rules/M2-13-2/UseOfNonZeroOctalEscape.qlref delete mode 100644 cpp/autosar/test/rules/M2-13-2/UseOfNonZeroOctalLiteral.qlref create mode 100644 cpp/autosar/test/rules/M2-13-2/UseOfNonZeroOctalLiteral.testref delete mode 100644 cpp/autosar/test/rules/M2-13-3/MissingUSuffix.qlref create mode 100644 cpp/autosar/test/rules/M2-13-3/MissingUSuffix.testref delete mode 100644 cpp/autosar/test/rules/M2-7-1/SlashStarUsedWithinACStyleComment.qlref create mode 100644 cpp/autosar/test/rules/M2-7-1/SlashStarUsedWithinACStyleComment.testref delete mode 100644 cpp/autosar/test/rules/M27-0-1/CstdioFunctionsUsed.qlref create mode 100644 cpp/autosar/test/rules/M27-0-1/CstdioFunctionsUsed.testref delete mode 100644 cpp/autosar/test/rules/M27-0-1/CstdioMacrosUsed.qlref create mode 100644 cpp/autosar/test/rules/M27-0-1/CstdioMacrosUsed.testref delete mode 100644 cpp/autosar/test/rules/M27-0-1/CstdioTypesUsed.qlref create mode 100644 cpp/autosar/test/rules/M27-0-1/CstdioTypesUsed.testref create mode 100644 cpp/autosar/test/rules/M5-2-12/IdentifierPassedAsFunctionArgumentDecayToAPointer.testref delete mode 100644 cpp/autosar/test/rules/M5-2-12/IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointer.qlref delete mode 100644 cpp/autosar/test/rules/M5-2-6/CastNotConvertPointerToFunction.expected delete mode 100644 cpp/autosar/test/rules/M5-2-6/CastNotConvertPointerToFunction.qlref create mode 100644 cpp/autosar/test/rules/M5-2-6/CastNotConvertPointerToFunction.testref delete mode 100644 cpp/autosar/test/rules/M5-3-2/UnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsigned.qlref create mode 100644 cpp/autosar/test/rules/M5-3-2/UnaryMinusOperatorAppliedToAnUnsignedExpression.testref delete mode 100644 cpp/autosar/test/rules/M5-3-3/UnaryOperatorOverloaded.qlref create mode 100644 cpp/autosar/test/rules/M5-3-3/UnaryOperatorOverloaded.testref delete mode 100644 cpp/autosar/test/rules/M6-3-1/LoopCompoundCondition.qlref create mode 100644 cpp/autosar/test/rules/M6-3-1/LoopCompoundCondition.testref delete mode 100644 cpp/autosar/test/rules/M6-3-1/SwitchCompoundCondition.qlref create mode 100644 cpp/autosar/test/rules/M6-3-1/SwitchCompoundCondition.testref create mode 100644 cpp/autosar/test/rules/M7-3-1/GlobalNamespaceMembershipViolation.testref create mode 100644 cpp/autosar/test/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanGlobalMain.testref delete mode 100644 cpp/autosar/test/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMain.qlref create mode 100644 cpp/autosar/test/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMain.testref delete mode 100644 cpp/autosar/test/rules/M7-5-1/FunctionReturnAutomaticVarCondition.qlref create mode 100644 cpp/autosar/test/rules/M7-5-1/FunctionReturnAutomaticVarCondition.testref delete mode 100644 cpp/autosar/test/rules/M8-0-1/MultipleGlobalOrMemberDeclarators.qlref create mode 100644 cpp/autosar/test/rules/M8-0-1/MultipleGlobalOrMemberDeclarators.testref delete mode 100644 cpp/autosar/test/rules/M8-0-1/MultipleLocalDeclarators.qlref create mode 100644 cpp/autosar/test/rules/M8-0-1/MultipleLocalDeclarators.testref create mode 100644 cpp/autosar/test/rules/M8-3-1/VirtualFunctionParametersUseSameDefaultArguments.testref delete mode 100644 cpp/autosar/test/rules/M8-3-1/VirtualFunctionParametersUseTheSameDefaultArguments.expected delete mode 100644 cpp/autosar/test/rules/M8-3-1/VirtualFunctionParametersUseTheSameDefaultArguments.qlref create mode 100644 cpp/autosar/test/rules/M8-3-1/VirtualFunctionParametersUseTheSameDefaultArguments.testref delete mode 100644 cpp/autosar/test/rules/M9-6-4/NamedBitFieldsWithSignedIntegerTypeShallHaveALengthOfMoreThanOneBit.expected delete mode 100644 cpp/autosar/test/rules/M9-6-4/NamedBitFieldsWithSignedIntegerTypeShallHaveALengthOfMoreThanOneBit.qlref create mode 100644 cpp/autosar/test/rules/M9-6-4/NamedBitFieldsWithSignedIntegerTypeShallHaveALengthOfMoreThanOneBit.testref delete mode 100644 cpp/autosar/test/rules/M9-6-4/test.cpp rename c/common/src/codingstandards/c/Expr.qll => cpp/common/src/codingstandards/cpp/CExpr.qll (100%) rename c/common/src/codingstandards/c/Ordering.qll => cpp/common/src/codingstandards/cpp/COrdering.qll (99%) rename {c/common/src/codingstandards/c => cpp/common/src/codingstandards/cpp}/IrreplaceableFunctionLikeMacro.qll (100%) rename cpp/{autosar/src/rules/M14-6-1 => common/src/codingstandards/cpp}/NameInDependentBase.qll (99%) rename cpp/{autosar/src/rules/A18-5-4 => common/src/codingstandards/cpp}/OperatorDelete.qll (96%) rename {c/common/src/codingstandards/c => cpp/common/src/codingstandards/cpp}/SideEffects.qll (100%) create mode 100644 cpp/common/src/codingstandards/cpp/rules/addressofoperatoroverloaded_shared/AddressOfOperatorOverloaded_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/arraypassedasfunctionargumentdecaytoapointer_shared/ArrayPassedAsFunctionArgumentDecayToAPointer_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/asmdeclarationused_shared/AsmDeclarationUsed_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/backslashcharactermisuse_shared/BackslashCharacterMisuse_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/builtinunaryoperatorappliedtounsignedexpression_shared/BuiltInUnaryOperatorAppliedToUnsignedExpression_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/castsbetweenapointertofunctionandanyothertype_shared/CastsBetweenAPointerToFunctionAndAnyOtherType_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/charactersequenceusedwithinacstylecomment_shared/CharacterSequenceUsedWithinACStyleComment_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/copyandmoveassignmentsshallhandleselfassignment_shared/CopyAndMoveAssignmentsShallHandleSelfAssignment_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/csignalfunctionsused_shared/CsignalFunctionsUsed_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/csignaltypesused_shared/CsignalTypesUsed_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/cstdiofunctionsused_shared/CstdioFunctionsUsed_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/cstdiomacrosused_shared/CstdioMacrosUsed_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/cstdiotypesused_shared/CstdioTypesUsed_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/definitionnotconsideredforunqualifiedlookup_shared/DefinitionNotConsideredForUnqualifiedLookup_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/emptythrowonlywithinacatchhandler_shared/EmptyThrowOnlyWithinACatchHandler_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/enumerationnotdefinedwithanexplicitunderlyingtype/EnumerationNotDefinedWithAnExplicitUnderlyingType.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/enumerationnotdefinedwithanexplicitunderlyingtype_shared/EnumerationNotDefinedWithAnExplicitUnderlyingType_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/exceptionobjecthavepointertype_shared/ExceptionObjectHavePointerType_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/forwardingreferencesandforwardnotusedtogether_shared/ForwardingReferencesAndForwardNotUsedTogether_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/functionscallthemselveseitherdirectlyorindirectly_shared/FunctionsCallThemselvesEitherDirectlyOrIndirectly_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/functiontemplatesexplicitlyspecialized_shared/FunctionTemplatesExplicitlySpecialized_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/globalnamespacedeclarations_shared/GlobalNamespaceDeclarations_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/globalsizedoperatordeletenotdefined_shared/GlobalSizedOperatorDeleteNotDefined_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/globalunsizedoperatordeletenotdefined_shared/GlobalUnsizedOperatorDeleteNotDefined_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/hiddeninheritednonoverridablememberfunction_shared/HiddenInheritedNonOverridableMemberFunction_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/hiddeninheritedoverridablememberfunction_shared/HiddenInheritedOverridableMemberFunction_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/initializeallvirtualbaseclasses_shared/InitializeAllVirtualBaseClasses_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/initializerlistconstructoristheonlyconstructor_shared/InitializerListConstructorIsTheOnlyConstructor_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/linesplicingusedincomments_shared/LineSplicingUsedInComments_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/loopcompoundcondition_shared/LoopCompoundCondition_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/macrooffsetofused_shared/MacroOffsetofUsed_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/multipleglobalormemberdeclarators_shared/MultipleGlobalOrMemberDeclarators_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/multiplelocaldeclarators_shared/MultipleLocalDeclarators_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/namenotreferredusingaqualifiedidorthis_shared/NameNotReferredUsingAQualifiedIdOrThis_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/namenotreferredusingaqualifiedidorthisaudit_shared/NameNotReferredUsingAQualifiedIdOrThisAudit_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/noexceptfunctionshouldnotpropagatetothecaller_shared/NoexceptFunctionShouldNotPropagateToTheCaller_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/nonglobalfunctionmain_shared/NonGlobalFunctionMain_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/objectsdynamictypeusedfromconstructorordestructor_shared/ObjectsDynamicTypeUsedFromConstructorOrDestructor_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/overridingshallspecifydifferentdefaultarguments_shared/OverridingShallSpecifyDifferentDefaultArguments_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/potentiallyvirtualpointeronlycomparestonullptr_shared/PotentiallyVirtualPointerOnlyComparesToNullptr_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/reinterpretcastused_shared/ReinterpretCastUsed_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/returnreferenceorpointertoautomaticlocalvariable_shared/ReturnReferenceOrPointerToAutomaticLocalVariable_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/switchcompoundcondition_shared/SwitchCompoundCondition_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/unsignedintegerliteralsnotappropriatelysuffixed_shared/UnsignedIntegerLiteralsNotAppropriatelySuffixed_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/vectorshouldnotbespecializedwithbool_shared/VectorShouldNotBeSpecializedWithBool_shared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/virtualandnonvirtualclassinthehierarchy_shared/VirtualAndNonVirtualClassInTheHierarchy_shared.qll rename cpp/{autosar/test/rules/M5-3-3/UnaryOperatorOverloaded.expected => common/test/rules/addressofoperatoroverloaded_shared/AddressOfOperatorOverloaded_shared.expected} (100%) create mode 100644 cpp/common/test/rules/addressofoperatoroverloaded_shared/AddressOfOperatorOverloaded_shared.ql rename cpp/{autosar/test/rules/M5-3-3 => common/test/rules/addressofoperatoroverloaded_shared}/test.cpp (100%) create mode 100644 cpp/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.expected create mode 100644 cpp/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.ql rename c/misra/test/rules/RULE-20-12/test.c => cpp/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/test.cpp (86%) rename cpp/{autosar/test/rules/M5-2-12/IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointer.expected => common/test/rules/arraypassedasfunctionargumentdecaytoapointer_shared/ArrayPassedAsFunctionArgumentDecayToAPointer_shared.expected} (100%) create mode 100644 cpp/common/test/rules/arraypassedasfunctionargumentdecaytoapointer_shared/ArrayPassedAsFunctionArgumentDecayToAPointer_shared.ql rename cpp/{autosar/test/rules/M5-2-12 => common/test/rules/arraypassedasfunctionargumentdecaytoapointer_shared}/test.cpp (100%) rename cpp/{autosar/test/rules/A7-4-1/AsmDeclarationUsed.expected => common/test/rules/asmdeclarationused_shared/AsmDeclarationUsed_shared.expected} (100%) create mode 100644 cpp/common/test/rules/asmdeclarationused_shared/AsmDeclarationUsed_shared.ql rename cpp/{autosar/test/rules/A7-4-1 => common/test/rules/asmdeclarationused_shared}/test.cpp (100%) create mode 100644 cpp/common/test/rules/atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.expected create mode 100644 cpp/common/test/rules/atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.ql rename c/misra/test/rules/RULE-21-7/test.c => cpp/common/test/rules/atofatoiatolandatollused_shared/test.cpp (66%) rename cpp/{autosar/test/rules/A2-13-1/EscapeSequenceOutsideISO.expected => common/test/rules/backslashcharactermisuse_shared/BackslashCharacterMisuse_shared.expected} (100%) create mode 100644 cpp/common/test/rules/backslashcharactermisuse_shared/BackslashCharacterMisuse_shared.ql rename cpp/{autosar/test/rules/A2-13-1 => common/test/rules/backslashcharactermisuse_shared}/test.cpp (100%) create mode 100644 cpp/common/test/rules/bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.expected create mode 100644 cpp/common/test/rules/bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.ql create mode 100644 cpp/common/test/rules/bitfieldshallhaveanappropriatetype_shared/test.cpp rename cpp/{autosar/test/rules/M5-3-2/UnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsigned.expected => common/test/rules/builtinunaryoperatorappliedtounsignedexpression_shared/BuiltInUnaryOperatorAppliedToUnsignedExpression_shared.expected} (100%) create mode 100644 cpp/common/test/rules/builtinunaryoperatorappliedtounsignedexpression_shared/BuiltInUnaryOperatorAppliedToUnsignedExpression_shared.ql rename cpp/{autosar/test/rules/M5-3-2 => common/test/rules/builtinunaryoperatorappliedtounsignedexpression_shared}/test.cpp (100%) create mode 100644 cpp/common/test/rules/castsbetweenapointertofunctionandanyothertype_shared/CastsBetweenAPointerToFunctionAndAnyOtherType_shared.expected create mode 100644 cpp/common/test/rules/castsbetweenapointertofunctionandanyothertype_shared/CastsBetweenAPointerToFunctionAndAnyOtherType_shared.ql rename cpp/{autosar/test/rules/M5-2-6 => common/test/rules/castsbetweenapointertofunctionandanyothertype_shared}/test.cpp (99%) rename cpp/{autosar/test/rules/M2-7-1/SlashStarUsedWithinACStyleComment.expected => common/test/rules/charactersequenceusedwithinacstylecomment_shared/CharacterSequenceUsedWithinACStyleComment_shared.expected} (100%) create mode 100644 cpp/common/test/rules/charactersequenceusedwithinacstylecomment_shared/CharacterSequenceUsedWithinACStyleComment_shared.ql rename cpp/{autosar/test/rules/M2-7-1 => common/test/rules/charactersequenceusedwithinacstylecomment_shared}/test.cpp (100%) create mode 100644 cpp/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.expected create mode 100644 cpp/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.ql create mode 100644 cpp/common/test/rules/constlikereturnvalue/test.cpp rename cpp/{autosar/test/rules/A12-8-5/CopyAssignmentAndAMoveHandleSelfAssignment.expected => common/test/rules/copyandmoveassignmentsshallhandleselfassignment_shared/CopyAndMoveAssignmentsShallHandleSelfAssignment_shared.expected} (100%) create mode 100644 cpp/common/test/rules/copyandmoveassignmentsshallhandleselfassignment_shared/CopyAndMoveAssignmentsShallHandleSelfAssignment_shared.ql rename cpp/{autosar/test/rules/A12-8-5 => common/test/rules/copyandmoveassignmentsshallhandleselfassignment_shared}/test.cpp (100%) rename cpp/{autosar/test/rules/M18-7-1/CsignalFunctionsUsed.expected => common/test/rules/csignalfunctionsused_shared/CsignalFunctionsUsed_shared.expected} (100%) create mode 100644 cpp/common/test/rules/csignalfunctionsused_shared/CsignalFunctionsUsed_shared.ql rename cpp/{autosar/test/rules/M18-7-1 => common/test/rules/csignalfunctionsused_shared}/test.cpp (100%) rename cpp/{autosar/test/rules/M18-7-1/CsignalTypesUsed.expected => common/test/rules/csignaltypesused_shared/CsignalTypesUsed_shared.expected} (100%) create mode 100644 cpp/common/test/rules/csignaltypesused_shared/CsignalTypesUsed_shared.ql create mode 100644 cpp/common/test/rules/csignaltypesused_shared/test.cpp rename cpp/{autosar/test/rules/M27-0-1/CstdioFunctionsUsed.expected => common/test/rules/cstdiofunctionsused_shared/CstdioFunctionsUsed_shared.expected} (100%) create mode 100644 cpp/common/test/rules/cstdiofunctionsused_shared/CstdioFunctionsUsed_shared.ql rename cpp/{autosar/test/rules/M27-0-1 => common/test/rules/cstdiofunctionsused_shared}/test.cpp (100%) rename cpp/{autosar/test/rules/M27-0-1/CstdioMacrosUsed.expected => common/test/rules/cstdiomacrosused_shared/CstdioMacrosUsed_shared.expected} (100%) create mode 100644 cpp/common/test/rules/cstdiomacrosused_shared/CstdioMacrosUsed_shared.ql create mode 100644 cpp/common/test/rules/cstdiomacrosused_shared/test.cpp rename cpp/{autosar/test/rules/M27-0-1/CstdioTypesUsed.expected => common/test/rules/cstdiotypesused_shared/CstdioTypesUsed_shared.expected} (100%) create mode 100644 cpp/common/test/rules/cstdiotypesused_shared/CstdioTypesUsed_shared.ql create mode 100644 cpp/common/test/rules/cstdiotypesused_shared/test.cpp rename cpp/{autosar/test/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.expected => common/test/rules/definitionnotconsideredforunqualifiedlookup_shared/DefinitionNotConsideredForUnqualifiedLookup_shared.expected} (100%) create mode 100644 cpp/common/test/rules/definitionnotconsideredforunqualifiedlookup_shared/DefinitionNotConsideredForUnqualifiedLookup_shared.ql rename cpp/{autosar/test/rules/A7-3-1 => common/test/rules/definitionnotconsideredforunqualifiedlookup_shared}/test.cpp (100%) rename cpp/{autosar/test/rules/M15-1-3/EmptyThrowOutsideCatch.expected => common/test/rules/emptythrowonlywithinacatchhandler_shared/EmptyThrowOnlyWithinACatchHandler_shared.expected} (100%) create mode 100644 cpp/common/test/rules/emptythrowonlywithinacatchhandler_shared/EmptyThrowOnlyWithinACatchHandler_shared.ql rename cpp/{autosar/test/rules/M15-1-3 => common/test/rules/emptythrowonlywithinacatchhandler_shared}/test.cpp (100%) rename cpp/{autosar/test/rules/A7-2-2/EnumerationUnderlyingBaseTypeNotExplicitlyDefined.expected => common/test/rules/enumerationnotdefinedwithanexplicitunderlyingtype_shared/EnumerationNotDefinedWithAnExplicitUnderlyingType_shared.expected} (100%) create mode 100644 cpp/common/test/rules/enumerationnotdefinedwithanexplicitunderlyingtype_shared/EnumerationNotDefinedWithAnExplicitUnderlyingType_shared.ql rename cpp/{autosar/test/rules/A7-2-2 => common/test/rules/enumerationnotdefinedwithanexplicitunderlyingtype_shared}/test.cpp (100%) rename cpp/{autosar/test/rules/A15-1-2/PointerExceptionObject.expected => common/test/rules/exceptionobjecthavepointertype_shared/ExceptionObjectHavePointerType_shared.expected} (100%) create mode 100644 cpp/common/test/rules/exceptionobjecthavepointertype_shared/ExceptionObjectHavePointerType_shared.ql rename cpp/{autosar/test/rules/A15-1-2 => common/test/rules/exceptionobjecthavepointertype_shared}/test.cpp (100%) rename cpp/{autosar/test/rules/A18-9-2/ForwardingValuesToOtherFunctions.expected => common/test/rules/forwardingreferencesandforwardnotusedtogether_shared/ForwardingReferencesAndForwardNotUsedTogether_shared.expected} (100%) create mode 100644 cpp/common/test/rules/forwardingreferencesandforwardnotusedtogether_shared/ForwardingReferencesAndForwardNotUsedTogether_shared.ql rename cpp/{autosar/test/rules/A18-9-2 => common/test/rules/forwardingreferencesandforwardnotusedtogether_shared}/test.cpp (100%) create mode 100644 cpp/common/test/rules/functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.expected create mode 100644 cpp/common/test/rules/functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.ql create mode 100644 cpp/common/test/rules/functionlikemacrosdefined_shared/test.cpp rename cpp/{autosar/test/rules/A7-5-2/RecursiveFunctions.expected => common/test/rules/functionscallthemselveseitherdirectlyorindirectly_shared/FunctionsCallThemselvesEitherDirectlyOrIndirectly_shared.expected} (100%) create mode 100644 cpp/common/test/rules/functionscallthemselveseitherdirectlyorindirectly_shared/FunctionsCallThemselvesEitherDirectlyOrIndirectly_shared.ql rename cpp/{autosar/test/rules/A7-5-2 => common/test/rules/functionscallthemselveseitherdirectlyorindirectly_shared}/test.cpp (100%) rename cpp/{autosar/test/rules/A14-8-2/ExplicitSpecializationsOfFunctionTemplatesUsed.expected => common/test/rules/functiontemplatesexplicitlyspecialized_shared/FunctionTemplatesExplicitlySpecialized_shared.expected} (100%) create mode 100644 cpp/common/test/rules/functiontemplatesexplicitlyspecialized_shared/FunctionTemplatesExplicitlySpecialized_shared.ql rename cpp/{autosar/test/rules/A14-8-2 => common/test/rules/functiontemplatesexplicitlyspecialized_shared}/test.cpp (100%) rename cpp/{autosar/test/rules/M7-3-1/GlobalNamespaceMembershipViolation.expected => common/test/rules/globalnamespacedeclarations_shared/GlobalNamespaceDeclarations_shared.expected} (100%) create mode 100644 cpp/common/test/rules/globalnamespacedeclarations_shared/GlobalNamespaceDeclarations_shared.ql rename cpp/{autosar/test/rules/M7-3-1 => common/test/rules/globalnamespacedeclarations_shared}/test.cpp (100%) rename cpp/{autosar/test/rules/A18-5-4/GlobalSizedOperatorDeleteNotDefined.expected => common/test/rules/globalsizedoperatordeletenotdefined_shared/GlobalSizedOperatorDeleteNotDefined_shared.expected} (100%) create mode 100644 cpp/common/test/rules/globalsizedoperatordeletenotdefined_shared/GlobalSizedOperatorDeleteNotDefined_shared.ql rename cpp/{autosar/test/rules/A18-5-4 => common/test/rules/globalsizedoperatordeletenotdefined_shared}/test.cpp (100%) rename c/misra/test/rules/RULE-7-3/cpp/LowercaseCharacterLUsedInLiteralSuffix.expected => cpp/common/test/rules/globalunsizedoperatordeletenotdefined_shared/GlobalUnsizedOperatorDeleteNotDefined_shared.expected (100%) create mode 100644 cpp/common/test/rules/globalunsizedoperatordeletenotdefined_shared/GlobalUnsizedOperatorDeleteNotDefined_shared.ql create mode 100644 cpp/common/test/rules/globalunsizedoperatordeletenotdefined_shared/test.cpp create mode 100644 cpp/common/test/rules/gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.expected create mode 100644 cpp/common/test/rules/gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.ql create mode 100644 cpp/common/test/rules/gotoreferencealabelinsurroundingblock_shared/test.cpp create mode 100644 cpp/common/test/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.expected create mode 100644 cpp/common/test/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.ql create mode 100644 cpp/common/test/rules/gotostatementshouldnotbeused_shared/test.cpp rename cpp/{autosar/test/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.expected => common/test/rules/hiddeninheritednonoverridablememberfunction_shared/HiddenInheritedNonOverridableMemberFunction_shared.expected} (100%) create mode 100644 cpp/common/test/rules/hiddeninheritednonoverridablememberfunction_shared/HiddenInheritedNonOverridableMemberFunction_shared.ql create mode 100644 cpp/common/test/rules/hiddeninheritednonoverridablememberfunction_shared/test.cpp rename cpp/{autosar/test/rules/A7-3-1/HiddenInheritedOverridableMemberFunction.expected => common/test/rules/hiddeninheritedoverridablememberfunction_shared/HiddenInheritedOverridableMemberFunction_shared.expected} (100%) create mode 100644 cpp/common/test/rules/hiddeninheritedoverridablememberfunction_shared/HiddenInheritedOverridableMemberFunction_shared.ql create mode 100644 cpp/common/test/rules/hiddeninheritedoverridablememberfunction_shared/test.cpp rename cpp/{autosar/test/rules/A12-1-1/ExplicitConstructorBaseClassInitialization.expected => common/test/rules/initializeallvirtualbaseclasses_shared/InitializeAllVirtualBaseClasses_shared.expected} (100%) create mode 100644 cpp/common/test/rules/initializeallvirtualbaseclasses_shared/InitializeAllVirtualBaseClasses_shared.ql rename cpp/{autosar/test/rules/A12-1-1 => common/test/rules/initializeallvirtualbaseclasses_shared}/test.cpp (100%) rename cpp/{autosar/test/rules/A8-5-4/ConfusingUseOfInitializerListConstructors.expected => common/test/rules/initializerlistconstructoristheonlyconstructor_shared/InitializerListConstructorIsTheOnlyConstructor_shared.expected} (100%) create mode 100644 cpp/common/test/rules/initializerlistconstructoristheonlyconstructor_shared/InitializerListConstructorIsTheOnlyConstructor_shared.ql rename cpp/{autosar/test/rules/A8-5-4 => common/test/rules/initializerlistconstructoristheonlyconstructor_shared}/test.cpp (100%) create mode 100644 cpp/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.expected create mode 100644 cpp/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.ql create mode 100644 cpp/common/test/rules/invalidatedenvstringpointers/test.cpp create mode 100644 cpp/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.expected create mode 100644 cpp/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.ql create mode 100644 cpp/common/test/rules/invalidatedenvstringpointerswarn/test.cpp rename cpp/{autosar/test/rules/A2-7-1/SingleLineCommentEndsWithSlash.expected => common/test/rules/linesplicingusedincomments_shared/LineSplicingUsedInComments_shared.expected} (100%) create mode 100644 cpp/common/test/rules/linesplicingusedincomments_shared/LineSplicingUsedInComments_shared.ql rename cpp/{autosar/test/rules/A2-7-1 => common/test/rules/linesplicingusedincomments_shared}/test.cpp (100%) rename cpp/{autosar/test/rules/M6-3-1/LoopCompoundCondition.expected => common/test/rules/loopcompoundcondition_shared/LoopCompoundCondition_shared.expected} (100%) create mode 100644 cpp/common/test/rules/loopcompoundcondition_shared/LoopCompoundCondition_shared.ql rename cpp/{autosar/test/rules/M6-3-1 => common/test/rules/loopcompoundcondition_shared}/test.cpp (100%) create mode 100644 cpp/common/test/rules/lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.expected create mode 100644 cpp/common/test/rules/lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.ql rename {c/misra/test/rules/RULE-7-3/cpp => cpp/common/test/rules/lowercaselstartsinliteralsuffix_shared}/README.md (100%) rename c/misra/test/rules/RULE-7-3/test.c => cpp/common/test/rules/lowercaselstartsinliteralsuffix_shared/test.cpp (86%) rename cpp/{autosar/test/rules/M18-2-1 => common/test/rules/macrooffsetofused_shared}/MacroOffsetofUsed.expected (100%) rename cpp/{autosar/test/rules/M18-2-1 => common/test/rules/macrooffsetofused_shared}/MacroOffsetofUsed.expected.gcc (100%) rename cpp/{autosar/test/rules/M18-2-1 => common/test/rules/macrooffsetofused_shared}/MacroOffsetofUsed.expected.qcc (100%) create mode 100644 cpp/common/test/rules/macrooffsetofused_shared/MacroOffsetofUsed_shared.expected create mode 100644 cpp/common/test/rules/macrooffsetofused_shared/MacroOffsetofUsed_shared.ql rename cpp/{autosar/test/rules/M18-2-1 => common/test/rules/macrooffsetofused_shared}/test.cpp (100%) create mode 100644 cpp/common/test/rules/macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.expected create mode 100644 cpp/common/test/rules/macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.ql rename c/misra/test/rules/RULE-20-11/test.c => cpp/common/test/rules/macroparameterfollowinghash_shared/test.cpp (83%) create mode 100644 cpp/common/test/rules/memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.expected create mode 100644 cpp/common/test/rules/memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.ql rename c/misra/test/rules/RULE-13-2/test.c => cpp/common/test/rules/memoryoperationsnotsequencedappropriately_shared/test.cpp (86%) rename cpp/{autosar/test/rules/M8-0-1/MultipleGlobalOrMemberDeclarators.expected => common/test/rules/multipleglobalormemberdeclarators_shared/MultipleGlobalOrMemberDeclarators_shared.expected} (100%) create mode 100644 cpp/common/test/rules/multipleglobalormemberdeclarators_shared/MultipleGlobalOrMemberDeclarators_shared.ql rename cpp/{autosar/test/rules/M8-0-1 => common/test/rules/multipleglobalormemberdeclarators_shared}/test.cpp (100%) rename cpp/{autosar/test/rules/M8-0-1/MultipleLocalDeclarators.expected => common/test/rules/multiplelocaldeclarators_shared/MultipleLocalDeclarators_shared.expected} (100%) create mode 100644 cpp/common/test/rules/multiplelocaldeclarators_shared/MultipleLocalDeclarators_shared.ql create mode 100644 cpp/common/test/rules/multiplelocaldeclarators_shared/test.cpp create mode 100644 cpp/common/test/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.expected create mode 100644 cpp/common/test/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.ql rename c/misra/test/rules/RULE-6-2/test.c => cpp/common/test/rules/namedbitfieldswithsignedintegertype_shared/test.cpp (70%) rename cpp/{autosar/test/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.expected => common/test/rules/namenotreferredusingaqualifiedidorthis_shared/NameNotReferredUsingAQualifiedIdOrThis_shared.expected} (100%) create mode 100644 cpp/common/test/rules/namenotreferredusingaqualifiedidorthis_shared/NameNotReferredUsingAQualifiedIdOrThis_shared.ql rename cpp/{autosar/test/rules/M14-6-1 => common/test/rules/namenotreferredusingaqualifiedidorthis_shared}/test.cpp (100%) rename cpp/{autosar/test/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.expected => common/test/rules/namenotreferredusingaqualifiedidorthisaudit_shared/NameNotReferredUsingAQualifiedIdOrThisAudit_shared.expected} (100%) create mode 100644 cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit_shared/NameNotReferredUsingAQualifiedIdOrThisAudit_shared.ql create mode 100644 cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit_shared/test.cpp rename cpp/{autosar/test/rules/A15-4-2/NoExceptFunctionThrows.expected => common/test/rules/noexceptfunctionshouldnotpropagatetothecaller_shared/NoexceptFunctionShouldNotPropagateToTheCaller_shared.expected} (99%) create mode 100644 cpp/common/test/rules/noexceptfunctionshouldnotpropagatetothecaller_shared/NoexceptFunctionShouldNotPropagateToTheCaller_shared.ql rename cpp/{autosar/test/rules/A15-4-2 => common/test/rules/noexceptfunctionshouldnotpropagatetothecaller_shared}/test.cpp (100%) rename cpp/{autosar/test/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMain.expected => common/test/rules/nonglobalfunctionmain_shared/NonGlobalFunctionMain_shared.expected} (100%) create mode 100644 cpp/common/test/rules/nonglobalfunctionmain_shared/NonGlobalFunctionMain_shared.ql rename cpp/{autosar/test/rules/M7-3-2 => common/test/rules/nonglobalfunctionmain_shared}/test.cpp (100%) create mode 100644 cpp/common/test/rules/nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.expected create mode 100644 cpp/common/test/rules/nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.ql rename c/misra/test/rules/RULE-4-1/test.c => cpp/common/test/rules/nonterminatedescapesequences_shared/test.cpp (61%) create mode 100644 cpp/common/test/rules/nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.expected create mode 100644 cpp/common/test/rules/nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.ql create mode 100644 cpp/common/test/rules/nonuniqueenumerationconstant_shared/test.cpp rename cpp/{autosar/test/rules/A4-10-1/NullPointerConstantNotNullptr.expected => common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.expected} (100%) rename cpp/{autosar/test/rules/A4-10-1/NullPointerConstantNotNullptr.expected.clang => common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.expected.clang} (100%) rename cpp/{autosar/test/rules/A4-10-1/NullPointerConstantNotNullptr.expected.gcc => common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.expected.gcc} (100%) rename cpp/{autosar/test/rules/A4-10-1/NullPointerConstantNotNullptr.expected.qcc => common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.expected.qcc} (100%) create mode 100644 cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.ql rename cpp/{autosar/test/rules/A4-10-1 => common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared}/test.cpp (100%) rename cpp/{autosar/test/rules/A4-10-1 => common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared}/test.cpp.clang (100%) rename cpp/{autosar/test/rules/A4-10-1 => common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared}/test.cpp.gcc (100%) rename cpp/{autosar/test/rules/A4-10-1 => common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared}/test.cpp.qcc (100%) rename cpp/{autosar/test/rules/M12-1-1/DynamicTypeOfThisUsedFromConstructorOrDestructor.expected => common/test/rules/objectsdynamictypeusedfromconstructorordestructor_shared/ObjectsDynamicTypeUsedFromConstructorOrDestructor_shared.expected} (100%) create mode 100644 cpp/common/test/rules/objectsdynamictypeusedfromconstructorordestructor_shared/ObjectsDynamicTypeUsedFromConstructorOrDestructor_shared.ql rename cpp/{autosar/test/rules/M12-1-1 => common/test/rules/objectsdynamictypeusedfromconstructorordestructor_shared}/test.cpp (100%) create mode 100644 cpp/common/test/rules/overridingshallspecifydifferentdefaultarguments_shared/OverridingShallSpecifyDifferentDefaultArguments_shared.expected create mode 100644 cpp/common/test/rules/overridingshallspecifydifferentdefaultarguments_shared/OverridingShallSpecifyDifferentDefaultArguments_shared.ql rename cpp/{autosar/test/rules/M8-3-1 => common/test/rules/overridingshallspecifydifferentdefaultarguments_shared}/test.cpp (100%) rename cpp/{autosar/test/rules/A5-10-1/PointerToMemberVirtualFunctionWithNullPointerConstant.expected => common/test/rules/potentiallyvirtualpointeronlycomparestonullptr_shared/PotentiallyVirtualPointerOnlyComparesToNullptr_shared.expected} (63%) create mode 100644 cpp/common/test/rules/potentiallyvirtualpointeronlycomparestonullptr_shared/PotentiallyVirtualPointerOnlyComparesToNullptr_shared.ql rename cpp/{autosar/test/rules/A5-10-1 => common/test/rules/potentiallyvirtualpointeronlycomparestonullptr_shared}/test.cpp (100%) rename cpp/{autosar/test/rules/A5-2-4/ReinterpretCastUsed.expected => common/test/rules/reinterpretcastused_shared/ReinterpretCastUsed_shared.expected} (100%) create mode 100644 cpp/common/test/rules/reinterpretcastused_shared/ReinterpretCastUsed_shared.ql rename cpp/{autosar/test/rules/A5-2-4 => common/test/rules/reinterpretcastused_shared}/test.cpp (100%) create mode 100644 cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.expected create mode 100644 cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql rename c/misra/test/rules/RULE-13-4/test.c => cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/test.cpp (59%) rename cpp/{autosar/test/rules/M7-5-1/FunctionReturnAutomaticVarCondition.expected => common/test/rules/returnreferenceorpointertoautomaticlocalvariable_shared/ReturnReferenceOrPointerToAutomaticLocalVariable_shared.expected} (100%) create mode 100644 cpp/common/test/rules/returnreferenceorpointertoautomaticlocalvariable_shared/ReturnReferenceOrPointerToAutomaticLocalVariable_shared.ql rename cpp/{autosar/test/rules/M7-5-1 => common/test/rules/returnreferenceorpointertoautomaticlocalvariable_shared}/test.cpp (100%) rename cpp/{autosar/test/rules/M6-3-1/SwitchCompoundCondition.expected => common/test/rules/switchcompoundcondition_shared/SwitchCompoundCondition_shared.expected} (100%) create mode 100644 cpp/common/test/rules/switchcompoundcondition_shared/SwitchCompoundCondition_shared.ql create mode 100644 cpp/common/test/rules/switchcompoundcondition_shared/test.cpp rename cpp/{autosar/test/rules/M2-13-3/MissingUSuffix.expected => common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed_shared/UnsignedIntegerLiteralsNotAppropriatelySuffixed_shared.expected} (100%) create mode 100644 cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed_shared/UnsignedIntegerLiteralsNotAppropriatelySuffixed_shared.ql rename cpp/{autosar/test/rules/M2-13-3 => common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed_shared}/test.cpp (100%) create mode 100644 cpp/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.expected create mode 100644 cpp/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.ql rename c/cert/test/rules/INT30-C/test.c => cpp/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/test.cpp (94%) rename cpp/{autosar/test/rules/M2-13-2/UseOfNonZeroOctalLiteral.expected => common/test/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.expected} (100%) create mode 100644 cpp/common/test/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.ql rename cpp/{autosar/test/rules/M2-13-2 => common/test/rules/useofnonzerooctalliteral_shared}/test.cpp (100%) rename cpp/{autosar/test/rules/A18-1-2/VectorboolSpecializationUsed.expected => common/test/rules/vectorshouldnotbespecializedwithbool_shared/VectorShouldNotBeSpecializedWithBool_shared.expected} (100%) rename cpp/{autosar/test/rules/A18-1-2/VectorboolSpecializationUsed.expected.qcc => common/test/rules/vectorshouldnotbespecializedwithbool_shared/VectorShouldNotBeSpecializedWithBool_shared.expected.qcc} (100%) create mode 100644 cpp/common/test/rules/vectorshouldnotbespecializedwithbool_shared/VectorShouldNotBeSpecializedWithBool_shared.ql rename cpp/{autosar/test/rules/A18-1-2 => common/test/rules/vectorshouldnotbespecializedwithbool_shared}/test.cpp (100%) rename cpp/{autosar/test/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtualInHierarchy.expected => common/test/rules/virtualandnonvirtualclassinthehierarchy_shared/VirtualAndNonVirtualClassInTheHierarchy_shared.expected} (100%) create mode 100644 cpp/common/test/rules/virtualandnonvirtualclassinthehierarchy_shared/VirtualAndNonVirtualClassInTheHierarchy_shared.ql rename cpp/{autosar/test/rules/M10-1-3 => common/test/rules/virtualandnonvirtualclassinthehierarchy_shared}/test.cpp (100%) create mode 100644 cpp/misra/src/rules/DIR-15-8-1/CopyAndMoveAssignmentsShallHandleSelfAssignment.ql create mode 100644 cpp/misra/src/rules/RULE-10-0-1/UseSingleGlobalOrMemberDeclarators.ql create mode 100644 cpp/misra/src/rules/RULE-10-0-1/UseSingleLocalDeclarators.ql create mode 100644 cpp/misra/src/rules/RULE-10-2-1/EnumerationNotDefinedWithAnExplicitUnderlyingType.ql create mode 100644 cpp/misra/src/rules/RULE-10-4-1/AsmDeclarationShallNotBeUsed.ql create mode 100644 cpp/misra/src/rules/RULE-11-6-3/NonUniqueEnumerationConstant.ql create mode 100644 cpp/misra/src/rules/RULE-12-2-2/BitFieldShallHaveAnAppropriateType.ql create mode 100644 cpp/misra/src/rules/RULE-12-2-3/SignedIntegerNamedBitFieldHaveALengthOfOneBit.ql create mode 100644 cpp/misra/src/rules/RULE-13-1-2/VirtualAndNonVirtualClassInTheHierarchy.ql create mode 100644 cpp/misra/src/rules/RULE-13-3-2/OverridingShallSpecifyDifferentDefaultArguments.ql create mode 100644 cpp/misra/src/rules/RULE-13-3-4/PotentiallyVirtualPointerOnlyComparesToNullptr.ql create mode 100644 cpp/misra/src/rules/RULE-15-1-1/ObjectsDynamicTypeUsedFromConstructorOrDestructor.ql create mode 100644 cpp/misra/src/rules/RULE-15-1-2/InitializeAllVirtualBaseClasses.ql create mode 100644 cpp/misra/src/rules/RULE-15-1-5/InitializerListConstructorIsTheOnlyConstructor.ql create mode 100644 cpp/misra/src/rules/RULE-16-5-2/AddressOfOperatorOverloaded.ql create mode 100644 cpp/misra/src/rules/RULE-17-8-1/FunctionTemplatesExplicitlySpecialized.ql create mode 100644 cpp/misra/src/rules/RULE-18-1-1/ExceptionObjectHavePointerType.ql create mode 100644 cpp/misra/src/rules/RULE-18-1-2/EmptyThrowOnlyWithinACatchHandler.ql create mode 100644 cpp/misra/src/rules/RULE-18-5-1/NoexceptFunctionShouldNotPropagateToTheCaller.ql create mode 100644 cpp/misra/src/rules/RULE-19-0-2/FunctionLikeMacrosDefined.ql create mode 100644 cpp/misra/src/rules/RULE-19-3-2/MacroParameterFollowingHash.ql create mode 100644 cpp/misra/src/rules/RULE-19-3-3/AMixedUseMacroArgumentSubjectToExpansion.ql create mode 100644 cpp/misra/src/rules/RULE-21-10-3/CsignalFacilitiesUsed.ql create mode 100644 cpp/misra/src/rules/RULE-21-10-3/CsignalTypesShallNotBeUsed.ql create mode 100644 cpp/misra/src/rules/RULE-21-2-1/AtofAtoiAtolAndAtollUsed.ql create mode 100644 cpp/misra/src/rules/RULE-21-2-4/MacroOffsetofShallNotBeUsed.ql create mode 100644 cpp/misra/src/rules/RULE-21-6-4/GlobalSizedOperatorDeleteShallBeDefined.ql create mode 100644 cpp/misra/src/rules/RULE-21-6-4/GlobalUnsizedOperatorDeleteShallBeDefined.ql create mode 100644 cpp/misra/src/rules/RULE-26-3-1/VectorShouldNotBeSpecializedWithBool.ql create mode 100644 cpp/misra/src/rules/RULE-28-6-2/ForwardingReferencesAndForwardNotUsedTogether.ql create mode 100644 cpp/misra/src/rules/RULE-30-0-1/CstdioFunctionsShallNotBeUsed.ql create mode 100644 cpp/misra/src/rules/RULE-30-0-1/CstdioMacrosShallNotBeUsed.ql create mode 100644 cpp/misra/src/rules/RULE-30-0-1/CstdioTypesShallNotBeUsed.ql create mode 100644 cpp/misra/src/rules/RULE-4-6-1/MemoryOperationsNotSequencedAppropriately.ql create mode 100644 cpp/misra/src/rules/RULE-5-13-1/BackslashCharacterMisuse.ql create mode 100644 cpp/misra/src/rules/RULE-5-13-2/NonTerminatedEscapeSequences.ql create mode 100644 cpp/misra/src/rules/RULE-5-13-3/OctalConstantsUsed.ql create mode 100644 cpp/misra/src/rules/RULE-5-13-4/UnsignedIntegerLiteralsNotAppropriatelySuffixed.ql create mode 100644 cpp/misra/src/rules/RULE-5-13-5/LowercaseLStartsInLiteralSuffix.ql create mode 100644 cpp/misra/src/rules/RULE-5-7-1/CharacterSequenceUsedWithinACStyleComment.ql create mode 100644 cpp/misra/src/rules/RULE-5-7-3/LineSplicingUsedInComments.ql create mode 100644 cpp/misra/src/rules/RULE-6-0-3/GlobalNamespaceDeclarations.ql create mode 100644 cpp/misra/src/rules/RULE-6-0-4/NonGlobalFunctionMain.ql create mode 100644 cpp/misra/src/rules/RULE-6-4-2/DefinitionShallBeConsideredForUnqualifiedLookup.ql create mode 100644 cpp/misra/src/rules/RULE-6-4-2/InheritedNonOverridableMemberFunction.ql create mode 100644 cpp/misra/src/rules/RULE-6-4-2/InheritedOverridableMemberFunction.ql create mode 100644 cpp/misra/src/rules/RULE-6-4-3/NameShallBeReferredUsingAQualifiedIdOrThis.ql create mode 100644 cpp/misra/src/rules/RULE-6-4-3/NameShallBeReferredUsingAQualifiedIdOrThisAudit.ql create mode 100644 cpp/misra/src/rules/RULE-6-8-2/ReturnReferenceOrPointerToAutomaticLocalVariable.ql create mode 100644 cpp/misra/src/rules/RULE-7-11-1/NullptrNotTheOnlyFormOfTheNullPointerConstant.ql create mode 100644 cpp/misra/src/rules/RULE-7-11-2/ArrayPassedAsFunctionArgumentDecayToAPointer.ql create mode 100644 cpp/misra/src/rules/RULE-8-18-2/ResultOfAnAssignmentOperatorShouldNotBeUsed.ql create mode 100644 cpp/misra/src/rules/RULE-8-19-1/CommaOperatorShouldNotBeUsed.ql create mode 100644 cpp/misra/src/rules/RULE-8-2-10/FunctionsCallThemselvesEitherDirectlyOrIndirectly.ql create mode 100644 cpp/misra/src/rules/RULE-8-2-4/CastsBetweenAPointerToFunctionAndAnyOtherType.ql create mode 100644 cpp/misra/src/rules/RULE-8-2-5/ReinterpretCastShallNotBeUsed.ql create mode 100644 cpp/misra/src/rules/RULE-8-20-1/UnsignedOperationWithConstantOperandsWraps.ql create mode 100644 cpp/misra/src/rules/RULE-8-3-1/BuiltInUnaryOperatorAppliedToUnsignedExpression.ql create mode 100644 cpp/misra/src/rules/RULE-9-3-1/LoopBodyCompoundCondition.ql create mode 100644 cpp/misra/src/rules/RULE-9-3-1/SwitchBodyCompoundCondition.ql create mode 100644 cpp/misra/src/rules/RULE-9-6-1/GotoStatementShouldNotBeUsed.ql create mode 100644 cpp/misra/src/rules/RULE-9-6-2/GotoReferenceALabelInSurroundingBlock.ql create mode 100644 cpp/misra/test/rules/DIR-15-8-1/CopyAndMoveAssignmentsShallHandleSelfAssignment.testref create mode 100644 cpp/misra/test/rules/RULE-10-0-1/MultipleGlobalOrMemberDeclarators.testref create mode 100644 cpp/misra/test/rules/RULE-10-0-1/MultipleLocalDeclarators.testref create mode 100644 cpp/misra/test/rules/RULE-10-0-1/UseSingleGlobalOrMemberDeclarators.testref create mode 100644 cpp/misra/test/rules/RULE-10-0-1/UseSingleLocalDeclarators.testref create mode 100644 cpp/misra/test/rules/RULE-10-2-1/EnumerationNotDefinedWithAnExplicitUnderlyingType.testref create mode 100644 cpp/misra/test/rules/RULE-10-4-1/AsmDeclarationShallNotBeUsed.testref create mode 100644 cpp/misra/test/rules/RULE-11-6-3/NonUniqueEnumerationConstant.testref create mode 100644 cpp/misra/test/rules/RULE-12-2-2/BitFieldShallHaveAnAppropriateType.testref create mode 100644 cpp/misra/test/rules/RULE-12-2-3/SignedIntegerNamedBitFieldHaveALengthOfOneBit.testref create mode 100644 cpp/misra/test/rules/RULE-13-1-2/VirtualAndNonVirtualClassInTheHierarchy.testref create mode 100644 cpp/misra/test/rules/RULE-13-3-2/OverridingShallSpecifyDifferentDefaultArguments.testref create mode 100644 cpp/misra/test/rules/RULE-13-3-4/PotentiallyVirtualPointerOnlyComparesToNullptr.testref create mode 100644 cpp/misra/test/rules/RULE-15-1-1/ObjectsDynamicTypeUsedFromConstructorOrDestructor.testref create mode 100644 cpp/misra/test/rules/RULE-15-1-2/InitializeAllVirtualBaseClasses.testref create mode 100644 cpp/misra/test/rules/RULE-15-1-5/InitializerListConstructorIsTheOnlyConstructor.testref create mode 100644 cpp/misra/test/rules/RULE-16-5-2/AddressOfOperatorOverloaded.testref create mode 100644 cpp/misra/test/rules/RULE-17-8-1/FunctionTemplatesExplicitlySpecialized.testref create mode 100644 cpp/misra/test/rules/RULE-18-1-1/ExceptionObjectHavePointerType.testref create mode 100644 cpp/misra/test/rules/RULE-18-1-2/EmptyThrowOnlyWithinACatchHandler.testref create mode 100644 cpp/misra/test/rules/RULE-18-5-1/NoexceptFunctionShouldNotPropagateToTheCaller.testref create mode 100644 cpp/misra/test/rules/RULE-19-0-2/FunctionLikeMacrosDefined.testref create mode 100644 cpp/misra/test/rules/RULE-19-3-2/MacroParameterFollowingHash.testref create mode 100644 cpp/misra/test/rules/RULE-19-3-3/AMixedUseMacroArgumentSubjectToExpansion.testref create mode 100644 cpp/misra/test/rules/RULE-21-10-3/CsignalFacilitiesUsed.testref create mode 100644 cpp/misra/test/rules/RULE-21-10-3/CsignalTypesShallNotBeUsed.testref create mode 100644 cpp/misra/test/rules/RULE-21-10-3/CsignalTypesUsed.testref create mode 100644 cpp/misra/test/rules/RULE-21-2-1/AtofAtoiAtolAndAtollUsed.testref create mode 100644 cpp/misra/test/rules/RULE-21-2-4/MacroOffsetofShallNotBeUsed.testref create mode 100644 cpp/misra/test/rules/RULE-21-6-4/GlobalSizedOperatorDeleteShallBeDefined.testref create mode 100644 cpp/misra/test/rules/RULE-21-6-4/GlobalUnsizedOperatorDeleteShallBeDefined.testref create mode 100644 cpp/misra/test/rules/RULE-26-3-1/VectorShouldNotBeSpecializedWithBool.testref create mode 100644 cpp/misra/test/rules/RULE-28-6-2/ForwardingReferencesAndForwardNotUsedTogether.testref create mode 100644 cpp/misra/test/rules/RULE-30-0-1/CstdioFunctionsShallNotBeUsed.testref create mode 100644 cpp/misra/test/rules/RULE-30-0-1/CstdioMacrosShallNotBeUsed.testref create mode 100644 cpp/misra/test/rules/RULE-30-0-1/CstdioTypesShallNotBeUsed.testref create mode 100644 cpp/misra/test/rules/RULE-4-6-1/MemoryOperationsNotSequencedAppropriately.testref create mode 100644 cpp/misra/test/rules/RULE-5-13-1/BackslashCharacterMisuse.testref create mode 100644 cpp/misra/test/rules/RULE-5-13-2/NonTerminatedEscapeSequences.testref create mode 100644 cpp/misra/test/rules/RULE-5-13-3/OctalConstantsUsed.testref create mode 100644 cpp/misra/test/rules/RULE-5-13-4/UnsignedIntegerLiteralsNotAppropriatelySuffixed.testref create mode 100644 cpp/misra/test/rules/RULE-5-13-5/LowercaseLStartsInLiteralSuffix.testref create mode 100644 cpp/misra/test/rules/RULE-5-7-1/CharacterSequenceUsedWithinACStyleComment.testref create mode 100644 cpp/misra/test/rules/RULE-5-7-3/LineSplicingUsedInComments.testref create mode 100644 cpp/misra/test/rules/RULE-6-0-3/GlobalNamespaceDeclarations.testref create mode 100644 cpp/misra/test/rules/RULE-6-0-4/NonGlobalFunctionMain.testref create mode 100644 cpp/misra/test/rules/RULE-6-4-2/DefinitionShallBeConsideredForUnqualifiedLookup.testref create mode 100644 cpp/misra/test/rules/RULE-6-4-2/InheritedNonOverridableMemberFunction.testref create mode 100644 cpp/misra/test/rules/RULE-6-4-2/InheritedOverridableMemberFunction.testref create mode 100644 cpp/misra/test/rules/RULE-6-4-3/NameShallBeReferredUsingAQualifiedIdOrThis.testref create mode 100644 cpp/misra/test/rules/RULE-6-4-3/NameShallBeReferredUsingAQualifiedIdOrThisAudit.testref create mode 100644 cpp/misra/test/rules/RULE-6-8-2/ReturnReferenceOrPointerToAutomaticLocalVariable.testref create mode 100644 cpp/misra/test/rules/RULE-7-11-1/NullptrNotTheOnlyFormOfTheNullPointerConstant.testref create mode 100644 cpp/misra/test/rules/RULE-7-11-2/ArrayPassedAsFunctionArgumentDecayToAPointer.testref create mode 100644 cpp/misra/test/rules/RULE-8-18-2/ResultOfAnAssignmentOperatorShouldNotBeUsed.testref create mode 100644 cpp/misra/test/rules/RULE-8-19-1/CommaOperatorShouldNotBeUsed.testref create mode 100644 cpp/misra/test/rules/RULE-8-2-10/FunctionsCallThemselvesEitherDirectlyOrIndirectly.testref create mode 100644 cpp/misra/test/rules/RULE-8-2-4/CastsBetweenAPointerToFunctionAndAnyOtherType.testref create mode 100644 cpp/misra/test/rules/RULE-8-2-5/ReinterpretCastShallNotBeUsed.testref create mode 100644 cpp/misra/test/rules/RULE-8-20-1/UnsignedOperationWithConstantOperandsWraps.testref create mode 100644 cpp/misra/test/rules/RULE-8-3-1/BuiltInUnaryOperatorAppliedToUnsignedExpression.testref create mode 100644 cpp/misra/test/rules/RULE-9-3-1/LoopBodyCompoundCondition.testref create mode 100644 cpp/misra/test/rules/RULE-9-3-1/SwitchBodyCompoundCondition.testref create mode 100644 cpp/misra/test/rules/RULE-9-6-1/GotoStatementShouldNotBeUsed.testref create mode 100644 cpp/misra/test/rules/RULE-9-6-2/GotoReferenceALabelInSurroundingBlock.testref diff --git a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects.ql b/c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects.ql index c478a3d51e..ff616277cd 100644 --- a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects.ql +++ b/c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.SideEffect -import codingstandards.c.Ordering +import codingstandards.cpp.COrdering import codingstandards.c.orderofevaluation.VariableAccessOrdering from diff --git a/c/cert/src/rules/EXP45-C/AssignmentsInSelectionStatements.ql b/c/cert/src/rules/EXP45-C/AssignmentsInSelectionStatements.ql index f6e29eb28c..8d65bb0088 100644 --- a/c/cert/src/rules/EXP45-C/AssignmentsInSelectionStatements.ql +++ b/c/cert/src/rules/EXP45-C/AssignmentsInSelectionStatements.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.cert -import codingstandards.c.Expr +import codingstandards.cpp.CExpr Expr getRightMostOperand(CommaExpr e) { result = e.getRightOperand() and not result instanceof CommaExpr diff --git a/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql b/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql index 3d25313915..6019b7b0d6 100644 --- a/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql +++ b/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql @@ -15,24 +15,11 @@ import cpp import codingstandards.c.cert -import codingstandards.cpp.Overflow -import semmle.code.cpp.controlflow.Guards -import semmle.code.cpp.valuenumbering.GlobalValueNumbering +import codingstandards.cpp.rules.unsignedoperationwithconstantoperandswraps_shared.UnsignedOperationWithConstantOperandsWraps_shared -from InterestingOverflowingOperation op -where - not isExcluded(op, IntegerOverflowPackage::unsignedIntegerOperationsWrapAroundQuery()) and - op.getType().getUnderlyingType().(IntegralType).isUnsigned() and - // Not within a guard condition - not exists(GuardCondition gc | gc.getAChild*() = op) and - // Not guarded by a check, where the check is not an invalid overflow check - not op.hasValidPreCheck() and - // Is not checked after the operation - not op.hasValidPostCheck() and - // Permitted by exception 3 - not op instanceof LShiftExpr and - // Permitted by exception 2 - zero case is handled in separate query - not op instanceof DivExpr and - not op instanceof RemExpr -select op, - "Operation " + op.getOperator() + " of type " + op.getType().getUnderlyingType() + " may wrap." +class UnsignedIntegerOperationsWrapAroundQuery extends UnsignedOperationWithConstantOperandsWraps_sharedSharedQuery +{ + UnsignedIntegerOperationsWrapAroundQuery() { + this = IntegerOverflowPackage::unsignedIntegerOperationsWrapAroundQuery() + } +} diff --git a/c/cert/test/rules/INT30-C/UnsignedIntegerOperationsWrapAround.expected b/c/cert/test/rules/INT30-C/UnsignedIntegerOperationsWrapAround.expected deleted file mode 100644 index 76594d944b..0000000000 --- a/c/cert/test/rules/INT30-C/UnsignedIntegerOperationsWrapAround.expected +++ /dev/null @@ -1,4 +0,0 @@ -| test.c:4:3:4:9 | ... + ... | Operation + of type unsigned int may wrap. | -| test.c:5:3:5:10 | ... += ... | Operation += of type unsigned int may wrap. | -| test.c:58:3:58:9 | ... - ... | Operation - of type unsigned int may wrap. | -| test.c:59:3:59:10 | ... -= ... | Operation -= of type unsigned int may wrap. | diff --git a/c/cert/test/rules/INT30-C/UnsignedIntegerOperationsWrapAround.qlref b/c/cert/test/rules/INT30-C/UnsignedIntegerOperationsWrapAround.qlref deleted file mode 100644 index 045890904c..0000000000 --- a/c/cert/test/rules/INT30-C/UnsignedIntegerOperationsWrapAround.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql \ No newline at end of file diff --git a/c/cert/test/rules/INT30-C/UnsignedIntegerOperationsWrapAround.testref b/c/cert/test/rules/INT30-C/UnsignedIntegerOperationsWrapAround.testref new file mode 100644 index 0000000000..2cc69bff5a --- /dev/null +++ b/c/cert/test/rules/INT30-C/UnsignedIntegerOperationsWrapAround.testref @@ -0,0 +1 @@ +c/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.ql \ No newline at end of file diff --git a/c/cert/test/rules/MSC30-C/RandUsedForGeneratingPseudorandomNumbers.testref b/c/cert/test/rules/MSC30-C/RandUsedForGeneratingPseudorandomNumbers.testref index 31cba60b74..726f27535d 100644 --- a/c/cert/test/rules/MSC30-C/RandUsedForGeneratingPseudorandomNumbers.testref +++ b/c/cert/test/rules/MSC30-C/RandUsedForGeneratingPseudorandomNumbers.testref @@ -1 +1 @@ -cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql \ No newline at end of file +c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql \ No newline at end of file diff --git a/c/common/src/codingstandards/c/Literals.qll b/c/common/src/codingstandards/c/Literals.qll deleted file mode 100644 index beeeccb8cc..0000000000 --- a/c/common/src/codingstandards/c/Literals.qll +++ /dev/null @@ -1,4 +0,0 @@ -// Reuse the `IntegerLiteral` class -import codingstandards.cpp.Cpp14Literal - -class IntegerLiteral = Cpp14Literal::IntegerLiteral; diff --git a/c/common/src/codingstandards/c/orderofevaluation/VariableAccessOrdering.qll b/c/common/src/codingstandards/c/orderofevaluation/VariableAccessOrdering.qll index 4c041e8e4c..6293a67d32 100644 --- a/c/common/src/codingstandards/c/orderofevaluation/VariableAccessOrdering.qll +++ b/c/common/src/codingstandards/c/orderofevaluation/VariableAccessOrdering.qll @@ -1,5 +1,5 @@ import cpp -import codingstandards.c.Ordering +import codingstandards.cpp.COrdering class VariableAccessInFullExpressionOrdering extends Ordering::Configuration { VariableAccessInFullExpressionOrdering() { this = "VariableAccessInFullExpressionOrdering" } diff --git a/c/common/test/library/expr/FullExpr.ql b/c/common/test/library/expr/FullExpr.ql index de7edf85c1..8760ed1a15 100644 --- a/c/common/test/library/expr/FullExpr.ql +++ b/c/common/test/library/expr/FullExpr.ql @@ -1,5 +1,5 @@ import cpp -import codingstandards.c.Expr +import codingstandards.cpp.CExpr from FullExpr e select e diff --git a/c/misra/test/rules/RULE-20-12/MacroParameterUsedAsHashOperand.expected b/c/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.expected similarity index 58% rename from c/misra/test/rules/RULE-20-12/MacroParameterUsedAsHashOperand.expected rename to c/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.expected index be347218b3..d5f6f296d9 100644 --- a/c/misra/test/rules/RULE-20-12/MacroParameterUsedAsHashOperand.expected +++ b/c/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.expected @@ -1,2 +1,2 @@ -| test.c:4:1:4:41 | #define BAD_MACRO_WITH_ARG(x) (x) + wow ## x | Macro BAD_MACRO_WITH_ARG contains use of parameter x used in multiple contexts. | -| test.c:5:1:5:48 | #define BAD_MACRO_WITH_ARG_TWO(x,y) (x) + wow ## x | Macro BAD_MACRO_WITH_ARG_TWO contains use of parameter x used in multiple contexts. | +| test.c:5:1:5:41 | #define BAD_MACRO_WITH_ARG(x) (x) + wow ## x | Macro BAD_MACRO_WITH_ARG contains use of parameter x used in multiple contexts. | +| test.c:6:1:6:48 | #define BAD_MACRO_WITH_ARG_TWO(x,y) (x) + wow ## x | Macro BAD_MACRO_WITH_ARG_TWO contains use of parameter x used in multiple contexts. | diff --git a/c/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.ql b/c/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.ql new file mode 100644 index 0000000000..8fc299b7f3 --- /dev/null +++ b/c/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.ql @@ -0,0 +1,5 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.amixedusemacroargumentsubjecttoexpansion_shared.AMixedUseMacroArgumentSubjectToExpansion_shared + +class TestFileQuery extends AMixedUseMacroArgumentSubjectToExpansion_sharedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/test.c b/c/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/test.c new file mode 100644 index 0000000000..7eb5e204c7 --- /dev/null +++ b/c/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/test.c @@ -0,0 +1,26 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. +#define GOOD_MACRO_WITH_ARG(X) ((X)*X##_scale) // COMPLIANT +#define MACRO 1 +#define BAD_MACRO_WITH_ARG(x) (x) + wow##x // NON_COMPLIANT +#define BAD_MACRO_WITH_ARG_TWO(x, y) (x) + wow##x // NON_COMPLIANT +#define MACROONE(x) #x // COMPLIANT +#define MACROTWO(x) x *x // COMPLIANT +#define MACROTHREE(x) "##\"\"'" + (x) // COMPLIANT +#define FOO(x) #x MACROONE(x) // COMPLIANT - no further arg expansion + +void f() { + + int x; + int x_scale; + int y; + int wowMACRO = 0; + + y = GOOD_MACRO_WITH_ARG(x); + wowMACRO = BAD_MACRO_WITH_ARG(MACRO); + wowMACRO = BAD_MACRO_WITH_ARG_TWO(MACRO, 1); + char s[] = MACROONE(MACRO); + y = MACROTWO(MACRO); + MACROTHREE(MACRO); + FOO(x); +} \ No newline at end of file diff --git a/c/common/test/rules/atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.expected b/c/common/test/rules/atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.expected new file mode 100644 index 0000000000..489a990582 --- /dev/null +++ b/c/common/test/rules/atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.expected @@ -0,0 +1,4 @@ +| test.c:8:14:8:17 | call to atof | Call to banned function atof. | +| test.c:9:12:9:15 | call to atoi | Call to banned function atoi. | +| test.c:10:13:10:16 | call to atol | Call to banned function atol. | +| test.c:11:18:11:22 | call to atoll | Call to banned function atoll. | diff --git a/c/common/test/rules/atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.ql b/c/common/test/rules/atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.ql new file mode 100644 index 0000000000..75b1a7ea10 --- /dev/null +++ b/c/common/test/rules/atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.atofatoiatolandatollused_shared.AtofAtoiAtolAndAtollUsed_shared + +class TestFileQuery extends AtofAtoiAtolAndAtollUsed_sharedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/atofatoiatolandatollused_shared/test.c b/c/common/test/rules/atofatoiatolandatollused_shared/test.c new file mode 100644 index 0000000000..f8140af79a --- /dev/null +++ b/c/common/test/rules/atofatoiatolandatollused_shared/test.c @@ -0,0 +1,13 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. +#include +#include +void f2(); +void f1() { + char l1[5] = "abcd"; + float l2 = atof(l1); // NON_COMLIANT + int l3 = atoi(l1); // NON_COMPLIANT + long l4 = atol(l1); // NON_COMPLIANT + long long l5 = atoll(l1); // NON_COMPLIANT + f2(); // COMPLIANT +} diff --git a/c/common/test/rules/bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.expected b/c/common/test/rules/bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.expected new file mode 100644 index 0000000000..f04b1b6ce9 --- /dev/null +++ b/c/common/test/rules/bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.expected @@ -0,0 +1,4 @@ +| test.c:8:7:8:8 | x1 | Bit-field 'x1' is declared on type 'int'. | +| test.c:12:15:12:16 | x5 | Bit-field 'x5' is declared on type 'signed long'. | +| test.c:14:15:14:16 | x6 | Bit-field 'x6' is declared on type 'signed char'. | +| test.c:16:14:16:15 | x7 | Bit-field 'x7' is declared on type 'Color'. | diff --git a/c/common/test/rules/bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.ql b/c/common/test/rules/bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.ql new file mode 100644 index 0000000000..e460832dc7 --- /dev/null +++ b/c/common/test/rules/bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.bitfieldshallhaveanappropriatetype_shared.BitFieldShallHaveAnAppropriateType_shared + +class TestFileQuery extends BitFieldShallHaveAnAppropriateType_sharedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/bitfieldshallhaveanappropriatetype_shared/test.c b/c/common/test/rules/bitfieldshallhaveanappropriatetype_shared/test.c new file mode 100644 index 0000000000..c418e0e4fc --- /dev/null +++ b/c/common/test/rules/bitfieldshallhaveanappropriatetype_shared/test.c @@ -0,0 +1,17 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. +typedef unsigned int UINT16; + +enum Color { R, G, B }; + +struct SampleStruct { + int x1 : 2; // NON_COMPLIANT - not explicitly signed or unsigned + unsigned int x2 : 2; // COMPLIANT - explicitly unsigned + signed int x3 : 2; // COMPLIANT - explicitly signed + UINT16 x4 : 2; // COMPLIANT - type alias resolves to a compliant type + signed long x5 : 2; // NON_COMPLIANT - cannot declare bit field for long, even + // if it's signed + signed char x6 : 2; // NON_COMPLIANT - cannot declare bit field for char, even + // if it's signed + enum Color x7 : 3; // NON_COMPLIANT - cannot declare bit field for enum +} sample_struct; diff --git a/c/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.expected b/c/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.expected index 94e63062c5..99d91f7575 100644 --- a/c/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.expected +++ b/c/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.expected @@ -1,20 +1,20 @@ problems -| test.c:8:8:8:12 | c_str | test.c:15:16:15:21 | call to getenv | test.c:8:8:8:12 | c_str | The object returned by the function getenv should not be modified. | -| test.c:64:5:64:9 | conv4 | test.c:61:11:61:20 | call to localeconv | test.c:64:5:64:9 | conv4 | The object returned by the function localeconv should not be modified. | -| test.c:73:5:73:8 | conv | test.c:69:25:69:34 | call to localeconv | test.c:73:5:73:8 | conv | The object returned by the function localeconv should not be modified. | +| test.c:11:8:11:12 | c_str | test.c:18:16:18:21 | call to getenv | test.c:11:8:11:12 | c_str | The object returned by the function getenv should not be modified. | +| test.c:67:5:67:9 | conv4 | test.c:64:11:64:20 | call to localeconv | test.c:67:5:67:9 | conv4 | The object returned by the function localeconv should not be modified. | +| test.c:76:5:76:8 | conv | test.c:72:25:72:34 | call to localeconv | test.c:76:5:76:8 | conv | The object returned by the function localeconv should not be modified. | edges -| test.c:5:18:5:22 | c_str | test.c:8:8:8:12 | c_str | -| test.c:15:16:15:21 | call to getenv | test.c:21:9:21:12 | env1 | -| test.c:21:9:21:12 | env1 | test.c:5:18:5:22 | c_str | -| test.c:61:11:61:20 | call to localeconv | test.c:64:5:64:9 | conv4 | -| test.c:69:25:69:34 | call to localeconv | test.c:73:5:73:8 | conv | +| test.c:8:18:8:22 | c_str | test.c:11:8:11:12 | c_str | +| test.c:18:16:18:21 | call to getenv | test.c:24:9:24:12 | env1 | +| test.c:24:9:24:12 | env1 | test.c:8:18:8:22 | c_str | +| test.c:64:11:64:20 | call to localeconv | test.c:67:5:67:9 | conv4 | +| test.c:72:25:72:34 | call to localeconv | test.c:76:5:76:8 | conv | nodes -| test.c:5:18:5:22 | c_str | semmle.label | c_str | -| test.c:8:8:8:12 | c_str | semmle.label | c_str | -| test.c:15:16:15:21 | call to getenv | semmle.label | call to getenv | -| test.c:21:9:21:12 | env1 | semmle.label | env1 | -| test.c:61:11:61:20 | call to localeconv | semmle.label | call to localeconv | -| test.c:64:5:64:9 | conv4 | semmle.label | conv4 | -| test.c:69:25:69:34 | call to localeconv | semmle.label | call to localeconv | -| test.c:73:5:73:8 | conv | semmle.label | conv | +| test.c:8:18:8:22 | c_str | semmle.label | c_str | +| test.c:11:8:11:12 | c_str | semmle.label | c_str | +| test.c:18:16:18:21 | call to getenv | semmle.label | call to getenv | +| test.c:24:9:24:12 | env1 | semmle.label | env1 | +| test.c:64:11:64:20 | call to localeconv | semmle.label | call to localeconv | +| test.c:67:5:67:9 | conv4 | semmle.label | conv4 | +| test.c:72:25:72:34 | call to localeconv | semmle.label | call to localeconv | +| test.c:76:5:76:8 | conv | semmle.label | conv | subpaths diff --git a/c/common/test/rules/constlikereturnvalue/test.c b/c/common/test/rules/constlikereturnvalue/test.c index cd7c101898..35e68b4aa8 100644 --- a/c/common/test/rules/constlikereturnvalue/test.c +++ b/c/common/test/rules/constlikereturnvalue/test.c @@ -1,6 +1,9 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. #include #include #include +#include void trstr(char *c_str, char orig, char rep) { while (*c_str != '\0') { diff --git a/c/common/test/rules/functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.expected b/c/common/test/rules/functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.expected new file mode 100644 index 0000000000..c9a9eb0d48 --- /dev/null +++ b/c/common/test/rules/functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.expected @@ -0,0 +1,2 @@ +| test.c:8:1:8:25 | #define MACRO4(x) (x + 1) | Macro used instead of a function. | +| test.c:13:1:13:48 | #define MACRO9() printf_custom("output = %d", 7) | Macro used instead of a function. | diff --git a/c/common/test/rules/functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.ql b/c/common/test/rules/functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.ql new file mode 100644 index 0000000000..062cce047c --- /dev/null +++ b/c/common/test/rules/functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.functionlikemacrosdefined_shared.FunctionLikeMacrosDefined_shared + +class TestFileQuery extends FunctionLikeMacrosDefined_sharedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/functionlikemacrosdefined_shared/test.c b/c/common/test/rules/functionlikemacrosdefined_shared/test.c new file mode 100644 index 0000000000..0bae4f1c22 --- /dev/null +++ b/c/common/test/rules/functionlikemacrosdefined_shared/test.c @@ -0,0 +1,42 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. +#include + +#define MACRO(OP, L, R) ((L)OP(R)) // COMPLIANT +#define MACRO2(L, R) (L + R) // COMPLIANT +#define MACRO3(L, R) (L " " R " " L) // COMPLIANT +#define MACRO4(x) (x + 1) // NON_COMPLIANT +#define MACRO5(L, LR) (LR + 1) // COMPLIANT +#define MACRO6(x) printf_custom("output = %d", test##x) // COMPLIANT +#define MACRO7(x) #x // COMPLIANT +#define MACRO8(x) "NOP" // COMPLIANT +#define MACRO9() printf_custom("output = %d", 7) // NON_COMPLIANT +#define MACRO10(x) // COMPLIANT +#define MY_ASSERT(X) assert(X) // NON_COMPLIANT[FALSE_NEGATIVE] + +char a1[MACRO2(1, 1) + 6]; +extern int printf_custom(char*, int); +int test1; + +void f() { + int i = MACRO(+, 1, 1); + int i2 = MACRO2(7, 10); + + static int i3 = MACRO2(1, 1); + + char *i4 = MACRO3("prefix", "suffix"); + + int i5 = MACRO4(1); + + int i6 = MACRO4(MACRO2(1, 1)); + + int i7 = MACRO5(1, 1); + + MACRO6(1); + + char *i10 = MACRO7("prefix"); + + asm(MACRO8(1)); + + MY_ASSERT(1); +} \ No newline at end of file diff --git a/c/common/test/rules/gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.expected b/c/common/test/rules/gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.expected new file mode 100644 index 0000000000..7fd94b47f3 --- /dev/null +++ b/c/common/test/rules/gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.expected @@ -0,0 +1,3 @@ +| test.c:4:3:4:10 | goto ... | The goto statement and its $@ are not declared or enclosed in the same block. | test.c:6:3:6:5 | label ...: | label | +| test.c:42:3:42:10 | goto ... | The goto statement and its $@ are not declared or enclosed in the same block. | test.c:46:3:46:5 | label ...: | label | +| test.c:57:5:57:12 | goto ... | The goto statement and its $@ are not declared or enclosed in the same block. | test.c:60:3:60:5 | label ...: | label | diff --git a/c/common/test/rules/gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.ql b/c/common/test/rules/gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.ql new file mode 100644 index 0000000000..f905b9a46c --- /dev/null +++ b/c/common/test/rules/gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.gotoreferencealabelinsurroundingblock_shared.GotoReferenceALabelInSurroundingBlock_shared + +class TestFileQuery extends GotoReferenceALabelInSurroundingBlock_sharedSharedQuery, TestQuery { } diff --git a/c/misra/test/rules/RULE-15-3/test.c b/c/common/test/rules/gotoreferencealabelinsurroundingblock_shared/test.c similarity index 88% rename from c/misra/test/rules/RULE-15-3/test.c rename to c/common/test/rules/gotoreferencealabelinsurroundingblock_shared/test.c index 739affcfc1..083e0fe57b 100644 --- a/c/misra/test/rules/RULE-15-3/test.c +++ b/c/common/test/rules/gotoreferencealabelinsurroundingblock_shared/test.c @@ -1,3 +1,5 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. void f1() { goto L1; for (int i = 0; i < 100; i++) { diff --git a/c/common/test/rules/gotostatementcondition/GotoStatementCondition.expected b/c/common/test/rules/gotostatementcondition/GotoStatementCondition.expected index e522289c7b..c42642c343 100644 --- a/c/common/test/rules/gotostatementcondition/GotoStatementCondition.expected +++ b/c/common/test/rules/gotostatementcondition/GotoStatementCondition.expected @@ -1,3 +1,4 @@ -| test.c:5:3:5:10 | goto ... | The $@ statement jumps to a $@ that is not declared later in the same function. | test.c:5:3:5:10 | goto ... | L1 | test.c:2:1:2:3 | label ...: | label ...: | -| test.c:14:3:14:10 | goto ... | The $@ statement jumps to a $@ that is not declared later in the same function. | test.c:14:3:14:10 | goto ... | L2 | test.c:12:1:12:3 | label ...: | label ...: | -| test.c:16:3:16:10 | goto ... | The $@ statement jumps to a $@ that is not declared later in the same function. | test.c:16:3:16:10 | goto ... | L1 | test.c:11:1:11:3 | label ...: | label ...: | +| test.c:9:3:9:10 | goto ... | The $@ statement jumps to a $@ that is not declared later in the same function. | test.c:9:3:9:10 | goto ... | l1 | test.c:5:1:5:3 | label ...: | label ...: | +| test.c:21:3:21:10 | goto ... | The $@ statement jumps to a $@ that is not declared later in the same function. | test.c:21:3:21:10 | goto ... | l2 | test.c:17:1:17:3 | label ...: | label ...: | +| test.c:23:3:23:10 | goto ... | The $@ statement jumps to a $@ that is not declared later in the same function. | test.c:23:3:23:10 | goto ... | l1 | test.c:16:1:16:3 | label ...: | label ...: | +| test.c:28:3:28:10 | goto ... | The $@ statement jumps to a $@ that is not declared later in the same function. | test.c:28:3:28:10 | goto ... | l1 | test.c:27:1:27:3 | label ...: | label ...: | diff --git a/c/common/test/rules/gotostatementcondition/test.c b/c/common/test/rules/gotostatementcondition/test.c index 2c189cd433..48426261fe 100644 --- a/c/common/test/rules/gotostatementcondition/test.c +++ b/c/common/test/rules/gotostatementcondition/test.c @@ -1,17 +1,29 @@ -void f1() { -L1:; - goto L2; // COMPLIANT - ; - goto L1; // NON_COMPLIANT +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. +void f1(int p1) { -L2:; +l1: + if (p1) { + goto l2; // COMPLIANT + } + goto l1; // NON_COMPLIANT + +l2:; } -void f2() { -L1:; -L2: - goto L3; // COMPLIANT - goto L2; // NON_COMPLIANT -L3: - goto L1; // NON_COMPLIANT +void f2(int p1) { + +l1:; +l2: + if (p1) { + goto l3; // COMPLIANT + } + goto l2; // NON_COMPLIANT +l3: + goto l1; // NON_COMPLIANT } + +void f3() { +l1: + goto l1; // NON_COMPLIANT +} \ No newline at end of file diff --git a/c/common/test/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.expected b/c/common/test/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.expected new file mode 100644 index 0000000000..15dc49ee37 --- /dev/null +++ b/c/common/test/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.expected @@ -0,0 +1 @@ +| test.c:6:3:6:14 | goto ... | Use of goto. | diff --git a/c/common/test/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.ql b/c/common/test/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.ql new file mode 100644 index 0000000000..e7ae4fcebb --- /dev/null +++ b/c/common/test/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.gotostatementshouldnotbeused_shared.GotoStatementShouldNotBeUsed_shared + +class TestFileQuery extends GotoStatementShouldNotBeUsed_sharedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/gotostatementshouldnotbeused_shared/test.c b/c/common/test/rules/gotostatementshouldnotbeused_shared/test.c new file mode 100644 index 0000000000..4ecc1789c7 --- /dev/null +++ b/c/common/test/rules/gotostatementshouldnotbeused_shared/test.c @@ -0,0 +1,11 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. +void test_goto() { + int x = 1; + + goto label1; // NON_COMPLIANT + +label1: + + x = 2; +} \ No newline at end of file diff --git a/c/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.expected b/c/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.expected index c52544450f..9270a5ac15 100644 --- a/c/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.expected +++ b/c/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.expected @@ -1,6 +1,6 @@ -| test.c:19:14:19:19 | tmpvar | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.c:11:12:11:17 | call to getenv | call to getenv | test.c:15:13:15:18 | call to getenv | call to getenv | -| test.c:132:14:132:17 | temp | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.c:128:12:128:17 | call to getenv | call to getenv | test.c:129:11:129:16 | call to getenv | call to getenv | -| test.c:132:20:132:22 | tmp | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.c:129:11:129:16 | call to getenv | call to getenv | test.c:128:12:128:17 | call to getenv | call to getenv | -| test.c:163:14:163:26 | tmpvar_global | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.c:155:19:155:24 | call to getenv | call to getenv | test.c:159:20:159:25 | call to getenv | call to getenv | -| test.c:186:18:186:18 | r | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.c:183:7:183:15 | call to setlocale | call to setlocale | test.c:185:8:185:17 | call to localeconv | call to localeconv | -| test.c:206:10:206:15 | tmpvar | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.c:200:12:200:17 | call to getenv | call to getenv | test.c:204:3:204:8 | call to f11fun | call to f11fun | +| test.c:21:14:21:19 | tmpvar | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.c:13:12:13:17 | call to getenv | call to getenv | test.c:17:13:17:18 | call to getenv | call to getenv | +| test.c:134:14:134:17 | temp | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.c:130:12:130:17 | call to getenv | call to getenv | test.c:131:11:131:16 | call to getenv | call to getenv | +| test.c:134:20:134:22 | tmp | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.c:131:11:131:16 | call to getenv | call to getenv | test.c:130:12:130:17 | call to getenv | call to getenv | +| test.c:165:14:165:26 | tmpvar_global | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.c:157:19:157:24 | call to getenv | call to getenv | test.c:161:20:161:25 | call to getenv | call to getenv | +| test.c:188:18:188:18 | r | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.c:185:7:185:15 | call to setlocale | call to setlocale | test.c:187:8:187:17 | call to localeconv | call to localeconv | +| test.c:208:10:208:15 | tmpvar | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.c:202:12:202:17 | call to getenv | call to getenv | test.c:206:3:206:8 | call to f11fun | call to f11fun | diff --git a/c/common/test/rules/invalidatedenvstringpointers/test.c b/c/common/test/rules/invalidatedenvstringpointers/test.c index 59c9593d21..183a4891c1 100644 --- a/c/common/test/rules/invalidatedenvstringpointers/test.c +++ b/c/common/test/rules/invalidatedenvstringpointers/test.c @@ -1,3 +1,5 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. #include #include #include diff --git a/c/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.expected b/c/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.expected index 556a3fe4a8..628a4f99d6 100644 --- a/c/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.expected +++ b/c/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.expected @@ -1,2 +1,2 @@ -| test.c:13:19:13:24 | call to getenv | The value of variable $@ might become invalid after a subsequent call to function `getenv`. | test.c:10:7:10:19 | tmpvar_global | tmpvar_global | -| test.c:16:20:16:25 | call to getenv | The value of variable $@ might become invalid after a subsequent call to function `getenv`. | test.c:7:9:7:20 | tmpvar_field | tmpvar_field | +| test.c:15:19:15:24 | call to getenv | The value of variable $@ might become invalid after a subsequent call to function `getenv`. | test.c:12:7:12:19 | tmpvar_global | tmpvar_global | +| test.c:18:20:18:25 | call to getenv | The value of variable $@ might become invalid after a subsequent call to function `getenv`. | test.c:9:9:9:20 | tmpvar_field | tmpvar_field | diff --git a/c/common/test/rules/invalidatedenvstringpointerswarn/test.c b/c/common/test/rules/invalidatedenvstringpointerswarn/test.c index 2b678df6ac..6d4cec1d8d 100644 --- a/c/common/test/rules/invalidatedenvstringpointerswarn/test.c +++ b/c/common/test/rules/invalidatedenvstringpointerswarn/test.c @@ -1,3 +1,5 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. #include #include #include diff --git a/c/common/test/rules/lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.expected b/c/common/test/rules/lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.expected new file mode 100644 index 0000000000..a381fdb7e8 --- /dev/null +++ b/c/common/test/rules/lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.expected @@ -0,0 +1,16 @@ +| test.c:5:10:5:11 | 0 | Lowercase 'l' used as a literal suffix. | +| test.c:6:10:6:12 | 0 | Lowercase 'l' used as a literal suffix. | +| test.c:9:10:9:12 | 0 | Lowercase 'l' used as a literal suffix. | +| test.c:10:10:10:12 | 0 | Lowercase 'l' used as a literal suffix. | +| test.c:15:11:15:12 | 0 | Lowercase 'l' used as a literal suffix. | +| test.c:16:11:16:13 | 0 | Lowercase 'l' used as a literal suffix. | +| test.c:19:11:19:13 | 0 | Lowercase 'l' used as a literal suffix. | +| test.c:20:11:20:13 | 0 | Lowercase 'l' used as a literal suffix. | +| test.c:25:10:25:14 | 1 | Lowercase 'l' used as a literal suffix. | +| test.c:26:10:26:15 | 1 | Lowercase 'l' used as a literal suffix. | +| test.c:29:10:29:15 | 1 | Lowercase 'l' used as a literal suffix. | +| test.c:30:10:30:15 | 1 | Lowercase 'l' used as a literal suffix. | +| test.c:35:11:35:14 | 1 | Lowercase 'l' used as a literal suffix. | +| test.c:36:11:36:15 | 1 | Lowercase 'l' used as a literal suffix. | +| test.c:39:11:39:15 | 1 | Lowercase 'l' used as a literal suffix. | +| test.c:40:11:40:15 | 1 | Lowercase 'l' used as a literal suffix. | diff --git a/c/common/test/rules/lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.ql b/c/common/test/rules/lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.ql new file mode 100644 index 0000000000..8d7d9f0be8 --- /dev/null +++ b/c/common/test/rules/lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.lowercaselstartsinliteralsuffix_shared.LowercaseLStartsInLiteralSuffix_shared + +class TestFileQuery extends LowercaseLStartsInLiteralSuffix_sharedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/lowercaselstartsinliteralsuffix_shared/test.c b/c/common/test/rules/lowercaselstartsinliteralsuffix_shared/test.c new file mode 100644 index 0000000000..549e90bd7d --- /dev/null +++ b/c/common/test/rules/lowercaselstartsinliteralsuffix_shared/test.c @@ -0,0 +1,46 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. +// int x = false; // COMPLIANT - reported as C++ FP in #319 +int a1 = 0L; // COMPLIANT +int a2 = 0l; // NON_COMPLIANT +int a3 = 0ll; // NON_COMPLIANT +int a4 = 0LL; // COMPLIANT +int a5 = 0uL; // COMPLIANT +int a6 = 0ul; // NON_COMPLIANT +int a7 = 0lu; // NON_COMPLIANT +int a8 = 0Lu; // COMPLIANT +int a9 = 0LU; // COMPLIANT + +long b1 = 0L; // COMPLIANT +long b2 = 0l; // NON_COMPLIANT +long b3 = 0ll; // NON_COMPLIANT +long b4 = 0LL; // COMPLIANT +long b5 = 0uL; // COMPLIANT +long b6 = 0ul; // NON_COMPLIANT +long b7 = 0lu; // NON_COMPLIANT +long b8 = 0Lu; // COMPLIANT +long b9 = 0LU; // COMPLIANT + +int c1 = 0x01L; // COMPLIANT +int c2 = 0x01l; // NON_COMPLIANT +int c3 = 0x01ll; // NON_COMPLIANT +int c4 = 0x01LL; // COMPLIANT +int c5 = 0x01uL; // COMPLIANT +int c6 = 0x01ul; // NON_COMPLIANT +int c7 = 0x01lu; // NON_COMPLIANT +int c8 = 0x01Lu; // COMPLIANT +int c9 = 0x01LU; // COMPLIANT + +long d1 = 001L; // COMPLIANT +long d2 = 001l; // NON_COMPLIANT +long d3 = 001ll; // NON_COMPLIANT +long d4 = 001LL; // COMPLIANT +long d5 = 001uL; // COMPLIANT +long d6 = 001ul; // NON_COMPLIANT +long d7 = 001lu; // NON_COMPLIANT +long d8 = 001Lu; // COMPLIANT +long d9 = 001LU; // COMPLIANT + +char *e1 = ""; +char *e2 = "ul"; +char *e3 = "UL"; \ No newline at end of file diff --git a/c/common/test/rules/macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.expected b/c/common/test/rules/macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.expected new file mode 100644 index 0000000000..715bbe781d --- /dev/null +++ b/c/common/test/rules/macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.expected @@ -0,0 +1 @@ +| test.c:27:1:27:29 | #define MACROTHIRTEEN(X) #X ## X | Macro definition uses an # operator followed by a ## operator. | diff --git a/c/common/test/rules/macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.ql b/c/common/test/rules/macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.ql new file mode 100644 index 0000000000..8c3dd270d0 --- /dev/null +++ b/c/common/test/rules/macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.macroparameterfollowinghash_shared.MacroParameterFollowingHash_shared + +class TestFileQuery extends MacroParameterFollowingHash_sharedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/macroparameterfollowinghash_shared/test.c b/c/common/test/rules/macroparameterfollowinghash_shared/test.c new file mode 100644 index 0000000000..d998ce8106 --- /dev/null +++ b/c/common/test/rules/macroparameterfollowinghash_shared/test.c @@ -0,0 +1,29 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. +#define MACROONE 1 // COMPLIANT + +#define MACROTWO '#\'-#' + '#' // COMPLIANT + +#define MACROTHREE "##" // COMPLIANT + +#define MACROFOUR "##" + "#" // COMPLIANT + +#define MACROFIVE(X) #X // COMPLIANT + +#define MACROSIX(X, Y) X##Y // COMPLIANT + +#define MACROSEVEN "##'" #"#" // COMPLIANT + +#define MACROEIGHT '##' #"#" // COMPLIANT + +#define MACRONINE "##\"\"" + "#" // COMPLIANT + +#define MACROTEN "##\"\"'" + "#" // COMPLIANT + +#define MACROELEVEN(X) X #X #X // COMPLIANT + +#define MACROTWELVE(X) X##X##X // COMPLIANT + +#define MACROTHIRTEEN(X) #X##X // NON_COMPLIANT + +#define MACROFOURTEEN '#\'-#' + 1 #1 #1 + '#' // COMPLIANT \ No newline at end of file diff --git a/c/common/test/rules/memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.expected b/c/common/test/rules/memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.expected new file mode 100644 index 0000000000..4ea36edc69 --- /dev/null +++ b/c/common/test/rules/memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.expected @@ -0,0 +1,6 @@ +| test.c:8:12:8:18 | ... + ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:8:12:8:13 | l1 | side effect | test.c:8:17:8:18 | l1 | side effect | test.c:8:12:8:13 | l1 | l1 | test.c:8:17:8:18 | l1 | l1 | +| test.c:9:12:9:18 | ... + ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:9:12:9:13 | l1 | side effect | test.c:9:17:9:18 | l2 | side effect | test.c:9:12:9:13 | l1 | l1 | test.c:9:17:9:18 | l2 | l2 | +| test.c:19:3:19:21 | ... = ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:19:8:19:9 | l1 | side effect | test.c:19:13:19:14 | l1 | side effect | test.c:19:8:19:9 | l1 | l1 | test.c:19:13:19:14 | l1 | l1 | +| test.c:21:3:21:5 | call to foo | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:21:7:21:8 | l1 | side effect | test.c:21:11:21:12 | l2 | side effect | test.c:21:7:21:8 | l1 | l1 | test.c:21:11:21:12 | l2 | l2 | +| test.c:27:3:27:5 | call to foo | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:27:7:27:10 | ... ++ | side effect | test.c:27:13:27:14 | l8 | read | test.c:27:7:27:8 | l8 | l8 | test.c:27:13:27:14 | l8 | l8 | +| test.c:37:5:37:13 | ... = ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:37:10:37:12 | ... ++ | side effect | test.c:37:10:37:12 | ... ++ | side effect | test.c:37:10:37:10 | i | i | test.c:37:10:37:10 | i | i | diff --git a/c/common/test/rules/memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.ql b/c/common/test/rules/memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.ql new file mode 100644 index 0000000000..e49f82c8fd --- /dev/null +++ b/c/common/test/rules/memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.ql @@ -0,0 +1,5 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.memoryoperationsnotsequencedappropriately_shared.MemoryOperationsNotSequencedAppropriately_shared + +class TestFileQuery extends MemoryOperationsNotSequencedAppropriately_sharedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/memoryoperationsnotsequencedappropriately_shared/test.c b/c/common/test/rules/memoryoperationsnotsequencedappropriately_shared/test.c new file mode 100644 index 0000000000..ac04ce01d1 --- /dev/null +++ b/c/common/test/rules/memoryoperationsnotsequencedappropriately_shared/test.c @@ -0,0 +1,39 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. +void foo(int, int); + +void unsequenced_sideeffects1() { + volatile int l1, l2; + + int l3 = l1 + l1; // NON_COMPLIANT + int l4 = l1 + l2; // NON_COMPLIANT + + // Store value of volatile object in temporary non-volatile object. + int l5 = l1; + // Store value of volatile object in temporary non-volatile object. + int l6 = l2; + int l7 = l5 + l6; // COMPLIANT + + int l8, l9; + l1 = l1 & 0x80; // COMPLIANT + l8 = l1 = l1 & 0x80; // NON_COMPLIANT + + foo(l1, l2); // NON_COMPLIANT + // Store value of volatile object in temporary non-volatile object. + l8 = l1; + // Store value of volatile object in temporary non-volatile object. + l9 = l2; + foo(l8, l9); // COMPLIANT + foo(l8++, l8); // NON_COMPLIANT + + int l10 = l8++, l11 = l8++; // COMPLIANT +} + +int g1[10], g2[10]; +#define test(i) (g1[i] = g2[i]) +void unsequenced_sideeffects2() { + int i; + for (i = 0; i < 10; i++) { + test(i++); // NON_COMPLIANT + } +} \ No newline at end of file diff --git a/c/common/test/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.expected b/c/common/test/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.expected new file mode 100644 index 0000000000..7a6b7c33a5 --- /dev/null +++ b/c/common/test/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.expected @@ -0,0 +1,5 @@ +| test.c:6:7:6:8 | x1 | A named bit-field with signed integral type should have at least 2 bits of storage. | +| test.c:9:14:9:15 | x2 | A named bit-field with signed integral type should have at least 2 bits of storage. | +| test.c:11:7:11:8 | x3 | A named bit-field with signed integral type should have at least 2 bits of storage. | +| test.c:13:7:13:8 | x4 | A named bit-field with signed integral type should have at least 2 bits of storage. | +| test.c:22:14:22:14 | x | A named bit-field with signed integral type should have at least 2 bits of storage. | diff --git a/c/common/test/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.ql b/c/common/test/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.ql new file mode 100644 index 0000000000..09b98ff226 --- /dev/null +++ b/c/common/test/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.namedbitfieldswithsignedintegertype_shared.NamedBitFieldsWithSignedIntegerType_shared + +class TestFileQuery extends NamedBitFieldsWithSignedIntegerType_sharedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/namedbitfieldswithsignedintegertype_shared/test.c b/c/common/test/rules/namedbitfieldswithsignedintegertype_shared/test.c new file mode 100644 index 0000000000..8fae6812fe --- /dev/null +++ b/c/common/test/rules/namedbitfieldswithsignedintegertype_shared/test.c @@ -0,0 +1,28 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. +#include + +struct SampleStruct { + int x1 : 1; // NON_COMPLIANT: very likely be signed, but if it's not, the + // query will automatically handle it since we use signed(), not + // isExplicitlySigned(). + signed int x2 : 1; // NON_COMPLIANT: single-bit named field with a signed type + signed char + x3 : 1; // NON_COMPLIANT: single-bit named field with a signed type + signed short + x4 : 1; // NON_COMPLIANT: single-bit named field with a signed type + unsigned int + x5 : 1; // COMPLIANT: single-bit named field but with an unsigned type + signed int x6 : 2; // COMPLIANT: named field with a signed type but declared + // to carry more than 1 bit + signed char : 1; // COMPLIANT: single-bit bit-field but unnamed +} sample_struct; + +struct S { + signed int x : 1; // NON-COMPLIANT + signed int y : 5; // COMPLIANT + signed int z : 7; // COMPLIANT + signed int : 0; // COMPLIANT + signed int : 1; // COMPLIANT + signed int : 2; // COMPLIANT +}; \ No newline at end of file diff --git a/c/common/test/rules/nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.expected b/c/common/test/rules/nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.expected new file mode 100644 index 0000000000..26401472ac --- /dev/null +++ b/c/common/test/rules/nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.expected @@ -0,0 +1,21 @@ +| test.c:37:18:37:24 | \u001aG | Invalid hexadecimal escape in string literal at '\\x1AG"'. | +| test.c:40:18:40:23 | \u00029 | Invalid octal escape in string literal at '\\029"'. | +| test.c:43:18:43:24 | \n7 | Invalid octal escape in string literal at '\\0127"'. | +| test.c:44:18:44:24 | \r7 | Invalid octal escape in string literal at '\\0157"'. | +| test.c:46:19:46:29 | \n\n9 | Invalid octal escape in string literal at '\\0129"'. | +| test.c:47:19:47:28 | \n\u00019 | Invalid octal escape in string literal at '\\019"'. | +| test.c:50:19:50:31 | \nAAA\u000f | Invalid octal escape in string literal at '\\012AAA\\017"'. | +| test.c:53:19:53:39 | Some Data \n\u000fA | Invalid octal escape in string literal at '\\017A"'. | +| test.c:54:19:55:21 | Some Data \n\u000fA5 | Invalid octal escape in string literal at '\\017A"\n "5"'. | +| test.c:56:19:58:25 | Some Data \n\u000fA\n1 | Invalid octal escape in string literal at '\\0121"'. | +| test.c:62:19:63:26 | \u0011G\u00012 | Invalid octal escape in string literal at '\\0012"'. | +| test.c:64:19:65:25 | \u0011GG\u0001 | Invalid hexadecimal escape in string literal at '\\x11G"\n "G\\001"'. | +| test.c:66:19:67:26 | \u0011GG\u00013 | Invalid hexadecimal escape in string literal at '\\x11G"\n "G\\0013"'. | +| test.c:66:19:67:26 | \u0011GG\u00013 | Invalid octal escape in string literal at '\\0013"'. | +| test.c:73:18:73:42 | Some Data \n\u000fA5 | Invalid octal escape in string literal at '\\017A" "5"'. | +| test.c:74:18:74:49 | Some Data \n\u000fA\n1 | Invalid octal escape in string literal at '\\0121"'. | +| test.c:76:18:76:32 | \u0011G\u00012 | Invalid octal escape in string literal at '\\0012"'. | +| test.c:77:18:77:32 | \u0011GG\u0001 | Invalid hexadecimal escape in string literal at '\\x11G" "G\\001"'. | +| test.c:78:18:78:33 | \u0011GG\u00013 | Invalid hexadecimal escape in string literal at '\\x11G" "G\\0013"'. | +| test.c:78:18:78:33 | \u0011GG\u00013 | Invalid octal escape in string literal at '\\0013"'. | +| test.c:81:11:81:16 | 10 | Invalid hexadecimal escape in string literal at '\\x0a''. | diff --git a/c/common/test/rules/nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.ql b/c/common/test/rules/nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.ql new file mode 100644 index 0000000000..6cbb2220bb --- /dev/null +++ b/c/common/test/rules/nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.nonterminatedescapesequences_shared.NonTerminatedEscapeSequences_shared + +class TestFileQuery extends NonTerminatedEscapeSequences_sharedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/nonterminatedescapesequences_shared/test.c b/c/common/test/rules/nonterminatedescapesequences_shared/test.c new file mode 100644 index 0000000000..67c6e3d5a3 --- /dev/null +++ b/c/common/test/rules/nonterminatedescapesequences_shared/test.c @@ -0,0 +1,81 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. +#include + +struct SampleStruct { + int x1 : 1; // NON_COMPLIANT: very likely be signed, but if it's not, the + // query will automatically handle it since we use signed(), not + // isExplicitlySigned(). + signed int x2 : 1; // NON_COMPLIANT: single-bit named field with a signed type + signed char + x3 : 1; // NON_COMPLIANT: single-bit named field with a signed type + signed short + x4 : 1; // NON_COMPLIANT: single-bit named field with a signed type + unsigned int + x5 : 1; // COMPLIANT: single-bit named field but with an unsigned type + signed int x6 : 2; // COMPLIANT: named field with a signed type but declared + // to carry more than 1 bit + signed char : 1; // COMPLIANT: single-bit bit-field but unnamed +} sample_struct; + +struct S { + signed int x : 1; // NON-COMPLIANT + signed int y : 5; // COMPLIANT + signed int z : 7; // COMPLIANT + signed int : 0; // COMPLIANT + signed int : 1; // COMPLIANT + signed int : 2; // COMPLIANT +}; +const char *a1 = "\x11" + "G"; // COMPLIANT + +const char *a2 = "\x1" + "G"; // COMPLIANT + +const char *a3 = "\x1A"; // COMPLIANT + +const char *a4 = "\x1AG"; // NON_COMPLIANT + +const char *a5 = "\021"; // COMPLIANT +const char *a6 = "\029"; // NON_COMPLIANT +const char *a7 = "\0" + "0"; // COMPLIANT +const char *a8 = "\0127"; // NON_COMPLIANT +const char *a9 = "\0157"; // NON_COMPLIANT + +const char *a10 = "\012\0129"; // NON_COMPLIANT (1x) +const char *a11 = "\012\019"; // NON_COMPLIANT +const char *a12 = "\012\017"; // COMPLIANT + +const char *a13 = "\012AAA\017"; // NON_COMPLIANT (1x) + +const char *a14 = "Some Data \012\017"; // COMPLIANT +const char *a15 = "Some Data \012\017A"; // NON_COMPLIANT (1x) +const char *a16 = "Some Data \012\017A" + "5"; // NON_COMPLIANT (1x) +const char *a17 = "Some Data \012\017" + "A" + "\0121"; // NON_COMPLIANT (1x) + +const char *a18 = "\x11" + "G\001"; // COMPLIANT +const char *a19 = "\x11" + "G\0012"; // NON_COMPLIANT (1x) +const char *a20 = "\x11G" + "G\001"; // NON_COMPLIANT (1x) +const char *a21 = "\x11G" + "G\0013"; // NON_COMPLIANT (2x) + +// clang-format off +const char *b1 = "\x11" "G"; // COMPLIANT +const char *b2 = "\x1" "G"; // COMPLIANT +const char *b3 = "\0" "0"; // COMPLIANT +const char *b4 = "Some Data \012\017A" "5"; // NON_COMPLIANT (1x) +const char *b5 = "Some Data \012\017" "A" "\0121"; // NON_COMPLIANT (1x) +const char *b6 = "\x11" "G\001"; // COMPLIANT +const char *b7 = "\x11" "G\0012"; // NON_COMPLIANT (1x) +const char *b8 = "\x11G" "G\001"; // NON_COMPLIANT (1x) +const char *b9 = "\x11G" "G\0013"; // NON_COMPLIANT (2x) + +char c1 = '\023'; // COMPLIANT +char c2 = '\x0a'; // COMPLIANT diff --git a/c/common/test/rules/nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.expected b/c/common/test/rules/nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.expected new file mode 100644 index 0000000000..65e57e3575 --- /dev/null +++ b/c/common/test/rules/nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.expected @@ -0,0 +1 @@ +| test.c:5:19:5:20 | c4 | Nonunique value of enum constant compared to $@ | test.c:5:23:5:24 | c5 | c5 | diff --git a/c/common/test/rules/nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.ql b/c/common/test/rules/nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.ql new file mode 100644 index 0000000000..f01ef52853 --- /dev/null +++ b/c/common/test/rules/nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.nonuniqueenumerationconstant_shared.NonUniqueEnumerationConstant_shared + +class TestFileQuery extends NonUniqueEnumerationConstant_sharedSharedQuery, TestQuery { } diff --git a/c/misra/test/rules/RULE-8-12/test.c b/c/common/test/rules/nonuniqueenumerationconstant_shared/test.c similarity index 62% rename from c/misra/test/rules/RULE-8-12/test.c rename to c/common/test/rules/nonuniqueenumerationconstant_shared/test.c index 349bb7867c..0712cb59e4 100644 --- a/c/misra/test/rules/RULE-8-12/test.c +++ b/c/common/test/rules/nonuniqueenumerationconstant_shared/test.c @@ -1,3 +1,5 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. enum e { c = 3 }; // COMPLIANT enum e1 { c1 = 3, c2 }; // COMPLIANT enum e3 { c3 = 3, c4, c5 = 4 }; // NON_COMPLIANT diff --git a/c/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.expected b/c/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.expected new file mode 100644 index 0000000000..c0a8359320 --- /dev/null +++ b/c/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.expected @@ -0,0 +1,3 @@ +| test.c:9:7:9:12 | ... = ... | Use of an assignment operator's result. | +| test.c:13:11:13:16 | ... = ... | Use of an assignment operator's result. | +| test.c:15:8:15:13 | ... = ... | Use of an assignment operator's result. | diff --git a/c/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql b/c/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql new file mode 100644 index 0000000000..e4928beb62 --- /dev/null +++ b/c/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql @@ -0,0 +1,5 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.resultofanassignmentoperatorshouldnotbeused_shared.ResultOfAnAssignmentOperatorShouldNotBeUsed_shared + +class TestFileQuery extends ResultOfAnAssignmentOperatorShouldNotBeUsed_sharedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/test.c b/c/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/test.c new file mode 100644 index 0000000000..db0a45384e --- /dev/null +++ b/c/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/test.c @@ -0,0 +1,16 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. +void test() { + int l1, l2; + int l3[1]; + + l1 = l2; // COMPLIANT + + if (l1 = 1) // NON_COMPLIANT + { + } + + l1 = l3[l2 = 0]; // NON_COMPLIANT + + l1 = l2 = 0; // NON_COMPLIANT +} diff --git a/c/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.expected b/c/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.expected new file mode 100644 index 0000000000..33ec8d6995 --- /dev/null +++ b/c/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.expected @@ -0,0 +1,4 @@ +| test.c:7:3:7:9 | ... + ... | Operation + of type unsigned int may wrap. | +| test.c:8:3:8:10 | ... += ... | Operation += of type unsigned int may wrap. | +| test.c:61:3:61:9 | ... - ... | Operation - of type unsigned int may wrap. | +| test.c:62:3:62:10 | ... -= ... | Operation -= of type unsigned int may wrap. | diff --git a/c/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.ql b/c/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.ql new file mode 100644 index 0000000000..24780bcc5d --- /dev/null +++ b/c/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.ql @@ -0,0 +1,5 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.unsignedoperationwithconstantoperandswraps_shared.UnsignedOperationWithConstantOperandsWraps_shared + +class TestFileQuery extends UnsignedOperationWithConstantOperandsWraps_sharedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/test.c b/c/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/test.c new file mode 100644 index 0000000000..214b18a44f --- /dev/null +++ b/c/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/test.c @@ -0,0 +1,83 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. + +#include + +void test_add_simple(unsigned int i1, unsigned int i2) { + i1 + i2; // NON_COMPLIANT - not bounds checked + i1 += i2; // NON_COMPLIANT - not bounds checked +} + +void test_add_precheck(unsigned int i1, unsigned int i2) { + if (UINT_MAX - i1 < i2) { + // handle error + } else { + i1 + i2; // COMPLIANT - bounds checked + i1 += i2; // COMPLIANT - bounds checked + } +} + +void test_add_precheck_2(unsigned int i1, unsigned int i2) { + if (i1 + i2 < i1) { + // handle error + } else { + i1 + i2; // COMPLIANT - bounds checked + i1 += i2; // COMPLIANT - bounds checked + } +} + +void test_add_postcheck(unsigned int i1, unsigned int i2) { + unsigned int i3 = i1 + i2; // COMPLIANT - checked for overflow afterwards + if (i3 < i1) { + // handle error + } + i1 += i2; // COMPLIANT - checked for overflow afterwards + if (i1 < i2) { + // handle error + } +} + +void test_ex2(unsigned int i1, unsigned int i2) { + unsigned int ci1 = 2; + unsigned int ci2 = 3; + ci1 + ci2; // COMPLIANT, compile time constants + i1 + 0; // COMPLIANT + i1 += 0; // COMPLIANT + i1 - 0; // COMPLIANT + i1 -= 0; // COMPLIANT + UINT_MAX - i1; // COMPLIANT - cannot be smaller than 0 + i1 * 1; // COMPLIANT + i1 *= 1; // COMPLIANT + if (0 <= i1 && i1 < 32) { + UINT_MAX >> i1; // COMPLIANT + } +} + +void test_ex3(unsigned int i1, unsigned int i2) { + i1 << i2; // COMPLIANT - by EX3 +} + +void test_sub_simple(unsigned int i1, unsigned int i2) { + i1 - i2; // NON_COMPLIANT - not bounds checked + i1 -= i2; // NON_COMPLIANT - not bounds checked +} + +void test_sub_precheck(unsigned int i1, unsigned int i2) { + if (i1 < i2) { + // handle error + } else { + i1 - i2; // COMPLIANT - bounds checked + i1 -= i2; // COMPLIANT - bounds checked + } +} + +void test_sub_postcheck(unsigned int i1, unsigned int i2) { + unsigned int i3 = i1 - i2; // COMPLIANT - checked for wrap afterwards + if (i3 > i1) { + // handle error + } + i1 -= i2; // COMPLIANT - checked for wrap afterwards + if (i1 > i2) { + // handle error + } +} \ No newline at end of file diff --git a/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql b/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql index e53294fba5..64a62e495e 100644 --- a/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql +++ b/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql @@ -15,22 +15,10 @@ import cpp import codingstandards.c.misra -import codingstandards.c.IrreplaceableFunctionLikeMacro +import codingstandards.cpp.rules.functionlikemacrosdefined_shared.FunctionLikeMacrosDefined_shared -predicate partOfConstantExpr(MacroInvocation i) { - exists(Expr e | - e.isConstant() and - not i.getExpr() = e and - i.getExpr().getParent+() = e - ) +class FunctionOverFunctionLikeMacroQuery extends FunctionLikeMacrosDefined_sharedSharedQuery { + FunctionOverFunctionLikeMacroQuery() { + this = Preprocessor6Package::functionOverFunctionLikeMacroQuery() + } } - -from FunctionLikeMacro m -where - not isExcluded(m, Preprocessor6Package::functionOverFunctionLikeMacroQuery()) and - not m instanceof IrreplaceableFunctionLikeMacro and - //macros can have empty body - not m.getBody().length() = 0 and - //function call not allowed in a constant expression (where constant expr is parent) - forall(MacroInvocation i | i = m.getAnInvocation() | not partOfConstantExpr(i)) -select m, "Macro used instead of a function." diff --git a/c/misra/src/rules/RULE-12-1/ImplicitPrecedenceOfOperatorsInExpression.ql b/c/misra/src/rules/RULE-12-1/ImplicitPrecedenceOfOperatorsInExpression.ql index 005fffa32d..7e9362d62a 100644 --- a/c/misra/src/rules/RULE-12-1/ImplicitPrecedenceOfOperatorsInExpression.ql +++ b/c/misra/src/rules/RULE-12-1/ImplicitPrecedenceOfOperatorsInExpression.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.c.misra -import codingstandards.c.Expr +import codingstandards.cpp.CExpr int getPrecedence(Expr e) { e instanceof PrimaryExpr and result = 16 diff --git a/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql b/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql index c1ac4d4b40..ec002e172f 100644 --- a/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql +++ b/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql @@ -13,237 +13,10 @@ import cpp import codingstandards.c.misra -import codingstandards.c.Expr -import codingstandards.c.SideEffects -import codingstandards.c.Ordering +import codingstandards.cpp.rules.memoryoperationsnotsequencedappropriately_shared.MemoryOperationsNotSequencedAppropriately_shared -class VariableEffectOrAccess extends Expr { - VariableEffectOrAccess() { - this instanceof VariableEffect or - this instanceof VariableAccess +class UnsequencedSideEffectsQuery extends MemoryOperationsNotSequencedAppropriately_sharedSharedQuery { + UnsequencedSideEffectsQuery() { + this = SideEffects3Package::unsequencedSideEffectsQuery() } } - -pragma[noinline] -predicate partOfFullExpr(VariableEffectOrAccess e, FullExpr fe) { - ( - exists(VariableEffect ve | e = ve and ve.getAnAccess() = fe.getAChild+() and not ve.isPartial()) - or - e.(VariableAccess) = fe.getAChild+() - ) -} - -class ConstituentExprOrdering extends Ordering::Configuration { - ConstituentExprOrdering() { this = "ConstituentExprOrdering" } - - override predicate isCandidate(Expr e1, Expr e2) { - exists(FullExpr fe | - partOfFullExpr(e1, fe) and - partOfFullExpr(e2, fe) - ) - } -} - -predicate sameFullExpr(FullExpr fe, VariableAccess va1, VariableAccess va2) { - partOfFullExpr(va1, fe) and - partOfFullExpr(va2, fe) and - va1 != va2 and - exists(Variable v1, Variable v2 | - // Use `pragma[only_bind_into]` to prevent CP between variable accesses. - va1.getTarget() = pragma[only_bind_into](v1) and va2.getTarget() = pragma[only_bind_into](v2) - | - v1.isVolatile() and v2.isVolatile() - or - not (v1.isVolatile() and v2.isVolatile()) and - v1 = v2 - ) -} - -int getLeafCount(LeftRightOperation bop) { - if - not bop.getLeftOperand() instanceof BinaryOperation and - not bop.getRightOperand() instanceof BinaryOperation - then result = 2 - else - if - bop.getLeftOperand() instanceof BinaryOperation and - not bop.getRightOperand() instanceof BinaryOperation - then result = 1 + getLeafCount(bop.getLeftOperand()) - else - if - not bop.getLeftOperand() instanceof BinaryOperation and - bop.getRightOperand() instanceof BinaryOperation - then result = 1 + getLeafCount(bop.getRightOperand()) - else result = getLeafCount(bop.getLeftOperand()) + getLeafCount(bop.getRightOperand()) -} - -class LeftRightOperation extends Expr { - LeftRightOperation() { - this instanceof BinaryOperation or - this instanceof AssignOperation or - this instanceof AssignExpr - } - - Expr getLeftOperand() { - result = this.(BinaryOperation).getLeftOperand() - or - result = this.(AssignOperation).getLValue() - or - result = this.(AssignExpr).getLValue() - } - - Expr getRightOperand() { - result = this.(BinaryOperation).getRightOperand() - or - result = this.(AssignOperation).getRValue() - or - result = this.(AssignExpr).getRValue() - } - - Expr getAnOperand() { - result = getLeftOperand() or - result = getRightOperand() - } -} - -int getOperandIndexIn(FullExpr fullExpr, Expr operand) { - result = getOperandIndex(fullExpr, operand) - or - fullExpr.(Call).getArgument(result).getAChild*() = operand -} - -int getOperandIndex(LeftRightOperation binop, Expr operand) { - if operand = binop.getAnOperand() - then - operand = binop.getLeftOperand() and - result = 0 - or - operand = binop.getRightOperand() and - result = getLeafCount(binop.getLeftOperand()) + 1 - or - operand = binop.getRightOperand() and - not binop.getLeftOperand() instanceof LeftRightOperation and - result = 1 - else ( - // Child of left operand that is a binary operation. - result = getOperandIndex(binop.getLeftOperand(), operand) - or - // Child of left operand that is not a binary operation. - result = 0 and - not binop.getLeftOperand() instanceof LeftRightOperation and - binop.getLeftOperand().getAChild+() = operand - or - // Child of right operand and both left and right operands are binary operations. - result = - getLeafCount(binop.getLeftOperand()) + getOperandIndex(binop.getRightOperand(), operand) - or - // Child of right operand and left operand is not a binary operation. - result = 1 + getOperandIndex(binop.getRightOperand(), operand) and - not binop.getLeftOperand() instanceof LeftRightOperation - or - // Child of right operand that is not a binary operation and the left operand is a binary operation. - result = getLeafCount(binop.getLeftOperand()) + 1 and - binop.getRightOperand().getAChild+() = operand and - not binop.getRightOperand() instanceof LeftRightOperation - or - // Child of right operand that is not a binary operation and the left operand is not a binary operation. - result = 1 and - not binop.getLeftOperand() instanceof LeftRightOperation and - not binop.getRightOperand() instanceof LeftRightOperation and - binop.getRightOperand().getAChild+() = operand - ) -} - -predicate inConditionalThen(ConditionalExpr ce, Expr e) { - e = ce.getThen() - or - exists(Expr parent | - inConditionalThen(ce, parent) and - parent.getAChild() = e - ) -} - -predicate inConditionalElse(ConditionalExpr ce, Expr e) { - e = ce.getElse() - or - exists(Expr parent | - inConditionalElse(ce, parent) and - parent.getAChild() = e - ) -} - -predicate isUnsequencedEffect( - ConstituentExprOrdering orderingConfig, FullExpr fullExpr, VariableEffect variableEffect1, - VariableAccess va1, VariableAccess va2, Locatable placeHolder, string label -) { - // The two access are scoped to the same full expression. - sameFullExpr(fullExpr, va1, va2) and - // We are only interested in effects that change an object, - // i.e., exclude patterns suchs as `b->data[b->cursor++]` where `b` is considered modified and read or `foo.bar = 1` where `=` modifies to both `foo` and `bar`. - not variableEffect1.isPartial() and - variableEffect1.getAnAccess() = va1 and - ( - exists(VariableEffect variableEffect2 | - not variableEffect2.isPartial() and - variableEffect2.getAnAccess() = va2 and - // If the effect is not local (happens in a different function) we use the call with the access as a proxy. - ( - va1.getEnclosingStmt() = variableEffect1.getEnclosingStmt() and - va2.getEnclosingStmt() = variableEffect2.getEnclosingStmt() and - orderingConfig.isUnsequenced(variableEffect1, variableEffect2) - or - va1.getEnclosingStmt() = variableEffect1.getEnclosingStmt() and - not va2.getEnclosingStmt() = variableEffect2.getEnclosingStmt() and - exists(Call call | - call.getAnArgument() = va2 and call.getEnclosingStmt() = va1.getEnclosingStmt() - | - orderingConfig.isUnsequenced(variableEffect1, call) - ) - or - not va1.getEnclosingStmt() = variableEffect1.getEnclosingStmt() and - va2.getEnclosingStmt() = variableEffect2.getEnclosingStmt() and - exists(Call call | - call.getAnArgument() = va1 and call.getEnclosingStmt() = va2.getEnclosingStmt() - | - orderingConfig.isUnsequenced(call, variableEffect2) - ) - ) and - // Break the symmetry of the ordering relation by requiring that the first expression is located before the second. - // This builds upon the assumption that the expressions are part of the same full expression as specified in the ordering configuration. - getOperandIndexIn(fullExpr, va1) < getOperandIndexIn(fullExpr, va2) and - placeHolder = variableEffect2 and - label = "side effect" - ) - or - placeHolder = va2 and - label = "read" and - not exists(VariableEffect variableEffect2 | variableEffect1 != variableEffect2 | - variableEffect2.getAnAccess() = va2 - ) and - ( - va1.getEnclosingStmt() = variableEffect1.getEnclosingStmt() and - orderingConfig.isUnsequenced(variableEffect1, va2) - or - not va1.getEnclosingStmt() = variableEffect1.getEnclosingStmt() and - exists(Call call | - call.getAnArgument() = va1 and call.getEnclosingStmt() = va2.getEnclosingStmt() - | - orderingConfig.isUnsequenced(call, va2) - ) - ) and - // The read is not used to compute the effect on the variable. - // E.g., exclude x = x + 1 - not variableEffect1.getAChild+() = va2 - ) and - // Both are evaluated - not exists(ConditionalExpr ce | inConditionalThen(ce, va1) and inConditionalElse(ce, va2)) -} - -from - ConstituentExprOrdering orderingConfig, FullExpr fullExpr, VariableEffect variableEffect1, - VariableAccess va1, VariableAccess va2, Locatable placeHolder, string label -where - not isExcluded(fullExpr, SideEffects3Package::unsequencedSideEffectsQuery()) and - isUnsequencedEffect(orderingConfig, fullExpr, variableEffect1, va1, va2, placeHolder, label) -select fullExpr, "The expression contains unsequenced $@ to $@ and $@ to $@.", variableEffect1, - "side effect", va1, va1.getTarget().getName(), placeHolder, label, va2, va2.getTarget().getName() diff --git a/c/misra/src/rules/RULE-13-3/SideEffectAndCrementInFullExpression.ql b/c/misra/src/rules/RULE-13-3/SideEffectAndCrementInFullExpression.ql index 3dd03120c8..c04b9a39ca 100644 --- a/c/misra/src/rules/RULE-13-3/SideEffectAndCrementInFullExpression.ql +++ b/c/misra/src/rules/RULE-13-3/SideEffectAndCrementInFullExpression.ql @@ -15,8 +15,8 @@ import cpp import codingstandards.c.misra -import codingstandards.c.Expr -import codingstandards.c.SideEffects +import codingstandards.cpp.CExpr +import codingstandards.cpp.SideEffects from FullExpr e, SideEffect se, CrementOperation op where diff --git a/c/misra/src/rules/RULE-13-4/ResultOfAnAssignmentOperatorShouldNotBeUsed.ql b/c/misra/src/rules/RULE-13-4/ResultOfAnAssignmentOperatorShouldNotBeUsed.ql index 6938f8e627..2582518d78 100644 --- a/c/misra/src/rules/RULE-13-4/ResultOfAnAssignmentOperatorShouldNotBeUsed.ql +++ b/c/misra/src/rules/RULE-13-4/ResultOfAnAssignmentOperatorShouldNotBeUsed.ql @@ -14,9 +14,10 @@ import cpp import codingstandards.c.misra +import codingstandards.cpp.rules.resultofanassignmentoperatorshouldnotbeused_shared.ResultOfAnAssignmentOperatorShouldNotBeUsed_shared -from AssignExpr e -where - not isExcluded(e, SideEffects1Package::resultOfAnAssignmentOperatorShouldNotBeUsedQuery()) and - not exists(ExprStmt s | s.getExpr() = e) -select e, "Use of an assignment operator's result." +class ResultOfAnAssignmentOperatorShouldNotBeUsedQuery extends ResultOfAnAssignmentOperatorShouldNotBeUsed_sharedSharedQuery { + ResultOfAnAssignmentOperatorShouldNotBeUsedQuery() { + this = SideEffects1Package::resultOfAnAssignmentOperatorShouldNotBeUsedQuery() + } +} diff --git a/c/misra/src/rules/RULE-15-1/GotoStatementUsed.ql b/c/misra/src/rules/RULE-15-1/GotoStatementUsed.ql index ddc85c305c..f8862713b0 100644 --- a/c/misra/src/rules/RULE-15-1/GotoStatementUsed.ql +++ b/c/misra/src/rules/RULE-15-1/GotoStatementUsed.ql @@ -13,9 +13,10 @@ import cpp import codingstandards.c.misra +import codingstandards.cpp.rules.gotostatementshouldnotbeused_shared.GotoStatementShouldNotBeUsed_shared -from Stmt s -where - not isExcluded(s, Statements6Package::gotoStatementUsedQuery()) and - (s instanceof GotoStmt or s instanceof ComputedGotoStmt) -select s, "Use of goto." +class GotoStatementUsedQuery extends GotoStatementShouldNotBeUsed_sharedSharedQuery { + GotoStatementUsedQuery() { + this = Statements6Package::gotoStatementUsedQuery() + } +} diff --git a/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql b/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql index aeb356b501..7151e367bc 100644 --- a/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql +++ b/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql @@ -14,49 +14,10 @@ import cpp import codingstandards.c.misra +import codingstandards.cpp.rules.gotoreferencealabelinsurroundingblock_shared.GotoReferenceALabelInSurroundingBlock_shared -predicate isPartOfSwitch(Stmt goto) { - exists(SwitchStmt switch | switch.getStmt() = goto.getParent()) +class GotoLabelBlockConditionQuery extends GotoReferenceALabelInSurroundingBlock_sharedSharedQuery { + GotoLabelBlockConditionQuery() { + this = Statements2Package::gotoLabelBlockConditionQuery() + } } - -SwitchCase getSwitchCase(Stmt stmt) { - exists(int index, SwitchStmt switch | - getStmtInSwitch(switch, stmt, index) and getStmtInSwitch(switch, result, index - 1) - ) - or - exists(int index, SwitchStmt switch, Stmt other | - getStmtInSwitch(switch, stmt, index) and - getStmtInSwitch(switch, other, index - 1) and - not other instanceof SwitchCase and - result = getSwitchCase(other) - ) -} - -predicate getStmtInSwitch(SwitchStmt switch, Stmt s, int index) { - switch.getStmt().(BlockStmt).getStmt(index) = s -} - -int statementDepth(Stmt statement) { - statement.getParent() = statement.getEnclosingFunction().getBlock() and result = 1 - or - statementDepth(statement.getParent()) + 1 = result -} - -from GotoStmt goto, Stmt target, int gotoDepth, int targetDepth -where - not isExcluded(goto, Statements2Package::gotoLabelBlockConditionQuery()) and - goto.getTarget() = target and - gotoDepth = statementDepth(goto) and - targetDepth = statementDepth(target) and - targetDepth >= gotoDepth and - ( - targetDepth = gotoDepth - implies - ( - not isPartOfSwitch(goto) and not goto.getParent() = target.getParent() - or - isPartOfSwitch(goto) and not getSwitchCase(goto) = getSwitchCase(target) - ) - ) -select goto, "The $@ statement and its $@ are not declared or enclosed in the same block.", goto, - "goto", target, "label" diff --git a/c/misra/src/rules/RULE-15-6/SelectionCompoundCondition.ql b/c/misra/src/rules/RULE-15-6/SelectionCompoundCondition.ql index 0c97b3ea5a..8f7b37f0d4 100644 --- a/c/misra/src/rules/RULE-15-6/SelectionCompoundCondition.ql +++ b/c/misra/src/rules/RULE-15-6/SelectionCompoundCondition.ql @@ -1,6 +1,6 @@ /** * @id c/misra/selection-compound-condition - * @name RULE-15-6: the statement forming the body of a loop shall be a compound statement + * @name RULE-15-6: the statement forming the body of a slection statement shall be a compound statement * @description if the body of a selection statement is not enclosed in braces, then this can lead * to incorrect execution, and is hard for developers to maintain. * @kind problem diff --git a/c/misra/src/rules/RULE-20-11/MoreThanOneHashOperatorInMacroDefinition.ql b/c/misra/src/rules/RULE-20-11/MoreThanOneHashOperatorInMacroDefinition.ql index 6ea7aa0a13..c951968506 100644 --- a/c/misra/src/rules/RULE-20-11/MoreThanOneHashOperatorInMacroDefinition.ql +++ b/c/misra/src/rules/RULE-20-11/MoreThanOneHashOperatorInMacroDefinition.ql @@ -13,14 +13,10 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.Macro +import codingstandards.cpp.rules.macroparameterfollowinghash_shared.MacroParameterFollowingHash_shared -from Macro m -where - not isExcluded(m, Preprocessor2Package::moreThanOneHashOperatorInMacroDefinitionQuery()) and - exists(StringizingOperator one, TokenPastingOperator two | - one.getMacro() = m and - two.getMacro() = m and - one.getOffset() < two.getOffset() - ) -select m, "Macro definition uses an # operator followed by a ## operator." +class MoreThanOneHashOperatorInMacroDefinitionQuery extends MacroParameterFollowingHash_sharedSharedQuery { + MoreThanOneHashOperatorInMacroDefinitionQuery() { + this = Preprocessor2Package::moreThanOneHashOperatorInMacroDefinitionQuery() + } +} diff --git a/c/misra/src/rules/RULE-20-12/MacroParameterUsedAsHashOperand.ql b/c/misra/src/rules/RULE-20-12/MacroParameterUsedAsHashOperand.ql index 6a66afb74b..3730a65ecd 100644 --- a/c/misra/src/rules/RULE-20-12/MacroParameterUsedAsHashOperand.ql +++ b/c/misra/src/rules/RULE-20-12/MacroParameterUsedAsHashOperand.ql @@ -15,22 +15,10 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.Macro +import codingstandards.cpp.rules.amixedusemacroargumentsubjecttoexpansion_shared.AMixedUseMacroArgumentSubjectToExpansion_shared -from FunctionLikeMacro m, MacroInvocation mi, int i, string expanded, string param -where - not isExcluded(mi, Preprocessor2Package::macroParameterUsedAsHashOperandQuery()) and - mi = m.getAnInvocation() and - param = m.getParameter(i) and - ( - exists(TokenPastingOperator op | op.getMacro() = m and op.getOperand() = param) - or - exists(StringizingOperator op | op.getMacro() = m and op.getOperand() = param) - ) and - // An expansion that is equal to "" means the expansion is not used and is optimized away by EDG. This happens when the expanded argument is an operand to `#` or `##`. - // This check ensure there is an expansion that is used. - expanded = mi.getExpandedArgument(i) and - not expanded = "" and - not mi.getUnexpandedArgument(i) = mi.getExpandedArgument(i) -select m, - "Macro " + m.getName() + " contains use of parameter " + param + " used in multiple contexts." +class MacroParameterUsedAsHashOperandQuery extends AMixedUseMacroArgumentSubjectToExpansion_sharedSharedQuery { + MacroParameterUsedAsHashOperandQuery() { + this = Preprocessor2Package::macroParameterUsedAsHashOperandQuery() + } +} diff --git a/c/misra/src/rules/RULE-21-7/AtofAtoiAtolAndAtollOfStdlibhUsed.ql b/c/misra/src/rules/RULE-21-7/AtofAtoiAtolAndAtollOfStdlibhUsed.ql index f834201cbd..69733b6308 100644 --- a/c/misra/src/rules/RULE-21-7/AtofAtoiAtolAndAtollOfStdlibhUsed.ql +++ b/c/misra/src/rules/RULE-21-7/AtofAtoiAtolAndAtollOfStdlibhUsed.ql @@ -13,13 +13,10 @@ import cpp import codingstandards.c.misra +import codingstandards.cpp.rules.atofatoiatolandatollused_shared.AtofAtoiAtolAndAtollUsed_shared -private string atoi() { result = ["atof", "atoi", "atol", "atoll"] } - -from FunctionCall fc, Function f -where - not isExcluded(fc, BannedPackage::atofAtoiAtolAndAtollOfStdlibhUsedQuery()) and - f = fc.getTarget() and - f.getName() = atoi() and - f.getFile().getBaseName() = "stdlib.h" -select fc, "Call to banned function " + f.getName() + "." +class AtofAtoiAtolAndAtollOfStdlibhUsedQuery extends AtofAtoiAtolAndAtollUsed_sharedSharedQuery { + AtofAtoiAtolAndAtollOfStdlibhUsedQuery() { + this = BannedPackage::atofAtoiAtolAndAtollOfStdlibhUsedQuery() + } +} diff --git a/c/misra/src/rules/RULE-4-1/OctalAndHexadecimalEscapeSequencesNotTerminated.ql b/c/misra/src/rules/RULE-4-1/OctalAndHexadecimalEscapeSequencesNotTerminated.ql index a7fdf080a7..80a4490470 100644 --- a/c/misra/src/rules/RULE-4-1/OctalAndHexadecimalEscapeSequencesNotTerminated.ql +++ b/c/misra/src/rules/RULE-4-1/OctalAndHexadecimalEscapeSequencesNotTerminated.ql @@ -15,34 +15,10 @@ import cpp import codingstandards.c.misra +import codingstandards.cpp.rules.nonterminatedescapesequences_shared.NonTerminatedEscapeSequences_shared -bindingset[s] -predicate isOctalEscape(string s) { - s.charAt(0) = "\\" and - exists(int i | i = [0 .. 7] | i.toString() = s.charAt(1)) +class OctalAndHexadecimalEscapeSequencesNotTerminatedQuery extends NonTerminatedEscapeSequences_sharedSharedQuery { + OctalAndHexadecimalEscapeSequencesNotTerminatedQuery() { + this = SyntaxPackage::octalAndHexadecimalEscapeSequencesNotTerminatedQuery() + } } - -bindingset[s] -predicate isHexEscape(string s) { s.indexOf("\\x") = 0 } - -from Literal l, string escapeKind, string s -where - not isExcluded(l, SyntaxPackage::octalAndHexadecimalEscapeSequencesNotTerminatedQuery()) and - exists(int idx, string sl | - sl = l.getValueText() and - idx = sl.indexOf("\\") and - s = sl.substring(idx, sl.length()) and - // Note: Octal representations must be 1-3 digits. There is no limitation on a - // Hex literal as long as the characters are valid. This query does not consider - // if the hex literal being constructed will overflow. - ( - isHexEscape(s) and - not s.regexpMatch("^((\\\\x[0-9A-F]+(?=[\"'\\\\])))[\\s\\S]*") and - escapeKind = "hexadecimal" - or - isOctalEscape(s) and - not s.regexpMatch("^(((\\\\[0-7]{1,3})(?=[\"'\\\\])))[\\s\\S]*") and - escapeKind = "octal" - ) - ) -select l, "Invalid " + escapeKind + " escape in string literal at '" + s + "'." diff --git a/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql b/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql index fce1d9ad1a..932e85087a 100644 --- a/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql +++ b/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql @@ -12,33 +12,10 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.Compiler +import codingstandards.cpp.rules.bitfieldshallhaveanappropriatetype_shared.BitFieldShallHaveAnAppropriateType_shared -Type getSupportedBitFieldType(Compiler compiler) { - compiler instanceof UnsupportedCompiler and - ( - result instanceof IntType and - ( - result.(IntegralType).isExplicitlySigned() or - result.(IntegralType).isExplicitlyUnsigned() - ) - or - result instanceof BoolType - ) - or - (compiler instanceof Gcc or compiler instanceof Clang) and - ( - result instanceof IntegralOrEnumType - or - result instanceof BoolType - ) +class BitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery extends BitFieldShallHaveAnAppropriateType_sharedSharedQuery { + BitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery() { + this = BitfieldTypesPackage::bitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery() + } } - -from BitField bitField -where - not isExcluded(bitField, - BitfieldTypesPackage::bitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery()) and - /* A violation would neither be an appropriate primitive type nor an appropriate typedef. */ - not getSupportedBitFieldType(getCompiler(bitField.getFile())) = - bitField.getType().resolveTypedefs() -select bitField, "Bit-field '" + bitField + "' is declared on type '" + bitField.getType() + "'." diff --git a/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql b/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql index d4be3d6dd2..9eb0b672fb 100644 --- a/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql +++ b/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql @@ -12,23 +12,10 @@ import cpp import codingstandards.c.misra +import codingstandards.cpp.rules.namedbitfieldswithsignedintegertype_shared.NamedBitFieldsWithSignedIntegerType_shared -/* - * Check if the DECLARED bit-fields is a single bit, because Rule 6.2 also intends to catch confusion on the programmers' part. Consider: - * - * struct S { - * int32_t x: 1; - * } - * - * In this case, field x is essentially of 32 bits, but is declared as 1 bit and its type int32_t is signed. Therefore, it indicates confusion by the programmer, which is exactly what this rule intends to find. - */ - -from BitField bitField -where - not isExcluded(bitField, BitfieldTypesPackage::singleBitNamedBitFieldsOfASignedTypeQuery()) and - bitField.getDeclaredNumBits() = 1 and // Single-bit, - not bitField.isAnonymous() and // named, - bitField.getType().(IntegralType).isSigned() // but its type is signed. -select bitField, - "Single-bit bit-field named " + bitField.toString() + " has a signed type " + bitField.getType() + - "." +class SingleBitNamedBitFieldsOfASignedTypeQuery extends NamedBitFieldsWithSignedIntegerType_sharedSharedQuery { + SingleBitNamedBitFieldsOfASignedTypeQuery() { + this = BitfieldTypesPackage::singleBitNamedBitFieldsOfASignedTypeQuery() + } +} diff --git a/c/misra/src/rules/RULE-7-3/LowercaseCharacterLUsedInLiteralSuffix.ql b/c/misra/src/rules/RULE-7-3/LowercaseCharacterLUsedInLiteralSuffix.ql index 4fc257578b..85c14ff419 100644 --- a/c/misra/src/rules/RULE-7-3/LowercaseCharacterLUsedInLiteralSuffix.ql +++ b/c/misra/src/rules/RULE-7-3/LowercaseCharacterLUsedInLiteralSuffix.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.c.misra -import codingstandards.c.Literals +import codingstandards.cpp.Literals from IntegerLiteral l where diff --git a/c/misra/src/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.ql b/c/misra/src/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.ql index 0772da9b05..91a8a9c021 100644 --- a/c/misra/src/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.ql +++ b/c/misra/src/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.ql @@ -14,25 +14,10 @@ import cpp import codingstandards.c.misra +import codingstandards.cpp.rules.nonuniqueenumerationconstant_shared.NonUniqueEnumerationConstant_shared -/** - * An `EnumConstant` that has an implicitly specified value: - * `enum e { explicit = 1, implicit }` - */ -class ImplicitlySpecifiedEnumConstant extends EnumConstant { - ImplicitlySpecifiedEnumConstant() { - //implicitly specified have an initializer with location: `file://:0:0:0:0` - not this.getInitializer().getLocation().getFile() = this.getFile() +class ValueImplicitEnumerationConstantNotUniqueQuery extends NonUniqueEnumerationConstant_sharedSharedQuery { + ValueImplicitEnumerationConstantNotUniqueQuery() { + this = Declarations7Package::valueImplicitEnumerationConstantNotUniqueQuery() } } - -from EnumConstant exp, ImplicitlySpecifiedEnumConstant imp -where - not isExcluded(exp, Declarations7Package::valueImplicitEnumerationConstantNotUniqueQuery()) and - not isExcluded(imp, Declarations7Package::valueImplicitEnumerationConstantNotUniqueQuery()) and - not exp = imp and - imp.getValue() = exp.getValue() and - imp.getDeclaringEnum() = exp.getDeclaringEnum() and - //can technically be the same declared enum across multiple headers but those are not relevant to this rule - imp.getFile() = exp.getFile() -select imp, "Nonunique value of enum constant compared to $@", exp, exp.getName() diff --git a/c/misra/test/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.testref b/c/misra/test/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.testref index ea9ce384ea..3b0dc2fe5a 100644 --- a/c/misra/test/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.testref +++ b/c/misra/test/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.testref @@ -1 +1 @@ -cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql \ No newline at end of file +c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql \ No newline at end of file diff --git a/c/misra/test/rules/DIR-4-4/SectionsOfCodeShallNotBeCommentedOut.testref b/c/misra/test/rules/DIR-4-4/SectionsOfCodeShallNotBeCommentedOut.testref index 303a38a19b..4460b5ed53 100644 --- a/c/misra/test/rules/DIR-4-4/SectionsOfCodeShallNotBeCommentedOut.testref +++ b/c/misra/test/rules/DIR-4-4/SectionsOfCodeShallNotBeCommentedOut.testref @@ -1 +1 @@ -cpp/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql \ No newline at end of file +c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql \ No newline at end of file diff --git a/c/misra/test/rules/DIR-4-5/IdentifiersInTheSameNameSpaceUnambiguous.testref b/c/misra/test/rules/DIR-4-5/IdentifiersInTheSameNameSpaceUnambiguous.testref index dffdbb26b8..2dc788dd11 100644 --- a/c/misra/test/rules/DIR-4-5/IdentifiersInTheSameNameSpaceUnambiguous.testref +++ b/c/misra/test/rules/DIR-4-5/IdentifiersInTheSameNameSpaceUnambiguous.testref @@ -1 +1 @@ -cpp/common/test/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.ql \ No newline at end of file +c/common/test/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.ql \ No newline at end of file diff --git a/c/misra/test/rules/DIR-4-9/FunctionOverFunctionLikeMacro.testref b/c/misra/test/rules/DIR-4-9/FunctionOverFunctionLikeMacro.testref new file mode 100644 index 0000000000..cd897ee364 --- /dev/null +++ b/c/misra/test/rules/DIR-4-9/FunctionOverFunctionLikeMacro.testref @@ -0,0 +1 @@ +c/common/test/rules/functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.expected b/c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.expected deleted file mode 100644 index 17b89c2f01..0000000000 --- a/c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.expected +++ /dev/null @@ -1,6 +0,0 @@ -| test.c:6:12:6:18 | ... + ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:6:12:6:13 | l1 | side effect | test.c:6:12:6:13 | l1 | l1 | test.c:6:17:6:18 | l1 | side effect | test.c:6:17:6:18 | l1 | l1 | -| test.c:7:12:7:18 | ... + ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:7:12:7:13 | l1 | side effect | test.c:7:12:7:13 | l1 | l1 | test.c:7:17:7:18 | l2 | side effect | test.c:7:17:7:18 | l2 | l2 | -| test.c:17:3:17:21 | ... = ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:17:8:17:9 | l1 | side effect | test.c:17:8:17:9 | l1 | l1 | test.c:17:13:17:14 | l1 | side effect | test.c:17:13:17:14 | l1 | l1 | -| test.c:19:3:19:5 | call to foo | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:19:7:19:8 | l1 | side effect | test.c:19:7:19:8 | l1 | l1 | test.c:19:11:19:12 | l2 | side effect | test.c:19:11:19:12 | l2 | l2 | -| test.c:25:3:25:5 | call to foo | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:25:7:25:10 | ... ++ | side effect | test.c:25:7:25:8 | l8 | l8 | test.c:25:13:25:14 | l8 | read | test.c:25:13:25:14 | l8 | l8 | -| test.c:35:5:35:13 | ... = ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:35:10:35:12 | ... ++ | side effect | test.c:35:10:35:10 | i | i | test.c:35:10:35:12 | ... ++ | side effect | test.c:35:10:35:10 | i | i | diff --git a/c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.qlref b/c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.qlref deleted file mode 100644 index 0cb8d40dbb..0000000000 --- a/c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-13-2/UnsequencedSideEffects.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.testref b/c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.testref new file mode 100644 index 0000000000..6131c93357 --- /dev/null +++ b/c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.testref @@ -0,0 +1 @@ +c/common/test/rules/memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-13-4/ResultOfAnAssignmentOperatorShouldNotBeUsed.expected b/c/misra/test/rules/RULE-13-4/ResultOfAnAssignmentOperatorShouldNotBeUsed.expected deleted file mode 100644 index 57f90043e1..0000000000 --- a/c/misra/test/rules/RULE-13-4/ResultOfAnAssignmentOperatorShouldNotBeUsed.expected +++ /dev/null @@ -1,3 +0,0 @@ -| test.c:7:7:7:12 | ... = ... | Use of an assignment operator's result. | -| test.c:11:11:11:16 | ... = ... | Use of an assignment operator's result. | -| test.c:13:8:13:13 | ... = ... | Use of an assignment operator's result. | diff --git a/c/misra/test/rules/RULE-13-4/ResultOfAnAssignmentOperatorShouldNotBeUsed.qlref b/c/misra/test/rules/RULE-13-4/ResultOfAnAssignmentOperatorShouldNotBeUsed.qlref deleted file mode 100644 index 16d027d915..0000000000 --- a/c/misra/test/rules/RULE-13-4/ResultOfAnAssignmentOperatorShouldNotBeUsed.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-13-4/ResultOfAnAssignmentOperatorShouldNotBeUsed.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-13-4/ResultOfAnAssignmentOperatorShouldNotBeUsed.testref b/c/misra/test/rules/RULE-13-4/ResultOfAnAssignmentOperatorShouldNotBeUsed.testref new file mode 100644 index 0000000000..0bda23895c --- /dev/null +++ b/c/misra/test/rules/RULE-13-4/ResultOfAnAssignmentOperatorShouldNotBeUsed.testref @@ -0,0 +1 @@ +c/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-15-1/GotoStatementUsed.expected b/c/misra/test/rules/RULE-15-1/GotoStatementUsed.expected deleted file mode 100644 index 7e06759159..0000000000 --- a/c/misra/test/rules/RULE-15-1/GotoStatementUsed.expected +++ /dev/null @@ -1 +0,0 @@ -| test.c:4:3:4:14 | goto ... | Use of goto. | diff --git a/c/misra/test/rules/RULE-15-1/GotoStatementUsed.qlref b/c/misra/test/rules/RULE-15-1/GotoStatementUsed.qlref deleted file mode 100644 index 338455d28f..0000000000 --- a/c/misra/test/rules/RULE-15-1/GotoStatementUsed.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-15-1/GotoStatementUsed.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-15-1/GotoStatementUsed.testref b/c/misra/test/rules/RULE-15-1/GotoStatementUsed.testref new file mode 100644 index 0000000000..94fa27a461 --- /dev/null +++ b/c/misra/test/rules/RULE-15-1/GotoStatementUsed.testref @@ -0,0 +1 @@ +c/common/test/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-15-1/test.c b/c/misra/test/rules/RULE-15-1/test.c deleted file mode 100644 index d13f01961c..0000000000 --- a/c/misra/test/rules/RULE-15-1/test.c +++ /dev/null @@ -1,9 +0,0 @@ -void test_goto() { - int x = 1; - - goto label1; // NON_COMPLIANT - -label1: - - x = 2; -} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.expected b/c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.expected deleted file mode 100644 index 730403cbd7..0000000000 --- a/c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.expected +++ /dev/null @@ -1,3 +0,0 @@ -| test.c:2:3:2:10 | goto ... | The $@ statement and its $@ are not declared or enclosed in the same block. | test.c:2:3:2:10 | goto ... | goto | test.c:4:3:4:5 | label ...: | label | -| test.c:40:3:40:10 | goto ... | The $@ statement and its $@ are not declared or enclosed in the same block. | test.c:40:3:40:10 | goto ... | goto | test.c:44:3:44:5 | label ...: | label | -| test.c:55:5:55:12 | goto ... | The $@ statement and its $@ are not declared or enclosed in the same block. | test.c:55:5:55:12 | goto ... | goto | test.c:58:3:58:5 | label ...: | label | diff --git a/c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.qlref b/c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.qlref deleted file mode 100644 index 5f430f0790..0000000000 --- a/c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-15-3/GotoLabelBlockCondition.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.testref b/c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.testref new file mode 100644 index 0000000000..81d6739cb7 --- /dev/null +++ b/c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.testref @@ -0,0 +1 @@ +c/common/test/rules/gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-20-11/MoreThanOneHashOperatorInMacroDefinition.expected b/c/misra/test/rules/RULE-20-11/MoreThanOneHashOperatorInMacroDefinition.expected deleted file mode 100644 index 406010428c..0000000000 --- a/c/misra/test/rules/RULE-20-11/MoreThanOneHashOperatorInMacroDefinition.expected +++ /dev/null @@ -1 +0,0 @@ -| test.c:25:1:25:29 | #define MACROTHIRTEEN(X) #X ## X | Macro definition uses an # operator followed by a ## operator. | diff --git a/c/misra/test/rules/RULE-20-11/MoreThanOneHashOperatorInMacroDefinition.qlref b/c/misra/test/rules/RULE-20-11/MoreThanOneHashOperatorInMacroDefinition.qlref deleted file mode 100644 index 35ef457cac..0000000000 --- a/c/misra/test/rules/RULE-20-11/MoreThanOneHashOperatorInMacroDefinition.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-20-11/MoreThanOneHashOperatorInMacroDefinition.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-20-11/MoreThanOneHashOperatorInMacroDefinition.testref b/c/misra/test/rules/RULE-20-11/MoreThanOneHashOperatorInMacroDefinition.testref new file mode 100644 index 0000000000..ff0bf76291 --- /dev/null +++ b/c/misra/test/rules/RULE-20-11/MoreThanOneHashOperatorInMacroDefinition.testref @@ -0,0 +1 @@ +c/common/test/rules/macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-20-12/MacroParameterUsedAsHashOperand.qlref b/c/misra/test/rules/RULE-20-12/MacroParameterUsedAsHashOperand.qlref deleted file mode 100644 index a2edc3acc4..0000000000 --- a/c/misra/test/rules/RULE-20-12/MacroParameterUsedAsHashOperand.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-20-12/MacroParameterUsedAsHashOperand.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-20-12/MacroParameterUsedAsHashOperand.testref b/c/misra/test/rules/RULE-20-12/MacroParameterUsedAsHashOperand.testref new file mode 100644 index 0000000000..4c511bd34e --- /dev/null +++ b/c/misra/test/rules/RULE-20-12/MacroParameterUsedAsHashOperand.testref @@ -0,0 +1 @@ +c/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-7/AtofAtoiAtolAndAtollOfStdlibhUsed.expected b/c/misra/test/rules/RULE-21-7/AtofAtoiAtolAndAtollOfStdlibhUsed.expected deleted file mode 100644 index 29a0c6fac1..0000000000 --- a/c/misra/test/rules/RULE-21-7/AtofAtoiAtolAndAtollOfStdlibhUsed.expected +++ /dev/null @@ -1,4 +0,0 @@ -| test.c:6:14:6:17 | call to atof | Call to banned function atof. | -| test.c:7:12:7:15 | call to atoi | Call to banned function atoi. | -| test.c:8:13:8:16 | call to atol | Call to banned function atol. | -| test.c:9:18:9:22 | call to atoll | Call to banned function atoll. | diff --git a/c/misra/test/rules/RULE-21-7/AtofAtoiAtolAndAtollOfStdlibhUsed.qlref b/c/misra/test/rules/RULE-21-7/AtofAtoiAtolAndAtollOfStdlibhUsed.qlref deleted file mode 100644 index 52e70db92b..0000000000 --- a/c/misra/test/rules/RULE-21-7/AtofAtoiAtolAndAtollOfStdlibhUsed.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-21-7/AtofAtoiAtolAndAtollOfStdlibhUsed.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-7/AtofAtoiAtolAndAtollOfStdlibhUsed.testref b/c/misra/test/rules/RULE-21-7/AtofAtoiAtolAndAtollOfStdlibhUsed.testref new file mode 100644 index 0000000000..441b3f33c2 --- /dev/null +++ b/c/misra/test/rules/RULE-21-7/AtofAtoiAtolAndAtollOfStdlibhUsed.testref @@ -0,0 +1 @@ +c/common/test/rules/atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-4-1/OctalAndHexadecimalEscapeSequencesNotTerminated.expected b/c/misra/test/rules/RULE-4-1/OctalAndHexadecimalEscapeSequencesNotTerminated.expected deleted file mode 100644 index 39d5aa5d85..0000000000 --- a/c/misra/test/rules/RULE-4-1/OctalAndHexadecimalEscapeSequencesNotTerminated.expected +++ /dev/null @@ -1,21 +0,0 @@ -| test.c:9:18:9:24 | \u001aG | Invalid hexadecimal escape in string literal at '\\x1AG"'. | -| test.c:12:18:12:23 | \u00029 | Invalid octal escape in string literal at '\\029"'. | -| test.c:15:18:15:24 | \n7 | Invalid octal escape in string literal at '\\0127"'. | -| test.c:16:18:16:24 | \r7 | Invalid octal escape in string literal at '\\0157"'. | -| test.c:18:19:18:29 | \n\n9 | Invalid octal escape in string literal at '\\0129"'. | -| test.c:19:19:19:28 | \n\u00019 | Invalid octal escape in string literal at '\\019"'. | -| test.c:22:19:22:31 | \nAAA\u000f | Invalid octal escape in string literal at '\\012AAA\\017"'. | -| test.c:25:19:25:39 | Some Data \n\u000fA | Invalid octal escape in string literal at '\\017A"'. | -| test.c:26:19:27:21 | Some Data \n\u000fA5 | Invalid octal escape in string literal at '\\017A"\n "5"'. | -| test.c:28:19:30:25 | Some Data \n\u000fA\n1 | Invalid octal escape in string literal at '\\0121"'. | -| test.c:34:19:35:26 | \u0011G\u00012 | Invalid octal escape in string literal at '\\0012"'. | -| test.c:36:19:37:25 | \u0011GG\u0001 | Invalid hexadecimal escape in string literal at '\\x11G"\n "G\\001"'. | -| test.c:38:19:39:26 | \u0011GG\u00013 | Invalid hexadecimal escape in string literal at '\\x11G"\n "G\\0013"'. | -| test.c:38:19:39:26 | \u0011GG\u00013 | Invalid octal escape in string literal at '\\0013"'. | -| test.c:45:18:45:42 | Some Data \n\u000fA5 | Invalid octal escape in string literal at '\\017A" "5"'. | -| test.c:46:18:46:49 | Some Data \n\u000fA\n1 | Invalid octal escape in string literal at '\\0121"'. | -| test.c:48:18:48:32 | \u0011G\u00012 | Invalid octal escape in string literal at '\\0012"'. | -| test.c:49:18:49:32 | \u0011GG\u0001 | Invalid hexadecimal escape in string literal at '\\x11G" "G\\001"'. | -| test.c:50:18:50:33 | \u0011GG\u00013 | Invalid hexadecimal escape in string literal at '\\x11G" "G\\0013"'. | -| test.c:50:18:50:33 | \u0011GG\u00013 | Invalid octal escape in string literal at '\\0013"'. | -| test.c:53:11:53:16 | 10 | Invalid hexadecimal escape in string literal at '\\x0a''. | diff --git a/c/misra/test/rules/RULE-4-1/OctalAndHexadecimalEscapeSequencesNotTerminated.qlref b/c/misra/test/rules/RULE-4-1/OctalAndHexadecimalEscapeSequencesNotTerminated.qlref deleted file mode 100644 index fbdd187532..0000000000 --- a/c/misra/test/rules/RULE-4-1/OctalAndHexadecimalEscapeSequencesNotTerminated.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-4-1/OctalAndHexadecimalEscapeSequencesNotTerminated.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-4-1/OctalAndHexadecimalEscapeSequencesNotTerminated.testref b/c/misra/test/rules/RULE-4-1/OctalAndHexadecimalEscapeSequencesNotTerminated.testref new file mode 100644 index 0000000000..7cece164a3 --- /dev/null +++ b/c/misra/test/rules/RULE-4-1/OctalAndHexadecimalEscapeSequencesNotTerminated.testref @@ -0,0 +1 @@ +c/common/test/rules/nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.testref b/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.testref new file mode 100644 index 0000000000..7b535ba5ce --- /dev/null +++ b/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.testref @@ -0,0 +1 @@ +c/common/test/rules/bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.expected b/c/misra/test/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.expected deleted file mode 100644 index df7677961a..0000000000 --- a/c/misra/test/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.expected +++ /dev/null @@ -1,4 +0,0 @@ -| test.c:4:7:4:8 | x1 | Single-bit bit-field named x1 has a signed type int. | -| test.c:7:14:7:15 | x2 | Single-bit bit-field named x2 has a signed type signed int. | -| test.c:9:7:9:8 | x3 | Single-bit bit-field named x3 has a signed type signed char. | -| test.c:11:7:11:8 | x4 | Single-bit bit-field named x4 has a signed type signed short. | diff --git a/c/misra/test/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.qlref b/c/misra/test/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.qlref deleted file mode 100644 index 50c34f70a7..0000000000 --- a/c/misra/test/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.testref b/c/misra/test/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.testref new file mode 100644 index 0000000000..a068a4ff61 --- /dev/null +++ b/c/misra/test/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.testref @@ -0,0 +1 @@ +c/common/test/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-7-3/LowercaseCharacterLUsedInLiteralSuffix.expected b/c/misra/test/rules/RULE-7-3/LowercaseCharacterLUsedInLiteralSuffix.expected deleted file mode 100644 index 279fd7e621..0000000000 --- a/c/misra/test/rules/RULE-7-3/LowercaseCharacterLUsedInLiteralSuffix.expected +++ /dev/null @@ -1,16 +0,0 @@ -| test.c:3:10:3:11 | 0 | Lowercase 'l' used as a literal suffix. | -| test.c:4:10:4:12 | 0 | Lowercase 'l' used as a literal suffix. | -| test.c:7:10:7:12 | 0 | Lowercase 'l' used as a literal suffix. | -| test.c:8:10:8:12 | 0 | Lowercase 'l' used as a literal suffix. | -| test.c:13:11:13:12 | 0 | Lowercase 'l' used as a literal suffix. | -| test.c:14:11:14:13 | 0 | Lowercase 'l' used as a literal suffix. | -| test.c:17:11:17:13 | 0 | Lowercase 'l' used as a literal suffix. | -| test.c:18:11:18:13 | 0 | Lowercase 'l' used as a literal suffix. | -| test.c:23:10:23:14 | 1 | Lowercase 'l' used as a literal suffix. | -| test.c:24:10:24:15 | 1 | Lowercase 'l' used as a literal suffix. | -| test.c:27:10:27:15 | 1 | Lowercase 'l' used as a literal suffix. | -| test.c:28:10:28:15 | 1 | Lowercase 'l' used as a literal suffix. | -| test.c:33:11:33:14 | 1 | Lowercase 'l' used as a literal suffix. | -| test.c:34:11:34:15 | 1 | Lowercase 'l' used as a literal suffix. | -| test.c:37:11:37:15 | 1 | Lowercase 'l' used as a literal suffix. | -| test.c:38:11:38:15 | 1 | Lowercase 'l' used as a literal suffix. | diff --git a/c/misra/test/rules/RULE-7-3/LowercaseCharacterLUsedInLiteralSuffix.qlref b/c/misra/test/rules/RULE-7-3/LowercaseCharacterLUsedInLiteralSuffix.qlref deleted file mode 100644 index 464efc3b2f..0000000000 --- a/c/misra/test/rules/RULE-7-3/LowercaseCharacterLUsedInLiteralSuffix.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-7-3/LowercaseCharacterLUsedInLiteralSuffix.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-7-3/LowercaseCharacterLUsedInLiteralSuffix.testref b/c/misra/test/rules/RULE-7-3/LowercaseCharacterLUsedInLiteralSuffix.testref new file mode 100644 index 0000000000..e9f0d150e9 --- /dev/null +++ b/c/misra/test/rules/RULE-7-3/LowercaseCharacterLUsedInLiteralSuffix.testref @@ -0,0 +1 @@ +c/common/test/rules/lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-7-3/cpp/LowercaseCharacterLUsedInLiteralSuffix.qlref b/c/misra/test/rules/RULE-7-3/cpp/LowercaseCharacterLUsedInLiteralSuffix.qlref deleted file mode 100644 index 464efc3b2f..0000000000 --- a/c/misra/test/rules/RULE-7-3/cpp/LowercaseCharacterLUsedInLiteralSuffix.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-7-3/LowercaseCharacterLUsedInLiteralSuffix.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-7-3/cpp/options b/c/misra/test/rules/RULE-7-3/cpp/options deleted file mode 100644 index 8dbed822c6..0000000000 --- a/c/misra/test/rules/RULE-7-3/cpp/options +++ /dev/null @@ -1 +0,0 @@ -semmle-extractor-options:--clang -std=c++14 --edg --diag_error=implicit_func_decl -nostdinc -I../../../../../cpp/common/test/includes/standard-library \ No newline at end of file diff --git a/c/misra/test/rules/RULE-7-3/cpp/test.cpp b/c/misra/test/rules/RULE-7-3/cpp/test.cpp deleted file mode 100644 index ba3ca4f14e..0000000000 --- a/c/misra/test/rules/RULE-7-3/cpp/test.cpp +++ /dev/null @@ -1 +0,0 @@ -int x = false; // COMPLIANT - reported as FP in #319 \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.expected b/c/misra/test/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.expected deleted file mode 100644 index 55abb72b57..0000000000 --- a/c/misra/test/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.expected +++ /dev/null @@ -1 +0,0 @@ -| test.c:3:19:3:20 | c4 | Nonunique value of enum constant compared to $@ | test.c:3:23:3:24 | c5 | c5 | diff --git a/c/misra/test/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.qlref b/c/misra/test/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.qlref deleted file mode 100644 index e43c765d37..0000000000 --- a/c/misra/test/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.testref b/c/misra/test/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.testref new file mode 100644 index 0000000000..bf49fc0b00 --- /dev/null +++ b/c/misra/test/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.testref @@ -0,0 +1 @@ +c/common/test/rules/nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.ql \ No newline at end of file diff --git a/cpp/autosar/src/rules/A12-1-1/ExplicitConstructorBaseClassInitialization.ql b/cpp/autosar/src/rules/A12-1-1/ExplicitConstructorBaseClassInitialization.ql index e1aeec46a0..2fc8fcd976 100644 --- a/cpp/autosar/src/rules/A12-1-1/ExplicitConstructorBaseClassInitialization.ql +++ b/cpp/autosar/src/rules/A12-1-1/ExplicitConstructorBaseClassInitialization.ql @@ -16,29 +16,10 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.Constructor +import codingstandards.cpp.rules.initializeallvirtualbaseclasses_shared.InitializeAllVirtualBaseClasses_shared -from Constructor c, Class declaringType, Class baseClass, string type -where - not isExcluded(c, InitializationPackage::explicitConstructorBaseClassInitializationQuery()) and - declaringType = c.getDeclaringType() and - ( - declaringType.getABaseClass() = baseClass and type = "" - or - baseClass.(VirtualBaseClass).getAVirtuallyDerivedClass().getADerivedClass+() = declaringType and - type = " virtual" - ) and - // There is not an initializer on the constructor for this particular base class - not exists(ConstructorBaseClassInit init | - c.getAnInitializer() = init and - init.getInitializedClass() = baseClass and - not init.isCompilerGenerated() - ) and - // Must be a defined constructor - c.hasDefinition() and - // Not a compiler-generated constructor - not c.isCompilerGenerated() and - // Not a defaulted constructor - not c.isDefaulted() -select c, "Constructor for $@ does not explicitly call constructor for" + type + " base class $@.", - declaringType, declaringType.getSimpleName(), baseClass, baseClass.getSimpleName() +class ExplicitConstructorBaseClassInitializationQuery extends InitializeAllVirtualBaseClasses_sharedSharedQuery { + ExplicitConstructorBaseClassInitializationQuery() { + this = InitializationPackage::explicitConstructorBaseClassInitializationQuery() + } +} diff --git a/cpp/autosar/src/rules/A12-8-5/CopyAssignmentAndAMoveHandleSelfAssignment.ql b/cpp/autosar/src/rules/A12-8-5/CopyAssignmentAndAMoveHandleSelfAssignment.ql index a2ce643784..8919a4e46a 100644 --- a/cpp/autosar/src/rules/A12-8-5/CopyAssignmentAndAMoveHandleSelfAssignment.ql +++ b/cpp/autosar/src/rules/A12-8-5/CopyAssignmentAndAMoveHandleSelfAssignment.ql @@ -17,43 +17,10 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.Operator +import codingstandards.cpp.rules.copyandmoveassignmentsshallhandleselfassignment_shared.CopyAndMoveAssignmentsShallHandleSelfAssignment_shared -predicate isUserCopyOrUserMove(Operator o) { - o instanceof UserCopyOperator or - o instanceof UserMoveOperator +class CopyAssignmentAndAMoveHandleSelfAssignmentQuery extends CopyAndMoveAssignmentsShallHandleSelfAssignment_sharedSharedQuery { + CopyAssignmentAndAMoveHandleSelfAssignmentQuery() { + this = OperatorInvariantsPackage::copyAssignmentAndAMoveHandleSelfAssignmentQuery() + } } - -predicate callsStdSwap(Function f) { - exists(FunctionCall fc | - fc.getTarget().hasGlobalOrStdName("swap") and - fc.getEnclosingFunction() = f - ) -} - -predicate callsNoExceptSwap(Operator o) { - exists(Function f, FunctionCall fc | - callsStdSwap(f) and - fc.getEnclosingFunction() = o and - fc.getTarget() = f - ) -} - -predicate checksForSelfAssignment(Operator o) { - exists(IfStmt i, ComparisonOperation c | - i.getEnclosingFunction() = o and - i.getCondition() = c and - ( - c.getLeftOperand().toString() = "this" or - c.getRightOperand().toString() = "this" - ) - ) -} - -from Operator o -where - not isExcluded(o, OperatorInvariantsPackage::copyAssignmentAndAMoveHandleSelfAssignmentQuery()) and - isUserCopyOrUserMove(o) and - not callsNoExceptSwap(o) and - not checksForSelfAssignment(o) -select o, "User defined copy or user defined move does not handle self-assignment correctly." diff --git a/cpp/autosar/src/rules/A14-8-2/ExplicitSpecializationsOfFunctionTemplatesUsed.ql b/cpp/autosar/src/rules/A14-8-2/ExplicitSpecializationsOfFunctionTemplatesUsed.ql index e53b532493..f2cbecb7dc 100644 --- a/cpp/autosar/src/rules/A14-8-2/ExplicitSpecializationsOfFunctionTemplatesUsed.ql +++ b/cpp/autosar/src/rules/A14-8-2/ExplicitSpecializationsOfFunctionTemplatesUsed.ql @@ -16,8 +16,10 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.rules.functiontemplatesexplicitlyspecialized_shared.FunctionTemplatesExplicitlySpecialized_shared -from FunctionTemplateSpecialization f -where not isExcluded(f, TemplatesPackage::explicitSpecializationsOfFunctionTemplatesUsedQuery()) -select f, "Specialization of function template from primary template located in $@.", - f.getPrimaryTemplate(), f.getPrimaryTemplate().getFile().getBaseName() +class ExplicitSpecializationsOfFunctionTemplatesUsedQuery extends FunctionTemplatesExplicitlySpecialized_sharedSharedQuery { + ExplicitSpecializationsOfFunctionTemplatesUsedQuery() { + this = TemplatesPackage::explicitSpecializationsOfFunctionTemplatesUsedQuery() + } +} diff --git a/cpp/autosar/src/rules/A15-1-2/PointerExceptionObject.ql b/cpp/autosar/src/rules/A15-1-2/PointerExceptionObject.ql index 348e02609c..1747d1245c 100644 --- a/cpp/autosar/src/rules/A15-1-2/PointerExceptionObject.ql +++ b/cpp/autosar/src/rules/A15-1-2/PointerExceptionObject.ql @@ -15,10 +15,10 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.rules.exceptionobjecthavepointertype_shared.ExceptionObjectHavePointerType_shared -from Expr thrownExpr -where - not isExcluded(thrownExpr, Exceptions1Package::pointerExceptionObjectQuery()) and - thrownExpr = any(ThrowExpr te).getExpr() and - thrownExpr.getType().getUnspecifiedType() instanceof PointerType -select thrownExpr, "Exception object with pointer type " + thrownExpr.getType() + " is thrown here." +class PointerExceptionObjectQuery extends ExceptionObjectHavePointerType_sharedSharedQuery { + PointerExceptionObjectQuery() { + this = Exceptions1Package::pointerExceptionObjectQuery() + } +} diff --git a/cpp/autosar/src/rules/A15-4-2/NoExceptFunctionThrows.ql b/cpp/autosar/src/rules/A15-4-2/NoExceptFunctionThrows.ql index 0c5bbb6011..4197e5f7dd 100644 --- a/cpp/autosar/src/rules/A15-4-2/NoExceptFunctionThrows.ql +++ b/cpp/autosar/src/rules/A15-4-2/NoExceptFunctionThrows.ql @@ -15,25 +15,10 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.exceptions.ExceptionFlow -import ExceptionPathGraph -import codingstandards.cpp.exceptions.ExceptionSpecifications +import codingstandards.cpp.rules.noexceptfunctionshouldnotpropagatetothecaller_shared.NoexceptFunctionShouldNotPropagateToTheCaller_shared -class NoExceptThrowingFunction extends ExceptionThrowingFunction { - NoExceptThrowingFunction() { - // Can exit with an exception - exists(getAFunctionThrownType(_, _)) and - // But is marked noexcept(true) or equivalent - isNoExceptTrue(this) +class NoExceptFunctionThrowsQuery extends NoexceptFunctionShouldNotPropagateToTheCaller_sharedSharedQuery { + NoExceptFunctionThrowsQuery() { + this = Exceptions1Package::noExceptFunctionThrowsQuery() } } - -from - NoExceptThrowingFunction f, ExceptionFlowNode exceptionSource, ExceptionFlowNode functionNode, - ExceptionType exceptionType -where - not isExcluded(f, Exceptions1Package::noExceptFunctionThrowsQuery()) and - f.hasExceptionFlow(exceptionSource, functionNode, exceptionType) -select f, exceptionSource, functionNode, - "Function " + f.getName() + " is declared noexcept(true) but can throw exceptions of type " + - exceptionType.getExceptionName() + "." diff --git a/cpp/autosar/src/rules/A18-1-2/VectorboolSpecializationUsed.ql b/cpp/autosar/src/rules/A18-1-2/VectorboolSpecializationUsed.ql index 2d94fde98c..9b4855fc8f 100644 --- a/cpp/autosar/src/rules/A18-1-2/VectorboolSpecializationUsed.ql +++ b/cpp/autosar/src/rules/A18-1-2/VectorboolSpecializationUsed.ql @@ -17,23 +17,10 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.StdNamespace +import codingstandards.cpp.rules.vectorshouldnotbespecializedwithbool_shared.VectorShouldNotBeSpecializedWithBool_shared -predicate isVectorBool(ClassTemplateInstantiation c) { - c.getNamespace() instanceof StdNS and - c.getTemplateArgument(0) instanceof BoolType and - c.getSimpleName() = "vector" +class VectorboolSpecializationUsedQuery extends VectorShouldNotBeSpecializedWithBool_sharedSharedQuery { + VectorboolSpecializationUsedQuery() { + this = BannedTypesPackage::vectorboolSpecializationUsedQuery() + } } - -predicate isUsingVectorBool(ClassTemplateInstantiation c) { - isVectorBool(c) or - isUsingVectorBool(c.getTemplateArgument(_)) -} - -from Variable v, ClassTemplateInstantiation c -where - v.getUnderlyingType() = c and - not v.isFromTemplateInstantiation(_) and - isUsingVectorBool(c) and - not isExcluded(v, BannedTypesPackage::vectorboolSpecializationUsedQuery()) -select v, "Use of std::vector specialization." diff --git a/cpp/autosar/src/rules/A18-5-4/GlobalSizedOperatorDeleteNotDefined.ql b/cpp/autosar/src/rules/A18-5-4/GlobalSizedOperatorDeleteNotDefined.ql index 7819cfad4d..c701c154cd 100644 --- a/cpp/autosar/src/rules/A18-5-4/GlobalSizedOperatorDeleteNotDefined.ql +++ b/cpp/autosar/src/rules/A18-5-4/GlobalSizedOperatorDeleteNotDefined.ql @@ -15,14 +15,11 @@ import cpp import codingstandards.cpp.autosar -import OperatorDelete +import codingstandards.cpp.rules.globalsizedoperatordeletenotdefined_shared.GlobalSizedOperatorDeleteNotDefined_shared -from OperatorDelete unsized_delete -where - not isExcluded(unsized_delete, DeclarationsPackage::globalSizedOperatorDeleteNotDefinedQuery()) and - not unsized_delete.isSizeDelete() and - not exists(OperatorDelete od | unsized_delete.isNoThrowDelete() = od.isNoThrowDelete() | - od.isSizeDelete() - ) -select unsized_delete, - "Unsized function '" + unsized_delete.getName() + "' defined globally without sized version." +class GlobalSizedOperatorDeleteNotDefinedQuery extends GlobalSizedOperatorDeleteNotDefined_sharedSharedQuery +{ + GlobalSizedOperatorDeleteNotDefinedQuery() { + this = DeclarationsPackage::globalSizedOperatorDeleteNotDefinedQuery() + } +} diff --git a/cpp/autosar/src/rules/A18-5-4/GlobalUnsizedOperatorDeleteNotDefined.ql b/cpp/autosar/src/rules/A18-5-4/GlobalUnsizedOperatorDeleteNotDefined.ql index 2c96660704..c4ee4a6569 100644 --- a/cpp/autosar/src/rules/A18-5-4/GlobalUnsizedOperatorDeleteNotDefined.ql +++ b/cpp/autosar/src/rules/A18-5-4/GlobalUnsizedOperatorDeleteNotDefined.ql @@ -15,14 +15,11 @@ import cpp import codingstandards.cpp.autosar -import OperatorDelete +import codingstandards.cpp.rules.globalunsizedoperatordeletenotdefined_shared.GlobalUnsizedOperatorDeleteNotDefined_shared -from OperatorDelete sized_delete -where - not isExcluded(sized_delete, DeclarationsPackage::globalUnsizedOperatorDeleteNotDefinedQuery()) and - sized_delete.isSizeDelete() and - not exists(OperatorDelete od | sized_delete.isNoThrowDelete() = od.isNoThrowDelete() | - not od.isSizeDelete() - ) -select sized_delete, - "Sized function '" + sized_delete.getName() + "' defined globally without unsized version." +class GlobalUnsizedOperatorDeleteNotDefinedQuery extends GlobalUnsizedOperatorDeleteNotDefined_sharedSharedQuery +{ + GlobalUnsizedOperatorDeleteNotDefinedQuery() { + this = DeclarationsPackage::globalUnsizedOperatorDeleteNotDefinedQuery() + } +} diff --git a/cpp/autosar/src/rules/A18-9-2/ForwardingValuesToOtherFunctions.ql b/cpp/autosar/src/rules/A18-9-2/ForwardingValuesToOtherFunctions.ql index b0dd714209..105e1e1289 100644 --- a/cpp/autosar/src/rules/A18-9-2/ForwardingValuesToOtherFunctions.ql +++ b/cpp/autosar/src/rules/A18-9-2/ForwardingValuesToOtherFunctions.ql @@ -14,20 +14,11 @@ */ import cpp -import codingstandards.cpp.standardlibrary.Utility import codingstandards.cpp.autosar +import codingstandards.cpp.rules.forwardingreferencesandforwardnotusedtogether_shared.ForwardingReferencesAndForwardNotUsedTogether_shared -from FunctionCall c, Parameter a, string message -where - not isExcluded(c, MoveForwardPackage::forwardingValuesToOtherFunctionsQuery()) and - a.getAnAccess() = c.getAnArgument() and - ( - c instanceof StdMoveCall and - a instanceof ForwardParameter and - message = "Function `std::forward` should be used for forwarding the forward reference $@." - or - c instanceof StdForwardCall and - a instanceof ConsumeParameter and - message = "Function `std::move` should be used for forwarding rvalue reference $@." - ) -select c, message, a, a.getName() +class ForwardingValuesToOtherFunctionsQuery extends ForwardingReferencesAndForwardNotUsedTogether_sharedSharedQuery { + ForwardingValuesToOtherFunctionsQuery() { + this = MoveForwardPackage::forwardingValuesToOtherFunctionsQuery() + } +} diff --git a/cpp/autosar/src/rules/A2-13-1/EscapeSequenceOutsideISO.ql b/cpp/autosar/src/rules/A2-13-1/EscapeSequenceOutsideISO.ql index d8382f51c8..5649c9765a 100644 --- a/cpp/autosar/src/rules/A2-13-1/EscapeSequenceOutsideISO.ql +++ b/cpp/autosar/src/rules/A2-13-1/EscapeSequenceOutsideISO.ql @@ -16,11 +16,10 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.rules.backslashcharactermisuse_shared.BackslashCharacterMisuse_shared -from StringLiteral l, string es -where - not isExcluded(l, LiteralsPackage::escapeSequenceOutsideISOQuery()) and - es = l.getANonStandardEscapeSequence(_, _) and - // Exclude universal-character-names, which begin with \u or \U - not es.toLowerCase().matches("\\u") -select l, "This literal contains the non-standard escape sequence " + es + "." +class EscapeSequenceOutsideISOQuery extends BackslashCharacterMisuse_sharedSharedQuery { + EscapeSequenceOutsideISOQuery() { + this = LiteralsPackage::escapeSequenceOutsideISOQuery() + } +} diff --git a/cpp/autosar/src/rules/A2-7-1/SingleLineCommentEndsWithSlash.ql b/cpp/autosar/src/rules/A2-7-1/SingleLineCommentEndsWithSlash.ql index adbb1dccea..eee2d6fa6d 100644 --- a/cpp/autosar/src/rules/A2-7-1/SingleLineCommentEndsWithSlash.ql +++ b/cpp/autosar/src/rules/A2-7-1/SingleLineCommentEndsWithSlash.ql @@ -17,9 +17,10 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.rules.linesplicingusedincomments_shared.LineSplicingUsedInComments_shared -from CppStyleComment c -where - not isExcluded(c, CommentsPackage::singleLineCommentEndsWithSlashQuery()) and - exists(c.getContents().regexpFind("\\\n", _, _)) -select c, "C++ comment includes \\ as the last character of a line" +class SingleLineCommentEndsWithSlashQuery extends LineSplicingUsedInComments_sharedSharedQuery { + SingleLineCommentEndsWithSlashQuery() { + this = CommentsPackage::singleLineCommentEndsWithSlashQuery() + } +} diff --git a/cpp/autosar/src/rules/A4-10-1/NullPointerConstantNotNullptr.ql b/cpp/autosar/src/rules/A4-10-1/NullPointerConstantNotNullptr.ql index e77c8265d5..dd23f6a03b 100644 --- a/cpp/autosar/src/rules/A4-10-1/NullPointerConstantNotNullptr.ql +++ b/cpp/autosar/src/rules/A4-10-1/NullPointerConstantNotNullptr.ql @@ -16,17 +16,10 @@ import cpp import codingstandards.cpp.autosar -import semmle.code.cpp.commons.NULL +import codingstandards.cpp.rules.nullptrnottheonlyformofthenullpointerconstant_shared.NullptrNotTheOnlyFormOfTheNullPointerConstant_shared -from Literal l -where - not isExcluded(l, LiteralsPackage::nullPointerConstantNotNullptrQuery()) and - // Not the type of the nullptr literal - not l.getType() instanceof NullPointerType and - // Converted to a pointer type - l.getConversion().getType().getUnspecifiedType() instanceof PointerType and - // Value of zero - l.getValue() = "0" and - // Not the StringLiteral "0" - not l instanceof StringLiteral -select l, l.getValueText() + " is used as the null-pointer-constant but is not nullptr." +class NullPointerConstantNotNullptrQuery extends NullptrNotTheOnlyFormOfTheNullPointerConstant_sharedSharedQuery { + NullPointerConstantNotNullptrQuery() { + this = LiteralsPackage::nullPointerConstantNotNullptrQuery() + } +} diff --git a/cpp/autosar/src/rules/A5-10-1/PointerToMemberVirtualFunctionWithNullPointerConstant.ql b/cpp/autosar/src/rules/A5-10-1/PointerToMemberVirtualFunctionWithNullPointerConstant.ql deleted file mode 100644 index 2289dc4e79..0000000000 --- a/cpp/autosar/src/rules/A5-10-1/PointerToMemberVirtualFunctionWithNullPointerConstant.ql +++ /dev/null @@ -1,34 +0,0 @@ -/** - * @id cpp/autosar/pointer-to-member-virtual-function-with-null-pointer-constant - * @name A5-10-1: A pointer to member virtual function shall only be tested for equality with null-pointer-constant - * @description A pointer to member virtual function shall only be tested for equality with - * null-pointer-constant, because an equality comparison with anything other than a - * null-pointer-constant is unspecified. - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/autosar/id/a5-10-1 - * correctness - * external/autosar/allocated-target/implementation - * external/autosar/enforcement/automated - * external/autosar/obligation/required - */ - -import cpp -import codingstandards.cpp.autosar - -from - EqualityOperation equalityComparison, MemberFunction virtualFunction, - FunctionAccess accessOperand, Expr otherOperand -where - not isExcluded(equalityComparison, - PointersPackage::pointerToMemberVirtualFunctionWithNullPointerConstantQuery()) and - virtualFunction.isVirtual() and - equalityComparison.getAnOperand() = accessOperand and - accessOperand.getTarget() = virtualFunction and - otherOperand = equalityComparison.getAnOperand() and - not otherOperand = accessOperand and - not otherOperand.getType() instanceof NullPointerType -select equalityComparison, - "A pointer to member virtual function $@ is tested for equality with non-null-pointer-constant $@. ", - virtualFunction, virtualFunction.getName(), otherOperand, otherOperand.toString() diff --git a/cpp/autosar/src/rules/A5-10-1/VirtualPointerOnlyComparesToNullptrConstant.ql b/cpp/autosar/src/rules/A5-10-1/VirtualPointerOnlyComparesToNullptrConstant.ql new file mode 100644 index 0000000000..efa3d605b3 --- /dev/null +++ b/cpp/autosar/src/rules/A5-10-1/VirtualPointerOnlyComparesToNullptrConstant.ql @@ -0,0 +1,25 @@ +/** + * @id cpp/autosar/virtual-pointer-only-compares-to-nullptr-constant + * @name A5-10-1: A pointer to member virtual function shall only be tested for equality with null-pointer-constant + * @description A pointer to member virtual function shall only be tested for equality with + * null-pointer-constant, because an equality comparison with anything other than a + * null-pointer-constant is unspecified. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/autosar/id/a5-10-1 + * correctness + * external/autosar/allocated-target/implementation + * external/autosar/enforcement/automated + * external/autosar/obligation/required + */ + +import cpp +import codingstandards.cpp.autosar +import codingstandards.cpp.rules.potentiallyvirtualpointeronlycomparestonullptr_shared.PotentiallyVirtualPointerOnlyComparesToNullptr_shared + +class VirtualPointerOnlyComparesToNullptrConstantQuery extends PotentiallyVirtualPointerOnlyComparesToNullptr_sharedSharedQuery { + VirtualPointerOnlyComparesToNullptrConstantQuery() { + this = PointersPackage::virtualPointerOnlyComparesToNullptrConstantQuery() + } +} diff --git a/cpp/autosar/src/rules/A5-2-4/ReinterpretCastUsed.ql b/cpp/autosar/src/rules/A5-2-4/ReinterpretCastUsed.ql index 92cf12d8a0..938b0aa36a 100644 --- a/cpp/autosar/src/rules/A5-2-4/ReinterpretCastUsed.ql +++ b/cpp/autosar/src/rules/A5-2-4/ReinterpretCastUsed.ql @@ -16,7 +16,10 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.rules.reinterpretcastused_shared.ReinterpretCastUsed_shared -from ReinterpretCast rc -where not isExcluded(rc, BannedSyntaxPackage::reinterpretCastUsedQuery()) -select rc, "Use of reinterpret_cast." +class ReinterpretCastUsedQuery extends ReinterpretCastUsed_sharedSharedQuery { + ReinterpretCastUsedQuery() { + this = BannedSyntaxPackage::reinterpretCastUsedQuery() + } +} diff --git a/cpp/autosar/src/rules/A6-6-1/GotoStatementUsed.ql b/cpp/autosar/src/rules/A6-6-1/GotoStatementUsed.ql index 5e1c10e4c7..c7c8e16d9a 100644 --- a/cpp/autosar/src/rules/A6-6-1/GotoStatementUsed.ql +++ b/cpp/autosar/src/rules/A6-6-1/GotoStatementUsed.ql @@ -16,9 +16,10 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.rules.gotostatementshouldnotbeused_shared.GotoStatementShouldNotBeUsed_shared -from Stmt s -where - not isExcluded(s, BannedSyntaxPackage::gotoStatementUsedQuery()) and - (s instanceof GotoStmt or s instanceof ComputedGotoStmt) -select s, "Use of goto." +class GotoStatementUsedQuery extends GotoStatementShouldNotBeUsed_sharedSharedQuery { + GotoStatementUsedQuery() { + this = BannedSyntaxPackage::gotoStatementUsedQuery() + } +} diff --git a/cpp/autosar/src/rules/A7-2-2/EnumerationUnderlyingBaseTypeNotExplicitlyDefined.ql b/cpp/autosar/src/rules/A7-2-2/EnumerationUnderlyingBaseTypeNotExplicitlyDefined.ql index cf5273f45d..9227c4cc6d 100644 --- a/cpp/autosar/src/rules/A7-2-2/EnumerationUnderlyingBaseTypeNotExplicitlyDefined.ql +++ b/cpp/autosar/src/rules/A7-2-2/EnumerationUnderlyingBaseTypeNotExplicitlyDefined.ql @@ -17,9 +17,10 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.rules.enumerationnotdefinedwithanexplicitunderlyingtype_shared.EnumerationNotDefinedWithAnExplicitUnderlyingType_shared -from Enum e -where - not isExcluded(e, DeclarationsPackage::enumerationUnderlyingBaseTypeNotExplicitlyDefinedQuery()) and - not e.hasExplicitUnderlyingType() -select e, "Base type of enumeration is not explicitly specified." +class EnumerationUnderlyingBaseTypeNotExplicitlyDefinedQuery extends EnumerationNotDefinedWithAnExplicitUnderlyingType_sharedSharedQuery { + EnumerationUnderlyingBaseTypeNotExplicitlyDefinedQuery() { + this = DeclarationsPackage::enumerationUnderlyingBaseTypeNotExplicitlyDefinedQuery() + } +} diff --git a/cpp/autosar/src/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.ql b/cpp/autosar/src/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.ql index ac6e1b6ff9..2dd634e971 100644 --- a/cpp/autosar/src/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.ql +++ b/cpp/autosar/src/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.ql @@ -16,56 +16,10 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.rules.definitionnotconsideredforunqualifiedlookup_shared.DefinitionNotConsideredForUnqualifiedLookup_shared -/** - * Holds if `functionDecl` is a possible intended target of the `usingDecl`. - */ -pragma[noinline] -predicate isPossibleIntendedTarget( - FunctionDeclarationEntry functionDecl, UsingDeclarationEntry usingDecl -) { - // Extracted to improve the join order. With this approach, we first compute a set of using - // declarations and a set of possible intended targets - functionDecl.getDeclaration().isTopLevel() and - functionDecl.getDeclaration().getQualifiedName() = usingDecl.getDeclaration().getQualifiedName() and - functionDecl.getDeclaration().getNamespace().getParentNamespace*() = usingDecl.getParentScope() +class DefinitionNotConsideredForUnqualifiedLookupQuery extends DefinitionNotConsideredForUnqualifiedLookup_sharedSharedQuery { + DefinitionNotConsideredForUnqualifiedLookupQuery() { + this = ScopePackage::definitionNotConsideredForUnqualifiedLookupQuery() + } } - -/** - * Holds if `functionDecl` is a possible intended target of the `usingDecl`, and they exist at the - * given locations. - */ -pragma[noinline] -predicate isPossibleIntendedTargetLocation( - FunctionDeclarationEntry functionDecl, UsingDeclarationEntry usingDecl, File usingsFile, - File unavailableFile, int usingsStartLine, int unavailableStartLine -) { - // Extracted to improve the join order. With this approach, we take the set of possible intended - // targets computed in isPossibleIntendedTargets, and compute the files and start lines. - // This helps avoid the join order preferred by the optimiser if this is all written directly in - // the from-where-select, where it will eagerly join: - // - // usingDeclarationEntries -> enclosing files -> all other elements in those files - // - // which is expensive when there are a lot of files with using declarations - isPossibleIntendedTarget(functionDecl, usingDecl) and - usingsFile = usingDecl.getFile() and - unavailableFile = functionDecl.getFile() and - usingsStartLine = usingDecl.getLocation().getStartLine() and - unavailableStartLine = functionDecl.getLocation().getStartLine() -} - -from FunctionDeclarationEntry unavailableDecl, UsingDeclarationEntry usingDecl -where - not isExcluded(unavailableDecl, ScopePackage::definitionNotConsideredForUnqualifiedLookupQuery()) and - exists(File usingsFile, File unavailableFile, int usingsStartLine, int unavailableStartLine | - isPossibleIntendedTargetLocation(unavailableDecl, usingDecl, usingsFile, unavailableFile, - usingsStartLine, unavailableStartLine) and - // An approximation of order where we want the using to preceed the new declaration. - usingsFile = unavailableFile and - usingsStartLine < unavailableStartLine - ) -select unavailableDecl, - "Definition for '" + unavailableDecl.getName() + - "' is not available for unqualified lookup because it is declared after $@", usingDecl, - "using-declaration" diff --git a/cpp/autosar/src/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.ql b/cpp/autosar/src/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.ql index fa1859c229..780a0c0997 100644 --- a/cpp/autosar/src/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.ql +++ b/cpp/autosar/src/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.ql @@ -15,45 +15,10 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.Class +import codingstandards.cpp.rules.hiddeninheritednonoverridablememberfunction_shared.HiddenInheritedNonOverridableMemberFunction_shared -/** - * Holds if the class has a non-virtual member function with the given name. - */ -pragma[noinline, nomagic] -predicate hasNonVirtualMemberFunction(Class clazz, MemberFunction mf, string name) { - mf.getDeclaringType() = clazz and - mf.getName() = name and - not mf.isVirtual() and - // Exclude private member functions, which cannot be inherited. - not mf.isPrivate() +class HiddenInheritedNonOverridableMemberFunctionQuery extends HiddenInheritedNonOverridableMemberFunction_sharedSharedQuery { + HiddenInheritedNonOverridableMemberFunctionQuery() { + this = ScopePackage::hiddenInheritedNonOverridableMemberFunctionQuery() + } } - -/** - * Holds if the member function is in a class with the given base class, and has the given name. - */ -pragma[noinline, nomagic] -predicate hasDeclarationBaseClass(MemberFunction mf, Class baseClass, string functionName) { - baseClass = mf.getDeclaringType().getABaseClass() and - functionName = mf.getName() -} - -from MemberFunction overridingDecl, MemberFunction hiddenDecl, Class baseClass, string name -where - not isExcluded(overridingDecl, ScopePackage::hiddenInheritedNonOverridableMemberFunctionQuery()) and - // Check if we are overriding a non-virtual inherited member function - hasNonVirtualMemberFunction(baseClass, hiddenDecl, name) and - hasDeclarationBaseClass(overridingDecl, baseClass, name) and - // Where the hidden member function isn't explicitly brought in scope through a using declaration. - not exists(UsingDeclarationEntry ude | - ude.getDeclaration() = hiddenDecl and - ude.getEnclosingElement() = overridingDecl.getDeclaringType() - ) and - // Exclude compiler generated member functions which include things like copy constructor that hide base class - // copy constructors. - not overridingDecl.isCompilerGenerated() and - // Exclude special member functions, which cannot be inherited. - not overridingDecl instanceof SpecialMemberFunction -select overridingDecl, - "Declaration for member '" + name + "' hides non-overridable inherited member function $@", - hiddenDecl, hiddenDecl.getName() diff --git a/cpp/autosar/src/rules/A7-3-1/HiddenInheritedOverridableMemberFunction.ql b/cpp/autosar/src/rules/A7-3-1/HiddenInheritedOverridableMemberFunction.ql index 437c8798f9..e59a76093e 100644 --- a/cpp/autosar/src/rules/A7-3-1/HiddenInheritedOverridableMemberFunction.ql +++ b/cpp/autosar/src/rules/A7-3-1/HiddenInheritedOverridableMemberFunction.ql @@ -15,42 +15,10 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.rules.hiddeninheritedoverridablememberfunction_shared.HiddenInheritedOverridableMemberFunction_shared -from FunctionDeclarationEntry overridingDecl, FunctionDeclarationEntry hiddenDecl -where - not isExcluded(overridingDecl, ScopePackage::hiddenInheritedOverridableMemberFunctionQuery()) and - // Check if we are overriding a virtual inherited member function - hiddenDecl.getDeclaration().isVirtual() and - // Exclude private member functions, which cannot be inherited. - not hiddenDecl.getDeclaration().(MemberFunction).isPrivate() and - // The overriding declaration hides the hidden declaration if: - ( - // 1. the overriding declaration overrides a function in a base class that is an overload of the hidden declaration - // and the hidden declaration isn't overriden in the same class. - exists(FunctionDeclarationEntry overridenDecl | - overridingDecl.getDeclaration().(MemberFunction).overrides(overridenDecl.getDeclaration()) and - overridenDecl.getDeclaration().getAnOverload() = hiddenDecl.getDeclaration() and - not exists(MemberFunction overridingFunc | - hiddenDecl.getDeclaration().(MemberFunction).getAnOverridingFunction() = overridingFunc and - overridingFunc.getDeclaringType() = overridingDecl.getDeclaration().getDeclaringType() - ) - ) and - // and the hidden declaration isn't explicitly brought in scope through a using declaration. - not exists(UsingDeclarationEntry ude | - ude.getDeclaration() = hiddenDecl.getDeclaration() and - ude.getEnclosingElement() = overridingDecl.getDeclaration().getDeclaringType() - ) - or - // 2. if the overriding declaration doesn't override a base member function but has the same name - // as the hidden declaration - not overridingDecl.getDeclaration().(MemberFunction).overrides(_) and - overridingDecl.getName() = hiddenDecl.getName() and - overridingDecl.getDeclaration().getDeclaringType().getABaseClass() = - hiddenDecl.getDeclaration().getDeclaringType() - ) and - // Limit the results to the declarations and not the definitions, if any. - (overridingDecl.getDeclaration().hasDefinition() implies not overridingDecl.isDefinition()) and - (hiddenDecl.getDeclaration().hasDefinition() implies not hiddenDecl.isDefinition()) -select overridingDecl, - "Declaration for member '" + overridingDecl.getName() + - "' hides overridable inherited member function $@", hiddenDecl, hiddenDecl.getName() +class HiddenInheritedOverridableMemberFunctionQuery extends HiddenInheritedOverridableMemberFunction_sharedSharedQuery { + HiddenInheritedOverridableMemberFunctionQuery() { + this = ScopePackage::hiddenInheritedOverridableMemberFunctionQuery() + } +} diff --git a/cpp/autosar/src/rules/A7-4-1/AsmDeclarationUsed.ql b/cpp/autosar/src/rules/A7-4-1/AsmDeclarationUsed.ql index d94811ff18..37521be2b8 100644 --- a/cpp/autosar/src/rules/A7-4-1/AsmDeclarationUsed.ql +++ b/cpp/autosar/src/rules/A7-4-1/AsmDeclarationUsed.ql @@ -15,7 +15,10 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.rules.asmdeclarationused_shared.AsmDeclarationUsed_shared -from AsmStmt a -where not isExcluded(a, BannedSyntaxPackage::asmDeclarationUsedQuery()) -select a, "Use of asm declaration" +class AsmDeclarationUsedQuery extends AsmDeclarationUsed_sharedSharedQuery { + AsmDeclarationUsedQuery() { + this = BannedSyntaxPackage::asmDeclarationUsedQuery() + } +} diff --git a/cpp/autosar/src/rules/A7-5-2/RecursiveFunctions.ql b/cpp/autosar/src/rules/A7-5-2/RecursiveFunctions.ql index 13883624b3..8b9818ab59 100644 --- a/cpp/autosar/src/rules/A7-5-2/RecursiveFunctions.ql +++ b/cpp/autosar/src/rules/A7-5-2/RecursiveFunctions.ql @@ -16,21 +16,10 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.rules.functionscallthemselveseitherdirectlyorindirectly_shared.FunctionsCallThemselvesEitherDirectlyOrIndirectly_shared -class RecursiveCall extends FunctionCall { - RecursiveCall() { - this.getTarget().calls*(this.getEnclosingFunction()) and - not this.getTarget().hasSpecifier("is_constexpr") +class RecursiveFunctionsQuery extends FunctionsCallThemselvesEitherDirectlyOrIndirectly_sharedSharedQuery { + RecursiveFunctionsQuery() { + this = FunctionsPackage::recursiveFunctionsQuery() } } - -from RecursiveCall call, string msg, FunctionCall fc -where - not isExcluded(fc, FunctionsPackage::recursiveFunctionsQuery()) and - fc.getTarget() = call.getTarget() and - if fc.getTarget() = fc.getEnclosingFunction() - then msg = "This call directly invokes its containing function $@." - else - msg = - "The function " + fc.getEnclosingFunction() + " is indirectly recursive via this call to $@." -select fc, msg, fc.getTarget(), fc.getTarget().getName() diff --git a/cpp/autosar/src/rules/A8-5-4/ConfusingUseOfInitializerListConstructors.ql b/cpp/autosar/src/rules/A8-5-4/ConfusingUseOfInitializerListConstructors.ql index 2a44ca650e..124346a23d 100644 --- a/cpp/autosar/src/rules/A8-5-4/ConfusingUseOfInitializerListConstructors.ql +++ b/cpp/autosar/src/rules/A8-5-4/ConfusingUseOfInitializerListConstructors.ql @@ -17,50 +17,10 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.rules.initializerlistconstructoristheonlyconstructor_shared.InitializerListConstructorIsTheOnlyConstructor_shared -class StdInitializerList extends Class { - StdInitializerList() { hasQualifiedName("std", "initializer_list") } -} - -/** - * An _initializer-list constructor_ according to `[dcl.init.list]`. - * - * A `Constructor` where the first parameter refers to `std::initializer_list`, and any remaining - * parameters have default arguments. - */ -class InitializerListConstructor extends Constructor { - InitializerListConstructor() { - // The first parameter is a `std::intializer_list` parameter - exists(Type firstParamType | firstParamType = getParameter(0).getType() | - // Either directly `std::initializer_list` - firstParamType instanceof StdInitializerList - or - //A reference to `std::initializer_list` - firstParamType.(ReferenceType).getBaseType().getUnspecifiedType() instanceof - StdInitializerList - ) and - // All parameters other than the fi - forall(Parameter other | other = getParameter([1 .. (getNumberOfParameters() - 1)]) | - exists(other.getInitializer()) - ) +class ConfusingUseOfInitializerListConstructorsQuery extends InitializerListConstructorIsTheOnlyConstructor_sharedSharedQuery { + ConfusingUseOfInitializerListConstructorsQuery() { + this = InitializationPackage::confusingUseOfInitializerListConstructorsQuery() } } - -from Constructor c, InitializerListConstructor stdInitializerConstructor, string paramList -where - not isExcluded(c, InitializationPackage::confusingUseOfInitializerListConstructorsQuery()) and - // Not an initializer-list constructor - not c instanceof InitializerListConstructor and - // Constructor is not a special member function constructor - not c instanceof CopyConstructor and - not c instanceof MoveConstructor and - not c.getNumberOfParameters() = 0 and // default constructor - // And there is an initalizer-list constructor - stdInitializerConstructor = c.getDeclaringType().getAConstructor() and - // Determine the parameter type list of the constructor - paramList = - concat(string parameter | parameter = c.getAParameter().getType().getName() | parameter, ",") -select c, - "The constructor " + c.getQualifiedName() + "(" + paramList + - ") may be ignored in favour of $@ when using braced initialization.", stdInitializerConstructor, - "the constructor accepting std::initializer_list" diff --git a/cpp/autosar/src/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtual.ql b/cpp/autosar/src/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtual.ql new file mode 100644 index 0000000000..f9b6a082cf --- /dev/null +++ b/cpp/autosar/src/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtual.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/autosar/accessible-base-class-both-virtual-and-non-virtual + * @name M10-1-3: An accessible base class shall not be both virtual and non-virtual in the same hierarchy + * @description A base class must not be virtual and non-virtual in the same hierarchy to avoid + * copies of the object and confusing behavior. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/autosar/id/m10-1-3 + * external/autosar/allocated-target/implementation + * external/autosar/enforcement/automated + * external/autosar/obligation/required + */ + +import cpp +import codingstandards.cpp.autosar +import codingstandards.cpp.rules.virtualandnonvirtualclassinthehierarchy_shared.VirtualAndNonVirtualClassInTheHierarchy_shared + +class AccessibleBaseClassBothVirtualAndNonVirtualQuery extends VirtualAndNonVirtualClassInTheHierarchy_sharedSharedQuery { + AccessibleBaseClassBothVirtualAndNonVirtualQuery() { + this = InheritancePackage::accessibleBaseClassBothVirtualAndNonVirtualQuery() + } +} diff --git a/cpp/autosar/src/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtualInHierarchy.ql b/cpp/autosar/src/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtualInHierarchy.ql deleted file mode 100644 index 6b6cead0ea..0000000000 --- a/cpp/autosar/src/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtualInHierarchy.ql +++ /dev/null @@ -1,37 +0,0 @@ -/** - * @id cpp/autosar/accessible-base-class-both-virtual-and-non-virtual-in-hierarchy - * @name M10-1-3: An accessible base class shall not be both virtual and non-virtual in the same hierarchy - * @description A base class must not be virtual and non-virtual in the same hierarchy to avoid - * copies of the object and confusing behavior. - * @kind problem - * @precision very-high - * @problem.severity warning - * @tags external/autosar/id/m10-1-3 - * external/autosar/allocated-target/implementation - * external/autosar/enforcement/automated - * external/autosar/obligation/required - */ - -import cpp -import codingstandards.cpp.autosar - -from Class c1, Class c2, Class c3, Class base, ClassDerivation cd1, ClassDerivation cd2 -where - not isExcluded(c3, - InheritancePackage::accessibleBaseClassBothVirtualAndNonVirtualInHierarchyQuery()) and - // for each pair of classes, get all of their derivations - cd1 = c1.getADerivation() and - cd2 = c2.getADerivation() and - // where they share the same base class - base = cd1.getBaseClass() and - base = cd2.getBaseClass() and - // but one is virtual, and one is not, and the derivations are in different classes - cd1.isVirtual() and - not cd2.isVirtual() and - // and there is some 'other class' that derives from both of these classes - c3.derivesFrom*(c1) and - c3.derivesFrom*(c2) and - // and the base class is accessible from the 'other class' - c3.getAMemberFunction().getEnclosingAccessHolder().canAccessClass(base, c3) -select c3, "Class inherits base class $@, which is derived virtual by $@ and non-virtual by $@.", - base, base.getName(), cd1, cd1.getDerivedClass().toString(), c2, cd2.getDerivedClass().toString() diff --git a/cpp/autosar/src/rules/M12-1-1/DynamicTypeOfThisUsedFromConstructorOrDestructor.ql b/cpp/autosar/src/rules/M12-1-1/DynamicTypeOfThisUsedFromConstructorOrDestructor.ql index 35f41c179a..ebca52df84 100644 --- a/cpp/autosar/src/rules/M12-1-1/DynamicTypeOfThisUsedFromConstructorOrDestructor.ql +++ b/cpp/autosar/src/rules/M12-1-1/DynamicTypeOfThisUsedFromConstructorOrDestructor.ql @@ -14,79 +14,10 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.rules.objectsdynamictypeusedfromconstructorordestructor_shared.ObjectsDynamicTypeUsedFromConstructorOrDestructor_shared -predicate thisCall(FunctionCall c) { - c.getQualifier() instanceof ThisExpr or - c.getQualifier().(PointerDereferenceExpr).getChild(0) instanceof ThisExpr -} - -predicate virtualThisCall(FunctionCall c, Function overridingFunction) { - c.isVirtual() and - thisCall(c) and - overridingFunction = c.getTarget().(VirtualFunction).getAnOverridingFunction() -} - -class DynamicTypeExpr extends Expr { - DynamicTypeExpr() { - this instanceof TypeidOperator and - this.getEnclosingFunction().getDeclaringType().isPolymorphic() - or - this instanceof DynamicCast - or - virtualThisCall(this.(FunctionCall), _) +class DynamicTypeOfThisUsedFromConstructorOrDestructorQuery extends ObjectsDynamicTypeUsedFromConstructorOrDestructor_sharedSharedQuery { + DynamicTypeOfThisUsedFromConstructorOrDestructorQuery() { + this = InheritancePackage::dynamicTypeOfThisUsedFromConstructorOrDestructorQuery() } } - -/* - * Catch most cases: go into functions in the same class, but only catch direct - * references to "this". - */ - -predicate nonVirtualMemberFunction(MemberFunction mf, Class c) { - mf = c.getAMemberFunction() and - not mf instanceof Constructor and - not mf instanceof Destructor and - not mf.isVirtual() -} - -predicate callFromNonVirtual(MemberFunction source, Class c, MemberFunction targ) { - exists(FunctionCall fc | - fc.getEnclosingFunction() = source and fc.getTarget() = targ and thisCall(fc) - ) and - targ = c.getAMemberFunction() and - nonVirtualMemberFunction(source, c) -} - -predicate indirectlyInvokesDynamicTypeExpr(MemberFunction caller, DynamicTypeExpr target) { - target = - any(DynamicTypeExpr expr | - expr.getEnclosingFunction() = caller and - nonVirtualMemberFunction(caller, caller.getDeclaringType()) - ) - or - exists(MemberFunction mid | - indirectlyInvokesDynamicTypeExpr(mid, target) and - callFromNonVirtual(caller, caller.getDeclaringType(), mid) - ) -} - -from DynamicTypeExpr expr, FunctionCall call, MemberFunction mf, string explanation -where - not isExcluded(expr, InheritancePackage::dynamicTypeOfThisUsedFromConstructorOrDestructorQuery()) and - ( - mf instanceof Constructor or - mf instanceof Destructor - ) and - ( - mf = expr.getEnclosingFunction() and - explanation = "$@ uses the dynamic type of its own object." - or - mf != expr.getEnclosingFunction() and - mf = call.getEnclosingFunction() and - thisCall(call) and - indirectlyInvokesDynamicTypeExpr(call.getTarget(), expr) and - explanation = - "$@ calls " + call.getTarget().getQualifiedName() + - ", which uses the dynamic type of its own object." - ) -select expr, explanation, mf, mf.getQualifiedName() diff --git a/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.ql b/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.ql index 2736d39290..1d4754745c 100644 --- a/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.ql +++ b/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.ql @@ -16,27 +16,10 @@ import cpp import codingstandards.cpp.autosar -import NameInDependentBase +import codingstandards.cpp.rules.namenotreferredusingaqualifiedidorthis_shared.NameNotReferredUsingAQualifiedIdOrThis_shared -from - TemplateClass c, NameQualifiableElement fn, string targetName, Element actualTarget, - Element dependentTypeMemberWithSameName -where - not isExcluded(fn, TemplatesPackage::nameNotReferredUsingAQualifiedIdOrThisQuery()) and - not isCustomExcluded(fn) and - missingNameQualifier(fn) and - ( - fn = getConfusingFunctionAccess(c, targetName, actualTarget, dependentTypeMemberWithSameName) - or - fn = getConfusingFunctionCall(c, targetName, actualTarget, dependentTypeMemberWithSameName) and - not exists(Expr e | e = fn.(FunctionCall).getQualifier()) - or - fn = - getConfusingMemberVariableAccess(c, targetName, actualTarget, dependentTypeMemberWithSameName) and - not exists(Expr e | e = fn.(VariableAccess).getQualifier()) - ) and - not fn.isAffectedByMacro() -select fn, - "Use of unqualified identifier " + targetName + - " targets $@ but a member with the name also exists $@.", actualTarget, targetName, - dependentTypeMemberWithSameName, "in the dependent base class" +class NameNotReferredUsingAQualifiedIdOrThisQuery extends NameNotReferredUsingAQualifiedIdOrThis_sharedSharedQuery { + NameNotReferredUsingAQualifiedIdOrThisQuery() { + this = TemplatesPackage::nameNotReferredUsingAQualifiedIdOrThisQuery() + } +} diff --git a/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.ql b/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.ql index 401edf3b61..15bacca423 100644 --- a/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.ql +++ b/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.ql @@ -16,27 +16,10 @@ import cpp import codingstandards.cpp.autosar -import NameInDependentBase +import codingstandards.cpp.rules.namenotreferredusingaqualifiedidorthisaudit_shared.NameNotReferredUsingAQualifiedIdOrThisAudit_shared -from - TemplateClass c, NameQualifiableElement fn, string targetName, Element actualTarget, - Element dependentTypeMemberWithSameName -where - not isExcluded(fn, TemplatesPackage::nameNotReferredUsingAQualifiedIdOrThisAuditQuery()) and - not isCustomExcluded(fn) and - missingNameQualifier(fn) and - ( - fn = getConfusingFunctionAccess(c, targetName, actualTarget, dependentTypeMemberWithSameName) - or - fn = getConfusingFunctionCall(c, targetName, actualTarget, dependentTypeMemberWithSameName) and - not exists(Expr e | e = fn.(FunctionCall).getQualifier()) - or - not fn.(VariableAccess).getTarget() instanceof Parameter and - fn = - getConfusingMemberVariableAccess(c, targetName, actualTarget, dependentTypeMemberWithSameName) and - not exists(Expr e | e = fn.(VariableAccess).getQualifier()) - ) -select fn, - "Use of unqualified identifier " + targetName + - " targets $@ but a member with the name also exists $@.", actualTarget, targetName, - dependentTypeMemberWithSameName, "in the dependent base class" +class NameNotReferredUsingAQualifiedIdOrThisAuditQuery extends NameNotReferredUsingAQualifiedIdOrThisAudit_sharedSharedQuery { + NameNotReferredUsingAQualifiedIdOrThisAuditQuery() { + this = TemplatesPackage::nameNotReferredUsingAQualifiedIdOrThisAuditQuery() + } +} diff --git a/cpp/autosar/src/rules/M15-1-3/EmptyThrowOutsideCatch.ql b/cpp/autosar/src/rules/M15-1-3/EmptyThrowOutsideCatch.ql index 7e263d66bb..a207de0392 100644 --- a/cpp/autosar/src/rules/M15-1-3/EmptyThrowOutsideCatch.ql +++ b/cpp/autosar/src/rules/M15-1-3/EmptyThrowOutsideCatch.ql @@ -15,9 +15,10 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.rules.emptythrowonlywithinacatchhandler_shared.EmptyThrowOnlyWithinACatchHandler_shared -from ReThrowExpr re -where - not isExcluded(re, Exceptions1Package::emptyThrowOutsideCatchQuery()) and - not re.getEnclosingElement+() instanceof CatchBlock -select re, "Rethrow outside catch block" +class EmptyThrowOutsideCatchQuery extends EmptyThrowOnlyWithinACatchHandler_sharedSharedQuery { + EmptyThrowOutsideCatchQuery() { + this = Exceptions1Package::emptyThrowOutsideCatchQuery() + } +} diff --git a/cpp/autosar/src/rules/M18-2-1/MacroOffsetofUsed.ql b/cpp/autosar/src/rules/M18-2-1/MacroOffsetofUsed.ql index a572497418..75be69c70b 100644 --- a/cpp/autosar/src/rules/M18-2-1/MacroOffsetofUsed.ql +++ b/cpp/autosar/src/rules/M18-2-1/MacroOffsetofUsed.ql @@ -15,9 +15,10 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.rules.macrooffsetofused_shared.MacroOffsetofUsed_shared -from MacroInvocation mi -where - not isExcluded(mi, BannedFunctionsPackage::macroOffsetofUsedQuery()) and - mi.getMacroName() = "offsetof" -select mi, "Use of banned macro " + mi.getMacroName() + "." +class MacroOffsetofUsedQuery extends MacroOffsetofUsed_sharedSharedQuery { + MacroOffsetofUsedQuery() { + this = BannedFunctionsPackage::macroOffsetofUsedQuery() + } +} diff --git a/cpp/autosar/src/rules/M18-7-1/CsignalFunctionsUsed.ql b/cpp/autosar/src/rules/M18-7-1/CsignalFunctionsUsed.ql index ff264baffc..8f176b14af 100644 --- a/cpp/autosar/src/rules/M18-7-1/CsignalFunctionsUsed.ql +++ b/cpp/autosar/src/rules/M18-7-1/CsignalFunctionsUsed.ql @@ -16,10 +16,10 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.rules.csignalfunctionsused_shared.CsignalFunctionsUsed_shared -from FunctionCall fc, Function f -where - not isExcluded(fc, BannedLibrariesPackage::csignalFunctionsUsedQuery()) and - f = fc.getTarget() and - f.hasGlobalOrStdName(["signal", "raise"]) -select fc, "Use of function '" + f.getQualifiedName() + "'." +class CsignalFunctionsUsedQuery extends CsignalFunctionsUsed_sharedSharedQuery { + CsignalFunctionsUsedQuery() { + this = BannedLibrariesPackage::csignalFunctionsUsedQuery() + } +} diff --git a/cpp/autosar/src/rules/M18-7-1/CsignalTypesUsed.ql b/cpp/autosar/src/rules/M18-7-1/CsignalTypesUsed.ql index c91d56c572..f18a68fea8 100644 --- a/cpp/autosar/src/rules/M18-7-1/CsignalTypesUsed.ql +++ b/cpp/autosar/src/rules/M18-7-1/CsignalTypesUsed.ql @@ -16,10 +16,10 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.rules.csignaltypesused_shared.CsignalTypesUsed_shared -from TypeMention tm, UserType ut -where - not isExcluded(tm, BannedLibrariesPackage::csignalTypesUsedQuery()) and - ut = tm.getMentionedType() and - ut.hasGlobalOrStdName("sig_atomic_t") -select tm, "Use of type '" + ut.getQualifiedName() + "'." +class CsignalTypesUsedQuery extends CsignalTypesUsed_sharedSharedQuery { + CsignalTypesUsedQuery() { + this = BannedLibrariesPackage::csignalTypesUsedQuery() + } +} diff --git a/cpp/autosar/src/rules/M2-13-2/UseOfNonZeroOctalLiteral.ql b/cpp/autosar/src/rules/M2-13-2/UseOfNonZeroOctalLiteral.ql index 2bd35e2484..81d293b43f 100644 --- a/cpp/autosar/src/rules/M2-13-2/UseOfNonZeroOctalLiteral.ql +++ b/cpp/autosar/src/rules/M2-13-2/UseOfNonZeroOctalLiteral.ql @@ -16,10 +16,10 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.Cpp14Literal +import codingstandards.cpp.rules.useofnonzerooctalliteral_shared.UseOfNonZeroOctalLiteral_shared -from Cpp14Literal::OctalLiteral octalLiteral -where - not isExcluded(octalLiteral, LiteralsPackage::useOfNonZeroOctalLiteralQuery()) and - not octalLiteral.getValue() = "0" -select octalLiteral, "Non zero octal literal " + octalLiteral.getValueText() + "." +class UseOfNonZeroOctalLiteralQuery extends UseOfNonZeroOctalLiteral_sharedSharedQuery { + UseOfNonZeroOctalLiteralQuery() { + this = LiteralsPackage::useOfNonZeroOctalLiteralQuery() + } +} diff --git a/cpp/autosar/src/rules/M2-13-3/MissingUSuffix.ql b/cpp/autosar/src/rules/M2-13-3/MissingUSuffix.ql index 25cae1e03f..6b5fe3e0ae 100644 --- a/cpp/autosar/src/rules/M2-13-3/MissingUSuffix.ql +++ b/cpp/autosar/src/rules/M2-13-3/MissingUSuffix.ql @@ -18,18 +18,10 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.Cpp14Literal +import codingstandards.cpp.rules.unsignedintegerliteralsnotappropriatelysuffixed_shared.UnsignedIntegerLiteralsNotAppropriatelySuffixed_shared -from Cpp14Literal::NumericLiteral nl, string literalKind -where - not isExcluded(nl, LiteralsPackage::missingUSuffixQuery()) and - ( - nl instanceof Cpp14Literal::OctalLiteral and literalKind = "Octal" - or - nl instanceof Cpp14Literal::HexLiteral and literalKind = "Hex" - ) and - // This either directly has an unsigned integer type, or it is converted to an unsigned integer type - nl.getType().getUnspecifiedType().(IntegralType).isUnsigned() and - // The literal already has a `u` or `U` suffix. - not nl.getValueText().regexpMatch(".*[lL]*[uU][lL]*") -select nl, literalKind + " literal is an unsigned integer but does not include a 'U' suffix." +class MissingUSuffixQuery extends UnsignedIntegerLiteralsNotAppropriatelySuffixed_sharedSharedQuery { + MissingUSuffixQuery() { + this = LiteralsPackage::missingUSuffixQuery() + } +} diff --git a/cpp/autosar/src/rules/M2-7-1/SlashStarUsedWithinACStyleComment.ql b/cpp/autosar/src/rules/M2-7-1/SlashStarUsedWithinACStyleComment.ql index 768acb0532..db23f3fb0b 100644 --- a/cpp/autosar/src/rules/M2-7-1/SlashStarUsedWithinACStyleComment.ql +++ b/cpp/autosar/src/rules/M2-7-1/SlashStarUsedWithinACStyleComment.ql @@ -16,9 +16,10 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.rules.charactersequenceusedwithinacstylecomment_shared.CharacterSequenceUsedWithinACStyleComment_shared -from CStyleComment c -where - not isExcluded(c, CommentsPackage::slashStarUsedWithinACStyleCommentQuery()) and - exists(c.getContents().regexpFind("./\\*", _, _)) -select c, "C-style /* comment includes nested /*." +class SlashStarUsedWithinACStyleCommentQuery extends CharacterSequenceUsedWithinACStyleComment_sharedSharedQuery { + SlashStarUsedWithinACStyleCommentQuery() { + this = CommentsPackage::slashStarUsedWithinACStyleCommentQuery() + } +} diff --git a/cpp/autosar/src/rules/M27-0-1/CstdioFunctionsUsed.ql b/cpp/autosar/src/rules/M27-0-1/CstdioFunctionsUsed.ql index 55254581a6..6868a8047a 100644 --- a/cpp/autosar/src/rules/M27-0-1/CstdioFunctionsUsed.ql +++ b/cpp/autosar/src/rules/M27-0-1/CstdioFunctionsUsed.ql @@ -17,26 +17,10 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.rules.cstdiofunctionsused_shared.CstdioFunctionsUsed_shared -from FunctionCall fc, Function f -where - not isExcluded(fc, BannedLibrariesPackage::cstdioFunctionsUsedQuery()) and - f = fc.getTarget() and - f.hasGlobalOrStdName([ - "remove", "rename", "tmpfile", "tmpnam", - // File access - "fclose", "fflush", "fopen", "freopen", "setbuf", "setvbuf", - // Formatted input/output - "fprintf", "fscanf", "printf", "scanf", "snprintf", "sprintf", "sscanf", "vfprintf", - "vfscanf", "vprintf", "vscanf", "vsnprintf", "vsprintf", "vsscanf", - // Character input/output - "fgetc", "fgets", "fputc", "fputs", "getc", "getchar", "gets", "putc", "putchar", "puts", - "ungetc", - // Direct input/output - "fread", "fwrite", - // File positioning - "fgetpos", "fseek", "fsetpos", "ftell", "rewind", - // Error handling - "clearerr", "feof", "ferror", "perror" - ]) -select fc, "Use of function '" + f.getQualifiedName() + "'." +class CstdioFunctionsUsedQuery extends CstdioFunctionsUsed_sharedSharedQuery { + CstdioFunctionsUsedQuery() { + this = BannedLibrariesPackage::cstdioFunctionsUsedQuery() + } +} diff --git a/cpp/autosar/src/rules/M27-0-1/CstdioMacrosUsed.ql b/cpp/autosar/src/rules/M27-0-1/CstdioMacrosUsed.ql index ccf633488e..a44ea3dd26 100644 --- a/cpp/autosar/src/rules/M27-0-1/CstdioMacrosUsed.ql +++ b/cpp/autosar/src/rules/M27-0-1/CstdioMacrosUsed.ql @@ -17,12 +17,10 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.rules.cstdiomacrosused_shared.CstdioMacrosUsed_shared -from MacroInvocation mi -where - not isExcluded(mi, BannedLibrariesPackage::cstdioMacrosUsedQuery()) and - mi.getMacroName() in [ - "BUFSIZ", "EOF", "FILENAME_MAX", "FOPEN_MAX", "L_tmpnam", "TMP_MAX", "_IOFBF", "IOLBF", - "_IONBF", "SEEK_CUR", "SEEK_END", "SEEK_SET" - ] -select mi, "Use of macro '" + mi.getMacroName() + "'." +class CstdioMacrosUsedQuery extends CstdioMacrosUsed_sharedSharedQuery { + CstdioMacrosUsedQuery() { + this = BannedLibrariesPackage::cstdioMacrosUsedQuery() + } +} diff --git a/cpp/autosar/src/rules/M27-0-1/CstdioTypesUsed.ql b/cpp/autosar/src/rules/M27-0-1/CstdioTypesUsed.ql index 6fc2adaffb..f939370984 100644 --- a/cpp/autosar/src/rules/M27-0-1/CstdioTypesUsed.ql +++ b/cpp/autosar/src/rules/M27-0-1/CstdioTypesUsed.ql @@ -17,10 +17,10 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.rules.cstdiotypesused_shared.CstdioTypesUsed_shared -from TypeMention tm, UserType ut -where - not isExcluded(tm, BannedLibrariesPackage::cstdioTypesUsedQuery()) and - ut = tm.getMentionedType() and - ut.hasGlobalOrStdName(["FILE", "fpos_t"]) -select tm, "Use of type '" + ut.getQualifiedName() + "'." +class CstdioTypesUsedQuery extends CstdioTypesUsed_sharedSharedQuery { + CstdioTypesUsedQuery() { + this = BannedLibrariesPackage::cstdioTypesUsedQuery() + } +} diff --git a/cpp/autosar/src/rules/M5-2-12/IdentifierPassedAsFunctionArgumentDecayToAPointer.ql b/cpp/autosar/src/rules/M5-2-12/IdentifierPassedAsFunctionArgumentDecayToAPointer.ql new file mode 100644 index 0000000000..25472efad7 --- /dev/null +++ b/cpp/autosar/src/rules/M5-2-12/IdentifierPassedAsFunctionArgumentDecayToAPointer.ql @@ -0,0 +1,24 @@ +/** + * @id cpp/autosar/identifier-passed-as-function-argument-decay-to-a-pointer + * @name M5-2-12: An identifier with array type passed as a function argument shall not decay to a pointer + * @description An identifier with array type passed as a function argument shall not decay to a + * pointer to prevent loss of its bounds. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/autosar/id/m5-2-12 + * correctness + * external/autosar/allocated-target/implementation + * external/autosar/enforcement/automated + * external/autosar/obligation/required + */ + +import cpp +import codingstandards.cpp.autosar +import codingstandards.cpp.rules.arraypassedasfunctionargumentdecaytoapointer_shared.ArrayPassedAsFunctionArgumentDecayToAPointer_shared + +class IdentifierPassedAsFunctionArgumentDecayToAPointerQuery extends ArrayPassedAsFunctionArgumentDecayToAPointer_sharedSharedQuery { + IdentifierPassedAsFunctionArgumentDecayToAPointerQuery() { + this = PointersPackage::identifierPassedAsFunctionArgumentDecayToAPointerQuery() + } +} diff --git a/cpp/autosar/src/rules/M5-2-12/IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointer.ql b/cpp/autosar/src/rules/M5-2-12/IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointer.ql deleted file mode 100644 index 4207b4d56c..0000000000 --- a/cpp/autosar/src/rules/M5-2-12/IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointer.ql +++ /dev/null @@ -1,47 +0,0 @@ -/** - * @id cpp/autosar/identifier-with-array-type-passed-as-function-argument-decay-to-a-pointer - * @name M5-2-12: An identifier with array type passed as a function argument shall not decay to a pointer - * @description An identifier with array type passed as a function argument shall not decay to a - * pointer to prevent loss of its bounds. - * @kind problem - * @precision very-high - * @problem.severity warning - * @tags external/autosar/id/m5-2-12 - * correctness - * external/autosar/allocated-target/implementation - * external/autosar/enforcement/automated - * external/autosar/obligation/required - */ - -import cpp -import codingstandards.cpp.autosar - -predicate arrayToPointerDecay(Access ae, Parameter p) { - ( - p.getType() instanceof PointerType and - // exclude parameters of void* because then it assumed the caller can pass in dimensions through other means. - // examples are uses in `memset` or `memcpy` - not p.getType() instanceof VoidPointerType - or - p.getType() instanceof ArrayType - ) and - ae.getType() instanceof ArrayType and - // exclude char[] arrays because we assume that we can determine its dimension by looking for a NULL byte. - not ae.getType().(ArrayType).getBaseType() instanceof CharType -} - -from - FunctionCall fc, Function f, Parameter decayedArray, Variable array, VariableAccess arrayAccess, - int i -where - not isExcluded(fc, - PointersPackage::identifierWithArrayTypePassedAsFunctionArgumentDecayToAPointerQuery()) and - arrayAccess = array.getAnAccess() and - f = fc.getTarget() and - arrayAccess = fc.getArgument(i) and - decayedArray = f.getParameter(i) and - arrayToPointerDecay(arrayAccess, decayedArray) and - not arrayAccess.isAffectedByMacro() -select fc.getArgument(i), - "The array $@ decays to the pointer $@ when passed as an argument to the function $@.", array, - array.getName(), decayedArray, decayedArray.getName(), f, f.getName() diff --git a/cpp/autosar/src/rules/M5-2-6/CastNotConvertPointerToFunction.ql b/cpp/autosar/src/rules/M5-2-6/CastNotConvertPointerToFunction.ql index b6a51dc0ab..80135df172 100644 --- a/cpp/autosar/src/rules/M5-2-6/CastNotConvertPointerToFunction.ql +++ b/cpp/autosar/src/rules/M5-2-6/CastNotConvertPointerToFunction.ql @@ -15,11 +15,10 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.rules.castsbetweenapointertofunctionandanyothertype_shared.CastsBetweenAPointerToFunctionAndAnyOtherType_shared -from Cast c -where - not isExcluded(c, PointersPackage::castNotConvertPointerToFunctionQuery()) and - not c.isImplicit() and - not c.isAffectedByMacro() and - c.getExpr().getType() instanceof FunctionPointerType -select c, "Cast converting a pointer to function." +class CastNotConvertPointerToFunctionQuery extends CastsBetweenAPointerToFunctionAndAnyOtherType_sharedSharedQuery { + CastNotConvertPointerToFunctionQuery() { + this = PointersPackage::castNotConvertPointerToFunctionQuery() + } +} diff --git a/cpp/autosar/src/rules/M5-3-2/UnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsigned.ql b/cpp/autosar/src/rules/M5-3-2/UnaryMinusOperatorAppliedToAnUnsignedExpression.ql similarity index 51% rename from cpp/autosar/src/rules/M5-3-2/UnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsigned.ql rename to cpp/autosar/src/rules/M5-3-2/UnaryMinusOperatorAppliedToAnUnsignedExpression.ql index 0367f0aebe..b57a309394 100644 --- a/cpp/autosar/src/rules/M5-3-2/UnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsigned.ql +++ b/cpp/autosar/src/rules/M5-3-2/UnaryMinusOperatorAppliedToAnUnsignedExpression.ql @@ -1,5 +1,5 @@ /** - * @id cpp/autosar/unary-minus-operator-applied-to-an-expression-whose-underlying-type-is-unsigned + * @id cpp/autosar/unary-minus-operator-applied-to-an-unsigned-expression * @name M5-3-2: The unary minus operator shall not be applied to an expression whose underlying type is unsigned * @description The unary minus operator shall not be applied to an expression whose underlying type * is unsigned. @@ -14,13 +14,10 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.rules.builtinunaryoperatorappliedtounsignedexpression_shared.BuiltInUnaryOperatorAppliedToUnsignedExpression_shared -from UnaryMinusExpr e, IntegralType t -where - not isExcluded(e, - OperatorsPackage::unaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsignedQuery()) and - t = e.getOperand().getExplicitlyConverted().getType().getUnderlyingType() and - t.isUnsigned() and - not e.isAffectedByMacro() -select e.getOperand(), - "The unary minus operator shall not be applied to an expression whose underlying type is unsigned." +class UnaryMinusOperatorAppliedToAnUnsignedExpressionQuery extends BuiltInUnaryOperatorAppliedToUnsignedExpression_sharedSharedQuery { + UnaryMinusOperatorAppliedToAnUnsignedExpressionQuery() { + this = OperatorsPackage::unaryMinusOperatorAppliedToAnUnsignedExpressionQuery() + } +} diff --git a/cpp/autosar/src/rules/M5-3-3/UnaryOperatorOverloaded.ql b/cpp/autosar/src/rules/M5-3-3/UnaryOperatorOverloaded.ql index 7e9511cf7e..216388c448 100644 --- a/cpp/autosar/src/rules/M5-3-3/UnaryOperatorOverloaded.ql +++ b/cpp/autosar/src/rules/M5-3-3/UnaryOperatorOverloaded.ql @@ -13,8 +13,8 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.Operator +import codingstandards.cpp.rules.addressofoperatoroverloaded_shared.AddressOfOperatorOverloaded_shared -from UnaryAddressOfOperator o -where not isExcluded(o, OperatorsPackage::unaryOperatorOverloadedQuery()) -select o, "The unary & operator overloaded." +class UnaryOperatorOverloadedQuery extends AddressOfOperatorOverloaded_sharedSharedQuery { + UnaryOperatorOverloadedQuery() { this = OperatorsPackage::unaryOperatorOverloadedQuery() } +} diff --git a/cpp/autosar/src/rules/M6-3-1/LoopCompoundCondition.ql b/cpp/autosar/src/rules/M6-3-1/LoopCompoundCondition.ql index 1c6c0b980e..d5756cabd9 100644 --- a/cpp/autosar/src/rules/M6-3-1/LoopCompoundCondition.ql +++ b/cpp/autosar/src/rules/M6-3-1/LoopCompoundCondition.ql @@ -16,9 +16,10 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.rules.loopcompoundcondition_shared.LoopCompoundCondition_shared -from Loop loop -where - not isExcluded(loop, ConditionalsPackage::loopCompoundConditionQuery()) and - not loop.getStmt() instanceof BlockStmt -select loop, "Loop body not enclosed within braces." +class LoopCompoundConditionQuery extends LoopCompoundCondition_sharedSharedQuery { + LoopCompoundConditionQuery() { + this = ConditionalsPackage::loopCompoundConditionQuery() + } +} diff --git a/cpp/autosar/src/rules/M6-3-1/SwitchCompoundCondition.ql b/cpp/autosar/src/rules/M6-3-1/SwitchCompoundCondition.ql index ee83f44ccf..1b8e9839f8 100644 --- a/cpp/autosar/src/rules/M6-3-1/SwitchCompoundCondition.ql +++ b/cpp/autosar/src/rules/M6-3-1/SwitchCompoundCondition.ql @@ -16,36 +16,10 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.rules.switchcompoundcondition_shared.SwitchCompoundCondition_shared -/** - * Class to differentiate between extractor generated blockstmt and actual blockstmt. The extractor - * will generate an artificial blockstmt when there is a single case and statement, e.g. - * ``` - * switch(x) - * case 1: - * f(); - * ``` - * This is because our AST model considers the `case` to be a statement in its own right, so the - * extractor needs an aritifical block to hold both the case and the statement. - */ -class ArtificialBlock extends BlockStmt { - ArtificialBlock() { - exists(Location block, Location firstStatement | - block = getLocation() and firstStatement = getStmt(0).getLocation() - | - // We can identify artificial blocks as those where the start of the statement is at the same - // location as the start of the first statement in the block i.e. there was no opening brace. - block.getStartLine() = firstStatement.getStartLine() and - block.getStartColumn() = firstStatement.getStartColumn() - ) +class SwitchCompoundConditionQuery extends SwitchCompoundCondition_sharedSharedQuery { + SwitchCompoundConditionQuery() { + this = ConditionalsPackage::switchCompoundConditionQuery() } } - -from SwitchStmt switch -where - not isExcluded(switch, ConditionalsPackage::switchCompoundConditionQuery()) and - ( - switch.getStmt() instanceof ArtificialBlock or - not switch.getStmt() instanceof BlockStmt - ) -select switch, "Switch body not enclosed within braces." diff --git a/cpp/autosar/src/rules/M7-3-1/GlobalNamespaceMembershipViolation.ql b/cpp/autosar/src/rules/M7-3-1/GlobalNamespaceMembershipViolation.ql index cb714a65f2..edc09e074b 100644 --- a/cpp/autosar/src/rules/M7-3-1/GlobalNamespaceMembershipViolation.ql +++ b/cpp/autosar/src/rules/M7-3-1/GlobalNamespaceMembershipViolation.ql @@ -16,13 +16,10 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.rules.globalnamespacedeclarations_shared.GlobalNamespaceDeclarations_shared -from DeclarationEntry de -where - not isExcluded(de, ScopePackage::globalNamespaceMembershipViolationQuery()) and - de.getDeclaration().getNamespace() instanceof GlobalNamespace and - de.getDeclaration().isTopLevel() and - not exists(Function f | f = de.getDeclaration() | f.hasGlobalName("main") or f.hasCLinkage()) -select de, - "Declaration " + de.getName() + - " is in the global namespace and is not a main, a namespace, or an extern \"C\" declaration." +class GlobalNamespaceMembershipViolationQuery extends GlobalNamespaceDeclarations_sharedSharedQuery { + GlobalNamespaceMembershipViolationQuery() { + this = ScopePackage::globalNamespaceMembershipViolationQuery() + } +} diff --git a/cpp/autosar/src/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMain.ql b/cpp/autosar/src/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanGlobalMain.ql similarity index 62% rename from cpp/autosar/src/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMain.ql rename to cpp/autosar/src/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanGlobalMain.ql index 9d86bd3637..d3876527d8 100644 --- a/cpp/autosar/src/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMain.ql +++ b/cpp/autosar/src/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanGlobalMain.ql @@ -1,5 +1,5 @@ /** - * @id cpp/autosar/identifier-main-used-for-a-function-other-than-the-global-function-main + * @id cpp/autosar/identifier-main-used-for-a-function-other-than-global-main * @name M7-3-2: The identifier main shall not be used for a function other than the global function main * @description Reusing the name main in non-main contexts can lead to developer confusion. * @kind problem @@ -15,11 +15,10 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.rules.nonglobalfunctionmain_shared.NonGlobalFunctionMain_shared -from Function f -where - not isExcluded(f, - NamingPackage::identifierMainUsedForAFunctionOtherThanTheGlobalFunctionMainQuery()) and - f.hasName("main") and - not f.hasGlobalName("main") -select f, "Identifier main used for a function other than the global function main." +class IdentifierMainUsedForAFunctionOtherThanGlobalMainQuery extends NonGlobalFunctionMain_sharedSharedQuery { + IdentifierMainUsedForAFunctionOtherThanGlobalMainQuery() { + this = NamingPackage::identifierMainUsedForAFunctionOtherThanGlobalMainQuery() + } +} diff --git a/cpp/autosar/src/rules/M7-5-1/FunctionReturnAutomaticVarCondition.ql b/cpp/autosar/src/rules/M7-5-1/FunctionReturnAutomaticVarCondition.ql index e35858f40b..bf94412b9a 100644 --- a/cpp/autosar/src/rules/M7-5-1/FunctionReturnAutomaticVarCondition.ql +++ b/cpp/autosar/src/rules/M7-5-1/FunctionReturnAutomaticVarCondition.ql @@ -16,19 +16,10 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.rules.returnreferenceorpointertoautomaticlocalvariable_shared.ReturnReferenceOrPointerToAutomaticLocalVariable_shared -from ReturnStmt rs, StackVariable auto, Function f, VariableAccess va, string returnType -where - f = rs.getEnclosingFunction() and - ( - f.getType() instanceof ReferenceType and va = rs.getExpr() and returnType = "reference" - or - f.getType() instanceof PointerType and - va = rs.getExpr().(AddressOfExpr).getOperand() and - returnType = "pointer" - ) and - auto = va.getTarget() and - not auto.isStatic() and - not f.isCompilerGenerated() and - not auto.getType() instanceof ReferenceType -select rs, "The $@ returns a " + returnType + "to an $@ variable", f, f.getName(), auto, "automatic" +class FunctionReturnAutomaticVarConditionQuery extends ReturnReferenceOrPointerToAutomaticLocalVariable_sharedSharedQuery { + FunctionReturnAutomaticVarConditionQuery() { + this = FunctionsPackage::functionReturnAutomaticVarConditionQuery() + } +} diff --git a/cpp/autosar/src/rules/M8-0-1/MultipleGlobalOrMemberDeclarators.ql b/cpp/autosar/src/rules/M8-0-1/MultipleGlobalOrMemberDeclarators.ql index 8d16fccd94..d99fcbe48f 100644 --- a/cpp/autosar/src/rules/M8-0-1/MultipleGlobalOrMemberDeclarators.ql +++ b/cpp/autosar/src/rules/M8-0-1/MultipleGlobalOrMemberDeclarators.ql @@ -16,57 +16,10 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.rules.multipleglobalormemberdeclarators_shared.MultipleGlobalOrMemberDeclarators_shared -/* - * Unfortunately, we do not have an equivalent of `DeclStmt` for non-local declarations, so we - * cannot determine whether a declaration was declared with another declaration. - * - * However, we can use location trickery to figure out if the declaration occurs close enough to - * another declaration that it _must_ have been declared within the same declaration sequence. - * - * We do this by requiring that the end location of a previous declaration is within a certain - * number of characters of the start location of the current declaration. - */ - -/** - * A `Declaration` which is not in a local scope, and is written directly by the user. - * - * These act as "candidates" for declarations that could plausibly occur in a declaration sequence - * with other candidates. - */ -class NonLocalUserDeclaration extends Declaration { - NonLocalUserDeclaration() { - not this instanceof StackVariable and - not this instanceof TemplateParameter and - not this instanceof EnumConstant and - not this instanceof TypedefType and - not any(LambdaCapture lc).getField() = this and - not this.(Function).isCompilerGenerated() and - not this.(Variable).isCompilerGenerated() and - not this.(Parameter).getFunction().isCompilerGenerated() and - not this.isInMacroExpansion() and - not exists(Struct s, TypedefType t | - s.isAnonymous() and - t.getBaseType() = s and - this = s.getAMemberVariable() - ) +class MultipleGlobalOrMemberDeclaratorsQuery extends MultipleGlobalOrMemberDeclarators_sharedSharedQuery { + MultipleGlobalOrMemberDeclaratorsQuery() { + this = InitializationPackage::multipleGlobalOrMemberDeclaratorsQuery() } } - -/** - * Holds if `d1` is followed directly by `d2`. - */ -predicate isFollowingDeclaration(NonLocalUserDeclaration d1, NonLocalUserDeclaration d2) { - exists(string filepath, int startline, int startcolumn, int endline, int endcolumn | - d1.getLocation().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) and - d2.getLocation().hasLocationInfo(filepath, startline, endcolumn + [2 .. 3], endline, _) - ) and - not d1.(UserType).stripType() = d2.(Variable).getType().stripType() -} - -from NonLocalUserDeclaration d1 -where - not isExcluded(d1, InitializationPackage::multipleGlobalOrMemberDeclaratorsQuery()) and - isFollowingDeclaration(d1, _) and - not isFollowingDeclaration(_, d1) -select d1, "Multiple declarations after " + d1.getName() + " in this declaration sequence." diff --git a/cpp/autosar/src/rules/M8-0-1/MultipleLocalDeclarators.ql b/cpp/autosar/src/rules/M8-0-1/MultipleLocalDeclarators.ql index 7545315b7e..a84832ceda 100644 --- a/cpp/autosar/src/rules/M8-0-1/MultipleLocalDeclarators.ql +++ b/cpp/autosar/src/rules/M8-0-1/MultipleLocalDeclarators.ql @@ -16,11 +16,10 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.rules.multiplelocaldeclarators_shared.MultipleLocalDeclarators_shared -from DeclStmt ds -where - not isExcluded(ds, InitializationPackage::multipleLocalDeclaratorsQuery()) and - count(Declaration d | d = ds.getADeclaration()) > 1 and - // Not a compiler generated `DeclStmt`, such as in the range-based for loop - not ds.isCompilerGenerated() -select ds, "Declaration list contains more than one declaration." +class MultipleLocalDeclaratorsQuery extends MultipleLocalDeclarators_sharedSharedQuery { + MultipleLocalDeclaratorsQuery() { + this = InitializationPackage::multipleLocalDeclaratorsQuery() + } +} diff --git a/cpp/autosar/src/rules/M8-3-1/VirtualFunctionParametersUseSameDefaultArguments.ql b/cpp/autosar/src/rules/M8-3-1/VirtualFunctionParametersUseSameDefaultArguments.ql new file mode 100644 index 0000000000..e5908a5520 --- /dev/null +++ b/cpp/autosar/src/rules/M8-3-1/VirtualFunctionParametersUseSameDefaultArguments.ql @@ -0,0 +1,25 @@ +/** + * @id cpp/autosar/virtual-function-parameters-use-same-default-arguments + * @name M8-3-1: Parameters in an overriding virtual function shall have the same default arguments or no default arguments + * @description Parameters in an overriding virtual function shall either use the same default + * arguments as the function they override, or else shall not specify any default + * arguments. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/autosar/id/m8-3-1 + * correctness + * external/autosar/allocated-target/implementation + * external/autosar/enforcement/automated + * external/autosar/obligation/required + */ + +import cpp +import codingstandards.cpp.autosar +import codingstandards.cpp.rules.overridingshallspecifydifferentdefaultarguments_shared.OverridingShallSpecifyDifferentDefaultArguments_shared + +class VirtualFunctionParametersUseSameDefaultArgumentsQuery extends OverridingShallSpecifyDifferentDefaultArguments_sharedSharedQuery { + VirtualFunctionParametersUseSameDefaultArgumentsQuery() { + this = VirtualFunctionsPackage::virtualFunctionParametersUseSameDefaultArgumentsQuery() + } +} diff --git a/cpp/autosar/src/rules/M8-3-1/VirtualFunctionParametersUseTheSameDefaultArguments.ql b/cpp/autosar/src/rules/M8-3-1/VirtualFunctionParametersUseTheSameDefaultArguments.ql deleted file mode 100644 index 9d2b2d2006..0000000000 --- a/cpp/autosar/src/rules/M8-3-1/VirtualFunctionParametersUseTheSameDefaultArguments.ql +++ /dev/null @@ -1,44 +0,0 @@ -/** - * @id cpp/autosar/virtual-function-parameters-use-the-same-default-arguments - * @name M8-3-1: Parameters in an overriding virtual function shall have the same default arguments or no default arguments - * @description Parameters in an overriding virtual function shall either use the same default - * arguments as the function they override, or else shall not specify any default - * arguments. - * @kind problem - * @precision very-high - * @problem.severity warning - * @tags external/autosar/id/m8-3-1 - * correctness - * external/autosar/allocated-target/implementation - * external/autosar/enforcement/automated - * external/autosar/obligation/required - */ - -import cpp -import codingstandards.cpp.autosar - -from VirtualFunction f1, VirtualFunction f2 -where - not isExcluded(f1, - VirtualFunctionsPackage::virtualFunctionParametersUseTheSameDefaultArgumentsQuery()) and - not isExcluded(f2, - VirtualFunctionsPackage::virtualFunctionParametersUseTheSameDefaultArgumentsQuery()) and - f2 = f1.getAnOverridingFunction() and - exists(Parameter p1, Parameter p2 | - p1 = f1.getAParameter() and - p2 = f2.getParameter(p1.getIndex()) - | - if p1.hasInitializer() - then - // if there is no initializer - not p2.hasInitializer() - or - // if there is one and it doesn't match - not p1.getInitializer().getExpr().getValueText() = - p2.getInitializer().getExpr().getValueText() - else - // if p1 doesn't have an initializer p2 shouldn't either - p2.hasInitializer() - ) -select f2, "$@ does not have the same default parameters as $@", f2, "overriding function", f1, - "overridden function" diff --git a/cpp/autosar/src/rules/M9-6-4/NamedBitFieldsWithSignedIntegerTypeShallHaveALengthOfMoreThanOneBit.ql b/cpp/autosar/src/rules/M9-6-4/NamedBitFieldsWithSignedIntegerTypeShallHaveALengthOfMoreThanOneBit.ql index 7748f26ec1..96e434633e 100644 --- a/cpp/autosar/src/rules/M9-6-4/NamedBitFieldsWithSignedIntegerTypeShallHaveALengthOfMoreThanOneBit.ql +++ b/cpp/autosar/src/rules/M9-6-4/NamedBitFieldsWithSignedIntegerTypeShallHaveALengthOfMoreThanOneBit.ql @@ -22,4 +22,4 @@ where bf.getType().getUnderlyingType().(IntegralType).isSigned() and bf.getNumBits() < 2 and bf.getName() != "(unnamed bitfield)" -select bf, "A named bit-field with signed integral type should have at least 2 bits of storage " +select bf, "A named bit-field with signed integral type should have at least 2 bits of storage." diff --git a/cpp/autosar/test/rules/A12-1-1/ExplicitConstructorBaseClassInitialization.qlref b/cpp/autosar/test/rules/A12-1-1/ExplicitConstructorBaseClassInitialization.qlref deleted file mode 100644 index 9d356add77..0000000000 --- a/cpp/autosar/test/rules/A12-1-1/ExplicitConstructorBaseClassInitialization.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/A12-1-1/ExplicitConstructorBaseClassInitialization.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A12-1-1/ExplicitConstructorBaseClassInitialization.testref b/cpp/autosar/test/rules/A12-1-1/ExplicitConstructorBaseClassInitialization.testref new file mode 100644 index 0000000000..1bf7e7fffb --- /dev/null +++ b/cpp/autosar/test/rules/A12-1-1/ExplicitConstructorBaseClassInitialization.testref @@ -0,0 +1 @@ +cpp/common/test/rules/initializeallvirtualbaseclasses_shared/InitializeAllVirtualBaseClasses_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A12-8-5/CopyAssignmentAndAMoveHandleSelfAssignment.qlref b/cpp/autosar/test/rules/A12-8-5/CopyAssignmentAndAMoveHandleSelfAssignment.qlref deleted file mode 100644 index 686462e15f..0000000000 --- a/cpp/autosar/test/rules/A12-8-5/CopyAssignmentAndAMoveHandleSelfAssignment.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/A12-8-5/CopyAssignmentAndAMoveHandleSelfAssignment.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A12-8-5/CopyAssignmentAndAMoveHandleSelfAssignment.testref b/cpp/autosar/test/rules/A12-8-5/CopyAssignmentAndAMoveHandleSelfAssignment.testref new file mode 100644 index 0000000000..23e38dba55 --- /dev/null +++ b/cpp/autosar/test/rules/A12-8-5/CopyAssignmentAndAMoveHandleSelfAssignment.testref @@ -0,0 +1 @@ +cpp/common/test/rules/copyandmoveassignmentsshallhandleselfassignment_shared/CopyAndMoveAssignmentsShallHandleSelfAssignment_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A14-8-2/ExplicitSpecializationsOfFunctionTemplatesUsed.qlref b/cpp/autosar/test/rules/A14-8-2/ExplicitSpecializationsOfFunctionTemplatesUsed.qlref deleted file mode 100644 index b2f19b3af3..0000000000 --- a/cpp/autosar/test/rules/A14-8-2/ExplicitSpecializationsOfFunctionTemplatesUsed.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/A14-8-2/ExplicitSpecializationsOfFunctionTemplatesUsed.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A14-8-2/ExplicitSpecializationsOfFunctionTemplatesUsed.testref b/cpp/autosar/test/rules/A14-8-2/ExplicitSpecializationsOfFunctionTemplatesUsed.testref new file mode 100644 index 0000000000..04c3f5a724 --- /dev/null +++ b/cpp/autosar/test/rules/A14-8-2/ExplicitSpecializationsOfFunctionTemplatesUsed.testref @@ -0,0 +1 @@ +cpp/common/test/rules/functiontemplatesexplicitlyspecialized_shared/FunctionTemplatesExplicitlySpecialized_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A15-1-2/PointerExceptionObject.qlref b/cpp/autosar/test/rules/A15-1-2/PointerExceptionObject.qlref deleted file mode 100644 index 68c8e7af9a..0000000000 --- a/cpp/autosar/test/rules/A15-1-2/PointerExceptionObject.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/A15-1-2/PointerExceptionObject.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A15-1-2/PointerExceptionObject.testref b/cpp/autosar/test/rules/A15-1-2/PointerExceptionObject.testref new file mode 100644 index 0000000000..41eabfe5a6 --- /dev/null +++ b/cpp/autosar/test/rules/A15-1-2/PointerExceptionObject.testref @@ -0,0 +1 @@ +cpp/common/test/rules/exceptionobjecthavepointertype_shared/ExceptionObjectHavePointerType_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A15-4-2/NoExceptFunctionThrows.qlref b/cpp/autosar/test/rules/A15-4-2/NoExceptFunctionThrows.qlref deleted file mode 100644 index 80fbc7365c..0000000000 --- a/cpp/autosar/test/rules/A15-4-2/NoExceptFunctionThrows.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/A15-4-2/NoExceptFunctionThrows.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A15-4-2/NoExceptFunctionThrows.testref b/cpp/autosar/test/rules/A15-4-2/NoExceptFunctionThrows.testref new file mode 100644 index 0000000000..089cce1ccf --- /dev/null +++ b/cpp/autosar/test/rules/A15-4-2/NoExceptFunctionThrows.testref @@ -0,0 +1 @@ +cpp/common/test/rules/noexceptfunctionshouldnotpropagatetothecaller_shared/NoexceptFunctionShouldNotPropagateToTheCaller_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A18-1-2/VectorboolSpecializationUsed.qlref b/cpp/autosar/test/rules/A18-1-2/VectorboolSpecializationUsed.qlref deleted file mode 100644 index 9f78cda4c6..0000000000 --- a/cpp/autosar/test/rules/A18-1-2/VectorboolSpecializationUsed.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/A18-1-2/VectorboolSpecializationUsed.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A18-1-2/VectorboolSpecializationUsed.testref b/cpp/autosar/test/rules/A18-1-2/VectorboolSpecializationUsed.testref new file mode 100644 index 0000000000..96d8385f5f --- /dev/null +++ b/cpp/autosar/test/rules/A18-1-2/VectorboolSpecializationUsed.testref @@ -0,0 +1 @@ +cpp/common/test/rules/vectorshouldnotbespecializedwithbool_shared/VectorShouldNotBeSpecializedWithBool_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A18-5-4/GlobalSizedOperatorDeleteNotDefined.qlref b/cpp/autosar/test/rules/A18-5-4/GlobalSizedOperatorDeleteNotDefined.qlref deleted file mode 100644 index 1f1e8258e4..0000000000 --- a/cpp/autosar/test/rules/A18-5-4/GlobalSizedOperatorDeleteNotDefined.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/A18-5-4/GlobalSizedOperatorDeleteNotDefined.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A18-5-4/GlobalSizedOperatorDeleteNotDefined.testref b/cpp/autosar/test/rules/A18-5-4/GlobalSizedOperatorDeleteNotDefined.testref new file mode 100644 index 0000000000..bd7e582a38 --- /dev/null +++ b/cpp/autosar/test/rules/A18-5-4/GlobalSizedOperatorDeleteNotDefined.testref @@ -0,0 +1 @@ +cpp/common/test/rules/globalsizedoperatordeletenotdefined_shared/GlobalSizedOperatorDeleteNotDefined_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A18-5-4/GlobalUnsizedOperatorDeleteNotDefined.expected b/cpp/autosar/test/rules/A18-5-4/GlobalUnsizedOperatorDeleteNotDefined.expected deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/cpp/autosar/test/rules/A18-5-4/GlobalUnsizedOperatorDeleteNotDefined.qlref b/cpp/autosar/test/rules/A18-5-4/GlobalUnsizedOperatorDeleteNotDefined.qlref deleted file mode 100644 index 04cc5622dd..0000000000 --- a/cpp/autosar/test/rules/A18-5-4/GlobalUnsizedOperatorDeleteNotDefined.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/A18-5-4/GlobalUnsizedOperatorDeleteNotDefined.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A18-5-4/GlobalUnsizedOperatorDeleteNotDefined.testref b/cpp/autosar/test/rules/A18-5-4/GlobalUnsizedOperatorDeleteNotDefined.testref new file mode 100644 index 0000000000..781d037067 --- /dev/null +++ b/cpp/autosar/test/rules/A18-5-4/GlobalUnsizedOperatorDeleteNotDefined.testref @@ -0,0 +1 @@ +cpp/common/test/rules/globalunsizedoperatordeletenotdefined_shared/GlobalUnsizedOperatorDeleteNotDefined_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A18-9-2/ForwardingValuesToOtherFunctions.qlref b/cpp/autosar/test/rules/A18-9-2/ForwardingValuesToOtherFunctions.qlref deleted file mode 100644 index 05bcab607a..0000000000 --- a/cpp/autosar/test/rules/A18-9-2/ForwardingValuesToOtherFunctions.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/A18-9-2/ForwardingValuesToOtherFunctions.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A18-9-2/ForwardingValuesToOtherFunctions.testref b/cpp/autosar/test/rules/A18-9-2/ForwardingValuesToOtherFunctions.testref new file mode 100644 index 0000000000..16fd01273f --- /dev/null +++ b/cpp/autosar/test/rules/A18-9-2/ForwardingValuesToOtherFunctions.testref @@ -0,0 +1 @@ +cpp/common/test/rules/forwardingreferencesandforwardnotusedtogether_shared/ForwardingReferencesAndForwardNotUsedTogether_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A2-13-1/EscapeSequenceOutsideISO.qlref b/cpp/autosar/test/rules/A2-13-1/EscapeSequenceOutsideISO.qlref deleted file mode 100644 index ce6347c955..0000000000 --- a/cpp/autosar/test/rules/A2-13-1/EscapeSequenceOutsideISO.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/A2-13-1/EscapeSequenceOutsideISO.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A2-13-1/EscapeSequenceOutsideISO.testref b/cpp/autosar/test/rules/A2-13-1/EscapeSequenceOutsideISO.testref new file mode 100644 index 0000000000..a257ad6ab7 --- /dev/null +++ b/cpp/autosar/test/rules/A2-13-1/EscapeSequenceOutsideISO.testref @@ -0,0 +1 @@ +cpp/common/test/rules/backslashcharactermisuse_shared/BackslashCharacterMisuse_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A2-7-1/SingleLineCommentEndsWithSlash.qlref b/cpp/autosar/test/rules/A2-7-1/SingleLineCommentEndsWithSlash.qlref deleted file mode 100644 index 876f24be61..0000000000 --- a/cpp/autosar/test/rules/A2-7-1/SingleLineCommentEndsWithSlash.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/A2-7-1/SingleLineCommentEndsWithSlash.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A2-7-1/SingleLineCommentEndsWithSlash.testref b/cpp/autosar/test/rules/A2-7-1/SingleLineCommentEndsWithSlash.testref new file mode 100644 index 0000000000..d4f66ed35e --- /dev/null +++ b/cpp/autosar/test/rules/A2-7-1/SingleLineCommentEndsWithSlash.testref @@ -0,0 +1 @@ +cpp/common/test/rules/linesplicingusedincomments_shared/LineSplicingUsedInComments_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A4-10-1/NullPointerConstantNotNullptr.qlref b/cpp/autosar/test/rules/A4-10-1/NullPointerConstantNotNullptr.qlref deleted file mode 100644 index d836b834b3..0000000000 --- a/cpp/autosar/test/rules/A4-10-1/NullPointerConstantNotNullptr.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/A4-10-1/NullPointerConstantNotNullptr.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A4-10-1/NullPointerConstantNotNullptr.testref b/cpp/autosar/test/rules/A4-10-1/NullPointerConstantNotNullptr.testref new file mode 100644 index 0000000000..495d8eddba --- /dev/null +++ b/cpp/autosar/test/rules/A4-10-1/NullPointerConstantNotNullptr.testref @@ -0,0 +1 @@ +cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A5-10-1/PointerToMemberVirtualFunctionWithNullPointerConstant.qlref b/cpp/autosar/test/rules/A5-10-1/PointerToMemberVirtualFunctionWithNullPointerConstant.qlref deleted file mode 100644 index 5f588b44ab..0000000000 --- a/cpp/autosar/test/rules/A5-10-1/PointerToMemberVirtualFunctionWithNullPointerConstant.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/A5-10-1/PointerToMemberVirtualFunctionWithNullPointerConstant.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A5-10-1/PointerToMemberVirtualFunctionWithNullPointerConstant.testref b/cpp/autosar/test/rules/A5-10-1/PointerToMemberVirtualFunctionWithNullPointerConstant.testref new file mode 100644 index 0000000000..2a9e8b2eef --- /dev/null +++ b/cpp/autosar/test/rules/A5-10-1/PointerToMemberVirtualFunctionWithNullPointerConstant.testref @@ -0,0 +1 @@ +cpp/common/test/rules/potentiallyvirtualpointeronlycomparestonullptr_shared/PotentiallyVirtualPointerOnlyComparesToNullptr_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A5-10-1/PotentiallyVirtualPointerOnlyComparesToNullptr.testref b/cpp/autosar/test/rules/A5-10-1/PotentiallyVirtualPointerOnlyComparesToNullptr.testref new file mode 100644 index 0000000000..2a9e8b2eef --- /dev/null +++ b/cpp/autosar/test/rules/A5-10-1/PotentiallyVirtualPointerOnlyComparesToNullptr.testref @@ -0,0 +1 @@ +cpp/common/test/rules/potentiallyvirtualpointeronlycomparestonullptr_shared/PotentiallyVirtualPointerOnlyComparesToNullptr_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A5-10-1/VirtualPointerOnlyComparesToNullptrConstant.testref b/cpp/autosar/test/rules/A5-10-1/VirtualPointerOnlyComparesToNullptrConstant.testref new file mode 100644 index 0000000000..2a9e8b2eef --- /dev/null +++ b/cpp/autosar/test/rules/A5-10-1/VirtualPointerOnlyComparesToNullptrConstant.testref @@ -0,0 +1 @@ +cpp/common/test/rules/potentiallyvirtualpointeronlycomparestonullptr_shared/PotentiallyVirtualPointerOnlyComparesToNullptr_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A5-2-4/ReinterpretCastUsed.qlref b/cpp/autosar/test/rules/A5-2-4/ReinterpretCastUsed.qlref deleted file mode 100644 index 3cfb0444cc..0000000000 --- a/cpp/autosar/test/rules/A5-2-4/ReinterpretCastUsed.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/A5-2-4/ReinterpretCastUsed.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A5-2-4/ReinterpretCastUsed.testref b/cpp/autosar/test/rules/A5-2-4/ReinterpretCastUsed.testref new file mode 100644 index 0000000000..a553240f19 --- /dev/null +++ b/cpp/autosar/test/rules/A5-2-4/ReinterpretCastUsed.testref @@ -0,0 +1 @@ +cpp/common/test/rules/reinterpretcastused_shared/ReinterpretCastUsed_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A6-6-1/GotoStatementUsed.expected b/cpp/autosar/test/rules/A6-6-1/GotoStatementUsed.expected deleted file mode 100644 index 9f4343cf1c..0000000000 --- a/cpp/autosar/test/rules/A6-6-1/GotoStatementUsed.expected +++ /dev/null @@ -1 +0,0 @@ -| test.cpp:4:3:4:14 | goto ... | Use of goto. | diff --git a/cpp/autosar/test/rules/A6-6-1/GotoStatementUsed.qlref b/cpp/autosar/test/rules/A6-6-1/GotoStatementUsed.qlref deleted file mode 100644 index d3516aa03b..0000000000 --- a/cpp/autosar/test/rules/A6-6-1/GotoStatementUsed.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/A6-6-1/GotoStatementUsed.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A6-6-1/GotoStatementUsed.testref b/cpp/autosar/test/rules/A6-6-1/GotoStatementUsed.testref new file mode 100644 index 0000000000..3f2f4508b1 --- /dev/null +++ b/cpp/autosar/test/rules/A6-6-1/GotoStatementUsed.testref @@ -0,0 +1 @@ +cpp/common/test/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A6-6-1/test.cpp b/cpp/autosar/test/rules/A6-6-1/test.cpp deleted file mode 100644 index d13f01961c..0000000000 --- a/cpp/autosar/test/rules/A6-6-1/test.cpp +++ /dev/null @@ -1,9 +0,0 @@ -void test_goto() { - int x = 1; - - goto label1; // NON_COMPLIANT - -label1: - - x = 2; -} \ No newline at end of file diff --git a/cpp/autosar/test/rules/A7-2-2/EnumerationUnderlyingBaseTypeNotExplicitlyDefined.qlref b/cpp/autosar/test/rules/A7-2-2/EnumerationUnderlyingBaseTypeNotExplicitlyDefined.qlref deleted file mode 100644 index 1ed510a506..0000000000 --- a/cpp/autosar/test/rules/A7-2-2/EnumerationUnderlyingBaseTypeNotExplicitlyDefined.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/A7-2-2/EnumerationUnderlyingBaseTypeNotExplicitlyDefined.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A7-2-2/EnumerationUnderlyingBaseTypeNotExplicitlyDefined.testref b/cpp/autosar/test/rules/A7-2-2/EnumerationUnderlyingBaseTypeNotExplicitlyDefined.testref new file mode 100644 index 0000000000..d7a73fd488 --- /dev/null +++ b/cpp/autosar/test/rules/A7-2-2/EnumerationUnderlyingBaseTypeNotExplicitlyDefined.testref @@ -0,0 +1 @@ +cpp/common/test/rules/enumerationnotdefinedwithanexplicitunderlyingtype/EnumerationNotDefinedWithAnExplicitUnderlyingType.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.qlref b/cpp/autosar/test/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.qlref deleted file mode 100644 index 0fe94e847c..0000000000 --- a/cpp/autosar/test/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.testref b/cpp/autosar/test/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.testref new file mode 100644 index 0000000000..3b04b2950f --- /dev/null +++ b/cpp/autosar/test/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.testref @@ -0,0 +1 @@ +cpp/common/test/rules/definitionnotconsideredforunqualifiedlookup_shared/DefinitionNotConsideredForUnqualifiedLookup_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.qlref b/cpp/autosar/test/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.qlref deleted file mode 100644 index d94c3c0b0a..0000000000 --- a/cpp/autosar/test/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.testref b/cpp/autosar/test/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.testref new file mode 100644 index 0000000000..371b80ead3 --- /dev/null +++ b/cpp/autosar/test/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.testref @@ -0,0 +1 @@ +cpp/common/test/rules/hiddeninheritednonoverridablememberfunction_shared/HiddenInheritedNonOverridableMemberFunction_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A7-3-1/HiddenInheritedOverridableMemberFunction.qlref b/cpp/autosar/test/rules/A7-3-1/HiddenInheritedOverridableMemberFunction.qlref deleted file mode 100644 index 57d16c4e90..0000000000 --- a/cpp/autosar/test/rules/A7-3-1/HiddenInheritedOverridableMemberFunction.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/A7-3-1/HiddenInheritedOverridableMemberFunction.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A7-3-1/HiddenInheritedOverridableMemberFunction.testref b/cpp/autosar/test/rules/A7-3-1/HiddenInheritedOverridableMemberFunction.testref new file mode 100644 index 0000000000..3fcc2ed7e7 --- /dev/null +++ b/cpp/autosar/test/rules/A7-3-1/HiddenInheritedOverridableMemberFunction.testref @@ -0,0 +1 @@ +cpp/common/test/rules/hiddeninheritedoverridablememberfunction_shared/HiddenInheritedOverridableMemberFunction_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A7-4-1/AsmDeclarationUsed.qlref b/cpp/autosar/test/rules/A7-4-1/AsmDeclarationUsed.qlref deleted file mode 100644 index 286e62bd18..0000000000 --- a/cpp/autosar/test/rules/A7-4-1/AsmDeclarationUsed.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/A7-4-1/AsmDeclarationUsed.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A7-4-1/AsmDeclarationUsed.testref b/cpp/autosar/test/rules/A7-4-1/AsmDeclarationUsed.testref new file mode 100644 index 0000000000..d0a190a3eb --- /dev/null +++ b/cpp/autosar/test/rules/A7-4-1/AsmDeclarationUsed.testref @@ -0,0 +1 @@ +cpp/common/test/rules/asmdeclarationused_shared/AsmDeclarationUsed_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A7-5-2/RecursiveFunctions.qlref b/cpp/autosar/test/rules/A7-5-2/RecursiveFunctions.qlref deleted file mode 100644 index 10fccea7f7..0000000000 --- a/cpp/autosar/test/rules/A7-5-2/RecursiveFunctions.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/A7-5-2/RecursiveFunctions.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A7-5-2/RecursiveFunctions.testref b/cpp/autosar/test/rules/A7-5-2/RecursiveFunctions.testref new file mode 100644 index 0000000000..1ebf3d5742 --- /dev/null +++ b/cpp/autosar/test/rules/A7-5-2/RecursiveFunctions.testref @@ -0,0 +1 @@ +cpp/common/test/rules/functionscallthemselveseitherdirectlyorindirectly_shared/FunctionsCallThemselvesEitherDirectlyOrIndirectly_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A8-5-4/ConfusingUseOfInitializerListConstructors.qlref b/cpp/autosar/test/rules/A8-5-4/ConfusingUseOfInitializerListConstructors.qlref deleted file mode 100644 index eb351d9e36..0000000000 --- a/cpp/autosar/test/rules/A8-5-4/ConfusingUseOfInitializerListConstructors.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/A8-5-4/ConfusingUseOfInitializerListConstructors.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A8-5-4/ConfusingUseOfInitializerListConstructors.testref b/cpp/autosar/test/rules/A8-5-4/ConfusingUseOfInitializerListConstructors.testref new file mode 100644 index 0000000000..b9075dec6f --- /dev/null +++ b/cpp/autosar/test/rules/A8-5-4/ConfusingUseOfInitializerListConstructors.testref @@ -0,0 +1 @@ +cpp/common/test/rules/initializerlistconstructoristheonlyconstructor_shared/InitializerListConstructorIsTheOnlyConstructor_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtual.testref b/cpp/autosar/test/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtual.testref new file mode 100644 index 0000000000..966337628d --- /dev/null +++ b/cpp/autosar/test/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtual.testref @@ -0,0 +1 @@ +cpp/common/test/rules/virtualandnonvirtualclassinthehierarchy_shared/VirtualAndNonVirtualClassInTheHierarchy_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtualInHierarchy.qlref b/cpp/autosar/test/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtualInHierarchy.qlref deleted file mode 100644 index 208baa8d08..0000000000 --- a/cpp/autosar/test/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtualInHierarchy.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtualInHierarchy.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtualInHierarchy.testref b/cpp/autosar/test/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtualInHierarchy.testref new file mode 100644 index 0000000000..966337628d --- /dev/null +++ b/cpp/autosar/test/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtualInHierarchy.testref @@ -0,0 +1 @@ +cpp/common/test/rules/virtualandnonvirtualclassinthehierarchy_shared/VirtualAndNonVirtualClassInTheHierarchy_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M12-1-1/DynamicTypeOfThisUsedFromConstructorOrDestructor.qlref b/cpp/autosar/test/rules/M12-1-1/DynamicTypeOfThisUsedFromConstructorOrDestructor.qlref deleted file mode 100644 index 4235959d77..0000000000 --- a/cpp/autosar/test/rules/M12-1-1/DynamicTypeOfThisUsedFromConstructorOrDestructor.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M12-1-1/DynamicTypeOfThisUsedFromConstructorOrDestructor.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M12-1-1/DynamicTypeOfThisUsedFromConstructorOrDestructor.testref b/cpp/autosar/test/rules/M12-1-1/DynamicTypeOfThisUsedFromConstructorOrDestructor.testref new file mode 100644 index 0000000000..985c209460 --- /dev/null +++ b/cpp/autosar/test/rules/M12-1-1/DynamicTypeOfThisUsedFromConstructorOrDestructor.testref @@ -0,0 +1 @@ +cpp/common/test/rules/objectsdynamictypeusedfromconstructorordestructor_shared/ObjectsDynamicTypeUsedFromConstructorOrDestructor_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.qlref b/cpp/autosar/test/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.qlref deleted file mode 100644 index f0e2ebd711..0000000000 --- a/cpp/autosar/test/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.testref b/cpp/autosar/test/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.testref new file mode 100644 index 0000000000..34df16815b --- /dev/null +++ b/cpp/autosar/test/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.testref @@ -0,0 +1 @@ +cpp/common/test/rules/namenotreferredusingaqualifiedidorthis_shared/NameNotReferredUsingAQualifiedIdOrThis_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.qlref b/cpp/autosar/test/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.qlref deleted file mode 100644 index 442eb62675..0000000000 --- a/cpp/autosar/test/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.testref b/cpp/autosar/test/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.testref new file mode 100644 index 0000000000..0bef5586dd --- /dev/null +++ b/cpp/autosar/test/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.testref @@ -0,0 +1 @@ +cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit_shared/NameNotReferredUsingAQualifiedIdOrThisAudit_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M15-1-3/EmptyThrowOutsideCatch.qlref b/cpp/autosar/test/rules/M15-1-3/EmptyThrowOutsideCatch.qlref deleted file mode 100644 index 3643376e59..0000000000 --- a/cpp/autosar/test/rules/M15-1-3/EmptyThrowOutsideCatch.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M15-1-3/EmptyThrowOutsideCatch.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M15-1-3/EmptyThrowOutsideCatch.testref b/cpp/autosar/test/rules/M15-1-3/EmptyThrowOutsideCatch.testref new file mode 100644 index 0000000000..01a7dde1dd --- /dev/null +++ b/cpp/autosar/test/rules/M15-1-3/EmptyThrowOutsideCatch.testref @@ -0,0 +1 @@ +cpp/common/test/rules/emptythrowonlywithinacatchhandler_shared/EmptyThrowOnlyWithinACatchHandler_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.qlref b/cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.qlref deleted file mode 100644 index a69e18549f..0000000000 --- a/cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M18-2-1/MacroOffsetofUsed.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.testref b/cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.testref new file mode 100644 index 0000000000..f53f8d6f9f --- /dev/null +++ b/cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.testref @@ -0,0 +1 @@ +cpp/common/test/rules/macrooffsetofused_shared/MacroOffsetofUsed_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M18-7-1/CsignalFunctionsUsed.qlref b/cpp/autosar/test/rules/M18-7-1/CsignalFunctionsUsed.qlref deleted file mode 100644 index 445ccd5bd4..0000000000 --- a/cpp/autosar/test/rules/M18-7-1/CsignalFunctionsUsed.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M18-7-1/CsignalFunctionsUsed.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M18-7-1/CsignalFunctionsUsed.testref b/cpp/autosar/test/rules/M18-7-1/CsignalFunctionsUsed.testref new file mode 100644 index 0000000000..b48ce80edb --- /dev/null +++ b/cpp/autosar/test/rules/M18-7-1/CsignalFunctionsUsed.testref @@ -0,0 +1 @@ +cpp/common/test/rules/csignalfunctionsused_shared/CsignalFunctionsUsed_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M18-7-1/CsignalTypesUsed.qlref b/cpp/autosar/test/rules/M18-7-1/CsignalTypesUsed.qlref deleted file mode 100644 index 34c83d741a..0000000000 --- a/cpp/autosar/test/rules/M18-7-1/CsignalTypesUsed.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M18-7-1/CsignalTypesUsed.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M18-7-1/CsignalTypesUsed.testref b/cpp/autosar/test/rules/M18-7-1/CsignalTypesUsed.testref new file mode 100644 index 0000000000..3ea4c7008d --- /dev/null +++ b/cpp/autosar/test/rules/M18-7-1/CsignalTypesUsed.testref @@ -0,0 +1 @@ +cpp/common/test/rules/csignaltypesused_shared/CsignalTypesUsed_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M2-13-2/UseOfNonZeroOctalEscape.expected b/cpp/autosar/test/rules/M2-13-2/UseOfNonZeroOctalEscape.expected deleted file mode 100644 index 17a0016fec..0000000000 --- a/cpp/autosar/test/rules/M2-13-2/UseOfNonZeroOctalEscape.expected +++ /dev/null @@ -1,6 +0,0 @@ -| test.cpp:3:3:3:8 | 10 | This literal contains the non-zero octal escape code \\012. | -| test.cpp:4:3:4:8 | 44 | This literal contains the non-zero octal escape code \\054. | -| test.cpp:5:3:5:9 | 3129 | This literal contains the non-zero octal escape code \\014. | -| test.cpp:10:3:10:8 | \n | This literal contains the non-zero octal escape code \\012. | -| test.cpp:11:3:11:8 | , | This literal contains the non-zero octal escape code \\054. | -| test.cpp:12:3:12:9 | \u000c9 | This literal contains the non-zero octal escape code \\014. | diff --git a/cpp/autosar/test/rules/M2-13-2/UseOfNonZeroOctalEscape.qlref b/cpp/autosar/test/rules/M2-13-2/UseOfNonZeroOctalEscape.qlref deleted file mode 100644 index f2ff9c2aef..0000000000 --- a/cpp/autosar/test/rules/M2-13-2/UseOfNonZeroOctalEscape.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M2-13-2/UseOfNonZeroOctalEscape.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M2-13-2/UseOfNonZeroOctalLiteral.qlref b/cpp/autosar/test/rules/M2-13-2/UseOfNonZeroOctalLiteral.qlref deleted file mode 100644 index 67900e54f7..0000000000 --- a/cpp/autosar/test/rules/M2-13-2/UseOfNonZeroOctalLiteral.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M2-13-2/UseOfNonZeroOctalLiteral.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M2-13-2/UseOfNonZeroOctalLiteral.testref b/cpp/autosar/test/rules/M2-13-2/UseOfNonZeroOctalLiteral.testref new file mode 100644 index 0000000000..5b23b86826 --- /dev/null +++ b/cpp/autosar/test/rules/M2-13-2/UseOfNonZeroOctalLiteral.testref @@ -0,0 +1 @@ +cpp/common/test/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M2-13-3/MissingUSuffix.qlref b/cpp/autosar/test/rules/M2-13-3/MissingUSuffix.qlref deleted file mode 100644 index ffb71066d5..0000000000 --- a/cpp/autosar/test/rules/M2-13-3/MissingUSuffix.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M2-13-3/MissingUSuffix.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M2-13-3/MissingUSuffix.testref b/cpp/autosar/test/rules/M2-13-3/MissingUSuffix.testref new file mode 100644 index 0000000000..1a58c1eee1 --- /dev/null +++ b/cpp/autosar/test/rules/M2-13-3/MissingUSuffix.testref @@ -0,0 +1 @@ +cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed_shared/UnsignedIntegerLiteralsNotAppropriatelySuffixed_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M2-7-1/SlashStarUsedWithinACStyleComment.qlref b/cpp/autosar/test/rules/M2-7-1/SlashStarUsedWithinACStyleComment.qlref deleted file mode 100644 index 3f146ebeaf..0000000000 --- a/cpp/autosar/test/rules/M2-7-1/SlashStarUsedWithinACStyleComment.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M2-7-1/SlashStarUsedWithinACStyleComment.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M2-7-1/SlashStarUsedWithinACStyleComment.testref b/cpp/autosar/test/rules/M2-7-1/SlashStarUsedWithinACStyleComment.testref new file mode 100644 index 0000000000..8073a976cd --- /dev/null +++ b/cpp/autosar/test/rules/M2-7-1/SlashStarUsedWithinACStyleComment.testref @@ -0,0 +1 @@ +cpp/common/test/rules/charactersequenceusedwithinacstylecomment_shared/CharacterSequenceUsedWithinACStyleComment_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M27-0-1/CstdioFunctionsUsed.qlref b/cpp/autosar/test/rules/M27-0-1/CstdioFunctionsUsed.qlref deleted file mode 100644 index 7d97c146c9..0000000000 --- a/cpp/autosar/test/rules/M27-0-1/CstdioFunctionsUsed.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M27-0-1/CstdioFunctionsUsed.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M27-0-1/CstdioFunctionsUsed.testref b/cpp/autosar/test/rules/M27-0-1/CstdioFunctionsUsed.testref new file mode 100644 index 0000000000..595b7fcffa --- /dev/null +++ b/cpp/autosar/test/rules/M27-0-1/CstdioFunctionsUsed.testref @@ -0,0 +1 @@ +cpp/common/test/rules/cstdiofunctionsused_shared/CstdioFunctionsUsed_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M27-0-1/CstdioMacrosUsed.qlref b/cpp/autosar/test/rules/M27-0-1/CstdioMacrosUsed.qlref deleted file mode 100644 index 20bf876eba..0000000000 --- a/cpp/autosar/test/rules/M27-0-1/CstdioMacrosUsed.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M27-0-1/CstdioMacrosUsed.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M27-0-1/CstdioMacrosUsed.testref b/cpp/autosar/test/rules/M27-0-1/CstdioMacrosUsed.testref new file mode 100644 index 0000000000..8bc3a8fcde --- /dev/null +++ b/cpp/autosar/test/rules/M27-0-1/CstdioMacrosUsed.testref @@ -0,0 +1 @@ +cpp/common/test/rules/cstdiomacrosused_shared/CstdioMacrosUsed_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M27-0-1/CstdioTypesUsed.qlref b/cpp/autosar/test/rules/M27-0-1/CstdioTypesUsed.qlref deleted file mode 100644 index 10beab7eaa..0000000000 --- a/cpp/autosar/test/rules/M27-0-1/CstdioTypesUsed.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M27-0-1/CstdioTypesUsed.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M27-0-1/CstdioTypesUsed.testref b/cpp/autosar/test/rules/M27-0-1/CstdioTypesUsed.testref new file mode 100644 index 0000000000..4020d6427e --- /dev/null +++ b/cpp/autosar/test/rules/M27-0-1/CstdioTypesUsed.testref @@ -0,0 +1 @@ +cpp/common/test/rules/cstdiotypesused_shared/CstdioTypesUsed_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M5-2-12/IdentifierPassedAsFunctionArgumentDecayToAPointer.testref b/cpp/autosar/test/rules/M5-2-12/IdentifierPassedAsFunctionArgumentDecayToAPointer.testref new file mode 100644 index 0000000000..97edef0af2 --- /dev/null +++ b/cpp/autosar/test/rules/M5-2-12/IdentifierPassedAsFunctionArgumentDecayToAPointer.testref @@ -0,0 +1 @@ +cpp/common/test/rules/arraypassedasfunctionargumentdecaytoapointer_shared/ArrayPassedAsFunctionArgumentDecayToAPointer_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M5-2-12/IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointer.qlref b/cpp/autosar/test/rules/M5-2-12/IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointer.qlref deleted file mode 100644 index 3a513b4cbe..0000000000 --- a/cpp/autosar/test/rules/M5-2-12/IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointer.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M5-2-12/IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointer.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M5-2-6/CastNotConvertPointerToFunction.expected b/cpp/autosar/test/rules/M5-2-6/CastNotConvertPointerToFunction.expected deleted file mode 100644 index 63c33f26d7..0000000000 --- a/cpp/autosar/test/rules/M5-2-6/CastNotConvertPointerToFunction.expected +++ /dev/null @@ -1,2 +0,0 @@ -| test.cpp:2:3:2:34 | reinterpret_cast<..(*)(..)>... | Cast converting a pointer to function. | -| test.cpp:3:3:3:30 | reinterpret_cast... | Cast converting a pointer to function. | diff --git a/cpp/autosar/test/rules/M5-2-6/CastNotConvertPointerToFunction.qlref b/cpp/autosar/test/rules/M5-2-6/CastNotConvertPointerToFunction.qlref deleted file mode 100644 index 7f4d4c1161..0000000000 --- a/cpp/autosar/test/rules/M5-2-6/CastNotConvertPointerToFunction.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M5-2-6/CastNotConvertPointerToFunction.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M5-2-6/CastNotConvertPointerToFunction.testref b/cpp/autosar/test/rules/M5-2-6/CastNotConvertPointerToFunction.testref new file mode 100644 index 0000000000..5eeeea570a --- /dev/null +++ b/cpp/autosar/test/rules/M5-2-6/CastNotConvertPointerToFunction.testref @@ -0,0 +1 @@ +cpp/common/test/rules/castsbetweenapointertofunctionandanyothertype_shared/CastsBetweenAPointerToFunctionAndAnyOtherType_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M5-3-2/UnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsigned.qlref b/cpp/autosar/test/rules/M5-3-2/UnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsigned.qlref deleted file mode 100644 index 37d8a72ce5..0000000000 --- a/cpp/autosar/test/rules/M5-3-2/UnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsigned.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M5-3-2/UnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsigned.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M5-3-2/UnaryMinusOperatorAppliedToAnUnsignedExpression.testref b/cpp/autosar/test/rules/M5-3-2/UnaryMinusOperatorAppliedToAnUnsignedExpression.testref new file mode 100644 index 0000000000..48a20b03f1 --- /dev/null +++ b/cpp/autosar/test/rules/M5-3-2/UnaryMinusOperatorAppliedToAnUnsignedExpression.testref @@ -0,0 +1 @@ +cpp/common/test/rules/builtinunaryoperatorappliedtounsignedexpression_shared/BuiltInUnaryOperatorAppliedToUnsignedExpression_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M5-3-3/UnaryOperatorOverloaded.qlref b/cpp/autosar/test/rules/M5-3-3/UnaryOperatorOverloaded.qlref deleted file mode 100644 index 9e6cb1d0f8..0000000000 --- a/cpp/autosar/test/rules/M5-3-3/UnaryOperatorOverloaded.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M5-3-3/UnaryOperatorOverloaded.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M5-3-3/UnaryOperatorOverloaded.testref b/cpp/autosar/test/rules/M5-3-3/UnaryOperatorOverloaded.testref new file mode 100644 index 0000000000..f9c1d69467 --- /dev/null +++ b/cpp/autosar/test/rules/M5-3-3/UnaryOperatorOverloaded.testref @@ -0,0 +1 @@ +cpp/common/test/rules/addressofoperatoroverloaded_shared/AddressOfOperatorOverloaded_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M6-3-1/LoopCompoundCondition.qlref b/cpp/autosar/test/rules/M6-3-1/LoopCompoundCondition.qlref deleted file mode 100644 index 4ee6239a13..0000000000 --- a/cpp/autosar/test/rules/M6-3-1/LoopCompoundCondition.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M6-3-1/LoopCompoundCondition.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M6-3-1/LoopCompoundCondition.testref b/cpp/autosar/test/rules/M6-3-1/LoopCompoundCondition.testref new file mode 100644 index 0000000000..e301b04020 --- /dev/null +++ b/cpp/autosar/test/rules/M6-3-1/LoopCompoundCondition.testref @@ -0,0 +1 @@ +cpp/common/test/rules/loopcompoundcondition_shared/LoopCompoundCondition_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M6-3-1/SwitchCompoundCondition.qlref b/cpp/autosar/test/rules/M6-3-1/SwitchCompoundCondition.qlref deleted file mode 100644 index eff312aa30..0000000000 --- a/cpp/autosar/test/rules/M6-3-1/SwitchCompoundCondition.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M6-3-1/SwitchCompoundCondition.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M6-3-1/SwitchCompoundCondition.testref b/cpp/autosar/test/rules/M6-3-1/SwitchCompoundCondition.testref new file mode 100644 index 0000000000..e48ef207a0 --- /dev/null +++ b/cpp/autosar/test/rules/M6-3-1/SwitchCompoundCondition.testref @@ -0,0 +1 @@ +cpp/common/test/rules/switchcompoundcondition_shared/SwitchCompoundCondition_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M7-3-1/GlobalNamespaceMembershipViolation.testref b/cpp/autosar/test/rules/M7-3-1/GlobalNamespaceMembershipViolation.testref new file mode 100644 index 0000000000..93764c480e --- /dev/null +++ b/cpp/autosar/test/rules/M7-3-1/GlobalNamespaceMembershipViolation.testref @@ -0,0 +1 @@ +cpp/common/test/rules/globalnamespacedeclarations_shared/GlobalNamespaceDeclarations_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanGlobalMain.testref b/cpp/autosar/test/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanGlobalMain.testref new file mode 100644 index 0000000000..528412284f --- /dev/null +++ b/cpp/autosar/test/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanGlobalMain.testref @@ -0,0 +1 @@ +cpp/common/test/rules/nonglobalfunctionmain_shared/NonGlobalFunctionMain_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMain.qlref b/cpp/autosar/test/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMain.qlref deleted file mode 100644 index 36bc86bb79..0000000000 --- a/cpp/autosar/test/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMain.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMain.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMain.testref b/cpp/autosar/test/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMain.testref new file mode 100644 index 0000000000..528412284f --- /dev/null +++ b/cpp/autosar/test/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMain.testref @@ -0,0 +1 @@ +cpp/common/test/rules/nonglobalfunctionmain_shared/NonGlobalFunctionMain_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M7-5-1/FunctionReturnAutomaticVarCondition.qlref b/cpp/autosar/test/rules/M7-5-1/FunctionReturnAutomaticVarCondition.qlref deleted file mode 100644 index 4cb410e095..0000000000 --- a/cpp/autosar/test/rules/M7-5-1/FunctionReturnAutomaticVarCondition.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M7-5-1/FunctionReturnAutomaticVarCondition.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M7-5-1/FunctionReturnAutomaticVarCondition.testref b/cpp/autosar/test/rules/M7-5-1/FunctionReturnAutomaticVarCondition.testref new file mode 100644 index 0000000000..676e414381 --- /dev/null +++ b/cpp/autosar/test/rules/M7-5-1/FunctionReturnAutomaticVarCondition.testref @@ -0,0 +1 @@ +cpp/common/test/rules/returnreferenceorpointertoautomaticlocalvariable_shared/ReturnReferenceOrPointerToAutomaticLocalVariable_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M8-0-1/MultipleGlobalOrMemberDeclarators.qlref b/cpp/autosar/test/rules/M8-0-1/MultipleGlobalOrMemberDeclarators.qlref deleted file mode 100644 index 2703512673..0000000000 --- a/cpp/autosar/test/rules/M8-0-1/MultipleGlobalOrMemberDeclarators.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M8-0-1/MultipleGlobalOrMemberDeclarators.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M8-0-1/MultipleGlobalOrMemberDeclarators.testref b/cpp/autosar/test/rules/M8-0-1/MultipleGlobalOrMemberDeclarators.testref new file mode 100644 index 0000000000..b848fce94f --- /dev/null +++ b/cpp/autosar/test/rules/M8-0-1/MultipleGlobalOrMemberDeclarators.testref @@ -0,0 +1 @@ +cpp/common/test/rules/multipleglobalormemberdeclarators_shared/MultipleGlobalOrMemberDeclarators_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M8-0-1/MultipleLocalDeclarators.qlref b/cpp/autosar/test/rules/M8-0-1/MultipleLocalDeclarators.qlref deleted file mode 100644 index 2375201bf3..0000000000 --- a/cpp/autosar/test/rules/M8-0-1/MultipleLocalDeclarators.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M8-0-1/MultipleLocalDeclarators.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M8-0-1/MultipleLocalDeclarators.testref b/cpp/autosar/test/rules/M8-0-1/MultipleLocalDeclarators.testref new file mode 100644 index 0000000000..2d7784cea0 --- /dev/null +++ b/cpp/autosar/test/rules/M8-0-1/MultipleLocalDeclarators.testref @@ -0,0 +1 @@ +cpp/common/test/rules/multiplelocaldeclarators_shared/MultipleLocalDeclarators_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M8-3-1/VirtualFunctionParametersUseSameDefaultArguments.testref b/cpp/autosar/test/rules/M8-3-1/VirtualFunctionParametersUseSameDefaultArguments.testref new file mode 100644 index 0000000000..c89e908ada --- /dev/null +++ b/cpp/autosar/test/rules/M8-3-1/VirtualFunctionParametersUseSameDefaultArguments.testref @@ -0,0 +1 @@ +cpp/common/test/rules/overridingshallspecifydifferentdefaultarguments_shared/OverridingShallSpecifyDifferentDefaultArguments_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M8-3-1/VirtualFunctionParametersUseTheSameDefaultArguments.expected b/cpp/autosar/test/rules/M8-3-1/VirtualFunctionParametersUseTheSameDefaultArguments.expected deleted file mode 100644 index b5cdd76a2b..0000000000 --- a/cpp/autosar/test/rules/M8-3-1/VirtualFunctionParametersUseTheSameDefaultArguments.expected +++ /dev/null @@ -1,2 +0,0 @@ -| test.cpp:16:8:16:8 | f | $@ does not have the same default parameters as $@ | test.cpp:16:8:16:8 | f | overriding function | test.cpp:4:16:4:16 | f | overridden function | -| test.cpp:21:8:21:8 | f | $@ does not have the same default parameters as $@ | test.cpp:21:8:21:8 | f | overriding function | test.cpp:4:16:4:16 | f | overridden function | diff --git a/cpp/autosar/test/rules/M8-3-1/VirtualFunctionParametersUseTheSameDefaultArguments.qlref b/cpp/autosar/test/rules/M8-3-1/VirtualFunctionParametersUseTheSameDefaultArguments.qlref deleted file mode 100644 index ae0c1df157..0000000000 --- a/cpp/autosar/test/rules/M8-3-1/VirtualFunctionParametersUseTheSameDefaultArguments.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M8-3-1/VirtualFunctionParametersUseTheSameDefaultArguments.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M8-3-1/VirtualFunctionParametersUseTheSameDefaultArguments.testref b/cpp/autosar/test/rules/M8-3-1/VirtualFunctionParametersUseTheSameDefaultArguments.testref new file mode 100644 index 0000000000..c89e908ada --- /dev/null +++ b/cpp/autosar/test/rules/M8-3-1/VirtualFunctionParametersUseTheSameDefaultArguments.testref @@ -0,0 +1 @@ +cpp/common/test/rules/overridingshallspecifydifferentdefaultarguments_shared/OverridingShallSpecifyDifferentDefaultArguments_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M9-6-4/NamedBitFieldsWithSignedIntegerTypeShallHaveALengthOfMoreThanOneBit.expected b/cpp/autosar/test/rules/M9-6-4/NamedBitFieldsWithSignedIntegerTypeShallHaveALengthOfMoreThanOneBit.expected deleted file mode 100644 index 26b9aac563..0000000000 --- a/cpp/autosar/test/rules/M9-6-4/NamedBitFieldsWithSignedIntegerTypeShallHaveALengthOfMoreThanOneBit.expected +++ /dev/null @@ -1 +0,0 @@ -| test.cpp:2:14:2:14 | x | A named bit-field with signed integral type should have at least 2 bits of storage | diff --git a/cpp/autosar/test/rules/M9-6-4/NamedBitFieldsWithSignedIntegerTypeShallHaveALengthOfMoreThanOneBit.qlref b/cpp/autosar/test/rules/M9-6-4/NamedBitFieldsWithSignedIntegerTypeShallHaveALengthOfMoreThanOneBit.qlref deleted file mode 100644 index cdb9677f5f..0000000000 --- a/cpp/autosar/test/rules/M9-6-4/NamedBitFieldsWithSignedIntegerTypeShallHaveALengthOfMoreThanOneBit.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M9-6-4/NamedBitFieldsWithSignedIntegerTypeShallHaveALengthOfMoreThanOneBit.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M9-6-4/NamedBitFieldsWithSignedIntegerTypeShallHaveALengthOfMoreThanOneBit.testref b/cpp/autosar/test/rules/M9-6-4/NamedBitFieldsWithSignedIntegerTypeShallHaveALengthOfMoreThanOneBit.testref new file mode 100644 index 0000000000..a2543b0769 --- /dev/null +++ b/cpp/autosar/test/rules/M9-6-4/NamedBitFieldsWithSignedIntegerTypeShallHaveALengthOfMoreThanOneBit.testref @@ -0,0 +1 @@ +cpp/common/test/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M9-6-4/test.cpp b/cpp/autosar/test/rules/M9-6-4/test.cpp deleted file mode 100644 index d3939b71ee..0000000000 --- a/cpp/autosar/test/rules/M9-6-4/test.cpp +++ /dev/null @@ -1,8 +0,0 @@ -struct S { - signed int x : 1; // NON-COMPLIANT - signed int y : 5; // COMPLIANT - signed int z : 7; // COMPLIANT - signed int : 0; // COMPLIANT - signed int : 1; // COMPLIANT - signed int : 2; // COMPLIANT -}; \ No newline at end of file diff --git a/c/common/src/codingstandards/c/Expr.qll b/cpp/common/src/codingstandards/cpp/CExpr.qll similarity index 100% rename from c/common/src/codingstandards/c/Expr.qll rename to cpp/common/src/codingstandards/cpp/CExpr.qll diff --git a/c/common/src/codingstandards/c/Ordering.qll b/cpp/common/src/codingstandards/cpp/COrdering.qll similarity index 99% rename from c/common/src/codingstandards/c/Ordering.qll rename to cpp/common/src/codingstandards/cpp/COrdering.qll index 575dc6f3fd..be8254aae9 100644 --- a/c/common/src/codingstandards/c/Ordering.qll +++ b/cpp/common/src/codingstandards/cpp/COrdering.qll @@ -1,6 +1,6 @@ import cpp import codingstandards.cpp.SideEffect -import codingstandards.c.Expr +import codingstandards.cpp.CExpr import codingstandards.cpp.Variable module Ordering { diff --git a/c/common/src/codingstandards/c/IrreplaceableFunctionLikeMacro.qll b/cpp/common/src/codingstandards/cpp/IrreplaceableFunctionLikeMacro.qll similarity index 100% rename from c/common/src/codingstandards/c/IrreplaceableFunctionLikeMacro.qll rename to cpp/common/src/codingstandards/cpp/IrreplaceableFunctionLikeMacro.qll diff --git a/cpp/common/src/codingstandards/cpp/Literals.qll b/cpp/common/src/codingstandards/cpp/Literals.qll index c6845b181d..66e15b28dc 100644 --- a/cpp/common/src/codingstandards/cpp/Literals.qll +++ b/cpp/common/src/codingstandards/cpp/Literals.qll @@ -5,6 +5,8 @@ import cpp import codingstandards.cpp.Cpp14Literal +class IntegerLiteral = Cpp14Literal::IntegerLiteral; + /** Gets `Literal.getValueText()` truncated to at most 20 characters. */ string getTruncatedLiteralText(Literal l) { exists(string text | text = l.getValueText() | diff --git a/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll b/cpp/common/src/codingstandards/cpp/NameInDependentBase.qll similarity index 99% rename from cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll rename to cpp/common/src/codingstandards/cpp/NameInDependentBase.qll index b3d12c044b..e599f286ae 100644 --- a/cpp/autosar/src/rules/M14-6-1/NameInDependentBase.qll +++ b/cpp/common/src/codingstandards/cpp/NameInDependentBase.qll @@ -1,5 +1,4 @@ import cpp -import codingstandards.cpp.autosar /** * Gets a dependent base type of the given template class. diff --git a/cpp/autosar/src/rules/A18-5-4/OperatorDelete.qll b/cpp/common/src/codingstandards/cpp/OperatorDelete.qll similarity index 96% rename from cpp/autosar/src/rules/A18-5-4/OperatorDelete.qll rename to cpp/common/src/codingstandards/cpp/OperatorDelete.qll index ada7d109cd..c9ff315866 100644 --- a/cpp/autosar/src/rules/A18-5-4/OperatorDelete.qll +++ b/cpp/common/src/codingstandards/cpp/OperatorDelete.qll @@ -1,5 +1,4 @@ import cpp -import codingstandards.cpp.autosar class StdNoThrow extends Class { StdNoThrow() { hasQualifiedName("std", "nothrow_t") } diff --git a/c/common/src/codingstandards/c/SideEffects.qll b/cpp/common/src/codingstandards/cpp/SideEffects.qll similarity index 100% rename from c/common/src/codingstandards/c/SideEffects.qll rename to cpp/common/src/codingstandards/cpp/SideEffects.qll diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/ImportMisra23.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/ImportMisra23.qll index 86b4b9c5ae..fe0c6ea6e3 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/ImportMisra23.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/ImportMisra23.qll @@ -26,7 +26,69 @@ newtype ImportMisra23Query = TCallToSetlocaleInvalidatesOldPointersMisraQuery() or TCallToSetlocaleInvalidatesOldPointersWarnMisraQuery() or TObjectUsedWhileInPotentiallyMovedFromStateQuery() or - TReadsAndWritesOnStreamNotSeparatedByPositioningQuery() + TReadsAndWritesOnStreamNotSeparatedByPositioningQuery() or + TCommaOperatorShouldNotBeUsedQuery() or + TCopyAndMoveAssignmentsShallHandleSelfAssignmentQuery() or + TUseSingleLocalDeclaratorsQuery() or + TUseSingleGlobalOrMemberDeclaratorsQuery() or + TEnumerationNotDefinedWithAnExplicitUnderlyingTypeQuery() or + TAsmDeclarationShallNotBeUsedQuery() or + TNonUniqueEnumerationConstantQuery() or + TBitFieldShallHaveAnAppropriateTypeQuery() or + TSignedIntegerNamedBitFieldHaveALengthOfOneBitQuery() or + TVirtualAndNonVirtualClassInTheHierarchyQuery() or + TOverridingShallSpecifyDifferentDefaultArgumentsQuery() or + TPotentiallyVirtualPointerOnlyComparesToNullptrQuery() or + TObjectsDynamicTypeUsedFromConstructorOrDestructorQuery() or + TInitializeAllVirtualBaseClassesQuery() or + TInitializerListConstructorIsTheOnlyConstructorQuery() or + TAddressOfOperatorOverloadedQuery() or + TFunctionTemplatesExplicitlySpecializedQuery() or + TExceptionObjectHavePointerTypeQuery() or + TEmptyThrowOnlyWithinACatchHandlerQuery() or + TNoexceptFunctionShouldNotPropagateToTheCallerQuery() or + TFunctionLikeMacrosDefinedQuery() or + TMacroParameterFollowingHashQuery() or + TAMixedUseMacroArgumentSubjectToExpansionQuery() or + TCsignalFacilitiesUsedQuery() or + TCsignalTypesShallNotBeUsedQuery() or + TAtofAtoiAtolAndAtollUsedQuery() or + TMacroOffsetofShallNotBeUsedQuery() or + TGlobalSizedOperatorDeleteShallBeDefinedQuery() or + TGlobalUnsizedOperatorDeleteShallBeDefinedQuery() or + TVectorShouldNotBeSpecializedWithBoolQuery() or + TForwardingReferencesAndForwardNotUsedTogetherQuery() or + TCstdioFunctionsShallNotBeUsedQuery() or + TCstdioMacrosShallNotBeUsedQuery() or + TCstdioTypesShallNotBeUsedQuery() or + TMemoryOperationsNotSequencedAppropriatelyQuery() or + TBackslashCharacterMisuseQuery() or + TNonTerminatedEscapeSequencesQuery() or + TOctalConstantsUsedQuery() or + TUnsignedIntegerLiteralsNotAppropriatelySuffixedQuery() or + TLowercaseLStartsInLiteralSuffixQuery() or + TCharacterSequenceUsedWithinACStyleCommentQuery() or + TLineSplicingUsedInCommentsQuery() or + TGlobalNamespaceDeclarationsQuery() or + TNonGlobalFunctionMainQuery() or + TInheritedNonOverridableMemberFunctionQuery() or + TInheritedOverridableMemberFunctionQuery() or + TDefinitionShallBeConsideredForUnqualifiedLookupQuery() or + TNameShallBeReferredUsingAQualifiedIdOrThisQuery() or + TNameShallBeReferredUsingAQualifiedIdOrThisAuditQuery() or + TReturnReferenceOrPointerToAutomaticLocalVariableQuery() or + TNullptrNotTheOnlyFormOfTheNullPointerConstantQuery() or + TArrayPassedAsFunctionArgumentDecayToAPointerQuery() or + TResultOfAnAssignmentOperatorShouldNotBeUsedQuery() or + TFunctionsCallThemselvesEitherDirectlyOrIndirectlyQuery() or + TCastsBetweenAPointerToFunctionAndAnyOtherTypeQuery() or + TReinterpretCastShallNotBeUsedQuery() or + TUnsignedOperationWithConstantOperandsWrapsQuery() or + TBuiltInUnaryOperatorAppliedToUnsignedExpressionQuery() or + TSwitchBodyCompoundConditionQuery() or + TLoopBodyCompoundConditionQuery() or + TGotoStatementShouldNotBeUsedQuery() or + TGotoReferenceALabelInSurroundingBlockQuery() predicate isImportMisra23QueryMetadata(Query query, string queryId, string ruleId, string category) { query = @@ -235,6 +297,564 @@ predicate isImportMisra23QueryMetadata(Query query, string queryId, string ruleI "cpp/misra/reads-and-writes-on-stream-not-separated-by-positioning" and ruleId = "RULE-30-0-2" and category = "required" + or + query = + // `Query` instance for the `commaOperatorShouldNotBeUsed` query + ImportMisra23Package::commaOperatorShouldNotBeUsedQuery() and + queryId = + // `@id` for the `commaOperatorShouldNotBeUsed` query + "cpp/misra/comma-operator-should-not-be-used" and + ruleId = "RULE-8-19-1" and + category = "advisory" + or + query = + // `Query` instance for the `copyAndMoveAssignmentsShallHandleSelfAssignment` query + ImportMisra23Package::copyAndMoveAssignmentsShallHandleSelfAssignmentQuery() and + queryId = + // `@id` for the `copyAndMoveAssignmentsShallHandleSelfAssignment` query + "cpp/misra/copy-and-move-assignments-shall-handle-self-assignment" and + ruleId = "DIR-15-8-1" and + category = "required" + or + query = + // `Query` instance for the `useSingleLocalDeclarators` query + ImportMisra23Package::useSingleLocalDeclaratorsQuery() and + queryId = + // `@id` for the `useSingleLocalDeclarators` query + "cpp/misra/use-single-local-declarators" and + ruleId = "RULE-10-0-1" and + category = "advisory" + or + query = + // `Query` instance for the `useSingleGlobalOrMemberDeclarators` query + ImportMisra23Package::useSingleGlobalOrMemberDeclaratorsQuery() and + queryId = + // `@id` for the `useSingleGlobalOrMemberDeclarators` query + "cpp/misra/use-single-global-or-member-declarators" and + ruleId = "RULE-10-0-1" and + category = "advisory" + or + query = + // `Query` instance for the `enumerationNotDefinedWithAnExplicitUnderlyingType` query + ImportMisra23Package::enumerationNotDefinedWithAnExplicitUnderlyingTypeQuery() and + queryId = + // `@id` for the `enumerationNotDefinedWithAnExplicitUnderlyingType` query + "cpp/misra/enumeration-not-defined-with-an-explicit-underlying-type" and + ruleId = "RULE-10-2-1" and + category = "required" + or + query = + // `Query` instance for the `asmDeclarationShallNotBeUsed` query + ImportMisra23Package::asmDeclarationShallNotBeUsedQuery() and + queryId = + // `@id` for the `asmDeclarationShallNotBeUsed` query + "cpp/misra/asm-declaration-shall-not-be-used" and + ruleId = "RULE-10-4-1" and + category = "required" + or + query = + // `Query` instance for the `nonUniqueEnumerationConstant` query + ImportMisra23Package::nonUniqueEnumerationConstantQuery() and + queryId = + // `@id` for the `nonUniqueEnumerationConstant` query + "cpp/misra/non-unique-enumeration-constant" and + ruleId = "RULE-11-6-3" and + category = "required" + or + query = + // `Query` instance for the `bitFieldShallHaveAnAppropriateType` query + ImportMisra23Package::bitFieldShallHaveAnAppropriateTypeQuery() and + queryId = + // `@id` for the `bitFieldShallHaveAnAppropriateType` query + "cpp/misra/bit-field-shall-have-an-appropriate-type" and + ruleId = "RULE-12-2-2" and + category = "required" + or + query = + // `Query` instance for the `signedIntegerNamedBitFieldHaveALengthOfOneBit` query + ImportMisra23Package::signedIntegerNamedBitFieldHaveALengthOfOneBitQuery() and + queryId = + // `@id` for the `signedIntegerNamedBitFieldHaveALengthOfOneBit` query + "cpp/misra/signed-integer-named-bit-field-have-a-length-of-one-bit" and + ruleId = "RULE-12-2-3" and + category = "required" + or + query = + // `Query` instance for the `virtualAndNonVirtualClassInTheHierarchy` query + ImportMisra23Package::virtualAndNonVirtualClassInTheHierarchyQuery() and + queryId = + // `@id` for the `virtualAndNonVirtualClassInTheHierarchy` query + "cpp/misra/virtual-and-non-virtual-class-in-the-hierarchy" and + ruleId = "RULE-13-1-2" and + category = "required" + or + query = + // `Query` instance for the `overridingShallSpecifyDifferentDefaultArguments` query + ImportMisra23Package::overridingShallSpecifyDifferentDefaultArgumentsQuery() and + queryId = + // `@id` for the `overridingShallSpecifyDifferentDefaultArguments` query + "cpp/misra/overriding-shall-specify-different-default-arguments" and + ruleId = "RULE-13-3-2" and + category = "required" + or + query = + // `Query` instance for the `potentiallyVirtualPointerOnlyComparesToNullptr` query + ImportMisra23Package::potentiallyVirtualPointerOnlyComparesToNullptrQuery() and + queryId = + // `@id` for the `potentiallyVirtualPointerOnlyComparesToNullptr` query + "cpp/misra/potentially-virtual-pointer-only-compares-to-nullptr" and + ruleId = "RULE-13-3-4" and + category = "required" + or + query = + // `Query` instance for the `objectsDynamicTypeUsedFromConstructorOrDestructor` query + ImportMisra23Package::objectsDynamicTypeUsedFromConstructorOrDestructorQuery() and + queryId = + // `@id` for the `objectsDynamicTypeUsedFromConstructorOrDestructor` query + "cpp/misra/objects-dynamic-type-used-from-constructor-or-destructor" and + ruleId = "RULE-15-1-1" and + category = "required" + or + query = + // `Query` instance for the `initializeAllVirtualBaseClasses` query + ImportMisra23Package::initializeAllVirtualBaseClassesQuery() and + queryId = + // `@id` for the `initializeAllVirtualBaseClasses` query + "cpp/misra/initialize-all-virtual-base-classes" and + ruleId = "RULE-15-1-2" and + category = "advisory" + or + query = + // `Query` instance for the `initializerListConstructorIsTheOnlyConstructor` query + ImportMisra23Package::initializerListConstructorIsTheOnlyConstructorQuery() and + queryId = + // `@id` for the `initializerListConstructorIsTheOnlyConstructor` query + "cpp/misra/initializer-list-constructor-is-the-only-constructor" and + ruleId = "RULE-15-1-5" and + category = "required" + or + query = + // `Query` instance for the `addressOfOperatorOverloaded` query + ImportMisra23Package::addressOfOperatorOverloadedQuery() and + queryId = + // `@id` for the `addressOfOperatorOverloaded` query + "cpp/misra/address-of-operator-overloaded" and + ruleId = "RULE-16-5-2" and + category = "required" + or + query = + // `Query` instance for the `functionTemplatesExplicitlySpecialized` query + ImportMisra23Package::functionTemplatesExplicitlySpecializedQuery() and + queryId = + // `@id` for the `functionTemplatesExplicitlySpecialized` query + "cpp/misra/function-templates-explicitly-specialized" and + ruleId = "RULE-17-8-1" and + category = "required" + or + query = + // `Query` instance for the `exceptionObjectHavePointerType` query + ImportMisra23Package::exceptionObjectHavePointerTypeQuery() and + queryId = + // `@id` for the `exceptionObjectHavePointerType` query + "cpp/misra/exception-object-have-pointer-type" and + ruleId = "RULE-18-1-1" and + category = "required" + or + query = + // `Query` instance for the `emptyThrowOnlyWithinACatchHandler` query + ImportMisra23Package::emptyThrowOnlyWithinACatchHandlerQuery() and + queryId = + // `@id` for the `emptyThrowOnlyWithinACatchHandler` query + "cpp/misra/empty-throw-only-within-a-catch-handler" and + ruleId = "RULE-18-1-2" and + category = "required" + or + query = + // `Query` instance for the `noexceptFunctionShouldNotPropagateToTheCaller` query + ImportMisra23Package::noexceptFunctionShouldNotPropagateToTheCallerQuery() and + queryId = + // `@id` for the `noexceptFunctionShouldNotPropagateToTheCaller` query + "cpp/misra/noexcept-function-should-not-propagate-to-the-caller" and + ruleId = "RULE-18-5-1" and + category = "advisory" + or + query = + // `Query` instance for the `functionLikeMacrosDefined` query + ImportMisra23Package::functionLikeMacrosDefinedQuery() and + queryId = + // `@id` for the `functionLikeMacrosDefined` query + "cpp/misra/function-like-macros-defined" and + ruleId = "RULE-19-0-2" and + category = "required" + or + query = + // `Query` instance for the `macroParameterFollowingHash` query + ImportMisra23Package::macroParameterFollowingHashQuery() and + queryId = + // `@id` for the `macroParameterFollowingHash` query + "cpp/misra/macro-parameter-following-hash" and + ruleId = "RULE-19-3-2" and + category = "required" + or + query = + // `Query` instance for the `aMixedUseMacroArgumentSubjectToExpansion` query + ImportMisra23Package::aMixedUseMacroArgumentSubjectToExpansionQuery() and + queryId = + // `@id` for the `aMixedUseMacroArgumentSubjectToExpansion` query + "cpp/misra/a-mixed-use-macro-argument-subject-to-expansion" and + ruleId = "RULE-19-3-3" and + category = "required" + or + query = + // `Query` instance for the `csignalFacilitiesUsed` query + ImportMisra23Package::csignalFacilitiesUsedQuery() and + queryId = + // `@id` for the `csignalFacilitiesUsed` query + "cpp/misra/csignal-facilities-used" and + ruleId = "RULE-21-10-3" and + category = "required" + or + query = + // `Query` instance for the `csignalTypesShallNotBeUsed` query + ImportMisra23Package::csignalTypesShallNotBeUsedQuery() and + queryId = + // `@id` for the `csignalTypesShallNotBeUsed` query + "cpp/misra/csignal-types-shall-not-be-used" and + ruleId = "RULE-21-10-3" and + category = "required" + or + query = + // `Query` instance for the `atofAtoiAtolAndAtollUsed` query + ImportMisra23Package::atofAtoiAtolAndAtollUsedQuery() and + queryId = + // `@id` for the `atofAtoiAtolAndAtollUsed` query + "cpp/misra/atof-atoi-atol-and-atoll-used" and + ruleId = "RULE-21-2-1" and + category = "required" + or + query = + // `Query` instance for the `macroOffsetofShallNotBeUsed` query + ImportMisra23Package::macroOffsetofShallNotBeUsedQuery() and + queryId = + // `@id` for the `macroOffsetofShallNotBeUsed` query + "cpp/misra/macro-offsetof-shall-not-be-used" and + ruleId = "RULE-21-2-4" and + category = "required" + or + query = + // `Query` instance for the `globalSizedOperatorDeleteShallBeDefined` query + ImportMisra23Package::globalSizedOperatorDeleteShallBeDefinedQuery() and + queryId = + // `@id` for the `globalSizedOperatorDeleteShallBeDefined` query + "cpp/misra/global-sized-operator-delete-shall-be-defined" and + ruleId = "RULE-21-6-4" and + category = "required" + or + query = + // `Query` instance for the `globalUnsizedOperatorDeleteShallBeDefined` query + ImportMisra23Package::globalUnsizedOperatorDeleteShallBeDefinedQuery() and + queryId = + // `@id` for the `globalUnsizedOperatorDeleteShallBeDefined` query + "cpp/misra/global-unsized-operator-delete-shall-be-defined" and + ruleId = "RULE-21-6-4" and + category = "required" + or + query = + // `Query` instance for the `vectorShouldNotBeSpecializedWithBool` query + ImportMisra23Package::vectorShouldNotBeSpecializedWithBoolQuery() and + queryId = + // `@id` for the `vectorShouldNotBeSpecializedWithBool` query + "cpp/misra/vector-should-not-be-specialized-with-bool" and + ruleId = "RULE-26-3-1" and + category = "advisory" + or + query = + // `Query` instance for the `forwardingReferencesAndForwardNotUsedTogether` query + ImportMisra23Package::forwardingReferencesAndForwardNotUsedTogetherQuery() and + queryId = + // `@id` for the `forwardingReferencesAndForwardNotUsedTogether` query + "cpp/misra/forwarding-references-and-forward-not-used-together" and + ruleId = "RULE-28-6-2" and + category = "required" + or + query = + // `Query` instance for the `cstdioFunctionsShallNotBeUsed` query + ImportMisra23Package::cstdioFunctionsShallNotBeUsedQuery() and + queryId = + // `@id` for the `cstdioFunctionsShallNotBeUsed` query + "cpp/misra/cstdio-functions-shall-not-be-used" and + ruleId = "RULE-30-0-1" and + category = "required" + or + query = + // `Query` instance for the `cstdioMacrosShallNotBeUsed` query + ImportMisra23Package::cstdioMacrosShallNotBeUsedQuery() and + queryId = + // `@id` for the `cstdioMacrosShallNotBeUsed` query + "cpp/misra/cstdio-macros-shall-not-be-used" and + ruleId = "RULE-30-0-1" and + category = "required" + or + query = + // `Query` instance for the `cstdioTypesShallNotBeUsed` query + ImportMisra23Package::cstdioTypesShallNotBeUsedQuery() and + queryId = + // `@id` for the `cstdioTypesShallNotBeUsed` query + "cpp/misra/cstdio-types-shall-not-be-used" and + ruleId = "RULE-30-0-1" and + category = "required" + or + query = + // `Query` instance for the `memoryOperationsNotSequencedAppropriately` query + ImportMisra23Package::memoryOperationsNotSequencedAppropriatelyQuery() and + queryId = + // `@id` for the `memoryOperationsNotSequencedAppropriately` query + "cpp/misra/memory-operations-not-sequenced-appropriately" and + ruleId = "RULE-4-6-1" and + category = "required" + or + query = + // `Query` instance for the `backslashCharacterMisuse` query + ImportMisra23Package::backslashCharacterMisuseQuery() and + queryId = + // `@id` for the `backslashCharacterMisuse` query + "cpp/misra/backslash-character-misuse" and + ruleId = "RULE-5-13-1" and + category = "required" + or + query = + // `Query` instance for the `nonTerminatedEscapeSequences` query + ImportMisra23Package::nonTerminatedEscapeSequencesQuery() and + queryId = + // `@id` for the `nonTerminatedEscapeSequences` query + "cpp/misra/non-terminated-escape-sequences" and + ruleId = "RULE-5-13-2" and + category = "required" + or + query = + // `Query` instance for the `octalConstantsUsed` query + ImportMisra23Package::octalConstantsUsedQuery() and + queryId = + // `@id` for the `octalConstantsUsed` query + "cpp/misra/octal-constants-used" and + ruleId = "RULE-5-13-3" and + category = "required" + or + query = + // `Query` instance for the `unsignedIntegerLiteralsNotAppropriatelySuffixed` query + ImportMisra23Package::unsignedIntegerLiteralsNotAppropriatelySuffixedQuery() and + queryId = + // `@id` for the `unsignedIntegerLiteralsNotAppropriatelySuffixed` query + "cpp/misra/unsigned-integer-literals-not-appropriately-suffixed" and + ruleId = "RULE-5-13-4" and + category = "required" + or + query = + // `Query` instance for the `lowercaseLStartsInLiteralSuffix` query + ImportMisra23Package::lowercaseLStartsInLiteralSuffixQuery() and + queryId = + // `@id` for the `lowercaseLStartsInLiteralSuffix` query + "cpp/misra/lowercase-l-starts-in-literal-suffix" and + ruleId = "RULE-5-13-5" and + category = "required" + or + query = + // `Query` instance for the `characterSequenceUsedWithinACStyleComment` query + ImportMisra23Package::characterSequenceUsedWithinACStyleCommentQuery() and + queryId = + // `@id` for the `characterSequenceUsedWithinACStyleComment` query + "cpp/misra/character-sequence-used-within-ac-style-comment" and + ruleId = "RULE-5-7-1" and + category = "required" + or + query = + // `Query` instance for the `lineSplicingUsedInComments` query + ImportMisra23Package::lineSplicingUsedInCommentsQuery() and + queryId = + // `@id` for the `lineSplicingUsedInComments` query + "cpp/misra/line-splicing-used-in-comments" and + ruleId = "RULE-5-7-3" and + category = "required" + or + query = + // `Query` instance for the `globalNamespaceDeclarations` query + ImportMisra23Package::globalNamespaceDeclarationsQuery() and + queryId = + // `@id` for the `globalNamespaceDeclarations` query + "cpp/misra/global-namespace-declarations" and + ruleId = "RULE-6-0-3" and + category = "advisory" + or + query = + // `Query` instance for the `nonGlobalFunctionMain` query + ImportMisra23Package::nonGlobalFunctionMainQuery() and + queryId = + // `@id` for the `nonGlobalFunctionMain` query + "cpp/misra/non-global-function-main" and + ruleId = "RULE-6-0-4" and + category = "required" + or + query = + // `Query` instance for the `inheritedNonOverridableMemberFunction` query + ImportMisra23Package::inheritedNonOverridableMemberFunctionQuery() and + queryId = + // `@id` for the `inheritedNonOverridableMemberFunction` query + "cpp/misra/inherited-non-overridable-member-function" and + ruleId = "RULE-6-4-2" and + category = "required" + or + query = + // `Query` instance for the `inheritedOverridableMemberFunction` query + ImportMisra23Package::inheritedOverridableMemberFunctionQuery() and + queryId = + // `@id` for the `inheritedOverridableMemberFunction` query + "cpp/misra/inherited-overridable-member-function" and + ruleId = "RULE-6-4-2" and + category = "required" + or + query = + // `Query` instance for the `definitionShallBeConsideredForUnqualifiedLookup` query + ImportMisra23Package::definitionShallBeConsideredForUnqualifiedLookupQuery() and + queryId = + // `@id` for the `definitionShallBeConsideredForUnqualifiedLookup` query + "cpp/misra/definition-shall-be-considered-for-unqualified-lookup" and + ruleId = "RULE-6-4-2" and + category = "required" + or + query = + // `Query` instance for the `nameShallBeReferredUsingAQualifiedIdOrThis` query + ImportMisra23Package::nameShallBeReferredUsingAQualifiedIdOrThisQuery() and + queryId = + // `@id` for the `nameShallBeReferredUsingAQualifiedIdOrThis` query + "cpp/misra/name-shall-be-referred-using-a-qualified-id-or-this" and + ruleId = "RULE-6-4-3" and + category = "required" + or + query = + // `Query` instance for the `nameShallBeReferredUsingAQualifiedIdOrThisAudit` query + ImportMisra23Package::nameShallBeReferredUsingAQualifiedIdOrThisAuditQuery() and + queryId = + // `@id` for the `nameShallBeReferredUsingAQualifiedIdOrThisAudit` query + "cpp/misra/name-shall-be-referred-using-a-qualified-id-or-this-audit" and + ruleId = "RULE-6-4-3" and + category = "required" + or + query = + // `Query` instance for the `returnReferenceOrPointerToAutomaticLocalVariable` query + ImportMisra23Package::returnReferenceOrPointerToAutomaticLocalVariableQuery() and + queryId = + // `@id` for the `returnReferenceOrPointerToAutomaticLocalVariable` query + "cpp/misra/return-reference-or-pointer-to-automatic-local-variable" and + ruleId = "RULE-6-8-2" and + category = "mandatory" + or + query = + // `Query` instance for the `nullptrNotTheOnlyFormOfTheNullPointerConstant` query + ImportMisra23Package::nullptrNotTheOnlyFormOfTheNullPointerConstantQuery() and + queryId = + // `@id` for the `nullptrNotTheOnlyFormOfTheNullPointerConstant` query + "cpp/misra/nullptr-not-the-only-form-of-the-null-pointer-constant" and + ruleId = "RULE-7-11-1" and + category = "required" + or + query = + // `Query` instance for the `arrayPassedAsFunctionArgumentDecayToAPointer` query + ImportMisra23Package::arrayPassedAsFunctionArgumentDecayToAPointerQuery() and + queryId = + // `@id` for the `arrayPassedAsFunctionArgumentDecayToAPointer` query + "cpp/misra/array-passed-as-function-argument-decay-to-a-pointer" and + ruleId = "RULE-7-11-2" and + category = "required" + or + query = + // `Query` instance for the `resultOfAnAssignmentOperatorShouldNotBeUsed` query + ImportMisra23Package::resultOfAnAssignmentOperatorShouldNotBeUsedQuery() and + queryId = + // `@id` for the `resultOfAnAssignmentOperatorShouldNotBeUsed` query + "cpp/misra/result-of-an-assignment-operator-should-not-be-used" and + ruleId = "RULE-8-18-2" and + category = "advisory" + or + query = + // `Query` instance for the `functionsCallThemselvesEitherDirectlyOrIndirectly` query + ImportMisra23Package::functionsCallThemselvesEitherDirectlyOrIndirectlyQuery() and + queryId = + // `@id` for the `functionsCallThemselvesEitherDirectlyOrIndirectly` query + "cpp/misra/functions-call-themselves-either-directly-or-indirectly" and + ruleId = "RULE-8-2-10" and + category = "required" + or + query = + // `Query` instance for the `castsBetweenAPointerToFunctionAndAnyOtherType` query + ImportMisra23Package::castsBetweenAPointerToFunctionAndAnyOtherTypeQuery() and + queryId = + // `@id` for the `castsBetweenAPointerToFunctionAndAnyOtherType` query + "cpp/misra/casts-between-a-pointer-to-function-and-any-other-type" and + ruleId = "RULE-8-2-4" and + category = "required" + or + query = + // `Query` instance for the `reinterpretCastShallNotBeUsed` query + ImportMisra23Package::reinterpretCastShallNotBeUsedQuery() and + queryId = + // `@id` for the `reinterpretCastShallNotBeUsed` query + "cpp/misra/reinterpret-cast-shall-not-be-used" and + ruleId = "RULE-8-2-5" and + category = "required" + or + query = + // `Query` instance for the `unsignedOperationWithConstantOperandsWraps` query + ImportMisra23Package::unsignedOperationWithConstantOperandsWrapsQuery() and + queryId = + // `@id` for the `unsignedOperationWithConstantOperandsWraps` query + "cpp/misra/unsigned-operation-with-constant-operands-wraps" and + ruleId = "RULE-8-20-1" and + category = "advisory" + or + query = + // `Query` instance for the `builtInUnaryOperatorAppliedToUnsignedExpression` query + ImportMisra23Package::builtInUnaryOperatorAppliedToUnsignedExpressionQuery() and + queryId = + // `@id` for the `builtInUnaryOperatorAppliedToUnsignedExpression` query + "cpp/misra/built-in-unary-operator-applied-to-unsigned-expression" and + ruleId = "RULE-8-3-1" and + category = "advisory" + or + query = + // `Query` instance for the `switchBodyCompoundCondition` query + ImportMisra23Package::switchBodyCompoundConditionQuery() and + queryId = + // `@id` for the `switchBodyCompoundCondition` query + "cpp/misra/switch-body-compound-condition" and + ruleId = "RULE-9-3-1" and + category = "required" + or + query = + // `Query` instance for the `loopBodyCompoundCondition` query + ImportMisra23Package::loopBodyCompoundConditionQuery() and + queryId = + // `@id` for the `loopBodyCompoundCondition` query + "cpp/misra/loop-body-compound-condition" and + ruleId = "RULE-9-3-1" and + category = "required" + or + query = + // `Query` instance for the `gotoStatementShouldNotBeUsed` query + ImportMisra23Package::gotoStatementShouldNotBeUsedQuery() and + queryId = + // `@id` for the `gotoStatementShouldNotBeUsed` query + "cpp/misra/goto-statement-should-not-be-used" and + ruleId = "RULE-9-6-1" and + category = "advisory" + or + query = + // `Query` instance for the `gotoReferenceALabelInSurroundingBlock` query + ImportMisra23Package::gotoReferenceALabelInSurroundingBlockQuery() and + queryId = + // `@id` for the `gotoReferenceALabelInSurroundingBlock` query + "cpp/misra/goto-reference-a-label-in-surrounding-block" and + ruleId = "RULE-9-6-2" and + category = "required" } module ImportMisra23Package { @@ -398,4 +1018,438 @@ module ImportMisra23Package { // `Query` type for `readsAndWritesOnStreamNotSeparatedByPositioning` query TQueryCPP(TImportMisra23PackageQuery(TReadsAndWritesOnStreamNotSeparatedByPositioningQuery())) } + + Query commaOperatorShouldNotBeUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `commaOperatorShouldNotBeUsed` query + TQueryCPP(TImportMisra23PackageQuery(TCommaOperatorShouldNotBeUsedQuery())) + } + + Query copyAndMoveAssignmentsShallHandleSelfAssignmentQuery() { + //autogenerate `Query` type + result = + // `Query` type for `copyAndMoveAssignmentsShallHandleSelfAssignment` query + TQueryCPP(TImportMisra23PackageQuery(TCopyAndMoveAssignmentsShallHandleSelfAssignmentQuery())) + } + + Query useSingleLocalDeclaratorsQuery() { + //autogenerate `Query` type + result = + // `Query` type for `useSingleLocalDeclarators` query + TQueryCPP(TImportMisra23PackageQuery(TUseSingleLocalDeclaratorsQuery())) + } + + Query useSingleGlobalOrMemberDeclaratorsQuery() { + //autogenerate `Query` type + result = + // `Query` type for `useSingleGlobalOrMemberDeclarators` query + TQueryCPP(TImportMisra23PackageQuery(TUseSingleGlobalOrMemberDeclaratorsQuery())) + } + + Query enumerationNotDefinedWithAnExplicitUnderlyingTypeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `enumerationNotDefinedWithAnExplicitUnderlyingType` query + TQueryCPP(TImportMisra23PackageQuery(TEnumerationNotDefinedWithAnExplicitUnderlyingTypeQuery())) + } + + Query asmDeclarationShallNotBeUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `asmDeclarationShallNotBeUsed` query + TQueryCPP(TImportMisra23PackageQuery(TAsmDeclarationShallNotBeUsedQuery())) + } + + Query nonUniqueEnumerationConstantQuery() { + //autogenerate `Query` type + result = + // `Query` type for `nonUniqueEnumerationConstant` query + TQueryCPP(TImportMisra23PackageQuery(TNonUniqueEnumerationConstantQuery())) + } + + Query bitFieldShallHaveAnAppropriateTypeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `bitFieldShallHaveAnAppropriateType` query + TQueryCPP(TImportMisra23PackageQuery(TBitFieldShallHaveAnAppropriateTypeQuery())) + } + + Query signedIntegerNamedBitFieldHaveALengthOfOneBitQuery() { + //autogenerate `Query` type + result = + // `Query` type for `signedIntegerNamedBitFieldHaveALengthOfOneBit` query + TQueryCPP(TImportMisra23PackageQuery(TSignedIntegerNamedBitFieldHaveALengthOfOneBitQuery())) + } + + Query virtualAndNonVirtualClassInTheHierarchyQuery() { + //autogenerate `Query` type + result = + // `Query` type for `virtualAndNonVirtualClassInTheHierarchy` query + TQueryCPP(TImportMisra23PackageQuery(TVirtualAndNonVirtualClassInTheHierarchyQuery())) + } + + Query overridingShallSpecifyDifferentDefaultArgumentsQuery() { + //autogenerate `Query` type + result = + // `Query` type for `overridingShallSpecifyDifferentDefaultArguments` query + TQueryCPP(TImportMisra23PackageQuery(TOverridingShallSpecifyDifferentDefaultArgumentsQuery())) + } + + Query potentiallyVirtualPointerOnlyComparesToNullptrQuery() { + //autogenerate `Query` type + result = + // `Query` type for `potentiallyVirtualPointerOnlyComparesToNullptr` query + TQueryCPP(TImportMisra23PackageQuery(TPotentiallyVirtualPointerOnlyComparesToNullptrQuery())) + } + + Query objectsDynamicTypeUsedFromConstructorOrDestructorQuery() { + //autogenerate `Query` type + result = + // `Query` type for `objectsDynamicTypeUsedFromConstructorOrDestructor` query + TQueryCPP(TImportMisra23PackageQuery(TObjectsDynamicTypeUsedFromConstructorOrDestructorQuery())) + } + + Query initializeAllVirtualBaseClassesQuery() { + //autogenerate `Query` type + result = + // `Query` type for `initializeAllVirtualBaseClasses` query + TQueryCPP(TImportMisra23PackageQuery(TInitializeAllVirtualBaseClassesQuery())) + } + + Query initializerListConstructorIsTheOnlyConstructorQuery() { + //autogenerate `Query` type + result = + // `Query` type for `initializerListConstructorIsTheOnlyConstructor` query + TQueryCPP(TImportMisra23PackageQuery(TInitializerListConstructorIsTheOnlyConstructorQuery())) + } + + Query addressOfOperatorOverloadedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `addressOfOperatorOverloaded` query + TQueryCPP(TImportMisra23PackageQuery(TAddressOfOperatorOverloadedQuery())) + } + + Query functionTemplatesExplicitlySpecializedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `functionTemplatesExplicitlySpecialized` query + TQueryCPP(TImportMisra23PackageQuery(TFunctionTemplatesExplicitlySpecializedQuery())) + } + + Query exceptionObjectHavePointerTypeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `exceptionObjectHavePointerType` query + TQueryCPP(TImportMisra23PackageQuery(TExceptionObjectHavePointerTypeQuery())) + } + + Query emptyThrowOnlyWithinACatchHandlerQuery() { + //autogenerate `Query` type + result = + // `Query` type for `emptyThrowOnlyWithinACatchHandler` query + TQueryCPP(TImportMisra23PackageQuery(TEmptyThrowOnlyWithinACatchHandlerQuery())) + } + + Query noexceptFunctionShouldNotPropagateToTheCallerQuery() { + //autogenerate `Query` type + result = + // `Query` type for `noexceptFunctionShouldNotPropagateToTheCaller` query + TQueryCPP(TImportMisra23PackageQuery(TNoexceptFunctionShouldNotPropagateToTheCallerQuery())) + } + + Query functionLikeMacrosDefinedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `functionLikeMacrosDefined` query + TQueryCPP(TImportMisra23PackageQuery(TFunctionLikeMacrosDefinedQuery())) + } + + Query macroParameterFollowingHashQuery() { + //autogenerate `Query` type + result = + // `Query` type for `macroParameterFollowingHash` query + TQueryCPP(TImportMisra23PackageQuery(TMacroParameterFollowingHashQuery())) + } + + Query aMixedUseMacroArgumentSubjectToExpansionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `aMixedUseMacroArgumentSubjectToExpansion` query + TQueryCPP(TImportMisra23PackageQuery(TAMixedUseMacroArgumentSubjectToExpansionQuery())) + } + + Query csignalFacilitiesUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `csignalFacilitiesUsed` query + TQueryCPP(TImportMisra23PackageQuery(TCsignalFacilitiesUsedQuery())) + } + + Query csignalTypesShallNotBeUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `csignalTypesShallNotBeUsed` query + TQueryCPP(TImportMisra23PackageQuery(TCsignalTypesShallNotBeUsedQuery())) + } + + Query atofAtoiAtolAndAtollUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `atofAtoiAtolAndAtollUsed` query + TQueryCPP(TImportMisra23PackageQuery(TAtofAtoiAtolAndAtollUsedQuery())) + } + + Query macroOffsetofShallNotBeUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `macroOffsetofShallNotBeUsed` query + TQueryCPP(TImportMisra23PackageQuery(TMacroOffsetofShallNotBeUsedQuery())) + } + + Query globalSizedOperatorDeleteShallBeDefinedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `globalSizedOperatorDeleteShallBeDefined` query + TQueryCPP(TImportMisra23PackageQuery(TGlobalSizedOperatorDeleteShallBeDefinedQuery())) + } + + Query globalUnsizedOperatorDeleteShallBeDefinedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `globalUnsizedOperatorDeleteShallBeDefined` query + TQueryCPP(TImportMisra23PackageQuery(TGlobalUnsizedOperatorDeleteShallBeDefinedQuery())) + } + + Query vectorShouldNotBeSpecializedWithBoolQuery() { + //autogenerate `Query` type + result = + // `Query` type for `vectorShouldNotBeSpecializedWithBool` query + TQueryCPP(TImportMisra23PackageQuery(TVectorShouldNotBeSpecializedWithBoolQuery())) + } + + Query forwardingReferencesAndForwardNotUsedTogetherQuery() { + //autogenerate `Query` type + result = + // `Query` type for `forwardingReferencesAndForwardNotUsedTogether` query + TQueryCPP(TImportMisra23PackageQuery(TForwardingReferencesAndForwardNotUsedTogetherQuery())) + } + + Query cstdioFunctionsShallNotBeUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `cstdioFunctionsShallNotBeUsed` query + TQueryCPP(TImportMisra23PackageQuery(TCstdioFunctionsShallNotBeUsedQuery())) + } + + Query cstdioMacrosShallNotBeUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `cstdioMacrosShallNotBeUsed` query + TQueryCPP(TImportMisra23PackageQuery(TCstdioMacrosShallNotBeUsedQuery())) + } + + Query cstdioTypesShallNotBeUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `cstdioTypesShallNotBeUsed` query + TQueryCPP(TImportMisra23PackageQuery(TCstdioTypesShallNotBeUsedQuery())) + } + + Query memoryOperationsNotSequencedAppropriatelyQuery() { + //autogenerate `Query` type + result = + // `Query` type for `memoryOperationsNotSequencedAppropriately` query + TQueryCPP(TImportMisra23PackageQuery(TMemoryOperationsNotSequencedAppropriatelyQuery())) + } + + Query backslashCharacterMisuseQuery() { + //autogenerate `Query` type + result = + // `Query` type for `backslashCharacterMisuse` query + TQueryCPP(TImportMisra23PackageQuery(TBackslashCharacterMisuseQuery())) + } + + Query nonTerminatedEscapeSequencesQuery() { + //autogenerate `Query` type + result = + // `Query` type for `nonTerminatedEscapeSequences` query + TQueryCPP(TImportMisra23PackageQuery(TNonTerminatedEscapeSequencesQuery())) + } + + Query octalConstantsUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `octalConstantsUsed` query + TQueryCPP(TImportMisra23PackageQuery(TOctalConstantsUsedQuery())) + } + + Query unsignedIntegerLiteralsNotAppropriatelySuffixedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `unsignedIntegerLiteralsNotAppropriatelySuffixed` query + TQueryCPP(TImportMisra23PackageQuery(TUnsignedIntegerLiteralsNotAppropriatelySuffixedQuery())) + } + + Query lowercaseLStartsInLiteralSuffixQuery() { + //autogenerate `Query` type + result = + // `Query` type for `lowercaseLStartsInLiteralSuffix` query + TQueryCPP(TImportMisra23PackageQuery(TLowercaseLStartsInLiteralSuffixQuery())) + } + + Query characterSequenceUsedWithinACStyleCommentQuery() { + //autogenerate `Query` type + result = + // `Query` type for `characterSequenceUsedWithinACStyleComment` query + TQueryCPP(TImportMisra23PackageQuery(TCharacterSequenceUsedWithinACStyleCommentQuery())) + } + + Query lineSplicingUsedInCommentsQuery() { + //autogenerate `Query` type + result = + // `Query` type for `lineSplicingUsedInComments` query + TQueryCPP(TImportMisra23PackageQuery(TLineSplicingUsedInCommentsQuery())) + } + + Query globalNamespaceDeclarationsQuery() { + //autogenerate `Query` type + result = + // `Query` type for `globalNamespaceDeclarations` query + TQueryCPP(TImportMisra23PackageQuery(TGlobalNamespaceDeclarationsQuery())) + } + + Query nonGlobalFunctionMainQuery() { + //autogenerate `Query` type + result = + // `Query` type for `nonGlobalFunctionMain` query + TQueryCPP(TImportMisra23PackageQuery(TNonGlobalFunctionMainQuery())) + } + + Query inheritedNonOverridableMemberFunctionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `inheritedNonOverridableMemberFunction` query + TQueryCPP(TImportMisra23PackageQuery(TInheritedNonOverridableMemberFunctionQuery())) + } + + Query inheritedOverridableMemberFunctionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `inheritedOverridableMemberFunction` query + TQueryCPP(TImportMisra23PackageQuery(TInheritedOverridableMemberFunctionQuery())) + } + + Query definitionShallBeConsideredForUnqualifiedLookupQuery() { + //autogenerate `Query` type + result = + // `Query` type for `definitionShallBeConsideredForUnqualifiedLookup` query + TQueryCPP(TImportMisra23PackageQuery(TDefinitionShallBeConsideredForUnqualifiedLookupQuery())) + } + + Query nameShallBeReferredUsingAQualifiedIdOrThisQuery() { + //autogenerate `Query` type + result = + // `Query` type for `nameShallBeReferredUsingAQualifiedIdOrThis` query + TQueryCPP(TImportMisra23PackageQuery(TNameShallBeReferredUsingAQualifiedIdOrThisQuery())) + } + + Query nameShallBeReferredUsingAQualifiedIdOrThisAuditQuery() { + //autogenerate `Query` type + result = + // `Query` type for `nameShallBeReferredUsingAQualifiedIdOrThisAudit` query + TQueryCPP(TImportMisra23PackageQuery(TNameShallBeReferredUsingAQualifiedIdOrThisAuditQuery())) + } + + Query returnReferenceOrPointerToAutomaticLocalVariableQuery() { + //autogenerate `Query` type + result = + // `Query` type for `returnReferenceOrPointerToAutomaticLocalVariable` query + TQueryCPP(TImportMisra23PackageQuery(TReturnReferenceOrPointerToAutomaticLocalVariableQuery())) + } + + Query nullptrNotTheOnlyFormOfTheNullPointerConstantQuery() { + //autogenerate `Query` type + result = + // `Query` type for `nullptrNotTheOnlyFormOfTheNullPointerConstant` query + TQueryCPP(TImportMisra23PackageQuery(TNullptrNotTheOnlyFormOfTheNullPointerConstantQuery())) + } + + Query arrayPassedAsFunctionArgumentDecayToAPointerQuery() { + //autogenerate `Query` type + result = + // `Query` type for `arrayPassedAsFunctionArgumentDecayToAPointer` query + TQueryCPP(TImportMisra23PackageQuery(TArrayPassedAsFunctionArgumentDecayToAPointerQuery())) + } + + Query resultOfAnAssignmentOperatorShouldNotBeUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `resultOfAnAssignmentOperatorShouldNotBeUsed` query + TQueryCPP(TImportMisra23PackageQuery(TResultOfAnAssignmentOperatorShouldNotBeUsedQuery())) + } + + Query functionsCallThemselvesEitherDirectlyOrIndirectlyQuery() { + //autogenerate `Query` type + result = + // `Query` type for `functionsCallThemselvesEitherDirectlyOrIndirectly` query + TQueryCPP(TImportMisra23PackageQuery(TFunctionsCallThemselvesEitherDirectlyOrIndirectlyQuery())) + } + + Query castsBetweenAPointerToFunctionAndAnyOtherTypeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `castsBetweenAPointerToFunctionAndAnyOtherType` query + TQueryCPP(TImportMisra23PackageQuery(TCastsBetweenAPointerToFunctionAndAnyOtherTypeQuery())) + } + + Query reinterpretCastShallNotBeUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `reinterpretCastShallNotBeUsed` query + TQueryCPP(TImportMisra23PackageQuery(TReinterpretCastShallNotBeUsedQuery())) + } + + Query unsignedOperationWithConstantOperandsWrapsQuery() { + //autogenerate `Query` type + result = + // `Query` type for `unsignedOperationWithConstantOperandsWraps` query + TQueryCPP(TImportMisra23PackageQuery(TUnsignedOperationWithConstantOperandsWrapsQuery())) + } + + Query builtInUnaryOperatorAppliedToUnsignedExpressionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `builtInUnaryOperatorAppliedToUnsignedExpression` query + TQueryCPP(TImportMisra23PackageQuery(TBuiltInUnaryOperatorAppliedToUnsignedExpressionQuery())) + } + + Query switchBodyCompoundConditionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `switchBodyCompoundCondition` query + TQueryCPP(TImportMisra23PackageQuery(TSwitchBodyCompoundConditionQuery())) + } + + Query loopBodyCompoundConditionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `loopBodyCompoundCondition` query + TQueryCPP(TImportMisra23PackageQuery(TLoopBodyCompoundConditionQuery())) + } + + Query gotoStatementShouldNotBeUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `gotoStatementShouldNotBeUsed` query + TQueryCPP(TImportMisra23PackageQuery(TGotoStatementShouldNotBeUsedQuery())) + } + + Query gotoReferenceALabelInSurroundingBlockQuery() { + //autogenerate `Query` type + result = + // `Query` type for `gotoReferenceALabelInSurroundingBlock` query + TQueryCPP(TImportMisra23PackageQuery(TGotoReferenceALabelInSurroundingBlockQuery())) + } } diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Inheritance.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Inheritance.qll index a3775b87d6..9cb8aa8e03 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Inheritance.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Inheritance.qll @@ -10,7 +10,7 @@ newtype InheritanceQuery = THierarchiesShouldBeBasedOnInterfaceClassesQuery() or TClassesShouldNotBeDerivedFromVirtualBasesQuery() or TBaseClassCanBeVirtualOnlyInDiamondHierarchyQuery() or - TAccessibleBaseClassBothVirtualAndNonVirtualInHierarchyQuery() or + TAccessibleBaseClassBothVirtualAndNonVirtualQuery() or TUniqueAccessibleEntityNamesInMultipleInheritanceQuery() or TDynamicTypeOfThisUsedFromConstructorOrDestructorQuery() or TDowncastingShouldNotBePerformedOnPolymorphicTypesQuery() or @@ -74,11 +74,11 @@ predicate isInheritanceQueryMetadata(Query query, string queryId, string ruleId, category = "required" or query = - // `Query` instance for the `accessibleBaseClassBothVirtualAndNonVirtualInHierarchy` query - InheritancePackage::accessibleBaseClassBothVirtualAndNonVirtualInHierarchyQuery() and + // `Query` instance for the `accessibleBaseClassBothVirtualAndNonVirtual` query + InheritancePackage::accessibleBaseClassBothVirtualAndNonVirtualQuery() and queryId = - // `@id` for the `accessibleBaseClassBothVirtualAndNonVirtualInHierarchy` query - "cpp/autosar/accessible-base-class-both-virtual-and-non-virtual-in-hierarchy" and + // `@id` for the `accessibleBaseClassBothVirtualAndNonVirtual` query + "cpp/autosar/accessible-base-class-both-virtual-and-non-virtual" and ruleId = "M10-1-3" and category = "required" or @@ -180,11 +180,11 @@ module InheritancePackage { TQueryCPP(TInheritancePackageQuery(TBaseClassCanBeVirtualOnlyInDiamondHierarchyQuery())) } - Query accessibleBaseClassBothVirtualAndNonVirtualInHierarchyQuery() { + Query accessibleBaseClassBothVirtualAndNonVirtualQuery() { //autogenerate `Query` type result = - // `Query` type for `accessibleBaseClassBothVirtualAndNonVirtualInHierarchy` query - TQueryCPP(TInheritancePackageQuery(TAccessibleBaseClassBothVirtualAndNonVirtualInHierarchyQuery())) + // `Query` type for `accessibleBaseClassBothVirtualAndNonVirtual` query + TQueryCPP(TInheritancePackageQuery(TAccessibleBaseClassBothVirtualAndNonVirtualQuery())) } Query uniqueAccessibleEntityNamesInMultipleInheritanceQuery() { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Naming.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Naming.qll index 18f03e9c66..ddb58d7deb 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Naming.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Naming.qll @@ -20,7 +20,7 @@ newtype NamingQuery = TNameOfStandardLibraryMacroOrObjectReusedQuery() or TNameOfStandardLibraryFunctionIsOverriddenQuery() or TDifferentIdentifiersNotTypographicallyUnambiguousQuery() or - TIdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMainQuery() or + TIdentifierMainUsedForAFunctionOtherThanGlobalMainQuery() or TUnnamedNamespacesInHeaderFileQuery() or TNonIdenticalIdentifierUsedForTheParameterInReDeclarationOfAFunctionQuery() or TRedefiningOfStandardLibraryNameQuery() or @@ -178,11 +178,11 @@ predicate isNamingQueryMetadata(Query query, string queryId, string ruleId, stri category = "required" or query = - // `Query` instance for the `identifierMainUsedForAFunctionOtherThanTheGlobalFunctionMain` query - NamingPackage::identifierMainUsedForAFunctionOtherThanTheGlobalFunctionMainQuery() and + // `Query` instance for the `identifierMainUsedForAFunctionOtherThanGlobalMain` query + NamingPackage::identifierMainUsedForAFunctionOtherThanGlobalMainQuery() and queryId = - // `@id` for the `identifierMainUsedForAFunctionOtherThanTheGlobalFunctionMain` query - "cpp/autosar/identifier-main-used-for-a-function-other-than-the-global-function-main" and + // `@id` for the `identifierMainUsedForAFunctionOtherThanGlobalMain` query + "cpp/autosar/identifier-main-used-for-a-function-other-than-global-main" and ruleId = "M7-3-2" and category = "required" or @@ -390,11 +390,11 @@ module NamingPackage { TQueryCPP(TNamingPackageQuery(TDifferentIdentifiersNotTypographicallyUnambiguousQuery())) } - Query identifierMainUsedForAFunctionOtherThanTheGlobalFunctionMainQuery() { + Query identifierMainUsedForAFunctionOtherThanGlobalMainQuery() { //autogenerate `Query` type result = - // `Query` type for `identifierMainUsedForAFunctionOtherThanTheGlobalFunctionMain` query - TQueryCPP(TNamingPackageQuery(TIdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMainQuery())) + // `Query` type for `identifierMainUsedForAFunctionOtherThanGlobalMain` query + TQueryCPP(TNamingPackageQuery(TIdentifierMainUsedForAFunctionOtherThanGlobalMainQuery())) } Query unnamedNamespacesInHeaderFileQuery() { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Operators.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Operators.qll index fe71289dbc..29febc4430 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Operators.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Operators.qll @@ -17,7 +17,7 @@ newtype OperatorsQuery = TUnsignedBitwiseOperatorWithoutCastQuery() or TCommaOperatorAndOperatorAndTheOperatorOverloadedQuery() or TEachOperandOfTheOperatorTheLogicalAndOrTheLogicalOperatorsShallHaveTypeBoolQuery() or - TUnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsignedQuery() or + TUnaryMinusOperatorAppliedToAnUnsignedExpressionQuery() or TUnaryOperatorOverloadedQuery() predicate isOperatorsQueryMetadata(Query query, string queryId, string ruleId, string category) { @@ -139,11 +139,11 @@ predicate isOperatorsQueryMetadata(Query query, string queryId, string ruleId, s category = "required" or query = - // `Query` instance for the `unaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsigned` query - OperatorsPackage::unaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsignedQuery() and + // `Query` instance for the `unaryMinusOperatorAppliedToAnUnsignedExpression` query + OperatorsPackage::unaryMinusOperatorAppliedToAnUnsignedExpressionQuery() and queryId = - // `@id` for the `unaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsigned` query - "cpp/autosar/unary-minus-operator-applied-to-an-expression-whose-underlying-type-is-unsigned" and + // `@id` for the `unaryMinusOperatorAppliedToAnUnsignedExpression` query + "cpp/autosar/unary-minus-operator-applied-to-an-unsigned-expression" and ruleId = "M5-3-2" and category = "required" or @@ -249,11 +249,11 @@ module OperatorsPackage { TQueryCPP(TOperatorsPackageQuery(TEachOperandOfTheOperatorTheLogicalAndOrTheLogicalOperatorsShallHaveTypeBoolQuery())) } - Query unaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsignedQuery() { + Query unaryMinusOperatorAppliedToAnUnsignedExpressionQuery() { //autogenerate `Query` type result = - // `Query` type for `unaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsigned` query - TQueryCPP(TOperatorsPackageQuery(TUnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsignedQuery())) + // `Query` type for `unaryMinusOperatorAppliedToAnUnsignedExpression` query + TQueryCPP(TOperatorsPackageQuery(TUnaryMinusOperatorAppliedToAnUnsignedExpressionQuery())) } Query unaryOperatorOverloadedQuery() { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Pointers.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Pointers.qll index 1dd5bef4c8..fda7ecb0ed 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Pointers.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Pointers.qll @@ -7,7 +7,7 @@ newtype PointersQuery = TPointerToAnElementOfAnArrayPassedToASmartPointerQuery() or TDeclarationContainLessThanTwoLevelsOfIndirectionQuery() or TPointerArithmeticUsedWithPointersToNonFinalClassesQuery() or - TPointerToMemberVirtualFunctionWithNullPointerConstantQuery() or + TVirtualPointerOnlyComparesToNullptrConstantQuery() or TDeletingPointerToIncompleteTypeQuery() or TPointerToMemberAccessNonExistentClassMembersQuery() or TNullPointerToMemberAccessNonExistentClassMembersQuery() or @@ -16,7 +16,7 @@ newtype PointersQuery = TPointerAndDerivedPointerAccessDifferentArrayQuery() or TPointerSubtractionOnDifferentArraysQuery() or TAppliedToObjectsOfPointerTypeQuery() or - TIdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointerQuery() or + TIdentifierPassedAsFunctionArgumentDecayToAPointerQuery() or TPointerToAVirtualBaseClassCastToAPointerQuery() or TCastNotConvertPointerToFunctionQuery() or TIntegerOrPointerToVoidConvertedToPointerTypeQuery() or @@ -57,11 +57,11 @@ predicate isPointersQueryMetadata(Query query, string queryId, string ruleId, st category = "required" or query = - // `Query` instance for the `pointerToMemberVirtualFunctionWithNullPointerConstant` query - PointersPackage::pointerToMemberVirtualFunctionWithNullPointerConstantQuery() and + // `Query` instance for the `virtualPointerOnlyComparesToNullptrConstant` query + PointersPackage::virtualPointerOnlyComparesToNullptrConstantQuery() and queryId = - // `@id` for the `pointerToMemberVirtualFunctionWithNullPointerConstant` query - "cpp/autosar/pointer-to-member-virtual-function-with-null-pointer-constant" and + // `@id` for the `virtualPointerOnlyComparesToNullptrConstant` query + "cpp/autosar/virtual-pointer-only-compares-to-nullptr-constant" and ruleId = "A5-10-1" and category = "required" or @@ -138,11 +138,11 @@ predicate isPointersQueryMetadata(Query query, string queryId, string ruleId, st category = "required" or query = - // `Query` instance for the `identifierWithArrayTypePassedAsFunctionArgumentDecayToAPointer` query - PointersPackage::identifierWithArrayTypePassedAsFunctionArgumentDecayToAPointerQuery() and + // `Query` instance for the `identifierPassedAsFunctionArgumentDecayToAPointer` query + PointersPackage::identifierPassedAsFunctionArgumentDecayToAPointerQuery() and queryId = - // `@id` for the `identifierWithArrayTypePassedAsFunctionArgumentDecayToAPointer` query - "cpp/autosar/identifier-with-array-type-passed-as-function-argument-decay-to-a-pointer" and + // `@id` for the `identifierPassedAsFunctionArgumentDecayToAPointer` query + "cpp/autosar/identifier-passed-as-function-argument-decay-to-a-pointer" and ruleId = "M5-2-12" and category = "required" or @@ -259,11 +259,11 @@ module PointersPackage { TQueryCPP(TPointersPackageQuery(TPointerArithmeticUsedWithPointersToNonFinalClassesQuery())) } - Query pointerToMemberVirtualFunctionWithNullPointerConstantQuery() { + Query virtualPointerOnlyComparesToNullptrConstantQuery() { //autogenerate `Query` type result = - // `Query` type for `pointerToMemberVirtualFunctionWithNullPointerConstant` query - TQueryCPP(TPointersPackageQuery(TPointerToMemberVirtualFunctionWithNullPointerConstantQuery())) + // `Query` type for `virtualPointerOnlyComparesToNullptrConstant` query + TQueryCPP(TPointersPackageQuery(TVirtualPointerOnlyComparesToNullptrConstantQuery())) } Query deletingPointerToIncompleteTypeQuery() { @@ -322,11 +322,11 @@ module PointersPackage { TQueryCPP(TPointersPackageQuery(TAppliedToObjectsOfPointerTypeQuery())) } - Query identifierWithArrayTypePassedAsFunctionArgumentDecayToAPointerQuery() { + Query identifierPassedAsFunctionArgumentDecayToAPointerQuery() { //autogenerate `Query` type result = - // `Query` type for `identifierWithArrayTypePassedAsFunctionArgumentDecayToAPointer` query - TQueryCPP(TPointersPackageQuery(TIdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointerQuery())) + // `Query` type for `identifierPassedAsFunctionArgumentDecayToAPointer` query + TQueryCPP(TPointersPackageQuery(TIdentifierPassedAsFunctionArgumentDecayToAPointerQuery())) } Query pointerToAVirtualBaseClassCastToAPointerQuery() { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/VirtualFunctions.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/VirtualFunctions.qll index e2c73fc33d..e11ce49f1f 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/VirtualFunctions.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/VirtualFunctions.qll @@ -11,7 +11,7 @@ newtype VirtualFunctionsQuery = TDestructorOfABaseClassNotPublicVirtualQuery() or TNonVirtualPublicDestructorInNonFinalClassQuery() or TVirtualFunctionOverriddenByAPureVirtualFunctionQuery() or - TVirtualFunctionParametersUseTheSameDefaultArgumentsQuery() + TVirtualFunctionParametersUseSameDefaultArgumentsQuery() predicate isVirtualFunctionsQueryMetadata( Query query, string queryId, string ruleId, string category @@ -80,11 +80,11 @@ predicate isVirtualFunctionsQueryMetadata( category = "required" or query = - // `Query` instance for the `virtualFunctionParametersUseTheSameDefaultArguments` query - VirtualFunctionsPackage::virtualFunctionParametersUseTheSameDefaultArgumentsQuery() and + // `Query` instance for the `virtualFunctionParametersUseSameDefaultArguments` query + VirtualFunctionsPackage::virtualFunctionParametersUseSameDefaultArgumentsQuery() and queryId = - // `@id` for the `virtualFunctionParametersUseTheSameDefaultArguments` query - "cpp/autosar/virtual-function-parameters-use-the-same-default-arguments" and + // `@id` for the `virtualFunctionParametersUseSameDefaultArguments` query + "cpp/autosar/virtual-function-parameters-use-same-default-arguments" and ruleId = "M8-3-1" and category = "required" } @@ -139,10 +139,10 @@ module VirtualFunctionsPackage { TQueryCPP(TVirtualFunctionsPackageQuery(TVirtualFunctionOverriddenByAPureVirtualFunctionQuery())) } - Query virtualFunctionParametersUseTheSameDefaultArgumentsQuery() { + Query virtualFunctionParametersUseSameDefaultArgumentsQuery() { //autogenerate `Query` type result = - // `Query` type for `virtualFunctionParametersUseTheSameDefaultArguments` query - TQueryCPP(TVirtualFunctionsPackageQuery(TVirtualFunctionParametersUseTheSameDefaultArgumentsQuery())) + // `Query` type for `virtualFunctionParametersUseSameDefaultArguments` query + TQueryCPP(TVirtualFunctionsPackageQuery(TVirtualFunctionParametersUseSameDefaultArgumentsQuery())) } } diff --git a/cpp/common/src/codingstandards/cpp/rules/addressofoperatoroverloaded_shared/AddressOfOperatorOverloaded_shared.qll b/cpp/common/src/codingstandards/cpp/rules/addressofoperatoroverloaded_shared/AddressOfOperatorOverloaded_shared.qll new file mode 100644 index 0000000000..a187e8bfa8 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/addressofoperatoroverloaded_shared/AddressOfOperatorOverloaded_shared.qll @@ -0,0 +1,16 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import codingstandards.cpp.Operator + +abstract class AddressOfOperatorOverloaded_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof AddressOfOperatorOverloaded_sharedSharedQuery } + +query predicate problems(UnaryAddressOfOperator e, string message) { +not isExcluded(e, getQuery()) and message = "The unary & operator overloaded." +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/rules/amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.qll b/cpp/common/src/codingstandards/cpp/rules/amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.qll new file mode 100644 index 0000000000..bf2ff2fbae --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.qll @@ -0,0 +1,32 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import codingstandards.cpp.Macro + +abstract class AMixedUseMacroArgumentSubjectToExpansion_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof AMixedUseMacroArgumentSubjectToExpansion_sharedSharedQuery } + +query predicate problems(FunctionLikeMacro m, string message) { + exists(MacroInvocation mi, int i, string expanded, string param | + not isExcluded(m, getQuery()) and + mi = m.getAnInvocation() and + param = m.getParameter(i) and + ( + exists(TokenPastingOperator op | op.getMacro() = m and op.getOperand() = param) + or + exists(StringizingOperator op | op.getMacro() = m and op.getOperand() = param) + ) and + // An expansion that is equal to "" means the expansion is not used and is optimized away by EDG. This happens when the expanded argument is an operand to `#` or `##`. + // This check ensure there is an expansion that is used. + expanded = mi.getExpandedArgument(i) and + not expanded = "" and + not mi.getUnexpandedArgument(i) = mi.getExpandedArgument(i) and + message = + "Macro " + m.getName() + " contains use of parameter " + param + " used in multiple contexts." + ) +} diff --git a/cpp/common/src/codingstandards/cpp/rules/arraypassedasfunctionargumentdecaytoapointer_shared/ArrayPassedAsFunctionArgumentDecayToAPointer_shared.qll b/cpp/common/src/codingstandards/cpp/rules/arraypassedasfunctionargumentdecaytoapointer_shared/ArrayPassedAsFunctionArgumentDecayToAPointer_shared.qll new file mode 100644 index 0000000000..fa61d89aea --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/arraypassedasfunctionargumentdecaytoapointer_shared/ArrayPassedAsFunctionArgumentDecayToAPointer_shared.qll @@ -0,0 +1,47 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class ArrayPassedAsFunctionArgumentDecayToAPointer_sharedSharedQuery extends Query { } + +Query getQuery() { + result instanceof ArrayPassedAsFunctionArgumentDecayToAPointer_sharedSharedQuery +} + +predicate arrayToPointerDecay(Access ae, Parameter p) { + ( + p.getType() instanceof PointerType and + // exclude parameters of void* because then it assumed the caller can pass in dimensions through other means. + // examples are uses in `memset` or `memcpy` + not p.getType() instanceof VoidPointerType + or + p.getType() instanceof ArrayType + ) and + ae.getType() instanceof ArrayType and + // exclude char[] arrays because we assume that we can determine its dimension by looking for a NULL byte. + not ae.getType().(ArrayType).getBaseType() instanceof CharType +} + +query predicate problems( + Element e, string message, Variable array, string array_string, Parameter decayedArray, + string decayedArray_string, Function f, string f_string +) { + exists(FunctionCall fc, VariableAccess arrayAccess, int i | + not isExcluded(e, getQuery()) and + arrayAccess = array.getAnAccess() and + f = fc.getTarget() and + arrayAccess = fc.getArgument(i) and + decayedArray = f.getParameter(i) and + arrayToPointerDecay(arrayAccess, decayedArray) and + not arrayAccess.isAffectedByMacro() and + e = fc.getArgument(i) and + array_string = array.getName() and + decayedArray_string = decayedArray.getName() and + f_string = f.getName() and + message = "The array $@ decays to the pointer $@ when passed as an argument to the function $@." + ) +} diff --git a/cpp/common/src/codingstandards/cpp/rules/asmdeclarationused_shared/AsmDeclarationUsed_shared.qll b/cpp/common/src/codingstandards/cpp/rules/asmdeclarationused_shared/AsmDeclarationUsed_shared.qll new file mode 100644 index 0000000000..cce1de8cee --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/asmdeclarationused_shared/AsmDeclarationUsed_shared.qll @@ -0,0 +1,15 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class AsmDeclarationUsed_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof AsmDeclarationUsed_sharedSharedQuery } + +query predicate problems(AsmStmt e, string message) { + not isExcluded(e, getQuery()) and message = "Use of asm declaration" +} diff --git a/cpp/common/src/codingstandards/cpp/rules/atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.qll b/cpp/common/src/codingstandards/cpp/rules/atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.qll new file mode 100644 index 0000000000..a187b586b1 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.qll @@ -0,0 +1,23 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +private string atoi() { result = ["atof", "atoi", "atol", "atoll"] } + +abstract class AtofAtoiAtolAndAtollUsed_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof AtofAtoiAtolAndAtollUsed_sharedSharedQuery } + +query predicate problems(FunctionCall fc, string message) { + exists(Function f | + not isExcluded(fc, getQuery()) and + f = fc.getTarget() and + f.getName() = atoi() and + f.getFile().getBaseName() = "stdlib.h" and + message = "Call to banned function " + f.getName() + "." + ) +} diff --git a/cpp/common/src/codingstandards/cpp/rules/backslashcharactermisuse_shared/BackslashCharacterMisuse_shared.qll b/cpp/common/src/codingstandards/cpp/rules/backslashcharactermisuse_shared/BackslashCharacterMisuse_shared.qll new file mode 100644 index 0000000000..ffad0f540b --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/backslashcharactermisuse_shared/BackslashCharacterMisuse_shared.qll @@ -0,0 +1,21 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class BackslashCharacterMisuse_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof BackslashCharacterMisuse_sharedSharedQuery } + +query predicate problems(StringLiteral l, string message) { + exists(string es | + not isExcluded(l, getQuery()) and + es = l.getANonStandardEscapeSequence(_, _) and + // Exclude universal-character-names, which begin with \u or \U + not es.toLowerCase().matches("\\u") and + message = "This literal contains the non-standard escape sequence " + es + "." + ) +} diff --git a/cpp/common/src/codingstandards/cpp/rules/bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.qll b/cpp/common/src/codingstandards/cpp/rules/bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.qll new file mode 100644 index 0000000000..766913db58 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.qll @@ -0,0 +1,40 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import codingstandards.cpp.Compiler + +abstract class BitFieldShallHaveAnAppropriateType_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof BitFieldShallHaveAnAppropriateType_sharedSharedQuery } + +Type getSupportedBitFieldType(Compiler compiler) { + compiler instanceof UnsupportedCompiler and + ( + result instanceof IntType and + ( + result.(IntegralType).isExplicitlySigned() or + result.(IntegralType).isExplicitlyUnsigned() + ) + or + result instanceof BoolType + ) + or + (compiler instanceof Gcc or compiler instanceof Clang) and + ( + result instanceof IntegralOrEnumType + or + result instanceof BoolType + ) +} + +query predicate problems(BitField bitField, string message) { + not isExcluded(bitField, getQuery()) and + /* A violation would neither be an appropriate primitive type nor an appropriate typedef. */ + not getSupportedBitFieldType(getCompiler(bitField.getFile())) = + bitField.getType().resolveTypedefs() and + message = "Bit-field '" + bitField + "' is declared on type '" + bitField.getType() + "'." +} diff --git a/cpp/common/src/codingstandards/cpp/rules/builtinunaryoperatorappliedtounsignedexpression_shared/BuiltInUnaryOperatorAppliedToUnsignedExpression_shared.qll b/cpp/common/src/codingstandards/cpp/rules/builtinunaryoperatorappliedtounsignedexpression_shared/BuiltInUnaryOperatorAppliedToUnsignedExpression_shared.qll new file mode 100644 index 0000000000..a1e7d5b490 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/builtinunaryoperatorappliedtounsignedexpression_shared/BuiltInUnaryOperatorAppliedToUnsignedExpression_shared.qll @@ -0,0 +1,25 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class BuiltInUnaryOperatorAppliedToUnsignedExpression_sharedSharedQuery extends Query { } + +Query getQuery() { + result instanceof BuiltInUnaryOperatorAppliedToUnsignedExpression_sharedSharedQuery +} + +query predicate problems(Element e, string message) { + exists(UnaryMinusExpr ex, IntegralType t | + t = ex.getOperand().getExplicitlyConverted().getType().getUnderlyingType() and + t.isUnsigned() and + not ex.isAffectedByMacro() and + e = ex.getOperand() and + not isExcluded(e, getQuery()) and + message = + "The unary minus operator shall not be applied to an expression whose underlying type is unsigned." + ) +} diff --git a/cpp/common/src/codingstandards/cpp/rules/castsbetweenapointertofunctionandanyothertype_shared/CastsBetweenAPointerToFunctionAndAnyOtherType_shared.qll b/cpp/common/src/codingstandards/cpp/rules/castsbetweenapointertofunctionandanyothertype_shared/CastsBetweenAPointerToFunctionAndAnyOtherType_shared.qll new file mode 100644 index 0000000000..d09009cc29 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/castsbetweenapointertofunctionandanyothertype_shared/CastsBetweenAPointerToFunctionAndAnyOtherType_shared.qll @@ -0,0 +1,21 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class CastsBetweenAPointerToFunctionAndAnyOtherType_sharedSharedQuery extends Query { } + +Query getQuery() { + result instanceof CastsBetweenAPointerToFunctionAndAnyOtherType_sharedSharedQuery +} + +query predicate problems(Cast c, string message) { + not isExcluded(c, getQuery()) and + not c.isImplicit() and + not c.isAffectedByMacro() and + c.getExpr().getType() instanceof FunctionPointerType and + message = "Cast converting a pointer to function." +} diff --git a/cpp/common/src/codingstandards/cpp/rules/charactersequenceusedwithinacstylecomment_shared/CharacterSequenceUsedWithinACStyleComment_shared.qll b/cpp/common/src/codingstandards/cpp/rules/charactersequenceusedwithinacstylecomment_shared/CharacterSequenceUsedWithinACStyleComment_shared.qll new file mode 100644 index 0000000000..a6719c3c4e --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/charactersequenceusedwithinacstylecomment_shared/CharacterSequenceUsedWithinACStyleComment_shared.qll @@ -0,0 +1,17 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class CharacterSequenceUsedWithinACStyleComment_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof CharacterSequenceUsedWithinACStyleComment_sharedSharedQuery } + +query predicate problems(CStyleComment c, string message) { + not isExcluded(c, getQuery()) and + exists(c.getContents().regexpFind("./\\*", _, _)) and + message = "C-style /* comment includes nested /*." +} diff --git a/cpp/common/src/codingstandards/cpp/rules/copyandmoveassignmentsshallhandleselfassignment_shared/CopyAndMoveAssignmentsShallHandleSelfAssignment_shared.qll b/cpp/common/src/codingstandards/cpp/rules/copyandmoveassignmentsshallhandleselfassignment_shared/CopyAndMoveAssignmentsShallHandleSelfAssignment_shared.qll new file mode 100644 index 0000000000..8e8c35365d --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/copyandmoveassignmentsshallhandleselfassignment_shared/CopyAndMoveAssignmentsShallHandleSelfAssignment_shared.qll @@ -0,0 +1,53 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import codingstandards.cpp.Operator + +abstract class CopyAndMoveAssignmentsShallHandleSelfAssignment_sharedSharedQuery extends Query { } + +Query getQuery() { + result instanceof CopyAndMoveAssignmentsShallHandleSelfAssignment_sharedSharedQuery +} + +predicate isUserCopyOrUserMove(Operator o) { + o instanceof UserCopyOperator or + o instanceof UserMoveOperator +} + +predicate callsStdSwap(Function f) { + exists(FunctionCall fc | + fc.getTarget().hasGlobalOrStdName("swap") and + fc.getEnclosingFunction() = f + ) +} + +predicate callsNoExceptSwap(Operator o) { + exists(Function f, FunctionCall fc | + callsStdSwap(f) and + fc.getEnclosingFunction() = o and + fc.getTarget() = f + ) +} + +predicate checksForSelfAssignment(Operator o) { + exists(IfStmt i, ComparisonOperation c | + i.getEnclosingFunction() = o and + i.getCondition() = c and + ( + c.getLeftOperand().toString() = "this" or + c.getRightOperand().toString() = "this" + ) + ) +} + +query predicate problems(Operator o, string message) { + not isExcluded(o, getQuery()) and + isUserCopyOrUserMove(o) and + not callsNoExceptSwap(o) and + not checksForSelfAssignment(o) and + message = "User defined copy or user defined move does not handle self-assignment correctly." +} diff --git a/cpp/common/src/codingstandards/cpp/rules/csignalfunctionsused_shared/CsignalFunctionsUsed_shared.qll b/cpp/common/src/codingstandards/cpp/rules/csignalfunctionsused_shared/CsignalFunctionsUsed_shared.qll new file mode 100644 index 0000000000..6a1e2270ff --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/csignalfunctionsused_shared/CsignalFunctionsUsed_shared.qll @@ -0,0 +1,20 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class CsignalFunctionsUsed_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof CsignalFunctionsUsed_sharedSharedQuery } + +query predicate problems(FunctionCall fc, string message) { + exists(Function f | + not isExcluded(fc, getQuery()) and + f = fc.getTarget() and + f.hasGlobalOrStdName(["signal", "raise"]) and + message = "Use of function '" + f.getQualifiedName() + "'." + ) +} diff --git a/cpp/common/src/codingstandards/cpp/rules/csignaltypesused_shared/CsignalTypesUsed_shared.qll b/cpp/common/src/codingstandards/cpp/rules/csignaltypesused_shared/CsignalTypesUsed_shared.qll new file mode 100644 index 0000000000..07293c9e75 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/csignaltypesused_shared/CsignalTypesUsed_shared.qll @@ -0,0 +1,20 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class CsignalTypesUsed_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof CsignalTypesUsed_sharedSharedQuery } + +query predicate problems(TypeMention tm, string message) { + exists(UserType ut | + not isExcluded(tm, getQuery()) and + ut = tm.getMentionedType() and + ut.hasGlobalOrStdName("sig_atomic_t") and + message = "Use of type '" + ut.getQualifiedName() + "'." + ) +} diff --git a/cpp/common/src/codingstandards/cpp/rules/cstdiofunctionsused_shared/CstdioFunctionsUsed_shared.qll b/cpp/common/src/codingstandards/cpp/rules/cstdiofunctionsused_shared/CstdioFunctionsUsed_shared.qll new file mode 100644 index 0000000000..b89a2349a4 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/cstdiofunctionsused_shared/CstdioFunctionsUsed_shared.qll @@ -0,0 +1,36 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class CstdioFunctionsUsed_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof CstdioFunctionsUsed_sharedSharedQuery } + +query predicate problems(FunctionCall fc, string message) { + exists(Function f | + not isExcluded(fc, getQuery()) and + f = fc.getTarget() and + f.hasGlobalOrStdName([ + "remove", "rename", "tmpfile", "tmpnam", + // File access + "fclose", "fflush", "fopen", "freopen", "setbuf", "setvbuf", + // Formatted input/output + "fprintf", "fscanf", "printf", "scanf", "snprintf", "sprintf", "sscanf", "vfprintf", + "vfscanf", "vprintf", "vscanf", "vsnprintf", "vsprintf", "vsscanf", + // Character input/output + "fgetc", "fgets", "fputc", "fputs", "getc", "getchar", "gets", "putc", "putchar", "puts", + "ungetc", + // Direct input/output + "fread", "fwrite", + // File positioning + "fgetpos", "fseek", "fsetpos", "ftell", "rewind", + // Error handling + "clearerr", "feof", "ferror", "perror" + ]) and + message = "Use of function '" + f.getQualifiedName() + "'." + ) +} diff --git a/cpp/common/src/codingstandards/cpp/rules/cstdiomacrosused_shared/CstdioMacrosUsed_shared.qll b/cpp/common/src/codingstandards/cpp/rules/cstdiomacrosused_shared/CstdioMacrosUsed_shared.qll new file mode 100644 index 0000000000..0f56127110 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/cstdiomacrosused_shared/CstdioMacrosUsed_shared.qll @@ -0,0 +1,20 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class CstdioMacrosUsed_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof CstdioMacrosUsed_sharedSharedQuery } + +query predicate problems(MacroInvocation mi, string message) { + not isExcluded(mi, getQuery()) and + mi.getMacroName() in [ + "BUFSIZ", "EOF", "FILENAME_MAX", "FOPEN_MAX", "L_tmpnam", "TMP_MAX", "_IOFBF", "IOLBF", + "_IONBF", "SEEK_CUR", "SEEK_END", "SEEK_SET" + ] and + message = "Use of macro '" + mi.getMacroName() + "'." +} diff --git a/cpp/common/src/codingstandards/cpp/rules/cstdiotypesused_shared/CstdioTypesUsed_shared.qll b/cpp/common/src/codingstandards/cpp/rules/cstdiotypesused_shared/CstdioTypesUsed_shared.qll new file mode 100644 index 0000000000..f4d4529fe2 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/cstdiotypesused_shared/CstdioTypesUsed_shared.qll @@ -0,0 +1,25 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class CstdioTypesUsed_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof CstdioTypesUsed_sharedSharedQuery } + +query predicate problems(TypeMention tm, string message) { + exists(UserType ut | + not isExcluded(tm, getQuery()) and + ut = tm.getMentionedType() and + ut.hasGlobalOrStdName(["FILE", "fpos_t"]) and + // Not in the standard library + exists(tm.getFile().getRelativePath()) and + // Not in our tests copy of the standard library + not tm.getFile().getRelativePath() = + ["includes/standard-library/stddef.h", "includes/standard-library/stdio.h"] and + message = "Use of type '" + ut.getQualifiedName() + "'." + ) +} diff --git a/cpp/common/src/codingstandards/cpp/rules/definitionnotconsideredforunqualifiedlookup_shared/DefinitionNotConsideredForUnqualifiedLookup_shared.qll b/cpp/common/src/codingstandards/cpp/rules/definitionnotconsideredforunqualifiedlookup_shared/DefinitionNotConsideredForUnqualifiedLookup_shared.qll new file mode 100644 index 0000000000..e85491f271 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/definitionnotconsideredforunqualifiedlookup_shared/DefinitionNotConsideredForUnqualifiedLookup_shared.qll @@ -0,0 +1,67 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class DefinitionNotConsideredForUnqualifiedLookup_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof DefinitionNotConsideredForUnqualifiedLookup_sharedSharedQuery } + +/** + * Holds if `functionDecl` is a possible intended target of the `usingDecl`. + */ +pragma[noinline] +predicate isPossibleIntendedTarget( + FunctionDeclarationEntry functionDecl, UsingDeclarationEntry usingDecl +) { + // Extracted to improve the join order. With this approach, we first compute a set of using + // declarations and a set of possible intended targets + functionDecl.getDeclaration().isTopLevel() and + functionDecl.getDeclaration().getQualifiedName() = usingDecl.getDeclaration().getQualifiedName() and + functionDecl.getDeclaration().getNamespace().getParentNamespace*() = usingDecl.getParentScope() +} + +/** + * Holds if `functionDecl` is a possible intended target of the `usingDecl`, and they exist at the + * given locations. + */ +pragma[noinline] +predicate isPossibleIntendedTargetLocation( + FunctionDeclarationEntry functionDecl, UsingDeclarationEntry usingDecl, File usingsFile, + File unavailableFile, int usingsStartLine, int unavailableStartLine +) { + // Extracted to improve the join order. With this approach, we take the set of possible intended + // targets computed in isPossibleIntendedTargets, and compute the files and start lines. + // This helps avoid the join order preferred by the optimiser if this is all written directly in + // the from-where-select, where it will eagerly join: + // + // usingDeclarationEntries -> enclosing files -> all other elements in those files + // + // which is expensive when there are a lot of files with using declarations + isPossibleIntendedTarget(functionDecl, usingDecl) and + usingsFile = usingDecl.getFile() and + unavailableFile = functionDecl.getFile() and + usingsStartLine = usingDecl.getLocation().getStartLine() and + unavailableStartLine = functionDecl.getLocation().getStartLine() +} + +query predicate problems( + FunctionDeclarationEntry unavailableDecl, string message, UsingDeclarationEntry usingDecl, + string usingDecl_string +) { + not isExcluded(unavailableDecl, getQuery()) and + exists(File usingsFile, File unavailableFile, int usingsStartLine, int unavailableStartLine | + isPossibleIntendedTargetLocation(unavailableDecl, usingDecl, usingsFile, unavailableFile, + usingsStartLine, unavailableStartLine) and + // An approximation of order where we want the using to preceed the new declaration. + usingsFile = unavailableFile and + usingsStartLine < unavailableStartLine + ) and + message = + "Definition for '" + unavailableDecl.getName() + + "' is not available for unqualified lookup because it is declared after $@" and + usingDecl_string = "using-declaration" +} diff --git a/cpp/common/src/codingstandards/cpp/rules/emptythrowonlywithinacatchhandler_shared/EmptyThrowOnlyWithinACatchHandler_shared.qll b/cpp/common/src/codingstandards/cpp/rules/emptythrowonlywithinacatchhandler_shared/EmptyThrowOnlyWithinACatchHandler_shared.qll new file mode 100644 index 0000000000..31669cb0dc --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/emptythrowonlywithinacatchhandler_shared/EmptyThrowOnlyWithinACatchHandler_shared.qll @@ -0,0 +1,17 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class EmptyThrowOnlyWithinACatchHandler_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof EmptyThrowOnlyWithinACatchHandler_sharedSharedQuery } + +query predicate problems(ReThrowExpr re, string message) { + not isExcluded(re, getQuery()) and + not re.getEnclosingElement+() instanceof CatchBlock and + message = "Rethrow outside catch block" +} diff --git a/cpp/common/src/codingstandards/cpp/rules/enumerationnotdefinedwithanexplicitunderlyingtype/EnumerationNotDefinedWithAnExplicitUnderlyingType.qll b/cpp/common/src/codingstandards/cpp/rules/enumerationnotdefinedwithanexplicitunderlyingtype/EnumerationNotDefinedWithAnExplicitUnderlyingType.qll new file mode 100644 index 0000000000..7b31c00b47 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/enumerationnotdefinedwithanexplicitunderlyingtype/EnumerationNotDefinedWithAnExplicitUnderlyingType.qll @@ -0,0 +1,15 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class EnumerationNotDefinedWithAnExplicitUnderlyingTypeSharedQuery extends Query { } + +Query getQuery() { result instanceof EnumerationNotDefinedWithAnExplicitUnderlyingTypeSharedQuery } + +query predicate problems(Element e, string message) { +not isExcluded(e, getQuery()) and message = "" +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/rules/enumerationnotdefinedwithanexplicitunderlyingtype_shared/EnumerationNotDefinedWithAnExplicitUnderlyingType_shared.qll b/cpp/common/src/codingstandards/cpp/rules/enumerationnotdefinedwithanexplicitunderlyingtype_shared/EnumerationNotDefinedWithAnExplicitUnderlyingType_shared.qll new file mode 100644 index 0000000000..c4c9d33f35 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/enumerationnotdefinedwithanexplicitunderlyingtype_shared/EnumerationNotDefinedWithAnExplicitUnderlyingType_shared.qll @@ -0,0 +1,19 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class EnumerationNotDefinedWithAnExplicitUnderlyingType_sharedSharedQuery extends Query { } + +Query getQuery() { + result instanceof EnumerationNotDefinedWithAnExplicitUnderlyingType_sharedSharedQuery +} + +query predicate problems(Enum e, string message) { + not isExcluded(e, getQuery()) and + not e.hasExplicitUnderlyingType() and + message = "Base type of enumeration is not explicitly specified." +} diff --git a/cpp/common/src/codingstandards/cpp/rules/exceptionobjecthavepointertype_shared/ExceptionObjectHavePointerType_shared.qll b/cpp/common/src/codingstandards/cpp/rules/exceptionobjecthavepointertype_shared/ExceptionObjectHavePointerType_shared.qll new file mode 100644 index 0000000000..f9fded32cd --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/exceptionobjecthavepointertype_shared/ExceptionObjectHavePointerType_shared.qll @@ -0,0 +1,18 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class ExceptionObjectHavePointerType_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof ExceptionObjectHavePointerType_sharedSharedQuery } + +query predicate problems(Expr thrownExpr, string message) { + not isExcluded(thrownExpr, getQuery()) and + thrownExpr = any(ThrowExpr te).getExpr() and + thrownExpr.getType().getUnspecifiedType() instanceof PointerType and + message = "Exception object with pointer type " + thrownExpr.getType() + " is thrown here." +} diff --git a/cpp/common/src/codingstandards/cpp/rules/forwardingreferencesandforwardnotusedtogether_shared/ForwardingReferencesAndForwardNotUsedTogether_shared.qll b/cpp/common/src/codingstandards/cpp/rules/forwardingreferencesandforwardnotusedtogether_shared/ForwardingReferencesAndForwardNotUsedTogether_shared.qll new file mode 100644 index 0000000000..71c03b6e94 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/forwardingreferencesandforwardnotusedtogether_shared/ForwardingReferencesAndForwardNotUsedTogether_shared.qll @@ -0,0 +1,29 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import codingstandards.cpp.standardlibrary.Utility + +abstract class ForwardingReferencesAndForwardNotUsedTogether_sharedSharedQuery extends Query { } + +Query getQuery() { + result instanceof ForwardingReferencesAndForwardNotUsedTogether_sharedSharedQuery +} + +query predicate problems(FunctionCall c, string message, Parameter a, string a_string) { + not isExcluded(c, getQuery()) and + a_string = a.getName() and + a.getAnAccess() = c.getAnArgument() and + ( + c instanceof StdMoveCall and + a instanceof ForwardParameter and + message = "Function `std::forward` should be used for forwarding the forward reference $@." + or + c instanceof StdForwardCall and + a instanceof ConsumeParameter and + message = "Function `std::move` should be used for forwarding rvalue reference $@." + ) +} diff --git a/cpp/common/src/codingstandards/cpp/rules/functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.qll b/cpp/common/src/codingstandards/cpp/rules/functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.qll new file mode 100644 index 0000000000..71b7c09a18 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.qll @@ -0,0 +1,30 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import codingstandards.cpp.IrreplaceableFunctionLikeMacro + +abstract class FunctionLikeMacrosDefined_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof FunctionLikeMacrosDefined_sharedSharedQuery } + +predicate partOfConstantExpr(MacroInvocation i) { + exists(Expr e | + e.isConstant() and + not i.getExpr() = e and + i.getExpr().getParent+() = e + ) +} + +query predicate problems(FunctionLikeMacro m, string message) { + not isExcluded(m, getQuery()) and + not m instanceof IrreplaceableFunctionLikeMacro and + //macros can have empty body + not m.getBody().length() = 0 and + //function call not allowed in a constant expression (where constant expr is parent) + forall(MacroInvocation i | i = m.getAnInvocation() | not partOfConstantExpr(i)) and + message = "Macro used instead of a function." +} diff --git a/cpp/common/src/codingstandards/cpp/rules/functionscallthemselveseitherdirectlyorindirectly_shared/FunctionsCallThemselvesEitherDirectlyOrIndirectly_shared.qll b/cpp/common/src/codingstandards/cpp/rules/functionscallthemselveseitherdirectlyorindirectly_shared/FunctionsCallThemselvesEitherDirectlyOrIndirectly_shared.qll new file mode 100644 index 0000000000..18ad403ffe --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/functionscallthemselveseitherdirectlyorindirectly_shared/FunctionsCallThemselvesEitherDirectlyOrIndirectly_shared.qll @@ -0,0 +1,35 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class FunctionsCallThemselvesEitherDirectlyOrIndirectly_sharedSharedQuery extends Query { } + +Query getQuery() { + result instanceof FunctionsCallThemselvesEitherDirectlyOrIndirectly_sharedSharedQuery +} + +class RecursiveCall extends FunctionCall { + RecursiveCall() { + this.getTarget().calls*(this.getEnclosingFunction()) and + not this.getTarget().hasSpecifier("is_constexpr") + } +} + +query predicate problems(FunctionCall fc, string message, Function f, string f_name) { + exists(RecursiveCall call | + not isExcluded(call, getQuery()) and + f = fc.getTarget() and + f_name = fc.getTarget().getName() and + fc.getTarget() = call.getTarget() and + if fc.getTarget() = fc.getEnclosingFunction() + then message = "This call directly invokes its containing function $@." + else + message = + "The function " + fc.getEnclosingFunction() + + " is indirectly recursive via this call to $@." + ) +} diff --git a/cpp/common/src/codingstandards/cpp/rules/functiontemplatesexplicitlyspecialized_shared/FunctionTemplatesExplicitlySpecialized_shared.qll b/cpp/common/src/codingstandards/cpp/rules/functiontemplatesexplicitlyspecialized_shared/FunctionTemplatesExplicitlySpecialized_shared.qll new file mode 100644 index 0000000000..e39ab569b7 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/functiontemplatesexplicitlyspecialized_shared/FunctionTemplatesExplicitlySpecialized_shared.qll @@ -0,0 +1,20 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class FunctionTemplatesExplicitlySpecialized_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof FunctionTemplatesExplicitlySpecialized_sharedSharedQuery } + +query predicate problems( + FunctionTemplateSpecialization f, string message, TemplateFunction tf, string tf_string +) { + not isExcluded(f, getQuery()) and + tf = f.getPrimaryTemplate() and + tf_string = f.getPrimaryTemplate().getFile().getBaseName() and + message = "Specialization of function template from primary template located in $@." +} diff --git a/cpp/common/src/codingstandards/cpp/rules/globalnamespacedeclarations_shared/GlobalNamespaceDeclarations_shared.qll b/cpp/common/src/codingstandards/cpp/rules/globalnamespacedeclarations_shared/GlobalNamespaceDeclarations_shared.qll new file mode 100644 index 0000000000..89dee4dd8b --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/globalnamespacedeclarations_shared/GlobalNamespaceDeclarations_shared.qll @@ -0,0 +1,21 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class GlobalNamespaceDeclarations_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof GlobalNamespaceDeclarations_sharedSharedQuery } + +query predicate problems(DeclarationEntry e, string message) { + not isExcluded(e, getQuery()) and + e.getDeclaration().getNamespace() instanceof GlobalNamespace and + e.getDeclaration().isTopLevel() and + not exists(Function f | f = e.getDeclaration() | f.hasGlobalName("main") or f.hasCLinkage()) and + message = + "Declaration " + e.getName() + + " is in the global namespace and is not a main, a namespace, or an extern \"C\" declaration." +} diff --git a/cpp/common/src/codingstandards/cpp/rules/globalsizedoperatordeletenotdefined_shared/GlobalSizedOperatorDeleteNotDefined_shared.qll b/cpp/common/src/codingstandards/cpp/rules/globalsizedoperatordeletenotdefined_shared/GlobalSizedOperatorDeleteNotDefined_shared.qll new file mode 100644 index 0000000000..112ff0b674 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/globalsizedoperatordeletenotdefined_shared/GlobalSizedOperatorDeleteNotDefined_shared.qll @@ -0,0 +1,22 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import codingstandards.cpp.OperatorDelete + +abstract class GlobalSizedOperatorDeleteNotDefined_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof GlobalSizedOperatorDeleteNotDefined_sharedSharedQuery } + +query predicate problems(OperatorDelete unsized_delete, string message) { + not isExcluded(unsized_delete, getQuery()) and + not unsized_delete.isSizeDelete() and + not exists(OperatorDelete od | unsized_delete.isNoThrowDelete() = od.isNoThrowDelete() | + od.isSizeDelete() + ) and + message = + "Unsized function '" + unsized_delete.getName() + "' defined globally without sized version." +} diff --git a/cpp/common/src/codingstandards/cpp/rules/globalunsizedoperatordeletenotdefined_shared/GlobalUnsizedOperatorDeleteNotDefined_shared.qll b/cpp/common/src/codingstandards/cpp/rules/globalunsizedoperatordeletenotdefined_shared/GlobalUnsizedOperatorDeleteNotDefined_shared.qll new file mode 100644 index 0000000000..031b4674c5 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/globalunsizedoperatordeletenotdefined_shared/GlobalUnsizedOperatorDeleteNotDefined_shared.qll @@ -0,0 +1,22 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import codingstandards.cpp.OperatorDelete + +abstract class GlobalUnsizedOperatorDeleteNotDefined_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof GlobalUnsizedOperatorDeleteNotDefined_sharedSharedQuery } + +query predicate problems(OperatorDelete sized_delete, string message) { + not isExcluded(sized_delete, getQuery()) and + sized_delete.isSizeDelete() and + not exists(OperatorDelete od | sized_delete.isNoThrowDelete() = od.isNoThrowDelete() | + not od.isSizeDelete() + ) and + message = + "Sized function '" + sized_delete.getName() + "' defined globally without unsized version." +} diff --git a/cpp/common/src/codingstandards/cpp/rules/gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.qll b/cpp/common/src/codingstandards/cpp/rules/gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.qll new file mode 100644 index 0000000000..11c09e2298 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.qll @@ -0,0 +1,59 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class GotoReferenceALabelInSurroundingBlock_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof GotoReferenceALabelInSurroundingBlock_sharedSharedQuery } + +predicate isPartOfSwitch(Stmt goto) { + exists(SwitchStmt switch | switch.getStmt() = goto.getParent()) +} + +SwitchCase getSwitchCase(Stmt stmt) { + exists(int index, SwitchStmt switch | + getStmtInSwitch(switch, stmt, index) and getStmtInSwitch(switch, result, index - 1) + ) + or + exists(int index, SwitchStmt switch, Stmt other | + getStmtInSwitch(switch, stmt, index) and + getStmtInSwitch(switch, other, index - 1) and + not other instanceof SwitchCase and + result = getSwitchCase(other) + ) +} + +predicate getStmtInSwitch(SwitchStmt switch, Stmt s, int index) { + switch.getStmt().(BlockStmt).getStmt(index) = s +} + +int statementDepth(Stmt statement) { + statement.getParent() = statement.getEnclosingFunction().getBlock() and result = 1 + or + statementDepth(statement.getParent()) + 1 = result +} + +query predicate problems(GotoStmt goto, string message, Stmt target, string target_string) { + not isExcluded(goto, getQuery()) and + exists(int gotoDepth, int targetDepth | + goto.getTarget() = target and + gotoDepth = statementDepth(goto) and + targetDepth = statementDepth(target) and + targetDepth >= gotoDepth and + ( + targetDepth = gotoDepth + implies + ( + not isPartOfSwitch(goto) and not goto.getParent() = target.getParent() + or + isPartOfSwitch(goto) and not getSwitchCase(goto) = getSwitchCase(target) + ) + ) and + target_string = "label" and + message = "The goto statement and its $@ are not declared or enclosed in the same block." + ) +} diff --git a/cpp/common/src/codingstandards/cpp/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.qll b/cpp/common/src/codingstandards/cpp/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.qll new file mode 100644 index 0000000000..7ec5ddb557 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.qll @@ -0,0 +1,17 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class GotoStatementShouldNotBeUsed_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof GotoStatementShouldNotBeUsed_sharedSharedQuery } + +query predicate problems(Stmt s, string message) { + not isExcluded(s, getQuery()) and + (s instanceof GotoStmt or s instanceof ComputedGotoStmt) and + message = "Use of goto." +} diff --git a/cpp/common/src/codingstandards/cpp/rules/hiddeninheritednonoverridablememberfunction_shared/HiddenInheritedNonOverridableMemberFunction_shared.qll b/cpp/common/src/codingstandards/cpp/rules/hiddeninheritednonoverridablememberfunction_shared/HiddenInheritedNonOverridableMemberFunction_shared.qll new file mode 100644 index 0000000000..080d686b9f --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/hiddeninheritednonoverridablememberfunction_shared/HiddenInheritedNonOverridableMemberFunction_shared.qll @@ -0,0 +1,56 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import codingstandards.cpp.Class + +abstract class HiddenInheritedNonOverridableMemberFunction_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof HiddenInheritedNonOverridableMemberFunction_sharedSharedQuery } + +/** + * Holds if the class has a non-virtual member function with the given name. + */ +pragma[noinline, nomagic] +predicate hasNonVirtualMemberFunction(Class clazz, MemberFunction mf, string name) { + mf.getDeclaringType() = clazz and + mf.getName() = name and + not mf.isVirtual() and + // Exclude private member functions, which cannot be inherited. + not mf.isPrivate() +} + +/** + * Holds if the member function is in a class with the given base class, and has the given name. + */ +pragma[noinline, nomagic] +predicate hasDeclarationBaseClass(MemberFunction mf, Class baseClass, string functionName) { + baseClass = mf.getDeclaringType().getABaseClass() and + functionName = mf.getName() +} + +query predicate problems( + MemberFunction overridingDecl, string message, MemberFunction hiddenDecl, string hiddenDecl_string +) { + exists(Class baseClass, string name | + not isExcluded(overridingDecl, getQuery()) and // Check if we are overriding a non-virtual inherited member function + hasNonVirtualMemberFunction(baseClass, hiddenDecl, name) and + hasDeclarationBaseClass(overridingDecl, baseClass, name) and + // Where the hidden member function isn't explicitly brought in scope through a using declaration. + not exists(UsingDeclarationEntry ude | + ude.getDeclaration() = hiddenDecl and + ude.getEnclosingElement() = overridingDecl.getDeclaringType() + ) and + // Exclude compiler generated member functions which include things like copy constructor that hide base class + // copy constructors. + not overridingDecl.isCompilerGenerated() and + // Exclude special member functions, which cannot be inherited. + not overridingDecl instanceof SpecialMemberFunction and + message = + "Declaration for member '" + name + "' hides non-overridable inherited member function $@" and + hiddenDecl_string = hiddenDecl.getName() + ) +} diff --git a/cpp/common/src/codingstandards/cpp/rules/hiddeninheritedoverridablememberfunction_shared/HiddenInheritedOverridableMemberFunction_shared.qll b/cpp/common/src/codingstandards/cpp/rules/hiddeninheritedoverridablememberfunction_shared/HiddenInheritedOverridableMemberFunction_shared.qll new file mode 100644 index 0000000000..b41bebf6f4 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/hiddeninheritedoverridablememberfunction_shared/HiddenInheritedOverridableMemberFunction_shared.qll @@ -0,0 +1,54 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class HiddenInheritedOverridableMemberFunction_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof HiddenInheritedOverridableMemberFunction_sharedSharedQuery } + +query predicate problems( + FunctionDeclarationEntry overridingDecl, string message, FunctionDeclarationEntry hiddenDecl, + string hiddenDecl_string +) { + not isExcluded(overridingDecl, getQuery()) and + // Check if we are overriding a virtual inherited member function + hiddenDecl.getDeclaration().isVirtual() and + // Exclude private member functions, which cannot be inherited. + not hiddenDecl.getDeclaration().(MemberFunction).isPrivate() and + // The overriding declaration hides the hidden declaration if: + ( + // 1. the overriding declaration overrides a function in a base class that is an overload of the hidden declaration + // and the hidden declaration isn't overriden in the same class. + exists(FunctionDeclarationEntry overridenDecl | + overridingDecl.getDeclaration().(MemberFunction).overrides(overridenDecl.getDeclaration()) and + overridenDecl.getDeclaration().getAnOverload() = hiddenDecl.getDeclaration() and + not exists(MemberFunction overridingFunc | + hiddenDecl.getDeclaration().(MemberFunction).getAnOverridingFunction() = overridingFunc and + overridingFunc.getDeclaringType() = overridingDecl.getDeclaration().getDeclaringType() + ) + ) and + // and the hidden declaration isn't explicitly brought in scope through a using declaration. + not exists(UsingDeclarationEntry ude | + ude.getDeclaration() = hiddenDecl.getDeclaration() and + ude.getEnclosingElement() = overridingDecl.getDeclaration().getDeclaringType() + ) + or + // 2. if the overriding declaration doesn't override a base member function but has the same name + // as the hidden declaration + not overridingDecl.getDeclaration().(MemberFunction).overrides(_) and + overridingDecl.getName() = hiddenDecl.getName() and + overridingDecl.getDeclaration().getDeclaringType().getABaseClass() = + hiddenDecl.getDeclaration().getDeclaringType() + ) and + // Limit the results to the declarations and not the definitions, if any. + (overridingDecl.getDeclaration().hasDefinition() implies not overridingDecl.isDefinition()) and + (hiddenDecl.getDeclaration().hasDefinition() implies not hiddenDecl.isDefinition()) and + message = + "Declaration for member '" + overridingDecl.getName() + + "' hides overridable inherited member function $@" and + hiddenDecl_string = hiddenDecl.getName() +} diff --git a/cpp/common/src/codingstandards/cpp/rules/initializeallvirtualbaseclasses_shared/InitializeAllVirtualBaseClasses_shared.qll b/cpp/common/src/codingstandards/cpp/rules/initializeallvirtualbaseclasses_shared/InitializeAllVirtualBaseClasses_shared.qll new file mode 100644 index 0000000000..0143a88ca7 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/initializeallvirtualbaseclasses_shared/InitializeAllVirtualBaseClasses_shared.qll @@ -0,0 +1,44 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import codingstandards.cpp.Constructor + +abstract class InitializeAllVirtualBaseClasses_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof InitializeAllVirtualBaseClasses_sharedSharedQuery } + +query predicate problems( + Constructor c, string message, Class declaringType, string declaringType_string, Class baseClass, + string baseClass_string +) { + exists(string type | + not isExcluded(c, getQuery()) and + declaringType = c.getDeclaringType() and + ( + declaringType.getABaseClass() = baseClass and type = "" + or + baseClass.(VirtualBaseClass).getAVirtuallyDerivedClass().getADerivedClass+() = declaringType and + type = " virtual" + ) and + // There is not an initializer on the constructor for this particular base class + not exists(ConstructorBaseClassInit init | + c.getAnInitializer() = init and + init.getInitializedClass() = baseClass and + not init.isCompilerGenerated() + ) and + // Must be a defined constructor + c.hasDefinition() and + // Not a compiler-generated constructor + not c.isCompilerGenerated() and + // Not a defaulted constructor + not c.isDefaulted() and + declaringType_string = declaringType.getSimpleName() and + baseClass_string = baseClass.getSimpleName() and + message = + "Constructor for $@ does not explicitly call constructor for" + type + " base class $@." + ) +} diff --git a/cpp/common/src/codingstandards/cpp/rules/initializerlistconstructoristheonlyconstructor_shared/InitializerListConstructorIsTheOnlyConstructor_shared.qll b/cpp/common/src/codingstandards/cpp/rules/initializerlistconstructoristheonlyconstructor_shared/InitializerListConstructorIsTheOnlyConstructor_shared.qll new file mode 100644 index 0000000000..75fd17761e --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/initializerlistconstructoristheonlyconstructor_shared/InitializerListConstructorIsTheOnlyConstructor_shared.qll @@ -0,0 +1,65 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class InitializerListConstructorIsTheOnlyConstructor_sharedSharedQuery extends Query { } + +Query getQuery() { + result instanceof InitializerListConstructorIsTheOnlyConstructor_sharedSharedQuery +} + +class StdInitializerList extends Class { + StdInitializerList() { hasQualifiedName("std", "initializer_list") } +} + +/** + * An _initializer-list constructor_ according to `[dcl.init.list]`. + * + * A `Constructor` where the first parameter refers to `std::initializer_list`, and any remaining + * parameters have default arguments. + */ +class InitializerListConstructor extends Constructor { + InitializerListConstructor() { + // The first parameter is a `std::intializer_list` parameter + exists(Type firstParamType | firstParamType = getParameter(0).getType() | + // Either directly `std::initializer_list` + firstParamType instanceof StdInitializerList + or + //A reference to `std::initializer_list` + firstParamType.(ReferenceType).getBaseType().getUnspecifiedType() instanceof + StdInitializerList + ) and + // All parameters other than the fi + forall(Parameter other | other = getParameter([1 .. (getNumberOfParameters() - 1)]) | + exists(other.getInitializer()) + ) + } +} + +query predicate problems( + Constructor c, string message, InitializerListConstructor stdInitializerConstructor, + string stdInitializerConstructor_string +) { + exists(string paramList | + not isExcluded(c, getQuery()) and + // Not an initializer-list constructor + not c instanceof InitializerListConstructor and + // Constructor is not a special member function constructor + not c instanceof CopyConstructor and + not c instanceof MoveConstructor and + not c.getNumberOfParameters() = 0 and // default constructor + // And there is an initalizer-list constructor + stdInitializerConstructor = c.getDeclaringType().getAConstructor() and + // Determine the parameter type list of the constructor + paramList = + concat(string parameter | parameter = c.getAParameter().getType().getName() | parameter, ",") and + message = + "The constructor " + c.getQualifiedName() + "(" + paramList + + ") may be ignored in favour of $@ when using braced initialization." and + stdInitializerConstructor_string = "the constructor accepting std::initializer_list" + ) +} diff --git a/cpp/common/src/codingstandards/cpp/rules/linesplicingusedincomments_shared/LineSplicingUsedInComments_shared.qll b/cpp/common/src/codingstandards/cpp/rules/linesplicingusedincomments_shared/LineSplicingUsedInComments_shared.qll new file mode 100644 index 0000000000..454f95b070 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/linesplicingusedincomments_shared/LineSplicingUsedInComments_shared.qll @@ -0,0 +1,17 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class LineSplicingUsedInComments_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof LineSplicingUsedInComments_sharedSharedQuery } + +query predicate problems(CppStyleComment c, string message) { + not isExcluded(c, getQuery()) and + exists(c.getContents().regexpFind("\\\n", _, _)) and + message = "C++ comment includes \\ as the last character of a line" +} diff --git a/cpp/common/src/codingstandards/cpp/rules/loopcompoundcondition_shared/LoopCompoundCondition_shared.qll b/cpp/common/src/codingstandards/cpp/rules/loopcompoundcondition_shared/LoopCompoundCondition_shared.qll new file mode 100644 index 0000000000..14fee7001e --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/loopcompoundcondition_shared/LoopCompoundCondition_shared.qll @@ -0,0 +1,17 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class LoopCompoundCondition_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof LoopCompoundCondition_sharedSharedQuery } + +query predicate problems(Loop loop, string message) { + not isExcluded(loop, getQuery()) and + not loop.getStmt() instanceof BlockStmt and + message = "Loop body not enclosed within braces." +} diff --git a/cpp/common/src/codingstandards/cpp/rules/lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.qll b/cpp/common/src/codingstandards/cpp/rules/lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.qll new file mode 100644 index 0000000000..6316367c0d --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.qll @@ -0,0 +1,18 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import codingstandards.cpp.Literals + +abstract class LowercaseLStartsInLiteralSuffix_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof LowercaseLStartsInLiteralSuffix_sharedSharedQuery } + +query predicate problems(IntegerLiteral l, string message) { + not isExcluded(l, getQuery()) and + exists(l.getValueText().indexOf("l")) and + message = "Lowercase 'l' used as a literal suffix." +} diff --git a/cpp/common/src/codingstandards/cpp/rules/macrooffsetofused_shared/MacroOffsetofUsed_shared.qll b/cpp/common/src/codingstandards/cpp/rules/macrooffsetofused_shared/MacroOffsetofUsed_shared.qll new file mode 100644 index 0000000000..285be72705 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/macrooffsetofused_shared/MacroOffsetofUsed_shared.qll @@ -0,0 +1,15 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class MacroOffsetofUsed_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof MacroOffsetofUsed_sharedSharedQuery } + +query predicate problems(MacroInvocation mi, string message) { +not isExcluded(mi, getQuery()) and mi.getMacroName() = "offsetof" and message = "Use of banned macro " + mi.getMacroName() + "." +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/rules/macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.qll b/cpp/common/src/codingstandards/cpp/rules/macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.qll new file mode 100644 index 0000000000..4eaf97123a --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.qll @@ -0,0 +1,22 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import codingstandards.cpp.Macro + +abstract class MacroParameterFollowingHash_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof MacroParameterFollowingHash_sharedSharedQuery } + +query predicate problems(Macro m, string message) { + not isExcluded(m, getQuery()) and + exists(StringizingOperator one, TokenPastingOperator two | + one.getMacro() = m and + two.getMacro() = m and + one.getOffset() < two.getOffset() + ) and + message = "Macro definition uses an # operator followed by a ## operator." +} diff --git a/cpp/common/src/codingstandards/cpp/rules/memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.qll b/cpp/common/src/codingstandards/cpp/rules/memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.qll new file mode 100644 index 0000000000..df7e0af73d --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.qll @@ -0,0 +1,251 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.CExpr +import codingstandards.cpp.Exclusions +import codingstandards.cpp.SideEffects +import codingstandards.cpp.COrdering + +abstract class MemoryOperationsNotSequencedAppropriately_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof MemoryOperationsNotSequencedAppropriately_sharedSharedQuery } + +class VariableEffectOrAccess extends Expr { + VariableEffectOrAccess() { + this instanceof VariableEffect or + this instanceof VariableAccess + } +} + +pragma[noinline] +predicate partOfFullExpr(VariableEffectOrAccess e, FullExpr fe) { + ( + exists(VariableEffect ve | e = ve and ve.getAnAccess() = fe.getAChild+() and not ve.isPartial()) + or + e.(VariableAccess) = fe.getAChild+() + ) +} + +class ConstituentExprOrdering extends Ordering::Configuration { + ConstituentExprOrdering() { this = "ConstituentExprOrdering" } + + override predicate isCandidate(Expr e1, Expr e2) { + exists(FullExpr fe | + partOfFullExpr(e1, fe) and + partOfFullExpr(e2, fe) + ) + } +} + +predicate sameFullExpr(FullExpr fe, VariableAccess va1, VariableAccess va2) { + partOfFullExpr(va1, fe) and + partOfFullExpr(va2, fe) and + va1 != va2 and + exists(Variable v1, Variable v2 | + // Use `pragma[only_bind_into]` to prevent CP between variable accesses. + va1.getTarget() = pragma[only_bind_into](v1) and va2.getTarget() = pragma[only_bind_into](v2) + | + v1.isVolatile() and v2.isVolatile() + or + not (v1.isVolatile() and v2.isVolatile()) and + v1 = v2 + ) +} + +int getLeafCount(LeftRightOperation bop) { + if + not bop.getLeftOperand() instanceof BinaryOperation and + not bop.getRightOperand() instanceof BinaryOperation + then result = 2 + else + if + bop.getLeftOperand() instanceof BinaryOperation and + not bop.getRightOperand() instanceof BinaryOperation + then result = 1 + getLeafCount(bop.getLeftOperand()) + else + if + not bop.getLeftOperand() instanceof BinaryOperation and + bop.getRightOperand() instanceof BinaryOperation + then result = 1 + getLeafCount(bop.getRightOperand()) + else result = getLeafCount(bop.getLeftOperand()) + getLeafCount(bop.getRightOperand()) +} + +class LeftRightOperation extends Expr { + LeftRightOperation() { + this instanceof BinaryOperation or + this instanceof AssignOperation or + this instanceof AssignExpr + } + + Expr getLeftOperand() { + result = this.(BinaryOperation).getLeftOperand() + or + result = this.(AssignOperation).getLValue() + or + result = this.(AssignExpr).getLValue() + } + + Expr getRightOperand() { + result = this.(BinaryOperation).getRightOperand() + or + result = this.(AssignOperation).getRValue() + or + result = this.(AssignExpr).getRValue() + } + + Expr getAnOperand() { + result = getLeftOperand() or + result = getRightOperand() + } +} + +int getOperandIndexIn(FullExpr fullExpr, Expr operand) { + result = getOperandIndex(fullExpr, operand) + or + fullExpr.(Call).getArgument(result).getAChild*() = operand +} + +int getOperandIndex(LeftRightOperation binop, Expr operand) { + if operand = binop.getAnOperand() + then + operand = binop.getLeftOperand() and + result = 0 + or + operand = binop.getRightOperand() and + result = getLeafCount(binop.getLeftOperand()) + 1 + or + operand = binop.getRightOperand() and + not binop.getLeftOperand() instanceof LeftRightOperation and + result = 1 + else ( + // Child of left operand that is a binary operation. + result = getOperandIndex(binop.getLeftOperand(), operand) + or + // Child of left operand that is not a binary operation. + result = 0 and + not binop.getLeftOperand() instanceof LeftRightOperation and + binop.getLeftOperand().getAChild+() = operand + or + // Child of right operand and both left and right operands are binary operations. + result = + getLeafCount(binop.getLeftOperand()) + getOperandIndex(binop.getRightOperand(), operand) + or + // Child of right operand and left operand is not a binary operation. + result = 1 + getOperandIndex(binop.getRightOperand(), operand) and + not binop.getLeftOperand() instanceof LeftRightOperation + or + // Child of right operand that is not a binary operation and the left operand is a binary operation. + result = getLeafCount(binop.getLeftOperand()) + 1 and + binop.getRightOperand().getAChild+() = operand and + not binop.getRightOperand() instanceof LeftRightOperation + or + // Child of right operand that is not a binary operation and the left operand is not a binary operation. + result = 1 and + not binop.getLeftOperand() instanceof LeftRightOperation and + not binop.getRightOperand() instanceof LeftRightOperation and + binop.getRightOperand().getAChild+() = operand + ) +} + +predicate inConditionalThen(ConditionalExpr ce, Expr e) { + e = ce.getThen() + or + exists(Expr parent | + inConditionalThen(ce, parent) and + parent.getAChild() = e + ) +} + +predicate inConditionalElse(ConditionalExpr ce, Expr e) { + e = ce.getElse() + or + exists(Expr parent | + inConditionalElse(ce, parent) and + parent.getAChild() = e + ) +} + +predicate isUnsequencedEffect( + ConstituentExprOrdering orderingConfig, FullExpr fullExpr, VariableEffect variableEffect1, + VariableAccess va1, VariableAccess va2, Locatable placeHolder, string label +) { + // The two access are scoped to the same full expression. + sameFullExpr(fullExpr, va1, va2) and + // We are only interested in effects that change an object, + // i.e., exclude patterns suchs as `b->data[b->cursor++]` where `b` is considered modified and read or `foo.bar = 1` where `=` modifies to both `foo` and `bar`. + not variableEffect1.isPartial() and + variableEffect1.getAnAccess() = va1 and + ( + exists(VariableEffect variableEffect2 | + not variableEffect2.isPartial() and + variableEffect2.getAnAccess() = va2 and + // If the effect is not local (happens in a different function) we use the call with the access as a proxy. + ( + va1.getEnclosingStmt() = variableEffect1.getEnclosingStmt() and + va2.getEnclosingStmt() = variableEffect2.getEnclosingStmt() and + orderingConfig.isUnsequenced(variableEffect1, variableEffect2) + or + va1.getEnclosingStmt() = variableEffect1.getEnclosingStmt() and + not va2.getEnclosingStmt() = variableEffect2.getEnclosingStmt() and + exists(Call call | + call.getAnArgument() = va2 and call.getEnclosingStmt() = va1.getEnclosingStmt() + | + orderingConfig.isUnsequenced(variableEffect1, call) + ) + or + not va1.getEnclosingStmt() = variableEffect1.getEnclosingStmt() and + va2.getEnclosingStmt() = variableEffect2.getEnclosingStmt() and + exists(Call call | + call.getAnArgument() = va1 and call.getEnclosingStmt() = va2.getEnclosingStmt() + | + orderingConfig.isUnsequenced(call, variableEffect2) + ) + ) and + // Break the symmetry of the ordering relation by requiring that the first expression is located before the second. + // This builds upon the assumption that the expressions are part of the same full expression as specified in the ordering configuration. + getOperandIndexIn(fullExpr, va1) < getOperandIndexIn(fullExpr, va2) and + placeHolder = variableEffect2 and + label = "side effect" + ) + or + placeHolder = va2 and + label = "read" and + not exists(VariableEffect variableEffect2 | variableEffect1 != variableEffect2 | + variableEffect2.getAnAccess() = va2 + ) and + ( + va1.getEnclosingStmt() = variableEffect1.getEnclosingStmt() and + orderingConfig.isUnsequenced(variableEffect1, va2) + or + not va1.getEnclosingStmt() = variableEffect1.getEnclosingStmt() and + exists(Call call | + call.getAnArgument() = va1 and call.getEnclosingStmt() = va2.getEnclosingStmt() + | + orderingConfig.isUnsequenced(call, va2) + ) + ) and + // The read is not used to compute the effect on the variable. + // E.g., exclude x = x + 1 + not variableEffect1.getAChild+() = va2 + ) and + // Both are evaluated + not exists(ConditionalExpr ce | inConditionalThen(ce, va1) and inConditionalElse(ce, va2)) +} + +query predicate problems( + FullExpr fullExpr, string message, VariableEffect variableEffect1, string variableEffect1_string, + Locatable placeHolder, string label, VariableAccess va1, string va1_string, VariableAccess va2, + string va2_string +) { + exists(ConstituentExprOrdering orderingConfig | + not isExcluded(fullExpr, getQuery()) and + isUnsequencedEffect(orderingConfig, fullExpr, variableEffect1, va1, va2, placeHolder, label) and + message = "The expression contains unsequenced $@ to $@ and $@ to $@." and + variableEffect1_string = "side effect" and + va1_string = va1.getTarget().getName() and + va2_string = va2.getTarget().getName() + ) +} diff --git a/cpp/common/src/codingstandards/cpp/rules/multipleglobalormemberdeclarators_shared/MultipleGlobalOrMemberDeclarators_shared.qll b/cpp/common/src/codingstandards/cpp/rules/multipleglobalormemberdeclarators_shared/MultipleGlobalOrMemberDeclarators_shared.qll new file mode 100644 index 0000000000..317605cd1f --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/multipleglobalormemberdeclarators_shared/MultipleGlobalOrMemberDeclarators_shared.qll @@ -0,0 +1,65 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class MultipleGlobalOrMemberDeclarators_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof MultipleGlobalOrMemberDeclarators_sharedSharedQuery } + +/* + * Unfortunately, we do not have an equivalent of `DeclStmt` for non-local declarations, so we + * cannot determine whether a declaration was declared with another declaration. + * + * However, we can use location trickery to figure out if the declaration occurs close enough to + * another declaration that it _must_ have been declared within the same declaration sequence. + * + * We do this by requiring that the end location of a previous declaration is within a certain + * number of characters of the start location of the current declaration. + */ + +/** + * A `Declaration` which is not in a local scope, and is written directly by the user. + * + * These act as "candidates" for declarations that could plausibly occur in a declaration sequence + * with other candidates. + */ +class NonLocalUserDeclaration extends Declaration { + NonLocalUserDeclaration() { + not this instanceof StackVariable and + not this instanceof TemplateParameter and + not this instanceof EnumConstant and + not this instanceof TypedefType and + not any(LambdaCapture lc).getField() = this and + not this.(Function).isCompilerGenerated() and + not this.(Variable).isCompilerGenerated() and + not this.(Parameter).getFunction().isCompilerGenerated() and + not this.isInMacroExpansion() and + not exists(Struct s, TypedefType t | + s.isAnonymous() and + t.getBaseType() = s and + this = s.getAMemberVariable() + ) + } +} + +/** + * Holds if `d1` is followed directly by `d2`. + */ +predicate isFollowingDeclaration(NonLocalUserDeclaration d1, NonLocalUserDeclaration d2) { + exists(string filepath, int startline, int startcolumn, int endline, int endcolumn | + d1.getLocation().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) and + d2.getLocation().hasLocationInfo(filepath, startline, endcolumn + [2 .. 3], endline, _) + ) and + not d1.(UserType).stripType() = d2.(Variable).getType().stripType() +} + +query predicate problems(NonLocalUserDeclaration d1, string message) { + not isExcluded(d1, getQuery()) and + isFollowingDeclaration(d1, _) and + not isFollowingDeclaration(_, d1) and + message = "Multiple declarations after " + d1.getName() + " in this declaration sequence." +} diff --git a/cpp/common/src/codingstandards/cpp/rules/multiplelocaldeclarators_shared/MultipleLocalDeclarators_shared.qll b/cpp/common/src/codingstandards/cpp/rules/multiplelocaldeclarators_shared/MultipleLocalDeclarators_shared.qll new file mode 100644 index 0000000000..41c396bddc --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/multiplelocaldeclarators_shared/MultipleLocalDeclarators_shared.qll @@ -0,0 +1,19 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class MultipleLocalDeclarators_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof MultipleLocalDeclarators_sharedSharedQuery } + +query predicate problems(DeclStmt ds, string message) { + not isExcluded(ds, getQuery()) and + count(Declaration d | d = ds.getADeclaration()) > 1 and + // Not a compiler generated `DeclStmt`, such as in the range-based for loop + not ds.isCompilerGenerated() and + message = "Declaration list contains more than one declaration." +} diff --git a/cpp/common/src/codingstandards/cpp/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.qll b/cpp/common/src/codingstandards/cpp/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.qll new file mode 100644 index 0000000000..6542caf889 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.qll @@ -0,0 +1,19 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class NamedBitFieldsWithSignedIntegerType_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof NamedBitFieldsWithSignedIntegerType_sharedSharedQuery } + +query predicate problems(BitField bitField, string message) { + not isExcluded(bitField, getQuery()) and + bitField.getDeclaredNumBits() = 1 and // Single-bit, + not bitField.isAnonymous() and // named, + bitField.getType().(IntegralType).isSigned() and // but its type is signed. + message = "A named bit-field with signed integral type should have at least 2 bits of storage." +} diff --git a/cpp/common/src/codingstandards/cpp/rules/namenotreferredusingaqualifiedidorthis_shared/NameNotReferredUsingAQualifiedIdOrThis_shared.qll b/cpp/common/src/codingstandards/cpp/rules/namenotreferredusingaqualifiedidorthis_shared/NameNotReferredUsingAQualifiedIdOrThis_shared.qll new file mode 100644 index 0000000000..49149ef171 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/namenotreferredusingaqualifiedidorthis_shared/NameNotReferredUsingAQualifiedIdOrThis_shared.qll @@ -0,0 +1,35 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import codingstandards.cpp.NameInDependentBase + +abstract class NameNotReferredUsingAQualifiedIdOrThis_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof NameNotReferredUsingAQualifiedIdOrThis_sharedSharedQuery } + +query predicate problems( + NameQualifiableElement fn, string message, Element actualTarget, string targetName, + Element dependentTypeMemberWithSameName, string dependentType_string +) { + not isExcluded(fn, getQuery()) and + missingNameQualifier(fn) and + exists(TemplateClass c | + fn = getConfusingFunctionAccess(c, targetName, actualTarget, dependentTypeMemberWithSameName) + or + fn = getConfusingFunctionCall(c, targetName, actualTarget, dependentTypeMemberWithSameName) and + not exists(Expr e | e = fn.(FunctionCall).getQualifier()) + or + fn = + getConfusingMemberVariableAccess(c, targetName, actualTarget, dependentTypeMemberWithSameName) and + not exists(Expr e | e = fn.(VariableAccess).getQualifier()) + ) and + not fn.isAffectedByMacro() and + message = + "Use of unqualified identifier " + targetName + + " targets $@ but a member with the name also exists $@." and + dependentType_string = "in the dependent base class" +} diff --git a/cpp/common/src/codingstandards/cpp/rules/namenotreferredusingaqualifiedidorthisaudit_shared/NameNotReferredUsingAQualifiedIdOrThisAudit_shared.qll b/cpp/common/src/codingstandards/cpp/rules/namenotreferredusingaqualifiedidorthisaudit_shared/NameNotReferredUsingAQualifiedIdOrThisAudit_shared.qll new file mode 100644 index 0000000000..1b97c1f56d --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/namenotreferredusingaqualifiedidorthisaudit_shared/NameNotReferredUsingAQualifiedIdOrThisAudit_shared.qll @@ -0,0 +1,36 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import codingstandards.cpp.NameInDependentBase + +abstract class NameNotReferredUsingAQualifiedIdOrThisAudit_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof NameNotReferredUsingAQualifiedIdOrThisAudit_sharedSharedQuery } + +query predicate problems( + NameQualifiableElement fn, string message, Element actualTarget, string targetName, + Element dependentTypeMemberWithSameName, string dependentType_string +) { + not isExcluded(fn, getQuery()) and + not isCustomExcluded(fn) and + missingNameQualifier(fn) and + exists(TemplateClass c | + fn = getConfusingFunctionAccess(c, targetName, actualTarget, dependentTypeMemberWithSameName) + or + fn = getConfusingFunctionCall(c, targetName, actualTarget, dependentTypeMemberWithSameName) and + not exists(Expr e | e = fn.(FunctionCall).getQualifier()) + or + not fn.(VariableAccess).getTarget() instanceof Parameter and + fn = + getConfusingMemberVariableAccess(c, targetName, actualTarget, dependentTypeMemberWithSameName) and + not exists(Expr e | e = fn.(VariableAccess).getQualifier()) + ) and + message = + "Use of unqualified identifier " + targetName + + " targets $@ but a member with the name also exists $@." and + dependentType_string = "in the dependent base class" +} diff --git a/cpp/common/src/codingstandards/cpp/rules/noexceptfunctionshouldnotpropagatetothecaller_shared/NoexceptFunctionShouldNotPropagateToTheCaller_shared.qll b/cpp/common/src/codingstandards/cpp/rules/noexceptfunctionshouldnotpropagatetothecaller_shared/NoexceptFunctionShouldNotPropagateToTheCaller_shared.qll new file mode 100644 index 0000000000..31a606c0db --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/noexceptfunctionshouldnotpropagatetothecaller_shared/NoexceptFunctionShouldNotPropagateToTheCaller_shared.qll @@ -0,0 +1,38 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import codingstandards.cpp.exceptions.ExceptionFlow +import ExceptionPathGraph +import codingstandards.cpp.exceptions.ExceptionSpecifications + +abstract class NoexceptFunctionShouldNotPropagateToTheCaller_sharedSharedQuery extends Query { } + +Query getQuery() { + result instanceof NoexceptFunctionShouldNotPropagateToTheCaller_sharedSharedQuery +} + +class NoExceptThrowingFunction extends ExceptionThrowingFunction { + NoExceptThrowingFunction() { + // Can exit with an exception + exists(getAFunctionThrownType(_, _)) and + // But is marked noexcept(true) or equivalent + isNoExceptTrue(this) + } +} + +query predicate problems( + NoExceptThrowingFunction f, ExceptionFlowNode exceptionSource, ExceptionFlowNode functionNode, + string message +) { + exists(ExceptionType exceptionType | + not isExcluded(f, getQuery()) and + f.hasExceptionFlow(exceptionSource, functionNode, exceptionType) and + message = + "Function " + f.getName() + " is declared noexcept(true) but can throw exceptions of type " + + exceptionType.getExceptionName() + "." + ) +} diff --git a/cpp/common/src/codingstandards/cpp/rules/nonglobalfunctionmain_shared/NonGlobalFunctionMain_shared.qll b/cpp/common/src/codingstandards/cpp/rules/nonglobalfunctionmain_shared/NonGlobalFunctionMain_shared.qll new file mode 100644 index 0000000000..69a7e7e091 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/nonglobalfunctionmain_shared/NonGlobalFunctionMain_shared.qll @@ -0,0 +1,18 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class NonGlobalFunctionMain_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof NonGlobalFunctionMain_sharedSharedQuery } + +query predicate problems(Function f, string message) { + not isExcluded(f, getQuery()) and + f.hasName("main") and + not f.hasGlobalName("main") and + message = "Identifier main used for a function other than the global function main." +} diff --git a/cpp/common/src/codingstandards/cpp/rules/nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.qll b/cpp/common/src/codingstandards/cpp/rules/nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.qll new file mode 100644 index 0000000000..4f479a5bdb --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.qll @@ -0,0 +1,42 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class NonTerminatedEscapeSequences_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof NonTerminatedEscapeSequences_sharedSharedQuery } + +bindingset[s] +predicate isOctalEscape(string s) { + s.charAt(0) = "\\" and + exists(int i | i = [0 .. 7] | i.toString() = s.charAt(1)) +} + +bindingset[s] +predicate isHexEscape(string s) { s.indexOf("\\x") = 0 } + +query predicate problems(Literal l, string message) { + not isExcluded(l, getQuery()) and + exists(int idx, string sl, string escapeKind, string s | + sl = l.getValueText() and + idx = sl.indexOf("\\") and + s = sl.substring(idx, sl.length()) and + // Note: Octal representations must be 1-3 digits. There is no limitation on a + // Hex literal as long as the characters are valid. This query does not consider + // if the hex literal being constructed will overflow. + ( + isHexEscape(s) and + not s.regexpMatch("^((\\\\x[0-9A-F]+(?=[\"'\\\\])))[\\s\\S]*") and + escapeKind = "hexadecimal" + or + isOctalEscape(s) and + not s.regexpMatch("^(((\\\\[0-7]{1,3})(?=[\"'\\\\])))[\\s\\S]*") and + escapeKind = "octal" + ) and + message = "Invalid " + escapeKind + " escape in string literal at '" + s + "'." + ) +} diff --git a/cpp/common/src/codingstandards/cpp/rules/nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.qll b/cpp/common/src/codingstandards/cpp/rules/nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.qll new file mode 100644 index 0000000000..a9831d9ead --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.qll @@ -0,0 +1,36 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class NonUniqueEnumerationConstant_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof NonUniqueEnumerationConstant_sharedSharedQuery } + +/** + * An `EnumConstant` that has an implicitly specified value: + * `enum e { explicit = 1, implicit }` + */ +class ImplicitlySpecifiedEnumConstant extends EnumConstant { + ImplicitlySpecifiedEnumConstant() { + //implicitly specified have an initializer with location: `file://:0:0:0:0` + not this.getInitializer().getLocation().getFile() = this.getFile() + } +} + +query predicate problems( + ImplicitlySpecifiedEnumConstant imp, string message, EnumConstant exp, string exp_string +) { + not isExcluded(imp, getQuery()) and + not isExcluded(exp, getQuery()) and + not exp = imp and + imp.getValue() = exp.getValue() and + imp.getDeclaringEnum() = exp.getDeclaringEnum() and + //can technically be the same declared enum across multiple headers but those are not relevant to this rule + imp.getFile() = exp.getFile() and + message = "Nonunique value of enum constant compared to $@" and + exp_string = exp.getName() +} diff --git a/cpp/common/src/codingstandards/cpp/rules/nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.qll b/cpp/common/src/codingstandards/cpp/rules/nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.qll new file mode 100644 index 0000000000..992a1ac645 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.qll @@ -0,0 +1,26 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import semmle.code.cpp.commons.NULL + +abstract class NullptrNotTheOnlyFormOfTheNullPointerConstant_sharedSharedQuery extends Query { } + +Query getQuery() { + result instanceof NullptrNotTheOnlyFormOfTheNullPointerConstant_sharedSharedQuery +} + +query predicate problems(Literal l, string message) { + not isExcluded(l, getQuery()) and // Not the type of the nullptr literal + not l.getType() instanceof NullPointerType and + // Converted to a pointer type + l.getConversion().getType().getUnspecifiedType() instanceof PointerType and + // Value of zero + l.getValue() = "0" and + // Not the StringLiteral "0" + not l instanceof StringLiteral and + message = l.getValueText() + " is used as the null-pointer-constant but is not nullptr." +} diff --git a/cpp/common/src/codingstandards/cpp/rules/objectsdynamictypeusedfromconstructorordestructor_shared/ObjectsDynamicTypeUsedFromConstructorOrDestructor_shared.qll b/cpp/common/src/codingstandards/cpp/rules/objectsdynamictypeusedfromconstructorordestructor_shared/ObjectsDynamicTypeUsedFromConstructorOrDestructor_shared.qll new file mode 100644 index 0000000000..992b568f2a --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/objectsdynamictypeusedfromconstructorordestructor_shared/ObjectsDynamicTypeUsedFromConstructorOrDestructor_shared.qll @@ -0,0 +1,91 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class ObjectsDynamicTypeUsedFromConstructorOrDestructor_sharedSharedQuery extends Query { } + +Query getQuery() { + result instanceof ObjectsDynamicTypeUsedFromConstructorOrDestructor_sharedSharedQuery +} + +predicate thisCall(FunctionCall c) { + c.getQualifier() instanceof ThisExpr or + c.getQualifier().(PointerDereferenceExpr).getChild(0) instanceof ThisExpr +} + +predicate virtualThisCall(FunctionCall c, Function overridingFunction) { + c.isVirtual() and + thisCall(c) and + overridingFunction = c.getTarget().(VirtualFunction).getAnOverridingFunction() +} + +class DynamicTypeExpr extends Expr { + DynamicTypeExpr() { + this instanceof TypeidOperator and + this.getEnclosingFunction().getDeclaringType().isPolymorphic() + or + this instanceof DynamicCast + or + virtualThisCall(this.(FunctionCall), _) + } +} + +/* + * Catch most cases: go into functions in the same class, but only catch direct + * references to "this". + */ + +predicate nonVirtualMemberFunction(MemberFunction mf, Class c) { + mf = c.getAMemberFunction() and + not mf instanceof Constructor and + not mf instanceof Destructor and + not mf.isVirtual() +} + +predicate callFromNonVirtual(MemberFunction source, Class c, MemberFunction targ) { + exists(FunctionCall fc | + fc.getEnclosingFunction() = source and fc.getTarget() = targ and thisCall(fc) + ) and + targ = c.getAMemberFunction() and + nonVirtualMemberFunction(source, c) +} + +predicate indirectlyInvokesDynamicTypeExpr(MemberFunction caller, DynamicTypeExpr target) { + target = + any(DynamicTypeExpr expr | + expr.getEnclosingFunction() = caller and + nonVirtualMemberFunction(caller, caller.getDeclaringType()) + ) + or + exists(MemberFunction mid | + indirectlyInvokesDynamicTypeExpr(mid, target) and + callFromNonVirtual(caller, caller.getDeclaringType(), mid) + ) +} + +query predicate problems( + DynamicTypeExpr expr, string explanation, MemberFunction mf, string mf_string +) { + not isExcluded(expr, getQuery()) and + ( + mf instanceof Constructor or + mf instanceof Destructor + ) and + mf_string = mf.getQualifiedName() and + exists(FunctionCall call | + mf = expr.getEnclosingFunction() and + explanation = "$@ uses the dynamic type of its own object." + or + mf != expr.getEnclosingFunction() and + mf = call.getEnclosingFunction() and + thisCall(call) and + indirectlyInvokesDynamicTypeExpr(call.getTarget(), expr) and + explanation = + "$@ calls " + call.getTarget().getQualifiedName() + + ", which uses the dynamic type of its own object." + ) +} diff --git a/cpp/common/src/codingstandards/cpp/rules/overridingshallspecifydifferentdefaultarguments_shared/OverridingShallSpecifyDifferentDefaultArguments_shared.qll b/cpp/common/src/codingstandards/cpp/rules/overridingshallspecifydifferentdefaultarguments_shared/OverridingShallSpecifyDifferentDefaultArguments_shared.qll new file mode 100644 index 0000000000..f9438cefc8 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/overridingshallspecifydifferentdefaultarguments_shared/OverridingShallSpecifyDifferentDefaultArguments_shared.qll @@ -0,0 +1,37 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class OverridingShallSpecifyDifferentDefaultArguments_sharedSharedQuery extends Query { } + +Query getQuery() { + result instanceof OverridingShallSpecifyDifferentDefaultArguments_sharedSharedQuery +} + +query predicate problems(VirtualFunction f2, string message, VirtualFunction f1, string f1_string) { + not isExcluded(f2, getQuery()) and + not isExcluded(f1, getQuery()) and + f2 = f1.getAnOverridingFunction() and + exists(Parameter p1, Parameter p2 | + p1 = f1.getAParameter() and + p2 = f2.getParameter(p1.getIndex()) + | + if p1.hasInitializer() + then + // if there is no initializer + not p2.hasInitializer() + or + // if there is one and it doesn't match + not p1.getInitializer().getExpr().getValueText() = + p2.getInitializer().getExpr().getValueText() + else + // if p1 doesn't have an initializer p2 shouldn't either + p2.hasInitializer() + ) and + message = "Overriding function does not have the same default parameters as $@" and + f1_string = "overridden function" +} diff --git a/cpp/common/src/codingstandards/cpp/rules/potentiallyvirtualpointeronlycomparestonullptr_shared/PotentiallyVirtualPointerOnlyComparesToNullptr_shared.qll b/cpp/common/src/codingstandards/cpp/rules/potentiallyvirtualpointeronlycomparestonullptr_shared/PotentiallyVirtualPointerOnlyComparesToNullptr_shared.qll new file mode 100644 index 0000000000..be93180112 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/potentiallyvirtualpointeronlycomparestonullptr_shared/PotentiallyVirtualPointerOnlyComparesToNullptr_shared.qll @@ -0,0 +1,32 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class PotentiallyVirtualPointerOnlyComparesToNullptr_sharedSharedQuery extends Query { } + +Query getQuery() { + result instanceof PotentiallyVirtualPointerOnlyComparesToNullptr_sharedSharedQuery +} + +query predicate problems( + EqualityOperation equalityComparison, string message, MemberFunction virtualFunction, + string virtualFunction_string, Expr otherOperand, string otherOperand_string +) { + not isExcluded(equalityComparison, getQuery()) and + exists(FunctionAccess accessOperand | + virtualFunction.isVirtual() and + equalityComparison.getAnOperand() = accessOperand and + accessOperand.getTarget() = virtualFunction and + otherOperand = equalityComparison.getAnOperand() and + not otherOperand = accessOperand and + not otherOperand.getType() instanceof NullPointerType and + message = + "A pointer to member virtual function $@ is tested for equality with non-null-pointer-constant $@." and + virtualFunction_string = virtualFunction.getName() and + otherOperand_string = otherOperand.toString() + ) +} diff --git a/cpp/common/src/codingstandards/cpp/rules/reinterpretcastused_shared/ReinterpretCastUsed_shared.qll b/cpp/common/src/codingstandards/cpp/rules/reinterpretcastused_shared/ReinterpretCastUsed_shared.qll new file mode 100644 index 0000000000..b325b8ba47 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/reinterpretcastused_shared/ReinterpretCastUsed_shared.qll @@ -0,0 +1,15 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class ReinterpretCastUsed_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof ReinterpretCastUsed_sharedSharedQuery } + +query predicate problems(ReinterpretCast rc, string message) { + not isExcluded(rc, getQuery()) and message = "Use of reinterpret_cast." +} diff --git a/cpp/common/src/codingstandards/cpp/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.qll b/cpp/common/src/codingstandards/cpp/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.qll new file mode 100644 index 0000000000..d44d3d2b8e --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.qll @@ -0,0 +1,17 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class ResultOfAnAssignmentOperatorShouldNotBeUsed_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof ResultOfAnAssignmentOperatorShouldNotBeUsed_sharedSharedQuery } + +query predicate problems(AssignExpr e, string message) { + not isExcluded(e, getQuery()) and + not exists(ExprStmt s | s.getExpr() = e) and + message = "Use of an assignment operator's result." +} diff --git a/cpp/common/src/codingstandards/cpp/rules/returnreferenceorpointertoautomaticlocalvariable_shared/ReturnReferenceOrPointerToAutomaticLocalVariable_shared.qll b/cpp/common/src/codingstandards/cpp/rules/returnreferenceorpointertoautomaticlocalvariable_shared/ReturnReferenceOrPointerToAutomaticLocalVariable_shared.qll new file mode 100644 index 0000000000..e3444fe368 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/returnreferenceorpointertoautomaticlocalvariable_shared/ReturnReferenceOrPointerToAutomaticLocalVariable_shared.qll @@ -0,0 +1,36 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class ReturnReferenceOrPointerToAutomaticLocalVariable_sharedSharedQuery extends Query { } + +Query getQuery() { + result instanceof ReturnReferenceOrPointerToAutomaticLocalVariable_sharedSharedQuery +} + +query predicate problems( + ReturnStmt rs, string message, Function f, string f_string, Variable auto, string auto_string +) { + exists(VariableAccess va, string returnType | + not isExcluded(rs, getQuery()) and + f = rs.getEnclosingFunction() and + ( + f.getType() instanceof ReferenceType and va = rs.getExpr() and returnType = "reference" + or + f.getType() instanceof PointerType and + va = rs.getExpr().(AddressOfExpr).getOperand() and + returnType = "pointer" + ) and + auto = va.getTarget() and + not auto.isStatic() and + not f.isCompilerGenerated() and + not auto.getType() instanceof ReferenceType and + message = "The $@ returns a " + returnType + "to an $@ variable" and + f_string = f.getName() and + auto_string = "automatic" + ) +} diff --git a/cpp/common/src/codingstandards/cpp/rules/switchcompoundcondition_shared/SwitchCompoundCondition_shared.qll b/cpp/common/src/codingstandards/cpp/rules/switchcompoundcondition_shared/SwitchCompoundCondition_shared.qll new file mode 100644 index 0000000000..2db252da61 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/switchcompoundcondition_shared/SwitchCompoundCondition_shared.qll @@ -0,0 +1,44 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class SwitchCompoundCondition_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof SwitchCompoundCondition_sharedSharedQuery } + +/** + * Class to differentiate between extractor generated blockstmt and actual blockstmt. The extractor + * will generate an artificial blockstmt when there is a single case and statement, e.g. + * ``` + * switch(x) + * case 1: + * f(); + * ``` + * This is because our AST model considers the `case` to be a statement in its own right, so the + * extractor needs an aritifical block to hold both the case and the statement. + */ +class ArtificialBlock extends BlockStmt { + ArtificialBlock() { + exists(Location block, Location firstStatement | + block = getLocation() and firstStatement = getStmt(0).getLocation() + | + // We can identify artificial blocks as those where the start of the statement is at the same + // location as the start of the first statement in the block i.e. there was no opening brace. + block.getStartLine() = firstStatement.getStartLine() and + block.getStartColumn() = firstStatement.getStartColumn() + ) + } +} + +query predicate problems(SwitchStmt switch, string message) { + ( + switch.getStmt() instanceof ArtificialBlock or + not switch.getStmt() instanceof BlockStmt + ) and + not isExcluded(switch, getQuery()) and + message = "Switch body not enclosed within braces." +} diff --git a/cpp/common/src/codingstandards/cpp/rules/unsignedintegerliteralsnotappropriatelysuffixed_shared/UnsignedIntegerLiteralsNotAppropriatelySuffixed_shared.qll b/cpp/common/src/codingstandards/cpp/rules/unsignedintegerliteralsnotappropriatelysuffixed_shared/UnsignedIntegerLiteralsNotAppropriatelySuffixed_shared.qll new file mode 100644 index 0000000000..a59a4e6fd5 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/unsignedintegerliteralsnotappropriatelysuffixed_shared/UnsignedIntegerLiteralsNotAppropriatelySuffixed_shared.qll @@ -0,0 +1,30 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import codingstandards.cpp.Cpp14Literal + +abstract class UnsignedIntegerLiteralsNotAppropriatelySuffixed_sharedSharedQuery extends Query { } + +Query getQuery() { + result instanceof UnsignedIntegerLiteralsNotAppropriatelySuffixed_sharedSharedQuery +} + +query predicate problems(Cpp14Literal::NumericLiteral nl, string message) { + exists(string literalKind | + not isExcluded(nl, getQuery()) and + ( + nl instanceof Cpp14Literal::OctalLiteral and literalKind = "Octal" + or + nl instanceof Cpp14Literal::HexLiteral and literalKind = "Hex" + ) and + // This either directly has an unsigned integer type, or it is converted to an unsigned integer type + nl.getType().getUnspecifiedType().(IntegralType).isUnsigned() and + // The literal already has a `u` or `U` suffix. + not nl.getValueText().regexpMatch(".*[lL]*[uU][lL]*") and + message = literalKind + " literal is an unsigned integer but does not include a 'U' suffix." + ) +} diff --git a/cpp/common/src/codingstandards/cpp/rules/unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.qll b/cpp/common/src/codingstandards/cpp/rules/unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.qll new file mode 100644 index 0000000000..9020e9c5f0 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.qll @@ -0,0 +1,32 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import codingstandards.cpp.Overflow +import semmle.code.cpp.controlflow.Guards +import semmle.code.cpp.valuenumbering.GlobalValueNumbering + +abstract class UnsignedOperationWithConstantOperandsWraps_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof UnsignedOperationWithConstantOperandsWraps_sharedSharedQuery } + +query predicate problems(InterestingOverflowingOperation op, string message) { + not isExcluded(op, getQuery()) and + op.getType().getUnderlyingType().(IntegralType).isUnsigned() and + // Not within a guard condition + not exists(GuardCondition gc | gc.getAChild*() = op) and + // Not guarded by a check, where the check is not an invalid overflow check + not op.hasValidPreCheck() and + // Is not checked after the operation + not op.hasValidPostCheck() and + // Permitted by exception 3 + not op instanceof LShiftExpr and + // Permitted by exception 2 - zero case is handled in separate query + not op instanceof DivExpr and + not op instanceof RemExpr and + message = + "Operation " + op.getOperator() + " of type " + op.getType().getUnderlyingType() + " may wrap." +} diff --git a/cpp/common/src/codingstandards/cpp/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.qll b/cpp/common/src/codingstandards/cpp/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.qll new file mode 100644 index 0000000000..8c952da18e --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.qll @@ -0,0 +1,18 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import codingstandards.cpp.Cpp14Literal + +abstract class UseOfNonZeroOctalLiteral_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof UseOfNonZeroOctalLiteral_sharedSharedQuery } + +query predicate problems(Cpp14Literal::OctalLiteral octalLiteral, string message) { + not isExcluded(octalLiteral, getQuery()) and + not octalLiteral.getValue() = "0" and + message = "Non zero octal literal " + octalLiteral.getValueText() + "." +} diff --git a/cpp/common/src/codingstandards/cpp/rules/vectorshouldnotbespecializedwithbool_shared/VectorShouldNotBeSpecializedWithBool_shared.qll b/cpp/common/src/codingstandards/cpp/rules/vectorshouldnotbespecializedwithbool_shared/VectorShouldNotBeSpecializedWithBool_shared.qll new file mode 100644 index 0000000000..1fda305df2 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/vectorshouldnotbespecializedwithbool_shared/VectorShouldNotBeSpecializedWithBool_shared.qll @@ -0,0 +1,33 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import codingstandards.cpp.StdNamespace + +abstract class VectorShouldNotBeSpecializedWithBool_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof VectorShouldNotBeSpecializedWithBool_sharedSharedQuery } + +predicate isVectorBool(ClassTemplateInstantiation c) { + c.getNamespace() instanceof StdNS and + c.getTemplateArgument(0) instanceof BoolType and + c.getSimpleName() = "vector" +} + +predicate isUsingVectorBool(ClassTemplateInstantiation c) { + isVectorBool(c) or + isUsingVectorBool(c.getTemplateArgument(_)) +} + +query predicate problems(Variable v, string message) { + exists(ClassTemplateInstantiation c | + not isExcluded(v, getQuery()) and + v.getUnderlyingType() = c and + not v.isFromTemplateInstantiation(_) and + isUsingVectorBool(c) and + message = "Use of std::vector specialization." + ) +} diff --git a/cpp/common/src/codingstandards/cpp/rules/virtualandnonvirtualclassinthehierarchy_shared/VirtualAndNonVirtualClassInTheHierarchy_shared.qll b/cpp/common/src/codingstandards/cpp/rules/virtualandnonvirtualclassinthehierarchy_shared/VirtualAndNonVirtualClassInTheHierarchy_shared.qll new file mode 100644 index 0000000000..44e814c29b --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/virtualandnonvirtualclassinthehierarchy_shared/VirtualAndNonVirtualClassInTheHierarchy_shared.qll @@ -0,0 +1,38 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class VirtualAndNonVirtualClassInTheHierarchy_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof VirtualAndNonVirtualClassInTheHierarchy_sharedSharedQuery } + +query predicate problems( + Class c3, string message, Class base, string base_string, ClassDerivation cd1, string cd1_string, + Class c2, string c2_string +) { + exists(Class c1, ClassDerivation cd2 | + not isExcluded(c3, getQuery()) and + // for each pair of classes, get all of their derivations + cd1 = c1.getADerivation() and + cd2 = c2.getADerivation() and + // where they share the same base class + base = cd1.getBaseClass() and + base = cd2.getBaseClass() and + // but one is virtual, and one is not, and the derivations are in different classes + cd1.isVirtual() and + not cd2.isVirtual() and + // and there is some 'other class' that derives from both of these classes + c3.derivesFrom*(c1) and + c3.derivesFrom*(c2) and + // and the base class is accessible from the 'other class' + c3.getAMemberFunction().getEnclosingAccessHolder().canAccessClass(base, c3) and + message = "Class inherits base class $@, which is derived virtual by $@ and non-virtual by $@." and + base_string = base.getName() and + cd1_string = cd1.getDerivedClass().toString() and + c2_string = cd2.getDerivedClass().toString() + ) +} diff --git a/cpp/common/test/includes/standard-library/assert.h b/cpp/common/test/includes/standard-library/assert.h index e69de29bb2..ee60d0748f 100644 --- a/cpp/common/test/includes/standard-library/assert.h +++ b/cpp/common/test/includes/standard-library/assert.h @@ -0,0 +1 @@ +#define assert(x) (void)0 diff --git a/cpp/common/test/includes/standard-library/ctime b/cpp/common/test/includes/standard-library/ctime index f99aab4fb3..53ab219208 100644 --- a/cpp/common/test/includes/standard-library/ctime +++ b/cpp/common/test/includes/standard-library/ctime @@ -1,39 +1,7 @@ #ifndef _GHLIBCPP_CTIME #define _GHLIBCPP_CTIME - -namespace std -{ - typedef unsigned long clock_t; - typedef unsigned long time_t; +#include "time.h" +namespace std { - typedef unsigned long size_t; - struct tm - { - int tm_sec; - int tm_min; - int tm_hour; - int tm_mday; - int tm_mon; - int tm_year; - int tm_wday; - int tm_yday; - int tm_isdst; - }; - - - clock_t clock (void); - double difftime (clock_t end, clock_t beginning); - time_t mktime (struct tm * timeptr); - time_t time (time_t* timer); - char* asctime (const struct tm * timeptr); - - char* ctime (const time_t * timer); - struct tm * gmtime (const time_t * timer); - struct tm * localtime (const time_t * timer); - size_t strftime (char* ptr, size_t maxsize, const char* format, - const struct tm* timeptr ); - -} - - -#endif \ No newline at end of file +} // namespace std +#endif // _GHLIBCPP_CTIME \ No newline at end of file diff --git a/cpp/common/test/includes/standard-library/locale.h b/cpp/common/test/includes/standard-library/locale.h index 346c4eeef5..19a8905531 100644 --- a/cpp/common/test/includes/standard-library/locale.h +++ b/cpp/common/test/includes/standard-library/locale.h @@ -1,8 +1,38 @@ #ifndef _GHLIBCPP_LOCALE #define _GHLIBCPP_LOCALE -struct lconv; -char *setlocale(int, const char *); -lconv *localeconv(); +#define LC_ALL 6 + +struct lconv { + char *decimal_point; + char *thousands_sep; + char *grouping; + + char *int_curr_symbol; + char *currency_symbol; + char *mon_decimal_point; + char *mon_thousands_sep; + char *mon_grouping; + char *positive_sign; + char *negative_sign; + char int_frac_digits; + char frac_digits; + char p_cs_precedes; + char p_sep_by_space; + char n_cs_precedes; + char n_sep_by_space; + char p_sign_posn; + char n_sign_posn; + char int_p_cs_precedes; + char int_p_sep_by_space; + char int_n_cs_precedes; + char int_n_sep_by_space; + char int_p_sign_posn; + char int_n_sign_posn; +}; + + +char *setlocale (int, const char *); +struct lconv *localeconv(void); #endif // _GHLIBCPP_LOCALE \ No newline at end of file diff --git a/cpp/common/test/includes/standard-library/stddef.h b/cpp/common/test/includes/standard-library/stddef.h index 496de53167..96e9849973 100644 --- a/cpp/common/test/includes/standard-library/stddef.h +++ b/cpp/common/test/includes/standard-library/stddef.h @@ -17,5 +17,11 @@ using size_t = decltype(sizeof(char)); #define offsetof(t, d) __builtin_offsetof(t, d) /*implementation-defined*/ +#ifdef __cplusplus +#define NULL 0L +#else +#define NULL ((void*)0) +#endif + // namespace std #endif // _GHLIBCPP_STDDEF \ No newline at end of file diff --git a/cpp/common/test/includes/standard-library/stdlib.h b/cpp/common/test/includes/standard-library/stdlib.h index c8ff7a7592..67f1abd694 100644 --- a/cpp/common/test/includes/standard-library/stdlib.h +++ b/cpp/common/test/includes/standard-library/stdlib.h @@ -15,6 +15,8 @@ int system(const char *command); char *getenv(const char *name); +int setenv (const char *, const char *, int); + int atoi(const char *str); long int atol(const char *str); long long int atoll(const char *str); diff --git a/cpp/common/test/includes/standard-library/string.h b/cpp/common/test/includes/standard-library/string.h index c4d06b6e7b..d94a186f0e 100644 --- a/cpp/common/test/includes/standard-library/string.h +++ b/cpp/common/test/includes/standard-library/string.h @@ -36,6 +36,8 @@ char *strstr(char *str1, const char *str2); char *strtok(char *str, const char *delimiters); +char *strdup (const char *); + void *memcpy(void *dest, const void *src, size_t count); void *memset(void *dest, int ch, size_t count); void *memmove(void *dest, const void *src, size_t count); diff --git a/cpp/common/test/includes/standard-library/time.h b/cpp/common/test/includes/standard-library/time.h index e69de29bb2..4c6198589f 100644 --- a/cpp/common/test/includes/standard-library/time.h +++ b/cpp/common/test/includes/standard-library/time.h @@ -0,0 +1,32 @@ +#ifndef _GHLIBCPP_CTIME +#define _GHLIBCPP_CTIME + +typedef unsigned long clock_t; +typedef unsigned long time_t; + +typedef unsigned long size_t; +struct tm { + int tm_sec; + int tm_min; + int tm_hour; + int tm_mday; + int tm_mon; + int tm_year; + int tm_wday; + int tm_yday; + int tm_isdst; +}; + +clock_t clock(void); +double difftime(clock_t end, clock_t beginning); +time_t mktime(struct tm *timeptr); +time_t time(time_t *timer); +char *asctime(const struct tm *timeptr); + +char *ctime(const time_t *timer); +struct tm *gmtime(const time_t *timer); +struct tm *localtime(const time_t *timer); +size_t strftime(char *ptr, size_t maxsize, const char *format, + const struct tm *timeptr); + +#endif \ No newline at end of file diff --git a/cpp/autosar/test/rules/M5-3-3/UnaryOperatorOverloaded.expected b/cpp/common/test/rules/addressofoperatoroverloaded_shared/AddressOfOperatorOverloaded_shared.expected similarity index 100% rename from cpp/autosar/test/rules/M5-3-3/UnaryOperatorOverloaded.expected rename to cpp/common/test/rules/addressofoperatoroverloaded_shared/AddressOfOperatorOverloaded_shared.expected diff --git a/cpp/common/test/rules/addressofoperatoroverloaded_shared/AddressOfOperatorOverloaded_shared.ql b/cpp/common/test/rules/addressofoperatoroverloaded_shared/AddressOfOperatorOverloaded_shared.ql new file mode 100644 index 0000000000..0a40e9b1b9 --- /dev/null +++ b/cpp/common/test/rules/addressofoperatoroverloaded_shared/AddressOfOperatorOverloaded_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.addressofoperatoroverloaded_shared.AddressOfOperatorOverloaded_shared + +class TestFileQuery extends AddressOfOperatorOverloaded_sharedSharedQuery, TestQuery { } diff --git a/cpp/autosar/test/rules/M5-3-3/test.cpp b/cpp/common/test/rules/addressofoperatoroverloaded_shared/test.cpp similarity index 100% rename from cpp/autosar/test/rules/M5-3-3/test.cpp rename to cpp/common/test/rules/addressofoperatoroverloaded_shared/test.cpp diff --git a/cpp/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.expected b/cpp/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.expected new file mode 100644 index 0000000000..71355bf4cc --- /dev/null +++ b/cpp/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.expected @@ -0,0 +1,2 @@ +| test.cpp:5:1:5:41 | #define BAD_MACRO_WITH_ARG(x) (x) + wow ## x | Macro BAD_MACRO_WITH_ARG contains use of parameter x used in multiple contexts. | +| test.cpp:6:1:6:48 | #define BAD_MACRO_WITH_ARG_TWO(x,y) (x) + wow ## x | Macro BAD_MACRO_WITH_ARG_TWO contains use of parameter x used in multiple contexts. | diff --git a/cpp/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.ql b/cpp/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.ql new file mode 100644 index 0000000000..8fc299b7f3 --- /dev/null +++ b/cpp/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.ql @@ -0,0 +1,5 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.amixedusemacroargumentsubjecttoexpansion_shared.AMixedUseMacroArgumentSubjectToExpansion_shared + +class TestFileQuery extends AMixedUseMacroArgumentSubjectToExpansion_sharedSharedQuery, TestQuery { +} diff --git a/c/misra/test/rules/RULE-20-12/test.c b/cpp/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/test.cpp similarity index 86% rename from c/misra/test/rules/RULE-20-12/test.c rename to cpp/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/test.cpp index 768238f36d..e96e2f7414 100644 --- a/c/misra/test/rules/RULE-20-12/test.c +++ b/cpp/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/test.cpp @@ -1,4 +1,5 @@ - +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. #define GOOD_MACRO_WITH_ARG(X) ((X)*X##_scale) // COMPLIANT #define MACRO 1 #define BAD_MACRO_WITH_ARG(x) (x) + wow##x // NON_COMPLIANT diff --git a/cpp/autosar/test/rules/M5-2-12/IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointer.expected b/cpp/common/test/rules/arraypassedasfunctionargumentdecaytoapointer_shared/ArrayPassedAsFunctionArgumentDecayToAPointer_shared.expected similarity index 100% rename from cpp/autosar/test/rules/M5-2-12/IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointer.expected rename to cpp/common/test/rules/arraypassedasfunctionargumentdecaytoapointer_shared/ArrayPassedAsFunctionArgumentDecayToAPointer_shared.expected diff --git a/cpp/common/test/rules/arraypassedasfunctionargumentdecaytoapointer_shared/ArrayPassedAsFunctionArgumentDecayToAPointer_shared.ql b/cpp/common/test/rules/arraypassedasfunctionargumentdecaytoapointer_shared/ArrayPassedAsFunctionArgumentDecayToAPointer_shared.ql new file mode 100644 index 0000000000..fd61a27184 --- /dev/null +++ b/cpp/common/test/rules/arraypassedasfunctionargumentdecaytoapointer_shared/ArrayPassedAsFunctionArgumentDecayToAPointer_shared.ql @@ -0,0 +1,6 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.arraypassedasfunctionargumentdecaytoapointer_shared.ArrayPassedAsFunctionArgumentDecayToAPointer_shared + +class TestFileQuery extends ArrayPassedAsFunctionArgumentDecayToAPointer_sharedSharedQuery, + TestQuery +{ } diff --git a/cpp/autosar/test/rules/M5-2-12/test.cpp b/cpp/common/test/rules/arraypassedasfunctionargumentdecaytoapointer_shared/test.cpp similarity index 100% rename from cpp/autosar/test/rules/M5-2-12/test.cpp rename to cpp/common/test/rules/arraypassedasfunctionargumentdecaytoapointer_shared/test.cpp diff --git a/cpp/autosar/test/rules/A7-4-1/AsmDeclarationUsed.expected b/cpp/common/test/rules/asmdeclarationused_shared/AsmDeclarationUsed_shared.expected similarity index 100% rename from cpp/autosar/test/rules/A7-4-1/AsmDeclarationUsed.expected rename to cpp/common/test/rules/asmdeclarationused_shared/AsmDeclarationUsed_shared.expected diff --git a/cpp/common/test/rules/asmdeclarationused_shared/AsmDeclarationUsed_shared.ql b/cpp/common/test/rules/asmdeclarationused_shared/AsmDeclarationUsed_shared.ql new file mode 100644 index 0000000000..129fb3a5eb --- /dev/null +++ b/cpp/common/test/rules/asmdeclarationused_shared/AsmDeclarationUsed_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.asmdeclarationused_shared.AsmDeclarationUsed_shared + +class TestFileQuery extends AsmDeclarationUsed_sharedSharedQuery, TestQuery { } diff --git a/cpp/autosar/test/rules/A7-4-1/test.cpp b/cpp/common/test/rules/asmdeclarationused_shared/test.cpp similarity index 100% rename from cpp/autosar/test/rules/A7-4-1/test.cpp rename to cpp/common/test/rules/asmdeclarationused_shared/test.cpp diff --git a/cpp/common/test/rules/atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.expected b/cpp/common/test/rules/atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.expected new file mode 100644 index 0000000000..9a849af3f4 --- /dev/null +++ b/cpp/common/test/rules/atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.expected @@ -0,0 +1,4 @@ +| test.cpp:8:14:8:17 | call to atof | Call to banned function atof. | +| test.cpp:9:12:9:15 | call to atoi | Call to banned function atoi. | +| test.cpp:10:13:10:16 | call to atol | Call to banned function atol. | +| test.cpp:11:18:11:22 | call to atoll | Call to banned function atoll. | diff --git a/cpp/common/test/rules/atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.ql b/cpp/common/test/rules/atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.ql new file mode 100644 index 0000000000..75b1a7ea10 --- /dev/null +++ b/cpp/common/test/rules/atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.atofatoiatolandatollused_shared.AtofAtoiAtolAndAtollUsed_shared + +class TestFileQuery extends AtofAtoiAtolAndAtollUsed_sharedSharedQuery, TestQuery { } diff --git a/c/misra/test/rules/RULE-21-7/test.c b/cpp/common/test/rules/atofatoiatolandatollused_shared/test.cpp similarity index 66% rename from c/misra/test/rules/RULE-21-7/test.c rename to cpp/common/test/rules/atofatoiatolandatollused_shared/test.cpp index 141dd061d3..c995df6aad 100644 --- a/c/misra/test/rules/RULE-21-7/test.c +++ b/cpp/common/test/rules/atofatoiatolandatollused_shared/test.cpp @@ -1,8 +1,10 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. #include #include void f2(); void f1() { - char l1[5] = "abcde"; + char l1[5] = "abcd"; float l2 = atof(l1); // NON_COMLIANT int l3 = atoi(l1); // NON_COMPLIANT long l4 = atol(l1); // NON_COMPLIANT diff --git a/cpp/autosar/test/rules/A2-13-1/EscapeSequenceOutsideISO.expected b/cpp/common/test/rules/backslashcharactermisuse_shared/BackslashCharacterMisuse_shared.expected similarity index 100% rename from cpp/autosar/test/rules/A2-13-1/EscapeSequenceOutsideISO.expected rename to cpp/common/test/rules/backslashcharactermisuse_shared/BackslashCharacterMisuse_shared.expected diff --git a/cpp/common/test/rules/backslashcharactermisuse_shared/BackslashCharacterMisuse_shared.ql b/cpp/common/test/rules/backslashcharactermisuse_shared/BackslashCharacterMisuse_shared.ql new file mode 100644 index 0000000000..ad9a9eb112 --- /dev/null +++ b/cpp/common/test/rules/backslashcharactermisuse_shared/BackslashCharacterMisuse_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.backslashcharactermisuse_shared.BackslashCharacterMisuse_shared + +class TestFileQuery extends BackslashCharacterMisuse_sharedSharedQuery, TestQuery { } diff --git a/cpp/autosar/test/rules/A2-13-1/test.cpp b/cpp/common/test/rules/backslashcharactermisuse_shared/test.cpp similarity index 100% rename from cpp/autosar/test/rules/A2-13-1/test.cpp rename to cpp/common/test/rules/backslashcharactermisuse_shared/test.cpp diff --git a/cpp/common/test/rules/bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.expected b/cpp/common/test/rules/bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.expected new file mode 100644 index 0000000000..346a557e32 --- /dev/null +++ b/cpp/common/test/rules/bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.expected @@ -0,0 +1,4 @@ +| test.cpp:9:7:9:8 | x1 | Bit-field 'x1' is declared on type 'int'. | +| test.cpp:13:15:13:16 | x5 | Bit-field 'x5' is declared on type 'signed long'. | +| test.cpp:15:15:15:16 | x6 | Bit-field 'x6' is declared on type 'signed char'. | +| test.cpp:17:14:17:15 | x7 | Bit-field 'x7' is declared on type 'Color'. | diff --git a/cpp/common/test/rules/bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.ql b/cpp/common/test/rules/bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.ql new file mode 100644 index 0000000000..e460832dc7 --- /dev/null +++ b/cpp/common/test/rules/bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.bitfieldshallhaveanappropriatetype_shared.BitFieldShallHaveAnAppropriateType_shared + +class TestFileQuery extends BitFieldShallHaveAnAppropriateType_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/bitfieldshallhaveanappropriatetype_shared/test.cpp b/cpp/common/test/rules/bitfieldshallhaveanappropriatetype_shared/test.cpp new file mode 100644 index 0000000000..96b28997c4 --- /dev/null +++ b/cpp/common/test/rules/bitfieldshallhaveanappropriatetype_shared/test.cpp @@ -0,0 +1,18 @@ + +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. +typedef unsigned int UINT16; + +enum Color { R, G, B }; + +struct SampleStruct { + int x1 : 2; // NON_COMPLIANT - not explicitly signed or unsigned + unsigned int x2 : 2; // COMPLIANT - explicitly unsigned + signed int x3 : 2; // COMPLIANT - explicitly signed + UINT16 x4 : 2; // COMPLIANT - type alias resolves to a compliant type + signed long x5 : 2; // NON_COMPLIANT - cannot declare bit field for long, even + // if it's signed + signed char x6 : 2; // NON_COMPLIANT - cannot declare bit field for char, even + // if it's signed + enum Color x7 : 3; // NON_COMPLIANT - cannot declare bit field for enum +} sample_struct; diff --git a/cpp/autosar/test/rules/M5-3-2/UnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsigned.expected b/cpp/common/test/rules/builtinunaryoperatorappliedtounsignedexpression_shared/BuiltInUnaryOperatorAppliedToUnsignedExpression_shared.expected similarity index 100% rename from cpp/autosar/test/rules/M5-3-2/UnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsigned.expected rename to cpp/common/test/rules/builtinunaryoperatorappliedtounsignedexpression_shared/BuiltInUnaryOperatorAppliedToUnsignedExpression_shared.expected diff --git a/cpp/common/test/rules/builtinunaryoperatorappliedtounsignedexpression_shared/BuiltInUnaryOperatorAppliedToUnsignedExpression_shared.ql b/cpp/common/test/rules/builtinunaryoperatorappliedtounsignedexpression_shared/BuiltInUnaryOperatorAppliedToUnsignedExpression_shared.ql new file mode 100644 index 0000000000..d7b6f1d4cb --- /dev/null +++ b/cpp/common/test/rules/builtinunaryoperatorappliedtounsignedexpression_shared/BuiltInUnaryOperatorAppliedToUnsignedExpression_shared.ql @@ -0,0 +1,6 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.builtinunaryoperatorappliedtounsignedexpression_shared.BuiltInUnaryOperatorAppliedToUnsignedExpression_shared + +class TestFileQuery extends BuiltInUnaryOperatorAppliedToUnsignedExpression_sharedSharedQuery, + TestQuery +{ } diff --git a/cpp/autosar/test/rules/M5-3-2/test.cpp b/cpp/common/test/rules/builtinunaryoperatorappliedtounsignedexpression_shared/test.cpp similarity index 100% rename from cpp/autosar/test/rules/M5-3-2/test.cpp rename to cpp/common/test/rules/builtinunaryoperatorappliedtounsignedexpression_shared/test.cpp diff --git a/cpp/common/test/rules/castsbetweenapointertofunctionandanyothertype_shared/CastsBetweenAPointerToFunctionAndAnyOtherType_shared.expected b/cpp/common/test/rules/castsbetweenapointertofunctionandanyothertype_shared/CastsBetweenAPointerToFunctionAndAnyOtherType_shared.expected new file mode 100644 index 0000000000..24493879f0 --- /dev/null +++ b/cpp/common/test/rules/castsbetweenapointertofunctionandanyothertype_shared/CastsBetweenAPointerToFunctionAndAnyOtherType_shared.expected @@ -0,0 +1,2 @@ +| test.cpp:3:3:3:34 | reinterpret_cast<..(*)(..)>... | Cast converting a pointer to function. | +| test.cpp:4:3:4:30 | reinterpret_cast... | Cast converting a pointer to function. | diff --git a/cpp/common/test/rules/castsbetweenapointertofunctionandanyothertype_shared/CastsBetweenAPointerToFunctionAndAnyOtherType_shared.ql b/cpp/common/test/rules/castsbetweenapointertofunctionandanyothertype_shared/CastsBetweenAPointerToFunctionAndAnyOtherType_shared.ql new file mode 100644 index 0000000000..5fb036e12f --- /dev/null +++ b/cpp/common/test/rules/castsbetweenapointertofunctionandanyothertype_shared/CastsBetweenAPointerToFunctionAndAnyOtherType_shared.ql @@ -0,0 +1,6 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.castsbetweenapointertofunctionandanyothertype_shared.CastsBetweenAPointerToFunctionAndAnyOtherType_shared + +class TestFileQuery extends CastsBetweenAPointerToFunctionAndAnyOtherType_sharedSharedQuery, + TestQuery +{ } diff --git a/cpp/autosar/test/rules/M5-2-6/test.cpp b/cpp/common/test/rules/castsbetweenapointertofunctionandanyothertype_shared/test.cpp similarity index 99% rename from cpp/autosar/test/rules/M5-2-6/test.cpp rename to cpp/common/test/rules/castsbetweenapointertofunctionandanyothertype_shared/test.cpp index ac14351b00..aad03a054e 100644 --- a/cpp/autosar/test/rules/M5-2-6/test.cpp +++ b/cpp/common/test/rules/castsbetweenapointertofunctionandanyothertype_shared/test.cpp @@ -1,3 +1,4 @@ + void f(int) { reinterpret_cast(&f); // NON_COMPLIANT reinterpret_cast(&f); // NON_COMPLIANT diff --git a/cpp/autosar/test/rules/M2-7-1/SlashStarUsedWithinACStyleComment.expected b/cpp/common/test/rules/charactersequenceusedwithinacstylecomment_shared/CharacterSequenceUsedWithinACStyleComment_shared.expected similarity index 100% rename from cpp/autosar/test/rules/M2-7-1/SlashStarUsedWithinACStyleComment.expected rename to cpp/common/test/rules/charactersequenceusedwithinacstylecomment_shared/CharacterSequenceUsedWithinACStyleComment_shared.expected diff --git a/cpp/common/test/rules/charactersequenceusedwithinacstylecomment_shared/CharacterSequenceUsedWithinACStyleComment_shared.ql b/cpp/common/test/rules/charactersequenceusedwithinacstylecomment_shared/CharacterSequenceUsedWithinACStyleComment_shared.ql new file mode 100644 index 0000000000..d172827f54 --- /dev/null +++ b/cpp/common/test/rules/charactersequenceusedwithinacstylecomment_shared/CharacterSequenceUsedWithinACStyleComment_shared.ql @@ -0,0 +1,5 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.charactersequenceusedwithinacstylecomment_shared.CharacterSequenceUsedWithinACStyleComment_shared + +class TestFileQuery extends CharacterSequenceUsedWithinACStyleComment_sharedSharedQuery, TestQuery { +} diff --git a/cpp/autosar/test/rules/M2-7-1/test.cpp b/cpp/common/test/rules/charactersequenceusedwithinacstylecomment_shared/test.cpp similarity index 100% rename from cpp/autosar/test/rules/M2-7-1/test.cpp rename to cpp/common/test/rules/charactersequenceusedwithinacstylecomment_shared/test.cpp diff --git a/cpp/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.expected b/cpp/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.expected new file mode 100644 index 0000000000..b02aa464bb --- /dev/null +++ b/cpp/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.expected @@ -0,0 +1,20 @@ +problems +| test.cpp:11:8:11:12 | c_str | test.cpp:18:16:18:21 | call to getenv | test.cpp:11:8:11:12 | c_str | The object returned by the function getenv should not be modified. | +| test.cpp:67:5:67:9 | conv4 | test.cpp:64:11:64:20 | call to localeconv | test.cpp:67:5:67:9 | conv4 | The object returned by the function localeconv should not be modified. | +| test.cpp:76:5:76:8 | conv | test.cpp:72:25:72:34 | call to localeconv | test.cpp:76:5:76:8 | conv | The object returned by the function localeconv should not be modified. | +edges +| test.cpp:8:18:8:22 | c_str | test.cpp:11:8:11:12 | c_str | +| test.cpp:18:16:18:21 | call to getenv | test.cpp:24:9:24:12 | env1 | +| test.cpp:24:9:24:12 | env1 | test.cpp:8:18:8:22 | c_str | +| test.cpp:64:11:64:20 | call to localeconv | test.cpp:67:5:67:9 | conv4 | +| test.cpp:72:25:72:34 | call to localeconv | test.cpp:76:5:76:8 | conv | +nodes +| test.cpp:8:18:8:22 | c_str | semmle.label | c_str | +| test.cpp:11:8:11:12 | c_str | semmle.label | c_str | +| test.cpp:18:16:18:21 | call to getenv | semmle.label | call to getenv | +| test.cpp:24:9:24:12 | env1 | semmle.label | env1 | +| test.cpp:64:11:64:20 | call to localeconv | semmle.label | call to localeconv | +| test.cpp:67:5:67:9 | conv4 | semmle.label | conv4 | +| test.cpp:72:25:72:34 | call to localeconv | semmle.label | call to localeconv | +| test.cpp:76:5:76:8 | conv | semmle.label | conv | +subpaths diff --git a/cpp/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.ql b/cpp/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.ql new file mode 100644 index 0000000000..53c27eb3ce --- /dev/null +++ b/cpp/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.constlikereturnvalue.ConstLikeReturnValue + +class TestFileQuery extends ConstLikeReturnValueSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/constlikereturnvalue/test.cpp b/cpp/common/test/rules/constlikereturnvalue/test.cpp new file mode 100644 index 0000000000..af7ecdc2d9 --- /dev/null +++ b/cpp/common/test/rules/constlikereturnvalue/test.cpp @@ -0,0 +1,96 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. +#include +#include +#include +#include + +void trstr(char *c_str, char orig, char rep) { + while (*c_str != '\0') { + if (*c_str == orig) { + *c_str = rep; // NON_COMPLIANT + } + ++c_str; + } +} + +void f1(void) { + char *env1 = getenv("TEST_ENV"); + char *copy_of_env; + copy_of_env = env1; // COMPLIANT + + if (env1 == NULL) { + } + trstr(env1, '"', '_'); +} + +void f2(void) { + const char *env2; + char *copy_of_env; + + env2 = getenv("TEST_ENV"); + if (env2 == NULL) { + } + + copy_of_env = (char *)malloc(strlen(env2) + 1); + if (copy_of_env == NULL) { + } + + strcpy(copy_of_env, env2); + trstr(copy_of_env, '"', '_'); // COMPLIANT +} + +void f3(void) { + const char *env3; + char *copy_of_env; + + env3 = getenv("TEST_ENV"); + if (env3 == NULL) { + } + + copy_of_env = strdup(env3); + if (copy_of_env == NULL) { + } + + trstr(copy_of_env, '"', '_'); // COMPLIANT + if (setenv("TEST_ENV", copy_of_env, 1) != 0) { + } +} + +void f4(void) { + struct lconv *conv4 = localeconv(); + + setlocale(LC_ALL, "C"); // COMPLIANT + conv4 = localeconv(); // COMPLIANT + + if ('\0' == conv4->decimal_point[0]) { + conv4->decimal_point = "."; // NON_COMPLIANT + } +} + +void f4alias(void) { + struct lconv *conv4 = localeconv(); + struct lconv *conv = conv4; + + if ('\0' == conv4->decimal_point[0]) { + conv->decimal_point = "."; // NON_COMPLIANT + } +} + +void f5(void) { + const struct lconv *conv5 = localeconv(); + if (conv5 == NULL) { + } + + struct lconv *copy_of_conv = (struct lconv *)malloc(sizeof(struct lconv)); + if (copy_of_conv == NULL) { + } + + memcpy(copy_of_conv, conv5, sizeof(struct lconv)); + + if ('\0' == copy_of_conv->decimal_point[0]) { + copy_of_conv->decimal_point = "."; // COMPLIANT + } + + free(copy_of_conv); +} \ No newline at end of file diff --git a/cpp/autosar/test/rules/A12-8-5/CopyAssignmentAndAMoveHandleSelfAssignment.expected b/cpp/common/test/rules/copyandmoveassignmentsshallhandleselfassignment_shared/CopyAndMoveAssignmentsShallHandleSelfAssignment_shared.expected similarity index 100% rename from cpp/autosar/test/rules/A12-8-5/CopyAssignmentAndAMoveHandleSelfAssignment.expected rename to cpp/common/test/rules/copyandmoveassignmentsshallhandleselfassignment_shared/CopyAndMoveAssignmentsShallHandleSelfAssignment_shared.expected diff --git a/cpp/common/test/rules/copyandmoveassignmentsshallhandleselfassignment_shared/CopyAndMoveAssignmentsShallHandleSelfAssignment_shared.ql b/cpp/common/test/rules/copyandmoveassignmentsshallhandleselfassignment_shared/CopyAndMoveAssignmentsShallHandleSelfAssignment_shared.ql new file mode 100644 index 0000000000..8d4b1e8f6f --- /dev/null +++ b/cpp/common/test/rules/copyandmoveassignmentsshallhandleselfassignment_shared/CopyAndMoveAssignmentsShallHandleSelfAssignment_shared.ql @@ -0,0 +1,6 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.copyandmoveassignmentsshallhandleselfassignment_shared.CopyAndMoveAssignmentsShallHandleSelfAssignment_shared + +class TestFileQuery extends CopyAndMoveAssignmentsShallHandleSelfAssignment_sharedSharedQuery, + TestQuery +{ } diff --git a/cpp/autosar/test/rules/A12-8-5/test.cpp b/cpp/common/test/rules/copyandmoveassignmentsshallhandleselfassignment_shared/test.cpp similarity index 100% rename from cpp/autosar/test/rules/A12-8-5/test.cpp rename to cpp/common/test/rules/copyandmoveassignmentsshallhandleselfassignment_shared/test.cpp diff --git a/cpp/autosar/test/rules/M18-7-1/CsignalFunctionsUsed.expected b/cpp/common/test/rules/csignalfunctionsused_shared/CsignalFunctionsUsed_shared.expected similarity index 100% rename from cpp/autosar/test/rules/M18-7-1/CsignalFunctionsUsed.expected rename to cpp/common/test/rules/csignalfunctionsused_shared/CsignalFunctionsUsed_shared.expected diff --git a/cpp/common/test/rules/csignalfunctionsused_shared/CsignalFunctionsUsed_shared.ql b/cpp/common/test/rules/csignalfunctionsused_shared/CsignalFunctionsUsed_shared.ql new file mode 100644 index 0000000000..d17d984621 --- /dev/null +++ b/cpp/common/test/rules/csignalfunctionsused_shared/CsignalFunctionsUsed_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.csignalfunctionsused_shared.CsignalFunctionsUsed_shared + +class TestFileQuery extends CsignalFunctionsUsed_sharedSharedQuery, TestQuery { } diff --git a/cpp/autosar/test/rules/M18-7-1/test.cpp b/cpp/common/test/rules/csignalfunctionsused_shared/test.cpp similarity index 100% rename from cpp/autosar/test/rules/M18-7-1/test.cpp rename to cpp/common/test/rules/csignalfunctionsused_shared/test.cpp diff --git a/cpp/autosar/test/rules/M18-7-1/CsignalTypesUsed.expected b/cpp/common/test/rules/csignaltypesused_shared/CsignalTypesUsed_shared.expected similarity index 100% rename from cpp/autosar/test/rules/M18-7-1/CsignalTypesUsed.expected rename to cpp/common/test/rules/csignaltypesused_shared/CsignalTypesUsed_shared.expected diff --git a/cpp/common/test/rules/csignaltypesused_shared/CsignalTypesUsed_shared.ql b/cpp/common/test/rules/csignaltypesused_shared/CsignalTypesUsed_shared.ql new file mode 100644 index 0000000000..57b937cb94 --- /dev/null +++ b/cpp/common/test/rules/csignaltypesused_shared/CsignalTypesUsed_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.csignaltypesused_shared.CsignalTypesUsed_shared + +class TestFileQuery extends CsignalTypesUsed_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/csignaltypesused_shared/test.cpp b/cpp/common/test/rules/csignaltypesused_shared/test.cpp new file mode 100644 index 0000000000..e621160b81 --- /dev/null +++ b/cpp/common/test/rules/csignaltypesused_shared/test.cpp @@ -0,0 +1,13 @@ +#include + +void signal_handler(int signal) {} + +void test_signal_is_used() { + std::sig_atomic_t atom; // NON_COMPLIANT + std::signal(SIGINT, signal_handler); // NON_COMPLIANT + std::raise(SIGINT); // NON_COMPLIANT + + sig_atomic_t atom1; // NON_COMPLIANT + signal(SIGINT, signal_handler); // NON_COMPLIANT + raise(SIGINT); // NON_COMPLIANT +} \ No newline at end of file diff --git a/cpp/autosar/test/rules/M27-0-1/CstdioFunctionsUsed.expected b/cpp/common/test/rules/cstdiofunctionsused_shared/CstdioFunctionsUsed_shared.expected similarity index 100% rename from cpp/autosar/test/rules/M27-0-1/CstdioFunctionsUsed.expected rename to cpp/common/test/rules/cstdiofunctionsused_shared/CstdioFunctionsUsed_shared.expected diff --git a/cpp/common/test/rules/cstdiofunctionsused_shared/CstdioFunctionsUsed_shared.ql b/cpp/common/test/rules/cstdiofunctionsused_shared/CstdioFunctionsUsed_shared.ql new file mode 100644 index 0000000000..f7066f041f --- /dev/null +++ b/cpp/common/test/rules/cstdiofunctionsused_shared/CstdioFunctionsUsed_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.cstdiofunctionsused_shared.CstdioFunctionsUsed_shared + +class TestFileQuery extends CstdioFunctionsUsed_sharedSharedQuery, TestQuery { } diff --git a/cpp/autosar/test/rules/M27-0-1/test.cpp b/cpp/common/test/rules/cstdiofunctionsused_shared/test.cpp similarity index 100% rename from cpp/autosar/test/rules/M27-0-1/test.cpp rename to cpp/common/test/rules/cstdiofunctionsused_shared/test.cpp diff --git a/cpp/autosar/test/rules/M27-0-1/CstdioMacrosUsed.expected b/cpp/common/test/rules/cstdiomacrosused_shared/CstdioMacrosUsed_shared.expected similarity index 100% rename from cpp/autosar/test/rules/M27-0-1/CstdioMacrosUsed.expected rename to cpp/common/test/rules/cstdiomacrosused_shared/CstdioMacrosUsed_shared.expected diff --git a/cpp/common/test/rules/cstdiomacrosused_shared/CstdioMacrosUsed_shared.ql b/cpp/common/test/rules/cstdiomacrosused_shared/CstdioMacrosUsed_shared.ql new file mode 100644 index 0000000000..3b1a3d4dae --- /dev/null +++ b/cpp/common/test/rules/cstdiomacrosused_shared/CstdioMacrosUsed_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.cstdiomacrosused_shared.CstdioMacrosUsed_shared + +class TestFileQuery extends CstdioMacrosUsed_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/cstdiomacrosused_shared/test.cpp b/cpp/common/test/rules/cstdiomacrosused_shared/test.cpp new file mode 100644 index 0000000000..27447ba06a --- /dev/null +++ b/cpp/common/test/rules/cstdiomacrosused_shared/test.cpp @@ -0,0 +1,61 @@ +#include +#include +void *test_cstdio_is_used() { + std::FILE *f = std::fopen("foo.txt", "r"); // NON_COMPLIANT + + std::fpos_t init_position; // NON_COMPLIANT + std::fgetpos(f, &init_position); // NON_COMPLIANT + + while (!std::feof(f)) { // NON_COMPLIANT + char c = std::fgetc(f); // NON_COMPLIANT + if (c == EOF) // NON_COMPLIANT + std::rewind(f); // NON_COMPLIANT + } + if (std::ferror(f)) { // NON_COMPLIANT + std::clearerr(f); // NON_COMPLIANT + std::fclose(f); // NON_COMPLIANT + std::perror("fgetc"); // NON_COMPLIANT + } + + std::fseek(f, (size_t)0, SEEK_SET); // NON_COMPLIANT + std::fseek(f, (size_t)0, SEEK_END); // NON_COMPLIANT + char buf[BUFSIZ]; // NON_COMPLIANT + std::fread(buf, 1, sizeof(buf), f); // NON_COMPLIANT + + std::fsetpos(f, &init_position); // NON_COMPLIANT + std::fflush(f); // NON_COMPLIANT + std::fclose(f); // NON_COMPLIANT + + std::printf("DEBUG: TMP_MAX=%d FILENAME_MAX=%d FOPEN_MAX=%d\n", TMP_MAX, + FILENAME_MAX, FOPEN_MAX); // NON_COMPLIANT + std::puts("all done!"); // NON_COMPLIANT + + // global namespace + FILE *f1 = fopen("foo.txt", "r"); // NON_COMPLIANT + + fpos_t init_position1; + fgetpos(f1, &init_position1); // NON_COMPLIANT + + while (!feof(f1)) { // NON_COMPLIANT + char c = fgetc(f1); // NON_COMPLIANT + if (c == EOF) // NON_COMPLIANT + rewind(f1); // NON_COMPLIANT + } + if (ferror(f1)) { // NON_COMPLIANT + clearerr(f1); // NON_COMPLIANT + fclose(f1); // NON_COMPLIANT + perror("fgetc"); // NON_COMPLIANT + } + + fseek(f1, (size_t)0, SEEK_SET); // NON_COMPLIANT + fread(buf, 1, sizeof(buf), f1); // NON_COMPLIANT + + fsetpos(f1, &init_position1); // NON_COMPLIANT + fflush(f1); // NON_COMPLIANT + fclose(f1); // NON_COMPLIANT + + printf("foo"); // NON_COMPLIANT + puts("all done!"); // NON_COMPLIANT + + return NULL; // COMPLIANT - NULL is not uniquely defined by cstdio +} \ No newline at end of file diff --git a/cpp/autosar/test/rules/M27-0-1/CstdioTypesUsed.expected b/cpp/common/test/rules/cstdiotypesused_shared/CstdioTypesUsed_shared.expected similarity index 100% rename from cpp/autosar/test/rules/M27-0-1/CstdioTypesUsed.expected rename to cpp/common/test/rules/cstdiotypesused_shared/CstdioTypesUsed_shared.expected diff --git a/cpp/common/test/rules/cstdiotypesused_shared/CstdioTypesUsed_shared.ql b/cpp/common/test/rules/cstdiotypesused_shared/CstdioTypesUsed_shared.ql new file mode 100644 index 0000000000..5e03cf9517 --- /dev/null +++ b/cpp/common/test/rules/cstdiotypesused_shared/CstdioTypesUsed_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.cstdiotypesused_shared.CstdioTypesUsed_shared + +class TestFileQuery extends CstdioTypesUsed_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/cstdiotypesused_shared/test.cpp b/cpp/common/test/rules/cstdiotypesused_shared/test.cpp new file mode 100644 index 0000000000..27447ba06a --- /dev/null +++ b/cpp/common/test/rules/cstdiotypesused_shared/test.cpp @@ -0,0 +1,61 @@ +#include +#include +void *test_cstdio_is_used() { + std::FILE *f = std::fopen("foo.txt", "r"); // NON_COMPLIANT + + std::fpos_t init_position; // NON_COMPLIANT + std::fgetpos(f, &init_position); // NON_COMPLIANT + + while (!std::feof(f)) { // NON_COMPLIANT + char c = std::fgetc(f); // NON_COMPLIANT + if (c == EOF) // NON_COMPLIANT + std::rewind(f); // NON_COMPLIANT + } + if (std::ferror(f)) { // NON_COMPLIANT + std::clearerr(f); // NON_COMPLIANT + std::fclose(f); // NON_COMPLIANT + std::perror("fgetc"); // NON_COMPLIANT + } + + std::fseek(f, (size_t)0, SEEK_SET); // NON_COMPLIANT + std::fseek(f, (size_t)0, SEEK_END); // NON_COMPLIANT + char buf[BUFSIZ]; // NON_COMPLIANT + std::fread(buf, 1, sizeof(buf), f); // NON_COMPLIANT + + std::fsetpos(f, &init_position); // NON_COMPLIANT + std::fflush(f); // NON_COMPLIANT + std::fclose(f); // NON_COMPLIANT + + std::printf("DEBUG: TMP_MAX=%d FILENAME_MAX=%d FOPEN_MAX=%d\n", TMP_MAX, + FILENAME_MAX, FOPEN_MAX); // NON_COMPLIANT + std::puts("all done!"); // NON_COMPLIANT + + // global namespace + FILE *f1 = fopen("foo.txt", "r"); // NON_COMPLIANT + + fpos_t init_position1; + fgetpos(f1, &init_position1); // NON_COMPLIANT + + while (!feof(f1)) { // NON_COMPLIANT + char c = fgetc(f1); // NON_COMPLIANT + if (c == EOF) // NON_COMPLIANT + rewind(f1); // NON_COMPLIANT + } + if (ferror(f1)) { // NON_COMPLIANT + clearerr(f1); // NON_COMPLIANT + fclose(f1); // NON_COMPLIANT + perror("fgetc"); // NON_COMPLIANT + } + + fseek(f1, (size_t)0, SEEK_SET); // NON_COMPLIANT + fread(buf, 1, sizeof(buf), f1); // NON_COMPLIANT + + fsetpos(f1, &init_position1); // NON_COMPLIANT + fflush(f1); // NON_COMPLIANT + fclose(f1); // NON_COMPLIANT + + printf("foo"); // NON_COMPLIANT + puts("all done!"); // NON_COMPLIANT + + return NULL; // COMPLIANT - NULL is not uniquely defined by cstdio +} \ No newline at end of file diff --git a/cpp/autosar/test/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.expected b/cpp/common/test/rules/definitionnotconsideredforunqualifiedlookup_shared/DefinitionNotConsideredForUnqualifiedLookup_shared.expected similarity index 100% rename from cpp/autosar/test/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.expected rename to cpp/common/test/rules/definitionnotconsideredforunqualifiedlookup_shared/DefinitionNotConsideredForUnqualifiedLookup_shared.expected diff --git a/cpp/common/test/rules/definitionnotconsideredforunqualifiedlookup_shared/DefinitionNotConsideredForUnqualifiedLookup_shared.ql b/cpp/common/test/rules/definitionnotconsideredforunqualifiedlookup_shared/DefinitionNotConsideredForUnqualifiedLookup_shared.ql new file mode 100644 index 0000000000..852e501f38 --- /dev/null +++ b/cpp/common/test/rules/definitionnotconsideredforunqualifiedlookup_shared/DefinitionNotConsideredForUnqualifiedLookup_shared.ql @@ -0,0 +1,5 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.definitionnotconsideredforunqualifiedlookup_shared.DefinitionNotConsideredForUnqualifiedLookup_shared + +class TestFileQuery extends DefinitionNotConsideredForUnqualifiedLookup_sharedSharedQuery, TestQuery { +} diff --git a/cpp/autosar/test/rules/A7-3-1/test.cpp b/cpp/common/test/rules/definitionnotconsideredforunqualifiedlookup_shared/test.cpp similarity index 100% rename from cpp/autosar/test/rules/A7-3-1/test.cpp rename to cpp/common/test/rules/definitionnotconsideredforunqualifiedlookup_shared/test.cpp diff --git a/cpp/autosar/test/rules/M15-1-3/EmptyThrowOutsideCatch.expected b/cpp/common/test/rules/emptythrowonlywithinacatchhandler_shared/EmptyThrowOnlyWithinACatchHandler_shared.expected similarity index 100% rename from cpp/autosar/test/rules/M15-1-3/EmptyThrowOutsideCatch.expected rename to cpp/common/test/rules/emptythrowonlywithinacatchhandler_shared/EmptyThrowOnlyWithinACatchHandler_shared.expected diff --git a/cpp/common/test/rules/emptythrowonlywithinacatchhandler_shared/EmptyThrowOnlyWithinACatchHandler_shared.ql b/cpp/common/test/rules/emptythrowonlywithinacatchhandler_shared/EmptyThrowOnlyWithinACatchHandler_shared.ql new file mode 100644 index 0000000000..388419946e --- /dev/null +++ b/cpp/common/test/rules/emptythrowonlywithinacatchhandler_shared/EmptyThrowOnlyWithinACatchHandler_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.emptythrowonlywithinacatchhandler_shared.EmptyThrowOnlyWithinACatchHandler_shared + +class TestFileQuery extends EmptyThrowOnlyWithinACatchHandler_sharedSharedQuery, TestQuery { } diff --git a/cpp/autosar/test/rules/M15-1-3/test.cpp b/cpp/common/test/rules/emptythrowonlywithinacatchhandler_shared/test.cpp similarity index 100% rename from cpp/autosar/test/rules/M15-1-3/test.cpp rename to cpp/common/test/rules/emptythrowonlywithinacatchhandler_shared/test.cpp diff --git a/cpp/autosar/test/rules/A7-2-2/EnumerationUnderlyingBaseTypeNotExplicitlyDefined.expected b/cpp/common/test/rules/enumerationnotdefinedwithanexplicitunderlyingtype_shared/EnumerationNotDefinedWithAnExplicitUnderlyingType_shared.expected similarity index 100% rename from cpp/autosar/test/rules/A7-2-2/EnumerationUnderlyingBaseTypeNotExplicitlyDefined.expected rename to cpp/common/test/rules/enumerationnotdefinedwithanexplicitunderlyingtype_shared/EnumerationNotDefinedWithAnExplicitUnderlyingType_shared.expected diff --git a/cpp/common/test/rules/enumerationnotdefinedwithanexplicitunderlyingtype_shared/EnumerationNotDefinedWithAnExplicitUnderlyingType_shared.ql b/cpp/common/test/rules/enumerationnotdefinedwithanexplicitunderlyingtype_shared/EnumerationNotDefinedWithAnExplicitUnderlyingType_shared.ql new file mode 100644 index 0000000000..2ede7c3cea --- /dev/null +++ b/cpp/common/test/rules/enumerationnotdefinedwithanexplicitunderlyingtype_shared/EnumerationNotDefinedWithAnExplicitUnderlyingType_shared.ql @@ -0,0 +1,6 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.enumerationnotdefinedwithanexplicitunderlyingtype_shared.EnumerationNotDefinedWithAnExplicitUnderlyingType_shared + +class TestFileQuery extends EnumerationNotDefinedWithAnExplicitUnderlyingType_sharedSharedQuery, + TestQuery +{ } diff --git a/cpp/autosar/test/rules/A7-2-2/test.cpp b/cpp/common/test/rules/enumerationnotdefinedwithanexplicitunderlyingtype_shared/test.cpp similarity index 100% rename from cpp/autosar/test/rules/A7-2-2/test.cpp rename to cpp/common/test/rules/enumerationnotdefinedwithanexplicitunderlyingtype_shared/test.cpp diff --git a/cpp/autosar/test/rules/A15-1-2/PointerExceptionObject.expected b/cpp/common/test/rules/exceptionobjecthavepointertype_shared/ExceptionObjectHavePointerType_shared.expected similarity index 100% rename from cpp/autosar/test/rules/A15-1-2/PointerExceptionObject.expected rename to cpp/common/test/rules/exceptionobjecthavepointertype_shared/ExceptionObjectHavePointerType_shared.expected diff --git a/cpp/common/test/rules/exceptionobjecthavepointertype_shared/ExceptionObjectHavePointerType_shared.ql b/cpp/common/test/rules/exceptionobjecthavepointertype_shared/ExceptionObjectHavePointerType_shared.ql new file mode 100644 index 0000000000..43fec407b5 --- /dev/null +++ b/cpp/common/test/rules/exceptionobjecthavepointertype_shared/ExceptionObjectHavePointerType_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.exceptionobjecthavepointertype_shared.ExceptionObjectHavePointerType_shared + +class TestFileQuery extends ExceptionObjectHavePointerType_sharedSharedQuery, TestQuery { } diff --git a/cpp/autosar/test/rules/A15-1-2/test.cpp b/cpp/common/test/rules/exceptionobjecthavepointertype_shared/test.cpp similarity index 100% rename from cpp/autosar/test/rules/A15-1-2/test.cpp rename to cpp/common/test/rules/exceptionobjecthavepointertype_shared/test.cpp diff --git a/cpp/autosar/test/rules/A18-9-2/ForwardingValuesToOtherFunctions.expected b/cpp/common/test/rules/forwardingreferencesandforwardnotusedtogether_shared/ForwardingReferencesAndForwardNotUsedTogether_shared.expected similarity index 100% rename from cpp/autosar/test/rules/A18-9-2/ForwardingValuesToOtherFunctions.expected rename to cpp/common/test/rules/forwardingreferencesandforwardnotusedtogether_shared/ForwardingReferencesAndForwardNotUsedTogether_shared.expected diff --git a/cpp/common/test/rules/forwardingreferencesandforwardnotusedtogether_shared/ForwardingReferencesAndForwardNotUsedTogether_shared.ql b/cpp/common/test/rules/forwardingreferencesandforwardnotusedtogether_shared/ForwardingReferencesAndForwardNotUsedTogether_shared.ql new file mode 100644 index 0000000000..98ee8b8c23 --- /dev/null +++ b/cpp/common/test/rules/forwardingreferencesandforwardnotusedtogether_shared/ForwardingReferencesAndForwardNotUsedTogether_shared.ql @@ -0,0 +1,6 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.forwardingreferencesandforwardnotusedtogether_shared.ForwardingReferencesAndForwardNotUsedTogether_shared + +class TestFileQuery extends ForwardingReferencesAndForwardNotUsedTogether_sharedSharedQuery, + TestQuery +{ } diff --git a/cpp/autosar/test/rules/A18-9-2/test.cpp b/cpp/common/test/rules/forwardingreferencesandforwardnotusedtogether_shared/test.cpp similarity index 100% rename from cpp/autosar/test/rules/A18-9-2/test.cpp rename to cpp/common/test/rules/forwardingreferencesandforwardnotusedtogether_shared/test.cpp diff --git a/cpp/common/test/rules/functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.expected b/cpp/common/test/rules/functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.expected new file mode 100644 index 0000000000..62787cca0b --- /dev/null +++ b/cpp/common/test/rules/functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.expected @@ -0,0 +1,2 @@ +| test.cpp:8:1:8:25 | #define MACRO4(x) (x + 1) | Macro used instead of a function. | +| test.cpp:13:1:13:48 | #define MACRO9() printf_custom("output = %d", 7) | Macro used instead of a function. | diff --git a/cpp/common/test/rules/functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.ql b/cpp/common/test/rules/functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.ql new file mode 100644 index 0000000000..062cce047c --- /dev/null +++ b/cpp/common/test/rules/functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.functionlikemacrosdefined_shared.FunctionLikeMacrosDefined_shared + +class TestFileQuery extends FunctionLikeMacrosDefined_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/functionlikemacrosdefined_shared/test.cpp b/cpp/common/test/rules/functionlikemacrosdefined_shared/test.cpp new file mode 100644 index 0000000000..99d3b173e0 --- /dev/null +++ b/cpp/common/test/rules/functionlikemacrosdefined_shared/test.cpp @@ -0,0 +1,42 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. +#include + +#define MACRO(OP, L, R) ((L)OP(R)) // COMPLIANT +#define MACRO2(L, R) (L + R) // COMPLIANT +#define MACRO3(L, R) (L " " R " " L) // COMPLIANT +#define MACRO4(x) (x + 1) // NON_COMPLIANT +#define MACRO5(L, LR) (LR + 1) // COMPLIANT +#define MACRO6(x) printf_custom("output = %d", test##x) // COMPLIANT +#define MACRO7(x) #x // COMPLIANT +#define MACRO8(x) "NOP" // COMPLIANT +#define MACRO9() printf_custom("output = %d", 7) // NON_COMPLIANT +#define MACRO10(x) // COMPLIANT +#define MY_ASSERT(X) assert(X) // NON_COMPLIANT[FALSE_NEGATIVE] + +char a1[MACRO2(1, 1) + 6]; +extern int printf_custom(char*, int); +int test1; + +void f() { + int i = MACRO(+, 1, 1); + int i2 = MACRO2(7, 10); + + static int i3 = MACRO2(1, 1); + + char *i4 = MACRO3("prefix", "suffix"); + + int i5 = MACRO4(1); + + int i6 = MACRO4(MACRO2(1, 1)); + + int i7 = MACRO5(1, 1); + + MACRO6(1); + + char *i10 = MACRO7("prefix"); + + asm(MACRO8(1)); + + MY_ASSERT(1); +} \ No newline at end of file diff --git a/cpp/autosar/test/rules/A7-5-2/RecursiveFunctions.expected b/cpp/common/test/rules/functionscallthemselveseitherdirectlyorindirectly_shared/FunctionsCallThemselvesEitherDirectlyOrIndirectly_shared.expected similarity index 100% rename from cpp/autosar/test/rules/A7-5-2/RecursiveFunctions.expected rename to cpp/common/test/rules/functionscallthemselveseitherdirectlyorindirectly_shared/FunctionsCallThemselvesEitherDirectlyOrIndirectly_shared.expected diff --git a/cpp/common/test/rules/functionscallthemselveseitherdirectlyorindirectly_shared/FunctionsCallThemselvesEitherDirectlyOrIndirectly_shared.ql b/cpp/common/test/rules/functionscallthemselveseitherdirectlyorindirectly_shared/FunctionsCallThemselvesEitherDirectlyOrIndirectly_shared.ql new file mode 100644 index 0000000000..91a244c8a4 --- /dev/null +++ b/cpp/common/test/rules/functionscallthemselveseitherdirectlyorindirectly_shared/FunctionsCallThemselvesEitherDirectlyOrIndirectly_shared.ql @@ -0,0 +1,6 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.functionscallthemselveseitherdirectlyorindirectly_shared.FunctionsCallThemselvesEitherDirectlyOrIndirectly_shared + +class TestFileQuery extends FunctionsCallThemselvesEitherDirectlyOrIndirectly_sharedSharedQuery, + TestQuery +{ } diff --git a/cpp/autosar/test/rules/A7-5-2/test.cpp b/cpp/common/test/rules/functionscallthemselveseitherdirectlyorindirectly_shared/test.cpp similarity index 100% rename from cpp/autosar/test/rules/A7-5-2/test.cpp rename to cpp/common/test/rules/functionscallthemselveseitherdirectlyorindirectly_shared/test.cpp diff --git a/cpp/autosar/test/rules/A14-8-2/ExplicitSpecializationsOfFunctionTemplatesUsed.expected b/cpp/common/test/rules/functiontemplatesexplicitlyspecialized_shared/FunctionTemplatesExplicitlySpecialized_shared.expected similarity index 100% rename from cpp/autosar/test/rules/A14-8-2/ExplicitSpecializationsOfFunctionTemplatesUsed.expected rename to cpp/common/test/rules/functiontemplatesexplicitlyspecialized_shared/FunctionTemplatesExplicitlySpecialized_shared.expected diff --git a/cpp/common/test/rules/functiontemplatesexplicitlyspecialized_shared/FunctionTemplatesExplicitlySpecialized_shared.ql b/cpp/common/test/rules/functiontemplatesexplicitlyspecialized_shared/FunctionTemplatesExplicitlySpecialized_shared.ql new file mode 100644 index 0000000000..9301154455 --- /dev/null +++ b/cpp/common/test/rules/functiontemplatesexplicitlyspecialized_shared/FunctionTemplatesExplicitlySpecialized_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.functiontemplatesexplicitlyspecialized_shared.FunctionTemplatesExplicitlySpecialized_shared + +class TestFileQuery extends FunctionTemplatesExplicitlySpecialized_sharedSharedQuery, TestQuery { } diff --git a/cpp/autosar/test/rules/A14-8-2/test.cpp b/cpp/common/test/rules/functiontemplatesexplicitlyspecialized_shared/test.cpp similarity index 100% rename from cpp/autosar/test/rules/A14-8-2/test.cpp rename to cpp/common/test/rules/functiontemplatesexplicitlyspecialized_shared/test.cpp diff --git a/cpp/autosar/test/rules/M7-3-1/GlobalNamespaceMembershipViolation.expected b/cpp/common/test/rules/globalnamespacedeclarations_shared/GlobalNamespaceDeclarations_shared.expected similarity index 100% rename from cpp/autosar/test/rules/M7-3-1/GlobalNamespaceMembershipViolation.expected rename to cpp/common/test/rules/globalnamespacedeclarations_shared/GlobalNamespaceDeclarations_shared.expected diff --git a/cpp/common/test/rules/globalnamespacedeclarations_shared/GlobalNamespaceDeclarations_shared.ql b/cpp/common/test/rules/globalnamespacedeclarations_shared/GlobalNamespaceDeclarations_shared.ql new file mode 100644 index 0000000000..ea066bfd33 --- /dev/null +++ b/cpp/common/test/rules/globalnamespacedeclarations_shared/GlobalNamespaceDeclarations_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.globalnamespacedeclarations_shared.GlobalNamespaceDeclarations_shared + +class TestFileQuery extends GlobalNamespaceDeclarations_sharedSharedQuery, TestQuery { } diff --git a/cpp/autosar/test/rules/M7-3-1/test.cpp b/cpp/common/test/rules/globalnamespacedeclarations_shared/test.cpp similarity index 100% rename from cpp/autosar/test/rules/M7-3-1/test.cpp rename to cpp/common/test/rules/globalnamespacedeclarations_shared/test.cpp diff --git a/cpp/autosar/test/rules/A18-5-4/GlobalSizedOperatorDeleteNotDefined.expected b/cpp/common/test/rules/globalsizedoperatordeletenotdefined_shared/GlobalSizedOperatorDeleteNotDefined_shared.expected similarity index 100% rename from cpp/autosar/test/rules/A18-5-4/GlobalSizedOperatorDeleteNotDefined.expected rename to cpp/common/test/rules/globalsizedoperatordeletenotdefined_shared/GlobalSizedOperatorDeleteNotDefined_shared.expected diff --git a/cpp/common/test/rules/globalsizedoperatordeletenotdefined_shared/GlobalSizedOperatorDeleteNotDefined_shared.ql b/cpp/common/test/rules/globalsizedoperatordeletenotdefined_shared/GlobalSizedOperatorDeleteNotDefined_shared.ql new file mode 100644 index 0000000000..5fd76da92d --- /dev/null +++ b/cpp/common/test/rules/globalsizedoperatordeletenotdefined_shared/GlobalSizedOperatorDeleteNotDefined_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.globalsizedoperatordeletenotdefined_shared.GlobalSizedOperatorDeleteNotDefined_shared + +class TestFileQuery extends GlobalSizedOperatorDeleteNotDefined_sharedSharedQuery, TestQuery { } diff --git a/cpp/autosar/test/rules/A18-5-4/test.cpp b/cpp/common/test/rules/globalsizedoperatordeletenotdefined_shared/test.cpp similarity index 100% rename from cpp/autosar/test/rules/A18-5-4/test.cpp rename to cpp/common/test/rules/globalsizedoperatordeletenotdefined_shared/test.cpp diff --git a/c/misra/test/rules/RULE-7-3/cpp/LowercaseCharacterLUsedInLiteralSuffix.expected b/cpp/common/test/rules/globalunsizedoperatordeletenotdefined_shared/GlobalUnsizedOperatorDeleteNotDefined_shared.expected similarity index 100% rename from c/misra/test/rules/RULE-7-3/cpp/LowercaseCharacterLUsedInLiteralSuffix.expected rename to cpp/common/test/rules/globalunsizedoperatordeletenotdefined_shared/GlobalUnsizedOperatorDeleteNotDefined_shared.expected diff --git a/cpp/common/test/rules/globalunsizedoperatordeletenotdefined_shared/GlobalUnsizedOperatorDeleteNotDefined_shared.ql b/cpp/common/test/rules/globalunsizedoperatordeletenotdefined_shared/GlobalUnsizedOperatorDeleteNotDefined_shared.ql new file mode 100644 index 0000000000..8ea177a305 --- /dev/null +++ b/cpp/common/test/rules/globalunsizedoperatordeletenotdefined_shared/GlobalUnsizedOperatorDeleteNotDefined_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.globalunsizedoperatordeletenotdefined_shared.GlobalUnsizedOperatorDeleteNotDefined_shared + +class TestFileQuery extends GlobalUnsizedOperatorDeleteNotDefined_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/globalunsizedoperatordeletenotdefined_shared/test.cpp b/cpp/common/test/rules/globalunsizedoperatordeletenotdefined_shared/test.cpp new file mode 100644 index 0000000000..8f77a41637 --- /dev/null +++ b/cpp/common/test/rules/globalunsizedoperatordeletenotdefined_shared/test.cpp @@ -0,0 +1,3 @@ + +void operator delete(void *ptr) {} // NON_COMPLIANT +// void operator delete(void *ptr, std::size_t sz) {} diff --git a/cpp/common/test/rules/gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.expected b/cpp/common/test/rules/gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.expected new file mode 100644 index 0000000000..416f949eaa --- /dev/null +++ b/cpp/common/test/rules/gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.expected @@ -0,0 +1,2 @@ +| test.cpp:42:3:42:10 | goto ... | The goto statement and its $@ are not declared or enclosed in the same block. | test.cpp:46:3:46:5 | label ...: | label | +| test.cpp:57:5:57:12 | goto ... | The goto statement and its $@ are not declared or enclosed in the same block. | test.cpp:60:3:60:5 | label ...: | label | diff --git a/cpp/common/test/rules/gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.ql b/cpp/common/test/rules/gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.ql new file mode 100644 index 0000000000..f905b9a46c --- /dev/null +++ b/cpp/common/test/rules/gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.gotoreferencealabelinsurroundingblock_shared.GotoReferenceALabelInSurroundingBlock_shared + +class TestFileQuery extends GotoReferenceALabelInSurroundingBlock_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/gotoreferencealabelinsurroundingblock_shared/test.cpp b/cpp/common/test/rules/gotoreferencealabelinsurroundingblock_shared/test.cpp new file mode 100644 index 0000000000..07ebb4b13a --- /dev/null +++ b/cpp/common/test/rules/gotoreferencealabelinsurroundingblock_shared/test.cpp @@ -0,0 +1,87 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. +/*void f1() { + int i = 0; goto L1; + for (;i < 100; i++) { + L1: // NON_COMPLIANT - this is compiler checked + break; + } +}*/ + +void f2() { + int i = 0; + if (i >= 0) { + for (int j = 0; j < 10; j++) { + goto L2; + } + } +L2: // COMPLIANT + return; +} + +void f3() { + int i = 0; + if (i >= 0) { + for (int j = 0; j < 10; j++) { + goto L3; + L3: // COMPLIANT + break; + } + } +} + +void f4() { + int i = 0; +L4: // COMPLIANT + if (i >= 0) { + goto L4; + } +} + +void f5(int p) { + goto L1; + + switch (p) { + case 0: + L1:; // NON_COMPLIANT + break; + default: + break; + } +} + +void f6(int p) { + + switch (p) { + case 0: + goto L1; + break; + default: + L1: // NON_COMPLIANT + break; + } +} + +void f7(int p) { +L1: // COMPLIANT + switch (p) { + case 0: + goto L1; + break; + default: + break; + } +} + +void f8(int p) { + + switch (p) { + case 0: + goto L1; + ; + L1:; // COMPLIANT + break; + default: + break; + } +} diff --git a/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.expected b/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.expected index c1b2f35eda..9e9d81e62c 100644 --- a/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.expected +++ b/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.expected @@ -1,4 +1,4 @@ -| test.cpp:7:3:7:10 | goto ... | The $@ statement jumps to a $@ that is not declared later in the same function. | test.cpp:7:3:7:10 | goto ... | l1 | test.cpp:3:1:3:3 | label ...: | label ...: | -| test.cpp:19:3:19:10 | goto ... | The $@ statement jumps to a $@ that is not declared later in the same function. | test.cpp:19:3:19:10 | goto ... | l2 | test.cpp:15:1:15:3 | label ...: | label ...: | -| test.cpp:21:3:21:10 | goto ... | The $@ statement jumps to a $@ that is not declared later in the same function. | test.cpp:21:3:21:10 | goto ... | l1 | test.cpp:14:1:14:3 | label ...: | label ...: | -| test.cpp:26:3:26:10 | goto ... | The $@ statement jumps to a $@ that is not declared later in the same function. | test.cpp:26:3:26:10 | goto ... | l1 | test.cpp:25:1:25:3 | label ...: | label ...: | +| test.cpp:9:3:9:10 | goto ... | The $@ statement jumps to a $@ that is not declared later in the same function. | test.cpp:9:3:9:10 | goto ... | l1 | test.cpp:5:1:5:3 | label ...: | label ...: | +| test.cpp:21:3:21:10 | goto ... | The $@ statement jumps to a $@ that is not declared later in the same function. | test.cpp:21:3:21:10 | goto ... | l2 | test.cpp:17:1:17:3 | label ...: | label ...: | +| test.cpp:23:3:23:10 | goto ... | The $@ statement jumps to a $@ that is not declared later in the same function. | test.cpp:23:3:23:10 | goto ... | l1 | test.cpp:16:1:16:3 | label ...: | label ...: | +| test.cpp:28:3:28:10 | goto ... | The $@ statement jumps to a $@ that is not declared later in the same function. | test.cpp:28:3:28:10 | goto ... | l1 | test.cpp:27:1:27:3 | label ...: | label ...: | diff --git a/cpp/common/test/rules/gotostatementcondition/test.cpp b/cpp/common/test/rules/gotostatementcondition/test.cpp index 225c1b32f6..5854b21983 100644 --- a/cpp/common/test/rules/gotostatementcondition/test.cpp +++ b/cpp/common/test/rules/gotostatementcondition/test.cpp @@ -1,3 +1,5 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. void f1(int p1) { l1: diff --git a/cpp/common/test/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.expected b/cpp/common/test/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.expected new file mode 100644 index 0000000000..48547e3cca --- /dev/null +++ b/cpp/common/test/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.expected @@ -0,0 +1 @@ +| test.cpp:6:3:6:14 | goto ... | Use of goto. | diff --git a/cpp/common/test/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.ql b/cpp/common/test/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.ql new file mode 100644 index 0000000000..e7ae4fcebb --- /dev/null +++ b/cpp/common/test/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.gotostatementshouldnotbeused_shared.GotoStatementShouldNotBeUsed_shared + +class TestFileQuery extends GotoStatementShouldNotBeUsed_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/gotostatementshouldnotbeused_shared/test.cpp b/cpp/common/test/rules/gotostatementshouldnotbeused_shared/test.cpp new file mode 100644 index 0000000000..0763208625 --- /dev/null +++ b/cpp/common/test/rules/gotostatementshouldnotbeused_shared/test.cpp @@ -0,0 +1,11 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. +void test_goto() { + int x = 1; + + goto label1; // NON_COMPLIANT + +label1: + + x = 2; +} \ No newline at end of file diff --git a/cpp/autosar/test/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.expected b/cpp/common/test/rules/hiddeninheritednonoverridablememberfunction_shared/HiddenInheritedNonOverridableMemberFunction_shared.expected similarity index 100% rename from cpp/autosar/test/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.expected rename to cpp/common/test/rules/hiddeninheritednonoverridablememberfunction_shared/HiddenInheritedNonOverridableMemberFunction_shared.expected diff --git a/cpp/common/test/rules/hiddeninheritednonoverridablememberfunction_shared/HiddenInheritedNonOverridableMemberFunction_shared.ql b/cpp/common/test/rules/hiddeninheritednonoverridablememberfunction_shared/HiddenInheritedNonOverridableMemberFunction_shared.ql new file mode 100644 index 0000000000..5e440a4f92 --- /dev/null +++ b/cpp/common/test/rules/hiddeninheritednonoverridablememberfunction_shared/HiddenInheritedNonOverridableMemberFunction_shared.ql @@ -0,0 +1,5 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.hiddeninheritednonoverridablememberfunction_shared.HiddenInheritedNonOverridableMemberFunction_shared + +class TestFileQuery extends HiddenInheritedNonOverridableMemberFunction_sharedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/hiddeninheritednonoverridablememberfunction_shared/test.cpp b/cpp/common/test/rules/hiddeninheritednonoverridablememberfunction_shared/test.cpp new file mode 100644 index 0000000000..c0904238c3 --- /dev/null +++ b/cpp/common/test/rules/hiddeninheritednonoverridablememberfunction_shared/test.cpp @@ -0,0 +1,94 @@ +struct S1 { + int i; +}; + +class C1 { +public: + void f1(int); + + virtual void f2(int); + virtual void f2(double); + virtual void f2(S1); + +private: + void f3(int); + void f4(int); +}; + +class C2 : public C1 { +public: + void f1(double); // NON_COMPLIANT + + void f2(double) override; // NON_COMPLIANT +}; + +class C3 : public C1 { +public: + void f2(char *); // NON_COMPLIANT +}; + +class C4 : public C1 { +public: + using C1::f1; + void f1(double); // COMPLIANT + + using C1::f2; + void f2(double) override; // COMPLIANT +}; + +namespace ns1 { +void f1(int); +} + +using ns1::f1; + +namespace ns1 { +void f1(double); // NON_COMPLIANT +} + +void f1() { + C2 l1; + l1.f1(0); // calls C2::f1(double) instead of C1::f1(int) + l1.f2(0); // calls C2::f2(double) instead of C1::f2(int) + // S1 s1; + // l1.f2(s1); Won't compile because there is no suitable conversion from S1 to + // double. + C1 &l2{l1}; + l2.f1(0); // calls C1::f1(int) + + C4 l3; + l3.f1(0); // calls C1::f1(int) + l3.f1(0.0); // calls C3::f1(double) + l3.f2(0); // calls C1::f2(int) + l3.f2(0.0); // calls C3::f2(double) + S1 l4; + l3.f2(l4); // calls C1:f2(S1) +} + +class C5 : public C1 { +public: + void f1(double); // COMPLIANT + using C1::f1; // order of using and f1 declaration is not relevant + + void f2(double) override; // COMPLIANT + using C1::f2; // order of using and f2 declaration is not relevant +}; + +void f2() { + C5 c5; + c5.f1(0); // calls C1::f1(int) + c5.f1(0.0); // calls C5::f1(double) + c5.f2(0); // calls C1::f2(int) + c5.f2(0.0); // calls C5::f2(double) +} + +class C6 : public C1 { +public: + C6 &operator=(const C6 &); // COMPLIANT +}; + +class C7 : public C1 { + void f3(int); // COMPLIANT + + void f4(int); // COMPLIANT +}; \ No newline at end of file diff --git a/cpp/autosar/test/rules/A7-3-1/HiddenInheritedOverridableMemberFunction.expected b/cpp/common/test/rules/hiddeninheritedoverridablememberfunction_shared/HiddenInheritedOverridableMemberFunction_shared.expected similarity index 100% rename from cpp/autosar/test/rules/A7-3-1/HiddenInheritedOverridableMemberFunction.expected rename to cpp/common/test/rules/hiddeninheritedoverridablememberfunction_shared/HiddenInheritedOverridableMemberFunction_shared.expected diff --git a/cpp/common/test/rules/hiddeninheritedoverridablememberfunction_shared/HiddenInheritedOverridableMemberFunction_shared.ql b/cpp/common/test/rules/hiddeninheritedoverridablememberfunction_shared/HiddenInheritedOverridableMemberFunction_shared.ql new file mode 100644 index 0000000000..a8fd6220e8 --- /dev/null +++ b/cpp/common/test/rules/hiddeninheritedoverridablememberfunction_shared/HiddenInheritedOverridableMemberFunction_shared.ql @@ -0,0 +1,5 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.hiddeninheritedoverridablememberfunction_shared.HiddenInheritedOverridableMemberFunction_shared + +class TestFileQuery extends HiddenInheritedOverridableMemberFunction_sharedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/hiddeninheritedoverridablememberfunction_shared/test.cpp b/cpp/common/test/rules/hiddeninheritedoverridablememberfunction_shared/test.cpp new file mode 100644 index 0000000000..c0904238c3 --- /dev/null +++ b/cpp/common/test/rules/hiddeninheritedoverridablememberfunction_shared/test.cpp @@ -0,0 +1,94 @@ +struct S1 { + int i; +}; + +class C1 { +public: + void f1(int); + + virtual void f2(int); + virtual void f2(double); + virtual void f2(S1); + +private: + void f3(int); + void f4(int); +}; + +class C2 : public C1 { +public: + void f1(double); // NON_COMPLIANT + + void f2(double) override; // NON_COMPLIANT +}; + +class C3 : public C1 { +public: + void f2(char *); // NON_COMPLIANT +}; + +class C4 : public C1 { +public: + using C1::f1; + void f1(double); // COMPLIANT + + using C1::f2; + void f2(double) override; // COMPLIANT +}; + +namespace ns1 { +void f1(int); +} + +using ns1::f1; + +namespace ns1 { +void f1(double); // NON_COMPLIANT +} + +void f1() { + C2 l1; + l1.f1(0); // calls C2::f1(double) instead of C1::f1(int) + l1.f2(0); // calls C2::f2(double) instead of C1::f2(int) + // S1 s1; + // l1.f2(s1); Won't compile because there is no suitable conversion from S1 to + // double. + C1 &l2{l1}; + l2.f1(0); // calls C1::f1(int) + + C4 l3; + l3.f1(0); // calls C1::f1(int) + l3.f1(0.0); // calls C3::f1(double) + l3.f2(0); // calls C1::f2(int) + l3.f2(0.0); // calls C3::f2(double) + S1 l4; + l3.f2(l4); // calls C1:f2(S1) +} + +class C5 : public C1 { +public: + void f1(double); // COMPLIANT + using C1::f1; // order of using and f1 declaration is not relevant + + void f2(double) override; // COMPLIANT + using C1::f2; // order of using and f2 declaration is not relevant +}; + +void f2() { + C5 c5; + c5.f1(0); // calls C1::f1(int) + c5.f1(0.0); // calls C5::f1(double) + c5.f2(0); // calls C1::f2(int) + c5.f2(0.0); // calls C5::f2(double) +} + +class C6 : public C1 { +public: + C6 &operator=(const C6 &); // COMPLIANT +}; + +class C7 : public C1 { + void f3(int); // COMPLIANT + + void f4(int); // COMPLIANT +}; \ No newline at end of file diff --git a/cpp/autosar/test/rules/A12-1-1/ExplicitConstructorBaseClassInitialization.expected b/cpp/common/test/rules/initializeallvirtualbaseclasses_shared/InitializeAllVirtualBaseClasses_shared.expected similarity index 100% rename from cpp/autosar/test/rules/A12-1-1/ExplicitConstructorBaseClassInitialization.expected rename to cpp/common/test/rules/initializeallvirtualbaseclasses_shared/InitializeAllVirtualBaseClasses_shared.expected diff --git a/cpp/common/test/rules/initializeallvirtualbaseclasses_shared/InitializeAllVirtualBaseClasses_shared.ql b/cpp/common/test/rules/initializeallvirtualbaseclasses_shared/InitializeAllVirtualBaseClasses_shared.ql new file mode 100644 index 0000000000..6ef0476388 --- /dev/null +++ b/cpp/common/test/rules/initializeallvirtualbaseclasses_shared/InitializeAllVirtualBaseClasses_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.initializeallvirtualbaseclasses_shared.InitializeAllVirtualBaseClasses_shared + +class TestFileQuery extends InitializeAllVirtualBaseClasses_sharedSharedQuery, TestQuery { } diff --git a/cpp/autosar/test/rules/A12-1-1/test.cpp b/cpp/common/test/rules/initializeallvirtualbaseclasses_shared/test.cpp similarity index 100% rename from cpp/autosar/test/rules/A12-1-1/test.cpp rename to cpp/common/test/rules/initializeallvirtualbaseclasses_shared/test.cpp diff --git a/cpp/autosar/test/rules/A8-5-4/ConfusingUseOfInitializerListConstructors.expected b/cpp/common/test/rules/initializerlistconstructoristheonlyconstructor_shared/InitializerListConstructorIsTheOnlyConstructor_shared.expected similarity index 100% rename from cpp/autosar/test/rules/A8-5-4/ConfusingUseOfInitializerListConstructors.expected rename to cpp/common/test/rules/initializerlistconstructoristheonlyconstructor_shared/InitializerListConstructorIsTheOnlyConstructor_shared.expected diff --git a/cpp/common/test/rules/initializerlistconstructoristheonlyconstructor_shared/InitializerListConstructorIsTheOnlyConstructor_shared.ql b/cpp/common/test/rules/initializerlistconstructoristheonlyconstructor_shared/InitializerListConstructorIsTheOnlyConstructor_shared.ql new file mode 100644 index 0000000000..d2b4aa6c89 --- /dev/null +++ b/cpp/common/test/rules/initializerlistconstructoristheonlyconstructor_shared/InitializerListConstructorIsTheOnlyConstructor_shared.ql @@ -0,0 +1,6 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.initializerlistconstructoristheonlyconstructor_shared.InitializerListConstructorIsTheOnlyConstructor_shared + +class TestFileQuery extends InitializerListConstructorIsTheOnlyConstructor_sharedSharedQuery, + TestQuery +{ } diff --git a/cpp/autosar/test/rules/A8-5-4/test.cpp b/cpp/common/test/rules/initializerlistconstructoristheonlyconstructor_shared/test.cpp similarity index 100% rename from cpp/autosar/test/rules/A8-5-4/test.cpp rename to cpp/common/test/rules/initializerlistconstructoristheonlyconstructor_shared/test.cpp diff --git a/cpp/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.expected b/cpp/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.expected new file mode 100644 index 0000000000..9a39d3a88d --- /dev/null +++ b/cpp/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.expected @@ -0,0 +1,6 @@ +| test.cpp:21:14:21:19 | tmpvar | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.cpp:13:12:13:17 | call to getenv | call to getenv | test.cpp:17:13:17:18 | call to getenv | call to getenv | +| test.cpp:134:14:134:17 | temp | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.cpp:130:12:130:17 | call to getenv | call to getenv | test.cpp:131:11:131:16 | call to getenv | call to getenv | +| test.cpp:134:20:134:22 | tmp | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.cpp:131:11:131:16 | call to getenv | call to getenv | test.cpp:130:12:130:17 | call to getenv | call to getenv | +| test.cpp:165:14:165:26 | tmpvar_global | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.cpp:157:19:157:24 | call to getenv | call to getenv | test.cpp:161:20:161:25 | call to getenv | call to getenv | +| test.cpp:188:18:188:18 | r | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.cpp:185:7:185:15 | call to setlocale | call to setlocale | test.cpp:187:8:187:17 | call to localeconv | call to localeconv | +| test.cpp:208:10:208:15 | tmpvar | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.cpp:202:12:202:17 | call to getenv | call to getenv | test.cpp:206:3:206:8 | call to f11fun | call to f11fun | diff --git a/cpp/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.ql b/cpp/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.ql new file mode 100644 index 0000000000..b82c43333a --- /dev/null +++ b/cpp/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.invalidatedenvstringpointers.InvalidatedEnvStringPointers + +class TestFileQuery extends InvalidatedEnvStringPointersSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/invalidatedenvstringpointers/test.cpp b/cpp/common/test/rules/invalidatedenvstringpointers/test.cpp new file mode 100644 index 0000000000..74e3d1b8f5 --- /dev/null +++ b/cpp/common/test/rules/invalidatedenvstringpointers/test.cpp @@ -0,0 +1,209 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. +#include +#include +#include +#include +#include + +void f1(void) { + char *tmpvar; + char *tempvar; + + tmpvar = getenv("TMP"); + if (!tmpvar) { + /* Handle error */ + } + tempvar = getenv("TEMP"); + if (!tempvar) { + /* Handle error */ + } + if (strcmp(tmpvar, tempvar) == 0) { // NON_COMPLIANT + printf("TMP and TEMP are the same.\n"); + } else { + printf("TMP and TEMP are NOT the same.\n"); + } +} + +void f2(void) { + char *tmpvar; + char *tempvar; + + const char *temp = getenv("TMP"); + if (temp != NULL) { + tmpvar = (char *)malloc(strlen(temp) + 1); + if (tmpvar != NULL) { + strcpy(tmpvar, temp); + } else { + /* Handle error */ + } + } else { + /* Handle error */ + } + + temp = getenv("TEMP"); + if (temp != NULL) { + tempvar = (char *)malloc(strlen(temp) + 1); + if (tempvar != NULL) { + strcpy(tempvar, temp); + } else { + /* Handle error */ + } + } else { + /* Handle error */ + } + + if (strcmp(tmpvar, tempvar) == 0) { // COMPLIANT + printf("TMP and TEMP are the same.\n"); + } else { + printf("TMP and TEMP are NOT the same.\n"); + } + free(tmpvar); + free(tempvar); +} + +#define __STDC_WANT_LIB_EXT1__ 1 + +void f3(void) { + char *tmpvar; + char *tempvar; + + const char *temp = getenv("TMP"); + if (temp != NULL) { + tmpvar = strdup(temp); + if (tmpvar == NULL) { + /* Handle error */ + } + } else { + /* Handle error */ + } + + temp = getenv("TEMP"); + if (temp != NULL) { + tempvar = strdup(temp); + if (tempvar == NULL) { + /* Handle error */ + } + } else { + /* Handle error */ + } + + if (strcmp(tmpvar, tempvar) == 0) { // COMPLIANT + printf("TMP and TEMP are the same.\n"); + } else { + printf("TMP and TEMP are NOT the same.\n"); + } + free(tmpvar); + tmpvar = NULL; + free(tempvar); + tempvar = NULL; +} + +void f4(void) { + char *temp = getenv("VAR1"); + printf(temp); + temp = getenv("VAR2"); + printf(temp); // COMPLIANT +} + +void f5(void) { + const char *envVars[] = { + "v1", + "v2", + "v3", + }; + for (int i = 0; i < 3; i++) { + char *temp = getenv(envVars[i]); + printf(temp); // COMPLIANT + } +} + +void f5b(void) { + const char *envVars[] = { + "v1", + "v2", + "v3", + }; + char *temp; + char *tmp; + for (int i = 0; i < 3; i++) { + temp = getenv(envVars[i]); + tmp = getenv(envVars[i]); + } + + if (strcmp(temp, tmp) == 0) { // NON_COMPLIANT + printf("TMP and TEMP are the same.\n"); + } else { + printf("TMP and TEMP are NOT the same.\n"); + } +} + +void f6(void) { + const char *envVars[] = { + "v1", + "v2", + "v3", + }; + char *temp[3]; + for (int i = 0; i < 3; i++) { + temp[i] = getenv(envVars[i]); + } + printf(temp[0]); // NON_COMPLIANT[FALSE_NEGATIVE] +} + +char *tmpvar_global; +char *tempvar_global; +void f7(void) { + tmpvar_global = getenv("TMP"); + if (!tmpvar_global) { + /* Handle error */ + } + tempvar_global = getenv("TEMP"); + if (!tempvar_global) { + /* Handle error */ + } + if (strcmp(tmpvar_global, tempvar_global) == 0) { // NON_COMPLIANT + printf("TMP and TEMP are the same.\n"); + } else { + printf("TMP and TEMP are NOT the same.\n"); + } +} + +extern void f8fun(); +void f8(void) { + char *temp = getenv("VAR1"); + printf(temp); + f8fun(); // this function might call getenv() + temp = getenv("VAR2"); + printf(temp); // NON_COMPLIANT[FALSE_NEGATIVE] +} + +void f9(void) { + const char *r; + struct lconv *lc; + char c[128]; + r = setlocale(LC_ALL, "ja_JP.UTF-8"); + strcpy(c, r); + lc = localeconv(); + printf("%s\n", r); // NON_COMPLIANT + printf("%s\n", c); // COMPLIANT + printf("%s\n", lc->currency_symbol); // COMPLIANT +} + +void f10(void) { + struct tm tm = *localtime(&(time_t){time(NULL)}); + printf("%s", asctime(&tm)); // COMPLIANT +} + +void f11fun(void) { char *tempvar = getenv("TEMP"); } +void f11(void) { + char *tmpvar; + + tmpvar = getenv("TMP"); + if (!tmpvar) { + /* Handle error */ + } + f11fun(); + + printf(tmpvar); // NON_COMPLIANT +} diff --git a/cpp/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.expected b/cpp/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.expected new file mode 100644 index 0000000000..9061fcfbc4 --- /dev/null +++ b/cpp/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.expected @@ -0,0 +1,2 @@ +| test.cpp:15:19:15:24 | call to getenv | The value of variable $@ might become invalid after a subsequent call to function `getenv`. | test.cpp:12:7:12:19 | tmpvar_global | tmpvar_global | +| test.cpp:18:20:18:25 | call to getenv | The value of variable $@ might become invalid after a subsequent call to function `getenv`. | test.cpp:9:9:9:20 | tmpvar_field | tmpvar_field | diff --git a/cpp/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.ql b/cpp/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.ql new file mode 100644 index 0000000000..7a56af210d --- /dev/null +++ b/cpp/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.invalidatedenvstringpointerswarn.InvalidatedEnvStringPointersWarn + +class TestFileQuery extends InvalidatedEnvStringPointersWarnSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/invalidatedenvstringpointerswarn/test.cpp b/cpp/common/test/rules/invalidatedenvstringpointerswarn/test.cpp new file mode 100644 index 0000000000..5001e538a1 --- /dev/null +++ b/cpp/common/test/rules/invalidatedenvstringpointerswarn/test.cpp @@ -0,0 +1,21 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. +#include +#include +#include +#include + +struct test_struct { + char *tmpvar_field; +}; + +char *tmpvar_global; + +void f1(void) { + tmpvar_global = getenv("TMP"); // NON_COMPLIANT + + struct test_struct s; + s.tmpvar_field = getenv("TEMP"); // NON_COMPLIANT + + char *tmpvar_local = getenv("TEMP"); // COMPLIANT +} diff --git a/cpp/autosar/test/rules/A2-7-1/SingleLineCommentEndsWithSlash.expected b/cpp/common/test/rules/linesplicingusedincomments_shared/LineSplicingUsedInComments_shared.expected similarity index 100% rename from cpp/autosar/test/rules/A2-7-1/SingleLineCommentEndsWithSlash.expected rename to cpp/common/test/rules/linesplicingusedincomments_shared/LineSplicingUsedInComments_shared.expected diff --git a/cpp/common/test/rules/linesplicingusedincomments_shared/LineSplicingUsedInComments_shared.ql b/cpp/common/test/rules/linesplicingusedincomments_shared/LineSplicingUsedInComments_shared.ql new file mode 100644 index 0000000000..f10ee1f3ad --- /dev/null +++ b/cpp/common/test/rules/linesplicingusedincomments_shared/LineSplicingUsedInComments_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.linesplicingusedincomments_shared.LineSplicingUsedInComments_shared + +class TestFileQuery extends LineSplicingUsedInComments_sharedSharedQuery, TestQuery { } diff --git a/cpp/autosar/test/rules/A2-7-1/test.cpp b/cpp/common/test/rules/linesplicingusedincomments_shared/test.cpp similarity index 100% rename from cpp/autosar/test/rules/A2-7-1/test.cpp rename to cpp/common/test/rules/linesplicingusedincomments_shared/test.cpp diff --git a/cpp/autosar/test/rules/M6-3-1/LoopCompoundCondition.expected b/cpp/common/test/rules/loopcompoundcondition_shared/LoopCompoundCondition_shared.expected similarity index 100% rename from cpp/autosar/test/rules/M6-3-1/LoopCompoundCondition.expected rename to cpp/common/test/rules/loopcompoundcondition_shared/LoopCompoundCondition_shared.expected diff --git a/cpp/common/test/rules/loopcompoundcondition_shared/LoopCompoundCondition_shared.ql b/cpp/common/test/rules/loopcompoundcondition_shared/LoopCompoundCondition_shared.ql new file mode 100644 index 0000000000..7ca1d2643e --- /dev/null +++ b/cpp/common/test/rules/loopcompoundcondition_shared/LoopCompoundCondition_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.loopcompoundcondition_shared.LoopCompoundCondition_shared + +class TestFileQuery extends LoopCompoundCondition_sharedSharedQuery, TestQuery { } diff --git a/cpp/autosar/test/rules/M6-3-1/test.cpp b/cpp/common/test/rules/loopcompoundcondition_shared/test.cpp similarity index 100% rename from cpp/autosar/test/rules/M6-3-1/test.cpp rename to cpp/common/test/rules/loopcompoundcondition_shared/test.cpp diff --git a/cpp/common/test/rules/lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.expected b/cpp/common/test/rules/lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.expected new file mode 100644 index 0000000000..545b6d3441 --- /dev/null +++ b/cpp/common/test/rules/lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.expected @@ -0,0 +1,16 @@ +| test.cpp:5:10:5:11 | 0 | Lowercase 'l' used as a literal suffix. | +| test.cpp:6:10:6:12 | 0 | Lowercase 'l' used as a literal suffix. | +| test.cpp:9:10:9:12 | 0 | Lowercase 'l' used as a literal suffix. | +| test.cpp:10:10:10:12 | 0 | Lowercase 'l' used as a literal suffix. | +| test.cpp:15:11:15:12 | 0 | Lowercase 'l' used as a literal suffix. | +| test.cpp:16:11:16:13 | 0 | Lowercase 'l' used as a literal suffix. | +| test.cpp:19:11:19:13 | 0 | Lowercase 'l' used as a literal suffix. | +| test.cpp:20:11:20:13 | 0 | Lowercase 'l' used as a literal suffix. | +| test.cpp:25:10:25:14 | 1 | Lowercase 'l' used as a literal suffix. | +| test.cpp:26:10:26:15 | 1 | Lowercase 'l' used as a literal suffix. | +| test.cpp:29:10:29:15 | 1 | Lowercase 'l' used as a literal suffix. | +| test.cpp:30:10:30:15 | 1 | Lowercase 'l' used as a literal suffix. | +| test.cpp:35:11:35:14 | 1 | Lowercase 'l' used as a literal suffix. | +| test.cpp:36:11:36:15 | 1 | Lowercase 'l' used as a literal suffix. | +| test.cpp:39:11:39:15 | 1 | Lowercase 'l' used as a literal suffix. | +| test.cpp:40:11:40:15 | 1 | Lowercase 'l' used as a literal suffix. | diff --git a/cpp/common/test/rules/lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.ql b/cpp/common/test/rules/lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.ql new file mode 100644 index 0000000000..8d7d9f0be8 --- /dev/null +++ b/cpp/common/test/rules/lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.lowercaselstartsinliteralsuffix_shared.LowercaseLStartsInLiteralSuffix_shared + +class TestFileQuery extends LowercaseLStartsInLiteralSuffix_sharedSharedQuery, TestQuery { } diff --git a/c/misra/test/rules/RULE-7-3/cpp/README.md b/cpp/common/test/rules/lowercaselstartsinliteralsuffix_shared/README.md similarity index 100% rename from c/misra/test/rules/RULE-7-3/cpp/README.md rename to cpp/common/test/rules/lowercaselstartsinliteralsuffix_shared/README.md diff --git a/c/misra/test/rules/RULE-7-3/test.c b/cpp/common/test/rules/lowercaselstartsinliteralsuffix_shared/test.cpp similarity index 86% rename from c/misra/test/rules/RULE-7-3/test.c rename to cpp/common/test/rules/lowercaselstartsinliteralsuffix_shared/test.cpp index 5e1c448926..6cbff873ee 100644 --- a/c/misra/test/rules/RULE-7-3/test.c +++ b/cpp/common/test/rules/lowercaselstartsinliteralsuffix_shared/test.cpp @@ -1,4 +1,6 @@ - +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. +int x = false; // COMPLIANT - reported as FP in #319 int a1 = 0L; // COMPLIANT int a2 = 0l; // NON_COMPLIANT int a3 = 0ll; // NON_COMPLIANT diff --git a/cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.expected b/cpp/common/test/rules/macrooffsetofused_shared/MacroOffsetofUsed.expected similarity index 100% rename from cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.expected rename to cpp/common/test/rules/macrooffsetofused_shared/MacroOffsetofUsed.expected diff --git a/cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.expected.gcc b/cpp/common/test/rules/macrooffsetofused_shared/MacroOffsetofUsed.expected.gcc similarity index 100% rename from cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.expected.gcc rename to cpp/common/test/rules/macrooffsetofused_shared/MacroOffsetofUsed.expected.gcc diff --git a/cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.expected.qcc b/cpp/common/test/rules/macrooffsetofused_shared/MacroOffsetofUsed.expected.qcc similarity index 100% rename from cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.expected.qcc rename to cpp/common/test/rules/macrooffsetofused_shared/MacroOffsetofUsed.expected.qcc diff --git a/cpp/common/test/rules/macrooffsetofused_shared/MacroOffsetofUsed_shared.expected b/cpp/common/test/rules/macrooffsetofused_shared/MacroOffsetofUsed_shared.expected new file mode 100644 index 0000000000..88647b9f36 --- /dev/null +++ b/cpp/common/test/rules/macrooffsetofused_shared/MacroOffsetofUsed_shared.expected @@ -0,0 +1 @@ +| test.cpp:9:32:9:51 | offsetof(t,d) | Use of banned macro offsetof. | diff --git a/cpp/common/test/rules/macrooffsetofused_shared/MacroOffsetofUsed_shared.ql b/cpp/common/test/rules/macrooffsetofused_shared/MacroOffsetofUsed_shared.ql new file mode 100644 index 0000000000..b1e69f5a8a --- /dev/null +++ b/cpp/common/test/rules/macrooffsetofused_shared/MacroOffsetofUsed_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.macrooffsetofused_shared.MacroOffsetofUsed_shared + +class TestFileQuery extends MacroOffsetofUsed_sharedSharedQuery, TestQuery { } diff --git a/cpp/autosar/test/rules/M18-2-1/test.cpp b/cpp/common/test/rules/macrooffsetofused_shared/test.cpp similarity index 100% rename from cpp/autosar/test/rules/M18-2-1/test.cpp rename to cpp/common/test/rules/macrooffsetofused_shared/test.cpp diff --git a/cpp/common/test/rules/macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.expected b/cpp/common/test/rules/macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.expected new file mode 100644 index 0000000000..6a3d5c5da7 --- /dev/null +++ b/cpp/common/test/rules/macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.expected @@ -0,0 +1 @@ +| test.cpp:27:1:27:29 | #define MACROTHIRTEEN(X) #X ## X | Macro definition uses an # operator followed by a ## operator. | diff --git a/cpp/common/test/rules/macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.ql b/cpp/common/test/rules/macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.ql new file mode 100644 index 0000000000..8c3dd270d0 --- /dev/null +++ b/cpp/common/test/rules/macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.macroparameterfollowinghash_shared.MacroParameterFollowingHash_shared + +class TestFileQuery extends MacroParameterFollowingHash_sharedSharedQuery, TestQuery { } diff --git a/c/misra/test/rules/RULE-20-11/test.c b/cpp/common/test/rules/macroparameterfollowinghash_shared/test.cpp similarity index 83% rename from c/misra/test/rules/RULE-20-11/test.c rename to cpp/common/test/rules/macroparameterfollowinghash_shared/test.cpp index ad2c205970..5e6f187445 100644 --- a/c/misra/test/rules/RULE-20-11/test.c +++ b/cpp/common/test/rules/macroparameterfollowinghash_shared/test.cpp @@ -1,3 +1,5 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. #define MACROONE 1 // COMPLIANT #define MACROTWO '#\'-#' + '#' // COMPLIANT diff --git a/cpp/common/test/rules/memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.expected b/cpp/common/test/rules/memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.expected new file mode 100644 index 0000000000..54c8ee481b --- /dev/null +++ b/cpp/common/test/rules/memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.expected @@ -0,0 +1,6 @@ +| test.cpp:8:12:8:18 | ... + ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.cpp:8:12:8:13 | l1 | side effect | test.cpp:8:17:8:18 | l1 | side effect | test.cpp:8:12:8:13 | l1 | l1 | test.cpp:8:17:8:18 | l1 | l1 | +| test.cpp:9:12:9:18 | ... + ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.cpp:9:12:9:13 | l1 | side effect | test.cpp:9:17:9:18 | l2 | side effect | test.cpp:9:12:9:13 | l1 | l1 | test.cpp:9:17:9:18 | l2 | l2 | +| test.cpp:19:3:19:21 | ... = ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.cpp:19:8:19:9 | l1 | side effect | test.cpp:19:13:19:14 | l1 | side effect | test.cpp:19:8:19:9 | l1 | l1 | test.cpp:19:13:19:14 | l1 | l1 | +| test.cpp:21:3:21:5 | call to foo | The expression contains unsequenced $@ to $@ and $@ to $@. | test.cpp:21:7:21:8 | l1 | side effect | test.cpp:21:11:21:12 | l2 | side effect | test.cpp:21:7:21:8 | l1 | l1 | test.cpp:21:11:21:12 | l2 | l2 | +| test.cpp:27:3:27:5 | call to foo | The expression contains unsequenced $@ to $@ and $@ to $@. | test.cpp:27:7:27:10 | ... ++ | side effect | test.cpp:27:13:27:14 | l8 | read | test.cpp:27:7:27:8 | l8 | l8 | test.cpp:27:13:27:14 | l8 | l8 | +| test.cpp:37:5:37:13 | ... = ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.cpp:37:10:37:12 | ... ++ | side effect | test.cpp:37:10:37:12 | ... ++ | side effect | test.cpp:37:10:37:10 | i | i | test.cpp:37:10:37:10 | i | i | diff --git a/cpp/common/test/rules/memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.ql b/cpp/common/test/rules/memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.ql new file mode 100644 index 0000000000..e49f82c8fd --- /dev/null +++ b/cpp/common/test/rules/memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.ql @@ -0,0 +1,5 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.memoryoperationsnotsequencedappropriately_shared.MemoryOperationsNotSequencedAppropriately_shared + +class TestFileQuery extends MemoryOperationsNotSequencedAppropriately_sharedSharedQuery, TestQuery { +} diff --git a/c/misra/test/rules/RULE-13-2/test.c b/cpp/common/test/rules/memoryoperationsnotsequencedappropriately_shared/test.cpp similarity index 86% rename from c/misra/test/rules/RULE-13-2/test.c rename to cpp/common/test/rules/memoryoperationsnotsequencedappropriately_shared/test.cpp index 1bebec3775..427555d735 100644 --- a/c/misra/test/rules/RULE-13-2/test.c +++ b/cpp/common/test/rules/memoryoperationsnotsequencedappropriately_shared/test.cpp @@ -1,3 +1,5 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. void foo(int, int); void unsequenced_sideeffects1() { @@ -27,7 +29,7 @@ void unsequenced_sideeffects1() { int l10 = l8++, l11 = l8++; // COMPLIANT } -int g1[], g2[]; +int g1[10], g2[10]; #define test(i) (g1[i] = g2[i]) void unsequenced_sideeffects2() { int i; diff --git a/cpp/autosar/test/rules/M8-0-1/MultipleGlobalOrMemberDeclarators.expected b/cpp/common/test/rules/multipleglobalormemberdeclarators_shared/MultipleGlobalOrMemberDeclarators_shared.expected similarity index 100% rename from cpp/autosar/test/rules/M8-0-1/MultipleGlobalOrMemberDeclarators.expected rename to cpp/common/test/rules/multipleglobalormemberdeclarators_shared/MultipleGlobalOrMemberDeclarators_shared.expected diff --git a/cpp/common/test/rules/multipleglobalormemberdeclarators_shared/MultipleGlobalOrMemberDeclarators_shared.ql b/cpp/common/test/rules/multipleglobalormemberdeclarators_shared/MultipleGlobalOrMemberDeclarators_shared.ql new file mode 100644 index 0000000000..061e572c73 --- /dev/null +++ b/cpp/common/test/rules/multipleglobalormemberdeclarators_shared/MultipleGlobalOrMemberDeclarators_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.multipleglobalormemberdeclarators_shared.MultipleGlobalOrMemberDeclarators_shared + +class TestFileQuery extends MultipleGlobalOrMemberDeclarators_sharedSharedQuery, TestQuery { } diff --git a/cpp/autosar/test/rules/M8-0-1/test.cpp b/cpp/common/test/rules/multipleglobalormemberdeclarators_shared/test.cpp similarity index 100% rename from cpp/autosar/test/rules/M8-0-1/test.cpp rename to cpp/common/test/rules/multipleglobalormemberdeclarators_shared/test.cpp diff --git a/cpp/autosar/test/rules/M8-0-1/MultipleLocalDeclarators.expected b/cpp/common/test/rules/multiplelocaldeclarators_shared/MultipleLocalDeclarators_shared.expected similarity index 100% rename from cpp/autosar/test/rules/M8-0-1/MultipleLocalDeclarators.expected rename to cpp/common/test/rules/multiplelocaldeclarators_shared/MultipleLocalDeclarators_shared.expected diff --git a/cpp/common/test/rules/multiplelocaldeclarators_shared/MultipleLocalDeclarators_shared.ql b/cpp/common/test/rules/multiplelocaldeclarators_shared/MultipleLocalDeclarators_shared.ql new file mode 100644 index 0000000000..b578fb7eca --- /dev/null +++ b/cpp/common/test/rules/multiplelocaldeclarators_shared/MultipleLocalDeclarators_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.multiplelocaldeclarators_shared.MultipleLocalDeclarators_shared + +class TestFileQuery extends MultipleLocalDeclarators_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/multiplelocaldeclarators_shared/test.cpp b/cpp/common/test/rules/multiplelocaldeclarators_shared/test.cpp new file mode 100644 index 0000000000..cf664e4b34 --- /dev/null +++ b/cpp/common/test/rules/multiplelocaldeclarators_shared/test.cpp @@ -0,0 +1,24 @@ +int g1, g2; // NON_COMPLIANT +int g3; // COMPLIANT + +namespace n1 { +int n_v1, n_v2; // NON_COMPLIANT +int n_v3; // COMPLIANT +} // namespace n1 + +void f() { + int l1, l2; // NON_COMPLIANT + int l3; // COMPLIANT +} + +class ClassA { + int m1, m2; // NON_COMPLIANT + int m3; // COMPLIANT +}; + +#include +void test_loop(std::vector v) { + for (const auto b : v) { // COMPLIANT - DeclStmt is compiler generated + b; + } +} \ No newline at end of file diff --git a/cpp/common/test/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.expected b/cpp/common/test/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.expected new file mode 100644 index 0000000000..8ddc10e90c --- /dev/null +++ b/cpp/common/test/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.expected @@ -0,0 +1,5 @@ +| test.cpp:6:7:6:8 | x1 | A named bit-field with signed integral type should have at least 2 bits of storage. | +| test.cpp:9:14:9:15 | x2 | A named bit-field with signed integral type should have at least 2 bits of storage. | +| test.cpp:11:7:11:8 | x3 | A named bit-field with signed integral type should have at least 2 bits of storage. | +| test.cpp:13:7:13:8 | x4 | A named bit-field with signed integral type should have at least 2 bits of storage. | +| test.cpp:22:14:22:14 | x | A named bit-field with signed integral type should have at least 2 bits of storage. | diff --git a/cpp/common/test/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.ql b/cpp/common/test/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.ql new file mode 100644 index 0000000000..09b98ff226 --- /dev/null +++ b/cpp/common/test/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.namedbitfieldswithsignedintegertype_shared.NamedBitFieldsWithSignedIntegerType_shared + +class TestFileQuery extends NamedBitFieldsWithSignedIntegerType_sharedSharedQuery, TestQuery { } diff --git a/c/misra/test/rules/RULE-6-2/test.c b/cpp/common/test/rules/namedbitfieldswithsignedintegertype_shared/test.cpp similarity index 70% rename from c/misra/test/rules/RULE-6-2/test.c rename to cpp/common/test/rules/namedbitfieldswithsignedintegertype_shared/test.cpp index 8182dfdb5d..0d6e838f83 100644 --- a/c/misra/test/rules/RULE-6-2/test.c +++ b/cpp/common/test/rules/namedbitfieldswithsignedintegertype_shared/test.cpp @@ -1,3 +1,5 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. #include struct SampleStruct { @@ -15,3 +17,12 @@ struct SampleStruct { // to carry more than 1 bit signed char : 1; // COMPLIANT: single-bit bit-field but unnamed } sample_struct; + +struct S { + signed int x : 1; // NON-COMPLIANT + signed int y : 5; // COMPLIANT + signed int z : 7; // COMPLIANT + signed int : 0; // COMPLIANT + signed int : 1; // COMPLIANT + signed int : 2; // COMPLIANT +}; \ No newline at end of file diff --git a/cpp/autosar/test/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.expected b/cpp/common/test/rules/namenotreferredusingaqualifiedidorthis_shared/NameNotReferredUsingAQualifiedIdOrThis_shared.expected similarity index 100% rename from cpp/autosar/test/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.expected rename to cpp/common/test/rules/namenotreferredusingaqualifiedidorthis_shared/NameNotReferredUsingAQualifiedIdOrThis_shared.expected diff --git a/cpp/common/test/rules/namenotreferredusingaqualifiedidorthis_shared/NameNotReferredUsingAQualifiedIdOrThis_shared.ql b/cpp/common/test/rules/namenotreferredusingaqualifiedidorthis_shared/NameNotReferredUsingAQualifiedIdOrThis_shared.ql new file mode 100644 index 0000000000..6f8e2c1e7f --- /dev/null +++ b/cpp/common/test/rules/namenotreferredusingaqualifiedidorthis_shared/NameNotReferredUsingAQualifiedIdOrThis_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.namenotreferredusingaqualifiedidorthis_shared.NameNotReferredUsingAQualifiedIdOrThis_shared + +class TestFileQuery extends NameNotReferredUsingAQualifiedIdOrThis_sharedSharedQuery, TestQuery { } diff --git a/cpp/autosar/test/rules/M14-6-1/test.cpp b/cpp/common/test/rules/namenotreferredusingaqualifiedidorthis_shared/test.cpp similarity index 100% rename from cpp/autosar/test/rules/M14-6-1/test.cpp rename to cpp/common/test/rules/namenotreferredusingaqualifiedidorthis_shared/test.cpp diff --git a/cpp/autosar/test/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.expected b/cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit_shared/NameNotReferredUsingAQualifiedIdOrThisAudit_shared.expected similarity index 100% rename from cpp/autosar/test/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.expected rename to cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit_shared/NameNotReferredUsingAQualifiedIdOrThisAudit_shared.expected diff --git a/cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit_shared/NameNotReferredUsingAQualifiedIdOrThisAudit_shared.ql b/cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit_shared/NameNotReferredUsingAQualifiedIdOrThisAudit_shared.ql new file mode 100644 index 0000000000..e5d93d74db --- /dev/null +++ b/cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit_shared/NameNotReferredUsingAQualifiedIdOrThisAudit_shared.ql @@ -0,0 +1,5 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.namenotreferredusingaqualifiedidorthisaudit_shared.NameNotReferredUsingAQualifiedIdOrThisAudit_shared + +class TestFileQuery extends NameNotReferredUsingAQualifiedIdOrThisAudit_sharedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit_shared/test.cpp b/cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit_shared/test.cpp new file mode 100644 index 0000000000..b16e6b40dc --- /dev/null +++ b/cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit_shared/test.cpp @@ -0,0 +1,87 @@ +typedef int TYPE; +void g(); +void g1(); +int m; + +template class B { +public: + typedef T TYPE; + void g(); + int m; +}; + +template class A : B { +public: + void m1() { + m = 0; // NON_COMPLIANT + g(); // NON_COMPLIANT + TYPE t = 0; // NON_COMPLIANT[FALSE_NEGATIVE] + void (*p)() = &g; // NON_COMPLIANT + } + void m2() { + ::m = 0; // COMPLIANT + ::g(); // COMPLIANT + ::TYPE t1 = 0; // COMPLIANT + B::m = 0; // COMPLIANT + this->m = 0; // COMPLIANT + this->g(); // COMPLIANT + void (B::*p)() = &B::g; // COMPLIANT + typename B::TYPE t2 = 0; // COMPLIANT + g1(); // COMPLIANT, identifier not found in B + } + void m3(int m) { + m = 0; // COMPLIANT, hides member + } + void m4() { + int m = 0; + m = 0; // COMPLIANT, hides member + } +}; + +void f() { + A a; + a.m1(); + a.m2(); + a.m3(1); + a.m4(); +} + +class D { +public: + typedef int TYPE; + void g(); + void g(int x); + static void sg(); + static void sg(int x); + int m; +}; + +class C : D { +public: + void m1() { + m = 0; // COMPLIANT - does not apply to non-class templates + g(); // COMPLIANT - does not apply to non-class templates + sg(); // COMPLIANT - does not apply to non-class templates + TYPE t1 = 0; // COMPLIANT - does not apply to non-class templates + // void (*p)() = &g; // NON_COMPILABLE - not valid to take address of member + // function without qualifier + } +}; + +template class E : D { +public: + void m1() { + m = 0; // COMPLIANT - does not apply to non dependent base types + g(); // COMPLIANT - does not apply to non dependent base types + TYPE t1 = 0; // COMPLIANT - does not apply to non dependent base types + // void (*p)() = &g; // NON_COMPILABLE - not valid to take address of member + // function without qualifier + } +}; + +void f2() { + C c; + c.m1(); + E e; + e.m1(); +} \ No newline at end of file diff --git a/cpp/autosar/test/rules/A15-4-2/NoExceptFunctionThrows.expected b/cpp/common/test/rules/noexceptfunctionshouldnotpropagatetothecaller_shared/NoexceptFunctionShouldNotPropagateToTheCaller_shared.expected similarity index 99% rename from cpp/autosar/test/rules/A15-4-2/NoExceptFunctionThrows.expected rename to cpp/common/test/rules/noexceptfunctionshouldnotpropagatetothecaller_shared/NoexceptFunctionShouldNotPropagateToTheCaller_shared.expected index b2f8391b15..db392fd8f6 100644 --- a/cpp/autosar/test/rules/A15-4-2/NoExceptFunctionThrows.expected +++ b/cpp/common/test/rules/noexceptfunctionshouldnotpropagatetothecaller_shared/NoexceptFunctionShouldNotPropagateToTheCaller_shared.expected @@ -1,3 +1,9 @@ +problems +| test.cpp:4:6:4:15 | test_throw | test.cpp:5:3:5:20 | throw ... [ExceptionA] | test.cpp:4:6:4:15 | test_throw [ExceptionA] | Function test_throw is declared noexcept(true) but can throw exceptions of type ExceptionA. | +| test.cpp:10:6:10:27 | noexceptIndirectThrowA | test.cpp:8:17:8:34 | throw ... [ExceptionA] | test.cpp:10:6:10:27 | noexceptIndirectThrowA [ExceptionA] | Function noexceptIndirectThrowA is declared noexcept(true) but can throw exceptions of type ExceptionA. | +| test.cpp:12:6:12:24 | test_indirect_throw | test.cpp:8:17:8:34 | throw ... [ExceptionA] | test.cpp:12:6:12:24 | test_indirect_throw [ExceptionA] | Function test_indirect_throw is declared noexcept(true) but can throw exceptions of type ExceptionA. | +| test.cpp:16:6:16:26 | test_indirect_throw_2 | test.cpp:8:17:8:34 | throw ... [ExceptionA] | test.cpp:16:6:16:26 | test_indirect_throw_2 [ExceptionA] | Function test_indirect_throw_2 is declared noexcept(true) but can throw exceptions of type ExceptionA. | +| test.cpp:33:6:33:26 | test_indirect_throw_6 | test.cpp:8:17:8:34 | throw ... [ExceptionA] | test.cpp:33:6:33:26 | test_indirect_throw_6 [ExceptionA] | Function test_indirect_throw_6 is declared noexcept(true) but can throw exceptions of type ExceptionA. | edges | test.cpp:5:3:5:20 | throw ... [ExceptionA] | test.cpp:4:6:4:15 | test_throw [ExceptionA] | | test.cpp:8:6:8:11 | throwA [ExceptionA] | test.cpp:9:25:9:30 | call to throwA [ExceptionA] | @@ -11,9 +17,3 @@ edges | test.cpp:13:3:13:8 | call to throwA [ExceptionA] | test.cpp:12:6:12:24 | test_indirect_throw [ExceptionA] | | test.cpp:17:3:17:8 | call to throwA [ExceptionA] | test.cpp:16:6:16:26 | test_indirect_throw_2 [ExceptionA] | | test.cpp:34:3:34:16 | call to indirectThrowA [ExceptionA] | test.cpp:33:6:33:26 | test_indirect_throw_6 [ExceptionA] | -#select -| test.cpp:4:6:4:15 | test_throw | test.cpp:5:3:5:20 | throw ... [ExceptionA] | test.cpp:4:6:4:15 | test_throw [ExceptionA] | Function test_throw is declared noexcept(true) but can throw exceptions of type ExceptionA. | -| test.cpp:10:6:10:27 | noexceptIndirectThrowA | test.cpp:8:17:8:34 | throw ... [ExceptionA] | test.cpp:10:6:10:27 | noexceptIndirectThrowA [ExceptionA] | Function noexceptIndirectThrowA is declared noexcept(true) but can throw exceptions of type ExceptionA. | -| test.cpp:12:6:12:24 | test_indirect_throw | test.cpp:8:17:8:34 | throw ... [ExceptionA] | test.cpp:12:6:12:24 | test_indirect_throw [ExceptionA] | Function test_indirect_throw is declared noexcept(true) but can throw exceptions of type ExceptionA. | -| test.cpp:16:6:16:26 | test_indirect_throw_2 | test.cpp:8:17:8:34 | throw ... [ExceptionA] | test.cpp:16:6:16:26 | test_indirect_throw_2 [ExceptionA] | Function test_indirect_throw_2 is declared noexcept(true) but can throw exceptions of type ExceptionA. | -| test.cpp:33:6:33:26 | test_indirect_throw_6 | test.cpp:8:17:8:34 | throw ... [ExceptionA] | test.cpp:33:6:33:26 | test_indirect_throw_6 [ExceptionA] | Function test_indirect_throw_6 is declared noexcept(true) but can throw exceptions of type ExceptionA. | diff --git a/cpp/common/test/rules/noexceptfunctionshouldnotpropagatetothecaller_shared/NoexceptFunctionShouldNotPropagateToTheCaller_shared.ql b/cpp/common/test/rules/noexceptfunctionshouldnotpropagatetothecaller_shared/NoexceptFunctionShouldNotPropagateToTheCaller_shared.ql new file mode 100644 index 0000000000..4a405daaaf --- /dev/null +++ b/cpp/common/test/rules/noexceptfunctionshouldnotpropagatetothecaller_shared/NoexceptFunctionShouldNotPropagateToTheCaller_shared.ql @@ -0,0 +1,6 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.noexceptfunctionshouldnotpropagatetothecaller_shared.NoexceptFunctionShouldNotPropagateToTheCaller_shared + +class TestFileQuery extends NoexceptFunctionShouldNotPropagateToTheCaller_sharedSharedQuery, + TestQuery +{ } diff --git a/cpp/autosar/test/rules/A15-4-2/test.cpp b/cpp/common/test/rules/noexceptfunctionshouldnotpropagatetothecaller_shared/test.cpp similarity index 100% rename from cpp/autosar/test/rules/A15-4-2/test.cpp rename to cpp/common/test/rules/noexceptfunctionshouldnotpropagatetothecaller_shared/test.cpp diff --git a/cpp/autosar/test/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMain.expected b/cpp/common/test/rules/nonglobalfunctionmain_shared/NonGlobalFunctionMain_shared.expected similarity index 100% rename from cpp/autosar/test/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMain.expected rename to cpp/common/test/rules/nonglobalfunctionmain_shared/NonGlobalFunctionMain_shared.expected diff --git a/cpp/common/test/rules/nonglobalfunctionmain_shared/NonGlobalFunctionMain_shared.ql b/cpp/common/test/rules/nonglobalfunctionmain_shared/NonGlobalFunctionMain_shared.ql new file mode 100644 index 0000000000..611b3d0f77 --- /dev/null +++ b/cpp/common/test/rules/nonglobalfunctionmain_shared/NonGlobalFunctionMain_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.nonglobalfunctionmain_shared.NonGlobalFunctionMain_shared + +class TestFileQuery extends NonGlobalFunctionMain_sharedSharedQuery, TestQuery { } diff --git a/cpp/autosar/test/rules/M7-3-2/test.cpp b/cpp/common/test/rules/nonglobalfunctionmain_shared/test.cpp similarity index 100% rename from cpp/autosar/test/rules/M7-3-2/test.cpp rename to cpp/common/test/rules/nonglobalfunctionmain_shared/test.cpp diff --git a/cpp/common/test/rules/nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.expected b/cpp/common/test/rules/nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.expected new file mode 100644 index 0000000000..3051e32537 --- /dev/null +++ b/cpp/common/test/rules/nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.expected @@ -0,0 +1,21 @@ +| test.cpp:37:18:37:24 | \u001aG | Invalid hexadecimal escape in string literal at '\\x1AG"'. | +| test.cpp:40:18:40:23 | \u00029 | Invalid octal escape in string literal at '\\029"'. | +| test.cpp:43:18:43:24 | \n7 | Invalid octal escape in string literal at '\\0127"'. | +| test.cpp:44:18:44:24 | \r7 | Invalid octal escape in string literal at '\\0157"'. | +| test.cpp:46:19:46:29 | \n\n9 | Invalid octal escape in string literal at '\\0129"'. | +| test.cpp:47:19:47:28 | \n\u00019 | Invalid octal escape in string literal at '\\019"'. | +| test.cpp:50:19:50:31 | \nAAA\u000f | Invalid octal escape in string literal at '\\012AAA\\017"'. | +| test.cpp:53:19:53:39 | Some Data \n\u000fA | Invalid octal escape in string literal at '\\017A"'. | +| test.cpp:54:19:55:21 | Some Data \n\u000fA5 | Invalid octal escape in string literal at '\\017A"\n "5"'. | +| test.cpp:56:19:58:25 | Some Data \n\u000fA\n1 | Invalid octal escape in string literal at '\\0121"'. | +| test.cpp:62:19:63:26 | \u0011G\u00012 | Invalid octal escape in string literal at '\\0012"'. | +| test.cpp:64:19:65:25 | \u0011GG\u0001 | Invalid hexadecimal escape in string literal at '\\x11G"\n "G\\001"'. | +| test.cpp:66:19:67:26 | \u0011GG\u00013 | Invalid hexadecimal escape in string literal at '\\x11G"\n "G\\0013"'. | +| test.cpp:66:19:67:26 | \u0011GG\u00013 | Invalid octal escape in string literal at '\\0013"'. | +| test.cpp:73:18:73:42 | Some Data \n\u000fA5 | Invalid octal escape in string literal at '\\017A" "5"'. | +| test.cpp:74:18:74:49 | Some Data \n\u000fA\n1 | Invalid octal escape in string literal at '\\0121"'. | +| test.cpp:76:18:76:32 | \u0011G\u00012 | Invalid octal escape in string literal at '\\0012"'. | +| test.cpp:77:18:77:32 | \u0011GG\u0001 | Invalid hexadecimal escape in string literal at '\\x11G" "G\\001"'. | +| test.cpp:78:18:78:33 | \u0011GG\u00013 | Invalid hexadecimal escape in string literal at '\\x11G" "G\\0013"'. | +| test.cpp:78:18:78:33 | \u0011GG\u00013 | Invalid octal escape in string literal at '\\0013"'. | +| test.cpp:81:11:81:16 | 10 | Invalid hexadecimal escape in string literal at '\\x0a''. | diff --git a/cpp/common/test/rules/nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.ql b/cpp/common/test/rules/nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.ql new file mode 100644 index 0000000000..6cbb2220bb --- /dev/null +++ b/cpp/common/test/rules/nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.nonterminatedescapesequences_shared.NonTerminatedEscapeSequences_shared + +class TestFileQuery extends NonTerminatedEscapeSequences_sharedSharedQuery, TestQuery { } diff --git a/c/misra/test/rules/RULE-4-1/test.c b/cpp/common/test/rules/nonterminatedescapesequences_shared/test.cpp similarity index 61% rename from c/misra/test/rules/RULE-4-1/test.c rename to cpp/common/test/rules/nonterminatedescapesequences_shared/test.cpp index 4a0dcaa6ac..aa1093b791 100644 --- a/c/misra/test/rules/RULE-4-1/test.c +++ b/cpp/common/test/rules/nonterminatedescapesequences_shared/test.cpp @@ -1,3 +1,31 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. +#include + +struct SampleStruct { + int x1 : 1; // NON_COMPLIANT: very likely be signed, but if it's not, the + // query will automatically handle it since we use signed(), not + // isExplicitlySigned(). + signed int x2 : 1; // NON_COMPLIANT: single-bit named field with a signed type + signed char + x3 : 1; // NON_COMPLIANT: single-bit named field with a signed type + signed short + x4 : 1; // NON_COMPLIANT: single-bit named field with a signed type + unsigned int + x5 : 1; // COMPLIANT: single-bit named field but with an unsigned type + signed int x6 : 2; // COMPLIANT: named field with a signed type but declared + // to carry more than 1 bit + signed char : 1; // COMPLIANT: single-bit bit-field but unnamed +} sample_struct; + +struct S { + signed int x : 1; // NON-COMPLIANT + signed int y : 5; // COMPLIANT + signed int z : 7; // COMPLIANT + signed int : 0; // COMPLIANT + signed int : 1; // COMPLIANT + signed int : 2; // COMPLIANT +}; const char *a1 = "\x11" "G"; // COMPLIANT diff --git a/cpp/common/test/rules/nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.expected b/cpp/common/test/rules/nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.expected new file mode 100644 index 0000000000..662a21b5d6 --- /dev/null +++ b/cpp/common/test/rules/nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.expected @@ -0,0 +1 @@ +| test.cpp:5:19:5:20 | c4 | Nonunique value of enum constant compared to $@ | test.cpp:5:23:5:24 | c5 | c5 | diff --git a/cpp/common/test/rules/nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.ql b/cpp/common/test/rules/nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.ql new file mode 100644 index 0000000000..f01ef52853 --- /dev/null +++ b/cpp/common/test/rules/nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.nonuniqueenumerationconstant_shared.NonUniqueEnumerationConstant_shared + +class TestFileQuery extends NonUniqueEnumerationConstant_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/nonuniqueenumerationconstant_shared/test.cpp b/cpp/common/test/rules/nonuniqueenumerationconstant_shared/test.cpp new file mode 100644 index 0000000000..0712cb59e4 --- /dev/null +++ b/cpp/common/test/rules/nonuniqueenumerationconstant_shared/test.cpp @@ -0,0 +1,6 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. +enum e { c = 3 }; // COMPLIANT +enum e1 { c1 = 3, c2 }; // COMPLIANT +enum e3 { c3 = 3, c4, c5 = 4 }; // NON_COMPLIANT +enum e4 { c6 = 3, c7, c8, c9 = 6 }; // COMPLIANT \ No newline at end of file diff --git a/cpp/autosar/test/rules/A4-10-1/NullPointerConstantNotNullptr.expected b/cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.expected similarity index 100% rename from cpp/autosar/test/rules/A4-10-1/NullPointerConstantNotNullptr.expected rename to cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.expected diff --git a/cpp/autosar/test/rules/A4-10-1/NullPointerConstantNotNullptr.expected.clang b/cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.expected.clang similarity index 100% rename from cpp/autosar/test/rules/A4-10-1/NullPointerConstantNotNullptr.expected.clang rename to cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.expected.clang diff --git a/cpp/autosar/test/rules/A4-10-1/NullPointerConstantNotNullptr.expected.gcc b/cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.expected.gcc similarity index 100% rename from cpp/autosar/test/rules/A4-10-1/NullPointerConstantNotNullptr.expected.gcc rename to cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.expected.gcc diff --git a/cpp/autosar/test/rules/A4-10-1/NullPointerConstantNotNullptr.expected.qcc b/cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.expected.qcc similarity index 100% rename from cpp/autosar/test/rules/A4-10-1/NullPointerConstantNotNullptr.expected.qcc rename to cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.expected.qcc diff --git a/cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.ql b/cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.ql new file mode 100644 index 0000000000..6b9f1d2ac5 --- /dev/null +++ b/cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.ql @@ -0,0 +1,6 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.nullptrnottheonlyformofthenullpointerconstant_shared.NullptrNotTheOnlyFormOfTheNullPointerConstant_shared + +class TestFileQuery extends NullptrNotTheOnlyFormOfTheNullPointerConstant_sharedSharedQuery, + TestQuery +{ } diff --git a/cpp/autosar/test/rules/A4-10-1/test.cpp b/cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/test.cpp similarity index 100% rename from cpp/autosar/test/rules/A4-10-1/test.cpp rename to cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/test.cpp diff --git a/cpp/autosar/test/rules/A4-10-1/test.cpp.clang b/cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/test.cpp.clang similarity index 100% rename from cpp/autosar/test/rules/A4-10-1/test.cpp.clang rename to cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/test.cpp.clang diff --git a/cpp/autosar/test/rules/A4-10-1/test.cpp.gcc b/cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/test.cpp.gcc similarity index 100% rename from cpp/autosar/test/rules/A4-10-1/test.cpp.gcc rename to cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/test.cpp.gcc diff --git a/cpp/autosar/test/rules/A4-10-1/test.cpp.qcc b/cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/test.cpp.qcc similarity index 100% rename from cpp/autosar/test/rules/A4-10-1/test.cpp.qcc rename to cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/test.cpp.qcc diff --git a/cpp/autosar/test/rules/M12-1-1/DynamicTypeOfThisUsedFromConstructorOrDestructor.expected b/cpp/common/test/rules/objectsdynamictypeusedfromconstructorordestructor_shared/ObjectsDynamicTypeUsedFromConstructorOrDestructor_shared.expected similarity index 100% rename from cpp/autosar/test/rules/M12-1-1/DynamicTypeOfThisUsedFromConstructorOrDestructor.expected rename to cpp/common/test/rules/objectsdynamictypeusedfromconstructorordestructor_shared/ObjectsDynamicTypeUsedFromConstructorOrDestructor_shared.expected diff --git a/cpp/common/test/rules/objectsdynamictypeusedfromconstructorordestructor_shared/ObjectsDynamicTypeUsedFromConstructorOrDestructor_shared.ql b/cpp/common/test/rules/objectsdynamictypeusedfromconstructorordestructor_shared/ObjectsDynamicTypeUsedFromConstructorOrDestructor_shared.ql new file mode 100644 index 0000000000..784e94366f --- /dev/null +++ b/cpp/common/test/rules/objectsdynamictypeusedfromconstructorordestructor_shared/ObjectsDynamicTypeUsedFromConstructorOrDestructor_shared.ql @@ -0,0 +1,6 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.objectsdynamictypeusedfromconstructorordestructor_shared.ObjectsDynamicTypeUsedFromConstructorOrDestructor_shared + +class TestFileQuery extends ObjectsDynamicTypeUsedFromConstructorOrDestructor_sharedSharedQuery, + TestQuery +{ } diff --git a/cpp/autosar/test/rules/M12-1-1/test.cpp b/cpp/common/test/rules/objectsdynamictypeusedfromconstructorordestructor_shared/test.cpp similarity index 100% rename from cpp/autosar/test/rules/M12-1-1/test.cpp rename to cpp/common/test/rules/objectsdynamictypeusedfromconstructorordestructor_shared/test.cpp diff --git a/cpp/common/test/rules/overridingshallspecifydifferentdefaultarguments_shared/OverridingShallSpecifyDifferentDefaultArguments_shared.expected b/cpp/common/test/rules/overridingshallspecifydifferentdefaultarguments_shared/OverridingShallSpecifyDifferentDefaultArguments_shared.expected new file mode 100644 index 0000000000..d2d80e0572 --- /dev/null +++ b/cpp/common/test/rules/overridingshallspecifydifferentdefaultarguments_shared/OverridingShallSpecifyDifferentDefaultArguments_shared.expected @@ -0,0 +1,2 @@ +| test.cpp:16:8:16:8 | f | Overriding function does not have the same default parameters as $@ | test.cpp:4:16:4:16 | f | overridden function | +| test.cpp:21:8:21:8 | f | Overriding function does not have the same default parameters as $@ | test.cpp:4:16:4:16 | f | overridden function | diff --git a/cpp/common/test/rules/overridingshallspecifydifferentdefaultarguments_shared/OverridingShallSpecifyDifferentDefaultArguments_shared.ql b/cpp/common/test/rules/overridingshallspecifydifferentdefaultarguments_shared/OverridingShallSpecifyDifferentDefaultArguments_shared.ql new file mode 100644 index 0000000000..81578b5174 --- /dev/null +++ b/cpp/common/test/rules/overridingshallspecifydifferentdefaultarguments_shared/OverridingShallSpecifyDifferentDefaultArguments_shared.ql @@ -0,0 +1,6 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.overridingshallspecifydifferentdefaultarguments_shared.OverridingShallSpecifyDifferentDefaultArguments_shared + +class TestFileQuery extends OverridingShallSpecifyDifferentDefaultArguments_sharedSharedQuery, + TestQuery +{ } diff --git a/cpp/autosar/test/rules/M8-3-1/test.cpp b/cpp/common/test/rules/overridingshallspecifydifferentdefaultarguments_shared/test.cpp similarity index 100% rename from cpp/autosar/test/rules/M8-3-1/test.cpp rename to cpp/common/test/rules/overridingshallspecifydifferentdefaultarguments_shared/test.cpp diff --git a/cpp/autosar/test/rules/A5-10-1/PointerToMemberVirtualFunctionWithNullPointerConstant.expected b/cpp/common/test/rules/potentiallyvirtualpointeronlycomparestonullptr_shared/PotentiallyVirtualPointerOnlyComparesToNullptr_shared.expected similarity index 63% rename from cpp/autosar/test/rules/A5-10-1/PointerToMemberVirtualFunctionWithNullPointerConstant.expected rename to cpp/common/test/rules/potentiallyvirtualpointeronlycomparestonullptr_shared/PotentiallyVirtualPointerOnlyComparesToNullptr_shared.expected index 81f26e5130..71c0662377 100644 --- a/cpp/autosar/test/rules/A5-10-1/PointerToMemberVirtualFunctionWithNullPointerConstant.expected +++ b/cpp/common/test/rules/potentiallyvirtualpointeronlycomparestonullptr_shared/PotentiallyVirtualPointerOnlyComparesToNullptr_shared.expected @@ -1,2 +1,2 @@ -| test.cpp:14:14:14:29 | ... == ... | A pointer to member virtual function $@ is tested for equality with non-null-pointer-constant $@. | test.cpp:6:16:6:17 | F3 | F3 | test.cpp:14:24:14:29 | F1 | F1 | -| test.cpp:15:14:15:29 | ... == ... | A pointer to member virtual function $@ is tested for equality with non-null-pointer-constant $@. | test.cpp:6:16:6:17 | F3 | F3 | test.cpp:15:24:15:29 | F2 | F2 | +| test.cpp:14:14:14:29 | ... == ... | A pointer to member virtual function $@ is tested for equality with non-null-pointer-constant $@. | test.cpp:6:16:6:17 | F3 | F3 | test.cpp:14:24:14:29 | F1 | F1 | +| test.cpp:15:14:15:29 | ... == ... | A pointer to member virtual function $@ is tested for equality with non-null-pointer-constant $@. | test.cpp:6:16:6:17 | F3 | F3 | test.cpp:15:24:15:29 | F2 | F2 | diff --git a/cpp/common/test/rules/potentiallyvirtualpointeronlycomparestonullptr_shared/PotentiallyVirtualPointerOnlyComparesToNullptr_shared.ql b/cpp/common/test/rules/potentiallyvirtualpointeronlycomparestonullptr_shared/PotentiallyVirtualPointerOnlyComparesToNullptr_shared.ql new file mode 100644 index 0000000000..b3f05d17a9 --- /dev/null +++ b/cpp/common/test/rules/potentiallyvirtualpointeronlycomparestonullptr_shared/PotentiallyVirtualPointerOnlyComparesToNullptr_shared.ql @@ -0,0 +1,6 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.potentiallyvirtualpointeronlycomparestonullptr_shared.PotentiallyVirtualPointerOnlyComparesToNullptr_shared + +class TestFileQuery extends PotentiallyVirtualPointerOnlyComparesToNullptr_sharedSharedQuery, + TestQuery +{ } diff --git a/cpp/autosar/test/rules/A5-10-1/test.cpp b/cpp/common/test/rules/potentiallyvirtualpointeronlycomparestonullptr_shared/test.cpp similarity index 100% rename from cpp/autosar/test/rules/A5-10-1/test.cpp rename to cpp/common/test/rules/potentiallyvirtualpointeronlycomparestonullptr_shared/test.cpp diff --git a/cpp/autosar/test/rules/A5-2-4/ReinterpretCastUsed.expected b/cpp/common/test/rules/reinterpretcastused_shared/ReinterpretCastUsed_shared.expected similarity index 100% rename from cpp/autosar/test/rules/A5-2-4/ReinterpretCastUsed.expected rename to cpp/common/test/rules/reinterpretcastused_shared/ReinterpretCastUsed_shared.expected diff --git a/cpp/common/test/rules/reinterpretcastused_shared/ReinterpretCastUsed_shared.ql b/cpp/common/test/rules/reinterpretcastused_shared/ReinterpretCastUsed_shared.ql new file mode 100644 index 0000000000..af9a8f0ebe --- /dev/null +++ b/cpp/common/test/rules/reinterpretcastused_shared/ReinterpretCastUsed_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.reinterpretcastused_shared.ReinterpretCastUsed_shared + +class TestFileQuery extends ReinterpretCastUsed_sharedSharedQuery, TestQuery { } diff --git a/cpp/autosar/test/rules/A5-2-4/test.cpp b/cpp/common/test/rules/reinterpretcastused_shared/test.cpp similarity index 100% rename from cpp/autosar/test/rules/A5-2-4/test.cpp rename to cpp/common/test/rules/reinterpretcastused_shared/test.cpp diff --git a/cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.expected b/cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.expected new file mode 100644 index 0000000000..3f2720dd76 --- /dev/null +++ b/cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.expected @@ -0,0 +1,3 @@ +| test.cpp:9:7:9:12 | ... = ... | Use of an assignment operator's result. | +| test.cpp:13:11:13:16 | ... = ... | Use of an assignment operator's result. | +| test.cpp:15:8:15:13 | ... = ... | Use of an assignment operator's result. | diff --git a/cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql b/cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql new file mode 100644 index 0000000000..e4928beb62 --- /dev/null +++ b/cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql @@ -0,0 +1,5 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.resultofanassignmentoperatorshouldnotbeused_shared.ResultOfAnAssignmentOperatorShouldNotBeUsed_shared + +class TestFileQuery extends ResultOfAnAssignmentOperatorShouldNotBeUsed_sharedSharedQuery, TestQuery { +} diff --git a/c/misra/test/rules/RULE-13-4/test.c b/cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/test.cpp similarity index 59% rename from c/misra/test/rules/RULE-13-4/test.c rename to cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/test.cpp index aeabb60fac..21fb4c0910 100644 --- a/c/misra/test/rules/RULE-13-4/test.c +++ b/cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/test.cpp @@ -1,3 +1,5 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. void test() { int l1, l2; int l3[1]; diff --git a/cpp/autosar/test/rules/M7-5-1/FunctionReturnAutomaticVarCondition.expected b/cpp/common/test/rules/returnreferenceorpointertoautomaticlocalvariable_shared/ReturnReferenceOrPointerToAutomaticLocalVariable_shared.expected similarity index 100% rename from cpp/autosar/test/rules/M7-5-1/FunctionReturnAutomaticVarCondition.expected rename to cpp/common/test/rules/returnreferenceorpointertoautomaticlocalvariable_shared/ReturnReferenceOrPointerToAutomaticLocalVariable_shared.expected diff --git a/cpp/common/test/rules/returnreferenceorpointertoautomaticlocalvariable_shared/ReturnReferenceOrPointerToAutomaticLocalVariable_shared.ql b/cpp/common/test/rules/returnreferenceorpointertoautomaticlocalvariable_shared/ReturnReferenceOrPointerToAutomaticLocalVariable_shared.ql new file mode 100644 index 0000000000..7184897c6e --- /dev/null +++ b/cpp/common/test/rules/returnreferenceorpointertoautomaticlocalvariable_shared/ReturnReferenceOrPointerToAutomaticLocalVariable_shared.ql @@ -0,0 +1,6 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.returnreferenceorpointertoautomaticlocalvariable_shared.ReturnReferenceOrPointerToAutomaticLocalVariable_shared + +class TestFileQuery extends ReturnReferenceOrPointerToAutomaticLocalVariable_sharedSharedQuery, + TestQuery +{ } diff --git a/cpp/autosar/test/rules/M7-5-1/test.cpp b/cpp/common/test/rules/returnreferenceorpointertoautomaticlocalvariable_shared/test.cpp similarity index 100% rename from cpp/autosar/test/rules/M7-5-1/test.cpp rename to cpp/common/test/rules/returnreferenceorpointertoautomaticlocalvariable_shared/test.cpp diff --git a/cpp/autosar/test/rules/M6-3-1/SwitchCompoundCondition.expected b/cpp/common/test/rules/switchcompoundcondition_shared/SwitchCompoundCondition_shared.expected similarity index 100% rename from cpp/autosar/test/rules/M6-3-1/SwitchCompoundCondition.expected rename to cpp/common/test/rules/switchcompoundcondition_shared/SwitchCompoundCondition_shared.expected diff --git a/cpp/common/test/rules/switchcompoundcondition_shared/SwitchCompoundCondition_shared.ql b/cpp/common/test/rules/switchcompoundcondition_shared/SwitchCompoundCondition_shared.ql new file mode 100644 index 0000000000..9c296a8a24 --- /dev/null +++ b/cpp/common/test/rules/switchcompoundcondition_shared/SwitchCompoundCondition_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.switchcompoundcondition_shared.SwitchCompoundCondition_shared + +class TestFileQuery extends SwitchCompoundCondition_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/switchcompoundcondition_shared/test.cpp b/cpp/common/test/rules/switchcompoundcondition_shared/test.cpp new file mode 100644 index 0000000000..487c007fdc --- /dev/null +++ b/cpp/common/test/rules/switchcompoundcondition_shared/test.cpp @@ -0,0 +1,56 @@ +void test_loop_missing_braces(int expression) { + for (int i = 0; i < expression; i++) // BAD + expression = expression % 2; +} + +void test_loop_valid_braces_check(int expression) { + for (int i = 0; i < expression; i++) { // GOOD + expression = expression % 2; + } + + int j = 10; + while (expression < 10) // BAD + j = j + 10; +} + +void test_loop_mix_validity(int expression) { + do // BAD + expression = expression % 2; + while (expression < 10); + + while (expression > 10) // GOOD + { + expression = expression * 2; + } + + do { // GOOD + expression = expression % 2; + } while (expression < 5); +} + +void test_switch_valid_braces(int i, int expression) { + // GOOD + switch (expression) { + case 0: + while (i < 10) { + i = i + expression; + } + break; + case 1: + if (i > 10) { + i = i * i; + } + break; + default: + break; + } +} + +void test_switch_invalid_braces(int i, int expression) { + // BAD + switch (expression) + case 0: + while (i < 10) { + i = i + expression; + } +} diff --git a/cpp/autosar/test/rules/M2-13-3/MissingUSuffix.expected b/cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed_shared/UnsignedIntegerLiteralsNotAppropriatelySuffixed_shared.expected similarity index 100% rename from cpp/autosar/test/rules/M2-13-3/MissingUSuffix.expected rename to cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed_shared/UnsignedIntegerLiteralsNotAppropriatelySuffixed_shared.expected diff --git a/cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed_shared/UnsignedIntegerLiteralsNotAppropriatelySuffixed_shared.ql b/cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed_shared/UnsignedIntegerLiteralsNotAppropriatelySuffixed_shared.ql new file mode 100644 index 0000000000..3ed0fc3b14 --- /dev/null +++ b/cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed_shared/UnsignedIntegerLiteralsNotAppropriatelySuffixed_shared.ql @@ -0,0 +1,6 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.unsignedintegerliteralsnotappropriatelysuffixed_shared.UnsignedIntegerLiteralsNotAppropriatelySuffixed_shared + +class TestFileQuery extends UnsignedIntegerLiteralsNotAppropriatelySuffixed_sharedSharedQuery, + TestQuery +{ } diff --git a/cpp/autosar/test/rules/M2-13-3/test.cpp b/cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed_shared/test.cpp similarity index 100% rename from cpp/autosar/test/rules/M2-13-3/test.cpp rename to cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed_shared/test.cpp diff --git a/cpp/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.expected b/cpp/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.expected new file mode 100644 index 0000000000..3902cae09d --- /dev/null +++ b/cpp/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.expected @@ -0,0 +1,4 @@ +| test.cpp:7:3:7:9 | ... + ... | Operation + of type unsigned int may wrap. | +| test.cpp:8:3:8:10 | ... += ... | Operation += of type unsigned int may wrap. | +| test.cpp:61:3:61:9 | ... - ... | Operation - of type unsigned int may wrap. | +| test.cpp:62:3:62:10 | ... -= ... | Operation -= of type unsigned int may wrap. | diff --git a/cpp/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.ql b/cpp/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.ql new file mode 100644 index 0000000000..24780bcc5d --- /dev/null +++ b/cpp/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.ql @@ -0,0 +1,5 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.unsignedoperationwithconstantoperandswraps_shared.UnsignedOperationWithConstantOperandsWraps_shared + +class TestFileQuery extends UnsignedOperationWithConstantOperandsWraps_sharedSharedQuery, TestQuery { +} diff --git a/c/cert/test/rules/INT30-C/test.c b/cpp/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/test.cpp similarity index 94% rename from c/cert/test/rules/INT30-C/test.c rename to cpp/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/test.cpp index 433cf534f4..8f76fbeeeb 100644 --- a/c/cert/test/rules/INT30-C/test.c +++ b/cpp/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/test.cpp @@ -1,3 +1,6 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. + #include void test_add_simple(unsigned int i1, unsigned int i2) { diff --git a/cpp/autosar/test/rules/M2-13-2/UseOfNonZeroOctalLiteral.expected b/cpp/common/test/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.expected similarity index 100% rename from cpp/autosar/test/rules/M2-13-2/UseOfNonZeroOctalLiteral.expected rename to cpp/common/test/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.expected diff --git a/cpp/common/test/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.ql b/cpp/common/test/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.ql new file mode 100644 index 0000000000..dcd6042639 --- /dev/null +++ b/cpp/common/test/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.useofnonzerooctalliteral_shared.UseOfNonZeroOctalLiteral_shared + +class TestFileQuery extends UseOfNonZeroOctalLiteral_sharedSharedQuery, TestQuery { } diff --git a/cpp/autosar/test/rules/M2-13-2/test.cpp b/cpp/common/test/rules/useofnonzerooctalliteral_shared/test.cpp similarity index 100% rename from cpp/autosar/test/rules/M2-13-2/test.cpp rename to cpp/common/test/rules/useofnonzerooctalliteral_shared/test.cpp diff --git a/cpp/autosar/test/rules/A18-1-2/VectorboolSpecializationUsed.expected b/cpp/common/test/rules/vectorshouldnotbespecializedwithbool_shared/VectorShouldNotBeSpecializedWithBool_shared.expected similarity index 100% rename from cpp/autosar/test/rules/A18-1-2/VectorboolSpecializationUsed.expected rename to cpp/common/test/rules/vectorshouldnotbespecializedwithbool_shared/VectorShouldNotBeSpecializedWithBool_shared.expected diff --git a/cpp/autosar/test/rules/A18-1-2/VectorboolSpecializationUsed.expected.qcc b/cpp/common/test/rules/vectorshouldnotbespecializedwithbool_shared/VectorShouldNotBeSpecializedWithBool_shared.expected.qcc similarity index 100% rename from cpp/autosar/test/rules/A18-1-2/VectorboolSpecializationUsed.expected.qcc rename to cpp/common/test/rules/vectorshouldnotbespecializedwithbool_shared/VectorShouldNotBeSpecializedWithBool_shared.expected.qcc diff --git a/cpp/common/test/rules/vectorshouldnotbespecializedwithbool_shared/VectorShouldNotBeSpecializedWithBool_shared.ql b/cpp/common/test/rules/vectorshouldnotbespecializedwithbool_shared/VectorShouldNotBeSpecializedWithBool_shared.ql new file mode 100644 index 0000000000..6bedf0ab1c --- /dev/null +++ b/cpp/common/test/rules/vectorshouldnotbespecializedwithbool_shared/VectorShouldNotBeSpecializedWithBool_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.vectorshouldnotbespecializedwithbool_shared.VectorShouldNotBeSpecializedWithBool_shared + +class TestFileQuery extends VectorShouldNotBeSpecializedWithBool_sharedSharedQuery, TestQuery { } diff --git a/cpp/autosar/test/rules/A18-1-2/test.cpp b/cpp/common/test/rules/vectorshouldnotbespecializedwithbool_shared/test.cpp similarity index 100% rename from cpp/autosar/test/rules/A18-1-2/test.cpp rename to cpp/common/test/rules/vectorshouldnotbespecializedwithbool_shared/test.cpp diff --git a/cpp/autosar/test/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtualInHierarchy.expected b/cpp/common/test/rules/virtualandnonvirtualclassinthehierarchy_shared/VirtualAndNonVirtualClassInTheHierarchy_shared.expected similarity index 100% rename from cpp/autosar/test/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtualInHierarchy.expected rename to cpp/common/test/rules/virtualandnonvirtualclassinthehierarchy_shared/VirtualAndNonVirtualClassInTheHierarchy_shared.expected diff --git a/cpp/common/test/rules/virtualandnonvirtualclassinthehierarchy_shared/VirtualAndNonVirtualClassInTheHierarchy_shared.ql b/cpp/common/test/rules/virtualandnonvirtualclassinthehierarchy_shared/VirtualAndNonVirtualClassInTheHierarchy_shared.ql new file mode 100644 index 0000000000..38348b693b --- /dev/null +++ b/cpp/common/test/rules/virtualandnonvirtualclassinthehierarchy_shared/VirtualAndNonVirtualClassInTheHierarchy_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.virtualandnonvirtualclassinthehierarchy_shared.VirtualAndNonVirtualClassInTheHierarchy_shared + +class TestFileQuery extends VirtualAndNonVirtualClassInTheHierarchy_sharedSharedQuery, TestQuery { } diff --git a/cpp/autosar/test/rules/M10-1-3/test.cpp b/cpp/common/test/rules/virtualandnonvirtualclassinthehierarchy_shared/test.cpp similarity index 100% rename from cpp/autosar/test/rules/M10-1-3/test.cpp rename to cpp/common/test/rules/virtualandnonvirtualclassinthehierarchy_shared/test.cpp diff --git a/cpp/misra/src/rules/DIR-15-8-1/CopyAndMoveAssignmentsShallHandleSelfAssignment.ql b/cpp/misra/src/rules/DIR-15-8-1/CopyAndMoveAssignmentsShallHandleSelfAssignment.ql new file mode 100644 index 0000000000..4937de01c4 --- /dev/null +++ b/cpp/misra/src/rules/DIR-15-8-1/CopyAndMoveAssignmentsShallHandleSelfAssignment.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/copy-and-move-assignments-shall-handle-self-assignment + * @name DIR-15-8-1: User-provided copy assignment operators and move assignment operators shall handle self-assignment + * @description User-provided copy assignment operators and move assignment operators shall handle + * self-assignment. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/dir-15-8-1 + * external/misra/allocated-target/implementation + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.copyandmoveassignmentsshallhandleselfassignment_shared.CopyAndMoveAssignmentsShallHandleSelfAssignment_shared + +class CopyAndMoveAssignmentsShallHandleSelfAssignmentQuery extends CopyAndMoveAssignmentsShallHandleSelfAssignment_sharedSharedQuery { + CopyAndMoveAssignmentsShallHandleSelfAssignmentQuery() { + this = ImportMisra23Package::copyAndMoveAssignmentsShallHandleSelfAssignmentQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-10-0-1/UseSingleGlobalOrMemberDeclarators.ql b/cpp/misra/src/rules/RULE-10-0-1/UseSingleGlobalOrMemberDeclarators.ql new file mode 100644 index 0000000000..d135fec871 --- /dev/null +++ b/cpp/misra/src/rules/RULE-10-0-1/UseSingleGlobalOrMemberDeclarators.ql @@ -0,0 +1,24 @@ +/** + * @id cpp/misra/use-single-global-or-member-declarators + * @name RULE-10-0-1: Multiple declarations in the same global or member declaration sequence + * @description A declaration should not declare more than one variable or member variable. + * @kind problem + * @precision medium + * @problem.severity recommendation + * @tags external/misra/id/rule-10-0-1 + * readability + * maintainability + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.multipleglobalormemberdeclarators_shared.MultipleGlobalOrMemberDeclarators_shared + +class UseSingleGlobalOrMemberDeclaratorsQuery extends MultipleGlobalOrMemberDeclarators_sharedSharedQuery { + UseSingleGlobalOrMemberDeclaratorsQuery() { + this = ImportMisra23Package::useSingleGlobalOrMemberDeclaratorsQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-10-0-1/UseSingleLocalDeclarators.ql b/cpp/misra/src/rules/RULE-10-0-1/UseSingleLocalDeclarators.ql new file mode 100644 index 0000000000..2e0147014d --- /dev/null +++ b/cpp/misra/src/rules/RULE-10-0-1/UseSingleLocalDeclarators.ql @@ -0,0 +1,24 @@ +/** + * @id cpp/misra/use-single-local-declarators + * @name RULE-10-0-1: Multiple declarations in the same local statement + * @description A declaration should not declare more than one variable or member variable. + * @kind problem + * @precision very-high + * @problem.severity recommendation + * @tags external/misra/id/rule-10-0-1 + * readability + * maintainability + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.multiplelocaldeclarators_shared.MultipleLocalDeclarators_shared + +class UseSingleLocalDeclaratorsQuery extends MultipleLocalDeclarators_sharedSharedQuery { + UseSingleLocalDeclaratorsQuery() { + this = ImportMisra23Package::useSingleLocalDeclaratorsQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-10-2-1/EnumerationNotDefinedWithAnExplicitUnderlyingType.ql b/cpp/misra/src/rules/RULE-10-2-1/EnumerationNotDefinedWithAnExplicitUnderlyingType.ql new file mode 100644 index 0000000000..8b7c05359f --- /dev/null +++ b/cpp/misra/src/rules/RULE-10-2-1/EnumerationNotDefinedWithAnExplicitUnderlyingType.ql @@ -0,0 +1,22 @@ +/** + * @id cpp/misra/enumeration-not-defined-with-an-explicit-underlying-type + * @name RULE-10-2-1: An enumeration shall be defined with an explicit underlying type + * @description An enumeration shall be defined with an explicit underlying type. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-10-2-1 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.enumerationnotdefinedwithanexplicitunderlyingtype_shared.EnumerationNotDefinedWithAnExplicitUnderlyingType_shared + +class EnumerationNotDefinedWithAnExplicitUnderlyingTypeQuery extends EnumerationNotDefinedWithAnExplicitUnderlyingType_sharedSharedQuery { + EnumerationNotDefinedWithAnExplicitUnderlyingTypeQuery() { + this = ImportMisra23Package::enumerationNotDefinedWithAnExplicitUnderlyingTypeQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-10-4-1/AsmDeclarationShallNotBeUsed.ql b/cpp/misra/src/rules/RULE-10-4-1/AsmDeclarationShallNotBeUsed.ql new file mode 100644 index 0000000000..7ef737a0a3 --- /dev/null +++ b/cpp/misra/src/rules/RULE-10-4-1/AsmDeclarationShallNotBeUsed.ql @@ -0,0 +1,22 @@ +/** + * @id cpp/misra/asm-declaration-shall-not-be-used + * @name RULE-10-4-1: The asm declaration shall not be used + * @description The asm declaration shall not be used. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-10-4-1 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.asmdeclarationused_shared.AsmDeclarationUsed_shared + +class AsmDeclarationShallNotBeUsedQuery extends AsmDeclarationUsed_sharedSharedQuery { + AsmDeclarationShallNotBeUsedQuery() { + this = ImportMisra23Package::asmDeclarationShallNotBeUsedQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-11-6-3/NonUniqueEnumerationConstant.ql b/cpp/misra/src/rules/RULE-11-6-3/NonUniqueEnumerationConstant.ql new file mode 100644 index 0000000000..bfcc9414ac --- /dev/null +++ b/cpp/misra/src/rules/RULE-11-6-3/NonUniqueEnumerationConstant.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/non-unique-enumeration-constant + * @name RULE-11-6-3: Within an enumerator list, the value of an implicitly-specified enumeration constant shall be unique + * @description Within an enumerator list, the value of an implicitly-specified enumeration constant + * shall be unique. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-11-6-3 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.nonuniqueenumerationconstant_shared.NonUniqueEnumerationConstant_shared + +class NonUniqueEnumerationConstantQuery extends NonUniqueEnumerationConstant_sharedSharedQuery { + NonUniqueEnumerationConstantQuery() { + this = ImportMisra23Package::nonUniqueEnumerationConstantQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-12-2-2/BitFieldShallHaveAnAppropriateType.ql b/cpp/misra/src/rules/RULE-12-2-2/BitFieldShallHaveAnAppropriateType.ql new file mode 100644 index 0000000000..aa43636010 --- /dev/null +++ b/cpp/misra/src/rules/RULE-12-2-2/BitFieldShallHaveAnAppropriateType.ql @@ -0,0 +1,22 @@ +/** + * @id cpp/misra/bit-field-shall-have-an-appropriate-type + * @name RULE-12-2-2: A bit-field shall have an appropriate type + * @description A bit-field shall have an appropriate type. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-12-2-2 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.bitfieldshallhaveanappropriatetype_shared.BitFieldShallHaveAnAppropriateType_shared + +class BitFieldShallHaveAnAppropriateTypeQuery extends BitFieldShallHaveAnAppropriateType_sharedSharedQuery { + BitFieldShallHaveAnAppropriateTypeQuery() { + this = ImportMisra23Package::bitFieldShallHaveAnAppropriateTypeQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-12-2-3/SignedIntegerNamedBitFieldHaveALengthOfOneBit.ql b/cpp/misra/src/rules/RULE-12-2-3/SignedIntegerNamedBitFieldHaveALengthOfOneBit.ql new file mode 100644 index 0000000000..b179bae6e5 --- /dev/null +++ b/cpp/misra/src/rules/RULE-12-2-3/SignedIntegerNamedBitFieldHaveALengthOfOneBit.ql @@ -0,0 +1,22 @@ +/** + * @id cpp/misra/signed-integer-named-bit-field-have-a-length-of-one-bit + * @name RULE-12-2-3: A named bit-field with signed integer type shall not have a length of one bit + * @description A named bit-field with signed integer type shall not have a length of one bit. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-12-2-3 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.namedbitfieldswithsignedintegertype_shared.NamedBitFieldsWithSignedIntegerType_shared + +class SignedIntegerNamedBitFieldHaveALengthOfOneBitQuery extends NamedBitFieldsWithSignedIntegerType_sharedSharedQuery { + SignedIntegerNamedBitFieldHaveALengthOfOneBitQuery() { + this = ImportMisra23Package::signedIntegerNamedBitFieldHaveALengthOfOneBitQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-13-1-2/VirtualAndNonVirtualClassInTheHierarchy.ql b/cpp/misra/src/rules/RULE-13-1-2/VirtualAndNonVirtualClassInTheHierarchy.ql new file mode 100644 index 0000000000..88677cf5fa --- /dev/null +++ b/cpp/misra/src/rules/RULE-13-1-2/VirtualAndNonVirtualClassInTheHierarchy.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/virtual-and-non-virtual-class-in-the-hierarchy + * @name RULE-13-1-2: An accessible base class shall not be both virtual and non-virtual in the same hierarchy + * @description An accessible base class shall not be both virtual and non-virtual in the same + * hierarchy. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-13-1-2 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.virtualandnonvirtualclassinthehierarchy_shared.VirtualAndNonVirtualClassInTheHierarchy_shared + +class VirtualAndNonVirtualClassInTheHierarchyQuery extends VirtualAndNonVirtualClassInTheHierarchy_sharedSharedQuery { + VirtualAndNonVirtualClassInTheHierarchyQuery() { + this = ImportMisra23Package::virtualAndNonVirtualClassInTheHierarchyQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-13-3-2/OverridingShallSpecifyDifferentDefaultArguments.ql b/cpp/misra/src/rules/RULE-13-3-2/OverridingShallSpecifyDifferentDefaultArguments.ql new file mode 100644 index 0000000000..2b4b7c1785 --- /dev/null +++ b/cpp/misra/src/rules/RULE-13-3-2/OverridingShallSpecifyDifferentDefaultArguments.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/overriding-shall-specify-different-default-arguments + * @name RULE-13-3-2: Parameters in an overriding virtual function shall not specify different default arguments + * @description Parameters in an overriding virtual function shall not specify different default + * arguments. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-13-3-2 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.overridingshallspecifydifferentdefaultarguments_shared.OverridingShallSpecifyDifferentDefaultArguments_shared + +class OverridingShallSpecifyDifferentDefaultArgumentsQuery extends OverridingShallSpecifyDifferentDefaultArguments_sharedSharedQuery { + OverridingShallSpecifyDifferentDefaultArgumentsQuery() { + this = ImportMisra23Package::overridingShallSpecifyDifferentDefaultArgumentsQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-13-3-4/PotentiallyVirtualPointerOnlyComparesToNullptr.ql b/cpp/misra/src/rules/RULE-13-3-4/PotentiallyVirtualPointerOnlyComparesToNullptr.ql new file mode 100644 index 0000000000..bf263bac58 --- /dev/null +++ b/cpp/misra/src/rules/RULE-13-3-4/PotentiallyVirtualPointerOnlyComparesToNullptr.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/potentially-virtual-pointer-only-compares-to-nullptr + * @name RULE-13-3-4: A comparison of a potentially virtual pointer to member function shall only be with nullptr + * @description A comparison of a potentially virtual pointer to member function shall only be with + * nullptr. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-13-3-4 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.potentiallyvirtualpointeronlycomparestonullptr_shared.PotentiallyVirtualPointerOnlyComparesToNullptr_shared + +class PotentiallyVirtualPointerOnlyComparesToNullptrQuery extends PotentiallyVirtualPointerOnlyComparesToNullptr_sharedSharedQuery { + PotentiallyVirtualPointerOnlyComparesToNullptrQuery() { + this = ImportMisra23Package::potentiallyVirtualPointerOnlyComparesToNullptrQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-15-1-1/ObjectsDynamicTypeUsedFromConstructorOrDestructor.ql b/cpp/misra/src/rules/RULE-15-1-1/ObjectsDynamicTypeUsedFromConstructorOrDestructor.ql new file mode 100644 index 0000000000..ab1ad49c71 --- /dev/null +++ b/cpp/misra/src/rules/RULE-15-1-1/ObjectsDynamicTypeUsedFromConstructorOrDestructor.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/objects-dynamic-type-used-from-constructor-or-destructor + * @name RULE-15-1-1: An object’s dynamic type shall not be used from within its constructor or destructor + * @description An object’s dynamic type shall not be used from within its constructor or + * destructor. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-15-1-1 + * scope/system + * external/misra/enforcement/undecidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.objectsdynamictypeusedfromconstructorordestructor_shared.ObjectsDynamicTypeUsedFromConstructorOrDestructor_shared + +class ObjectsDynamicTypeUsedFromConstructorOrDestructorQuery extends ObjectsDynamicTypeUsedFromConstructorOrDestructor_sharedSharedQuery { + ObjectsDynamicTypeUsedFromConstructorOrDestructorQuery() { + this = ImportMisra23Package::objectsDynamicTypeUsedFromConstructorOrDestructorQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-15-1-2/InitializeAllVirtualBaseClasses.ql b/cpp/misra/src/rules/RULE-15-1-2/InitializeAllVirtualBaseClasses.ql new file mode 100644 index 0000000000..78dcd9c474 --- /dev/null +++ b/cpp/misra/src/rules/RULE-15-1-2/InitializeAllVirtualBaseClasses.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/initialize-all-virtual-base-classes + * @name RULE-15-1-2: All constructors of a class should explicitly initialize all of its virtual base classes and + * @description All constructors of a class should explicitly initialize all of its virtual base + * classes and immediate base classes. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-15-1-2 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.initializeallvirtualbaseclasses_shared.InitializeAllVirtualBaseClasses_shared + +class InitializeAllVirtualBaseClassesQuery extends InitializeAllVirtualBaseClasses_sharedSharedQuery { + InitializeAllVirtualBaseClassesQuery() { + this = ImportMisra23Package::initializeAllVirtualBaseClassesQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-15-1-5/InitializerListConstructorIsTheOnlyConstructor.ql b/cpp/misra/src/rules/RULE-15-1-5/InitializerListConstructorIsTheOnlyConstructor.ql new file mode 100644 index 0000000000..f2bc05e535 --- /dev/null +++ b/cpp/misra/src/rules/RULE-15-1-5/InitializerListConstructorIsTheOnlyConstructor.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/initializer-list-constructor-is-the-only-constructor + * @name RULE-15-1-5: A class shall only define an initializer-list constructor when it is the only constructor + * @description A class shall only define an initializer-list constructor when it is the only + * constructor. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-15-1-5 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.initializerlistconstructoristheonlyconstructor_shared.InitializerListConstructorIsTheOnlyConstructor_shared + +class InitializerListConstructorIsTheOnlyConstructorQuery extends InitializerListConstructorIsTheOnlyConstructor_sharedSharedQuery { + InitializerListConstructorIsTheOnlyConstructorQuery() { + this = ImportMisra23Package::initializerListConstructorIsTheOnlyConstructorQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-16-5-2/AddressOfOperatorOverloaded.ql b/cpp/misra/src/rules/RULE-16-5-2/AddressOfOperatorOverloaded.ql new file mode 100644 index 0000000000..11623e996e --- /dev/null +++ b/cpp/misra/src/rules/RULE-16-5-2/AddressOfOperatorOverloaded.ql @@ -0,0 +1,22 @@ +/** + * @id cpp/misra/address-of-operator-overloaded + * @name RULE-16-5-2: The address-of operator shall not be overloaded + * @description The address-of operator shall not be overloaded. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-16-5-2 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.addressofoperatoroverloaded_shared.AddressOfOperatorOverloaded_shared + +class AddressOfOperatorOverloadedQuery extends AddressOfOperatorOverloaded_sharedSharedQuery { + AddressOfOperatorOverloadedQuery() { + this = ImportMisra23Package::addressOfOperatorOverloadedQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-17-8-1/FunctionTemplatesExplicitlySpecialized.ql b/cpp/misra/src/rules/RULE-17-8-1/FunctionTemplatesExplicitlySpecialized.ql new file mode 100644 index 0000000000..fc910377bd --- /dev/null +++ b/cpp/misra/src/rules/RULE-17-8-1/FunctionTemplatesExplicitlySpecialized.ql @@ -0,0 +1,22 @@ +/** + * @id cpp/misra/function-templates-explicitly-specialized + * @name RULE-17-8-1: Function templates shall not be explicitly specialized + * @description Function templates shall not be explicitly specialized. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-17-8-1 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.functiontemplatesexplicitlyspecialized_shared.FunctionTemplatesExplicitlySpecialized_shared + +class FunctionTemplatesExplicitlySpecializedQuery extends FunctionTemplatesExplicitlySpecialized_sharedSharedQuery { + FunctionTemplatesExplicitlySpecializedQuery() { + this = ImportMisra23Package::functionTemplatesExplicitlySpecializedQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-18-1-1/ExceptionObjectHavePointerType.ql b/cpp/misra/src/rules/RULE-18-1-1/ExceptionObjectHavePointerType.ql new file mode 100644 index 0000000000..db7683c7f2 --- /dev/null +++ b/cpp/misra/src/rules/RULE-18-1-1/ExceptionObjectHavePointerType.ql @@ -0,0 +1,22 @@ +/** + * @id cpp/misra/exception-object-have-pointer-type + * @name RULE-18-1-1: An exception object shall not have pointer type + * @description An exception object shall not have pointer type. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-18-1-1 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.exceptionobjecthavepointertype_shared.ExceptionObjectHavePointerType_shared + +class ExceptionObjectHavePointerTypeQuery extends ExceptionObjectHavePointerType_sharedSharedQuery { + ExceptionObjectHavePointerTypeQuery() { + this = ImportMisra23Package::exceptionObjectHavePointerTypeQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-18-1-2/EmptyThrowOnlyWithinACatchHandler.ql b/cpp/misra/src/rules/RULE-18-1-2/EmptyThrowOnlyWithinACatchHandler.ql new file mode 100644 index 0000000000..77aa45ce72 --- /dev/null +++ b/cpp/misra/src/rules/RULE-18-1-2/EmptyThrowOnlyWithinACatchHandler.ql @@ -0,0 +1,22 @@ +/** + * @id cpp/misra/empty-throw-only-within-a-catch-handler + * @name RULE-18-1-2: An empty throw shall only occur within the compound-statement of a catch handler + * @description An empty throw shall only occur within the compound-statement of a catch handler. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-18-1-2 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.emptythrowonlywithinacatchhandler_shared.EmptyThrowOnlyWithinACatchHandler_shared + +class EmptyThrowOnlyWithinACatchHandlerQuery extends EmptyThrowOnlyWithinACatchHandler_sharedSharedQuery { + EmptyThrowOnlyWithinACatchHandlerQuery() { + this = ImportMisra23Package::emptyThrowOnlyWithinACatchHandlerQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-18-5-1/NoexceptFunctionShouldNotPropagateToTheCaller.ql b/cpp/misra/src/rules/RULE-18-5-1/NoexceptFunctionShouldNotPropagateToTheCaller.ql new file mode 100644 index 0000000000..d99fbea400 --- /dev/null +++ b/cpp/misra/src/rules/RULE-18-5-1/NoexceptFunctionShouldNotPropagateToTheCaller.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/noexcept-function-should-not-propagate-to-the-caller + * @name RULE-18-5-1: A noexcept function should not attempt to propagate an exception to the calling function + * @description A noexcept function should not attempt to propagate an exception to the calling + * function. + * @kind path-problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-18-5-1 + * scope/system + * external/misra/enforcement/undecidable + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.noexceptfunctionshouldnotpropagatetothecaller_shared.NoexceptFunctionShouldNotPropagateToTheCaller_shared + +class NoexceptFunctionShouldNotPropagateToTheCallerQuery extends NoexceptFunctionShouldNotPropagateToTheCaller_sharedSharedQuery { + NoexceptFunctionShouldNotPropagateToTheCallerQuery() { + this = ImportMisra23Package::noexceptFunctionShouldNotPropagateToTheCallerQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-19-0-2/FunctionLikeMacrosDefined.ql b/cpp/misra/src/rules/RULE-19-0-2/FunctionLikeMacrosDefined.ql new file mode 100644 index 0000000000..04ca50994f --- /dev/null +++ b/cpp/misra/src/rules/RULE-19-0-2/FunctionLikeMacrosDefined.ql @@ -0,0 +1,22 @@ +/** + * @id cpp/misra/function-like-macros-defined + * @name RULE-19-0-2: Function-like macros shall not be defined + * @description Function-like macros shall not be defined. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-19-0-2 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.functionlikemacrosdefined_shared.FunctionLikeMacrosDefined_shared + +class FunctionLikeMacrosDefinedQuery extends FunctionLikeMacrosDefined_sharedSharedQuery { + FunctionLikeMacrosDefinedQuery() { + this = ImportMisra23Package::functionLikeMacrosDefinedQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-19-3-2/MacroParameterFollowingHash.ql b/cpp/misra/src/rules/RULE-19-3-2/MacroParameterFollowingHash.ql new file mode 100644 index 0000000000..8c90302b7a --- /dev/null +++ b/cpp/misra/src/rules/RULE-19-3-2/MacroParameterFollowingHash.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/macro-parameter-following-hash + * @name RULE-19-3-2: A macro parameter immediately following a # operator shall not be immediately followed by a ## + * @description A macro parameter immediately following a # operator shall not be immediately + * followed by a ## operator. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-19-3-2 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.macroparameterfollowinghash_shared.MacroParameterFollowingHash_shared + +class MacroParameterFollowingHashQuery extends MacroParameterFollowingHash_sharedSharedQuery { + MacroParameterFollowingHashQuery() { + this = ImportMisra23Package::macroParameterFollowingHashQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-19-3-3/AMixedUseMacroArgumentSubjectToExpansion.ql b/cpp/misra/src/rules/RULE-19-3-3/AMixedUseMacroArgumentSubjectToExpansion.ql new file mode 100644 index 0000000000..59fd054720 --- /dev/null +++ b/cpp/misra/src/rules/RULE-19-3-3/AMixedUseMacroArgumentSubjectToExpansion.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/a-mixed-use-macro-argument-subject-to-expansion + * @name RULE-19-3-3: The argument to a mixed-use macro parameter shall not be subject to further expansion + * @description The argument to a mixed-use macro parameter shall not be subject to further + * expansion. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-19-3-3 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.amixedusemacroargumentsubjecttoexpansion_shared.AMixedUseMacroArgumentSubjectToExpansion_shared + +class AMixedUseMacroArgumentSubjectToExpansionQuery extends AMixedUseMacroArgumentSubjectToExpansion_sharedSharedQuery { + AMixedUseMacroArgumentSubjectToExpansionQuery() { + this = ImportMisra23Package::aMixedUseMacroArgumentSubjectToExpansionQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-21-10-3/CsignalFacilitiesUsed.ql b/cpp/misra/src/rules/RULE-21-10-3/CsignalFacilitiesUsed.ql new file mode 100644 index 0000000000..19edf41394 --- /dev/null +++ b/cpp/misra/src/rules/RULE-21-10-3/CsignalFacilitiesUsed.ql @@ -0,0 +1,24 @@ +/** + * @id cpp/misra/csignal-facilities-used + * @name RULE-21-10-3: The facilities provided by the standard header file shall not be used + * @description Signal handling contains implementation-defined and undefined behaviour. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/misra/id/rule-21-10-3 + * maintainability + * correctness + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.csignalfunctionsused_shared.CsignalFunctionsUsed_shared + +class CsignalFacilitiesUsedQuery extends CsignalFunctionsUsed_sharedSharedQuery { + CsignalFacilitiesUsedQuery() { + this = ImportMisra23Package::csignalFacilitiesUsedQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-21-10-3/CsignalTypesShallNotBeUsed.ql b/cpp/misra/src/rules/RULE-21-10-3/CsignalTypesShallNotBeUsed.ql new file mode 100644 index 0000000000..56172db86e --- /dev/null +++ b/cpp/misra/src/rules/RULE-21-10-3/CsignalTypesShallNotBeUsed.ql @@ -0,0 +1,24 @@ +/** + * @id cpp/misra/csignal-types-shall-not-be-used + * @name RULE-21-10-3: The signal-handling types of shall not be used + * @description The types provided by the standard header file shall not be used. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/misra/id/rule-21-10-3 + * maintainability + * correctness + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.csignaltypesused_shared.CsignalTypesUsed_shared + +class CsignalTypesShallNotBeUsedQuery extends CsignalTypesUsed_sharedSharedQuery { + CsignalTypesShallNotBeUsedQuery() { + this = ImportMisra23Package::csignalTypesShallNotBeUsedQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-21-2-1/AtofAtoiAtolAndAtollUsed.ql b/cpp/misra/src/rules/RULE-21-2-1/AtofAtoiAtolAndAtollUsed.ql new file mode 100644 index 0000000000..a88a29a734 --- /dev/null +++ b/cpp/misra/src/rules/RULE-21-2-1/AtofAtoiAtolAndAtollUsed.ql @@ -0,0 +1,22 @@ +/** + * @id cpp/misra/atof-atoi-atol-and-atoll-used + * @name RULE-21-2-1: The library functions atof, atoi, atol and atoll from shall not be used + * @description The library functions atof, atoi, atol and atoll from shall not be used. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-21-2-1 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.atofatoiatolandatollused_shared.AtofAtoiAtolAndAtollUsed_shared + +class AtofAtoiAtolAndAtollUsedQuery extends AtofAtoiAtolAndAtollUsed_sharedSharedQuery { + AtofAtoiAtolAndAtollUsedQuery() { + this = ImportMisra23Package::atofAtoiAtolAndAtollUsedQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-21-2-4/MacroOffsetofShallNotBeUsed.ql b/cpp/misra/src/rules/RULE-21-2-4/MacroOffsetofShallNotBeUsed.ql new file mode 100644 index 0000000000..f449463c01 --- /dev/null +++ b/cpp/misra/src/rules/RULE-21-2-4/MacroOffsetofShallNotBeUsed.ql @@ -0,0 +1,22 @@ +/** + * @id cpp/misra/macro-offsetof-shall-not-be-used + * @name RULE-21-2-4: The macro offsetof shall not be used + * @description The macro offsetof shall not be used. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-21-2-4 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.macrooffsetofused_shared.MacroOffsetofUsed_shared + +class MacroOffsetofShallNotBeUsedQuery extends MacroOffsetofUsed_sharedSharedQuery { + MacroOffsetofShallNotBeUsedQuery() { + this = ImportMisra23Package::macroOffsetofShallNotBeUsedQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-21-6-4/GlobalSizedOperatorDeleteShallBeDefined.ql b/cpp/misra/src/rules/RULE-21-6-4/GlobalSizedOperatorDeleteShallBeDefined.ql new file mode 100644 index 0000000000..57f993fc7f --- /dev/null +++ b/cpp/misra/src/rules/RULE-21-6-4/GlobalSizedOperatorDeleteShallBeDefined.ql @@ -0,0 +1,24 @@ +/** + * @id cpp/misra/global-sized-operator-delete-shall-be-defined + * @name RULE-21-6-4: Sized 'operator delete' must be defined globally if unsized 'operator delete' is defined globally + * @description If a project defines the unsized version of a global operator delete, then the sized + * version shall be defined. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-21-6-4 + * maintainability + * scope/system + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.globalsizedoperatordeletenotdefined_shared.GlobalSizedOperatorDeleteNotDefined_shared + +class GlobalSizedOperatorDeleteShallBeDefinedQuery extends GlobalSizedOperatorDeleteNotDefined_sharedSharedQuery { + GlobalSizedOperatorDeleteShallBeDefinedQuery() { + this = ImportMisra23Package::globalSizedOperatorDeleteShallBeDefinedQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-21-6-4/GlobalUnsizedOperatorDeleteShallBeDefined.ql b/cpp/misra/src/rules/RULE-21-6-4/GlobalUnsizedOperatorDeleteShallBeDefined.ql new file mode 100644 index 0000000000..384926228f --- /dev/null +++ b/cpp/misra/src/rules/RULE-21-6-4/GlobalUnsizedOperatorDeleteShallBeDefined.ql @@ -0,0 +1,24 @@ +/** + * @id cpp/misra/global-unsized-operator-delete-shall-be-defined + * @name RULE-21-6-4: Unsized 'operator delete' must be defined globally if sized 'operator delete' is defined globally + * @description If a project defines the sized version of a global operator delete, then the unsized + * version shall be defined. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-21-6-4 + * maintainability + * scope/system + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.globalunsizedoperatordeletenotdefined_shared.GlobalUnsizedOperatorDeleteNotDefined_shared + +class GlobalUnsizedOperatorDeleteShallBeDefinedQuery extends GlobalUnsizedOperatorDeleteNotDefined_sharedSharedQuery { + GlobalUnsizedOperatorDeleteShallBeDefinedQuery() { + this = ImportMisra23Package::globalUnsizedOperatorDeleteShallBeDefinedQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-26-3-1/VectorShouldNotBeSpecializedWithBool.ql b/cpp/misra/src/rules/RULE-26-3-1/VectorShouldNotBeSpecializedWithBool.ql new file mode 100644 index 0000000000..7793ec65d0 --- /dev/null +++ b/cpp/misra/src/rules/RULE-26-3-1/VectorShouldNotBeSpecializedWithBool.ql @@ -0,0 +1,22 @@ +/** + * @id cpp/misra/vector-should-not-be-specialized-with-bool + * @name RULE-26-3-1: std::vector should not be specialized with bool + * @description std::vector should not be specialized with bool. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-26-3-1 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.vectorshouldnotbespecializedwithbool_shared.VectorShouldNotBeSpecializedWithBool_shared + +class VectorShouldNotBeSpecializedWithBoolQuery extends VectorShouldNotBeSpecializedWithBool_sharedSharedQuery { + VectorShouldNotBeSpecializedWithBoolQuery() { + this = ImportMisra23Package::vectorShouldNotBeSpecializedWithBoolQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-28-6-2/ForwardingReferencesAndForwardNotUsedTogether.ql b/cpp/misra/src/rules/RULE-28-6-2/ForwardingReferencesAndForwardNotUsedTogether.ql new file mode 100644 index 0000000000..f134fa28d6 --- /dev/null +++ b/cpp/misra/src/rules/RULE-28-6-2/ForwardingReferencesAndForwardNotUsedTogether.ql @@ -0,0 +1,22 @@ +/** + * @id cpp/misra/forwarding-references-and-forward-not-used-together + * @name RULE-28-6-2: Forwarding references and std::forward shall be used together + * @description Forwarding references and std::forward shall be used together. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-28-6-2 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.forwardingreferencesandforwardnotusedtogether_shared.ForwardingReferencesAndForwardNotUsedTogether_shared + +class ForwardingReferencesAndForwardNotUsedTogetherQuery extends ForwardingReferencesAndForwardNotUsedTogether_sharedSharedQuery { + ForwardingReferencesAndForwardNotUsedTogetherQuery() { + this = ImportMisra23Package::forwardingReferencesAndForwardNotUsedTogetherQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-30-0-1/CstdioFunctionsShallNotBeUsed.ql b/cpp/misra/src/rules/RULE-30-0-1/CstdioFunctionsShallNotBeUsed.ql new file mode 100644 index 0000000000..f05607c77a --- /dev/null +++ b/cpp/misra/src/rules/RULE-30-0-1/CstdioFunctionsShallNotBeUsed.ql @@ -0,0 +1,24 @@ +/** + * @id cpp/misra/cstdio-functions-shall-not-be-used + * @name RULE-30-0-1: The stream input/output library functions shall not be used + * @description The C Library input/output functions shall not be used. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/misra/id/rule-30-0-1 + * maintainability + * correctness + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.cstdiofunctionsused_shared.CstdioFunctionsUsed_shared + +class CstdioFunctionsShallNotBeUsedQuery extends CstdioFunctionsUsed_sharedSharedQuery { + CstdioFunctionsShallNotBeUsedQuery() { + this = ImportMisra23Package::cstdioFunctionsShallNotBeUsedQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-30-0-1/CstdioMacrosShallNotBeUsed.ql b/cpp/misra/src/rules/RULE-30-0-1/CstdioMacrosShallNotBeUsed.ql new file mode 100644 index 0000000000..7590aaccb3 --- /dev/null +++ b/cpp/misra/src/rules/RULE-30-0-1/CstdioMacrosShallNotBeUsed.ql @@ -0,0 +1,24 @@ +/** + * @id cpp/misra/cstdio-macros-shall-not-be-used + * @name RULE-30-0-1: The stream input/output library macros shall not be used + * @description The C Library input/output functions shall not be used. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/misra/id/rule-30-0-1 + * maintainability + * correctness + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.cstdiomacrosused_shared.CstdioMacrosUsed_shared + +class CstdioMacrosShallNotBeUsedQuery extends CstdioMacrosUsed_sharedSharedQuery { + CstdioMacrosShallNotBeUsedQuery() { + this = ImportMisra23Package::cstdioMacrosShallNotBeUsedQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-30-0-1/CstdioTypesShallNotBeUsed.ql b/cpp/misra/src/rules/RULE-30-0-1/CstdioTypesShallNotBeUsed.ql new file mode 100644 index 0000000000..c80ce69250 --- /dev/null +++ b/cpp/misra/src/rules/RULE-30-0-1/CstdioTypesShallNotBeUsed.ql @@ -0,0 +1,24 @@ +/** + * @id cpp/misra/cstdio-types-shall-not-be-used + * @name RULE-30-0-1: The stream input/output library types shall not be used + * @description The C Library input/output functions shall not be used. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/misra/id/rule-30-0-1 + * maintainability + * correctness + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.cstdiotypesused_shared.CstdioTypesUsed_shared + +class CstdioTypesShallNotBeUsedQuery extends CstdioTypesUsed_sharedSharedQuery { + CstdioTypesShallNotBeUsedQuery() { + this = ImportMisra23Package::cstdioTypesShallNotBeUsedQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-4-6-1/MemoryOperationsNotSequencedAppropriately.ql b/cpp/misra/src/rules/RULE-4-6-1/MemoryOperationsNotSequencedAppropriately.ql new file mode 100644 index 0000000000..0bcda339bd --- /dev/null +++ b/cpp/misra/src/rules/RULE-4-6-1/MemoryOperationsNotSequencedAppropriately.ql @@ -0,0 +1,22 @@ +/** + * @id cpp/misra/memory-operations-not-sequenced-appropriately + * @name RULE-4-6-1: Operations on a memory location shall be sequenced appropriately + * @description Operations on a memory location shall be sequenced appropriately. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-4-6-1 + * scope/system + * external/misra/enforcement/undecidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.memoryoperationsnotsequencedappropriately_shared.MemoryOperationsNotSequencedAppropriately_shared + +class MemoryOperationsNotSequencedAppropriatelyQuery extends MemoryOperationsNotSequencedAppropriately_sharedSharedQuery { + MemoryOperationsNotSequencedAppropriatelyQuery() { + this = ImportMisra23Package::memoryOperationsNotSequencedAppropriatelyQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-5-13-1/BackslashCharacterMisuse.ql b/cpp/misra/src/rules/RULE-5-13-1/BackslashCharacterMisuse.ql new file mode 100644 index 0000000000..c2612fd71f --- /dev/null +++ b/cpp/misra/src/rules/RULE-5-13-1/BackslashCharacterMisuse.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/backslash-character-misuse + * @name RULE-5-13-1: In character literals and non-raw string literals, \ shall only be used to form a defined escape + * @description In character literals and non-raw string literals, \ shall only be used to form a + * defined escape sequence or universal character name. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-5-13-1 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.backslashcharactermisuse_shared.BackslashCharacterMisuse_shared + +class BackslashCharacterMisuseQuery extends BackslashCharacterMisuse_sharedSharedQuery { + BackslashCharacterMisuseQuery() { + this = ImportMisra23Package::backslashCharacterMisuseQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-5-13-2/NonTerminatedEscapeSequences.ql b/cpp/misra/src/rules/RULE-5-13-2/NonTerminatedEscapeSequences.ql new file mode 100644 index 0000000000..47a06f2512 --- /dev/null +++ b/cpp/misra/src/rules/RULE-5-13-2/NonTerminatedEscapeSequences.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/non-terminated-escape-sequences + * @name RULE-5-13-2: Octal escape sequences, hexadecimal escape sequences, and universal character names shall be + * @description Octal escape sequences, hexadecimal escape sequences, and universal character names + * shall be terminated. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-5-13-2 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.nonterminatedescapesequences_shared.NonTerminatedEscapeSequences_shared + +class NonTerminatedEscapeSequencesQuery extends NonTerminatedEscapeSequences_sharedSharedQuery { + NonTerminatedEscapeSequencesQuery() { + this = ImportMisra23Package::nonTerminatedEscapeSequencesQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-5-13-3/OctalConstantsUsed.ql b/cpp/misra/src/rules/RULE-5-13-3/OctalConstantsUsed.ql new file mode 100644 index 0000000000..816b3439b2 --- /dev/null +++ b/cpp/misra/src/rules/RULE-5-13-3/OctalConstantsUsed.ql @@ -0,0 +1,22 @@ +/** + * @id cpp/misra/octal-constants-used + * @name RULE-5-13-3: Octal constants shall not be used + * @description Octal constants shall not be used. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-5-13-3 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.useofnonzerooctalliteral_shared.UseOfNonZeroOctalLiteral_shared + +class OctalConstantsUsedQuery extends UseOfNonZeroOctalLiteral_sharedSharedQuery { + OctalConstantsUsedQuery() { + this = ImportMisra23Package::octalConstantsUsedQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-5-13-4/UnsignedIntegerLiteralsNotAppropriatelySuffixed.ql b/cpp/misra/src/rules/RULE-5-13-4/UnsignedIntegerLiteralsNotAppropriatelySuffixed.ql new file mode 100644 index 0000000000..7f3e99bbc9 --- /dev/null +++ b/cpp/misra/src/rules/RULE-5-13-4/UnsignedIntegerLiteralsNotAppropriatelySuffixed.ql @@ -0,0 +1,22 @@ +/** + * @id cpp/misra/unsigned-integer-literals-not-appropriately-suffixed + * @name RULE-5-13-4: Unsigned integer literals shall be appropriately suffixed + * @description Unsigned integer literals shall be appropriately suffixed. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-5-13-4 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.unsignedintegerliteralsnotappropriatelysuffixed_shared.UnsignedIntegerLiteralsNotAppropriatelySuffixed_shared + +class UnsignedIntegerLiteralsNotAppropriatelySuffixedQuery extends UnsignedIntegerLiteralsNotAppropriatelySuffixed_sharedSharedQuery { + UnsignedIntegerLiteralsNotAppropriatelySuffixedQuery() { + this = ImportMisra23Package::unsignedIntegerLiteralsNotAppropriatelySuffixedQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-5-13-5/LowercaseLStartsInLiteralSuffix.ql b/cpp/misra/src/rules/RULE-5-13-5/LowercaseLStartsInLiteralSuffix.ql new file mode 100644 index 0000000000..f1d62437fb --- /dev/null +++ b/cpp/misra/src/rules/RULE-5-13-5/LowercaseLStartsInLiteralSuffix.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/lowercase-l-starts-in-literal-suffix + * @name RULE-5-13-5: The lowercase form of L shall not be used as the first character in a literal suffix + * @description The lowercase form of L shall not be used as the first character in a literal + * suffix. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-5-13-5 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.lowercaselstartsinliteralsuffix_shared.LowercaseLStartsInLiteralSuffix_shared + +class LowercaseLStartsInLiteralSuffixQuery extends LowercaseLStartsInLiteralSuffix_sharedSharedQuery { + LowercaseLStartsInLiteralSuffixQuery() { + this = ImportMisra23Package::lowercaseLStartsInLiteralSuffixQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-5-7-1/CharacterSequenceUsedWithinACStyleComment.ql b/cpp/misra/src/rules/RULE-5-7-1/CharacterSequenceUsedWithinACStyleComment.ql new file mode 100644 index 0000000000..93fc2cfccc --- /dev/null +++ b/cpp/misra/src/rules/RULE-5-7-1/CharacterSequenceUsedWithinACStyleComment.ql @@ -0,0 +1,22 @@ +/** + * @id cpp/misra/character-sequence-used-within-ac-style-comment + * @name RULE-5-7-1: The character sequence /* shall not be used within a C-style comment + * @description The character sequence /* shall not be used within a C-style comment. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-5-7-1 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.charactersequenceusedwithinacstylecomment_shared.CharacterSequenceUsedWithinACStyleComment_shared + +class CharacterSequenceUsedWithinACStyleCommentQuery extends CharacterSequenceUsedWithinACStyleComment_sharedSharedQuery { + CharacterSequenceUsedWithinACStyleCommentQuery() { + this = ImportMisra23Package::characterSequenceUsedWithinACStyleCommentQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-5-7-3/LineSplicingUsedInComments.ql b/cpp/misra/src/rules/RULE-5-7-3/LineSplicingUsedInComments.ql new file mode 100644 index 0000000000..9708b2da46 --- /dev/null +++ b/cpp/misra/src/rules/RULE-5-7-3/LineSplicingUsedInComments.ql @@ -0,0 +1,22 @@ +/** + * @id cpp/misra/line-splicing-used-in-comments + * @name RULE-5-7-3: Line-splicing shall not be used in // comments + * @description Line-splicing shall not be used in // comments. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-5-7-3 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.linesplicingusedincomments_shared.LineSplicingUsedInComments_shared + +class LineSplicingUsedInCommentsQuery extends LineSplicingUsedInComments_sharedSharedQuery { + LineSplicingUsedInCommentsQuery() { + this = ImportMisra23Package::lineSplicingUsedInCommentsQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-6-0-3/GlobalNamespaceDeclarations.ql b/cpp/misra/src/rules/RULE-6-0-3/GlobalNamespaceDeclarations.ql new file mode 100644 index 0000000000..e211dfd770 --- /dev/null +++ b/cpp/misra/src/rules/RULE-6-0-3/GlobalNamespaceDeclarations.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/global-namespace-declarations + * @name RULE-6-0-3: The only declarations in the global namespace should be main, namespace declarations and extern "C" + * @description The only declarations in the global namespace should be main, namespace declarations + * and extern "C" declarations. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-6-0-3 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.globalnamespacedeclarations_shared.GlobalNamespaceDeclarations_shared + +class GlobalNamespaceDeclarationsQuery extends GlobalNamespaceDeclarations_sharedSharedQuery { + GlobalNamespaceDeclarationsQuery() { + this = ImportMisra23Package::globalNamespaceDeclarationsQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-6-0-4/NonGlobalFunctionMain.ql b/cpp/misra/src/rules/RULE-6-0-4/NonGlobalFunctionMain.ql new file mode 100644 index 0000000000..909a4e2640 --- /dev/null +++ b/cpp/misra/src/rules/RULE-6-0-4/NonGlobalFunctionMain.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/non-global-function-main + * @name RULE-6-0-4: The identifier main shall not be used for a function other than the global function main + * @description The identifier main shall not be used for a function other than the global function + * main. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-6-0-4 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.nonglobalfunctionmain_shared.NonGlobalFunctionMain_shared + +class NonGlobalFunctionMainQuery extends NonGlobalFunctionMain_sharedSharedQuery { + NonGlobalFunctionMainQuery() { + this = ImportMisra23Package::nonGlobalFunctionMainQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-6-4-2/DefinitionShallBeConsideredForUnqualifiedLookup.ql b/cpp/misra/src/rules/RULE-6-4-2/DefinitionShallBeConsideredForUnqualifiedLookup.ql new file mode 100644 index 0000000000..bc02bf3f6e --- /dev/null +++ b/cpp/misra/src/rules/RULE-6-4-2/DefinitionShallBeConsideredForUnqualifiedLookup.ql @@ -0,0 +1,26 @@ +/** + * @id cpp/misra/definition-shall-be-considered-for-unqualified-lookup + * @name RULE-6-4-2: Using declaration followed by new definition + * @description A using declaration that makes a symbol available for unqualified lookup does not + * included definitions defined after the using declaration which can result in + * unexpected behavior. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-6-4-2 + * correctness + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.definitionnotconsideredforunqualifiedlookup_shared.DefinitionNotConsideredForUnqualifiedLookup_shared + +class DefinitionShallBeConsideredForUnqualifiedLookupQuery extends DefinitionNotConsideredForUnqualifiedLookup_sharedSharedQuery +{ + DefinitionShallBeConsideredForUnqualifiedLookupQuery() { + this = ImportMisra23Package::definitionShallBeConsideredForUnqualifiedLookupQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-6-4-2/InheritedNonOverridableMemberFunction.ql b/cpp/misra/src/rules/RULE-6-4-2/InheritedNonOverridableMemberFunction.ql new file mode 100644 index 0000000000..b6c246dc20 --- /dev/null +++ b/cpp/misra/src/rules/RULE-6-4-2/InheritedNonOverridableMemberFunction.ql @@ -0,0 +1,24 @@ +/** + * @id cpp/misra/inherited-non-overridable-member-function + * @name RULE-6-4-2: Member function hides inherited member function + * @description A non-overriding member function definition that hides an inherited member function + * can result in unexpected behavior. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-6-4-2 + * correctness + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.hiddeninheritednonoverridablememberfunction_shared.HiddenInheritedNonOverridableMemberFunction_shared + +class InheritedNonOverridableMemberFunctionQuery extends HiddenInheritedNonOverridableMemberFunction_sharedSharedQuery { + InheritedNonOverridableMemberFunctionQuery() { + this = ImportMisra23Package::inheritedNonOverridableMemberFunctionQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-6-4-2/InheritedOverridableMemberFunction.ql b/cpp/misra/src/rules/RULE-6-4-2/InheritedOverridableMemberFunction.ql new file mode 100644 index 0000000000..7212ad840f --- /dev/null +++ b/cpp/misra/src/rules/RULE-6-4-2/InheritedOverridableMemberFunction.ql @@ -0,0 +1,24 @@ +/** + * @id cpp/misra/inherited-overridable-member-function + * @name RULE-6-4-2: Member function hides inherited member function + * @description An overriding member function definition thats hides an overload of the overridden + * inherited member function can result in unexpected behavior. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-6-4-2 + * correctness + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.hiddeninheritedoverridablememberfunction_shared.HiddenInheritedOverridableMemberFunction_shared + +class InheritedOverridableMemberFunctionQuery extends HiddenInheritedOverridableMemberFunction_sharedSharedQuery { + InheritedOverridableMemberFunctionQuery() { + this = ImportMisra23Package::inheritedOverridableMemberFunctionQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-6-4-3/NameShallBeReferredUsingAQualifiedIdOrThis.ql b/cpp/misra/src/rules/RULE-6-4-3/NameShallBeReferredUsingAQualifiedIdOrThis.ql new file mode 100644 index 0000000000..ac7dbcc776 --- /dev/null +++ b/cpp/misra/src/rules/RULE-6-4-3/NameShallBeReferredUsingAQualifiedIdOrThis.ql @@ -0,0 +1,25 @@ +/** + * @id cpp/misra/name-shall-be-referred-using-a-qualified-id-or-this + * @name RULE-6-4-3: In a class template with a dependent base, any name that may be found in that dependent base shall shall be referred to using a qualified-id or this-> + * @description Not using a qualified-id or `this->` syntax for identifiers used in a class template + * makes the code more difficult to understand. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/misra/id/rule-6-4-3 + * maintainability + * readability + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.namenotreferredusingaqualifiedidorthis_shared.NameNotReferredUsingAQualifiedIdOrThis_shared + +class NameShallBeReferredUsingAQualifiedIdOrThisQuery extends NameNotReferredUsingAQualifiedIdOrThis_sharedSharedQuery { + NameShallBeReferredUsingAQualifiedIdOrThisQuery() { + this = ImportMisra23Package::nameShallBeReferredUsingAQualifiedIdOrThisQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-6-4-3/NameShallBeReferredUsingAQualifiedIdOrThisAudit.ql b/cpp/misra/src/rules/RULE-6-4-3/NameShallBeReferredUsingAQualifiedIdOrThisAudit.ql new file mode 100644 index 0000000000..96da12f90b --- /dev/null +++ b/cpp/misra/src/rules/RULE-6-4-3/NameShallBeReferredUsingAQualifiedIdOrThisAudit.ql @@ -0,0 +1,25 @@ +/** + * @id cpp/misra/name-shall-be-referred-using-a-qualified-id-or-this-audit + * @name RULE-6-4-3: (Audit) In a class template with a dependent base, any name that may be found in that dependent base shall shall be referred to using a qualified-id or this-> + * @description Not using a qualified-id or `this->` syntax for identifiers used in a class template + * makes the code more difficult to understand. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/misra/id/rule-6-4-3 + * maintainability + * readability + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.namenotreferredusingaqualifiedidorthisaudit_shared.NameNotReferredUsingAQualifiedIdOrThisAudit_shared + +class NameShallBeReferredUsingAQualifiedIdOrThisAuditQuery extends NameNotReferredUsingAQualifiedIdOrThisAudit_sharedSharedQuery { + NameShallBeReferredUsingAQualifiedIdOrThisAuditQuery() { + this = ImportMisra23Package::nameShallBeReferredUsingAQualifiedIdOrThisAuditQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-6-8-2/ReturnReferenceOrPointerToAutomaticLocalVariable.ql b/cpp/misra/src/rules/RULE-6-8-2/ReturnReferenceOrPointerToAutomaticLocalVariable.ql new file mode 100644 index 0000000000..5ee261a0b8 --- /dev/null +++ b/cpp/misra/src/rules/RULE-6-8-2/ReturnReferenceOrPointerToAutomaticLocalVariable.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/return-reference-or-pointer-to-automatic-local-variable + * @name RULE-6-8-2: A function must not return a reference or a pointer to a local variable with automatic storage + * @description A function must not return a reference or a pointer to a local variable with + * automatic storage duration. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-6-8-2 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/mandatory + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.returnreferenceorpointertoautomaticlocalvariable_shared.ReturnReferenceOrPointerToAutomaticLocalVariable_shared + +class ReturnReferenceOrPointerToAutomaticLocalVariableQuery extends ReturnReferenceOrPointerToAutomaticLocalVariable_sharedSharedQuery { + ReturnReferenceOrPointerToAutomaticLocalVariableQuery() { + this = ImportMisra23Package::returnReferenceOrPointerToAutomaticLocalVariableQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-7-11-1/NullptrNotTheOnlyFormOfTheNullPointerConstant.ql b/cpp/misra/src/rules/RULE-7-11-1/NullptrNotTheOnlyFormOfTheNullPointerConstant.ql new file mode 100644 index 0000000000..6566bbd16d --- /dev/null +++ b/cpp/misra/src/rules/RULE-7-11-1/NullptrNotTheOnlyFormOfTheNullPointerConstant.ql @@ -0,0 +1,22 @@ +/** + * @id cpp/misra/nullptr-not-the-only-form-of-the-null-pointer-constant + * @name RULE-7-11-1: nullptr shall be the only form of the null-pointer-constant + * @description nullptr shall be the only form of the null-pointer-constant. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-7-11-1 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.nullptrnottheonlyformofthenullpointerconstant_shared.NullptrNotTheOnlyFormOfTheNullPointerConstant_shared + +class NullptrNotTheOnlyFormOfTheNullPointerConstantQuery extends NullptrNotTheOnlyFormOfTheNullPointerConstant_sharedSharedQuery { + NullptrNotTheOnlyFormOfTheNullPointerConstantQuery() { + this = ImportMisra23Package::nullptrNotTheOnlyFormOfTheNullPointerConstantQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-7-11-2/ArrayPassedAsFunctionArgumentDecayToAPointer.ql b/cpp/misra/src/rules/RULE-7-11-2/ArrayPassedAsFunctionArgumentDecayToAPointer.ql new file mode 100644 index 0000000000..dbefbaa845 --- /dev/null +++ b/cpp/misra/src/rules/RULE-7-11-2/ArrayPassedAsFunctionArgumentDecayToAPointer.ql @@ -0,0 +1,22 @@ +/** + * @id cpp/misra/array-passed-as-function-argument-decay-to-a-pointer + * @name RULE-7-11-2: An array passed as a function argument shall not decay to a pointer + * @description An array passed as a function argument shall not decay to a pointer. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-7-11-2 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.arraypassedasfunctionargumentdecaytoapointer_shared.ArrayPassedAsFunctionArgumentDecayToAPointer_shared + +class ArrayPassedAsFunctionArgumentDecayToAPointerQuery extends ArrayPassedAsFunctionArgumentDecayToAPointer_sharedSharedQuery { + ArrayPassedAsFunctionArgumentDecayToAPointerQuery() { + this = ImportMisra23Package::arrayPassedAsFunctionArgumentDecayToAPointerQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-8-18-2/ResultOfAnAssignmentOperatorShouldNotBeUsed.ql b/cpp/misra/src/rules/RULE-8-18-2/ResultOfAnAssignmentOperatorShouldNotBeUsed.ql new file mode 100644 index 0000000000..56f177e9cd --- /dev/null +++ b/cpp/misra/src/rules/RULE-8-18-2/ResultOfAnAssignmentOperatorShouldNotBeUsed.ql @@ -0,0 +1,22 @@ +/** + * @id cpp/misra/result-of-an-assignment-operator-should-not-be-used + * @name RULE-8-18-2: The result of an assignment operator should not be used + * @description The result of an assignment operator should not be used. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-8-18-2 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.resultofanassignmentoperatorshouldnotbeused_shared.ResultOfAnAssignmentOperatorShouldNotBeUsed_shared + +class ResultOfAnAssignmentOperatorShouldNotBeUsedQuery extends ResultOfAnAssignmentOperatorShouldNotBeUsed_sharedSharedQuery { + ResultOfAnAssignmentOperatorShouldNotBeUsedQuery() { + this = ImportMisra23Package::resultOfAnAssignmentOperatorShouldNotBeUsedQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-8-19-1/CommaOperatorShouldNotBeUsed.ql b/cpp/misra/src/rules/RULE-8-19-1/CommaOperatorShouldNotBeUsed.ql new file mode 100644 index 0000000000..df5be50dc0 --- /dev/null +++ b/cpp/misra/src/rules/RULE-8-19-1/CommaOperatorShouldNotBeUsed.ql @@ -0,0 +1,22 @@ +/** + * @id cpp/misra/comma-operator-should-not-be-used + * @name RULE-8-19-1: The comma operator should not be used + * @description The comma operator should not be used. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-8-19-1 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.commaoperatorused.CommaOperatorUsed + +class CommaOperatorShouldNotBeUsedQuery extends CommaOperatorUsedSharedQuery { + CommaOperatorShouldNotBeUsedQuery() { + this = ImportMisra23Package::commaOperatorShouldNotBeUsedQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-8-2-10/FunctionsCallThemselvesEitherDirectlyOrIndirectly.ql b/cpp/misra/src/rules/RULE-8-2-10/FunctionsCallThemselvesEitherDirectlyOrIndirectly.ql new file mode 100644 index 0000000000..bd9da57cc2 --- /dev/null +++ b/cpp/misra/src/rules/RULE-8-2-10/FunctionsCallThemselvesEitherDirectlyOrIndirectly.ql @@ -0,0 +1,22 @@ +/** + * @id cpp/misra/functions-call-themselves-either-directly-or-indirectly + * @name RULE-8-2-10: Functions shall not call themselves, either directly or indirectly + * @description Functions shall not call themselves, either directly or indirectly. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-8-2-10 + * scope/system + * external/misra/enforcement/undecidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.functionscallthemselveseitherdirectlyorindirectly_shared.FunctionsCallThemselvesEitherDirectlyOrIndirectly_shared + +class FunctionsCallThemselvesEitherDirectlyOrIndirectlyQuery extends FunctionsCallThemselvesEitherDirectlyOrIndirectly_sharedSharedQuery { + FunctionsCallThemselvesEitherDirectlyOrIndirectlyQuery() { + this = ImportMisra23Package::functionsCallThemselvesEitherDirectlyOrIndirectlyQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-8-2-4/CastsBetweenAPointerToFunctionAndAnyOtherType.ql b/cpp/misra/src/rules/RULE-8-2-4/CastsBetweenAPointerToFunctionAndAnyOtherType.ql new file mode 100644 index 0000000000..b8dcbd2ced --- /dev/null +++ b/cpp/misra/src/rules/RULE-8-2-4/CastsBetweenAPointerToFunctionAndAnyOtherType.ql @@ -0,0 +1,22 @@ +/** + * @id cpp/misra/casts-between-a-pointer-to-function-and-any-other-type + * @name RULE-8-2-4: Casts shall not be performed between a pointer to function and any other type + * @description Casts shall not be performed between a pointer to function and any other type. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-8-2-4 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.castsbetweenapointertofunctionandanyothertype_shared.CastsBetweenAPointerToFunctionAndAnyOtherType_shared + +class CastsBetweenAPointerToFunctionAndAnyOtherTypeQuery extends CastsBetweenAPointerToFunctionAndAnyOtherType_sharedSharedQuery { + CastsBetweenAPointerToFunctionAndAnyOtherTypeQuery() { + this = ImportMisra23Package::castsBetweenAPointerToFunctionAndAnyOtherTypeQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-8-2-5/ReinterpretCastShallNotBeUsed.ql b/cpp/misra/src/rules/RULE-8-2-5/ReinterpretCastShallNotBeUsed.ql new file mode 100644 index 0000000000..8af353d948 --- /dev/null +++ b/cpp/misra/src/rules/RULE-8-2-5/ReinterpretCastShallNotBeUsed.ql @@ -0,0 +1,22 @@ +/** + * @id cpp/misra/reinterpret-cast-shall-not-be-used + * @name RULE-8-2-5: reinterpret_cast shall not be used + * @description reinterpret_cast shall not be used. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-8-2-5 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.reinterpretcastused_shared.ReinterpretCastUsed_shared + +class ReinterpretCastShallNotBeUsedQuery extends ReinterpretCastUsed_sharedSharedQuery { + ReinterpretCastShallNotBeUsedQuery() { + this = ImportMisra23Package::reinterpretCastShallNotBeUsedQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-8-20-1/UnsignedOperationWithConstantOperandsWraps.ql b/cpp/misra/src/rules/RULE-8-20-1/UnsignedOperationWithConstantOperandsWraps.ql new file mode 100644 index 0000000000..6100aa30c4 --- /dev/null +++ b/cpp/misra/src/rules/RULE-8-20-1/UnsignedOperationWithConstantOperandsWraps.ql @@ -0,0 +1,22 @@ +/** + * @id cpp/misra/unsigned-operation-with-constant-operands-wraps + * @name RULE-8-20-1: An unsigned arithmetic operation with constant operands should not wrap + * @description An unsigned arithmetic operation with constant operands should not wrap. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-8-20-1 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.unsignedoperationwithconstantoperandswraps_shared.UnsignedOperationWithConstantOperandsWraps_shared + +class UnsignedOperationWithConstantOperandsWrapsQuery extends UnsignedOperationWithConstantOperandsWraps_sharedSharedQuery { + UnsignedOperationWithConstantOperandsWrapsQuery() { + this = ImportMisra23Package::unsignedOperationWithConstantOperandsWrapsQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-8-3-1/BuiltInUnaryOperatorAppliedToUnsignedExpression.ql b/cpp/misra/src/rules/RULE-8-3-1/BuiltInUnaryOperatorAppliedToUnsignedExpression.ql new file mode 100644 index 0000000000..38be9db001 --- /dev/null +++ b/cpp/misra/src/rules/RULE-8-3-1/BuiltInUnaryOperatorAppliedToUnsignedExpression.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/built-in-unary-operator-applied-to-unsigned-expression + * @name RULE-8-3-1: The built-in unary - operator should not be applied to an expression of unsigned type + * @description The built-in unary - operator should not be applied to an expression of unsigned + * type. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-8-3-1 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.builtinunaryoperatorappliedtounsignedexpression_shared.BuiltInUnaryOperatorAppliedToUnsignedExpression_shared + +class BuiltInUnaryOperatorAppliedToUnsignedExpressionQuery extends BuiltInUnaryOperatorAppliedToUnsignedExpression_sharedSharedQuery { + BuiltInUnaryOperatorAppliedToUnsignedExpressionQuery() { + this = ImportMisra23Package::builtInUnaryOperatorAppliedToUnsignedExpressionQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-9-3-1/LoopBodyCompoundCondition.ql b/cpp/misra/src/rules/RULE-9-3-1/LoopBodyCompoundCondition.ql new file mode 100644 index 0000000000..2984d328fd --- /dev/null +++ b/cpp/misra/src/rules/RULE-9-3-1/LoopBodyCompoundCondition.ql @@ -0,0 +1,25 @@ +/** + * @id cpp/misra/loop-body-compound-condition + * @name RULE-9-3-1: The statement forming the body of a loop shall be a compound statement + * @description If the body of a loop is not enclosed in braces, then this can lead to incorrect + * execution, and hard for developers to maintain. + * @kind problem + * @precision very-high + * @problem.severity recommendation + * @tags external/misra/id/rule-9-3-1 + * maintainability + * readability + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.loopcompoundcondition_shared.LoopCompoundCondition_shared + +class LoopBodyCompoundConditionQuery extends LoopCompoundCondition_sharedSharedQuery { + LoopBodyCompoundConditionQuery() { + this = ImportMisra23Package::loopBodyCompoundConditionQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-9-3-1/SwitchBodyCompoundCondition.ql b/cpp/misra/src/rules/RULE-9-3-1/SwitchBodyCompoundCondition.ql new file mode 100644 index 0000000000..8ab562bd38 --- /dev/null +++ b/cpp/misra/src/rules/RULE-9-3-1/SwitchBodyCompoundCondition.ql @@ -0,0 +1,25 @@ +/** + * @id cpp/misra/switch-body-compound-condition + * @name RULE-9-3-1: The statement forming the body of a switch shall be a compound statement + * @description If the body of a switch is not enclosed in braces, then this can lead to incorrect + * execution, and hard for developers to maintain. + * @kind problem + * @precision very-high + * @problem.severity recommendation + * @tags external/misra/id/rule-9-3-1 + * maintainability + * readability + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.switchcompoundcondition_shared.SwitchCompoundCondition_shared + +class SwitchBodyCompoundConditionQuery extends SwitchCompoundCondition_sharedSharedQuery { + SwitchBodyCompoundConditionQuery() { + this = ImportMisra23Package::switchBodyCompoundConditionQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-9-6-1/GotoStatementShouldNotBeUsed.ql b/cpp/misra/src/rules/RULE-9-6-1/GotoStatementShouldNotBeUsed.ql new file mode 100644 index 0000000000..6db27d6c75 --- /dev/null +++ b/cpp/misra/src/rules/RULE-9-6-1/GotoStatementShouldNotBeUsed.ql @@ -0,0 +1,22 @@ +/** + * @id cpp/misra/goto-statement-should-not-be-used + * @name RULE-9-6-1: The goto statement should not be used + * @description The goto statement should not be used. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-9-6-1 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.gotostatementshouldnotbeused_shared.GotoStatementShouldNotBeUsed_shared + +class GotoStatementShouldNotBeUsedQuery extends GotoStatementShouldNotBeUsed_sharedSharedQuery { + GotoStatementShouldNotBeUsedQuery() { + this = ImportMisra23Package::gotoStatementShouldNotBeUsedQuery() + } +} diff --git a/cpp/misra/src/rules/RULE-9-6-2/GotoReferenceALabelInSurroundingBlock.ql b/cpp/misra/src/rules/RULE-9-6-2/GotoReferenceALabelInSurroundingBlock.ql new file mode 100644 index 0000000000..da381e8033 --- /dev/null +++ b/cpp/misra/src/rules/RULE-9-6-2/GotoReferenceALabelInSurroundingBlock.ql @@ -0,0 +1,22 @@ +/** + * @id cpp/misra/goto-reference-a-label-in-surrounding-block + * @name RULE-9-6-2: A goto statement shall reference a label in a surrounding block + * @description A goto statement shall reference a label in a surrounding block. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-9-6-2 + * scope/single-translation-unit + * external/misra/enforcement/decidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.gotoreferencealabelinsurroundingblock_shared.GotoReferenceALabelInSurroundingBlock_shared + +class GotoReferenceALabelInSurroundingBlockQuery extends GotoReferenceALabelInSurroundingBlock_sharedSharedQuery { + GotoReferenceALabelInSurroundingBlockQuery() { + this = ImportMisra23Package::gotoReferenceALabelInSurroundingBlockQuery() + } +} diff --git a/cpp/misra/test/rules/DIR-15-8-1/CopyAndMoveAssignmentsShallHandleSelfAssignment.testref b/cpp/misra/test/rules/DIR-15-8-1/CopyAndMoveAssignmentsShallHandleSelfAssignment.testref new file mode 100644 index 0000000000..23e38dba55 --- /dev/null +++ b/cpp/misra/test/rules/DIR-15-8-1/CopyAndMoveAssignmentsShallHandleSelfAssignment.testref @@ -0,0 +1 @@ +cpp/common/test/rules/copyandmoveassignmentsshallhandleselfassignment_shared/CopyAndMoveAssignmentsShallHandleSelfAssignment_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-10-0-1/MultipleGlobalOrMemberDeclarators.testref b/cpp/misra/test/rules/RULE-10-0-1/MultipleGlobalOrMemberDeclarators.testref new file mode 100644 index 0000000000..b848fce94f --- /dev/null +++ b/cpp/misra/test/rules/RULE-10-0-1/MultipleGlobalOrMemberDeclarators.testref @@ -0,0 +1 @@ +cpp/common/test/rules/multipleglobalormemberdeclarators_shared/MultipleGlobalOrMemberDeclarators_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-10-0-1/MultipleLocalDeclarators.testref b/cpp/misra/test/rules/RULE-10-0-1/MultipleLocalDeclarators.testref new file mode 100644 index 0000000000..2d7784cea0 --- /dev/null +++ b/cpp/misra/test/rules/RULE-10-0-1/MultipleLocalDeclarators.testref @@ -0,0 +1 @@ +cpp/common/test/rules/multiplelocaldeclarators_shared/MultipleLocalDeclarators_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-10-0-1/UseSingleGlobalOrMemberDeclarators.testref b/cpp/misra/test/rules/RULE-10-0-1/UseSingleGlobalOrMemberDeclarators.testref new file mode 100644 index 0000000000..b848fce94f --- /dev/null +++ b/cpp/misra/test/rules/RULE-10-0-1/UseSingleGlobalOrMemberDeclarators.testref @@ -0,0 +1 @@ +cpp/common/test/rules/multipleglobalormemberdeclarators_shared/MultipleGlobalOrMemberDeclarators_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-10-0-1/UseSingleLocalDeclarators.testref b/cpp/misra/test/rules/RULE-10-0-1/UseSingleLocalDeclarators.testref new file mode 100644 index 0000000000..2d7784cea0 --- /dev/null +++ b/cpp/misra/test/rules/RULE-10-0-1/UseSingleLocalDeclarators.testref @@ -0,0 +1 @@ +cpp/common/test/rules/multiplelocaldeclarators_shared/MultipleLocalDeclarators_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-10-2-1/EnumerationNotDefinedWithAnExplicitUnderlyingType.testref b/cpp/misra/test/rules/RULE-10-2-1/EnumerationNotDefinedWithAnExplicitUnderlyingType.testref new file mode 100644 index 0000000000..27391be776 --- /dev/null +++ b/cpp/misra/test/rules/RULE-10-2-1/EnumerationNotDefinedWithAnExplicitUnderlyingType.testref @@ -0,0 +1 @@ +cpp/common/test/rules/enumerationnotdefinedwithanexplicitunderlyingtype_shared/EnumerationNotDefinedWithAnExplicitUnderlyingType_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-10-4-1/AsmDeclarationShallNotBeUsed.testref b/cpp/misra/test/rules/RULE-10-4-1/AsmDeclarationShallNotBeUsed.testref new file mode 100644 index 0000000000..d0a190a3eb --- /dev/null +++ b/cpp/misra/test/rules/RULE-10-4-1/AsmDeclarationShallNotBeUsed.testref @@ -0,0 +1 @@ +cpp/common/test/rules/asmdeclarationused_shared/AsmDeclarationUsed_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-11-6-3/NonUniqueEnumerationConstant.testref b/cpp/misra/test/rules/RULE-11-6-3/NonUniqueEnumerationConstant.testref new file mode 100644 index 0000000000..f25d51bf8d --- /dev/null +++ b/cpp/misra/test/rules/RULE-11-6-3/NonUniqueEnumerationConstant.testref @@ -0,0 +1 @@ +cpp/common/test/rules/nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-12-2-2/BitFieldShallHaveAnAppropriateType.testref b/cpp/misra/test/rules/RULE-12-2-2/BitFieldShallHaveAnAppropriateType.testref new file mode 100644 index 0000000000..32867e3bbc --- /dev/null +++ b/cpp/misra/test/rules/RULE-12-2-2/BitFieldShallHaveAnAppropriateType.testref @@ -0,0 +1 @@ +cpp/common/test/rules/bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-12-2-3/SignedIntegerNamedBitFieldHaveALengthOfOneBit.testref b/cpp/misra/test/rules/RULE-12-2-3/SignedIntegerNamedBitFieldHaveALengthOfOneBit.testref new file mode 100644 index 0000000000..a2543b0769 --- /dev/null +++ b/cpp/misra/test/rules/RULE-12-2-3/SignedIntegerNamedBitFieldHaveALengthOfOneBit.testref @@ -0,0 +1 @@ +cpp/common/test/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-13-1-2/VirtualAndNonVirtualClassInTheHierarchy.testref b/cpp/misra/test/rules/RULE-13-1-2/VirtualAndNonVirtualClassInTheHierarchy.testref new file mode 100644 index 0000000000..966337628d --- /dev/null +++ b/cpp/misra/test/rules/RULE-13-1-2/VirtualAndNonVirtualClassInTheHierarchy.testref @@ -0,0 +1 @@ +cpp/common/test/rules/virtualandnonvirtualclassinthehierarchy_shared/VirtualAndNonVirtualClassInTheHierarchy_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-13-3-2/OverridingShallSpecifyDifferentDefaultArguments.testref b/cpp/misra/test/rules/RULE-13-3-2/OverridingShallSpecifyDifferentDefaultArguments.testref new file mode 100644 index 0000000000..c89e908ada --- /dev/null +++ b/cpp/misra/test/rules/RULE-13-3-2/OverridingShallSpecifyDifferentDefaultArguments.testref @@ -0,0 +1 @@ +cpp/common/test/rules/overridingshallspecifydifferentdefaultarguments_shared/OverridingShallSpecifyDifferentDefaultArguments_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-13-3-4/PotentiallyVirtualPointerOnlyComparesToNullptr.testref b/cpp/misra/test/rules/RULE-13-3-4/PotentiallyVirtualPointerOnlyComparesToNullptr.testref new file mode 100644 index 0000000000..2a9e8b2eef --- /dev/null +++ b/cpp/misra/test/rules/RULE-13-3-4/PotentiallyVirtualPointerOnlyComparesToNullptr.testref @@ -0,0 +1 @@ +cpp/common/test/rules/potentiallyvirtualpointeronlycomparestonullptr_shared/PotentiallyVirtualPointerOnlyComparesToNullptr_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-15-1-1/ObjectsDynamicTypeUsedFromConstructorOrDestructor.testref b/cpp/misra/test/rules/RULE-15-1-1/ObjectsDynamicTypeUsedFromConstructorOrDestructor.testref new file mode 100644 index 0000000000..985c209460 --- /dev/null +++ b/cpp/misra/test/rules/RULE-15-1-1/ObjectsDynamicTypeUsedFromConstructorOrDestructor.testref @@ -0,0 +1 @@ +cpp/common/test/rules/objectsdynamictypeusedfromconstructorordestructor_shared/ObjectsDynamicTypeUsedFromConstructorOrDestructor_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-15-1-2/InitializeAllVirtualBaseClasses.testref b/cpp/misra/test/rules/RULE-15-1-2/InitializeAllVirtualBaseClasses.testref new file mode 100644 index 0000000000..1bf7e7fffb --- /dev/null +++ b/cpp/misra/test/rules/RULE-15-1-2/InitializeAllVirtualBaseClasses.testref @@ -0,0 +1 @@ +cpp/common/test/rules/initializeallvirtualbaseclasses_shared/InitializeAllVirtualBaseClasses_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-15-1-5/InitializerListConstructorIsTheOnlyConstructor.testref b/cpp/misra/test/rules/RULE-15-1-5/InitializerListConstructorIsTheOnlyConstructor.testref new file mode 100644 index 0000000000..b9075dec6f --- /dev/null +++ b/cpp/misra/test/rules/RULE-15-1-5/InitializerListConstructorIsTheOnlyConstructor.testref @@ -0,0 +1 @@ +cpp/common/test/rules/initializerlistconstructoristheonlyconstructor_shared/InitializerListConstructorIsTheOnlyConstructor_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-16-5-2/AddressOfOperatorOverloaded.testref b/cpp/misra/test/rules/RULE-16-5-2/AddressOfOperatorOverloaded.testref new file mode 100644 index 0000000000..f9c1d69467 --- /dev/null +++ b/cpp/misra/test/rules/RULE-16-5-2/AddressOfOperatorOverloaded.testref @@ -0,0 +1 @@ +cpp/common/test/rules/addressofoperatoroverloaded_shared/AddressOfOperatorOverloaded_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-17-8-1/FunctionTemplatesExplicitlySpecialized.testref b/cpp/misra/test/rules/RULE-17-8-1/FunctionTemplatesExplicitlySpecialized.testref new file mode 100644 index 0000000000..04c3f5a724 --- /dev/null +++ b/cpp/misra/test/rules/RULE-17-8-1/FunctionTemplatesExplicitlySpecialized.testref @@ -0,0 +1 @@ +cpp/common/test/rules/functiontemplatesexplicitlyspecialized_shared/FunctionTemplatesExplicitlySpecialized_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-18-1-1/ExceptionObjectHavePointerType.testref b/cpp/misra/test/rules/RULE-18-1-1/ExceptionObjectHavePointerType.testref new file mode 100644 index 0000000000..41eabfe5a6 --- /dev/null +++ b/cpp/misra/test/rules/RULE-18-1-1/ExceptionObjectHavePointerType.testref @@ -0,0 +1 @@ +cpp/common/test/rules/exceptionobjecthavepointertype_shared/ExceptionObjectHavePointerType_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-18-1-2/EmptyThrowOnlyWithinACatchHandler.testref b/cpp/misra/test/rules/RULE-18-1-2/EmptyThrowOnlyWithinACatchHandler.testref new file mode 100644 index 0000000000..01a7dde1dd --- /dev/null +++ b/cpp/misra/test/rules/RULE-18-1-2/EmptyThrowOnlyWithinACatchHandler.testref @@ -0,0 +1 @@ +cpp/common/test/rules/emptythrowonlywithinacatchhandler_shared/EmptyThrowOnlyWithinACatchHandler_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-18-5-1/NoexceptFunctionShouldNotPropagateToTheCaller.testref b/cpp/misra/test/rules/RULE-18-5-1/NoexceptFunctionShouldNotPropagateToTheCaller.testref new file mode 100644 index 0000000000..089cce1ccf --- /dev/null +++ b/cpp/misra/test/rules/RULE-18-5-1/NoexceptFunctionShouldNotPropagateToTheCaller.testref @@ -0,0 +1 @@ +cpp/common/test/rules/noexceptfunctionshouldnotpropagatetothecaller_shared/NoexceptFunctionShouldNotPropagateToTheCaller_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-19-0-2/FunctionLikeMacrosDefined.testref b/cpp/misra/test/rules/RULE-19-0-2/FunctionLikeMacrosDefined.testref new file mode 100644 index 0000000000..99791747ae --- /dev/null +++ b/cpp/misra/test/rules/RULE-19-0-2/FunctionLikeMacrosDefined.testref @@ -0,0 +1 @@ +cpp/common/test/rules/functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-19-3-2/MacroParameterFollowingHash.testref b/cpp/misra/test/rules/RULE-19-3-2/MacroParameterFollowingHash.testref new file mode 100644 index 0000000000..bf61f640dd --- /dev/null +++ b/cpp/misra/test/rules/RULE-19-3-2/MacroParameterFollowingHash.testref @@ -0,0 +1 @@ +cpp/common/test/rules/macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-19-3-3/AMixedUseMacroArgumentSubjectToExpansion.testref b/cpp/misra/test/rules/RULE-19-3-3/AMixedUseMacroArgumentSubjectToExpansion.testref new file mode 100644 index 0000000000..6cfdd63510 --- /dev/null +++ b/cpp/misra/test/rules/RULE-19-3-3/AMixedUseMacroArgumentSubjectToExpansion.testref @@ -0,0 +1 @@ +cpp/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-21-10-3/CsignalFacilitiesUsed.testref b/cpp/misra/test/rules/RULE-21-10-3/CsignalFacilitiesUsed.testref new file mode 100644 index 0000000000..e491bc10c7 --- /dev/null +++ b/cpp/misra/test/rules/RULE-21-10-3/CsignalFacilitiesUsed.testref @@ -0,0 +1 @@ +cpp/common/test/rules/csignalfacilitiesused_shared/CsignalFacilitiesUsed_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-21-10-3/CsignalTypesShallNotBeUsed.testref b/cpp/misra/test/rules/RULE-21-10-3/CsignalTypesShallNotBeUsed.testref new file mode 100644 index 0000000000..3ea4c7008d --- /dev/null +++ b/cpp/misra/test/rules/RULE-21-10-3/CsignalTypesShallNotBeUsed.testref @@ -0,0 +1 @@ +cpp/common/test/rules/csignaltypesused_shared/CsignalTypesUsed_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-21-10-3/CsignalTypesUsed.testref b/cpp/misra/test/rules/RULE-21-10-3/CsignalTypesUsed.testref new file mode 100644 index 0000000000..3ea4c7008d --- /dev/null +++ b/cpp/misra/test/rules/RULE-21-10-3/CsignalTypesUsed.testref @@ -0,0 +1 @@ +cpp/common/test/rules/csignaltypesused_shared/CsignalTypesUsed_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-21-2-1/AtofAtoiAtolAndAtollUsed.testref b/cpp/misra/test/rules/RULE-21-2-1/AtofAtoiAtolAndAtollUsed.testref new file mode 100644 index 0000000000..67251b4d35 --- /dev/null +++ b/cpp/misra/test/rules/RULE-21-2-1/AtofAtoiAtolAndAtollUsed.testref @@ -0,0 +1 @@ +cpp/common/test/rules/atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-21-2-4/MacroOffsetofShallNotBeUsed.testref b/cpp/misra/test/rules/RULE-21-2-4/MacroOffsetofShallNotBeUsed.testref new file mode 100644 index 0000000000..f53f8d6f9f --- /dev/null +++ b/cpp/misra/test/rules/RULE-21-2-4/MacroOffsetofShallNotBeUsed.testref @@ -0,0 +1 @@ +cpp/common/test/rules/macrooffsetofused_shared/MacroOffsetofUsed_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-21-6-4/GlobalSizedOperatorDeleteShallBeDefined.testref b/cpp/misra/test/rules/RULE-21-6-4/GlobalSizedOperatorDeleteShallBeDefined.testref new file mode 100644 index 0000000000..bd7e582a38 --- /dev/null +++ b/cpp/misra/test/rules/RULE-21-6-4/GlobalSizedOperatorDeleteShallBeDefined.testref @@ -0,0 +1 @@ +cpp/common/test/rules/globalsizedoperatordeletenotdefined_shared/GlobalSizedOperatorDeleteNotDefined_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-21-6-4/GlobalUnsizedOperatorDeleteShallBeDefined.testref b/cpp/misra/test/rules/RULE-21-6-4/GlobalUnsizedOperatorDeleteShallBeDefined.testref new file mode 100644 index 0000000000..781d037067 --- /dev/null +++ b/cpp/misra/test/rules/RULE-21-6-4/GlobalUnsizedOperatorDeleteShallBeDefined.testref @@ -0,0 +1 @@ +cpp/common/test/rules/globalunsizedoperatordeletenotdefined_shared/GlobalUnsizedOperatorDeleteNotDefined_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-26-3-1/VectorShouldNotBeSpecializedWithBool.testref b/cpp/misra/test/rules/RULE-26-3-1/VectorShouldNotBeSpecializedWithBool.testref new file mode 100644 index 0000000000..96d8385f5f --- /dev/null +++ b/cpp/misra/test/rules/RULE-26-3-1/VectorShouldNotBeSpecializedWithBool.testref @@ -0,0 +1 @@ +cpp/common/test/rules/vectorshouldnotbespecializedwithbool_shared/VectorShouldNotBeSpecializedWithBool_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-28-6-2/ForwardingReferencesAndForwardNotUsedTogether.testref b/cpp/misra/test/rules/RULE-28-6-2/ForwardingReferencesAndForwardNotUsedTogether.testref new file mode 100644 index 0000000000..16fd01273f --- /dev/null +++ b/cpp/misra/test/rules/RULE-28-6-2/ForwardingReferencesAndForwardNotUsedTogether.testref @@ -0,0 +1 @@ +cpp/common/test/rules/forwardingreferencesandforwardnotusedtogether_shared/ForwardingReferencesAndForwardNotUsedTogether_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-30-0-1/CstdioFunctionsShallNotBeUsed.testref b/cpp/misra/test/rules/RULE-30-0-1/CstdioFunctionsShallNotBeUsed.testref new file mode 100644 index 0000000000..595b7fcffa --- /dev/null +++ b/cpp/misra/test/rules/RULE-30-0-1/CstdioFunctionsShallNotBeUsed.testref @@ -0,0 +1 @@ +cpp/common/test/rules/cstdiofunctionsused_shared/CstdioFunctionsUsed_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-30-0-1/CstdioMacrosShallNotBeUsed.testref b/cpp/misra/test/rules/RULE-30-0-1/CstdioMacrosShallNotBeUsed.testref new file mode 100644 index 0000000000..8bc3a8fcde --- /dev/null +++ b/cpp/misra/test/rules/RULE-30-0-1/CstdioMacrosShallNotBeUsed.testref @@ -0,0 +1 @@ +cpp/common/test/rules/cstdiomacrosused_shared/CstdioMacrosUsed_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-30-0-1/CstdioTypesShallNotBeUsed.testref b/cpp/misra/test/rules/RULE-30-0-1/CstdioTypesShallNotBeUsed.testref new file mode 100644 index 0000000000..4020d6427e --- /dev/null +++ b/cpp/misra/test/rules/RULE-30-0-1/CstdioTypesShallNotBeUsed.testref @@ -0,0 +1 @@ +cpp/common/test/rules/cstdiotypesused_shared/CstdioTypesUsed_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-4-6-1/MemoryOperationsNotSequencedAppropriately.testref b/cpp/misra/test/rules/RULE-4-6-1/MemoryOperationsNotSequencedAppropriately.testref new file mode 100644 index 0000000000..347bf0114c --- /dev/null +++ b/cpp/misra/test/rules/RULE-4-6-1/MemoryOperationsNotSequencedAppropriately.testref @@ -0,0 +1 @@ +cpp/common/test/rules/memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-5-13-1/BackslashCharacterMisuse.testref b/cpp/misra/test/rules/RULE-5-13-1/BackslashCharacterMisuse.testref new file mode 100644 index 0000000000..a257ad6ab7 --- /dev/null +++ b/cpp/misra/test/rules/RULE-5-13-1/BackslashCharacterMisuse.testref @@ -0,0 +1 @@ +cpp/common/test/rules/backslashcharactermisuse_shared/BackslashCharacterMisuse_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-5-13-2/NonTerminatedEscapeSequences.testref b/cpp/misra/test/rules/RULE-5-13-2/NonTerminatedEscapeSequences.testref new file mode 100644 index 0000000000..6212775e36 --- /dev/null +++ b/cpp/misra/test/rules/RULE-5-13-2/NonTerminatedEscapeSequences.testref @@ -0,0 +1 @@ +cpp/common/test/rules/nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-5-13-3/OctalConstantsUsed.testref b/cpp/misra/test/rules/RULE-5-13-3/OctalConstantsUsed.testref new file mode 100644 index 0000000000..5b23b86826 --- /dev/null +++ b/cpp/misra/test/rules/RULE-5-13-3/OctalConstantsUsed.testref @@ -0,0 +1 @@ +cpp/common/test/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-5-13-4/UnsignedIntegerLiteralsNotAppropriatelySuffixed.testref b/cpp/misra/test/rules/RULE-5-13-4/UnsignedIntegerLiteralsNotAppropriatelySuffixed.testref new file mode 100644 index 0000000000..1a58c1eee1 --- /dev/null +++ b/cpp/misra/test/rules/RULE-5-13-4/UnsignedIntegerLiteralsNotAppropriatelySuffixed.testref @@ -0,0 +1 @@ +cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed_shared/UnsignedIntegerLiteralsNotAppropriatelySuffixed_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-5-13-5/LowercaseLStartsInLiteralSuffix.testref b/cpp/misra/test/rules/RULE-5-13-5/LowercaseLStartsInLiteralSuffix.testref new file mode 100644 index 0000000000..ab0542973b --- /dev/null +++ b/cpp/misra/test/rules/RULE-5-13-5/LowercaseLStartsInLiteralSuffix.testref @@ -0,0 +1 @@ +cpp/common/test/rules/lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-5-7-1/CharacterSequenceUsedWithinACStyleComment.testref b/cpp/misra/test/rules/RULE-5-7-1/CharacterSequenceUsedWithinACStyleComment.testref new file mode 100644 index 0000000000..8073a976cd --- /dev/null +++ b/cpp/misra/test/rules/RULE-5-7-1/CharacterSequenceUsedWithinACStyleComment.testref @@ -0,0 +1 @@ +cpp/common/test/rules/charactersequenceusedwithinacstylecomment_shared/CharacterSequenceUsedWithinACStyleComment_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-5-7-3/LineSplicingUsedInComments.testref b/cpp/misra/test/rules/RULE-5-7-3/LineSplicingUsedInComments.testref new file mode 100644 index 0000000000..d4f66ed35e --- /dev/null +++ b/cpp/misra/test/rules/RULE-5-7-3/LineSplicingUsedInComments.testref @@ -0,0 +1 @@ +cpp/common/test/rules/linesplicingusedincomments_shared/LineSplicingUsedInComments_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-6-0-3/GlobalNamespaceDeclarations.testref b/cpp/misra/test/rules/RULE-6-0-3/GlobalNamespaceDeclarations.testref new file mode 100644 index 0000000000..93764c480e --- /dev/null +++ b/cpp/misra/test/rules/RULE-6-0-3/GlobalNamespaceDeclarations.testref @@ -0,0 +1 @@ +cpp/common/test/rules/globalnamespacedeclarations_shared/GlobalNamespaceDeclarations_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-6-0-4/NonGlobalFunctionMain.testref b/cpp/misra/test/rules/RULE-6-0-4/NonGlobalFunctionMain.testref new file mode 100644 index 0000000000..528412284f --- /dev/null +++ b/cpp/misra/test/rules/RULE-6-0-4/NonGlobalFunctionMain.testref @@ -0,0 +1 @@ +cpp/common/test/rules/nonglobalfunctionmain_shared/NonGlobalFunctionMain_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-6-4-2/DefinitionShallBeConsideredForUnqualifiedLookup.testref b/cpp/misra/test/rules/RULE-6-4-2/DefinitionShallBeConsideredForUnqualifiedLookup.testref new file mode 100644 index 0000000000..3b04b2950f --- /dev/null +++ b/cpp/misra/test/rules/RULE-6-4-2/DefinitionShallBeConsideredForUnqualifiedLookup.testref @@ -0,0 +1 @@ +cpp/common/test/rules/definitionnotconsideredforunqualifiedlookup_shared/DefinitionNotConsideredForUnqualifiedLookup_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-6-4-2/InheritedNonOverridableMemberFunction.testref b/cpp/misra/test/rules/RULE-6-4-2/InheritedNonOverridableMemberFunction.testref new file mode 100644 index 0000000000..371b80ead3 --- /dev/null +++ b/cpp/misra/test/rules/RULE-6-4-2/InheritedNonOverridableMemberFunction.testref @@ -0,0 +1 @@ +cpp/common/test/rules/hiddeninheritednonoverridablememberfunction_shared/HiddenInheritedNonOverridableMemberFunction_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-6-4-2/InheritedOverridableMemberFunction.testref b/cpp/misra/test/rules/RULE-6-4-2/InheritedOverridableMemberFunction.testref new file mode 100644 index 0000000000..3fcc2ed7e7 --- /dev/null +++ b/cpp/misra/test/rules/RULE-6-4-2/InheritedOverridableMemberFunction.testref @@ -0,0 +1 @@ +cpp/common/test/rules/hiddeninheritedoverridablememberfunction_shared/HiddenInheritedOverridableMemberFunction_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-6-4-3/NameShallBeReferredUsingAQualifiedIdOrThis.testref b/cpp/misra/test/rules/RULE-6-4-3/NameShallBeReferredUsingAQualifiedIdOrThis.testref new file mode 100644 index 0000000000..34df16815b --- /dev/null +++ b/cpp/misra/test/rules/RULE-6-4-3/NameShallBeReferredUsingAQualifiedIdOrThis.testref @@ -0,0 +1 @@ +cpp/common/test/rules/namenotreferredusingaqualifiedidorthis_shared/NameNotReferredUsingAQualifiedIdOrThis_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-6-4-3/NameShallBeReferredUsingAQualifiedIdOrThisAudit.testref b/cpp/misra/test/rules/RULE-6-4-3/NameShallBeReferredUsingAQualifiedIdOrThisAudit.testref new file mode 100644 index 0000000000..0bef5586dd --- /dev/null +++ b/cpp/misra/test/rules/RULE-6-4-3/NameShallBeReferredUsingAQualifiedIdOrThisAudit.testref @@ -0,0 +1 @@ +cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit_shared/NameNotReferredUsingAQualifiedIdOrThisAudit_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-6-8-2/ReturnReferenceOrPointerToAutomaticLocalVariable.testref b/cpp/misra/test/rules/RULE-6-8-2/ReturnReferenceOrPointerToAutomaticLocalVariable.testref new file mode 100644 index 0000000000..676e414381 --- /dev/null +++ b/cpp/misra/test/rules/RULE-6-8-2/ReturnReferenceOrPointerToAutomaticLocalVariable.testref @@ -0,0 +1 @@ +cpp/common/test/rules/returnreferenceorpointertoautomaticlocalvariable_shared/ReturnReferenceOrPointerToAutomaticLocalVariable_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-7-11-1/NullptrNotTheOnlyFormOfTheNullPointerConstant.testref b/cpp/misra/test/rules/RULE-7-11-1/NullptrNotTheOnlyFormOfTheNullPointerConstant.testref new file mode 100644 index 0000000000..495d8eddba --- /dev/null +++ b/cpp/misra/test/rules/RULE-7-11-1/NullptrNotTheOnlyFormOfTheNullPointerConstant.testref @@ -0,0 +1 @@ +cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-7-11-2/ArrayPassedAsFunctionArgumentDecayToAPointer.testref b/cpp/misra/test/rules/RULE-7-11-2/ArrayPassedAsFunctionArgumentDecayToAPointer.testref new file mode 100644 index 0000000000..97edef0af2 --- /dev/null +++ b/cpp/misra/test/rules/RULE-7-11-2/ArrayPassedAsFunctionArgumentDecayToAPointer.testref @@ -0,0 +1 @@ +cpp/common/test/rules/arraypassedasfunctionargumentdecaytoapointer_shared/ArrayPassedAsFunctionArgumentDecayToAPointer_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-8-18-2/ResultOfAnAssignmentOperatorShouldNotBeUsed.testref b/cpp/misra/test/rules/RULE-8-18-2/ResultOfAnAssignmentOperatorShouldNotBeUsed.testref new file mode 100644 index 0000000000..fe502f81be --- /dev/null +++ b/cpp/misra/test/rules/RULE-8-18-2/ResultOfAnAssignmentOperatorShouldNotBeUsed.testref @@ -0,0 +1 @@ +cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-8-19-1/CommaOperatorShouldNotBeUsed.testref b/cpp/misra/test/rules/RULE-8-19-1/CommaOperatorShouldNotBeUsed.testref new file mode 100644 index 0000000000..845133096b --- /dev/null +++ b/cpp/misra/test/rules/RULE-8-19-1/CommaOperatorShouldNotBeUsed.testref @@ -0,0 +1 @@ +cpp/common/test/rules/commaoperatorused/CommaOperatorUsed.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-8-2-10/FunctionsCallThemselvesEitherDirectlyOrIndirectly.testref b/cpp/misra/test/rules/RULE-8-2-10/FunctionsCallThemselvesEitherDirectlyOrIndirectly.testref new file mode 100644 index 0000000000..1ebf3d5742 --- /dev/null +++ b/cpp/misra/test/rules/RULE-8-2-10/FunctionsCallThemselvesEitherDirectlyOrIndirectly.testref @@ -0,0 +1 @@ +cpp/common/test/rules/functionscallthemselveseitherdirectlyorindirectly_shared/FunctionsCallThemselvesEitherDirectlyOrIndirectly_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-8-2-4/CastsBetweenAPointerToFunctionAndAnyOtherType.testref b/cpp/misra/test/rules/RULE-8-2-4/CastsBetweenAPointerToFunctionAndAnyOtherType.testref new file mode 100644 index 0000000000..5eeeea570a --- /dev/null +++ b/cpp/misra/test/rules/RULE-8-2-4/CastsBetweenAPointerToFunctionAndAnyOtherType.testref @@ -0,0 +1 @@ +cpp/common/test/rules/castsbetweenapointertofunctionandanyothertype_shared/CastsBetweenAPointerToFunctionAndAnyOtherType_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-8-2-5/ReinterpretCastShallNotBeUsed.testref b/cpp/misra/test/rules/RULE-8-2-5/ReinterpretCastShallNotBeUsed.testref new file mode 100644 index 0000000000..a553240f19 --- /dev/null +++ b/cpp/misra/test/rules/RULE-8-2-5/ReinterpretCastShallNotBeUsed.testref @@ -0,0 +1 @@ +cpp/common/test/rules/reinterpretcastused_shared/ReinterpretCastUsed_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-8-20-1/UnsignedOperationWithConstantOperandsWraps.testref b/cpp/misra/test/rules/RULE-8-20-1/UnsignedOperationWithConstantOperandsWraps.testref new file mode 100644 index 0000000000..8b29a5cd46 --- /dev/null +++ b/cpp/misra/test/rules/RULE-8-20-1/UnsignedOperationWithConstantOperandsWraps.testref @@ -0,0 +1 @@ +cpp/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-8-3-1/BuiltInUnaryOperatorAppliedToUnsignedExpression.testref b/cpp/misra/test/rules/RULE-8-3-1/BuiltInUnaryOperatorAppliedToUnsignedExpression.testref new file mode 100644 index 0000000000..48a20b03f1 --- /dev/null +++ b/cpp/misra/test/rules/RULE-8-3-1/BuiltInUnaryOperatorAppliedToUnsignedExpression.testref @@ -0,0 +1 @@ +cpp/common/test/rules/builtinunaryoperatorappliedtounsignedexpression_shared/BuiltInUnaryOperatorAppliedToUnsignedExpression_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-9-3-1/LoopBodyCompoundCondition.testref b/cpp/misra/test/rules/RULE-9-3-1/LoopBodyCompoundCondition.testref new file mode 100644 index 0000000000..e301b04020 --- /dev/null +++ b/cpp/misra/test/rules/RULE-9-3-1/LoopBodyCompoundCondition.testref @@ -0,0 +1 @@ +cpp/common/test/rules/loopcompoundcondition_shared/LoopCompoundCondition_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-9-3-1/SwitchBodyCompoundCondition.testref b/cpp/misra/test/rules/RULE-9-3-1/SwitchBodyCompoundCondition.testref new file mode 100644 index 0000000000..e48ef207a0 --- /dev/null +++ b/cpp/misra/test/rules/RULE-9-3-1/SwitchBodyCompoundCondition.testref @@ -0,0 +1 @@ +cpp/common/test/rules/switchcompoundcondition_shared/SwitchCompoundCondition_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-9-6-1/GotoStatementShouldNotBeUsed.testref b/cpp/misra/test/rules/RULE-9-6-1/GotoStatementShouldNotBeUsed.testref new file mode 100644 index 0000000000..3f2f4508b1 --- /dev/null +++ b/cpp/misra/test/rules/RULE-9-6-1/GotoStatementShouldNotBeUsed.testref @@ -0,0 +1 @@ +cpp/common/test/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-9-6-2/GotoReferenceALabelInSurroundingBlock.testref b/cpp/misra/test/rules/RULE-9-6-2/GotoReferenceALabelInSurroundingBlock.testref new file mode 100644 index 0000000000..7bbaffe1e3 --- /dev/null +++ b/cpp/misra/test/rules/RULE-9-6-2/GotoReferenceALabelInSurroundingBlock.testref @@ -0,0 +1 @@ +cpp/common/test/rules/gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.ql \ No newline at end of file diff --git a/rule_packages/c/Banned.json b/rule_packages/c/Banned.json index 42decbb3e3..dceb538e97 100644 --- a/rule_packages/c/Banned.json +++ b/rule_packages/c/Banned.json @@ -245,6 +245,7 @@ "precision": "very-high", "severity": "error", "short_name": "AtofAtoiAtolAndAtollOfStdlibhUsed", + "shared_implementation_short_name": "AtofAtoiAtolAndAtollUsed_shared", "tags": [ "correctness" ] diff --git a/rule_packages/c/BitfieldTypes.json b/rule_packages/c/BitfieldTypes.json index 4e93f3371a..41d109ec3b 100644 --- a/rule_packages/c/BitfieldTypes.json +++ b/rule_packages/c/BitfieldTypes.json @@ -12,6 +12,7 @@ "precision": "very-high", "severity": "error", "short_name": "BitFieldsShallOnlyBeDeclaredWithAnAppropriateType", + "shared_implementation_short_name": "BitFieldShallHaveAnAppropriateType_shared", "tags": [] } ], @@ -29,6 +30,7 @@ "precision": "very-high", "severity": "error", "short_name": "SingleBitNamedBitFieldsOfASignedType", + "shared_implementation_short_name": "NamedBitFieldsWithSignedIntegerType_shared", "tags": [] } ], diff --git a/rule_packages/c/Declarations7.json b/rule_packages/c/Declarations7.json index cd3b3e6b18..335a9f3603 100644 --- a/rule_packages/c/Declarations7.json +++ b/rule_packages/c/Declarations7.json @@ -57,6 +57,7 @@ "precision": "very-high", "severity": "error", "short_name": "ValueImplicitEnumerationConstantNotUnique", + "shared_implementation_short_name": "NonUniqueEnumerationConstant_shared", "tags": [ "correctness", "readability" diff --git a/rule_packages/c/IntegerOverflow.json b/rule_packages/c/IntegerOverflow.json index 5edc90eb21..0549f0a29e 100644 --- a/rule_packages/c/IntegerOverflow.json +++ b/rule_packages/c/IntegerOverflow.json @@ -12,6 +12,7 @@ "precision": "medium", "severity": "error", "short_name": "UnsignedIntegerOperationsWrapAround", + "shared_implementation_short_name": "UnsignedOperationWithConstantOperandsWraps_shared", "tags": [ "correctness", "security" diff --git a/rule_packages/c/Preprocessor2.json b/rule_packages/c/Preprocessor2.json index 9eeb7beba8..ddce5a7080 100644 --- a/rule_packages/c/Preprocessor2.json +++ b/rule_packages/c/Preprocessor2.json @@ -12,6 +12,7 @@ "precision": "very-high", "severity": "warning", "short_name": "MoreThanOneHashOperatorInMacroDefinition", + "shared_implementation_short_name": "MacroParameterFollowingHash_shared", "tags": [ "correctness" ], @@ -35,9 +36,10 @@ "precision": "high", "severity": "warning", "short_name": "MacroParameterUsedAsHashOperand", + "shared_implementation_short_name": "AMixedUseMacroArgumentSubjectToExpansion_shared", "tags": [ - "maintainability", - "readability" + "maintainability", + "readability" ] } ], @@ -56,8 +58,8 @@ "severity": "warning", "short_name": "UndefShouldNotBeUsed", "tags": [ - "maintainability", - "readability" + "maintainability", + "readability" ] } ], diff --git a/rule_packages/c/Preprocessor6.json b/rule_packages/c/Preprocessor6.json index be0ae84851..324a2e5fa7 100644 --- a/rule_packages/c/Preprocessor6.json +++ b/rule_packages/c/Preprocessor6.json @@ -12,6 +12,7 @@ "precision": "medium", "severity": "recommendation", "short_name": "FunctionOverFunctionLikeMacro", + "shared_implementation_short_name": "FunctionLikeMacrosDefined_shared", "tags": [ "external/misra/audit", "maintainability", diff --git a/rule_packages/c/SideEffects1.json b/rule_packages/c/SideEffects1.json index e66f4c3136..f45a57e547 100644 --- a/rule_packages/c/SideEffects1.json +++ b/rule_packages/c/SideEffects1.json @@ -131,6 +131,7 @@ "precision": "very-high", "severity": "error", "short_name": "ResultOfAnAssignmentOperatorShouldNotBeUsed", + "shared_implementation_short_name": "ResultOfAnAssignmentOperatorShouldNotBeUsed_shared", "tags": [ "correctness", "readability" diff --git a/rule_packages/c/SideEffects3.json b/rule_packages/c/SideEffects3.json index 2d67df6e2e..a6030975fd 100644 --- a/rule_packages/c/SideEffects3.json +++ b/rule_packages/c/SideEffects3.json @@ -12,6 +12,7 @@ "precision": "very-high", "severity": "error", "short_name": "UnsequencedSideEffects", + "shared_implementation_short_name": "MemoryOperationsNotSequencedAppropriately_shared", "tags": [ "correctness" ] diff --git a/rule_packages/c/Statements2.json b/rule_packages/c/Statements2.json index 8aa44c5091..0c24ff602f 100644 --- a/rule_packages/c/Statements2.json +++ b/rule_packages/c/Statements2.json @@ -33,6 +33,7 @@ "precision": "high", "severity": "recommendation", "short_name": "GotoLabelBlockCondition", + "shared_implementation_short_name": "GotoReferenceALabelInSurroundingBlock_shared", "tags": [ "maintainability", "readability" @@ -102,4 +103,4 @@ "title": "A switch-expression shall not have essentially Boolean type" } } -} +} \ No newline at end of file diff --git a/rule_packages/c/Statements3.json b/rule_packages/c/Statements3.json index 41463415a6..6b881f9a95 100644 --- a/rule_packages/c/Statements3.json +++ b/rule_packages/c/Statements3.json @@ -32,7 +32,7 @@ { "description": "if the body of a selection statement is not enclosed in braces, then this can lead to incorrect execution, and is hard for developers to maintain.", "kind": "problem", - "name": "the statement forming the body of a loop shall be a compound statement", + "name": "the statement forming the body of a slection statement shall be a compound statement", "precision": "very-high", "severity": "recommendation", "short_name": "SelectionCompoundCondition", diff --git a/rule_packages/c/Statements6.json b/rule_packages/c/Statements6.json index 101987f9c3..eb0eefb437 100644 --- a/rule_packages/c/Statements6.json +++ b/rule_packages/c/Statements6.json @@ -12,6 +12,7 @@ "precision": "very-high", "severity": "error", "short_name": "GotoStatementUsed", + "shared_implementation_short_name": "GotoStatementShouldNotBeUsed_shared", "tags": [ "correctness", "security" diff --git a/rule_packages/c/Syntax.json b/rule_packages/c/Syntax.json index d294c44183..9b4b6e44bd 100644 --- a/rule_packages/c/Syntax.json +++ b/rule_packages/c/Syntax.json @@ -53,6 +53,7 @@ "precision": "very-high", "severity": "warning", "short_name": "OctalAndHexadecimalEscapeSequencesNotTerminated", + "shared_implementation_short_name": "NonTerminatedEscapeSequences_shared", "tags": [ "maintainability", "readability", @@ -79,7 +80,7 @@ "maintainability", "readability", "correctness" - ] + ] } ], "title": "Sections of code should not be commented out" @@ -96,7 +97,7 @@ "precision": "very-high", "severity": "recommendation", "short_name": "IdentifiersInTheSameNameSpaceUnambiguous", - "shared_implementation_short_name" : "DifferentIdentifiersNotTypographicallyUnambiguous", + "shared_implementation_short_name": "DifferentIdentifiersNotTypographicallyUnambiguous", "tags": [ "readability", "maintainability" @@ -137,6 +138,7 @@ "precision": "very-high", "severity": "recommendation", "short_name": "LowercaseCharacterLUsedInLiteralSuffix", + "shared_implementation_short_name": "LowercaseLStartsInLiteralSuffix_shared", "tags": [ "maintainability", "readability" diff --git a/rule_packages/cpp/BannedFunctions.json b/rule_packages/cpp/BannedFunctions.json index bb89ab2320..c974c3a2d9 100644 --- a/rule_packages/cpp/BannedFunctions.json +++ b/rule_packages/cpp/BannedFunctions.json @@ -189,6 +189,7 @@ "precision": "very-high", "severity": "error", "short_name": "MacroOffsetofUsed", + "shared_implementation_short_name": "MacroOffsetofUsed_shared", "tags": [ "security", "scope/single-translation-unit" diff --git a/rule_packages/cpp/BannedLibraries.json b/rule_packages/cpp/BannedLibraries.json index 09b5d2f224..37b1cf6d2b 100644 --- a/rule_packages/cpp/BannedLibraries.json +++ b/rule_packages/cpp/BannedLibraries.json @@ -114,6 +114,7 @@ "precision": "very-high", "severity": "warning", "short_name": "CsignalFunctionsUsed", + "shared_implementation_short_name": "CsignalFunctionsUsed_shared", "tags": [ "maintainability", "correctness", @@ -127,6 +128,7 @@ "precision": "very-high", "severity": "warning", "short_name": "CsignalTypesUsed", + "shared_implementation_short_name": "CsignalTypesUsed_shared", "tags": [ "maintainability", "correctness", @@ -177,6 +179,7 @@ "precision": "very-high", "severity": "warning", "short_name": "CstdioFunctionsUsed", + "shared_implementation_short_name": "CstdioFunctionsUsed_shared", "tags": [ "maintainability", "correctness", @@ -190,6 +193,7 @@ "precision": "very-high", "severity": "warning", "short_name": "CstdioMacrosUsed", + "shared_implementation_short_name": "CstdioMacrosUsed_shared", "tags": [ "maintainability", "correctness", @@ -203,6 +207,7 @@ "precision": "very-high", "severity": "warning", "short_name": "CstdioTypesUsed", + "shared_implementation_short_name": "CstdioTypesUsed_shared", "tags": [ "maintainability", "correctness", diff --git a/rule_packages/cpp/BannedSyntax.json b/rule_packages/cpp/BannedSyntax.json index 0f559e60b7..d65fa65e67 100644 --- a/rule_packages/cpp/BannedSyntax.json +++ b/rule_packages/cpp/BannedSyntax.json @@ -169,6 +169,7 @@ "precision": "very-high", "severity": "error", "short_name": "ReinterpretCastUsed", + "shared_implementation_short_name": "ReinterpretCastUsed_shared", "tags": [ "correctness", "security", @@ -194,6 +195,7 @@ "precision": "very-high", "severity": "error", "short_name": "GotoStatementUsed", + "shared_implementation_short_name": "GotoStatementShouldNotBeUsed_shared", "tags": [ "correctness", "security", @@ -266,6 +268,7 @@ "name": "The asm declaration shall not be used", "precision": "very-high", "severity": "error", + "shared_implementation_short_name": "AsmDeclarationUsed_shared", "short_name": "AsmDeclarationUsed", "tags": [ "correctness", diff --git a/rule_packages/cpp/BannedTypes.json b/rule_packages/cpp/BannedTypes.json index 4a45433746..3f94b9c85b 100644 --- a/rule_packages/cpp/BannedTypes.json +++ b/rule_packages/cpp/BannedTypes.json @@ -41,6 +41,7 @@ "precision": "very-high", "severity": "warning", "short_name": "VectorboolSpecializationUsed", + "shared_implementation_short_name": "VectorShouldNotBeSpecializedWithBool_shared", "tags": [ "correctness", "scope/single-translation-unit" diff --git a/rule_packages/cpp/Comments.json b/rule_packages/cpp/Comments.json index 7af32f62c1..b27832f6c2 100644 --- a/rule_packages/cpp/Comments.json +++ b/rule_packages/cpp/Comments.json @@ -16,6 +16,7 @@ "precision": "very-high", "severity": "warning", "short_name": "SingleLineCommentEndsWithSlash", + "shared_implementation_short_name": "LineSplicingUsedInComments_shared", "tags": [ "correctness", "readability", @@ -94,6 +95,7 @@ "precision": "very-high", "severity": "warning", "short_name": "SlashStarUsedWithinACStyleComment", + "shared_implementation_short_name": "CharacterSequenceUsedWithinACStyleComment_shared", "tags": [ "maintainability", "readability", diff --git a/rule_packages/cpp/Conditionals.json b/rule_packages/cpp/Conditionals.json index c2afb626e4..022c1898c0 100644 --- a/rule_packages/cpp/Conditionals.json +++ b/rule_packages/cpp/Conditionals.json @@ -78,6 +78,7 @@ "precision": "very-high", "severity": "recommendation", "short_name": "SwitchCompoundCondition", + "shared_implementation_short_name": "SwitchCompoundCondition_shared", "tags": [ "maintainability", "readability" @@ -90,6 +91,7 @@ "precision": "very-high", "severity": "recommendation", "short_name": "LoopCompoundCondition", + "shared_implementation_short_name": "LoopCompoundCondition_shared", "tags": [ "maintainability", "readability" diff --git a/rule_packages/cpp/Declarations.json b/rule_packages/cpp/Declarations.json index 65dfbf781e..d64f072751 100644 --- a/rule_packages/cpp/Declarations.json +++ b/rule_packages/cpp/Declarations.json @@ -50,6 +50,7 @@ "precision": "very-high", "severity": "error", "short_name": "GlobalSizedOperatorDeleteNotDefined", + "shared_implementation_short_name": "GlobalSizedOperatorDeleteNotDefined_shared", "tags": [ "maintainability" ] @@ -61,6 +62,7 @@ "precision": "very-high", "severity": "error", "short_name": "GlobalUnsizedOperatorDeleteNotDefined", + "shared_implementation_short_name": "GlobalUnsizedOperatorDeleteNotDefined_shared", "tags": [ "maintainability" ] @@ -216,6 +218,7 @@ "precision": "very-high", "severity": "recommendation", "short_name": "EnumerationUnderlyingBaseTypeNotExplicitlyDefined", + "shared_implementation_short_name": "EnumerationNotDefinedWithAnExplicitUnderlyingType_shared", "tags": [ "readability", "maintainability" diff --git a/rule_packages/cpp/Exceptions1.json b/rule_packages/cpp/Exceptions1.json index d42c949b48..45109d9178 100644 --- a/rule_packages/cpp/Exceptions1.json +++ b/rule_packages/cpp/Exceptions1.json @@ -90,6 +90,7 @@ "precision": "very-high", "severity": "error", "short_name": "PointerExceptionObject", + "shared_implementation_short_name": "ExceptionObjectHavePointerType_shared", "tags": [ "correctness" ] @@ -224,6 +225,7 @@ "severity": "error", "kind": "path-problem", "short_name": "NoExceptFunctionThrows", + "shared_implementation_short_name": "NoexceptFunctionShouldNotPropagateToTheCaller_shared", "tags": [ "correctness" ] @@ -428,6 +430,7 @@ "precision": "very-high", "severity": "error", "short_name": "EmptyThrowOutsideCatch", + "shared_implementation_short_name": "EmptyThrowOnlyWithinACatchHandler_shared", "tags": [ "correctness" ] diff --git a/rule_packages/cpp/Functions.json b/rule_packages/cpp/Functions.json index 7f21cf0873..2d72fd08df 100644 --- a/rule_packages/cpp/Functions.json +++ b/rule_packages/cpp/Functions.json @@ -87,6 +87,7 @@ "precision": "very-high", "severity": "error", "short_name": "RecursiveFunctions", + "shared_implementation_short_name": "FunctionsCallThemselvesEitherDirectlyOrIndirectly_shared", "tags": [ "correctness", "maintainability" @@ -232,6 +233,7 @@ "precision": "very-high", "severity": "error", "short_name": "FunctionReturnAutomaticVarCondition", + "shared_implementation_short_name": "ReturnReferenceOrPointerToAutomaticLocalVariable_shared", "tags": [ "correctness", "security" @@ -326,4 +328,4 @@ "title": "Do not return from a function declared [[noreturn]]" } } -} +} \ No newline at end of file diff --git a/rule_packages/cpp/ImportMisra23.json b/rule_packages/cpp/ImportMisra23.json index ced7198cff..33f437d6b1 100644 --- a/rule_packages/cpp/ImportMisra23.json +++ b/rule_packages/cpp/ImportMisra23.json @@ -500,6 +500,1255 @@ } ], "title": "Reads and writes on the same file stream shall be separated by a positioning operation" + }, + "RULE-8-19-1": { + "properties": { + "enforcement": "decidable", + "obligation": "advisory" + }, + "queries": [ + { + "description": "The comma operator should not be used.", + "kind": "problem", + "name": "The comma operator should not be used", + "precision": "very-high", + "severity": "error", + "short_name": "CommaOperatorShouldNotBeUsed", + "shared_implementation_short_name": "CommaOperatorUsed", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "The comma operator should not be used" + }, + "DIR-15-8-1": { + "properties": { + "allocated-target": [ + "implementation" + ], + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "User-provided copy assignment operators and move assignment operators shall handle self-assignment.", + "kind": "problem", + "name": "User-provided copy assignment operators and move assignment operators shall handle self-assignment", + "precision": "very-high", + "severity": "error", + "short_name": "CopyAndMoveAssignmentsShallHandleSelfAssignment", + "shared_implementation_short_name": "CopyAndMoveAssignmentsShallHandleSelfAssignment_shared", + "tags": [] + } + ], + "title": "User-provided copy assignment operators and move assignment operators shall handle self-assignment" + }, + "RULE-10-0-1": { + "properties": { + "enforcement": "decidable", + "obligation": "advisory" + }, + "queries": [ + { + "description": "A declaration should not declare more than one variable or member variable.", + "kind": "problem", + "name": "Multiple declarations in the same local statement", + "precision": "very-high", + "severity": "recommendation", + "short_name": "UseSingleLocalDeclarators", + "shared_implementation_short_name": "MultipleLocalDeclarators_shared", + "tags": [ + "readability", + "maintainability", + "scope/single-translation-unit" + ] + }, + { + "description": "A declaration should not declare more than one variable or member variable.", + "kind": "problem", + "name": "Multiple declarations in the same global or member declaration sequence", + "precision": "medium", + "severity": "recommendation", + "short_name": "UseSingleGlobalOrMemberDeclarators", + "shared_implementation_short_name": "MultipleGlobalOrMemberDeclarators_shared", + "tags": [ + "readability", + "maintainability", + "scope/single-translation-unit" + ] + } + ], + "title": "A declaration should not declare more than one variable or member variable" + }, + "RULE-10-2-1": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "An enumeration shall be defined with an explicit underlying type.", + "kind": "problem", + "name": "An enumeration shall be defined with an explicit underlying type", + "precision": "very-high", + "severity": "error", + "short_name": "EnumerationNotDefinedWithAnExplicitUnderlyingType", + "shared_implementation_short_name": "EnumerationNotDefinedWithAnExplicitUnderlyingType_shared", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "An enumeration shall be defined with an explicit underlying type" + }, + "RULE-10-4-1": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "The asm declaration shall not be used.", + "kind": "problem", + "name": "The asm declaration shall not be used", + "precision": "very-high", + "severity": "error", + "short_name": "AsmDeclarationShallNotBeUsed", + "shared_implementation_short_name": "AsmDeclarationUsed_shared", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "The asm declaration shall not be used" + }, + "RULE-11-6-3": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "Within an enumerator list, the value of an implicitly-specified enumeration constant shall be unique.", + "kind": "problem", + "name": "Within an enumerator list, the value of an implicitly-specified enumeration constant shall be unique", + "precision": "very-high", + "severity": "error", + "short_name": "NonUniqueEnumerationConstant", + "shared_implementation_short_name": "NonUniqueEnumerationConstant_shared", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "Within an enumerator list, the value of an implicitly-specified enumeration constant shall be unique" + }, + "RULE-12-2-2": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "A bit-field shall have an appropriate type.", + "kind": "problem", + "name": "A bit-field shall have an appropriate type", + "precision": "very-high", + "severity": "error", + "short_name": "BitFieldShallHaveAnAppropriateType", + "shared_implementation_short_name": "BitFieldShallHaveAnAppropriateType_shared", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "A bit-field shall have an appropriate type" + }, + "RULE-12-2-3": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "A named bit-field with signed integer type shall not have a length of one bit.", + "kind": "problem", + "name": "A named bit-field with signed integer type shall not have a length of one bit", + "precision": "very-high", + "severity": "error", + "short_name": "SignedIntegerNamedBitFieldHaveALengthOfOneBit", + "shared_implementation_short_name": "NamedBitFieldsWithSignedIntegerType_shared", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "A named bit-field with signed integer type shall not have a length of one bit" + }, + "RULE-13-1-2": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "An accessible base class shall not be both virtual and non-virtual in the same hierarchy.", + "kind": "problem", + "name": "An accessible base class shall not be both virtual and non-virtual in the same hierarchy", + "precision": "very-high", + "severity": "error", + "short_name": "VirtualAndNonVirtualClassInTheHierarchy", + "shared_implementation_short_name": "VirtualAndNonVirtualClassInTheHierarchy_shared", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "An accessible base class shall not be both virtual and non-virtual in the same hierarchy" + }, + "RULE-13-3-2": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "Parameters in an overriding virtual function shall not specify different default arguments.", + "kind": "problem", + "name": "Parameters in an overriding virtual function shall not specify different default arguments", + "precision": "very-high", + "severity": "error", + "short_name": "OverridingShallSpecifyDifferentDefaultArguments", + "shared_implementation_short_name": "OverridingShallSpecifyDifferentDefaultArguments_shared", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "Parameters in an overriding virtual function shall not specify different default arguments" + }, + "RULE-13-3-4": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "A comparison of a potentially virtual pointer to member function shall only be with nullptr.", + "kind": "problem", + "name": "A comparison of a potentially virtual pointer to member function shall only be with nullptr", + "precision": "very-high", + "severity": "error", + "short_name": "PotentiallyVirtualPointerOnlyComparesToNullptr", + "shared_implementation_short_name": "PotentiallyVirtualPointerOnlyComparesToNullptr_shared", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "A comparison of a potentially virtual pointer to member function shall only be with nullptr" + }, + "RULE-15-1-1": { + "properties": { + "enforcement": "undecidable", + "obligation": "required" + }, + "queries": [ + { + "description": "An object\u2019s dynamic type shall not be used from within its constructor or destructor.", + "kind": "problem", + "name": "An object\u2019s dynamic type shall not be used from within its constructor or destructor", + "precision": "very-high", + "severity": "error", + "short_name": "ObjectsDynamicTypeUsedFromConstructorOrDestructor", + "shared_implementation_short_name": "ObjectsDynamicTypeUsedFromConstructorOrDestructor_shared", + "tags": [ + "scope/system" + ] + } + ], + "title": "An object\u2019s dynamic type shall not be used from within its constructor or destructor" + }, + "RULE-15-1-2": { + "properties": { + "enforcement": "decidable", + "obligation": "advisory" + }, + "queries": [ + { + "description": "All constructors of a class should explicitly initialize all of its virtual base classes and immediate base classes.", + "kind": "problem", + "name": "All constructors of a class should explicitly initialize all of its virtual base classes and", + "precision": "very-high", + "severity": "error", + "short_name": "InitializeAllVirtualBaseClasses", + "shared_implementation_short_name": "InitializeAllVirtualBaseClasses_shared", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "All constructors of a class should explicitly initialize all of its virtual base classes and immediate base classes" + }, + "RULE-15-1-5": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "A class shall only define an initializer-list constructor when it is the only constructor.", + "kind": "problem", + "name": "A class shall only define an initializer-list constructor when it is the only constructor", + "precision": "very-high", + "severity": "error", + "short_name": "InitializerListConstructorIsTheOnlyConstructor", + "shared_implementation_short_name": "InitializerListConstructorIsTheOnlyConstructor_shared", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "A class shall only define an initializer-list constructor when it is the only constructor" + }, + "RULE-16-5-2": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "The address-of operator shall not be overloaded.", + "kind": "problem", + "name": "The address-of operator shall not be overloaded", + "precision": "very-high", + "severity": "error", + "short_name": "AddressOfOperatorOverloaded", + "shared_implementation_short_name": "AddressOfOperatorOverloaded_shared", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "The address-of operator shall not be overloaded" + }, + "RULE-17-8-1": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "Function templates shall not be explicitly specialized.", + "kind": "problem", + "name": "Function templates shall not be explicitly specialized", + "precision": "very-high", + "severity": "error", + "short_name": "FunctionTemplatesExplicitlySpecialized", + "shared_implementation_short_name": "FunctionTemplatesExplicitlySpecialized_shared", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "Function templates shall not be explicitly specialized" + }, + "RULE-18-1-1": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "An exception object shall not have pointer type.", + "kind": "problem", + "name": "An exception object shall not have pointer type", + "precision": "very-high", + "severity": "error", + "short_name": "ExceptionObjectHavePointerType", + "shared_implementation_short_name": "ExceptionObjectHavePointerType_shared", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "An exception object shall not have pointer type" + }, + "RULE-18-1-2": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "An empty throw shall only occur within the compound-statement of a catch handler.", + "kind": "problem", + "name": "An empty throw shall only occur within the compound-statement of a catch handler", + "precision": "very-high", + "severity": "error", + "short_name": "EmptyThrowOnlyWithinACatchHandler", + "shared_implementation_short_name": "EmptyThrowOnlyWithinACatchHandler_shared", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "An empty throw shall only occur within the compound-statement of a catch handler" + }, + "RULE-18-5-1": { + "properties": { + "enforcement": "undecidable", + "obligation": "advisory" + }, + "queries": [ + { + "description": "A noexcept function should not attempt to propagate an exception to the calling function.", + "kind": "path-problem", + "name": "A noexcept function should not attempt to propagate an exception to the calling function", + "precision": "very-high", + "severity": "error", + "short_name": "NoexceptFunctionShouldNotPropagateToTheCaller", + "shared_implementation_short_name": "NoexceptFunctionShouldNotPropagateToTheCaller_shared", + "tags": [ + "scope/system" + ] + } + ], + "title": "A noexcept function should not attempt to propagate an exception to the calling function" + }, + "RULE-19-0-2": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "Function-like macros shall not be defined.", + "kind": "problem", + "name": "Function-like macros shall not be defined", + "precision": "very-high", + "severity": "error", + "short_name": "FunctionLikeMacrosDefined", + "shared_implementation_short_name": "FunctionLikeMacrosDefined_shared", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "Function-like macros shall not be defined" + }, + "RULE-19-3-2": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "A macro parameter immediately following a # operator shall not be immediately followed by a ## operator.", + "kind": "problem", + "name": "A macro parameter immediately following a # operator shall not be immediately followed by a ##", + "precision": "very-high", + "severity": "error", + "short_name": "MacroParameterFollowingHash", + "shared_implementation_short_name": "MacroParameterFollowingHash_shared", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "A macro parameter immediately following a # operator shall not be immediately followed by a ## operator" + }, + "RULE-19-3-3": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "The argument to a mixed-use macro parameter shall not be subject to further expansion.", + "kind": "problem", + "name": "The argument to a mixed-use macro parameter shall not be subject to further expansion", + "precision": "very-high", + "severity": "error", + "short_name": "AMixedUseMacroArgumentSubjectToExpansion", + "shared_implementation_short_name": "AMixedUseMacroArgumentSubjectToExpansion_shared", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "The argument to a mixed-use macro parameter shall not be subject to further expansion" + }, + "RULE-21-10-3": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "Signal handling contains implementation-defined and undefined behaviour.", + "kind": "problem", + "name": "The facilities provided by the standard header file shall not be used", + "precision": "very-high", + "severity": "warning", + "short_name": "CsignalFacilitiesUsed", + "shared_implementation_short_name": "CsignalFunctionsUsed_shared", + "tags": [ + "maintainability", + "correctness", + "scope/single-translation-unit" + ] + }, + { + "description": "The types provided by the standard header file shall not be used.", + "kind": "problem", + "name": "The signal-handling types of shall not be used", + "precision": "very-high", + "severity": "warning", + "short_name": "CsignalTypesShallNotBeUsed", + "shared_implementation_short_name": "CsignalTypesUsed_shared", + "tags": [ + "maintainability", + "correctness", + "scope/single-translation-unit" + ] + } + ], + "title": "The facilities provided by the standard header file shall not be used" + }, + "RULE-21-2-1": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "The library functions atof, atoi, atol and atoll from shall not be used.", + "kind": "problem", + "name": "The library functions atof, atoi, atol and atoll from shall not be used", + "precision": "very-high", + "severity": "error", + "short_name": "AtofAtoiAtolAndAtollUsed", + "shared_implementation_short_name": "AtofAtoiAtolAndAtollUsed_shared", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "The library functions atof, atoi, atol and atoll from shall not be used" + }, + "RULE-21-2-4": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "The macro offsetof shall not be used.", + "kind": "problem", + "name": "The macro offsetof shall not be used", + "precision": "very-high", + "severity": "error", + "short_name": "MacroOffsetofShallNotBeUsed", + "shared_implementation_short_name": "MacroOffsetofUsed_shared", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "The macro offsetof shall not be used" + }, + "RULE-21-6-4": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "If a project defines the unsized version of a global operator delete, then the sized version shall be defined.", + "kind": "problem", + "name": "Sized 'operator delete' must be defined globally if unsized 'operator delete' is defined globally", + "precision": "very-high", + "severity": "error", + "short_name": "GlobalSizedOperatorDeleteShallBeDefined", + "shared_implementation_short_name": "GlobalSizedOperatorDeleteNotDefined_shared", + "tags": [ + "maintainability", + "scope/system" + ] + }, + { + "description": "If a project defines the sized version of a global operator delete, then the unsized version shall be defined.", + "kind": "problem", + "name": "Unsized 'operator delete' must be defined globally if sized 'operator delete' is defined globally", + "precision": "very-high", + "severity": "error", + "short_name": "GlobalUnsizedOperatorDeleteShallBeDefined", + "shared_implementation_short_name": "GlobalUnsizedOperatorDeleteNotDefined_shared", + "tags": [ + "maintainability", + "scope/system" + ] + } + ], + "title": "If a project defines either a sized or unsized version of a global operator delete, then both shall be defined" + }, + "RULE-26-3-1": { + "properties": { + "enforcement": "decidable", + "obligation": "advisory" + }, + "queries": [ + { + "description": "std::vector should not be specialized with bool.", + "kind": "problem", + "name": "std::vector should not be specialized with bool", + "precision": "very-high", + "severity": "error", + "short_name": "VectorShouldNotBeSpecializedWithBool", + "shared_implementation_short_name": "VectorShouldNotBeSpecializedWithBool_shared", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "std::vector should not be specialized with bool" + }, + "RULE-28-6-2": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "Forwarding references and std::forward shall be used together.", + "kind": "problem", + "name": "Forwarding references and std::forward shall be used together", + "precision": "very-high", + "severity": "error", + "short_name": "ForwardingReferencesAndForwardNotUsedTogether", + "shared_implementation_short_name": "ForwardingReferencesAndForwardNotUsedTogether_shared", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "Forwarding references and std::forward shall be used together" + }, + "RULE-30-0-1": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "The C Library input/output functions shall not be used.", + "kind": "problem", + "name": "The stream input/output library functions shall not be used", + "precision": "very-high", + "severity": "warning", + "short_name": "CstdioFunctionsShallNotBeUsed", + "shared_implementation_short_name": "CstdioFunctionsUsed_shared", + "tags": [ + "maintainability", + "correctness", + "scope/single-translation-unit" + ] + }, + { + "description": "The C Library input/output functions shall not be used.", + "kind": "problem", + "name": "The stream input/output library macros shall not be used", + "precision": "very-high", + "severity": "warning", + "short_name": "CstdioMacrosShallNotBeUsed", + "shared_implementation_short_name": "CstdioMacrosUsed_shared", + "tags": [ + "maintainability", + "correctness", + "scope/single-translation-unit" + ] + }, + { + "description": "The C Library input/output functions shall not be used.", + "kind": "problem", + "name": "The stream input/output library types shall not be used", + "precision": "very-high", + "severity": "warning", + "short_name": "CstdioTypesShallNotBeUsed", + "shared_implementation_short_name": "CstdioTypesUsed_shared", + "tags": [ + "maintainability", + "correctness", + "scope/single-translation-unit" + ] + } + ], + "title": "The C Library input/output functions shall not be used" + }, + "RULE-4-6-1": { + "properties": { + "enforcement": "undecidable", + "obligation": "required" + }, + "queries": [ + { + "description": "Operations on a memory location shall be sequenced appropriately.", + "kind": "problem", + "name": "Operations on a memory location shall be sequenced appropriately", + "precision": "very-high", + "severity": "error", + "short_name": "MemoryOperationsNotSequencedAppropriately", + "shared_implementation_short_name": "MemoryOperationsNotSequencedAppropriately_shared", + "tags": [ + "scope/system" + ] + } + ], + "title": "Operations on a memory location shall be sequenced appropriately" + }, + "RULE-5-13-1": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "In character literals and non-raw string literals, \\ shall only be used to form a defined escape sequence or universal character name.", + "kind": "problem", + "name": "In character literals and non-raw string literals, \\ shall only be used to form a defined escape", + "precision": "very-high", + "severity": "error", + "short_name": "BackslashCharacterMisuse", + "shared_implementation_short_name": "BackslashCharacterMisuse_shared", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "In character literals and non-raw string literals, \\ shall only be used to form a defined escape sequence or universal character name" + }, + "RULE-5-13-2": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "Octal escape sequences, hexadecimal escape sequences, and universal character names shall be terminated.", + "kind": "problem", + "name": "Octal escape sequences, hexadecimal escape sequences, and universal character names shall be", + "precision": "very-high", + "severity": "error", + "short_name": "NonTerminatedEscapeSequences", + "shared_implementation_short_name": "NonTerminatedEscapeSequences_shared", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "Octal escape sequences, hexadecimal escape sequences, and universal character names shall be terminated" + }, + "RULE-5-13-3": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "Octal constants shall not be used.", + "kind": "problem", + "name": "Octal constants shall not be used", + "precision": "very-high", + "severity": "error", + "short_name": "OctalConstantsUsed", + "shared_implementation_short_name": "UseOfNonZeroOctalLiteral_shared", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "Octal constants shall not be used" + }, + "RULE-5-13-4": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "Unsigned integer literals shall be appropriately suffixed.", + "kind": "problem", + "name": "Unsigned integer literals shall be appropriately suffixed", + "precision": "very-high", + "severity": "error", + "short_name": "UnsignedIntegerLiteralsNotAppropriatelySuffixed", + "shared_implementation_short_name": "UnsignedIntegerLiteralsNotAppropriatelySuffixed_shared", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "Unsigned integer literals shall be appropriately suffixed" + }, + "RULE-5-13-5": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "The lowercase form of L shall not be used as the first character in a literal suffix.", + "kind": "problem", + "name": "The lowercase form of L shall not be used as the first character in a literal suffix", + "precision": "very-high", + "severity": "error", + "short_name": "LowercaseLStartsInLiteralSuffix", + "shared_implementation_short_name": "LowercaseLStartsInLiteralSuffix_shared", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "The lowercase form of L shall not be used as the first character in a literal suffix" + }, + "RULE-5-7-1": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "The character sequence /* shall not be used within a C-style comment.", + "kind": "problem", + "name": "The character sequence /* shall not be used within a C-style comment", + "precision": "very-high", + "severity": "error", + "short_name": "CharacterSequenceUsedWithinACStyleComment", + "shared_implementation_short_name": "CharacterSequenceUsedWithinACStyleComment_shared", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "The character sequence /* shall not be used within a C-style comment" + }, + "RULE-5-7-3": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "Line-splicing shall not be used in // comments.", + "kind": "problem", + "name": "Line-splicing shall not be used in // comments", + "precision": "very-high", + "severity": "error", + "short_name": "LineSplicingUsedInComments", + "shared_implementation_short_name": "LineSplicingUsedInComments_shared", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "Line-splicing shall not be used in // comments" + }, + "RULE-6-0-3": { + "properties": { + "enforcement": "decidable", + "obligation": "advisory" + }, + "queries": [ + { + "description": "The only declarations in the global namespace should be main, namespace declarations and extern \"C\" declarations.", + "kind": "problem", + "name": "The only declarations in the global namespace should be main, namespace declarations and extern \"C\"", + "precision": "very-high", + "severity": "error", + "short_name": "GlobalNamespaceDeclarations", + "shared_implementation_short_name": "GlobalNamespaceDeclarations_shared", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "The only declarations in the global namespace should be main, namespace declarations and extern \"C\" declarations" + }, + "RULE-6-0-4": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "The identifier main shall not be used for a function other than the global function main.", + "kind": "problem", + "name": "The identifier main shall not be used for a function other than the global function main", + "precision": "very-high", + "severity": "error", + "short_name": "NonGlobalFunctionMain", + "shared_implementation_short_name": "NonGlobalFunctionMain_shared", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "The identifier main shall not be used for a function other than the global function main" + }, + "RULE-6-4-2": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "A non-overriding member function definition that hides an inherited member function can result in unexpected behavior.", + "kind": "problem", + "name": "Member function hides inherited member function", + "precision": "very-high", + "severity": "error", + "short_name": "InheritedNonOverridableMemberFunction", + "shared_implementation_short_name": "HiddenInheritedNonOverridableMemberFunction_shared", + "tags": [ + "correctness", + "scope/single-translation-unit" + ] + }, + { + "description": "An overriding member function definition thats hides an overload of the overridden inherited member function can result in unexpected behavior.", + "kind": "problem", + "name": "Member function hides inherited member function", + "precision": "very-high", + "severity": "error", + "short_name": "InheritedOverridableMemberFunction", + "shared_implementation_short_name": "HiddenInheritedOverridableMemberFunction_shared", + "tags": [ + "correctness", + "scope/single-translation-unit" + ] + }, + { + "description": "A using declaration that makes a symbol available for unqualified lookup does not included definitions defined after the using declaration which can result in unexpected behavior.", + "kind": "problem", + "name": "Using declaration followed by new definition", + "precision": "very-high", + "severity": "error", + "short_name": "DefinitionShallBeConsideredForUnqualifiedLookup", + "shared_implementation_short_name": "DefinitionNotConsideredForUnqualifiedLookup_shared", + "tags": [ + "correctness", + "scope/single-translation-unit" + ] + } + ], + "title": "Derived classes shall not conceal functions that are inherited from their bases" + }, + "RULE-6-4-3": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "Not using a qualified-id or `this->` syntax for identifiers used in a class template makes the code more difficult to understand.", + "kind": "problem", + "name": "In a class template with a dependent base, any name that may be found in that dependent base shall shall be referred to using a qualified-id or this->", + "precision": "very-high", + "severity": "warning", + "short_name": "NameShallBeReferredUsingAQualifiedIdOrThis", + "shared_implementation_short_name": "NameNotReferredUsingAQualifiedIdOrThis_shared", + "tags": [ + "maintainability", + "readability", + "scope/single-translation-unit" + ] + }, + { + "description": "Not using a qualified-id or `this->` syntax for identifiers used in a class template makes the code more difficult to understand.", + "kind": "problem", + "name": "(Audit) In a class template with a dependent base, any name that may be found in that dependent base shall shall be referred to using a qualified-id or this->", + "precision": "very-high", + "severity": "warning", + "short_name": "NameShallBeReferredUsingAQualifiedIdOrThisAudit", + "shared_implementation_short_name": "NameNotReferredUsingAQualifiedIdOrThisAudit_shared", + "tags": [ + "maintainability", + "readability", + "scope/single-translation-unit" + ] + } + ], + "title": "A name that is present in a dependent base shall not be resolved by unqualified lookup" + }, + "RULE-6-8-2": { + "properties": { + "enforcement": "decidable", + "obligation": "mandatory" + }, + "queries": [ + { + "description": "A function must not return a reference or a pointer to a local variable with automatic storage duration.", + "kind": "problem", + "name": "A function must not return a reference or a pointer to a local variable with automatic storage", + "precision": "very-high", + "severity": "error", + "short_name": "ReturnReferenceOrPointerToAutomaticLocalVariable", + "shared_implementation_short_name": "ReturnReferenceOrPointerToAutomaticLocalVariable_shared", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "A function must not return a reference or a pointer to a local variable with automatic storage duration" + }, + "RULE-7-11-1": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "nullptr shall be the only form of the null-pointer-constant.", + "kind": "problem", + "name": "nullptr shall be the only form of the null-pointer-constant", + "precision": "very-high", + "severity": "error", + "short_name": "NullptrNotTheOnlyFormOfTheNullPointerConstant", + "shared_implementation_short_name": "NullptrNotTheOnlyFormOfTheNullPointerConstant_shared", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "nullptr shall be the only form of the null-pointer-constant" + }, + "RULE-7-11-2": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "An array passed as a function argument shall not decay to a pointer.", + "kind": "problem", + "name": "An array passed as a function argument shall not decay to a pointer", + "precision": "very-high", + "severity": "error", + "short_name": "ArrayPassedAsFunctionArgumentDecayToAPointer", + "shared_implementation_short_name": "ArrayPassedAsFunctionArgumentDecayToAPointer_shared", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "An array passed as a function argument shall not decay to a pointer" + }, + "RULE-8-18-2": { + "properties": { + "enforcement": "decidable", + "obligation": "advisory" + }, + "queries": [ + { + "description": "The result of an assignment operator should not be used.", + "kind": "problem", + "name": "The result of an assignment operator should not be used", + "precision": "very-high", + "severity": "error", + "short_name": "ResultOfAnAssignmentOperatorShouldNotBeUsed", + "shared_implementation_short_name": "ResultOfAnAssignmentOperatorShouldNotBeUsed_shared", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "The result of an assignment operator should not be used" + }, + "RULE-8-2-10": { + "properties": { + "enforcement": "undecidable", + "obligation": "required" + }, + "queries": [ + { + "description": "Functions shall not call themselves, either directly or indirectly.", + "kind": "problem", + "name": "Functions shall not call themselves, either directly or indirectly", + "precision": "very-high", + "severity": "error", + "short_name": "FunctionsCallThemselvesEitherDirectlyOrIndirectly", + "shared_implementation_short_name": "FunctionsCallThemselvesEitherDirectlyOrIndirectly_shared", + "tags": [ + "scope/system" + ] + } + ], + "title": "Functions shall not call themselves, either directly or indirectly" + }, + "RULE-8-2-4": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "Casts shall not be performed between a pointer to function and any other type.", + "kind": "problem", + "name": "Casts shall not be performed between a pointer to function and any other type", + "precision": "very-high", + "severity": "error", + "short_name": "CastsBetweenAPointerToFunctionAndAnyOtherType", + "shared_implementation_short_name": "CastsBetweenAPointerToFunctionAndAnyOtherType_shared", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "Casts shall not be performed between a pointer to function and any other type" + }, + "RULE-8-2-5": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "reinterpret_cast shall not be used.", + "kind": "problem", + "name": "reinterpret_cast shall not be used", + "precision": "very-high", + "severity": "error", + "short_name": "ReinterpretCastShallNotBeUsed", + "shared_implementation_short_name": "ReinterpretCastUsed_shared", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "reinterpret_cast shall not be used" + }, + "RULE-8-20-1": { + "properties": { + "enforcement": "decidable", + "obligation": "advisory" + }, + "queries": [ + { + "description": "An unsigned arithmetic operation with constant operands should not wrap.", + "kind": "problem", + "name": "An unsigned arithmetic operation with constant operands should not wrap", + "precision": "very-high", + "severity": "error", + "short_name": "UnsignedOperationWithConstantOperandsWraps", + "shared_implementation_short_name": "UnsignedOperationWithConstantOperandsWraps_shared", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "An unsigned arithmetic operation with constant operands should not wrap" + }, + "RULE-8-3-1": { + "properties": { + "enforcement": "decidable", + "obligation": "advisory" + }, + "queries": [ + { + "description": "The built-in unary - operator should not be applied to an expression of unsigned type.", + "kind": "problem", + "name": "The built-in unary - operator should not be applied to an expression of unsigned type", + "precision": "very-high", + "severity": "error", + "short_name": "BuiltInUnaryOperatorAppliedToUnsignedExpression", + "shared_implementation_short_name": "BuiltInUnaryOperatorAppliedToUnsignedExpression_shared", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "The built-in unary - operator should not be applied to an expression of unsigned type" + }, + "RULE-9-3-1": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "If the body of a switch is not enclosed in braces, then this can lead to incorrect execution, and hard for developers to maintain.", + "kind": "problem", + "name": "The statement forming the body of a switch shall be a compound statement", + "precision": "very-high", + "severity": "recommendation", + "short_name": "SwitchBodyCompoundCondition", + "shared_implementation_short_name": "SwitchCompoundCondition_shared", + "tags": [ + "maintainability", + "readability", + "scope/single-translation-unit" + ] + }, + { + "description": "If the body of a loop is not enclosed in braces, then this can lead to incorrect execution, and hard for developers to maintain.", + "kind": "problem", + "name": "The statement forming the body of a loop shall be a compound statement", + "precision": "very-high", + "severity": "recommendation", + "short_name": "LoopBodyCompoundCondition", + "shared_implementation_short_name": "LoopCompoundCondition_shared", + "tags": [ + "maintainability", + "readability", + "scope/single-translation-unit" + ] + } + ], + "title": "The body of an iteration-statement or a selection-statement shall be a compound-statement" + }, + "RULE-9-6-1": { + "properties": { + "enforcement": "decidable", + "obligation": "advisory" + }, + "queries": [ + { + "description": "The goto statement should not be used.", + "kind": "problem", + "name": "The goto statement should not be used", + "precision": "very-high", + "severity": "error", + "short_name": "GotoStatementShouldNotBeUsed", + "shared_implementation_short_name": "GotoStatementShouldNotBeUsed_shared", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "The goto statement should not be used" + }, + "RULE-9-6-2": { + "properties": { + "enforcement": "decidable", + "obligation": "required" + }, + "queries": [ + { + "description": "A goto statement shall reference a label in a surrounding block.", + "kind": "problem", + "name": "A goto statement shall reference a label in a surrounding block", + "precision": "very-high", + "severity": "error", + "short_name": "GotoReferenceALabelInSurroundingBlock", + "shared_implementation_short_name": "GotoReferenceALabelInSurroundingBlock_shared", + "tags": [ + "scope/single-translation-unit" + ] + } + ], + "title": "A goto statement shall reference a label in a surrounding block" } } } \ No newline at end of file diff --git a/rule_packages/cpp/Inheritance.json b/rule_packages/cpp/Inheritance.json index 55175e0013..09c8b89f18 100644 --- a/rule_packages/cpp/Inheritance.json +++ b/rule_packages/cpp/Inheritance.json @@ -144,7 +144,8 @@ "name": "An accessible base class shall not be both virtual and non-virtual in the same hierarchy", "precision": "very-high", "severity": "warning", - "short_name": "AccessibleBaseClassBothVirtualAndNonVirtualInHierarchy", + "short_name": "AccessibleBaseClassBothVirtualAndNonVirtual", + "shared_implementation_short_name": "VirtualAndNonVirtualClassInTheHierarchy_shared", "tags": [] } ], @@ -187,6 +188,7 @@ "precision": "very-high", "severity": "error", "short_name": "DynamicTypeOfThisUsedFromConstructorOrDestructor", + "shared_implementation_short_name": "ObjectsDynamicTypeUsedFromConstructorOrDestructor_shared", "tags": [] } ], diff --git a/rule_packages/cpp/Initialization.json b/rule_packages/cpp/Initialization.json index da2ed53c98..e839b4fd7e 100644 --- a/rule_packages/cpp/Initialization.json +++ b/rule_packages/cpp/Initialization.json @@ -16,6 +16,7 @@ "precision": "very-high", "severity": "warning", "short_name": "ExplicitConstructorBaseClassInitialization", + "shared_implementation_short_name": "InitializeAllVirtualBaseClasses_shared", "tags": [ "maintainability", "correctness" @@ -304,6 +305,7 @@ "precision": "very-high", "severity": "recommendation", "short_name": "ConfusingUseOfInitializerListConstructors", + "shared_implementation_short_name": "InitializerListConstructorIsTheOnlyConstructor_shared", "tags": [ "readability", "maintainability" @@ -328,6 +330,7 @@ "precision": "very-high", "severity": "recommendation", "short_name": "MultipleLocalDeclarators", + "shared_implementation_short_name": "MultipleLocalDeclarators_shared", "tags": [ "readability", "maintainability" @@ -340,6 +343,7 @@ "precision": "medium", "severity": "recommendation", "short_name": "MultipleGlobalOrMemberDeclarators", + "shared_implementation_short_name": "MultipleGlobalOrMemberDeclarators_shared", "tags": [ "readability", "maintainability" diff --git a/rule_packages/cpp/Literals.json b/rule_packages/cpp/Literals.json index e762a9c411..6c35af04dc 100644 --- a/rule_packages/cpp/Literals.json +++ b/rule_packages/cpp/Literals.json @@ -39,6 +39,7 @@ "precision": "very-high", "severity": "error", "short_name": "EscapeSequenceOutsideISO", + "shared_implementation_short_name": "BackslashCharacterMisuse_shared", "tags": [ "correctness" ] @@ -85,6 +86,7 @@ "precision": "very-high", "severity": "recommendation", "short_name": "NullPointerConstantNotNullptr", + "shared_implementation_short_name": "NullptrNotTheOnlyFormOfTheNullPointerConstant_shared", "tags": [ "readability" ] @@ -132,6 +134,7 @@ "precision": "very-high", "severity": "recommendation", "short_name": "UseOfNonZeroOctalLiteral", + "shared_implementation_short_name": "UseOfNonZeroOctalLiteral_shared", "tags": [ "readability" ] @@ -166,6 +169,7 @@ "precision": "very-high", "severity": "warning", "short_name": "MissingUSuffix", + "shared_implementation_short_name": "UnsignedIntegerLiteralsNotAppropriatelySuffixed_shared", "tags": [ "correctness", "readability" diff --git a/rule_packages/cpp/MoveForward.json b/rule_packages/cpp/MoveForward.json index 6278135d2c..13917fcc30 100644 --- a/rule_packages/cpp/MoveForward.json +++ b/rule_packages/cpp/MoveForward.json @@ -40,6 +40,7 @@ "precision": "very-high", "severity": "error", "short_name": "ForwardingValuesToOtherFunctions", + "shared_implementation_short_name": "ForwardingReferencesAndForwardNotUsedTogether_shared", "tags": [ "correctness" ] diff --git a/rule_packages/cpp/Naming.json b/rule_packages/cpp/Naming.json index e59f007975..7cf9a97bbf 100644 --- a/rule_packages/cpp/Naming.json +++ b/rule_packages/cpp/Naming.json @@ -290,7 +290,7 @@ "precision": "very-high", "severity": "recommendation", "short_name": "DifferentIdentifiersNotTypographicallyUnambiguous", - "shared_implementation_short_name" : "DifferentIdentifiersNotTypographicallyUnambiguous", + "shared_implementation_short_name": "DifferentIdentifiersNotTypographicallyUnambiguous", "tags": [ "readability", "maintainability" @@ -313,7 +313,8 @@ "name": "The identifier main shall not be used for a function other than the global function main", "precision": "very-high", "severity": "warning", - "short_name": "IdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMain", + "short_name": "IdentifierMainUsedForAFunctionOtherThanGlobalMain", + "shared_implementation_short_name": "NonGlobalFunctionMain_shared", "tags": [ "maintainability", "readability" diff --git a/rule_packages/cpp/OperatorInvariants.json b/rule_packages/cpp/OperatorInvariants.json index b34df998e9..68d45942b5 100644 --- a/rule_packages/cpp/OperatorInvariants.json +++ b/rule_packages/cpp/OperatorInvariants.json @@ -39,6 +39,7 @@ "precision": "very-high", "severity": "error", "short_name": "CopyAssignmentAndAMoveHandleSelfAssignment", + "shared_implementation_short_name": "CopyAndMoveAssignmentsShallHandleSelfAssignment_shared", "tags": [ "correctness" ] diff --git a/rule_packages/cpp/Operators.json b/rule_packages/cpp/Operators.json index 8bb2cb9d55..a04478c3df 100644 --- a/rule_packages/cpp/Operators.json +++ b/rule_packages/cpp/Operators.json @@ -296,7 +296,8 @@ "name": "The unary minus operator shall not be applied to an expression whose underlying type is unsigned", "precision": "very-high", "severity": "error", - "short_name": "UnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsigned", + "short_name": "UnaryMinusOperatorAppliedToAnUnsignedExpression", + "shared_implementation_short_name": "BuiltInUnaryOperatorAppliedToUnsignedExpression_shared", "tags": [] } ], @@ -318,6 +319,7 @@ "precision": "very-high", "severity": "error", "short_name": "UnaryOperatorOverloaded", + "shared_implementation_short_name": "AddressOfOperatorOverloaded_shared", "tags": [] } ], diff --git a/rule_packages/cpp/Pointers.json b/rule_packages/cpp/Pointers.json index 6a862e057c..ad5bb34c44 100644 --- a/rule_packages/cpp/Pointers.json +++ b/rule_packages/cpp/Pointers.json @@ -86,7 +86,8 @@ "name": "A pointer to member virtual function shall only be tested for equality with null-pointer-constant", "precision": "very-high", "severity": "error", - "short_name": "PointerToMemberVirtualFunctionWithNullPointerConstant", + "short_name": "VirtualPointerOnlyComparesToNullptrConstant", + "shared_implementation_short_name": "PotentiallyVirtualPointerOnlyComparesToNullptr_shared", "tags": [ "correctness" ] @@ -278,7 +279,8 @@ "name": "An identifier with array type passed as a function argument shall not decay to a pointer", "precision": "very-high", "severity": "warning", - "short_name": "IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointer", + "short_name": "IdentifierPassedAsFunctionArgumentDecayToAPointer", + "shared_implementation_short_name": "ArrayPassedAsFunctionArgumentDecayToAPointer_shared", "tags": [ "correctness" ] @@ -325,6 +327,7 @@ "precision": "very-high", "severity": "error", "short_name": "CastNotConvertPointerToFunction", + "shared_implementation_short_name": "CastsBetweenAPointerToFunctionAndAnyOtherType_shared", "tags": [ "correctness" ] diff --git a/rule_packages/cpp/Representation.json b/rule_packages/cpp/Representation.json index 96674eef0e..8cf6e7a3ed 100644 --- a/rule_packages/cpp/Representation.json +++ b/rule_packages/cpp/Representation.json @@ -96,6 +96,7 @@ "precision": "very-high", "severity": "error", "short_name": "NamedBitFieldsWithSignedIntegerTypeShallHaveALengthOfMoreThanOneBit", + "shared_implementation_short_name": "NamedBitFieldsWithSignedIntegerType_shared", "tags": [ "correctness" ] diff --git a/rule_packages/cpp/Scope.json b/rule_packages/cpp/Scope.json index 30b92a0675..665091fdb6 100644 --- a/rule_packages/cpp/Scope.json +++ b/rule_packages/cpp/Scope.json @@ -64,6 +64,7 @@ "precision": "very-high", "severity": "error", "short_name": "HiddenInheritedNonOverridableMemberFunction", + "shared_implementation_short_name": "HiddenInheritedNonOverridableMemberFunction_shared", "tags": [ "correctness" ] @@ -75,6 +76,7 @@ "precision": "very-high", "severity": "error", "short_name": "HiddenInheritedOverridableMemberFunction", + "shared_implementation_short_name": "HiddenInheritedOverridableMemberFunction_shared", "tags": [ "correctness" ] @@ -86,6 +88,7 @@ "precision": "very-high", "severity": "error", "short_name": "DefinitionNotConsideredForUnqualifiedLookup", + "shared_implementation_short_name": "DefinitionNotConsideredForUnqualifiedLookup_shared", "tags": [ "correctness" ] @@ -228,6 +231,7 @@ "precision": "very-high", "severity": "warning", "short_name": "GlobalNamespaceMembershipViolation", + "shared_implementation_short_name": "GlobalNamespaceDeclarations_shared", "tags": [ "readability" ] diff --git a/rule_packages/cpp/Templates.json b/rule_packages/cpp/Templates.json index 006f81bda6..5fd2946f1e 100644 --- a/rule_packages/cpp/Templates.json +++ b/rule_packages/cpp/Templates.json @@ -22,7 +22,7 @@ "readability" ] } - ], + ], "title": "A template should check if a specific template argument is suitable for this template." }, "A14-5-1": { @@ -112,6 +112,7 @@ "precision": "very-high", "severity": "warning", "short_name": "ExplicitSpecializationsOfFunctionTemplatesUsed", + "shared_implementation_short_name": "FunctionTemplatesExplicitlySpecialized_shared", "tags": [ "maintainability", "readability" @@ -171,25 +172,27 @@ "precision": "very-high", "severity": "warning", "short_name": "NameNotReferredUsingAQualifiedIdOrThis", + "shared_implementation_short_name": "NameNotReferredUsingAQualifiedIdOrThis_shared", "tags": [ "maintainability", "readability" ] }, { - "description": "Not using a qualified-id or `this->` syntax for identifiers used in a class template makes the code more difficult to understand.", - "kind": "problem", - "name": "(Audit) In a class template with a dependent base, any name that may be found in that dependent base shall shall be referred to using a qualified-id or this->", - "precision": "very-high", - "severity": "warning", - "short_name": "NameNotReferredUsingAQualifiedIdOrThisAudit", - "tags": [ - "maintainability", - "readability" - ] - } + "description": "Not using a qualified-id or `this->` syntax for identifiers used in a class template makes the code more difficult to understand.", + "kind": "problem", + "name": "(Audit) In a class template with a dependent base, any name that may be found in that dependent base shall shall be referred to using a qualified-id or this->", + "precision": "very-high", + "severity": "warning", + "short_name": "NameNotReferredUsingAQualifiedIdOrThisAudit", + "shared_implementation_short_name": "NameNotReferredUsingAQualifiedIdOrThisAudit_shared", + "tags": [ + "maintainability", + "readability" + ] + } ], "title": "In a class template with a dependent base, any name that may be found in that dependent base shall be referred to using a qualified-id or this->." } } -} +} \ No newline at end of file diff --git a/rule_packages/cpp/VirtualFunctions.json b/rule_packages/cpp/VirtualFunctions.json index 198aba1bb7..79a286aa2c 100644 --- a/rule_packages/cpp/VirtualFunctions.json +++ b/rule_packages/cpp/VirtualFunctions.json @@ -176,7 +176,8 @@ "name": "Parameters in an overriding virtual function shall have the same default arguments or no default arguments", "precision": "very-high", "severity": "warning", - "short_name": "VirtualFunctionParametersUseTheSameDefaultArguments", + "short_name": "VirtualFunctionParametersUseSameDefaultArguments", + "shared_implementation_short_name": "OverridingShallSpecifyDifferentDefaultArguments_shared", "tags": [ "correctness" ] diff --git a/rules.csv b/rules.csv index 256b8e6ccf..de8aa6e566 100644 --- a/rules.csv +++ b/rules.csv @@ -787,36 +787,36 @@ cpp,MISRA-C++-2023,DIR-0-3-2,Yes,Required,,,A function call shall not violate th cpp,MISRA-C++-2023,RULE-4-1-1,Yes,Required,Undecidable,System,A program shall conform to ISO/IEC 14882:2017 (C++17),,,Hard, cpp,MISRA-C++-2023,RULE-4-1-2,Yes,Advisory,Decidable,Single Translation Unit,Deprecated features should not be used,,,Very Hard, cpp,MISRA-C++-2023,RULE-4-1-3,Yes,Required,Undecidable,System,There shall be no occurrence of undefined or critical unspecified behaviour,,,Very Hard, -cpp,MISRA-C++-2023,RULE-4-6-1,Yes,Required,Undecidable,System,Operations on a memory location shall be sequenced appropriately,RULE-13-2,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-4-6-1,Yes,Required,Undecidable,System,Operations on a memory location shall be sequenced appropriately,RULE-13-2,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-5-0-1,Yes,Advisory,Decidable,Single Translation Unit,Trigraph-like sequences should not be used,A2-5-1,,Very Hard, -cpp,MISRA-C++-2023,RULE-5-7-1,Yes,Required,Decidable,Single Translation Unit,The character sequence /* shall not be used within a C-style comment,M2-7-1,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-5-7-1,Yes,Required,Decidable,Single Translation Unit,The character sequence /* shall not be used within a C-style comment,M2-7-1,ImportMisra23,Import, cpp,MISRA-C++-2023,DIR-5-7-2,Yes,Advisory,,,Sections of code should not be “commented out”,A2-7-2,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-5-7-3,Yes,Required,Decidable,Single Translation Unit,Line-splicing shall not be used in // comments,A2-7-1,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-5-7-3,Yes,Required,Decidable,Single Translation Unit,Line-splicing shall not be used in // comments,A2-7-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-5-10-1,Yes,Required,Decidable,Single Translation Unit,User-defined identifiers shall have an appropriate form,,,Easy, -cpp,MISRA-C++-2023,RULE-5-13-1,Yes,Required,Decidable,Single Translation Unit,"In character literals and non-raw string literals, \ shall only be used to form a defined escape sequence or universal character name",A2-13-1,ImportMisra23-1,Import, -cpp,MISRA-C++-2023,RULE-5-13-2,Yes,Required,Decidable,Single Translation Unit,"Octal escape sequences, hexadecimal escape sequences, and universal character names shall be terminated",RULE-4-1,ImportMisra23-1,Import, -cpp,MISRA-C++-2023,RULE-5-13-3,Yes,Required,Decidable,Single Translation Unit,Octal constants shall not be used,RULE-7-1,ImportMisra23-1,Import, -cpp,MISRA-C++-2023,RULE-5-13-4,Yes,Required,Decidable,Single Translation Unit,Unsigned integer literals shall be appropriately suffixed,M2-13-3,ImportMisra23-1,Import, -cpp,MISRA-C++-2023,RULE-5-13-5,Yes,Required,Decidable,Single Translation Unit,The lowercase form of L shall not be used as the first character in a literal suffix,RULE-7-3,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-5-13-1,Yes,Required,Decidable,Single Translation Unit,"In character literals and non-raw string literals, \ shall only be used to form a defined escape sequence or universal character name",A2-13-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-5-13-2,Yes,Required,Decidable,Single Translation Unit,"Octal escape sequences, hexadecimal escape sequences, and universal character names shall be terminated",RULE-4-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-5-13-3,Yes,Required,Decidable,Single Translation Unit,Octal constants shall not be used,M2-13-2,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-5-13-4,Yes,Required,Decidable,Single Translation Unit,Unsigned integer literals shall be appropriately suffixed,M2-13-3,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-5-13-5,Yes,Required,Decidable,Single Translation Unit,The lowercase form of L shall not be used as the first character in a literal suffix,RULE-7-3,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-5-13-6,Yes,Required,Decidable,Single Translation Unit,An integer-literal of type long long shall not use a single L or l in any suffix,,,Easy, cpp,MISRA-C++-2023,RULE-5-13-7,No,Required,Decidable,Single Translation Unit,String literals with different encoding prefixes shall not be concatenated,A2-13-2,,, cpp,MISRA-C++-2023,RULE-6-0-1,Yes,Required,Decidable,Single Translation Unit,Block scope declarations shall not be visually ambiguous,"M3-1-2,DCL53-CPP",,Easy, cpp,MISRA-C++-2023,RULE-6-0-2,Yes,Advisory,Decidable,Single Translation Unit,"When an array with external linkage is declared, its size should be explicitly specified",RULE-18-8,,Easy, -cpp,MISRA-C++-2023,RULE-6-0-3,Yes,Advisory,Decidable,Single Translation Unit,"The only declarations in the global namespace should be main, namespace declarations and extern ""C"" declarations",M7-3-1,ImportMisra23-1,Import, -cpp,MISRA-C++-2023,RULE-6-0-4,Yes,Required,Decidable,Single Translation Unit,The identifier main shall not be used for a function other than the global function main,M7-3-2,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-6-0-3,Yes,Advisory,Decidable,Single Translation Unit,"The only declarations in the global namespace should be main, namespace declarations and extern ""C"" declarations",M7-3-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-6-0-4,Yes,Required,Decidable,Single Translation Unit,The identifier main shall not be used for a function other than the global function main,M7-3-2,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-6-2-1,Yes,Required,Decidable,System,The one-definition rule shall not be violated,M3-2-2,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-6-2-2,Yes,Required,Decidable,System,All declarations of a variable or function shall have the same type,"M3-9-1,DCL40-C",,Easy, cpp,MISRA-C++-2023,RULE-6-2-3,Yes,Required,Decidable,System,The source code used to implement an entity shall appear only once,,,Medium, cpp,MISRA-C++-2023,RULE-6-2-4,Yes,Required,Decidable,Single Translation Unit,A header file shall not contain definitions of functions or objects that are non-inline and have external linkage,,,Easy, cpp,MISRA-C++-2023,RULE-6-4-1,Yes,Required,Decidable,Single Translation Unit,A variable declared in an inner scope shall not hide a variable declared in an outer scope,A2-10-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-6-4-2,Yes,Required,Decidable,Single Translation Unit,Derived classes shall not conceal functions that are inherited from their bases,A7-3-1,ImportMisra23-1,Import, -cpp,MISRA-C++-2023,RULE-6-4-3,Yes,Required,Decidable,Single Translation Unit,A name that is present in a dependent base shall not be resolved by unqualified lookup,M14-6-1,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-6-4-2,Yes,Required,Decidable,Single Translation Unit,Derived classes shall not conceal functions that are inherited from their bases,A7-3-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-6-4-3,Yes,Required,Decidable,Single Translation Unit,A name that is present in a dependent base shall not be resolved by unqualified lookup,M14-6-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-6-5-1,Yes,Advisory,Decidable,Single Translation Unit,A function or object with external linkage should be introduced in a header file,,,Medium, cpp,MISRA-C++-2023,RULE-6-5-2,Yes,Advisory,Decidable,Single Translation Unit,Internal linkage should be specified appropriately,,,Medium, cpp,MISRA-C++-2023,RULE-6-7-1,Yes,Required,Decidable,Single Translation Unit,Local variables shall not have static storage duration,,,Easy, cpp,MISRA-C++-2023,RULE-6-7-2,Yes,Required,Decidable,Single Translation Unit,Global variables shall not be used,,,Easy, cpp,MISRA-C++-2023,RULE-6-8-1,Yes,Required,Undecidable,System,An object shall not be accessed outside of its lifetime,A3-8-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-6-8-2,Yes,Mandatory,Decidable,Single Translation Unit,A function must not return a reference or a pointer to a local variable with automatic storage duration,M7-5-1,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-6-8-2,Yes,Mandatory,Decidable,Single Translation Unit,A function must not return a reference or a pointer to a local variable with automatic storage duration,M7-5-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-6-8-3,Yes,Required,Decidable,Single Translation Unit,An assignment operator shall not assign the address of an object with automatic storage duration to an object with a greater lifetime,,,Medium, cpp,MISRA-C++-2023,RULE-6-8-4,Yes,Advisory,Decidable,Single Translation Unit,Member functions returning references to their object should be refqualified appropriately,,,Medium, cpp,MISRA-C++-2023,RULE-6-9-1,Yes,Required,Decidable,Single Translation Unit,The same type aliases shall be used in all declarations of the same entity,,,Medium, @@ -827,8 +827,8 @@ cpp,MISRA-C++-2023,RULE-7-0-3,Yes,Required,Decidable,Single Translation Unit,The cpp,MISRA-C++-2023,RULE-7-0-4,Yes,Required,Decidable,Single Translation Unit,The operands of bitwise operators and shift operators shall be appropriate,RULE-10-1,,Medium, cpp,MISRA-C++-2023,RULE-7-0-5,Yes,Required,Decidable,Single Translation Unit,Integral promotion and the usual arithmetic conversions shall not change the signedness or the type category of an operand,"M5-0-4,M5-0-9,INT31-C",,Medium, cpp,MISRA-C++-2023,RULE-7-0-6,Yes,Required,Decidable,Single Translation Unit,Assignment between numeric types shall be appropriate,,,Hard, -cpp,MISRA-C++-2023,RULE-7-11-1,Yes,Required,Decidable,Single Translation Unit,nullptr shall be the only form of the null-pointer-constant,A4-10-1,ImportMisra23-1,Import, -cpp,MISRA-C++-2023,RULE-7-11-2,Yes,Required,Decidable,Single Translation Unit,An array passed as a function argument shall not decay to a pointer,M5-2-12,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-7-11-1,Yes,Required,Decidable,Single Translation Unit,nullptr shall be the only form of the null-pointer-constant,A4-10-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-7-11-2,Yes,Required,Decidable,Single Translation Unit,An array passed as a function argument shall not decay to a pointer,M5-2-12,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-7-11-3,Yes,Required,Decidable,Single Translation Unit,A conversion from function type to pointer-to-function type shall only occur in appropriate contexts,,,Easy, cpp,MISRA-C++-2023,RULE-8-0-1,Yes,Advisory,Decidable,Single Translation Unit,Parentheses should be used to make the meaning of an expression appropriately explicit,M5-0-2,,Medium, cpp,MISRA-C++-2023,RULE-8-1-1,Yes,Required,Decidable,Single Translation Unit,A non-transient lambda shall not implicitly capture this,,,Easy, @@ -836,81 +836,81 @@ cpp,MISRA-C++-2023,RULE-8-1-2,Yes,Advisory,Decidable,Single Translation Unit,Var cpp,MISRA-C++-2023,RULE-8-2-1,Yes,Required,Decidable,Single Translation Unit,A virtual base class shall only be cast to a derived class by means of dynamic_cast,,,Easy, cpp,MISRA-C++-2023,RULE-8-2-2,Yes,Required,Decidable,Single Translation Unit,C-style casts and functional notation casts shall not be used,A5-2-2,,Easy, cpp,MISRA-C++-2023,RULE-8-2-3,Yes,Required,Decidable,Single Translation Unit,A cast shall not remove any const or volatile qualification from the type accessed via a pointer or by reference,A5-2-3,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-8-2-4,Yes,Required,Decidable,Single Translation Unit,Casts shall not be performed between a pointer to function and any other type,M5-2-6,ImportMisra23-1,Import, -cpp,MISRA-C++-2023,RULE-8-2-5,Yes,Required,Decidable,Single Translation Unit,reinterpret_cast shall not be used,A5-2-4,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-8-2-4,Yes,Required,Decidable,Single Translation Unit,Casts shall not be performed between a pointer to function and any other type,M5-2-6,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-8-2-5,Yes,Required,Decidable,Single Translation Unit,reinterpret_cast shall not be used,A5-2-4,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-8-2-6,Yes,Required,Decidable,Single Translation Unit,"An object with integral, enumerated, or pointer to void type shall not be cast to a pointer type","RULE-11-6, INT36-C",,Easy, cpp,MISRA-C++-2023,RULE-8-2-7,Yes,Advisory,Decidable,Single Translation Unit,A cast should not convert a pointer type to an integral type,"RULE-11-6, INT36-C",,Easy, cpp,MISRA-C++-2023,RULE-8-2-8,Yes,Required,Decidable,Single Translation Unit,An object pointer type shall not be cast to an integral type other than std::uintptr_t or std::intptr_t,"RULE-11-6, INT36-C",,Easy, cpp,MISRA-C++-2023,RULE-8-2-9,Yes,Required,Decidable,Single Translation Unit,The operand to typeid shall not be an expression of polymorphic class type,,,Easy, -cpp,MISRA-C++-2023,RULE-8-2-10,Yes,Required,Undecidable,System,"Functions shall not call themselves, either directly or indirectly",A7-5-2,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-8-2-10,Yes,Required,Undecidable,System,"Functions shall not call themselves, either directly or indirectly",A7-5-2,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-8-2-11,Yes,Required,Decidable,Single Translation Unit,An argument passed via ellipsis shall have an appropriate type,,,Easy, -cpp,MISRA-C++-2023,RULE-8-3-1,Yes,Advisory,Decidable,Single Translation Unit,The built-in unary - operator should not be applied to an expression of unsigned type,M5-3-2,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-8-3-1,Yes,Advisory,Decidable,Single Translation Unit,The built-in unary - operator should not be applied to an expression of unsigned type,M5-3-2,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-8-3-2,Yes,Advisory,Decidable,Single Translation Unit,The built-in unary + operator should not be used,,,Easy, cpp,MISRA-C++-2023,RULE-8-7-1,Yes,Required,Undecidable,System,Pointer arithmetic shall not form an invalid pointer,ARR30-C,,Easy, cpp,MISRA-C++-2023,RULE-8-7-2,Yes,Required,Undecidable,System,Subtraction between pointers shall only be applied to pointers that address elements of the same array,ARR36-C,,Easy, cpp,MISRA-C++-2023,RULE-8-9-1,Yes,Required,Undecidable,System,"The built-in relational operators >, >=, < and <= shall not be applied to objects of pointer type, except where they point to elements of the same array",ARR36-C,,Easy, cpp,MISRA-C++-2023,RULE-8-14-1,Yes,Advisory,Undecidable,System,The right-hand operand of a logical && or operator should not contain persistent side effects,"M5-14-1, RULE-13-5",,Medium, cpp,MISRA-C++-2023,RULE-8-18-1,Yes,Mandatory,Undecidable,System,An object or subobject must not be copied to an overlapping object,"M0-2-1, RULE-19-1",,Hard, -cpp,MISRA-C++-2023,RULE-8-18-2,Yes,Advisory,Decidable,Single Translation Unit,The result of an assignment operator should not be used,RULE-13-4,ImportMisra23-1,Import, -cpp,MISRA-C++-2023,RULE-8-19-1,Yes,Advisory,Decidable,Single Translation Unit,The comma operator should not be used,M15-8-1,ImportMisra23-1,Import, -cpp,MISRA-C++-2023,RULE-8-20-1,Yes,Advisory,Decidable,Single Translation Unit,An unsigned arithmetic operation with constant operands should not wrap,INT30-C,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-8-18-2,Yes,Advisory,Decidable,Single Translation Unit,The result of an assignment operator should not be used,RULE-13-4,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-8-19-1,Yes,Advisory,Decidable,Single Translation Unit,The comma operator should not be used,M5-18-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-8-20-1,Yes,Advisory,Decidable,Single Translation Unit,An unsigned arithmetic operation with constant operands should not wrap,INT30-C,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-9-2-1,Yes,Required,Decidable,Single Translation Unit,An explicit type conversion shall not be an expression statement,DCL53-CPP,,Easy, -cpp,MISRA-C++-2023,RULE-9-3-1,Yes,Required,Decidable,Single Translation Unit,The body of an iteration-statement or a selection-statement shall be a compound-statement,RULE-15-6,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-9-3-1,Yes,Required,Decidable,Single Translation Unit,The body of an iteration-statement or a selection-statement shall be a compound-statement,RULE-15-6,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-9-4-1,Yes,Required,Decidable,Single Translation Unit,All if ... else if constructs shall be terminated with an else statement,RULE-15-7,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-9-4-2,Yes,Required,Decidable,Single Translation Unit,The structure of a switch statement shall be appropriate,"RULE-16-1, RULE-16-2,RULE-16-3,RULE-16-4,RULE-16-5,RULE-16-6,RULE-16-7",,Medium, cpp,MISRA-C++-2023,RULE-9-5-1,Yes,Advisory,Decidable,Single Translation Unit,Legacy for statements should be simple,,,Hard, cpp,MISRA-C++-2023,RULE-9-5-2,Yes,Required,Decidable,Single Translation Unit,A for-range-initializer shall contain at most one function call,,,Easy, -cpp,MISRA-C++-2023,RULE-9-6-1,Yes,Advisory,Decidable,Single Translation Unit,The goto statement should not be used,RULE-15-1,ImportMisra23-1,Import, -cpp,MISRA-C++-2023,RULE-9-6-2,Yes,Required,Decidable,Single Translation Unit,A goto statement shall reference a label in a surrounding block,RULE-15-3,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-9-6-1,Yes,Advisory,Decidable,Single Translation Unit,The goto statement should not be used,RULE-15-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-9-6-2,Yes,Required,Decidable,Single Translation Unit,A goto statement shall reference a label in a surrounding block,RULE-15-3,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-9-6-3,Yes,Required,Decidable,Single Translation Unit,The goto statement shall jump to a label declared later in the function body,RULE-15-2,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-9-6-4,Yes,Required,Undecidable,System,A function declared with the [[noreturn]] attribute shall not return,MSC53-CPP,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-9-6-5,Yes,Required,Decidable,Single Translation Unit,A function with non-void return type shall return a value on all paths,MSC52-CPP,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-10-0-1,Yes,Advisory,Decidable,Single Translation Unit,A declaration should not declare more than one variable or member variable,M8-0-1,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-10-0-1,Yes,Advisory,Decidable,Single Translation Unit,A declaration should not declare more than one variable or member variable,M8-0-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-10-1-1,Yes,Advisory,Decidable,Single Translation Unit,The target type of a pointer or lvalue reference parameter should be const-qualified appropriately,RULE-8-13,,Hard, cpp,MISRA-C++-2023,RULE-10-1-2,Yes,Required,Decidable,Single Translation Unit,The volatile qualifier shall be used appropriately,,,Easy, -cpp,MISRA-C++-2023,RULE-10-2-1,Yes,Required,Decidable,Single Translation Unit,An enumeration shall be defined with an explicit underlying type,A7-2-2,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-10-2-1,Yes,Required,Decidable,Single Translation Unit,An enumeration shall be defined with an explicit underlying type,A7-2-2,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-10-2-2,Yes,Advisory,Decidable,Single Translation Unit,Unscoped enumerations should not be declared,A7-2-3,,Easy, cpp,MISRA-C++-2023,RULE-10-2-3,Yes,Required,Decidable,Single Translation Unit,The numeric value of an unscoped enumeration with no fixed underlying type shall not be used,A4-5-1,,Easy, cpp,MISRA-C++-2023,RULE-10-3-1,Yes,Advisory,Decidable,Single Translation Unit,There should be no unnamed namespaces in header files,"DCL59-CPP, M7-3-3",,Easy, -cpp,MISRA-C++-2023,RULE-10-4-1,Yes,Required,Decidable,Single Translation Unit,The asm declaration shall not be used,A7-4-1,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-10-4-1,Yes,Required,Decidable,Single Translation Unit,The asm declaration shall not be used,A7-4-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-11-3-1,Yes,Advisory,Decidable,Single Translation Unit,Variables of array type should not be declared,,,Easy, cpp,MISRA-C++-2023,RULE-11-3-2,Yes,Advisory,Decidable,Single Translation Unit,The declaration of an object should contain no more than two levels of pointer indirection,A5-0-3,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-11-6-1,Yes,Advisory,Decidable,Single Translation Unit,All variables should be initialized,,,Easy, cpp,MISRA-C++-2023,RULE-11-6-2,Yes,Mandatory,Undecidable,System,The value of an object must not be read before it has been set,A8-5-0,,Very Hard, -cpp,MISRA-C++-2023,RULE-11-6-3,Yes,Required,Decidable,Single Translation Unit,"Within an enumerator list, the value of an implicitly-specified enumeration constant shall be unique",RULE-8-12,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-11-6-3,Yes,Required,Decidable,Single Translation Unit,"Within an enumerator list, the value of an implicitly-specified enumeration constant shall be unique",RULE-8-12,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-12-2-1,Yes,Advisory,Decidable,Single Translation Unit,Bit-fields should not be declared,A9-6-2,,Easy, -cpp,MISRA-C++-2023,RULE-12-2-2,Yes,Required,Decidable,Single Translation Unit,A bit-field shall have an appropriate type,RULE-6-1,ImportMisra23-1,Import, -cpp,MISRA-C++-2023,RULE-12-2-3,Yes,Required,Decidable,Single Translation Unit,A named bit-field with signed integer type shall not have a length of one bit,"RULE-6-2, M9-6-4",ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-12-2-2,Yes,Required,Decidable,Single Translation Unit,A bit-field shall have an appropriate type,RULE-6-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-12-2-3,Yes,Required,Decidable,Single Translation Unit,A named bit-field with signed integer type shall not have a length of one bit,M9-6-4,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-12-3-1,Yes,Required,Decidable,Single Translation Unit,The union keyword shall not be used,RULE-19-2,,Easy, cpp,MISRA-C++-2023,RULE-13-1-1,Yes,Advisory,Decidable,Single Translation Unit,Classes should not be inherited virtually,,,Easy, -cpp,MISRA-C++-2023,RULE-13-1-2,Yes,Required,Decidable,Single Translation Unit,An accessible base class shall not be both virtual and non-virtual in the same hierarchy,M10-1-3,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-13-1-2,Yes,Required,Decidable,Single Translation Unit,An accessible base class shall not be both virtual and non-virtual in the same hierarchy,M10-1-3,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-13-3-1,Yes,Required,Decidable,Single Translation Unit,"User-declared member functions shall use the virtual, override and final specifiers appropriately",,,Easy, -cpp,MISRA-C++-2023,RULE-13-3-2,Yes,Required,Decidable,Single Translation Unit,Parameters in an overriding virtual function shall not specify different default arguments,M8-3-1,ImportMisra23-1,Import, -cpp,MISRA-C++-2023,RULE-13-3-3,Yes,Required,Decidable,System,The parameters in all declarations or overrides of a function shall either be unnamed or have identical names,A15-1-2,ImportMisra23-1,Import, -cpp,MISRA-C++-2023,RULE-13-3-4,Yes,Required,Decidable,Single Translation Unit,A comparison of a potentially virtual pointer to member function shall only be with nullptr,A5-10-1,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-13-3-2,Yes,Required,Decidable,Single Translation Unit,Parameters in an overriding virtual function shall not specify different default arguments,M8-3-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-13-3-3,Yes,Required,Decidable,System,The parameters in all declarations or overrides of a function shall either be unnamed or have identical names,RULE-8-3,,Easy, +cpp,MISRA-C++-2023,RULE-13-3-4,Yes,Required,Decidable,Single Translation Unit,A comparison of a potentially virtual pointer to member function shall only be with nullptr,A5-10-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-14-1-1,Yes,Advisory,Decidable,Single Translation Unit,Non-static data members should be either all private or all public,,,Easy, cpp,MISRA-C++-2023,RULE-15-0-1,Yes,Required,Decidable,Single Translation Unit,Special member functions shall be provided appropriately,A12-0-1,,Medium, cpp,MISRA-C++-2023,RULE-15-0-2,Yes,Advisory,Decidable,Single Translation Unit,User-provided copy and move member functions of a class should have appropriate signatures,,,Easy, -cpp,MISRA-C++-2023,RULE-15-1-1,Yes,Required,Undecidable,System,An object’s dynamic type shall not be used from within its constructor or destructor,M12-1-1,ImportMisra23-1,Import, -cpp,MISRA-C++-2023,RULE-15-1-2,Yes,Advisory,Decidable,Single Translation Unit,All constructors of a class should explicitly initialize all of its virtual base classes and immediate base classes,A12-1-1,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-15-1-1,Yes,Required,Undecidable,System,An object’s dynamic type shall not be used from within its constructor or destructor,M12-1-1,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-15-1-2,Yes,Advisory,Decidable,Single Translation Unit,All constructors of a class should explicitly initialize all of its virtual base classes and immediate base classes,A12-1-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-15-1-3,Yes,Required,Decidable,Single Translation Unit,Conversion operators and constructors that are callable with a single argument shall be explicit,"A12-1-4,A13-5-2",,Easy, cpp,MISRA-C++-2023,RULE-15-1-4,Yes,Advisory,Decidable,Single Translation Unit,"All direct, non-static data members of a class should be initialized before the class object is accessible",,,Hard, -cpp,MISRA-C++-2023,RULE-15-1-5,Yes,Required,Decidable,Single Translation Unit,A class shall only define an initializer-list constructor when it is the only constructor,A8-5-4,ImportMisra23-1,Import, -cpp,MISRA-C++-2023,DIR-15-8-1,Yes,Required,Decidable,Implementation,User-provided copy assignment operators and move assignment operators shall handle self-assignment,A12-8-5,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-15-1-5,Yes,Required,Decidable,Single Translation Unit,A class shall only define an initializer-list constructor when it is the only constructor,A8-5-4,ImportMisra23,Import, +cpp,MISRA-C++-2023,DIR-15-8-1,Yes,Required,Decidable,Implementation,User-provided copy assignment operators and move assignment operators shall handle self-assignment,A12-8-5,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-16-5-1,Yes,Required,Decidable,Single Translation Unit,The logical AND and logical OR operators shall not be overloaded,M5-2-11,,Easy, -cpp,MISRA-C++-2023,RULE-16-5-2,Yes,Required,Decidable,Single Translation Unit,The address-of operator shall not be overloaded,M5-3-3,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-16-5-2,Yes,Required,Decidable,Single Translation Unit,The address-of operator shall not be overloaded,M5-3-3,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-16-6-1,Yes,Advisory,Decidable,Single Translation Unit,Symmetrical operators should only be implemented as non-member functions,,,Medium, -cpp,MISRA-C++-2023,RULE-17-8-1,Yes,Required,Decidable,Single Translation Unit,Function templates shall not be explicitly specialized,A14-8-2,ImportMisra23-1,Import, -cpp,MISRA-C++-2023,RULE-18-1-1,Yes,Required,Decidable,Single Translation Unit,An exception object shall not have pointer type,A15-1-2,ImportMisra23-1,Import, -cpp,MISRA-C++-2023,RULE-18-1-2,Yes,Required,Decidable,Single Translation Unit,An empty throw shall only occur within the compound-statement of a catch handler,M15-1-3,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-17-8-1,Yes,Required,Decidable,Single Translation Unit,Function templates shall not be explicitly specialized,A14-8-2,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-18-1-1,Yes,Required,Decidable,Single Translation Unit,An exception object shall not have pointer type,A15-1-2,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-18-1-2,Yes,Required,Decidable,Single Translation Unit,An empty throw shall only occur within the compound-statement of a catch handler,M15-1-3,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-18-3-1,Yes,Advisory,Decidable,Single Translation Unit,There should be at least one exception handler to catch all otherwise unhandled exceptions,A15-3-3,,Easy, cpp,MISRA-C++-2023,RULE-18-3-2,Yes,Required,Decidable,Single Translation Unit,An exception of class type shall be caught by const reference or reference,A15-3-5,,Easy, cpp,MISRA-C++-2023,RULE-18-3-3,Yes,Required,Decidable,Single Translation Unit,Handlers for a function-try-block of a constructor or destructor shall not refer to non-static members from their class or its bases,M15-3-3,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-18-4-1,Yes,Required,Decidable,Single Translation Unit,Exception-unfriendly functions shall be noexcept,A15-5-1,,Easy, -cpp,MISRA-C++-2023,RULE-18-5-1,Yes,Advisory,Undecidable,System,A noexcept function should not attempt to propagate an exception to the calling function,A15-4-2,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-18-5-1,Yes,Advisory,Undecidable,System,A noexcept function should not attempt to propagate an exception to the calling function,A15-4-2,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-18-5-2,Yes,Advisory,Decidable,Single Translation Unit,Program-terminating functions should not be used,,,Easy, cpp,MISRA-C++-2023,RULE-19-0-1,No,Required,Decidable,Single Translation Unit,A line whose first token is # shall be a valid preprocessing directive,,,, -cpp,MISRA-C++-2023,RULE-19-0-2,Yes,Required,Decidable,Single Translation Unit,Function-like macros shall not be defined,DIR-4-9,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-19-0-2,Yes,Required,Decidable,Single Translation Unit,Function-like macros shall not be defined,DIR-4-9,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-19-0-3,Yes,Advisory,Decidable,Single Translation Unit,#include directives should only be preceded by preprocessor directives or comments,RULE-20-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-19-0-4,Yes,Advisory,Decidable,Single Translation Unit,#undef should only be used for macros defined previously in the same file,,,Easy, cpp,MISRA-C++-2023,RULE-19-1-1,Yes,Required,Decidable,Single Translation Unit,The defined preprocessor operator shall be used appropriately,M16-1-1,,Easy, @@ -920,23 +920,23 @@ cpp,MISRA-C++-2023,RULE-19-2-1,Yes,Required,Decidable,Single Translation Unit,Pr cpp,MISRA-C++-2023,RULE-19-2-2,Yes,Required,Decidable,Single Translation Unit,"The #include directive shall be followed by either a or ""filename"" sequence",,,Easy, cpp,MISRA-C++-2023,RULE-19-2-3,Yes,Required,Decidable,Single Translation Unit,"The ' or "" or \ characters and the /* or // character sequences shall not occur in a header file name",A16-2-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-19-3-1,Yes,Advisory,Decidable,Single Translation Unit,The # and ## preprocessor operators should not be used,M16-3-2,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-19-3-2,Yes,Required,Decidable,Single Translation Unit,A macro parameter immediately following a # operator shall not be immediately followed by a ## operator,RULE-20-11,ImportMisra23-1,Import, -cpp,MISRA-C++-2023,RULE-19-3-3,Yes,Required,Decidable,Single Translation Unit,The argument to a mixed-use macro parameter shall not be subject to further expansion,RULE-20-12,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-19-3-2,Yes,Required,Decidable,Single Translation Unit,A macro parameter immediately following a # operator shall not be immediately followed by a ## operator,RULE-20-11,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-19-3-3,Yes,Required,Decidable,Single Translation Unit,The argument to a mixed-use macro parameter shall not be subject to further expansion,RULE-20-12,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-19-3-4,Yes,Required,Decidable,Single Translation Unit,Parentheses shall be used to ensure macro arguments are expanded appropriately,M16-0-6,,Medium, cpp,MISRA-C++-2023,RULE-19-3-5,Yes,Required,Decidable,Single Translation Unit,Tokens that look like a preprocessing directive shall not occur within a macro argument,RULE-20-6,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-19-6-1,Yes,Advisory,Decidable,Single Translation Unit,The #pragma directive and the _Pragma operator should not be used,A16-7-1,,Easy, -cpp,MISRA-C++-2023,RULE-21-2-1,Yes,Required,Decidable,Single Translation Unit,"The library functions atof, atoi, atol and atoll from shall not be used",RULE-21-7,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-21-2-1,Yes,Required,Decidable,Single Translation Unit,"The library functions atof, atoi, atol and atoll from shall not be used",RULE-21-7,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-21-2-2,Yes,Required,Decidable,Single Translation Unit,"The string handling functions from , , and shall not be used",M18-0-5,,Easy, cpp,MISRA-C++-2023,RULE-21-2-3,Yes,Required,Decidable,Single Translation Unit,The library function system from shall not be used,M18-0-3,,Easy, -cpp,MISRA-C++-2023,RULE-21-2-4,Yes,Required,Decidable,Single Translation Unit,The macro offsetof shall not be used,M18-2-1,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-21-2-4,Yes,Required,Decidable,Single Translation Unit,The macro offsetof shall not be used,M18-2-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-21-6-1,Yes,Advisory,Undecidable,Single Translation Unit,Dynamic memory should not be used,DIR-4-12,,Easy, cpp,MISRA-C++-2023,RULE-21-6-2,Yes,Required,Decidable,Single Translation Unit,Dynamic memory shall be managed automatically,,,Easy, cpp,MISRA-C++-2023,RULE-21-6-3,Yes,Required,Decidable,Single Translation Unit,Advanced memory management shall not be used,,,Medium, -cpp,MISRA-C++-2023,RULE-21-6-4,Yes,Required,Decidable,System,"If a project defines either a sized or unsized version of a global operator delete, then both shall be defined",A18-5-4,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-21-6-4,Yes,Required,Decidable,System,"If a project defines either a sized or unsized version of a global operator delete, then both shall be defined",A18-5-4,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-21-6-5,Yes,Required,Decidable,Single Translation Unit,A pointer to an incomplete class type shall not be deleted,A5-3-3,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-21-10-1,Yes,Required,Decidable,Single Translation Unit,The features of shall not be used,DCL50-CPP,,Easy, cpp,MISRA-C++-2023,RULE-21-10-2,Yes,Required,Decidable,Single Translation Unit,The standard header file shall not be used,ERR52-CPP,,Easy, -cpp,MISRA-C++-2023,RULE-21-10-3,Yes,Required,Decidable,Single Translation Unit,The facilities provided by the standard header file shall not be used,M18-7-1,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-21-10-3,Yes,Required,Decidable,Single Translation Unit,The facilities provided by the standard header file shall not be used,M18-7-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-22-3-1,Yes,Required,Decidable,Single Translation Unit,The assert macro shall not be used with a constant-expression,,,Easy, cpp,MISRA-C++-2023,RULE-22-4-1,Yes,Required,Decidable,Single Translation Unit,The literal value zero shall be the only value assigned to errno,,,Easy, cpp,MISRA-C++-2023,RULE-23-11-1,Yes,Advisory,Decidable,Single Translation Unit,The raw pointer constructors of std::shared_ptr and std::unique_ptr should not be used,,,Easy, @@ -945,11 +945,11 @@ cpp,MISRA-C++-2023,RULE-24-5-2,Yes,Required,Decidable,Single Translation Unit,"T cpp,MISRA-C++-2023,RULE-25-5-1,Yes,Required,Decidable,Single Translation Unit,The setlocale and std::locale::global functions shall not be called,,,Easy, cpp,MISRA-C++-2023,RULE-25-5-2,Yes,Mandatory,Decidable,Single Translation Unit,"The pointers returned by the C++ Standard Library functions localeconv, getenv, setlocale or strerror must only be used as if they have pointer to const-qualified type",RULE-21-19,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-25-5-3,Yes,Mandatory,Undecidable,System,"The pointer returned by the C++ Standard Library functions asctime, ctime, gmtime, localtime, localeconv, getenv, setlocale or strerror must not be used following a subsequent call to the same function",RULE-21-20,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-26-3-1,Yes,Advisory,Decidable,Single Translation Unit,std::vector should not be specialized with bool,A18-1-2,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-26-3-1,Yes,Advisory,Decidable,Single Translation Unit,std::vector should not be specialized with bool,A18-1-2,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-28-3-1,Yes,Required,Undecidable,System,Predicates shall not have persistent side effects,A25-1-1,,Easy, cpp,MISRA-C++-2023,RULE-28-6-1,Yes,Required,Decidable,Single Translation Unit,The argument to std::move shall be a non-const lvalue,A18-9-3,,Easy, -cpp,MISRA-C++-2023,RULE-28-6-2,Yes,Required,Decidable,Single Translation Unit,Forwarding references and std::forward shall be used together,A18-9-2,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-28-6-2,Yes,Required,Decidable,Single Translation Unit,Forwarding references and std::forward shall be used together,A18-9-2,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-28-6-3,Yes,Required,Decidable,Single Translation Unit,An object shall not be used while in a potentially moved-from state,A12-8-3,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-28-6-4,Yes,Required,Decidable,Single Translation Unit,"The result of std::remove, std::remove_if, std::unique and empty shall be used",,,Easy, -cpp,MISRA-C++-2023,RULE-30-0-1,Yes,Required,Decidable,Single Translation Unit,The C Library input/output functions shall not be used,M27-0-1,ImportMisra23-1,Import, +cpp,MISRA-C++-2023,RULE-30-0-1,Yes,Required,Decidable,Single Translation Unit,The C Library input/output functions shall not be used,M27-0-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-30-0-2,Yes,Required,Undecidable,System,Reads and writes on the same file stream shall be separated by a positioning operation,A27-0-3,ImportMisra23,Import, From 2d8786b0f72b89e1e7a2260bd0934d1022617a4b Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 26 Jun 2024 18:48:40 +0200 Subject: [PATCH 1840/2573] Fix test formatting --- .../test/rules/constlikereturnvalue/test.c | 2 +- .../functionlikemacrosdefined_shared/test.c | 2 +- .../test/rules/constlikereturnvalue/test.cpp | 2 +- .../functionlikemacrosdefined_shared/test.cpp | 2 +- .../test.cpp | 18 +++++++++--------- 5 files changed, 13 insertions(+), 13 deletions(-) diff --git a/c/common/test/rules/constlikereturnvalue/test.c b/c/common/test/rules/constlikereturnvalue/test.c index 35e68b4aa8..e28c05961f 100644 --- a/c/common/test/rules/constlikereturnvalue/test.c +++ b/c/common/test/rules/constlikereturnvalue/test.c @@ -1,9 +1,9 @@ // NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND // CHANGES SHOULD BE REFLECTED THERE AS WELL. #include +#include #include #include -#include void trstr(char *c_str, char orig, char rep) { while (*c_str != '\0') { diff --git a/c/common/test/rules/functionlikemacrosdefined_shared/test.c b/c/common/test/rules/functionlikemacrosdefined_shared/test.c index 0bae4f1c22..ee36549b8d 100644 --- a/c/common/test/rules/functionlikemacrosdefined_shared/test.c +++ b/c/common/test/rules/functionlikemacrosdefined_shared/test.c @@ -15,7 +15,7 @@ #define MY_ASSERT(X) assert(X) // NON_COMPLIANT[FALSE_NEGATIVE] char a1[MACRO2(1, 1) + 6]; -extern int printf_custom(char*, int); +extern int printf_custom(char *, int); int test1; void f() { diff --git a/cpp/common/test/rules/constlikereturnvalue/test.cpp b/cpp/common/test/rules/constlikereturnvalue/test.cpp index af7ecdc2d9..19db17faee 100644 --- a/cpp/common/test/rules/constlikereturnvalue/test.cpp +++ b/cpp/common/test/rules/constlikereturnvalue/test.cpp @@ -1,9 +1,9 @@ // NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C TEST CASE AND // CHANGES SHOULD BE REFLECTED THERE AS WELL. #include +#include #include #include -#include void trstr(char *c_str, char orig, char rep) { while (*c_str != '\0') { diff --git a/cpp/common/test/rules/functionlikemacrosdefined_shared/test.cpp b/cpp/common/test/rules/functionlikemacrosdefined_shared/test.cpp index 99d3b173e0..f39236ca3b 100644 --- a/cpp/common/test/rules/functionlikemacrosdefined_shared/test.cpp +++ b/cpp/common/test/rules/functionlikemacrosdefined_shared/test.cpp @@ -15,7 +15,7 @@ #define MY_ASSERT(X) assert(X) // NON_COMPLIANT[FALSE_NEGATIVE] char a1[MACRO2(1, 1) + 6]; -extern int printf_custom(char*, int); +extern int printf_custom(char *, int); int test1; void f() { diff --git a/cpp/common/test/rules/lowercaselstartsinliteralsuffix_shared/test.cpp b/cpp/common/test/rules/lowercaselstartsinliteralsuffix_shared/test.cpp index 6cbff873ee..27be2a327d 100644 --- a/cpp/common/test/rules/lowercaselstartsinliteralsuffix_shared/test.cpp +++ b/cpp/common/test/rules/lowercaselstartsinliteralsuffix_shared/test.cpp @@ -1,15 +1,15 @@ // NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C TEST CASE AND // CHANGES SHOULD BE REFLECTED THERE AS WELL. int x = false; // COMPLIANT - reported as FP in #319 -int a1 = 0L; // COMPLIANT -int a2 = 0l; // NON_COMPLIANT -int a3 = 0ll; // NON_COMPLIANT -int a4 = 0LL; // COMPLIANT -int a5 = 0uL; // COMPLIANT -int a6 = 0ul; // NON_COMPLIANT -int a7 = 0lu; // NON_COMPLIANT -int a8 = 0Lu; // COMPLIANT -int a9 = 0LU; // COMPLIANT +int a1 = 0L; // COMPLIANT +int a2 = 0l; // NON_COMPLIANT +int a3 = 0ll; // NON_COMPLIANT +int a4 = 0LL; // COMPLIANT +int a5 = 0uL; // COMPLIANT +int a6 = 0ul; // NON_COMPLIANT +int a7 = 0lu; // NON_COMPLIANT +int a8 = 0Lu; // COMPLIANT +int a9 = 0LU; // COMPLIANT long b1 = 0L; // COMPLIANT long b2 = 0l; // NON_COMPLIANT From b784771f3573c8d2b77d23fc2e717fbae4d5aa2a Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 26 Jun 2024 19:04:52 +0200 Subject: [PATCH 1841/2573] Format with `codeql query format` v2.14.6 --- .../ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql | 4 ++-- c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql | 7 +++---- .../ResultOfAnAssignmentOperatorShouldNotBeUsed.ql | 3 ++- c/misra/src/rules/RULE-15-1/GotoStatementUsed.ql | 4 +--- c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql | 4 +--- .../RULE-20-11/MoreThanOneHashOperatorInMacroDefinition.ql | 3 ++- .../rules/RULE-20-12/MacroParameterUsedAsHashOperand.ql | 3 ++- .../OctalAndHexadecimalEscapeSequencesNotTerminated.ql | 3 ++- .../BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql | 3 ++- .../rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql | 3 ++- .../RULE-8-12/ValueImplicitEnumerationConstantNotUnique.ql | 3 ++- .../A12-1-1/ExplicitConstructorBaseClassInitialization.ql | 3 ++- .../A12-8-5/CopyAssignmentAndAMoveHandleSelfAssignment.ql | 3 ++- .../ExplicitSpecializationsOfFunctionTemplatesUsed.ql | 3 ++- cpp/autosar/src/rules/A15-1-2/PointerExceptionObject.ql | 4 +--- cpp/autosar/src/rules/A15-4-2/NoExceptFunctionThrows.ql | 7 +++---- .../src/rules/A18-1-2/VectorboolSpecializationUsed.ql | 3 ++- .../src/rules/A18-9-2/ForwardingValuesToOtherFunctions.ql | 3 ++- cpp/autosar/src/rules/A2-13-1/EscapeSequenceOutsideISO.ql | 4 +--- .../src/rules/A4-10-1/NullPointerConstantNotNullptr.ql | 3 ++- .../A5-10-1/VirtualPointerOnlyComparesToNullptrConstant.ql | 3 ++- cpp/autosar/src/rules/A5-2-4/ReinterpretCastUsed.ql | 4 +--- cpp/autosar/src/rules/A6-6-1/GotoStatementUsed.ql | 4 +--- .../EnumerationUnderlyingBaseTypeNotExplicitlyDefined.ql | 3 ++- .../A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.ql | 3 ++- .../A7-3-1/HiddenInheritedNonOverridableMemberFunction.ql | 3 ++- .../A7-3-1/HiddenInheritedOverridableMemberFunction.ql | 3 ++- cpp/autosar/src/rules/A7-4-1/AsmDeclarationUsed.ql | 4 +--- cpp/autosar/src/rules/A7-5-2/RecursiveFunctions.ql | 7 +++---- .../A8-5-4/ConfusingUseOfInitializerListConstructors.ql | 3 ++- .../M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtual.ql | 3 ++- .../DynamicTypeOfThisUsedFromConstructorOrDestructor.ql | 3 ++- .../M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.ql | 3 ++- .../M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.ql | 3 ++- cpp/autosar/src/rules/M15-1-3/EmptyThrowOutsideCatch.ql | 4 +--- cpp/autosar/src/rules/M18-2-1/MacroOffsetofUsed.ql | 4 +--- cpp/autosar/src/rules/M18-7-1/CsignalFunctionsUsed.ql | 4 +--- cpp/autosar/src/rules/M18-7-1/CsignalTypesUsed.ql | 4 +--- cpp/autosar/src/rules/M2-13-2/UseOfNonZeroOctalLiteral.ql | 4 +--- cpp/autosar/src/rules/M2-13-3/MissingUSuffix.ql | 4 +--- .../src/rules/M2-7-1/SlashStarUsedWithinACStyleComment.ql | 3 ++- cpp/autosar/src/rules/M27-0-1/CstdioFunctionsUsed.ql | 4 +--- cpp/autosar/src/rules/M27-0-1/CstdioMacrosUsed.ql | 4 +--- cpp/autosar/src/rules/M27-0-1/CstdioTypesUsed.ql | 4 +--- .../IdentifierPassedAsFunctionArgumentDecayToAPointer.ql | 3 ++- .../src/rules/M5-2-6/CastNotConvertPointerToFunction.ql | 3 ++- .../UnaryMinusOperatorAppliedToAnUnsignedExpression.ql | 3 ++- cpp/autosar/src/rules/M6-3-1/LoopCompoundCondition.ql | 4 +--- cpp/autosar/src/rules/M6-3-1/SwitchCompoundCondition.ql | 4 +--- .../IdentifierMainUsedForAFunctionOtherThanGlobalMain.ql | 3 ++- .../rules/M7-5-1/FunctionReturnAutomaticVarCondition.ql | 3 ++- .../src/rules/M8-0-1/MultipleGlobalOrMemberDeclarators.ql | 3 ++- cpp/autosar/src/rules/M8-0-1/MultipleLocalDeclarators.ql | 4 +--- .../VirtualFunctionParametersUseSameDefaultArguments.ql | 3 ++- .../AddressOfOperatorOverloaded_shared.qll | 4 ++-- .../EnumerationNotDefinedWithAnExplicitUnderlyingType.qll | 4 ++-- .../macrooffsetofused_shared/MacroOffsetofUsed_shared.qll | 6 ++++-- .../DefinitionNotConsideredForUnqualifiedLookup_shared.ql | 4 ++-- .../HiddenInheritedNonOverridableMemberFunction_shared.ql | 4 ++-- .../NameNotReferredUsingAQualifiedIdOrThisAudit_shared.ql | 4 ++-- .../ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql | 4 ++-- .../CopyAndMoveAssignmentsShallHandleSelfAssignment.ql | 3 ++- .../RULE-10-0-1/UseSingleGlobalOrMemberDeclarators.ql | 3 ++- .../src/rules/RULE-10-0-1/UseSingleLocalDeclarators.ql | 4 +--- .../EnumerationNotDefinedWithAnExplicitUnderlyingType.ql | 3 ++- .../RULE-12-2-2/BitFieldShallHaveAnAppropriateType.ql | 3 ++- .../SignedIntegerNamedBitFieldHaveALengthOfOneBit.ql | 3 ++- .../RULE-13-1-2/VirtualAndNonVirtualClassInTheHierarchy.ql | 3 ++- .../OverridingShallSpecifyDifferentDefaultArguments.ql | 3 ++- .../PotentiallyVirtualPointerOnlyComparesToNullptr.ql | 3 ++- .../ObjectsDynamicTypeUsedFromConstructorOrDestructor.ql | 3 ++- .../rules/RULE-15-1-2/InitializeAllVirtualBaseClasses.ql | 3 ++- .../InitializerListConstructorIsTheOnlyConstructor.ql | 3 ++- .../RULE-17-8-1/FunctionTemplatesExplicitlySpecialized.ql | 3 ++- .../rules/RULE-18-1-2/EmptyThrowOnlyWithinACatchHandler.ql | 3 ++- .../NoexceptFunctionShouldNotPropagateToTheCaller.ql | 3 ++- .../src/rules/RULE-19-0-2/FunctionLikeMacrosDefined.ql | 4 +--- .../AMixedUseMacroArgumentSubjectToExpansion.ql | 3 ++- cpp/misra/src/rules/RULE-21-10-3/CsignalFacilitiesUsed.ql | 4 +--- .../src/rules/RULE-21-2-1/AtofAtoiAtolAndAtollUsed.ql | 4 +--- .../RULE-21-6-4/GlobalSizedOperatorDeleteShallBeDefined.ql | 3 ++- .../GlobalUnsizedOperatorDeleteShallBeDefined.ql | 3 ++- .../RULE-26-3-1/VectorShouldNotBeSpecializedWithBool.ql | 3 ++- .../ForwardingReferencesAndForwardNotUsedTogether.ql | 3 ++- .../src/rules/RULE-30-0-1/CstdioTypesShallNotBeUsed.ql | 4 +--- .../MemoryOperationsNotSequencedAppropriately.ql | 3 ++- .../src/rules/RULE-5-13-1/BackslashCharacterMisuse.ql | 4 +--- cpp/misra/src/rules/RULE-5-13-3/OctalConstantsUsed.ql | 4 +--- .../UnsignedIntegerLiteralsNotAppropriatelySuffixed.ql | 3 ++- .../rules/RULE-5-13-5/LowercaseLStartsInLiteralSuffix.ql | 3 ++- .../CharacterSequenceUsedWithinACStyleComment.ql | 3 ++- cpp/misra/src/rules/RULE-6-0-4/NonGlobalFunctionMain.ql | 4 +--- .../RULE-6-4-2/InheritedNonOverridableMemberFunction.ql | 3 ++- .../rules/RULE-6-4-2/InheritedOverridableMemberFunction.ql | 3 ++- .../NameShallBeReferredUsingAQualifiedIdOrThis.ql | 3 ++- .../NameShallBeReferredUsingAQualifiedIdOrThisAudit.ql | 3 ++- .../ReturnReferenceOrPointerToAutomaticLocalVariable.ql | 3 ++- .../NullptrNotTheOnlyFormOfTheNullPointerConstant.ql | 3 ++- .../ArrayPassedAsFunctionArgumentDecayToAPointer.ql | 3 ++- .../ResultOfAnAssignmentOperatorShouldNotBeUsed.ql | 3 ++- .../FunctionsCallThemselvesEitherDirectlyOrIndirectly.ql | 3 ++- .../CastsBetweenAPointerToFunctionAndAnyOtherType.ql | 3 ++- .../UnsignedOperationWithConstantOperandsWraps.ql | 3 ++- .../BuiltInUnaryOperatorAppliedToUnsignedExpression.ql | 3 ++- .../src/rules/RULE-9-3-1/LoopBodyCompoundCondition.ql | 4 +--- .../RULE-9-6-2/GotoReferenceALabelInSurroundingBlock.ql | 3 ++- 106 files changed, 189 insertions(+), 179 deletions(-) diff --git a/c/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql b/c/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql index e4928beb62..af3f7697f7 100644 --- a/c/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql +++ b/c/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql @@ -1,5 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.resultofanassignmentoperatorshouldnotbeused_shared.ResultOfAnAssignmentOperatorShouldNotBeUsed_shared -class TestFileQuery extends ResultOfAnAssignmentOperatorShouldNotBeUsed_sharedSharedQuery, TestQuery { -} +class TestFileQuery extends ResultOfAnAssignmentOperatorShouldNotBeUsed_sharedSharedQuery, TestQuery +{ } diff --git a/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql b/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql index ec002e172f..f2517abc21 100644 --- a/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql +++ b/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql @@ -15,8 +15,7 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.memoryoperationsnotsequencedappropriately_shared.MemoryOperationsNotSequencedAppropriately_shared -class UnsequencedSideEffectsQuery extends MemoryOperationsNotSequencedAppropriately_sharedSharedQuery { - UnsequencedSideEffectsQuery() { - this = SideEffects3Package::unsequencedSideEffectsQuery() - } +class UnsequencedSideEffectsQuery extends MemoryOperationsNotSequencedAppropriately_sharedSharedQuery +{ + UnsequencedSideEffectsQuery() { this = SideEffects3Package::unsequencedSideEffectsQuery() } } diff --git a/c/misra/src/rules/RULE-13-4/ResultOfAnAssignmentOperatorShouldNotBeUsed.ql b/c/misra/src/rules/RULE-13-4/ResultOfAnAssignmentOperatorShouldNotBeUsed.ql index 2582518d78..5a105ca27f 100644 --- a/c/misra/src/rules/RULE-13-4/ResultOfAnAssignmentOperatorShouldNotBeUsed.ql +++ b/c/misra/src/rules/RULE-13-4/ResultOfAnAssignmentOperatorShouldNotBeUsed.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.resultofanassignmentoperatorshouldnotbeused_shared.ResultOfAnAssignmentOperatorShouldNotBeUsed_shared -class ResultOfAnAssignmentOperatorShouldNotBeUsedQuery extends ResultOfAnAssignmentOperatorShouldNotBeUsed_sharedSharedQuery { +class ResultOfAnAssignmentOperatorShouldNotBeUsedQuery extends ResultOfAnAssignmentOperatorShouldNotBeUsed_sharedSharedQuery +{ ResultOfAnAssignmentOperatorShouldNotBeUsedQuery() { this = SideEffects1Package::resultOfAnAssignmentOperatorShouldNotBeUsedQuery() } diff --git a/c/misra/src/rules/RULE-15-1/GotoStatementUsed.ql b/c/misra/src/rules/RULE-15-1/GotoStatementUsed.ql index f8862713b0..845d36f798 100644 --- a/c/misra/src/rules/RULE-15-1/GotoStatementUsed.ql +++ b/c/misra/src/rules/RULE-15-1/GotoStatementUsed.ql @@ -16,7 +16,5 @@ import codingstandards.c.misra import codingstandards.cpp.rules.gotostatementshouldnotbeused_shared.GotoStatementShouldNotBeUsed_shared class GotoStatementUsedQuery extends GotoStatementShouldNotBeUsed_sharedSharedQuery { - GotoStatementUsedQuery() { - this = Statements6Package::gotoStatementUsedQuery() - } + GotoStatementUsedQuery() { this = Statements6Package::gotoStatementUsedQuery() } } diff --git a/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql b/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql index 7151e367bc..16f24fd75e 100644 --- a/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql +++ b/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql @@ -17,7 +17,5 @@ import codingstandards.c.misra import codingstandards.cpp.rules.gotoreferencealabelinsurroundingblock_shared.GotoReferenceALabelInSurroundingBlock_shared class GotoLabelBlockConditionQuery extends GotoReferenceALabelInSurroundingBlock_sharedSharedQuery { - GotoLabelBlockConditionQuery() { - this = Statements2Package::gotoLabelBlockConditionQuery() - } + GotoLabelBlockConditionQuery() { this = Statements2Package::gotoLabelBlockConditionQuery() } } diff --git a/c/misra/src/rules/RULE-20-11/MoreThanOneHashOperatorInMacroDefinition.ql b/c/misra/src/rules/RULE-20-11/MoreThanOneHashOperatorInMacroDefinition.ql index c951968506..55aa607723 100644 --- a/c/misra/src/rules/RULE-20-11/MoreThanOneHashOperatorInMacroDefinition.ql +++ b/c/misra/src/rules/RULE-20-11/MoreThanOneHashOperatorInMacroDefinition.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.macroparameterfollowinghash_shared.MacroParameterFollowingHash_shared -class MoreThanOneHashOperatorInMacroDefinitionQuery extends MacroParameterFollowingHash_sharedSharedQuery { +class MoreThanOneHashOperatorInMacroDefinitionQuery extends MacroParameterFollowingHash_sharedSharedQuery +{ MoreThanOneHashOperatorInMacroDefinitionQuery() { this = Preprocessor2Package::moreThanOneHashOperatorInMacroDefinitionQuery() } diff --git a/c/misra/src/rules/RULE-20-12/MacroParameterUsedAsHashOperand.ql b/c/misra/src/rules/RULE-20-12/MacroParameterUsedAsHashOperand.ql index 3730a65ecd..efe083efc0 100644 --- a/c/misra/src/rules/RULE-20-12/MacroParameterUsedAsHashOperand.ql +++ b/c/misra/src/rules/RULE-20-12/MacroParameterUsedAsHashOperand.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.amixedusemacroargumentsubjecttoexpansion_shared.AMixedUseMacroArgumentSubjectToExpansion_shared -class MacroParameterUsedAsHashOperandQuery extends AMixedUseMacroArgumentSubjectToExpansion_sharedSharedQuery { +class MacroParameterUsedAsHashOperandQuery extends AMixedUseMacroArgumentSubjectToExpansion_sharedSharedQuery +{ MacroParameterUsedAsHashOperandQuery() { this = Preprocessor2Package::macroParameterUsedAsHashOperandQuery() } diff --git a/c/misra/src/rules/RULE-4-1/OctalAndHexadecimalEscapeSequencesNotTerminated.ql b/c/misra/src/rules/RULE-4-1/OctalAndHexadecimalEscapeSequencesNotTerminated.ql index 80a4490470..e9d5f7b97c 100644 --- a/c/misra/src/rules/RULE-4-1/OctalAndHexadecimalEscapeSequencesNotTerminated.ql +++ b/c/misra/src/rules/RULE-4-1/OctalAndHexadecimalEscapeSequencesNotTerminated.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.nonterminatedescapesequences_shared.NonTerminatedEscapeSequences_shared -class OctalAndHexadecimalEscapeSequencesNotTerminatedQuery extends NonTerminatedEscapeSequences_sharedSharedQuery { +class OctalAndHexadecimalEscapeSequencesNotTerminatedQuery extends NonTerminatedEscapeSequences_sharedSharedQuery +{ OctalAndHexadecimalEscapeSequencesNotTerminatedQuery() { this = SyntaxPackage::octalAndHexadecimalEscapeSequencesNotTerminatedQuery() } diff --git a/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql b/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql index 932e85087a..aaf7ff68a6 100644 --- a/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql +++ b/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql @@ -14,7 +14,8 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.bitfieldshallhaveanappropriatetype_shared.BitFieldShallHaveAnAppropriateType_shared -class BitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery extends BitFieldShallHaveAnAppropriateType_sharedSharedQuery { +class BitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery extends BitFieldShallHaveAnAppropriateType_sharedSharedQuery +{ BitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery() { this = BitfieldTypesPackage::bitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery() } diff --git a/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql b/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql index 9eb0b672fb..630f60cb92 100644 --- a/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql +++ b/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql @@ -14,7 +14,8 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.namedbitfieldswithsignedintegertype_shared.NamedBitFieldsWithSignedIntegerType_shared -class SingleBitNamedBitFieldsOfASignedTypeQuery extends NamedBitFieldsWithSignedIntegerType_sharedSharedQuery { +class SingleBitNamedBitFieldsOfASignedTypeQuery extends NamedBitFieldsWithSignedIntegerType_sharedSharedQuery +{ SingleBitNamedBitFieldsOfASignedTypeQuery() { this = BitfieldTypesPackage::singleBitNamedBitFieldsOfASignedTypeQuery() } diff --git a/c/misra/src/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.ql b/c/misra/src/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.ql index 91a8a9c021..a2685db53c 100644 --- a/c/misra/src/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.ql +++ b/c/misra/src/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.nonuniqueenumerationconstant_shared.NonUniqueEnumerationConstant_shared -class ValueImplicitEnumerationConstantNotUniqueQuery extends NonUniqueEnumerationConstant_sharedSharedQuery { +class ValueImplicitEnumerationConstantNotUniqueQuery extends NonUniqueEnumerationConstant_sharedSharedQuery +{ ValueImplicitEnumerationConstantNotUniqueQuery() { this = Declarations7Package::valueImplicitEnumerationConstantNotUniqueQuery() } diff --git a/cpp/autosar/src/rules/A12-1-1/ExplicitConstructorBaseClassInitialization.ql b/cpp/autosar/src/rules/A12-1-1/ExplicitConstructorBaseClassInitialization.ql index 2fc8fcd976..e97c540d08 100644 --- a/cpp/autosar/src/rules/A12-1-1/ExplicitConstructorBaseClassInitialization.ql +++ b/cpp/autosar/src/rules/A12-1-1/ExplicitConstructorBaseClassInitialization.ql @@ -18,7 +18,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.initializeallvirtualbaseclasses_shared.InitializeAllVirtualBaseClasses_shared -class ExplicitConstructorBaseClassInitializationQuery extends InitializeAllVirtualBaseClasses_sharedSharedQuery { +class ExplicitConstructorBaseClassInitializationQuery extends InitializeAllVirtualBaseClasses_sharedSharedQuery +{ ExplicitConstructorBaseClassInitializationQuery() { this = InitializationPackage::explicitConstructorBaseClassInitializationQuery() } diff --git a/cpp/autosar/src/rules/A12-8-5/CopyAssignmentAndAMoveHandleSelfAssignment.ql b/cpp/autosar/src/rules/A12-8-5/CopyAssignmentAndAMoveHandleSelfAssignment.ql index 8919a4e46a..789327e5e9 100644 --- a/cpp/autosar/src/rules/A12-8-5/CopyAssignmentAndAMoveHandleSelfAssignment.ql +++ b/cpp/autosar/src/rules/A12-8-5/CopyAssignmentAndAMoveHandleSelfAssignment.ql @@ -19,7 +19,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.copyandmoveassignmentsshallhandleselfassignment_shared.CopyAndMoveAssignmentsShallHandleSelfAssignment_shared -class CopyAssignmentAndAMoveHandleSelfAssignmentQuery extends CopyAndMoveAssignmentsShallHandleSelfAssignment_sharedSharedQuery { +class CopyAssignmentAndAMoveHandleSelfAssignmentQuery extends CopyAndMoveAssignmentsShallHandleSelfAssignment_sharedSharedQuery +{ CopyAssignmentAndAMoveHandleSelfAssignmentQuery() { this = OperatorInvariantsPackage::copyAssignmentAndAMoveHandleSelfAssignmentQuery() } diff --git a/cpp/autosar/src/rules/A14-8-2/ExplicitSpecializationsOfFunctionTemplatesUsed.ql b/cpp/autosar/src/rules/A14-8-2/ExplicitSpecializationsOfFunctionTemplatesUsed.ql index f2cbecb7dc..9f6063d568 100644 --- a/cpp/autosar/src/rules/A14-8-2/ExplicitSpecializationsOfFunctionTemplatesUsed.ql +++ b/cpp/autosar/src/rules/A14-8-2/ExplicitSpecializationsOfFunctionTemplatesUsed.ql @@ -18,7 +18,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.functiontemplatesexplicitlyspecialized_shared.FunctionTemplatesExplicitlySpecialized_shared -class ExplicitSpecializationsOfFunctionTemplatesUsedQuery extends FunctionTemplatesExplicitlySpecialized_sharedSharedQuery { +class ExplicitSpecializationsOfFunctionTemplatesUsedQuery extends FunctionTemplatesExplicitlySpecialized_sharedSharedQuery +{ ExplicitSpecializationsOfFunctionTemplatesUsedQuery() { this = TemplatesPackage::explicitSpecializationsOfFunctionTemplatesUsedQuery() } diff --git a/cpp/autosar/src/rules/A15-1-2/PointerExceptionObject.ql b/cpp/autosar/src/rules/A15-1-2/PointerExceptionObject.ql index 1747d1245c..3187174576 100644 --- a/cpp/autosar/src/rules/A15-1-2/PointerExceptionObject.ql +++ b/cpp/autosar/src/rules/A15-1-2/PointerExceptionObject.ql @@ -18,7 +18,5 @@ import codingstandards.cpp.autosar import codingstandards.cpp.rules.exceptionobjecthavepointertype_shared.ExceptionObjectHavePointerType_shared class PointerExceptionObjectQuery extends ExceptionObjectHavePointerType_sharedSharedQuery { - PointerExceptionObjectQuery() { - this = Exceptions1Package::pointerExceptionObjectQuery() - } + PointerExceptionObjectQuery() { this = Exceptions1Package::pointerExceptionObjectQuery() } } diff --git a/cpp/autosar/src/rules/A15-4-2/NoExceptFunctionThrows.ql b/cpp/autosar/src/rules/A15-4-2/NoExceptFunctionThrows.ql index 4197e5f7dd..3c32b3970f 100644 --- a/cpp/autosar/src/rules/A15-4-2/NoExceptFunctionThrows.ql +++ b/cpp/autosar/src/rules/A15-4-2/NoExceptFunctionThrows.ql @@ -17,8 +17,7 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.noexceptfunctionshouldnotpropagatetothecaller_shared.NoexceptFunctionShouldNotPropagateToTheCaller_shared -class NoExceptFunctionThrowsQuery extends NoexceptFunctionShouldNotPropagateToTheCaller_sharedSharedQuery { - NoExceptFunctionThrowsQuery() { - this = Exceptions1Package::noExceptFunctionThrowsQuery() - } +class NoExceptFunctionThrowsQuery extends NoexceptFunctionShouldNotPropagateToTheCaller_sharedSharedQuery +{ + NoExceptFunctionThrowsQuery() { this = Exceptions1Package::noExceptFunctionThrowsQuery() } } diff --git a/cpp/autosar/src/rules/A18-1-2/VectorboolSpecializationUsed.ql b/cpp/autosar/src/rules/A18-1-2/VectorboolSpecializationUsed.ql index 9b4855fc8f..36a4a448a7 100644 --- a/cpp/autosar/src/rules/A18-1-2/VectorboolSpecializationUsed.ql +++ b/cpp/autosar/src/rules/A18-1-2/VectorboolSpecializationUsed.ql @@ -19,7 +19,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.vectorshouldnotbespecializedwithbool_shared.VectorShouldNotBeSpecializedWithBool_shared -class VectorboolSpecializationUsedQuery extends VectorShouldNotBeSpecializedWithBool_sharedSharedQuery { +class VectorboolSpecializationUsedQuery extends VectorShouldNotBeSpecializedWithBool_sharedSharedQuery +{ VectorboolSpecializationUsedQuery() { this = BannedTypesPackage::vectorboolSpecializationUsedQuery() } diff --git a/cpp/autosar/src/rules/A18-9-2/ForwardingValuesToOtherFunctions.ql b/cpp/autosar/src/rules/A18-9-2/ForwardingValuesToOtherFunctions.ql index 105e1e1289..02c46fe544 100644 --- a/cpp/autosar/src/rules/A18-9-2/ForwardingValuesToOtherFunctions.ql +++ b/cpp/autosar/src/rules/A18-9-2/ForwardingValuesToOtherFunctions.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.forwardingreferencesandforwardnotusedtogether_shared.ForwardingReferencesAndForwardNotUsedTogether_shared -class ForwardingValuesToOtherFunctionsQuery extends ForwardingReferencesAndForwardNotUsedTogether_sharedSharedQuery { +class ForwardingValuesToOtherFunctionsQuery extends ForwardingReferencesAndForwardNotUsedTogether_sharedSharedQuery +{ ForwardingValuesToOtherFunctionsQuery() { this = MoveForwardPackage::forwardingValuesToOtherFunctionsQuery() } diff --git a/cpp/autosar/src/rules/A2-13-1/EscapeSequenceOutsideISO.ql b/cpp/autosar/src/rules/A2-13-1/EscapeSequenceOutsideISO.ql index 5649c9765a..0c1ffe818a 100644 --- a/cpp/autosar/src/rules/A2-13-1/EscapeSequenceOutsideISO.ql +++ b/cpp/autosar/src/rules/A2-13-1/EscapeSequenceOutsideISO.ql @@ -19,7 +19,5 @@ import codingstandards.cpp.autosar import codingstandards.cpp.rules.backslashcharactermisuse_shared.BackslashCharacterMisuse_shared class EscapeSequenceOutsideISOQuery extends BackslashCharacterMisuse_sharedSharedQuery { - EscapeSequenceOutsideISOQuery() { - this = LiteralsPackage::escapeSequenceOutsideISOQuery() - } + EscapeSequenceOutsideISOQuery() { this = LiteralsPackage::escapeSequenceOutsideISOQuery() } } diff --git a/cpp/autosar/src/rules/A4-10-1/NullPointerConstantNotNullptr.ql b/cpp/autosar/src/rules/A4-10-1/NullPointerConstantNotNullptr.ql index dd23f6a03b..577a1646c6 100644 --- a/cpp/autosar/src/rules/A4-10-1/NullPointerConstantNotNullptr.ql +++ b/cpp/autosar/src/rules/A4-10-1/NullPointerConstantNotNullptr.ql @@ -18,7 +18,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.nullptrnottheonlyformofthenullpointerconstant_shared.NullptrNotTheOnlyFormOfTheNullPointerConstant_shared -class NullPointerConstantNotNullptrQuery extends NullptrNotTheOnlyFormOfTheNullPointerConstant_sharedSharedQuery { +class NullPointerConstantNotNullptrQuery extends NullptrNotTheOnlyFormOfTheNullPointerConstant_sharedSharedQuery +{ NullPointerConstantNotNullptrQuery() { this = LiteralsPackage::nullPointerConstantNotNullptrQuery() } diff --git a/cpp/autosar/src/rules/A5-10-1/VirtualPointerOnlyComparesToNullptrConstant.ql b/cpp/autosar/src/rules/A5-10-1/VirtualPointerOnlyComparesToNullptrConstant.ql index efa3d605b3..ee3d47611a 100644 --- a/cpp/autosar/src/rules/A5-10-1/VirtualPointerOnlyComparesToNullptrConstant.ql +++ b/cpp/autosar/src/rules/A5-10-1/VirtualPointerOnlyComparesToNullptrConstant.ql @@ -18,7 +18,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.potentiallyvirtualpointeronlycomparestonullptr_shared.PotentiallyVirtualPointerOnlyComparesToNullptr_shared -class VirtualPointerOnlyComparesToNullptrConstantQuery extends PotentiallyVirtualPointerOnlyComparesToNullptr_sharedSharedQuery { +class VirtualPointerOnlyComparesToNullptrConstantQuery extends PotentiallyVirtualPointerOnlyComparesToNullptr_sharedSharedQuery +{ VirtualPointerOnlyComparesToNullptrConstantQuery() { this = PointersPackage::virtualPointerOnlyComparesToNullptrConstantQuery() } diff --git a/cpp/autosar/src/rules/A5-2-4/ReinterpretCastUsed.ql b/cpp/autosar/src/rules/A5-2-4/ReinterpretCastUsed.ql index 938b0aa36a..4a051167f6 100644 --- a/cpp/autosar/src/rules/A5-2-4/ReinterpretCastUsed.ql +++ b/cpp/autosar/src/rules/A5-2-4/ReinterpretCastUsed.ql @@ -19,7 +19,5 @@ import codingstandards.cpp.autosar import codingstandards.cpp.rules.reinterpretcastused_shared.ReinterpretCastUsed_shared class ReinterpretCastUsedQuery extends ReinterpretCastUsed_sharedSharedQuery { - ReinterpretCastUsedQuery() { - this = BannedSyntaxPackage::reinterpretCastUsedQuery() - } + ReinterpretCastUsedQuery() { this = BannedSyntaxPackage::reinterpretCastUsedQuery() } } diff --git a/cpp/autosar/src/rules/A6-6-1/GotoStatementUsed.ql b/cpp/autosar/src/rules/A6-6-1/GotoStatementUsed.ql index c7c8e16d9a..74042c2dc2 100644 --- a/cpp/autosar/src/rules/A6-6-1/GotoStatementUsed.ql +++ b/cpp/autosar/src/rules/A6-6-1/GotoStatementUsed.ql @@ -19,7 +19,5 @@ import codingstandards.cpp.autosar import codingstandards.cpp.rules.gotostatementshouldnotbeused_shared.GotoStatementShouldNotBeUsed_shared class GotoStatementUsedQuery extends GotoStatementShouldNotBeUsed_sharedSharedQuery { - GotoStatementUsedQuery() { - this = BannedSyntaxPackage::gotoStatementUsedQuery() - } + GotoStatementUsedQuery() { this = BannedSyntaxPackage::gotoStatementUsedQuery() } } diff --git a/cpp/autosar/src/rules/A7-2-2/EnumerationUnderlyingBaseTypeNotExplicitlyDefined.ql b/cpp/autosar/src/rules/A7-2-2/EnumerationUnderlyingBaseTypeNotExplicitlyDefined.ql index 9227c4cc6d..00538a0ada 100644 --- a/cpp/autosar/src/rules/A7-2-2/EnumerationUnderlyingBaseTypeNotExplicitlyDefined.ql +++ b/cpp/autosar/src/rules/A7-2-2/EnumerationUnderlyingBaseTypeNotExplicitlyDefined.ql @@ -19,7 +19,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.enumerationnotdefinedwithanexplicitunderlyingtype_shared.EnumerationNotDefinedWithAnExplicitUnderlyingType_shared -class EnumerationUnderlyingBaseTypeNotExplicitlyDefinedQuery extends EnumerationNotDefinedWithAnExplicitUnderlyingType_sharedSharedQuery { +class EnumerationUnderlyingBaseTypeNotExplicitlyDefinedQuery extends EnumerationNotDefinedWithAnExplicitUnderlyingType_sharedSharedQuery +{ EnumerationUnderlyingBaseTypeNotExplicitlyDefinedQuery() { this = DeclarationsPackage::enumerationUnderlyingBaseTypeNotExplicitlyDefinedQuery() } diff --git a/cpp/autosar/src/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.ql b/cpp/autosar/src/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.ql index 2dd634e971..56e73edce0 100644 --- a/cpp/autosar/src/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.ql +++ b/cpp/autosar/src/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.ql @@ -18,7 +18,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.definitionnotconsideredforunqualifiedlookup_shared.DefinitionNotConsideredForUnqualifiedLookup_shared -class DefinitionNotConsideredForUnqualifiedLookupQuery extends DefinitionNotConsideredForUnqualifiedLookup_sharedSharedQuery { +class DefinitionNotConsideredForUnqualifiedLookupQuery extends DefinitionNotConsideredForUnqualifiedLookup_sharedSharedQuery +{ DefinitionNotConsideredForUnqualifiedLookupQuery() { this = ScopePackage::definitionNotConsideredForUnqualifiedLookupQuery() } diff --git a/cpp/autosar/src/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.ql b/cpp/autosar/src/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.ql index 780a0c0997..76d6ac8f69 100644 --- a/cpp/autosar/src/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.ql +++ b/cpp/autosar/src/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.hiddeninheritednonoverridablememberfunction_shared.HiddenInheritedNonOverridableMemberFunction_shared -class HiddenInheritedNonOverridableMemberFunctionQuery extends HiddenInheritedNonOverridableMemberFunction_sharedSharedQuery { +class HiddenInheritedNonOverridableMemberFunctionQuery extends HiddenInheritedNonOverridableMemberFunction_sharedSharedQuery +{ HiddenInheritedNonOverridableMemberFunctionQuery() { this = ScopePackage::hiddenInheritedNonOverridableMemberFunctionQuery() } diff --git a/cpp/autosar/src/rules/A7-3-1/HiddenInheritedOverridableMemberFunction.ql b/cpp/autosar/src/rules/A7-3-1/HiddenInheritedOverridableMemberFunction.ql index e59a76093e..4f999f160c 100644 --- a/cpp/autosar/src/rules/A7-3-1/HiddenInheritedOverridableMemberFunction.ql +++ b/cpp/autosar/src/rules/A7-3-1/HiddenInheritedOverridableMemberFunction.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.hiddeninheritedoverridablememberfunction_shared.HiddenInheritedOverridableMemberFunction_shared -class HiddenInheritedOverridableMemberFunctionQuery extends HiddenInheritedOverridableMemberFunction_sharedSharedQuery { +class HiddenInheritedOverridableMemberFunctionQuery extends HiddenInheritedOverridableMemberFunction_sharedSharedQuery +{ HiddenInheritedOverridableMemberFunctionQuery() { this = ScopePackage::hiddenInheritedOverridableMemberFunctionQuery() } diff --git a/cpp/autosar/src/rules/A7-4-1/AsmDeclarationUsed.ql b/cpp/autosar/src/rules/A7-4-1/AsmDeclarationUsed.ql index 37521be2b8..71a703e089 100644 --- a/cpp/autosar/src/rules/A7-4-1/AsmDeclarationUsed.ql +++ b/cpp/autosar/src/rules/A7-4-1/AsmDeclarationUsed.ql @@ -18,7 +18,5 @@ import codingstandards.cpp.autosar import codingstandards.cpp.rules.asmdeclarationused_shared.AsmDeclarationUsed_shared class AsmDeclarationUsedQuery extends AsmDeclarationUsed_sharedSharedQuery { - AsmDeclarationUsedQuery() { - this = BannedSyntaxPackage::asmDeclarationUsedQuery() - } + AsmDeclarationUsedQuery() { this = BannedSyntaxPackage::asmDeclarationUsedQuery() } } diff --git a/cpp/autosar/src/rules/A7-5-2/RecursiveFunctions.ql b/cpp/autosar/src/rules/A7-5-2/RecursiveFunctions.ql index 8b9818ab59..bf287b894d 100644 --- a/cpp/autosar/src/rules/A7-5-2/RecursiveFunctions.ql +++ b/cpp/autosar/src/rules/A7-5-2/RecursiveFunctions.ql @@ -18,8 +18,7 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.functionscallthemselveseitherdirectlyorindirectly_shared.FunctionsCallThemselvesEitherDirectlyOrIndirectly_shared -class RecursiveFunctionsQuery extends FunctionsCallThemselvesEitherDirectlyOrIndirectly_sharedSharedQuery { - RecursiveFunctionsQuery() { - this = FunctionsPackage::recursiveFunctionsQuery() - } +class RecursiveFunctionsQuery extends FunctionsCallThemselvesEitherDirectlyOrIndirectly_sharedSharedQuery +{ + RecursiveFunctionsQuery() { this = FunctionsPackage::recursiveFunctionsQuery() } } diff --git a/cpp/autosar/src/rules/A8-5-4/ConfusingUseOfInitializerListConstructors.ql b/cpp/autosar/src/rules/A8-5-4/ConfusingUseOfInitializerListConstructors.ql index 124346a23d..60178e1a2f 100644 --- a/cpp/autosar/src/rules/A8-5-4/ConfusingUseOfInitializerListConstructors.ql +++ b/cpp/autosar/src/rules/A8-5-4/ConfusingUseOfInitializerListConstructors.ql @@ -19,7 +19,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.initializerlistconstructoristheonlyconstructor_shared.InitializerListConstructorIsTheOnlyConstructor_shared -class ConfusingUseOfInitializerListConstructorsQuery extends InitializerListConstructorIsTheOnlyConstructor_sharedSharedQuery { +class ConfusingUseOfInitializerListConstructorsQuery extends InitializerListConstructorIsTheOnlyConstructor_sharedSharedQuery +{ ConfusingUseOfInitializerListConstructorsQuery() { this = InitializationPackage::confusingUseOfInitializerListConstructorsQuery() } diff --git a/cpp/autosar/src/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtual.ql b/cpp/autosar/src/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtual.ql index f9b6a082cf..0f2bd30614 100644 --- a/cpp/autosar/src/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtual.ql +++ b/cpp/autosar/src/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtual.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.virtualandnonvirtualclassinthehierarchy_shared.VirtualAndNonVirtualClassInTheHierarchy_shared -class AccessibleBaseClassBothVirtualAndNonVirtualQuery extends VirtualAndNonVirtualClassInTheHierarchy_sharedSharedQuery { +class AccessibleBaseClassBothVirtualAndNonVirtualQuery extends VirtualAndNonVirtualClassInTheHierarchy_sharedSharedQuery +{ AccessibleBaseClassBothVirtualAndNonVirtualQuery() { this = InheritancePackage::accessibleBaseClassBothVirtualAndNonVirtualQuery() } diff --git a/cpp/autosar/src/rules/M12-1-1/DynamicTypeOfThisUsedFromConstructorOrDestructor.ql b/cpp/autosar/src/rules/M12-1-1/DynamicTypeOfThisUsedFromConstructorOrDestructor.ql index ebca52df84..0f16dc6171 100644 --- a/cpp/autosar/src/rules/M12-1-1/DynamicTypeOfThisUsedFromConstructorOrDestructor.ql +++ b/cpp/autosar/src/rules/M12-1-1/DynamicTypeOfThisUsedFromConstructorOrDestructor.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.objectsdynamictypeusedfromconstructorordestructor_shared.ObjectsDynamicTypeUsedFromConstructorOrDestructor_shared -class DynamicTypeOfThisUsedFromConstructorOrDestructorQuery extends ObjectsDynamicTypeUsedFromConstructorOrDestructor_sharedSharedQuery { +class DynamicTypeOfThisUsedFromConstructorOrDestructorQuery extends ObjectsDynamicTypeUsedFromConstructorOrDestructor_sharedSharedQuery +{ DynamicTypeOfThisUsedFromConstructorOrDestructorQuery() { this = InheritancePackage::dynamicTypeOfThisUsedFromConstructorOrDestructorQuery() } diff --git a/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.ql b/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.ql index 1d4754745c..09cc806c24 100644 --- a/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.ql +++ b/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.ql @@ -18,7 +18,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.namenotreferredusingaqualifiedidorthis_shared.NameNotReferredUsingAQualifiedIdOrThis_shared -class NameNotReferredUsingAQualifiedIdOrThisQuery extends NameNotReferredUsingAQualifiedIdOrThis_sharedSharedQuery { +class NameNotReferredUsingAQualifiedIdOrThisQuery extends NameNotReferredUsingAQualifiedIdOrThis_sharedSharedQuery +{ NameNotReferredUsingAQualifiedIdOrThisQuery() { this = TemplatesPackage::nameNotReferredUsingAQualifiedIdOrThisQuery() } diff --git a/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.ql b/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.ql index 15bacca423..313f82c0d5 100644 --- a/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.ql +++ b/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.ql @@ -18,7 +18,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.namenotreferredusingaqualifiedidorthisaudit_shared.NameNotReferredUsingAQualifiedIdOrThisAudit_shared -class NameNotReferredUsingAQualifiedIdOrThisAuditQuery extends NameNotReferredUsingAQualifiedIdOrThisAudit_sharedSharedQuery { +class NameNotReferredUsingAQualifiedIdOrThisAuditQuery extends NameNotReferredUsingAQualifiedIdOrThisAudit_sharedSharedQuery +{ NameNotReferredUsingAQualifiedIdOrThisAuditQuery() { this = TemplatesPackage::nameNotReferredUsingAQualifiedIdOrThisAuditQuery() } diff --git a/cpp/autosar/src/rules/M15-1-3/EmptyThrowOutsideCatch.ql b/cpp/autosar/src/rules/M15-1-3/EmptyThrowOutsideCatch.ql index a207de0392..d13df36fc5 100644 --- a/cpp/autosar/src/rules/M15-1-3/EmptyThrowOutsideCatch.ql +++ b/cpp/autosar/src/rules/M15-1-3/EmptyThrowOutsideCatch.ql @@ -18,7 +18,5 @@ import codingstandards.cpp.autosar import codingstandards.cpp.rules.emptythrowonlywithinacatchhandler_shared.EmptyThrowOnlyWithinACatchHandler_shared class EmptyThrowOutsideCatchQuery extends EmptyThrowOnlyWithinACatchHandler_sharedSharedQuery { - EmptyThrowOutsideCatchQuery() { - this = Exceptions1Package::emptyThrowOutsideCatchQuery() - } + EmptyThrowOutsideCatchQuery() { this = Exceptions1Package::emptyThrowOutsideCatchQuery() } } diff --git a/cpp/autosar/src/rules/M18-2-1/MacroOffsetofUsed.ql b/cpp/autosar/src/rules/M18-2-1/MacroOffsetofUsed.ql index 75be69c70b..5daa29bd28 100644 --- a/cpp/autosar/src/rules/M18-2-1/MacroOffsetofUsed.ql +++ b/cpp/autosar/src/rules/M18-2-1/MacroOffsetofUsed.ql @@ -18,7 +18,5 @@ import codingstandards.cpp.autosar import codingstandards.cpp.rules.macrooffsetofused_shared.MacroOffsetofUsed_shared class MacroOffsetofUsedQuery extends MacroOffsetofUsed_sharedSharedQuery { - MacroOffsetofUsedQuery() { - this = BannedFunctionsPackage::macroOffsetofUsedQuery() - } + MacroOffsetofUsedQuery() { this = BannedFunctionsPackage::macroOffsetofUsedQuery() } } diff --git a/cpp/autosar/src/rules/M18-7-1/CsignalFunctionsUsed.ql b/cpp/autosar/src/rules/M18-7-1/CsignalFunctionsUsed.ql index 8f176b14af..9f384e60a8 100644 --- a/cpp/autosar/src/rules/M18-7-1/CsignalFunctionsUsed.ql +++ b/cpp/autosar/src/rules/M18-7-1/CsignalFunctionsUsed.ql @@ -19,7 +19,5 @@ import codingstandards.cpp.autosar import codingstandards.cpp.rules.csignalfunctionsused_shared.CsignalFunctionsUsed_shared class CsignalFunctionsUsedQuery extends CsignalFunctionsUsed_sharedSharedQuery { - CsignalFunctionsUsedQuery() { - this = BannedLibrariesPackage::csignalFunctionsUsedQuery() - } + CsignalFunctionsUsedQuery() { this = BannedLibrariesPackage::csignalFunctionsUsedQuery() } } diff --git a/cpp/autosar/src/rules/M18-7-1/CsignalTypesUsed.ql b/cpp/autosar/src/rules/M18-7-1/CsignalTypesUsed.ql index f18a68fea8..cf65c25e91 100644 --- a/cpp/autosar/src/rules/M18-7-1/CsignalTypesUsed.ql +++ b/cpp/autosar/src/rules/M18-7-1/CsignalTypesUsed.ql @@ -19,7 +19,5 @@ import codingstandards.cpp.autosar import codingstandards.cpp.rules.csignaltypesused_shared.CsignalTypesUsed_shared class CsignalTypesUsedQuery extends CsignalTypesUsed_sharedSharedQuery { - CsignalTypesUsedQuery() { - this = BannedLibrariesPackage::csignalTypesUsedQuery() - } + CsignalTypesUsedQuery() { this = BannedLibrariesPackage::csignalTypesUsedQuery() } } diff --git a/cpp/autosar/src/rules/M2-13-2/UseOfNonZeroOctalLiteral.ql b/cpp/autosar/src/rules/M2-13-2/UseOfNonZeroOctalLiteral.ql index 81d293b43f..6f82348233 100644 --- a/cpp/autosar/src/rules/M2-13-2/UseOfNonZeroOctalLiteral.ql +++ b/cpp/autosar/src/rules/M2-13-2/UseOfNonZeroOctalLiteral.ql @@ -19,7 +19,5 @@ import codingstandards.cpp.autosar import codingstandards.cpp.rules.useofnonzerooctalliteral_shared.UseOfNonZeroOctalLiteral_shared class UseOfNonZeroOctalLiteralQuery extends UseOfNonZeroOctalLiteral_sharedSharedQuery { - UseOfNonZeroOctalLiteralQuery() { - this = LiteralsPackage::useOfNonZeroOctalLiteralQuery() - } + UseOfNonZeroOctalLiteralQuery() { this = LiteralsPackage::useOfNonZeroOctalLiteralQuery() } } diff --git a/cpp/autosar/src/rules/M2-13-3/MissingUSuffix.ql b/cpp/autosar/src/rules/M2-13-3/MissingUSuffix.ql index 6b5fe3e0ae..95c97deab6 100644 --- a/cpp/autosar/src/rules/M2-13-3/MissingUSuffix.ql +++ b/cpp/autosar/src/rules/M2-13-3/MissingUSuffix.ql @@ -21,7 +21,5 @@ import codingstandards.cpp.autosar import codingstandards.cpp.rules.unsignedintegerliteralsnotappropriatelysuffixed_shared.UnsignedIntegerLiteralsNotAppropriatelySuffixed_shared class MissingUSuffixQuery extends UnsignedIntegerLiteralsNotAppropriatelySuffixed_sharedSharedQuery { - MissingUSuffixQuery() { - this = LiteralsPackage::missingUSuffixQuery() - } + MissingUSuffixQuery() { this = LiteralsPackage::missingUSuffixQuery() } } diff --git a/cpp/autosar/src/rules/M2-7-1/SlashStarUsedWithinACStyleComment.ql b/cpp/autosar/src/rules/M2-7-1/SlashStarUsedWithinACStyleComment.ql index db23f3fb0b..4d61dc8088 100644 --- a/cpp/autosar/src/rules/M2-7-1/SlashStarUsedWithinACStyleComment.ql +++ b/cpp/autosar/src/rules/M2-7-1/SlashStarUsedWithinACStyleComment.ql @@ -18,7 +18,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.charactersequenceusedwithinacstylecomment_shared.CharacterSequenceUsedWithinACStyleComment_shared -class SlashStarUsedWithinACStyleCommentQuery extends CharacterSequenceUsedWithinACStyleComment_sharedSharedQuery { +class SlashStarUsedWithinACStyleCommentQuery extends CharacterSequenceUsedWithinACStyleComment_sharedSharedQuery +{ SlashStarUsedWithinACStyleCommentQuery() { this = CommentsPackage::slashStarUsedWithinACStyleCommentQuery() } diff --git a/cpp/autosar/src/rules/M27-0-1/CstdioFunctionsUsed.ql b/cpp/autosar/src/rules/M27-0-1/CstdioFunctionsUsed.ql index 6868a8047a..e5b83633e2 100644 --- a/cpp/autosar/src/rules/M27-0-1/CstdioFunctionsUsed.ql +++ b/cpp/autosar/src/rules/M27-0-1/CstdioFunctionsUsed.ql @@ -20,7 +20,5 @@ import codingstandards.cpp.autosar import codingstandards.cpp.rules.cstdiofunctionsused_shared.CstdioFunctionsUsed_shared class CstdioFunctionsUsedQuery extends CstdioFunctionsUsed_sharedSharedQuery { - CstdioFunctionsUsedQuery() { - this = BannedLibrariesPackage::cstdioFunctionsUsedQuery() - } + CstdioFunctionsUsedQuery() { this = BannedLibrariesPackage::cstdioFunctionsUsedQuery() } } diff --git a/cpp/autosar/src/rules/M27-0-1/CstdioMacrosUsed.ql b/cpp/autosar/src/rules/M27-0-1/CstdioMacrosUsed.ql index a44ea3dd26..88bb148e65 100644 --- a/cpp/autosar/src/rules/M27-0-1/CstdioMacrosUsed.ql +++ b/cpp/autosar/src/rules/M27-0-1/CstdioMacrosUsed.ql @@ -20,7 +20,5 @@ import codingstandards.cpp.autosar import codingstandards.cpp.rules.cstdiomacrosused_shared.CstdioMacrosUsed_shared class CstdioMacrosUsedQuery extends CstdioMacrosUsed_sharedSharedQuery { - CstdioMacrosUsedQuery() { - this = BannedLibrariesPackage::cstdioMacrosUsedQuery() - } + CstdioMacrosUsedQuery() { this = BannedLibrariesPackage::cstdioMacrosUsedQuery() } } diff --git a/cpp/autosar/src/rules/M27-0-1/CstdioTypesUsed.ql b/cpp/autosar/src/rules/M27-0-1/CstdioTypesUsed.ql index f939370984..82bdbe6ac2 100644 --- a/cpp/autosar/src/rules/M27-0-1/CstdioTypesUsed.ql +++ b/cpp/autosar/src/rules/M27-0-1/CstdioTypesUsed.ql @@ -20,7 +20,5 @@ import codingstandards.cpp.autosar import codingstandards.cpp.rules.cstdiotypesused_shared.CstdioTypesUsed_shared class CstdioTypesUsedQuery extends CstdioTypesUsed_sharedSharedQuery { - CstdioTypesUsedQuery() { - this = BannedLibrariesPackage::cstdioTypesUsedQuery() - } + CstdioTypesUsedQuery() { this = BannedLibrariesPackage::cstdioTypesUsedQuery() } } diff --git a/cpp/autosar/src/rules/M5-2-12/IdentifierPassedAsFunctionArgumentDecayToAPointer.ql b/cpp/autosar/src/rules/M5-2-12/IdentifierPassedAsFunctionArgumentDecayToAPointer.ql index 25472efad7..14fd286a44 100644 --- a/cpp/autosar/src/rules/M5-2-12/IdentifierPassedAsFunctionArgumentDecayToAPointer.ql +++ b/cpp/autosar/src/rules/M5-2-12/IdentifierPassedAsFunctionArgumentDecayToAPointer.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.arraypassedasfunctionargumentdecaytoapointer_shared.ArrayPassedAsFunctionArgumentDecayToAPointer_shared -class IdentifierPassedAsFunctionArgumentDecayToAPointerQuery extends ArrayPassedAsFunctionArgumentDecayToAPointer_sharedSharedQuery { +class IdentifierPassedAsFunctionArgumentDecayToAPointerQuery extends ArrayPassedAsFunctionArgumentDecayToAPointer_sharedSharedQuery +{ IdentifierPassedAsFunctionArgumentDecayToAPointerQuery() { this = PointersPackage::identifierPassedAsFunctionArgumentDecayToAPointerQuery() } diff --git a/cpp/autosar/src/rules/M5-2-6/CastNotConvertPointerToFunction.ql b/cpp/autosar/src/rules/M5-2-6/CastNotConvertPointerToFunction.ql index 80135df172..50c7914b16 100644 --- a/cpp/autosar/src/rules/M5-2-6/CastNotConvertPointerToFunction.ql +++ b/cpp/autosar/src/rules/M5-2-6/CastNotConvertPointerToFunction.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.castsbetweenapointertofunctionandanyothertype_shared.CastsBetweenAPointerToFunctionAndAnyOtherType_shared -class CastNotConvertPointerToFunctionQuery extends CastsBetweenAPointerToFunctionAndAnyOtherType_sharedSharedQuery { +class CastNotConvertPointerToFunctionQuery extends CastsBetweenAPointerToFunctionAndAnyOtherType_sharedSharedQuery +{ CastNotConvertPointerToFunctionQuery() { this = PointersPackage::castNotConvertPointerToFunctionQuery() } diff --git a/cpp/autosar/src/rules/M5-3-2/UnaryMinusOperatorAppliedToAnUnsignedExpression.ql b/cpp/autosar/src/rules/M5-3-2/UnaryMinusOperatorAppliedToAnUnsignedExpression.ql index b57a309394..0f67d4143f 100644 --- a/cpp/autosar/src/rules/M5-3-2/UnaryMinusOperatorAppliedToAnUnsignedExpression.ql +++ b/cpp/autosar/src/rules/M5-3-2/UnaryMinusOperatorAppliedToAnUnsignedExpression.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.builtinunaryoperatorappliedtounsignedexpression_shared.BuiltInUnaryOperatorAppliedToUnsignedExpression_shared -class UnaryMinusOperatorAppliedToAnUnsignedExpressionQuery extends BuiltInUnaryOperatorAppliedToUnsignedExpression_sharedSharedQuery { +class UnaryMinusOperatorAppliedToAnUnsignedExpressionQuery extends BuiltInUnaryOperatorAppliedToUnsignedExpression_sharedSharedQuery +{ UnaryMinusOperatorAppliedToAnUnsignedExpressionQuery() { this = OperatorsPackage::unaryMinusOperatorAppliedToAnUnsignedExpressionQuery() } diff --git a/cpp/autosar/src/rules/M6-3-1/LoopCompoundCondition.ql b/cpp/autosar/src/rules/M6-3-1/LoopCompoundCondition.ql index d5756cabd9..db71931f80 100644 --- a/cpp/autosar/src/rules/M6-3-1/LoopCompoundCondition.ql +++ b/cpp/autosar/src/rules/M6-3-1/LoopCompoundCondition.ql @@ -19,7 +19,5 @@ import codingstandards.cpp.autosar import codingstandards.cpp.rules.loopcompoundcondition_shared.LoopCompoundCondition_shared class LoopCompoundConditionQuery extends LoopCompoundCondition_sharedSharedQuery { - LoopCompoundConditionQuery() { - this = ConditionalsPackage::loopCompoundConditionQuery() - } + LoopCompoundConditionQuery() { this = ConditionalsPackage::loopCompoundConditionQuery() } } diff --git a/cpp/autosar/src/rules/M6-3-1/SwitchCompoundCondition.ql b/cpp/autosar/src/rules/M6-3-1/SwitchCompoundCondition.ql index 1b8e9839f8..13e9ec067a 100644 --- a/cpp/autosar/src/rules/M6-3-1/SwitchCompoundCondition.ql +++ b/cpp/autosar/src/rules/M6-3-1/SwitchCompoundCondition.ql @@ -19,7 +19,5 @@ import codingstandards.cpp.autosar import codingstandards.cpp.rules.switchcompoundcondition_shared.SwitchCompoundCondition_shared class SwitchCompoundConditionQuery extends SwitchCompoundCondition_sharedSharedQuery { - SwitchCompoundConditionQuery() { - this = ConditionalsPackage::switchCompoundConditionQuery() - } + SwitchCompoundConditionQuery() { this = ConditionalsPackage::switchCompoundConditionQuery() } } diff --git a/cpp/autosar/src/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanGlobalMain.ql b/cpp/autosar/src/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanGlobalMain.ql index d3876527d8..ddcc45356a 100644 --- a/cpp/autosar/src/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanGlobalMain.ql +++ b/cpp/autosar/src/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanGlobalMain.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.nonglobalfunctionmain_shared.NonGlobalFunctionMain_shared -class IdentifierMainUsedForAFunctionOtherThanGlobalMainQuery extends NonGlobalFunctionMain_sharedSharedQuery { +class IdentifierMainUsedForAFunctionOtherThanGlobalMainQuery extends NonGlobalFunctionMain_sharedSharedQuery +{ IdentifierMainUsedForAFunctionOtherThanGlobalMainQuery() { this = NamingPackage::identifierMainUsedForAFunctionOtherThanGlobalMainQuery() } diff --git a/cpp/autosar/src/rules/M7-5-1/FunctionReturnAutomaticVarCondition.ql b/cpp/autosar/src/rules/M7-5-1/FunctionReturnAutomaticVarCondition.ql index bf94412b9a..9fe9a0f945 100644 --- a/cpp/autosar/src/rules/M7-5-1/FunctionReturnAutomaticVarCondition.ql +++ b/cpp/autosar/src/rules/M7-5-1/FunctionReturnAutomaticVarCondition.ql @@ -18,7 +18,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.returnreferenceorpointertoautomaticlocalvariable_shared.ReturnReferenceOrPointerToAutomaticLocalVariable_shared -class FunctionReturnAutomaticVarConditionQuery extends ReturnReferenceOrPointerToAutomaticLocalVariable_sharedSharedQuery { +class FunctionReturnAutomaticVarConditionQuery extends ReturnReferenceOrPointerToAutomaticLocalVariable_sharedSharedQuery +{ FunctionReturnAutomaticVarConditionQuery() { this = FunctionsPackage::functionReturnAutomaticVarConditionQuery() } diff --git a/cpp/autosar/src/rules/M8-0-1/MultipleGlobalOrMemberDeclarators.ql b/cpp/autosar/src/rules/M8-0-1/MultipleGlobalOrMemberDeclarators.ql index d99fcbe48f..cdbc1f6baf 100644 --- a/cpp/autosar/src/rules/M8-0-1/MultipleGlobalOrMemberDeclarators.ql +++ b/cpp/autosar/src/rules/M8-0-1/MultipleGlobalOrMemberDeclarators.ql @@ -18,7 +18,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.multipleglobalormemberdeclarators_shared.MultipleGlobalOrMemberDeclarators_shared -class MultipleGlobalOrMemberDeclaratorsQuery extends MultipleGlobalOrMemberDeclarators_sharedSharedQuery { +class MultipleGlobalOrMemberDeclaratorsQuery extends MultipleGlobalOrMemberDeclarators_sharedSharedQuery +{ MultipleGlobalOrMemberDeclaratorsQuery() { this = InitializationPackage::multipleGlobalOrMemberDeclaratorsQuery() } diff --git a/cpp/autosar/src/rules/M8-0-1/MultipleLocalDeclarators.ql b/cpp/autosar/src/rules/M8-0-1/MultipleLocalDeclarators.ql index a84832ceda..d352bc05aa 100644 --- a/cpp/autosar/src/rules/M8-0-1/MultipleLocalDeclarators.ql +++ b/cpp/autosar/src/rules/M8-0-1/MultipleLocalDeclarators.ql @@ -19,7 +19,5 @@ import codingstandards.cpp.autosar import codingstandards.cpp.rules.multiplelocaldeclarators_shared.MultipleLocalDeclarators_shared class MultipleLocalDeclaratorsQuery extends MultipleLocalDeclarators_sharedSharedQuery { - MultipleLocalDeclaratorsQuery() { - this = InitializationPackage::multipleLocalDeclaratorsQuery() - } + MultipleLocalDeclaratorsQuery() { this = InitializationPackage::multipleLocalDeclaratorsQuery() } } diff --git a/cpp/autosar/src/rules/M8-3-1/VirtualFunctionParametersUseSameDefaultArguments.ql b/cpp/autosar/src/rules/M8-3-1/VirtualFunctionParametersUseSameDefaultArguments.ql index e5908a5520..7b306b2492 100644 --- a/cpp/autosar/src/rules/M8-3-1/VirtualFunctionParametersUseSameDefaultArguments.ql +++ b/cpp/autosar/src/rules/M8-3-1/VirtualFunctionParametersUseSameDefaultArguments.ql @@ -18,7 +18,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.overridingshallspecifydifferentdefaultarguments_shared.OverridingShallSpecifyDifferentDefaultArguments_shared -class VirtualFunctionParametersUseSameDefaultArgumentsQuery extends OverridingShallSpecifyDifferentDefaultArguments_sharedSharedQuery { +class VirtualFunctionParametersUseSameDefaultArgumentsQuery extends OverridingShallSpecifyDifferentDefaultArguments_sharedSharedQuery +{ VirtualFunctionParametersUseSameDefaultArgumentsQuery() { this = VirtualFunctionsPackage::virtualFunctionParametersUseSameDefaultArgumentsQuery() } diff --git a/cpp/common/src/codingstandards/cpp/rules/addressofoperatoroverloaded_shared/AddressOfOperatorOverloaded_shared.qll b/cpp/common/src/codingstandards/cpp/rules/addressofoperatoroverloaded_shared/AddressOfOperatorOverloaded_shared.qll index a187e8bfa8..f210e2aab5 100644 --- a/cpp/common/src/codingstandards/cpp/rules/addressofoperatoroverloaded_shared/AddressOfOperatorOverloaded_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/addressofoperatoroverloaded_shared/AddressOfOperatorOverloaded_shared.qll @@ -12,5 +12,5 @@ abstract class AddressOfOperatorOverloaded_sharedSharedQuery extends Query { } Query getQuery() { result instanceof AddressOfOperatorOverloaded_sharedSharedQuery } query predicate problems(UnaryAddressOfOperator e, string message) { -not isExcluded(e, getQuery()) and message = "The unary & operator overloaded." -} \ No newline at end of file + not isExcluded(e, getQuery()) and message = "The unary & operator overloaded." +} diff --git a/cpp/common/src/codingstandards/cpp/rules/enumerationnotdefinedwithanexplicitunderlyingtype/EnumerationNotDefinedWithAnExplicitUnderlyingType.qll b/cpp/common/src/codingstandards/cpp/rules/enumerationnotdefinedwithanexplicitunderlyingtype/EnumerationNotDefinedWithAnExplicitUnderlyingType.qll index 7b31c00b47..4c35140d00 100644 --- a/cpp/common/src/codingstandards/cpp/rules/enumerationnotdefinedwithanexplicitunderlyingtype/EnumerationNotDefinedWithAnExplicitUnderlyingType.qll +++ b/cpp/common/src/codingstandards/cpp/rules/enumerationnotdefinedwithanexplicitunderlyingtype/EnumerationNotDefinedWithAnExplicitUnderlyingType.qll @@ -11,5 +11,5 @@ abstract class EnumerationNotDefinedWithAnExplicitUnderlyingTypeSharedQuery exte Query getQuery() { result instanceof EnumerationNotDefinedWithAnExplicitUnderlyingTypeSharedQuery } query predicate problems(Element e, string message) { -not isExcluded(e, getQuery()) and message = "" -} \ No newline at end of file + not isExcluded(e, getQuery()) and message = "" +} diff --git a/cpp/common/src/codingstandards/cpp/rules/macrooffsetofused_shared/MacroOffsetofUsed_shared.qll b/cpp/common/src/codingstandards/cpp/rules/macrooffsetofused_shared/MacroOffsetofUsed_shared.qll index 285be72705..090238a1de 100644 --- a/cpp/common/src/codingstandards/cpp/rules/macrooffsetofused_shared/MacroOffsetofUsed_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/macrooffsetofused_shared/MacroOffsetofUsed_shared.qll @@ -11,5 +11,7 @@ abstract class MacroOffsetofUsed_sharedSharedQuery extends Query { } Query getQuery() { result instanceof MacroOffsetofUsed_sharedSharedQuery } query predicate problems(MacroInvocation mi, string message) { -not isExcluded(mi, getQuery()) and mi.getMacroName() = "offsetof" and message = "Use of banned macro " + mi.getMacroName() + "." -} \ No newline at end of file + not isExcluded(mi, getQuery()) and + mi.getMacroName() = "offsetof" and + message = "Use of banned macro " + mi.getMacroName() + "." +} diff --git a/cpp/common/test/rules/definitionnotconsideredforunqualifiedlookup_shared/DefinitionNotConsideredForUnqualifiedLookup_shared.ql b/cpp/common/test/rules/definitionnotconsideredforunqualifiedlookup_shared/DefinitionNotConsideredForUnqualifiedLookup_shared.ql index 852e501f38..97943daa7f 100644 --- a/cpp/common/test/rules/definitionnotconsideredforunqualifiedlookup_shared/DefinitionNotConsideredForUnqualifiedLookup_shared.ql +++ b/cpp/common/test/rules/definitionnotconsideredforunqualifiedlookup_shared/DefinitionNotConsideredForUnqualifiedLookup_shared.ql @@ -1,5 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.definitionnotconsideredforunqualifiedlookup_shared.DefinitionNotConsideredForUnqualifiedLookup_shared -class TestFileQuery extends DefinitionNotConsideredForUnqualifiedLookup_sharedSharedQuery, TestQuery { -} +class TestFileQuery extends DefinitionNotConsideredForUnqualifiedLookup_sharedSharedQuery, TestQuery +{ } diff --git a/cpp/common/test/rules/hiddeninheritednonoverridablememberfunction_shared/HiddenInheritedNonOverridableMemberFunction_shared.ql b/cpp/common/test/rules/hiddeninheritednonoverridablememberfunction_shared/HiddenInheritedNonOverridableMemberFunction_shared.ql index 5e440a4f92..b822664218 100644 --- a/cpp/common/test/rules/hiddeninheritednonoverridablememberfunction_shared/HiddenInheritedNonOverridableMemberFunction_shared.ql +++ b/cpp/common/test/rules/hiddeninheritednonoverridablememberfunction_shared/HiddenInheritedNonOverridableMemberFunction_shared.ql @@ -1,5 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.hiddeninheritednonoverridablememberfunction_shared.HiddenInheritedNonOverridableMemberFunction_shared -class TestFileQuery extends HiddenInheritedNonOverridableMemberFunction_sharedSharedQuery, TestQuery { -} +class TestFileQuery extends HiddenInheritedNonOverridableMemberFunction_sharedSharedQuery, TestQuery +{ } diff --git a/cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit_shared/NameNotReferredUsingAQualifiedIdOrThisAudit_shared.ql b/cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit_shared/NameNotReferredUsingAQualifiedIdOrThisAudit_shared.ql index e5d93d74db..abc15222c5 100644 --- a/cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit_shared/NameNotReferredUsingAQualifiedIdOrThisAudit_shared.ql +++ b/cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit_shared/NameNotReferredUsingAQualifiedIdOrThisAudit_shared.ql @@ -1,5 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.namenotreferredusingaqualifiedidorthisaudit_shared.NameNotReferredUsingAQualifiedIdOrThisAudit_shared -class TestFileQuery extends NameNotReferredUsingAQualifiedIdOrThisAudit_sharedSharedQuery, TestQuery { -} +class TestFileQuery extends NameNotReferredUsingAQualifiedIdOrThisAudit_sharedSharedQuery, TestQuery +{ } diff --git a/cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql b/cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql index e4928beb62..af3f7697f7 100644 --- a/cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql +++ b/cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql @@ -1,5 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.resultofanassignmentoperatorshouldnotbeused_shared.ResultOfAnAssignmentOperatorShouldNotBeUsed_shared -class TestFileQuery extends ResultOfAnAssignmentOperatorShouldNotBeUsed_sharedSharedQuery, TestQuery { -} +class TestFileQuery extends ResultOfAnAssignmentOperatorShouldNotBeUsed_sharedSharedQuery, TestQuery +{ } diff --git a/cpp/misra/src/rules/DIR-15-8-1/CopyAndMoveAssignmentsShallHandleSelfAssignment.ql b/cpp/misra/src/rules/DIR-15-8-1/CopyAndMoveAssignmentsShallHandleSelfAssignment.ql index 4937de01c4..52f876e891 100644 --- a/cpp/misra/src/rules/DIR-15-8-1/CopyAndMoveAssignmentsShallHandleSelfAssignment.ql +++ b/cpp/misra/src/rules/DIR-15-8-1/CopyAndMoveAssignmentsShallHandleSelfAssignment.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.copyandmoveassignmentsshallhandleselfassignment_shared.CopyAndMoveAssignmentsShallHandleSelfAssignment_shared -class CopyAndMoveAssignmentsShallHandleSelfAssignmentQuery extends CopyAndMoveAssignmentsShallHandleSelfAssignment_sharedSharedQuery { +class CopyAndMoveAssignmentsShallHandleSelfAssignmentQuery extends CopyAndMoveAssignmentsShallHandleSelfAssignment_sharedSharedQuery +{ CopyAndMoveAssignmentsShallHandleSelfAssignmentQuery() { this = ImportMisra23Package::copyAndMoveAssignmentsShallHandleSelfAssignmentQuery() } diff --git a/cpp/misra/src/rules/RULE-10-0-1/UseSingleGlobalOrMemberDeclarators.ql b/cpp/misra/src/rules/RULE-10-0-1/UseSingleGlobalOrMemberDeclarators.ql index d135fec871..b8b2bc528b 100644 --- a/cpp/misra/src/rules/RULE-10-0-1/UseSingleGlobalOrMemberDeclarators.ql +++ b/cpp/misra/src/rules/RULE-10-0-1/UseSingleGlobalOrMemberDeclarators.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.multipleglobalormemberdeclarators_shared.MultipleGlobalOrMemberDeclarators_shared -class UseSingleGlobalOrMemberDeclaratorsQuery extends MultipleGlobalOrMemberDeclarators_sharedSharedQuery { +class UseSingleGlobalOrMemberDeclaratorsQuery extends MultipleGlobalOrMemberDeclarators_sharedSharedQuery +{ UseSingleGlobalOrMemberDeclaratorsQuery() { this = ImportMisra23Package::useSingleGlobalOrMemberDeclaratorsQuery() } diff --git a/cpp/misra/src/rules/RULE-10-0-1/UseSingleLocalDeclarators.ql b/cpp/misra/src/rules/RULE-10-0-1/UseSingleLocalDeclarators.ql index 2e0147014d..fcfe438f85 100644 --- a/cpp/misra/src/rules/RULE-10-0-1/UseSingleLocalDeclarators.ql +++ b/cpp/misra/src/rules/RULE-10-0-1/UseSingleLocalDeclarators.ql @@ -18,7 +18,5 @@ import codingstandards.cpp.misra import codingstandards.cpp.rules.multiplelocaldeclarators_shared.MultipleLocalDeclarators_shared class UseSingleLocalDeclaratorsQuery extends MultipleLocalDeclarators_sharedSharedQuery { - UseSingleLocalDeclaratorsQuery() { - this = ImportMisra23Package::useSingleLocalDeclaratorsQuery() - } + UseSingleLocalDeclaratorsQuery() { this = ImportMisra23Package::useSingleLocalDeclaratorsQuery() } } diff --git a/cpp/misra/src/rules/RULE-10-2-1/EnumerationNotDefinedWithAnExplicitUnderlyingType.ql b/cpp/misra/src/rules/RULE-10-2-1/EnumerationNotDefinedWithAnExplicitUnderlyingType.ql index 8b7c05359f..d014d6e119 100644 --- a/cpp/misra/src/rules/RULE-10-2-1/EnumerationNotDefinedWithAnExplicitUnderlyingType.ql +++ b/cpp/misra/src/rules/RULE-10-2-1/EnumerationNotDefinedWithAnExplicitUnderlyingType.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.enumerationnotdefinedwithanexplicitunderlyingtype_shared.EnumerationNotDefinedWithAnExplicitUnderlyingType_shared -class EnumerationNotDefinedWithAnExplicitUnderlyingTypeQuery extends EnumerationNotDefinedWithAnExplicitUnderlyingType_sharedSharedQuery { +class EnumerationNotDefinedWithAnExplicitUnderlyingTypeQuery extends EnumerationNotDefinedWithAnExplicitUnderlyingType_sharedSharedQuery +{ EnumerationNotDefinedWithAnExplicitUnderlyingTypeQuery() { this = ImportMisra23Package::enumerationNotDefinedWithAnExplicitUnderlyingTypeQuery() } diff --git a/cpp/misra/src/rules/RULE-12-2-2/BitFieldShallHaveAnAppropriateType.ql b/cpp/misra/src/rules/RULE-12-2-2/BitFieldShallHaveAnAppropriateType.ql index aa43636010..5006884483 100644 --- a/cpp/misra/src/rules/RULE-12-2-2/BitFieldShallHaveAnAppropriateType.ql +++ b/cpp/misra/src/rules/RULE-12-2-2/BitFieldShallHaveAnAppropriateType.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.bitfieldshallhaveanappropriatetype_shared.BitFieldShallHaveAnAppropriateType_shared -class BitFieldShallHaveAnAppropriateTypeQuery extends BitFieldShallHaveAnAppropriateType_sharedSharedQuery { +class BitFieldShallHaveAnAppropriateTypeQuery extends BitFieldShallHaveAnAppropriateType_sharedSharedQuery +{ BitFieldShallHaveAnAppropriateTypeQuery() { this = ImportMisra23Package::bitFieldShallHaveAnAppropriateTypeQuery() } diff --git a/cpp/misra/src/rules/RULE-12-2-3/SignedIntegerNamedBitFieldHaveALengthOfOneBit.ql b/cpp/misra/src/rules/RULE-12-2-3/SignedIntegerNamedBitFieldHaveALengthOfOneBit.ql index b179bae6e5..0f03fad533 100644 --- a/cpp/misra/src/rules/RULE-12-2-3/SignedIntegerNamedBitFieldHaveALengthOfOneBit.ql +++ b/cpp/misra/src/rules/RULE-12-2-3/SignedIntegerNamedBitFieldHaveALengthOfOneBit.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.namedbitfieldswithsignedintegertype_shared.NamedBitFieldsWithSignedIntegerType_shared -class SignedIntegerNamedBitFieldHaveALengthOfOneBitQuery extends NamedBitFieldsWithSignedIntegerType_sharedSharedQuery { +class SignedIntegerNamedBitFieldHaveALengthOfOneBitQuery extends NamedBitFieldsWithSignedIntegerType_sharedSharedQuery +{ SignedIntegerNamedBitFieldHaveALengthOfOneBitQuery() { this = ImportMisra23Package::signedIntegerNamedBitFieldHaveALengthOfOneBitQuery() } diff --git a/cpp/misra/src/rules/RULE-13-1-2/VirtualAndNonVirtualClassInTheHierarchy.ql b/cpp/misra/src/rules/RULE-13-1-2/VirtualAndNonVirtualClassInTheHierarchy.ql index 88677cf5fa..28d0a4c185 100644 --- a/cpp/misra/src/rules/RULE-13-1-2/VirtualAndNonVirtualClassInTheHierarchy.ql +++ b/cpp/misra/src/rules/RULE-13-1-2/VirtualAndNonVirtualClassInTheHierarchy.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.virtualandnonvirtualclassinthehierarchy_shared.VirtualAndNonVirtualClassInTheHierarchy_shared -class VirtualAndNonVirtualClassInTheHierarchyQuery extends VirtualAndNonVirtualClassInTheHierarchy_sharedSharedQuery { +class VirtualAndNonVirtualClassInTheHierarchyQuery extends VirtualAndNonVirtualClassInTheHierarchy_sharedSharedQuery +{ VirtualAndNonVirtualClassInTheHierarchyQuery() { this = ImportMisra23Package::virtualAndNonVirtualClassInTheHierarchyQuery() } diff --git a/cpp/misra/src/rules/RULE-13-3-2/OverridingShallSpecifyDifferentDefaultArguments.ql b/cpp/misra/src/rules/RULE-13-3-2/OverridingShallSpecifyDifferentDefaultArguments.ql index 2b4b7c1785..f823da6d2d 100644 --- a/cpp/misra/src/rules/RULE-13-3-2/OverridingShallSpecifyDifferentDefaultArguments.ql +++ b/cpp/misra/src/rules/RULE-13-3-2/OverridingShallSpecifyDifferentDefaultArguments.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.overridingshallspecifydifferentdefaultarguments_shared.OverridingShallSpecifyDifferentDefaultArguments_shared -class OverridingShallSpecifyDifferentDefaultArgumentsQuery extends OverridingShallSpecifyDifferentDefaultArguments_sharedSharedQuery { +class OverridingShallSpecifyDifferentDefaultArgumentsQuery extends OverridingShallSpecifyDifferentDefaultArguments_sharedSharedQuery +{ OverridingShallSpecifyDifferentDefaultArgumentsQuery() { this = ImportMisra23Package::overridingShallSpecifyDifferentDefaultArgumentsQuery() } diff --git a/cpp/misra/src/rules/RULE-13-3-4/PotentiallyVirtualPointerOnlyComparesToNullptr.ql b/cpp/misra/src/rules/RULE-13-3-4/PotentiallyVirtualPointerOnlyComparesToNullptr.ql index bf263bac58..0bdfe750ff 100644 --- a/cpp/misra/src/rules/RULE-13-3-4/PotentiallyVirtualPointerOnlyComparesToNullptr.ql +++ b/cpp/misra/src/rules/RULE-13-3-4/PotentiallyVirtualPointerOnlyComparesToNullptr.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.potentiallyvirtualpointeronlycomparestonullptr_shared.PotentiallyVirtualPointerOnlyComparesToNullptr_shared -class PotentiallyVirtualPointerOnlyComparesToNullptrQuery extends PotentiallyVirtualPointerOnlyComparesToNullptr_sharedSharedQuery { +class PotentiallyVirtualPointerOnlyComparesToNullptrQuery extends PotentiallyVirtualPointerOnlyComparesToNullptr_sharedSharedQuery +{ PotentiallyVirtualPointerOnlyComparesToNullptrQuery() { this = ImportMisra23Package::potentiallyVirtualPointerOnlyComparesToNullptrQuery() } diff --git a/cpp/misra/src/rules/RULE-15-1-1/ObjectsDynamicTypeUsedFromConstructorOrDestructor.ql b/cpp/misra/src/rules/RULE-15-1-1/ObjectsDynamicTypeUsedFromConstructorOrDestructor.ql index ab1ad49c71..6b23e7d1ac 100644 --- a/cpp/misra/src/rules/RULE-15-1-1/ObjectsDynamicTypeUsedFromConstructorOrDestructor.ql +++ b/cpp/misra/src/rules/RULE-15-1-1/ObjectsDynamicTypeUsedFromConstructorOrDestructor.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.objectsdynamictypeusedfromconstructorordestructor_shared.ObjectsDynamicTypeUsedFromConstructorOrDestructor_shared -class ObjectsDynamicTypeUsedFromConstructorOrDestructorQuery extends ObjectsDynamicTypeUsedFromConstructorOrDestructor_sharedSharedQuery { +class ObjectsDynamicTypeUsedFromConstructorOrDestructorQuery extends ObjectsDynamicTypeUsedFromConstructorOrDestructor_sharedSharedQuery +{ ObjectsDynamicTypeUsedFromConstructorOrDestructorQuery() { this = ImportMisra23Package::objectsDynamicTypeUsedFromConstructorOrDestructorQuery() } diff --git a/cpp/misra/src/rules/RULE-15-1-2/InitializeAllVirtualBaseClasses.ql b/cpp/misra/src/rules/RULE-15-1-2/InitializeAllVirtualBaseClasses.ql index 78dcd9c474..42a4813086 100644 --- a/cpp/misra/src/rules/RULE-15-1-2/InitializeAllVirtualBaseClasses.ql +++ b/cpp/misra/src/rules/RULE-15-1-2/InitializeAllVirtualBaseClasses.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.initializeallvirtualbaseclasses_shared.InitializeAllVirtualBaseClasses_shared -class InitializeAllVirtualBaseClassesQuery extends InitializeAllVirtualBaseClasses_sharedSharedQuery { +class InitializeAllVirtualBaseClassesQuery extends InitializeAllVirtualBaseClasses_sharedSharedQuery +{ InitializeAllVirtualBaseClassesQuery() { this = ImportMisra23Package::initializeAllVirtualBaseClassesQuery() } diff --git a/cpp/misra/src/rules/RULE-15-1-5/InitializerListConstructorIsTheOnlyConstructor.ql b/cpp/misra/src/rules/RULE-15-1-5/InitializerListConstructorIsTheOnlyConstructor.ql index f2bc05e535..47d17df3ed 100644 --- a/cpp/misra/src/rules/RULE-15-1-5/InitializerListConstructorIsTheOnlyConstructor.ql +++ b/cpp/misra/src/rules/RULE-15-1-5/InitializerListConstructorIsTheOnlyConstructor.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.initializerlistconstructoristheonlyconstructor_shared.InitializerListConstructorIsTheOnlyConstructor_shared -class InitializerListConstructorIsTheOnlyConstructorQuery extends InitializerListConstructorIsTheOnlyConstructor_sharedSharedQuery { +class InitializerListConstructorIsTheOnlyConstructorQuery extends InitializerListConstructorIsTheOnlyConstructor_sharedSharedQuery +{ InitializerListConstructorIsTheOnlyConstructorQuery() { this = ImportMisra23Package::initializerListConstructorIsTheOnlyConstructorQuery() } diff --git a/cpp/misra/src/rules/RULE-17-8-1/FunctionTemplatesExplicitlySpecialized.ql b/cpp/misra/src/rules/RULE-17-8-1/FunctionTemplatesExplicitlySpecialized.ql index fc910377bd..7fd2ecafd2 100644 --- a/cpp/misra/src/rules/RULE-17-8-1/FunctionTemplatesExplicitlySpecialized.ql +++ b/cpp/misra/src/rules/RULE-17-8-1/FunctionTemplatesExplicitlySpecialized.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.functiontemplatesexplicitlyspecialized_shared.FunctionTemplatesExplicitlySpecialized_shared -class FunctionTemplatesExplicitlySpecializedQuery extends FunctionTemplatesExplicitlySpecialized_sharedSharedQuery { +class FunctionTemplatesExplicitlySpecializedQuery extends FunctionTemplatesExplicitlySpecialized_sharedSharedQuery +{ FunctionTemplatesExplicitlySpecializedQuery() { this = ImportMisra23Package::functionTemplatesExplicitlySpecializedQuery() } diff --git a/cpp/misra/src/rules/RULE-18-1-2/EmptyThrowOnlyWithinACatchHandler.ql b/cpp/misra/src/rules/RULE-18-1-2/EmptyThrowOnlyWithinACatchHandler.ql index 77aa45ce72..e37025a0af 100644 --- a/cpp/misra/src/rules/RULE-18-1-2/EmptyThrowOnlyWithinACatchHandler.ql +++ b/cpp/misra/src/rules/RULE-18-1-2/EmptyThrowOnlyWithinACatchHandler.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.emptythrowonlywithinacatchhandler_shared.EmptyThrowOnlyWithinACatchHandler_shared -class EmptyThrowOnlyWithinACatchHandlerQuery extends EmptyThrowOnlyWithinACatchHandler_sharedSharedQuery { +class EmptyThrowOnlyWithinACatchHandlerQuery extends EmptyThrowOnlyWithinACatchHandler_sharedSharedQuery +{ EmptyThrowOnlyWithinACatchHandlerQuery() { this = ImportMisra23Package::emptyThrowOnlyWithinACatchHandlerQuery() } diff --git a/cpp/misra/src/rules/RULE-18-5-1/NoexceptFunctionShouldNotPropagateToTheCaller.ql b/cpp/misra/src/rules/RULE-18-5-1/NoexceptFunctionShouldNotPropagateToTheCaller.ql index d99fbea400..6bea89c4ce 100644 --- a/cpp/misra/src/rules/RULE-18-5-1/NoexceptFunctionShouldNotPropagateToTheCaller.ql +++ b/cpp/misra/src/rules/RULE-18-5-1/NoexceptFunctionShouldNotPropagateToTheCaller.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.noexceptfunctionshouldnotpropagatetothecaller_shared.NoexceptFunctionShouldNotPropagateToTheCaller_shared -class NoexceptFunctionShouldNotPropagateToTheCallerQuery extends NoexceptFunctionShouldNotPropagateToTheCaller_sharedSharedQuery { +class NoexceptFunctionShouldNotPropagateToTheCallerQuery extends NoexceptFunctionShouldNotPropagateToTheCaller_sharedSharedQuery +{ NoexceptFunctionShouldNotPropagateToTheCallerQuery() { this = ImportMisra23Package::noexceptFunctionShouldNotPropagateToTheCallerQuery() } diff --git a/cpp/misra/src/rules/RULE-19-0-2/FunctionLikeMacrosDefined.ql b/cpp/misra/src/rules/RULE-19-0-2/FunctionLikeMacrosDefined.ql index 04ca50994f..6cc143deb9 100644 --- a/cpp/misra/src/rules/RULE-19-0-2/FunctionLikeMacrosDefined.ql +++ b/cpp/misra/src/rules/RULE-19-0-2/FunctionLikeMacrosDefined.ql @@ -16,7 +16,5 @@ import codingstandards.cpp.misra import codingstandards.cpp.rules.functionlikemacrosdefined_shared.FunctionLikeMacrosDefined_shared class FunctionLikeMacrosDefinedQuery extends FunctionLikeMacrosDefined_sharedSharedQuery { - FunctionLikeMacrosDefinedQuery() { - this = ImportMisra23Package::functionLikeMacrosDefinedQuery() - } + FunctionLikeMacrosDefinedQuery() { this = ImportMisra23Package::functionLikeMacrosDefinedQuery() } } diff --git a/cpp/misra/src/rules/RULE-19-3-3/AMixedUseMacroArgumentSubjectToExpansion.ql b/cpp/misra/src/rules/RULE-19-3-3/AMixedUseMacroArgumentSubjectToExpansion.ql index 59fd054720..b97bcd2905 100644 --- a/cpp/misra/src/rules/RULE-19-3-3/AMixedUseMacroArgumentSubjectToExpansion.ql +++ b/cpp/misra/src/rules/RULE-19-3-3/AMixedUseMacroArgumentSubjectToExpansion.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.amixedusemacroargumentsubjecttoexpansion_shared.AMixedUseMacroArgumentSubjectToExpansion_shared -class AMixedUseMacroArgumentSubjectToExpansionQuery extends AMixedUseMacroArgumentSubjectToExpansion_sharedSharedQuery { +class AMixedUseMacroArgumentSubjectToExpansionQuery extends AMixedUseMacroArgumentSubjectToExpansion_sharedSharedQuery +{ AMixedUseMacroArgumentSubjectToExpansionQuery() { this = ImportMisra23Package::aMixedUseMacroArgumentSubjectToExpansionQuery() } diff --git a/cpp/misra/src/rules/RULE-21-10-3/CsignalFacilitiesUsed.ql b/cpp/misra/src/rules/RULE-21-10-3/CsignalFacilitiesUsed.ql index 19edf41394..bff43f25e4 100644 --- a/cpp/misra/src/rules/RULE-21-10-3/CsignalFacilitiesUsed.ql +++ b/cpp/misra/src/rules/RULE-21-10-3/CsignalFacilitiesUsed.ql @@ -18,7 +18,5 @@ import codingstandards.cpp.misra import codingstandards.cpp.rules.csignalfunctionsused_shared.CsignalFunctionsUsed_shared class CsignalFacilitiesUsedQuery extends CsignalFunctionsUsed_sharedSharedQuery { - CsignalFacilitiesUsedQuery() { - this = ImportMisra23Package::csignalFacilitiesUsedQuery() - } + CsignalFacilitiesUsedQuery() { this = ImportMisra23Package::csignalFacilitiesUsedQuery() } } diff --git a/cpp/misra/src/rules/RULE-21-2-1/AtofAtoiAtolAndAtollUsed.ql b/cpp/misra/src/rules/RULE-21-2-1/AtofAtoiAtolAndAtollUsed.ql index a88a29a734..f8cd5c6672 100644 --- a/cpp/misra/src/rules/RULE-21-2-1/AtofAtoiAtolAndAtollUsed.ql +++ b/cpp/misra/src/rules/RULE-21-2-1/AtofAtoiAtolAndAtollUsed.ql @@ -16,7 +16,5 @@ import codingstandards.cpp.misra import codingstandards.cpp.rules.atofatoiatolandatollused_shared.AtofAtoiAtolAndAtollUsed_shared class AtofAtoiAtolAndAtollUsedQuery extends AtofAtoiAtolAndAtollUsed_sharedSharedQuery { - AtofAtoiAtolAndAtollUsedQuery() { - this = ImportMisra23Package::atofAtoiAtolAndAtollUsedQuery() - } + AtofAtoiAtolAndAtollUsedQuery() { this = ImportMisra23Package::atofAtoiAtolAndAtollUsedQuery() } } diff --git a/cpp/misra/src/rules/RULE-21-6-4/GlobalSizedOperatorDeleteShallBeDefined.ql b/cpp/misra/src/rules/RULE-21-6-4/GlobalSizedOperatorDeleteShallBeDefined.ql index 57f993fc7f..800a638580 100644 --- a/cpp/misra/src/rules/RULE-21-6-4/GlobalSizedOperatorDeleteShallBeDefined.ql +++ b/cpp/misra/src/rules/RULE-21-6-4/GlobalSizedOperatorDeleteShallBeDefined.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.globalsizedoperatordeletenotdefined_shared.GlobalSizedOperatorDeleteNotDefined_shared -class GlobalSizedOperatorDeleteShallBeDefinedQuery extends GlobalSizedOperatorDeleteNotDefined_sharedSharedQuery { +class GlobalSizedOperatorDeleteShallBeDefinedQuery extends GlobalSizedOperatorDeleteNotDefined_sharedSharedQuery +{ GlobalSizedOperatorDeleteShallBeDefinedQuery() { this = ImportMisra23Package::globalSizedOperatorDeleteShallBeDefinedQuery() } diff --git a/cpp/misra/src/rules/RULE-21-6-4/GlobalUnsizedOperatorDeleteShallBeDefined.ql b/cpp/misra/src/rules/RULE-21-6-4/GlobalUnsizedOperatorDeleteShallBeDefined.ql index 384926228f..06fd6a4385 100644 --- a/cpp/misra/src/rules/RULE-21-6-4/GlobalUnsizedOperatorDeleteShallBeDefined.ql +++ b/cpp/misra/src/rules/RULE-21-6-4/GlobalUnsizedOperatorDeleteShallBeDefined.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.globalunsizedoperatordeletenotdefined_shared.GlobalUnsizedOperatorDeleteNotDefined_shared -class GlobalUnsizedOperatorDeleteShallBeDefinedQuery extends GlobalUnsizedOperatorDeleteNotDefined_sharedSharedQuery { +class GlobalUnsizedOperatorDeleteShallBeDefinedQuery extends GlobalUnsizedOperatorDeleteNotDefined_sharedSharedQuery +{ GlobalUnsizedOperatorDeleteShallBeDefinedQuery() { this = ImportMisra23Package::globalUnsizedOperatorDeleteShallBeDefinedQuery() } diff --git a/cpp/misra/src/rules/RULE-26-3-1/VectorShouldNotBeSpecializedWithBool.ql b/cpp/misra/src/rules/RULE-26-3-1/VectorShouldNotBeSpecializedWithBool.ql index 7793ec65d0..92e0773e41 100644 --- a/cpp/misra/src/rules/RULE-26-3-1/VectorShouldNotBeSpecializedWithBool.ql +++ b/cpp/misra/src/rules/RULE-26-3-1/VectorShouldNotBeSpecializedWithBool.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.vectorshouldnotbespecializedwithbool_shared.VectorShouldNotBeSpecializedWithBool_shared -class VectorShouldNotBeSpecializedWithBoolQuery extends VectorShouldNotBeSpecializedWithBool_sharedSharedQuery { +class VectorShouldNotBeSpecializedWithBoolQuery extends VectorShouldNotBeSpecializedWithBool_sharedSharedQuery +{ VectorShouldNotBeSpecializedWithBoolQuery() { this = ImportMisra23Package::vectorShouldNotBeSpecializedWithBoolQuery() } diff --git a/cpp/misra/src/rules/RULE-28-6-2/ForwardingReferencesAndForwardNotUsedTogether.ql b/cpp/misra/src/rules/RULE-28-6-2/ForwardingReferencesAndForwardNotUsedTogether.ql index f134fa28d6..27654a32af 100644 --- a/cpp/misra/src/rules/RULE-28-6-2/ForwardingReferencesAndForwardNotUsedTogether.ql +++ b/cpp/misra/src/rules/RULE-28-6-2/ForwardingReferencesAndForwardNotUsedTogether.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.forwardingreferencesandforwardnotusedtogether_shared.ForwardingReferencesAndForwardNotUsedTogether_shared -class ForwardingReferencesAndForwardNotUsedTogetherQuery extends ForwardingReferencesAndForwardNotUsedTogether_sharedSharedQuery { +class ForwardingReferencesAndForwardNotUsedTogetherQuery extends ForwardingReferencesAndForwardNotUsedTogether_sharedSharedQuery +{ ForwardingReferencesAndForwardNotUsedTogetherQuery() { this = ImportMisra23Package::forwardingReferencesAndForwardNotUsedTogetherQuery() } diff --git a/cpp/misra/src/rules/RULE-30-0-1/CstdioTypesShallNotBeUsed.ql b/cpp/misra/src/rules/RULE-30-0-1/CstdioTypesShallNotBeUsed.ql index c80ce69250..351f93106a 100644 --- a/cpp/misra/src/rules/RULE-30-0-1/CstdioTypesShallNotBeUsed.ql +++ b/cpp/misra/src/rules/RULE-30-0-1/CstdioTypesShallNotBeUsed.ql @@ -18,7 +18,5 @@ import codingstandards.cpp.misra import codingstandards.cpp.rules.cstdiotypesused_shared.CstdioTypesUsed_shared class CstdioTypesShallNotBeUsedQuery extends CstdioTypesUsed_sharedSharedQuery { - CstdioTypesShallNotBeUsedQuery() { - this = ImportMisra23Package::cstdioTypesShallNotBeUsedQuery() - } + CstdioTypesShallNotBeUsedQuery() { this = ImportMisra23Package::cstdioTypesShallNotBeUsedQuery() } } diff --git a/cpp/misra/src/rules/RULE-4-6-1/MemoryOperationsNotSequencedAppropriately.ql b/cpp/misra/src/rules/RULE-4-6-1/MemoryOperationsNotSequencedAppropriately.ql index 0bcda339bd..8d306afea7 100644 --- a/cpp/misra/src/rules/RULE-4-6-1/MemoryOperationsNotSequencedAppropriately.ql +++ b/cpp/misra/src/rules/RULE-4-6-1/MemoryOperationsNotSequencedAppropriately.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.memoryoperationsnotsequencedappropriately_shared.MemoryOperationsNotSequencedAppropriately_shared -class MemoryOperationsNotSequencedAppropriatelyQuery extends MemoryOperationsNotSequencedAppropriately_sharedSharedQuery { +class MemoryOperationsNotSequencedAppropriatelyQuery extends MemoryOperationsNotSequencedAppropriately_sharedSharedQuery +{ MemoryOperationsNotSequencedAppropriatelyQuery() { this = ImportMisra23Package::memoryOperationsNotSequencedAppropriatelyQuery() } diff --git a/cpp/misra/src/rules/RULE-5-13-1/BackslashCharacterMisuse.ql b/cpp/misra/src/rules/RULE-5-13-1/BackslashCharacterMisuse.ql index c2612fd71f..b7dc604875 100644 --- a/cpp/misra/src/rules/RULE-5-13-1/BackslashCharacterMisuse.ql +++ b/cpp/misra/src/rules/RULE-5-13-1/BackslashCharacterMisuse.ql @@ -17,7 +17,5 @@ import codingstandards.cpp.misra import codingstandards.cpp.rules.backslashcharactermisuse_shared.BackslashCharacterMisuse_shared class BackslashCharacterMisuseQuery extends BackslashCharacterMisuse_sharedSharedQuery { - BackslashCharacterMisuseQuery() { - this = ImportMisra23Package::backslashCharacterMisuseQuery() - } + BackslashCharacterMisuseQuery() { this = ImportMisra23Package::backslashCharacterMisuseQuery() } } diff --git a/cpp/misra/src/rules/RULE-5-13-3/OctalConstantsUsed.ql b/cpp/misra/src/rules/RULE-5-13-3/OctalConstantsUsed.ql index 816b3439b2..6499155f7e 100644 --- a/cpp/misra/src/rules/RULE-5-13-3/OctalConstantsUsed.ql +++ b/cpp/misra/src/rules/RULE-5-13-3/OctalConstantsUsed.ql @@ -16,7 +16,5 @@ import codingstandards.cpp.misra import codingstandards.cpp.rules.useofnonzerooctalliteral_shared.UseOfNonZeroOctalLiteral_shared class OctalConstantsUsedQuery extends UseOfNonZeroOctalLiteral_sharedSharedQuery { - OctalConstantsUsedQuery() { - this = ImportMisra23Package::octalConstantsUsedQuery() - } + OctalConstantsUsedQuery() { this = ImportMisra23Package::octalConstantsUsedQuery() } } diff --git a/cpp/misra/src/rules/RULE-5-13-4/UnsignedIntegerLiteralsNotAppropriatelySuffixed.ql b/cpp/misra/src/rules/RULE-5-13-4/UnsignedIntegerLiteralsNotAppropriatelySuffixed.ql index 7f3e99bbc9..7cfe38d007 100644 --- a/cpp/misra/src/rules/RULE-5-13-4/UnsignedIntegerLiteralsNotAppropriatelySuffixed.ql +++ b/cpp/misra/src/rules/RULE-5-13-4/UnsignedIntegerLiteralsNotAppropriatelySuffixed.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.unsignedintegerliteralsnotappropriatelysuffixed_shared.UnsignedIntegerLiteralsNotAppropriatelySuffixed_shared -class UnsignedIntegerLiteralsNotAppropriatelySuffixedQuery extends UnsignedIntegerLiteralsNotAppropriatelySuffixed_sharedSharedQuery { +class UnsignedIntegerLiteralsNotAppropriatelySuffixedQuery extends UnsignedIntegerLiteralsNotAppropriatelySuffixed_sharedSharedQuery +{ UnsignedIntegerLiteralsNotAppropriatelySuffixedQuery() { this = ImportMisra23Package::unsignedIntegerLiteralsNotAppropriatelySuffixedQuery() } diff --git a/cpp/misra/src/rules/RULE-5-13-5/LowercaseLStartsInLiteralSuffix.ql b/cpp/misra/src/rules/RULE-5-13-5/LowercaseLStartsInLiteralSuffix.ql index f1d62437fb..5cb88f69da 100644 --- a/cpp/misra/src/rules/RULE-5-13-5/LowercaseLStartsInLiteralSuffix.ql +++ b/cpp/misra/src/rules/RULE-5-13-5/LowercaseLStartsInLiteralSuffix.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.lowercaselstartsinliteralsuffix_shared.LowercaseLStartsInLiteralSuffix_shared -class LowercaseLStartsInLiteralSuffixQuery extends LowercaseLStartsInLiteralSuffix_sharedSharedQuery { +class LowercaseLStartsInLiteralSuffixQuery extends LowercaseLStartsInLiteralSuffix_sharedSharedQuery +{ LowercaseLStartsInLiteralSuffixQuery() { this = ImportMisra23Package::lowercaseLStartsInLiteralSuffixQuery() } diff --git a/cpp/misra/src/rules/RULE-5-7-1/CharacterSequenceUsedWithinACStyleComment.ql b/cpp/misra/src/rules/RULE-5-7-1/CharacterSequenceUsedWithinACStyleComment.ql index 93fc2cfccc..e3b8e7b581 100644 --- a/cpp/misra/src/rules/RULE-5-7-1/CharacterSequenceUsedWithinACStyleComment.ql +++ b/cpp/misra/src/rules/RULE-5-7-1/CharacterSequenceUsedWithinACStyleComment.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.charactersequenceusedwithinacstylecomment_shared.CharacterSequenceUsedWithinACStyleComment_shared -class CharacterSequenceUsedWithinACStyleCommentQuery extends CharacterSequenceUsedWithinACStyleComment_sharedSharedQuery { +class CharacterSequenceUsedWithinACStyleCommentQuery extends CharacterSequenceUsedWithinACStyleComment_sharedSharedQuery +{ CharacterSequenceUsedWithinACStyleCommentQuery() { this = ImportMisra23Package::characterSequenceUsedWithinACStyleCommentQuery() } diff --git a/cpp/misra/src/rules/RULE-6-0-4/NonGlobalFunctionMain.ql b/cpp/misra/src/rules/RULE-6-0-4/NonGlobalFunctionMain.ql index 909a4e2640..810bb42951 100644 --- a/cpp/misra/src/rules/RULE-6-0-4/NonGlobalFunctionMain.ql +++ b/cpp/misra/src/rules/RULE-6-0-4/NonGlobalFunctionMain.ql @@ -17,7 +17,5 @@ import codingstandards.cpp.misra import codingstandards.cpp.rules.nonglobalfunctionmain_shared.NonGlobalFunctionMain_shared class NonGlobalFunctionMainQuery extends NonGlobalFunctionMain_sharedSharedQuery { - NonGlobalFunctionMainQuery() { - this = ImportMisra23Package::nonGlobalFunctionMainQuery() - } + NonGlobalFunctionMainQuery() { this = ImportMisra23Package::nonGlobalFunctionMainQuery() } } diff --git a/cpp/misra/src/rules/RULE-6-4-2/InheritedNonOverridableMemberFunction.ql b/cpp/misra/src/rules/RULE-6-4-2/InheritedNonOverridableMemberFunction.ql index b6c246dc20..03ce1b7c53 100644 --- a/cpp/misra/src/rules/RULE-6-4-2/InheritedNonOverridableMemberFunction.ql +++ b/cpp/misra/src/rules/RULE-6-4-2/InheritedNonOverridableMemberFunction.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.hiddeninheritednonoverridablememberfunction_shared.HiddenInheritedNonOverridableMemberFunction_shared -class InheritedNonOverridableMemberFunctionQuery extends HiddenInheritedNonOverridableMemberFunction_sharedSharedQuery { +class InheritedNonOverridableMemberFunctionQuery extends HiddenInheritedNonOverridableMemberFunction_sharedSharedQuery +{ InheritedNonOverridableMemberFunctionQuery() { this = ImportMisra23Package::inheritedNonOverridableMemberFunctionQuery() } diff --git a/cpp/misra/src/rules/RULE-6-4-2/InheritedOverridableMemberFunction.ql b/cpp/misra/src/rules/RULE-6-4-2/InheritedOverridableMemberFunction.ql index 7212ad840f..d7fda7b940 100644 --- a/cpp/misra/src/rules/RULE-6-4-2/InheritedOverridableMemberFunction.ql +++ b/cpp/misra/src/rules/RULE-6-4-2/InheritedOverridableMemberFunction.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.hiddeninheritedoverridablememberfunction_shared.HiddenInheritedOverridableMemberFunction_shared -class InheritedOverridableMemberFunctionQuery extends HiddenInheritedOverridableMemberFunction_sharedSharedQuery { +class InheritedOverridableMemberFunctionQuery extends HiddenInheritedOverridableMemberFunction_sharedSharedQuery +{ InheritedOverridableMemberFunctionQuery() { this = ImportMisra23Package::inheritedOverridableMemberFunctionQuery() } diff --git a/cpp/misra/src/rules/RULE-6-4-3/NameShallBeReferredUsingAQualifiedIdOrThis.ql b/cpp/misra/src/rules/RULE-6-4-3/NameShallBeReferredUsingAQualifiedIdOrThis.ql index ac7dbcc776..a172b89313 100644 --- a/cpp/misra/src/rules/RULE-6-4-3/NameShallBeReferredUsingAQualifiedIdOrThis.ql +++ b/cpp/misra/src/rules/RULE-6-4-3/NameShallBeReferredUsingAQualifiedIdOrThis.ql @@ -18,7 +18,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.namenotreferredusingaqualifiedidorthis_shared.NameNotReferredUsingAQualifiedIdOrThis_shared -class NameShallBeReferredUsingAQualifiedIdOrThisQuery extends NameNotReferredUsingAQualifiedIdOrThis_sharedSharedQuery { +class NameShallBeReferredUsingAQualifiedIdOrThisQuery extends NameNotReferredUsingAQualifiedIdOrThis_sharedSharedQuery +{ NameShallBeReferredUsingAQualifiedIdOrThisQuery() { this = ImportMisra23Package::nameShallBeReferredUsingAQualifiedIdOrThisQuery() } diff --git a/cpp/misra/src/rules/RULE-6-4-3/NameShallBeReferredUsingAQualifiedIdOrThisAudit.ql b/cpp/misra/src/rules/RULE-6-4-3/NameShallBeReferredUsingAQualifiedIdOrThisAudit.ql index 96da12f90b..238f07d81a 100644 --- a/cpp/misra/src/rules/RULE-6-4-3/NameShallBeReferredUsingAQualifiedIdOrThisAudit.ql +++ b/cpp/misra/src/rules/RULE-6-4-3/NameShallBeReferredUsingAQualifiedIdOrThisAudit.ql @@ -18,7 +18,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.namenotreferredusingaqualifiedidorthisaudit_shared.NameNotReferredUsingAQualifiedIdOrThisAudit_shared -class NameShallBeReferredUsingAQualifiedIdOrThisAuditQuery extends NameNotReferredUsingAQualifiedIdOrThisAudit_sharedSharedQuery { +class NameShallBeReferredUsingAQualifiedIdOrThisAuditQuery extends NameNotReferredUsingAQualifiedIdOrThisAudit_sharedSharedQuery +{ NameShallBeReferredUsingAQualifiedIdOrThisAuditQuery() { this = ImportMisra23Package::nameShallBeReferredUsingAQualifiedIdOrThisAuditQuery() } diff --git a/cpp/misra/src/rules/RULE-6-8-2/ReturnReferenceOrPointerToAutomaticLocalVariable.ql b/cpp/misra/src/rules/RULE-6-8-2/ReturnReferenceOrPointerToAutomaticLocalVariable.ql index 5ee261a0b8..8615cbd25b 100644 --- a/cpp/misra/src/rules/RULE-6-8-2/ReturnReferenceOrPointerToAutomaticLocalVariable.ql +++ b/cpp/misra/src/rules/RULE-6-8-2/ReturnReferenceOrPointerToAutomaticLocalVariable.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.returnreferenceorpointertoautomaticlocalvariable_shared.ReturnReferenceOrPointerToAutomaticLocalVariable_shared -class ReturnReferenceOrPointerToAutomaticLocalVariableQuery extends ReturnReferenceOrPointerToAutomaticLocalVariable_sharedSharedQuery { +class ReturnReferenceOrPointerToAutomaticLocalVariableQuery extends ReturnReferenceOrPointerToAutomaticLocalVariable_sharedSharedQuery +{ ReturnReferenceOrPointerToAutomaticLocalVariableQuery() { this = ImportMisra23Package::returnReferenceOrPointerToAutomaticLocalVariableQuery() } diff --git a/cpp/misra/src/rules/RULE-7-11-1/NullptrNotTheOnlyFormOfTheNullPointerConstant.ql b/cpp/misra/src/rules/RULE-7-11-1/NullptrNotTheOnlyFormOfTheNullPointerConstant.ql index 6566bbd16d..f335c4d357 100644 --- a/cpp/misra/src/rules/RULE-7-11-1/NullptrNotTheOnlyFormOfTheNullPointerConstant.ql +++ b/cpp/misra/src/rules/RULE-7-11-1/NullptrNotTheOnlyFormOfTheNullPointerConstant.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.nullptrnottheonlyformofthenullpointerconstant_shared.NullptrNotTheOnlyFormOfTheNullPointerConstant_shared -class NullptrNotTheOnlyFormOfTheNullPointerConstantQuery extends NullptrNotTheOnlyFormOfTheNullPointerConstant_sharedSharedQuery { +class NullptrNotTheOnlyFormOfTheNullPointerConstantQuery extends NullptrNotTheOnlyFormOfTheNullPointerConstant_sharedSharedQuery +{ NullptrNotTheOnlyFormOfTheNullPointerConstantQuery() { this = ImportMisra23Package::nullptrNotTheOnlyFormOfTheNullPointerConstantQuery() } diff --git a/cpp/misra/src/rules/RULE-7-11-2/ArrayPassedAsFunctionArgumentDecayToAPointer.ql b/cpp/misra/src/rules/RULE-7-11-2/ArrayPassedAsFunctionArgumentDecayToAPointer.ql index dbefbaa845..28a963de3a 100644 --- a/cpp/misra/src/rules/RULE-7-11-2/ArrayPassedAsFunctionArgumentDecayToAPointer.ql +++ b/cpp/misra/src/rules/RULE-7-11-2/ArrayPassedAsFunctionArgumentDecayToAPointer.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.arraypassedasfunctionargumentdecaytoapointer_shared.ArrayPassedAsFunctionArgumentDecayToAPointer_shared -class ArrayPassedAsFunctionArgumentDecayToAPointerQuery extends ArrayPassedAsFunctionArgumentDecayToAPointer_sharedSharedQuery { +class ArrayPassedAsFunctionArgumentDecayToAPointerQuery extends ArrayPassedAsFunctionArgumentDecayToAPointer_sharedSharedQuery +{ ArrayPassedAsFunctionArgumentDecayToAPointerQuery() { this = ImportMisra23Package::arrayPassedAsFunctionArgumentDecayToAPointerQuery() } diff --git a/cpp/misra/src/rules/RULE-8-18-2/ResultOfAnAssignmentOperatorShouldNotBeUsed.ql b/cpp/misra/src/rules/RULE-8-18-2/ResultOfAnAssignmentOperatorShouldNotBeUsed.ql index 56f177e9cd..647c5bd446 100644 --- a/cpp/misra/src/rules/RULE-8-18-2/ResultOfAnAssignmentOperatorShouldNotBeUsed.ql +++ b/cpp/misra/src/rules/RULE-8-18-2/ResultOfAnAssignmentOperatorShouldNotBeUsed.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.resultofanassignmentoperatorshouldnotbeused_shared.ResultOfAnAssignmentOperatorShouldNotBeUsed_shared -class ResultOfAnAssignmentOperatorShouldNotBeUsedQuery extends ResultOfAnAssignmentOperatorShouldNotBeUsed_sharedSharedQuery { +class ResultOfAnAssignmentOperatorShouldNotBeUsedQuery extends ResultOfAnAssignmentOperatorShouldNotBeUsed_sharedSharedQuery +{ ResultOfAnAssignmentOperatorShouldNotBeUsedQuery() { this = ImportMisra23Package::resultOfAnAssignmentOperatorShouldNotBeUsedQuery() } diff --git a/cpp/misra/src/rules/RULE-8-2-10/FunctionsCallThemselvesEitherDirectlyOrIndirectly.ql b/cpp/misra/src/rules/RULE-8-2-10/FunctionsCallThemselvesEitherDirectlyOrIndirectly.ql index bd9da57cc2..c136e8d3cd 100644 --- a/cpp/misra/src/rules/RULE-8-2-10/FunctionsCallThemselvesEitherDirectlyOrIndirectly.ql +++ b/cpp/misra/src/rules/RULE-8-2-10/FunctionsCallThemselvesEitherDirectlyOrIndirectly.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.functionscallthemselveseitherdirectlyorindirectly_shared.FunctionsCallThemselvesEitherDirectlyOrIndirectly_shared -class FunctionsCallThemselvesEitherDirectlyOrIndirectlyQuery extends FunctionsCallThemselvesEitherDirectlyOrIndirectly_sharedSharedQuery { +class FunctionsCallThemselvesEitherDirectlyOrIndirectlyQuery extends FunctionsCallThemselvesEitherDirectlyOrIndirectly_sharedSharedQuery +{ FunctionsCallThemselvesEitherDirectlyOrIndirectlyQuery() { this = ImportMisra23Package::functionsCallThemselvesEitherDirectlyOrIndirectlyQuery() } diff --git a/cpp/misra/src/rules/RULE-8-2-4/CastsBetweenAPointerToFunctionAndAnyOtherType.ql b/cpp/misra/src/rules/RULE-8-2-4/CastsBetweenAPointerToFunctionAndAnyOtherType.ql index b8dcbd2ced..e4b2a2dd3c 100644 --- a/cpp/misra/src/rules/RULE-8-2-4/CastsBetweenAPointerToFunctionAndAnyOtherType.ql +++ b/cpp/misra/src/rules/RULE-8-2-4/CastsBetweenAPointerToFunctionAndAnyOtherType.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.castsbetweenapointertofunctionandanyothertype_shared.CastsBetweenAPointerToFunctionAndAnyOtherType_shared -class CastsBetweenAPointerToFunctionAndAnyOtherTypeQuery extends CastsBetweenAPointerToFunctionAndAnyOtherType_sharedSharedQuery { +class CastsBetweenAPointerToFunctionAndAnyOtherTypeQuery extends CastsBetweenAPointerToFunctionAndAnyOtherType_sharedSharedQuery +{ CastsBetweenAPointerToFunctionAndAnyOtherTypeQuery() { this = ImportMisra23Package::castsBetweenAPointerToFunctionAndAnyOtherTypeQuery() } diff --git a/cpp/misra/src/rules/RULE-8-20-1/UnsignedOperationWithConstantOperandsWraps.ql b/cpp/misra/src/rules/RULE-8-20-1/UnsignedOperationWithConstantOperandsWraps.ql index 6100aa30c4..8676a704c2 100644 --- a/cpp/misra/src/rules/RULE-8-20-1/UnsignedOperationWithConstantOperandsWraps.ql +++ b/cpp/misra/src/rules/RULE-8-20-1/UnsignedOperationWithConstantOperandsWraps.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.unsignedoperationwithconstantoperandswraps_shared.UnsignedOperationWithConstantOperandsWraps_shared -class UnsignedOperationWithConstantOperandsWrapsQuery extends UnsignedOperationWithConstantOperandsWraps_sharedSharedQuery { +class UnsignedOperationWithConstantOperandsWrapsQuery extends UnsignedOperationWithConstantOperandsWraps_sharedSharedQuery +{ UnsignedOperationWithConstantOperandsWrapsQuery() { this = ImportMisra23Package::unsignedOperationWithConstantOperandsWrapsQuery() } diff --git a/cpp/misra/src/rules/RULE-8-3-1/BuiltInUnaryOperatorAppliedToUnsignedExpression.ql b/cpp/misra/src/rules/RULE-8-3-1/BuiltInUnaryOperatorAppliedToUnsignedExpression.ql index 38be9db001..d9b3f7a8fd 100644 --- a/cpp/misra/src/rules/RULE-8-3-1/BuiltInUnaryOperatorAppliedToUnsignedExpression.ql +++ b/cpp/misra/src/rules/RULE-8-3-1/BuiltInUnaryOperatorAppliedToUnsignedExpression.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.builtinunaryoperatorappliedtounsignedexpression_shared.BuiltInUnaryOperatorAppliedToUnsignedExpression_shared -class BuiltInUnaryOperatorAppliedToUnsignedExpressionQuery extends BuiltInUnaryOperatorAppliedToUnsignedExpression_sharedSharedQuery { +class BuiltInUnaryOperatorAppliedToUnsignedExpressionQuery extends BuiltInUnaryOperatorAppliedToUnsignedExpression_sharedSharedQuery +{ BuiltInUnaryOperatorAppliedToUnsignedExpressionQuery() { this = ImportMisra23Package::builtInUnaryOperatorAppliedToUnsignedExpressionQuery() } diff --git a/cpp/misra/src/rules/RULE-9-3-1/LoopBodyCompoundCondition.ql b/cpp/misra/src/rules/RULE-9-3-1/LoopBodyCompoundCondition.ql index 2984d328fd..f2eb867bab 100644 --- a/cpp/misra/src/rules/RULE-9-3-1/LoopBodyCompoundCondition.ql +++ b/cpp/misra/src/rules/RULE-9-3-1/LoopBodyCompoundCondition.ql @@ -19,7 +19,5 @@ import codingstandards.cpp.misra import codingstandards.cpp.rules.loopcompoundcondition_shared.LoopCompoundCondition_shared class LoopBodyCompoundConditionQuery extends LoopCompoundCondition_sharedSharedQuery { - LoopBodyCompoundConditionQuery() { - this = ImportMisra23Package::loopBodyCompoundConditionQuery() - } + LoopBodyCompoundConditionQuery() { this = ImportMisra23Package::loopBodyCompoundConditionQuery() } } diff --git a/cpp/misra/src/rules/RULE-9-6-2/GotoReferenceALabelInSurroundingBlock.ql b/cpp/misra/src/rules/RULE-9-6-2/GotoReferenceALabelInSurroundingBlock.ql index da381e8033..e14281b663 100644 --- a/cpp/misra/src/rules/RULE-9-6-2/GotoReferenceALabelInSurroundingBlock.ql +++ b/cpp/misra/src/rules/RULE-9-6-2/GotoReferenceALabelInSurroundingBlock.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.gotoreferencealabelinsurroundingblock_shared.GotoReferenceALabelInSurroundingBlock_shared -class GotoReferenceALabelInSurroundingBlockQuery extends GotoReferenceALabelInSurroundingBlock_sharedSharedQuery { +class GotoReferenceALabelInSurroundingBlockQuery extends GotoReferenceALabelInSurroundingBlock_sharedSharedQuery +{ GotoReferenceALabelInSurroundingBlockQuery() { this = ImportMisra23Package::gotoReferenceALabelInSurroundingBlockQuery() } From e2590ec753442f997fb03a1ba105547128e2eae0 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 26 Jun 2024 20:09:39 +0200 Subject: [PATCH 1842/2573] Regenerate package files --- ...OfAnAssignmentOperatorShouldNotBeUsed_shared.ql | 4 ++-- .../UseOfNonZeroOctalLiteral_shared.expected | 2 ++ .../UseOfNonZeroOctalLiteral_shared.ql | 4 ++++ .../rules/useofnonzerooctalliteral_shared/test.c | 7 +++++++ .../rules/RULE-7-1/OctalConstantsUsed.expected | 2 -- .../test/rules/RULE-7-1/OctalConstantsUsed.qlref | 1 - c/misra/test/rules/RULE-7-1/test.c | 10 ---------- .../rules/M2-13-2/UseOfNonZeroOctalEscape.expected | 6 ++++++ .../rules/M2-13-2/UseOfNonZeroOctalEscape.qlref | 1 + cpp/autosar/test/rules/M2-13-2/test.cpp | 10 ++++++++++ cpp/common/test/includes/standard-library/ctime | 14 ++++++++++++-- cpp/common/test/includes/standard-library/time.h | 6 +++--- ...tionNotConsideredForUnqualifiedLookup_shared.ql | 4 ++-- ...InheritedNonOverridableMemberFunction_shared.ql | 4 ++-- ...tReferredUsingAQualifiedIdOrThisAudit_shared.ql | 4 ++-- ...OfAnAssignmentOperatorShouldNotBeUsed_shared.ql | 4 ++-- .../UseOfNonZeroOctalLiteral_shared.expected | 4 ++-- .../rules/useofnonzerooctalliteral_shared/test.cpp | 10 ++-------- rule_packages/c/Banned.json | 1 + 19 files changed, 60 insertions(+), 38 deletions(-) create mode 100644 c/common/test/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.expected create mode 100644 c/common/test/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.ql create mode 100644 c/common/test/rules/useofnonzerooctalliteral_shared/test.c delete mode 100644 c/misra/test/rules/RULE-7-1/OctalConstantsUsed.expected delete mode 100644 c/misra/test/rules/RULE-7-1/OctalConstantsUsed.qlref delete mode 100644 c/misra/test/rules/RULE-7-1/test.c create mode 100644 cpp/autosar/test/rules/M2-13-2/UseOfNonZeroOctalEscape.expected create mode 100644 cpp/autosar/test/rules/M2-13-2/UseOfNonZeroOctalEscape.qlref create mode 100644 cpp/autosar/test/rules/M2-13-2/test.cpp diff --git a/c/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql b/c/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql index af3f7697f7..e4928beb62 100644 --- a/c/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql +++ b/c/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql @@ -1,5 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.resultofanassignmentoperatorshouldnotbeused_shared.ResultOfAnAssignmentOperatorShouldNotBeUsed_shared -class TestFileQuery extends ResultOfAnAssignmentOperatorShouldNotBeUsed_sharedSharedQuery, TestQuery -{ } +class TestFileQuery extends ResultOfAnAssignmentOperatorShouldNotBeUsed_sharedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.expected b/c/common/test/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.expected new file mode 100644 index 0000000000..bbd4264069 --- /dev/null +++ b/c/common/test/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.expected @@ -0,0 +1,2 @@ +| test.c:5:3:5:5 | 10 | Non zero octal literal 012. | +| test.c:6:3:6:5 | 44 | Non zero octal literal 054. | diff --git a/c/common/test/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.ql b/c/common/test/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.ql new file mode 100644 index 0000000000..dcd6042639 --- /dev/null +++ b/c/common/test/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.useofnonzerooctalliteral_shared.UseOfNonZeroOctalLiteral_shared + +class TestFileQuery extends UseOfNonZeroOctalLiteral_sharedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/useofnonzerooctalliteral_shared/test.c b/c/common/test/rules/useofnonzerooctalliteral_shared/test.c new file mode 100644 index 0000000000..4fb1e3712d --- /dev/null +++ b/c/common/test/rules/useofnonzerooctalliteral_shared/test.c @@ -0,0 +1,7 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. +void test_non_zero_octal() { + 0; // COMPLIANT - octal literal zero permitted + 012; // NON_COMPLIANT + 054; // NON_COMPLIANT +} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-7-1/OctalConstantsUsed.expected b/c/misra/test/rules/RULE-7-1/OctalConstantsUsed.expected deleted file mode 100644 index deecdf994c..0000000000 --- a/c/misra/test/rules/RULE-7-1/OctalConstantsUsed.expected +++ /dev/null @@ -1,2 +0,0 @@ -| test.c:7:3:7:5 | 10 | Use of banned $@ constant. | test.c:7:3:7:5 | 10 | octal | -| test.c:8:3:8:5 | 44 | Use of banned $@ constant. | test.c:8:3:8:5 | 44 | octal | diff --git a/c/misra/test/rules/RULE-7-1/OctalConstantsUsed.qlref b/c/misra/test/rules/RULE-7-1/OctalConstantsUsed.qlref deleted file mode 100644 index 7d66675dad..0000000000 --- a/c/misra/test/rules/RULE-7-1/OctalConstantsUsed.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-7-1/OctalConstantsUsed.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-7-1/test.c b/c/misra/test/rules/RULE-7-1/test.c deleted file mode 100644 index fb0f2e0d36..0000000000 --- a/c/misra/test/rules/RULE-7-1/test.c +++ /dev/null @@ -1,10 +0,0 @@ -void test_non_zero_octal() { - '\0'; // COMPLIANT - octal zero escape sequence permitted - '\012'; // COMPLIANT - '\054'; // COMPLIANT - '\0149'; // COMPLIANT - 0; // COMPLIANT - octal literal zero permitted - 012; // NON_COMPLIANT - 054; // NON_COMPLIANT - "\0"; // COMPLIANT - octal zero escape sequence permitted -} diff --git a/cpp/autosar/test/rules/M2-13-2/UseOfNonZeroOctalEscape.expected b/cpp/autosar/test/rules/M2-13-2/UseOfNonZeroOctalEscape.expected new file mode 100644 index 0000000000..41ebcf7629 --- /dev/null +++ b/cpp/autosar/test/rules/M2-13-2/UseOfNonZeroOctalEscape.expected @@ -0,0 +1,6 @@ +| test.cpp:3:3:3:8 | 10 | This literal contains the non-zero octal escape code \\012. | +| test.cpp:4:3:4:8 | 44 | This literal contains the non-zero octal escape code \\054. | +| test.cpp:5:3:5:9 | 3129 | This literal contains the non-zero octal escape code \\014. | +| test.cpp:7:3:7:8 | \n | This literal contains the non-zero octal escape code \\012. | +| test.cpp:8:3:8:8 | , | This literal contains the non-zero octal escape code \\054. | +| test.cpp:9:3:9:9 | \u000c9 | This literal contains the non-zero octal escape code \\014. | diff --git a/cpp/autosar/test/rules/M2-13-2/UseOfNonZeroOctalEscape.qlref b/cpp/autosar/test/rules/M2-13-2/UseOfNonZeroOctalEscape.qlref new file mode 100644 index 0000000000..f2ff9c2aef --- /dev/null +++ b/cpp/autosar/test/rules/M2-13-2/UseOfNonZeroOctalEscape.qlref @@ -0,0 +1 @@ +rules/M2-13-2/UseOfNonZeroOctalEscape.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M2-13-2/test.cpp b/cpp/autosar/test/rules/M2-13-2/test.cpp new file mode 100644 index 0000000000..3c7fba30dd --- /dev/null +++ b/cpp/autosar/test/rules/M2-13-2/test.cpp @@ -0,0 +1,10 @@ +void test_non_zero_octal() { + '\0'; // COMPLIANT - octal zero escape sequence permitted + '\012'; // NON_COMPLIANT + '\054'; // NON_COMPLIANT + '\0149'; // NON_COMPLIANT + "\0"; // COMPLIANT - octal zero escape sequence permitted + "\012"; // NON_COMPLIANT + "\054"; // NON_COMPLIANT + "\0149"; // NON_COMPLIANT +} \ No newline at end of file diff --git a/cpp/common/test/includes/standard-library/ctime b/cpp/common/test/includes/standard-library/ctime index 53ab219208..9448e0615e 100644 --- a/cpp/common/test/includes/standard-library/ctime +++ b/cpp/common/test/includes/standard-library/ctime @@ -1,7 +1,17 @@ #ifndef _GHLIBCPP_CTIME #define _GHLIBCPP_CTIME -#include "time.h" +#include namespace std { - +using ::clock_t; +using ::clock; +using ::time_t; +using ::time; +using ::tm; +using ::difftime; +using ::asctime; +using ::ctime; +using ::localtime; +using ::gmtime; +using ::mktime; } // namespace std #endif // _GHLIBCPP_CTIME \ No newline at end of file diff --git a/cpp/common/test/includes/standard-library/time.h b/cpp/common/test/includes/standard-library/time.h index 4c6198589f..cc7ff1673a 100644 --- a/cpp/common/test/includes/standard-library/time.h +++ b/cpp/common/test/includes/standard-library/time.h @@ -1,5 +1,5 @@ -#ifndef _GHLIBCPP_CTIME -#define _GHLIBCPP_CTIME +#ifndef _GHLIBCPP_TIME +#define _GHLIBCPP_TIME typedef unsigned long clock_t; typedef unsigned long time_t; @@ -29,4 +29,4 @@ struct tm *localtime(const time_t *timer); size_t strftime(char *ptr, size_t maxsize, const char *format, const struct tm *timeptr); -#endif \ No newline at end of file +#endif // _GHLIBCPP_TIME \ No newline at end of file diff --git a/cpp/common/test/rules/definitionnotconsideredforunqualifiedlookup_shared/DefinitionNotConsideredForUnqualifiedLookup_shared.ql b/cpp/common/test/rules/definitionnotconsideredforunqualifiedlookup_shared/DefinitionNotConsideredForUnqualifiedLookup_shared.ql index 97943daa7f..852e501f38 100644 --- a/cpp/common/test/rules/definitionnotconsideredforunqualifiedlookup_shared/DefinitionNotConsideredForUnqualifiedLookup_shared.ql +++ b/cpp/common/test/rules/definitionnotconsideredforunqualifiedlookup_shared/DefinitionNotConsideredForUnqualifiedLookup_shared.ql @@ -1,5 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.definitionnotconsideredforunqualifiedlookup_shared.DefinitionNotConsideredForUnqualifiedLookup_shared -class TestFileQuery extends DefinitionNotConsideredForUnqualifiedLookup_sharedSharedQuery, TestQuery -{ } +class TestFileQuery extends DefinitionNotConsideredForUnqualifiedLookup_sharedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/hiddeninheritednonoverridablememberfunction_shared/HiddenInheritedNonOverridableMemberFunction_shared.ql b/cpp/common/test/rules/hiddeninheritednonoverridablememberfunction_shared/HiddenInheritedNonOverridableMemberFunction_shared.ql index b822664218..5e440a4f92 100644 --- a/cpp/common/test/rules/hiddeninheritednonoverridablememberfunction_shared/HiddenInheritedNonOverridableMemberFunction_shared.ql +++ b/cpp/common/test/rules/hiddeninheritednonoverridablememberfunction_shared/HiddenInheritedNonOverridableMemberFunction_shared.ql @@ -1,5 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.hiddeninheritednonoverridablememberfunction_shared.HiddenInheritedNonOverridableMemberFunction_shared -class TestFileQuery extends HiddenInheritedNonOverridableMemberFunction_sharedSharedQuery, TestQuery -{ } +class TestFileQuery extends HiddenInheritedNonOverridableMemberFunction_sharedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit_shared/NameNotReferredUsingAQualifiedIdOrThisAudit_shared.ql b/cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit_shared/NameNotReferredUsingAQualifiedIdOrThisAudit_shared.ql index abc15222c5..e5d93d74db 100644 --- a/cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit_shared/NameNotReferredUsingAQualifiedIdOrThisAudit_shared.ql +++ b/cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit_shared/NameNotReferredUsingAQualifiedIdOrThisAudit_shared.ql @@ -1,5 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.namenotreferredusingaqualifiedidorthisaudit_shared.NameNotReferredUsingAQualifiedIdOrThisAudit_shared -class TestFileQuery extends NameNotReferredUsingAQualifiedIdOrThisAudit_sharedSharedQuery, TestQuery -{ } +class TestFileQuery extends NameNotReferredUsingAQualifiedIdOrThisAudit_sharedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql b/cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql index af3f7697f7..e4928beb62 100644 --- a/cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql +++ b/cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql @@ -1,5 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.resultofanassignmentoperatorshouldnotbeused_shared.ResultOfAnAssignmentOperatorShouldNotBeUsed_shared -class TestFileQuery extends ResultOfAnAssignmentOperatorShouldNotBeUsed_sharedSharedQuery, TestQuery -{ } +class TestFileQuery extends ResultOfAnAssignmentOperatorShouldNotBeUsed_sharedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.expected b/cpp/common/test/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.expected index 8109c107a5..e4280f2f1a 100644 --- a/cpp/common/test/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.expected +++ b/cpp/common/test/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.expected @@ -1,2 +1,2 @@ -| test.cpp:7:3:7:5 | 10 | Non zero octal literal 012. | -| test.cpp:8:3:8:5 | 44 | Non zero octal literal 054. | +| test.cpp:5:3:5:5 | 10 | Non zero octal literal 012. | +| test.cpp:6:3:6:5 | 44 | Non zero octal literal 054. | diff --git a/cpp/common/test/rules/useofnonzerooctalliteral_shared/test.cpp b/cpp/common/test/rules/useofnonzerooctalliteral_shared/test.cpp index a89809d68c..0a914e86ce 100644 --- a/cpp/common/test/rules/useofnonzerooctalliteral_shared/test.cpp +++ b/cpp/common/test/rules/useofnonzerooctalliteral_shared/test.cpp @@ -1,13 +1,7 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. void test_non_zero_octal() { - '\0'; // COMPLIANT - octal zero escape sequence permitted - '\012'; // NON_COMPLIANT - '\054'; // NON_COMPLIANT - '\0149'; // NON_COMPLIANT 0; // COMPLIANT - octal literal zero permitted 012; // NON_COMPLIANT 054; // NON_COMPLIANT - "\0"; // COMPLIANT - octal zero escape sequence permitted - "\012"; // NON_COMPLIANT - "\054"; // NON_COMPLIANT - "\0149"; // NON_COMPLIANT } \ No newline at end of file diff --git a/rule_packages/c/Banned.json b/rule_packages/c/Banned.json index dceb538e97..e68485b970 100644 --- a/rule_packages/c/Banned.json +++ b/rule_packages/c/Banned.json @@ -338,6 +338,7 @@ "precision": "very-high", "severity": "error", "short_name": "OctalConstantsUsed", + "shared_implementation_short_name": "UseOfNonZeroOctalLiteral_shared", "tags": [ "readability", "correctness", From d77ab031e54d1283d1b57c17c881d52a3e312549 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 26 Jun 2024 21:07:11 +0200 Subject: [PATCH 1843/2573] Fix formatting in `generate_package_files.py` --- .../ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql | 4 ++-- c/common/test/rules/useofnonzerooctalliteral_shared/test.c | 6 +++--- .../rules/M7-3-1/GlobalNamespaceMembershipViolation.qlref | 1 - .../DefinitionNotConsideredForUnqualifiedLookup_shared.ql | 4 ++-- .../HiddenInheritedNonOverridableMemberFunction_shared.ql | 4 ++-- .../NameNotReferredUsingAQualifiedIdOrThisAudit_shared.ql | 4 ++-- .../ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql | 4 ++-- .../test/rules/useofnonzerooctalliteral_shared/test.cpp | 6 +++--- scripts/generate_rules/generate_package_files.py | 3 +++ 9 files changed, 19 insertions(+), 17 deletions(-) delete mode 100644 cpp/autosar/test/rules/M7-3-1/GlobalNamespaceMembershipViolation.qlref diff --git a/c/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql b/c/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql index e4928beb62..af3f7697f7 100644 --- a/c/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql +++ b/c/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql @@ -1,5 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.resultofanassignmentoperatorshouldnotbeused_shared.ResultOfAnAssignmentOperatorShouldNotBeUsed_shared -class TestFileQuery extends ResultOfAnAssignmentOperatorShouldNotBeUsed_sharedSharedQuery, TestQuery { -} +class TestFileQuery extends ResultOfAnAssignmentOperatorShouldNotBeUsed_sharedSharedQuery, TestQuery +{ } diff --git a/c/common/test/rules/useofnonzerooctalliteral_shared/test.c b/c/common/test/rules/useofnonzerooctalliteral_shared/test.c index 4fb1e3712d..11b439b02e 100644 --- a/c/common/test/rules/useofnonzerooctalliteral_shared/test.c +++ b/c/common/test/rules/useofnonzerooctalliteral_shared/test.c @@ -1,7 +1,7 @@ // NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND // CHANGES SHOULD BE REFLECTED THERE AS WELL. void test_non_zero_octal() { - 0; // COMPLIANT - octal literal zero permitted - 012; // NON_COMPLIANT - 054; // NON_COMPLIANT + 0; // COMPLIANT - octal literal zero permitted + 012; // NON_COMPLIANT + 054; // NON_COMPLIANT } \ No newline at end of file diff --git a/cpp/autosar/test/rules/M7-3-1/GlobalNamespaceMembershipViolation.qlref b/cpp/autosar/test/rules/M7-3-1/GlobalNamespaceMembershipViolation.qlref deleted file mode 100644 index f2ec336eec..0000000000 --- a/cpp/autosar/test/rules/M7-3-1/GlobalNamespaceMembershipViolation.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M7-3-1/GlobalNamespaceMembershipViolation.ql \ No newline at end of file diff --git a/cpp/common/test/rules/definitionnotconsideredforunqualifiedlookup_shared/DefinitionNotConsideredForUnqualifiedLookup_shared.ql b/cpp/common/test/rules/definitionnotconsideredforunqualifiedlookup_shared/DefinitionNotConsideredForUnqualifiedLookup_shared.ql index 852e501f38..97943daa7f 100644 --- a/cpp/common/test/rules/definitionnotconsideredforunqualifiedlookup_shared/DefinitionNotConsideredForUnqualifiedLookup_shared.ql +++ b/cpp/common/test/rules/definitionnotconsideredforunqualifiedlookup_shared/DefinitionNotConsideredForUnqualifiedLookup_shared.ql @@ -1,5 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.definitionnotconsideredforunqualifiedlookup_shared.DefinitionNotConsideredForUnqualifiedLookup_shared -class TestFileQuery extends DefinitionNotConsideredForUnqualifiedLookup_sharedSharedQuery, TestQuery { -} +class TestFileQuery extends DefinitionNotConsideredForUnqualifiedLookup_sharedSharedQuery, TestQuery +{ } diff --git a/cpp/common/test/rules/hiddeninheritednonoverridablememberfunction_shared/HiddenInheritedNonOverridableMemberFunction_shared.ql b/cpp/common/test/rules/hiddeninheritednonoverridablememberfunction_shared/HiddenInheritedNonOverridableMemberFunction_shared.ql index 5e440a4f92..b822664218 100644 --- a/cpp/common/test/rules/hiddeninheritednonoverridablememberfunction_shared/HiddenInheritedNonOverridableMemberFunction_shared.ql +++ b/cpp/common/test/rules/hiddeninheritednonoverridablememberfunction_shared/HiddenInheritedNonOverridableMemberFunction_shared.ql @@ -1,5 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.hiddeninheritednonoverridablememberfunction_shared.HiddenInheritedNonOverridableMemberFunction_shared -class TestFileQuery extends HiddenInheritedNonOverridableMemberFunction_sharedSharedQuery, TestQuery { -} +class TestFileQuery extends HiddenInheritedNonOverridableMemberFunction_sharedSharedQuery, TestQuery +{ } diff --git a/cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit_shared/NameNotReferredUsingAQualifiedIdOrThisAudit_shared.ql b/cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit_shared/NameNotReferredUsingAQualifiedIdOrThisAudit_shared.ql index e5d93d74db..abc15222c5 100644 --- a/cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit_shared/NameNotReferredUsingAQualifiedIdOrThisAudit_shared.ql +++ b/cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit_shared/NameNotReferredUsingAQualifiedIdOrThisAudit_shared.ql @@ -1,5 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.namenotreferredusingaqualifiedidorthisaudit_shared.NameNotReferredUsingAQualifiedIdOrThisAudit_shared -class TestFileQuery extends NameNotReferredUsingAQualifiedIdOrThisAudit_sharedSharedQuery, TestQuery { -} +class TestFileQuery extends NameNotReferredUsingAQualifiedIdOrThisAudit_sharedSharedQuery, TestQuery +{ } diff --git a/cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql b/cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql index e4928beb62..af3f7697f7 100644 --- a/cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql +++ b/cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql @@ -1,5 +1,5 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.resultofanassignmentoperatorshouldnotbeused_shared.ResultOfAnAssignmentOperatorShouldNotBeUsed_shared -class TestFileQuery extends ResultOfAnAssignmentOperatorShouldNotBeUsed_sharedSharedQuery, TestQuery { -} +class TestFileQuery extends ResultOfAnAssignmentOperatorShouldNotBeUsed_sharedSharedQuery, TestQuery +{ } diff --git a/cpp/common/test/rules/useofnonzerooctalliteral_shared/test.cpp b/cpp/common/test/rules/useofnonzerooctalliteral_shared/test.cpp index 0a914e86ce..0bf928c9ec 100644 --- a/cpp/common/test/rules/useofnonzerooctalliteral_shared/test.cpp +++ b/cpp/common/test/rules/useofnonzerooctalliteral_shared/test.cpp @@ -1,7 +1,7 @@ // NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C TEST CASE AND // CHANGES SHOULD BE REFLECTED THERE AS WELL. void test_non_zero_octal() { - 0; // COMPLIANT - octal literal zero permitted - 012; // NON_COMPLIANT - 054; // NON_COMPLIANT + 0; // COMPLIANT - octal literal zero permitted + 012; // NON_COMPLIANT + 054; // NON_COMPLIANT } \ No newline at end of file diff --git a/scripts/generate_rules/generate_package_files.py b/scripts/generate_rules/generate_package_files.py index ed8bb625bd..862ccfdc1e 100644 --- a/scripts/generate_rules/generate_package_files.py +++ b/scripts/generate_rules/generate_package_files.py @@ -192,6 +192,9 @@ def write_shared_implementation(package_name, rule_id, query, language_name, ql_ if len(class_name) > 61: # Line break required after comma f.write("\n TestQuery\n{ }\n") + elif len(class_name) == 61: + # Line break required before `{` + f.write(" TestQuery\n{ }\n") elif len(class_name) > 57: # Line break required after `{` f.write(" TestQuery {\n}\n") From 768df79b9fa9c070bbc386356f71a0fae8b33ea8 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 27 Jun 2024 18:08:04 +0200 Subject: [PATCH 1844/2573] change note --- change_notes/2024-06-27-misra-cpp-2023-import.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 change_notes/2024-06-27-misra-cpp-2023-import.md diff --git a/change_notes/2024-06-27-misra-cpp-2023-import.md b/change_notes/2024-06-27-misra-cpp-2023-import.md new file mode 100644 index 0000000000..5de144c3af --- /dev/null +++ b/change_notes/2024-06-27-misra-cpp-2023-import.md @@ -0,0 +1,2 @@ +- `MISRA C++ 2023`: + - Adds support for `MISRA C++ 2023` rules that are already implemented by existing queries. From 06bcd5b0347c63f3705821d8b72ebf3944069861 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 3 Jul 2024 22:43:13 +0200 Subject: [PATCH 1845/2573] Fixes #618. Consider anonymous structs. --- .../DeclarationsOfAnObjectSameNameAndType.ql | 1 + ...arationsOfAnObjectSameNameAndType.expected | 38 +++++++++++-------- c/misra/test/rules/RULE-8-3/object1.c | 29 ++++++++++++++ c/misra/test/rules/RULE-8-3/object2.c | 19 +++++++++- .../2024-07-03-consider-anonymous-struct.md | 2 + ...fAnObjectShallHaveCompatibleTypes.expected | 2 + ...ject_shall_have_compatible_types_unit1.cpp | 7 +++- ...ject_shall_have_compatible_types_unit2.cpp | 7 +++- 8 files changed, 86 insertions(+), 19 deletions(-) create mode 100644 change_notes/2024-07-03-consider-anonymous-struct.md diff --git a/c/misra/src/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.ql b/c/misra/src/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.ql index 03acda6dd7..dfd9d622e9 100644 --- a/c/misra/src/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.ql +++ b/c/misra/src/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.ql @@ -20,6 +20,7 @@ where not isExcluded(decl1, Declarations4Package::declarationsOfAnObjectSameNameAndTypeQuery()) and not isExcluded(decl2, Declarations4Package::declarationsOfAnObjectSameNameAndTypeQuery()) and not decl1 = decl2 and + not decl1.getVariable().getDeclaringType().isAnonymous() and decl1.getVariable().getQualifiedName() = decl2.getVariable().getQualifiedName() and not typesCompatible(decl1.getType(), decl2.getType()) select decl1, diff --git a/c/misra/test/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.expected b/c/misra/test/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.expected index a90e0aa57d..c63681c7be 100644 --- a/c/misra/test/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.expected +++ b/c/misra/test/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.expected @@ -1,16 +1,22 @@ -| object1.c:3:6:3:7 | definition of a3 | The object $@ of type long is not compatible with re-declaration $@ of type LL | object1.c:3:6:3:7 | definition of a3 | a3 | object2.c:9:11:9:12 | declaration of a3 | a3 | -| object1.c:4:6:4:7 | definition of a4 | The object $@ of type long is not compatible with re-declaration $@ of type int | object1.c:4:6:4:7 | definition of a4 | a4 | object2.c:11:12:11:13 | declaration of a4 | a4 | -| object1.c:5:5:5:6 | definition of a5 | The object $@ of type int is not compatible with re-declaration $@ of type long | object1.c:5:5:5:6 | definition of a5 | a5 | object2.c:13:13:13:14 | declaration of a5 | a5 | -| object1.c:6:6:6:7 | definition of a6 | The object $@ of type long is not compatible with re-declaration $@ of type int | object1.c:6:6:6:7 | definition of a6 | a6 | object2.c:17:1:17:3 | declaration of a6 | a6 | -| object1.c:7:5:7:6 | definition of a7 | The object $@ of type int is not compatible with re-declaration $@ of type LL | object1.c:7:5:7:6 | definition of a7 | a7 | object2.c:19:11:19:12 | declaration of a7 | a7 | -| object1.c:13:5:13:7 | definition of a10 | The object $@ of type int[100] is not compatible with re-declaration $@ of type LI[100] | object1.c:13:5:13:7 | definition of a10 | a10 | object2.c:22:4:22:6 | definition of a10 | a10 | -| object1.c:14:5:14:7 | definition of a11 | The object $@ of type int[100] is not compatible with re-declaration $@ of type int[101] | object1.c:14:5:14:7 | definition of a11 | a11 | object2.c:23:12:23:14 | declaration of a11 | a11 | -| object1.c:17:12:17:14 | definition of a13 | The object $@ of type int *const is not compatible with re-declaration $@ of type int * | object1.c:17:12:17:14 | definition of a13 | a13 | object2.c:26:13:26:15 | declaration of a13 | a13 | -| object2.c:9:11:9:12 | declaration of a3 | The object $@ of type LL is not compatible with re-declaration $@ of type long | object2.c:9:11:9:12 | declaration of a3 | a3 | object1.c:3:6:3:7 | definition of a3 | a3 | -| object2.c:11:12:11:13 | declaration of a4 | The object $@ of type int is not compatible with re-declaration $@ of type long | object2.c:11:12:11:13 | declaration of a4 | a4 | object1.c:4:6:4:7 | definition of a4 | a4 | -| object2.c:13:13:13:14 | declaration of a5 | The object $@ of type long is not compatible with re-declaration $@ of type int | object2.c:13:13:13:14 | declaration of a5 | a5 | object1.c:5:5:5:6 | definition of a5 | a5 | -| object2.c:17:1:17:3 | declaration of a6 | The object $@ of type int is not compatible with re-declaration $@ of type long | object2.c:17:1:17:3 | declaration of a6 | a6 | object1.c:6:6:6:7 | definition of a6 | a6 | -| object2.c:19:11:19:12 | declaration of a7 | The object $@ of type LL is not compatible with re-declaration $@ of type int | object2.c:19:11:19:12 | declaration of a7 | a7 | object1.c:7:5:7:6 | definition of a7 | a7 | -| object2.c:22:4:22:6 | definition of a10 | The object $@ of type LI[100] is not compatible with re-declaration $@ of type int[100] | object2.c:22:4:22:6 | definition of a10 | a10 | object1.c:13:5:13:7 | definition of a10 | a10 | -| object2.c:23:12:23:14 | declaration of a11 | The object $@ of type int[101] is not compatible with re-declaration $@ of type int[100] | object2.c:23:12:23:14 | declaration of a11 | a11 | object1.c:14:5:14:7 | definition of a11 | a11 | -| object2.c:26:13:26:15 | declaration of a13 | The object $@ of type int * is not compatible with re-declaration $@ of type int *const | object2.c:26:13:26:15 | declaration of a13 | a13 | object1.c:17:12:17:14 | definition of a13 | a13 | +| object1.c:5:6:5:7 | definition of a3 | The object $@ of type long is not compatible with re-declaration $@ of type LL | object1.c:5:6:5:7 | definition of a3 | a3 | object2.c:11:11:11:12 | declaration of a3 | a3 | +| object1.c:6:6:6:7 | definition of a4 | The object $@ of type long is not compatible with re-declaration $@ of type int | object1.c:6:6:6:7 | definition of a4 | a4 | object2.c:13:12:13:13 | declaration of a4 | a4 | +| object1.c:7:5:7:6 | definition of a5 | The object $@ of type int is not compatible with re-declaration $@ of type long | object1.c:7:5:7:6 | definition of a5 | a5 | object2.c:15:13:15:14 | declaration of a5 | a5 | +| object1.c:8:6:8:7 | definition of a6 | The object $@ of type long is not compatible with re-declaration $@ of type int | object1.c:8:6:8:7 | definition of a6 | a6 | object2.c:19:1:19:3 | declaration of a6 | a6 | +| object1.c:9:5:9:6 | definition of a7 | The object $@ of type int is not compatible with re-declaration $@ of type LL | object1.c:9:5:9:6 | definition of a7 | a7 | object2.c:21:11:21:12 | declaration of a7 | a7 | +| object1.c:15:5:15:7 | definition of a10 | The object $@ of type int[100] is not compatible with re-declaration $@ of type LI[100] | object1.c:15:5:15:7 | definition of a10 | a10 | object2.c:24:4:24:6 | definition of a10 | a10 | +| object1.c:16:5:16:7 | definition of a11 | The object $@ of type int[100] is not compatible with re-declaration $@ of type int[101] | object1.c:16:5:16:7 | definition of a11 | a11 | object2.c:25:12:25:14 | declaration of a11 | a11 | +| object1.c:19:12:19:14 | definition of a13 | The object $@ of type int *const is not compatible with re-declaration $@ of type int * | object1.c:19:12:19:14 | definition of a13 | a13 | object2.c:28:13:28:15 | declaration of a13 | a13 | +| object1.c:23:10:23:13 | definition of size | The object $@ of type size_t is not compatible with re-declaration $@ of type unsigned char | object1.c:23:10:23:13 | definition of size | size | object2.c:32:17:32:20 | definition of size | size | +| object1.c:24:3:24:4 | definition of s0 | The object $@ of type NamedStruct0 is not compatible with re-declaration $@ of type NamedStruct0 | object1.c:24:3:24:4 | definition of s0 | s0 | object2.c:33:3:33:4 | definition of s0 | s0 | +| object1.c:29:3:29:4 | definition of s1 | The object $@ of type NamedStruct1 is not compatible with re-declaration $@ of type NamedStruct1 | object1.c:29:3:29:4 | definition of s1 | s1 | object2.c:38:3:38:4 | definition of s1 | s1 | +| object2.c:11:11:11:12 | declaration of a3 | The object $@ of type LL is not compatible with re-declaration $@ of type long | object2.c:11:11:11:12 | declaration of a3 | a3 | object1.c:5:6:5:7 | definition of a3 | a3 | +| object2.c:13:12:13:13 | declaration of a4 | The object $@ of type int is not compatible with re-declaration $@ of type long | object2.c:13:12:13:13 | declaration of a4 | a4 | object1.c:6:6:6:7 | definition of a4 | a4 | +| object2.c:15:13:15:14 | declaration of a5 | The object $@ of type long is not compatible with re-declaration $@ of type int | object2.c:15:13:15:14 | declaration of a5 | a5 | object1.c:7:5:7:6 | definition of a5 | a5 | +| object2.c:19:1:19:3 | declaration of a6 | The object $@ of type int is not compatible with re-declaration $@ of type long | object2.c:19:1:19:3 | declaration of a6 | a6 | object1.c:8:6:8:7 | definition of a6 | a6 | +| object2.c:21:11:21:12 | declaration of a7 | The object $@ of type LL is not compatible with re-declaration $@ of type int | object2.c:21:11:21:12 | declaration of a7 | a7 | object1.c:9:5:9:6 | definition of a7 | a7 | +| object2.c:24:4:24:6 | definition of a10 | The object $@ of type LI[100] is not compatible with re-declaration $@ of type int[100] | object2.c:24:4:24:6 | definition of a10 | a10 | object1.c:15:5:15:7 | definition of a10 | a10 | +| object2.c:25:12:25:14 | declaration of a11 | The object $@ of type int[101] is not compatible with re-declaration $@ of type int[100] | object2.c:25:12:25:14 | declaration of a11 | a11 | object1.c:16:5:16:7 | definition of a11 | a11 | +| object2.c:28:13:28:15 | declaration of a13 | The object $@ of type int * is not compatible with re-declaration $@ of type int *const | object2.c:28:13:28:15 | declaration of a13 | a13 | object1.c:19:12:19:14 | definition of a13 | a13 | +| object2.c:32:17:32:20 | definition of size | The object $@ of type unsigned char is not compatible with re-declaration $@ of type size_t | object2.c:32:17:32:20 | definition of size | size | object1.c:23:10:23:13 | definition of size | size | +| object2.c:33:3:33:4 | definition of s0 | The object $@ of type NamedStruct0 is not compatible with re-declaration $@ of type NamedStruct0 | object2.c:33:3:33:4 | definition of s0 | s0 | object1.c:24:3:24:4 | definition of s0 | s0 | +| object2.c:38:3:38:4 | definition of s1 | The object $@ of type NamedStruct1 is not compatible with re-declaration $@ of type NamedStruct1 | object2.c:38:3:38:4 | definition of s1 | s1 | object1.c:29:3:29:4 | definition of s1 | s1 | diff --git a/c/misra/test/rules/RULE-8-3/object1.c b/c/misra/test/rules/RULE-8-3/object1.c index 2c79cf6e91..0a54c791d3 100644 --- a/c/misra/test/rules/RULE-8-3/object1.c +++ b/c/misra/test/rules/RULE-8-3/object1.c @@ -1,3 +1,5 @@ +#include + int a1; // COMPLIANT int a2; // COMPLIANT long a3; // NON_COMPLIANT @@ -15,3 +17,30 @@ int a11[100]; // NON_COMPLIANT - different sizes int a12; // COMPLIANT int *const a13; // NON_COMPLIANT + +struct NamedStruct0 { + int val[10]; + size_t size; // NON_COMPLIANT - different type +} s0; // NON_COMPLIANT - different member type + +struct NamedStruct1 { + int val[10]; + size_t size; +} s1; // NON_COMPLIANT - different member name + +struct { + int val[10]; + size_t size; +} s2; // COMPLIANT + +struct OuterStruct { + struct { + int val[10]; // COMPLIANT + size_t size; + } firstArray; + + struct { + int val[10][2]; // COMPLIANT + size_t size; + } secondArray; +}; diff --git a/c/misra/test/rules/RULE-8-3/object2.c b/c/misra/test/rules/RULE-8-3/object2.c index c53cbb6176..ee090b4a0c 100644 --- a/c/misra/test/rules/RULE-8-3/object2.c +++ b/c/misra/test/rules/RULE-8-3/object2.c @@ -1,3 +1,5 @@ +#include + extern int a1; // COMPLIANT #define EE extern int a2 @@ -23,4 +25,19 @@ LI a10[100]; // NON_COMPLIANT extern int a11[101]; // NON_COMPLIANT - different sizes signed a12; // COMPLIANT -extern int *a13; // NON_COMPLIANT \ No newline at end of file +extern int *a13; // NON_COMPLIANT + +struct NamedStruct0 { + int val[10]; + unsigned char size; // NON_COMPLIANT - different type +} s0; // NON_COMPLIANT - different member type + +struct NamedStruct1 { + int val[10]; + size_t mysize; +} s1; // NON_COMPLIANT - different member name + +struct { + int val[10]; + size_t size; +} s2; // COMPLIANT diff --git a/change_notes/2024-07-03-consider-anonymous-struct.md b/change_notes/2024-07-03-consider-anonymous-struct.md new file mode 100644 index 0000000000..4d7430bc22 --- /dev/null +++ b/change_notes/2024-07-03-consider-anonymous-struct.md @@ -0,0 +1,2 @@ +- `RULE-8-3` - `DeclarationsOfAnObjectSameNameAndType.ql`: + - Fixes #618. Consider anonymous structs. \ No newline at end of file diff --git a/cpp/autosar/test/rules/M3-2-1/DeclarationsOfAnObjectShallHaveCompatibleTypes.expected b/cpp/autosar/test/rules/M3-2-1/DeclarationsOfAnObjectShallHaveCompatibleTypes.expected index 33f6dec68f..96cf9a6597 100644 --- a/cpp/autosar/test/rules/M3-2-1/DeclarationsOfAnObjectShallHaveCompatibleTypes.expected +++ b/cpp/autosar/test/rules/M3-2-1/DeclarationsOfAnObjectShallHaveCompatibleTypes.expected @@ -4,9 +4,11 @@ | test_declarations_of_an_object_shall_have_compatible_types_unit1.cpp:7:5:7:6 | definition of a7 | The object $@ of type int is not compatible with re-declaration $@ of type LL | test_declarations_of_an_object_shall_have_compatible_types_unit1.cpp:7:5:7:6 | definition of a7 | a7 | test_declarations_of_an_object_shall_have_compatible_types_unit2.cpp:19:11:19:12 | declaration of a7 | a7 | | test_declarations_of_an_object_shall_have_compatible_types_unit1.cpp:14:5:14:6 | definition of a2 | The object $@ of type int is not compatible with re-declaration $@ of type long | test_declarations_of_an_object_shall_have_compatible_types_unit1.cpp:14:5:14:6 | definition of a2 | a2 | test_declarations_of_an_object_shall_have_compatible_types_unit2.cpp:23:13:23:14 | declaration of a2 | a2 | | test_declarations_of_an_object_shall_have_compatible_types_unit1.cpp:19:5:19:7 | definition of a11 | The object $@ of type int[100] is not compatible with re-declaration $@ of type int[101] | test_declarations_of_an_object_shall_have_compatible_types_unit1.cpp:19:5:19:7 | definition of a11 | a11 | test_declarations_of_an_object_shall_have_compatible_types_unit2.cpp:28:12:28:14 | declaration of a11 | a11 | +| test_declarations_of_an_object_shall_have_compatible_types_unit1.cpp:39:5:39:7 | definition of a13 | The object $@ of type int is not compatible with re-declaration $@ of type long | test_declarations_of_an_object_shall_have_compatible_types_unit1.cpp:39:5:39:7 | definition of a13 | a13 | test_declarations_of_an_object_shall_have_compatible_types_unit2.cpp:41:13:41:15 | declaration of a13 | a13 | | test_declarations_of_an_object_shall_have_compatible_types_unit2.cpp:11:12:11:13 | declaration of a4 | The object $@ of type int is not compatible with re-declaration $@ of type long | test_declarations_of_an_object_shall_have_compatible_types_unit2.cpp:11:12:11:13 | declaration of a4 | a4 | test_declarations_of_an_object_shall_have_compatible_types_unit1.cpp:4:6:4:7 | definition of a4 | a4 | | test_declarations_of_an_object_shall_have_compatible_types_unit2.cpp:13:13:13:14 | declaration of a5 | The object $@ of type long is not compatible with re-declaration $@ of type int | test_declarations_of_an_object_shall_have_compatible_types_unit2.cpp:13:13:13:14 | declaration of a5 | a5 | test_declarations_of_an_object_shall_have_compatible_types_unit1.cpp:5:5:5:6 | definition of a5 | a5 | | test_declarations_of_an_object_shall_have_compatible_types_unit2.cpp:17:1:17:3 | declaration of a6 | The object $@ of type int is not compatible with re-declaration $@ of type long | test_declarations_of_an_object_shall_have_compatible_types_unit2.cpp:17:1:17:3 | declaration of a6 | a6 | test_declarations_of_an_object_shall_have_compatible_types_unit1.cpp:6:6:6:7 | definition of a6 | a6 | | test_declarations_of_an_object_shall_have_compatible_types_unit2.cpp:19:11:19:12 | declaration of a7 | The object $@ of type LL is not compatible with re-declaration $@ of type int | test_declarations_of_an_object_shall_have_compatible_types_unit2.cpp:19:11:19:12 | declaration of a7 | a7 | test_declarations_of_an_object_shall_have_compatible_types_unit1.cpp:7:5:7:6 | definition of a7 | a7 | | test_declarations_of_an_object_shall_have_compatible_types_unit2.cpp:23:13:23:14 | declaration of a2 | The object $@ of type long is not compatible with re-declaration $@ of type int | test_declarations_of_an_object_shall_have_compatible_types_unit2.cpp:23:13:23:14 | declaration of a2 | a2 | test_declarations_of_an_object_shall_have_compatible_types_unit1.cpp:14:5:14:6 | definition of a2 | a2 | | test_declarations_of_an_object_shall_have_compatible_types_unit2.cpp:28:12:28:14 | declaration of a11 | The object $@ of type int[101] is not compatible with re-declaration $@ of type int[100] | test_declarations_of_an_object_shall_have_compatible_types_unit2.cpp:28:12:28:14 | declaration of a11 | a11 | test_declarations_of_an_object_shall_have_compatible_types_unit1.cpp:19:5:19:7 | definition of a11 | a11 | +| test_declarations_of_an_object_shall_have_compatible_types_unit2.cpp:41:13:41:15 | declaration of a13 | The object $@ of type long is not compatible with re-declaration $@ of type int | test_declarations_of_an_object_shall_have_compatible_types_unit2.cpp:41:13:41:15 | declaration of a13 | a13 | test_declarations_of_an_object_shall_have_compatible_types_unit1.cpp:39:5:39:7 | definition of a13 | a13 | diff --git a/cpp/autosar/test/rules/M3-2-1/test_declarations_of_an_object_shall_have_compatible_types_unit1.cpp b/cpp/autosar/test/rules/M3-2-1/test_declarations_of_an_object_shall_have_compatible_types_unit1.cpp index ad774c5995..7230036d39 100644 --- a/cpp/autosar/test/rules/M3-2-1/test_declarations_of_an_object_shall_have_compatible_types_unit1.cpp +++ b/cpp/autosar/test/rules/M3-2-1/test_declarations_of_an_object_shall_have_compatible_types_unit1.cpp @@ -32,4 +32,9 @@ template class ClassB { }; void test3() { ClassB b; } -void test4() { ClassB b; } \ No newline at end of file +void test4() { ClassB b; } + +namespace { +int a12; // COMPLIANT +int a13; // NON_COMPLIANT +} // anonymous namespace diff --git a/cpp/autosar/test/rules/M3-2-1/test_declarations_of_an_object_shall_have_compatible_types_unit2.cpp b/cpp/autosar/test/rules/M3-2-1/test_declarations_of_an_object_shall_have_compatible_types_unit2.cpp index 58aefe0281..fb5efc92a2 100644 --- a/cpp/autosar/test/rules/M3-2-1/test_declarations_of_an_object_shall_have_compatible_types_unit2.cpp +++ b/cpp/autosar/test/rules/M3-2-1/test_declarations_of_an_object_shall_have_compatible_types_unit2.cpp @@ -34,4 +34,9 @@ template class ClassB { }; void testb_1() { ClassB b; } -void testb_2() { ClassB b; } \ No newline at end of file +void testb_2() { ClassB b; } + +namespace { +extern int a12; // COMPLIANT +extern long a13; // NON_COMPLIANT +} // anonymous namespace From 808dd5f3b7c68fe1d93dc602649b51d173e6affa Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 3 Jul 2024 17:09:29 -0400 Subject: [PATCH 1846/2573] A3-1-5: change definition of trivial length of trivial member function to 10LOC --- change_notes/2024-07-03-fix-fp-611-A3-1-5.md | 2 ++ ...ialNonTemplateFunctionDefinedInsideClassDefinition.expected | 1 - cpp/autosar/test/rules/A3-1-5/test.cpp | 2 +- cpp/common/src/codingstandards/cpp/Class.qll | 3 ++- 4 files changed, 5 insertions(+), 3 deletions(-) create mode 100644 change_notes/2024-07-03-fix-fp-611-A3-1-5.md diff --git a/change_notes/2024-07-03-fix-fp-611-A3-1-5.md b/change_notes/2024-07-03-fix-fp-611-A3-1-5.md new file mode 100644 index 0000000000..b4902a1ee3 --- /dev/null +++ b/change_notes/2024-07-03-fix-fp-611-A3-1-5.md @@ -0,0 +1,2 @@ +- `A3-1-5` - `NonTrivialNonTemplateFunctionDefinedInsideClassDefinition.ql`, `TrivialOrTemplateFunctionDefinedOutsideClassDefinition.ql`: + - Fixes #611. Relax definition of trivial length of trivial member function to 10 LOC. \ No newline at end of file diff --git a/cpp/autosar/test/rules/A3-1-5/NonTrivialNonTemplateFunctionDefinedInsideClassDefinition.expected b/cpp/autosar/test/rules/A3-1-5/NonTrivialNonTemplateFunctionDefinedInsideClassDefinition.expected index 6611f6003f..d6c00ac4b5 100644 --- a/cpp/autosar/test/rules/A3-1-5/NonTrivialNonTemplateFunctionDefinedInsideClassDefinition.expected +++ b/cpp/autosar/test/rules/A3-1-5/NonTrivialNonTemplateFunctionDefinedInsideClassDefinition.expected @@ -1,2 +1 @@ -| test.cpp:12:7:12:13 | trivial | Non-Trivial or non-template function trivial is defined in the class body of $@. | test.cpp:2:7:2:7 | A | A | | test.cpp:26:7:26:9 | gcd | Non-Trivial or non-template function gcd is defined in the class body of $@. | test.cpp:2:7:2:7 | A | A | diff --git a/cpp/autosar/test/rules/A3-1-5/test.cpp b/cpp/autosar/test/rules/A3-1-5/test.cpp index eb5bc9edb7..8ee1bab48e 100644 --- a/cpp/autosar/test/rules/A3-1-5/test.cpp +++ b/cpp/autosar/test/rules/A3-1-5/test.cpp @@ -9,7 +9,7 @@ class A { int getABar() { return 9; } - int trivial() { // NON_COMPLIANT + int not_trivial() { // COMPLIANT - with threshold of 10 loc ; ; ; diff --git a/cpp/common/src/codingstandards/cpp/Class.qll b/cpp/common/src/codingstandards/cpp/Class.qll index 19bec9fa5f..0bff03455e 100644 --- a/cpp/common/src/codingstandards/cpp/Class.qll +++ b/cpp/common/src/codingstandards/cpp/Class.qll @@ -149,7 +149,8 @@ class IntrospectedMemberFunction extends MemberFunction { } predicate hasTrivialLength() { - this.getBlock().getNumStmt() <= 3 and + this.getBlock().getLastStmt().getLocation().getStartLine() - + this.getBlock().getStmt(0).getLocation().getStartLine() <= 10 and not exists(this.getBlock().getStmt(_).getChildStmt()) } From 7efdf4cfd99c1d41c3dfcad11d339884fae05fb7 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Fri, 5 Jul 2024 10:18:14 -0400 Subject: [PATCH 1847/2573] A7-1-7: exclusions exclude functions exclude struct identifiers and variables when used with typedefs --- change_notes/2024-07-05-fix-fp628-630.md | 3 +++ ...tifierDeclarationAndInitializationNotOnSeparateLines.ql | 7 ++++--- ...DeclarationAndInitializationNotOnSeparateLines.expected | 1 + cpp/autosar/test/rules/A7-1-7/test.cpp | 6 ++++++ 4 files changed, 14 insertions(+), 3 deletions(-) create mode 100644 change_notes/2024-07-05-fix-fp628-630.md diff --git a/change_notes/2024-07-05-fix-fp628-630.md b/change_notes/2024-07-05-fix-fp628-630.md new file mode 100644 index 0000000000..8f0517f708 --- /dev/null +++ b/change_notes/2024-07-05-fix-fp628-630.md @@ -0,0 +1,3 @@ +- `A7-1-7` - `IdentifierDeclarationAndInitializationNotOnSeparateLines.ql`: + - Fixes #628. Excludes Functions. + - Fixes #630. Excludes struct identifiers and variables on the same line when a typedef is used. \ No newline at end of file diff --git a/cpp/autosar/src/rules/A7-1-7/IdentifierDeclarationAndInitializationNotOnSeparateLines.ql b/cpp/autosar/src/rules/A7-1-7/IdentifierDeclarationAndInitializationNotOnSeparateLines.ql index d33d3d8e71..8c10a0f80c 100644 --- a/cpp/autosar/src/rules/A7-1-7/IdentifierDeclarationAndInitializationNotOnSeparateLines.ql +++ b/cpp/autosar/src/rules/A7-1-7/IdentifierDeclarationAndInitializationNotOnSeparateLines.ql @@ -23,12 +23,10 @@ class UniqueLineStmt extends Locatable { this = d.getADeclarationEntry() and not d instanceof Parameter and not d instanceof TemplateParameter and - not d instanceof FunctionTemplateSpecialization and // TODO - Needs to be enhanced to solve issues with // templated inner classes. - not d instanceof MemberFunction and + not d instanceof Function and not d.isFromTemplateInstantiation(_) and - not d.(Function).isCompilerGenerated() and not d.(Variable).isCompilerGenerated() and not exists(RangeBasedForStmt f | f.getADeclaration() = d) and not exists(DeclStmt declStmt, ForStmt f | @@ -52,6 +50,9 @@ where DeclarationsPackage::identifierDeclarationAndInitializationNotOnSeparateLinesQuery()) and not e1 = e2 and not e1.(DeclarationEntry) = e2 and + //omit the cases where there is one struct identifier on a struct var line used with typedef + not exists(Struct s | s.getADeclarationEntry() = e1 and e1 instanceof TypeDeclarationEntry) and + not exists(Struct s | s.getATypeNameUse() = e1 and e1 instanceof TypeDeclarationEntry) and exists(Location l1, Location l2 | e1.getLocation() = l1 and e2.getLocation() = l2 and diff --git a/cpp/autosar/test/rules/A7-1-7/IdentifierDeclarationAndInitializationNotOnSeparateLines.expected b/cpp/autosar/test/rules/A7-1-7/IdentifierDeclarationAndInitializationNotOnSeparateLines.expected index c7abb3ce6f..b84f71e952 100644 --- a/cpp/autosar/test/rules/A7-1-7/IdentifierDeclarationAndInitializationNotOnSeparateLines.expected +++ b/cpp/autosar/test/rules/A7-1-7/IdentifierDeclarationAndInitializationNotOnSeparateLines.expected @@ -26,3 +26,4 @@ | test.cpp:66:12:66:12 | definition of g | Expression statement and identifier are on the same line. | | test.cpp:82:7:82:10 | definition of S3_a | Expression statement and identifier are on the same line. | | test.cpp:82:17:82:20 | definition of S3_b | Expression statement and identifier are on the same line. | +| test.cpp:154:24:154:24 | definition of y | Expression statement and identifier are on the same line. | diff --git a/cpp/autosar/test/rules/A7-1-7/test.cpp b/cpp/autosar/test/rules/A7-1-7/test.cpp index de6e013291..7c5a6263cf 100644 --- a/cpp/autosar/test/rules/A7-1-7/test.cpp +++ b/cpp/autosar/test/rules/A7-1-7/test.cpp @@ -147,3 +147,9 @@ struct s_357 { // clang-format on } }; + +void example_function() { f1(); } // COMPLIANT + +// clang-format off +typedef struct x { int y; } z; //COMPLIANT - for struct typedef and struct var //NON_COMPLIANT - for struct all on one line +// clang-format on \ No newline at end of file From e068ecda60889d43f4c9d948c664f30de2a34536 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Fri, 5 Jul 2024 10:41:00 -0400 Subject: [PATCH 1848/2573] A3-1-5: simplify length calculation, adjust testcase --- ...eFunctionDefinedOutsideClassDefinition.expected | 14 +++++++------- cpp/autosar/test/rules/A3-1-5/test.cpp | 14 ++++++++++++++ cpp/common/src/codingstandards/cpp/Class.qll | 4 +--- 3 files changed, 22 insertions(+), 10 deletions(-) diff --git a/cpp/autosar/test/rules/A3-1-5/TrivialOrTemplateFunctionDefinedOutsideClassDefinition.expected b/cpp/autosar/test/rules/A3-1-5/TrivialOrTemplateFunctionDefinedOutsideClassDefinition.expected index af8a1d4588..dc0e220a94 100644 --- a/cpp/autosar/test/rules/A3-1-5/TrivialOrTemplateFunctionDefinedOutsideClassDefinition.expected +++ b/cpp/autosar/test/rules/A3-1-5/TrivialOrTemplateFunctionDefinedOutsideClassDefinition.expected @@ -1,7 +1,7 @@ -| test.cpp:58:5:58:11 | getB | The trivial member function getB is not defined in the class body of $@. | test.cpp:2:7:2:7 | A | A | -| test.cpp:60:25:60:28 | d | The template member function d is not defined in the class body of $@. | test.cpp:2:7:2:7 | A | A | -| test.cpp:62:5:62:8 | b | The trivial member function b is not defined in the class body of $@. | test.cpp:2:7:2:7 | A | A | -| test.cpp:81:34:81:57 | complexCalculation | The template member function complexCalculation is not defined in the class body of $@. | test.cpp:64:29:64:29 | B | B | -| test.cpp:97:47:97:53 | d | The template member function d is not defined in the class body of $@. | test.cpp:64:29:64:29 | B | B | -| test.cpp:101:27:101:33 | b | The template member function b is not defined in the class body of $@. | test.cpp:64:29:64:29 | B | B | -| test.cpp:106:27:106:36 | getB | The template member function getB is not defined in the class body of $@. | test.cpp:64:29:64:29 | B | B | +| test.cpp:65:5:65:11 | getB | The trivial member function getB is not defined in the class body of $@. | test.cpp:2:7:2:7 | A | A | +| test.cpp:67:25:67:28 | d | The template member function d is not defined in the class body of $@. | test.cpp:2:7:2:7 | A | A | +| test.cpp:69:5:69:8 | b | The trivial member function b is not defined in the class body of $@. | test.cpp:2:7:2:7 | A | A | +| test.cpp:88:34:88:57 | complexCalculation | The template member function complexCalculation is not defined in the class body of $@. | test.cpp:71:29:71:29 | B | B | +| test.cpp:104:47:104:53 | d | The template member function d is not defined in the class body of $@. | test.cpp:71:29:71:29 | B | B | +| test.cpp:108:27:108:33 | b | The template member function b is not defined in the class body of $@. | test.cpp:71:29:71:29 | B | B | +| test.cpp:113:27:113:36 | getB | The template member function getB is not defined in the class body of $@. | test.cpp:71:29:71:29 | B | B | diff --git a/cpp/autosar/test/rules/A3-1-5/test.cpp b/cpp/autosar/test/rules/A3-1-5/test.cpp index 8ee1bab48e..eb1de61b51 100644 --- a/cpp/autosar/test/rules/A3-1-5/test.cpp +++ b/cpp/autosar/test/rules/A3-1-5/test.cpp @@ -28,6 +28,13 @@ class A { return a; int result = gcd(b, (a % b)); ; + ; + ; + ; + ; + ; + ; + ; return result; } @@ -131,5 +138,12 @@ int FooBar::f1(int a, int b) { // COMPLIANT not a trivial function return a; int result = FooBar::f1(b, (a % b)); ; + ; + ; + ; + ; + ; + ; + ; } } diff --git a/cpp/common/src/codingstandards/cpp/Class.qll b/cpp/common/src/codingstandards/cpp/Class.qll index 0bff03455e..418f027809 100644 --- a/cpp/common/src/codingstandards/cpp/Class.qll +++ b/cpp/common/src/codingstandards/cpp/Class.qll @@ -149,9 +149,7 @@ class IntrospectedMemberFunction extends MemberFunction { } predicate hasTrivialLength() { - this.getBlock().getLastStmt().getLocation().getStartLine() - - this.getBlock().getStmt(0).getLocation().getStartLine() <= 10 and - not exists(this.getBlock().getStmt(_).getChildStmt()) + this.getBlock().getLocation().getEndLine() - this.getBlock().getLocation().getStartLine() <= 10 } predicate isSetter() { From 87fa7c1c3d9bc079d46d045a182591c2347d7aaa Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Fri, 5 Jul 2024 19:49:48 +0200 Subject: [PATCH 1849/2573] STR34-C: Do not consider integer type aliases in templates --- .../CastCharBeforeConvertingToLargerSizes.ql | 21 +++++---------- ...CharBeforeConvertingToLargerSizes.expected | 21 --------------- ...astCharBeforeConvertingToLargerSizes.qlref | 1 - ...tCharBeforeConvertingToLargerSizes.testref | 1 + ...oreConvertingToLargerSizes_shared.expected | 21 +++++++++++++++ ...ertingToLargerSizes_shared.expected.clang} | 14 +++++----- ...nvertingToLargerSizes_shared.expected.gcc} | 12 ++++----- ...nvertingToLargerSizes_shared.expected.qcc} | 14 +++++----- ...harBeforeConvertingToLargerSizes_shared.ql | 4 +++ .../test.c | 2 ++ ...arBeforeConvertingToLargerSizes_shared.qll | 26 +++++++++++++++++++ ...oreConvertingToLargerSizes_shared.expected | 2 ++ ...harBeforeConvertingToLargerSizes_shared.ql | 4 +++ .../test.cpp | 17 ++++++++++++ rule_packages/c/Strings3.json | 1 + 15 files changed, 105 insertions(+), 56 deletions(-) delete mode 100644 c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.expected delete mode 100644 c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.qlref create mode 100644 c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.testref create mode 100644 c/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.expected rename c/{cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.expected.gcc => common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.expected.clang} (75%) rename c/{cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.expected.clang => common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.expected.gcc} (78%) rename c/{cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.expected.qcc => common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.expected.qcc} (75%) create mode 100644 c/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.ql rename c/{cert/test/rules/STR34-C => common/test/rules/castcharbeforeconvertingtolargersizes_shared}/test.c (95%) create mode 100644 cpp/common/src/codingstandards/cpp/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.qll create mode 100644 cpp/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.expected create mode 100644 cpp/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.ql create mode 100644 cpp/common/test/rules/castcharbeforeconvertingtolargersizes_shared/test.cpp diff --git a/c/cert/src/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.ql b/c/cert/src/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.ql index b0d4088f9f..1f2af0b588 100644 --- a/c/cert/src/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.ql +++ b/c/cert/src/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.ql @@ -14,18 +14,11 @@ import cpp import codingstandards.c.cert -import semmle.code.cpp.commons.CommonType +import codingstandards.cpp.rules.castcharbeforeconvertingtolargersizes_shared.CastCharBeforeConvertingToLargerSizes_shared -from Cast c -where - not isExcluded(c, Strings3Package::castCharBeforeConvertingToLargerSizesQuery()) and - // find cases where there is a conversion happening wherein the - // base type is a char - c.getExpr().getType() instanceof CharType and - not c.getExpr().getType() instanceof UnsignedCharType and - // it's a bigger type - c.getType().getSize() > c.getExpr().getType().getSize() and - // and it's some kind of integer type - c.getType() instanceof IntegralType -select c.getExpr(), - "Expression not converted to `unsigned char` before converting to a larger integer type." +class CastCharBeforeConvertingToLargerSizesQuery extends CastCharBeforeConvertingToLargerSizes_sharedSharedQuery +{ + CastCharBeforeConvertingToLargerSizesQuery() { + this = Strings3Package::castCharBeforeConvertingToLargerSizesQuery() + } +} diff --git a/c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.expected b/c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.expected deleted file mode 100644 index 1c6424dc0c..0000000000 --- a/c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.expected +++ /dev/null @@ -1,21 +0,0 @@ -| test.c:7:7:7:14 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. | -| test.c:28:11:28:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. | -| test.c:29:3:29:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | -| test.c:29:11:29:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. | -| test.c:31:11:31:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. | -| test.c:32:11:32:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. | -| test.c:33:3:33:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | -| test.c:33:11:33:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. | -| test.c:34:3:34:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | -| test.c:34:11:34:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. | -| test.c:35:3:35:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | -| test.c:35:11:35:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. | -| test.c:36:3:36:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | -| test.c:36:11:36:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. | -| test.c:37:11:37:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. | -| test.c:38:11:38:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. | -| test.c:39:3:39:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | -| test.c:39:11:39:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. | -| test.c:40:12:40:13 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. | -| test.c:42:11:42:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. | -| test.c:43:11:43:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. | diff --git a/c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.qlref b/c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.qlref deleted file mode 100644 index 379d3b3f68..0000000000 --- a/c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/STR34-C/CastCharBeforeConvertingToLargerSizes.ql \ No newline at end of file diff --git a/c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.testref b/c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.testref new file mode 100644 index 0000000000..fefb98580c --- /dev/null +++ b/c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.testref @@ -0,0 +1 @@ +c/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.ql \ No newline at end of file diff --git a/c/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.expected b/c/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.expected new file mode 100644 index 0000000000..c318f791e9 --- /dev/null +++ b/c/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.expected @@ -0,0 +1,21 @@ +| test.c:9:7:9:14 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:30:11:30:12 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:31:3:31:13 | (unsigned int)... | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:31:11:31:12 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:33:11:33:12 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:34:11:34:12 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:35:3:35:13 | (unsigned int)... | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:35:11:35:12 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:36:3:36:13 | (unsigned int)... | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:36:11:36:12 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:37:3:37:13 | (unsigned int)... | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:37:11:37:12 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:38:3:38:13 | (unsigned int)... | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:38:11:38:12 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:39:11:39:12 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:40:11:40:12 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:41:3:41:13 | (unsigned int)... | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:41:11:41:12 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:42:12:42:13 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:44:11:44:12 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:45:11:45:12 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. | diff --git a/c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.expected.gcc b/c/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.expected.clang similarity index 75% rename from c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.expected.gcc rename to c/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.expected.clang index 1cf143a196..0378c8a6b5 100644 --- a/c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.expected.gcc +++ b/c/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.expected.clang @@ -1,8 +1,6 @@ -| test.c:7:7:7:14 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. | -| test.c:28:3:28:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | -| test.c:29:3:29:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:9:7:9:14 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:30:3:30:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | | test.c:31:3:31:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | -| test.c:32:3:32:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | | test.c:33:3:33:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | | test.c:34:3:34:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | | test.c:35:3:35:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | @@ -10,6 +8,8 @@ | test.c:37:3:37:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | | test.c:38:3:38:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | | test.c:39:3:39:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | -| test.c:40:3:40:14 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | -| test.c:42:11:42:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. | -| test.c:43:11:43:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:40:3:40:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:41:3:41:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:42:3:42:14 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:44:11:44:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:45:11:45:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. | diff --git a/c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.expected.clang b/c/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.expected.gcc similarity index 78% rename from c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.expected.clang rename to c/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.expected.gcc index 1cf143a196..f729c9e42d 100644 --- a/c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.expected.clang +++ b/c/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.expected.gcc @@ -1,8 +1,6 @@ -| test.c:7:7:7:14 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. | -| test.c:28:3:28:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | -| test.c:29:3:29:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:9:7:9:14 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:30:3:30:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | | test.c:31:3:31:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | -| test.c:32:3:32:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | | test.c:33:3:33:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | | test.c:34:3:34:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | | test.c:35:3:35:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | @@ -10,6 +8,8 @@ | test.c:37:3:37:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | | test.c:38:3:38:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | | test.c:39:3:39:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | -| test.c:40:3:40:14 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | -| test.c:42:11:42:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:40:3:40:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:41:3:41:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:42:3:42:14 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | | test.c:43:11:43:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:44:11:44:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. | diff --git a/c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.expected.qcc b/c/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.expected.qcc similarity index 75% rename from c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.expected.qcc rename to c/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.expected.qcc index fec6522014..551423495c 100644 --- a/c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.expected.qcc +++ b/c/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.expected.qcc @@ -1,8 +1,6 @@ -| test.c:7:7:7:14 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. | -| test.c:28:3:28:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | -| test.c:29:3:29:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:9:7:9:14 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:30:3:30:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | | test.c:31:3:31:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | -| test.c:32:3:32:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | | test.c:33:3:33:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | | test.c:34:3:34:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | | test.c:35:3:35:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | @@ -10,6 +8,8 @@ | test.c:37:3:37:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | | test.c:38:3:38:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | | test.c:39:3:39:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | -| test.c:40:3:40:14 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | -| test.c:42:3:42:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | -| test.c:43:3:43:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:40:3:40:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:41:3:41:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:42:3:42:14 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:44:3:44:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:45:3:45:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | diff --git a/c/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.ql b/c/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.ql new file mode 100644 index 0000000000..2aceff89c0 --- /dev/null +++ b/c/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.castcharbeforeconvertingtolargersizes_shared.CastCharBeforeConvertingToLargerSizes_shared + +class TestFileQuery extends CastCharBeforeConvertingToLargerSizes_sharedSharedQuery, TestQuery { } diff --git a/c/cert/test/rules/STR34-C/test.c b/c/common/test/rules/castcharbeforeconvertingtolargersizes_shared/test.c similarity index 95% rename from c/cert/test/rules/STR34-C/test.c rename to c/common/test/rules/castcharbeforeconvertingtolargersizes_shared/test.c index d4bd825c8e..8865e477fb 100644 --- a/c/cert/test/rules/STR34-C/test.c +++ b/c/common/test/rules/castcharbeforeconvertingtolargersizes_shared/test.c @@ -1,3 +1,5 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. #include #include diff --git a/cpp/common/src/codingstandards/cpp/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.qll b/cpp/common/src/codingstandards/cpp/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.qll new file mode 100644 index 0000000000..3ef9033910 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.qll @@ -0,0 +1,26 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class CastCharBeforeConvertingToLargerSizes_sharedSharedQuery extends Query { } + +Query getQuery() { result instanceof CastCharBeforeConvertingToLargerSizes_sharedSharedQuery } + +query predicate problems(Cast c, string message) { + not isExcluded(c, getQuery()) and + // find cases where there is a conversion happening wherein the + // base type is a char + c.getExpr().getType() instanceof CharType and + not c.getExpr().getType() instanceof UnsignedCharType and + // it's a bigger type + c.getType().getSize() > c.getExpr().getType().getSize() and + // and it's some kind of integer type + c.getType().getUnderlyingType() instanceof IntegralType and + not c.isFromTemplateInstantiation(_) and + message = + "Expression not converted to `unsigned char` before converting to a larger integer type." +} diff --git a/cpp/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.expected b/cpp/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.expected new file mode 100644 index 0000000000..886d03ddac --- /dev/null +++ b/cpp/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.expected @@ -0,0 +1,2 @@ +| test.cpp:11:9:11:9 | (int32_t)... | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.cpp:12:41:12:41 | (signed int)... | Expression not converted to `unsigned char` before converting to a larger integer type. | diff --git a/cpp/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.ql b/cpp/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.ql new file mode 100644 index 0000000000..2aceff89c0 --- /dev/null +++ b/cpp/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.castcharbeforeconvertingtolargersizes_shared.CastCharBeforeConvertingToLargerSizes_shared + +class TestFileQuery extends CastCharBeforeConvertingToLargerSizes_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/castcharbeforeconvertingtolargersizes_shared/test.cpp b/cpp/common/test/rules/castcharbeforeconvertingtolargersizes_shared/test.cpp new file mode 100644 index 0000000000..4e5d90e714 --- /dev/null +++ b/cpp/common/test/rules/castcharbeforeconvertingtolargersizes_shared/test.cpp @@ -0,0 +1,17 @@ +// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C TEST CASE AND +// CHANGES SHOULD BE REFLECTED THERE AS WELL. +#include + +template S get(T t) { + S s = t; // COMPLIANT + return s; +} + +void test(std::int32_t i32, std::int8_t i8, char c) { + i32 = c; // NON_COMPLIANT + i32 = get(c); // NON_COMPLIANT + i32 = get(c); // COMPLIANT + i32 = i8; // COMPLIANT + i32 = get(i8); // COMPLIANT + i32 = get(i8); // COMPLIANT +} diff --git a/rule_packages/c/Strings3.json b/rule_packages/c/Strings3.json index 9456f4b422..b0131fb55b 100644 --- a/rule_packages/c/Strings3.json +++ b/rule_packages/c/Strings3.json @@ -12,6 +12,7 @@ "precision": "very-high", "severity": "error", "short_name": "CastCharBeforeConvertingToLargerSizes", + "shared_implementation_short_name": "CastCharBeforeConvertingToLargerSizes_shared", "tags": [ "correctness", "security" From dc6bed13a81d6956856ce1c58b9aee12f3d31ab3 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Fri, 5 Jul 2024 20:00:09 +0200 Subject: [PATCH 1850/2573] Add change notes --- change_notes/2024-07-05-fix-fp-576-STR34-C.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 change_notes/2024-07-05-fix-fp-576-STR34-C.md diff --git a/change_notes/2024-07-05-fix-fp-576-STR34-C.md b/change_notes/2024-07-05-fix-fp-576-STR34-C.md new file mode 100644 index 0000000000..340d8f4288 --- /dev/null +++ b/change_notes/2024-07-05-fix-fp-576-STR34-C.md @@ -0,0 +1,2 @@ +- `STR34-C` - `CastCharBeforeConvertingToLargerSizes.ql`: + - Fixes #576. Do not consider integer type aliases in templates. \ No newline at end of file From 652356be07f26877fd9bae81bb658b56ec24c34d Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Fri, 5 Jul 2024 14:20:38 -0400 Subject: [PATCH 1851/2573] A7-1-1: improve template handling --- change_notes/2024-07-05-fix-fp-621-A7-1-1.md | 2 ++ .../DeclarationUnmodifiedObjectMissingConstSpecifier.ql | 4 +++- cpp/autosar/test/rules/A7-1-1/test.cpp | 9 ++++++++- 3 files changed, 13 insertions(+), 2 deletions(-) create mode 100644 change_notes/2024-07-05-fix-fp-621-A7-1-1.md diff --git a/change_notes/2024-07-05-fix-fp-621-A7-1-1.md b/change_notes/2024-07-05-fix-fp-621-A7-1-1.md new file mode 100644 index 0000000000..1295619cbf --- /dev/null +++ b/change_notes/2024-07-05-fix-fp-621-A7-1-1.md @@ -0,0 +1,2 @@ +- `A7-1-1` - `DeclarationUnmodifiedObjectMissingConstSpecifier.ql`: + - Fixes #621. Exclude template instantiations that come from constexpr templates. \ No newline at end of file diff --git a/cpp/autosar/src/rules/A7-1-1/DeclarationUnmodifiedObjectMissingConstSpecifier.ql b/cpp/autosar/src/rules/A7-1-1/DeclarationUnmodifiedObjectMissingConstSpecifier.ql index ff7d7e4e27..ff07bcbdb2 100644 --- a/cpp/autosar/src/rules/A7-1-1/DeclarationUnmodifiedObjectMissingConstSpecifier.ql +++ b/cpp/autosar/src/rules/A7-1-1/DeclarationUnmodifiedObjectMissingConstSpecifier.ql @@ -37,5 +37,7 @@ where ) and not exists(LambdaExpression lc | lc.getACapture().getField() = v) and not v.isFromUninstantiatedTemplate(_) and - not v.isCompilerGenerated() + not v.isCompilerGenerated() and + //if the instantiation is not constexpr but the template is, still exclude it as a candidate + not exists(TemplateVariable b | b.getAnInstantiation() = v and b.isConstexpr()) select v, "Non-constant variable " + v.getName() + cond + " and is not modified." diff --git a/cpp/autosar/test/rules/A7-1-1/test.cpp b/cpp/autosar/test/rules/A7-1-1/test.cpp index 745c6719b1..7895fd950f 100644 --- a/cpp/autosar/test/rules/A7-1-1/test.cpp +++ b/cpp/autosar/test/rules/A7-1-1/test.cpp @@ -76,4 +76,11 @@ int main(int, char **) noexcept { new A7_1_1b(0); (new Issue18)->F(0); -} \ No newline at end of file +} + +template extern constexpr bool recurse_var = true; // COMPLIANT + +template +extern constexpr bool recurse_var = B1 &&recurse_var; + +void fp_621() { recurse_var; } \ No newline at end of file From 2644ca41e09f2227330dadc0862892b88a636ac5 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 10 Jul 2024 17:06:40 -0400 Subject: [PATCH 1852/2573] M0-2-1: make into split and shared query moved some libraries to allow for use in shared query --- ...otAddOrSubtractAScaledIntegerToAPointer.ql | 2 +- ...sAliasedPointerToRestrictQualifiedParam.ql | 178 +--------------- ...iasedPointerToRestrictQualifiedParam.qlref | 1 - ...sedPointerToRestrictQualifiedParam.testref | 1 + .../src/codingstandards/c/OutOfBounds.qll | 2 +- c/common/src/codingstandards/c/Variable.qll | 14 -- ...rToRestrictQualifiedParam_Shared.expected} | 0 ...dPointerToRestrictQualifiedParam_Shared.ql | 6 + .../test.c | 0 ...rsionBetweenFunctionPointerAndOtherType.ql | 2 +- ...etweenIncompleteTypePointerAndOtherType.ql | 2 +- ...weenObjectPointerAndDifferentObjectType.ql | 2 +- ...ionBetweenPointerToObjectAndIntegerType.ql | 2 +- ...ionFromPointerToVoidIntoPointerToObject.ql | 2 +- ...stBetweenPointerToVoidAndArithmeticType.ql | 2 +- ...nPointerToObjectAndNonIntArithmeticType.ql | 2 +- ...NullNotUsedAsIntegerNullPointerConstant.ql | 2 +- ...veMemcmpArgNotPointersToCompatibleTypes.ql | 2 +- ...interShouldPointToConstTypeWhenPossible.ql | 2 +- ...sAliasedPointerToRestrictQualifiedParam.ql | 24 +++ ...sedPointerToRestrictQualifiedParam.testref | 1 + cpp/autosar/test/rules/M0-2-1/test.cpp | 2 +- .../src/codingstandards/cpp}/Pointers.qll | 0 .../src/codingstandards/cpp/Variable.qll | 14 ++ .../cpp/exclusions/cpp/Representation.qll | 17 ++ ...PointerToRestrictQualifiedParam_Shared.qll | 193 ++++++++++++++++++ ...erToRestrictQualifiedParam_Shared.expected | 2 + ...dPointerToRestrictQualifiedParam_Shared.ql | 6 + .../test.cpp | 10 + rule_packages/c/Pointers3.json | 1 + rule_packages/cpp/Representation.json | 12 ++ 31 files changed, 306 insertions(+), 200 deletions(-) delete mode 100644 c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.qlref create mode 100644 c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.testref rename c/{cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.expected => common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.expected} (100%) create mode 100644 c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.ql rename c/{cert/test/rules/EXP43-C => common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared}/test.c (100%) create mode 100644 cpp/autosar/src/rules/M0-2-1/DoNotPassAliasedPointerToRestrictQualifiedParam.ql create mode 100644 cpp/autosar/test/rules/M0-2-1/DoNotPassAliasedPointerToRestrictQualifiedParam.testref rename {c/common/src/codingstandards/c => cpp/common/src/codingstandards/cpp}/Pointers.qll (100%) create mode 100644 cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.qll create mode 100644 cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.expected create mode 100644 cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.ql create mode 100644 cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/test.cpp diff --git a/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql b/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql index c641c17124..ff1517c5b1 100644 --- a/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql +++ b/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.cert -import codingstandards.c.Pointers +import codingstandards.cpp.Pointers import codingstandards.cpp.dataflow.TaintTracking import ScaledIntegerPointerArithmeticFlow::PathGraph diff --git a/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql b/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql index a4cc4e8944..393967c66e 100644 --- a/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql +++ b/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql @@ -12,177 +12,11 @@ import cpp import codingstandards.c.cert -import codingstandards.c.Pointers -import codingstandards.c.Variable -import codingstandards.cpp.dataflow.DataFlow -import semmle.code.cpp.pointsto.PointsTo -import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis +import codingstandards.cpp.rules.donotpassaliasedpointertorestrictqualifiedparam_shared.DoNotPassAliasedPointerToRestrictQualifiedParam_Shared -/** - * A function that has a parameter with a restrict-qualified pointer type. - */ -class FunctionWithRestrictParameters extends Function { - Parameter restrictPtrParam; - - FunctionWithRestrictParameters() { - restrictPtrParam.getUnspecifiedType() instanceof PointerOrArrayType and - ( - restrictPtrParam.getType().hasSpecifier(["restrict"]) and - restrictPtrParam = this.getAParameter() - or - this.hasGlobalName(["strcpy", "strncpy", "strcat", "strncat", "memcpy"]) and - restrictPtrParam = this.getParameter([0, 1]) - or - this.hasGlobalName(["strcpy_s", "strncpy_s", "strcat_s", "strncat_s", "memcpy_s"]) and - restrictPtrParam = this.getParameter([0, 2]) - or - this.hasGlobalName(["strtok_s"]) and - restrictPtrParam = this.getAParameter() - or - this.hasGlobalName(["printf", "printf_s", "scanf", "scanf_s"]) and - restrictPtrParam = this.getParameter(0) - or - this.hasGlobalName(["sprintf", "sprintf_s", "snprintf", "snprintf_s"]) and - restrictPtrParam = this.getParameter(3) - ) - } - - Parameter getARestrictPtrParam() { result = restrictPtrParam } -} - -/** - * A call to a function that has a parameter with a restrict-qualified pointer type. - */ -class CallToFunctionWithRestrictParameters extends FunctionCall { - CallToFunctionWithRestrictParameters() { - this.getTarget() instanceof FunctionWithRestrictParameters +class DoNotPassAliasedPointerToRestrictQualifiedParamQuery extends DoNotPassAliasedPointerToRestrictQualifiedParam_SharedSharedQuery +{ + DoNotPassAliasedPointerToRestrictQualifiedParamQuery() { + this = Pointers3Package::doNotPassAliasedPointerToRestrictQualifiedParamQuery() } - - Expr getARestrictPtrArg() { - result = - this.getArgument(this.getTarget() - .(FunctionWithRestrictParameters) - .getARestrictPtrParam() - .getIndex()) - } - - Expr getAPtrArg(int index) { - result = this.getArgument(index) and - pointerValue(result) - } - - Expr getAPossibleSizeArg() { - exists(Parameter param | - param = this.getTarget().(FunctionWithRestrictParameters).getAParameter() and - param.getUnderlyingType() instanceof IntegralType and - // exclude __builtin_object_size - not result.(FunctionCall).getTarget() instanceof BuiltInFunction and - result = this.getArgument(param.getIndex()) - ) - } -} - -/** - * A `PointsToExpr` that is an argument of a pointer-type in a `CallToFunctionWithRestrictParameters` - */ -class CallToFunctionWithRestrictParametersArgExpr extends Expr { - int paramIndex; - - CallToFunctionWithRestrictParametersArgExpr() { - this = any(CallToFunctionWithRestrictParameters call).getAPtrArg(paramIndex) - } - - int getParamIndex() { result = paramIndex } -} - -int getStatedValue(Expr e) { - // `upperBound(e)` defaults to `exprMaxVal(e)` when `e` isn't analyzable. So to get a meaningful - // result in this case we pick the minimum value obtainable from dataflow and range analysis. - result = - upperBound(e) - .minimum(min(Expr source | DataFlow::localExprFlow(source, e) | source.getValue().toInt())) -} - -int getPointerArithmeticOperandStatedValue(CallToFunctionWithRestrictParametersArgExpr expr) { - result = getStatedValue(expr.(PointerArithmeticExpr).getOperand()) - or - // edge-case: &(array[index]) expressions - result = getStatedValue(expr.(AddressOfExpr).getOperand().(PointerArithmeticExpr).getOperand()) - or - // fall-back if `expr` is not a pointer arithmetic expression - not expr instanceof PointerArithmeticExpr and - not expr.(AddressOfExpr).getOperand() instanceof PointerArithmeticExpr and - result = 0 -} - -module PointerValueToRestrictArgConfig implements DataFlow::ConfigSig { - predicate isSource(DataFlow::Node source) { pointerValue(source.asExpr()) } - - predicate isSink(DataFlow::Node sink) { - exists(CallToFunctionWithRestrictParameters call | - sink.asExpr() = call.getAPtrArg(_).getAChild*() - ) - } - - predicate isBarrierIn(DataFlow::Node node) { - exists(AddressOfExpr a | node.asExpr() = a.getOperand().getAChild*()) - } -} - -module PointerValueToRestrictArgFlow = DataFlow::Global; - -from - CallToFunctionWithRestrictParameters call, CallToFunctionWithRestrictParametersArgExpr arg1, - CallToFunctionWithRestrictParametersArgExpr arg2, int argOffset1, int argOffset2, Expr source1, - Expr source2, string sourceMessage1, string sourceMessage2 -where - not isExcluded(call, Pointers3Package::doNotPassAliasedPointerToRestrictQualifiedParamQuery()) and - arg1 = call.getARestrictPtrArg() and - arg2 = call.getAPtrArg(_) and - // enforce ordering to remove permutations if multiple restrict-qualified args exist - (not arg2 = call.getARestrictPtrArg() or arg2.getParamIndex() > arg1.getParamIndex()) and - ( - // check if two pointers address the same object - PointerValueToRestrictArgFlow::flow(DataFlow::exprNode(source1), - DataFlow::exprNode(arg1.getAChild*())) and - ( - // one pointer value flows to both args - PointerValueToRestrictArgFlow::flow(DataFlow::exprNode(source1), - DataFlow::exprNode(arg2.getAChild*())) and - sourceMessage1 = "$@" and - sourceMessage2 = "source" and - source1 = source2 - or - // there are two separate values that flow from an AddressOfExpr of the same target - getAddressOfExprTargetBase(source1) = getAddressOfExprTargetBase(source2) and - PointerValueToRestrictArgFlow::flow(DataFlow::exprNode(source2), - DataFlow::exprNode(arg2.getAChild*())) and - sourceMessage1 = "a pair of address-of expressions ($@, $@)" and - sourceMessage2 = "addressof1" and - not source1 = source2 - ) - ) and - // get the offset of the pointer arithmetic operand (or '0' if there is none) - argOffset1 = getPointerArithmeticOperandStatedValue(arg1) and - argOffset2 = getPointerArithmeticOperandStatedValue(arg2) and - ( - // case 1: the pointer args are the same. - // (definite aliasing) - argOffset1 = argOffset2 - or - // case 2: the pointer args are different, a size arg exists, - // and the size arg is greater than the difference between the offsets. - // (potential aliasing) - exists(Expr sizeArg | - sizeArg = call.getAPossibleSizeArg() and - getStatedValue(sizeArg) > (argOffset1 - argOffset2).abs() - ) - or - // case 3: the pointer args are different, and a size arg does not exist - // (potential aliasing) - not exists(call.getAPossibleSizeArg()) - ) -select call, - "Call to '" + call.getTarget().getName() + "' passes an $@ to a $@ (pointer value derived from " + - sourceMessage1 + ".", arg2, "aliased pointer", arg1, "restrict-qualified parameter", source1, - sourceMessage2, source2, "addressof2" +} \ No newline at end of file diff --git a/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.qlref b/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.qlref deleted file mode 100644 index 6121235f17..0000000000 --- a/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql \ No newline at end of file diff --git a/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.testref b/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.testref new file mode 100644 index 0000000000..66f173804a --- /dev/null +++ b/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.testref @@ -0,0 +1 @@ +c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.ql \ No newline at end of file diff --git a/c/common/src/codingstandards/c/OutOfBounds.qll b/c/common/src/codingstandards/c/OutOfBounds.qll index 87c7c17870..21255827dd 100644 --- a/c/common/src/codingstandards/c/OutOfBounds.qll +++ b/c/common/src/codingstandards/c/OutOfBounds.qll @@ -5,7 +5,7 @@ */ import cpp -import codingstandards.c.Pointers +import codingstandards.cpp.Pointers import codingstandards.c.Variable import codingstandards.cpp.Allocations import codingstandards.cpp.Overflow diff --git a/c/common/src/codingstandards/c/Variable.qll b/c/common/src/codingstandards/c/Variable.qll index adf2f08ad9..09d86e0e25 100644 --- a/c/common/src/codingstandards/c/Variable.qll +++ b/c/common/src/codingstandards/c/Variable.qll @@ -39,20 +39,6 @@ class FlexibleArrayMemberCandidate extends MemberVariable { } } -/** - * Returns the target variable of a `VariableAccess`. - * If the access is a field access, then the target is the `Variable` of the qualifier. - * If the access is an array access, then the target is the array base. - */ -Variable getAddressOfExprTargetBase(AddressOfExpr expr) { - result = expr.getOperand().(ValueFieldAccess).getQualifier().(VariableAccess).getTarget() - or - not expr.getOperand() instanceof ValueFieldAccess and - result = expr.getOperand().(VariableAccess).getTarget() - or - result = expr.getOperand().(ArrayExpr).getArrayBase().(VariableAccess).getTarget() -} - /** * A struct that contains a flexible array member */ diff --git a/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.expected b/c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.expected similarity index 100% rename from c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.expected rename to c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.expected diff --git a/c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.ql b/c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.ql new file mode 100644 index 0000000000..ebdb62c802 --- /dev/null +++ b/c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.ql @@ -0,0 +1,6 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.donotpassaliasedpointertorestrictqualifiedparam_shared.DoNotPassAliasedPointerToRestrictQualifiedParam_Shared + +class TestFileQuery extends DoNotPassAliasedPointerToRestrictQualifiedParam_SharedSharedQuery, + TestQuery +{ } diff --git a/c/cert/test/rules/EXP43-C/test.c b/c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/test.c similarity index 100% rename from c/cert/test/rules/EXP43-C/test.c rename to c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/test.c diff --git a/c/misra/src/rules/RULE-11-1/ConversionBetweenFunctionPointerAndOtherType.ql b/c/misra/src/rules/RULE-11-1/ConversionBetweenFunctionPointerAndOtherType.ql index bfac04da6f..acb5480e4f 100644 --- a/c/misra/src/rules/RULE-11-1/ConversionBetweenFunctionPointerAndOtherType.ql +++ b/c/misra/src/rules/RULE-11-1/ConversionBetweenFunctionPointerAndOtherType.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.misra -import codingstandards.c.Pointers +import codingstandards.cpp.Pointers from CStyleCast cast, Type type, Type newType where diff --git a/c/misra/src/rules/RULE-11-2/ConversionBetweenIncompleteTypePointerAndOtherType.ql b/c/misra/src/rules/RULE-11-2/ConversionBetweenIncompleteTypePointerAndOtherType.ql index 007b43963b..43ee303415 100644 --- a/c/misra/src/rules/RULE-11-2/ConversionBetweenIncompleteTypePointerAndOtherType.ql +++ b/c/misra/src/rules/RULE-11-2/ConversionBetweenIncompleteTypePointerAndOtherType.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.misra -import codingstandards.c.Pointers +import codingstandards.cpp.Pointers import codingstandards.cpp.Type from Cast cast, Type type, Type newType diff --git a/c/misra/src/rules/RULE-11-3/CastBetweenObjectPointerAndDifferentObjectType.ql b/c/misra/src/rules/RULE-11-3/CastBetweenObjectPointerAndDifferentObjectType.ql index ede0a2834e..59674e11ac 100644 --- a/c/misra/src/rules/RULE-11-3/CastBetweenObjectPointerAndDifferentObjectType.ql +++ b/c/misra/src/rules/RULE-11-3/CastBetweenObjectPointerAndDifferentObjectType.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.c.misra -import codingstandards.c.Pointers +import codingstandards.cpp.Pointers from CStyleCast cast, Type baseTypeFrom, Type baseTypeTo where diff --git a/c/misra/src/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.ql b/c/misra/src/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.ql index 263545dc1f..fa4da7e358 100644 --- a/c/misra/src/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.ql +++ b/c/misra/src/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.misra -import codingstandards.c.Pointers +import codingstandards.cpp.Pointers from CStyleCast cast, Type typeFrom, Type typeTo where diff --git a/c/misra/src/rules/RULE-11-5/ConversionFromPointerToVoidIntoPointerToObject.ql b/c/misra/src/rules/RULE-11-5/ConversionFromPointerToVoidIntoPointerToObject.ql index 3450f1ae90..69419e13cd 100644 --- a/c/misra/src/rules/RULE-11-5/ConversionFromPointerToVoidIntoPointerToObject.ql +++ b/c/misra/src/rules/RULE-11-5/ConversionFromPointerToVoidIntoPointerToObject.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.misra -import codingstandards.c.Pointers +import codingstandards.cpp.Pointers from Cast cast, VoidPointerType type, PointerToObjectType newType where diff --git a/c/misra/src/rules/RULE-11-6/CastBetweenPointerToVoidAndArithmeticType.ql b/c/misra/src/rules/RULE-11-6/CastBetweenPointerToVoidAndArithmeticType.ql index b36d8dafb1..987d8a32bb 100644 --- a/c/misra/src/rules/RULE-11-6/CastBetweenPointerToVoidAndArithmeticType.ql +++ b/c/misra/src/rules/RULE-11-6/CastBetweenPointerToVoidAndArithmeticType.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.misra -import codingstandards.c.Pointers +import codingstandards.cpp.Pointers from CStyleCast cast, Type typeFrom, Type typeTo where diff --git a/c/misra/src/rules/RULE-11-7/CastBetweenPointerToObjectAndNonIntArithmeticType.ql b/c/misra/src/rules/RULE-11-7/CastBetweenPointerToObjectAndNonIntArithmeticType.ql index 30b643963c..f898998d32 100644 --- a/c/misra/src/rules/RULE-11-7/CastBetweenPointerToObjectAndNonIntArithmeticType.ql +++ b/c/misra/src/rules/RULE-11-7/CastBetweenPointerToObjectAndNonIntArithmeticType.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.misra -import codingstandards.c.Pointers +import codingstandards.cpp.Pointers class MisraNonIntegerArithmeticType extends Type { MisraNonIntegerArithmeticType() { diff --git a/c/misra/src/rules/RULE-11-9/MacroNullNotUsedAsIntegerNullPointerConstant.ql b/c/misra/src/rules/RULE-11-9/MacroNullNotUsedAsIntegerNullPointerConstant.ql index 81ea8b1dfd..b002ceb4c2 100644 --- a/c/misra/src/rules/RULE-11-9/MacroNullNotUsedAsIntegerNullPointerConstant.ql +++ b/c/misra/src/rules/RULE-11-9/MacroNullNotUsedAsIntegerNullPointerConstant.ql @@ -12,7 +12,7 @@ import cpp import codingstandards.c.misra -import codingstandards.c.Pointers +import codingstandards.cpp.Pointers import codingstandards.cpp.Type from Zero zero, Expr e, string type diff --git a/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql b/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql index 2c585d8f10..956fc5383e 100644 --- a/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql +++ b/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql @@ -12,7 +12,7 @@ import cpp import codingstandards.c.misra -import codingstandards.c.Pointers +import codingstandards.cpp.Pointers class MemCmpMoveCpy extends Function { // Couldn't extend BuiltInFunction because it misses `memcmp` diff --git a/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql b/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql index 5e63e74e2c..48bd9967b2 100644 --- a/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql +++ b/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql @@ -15,7 +15,7 @@ import cpp import codingstandards.c.misra -import codingstandards.c.Pointers +import codingstandards.cpp.Pointers import codingstandards.cpp.SideEffect from Variable ptr, PointerOrArrayType type diff --git a/cpp/autosar/src/rules/M0-2-1/DoNotPassAliasedPointerToRestrictQualifiedParam.ql b/cpp/autosar/src/rules/M0-2-1/DoNotPassAliasedPointerToRestrictQualifiedParam.ql new file mode 100644 index 0000000000..f337b2ecc1 --- /dev/null +++ b/cpp/autosar/src/rules/M0-2-1/DoNotPassAliasedPointerToRestrictQualifiedParam.ql @@ -0,0 +1,24 @@ +/** + * @id cpp/autosar/do-not-pass-aliased-pointer-to-restrict-qualified-param + * @name M0-2-1: Do not pass aliased pointers as parameters of functions where it is undefined behaviour for those pointers to overlap + * @description Passing an aliased pointer to a conceptually restrict-qualified parameter is + * undefined behavior. + * @kind problem + * @precision medium + * @problem.severity error + * @tags external/autosar/id/m0-2-1 + * correctness + * external/autosar/allocated-target/implementation + * external/autosar/enforcement/automated + * external/autosar/obligation/required + */ + +import cpp +import codingstandards.cpp.autosar +import codingstandards.cpp.rules.donotpassaliasedpointertorestrictqualifiedparam_shared.DoNotPassAliasedPointerToRestrictQualifiedParam_Shared + +class DoNotPassAliasedPointerToRestrictQualifiedParamQuery extends DoNotPassAliasedPointerToRestrictQualifiedParam_SharedSharedQuery { + DoNotPassAliasedPointerToRestrictQualifiedParamQuery() { + this = RepresentationPackage::doNotPassAliasedPointerToRestrictQualifiedParamQuery() + } +} diff --git a/cpp/autosar/test/rules/M0-2-1/DoNotPassAliasedPointerToRestrictQualifiedParam.testref b/cpp/autosar/test/rules/M0-2-1/DoNotPassAliasedPointerToRestrictQualifiedParam.testref new file mode 100644 index 0000000000..31ba6a98ba --- /dev/null +++ b/cpp/autosar/test/rules/M0-2-1/DoNotPassAliasedPointerToRestrictQualifiedParam.testref @@ -0,0 +1 @@ +cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M0-2-1/test.cpp b/cpp/autosar/test/rules/M0-2-1/test.cpp index e5848e2752..3329f12824 100644 --- a/cpp/autosar/test/rules/M0-2-1/test.cpp +++ b/cpp/autosar/test/rules/M0-2-1/test.cpp @@ -51,4 +51,4 @@ void internal_shift() { void separate_access() { UnionSecret_t hash1, hash2; hash2.diff.suffix = hash1.fnv.suffix; // COMPLIANT, different union. -} \ No newline at end of file +} diff --git a/c/common/src/codingstandards/c/Pointers.qll b/cpp/common/src/codingstandards/cpp/Pointers.qll similarity index 100% rename from c/common/src/codingstandards/c/Pointers.qll rename to cpp/common/src/codingstandards/cpp/Pointers.qll diff --git a/cpp/common/src/codingstandards/cpp/Variable.qll b/cpp/common/src/codingstandards/cpp/Variable.qll index dba7af480a..9cf265ca93 100644 --- a/cpp/common/src/codingstandards/cpp/Variable.qll +++ b/cpp/common/src/codingstandards/cpp/Variable.qll @@ -5,3 +5,17 @@ import semmle.code.cpp.PODType03 class ScalarVariable extends Variable { ScalarVariable() { isScalarType03(this.getType()) } } + +/** + * Returns the target variable of a `VariableAccess`. + * If the access is a field access, then the target is the `Variable` of the qualifier. + * If the access is an array access, then the target is the array base. + */ +Variable getAddressOfExprTargetBase(AddressOfExpr expr) { + result = expr.getOperand().(ValueFieldAccess).getQualifier().(VariableAccess).getTarget() + or + not expr.getOperand() instanceof ValueFieldAccess and + result = expr.getOperand().(VariableAccess).getTarget() + or + result = expr.getOperand().(ArrayExpr).getArrayBase().(VariableAccess).getTarget() +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Representation.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Representation.qll index a423cfd4ff..ac41c1049a 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Representation.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Representation.qll @@ -7,6 +7,7 @@ newtype RepresentationQuery = TBitFieldsShallBeUsedOnlyWhenInterfacingToHardwareOrConformingToCommunicationProtocolsQuery() or TAuditPossibleHardwareInterfaceDueToBitFieldUsageInDataTypeDefinitionQuery() or TObjectAssignedToAnOverlappingObjectQuery() or + TDoNotPassAliasedPointerToRestrictQualifiedParamQuery() or TUnderlyingBitRepresentationsOfFloatingPointValuesUsedQuery() or TNamedBitFieldsWithSignedIntegerTypeShallHaveALengthOfMoreThanOneBitQuery() or TMemsetUsedToAccessObjectRepresentationQuery() or @@ -41,6 +42,15 @@ predicate isRepresentationQueryMetadata(Query query, string queryId, string rule ruleId = "M0-2-1" and category = "required" or + query = + // `Query` instance for the `doNotPassAliasedPointerToRestrictQualifiedParam` query + RepresentationPackage::doNotPassAliasedPointerToRestrictQualifiedParamQuery() and + queryId = + // `@id` for the `doNotPassAliasedPointerToRestrictQualifiedParam` query + "cpp/autosar/do-not-pass-aliased-pointer-to-restrict-qualified-param" and + ruleId = "M0-2-1" and + category = "required" + or query = // `Query` instance for the `underlyingBitRepresentationsOfFloatingPointValuesUsed` query RepresentationPackage::underlyingBitRepresentationsOfFloatingPointValuesUsedQuery() and @@ -109,6 +119,13 @@ module RepresentationPackage { TQueryCPP(TRepresentationPackageQuery(TObjectAssignedToAnOverlappingObjectQuery())) } + Query doNotPassAliasedPointerToRestrictQualifiedParamQuery() { + //autogenerate `Query` type + result = + // `Query` type for `doNotPassAliasedPointerToRestrictQualifiedParam` query + TQueryCPP(TRepresentationPackageQuery(TDoNotPassAliasedPointerToRestrictQualifiedParamQuery())) + } + Query underlyingBitRepresentationsOfFloatingPointValuesUsedQuery() { //autogenerate `Query` type result = diff --git a/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.qll b/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.qll new file mode 100644 index 0000000000..b733f31feb --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.qll @@ -0,0 +1,193 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import codingstandards.cpp.Pointers +import codingstandards.cpp.Variable +import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.pointsto.PointsTo +import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis + +/** + * A function that has a parameter with a restrict-qualified pointer type. + */ +class FunctionWithRestrictParameters extends Function { + Parameter restrictPtrParam; + + FunctionWithRestrictParameters() { + restrictPtrParam.getUnspecifiedType() instanceof PointerOrArrayType and + ( + restrictPtrParam.getType().hasSpecifier(["restrict"]) and + restrictPtrParam = this.getAParameter() + or + this.hasGlobalName(["strcpy", "strncpy", "strcat", "strncat", "memcpy"]) and + restrictPtrParam = this.getParameter([0, 1]) + or + this.hasGlobalName(["strcpy_s", "strncpy_s", "strcat_s", "strncat_s", "memcpy_s"]) and + restrictPtrParam = this.getParameter([0, 2]) + or + this.hasGlobalName(["strtok_s"]) and + restrictPtrParam = this.getAParameter() + or + this.hasGlobalName(["printf", "printf_s", "scanf", "scanf_s"]) and + restrictPtrParam = this.getParameter(0) + or + this.hasGlobalName(["sprintf", "sprintf_s", "snprintf", "snprintf_s"]) and + restrictPtrParam = this.getParameter(3) + ) + } + + Parameter getARestrictPtrParam() { result = restrictPtrParam } +} + +/** + * A call to a function that has a parameter with a restrict-qualified pointer type. + */ +class CallToFunctionWithRestrictParameters extends FunctionCall { + CallToFunctionWithRestrictParameters() { + this.getTarget() instanceof FunctionWithRestrictParameters + } + + Expr getARestrictPtrArg() { + result = + this.getArgument(this.getTarget() + .(FunctionWithRestrictParameters) + .getARestrictPtrParam() + .getIndex()) + } + + Expr getAPtrArg(int index) { + result = this.getArgument(index) and + pointerValue(result) + } + + Expr getAPossibleSizeArg() { + exists(Parameter param | + param = this.getTarget().(FunctionWithRestrictParameters).getAParameter() and + param.getUnderlyingType() instanceof IntegralType and + // exclude __builtin_object_size + not result.(FunctionCall).getTarget() instanceof BuiltInFunction and + result = this.getArgument(param.getIndex()) + ) + } +} + +/** + * A `PointsToExpr` that is an argument of a pointer-type in a `CallToFunctionWithRestrictParameters` + */ +class CallToFunctionWithRestrictParametersArgExpr extends Expr { + int paramIndex; + + CallToFunctionWithRestrictParametersArgExpr() { + this = any(CallToFunctionWithRestrictParameters call).getAPtrArg(paramIndex) + } + + int getParamIndex() { result = paramIndex } +} + +int getStatedValue(Expr e) { + // `upperBound(e)` defaults to `exprMaxVal(e)` when `e` isn't analyzable. So to get a meaningful + // result in this case we pick the minimum value obtainable from dataflow and range analysis. + result = + upperBound(e) + .minimum(min(Expr source | DataFlow::localExprFlow(source, e) | source.getValue().toInt())) +} + +int getPointerArithmeticOperandStatedValue(CallToFunctionWithRestrictParametersArgExpr expr) { + result = getStatedValue(expr.(PointerArithmeticExpr).getOperand()) + or + // edge-case: &(array[index]) expressions + result = getStatedValue(expr.(AddressOfExpr).getOperand().(PointerArithmeticExpr).getOperand()) + or + // fall-back if `expr` is not a pointer arithmetic expression + not expr instanceof PointerArithmeticExpr and + not expr.(AddressOfExpr).getOperand() instanceof PointerArithmeticExpr and + result = 0 +} + +module PointerValueToRestrictArgConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { pointerValue(source.asExpr()) } + + predicate isSink(DataFlow::Node sink) { + exists(CallToFunctionWithRestrictParameters call | + sink.asExpr() = call.getAPtrArg(_).getAChild*() + ) + } + + predicate isBarrierIn(DataFlow::Node node) { + exists(AddressOfExpr a | node.asExpr() = a.getOperand().getAChild*()) + } +} + +module PointerValueToRestrictArgFlow = DataFlow::Global; + +abstract class DoNotPassAliasedPointerToRestrictQualifiedParam_SharedSharedQuery extends Query { } + +Query getQuery() { + result instanceof DoNotPassAliasedPointerToRestrictQualifiedParam_SharedSharedQuery +} + +query predicate problems( + CallToFunctionWithRestrictParameters call, string message, + CallToFunctionWithRestrictParametersArgExpr arg2, string arg2message, + CallToFunctionWithRestrictParametersArgExpr arg1, string arg1message, Expr source1, + string sourceMessage2, Expr source2, string lastMessage2 +) { + not isExcluded(call, getQuery()) and + exists(int argOffset1, int argOffset2, string sourceMessage1 | + arg1 = call.getARestrictPtrArg() and + arg2 = call.getAPtrArg(_) and + // enforce ordering to remove permutations if multiple restrict-qualified args exist + (not arg2 = call.getARestrictPtrArg() or arg2.getParamIndex() > arg1.getParamIndex()) and + ( + // check if two pointers address the same object + PointerValueToRestrictArgFlow::flow(DataFlow::exprNode(source1), + DataFlow::exprNode(arg1.getAChild*())) and + ( + // one pointer value flows to both args + PointerValueToRestrictArgFlow::flow(DataFlow::exprNode(source1), + DataFlow::exprNode(arg2.getAChild*())) and + sourceMessage1 = "$@" and + sourceMessage2 = "source" and + source1 = source2 + or + // there are two separate values that flow from an AddressOfExpr of the same target + getAddressOfExprTargetBase(source1) = getAddressOfExprTargetBase(source2) and + PointerValueToRestrictArgFlow::flow(DataFlow::exprNode(source2), + DataFlow::exprNode(arg2.getAChild*())) and + sourceMessage1 = "a pair of address-of expressions ($@, $@)" and + sourceMessage2 = "addressof1" and + not source1 = source2 + ) + ) and + // get the offset of the pointer arithmetic operand (or '0' if there is none) + argOffset1 = getPointerArithmeticOperandStatedValue(arg1) and + argOffset2 = getPointerArithmeticOperandStatedValue(arg2) and + ( + // case 1: the pointer args are the same. + // (definite aliasing) + argOffset1 = argOffset2 + or + // case 2: the pointer args are different, a size arg exists, + // and the size arg is greater than the difference between the offsets. + // (potential aliasing) + exists(Expr sizeArg | + sizeArg = call.getAPossibleSizeArg() and + getStatedValue(sizeArg) > (argOffset1 - argOffset2).abs() + ) + or + // case 3: the pointer args are different, and a size arg does not exist + // (potential aliasing) + not exists(call.getAPossibleSizeArg()) + ) and + lastMessage2 = "addressof2" and + arg2message = "aliased pointer" and + arg1message = "restrict-qualified parameter" and + message = + "Call to '" + call.getTarget().getName() + + "' passes an $@ to a $@ (pointer value derived from " + sourceMessage1 + "." + ) +} diff --git a/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.expected b/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.expected new file mode 100644 index 0000000000..f94246bc63 --- /dev/null +++ b/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.expected @@ -0,0 +1,2 @@ +| test.cpp:6:3:6:13 | call to memcpy | Call to 'memcpy' passes an $@ to a $@ (pointer value derived from a pair of address-of expressions ($@, $@). | test.cpp:6:22:6:26 | & ... | aliased pointer | test.cpp:6:15:6:19 | & ... | restrict-qualified parameter | test.cpp:6:15:6:19 | & ... | addressof1 | test.cpp:6:22:6:26 | & ... | addressof2 | +| test.cpp:8:3:8:13 | call to memcpy | Call to 'memcpy' passes an $@ to a $@ (pointer value derived from a pair of address-of expressions ($@, $@). | test.cpp:8:22:8:26 | & ... | aliased pointer | test.cpp:8:15:8:19 | & ... | restrict-qualified parameter | test.cpp:8:15:8:19 | & ... | addressof1 | test.cpp:8:22:8:26 | & ... | addressof2 | diff --git a/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.ql b/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.ql new file mode 100644 index 0000000000..ebdb62c802 --- /dev/null +++ b/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.ql @@ -0,0 +1,6 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.donotpassaliasedpointertorestrictqualifiedparam_shared.DoNotPassAliasedPointerToRestrictQualifiedParam_Shared + +class TestFileQuery extends DoNotPassAliasedPointerToRestrictQualifiedParam_SharedSharedQuery, + TestQuery +{ } diff --git a/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/test.cpp b/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/test.cpp new file mode 100644 index 0000000000..42a35d0e92 --- /dev/null +++ b/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/test.cpp @@ -0,0 +1,10 @@ +#include + +int a[20]; + +void undefined_behaviour_fn_119(void) { + std::memcpy(&a[0], &a[1], 10u * sizeof(a[0])); // NON_COMPLIANT + std::memmove(&a[0], &a[1], 10u * sizeof(a[0])); // COMPLIANT + std::memcpy(&a[1], &a[0], 10u * sizeof(a[0])); // NON_COMPLIANT + std::memmove(&a[1], &a[0], 10u * sizeof(a[0])); // COMPLIANT +} \ No newline at end of file diff --git a/rule_packages/c/Pointers3.json b/rule_packages/c/Pointers3.json index a694300cd5..cb688b0f0b 100644 --- a/rule_packages/c/Pointers3.json +++ b/rule_packages/c/Pointers3.json @@ -72,6 +72,7 @@ "precision": "medium", "severity": "error", "short_name": "DoNotPassAliasedPointerToRestrictQualifiedParam", + "shared_implementation_short_name": "DoNotPassAliasedPointerToRestrictQualifiedParam_Shared", "tags": [ "correctness" ] diff --git a/rule_packages/cpp/Representation.json b/rule_packages/cpp/Representation.json index 96674eef0e..dcfd75be26 100644 --- a/rule_packages/cpp/Representation.json +++ b/rule_packages/cpp/Representation.json @@ -53,6 +53,18 @@ "tags": [ "correctness" ] + }, + { + "description": "Passing an aliased pointer to a conceptually restrict-qualified parameter is undefined behavior.", + "kind": "problem", + "name": "Do not pass aliased pointers as parameters of functions where it is undefined behaviour for those pointers to overlap", + "precision": "medium", + "severity": "error", + "short_name": "DoNotPassAliasedPointerToRestrictQualifiedParam", + "shared_implementation_short_name": "DoNotPassAliasedPointerToRestrictQualifiedParam_Shared", + "tags": [ + "correctness" + ] } ], "title": "An object shall not be assigned to an overlapping object." From e23a0dc43001c6f92552473983bda7000750ded9 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 10 Jul 2024 17:10:24 -0400 Subject: [PATCH 1853/2573] M0-2-1: add missing changenote --- change_notes/2024-07-10-fix-fn-119-m0-2-1.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 change_notes/2024-07-10-fix-fn-119-m0-2-1.md diff --git a/change_notes/2024-07-10-fix-fn-119-m0-2-1.md b/change_notes/2024-07-10-fix-fn-119-m0-2-1.md new file mode 100644 index 0000000000..08d139ddbe --- /dev/null +++ b/change_notes/2024-07-10-fix-fn-119-m0-2-1.md @@ -0,0 +1,2 @@ +- `M0-2-1` - `DoNotPassAliasedPointerToRestrictQualifiedParam.ql`: + - Fixes #119. Adds shared query to cover missing detection of overlapping arrays or pointers in specific list of functions that list undefined behaviour when their parameters overlap. \ No newline at end of file From b8193f13eaf303a966a067a3ea769179813cfacd Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 10 Jul 2024 17:11:51 -0400 Subject: [PATCH 1854/2573] M0-2-1: add missing query format --- .../M0-2-1/DoNotPassAliasedPointerToRestrictQualifiedParam.ql | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/cpp/autosar/src/rules/M0-2-1/DoNotPassAliasedPointerToRestrictQualifiedParam.ql b/cpp/autosar/src/rules/M0-2-1/DoNotPassAliasedPointerToRestrictQualifiedParam.ql index f337b2ecc1..928cec0f5e 100644 --- a/cpp/autosar/src/rules/M0-2-1/DoNotPassAliasedPointerToRestrictQualifiedParam.ql +++ b/cpp/autosar/src/rules/M0-2-1/DoNotPassAliasedPointerToRestrictQualifiedParam.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.donotpassaliasedpointertorestrictqualifiedparam_shared.DoNotPassAliasedPointerToRestrictQualifiedParam_Shared -class DoNotPassAliasedPointerToRestrictQualifiedParamQuery extends DoNotPassAliasedPointerToRestrictQualifiedParam_SharedSharedQuery { +class DoNotPassAliasedPointerToRestrictQualifiedParamQuery extends DoNotPassAliasedPointerToRestrictQualifiedParam_SharedSharedQuery +{ DoNotPassAliasedPointerToRestrictQualifiedParamQuery() { this = RepresentationPackage::doNotPassAliasedPointerToRestrictQualifiedParamQuery() } From 00f27aa5142052d260b16f9e440b0db63038dd61 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 10 Jul 2024 17:12:34 -0400 Subject: [PATCH 1855/2573] M0-2-1: add missing query format --- .../EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql b/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql index 393967c66e..9e159a31bf 100644 --- a/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql +++ b/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql @@ -19,4 +19,4 @@ class DoNotPassAliasedPointerToRestrictQualifiedParamQuery extends DoNotPassAlia DoNotPassAliasedPointerToRestrictQualifiedParamQuery() { this = Pointers3Package::doNotPassAliasedPointerToRestrictQualifiedParamQuery() } -} \ No newline at end of file +} From 80424af18e496438463710d66a03ebdedc366939 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Thu, 11 Jul 2024 00:16:31 -0400 Subject: [PATCH 1856/2573] M0-2-1: add missing query format --- cpp/common/src/codingstandards/cpp/Variable.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/Variable.qll b/cpp/common/src/codingstandards/cpp/Variable.qll index 9cf265ca93..47c6ca7f6c 100644 --- a/cpp/common/src/codingstandards/cpp/Variable.qll +++ b/cpp/common/src/codingstandards/cpp/Variable.qll @@ -18,4 +18,4 @@ Variable getAddressOfExprTargetBase(AddressOfExpr expr) { result = expr.getOperand().(VariableAccess).getTarget() or result = expr.getOperand().(ArrayExpr).getArrayBase().(VariableAccess).getTarget() -} \ No newline at end of file +} From 0c98d9b94733bfc63be0a1efe72eb89d2af3a41a Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Thu, 11 Jul 2024 11:25:07 -0400 Subject: [PATCH 1857/2573] M0-2-1: fix adjusted reference --- .../rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql b/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql index bbe41259b8..eac0f8826c 100644 --- a/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql +++ b/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.cpp.dataflow.DataFlow import semmle.code.cpp.controlflow.Dominance import codingstandards.c.cert -import codingstandards.c.Variable +import codingstandards.cpp.Variable /** * An `Expr` that is an assignment or initialization to a restrict-qualified pointer-type variable. From 1777db2359aea22cba3d81883b863be7930bc7ab Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Thu, 11 Jul 2024 12:11:40 -0400 Subject: [PATCH 1858/2573] M0-2-1: re-add accidentally rm'd testfile --- c/cert/test/rules/EXP43-C/test.c | 100 +++++++++++++++++++++++++++++++ 1 file changed, 100 insertions(+) create mode 100644 c/cert/test/rules/EXP43-C/test.c diff --git a/c/cert/test/rules/EXP43-C/test.c b/c/cert/test/rules/EXP43-C/test.c new file mode 100644 index 0000000000..3bf7cfa490 --- /dev/null +++ b/c/cert/test/rules/EXP43-C/test.c @@ -0,0 +1,100 @@ +#include +#include +#include + +int *restrict g1; +int *restrict g2; +int *restrict g1_1; +int *g2_1; + +struct s1 { + int x, y, z; +}; +struct s1 v1; + +void test_global_local() { + int *restrict i1 = g1; // COMPLIANT + int *restrict i2 = g2; // COMPLIANT + int *restrict i3 = i2; // NON_COMPLIANT + g1 = g2; // NON_COMPLIANT + i1 = i2; // NON_COMPLIANT + { + int *restrict i4; + int *restrict i5; + int *restrict i6; + i4 = g1; // COMPLIANT + i4 = (void *)0; // COMPLIANT + i5 = g1; // NON_COMPLIANT - block rather than statement scope matters + i4 = g1; // NON_COMPLIANT + i6 = g2; // COMPLIANT + } +} + +void test_global_local_1() { + g1_1 = g2_1; // COMPLIANT +} + +void test_structs() { + struct s1 *restrict p1 = &v1; + int *restrict px = &v1.x; // NON_COMPLIANT + { + int *restrict py; + int *restrict pz; + py = &v1.y; // COMPLIANT + py = (int *)0; + pz = &v1.z; // NON_COMPLIANT - block rather than statement scope matters + py = &v1.y; // NON_COMPLIANT + } +} + +void copy(int *restrict p1, int *restrict p2, size_t s) { + for (size_t i = 0; i < s; ++i) { + p2[i] = p1[i]; + } +} + +void test_restrict_params() { + int i1 = 1; + int i2 = 2; + copy(&i1, &i1, 1); // NON_COMPLIANT + copy(&i1, &i2, 1); // COMPLIANT + + int x[10]; + int *px = &x[0]; + copy(&x[0], &x[1], 1); // COMPLIANT - non overlapping + copy(&x[0], &x[1], 2); // NON_COMPLIANT - overlapping + copy(&x[0], (int *)x[0], 1); // COMPLIANT - non overlapping + copy(&x[0], px, 1); // NON_COMPLIANT - overlapping +} + +void test_strcpy() { + char s1[] = "my test string"; + char s2[] = "my other string"; + strcpy(&s1, &s1 + 3); // NON_COMPLIANT + strcpy(&s2, &s1); // COMPLIANT +} + +void test_memcpy() { + char s1[] = "my test string"; + char s2[] = "my other string"; + memcpy(&s1, &s1 + 3, 5); // NON_COMPLIANT + memcpy(&s2, &s1 + 3, 5); // COMPLIANT +} + +void test_memmove() { + char s1[] = "my test string"; + char s2[] = "my other string"; + memmove(&s1, &s1 + 3, 5); // COMPLIANT - memmove is allowed to overlap + memmove(&s2, &s1 + 3, 5); // COMPLIANT +} + +void test_scanf() { + char s1[200] = "%10s"; + scanf(&s1, &s1 + 4); // NON_COMPLIANT +} + +// TODO also consider the following: +// strncpy(), strncpy_s() +// strcat(), strcat_s() +// strncat(), strncat_s() +// strtok_s() \ No newline at end of file From 7112859edb6f153da880e6ac88056be959beea2e Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Thu, 11 Jul 2024 23:37:49 -0400 Subject: [PATCH 1859/2573] A13-3-1: exclude implicit copy/move ctors --- change_notes/2024-07-11-fix-fp-406.md | 2 ++ ...wardingReferenceAsItsArgumentOverloaded.ql | 30 ++++++------------- ...gReferenceAsItsArgumentOverloaded.expected | 4 --- cpp/autosar/test/rules/A13-3-1/test.cpp | 7 +++-- 4 files changed, 15 insertions(+), 28 deletions(-) create mode 100644 change_notes/2024-07-11-fix-fp-406.md diff --git a/change_notes/2024-07-11-fix-fp-406.md b/change_notes/2024-07-11-fix-fp-406.md new file mode 100644 index 0000000000..78e607ecb6 --- /dev/null +++ b/change_notes/2024-07-11-fix-fp-406.md @@ -0,0 +1,2 @@ + - `A13-3-1` - `FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql`: + - Fixes #406. Exclude detection of overloaded implicit copy/move constructors. \ No newline at end of file diff --git a/cpp/autosar/src/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql b/cpp/autosar/src/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql index 393c1222fd..81ca7039c3 100644 --- a/cpp/autosar/src/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql +++ b/cpp/autosar/src/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql @@ -32,25 +32,13 @@ where // allow for overloading with different number of parameters, because there is no // confusion on what function will be called. f.getNumberOfParameters() = c.getNumberOfParameters() and - //build a dynamic select statement that guarantees to read that the overloading function is the explicit one - if - (f instanceof CopyConstructor or f instanceof MoveConstructor) and - f.isCompilerGenerated() - then ( - ( - f instanceof CopyConstructor and - msg = "implicit copy constructor" - or - f instanceof MoveConstructor and - msg = "implicit move constructor" - ) and - firstMsgSegment = " with a forwarding reference parameter " and - overloaded = f and - overload = c - ) else ( - msg = "function with a forwarding reference parameter" and - firstMsgSegment = " " and - overloaded = c and - overload = f - ) + //ignore implicit copy and move constructor overloads + not ( + f.isCompilerGenerated() and + (f instanceof CopyConstructor or f instanceof MoveConstructor) + ) and + msg = "function with a forwarding reference parameter" and + firstMsgSegment = " " and + overloaded = c and + overload = f select overload, "Function" + firstMsgSegment + "overloads a $@.", overloaded, msg diff --git a/cpp/autosar/test/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.expected b/cpp/autosar/test/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.expected index 6e79cb00a4..cb71b56b51 100644 --- a/cpp/autosar/test/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.expected +++ b/cpp/autosar/test/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.expected @@ -1,7 +1,3 @@ | test.cpp:24:6:24:7 | F1 | Function overloads a $@. | test.cpp:27:25:27:26 | F1 | function with a forwarding reference parameter | | test.cpp:50:3:50:3 | A | Function overloads a $@. | test.cpp:48:3:48:3 | A | function with a forwarding reference parameter | | test.cpp:51:3:51:3 | A | Function overloads a $@. | test.cpp:48:3:48:3 | A | function with a forwarding reference parameter | -| test.cpp:69:3:69:3 | B | Function with a forwarding reference parameter overloads a $@. | test.cpp:64:8:64:8 | B | implicit copy constructor | -| test.cpp:69:3:69:3 | B | Function with a forwarding reference parameter overloads a $@. | test.cpp:64:8:64:8 | B | implicit move constructor | -| test.cpp:77:25:77:25 | C | Function with a forwarding reference parameter overloads a $@. | test.cpp:74:7:74:7 | C | implicit copy constructor | -| test.cpp:77:25:77:25 | C | Function with a forwarding reference parameter overloads a $@. | test.cpp:74:7:74:7 | C | implicit move constructor | diff --git a/cpp/autosar/test/rules/A13-3-1/test.cpp b/cpp/autosar/test/rules/A13-3-1/test.cpp index 82fe866a0a..8ed4e4d609 100644 --- a/cpp/autosar/test/rules/A13-3-1/test.cpp +++ b/cpp/autosar/test/rules/A13-3-1/test.cpp @@ -40,7 +40,7 @@ template void F1(T &&x) {} // class A { public: // COMPLIANT[FALSE_POSITIVE] - by exception, constrained to not match - // copy/move ctors + // explicit copy/move ctors template < typename T, std::enable_if_t>, A>::value> * = nullptr> - B(T &&value) {} // COMPLIANT[FALSE_POSITIVE] - by exception + B(T &&value) {} // COMPLIANT - by exception }; int main() {} @@ -74,5 +74,6 @@ int main() {} class C { public: C() {} - template C(T &&) {} // NON_COMPLIANT + template + C(T &&) {} // COMPLIANT - ignore overloads of implicit copy/move ctors }; \ No newline at end of file From b67dc05ffa5cce5da451bd737e1ad041ef7c15b5 Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Fri, 12 Jul 2024 11:11:18 +0100 Subject: [PATCH 1860/2573] C++: Accept test changes after #16969. --- .../ValidContainerElementAccess.expected | 2 ++ cpp/common/test/rules/validcontainerelementaccess/test.cpp | 4 ++-- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/cpp/common/test/rules/validcontainerelementaccess/ValidContainerElementAccess.expected b/cpp/common/test/rules/validcontainerelementaccess/ValidContainerElementAccess.expected index 988846beef..1738cbe330 100644 --- a/cpp/common/test/rules/validcontainerelementaccess/ValidContainerElementAccess.expected +++ b/cpp/common/test/rules/validcontainerelementaccess/ValidContainerElementAccess.expected @@ -7,4 +7,6 @@ | test.cpp:89:15:89:16 | it | Elements of $@ not accessed with valid reference, pointer, or iterator because of a prior $@. | test.cpp:86:20:86:20 | d | container | test.cpp:92:7:92:12 | call to insert | invalidation | | test.cpp:91:9:91:10 | it | Elements of $@ not accessed with valid reference, pointer, or iterator because of a prior $@. | test.cpp:86:20:86:20 | d | container | test.cpp:92:7:92:12 | call to insert | invalidation | | test.cpp:98:56:98:58 | loc | Elements of $@ not accessed with valid reference, pointer, or iterator because of a prior $@. | test.cpp:96:44:96:46 | str | container | test.cpp:99:9:99:14 | call to insert | invalidation | +| test.cpp:99:5:99:7 | str | Elements of $@ not accessed with valid reference, pointer, or iterator because of a prior $@. | test.cpp:96:44:96:46 | str | container | test.cpp:99:9:99:14 | call to insert | invalidation | | test.cpp:99:16:99:18 | loc | Elements of $@ not accessed with valid reference, pointer, or iterator because of a prior $@. | test.cpp:96:44:96:46 | str | container | test.cpp:99:9:99:14 | call to insert | invalidation | +| test.cpp:106:11:106:13 | str | Elements of $@ not accessed with valid reference, pointer, or iterator because of a prior $@. | test.cpp:103:45:103:47 | str | container | test.cpp:106:15:106:20 | call to insert | invalidation | diff --git a/cpp/common/test/rules/validcontainerelementaccess/test.cpp b/cpp/common/test/rules/validcontainerelementaccess/test.cpp index 55c94cf8f1..0f40687110 100644 --- a/cpp/common/test/rules/validcontainerelementaccess/test.cpp +++ b/cpp/common/test/rules/validcontainerelementaccess/test.cpp @@ -96,14 +96,14 @@ void f8(const int *ar) { void f9(const std::string &s, std::string &str) { std::string::iterator loc = str.begin(); for (auto i = s.begin(), e = s.end(); i != e; ++i, ++loc) { // NON_COMPLIANT - str.insert(loc, 'c'); // NON_COMPLIANT + str.insert(loc, 'c'); // NON_COMPLIANT[FALSE POSITIVE for str] } } void f10(const std::string &s, std::string &str) { std::string::iterator loc = str.begin(); for (auto i = s.begin(), e = s.end(); i != e; ++i, ++loc) { // COMPLIANT - loc = str.insert(loc, 'c'); // COMPLIANT + loc = str.insert(loc, 'c'); // COMPLIANT[FALSE POSITIVE] } } From e32a4e452aa8e74733a86d710b58bb5057586c51 Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Fri, 12 Jul 2024 11:17:04 +0100 Subject: [PATCH 1861/2573] C++: Format test file expectations. --- cpp/common/test/rules/validcontainerelementaccess/test.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cpp/common/test/rules/validcontainerelementaccess/test.cpp b/cpp/common/test/rules/validcontainerelementaccess/test.cpp index 0f40687110..d9e2c2d89a 100644 --- a/cpp/common/test/rules/validcontainerelementaccess/test.cpp +++ b/cpp/common/test/rules/validcontainerelementaccess/test.cpp @@ -96,14 +96,14 @@ void f8(const int *ar) { void f9(const std::string &s, std::string &str) { std::string::iterator loc = str.begin(); for (auto i = s.begin(), e = s.end(); i != e; ++i, ++loc) { // NON_COMPLIANT - str.insert(loc, 'c'); // NON_COMPLIANT[FALSE POSITIVE for str] + str.insert(loc, 'c'); // NON_COMPLIANT[FALSE POSITIVE for str] } } void f10(const std::string &s, std::string &str) { std::string::iterator loc = str.begin(); for (auto i = s.begin(), e = s.end(); i != e; ++i, ++loc) { // COMPLIANT - loc = str.insert(loc, 'c'); // COMPLIANT[FALSE POSITIVE] + loc = str.insert(loc, 'c'); // COMPLIANT[FALSE POSITIVE] } } From a0703717966ddd7c4b1c40e18a845a95082f5b69 Mon Sep 17 00:00:00 2001 From: Nicolas Will Date: Sat, 13 Jul 2024 14:53:12 +0200 Subject: [PATCH 1862/2573] Support Doxygen block comments --- .../A2-7-3/UndocumentedUserDefinedType.ql | 40 ++++++++++++++++++- .../UndocumentedUserDefinedType.expected | 20 +++++----- cpp/autosar/test/rules/A2-7-3/test.cpp | 20 ++++++++++ 3 files changed, 69 insertions(+), 11 deletions(-) diff --git a/cpp/autosar/src/rules/A2-7-3/UndocumentedUserDefinedType.ql b/cpp/autosar/src/rules/A2-7-3/UndocumentedUserDefinedType.ql index a8bfe3b361..5f8f68d50f 100644 --- a/cpp/autosar/src/rules/A2-7-3/UndocumentedUserDefinedType.ql +++ b/cpp/autosar/src/rules/A2-7-3/UndocumentedUserDefinedType.ql @@ -25,6 +25,38 @@ private predicate isInFunctionScope(Declaration d) { isInFunctionScope(d.getDeclaringType()) } +private string doxygenCommentGroupStrings(boolean opening) { + opening = true and result = ["///@{", "/**@{*/"] + or + opening = false and result = ["///@}", "/**@}*/"] +} + +private predicate isBetweenDoxygenCommentGroup( + Location loc, Comment opening, Comment body, Comment closing +) { + // All in the same file + loc.getFile() = opening.getLocation().getFile() and + loc.getFile() = closing.getLocation().getFile() and + loc.getFile() = body.getLocation().getFile() and + // The comments are doxygen comments + opening.getContents().matches(doxygenCommentGroupStrings(true)) and + closing.getContents().matches(doxygenCommentGroupStrings(false)) and + // The closing comment is after the opening comment + opening.getLocation().getStartLine() < closing.getLocation().getStartLine() and + // The `body` comment directly precedes the opening comment + body.getLocation().getEndLine() = opening.getLocation().getStartLine() - 1 and + // There are no other opening/closing comment pairs between the opening and closing comments + not exists(Comment c | + c.getContents().matches(doxygenCommentGroupStrings(_)) and + c.getLocation().getStartLine() > opening.getLocation().getStartLine() and + c.getLocation().getStartLine() < closing.getLocation().getStartLine() + ) and + // `loc` is between the opening and closing comments and after the body comment + loc.getStartLine() > opening.getLocation().getStartLine() and + loc.getStartLine() < closing.getLocation().getStartLine() and + loc.getStartLine() > body.getLocation().getEndLine() +} + /** * A declaration which is required to be preceded by documentation by AUTOSAR A2-7-3. */ @@ -80,11 +112,12 @@ class DocumentableDeclaration extends Declaration { } /** - * A `DeclarationEntry` is considered documented if it has an associated `Comment`, and the `Comment` - * precedes the `DeclarationEntry`. + * A `DeclarationEntry` is considered documented if it has an associated `Comment`, the `Comment` + * precedes the `DeclarationEntry`, and the `Comment` is not a doxygen comment group prefix. */ predicate isDocumented(DeclarationEntry de) { exists(Comment c | c.getCommentedElement() = de | + not c.getContents() = doxygenCommentGroupStrings(true) and exists(Location commentLoc, Location deLoc | commentLoc = c.getLocation() and deLoc = de.getLocation() | @@ -96,6 +129,9 @@ predicate isDocumented(DeclarationEntry de) { commentLoc.getStartColumn() < deLoc.getStartColumn() ) ) + or + // The declaration entry is between a doxygen comment group + isBetweenDoxygenCommentGroup(de.getLocation(), _, _, _) } from DocumentableDeclaration d, DeclarationEntry de diff --git a/cpp/autosar/test/rules/A2-7-3/UndocumentedUserDefinedType.expected b/cpp/autosar/test/rules/A2-7-3/UndocumentedUserDefinedType.expected index 0ae42152f7..43a8773361 100644 --- a/cpp/autosar/test/rules/A2-7-3/UndocumentedUserDefinedType.expected +++ b/cpp/autosar/test/rules/A2-7-3/UndocumentedUserDefinedType.expected @@ -1,9 +1,11 @@ -| test.cpp:70:7:70:12 | definition of ClassD | Declaration entry for user-defined type ClassD is missing documentation. | -| test.cpp:72:7:72:7 | definition of a | Declaration entry for member variable a is missing documentation. | -| test.cpp:73:14:73:14 | declaration of b | Declaration entry for member variable b is missing documentation. | -| test.cpp:74:8:74:8 | declaration of f | Declaration entry for function f is missing documentation. | -| test.cpp:76:7:76:7 | definition of c | Declaration entry for member variable c is missing documentation. | -| test.cpp:78:6:78:6 | declaration of d | Declaration entry for function d is missing documentation. | -| test.cpp:81:6:81:6 | definition of e | Declaration entry for function e is missing documentation. | -| test.cpp:88:1:88:30 | definition of message_to_string_undocumented | Declaration entry for function message_to_string_undocumented is missing documentation. | -| test.cpp:160:21:160:24 | definition of kBar | Declaration entry for member variable kBar is missing documentation. | +| test.cpp:74:8:74:8 | declaration of j | Declaration entry for function j is missing documentation. | +| test.cpp:75:8:75:8 | declaration of k | Declaration entry for function k is missing documentation. | +| test.cpp:90:7:90:12 | definition of ClassD | Declaration entry for user-defined type ClassD is missing documentation. | +| test.cpp:92:7:92:7 | definition of a | Declaration entry for member variable a is missing documentation. | +| test.cpp:93:14:93:14 | declaration of b | Declaration entry for member variable b is missing documentation. | +| test.cpp:94:8:94:8 | declaration of f | Declaration entry for function f is missing documentation. | +| test.cpp:96:7:96:7 | definition of c | Declaration entry for member variable c is missing documentation. | +| test.cpp:98:6:98:6 | declaration of d | Declaration entry for function d is missing documentation. | +| test.cpp:101:6:101:6 | definition of e | Declaration entry for function e is missing documentation. | +| test.cpp:108:1:108:30 | definition of message_to_string_undocumented | Declaration entry for function message_to_string_undocumented is missing documentation. | +| test.cpp:180:21:180:24 | definition of kBar | Declaration entry for member variable kBar is missing documentation. | diff --git a/cpp/autosar/test/rules/A2-7-3/test.cpp b/cpp/autosar/test/rules/A2-7-3/test.cpp index 8e9e180458..43b75b604a 100644 --- a/cpp/autosar/test/rules/A2-7-3/test.cpp +++ b/cpp/autosar/test/rules/A2-7-3/test.cpp @@ -60,10 +60,30 @@ class ClassC { // COMPLIANT /// @param i an integer. /// @throw std::runtime_error void f(int i); // COMPLIANT + + /** Same documentation for all members + * This is a multiline comment. + */ + ///@{ + void g(); // COMPLIANT + void h(); // COMPLIANT + void i(); // COMPLIANT + ///@} + + ///@{ + void j(); // NON_COMPLIANT + void k(); // NON_COMPLIANT + /** Member-specific documentation */ + void l(); // COMPLIANT + ///@} + private: /// @brief A Doxygen comment. int c; // COMPLIANT }; +void ClassC::i() { // not flagged, as we will only flag the non-definition + // declaration +} /// A Doxygen comment. void c(); // COMPLIANT From 9f5b134da817e8926ea29068c6d695b78958d4fe Mon Sep 17 00:00:00 2001 From: Nicolas Will Date: Sat, 13 Jul 2024 14:56:23 +0200 Subject: [PATCH 1863/2573] Create 2024-07-12-support-doxygen-comment-groups.md --- change_notes/2024-07-12-support-doxygen-comment-groups.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 change_notes/2024-07-12-support-doxygen-comment-groups.md diff --git a/change_notes/2024-07-12-support-doxygen-comment-groups.md b/change_notes/2024-07-12-support-doxygen-comment-groups.md new file mode 100644 index 0000000000..b0d7a148ba --- /dev/null +++ b/change_notes/2024-07-12-support-doxygen-comment-groups.md @@ -0,0 +1,2 @@ +- `A2-7-3` - `UndocumentedUserDefinedType.ql`: + - Fixes #391. Declarations for which a Doxygen comment group provides documentation will no longer produce results. \ No newline at end of file From fb5c4bce02593bdd380bcd132c9e5a53c34a6e2d Mon Sep 17 00:00:00 2001 From: Nicolas Will Date: Sat, 13 Jul 2024 16:23:13 +0200 Subject: [PATCH 1864/2573] Fix A2-7-3 performance issue Caches `isDocumented` and `isBetweenDoxygenCommentGroup` --- cpp/autosar/src/rules/A2-7-3/UndocumentedUserDefinedType.ql | 2 ++ 1 file changed, 2 insertions(+) diff --git a/cpp/autosar/src/rules/A2-7-3/UndocumentedUserDefinedType.ql b/cpp/autosar/src/rules/A2-7-3/UndocumentedUserDefinedType.ql index 5f8f68d50f..c3295275db 100644 --- a/cpp/autosar/src/rules/A2-7-3/UndocumentedUserDefinedType.ql +++ b/cpp/autosar/src/rules/A2-7-3/UndocumentedUserDefinedType.ql @@ -31,6 +31,7 @@ private string doxygenCommentGroupStrings(boolean opening) { opening = false and result = ["///@}", "/**@}*/"] } +pragma[inline] private predicate isBetweenDoxygenCommentGroup( Location loc, Comment opening, Comment body, Comment closing ) { @@ -115,6 +116,7 @@ class DocumentableDeclaration extends Declaration { * A `DeclarationEntry` is considered documented if it has an associated `Comment`, the `Comment` * precedes the `DeclarationEntry`, and the `Comment` is not a doxygen comment group prefix. */ +cached predicate isDocumented(DeclarationEntry de) { exists(Comment c | c.getCommentedElement() = de | not c.getContents() = doxygenCommentGroupStrings(true) and From cfbdc212fcbd1b5f1e5274b19a06e3ff796b7ba9 Mon Sep 17 00:00:00 2001 From: Alexandre Boulgakov Date: Tue, 16 Jul 2024 14:09:34 +0100 Subject: [PATCH 1865/2573] A12-8-6: Update tests around unused template special members. --- .../rules/A12-8-6/CopyAndMoveNotDeclaredProtected.expected | 4 ---- 1 file changed, 4 deletions(-) diff --git a/cpp/autosar/test/rules/A12-8-6/CopyAndMoveNotDeclaredProtected.expected b/cpp/autosar/test/rules/A12-8-6/CopyAndMoveNotDeclaredProtected.expected index 9f85da12d6..74ed472a52 100644 --- a/cpp/autosar/test/rules/A12-8-6/CopyAndMoveNotDeclaredProtected.expected +++ b/cpp/autosar/test/rules/A12-8-6/CopyAndMoveNotDeclaredProtected.expected @@ -20,7 +20,3 @@ | test.cpp:109:3:109:12 | declaration of BaseClass8 | Move constructor for base class 'BaseClass8' is not declared protected. | | test.cpp:110:15:110:23 | declaration of operator= | Copy assignment operator for base class 'BaseClass8' is not declared protected. | | test.cpp:111:15:111:23 | declaration of operator= | Move assignment operator for base class 'BaseClass8' is not declared protected. | -| test.cpp:124:26:124:26 | declaration of BaseClass9 | Implicit copy constructor for base class 'BaseClass9' is not declared deleted. | -| test.cpp:124:26:124:26 | declaration of BaseClass9 | Implicit move constructor for base class 'BaseClass9' is not declared deleted. | -| test.cpp:124:26:124:26 | declaration of operator= | Implicit copy assignment operator for base class 'BaseClass9' is not declared deleted. | -| test.cpp:124:26:124:26 | declaration of operator= | Implicit move assignment operator for base class 'BaseClass9' is not declared deleted. | From c9f75cb5ad2ce98a7454f8ded7d22d65cba668e7 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 16 Jul 2024 11:50:35 -0400 Subject: [PATCH 1866/2573] M0-2-1: rename shared queries --- ...interToRestrictQualifiedParamShared.expected} | 0 ...asedPointerToRestrictQualifiedParamShared.ql} | 0 .../test.c | 0 ...aram.ql => DoNotPassAliasedPointerToParam.ql} | 0 .../DoNotPassAliasedPointerToParam.testref | 1 + ...liasedPointerToRestrictQualifiedParam.testref | 1 - .../cpp/exclusions/cpp/Representation.qll | 16 ++++++++-------- ...asedPointerToRestrictQualifiedParamShared.qll | 15 +++++++++++++++ ...sedPointerToRestrictQualifiedParam_Shared.qll | 0 ...interToRestrictQualifiedParamShared.expected} | 0 ...asedPointerToRestrictQualifiedParamShared.ql} | 0 .../test.cpp | 0 rule_packages/c/Pointers3.json | 2 +- rule_packages/cpp/Representation.json | 6 +++--- 14 files changed, 28 insertions(+), 13 deletions(-) rename c/common/test/rules/{donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.expected => donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.expected} (100%) rename c/common/test/rules/{donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.ql => donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql} (100%) rename c/common/test/rules/{donotpassaliasedpointertorestrictqualifiedparam_shared => donotpassaliasedpointertorestrictqualifiedparamshared}/test.c (100%) rename cpp/autosar/src/rules/M0-2-1/{DoNotPassAliasedPointerToRestrictQualifiedParam.ql => DoNotPassAliasedPointerToParam.ql} (100%) create mode 100644 cpp/autosar/test/rules/M0-2-1/DoNotPassAliasedPointerToParam.testref delete mode 100644 cpp/autosar/test/rules/M0-2-1/DoNotPassAliasedPointerToRestrictQualifiedParam.testref create mode 100644 cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.qll rename cpp/common/src/codingstandards/cpp/rules/{ => donotpassaliasedpointertorestrictqualifiedparamshared}/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.qll (100%) rename cpp/common/test/rules/{donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.expected => donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.expected} (100%) rename cpp/common/test/rules/{donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.ql => donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql} (100%) rename cpp/common/test/rules/{donotpassaliasedpointertorestrictqualifiedparam_shared => donotpassaliasedpointertorestrictqualifiedparamshared}/test.cpp (100%) diff --git a/c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.expected b/c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.expected similarity index 100% rename from c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.expected rename to c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.expected diff --git a/c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.ql b/c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql similarity index 100% rename from c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.ql rename to c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql diff --git a/c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/test.c b/c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/test.c similarity index 100% rename from c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/test.c rename to c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/test.c diff --git a/cpp/autosar/src/rules/M0-2-1/DoNotPassAliasedPointerToRestrictQualifiedParam.ql b/cpp/autosar/src/rules/M0-2-1/DoNotPassAliasedPointerToParam.ql similarity index 100% rename from cpp/autosar/src/rules/M0-2-1/DoNotPassAliasedPointerToRestrictQualifiedParam.ql rename to cpp/autosar/src/rules/M0-2-1/DoNotPassAliasedPointerToParam.ql diff --git a/cpp/autosar/test/rules/M0-2-1/DoNotPassAliasedPointerToParam.testref b/cpp/autosar/test/rules/M0-2-1/DoNotPassAliasedPointerToParam.testref new file mode 100644 index 0000000000..2c64dedd45 --- /dev/null +++ b/cpp/autosar/test/rules/M0-2-1/DoNotPassAliasedPointerToParam.testref @@ -0,0 +1 @@ +cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M0-2-1/DoNotPassAliasedPointerToRestrictQualifiedParam.testref b/cpp/autosar/test/rules/M0-2-1/DoNotPassAliasedPointerToRestrictQualifiedParam.testref deleted file mode 100644 index 31ba6a98ba..0000000000 --- a/cpp/autosar/test/rules/M0-2-1/DoNotPassAliasedPointerToRestrictQualifiedParam.testref +++ /dev/null @@ -1 +0,0 @@ -cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.ql \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Representation.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Representation.qll index ac41c1049a..2f92ea89ec 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Representation.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Representation.qll @@ -7,7 +7,7 @@ newtype RepresentationQuery = TBitFieldsShallBeUsedOnlyWhenInterfacingToHardwareOrConformingToCommunicationProtocolsQuery() or TAuditPossibleHardwareInterfaceDueToBitFieldUsageInDataTypeDefinitionQuery() or TObjectAssignedToAnOverlappingObjectQuery() or - TDoNotPassAliasedPointerToRestrictQualifiedParamQuery() or + TDoNotPassAliasedPointerToParamQuery() or TUnderlyingBitRepresentationsOfFloatingPointValuesUsedQuery() or TNamedBitFieldsWithSignedIntegerTypeShallHaveALengthOfMoreThanOneBitQuery() or TMemsetUsedToAccessObjectRepresentationQuery() or @@ -43,11 +43,11 @@ predicate isRepresentationQueryMetadata(Query query, string queryId, string rule category = "required" or query = - // `Query` instance for the `doNotPassAliasedPointerToRestrictQualifiedParam` query - RepresentationPackage::doNotPassAliasedPointerToRestrictQualifiedParamQuery() and + // `Query` instance for the `doNotPassAliasedPointerToParam` query + RepresentationPackage::doNotPassAliasedPointerToParamQuery() and queryId = - // `@id` for the `doNotPassAliasedPointerToRestrictQualifiedParam` query - "cpp/autosar/do-not-pass-aliased-pointer-to-restrict-qualified-param" and + // `@id` for the `doNotPassAliasedPointerToParam` query + "cpp/autosar/do-not-pass-aliased-pointer-to-param" and ruleId = "M0-2-1" and category = "required" or @@ -119,11 +119,11 @@ module RepresentationPackage { TQueryCPP(TRepresentationPackageQuery(TObjectAssignedToAnOverlappingObjectQuery())) } - Query doNotPassAliasedPointerToRestrictQualifiedParamQuery() { + Query doNotPassAliasedPointerToParamQuery() { //autogenerate `Query` type result = - // `Query` type for `doNotPassAliasedPointerToRestrictQualifiedParam` query - TQueryCPP(TRepresentationPackageQuery(TDoNotPassAliasedPointerToRestrictQualifiedParamQuery())) + // `Query` type for `doNotPassAliasedPointerToParam` query + TQueryCPP(TRepresentationPackageQuery(TDoNotPassAliasedPointerToParamQuery())) } Query underlyingBitRepresentationsOfFloatingPointValuesUsedQuery() { diff --git a/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.qll b/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.qll new file mode 100644 index 0000000000..0c16d4e538 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.qll @@ -0,0 +1,15 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class DoNotPassAliasedPointerToRestrictQualifiedParamSharedSharedQuery extends Query { } + +Query getQuery() { result instanceof DoNotPassAliasedPointerToRestrictQualifiedParamSharedSharedQuery } + +query predicate problems(Element e, string message) { +not isExcluded(e, getQuery()) and message = "" +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.qll b/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.qll similarity index 100% rename from cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.qll rename to cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.qll diff --git a/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.expected b/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.expected similarity index 100% rename from cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.expected rename to cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.expected diff --git a/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.ql b/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql similarity index 100% rename from cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.ql rename to cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql diff --git a/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/test.cpp b/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/test.cpp similarity index 100% rename from cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/test.cpp rename to cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/test.cpp diff --git a/rule_packages/c/Pointers3.json b/rule_packages/c/Pointers3.json index cb688b0f0b..f35f5b7bd1 100644 --- a/rule_packages/c/Pointers3.json +++ b/rule_packages/c/Pointers3.json @@ -72,7 +72,7 @@ "precision": "medium", "severity": "error", "short_name": "DoNotPassAliasedPointerToRestrictQualifiedParam", - "shared_implementation_short_name": "DoNotPassAliasedPointerToRestrictQualifiedParam_Shared", + "shared_implementation_short_name": "DoNotPassAliasedPointerToRestrictQualifiedParamShared", "tags": [ "correctness" ] diff --git a/rule_packages/cpp/Representation.json b/rule_packages/cpp/Representation.json index dcfd75be26..4b9a44099e 100644 --- a/rule_packages/cpp/Representation.json +++ b/rule_packages/cpp/Representation.json @@ -55,13 +55,13 @@ ] }, { - "description": "Passing an aliased pointer to a conceptually restrict-qualified parameter is undefined behavior.", + "description": "Passing a aliased pointers as parameters of certain functions is undefined behavior.", "kind": "problem", "name": "Do not pass aliased pointers as parameters of functions where it is undefined behaviour for those pointers to overlap", "precision": "medium", "severity": "error", - "short_name": "DoNotPassAliasedPointerToRestrictQualifiedParam", - "shared_implementation_short_name": "DoNotPassAliasedPointerToRestrictQualifiedParam_Shared", + "short_name": "DoNotPassAliasedPointerToParam", + "shared_implementation_short_name": "DoNotPassAliasedPointerToRestrictQualifiedParamShared", "tags": [ "correctness" ] From 06d585fdb988794af73d7eab02b52c1415c763d9 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 16 Jul 2024 12:25:53 -0400 Subject: [PATCH 1867/2573] M0-2-1: fix query renaming --- .../DoNotPassAliasedPointerToRestrictQualifiedParam.ql | 4 ++-- .../DoNotPassAliasedPointerToRestrictQualifiedParam.testref | 2 +- .../DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql b/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql index 9e159a31bf..08121f8c2b 100644 --- a/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql +++ b/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql @@ -12,9 +12,9 @@ import cpp import codingstandards.c.cert -import codingstandards.cpp.rules.donotpassaliasedpointertorestrictqualifiedparam_shared.DoNotPassAliasedPointerToRestrictQualifiedParam_Shared +import codingstandards.cpp.rules.donotpassaliasedpointertorestrictqualifiedparamshared.DoNotPassAliasedPointerToRestrictQualifiedParamShared -class DoNotPassAliasedPointerToRestrictQualifiedParamQuery extends DoNotPassAliasedPointerToRestrictQualifiedParam_SharedSharedQuery +class DoNotPassAliasedPointerToRestrictQualifiedParamQuery extends DoNotPassAliasedPointerToRestrictQualifiedParamSharedSharedQuery { DoNotPassAliasedPointerToRestrictQualifiedParamQuery() { this = Pointers3Package::doNotPassAliasedPointerToRestrictQualifiedParamQuery() diff --git a/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.testref b/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.testref index 66f173804a..ef17bca58a 100644 --- a/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.testref +++ b/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.testref @@ -1 +1 @@ -c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.ql \ No newline at end of file +c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql \ No newline at end of file diff --git a/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql b/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql index ebdb62c802..dc3a521edf 100644 --- a/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql +++ b/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql @@ -1,6 +1,6 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.donotpassaliasedpointertorestrictqualifiedparam_shared.DoNotPassAliasedPointerToRestrictQualifiedParam_Shared +import codingstandards.cpp.rules.donotpassaliasedpointertorestrictqualifiedparamshared.DoNotPassAliasedPointerToRestrictQualifiedParamShared -class TestFileQuery extends DoNotPassAliasedPointerToRestrictQualifiedParam_SharedSharedQuery, +class TestFileQuery extends DoNotPassAliasedPointerToRestrictQualifiedParamSharedSharedQuery, TestQuery { } From 43e6d67d2112f8bffbfaafcc1f92187fea57a092 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 16 Jul 2024 12:28:16 -0400 Subject: [PATCH 1868/2573] M0-2-1: reformat query --- ...otPassAliasedPointerToRestrictQualifiedParamShared.qll | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.qll b/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.qll index 0c16d4e538..5d8bfc5634 100644 --- a/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.qll @@ -8,8 +8,10 @@ import codingstandards.cpp.Exclusions abstract class DoNotPassAliasedPointerToRestrictQualifiedParamSharedSharedQuery extends Query { } -Query getQuery() { result instanceof DoNotPassAliasedPointerToRestrictQualifiedParamSharedSharedQuery } +Query getQuery() { + result instanceof DoNotPassAliasedPointerToRestrictQualifiedParamSharedSharedQuery +} query predicate problems(Element e, string message) { -not isExcluded(e, getQuery()) and message = "" -} \ No newline at end of file + not isExcluded(e, getQuery()) and message = "" +} From ebb7d39d86f3aa936913937e02aa438d45349016 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 16 Jul 2024 12:48:55 -0400 Subject: [PATCH 1869/2573] M0-2-1: missed more renaming --- .../M0-2-1/DoNotPassAliasedPointerToParam.ql | 11 +- ...dPointerToRestrictQualifiedParamShared.qll | 184 ++++++++++++++++- ...PointerToRestrictQualifiedParam_Shared.qll | 193 ------------------ 3 files changed, 185 insertions(+), 203 deletions(-) delete mode 100644 cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.qll diff --git a/cpp/autosar/src/rules/M0-2-1/DoNotPassAliasedPointerToParam.ql b/cpp/autosar/src/rules/M0-2-1/DoNotPassAliasedPointerToParam.ql index 928cec0f5e..d99ae486fc 100644 --- a/cpp/autosar/src/rules/M0-2-1/DoNotPassAliasedPointerToParam.ql +++ b/cpp/autosar/src/rules/M0-2-1/DoNotPassAliasedPointerToParam.ql @@ -1,8 +1,7 @@ /** - * @id cpp/autosar/do-not-pass-aliased-pointer-to-restrict-qualified-param + * @id cpp/autosar/do-not-pass-aliased-pointer-to-param * @name M0-2-1: Do not pass aliased pointers as parameters of functions where it is undefined behaviour for those pointers to overlap - * @description Passing an aliased pointer to a conceptually restrict-qualified parameter is - * undefined behavior. + * @description Passing a aliased pointers as parameters of certain functions is undefined behavior. * @kind problem * @precision medium * @problem.severity error @@ -15,11 +14,11 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.donotpassaliasedpointertorestrictqualifiedparam_shared.DoNotPassAliasedPointerToRestrictQualifiedParam_Shared +import codingstandards.cpp.rules.donotpassaliasedpointertorestrictqualifiedparamshared.DoNotPassAliasedPointerToRestrictQualifiedParamShared -class DoNotPassAliasedPointerToRestrictQualifiedParamQuery extends DoNotPassAliasedPointerToRestrictQualifiedParam_SharedSharedQuery +class DoNotPassAliasedPointerToRestrictQualifiedParamQuery extends DoNotPassAliasedPointerToRestrictQualifiedParamSharedSharedQuery { DoNotPassAliasedPointerToRestrictQualifiedParamQuery() { - this = RepresentationPackage::doNotPassAliasedPointerToRestrictQualifiedParamQuery() + this = RepresentationPackage::doNotPassAliasedPointerToParamQuery() } } diff --git a/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.qll b/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.qll index 5d8bfc5634..b733f31feb 100644 --- a/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.qll @@ -5,13 +5,189 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions +import codingstandards.cpp.Pointers +import codingstandards.cpp.Variable +import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.pointsto.PointsTo +import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis -abstract class DoNotPassAliasedPointerToRestrictQualifiedParamSharedSharedQuery extends Query { } +/** + * A function that has a parameter with a restrict-qualified pointer type. + */ +class FunctionWithRestrictParameters extends Function { + Parameter restrictPtrParam; + + FunctionWithRestrictParameters() { + restrictPtrParam.getUnspecifiedType() instanceof PointerOrArrayType and + ( + restrictPtrParam.getType().hasSpecifier(["restrict"]) and + restrictPtrParam = this.getAParameter() + or + this.hasGlobalName(["strcpy", "strncpy", "strcat", "strncat", "memcpy"]) and + restrictPtrParam = this.getParameter([0, 1]) + or + this.hasGlobalName(["strcpy_s", "strncpy_s", "strcat_s", "strncat_s", "memcpy_s"]) and + restrictPtrParam = this.getParameter([0, 2]) + or + this.hasGlobalName(["strtok_s"]) and + restrictPtrParam = this.getAParameter() + or + this.hasGlobalName(["printf", "printf_s", "scanf", "scanf_s"]) and + restrictPtrParam = this.getParameter(0) + or + this.hasGlobalName(["sprintf", "sprintf_s", "snprintf", "snprintf_s"]) and + restrictPtrParam = this.getParameter(3) + ) + } + + Parameter getARestrictPtrParam() { result = restrictPtrParam } +} + +/** + * A call to a function that has a parameter with a restrict-qualified pointer type. + */ +class CallToFunctionWithRestrictParameters extends FunctionCall { + CallToFunctionWithRestrictParameters() { + this.getTarget() instanceof FunctionWithRestrictParameters + } + + Expr getARestrictPtrArg() { + result = + this.getArgument(this.getTarget() + .(FunctionWithRestrictParameters) + .getARestrictPtrParam() + .getIndex()) + } + + Expr getAPtrArg(int index) { + result = this.getArgument(index) and + pointerValue(result) + } + + Expr getAPossibleSizeArg() { + exists(Parameter param | + param = this.getTarget().(FunctionWithRestrictParameters).getAParameter() and + param.getUnderlyingType() instanceof IntegralType and + // exclude __builtin_object_size + not result.(FunctionCall).getTarget() instanceof BuiltInFunction and + result = this.getArgument(param.getIndex()) + ) + } +} + +/** + * A `PointsToExpr` that is an argument of a pointer-type in a `CallToFunctionWithRestrictParameters` + */ +class CallToFunctionWithRestrictParametersArgExpr extends Expr { + int paramIndex; + + CallToFunctionWithRestrictParametersArgExpr() { + this = any(CallToFunctionWithRestrictParameters call).getAPtrArg(paramIndex) + } + + int getParamIndex() { result = paramIndex } +} + +int getStatedValue(Expr e) { + // `upperBound(e)` defaults to `exprMaxVal(e)` when `e` isn't analyzable. So to get a meaningful + // result in this case we pick the minimum value obtainable from dataflow and range analysis. + result = + upperBound(e) + .minimum(min(Expr source | DataFlow::localExprFlow(source, e) | source.getValue().toInt())) +} + +int getPointerArithmeticOperandStatedValue(CallToFunctionWithRestrictParametersArgExpr expr) { + result = getStatedValue(expr.(PointerArithmeticExpr).getOperand()) + or + // edge-case: &(array[index]) expressions + result = getStatedValue(expr.(AddressOfExpr).getOperand().(PointerArithmeticExpr).getOperand()) + or + // fall-back if `expr` is not a pointer arithmetic expression + not expr instanceof PointerArithmeticExpr and + not expr.(AddressOfExpr).getOperand() instanceof PointerArithmeticExpr and + result = 0 +} + +module PointerValueToRestrictArgConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { pointerValue(source.asExpr()) } + + predicate isSink(DataFlow::Node sink) { + exists(CallToFunctionWithRestrictParameters call | + sink.asExpr() = call.getAPtrArg(_).getAChild*() + ) + } + + predicate isBarrierIn(DataFlow::Node node) { + exists(AddressOfExpr a | node.asExpr() = a.getOperand().getAChild*()) + } +} + +module PointerValueToRestrictArgFlow = DataFlow::Global; + +abstract class DoNotPassAliasedPointerToRestrictQualifiedParam_SharedSharedQuery extends Query { } Query getQuery() { - result instanceof DoNotPassAliasedPointerToRestrictQualifiedParamSharedSharedQuery + result instanceof DoNotPassAliasedPointerToRestrictQualifiedParam_SharedSharedQuery } -query predicate problems(Element e, string message) { - not isExcluded(e, getQuery()) and message = "" +query predicate problems( + CallToFunctionWithRestrictParameters call, string message, + CallToFunctionWithRestrictParametersArgExpr arg2, string arg2message, + CallToFunctionWithRestrictParametersArgExpr arg1, string arg1message, Expr source1, + string sourceMessage2, Expr source2, string lastMessage2 +) { + not isExcluded(call, getQuery()) and + exists(int argOffset1, int argOffset2, string sourceMessage1 | + arg1 = call.getARestrictPtrArg() and + arg2 = call.getAPtrArg(_) and + // enforce ordering to remove permutations if multiple restrict-qualified args exist + (not arg2 = call.getARestrictPtrArg() or arg2.getParamIndex() > arg1.getParamIndex()) and + ( + // check if two pointers address the same object + PointerValueToRestrictArgFlow::flow(DataFlow::exprNode(source1), + DataFlow::exprNode(arg1.getAChild*())) and + ( + // one pointer value flows to both args + PointerValueToRestrictArgFlow::flow(DataFlow::exprNode(source1), + DataFlow::exprNode(arg2.getAChild*())) and + sourceMessage1 = "$@" and + sourceMessage2 = "source" and + source1 = source2 + or + // there are two separate values that flow from an AddressOfExpr of the same target + getAddressOfExprTargetBase(source1) = getAddressOfExprTargetBase(source2) and + PointerValueToRestrictArgFlow::flow(DataFlow::exprNode(source2), + DataFlow::exprNode(arg2.getAChild*())) and + sourceMessage1 = "a pair of address-of expressions ($@, $@)" and + sourceMessage2 = "addressof1" and + not source1 = source2 + ) + ) and + // get the offset of the pointer arithmetic operand (or '0' if there is none) + argOffset1 = getPointerArithmeticOperandStatedValue(arg1) and + argOffset2 = getPointerArithmeticOperandStatedValue(arg2) and + ( + // case 1: the pointer args are the same. + // (definite aliasing) + argOffset1 = argOffset2 + or + // case 2: the pointer args are different, a size arg exists, + // and the size arg is greater than the difference between the offsets. + // (potential aliasing) + exists(Expr sizeArg | + sizeArg = call.getAPossibleSizeArg() and + getStatedValue(sizeArg) > (argOffset1 - argOffset2).abs() + ) + or + // case 3: the pointer args are different, and a size arg does not exist + // (potential aliasing) + not exists(call.getAPossibleSizeArg()) + ) and + lastMessage2 = "addressof2" and + arg2message = "aliased pointer" and + arg1message = "restrict-qualified parameter" and + message = + "Call to '" + call.getTarget().getName() + + "' passes an $@ to a $@ (pointer value derived from " + sourceMessage1 + "." + ) } diff --git a/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.qll b/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.qll deleted file mode 100644 index b733f31feb..0000000000 --- a/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.qll +++ /dev/null @@ -1,193 +0,0 @@ -/** - * Provides a library which includes a `problems` predicate for reporting.... - */ - -import cpp -import codingstandards.cpp.Customizations -import codingstandards.cpp.Exclusions -import codingstandards.cpp.Pointers -import codingstandards.cpp.Variable -import codingstandards.cpp.dataflow.DataFlow -import semmle.code.cpp.pointsto.PointsTo -import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis - -/** - * A function that has a parameter with a restrict-qualified pointer type. - */ -class FunctionWithRestrictParameters extends Function { - Parameter restrictPtrParam; - - FunctionWithRestrictParameters() { - restrictPtrParam.getUnspecifiedType() instanceof PointerOrArrayType and - ( - restrictPtrParam.getType().hasSpecifier(["restrict"]) and - restrictPtrParam = this.getAParameter() - or - this.hasGlobalName(["strcpy", "strncpy", "strcat", "strncat", "memcpy"]) and - restrictPtrParam = this.getParameter([0, 1]) - or - this.hasGlobalName(["strcpy_s", "strncpy_s", "strcat_s", "strncat_s", "memcpy_s"]) and - restrictPtrParam = this.getParameter([0, 2]) - or - this.hasGlobalName(["strtok_s"]) and - restrictPtrParam = this.getAParameter() - or - this.hasGlobalName(["printf", "printf_s", "scanf", "scanf_s"]) and - restrictPtrParam = this.getParameter(0) - or - this.hasGlobalName(["sprintf", "sprintf_s", "snprintf", "snprintf_s"]) and - restrictPtrParam = this.getParameter(3) - ) - } - - Parameter getARestrictPtrParam() { result = restrictPtrParam } -} - -/** - * A call to a function that has a parameter with a restrict-qualified pointer type. - */ -class CallToFunctionWithRestrictParameters extends FunctionCall { - CallToFunctionWithRestrictParameters() { - this.getTarget() instanceof FunctionWithRestrictParameters - } - - Expr getARestrictPtrArg() { - result = - this.getArgument(this.getTarget() - .(FunctionWithRestrictParameters) - .getARestrictPtrParam() - .getIndex()) - } - - Expr getAPtrArg(int index) { - result = this.getArgument(index) and - pointerValue(result) - } - - Expr getAPossibleSizeArg() { - exists(Parameter param | - param = this.getTarget().(FunctionWithRestrictParameters).getAParameter() and - param.getUnderlyingType() instanceof IntegralType and - // exclude __builtin_object_size - not result.(FunctionCall).getTarget() instanceof BuiltInFunction and - result = this.getArgument(param.getIndex()) - ) - } -} - -/** - * A `PointsToExpr` that is an argument of a pointer-type in a `CallToFunctionWithRestrictParameters` - */ -class CallToFunctionWithRestrictParametersArgExpr extends Expr { - int paramIndex; - - CallToFunctionWithRestrictParametersArgExpr() { - this = any(CallToFunctionWithRestrictParameters call).getAPtrArg(paramIndex) - } - - int getParamIndex() { result = paramIndex } -} - -int getStatedValue(Expr e) { - // `upperBound(e)` defaults to `exprMaxVal(e)` when `e` isn't analyzable. So to get a meaningful - // result in this case we pick the minimum value obtainable from dataflow and range analysis. - result = - upperBound(e) - .minimum(min(Expr source | DataFlow::localExprFlow(source, e) | source.getValue().toInt())) -} - -int getPointerArithmeticOperandStatedValue(CallToFunctionWithRestrictParametersArgExpr expr) { - result = getStatedValue(expr.(PointerArithmeticExpr).getOperand()) - or - // edge-case: &(array[index]) expressions - result = getStatedValue(expr.(AddressOfExpr).getOperand().(PointerArithmeticExpr).getOperand()) - or - // fall-back if `expr` is not a pointer arithmetic expression - not expr instanceof PointerArithmeticExpr and - not expr.(AddressOfExpr).getOperand() instanceof PointerArithmeticExpr and - result = 0 -} - -module PointerValueToRestrictArgConfig implements DataFlow::ConfigSig { - predicate isSource(DataFlow::Node source) { pointerValue(source.asExpr()) } - - predicate isSink(DataFlow::Node sink) { - exists(CallToFunctionWithRestrictParameters call | - sink.asExpr() = call.getAPtrArg(_).getAChild*() - ) - } - - predicate isBarrierIn(DataFlow::Node node) { - exists(AddressOfExpr a | node.asExpr() = a.getOperand().getAChild*()) - } -} - -module PointerValueToRestrictArgFlow = DataFlow::Global; - -abstract class DoNotPassAliasedPointerToRestrictQualifiedParam_SharedSharedQuery extends Query { } - -Query getQuery() { - result instanceof DoNotPassAliasedPointerToRestrictQualifiedParam_SharedSharedQuery -} - -query predicate problems( - CallToFunctionWithRestrictParameters call, string message, - CallToFunctionWithRestrictParametersArgExpr arg2, string arg2message, - CallToFunctionWithRestrictParametersArgExpr arg1, string arg1message, Expr source1, - string sourceMessage2, Expr source2, string lastMessage2 -) { - not isExcluded(call, getQuery()) and - exists(int argOffset1, int argOffset2, string sourceMessage1 | - arg1 = call.getARestrictPtrArg() and - arg2 = call.getAPtrArg(_) and - // enforce ordering to remove permutations if multiple restrict-qualified args exist - (not arg2 = call.getARestrictPtrArg() or arg2.getParamIndex() > arg1.getParamIndex()) and - ( - // check if two pointers address the same object - PointerValueToRestrictArgFlow::flow(DataFlow::exprNode(source1), - DataFlow::exprNode(arg1.getAChild*())) and - ( - // one pointer value flows to both args - PointerValueToRestrictArgFlow::flow(DataFlow::exprNode(source1), - DataFlow::exprNode(arg2.getAChild*())) and - sourceMessage1 = "$@" and - sourceMessage2 = "source" and - source1 = source2 - or - // there are two separate values that flow from an AddressOfExpr of the same target - getAddressOfExprTargetBase(source1) = getAddressOfExprTargetBase(source2) and - PointerValueToRestrictArgFlow::flow(DataFlow::exprNode(source2), - DataFlow::exprNode(arg2.getAChild*())) and - sourceMessage1 = "a pair of address-of expressions ($@, $@)" and - sourceMessage2 = "addressof1" and - not source1 = source2 - ) - ) and - // get the offset of the pointer arithmetic operand (or '0' if there is none) - argOffset1 = getPointerArithmeticOperandStatedValue(arg1) and - argOffset2 = getPointerArithmeticOperandStatedValue(arg2) and - ( - // case 1: the pointer args are the same. - // (definite aliasing) - argOffset1 = argOffset2 - or - // case 2: the pointer args are different, a size arg exists, - // and the size arg is greater than the difference between the offsets. - // (potential aliasing) - exists(Expr sizeArg | - sizeArg = call.getAPossibleSizeArg() and - getStatedValue(sizeArg) > (argOffset1 - argOffset2).abs() - ) - or - // case 3: the pointer args are different, and a size arg does not exist - // (potential aliasing) - not exists(call.getAPossibleSizeArg()) - ) and - lastMessage2 = "addressof2" and - arg2message = "aliased pointer" and - arg1message = "restrict-qualified parameter" and - message = - "Call to '" + call.getTarget().getName() + - "' passes an $@ to a $@ (pointer value derived from " + sourceMessage1 + "." - ) -} From da779575eaca22ca348583cfb6da9523691e812b Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 16 Jul 2024 13:04:45 -0400 Subject: [PATCH 1870/2573] M0-2-1: missed more renaming --- .../DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql b/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql index dc3a521edf..1410ee52db 100644 --- a/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql +++ b/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql @@ -1,6 +1,6 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotpassaliasedpointertorestrictqualifiedparamshared.DoNotPassAliasedPointerToRestrictQualifiedParamShared -class TestFileQuery extends DoNotPassAliasedPointerToRestrictQualifiedParamSharedSharedQuery, +class TestFileQuery extends DoNotPassAliasedPointerToRestrictQualifiedParam_SharedSharedQuery, TestQuery { } From e2c4339ee96d9ee178f6154042a11da959e96d9b Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 16 Jul 2024 13:08:57 -0400 Subject: [PATCH 1871/2573] M0-2-1: missed more renaming --- .../DoNotPassAliasedPointerToRestrictQualifiedParamShared.qll | 4 ++-- .../DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.qll b/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.qll index b733f31feb..bea0235881 100644 --- a/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.qll @@ -124,10 +124,10 @@ module PointerValueToRestrictArgConfig implements DataFlow::ConfigSig { module PointerValueToRestrictArgFlow = DataFlow::Global; -abstract class DoNotPassAliasedPointerToRestrictQualifiedParam_SharedSharedQuery extends Query { } +abstract class DoNotPassAliasedPointerToRestrictQualifiedParamSharedSharedQuery extends Query { } Query getQuery() { - result instanceof DoNotPassAliasedPointerToRestrictQualifiedParam_SharedSharedQuery + result instanceof DoNotPassAliasedPointerToRestrictQualifiedParamSharedSharedQuery } query predicate problems( diff --git a/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql b/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql index 1410ee52db..dc3a521edf 100644 --- a/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql +++ b/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql @@ -1,6 +1,6 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotpassaliasedpointertorestrictqualifiedparamshared.DoNotPassAliasedPointerToRestrictQualifiedParamShared -class TestFileQuery extends DoNotPassAliasedPointerToRestrictQualifiedParam_SharedSharedQuery, +class TestFileQuery extends DoNotPassAliasedPointerToRestrictQualifiedParamSharedSharedQuery, TestQuery { } From eff451119807b1d31ecb0b2f1a6e3688bdb76b13 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 16 Jul 2024 13:17:32 -0400 Subject: [PATCH 1872/2573] M0-2-1: missed more renaming --- .../DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql b/c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql index ebdb62c802..dc3a521edf 100644 --- a/c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql +++ b/c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql @@ -1,6 +1,6 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.donotpassaliasedpointertorestrictqualifiedparam_shared.DoNotPassAliasedPointerToRestrictQualifiedParam_Shared +import codingstandards.cpp.rules.donotpassaliasedpointertorestrictqualifiedparamshared.DoNotPassAliasedPointerToRestrictQualifiedParamShared -class TestFileQuery extends DoNotPassAliasedPointerToRestrictQualifiedParam_SharedSharedQuery, +class TestFileQuery extends DoNotPassAliasedPointerToRestrictQualifiedParamSharedSharedQuery, TestQuery { } From f80b0a2fd13092da313fb58fdac69dea797794db Mon Sep 17 00:00:00 2001 From: knewbury01 Date: Tue, 16 Jul 2024 22:37:53 +0000 Subject: [PATCH 1873/2573] Bump version to 2.33.0-dev --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- docs/user_manual.md | 12 ++++++------ 16 files changed, 21 insertions(+), 21 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index 58b6100d68..fbae0e71e0 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards -version: 2.32.0-dev +version: 2.33.0-dev description: CERT C 2016 suites: codeql-suites license: MIT diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index 6ff293b9fd..9b878b7b5c 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards-tests -version: 2.32.0-dev +version: 2.33.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 153e4620f3..474bb3bed7 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards -version: 2.32.0-dev +version: 2.33.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index 71afef5e70..c83d53ae3f 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards-tests -version: 2.32.0-dev +version: 2.33.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index e284cb5151..bfb3a8e8a5 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards -version: 2.32.0-dev +version: 2.33.0-dev description: MISRA C 2012 suites: codeql-suites license: MIT diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index 5d19f0877f..efe05e7d75 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards-tests -version: 2.32.0-dev +version: 2.33.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index dbaf86e72a..9c0bccbc08 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards -version: 2.32.0-dev +version: 2.33.0-dev description: AUTOSAR C++14 Guidelines R22-11, R21-11, R20-11, R19-11 and R19-03 suites: codeql-suites license: MIT diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index baf5a22a15..6743c3b3ee 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards-tests -version: 2.32.0-dev +version: 2.33.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index dfc4d0cbd9..47c2c319c7 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards -version: 2.32.0-dev +version: 2.33.0-dev description: CERT C++ 2016 suites: codeql-suites license: MIT diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index a2fe672e5b..7b8ed0858d 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards-tests -version: 2.32.0-dev +version: 2.33.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index 2fe01c68ff..764c164fcd 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards -version: 2.32.0-dev +version: 2.33.0-dev license: MIT dependencies: codeql/cpp-all: 0.9.3 diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index a66a3fbf70..3ce9a6da2a 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards-tests -version: 2.32.0-dev +version: 2.33.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index 11cca34ca9..5a78931190 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards -version: 2.32.0-dev +version: 2.33.0-dev description: MISRA C++ 2008 suites: codeql-suites license: MIT diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index 0c07a83fe2..2627cf1b66 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards-tests -version: 2.32.0-dev +version: 2.33.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index d9a8beff97..085b1e8a9e 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/report-cpp-coding-standards -version: 2.32.0-dev +version: 2.33.0-dev license: MIT dependencies: codeql/cpp-all: 0.9.3 diff --git a/docs/user_manual.md b/docs/user_manual.md index c9e3db53a9..a32abda8c4 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -30,13 +30,13 @@ ## Release information -This user manual documents release `2.32.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). +This user manual documents release `2.33.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). The release page documents the release notes and contains the following artifacts part of the release: -- `code-scanning-cpp-query-pack-2.32.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `supported_rules_list_2.32.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. -- `supported_rules_list_2.32.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. -- `user_manual_2.32.0-dev.md`: This user manual. +- `code-scanning-cpp-query-pack-2.33.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. +- `supported_rules_list_2.33.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. +- `supported_rules_list_2.33.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. +- `user_manual_2.33.0-dev.md`: This user manual. - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards - `checksums.txt`: A text file containing sha256 checksums for the aforementioned artifacts. @@ -499,7 +499,7 @@ This section describes known failure modes for "CodeQL Coding Standards" and des | | Ouf of space | Less output. Some files may be only be partially analyzed, or not analyzed at all. | Error reported on the command line. | Increase space. If it remains an issue report space consumption issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False positives | More output. Results are reported which are not violations of the guidelines. | All reported results must be reviewed. | Report false positive issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False negatives | Less output. Violations of the guidelines are not reported. | Other validation and verification processes during software development should be used to complement the analysis performed by CodeQL Coding Standards. | Report false negative issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | -| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.32.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | +| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.33.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | | | Incorrect deviation record specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation records with a reason. Ensure that all deviation records are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Incorrect deviation permit specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation permits with a reason. Ensure that all deviation permits are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Unapproved use of a deviation record | Less output. Results for guideline violations are not reported. | Validate that the deviation record use is approved by verifying the approved-by attribute of the deviation record specification. | Ensure that each raised deviation record is approved by an independent approver through an auditable process. | From e90cd3fef0dea68cfc13a70bc0c7a3523b59ca62 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 16 Jul 2024 19:07:51 -0400 Subject: [PATCH 1874/2573] A2-7-3: fix #606, omit fp in friend function declarations in template classes --- change_notes/2024-07-16-fix-fp-606-A2-7-3.md | 2 ++ .../A2-7-3/UndocumentedUserDefinedType.ql | 8 +++-- .../UndocumentedUserDefinedType.expected | 1 + cpp/autosar/test/rules/A2-7-3/test.cpp | 32 ++++++++++++++++++- 4 files changed, 40 insertions(+), 3 deletions(-) create mode 100644 change_notes/2024-07-16-fix-fp-606-A2-7-3.md diff --git a/change_notes/2024-07-16-fix-fp-606-A2-7-3.md b/change_notes/2024-07-16-fix-fp-606-A2-7-3.md new file mode 100644 index 0000000000..a4fc343b76 --- /dev/null +++ b/change_notes/2024-07-16-fix-fp-606-A2-7-3.md @@ -0,0 +1,2 @@ +- `A2-7-3` - `UndocumentedUserDefinedType.ql`: + - Fixes #606. Fix false positive relating to friend functions in template classes. \ No newline at end of file diff --git a/cpp/autosar/src/rules/A2-7-3/UndocumentedUserDefinedType.ql b/cpp/autosar/src/rules/A2-7-3/UndocumentedUserDefinedType.ql index a8bfe3b361..54bf53bb84 100644 --- a/cpp/autosar/src/rules/A2-7-3/UndocumentedUserDefinedType.ql +++ b/cpp/autosar/src/rules/A2-7-3/UndocumentedUserDefinedType.ql @@ -3,7 +3,7 @@ * @name A2-7-3: Declarations of 'user-defined' types, member variables and functions should be documented * @description All declarations of 'user-defined' types, static and non-static data members, * functions and methods shall be preceded by documentation. - * @kind problem + * @ kind problem * @precision very-high * @problem.severity recommendation * @tags external/autosar/id/a2-7-3 @@ -44,7 +44,11 @@ class DocumentableDeclaration extends Declaration { // Exclude instantiated template functions, which cannot reasonably be documented. not this.(Function).isFromTemplateInstantiation(_) and // Exclude anonymous lambda functions. - not exists(LambdaExpression lc | lc.getLambdaFunction() = this) + not exists(LambdaExpression lc | lc.getLambdaFunction() = this) and + //Exclude friend functions (because they have 2 entries in the database), and only one shows documented truly + not exists(FriendDecl d | + d.getFriend().(Function).getDefinition() = this.getADeclarationEntry() + ) or this instanceof MemberVariable and declarationType = "member variable" and diff --git a/cpp/autosar/test/rules/A2-7-3/UndocumentedUserDefinedType.expected b/cpp/autosar/test/rules/A2-7-3/UndocumentedUserDefinedType.expected index 0ae42152f7..90935f9396 100644 --- a/cpp/autosar/test/rules/A2-7-3/UndocumentedUserDefinedType.expected +++ b/cpp/autosar/test/rules/A2-7-3/UndocumentedUserDefinedType.expected @@ -7,3 +7,4 @@ | test.cpp:81:6:81:6 | definition of e | Declaration entry for function e is missing documentation. | | test.cpp:88:1:88:30 | definition of message_to_string_undocumented | Declaration entry for function message_to_string_undocumented is missing documentation. | | test.cpp:160:21:160:24 | definition of kBar | Declaration entry for member variable kBar is missing documentation. | +| test.cpp:207:14:207:17 | definition of foo3 | Declaration entry for function foo3 is missing documentation. | diff --git a/cpp/autosar/test/rules/A2-7-3/test.cpp b/cpp/autosar/test/rules/A2-7-3/test.cpp index 8e9e180458..77e27c49d4 100644 --- a/cpp/autosar/test/rules/A2-7-3/test.cpp +++ b/cpp/autosar/test/rules/A2-7-3/test.cpp @@ -175,4 +175,34 @@ void testFunctionScope() { void fNestedTest(); // COMPLIANT - in function scope }; }; -} \ No newline at end of file +} + +/// Test documentation +template class ClassG { // COMPLIANT +private: + /// Test documentation + int x; // COMPLIANT + +public: + /// Test documentation + friend int foo(ClassG g) { return g.x; } // COMPLIANT +}; + +/// Test documentation +void test() { // COMPLIANT + ClassG g; + foo(g); +} + +/// Test documentation +class ClassG2 { // COMPLIANT +public: + /// Test documentation + friend int foo2() { return 1; } // COMPLIANT +}; + +/// Test documentation +class ClassG3 { // COMPLIANT +public: + friend int foo3() { return 1; } // NON_COMPLIANT +}; \ No newline at end of file From 6655624206bcfeed619d80850db8457522da10ed Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 16 Jul 2024 19:13:04 -0400 Subject: [PATCH 1875/2573] A2-7-3: fix query metadata --- cpp/autosar/src/rules/A2-7-3/UndocumentedUserDefinedType.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/src/rules/A2-7-3/UndocumentedUserDefinedType.ql b/cpp/autosar/src/rules/A2-7-3/UndocumentedUserDefinedType.ql index 54bf53bb84..769c4163ad 100644 --- a/cpp/autosar/src/rules/A2-7-3/UndocumentedUserDefinedType.ql +++ b/cpp/autosar/src/rules/A2-7-3/UndocumentedUserDefinedType.ql @@ -3,7 +3,7 @@ * @name A2-7-3: Declarations of 'user-defined' types, member variables and functions should be documented * @description All declarations of 'user-defined' types, static and non-static data members, * functions and methods shall be preceded by documentation. - * @ kind problem + * @kind problem * @precision very-high * @problem.severity recommendation * @tags external/autosar/id/a2-7-3 From 0f832d3052fa203ef5fe898fa0ea360addf1215d Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Thu, 18 Jul 2024 16:07:12 +0900 Subject: [PATCH 1876/2573] Fix for issue: 646 --- .../test/rules/M0-1-10/test_main_variant.cpp | 44 +++++++++++++++++++ .../cpp/EncapsulatingFunctions.qll | 5 ++- 2 files changed, 48 insertions(+), 1 deletion(-) create mode 100644 cpp/autosar/test/rules/M0-1-10/test_main_variant.cpp diff --git a/cpp/autosar/test/rules/M0-1-10/test_main_variant.cpp b/cpp/autosar/test/rules/M0-1-10/test_main_variant.cpp new file mode 100644 index 0000000000..ccc38c95cc --- /dev/null +++ b/cpp/autosar/test/rules/M0-1-10/test_main_variant.cpp @@ -0,0 +1,44 @@ +#include + +// @brief func1 +// @return exit code +int32_t func1(void) noexcept { // COMPLIANT + int32_t x; // CAUTION: uninitialized!! + int32_t ret; + ret = func2(x); + return ret; +} + +// @brief func2 +// @param arg parameter +// @return exit code +int32_t func2(const int32_t arg) // COMPLIANT +{ + int32_t ret; + ret = arg * arg; + return ret; +} + +namespace mains { + static int32_t var; + + // @brief namespace_func + static void namespace_func(void) noexcept { // COMPLIANT + mains::var = -1; + return; + } +} // namespace + +// @brief main +// @return exit code +int32_t main(void) { + int32_t ret {0}; + try { + ret = func1(); + mains::var += ret; + } + catch(...) { + mains::namespace_func(); + } + return ret; +} diff --git a/cpp/common/src/codingstandards/cpp/EncapsulatingFunctions.qll b/cpp/common/src/codingstandards/cpp/EncapsulatingFunctions.qll index d8d9739033..5492f95041 100644 --- a/cpp/common/src/codingstandards/cpp/EncapsulatingFunctions.qll +++ b/cpp/common/src/codingstandards/cpp/EncapsulatingFunctions.qll @@ -14,7 +14,10 @@ abstract class EncapsulatingFunction extends Function { } class MainFunction extends MainLikeFunction { MainFunction() { hasGlobalName("main") and - getType() instanceof IntType + ( + getType() instanceof IntType or + getType() instanceof Int32_t + ) } } From 8c28f1e35ca565013883be1717f07183768537b6 Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Tue, 23 Jul 2024 11:24:01 +0900 Subject: [PATCH 1877/2573] Added tests and generalized fix --- .../rules/M0-1-10.1/UnusedFunction.expected | 0 .../test/rules/M0-1-10.1/UnusedFunction.qlref | 1 + cpp/autosar/test/rules/M0-1-10.1/test.cpp | 34 +++++++++++++++++++ .../cpp/EncapsulatingFunctions.qll | 5 +-- .../typedefint/MainLikeFunction.expected | 1 + .../typedefint/MainLikeFunction.ql | 5 +++ .../cpp/mainlikefunctions/typedefint/test.cpp | 8 +++++ 7 files changed, 50 insertions(+), 4 deletions(-) create mode 100644 cpp/autosar/test/rules/M0-1-10.1/UnusedFunction.expected create mode 100644 cpp/autosar/test/rules/M0-1-10.1/UnusedFunction.qlref create mode 100644 cpp/autosar/test/rules/M0-1-10.1/test.cpp create mode 100644 cpp/common/test/library/codingstandards/cpp/mainlikefunctions/typedefint/MainLikeFunction.expected create mode 100644 cpp/common/test/library/codingstandards/cpp/mainlikefunctions/typedefint/MainLikeFunction.ql create mode 100644 cpp/common/test/library/codingstandards/cpp/mainlikefunctions/typedefint/test.cpp diff --git a/cpp/autosar/test/rules/M0-1-10.1/UnusedFunction.expected b/cpp/autosar/test/rules/M0-1-10.1/UnusedFunction.expected new file mode 100644 index 0000000000..e69de29bb2 diff --git a/cpp/autosar/test/rules/M0-1-10.1/UnusedFunction.qlref b/cpp/autosar/test/rules/M0-1-10.1/UnusedFunction.qlref new file mode 100644 index 0000000000..519660f289 --- /dev/null +++ b/cpp/autosar/test/rules/M0-1-10.1/UnusedFunction.qlref @@ -0,0 +1 @@ +rules/M0-1-10/UnusedFunction.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M0-1-10.1/test.cpp b/cpp/autosar/test/rules/M0-1-10.1/test.cpp new file mode 100644 index 0000000000..f85bf8bfe7 --- /dev/null +++ b/cpp/autosar/test/rules/M0-1-10.1/test.cpp @@ -0,0 +1,34 @@ +#include + +namespace mains { +static std::int32_t var; + +// @brief namespace_func +static void +namespace_func(void) noexcept { // COMPLIANT: Called from "main" below. + mains::var = -1; + return; +} +} // namespace mains + +std::int32_t func2() // COMPLIANT: Called from func1 +{ + return mains::var + 20; +} + +std::int32_t func1() { // COMPLIANT: Called from main + return mains::var + func2(); // func2 called here. +} + +// @brief main +// @return exit code +std::int32_t main(void) { + std::int32_t ret{0}; + try { + ret = func1(); // func1 called here. + mains::var += ret; + } catch (...) { + mains::namespace_func(); // namespace_func called here. + } + return ret; +} diff --git a/cpp/common/src/codingstandards/cpp/EncapsulatingFunctions.qll b/cpp/common/src/codingstandards/cpp/EncapsulatingFunctions.qll index 5492f95041..f82705e2c7 100644 --- a/cpp/common/src/codingstandards/cpp/EncapsulatingFunctions.qll +++ b/cpp/common/src/codingstandards/cpp/EncapsulatingFunctions.qll @@ -14,10 +14,7 @@ abstract class EncapsulatingFunction extends Function { } class MainFunction extends MainLikeFunction { MainFunction() { hasGlobalName("main") and - ( - getType() instanceof IntType or - getType() instanceof Int32_t - ) + getType().resolveTypedefs() instanceof IntType } } diff --git a/cpp/common/test/library/codingstandards/cpp/mainlikefunctions/typedefint/MainLikeFunction.expected b/cpp/common/test/library/codingstandards/cpp/mainlikefunctions/typedefint/MainLikeFunction.expected new file mode 100644 index 0000000000..fa98ca7648 --- /dev/null +++ b/cpp/common/test/library/codingstandards/cpp/mainlikefunctions/typedefint/MainLikeFunction.expected @@ -0,0 +1 @@ +| test.cpp:5:9:5:12 | main | diff --git a/cpp/common/test/library/codingstandards/cpp/mainlikefunctions/typedefint/MainLikeFunction.ql b/cpp/common/test/library/codingstandards/cpp/mainlikefunctions/typedefint/MainLikeFunction.ql new file mode 100644 index 0000000000..ed1757631e --- /dev/null +++ b/cpp/common/test/library/codingstandards/cpp/mainlikefunctions/typedefint/MainLikeFunction.ql @@ -0,0 +1,5 @@ +import cpp +import codingstandards.cpp.EncapsulatingFunctions + +from MainFunction m +select m diff --git a/cpp/common/test/library/codingstandards/cpp/mainlikefunctions/typedefint/test.cpp b/cpp/common/test/library/codingstandards/cpp/mainlikefunctions/typedefint/test.cpp new file mode 100644 index 0000000000..7b514505f1 --- /dev/null +++ b/cpp/common/test/library/codingstandards/cpp/mainlikefunctions/typedefint/test.cpp @@ -0,0 +1,8 @@ +typedef signed int int32_t; + +// @brief main +// @return exit code +int32_t main(void) { + int32_t ret{0}; + return ret; +} From 9f88e856ba7c8488bea0a0921b940fafce496790 Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Tue, 23 Jul 2024 12:50:45 +0900 Subject: [PATCH 1878/2573] Added change note for #646 --- change_notes/2024-07-23-fix-fp-646-M0-1-10.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 change_notes/2024-07-23-fix-fp-646-M0-1-10.md diff --git a/change_notes/2024-07-23-fix-fp-646-M0-1-10.md b/change_notes/2024-07-23-fix-fp-646-M0-1-10.md new file mode 100644 index 0000000000..8854c7b59a --- /dev/null +++ b/change_notes/2024-07-23-fix-fp-646-M0-1-10.md @@ -0,0 +1,2 @@ +- `M0-1-10` - `EncapsulatingFunctions.qll`: + - Fixes #646. Consider typedef'd `int` return types for `main()` function as MainFunction. From 48b6db5b73284f571cf855220fcf224c9c78da08 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Tue, 23 Jul 2024 14:17:34 +0100 Subject: [PATCH 1879/2573] Fix broken link in ISO 26262 documentation Fixes a couple of broken links in the ISO 26262 documentation which pointed to the old location of the development handbook. --- docs/iso_26262_tool_qualification.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/docs/iso_26262_tool_qualification.md b/docs/iso_26262_tool_qualification.md index 22de2f5a21..53b5a4303d 100644 --- a/docs/iso_26262_tool_qualification.md +++ b/docs/iso_26262_tool_qualification.md @@ -11,7 +11,8 @@ | 0.3.0 | 2021-09-08 | Luke Cartey | Update the customer table. | | 0.4.0 | 2021-09-19 | Luke Cartey | Add more detail on approach to V&V. Update section around increased confidence from use. | | 0.5.0 | 2021-11-29 | Remco Vermeulen | Add document management section. | -| 0.6.0 | 2023-08-14 | Luke Cartey | Update use and testing statement after LGTM.com deprecation. | +| 0.6.0 | 2023-08-14 | Luke Cartey | Update use and testing statement after LGTM.com deprecation. | +| 0.7.0 | 2024-07-23 | Luke Cartey | Fix development handbook link | ## Introduction @@ -60,7 +61,7 @@ For the CodeQL Coding Standard queries, we intend to apply the following qualifi #### 1b. Evaluation of the tool development process in accordance with 11.4.8 -The development process is described in the [development handbook](../development_handbook.md). +The development process is described in the [development handbook](development_handbook.md). The project planning and requirements processes are described in our internal repository. @@ -80,7 +81,7 @@ In combination, these techniques ensure that the tool complies with the requirem - Rule review with subject matter experts ensures our interpretation of the rule is appropriate in uncertain cases. - Real world testing and external feedback ensures the interpretation of the rule is producing appropriate and reasonable results on real world code. -The development processes related to validation and verification are described in detail the [development handbook](../development_handbook.md). +The development processes related to validation and verification are described in detail the [development handbook](development_handbook.md). ### Qualification methods for CodeQL CLI and the CodeQL Standard Library for C++ From ea8737a31d338cf02e88b67153364b38e6c7bb9f Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Tue, 23 Jul 2024 14:30:53 +0100 Subject: [PATCH 1880/2573] Fix quoting in rules.csv Missing quotes on a line made the `rules.csv` ill formatted. In practice the only impact this would have is to make the file not searchable in GitHub. --- rules.csv | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/rules.csv b/rules.csv index 913aa27282..62de28a50a 100644 --- a/rules.csv +++ b/rules.csv @@ -614,7 +614,7 @@ c,MISRA-C-2012,DIR-4-9,Yes,Advisory,,,A function should be used in preference to c,MISRA-C-2012,DIR-4-10,Yes,Required,,,Precautions shall be taken in order to prevent the contents of a header file being included more than once,M16-2-3,Preprocessor2,Medium, c,MISRA-C-2012,DIR-4-11,Yes,Required,,,The validity of values passed to library functions shall be checked,,Contracts,Hard, c,MISRA-C-2012,DIR-4-12,Yes,Required,,,Dynamic memory allocation shall not be used,,Banned,Medium, -c,MISRA-C-2012,DIR-4-13,No,Advisory,,,Functions which are designed to provide operations on a resource should be called in an appropriate sequence,,,,Rule 22.1, 22.2 and 22.6 cover aspects of this rule. In other cases this is a design issue and needs to be checked manually. +c,MISRA-C-2012,DIR-4-13,No,Advisory,,,Functions which are designed to provide operations on a resource should be called in an appropriate sequence,,,,"Rule 22.1, 22.2 and 22.6 cover aspects of this rule. In other cases this is a design issue and needs to be checked manually." c,MISRA-C-2012,DIR-4-14,Yes,Required,,,The validity of values received from external sources shall be checked,,Contracts,Hard,This is supported by CodeQLs default C security queries. c,MISRA-C-2012,RULE-1-1,No,Required,,,"The program shall contain no violations of the standard C syntax and constraints, and shall not exceed the implementation's translation limits",,,Easy,"This should be checked via the compiler output, rather than CodeQL, which adds unnecessary steps." c,MISRA-C-2012,RULE-1-2,Yes,Advisory,,,Language extensions should not be used,,Language3,Hard, @@ -952,4 +952,4 @@ cpp,MISRA-C++-2023,RULE-28-6-2,Yes,Required,Decidable,Single Translation Unit,Fo cpp,MISRA-C++-2023,RULE-28-6-3,Yes,Required,Decidable,Single Translation Unit,An object shall not be used while in a potentially moved-from state,,,Import, cpp,MISRA-C++-2023,RULE-28-6-4,Yes,Required,Decidable,Single Translation Unit,"The result of std::remove, std::remove_if, std::unique and empty shall be used",,,Easy, cpp,MISRA-C++-2023,RULE-30-0-1,Yes,Required,Decidable,Single Translation Unit,The C Library input/output functions shall not be used,,,Import, -cpp,MISRA-C++-2023,RULE-30-0-2,Yes,Required,Undecidable,System,Reads and writes on the same file stream shall be separated by a positioning operation,,,Import, \ No newline at end of file +cpp,MISRA-C++-2023,RULE-30-0-2,Yes,Required,Undecidable,System,Reads and writes on the same file stream shall be separated by a positioning operation,,,Import, From aed7701d65f7e085cb53c1be83c0cc7b2512a373 Mon Sep 17 00:00:00 2001 From: Rakesh Pothengil <122329100+rak3-sh@users.noreply.github.com> Date: Wed, 24 Jul 2024 05:00:54 +0900 Subject: [PATCH 1881/2573] Delete cpp/autosar/test/rules/M0-1-10/test_main_variant.cpp --- .../test/rules/M0-1-10/test_main_variant.cpp | 44 ------------------- 1 file changed, 44 deletions(-) delete mode 100644 cpp/autosar/test/rules/M0-1-10/test_main_variant.cpp diff --git a/cpp/autosar/test/rules/M0-1-10/test_main_variant.cpp b/cpp/autosar/test/rules/M0-1-10/test_main_variant.cpp deleted file mode 100644 index ccc38c95cc..0000000000 --- a/cpp/autosar/test/rules/M0-1-10/test_main_variant.cpp +++ /dev/null @@ -1,44 +0,0 @@ -#include - -// @brief func1 -// @return exit code -int32_t func1(void) noexcept { // COMPLIANT - int32_t x; // CAUTION: uninitialized!! - int32_t ret; - ret = func2(x); - return ret; -} - -// @brief func2 -// @param arg parameter -// @return exit code -int32_t func2(const int32_t arg) // COMPLIANT -{ - int32_t ret; - ret = arg * arg; - return ret; -} - -namespace mains { - static int32_t var; - - // @brief namespace_func - static void namespace_func(void) noexcept { // COMPLIANT - mains::var = -1; - return; - } -} // namespace - -// @brief main -// @return exit code -int32_t main(void) { - int32_t ret {0}; - try { - ret = func1(); - mains::var += ret; - } - catch(...) { - mains::namespace_func(); - } - return ret; -} From 80ab9a6954315c6c70b37d257e4b269406b5e01c Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 23 Jul 2024 21:57:11 +0100 Subject: [PATCH 1882/2573] Add change note --- change_notes/2024-06-03-a3-1-5-trivial-defs.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 change_notes/2024-06-03-a3-1-5-trivial-defs.md diff --git a/change_notes/2024-06-03-a3-1-5-trivial-defs.md b/change_notes/2024-06-03-a3-1-5-trivial-defs.md new file mode 100644 index 0000000000..29a7f48eb5 --- /dev/null +++ b/change_notes/2024-06-03-a3-1-5-trivial-defs.md @@ -0,0 +1,4 @@ + - `A3-1-5` - `TrivialOrTemplateFunctionDefinedOutsideClassDefinition.ql`: + - Query deleted - rule was never intended to cover this case (see https://forum.misra.org.uk/archive/index.php?thread-1588.html). + - `A3-1-5` - `NonTrivialNonTemplateFunctionDefinedInsideClassDefinition.ql`: + - Removed false positives caused by flagging member functions in template instantiations From dfe7dca65eb02779b9004607f9e2832e2eaeec3c Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Tue, 23 Jul 2024 22:02:33 +0100 Subject: [PATCH 1883/2573] Update cpp/common/src/codingstandards/cpp/Class.qll Co-authored-by: Kristen Newbury --- cpp/common/src/codingstandards/cpp/Class.qll | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Class.qll b/cpp/common/src/codingstandards/cpp/Class.qll index 09d39ce6f8..73c0930f09 100644 --- a/cpp/common/src/codingstandards/cpp/Class.qll +++ b/cpp/common/src/codingstandards/cpp/Class.qll @@ -193,8 +193,11 @@ class TrivialMemberFunction extends IntrospectedMemberFunction { */ class TemplateOrTemplateClassMemberFunction extends MemberFunction { TemplateOrTemplateClassMemberFunction() { - isFromUninstantiatedTemplate(_) or - isFromTemplateInstantiation(_) +( + isFromUninstantiatedTemplate(_) or + isFromTemplateInstantiation(_) + ) and + not this.isCompilerGenerated() } } From d0807db3b6d63e0fea88ff8c0a1a62a71c033253 Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Wed, 24 Jul 2024 09:56:32 +0900 Subject: [PATCH 1884/2573] Corrected formatting --- cpp/autosar/test/rules/M0-1-10.1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/M0-1-10.1/test.cpp b/cpp/autosar/test/rules/M0-1-10.1/test.cpp index f85bf8bfe7..272f295a35 100644 --- a/cpp/autosar/test/rules/M0-1-10.1/test.cpp +++ b/cpp/autosar/test/rules/M0-1-10.1/test.cpp @@ -16,7 +16,7 @@ std::int32_t func2() // COMPLIANT: Called from func1 return mains::var + 20; } -std::int32_t func1() { // COMPLIANT: Called from main +std::int32_t func1() { // COMPLIANT: Called from main return mains::var + func2(); // func2 called here. } From 33eb5020bff2d243b046f6620331fb2ddf2b987e Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 24 Jul 2024 22:14:38 +0200 Subject: [PATCH 1885/2573] Rename shared queries --- .../UnsignedIntegerOperationsWrapAround.ql | 4 +- ...nsignedIntegerOperationsWrapAround.testref | 2 +- ...eMacroArgumentSubjectToExpansion.expected} | 0 ...ixedUseMacroArgumentSubjectToExpansion.ql} | 5 +- .../test.c | 0 .../AtofAtoiAtolAndAtollUsed.expected} | 0 .../AtofAtoiAtolAndAtollUsed.ql | 4 + .../test.c | 0 .../AtofAtoiAtolAndAtollUsed_shared.ql | 4 - ...tFieldShallHaveAnAppropriateType.expected} | 0 .../BitFieldShallHaveAnAppropriateType.ql | 4 + .../test.c | 0 ...tFieldShallHaveAnAppropriateType_shared.ql | 4 - .../FunctionLikeMacrosDefined.expected} | 0 .../FunctionLikeMacrosDefined.ql | 4 + .../test.c | 0 .../FunctionLikeMacrosDefined_shared.ql | 4 - ...eferenceALabelInSurroundingBlock.expected} | 0 .../GotoReferenceALabelInSurroundingBlock.ql} | 4 +- .../test.c | 0 .../GotoStatementShouldNotBeUsed.expected} | 0 .../GotoStatementShouldNotBeUsed.ql | 4 + .../test.c | 0 .../GotoStatementShouldNotBeUsed_shared.ql | 4 - .../LowercaseLStartsInLiteralSuffix.expected} | 0 .../LowercaseLStartsInLiteralSuffix.ql | 4 + .../test.c | 0 .../LowercaseLStartsInLiteralSuffix_shared.ql | 4 - .../MacroParameterFollowingHash.expected} | 0 .../MacroParameterFollowingHash.ql | 4 + .../test.c | 0 .../MacroParameterFollowingHash_shared.ql | 4 - ...rationsNotSequencedAppropriately.expected} | 0 ...oryOperationsNotSequencedAppropriately.ql} | 5 +- .../test.c | 0 ...edBitFieldsWithSignedIntegerType.expected} | 0 .../NamedBitFieldsWithSignedIntegerType.ql | 4 + .../test.c | 0 ...edBitFieldsWithSignedIntegerType_shared.ql | 4 - .../NonTerminatedEscapeSequences.expected} | 0 .../NonTerminatedEscapeSequences.ql | 4 + .../test.c | 0 .../NonTerminatedEscapeSequences_shared.ql | 4 - .../NonUniqueEnumerationConstant.expected} | 0 .../NonUniqueEnumerationConstant.ql | 4 + .../test.c | 0 .../NonUniqueEnumerationConstant_shared.ql | 4 - ...ssignmentOperatorShouldNotBeUsed.expected} | 0 ...tOfAnAssignmentOperatorShouldNotBeUsed.ql} | 5 +- .../test.c | 0 ...erationWithConstantOperandsWraps.expected} | 0 ...gnedOperationWithConstantOperandsWraps.ql} | 5 +- .../test.c | 0 .../UseOfNonZeroOctalLiteral.expected} | 0 .../UseOfNonZeroOctalLiteral.ql | 4 + .../test.c | 0 .../UseOfNonZeroOctalLiteral_shared.ql | 4 - .../DIR-4-9/FunctionOverFunctionLikeMacro.ql | 4 +- .../rules/RULE-13-2/UnsequencedSideEffects.ql | 4 +- ...ltOfAnAssignmentOperatorShouldNotBeUsed.ql | 4 +- .../src/rules/RULE-15-1/GotoStatementUsed.ql | 4 +- .../RULE-15-3/GotoLabelBlockCondition.ql | 4 +- ...oreThanOneHashOperatorInMacroDefinition.ql | 4 +- .../MacroParameterUsedAsHashOperand.ql | 4 +- .../AtofAtoiAtolAndAtollOfStdlibhUsed.ql | 4 +- ...HexadecimalEscapeSequencesNotTerminated.ql | 4 +- ...hallOnlyBeDeclaredWithAnAppropriateType.ql | 4 +- .../SingleBitNamedBitFieldsOfASignedType.ql | 4 +- ...lueImplicitEnumerationConstantNotUnique.ql | 4 +- .../FunctionOverFunctionLikeMacro.testref | 2 +- .../RULE-13-2/UnsequencedSideEffects.testref | 2 +- ...nAssignmentOperatorShouldNotBeUsed.testref | 2 +- .../rules/RULE-15-1/GotoStatementUsed.testref | 2 +- .../RULE-15-3/GotoLabelBlockCondition.testref | 2 +- ...anOneHashOperatorInMacroDefinition.testref | 2 +- .../MacroParameterUsedAsHashOperand.testref | 2 +- .../AtofAtoiAtolAndAtollOfStdlibhUsed.testref | 2 +- ...ecimalEscapeSequencesNotTerminated.testref | 2 +- ...nlyBeDeclaredWithAnAppropriateType.testref | 2 +- ...ngleBitNamedBitFieldsOfASignedType.testref | 2 +- ...rcaseCharacterLUsedInLiteralSuffix.testref | 2 +- ...plicitEnumerationConstantNotUnique.testref | 2 +- ...licitConstructorBaseClassInitialization.ql | 4 +- ...yAssignmentAndAMoveHandleSelfAssignment.ql | 4 +- ...tSpecializationsOfFunctionTemplatesUsed.ql | 4 +- .../rules/A15-1-2/PointerExceptionObject.ql | 4 +- .../rules/A15-4-2/NoExceptFunctionThrows.ql | 4 +- .../A18-1-2/VectorboolSpecializationUsed.ql | 4 +- .../GlobalSizedOperatorDeleteNotDefined.ql | 4 +- .../GlobalUnsizedOperatorDeleteNotDefined.ql | 4 +- .../ForwardingValuesToOtherFunctions.ql | 4 +- .../rules/A2-13-1/EscapeSequenceOutsideISO.ql | 4 +- .../A2-7-1/SingleLineCommentEndsWithSlash.ql | 4 +- .../A4-10-1/NullPointerConstantNotNullptr.ql | 4 +- ...ualPointerOnlyComparesToNullptrConstant.ql | 4 +- .../src/rules/A5-2-4/ReinterpretCastUsed.ql | 4 +- .../src/rules/A6-6-1/GotoStatementUsed.ql | 4 +- ...nUnderlyingBaseTypeNotExplicitlyDefined.ql | 5 +- ...nitionNotConsideredForUnqualifiedLookup.ql | 4 +- ...enInheritedNonOverridableMemberFunction.ql | 4 +- ...iddenInheritedOverridableMemberFunction.ql | 4 +- .../src/rules/A7-4-1/AsmDeclarationUsed.ql | 4 +- .../src/rules/A7-5-2/RecursiveFunctions.ql | 5 +- ...nfusingUseOfInitializerListConstructors.ql | 4 +- ...ssibleBaseClassBothVirtualAndNonVirtual.ql | 4 +- ...peOfThisUsedFromConstructorOrDestructor.ql | 4 +- .../NameNotReferredUsingAQualifiedIdOrThis.ql | 4 +- ...NotReferredUsingAQualifiedIdOrThisAudit.ql | 4 +- .../rules/M15-1-3/EmptyThrowOutsideCatch.ql | 4 +- .../src/rules/M18-2-1/MacroOffsetofUsed.ql | 4 +- .../src/rules/M18-7-1/CsignalFunctionsUsed.ql | 4 +- .../src/rules/M18-7-1/CsignalTypesUsed.ql | 4 +- .../rules/M2-13-2/UseOfNonZeroOctalLiteral.ql | 4 +- .../src/rules/M2-13-3/MissingUSuffix.ql | 4 +- .../SlashStarUsedWithinACStyleComment.ql | 4 +- .../src/rules/M27-0-1/CstdioFunctionsUsed.ql | 4 +- .../src/rules/M27-0-1/CstdioMacrosUsed.ql | 4 +- .../src/rules/M27-0-1/CstdioTypesUsed.ql | 4 +- ...PassedAsFunctionArgumentDecayToAPointer.ql | 4 +- .../M5-2-6/CastNotConvertPointerToFunction.ql | 4 +- ...usOperatorAppliedToAnUnsignedExpression.ql | 4 +- .../rules/M5-3-3/UnaryOperatorOverloaded.ql | 4 +- .../src/rules/M6-3-1/LoopCompoundCondition.ql | 4 +- .../rules/M6-3-1/SwitchCompoundCondition.ql | 4 +- .../GlobalNamespaceMembershipViolation.ql | 4 +- ...MainUsedForAFunctionOtherThanGlobalMain.ql | 4 +- .../FunctionReturnAutomaticVarCondition.ql | 4 +- .../MultipleGlobalOrMemberDeclarators.ql | 4 +- .../rules/M8-0-1/MultipleLocalDeclarators.ql | 4 +- ...nctionParametersUseSameDefaultArguments.ql | 4 +- ...ConstructorBaseClassInitialization.testref | 2 +- ...gnmentAndAMoveHandleSelfAssignment.testref | 2 +- ...ializationsOfFunctionTemplatesUsed.testref | 2 +- .../A15-1-2/PointerExceptionObject.testref | 2 +- .../A15-4-2/NoExceptFunctionThrows.testref | 2 +- .../VectorboolSpecializationUsed.testref | 2 +- ...lobalSizedOperatorDeleteNotDefined.testref | 2 +- ...balUnsizedOperatorDeleteNotDefined.testref | 2 +- .../ForwardingValuesToOtherFunctions.testref | 2 +- .../A2-13-1/EscapeSequenceOutsideISO.testref | 2 +- .../SingleLineCommentEndsWithSlash.testref | 2 +- .../NullPointerConstantNotNullptr.testref | 2 +- ...ualFunctionWithNullPointerConstant.testref | 2 +- ...irtualPointerOnlyComparesToNullptr.testref | 2 +- ...interOnlyComparesToNullptrConstant.testref | 2 +- .../rules/A5-2-4/ReinterpretCastUsed.testref | 2 +- .../rules/A6-6-1/GotoStatementUsed.testref | 2 +- ...nNotConsideredForUnqualifiedLookup.testref | 2 +- ...eritedNonOverridableMemberFunction.testref | 2 +- ...InheritedOverridableMemberFunction.testref | 2 +- .../rules/A7-4-1/AsmDeclarationUsed.testref | 2 +- .../rules/A7-5-2/RecursiveFunctions.testref | 2 +- ...ngUseOfInitializerListConstructors.testref | 2 +- ...eBaseClassBothVirtualAndNonVirtual.testref | 2 +- ...othVirtualAndNonVirtualInHierarchy.testref | 2 +- ...hisUsedFromConstructorOrDestructor.testref | 2 +- ...NotReferredUsingAQualifiedIdOrThis.testref | 2 +- ...ferredUsingAQualifiedIdOrThisAudit.testref | 2 +- .../M15-1-3/EmptyThrowOutsideCatch.testref | 2 +- .../rules/M18-2-1/MacroOffsetofUsed.testref | 2 +- .../M18-7-1/CsignalFunctionsUsed.testref | 2 +- .../rules/M18-7-1/CsignalTypesUsed.testref | 2 +- .../M2-13-2/UseOfNonZeroOctalLiteral.testref | 2 +- .../test/rules/M2-13-3/MissingUSuffix.testref | 2 +- .../SlashStarUsedWithinACStyleComment.testref | 2 +- .../rules/M27-0-1/CstdioFunctionsUsed.testref | 2 +- .../rules/M27-0-1/CstdioMacrosUsed.testref | 2 +- .../rules/M27-0-1/CstdioTypesUsed.testref | 2 +- ...dAsFunctionArgumentDecayToAPointer.testref | 2 +- .../CastNotConvertPointerToFunction.testref | 2 +- ...ratorAppliedToAnUnsignedExpression.testref | 2 +- .../M5-3-3/UnaryOperatorOverloaded.testref | 2 +- .../M6-3-1/LoopCompoundCondition.testref | 2 +- .../M6-3-1/SwitchCompoundCondition.testref | 2 +- ...GlobalNamespaceMembershipViolation.testref | 2 +- ...sedForAFunctionOtherThanGlobalMain.testref | 2 +- ...tionOtherThanTheGlobalFunctionMain.testref | 2 +- ...unctionReturnAutomaticVarCondition.testref | 2 +- .../MultipleGlobalOrMemberDeclarators.testref | 2 +- .../M8-0-1/MultipleLocalDeclarators.testref | 2 +- ...nParametersUseSameDefaultArguments.testref | 2 +- ...rametersUseTheSameDefaultArguments.testref | 2 +- ...peShallHaveALengthOfMoreThanOneBit.testref | 2 +- .../AddressOfOperatorOverloaded.qll} | 7 +- ...xedUseMacroArgumentSubjectToExpansion.qll} | 8 +- ...ssedAsFunctionArgumentDecayToAPointer.qll} | 7 +- .../asmdeclarationused/AsmDeclarationUsed.qll | 16 +++ .../AsmDeclarationUsed_shared.qll | 15 --- .../AtofAtoiAtolAndAtollUsed.qll} | 7 +- .../BackslashCharacterMisuse.qll} | 8 +- .../BitFieldShallHaveAnAppropriateType.qll} | 7 +- ...ryOperatorAppliedToUnsignedExpression.qll} | 8 +- ...weenAPointerToFunctionAndAnyOtherType.qll} | 7 +- ...acterSequenceUsedWithinACStyleComment.qll} | 7 +- .../commaoperatorused/CommaOperatorUsed.qll | 3 +- .../ConstLikeReturnValue.qll | 5 +- ...eAssignmentsShallHandleSelfAssignment.qll} | 8 +- .../CsignalFunctionsUsed.qll} | 7 +- .../CsignalTypesUsed.qll} | 7 +- .../CstdioFunctionsUsed.qll} | 8 +- .../CstdioMacrosUsed.qll} | 8 +- .../CstdioTypesUsed.qll} | 8 +- ...tionNotConsideredForUnqualifiedLookup.qll} | 9 +- .../DereferenceOfNullPointer.qll | 3 +- .../DoNotUseSetjmpOrLongjmpShared.qll | 3 +- .../EmptyThrowOnlyWithinACatchHandler.qll} | 8 +- ...NotDefinedWithAnExplicitUnderlyingType.qll | 13 +- ...nedWithAnExplicitUnderlyingType_shared.qll | 19 --- .../ExceptionObjectHavePointerType.qll} | 8 +- ...ngReferencesAndForwardNotUsedTogether.qll} | 7 +- .../FunctionLikeMacrosDefined.qll} | 7 +- ...lThemselvesEitherDirectlyOrIndirectly.qll} | 8 +- ...unctionTemplatesExplicitlySpecialized.qll} | 7 +- .../GlobalNamespaceDeclarations.qll} | 8 +- .../GlobalSizedOperatorDeleteNotDefined.qll} | 8 +- ...GlobalUnsizedOperatorDeleteNotDefined.qll} | 8 +- ...GotoReferenceALabelInSurroundingBlock.qll} | 7 +- .../GotoStatementShouldNotBeUsed.qll} | 7 +- .../HandleAllExceptionsDuringStartup.qll | 3 +- ...InheritedNonOverridableMemberFunction.qll} | 8 +- ...denInheritedOverridableMemberFunction.qll} | 8 +- .../identifierhidden/IdentifierHidden.qll | 5 +- ...WithExternalLinkageOneDefinitionShared.qll | 4 +- .../IfElseTerminationConstruct.qll | 3 +- .../InitializeAllVirtualBaseClasses.qll} | 8 +- ...erListConstructorIsTheOnlyConstructor.qll} | 8 +- .../LineSplicingUsedInComments.qll} | 8 +- .../LoopCompoundCondition.qll | 19 +++ .../LoopCompoundCondition_shared.qll | 17 --- .../LowercaseLStartsInLiteralSuffix.qll} | 8 +- .../MacroOffsetofUsed.qll} | 7 +- .../MacroParameterFollowingHash.qll} | 8 +- ...MacroParameterNotEnclosedInParentheses.qll | 5 +- ...ryOperationsNotSequencedAppropriately.qll} | 7 +- .../MultipleGlobalOrMemberDeclarators.qll} | 7 +- .../MultipleLocalDeclarators.qll} | 7 +- .../NamedBitFieldsWithSignedIntegerType.qll} | 7 +- ...ameNotReferredUsingAQualifiedIdOrThis.qll} | 8 +- ...tReferredUsingAQualifiedIdOrThisAudit.qll} | 8 +- ...FunctionShouldNotPropagateToTheCaller.qll} | 8 +- .../NonGlobalFunctionMain.qll} | 8 +- .../NonTerminatedEscapeSequences.qll} | 8 +- .../NonUniqueEnumerationConstant.qll} | 8 +- .../NotDistinctIdentifier.qll | 3 +- ...otTheOnlyFormOfTheNullPointerConstant.qll} | 7 +- ...icTypeUsedFromConstructorOrDestructor.qll} | 8 +- ...ShallSpecifyDifferentDefaultArguments.qll} | 8 +- ...lyVirtualPointerOnlyComparesToNullptr.qll} | 8 +- ...icateFunctionObjectsShouldNotBeMutable.qll | 4 +- ...processingDirectiveWithinMacroArgument.qll | 4 +- .../ReinterpretCastUsed.qll | 16 +++ .../ReinterpretCastUsed_shared.qll | 15 --- ...OfAnAssignmentOperatorShouldNotBeUsed.qll} | 7 +- ...enceOrPointerToAutomaticLocalVariable.qll} | 8 +- .../SwitchCasePositionCondition.qll | 3 +- .../SwitchCompoundCondition.qll} | 8 +- .../SwitchNotWellFormed.qll | 3 +- .../cpp/rules/typeomitted/TypeOmitted.qll | 3 +- ...tegerLiteralsNotAppropriatelySuffixed.qll} | 7 +- ...nedOperationWithConstantOperandsWraps.qll} | 7 +- .../UseOfNonZeroOctalLiteral.qll} | 7 +- .../VectorShouldNotBeSpecializedWithBool.qll} | 9 +- ...rtualAndNonVirtualClassInTheHierarchy.qll} | 8 +- .../AddressOfOperatorOverloaded.expected} | 0 .../AddressOfOperatorOverloaded.ql | 4 + .../test.cpp | 0 .../AddressOfOperatorOverloaded_shared.ql | 4 - ...eMacroArgumentSubjectToExpansion.expected} | 0 ...ixedUseMacroArgumentSubjectToExpansion.ql} | 5 +- .../test.cpp | 0 ...sFunctionArgumentDecayToAPointer.expected} | 0 ...assedAsFunctionArgumentDecayToAPointer.ql} | 6 +- .../test.cpp | 0 .../AsmDeclarationUsed.expected} | 0 .../asmdeclarationused/AsmDeclarationUsed.ql | 4 + .../test.cpp | 0 .../AsmDeclarationUsed_shared.ql | 4 - .../AtofAtoiAtolAndAtollUsed.expected} | 0 .../AtofAtoiAtolAndAtollUsed.ql | 4 + .../test.cpp | 0 .../AtofAtoiAtolAndAtollUsed_shared.ql | 4 - .../BackslashCharacterMisuse.expected} | 0 .../BackslashCharacterMisuse.ql | 4 + .../test.cpp | 0 .../BackslashCharacterMisuse_shared.ql | 4 - ...tFieldShallHaveAnAppropriateType.expected} | 0 .../BitFieldShallHaveAnAppropriateType.ql | 4 + .../test.cpp | 0 ...tFieldShallHaveAnAppropriateType_shared.ql | 4 - ...ratorAppliedToUnsignedExpression.expected} | 0 ...aryOperatorAppliedToUnsignedExpression.ql} | 7 +- .../test.cpp | 0 ...PointerToFunctionAndAnyOtherType.expected} | 0 ...tweenAPointerToFunctionAndAnyOtherType.ql} | 6 +- .../test.cpp | 0 ...SequenceUsedWithinACStyleComment.expected} | 0 ...racterSequenceUsedWithinACStyleComment.ql} | 5 +- .../test.cpp | 0 ...gnmentsShallHandleSelfAssignment.expected} | 0 ...veAssignmentsShallHandleSelfAssignment.ql} | 7 +- .../test.cpp | 0 .../CsignalFunctionsUsed.expected} | 0 .../CsignalFunctionsUsed.ql | 4 + .../test.cpp | 0 .../CsignalFunctionsUsed_shared.ql | 4 - .../CsignalTypesUsed.expected} | 0 .../csignaltypesused/CsignalTypesUsed.ql | 4 + .../test.cpp | 0 .../CsignalTypesUsed_shared.ql | 4 - .../CstdioFunctionsUsed.expected} | 0 .../CstdioFunctionsUsed.ql | 4 + .../test.cpp | 0 .../CstdioFunctionsUsed_shared.ql | 4 - .../CstdioMacrosUsed.expected} | 0 .../cstdiomacrosused/CstdioMacrosUsed.ql | 4 + .../test.cpp | 0 .../CstdioMacrosUsed_shared.ql | 4 - .../CstdioTypesUsed.expected} | 0 .../rules/cstdiotypesused/CstdioTypesUsed.ql | 4 + .../test.cpp | 0 .../CstdioTypesUsed_shared.ql | 4 - ...otConsideredForUnqualifiedLookup.expected} | 0 ...itionNotConsideredForUnqualifiedLookup.ql} | 5 +- .../test.cpp | 0 ...mptyThrowOnlyWithinACatchHandler.expected} | 0 .../EmptyThrowOnlyWithinACatchHandler.ql | 4 + .../test.cpp | 0 ...mptyThrowOnlyWithinACatchHandler_shared.ql | 4 - ...inedWithAnExplicitUnderlyingType.expected} | 0 ...NotDefinedWithAnExplicitUnderlyingType.ql} | 7 +- .../test.cpp | 0 .../ExceptionObjectHavePointerType.expected} | 0 .../ExceptionObjectHavePointerType.ql | 4 + .../test.cpp | 0 .../ExceptionObjectHavePointerType_shared.ql | 4 - ...erencesAndForwardNotUsedTogether.expected} | 0 ...ingReferencesAndForwardNotUsedTogether.ql} | 6 +- .../test.cpp | 0 .../FunctionLikeMacrosDefined.expected} | 0 .../FunctionLikeMacrosDefined.ql | 4 + .../test.cpp | 0 .../FunctionLikeMacrosDefined_shared.ql | 4 - ...selvesEitherDirectlyOrIndirectly.expected} | 0 ...llThemselvesEitherDirectlyOrIndirectly.ql} | 7 +- .../test.cpp | 0 ...onTemplatesExplicitlySpecialized.expected} | 0 ...FunctionTemplatesExplicitlySpecialized.ql} | 4 +- .../test.cpp | 0 .../GlobalNamespaceDeclarations.expected} | 0 .../GlobalNamespaceDeclarations.ql | 4 + .../test.cpp | 0 .../GlobalNamespaceDeclarations_shared.ql | 4 - ...balSizedOperatorDeleteNotDefined.expected} | 0 .../GlobalSizedOperatorDeleteNotDefined.ql | 4 + .../test.cpp | 0 ...balSizedOperatorDeleteNotDefined_shared.ql | 4 - ...lUnsizedOperatorDeleteNotDefined.expected} | 0 .../GlobalUnsizedOperatorDeleteNotDefined.ql} | 4 +- .../test.cpp | 0 ...eferenceALabelInSurroundingBlock.expected} | 0 .../GotoReferenceALabelInSurroundingBlock.ql} | 4 +- .../test.cpp | 0 .../GotoStatementShouldNotBeUsed.expected} | 0 .../GotoStatementShouldNotBeUsed.ql | 4 + .../test.cpp | 0 .../GotoStatementShouldNotBeUsed_shared.ql | 4 - ...itedNonOverridableMemberFunction.expected} | 0 ...nInheritedNonOverridableMemberFunction.ql} | 5 +- .../test.cpp | 0 ...heritedOverridableMemberFunction.expected} | 0 ...ddenInheritedOverridableMemberFunction.ql} | 5 +- .../test.cpp | 0 .../InitializeAllVirtualBaseClasses.expected} | 0 .../InitializeAllVirtualBaseClasses.ql | 4 + .../test.cpp | 0 .../InitializeAllVirtualBaseClasses_shared.ql | 4 - ...tConstructorIsTheOnlyConstructor.expected} | 0 ...zerListConstructorIsTheOnlyConstructor.ql} | 6 +- .../test.cpp | 0 .../LineSplicingUsedInComments.expected} | 0 .../LineSplicingUsedInComments.ql | 4 + .../test.cpp | 0 .../LineSplicingUsedInComments_shared.ql | 4 - .../LoopCompoundCondition.expected} | 0 .../LoopCompoundCondition.ql | 4 + .../test.cpp | 0 .../LoopCompoundCondition_shared.ql | 4 - .../LowercaseLStartsInLiteralSuffix.expected} | 0 .../LowercaseLStartsInLiteralSuffix.ql | 4 + .../README.md | 0 .../test.cpp | 0 .../LowercaseLStartsInLiteralSuffix_shared.ql | 4 - .../MacroOffsetofUsed.expected | 0 .../MacroOffsetofUsed.expected.gcc | 0 .../MacroOffsetofUsed.expected.qcc | 0 .../macrooffsetofused/MacroOffsetofUsed.ql | 4 + .../test.cpp | 0 .../MacroOffsetofUsed_shared.expected | 1 - .../MacroOffsetofUsed_shared.ql | 4 - .../MacroParameterFollowingHash.expected} | 0 .../MacroParameterFollowingHash.ql | 4 + .../test.cpp | 0 .../MacroParameterFollowingHash_shared.ql | 4 - ...rationsNotSequencedAppropriately.expected} | 0 ...oryOperationsNotSequencedAppropriately.ql} | 5 +- .../test.cpp | 0 ...ultipleGlobalOrMemberDeclarators.expected} | 0 .../MultipleGlobalOrMemberDeclarators.ql | 4 + .../test.cpp | 0 ...ultipleGlobalOrMemberDeclarators_shared.ql | 4 - .../MultipleLocalDeclarators.expected} | 0 .../MultipleLocalDeclarators.ql | 4 + .../test.cpp | 0 .../MultipleLocalDeclarators_shared.ql | 4 - ...edBitFieldsWithSignedIntegerType.expected} | 0 .../NamedBitFieldsWithSignedIntegerType.ql | 4 + .../test.cpp | 0 ...edBitFieldsWithSignedIntegerType_shared.ql | 4 - ...tReferredUsingAQualifiedIdOrThis.expected} | 0 ...NameNotReferredUsingAQualifiedIdOrThis.ql} | 4 +- .../test.cpp | 0 ...rredUsingAQualifiedIdOrThisAudit.expected} | 0 ...otReferredUsingAQualifiedIdOrThisAudit.ql} | 5 +- .../test.cpp | 0 ...ionShouldNotPropagateToTheCaller.expected} | 0 ...tFunctionShouldNotPropagateToTheCaller.ql} | 6 +- .../test.cpp | 0 .../NonGlobalFunctionMain.expected} | 0 .../NonGlobalFunctionMain.ql | 4 + .../test.cpp | 0 .../NonGlobalFunctionMain_shared.ql | 4 - .../NonTerminatedEscapeSequences.expected} | 0 .../NonTerminatedEscapeSequences.ql | 4 + .../test.cpp | 0 .../NonTerminatedEscapeSequences_shared.ql | 4 - .../NonUniqueEnumerationConstant.expected} | 0 .../NonUniqueEnumerationConstant.ql | 4 + .../test.cpp | 0 .../NonUniqueEnumerationConstant_shared.ql | 4 - ...OnlyFormOfTheNullPointerConstant.expected} | 0 ...rmOfTheNullPointerConstant.expected.clang} | 0 ...FormOfTheNullPointerConstant.expected.gcc} | 0 ...FormOfTheNullPointerConstant.expected.qcc} | 0 ...NotTheOnlyFormOfTheNullPointerConstant.ql} | 6 +- .../test.cpp | 0 .../test.cpp.clang | 0 .../test.cpp.gcc | 0 .../test.cpp.qcc | 0 ...eUsedFromConstructorOrDestructor.expected} | 0 ...micTypeUsedFromConstructorOrDestructor.ql} | 7 +- .../test.cpp | 0 ...SpecifyDifferentDefaultArguments.expected} | 0 ...gShallSpecifyDifferentDefaultArguments.ql} | 7 +- .../test.cpp | 0 ...tualPointerOnlyComparesToNullptr.expected} | 0 ...llyVirtualPointerOnlyComparesToNullptr.ql} | 6 +- .../test.cpp | 0 .../ReinterpretCastUsed.expected} | 0 .../ReinterpretCastUsed.ql | 4 + .../test.cpp | 0 .../ReinterpretCastUsed_shared.ql | 4 - ...ssignmentOperatorShouldNotBeUsed.expected} | 0 ...tOfAnAssignmentOperatorShouldNotBeUsed.ql} | 5 +- .../test.cpp | 0 ...rPointerToAutomaticLocalVariable.expected} | 0 ...renceOrPointerToAutomaticLocalVariable.ql} | 7 +- .../test.cpp | 0 .../SwitchCompoundCondition.expected} | 0 .../SwitchCompoundCondition.ql | 4 + .../test.cpp | 0 .../SwitchCompoundCondition_shared.ql | 4 - ...LiteralsNotAppropriatelySuffixed.expected} | 0 ...ntegerLiteralsNotAppropriatelySuffixed.ql} | 7 +- .../test.cpp | 0 ...erationWithConstantOperandsWraps.expected} | 0 ...gnedOperationWithConstantOperandsWraps.ql} | 5 +- .../test.cpp | 0 .../UseOfNonZeroOctalLiteral.expected} | 0 .../UseOfNonZeroOctalLiteral.ql | 4 + .../test.cpp | 0 .../UseOfNonZeroOctalLiteral_shared.ql | 4 - ...orShouldNotBeSpecializedWithBool.expected} | 0 ...ouldNotBeSpecializedWithBool.expected.qcc} | 0 .../VectorShouldNotBeSpecializedWithBool.ql} | 4 +- .../test.cpp | 0 ...AndNonVirtualClassInTheHierarchy.expected} | 0 ...irtualAndNonVirtualClassInTheHierarchy.ql} | 4 +- .../test.cpp | 0 ...oveAssignmentsShallHandleSelfAssignment.ql | 4 +- .../UseSingleGlobalOrMemberDeclarators.ql | 4 +- .../RULE-10-0-1/UseSingleLocalDeclarators.ql | 4 +- ...nNotDefinedWithAnExplicitUnderlyingType.ql | 4 +- .../AsmDeclarationShallNotBeUsed.ql | 4 +- .../NonUniqueEnumerationConstant.ql | 4 +- .../BitFieldShallHaveAnAppropriateType.ql | 4 +- ...IntegerNamedBitFieldHaveALengthOfOneBit.ql | 4 +- ...VirtualAndNonVirtualClassInTheHierarchy.ql | 4 +- ...ngShallSpecifyDifferentDefaultArguments.ql | 4 +- ...allyVirtualPointerOnlyComparesToNullptr.ql | 4 +- ...amicTypeUsedFromConstructorOrDestructor.ql | 4 +- .../InitializeAllVirtualBaseClasses.ql | 4 +- ...izerListConstructorIsTheOnlyConstructor.ql | 4 +- .../AddressOfOperatorOverloaded.ql | 4 +- .../FunctionTemplatesExplicitlySpecialized.ql | 4 +- .../ExceptionObjectHavePointerType.ql | 4 +- .../EmptyThrowOnlyWithinACatchHandler.ql | 4 +- ...ptFunctionShouldNotPropagateToTheCaller.ql | 4 +- .../RULE-19-0-2/FunctionLikeMacrosDefined.ql | 4 +- .../MacroParameterFollowingHash.ql | 4 +- ...MixedUseMacroArgumentSubjectToExpansion.ql | 4 +- .../RULE-21-10-3/CsignalFacilitiesUsed.ql | 4 +- .../CsignalTypesShallNotBeUsed.ql | 4 +- .../RULE-21-2-1/AtofAtoiAtolAndAtollUsed.ql | 4 +- .../MacroOffsetofShallNotBeUsed.ql | 4 +- ...GlobalSizedOperatorDeleteShallBeDefined.ql | 4 +- ...obalUnsizedOperatorDeleteShallBeDefined.ql | 4 +- .../VectorShouldNotBeSpecializedWithBool.ql | 4 +- ...dingReferencesAndForwardNotUsedTogether.ql | 4 +- .../CstdioFunctionsShallNotBeUsed.ql | 4 +- .../RULE-30-0-1/CstdioMacrosShallNotBeUsed.ql | 4 +- .../RULE-30-0-1/CstdioTypesShallNotBeUsed.ql | 4 +- ...moryOperationsNotSequencedAppropriately.ql | 4 +- .../RULE-5-13-1/BackslashCharacterMisuse.ql | 4 +- .../NonTerminatedEscapeSequences.ql | 4 +- .../rules/RULE-5-13-3/OctalConstantsUsed.ql | 4 +- ...IntegerLiteralsNotAppropriatelySuffixed.ql | 4 +- .../LowercaseLStartsInLiteralSuffix.ql | 4 +- ...aracterSequenceUsedWithinACStyleComment.ql | 4 +- .../RULE-5-7-3/LineSplicingUsedInComments.ql | 4 +- .../RULE-6-0-3/GlobalNamespaceDeclarations.ql | 4 +- .../rules/RULE-6-0-4/NonGlobalFunctionMain.ql | 4 +- ...onShallBeConsideredForUnqualifiedLookup.ql | 4 +- .../InheritedNonOverridableMemberFunction.ql | 4 +- .../InheritedOverridableMemberFunction.ql | 4 +- ...eShallBeReferredUsingAQualifiedIdOrThis.ql | 4 +- ...lBeReferredUsingAQualifiedIdOrThisAudit.ql | 4 +- ...erenceOrPointerToAutomaticLocalVariable.ql | 4 +- ...rNotTheOnlyFormOfTheNullPointerConstant.ql | 4 +- ...PassedAsFunctionArgumentDecayToAPointer.ql | 4 +- ...ltOfAnAssignmentOperatorShouldNotBeUsed.ql | 4 +- ...allThemselvesEitherDirectlyOrIndirectly.ql | 4 +- ...etweenAPointerToFunctionAndAnyOtherType.ql | 4 +- .../ReinterpretCastShallNotBeUsed.ql | 4 +- ...ignedOperationWithConstantOperandsWraps.ql | 4 +- ...naryOperatorAppliedToUnsignedExpression.ql | 4 +- .../RULE-9-3-1/LoopBodyCompoundCondition.ql | 4 +- .../RULE-9-3-1/SwitchBodyCompoundCondition.ql | 4 +- .../GotoStatementShouldNotBeUsed.ql | 4 +- .../GotoReferenceALabelInSurroundingBlock.ql | 4 +- ...signmentsShallHandleSelfAssignment.testref | 2 +- .../MultipleGlobalOrMemberDeclarators.testref | 2 +- .../MultipleLocalDeclarators.testref | 2 +- ...UseSingleGlobalOrMemberDeclarators.testref | 2 +- .../UseSingleLocalDeclarators.testref | 2 +- ...efinedWithAnExplicitUnderlyingType.testref | 2 +- .../AsmDeclarationShallNotBeUsed.testref | 2 +- .../NonUniqueEnumerationConstant.testref | 2 +- ...BitFieldShallHaveAnAppropriateType.testref | 2 +- ...erNamedBitFieldHaveALengthOfOneBit.testref | 2 +- ...alAndNonVirtualClassInTheHierarchy.testref | 2 +- ...llSpecifyDifferentDefaultArguments.testref | 2 +- ...irtualPointerOnlyComparesToNullptr.testref | 2 +- ...ypeUsedFromConstructorOrDestructor.testref | 2 +- .../InitializeAllVirtualBaseClasses.testref | 2 +- ...istConstructorIsTheOnlyConstructor.testref | 2 +- .../AddressOfOperatorOverloaded.testref | 2 +- ...tionTemplatesExplicitlySpecialized.testref | 2 +- .../ExceptionObjectHavePointerType.testref | 2 +- .../EmptyThrowOnlyWithinACatchHandler.testref | 2 +- ...ctionShouldNotPropagateToTheCaller.testref | 2 +- .../FunctionLikeMacrosDefined.testref | 2 +- .../MacroParameterFollowingHash.testref | 2 +- ...UseMacroArgumentSubjectToExpansion.testref | 2 +- .../CsignalFacilitiesUsed.testref | 2 +- .../CsignalTypesShallNotBeUsed.testref | 2 +- .../RULE-21-10-3/CsignalTypesUsed.testref | 2 +- .../AtofAtoiAtolAndAtollUsed.testref | 2 +- .../MacroOffsetofShallNotBeUsed.testref | 2 +- ...lSizedOperatorDeleteShallBeDefined.testref | 2 +- ...nsizedOperatorDeleteShallBeDefined.testref | 2 +- ...ctorShouldNotBeSpecializedWithBool.testref | 2 +- ...eferencesAndForwardNotUsedTogether.testref | 2 +- .../CstdioFunctionsShallNotBeUsed.testref | 2 +- .../CstdioMacrosShallNotBeUsed.testref | 2 +- .../CstdioTypesShallNotBeUsed.testref | 2 +- ...perationsNotSequencedAppropriately.testref | 2 +- .../BackslashCharacterMisuse.testref | 2 +- .../NonTerminatedEscapeSequences.testref | 2 +- .../RULE-5-13-3/OctalConstantsUsed.testref | 2 +- ...erLiteralsNotAppropriatelySuffixed.testref | 2 +- .../LowercaseLStartsInLiteralSuffix.testref | 2 +- ...erSequenceUsedWithinACStyleComment.testref | 2 +- .../LineSplicingUsedInComments.testref | 2 +- .../GlobalNamespaceDeclarations.testref | 2 +- .../RULE-6-0-4/NonGlobalFunctionMain.testref | 2 +- ...llBeConsideredForUnqualifiedLookup.testref | 2 +- ...eritedNonOverridableMemberFunction.testref | 2 +- ...InheritedOverridableMemberFunction.testref | 2 +- ...lBeReferredUsingAQualifiedIdOrThis.testref | 2 +- ...ferredUsingAQualifiedIdOrThisAudit.testref | 2 +- ...eOrPointerToAutomaticLocalVariable.testref | 2 +- ...heOnlyFormOfTheNullPointerConstant.testref | 2 +- ...dAsFunctionArgumentDecayToAPointer.testref | 2 +- ...nAssignmentOperatorShouldNotBeUsed.testref | 2 +- ...emselvesEitherDirectlyOrIndirectly.testref | 2 +- ...nAPointerToFunctionAndAnyOtherType.testref | 2 +- .../ReinterpretCastShallNotBeUsed.testref | 2 +- ...OperationWithConstantOperandsWraps.testref | 2 +- ...peratorAppliedToUnsignedExpression.testref | 2 +- .../LoopBodyCompoundCondition.testref | 2 +- .../SwitchBodyCompoundCondition.testref | 2 +- .../GotoStatementShouldNotBeUsed.testref | 2 +- ...oReferenceALabelInSurroundingBlock.testref | 2 +- rule_packages/c/Banned.json | 4 +- rule_packages/c/BitfieldTypes.json | 4 +- rule_packages/c/Declarations7.json | 2 +- rule_packages/c/IntegerOverflow.json | 2 +- rule_packages/c/Preprocessor2.json | 4 +- rule_packages/c/Preprocessor6.json | 2 +- rule_packages/c/SideEffects1.json | 2 +- rule_packages/c/SideEffects3.json | 2 +- rule_packages/c/Statements2.json | 2 +- rule_packages/c/Statements6.json | 2 +- rule_packages/c/Syntax.json | 4 +- rule_packages/cpp/BannedFunctions.json | 2 +- rule_packages/cpp/BannedLibraries.json | 10 +- rule_packages/cpp/BannedSyntax.json | 6 +- rule_packages/cpp/BannedTypes.json | 2 +- rule_packages/cpp/Comments.json | 4 +- rule_packages/cpp/Conditionals.json | 4 +- rule_packages/cpp/Declarations.json | 6 +- rule_packages/cpp/Exceptions1.json | 6 +- rule_packages/cpp/Functions.json | 4 +- rule_packages/cpp/ImportMisra23.json | 122 +++++++++--------- rule_packages/cpp/Inheritance.json | 4 +- rule_packages/cpp/Initialization.json | 8 +- rule_packages/cpp/Literals.json | 8 +- rule_packages/cpp/MoveForward.json | 2 +- rule_packages/cpp/Naming.json | 2 +- rule_packages/cpp/OperatorInvariants.json | 2 +- rule_packages/cpp/Operators.json | 4 +- rule_packages/cpp/Pointers.json | 6 +- rule_packages/cpp/Representation.json | 2 +- rule_packages/cpp/Scope.json | 8 +- rule_packages/cpp/Templates.json | 6 +- rule_packages/cpp/VirtualFunctions.json | 2 +- .../templates/shared_library.ql.template | 3 +- 647 files changed, 1107 insertions(+), 1037 deletions(-) rename c/common/test/rules/{amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.expected => amixedusemacroargumentsubjecttoexpansion/AMixedUseMacroArgumentSubjectToExpansion.expected} (100%) rename c/common/test/rules/{amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.ql => amixedusemacroargumentsubjecttoexpansion/AMixedUseMacroArgumentSubjectToExpansion.ql} (61%) rename c/common/test/rules/{amixedusemacroargumentsubjecttoexpansion_shared => amixedusemacroargumentsubjecttoexpansion}/test.c (100%) rename c/common/test/rules/{atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.expected => atofatoiatolandatollused/AtofAtoiAtolAndAtollUsed.expected} (100%) create mode 100644 c/common/test/rules/atofatoiatolandatollused/AtofAtoiAtolAndAtollUsed.ql rename c/common/test/rules/{atofatoiatolandatollused_shared => atofatoiatolandatollused}/test.c (100%) delete mode 100644 c/common/test/rules/atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.ql rename c/common/test/rules/{bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.expected => bitfieldshallhaveanappropriatetype/BitFieldShallHaveAnAppropriateType.expected} (100%) create mode 100644 c/common/test/rules/bitfieldshallhaveanappropriatetype/BitFieldShallHaveAnAppropriateType.ql rename c/common/test/rules/{bitfieldshallhaveanappropriatetype_shared => bitfieldshallhaveanappropriatetype}/test.c (100%) delete mode 100644 c/common/test/rules/bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.ql rename c/common/test/rules/{functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.expected => functionlikemacrosdefined/FunctionLikeMacrosDefined.expected} (100%) create mode 100644 c/common/test/rules/functionlikemacrosdefined/FunctionLikeMacrosDefined.ql rename c/common/test/rules/{functionlikemacrosdefined_shared => functionlikemacrosdefined}/test.c (100%) delete mode 100644 c/common/test/rules/functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.ql rename c/common/test/rules/{gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.expected => gotoreferencealabelinsurroundingblock/GotoReferenceALabelInSurroundingBlock.expected} (100%) rename c/common/test/rules/{gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.ql => gotoreferencealabelinsurroundingblock/GotoReferenceALabelInSurroundingBlock.ql} (63%) rename c/common/test/rules/{gotoreferencealabelinsurroundingblock_shared => gotoreferencealabelinsurroundingblock}/test.c (100%) rename c/common/test/rules/{gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.expected => gotostatementshouldnotbeused/GotoStatementShouldNotBeUsed.expected} (100%) create mode 100644 c/common/test/rules/gotostatementshouldnotbeused/GotoStatementShouldNotBeUsed.ql rename c/common/test/rules/{gotostatementshouldnotbeused_shared => gotostatementshouldnotbeused}/test.c (100%) delete mode 100644 c/common/test/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.ql rename c/common/test/rules/{lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.expected => lowercaselstartsinliteralsuffix/LowercaseLStartsInLiteralSuffix.expected} (100%) create mode 100644 c/common/test/rules/lowercaselstartsinliteralsuffix/LowercaseLStartsInLiteralSuffix.ql rename c/common/test/rules/{lowercaselstartsinliteralsuffix_shared => lowercaselstartsinliteralsuffix}/test.c (100%) delete mode 100644 c/common/test/rules/lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.ql rename c/common/test/rules/{macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.expected => macroparameterfollowinghash/MacroParameterFollowingHash.expected} (100%) create mode 100644 c/common/test/rules/macroparameterfollowinghash/MacroParameterFollowingHash.ql rename c/common/test/rules/{macroparameterfollowinghash_shared => macroparameterfollowinghash}/test.c (100%) delete mode 100644 c/common/test/rules/macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.ql rename c/common/test/rules/{memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.expected => memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.expected} (100%) rename c/common/test/rules/{memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.ql => memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.ql} (60%) rename c/common/test/rules/{memoryoperationsnotsequencedappropriately_shared => memoryoperationsnotsequencedappropriately}/test.c (100%) rename c/common/test/rules/{namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.expected => namedbitfieldswithsignedintegertype/NamedBitFieldsWithSignedIntegerType.expected} (100%) create mode 100644 c/common/test/rules/namedbitfieldswithsignedintegertype/NamedBitFieldsWithSignedIntegerType.ql rename c/common/test/rules/{namedbitfieldswithsignedintegertype_shared => namedbitfieldswithsignedintegertype}/test.c (100%) delete mode 100644 c/common/test/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.ql rename c/common/test/rules/{nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.expected => nonterminatedescapesequences/NonTerminatedEscapeSequences.expected} (100%) create mode 100644 c/common/test/rules/nonterminatedescapesequences/NonTerminatedEscapeSequences.ql rename c/common/test/rules/{nonterminatedescapesequences_shared => nonterminatedescapesequences}/test.c (100%) delete mode 100644 c/common/test/rules/nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.ql rename c/common/test/rules/{nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.expected => nonuniqueenumerationconstant/NonUniqueEnumerationConstant.expected} (100%) create mode 100644 c/common/test/rules/nonuniqueenumerationconstant/NonUniqueEnumerationConstant.ql rename c/common/test/rules/{nonuniqueenumerationconstant_shared => nonuniqueenumerationconstant}/test.c (100%) delete mode 100644 c/common/test/rules/nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.ql rename c/common/test/rules/{resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.expected => resultofanassignmentoperatorshouldnotbeused/ResultOfAnAssignmentOperatorShouldNotBeUsed.expected} (100%) rename c/common/test/rules/{resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql => resultofanassignmentoperatorshouldnotbeused/ResultOfAnAssignmentOperatorShouldNotBeUsed.ql} (59%) rename c/common/test/rules/{resultofanassignmentoperatorshouldnotbeused_shared => resultofanassignmentoperatorshouldnotbeused}/test.c (100%) rename c/common/test/rules/{unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.expected => unsignedoperationwithconstantoperandswraps/UnsignedOperationWithConstantOperandsWraps.expected} (100%) rename c/common/test/rules/{unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.ql => unsignedoperationwithconstantoperandswraps/UnsignedOperationWithConstantOperandsWraps.ql} (59%) rename c/common/test/rules/{unsignedoperationwithconstantoperandswraps_shared => unsignedoperationwithconstantoperandswraps}/test.c (100%) rename c/common/test/rules/{useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.expected => useofnonzerooctalliteral/UseOfNonZeroOctalLiteral.expected} (100%) create mode 100644 c/common/test/rules/useofnonzerooctalliteral/UseOfNonZeroOctalLiteral.ql rename c/common/test/rules/{useofnonzerooctalliteral_shared => useofnonzerooctalliteral}/test.c (100%) delete mode 100644 c/common/test/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.ql rename cpp/common/src/codingstandards/cpp/rules/{addressofoperatoroverloaded_shared/AddressOfOperatorOverloaded_shared.qll => addressofoperatoroverloaded/AddressOfOperatorOverloaded.qll} (62%) rename cpp/common/src/codingstandards/cpp/rules/{amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.qll => amixedusemacroargumentsubjecttoexpansion/AMixedUseMacroArgumentSubjectToExpansion.qll} (80%) rename cpp/common/src/codingstandards/cpp/rules/{arraypassedasfunctionargumentdecaytoapointer_shared/ArrayPassedAsFunctionArgumentDecayToAPointer_shared.qll => arraypassedasfunctionargumentdecaytoapointer/ArrayPassedAsFunctionArgumentDecayToAPointer.qll} (86%) create mode 100644 cpp/common/src/codingstandards/cpp/rules/asmdeclarationused/AsmDeclarationUsed.qll delete mode 100644 cpp/common/src/codingstandards/cpp/rules/asmdeclarationused_shared/AsmDeclarationUsed_shared.qll rename cpp/common/src/codingstandards/cpp/rules/{atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.qll => atofatoiatolandatollused/AtofAtoiAtolAndAtollUsed.qll} (60%) rename cpp/common/src/codingstandards/cpp/rules/{backslashcharactermisuse_shared/BackslashCharacterMisuse_shared.qll => backslashcharactermisuse/BackslashCharacterMisuse.qll} (56%) rename cpp/common/src/codingstandards/cpp/rules/{bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.qll => bitfieldshallhaveanappropriatetype/BitFieldShallHaveAnAppropriateType.qll} (82%) rename cpp/common/src/codingstandards/cpp/rules/{builtinunaryoperatorappliedtounsignedexpression_shared/BuiltInUnaryOperatorAppliedToUnsignedExpression_shared.qll => builtinunaryoperatorappliedtounsignedexpression/BuiltInUnaryOperatorAppliedToUnsignedExpression.qll} (69%) rename cpp/common/src/codingstandards/cpp/rules/{castsbetweenapointertofunctionandanyothertype_shared/CastsBetweenAPointerToFunctionAndAnyOtherType_shared.qll => castsbetweenapointertofunctionandanyothertype/CastsBetweenAPointerToFunctionAndAnyOtherType.qll} (63%) rename cpp/common/src/codingstandards/cpp/rules/{charactersequenceusedwithinacstylecomment_shared/CharacterSequenceUsedWithinACStyleComment_shared.qll => charactersequenceusedwithinacstylecomment/CharacterSequenceUsedWithinACStyleComment.qll} (57%) rename cpp/common/src/codingstandards/cpp/rules/{copyandmoveassignmentsshallhandleselfassignment_shared/CopyAndMoveAssignmentsShallHandleSelfAssignment_shared.qll => copyandmoveassignmentsshallhandleselfassignment/CopyAndMoveAssignmentsShallHandleSelfAssignment.qll} (80%) rename cpp/common/src/codingstandards/cpp/rules/{csignalfunctionsused_shared/CsignalFunctionsUsed_shared.qll => csignalfunctionsused/CsignalFunctionsUsed.qll} (57%) rename cpp/common/src/codingstandards/cpp/rules/{csignaltypesused_shared/CsignalTypesUsed_shared.qll => csignaltypesused/CsignalTypesUsed.qll} (57%) rename cpp/common/src/codingstandards/cpp/rules/{cstdiofunctionsused_shared/CstdioFunctionsUsed_shared.qll => cstdiofunctionsused/CstdioFunctionsUsed.qll} (75%) rename cpp/common/src/codingstandards/cpp/rules/{cstdiomacrosused_shared/CstdioMacrosUsed_shared.qll => cstdiomacrosused/CstdioMacrosUsed.qll} (57%) rename cpp/common/src/codingstandards/cpp/rules/{cstdiotypesused_shared/CstdioTypesUsed_shared.qll => cstdiotypesused/CstdioTypesUsed.qll} (65%) rename cpp/common/src/codingstandards/cpp/rules/{definitionnotconsideredforunqualifiedlookup_shared/DefinitionNotConsideredForUnqualifiedLookup_shared.qll => definitionnotconsideredforunqualifiedlookup/DefinitionNotConsideredForUnqualifiedLookup.qll} (87%) rename cpp/common/src/codingstandards/cpp/rules/{emptythrowonlywithinacatchhandler_shared/EmptyThrowOnlyWithinACatchHandler_shared.qll => emptythrowonlywithinacatchhandler/EmptyThrowOnlyWithinACatchHandler.qll} (57%) delete mode 100644 cpp/common/src/codingstandards/cpp/rules/enumerationnotdefinedwithanexplicitunderlyingtype_shared/EnumerationNotDefinedWithAnExplicitUnderlyingType_shared.qll rename cpp/common/src/codingstandards/cpp/rules/{exceptionobjecthavepointertype_shared/ExceptionObjectHavePointerType_shared.qll => exceptionobjecthavepointertype/ExceptionObjectHavePointerType.qll} (65%) rename cpp/common/src/codingstandards/cpp/rules/{forwardingreferencesandforwardnotusedtogether_shared/ForwardingReferencesAndForwardNotUsedTogether_shared.qll => forwardingreferencesandforwardnotusedtogether/ForwardingReferencesAndForwardNotUsedTogether.qll} (76%) rename cpp/common/src/codingstandards/cpp/rules/{functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.qll => functionlikemacrosdefined/FunctionLikeMacrosDefined.qll} (74%) rename cpp/common/src/codingstandards/cpp/rules/{functionscallthemselveseitherdirectlyorindirectly_shared/FunctionsCallThemselvesEitherDirectlyOrIndirectly_shared.qll => functionscallthemselveseitherdirectlyorindirectly/FunctionsCallThemselvesEitherDirectlyOrIndirectly.qll} (80%) rename cpp/common/src/codingstandards/cpp/rules/{functiontemplatesexplicitlyspecialized_shared/FunctionTemplatesExplicitlySpecialized_shared.qll => functiontemplatesexplicitlyspecialized/FunctionTemplatesExplicitlySpecialized.qll} (67%) rename cpp/common/src/codingstandards/cpp/rules/{globalnamespacedeclarations_shared/GlobalNamespaceDeclarations_shared.qll => globalnamespacedeclarations/GlobalNamespaceDeclarations.qll} (68%) rename cpp/common/src/codingstandards/cpp/rules/{globalsizedoperatordeletenotdefined_shared/GlobalSizedOperatorDeleteNotDefined_shared.qll => globalsizedoperatordeletenotdefined/GlobalSizedOperatorDeleteNotDefined.qll} (66%) rename cpp/common/src/codingstandards/cpp/rules/{globalunsizedoperatordeletenotdefined_shared/GlobalUnsizedOperatorDeleteNotDefined_shared.qll => globalunsizedoperatordeletenotdefined/GlobalUnsizedOperatorDeleteNotDefined.qll} (66%) rename cpp/common/src/codingstandards/cpp/rules/{gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.qll => gotoreferencealabelinsurroundingblock/GotoReferenceALabelInSurroundingBlock.qll} (87%) rename cpp/common/src/codingstandards/cpp/rules/{gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.qll => gotostatementshouldnotbeused/GotoStatementShouldNotBeUsed.qll} (62%) rename cpp/common/src/codingstandards/cpp/rules/{hiddeninheritednonoverridablememberfunction_shared/HiddenInheritedNonOverridableMemberFunction_shared.qll => hiddeninheritednonoverridablememberfunction/HiddenInheritedNonOverridableMemberFunction.qll} (86%) rename cpp/common/src/codingstandards/cpp/rules/{hiddeninheritedoverridablememberfunction_shared/HiddenInheritedOverridableMemberFunction_shared.qll => hiddeninheritedoverridablememberfunction/HiddenInheritedOverridableMemberFunction.qll} (88%) rename cpp/common/src/codingstandards/cpp/rules/{initializeallvirtualbaseclasses_shared/InitializeAllVirtualBaseClasses_shared.qll => initializeallvirtualbaseclasses/InitializeAllVirtualBaseClasses.qll} (82%) rename cpp/common/src/codingstandards/cpp/rules/{initializerlistconstructoristheonlyconstructor_shared/InitializerListConstructorIsTheOnlyConstructor_shared.qll => initializerlistconstructoristheonlyconstructor/InitializerListConstructorIsTheOnlyConstructor.qll} (89%) rename cpp/common/src/codingstandards/cpp/rules/{linesplicingusedincomments_shared/LineSplicingUsedInComments_shared.qll => linesplicingusedincomments/LineSplicingUsedInComments.qll} (50%) create mode 100644 cpp/common/src/codingstandards/cpp/rules/loopcompoundcondition/LoopCompoundCondition.qll delete mode 100644 cpp/common/src/codingstandards/cpp/rules/loopcompoundcondition_shared/LoopCompoundCondition_shared.qll rename cpp/common/src/codingstandards/cpp/rules/{lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.qll => lowercaselstartsinliteralsuffix/LowercaseLStartsInLiteralSuffix.qll} (60%) rename cpp/common/src/codingstandards/cpp/rules/{macrooffsetofused_shared/MacroOffsetofUsed_shared.qll => macrooffsetofused/MacroOffsetofUsed.qll} (55%) rename cpp/common/src/codingstandards/cpp/rules/{macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.qll => macroparameterfollowinghash/MacroParameterFollowingHash.qll} (66%) rename cpp/common/src/codingstandards/cpp/rules/{memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.qll => memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.qll} (97%) rename cpp/common/src/codingstandards/cpp/rules/{multipleglobalormemberdeclarators_shared/MultipleGlobalOrMemberDeclarators_shared.qll => multipleglobalormemberdeclarators/MultipleGlobalOrMemberDeclarators.qll} (90%) rename cpp/common/src/codingstandards/cpp/rules/{multiplelocaldeclarators_shared/MultipleLocalDeclarators_shared.qll => multiplelocaldeclarators/MultipleLocalDeclarators.qll} (59%) rename cpp/common/src/codingstandards/cpp/rules/{namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.qll => namedbitfieldswithsignedintegertype/NamedBitFieldsWithSignedIntegerType.qll} (67%) rename cpp/common/src/codingstandards/cpp/rules/{namenotreferredusingaqualifiedidorthis_shared/NameNotReferredUsingAQualifiedIdOrThis_shared.qll => namenotreferredusingaqualifiedidorthis/NameNotReferredUsingAQualifiedIdOrThis.qll} (78%) rename cpp/common/src/codingstandards/cpp/rules/{namenotreferredusingaqualifiedidorthisaudit_shared/NameNotReferredUsingAQualifiedIdOrThisAudit_shared.qll => namenotreferredusingaqualifiedidorthisaudit/NameNotReferredUsingAQualifiedIdOrThisAudit.qll} (79%) rename cpp/common/src/codingstandards/cpp/rules/{noexceptfunctionshouldnotpropagatetothecaller_shared/NoexceptFunctionShouldNotPropagateToTheCaller_shared.qll => noexceptfunctionshouldnotpropagatetothecaller/NoexceptFunctionShouldNotPropagateToTheCaller.qll} (76%) rename cpp/common/src/codingstandards/cpp/rules/{nonglobalfunctionmain_shared/NonGlobalFunctionMain_shared.qll => nonglobalfunctionmain/NonGlobalFunctionMain.qll} (52%) rename cpp/common/src/codingstandards/cpp/rules/{nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.qll => nonterminatedescapesequences/NonTerminatedEscapeSequences.qll} (81%) rename cpp/common/src/codingstandards/cpp/rules/{nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.qll => nonuniqueenumerationconstant/NonUniqueEnumerationConstant.qll} (80%) rename cpp/common/src/codingstandards/cpp/rules/{nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.qll => nullptrnottheonlyformofthenullpointerconstant/NullptrNotTheOnlyFormOfTheNullPointerConstant.qll} (74%) rename cpp/common/src/codingstandards/cpp/rules/{objectsdynamictypeusedfromconstructorordestructor_shared/ObjectsDynamicTypeUsedFromConstructorOrDestructor_shared.qll => objectsdynamictypeusedfromconstructorordestructor/ObjectsDynamicTypeUsedFromConstructorOrDestructor.qll} (92%) rename cpp/common/src/codingstandards/cpp/rules/{overridingshallspecifydifferentdefaultarguments_shared/OverridingShallSpecifyDifferentDefaultArguments_shared.qll => overridingshallspecifydifferentdefaultarguments/OverridingShallSpecifyDifferentDefaultArguments.qll} (78%) rename cpp/common/src/codingstandards/cpp/rules/{potentiallyvirtualpointeronlycomparestonullptr_shared/PotentiallyVirtualPointerOnlyComparesToNullptr_shared.qll => potentiallyvirtualpointeronlycomparestonullptr/PotentiallyVirtualPointerOnlyComparesToNullptr.qll} (78%) create mode 100644 cpp/common/src/codingstandards/cpp/rules/reinterpretcastused/ReinterpretCastUsed.qll delete mode 100644 cpp/common/src/codingstandards/cpp/rules/reinterpretcastused_shared/ReinterpretCastUsed_shared.qll rename cpp/common/src/codingstandards/cpp/rules/{resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.qll => resultofanassignmentoperatorshouldnotbeused/ResultOfAnAssignmentOperatorShouldNotBeUsed.qll} (58%) rename cpp/common/src/codingstandards/cpp/rules/{returnreferenceorpointertoautomaticlocalvariable_shared/ReturnReferenceOrPointerToAutomaticLocalVariable_shared.qll => returnreferenceorpointertoautomaticlocalvariable/ReturnReferenceOrPointerToAutomaticLocalVariable.qll} (74%) rename cpp/common/src/codingstandards/cpp/rules/{switchcompoundcondition_shared/SwitchCompoundCondition_shared.qll => switchcompoundcondition/SwitchCompoundCondition.qll} (79%) rename cpp/common/src/codingstandards/cpp/rules/{unsignedintegerliteralsnotappropriatelysuffixed_shared/UnsignedIntegerLiteralsNotAppropriatelySuffixed_shared.qll => unsignedintegerliteralsnotappropriatelysuffixed/UnsignedIntegerLiteralsNotAppropriatelySuffixed.qll} (79%) rename cpp/common/src/codingstandards/cpp/rules/{unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.qll => unsignedoperationwithconstantoperandswraps/UnsignedOperationWithConstantOperandsWraps.qll} (80%) rename cpp/common/src/codingstandards/cpp/rules/{useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.qll => useofnonzerooctalliteral/UseOfNonZeroOctalLiteral.qll} (60%) rename cpp/common/src/codingstandards/cpp/rules/{vectorshouldnotbespecializedwithbool_shared/VectorShouldNotBeSpecializedWithBool_shared.qll => vectorshouldnotbespecializedwithbool/VectorShouldNotBeSpecializedWithBool.qll} (68%) rename cpp/common/src/codingstandards/cpp/rules/{virtualandnonvirtualclassinthehierarchy_shared/VirtualAndNonVirtualClassInTheHierarchy_shared.qll => virtualandnonvirtualclassinthehierarchy/VirtualAndNonVirtualClassInTheHierarchy.qll} (82%) rename cpp/common/test/rules/{addressofoperatoroverloaded_shared/AddressOfOperatorOverloaded_shared.expected => addressofoperatoroverloaded/AddressOfOperatorOverloaded.expected} (100%) create mode 100644 cpp/common/test/rules/addressofoperatoroverloaded/AddressOfOperatorOverloaded.ql rename cpp/common/test/rules/{addressofoperatoroverloaded_shared => addressofoperatoroverloaded}/test.cpp (100%) delete mode 100644 cpp/common/test/rules/addressofoperatoroverloaded_shared/AddressOfOperatorOverloaded_shared.ql rename cpp/common/test/rules/{amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.expected => amixedusemacroargumentsubjecttoexpansion/AMixedUseMacroArgumentSubjectToExpansion.expected} (100%) rename cpp/common/test/rules/{amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.ql => amixedusemacroargumentsubjecttoexpansion/AMixedUseMacroArgumentSubjectToExpansion.ql} (61%) rename cpp/common/test/rules/{amixedusemacroargumentsubjecttoexpansion_shared => amixedusemacroargumentsubjecttoexpansion}/test.cpp (100%) rename cpp/common/test/rules/{arraypassedasfunctionargumentdecaytoapointer_shared/ArrayPassedAsFunctionArgumentDecayToAPointer_shared.expected => arraypassedasfunctionargumentdecaytoapointer/ArrayPassedAsFunctionArgumentDecayToAPointer.expected} (100%) rename cpp/common/test/rules/{arraypassedasfunctionargumentdecaytoapointer_shared/ArrayPassedAsFunctionArgumentDecayToAPointer_shared.ql => arraypassedasfunctionargumentdecaytoapointer/ArrayPassedAsFunctionArgumentDecayToAPointer.ql} (58%) rename cpp/common/test/rules/{arraypassedasfunctionargumentdecaytoapointer_shared => arraypassedasfunctionargumentdecaytoapointer}/test.cpp (100%) rename cpp/common/test/rules/{asmdeclarationused_shared/AsmDeclarationUsed_shared.expected => asmdeclarationused/AsmDeclarationUsed.expected} (100%) create mode 100644 cpp/common/test/rules/asmdeclarationused/AsmDeclarationUsed.ql rename cpp/common/test/rules/{asmdeclarationused_shared => asmdeclarationused}/test.cpp (100%) delete mode 100644 cpp/common/test/rules/asmdeclarationused_shared/AsmDeclarationUsed_shared.ql rename cpp/common/test/rules/{atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.expected => atofatoiatolandatollused/AtofAtoiAtolAndAtollUsed.expected} (100%) create mode 100644 cpp/common/test/rules/atofatoiatolandatollused/AtofAtoiAtolAndAtollUsed.ql rename cpp/common/test/rules/{atofatoiatolandatollused_shared => atofatoiatolandatollused}/test.cpp (100%) delete mode 100644 cpp/common/test/rules/atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.ql rename cpp/common/test/rules/{backslashcharactermisuse_shared/BackslashCharacterMisuse_shared.expected => backslashcharactermisuse/BackslashCharacterMisuse.expected} (100%) create mode 100644 cpp/common/test/rules/backslashcharactermisuse/BackslashCharacterMisuse.ql rename cpp/common/test/rules/{backslashcharactermisuse_shared => backslashcharactermisuse}/test.cpp (100%) delete mode 100644 cpp/common/test/rules/backslashcharactermisuse_shared/BackslashCharacterMisuse_shared.ql rename cpp/common/test/rules/{bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.expected => bitfieldshallhaveanappropriatetype/BitFieldShallHaveAnAppropriateType.expected} (100%) create mode 100644 cpp/common/test/rules/bitfieldshallhaveanappropriatetype/BitFieldShallHaveAnAppropriateType.ql rename cpp/common/test/rules/{bitfieldshallhaveanappropriatetype_shared => bitfieldshallhaveanappropriatetype}/test.cpp (100%) delete mode 100644 cpp/common/test/rules/bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.ql rename cpp/common/test/rules/{builtinunaryoperatorappliedtounsignedexpression_shared/BuiltInUnaryOperatorAppliedToUnsignedExpression_shared.expected => builtinunaryoperatorappliedtounsignedexpression/BuiltInUnaryOperatorAppliedToUnsignedExpression.expected} (100%) rename cpp/common/test/rules/{builtinunaryoperatorappliedtounsignedexpression_shared/BuiltInUnaryOperatorAppliedToUnsignedExpression_shared.ql => builtinunaryoperatorappliedtounsignedexpression/BuiltInUnaryOperatorAppliedToUnsignedExpression.ql} (56%) rename cpp/common/test/rules/{builtinunaryoperatorappliedtounsignedexpression_shared => builtinunaryoperatorappliedtounsignedexpression}/test.cpp (100%) rename cpp/common/test/rules/{castsbetweenapointertofunctionandanyothertype_shared/CastsBetweenAPointerToFunctionAndAnyOtherType_shared.expected => castsbetweenapointertofunctionandanyothertype/CastsBetweenAPointerToFunctionAndAnyOtherType.expected} (100%) rename cpp/common/test/rules/{castsbetweenapointertofunctionandanyothertype_shared/CastsBetweenAPointerToFunctionAndAnyOtherType_shared.ql => castsbetweenapointertofunctionandanyothertype/CastsBetweenAPointerToFunctionAndAnyOtherType.ql} (57%) rename cpp/common/test/rules/{castsbetweenapointertofunctionandanyothertype_shared => castsbetweenapointertofunctionandanyothertype}/test.cpp (100%) rename cpp/common/test/rules/{charactersequenceusedwithinacstylecomment_shared/CharacterSequenceUsedWithinACStyleComment_shared.expected => charactersequenceusedwithinacstylecomment/CharacterSequenceUsedWithinACStyleComment.expected} (100%) rename cpp/common/test/rules/{charactersequenceusedwithinacstylecomment_shared/CharacterSequenceUsedWithinACStyleComment_shared.ql => charactersequenceusedwithinacstylecomment/CharacterSequenceUsedWithinACStyleComment.ql} (60%) rename cpp/common/test/rules/{charactersequenceusedwithinacstylecomment_shared => charactersequenceusedwithinacstylecomment}/test.cpp (100%) rename cpp/common/test/rules/{copyandmoveassignmentsshallhandleselfassignment_shared/CopyAndMoveAssignmentsShallHandleSelfAssignment_shared.expected => copyandmoveassignmentsshallhandleselfassignment/CopyAndMoveAssignmentsShallHandleSelfAssignment.expected} (100%) rename cpp/common/test/rules/{copyandmoveassignmentsshallhandleselfassignment_shared/CopyAndMoveAssignmentsShallHandleSelfAssignment_shared.ql => copyandmoveassignmentsshallhandleselfassignment/CopyAndMoveAssignmentsShallHandleSelfAssignment.ql} (56%) rename cpp/common/test/rules/{copyandmoveassignmentsshallhandleselfassignment_shared => copyandmoveassignmentsshallhandleselfassignment}/test.cpp (100%) rename cpp/common/test/rules/{csignalfunctionsused_shared/CsignalFunctionsUsed_shared.expected => csignalfunctionsused/CsignalFunctionsUsed.expected} (100%) create mode 100644 cpp/common/test/rules/csignalfunctionsused/CsignalFunctionsUsed.ql rename cpp/common/test/rules/{csignalfunctionsused_shared => csignalfunctionsused}/test.cpp (100%) delete mode 100644 cpp/common/test/rules/csignalfunctionsused_shared/CsignalFunctionsUsed_shared.ql rename cpp/common/test/rules/{csignaltypesused_shared/CsignalTypesUsed_shared.expected => csignaltypesused/CsignalTypesUsed.expected} (100%) create mode 100644 cpp/common/test/rules/csignaltypesused/CsignalTypesUsed.ql rename cpp/common/test/rules/{csignaltypesused_shared => csignaltypesused}/test.cpp (100%) delete mode 100644 cpp/common/test/rules/csignaltypesused_shared/CsignalTypesUsed_shared.ql rename cpp/common/test/rules/{cstdiofunctionsused_shared/CstdioFunctionsUsed_shared.expected => cstdiofunctionsused/CstdioFunctionsUsed.expected} (100%) create mode 100644 cpp/common/test/rules/cstdiofunctionsused/CstdioFunctionsUsed.ql rename cpp/common/test/rules/{cstdiofunctionsused_shared => cstdiofunctionsused}/test.cpp (100%) delete mode 100644 cpp/common/test/rules/cstdiofunctionsused_shared/CstdioFunctionsUsed_shared.ql rename cpp/common/test/rules/{cstdiomacrosused_shared/CstdioMacrosUsed_shared.expected => cstdiomacrosused/CstdioMacrosUsed.expected} (100%) create mode 100644 cpp/common/test/rules/cstdiomacrosused/CstdioMacrosUsed.ql rename cpp/common/test/rules/{cstdiomacrosused_shared => cstdiomacrosused}/test.cpp (100%) delete mode 100644 cpp/common/test/rules/cstdiomacrosused_shared/CstdioMacrosUsed_shared.ql rename cpp/common/test/rules/{cstdiotypesused_shared/CstdioTypesUsed_shared.expected => cstdiotypesused/CstdioTypesUsed.expected} (100%) create mode 100644 cpp/common/test/rules/cstdiotypesused/CstdioTypesUsed.ql rename cpp/common/test/rules/{cstdiotypesused_shared => cstdiotypesused}/test.cpp (100%) delete mode 100644 cpp/common/test/rules/cstdiotypesused_shared/CstdioTypesUsed_shared.ql rename cpp/common/test/rules/{definitionnotconsideredforunqualifiedlookup_shared/DefinitionNotConsideredForUnqualifiedLookup_shared.expected => definitionnotconsideredforunqualifiedlookup/DefinitionNotConsideredForUnqualifiedLookup.expected} (100%) rename cpp/common/test/rules/{definitionnotconsideredforunqualifiedlookup_shared/DefinitionNotConsideredForUnqualifiedLookup_shared.ql => definitionnotconsideredforunqualifiedlookup/DefinitionNotConsideredForUnqualifiedLookup.ql} (59%) rename cpp/common/test/rules/{definitionnotconsideredforunqualifiedlookup_shared => definitionnotconsideredforunqualifiedlookup}/test.cpp (100%) rename cpp/common/test/rules/{emptythrowonlywithinacatchhandler_shared/EmptyThrowOnlyWithinACatchHandler_shared.expected => emptythrowonlywithinacatchhandler/EmptyThrowOnlyWithinACatchHandler.expected} (100%) create mode 100644 cpp/common/test/rules/emptythrowonlywithinacatchhandler/EmptyThrowOnlyWithinACatchHandler.ql rename cpp/common/test/rules/{emptythrowonlywithinacatchhandler_shared => emptythrowonlywithinacatchhandler}/test.cpp (100%) delete mode 100644 cpp/common/test/rules/emptythrowonlywithinacatchhandler_shared/EmptyThrowOnlyWithinACatchHandler_shared.ql rename cpp/common/test/rules/{enumerationnotdefinedwithanexplicitunderlyingtype_shared/EnumerationNotDefinedWithAnExplicitUnderlyingType_shared.expected => enumerationnotdefinedwithanexplicitunderlyingtype/EnumerationNotDefinedWithAnExplicitUnderlyingType.expected} (100%) rename cpp/common/test/rules/{enumerationnotdefinedwithanexplicitunderlyingtype_shared/EnumerationNotDefinedWithAnExplicitUnderlyingType_shared.ql => enumerationnotdefinedwithanexplicitunderlyingtype/EnumerationNotDefinedWithAnExplicitUnderlyingType.ql} (55%) rename cpp/common/test/rules/{enumerationnotdefinedwithanexplicitunderlyingtype_shared => enumerationnotdefinedwithanexplicitunderlyingtype}/test.cpp (100%) rename cpp/common/test/rules/{exceptionobjecthavepointertype_shared/ExceptionObjectHavePointerType_shared.expected => exceptionobjecthavepointertype/ExceptionObjectHavePointerType.expected} (100%) create mode 100644 cpp/common/test/rules/exceptionobjecthavepointertype/ExceptionObjectHavePointerType.ql rename cpp/common/test/rules/{exceptionobjecthavepointertype_shared => exceptionobjecthavepointertype}/test.cpp (100%) delete mode 100644 cpp/common/test/rules/exceptionobjecthavepointertype_shared/ExceptionObjectHavePointerType_shared.ql rename cpp/common/test/rules/{forwardingreferencesandforwardnotusedtogether_shared/ForwardingReferencesAndForwardNotUsedTogether_shared.expected => forwardingreferencesandforwardnotusedtogether/ForwardingReferencesAndForwardNotUsedTogether.expected} (100%) rename cpp/common/test/rules/{forwardingreferencesandforwardnotusedtogether_shared/ForwardingReferencesAndForwardNotUsedTogether_shared.ql => forwardingreferencesandforwardnotusedtogether/ForwardingReferencesAndForwardNotUsedTogether.ql} (57%) rename cpp/common/test/rules/{forwardingreferencesandforwardnotusedtogether_shared => forwardingreferencesandforwardnotusedtogether}/test.cpp (100%) rename cpp/common/test/rules/{functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.expected => functionlikemacrosdefined/FunctionLikeMacrosDefined.expected} (100%) create mode 100644 cpp/common/test/rules/functionlikemacrosdefined/FunctionLikeMacrosDefined.ql rename cpp/common/test/rules/{functionlikemacrosdefined_shared => functionlikemacrosdefined}/test.cpp (100%) delete mode 100644 cpp/common/test/rules/functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.ql rename cpp/common/test/rules/{functionscallthemselveseitherdirectlyorindirectly_shared/FunctionsCallThemselvesEitherDirectlyOrIndirectly_shared.expected => functionscallthemselveseitherdirectlyorindirectly/FunctionsCallThemselvesEitherDirectlyOrIndirectly.expected} (100%) rename cpp/common/test/rules/{functionscallthemselveseitherdirectlyorindirectly_shared/FunctionsCallThemselvesEitherDirectlyOrIndirectly_shared.ql => functionscallthemselveseitherdirectlyorindirectly/FunctionsCallThemselvesEitherDirectlyOrIndirectly.ql} (55%) rename cpp/common/test/rules/{functionscallthemselveseitherdirectlyorindirectly_shared => functionscallthemselveseitherdirectlyorindirectly}/test.cpp (100%) rename cpp/common/test/rules/{functiontemplatesexplicitlyspecialized_shared/FunctionTemplatesExplicitlySpecialized_shared.expected => functiontemplatesexplicitlyspecialized/FunctionTemplatesExplicitlySpecialized.expected} (100%) rename cpp/common/test/rules/{functiontemplatesexplicitlyspecialized_shared/FunctionTemplatesExplicitlySpecialized_shared.ql => functiontemplatesexplicitlyspecialized/FunctionTemplatesExplicitlySpecialized.ql} (62%) rename cpp/common/test/rules/{functiontemplatesexplicitlyspecialized_shared => functiontemplatesexplicitlyspecialized}/test.cpp (100%) rename cpp/common/test/rules/{globalnamespacedeclarations_shared/GlobalNamespaceDeclarations_shared.expected => globalnamespacedeclarations/GlobalNamespaceDeclarations.expected} (100%) create mode 100644 cpp/common/test/rules/globalnamespacedeclarations/GlobalNamespaceDeclarations.ql rename cpp/common/test/rules/{globalnamespacedeclarations_shared => globalnamespacedeclarations}/test.cpp (100%) delete mode 100644 cpp/common/test/rules/globalnamespacedeclarations_shared/GlobalNamespaceDeclarations_shared.ql rename cpp/common/test/rules/{globalsizedoperatordeletenotdefined_shared/GlobalSizedOperatorDeleteNotDefined_shared.expected => globalsizedoperatordeletenotdefined/GlobalSizedOperatorDeleteNotDefined.expected} (100%) create mode 100644 cpp/common/test/rules/globalsizedoperatordeletenotdefined/GlobalSizedOperatorDeleteNotDefined.ql rename cpp/common/test/rules/{globalsizedoperatordeletenotdefined_shared => globalsizedoperatordeletenotdefined}/test.cpp (100%) delete mode 100644 cpp/common/test/rules/globalsizedoperatordeletenotdefined_shared/GlobalSizedOperatorDeleteNotDefined_shared.ql rename cpp/common/test/rules/{globalunsizedoperatordeletenotdefined_shared/GlobalUnsizedOperatorDeleteNotDefined_shared.expected => globalunsizedoperatordeletenotdefined/GlobalUnsizedOperatorDeleteNotDefined.expected} (100%) rename cpp/common/test/rules/{globalunsizedoperatordeletenotdefined_shared/GlobalUnsizedOperatorDeleteNotDefined_shared.ql => globalunsizedoperatordeletenotdefined/GlobalUnsizedOperatorDeleteNotDefined.ql} (63%) rename cpp/common/test/rules/{globalunsizedoperatordeletenotdefined_shared => globalunsizedoperatordeletenotdefined}/test.cpp (100%) rename cpp/common/test/rules/{gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.expected => gotoreferencealabelinsurroundingblock/GotoReferenceALabelInSurroundingBlock.expected} (100%) rename cpp/common/test/rules/{gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.ql => gotoreferencealabelinsurroundingblock/GotoReferenceALabelInSurroundingBlock.ql} (63%) rename cpp/common/test/rules/{gotoreferencealabelinsurroundingblock_shared => gotoreferencealabelinsurroundingblock}/test.cpp (100%) rename cpp/common/test/rules/{gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.expected => gotostatementshouldnotbeused/GotoStatementShouldNotBeUsed.expected} (100%) create mode 100644 cpp/common/test/rules/gotostatementshouldnotbeused/GotoStatementShouldNotBeUsed.ql rename cpp/common/test/rules/{gotostatementshouldnotbeused_shared => gotostatementshouldnotbeused}/test.cpp (100%) delete mode 100644 cpp/common/test/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.ql rename cpp/common/test/rules/{hiddeninheritednonoverridablememberfunction_shared/HiddenInheritedNonOverridableMemberFunction_shared.expected => hiddeninheritednonoverridablememberfunction/HiddenInheritedNonOverridableMemberFunction.expected} (100%) rename cpp/common/test/rules/{hiddeninheritednonoverridablememberfunction_shared/HiddenInheritedNonOverridableMemberFunction_shared.ql => hiddeninheritednonoverridablememberfunction/HiddenInheritedNonOverridableMemberFunction.ql} (59%) rename cpp/common/test/rules/{hiddeninheritednonoverridablememberfunction_shared => hiddeninheritednonoverridablememberfunction}/test.cpp (100%) rename cpp/common/test/rules/{hiddeninheritedoverridablememberfunction_shared/HiddenInheritedOverridableMemberFunction_shared.expected => hiddeninheritedoverridablememberfunction/HiddenInheritedOverridableMemberFunction.expected} (100%) rename cpp/common/test/rules/{hiddeninheritedoverridablememberfunction_shared/HiddenInheritedOverridableMemberFunction_shared.ql => hiddeninheritedoverridablememberfunction/HiddenInheritedOverridableMemberFunction.ql} (61%) rename cpp/common/test/rules/{hiddeninheritedoverridablememberfunction_shared => hiddeninheritedoverridablememberfunction}/test.cpp (100%) rename cpp/common/test/rules/{initializeallvirtualbaseclasses_shared/InitializeAllVirtualBaseClasses_shared.expected => initializeallvirtualbaseclasses/InitializeAllVirtualBaseClasses.expected} (100%) create mode 100644 cpp/common/test/rules/initializeallvirtualbaseclasses/InitializeAllVirtualBaseClasses.ql rename cpp/common/test/rules/{initializeallvirtualbaseclasses_shared => initializeallvirtualbaseclasses}/test.cpp (100%) delete mode 100644 cpp/common/test/rules/initializeallvirtualbaseclasses_shared/InitializeAllVirtualBaseClasses_shared.ql rename cpp/common/test/rules/{initializerlistconstructoristheonlyconstructor_shared/InitializerListConstructorIsTheOnlyConstructor_shared.expected => initializerlistconstructoristheonlyconstructor/InitializerListConstructorIsTheOnlyConstructor.expected} (100%) rename cpp/common/test/rules/{initializerlistconstructoristheonlyconstructor_shared/InitializerListConstructorIsTheOnlyConstructor_shared.ql => initializerlistconstructoristheonlyconstructor/InitializerListConstructorIsTheOnlyConstructor.ql} (56%) rename cpp/common/test/rules/{initializerlistconstructoristheonlyconstructor_shared => initializerlistconstructoristheonlyconstructor}/test.cpp (100%) rename cpp/common/test/rules/{linesplicingusedincomments_shared/LineSplicingUsedInComments_shared.expected => linesplicingusedincomments/LineSplicingUsedInComments.expected} (100%) create mode 100644 cpp/common/test/rules/linesplicingusedincomments/LineSplicingUsedInComments.ql rename cpp/common/test/rules/{linesplicingusedincomments_shared => linesplicingusedincomments}/test.cpp (100%) delete mode 100644 cpp/common/test/rules/linesplicingusedincomments_shared/LineSplicingUsedInComments_shared.ql rename cpp/common/test/rules/{loopcompoundcondition_shared/LoopCompoundCondition_shared.expected => loopcompoundcondition/LoopCompoundCondition.expected} (100%) create mode 100644 cpp/common/test/rules/loopcompoundcondition/LoopCompoundCondition.ql rename cpp/common/test/rules/{loopcompoundcondition_shared => loopcompoundcondition}/test.cpp (100%) delete mode 100644 cpp/common/test/rules/loopcompoundcondition_shared/LoopCompoundCondition_shared.ql rename cpp/common/test/rules/{lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.expected => lowercaselstartsinliteralsuffix/LowercaseLStartsInLiteralSuffix.expected} (100%) create mode 100644 cpp/common/test/rules/lowercaselstartsinliteralsuffix/LowercaseLStartsInLiteralSuffix.ql rename cpp/common/test/rules/{lowercaselstartsinliteralsuffix_shared => lowercaselstartsinliteralsuffix}/README.md (100%) rename cpp/common/test/rules/{lowercaselstartsinliteralsuffix_shared => lowercaselstartsinliteralsuffix}/test.cpp (100%) delete mode 100644 cpp/common/test/rules/lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.ql rename cpp/common/test/rules/{macrooffsetofused_shared => macrooffsetofused}/MacroOffsetofUsed.expected (100%) rename cpp/common/test/rules/{macrooffsetofused_shared => macrooffsetofused}/MacroOffsetofUsed.expected.gcc (100%) rename cpp/common/test/rules/{macrooffsetofused_shared => macrooffsetofused}/MacroOffsetofUsed.expected.qcc (100%) create mode 100644 cpp/common/test/rules/macrooffsetofused/MacroOffsetofUsed.ql rename cpp/common/test/rules/{macrooffsetofused_shared => macrooffsetofused}/test.cpp (100%) delete mode 100644 cpp/common/test/rules/macrooffsetofused_shared/MacroOffsetofUsed_shared.expected delete mode 100644 cpp/common/test/rules/macrooffsetofused_shared/MacroOffsetofUsed_shared.ql rename cpp/common/test/rules/{macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.expected => macroparameterfollowinghash/MacroParameterFollowingHash.expected} (100%) create mode 100644 cpp/common/test/rules/macroparameterfollowinghash/MacroParameterFollowingHash.ql rename cpp/common/test/rules/{macroparameterfollowinghash_shared => macroparameterfollowinghash}/test.cpp (100%) delete mode 100644 cpp/common/test/rules/macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.ql rename cpp/common/test/rules/{memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.expected => memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.expected} (100%) rename cpp/common/test/rules/{memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.ql => memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.ql} (60%) rename cpp/common/test/rules/{memoryoperationsnotsequencedappropriately_shared => memoryoperationsnotsequencedappropriately}/test.cpp (100%) rename cpp/common/test/rules/{multipleglobalormemberdeclarators_shared/MultipleGlobalOrMemberDeclarators_shared.expected => multipleglobalormemberdeclarators/MultipleGlobalOrMemberDeclarators.expected} (100%) create mode 100644 cpp/common/test/rules/multipleglobalormemberdeclarators/MultipleGlobalOrMemberDeclarators.ql rename cpp/common/test/rules/{multipleglobalormemberdeclarators_shared => multipleglobalormemberdeclarators}/test.cpp (100%) delete mode 100644 cpp/common/test/rules/multipleglobalormemberdeclarators_shared/MultipleGlobalOrMemberDeclarators_shared.ql rename cpp/common/test/rules/{multiplelocaldeclarators_shared/MultipleLocalDeclarators_shared.expected => multiplelocaldeclarators/MultipleLocalDeclarators.expected} (100%) create mode 100644 cpp/common/test/rules/multiplelocaldeclarators/MultipleLocalDeclarators.ql rename cpp/common/test/rules/{multiplelocaldeclarators_shared => multiplelocaldeclarators}/test.cpp (100%) delete mode 100644 cpp/common/test/rules/multiplelocaldeclarators_shared/MultipleLocalDeclarators_shared.ql rename cpp/common/test/rules/{namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.expected => namedbitfieldswithsignedintegertype/NamedBitFieldsWithSignedIntegerType.expected} (100%) create mode 100644 cpp/common/test/rules/namedbitfieldswithsignedintegertype/NamedBitFieldsWithSignedIntegerType.ql rename cpp/common/test/rules/{namedbitfieldswithsignedintegertype_shared => namedbitfieldswithsignedintegertype}/test.cpp (100%) delete mode 100644 cpp/common/test/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.ql rename cpp/common/test/rules/{namenotreferredusingaqualifiedidorthis_shared/NameNotReferredUsingAQualifiedIdOrThis_shared.expected => namenotreferredusingaqualifiedidorthis/NameNotReferredUsingAQualifiedIdOrThis.expected} (100%) rename cpp/common/test/rules/{namenotreferredusingaqualifiedidorthis_shared/NameNotReferredUsingAQualifiedIdOrThis_shared.ql => namenotreferredusingaqualifiedidorthis/NameNotReferredUsingAQualifiedIdOrThis.ql} (62%) rename cpp/common/test/rules/{namenotreferredusingaqualifiedidorthis_shared => namenotreferredusingaqualifiedidorthis}/test.cpp (100%) rename cpp/common/test/rules/{namenotreferredusingaqualifiedidorthisaudit_shared/NameNotReferredUsingAQualifiedIdOrThisAudit_shared.expected => namenotreferredusingaqualifiedidorthisaudit/NameNotReferredUsingAQualifiedIdOrThisAudit.expected} (100%) rename cpp/common/test/rules/{namenotreferredusingaqualifiedidorthisaudit_shared/NameNotReferredUsingAQualifiedIdOrThisAudit_shared.ql => namenotreferredusingaqualifiedidorthisaudit/NameNotReferredUsingAQualifiedIdOrThisAudit.ql} (59%) rename cpp/common/test/rules/{namenotreferredusingaqualifiedidorthisaudit_shared => namenotreferredusingaqualifiedidorthisaudit}/test.cpp (100%) rename cpp/common/test/rules/{noexceptfunctionshouldnotpropagatetothecaller_shared/NoexceptFunctionShouldNotPropagateToTheCaller_shared.expected => noexceptfunctionshouldnotpropagatetothecaller/NoexceptFunctionShouldNotPropagateToTheCaller.expected} (100%) rename cpp/common/test/rules/{noexceptfunctionshouldnotpropagatetothecaller_shared/NoexceptFunctionShouldNotPropagateToTheCaller_shared.ql => noexceptfunctionshouldnotpropagatetothecaller/NoexceptFunctionShouldNotPropagateToTheCaller.ql} (57%) rename cpp/common/test/rules/{noexceptfunctionshouldnotpropagatetothecaller_shared => noexceptfunctionshouldnotpropagatetothecaller}/test.cpp (100%) rename cpp/common/test/rules/{nonglobalfunctionmain_shared/NonGlobalFunctionMain_shared.expected => nonglobalfunctionmain/NonGlobalFunctionMain.expected} (100%) create mode 100644 cpp/common/test/rules/nonglobalfunctionmain/NonGlobalFunctionMain.ql rename cpp/common/test/rules/{nonglobalfunctionmain_shared => nonglobalfunctionmain}/test.cpp (100%) delete mode 100644 cpp/common/test/rules/nonglobalfunctionmain_shared/NonGlobalFunctionMain_shared.ql rename cpp/common/test/rules/{nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.expected => nonterminatedescapesequences/NonTerminatedEscapeSequences.expected} (100%) create mode 100644 cpp/common/test/rules/nonterminatedescapesequences/NonTerminatedEscapeSequences.ql rename cpp/common/test/rules/{nonterminatedescapesequences_shared => nonterminatedescapesequences}/test.cpp (100%) delete mode 100644 cpp/common/test/rules/nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.ql rename cpp/common/test/rules/{nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.expected => nonuniqueenumerationconstant/NonUniqueEnumerationConstant.expected} (100%) create mode 100644 cpp/common/test/rules/nonuniqueenumerationconstant/NonUniqueEnumerationConstant.ql rename cpp/common/test/rules/{nonuniqueenumerationconstant_shared => nonuniqueenumerationconstant}/test.cpp (100%) delete mode 100644 cpp/common/test/rules/nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.ql rename cpp/common/test/rules/{nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.expected => nullptrnottheonlyformofthenullpointerconstant/NullptrNotTheOnlyFormOfTheNullPointerConstant.expected} (100%) rename cpp/common/test/rules/{nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.expected.clang => nullptrnottheonlyformofthenullpointerconstant/NullptrNotTheOnlyFormOfTheNullPointerConstant.expected.clang} (100%) rename cpp/common/test/rules/{nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.expected.gcc => nullptrnottheonlyformofthenullpointerconstant/NullptrNotTheOnlyFormOfTheNullPointerConstant.expected.gcc} (100%) rename cpp/common/test/rules/{nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.expected.qcc => nullptrnottheonlyformofthenullpointerconstant/NullptrNotTheOnlyFormOfTheNullPointerConstant.expected.qcc} (100%) rename cpp/common/test/rules/{nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.ql => nullptrnottheonlyformofthenullpointerconstant/NullptrNotTheOnlyFormOfTheNullPointerConstant.ql} (57%) rename cpp/common/test/rules/{nullptrnottheonlyformofthenullpointerconstant_shared => nullptrnottheonlyformofthenullpointerconstant}/test.cpp (100%) rename cpp/common/test/rules/{nullptrnottheonlyformofthenullpointerconstant_shared => nullptrnottheonlyformofthenullpointerconstant}/test.cpp.clang (100%) rename cpp/common/test/rules/{nullptrnottheonlyformofthenullpointerconstant_shared => nullptrnottheonlyformofthenullpointerconstant}/test.cpp.gcc (100%) rename cpp/common/test/rules/{nullptrnottheonlyformofthenullpointerconstant_shared => nullptrnottheonlyformofthenullpointerconstant}/test.cpp.qcc (100%) rename cpp/common/test/rules/{objectsdynamictypeusedfromconstructorordestructor_shared/ObjectsDynamicTypeUsedFromConstructorOrDestructor_shared.expected => objectsdynamictypeusedfromconstructorordestructor/ObjectsDynamicTypeUsedFromConstructorOrDestructor.expected} (100%) rename cpp/common/test/rules/{objectsdynamictypeusedfromconstructorordestructor_shared/ObjectsDynamicTypeUsedFromConstructorOrDestructor_shared.ql => objectsdynamictypeusedfromconstructorordestructor/ObjectsDynamicTypeUsedFromConstructorOrDestructor.ql} (55%) rename cpp/common/test/rules/{objectsdynamictypeusedfromconstructorordestructor_shared => objectsdynamictypeusedfromconstructorordestructor}/test.cpp (100%) rename cpp/common/test/rules/{overridingshallspecifydifferentdefaultarguments_shared/OverridingShallSpecifyDifferentDefaultArguments_shared.expected => overridingshallspecifydifferentdefaultarguments/OverridingShallSpecifyDifferentDefaultArguments.expected} (100%) rename cpp/common/test/rules/{overridingshallspecifydifferentdefaultarguments_shared/OverridingShallSpecifyDifferentDefaultArguments_shared.ql => overridingshallspecifydifferentdefaultarguments/OverridingShallSpecifyDifferentDefaultArguments.ql} (56%) rename cpp/common/test/rules/{overridingshallspecifydifferentdefaultarguments_shared => overridingshallspecifydifferentdefaultarguments}/test.cpp (100%) rename cpp/common/test/rules/{potentiallyvirtualpointeronlycomparestonullptr_shared/PotentiallyVirtualPointerOnlyComparesToNullptr_shared.expected => potentiallyvirtualpointeronlycomparestonullptr/PotentiallyVirtualPointerOnlyComparesToNullptr.expected} (100%) rename cpp/common/test/rules/{potentiallyvirtualpointeronlycomparestonullptr_shared/PotentiallyVirtualPointerOnlyComparesToNullptr_shared.ql => potentiallyvirtualpointeronlycomparestonullptr/PotentiallyVirtualPointerOnlyComparesToNullptr.ql} (56%) rename cpp/common/test/rules/{potentiallyvirtualpointeronlycomparestonullptr_shared => potentiallyvirtualpointeronlycomparestonullptr}/test.cpp (100%) rename cpp/common/test/rules/{reinterpretcastused_shared/ReinterpretCastUsed_shared.expected => reinterpretcastused/ReinterpretCastUsed.expected} (100%) create mode 100644 cpp/common/test/rules/reinterpretcastused/ReinterpretCastUsed.ql rename cpp/common/test/rules/{reinterpretcastused_shared => reinterpretcastused}/test.cpp (100%) delete mode 100644 cpp/common/test/rules/reinterpretcastused_shared/ReinterpretCastUsed_shared.ql rename cpp/common/test/rules/{resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.expected => resultofanassignmentoperatorshouldnotbeused/ResultOfAnAssignmentOperatorShouldNotBeUsed.expected} (100%) rename cpp/common/test/rules/{resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql => resultofanassignmentoperatorshouldnotbeused/ResultOfAnAssignmentOperatorShouldNotBeUsed.ql} (59%) rename cpp/common/test/rules/{resultofanassignmentoperatorshouldnotbeused_shared => resultofanassignmentoperatorshouldnotbeused}/test.cpp (100%) rename cpp/common/test/rules/{returnreferenceorpointertoautomaticlocalvariable_shared/ReturnReferenceOrPointerToAutomaticLocalVariable_shared.expected => returnreferenceorpointertoautomaticlocalvariable/ReturnReferenceOrPointerToAutomaticLocalVariable.expected} (100%) rename cpp/common/test/rules/{returnreferenceorpointertoautomaticlocalvariable_shared/ReturnReferenceOrPointerToAutomaticLocalVariable_shared.ql => returnreferenceorpointertoautomaticlocalvariable/ReturnReferenceOrPointerToAutomaticLocalVariable.ql} (55%) rename cpp/common/test/rules/{returnreferenceorpointertoautomaticlocalvariable_shared => returnreferenceorpointertoautomaticlocalvariable}/test.cpp (100%) rename cpp/common/test/rules/{switchcompoundcondition_shared/SwitchCompoundCondition_shared.expected => switchcompoundcondition/SwitchCompoundCondition.expected} (100%) create mode 100644 cpp/common/test/rules/switchcompoundcondition/SwitchCompoundCondition.ql rename cpp/common/test/rules/{switchcompoundcondition_shared => switchcompoundcondition}/test.cpp (100%) delete mode 100644 cpp/common/test/rules/switchcompoundcondition_shared/SwitchCompoundCondition_shared.ql rename cpp/common/test/rules/{unsignedintegerliteralsnotappropriatelysuffixed_shared/UnsignedIntegerLiteralsNotAppropriatelySuffixed_shared.expected => unsignedintegerliteralsnotappropriatelysuffixed/UnsignedIntegerLiteralsNotAppropriatelySuffixed.expected} (100%) rename cpp/common/test/rules/{unsignedintegerliteralsnotappropriatelysuffixed_shared/UnsignedIntegerLiteralsNotAppropriatelySuffixed_shared.ql => unsignedintegerliteralsnotappropriatelysuffixed/UnsignedIntegerLiteralsNotAppropriatelySuffixed.ql} (56%) rename cpp/common/test/rules/{unsignedintegerliteralsnotappropriatelysuffixed_shared => unsignedintegerliteralsnotappropriatelysuffixed}/test.cpp (100%) rename cpp/common/test/rules/{unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.expected => unsignedoperationwithconstantoperandswraps/UnsignedOperationWithConstantOperandsWraps.expected} (100%) rename cpp/common/test/rules/{unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.ql => unsignedoperationwithconstantoperandswraps/UnsignedOperationWithConstantOperandsWraps.ql} (59%) rename cpp/common/test/rules/{unsignedoperationwithconstantoperandswraps_shared => unsignedoperationwithconstantoperandswraps}/test.cpp (100%) rename cpp/common/test/rules/{useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.expected => useofnonzerooctalliteral/UseOfNonZeroOctalLiteral.expected} (100%) create mode 100644 cpp/common/test/rules/useofnonzerooctalliteral/UseOfNonZeroOctalLiteral.ql rename cpp/common/test/rules/{useofnonzerooctalliteral_shared => useofnonzerooctalliteral}/test.cpp (100%) delete mode 100644 cpp/common/test/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.ql rename cpp/common/test/rules/{vectorshouldnotbespecializedwithbool_shared/VectorShouldNotBeSpecializedWithBool_shared.expected => vectorshouldnotbespecializedwithbool/VectorShouldNotBeSpecializedWithBool.expected} (100%) rename cpp/common/test/rules/{vectorshouldnotbespecializedwithbool_shared/VectorShouldNotBeSpecializedWithBool_shared.expected.qcc => vectorshouldnotbespecializedwithbool/VectorShouldNotBeSpecializedWithBool.expected.qcc} (100%) rename cpp/common/test/rules/{vectorshouldnotbespecializedwithbool_shared/VectorShouldNotBeSpecializedWithBool_shared.ql => vectorshouldnotbespecializedwithbool/VectorShouldNotBeSpecializedWithBool.ql} (64%) rename cpp/common/test/rules/{vectorshouldnotbespecializedwithbool_shared => vectorshouldnotbespecializedwithbool}/test.cpp (100%) rename cpp/common/test/rules/{virtualandnonvirtualclassinthehierarchy_shared/VirtualAndNonVirtualClassInTheHierarchy_shared.expected => virtualandnonvirtualclassinthehierarchy/VirtualAndNonVirtualClassInTheHierarchy.expected} (100%) rename cpp/common/test/rules/{virtualandnonvirtualclassinthehierarchy_shared/VirtualAndNonVirtualClassInTheHierarchy_shared.ql => virtualandnonvirtualclassinthehierarchy/VirtualAndNonVirtualClassInTheHierarchy.ql} (61%) rename cpp/common/test/rules/{virtualandnonvirtualclassinthehierarchy_shared => virtualandnonvirtualclassinthehierarchy}/test.cpp (100%) diff --git a/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql b/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql index 6019b7b0d6..1c7ae3e31b 100644 --- a/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql +++ b/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql @@ -15,9 +15,9 @@ import cpp import codingstandards.c.cert -import codingstandards.cpp.rules.unsignedoperationwithconstantoperandswraps_shared.UnsignedOperationWithConstantOperandsWraps_shared +import codingstandards.cpp.rules.unsignedoperationwithconstantoperandswraps.UnsignedOperationWithConstantOperandsWraps -class UnsignedIntegerOperationsWrapAroundQuery extends UnsignedOperationWithConstantOperandsWraps_sharedSharedQuery +class UnsignedIntegerOperationsWrapAroundQuery extends UnsignedOperationWithConstantOperandsWrapsSharedQuery { UnsignedIntegerOperationsWrapAroundQuery() { this = IntegerOverflowPackage::unsignedIntegerOperationsWrapAroundQuery() diff --git a/c/cert/test/rules/INT30-C/UnsignedIntegerOperationsWrapAround.testref b/c/cert/test/rules/INT30-C/UnsignedIntegerOperationsWrapAround.testref index 2cc69bff5a..c9bc9d9637 100644 --- a/c/cert/test/rules/INT30-C/UnsignedIntegerOperationsWrapAround.testref +++ b/c/cert/test/rules/INT30-C/UnsignedIntegerOperationsWrapAround.testref @@ -1 +1 @@ -c/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.ql \ No newline at end of file +c/common/test/rules/unsignedoperationwithconstantoperandswraps/UnsignedOperationWithConstantOperandsWraps.ql \ No newline at end of file diff --git a/c/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.expected b/c/common/test/rules/amixedusemacroargumentsubjecttoexpansion/AMixedUseMacroArgumentSubjectToExpansion.expected similarity index 100% rename from c/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.expected rename to c/common/test/rules/amixedusemacroargumentsubjecttoexpansion/AMixedUseMacroArgumentSubjectToExpansion.expected diff --git a/c/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.ql b/c/common/test/rules/amixedusemacroargumentsubjecttoexpansion/AMixedUseMacroArgumentSubjectToExpansion.ql similarity index 61% rename from c/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.ql rename to c/common/test/rules/amixedusemacroargumentsubjecttoexpansion/AMixedUseMacroArgumentSubjectToExpansion.ql index 8fc299b7f3..5aa514e86d 100644 --- a/c/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.ql +++ b/c/common/test/rules/amixedusemacroargumentsubjecttoexpansion/AMixedUseMacroArgumentSubjectToExpansion.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.amixedusemacroargumentsubjecttoexpansion_shared.AMixedUseMacroArgumentSubjectToExpansion_shared +import codingstandards.cpp.rules.amixedusemacroargumentsubjecttoexpansion.AMixedUseMacroArgumentSubjectToExpansion -class TestFileQuery extends AMixedUseMacroArgumentSubjectToExpansion_sharedSharedQuery, TestQuery { -} +class TestFileQuery extends AMixedUseMacroArgumentSubjectToExpansionSharedQuery, TestQuery { } diff --git a/c/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/test.c b/c/common/test/rules/amixedusemacroargumentsubjecttoexpansion/test.c similarity index 100% rename from c/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/test.c rename to c/common/test/rules/amixedusemacroargumentsubjecttoexpansion/test.c diff --git a/c/common/test/rules/atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.expected b/c/common/test/rules/atofatoiatolandatollused/AtofAtoiAtolAndAtollUsed.expected similarity index 100% rename from c/common/test/rules/atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.expected rename to c/common/test/rules/atofatoiatolandatollused/AtofAtoiAtolAndAtollUsed.expected diff --git a/c/common/test/rules/atofatoiatolandatollused/AtofAtoiAtolAndAtollUsed.ql b/c/common/test/rules/atofatoiatolandatollused/AtofAtoiAtolAndAtollUsed.ql new file mode 100644 index 0000000000..6da5fe6097 --- /dev/null +++ b/c/common/test/rules/atofatoiatolandatollused/AtofAtoiAtolAndAtollUsed.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.atofatoiatolandatollused.AtofAtoiAtolAndAtollUsed + +class TestFileQuery extends AtofAtoiAtolAndAtollUsedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/atofatoiatolandatollused_shared/test.c b/c/common/test/rules/atofatoiatolandatollused/test.c similarity index 100% rename from c/common/test/rules/atofatoiatolandatollused_shared/test.c rename to c/common/test/rules/atofatoiatolandatollused/test.c diff --git a/c/common/test/rules/atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.ql b/c/common/test/rules/atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.ql deleted file mode 100644 index 75b1a7ea10..0000000000 --- a/c/common/test/rules/atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.atofatoiatolandatollused_shared.AtofAtoiAtolAndAtollUsed_shared - -class TestFileQuery extends AtofAtoiAtolAndAtollUsed_sharedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.expected b/c/common/test/rules/bitfieldshallhaveanappropriatetype/BitFieldShallHaveAnAppropriateType.expected similarity index 100% rename from c/common/test/rules/bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.expected rename to c/common/test/rules/bitfieldshallhaveanappropriatetype/BitFieldShallHaveAnAppropriateType.expected diff --git a/c/common/test/rules/bitfieldshallhaveanappropriatetype/BitFieldShallHaveAnAppropriateType.ql b/c/common/test/rules/bitfieldshallhaveanappropriatetype/BitFieldShallHaveAnAppropriateType.ql new file mode 100644 index 0000000000..a3e1ecc76c --- /dev/null +++ b/c/common/test/rules/bitfieldshallhaveanappropriatetype/BitFieldShallHaveAnAppropriateType.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.bitfieldshallhaveanappropriatetype.BitFieldShallHaveAnAppropriateType + +class TestFileQuery extends BitFieldShallHaveAnAppropriateTypeSharedQuery, TestQuery { } diff --git a/c/common/test/rules/bitfieldshallhaveanappropriatetype_shared/test.c b/c/common/test/rules/bitfieldshallhaveanappropriatetype/test.c similarity index 100% rename from c/common/test/rules/bitfieldshallhaveanappropriatetype_shared/test.c rename to c/common/test/rules/bitfieldshallhaveanappropriatetype/test.c diff --git a/c/common/test/rules/bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.ql b/c/common/test/rules/bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.ql deleted file mode 100644 index e460832dc7..0000000000 --- a/c/common/test/rules/bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.bitfieldshallhaveanappropriatetype_shared.BitFieldShallHaveAnAppropriateType_shared - -class TestFileQuery extends BitFieldShallHaveAnAppropriateType_sharedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.expected b/c/common/test/rules/functionlikemacrosdefined/FunctionLikeMacrosDefined.expected similarity index 100% rename from c/common/test/rules/functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.expected rename to c/common/test/rules/functionlikemacrosdefined/FunctionLikeMacrosDefined.expected diff --git a/c/common/test/rules/functionlikemacrosdefined/FunctionLikeMacrosDefined.ql b/c/common/test/rules/functionlikemacrosdefined/FunctionLikeMacrosDefined.ql new file mode 100644 index 0000000000..29088c4458 --- /dev/null +++ b/c/common/test/rules/functionlikemacrosdefined/FunctionLikeMacrosDefined.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.functionlikemacrosdefined.FunctionLikeMacrosDefined + +class TestFileQuery extends FunctionLikeMacrosDefinedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/functionlikemacrosdefined_shared/test.c b/c/common/test/rules/functionlikemacrosdefined/test.c similarity index 100% rename from c/common/test/rules/functionlikemacrosdefined_shared/test.c rename to c/common/test/rules/functionlikemacrosdefined/test.c diff --git a/c/common/test/rules/functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.ql b/c/common/test/rules/functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.ql deleted file mode 100644 index 062cce047c..0000000000 --- a/c/common/test/rules/functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.functionlikemacrosdefined_shared.FunctionLikeMacrosDefined_shared - -class TestFileQuery extends FunctionLikeMacrosDefined_sharedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.expected b/c/common/test/rules/gotoreferencealabelinsurroundingblock/GotoReferenceALabelInSurroundingBlock.expected similarity index 100% rename from c/common/test/rules/gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.expected rename to c/common/test/rules/gotoreferencealabelinsurroundingblock/GotoReferenceALabelInSurroundingBlock.expected diff --git a/c/common/test/rules/gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.ql b/c/common/test/rules/gotoreferencealabelinsurroundingblock/GotoReferenceALabelInSurroundingBlock.ql similarity index 63% rename from c/common/test/rules/gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.ql rename to c/common/test/rules/gotoreferencealabelinsurroundingblock/GotoReferenceALabelInSurroundingBlock.ql index f905b9a46c..f553135683 100644 --- a/c/common/test/rules/gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.ql +++ b/c/common/test/rules/gotoreferencealabelinsurroundingblock/GotoReferenceALabelInSurroundingBlock.ql @@ -1,4 +1,4 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.gotoreferencealabelinsurroundingblock_shared.GotoReferenceALabelInSurroundingBlock_shared +import codingstandards.cpp.rules.gotoreferencealabelinsurroundingblock.GotoReferenceALabelInSurroundingBlock -class TestFileQuery extends GotoReferenceALabelInSurroundingBlock_sharedSharedQuery, TestQuery { } +class TestFileQuery extends GotoReferenceALabelInSurroundingBlockSharedQuery, TestQuery { } diff --git a/c/common/test/rules/gotoreferencealabelinsurroundingblock_shared/test.c b/c/common/test/rules/gotoreferencealabelinsurroundingblock/test.c similarity index 100% rename from c/common/test/rules/gotoreferencealabelinsurroundingblock_shared/test.c rename to c/common/test/rules/gotoreferencealabelinsurroundingblock/test.c diff --git a/c/common/test/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.expected b/c/common/test/rules/gotostatementshouldnotbeused/GotoStatementShouldNotBeUsed.expected similarity index 100% rename from c/common/test/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.expected rename to c/common/test/rules/gotostatementshouldnotbeused/GotoStatementShouldNotBeUsed.expected diff --git a/c/common/test/rules/gotostatementshouldnotbeused/GotoStatementShouldNotBeUsed.ql b/c/common/test/rules/gotostatementshouldnotbeused/GotoStatementShouldNotBeUsed.ql new file mode 100644 index 0000000000..1a117d5ddd --- /dev/null +++ b/c/common/test/rules/gotostatementshouldnotbeused/GotoStatementShouldNotBeUsed.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.gotostatementshouldnotbeused.GotoStatementShouldNotBeUsed + +class TestFileQuery extends GotoStatementShouldNotBeUsedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/gotostatementshouldnotbeused_shared/test.c b/c/common/test/rules/gotostatementshouldnotbeused/test.c similarity index 100% rename from c/common/test/rules/gotostatementshouldnotbeused_shared/test.c rename to c/common/test/rules/gotostatementshouldnotbeused/test.c diff --git a/c/common/test/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.ql b/c/common/test/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.ql deleted file mode 100644 index e7ae4fcebb..0000000000 --- a/c/common/test/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.gotostatementshouldnotbeused_shared.GotoStatementShouldNotBeUsed_shared - -class TestFileQuery extends GotoStatementShouldNotBeUsed_sharedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.expected b/c/common/test/rules/lowercaselstartsinliteralsuffix/LowercaseLStartsInLiteralSuffix.expected similarity index 100% rename from c/common/test/rules/lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.expected rename to c/common/test/rules/lowercaselstartsinliteralsuffix/LowercaseLStartsInLiteralSuffix.expected diff --git a/c/common/test/rules/lowercaselstartsinliteralsuffix/LowercaseLStartsInLiteralSuffix.ql b/c/common/test/rules/lowercaselstartsinliteralsuffix/LowercaseLStartsInLiteralSuffix.ql new file mode 100644 index 0000000000..ab353ca8a9 --- /dev/null +++ b/c/common/test/rules/lowercaselstartsinliteralsuffix/LowercaseLStartsInLiteralSuffix.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.lowercaselstartsinliteralsuffix.LowercaseLStartsInLiteralSuffix + +class TestFileQuery extends LowercaseLStartsInLiteralSuffixSharedQuery, TestQuery { } diff --git a/c/common/test/rules/lowercaselstartsinliteralsuffix_shared/test.c b/c/common/test/rules/lowercaselstartsinliteralsuffix/test.c similarity index 100% rename from c/common/test/rules/lowercaselstartsinliteralsuffix_shared/test.c rename to c/common/test/rules/lowercaselstartsinliteralsuffix/test.c diff --git a/c/common/test/rules/lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.ql b/c/common/test/rules/lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.ql deleted file mode 100644 index 8d7d9f0be8..0000000000 --- a/c/common/test/rules/lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.lowercaselstartsinliteralsuffix_shared.LowercaseLStartsInLiteralSuffix_shared - -class TestFileQuery extends LowercaseLStartsInLiteralSuffix_sharedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.expected b/c/common/test/rules/macroparameterfollowinghash/MacroParameterFollowingHash.expected similarity index 100% rename from c/common/test/rules/macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.expected rename to c/common/test/rules/macroparameterfollowinghash/MacroParameterFollowingHash.expected diff --git a/c/common/test/rules/macroparameterfollowinghash/MacroParameterFollowingHash.ql b/c/common/test/rules/macroparameterfollowinghash/MacroParameterFollowingHash.ql new file mode 100644 index 0000000000..f753b75463 --- /dev/null +++ b/c/common/test/rules/macroparameterfollowinghash/MacroParameterFollowingHash.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.macroparameterfollowinghash.MacroParameterFollowingHash + +class TestFileQuery extends MacroParameterFollowingHashSharedQuery, TestQuery { } diff --git a/c/common/test/rules/macroparameterfollowinghash_shared/test.c b/c/common/test/rules/macroparameterfollowinghash/test.c similarity index 100% rename from c/common/test/rules/macroparameterfollowinghash_shared/test.c rename to c/common/test/rules/macroparameterfollowinghash/test.c diff --git a/c/common/test/rules/macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.ql b/c/common/test/rules/macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.ql deleted file mode 100644 index 8c3dd270d0..0000000000 --- a/c/common/test/rules/macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.macroparameterfollowinghash_shared.MacroParameterFollowingHash_shared - -class TestFileQuery extends MacroParameterFollowingHash_sharedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.expected b/c/common/test/rules/memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.expected similarity index 100% rename from c/common/test/rules/memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.expected rename to c/common/test/rules/memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.expected diff --git a/c/common/test/rules/memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.ql b/c/common/test/rules/memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.ql similarity index 60% rename from c/common/test/rules/memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.ql rename to c/common/test/rules/memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.ql index e49f82c8fd..63351377f0 100644 --- a/c/common/test/rules/memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.ql +++ b/c/common/test/rules/memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.memoryoperationsnotsequencedappropriately_shared.MemoryOperationsNotSequencedAppropriately_shared +import codingstandards.cpp.rules.memoryoperationsnotsequencedappropriately.MemoryOperationsNotSequencedAppropriately -class TestFileQuery extends MemoryOperationsNotSequencedAppropriately_sharedSharedQuery, TestQuery { -} +class TestFileQuery extends MemoryOperationsNotSequencedAppropriatelySharedQuery, TestQuery { } diff --git a/c/common/test/rules/memoryoperationsnotsequencedappropriately_shared/test.c b/c/common/test/rules/memoryoperationsnotsequencedappropriately/test.c similarity index 100% rename from c/common/test/rules/memoryoperationsnotsequencedappropriately_shared/test.c rename to c/common/test/rules/memoryoperationsnotsequencedappropriately/test.c diff --git a/c/common/test/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.expected b/c/common/test/rules/namedbitfieldswithsignedintegertype/NamedBitFieldsWithSignedIntegerType.expected similarity index 100% rename from c/common/test/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.expected rename to c/common/test/rules/namedbitfieldswithsignedintegertype/NamedBitFieldsWithSignedIntegerType.expected diff --git a/c/common/test/rules/namedbitfieldswithsignedintegertype/NamedBitFieldsWithSignedIntegerType.ql b/c/common/test/rules/namedbitfieldswithsignedintegertype/NamedBitFieldsWithSignedIntegerType.ql new file mode 100644 index 0000000000..a82fa7905a --- /dev/null +++ b/c/common/test/rules/namedbitfieldswithsignedintegertype/NamedBitFieldsWithSignedIntegerType.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.namedbitfieldswithsignedintegertype.NamedBitFieldsWithSignedIntegerType + +class TestFileQuery extends NamedBitFieldsWithSignedIntegerTypeSharedQuery, TestQuery { } diff --git a/c/common/test/rules/namedbitfieldswithsignedintegertype_shared/test.c b/c/common/test/rules/namedbitfieldswithsignedintegertype/test.c similarity index 100% rename from c/common/test/rules/namedbitfieldswithsignedintegertype_shared/test.c rename to c/common/test/rules/namedbitfieldswithsignedintegertype/test.c diff --git a/c/common/test/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.ql b/c/common/test/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.ql deleted file mode 100644 index 09b98ff226..0000000000 --- a/c/common/test/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.namedbitfieldswithsignedintegertype_shared.NamedBitFieldsWithSignedIntegerType_shared - -class TestFileQuery extends NamedBitFieldsWithSignedIntegerType_sharedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.expected b/c/common/test/rules/nonterminatedescapesequences/NonTerminatedEscapeSequences.expected similarity index 100% rename from c/common/test/rules/nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.expected rename to c/common/test/rules/nonterminatedescapesequences/NonTerminatedEscapeSequences.expected diff --git a/c/common/test/rules/nonterminatedescapesequences/NonTerminatedEscapeSequences.ql b/c/common/test/rules/nonterminatedescapesequences/NonTerminatedEscapeSequences.ql new file mode 100644 index 0000000000..c1aae3c31b --- /dev/null +++ b/c/common/test/rules/nonterminatedescapesequences/NonTerminatedEscapeSequences.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.nonterminatedescapesequences.NonTerminatedEscapeSequences + +class TestFileQuery extends NonTerminatedEscapeSequencesSharedQuery, TestQuery { } diff --git a/c/common/test/rules/nonterminatedescapesequences_shared/test.c b/c/common/test/rules/nonterminatedescapesequences/test.c similarity index 100% rename from c/common/test/rules/nonterminatedescapesequences_shared/test.c rename to c/common/test/rules/nonterminatedescapesequences/test.c diff --git a/c/common/test/rules/nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.ql b/c/common/test/rules/nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.ql deleted file mode 100644 index 6cbb2220bb..0000000000 --- a/c/common/test/rules/nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.nonterminatedescapesequences_shared.NonTerminatedEscapeSequences_shared - -class TestFileQuery extends NonTerminatedEscapeSequences_sharedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.expected b/c/common/test/rules/nonuniqueenumerationconstant/NonUniqueEnumerationConstant.expected similarity index 100% rename from c/common/test/rules/nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.expected rename to c/common/test/rules/nonuniqueenumerationconstant/NonUniqueEnumerationConstant.expected diff --git a/c/common/test/rules/nonuniqueenumerationconstant/NonUniqueEnumerationConstant.ql b/c/common/test/rules/nonuniqueenumerationconstant/NonUniqueEnumerationConstant.ql new file mode 100644 index 0000000000..97ba6f516e --- /dev/null +++ b/c/common/test/rules/nonuniqueenumerationconstant/NonUniqueEnumerationConstant.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.nonuniqueenumerationconstant.NonUniqueEnumerationConstant + +class TestFileQuery extends NonUniqueEnumerationConstantSharedQuery, TestQuery { } diff --git a/c/common/test/rules/nonuniqueenumerationconstant_shared/test.c b/c/common/test/rules/nonuniqueenumerationconstant/test.c similarity index 100% rename from c/common/test/rules/nonuniqueenumerationconstant_shared/test.c rename to c/common/test/rules/nonuniqueenumerationconstant/test.c diff --git a/c/common/test/rules/nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.ql b/c/common/test/rules/nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.ql deleted file mode 100644 index f01ef52853..0000000000 --- a/c/common/test/rules/nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.nonuniqueenumerationconstant_shared.NonUniqueEnumerationConstant_shared - -class TestFileQuery extends NonUniqueEnumerationConstant_sharedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.expected b/c/common/test/rules/resultofanassignmentoperatorshouldnotbeused/ResultOfAnAssignmentOperatorShouldNotBeUsed.expected similarity index 100% rename from c/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.expected rename to c/common/test/rules/resultofanassignmentoperatorshouldnotbeused/ResultOfAnAssignmentOperatorShouldNotBeUsed.expected diff --git a/c/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql b/c/common/test/rules/resultofanassignmentoperatorshouldnotbeused/ResultOfAnAssignmentOperatorShouldNotBeUsed.ql similarity index 59% rename from c/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql rename to c/common/test/rules/resultofanassignmentoperatorshouldnotbeused/ResultOfAnAssignmentOperatorShouldNotBeUsed.ql index af3f7697f7..286e4424a4 100644 --- a/c/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql +++ b/c/common/test/rules/resultofanassignmentoperatorshouldnotbeused/ResultOfAnAssignmentOperatorShouldNotBeUsed.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.resultofanassignmentoperatorshouldnotbeused_shared.ResultOfAnAssignmentOperatorShouldNotBeUsed_shared +import codingstandards.cpp.rules.resultofanassignmentoperatorshouldnotbeused.ResultOfAnAssignmentOperatorShouldNotBeUsed -class TestFileQuery extends ResultOfAnAssignmentOperatorShouldNotBeUsed_sharedSharedQuery, TestQuery -{ } +class TestFileQuery extends ResultOfAnAssignmentOperatorShouldNotBeUsedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/test.c b/c/common/test/rules/resultofanassignmentoperatorshouldnotbeused/test.c similarity index 100% rename from c/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/test.c rename to c/common/test/rules/resultofanassignmentoperatorshouldnotbeused/test.c diff --git a/c/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.expected b/c/common/test/rules/unsignedoperationwithconstantoperandswraps/UnsignedOperationWithConstantOperandsWraps.expected similarity index 100% rename from c/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.expected rename to c/common/test/rules/unsignedoperationwithconstantoperandswraps/UnsignedOperationWithConstantOperandsWraps.expected diff --git a/c/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.ql b/c/common/test/rules/unsignedoperationwithconstantoperandswraps/UnsignedOperationWithConstantOperandsWraps.ql similarity index 59% rename from c/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.ql rename to c/common/test/rules/unsignedoperationwithconstantoperandswraps/UnsignedOperationWithConstantOperandsWraps.ql index 24780bcc5d..b88e7637c1 100644 --- a/c/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.ql +++ b/c/common/test/rules/unsignedoperationwithconstantoperandswraps/UnsignedOperationWithConstantOperandsWraps.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.unsignedoperationwithconstantoperandswraps_shared.UnsignedOperationWithConstantOperandsWraps_shared +import codingstandards.cpp.rules.unsignedoperationwithconstantoperandswraps.UnsignedOperationWithConstantOperandsWraps -class TestFileQuery extends UnsignedOperationWithConstantOperandsWraps_sharedSharedQuery, TestQuery { -} +class TestFileQuery extends UnsignedOperationWithConstantOperandsWrapsSharedQuery, TestQuery { } diff --git a/c/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/test.c b/c/common/test/rules/unsignedoperationwithconstantoperandswraps/test.c similarity index 100% rename from c/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/test.c rename to c/common/test/rules/unsignedoperationwithconstantoperandswraps/test.c diff --git a/c/common/test/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.expected b/c/common/test/rules/useofnonzerooctalliteral/UseOfNonZeroOctalLiteral.expected similarity index 100% rename from c/common/test/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.expected rename to c/common/test/rules/useofnonzerooctalliteral/UseOfNonZeroOctalLiteral.expected diff --git a/c/common/test/rules/useofnonzerooctalliteral/UseOfNonZeroOctalLiteral.ql b/c/common/test/rules/useofnonzerooctalliteral/UseOfNonZeroOctalLiteral.ql new file mode 100644 index 0000000000..0404a7bc0c --- /dev/null +++ b/c/common/test/rules/useofnonzerooctalliteral/UseOfNonZeroOctalLiteral.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.useofnonzerooctalliteral.UseOfNonZeroOctalLiteral + +class TestFileQuery extends UseOfNonZeroOctalLiteralSharedQuery, TestQuery { } diff --git a/c/common/test/rules/useofnonzerooctalliteral_shared/test.c b/c/common/test/rules/useofnonzerooctalliteral/test.c similarity index 100% rename from c/common/test/rules/useofnonzerooctalliteral_shared/test.c rename to c/common/test/rules/useofnonzerooctalliteral/test.c diff --git a/c/common/test/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.ql b/c/common/test/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.ql deleted file mode 100644 index dcd6042639..0000000000 --- a/c/common/test/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.useofnonzerooctalliteral_shared.UseOfNonZeroOctalLiteral_shared - -class TestFileQuery extends UseOfNonZeroOctalLiteral_sharedSharedQuery, TestQuery { } diff --git a/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql b/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql index 64a62e495e..3d8a51f219 100644 --- a/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql +++ b/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql @@ -15,9 +15,9 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.rules.functionlikemacrosdefined_shared.FunctionLikeMacrosDefined_shared +import codingstandards.cpp.rules.functionlikemacrosdefined.FunctionLikeMacrosDefined -class FunctionOverFunctionLikeMacroQuery extends FunctionLikeMacrosDefined_sharedSharedQuery { +class FunctionOverFunctionLikeMacroQuery extends FunctionLikeMacrosDefinedSharedQuery { FunctionOverFunctionLikeMacroQuery() { this = Preprocessor6Package::functionOverFunctionLikeMacroQuery() } diff --git a/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql b/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql index f2517abc21..80a9c540c1 100644 --- a/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql +++ b/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql @@ -13,9 +13,9 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.rules.memoryoperationsnotsequencedappropriately_shared.MemoryOperationsNotSequencedAppropriately_shared +import codingstandards.cpp.rules.memoryoperationsnotsequencedappropriately.MemoryOperationsNotSequencedAppropriately -class UnsequencedSideEffectsQuery extends MemoryOperationsNotSequencedAppropriately_sharedSharedQuery +class UnsequencedSideEffectsQuery extends MemoryOperationsNotSequencedAppropriatelySharedQuery { UnsequencedSideEffectsQuery() { this = SideEffects3Package::unsequencedSideEffectsQuery() } } diff --git a/c/misra/src/rules/RULE-13-4/ResultOfAnAssignmentOperatorShouldNotBeUsed.ql b/c/misra/src/rules/RULE-13-4/ResultOfAnAssignmentOperatorShouldNotBeUsed.ql index 5a105ca27f..69a5d57f25 100644 --- a/c/misra/src/rules/RULE-13-4/ResultOfAnAssignmentOperatorShouldNotBeUsed.ql +++ b/c/misra/src/rules/RULE-13-4/ResultOfAnAssignmentOperatorShouldNotBeUsed.ql @@ -14,9 +14,9 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.rules.resultofanassignmentoperatorshouldnotbeused_shared.ResultOfAnAssignmentOperatorShouldNotBeUsed_shared +import codingstandards.cpp.rules.resultofanassignmentoperatorshouldnotbeused.ResultOfAnAssignmentOperatorShouldNotBeUsed -class ResultOfAnAssignmentOperatorShouldNotBeUsedQuery extends ResultOfAnAssignmentOperatorShouldNotBeUsed_sharedSharedQuery +class ResultOfAnAssignmentOperatorShouldNotBeUsedQuery extends ResultOfAnAssignmentOperatorShouldNotBeUsedSharedQuery { ResultOfAnAssignmentOperatorShouldNotBeUsedQuery() { this = SideEffects1Package::resultOfAnAssignmentOperatorShouldNotBeUsedQuery() diff --git a/c/misra/src/rules/RULE-15-1/GotoStatementUsed.ql b/c/misra/src/rules/RULE-15-1/GotoStatementUsed.ql index 845d36f798..d1c9aadadd 100644 --- a/c/misra/src/rules/RULE-15-1/GotoStatementUsed.ql +++ b/c/misra/src/rules/RULE-15-1/GotoStatementUsed.ql @@ -13,8 +13,8 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.rules.gotostatementshouldnotbeused_shared.GotoStatementShouldNotBeUsed_shared +import codingstandards.cpp.rules.gotostatementshouldnotbeused.GotoStatementShouldNotBeUsed -class GotoStatementUsedQuery extends GotoStatementShouldNotBeUsed_sharedSharedQuery { +class GotoStatementUsedQuery extends GotoStatementShouldNotBeUsedSharedQuery { GotoStatementUsedQuery() { this = Statements6Package::gotoStatementUsedQuery() } } diff --git a/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql b/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql index 16f24fd75e..1f9f066f53 100644 --- a/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql +++ b/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql @@ -14,8 +14,8 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.rules.gotoreferencealabelinsurroundingblock_shared.GotoReferenceALabelInSurroundingBlock_shared +import codingstandards.cpp.rules.gotoreferencealabelinsurroundingblock.GotoReferenceALabelInSurroundingBlock -class GotoLabelBlockConditionQuery extends GotoReferenceALabelInSurroundingBlock_sharedSharedQuery { +class GotoLabelBlockConditionQuery extends GotoReferenceALabelInSurroundingBlockSharedQuery { GotoLabelBlockConditionQuery() { this = Statements2Package::gotoLabelBlockConditionQuery() } } diff --git a/c/misra/src/rules/RULE-20-11/MoreThanOneHashOperatorInMacroDefinition.ql b/c/misra/src/rules/RULE-20-11/MoreThanOneHashOperatorInMacroDefinition.ql index 55aa607723..8717afb4f1 100644 --- a/c/misra/src/rules/RULE-20-11/MoreThanOneHashOperatorInMacroDefinition.ql +++ b/c/misra/src/rules/RULE-20-11/MoreThanOneHashOperatorInMacroDefinition.ql @@ -13,9 +13,9 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.rules.macroparameterfollowinghash_shared.MacroParameterFollowingHash_shared +import codingstandards.cpp.rules.macroparameterfollowinghash.MacroParameterFollowingHash -class MoreThanOneHashOperatorInMacroDefinitionQuery extends MacroParameterFollowingHash_sharedSharedQuery +class MoreThanOneHashOperatorInMacroDefinitionQuery extends MacroParameterFollowingHashSharedQuery { MoreThanOneHashOperatorInMacroDefinitionQuery() { this = Preprocessor2Package::moreThanOneHashOperatorInMacroDefinitionQuery() diff --git a/c/misra/src/rules/RULE-20-12/MacroParameterUsedAsHashOperand.ql b/c/misra/src/rules/RULE-20-12/MacroParameterUsedAsHashOperand.ql index efe083efc0..8b9d6ca763 100644 --- a/c/misra/src/rules/RULE-20-12/MacroParameterUsedAsHashOperand.ql +++ b/c/misra/src/rules/RULE-20-12/MacroParameterUsedAsHashOperand.ql @@ -15,9 +15,9 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.rules.amixedusemacroargumentsubjecttoexpansion_shared.AMixedUseMacroArgumentSubjectToExpansion_shared +import codingstandards.cpp.rules.amixedusemacroargumentsubjecttoexpansion.AMixedUseMacroArgumentSubjectToExpansion -class MacroParameterUsedAsHashOperandQuery extends AMixedUseMacroArgumentSubjectToExpansion_sharedSharedQuery +class MacroParameterUsedAsHashOperandQuery extends AMixedUseMacroArgumentSubjectToExpansionSharedQuery { MacroParameterUsedAsHashOperandQuery() { this = Preprocessor2Package::macroParameterUsedAsHashOperandQuery() diff --git a/c/misra/src/rules/RULE-21-7/AtofAtoiAtolAndAtollOfStdlibhUsed.ql b/c/misra/src/rules/RULE-21-7/AtofAtoiAtolAndAtollOfStdlibhUsed.ql index 69733b6308..7263e91d53 100644 --- a/c/misra/src/rules/RULE-21-7/AtofAtoiAtolAndAtollOfStdlibhUsed.ql +++ b/c/misra/src/rules/RULE-21-7/AtofAtoiAtolAndAtollOfStdlibhUsed.ql @@ -13,9 +13,9 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.rules.atofatoiatolandatollused_shared.AtofAtoiAtolAndAtollUsed_shared +import codingstandards.cpp.rules.atofatoiatolandatollused.AtofAtoiAtolAndAtollUsed -class AtofAtoiAtolAndAtollOfStdlibhUsedQuery extends AtofAtoiAtolAndAtollUsed_sharedSharedQuery { +class AtofAtoiAtolAndAtollOfStdlibhUsedQuery extends AtofAtoiAtolAndAtollUsedSharedQuery { AtofAtoiAtolAndAtollOfStdlibhUsedQuery() { this = BannedPackage::atofAtoiAtolAndAtollOfStdlibhUsedQuery() } diff --git a/c/misra/src/rules/RULE-4-1/OctalAndHexadecimalEscapeSequencesNotTerminated.ql b/c/misra/src/rules/RULE-4-1/OctalAndHexadecimalEscapeSequencesNotTerminated.ql index e9d5f7b97c..fd77f1a688 100644 --- a/c/misra/src/rules/RULE-4-1/OctalAndHexadecimalEscapeSequencesNotTerminated.ql +++ b/c/misra/src/rules/RULE-4-1/OctalAndHexadecimalEscapeSequencesNotTerminated.ql @@ -15,9 +15,9 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.rules.nonterminatedescapesequences_shared.NonTerminatedEscapeSequences_shared +import codingstandards.cpp.rules.nonterminatedescapesequences.NonTerminatedEscapeSequences -class OctalAndHexadecimalEscapeSequencesNotTerminatedQuery extends NonTerminatedEscapeSequences_sharedSharedQuery +class OctalAndHexadecimalEscapeSequencesNotTerminatedQuery extends NonTerminatedEscapeSequencesSharedQuery { OctalAndHexadecimalEscapeSequencesNotTerminatedQuery() { this = SyntaxPackage::octalAndHexadecimalEscapeSequencesNotTerminatedQuery() diff --git a/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql b/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql index aaf7ff68a6..f5bc589a4d 100644 --- a/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql +++ b/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql @@ -12,9 +12,9 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.rules.bitfieldshallhaveanappropriatetype_shared.BitFieldShallHaveAnAppropriateType_shared +import codingstandards.cpp.rules.bitfieldshallhaveanappropriatetype.BitFieldShallHaveAnAppropriateType -class BitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery extends BitFieldShallHaveAnAppropriateType_sharedSharedQuery +class BitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery extends BitFieldShallHaveAnAppropriateTypeSharedQuery { BitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery() { this = BitfieldTypesPackage::bitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery() diff --git a/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql b/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql index 630f60cb92..d699c1c9b7 100644 --- a/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql +++ b/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql @@ -12,9 +12,9 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.rules.namedbitfieldswithsignedintegertype_shared.NamedBitFieldsWithSignedIntegerType_shared +import codingstandards.cpp.rules.namedbitfieldswithsignedintegertype.NamedBitFieldsWithSignedIntegerType -class SingleBitNamedBitFieldsOfASignedTypeQuery extends NamedBitFieldsWithSignedIntegerType_sharedSharedQuery +class SingleBitNamedBitFieldsOfASignedTypeQuery extends NamedBitFieldsWithSignedIntegerTypeSharedQuery { SingleBitNamedBitFieldsOfASignedTypeQuery() { this = BitfieldTypesPackage::singleBitNamedBitFieldsOfASignedTypeQuery() diff --git a/c/misra/src/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.ql b/c/misra/src/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.ql index a2685db53c..a4fcb0e4f3 100644 --- a/c/misra/src/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.ql +++ b/c/misra/src/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.ql @@ -14,9 +14,9 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.rules.nonuniqueenumerationconstant_shared.NonUniqueEnumerationConstant_shared +import codingstandards.cpp.rules.nonuniqueenumerationconstant.NonUniqueEnumerationConstant -class ValueImplicitEnumerationConstantNotUniqueQuery extends NonUniqueEnumerationConstant_sharedSharedQuery +class ValueImplicitEnumerationConstantNotUniqueQuery extends NonUniqueEnumerationConstantSharedQuery { ValueImplicitEnumerationConstantNotUniqueQuery() { this = Declarations7Package::valueImplicitEnumerationConstantNotUniqueQuery() diff --git a/c/misra/test/rules/DIR-4-9/FunctionOverFunctionLikeMacro.testref b/c/misra/test/rules/DIR-4-9/FunctionOverFunctionLikeMacro.testref index cd897ee364..fb033c44e4 100644 --- a/c/misra/test/rules/DIR-4-9/FunctionOverFunctionLikeMacro.testref +++ b/c/misra/test/rules/DIR-4-9/FunctionOverFunctionLikeMacro.testref @@ -1 +1 @@ -c/common/test/rules/functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.ql \ No newline at end of file +c/common/test/rules/functionlikemacrosdefined/FunctionLikeMacrosDefined.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.testref b/c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.testref index 6131c93357..4623176d42 100644 --- a/c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.testref +++ b/c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.testref @@ -1 +1 @@ -c/common/test/rules/memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.ql \ No newline at end of file +c/common/test/rules/memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-13-4/ResultOfAnAssignmentOperatorShouldNotBeUsed.testref b/c/misra/test/rules/RULE-13-4/ResultOfAnAssignmentOperatorShouldNotBeUsed.testref index 0bda23895c..41e225624c 100644 --- a/c/misra/test/rules/RULE-13-4/ResultOfAnAssignmentOperatorShouldNotBeUsed.testref +++ b/c/misra/test/rules/RULE-13-4/ResultOfAnAssignmentOperatorShouldNotBeUsed.testref @@ -1 +1 @@ -c/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql \ No newline at end of file +c/common/test/rules/resultofanassignmentoperatorshouldnotbeused/ResultOfAnAssignmentOperatorShouldNotBeUsed.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-15-1/GotoStatementUsed.testref b/c/misra/test/rules/RULE-15-1/GotoStatementUsed.testref index 94fa27a461..1834c6e140 100644 --- a/c/misra/test/rules/RULE-15-1/GotoStatementUsed.testref +++ b/c/misra/test/rules/RULE-15-1/GotoStatementUsed.testref @@ -1 +1 @@ -c/common/test/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.ql \ No newline at end of file +c/common/test/rules/gotostatementshouldnotbeused/GotoStatementShouldNotBeUsed.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.testref b/c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.testref index 81d6739cb7..cf558d9350 100644 --- a/c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.testref +++ b/c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.testref @@ -1 +1 @@ -c/common/test/rules/gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.ql \ No newline at end of file +c/common/test/rules/gotoreferencealabelinsurroundingblock/GotoReferenceALabelInSurroundingBlock.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-20-11/MoreThanOneHashOperatorInMacroDefinition.testref b/c/misra/test/rules/RULE-20-11/MoreThanOneHashOperatorInMacroDefinition.testref index ff0bf76291..be7ebf2815 100644 --- a/c/misra/test/rules/RULE-20-11/MoreThanOneHashOperatorInMacroDefinition.testref +++ b/c/misra/test/rules/RULE-20-11/MoreThanOneHashOperatorInMacroDefinition.testref @@ -1 +1 @@ -c/common/test/rules/macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.ql \ No newline at end of file +c/common/test/rules/macroparameterfollowinghash/MacroParameterFollowingHash.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-20-12/MacroParameterUsedAsHashOperand.testref b/c/misra/test/rules/RULE-20-12/MacroParameterUsedAsHashOperand.testref index 4c511bd34e..d1cc5971c7 100644 --- a/c/misra/test/rules/RULE-20-12/MacroParameterUsedAsHashOperand.testref +++ b/c/misra/test/rules/RULE-20-12/MacroParameterUsedAsHashOperand.testref @@ -1 +1 @@ -c/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.ql \ No newline at end of file +c/common/test/rules/amixedusemacroargumentsubjecttoexpansion/AMixedUseMacroArgumentSubjectToExpansion.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-7/AtofAtoiAtolAndAtollOfStdlibhUsed.testref b/c/misra/test/rules/RULE-21-7/AtofAtoiAtolAndAtollOfStdlibhUsed.testref index 441b3f33c2..fccafa2049 100644 --- a/c/misra/test/rules/RULE-21-7/AtofAtoiAtolAndAtollOfStdlibhUsed.testref +++ b/c/misra/test/rules/RULE-21-7/AtofAtoiAtolAndAtollOfStdlibhUsed.testref @@ -1 +1 @@ -c/common/test/rules/atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.ql \ No newline at end of file +c/common/test/rules/atofatoiatolandatollused/AtofAtoiAtolAndAtollUsed.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-4-1/OctalAndHexadecimalEscapeSequencesNotTerminated.testref b/c/misra/test/rules/RULE-4-1/OctalAndHexadecimalEscapeSequencesNotTerminated.testref index 7cece164a3..f8b5396a9c 100644 --- a/c/misra/test/rules/RULE-4-1/OctalAndHexadecimalEscapeSequencesNotTerminated.testref +++ b/c/misra/test/rules/RULE-4-1/OctalAndHexadecimalEscapeSequencesNotTerminated.testref @@ -1 +1 @@ -c/common/test/rules/nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.ql \ No newline at end of file +c/common/test/rules/nonterminatedescapesequences/NonTerminatedEscapeSequences.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.testref b/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.testref index 7b535ba5ce..9d02a25700 100644 --- a/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.testref +++ b/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.testref @@ -1 +1 @@ -c/common/test/rules/bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.ql \ No newline at end of file +c/common/test/rules/bitfieldshallhaveanappropriatetype/BitFieldShallHaveAnAppropriateType.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.testref b/c/misra/test/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.testref index a068a4ff61..edc2f5a16d 100644 --- a/c/misra/test/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.testref +++ b/c/misra/test/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.testref @@ -1 +1 @@ -c/common/test/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.ql \ No newline at end of file +c/common/test/rules/namedbitfieldswithsignedintegertype/NamedBitFieldsWithSignedIntegerType.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-7-3/LowercaseCharacterLUsedInLiteralSuffix.testref b/c/misra/test/rules/RULE-7-3/LowercaseCharacterLUsedInLiteralSuffix.testref index e9f0d150e9..1fc7164d80 100644 --- a/c/misra/test/rules/RULE-7-3/LowercaseCharacterLUsedInLiteralSuffix.testref +++ b/c/misra/test/rules/RULE-7-3/LowercaseCharacterLUsedInLiteralSuffix.testref @@ -1 +1 @@ -c/common/test/rules/lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.ql \ No newline at end of file +c/common/test/rules/lowercaselstartsinliteralsuffix/LowercaseLStartsInLiteralSuffix.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.testref b/c/misra/test/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.testref index bf49fc0b00..7db7d79d72 100644 --- a/c/misra/test/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.testref +++ b/c/misra/test/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.testref @@ -1 +1 @@ -c/common/test/rules/nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.ql \ No newline at end of file +c/common/test/rules/nonuniqueenumerationconstant/NonUniqueEnumerationConstant.ql \ No newline at end of file diff --git a/cpp/autosar/src/rules/A12-1-1/ExplicitConstructorBaseClassInitialization.ql b/cpp/autosar/src/rules/A12-1-1/ExplicitConstructorBaseClassInitialization.ql index e97c540d08..66fe0345dc 100644 --- a/cpp/autosar/src/rules/A12-1-1/ExplicitConstructorBaseClassInitialization.ql +++ b/cpp/autosar/src/rules/A12-1-1/ExplicitConstructorBaseClassInitialization.ql @@ -16,9 +16,9 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.initializeallvirtualbaseclasses_shared.InitializeAllVirtualBaseClasses_shared +import codingstandards.cpp.rules.initializeallvirtualbaseclasses.InitializeAllVirtualBaseClasses -class ExplicitConstructorBaseClassInitializationQuery extends InitializeAllVirtualBaseClasses_sharedSharedQuery +class ExplicitConstructorBaseClassInitializationQuery extends InitializeAllVirtualBaseClassesSharedQuery { ExplicitConstructorBaseClassInitializationQuery() { this = InitializationPackage::explicitConstructorBaseClassInitializationQuery() diff --git a/cpp/autosar/src/rules/A12-8-5/CopyAssignmentAndAMoveHandleSelfAssignment.ql b/cpp/autosar/src/rules/A12-8-5/CopyAssignmentAndAMoveHandleSelfAssignment.ql index 789327e5e9..9697176711 100644 --- a/cpp/autosar/src/rules/A12-8-5/CopyAssignmentAndAMoveHandleSelfAssignment.ql +++ b/cpp/autosar/src/rules/A12-8-5/CopyAssignmentAndAMoveHandleSelfAssignment.ql @@ -17,9 +17,9 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.copyandmoveassignmentsshallhandleselfassignment_shared.CopyAndMoveAssignmentsShallHandleSelfAssignment_shared +import codingstandards.cpp.rules.copyandmoveassignmentsshallhandleselfassignment.CopyAndMoveAssignmentsShallHandleSelfAssignment -class CopyAssignmentAndAMoveHandleSelfAssignmentQuery extends CopyAndMoveAssignmentsShallHandleSelfAssignment_sharedSharedQuery +class CopyAssignmentAndAMoveHandleSelfAssignmentQuery extends CopyAndMoveAssignmentsShallHandleSelfAssignmentSharedQuery { CopyAssignmentAndAMoveHandleSelfAssignmentQuery() { this = OperatorInvariantsPackage::copyAssignmentAndAMoveHandleSelfAssignmentQuery() diff --git a/cpp/autosar/src/rules/A14-8-2/ExplicitSpecializationsOfFunctionTemplatesUsed.ql b/cpp/autosar/src/rules/A14-8-2/ExplicitSpecializationsOfFunctionTemplatesUsed.ql index 9f6063d568..86218a47d6 100644 --- a/cpp/autosar/src/rules/A14-8-2/ExplicitSpecializationsOfFunctionTemplatesUsed.ql +++ b/cpp/autosar/src/rules/A14-8-2/ExplicitSpecializationsOfFunctionTemplatesUsed.ql @@ -16,9 +16,9 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.functiontemplatesexplicitlyspecialized_shared.FunctionTemplatesExplicitlySpecialized_shared +import codingstandards.cpp.rules.functiontemplatesexplicitlyspecialized.FunctionTemplatesExplicitlySpecialized -class ExplicitSpecializationsOfFunctionTemplatesUsedQuery extends FunctionTemplatesExplicitlySpecialized_sharedSharedQuery +class ExplicitSpecializationsOfFunctionTemplatesUsedQuery extends FunctionTemplatesExplicitlySpecializedSharedQuery { ExplicitSpecializationsOfFunctionTemplatesUsedQuery() { this = TemplatesPackage::explicitSpecializationsOfFunctionTemplatesUsedQuery() diff --git a/cpp/autosar/src/rules/A15-1-2/PointerExceptionObject.ql b/cpp/autosar/src/rules/A15-1-2/PointerExceptionObject.ql index 3187174576..b2f101082f 100644 --- a/cpp/autosar/src/rules/A15-1-2/PointerExceptionObject.ql +++ b/cpp/autosar/src/rules/A15-1-2/PointerExceptionObject.ql @@ -15,8 +15,8 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.exceptionobjecthavepointertype_shared.ExceptionObjectHavePointerType_shared +import codingstandards.cpp.rules.exceptionobjecthavepointertype.ExceptionObjectHavePointerType -class PointerExceptionObjectQuery extends ExceptionObjectHavePointerType_sharedSharedQuery { +class PointerExceptionObjectQuery extends ExceptionObjectHavePointerTypeSharedQuery { PointerExceptionObjectQuery() { this = Exceptions1Package::pointerExceptionObjectQuery() } } diff --git a/cpp/autosar/src/rules/A15-4-2/NoExceptFunctionThrows.ql b/cpp/autosar/src/rules/A15-4-2/NoExceptFunctionThrows.ql index 3c32b3970f..56494147f4 100644 --- a/cpp/autosar/src/rules/A15-4-2/NoExceptFunctionThrows.ql +++ b/cpp/autosar/src/rules/A15-4-2/NoExceptFunctionThrows.ql @@ -15,9 +15,9 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.noexceptfunctionshouldnotpropagatetothecaller_shared.NoexceptFunctionShouldNotPropagateToTheCaller_shared +import codingstandards.cpp.rules.noexceptfunctionshouldnotpropagatetothecaller.NoexceptFunctionShouldNotPropagateToTheCaller -class NoExceptFunctionThrowsQuery extends NoexceptFunctionShouldNotPropagateToTheCaller_sharedSharedQuery +class NoExceptFunctionThrowsQuery extends NoexceptFunctionShouldNotPropagateToTheCallerSharedQuery { NoExceptFunctionThrowsQuery() { this = Exceptions1Package::noExceptFunctionThrowsQuery() } } diff --git a/cpp/autosar/src/rules/A18-1-2/VectorboolSpecializationUsed.ql b/cpp/autosar/src/rules/A18-1-2/VectorboolSpecializationUsed.ql index 36a4a448a7..6c517675f6 100644 --- a/cpp/autosar/src/rules/A18-1-2/VectorboolSpecializationUsed.ql +++ b/cpp/autosar/src/rules/A18-1-2/VectorboolSpecializationUsed.ql @@ -17,9 +17,9 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.vectorshouldnotbespecializedwithbool_shared.VectorShouldNotBeSpecializedWithBool_shared +import codingstandards.cpp.rules.vectorshouldnotbespecializedwithbool.VectorShouldNotBeSpecializedWithBool -class VectorboolSpecializationUsedQuery extends VectorShouldNotBeSpecializedWithBool_sharedSharedQuery +class VectorboolSpecializationUsedQuery extends VectorShouldNotBeSpecializedWithBoolSharedQuery { VectorboolSpecializationUsedQuery() { this = BannedTypesPackage::vectorboolSpecializationUsedQuery() diff --git a/cpp/autosar/src/rules/A18-5-4/GlobalSizedOperatorDeleteNotDefined.ql b/cpp/autosar/src/rules/A18-5-4/GlobalSizedOperatorDeleteNotDefined.ql index c701c154cd..274b18301c 100644 --- a/cpp/autosar/src/rules/A18-5-4/GlobalSizedOperatorDeleteNotDefined.ql +++ b/cpp/autosar/src/rules/A18-5-4/GlobalSizedOperatorDeleteNotDefined.ql @@ -15,9 +15,9 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.globalsizedoperatordeletenotdefined_shared.GlobalSizedOperatorDeleteNotDefined_shared +import codingstandards.cpp.rules.globalsizedoperatordeletenotdefined.GlobalSizedOperatorDeleteNotDefined -class GlobalSizedOperatorDeleteNotDefinedQuery extends GlobalSizedOperatorDeleteNotDefined_sharedSharedQuery +class GlobalSizedOperatorDeleteNotDefinedQuery extends GlobalSizedOperatorDeleteNotDefinedSharedQuery { GlobalSizedOperatorDeleteNotDefinedQuery() { this = DeclarationsPackage::globalSizedOperatorDeleteNotDefinedQuery() diff --git a/cpp/autosar/src/rules/A18-5-4/GlobalUnsizedOperatorDeleteNotDefined.ql b/cpp/autosar/src/rules/A18-5-4/GlobalUnsizedOperatorDeleteNotDefined.ql index c4ee4a6569..2bd0ada800 100644 --- a/cpp/autosar/src/rules/A18-5-4/GlobalUnsizedOperatorDeleteNotDefined.ql +++ b/cpp/autosar/src/rules/A18-5-4/GlobalUnsizedOperatorDeleteNotDefined.ql @@ -15,9 +15,9 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.globalunsizedoperatordeletenotdefined_shared.GlobalUnsizedOperatorDeleteNotDefined_shared +import codingstandards.cpp.rules.globalunsizedoperatordeletenotdefined.GlobalUnsizedOperatorDeleteNotDefined -class GlobalUnsizedOperatorDeleteNotDefinedQuery extends GlobalUnsizedOperatorDeleteNotDefined_sharedSharedQuery +class GlobalUnsizedOperatorDeleteNotDefinedQuery extends GlobalUnsizedOperatorDeleteNotDefinedSharedQuery { GlobalUnsizedOperatorDeleteNotDefinedQuery() { this = DeclarationsPackage::globalUnsizedOperatorDeleteNotDefinedQuery() diff --git a/cpp/autosar/src/rules/A18-9-2/ForwardingValuesToOtherFunctions.ql b/cpp/autosar/src/rules/A18-9-2/ForwardingValuesToOtherFunctions.ql index 02c46fe544..72de362ebc 100644 --- a/cpp/autosar/src/rules/A18-9-2/ForwardingValuesToOtherFunctions.ql +++ b/cpp/autosar/src/rules/A18-9-2/ForwardingValuesToOtherFunctions.ql @@ -15,9 +15,9 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.forwardingreferencesandforwardnotusedtogether_shared.ForwardingReferencesAndForwardNotUsedTogether_shared +import codingstandards.cpp.rules.forwardingreferencesandforwardnotusedtogether.ForwardingReferencesAndForwardNotUsedTogether -class ForwardingValuesToOtherFunctionsQuery extends ForwardingReferencesAndForwardNotUsedTogether_sharedSharedQuery +class ForwardingValuesToOtherFunctionsQuery extends ForwardingReferencesAndForwardNotUsedTogetherSharedQuery { ForwardingValuesToOtherFunctionsQuery() { this = MoveForwardPackage::forwardingValuesToOtherFunctionsQuery() diff --git a/cpp/autosar/src/rules/A2-13-1/EscapeSequenceOutsideISO.ql b/cpp/autosar/src/rules/A2-13-1/EscapeSequenceOutsideISO.ql index 0c1ffe818a..0f1d9a3271 100644 --- a/cpp/autosar/src/rules/A2-13-1/EscapeSequenceOutsideISO.ql +++ b/cpp/autosar/src/rules/A2-13-1/EscapeSequenceOutsideISO.ql @@ -16,8 +16,8 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.backslashcharactermisuse_shared.BackslashCharacterMisuse_shared +import codingstandards.cpp.rules.backslashcharactermisuse.BackslashCharacterMisuse -class EscapeSequenceOutsideISOQuery extends BackslashCharacterMisuse_sharedSharedQuery { +class EscapeSequenceOutsideISOQuery extends BackslashCharacterMisuseSharedQuery { EscapeSequenceOutsideISOQuery() { this = LiteralsPackage::escapeSequenceOutsideISOQuery() } } diff --git a/cpp/autosar/src/rules/A2-7-1/SingleLineCommentEndsWithSlash.ql b/cpp/autosar/src/rules/A2-7-1/SingleLineCommentEndsWithSlash.ql index eee2d6fa6d..cd7d7c42cd 100644 --- a/cpp/autosar/src/rules/A2-7-1/SingleLineCommentEndsWithSlash.ql +++ b/cpp/autosar/src/rules/A2-7-1/SingleLineCommentEndsWithSlash.ql @@ -17,9 +17,9 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.linesplicingusedincomments_shared.LineSplicingUsedInComments_shared +import codingstandards.cpp.rules.linesplicingusedincomments.LineSplicingUsedInComments -class SingleLineCommentEndsWithSlashQuery extends LineSplicingUsedInComments_sharedSharedQuery { +class SingleLineCommentEndsWithSlashQuery extends LineSplicingUsedInCommentsSharedQuery { SingleLineCommentEndsWithSlashQuery() { this = CommentsPackage::singleLineCommentEndsWithSlashQuery() } diff --git a/cpp/autosar/src/rules/A4-10-1/NullPointerConstantNotNullptr.ql b/cpp/autosar/src/rules/A4-10-1/NullPointerConstantNotNullptr.ql index 577a1646c6..ce3c6f8461 100644 --- a/cpp/autosar/src/rules/A4-10-1/NullPointerConstantNotNullptr.ql +++ b/cpp/autosar/src/rules/A4-10-1/NullPointerConstantNotNullptr.ql @@ -16,9 +16,9 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.nullptrnottheonlyformofthenullpointerconstant_shared.NullptrNotTheOnlyFormOfTheNullPointerConstant_shared +import codingstandards.cpp.rules.nullptrnottheonlyformofthenullpointerconstant.NullptrNotTheOnlyFormOfTheNullPointerConstant -class NullPointerConstantNotNullptrQuery extends NullptrNotTheOnlyFormOfTheNullPointerConstant_sharedSharedQuery +class NullPointerConstantNotNullptrQuery extends NullptrNotTheOnlyFormOfTheNullPointerConstantSharedQuery { NullPointerConstantNotNullptrQuery() { this = LiteralsPackage::nullPointerConstantNotNullptrQuery() diff --git a/cpp/autosar/src/rules/A5-10-1/VirtualPointerOnlyComparesToNullptrConstant.ql b/cpp/autosar/src/rules/A5-10-1/VirtualPointerOnlyComparesToNullptrConstant.ql index ee3d47611a..01a45e75f7 100644 --- a/cpp/autosar/src/rules/A5-10-1/VirtualPointerOnlyComparesToNullptrConstant.ql +++ b/cpp/autosar/src/rules/A5-10-1/VirtualPointerOnlyComparesToNullptrConstant.ql @@ -16,9 +16,9 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.potentiallyvirtualpointeronlycomparestonullptr_shared.PotentiallyVirtualPointerOnlyComparesToNullptr_shared +import codingstandards.cpp.rules.potentiallyvirtualpointeronlycomparestonullptr.PotentiallyVirtualPointerOnlyComparesToNullptr -class VirtualPointerOnlyComparesToNullptrConstantQuery extends PotentiallyVirtualPointerOnlyComparesToNullptr_sharedSharedQuery +class VirtualPointerOnlyComparesToNullptrConstantQuery extends PotentiallyVirtualPointerOnlyComparesToNullptrSharedQuery { VirtualPointerOnlyComparesToNullptrConstantQuery() { this = PointersPackage::virtualPointerOnlyComparesToNullptrConstantQuery() diff --git a/cpp/autosar/src/rules/A5-2-4/ReinterpretCastUsed.ql b/cpp/autosar/src/rules/A5-2-4/ReinterpretCastUsed.ql index 4a051167f6..bf5805698d 100644 --- a/cpp/autosar/src/rules/A5-2-4/ReinterpretCastUsed.ql +++ b/cpp/autosar/src/rules/A5-2-4/ReinterpretCastUsed.ql @@ -16,8 +16,8 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.reinterpretcastused_shared.ReinterpretCastUsed_shared +import codingstandards.cpp.rules.reinterpretcastused.ReinterpretCastUsed -class ReinterpretCastUsedQuery extends ReinterpretCastUsed_sharedSharedQuery { +class ReinterpretCastUsedQuery extends ReinterpretCastUsedSharedQuery { ReinterpretCastUsedQuery() { this = BannedSyntaxPackage::reinterpretCastUsedQuery() } } diff --git a/cpp/autosar/src/rules/A6-6-1/GotoStatementUsed.ql b/cpp/autosar/src/rules/A6-6-1/GotoStatementUsed.ql index 74042c2dc2..03b891e6db 100644 --- a/cpp/autosar/src/rules/A6-6-1/GotoStatementUsed.ql +++ b/cpp/autosar/src/rules/A6-6-1/GotoStatementUsed.ql @@ -16,8 +16,8 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.gotostatementshouldnotbeused_shared.GotoStatementShouldNotBeUsed_shared +import codingstandards.cpp.rules.gotostatementshouldnotbeused.GotoStatementShouldNotBeUsed -class GotoStatementUsedQuery extends GotoStatementShouldNotBeUsed_sharedSharedQuery { +class GotoStatementUsedQuery extends GotoStatementShouldNotBeUsedSharedQuery { GotoStatementUsedQuery() { this = BannedSyntaxPackage::gotoStatementUsedQuery() } } diff --git a/cpp/autosar/src/rules/A7-2-2/EnumerationUnderlyingBaseTypeNotExplicitlyDefined.ql b/cpp/autosar/src/rules/A7-2-2/EnumerationUnderlyingBaseTypeNotExplicitlyDefined.ql index 00538a0ada..a630b51c00 100644 --- a/cpp/autosar/src/rules/A7-2-2/EnumerationUnderlyingBaseTypeNotExplicitlyDefined.ql +++ b/cpp/autosar/src/rules/A7-2-2/EnumerationUnderlyingBaseTypeNotExplicitlyDefined.ql @@ -16,10 +16,9 @@ */ import cpp -import codingstandards.cpp.autosar -import codingstandards.cpp.rules.enumerationnotdefinedwithanexplicitunderlyingtype_shared.EnumerationNotDefinedWithAnExplicitUnderlyingType_shared +import codingstandards.cpp.rules.enumerationnotdefinedwithanexplicitunderlyingtype.EnumerationNotDefinedWithAnExplicitUnderlyingType -class EnumerationUnderlyingBaseTypeNotExplicitlyDefinedQuery extends EnumerationNotDefinedWithAnExplicitUnderlyingType_sharedSharedQuery +class EnumerationUnderlyingBaseTypeNotExplicitlyDefinedQuery extends EnumerationNotDefinedWithAnExplicitUnderlyingTypeSharedQuery { EnumerationUnderlyingBaseTypeNotExplicitlyDefinedQuery() { this = DeclarationsPackage::enumerationUnderlyingBaseTypeNotExplicitlyDefinedQuery() diff --git a/cpp/autosar/src/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.ql b/cpp/autosar/src/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.ql index 56e73edce0..75cb2016b5 100644 --- a/cpp/autosar/src/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.ql +++ b/cpp/autosar/src/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.ql @@ -16,9 +16,9 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.definitionnotconsideredforunqualifiedlookup_shared.DefinitionNotConsideredForUnqualifiedLookup_shared +import codingstandards.cpp.rules.definitionnotconsideredforunqualifiedlookup.DefinitionNotConsideredForUnqualifiedLookup -class DefinitionNotConsideredForUnqualifiedLookupQuery extends DefinitionNotConsideredForUnqualifiedLookup_sharedSharedQuery +class DefinitionNotConsideredForUnqualifiedLookupQuery extends DefinitionNotConsideredForUnqualifiedLookupSharedQuery { DefinitionNotConsideredForUnqualifiedLookupQuery() { this = ScopePackage::definitionNotConsideredForUnqualifiedLookupQuery() diff --git a/cpp/autosar/src/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.ql b/cpp/autosar/src/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.ql index 76d6ac8f69..fd9602f218 100644 --- a/cpp/autosar/src/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.ql +++ b/cpp/autosar/src/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.ql @@ -15,9 +15,9 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.hiddeninheritednonoverridablememberfunction_shared.HiddenInheritedNonOverridableMemberFunction_shared +import codingstandards.cpp.rules.hiddeninheritednonoverridablememberfunction.HiddenInheritedNonOverridableMemberFunction -class HiddenInheritedNonOverridableMemberFunctionQuery extends HiddenInheritedNonOverridableMemberFunction_sharedSharedQuery +class HiddenInheritedNonOverridableMemberFunctionQuery extends HiddenInheritedNonOverridableMemberFunctionSharedQuery { HiddenInheritedNonOverridableMemberFunctionQuery() { this = ScopePackage::hiddenInheritedNonOverridableMemberFunctionQuery() diff --git a/cpp/autosar/src/rules/A7-3-1/HiddenInheritedOverridableMemberFunction.ql b/cpp/autosar/src/rules/A7-3-1/HiddenInheritedOverridableMemberFunction.ql index 4f999f160c..aa9105f9de 100644 --- a/cpp/autosar/src/rules/A7-3-1/HiddenInheritedOverridableMemberFunction.ql +++ b/cpp/autosar/src/rules/A7-3-1/HiddenInheritedOverridableMemberFunction.ql @@ -15,9 +15,9 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.hiddeninheritedoverridablememberfunction_shared.HiddenInheritedOverridableMemberFunction_shared +import codingstandards.cpp.rules.hiddeninheritedoverridablememberfunction.HiddenInheritedOverridableMemberFunction -class HiddenInheritedOverridableMemberFunctionQuery extends HiddenInheritedOverridableMemberFunction_sharedSharedQuery +class HiddenInheritedOverridableMemberFunctionQuery extends HiddenInheritedOverridableMemberFunctionSharedQuery { HiddenInheritedOverridableMemberFunctionQuery() { this = ScopePackage::hiddenInheritedOverridableMemberFunctionQuery() diff --git a/cpp/autosar/src/rules/A7-4-1/AsmDeclarationUsed.ql b/cpp/autosar/src/rules/A7-4-1/AsmDeclarationUsed.ql index 71a703e089..44489151da 100644 --- a/cpp/autosar/src/rules/A7-4-1/AsmDeclarationUsed.ql +++ b/cpp/autosar/src/rules/A7-4-1/AsmDeclarationUsed.ql @@ -15,8 +15,8 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.asmdeclarationused_shared.AsmDeclarationUsed_shared +import codingstandards.cpp.rules.asmdeclarationused.AsmDeclarationUsed -class AsmDeclarationUsedQuery extends AsmDeclarationUsed_sharedSharedQuery { +class AsmDeclarationUsedQuery extends AsmDeclarationUsedSharedQuery { AsmDeclarationUsedQuery() { this = BannedSyntaxPackage::asmDeclarationUsedQuery() } } diff --git a/cpp/autosar/src/rules/A7-5-2/RecursiveFunctions.ql b/cpp/autosar/src/rules/A7-5-2/RecursiveFunctions.ql index bf287b894d..6b305d9ca9 100644 --- a/cpp/autosar/src/rules/A7-5-2/RecursiveFunctions.ql +++ b/cpp/autosar/src/rules/A7-5-2/RecursiveFunctions.ql @@ -16,9 +16,8 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.functionscallthemselveseitherdirectlyorindirectly_shared.FunctionsCallThemselvesEitherDirectlyOrIndirectly_shared +import codingstandards.cpp.rules.functionscallthemselveseitherdirectlyorindirectly.FunctionsCallThemselvesEitherDirectlyOrIndirectly -class RecursiveFunctionsQuery extends FunctionsCallThemselvesEitherDirectlyOrIndirectly_sharedSharedQuery -{ +class RecursiveFunctionsQuery extends FunctionsCallThemselvesEitherDirectlyOrIndirectlySharedQuery { RecursiveFunctionsQuery() { this = FunctionsPackage::recursiveFunctionsQuery() } } diff --git a/cpp/autosar/src/rules/A8-5-4/ConfusingUseOfInitializerListConstructors.ql b/cpp/autosar/src/rules/A8-5-4/ConfusingUseOfInitializerListConstructors.ql index 60178e1a2f..180cbf7224 100644 --- a/cpp/autosar/src/rules/A8-5-4/ConfusingUseOfInitializerListConstructors.ql +++ b/cpp/autosar/src/rules/A8-5-4/ConfusingUseOfInitializerListConstructors.ql @@ -17,9 +17,9 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.initializerlistconstructoristheonlyconstructor_shared.InitializerListConstructorIsTheOnlyConstructor_shared +import codingstandards.cpp.rules.initializerlistconstructoristheonlyconstructor.InitializerListConstructorIsTheOnlyConstructor -class ConfusingUseOfInitializerListConstructorsQuery extends InitializerListConstructorIsTheOnlyConstructor_sharedSharedQuery +class ConfusingUseOfInitializerListConstructorsQuery extends InitializerListConstructorIsTheOnlyConstructorSharedQuery { ConfusingUseOfInitializerListConstructorsQuery() { this = InitializationPackage::confusingUseOfInitializerListConstructorsQuery() diff --git a/cpp/autosar/src/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtual.ql b/cpp/autosar/src/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtual.ql index 0f2bd30614..2e189ddd24 100644 --- a/cpp/autosar/src/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtual.ql +++ b/cpp/autosar/src/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtual.ql @@ -14,9 +14,9 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.virtualandnonvirtualclassinthehierarchy_shared.VirtualAndNonVirtualClassInTheHierarchy_shared +import codingstandards.cpp.rules.virtualandnonvirtualclassinthehierarchy.VirtualAndNonVirtualClassInTheHierarchy -class AccessibleBaseClassBothVirtualAndNonVirtualQuery extends VirtualAndNonVirtualClassInTheHierarchy_sharedSharedQuery +class AccessibleBaseClassBothVirtualAndNonVirtualQuery extends VirtualAndNonVirtualClassInTheHierarchySharedQuery { AccessibleBaseClassBothVirtualAndNonVirtualQuery() { this = InheritancePackage::accessibleBaseClassBothVirtualAndNonVirtualQuery() diff --git a/cpp/autosar/src/rules/M12-1-1/DynamicTypeOfThisUsedFromConstructorOrDestructor.ql b/cpp/autosar/src/rules/M12-1-1/DynamicTypeOfThisUsedFromConstructorOrDestructor.ql index 0f16dc6171..4b6c037aba 100644 --- a/cpp/autosar/src/rules/M12-1-1/DynamicTypeOfThisUsedFromConstructorOrDestructor.ql +++ b/cpp/autosar/src/rules/M12-1-1/DynamicTypeOfThisUsedFromConstructorOrDestructor.ql @@ -14,9 +14,9 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.objectsdynamictypeusedfromconstructorordestructor_shared.ObjectsDynamicTypeUsedFromConstructorOrDestructor_shared +import codingstandards.cpp.rules.objectsdynamictypeusedfromconstructorordestructor.ObjectsDynamicTypeUsedFromConstructorOrDestructor -class DynamicTypeOfThisUsedFromConstructorOrDestructorQuery extends ObjectsDynamicTypeUsedFromConstructorOrDestructor_sharedSharedQuery +class DynamicTypeOfThisUsedFromConstructorOrDestructorQuery extends ObjectsDynamicTypeUsedFromConstructorOrDestructorSharedQuery { DynamicTypeOfThisUsedFromConstructorOrDestructorQuery() { this = InheritancePackage::dynamicTypeOfThisUsedFromConstructorOrDestructorQuery() diff --git a/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.ql b/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.ql index 09cc806c24..486a428474 100644 --- a/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.ql +++ b/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.ql @@ -16,9 +16,9 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.namenotreferredusingaqualifiedidorthis_shared.NameNotReferredUsingAQualifiedIdOrThis_shared +import codingstandards.cpp.rules.namenotreferredusingaqualifiedidorthis.NameNotReferredUsingAQualifiedIdOrThis -class NameNotReferredUsingAQualifiedIdOrThisQuery extends NameNotReferredUsingAQualifiedIdOrThis_sharedSharedQuery +class NameNotReferredUsingAQualifiedIdOrThisQuery extends NameNotReferredUsingAQualifiedIdOrThisSharedQuery { NameNotReferredUsingAQualifiedIdOrThisQuery() { this = TemplatesPackage::nameNotReferredUsingAQualifiedIdOrThisQuery() diff --git a/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.ql b/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.ql index 313f82c0d5..ea56b841ed 100644 --- a/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.ql +++ b/cpp/autosar/src/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.ql @@ -16,9 +16,9 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.namenotreferredusingaqualifiedidorthisaudit_shared.NameNotReferredUsingAQualifiedIdOrThisAudit_shared +import codingstandards.cpp.rules.namenotreferredusingaqualifiedidorthisaudit.NameNotReferredUsingAQualifiedIdOrThisAudit -class NameNotReferredUsingAQualifiedIdOrThisAuditQuery extends NameNotReferredUsingAQualifiedIdOrThisAudit_sharedSharedQuery +class NameNotReferredUsingAQualifiedIdOrThisAuditQuery extends NameNotReferredUsingAQualifiedIdOrThisAuditSharedQuery { NameNotReferredUsingAQualifiedIdOrThisAuditQuery() { this = TemplatesPackage::nameNotReferredUsingAQualifiedIdOrThisAuditQuery() diff --git a/cpp/autosar/src/rules/M15-1-3/EmptyThrowOutsideCatch.ql b/cpp/autosar/src/rules/M15-1-3/EmptyThrowOutsideCatch.ql index d13df36fc5..9f99e7c356 100644 --- a/cpp/autosar/src/rules/M15-1-3/EmptyThrowOutsideCatch.ql +++ b/cpp/autosar/src/rules/M15-1-3/EmptyThrowOutsideCatch.ql @@ -15,8 +15,8 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.emptythrowonlywithinacatchhandler_shared.EmptyThrowOnlyWithinACatchHandler_shared +import codingstandards.cpp.rules.emptythrowonlywithinacatchhandler.EmptyThrowOnlyWithinACatchHandler -class EmptyThrowOutsideCatchQuery extends EmptyThrowOnlyWithinACatchHandler_sharedSharedQuery { +class EmptyThrowOutsideCatchQuery extends EmptyThrowOnlyWithinACatchHandlerSharedQuery { EmptyThrowOutsideCatchQuery() { this = Exceptions1Package::emptyThrowOutsideCatchQuery() } } diff --git a/cpp/autosar/src/rules/M18-2-1/MacroOffsetofUsed.ql b/cpp/autosar/src/rules/M18-2-1/MacroOffsetofUsed.ql index 5daa29bd28..cd347be44d 100644 --- a/cpp/autosar/src/rules/M18-2-1/MacroOffsetofUsed.ql +++ b/cpp/autosar/src/rules/M18-2-1/MacroOffsetofUsed.ql @@ -15,8 +15,8 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.macrooffsetofused_shared.MacroOffsetofUsed_shared +import codingstandards.cpp.rules.macrooffsetofused.MacroOffsetofUsed -class MacroOffsetofUsedQuery extends MacroOffsetofUsed_sharedSharedQuery { +class MacroOffsetofUsedQuery extends MacroOffsetofUsedSharedQuery { MacroOffsetofUsedQuery() { this = BannedFunctionsPackage::macroOffsetofUsedQuery() } } diff --git a/cpp/autosar/src/rules/M18-7-1/CsignalFunctionsUsed.ql b/cpp/autosar/src/rules/M18-7-1/CsignalFunctionsUsed.ql index 9f384e60a8..4df4715848 100644 --- a/cpp/autosar/src/rules/M18-7-1/CsignalFunctionsUsed.ql +++ b/cpp/autosar/src/rules/M18-7-1/CsignalFunctionsUsed.ql @@ -16,8 +16,8 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.csignalfunctionsused_shared.CsignalFunctionsUsed_shared +import codingstandards.cpp.rules.csignalfunctionsused.CsignalFunctionsUsed -class CsignalFunctionsUsedQuery extends CsignalFunctionsUsed_sharedSharedQuery { +class CsignalFunctionsUsedQuery extends CsignalFunctionsUsedSharedQuery { CsignalFunctionsUsedQuery() { this = BannedLibrariesPackage::csignalFunctionsUsedQuery() } } diff --git a/cpp/autosar/src/rules/M18-7-1/CsignalTypesUsed.ql b/cpp/autosar/src/rules/M18-7-1/CsignalTypesUsed.ql index cf65c25e91..89e9ca169a 100644 --- a/cpp/autosar/src/rules/M18-7-1/CsignalTypesUsed.ql +++ b/cpp/autosar/src/rules/M18-7-1/CsignalTypesUsed.ql @@ -16,8 +16,8 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.csignaltypesused_shared.CsignalTypesUsed_shared +import codingstandards.cpp.rules.csignaltypesused.CsignalTypesUsed -class CsignalTypesUsedQuery extends CsignalTypesUsed_sharedSharedQuery { +class CsignalTypesUsedQuery extends CsignalTypesUsedSharedQuery { CsignalTypesUsedQuery() { this = BannedLibrariesPackage::csignalTypesUsedQuery() } } diff --git a/cpp/autosar/src/rules/M2-13-2/UseOfNonZeroOctalLiteral.ql b/cpp/autosar/src/rules/M2-13-2/UseOfNonZeroOctalLiteral.ql index 6f82348233..b689edab6b 100644 --- a/cpp/autosar/src/rules/M2-13-2/UseOfNonZeroOctalLiteral.ql +++ b/cpp/autosar/src/rules/M2-13-2/UseOfNonZeroOctalLiteral.ql @@ -16,8 +16,8 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.useofnonzerooctalliteral_shared.UseOfNonZeroOctalLiteral_shared +import codingstandards.cpp.rules.useofnonzerooctalliteral.UseOfNonZeroOctalLiteral -class UseOfNonZeroOctalLiteralQuery extends UseOfNonZeroOctalLiteral_sharedSharedQuery { +class UseOfNonZeroOctalLiteralQuery extends UseOfNonZeroOctalLiteralSharedQuery { UseOfNonZeroOctalLiteralQuery() { this = LiteralsPackage::useOfNonZeroOctalLiteralQuery() } } diff --git a/cpp/autosar/src/rules/M2-13-3/MissingUSuffix.ql b/cpp/autosar/src/rules/M2-13-3/MissingUSuffix.ql index 95c97deab6..5bfa338864 100644 --- a/cpp/autosar/src/rules/M2-13-3/MissingUSuffix.ql +++ b/cpp/autosar/src/rules/M2-13-3/MissingUSuffix.ql @@ -18,8 +18,8 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.unsignedintegerliteralsnotappropriatelysuffixed_shared.UnsignedIntegerLiteralsNotAppropriatelySuffixed_shared +import codingstandards.cpp.rules.unsignedintegerliteralsnotappropriatelysuffixed.UnsignedIntegerLiteralsNotAppropriatelySuffixed -class MissingUSuffixQuery extends UnsignedIntegerLiteralsNotAppropriatelySuffixed_sharedSharedQuery { +class MissingUSuffixQuery extends UnsignedIntegerLiteralsNotAppropriatelySuffixedSharedQuery { MissingUSuffixQuery() { this = LiteralsPackage::missingUSuffixQuery() } } diff --git a/cpp/autosar/src/rules/M2-7-1/SlashStarUsedWithinACStyleComment.ql b/cpp/autosar/src/rules/M2-7-1/SlashStarUsedWithinACStyleComment.ql index 4d61dc8088..356a361cb1 100644 --- a/cpp/autosar/src/rules/M2-7-1/SlashStarUsedWithinACStyleComment.ql +++ b/cpp/autosar/src/rules/M2-7-1/SlashStarUsedWithinACStyleComment.ql @@ -16,9 +16,9 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.charactersequenceusedwithinacstylecomment_shared.CharacterSequenceUsedWithinACStyleComment_shared +import codingstandards.cpp.rules.charactersequenceusedwithinacstylecomment.CharacterSequenceUsedWithinACStyleComment -class SlashStarUsedWithinACStyleCommentQuery extends CharacterSequenceUsedWithinACStyleComment_sharedSharedQuery +class SlashStarUsedWithinACStyleCommentQuery extends CharacterSequenceUsedWithinACStyleCommentSharedQuery { SlashStarUsedWithinACStyleCommentQuery() { this = CommentsPackage::slashStarUsedWithinACStyleCommentQuery() diff --git a/cpp/autosar/src/rules/M27-0-1/CstdioFunctionsUsed.ql b/cpp/autosar/src/rules/M27-0-1/CstdioFunctionsUsed.ql index e5b83633e2..5656fc2edf 100644 --- a/cpp/autosar/src/rules/M27-0-1/CstdioFunctionsUsed.ql +++ b/cpp/autosar/src/rules/M27-0-1/CstdioFunctionsUsed.ql @@ -17,8 +17,8 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.cstdiofunctionsused_shared.CstdioFunctionsUsed_shared +import codingstandards.cpp.rules.cstdiofunctionsused.CstdioFunctionsUsed -class CstdioFunctionsUsedQuery extends CstdioFunctionsUsed_sharedSharedQuery { +class CstdioFunctionsUsedQuery extends CstdioFunctionsUsedSharedQuery { CstdioFunctionsUsedQuery() { this = BannedLibrariesPackage::cstdioFunctionsUsedQuery() } } diff --git a/cpp/autosar/src/rules/M27-0-1/CstdioMacrosUsed.ql b/cpp/autosar/src/rules/M27-0-1/CstdioMacrosUsed.ql index 88bb148e65..311baeb195 100644 --- a/cpp/autosar/src/rules/M27-0-1/CstdioMacrosUsed.ql +++ b/cpp/autosar/src/rules/M27-0-1/CstdioMacrosUsed.ql @@ -17,8 +17,8 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.cstdiomacrosused_shared.CstdioMacrosUsed_shared +import codingstandards.cpp.rules.cstdiomacrosused.CstdioMacrosUsed -class CstdioMacrosUsedQuery extends CstdioMacrosUsed_sharedSharedQuery { +class CstdioMacrosUsedQuery extends CstdioMacrosUsedSharedQuery { CstdioMacrosUsedQuery() { this = BannedLibrariesPackage::cstdioMacrosUsedQuery() } } diff --git a/cpp/autosar/src/rules/M27-0-1/CstdioTypesUsed.ql b/cpp/autosar/src/rules/M27-0-1/CstdioTypesUsed.ql index 82bdbe6ac2..3a1f647c22 100644 --- a/cpp/autosar/src/rules/M27-0-1/CstdioTypesUsed.ql +++ b/cpp/autosar/src/rules/M27-0-1/CstdioTypesUsed.ql @@ -17,8 +17,8 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.cstdiotypesused_shared.CstdioTypesUsed_shared +import codingstandards.cpp.rules.cstdiotypesused.CstdioTypesUsed -class CstdioTypesUsedQuery extends CstdioTypesUsed_sharedSharedQuery { +class CstdioTypesUsedQuery extends CstdioTypesUsedSharedQuery { CstdioTypesUsedQuery() { this = BannedLibrariesPackage::cstdioTypesUsedQuery() } } diff --git a/cpp/autosar/src/rules/M5-2-12/IdentifierPassedAsFunctionArgumentDecayToAPointer.ql b/cpp/autosar/src/rules/M5-2-12/IdentifierPassedAsFunctionArgumentDecayToAPointer.ql index 14fd286a44..6d1ee297a8 100644 --- a/cpp/autosar/src/rules/M5-2-12/IdentifierPassedAsFunctionArgumentDecayToAPointer.ql +++ b/cpp/autosar/src/rules/M5-2-12/IdentifierPassedAsFunctionArgumentDecayToAPointer.ql @@ -15,9 +15,9 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.arraypassedasfunctionargumentdecaytoapointer_shared.ArrayPassedAsFunctionArgumentDecayToAPointer_shared +import codingstandards.cpp.rules.arraypassedasfunctionargumentdecaytoapointer.ArrayPassedAsFunctionArgumentDecayToAPointer -class IdentifierPassedAsFunctionArgumentDecayToAPointerQuery extends ArrayPassedAsFunctionArgumentDecayToAPointer_sharedSharedQuery +class IdentifierPassedAsFunctionArgumentDecayToAPointerQuery extends ArrayPassedAsFunctionArgumentDecayToAPointerSharedQuery { IdentifierPassedAsFunctionArgumentDecayToAPointerQuery() { this = PointersPackage::identifierPassedAsFunctionArgumentDecayToAPointerQuery() diff --git a/cpp/autosar/src/rules/M5-2-6/CastNotConvertPointerToFunction.ql b/cpp/autosar/src/rules/M5-2-6/CastNotConvertPointerToFunction.ql index 50c7914b16..5a8df45ab1 100644 --- a/cpp/autosar/src/rules/M5-2-6/CastNotConvertPointerToFunction.ql +++ b/cpp/autosar/src/rules/M5-2-6/CastNotConvertPointerToFunction.ql @@ -15,9 +15,9 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.castsbetweenapointertofunctionandanyothertype_shared.CastsBetweenAPointerToFunctionAndAnyOtherType_shared +import codingstandards.cpp.rules.castsbetweenapointertofunctionandanyothertype.CastsBetweenAPointerToFunctionAndAnyOtherType -class CastNotConvertPointerToFunctionQuery extends CastsBetweenAPointerToFunctionAndAnyOtherType_sharedSharedQuery +class CastNotConvertPointerToFunctionQuery extends CastsBetweenAPointerToFunctionAndAnyOtherTypeSharedQuery { CastNotConvertPointerToFunctionQuery() { this = PointersPackage::castNotConvertPointerToFunctionQuery() diff --git a/cpp/autosar/src/rules/M5-3-2/UnaryMinusOperatorAppliedToAnUnsignedExpression.ql b/cpp/autosar/src/rules/M5-3-2/UnaryMinusOperatorAppliedToAnUnsignedExpression.ql index 0f67d4143f..cac08b5bf2 100644 --- a/cpp/autosar/src/rules/M5-3-2/UnaryMinusOperatorAppliedToAnUnsignedExpression.ql +++ b/cpp/autosar/src/rules/M5-3-2/UnaryMinusOperatorAppliedToAnUnsignedExpression.ql @@ -14,9 +14,9 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.builtinunaryoperatorappliedtounsignedexpression_shared.BuiltInUnaryOperatorAppliedToUnsignedExpression_shared +import codingstandards.cpp.rules.builtinunaryoperatorappliedtounsignedexpression.BuiltInUnaryOperatorAppliedToUnsignedExpression -class UnaryMinusOperatorAppliedToAnUnsignedExpressionQuery extends BuiltInUnaryOperatorAppliedToUnsignedExpression_sharedSharedQuery +class UnaryMinusOperatorAppliedToAnUnsignedExpressionQuery extends BuiltInUnaryOperatorAppliedToUnsignedExpressionSharedQuery { UnaryMinusOperatorAppliedToAnUnsignedExpressionQuery() { this = OperatorsPackage::unaryMinusOperatorAppliedToAnUnsignedExpressionQuery() diff --git a/cpp/autosar/src/rules/M5-3-3/UnaryOperatorOverloaded.ql b/cpp/autosar/src/rules/M5-3-3/UnaryOperatorOverloaded.ql index 216388c448..94f0bc6062 100644 --- a/cpp/autosar/src/rules/M5-3-3/UnaryOperatorOverloaded.ql +++ b/cpp/autosar/src/rules/M5-3-3/UnaryOperatorOverloaded.ql @@ -13,8 +13,8 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.addressofoperatoroverloaded_shared.AddressOfOperatorOverloaded_shared +import codingstandards.cpp.rules.addressofoperatoroverloaded.AddressOfOperatorOverloaded -class UnaryOperatorOverloadedQuery extends AddressOfOperatorOverloaded_sharedSharedQuery { +class UnaryOperatorOverloadedQuery extends AddressOfOperatorOverloadedSharedQuery { UnaryOperatorOverloadedQuery() { this = OperatorsPackage::unaryOperatorOverloadedQuery() } } diff --git a/cpp/autosar/src/rules/M6-3-1/LoopCompoundCondition.ql b/cpp/autosar/src/rules/M6-3-1/LoopCompoundCondition.ql index db71931f80..b3566a1e27 100644 --- a/cpp/autosar/src/rules/M6-3-1/LoopCompoundCondition.ql +++ b/cpp/autosar/src/rules/M6-3-1/LoopCompoundCondition.ql @@ -16,8 +16,8 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.loopcompoundcondition_shared.LoopCompoundCondition_shared +import codingstandards.cpp.rules.loopcompoundcondition.LoopCompoundCondition -class LoopCompoundConditionQuery extends LoopCompoundCondition_sharedSharedQuery { +class LoopCompoundConditionQuery extends LoopCompoundConditionSharedQuery { LoopCompoundConditionQuery() { this = ConditionalsPackage::loopCompoundConditionQuery() } } diff --git a/cpp/autosar/src/rules/M6-3-1/SwitchCompoundCondition.ql b/cpp/autosar/src/rules/M6-3-1/SwitchCompoundCondition.ql index 13e9ec067a..f550a456dc 100644 --- a/cpp/autosar/src/rules/M6-3-1/SwitchCompoundCondition.ql +++ b/cpp/autosar/src/rules/M6-3-1/SwitchCompoundCondition.ql @@ -16,8 +16,8 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.switchcompoundcondition_shared.SwitchCompoundCondition_shared +import codingstandards.cpp.rules.switchcompoundcondition.SwitchCompoundCondition -class SwitchCompoundConditionQuery extends SwitchCompoundCondition_sharedSharedQuery { +class SwitchCompoundConditionQuery extends SwitchCompoundConditionSharedQuery { SwitchCompoundConditionQuery() { this = ConditionalsPackage::switchCompoundConditionQuery() } } diff --git a/cpp/autosar/src/rules/M7-3-1/GlobalNamespaceMembershipViolation.ql b/cpp/autosar/src/rules/M7-3-1/GlobalNamespaceMembershipViolation.ql index edc09e074b..e359880027 100644 --- a/cpp/autosar/src/rules/M7-3-1/GlobalNamespaceMembershipViolation.ql +++ b/cpp/autosar/src/rules/M7-3-1/GlobalNamespaceMembershipViolation.ql @@ -16,9 +16,9 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.globalnamespacedeclarations_shared.GlobalNamespaceDeclarations_shared +import codingstandards.cpp.rules.globalnamespacedeclarations.GlobalNamespaceDeclarations -class GlobalNamespaceMembershipViolationQuery extends GlobalNamespaceDeclarations_sharedSharedQuery { +class GlobalNamespaceMembershipViolationQuery extends GlobalNamespaceDeclarationsSharedQuery { GlobalNamespaceMembershipViolationQuery() { this = ScopePackage::globalNamespaceMembershipViolationQuery() } diff --git a/cpp/autosar/src/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanGlobalMain.ql b/cpp/autosar/src/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanGlobalMain.ql index ddcc45356a..2d263f4683 100644 --- a/cpp/autosar/src/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanGlobalMain.ql +++ b/cpp/autosar/src/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanGlobalMain.ql @@ -15,9 +15,9 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.nonglobalfunctionmain_shared.NonGlobalFunctionMain_shared +import codingstandards.cpp.rules.nonglobalfunctionmain.NonGlobalFunctionMain -class IdentifierMainUsedForAFunctionOtherThanGlobalMainQuery extends NonGlobalFunctionMain_sharedSharedQuery +class IdentifierMainUsedForAFunctionOtherThanGlobalMainQuery extends NonGlobalFunctionMainSharedQuery { IdentifierMainUsedForAFunctionOtherThanGlobalMainQuery() { this = NamingPackage::identifierMainUsedForAFunctionOtherThanGlobalMainQuery() diff --git a/cpp/autosar/src/rules/M7-5-1/FunctionReturnAutomaticVarCondition.ql b/cpp/autosar/src/rules/M7-5-1/FunctionReturnAutomaticVarCondition.ql index 9fe9a0f945..cb5aa9d105 100644 --- a/cpp/autosar/src/rules/M7-5-1/FunctionReturnAutomaticVarCondition.ql +++ b/cpp/autosar/src/rules/M7-5-1/FunctionReturnAutomaticVarCondition.ql @@ -16,9 +16,9 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.returnreferenceorpointertoautomaticlocalvariable_shared.ReturnReferenceOrPointerToAutomaticLocalVariable_shared +import codingstandards.cpp.rules.returnreferenceorpointertoautomaticlocalvariable.ReturnReferenceOrPointerToAutomaticLocalVariable -class FunctionReturnAutomaticVarConditionQuery extends ReturnReferenceOrPointerToAutomaticLocalVariable_sharedSharedQuery +class FunctionReturnAutomaticVarConditionQuery extends ReturnReferenceOrPointerToAutomaticLocalVariableSharedQuery { FunctionReturnAutomaticVarConditionQuery() { this = FunctionsPackage::functionReturnAutomaticVarConditionQuery() diff --git a/cpp/autosar/src/rules/M8-0-1/MultipleGlobalOrMemberDeclarators.ql b/cpp/autosar/src/rules/M8-0-1/MultipleGlobalOrMemberDeclarators.ql index cdbc1f6baf..c615ae9d55 100644 --- a/cpp/autosar/src/rules/M8-0-1/MultipleGlobalOrMemberDeclarators.ql +++ b/cpp/autosar/src/rules/M8-0-1/MultipleGlobalOrMemberDeclarators.ql @@ -16,9 +16,9 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.multipleglobalormemberdeclarators_shared.MultipleGlobalOrMemberDeclarators_shared +import codingstandards.cpp.rules.multipleglobalormemberdeclarators.MultipleGlobalOrMemberDeclarators -class MultipleGlobalOrMemberDeclaratorsQuery extends MultipleGlobalOrMemberDeclarators_sharedSharedQuery +class MultipleGlobalOrMemberDeclaratorsQuery extends MultipleGlobalOrMemberDeclaratorsSharedQuery { MultipleGlobalOrMemberDeclaratorsQuery() { this = InitializationPackage::multipleGlobalOrMemberDeclaratorsQuery() diff --git a/cpp/autosar/src/rules/M8-0-1/MultipleLocalDeclarators.ql b/cpp/autosar/src/rules/M8-0-1/MultipleLocalDeclarators.ql index d352bc05aa..6198ab7a5a 100644 --- a/cpp/autosar/src/rules/M8-0-1/MultipleLocalDeclarators.ql +++ b/cpp/autosar/src/rules/M8-0-1/MultipleLocalDeclarators.ql @@ -16,8 +16,8 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.multiplelocaldeclarators_shared.MultipleLocalDeclarators_shared +import codingstandards.cpp.rules.multiplelocaldeclarators.MultipleLocalDeclarators -class MultipleLocalDeclaratorsQuery extends MultipleLocalDeclarators_sharedSharedQuery { +class MultipleLocalDeclaratorsQuery extends MultipleLocalDeclaratorsSharedQuery { MultipleLocalDeclaratorsQuery() { this = InitializationPackage::multipleLocalDeclaratorsQuery() } } diff --git a/cpp/autosar/src/rules/M8-3-1/VirtualFunctionParametersUseSameDefaultArguments.ql b/cpp/autosar/src/rules/M8-3-1/VirtualFunctionParametersUseSameDefaultArguments.ql index 7b306b2492..833585d096 100644 --- a/cpp/autosar/src/rules/M8-3-1/VirtualFunctionParametersUseSameDefaultArguments.ql +++ b/cpp/autosar/src/rules/M8-3-1/VirtualFunctionParametersUseSameDefaultArguments.ql @@ -16,9 +16,9 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.overridingshallspecifydifferentdefaultarguments_shared.OverridingShallSpecifyDifferentDefaultArguments_shared +import codingstandards.cpp.rules.overridingshallspecifydifferentdefaultarguments.OverridingShallSpecifyDifferentDefaultArguments -class VirtualFunctionParametersUseSameDefaultArgumentsQuery extends OverridingShallSpecifyDifferentDefaultArguments_sharedSharedQuery +class VirtualFunctionParametersUseSameDefaultArgumentsQuery extends OverridingShallSpecifyDifferentDefaultArgumentsSharedQuery { VirtualFunctionParametersUseSameDefaultArgumentsQuery() { this = VirtualFunctionsPackage::virtualFunctionParametersUseSameDefaultArgumentsQuery() diff --git a/cpp/autosar/test/rules/A12-1-1/ExplicitConstructorBaseClassInitialization.testref b/cpp/autosar/test/rules/A12-1-1/ExplicitConstructorBaseClassInitialization.testref index 1bf7e7fffb..ac8c5e1a83 100644 --- a/cpp/autosar/test/rules/A12-1-1/ExplicitConstructorBaseClassInitialization.testref +++ b/cpp/autosar/test/rules/A12-1-1/ExplicitConstructorBaseClassInitialization.testref @@ -1 +1 @@ -cpp/common/test/rules/initializeallvirtualbaseclasses_shared/InitializeAllVirtualBaseClasses_shared.ql \ No newline at end of file +cpp/common/test/rules/initializeallvirtualbaseclasses/InitializeAllVirtualBaseClasses.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A12-8-5/CopyAssignmentAndAMoveHandleSelfAssignment.testref b/cpp/autosar/test/rules/A12-8-5/CopyAssignmentAndAMoveHandleSelfAssignment.testref index 23e38dba55..65fc614121 100644 --- a/cpp/autosar/test/rules/A12-8-5/CopyAssignmentAndAMoveHandleSelfAssignment.testref +++ b/cpp/autosar/test/rules/A12-8-5/CopyAssignmentAndAMoveHandleSelfAssignment.testref @@ -1 +1 @@ -cpp/common/test/rules/copyandmoveassignmentsshallhandleselfassignment_shared/CopyAndMoveAssignmentsShallHandleSelfAssignment_shared.ql \ No newline at end of file +cpp/common/test/rules/copyandmoveassignmentsshallhandleselfassignment/CopyAndMoveAssignmentsShallHandleSelfAssignment.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A14-8-2/ExplicitSpecializationsOfFunctionTemplatesUsed.testref b/cpp/autosar/test/rules/A14-8-2/ExplicitSpecializationsOfFunctionTemplatesUsed.testref index 04c3f5a724..6a284e2cbb 100644 --- a/cpp/autosar/test/rules/A14-8-2/ExplicitSpecializationsOfFunctionTemplatesUsed.testref +++ b/cpp/autosar/test/rules/A14-8-2/ExplicitSpecializationsOfFunctionTemplatesUsed.testref @@ -1 +1 @@ -cpp/common/test/rules/functiontemplatesexplicitlyspecialized_shared/FunctionTemplatesExplicitlySpecialized_shared.ql \ No newline at end of file +cpp/common/test/rules/functiontemplatesexplicitlyspecialized/FunctionTemplatesExplicitlySpecialized.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A15-1-2/PointerExceptionObject.testref b/cpp/autosar/test/rules/A15-1-2/PointerExceptionObject.testref index 41eabfe5a6..24d4229225 100644 --- a/cpp/autosar/test/rules/A15-1-2/PointerExceptionObject.testref +++ b/cpp/autosar/test/rules/A15-1-2/PointerExceptionObject.testref @@ -1 +1 @@ -cpp/common/test/rules/exceptionobjecthavepointertype_shared/ExceptionObjectHavePointerType_shared.ql \ No newline at end of file +cpp/common/test/rules/exceptionobjecthavepointertype/ExceptionObjectHavePointerType.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A15-4-2/NoExceptFunctionThrows.testref b/cpp/autosar/test/rules/A15-4-2/NoExceptFunctionThrows.testref index 089cce1ccf..76dc55827f 100644 --- a/cpp/autosar/test/rules/A15-4-2/NoExceptFunctionThrows.testref +++ b/cpp/autosar/test/rules/A15-4-2/NoExceptFunctionThrows.testref @@ -1 +1 @@ -cpp/common/test/rules/noexceptfunctionshouldnotpropagatetothecaller_shared/NoexceptFunctionShouldNotPropagateToTheCaller_shared.ql \ No newline at end of file +cpp/common/test/rules/noexceptfunctionshouldnotpropagatetothecaller/NoexceptFunctionShouldNotPropagateToTheCaller.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A18-1-2/VectorboolSpecializationUsed.testref b/cpp/autosar/test/rules/A18-1-2/VectorboolSpecializationUsed.testref index 96d8385f5f..a934690acb 100644 --- a/cpp/autosar/test/rules/A18-1-2/VectorboolSpecializationUsed.testref +++ b/cpp/autosar/test/rules/A18-1-2/VectorboolSpecializationUsed.testref @@ -1 +1 @@ -cpp/common/test/rules/vectorshouldnotbespecializedwithbool_shared/VectorShouldNotBeSpecializedWithBool_shared.ql \ No newline at end of file +cpp/common/test/rules/vectorshouldnotbespecializedwithbool/VectorShouldNotBeSpecializedWithBool.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A18-5-4/GlobalSizedOperatorDeleteNotDefined.testref b/cpp/autosar/test/rules/A18-5-4/GlobalSizedOperatorDeleteNotDefined.testref index bd7e582a38..4d1e21d4cb 100644 --- a/cpp/autosar/test/rules/A18-5-4/GlobalSizedOperatorDeleteNotDefined.testref +++ b/cpp/autosar/test/rules/A18-5-4/GlobalSizedOperatorDeleteNotDefined.testref @@ -1 +1 @@ -cpp/common/test/rules/globalsizedoperatordeletenotdefined_shared/GlobalSizedOperatorDeleteNotDefined_shared.ql \ No newline at end of file +cpp/common/test/rules/globalsizedoperatordeletenotdefined/GlobalSizedOperatorDeleteNotDefined.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A18-5-4/GlobalUnsizedOperatorDeleteNotDefined.testref b/cpp/autosar/test/rules/A18-5-4/GlobalUnsizedOperatorDeleteNotDefined.testref index 781d037067..f2fcc2eded 100644 --- a/cpp/autosar/test/rules/A18-5-4/GlobalUnsizedOperatorDeleteNotDefined.testref +++ b/cpp/autosar/test/rules/A18-5-4/GlobalUnsizedOperatorDeleteNotDefined.testref @@ -1 +1 @@ -cpp/common/test/rules/globalunsizedoperatordeletenotdefined_shared/GlobalUnsizedOperatorDeleteNotDefined_shared.ql \ No newline at end of file +cpp/common/test/rules/globalunsizedoperatordeletenotdefined/GlobalUnsizedOperatorDeleteNotDefined.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A18-9-2/ForwardingValuesToOtherFunctions.testref b/cpp/autosar/test/rules/A18-9-2/ForwardingValuesToOtherFunctions.testref index 16fd01273f..d56acb8415 100644 --- a/cpp/autosar/test/rules/A18-9-2/ForwardingValuesToOtherFunctions.testref +++ b/cpp/autosar/test/rules/A18-9-2/ForwardingValuesToOtherFunctions.testref @@ -1 +1 @@ -cpp/common/test/rules/forwardingreferencesandforwardnotusedtogether_shared/ForwardingReferencesAndForwardNotUsedTogether_shared.ql \ No newline at end of file +cpp/common/test/rules/forwardingreferencesandforwardnotusedtogether/ForwardingReferencesAndForwardNotUsedTogether.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A2-13-1/EscapeSequenceOutsideISO.testref b/cpp/autosar/test/rules/A2-13-1/EscapeSequenceOutsideISO.testref index a257ad6ab7..924122e38e 100644 --- a/cpp/autosar/test/rules/A2-13-1/EscapeSequenceOutsideISO.testref +++ b/cpp/autosar/test/rules/A2-13-1/EscapeSequenceOutsideISO.testref @@ -1 +1 @@ -cpp/common/test/rules/backslashcharactermisuse_shared/BackslashCharacterMisuse_shared.ql \ No newline at end of file +cpp/common/test/rules/backslashcharactermisuse/BackslashCharacterMisuse.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A2-7-1/SingleLineCommentEndsWithSlash.testref b/cpp/autosar/test/rules/A2-7-1/SingleLineCommentEndsWithSlash.testref index d4f66ed35e..7874a476a0 100644 --- a/cpp/autosar/test/rules/A2-7-1/SingleLineCommentEndsWithSlash.testref +++ b/cpp/autosar/test/rules/A2-7-1/SingleLineCommentEndsWithSlash.testref @@ -1 +1 @@ -cpp/common/test/rules/linesplicingusedincomments_shared/LineSplicingUsedInComments_shared.ql \ No newline at end of file +cpp/common/test/rules/linesplicingusedincomments/LineSplicingUsedInComments.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A4-10-1/NullPointerConstantNotNullptr.testref b/cpp/autosar/test/rules/A4-10-1/NullPointerConstantNotNullptr.testref index 495d8eddba..aeb655a341 100644 --- a/cpp/autosar/test/rules/A4-10-1/NullPointerConstantNotNullptr.testref +++ b/cpp/autosar/test/rules/A4-10-1/NullPointerConstantNotNullptr.testref @@ -1 +1 @@ -cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.ql \ No newline at end of file +cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant/NullptrNotTheOnlyFormOfTheNullPointerConstant.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A5-10-1/PointerToMemberVirtualFunctionWithNullPointerConstant.testref b/cpp/autosar/test/rules/A5-10-1/PointerToMemberVirtualFunctionWithNullPointerConstant.testref index 2a9e8b2eef..ca8eab9681 100644 --- a/cpp/autosar/test/rules/A5-10-1/PointerToMemberVirtualFunctionWithNullPointerConstant.testref +++ b/cpp/autosar/test/rules/A5-10-1/PointerToMemberVirtualFunctionWithNullPointerConstant.testref @@ -1 +1 @@ -cpp/common/test/rules/potentiallyvirtualpointeronlycomparestonullptr_shared/PotentiallyVirtualPointerOnlyComparesToNullptr_shared.ql \ No newline at end of file +cpp/common/test/rules/potentiallyvirtualpointeronlycomparestonullptr/PotentiallyVirtualPointerOnlyComparesToNullptr.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A5-10-1/PotentiallyVirtualPointerOnlyComparesToNullptr.testref b/cpp/autosar/test/rules/A5-10-1/PotentiallyVirtualPointerOnlyComparesToNullptr.testref index 2a9e8b2eef..ca8eab9681 100644 --- a/cpp/autosar/test/rules/A5-10-1/PotentiallyVirtualPointerOnlyComparesToNullptr.testref +++ b/cpp/autosar/test/rules/A5-10-1/PotentiallyVirtualPointerOnlyComparesToNullptr.testref @@ -1 +1 @@ -cpp/common/test/rules/potentiallyvirtualpointeronlycomparestonullptr_shared/PotentiallyVirtualPointerOnlyComparesToNullptr_shared.ql \ No newline at end of file +cpp/common/test/rules/potentiallyvirtualpointeronlycomparestonullptr/PotentiallyVirtualPointerOnlyComparesToNullptr.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A5-10-1/VirtualPointerOnlyComparesToNullptrConstant.testref b/cpp/autosar/test/rules/A5-10-1/VirtualPointerOnlyComparesToNullptrConstant.testref index 2a9e8b2eef..ca8eab9681 100644 --- a/cpp/autosar/test/rules/A5-10-1/VirtualPointerOnlyComparesToNullptrConstant.testref +++ b/cpp/autosar/test/rules/A5-10-1/VirtualPointerOnlyComparesToNullptrConstant.testref @@ -1 +1 @@ -cpp/common/test/rules/potentiallyvirtualpointeronlycomparestonullptr_shared/PotentiallyVirtualPointerOnlyComparesToNullptr_shared.ql \ No newline at end of file +cpp/common/test/rules/potentiallyvirtualpointeronlycomparestonullptr/PotentiallyVirtualPointerOnlyComparesToNullptr.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A5-2-4/ReinterpretCastUsed.testref b/cpp/autosar/test/rules/A5-2-4/ReinterpretCastUsed.testref index a553240f19..81f18c2d9c 100644 --- a/cpp/autosar/test/rules/A5-2-4/ReinterpretCastUsed.testref +++ b/cpp/autosar/test/rules/A5-2-4/ReinterpretCastUsed.testref @@ -1 +1 @@ -cpp/common/test/rules/reinterpretcastused_shared/ReinterpretCastUsed_shared.ql \ No newline at end of file +cpp/common/test/rules/reinterpretcastused/ReinterpretCastUsed.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A6-6-1/GotoStatementUsed.testref b/cpp/autosar/test/rules/A6-6-1/GotoStatementUsed.testref index 3f2f4508b1..44d306f80c 100644 --- a/cpp/autosar/test/rules/A6-6-1/GotoStatementUsed.testref +++ b/cpp/autosar/test/rules/A6-6-1/GotoStatementUsed.testref @@ -1 +1 @@ -cpp/common/test/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.ql \ No newline at end of file +cpp/common/test/rules/gotostatementshouldnotbeused/GotoStatementShouldNotBeUsed.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.testref b/cpp/autosar/test/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.testref index 3b04b2950f..7a5ae74d2e 100644 --- a/cpp/autosar/test/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.testref +++ b/cpp/autosar/test/rules/A7-3-1/DefinitionNotConsideredForUnqualifiedLookup.testref @@ -1 +1 @@ -cpp/common/test/rules/definitionnotconsideredforunqualifiedlookup_shared/DefinitionNotConsideredForUnqualifiedLookup_shared.ql \ No newline at end of file +cpp/common/test/rules/definitionnotconsideredforunqualifiedlookup/DefinitionNotConsideredForUnqualifiedLookup.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.testref b/cpp/autosar/test/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.testref index 371b80ead3..2fb9608ee8 100644 --- a/cpp/autosar/test/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.testref +++ b/cpp/autosar/test/rules/A7-3-1/HiddenInheritedNonOverridableMemberFunction.testref @@ -1 +1 @@ -cpp/common/test/rules/hiddeninheritednonoverridablememberfunction_shared/HiddenInheritedNonOverridableMemberFunction_shared.ql \ No newline at end of file +cpp/common/test/rules/hiddeninheritednonoverridablememberfunction/HiddenInheritedNonOverridableMemberFunction.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A7-3-1/HiddenInheritedOverridableMemberFunction.testref b/cpp/autosar/test/rules/A7-3-1/HiddenInheritedOverridableMemberFunction.testref index 3fcc2ed7e7..e768ced8d3 100644 --- a/cpp/autosar/test/rules/A7-3-1/HiddenInheritedOverridableMemberFunction.testref +++ b/cpp/autosar/test/rules/A7-3-1/HiddenInheritedOverridableMemberFunction.testref @@ -1 +1 @@ -cpp/common/test/rules/hiddeninheritedoverridablememberfunction_shared/HiddenInheritedOverridableMemberFunction_shared.ql \ No newline at end of file +cpp/common/test/rules/hiddeninheritedoverridablememberfunction/HiddenInheritedOverridableMemberFunction.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A7-4-1/AsmDeclarationUsed.testref b/cpp/autosar/test/rules/A7-4-1/AsmDeclarationUsed.testref index d0a190a3eb..f643f6a9c7 100644 --- a/cpp/autosar/test/rules/A7-4-1/AsmDeclarationUsed.testref +++ b/cpp/autosar/test/rules/A7-4-1/AsmDeclarationUsed.testref @@ -1 +1 @@ -cpp/common/test/rules/asmdeclarationused_shared/AsmDeclarationUsed_shared.ql \ No newline at end of file +cpp/common/test/rules/asmdeclarationused/AsmDeclarationUsed.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A7-5-2/RecursiveFunctions.testref b/cpp/autosar/test/rules/A7-5-2/RecursiveFunctions.testref index 1ebf3d5742..f459a29bf1 100644 --- a/cpp/autosar/test/rules/A7-5-2/RecursiveFunctions.testref +++ b/cpp/autosar/test/rules/A7-5-2/RecursiveFunctions.testref @@ -1 +1 @@ -cpp/common/test/rules/functionscallthemselveseitherdirectlyorindirectly_shared/FunctionsCallThemselvesEitherDirectlyOrIndirectly_shared.ql \ No newline at end of file +cpp/common/test/rules/functionscallthemselveseitherdirectlyorindirectly/FunctionsCallThemselvesEitherDirectlyOrIndirectly.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A8-5-4/ConfusingUseOfInitializerListConstructors.testref b/cpp/autosar/test/rules/A8-5-4/ConfusingUseOfInitializerListConstructors.testref index b9075dec6f..49b73d06a9 100644 --- a/cpp/autosar/test/rules/A8-5-4/ConfusingUseOfInitializerListConstructors.testref +++ b/cpp/autosar/test/rules/A8-5-4/ConfusingUseOfInitializerListConstructors.testref @@ -1 +1 @@ -cpp/common/test/rules/initializerlistconstructoristheonlyconstructor_shared/InitializerListConstructorIsTheOnlyConstructor_shared.ql \ No newline at end of file +cpp/common/test/rules/initializerlistconstructoristheonlyconstructor/InitializerListConstructorIsTheOnlyConstructor.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtual.testref b/cpp/autosar/test/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtual.testref index 966337628d..fe57c50fe3 100644 --- a/cpp/autosar/test/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtual.testref +++ b/cpp/autosar/test/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtual.testref @@ -1 +1 @@ -cpp/common/test/rules/virtualandnonvirtualclassinthehierarchy_shared/VirtualAndNonVirtualClassInTheHierarchy_shared.ql \ No newline at end of file +cpp/common/test/rules/virtualandnonvirtualclassinthehierarchy/VirtualAndNonVirtualClassInTheHierarchy.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtualInHierarchy.testref b/cpp/autosar/test/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtualInHierarchy.testref index 966337628d..fe57c50fe3 100644 --- a/cpp/autosar/test/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtualInHierarchy.testref +++ b/cpp/autosar/test/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtualInHierarchy.testref @@ -1 +1 @@ -cpp/common/test/rules/virtualandnonvirtualclassinthehierarchy_shared/VirtualAndNonVirtualClassInTheHierarchy_shared.ql \ No newline at end of file +cpp/common/test/rules/virtualandnonvirtualclassinthehierarchy/VirtualAndNonVirtualClassInTheHierarchy.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M12-1-1/DynamicTypeOfThisUsedFromConstructorOrDestructor.testref b/cpp/autosar/test/rules/M12-1-1/DynamicTypeOfThisUsedFromConstructorOrDestructor.testref index 985c209460..596f74b010 100644 --- a/cpp/autosar/test/rules/M12-1-1/DynamicTypeOfThisUsedFromConstructorOrDestructor.testref +++ b/cpp/autosar/test/rules/M12-1-1/DynamicTypeOfThisUsedFromConstructorOrDestructor.testref @@ -1 +1 @@ -cpp/common/test/rules/objectsdynamictypeusedfromconstructorordestructor_shared/ObjectsDynamicTypeUsedFromConstructorOrDestructor_shared.ql \ No newline at end of file +cpp/common/test/rules/objectsdynamictypeusedfromconstructorordestructor/ObjectsDynamicTypeUsedFromConstructorOrDestructor.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.testref b/cpp/autosar/test/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.testref index 34df16815b..ad5590bc1f 100644 --- a/cpp/autosar/test/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.testref +++ b/cpp/autosar/test/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThis.testref @@ -1 +1 @@ -cpp/common/test/rules/namenotreferredusingaqualifiedidorthis_shared/NameNotReferredUsingAQualifiedIdOrThis_shared.ql \ No newline at end of file +cpp/common/test/rules/namenotreferredusingaqualifiedidorthis/NameNotReferredUsingAQualifiedIdOrThis.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.testref b/cpp/autosar/test/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.testref index 0bef5586dd..f7ff9100a6 100644 --- a/cpp/autosar/test/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.testref +++ b/cpp/autosar/test/rules/M14-6-1/NameNotReferredUsingAQualifiedIdOrThisAudit.testref @@ -1 +1 @@ -cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit_shared/NameNotReferredUsingAQualifiedIdOrThisAudit_shared.ql \ No newline at end of file +cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit/NameNotReferredUsingAQualifiedIdOrThisAudit.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M15-1-3/EmptyThrowOutsideCatch.testref b/cpp/autosar/test/rules/M15-1-3/EmptyThrowOutsideCatch.testref index 01a7dde1dd..f3c961d8f1 100644 --- a/cpp/autosar/test/rules/M15-1-3/EmptyThrowOutsideCatch.testref +++ b/cpp/autosar/test/rules/M15-1-3/EmptyThrowOutsideCatch.testref @@ -1 +1 @@ -cpp/common/test/rules/emptythrowonlywithinacatchhandler_shared/EmptyThrowOnlyWithinACatchHandler_shared.ql \ No newline at end of file +cpp/common/test/rules/emptythrowonlywithinacatchhandler/EmptyThrowOnlyWithinACatchHandler.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.testref b/cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.testref index f53f8d6f9f..022fef6071 100644 --- a/cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.testref +++ b/cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.testref @@ -1 +1 @@ -cpp/common/test/rules/macrooffsetofused_shared/MacroOffsetofUsed_shared.ql \ No newline at end of file +cpp/common/test/rules/macrooffsetofused/MacroOffsetofUsed.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M18-7-1/CsignalFunctionsUsed.testref b/cpp/autosar/test/rules/M18-7-1/CsignalFunctionsUsed.testref index b48ce80edb..a09406a932 100644 --- a/cpp/autosar/test/rules/M18-7-1/CsignalFunctionsUsed.testref +++ b/cpp/autosar/test/rules/M18-7-1/CsignalFunctionsUsed.testref @@ -1 +1 @@ -cpp/common/test/rules/csignalfunctionsused_shared/CsignalFunctionsUsed_shared.ql \ No newline at end of file +cpp/common/test/rules/csignalfunctionsused/CsignalFunctionsUsed.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M18-7-1/CsignalTypesUsed.testref b/cpp/autosar/test/rules/M18-7-1/CsignalTypesUsed.testref index 3ea4c7008d..3d398d799b 100644 --- a/cpp/autosar/test/rules/M18-7-1/CsignalTypesUsed.testref +++ b/cpp/autosar/test/rules/M18-7-1/CsignalTypesUsed.testref @@ -1 +1 @@ -cpp/common/test/rules/csignaltypesused_shared/CsignalTypesUsed_shared.ql \ No newline at end of file +cpp/common/test/rules/csignaltypesused/CsignalTypesUsed.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M2-13-2/UseOfNonZeroOctalLiteral.testref b/cpp/autosar/test/rules/M2-13-2/UseOfNonZeroOctalLiteral.testref index 5b23b86826..97c466a866 100644 --- a/cpp/autosar/test/rules/M2-13-2/UseOfNonZeroOctalLiteral.testref +++ b/cpp/autosar/test/rules/M2-13-2/UseOfNonZeroOctalLiteral.testref @@ -1 +1 @@ -cpp/common/test/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.ql \ No newline at end of file +cpp/common/test/rules/useofnonzerooctalliteral/UseOfNonZeroOctalLiteral.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M2-13-3/MissingUSuffix.testref b/cpp/autosar/test/rules/M2-13-3/MissingUSuffix.testref index 1a58c1eee1..9133a84ce4 100644 --- a/cpp/autosar/test/rules/M2-13-3/MissingUSuffix.testref +++ b/cpp/autosar/test/rules/M2-13-3/MissingUSuffix.testref @@ -1 +1 @@ -cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed_shared/UnsignedIntegerLiteralsNotAppropriatelySuffixed_shared.ql \ No newline at end of file +cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed/UnsignedIntegerLiteralsNotAppropriatelySuffixed.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M2-7-1/SlashStarUsedWithinACStyleComment.testref b/cpp/autosar/test/rules/M2-7-1/SlashStarUsedWithinACStyleComment.testref index 8073a976cd..971b1953f7 100644 --- a/cpp/autosar/test/rules/M2-7-1/SlashStarUsedWithinACStyleComment.testref +++ b/cpp/autosar/test/rules/M2-7-1/SlashStarUsedWithinACStyleComment.testref @@ -1 +1 @@ -cpp/common/test/rules/charactersequenceusedwithinacstylecomment_shared/CharacterSequenceUsedWithinACStyleComment_shared.ql \ No newline at end of file +cpp/common/test/rules/charactersequenceusedwithinacstylecomment/CharacterSequenceUsedWithinACStyleComment.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M27-0-1/CstdioFunctionsUsed.testref b/cpp/autosar/test/rules/M27-0-1/CstdioFunctionsUsed.testref index 595b7fcffa..5f8b3d8a9a 100644 --- a/cpp/autosar/test/rules/M27-0-1/CstdioFunctionsUsed.testref +++ b/cpp/autosar/test/rules/M27-0-1/CstdioFunctionsUsed.testref @@ -1 +1 @@ -cpp/common/test/rules/cstdiofunctionsused_shared/CstdioFunctionsUsed_shared.ql \ No newline at end of file +cpp/common/test/rules/cstdiofunctionsused/CstdioFunctionsUsed.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M27-0-1/CstdioMacrosUsed.testref b/cpp/autosar/test/rules/M27-0-1/CstdioMacrosUsed.testref index 8bc3a8fcde..a1ba376c3b 100644 --- a/cpp/autosar/test/rules/M27-0-1/CstdioMacrosUsed.testref +++ b/cpp/autosar/test/rules/M27-0-1/CstdioMacrosUsed.testref @@ -1 +1 @@ -cpp/common/test/rules/cstdiomacrosused_shared/CstdioMacrosUsed_shared.ql \ No newline at end of file +cpp/common/test/rules/cstdiomacrosused/CstdioMacrosUsed.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M27-0-1/CstdioTypesUsed.testref b/cpp/autosar/test/rules/M27-0-1/CstdioTypesUsed.testref index 4020d6427e..4c08a75cfe 100644 --- a/cpp/autosar/test/rules/M27-0-1/CstdioTypesUsed.testref +++ b/cpp/autosar/test/rules/M27-0-1/CstdioTypesUsed.testref @@ -1 +1 @@ -cpp/common/test/rules/cstdiotypesused_shared/CstdioTypesUsed_shared.ql \ No newline at end of file +cpp/common/test/rules/cstdiotypesused/CstdioTypesUsed.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M5-2-12/IdentifierPassedAsFunctionArgumentDecayToAPointer.testref b/cpp/autosar/test/rules/M5-2-12/IdentifierPassedAsFunctionArgumentDecayToAPointer.testref index 97edef0af2..06f2ec8fbb 100644 --- a/cpp/autosar/test/rules/M5-2-12/IdentifierPassedAsFunctionArgumentDecayToAPointer.testref +++ b/cpp/autosar/test/rules/M5-2-12/IdentifierPassedAsFunctionArgumentDecayToAPointer.testref @@ -1 +1 @@ -cpp/common/test/rules/arraypassedasfunctionargumentdecaytoapointer_shared/ArrayPassedAsFunctionArgumentDecayToAPointer_shared.ql \ No newline at end of file +cpp/common/test/rules/arraypassedasfunctionargumentdecaytoapointer/ArrayPassedAsFunctionArgumentDecayToAPointer.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M5-2-6/CastNotConvertPointerToFunction.testref b/cpp/autosar/test/rules/M5-2-6/CastNotConvertPointerToFunction.testref index 5eeeea570a..e7bde2ea08 100644 --- a/cpp/autosar/test/rules/M5-2-6/CastNotConvertPointerToFunction.testref +++ b/cpp/autosar/test/rules/M5-2-6/CastNotConvertPointerToFunction.testref @@ -1 +1 @@ -cpp/common/test/rules/castsbetweenapointertofunctionandanyothertype_shared/CastsBetweenAPointerToFunctionAndAnyOtherType_shared.ql \ No newline at end of file +cpp/common/test/rules/castsbetweenapointertofunctionandanyothertype/CastsBetweenAPointerToFunctionAndAnyOtherType.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M5-3-2/UnaryMinusOperatorAppliedToAnUnsignedExpression.testref b/cpp/autosar/test/rules/M5-3-2/UnaryMinusOperatorAppliedToAnUnsignedExpression.testref index 48a20b03f1..bd12c39fbd 100644 --- a/cpp/autosar/test/rules/M5-3-2/UnaryMinusOperatorAppliedToAnUnsignedExpression.testref +++ b/cpp/autosar/test/rules/M5-3-2/UnaryMinusOperatorAppliedToAnUnsignedExpression.testref @@ -1 +1 @@ -cpp/common/test/rules/builtinunaryoperatorappliedtounsignedexpression_shared/BuiltInUnaryOperatorAppliedToUnsignedExpression_shared.ql \ No newline at end of file +cpp/common/test/rules/builtinunaryoperatorappliedtounsignedexpression/BuiltInUnaryOperatorAppliedToUnsignedExpression.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M5-3-3/UnaryOperatorOverloaded.testref b/cpp/autosar/test/rules/M5-3-3/UnaryOperatorOverloaded.testref index f9c1d69467..1f2a126671 100644 --- a/cpp/autosar/test/rules/M5-3-3/UnaryOperatorOverloaded.testref +++ b/cpp/autosar/test/rules/M5-3-3/UnaryOperatorOverloaded.testref @@ -1 +1 @@ -cpp/common/test/rules/addressofoperatoroverloaded_shared/AddressOfOperatorOverloaded_shared.ql \ No newline at end of file +cpp/common/test/rules/addressofoperatoroverloaded/AddressOfOperatorOverloaded.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M6-3-1/LoopCompoundCondition.testref b/cpp/autosar/test/rules/M6-3-1/LoopCompoundCondition.testref index e301b04020..84dc7caf76 100644 --- a/cpp/autosar/test/rules/M6-3-1/LoopCompoundCondition.testref +++ b/cpp/autosar/test/rules/M6-3-1/LoopCompoundCondition.testref @@ -1 +1 @@ -cpp/common/test/rules/loopcompoundcondition_shared/LoopCompoundCondition_shared.ql \ No newline at end of file +cpp/common/test/rules/loopcompoundcondition/LoopCompoundCondition.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M6-3-1/SwitchCompoundCondition.testref b/cpp/autosar/test/rules/M6-3-1/SwitchCompoundCondition.testref index e48ef207a0..f02b02ba85 100644 --- a/cpp/autosar/test/rules/M6-3-1/SwitchCompoundCondition.testref +++ b/cpp/autosar/test/rules/M6-3-1/SwitchCompoundCondition.testref @@ -1 +1 @@ -cpp/common/test/rules/switchcompoundcondition_shared/SwitchCompoundCondition_shared.ql \ No newline at end of file +cpp/common/test/rules/switchcompoundcondition/SwitchCompoundCondition.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M7-3-1/GlobalNamespaceMembershipViolation.testref b/cpp/autosar/test/rules/M7-3-1/GlobalNamespaceMembershipViolation.testref index 93764c480e..8f71738005 100644 --- a/cpp/autosar/test/rules/M7-3-1/GlobalNamespaceMembershipViolation.testref +++ b/cpp/autosar/test/rules/M7-3-1/GlobalNamespaceMembershipViolation.testref @@ -1 +1 @@ -cpp/common/test/rules/globalnamespacedeclarations_shared/GlobalNamespaceDeclarations_shared.ql \ No newline at end of file +cpp/common/test/rules/globalnamespacedeclarations/GlobalNamespaceDeclarations.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanGlobalMain.testref b/cpp/autosar/test/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanGlobalMain.testref index 528412284f..e149f3a33b 100644 --- a/cpp/autosar/test/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanGlobalMain.testref +++ b/cpp/autosar/test/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanGlobalMain.testref @@ -1 +1 @@ -cpp/common/test/rules/nonglobalfunctionmain_shared/NonGlobalFunctionMain_shared.ql \ No newline at end of file +cpp/common/test/rules/nonglobalfunctionmain/NonGlobalFunctionMain.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMain.testref b/cpp/autosar/test/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMain.testref index 528412284f..e149f3a33b 100644 --- a/cpp/autosar/test/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMain.testref +++ b/cpp/autosar/test/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMain.testref @@ -1 +1 @@ -cpp/common/test/rules/nonglobalfunctionmain_shared/NonGlobalFunctionMain_shared.ql \ No newline at end of file +cpp/common/test/rules/nonglobalfunctionmain/NonGlobalFunctionMain.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M7-5-1/FunctionReturnAutomaticVarCondition.testref b/cpp/autosar/test/rules/M7-5-1/FunctionReturnAutomaticVarCondition.testref index 676e414381..45dbffde00 100644 --- a/cpp/autosar/test/rules/M7-5-1/FunctionReturnAutomaticVarCondition.testref +++ b/cpp/autosar/test/rules/M7-5-1/FunctionReturnAutomaticVarCondition.testref @@ -1 +1 @@ -cpp/common/test/rules/returnreferenceorpointertoautomaticlocalvariable_shared/ReturnReferenceOrPointerToAutomaticLocalVariable_shared.ql \ No newline at end of file +cpp/common/test/rules/returnreferenceorpointertoautomaticlocalvariable/ReturnReferenceOrPointerToAutomaticLocalVariable.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M8-0-1/MultipleGlobalOrMemberDeclarators.testref b/cpp/autosar/test/rules/M8-0-1/MultipleGlobalOrMemberDeclarators.testref index b848fce94f..434cb47456 100644 --- a/cpp/autosar/test/rules/M8-0-1/MultipleGlobalOrMemberDeclarators.testref +++ b/cpp/autosar/test/rules/M8-0-1/MultipleGlobalOrMemberDeclarators.testref @@ -1 +1 @@ -cpp/common/test/rules/multipleglobalormemberdeclarators_shared/MultipleGlobalOrMemberDeclarators_shared.ql \ No newline at end of file +cpp/common/test/rules/multipleglobalormemberdeclarators/MultipleGlobalOrMemberDeclarators.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M8-0-1/MultipleLocalDeclarators.testref b/cpp/autosar/test/rules/M8-0-1/MultipleLocalDeclarators.testref index 2d7784cea0..be7c9ac352 100644 --- a/cpp/autosar/test/rules/M8-0-1/MultipleLocalDeclarators.testref +++ b/cpp/autosar/test/rules/M8-0-1/MultipleLocalDeclarators.testref @@ -1 +1 @@ -cpp/common/test/rules/multiplelocaldeclarators_shared/MultipleLocalDeclarators_shared.ql \ No newline at end of file +cpp/common/test/rules/multiplelocaldeclarators/MultipleLocalDeclarators.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M8-3-1/VirtualFunctionParametersUseSameDefaultArguments.testref b/cpp/autosar/test/rules/M8-3-1/VirtualFunctionParametersUseSameDefaultArguments.testref index c89e908ada..7e06403515 100644 --- a/cpp/autosar/test/rules/M8-3-1/VirtualFunctionParametersUseSameDefaultArguments.testref +++ b/cpp/autosar/test/rules/M8-3-1/VirtualFunctionParametersUseSameDefaultArguments.testref @@ -1 +1 @@ -cpp/common/test/rules/overridingshallspecifydifferentdefaultarguments_shared/OverridingShallSpecifyDifferentDefaultArguments_shared.ql \ No newline at end of file +cpp/common/test/rules/overridingshallspecifydifferentdefaultarguments/OverridingShallSpecifyDifferentDefaultArguments.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M8-3-1/VirtualFunctionParametersUseTheSameDefaultArguments.testref b/cpp/autosar/test/rules/M8-3-1/VirtualFunctionParametersUseTheSameDefaultArguments.testref index c89e908ada..7e06403515 100644 --- a/cpp/autosar/test/rules/M8-3-1/VirtualFunctionParametersUseTheSameDefaultArguments.testref +++ b/cpp/autosar/test/rules/M8-3-1/VirtualFunctionParametersUseTheSameDefaultArguments.testref @@ -1 +1 @@ -cpp/common/test/rules/overridingshallspecifydifferentdefaultarguments_shared/OverridingShallSpecifyDifferentDefaultArguments_shared.ql \ No newline at end of file +cpp/common/test/rules/overridingshallspecifydifferentdefaultarguments/OverridingShallSpecifyDifferentDefaultArguments.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M9-6-4/NamedBitFieldsWithSignedIntegerTypeShallHaveALengthOfMoreThanOneBit.testref b/cpp/autosar/test/rules/M9-6-4/NamedBitFieldsWithSignedIntegerTypeShallHaveALengthOfMoreThanOneBit.testref index a2543b0769..5dd7991a37 100644 --- a/cpp/autosar/test/rules/M9-6-4/NamedBitFieldsWithSignedIntegerTypeShallHaveALengthOfMoreThanOneBit.testref +++ b/cpp/autosar/test/rules/M9-6-4/NamedBitFieldsWithSignedIntegerTypeShallHaveALengthOfMoreThanOneBit.testref @@ -1 +1 @@ -cpp/common/test/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.ql \ No newline at end of file +cpp/common/test/rules/namedbitfieldswithsignedintegertype/NamedBitFieldsWithSignedIntegerType.ql \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/rules/addressofoperatoroverloaded_shared/AddressOfOperatorOverloaded_shared.qll b/cpp/common/src/codingstandards/cpp/rules/addressofoperatoroverloaded/AddressOfOperatorOverloaded.qll similarity index 62% rename from cpp/common/src/codingstandards/cpp/rules/addressofoperatoroverloaded_shared/AddressOfOperatorOverloaded_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/addressofoperatoroverloaded/AddressOfOperatorOverloaded.qll index f210e2aab5..603a75bd01 100644 --- a/cpp/common/src/codingstandards/cpp/rules/addressofoperatoroverloaded_shared/AddressOfOperatorOverloaded_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/addressofoperatoroverloaded/AddressOfOperatorOverloaded.qll @@ -1,5 +1,6 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * The address-of operator shall not be overloaded. */ import cpp @@ -7,9 +8,9 @@ import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.Operator -abstract class AddressOfOperatorOverloaded_sharedSharedQuery extends Query { } +abstract class AddressOfOperatorOverloadedSharedQuery extends Query { } -Query getQuery() { result instanceof AddressOfOperatorOverloaded_sharedSharedQuery } +Query getQuery() { result instanceof AddressOfOperatorOverloadedSharedQuery } query predicate problems(UnaryAddressOfOperator e, string message) { not isExcluded(e, getQuery()) and message = "The unary & operator overloaded." diff --git a/cpp/common/src/codingstandards/cpp/rules/amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.qll b/cpp/common/src/codingstandards/cpp/rules/amixedusemacroargumentsubjecttoexpansion/AMixedUseMacroArgumentSubjectToExpansion.qll similarity index 80% rename from cpp/common/src/codingstandards/cpp/rules/amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/amixedusemacroargumentsubjecttoexpansion/AMixedUseMacroArgumentSubjectToExpansion.qll index bf2ff2fbae..da17706f54 100644 --- a/cpp/common/src/codingstandards/cpp/rules/amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/amixedusemacroargumentsubjecttoexpansion/AMixedUseMacroArgumentSubjectToExpansion.qll @@ -1,5 +1,7 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * The argument to a mixed-use macro parameter shall not be subject to further + * expansion. */ import cpp @@ -7,9 +9,9 @@ import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.Macro -abstract class AMixedUseMacroArgumentSubjectToExpansion_sharedSharedQuery extends Query { } +abstract class AMixedUseMacroArgumentSubjectToExpansionSharedQuery extends Query { } -Query getQuery() { result instanceof AMixedUseMacroArgumentSubjectToExpansion_sharedSharedQuery } +Query getQuery() { result instanceof AMixedUseMacroArgumentSubjectToExpansionSharedQuery } query predicate problems(FunctionLikeMacro m, string message) { exists(MacroInvocation mi, int i, string expanded, string param | diff --git a/cpp/common/src/codingstandards/cpp/rules/arraypassedasfunctionargumentdecaytoapointer_shared/ArrayPassedAsFunctionArgumentDecayToAPointer_shared.qll b/cpp/common/src/codingstandards/cpp/rules/arraypassedasfunctionargumentdecaytoapointer/ArrayPassedAsFunctionArgumentDecayToAPointer.qll similarity index 86% rename from cpp/common/src/codingstandards/cpp/rules/arraypassedasfunctionargumentdecaytoapointer_shared/ArrayPassedAsFunctionArgumentDecayToAPointer_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/arraypassedasfunctionargumentdecaytoapointer/ArrayPassedAsFunctionArgumentDecayToAPointer.qll index fa61d89aea..675bb1d85f 100644 --- a/cpp/common/src/codingstandards/cpp/rules/arraypassedasfunctionargumentdecaytoapointer_shared/ArrayPassedAsFunctionArgumentDecayToAPointer_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/arraypassedasfunctionargumentdecaytoapointer/ArrayPassedAsFunctionArgumentDecayToAPointer.qll @@ -1,15 +1,16 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * An array passed as a function argument shall not decay to a pointer. */ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -abstract class ArrayPassedAsFunctionArgumentDecayToAPointer_sharedSharedQuery extends Query { } +abstract class ArrayPassedAsFunctionArgumentDecayToAPointerSharedQuery extends Query { } Query getQuery() { - result instanceof ArrayPassedAsFunctionArgumentDecayToAPointer_sharedSharedQuery + result instanceof ArrayPassedAsFunctionArgumentDecayToAPointerSharedQuery } predicate arrayToPointerDecay(Access ae, Parameter p) { diff --git a/cpp/common/src/codingstandards/cpp/rules/asmdeclarationused/AsmDeclarationUsed.qll b/cpp/common/src/codingstandards/cpp/rules/asmdeclarationused/AsmDeclarationUsed.qll new file mode 100644 index 0000000000..c6748683da --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/asmdeclarationused/AsmDeclarationUsed.qll @@ -0,0 +1,16 @@ +/** + * Provides a library with a `problems` predicate for the following issue: + * The asm declaration shall not be used. + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class AsmDeclarationUsedSharedQuery extends Query { } + +Query getQuery() { result instanceof AsmDeclarationUsedSharedQuery } + +query predicate problems(AsmStmt e, string message) { + not isExcluded(e, getQuery()) and message = "Use of asm declaration" +} diff --git a/cpp/common/src/codingstandards/cpp/rules/asmdeclarationused_shared/AsmDeclarationUsed_shared.qll b/cpp/common/src/codingstandards/cpp/rules/asmdeclarationused_shared/AsmDeclarationUsed_shared.qll deleted file mode 100644 index cce1de8cee..0000000000 --- a/cpp/common/src/codingstandards/cpp/rules/asmdeclarationused_shared/AsmDeclarationUsed_shared.qll +++ /dev/null @@ -1,15 +0,0 @@ -/** - * Provides a library which includes a `problems` predicate for reporting.... - */ - -import cpp -import codingstandards.cpp.Customizations -import codingstandards.cpp.Exclusions - -abstract class AsmDeclarationUsed_sharedSharedQuery extends Query { } - -Query getQuery() { result instanceof AsmDeclarationUsed_sharedSharedQuery } - -query predicate problems(AsmStmt e, string message) { - not isExcluded(e, getQuery()) and message = "Use of asm declaration" -} diff --git a/cpp/common/src/codingstandards/cpp/rules/atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.qll b/cpp/common/src/codingstandards/cpp/rules/atofatoiatolandatollused/AtofAtoiAtolAndAtollUsed.qll similarity index 60% rename from cpp/common/src/codingstandards/cpp/rules/atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/atofatoiatolandatollused/AtofAtoiAtolAndAtollUsed.qll index a187b586b1..295e346913 100644 --- a/cpp/common/src/codingstandards/cpp/rules/atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/atofatoiatolandatollused/AtofAtoiAtolAndAtollUsed.qll @@ -1,5 +1,6 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * The library functions atof, atoi, atol and atoll from shall not be used. */ import cpp @@ -8,9 +9,9 @@ import codingstandards.cpp.Exclusions private string atoi() { result = ["atof", "atoi", "atol", "atoll"] } -abstract class AtofAtoiAtolAndAtollUsed_sharedSharedQuery extends Query { } +abstract class AtofAtoiAtolAndAtollUsedSharedQuery extends Query { } -Query getQuery() { result instanceof AtofAtoiAtolAndAtollUsed_sharedSharedQuery } +Query getQuery() { result instanceof AtofAtoiAtolAndAtollUsedSharedQuery } query predicate problems(FunctionCall fc, string message) { exists(Function f | diff --git a/cpp/common/src/codingstandards/cpp/rules/backslashcharactermisuse_shared/BackslashCharacterMisuse_shared.qll b/cpp/common/src/codingstandards/cpp/rules/backslashcharactermisuse/BackslashCharacterMisuse.qll similarity index 56% rename from cpp/common/src/codingstandards/cpp/rules/backslashcharactermisuse_shared/BackslashCharacterMisuse_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/backslashcharactermisuse/BackslashCharacterMisuse.qll index ffad0f540b..34cb93fb39 100644 --- a/cpp/common/src/codingstandards/cpp/rules/backslashcharactermisuse_shared/BackslashCharacterMisuse_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/backslashcharactermisuse/BackslashCharacterMisuse.qll @@ -1,14 +1,16 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * In character literals and non-raw string literals, \ shall only be used to form a + * defined escape sequence or universal character name. */ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -abstract class BackslashCharacterMisuse_sharedSharedQuery extends Query { } +abstract class BackslashCharacterMisuseSharedQuery extends Query { } -Query getQuery() { result instanceof BackslashCharacterMisuse_sharedSharedQuery } +Query getQuery() { result instanceof BackslashCharacterMisuseSharedQuery } query predicate problems(StringLiteral l, string message) { exists(string es | diff --git a/cpp/common/src/codingstandards/cpp/rules/bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.qll b/cpp/common/src/codingstandards/cpp/rules/bitfieldshallhaveanappropriatetype/BitFieldShallHaveAnAppropriateType.qll similarity index 82% rename from cpp/common/src/codingstandards/cpp/rules/bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/bitfieldshallhaveanappropriatetype/BitFieldShallHaveAnAppropriateType.qll index 766913db58..27048b2d25 100644 --- a/cpp/common/src/codingstandards/cpp/rules/bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/bitfieldshallhaveanappropriatetype/BitFieldShallHaveAnAppropriateType.qll @@ -1,5 +1,6 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * A bit-field shall have an appropriate type. */ import cpp @@ -7,9 +8,9 @@ import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.Compiler -abstract class BitFieldShallHaveAnAppropriateType_sharedSharedQuery extends Query { } +abstract class BitFieldShallHaveAnAppropriateTypeSharedQuery extends Query { } -Query getQuery() { result instanceof BitFieldShallHaveAnAppropriateType_sharedSharedQuery } +Query getQuery() { result instanceof BitFieldShallHaveAnAppropriateTypeSharedQuery } Type getSupportedBitFieldType(Compiler compiler) { compiler instanceof UnsupportedCompiler and diff --git a/cpp/common/src/codingstandards/cpp/rules/builtinunaryoperatorappliedtounsignedexpression_shared/BuiltInUnaryOperatorAppliedToUnsignedExpression_shared.qll b/cpp/common/src/codingstandards/cpp/rules/builtinunaryoperatorappliedtounsignedexpression/BuiltInUnaryOperatorAppliedToUnsignedExpression.qll similarity index 69% rename from cpp/common/src/codingstandards/cpp/rules/builtinunaryoperatorappliedtounsignedexpression_shared/BuiltInUnaryOperatorAppliedToUnsignedExpression_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/builtinunaryoperatorappliedtounsignedexpression/BuiltInUnaryOperatorAppliedToUnsignedExpression.qll index a1e7d5b490..e704617a16 100644 --- a/cpp/common/src/codingstandards/cpp/rules/builtinunaryoperatorappliedtounsignedexpression_shared/BuiltInUnaryOperatorAppliedToUnsignedExpression_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/builtinunaryoperatorappliedtounsignedexpression/BuiltInUnaryOperatorAppliedToUnsignedExpression.qll @@ -1,15 +1,17 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * The built-in unary - operator should not be applied to an expression of unsigned + * type. */ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -abstract class BuiltInUnaryOperatorAppliedToUnsignedExpression_sharedSharedQuery extends Query { } +abstract class BuiltInUnaryOperatorAppliedToUnsignedExpressionSharedQuery extends Query { } Query getQuery() { - result instanceof BuiltInUnaryOperatorAppliedToUnsignedExpression_sharedSharedQuery + result instanceof BuiltInUnaryOperatorAppliedToUnsignedExpressionSharedQuery } query predicate problems(Element e, string message) { diff --git a/cpp/common/src/codingstandards/cpp/rules/castsbetweenapointertofunctionandanyothertype_shared/CastsBetweenAPointerToFunctionAndAnyOtherType_shared.qll b/cpp/common/src/codingstandards/cpp/rules/castsbetweenapointertofunctionandanyothertype/CastsBetweenAPointerToFunctionAndAnyOtherType.qll similarity index 63% rename from cpp/common/src/codingstandards/cpp/rules/castsbetweenapointertofunctionandanyothertype_shared/CastsBetweenAPointerToFunctionAndAnyOtherType_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/castsbetweenapointertofunctionandanyothertype/CastsBetweenAPointerToFunctionAndAnyOtherType.qll index d09009cc29..f33531e371 100644 --- a/cpp/common/src/codingstandards/cpp/rules/castsbetweenapointertofunctionandanyothertype_shared/CastsBetweenAPointerToFunctionAndAnyOtherType_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/castsbetweenapointertofunctionandanyothertype/CastsBetweenAPointerToFunctionAndAnyOtherType.qll @@ -1,15 +1,16 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * Casts shall not be performed between a pointer to function and any other type. */ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -abstract class CastsBetweenAPointerToFunctionAndAnyOtherType_sharedSharedQuery extends Query { } +abstract class CastsBetweenAPointerToFunctionAndAnyOtherTypeSharedQuery extends Query { } Query getQuery() { - result instanceof CastsBetweenAPointerToFunctionAndAnyOtherType_sharedSharedQuery + result instanceof CastsBetweenAPointerToFunctionAndAnyOtherTypeSharedQuery } query predicate problems(Cast c, string message) { diff --git a/cpp/common/src/codingstandards/cpp/rules/charactersequenceusedwithinacstylecomment_shared/CharacterSequenceUsedWithinACStyleComment_shared.qll b/cpp/common/src/codingstandards/cpp/rules/charactersequenceusedwithinacstylecomment/CharacterSequenceUsedWithinACStyleComment.qll similarity index 57% rename from cpp/common/src/codingstandards/cpp/rules/charactersequenceusedwithinacstylecomment_shared/CharacterSequenceUsedWithinACStyleComment_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/charactersequenceusedwithinacstylecomment/CharacterSequenceUsedWithinACStyleComment.qll index a6719c3c4e..676b2d3030 100644 --- a/cpp/common/src/codingstandards/cpp/rules/charactersequenceusedwithinacstylecomment_shared/CharacterSequenceUsedWithinACStyleComment_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/charactersequenceusedwithinacstylecomment/CharacterSequenceUsedWithinACStyleComment.qll @@ -1,14 +1,15 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * The presence of a nested /* comment can indicate accidentally commented out code. */ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -abstract class CharacterSequenceUsedWithinACStyleComment_sharedSharedQuery extends Query { } +abstract class CharacterSequenceUsedWithinACStyleCommentSharedQuery extends Query { } -Query getQuery() { result instanceof CharacterSequenceUsedWithinACStyleComment_sharedSharedQuery } +Query getQuery() { result instanceof CharacterSequenceUsedWithinACStyleCommentSharedQuery } query predicate problems(CStyleComment c, string message) { not isExcluded(c, getQuery()) and diff --git a/cpp/common/src/codingstandards/cpp/rules/commaoperatorused/CommaOperatorUsed.qll b/cpp/common/src/codingstandards/cpp/rules/commaoperatorused/CommaOperatorUsed.qll index a6a80969b8..6985f7fc1e 100644 --- a/cpp/common/src/codingstandards/cpp/rules/commaoperatorused/CommaOperatorUsed.qll +++ b/cpp/common/src/codingstandards/cpp/rules/commaoperatorused/CommaOperatorUsed.qll @@ -1,5 +1,6 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * The comma operator shall not be used. */ import cpp diff --git a/cpp/common/src/codingstandards/cpp/rules/constlikereturnvalue/ConstLikeReturnValue.qll b/cpp/common/src/codingstandards/cpp/rules/constlikereturnvalue/ConstLikeReturnValue.qll index f4636b6b13..2f672a1181 100644 --- a/cpp/common/src/codingstandards/cpp/rules/constlikereturnvalue/ConstLikeReturnValue.qll +++ b/cpp/common/src/codingstandards/cpp/rules/constlikereturnvalue/ConstLikeReturnValue.qll @@ -1,5 +1,8 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * The pointers returned by the Standard Library functions localeconv, getenv, + * setlocale or, strerror shall only be used as if they have pointer to + * const-qualified type. */ import cpp diff --git a/cpp/common/src/codingstandards/cpp/rules/copyandmoveassignmentsshallhandleselfassignment_shared/CopyAndMoveAssignmentsShallHandleSelfAssignment_shared.qll b/cpp/common/src/codingstandards/cpp/rules/copyandmoveassignmentsshallhandleselfassignment/CopyAndMoveAssignmentsShallHandleSelfAssignment.qll similarity index 80% rename from cpp/common/src/codingstandards/cpp/rules/copyandmoveassignmentsshallhandleselfassignment_shared/CopyAndMoveAssignmentsShallHandleSelfAssignment_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/copyandmoveassignmentsshallhandleselfassignment/CopyAndMoveAssignmentsShallHandleSelfAssignment.qll index 8e8c35365d..b11db11100 100644 --- a/cpp/common/src/codingstandards/cpp/rules/copyandmoveassignmentsshallhandleselfassignment_shared/CopyAndMoveAssignmentsShallHandleSelfAssignment_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/copyandmoveassignmentsshallhandleselfassignment/CopyAndMoveAssignmentsShallHandleSelfAssignment.qll @@ -1,5 +1,7 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * User-provided copy assignment operators and move assignment operators shall handle + * self-assignment. */ import cpp @@ -7,10 +9,10 @@ import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.Operator -abstract class CopyAndMoveAssignmentsShallHandleSelfAssignment_sharedSharedQuery extends Query { } +abstract class CopyAndMoveAssignmentsShallHandleSelfAssignmentSharedQuery extends Query { } Query getQuery() { - result instanceof CopyAndMoveAssignmentsShallHandleSelfAssignment_sharedSharedQuery + result instanceof CopyAndMoveAssignmentsShallHandleSelfAssignmentSharedQuery } predicate isUserCopyOrUserMove(Operator o) { diff --git a/cpp/common/src/codingstandards/cpp/rules/csignalfunctionsused_shared/CsignalFunctionsUsed_shared.qll b/cpp/common/src/codingstandards/cpp/rules/csignalfunctionsused/CsignalFunctionsUsed.qll similarity index 57% rename from cpp/common/src/codingstandards/cpp/rules/csignalfunctionsused_shared/CsignalFunctionsUsed_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/csignalfunctionsused/CsignalFunctionsUsed.qll index 6a1e2270ff..15c71018f9 100644 --- a/cpp/common/src/codingstandards/cpp/rules/csignalfunctionsused_shared/CsignalFunctionsUsed_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/csignalfunctionsused/CsignalFunctionsUsed.qll @@ -1,14 +1,15 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * Signal handling contains implementation-defined and undefined behaviour. */ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -abstract class CsignalFunctionsUsed_sharedSharedQuery extends Query { } +abstract class CsignalFunctionsUsedSharedQuery extends Query { } -Query getQuery() { result instanceof CsignalFunctionsUsed_sharedSharedQuery } +Query getQuery() { result instanceof CsignalFunctionsUsedSharedQuery } query predicate problems(FunctionCall fc, string message) { exists(Function f | diff --git a/cpp/common/src/codingstandards/cpp/rules/csignaltypesused_shared/CsignalTypesUsed_shared.qll b/cpp/common/src/codingstandards/cpp/rules/csignaltypesused/CsignalTypesUsed.qll similarity index 57% rename from cpp/common/src/codingstandards/cpp/rules/csignaltypesused_shared/CsignalTypesUsed_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/csignaltypesused/CsignalTypesUsed.qll index 07293c9e75..21de1066f6 100644 --- a/cpp/common/src/codingstandards/cpp/rules/csignaltypesused_shared/CsignalTypesUsed_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/csignaltypesused/CsignalTypesUsed.qll @@ -1,14 +1,15 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * Signal handling contains implementation-defined and undefined behaviour. */ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -abstract class CsignalTypesUsed_sharedSharedQuery extends Query { } +abstract class CsignalTypesUsedSharedQuery extends Query { } -Query getQuery() { result instanceof CsignalTypesUsed_sharedSharedQuery } +Query getQuery() { result instanceof CsignalTypesUsedSharedQuery } query predicate problems(TypeMention tm, string message) { exists(UserType ut | diff --git a/cpp/common/src/codingstandards/cpp/rules/cstdiofunctionsused_shared/CstdioFunctionsUsed_shared.qll b/cpp/common/src/codingstandards/cpp/rules/cstdiofunctionsused/CstdioFunctionsUsed.qll similarity index 75% rename from cpp/common/src/codingstandards/cpp/rules/cstdiofunctionsused_shared/CstdioFunctionsUsed_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/cstdiofunctionsused/CstdioFunctionsUsed.qll index b89a2349a4..284997dc19 100644 --- a/cpp/common/src/codingstandards/cpp/rules/cstdiofunctionsused_shared/CstdioFunctionsUsed_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/cstdiofunctionsused/CstdioFunctionsUsed.qll @@ -1,14 +1,16 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * Streams and file I/O have a large number of unspecified, undefined, and + * implementation-defined behaviours associated with them. */ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -abstract class CstdioFunctionsUsed_sharedSharedQuery extends Query { } +abstract class CstdioFunctionsUsedSharedQuery extends Query { } -Query getQuery() { result instanceof CstdioFunctionsUsed_sharedSharedQuery } +Query getQuery() { result instanceof CstdioFunctionsUsedSharedQuery } query predicate problems(FunctionCall fc, string message) { exists(Function f | diff --git a/cpp/common/src/codingstandards/cpp/rules/cstdiomacrosused_shared/CstdioMacrosUsed_shared.qll b/cpp/common/src/codingstandards/cpp/rules/cstdiomacrosused/CstdioMacrosUsed.qll similarity index 57% rename from cpp/common/src/codingstandards/cpp/rules/cstdiomacrosused_shared/CstdioMacrosUsed_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/cstdiomacrosused/CstdioMacrosUsed.qll index 0f56127110..d610b6a166 100644 --- a/cpp/common/src/codingstandards/cpp/rules/cstdiomacrosused_shared/CstdioMacrosUsed_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/cstdiomacrosused/CstdioMacrosUsed.qll @@ -1,14 +1,16 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * Streams and file I/O have a large number of unspecified, undefined, and + * implementation-defined behaviours associated with them. */ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -abstract class CstdioMacrosUsed_sharedSharedQuery extends Query { } +abstract class CstdioMacrosUsedSharedQuery extends Query { } -Query getQuery() { result instanceof CstdioMacrosUsed_sharedSharedQuery } +Query getQuery() { result instanceof CstdioMacrosUsedSharedQuery } query predicate problems(MacroInvocation mi, string message) { not isExcluded(mi, getQuery()) and diff --git a/cpp/common/src/codingstandards/cpp/rules/cstdiotypesused_shared/CstdioTypesUsed_shared.qll b/cpp/common/src/codingstandards/cpp/rules/cstdiotypesused/CstdioTypesUsed.qll similarity index 65% rename from cpp/common/src/codingstandards/cpp/rules/cstdiotypesused_shared/CstdioTypesUsed_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/cstdiotypesused/CstdioTypesUsed.qll index f4d4529fe2..d517d78c8b 100644 --- a/cpp/common/src/codingstandards/cpp/rules/cstdiotypesused_shared/CstdioTypesUsed_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/cstdiotypesused/CstdioTypesUsed.qll @@ -1,14 +1,16 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * Streams and file I/O have a large number of unspecified, undefined, and + * implementation-defined behaviours associated with them. */ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -abstract class CstdioTypesUsed_sharedSharedQuery extends Query { } +abstract class CstdioTypesUsedSharedQuery extends Query { } -Query getQuery() { result instanceof CstdioTypesUsed_sharedSharedQuery } +Query getQuery() { result instanceof CstdioTypesUsedSharedQuery } query predicate problems(TypeMention tm, string message) { exists(UserType ut | diff --git a/cpp/common/src/codingstandards/cpp/rules/definitionnotconsideredforunqualifiedlookup_shared/DefinitionNotConsideredForUnqualifiedLookup_shared.qll b/cpp/common/src/codingstandards/cpp/rules/definitionnotconsideredforunqualifiedlookup/DefinitionNotConsideredForUnqualifiedLookup.qll similarity index 87% rename from cpp/common/src/codingstandards/cpp/rules/definitionnotconsideredforunqualifiedlookup_shared/DefinitionNotConsideredForUnqualifiedLookup_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/definitionnotconsideredforunqualifiedlookup/DefinitionNotConsideredForUnqualifiedLookup.qll index e85491f271..c2b857d600 100644 --- a/cpp/common/src/codingstandards/cpp/rules/definitionnotconsideredforunqualifiedlookup_shared/DefinitionNotConsideredForUnqualifiedLookup_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/definitionnotconsideredforunqualifiedlookup/DefinitionNotConsideredForUnqualifiedLookup.qll @@ -1,14 +1,17 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * A using declaration that makes a symbol available for unqualified lookup does not + * included definitions defined after the using declaration which can result in + * unexpected behavior. */ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -abstract class DefinitionNotConsideredForUnqualifiedLookup_sharedSharedQuery extends Query { } +abstract class DefinitionNotConsideredForUnqualifiedLookupSharedQuery extends Query { } -Query getQuery() { result instanceof DefinitionNotConsideredForUnqualifiedLookup_sharedSharedQuery } +Query getQuery() { result instanceof DefinitionNotConsideredForUnqualifiedLookupSharedQuery } /** * Holds if `functionDecl` is a possible intended target of the `usingDecl`. diff --git a/cpp/common/src/codingstandards/cpp/rules/dereferenceofnullpointer/DereferenceOfNullPointer.qll b/cpp/common/src/codingstandards/cpp/rules/dereferenceofnullpointer/DereferenceOfNullPointer.qll index 5e3328cb63..950b14df3d 100644 --- a/cpp/common/src/codingstandards/cpp/rules/dereferenceofnullpointer/DereferenceOfNullPointer.qll +++ b/cpp/common/src/codingstandards/cpp/rules/dereferenceofnullpointer/DereferenceOfNullPointer.qll @@ -1,5 +1,6 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * Dereferencing a NULL pointer leads to undefined behavior. */ import cpp diff --git a/cpp/common/src/codingstandards/cpp/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.qll b/cpp/common/src/codingstandards/cpp/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.qll index 6c39b62fec..1441b6ec97 100644 --- a/cpp/common/src/codingstandards/cpp/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.qll @@ -1,5 +1,6 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * The macro setjmp and function longjmp shall not be used. */ import cpp diff --git a/cpp/common/src/codingstandards/cpp/rules/emptythrowonlywithinacatchhandler_shared/EmptyThrowOnlyWithinACatchHandler_shared.qll b/cpp/common/src/codingstandards/cpp/rules/emptythrowonlywithinacatchhandler/EmptyThrowOnlyWithinACatchHandler.qll similarity index 57% rename from cpp/common/src/codingstandards/cpp/rules/emptythrowonlywithinacatchhandler_shared/EmptyThrowOnlyWithinACatchHandler_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/emptythrowonlywithinacatchhandler/EmptyThrowOnlyWithinACatchHandler.qll index 31669cb0dc..3dba1a3aa3 100644 --- a/cpp/common/src/codingstandards/cpp/rules/emptythrowonlywithinacatchhandler_shared/EmptyThrowOnlyWithinACatchHandler_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/emptythrowonlywithinacatchhandler/EmptyThrowOnlyWithinACatchHandler.qll @@ -1,14 +1,16 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * Empty throws with no currently handled exception can cause abrupt program + * termination. */ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -abstract class EmptyThrowOnlyWithinACatchHandler_sharedSharedQuery extends Query { } +abstract class EmptyThrowOnlyWithinACatchHandlerSharedQuery extends Query { } -Query getQuery() { result instanceof EmptyThrowOnlyWithinACatchHandler_sharedSharedQuery } +Query getQuery() { result instanceof EmptyThrowOnlyWithinACatchHandlerSharedQuery } query predicate problems(ReThrowExpr re, string message) { not isExcluded(re, getQuery()) and diff --git a/cpp/common/src/codingstandards/cpp/rules/enumerationnotdefinedwithanexplicitunderlyingtype/EnumerationNotDefinedWithAnExplicitUnderlyingType.qll b/cpp/common/src/codingstandards/cpp/rules/enumerationnotdefinedwithanexplicitunderlyingtype/EnumerationNotDefinedWithAnExplicitUnderlyingType.qll index 4c35140d00..44013997fa 100644 --- a/cpp/common/src/codingstandards/cpp/rules/enumerationnotdefinedwithanexplicitunderlyingtype/EnumerationNotDefinedWithAnExplicitUnderlyingType.qll +++ b/cpp/common/src/codingstandards/cpp/rules/enumerationnotdefinedwithanexplicitunderlyingtype/EnumerationNotDefinedWithAnExplicitUnderlyingType.qll @@ -1,5 +1,6 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * Although scoped enum will implicitly define an underlying type of int, the underlying base type of enumeration should always be explicitly defined with a type that will be large enough to store all enumerators. */ import cpp @@ -8,8 +9,12 @@ import codingstandards.cpp.Exclusions abstract class EnumerationNotDefinedWithAnExplicitUnderlyingTypeSharedQuery extends Query { } -Query getQuery() { result instanceof EnumerationNotDefinedWithAnExplicitUnderlyingTypeSharedQuery } +Query getQuery() { + result instanceof EnumerationNotDefinedWithAnExplicitUnderlyingTypeSharedQuery +} -query predicate problems(Element e, string message) { - not isExcluded(e, getQuery()) and message = "" +query predicate problems(Enum e, string message) { + not isExcluded(e, getQuery()) and + not e.hasExplicitUnderlyingType() and + message = "Base type of enumeration is not explicitly specified." } diff --git a/cpp/common/src/codingstandards/cpp/rules/enumerationnotdefinedwithanexplicitunderlyingtype_shared/EnumerationNotDefinedWithAnExplicitUnderlyingType_shared.qll b/cpp/common/src/codingstandards/cpp/rules/enumerationnotdefinedwithanexplicitunderlyingtype_shared/EnumerationNotDefinedWithAnExplicitUnderlyingType_shared.qll deleted file mode 100644 index c4c9d33f35..0000000000 --- a/cpp/common/src/codingstandards/cpp/rules/enumerationnotdefinedwithanexplicitunderlyingtype_shared/EnumerationNotDefinedWithAnExplicitUnderlyingType_shared.qll +++ /dev/null @@ -1,19 +0,0 @@ -/** - * Provides a library which includes a `problems` predicate for reporting.... - */ - -import cpp -import codingstandards.cpp.Customizations -import codingstandards.cpp.Exclusions - -abstract class EnumerationNotDefinedWithAnExplicitUnderlyingType_sharedSharedQuery extends Query { } - -Query getQuery() { - result instanceof EnumerationNotDefinedWithAnExplicitUnderlyingType_sharedSharedQuery -} - -query predicate problems(Enum e, string message) { - not isExcluded(e, getQuery()) and - not e.hasExplicitUnderlyingType() and - message = "Base type of enumeration is not explicitly specified." -} diff --git a/cpp/common/src/codingstandards/cpp/rules/exceptionobjecthavepointertype_shared/ExceptionObjectHavePointerType_shared.qll b/cpp/common/src/codingstandards/cpp/rules/exceptionobjecthavepointertype/ExceptionObjectHavePointerType.qll similarity index 65% rename from cpp/common/src/codingstandards/cpp/rules/exceptionobjecthavepointertype_shared/ExceptionObjectHavePointerType_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/exceptionobjecthavepointertype/ExceptionObjectHavePointerType.qll index f9fded32cd..1989afbc8b 100644 --- a/cpp/common/src/codingstandards/cpp/rules/exceptionobjecthavepointertype_shared/ExceptionObjectHavePointerType_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/exceptionobjecthavepointertype/ExceptionObjectHavePointerType.qll @@ -1,14 +1,16 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * Throwing an exception of pointer type can lead to use-after-free or memory leak + * issues. */ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -abstract class ExceptionObjectHavePointerType_sharedSharedQuery extends Query { } +abstract class ExceptionObjectHavePointerTypeSharedQuery extends Query { } -Query getQuery() { result instanceof ExceptionObjectHavePointerType_sharedSharedQuery } +Query getQuery() { result instanceof ExceptionObjectHavePointerTypeSharedQuery } query predicate problems(Expr thrownExpr, string message) { not isExcluded(thrownExpr, getQuery()) and diff --git a/cpp/common/src/codingstandards/cpp/rules/forwardingreferencesandforwardnotusedtogether_shared/ForwardingReferencesAndForwardNotUsedTogether_shared.qll b/cpp/common/src/codingstandards/cpp/rules/forwardingreferencesandforwardnotusedtogether/ForwardingReferencesAndForwardNotUsedTogether.qll similarity index 76% rename from cpp/common/src/codingstandards/cpp/rules/forwardingreferencesandforwardnotusedtogether_shared/ForwardingReferencesAndForwardNotUsedTogether_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/forwardingreferencesandforwardnotusedtogether/ForwardingReferencesAndForwardNotUsedTogether.qll index 71c03b6e94..eb5347816b 100644 --- a/cpp/common/src/codingstandards/cpp/rules/forwardingreferencesandforwardnotusedtogether_shared/ForwardingReferencesAndForwardNotUsedTogether_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/forwardingreferencesandforwardnotusedtogether/ForwardingReferencesAndForwardNotUsedTogether.qll @@ -1,5 +1,6 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * Forwarding references and std::forward shall be used together. */ import cpp @@ -7,10 +8,10 @@ import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.standardlibrary.Utility -abstract class ForwardingReferencesAndForwardNotUsedTogether_sharedSharedQuery extends Query { } +abstract class ForwardingReferencesAndForwardNotUsedTogetherSharedQuery extends Query { } Query getQuery() { - result instanceof ForwardingReferencesAndForwardNotUsedTogether_sharedSharedQuery + result instanceof ForwardingReferencesAndForwardNotUsedTogetherSharedQuery } query predicate problems(FunctionCall c, string message, Parameter a, string a_string) { diff --git a/cpp/common/src/codingstandards/cpp/rules/functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.qll b/cpp/common/src/codingstandards/cpp/rules/functionlikemacrosdefined/FunctionLikeMacrosDefined.qll similarity index 74% rename from cpp/common/src/codingstandards/cpp/rules/functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/functionlikemacrosdefined/FunctionLikeMacrosDefined.qll index 71b7c09a18..73e4181640 100644 --- a/cpp/common/src/codingstandards/cpp/rules/functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/functionlikemacrosdefined/FunctionLikeMacrosDefined.qll @@ -1,5 +1,6 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * Function-like macros shall not be defined. */ import cpp @@ -7,9 +8,9 @@ import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.IrreplaceableFunctionLikeMacro -abstract class FunctionLikeMacrosDefined_sharedSharedQuery extends Query { } +abstract class FunctionLikeMacrosDefinedSharedQuery extends Query { } -Query getQuery() { result instanceof FunctionLikeMacrosDefined_sharedSharedQuery } +Query getQuery() { result instanceof FunctionLikeMacrosDefinedSharedQuery } predicate partOfConstantExpr(MacroInvocation i) { exists(Expr e | diff --git a/cpp/common/src/codingstandards/cpp/rules/functionscallthemselveseitherdirectlyorindirectly_shared/FunctionsCallThemselvesEitherDirectlyOrIndirectly_shared.qll b/cpp/common/src/codingstandards/cpp/rules/functionscallthemselveseitherdirectlyorindirectly/FunctionsCallThemselvesEitherDirectlyOrIndirectly.qll similarity index 80% rename from cpp/common/src/codingstandards/cpp/rules/functionscallthemselveseitherdirectlyorindirectly_shared/FunctionsCallThemselvesEitherDirectlyOrIndirectly_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/functionscallthemselveseitherdirectlyorindirectly/FunctionsCallThemselvesEitherDirectlyOrIndirectly.qll index 18ad403ffe..4b4ec74bbb 100644 --- a/cpp/common/src/codingstandards/cpp/rules/functionscallthemselveseitherdirectlyorindirectly_shared/FunctionsCallThemselvesEitherDirectlyOrIndirectly_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/functionscallthemselveseitherdirectlyorindirectly/FunctionsCallThemselvesEitherDirectlyOrIndirectly.qll @@ -1,15 +1,17 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * Using recursive functions can lead to stack overflows and limit scalability and + * portability of the program. */ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -abstract class FunctionsCallThemselvesEitherDirectlyOrIndirectly_sharedSharedQuery extends Query { } +abstract class FunctionsCallThemselvesEitherDirectlyOrIndirectlySharedQuery extends Query { } Query getQuery() { - result instanceof FunctionsCallThemselvesEitherDirectlyOrIndirectly_sharedSharedQuery + result instanceof FunctionsCallThemselvesEitherDirectlyOrIndirectlySharedQuery } class RecursiveCall extends FunctionCall { diff --git a/cpp/common/src/codingstandards/cpp/rules/functiontemplatesexplicitlyspecialized_shared/FunctionTemplatesExplicitlySpecialized_shared.qll b/cpp/common/src/codingstandards/cpp/rules/functiontemplatesexplicitlyspecialized/FunctionTemplatesExplicitlySpecialized.qll similarity index 67% rename from cpp/common/src/codingstandards/cpp/rules/functiontemplatesexplicitlyspecialized_shared/FunctionTemplatesExplicitlySpecialized_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/functiontemplatesexplicitlyspecialized/FunctionTemplatesExplicitlySpecialized.qll index e39ab569b7..d0f98d233e 100644 --- a/cpp/common/src/codingstandards/cpp/rules/functiontemplatesexplicitlyspecialized_shared/FunctionTemplatesExplicitlySpecialized_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/functiontemplatesexplicitlyspecialized/FunctionTemplatesExplicitlySpecialized.qll @@ -1,14 +1,15 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * Function templates shall not be explicitly specialized. */ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -abstract class FunctionTemplatesExplicitlySpecialized_sharedSharedQuery extends Query { } +abstract class FunctionTemplatesExplicitlySpecializedSharedQuery extends Query { } -Query getQuery() { result instanceof FunctionTemplatesExplicitlySpecialized_sharedSharedQuery } +Query getQuery() { result instanceof FunctionTemplatesExplicitlySpecializedSharedQuery } query predicate problems( FunctionTemplateSpecialization f, string message, TemplateFunction tf, string tf_string diff --git a/cpp/common/src/codingstandards/cpp/rules/globalnamespacedeclarations_shared/GlobalNamespaceDeclarations_shared.qll b/cpp/common/src/codingstandards/cpp/rules/globalnamespacedeclarations/GlobalNamespaceDeclarations.qll similarity index 68% rename from cpp/common/src/codingstandards/cpp/rules/globalnamespacedeclarations_shared/GlobalNamespaceDeclarations_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/globalnamespacedeclarations/GlobalNamespaceDeclarations.qll index 89dee4dd8b..285ccd909a 100644 --- a/cpp/common/src/codingstandards/cpp/rules/globalnamespacedeclarations_shared/GlobalNamespaceDeclarations_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/globalnamespacedeclarations/GlobalNamespaceDeclarations.qll @@ -1,14 +1,16 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * The only declarations in the global namespace should be main, namespace declarations + * and extern "C" declarations. */ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -abstract class GlobalNamespaceDeclarations_sharedSharedQuery extends Query { } +abstract class GlobalNamespaceDeclarationsSharedQuery extends Query { } -Query getQuery() { result instanceof GlobalNamespaceDeclarations_sharedSharedQuery } +Query getQuery() { result instanceof GlobalNamespaceDeclarationsSharedQuery } query predicate problems(DeclarationEntry e, string message) { not isExcluded(e, getQuery()) and diff --git a/cpp/common/src/codingstandards/cpp/rules/globalsizedoperatordeletenotdefined_shared/GlobalSizedOperatorDeleteNotDefined_shared.qll b/cpp/common/src/codingstandards/cpp/rules/globalsizedoperatordeletenotdefined/GlobalSizedOperatorDeleteNotDefined.qll similarity index 66% rename from cpp/common/src/codingstandards/cpp/rules/globalsizedoperatordeletenotdefined_shared/GlobalSizedOperatorDeleteNotDefined_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/globalsizedoperatordeletenotdefined/GlobalSizedOperatorDeleteNotDefined.qll index 112ff0b674..c445c06253 100644 --- a/cpp/common/src/codingstandards/cpp/rules/globalsizedoperatordeletenotdefined_shared/GlobalSizedOperatorDeleteNotDefined_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/globalsizedoperatordeletenotdefined/GlobalSizedOperatorDeleteNotDefined.qll @@ -1,5 +1,7 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * If a project has the unsized version of operator 'delete' globally defined, then the + * sized version shall be defined. */ import cpp @@ -7,9 +9,9 @@ import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.OperatorDelete -abstract class GlobalSizedOperatorDeleteNotDefined_sharedSharedQuery extends Query { } +abstract class GlobalSizedOperatorDeleteNotDefinedSharedQuery extends Query { } -Query getQuery() { result instanceof GlobalSizedOperatorDeleteNotDefined_sharedSharedQuery } +Query getQuery() { result instanceof GlobalSizedOperatorDeleteNotDefinedSharedQuery } query predicate problems(OperatorDelete unsized_delete, string message) { not isExcluded(unsized_delete, getQuery()) and diff --git a/cpp/common/src/codingstandards/cpp/rules/globalunsizedoperatordeletenotdefined_shared/GlobalUnsizedOperatorDeleteNotDefined_shared.qll b/cpp/common/src/codingstandards/cpp/rules/globalunsizedoperatordeletenotdefined/GlobalUnsizedOperatorDeleteNotDefined.qll similarity index 66% rename from cpp/common/src/codingstandards/cpp/rules/globalunsizedoperatordeletenotdefined_shared/GlobalUnsizedOperatorDeleteNotDefined_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/globalunsizedoperatordeletenotdefined/GlobalUnsizedOperatorDeleteNotDefined.qll index 031b4674c5..b99887ee03 100644 --- a/cpp/common/src/codingstandards/cpp/rules/globalunsizedoperatordeletenotdefined_shared/GlobalUnsizedOperatorDeleteNotDefined_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/globalunsizedoperatordeletenotdefined/GlobalUnsizedOperatorDeleteNotDefined.qll @@ -1,5 +1,7 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * If a project has the sized version of operator 'delete' globally defined, then the + * unsized version shall be defined. */ import cpp @@ -7,9 +9,9 @@ import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.OperatorDelete -abstract class GlobalUnsizedOperatorDeleteNotDefined_sharedSharedQuery extends Query { } +abstract class GlobalUnsizedOperatorDeleteNotDefinedSharedQuery extends Query { } -Query getQuery() { result instanceof GlobalUnsizedOperatorDeleteNotDefined_sharedSharedQuery } +Query getQuery() { result instanceof GlobalUnsizedOperatorDeleteNotDefinedSharedQuery } query predicate problems(OperatorDelete sized_delete, string message) { not isExcluded(sized_delete, getQuery()) and diff --git a/cpp/common/src/codingstandards/cpp/rules/gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.qll b/cpp/common/src/codingstandards/cpp/rules/gotoreferencealabelinsurroundingblock/GotoReferenceALabelInSurroundingBlock.qll similarity index 87% rename from cpp/common/src/codingstandards/cpp/rules/gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/gotoreferencealabelinsurroundingblock/GotoReferenceALabelInSurroundingBlock.qll index 11c09e2298..f329fff12d 100644 --- a/cpp/common/src/codingstandards/cpp/rules/gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/gotoreferencealabelinsurroundingblock/GotoReferenceALabelInSurroundingBlock.qll @@ -1,14 +1,15 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * A goto statement shall reference a label in a surrounding block. */ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -abstract class GotoReferenceALabelInSurroundingBlock_sharedSharedQuery extends Query { } +abstract class GotoReferenceALabelInSurroundingBlockSharedQuery extends Query { } -Query getQuery() { result instanceof GotoReferenceALabelInSurroundingBlock_sharedSharedQuery } +Query getQuery() { result instanceof GotoReferenceALabelInSurroundingBlockSharedQuery } predicate isPartOfSwitch(Stmt goto) { exists(SwitchStmt switch | switch.getStmt() = goto.getParent()) diff --git a/cpp/common/src/codingstandards/cpp/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.qll b/cpp/common/src/codingstandards/cpp/rules/gotostatementshouldnotbeused/GotoStatementShouldNotBeUsed.qll similarity index 62% rename from cpp/common/src/codingstandards/cpp/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/gotostatementshouldnotbeused/GotoStatementShouldNotBeUsed.qll index 7ec5ddb557..6a13ea083c 100644 --- a/cpp/common/src/codingstandards/cpp/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/gotostatementshouldnotbeused/GotoStatementShouldNotBeUsed.qll @@ -1,14 +1,15 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * The goto statement shall not be used. */ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -abstract class GotoStatementShouldNotBeUsed_sharedSharedQuery extends Query { } +abstract class GotoStatementShouldNotBeUsedSharedQuery extends Query { } -Query getQuery() { result instanceof GotoStatementShouldNotBeUsed_sharedSharedQuery } +Query getQuery() { result instanceof GotoStatementShouldNotBeUsedSharedQuery } query predicate problems(Stmt s, string message) { not isExcluded(s, getQuery()) and diff --git a/cpp/common/src/codingstandards/cpp/rules/handleallexceptionsduringstartup/HandleAllExceptionsDuringStartup.qll b/cpp/common/src/codingstandards/cpp/rules/handleallexceptionsduringstartup/HandleAllExceptionsDuringStartup.qll index ccc0a23460..8d859f726d 100644 --- a/cpp/common/src/codingstandards/cpp/rules/handleallexceptionsduringstartup/HandleAllExceptionsDuringStartup.qll +++ b/cpp/common/src/codingstandards/cpp/rules/handleallexceptionsduringstartup/HandleAllExceptionsDuringStartup.qll @@ -1,5 +1,6 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * Exceptions thrown before main begins executing cannot be caught. */ import cpp diff --git a/cpp/common/src/codingstandards/cpp/rules/hiddeninheritednonoverridablememberfunction_shared/HiddenInheritedNonOverridableMemberFunction_shared.qll b/cpp/common/src/codingstandards/cpp/rules/hiddeninheritednonoverridablememberfunction/HiddenInheritedNonOverridableMemberFunction.qll similarity index 86% rename from cpp/common/src/codingstandards/cpp/rules/hiddeninheritednonoverridablememberfunction_shared/HiddenInheritedNonOverridableMemberFunction_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/hiddeninheritednonoverridablememberfunction/HiddenInheritedNonOverridableMemberFunction.qll index 080d686b9f..1c371da20c 100644 --- a/cpp/common/src/codingstandards/cpp/rules/hiddeninheritednonoverridablememberfunction_shared/HiddenInheritedNonOverridableMemberFunction_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/hiddeninheritednonoverridablememberfunction/HiddenInheritedNonOverridableMemberFunction.qll @@ -1,5 +1,7 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * A non-overriding member function definition that hides an inherited member function + * can result in unexpected behavior. */ import cpp @@ -7,9 +9,9 @@ import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.Class -abstract class HiddenInheritedNonOverridableMemberFunction_sharedSharedQuery extends Query { } +abstract class HiddenInheritedNonOverridableMemberFunctionSharedQuery extends Query { } -Query getQuery() { result instanceof HiddenInheritedNonOverridableMemberFunction_sharedSharedQuery } +Query getQuery() { result instanceof HiddenInheritedNonOverridableMemberFunctionSharedQuery } /** * Holds if the class has a non-virtual member function with the given name. diff --git a/cpp/common/src/codingstandards/cpp/rules/hiddeninheritedoverridablememberfunction_shared/HiddenInheritedOverridableMemberFunction_shared.qll b/cpp/common/src/codingstandards/cpp/rules/hiddeninheritedoverridablememberfunction/HiddenInheritedOverridableMemberFunction.qll similarity index 88% rename from cpp/common/src/codingstandards/cpp/rules/hiddeninheritedoverridablememberfunction_shared/HiddenInheritedOverridableMemberFunction_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/hiddeninheritedoverridablememberfunction/HiddenInheritedOverridableMemberFunction.qll index b41bebf6f4..ef99e01973 100644 --- a/cpp/common/src/codingstandards/cpp/rules/hiddeninheritedoverridablememberfunction_shared/HiddenInheritedOverridableMemberFunction_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/hiddeninheritedoverridablememberfunction/HiddenInheritedOverridableMemberFunction.qll @@ -1,14 +1,16 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * An overriding member function definition thats hides an overload of the overridden + * inherited member function can result in unexpected behavior. */ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -abstract class HiddenInheritedOverridableMemberFunction_sharedSharedQuery extends Query { } +abstract class HiddenInheritedOverridableMemberFunctionSharedQuery extends Query { } -Query getQuery() { result instanceof HiddenInheritedOverridableMemberFunction_sharedSharedQuery } +Query getQuery() { result instanceof HiddenInheritedOverridableMemberFunctionSharedQuery } query predicate problems( FunctionDeclarationEntry overridingDecl, string message, FunctionDeclarationEntry hiddenDecl, diff --git a/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll b/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll index dc71ba843e..9534c2f78a 100644 --- a/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll +++ b/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll @@ -1,5 +1,8 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * Use of an identifier declared in an inner scope with an identical name to an + * identifier in an outer scope can lead to inadvertent errors if the incorrect + * identifier is modified. */ import cpp diff --git a/cpp/common/src/codingstandards/cpp/rules/identifierwithexternallinkageonedefinitionshared/IdentifierWithExternalLinkageOneDefinitionShared.qll b/cpp/common/src/codingstandards/cpp/rules/identifierwithexternallinkageonedefinitionshared/IdentifierWithExternalLinkageOneDefinitionShared.qll index 17808841eb..806315b43c 100644 --- a/cpp/common/src/codingstandards/cpp/rules/identifierwithexternallinkageonedefinitionshared/IdentifierWithExternalLinkageOneDefinitionShared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/identifierwithexternallinkageonedefinitionshared/IdentifierWithExternalLinkageOneDefinitionShared.qll @@ -1,5 +1,7 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * An identifier with multiple definitions in different translation units + * leads to undefined behavior. */ import cpp diff --git a/cpp/common/src/codingstandards/cpp/rules/ifelseterminationconstruct/IfElseTerminationConstruct.qll b/cpp/common/src/codingstandards/cpp/rules/ifelseterminationconstruct/IfElseTerminationConstruct.qll index 5755ed8f38..3c6f25e151 100644 --- a/cpp/common/src/codingstandards/cpp/rules/ifelseterminationconstruct/IfElseTerminationConstruct.qll +++ b/cpp/common/src/codingstandards/cpp/rules/ifelseterminationconstruct/IfElseTerminationConstruct.qll @@ -1,5 +1,6 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * The final else statement is a defensive programming technique. */ import cpp diff --git a/cpp/common/src/codingstandards/cpp/rules/initializeallvirtualbaseclasses_shared/InitializeAllVirtualBaseClasses_shared.qll b/cpp/common/src/codingstandards/cpp/rules/initializeallvirtualbaseclasses/InitializeAllVirtualBaseClasses.qll similarity index 82% rename from cpp/common/src/codingstandards/cpp/rules/initializeallvirtualbaseclasses_shared/InitializeAllVirtualBaseClasses_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/initializeallvirtualbaseclasses/InitializeAllVirtualBaseClasses.qll index 0143a88ca7..b3cfe203ac 100644 --- a/cpp/common/src/codingstandards/cpp/rules/initializeallvirtualbaseclasses_shared/InitializeAllVirtualBaseClasses_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/initializeallvirtualbaseclasses/InitializeAllVirtualBaseClasses.qll @@ -1,5 +1,7 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * All constructors of a class should explicitly initialize all of its virtual base + * classes and immediate base classes. */ import cpp @@ -7,9 +9,9 @@ import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.Constructor -abstract class InitializeAllVirtualBaseClasses_sharedSharedQuery extends Query { } +abstract class InitializeAllVirtualBaseClassesSharedQuery extends Query { } -Query getQuery() { result instanceof InitializeAllVirtualBaseClasses_sharedSharedQuery } +Query getQuery() { result instanceof InitializeAllVirtualBaseClassesSharedQuery } query predicate problems( Constructor c, string message, Class declaringType, string declaringType_string, Class baseClass, diff --git a/cpp/common/src/codingstandards/cpp/rules/initializerlistconstructoristheonlyconstructor_shared/InitializerListConstructorIsTheOnlyConstructor_shared.qll b/cpp/common/src/codingstandards/cpp/rules/initializerlistconstructoristheonlyconstructor/InitializerListConstructorIsTheOnlyConstructor.qll similarity index 89% rename from cpp/common/src/codingstandards/cpp/rules/initializerlistconstructoristheonlyconstructor_shared/InitializerListConstructorIsTheOnlyConstructor_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/initializerlistconstructoristheonlyconstructor/InitializerListConstructorIsTheOnlyConstructor.qll index 75fd17761e..c0024b4463 100644 --- a/cpp/common/src/codingstandards/cpp/rules/initializerlistconstructoristheonlyconstructor_shared/InitializerListConstructorIsTheOnlyConstructor_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/initializerlistconstructoristheonlyconstructor/InitializerListConstructorIsTheOnlyConstructor.qll @@ -1,15 +1,17 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * A class shall only define an initializer-list constructor when it is the only + * constructor. */ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -abstract class InitializerListConstructorIsTheOnlyConstructor_sharedSharedQuery extends Query { } +abstract class InitializerListConstructorIsTheOnlyConstructorSharedQuery extends Query { } Query getQuery() { - result instanceof InitializerListConstructorIsTheOnlyConstructor_sharedSharedQuery + result instanceof InitializerListConstructorIsTheOnlyConstructorSharedQuery } class StdInitializerList extends Class { diff --git a/cpp/common/src/codingstandards/cpp/rules/linesplicingusedincomments_shared/LineSplicingUsedInComments_shared.qll b/cpp/common/src/codingstandards/cpp/rules/linesplicingusedincomments/LineSplicingUsedInComments.qll similarity index 50% rename from cpp/common/src/codingstandards/cpp/rules/linesplicingusedincomments_shared/LineSplicingUsedInComments_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/linesplicingusedincomments/LineSplicingUsedInComments.qll index 454f95b070..52dcf9a3f1 100644 --- a/cpp/common/src/codingstandards/cpp/rules/linesplicingusedincomments_shared/LineSplicingUsedInComments_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/linesplicingusedincomments/LineSplicingUsedInComments.qll @@ -1,14 +1,16 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * Entering a newline following a '\\' character can erroneously commenting out + * regions of code. */ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -abstract class LineSplicingUsedInComments_sharedSharedQuery extends Query { } +abstract class LineSplicingUsedInCommentsSharedQuery extends Query { } -Query getQuery() { result instanceof LineSplicingUsedInComments_sharedSharedQuery } +Query getQuery() { result instanceof LineSplicingUsedInCommentsSharedQuery } query predicate problems(CppStyleComment c, string message) { not isExcluded(c, getQuery()) and diff --git a/cpp/common/src/codingstandards/cpp/rules/loopcompoundcondition/LoopCompoundCondition.qll b/cpp/common/src/codingstandards/cpp/rules/loopcompoundcondition/LoopCompoundCondition.qll new file mode 100644 index 0000000000..b71c193c8e --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/loopcompoundcondition/LoopCompoundCondition.qll @@ -0,0 +1,19 @@ +/** + * Provides a library with a `problems` predicate for the following issue: + * If the body of a loop is not enclosed in braces, then this can lead to incorrect + * execution, and hard for developers to maintain. + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class LoopCompoundConditionSharedQuery extends Query { } + +Query getQuery() { result instanceof LoopCompoundConditionSharedQuery } + +query predicate problems(Loop loop, string message) { + not isExcluded(loop, getQuery()) and + not loop.getStmt() instanceof BlockStmt and + message = "Loop body not enclosed within braces." +} diff --git a/cpp/common/src/codingstandards/cpp/rules/loopcompoundcondition_shared/LoopCompoundCondition_shared.qll b/cpp/common/src/codingstandards/cpp/rules/loopcompoundcondition_shared/LoopCompoundCondition_shared.qll deleted file mode 100644 index 14fee7001e..0000000000 --- a/cpp/common/src/codingstandards/cpp/rules/loopcompoundcondition_shared/LoopCompoundCondition_shared.qll +++ /dev/null @@ -1,17 +0,0 @@ -/** - * Provides a library which includes a `problems` predicate for reporting.... - */ - -import cpp -import codingstandards.cpp.Customizations -import codingstandards.cpp.Exclusions - -abstract class LoopCompoundCondition_sharedSharedQuery extends Query { } - -Query getQuery() { result instanceof LoopCompoundCondition_sharedSharedQuery } - -query predicate problems(Loop loop, string message) { - not isExcluded(loop, getQuery()) and - not loop.getStmt() instanceof BlockStmt and - message = "Loop body not enclosed within braces." -} diff --git a/cpp/common/src/codingstandards/cpp/rules/lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.qll b/cpp/common/src/codingstandards/cpp/rules/lowercaselstartsinliteralsuffix/LowercaseLStartsInLiteralSuffix.qll similarity index 60% rename from cpp/common/src/codingstandards/cpp/rules/lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/lowercaselstartsinliteralsuffix/LowercaseLStartsInLiteralSuffix.qll index 6316367c0d..b12cddba0b 100644 --- a/cpp/common/src/codingstandards/cpp/rules/lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/lowercaselstartsinliteralsuffix/LowercaseLStartsInLiteralSuffix.qll @@ -1,5 +1,7 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * The lowercase form of L shall not be used as the first character in a literal + * suffix. */ import cpp @@ -7,9 +9,9 @@ import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.Literals -abstract class LowercaseLStartsInLiteralSuffix_sharedSharedQuery extends Query { } +abstract class LowercaseLStartsInLiteralSuffixSharedQuery extends Query { } -Query getQuery() { result instanceof LowercaseLStartsInLiteralSuffix_sharedSharedQuery } +Query getQuery() { result instanceof LowercaseLStartsInLiteralSuffixSharedQuery } query predicate problems(IntegerLiteral l, string message) { not isExcluded(l, getQuery()) and diff --git a/cpp/common/src/codingstandards/cpp/rules/macrooffsetofused_shared/MacroOffsetofUsed_shared.qll b/cpp/common/src/codingstandards/cpp/rules/macrooffsetofused/MacroOffsetofUsed.qll similarity index 55% rename from cpp/common/src/codingstandards/cpp/rules/macrooffsetofused_shared/MacroOffsetofUsed_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/macrooffsetofused/MacroOffsetofUsed.qll index 090238a1de..b475dc655e 100644 --- a/cpp/common/src/codingstandards/cpp/rules/macrooffsetofused_shared/MacroOffsetofUsed_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/macrooffsetofused/MacroOffsetofUsed.qll @@ -1,14 +1,15 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * The macro offsetof shall not be used. */ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -abstract class MacroOffsetofUsed_sharedSharedQuery extends Query { } +abstract class MacroOffsetofUsedSharedQuery extends Query { } -Query getQuery() { result instanceof MacroOffsetofUsed_sharedSharedQuery } +Query getQuery() { result instanceof MacroOffsetofUsedSharedQuery } query predicate problems(MacroInvocation mi, string message) { not isExcluded(mi, getQuery()) and diff --git a/cpp/common/src/codingstandards/cpp/rules/macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.qll b/cpp/common/src/codingstandards/cpp/rules/macroparameterfollowinghash/MacroParameterFollowingHash.qll similarity index 66% rename from cpp/common/src/codingstandards/cpp/rules/macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/macroparameterfollowinghash/MacroParameterFollowingHash.qll index 4eaf97123a..ae20368e67 100644 --- a/cpp/common/src/codingstandards/cpp/rules/macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/macroparameterfollowinghash/MacroParameterFollowingHash.qll @@ -1,5 +1,7 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * A macro parameter immediately following a # operator shall not be immediately + * followed by a ## operator. */ import cpp @@ -7,9 +9,9 @@ import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.Macro -abstract class MacroParameterFollowingHash_sharedSharedQuery extends Query { } +abstract class MacroParameterFollowingHashSharedQuery extends Query { } -Query getQuery() { result instanceof MacroParameterFollowingHash_sharedSharedQuery } +Query getQuery() { result instanceof MacroParameterFollowingHashSharedQuery } query predicate problems(Macro m, string message) { not isExcluded(m, getQuery()) and diff --git a/cpp/common/src/codingstandards/cpp/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.qll b/cpp/common/src/codingstandards/cpp/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.qll index 693ae36906..314d1dbe4c 100644 --- a/cpp/common/src/codingstandards/cpp/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.qll +++ b/cpp/common/src/codingstandards/cpp/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.qll @@ -1,5 +1,8 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * In the definition of a function-like macro, each instance of a parameter + * shall be enclosed in parentheses, otherwise the result of preprocessor macro + * substitition may not be as expected. */ import cpp diff --git a/cpp/common/src/codingstandards/cpp/rules/memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.qll b/cpp/common/src/codingstandards/cpp/rules/memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.qll similarity index 97% rename from cpp/common/src/codingstandards/cpp/rules/memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.qll index df7e0af73d..83c5ac1c8f 100644 --- a/cpp/common/src/codingstandards/cpp/rules/memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.qll @@ -1,5 +1,6 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * Operations on a memory location shall be sequenced appropriately. */ import cpp @@ -9,9 +10,9 @@ import codingstandards.cpp.Exclusions import codingstandards.cpp.SideEffects import codingstandards.cpp.COrdering -abstract class MemoryOperationsNotSequencedAppropriately_sharedSharedQuery extends Query { } +abstract class MemoryOperationsNotSequencedAppropriatelySharedQuery extends Query { } -Query getQuery() { result instanceof MemoryOperationsNotSequencedAppropriately_sharedSharedQuery } +Query getQuery() { result instanceof MemoryOperationsNotSequencedAppropriatelySharedQuery } class VariableEffectOrAccess extends Expr { VariableEffectOrAccess() { diff --git a/cpp/common/src/codingstandards/cpp/rules/multipleglobalormemberdeclarators_shared/MultipleGlobalOrMemberDeclarators_shared.qll b/cpp/common/src/codingstandards/cpp/rules/multipleglobalormemberdeclarators/MultipleGlobalOrMemberDeclarators.qll similarity index 90% rename from cpp/common/src/codingstandards/cpp/rules/multipleglobalormemberdeclarators_shared/MultipleGlobalOrMemberDeclarators_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/multipleglobalormemberdeclarators/MultipleGlobalOrMemberDeclarators.qll index 317605cd1f..05821d7270 100644 --- a/cpp/common/src/codingstandards/cpp/rules/multipleglobalormemberdeclarators_shared/MultipleGlobalOrMemberDeclarators_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/multipleglobalormemberdeclarators/MultipleGlobalOrMemberDeclarators.qll @@ -1,14 +1,15 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * A declaration should not declare more than one variable or member variable. */ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -abstract class MultipleGlobalOrMemberDeclarators_sharedSharedQuery extends Query { } +abstract class MultipleGlobalOrMemberDeclaratorsSharedQuery extends Query { } -Query getQuery() { result instanceof MultipleGlobalOrMemberDeclarators_sharedSharedQuery } +Query getQuery() { result instanceof MultipleGlobalOrMemberDeclaratorsSharedQuery } /* * Unfortunately, we do not have an equivalent of `DeclStmt` for non-local declarations, so we diff --git a/cpp/common/src/codingstandards/cpp/rules/multiplelocaldeclarators_shared/MultipleLocalDeclarators_shared.qll b/cpp/common/src/codingstandards/cpp/rules/multiplelocaldeclarators/MultipleLocalDeclarators.qll similarity index 59% rename from cpp/common/src/codingstandards/cpp/rules/multiplelocaldeclarators_shared/MultipleLocalDeclarators_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/multiplelocaldeclarators/MultipleLocalDeclarators.qll index 41c396bddc..2269f36d97 100644 --- a/cpp/common/src/codingstandards/cpp/rules/multiplelocaldeclarators_shared/MultipleLocalDeclarators_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/multiplelocaldeclarators/MultipleLocalDeclarators.qll @@ -1,14 +1,15 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * A declaration should not declare more than one variable or member variable. */ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -abstract class MultipleLocalDeclarators_sharedSharedQuery extends Query { } +abstract class MultipleLocalDeclaratorsSharedQuery extends Query { } -Query getQuery() { result instanceof MultipleLocalDeclarators_sharedSharedQuery } +Query getQuery() { result instanceof MultipleLocalDeclaratorsSharedQuery } query predicate problems(DeclStmt ds, string message) { not isExcluded(ds, getQuery()) and diff --git a/cpp/common/src/codingstandards/cpp/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.qll b/cpp/common/src/codingstandards/cpp/rules/namedbitfieldswithsignedintegertype/NamedBitFieldsWithSignedIntegerType.qll similarity index 67% rename from cpp/common/src/codingstandards/cpp/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/namedbitfieldswithsignedintegertype/NamedBitFieldsWithSignedIntegerType.qll index 6542caf889..326886dda6 100644 --- a/cpp/common/src/codingstandards/cpp/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/namedbitfieldswithsignedintegertype/NamedBitFieldsWithSignedIntegerType.qll @@ -1,14 +1,15 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * A named bit-field with signed integer type shall not have a length of one bit. */ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -abstract class NamedBitFieldsWithSignedIntegerType_sharedSharedQuery extends Query { } +abstract class NamedBitFieldsWithSignedIntegerTypeSharedQuery extends Query { } -Query getQuery() { result instanceof NamedBitFieldsWithSignedIntegerType_sharedSharedQuery } +Query getQuery() { result instanceof NamedBitFieldsWithSignedIntegerTypeSharedQuery } query predicate problems(BitField bitField, string message) { not isExcluded(bitField, getQuery()) and diff --git a/cpp/common/src/codingstandards/cpp/rules/namenotreferredusingaqualifiedidorthis_shared/NameNotReferredUsingAQualifiedIdOrThis_shared.qll b/cpp/common/src/codingstandards/cpp/rules/namenotreferredusingaqualifiedidorthis/NameNotReferredUsingAQualifiedIdOrThis.qll similarity index 78% rename from cpp/common/src/codingstandards/cpp/rules/namenotreferredusingaqualifiedidorthis_shared/NameNotReferredUsingAQualifiedIdOrThis_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/namenotreferredusingaqualifiedidorthis/NameNotReferredUsingAQualifiedIdOrThis.qll index 49149ef171..a4c9255c89 100644 --- a/cpp/common/src/codingstandards/cpp/rules/namenotreferredusingaqualifiedidorthis_shared/NameNotReferredUsingAQualifiedIdOrThis_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/namenotreferredusingaqualifiedidorthis/NameNotReferredUsingAQualifiedIdOrThis.qll @@ -1,5 +1,7 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * Not using a qualified-id or `this->` syntax for identifiers used in a class template + * makes the code more difficult to understand. */ import cpp @@ -7,9 +9,9 @@ import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.NameInDependentBase -abstract class NameNotReferredUsingAQualifiedIdOrThis_sharedSharedQuery extends Query { } +abstract class NameNotReferredUsingAQualifiedIdOrThisSharedQuery extends Query { } -Query getQuery() { result instanceof NameNotReferredUsingAQualifiedIdOrThis_sharedSharedQuery } +Query getQuery() { result instanceof NameNotReferredUsingAQualifiedIdOrThisSharedQuery } query predicate problems( NameQualifiableElement fn, string message, Element actualTarget, string targetName, diff --git a/cpp/common/src/codingstandards/cpp/rules/namenotreferredusingaqualifiedidorthisaudit_shared/NameNotReferredUsingAQualifiedIdOrThisAudit_shared.qll b/cpp/common/src/codingstandards/cpp/rules/namenotreferredusingaqualifiedidorthisaudit/NameNotReferredUsingAQualifiedIdOrThisAudit.qll similarity index 79% rename from cpp/common/src/codingstandards/cpp/rules/namenotreferredusingaqualifiedidorthisaudit_shared/NameNotReferredUsingAQualifiedIdOrThisAudit_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/namenotreferredusingaqualifiedidorthisaudit/NameNotReferredUsingAQualifiedIdOrThisAudit.qll index 1b97c1f56d..d0a6251908 100644 --- a/cpp/common/src/codingstandards/cpp/rules/namenotreferredusingaqualifiedidorthisaudit_shared/NameNotReferredUsingAQualifiedIdOrThisAudit_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/namenotreferredusingaqualifiedidorthisaudit/NameNotReferredUsingAQualifiedIdOrThisAudit.qll @@ -1,5 +1,7 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * Not using a qualified-id or `this->` syntax for identifiers used in a class template + * makes the code more difficult to understand. */ import cpp @@ -7,9 +9,9 @@ import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.NameInDependentBase -abstract class NameNotReferredUsingAQualifiedIdOrThisAudit_sharedSharedQuery extends Query { } +abstract class NameNotReferredUsingAQualifiedIdOrThisAuditSharedQuery extends Query { } -Query getQuery() { result instanceof NameNotReferredUsingAQualifiedIdOrThisAudit_sharedSharedQuery } +Query getQuery() { result instanceof NameNotReferredUsingAQualifiedIdOrThisAuditSharedQuery } query predicate problems( NameQualifiableElement fn, string message, Element actualTarget, string targetName, diff --git a/cpp/common/src/codingstandards/cpp/rules/noexceptfunctionshouldnotpropagatetothecaller_shared/NoexceptFunctionShouldNotPropagateToTheCaller_shared.qll b/cpp/common/src/codingstandards/cpp/rules/noexceptfunctionshouldnotpropagatetothecaller/NoexceptFunctionShouldNotPropagateToTheCaller.qll similarity index 76% rename from cpp/common/src/codingstandards/cpp/rules/noexceptfunctionshouldnotpropagatetothecaller_shared/NoexceptFunctionShouldNotPropagateToTheCaller_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/noexceptfunctionshouldnotpropagatetothecaller/NoexceptFunctionShouldNotPropagateToTheCaller.qll index 31a606c0db..f53c558fa0 100644 --- a/cpp/common/src/codingstandards/cpp/rules/noexceptfunctionshouldnotpropagatetothecaller_shared/NoexceptFunctionShouldNotPropagateToTheCaller_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/noexceptfunctionshouldnotpropagatetothecaller/NoexceptFunctionShouldNotPropagateToTheCaller.qll @@ -1,5 +1,7 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * If a function is declared to be noexcept, noexcept(true) or noexcept(), then it shall not exit with an exception. */ import cpp @@ -9,10 +11,10 @@ import codingstandards.cpp.exceptions.ExceptionFlow import ExceptionPathGraph import codingstandards.cpp.exceptions.ExceptionSpecifications -abstract class NoexceptFunctionShouldNotPropagateToTheCaller_sharedSharedQuery extends Query { } +abstract class NoexceptFunctionShouldNotPropagateToTheCallerSharedQuery extends Query { } Query getQuery() { - result instanceof NoexceptFunctionShouldNotPropagateToTheCaller_sharedSharedQuery + result instanceof NoexceptFunctionShouldNotPropagateToTheCallerSharedQuery } class NoExceptThrowingFunction extends ExceptionThrowingFunction { diff --git a/cpp/common/src/codingstandards/cpp/rules/nonglobalfunctionmain_shared/NonGlobalFunctionMain_shared.qll b/cpp/common/src/codingstandards/cpp/rules/nonglobalfunctionmain/NonGlobalFunctionMain.qll similarity index 52% rename from cpp/common/src/codingstandards/cpp/rules/nonglobalfunctionmain_shared/NonGlobalFunctionMain_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/nonglobalfunctionmain/NonGlobalFunctionMain.qll index 69a7e7e091..7366849d0c 100644 --- a/cpp/common/src/codingstandards/cpp/rules/nonglobalfunctionmain_shared/NonGlobalFunctionMain_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/nonglobalfunctionmain/NonGlobalFunctionMain.qll @@ -1,14 +1,16 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * The identifier main shall not be used for a function other than the global function + * main. */ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -abstract class NonGlobalFunctionMain_sharedSharedQuery extends Query { } +abstract class NonGlobalFunctionMainSharedQuery extends Query { } -Query getQuery() { result instanceof NonGlobalFunctionMain_sharedSharedQuery } +Query getQuery() { result instanceof NonGlobalFunctionMainSharedQuery } query predicate problems(Function f, string message) { not isExcluded(f, getQuery()) and diff --git a/cpp/common/src/codingstandards/cpp/rules/nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.qll b/cpp/common/src/codingstandards/cpp/rules/nonterminatedescapesequences/NonTerminatedEscapeSequences.qll similarity index 81% rename from cpp/common/src/codingstandards/cpp/rules/nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/nonterminatedescapesequences/NonTerminatedEscapeSequences.qll index 4f479a5bdb..f23965ea7c 100644 --- a/cpp/common/src/codingstandards/cpp/rules/nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/nonterminatedescapesequences/NonTerminatedEscapeSequences.qll @@ -1,14 +1,16 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * Octal escape sequences, hexadecimal escape sequences, and universal character names + * shall be terminated. */ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -abstract class NonTerminatedEscapeSequences_sharedSharedQuery extends Query { } +abstract class NonTerminatedEscapeSequencesSharedQuery extends Query { } -Query getQuery() { result instanceof NonTerminatedEscapeSequences_sharedSharedQuery } +Query getQuery() { result instanceof NonTerminatedEscapeSequencesSharedQuery } bindingset[s] predicate isOctalEscape(string s) { diff --git a/cpp/common/src/codingstandards/cpp/rules/nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.qll b/cpp/common/src/codingstandards/cpp/rules/nonuniqueenumerationconstant/NonUniqueEnumerationConstant.qll similarity index 80% rename from cpp/common/src/codingstandards/cpp/rules/nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/nonuniqueenumerationconstant/NonUniqueEnumerationConstant.qll index a9831d9ead..f7afe8b3e7 100644 --- a/cpp/common/src/codingstandards/cpp/rules/nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/nonuniqueenumerationconstant/NonUniqueEnumerationConstant.qll @@ -1,14 +1,16 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * Within an enumerator list, the value of an implicitly-specified enumeration constant + * shall be unique. */ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -abstract class NonUniqueEnumerationConstant_sharedSharedQuery extends Query { } +abstract class NonUniqueEnumerationConstantSharedQuery extends Query { } -Query getQuery() { result instanceof NonUniqueEnumerationConstant_sharedSharedQuery } +Query getQuery() { result instanceof NonUniqueEnumerationConstantSharedQuery } /** * An `EnumConstant` that has an implicitly specified value: diff --git a/cpp/common/src/codingstandards/cpp/rules/notdistinctidentifier/NotDistinctIdentifier.qll b/cpp/common/src/codingstandards/cpp/rules/notdistinctidentifier/NotDistinctIdentifier.qll index 2d6767f664..093b804e0f 100644 --- a/cpp/common/src/codingstandards/cpp/rules/notdistinctidentifier/NotDistinctIdentifier.qll +++ b/cpp/common/src/codingstandards/cpp/rules/notdistinctidentifier/NotDistinctIdentifier.qll @@ -1,5 +1,6 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * Using nondistinct external identifiers results in undefined behaviour. */ import cpp diff --git a/cpp/common/src/codingstandards/cpp/rules/nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.qll b/cpp/common/src/codingstandards/cpp/rules/nullptrnottheonlyformofthenullpointerconstant/NullptrNotTheOnlyFormOfTheNullPointerConstant.qll similarity index 74% rename from cpp/common/src/codingstandards/cpp/rules/nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/nullptrnottheonlyformofthenullpointerconstant/NullptrNotTheOnlyFormOfTheNullPointerConstant.qll index 992a1ac645..c997595ac6 100644 --- a/cpp/common/src/codingstandards/cpp/rules/nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/nullptrnottheonlyformofthenullpointerconstant/NullptrNotTheOnlyFormOfTheNullPointerConstant.qll @@ -1,5 +1,6 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * nullptr shall be the only form of the null-pointer-constant. */ import cpp @@ -7,10 +8,10 @@ import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import semmle.code.cpp.commons.NULL -abstract class NullptrNotTheOnlyFormOfTheNullPointerConstant_sharedSharedQuery extends Query { } +abstract class NullptrNotTheOnlyFormOfTheNullPointerConstantSharedQuery extends Query { } Query getQuery() { - result instanceof NullptrNotTheOnlyFormOfTheNullPointerConstant_sharedSharedQuery + result instanceof NullptrNotTheOnlyFormOfTheNullPointerConstantSharedQuery } query predicate problems(Literal l, string message) { diff --git a/cpp/common/src/codingstandards/cpp/rules/objectsdynamictypeusedfromconstructorordestructor_shared/ObjectsDynamicTypeUsedFromConstructorOrDestructor_shared.qll b/cpp/common/src/codingstandards/cpp/rules/objectsdynamictypeusedfromconstructorordestructor/ObjectsDynamicTypeUsedFromConstructorOrDestructor.qll similarity index 92% rename from cpp/common/src/codingstandards/cpp/rules/objectsdynamictypeusedfromconstructorordestructor_shared/ObjectsDynamicTypeUsedFromConstructorOrDestructor_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/objectsdynamictypeusedfromconstructorordestructor/ObjectsDynamicTypeUsedFromConstructorOrDestructor.qll index 992b568f2a..6bb9590d33 100644 --- a/cpp/common/src/codingstandards/cpp/rules/objectsdynamictypeusedfromconstructorordestructor_shared/ObjectsDynamicTypeUsedFromConstructorOrDestructor_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/objectsdynamictypeusedfromconstructorordestructor/ObjectsDynamicTypeUsedFromConstructorOrDestructor.qll @@ -1,15 +1,17 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * An object’s dynamic type shall not be used from within its constructor or + * destructor. */ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -abstract class ObjectsDynamicTypeUsedFromConstructorOrDestructor_sharedSharedQuery extends Query { } +abstract class ObjectsDynamicTypeUsedFromConstructorOrDestructorSharedQuery extends Query { } Query getQuery() { - result instanceof ObjectsDynamicTypeUsedFromConstructorOrDestructor_sharedSharedQuery + result instanceof ObjectsDynamicTypeUsedFromConstructorOrDestructorSharedQuery } predicate thisCall(FunctionCall c) { diff --git a/cpp/common/src/codingstandards/cpp/rules/overridingshallspecifydifferentdefaultarguments_shared/OverridingShallSpecifyDifferentDefaultArguments_shared.qll b/cpp/common/src/codingstandards/cpp/rules/overridingshallspecifydifferentdefaultarguments/OverridingShallSpecifyDifferentDefaultArguments.qll similarity index 78% rename from cpp/common/src/codingstandards/cpp/rules/overridingshallspecifydifferentdefaultarguments_shared/OverridingShallSpecifyDifferentDefaultArguments_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/overridingshallspecifydifferentdefaultarguments/OverridingShallSpecifyDifferentDefaultArguments.qll index f9438cefc8..d4a85cbaac 100644 --- a/cpp/common/src/codingstandards/cpp/rules/overridingshallspecifydifferentdefaultarguments_shared/OverridingShallSpecifyDifferentDefaultArguments_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/overridingshallspecifydifferentdefaultarguments/OverridingShallSpecifyDifferentDefaultArguments.qll @@ -1,15 +1,17 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * Parameters in an overriding virtual function shall not specify different default + * arguments. */ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -abstract class OverridingShallSpecifyDifferentDefaultArguments_sharedSharedQuery extends Query { } +abstract class OverridingShallSpecifyDifferentDefaultArgumentsSharedQuery extends Query { } Query getQuery() { - result instanceof OverridingShallSpecifyDifferentDefaultArguments_sharedSharedQuery + result instanceof OverridingShallSpecifyDifferentDefaultArgumentsSharedQuery } query predicate problems(VirtualFunction f2, string message, VirtualFunction f1, string f1_string) { diff --git a/cpp/common/src/codingstandards/cpp/rules/potentiallyvirtualpointeronlycomparestonullptr_shared/PotentiallyVirtualPointerOnlyComparesToNullptr_shared.qll b/cpp/common/src/codingstandards/cpp/rules/potentiallyvirtualpointeronlycomparestonullptr/PotentiallyVirtualPointerOnlyComparesToNullptr.qll similarity index 78% rename from cpp/common/src/codingstandards/cpp/rules/potentiallyvirtualpointeronlycomparestonullptr_shared/PotentiallyVirtualPointerOnlyComparesToNullptr_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/potentiallyvirtualpointeronlycomparestonullptr/PotentiallyVirtualPointerOnlyComparesToNullptr.qll index be93180112..12d9a297b9 100644 --- a/cpp/common/src/codingstandards/cpp/rules/potentiallyvirtualpointeronlycomparestonullptr_shared/PotentiallyVirtualPointerOnlyComparesToNullptr_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/potentiallyvirtualpointeronlycomparestonullptr/PotentiallyVirtualPointerOnlyComparesToNullptr.qll @@ -1,15 +1,17 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * A comparison of a potentially virtual pointer to member function shall only be with + * nullptr. */ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -abstract class PotentiallyVirtualPointerOnlyComparesToNullptr_sharedSharedQuery extends Query { } +abstract class PotentiallyVirtualPointerOnlyComparesToNullptrSharedQuery extends Query { } Query getQuery() { - result instanceof PotentiallyVirtualPointerOnlyComparesToNullptr_sharedSharedQuery + result instanceof PotentiallyVirtualPointerOnlyComparesToNullptrSharedQuery } query predicate problems( diff --git a/cpp/common/src/codingstandards/cpp/rules/predicatefunctionobjectsshouldnotbemutable/PredicateFunctionObjectsShouldNotBeMutable.qll b/cpp/common/src/codingstandards/cpp/rules/predicatefunctionobjectsshouldnotbemutable/PredicateFunctionObjectsShouldNotBeMutable.qll index a8b6ab7576..bf47c1f649 100644 --- a/cpp/common/src/codingstandards/cpp/rules/predicatefunctionobjectsshouldnotbemutable/PredicateFunctionObjectsShouldNotBeMutable.qll +++ b/cpp/common/src/codingstandards/cpp/rules/predicatefunctionobjectsshouldnotbemutable/PredicateFunctionObjectsShouldNotBeMutable.qll @@ -1,5 +1,7 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * "Non-static data members or captured values of predicate function objects + * that are state related to this object's identity shall not be copied. */ import cpp diff --git a/cpp/common/src/codingstandards/cpp/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.qll b/cpp/common/src/codingstandards/cpp/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.qll index 8b8609ab7b..8361a07a31 100644 --- a/cpp/common/src/codingstandards/cpp/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.qll +++ b/cpp/common/src/codingstandards/cpp/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.qll @@ -1,5 +1,7 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * Arguments to a function-like macro shall not contain tokens that look like + * pre-processing directives or else behaviour after macro expansion is unpredictable. */ import cpp diff --git a/cpp/common/src/codingstandards/cpp/rules/reinterpretcastused/ReinterpretCastUsed.qll b/cpp/common/src/codingstandards/cpp/rules/reinterpretcastused/ReinterpretCastUsed.qll new file mode 100644 index 0000000000..b49a488ab2 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/reinterpretcastused/ReinterpretCastUsed.qll @@ -0,0 +1,16 @@ +/** + * Provides a library with a `problems` predicate for the following issue: + * The statement reinterpret_cast shall not be used. + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class ReinterpretCastUsedSharedQuery extends Query { } + +Query getQuery() { result instanceof ReinterpretCastUsedSharedQuery } + +query predicate problems(ReinterpretCast rc, string message) { + not isExcluded(rc, getQuery()) and message = "Use of reinterpret_cast." +} diff --git a/cpp/common/src/codingstandards/cpp/rules/reinterpretcastused_shared/ReinterpretCastUsed_shared.qll b/cpp/common/src/codingstandards/cpp/rules/reinterpretcastused_shared/ReinterpretCastUsed_shared.qll deleted file mode 100644 index b325b8ba47..0000000000 --- a/cpp/common/src/codingstandards/cpp/rules/reinterpretcastused_shared/ReinterpretCastUsed_shared.qll +++ /dev/null @@ -1,15 +0,0 @@ -/** - * Provides a library which includes a `problems` predicate for reporting.... - */ - -import cpp -import codingstandards.cpp.Customizations -import codingstandards.cpp.Exclusions - -abstract class ReinterpretCastUsed_sharedSharedQuery extends Query { } - -Query getQuery() { result instanceof ReinterpretCastUsed_sharedSharedQuery } - -query predicate problems(ReinterpretCast rc, string message) { - not isExcluded(rc, getQuery()) and message = "Use of reinterpret_cast." -} diff --git a/cpp/common/src/codingstandards/cpp/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.qll b/cpp/common/src/codingstandards/cpp/rules/resultofanassignmentoperatorshouldnotbeused/ResultOfAnAssignmentOperatorShouldNotBeUsed.qll similarity index 58% rename from cpp/common/src/codingstandards/cpp/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/resultofanassignmentoperatorshouldnotbeused/ResultOfAnAssignmentOperatorShouldNotBeUsed.qll index d44d3d2b8e..04a106b5c4 100644 --- a/cpp/common/src/codingstandards/cpp/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/resultofanassignmentoperatorshouldnotbeused/ResultOfAnAssignmentOperatorShouldNotBeUsed.qll @@ -1,14 +1,15 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * The result of an assignment operator should not be used. */ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -abstract class ResultOfAnAssignmentOperatorShouldNotBeUsed_sharedSharedQuery extends Query { } +abstract class ResultOfAnAssignmentOperatorShouldNotBeUsedSharedQuery extends Query { } -Query getQuery() { result instanceof ResultOfAnAssignmentOperatorShouldNotBeUsed_sharedSharedQuery } +Query getQuery() { result instanceof ResultOfAnAssignmentOperatorShouldNotBeUsedSharedQuery } query predicate problems(AssignExpr e, string message) { not isExcluded(e, getQuery()) and diff --git a/cpp/common/src/codingstandards/cpp/rules/returnreferenceorpointertoautomaticlocalvariable_shared/ReturnReferenceOrPointerToAutomaticLocalVariable_shared.qll b/cpp/common/src/codingstandards/cpp/rules/returnreferenceorpointertoautomaticlocalvariable/ReturnReferenceOrPointerToAutomaticLocalVariable.qll similarity index 74% rename from cpp/common/src/codingstandards/cpp/rules/returnreferenceorpointertoautomaticlocalvariable_shared/ReturnReferenceOrPointerToAutomaticLocalVariable_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/returnreferenceorpointertoautomaticlocalvariable/ReturnReferenceOrPointerToAutomaticLocalVariable.qll index e3444fe368..dce050d9d7 100644 --- a/cpp/common/src/codingstandards/cpp/rules/returnreferenceorpointertoautomaticlocalvariable_shared/ReturnReferenceOrPointerToAutomaticLocalVariable_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/returnreferenceorpointertoautomaticlocalvariable/ReturnReferenceOrPointerToAutomaticLocalVariable.qll @@ -1,15 +1,17 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * Functions that return a reference or a pointer to an automatic variable (including + * parameters) potentially lead to undefined behaviour. */ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -abstract class ReturnReferenceOrPointerToAutomaticLocalVariable_sharedSharedQuery extends Query { } +abstract class ReturnReferenceOrPointerToAutomaticLocalVariableSharedQuery extends Query { } Query getQuery() { - result instanceof ReturnReferenceOrPointerToAutomaticLocalVariable_sharedSharedQuery + result instanceof ReturnReferenceOrPointerToAutomaticLocalVariableSharedQuery } query predicate problems( diff --git a/cpp/common/src/codingstandards/cpp/rules/switchcasepositioncondition/SwitchCasePositionCondition.qll b/cpp/common/src/codingstandards/cpp/rules/switchcasepositioncondition/SwitchCasePositionCondition.qll index 68ba9850af..979621762d 100644 --- a/cpp/common/src/codingstandards/cpp/rules/switchcasepositioncondition/SwitchCasePositionCondition.qll +++ b/cpp/common/src/codingstandards/cpp/rules/switchcasepositioncondition/SwitchCasePositionCondition.qll @@ -1,5 +1,6 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * The switch statement syntax is weak and may lead to unspecified behaviour. */ import cpp diff --git a/cpp/common/src/codingstandards/cpp/rules/switchcompoundcondition_shared/SwitchCompoundCondition_shared.qll b/cpp/common/src/codingstandards/cpp/rules/switchcompoundcondition/SwitchCompoundCondition.qll similarity index 79% rename from cpp/common/src/codingstandards/cpp/rules/switchcompoundcondition_shared/SwitchCompoundCondition_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/switchcompoundcondition/SwitchCompoundCondition.qll index 2db252da61..ab888abfec 100644 --- a/cpp/common/src/codingstandards/cpp/rules/switchcompoundcondition_shared/SwitchCompoundCondition_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/switchcompoundcondition/SwitchCompoundCondition.qll @@ -1,14 +1,16 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * If the body of a switch is not enclosed in braces, then this can lead to incorrect + * execution, and hard for developers to maintain. */ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -abstract class SwitchCompoundCondition_sharedSharedQuery extends Query { } +abstract class SwitchCompoundConditionSharedQuery extends Query { } -Query getQuery() { result instanceof SwitchCompoundCondition_sharedSharedQuery } +Query getQuery() { result instanceof SwitchCompoundConditionSharedQuery } /** * Class to differentiate between extractor generated blockstmt and actual blockstmt. The extractor diff --git a/cpp/common/src/codingstandards/cpp/rules/switchnotwellformed/SwitchNotWellFormed.qll b/cpp/common/src/codingstandards/cpp/rules/switchnotwellformed/SwitchNotWellFormed.qll index ee04228a95..cb2e61c3ad 100644 --- a/cpp/common/src/codingstandards/cpp/rules/switchnotwellformed/SwitchNotWellFormed.qll +++ b/cpp/common/src/codingstandards/cpp/rules/switchnotwellformed/SwitchNotWellFormed.qll @@ -1,5 +1,6 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * The switch statement syntax is weak and may lead to unspecified behaviour. */ import cpp diff --git a/cpp/common/src/codingstandards/cpp/rules/typeomitted/TypeOmitted.qll b/cpp/common/src/codingstandards/cpp/rules/typeomitted/TypeOmitted.qll index 8c1cb3b80a..0906a1de4f 100644 --- a/cpp/common/src/codingstandards/cpp/rules/typeomitted/TypeOmitted.qll +++ b/cpp/common/src/codingstandards/cpp/rules/typeomitted/TypeOmitted.qll @@ -1,5 +1,6 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * Omission of type specifiers may not be supported by some compilers. */ import cpp diff --git a/cpp/common/src/codingstandards/cpp/rules/unsignedintegerliteralsnotappropriatelysuffixed_shared/UnsignedIntegerLiteralsNotAppropriatelySuffixed_shared.qll b/cpp/common/src/codingstandards/cpp/rules/unsignedintegerliteralsnotappropriatelysuffixed/UnsignedIntegerLiteralsNotAppropriatelySuffixed.qll similarity index 79% rename from cpp/common/src/codingstandards/cpp/rules/unsignedintegerliteralsnotappropriatelysuffixed_shared/UnsignedIntegerLiteralsNotAppropriatelySuffixed_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/unsignedintegerliteralsnotappropriatelysuffixed/UnsignedIntegerLiteralsNotAppropriatelySuffixed.qll index a59a4e6fd5..00745b6f7f 100644 --- a/cpp/common/src/codingstandards/cpp/rules/unsignedintegerliteralsnotappropriatelysuffixed_shared/UnsignedIntegerLiteralsNotAppropriatelySuffixed_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/unsignedintegerliteralsnotappropriatelysuffixed/UnsignedIntegerLiteralsNotAppropriatelySuffixed.qll @@ -1,5 +1,6 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * Unsigned integer literals shall be appropriately suffixed. */ import cpp @@ -7,10 +8,10 @@ import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.Cpp14Literal -abstract class UnsignedIntegerLiteralsNotAppropriatelySuffixed_sharedSharedQuery extends Query { } +abstract class UnsignedIntegerLiteralsNotAppropriatelySuffixedSharedQuery extends Query { } Query getQuery() { - result instanceof UnsignedIntegerLiteralsNotAppropriatelySuffixed_sharedSharedQuery + result instanceof UnsignedIntegerLiteralsNotAppropriatelySuffixedSharedQuery } query predicate problems(Cpp14Literal::NumericLiteral nl, string message) { diff --git a/cpp/common/src/codingstandards/cpp/rules/unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.qll b/cpp/common/src/codingstandards/cpp/rules/unsignedoperationwithconstantoperandswraps/UnsignedOperationWithConstantOperandsWraps.qll similarity index 80% rename from cpp/common/src/codingstandards/cpp/rules/unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/unsignedoperationwithconstantoperandswraps/UnsignedOperationWithConstantOperandsWraps.qll index 9020e9c5f0..bc0c6d8fc1 100644 --- a/cpp/common/src/codingstandards/cpp/rules/unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/unsignedoperationwithconstantoperandswraps/UnsignedOperationWithConstantOperandsWraps.qll @@ -1,5 +1,6 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * An unsigned arithmetic operation with constant operands should not wrap. */ import cpp @@ -9,9 +10,9 @@ import codingstandards.cpp.Overflow import semmle.code.cpp.controlflow.Guards import semmle.code.cpp.valuenumbering.GlobalValueNumbering -abstract class UnsignedOperationWithConstantOperandsWraps_sharedSharedQuery extends Query { } +abstract class UnsignedOperationWithConstantOperandsWrapsSharedQuery extends Query { } -Query getQuery() { result instanceof UnsignedOperationWithConstantOperandsWraps_sharedSharedQuery } +Query getQuery() { result instanceof UnsignedOperationWithConstantOperandsWrapsSharedQuery } query predicate problems(InterestingOverflowingOperation op, string message) { not isExcluded(op, getQuery()) and diff --git a/cpp/common/src/codingstandards/cpp/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.qll b/cpp/common/src/codingstandards/cpp/rules/useofnonzerooctalliteral/UseOfNonZeroOctalLiteral.qll similarity index 60% rename from cpp/common/src/codingstandards/cpp/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/useofnonzerooctalliteral/UseOfNonZeroOctalLiteral.qll index 8c952da18e..f5d1834723 100644 --- a/cpp/common/src/codingstandards/cpp/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/useofnonzerooctalliteral/UseOfNonZeroOctalLiteral.qll @@ -1,5 +1,6 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * Octal constants shall not be used. */ import cpp @@ -7,9 +8,9 @@ import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.Cpp14Literal -abstract class UseOfNonZeroOctalLiteral_sharedSharedQuery extends Query { } +abstract class UseOfNonZeroOctalLiteralSharedQuery extends Query { } -Query getQuery() { result instanceof UseOfNonZeroOctalLiteral_sharedSharedQuery } +Query getQuery() { result instanceof UseOfNonZeroOctalLiteralSharedQuery } query predicate problems(Cpp14Literal::OctalLiteral octalLiteral, string message) { not isExcluded(octalLiteral, getQuery()) and diff --git a/cpp/common/src/codingstandards/cpp/rules/vectorshouldnotbespecializedwithbool_shared/VectorShouldNotBeSpecializedWithBool_shared.qll b/cpp/common/src/codingstandards/cpp/rules/vectorshouldnotbespecializedwithbool/VectorShouldNotBeSpecializedWithBool.qll similarity index 68% rename from cpp/common/src/codingstandards/cpp/rules/vectorshouldnotbespecializedwithbool_shared/VectorShouldNotBeSpecializedWithBool_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/vectorshouldnotbespecializedwithbool/VectorShouldNotBeSpecializedWithBool.qll index 1fda305df2..ca23306c55 100644 --- a/cpp/common/src/codingstandards/cpp/rules/vectorshouldnotbespecializedwithbool_shared/VectorShouldNotBeSpecializedWithBool_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/vectorshouldnotbespecializedwithbool/VectorShouldNotBeSpecializedWithBool.qll @@ -1,5 +1,8 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * The std::vector specialization differs from all other containers + * std::vector such that sizeof bool is implementation defined which causes errors + * when using some STL algorithms. */ import cpp @@ -7,9 +10,9 @@ import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.StdNamespace -abstract class VectorShouldNotBeSpecializedWithBool_sharedSharedQuery extends Query { } +abstract class VectorShouldNotBeSpecializedWithBoolSharedQuery extends Query { } -Query getQuery() { result instanceof VectorShouldNotBeSpecializedWithBool_sharedSharedQuery } +Query getQuery() { result instanceof VectorShouldNotBeSpecializedWithBoolSharedQuery } predicate isVectorBool(ClassTemplateInstantiation c) { c.getNamespace() instanceof StdNS and diff --git a/cpp/common/src/codingstandards/cpp/rules/virtualandnonvirtualclassinthehierarchy_shared/VirtualAndNonVirtualClassInTheHierarchy_shared.qll b/cpp/common/src/codingstandards/cpp/rules/virtualandnonvirtualclassinthehierarchy/VirtualAndNonVirtualClassInTheHierarchy.qll similarity index 82% rename from cpp/common/src/codingstandards/cpp/rules/virtualandnonvirtualclassinthehierarchy_shared/VirtualAndNonVirtualClassInTheHierarchy_shared.qll rename to cpp/common/src/codingstandards/cpp/rules/virtualandnonvirtualclassinthehierarchy/VirtualAndNonVirtualClassInTheHierarchy.qll index 44e814c29b..f29d69d1ac 100644 --- a/cpp/common/src/codingstandards/cpp/rules/virtualandnonvirtualclassinthehierarchy_shared/VirtualAndNonVirtualClassInTheHierarchy_shared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/virtualandnonvirtualclassinthehierarchy/VirtualAndNonVirtualClassInTheHierarchy.qll @@ -1,14 +1,16 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * An accessible base class shall not be both virtual and non-virtual in the same + * hierarchy. */ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -abstract class VirtualAndNonVirtualClassInTheHierarchy_sharedSharedQuery extends Query { } +abstract class VirtualAndNonVirtualClassInTheHierarchySharedQuery extends Query { } -Query getQuery() { result instanceof VirtualAndNonVirtualClassInTheHierarchy_sharedSharedQuery } +Query getQuery() { result instanceof VirtualAndNonVirtualClassInTheHierarchySharedQuery } query predicate problems( Class c3, string message, Class base, string base_string, ClassDerivation cd1, string cd1_string, diff --git a/cpp/common/test/rules/addressofoperatoroverloaded_shared/AddressOfOperatorOverloaded_shared.expected b/cpp/common/test/rules/addressofoperatoroverloaded/AddressOfOperatorOverloaded.expected similarity index 100% rename from cpp/common/test/rules/addressofoperatoroverloaded_shared/AddressOfOperatorOverloaded_shared.expected rename to cpp/common/test/rules/addressofoperatoroverloaded/AddressOfOperatorOverloaded.expected diff --git a/cpp/common/test/rules/addressofoperatoroverloaded/AddressOfOperatorOverloaded.ql b/cpp/common/test/rules/addressofoperatoroverloaded/AddressOfOperatorOverloaded.ql new file mode 100644 index 0000000000..ee8ba0d5d5 --- /dev/null +++ b/cpp/common/test/rules/addressofoperatoroverloaded/AddressOfOperatorOverloaded.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.addressofoperatoroverloaded.AddressOfOperatorOverloaded + +class TestFileQuery extends AddressOfOperatorOverloadedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/addressofoperatoroverloaded_shared/test.cpp b/cpp/common/test/rules/addressofoperatoroverloaded/test.cpp similarity index 100% rename from cpp/common/test/rules/addressofoperatoroverloaded_shared/test.cpp rename to cpp/common/test/rules/addressofoperatoroverloaded/test.cpp diff --git a/cpp/common/test/rules/addressofoperatoroverloaded_shared/AddressOfOperatorOverloaded_shared.ql b/cpp/common/test/rules/addressofoperatoroverloaded_shared/AddressOfOperatorOverloaded_shared.ql deleted file mode 100644 index 0a40e9b1b9..0000000000 --- a/cpp/common/test/rules/addressofoperatoroverloaded_shared/AddressOfOperatorOverloaded_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.addressofoperatoroverloaded_shared.AddressOfOperatorOverloaded_shared - -class TestFileQuery extends AddressOfOperatorOverloaded_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.expected b/cpp/common/test/rules/amixedusemacroargumentsubjecttoexpansion/AMixedUseMacroArgumentSubjectToExpansion.expected similarity index 100% rename from cpp/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.expected rename to cpp/common/test/rules/amixedusemacroargumentsubjecttoexpansion/AMixedUseMacroArgumentSubjectToExpansion.expected diff --git a/cpp/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.ql b/cpp/common/test/rules/amixedusemacroargumentsubjecttoexpansion/AMixedUseMacroArgumentSubjectToExpansion.ql similarity index 61% rename from cpp/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.ql rename to cpp/common/test/rules/amixedusemacroargumentsubjecttoexpansion/AMixedUseMacroArgumentSubjectToExpansion.ql index 8fc299b7f3..5aa514e86d 100644 --- a/cpp/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.ql +++ b/cpp/common/test/rules/amixedusemacroargumentsubjecttoexpansion/AMixedUseMacroArgumentSubjectToExpansion.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.amixedusemacroargumentsubjecttoexpansion_shared.AMixedUseMacroArgumentSubjectToExpansion_shared +import codingstandards.cpp.rules.amixedusemacroargumentsubjecttoexpansion.AMixedUseMacroArgumentSubjectToExpansion -class TestFileQuery extends AMixedUseMacroArgumentSubjectToExpansion_sharedSharedQuery, TestQuery { -} +class TestFileQuery extends AMixedUseMacroArgumentSubjectToExpansionSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/test.cpp b/cpp/common/test/rules/amixedusemacroargumentsubjecttoexpansion/test.cpp similarity index 100% rename from cpp/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/test.cpp rename to cpp/common/test/rules/amixedusemacroargumentsubjecttoexpansion/test.cpp diff --git a/cpp/common/test/rules/arraypassedasfunctionargumentdecaytoapointer_shared/ArrayPassedAsFunctionArgumentDecayToAPointer_shared.expected b/cpp/common/test/rules/arraypassedasfunctionargumentdecaytoapointer/ArrayPassedAsFunctionArgumentDecayToAPointer.expected similarity index 100% rename from cpp/common/test/rules/arraypassedasfunctionargumentdecaytoapointer_shared/ArrayPassedAsFunctionArgumentDecayToAPointer_shared.expected rename to cpp/common/test/rules/arraypassedasfunctionargumentdecaytoapointer/ArrayPassedAsFunctionArgumentDecayToAPointer.expected diff --git a/cpp/common/test/rules/arraypassedasfunctionargumentdecaytoapointer_shared/ArrayPassedAsFunctionArgumentDecayToAPointer_shared.ql b/cpp/common/test/rules/arraypassedasfunctionargumentdecaytoapointer/ArrayPassedAsFunctionArgumentDecayToAPointer.ql similarity index 58% rename from cpp/common/test/rules/arraypassedasfunctionargumentdecaytoapointer_shared/ArrayPassedAsFunctionArgumentDecayToAPointer_shared.ql rename to cpp/common/test/rules/arraypassedasfunctionargumentdecaytoapointer/ArrayPassedAsFunctionArgumentDecayToAPointer.ql index fd61a27184..929e5affdf 100644 --- a/cpp/common/test/rules/arraypassedasfunctionargumentdecaytoapointer_shared/ArrayPassedAsFunctionArgumentDecayToAPointer_shared.ql +++ b/cpp/common/test/rules/arraypassedasfunctionargumentdecaytoapointer/ArrayPassedAsFunctionArgumentDecayToAPointer.ql @@ -1,6 +1,4 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.arraypassedasfunctionargumentdecaytoapointer_shared.ArrayPassedAsFunctionArgumentDecayToAPointer_shared +import codingstandards.cpp.rules.arraypassedasfunctionargumentdecaytoapointer.ArrayPassedAsFunctionArgumentDecayToAPointer -class TestFileQuery extends ArrayPassedAsFunctionArgumentDecayToAPointer_sharedSharedQuery, - TestQuery -{ } +class TestFileQuery extends ArrayPassedAsFunctionArgumentDecayToAPointerSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/arraypassedasfunctionargumentdecaytoapointer_shared/test.cpp b/cpp/common/test/rules/arraypassedasfunctionargumentdecaytoapointer/test.cpp similarity index 100% rename from cpp/common/test/rules/arraypassedasfunctionargumentdecaytoapointer_shared/test.cpp rename to cpp/common/test/rules/arraypassedasfunctionargumentdecaytoapointer/test.cpp diff --git a/cpp/common/test/rules/asmdeclarationused_shared/AsmDeclarationUsed_shared.expected b/cpp/common/test/rules/asmdeclarationused/AsmDeclarationUsed.expected similarity index 100% rename from cpp/common/test/rules/asmdeclarationused_shared/AsmDeclarationUsed_shared.expected rename to cpp/common/test/rules/asmdeclarationused/AsmDeclarationUsed.expected diff --git a/cpp/common/test/rules/asmdeclarationused/AsmDeclarationUsed.ql b/cpp/common/test/rules/asmdeclarationused/AsmDeclarationUsed.ql new file mode 100644 index 0000000000..5e60570f5a --- /dev/null +++ b/cpp/common/test/rules/asmdeclarationused/AsmDeclarationUsed.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.asmdeclarationused.AsmDeclarationUsed + +class TestFileQuery extends AsmDeclarationUsedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/asmdeclarationused_shared/test.cpp b/cpp/common/test/rules/asmdeclarationused/test.cpp similarity index 100% rename from cpp/common/test/rules/asmdeclarationused_shared/test.cpp rename to cpp/common/test/rules/asmdeclarationused/test.cpp diff --git a/cpp/common/test/rules/asmdeclarationused_shared/AsmDeclarationUsed_shared.ql b/cpp/common/test/rules/asmdeclarationused_shared/AsmDeclarationUsed_shared.ql deleted file mode 100644 index 129fb3a5eb..0000000000 --- a/cpp/common/test/rules/asmdeclarationused_shared/AsmDeclarationUsed_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.asmdeclarationused_shared.AsmDeclarationUsed_shared - -class TestFileQuery extends AsmDeclarationUsed_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.expected b/cpp/common/test/rules/atofatoiatolandatollused/AtofAtoiAtolAndAtollUsed.expected similarity index 100% rename from cpp/common/test/rules/atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.expected rename to cpp/common/test/rules/atofatoiatolandatollused/AtofAtoiAtolAndAtollUsed.expected diff --git a/cpp/common/test/rules/atofatoiatolandatollused/AtofAtoiAtolAndAtollUsed.ql b/cpp/common/test/rules/atofatoiatolandatollused/AtofAtoiAtolAndAtollUsed.ql new file mode 100644 index 0000000000..6da5fe6097 --- /dev/null +++ b/cpp/common/test/rules/atofatoiatolandatollused/AtofAtoiAtolAndAtollUsed.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.atofatoiatolandatollused.AtofAtoiAtolAndAtollUsed + +class TestFileQuery extends AtofAtoiAtolAndAtollUsedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/atofatoiatolandatollused_shared/test.cpp b/cpp/common/test/rules/atofatoiatolandatollused/test.cpp similarity index 100% rename from cpp/common/test/rules/atofatoiatolandatollused_shared/test.cpp rename to cpp/common/test/rules/atofatoiatolandatollused/test.cpp diff --git a/cpp/common/test/rules/atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.ql b/cpp/common/test/rules/atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.ql deleted file mode 100644 index 75b1a7ea10..0000000000 --- a/cpp/common/test/rules/atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.atofatoiatolandatollused_shared.AtofAtoiAtolAndAtollUsed_shared - -class TestFileQuery extends AtofAtoiAtolAndAtollUsed_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/backslashcharactermisuse_shared/BackslashCharacterMisuse_shared.expected b/cpp/common/test/rules/backslashcharactermisuse/BackslashCharacterMisuse.expected similarity index 100% rename from cpp/common/test/rules/backslashcharactermisuse_shared/BackslashCharacterMisuse_shared.expected rename to cpp/common/test/rules/backslashcharactermisuse/BackslashCharacterMisuse.expected diff --git a/cpp/common/test/rules/backslashcharactermisuse/BackslashCharacterMisuse.ql b/cpp/common/test/rules/backslashcharactermisuse/BackslashCharacterMisuse.ql new file mode 100644 index 0000000000..aa32fa3096 --- /dev/null +++ b/cpp/common/test/rules/backslashcharactermisuse/BackslashCharacterMisuse.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.backslashcharactermisuse.BackslashCharacterMisuse + +class TestFileQuery extends BackslashCharacterMisuseSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/backslashcharactermisuse_shared/test.cpp b/cpp/common/test/rules/backslashcharactermisuse/test.cpp similarity index 100% rename from cpp/common/test/rules/backslashcharactermisuse_shared/test.cpp rename to cpp/common/test/rules/backslashcharactermisuse/test.cpp diff --git a/cpp/common/test/rules/backslashcharactermisuse_shared/BackslashCharacterMisuse_shared.ql b/cpp/common/test/rules/backslashcharactermisuse_shared/BackslashCharacterMisuse_shared.ql deleted file mode 100644 index ad9a9eb112..0000000000 --- a/cpp/common/test/rules/backslashcharactermisuse_shared/BackslashCharacterMisuse_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.backslashcharactermisuse_shared.BackslashCharacterMisuse_shared - -class TestFileQuery extends BackslashCharacterMisuse_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.expected b/cpp/common/test/rules/bitfieldshallhaveanappropriatetype/BitFieldShallHaveAnAppropriateType.expected similarity index 100% rename from cpp/common/test/rules/bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.expected rename to cpp/common/test/rules/bitfieldshallhaveanappropriatetype/BitFieldShallHaveAnAppropriateType.expected diff --git a/cpp/common/test/rules/bitfieldshallhaveanappropriatetype/BitFieldShallHaveAnAppropriateType.ql b/cpp/common/test/rules/bitfieldshallhaveanappropriatetype/BitFieldShallHaveAnAppropriateType.ql new file mode 100644 index 0000000000..a3e1ecc76c --- /dev/null +++ b/cpp/common/test/rules/bitfieldshallhaveanappropriatetype/BitFieldShallHaveAnAppropriateType.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.bitfieldshallhaveanappropriatetype.BitFieldShallHaveAnAppropriateType + +class TestFileQuery extends BitFieldShallHaveAnAppropriateTypeSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/bitfieldshallhaveanappropriatetype_shared/test.cpp b/cpp/common/test/rules/bitfieldshallhaveanappropriatetype/test.cpp similarity index 100% rename from cpp/common/test/rules/bitfieldshallhaveanappropriatetype_shared/test.cpp rename to cpp/common/test/rules/bitfieldshallhaveanappropriatetype/test.cpp diff --git a/cpp/common/test/rules/bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.ql b/cpp/common/test/rules/bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.ql deleted file mode 100644 index e460832dc7..0000000000 --- a/cpp/common/test/rules/bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.bitfieldshallhaveanappropriatetype_shared.BitFieldShallHaveAnAppropriateType_shared - -class TestFileQuery extends BitFieldShallHaveAnAppropriateType_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/builtinunaryoperatorappliedtounsignedexpression_shared/BuiltInUnaryOperatorAppliedToUnsignedExpression_shared.expected b/cpp/common/test/rules/builtinunaryoperatorappliedtounsignedexpression/BuiltInUnaryOperatorAppliedToUnsignedExpression.expected similarity index 100% rename from cpp/common/test/rules/builtinunaryoperatorappliedtounsignedexpression_shared/BuiltInUnaryOperatorAppliedToUnsignedExpression_shared.expected rename to cpp/common/test/rules/builtinunaryoperatorappliedtounsignedexpression/BuiltInUnaryOperatorAppliedToUnsignedExpression.expected diff --git a/cpp/common/test/rules/builtinunaryoperatorappliedtounsignedexpression_shared/BuiltInUnaryOperatorAppliedToUnsignedExpression_shared.ql b/cpp/common/test/rules/builtinunaryoperatorappliedtounsignedexpression/BuiltInUnaryOperatorAppliedToUnsignedExpression.ql similarity index 56% rename from cpp/common/test/rules/builtinunaryoperatorappliedtounsignedexpression_shared/BuiltInUnaryOperatorAppliedToUnsignedExpression_shared.ql rename to cpp/common/test/rules/builtinunaryoperatorappliedtounsignedexpression/BuiltInUnaryOperatorAppliedToUnsignedExpression.ql index d7b6f1d4cb..3f5110e299 100644 --- a/cpp/common/test/rules/builtinunaryoperatorappliedtounsignedexpression_shared/BuiltInUnaryOperatorAppliedToUnsignedExpression_shared.ql +++ b/cpp/common/test/rules/builtinunaryoperatorappliedtounsignedexpression/BuiltInUnaryOperatorAppliedToUnsignedExpression.ql @@ -1,6 +1,5 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.builtinunaryoperatorappliedtounsignedexpression_shared.BuiltInUnaryOperatorAppliedToUnsignedExpression_shared +import codingstandards.cpp.rules.builtinunaryoperatorappliedtounsignedexpression.BuiltInUnaryOperatorAppliedToUnsignedExpression -class TestFileQuery extends BuiltInUnaryOperatorAppliedToUnsignedExpression_sharedSharedQuery, - TestQuery -{ } +class TestFileQuery extends BuiltInUnaryOperatorAppliedToUnsignedExpressionSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/builtinunaryoperatorappliedtounsignedexpression_shared/test.cpp b/cpp/common/test/rules/builtinunaryoperatorappliedtounsignedexpression/test.cpp similarity index 100% rename from cpp/common/test/rules/builtinunaryoperatorappliedtounsignedexpression_shared/test.cpp rename to cpp/common/test/rules/builtinunaryoperatorappliedtounsignedexpression/test.cpp diff --git a/cpp/common/test/rules/castsbetweenapointertofunctionandanyothertype_shared/CastsBetweenAPointerToFunctionAndAnyOtherType_shared.expected b/cpp/common/test/rules/castsbetweenapointertofunctionandanyothertype/CastsBetweenAPointerToFunctionAndAnyOtherType.expected similarity index 100% rename from cpp/common/test/rules/castsbetweenapointertofunctionandanyothertype_shared/CastsBetweenAPointerToFunctionAndAnyOtherType_shared.expected rename to cpp/common/test/rules/castsbetweenapointertofunctionandanyothertype/CastsBetweenAPointerToFunctionAndAnyOtherType.expected diff --git a/cpp/common/test/rules/castsbetweenapointertofunctionandanyothertype_shared/CastsBetweenAPointerToFunctionAndAnyOtherType_shared.ql b/cpp/common/test/rules/castsbetweenapointertofunctionandanyothertype/CastsBetweenAPointerToFunctionAndAnyOtherType.ql similarity index 57% rename from cpp/common/test/rules/castsbetweenapointertofunctionandanyothertype_shared/CastsBetweenAPointerToFunctionAndAnyOtherType_shared.ql rename to cpp/common/test/rules/castsbetweenapointertofunctionandanyothertype/CastsBetweenAPointerToFunctionAndAnyOtherType.ql index 5fb036e12f..fd716b8570 100644 --- a/cpp/common/test/rules/castsbetweenapointertofunctionandanyothertype_shared/CastsBetweenAPointerToFunctionAndAnyOtherType_shared.ql +++ b/cpp/common/test/rules/castsbetweenapointertofunctionandanyothertype/CastsBetweenAPointerToFunctionAndAnyOtherType.ql @@ -1,6 +1,4 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.castsbetweenapointertofunctionandanyothertype_shared.CastsBetweenAPointerToFunctionAndAnyOtherType_shared +import codingstandards.cpp.rules.castsbetweenapointertofunctionandanyothertype.CastsBetweenAPointerToFunctionAndAnyOtherType -class TestFileQuery extends CastsBetweenAPointerToFunctionAndAnyOtherType_sharedSharedQuery, - TestQuery -{ } +class TestFileQuery extends CastsBetweenAPointerToFunctionAndAnyOtherTypeSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/castsbetweenapointertofunctionandanyothertype_shared/test.cpp b/cpp/common/test/rules/castsbetweenapointertofunctionandanyothertype/test.cpp similarity index 100% rename from cpp/common/test/rules/castsbetweenapointertofunctionandanyothertype_shared/test.cpp rename to cpp/common/test/rules/castsbetweenapointertofunctionandanyothertype/test.cpp diff --git a/cpp/common/test/rules/charactersequenceusedwithinacstylecomment_shared/CharacterSequenceUsedWithinACStyleComment_shared.expected b/cpp/common/test/rules/charactersequenceusedwithinacstylecomment/CharacterSequenceUsedWithinACStyleComment.expected similarity index 100% rename from cpp/common/test/rules/charactersequenceusedwithinacstylecomment_shared/CharacterSequenceUsedWithinACStyleComment_shared.expected rename to cpp/common/test/rules/charactersequenceusedwithinacstylecomment/CharacterSequenceUsedWithinACStyleComment.expected diff --git a/cpp/common/test/rules/charactersequenceusedwithinacstylecomment_shared/CharacterSequenceUsedWithinACStyleComment_shared.ql b/cpp/common/test/rules/charactersequenceusedwithinacstylecomment/CharacterSequenceUsedWithinACStyleComment.ql similarity index 60% rename from cpp/common/test/rules/charactersequenceusedwithinacstylecomment_shared/CharacterSequenceUsedWithinACStyleComment_shared.ql rename to cpp/common/test/rules/charactersequenceusedwithinacstylecomment/CharacterSequenceUsedWithinACStyleComment.ql index d172827f54..3fd1cf77ba 100644 --- a/cpp/common/test/rules/charactersequenceusedwithinacstylecomment_shared/CharacterSequenceUsedWithinACStyleComment_shared.ql +++ b/cpp/common/test/rules/charactersequenceusedwithinacstylecomment/CharacterSequenceUsedWithinACStyleComment.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.charactersequenceusedwithinacstylecomment_shared.CharacterSequenceUsedWithinACStyleComment_shared +import codingstandards.cpp.rules.charactersequenceusedwithinacstylecomment.CharacterSequenceUsedWithinACStyleComment -class TestFileQuery extends CharacterSequenceUsedWithinACStyleComment_sharedSharedQuery, TestQuery { -} +class TestFileQuery extends CharacterSequenceUsedWithinACStyleCommentSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/charactersequenceusedwithinacstylecomment_shared/test.cpp b/cpp/common/test/rules/charactersequenceusedwithinacstylecomment/test.cpp similarity index 100% rename from cpp/common/test/rules/charactersequenceusedwithinacstylecomment_shared/test.cpp rename to cpp/common/test/rules/charactersequenceusedwithinacstylecomment/test.cpp diff --git a/cpp/common/test/rules/copyandmoveassignmentsshallhandleselfassignment_shared/CopyAndMoveAssignmentsShallHandleSelfAssignment_shared.expected b/cpp/common/test/rules/copyandmoveassignmentsshallhandleselfassignment/CopyAndMoveAssignmentsShallHandleSelfAssignment.expected similarity index 100% rename from cpp/common/test/rules/copyandmoveassignmentsshallhandleselfassignment_shared/CopyAndMoveAssignmentsShallHandleSelfAssignment_shared.expected rename to cpp/common/test/rules/copyandmoveassignmentsshallhandleselfassignment/CopyAndMoveAssignmentsShallHandleSelfAssignment.expected diff --git a/cpp/common/test/rules/copyandmoveassignmentsshallhandleselfassignment_shared/CopyAndMoveAssignmentsShallHandleSelfAssignment_shared.ql b/cpp/common/test/rules/copyandmoveassignmentsshallhandleselfassignment/CopyAndMoveAssignmentsShallHandleSelfAssignment.ql similarity index 56% rename from cpp/common/test/rules/copyandmoveassignmentsshallhandleselfassignment_shared/CopyAndMoveAssignmentsShallHandleSelfAssignment_shared.ql rename to cpp/common/test/rules/copyandmoveassignmentsshallhandleselfassignment/CopyAndMoveAssignmentsShallHandleSelfAssignment.ql index 8d4b1e8f6f..9e84431f65 100644 --- a/cpp/common/test/rules/copyandmoveassignmentsshallhandleselfassignment_shared/CopyAndMoveAssignmentsShallHandleSelfAssignment_shared.ql +++ b/cpp/common/test/rules/copyandmoveassignmentsshallhandleselfassignment/CopyAndMoveAssignmentsShallHandleSelfAssignment.ql @@ -1,6 +1,5 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.copyandmoveassignmentsshallhandleselfassignment_shared.CopyAndMoveAssignmentsShallHandleSelfAssignment_shared +import codingstandards.cpp.rules.copyandmoveassignmentsshallhandleselfassignment.CopyAndMoveAssignmentsShallHandleSelfAssignment -class TestFileQuery extends CopyAndMoveAssignmentsShallHandleSelfAssignment_sharedSharedQuery, - TestQuery -{ } +class TestFileQuery extends CopyAndMoveAssignmentsShallHandleSelfAssignmentSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/copyandmoveassignmentsshallhandleselfassignment_shared/test.cpp b/cpp/common/test/rules/copyandmoveassignmentsshallhandleselfassignment/test.cpp similarity index 100% rename from cpp/common/test/rules/copyandmoveassignmentsshallhandleselfassignment_shared/test.cpp rename to cpp/common/test/rules/copyandmoveassignmentsshallhandleselfassignment/test.cpp diff --git a/cpp/common/test/rules/csignalfunctionsused_shared/CsignalFunctionsUsed_shared.expected b/cpp/common/test/rules/csignalfunctionsused/CsignalFunctionsUsed.expected similarity index 100% rename from cpp/common/test/rules/csignalfunctionsused_shared/CsignalFunctionsUsed_shared.expected rename to cpp/common/test/rules/csignalfunctionsused/CsignalFunctionsUsed.expected diff --git a/cpp/common/test/rules/csignalfunctionsused/CsignalFunctionsUsed.ql b/cpp/common/test/rules/csignalfunctionsused/CsignalFunctionsUsed.ql new file mode 100644 index 0000000000..1d39069ae7 --- /dev/null +++ b/cpp/common/test/rules/csignalfunctionsused/CsignalFunctionsUsed.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.csignalfunctionsused.CsignalFunctionsUsed + +class TestFileQuery extends CsignalFunctionsUsedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/csignalfunctionsused_shared/test.cpp b/cpp/common/test/rules/csignalfunctionsused/test.cpp similarity index 100% rename from cpp/common/test/rules/csignalfunctionsused_shared/test.cpp rename to cpp/common/test/rules/csignalfunctionsused/test.cpp diff --git a/cpp/common/test/rules/csignalfunctionsused_shared/CsignalFunctionsUsed_shared.ql b/cpp/common/test/rules/csignalfunctionsused_shared/CsignalFunctionsUsed_shared.ql deleted file mode 100644 index d17d984621..0000000000 --- a/cpp/common/test/rules/csignalfunctionsused_shared/CsignalFunctionsUsed_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.csignalfunctionsused_shared.CsignalFunctionsUsed_shared - -class TestFileQuery extends CsignalFunctionsUsed_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/csignaltypesused_shared/CsignalTypesUsed_shared.expected b/cpp/common/test/rules/csignaltypesused/CsignalTypesUsed.expected similarity index 100% rename from cpp/common/test/rules/csignaltypesused_shared/CsignalTypesUsed_shared.expected rename to cpp/common/test/rules/csignaltypesused/CsignalTypesUsed.expected diff --git a/cpp/common/test/rules/csignaltypesused/CsignalTypesUsed.ql b/cpp/common/test/rules/csignaltypesused/CsignalTypesUsed.ql new file mode 100644 index 0000000000..76cc8aad04 --- /dev/null +++ b/cpp/common/test/rules/csignaltypesused/CsignalTypesUsed.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.csignaltypesused.CsignalTypesUsed + +class TestFileQuery extends CsignalTypesUsedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/csignaltypesused_shared/test.cpp b/cpp/common/test/rules/csignaltypesused/test.cpp similarity index 100% rename from cpp/common/test/rules/csignaltypesused_shared/test.cpp rename to cpp/common/test/rules/csignaltypesused/test.cpp diff --git a/cpp/common/test/rules/csignaltypesused_shared/CsignalTypesUsed_shared.ql b/cpp/common/test/rules/csignaltypesused_shared/CsignalTypesUsed_shared.ql deleted file mode 100644 index 57b937cb94..0000000000 --- a/cpp/common/test/rules/csignaltypesused_shared/CsignalTypesUsed_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.csignaltypesused_shared.CsignalTypesUsed_shared - -class TestFileQuery extends CsignalTypesUsed_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/cstdiofunctionsused_shared/CstdioFunctionsUsed_shared.expected b/cpp/common/test/rules/cstdiofunctionsused/CstdioFunctionsUsed.expected similarity index 100% rename from cpp/common/test/rules/cstdiofunctionsused_shared/CstdioFunctionsUsed_shared.expected rename to cpp/common/test/rules/cstdiofunctionsused/CstdioFunctionsUsed.expected diff --git a/cpp/common/test/rules/cstdiofunctionsused/CstdioFunctionsUsed.ql b/cpp/common/test/rules/cstdiofunctionsused/CstdioFunctionsUsed.ql new file mode 100644 index 0000000000..16dbb974b6 --- /dev/null +++ b/cpp/common/test/rules/cstdiofunctionsused/CstdioFunctionsUsed.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.cstdiofunctionsused.CstdioFunctionsUsed + +class TestFileQuery extends CstdioFunctionsUsedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/cstdiofunctionsused_shared/test.cpp b/cpp/common/test/rules/cstdiofunctionsused/test.cpp similarity index 100% rename from cpp/common/test/rules/cstdiofunctionsused_shared/test.cpp rename to cpp/common/test/rules/cstdiofunctionsused/test.cpp diff --git a/cpp/common/test/rules/cstdiofunctionsused_shared/CstdioFunctionsUsed_shared.ql b/cpp/common/test/rules/cstdiofunctionsused_shared/CstdioFunctionsUsed_shared.ql deleted file mode 100644 index f7066f041f..0000000000 --- a/cpp/common/test/rules/cstdiofunctionsused_shared/CstdioFunctionsUsed_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.cstdiofunctionsused_shared.CstdioFunctionsUsed_shared - -class TestFileQuery extends CstdioFunctionsUsed_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/cstdiomacrosused_shared/CstdioMacrosUsed_shared.expected b/cpp/common/test/rules/cstdiomacrosused/CstdioMacrosUsed.expected similarity index 100% rename from cpp/common/test/rules/cstdiomacrosused_shared/CstdioMacrosUsed_shared.expected rename to cpp/common/test/rules/cstdiomacrosused/CstdioMacrosUsed.expected diff --git a/cpp/common/test/rules/cstdiomacrosused/CstdioMacrosUsed.ql b/cpp/common/test/rules/cstdiomacrosused/CstdioMacrosUsed.ql new file mode 100644 index 0000000000..79ab6086b1 --- /dev/null +++ b/cpp/common/test/rules/cstdiomacrosused/CstdioMacrosUsed.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.cstdiomacrosused.CstdioMacrosUsed + +class TestFileQuery extends CstdioMacrosUsedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/cstdiomacrosused_shared/test.cpp b/cpp/common/test/rules/cstdiomacrosused/test.cpp similarity index 100% rename from cpp/common/test/rules/cstdiomacrosused_shared/test.cpp rename to cpp/common/test/rules/cstdiomacrosused/test.cpp diff --git a/cpp/common/test/rules/cstdiomacrosused_shared/CstdioMacrosUsed_shared.ql b/cpp/common/test/rules/cstdiomacrosused_shared/CstdioMacrosUsed_shared.ql deleted file mode 100644 index 3b1a3d4dae..0000000000 --- a/cpp/common/test/rules/cstdiomacrosused_shared/CstdioMacrosUsed_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.cstdiomacrosused_shared.CstdioMacrosUsed_shared - -class TestFileQuery extends CstdioMacrosUsed_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/cstdiotypesused_shared/CstdioTypesUsed_shared.expected b/cpp/common/test/rules/cstdiotypesused/CstdioTypesUsed.expected similarity index 100% rename from cpp/common/test/rules/cstdiotypesused_shared/CstdioTypesUsed_shared.expected rename to cpp/common/test/rules/cstdiotypesused/CstdioTypesUsed.expected diff --git a/cpp/common/test/rules/cstdiotypesused/CstdioTypesUsed.ql b/cpp/common/test/rules/cstdiotypesused/CstdioTypesUsed.ql new file mode 100644 index 0000000000..c5bac15c65 --- /dev/null +++ b/cpp/common/test/rules/cstdiotypesused/CstdioTypesUsed.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.cstdiotypesused.CstdioTypesUsed + +class TestFileQuery extends CstdioTypesUsedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/cstdiotypesused_shared/test.cpp b/cpp/common/test/rules/cstdiotypesused/test.cpp similarity index 100% rename from cpp/common/test/rules/cstdiotypesused_shared/test.cpp rename to cpp/common/test/rules/cstdiotypesused/test.cpp diff --git a/cpp/common/test/rules/cstdiotypesused_shared/CstdioTypesUsed_shared.ql b/cpp/common/test/rules/cstdiotypesused_shared/CstdioTypesUsed_shared.ql deleted file mode 100644 index 5e03cf9517..0000000000 --- a/cpp/common/test/rules/cstdiotypesused_shared/CstdioTypesUsed_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.cstdiotypesused_shared.CstdioTypesUsed_shared - -class TestFileQuery extends CstdioTypesUsed_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/definitionnotconsideredforunqualifiedlookup_shared/DefinitionNotConsideredForUnqualifiedLookup_shared.expected b/cpp/common/test/rules/definitionnotconsideredforunqualifiedlookup/DefinitionNotConsideredForUnqualifiedLookup.expected similarity index 100% rename from cpp/common/test/rules/definitionnotconsideredforunqualifiedlookup_shared/DefinitionNotConsideredForUnqualifiedLookup_shared.expected rename to cpp/common/test/rules/definitionnotconsideredforunqualifiedlookup/DefinitionNotConsideredForUnqualifiedLookup.expected diff --git a/cpp/common/test/rules/definitionnotconsideredforunqualifiedlookup_shared/DefinitionNotConsideredForUnqualifiedLookup_shared.ql b/cpp/common/test/rules/definitionnotconsideredforunqualifiedlookup/DefinitionNotConsideredForUnqualifiedLookup.ql similarity index 59% rename from cpp/common/test/rules/definitionnotconsideredforunqualifiedlookup_shared/DefinitionNotConsideredForUnqualifiedLookup_shared.ql rename to cpp/common/test/rules/definitionnotconsideredforunqualifiedlookup/DefinitionNotConsideredForUnqualifiedLookup.ql index 97943daa7f..05457c997c 100644 --- a/cpp/common/test/rules/definitionnotconsideredforunqualifiedlookup_shared/DefinitionNotConsideredForUnqualifiedLookup_shared.ql +++ b/cpp/common/test/rules/definitionnotconsideredforunqualifiedlookup/DefinitionNotConsideredForUnqualifiedLookup.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.definitionnotconsideredforunqualifiedlookup_shared.DefinitionNotConsideredForUnqualifiedLookup_shared +import codingstandards.cpp.rules.definitionnotconsideredforunqualifiedlookup.DefinitionNotConsideredForUnqualifiedLookup -class TestFileQuery extends DefinitionNotConsideredForUnqualifiedLookup_sharedSharedQuery, TestQuery -{ } +class TestFileQuery extends DefinitionNotConsideredForUnqualifiedLookupSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/definitionnotconsideredforunqualifiedlookup_shared/test.cpp b/cpp/common/test/rules/definitionnotconsideredforunqualifiedlookup/test.cpp similarity index 100% rename from cpp/common/test/rules/definitionnotconsideredforunqualifiedlookup_shared/test.cpp rename to cpp/common/test/rules/definitionnotconsideredforunqualifiedlookup/test.cpp diff --git a/cpp/common/test/rules/emptythrowonlywithinacatchhandler_shared/EmptyThrowOnlyWithinACatchHandler_shared.expected b/cpp/common/test/rules/emptythrowonlywithinacatchhandler/EmptyThrowOnlyWithinACatchHandler.expected similarity index 100% rename from cpp/common/test/rules/emptythrowonlywithinacatchhandler_shared/EmptyThrowOnlyWithinACatchHandler_shared.expected rename to cpp/common/test/rules/emptythrowonlywithinacatchhandler/EmptyThrowOnlyWithinACatchHandler.expected diff --git a/cpp/common/test/rules/emptythrowonlywithinacatchhandler/EmptyThrowOnlyWithinACatchHandler.ql b/cpp/common/test/rules/emptythrowonlywithinacatchhandler/EmptyThrowOnlyWithinACatchHandler.ql new file mode 100644 index 0000000000..a07b861639 --- /dev/null +++ b/cpp/common/test/rules/emptythrowonlywithinacatchhandler/EmptyThrowOnlyWithinACatchHandler.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.emptythrowonlywithinacatchhandler.EmptyThrowOnlyWithinACatchHandler + +class TestFileQuery extends EmptyThrowOnlyWithinACatchHandlerSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/emptythrowonlywithinacatchhandler_shared/test.cpp b/cpp/common/test/rules/emptythrowonlywithinacatchhandler/test.cpp similarity index 100% rename from cpp/common/test/rules/emptythrowonlywithinacatchhandler_shared/test.cpp rename to cpp/common/test/rules/emptythrowonlywithinacatchhandler/test.cpp diff --git a/cpp/common/test/rules/emptythrowonlywithinacatchhandler_shared/EmptyThrowOnlyWithinACatchHandler_shared.ql b/cpp/common/test/rules/emptythrowonlywithinacatchhandler_shared/EmptyThrowOnlyWithinACatchHandler_shared.ql deleted file mode 100644 index 388419946e..0000000000 --- a/cpp/common/test/rules/emptythrowonlywithinacatchhandler_shared/EmptyThrowOnlyWithinACatchHandler_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.emptythrowonlywithinacatchhandler_shared.EmptyThrowOnlyWithinACatchHandler_shared - -class TestFileQuery extends EmptyThrowOnlyWithinACatchHandler_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/enumerationnotdefinedwithanexplicitunderlyingtype_shared/EnumerationNotDefinedWithAnExplicitUnderlyingType_shared.expected b/cpp/common/test/rules/enumerationnotdefinedwithanexplicitunderlyingtype/EnumerationNotDefinedWithAnExplicitUnderlyingType.expected similarity index 100% rename from cpp/common/test/rules/enumerationnotdefinedwithanexplicitunderlyingtype_shared/EnumerationNotDefinedWithAnExplicitUnderlyingType_shared.expected rename to cpp/common/test/rules/enumerationnotdefinedwithanexplicitunderlyingtype/EnumerationNotDefinedWithAnExplicitUnderlyingType.expected diff --git a/cpp/common/test/rules/enumerationnotdefinedwithanexplicitunderlyingtype_shared/EnumerationNotDefinedWithAnExplicitUnderlyingType_shared.ql b/cpp/common/test/rules/enumerationnotdefinedwithanexplicitunderlyingtype/EnumerationNotDefinedWithAnExplicitUnderlyingType.ql similarity index 55% rename from cpp/common/test/rules/enumerationnotdefinedwithanexplicitunderlyingtype_shared/EnumerationNotDefinedWithAnExplicitUnderlyingType_shared.ql rename to cpp/common/test/rules/enumerationnotdefinedwithanexplicitunderlyingtype/EnumerationNotDefinedWithAnExplicitUnderlyingType.ql index 2ede7c3cea..999f505c5f 100644 --- a/cpp/common/test/rules/enumerationnotdefinedwithanexplicitunderlyingtype_shared/EnumerationNotDefinedWithAnExplicitUnderlyingType_shared.ql +++ b/cpp/common/test/rules/enumerationnotdefinedwithanexplicitunderlyingtype/EnumerationNotDefinedWithAnExplicitUnderlyingType.ql @@ -1,6 +1,5 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.enumerationnotdefinedwithanexplicitunderlyingtype_shared.EnumerationNotDefinedWithAnExplicitUnderlyingType_shared +import codingstandards.cpp.rules.enumerationnotdefinedwithanexplicitunderlyingtype.EnumerationNotDefinedWithAnExplicitUnderlyingType -class TestFileQuery extends EnumerationNotDefinedWithAnExplicitUnderlyingType_sharedSharedQuery, - TestQuery -{ } +class TestFileQuery extends EnumerationNotDefinedWithAnExplicitUnderlyingTypeSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/enumerationnotdefinedwithanexplicitunderlyingtype_shared/test.cpp b/cpp/common/test/rules/enumerationnotdefinedwithanexplicitunderlyingtype/test.cpp similarity index 100% rename from cpp/common/test/rules/enumerationnotdefinedwithanexplicitunderlyingtype_shared/test.cpp rename to cpp/common/test/rules/enumerationnotdefinedwithanexplicitunderlyingtype/test.cpp diff --git a/cpp/common/test/rules/exceptionobjecthavepointertype_shared/ExceptionObjectHavePointerType_shared.expected b/cpp/common/test/rules/exceptionobjecthavepointertype/ExceptionObjectHavePointerType.expected similarity index 100% rename from cpp/common/test/rules/exceptionobjecthavepointertype_shared/ExceptionObjectHavePointerType_shared.expected rename to cpp/common/test/rules/exceptionobjecthavepointertype/ExceptionObjectHavePointerType.expected diff --git a/cpp/common/test/rules/exceptionobjecthavepointertype/ExceptionObjectHavePointerType.ql b/cpp/common/test/rules/exceptionobjecthavepointertype/ExceptionObjectHavePointerType.ql new file mode 100644 index 0000000000..d0727790d3 --- /dev/null +++ b/cpp/common/test/rules/exceptionobjecthavepointertype/ExceptionObjectHavePointerType.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.exceptionobjecthavepointertype.ExceptionObjectHavePointerType + +class TestFileQuery extends ExceptionObjectHavePointerTypeSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/exceptionobjecthavepointertype_shared/test.cpp b/cpp/common/test/rules/exceptionobjecthavepointertype/test.cpp similarity index 100% rename from cpp/common/test/rules/exceptionobjecthavepointertype_shared/test.cpp rename to cpp/common/test/rules/exceptionobjecthavepointertype/test.cpp diff --git a/cpp/common/test/rules/exceptionobjecthavepointertype_shared/ExceptionObjectHavePointerType_shared.ql b/cpp/common/test/rules/exceptionobjecthavepointertype_shared/ExceptionObjectHavePointerType_shared.ql deleted file mode 100644 index 43fec407b5..0000000000 --- a/cpp/common/test/rules/exceptionobjecthavepointertype_shared/ExceptionObjectHavePointerType_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.exceptionobjecthavepointertype_shared.ExceptionObjectHavePointerType_shared - -class TestFileQuery extends ExceptionObjectHavePointerType_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/forwardingreferencesandforwardnotusedtogether_shared/ForwardingReferencesAndForwardNotUsedTogether_shared.expected b/cpp/common/test/rules/forwardingreferencesandforwardnotusedtogether/ForwardingReferencesAndForwardNotUsedTogether.expected similarity index 100% rename from cpp/common/test/rules/forwardingreferencesandforwardnotusedtogether_shared/ForwardingReferencesAndForwardNotUsedTogether_shared.expected rename to cpp/common/test/rules/forwardingreferencesandforwardnotusedtogether/ForwardingReferencesAndForwardNotUsedTogether.expected diff --git a/cpp/common/test/rules/forwardingreferencesandforwardnotusedtogether_shared/ForwardingReferencesAndForwardNotUsedTogether_shared.ql b/cpp/common/test/rules/forwardingreferencesandforwardnotusedtogether/ForwardingReferencesAndForwardNotUsedTogether.ql similarity index 57% rename from cpp/common/test/rules/forwardingreferencesandforwardnotusedtogether_shared/ForwardingReferencesAndForwardNotUsedTogether_shared.ql rename to cpp/common/test/rules/forwardingreferencesandforwardnotusedtogether/ForwardingReferencesAndForwardNotUsedTogether.ql index 98ee8b8c23..4f08530f35 100644 --- a/cpp/common/test/rules/forwardingreferencesandforwardnotusedtogether_shared/ForwardingReferencesAndForwardNotUsedTogether_shared.ql +++ b/cpp/common/test/rules/forwardingreferencesandforwardnotusedtogether/ForwardingReferencesAndForwardNotUsedTogether.ql @@ -1,6 +1,4 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.forwardingreferencesandforwardnotusedtogether_shared.ForwardingReferencesAndForwardNotUsedTogether_shared +import codingstandards.cpp.rules.forwardingreferencesandforwardnotusedtogether.ForwardingReferencesAndForwardNotUsedTogether -class TestFileQuery extends ForwardingReferencesAndForwardNotUsedTogether_sharedSharedQuery, - TestQuery -{ } +class TestFileQuery extends ForwardingReferencesAndForwardNotUsedTogetherSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/forwardingreferencesandforwardnotusedtogether_shared/test.cpp b/cpp/common/test/rules/forwardingreferencesandforwardnotusedtogether/test.cpp similarity index 100% rename from cpp/common/test/rules/forwardingreferencesandforwardnotusedtogether_shared/test.cpp rename to cpp/common/test/rules/forwardingreferencesandforwardnotusedtogether/test.cpp diff --git a/cpp/common/test/rules/functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.expected b/cpp/common/test/rules/functionlikemacrosdefined/FunctionLikeMacrosDefined.expected similarity index 100% rename from cpp/common/test/rules/functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.expected rename to cpp/common/test/rules/functionlikemacrosdefined/FunctionLikeMacrosDefined.expected diff --git a/cpp/common/test/rules/functionlikemacrosdefined/FunctionLikeMacrosDefined.ql b/cpp/common/test/rules/functionlikemacrosdefined/FunctionLikeMacrosDefined.ql new file mode 100644 index 0000000000..29088c4458 --- /dev/null +++ b/cpp/common/test/rules/functionlikemacrosdefined/FunctionLikeMacrosDefined.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.functionlikemacrosdefined.FunctionLikeMacrosDefined + +class TestFileQuery extends FunctionLikeMacrosDefinedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/functionlikemacrosdefined_shared/test.cpp b/cpp/common/test/rules/functionlikemacrosdefined/test.cpp similarity index 100% rename from cpp/common/test/rules/functionlikemacrosdefined_shared/test.cpp rename to cpp/common/test/rules/functionlikemacrosdefined/test.cpp diff --git a/cpp/common/test/rules/functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.ql b/cpp/common/test/rules/functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.ql deleted file mode 100644 index 062cce047c..0000000000 --- a/cpp/common/test/rules/functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.functionlikemacrosdefined_shared.FunctionLikeMacrosDefined_shared - -class TestFileQuery extends FunctionLikeMacrosDefined_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/functionscallthemselveseitherdirectlyorindirectly_shared/FunctionsCallThemselvesEitherDirectlyOrIndirectly_shared.expected b/cpp/common/test/rules/functionscallthemselveseitherdirectlyorindirectly/FunctionsCallThemselvesEitherDirectlyOrIndirectly.expected similarity index 100% rename from cpp/common/test/rules/functionscallthemselveseitherdirectlyorindirectly_shared/FunctionsCallThemselvesEitherDirectlyOrIndirectly_shared.expected rename to cpp/common/test/rules/functionscallthemselveseitherdirectlyorindirectly/FunctionsCallThemselvesEitherDirectlyOrIndirectly.expected diff --git a/cpp/common/test/rules/functionscallthemselveseitherdirectlyorindirectly_shared/FunctionsCallThemselvesEitherDirectlyOrIndirectly_shared.ql b/cpp/common/test/rules/functionscallthemselveseitherdirectlyorindirectly/FunctionsCallThemselvesEitherDirectlyOrIndirectly.ql similarity index 55% rename from cpp/common/test/rules/functionscallthemselveseitherdirectlyorindirectly_shared/FunctionsCallThemselvesEitherDirectlyOrIndirectly_shared.ql rename to cpp/common/test/rules/functionscallthemselveseitherdirectlyorindirectly/FunctionsCallThemselvesEitherDirectlyOrIndirectly.ql index 91a244c8a4..e95ba9b7f7 100644 --- a/cpp/common/test/rules/functionscallthemselveseitherdirectlyorindirectly_shared/FunctionsCallThemselvesEitherDirectlyOrIndirectly_shared.ql +++ b/cpp/common/test/rules/functionscallthemselveseitherdirectlyorindirectly/FunctionsCallThemselvesEitherDirectlyOrIndirectly.ql @@ -1,6 +1,5 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.functionscallthemselveseitherdirectlyorindirectly_shared.FunctionsCallThemselvesEitherDirectlyOrIndirectly_shared +import codingstandards.cpp.rules.functionscallthemselveseitherdirectlyorindirectly.FunctionsCallThemselvesEitherDirectlyOrIndirectly -class TestFileQuery extends FunctionsCallThemselvesEitherDirectlyOrIndirectly_sharedSharedQuery, - TestQuery -{ } +class TestFileQuery extends FunctionsCallThemselvesEitherDirectlyOrIndirectlySharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/functionscallthemselveseitherdirectlyorindirectly_shared/test.cpp b/cpp/common/test/rules/functionscallthemselveseitherdirectlyorindirectly/test.cpp similarity index 100% rename from cpp/common/test/rules/functionscallthemselveseitherdirectlyorindirectly_shared/test.cpp rename to cpp/common/test/rules/functionscallthemselveseitherdirectlyorindirectly/test.cpp diff --git a/cpp/common/test/rules/functiontemplatesexplicitlyspecialized_shared/FunctionTemplatesExplicitlySpecialized_shared.expected b/cpp/common/test/rules/functiontemplatesexplicitlyspecialized/FunctionTemplatesExplicitlySpecialized.expected similarity index 100% rename from cpp/common/test/rules/functiontemplatesexplicitlyspecialized_shared/FunctionTemplatesExplicitlySpecialized_shared.expected rename to cpp/common/test/rules/functiontemplatesexplicitlyspecialized/FunctionTemplatesExplicitlySpecialized.expected diff --git a/cpp/common/test/rules/functiontemplatesexplicitlyspecialized_shared/FunctionTemplatesExplicitlySpecialized_shared.ql b/cpp/common/test/rules/functiontemplatesexplicitlyspecialized/FunctionTemplatesExplicitlySpecialized.ql similarity index 62% rename from cpp/common/test/rules/functiontemplatesexplicitlyspecialized_shared/FunctionTemplatesExplicitlySpecialized_shared.ql rename to cpp/common/test/rules/functiontemplatesexplicitlyspecialized/FunctionTemplatesExplicitlySpecialized.ql index 9301154455..a64a9786b6 100644 --- a/cpp/common/test/rules/functiontemplatesexplicitlyspecialized_shared/FunctionTemplatesExplicitlySpecialized_shared.ql +++ b/cpp/common/test/rules/functiontemplatesexplicitlyspecialized/FunctionTemplatesExplicitlySpecialized.ql @@ -1,4 +1,4 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.functiontemplatesexplicitlyspecialized_shared.FunctionTemplatesExplicitlySpecialized_shared +import codingstandards.cpp.rules.functiontemplatesexplicitlyspecialized.FunctionTemplatesExplicitlySpecialized -class TestFileQuery extends FunctionTemplatesExplicitlySpecialized_sharedSharedQuery, TestQuery { } +class TestFileQuery extends FunctionTemplatesExplicitlySpecializedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/functiontemplatesexplicitlyspecialized_shared/test.cpp b/cpp/common/test/rules/functiontemplatesexplicitlyspecialized/test.cpp similarity index 100% rename from cpp/common/test/rules/functiontemplatesexplicitlyspecialized_shared/test.cpp rename to cpp/common/test/rules/functiontemplatesexplicitlyspecialized/test.cpp diff --git a/cpp/common/test/rules/globalnamespacedeclarations_shared/GlobalNamespaceDeclarations_shared.expected b/cpp/common/test/rules/globalnamespacedeclarations/GlobalNamespaceDeclarations.expected similarity index 100% rename from cpp/common/test/rules/globalnamespacedeclarations_shared/GlobalNamespaceDeclarations_shared.expected rename to cpp/common/test/rules/globalnamespacedeclarations/GlobalNamespaceDeclarations.expected diff --git a/cpp/common/test/rules/globalnamespacedeclarations/GlobalNamespaceDeclarations.ql b/cpp/common/test/rules/globalnamespacedeclarations/GlobalNamespaceDeclarations.ql new file mode 100644 index 0000000000..19482c5b09 --- /dev/null +++ b/cpp/common/test/rules/globalnamespacedeclarations/GlobalNamespaceDeclarations.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.globalnamespacedeclarations.GlobalNamespaceDeclarations + +class TestFileQuery extends GlobalNamespaceDeclarationsSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/globalnamespacedeclarations_shared/test.cpp b/cpp/common/test/rules/globalnamespacedeclarations/test.cpp similarity index 100% rename from cpp/common/test/rules/globalnamespacedeclarations_shared/test.cpp rename to cpp/common/test/rules/globalnamespacedeclarations/test.cpp diff --git a/cpp/common/test/rules/globalnamespacedeclarations_shared/GlobalNamespaceDeclarations_shared.ql b/cpp/common/test/rules/globalnamespacedeclarations_shared/GlobalNamespaceDeclarations_shared.ql deleted file mode 100644 index ea066bfd33..0000000000 --- a/cpp/common/test/rules/globalnamespacedeclarations_shared/GlobalNamespaceDeclarations_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.globalnamespacedeclarations_shared.GlobalNamespaceDeclarations_shared - -class TestFileQuery extends GlobalNamespaceDeclarations_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/globalsizedoperatordeletenotdefined_shared/GlobalSizedOperatorDeleteNotDefined_shared.expected b/cpp/common/test/rules/globalsizedoperatordeletenotdefined/GlobalSizedOperatorDeleteNotDefined.expected similarity index 100% rename from cpp/common/test/rules/globalsizedoperatordeletenotdefined_shared/GlobalSizedOperatorDeleteNotDefined_shared.expected rename to cpp/common/test/rules/globalsizedoperatordeletenotdefined/GlobalSizedOperatorDeleteNotDefined.expected diff --git a/cpp/common/test/rules/globalsizedoperatordeletenotdefined/GlobalSizedOperatorDeleteNotDefined.ql b/cpp/common/test/rules/globalsizedoperatordeletenotdefined/GlobalSizedOperatorDeleteNotDefined.ql new file mode 100644 index 0000000000..61d492f0c6 --- /dev/null +++ b/cpp/common/test/rules/globalsizedoperatordeletenotdefined/GlobalSizedOperatorDeleteNotDefined.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.globalsizedoperatordeletenotdefined.GlobalSizedOperatorDeleteNotDefined + +class TestFileQuery extends GlobalSizedOperatorDeleteNotDefinedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/globalsizedoperatordeletenotdefined_shared/test.cpp b/cpp/common/test/rules/globalsizedoperatordeletenotdefined/test.cpp similarity index 100% rename from cpp/common/test/rules/globalsizedoperatordeletenotdefined_shared/test.cpp rename to cpp/common/test/rules/globalsizedoperatordeletenotdefined/test.cpp diff --git a/cpp/common/test/rules/globalsizedoperatordeletenotdefined_shared/GlobalSizedOperatorDeleteNotDefined_shared.ql b/cpp/common/test/rules/globalsizedoperatordeletenotdefined_shared/GlobalSizedOperatorDeleteNotDefined_shared.ql deleted file mode 100644 index 5fd76da92d..0000000000 --- a/cpp/common/test/rules/globalsizedoperatordeletenotdefined_shared/GlobalSizedOperatorDeleteNotDefined_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.globalsizedoperatordeletenotdefined_shared.GlobalSizedOperatorDeleteNotDefined_shared - -class TestFileQuery extends GlobalSizedOperatorDeleteNotDefined_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/globalunsizedoperatordeletenotdefined_shared/GlobalUnsizedOperatorDeleteNotDefined_shared.expected b/cpp/common/test/rules/globalunsizedoperatordeletenotdefined/GlobalUnsizedOperatorDeleteNotDefined.expected similarity index 100% rename from cpp/common/test/rules/globalunsizedoperatordeletenotdefined_shared/GlobalUnsizedOperatorDeleteNotDefined_shared.expected rename to cpp/common/test/rules/globalunsizedoperatordeletenotdefined/GlobalUnsizedOperatorDeleteNotDefined.expected diff --git a/cpp/common/test/rules/globalunsizedoperatordeletenotdefined_shared/GlobalUnsizedOperatorDeleteNotDefined_shared.ql b/cpp/common/test/rules/globalunsizedoperatordeletenotdefined/GlobalUnsizedOperatorDeleteNotDefined.ql similarity index 63% rename from cpp/common/test/rules/globalunsizedoperatordeletenotdefined_shared/GlobalUnsizedOperatorDeleteNotDefined_shared.ql rename to cpp/common/test/rules/globalunsizedoperatordeletenotdefined/GlobalUnsizedOperatorDeleteNotDefined.ql index 8ea177a305..c415cbcd70 100644 --- a/cpp/common/test/rules/globalunsizedoperatordeletenotdefined_shared/GlobalUnsizedOperatorDeleteNotDefined_shared.ql +++ b/cpp/common/test/rules/globalunsizedoperatordeletenotdefined/GlobalUnsizedOperatorDeleteNotDefined.ql @@ -1,4 +1,4 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.globalunsizedoperatordeletenotdefined_shared.GlobalUnsizedOperatorDeleteNotDefined_shared +import codingstandards.cpp.rules.globalunsizedoperatordeletenotdefined.GlobalUnsizedOperatorDeleteNotDefined -class TestFileQuery extends GlobalUnsizedOperatorDeleteNotDefined_sharedSharedQuery, TestQuery { } +class TestFileQuery extends GlobalUnsizedOperatorDeleteNotDefinedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/globalunsizedoperatordeletenotdefined_shared/test.cpp b/cpp/common/test/rules/globalunsizedoperatordeletenotdefined/test.cpp similarity index 100% rename from cpp/common/test/rules/globalunsizedoperatordeletenotdefined_shared/test.cpp rename to cpp/common/test/rules/globalunsizedoperatordeletenotdefined/test.cpp diff --git a/cpp/common/test/rules/gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.expected b/cpp/common/test/rules/gotoreferencealabelinsurroundingblock/GotoReferenceALabelInSurroundingBlock.expected similarity index 100% rename from cpp/common/test/rules/gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.expected rename to cpp/common/test/rules/gotoreferencealabelinsurroundingblock/GotoReferenceALabelInSurroundingBlock.expected diff --git a/cpp/common/test/rules/gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.ql b/cpp/common/test/rules/gotoreferencealabelinsurroundingblock/GotoReferenceALabelInSurroundingBlock.ql similarity index 63% rename from cpp/common/test/rules/gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.ql rename to cpp/common/test/rules/gotoreferencealabelinsurroundingblock/GotoReferenceALabelInSurroundingBlock.ql index f905b9a46c..f553135683 100644 --- a/cpp/common/test/rules/gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.ql +++ b/cpp/common/test/rules/gotoreferencealabelinsurroundingblock/GotoReferenceALabelInSurroundingBlock.ql @@ -1,4 +1,4 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.gotoreferencealabelinsurroundingblock_shared.GotoReferenceALabelInSurroundingBlock_shared +import codingstandards.cpp.rules.gotoreferencealabelinsurroundingblock.GotoReferenceALabelInSurroundingBlock -class TestFileQuery extends GotoReferenceALabelInSurroundingBlock_sharedSharedQuery, TestQuery { } +class TestFileQuery extends GotoReferenceALabelInSurroundingBlockSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/gotoreferencealabelinsurroundingblock_shared/test.cpp b/cpp/common/test/rules/gotoreferencealabelinsurroundingblock/test.cpp similarity index 100% rename from cpp/common/test/rules/gotoreferencealabelinsurroundingblock_shared/test.cpp rename to cpp/common/test/rules/gotoreferencealabelinsurroundingblock/test.cpp diff --git a/cpp/common/test/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.expected b/cpp/common/test/rules/gotostatementshouldnotbeused/GotoStatementShouldNotBeUsed.expected similarity index 100% rename from cpp/common/test/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.expected rename to cpp/common/test/rules/gotostatementshouldnotbeused/GotoStatementShouldNotBeUsed.expected diff --git a/cpp/common/test/rules/gotostatementshouldnotbeused/GotoStatementShouldNotBeUsed.ql b/cpp/common/test/rules/gotostatementshouldnotbeused/GotoStatementShouldNotBeUsed.ql new file mode 100644 index 0000000000..1a117d5ddd --- /dev/null +++ b/cpp/common/test/rules/gotostatementshouldnotbeused/GotoStatementShouldNotBeUsed.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.gotostatementshouldnotbeused.GotoStatementShouldNotBeUsed + +class TestFileQuery extends GotoStatementShouldNotBeUsedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/gotostatementshouldnotbeused_shared/test.cpp b/cpp/common/test/rules/gotostatementshouldnotbeused/test.cpp similarity index 100% rename from cpp/common/test/rules/gotostatementshouldnotbeused_shared/test.cpp rename to cpp/common/test/rules/gotostatementshouldnotbeused/test.cpp diff --git a/cpp/common/test/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.ql b/cpp/common/test/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.ql deleted file mode 100644 index e7ae4fcebb..0000000000 --- a/cpp/common/test/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.gotostatementshouldnotbeused_shared.GotoStatementShouldNotBeUsed_shared - -class TestFileQuery extends GotoStatementShouldNotBeUsed_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/hiddeninheritednonoverridablememberfunction_shared/HiddenInheritedNonOverridableMemberFunction_shared.expected b/cpp/common/test/rules/hiddeninheritednonoverridablememberfunction/HiddenInheritedNonOverridableMemberFunction.expected similarity index 100% rename from cpp/common/test/rules/hiddeninheritednonoverridablememberfunction_shared/HiddenInheritedNonOverridableMemberFunction_shared.expected rename to cpp/common/test/rules/hiddeninheritednonoverridablememberfunction/HiddenInheritedNonOverridableMemberFunction.expected diff --git a/cpp/common/test/rules/hiddeninheritednonoverridablememberfunction_shared/HiddenInheritedNonOverridableMemberFunction_shared.ql b/cpp/common/test/rules/hiddeninheritednonoverridablememberfunction/HiddenInheritedNonOverridableMemberFunction.ql similarity index 59% rename from cpp/common/test/rules/hiddeninheritednonoverridablememberfunction_shared/HiddenInheritedNonOverridableMemberFunction_shared.ql rename to cpp/common/test/rules/hiddeninheritednonoverridablememberfunction/HiddenInheritedNonOverridableMemberFunction.ql index b822664218..30953eacf3 100644 --- a/cpp/common/test/rules/hiddeninheritednonoverridablememberfunction_shared/HiddenInheritedNonOverridableMemberFunction_shared.ql +++ b/cpp/common/test/rules/hiddeninheritednonoverridablememberfunction/HiddenInheritedNonOverridableMemberFunction.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.hiddeninheritednonoverridablememberfunction_shared.HiddenInheritedNonOverridableMemberFunction_shared +import codingstandards.cpp.rules.hiddeninheritednonoverridablememberfunction.HiddenInheritedNonOverridableMemberFunction -class TestFileQuery extends HiddenInheritedNonOverridableMemberFunction_sharedSharedQuery, TestQuery -{ } +class TestFileQuery extends HiddenInheritedNonOverridableMemberFunctionSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/hiddeninheritednonoverridablememberfunction_shared/test.cpp b/cpp/common/test/rules/hiddeninheritednonoverridablememberfunction/test.cpp similarity index 100% rename from cpp/common/test/rules/hiddeninheritednonoverridablememberfunction_shared/test.cpp rename to cpp/common/test/rules/hiddeninheritednonoverridablememberfunction/test.cpp diff --git a/cpp/common/test/rules/hiddeninheritedoverridablememberfunction_shared/HiddenInheritedOverridableMemberFunction_shared.expected b/cpp/common/test/rules/hiddeninheritedoverridablememberfunction/HiddenInheritedOverridableMemberFunction.expected similarity index 100% rename from cpp/common/test/rules/hiddeninheritedoverridablememberfunction_shared/HiddenInheritedOverridableMemberFunction_shared.expected rename to cpp/common/test/rules/hiddeninheritedoverridablememberfunction/HiddenInheritedOverridableMemberFunction.expected diff --git a/cpp/common/test/rules/hiddeninheritedoverridablememberfunction_shared/HiddenInheritedOverridableMemberFunction_shared.ql b/cpp/common/test/rules/hiddeninheritedoverridablememberfunction/HiddenInheritedOverridableMemberFunction.ql similarity index 61% rename from cpp/common/test/rules/hiddeninheritedoverridablememberfunction_shared/HiddenInheritedOverridableMemberFunction_shared.ql rename to cpp/common/test/rules/hiddeninheritedoverridablememberfunction/HiddenInheritedOverridableMemberFunction.ql index a8fd6220e8..072f672efb 100644 --- a/cpp/common/test/rules/hiddeninheritedoverridablememberfunction_shared/HiddenInheritedOverridableMemberFunction_shared.ql +++ b/cpp/common/test/rules/hiddeninheritedoverridablememberfunction/HiddenInheritedOverridableMemberFunction.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.hiddeninheritedoverridablememberfunction_shared.HiddenInheritedOverridableMemberFunction_shared +import codingstandards.cpp.rules.hiddeninheritedoverridablememberfunction.HiddenInheritedOverridableMemberFunction -class TestFileQuery extends HiddenInheritedOverridableMemberFunction_sharedSharedQuery, TestQuery { -} +class TestFileQuery extends HiddenInheritedOverridableMemberFunctionSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/hiddeninheritedoverridablememberfunction_shared/test.cpp b/cpp/common/test/rules/hiddeninheritedoverridablememberfunction/test.cpp similarity index 100% rename from cpp/common/test/rules/hiddeninheritedoverridablememberfunction_shared/test.cpp rename to cpp/common/test/rules/hiddeninheritedoverridablememberfunction/test.cpp diff --git a/cpp/common/test/rules/initializeallvirtualbaseclasses_shared/InitializeAllVirtualBaseClasses_shared.expected b/cpp/common/test/rules/initializeallvirtualbaseclasses/InitializeAllVirtualBaseClasses.expected similarity index 100% rename from cpp/common/test/rules/initializeallvirtualbaseclasses_shared/InitializeAllVirtualBaseClasses_shared.expected rename to cpp/common/test/rules/initializeallvirtualbaseclasses/InitializeAllVirtualBaseClasses.expected diff --git a/cpp/common/test/rules/initializeallvirtualbaseclasses/InitializeAllVirtualBaseClasses.ql b/cpp/common/test/rules/initializeallvirtualbaseclasses/InitializeAllVirtualBaseClasses.ql new file mode 100644 index 0000000000..89f720b125 --- /dev/null +++ b/cpp/common/test/rules/initializeallvirtualbaseclasses/InitializeAllVirtualBaseClasses.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.initializeallvirtualbaseclasses.InitializeAllVirtualBaseClasses + +class TestFileQuery extends InitializeAllVirtualBaseClassesSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/initializeallvirtualbaseclasses_shared/test.cpp b/cpp/common/test/rules/initializeallvirtualbaseclasses/test.cpp similarity index 100% rename from cpp/common/test/rules/initializeallvirtualbaseclasses_shared/test.cpp rename to cpp/common/test/rules/initializeallvirtualbaseclasses/test.cpp diff --git a/cpp/common/test/rules/initializeallvirtualbaseclasses_shared/InitializeAllVirtualBaseClasses_shared.ql b/cpp/common/test/rules/initializeallvirtualbaseclasses_shared/InitializeAllVirtualBaseClasses_shared.ql deleted file mode 100644 index 6ef0476388..0000000000 --- a/cpp/common/test/rules/initializeallvirtualbaseclasses_shared/InitializeAllVirtualBaseClasses_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.initializeallvirtualbaseclasses_shared.InitializeAllVirtualBaseClasses_shared - -class TestFileQuery extends InitializeAllVirtualBaseClasses_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/initializerlistconstructoristheonlyconstructor_shared/InitializerListConstructorIsTheOnlyConstructor_shared.expected b/cpp/common/test/rules/initializerlistconstructoristheonlyconstructor/InitializerListConstructorIsTheOnlyConstructor.expected similarity index 100% rename from cpp/common/test/rules/initializerlistconstructoristheonlyconstructor_shared/InitializerListConstructorIsTheOnlyConstructor_shared.expected rename to cpp/common/test/rules/initializerlistconstructoristheonlyconstructor/InitializerListConstructorIsTheOnlyConstructor.expected diff --git a/cpp/common/test/rules/initializerlistconstructoristheonlyconstructor_shared/InitializerListConstructorIsTheOnlyConstructor_shared.ql b/cpp/common/test/rules/initializerlistconstructoristheonlyconstructor/InitializerListConstructorIsTheOnlyConstructor.ql similarity index 56% rename from cpp/common/test/rules/initializerlistconstructoristheonlyconstructor_shared/InitializerListConstructorIsTheOnlyConstructor_shared.ql rename to cpp/common/test/rules/initializerlistconstructoristheonlyconstructor/InitializerListConstructorIsTheOnlyConstructor.ql index d2b4aa6c89..a2b023a3dd 100644 --- a/cpp/common/test/rules/initializerlistconstructoristheonlyconstructor_shared/InitializerListConstructorIsTheOnlyConstructor_shared.ql +++ b/cpp/common/test/rules/initializerlistconstructoristheonlyconstructor/InitializerListConstructorIsTheOnlyConstructor.ql @@ -1,6 +1,4 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.initializerlistconstructoristheonlyconstructor_shared.InitializerListConstructorIsTheOnlyConstructor_shared +import codingstandards.cpp.rules.initializerlistconstructoristheonlyconstructor.InitializerListConstructorIsTheOnlyConstructor -class TestFileQuery extends InitializerListConstructorIsTheOnlyConstructor_sharedSharedQuery, - TestQuery -{ } +class TestFileQuery extends InitializerListConstructorIsTheOnlyConstructorSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/initializerlistconstructoristheonlyconstructor_shared/test.cpp b/cpp/common/test/rules/initializerlistconstructoristheonlyconstructor/test.cpp similarity index 100% rename from cpp/common/test/rules/initializerlistconstructoristheonlyconstructor_shared/test.cpp rename to cpp/common/test/rules/initializerlistconstructoristheonlyconstructor/test.cpp diff --git a/cpp/common/test/rules/linesplicingusedincomments_shared/LineSplicingUsedInComments_shared.expected b/cpp/common/test/rules/linesplicingusedincomments/LineSplicingUsedInComments.expected similarity index 100% rename from cpp/common/test/rules/linesplicingusedincomments_shared/LineSplicingUsedInComments_shared.expected rename to cpp/common/test/rules/linesplicingusedincomments/LineSplicingUsedInComments.expected diff --git a/cpp/common/test/rules/linesplicingusedincomments/LineSplicingUsedInComments.ql b/cpp/common/test/rules/linesplicingusedincomments/LineSplicingUsedInComments.ql new file mode 100644 index 0000000000..55803eab88 --- /dev/null +++ b/cpp/common/test/rules/linesplicingusedincomments/LineSplicingUsedInComments.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.linesplicingusedincomments.LineSplicingUsedInComments + +class TestFileQuery extends LineSplicingUsedInCommentsSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/linesplicingusedincomments_shared/test.cpp b/cpp/common/test/rules/linesplicingusedincomments/test.cpp similarity index 100% rename from cpp/common/test/rules/linesplicingusedincomments_shared/test.cpp rename to cpp/common/test/rules/linesplicingusedincomments/test.cpp diff --git a/cpp/common/test/rules/linesplicingusedincomments_shared/LineSplicingUsedInComments_shared.ql b/cpp/common/test/rules/linesplicingusedincomments_shared/LineSplicingUsedInComments_shared.ql deleted file mode 100644 index f10ee1f3ad..0000000000 --- a/cpp/common/test/rules/linesplicingusedincomments_shared/LineSplicingUsedInComments_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.linesplicingusedincomments_shared.LineSplicingUsedInComments_shared - -class TestFileQuery extends LineSplicingUsedInComments_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/loopcompoundcondition_shared/LoopCompoundCondition_shared.expected b/cpp/common/test/rules/loopcompoundcondition/LoopCompoundCondition.expected similarity index 100% rename from cpp/common/test/rules/loopcompoundcondition_shared/LoopCompoundCondition_shared.expected rename to cpp/common/test/rules/loopcompoundcondition/LoopCompoundCondition.expected diff --git a/cpp/common/test/rules/loopcompoundcondition/LoopCompoundCondition.ql b/cpp/common/test/rules/loopcompoundcondition/LoopCompoundCondition.ql new file mode 100644 index 0000000000..3961d76d15 --- /dev/null +++ b/cpp/common/test/rules/loopcompoundcondition/LoopCompoundCondition.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.loopcompoundcondition.LoopCompoundCondition + +class TestFileQuery extends LoopCompoundConditionSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/loopcompoundcondition_shared/test.cpp b/cpp/common/test/rules/loopcompoundcondition/test.cpp similarity index 100% rename from cpp/common/test/rules/loopcompoundcondition_shared/test.cpp rename to cpp/common/test/rules/loopcompoundcondition/test.cpp diff --git a/cpp/common/test/rules/loopcompoundcondition_shared/LoopCompoundCondition_shared.ql b/cpp/common/test/rules/loopcompoundcondition_shared/LoopCompoundCondition_shared.ql deleted file mode 100644 index 7ca1d2643e..0000000000 --- a/cpp/common/test/rules/loopcompoundcondition_shared/LoopCompoundCondition_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.loopcompoundcondition_shared.LoopCompoundCondition_shared - -class TestFileQuery extends LoopCompoundCondition_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.expected b/cpp/common/test/rules/lowercaselstartsinliteralsuffix/LowercaseLStartsInLiteralSuffix.expected similarity index 100% rename from cpp/common/test/rules/lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.expected rename to cpp/common/test/rules/lowercaselstartsinliteralsuffix/LowercaseLStartsInLiteralSuffix.expected diff --git a/cpp/common/test/rules/lowercaselstartsinliteralsuffix/LowercaseLStartsInLiteralSuffix.ql b/cpp/common/test/rules/lowercaselstartsinliteralsuffix/LowercaseLStartsInLiteralSuffix.ql new file mode 100644 index 0000000000..ab353ca8a9 --- /dev/null +++ b/cpp/common/test/rules/lowercaselstartsinliteralsuffix/LowercaseLStartsInLiteralSuffix.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.lowercaselstartsinliteralsuffix.LowercaseLStartsInLiteralSuffix + +class TestFileQuery extends LowercaseLStartsInLiteralSuffixSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/lowercaselstartsinliteralsuffix_shared/README.md b/cpp/common/test/rules/lowercaselstartsinliteralsuffix/README.md similarity index 100% rename from cpp/common/test/rules/lowercaselstartsinliteralsuffix_shared/README.md rename to cpp/common/test/rules/lowercaselstartsinliteralsuffix/README.md diff --git a/cpp/common/test/rules/lowercaselstartsinliteralsuffix_shared/test.cpp b/cpp/common/test/rules/lowercaselstartsinliteralsuffix/test.cpp similarity index 100% rename from cpp/common/test/rules/lowercaselstartsinliteralsuffix_shared/test.cpp rename to cpp/common/test/rules/lowercaselstartsinliteralsuffix/test.cpp diff --git a/cpp/common/test/rules/lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.ql b/cpp/common/test/rules/lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.ql deleted file mode 100644 index 8d7d9f0be8..0000000000 --- a/cpp/common/test/rules/lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.lowercaselstartsinliteralsuffix_shared.LowercaseLStartsInLiteralSuffix_shared - -class TestFileQuery extends LowercaseLStartsInLiteralSuffix_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/macrooffsetofused_shared/MacroOffsetofUsed.expected b/cpp/common/test/rules/macrooffsetofused/MacroOffsetofUsed.expected similarity index 100% rename from cpp/common/test/rules/macrooffsetofused_shared/MacroOffsetofUsed.expected rename to cpp/common/test/rules/macrooffsetofused/MacroOffsetofUsed.expected diff --git a/cpp/common/test/rules/macrooffsetofused_shared/MacroOffsetofUsed.expected.gcc b/cpp/common/test/rules/macrooffsetofused/MacroOffsetofUsed.expected.gcc similarity index 100% rename from cpp/common/test/rules/macrooffsetofused_shared/MacroOffsetofUsed.expected.gcc rename to cpp/common/test/rules/macrooffsetofused/MacroOffsetofUsed.expected.gcc diff --git a/cpp/common/test/rules/macrooffsetofused_shared/MacroOffsetofUsed.expected.qcc b/cpp/common/test/rules/macrooffsetofused/MacroOffsetofUsed.expected.qcc similarity index 100% rename from cpp/common/test/rules/macrooffsetofused_shared/MacroOffsetofUsed.expected.qcc rename to cpp/common/test/rules/macrooffsetofused/MacroOffsetofUsed.expected.qcc diff --git a/cpp/common/test/rules/macrooffsetofused/MacroOffsetofUsed.ql b/cpp/common/test/rules/macrooffsetofused/MacroOffsetofUsed.ql new file mode 100644 index 0000000000..44e30b1a2f --- /dev/null +++ b/cpp/common/test/rules/macrooffsetofused/MacroOffsetofUsed.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.macrooffsetofused.MacroOffsetofUsed + +class TestFileQuery extends MacroOffsetofUsedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/macrooffsetofused_shared/test.cpp b/cpp/common/test/rules/macrooffsetofused/test.cpp similarity index 100% rename from cpp/common/test/rules/macrooffsetofused_shared/test.cpp rename to cpp/common/test/rules/macrooffsetofused/test.cpp diff --git a/cpp/common/test/rules/macrooffsetofused_shared/MacroOffsetofUsed_shared.expected b/cpp/common/test/rules/macrooffsetofused_shared/MacroOffsetofUsed_shared.expected deleted file mode 100644 index 88647b9f36..0000000000 --- a/cpp/common/test/rules/macrooffsetofused_shared/MacroOffsetofUsed_shared.expected +++ /dev/null @@ -1 +0,0 @@ -| test.cpp:9:32:9:51 | offsetof(t,d) | Use of banned macro offsetof. | diff --git a/cpp/common/test/rules/macrooffsetofused_shared/MacroOffsetofUsed_shared.ql b/cpp/common/test/rules/macrooffsetofused_shared/MacroOffsetofUsed_shared.ql deleted file mode 100644 index b1e69f5a8a..0000000000 --- a/cpp/common/test/rules/macrooffsetofused_shared/MacroOffsetofUsed_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.macrooffsetofused_shared.MacroOffsetofUsed_shared - -class TestFileQuery extends MacroOffsetofUsed_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.expected b/cpp/common/test/rules/macroparameterfollowinghash/MacroParameterFollowingHash.expected similarity index 100% rename from cpp/common/test/rules/macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.expected rename to cpp/common/test/rules/macroparameterfollowinghash/MacroParameterFollowingHash.expected diff --git a/cpp/common/test/rules/macroparameterfollowinghash/MacroParameterFollowingHash.ql b/cpp/common/test/rules/macroparameterfollowinghash/MacroParameterFollowingHash.ql new file mode 100644 index 0000000000..f753b75463 --- /dev/null +++ b/cpp/common/test/rules/macroparameterfollowinghash/MacroParameterFollowingHash.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.macroparameterfollowinghash.MacroParameterFollowingHash + +class TestFileQuery extends MacroParameterFollowingHashSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/macroparameterfollowinghash_shared/test.cpp b/cpp/common/test/rules/macroparameterfollowinghash/test.cpp similarity index 100% rename from cpp/common/test/rules/macroparameterfollowinghash_shared/test.cpp rename to cpp/common/test/rules/macroparameterfollowinghash/test.cpp diff --git a/cpp/common/test/rules/macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.ql b/cpp/common/test/rules/macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.ql deleted file mode 100644 index 8c3dd270d0..0000000000 --- a/cpp/common/test/rules/macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.macroparameterfollowinghash_shared.MacroParameterFollowingHash_shared - -class TestFileQuery extends MacroParameterFollowingHash_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.expected b/cpp/common/test/rules/memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.expected similarity index 100% rename from cpp/common/test/rules/memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.expected rename to cpp/common/test/rules/memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.expected diff --git a/cpp/common/test/rules/memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.ql b/cpp/common/test/rules/memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.ql similarity index 60% rename from cpp/common/test/rules/memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.ql rename to cpp/common/test/rules/memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.ql index e49f82c8fd..63351377f0 100644 --- a/cpp/common/test/rules/memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.ql +++ b/cpp/common/test/rules/memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.memoryoperationsnotsequencedappropriately_shared.MemoryOperationsNotSequencedAppropriately_shared +import codingstandards.cpp.rules.memoryoperationsnotsequencedappropriately.MemoryOperationsNotSequencedAppropriately -class TestFileQuery extends MemoryOperationsNotSequencedAppropriately_sharedSharedQuery, TestQuery { -} +class TestFileQuery extends MemoryOperationsNotSequencedAppropriatelySharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/memoryoperationsnotsequencedappropriately_shared/test.cpp b/cpp/common/test/rules/memoryoperationsnotsequencedappropriately/test.cpp similarity index 100% rename from cpp/common/test/rules/memoryoperationsnotsequencedappropriately_shared/test.cpp rename to cpp/common/test/rules/memoryoperationsnotsequencedappropriately/test.cpp diff --git a/cpp/common/test/rules/multipleglobalormemberdeclarators_shared/MultipleGlobalOrMemberDeclarators_shared.expected b/cpp/common/test/rules/multipleglobalormemberdeclarators/MultipleGlobalOrMemberDeclarators.expected similarity index 100% rename from cpp/common/test/rules/multipleglobalormemberdeclarators_shared/MultipleGlobalOrMemberDeclarators_shared.expected rename to cpp/common/test/rules/multipleglobalormemberdeclarators/MultipleGlobalOrMemberDeclarators.expected diff --git a/cpp/common/test/rules/multipleglobalormemberdeclarators/MultipleGlobalOrMemberDeclarators.ql b/cpp/common/test/rules/multipleglobalormemberdeclarators/MultipleGlobalOrMemberDeclarators.ql new file mode 100644 index 0000000000..2f4d3cbdea --- /dev/null +++ b/cpp/common/test/rules/multipleglobalormemberdeclarators/MultipleGlobalOrMemberDeclarators.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.multipleglobalormemberdeclarators.MultipleGlobalOrMemberDeclarators + +class TestFileQuery extends MultipleGlobalOrMemberDeclaratorsSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/multipleglobalormemberdeclarators_shared/test.cpp b/cpp/common/test/rules/multipleglobalormemberdeclarators/test.cpp similarity index 100% rename from cpp/common/test/rules/multipleglobalormemberdeclarators_shared/test.cpp rename to cpp/common/test/rules/multipleglobalormemberdeclarators/test.cpp diff --git a/cpp/common/test/rules/multipleglobalormemberdeclarators_shared/MultipleGlobalOrMemberDeclarators_shared.ql b/cpp/common/test/rules/multipleglobalormemberdeclarators_shared/MultipleGlobalOrMemberDeclarators_shared.ql deleted file mode 100644 index 061e572c73..0000000000 --- a/cpp/common/test/rules/multipleglobalormemberdeclarators_shared/MultipleGlobalOrMemberDeclarators_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.multipleglobalormemberdeclarators_shared.MultipleGlobalOrMemberDeclarators_shared - -class TestFileQuery extends MultipleGlobalOrMemberDeclarators_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/multiplelocaldeclarators_shared/MultipleLocalDeclarators_shared.expected b/cpp/common/test/rules/multiplelocaldeclarators/MultipleLocalDeclarators.expected similarity index 100% rename from cpp/common/test/rules/multiplelocaldeclarators_shared/MultipleLocalDeclarators_shared.expected rename to cpp/common/test/rules/multiplelocaldeclarators/MultipleLocalDeclarators.expected diff --git a/cpp/common/test/rules/multiplelocaldeclarators/MultipleLocalDeclarators.ql b/cpp/common/test/rules/multiplelocaldeclarators/MultipleLocalDeclarators.ql new file mode 100644 index 0000000000..7e2fe57b24 --- /dev/null +++ b/cpp/common/test/rules/multiplelocaldeclarators/MultipleLocalDeclarators.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.multiplelocaldeclarators.MultipleLocalDeclarators + +class TestFileQuery extends MultipleLocalDeclaratorsSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/multiplelocaldeclarators_shared/test.cpp b/cpp/common/test/rules/multiplelocaldeclarators/test.cpp similarity index 100% rename from cpp/common/test/rules/multiplelocaldeclarators_shared/test.cpp rename to cpp/common/test/rules/multiplelocaldeclarators/test.cpp diff --git a/cpp/common/test/rules/multiplelocaldeclarators_shared/MultipleLocalDeclarators_shared.ql b/cpp/common/test/rules/multiplelocaldeclarators_shared/MultipleLocalDeclarators_shared.ql deleted file mode 100644 index b578fb7eca..0000000000 --- a/cpp/common/test/rules/multiplelocaldeclarators_shared/MultipleLocalDeclarators_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.multiplelocaldeclarators_shared.MultipleLocalDeclarators_shared - -class TestFileQuery extends MultipleLocalDeclarators_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.expected b/cpp/common/test/rules/namedbitfieldswithsignedintegertype/NamedBitFieldsWithSignedIntegerType.expected similarity index 100% rename from cpp/common/test/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.expected rename to cpp/common/test/rules/namedbitfieldswithsignedintegertype/NamedBitFieldsWithSignedIntegerType.expected diff --git a/cpp/common/test/rules/namedbitfieldswithsignedintegertype/NamedBitFieldsWithSignedIntegerType.ql b/cpp/common/test/rules/namedbitfieldswithsignedintegertype/NamedBitFieldsWithSignedIntegerType.ql new file mode 100644 index 0000000000..a82fa7905a --- /dev/null +++ b/cpp/common/test/rules/namedbitfieldswithsignedintegertype/NamedBitFieldsWithSignedIntegerType.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.namedbitfieldswithsignedintegertype.NamedBitFieldsWithSignedIntegerType + +class TestFileQuery extends NamedBitFieldsWithSignedIntegerTypeSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/namedbitfieldswithsignedintegertype_shared/test.cpp b/cpp/common/test/rules/namedbitfieldswithsignedintegertype/test.cpp similarity index 100% rename from cpp/common/test/rules/namedbitfieldswithsignedintegertype_shared/test.cpp rename to cpp/common/test/rules/namedbitfieldswithsignedintegertype/test.cpp diff --git a/cpp/common/test/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.ql b/cpp/common/test/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.ql deleted file mode 100644 index 09b98ff226..0000000000 --- a/cpp/common/test/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.namedbitfieldswithsignedintegertype_shared.NamedBitFieldsWithSignedIntegerType_shared - -class TestFileQuery extends NamedBitFieldsWithSignedIntegerType_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/namenotreferredusingaqualifiedidorthis_shared/NameNotReferredUsingAQualifiedIdOrThis_shared.expected b/cpp/common/test/rules/namenotreferredusingaqualifiedidorthis/NameNotReferredUsingAQualifiedIdOrThis.expected similarity index 100% rename from cpp/common/test/rules/namenotreferredusingaqualifiedidorthis_shared/NameNotReferredUsingAQualifiedIdOrThis_shared.expected rename to cpp/common/test/rules/namenotreferredusingaqualifiedidorthis/NameNotReferredUsingAQualifiedIdOrThis.expected diff --git a/cpp/common/test/rules/namenotreferredusingaqualifiedidorthis_shared/NameNotReferredUsingAQualifiedIdOrThis_shared.ql b/cpp/common/test/rules/namenotreferredusingaqualifiedidorthis/NameNotReferredUsingAQualifiedIdOrThis.ql similarity index 62% rename from cpp/common/test/rules/namenotreferredusingaqualifiedidorthis_shared/NameNotReferredUsingAQualifiedIdOrThis_shared.ql rename to cpp/common/test/rules/namenotreferredusingaqualifiedidorthis/NameNotReferredUsingAQualifiedIdOrThis.ql index 6f8e2c1e7f..731d7b1f84 100644 --- a/cpp/common/test/rules/namenotreferredusingaqualifiedidorthis_shared/NameNotReferredUsingAQualifiedIdOrThis_shared.ql +++ b/cpp/common/test/rules/namenotreferredusingaqualifiedidorthis/NameNotReferredUsingAQualifiedIdOrThis.ql @@ -1,4 +1,4 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.namenotreferredusingaqualifiedidorthis_shared.NameNotReferredUsingAQualifiedIdOrThis_shared +import codingstandards.cpp.rules.namenotreferredusingaqualifiedidorthis.NameNotReferredUsingAQualifiedIdOrThis -class TestFileQuery extends NameNotReferredUsingAQualifiedIdOrThis_sharedSharedQuery, TestQuery { } +class TestFileQuery extends NameNotReferredUsingAQualifiedIdOrThisSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/namenotreferredusingaqualifiedidorthis_shared/test.cpp b/cpp/common/test/rules/namenotreferredusingaqualifiedidorthis/test.cpp similarity index 100% rename from cpp/common/test/rules/namenotreferredusingaqualifiedidorthis_shared/test.cpp rename to cpp/common/test/rules/namenotreferredusingaqualifiedidorthis/test.cpp diff --git a/cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit_shared/NameNotReferredUsingAQualifiedIdOrThisAudit_shared.expected b/cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit/NameNotReferredUsingAQualifiedIdOrThisAudit.expected similarity index 100% rename from cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit_shared/NameNotReferredUsingAQualifiedIdOrThisAudit_shared.expected rename to cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit/NameNotReferredUsingAQualifiedIdOrThisAudit.expected diff --git a/cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit_shared/NameNotReferredUsingAQualifiedIdOrThisAudit_shared.ql b/cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit/NameNotReferredUsingAQualifiedIdOrThisAudit.ql similarity index 59% rename from cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit_shared/NameNotReferredUsingAQualifiedIdOrThisAudit_shared.ql rename to cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit/NameNotReferredUsingAQualifiedIdOrThisAudit.ql index abc15222c5..46ffea0b3d 100644 --- a/cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit_shared/NameNotReferredUsingAQualifiedIdOrThisAudit_shared.ql +++ b/cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit/NameNotReferredUsingAQualifiedIdOrThisAudit.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.namenotreferredusingaqualifiedidorthisaudit_shared.NameNotReferredUsingAQualifiedIdOrThisAudit_shared +import codingstandards.cpp.rules.namenotreferredusingaqualifiedidorthisaudit.NameNotReferredUsingAQualifiedIdOrThisAudit -class TestFileQuery extends NameNotReferredUsingAQualifiedIdOrThisAudit_sharedSharedQuery, TestQuery -{ } +class TestFileQuery extends NameNotReferredUsingAQualifiedIdOrThisAuditSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit_shared/test.cpp b/cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit/test.cpp similarity index 100% rename from cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit_shared/test.cpp rename to cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit/test.cpp diff --git a/cpp/common/test/rules/noexceptfunctionshouldnotpropagatetothecaller_shared/NoexceptFunctionShouldNotPropagateToTheCaller_shared.expected b/cpp/common/test/rules/noexceptfunctionshouldnotpropagatetothecaller/NoexceptFunctionShouldNotPropagateToTheCaller.expected similarity index 100% rename from cpp/common/test/rules/noexceptfunctionshouldnotpropagatetothecaller_shared/NoexceptFunctionShouldNotPropagateToTheCaller_shared.expected rename to cpp/common/test/rules/noexceptfunctionshouldnotpropagatetothecaller/NoexceptFunctionShouldNotPropagateToTheCaller.expected diff --git a/cpp/common/test/rules/noexceptfunctionshouldnotpropagatetothecaller_shared/NoexceptFunctionShouldNotPropagateToTheCaller_shared.ql b/cpp/common/test/rules/noexceptfunctionshouldnotpropagatetothecaller/NoexceptFunctionShouldNotPropagateToTheCaller.ql similarity index 57% rename from cpp/common/test/rules/noexceptfunctionshouldnotpropagatetothecaller_shared/NoexceptFunctionShouldNotPropagateToTheCaller_shared.ql rename to cpp/common/test/rules/noexceptfunctionshouldnotpropagatetothecaller/NoexceptFunctionShouldNotPropagateToTheCaller.ql index 4a405daaaf..e8906287da 100644 --- a/cpp/common/test/rules/noexceptfunctionshouldnotpropagatetothecaller_shared/NoexceptFunctionShouldNotPropagateToTheCaller_shared.ql +++ b/cpp/common/test/rules/noexceptfunctionshouldnotpropagatetothecaller/NoexceptFunctionShouldNotPropagateToTheCaller.ql @@ -1,6 +1,4 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.noexceptfunctionshouldnotpropagatetothecaller_shared.NoexceptFunctionShouldNotPropagateToTheCaller_shared +import codingstandards.cpp.rules.noexceptfunctionshouldnotpropagatetothecaller.NoexceptFunctionShouldNotPropagateToTheCaller -class TestFileQuery extends NoexceptFunctionShouldNotPropagateToTheCaller_sharedSharedQuery, - TestQuery -{ } +class TestFileQuery extends NoexceptFunctionShouldNotPropagateToTheCallerSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/noexceptfunctionshouldnotpropagatetothecaller_shared/test.cpp b/cpp/common/test/rules/noexceptfunctionshouldnotpropagatetothecaller/test.cpp similarity index 100% rename from cpp/common/test/rules/noexceptfunctionshouldnotpropagatetothecaller_shared/test.cpp rename to cpp/common/test/rules/noexceptfunctionshouldnotpropagatetothecaller/test.cpp diff --git a/cpp/common/test/rules/nonglobalfunctionmain_shared/NonGlobalFunctionMain_shared.expected b/cpp/common/test/rules/nonglobalfunctionmain/NonGlobalFunctionMain.expected similarity index 100% rename from cpp/common/test/rules/nonglobalfunctionmain_shared/NonGlobalFunctionMain_shared.expected rename to cpp/common/test/rules/nonglobalfunctionmain/NonGlobalFunctionMain.expected diff --git a/cpp/common/test/rules/nonglobalfunctionmain/NonGlobalFunctionMain.ql b/cpp/common/test/rules/nonglobalfunctionmain/NonGlobalFunctionMain.ql new file mode 100644 index 0000000000..02edcf3732 --- /dev/null +++ b/cpp/common/test/rules/nonglobalfunctionmain/NonGlobalFunctionMain.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.nonglobalfunctionmain.NonGlobalFunctionMain + +class TestFileQuery extends NonGlobalFunctionMainSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/nonglobalfunctionmain_shared/test.cpp b/cpp/common/test/rules/nonglobalfunctionmain/test.cpp similarity index 100% rename from cpp/common/test/rules/nonglobalfunctionmain_shared/test.cpp rename to cpp/common/test/rules/nonglobalfunctionmain/test.cpp diff --git a/cpp/common/test/rules/nonglobalfunctionmain_shared/NonGlobalFunctionMain_shared.ql b/cpp/common/test/rules/nonglobalfunctionmain_shared/NonGlobalFunctionMain_shared.ql deleted file mode 100644 index 611b3d0f77..0000000000 --- a/cpp/common/test/rules/nonglobalfunctionmain_shared/NonGlobalFunctionMain_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.nonglobalfunctionmain_shared.NonGlobalFunctionMain_shared - -class TestFileQuery extends NonGlobalFunctionMain_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.expected b/cpp/common/test/rules/nonterminatedescapesequences/NonTerminatedEscapeSequences.expected similarity index 100% rename from cpp/common/test/rules/nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.expected rename to cpp/common/test/rules/nonterminatedescapesequences/NonTerminatedEscapeSequences.expected diff --git a/cpp/common/test/rules/nonterminatedescapesequences/NonTerminatedEscapeSequences.ql b/cpp/common/test/rules/nonterminatedescapesequences/NonTerminatedEscapeSequences.ql new file mode 100644 index 0000000000..c1aae3c31b --- /dev/null +++ b/cpp/common/test/rules/nonterminatedescapesequences/NonTerminatedEscapeSequences.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.nonterminatedescapesequences.NonTerminatedEscapeSequences + +class TestFileQuery extends NonTerminatedEscapeSequencesSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/nonterminatedescapesequences_shared/test.cpp b/cpp/common/test/rules/nonterminatedescapesequences/test.cpp similarity index 100% rename from cpp/common/test/rules/nonterminatedescapesequences_shared/test.cpp rename to cpp/common/test/rules/nonterminatedescapesequences/test.cpp diff --git a/cpp/common/test/rules/nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.ql b/cpp/common/test/rules/nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.ql deleted file mode 100644 index 6cbb2220bb..0000000000 --- a/cpp/common/test/rules/nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.nonterminatedescapesequences_shared.NonTerminatedEscapeSequences_shared - -class TestFileQuery extends NonTerminatedEscapeSequences_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.expected b/cpp/common/test/rules/nonuniqueenumerationconstant/NonUniqueEnumerationConstant.expected similarity index 100% rename from cpp/common/test/rules/nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.expected rename to cpp/common/test/rules/nonuniqueenumerationconstant/NonUniqueEnumerationConstant.expected diff --git a/cpp/common/test/rules/nonuniqueenumerationconstant/NonUniqueEnumerationConstant.ql b/cpp/common/test/rules/nonuniqueenumerationconstant/NonUniqueEnumerationConstant.ql new file mode 100644 index 0000000000..97ba6f516e --- /dev/null +++ b/cpp/common/test/rules/nonuniqueenumerationconstant/NonUniqueEnumerationConstant.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.nonuniqueenumerationconstant.NonUniqueEnumerationConstant + +class TestFileQuery extends NonUniqueEnumerationConstantSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/nonuniqueenumerationconstant_shared/test.cpp b/cpp/common/test/rules/nonuniqueenumerationconstant/test.cpp similarity index 100% rename from cpp/common/test/rules/nonuniqueenumerationconstant_shared/test.cpp rename to cpp/common/test/rules/nonuniqueenumerationconstant/test.cpp diff --git a/cpp/common/test/rules/nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.ql b/cpp/common/test/rules/nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.ql deleted file mode 100644 index f01ef52853..0000000000 --- a/cpp/common/test/rules/nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.nonuniqueenumerationconstant_shared.NonUniqueEnumerationConstant_shared - -class TestFileQuery extends NonUniqueEnumerationConstant_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.expected b/cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant/NullptrNotTheOnlyFormOfTheNullPointerConstant.expected similarity index 100% rename from cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.expected rename to cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant/NullptrNotTheOnlyFormOfTheNullPointerConstant.expected diff --git a/cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.expected.clang b/cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant/NullptrNotTheOnlyFormOfTheNullPointerConstant.expected.clang similarity index 100% rename from cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.expected.clang rename to cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant/NullptrNotTheOnlyFormOfTheNullPointerConstant.expected.clang diff --git a/cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.expected.gcc b/cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant/NullptrNotTheOnlyFormOfTheNullPointerConstant.expected.gcc similarity index 100% rename from cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.expected.gcc rename to cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant/NullptrNotTheOnlyFormOfTheNullPointerConstant.expected.gcc diff --git a/cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.expected.qcc b/cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant/NullptrNotTheOnlyFormOfTheNullPointerConstant.expected.qcc similarity index 100% rename from cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.expected.qcc rename to cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant/NullptrNotTheOnlyFormOfTheNullPointerConstant.expected.qcc diff --git a/cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.ql b/cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant/NullptrNotTheOnlyFormOfTheNullPointerConstant.ql similarity index 57% rename from cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.ql rename to cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant/NullptrNotTheOnlyFormOfTheNullPointerConstant.ql index 6b9f1d2ac5..e3d6c4841f 100644 --- a/cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.ql +++ b/cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant/NullptrNotTheOnlyFormOfTheNullPointerConstant.ql @@ -1,6 +1,4 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.nullptrnottheonlyformofthenullpointerconstant_shared.NullptrNotTheOnlyFormOfTheNullPointerConstant_shared +import codingstandards.cpp.rules.nullptrnottheonlyformofthenullpointerconstant.NullptrNotTheOnlyFormOfTheNullPointerConstant -class TestFileQuery extends NullptrNotTheOnlyFormOfTheNullPointerConstant_sharedSharedQuery, - TestQuery -{ } +class TestFileQuery extends NullptrNotTheOnlyFormOfTheNullPointerConstantSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/test.cpp b/cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant/test.cpp similarity index 100% rename from cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/test.cpp rename to cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant/test.cpp diff --git a/cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/test.cpp.clang b/cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant/test.cpp.clang similarity index 100% rename from cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/test.cpp.clang rename to cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant/test.cpp.clang diff --git a/cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/test.cpp.gcc b/cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant/test.cpp.gcc similarity index 100% rename from cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/test.cpp.gcc rename to cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant/test.cpp.gcc diff --git a/cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/test.cpp.qcc b/cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant/test.cpp.qcc similarity index 100% rename from cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/test.cpp.qcc rename to cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant/test.cpp.qcc diff --git a/cpp/common/test/rules/objectsdynamictypeusedfromconstructorordestructor_shared/ObjectsDynamicTypeUsedFromConstructorOrDestructor_shared.expected b/cpp/common/test/rules/objectsdynamictypeusedfromconstructorordestructor/ObjectsDynamicTypeUsedFromConstructorOrDestructor.expected similarity index 100% rename from cpp/common/test/rules/objectsdynamictypeusedfromconstructorordestructor_shared/ObjectsDynamicTypeUsedFromConstructorOrDestructor_shared.expected rename to cpp/common/test/rules/objectsdynamictypeusedfromconstructorordestructor/ObjectsDynamicTypeUsedFromConstructorOrDestructor.expected diff --git a/cpp/common/test/rules/objectsdynamictypeusedfromconstructorordestructor_shared/ObjectsDynamicTypeUsedFromConstructorOrDestructor_shared.ql b/cpp/common/test/rules/objectsdynamictypeusedfromconstructorordestructor/ObjectsDynamicTypeUsedFromConstructorOrDestructor.ql similarity index 55% rename from cpp/common/test/rules/objectsdynamictypeusedfromconstructorordestructor_shared/ObjectsDynamicTypeUsedFromConstructorOrDestructor_shared.ql rename to cpp/common/test/rules/objectsdynamictypeusedfromconstructorordestructor/ObjectsDynamicTypeUsedFromConstructorOrDestructor.ql index 784e94366f..151af6a5a3 100644 --- a/cpp/common/test/rules/objectsdynamictypeusedfromconstructorordestructor_shared/ObjectsDynamicTypeUsedFromConstructorOrDestructor_shared.ql +++ b/cpp/common/test/rules/objectsdynamictypeusedfromconstructorordestructor/ObjectsDynamicTypeUsedFromConstructorOrDestructor.ql @@ -1,6 +1,5 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.objectsdynamictypeusedfromconstructorordestructor_shared.ObjectsDynamicTypeUsedFromConstructorOrDestructor_shared +import codingstandards.cpp.rules.objectsdynamictypeusedfromconstructorordestructor.ObjectsDynamicTypeUsedFromConstructorOrDestructor -class TestFileQuery extends ObjectsDynamicTypeUsedFromConstructorOrDestructor_sharedSharedQuery, - TestQuery -{ } +class TestFileQuery extends ObjectsDynamicTypeUsedFromConstructorOrDestructorSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/objectsdynamictypeusedfromconstructorordestructor_shared/test.cpp b/cpp/common/test/rules/objectsdynamictypeusedfromconstructorordestructor/test.cpp similarity index 100% rename from cpp/common/test/rules/objectsdynamictypeusedfromconstructorordestructor_shared/test.cpp rename to cpp/common/test/rules/objectsdynamictypeusedfromconstructorordestructor/test.cpp diff --git a/cpp/common/test/rules/overridingshallspecifydifferentdefaultarguments_shared/OverridingShallSpecifyDifferentDefaultArguments_shared.expected b/cpp/common/test/rules/overridingshallspecifydifferentdefaultarguments/OverridingShallSpecifyDifferentDefaultArguments.expected similarity index 100% rename from cpp/common/test/rules/overridingshallspecifydifferentdefaultarguments_shared/OverridingShallSpecifyDifferentDefaultArguments_shared.expected rename to cpp/common/test/rules/overridingshallspecifydifferentdefaultarguments/OverridingShallSpecifyDifferentDefaultArguments.expected diff --git a/cpp/common/test/rules/overridingshallspecifydifferentdefaultarguments_shared/OverridingShallSpecifyDifferentDefaultArguments_shared.ql b/cpp/common/test/rules/overridingshallspecifydifferentdefaultarguments/OverridingShallSpecifyDifferentDefaultArguments.ql similarity index 56% rename from cpp/common/test/rules/overridingshallspecifydifferentdefaultarguments_shared/OverridingShallSpecifyDifferentDefaultArguments_shared.ql rename to cpp/common/test/rules/overridingshallspecifydifferentdefaultarguments/OverridingShallSpecifyDifferentDefaultArguments.ql index 81578b5174..2bb15bb684 100644 --- a/cpp/common/test/rules/overridingshallspecifydifferentdefaultarguments_shared/OverridingShallSpecifyDifferentDefaultArguments_shared.ql +++ b/cpp/common/test/rules/overridingshallspecifydifferentdefaultarguments/OverridingShallSpecifyDifferentDefaultArguments.ql @@ -1,6 +1,5 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.overridingshallspecifydifferentdefaultarguments_shared.OverridingShallSpecifyDifferentDefaultArguments_shared +import codingstandards.cpp.rules.overridingshallspecifydifferentdefaultarguments.OverridingShallSpecifyDifferentDefaultArguments -class TestFileQuery extends OverridingShallSpecifyDifferentDefaultArguments_sharedSharedQuery, - TestQuery -{ } +class TestFileQuery extends OverridingShallSpecifyDifferentDefaultArgumentsSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/overridingshallspecifydifferentdefaultarguments_shared/test.cpp b/cpp/common/test/rules/overridingshallspecifydifferentdefaultarguments/test.cpp similarity index 100% rename from cpp/common/test/rules/overridingshallspecifydifferentdefaultarguments_shared/test.cpp rename to cpp/common/test/rules/overridingshallspecifydifferentdefaultarguments/test.cpp diff --git a/cpp/common/test/rules/potentiallyvirtualpointeronlycomparestonullptr_shared/PotentiallyVirtualPointerOnlyComparesToNullptr_shared.expected b/cpp/common/test/rules/potentiallyvirtualpointeronlycomparestonullptr/PotentiallyVirtualPointerOnlyComparesToNullptr.expected similarity index 100% rename from cpp/common/test/rules/potentiallyvirtualpointeronlycomparestonullptr_shared/PotentiallyVirtualPointerOnlyComparesToNullptr_shared.expected rename to cpp/common/test/rules/potentiallyvirtualpointeronlycomparestonullptr/PotentiallyVirtualPointerOnlyComparesToNullptr.expected diff --git a/cpp/common/test/rules/potentiallyvirtualpointeronlycomparestonullptr_shared/PotentiallyVirtualPointerOnlyComparesToNullptr_shared.ql b/cpp/common/test/rules/potentiallyvirtualpointeronlycomparestonullptr/PotentiallyVirtualPointerOnlyComparesToNullptr.ql similarity index 56% rename from cpp/common/test/rules/potentiallyvirtualpointeronlycomparestonullptr_shared/PotentiallyVirtualPointerOnlyComparesToNullptr_shared.ql rename to cpp/common/test/rules/potentiallyvirtualpointeronlycomparestonullptr/PotentiallyVirtualPointerOnlyComparesToNullptr.ql index b3f05d17a9..84263abc91 100644 --- a/cpp/common/test/rules/potentiallyvirtualpointeronlycomparestonullptr_shared/PotentiallyVirtualPointerOnlyComparesToNullptr_shared.ql +++ b/cpp/common/test/rules/potentiallyvirtualpointeronlycomparestonullptr/PotentiallyVirtualPointerOnlyComparesToNullptr.ql @@ -1,6 +1,4 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.potentiallyvirtualpointeronlycomparestonullptr_shared.PotentiallyVirtualPointerOnlyComparesToNullptr_shared +import codingstandards.cpp.rules.potentiallyvirtualpointeronlycomparestonullptr.PotentiallyVirtualPointerOnlyComparesToNullptr -class TestFileQuery extends PotentiallyVirtualPointerOnlyComparesToNullptr_sharedSharedQuery, - TestQuery -{ } +class TestFileQuery extends PotentiallyVirtualPointerOnlyComparesToNullptrSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/potentiallyvirtualpointeronlycomparestonullptr_shared/test.cpp b/cpp/common/test/rules/potentiallyvirtualpointeronlycomparestonullptr/test.cpp similarity index 100% rename from cpp/common/test/rules/potentiallyvirtualpointeronlycomparestonullptr_shared/test.cpp rename to cpp/common/test/rules/potentiallyvirtualpointeronlycomparestonullptr/test.cpp diff --git a/cpp/common/test/rules/reinterpretcastused_shared/ReinterpretCastUsed_shared.expected b/cpp/common/test/rules/reinterpretcastused/ReinterpretCastUsed.expected similarity index 100% rename from cpp/common/test/rules/reinterpretcastused_shared/ReinterpretCastUsed_shared.expected rename to cpp/common/test/rules/reinterpretcastused/ReinterpretCastUsed.expected diff --git a/cpp/common/test/rules/reinterpretcastused/ReinterpretCastUsed.ql b/cpp/common/test/rules/reinterpretcastused/ReinterpretCastUsed.ql new file mode 100644 index 0000000000..b58a7f4dbb --- /dev/null +++ b/cpp/common/test/rules/reinterpretcastused/ReinterpretCastUsed.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.reinterpretcastused.ReinterpretCastUsed + +class TestFileQuery extends ReinterpretCastUsedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/reinterpretcastused_shared/test.cpp b/cpp/common/test/rules/reinterpretcastused/test.cpp similarity index 100% rename from cpp/common/test/rules/reinterpretcastused_shared/test.cpp rename to cpp/common/test/rules/reinterpretcastused/test.cpp diff --git a/cpp/common/test/rules/reinterpretcastused_shared/ReinterpretCastUsed_shared.ql b/cpp/common/test/rules/reinterpretcastused_shared/ReinterpretCastUsed_shared.ql deleted file mode 100644 index af9a8f0ebe..0000000000 --- a/cpp/common/test/rules/reinterpretcastused_shared/ReinterpretCastUsed_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.reinterpretcastused_shared.ReinterpretCastUsed_shared - -class TestFileQuery extends ReinterpretCastUsed_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.expected b/cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused/ResultOfAnAssignmentOperatorShouldNotBeUsed.expected similarity index 100% rename from cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.expected rename to cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused/ResultOfAnAssignmentOperatorShouldNotBeUsed.expected diff --git a/cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql b/cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused/ResultOfAnAssignmentOperatorShouldNotBeUsed.ql similarity index 59% rename from cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql rename to cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused/ResultOfAnAssignmentOperatorShouldNotBeUsed.ql index af3f7697f7..286e4424a4 100644 --- a/cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql +++ b/cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused/ResultOfAnAssignmentOperatorShouldNotBeUsed.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.resultofanassignmentoperatorshouldnotbeused_shared.ResultOfAnAssignmentOperatorShouldNotBeUsed_shared +import codingstandards.cpp.rules.resultofanassignmentoperatorshouldnotbeused.ResultOfAnAssignmentOperatorShouldNotBeUsed -class TestFileQuery extends ResultOfAnAssignmentOperatorShouldNotBeUsed_sharedSharedQuery, TestQuery -{ } +class TestFileQuery extends ResultOfAnAssignmentOperatorShouldNotBeUsedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/test.cpp b/cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused/test.cpp similarity index 100% rename from cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/test.cpp rename to cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused/test.cpp diff --git a/cpp/common/test/rules/returnreferenceorpointertoautomaticlocalvariable_shared/ReturnReferenceOrPointerToAutomaticLocalVariable_shared.expected b/cpp/common/test/rules/returnreferenceorpointertoautomaticlocalvariable/ReturnReferenceOrPointerToAutomaticLocalVariable.expected similarity index 100% rename from cpp/common/test/rules/returnreferenceorpointertoautomaticlocalvariable_shared/ReturnReferenceOrPointerToAutomaticLocalVariable_shared.expected rename to cpp/common/test/rules/returnreferenceorpointertoautomaticlocalvariable/ReturnReferenceOrPointerToAutomaticLocalVariable.expected diff --git a/cpp/common/test/rules/returnreferenceorpointertoautomaticlocalvariable_shared/ReturnReferenceOrPointerToAutomaticLocalVariable_shared.ql b/cpp/common/test/rules/returnreferenceorpointertoautomaticlocalvariable/ReturnReferenceOrPointerToAutomaticLocalVariable.ql similarity index 55% rename from cpp/common/test/rules/returnreferenceorpointertoautomaticlocalvariable_shared/ReturnReferenceOrPointerToAutomaticLocalVariable_shared.ql rename to cpp/common/test/rules/returnreferenceorpointertoautomaticlocalvariable/ReturnReferenceOrPointerToAutomaticLocalVariable.ql index 7184897c6e..c6c9c9e8fc 100644 --- a/cpp/common/test/rules/returnreferenceorpointertoautomaticlocalvariable_shared/ReturnReferenceOrPointerToAutomaticLocalVariable_shared.ql +++ b/cpp/common/test/rules/returnreferenceorpointertoautomaticlocalvariable/ReturnReferenceOrPointerToAutomaticLocalVariable.ql @@ -1,6 +1,5 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.returnreferenceorpointertoautomaticlocalvariable_shared.ReturnReferenceOrPointerToAutomaticLocalVariable_shared +import codingstandards.cpp.rules.returnreferenceorpointertoautomaticlocalvariable.ReturnReferenceOrPointerToAutomaticLocalVariable -class TestFileQuery extends ReturnReferenceOrPointerToAutomaticLocalVariable_sharedSharedQuery, - TestQuery -{ } +class TestFileQuery extends ReturnReferenceOrPointerToAutomaticLocalVariableSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/returnreferenceorpointertoautomaticlocalvariable_shared/test.cpp b/cpp/common/test/rules/returnreferenceorpointertoautomaticlocalvariable/test.cpp similarity index 100% rename from cpp/common/test/rules/returnreferenceorpointertoautomaticlocalvariable_shared/test.cpp rename to cpp/common/test/rules/returnreferenceorpointertoautomaticlocalvariable/test.cpp diff --git a/cpp/common/test/rules/switchcompoundcondition_shared/SwitchCompoundCondition_shared.expected b/cpp/common/test/rules/switchcompoundcondition/SwitchCompoundCondition.expected similarity index 100% rename from cpp/common/test/rules/switchcompoundcondition_shared/SwitchCompoundCondition_shared.expected rename to cpp/common/test/rules/switchcompoundcondition/SwitchCompoundCondition.expected diff --git a/cpp/common/test/rules/switchcompoundcondition/SwitchCompoundCondition.ql b/cpp/common/test/rules/switchcompoundcondition/SwitchCompoundCondition.ql new file mode 100644 index 0000000000..8fb855036c --- /dev/null +++ b/cpp/common/test/rules/switchcompoundcondition/SwitchCompoundCondition.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.switchcompoundcondition.SwitchCompoundCondition + +class TestFileQuery extends SwitchCompoundConditionSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/switchcompoundcondition_shared/test.cpp b/cpp/common/test/rules/switchcompoundcondition/test.cpp similarity index 100% rename from cpp/common/test/rules/switchcompoundcondition_shared/test.cpp rename to cpp/common/test/rules/switchcompoundcondition/test.cpp diff --git a/cpp/common/test/rules/switchcompoundcondition_shared/SwitchCompoundCondition_shared.ql b/cpp/common/test/rules/switchcompoundcondition_shared/SwitchCompoundCondition_shared.ql deleted file mode 100644 index 9c296a8a24..0000000000 --- a/cpp/common/test/rules/switchcompoundcondition_shared/SwitchCompoundCondition_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.switchcompoundcondition_shared.SwitchCompoundCondition_shared - -class TestFileQuery extends SwitchCompoundCondition_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed_shared/UnsignedIntegerLiteralsNotAppropriatelySuffixed_shared.expected b/cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed/UnsignedIntegerLiteralsNotAppropriatelySuffixed.expected similarity index 100% rename from cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed_shared/UnsignedIntegerLiteralsNotAppropriatelySuffixed_shared.expected rename to cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed/UnsignedIntegerLiteralsNotAppropriatelySuffixed.expected diff --git a/cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed_shared/UnsignedIntegerLiteralsNotAppropriatelySuffixed_shared.ql b/cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed/UnsignedIntegerLiteralsNotAppropriatelySuffixed.ql similarity index 56% rename from cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed_shared/UnsignedIntegerLiteralsNotAppropriatelySuffixed_shared.ql rename to cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed/UnsignedIntegerLiteralsNotAppropriatelySuffixed.ql index 3ed0fc3b14..30f07a3f22 100644 --- a/cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed_shared/UnsignedIntegerLiteralsNotAppropriatelySuffixed_shared.ql +++ b/cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed/UnsignedIntegerLiteralsNotAppropriatelySuffixed.ql @@ -1,6 +1,5 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.unsignedintegerliteralsnotappropriatelysuffixed_shared.UnsignedIntegerLiteralsNotAppropriatelySuffixed_shared +import codingstandards.cpp.rules.unsignedintegerliteralsnotappropriatelysuffixed.UnsignedIntegerLiteralsNotAppropriatelySuffixed -class TestFileQuery extends UnsignedIntegerLiteralsNotAppropriatelySuffixed_sharedSharedQuery, - TestQuery -{ } +class TestFileQuery extends UnsignedIntegerLiteralsNotAppropriatelySuffixedSharedQuery, TestQuery { +} diff --git a/cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed_shared/test.cpp b/cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed/test.cpp similarity index 100% rename from cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed_shared/test.cpp rename to cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed/test.cpp diff --git a/cpp/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.expected b/cpp/common/test/rules/unsignedoperationwithconstantoperandswraps/UnsignedOperationWithConstantOperandsWraps.expected similarity index 100% rename from cpp/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.expected rename to cpp/common/test/rules/unsignedoperationwithconstantoperandswraps/UnsignedOperationWithConstantOperandsWraps.expected diff --git a/cpp/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.ql b/cpp/common/test/rules/unsignedoperationwithconstantoperandswraps/UnsignedOperationWithConstantOperandsWraps.ql similarity index 59% rename from cpp/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.ql rename to cpp/common/test/rules/unsignedoperationwithconstantoperandswraps/UnsignedOperationWithConstantOperandsWraps.ql index 24780bcc5d..b88e7637c1 100644 --- a/cpp/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.ql +++ b/cpp/common/test/rules/unsignedoperationwithconstantoperandswraps/UnsignedOperationWithConstantOperandsWraps.ql @@ -1,5 +1,4 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.unsignedoperationwithconstantoperandswraps_shared.UnsignedOperationWithConstantOperandsWraps_shared +import codingstandards.cpp.rules.unsignedoperationwithconstantoperandswraps.UnsignedOperationWithConstantOperandsWraps -class TestFileQuery extends UnsignedOperationWithConstantOperandsWraps_sharedSharedQuery, TestQuery { -} +class TestFileQuery extends UnsignedOperationWithConstantOperandsWrapsSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/test.cpp b/cpp/common/test/rules/unsignedoperationwithconstantoperandswraps/test.cpp similarity index 100% rename from cpp/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/test.cpp rename to cpp/common/test/rules/unsignedoperationwithconstantoperandswraps/test.cpp diff --git a/cpp/common/test/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.expected b/cpp/common/test/rules/useofnonzerooctalliteral/UseOfNonZeroOctalLiteral.expected similarity index 100% rename from cpp/common/test/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.expected rename to cpp/common/test/rules/useofnonzerooctalliteral/UseOfNonZeroOctalLiteral.expected diff --git a/cpp/common/test/rules/useofnonzerooctalliteral/UseOfNonZeroOctalLiteral.ql b/cpp/common/test/rules/useofnonzerooctalliteral/UseOfNonZeroOctalLiteral.ql new file mode 100644 index 0000000000..0404a7bc0c --- /dev/null +++ b/cpp/common/test/rules/useofnonzerooctalliteral/UseOfNonZeroOctalLiteral.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.useofnonzerooctalliteral.UseOfNonZeroOctalLiteral + +class TestFileQuery extends UseOfNonZeroOctalLiteralSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/useofnonzerooctalliteral_shared/test.cpp b/cpp/common/test/rules/useofnonzerooctalliteral/test.cpp similarity index 100% rename from cpp/common/test/rules/useofnonzerooctalliteral_shared/test.cpp rename to cpp/common/test/rules/useofnonzerooctalliteral/test.cpp diff --git a/cpp/common/test/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.ql b/cpp/common/test/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.ql deleted file mode 100644 index dcd6042639..0000000000 --- a/cpp/common/test/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.useofnonzerooctalliteral_shared.UseOfNonZeroOctalLiteral_shared - -class TestFileQuery extends UseOfNonZeroOctalLiteral_sharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/vectorshouldnotbespecializedwithbool_shared/VectorShouldNotBeSpecializedWithBool_shared.expected b/cpp/common/test/rules/vectorshouldnotbespecializedwithbool/VectorShouldNotBeSpecializedWithBool.expected similarity index 100% rename from cpp/common/test/rules/vectorshouldnotbespecializedwithbool_shared/VectorShouldNotBeSpecializedWithBool_shared.expected rename to cpp/common/test/rules/vectorshouldnotbespecializedwithbool/VectorShouldNotBeSpecializedWithBool.expected diff --git a/cpp/common/test/rules/vectorshouldnotbespecializedwithbool_shared/VectorShouldNotBeSpecializedWithBool_shared.expected.qcc b/cpp/common/test/rules/vectorshouldnotbespecializedwithbool/VectorShouldNotBeSpecializedWithBool.expected.qcc similarity index 100% rename from cpp/common/test/rules/vectorshouldnotbespecializedwithbool_shared/VectorShouldNotBeSpecializedWithBool_shared.expected.qcc rename to cpp/common/test/rules/vectorshouldnotbespecializedwithbool/VectorShouldNotBeSpecializedWithBool.expected.qcc diff --git a/cpp/common/test/rules/vectorshouldnotbespecializedwithbool_shared/VectorShouldNotBeSpecializedWithBool_shared.ql b/cpp/common/test/rules/vectorshouldnotbespecializedwithbool/VectorShouldNotBeSpecializedWithBool.ql similarity index 64% rename from cpp/common/test/rules/vectorshouldnotbespecializedwithbool_shared/VectorShouldNotBeSpecializedWithBool_shared.ql rename to cpp/common/test/rules/vectorshouldnotbespecializedwithbool/VectorShouldNotBeSpecializedWithBool.ql index 6bedf0ab1c..a965d5e5d6 100644 --- a/cpp/common/test/rules/vectorshouldnotbespecializedwithbool_shared/VectorShouldNotBeSpecializedWithBool_shared.ql +++ b/cpp/common/test/rules/vectorshouldnotbespecializedwithbool/VectorShouldNotBeSpecializedWithBool.ql @@ -1,4 +1,4 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.vectorshouldnotbespecializedwithbool_shared.VectorShouldNotBeSpecializedWithBool_shared +import codingstandards.cpp.rules.vectorshouldnotbespecializedwithbool.VectorShouldNotBeSpecializedWithBool -class TestFileQuery extends VectorShouldNotBeSpecializedWithBool_sharedSharedQuery, TestQuery { } +class TestFileQuery extends VectorShouldNotBeSpecializedWithBoolSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/vectorshouldnotbespecializedwithbool_shared/test.cpp b/cpp/common/test/rules/vectorshouldnotbespecializedwithbool/test.cpp similarity index 100% rename from cpp/common/test/rules/vectorshouldnotbespecializedwithbool_shared/test.cpp rename to cpp/common/test/rules/vectorshouldnotbespecializedwithbool/test.cpp diff --git a/cpp/common/test/rules/virtualandnonvirtualclassinthehierarchy_shared/VirtualAndNonVirtualClassInTheHierarchy_shared.expected b/cpp/common/test/rules/virtualandnonvirtualclassinthehierarchy/VirtualAndNonVirtualClassInTheHierarchy.expected similarity index 100% rename from cpp/common/test/rules/virtualandnonvirtualclassinthehierarchy_shared/VirtualAndNonVirtualClassInTheHierarchy_shared.expected rename to cpp/common/test/rules/virtualandnonvirtualclassinthehierarchy/VirtualAndNonVirtualClassInTheHierarchy.expected diff --git a/cpp/common/test/rules/virtualandnonvirtualclassinthehierarchy_shared/VirtualAndNonVirtualClassInTheHierarchy_shared.ql b/cpp/common/test/rules/virtualandnonvirtualclassinthehierarchy/VirtualAndNonVirtualClassInTheHierarchy.ql similarity index 61% rename from cpp/common/test/rules/virtualandnonvirtualclassinthehierarchy_shared/VirtualAndNonVirtualClassInTheHierarchy_shared.ql rename to cpp/common/test/rules/virtualandnonvirtualclassinthehierarchy/VirtualAndNonVirtualClassInTheHierarchy.ql index 38348b693b..2137cbeb66 100644 --- a/cpp/common/test/rules/virtualandnonvirtualclassinthehierarchy_shared/VirtualAndNonVirtualClassInTheHierarchy_shared.ql +++ b/cpp/common/test/rules/virtualandnonvirtualclassinthehierarchy/VirtualAndNonVirtualClassInTheHierarchy.ql @@ -1,4 +1,4 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.virtualandnonvirtualclassinthehierarchy_shared.VirtualAndNonVirtualClassInTheHierarchy_shared +import codingstandards.cpp.rules.virtualandnonvirtualclassinthehierarchy.VirtualAndNonVirtualClassInTheHierarchy -class TestFileQuery extends VirtualAndNonVirtualClassInTheHierarchy_sharedSharedQuery, TestQuery { } +class TestFileQuery extends VirtualAndNonVirtualClassInTheHierarchySharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/virtualandnonvirtualclassinthehierarchy_shared/test.cpp b/cpp/common/test/rules/virtualandnonvirtualclassinthehierarchy/test.cpp similarity index 100% rename from cpp/common/test/rules/virtualandnonvirtualclassinthehierarchy_shared/test.cpp rename to cpp/common/test/rules/virtualandnonvirtualclassinthehierarchy/test.cpp diff --git a/cpp/misra/src/rules/DIR-15-8-1/CopyAndMoveAssignmentsShallHandleSelfAssignment.ql b/cpp/misra/src/rules/DIR-15-8-1/CopyAndMoveAssignmentsShallHandleSelfAssignment.ql index 52f876e891..daf6e89530 100644 --- a/cpp/misra/src/rules/DIR-15-8-1/CopyAndMoveAssignmentsShallHandleSelfAssignment.ql +++ b/cpp/misra/src/rules/DIR-15-8-1/CopyAndMoveAssignmentsShallHandleSelfAssignment.ql @@ -14,9 +14,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.copyandmoveassignmentsshallhandleselfassignment_shared.CopyAndMoveAssignmentsShallHandleSelfAssignment_shared +import codingstandards.cpp.rules.copyandmoveassignmentsshallhandleselfassignment.CopyAndMoveAssignmentsShallHandleSelfAssignment -class CopyAndMoveAssignmentsShallHandleSelfAssignmentQuery extends CopyAndMoveAssignmentsShallHandleSelfAssignment_sharedSharedQuery +class CopyAndMoveAssignmentsShallHandleSelfAssignmentQuery extends CopyAndMoveAssignmentsShallHandleSelfAssignmentSharedQuery { CopyAndMoveAssignmentsShallHandleSelfAssignmentQuery() { this = ImportMisra23Package::copyAndMoveAssignmentsShallHandleSelfAssignmentQuery() diff --git a/cpp/misra/src/rules/RULE-10-0-1/UseSingleGlobalOrMemberDeclarators.ql b/cpp/misra/src/rules/RULE-10-0-1/UseSingleGlobalOrMemberDeclarators.ql index b8b2bc528b..b7117682e2 100644 --- a/cpp/misra/src/rules/RULE-10-0-1/UseSingleGlobalOrMemberDeclarators.ql +++ b/cpp/misra/src/rules/RULE-10-0-1/UseSingleGlobalOrMemberDeclarators.ql @@ -15,9 +15,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.multipleglobalormemberdeclarators_shared.MultipleGlobalOrMemberDeclarators_shared +import codingstandards.cpp.rules.multipleglobalormemberdeclarators.MultipleGlobalOrMemberDeclarators -class UseSingleGlobalOrMemberDeclaratorsQuery extends MultipleGlobalOrMemberDeclarators_sharedSharedQuery +class UseSingleGlobalOrMemberDeclaratorsQuery extends MultipleGlobalOrMemberDeclaratorsSharedQuery { UseSingleGlobalOrMemberDeclaratorsQuery() { this = ImportMisra23Package::useSingleGlobalOrMemberDeclaratorsQuery() diff --git a/cpp/misra/src/rules/RULE-10-0-1/UseSingleLocalDeclarators.ql b/cpp/misra/src/rules/RULE-10-0-1/UseSingleLocalDeclarators.ql index fcfe438f85..6d756daa87 100644 --- a/cpp/misra/src/rules/RULE-10-0-1/UseSingleLocalDeclarators.ql +++ b/cpp/misra/src/rules/RULE-10-0-1/UseSingleLocalDeclarators.ql @@ -15,8 +15,8 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.multiplelocaldeclarators_shared.MultipleLocalDeclarators_shared +import codingstandards.cpp.rules.multiplelocaldeclarators.MultipleLocalDeclarators -class UseSingleLocalDeclaratorsQuery extends MultipleLocalDeclarators_sharedSharedQuery { +class UseSingleLocalDeclaratorsQuery extends MultipleLocalDeclaratorsSharedQuery { UseSingleLocalDeclaratorsQuery() { this = ImportMisra23Package::useSingleLocalDeclaratorsQuery() } } diff --git a/cpp/misra/src/rules/RULE-10-2-1/EnumerationNotDefinedWithAnExplicitUnderlyingType.ql b/cpp/misra/src/rules/RULE-10-2-1/EnumerationNotDefinedWithAnExplicitUnderlyingType.ql index d014d6e119..ab4b6a19a1 100644 --- a/cpp/misra/src/rules/RULE-10-2-1/EnumerationNotDefinedWithAnExplicitUnderlyingType.ql +++ b/cpp/misra/src/rules/RULE-10-2-1/EnumerationNotDefinedWithAnExplicitUnderlyingType.ql @@ -13,9 +13,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.enumerationnotdefinedwithanexplicitunderlyingtype_shared.EnumerationNotDefinedWithAnExplicitUnderlyingType_shared +import codingstandards.cpp.rules.enumerationnotdefinedwithanexplicitunderlyingtype.EnumerationNotDefinedWithAnExplicitUnderlyingType -class EnumerationNotDefinedWithAnExplicitUnderlyingTypeQuery extends EnumerationNotDefinedWithAnExplicitUnderlyingType_sharedSharedQuery +class EnumerationNotDefinedWithAnExplicitUnderlyingTypeQuery extends EnumerationNotDefinedWithAnExplicitUnderlyingTypeSharedQuery { EnumerationNotDefinedWithAnExplicitUnderlyingTypeQuery() { this = ImportMisra23Package::enumerationNotDefinedWithAnExplicitUnderlyingTypeQuery() diff --git a/cpp/misra/src/rules/RULE-10-4-1/AsmDeclarationShallNotBeUsed.ql b/cpp/misra/src/rules/RULE-10-4-1/AsmDeclarationShallNotBeUsed.ql index 7ef737a0a3..5a2f4c4265 100644 --- a/cpp/misra/src/rules/RULE-10-4-1/AsmDeclarationShallNotBeUsed.ql +++ b/cpp/misra/src/rules/RULE-10-4-1/AsmDeclarationShallNotBeUsed.ql @@ -13,9 +13,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.asmdeclarationused_shared.AsmDeclarationUsed_shared +import codingstandards.cpp.rules.asmdeclarationused.AsmDeclarationUsed -class AsmDeclarationShallNotBeUsedQuery extends AsmDeclarationUsed_sharedSharedQuery { +class AsmDeclarationShallNotBeUsedQuery extends AsmDeclarationUsedSharedQuery { AsmDeclarationShallNotBeUsedQuery() { this = ImportMisra23Package::asmDeclarationShallNotBeUsedQuery() } diff --git a/cpp/misra/src/rules/RULE-11-6-3/NonUniqueEnumerationConstant.ql b/cpp/misra/src/rules/RULE-11-6-3/NonUniqueEnumerationConstant.ql index bfcc9414ac..faa0880a75 100644 --- a/cpp/misra/src/rules/RULE-11-6-3/NonUniqueEnumerationConstant.ql +++ b/cpp/misra/src/rules/RULE-11-6-3/NonUniqueEnumerationConstant.ql @@ -14,9 +14,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.nonuniqueenumerationconstant_shared.NonUniqueEnumerationConstant_shared +import codingstandards.cpp.rules.nonuniqueenumerationconstant.NonUniqueEnumerationConstant -class NonUniqueEnumerationConstantQuery extends NonUniqueEnumerationConstant_sharedSharedQuery { +class NonUniqueEnumerationConstantQuery extends NonUniqueEnumerationConstantSharedQuery { NonUniqueEnumerationConstantQuery() { this = ImportMisra23Package::nonUniqueEnumerationConstantQuery() } diff --git a/cpp/misra/src/rules/RULE-12-2-2/BitFieldShallHaveAnAppropriateType.ql b/cpp/misra/src/rules/RULE-12-2-2/BitFieldShallHaveAnAppropriateType.ql index 5006884483..7f7df9cda3 100644 --- a/cpp/misra/src/rules/RULE-12-2-2/BitFieldShallHaveAnAppropriateType.ql +++ b/cpp/misra/src/rules/RULE-12-2-2/BitFieldShallHaveAnAppropriateType.ql @@ -13,9 +13,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.bitfieldshallhaveanappropriatetype_shared.BitFieldShallHaveAnAppropriateType_shared +import codingstandards.cpp.rules.bitfieldshallhaveanappropriatetype.BitFieldShallHaveAnAppropriateType -class BitFieldShallHaveAnAppropriateTypeQuery extends BitFieldShallHaveAnAppropriateType_sharedSharedQuery +class BitFieldShallHaveAnAppropriateTypeQuery extends BitFieldShallHaveAnAppropriateTypeSharedQuery { BitFieldShallHaveAnAppropriateTypeQuery() { this = ImportMisra23Package::bitFieldShallHaveAnAppropriateTypeQuery() diff --git a/cpp/misra/src/rules/RULE-12-2-3/SignedIntegerNamedBitFieldHaveALengthOfOneBit.ql b/cpp/misra/src/rules/RULE-12-2-3/SignedIntegerNamedBitFieldHaveALengthOfOneBit.ql index 0f03fad533..df547bbec8 100644 --- a/cpp/misra/src/rules/RULE-12-2-3/SignedIntegerNamedBitFieldHaveALengthOfOneBit.ql +++ b/cpp/misra/src/rules/RULE-12-2-3/SignedIntegerNamedBitFieldHaveALengthOfOneBit.ql @@ -13,9 +13,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.namedbitfieldswithsignedintegertype_shared.NamedBitFieldsWithSignedIntegerType_shared +import codingstandards.cpp.rules.namedbitfieldswithsignedintegertype.NamedBitFieldsWithSignedIntegerType -class SignedIntegerNamedBitFieldHaveALengthOfOneBitQuery extends NamedBitFieldsWithSignedIntegerType_sharedSharedQuery +class SignedIntegerNamedBitFieldHaveALengthOfOneBitQuery extends NamedBitFieldsWithSignedIntegerTypeSharedQuery { SignedIntegerNamedBitFieldHaveALengthOfOneBitQuery() { this = ImportMisra23Package::signedIntegerNamedBitFieldHaveALengthOfOneBitQuery() diff --git a/cpp/misra/src/rules/RULE-13-1-2/VirtualAndNonVirtualClassInTheHierarchy.ql b/cpp/misra/src/rules/RULE-13-1-2/VirtualAndNonVirtualClassInTheHierarchy.ql index 28d0a4c185..75030afbfb 100644 --- a/cpp/misra/src/rules/RULE-13-1-2/VirtualAndNonVirtualClassInTheHierarchy.ql +++ b/cpp/misra/src/rules/RULE-13-1-2/VirtualAndNonVirtualClassInTheHierarchy.ql @@ -14,9 +14,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.virtualandnonvirtualclassinthehierarchy_shared.VirtualAndNonVirtualClassInTheHierarchy_shared +import codingstandards.cpp.rules.virtualandnonvirtualclassinthehierarchy.VirtualAndNonVirtualClassInTheHierarchy -class VirtualAndNonVirtualClassInTheHierarchyQuery extends VirtualAndNonVirtualClassInTheHierarchy_sharedSharedQuery +class VirtualAndNonVirtualClassInTheHierarchyQuery extends VirtualAndNonVirtualClassInTheHierarchySharedQuery { VirtualAndNonVirtualClassInTheHierarchyQuery() { this = ImportMisra23Package::virtualAndNonVirtualClassInTheHierarchyQuery() diff --git a/cpp/misra/src/rules/RULE-13-3-2/OverridingShallSpecifyDifferentDefaultArguments.ql b/cpp/misra/src/rules/RULE-13-3-2/OverridingShallSpecifyDifferentDefaultArguments.ql index f823da6d2d..519589984e 100644 --- a/cpp/misra/src/rules/RULE-13-3-2/OverridingShallSpecifyDifferentDefaultArguments.ql +++ b/cpp/misra/src/rules/RULE-13-3-2/OverridingShallSpecifyDifferentDefaultArguments.ql @@ -14,9 +14,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.overridingshallspecifydifferentdefaultarguments_shared.OverridingShallSpecifyDifferentDefaultArguments_shared +import codingstandards.cpp.rules.overridingshallspecifydifferentdefaultarguments.OverridingShallSpecifyDifferentDefaultArguments -class OverridingShallSpecifyDifferentDefaultArgumentsQuery extends OverridingShallSpecifyDifferentDefaultArguments_sharedSharedQuery +class OverridingShallSpecifyDifferentDefaultArgumentsQuery extends OverridingShallSpecifyDifferentDefaultArgumentsSharedQuery { OverridingShallSpecifyDifferentDefaultArgumentsQuery() { this = ImportMisra23Package::overridingShallSpecifyDifferentDefaultArgumentsQuery() diff --git a/cpp/misra/src/rules/RULE-13-3-4/PotentiallyVirtualPointerOnlyComparesToNullptr.ql b/cpp/misra/src/rules/RULE-13-3-4/PotentiallyVirtualPointerOnlyComparesToNullptr.ql index 0bdfe750ff..1c528396e0 100644 --- a/cpp/misra/src/rules/RULE-13-3-4/PotentiallyVirtualPointerOnlyComparesToNullptr.ql +++ b/cpp/misra/src/rules/RULE-13-3-4/PotentiallyVirtualPointerOnlyComparesToNullptr.ql @@ -14,9 +14,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.potentiallyvirtualpointeronlycomparestonullptr_shared.PotentiallyVirtualPointerOnlyComparesToNullptr_shared +import codingstandards.cpp.rules.potentiallyvirtualpointeronlycomparestonullptr.PotentiallyVirtualPointerOnlyComparesToNullptr -class PotentiallyVirtualPointerOnlyComparesToNullptrQuery extends PotentiallyVirtualPointerOnlyComparesToNullptr_sharedSharedQuery +class PotentiallyVirtualPointerOnlyComparesToNullptrQuery extends PotentiallyVirtualPointerOnlyComparesToNullptrSharedQuery { PotentiallyVirtualPointerOnlyComparesToNullptrQuery() { this = ImportMisra23Package::potentiallyVirtualPointerOnlyComparesToNullptrQuery() diff --git a/cpp/misra/src/rules/RULE-15-1-1/ObjectsDynamicTypeUsedFromConstructorOrDestructor.ql b/cpp/misra/src/rules/RULE-15-1-1/ObjectsDynamicTypeUsedFromConstructorOrDestructor.ql index 6b23e7d1ac..f23c1afab8 100644 --- a/cpp/misra/src/rules/RULE-15-1-1/ObjectsDynamicTypeUsedFromConstructorOrDestructor.ql +++ b/cpp/misra/src/rules/RULE-15-1-1/ObjectsDynamicTypeUsedFromConstructorOrDestructor.ql @@ -14,9 +14,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.objectsdynamictypeusedfromconstructorordestructor_shared.ObjectsDynamicTypeUsedFromConstructorOrDestructor_shared +import codingstandards.cpp.rules.objectsdynamictypeusedfromconstructorordestructor.ObjectsDynamicTypeUsedFromConstructorOrDestructor -class ObjectsDynamicTypeUsedFromConstructorOrDestructorQuery extends ObjectsDynamicTypeUsedFromConstructorOrDestructor_sharedSharedQuery +class ObjectsDynamicTypeUsedFromConstructorOrDestructorQuery extends ObjectsDynamicTypeUsedFromConstructorOrDestructorSharedQuery { ObjectsDynamicTypeUsedFromConstructorOrDestructorQuery() { this = ImportMisra23Package::objectsDynamicTypeUsedFromConstructorOrDestructorQuery() diff --git a/cpp/misra/src/rules/RULE-15-1-2/InitializeAllVirtualBaseClasses.ql b/cpp/misra/src/rules/RULE-15-1-2/InitializeAllVirtualBaseClasses.ql index 42a4813086..d128b2422a 100644 --- a/cpp/misra/src/rules/RULE-15-1-2/InitializeAllVirtualBaseClasses.ql +++ b/cpp/misra/src/rules/RULE-15-1-2/InitializeAllVirtualBaseClasses.ql @@ -14,9 +14,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.initializeallvirtualbaseclasses_shared.InitializeAllVirtualBaseClasses_shared +import codingstandards.cpp.rules.initializeallvirtualbaseclasses.InitializeAllVirtualBaseClasses -class InitializeAllVirtualBaseClassesQuery extends InitializeAllVirtualBaseClasses_sharedSharedQuery +class InitializeAllVirtualBaseClassesQuery extends InitializeAllVirtualBaseClassesSharedQuery { InitializeAllVirtualBaseClassesQuery() { this = ImportMisra23Package::initializeAllVirtualBaseClassesQuery() diff --git a/cpp/misra/src/rules/RULE-15-1-5/InitializerListConstructorIsTheOnlyConstructor.ql b/cpp/misra/src/rules/RULE-15-1-5/InitializerListConstructorIsTheOnlyConstructor.ql index 47d17df3ed..c7cf1856cd 100644 --- a/cpp/misra/src/rules/RULE-15-1-5/InitializerListConstructorIsTheOnlyConstructor.ql +++ b/cpp/misra/src/rules/RULE-15-1-5/InitializerListConstructorIsTheOnlyConstructor.ql @@ -14,9 +14,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.initializerlistconstructoristheonlyconstructor_shared.InitializerListConstructorIsTheOnlyConstructor_shared +import codingstandards.cpp.rules.initializerlistconstructoristheonlyconstructor.InitializerListConstructorIsTheOnlyConstructor -class InitializerListConstructorIsTheOnlyConstructorQuery extends InitializerListConstructorIsTheOnlyConstructor_sharedSharedQuery +class InitializerListConstructorIsTheOnlyConstructorQuery extends InitializerListConstructorIsTheOnlyConstructorSharedQuery { InitializerListConstructorIsTheOnlyConstructorQuery() { this = ImportMisra23Package::initializerListConstructorIsTheOnlyConstructorQuery() diff --git a/cpp/misra/src/rules/RULE-16-5-2/AddressOfOperatorOverloaded.ql b/cpp/misra/src/rules/RULE-16-5-2/AddressOfOperatorOverloaded.ql index 11623e996e..937ec4e9e3 100644 --- a/cpp/misra/src/rules/RULE-16-5-2/AddressOfOperatorOverloaded.ql +++ b/cpp/misra/src/rules/RULE-16-5-2/AddressOfOperatorOverloaded.ql @@ -13,9 +13,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.addressofoperatoroverloaded_shared.AddressOfOperatorOverloaded_shared +import codingstandards.cpp.rules.addressofoperatoroverloaded.AddressOfOperatorOverloaded -class AddressOfOperatorOverloadedQuery extends AddressOfOperatorOverloaded_sharedSharedQuery { +class AddressOfOperatorOverloadedQuery extends AddressOfOperatorOverloadedSharedQuery { AddressOfOperatorOverloadedQuery() { this = ImportMisra23Package::addressOfOperatorOverloadedQuery() } diff --git a/cpp/misra/src/rules/RULE-17-8-1/FunctionTemplatesExplicitlySpecialized.ql b/cpp/misra/src/rules/RULE-17-8-1/FunctionTemplatesExplicitlySpecialized.ql index 7fd2ecafd2..c7b306946b 100644 --- a/cpp/misra/src/rules/RULE-17-8-1/FunctionTemplatesExplicitlySpecialized.ql +++ b/cpp/misra/src/rules/RULE-17-8-1/FunctionTemplatesExplicitlySpecialized.ql @@ -13,9 +13,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.functiontemplatesexplicitlyspecialized_shared.FunctionTemplatesExplicitlySpecialized_shared +import codingstandards.cpp.rules.functiontemplatesexplicitlyspecialized.FunctionTemplatesExplicitlySpecialized -class FunctionTemplatesExplicitlySpecializedQuery extends FunctionTemplatesExplicitlySpecialized_sharedSharedQuery +class FunctionTemplatesExplicitlySpecializedQuery extends FunctionTemplatesExplicitlySpecializedSharedQuery { FunctionTemplatesExplicitlySpecializedQuery() { this = ImportMisra23Package::functionTemplatesExplicitlySpecializedQuery() diff --git a/cpp/misra/src/rules/RULE-18-1-1/ExceptionObjectHavePointerType.ql b/cpp/misra/src/rules/RULE-18-1-1/ExceptionObjectHavePointerType.ql index db7683c7f2..cbae5c1da4 100644 --- a/cpp/misra/src/rules/RULE-18-1-1/ExceptionObjectHavePointerType.ql +++ b/cpp/misra/src/rules/RULE-18-1-1/ExceptionObjectHavePointerType.ql @@ -13,9 +13,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.exceptionobjecthavepointertype_shared.ExceptionObjectHavePointerType_shared +import codingstandards.cpp.rules.exceptionobjecthavepointertype.ExceptionObjectHavePointerType -class ExceptionObjectHavePointerTypeQuery extends ExceptionObjectHavePointerType_sharedSharedQuery { +class ExceptionObjectHavePointerTypeQuery extends ExceptionObjectHavePointerTypeSharedQuery { ExceptionObjectHavePointerTypeQuery() { this = ImportMisra23Package::exceptionObjectHavePointerTypeQuery() } diff --git a/cpp/misra/src/rules/RULE-18-1-2/EmptyThrowOnlyWithinACatchHandler.ql b/cpp/misra/src/rules/RULE-18-1-2/EmptyThrowOnlyWithinACatchHandler.ql index e37025a0af..2bea30cb83 100644 --- a/cpp/misra/src/rules/RULE-18-1-2/EmptyThrowOnlyWithinACatchHandler.ql +++ b/cpp/misra/src/rules/RULE-18-1-2/EmptyThrowOnlyWithinACatchHandler.ql @@ -13,9 +13,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.emptythrowonlywithinacatchhandler_shared.EmptyThrowOnlyWithinACatchHandler_shared +import codingstandards.cpp.rules.emptythrowonlywithinacatchhandler.EmptyThrowOnlyWithinACatchHandler -class EmptyThrowOnlyWithinACatchHandlerQuery extends EmptyThrowOnlyWithinACatchHandler_sharedSharedQuery +class EmptyThrowOnlyWithinACatchHandlerQuery extends EmptyThrowOnlyWithinACatchHandlerSharedQuery { EmptyThrowOnlyWithinACatchHandlerQuery() { this = ImportMisra23Package::emptyThrowOnlyWithinACatchHandlerQuery() diff --git a/cpp/misra/src/rules/RULE-18-5-1/NoexceptFunctionShouldNotPropagateToTheCaller.ql b/cpp/misra/src/rules/RULE-18-5-1/NoexceptFunctionShouldNotPropagateToTheCaller.ql index 6bea89c4ce..61d8a0ebd4 100644 --- a/cpp/misra/src/rules/RULE-18-5-1/NoexceptFunctionShouldNotPropagateToTheCaller.ql +++ b/cpp/misra/src/rules/RULE-18-5-1/NoexceptFunctionShouldNotPropagateToTheCaller.ql @@ -14,9 +14,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.noexceptfunctionshouldnotpropagatetothecaller_shared.NoexceptFunctionShouldNotPropagateToTheCaller_shared +import codingstandards.cpp.rules.noexceptfunctionshouldnotpropagatetothecaller.NoexceptFunctionShouldNotPropagateToTheCaller -class NoexceptFunctionShouldNotPropagateToTheCallerQuery extends NoexceptFunctionShouldNotPropagateToTheCaller_sharedSharedQuery +class NoexceptFunctionShouldNotPropagateToTheCallerQuery extends NoexceptFunctionShouldNotPropagateToTheCallerSharedQuery { NoexceptFunctionShouldNotPropagateToTheCallerQuery() { this = ImportMisra23Package::noexceptFunctionShouldNotPropagateToTheCallerQuery() diff --git a/cpp/misra/src/rules/RULE-19-0-2/FunctionLikeMacrosDefined.ql b/cpp/misra/src/rules/RULE-19-0-2/FunctionLikeMacrosDefined.ql index 6cc143deb9..d9e4d5a810 100644 --- a/cpp/misra/src/rules/RULE-19-0-2/FunctionLikeMacrosDefined.ql +++ b/cpp/misra/src/rules/RULE-19-0-2/FunctionLikeMacrosDefined.ql @@ -13,8 +13,8 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.functionlikemacrosdefined_shared.FunctionLikeMacrosDefined_shared +import codingstandards.cpp.rules.functionlikemacrosdefined.FunctionLikeMacrosDefined -class FunctionLikeMacrosDefinedQuery extends FunctionLikeMacrosDefined_sharedSharedQuery { +class FunctionLikeMacrosDefinedQuery extends FunctionLikeMacrosDefinedSharedQuery { FunctionLikeMacrosDefinedQuery() { this = ImportMisra23Package::functionLikeMacrosDefinedQuery() } } diff --git a/cpp/misra/src/rules/RULE-19-3-2/MacroParameterFollowingHash.ql b/cpp/misra/src/rules/RULE-19-3-2/MacroParameterFollowingHash.ql index 8c90302b7a..12e95ced04 100644 --- a/cpp/misra/src/rules/RULE-19-3-2/MacroParameterFollowingHash.ql +++ b/cpp/misra/src/rules/RULE-19-3-2/MacroParameterFollowingHash.ql @@ -14,9 +14,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.macroparameterfollowinghash_shared.MacroParameterFollowingHash_shared +import codingstandards.cpp.rules.macroparameterfollowinghash.MacroParameterFollowingHash -class MacroParameterFollowingHashQuery extends MacroParameterFollowingHash_sharedSharedQuery { +class MacroParameterFollowingHashQuery extends MacroParameterFollowingHashSharedQuery { MacroParameterFollowingHashQuery() { this = ImportMisra23Package::macroParameterFollowingHashQuery() } diff --git a/cpp/misra/src/rules/RULE-19-3-3/AMixedUseMacroArgumentSubjectToExpansion.ql b/cpp/misra/src/rules/RULE-19-3-3/AMixedUseMacroArgumentSubjectToExpansion.ql index b97bcd2905..9cb0a7e9c5 100644 --- a/cpp/misra/src/rules/RULE-19-3-3/AMixedUseMacroArgumentSubjectToExpansion.ql +++ b/cpp/misra/src/rules/RULE-19-3-3/AMixedUseMacroArgumentSubjectToExpansion.ql @@ -14,9 +14,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.amixedusemacroargumentsubjecttoexpansion_shared.AMixedUseMacroArgumentSubjectToExpansion_shared +import codingstandards.cpp.rules.amixedusemacroargumentsubjecttoexpansion.AMixedUseMacroArgumentSubjectToExpansion -class AMixedUseMacroArgumentSubjectToExpansionQuery extends AMixedUseMacroArgumentSubjectToExpansion_sharedSharedQuery +class AMixedUseMacroArgumentSubjectToExpansionQuery extends AMixedUseMacroArgumentSubjectToExpansionSharedQuery { AMixedUseMacroArgumentSubjectToExpansionQuery() { this = ImportMisra23Package::aMixedUseMacroArgumentSubjectToExpansionQuery() diff --git a/cpp/misra/src/rules/RULE-21-10-3/CsignalFacilitiesUsed.ql b/cpp/misra/src/rules/RULE-21-10-3/CsignalFacilitiesUsed.ql index bff43f25e4..3e8c58a8da 100644 --- a/cpp/misra/src/rules/RULE-21-10-3/CsignalFacilitiesUsed.ql +++ b/cpp/misra/src/rules/RULE-21-10-3/CsignalFacilitiesUsed.ql @@ -15,8 +15,8 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.csignalfunctionsused_shared.CsignalFunctionsUsed_shared +import codingstandards.cpp.rules.csignalfunctionsused.CsignalFunctionsUsed -class CsignalFacilitiesUsedQuery extends CsignalFunctionsUsed_sharedSharedQuery { +class CsignalFacilitiesUsedQuery extends CsignalFunctionsUsedSharedQuery { CsignalFacilitiesUsedQuery() { this = ImportMisra23Package::csignalFacilitiesUsedQuery() } } diff --git a/cpp/misra/src/rules/RULE-21-10-3/CsignalTypesShallNotBeUsed.ql b/cpp/misra/src/rules/RULE-21-10-3/CsignalTypesShallNotBeUsed.ql index 56172db86e..0fe1b1dfba 100644 --- a/cpp/misra/src/rules/RULE-21-10-3/CsignalTypesShallNotBeUsed.ql +++ b/cpp/misra/src/rules/RULE-21-10-3/CsignalTypesShallNotBeUsed.ql @@ -15,9 +15,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.csignaltypesused_shared.CsignalTypesUsed_shared +import codingstandards.cpp.rules.csignaltypesused.CsignalTypesUsed -class CsignalTypesShallNotBeUsedQuery extends CsignalTypesUsed_sharedSharedQuery { +class CsignalTypesShallNotBeUsedQuery extends CsignalTypesUsedSharedQuery { CsignalTypesShallNotBeUsedQuery() { this = ImportMisra23Package::csignalTypesShallNotBeUsedQuery() } diff --git a/cpp/misra/src/rules/RULE-21-2-1/AtofAtoiAtolAndAtollUsed.ql b/cpp/misra/src/rules/RULE-21-2-1/AtofAtoiAtolAndAtollUsed.ql index f8cd5c6672..e5b48d55a7 100644 --- a/cpp/misra/src/rules/RULE-21-2-1/AtofAtoiAtolAndAtollUsed.ql +++ b/cpp/misra/src/rules/RULE-21-2-1/AtofAtoiAtolAndAtollUsed.ql @@ -13,8 +13,8 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.atofatoiatolandatollused_shared.AtofAtoiAtolAndAtollUsed_shared +import codingstandards.cpp.rules.atofatoiatolandatollused.AtofAtoiAtolAndAtollUsed -class AtofAtoiAtolAndAtollUsedQuery extends AtofAtoiAtolAndAtollUsed_sharedSharedQuery { +class AtofAtoiAtolAndAtollUsedQuery extends AtofAtoiAtolAndAtollUsedSharedQuery { AtofAtoiAtolAndAtollUsedQuery() { this = ImportMisra23Package::atofAtoiAtolAndAtollUsedQuery() } } diff --git a/cpp/misra/src/rules/RULE-21-2-4/MacroOffsetofShallNotBeUsed.ql b/cpp/misra/src/rules/RULE-21-2-4/MacroOffsetofShallNotBeUsed.ql index f449463c01..fa6df051ca 100644 --- a/cpp/misra/src/rules/RULE-21-2-4/MacroOffsetofShallNotBeUsed.ql +++ b/cpp/misra/src/rules/RULE-21-2-4/MacroOffsetofShallNotBeUsed.ql @@ -13,9 +13,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.macrooffsetofused_shared.MacroOffsetofUsed_shared +import codingstandards.cpp.rules.macrooffsetofused.MacroOffsetofUsed -class MacroOffsetofShallNotBeUsedQuery extends MacroOffsetofUsed_sharedSharedQuery { +class MacroOffsetofShallNotBeUsedQuery extends MacroOffsetofUsedSharedQuery { MacroOffsetofShallNotBeUsedQuery() { this = ImportMisra23Package::macroOffsetofShallNotBeUsedQuery() } diff --git a/cpp/misra/src/rules/RULE-21-6-4/GlobalSizedOperatorDeleteShallBeDefined.ql b/cpp/misra/src/rules/RULE-21-6-4/GlobalSizedOperatorDeleteShallBeDefined.ql index 800a638580..eb9be3af15 100644 --- a/cpp/misra/src/rules/RULE-21-6-4/GlobalSizedOperatorDeleteShallBeDefined.ql +++ b/cpp/misra/src/rules/RULE-21-6-4/GlobalSizedOperatorDeleteShallBeDefined.ql @@ -15,9 +15,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.globalsizedoperatordeletenotdefined_shared.GlobalSizedOperatorDeleteNotDefined_shared +import codingstandards.cpp.rules.globalsizedoperatordeletenotdefined.GlobalSizedOperatorDeleteNotDefined -class GlobalSizedOperatorDeleteShallBeDefinedQuery extends GlobalSizedOperatorDeleteNotDefined_sharedSharedQuery +class GlobalSizedOperatorDeleteShallBeDefinedQuery extends GlobalSizedOperatorDeleteNotDefinedSharedQuery { GlobalSizedOperatorDeleteShallBeDefinedQuery() { this = ImportMisra23Package::globalSizedOperatorDeleteShallBeDefinedQuery() diff --git a/cpp/misra/src/rules/RULE-21-6-4/GlobalUnsizedOperatorDeleteShallBeDefined.ql b/cpp/misra/src/rules/RULE-21-6-4/GlobalUnsizedOperatorDeleteShallBeDefined.ql index 06fd6a4385..8a80b36e3f 100644 --- a/cpp/misra/src/rules/RULE-21-6-4/GlobalUnsizedOperatorDeleteShallBeDefined.ql +++ b/cpp/misra/src/rules/RULE-21-6-4/GlobalUnsizedOperatorDeleteShallBeDefined.ql @@ -15,9 +15,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.globalunsizedoperatordeletenotdefined_shared.GlobalUnsizedOperatorDeleteNotDefined_shared +import codingstandards.cpp.rules.globalunsizedoperatordeletenotdefined.GlobalUnsizedOperatorDeleteNotDefined -class GlobalUnsizedOperatorDeleteShallBeDefinedQuery extends GlobalUnsizedOperatorDeleteNotDefined_sharedSharedQuery +class GlobalUnsizedOperatorDeleteShallBeDefinedQuery extends GlobalUnsizedOperatorDeleteNotDefinedSharedQuery { GlobalUnsizedOperatorDeleteShallBeDefinedQuery() { this = ImportMisra23Package::globalUnsizedOperatorDeleteShallBeDefinedQuery() diff --git a/cpp/misra/src/rules/RULE-26-3-1/VectorShouldNotBeSpecializedWithBool.ql b/cpp/misra/src/rules/RULE-26-3-1/VectorShouldNotBeSpecializedWithBool.ql index 92e0773e41..90037b5f29 100644 --- a/cpp/misra/src/rules/RULE-26-3-1/VectorShouldNotBeSpecializedWithBool.ql +++ b/cpp/misra/src/rules/RULE-26-3-1/VectorShouldNotBeSpecializedWithBool.ql @@ -13,9 +13,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.vectorshouldnotbespecializedwithbool_shared.VectorShouldNotBeSpecializedWithBool_shared +import codingstandards.cpp.rules.vectorshouldnotbespecializedwithbool.VectorShouldNotBeSpecializedWithBool -class VectorShouldNotBeSpecializedWithBoolQuery extends VectorShouldNotBeSpecializedWithBool_sharedSharedQuery +class VectorShouldNotBeSpecializedWithBoolQuery extends VectorShouldNotBeSpecializedWithBoolSharedQuery { VectorShouldNotBeSpecializedWithBoolQuery() { this = ImportMisra23Package::vectorShouldNotBeSpecializedWithBoolQuery() diff --git a/cpp/misra/src/rules/RULE-28-6-2/ForwardingReferencesAndForwardNotUsedTogether.ql b/cpp/misra/src/rules/RULE-28-6-2/ForwardingReferencesAndForwardNotUsedTogether.ql index 27654a32af..dc407512cc 100644 --- a/cpp/misra/src/rules/RULE-28-6-2/ForwardingReferencesAndForwardNotUsedTogether.ql +++ b/cpp/misra/src/rules/RULE-28-6-2/ForwardingReferencesAndForwardNotUsedTogether.ql @@ -13,9 +13,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.forwardingreferencesandforwardnotusedtogether_shared.ForwardingReferencesAndForwardNotUsedTogether_shared +import codingstandards.cpp.rules.forwardingreferencesandforwardnotusedtogether.ForwardingReferencesAndForwardNotUsedTogether -class ForwardingReferencesAndForwardNotUsedTogetherQuery extends ForwardingReferencesAndForwardNotUsedTogether_sharedSharedQuery +class ForwardingReferencesAndForwardNotUsedTogetherQuery extends ForwardingReferencesAndForwardNotUsedTogetherSharedQuery { ForwardingReferencesAndForwardNotUsedTogetherQuery() { this = ImportMisra23Package::forwardingReferencesAndForwardNotUsedTogetherQuery() diff --git a/cpp/misra/src/rules/RULE-30-0-1/CstdioFunctionsShallNotBeUsed.ql b/cpp/misra/src/rules/RULE-30-0-1/CstdioFunctionsShallNotBeUsed.ql index f05607c77a..58c8a500f4 100644 --- a/cpp/misra/src/rules/RULE-30-0-1/CstdioFunctionsShallNotBeUsed.ql +++ b/cpp/misra/src/rules/RULE-30-0-1/CstdioFunctionsShallNotBeUsed.ql @@ -15,9 +15,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.cstdiofunctionsused_shared.CstdioFunctionsUsed_shared +import codingstandards.cpp.rules.cstdiofunctionsused.CstdioFunctionsUsed -class CstdioFunctionsShallNotBeUsedQuery extends CstdioFunctionsUsed_sharedSharedQuery { +class CstdioFunctionsShallNotBeUsedQuery extends CstdioFunctionsUsedSharedQuery { CstdioFunctionsShallNotBeUsedQuery() { this = ImportMisra23Package::cstdioFunctionsShallNotBeUsedQuery() } diff --git a/cpp/misra/src/rules/RULE-30-0-1/CstdioMacrosShallNotBeUsed.ql b/cpp/misra/src/rules/RULE-30-0-1/CstdioMacrosShallNotBeUsed.ql index 7590aaccb3..8f0b9438e3 100644 --- a/cpp/misra/src/rules/RULE-30-0-1/CstdioMacrosShallNotBeUsed.ql +++ b/cpp/misra/src/rules/RULE-30-0-1/CstdioMacrosShallNotBeUsed.ql @@ -15,9 +15,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.cstdiomacrosused_shared.CstdioMacrosUsed_shared +import codingstandards.cpp.rules.cstdiomacrosused.CstdioMacrosUsed -class CstdioMacrosShallNotBeUsedQuery extends CstdioMacrosUsed_sharedSharedQuery { +class CstdioMacrosShallNotBeUsedQuery extends CstdioMacrosUsedSharedQuery { CstdioMacrosShallNotBeUsedQuery() { this = ImportMisra23Package::cstdioMacrosShallNotBeUsedQuery() } diff --git a/cpp/misra/src/rules/RULE-30-0-1/CstdioTypesShallNotBeUsed.ql b/cpp/misra/src/rules/RULE-30-0-1/CstdioTypesShallNotBeUsed.ql index 351f93106a..6966c85068 100644 --- a/cpp/misra/src/rules/RULE-30-0-1/CstdioTypesShallNotBeUsed.ql +++ b/cpp/misra/src/rules/RULE-30-0-1/CstdioTypesShallNotBeUsed.ql @@ -15,8 +15,8 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.cstdiotypesused_shared.CstdioTypesUsed_shared +import codingstandards.cpp.rules.cstdiotypesused.CstdioTypesUsed -class CstdioTypesShallNotBeUsedQuery extends CstdioTypesUsed_sharedSharedQuery { +class CstdioTypesShallNotBeUsedQuery extends CstdioTypesUsedSharedQuery { CstdioTypesShallNotBeUsedQuery() { this = ImportMisra23Package::cstdioTypesShallNotBeUsedQuery() } } diff --git a/cpp/misra/src/rules/RULE-4-6-1/MemoryOperationsNotSequencedAppropriately.ql b/cpp/misra/src/rules/RULE-4-6-1/MemoryOperationsNotSequencedAppropriately.ql index 8d306afea7..20eb2167bf 100644 --- a/cpp/misra/src/rules/RULE-4-6-1/MemoryOperationsNotSequencedAppropriately.ql +++ b/cpp/misra/src/rules/RULE-4-6-1/MemoryOperationsNotSequencedAppropriately.ql @@ -13,9 +13,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.memoryoperationsnotsequencedappropriately_shared.MemoryOperationsNotSequencedAppropriately_shared +import codingstandards.cpp.rules.memoryoperationsnotsequencedappropriately.MemoryOperationsNotSequencedAppropriately -class MemoryOperationsNotSequencedAppropriatelyQuery extends MemoryOperationsNotSequencedAppropriately_sharedSharedQuery +class MemoryOperationsNotSequencedAppropriatelyQuery extends MemoryOperationsNotSequencedAppropriatelySharedQuery { MemoryOperationsNotSequencedAppropriatelyQuery() { this = ImportMisra23Package::memoryOperationsNotSequencedAppropriatelyQuery() diff --git a/cpp/misra/src/rules/RULE-5-13-1/BackslashCharacterMisuse.ql b/cpp/misra/src/rules/RULE-5-13-1/BackslashCharacterMisuse.ql index b7dc604875..fde97e062c 100644 --- a/cpp/misra/src/rules/RULE-5-13-1/BackslashCharacterMisuse.ql +++ b/cpp/misra/src/rules/RULE-5-13-1/BackslashCharacterMisuse.ql @@ -14,8 +14,8 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.backslashcharactermisuse_shared.BackslashCharacterMisuse_shared +import codingstandards.cpp.rules.backslashcharactermisuse.BackslashCharacterMisuse -class BackslashCharacterMisuseQuery extends BackslashCharacterMisuse_sharedSharedQuery { +class BackslashCharacterMisuseQuery extends BackslashCharacterMisuseSharedQuery { BackslashCharacterMisuseQuery() { this = ImportMisra23Package::backslashCharacterMisuseQuery() } } diff --git a/cpp/misra/src/rules/RULE-5-13-2/NonTerminatedEscapeSequences.ql b/cpp/misra/src/rules/RULE-5-13-2/NonTerminatedEscapeSequences.ql index 47a06f2512..d21f1ef1f9 100644 --- a/cpp/misra/src/rules/RULE-5-13-2/NonTerminatedEscapeSequences.ql +++ b/cpp/misra/src/rules/RULE-5-13-2/NonTerminatedEscapeSequences.ql @@ -14,9 +14,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.nonterminatedescapesequences_shared.NonTerminatedEscapeSequences_shared +import codingstandards.cpp.rules.nonterminatedescapesequences.NonTerminatedEscapeSequences -class NonTerminatedEscapeSequencesQuery extends NonTerminatedEscapeSequences_sharedSharedQuery { +class NonTerminatedEscapeSequencesQuery extends NonTerminatedEscapeSequencesSharedQuery { NonTerminatedEscapeSequencesQuery() { this = ImportMisra23Package::nonTerminatedEscapeSequencesQuery() } diff --git a/cpp/misra/src/rules/RULE-5-13-3/OctalConstantsUsed.ql b/cpp/misra/src/rules/RULE-5-13-3/OctalConstantsUsed.ql index 6499155f7e..38bb96faac 100644 --- a/cpp/misra/src/rules/RULE-5-13-3/OctalConstantsUsed.ql +++ b/cpp/misra/src/rules/RULE-5-13-3/OctalConstantsUsed.ql @@ -13,8 +13,8 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.useofnonzerooctalliteral_shared.UseOfNonZeroOctalLiteral_shared +import codingstandards.cpp.rules.useofnonzerooctalliteral.UseOfNonZeroOctalLiteral -class OctalConstantsUsedQuery extends UseOfNonZeroOctalLiteral_sharedSharedQuery { +class OctalConstantsUsedQuery extends UseOfNonZeroOctalLiteralSharedQuery { OctalConstantsUsedQuery() { this = ImportMisra23Package::octalConstantsUsedQuery() } } diff --git a/cpp/misra/src/rules/RULE-5-13-4/UnsignedIntegerLiteralsNotAppropriatelySuffixed.ql b/cpp/misra/src/rules/RULE-5-13-4/UnsignedIntegerLiteralsNotAppropriatelySuffixed.ql index 7cfe38d007..b3802cf0be 100644 --- a/cpp/misra/src/rules/RULE-5-13-4/UnsignedIntegerLiteralsNotAppropriatelySuffixed.ql +++ b/cpp/misra/src/rules/RULE-5-13-4/UnsignedIntegerLiteralsNotAppropriatelySuffixed.ql @@ -13,9 +13,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.unsignedintegerliteralsnotappropriatelysuffixed_shared.UnsignedIntegerLiteralsNotAppropriatelySuffixed_shared +import codingstandards.cpp.rules.unsignedintegerliteralsnotappropriatelysuffixed.UnsignedIntegerLiteralsNotAppropriatelySuffixed -class UnsignedIntegerLiteralsNotAppropriatelySuffixedQuery extends UnsignedIntegerLiteralsNotAppropriatelySuffixed_sharedSharedQuery +class UnsignedIntegerLiteralsNotAppropriatelySuffixedQuery extends UnsignedIntegerLiteralsNotAppropriatelySuffixedSharedQuery { UnsignedIntegerLiteralsNotAppropriatelySuffixedQuery() { this = ImportMisra23Package::unsignedIntegerLiteralsNotAppropriatelySuffixedQuery() diff --git a/cpp/misra/src/rules/RULE-5-13-5/LowercaseLStartsInLiteralSuffix.ql b/cpp/misra/src/rules/RULE-5-13-5/LowercaseLStartsInLiteralSuffix.ql index 5cb88f69da..50e5d7faad 100644 --- a/cpp/misra/src/rules/RULE-5-13-5/LowercaseLStartsInLiteralSuffix.ql +++ b/cpp/misra/src/rules/RULE-5-13-5/LowercaseLStartsInLiteralSuffix.ql @@ -14,9 +14,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.lowercaselstartsinliteralsuffix_shared.LowercaseLStartsInLiteralSuffix_shared +import codingstandards.cpp.rules.lowercaselstartsinliteralsuffix.LowercaseLStartsInLiteralSuffix -class LowercaseLStartsInLiteralSuffixQuery extends LowercaseLStartsInLiteralSuffix_sharedSharedQuery +class LowercaseLStartsInLiteralSuffixQuery extends LowercaseLStartsInLiteralSuffixSharedQuery { LowercaseLStartsInLiteralSuffixQuery() { this = ImportMisra23Package::lowercaseLStartsInLiteralSuffixQuery() diff --git a/cpp/misra/src/rules/RULE-5-7-1/CharacterSequenceUsedWithinACStyleComment.ql b/cpp/misra/src/rules/RULE-5-7-1/CharacterSequenceUsedWithinACStyleComment.ql index e3b8e7b581..1bdb42de77 100644 --- a/cpp/misra/src/rules/RULE-5-7-1/CharacterSequenceUsedWithinACStyleComment.ql +++ b/cpp/misra/src/rules/RULE-5-7-1/CharacterSequenceUsedWithinACStyleComment.ql @@ -13,9 +13,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.charactersequenceusedwithinacstylecomment_shared.CharacterSequenceUsedWithinACStyleComment_shared +import codingstandards.cpp.rules.charactersequenceusedwithinacstylecomment.CharacterSequenceUsedWithinACStyleComment -class CharacterSequenceUsedWithinACStyleCommentQuery extends CharacterSequenceUsedWithinACStyleComment_sharedSharedQuery +class CharacterSequenceUsedWithinACStyleCommentQuery extends CharacterSequenceUsedWithinACStyleCommentSharedQuery { CharacterSequenceUsedWithinACStyleCommentQuery() { this = ImportMisra23Package::characterSequenceUsedWithinACStyleCommentQuery() diff --git a/cpp/misra/src/rules/RULE-5-7-3/LineSplicingUsedInComments.ql b/cpp/misra/src/rules/RULE-5-7-3/LineSplicingUsedInComments.ql index 9708b2da46..ae58fdcda9 100644 --- a/cpp/misra/src/rules/RULE-5-7-3/LineSplicingUsedInComments.ql +++ b/cpp/misra/src/rules/RULE-5-7-3/LineSplicingUsedInComments.ql @@ -13,9 +13,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.linesplicingusedincomments_shared.LineSplicingUsedInComments_shared +import codingstandards.cpp.rules.linesplicingusedincomments.LineSplicingUsedInComments -class LineSplicingUsedInCommentsQuery extends LineSplicingUsedInComments_sharedSharedQuery { +class LineSplicingUsedInCommentsQuery extends LineSplicingUsedInCommentsSharedQuery { LineSplicingUsedInCommentsQuery() { this = ImportMisra23Package::lineSplicingUsedInCommentsQuery() } diff --git a/cpp/misra/src/rules/RULE-6-0-3/GlobalNamespaceDeclarations.ql b/cpp/misra/src/rules/RULE-6-0-3/GlobalNamespaceDeclarations.ql index e211dfd770..addd8f2eab 100644 --- a/cpp/misra/src/rules/RULE-6-0-3/GlobalNamespaceDeclarations.ql +++ b/cpp/misra/src/rules/RULE-6-0-3/GlobalNamespaceDeclarations.ql @@ -14,9 +14,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.globalnamespacedeclarations_shared.GlobalNamespaceDeclarations_shared +import codingstandards.cpp.rules.globalnamespacedeclarations.GlobalNamespaceDeclarations -class GlobalNamespaceDeclarationsQuery extends GlobalNamespaceDeclarations_sharedSharedQuery { +class GlobalNamespaceDeclarationsQuery extends GlobalNamespaceDeclarationsSharedQuery { GlobalNamespaceDeclarationsQuery() { this = ImportMisra23Package::globalNamespaceDeclarationsQuery() } diff --git a/cpp/misra/src/rules/RULE-6-0-4/NonGlobalFunctionMain.ql b/cpp/misra/src/rules/RULE-6-0-4/NonGlobalFunctionMain.ql index 810bb42951..f9eb9e1d44 100644 --- a/cpp/misra/src/rules/RULE-6-0-4/NonGlobalFunctionMain.ql +++ b/cpp/misra/src/rules/RULE-6-0-4/NonGlobalFunctionMain.ql @@ -14,8 +14,8 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.nonglobalfunctionmain_shared.NonGlobalFunctionMain_shared +import codingstandards.cpp.rules.nonglobalfunctionmain.NonGlobalFunctionMain -class NonGlobalFunctionMainQuery extends NonGlobalFunctionMain_sharedSharedQuery { +class NonGlobalFunctionMainQuery extends NonGlobalFunctionMainSharedQuery { NonGlobalFunctionMainQuery() { this = ImportMisra23Package::nonGlobalFunctionMainQuery() } } diff --git a/cpp/misra/src/rules/RULE-6-4-2/DefinitionShallBeConsideredForUnqualifiedLookup.ql b/cpp/misra/src/rules/RULE-6-4-2/DefinitionShallBeConsideredForUnqualifiedLookup.ql index bc02bf3f6e..faa0857d62 100644 --- a/cpp/misra/src/rules/RULE-6-4-2/DefinitionShallBeConsideredForUnqualifiedLookup.ql +++ b/cpp/misra/src/rules/RULE-6-4-2/DefinitionShallBeConsideredForUnqualifiedLookup.ql @@ -16,9 +16,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.definitionnotconsideredforunqualifiedlookup_shared.DefinitionNotConsideredForUnqualifiedLookup_shared +import codingstandards.cpp.rules.definitionnotconsideredforunqualifiedlookup.DefinitionNotConsideredForUnqualifiedLookup -class DefinitionShallBeConsideredForUnqualifiedLookupQuery extends DefinitionNotConsideredForUnqualifiedLookup_sharedSharedQuery +class DefinitionShallBeConsideredForUnqualifiedLookupQuery extends DefinitionNotConsideredForUnqualifiedLookupSharedQuery { DefinitionShallBeConsideredForUnqualifiedLookupQuery() { this = ImportMisra23Package::definitionShallBeConsideredForUnqualifiedLookupQuery() diff --git a/cpp/misra/src/rules/RULE-6-4-2/InheritedNonOverridableMemberFunction.ql b/cpp/misra/src/rules/RULE-6-4-2/InheritedNonOverridableMemberFunction.ql index 03ce1b7c53..b81f2a2c4f 100644 --- a/cpp/misra/src/rules/RULE-6-4-2/InheritedNonOverridableMemberFunction.ql +++ b/cpp/misra/src/rules/RULE-6-4-2/InheritedNonOverridableMemberFunction.ql @@ -15,9 +15,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.hiddeninheritednonoverridablememberfunction_shared.HiddenInheritedNonOverridableMemberFunction_shared +import codingstandards.cpp.rules.hiddeninheritednonoverridablememberfunction.HiddenInheritedNonOverridableMemberFunction -class InheritedNonOverridableMemberFunctionQuery extends HiddenInheritedNonOverridableMemberFunction_sharedSharedQuery +class InheritedNonOverridableMemberFunctionQuery extends HiddenInheritedNonOverridableMemberFunctionSharedQuery { InheritedNonOverridableMemberFunctionQuery() { this = ImportMisra23Package::inheritedNonOverridableMemberFunctionQuery() diff --git a/cpp/misra/src/rules/RULE-6-4-2/InheritedOverridableMemberFunction.ql b/cpp/misra/src/rules/RULE-6-4-2/InheritedOverridableMemberFunction.ql index d7fda7b940..9fa94560f4 100644 --- a/cpp/misra/src/rules/RULE-6-4-2/InheritedOverridableMemberFunction.ql +++ b/cpp/misra/src/rules/RULE-6-4-2/InheritedOverridableMemberFunction.ql @@ -15,9 +15,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.hiddeninheritedoverridablememberfunction_shared.HiddenInheritedOverridableMemberFunction_shared +import codingstandards.cpp.rules.hiddeninheritedoverridablememberfunction.HiddenInheritedOverridableMemberFunction -class InheritedOverridableMemberFunctionQuery extends HiddenInheritedOverridableMemberFunction_sharedSharedQuery +class InheritedOverridableMemberFunctionQuery extends HiddenInheritedOverridableMemberFunctionSharedQuery { InheritedOverridableMemberFunctionQuery() { this = ImportMisra23Package::inheritedOverridableMemberFunctionQuery() diff --git a/cpp/misra/src/rules/RULE-6-4-3/NameShallBeReferredUsingAQualifiedIdOrThis.ql b/cpp/misra/src/rules/RULE-6-4-3/NameShallBeReferredUsingAQualifiedIdOrThis.ql index a172b89313..3d43b4134a 100644 --- a/cpp/misra/src/rules/RULE-6-4-3/NameShallBeReferredUsingAQualifiedIdOrThis.ql +++ b/cpp/misra/src/rules/RULE-6-4-3/NameShallBeReferredUsingAQualifiedIdOrThis.ql @@ -16,9 +16,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.namenotreferredusingaqualifiedidorthis_shared.NameNotReferredUsingAQualifiedIdOrThis_shared +import codingstandards.cpp.rules.namenotreferredusingaqualifiedidorthis.NameNotReferredUsingAQualifiedIdOrThis -class NameShallBeReferredUsingAQualifiedIdOrThisQuery extends NameNotReferredUsingAQualifiedIdOrThis_sharedSharedQuery +class NameShallBeReferredUsingAQualifiedIdOrThisQuery extends NameNotReferredUsingAQualifiedIdOrThisSharedQuery { NameShallBeReferredUsingAQualifiedIdOrThisQuery() { this = ImportMisra23Package::nameShallBeReferredUsingAQualifiedIdOrThisQuery() diff --git a/cpp/misra/src/rules/RULE-6-4-3/NameShallBeReferredUsingAQualifiedIdOrThisAudit.ql b/cpp/misra/src/rules/RULE-6-4-3/NameShallBeReferredUsingAQualifiedIdOrThisAudit.ql index 238f07d81a..df2180fc7b 100644 --- a/cpp/misra/src/rules/RULE-6-4-3/NameShallBeReferredUsingAQualifiedIdOrThisAudit.ql +++ b/cpp/misra/src/rules/RULE-6-4-3/NameShallBeReferredUsingAQualifiedIdOrThisAudit.ql @@ -16,9 +16,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.namenotreferredusingaqualifiedidorthisaudit_shared.NameNotReferredUsingAQualifiedIdOrThisAudit_shared +import codingstandards.cpp.rules.namenotreferredusingaqualifiedidorthisaudit.NameNotReferredUsingAQualifiedIdOrThisAudit -class NameShallBeReferredUsingAQualifiedIdOrThisAuditQuery extends NameNotReferredUsingAQualifiedIdOrThisAudit_sharedSharedQuery +class NameShallBeReferredUsingAQualifiedIdOrThisAuditQuery extends NameNotReferredUsingAQualifiedIdOrThisAuditSharedQuery { NameShallBeReferredUsingAQualifiedIdOrThisAuditQuery() { this = ImportMisra23Package::nameShallBeReferredUsingAQualifiedIdOrThisAuditQuery() diff --git a/cpp/misra/src/rules/RULE-6-8-2/ReturnReferenceOrPointerToAutomaticLocalVariable.ql b/cpp/misra/src/rules/RULE-6-8-2/ReturnReferenceOrPointerToAutomaticLocalVariable.ql index 8615cbd25b..bcf026cbba 100644 --- a/cpp/misra/src/rules/RULE-6-8-2/ReturnReferenceOrPointerToAutomaticLocalVariable.ql +++ b/cpp/misra/src/rules/RULE-6-8-2/ReturnReferenceOrPointerToAutomaticLocalVariable.ql @@ -14,9 +14,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.returnreferenceorpointertoautomaticlocalvariable_shared.ReturnReferenceOrPointerToAutomaticLocalVariable_shared +import codingstandards.cpp.rules.returnreferenceorpointertoautomaticlocalvariable.ReturnReferenceOrPointerToAutomaticLocalVariable -class ReturnReferenceOrPointerToAutomaticLocalVariableQuery extends ReturnReferenceOrPointerToAutomaticLocalVariable_sharedSharedQuery +class ReturnReferenceOrPointerToAutomaticLocalVariableQuery extends ReturnReferenceOrPointerToAutomaticLocalVariableSharedQuery { ReturnReferenceOrPointerToAutomaticLocalVariableQuery() { this = ImportMisra23Package::returnReferenceOrPointerToAutomaticLocalVariableQuery() diff --git a/cpp/misra/src/rules/RULE-7-11-1/NullptrNotTheOnlyFormOfTheNullPointerConstant.ql b/cpp/misra/src/rules/RULE-7-11-1/NullptrNotTheOnlyFormOfTheNullPointerConstant.ql index f335c4d357..a0dfc63799 100644 --- a/cpp/misra/src/rules/RULE-7-11-1/NullptrNotTheOnlyFormOfTheNullPointerConstant.ql +++ b/cpp/misra/src/rules/RULE-7-11-1/NullptrNotTheOnlyFormOfTheNullPointerConstant.ql @@ -13,9 +13,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.nullptrnottheonlyformofthenullpointerconstant_shared.NullptrNotTheOnlyFormOfTheNullPointerConstant_shared +import codingstandards.cpp.rules.nullptrnottheonlyformofthenullpointerconstant.NullptrNotTheOnlyFormOfTheNullPointerConstant -class NullptrNotTheOnlyFormOfTheNullPointerConstantQuery extends NullptrNotTheOnlyFormOfTheNullPointerConstant_sharedSharedQuery +class NullptrNotTheOnlyFormOfTheNullPointerConstantQuery extends NullptrNotTheOnlyFormOfTheNullPointerConstantSharedQuery { NullptrNotTheOnlyFormOfTheNullPointerConstantQuery() { this = ImportMisra23Package::nullptrNotTheOnlyFormOfTheNullPointerConstantQuery() diff --git a/cpp/misra/src/rules/RULE-7-11-2/ArrayPassedAsFunctionArgumentDecayToAPointer.ql b/cpp/misra/src/rules/RULE-7-11-2/ArrayPassedAsFunctionArgumentDecayToAPointer.ql index 28a963de3a..fed33c33de 100644 --- a/cpp/misra/src/rules/RULE-7-11-2/ArrayPassedAsFunctionArgumentDecayToAPointer.ql +++ b/cpp/misra/src/rules/RULE-7-11-2/ArrayPassedAsFunctionArgumentDecayToAPointer.ql @@ -13,9 +13,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.arraypassedasfunctionargumentdecaytoapointer_shared.ArrayPassedAsFunctionArgumentDecayToAPointer_shared +import codingstandards.cpp.rules.arraypassedasfunctionargumentdecaytoapointer.ArrayPassedAsFunctionArgumentDecayToAPointer -class ArrayPassedAsFunctionArgumentDecayToAPointerQuery extends ArrayPassedAsFunctionArgumentDecayToAPointer_sharedSharedQuery +class ArrayPassedAsFunctionArgumentDecayToAPointerQuery extends ArrayPassedAsFunctionArgumentDecayToAPointerSharedQuery { ArrayPassedAsFunctionArgumentDecayToAPointerQuery() { this = ImportMisra23Package::arrayPassedAsFunctionArgumentDecayToAPointerQuery() diff --git a/cpp/misra/src/rules/RULE-8-18-2/ResultOfAnAssignmentOperatorShouldNotBeUsed.ql b/cpp/misra/src/rules/RULE-8-18-2/ResultOfAnAssignmentOperatorShouldNotBeUsed.ql index 647c5bd446..6c4b1a82ad 100644 --- a/cpp/misra/src/rules/RULE-8-18-2/ResultOfAnAssignmentOperatorShouldNotBeUsed.ql +++ b/cpp/misra/src/rules/RULE-8-18-2/ResultOfAnAssignmentOperatorShouldNotBeUsed.ql @@ -13,9 +13,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.resultofanassignmentoperatorshouldnotbeused_shared.ResultOfAnAssignmentOperatorShouldNotBeUsed_shared +import codingstandards.cpp.rules.resultofanassignmentoperatorshouldnotbeused.ResultOfAnAssignmentOperatorShouldNotBeUsed -class ResultOfAnAssignmentOperatorShouldNotBeUsedQuery extends ResultOfAnAssignmentOperatorShouldNotBeUsed_sharedSharedQuery +class ResultOfAnAssignmentOperatorShouldNotBeUsedQuery extends ResultOfAnAssignmentOperatorShouldNotBeUsedSharedQuery { ResultOfAnAssignmentOperatorShouldNotBeUsedQuery() { this = ImportMisra23Package::resultOfAnAssignmentOperatorShouldNotBeUsedQuery() diff --git a/cpp/misra/src/rules/RULE-8-2-10/FunctionsCallThemselvesEitherDirectlyOrIndirectly.ql b/cpp/misra/src/rules/RULE-8-2-10/FunctionsCallThemselvesEitherDirectlyOrIndirectly.ql index c136e8d3cd..ff0f397572 100644 --- a/cpp/misra/src/rules/RULE-8-2-10/FunctionsCallThemselvesEitherDirectlyOrIndirectly.ql +++ b/cpp/misra/src/rules/RULE-8-2-10/FunctionsCallThemselvesEitherDirectlyOrIndirectly.ql @@ -13,9 +13,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.functionscallthemselveseitherdirectlyorindirectly_shared.FunctionsCallThemselvesEitherDirectlyOrIndirectly_shared +import codingstandards.cpp.rules.functionscallthemselveseitherdirectlyorindirectly.FunctionsCallThemselvesEitherDirectlyOrIndirectly -class FunctionsCallThemselvesEitherDirectlyOrIndirectlyQuery extends FunctionsCallThemselvesEitherDirectlyOrIndirectly_sharedSharedQuery +class FunctionsCallThemselvesEitherDirectlyOrIndirectlyQuery extends FunctionsCallThemselvesEitherDirectlyOrIndirectlySharedQuery { FunctionsCallThemselvesEitherDirectlyOrIndirectlyQuery() { this = ImportMisra23Package::functionsCallThemselvesEitherDirectlyOrIndirectlyQuery() diff --git a/cpp/misra/src/rules/RULE-8-2-4/CastsBetweenAPointerToFunctionAndAnyOtherType.ql b/cpp/misra/src/rules/RULE-8-2-4/CastsBetweenAPointerToFunctionAndAnyOtherType.ql index e4b2a2dd3c..37c258b722 100644 --- a/cpp/misra/src/rules/RULE-8-2-4/CastsBetweenAPointerToFunctionAndAnyOtherType.ql +++ b/cpp/misra/src/rules/RULE-8-2-4/CastsBetweenAPointerToFunctionAndAnyOtherType.ql @@ -13,9 +13,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.castsbetweenapointertofunctionandanyothertype_shared.CastsBetweenAPointerToFunctionAndAnyOtherType_shared +import codingstandards.cpp.rules.castsbetweenapointertofunctionandanyothertype.CastsBetweenAPointerToFunctionAndAnyOtherType -class CastsBetweenAPointerToFunctionAndAnyOtherTypeQuery extends CastsBetweenAPointerToFunctionAndAnyOtherType_sharedSharedQuery +class CastsBetweenAPointerToFunctionAndAnyOtherTypeQuery extends CastsBetweenAPointerToFunctionAndAnyOtherTypeSharedQuery { CastsBetweenAPointerToFunctionAndAnyOtherTypeQuery() { this = ImportMisra23Package::castsBetweenAPointerToFunctionAndAnyOtherTypeQuery() diff --git a/cpp/misra/src/rules/RULE-8-2-5/ReinterpretCastShallNotBeUsed.ql b/cpp/misra/src/rules/RULE-8-2-5/ReinterpretCastShallNotBeUsed.ql index 8af353d948..685ebb7efd 100644 --- a/cpp/misra/src/rules/RULE-8-2-5/ReinterpretCastShallNotBeUsed.ql +++ b/cpp/misra/src/rules/RULE-8-2-5/ReinterpretCastShallNotBeUsed.ql @@ -13,9 +13,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.reinterpretcastused_shared.ReinterpretCastUsed_shared +import codingstandards.cpp.rules.reinterpretcastused.ReinterpretCastUsed -class ReinterpretCastShallNotBeUsedQuery extends ReinterpretCastUsed_sharedSharedQuery { +class ReinterpretCastShallNotBeUsedQuery extends ReinterpretCastUsedSharedQuery { ReinterpretCastShallNotBeUsedQuery() { this = ImportMisra23Package::reinterpretCastShallNotBeUsedQuery() } diff --git a/cpp/misra/src/rules/RULE-8-20-1/UnsignedOperationWithConstantOperandsWraps.ql b/cpp/misra/src/rules/RULE-8-20-1/UnsignedOperationWithConstantOperandsWraps.ql index 8676a704c2..e62acb8257 100644 --- a/cpp/misra/src/rules/RULE-8-20-1/UnsignedOperationWithConstantOperandsWraps.ql +++ b/cpp/misra/src/rules/RULE-8-20-1/UnsignedOperationWithConstantOperandsWraps.ql @@ -13,9 +13,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.unsignedoperationwithconstantoperandswraps_shared.UnsignedOperationWithConstantOperandsWraps_shared +import codingstandards.cpp.rules.unsignedoperationwithconstantoperandswraps.UnsignedOperationWithConstantOperandsWraps -class UnsignedOperationWithConstantOperandsWrapsQuery extends UnsignedOperationWithConstantOperandsWraps_sharedSharedQuery +class UnsignedOperationWithConstantOperandsWrapsQuery extends UnsignedOperationWithConstantOperandsWrapsSharedQuery { UnsignedOperationWithConstantOperandsWrapsQuery() { this = ImportMisra23Package::unsignedOperationWithConstantOperandsWrapsQuery() diff --git a/cpp/misra/src/rules/RULE-8-3-1/BuiltInUnaryOperatorAppliedToUnsignedExpression.ql b/cpp/misra/src/rules/RULE-8-3-1/BuiltInUnaryOperatorAppliedToUnsignedExpression.ql index d9b3f7a8fd..c847348d1c 100644 --- a/cpp/misra/src/rules/RULE-8-3-1/BuiltInUnaryOperatorAppliedToUnsignedExpression.ql +++ b/cpp/misra/src/rules/RULE-8-3-1/BuiltInUnaryOperatorAppliedToUnsignedExpression.ql @@ -14,9 +14,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.builtinunaryoperatorappliedtounsignedexpression_shared.BuiltInUnaryOperatorAppliedToUnsignedExpression_shared +import codingstandards.cpp.rules.builtinunaryoperatorappliedtounsignedexpression.BuiltInUnaryOperatorAppliedToUnsignedExpression -class BuiltInUnaryOperatorAppliedToUnsignedExpressionQuery extends BuiltInUnaryOperatorAppliedToUnsignedExpression_sharedSharedQuery +class BuiltInUnaryOperatorAppliedToUnsignedExpressionQuery extends BuiltInUnaryOperatorAppliedToUnsignedExpressionSharedQuery { BuiltInUnaryOperatorAppliedToUnsignedExpressionQuery() { this = ImportMisra23Package::builtInUnaryOperatorAppliedToUnsignedExpressionQuery() diff --git a/cpp/misra/src/rules/RULE-9-3-1/LoopBodyCompoundCondition.ql b/cpp/misra/src/rules/RULE-9-3-1/LoopBodyCompoundCondition.ql index f2eb867bab..b87009d8c1 100644 --- a/cpp/misra/src/rules/RULE-9-3-1/LoopBodyCompoundCondition.ql +++ b/cpp/misra/src/rules/RULE-9-3-1/LoopBodyCompoundCondition.ql @@ -16,8 +16,8 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.loopcompoundcondition_shared.LoopCompoundCondition_shared +import codingstandards.cpp.rules.loopcompoundcondition.LoopCompoundCondition -class LoopBodyCompoundConditionQuery extends LoopCompoundCondition_sharedSharedQuery { +class LoopBodyCompoundConditionQuery extends LoopCompoundConditionSharedQuery { LoopBodyCompoundConditionQuery() { this = ImportMisra23Package::loopBodyCompoundConditionQuery() } } diff --git a/cpp/misra/src/rules/RULE-9-3-1/SwitchBodyCompoundCondition.ql b/cpp/misra/src/rules/RULE-9-3-1/SwitchBodyCompoundCondition.ql index 8ab562bd38..7bee3c027e 100644 --- a/cpp/misra/src/rules/RULE-9-3-1/SwitchBodyCompoundCondition.ql +++ b/cpp/misra/src/rules/RULE-9-3-1/SwitchBodyCompoundCondition.ql @@ -16,9 +16,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.switchcompoundcondition_shared.SwitchCompoundCondition_shared +import codingstandards.cpp.rules.switchcompoundcondition.SwitchCompoundCondition -class SwitchBodyCompoundConditionQuery extends SwitchCompoundCondition_sharedSharedQuery { +class SwitchBodyCompoundConditionQuery extends SwitchCompoundConditionSharedQuery { SwitchBodyCompoundConditionQuery() { this = ImportMisra23Package::switchBodyCompoundConditionQuery() } diff --git a/cpp/misra/src/rules/RULE-9-6-1/GotoStatementShouldNotBeUsed.ql b/cpp/misra/src/rules/RULE-9-6-1/GotoStatementShouldNotBeUsed.ql index 6db27d6c75..1751aa3c37 100644 --- a/cpp/misra/src/rules/RULE-9-6-1/GotoStatementShouldNotBeUsed.ql +++ b/cpp/misra/src/rules/RULE-9-6-1/GotoStatementShouldNotBeUsed.ql @@ -13,9 +13,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.gotostatementshouldnotbeused_shared.GotoStatementShouldNotBeUsed_shared +import codingstandards.cpp.rules.gotostatementshouldnotbeused.GotoStatementShouldNotBeUsed -class GotoStatementShouldNotBeUsedQuery extends GotoStatementShouldNotBeUsed_sharedSharedQuery { +class GotoStatementShouldNotBeUsedQuery extends GotoStatementShouldNotBeUsedSharedQuery { GotoStatementShouldNotBeUsedQuery() { this = ImportMisra23Package::gotoStatementShouldNotBeUsedQuery() } diff --git a/cpp/misra/src/rules/RULE-9-6-2/GotoReferenceALabelInSurroundingBlock.ql b/cpp/misra/src/rules/RULE-9-6-2/GotoReferenceALabelInSurroundingBlock.ql index e14281b663..6e11a73f7f 100644 --- a/cpp/misra/src/rules/RULE-9-6-2/GotoReferenceALabelInSurroundingBlock.ql +++ b/cpp/misra/src/rules/RULE-9-6-2/GotoReferenceALabelInSurroundingBlock.ql @@ -13,9 +13,9 @@ import cpp import codingstandards.cpp.misra -import codingstandards.cpp.rules.gotoreferencealabelinsurroundingblock_shared.GotoReferenceALabelInSurroundingBlock_shared +import codingstandards.cpp.rules.gotoreferencealabelinsurroundingblock.GotoReferenceALabelInSurroundingBlock -class GotoReferenceALabelInSurroundingBlockQuery extends GotoReferenceALabelInSurroundingBlock_sharedSharedQuery +class GotoReferenceALabelInSurroundingBlockQuery extends GotoReferenceALabelInSurroundingBlockSharedQuery { GotoReferenceALabelInSurroundingBlockQuery() { this = ImportMisra23Package::gotoReferenceALabelInSurroundingBlockQuery() diff --git a/cpp/misra/test/rules/DIR-15-8-1/CopyAndMoveAssignmentsShallHandleSelfAssignment.testref b/cpp/misra/test/rules/DIR-15-8-1/CopyAndMoveAssignmentsShallHandleSelfAssignment.testref index 23e38dba55..65fc614121 100644 --- a/cpp/misra/test/rules/DIR-15-8-1/CopyAndMoveAssignmentsShallHandleSelfAssignment.testref +++ b/cpp/misra/test/rules/DIR-15-8-1/CopyAndMoveAssignmentsShallHandleSelfAssignment.testref @@ -1 +1 @@ -cpp/common/test/rules/copyandmoveassignmentsshallhandleselfassignment_shared/CopyAndMoveAssignmentsShallHandleSelfAssignment_shared.ql \ No newline at end of file +cpp/common/test/rules/copyandmoveassignmentsshallhandleselfassignment/CopyAndMoveAssignmentsShallHandleSelfAssignment.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-10-0-1/MultipleGlobalOrMemberDeclarators.testref b/cpp/misra/test/rules/RULE-10-0-1/MultipleGlobalOrMemberDeclarators.testref index b848fce94f..434cb47456 100644 --- a/cpp/misra/test/rules/RULE-10-0-1/MultipleGlobalOrMemberDeclarators.testref +++ b/cpp/misra/test/rules/RULE-10-0-1/MultipleGlobalOrMemberDeclarators.testref @@ -1 +1 @@ -cpp/common/test/rules/multipleglobalormemberdeclarators_shared/MultipleGlobalOrMemberDeclarators_shared.ql \ No newline at end of file +cpp/common/test/rules/multipleglobalormemberdeclarators/MultipleGlobalOrMemberDeclarators.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-10-0-1/MultipleLocalDeclarators.testref b/cpp/misra/test/rules/RULE-10-0-1/MultipleLocalDeclarators.testref index 2d7784cea0..be7c9ac352 100644 --- a/cpp/misra/test/rules/RULE-10-0-1/MultipleLocalDeclarators.testref +++ b/cpp/misra/test/rules/RULE-10-0-1/MultipleLocalDeclarators.testref @@ -1 +1 @@ -cpp/common/test/rules/multiplelocaldeclarators_shared/MultipleLocalDeclarators_shared.ql \ No newline at end of file +cpp/common/test/rules/multiplelocaldeclarators/MultipleLocalDeclarators.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-10-0-1/UseSingleGlobalOrMemberDeclarators.testref b/cpp/misra/test/rules/RULE-10-0-1/UseSingleGlobalOrMemberDeclarators.testref index b848fce94f..434cb47456 100644 --- a/cpp/misra/test/rules/RULE-10-0-1/UseSingleGlobalOrMemberDeclarators.testref +++ b/cpp/misra/test/rules/RULE-10-0-1/UseSingleGlobalOrMemberDeclarators.testref @@ -1 +1 @@ -cpp/common/test/rules/multipleglobalormemberdeclarators_shared/MultipleGlobalOrMemberDeclarators_shared.ql \ No newline at end of file +cpp/common/test/rules/multipleglobalormemberdeclarators/MultipleGlobalOrMemberDeclarators.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-10-0-1/UseSingleLocalDeclarators.testref b/cpp/misra/test/rules/RULE-10-0-1/UseSingleLocalDeclarators.testref index 2d7784cea0..be7c9ac352 100644 --- a/cpp/misra/test/rules/RULE-10-0-1/UseSingleLocalDeclarators.testref +++ b/cpp/misra/test/rules/RULE-10-0-1/UseSingleLocalDeclarators.testref @@ -1 +1 @@ -cpp/common/test/rules/multiplelocaldeclarators_shared/MultipleLocalDeclarators_shared.ql \ No newline at end of file +cpp/common/test/rules/multiplelocaldeclarators/MultipleLocalDeclarators.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-10-2-1/EnumerationNotDefinedWithAnExplicitUnderlyingType.testref b/cpp/misra/test/rules/RULE-10-2-1/EnumerationNotDefinedWithAnExplicitUnderlyingType.testref index 27391be776..d7a73fd488 100644 --- a/cpp/misra/test/rules/RULE-10-2-1/EnumerationNotDefinedWithAnExplicitUnderlyingType.testref +++ b/cpp/misra/test/rules/RULE-10-2-1/EnumerationNotDefinedWithAnExplicitUnderlyingType.testref @@ -1 +1 @@ -cpp/common/test/rules/enumerationnotdefinedwithanexplicitunderlyingtype_shared/EnumerationNotDefinedWithAnExplicitUnderlyingType_shared.ql \ No newline at end of file +cpp/common/test/rules/enumerationnotdefinedwithanexplicitunderlyingtype/EnumerationNotDefinedWithAnExplicitUnderlyingType.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-10-4-1/AsmDeclarationShallNotBeUsed.testref b/cpp/misra/test/rules/RULE-10-4-1/AsmDeclarationShallNotBeUsed.testref index d0a190a3eb..f643f6a9c7 100644 --- a/cpp/misra/test/rules/RULE-10-4-1/AsmDeclarationShallNotBeUsed.testref +++ b/cpp/misra/test/rules/RULE-10-4-1/AsmDeclarationShallNotBeUsed.testref @@ -1 +1 @@ -cpp/common/test/rules/asmdeclarationused_shared/AsmDeclarationUsed_shared.ql \ No newline at end of file +cpp/common/test/rules/asmdeclarationused/AsmDeclarationUsed.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-11-6-3/NonUniqueEnumerationConstant.testref b/cpp/misra/test/rules/RULE-11-6-3/NonUniqueEnumerationConstant.testref index f25d51bf8d..6606e891ab 100644 --- a/cpp/misra/test/rules/RULE-11-6-3/NonUniqueEnumerationConstant.testref +++ b/cpp/misra/test/rules/RULE-11-6-3/NonUniqueEnumerationConstant.testref @@ -1 +1 @@ -cpp/common/test/rules/nonuniqueenumerationconstant_shared/NonUniqueEnumerationConstant_shared.ql \ No newline at end of file +cpp/common/test/rules/nonuniqueenumerationconstant/NonUniqueEnumerationConstant.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-12-2-2/BitFieldShallHaveAnAppropriateType.testref b/cpp/misra/test/rules/RULE-12-2-2/BitFieldShallHaveAnAppropriateType.testref index 32867e3bbc..9e4a9a69c7 100644 --- a/cpp/misra/test/rules/RULE-12-2-2/BitFieldShallHaveAnAppropriateType.testref +++ b/cpp/misra/test/rules/RULE-12-2-2/BitFieldShallHaveAnAppropriateType.testref @@ -1 +1 @@ -cpp/common/test/rules/bitfieldshallhaveanappropriatetype_shared/BitFieldShallHaveAnAppropriateType_shared.ql \ No newline at end of file +cpp/common/test/rules/bitfieldshallhaveanappropriatetype/BitFieldShallHaveAnAppropriateType.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-12-2-3/SignedIntegerNamedBitFieldHaveALengthOfOneBit.testref b/cpp/misra/test/rules/RULE-12-2-3/SignedIntegerNamedBitFieldHaveALengthOfOneBit.testref index a2543b0769..5dd7991a37 100644 --- a/cpp/misra/test/rules/RULE-12-2-3/SignedIntegerNamedBitFieldHaveALengthOfOneBit.testref +++ b/cpp/misra/test/rules/RULE-12-2-3/SignedIntegerNamedBitFieldHaveALengthOfOneBit.testref @@ -1 +1 @@ -cpp/common/test/rules/namedbitfieldswithsignedintegertype_shared/NamedBitFieldsWithSignedIntegerType_shared.ql \ No newline at end of file +cpp/common/test/rules/namedbitfieldswithsignedintegertype/NamedBitFieldsWithSignedIntegerType.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-13-1-2/VirtualAndNonVirtualClassInTheHierarchy.testref b/cpp/misra/test/rules/RULE-13-1-2/VirtualAndNonVirtualClassInTheHierarchy.testref index 966337628d..fe57c50fe3 100644 --- a/cpp/misra/test/rules/RULE-13-1-2/VirtualAndNonVirtualClassInTheHierarchy.testref +++ b/cpp/misra/test/rules/RULE-13-1-2/VirtualAndNonVirtualClassInTheHierarchy.testref @@ -1 +1 @@ -cpp/common/test/rules/virtualandnonvirtualclassinthehierarchy_shared/VirtualAndNonVirtualClassInTheHierarchy_shared.ql \ No newline at end of file +cpp/common/test/rules/virtualandnonvirtualclassinthehierarchy/VirtualAndNonVirtualClassInTheHierarchy.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-13-3-2/OverridingShallSpecifyDifferentDefaultArguments.testref b/cpp/misra/test/rules/RULE-13-3-2/OverridingShallSpecifyDifferentDefaultArguments.testref index c89e908ada..7e06403515 100644 --- a/cpp/misra/test/rules/RULE-13-3-2/OverridingShallSpecifyDifferentDefaultArguments.testref +++ b/cpp/misra/test/rules/RULE-13-3-2/OverridingShallSpecifyDifferentDefaultArguments.testref @@ -1 +1 @@ -cpp/common/test/rules/overridingshallspecifydifferentdefaultarguments_shared/OverridingShallSpecifyDifferentDefaultArguments_shared.ql \ No newline at end of file +cpp/common/test/rules/overridingshallspecifydifferentdefaultarguments/OverridingShallSpecifyDifferentDefaultArguments.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-13-3-4/PotentiallyVirtualPointerOnlyComparesToNullptr.testref b/cpp/misra/test/rules/RULE-13-3-4/PotentiallyVirtualPointerOnlyComparesToNullptr.testref index 2a9e8b2eef..ca8eab9681 100644 --- a/cpp/misra/test/rules/RULE-13-3-4/PotentiallyVirtualPointerOnlyComparesToNullptr.testref +++ b/cpp/misra/test/rules/RULE-13-3-4/PotentiallyVirtualPointerOnlyComparesToNullptr.testref @@ -1 +1 @@ -cpp/common/test/rules/potentiallyvirtualpointeronlycomparestonullptr_shared/PotentiallyVirtualPointerOnlyComparesToNullptr_shared.ql \ No newline at end of file +cpp/common/test/rules/potentiallyvirtualpointeronlycomparestonullptr/PotentiallyVirtualPointerOnlyComparesToNullptr.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-15-1-1/ObjectsDynamicTypeUsedFromConstructorOrDestructor.testref b/cpp/misra/test/rules/RULE-15-1-1/ObjectsDynamicTypeUsedFromConstructorOrDestructor.testref index 985c209460..596f74b010 100644 --- a/cpp/misra/test/rules/RULE-15-1-1/ObjectsDynamicTypeUsedFromConstructorOrDestructor.testref +++ b/cpp/misra/test/rules/RULE-15-1-1/ObjectsDynamicTypeUsedFromConstructorOrDestructor.testref @@ -1 +1 @@ -cpp/common/test/rules/objectsdynamictypeusedfromconstructorordestructor_shared/ObjectsDynamicTypeUsedFromConstructorOrDestructor_shared.ql \ No newline at end of file +cpp/common/test/rules/objectsdynamictypeusedfromconstructorordestructor/ObjectsDynamicTypeUsedFromConstructorOrDestructor.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-15-1-2/InitializeAllVirtualBaseClasses.testref b/cpp/misra/test/rules/RULE-15-1-2/InitializeAllVirtualBaseClasses.testref index 1bf7e7fffb..ac8c5e1a83 100644 --- a/cpp/misra/test/rules/RULE-15-1-2/InitializeAllVirtualBaseClasses.testref +++ b/cpp/misra/test/rules/RULE-15-1-2/InitializeAllVirtualBaseClasses.testref @@ -1 +1 @@ -cpp/common/test/rules/initializeallvirtualbaseclasses_shared/InitializeAllVirtualBaseClasses_shared.ql \ No newline at end of file +cpp/common/test/rules/initializeallvirtualbaseclasses/InitializeAllVirtualBaseClasses.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-15-1-5/InitializerListConstructorIsTheOnlyConstructor.testref b/cpp/misra/test/rules/RULE-15-1-5/InitializerListConstructorIsTheOnlyConstructor.testref index b9075dec6f..49b73d06a9 100644 --- a/cpp/misra/test/rules/RULE-15-1-5/InitializerListConstructorIsTheOnlyConstructor.testref +++ b/cpp/misra/test/rules/RULE-15-1-5/InitializerListConstructorIsTheOnlyConstructor.testref @@ -1 +1 @@ -cpp/common/test/rules/initializerlistconstructoristheonlyconstructor_shared/InitializerListConstructorIsTheOnlyConstructor_shared.ql \ No newline at end of file +cpp/common/test/rules/initializerlistconstructoristheonlyconstructor/InitializerListConstructorIsTheOnlyConstructor.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-16-5-2/AddressOfOperatorOverloaded.testref b/cpp/misra/test/rules/RULE-16-5-2/AddressOfOperatorOverloaded.testref index f9c1d69467..1f2a126671 100644 --- a/cpp/misra/test/rules/RULE-16-5-2/AddressOfOperatorOverloaded.testref +++ b/cpp/misra/test/rules/RULE-16-5-2/AddressOfOperatorOverloaded.testref @@ -1 +1 @@ -cpp/common/test/rules/addressofoperatoroverloaded_shared/AddressOfOperatorOverloaded_shared.ql \ No newline at end of file +cpp/common/test/rules/addressofoperatoroverloaded/AddressOfOperatorOverloaded.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-17-8-1/FunctionTemplatesExplicitlySpecialized.testref b/cpp/misra/test/rules/RULE-17-8-1/FunctionTemplatesExplicitlySpecialized.testref index 04c3f5a724..6a284e2cbb 100644 --- a/cpp/misra/test/rules/RULE-17-8-1/FunctionTemplatesExplicitlySpecialized.testref +++ b/cpp/misra/test/rules/RULE-17-8-1/FunctionTemplatesExplicitlySpecialized.testref @@ -1 +1 @@ -cpp/common/test/rules/functiontemplatesexplicitlyspecialized_shared/FunctionTemplatesExplicitlySpecialized_shared.ql \ No newline at end of file +cpp/common/test/rules/functiontemplatesexplicitlyspecialized/FunctionTemplatesExplicitlySpecialized.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-18-1-1/ExceptionObjectHavePointerType.testref b/cpp/misra/test/rules/RULE-18-1-1/ExceptionObjectHavePointerType.testref index 41eabfe5a6..24d4229225 100644 --- a/cpp/misra/test/rules/RULE-18-1-1/ExceptionObjectHavePointerType.testref +++ b/cpp/misra/test/rules/RULE-18-1-1/ExceptionObjectHavePointerType.testref @@ -1 +1 @@ -cpp/common/test/rules/exceptionobjecthavepointertype_shared/ExceptionObjectHavePointerType_shared.ql \ No newline at end of file +cpp/common/test/rules/exceptionobjecthavepointertype/ExceptionObjectHavePointerType.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-18-1-2/EmptyThrowOnlyWithinACatchHandler.testref b/cpp/misra/test/rules/RULE-18-1-2/EmptyThrowOnlyWithinACatchHandler.testref index 01a7dde1dd..f3c961d8f1 100644 --- a/cpp/misra/test/rules/RULE-18-1-2/EmptyThrowOnlyWithinACatchHandler.testref +++ b/cpp/misra/test/rules/RULE-18-1-2/EmptyThrowOnlyWithinACatchHandler.testref @@ -1 +1 @@ -cpp/common/test/rules/emptythrowonlywithinacatchhandler_shared/EmptyThrowOnlyWithinACatchHandler_shared.ql \ No newline at end of file +cpp/common/test/rules/emptythrowonlywithinacatchhandler/EmptyThrowOnlyWithinACatchHandler.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-18-5-1/NoexceptFunctionShouldNotPropagateToTheCaller.testref b/cpp/misra/test/rules/RULE-18-5-1/NoexceptFunctionShouldNotPropagateToTheCaller.testref index 089cce1ccf..76dc55827f 100644 --- a/cpp/misra/test/rules/RULE-18-5-1/NoexceptFunctionShouldNotPropagateToTheCaller.testref +++ b/cpp/misra/test/rules/RULE-18-5-1/NoexceptFunctionShouldNotPropagateToTheCaller.testref @@ -1 +1 @@ -cpp/common/test/rules/noexceptfunctionshouldnotpropagatetothecaller_shared/NoexceptFunctionShouldNotPropagateToTheCaller_shared.ql \ No newline at end of file +cpp/common/test/rules/noexceptfunctionshouldnotpropagatetothecaller/NoexceptFunctionShouldNotPropagateToTheCaller.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-19-0-2/FunctionLikeMacrosDefined.testref b/cpp/misra/test/rules/RULE-19-0-2/FunctionLikeMacrosDefined.testref index 99791747ae..1f07b047a6 100644 --- a/cpp/misra/test/rules/RULE-19-0-2/FunctionLikeMacrosDefined.testref +++ b/cpp/misra/test/rules/RULE-19-0-2/FunctionLikeMacrosDefined.testref @@ -1 +1 @@ -cpp/common/test/rules/functionlikemacrosdefined_shared/FunctionLikeMacrosDefined_shared.ql \ No newline at end of file +cpp/common/test/rules/functionlikemacrosdefined/FunctionLikeMacrosDefined.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-19-3-2/MacroParameterFollowingHash.testref b/cpp/misra/test/rules/RULE-19-3-2/MacroParameterFollowingHash.testref index bf61f640dd..a5eb010410 100644 --- a/cpp/misra/test/rules/RULE-19-3-2/MacroParameterFollowingHash.testref +++ b/cpp/misra/test/rules/RULE-19-3-2/MacroParameterFollowingHash.testref @@ -1 +1 @@ -cpp/common/test/rules/macroparameterfollowinghash_shared/MacroParameterFollowingHash_shared.ql \ No newline at end of file +cpp/common/test/rules/macroparameterfollowinghash/MacroParameterFollowingHash.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-19-3-3/AMixedUseMacroArgumentSubjectToExpansion.testref b/cpp/misra/test/rules/RULE-19-3-3/AMixedUseMacroArgumentSubjectToExpansion.testref index 6cfdd63510..8061bfd2ec 100644 --- a/cpp/misra/test/rules/RULE-19-3-3/AMixedUseMacroArgumentSubjectToExpansion.testref +++ b/cpp/misra/test/rules/RULE-19-3-3/AMixedUseMacroArgumentSubjectToExpansion.testref @@ -1 +1 @@ -cpp/common/test/rules/amixedusemacroargumentsubjecttoexpansion_shared/AMixedUseMacroArgumentSubjectToExpansion_shared.ql \ No newline at end of file +cpp/common/test/rules/amixedusemacroargumentsubjecttoexpansion/AMixedUseMacroArgumentSubjectToExpansion.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-21-10-3/CsignalFacilitiesUsed.testref b/cpp/misra/test/rules/RULE-21-10-3/CsignalFacilitiesUsed.testref index e491bc10c7..2342517408 100644 --- a/cpp/misra/test/rules/RULE-21-10-3/CsignalFacilitiesUsed.testref +++ b/cpp/misra/test/rules/RULE-21-10-3/CsignalFacilitiesUsed.testref @@ -1 +1 @@ -cpp/common/test/rules/csignalfacilitiesused_shared/CsignalFacilitiesUsed_shared.ql \ No newline at end of file +cpp/common/test/rules/csignalfacilitiesused/CsignalFacilitiesUsed.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-21-10-3/CsignalTypesShallNotBeUsed.testref b/cpp/misra/test/rules/RULE-21-10-3/CsignalTypesShallNotBeUsed.testref index 3ea4c7008d..3d398d799b 100644 --- a/cpp/misra/test/rules/RULE-21-10-3/CsignalTypesShallNotBeUsed.testref +++ b/cpp/misra/test/rules/RULE-21-10-3/CsignalTypesShallNotBeUsed.testref @@ -1 +1 @@ -cpp/common/test/rules/csignaltypesused_shared/CsignalTypesUsed_shared.ql \ No newline at end of file +cpp/common/test/rules/csignaltypesused/CsignalTypesUsed.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-21-10-3/CsignalTypesUsed.testref b/cpp/misra/test/rules/RULE-21-10-3/CsignalTypesUsed.testref index 3ea4c7008d..3d398d799b 100644 --- a/cpp/misra/test/rules/RULE-21-10-3/CsignalTypesUsed.testref +++ b/cpp/misra/test/rules/RULE-21-10-3/CsignalTypesUsed.testref @@ -1 +1 @@ -cpp/common/test/rules/csignaltypesused_shared/CsignalTypesUsed_shared.ql \ No newline at end of file +cpp/common/test/rules/csignaltypesused/CsignalTypesUsed.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-21-2-1/AtofAtoiAtolAndAtollUsed.testref b/cpp/misra/test/rules/RULE-21-2-1/AtofAtoiAtolAndAtollUsed.testref index 67251b4d35..1b12920284 100644 --- a/cpp/misra/test/rules/RULE-21-2-1/AtofAtoiAtolAndAtollUsed.testref +++ b/cpp/misra/test/rules/RULE-21-2-1/AtofAtoiAtolAndAtollUsed.testref @@ -1 +1 @@ -cpp/common/test/rules/atofatoiatolandatollused_shared/AtofAtoiAtolAndAtollUsed_shared.ql \ No newline at end of file +cpp/common/test/rules/atofatoiatolandatollused/AtofAtoiAtolAndAtollUsed.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-21-2-4/MacroOffsetofShallNotBeUsed.testref b/cpp/misra/test/rules/RULE-21-2-4/MacroOffsetofShallNotBeUsed.testref index f53f8d6f9f..022fef6071 100644 --- a/cpp/misra/test/rules/RULE-21-2-4/MacroOffsetofShallNotBeUsed.testref +++ b/cpp/misra/test/rules/RULE-21-2-4/MacroOffsetofShallNotBeUsed.testref @@ -1 +1 @@ -cpp/common/test/rules/macrooffsetofused_shared/MacroOffsetofUsed_shared.ql \ No newline at end of file +cpp/common/test/rules/macrooffsetofused/MacroOffsetofUsed.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-21-6-4/GlobalSizedOperatorDeleteShallBeDefined.testref b/cpp/misra/test/rules/RULE-21-6-4/GlobalSizedOperatorDeleteShallBeDefined.testref index bd7e582a38..4d1e21d4cb 100644 --- a/cpp/misra/test/rules/RULE-21-6-4/GlobalSizedOperatorDeleteShallBeDefined.testref +++ b/cpp/misra/test/rules/RULE-21-6-4/GlobalSizedOperatorDeleteShallBeDefined.testref @@ -1 +1 @@ -cpp/common/test/rules/globalsizedoperatordeletenotdefined_shared/GlobalSizedOperatorDeleteNotDefined_shared.ql \ No newline at end of file +cpp/common/test/rules/globalsizedoperatordeletenotdefined/GlobalSizedOperatorDeleteNotDefined.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-21-6-4/GlobalUnsizedOperatorDeleteShallBeDefined.testref b/cpp/misra/test/rules/RULE-21-6-4/GlobalUnsizedOperatorDeleteShallBeDefined.testref index 781d037067..f2fcc2eded 100644 --- a/cpp/misra/test/rules/RULE-21-6-4/GlobalUnsizedOperatorDeleteShallBeDefined.testref +++ b/cpp/misra/test/rules/RULE-21-6-4/GlobalUnsizedOperatorDeleteShallBeDefined.testref @@ -1 +1 @@ -cpp/common/test/rules/globalunsizedoperatordeletenotdefined_shared/GlobalUnsizedOperatorDeleteNotDefined_shared.ql \ No newline at end of file +cpp/common/test/rules/globalunsizedoperatordeletenotdefined/GlobalUnsizedOperatorDeleteNotDefined.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-26-3-1/VectorShouldNotBeSpecializedWithBool.testref b/cpp/misra/test/rules/RULE-26-3-1/VectorShouldNotBeSpecializedWithBool.testref index 96d8385f5f..a934690acb 100644 --- a/cpp/misra/test/rules/RULE-26-3-1/VectorShouldNotBeSpecializedWithBool.testref +++ b/cpp/misra/test/rules/RULE-26-3-1/VectorShouldNotBeSpecializedWithBool.testref @@ -1 +1 @@ -cpp/common/test/rules/vectorshouldnotbespecializedwithbool_shared/VectorShouldNotBeSpecializedWithBool_shared.ql \ No newline at end of file +cpp/common/test/rules/vectorshouldnotbespecializedwithbool/VectorShouldNotBeSpecializedWithBool.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-28-6-2/ForwardingReferencesAndForwardNotUsedTogether.testref b/cpp/misra/test/rules/RULE-28-6-2/ForwardingReferencesAndForwardNotUsedTogether.testref index 16fd01273f..d56acb8415 100644 --- a/cpp/misra/test/rules/RULE-28-6-2/ForwardingReferencesAndForwardNotUsedTogether.testref +++ b/cpp/misra/test/rules/RULE-28-6-2/ForwardingReferencesAndForwardNotUsedTogether.testref @@ -1 +1 @@ -cpp/common/test/rules/forwardingreferencesandforwardnotusedtogether_shared/ForwardingReferencesAndForwardNotUsedTogether_shared.ql \ No newline at end of file +cpp/common/test/rules/forwardingreferencesandforwardnotusedtogether/ForwardingReferencesAndForwardNotUsedTogether.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-30-0-1/CstdioFunctionsShallNotBeUsed.testref b/cpp/misra/test/rules/RULE-30-0-1/CstdioFunctionsShallNotBeUsed.testref index 595b7fcffa..5f8b3d8a9a 100644 --- a/cpp/misra/test/rules/RULE-30-0-1/CstdioFunctionsShallNotBeUsed.testref +++ b/cpp/misra/test/rules/RULE-30-0-1/CstdioFunctionsShallNotBeUsed.testref @@ -1 +1 @@ -cpp/common/test/rules/cstdiofunctionsused_shared/CstdioFunctionsUsed_shared.ql \ No newline at end of file +cpp/common/test/rules/cstdiofunctionsused/CstdioFunctionsUsed.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-30-0-1/CstdioMacrosShallNotBeUsed.testref b/cpp/misra/test/rules/RULE-30-0-1/CstdioMacrosShallNotBeUsed.testref index 8bc3a8fcde..a1ba376c3b 100644 --- a/cpp/misra/test/rules/RULE-30-0-1/CstdioMacrosShallNotBeUsed.testref +++ b/cpp/misra/test/rules/RULE-30-0-1/CstdioMacrosShallNotBeUsed.testref @@ -1 +1 @@ -cpp/common/test/rules/cstdiomacrosused_shared/CstdioMacrosUsed_shared.ql \ No newline at end of file +cpp/common/test/rules/cstdiomacrosused/CstdioMacrosUsed.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-30-0-1/CstdioTypesShallNotBeUsed.testref b/cpp/misra/test/rules/RULE-30-0-1/CstdioTypesShallNotBeUsed.testref index 4020d6427e..4c08a75cfe 100644 --- a/cpp/misra/test/rules/RULE-30-0-1/CstdioTypesShallNotBeUsed.testref +++ b/cpp/misra/test/rules/RULE-30-0-1/CstdioTypesShallNotBeUsed.testref @@ -1 +1 @@ -cpp/common/test/rules/cstdiotypesused_shared/CstdioTypesUsed_shared.ql \ No newline at end of file +cpp/common/test/rules/cstdiotypesused/CstdioTypesUsed.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-4-6-1/MemoryOperationsNotSequencedAppropriately.testref b/cpp/misra/test/rules/RULE-4-6-1/MemoryOperationsNotSequencedAppropriately.testref index 347bf0114c..02034f66c6 100644 --- a/cpp/misra/test/rules/RULE-4-6-1/MemoryOperationsNotSequencedAppropriately.testref +++ b/cpp/misra/test/rules/RULE-4-6-1/MemoryOperationsNotSequencedAppropriately.testref @@ -1 +1 @@ -cpp/common/test/rules/memoryoperationsnotsequencedappropriately_shared/MemoryOperationsNotSequencedAppropriately_shared.ql \ No newline at end of file +cpp/common/test/rules/memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-5-13-1/BackslashCharacterMisuse.testref b/cpp/misra/test/rules/RULE-5-13-1/BackslashCharacterMisuse.testref index a257ad6ab7..924122e38e 100644 --- a/cpp/misra/test/rules/RULE-5-13-1/BackslashCharacterMisuse.testref +++ b/cpp/misra/test/rules/RULE-5-13-1/BackslashCharacterMisuse.testref @@ -1 +1 @@ -cpp/common/test/rules/backslashcharactermisuse_shared/BackslashCharacterMisuse_shared.ql \ No newline at end of file +cpp/common/test/rules/backslashcharactermisuse/BackslashCharacterMisuse.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-5-13-2/NonTerminatedEscapeSequences.testref b/cpp/misra/test/rules/RULE-5-13-2/NonTerminatedEscapeSequences.testref index 6212775e36..bfed44b1fd 100644 --- a/cpp/misra/test/rules/RULE-5-13-2/NonTerminatedEscapeSequences.testref +++ b/cpp/misra/test/rules/RULE-5-13-2/NonTerminatedEscapeSequences.testref @@ -1 +1 @@ -cpp/common/test/rules/nonterminatedescapesequences_shared/NonTerminatedEscapeSequences_shared.ql \ No newline at end of file +cpp/common/test/rules/nonterminatedescapesequences/NonTerminatedEscapeSequences.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-5-13-3/OctalConstantsUsed.testref b/cpp/misra/test/rules/RULE-5-13-3/OctalConstantsUsed.testref index 5b23b86826..97c466a866 100644 --- a/cpp/misra/test/rules/RULE-5-13-3/OctalConstantsUsed.testref +++ b/cpp/misra/test/rules/RULE-5-13-3/OctalConstantsUsed.testref @@ -1 +1 @@ -cpp/common/test/rules/useofnonzerooctalliteral_shared/UseOfNonZeroOctalLiteral_shared.ql \ No newline at end of file +cpp/common/test/rules/useofnonzerooctalliteral/UseOfNonZeroOctalLiteral.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-5-13-4/UnsignedIntegerLiteralsNotAppropriatelySuffixed.testref b/cpp/misra/test/rules/RULE-5-13-4/UnsignedIntegerLiteralsNotAppropriatelySuffixed.testref index 1a58c1eee1..9133a84ce4 100644 --- a/cpp/misra/test/rules/RULE-5-13-4/UnsignedIntegerLiteralsNotAppropriatelySuffixed.testref +++ b/cpp/misra/test/rules/RULE-5-13-4/UnsignedIntegerLiteralsNotAppropriatelySuffixed.testref @@ -1 +1 @@ -cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed_shared/UnsignedIntegerLiteralsNotAppropriatelySuffixed_shared.ql \ No newline at end of file +cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed/UnsignedIntegerLiteralsNotAppropriatelySuffixed.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-5-13-5/LowercaseLStartsInLiteralSuffix.testref b/cpp/misra/test/rules/RULE-5-13-5/LowercaseLStartsInLiteralSuffix.testref index ab0542973b..760d407a2d 100644 --- a/cpp/misra/test/rules/RULE-5-13-5/LowercaseLStartsInLiteralSuffix.testref +++ b/cpp/misra/test/rules/RULE-5-13-5/LowercaseLStartsInLiteralSuffix.testref @@ -1 +1 @@ -cpp/common/test/rules/lowercaselstartsinliteralsuffix_shared/LowercaseLStartsInLiteralSuffix_shared.ql \ No newline at end of file +cpp/common/test/rules/lowercaselstartsinliteralsuffix/LowercaseLStartsInLiteralSuffix.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-5-7-1/CharacterSequenceUsedWithinACStyleComment.testref b/cpp/misra/test/rules/RULE-5-7-1/CharacterSequenceUsedWithinACStyleComment.testref index 8073a976cd..971b1953f7 100644 --- a/cpp/misra/test/rules/RULE-5-7-1/CharacterSequenceUsedWithinACStyleComment.testref +++ b/cpp/misra/test/rules/RULE-5-7-1/CharacterSequenceUsedWithinACStyleComment.testref @@ -1 +1 @@ -cpp/common/test/rules/charactersequenceusedwithinacstylecomment_shared/CharacterSequenceUsedWithinACStyleComment_shared.ql \ No newline at end of file +cpp/common/test/rules/charactersequenceusedwithinacstylecomment/CharacterSequenceUsedWithinACStyleComment.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-5-7-3/LineSplicingUsedInComments.testref b/cpp/misra/test/rules/RULE-5-7-3/LineSplicingUsedInComments.testref index d4f66ed35e..7874a476a0 100644 --- a/cpp/misra/test/rules/RULE-5-7-3/LineSplicingUsedInComments.testref +++ b/cpp/misra/test/rules/RULE-5-7-3/LineSplicingUsedInComments.testref @@ -1 +1 @@ -cpp/common/test/rules/linesplicingusedincomments_shared/LineSplicingUsedInComments_shared.ql \ No newline at end of file +cpp/common/test/rules/linesplicingusedincomments/LineSplicingUsedInComments.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-6-0-3/GlobalNamespaceDeclarations.testref b/cpp/misra/test/rules/RULE-6-0-3/GlobalNamespaceDeclarations.testref index 93764c480e..8f71738005 100644 --- a/cpp/misra/test/rules/RULE-6-0-3/GlobalNamespaceDeclarations.testref +++ b/cpp/misra/test/rules/RULE-6-0-3/GlobalNamespaceDeclarations.testref @@ -1 +1 @@ -cpp/common/test/rules/globalnamespacedeclarations_shared/GlobalNamespaceDeclarations_shared.ql \ No newline at end of file +cpp/common/test/rules/globalnamespacedeclarations/GlobalNamespaceDeclarations.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-6-0-4/NonGlobalFunctionMain.testref b/cpp/misra/test/rules/RULE-6-0-4/NonGlobalFunctionMain.testref index 528412284f..e149f3a33b 100644 --- a/cpp/misra/test/rules/RULE-6-0-4/NonGlobalFunctionMain.testref +++ b/cpp/misra/test/rules/RULE-6-0-4/NonGlobalFunctionMain.testref @@ -1 +1 @@ -cpp/common/test/rules/nonglobalfunctionmain_shared/NonGlobalFunctionMain_shared.ql \ No newline at end of file +cpp/common/test/rules/nonglobalfunctionmain/NonGlobalFunctionMain.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-6-4-2/DefinitionShallBeConsideredForUnqualifiedLookup.testref b/cpp/misra/test/rules/RULE-6-4-2/DefinitionShallBeConsideredForUnqualifiedLookup.testref index 3b04b2950f..7a5ae74d2e 100644 --- a/cpp/misra/test/rules/RULE-6-4-2/DefinitionShallBeConsideredForUnqualifiedLookup.testref +++ b/cpp/misra/test/rules/RULE-6-4-2/DefinitionShallBeConsideredForUnqualifiedLookup.testref @@ -1 +1 @@ -cpp/common/test/rules/definitionnotconsideredforunqualifiedlookup_shared/DefinitionNotConsideredForUnqualifiedLookup_shared.ql \ No newline at end of file +cpp/common/test/rules/definitionnotconsideredforunqualifiedlookup/DefinitionNotConsideredForUnqualifiedLookup.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-6-4-2/InheritedNonOverridableMemberFunction.testref b/cpp/misra/test/rules/RULE-6-4-2/InheritedNonOverridableMemberFunction.testref index 371b80ead3..2fb9608ee8 100644 --- a/cpp/misra/test/rules/RULE-6-4-2/InheritedNonOverridableMemberFunction.testref +++ b/cpp/misra/test/rules/RULE-6-4-2/InheritedNonOverridableMemberFunction.testref @@ -1 +1 @@ -cpp/common/test/rules/hiddeninheritednonoverridablememberfunction_shared/HiddenInheritedNonOverridableMemberFunction_shared.ql \ No newline at end of file +cpp/common/test/rules/hiddeninheritednonoverridablememberfunction/HiddenInheritedNonOverridableMemberFunction.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-6-4-2/InheritedOverridableMemberFunction.testref b/cpp/misra/test/rules/RULE-6-4-2/InheritedOverridableMemberFunction.testref index 3fcc2ed7e7..e768ced8d3 100644 --- a/cpp/misra/test/rules/RULE-6-4-2/InheritedOverridableMemberFunction.testref +++ b/cpp/misra/test/rules/RULE-6-4-2/InheritedOverridableMemberFunction.testref @@ -1 +1 @@ -cpp/common/test/rules/hiddeninheritedoverridablememberfunction_shared/HiddenInheritedOverridableMemberFunction_shared.ql \ No newline at end of file +cpp/common/test/rules/hiddeninheritedoverridablememberfunction/HiddenInheritedOverridableMemberFunction.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-6-4-3/NameShallBeReferredUsingAQualifiedIdOrThis.testref b/cpp/misra/test/rules/RULE-6-4-3/NameShallBeReferredUsingAQualifiedIdOrThis.testref index 34df16815b..ad5590bc1f 100644 --- a/cpp/misra/test/rules/RULE-6-4-3/NameShallBeReferredUsingAQualifiedIdOrThis.testref +++ b/cpp/misra/test/rules/RULE-6-4-3/NameShallBeReferredUsingAQualifiedIdOrThis.testref @@ -1 +1 @@ -cpp/common/test/rules/namenotreferredusingaqualifiedidorthis_shared/NameNotReferredUsingAQualifiedIdOrThis_shared.ql \ No newline at end of file +cpp/common/test/rules/namenotreferredusingaqualifiedidorthis/NameNotReferredUsingAQualifiedIdOrThis.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-6-4-3/NameShallBeReferredUsingAQualifiedIdOrThisAudit.testref b/cpp/misra/test/rules/RULE-6-4-3/NameShallBeReferredUsingAQualifiedIdOrThisAudit.testref index 0bef5586dd..f7ff9100a6 100644 --- a/cpp/misra/test/rules/RULE-6-4-3/NameShallBeReferredUsingAQualifiedIdOrThisAudit.testref +++ b/cpp/misra/test/rules/RULE-6-4-3/NameShallBeReferredUsingAQualifiedIdOrThisAudit.testref @@ -1 +1 @@ -cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit_shared/NameNotReferredUsingAQualifiedIdOrThisAudit_shared.ql \ No newline at end of file +cpp/common/test/rules/namenotreferredusingaqualifiedidorthisaudit/NameNotReferredUsingAQualifiedIdOrThisAudit.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-6-8-2/ReturnReferenceOrPointerToAutomaticLocalVariable.testref b/cpp/misra/test/rules/RULE-6-8-2/ReturnReferenceOrPointerToAutomaticLocalVariable.testref index 676e414381..45dbffde00 100644 --- a/cpp/misra/test/rules/RULE-6-8-2/ReturnReferenceOrPointerToAutomaticLocalVariable.testref +++ b/cpp/misra/test/rules/RULE-6-8-2/ReturnReferenceOrPointerToAutomaticLocalVariable.testref @@ -1 +1 @@ -cpp/common/test/rules/returnreferenceorpointertoautomaticlocalvariable_shared/ReturnReferenceOrPointerToAutomaticLocalVariable_shared.ql \ No newline at end of file +cpp/common/test/rules/returnreferenceorpointertoautomaticlocalvariable/ReturnReferenceOrPointerToAutomaticLocalVariable.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-7-11-1/NullptrNotTheOnlyFormOfTheNullPointerConstant.testref b/cpp/misra/test/rules/RULE-7-11-1/NullptrNotTheOnlyFormOfTheNullPointerConstant.testref index 495d8eddba..aeb655a341 100644 --- a/cpp/misra/test/rules/RULE-7-11-1/NullptrNotTheOnlyFormOfTheNullPointerConstant.testref +++ b/cpp/misra/test/rules/RULE-7-11-1/NullptrNotTheOnlyFormOfTheNullPointerConstant.testref @@ -1 +1 @@ -cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant_shared/NullptrNotTheOnlyFormOfTheNullPointerConstant_shared.ql \ No newline at end of file +cpp/common/test/rules/nullptrnottheonlyformofthenullpointerconstant/NullptrNotTheOnlyFormOfTheNullPointerConstant.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-7-11-2/ArrayPassedAsFunctionArgumentDecayToAPointer.testref b/cpp/misra/test/rules/RULE-7-11-2/ArrayPassedAsFunctionArgumentDecayToAPointer.testref index 97edef0af2..06f2ec8fbb 100644 --- a/cpp/misra/test/rules/RULE-7-11-2/ArrayPassedAsFunctionArgumentDecayToAPointer.testref +++ b/cpp/misra/test/rules/RULE-7-11-2/ArrayPassedAsFunctionArgumentDecayToAPointer.testref @@ -1 +1 @@ -cpp/common/test/rules/arraypassedasfunctionargumentdecaytoapointer_shared/ArrayPassedAsFunctionArgumentDecayToAPointer_shared.ql \ No newline at end of file +cpp/common/test/rules/arraypassedasfunctionargumentdecaytoapointer/ArrayPassedAsFunctionArgumentDecayToAPointer.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-8-18-2/ResultOfAnAssignmentOperatorShouldNotBeUsed.testref b/cpp/misra/test/rules/RULE-8-18-2/ResultOfAnAssignmentOperatorShouldNotBeUsed.testref index fe502f81be..1e29dba140 100644 --- a/cpp/misra/test/rules/RULE-8-18-2/ResultOfAnAssignmentOperatorShouldNotBeUsed.testref +++ b/cpp/misra/test/rules/RULE-8-18-2/ResultOfAnAssignmentOperatorShouldNotBeUsed.testref @@ -1 +1 @@ -cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused_shared/ResultOfAnAssignmentOperatorShouldNotBeUsed_shared.ql \ No newline at end of file +cpp/common/test/rules/resultofanassignmentoperatorshouldnotbeused/ResultOfAnAssignmentOperatorShouldNotBeUsed.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-8-2-10/FunctionsCallThemselvesEitherDirectlyOrIndirectly.testref b/cpp/misra/test/rules/RULE-8-2-10/FunctionsCallThemselvesEitherDirectlyOrIndirectly.testref index 1ebf3d5742..f459a29bf1 100644 --- a/cpp/misra/test/rules/RULE-8-2-10/FunctionsCallThemselvesEitherDirectlyOrIndirectly.testref +++ b/cpp/misra/test/rules/RULE-8-2-10/FunctionsCallThemselvesEitherDirectlyOrIndirectly.testref @@ -1 +1 @@ -cpp/common/test/rules/functionscallthemselveseitherdirectlyorindirectly_shared/FunctionsCallThemselvesEitherDirectlyOrIndirectly_shared.ql \ No newline at end of file +cpp/common/test/rules/functionscallthemselveseitherdirectlyorindirectly/FunctionsCallThemselvesEitherDirectlyOrIndirectly.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-8-2-4/CastsBetweenAPointerToFunctionAndAnyOtherType.testref b/cpp/misra/test/rules/RULE-8-2-4/CastsBetweenAPointerToFunctionAndAnyOtherType.testref index 5eeeea570a..e7bde2ea08 100644 --- a/cpp/misra/test/rules/RULE-8-2-4/CastsBetweenAPointerToFunctionAndAnyOtherType.testref +++ b/cpp/misra/test/rules/RULE-8-2-4/CastsBetweenAPointerToFunctionAndAnyOtherType.testref @@ -1 +1 @@ -cpp/common/test/rules/castsbetweenapointertofunctionandanyothertype_shared/CastsBetweenAPointerToFunctionAndAnyOtherType_shared.ql \ No newline at end of file +cpp/common/test/rules/castsbetweenapointertofunctionandanyothertype/CastsBetweenAPointerToFunctionAndAnyOtherType.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-8-2-5/ReinterpretCastShallNotBeUsed.testref b/cpp/misra/test/rules/RULE-8-2-5/ReinterpretCastShallNotBeUsed.testref index a553240f19..81f18c2d9c 100644 --- a/cpp/misra/test/rules/RULE-8-2-5/ReinterpretCastShallNotBeUsed.testref +++ b/cpp/misra/test/rules/RULE-8-2-5/ReinterpretCastShallNotBeUsed.testref @@ -1 +1 @@ -cpp/common/test/rules/reinterpretcastused_shared/ReinterpretCastUsed_shared.ql \ No newline at end of file +cpp/common/test/rules/reinterpretcastused/ReinterpretCastUsed.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-8-20-1/UnsignedOperationWithConstantOperandsWraps.testref b/cpp/misra/test/rules/RULE-8-20-1/UnsignedOperationWithConstantOperandsWraps.testref index 8b29a5cd46..148997676e 100644 --- a/cpp/misra/test/rules/RULE-8-20-1/UnsignedOperationWithConstantOperandsWraps.testref +++ b/cpp/misra/test/rules/RULE-8-20-1/UnsignedOperationWithConstantOperandsWraps.testref @@ -1 +1 @@ -cpp/common/test/rules/unsignedoperationwithconstantoperandswraps_shared/UnsignedOperationWithConstantOperandsWraps_shared.ql \ No newline at end of file +cpp/common/test/rules/unsignedoperationwithconstantoperandswraps/UnsignedOperationWithConstantOperandsWraps.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-8-3-1/BuiltInUnaryOperatorAppliedToUnsignedExpression.testref b/cpp/misra/test/rules/RULE-8-3-1/BuiltInUnaryOperatorAppliedToUnsignedExpression.testref index 48a20b03f1..bd12c39fbd 100644 --- a/cpp/misra/test/rules/RULE-8-3-1/BuiltInUnaryOperatorAppliedToUnsignedExpression.testref +++ b/cpp/misra/test/rules/RULE-8-3-1/BuiltInUnaryOperatorAppliedToUnsignedExpression.testref @@ -1 +1 @@ -cpp/common/test/rules/builtinunaryoperatorappliedtounsignedexpression_shared/BuiltInUnaryOperatorAppliedToUnsignedExpression_shared.ql \ No newline at end of file +cpp/common/test/rules/builtinunaryoperatorappliedtounsignedexpression/BuiltInUnaryOperatorAppliedToUnsignedExpression.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-9-3-1/LoopBodyCompoundCondition.testref b/cpp/misra/test/rules/RULE-9-3-1/LoopBodyCompoundCondition.testref index e301b04020..84dc7caf76 100644 --- a/cpp/misra/test/rules/RULE-9-3-1/LoopBodyCompoundCondition.testref +++ b/cpp/misra/test/rules/RULE-9-3-1/LoopBodyCompoundCondition.testref @@ -1 +1 @@ -cpp/common/test/rules/loopcompoundcondition_shared/LoopCompoundCondition_shared.ql \ No newline at end of file +cpp/common/test/rules/loopcompoundcondition/LoopCompoundCondition.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-9-3-1/SwitchBodyCompoundCondition.testref b/cpp/misra/test/rules/RULE-9-3-1/SwitchBodyCompoundCondition.testref index e48ef207a0..f02b02ba85 100644 --- a/cpp/misra/test/rules/RULE-9-3-1/SwitchBodyCompoundCondition.testref +++ b/cpp/misra/test/rules/RULE-9-3-1/SwitchBodyCompoundCondition.testref @@ -1 +1 @@ -cpp/common/test/rules/switchcompoundcondition_shared/SwitchCompoundCondition_shared.ql \ No newline at end of file +cpp/common/test/rules/switchcompoundcondition/SwitchCompoundCondition.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-9-6-1/GotoStatementShouldNotBeUsed.testref b/cpp/misra/test/rules/RULE-9-6-1/GotoStatementShouldNotBeUsed.testref index 3f2f4508b1..44d306f80c 100644 --- a/cpp/misra/test/rules/RULE-9-6-1/GotoStatementShouldNotBeUsed.testref +++ b/cpp/misra/test/rules/RULE-9-6-1/GotoStatementShouldNotBeUsed.testref @@ -1 +1 @@ -cpp/common/test/rules/gotostatementshouldnotbeused_shared/GotoStatementShouldNotBeUsed_shared.ql \ No newline at end of file +cpp/common/test/rules/gotostatementshouldnotbeused/GotoStatementShouldNotBeUsed.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-9-6-2/GotoReferenceALabelInSurroundingBlock.testref b/cpp/misra/test/rules/RULE-9-6-2/GotoReferenceALabelInSurroundingBlock.testref index 7bbaffe1e3..7502d9431c 100644 --- a/cpp/misra/test/rules/RULE-9-6-2/GotoReferenceALabelInSurroundingBlock.testref +++ b/cpp/misra/test/rules/RULE-9-6-2/GotoReferenceALabelInSurroundingBlock.testref @@ -1 +1 @@ -cpp/common/test/rules/gotoreferencealabelinsurroundingblock_shared/GotoReferenceALabelInSurroundingBlock_shared.ql \ No newline at end of file +cpp/common/test/rules/gotoreferencealabelinsurroundingblock/GotoReferenceALabelInSurroundingBlock.ql \ No newline at end of file diff --git a/rule_packages/c/Banned.json b/rule_packages/c/Banned.json index e68485b970..cab9ffc8c7 100644 --- a/rule_packages/c/Banned.json +++ b/rule_packages/c/Banned.json @@ -245,7 +245,7 @@ "precision": "very-high", "severity": "error", "short_name": "AtofAtoiAtolAndAtollOfStdlibhUsed", - "shared_implementation_short_name": "AtofAtoiAtolAndAtollUsed_shared", + "shared_implementation_short_name": "AtofAtoiAtolAndAtollUsed", "tags": [ "correctness" ] @@ -338,7 +338,7 @@ "precision": "very-high", "severity": "error", "short_name": "OctalConstantsUsed", - "shared_implementation_short_name": "UseOfNonZeroOctalLiteral_shared", + "shared_implementation_short_name": "UseOfNonZeroOctalLiteral", "tags": [ "readability", "correctness", diff --git a/rule_packages/c/BitfieldTypes.json b/rule_packages/c/BitfieldTypes.json index 41d109ec3b..76490d73d1 100644 --- a/rule_packages/c/BitfieldTypes.json +++ b/rule_packages/c/BitfieldTypes.json @@ -12,7 +12,7 @@ "precision": "very-high", "severity": "error", "short_name": "BitFieldsShallOnlyBeDeclaredWithAnAppropriateType", - "shared_implementation_short_name": "BitFieldShallHaveAnAppropriateType_shared", + "shared_implementation_short_name": "BitFieldShallHaveAnAppropriateType", "tags": [] } ], @@ -30,7 +30,7 @@ "precision": "very-high", "severity": "error", "short_name": "SingleBitNamedBitFieldsOfASignedType", - "shared_implementation_short_name": "NamedBitFieldsWithSignedIntegerType_shared", + "shared_implementation_short_name": "NamedBitFieldsWithSignedIntegerType", "tags": [] } ], diff --git a/rule_packages/c/Declarations7.json b/rule_packages/c/Declarations7.json index 335a9f3603..b1be4f9d55 100644 --- a/rule_packages/c/Declarations7.json +++ b/rule_packages/c/Declarations7.json @@ -57,7 +57,7 @@ "precision": "very-high", "severity": "error", "short_name": "ValueImplicitEnumerationConstantNotUnique", - "shared_implementation_short_name": "NonUniqueEnumerationConstant_shared", + "shared_implementation_short_name": "NonUniqueEnumerationConstant", "tags": [ "correctness", "readability" diff --git a/rule_packages/c/IntegerOverflow.json b/rule_packages/c/IntegerOverflow.json index 0549f0a29e..0fb1c5a4e7 100644 --- a/rule_packages/c/IntegerOverflow.json +++ b/rule_packages/c/IntegerOverflow.json @@ -12,7 +12,7 @@ "precision": "medium", "severity": "error", "short_name": "UnsignedIntegerOperationsWrapAround", - "shared_implementation_short_name": "UnsignedOperationWithConstantOperandsWraps_shared", + "shared_implementation_short_name": "UnsignedOperationWithConstantOperandsWraps", "tags": [ "correctness", "security" diff --git a/rule_packages/c/Preprocessor2.json b/rule_packages/c/Preprocessor2.json index ddce5a7080..546f426135 100644 --- a/rule_packages/c/Preprocessor2.json +++ b/rule_packages/c/Preprocessor2.json @@ -12,7 +12,7 @@ "precision": "very-high", "severity": "warning", "short_name": "MoreThanOneHashOperatorInMacroDefinition", - "shared_implementation_short_name": "MacroParameterFollowingHash_shared", + "shared_implementation_short_name": "MacroParameterFollowingHash", "tags": [ "correctness" ], @@ -36,7 +36,7 @@ "precision": "high", "severity": "warning", "short_name": "MacroParameterUsedAsHashOperand", - "shared_implementation_short_name": "AMixedUseMacroArgumentSubjectToExpansion_shared", + "shared_implementation_short_name": "AMixedUseMacroArgumentSubjectToExpansion", "tags": [ "maintainability", "readability" diff --git a/rule_packages/c/Preprocessor6.json b/rule_packages/c/Preprocessor6.json index 324a2e5fa7..0bb7f34f90 100644 --- a/rule_packages/c/Preprocessor6.json +++ b/rule_packages/c/Preprocessor6.json @@ -12,7 +12,7 @@ "precision": "medium", "severity": "recommendation", "short_name": "FunctionOverFunctionLikeMacro", - "shared_implementation_short_name": "FunctionLikeMacrosDefined_shared", + "shared_implementation_short_name": "FunctionLikeMacrosDefined", "tags": [ "external/misra/audit", "maintainability", diff --git a/rule_packages/c/SideEffects1.json b/rule_packages/c/SideEffects1.json index f45a57e547..821fb24d3c 100644 --- a/rule_packages/c/SideEffects1.json +++ b/rule_packages/c/SideEffects1.json @@ -131,7 +131,7 @@ "precision": "very-high", "severity": "error", "short_name": "ResultOfAnAssignmentOperatorShouldNotBeUsed", - "shared_implementation_short_name": "ResultOfAnAssignmentOperatorShouldNotBeUsed_shared", + "shared_implementation_short_name": "ResultOfAnAssignmentOperatorShouldNotBeUsed", "tags": [ "correctness", "readability" diff --git a/rule_packages/c/SideEffects3.json b/rule_packages/c/SideEffects3.json index a6030975fd..19012b9c33 100644 --- a/rule_packages/c/SideEffects3.json +++ b/rule_packages/c/SideEffects3.json @@ -12,7 +12,7 @@ "precision": "very-high", "severity": "error", "short_name": "UnsequencedSideEffects", - "shared_implementation_short_name": "MemoryOperationsNotSequencedAppropriately_shared", + "shared_implementation_short_name": "MemoryOperationsNotSequencedAppropriately", "tags": [ "correctness" ] diff --git a/rule_packages/c/Statements2.json b/rule_packages/c/Statements2.json index 0c24ff602f..cb616429be 100644 --- a/rule_packages/c/Statements2.json +++ b/rule_packages/c/Statements2.json @@ -33,7 +33,7 @@ "precision": "high", "severity": "recommendation", "short_name": "GotoLabelBlockCondition", - "shared_implementation_short_name": "GotoReferenceALabelInSurroundingBlock_shared", + "shared_implementation_short_name": "GotoReferenceALabelInSurroundingBlock", "tags": [ "maintainability", "readability" diff --git a/rule_packages/c/Statements6.json b/rule_packages/c/Statements6.json index eb0eefb437..8d71f11cfd 100644 --- a/rule_packages/c/Statements6.json +++ b/rule_packages/c/Statements6.json @@ -12,7 +12,7 @@ "precision": "very-high", "severity": "error", "short_name": "GotoStatementUsed", - "shared_implementation_short_name": "GotoStatementShouldNotBeUsed_shared", + "shared_implementation_short_name": "GotoStatementShouldNotBeUsed", "tags": [ "correctness", "security" diff --git a/rule_packages/c/Syntax.json b/rule_packages/c/Syntax.json index 9b4b6e44bd..b8899ccc97 100644 --- a/rule_packages/c/Syntax.json +++ b/rule_packages/c/Syntax.json @@ -53,7 +53,7 @@ "precision": "very-high", "severity": "warning", "short_name": "OctalAndHexadecimalEscapeSequencesNotTerminated", - "shared_implementation_short_name": "NonTerminatedEscapeSequences_shared", + "shared_implementation_short_name": "NonTerminatedEscapeSequences", "tags": [ "maintainability", "readability", @@ -138,7 +138,7 @@ "precision": "very-high", "severity": "recommendation", "short_name": "LowercaseCharacterLUsedInLiteralSuffix", - "shared_implementation_short_name": "LowercaseLStartsInLiteralSuffix_shared", + "shared_implementation_short_name": "LowercaseLStartsInLiteralSuffix", "tags": [ "maintainability", "readability" diff --git a/rule_packages/cpp/BannedFunctions.json b/rule_packages/cpp/BannedFunctions.json index c974c3a2d9..8ef93db1a0 100644 --- a/rule_packages/cpp/BannedFunctions.json +++ b/rule_packages/cpp/BannedFunctions.json @@ -189,7 +189,7 @@ "precision": "very-high", "severity": "error", "short_name": "MacroOffsetofUsed", - "shared_implementation_short_name": "MacroOffsetofUsed_shared", + "shared_implementation_short_name": "MacroOffsetofUsed", "tags": [ "security", "scope/single-translation-unit" diff --git a/rule_packages/cpp/BannedLibraries.json b/rule_packages/cpp/BannedLibraries.json index 37b1cf6d2b..fce11b9eca 100644 --- a/rule_packages/cpp/BannedLibraries.json +++ b/rule_packages/cpp/BannedLibraries.json @@ -114,7 +114,7 @@ "precision": "very-high", "severity": "warning", "short_name": "CsignalFunctionsUsed", - "shared_implementation_short_name": "CsignalFunctionsUsed_shared", + "shared_implementation_short_name": "CsignalFunctionsUsed", "tags": [ "maintainability", "correctness", @@ -128,7 +128,7 @@ "precision": "very-high", "severity": "warning", "short_name": "CsignalTypesUsed", - "shared_implementation_short_name": "CsignalTypesUsed_shared", + "shared_implementation_short_name": "CsignalTypesUsed", "tags": [ "maintainability", "correctness", @@ -179,7 +179,7 @@ "precision": "very-high", "severity": "warning", "short_name": "CstdioFunctionsUsed", - "shared_implementation_short_name": "CstdioFunctionsUsed_shared", + "shared_implementation_short_name": "CstdioFunctionsUsed", "tags": [ "maintainability", "correctness", @@ -193,7 +193,7 @@ "precision": "very-high", "severity": "warning", "short_name": "CstdioMacrosUsed", - "shared_implementation_short_name": "CstdioMacrosUsed_shared", + "shared_implementation_short_name": "CstdioMacrosUsed", "tags": [ "maintainability", "correctness", @@ -207,7 +207,7 @@ "precision": "very-high", "severity": "warning", "short_name": "CstdioTypesUsed", - "shared_implementation_short_name": "CstdioTypesUsed_shared", + "shared_implementation_short_name": "CstdioTypesUsed", "tags": [ "maintainability", "correctness", diff --git a/rule_packages/cpp/BannedSyntax.json b/rule_packages/cpp/BannedSyntax.json index d65fa65e67..8e307c02db 100644 --- a/rule_packages/cpp/BannedSyntax.json +++ b/rule_packages/cpp/BannedSyntax.json @@ -169,7 +169,7 @@ "precision": "very-high", "severity": "error", "short_name": "ReinterpretCastUsed", - "shared_implementation_short_name": "ReinterpretCastUsed_shared", + "shared_implementation_short_name": "ReinterpretCastUsed", "tags": [ "correctness", "security", @@ -195,7 +195,7 @@ "precision": "very-high", "severity": "error", "short_name": "GotoStatementUsed", - "shared_implementation_short_name": "GotoStatementShouldNotBeUsed_shared", + "shared_implementation_short_name": "GotoStatementShouldNotBeUsed", "tags": [ "correctness", "security", @@ -268,7 +268,7 @@ "name": "The asm declaration shall not be used", "precision": "very-high", "severity": "error", - "shared_implementation_short_name": "AsmDeclarationUsed_shared", + "shared_implementation_short_name": "AsmDeclarationUsed", "short_name": "AsmDeclarationUsed", "tags": [ "correctness", diff --git a/rule_packages/cpp/BannedTypes.json b/rule_packages/cpp/BannedTypes.json index 3f94b9c85b..e84399b928 100644 --- a/rule_packages/cpp/BannedTypes.json +++ b/rule_packages/cpp/BannedTypes.json @@ -41,7 +41,7 @@ "precision": "very-high", "severity": "warning", "short_name": "VectorboolSpecializationUsed", - "shared_implementation_short_name": "VectorShouldNotBeSpecializedWithBool_shared", + "shared_implementation_short_name": "VectorShouldNotBeSpecializedWithBool", "tags": [ "correctness", "scope/single-translation-unit" diff --git a/rule_packages/cpp/Comments.json b/rule_packages/cpp/Comments.json index b27832f6c2..2421bec52f 100644 --- a/rule_packages/cpp/Comments.json +++ b/rule_packages/cpp/Comments.json @@ -16,7 +16,7 @@ "precision": "very-high", "severity": "warning", "short_name": "SingleLineCommentEndsWithSlash", - "shared_implementation_short_name": "LineSplicingUsedInComments_shared", + "shared_implementation_short_name": "LineSplicingUsedInComments", "tags": [ "correctness", "readability", @@ -95,7 +95,7 @@ "precision": "very-high", "severity": "warning", "short_name": "SlashStarUsedWithinACStyleComment", - "shared_implementation_short_name": "CharacterSequenceUsedWithinACStyleComment_shared", + "shared_implementation_short_name": "CharacterSequenceUsedWithinACStyleComment", "tags": [ "maintainability", "readability", diff --git a/rule_packages/cpp/Conditionals.json b/rule_packages/cpp/Conditionals.json index 022c1898c0..584df19420 100644 --- a/rule_packages/cpp/Conditionals.json +++ b/rule_packages/cpp/Conditionals.json @@ -78,7 +78,7 @@ "precision": "very-high", "severity": "recommendation", "short_name": "SwitchCompoundCondition", - "shared_implementation_short_name": "SwitchCompoundCondition_shared", + "shared_implementation_short_name": "SwitchCompoundCondition", "tags": [ "maintainability", "readability" @@ -91,7 +91,7 @@ "precision": "very-high", "severity": "recommendation", "short_name": "LoopCompoundCondition", - "shared_implementation_short_name": "LoopCompoundCondition_shared", + "shared_implementation_short_name": "LoopCompoundCondition", "tags": [ "maintainability", "readability" diff --git a/rule_packages/cpp/Declarations.json b/rule_packages/cpp/Declarations.json index d64f072751..a5b8ebeec3 100644 --- a/rule_packages/cpp/Declarations.json +++ b/rule_packages/cpp/Declarations.json @@ -50,7 +50,7 @@ "precision": "very-high", "severity": "error", "short_name": "GlobalSizedOperatorDeleteNotDefined", - "shared_implementation_short_name": "GlobalSizedOperatorDeleteNotDefined_shared", + "shared_implementation_short_name": "GlobalSizedOperatorDeleteNotDefined", "tags": [ "maintainability" ] @@ -62,7 +62,7 @@ "precision": "very-high", "severity": "error", "short_name": "GlobalUnsizedOperatorDeleteNotDefined", - "shared_implementation_short_name": "GlobalUnsizedOperatorDeleteNotDefined_shared", + "shared_implementation_short_name": "GlobalUnsizedOperatorDeleteNotDefined", "tags": [ "maintainability" ] @@ -218,7 +218,7 @@ "precision": "very-high", "severity": "recommendation", "short_name": "EnumerationUnderlyingBaseTypeNotExplicitlyDefined", - "shared_implementation_short_name": "EnumerationNotDefinedWithAnExplicitUnderlyingType_shared", + "shared_implementation_short_name": "EnumerationNotDefinedWithAnExplicitUnderlyingType", "tags": [ "readability", "maintainability" diff --git a/rule_packages/cpp/Exceptions1.json b/rule_packages/cpp/Exceptions1.json index 45109d9178..23b37778db 100644 --- a/rule_packages/cpp/Exceptions1.json +++ b/rule_packages/cpp/Exceptions1.json @@ -90,7 +90,7 @@ "precision": "very-high", "severity": "error", "short_name": "PointerExceptionObject", - "shared_implementation_short_name": "ExceptionObjectHavePointerType_shared", + "shared_implementation_short_name": "ExceptionObjectHavePointerType", "tags": [ "correctness" ] @@ -225,7 +225,7 @@ "severity": "error", "kind": "path-problem", "short_name": "NoExceptFunctionThrows", - "shared_implementation_short_name": "NoexceptFunctionShouldNotPropagateToTheCaller_shared", + "shared_implementation_short_name": "NoexceptFunctionShouldNotPropagateToTheCaller", "tags": [ "correctness" ] @@ -430,7 +430,7 @@ "precision": "very-high", "severity": "error", "short_name": "EmptyThrowOutsideCatch", - "shared_implementation_short_name": "EmptyThrowOnlyWithinACatchHandler_shared", + "shared_implementation_short_name": "EmptyThrowOnlyWithinACatchHandler", "tags": [ "correctness" ] diff --git a/rule_packages/cpp/Functions.json b/rule_packages/cpp/Functions.json index 2d72fd08df..367ab67437 100644 --- a/rule_packages/cpp/Functions.json +++ b/rule_packages/cpp/Functions.json @@ -87,7 +87,7 @@ "precision": "very-high", "severity": "error", "short_name": "RecursiveFunctions", - "shared_implementation_short_name": "FunctionsCallThemselvesEitherDirectlyOrIndirectly_shared", + "shared_implementation_short_name": "FunctionsCallThemselvesEitherDirectlyOrIndirectly", "tags": [ "correctness", "maintainability" @@ -233,7 +233,7 @@ "precision": "very-high", "severity": "error", "short_name": "FunctionReturnAutomaticVarCondition", - "shared_implementation_short_name": "ReturnReferenceOrPointerToAutomaticLocalVariable_shared", + "shared_implementation_short_name": "ReturnReferenceOrPointerToAutomaticLocalVariable", "tags": [ "correctness", "security" diff --git a/rule_packages/cpp/ImportMisra23.json b/rule_packages/cpp/ImportMisra23.json index 33f437d6b1..96bab2e25f 100644 --- a/rule_packages/cpp/ImportMisra23.json +++ b/rule_packages/cpp/ImportMisra23.json @@ -538,7 +538,7 @@ "precision": "very-high", "severity": "error", "short_name": "CopyAndMoveAssignmentsShallHandleSelfAssignment", - "shared_implementation_short_name": "CopyAndMoveAssignmentsShallHandleSelfAssignment_shared", + "shared_implementation_short_name": "CopyAndMoveAssignmentsShallHandleSelfAssignment", "tags": [] } ], @@ -557,7 +557,7 @@ "precision": "very-high", "severity": "recommendation", "short_name": "UseSingleLocalDeclarators", - "shared_implementation_short_name": "MultipleLocalDeclarators_shared", + "shared_implementation_short_name": "MultipleLocalDeclarators", "tags": [ "readability", "maintainability", @@ -571,7 +571,7 @@ "precision": "medium", "severity": "recommendation", "short_name": "UseSingleGlobalOrMemberDeclarators", - "shared_implementation_short_name": "MultipleGlobalOrMemberDeclarators_shared", + "shared_implementation_short_name": "MultipleGlobalOrMemberDeclarators", "tags": [ "readability", "maintainability", @@ -594,7 +594,7 @@ "precision": "very-high", "severity": "error", "short_name": "EnumerationNotDefinedWithAnExplicitUnderlyingType", - "shared_implementation_short_name": "EnumerationNotDefinedWithAnExplicitUnderlyingType_shared", + "shared_implementation_short_name": "EnumerationNotDefinedWithAnExplicitUnderlyingType", "tags": [ "scope/single-translation-unit" ] @@ -615,7 +615,7 @@ "precision": "very-high", "severity": "error", "short_name": "AsmDeclarationShallNotBeUsed", - "shared_implementation_short_name": "AsmDeclarationUsed_shared", + "shared_implementation_short_name": "AsmDeclarationUsed", "tags": [ "scope/single-translation-unit" ] @@ -636,7 +636,7 @@ "precision": "very-high", "severity": "error", "short_name": "NonUniqueEnumerationConstant", - "shared_implementation_short_name": "NonUniqueEnumerationConstant_shared", + "shared_implementation_short_name": "NonUniqueEnumerationConstant", "tags": [ "scope/single-translation-unit" ] @@ -657,7 +657,7 @@ "precision": "very-high", "severity": "error", "short_name": "BitFieldShallHaveAnAppropriateType", - "shared_implementation_short_name": "BitFieldShallHaveAnAppropriateType_shared", + "shared_implementation_short_name": "BitFieldShallHaveAnAppropriateType", "tags": [ "scope/single-translation-unit" ] @@ -678,7 +678,7 @@ "precision": "very-high", "severity": "error", "short_name": "SignedIntegerNamedBitFieldHaveALengthOfOneBit", - "shared_implementation_short_name": "NamedBitFieldsWithSignedIntegerType_shared", + "shared_implementation_short_name": "NamedBitFieldsWithSignedIntegerType", "tags": [ "scope/single-translation-unit" ] @@ -699,7 +699,7 @@ "precision": "very-high", "severity": "error", "short_name": "VirtualAndNonVirtualClassInTheHierarchy", - "shared_implementation_short_name": "VirtualAndNonVirtualClassInTheHierarchy_shared", + "shared_implementation_short_name": "VirtualAndNonVirtualClassInTheHierarchy", "tags": [ "scope/single-translation-unit" ] @@ -720,7 +720,7 @@ "precision": "very-high", "severity": "error", "short_name": "OverridingShallSpecifyDifferentDefaultArguments", - "shared_implementation_short_name": "OverridingShallSpecifyDifferentDefaultArguments_shared", + "shared_implementation_short_name": "OverridingShallSpecifyDifferentDefaultArguments", "tags": [ "scope/single-translation-unit" ] @@ -741,7 +741,7 @@ "precision": "very-high", "severity": "error", "short_name": "PotentiallyVirtualPointerOnlyComparesToNullptr", - "shared_implementation_short_name": "PotentiallyVirtualPointerOnlyComparesToNullptr_shared", + "shared_implementation_short_name": "PotentiallyVirtualPointerOnlyComparesToNullptr", "tags": [ "scope/single-translation-unit" ] @@ -762,7 +762,7 @@ "precision": "very-high", "severity": "error", "short_name": "ObjectsDynamicTypeUsedFromConstructorOrDestructor", - "shared_implementation_short_name": "ObjectsDynamicTypeUsedFromConstructorOrDestructor_shared", + "shared_implementation_short_name": "ObjectsDynamicTypeUsedFromConstructorOrDestructor", "tags": [ "scope/system" ] @@ -783,7 +783,7 @@ "precision": "very-high", "severity": "error", "short_name": "InitializeAllVirtualBaseClasses", - "shared_implementation_short_name": "InitializeAllVirtualBaseClasses_shared", + "shared_implementation_short_name": "InitializeAllVirtualBaseClasses", "tags": [ "scope/single-translation-unit" ] @@ -804,7 +804,7 @@ "precision": "very-high", "severity": "error", "short_name": "InitializerListConstructorIsTheOnlyConstructor", - "shared_implementation_short_name": "InitializerListConstructorIsTheOnlyConstructor_shared", + "shared_implementation_short_name": "InitializerListConstructorIsTheOnlyConstructor", "tags": [ "scope/single-translation-unit" ] @@ -825,7 +825,7 @@ "precision": "very-high", "severity": "error", "short_name": "AddressOfOperatorOverloaded", - "shared_implementation_short_name": "AddressOfOperatorOverloaded_shared", + "shared_implementation_short_name": "AddressOfOperatorOverloaded", "tags": [ "scope/single-translation-unit" ] @@ -846,7 +846,7 @@ "precision": "very-high", "severity": "error", "short_name": "FunctionTemplatesExplicitlySpecialized", - "shared_implementation_short_name": "FunctionTemplatesExplicitlySpecialized_shared", + "shared_implementation_short_name": "FunctionTemplatesExplicitlySpecialized", "tags": [ "scope/single-translation-unit" ] @@ -867,7 +867,7 @@ "precision": "very-high", "severity": "error", "short_name": "ExceptionObjectHavePointerType", - "shared_implementation_short_name": "ExceptionObjectHavePointerType_shared", + "shared_implementation_short_name": "ExceptionObjectHavePointerType", "tags": [ "scope/single-translation-unit" ] @@ -888,7 +888,7 @@ "precision": "very-high", "severity": "error", "short_name": "EmptyThrowOnlyWithinACatchHandler", - "shared_implementation_short_name": "EmptyThrowOnlyWithinACatchHandler_shared", + "shared_implementation_short_name": "EmptyThrowOnlyWithinACatchHandler", "tags": [ "scope/single-translation-unit" ] @@ -909,7 +909,7 @@ "precision": "very-high", "severity": "error", "short_name": "NoexceptFunctionShouldNotPropagateToTheCaller", - "shared_implementation_short_name": "NoexceptFunctionShouldNotPropagateToTheCaller_shared", + "shared_implementation_short_name": "NoexceptFunctionShouldNotPropagateToTheCaller", "tags": [ "scope/system" ] @@ -930,7 +930,7 @@ "precision": "very-high", "severity": "error", "short_name": "FunctionLikeMacrosDefined", - "shared_implementation_short_name": "FunctionLikeMacrosDefined_shared", + "shared_implementation_short_name": "FunctionLikeMacrosDefined", "tags": [ "scope/single-translation-unit" ] @@ -951,7 +951,7 @@ "precision": "very-high", "severity": "error", "short_name": "MacroParameterFollowingHash", - "shared_implementation_short_name": "MacroParameterFollowingHash_shared", + "shared_implementation_short_name": "MacroParameterFollowingHash", "tags": [ "scope/single-translation-unit" ] @@ -972,7 +972,7 @@ "precision": "very-high", "severity": "error", "short_name": "AMixedUseMacroArgumentSubjectToExpansion", - "shared_implementation_short_name": "AMixedUseMacroArgumentSubjectToExpansion_shared", + "shared_implementation_short_name": "AMixedUseMacroArgumentSubjectToExpansion", "tags": [ "scope/single-translation-unit" ] @@ -993,7 +993,7 @@ "precision": "very-high", "severity": "warning", "short_name": "CsignalFacilitiesUsed", - "shared_implementation_short_name": "CsignalFunctionsUsed_shared", + "shared_implementation_short_name": "CsignalFunctionsUsed", "tags": [ "maintainability", "correctness", @@ -1007,7 +1007,7 @@ "precision": "very-high", "severity": "warning", "short_name": "CsignalTypesShallNotBeUsed", - "shared_implementation_short_name": "CsignalTypesUsed_shared", + "shared_implementation_short_name": "CsignalTypesUsed", "tags": [ "maintainability", "correctness", @@ -1030,7 +1030,7 @@ "precision": "very-high", "severity": "error", "short_name": "AtofAtoiAtolAndAtollUsed", - "shared_implementation_short_name": "AtofAtoiAtolAndAtollUsed_shared", + "shared_implementation_short_name": "AtofAtoiAtolAndAtollUsed", "tags": [ "scope/single-translation-unit" ] @@ -1051,7 +1051,7 @@ "precision": "very-high", "severity": "error", "short_name": "MacroOffsetofShallNotBeUsed", - "shared_implementation_short_name": "MacroOffsetofUsed_shared", + "shared_implementation_short_name": "MacroOffsetofUsed", "tags": [ "scope/single-translation-unit" ] @@ -1072,7 +1072,7 @@ "precision": "very-high", "severity": "error", "short_name": "GlobalSizedOperatorDeleteShallBeDefined", - "shared_implementation_short_name": "GlobalSizedOperatorDeleteNotDefined_shared", + "shared_implementation_short_name": "GlobalSizedOperatorDeleteNotDefined", "tags": [ "maintainability", "scope/system" @@ -1085,7 +1085,7 @@ "precision": "very-high", "severity": "error", "short_name": "GlobalUnsizedOperatorDeleteShallBeDefined", - "shared_implementation_short_name": "GlobalUnsizedOperatorDeleteNotDefined_shared", + "shared_implementation_short_name": "GlobalUnsizedOperatorDeleteNotDefined", "tags": [ "maintainability", "scope/system" @@ -1107,7 +1107,7 @@ "precision": "very-high", "severity": "error", "short_name": "VectorShouldNotBeSpecializedWithBool", - "shared_implementation_short_name": "VectorShouldNotBeSpecializedWithBool_shared", + "shared_implementation_short_name": "VectorShouldNotBeSpecializedWithBool", "tags": [ "scope/single-translation-unit" ] @@ -1128,7 +1128,7 @@ "precision": "very-high", "severity": "error", "short_name": "ForwardingReferencesAndForwardNotUsedTogether", - "shared_implementation_short_name": "ForwardingReferencesAndForwardNotUsedTogether_shared", + "shared_implementation_short_name": "ForwardingReferencesAndForwardNotUsedTogether", "tags": [ "scope/single-translation-unit" ] @@ -1149,7 +1149,7 @@ "precision": "very-high", "severity": "warning", "short_name": "CstdioFunctionsShallNotBeUsed", - "shared_implementation_short_name": "CstdioFunctionsUsed_shared", + "shared_implementation_short_name": "CstdioFunctionsUsed", "tags": [ "maintainability", "correctness", @@ -1163,7 +1163,7 @@ "precision": "very-high", "severity": "warning", "short_name": "CstdioMacrosShallNotBeUsed", - "shared_implementation_short_name": "CstdioMacrosUsed_shared", + "shared_implementation_short_name": "CstdioMacrosUsed", "tags": [ "maintainability", "correctness", @@ -1177,7 +1177,7 @@ "precision": "very-high", "severity": "warning", "short_name": "CstdioTypesShallNotBeUsed", - "shared_implementation_short_name": "CstdioTypesUsed_shared", + "shared_implementation_short_name": "CstdioTypesUsed", "tags": [ "maintainability", "correctness", @@ -1200,7 +1200,7 @@ "precision": "very-high", "severity": "error", "short_name": "MemoryOperationsNotSequencedAppropriately", - "shared_implementation_short_name": "MemoryOperationsNotSequencedAppropriately_shared", + "shared_implementation_short_name": "MemoryOperationsNotSequencedAppropriately", "tags": [ "scope/system" ] @@ -1221,7 +1221,7 @@ "precision": "very-high", "severity": "error", "short_name": "BackslashCharacterMisuse", - "shared_implementation_short_name": "BackslashCharacterMisuse_shared", + "shared_implementation_short_name": "BackslashCharacterMisuse", "tags": [ "scope/single-translation-unit" ] @@ -1242,7 +1242,7 @@ "precision": "very-high", "severity": "error", "short_name": "NonTerminatedEscapeSequences", - "shared_implementation_short_name": "NonTerminatedEscapeSequences_shared", + "shared_implementation_short_name": "NonTerminatedEscapeSequences", "tags": [ "scope/single-translation-unit" ] @@ -1263,7 +1263,7 @@ "precision": "very-high", "severity": "error", "short_name": "OctalConstantsUsed", - "shared_implementation_short_name": "UseOfNonZeroOctalLiteral_shared", + "shared_implementation_short_name": "UseOfNonZeroOctalLiteral", "tags": [ "scope/single-translation-unit" ] @@ -1284,7 +1284,7 @@ "precision": "very-high", "severity": "error", "short_name": "UnsignedIntegerLiteralsNotAppropriatelySuffixed", - "shared_implementation_short_name": "UnsignedIntegerLiteralsNotAppropriatelySuffixed_shared", + "shared_implementation_short_name": "UnsignedIntegerLiteralsNotAppropriatelySuffixed", "tags": [ "scope/single-translation-unit" ] @@ -1305,7 +1305,7 @@ "precision": "very-high", "severity": "error", "short_name": "LowercaseLStartsInLiteralSuffix", - "shared_implementation_short_name": "LowercaseLStartsInLiteralSuffix_shared", + "shared_implementation_short_name": "LowercaseLStartsInLiteralSuffix", "tags": [ "scope/single-translation-unit" ] @@ -1326,7 +1326,7 @@ "precision": "very-high", "severity": "error", "short_name": "CharacterSequenceUsedWithinACStyleComment", - "shared_implementation_short_name": "CharacterSequenceUsedWithinACStyleComment_shared", + "shared_implementation_short_name": "CharacterSequenceUsedWithinACStyleComment", "tags": [ "scope/single-translation-unit" ] @@ -1347,7 +1347,7 @@ "precision": "very-high", "severity": "error", "short_name": "LineSplicingUsedInComments", - "shared_implementation_short_name": "LineSplicingUsedInComments_shared", + "shared_implementation_short_name": "LineSplicingUsedInComments", "tags": [ "scope/single-translation-unit" ] @@ -1368,7 +1368,7 @@ "precision": "very-high", "severity": "error", "short_name": "GlobalNamespaceDeclarations", - "shared_implementation_short_name": "GlobalNamespaceDeclarations_shared", + "shared_implementation_short_name": "GlobalNamespaceDeclarations", "tags": [ "scope/single-translation-unit" ] @@ -1389,7 +1389,7 @@ "precision": "very-high", "severity": "error", "short_name": "NonGlobalFunctionMain", - "shared_implementation_short_name": "NonGlobalFunctionMain_shared", + "shared_implementation_short_name": "NonGlobalFunctionMain", "tags": [ "scope/single-translation-unit" ] @@ -1410,7 +1410,7 @@ "precision": "very-high", "severity": "error", "short_name": "InheritedNonOverridableMemberFunction", - "shared_implementation_short_name": "HiddenInheritedNonOverridableMemberFunction_shared", + "shared_implementation_short_name": "HiddenInheritedNonOverridableMemberFunction", "tags": [ "correctness", "scope/single-translation-unit" @@ -1423,7 +1423,7 @@ "precision": "very-high", "severity": "error", "short_name": "InheritedOverridableMemberFunction", - "shared_implementation_short_name": "HiddenInheritedOverridableMemberFunction_shared", + "shared_implementation_short_name": "HiddenInheritedOverridableMemberFunction", "tags": [ "correctness", "scope/single-translation-unit" @@ -1436,7 +1436,7 @@ "precision": "very-high", "severity": "error", "short_name": "DefinitionShallBeConsideredForUnqualifiedLookup", - "shared_implementation_short_name": "DefinitionNotConsideredForUnqualifiedLookup_shared", + "shared_implementation_short_name": "DefinitionNotConsideredForUnqualifiedLookup", "tags": [ "correctness", "scope/single-translation-unit" @@ -1458,7 +1458,7 @@ "precision": "very-high", "severity": "warning", "short_name": "NameShallBeReferredUsingAQualifiedIdOrThis", - "shared_implementation_short_name": "NameNotReferredUsingAQualifiedIdOrThis_shared", + "shared_implementation_short_name": "NameNotReferredUsingAQualifiedIdOrThis", "tags": [ "maintainability", "readability", @@ -1472,7 +1472,7 @@ "precision": "very-high", "severity": "warning", "short_name": "NameShallBeReferredUsingAQualifiedIdOrThisAudit", - "shared_implementation_short_name": "NameNotReferredUsingAQualifiedIdOrThisAudit_shared", + "shared_implementation_short_name": "NameNotReferredUsingAQualifiedIdOrThisAudit", "tags": [ "maintainability", "readability", @@ -1495,7 +1495,7 @@ "precision": "very-high", "severity": "error", "short_name": "ReturnReferenceOrPointerToAutomaticLocalVariable", - "shared_implementation_short_name": "ReturnReferenceOrPointerToAutomaticLocalVariable_shared", + "shared_implementation_short_name": "ReturnReferenceOrPointerToAutomaticLocalVariable", "tags": [ "scope/single-translation-unit" ] @@ -1516,7 +1516,7 @@ "precision": "very-high", "severity": "error", "short_name": "NullptrNotTheOnlyFormOfTheNullPointerConstant", - "shared_implementation_short_name": "NullptrNotTheOnlyFormOfTheNullPointerConstant_shared", + "shared_implementation_short_name": "NullptrNotTheOnlyFormOfTheNullPointerConstant", "tags": [ "scope/single-translation-unit" ] @@ -1537,7 +1537,7 @@ "precision": "very-high", "severity": "error", "short_name": "ArrayPassedAsFunctionArgumentDecayToAPointer", - "shared_implementation_short_name": "ArrayPassedAsFunctionArgumentDecayToAPointer_shared", + "shared_implementation_short_name": "ArrayPassedAsFunctionArgumentDecayToAPointer", "tags": [ "scope/single-translation-unit" ] @@ -1558,7 +1558,7 @@ "precision": "very-high", "severity": "error", "short_name": "ResultOfAnAssignmentOperatorShouldNotBeUsed", - "shared_implementation_short_name": "ResultOfAnAssignmentOperatorShouldNotBeUsed_shared", + "shared_implementation_short_name": "ResultOfAnAssignmentOperatorShouldNotBeUsed", "tags": [ "scope/single-translation-unit" ] @@ -1579,7 +1579,7 @@ "precision": "very-high", "severity": "error", "short_name": "FunctionsCallThemselvesEitherDirectlyOrIndirectly", - "shared_implementation_short_name": "FunctionsCallThemselvesEitherDirectlyOrIndirectly_shared", + "shared_implementation_short_name": "FunctionsCallThemselvesEitherDirectlyOrIndirectly", "tags": [ "scope/system" ] @@ -1600,7 +1600,7 @@ "precision": "very-high", "severity": "error", "short_name": "CastsBetweenAPointerToFunctionAndAnyOtherType", - "shared_implementation_short_name": "CastsBetweenAPointerToFunctionAndAnyOtherType_shared", + "shared_implementation_short_name": "CastsBetweenAPointerToFunctionAndAnyOtherType", "tags": [ "scope/single-translation-unit" ] @@ -1621,7 +1621,7 @@ "precision": "very-high", "severity": "error", "short_name": "ReinterpretCastShallNotBeUsed", - "shared_implementation_short_name": "ReinterpretCastUsed_shared", + "shared_implementation_short_name": "ReinterpretCastUsed", "tags": [ "scope/single-translation-unit" ] @@ -1642,7 +1642,7 @@ "precision": "very-high", "severity": "error", "short_name": "UnsignedOperationWithConstantOperandsWraps", - "shared_implementation_short_name": "UnsignedOperationWithConstantOperandsWraps_shared", + "shared_implementation_short_name": "UnsignedOperationWithConstantOperandsWraps", "tags": [ "scope/single-translation-unit" ] @@ -1663,7 +1663,7 @@ "precision": "very-high", "severity": "error", "short_name": "BuiltInUnaryOperatorAppliedToUnsignedExpression", - "shared_implementation_short_name": "BuiltInUnaryOperatorAppliedToUnsignedExpression_shared", + "shared_implementation_short_name": "BuiltInUnaryOperatorAppliedToUnsignedExpression", "tags": [ "scope/single-translation-unit" ] @@ -1684,7 +1684,7 @@ "precision": "very-high", "severity": "recommendation", "short_name": "SwitchBodyCompoundCondition", - "shared_implementation_short_name": "SwitchCompoundCondition_shared", + "shared_implementation_short_name": "SwitchCompoundCondition", "tags": [ "maintainability", "readability", @@ -1698,7 +1698,7 @@ "precision": "very-high", "severity": "recommendation", "short_name": "LoopBodyCompoundCondition", - "shared_implementation_short_name": "LoopCompoundCondition_shared", + "shared_implementation_short_name": "LoopCompoundCondition", "tags": [ "maintainability", "readability", @@ -1721,7 +1721,7 @@ "precision": "very-high", "severity": "error", "short_name": "GotoStatementShouldNotBeUsed", - "shared_implementation_short_name": "GotoStatementShouldNotBeUsed_shared", + "shared_implementation_short_name": "GotoStatementShouldNotBeUsed", "tags": [ "scope/single-translation-unit" ] @@ -1742,7 +1742,7 @@ "precision": "very-high", "severity": "error", "short_name": "GotoReferenceALabelInSurroundingBlock", - "shared_implementation_short_name": "GotoReferenceALabelInSurroundingBlock_shared", + "shared_implementation_short_name": "GotoReferenceALabelInSurroundingBlock", "tags": [ "scope/single-translation-unit" ] diff --git a/rule_packages/cpp/Inheritance.json b/rule_packages/cpp/Inheritance.json index 09c8b89f18..dd0daec513 100644 --- a/rule_packages/cpp/Inheritance.json +++ b/rule_packages/cpp/Inheritance.json @@ -145,7 +145,7 @@ "precision": "very-high", "severity": "warning", "short_name": "AccessibleBaseClassBothVirtualAndNonVirtual", - "shared_implementation_short_name": "VirtualAndNonVirtualClassInTheHierarchy_shared", + "shared_implementation_short_name": "VirtualAndNonVirtualClassInTheHierarchy", "tags": [] } ], @@ -188,7 +188,7 @@ "precision": "very-high", "severity": "error", "short_name": "DynamicTypeOfThisUsedFromConstructorOrDestructor", - "shared_implementation_short_name": "ObjectsDynamicTypeUsedFromConstructorOrDestructor_shared", + "shared_implementation_short_name": "ObjectsDynamicTypeUsedFromConstructorOrDestructor", "tags": [] } ], diff --git a/rule_packages/cpp/Initialization.json b/rule_packages/cpp/Initialization.json index e839b4fd7e..3ca901a865 100644 --- a/rule_packages/cpp/Initialization.json +++ b/rule_packages/cpp/Initialization.json @@ -16,7 +16,7 @@ "precision": "very-high", "severity": "warning", "short_name": "ExplicitConstructorBaseClassInitialization", - "shared_implementation_short_name": "InitializeAllVirtualBaseClasses_shared", + "shared_implementation_short_name": "InitializeAllVirtualBaseClasses", "tags": [ "maintainability", "correctness" @@ -305,7 +305,7 @@ "precision": "very-high", "severity": "recommendation", "short_name": "ConfusingUseOfInitializerListConstructors", - "shared_implementation_short_name": "InitializerListConstructorIsTheOnlyConstructor_shared", + "shared_implementation_short_name": "InitializerListConstructorIsTheOnlyConstructor", "tags": [ "readability", "maintainability" @@ -330,7 +330,7 @@ "precision": "very-high", "severity": "recommendation", "short_name": "MultipleLocalDeclarators", - "shared_implementation_short_name": "MultipleLocalDeclarators_shared", + "shared_implementation_short_name": "MultipleLocalDeclarators", "tags": [ "readability", "maintainability" @@ -343,7 +343,7 @@ "precision": "medium", "severity": "recommendation", "short_name": "MultipleGlobalOrMemberDeclarators", - "shared_implementation_short_name": "MultipleGlobalOrMemberDeclarators_shared", + "shared_implementation_short_name": "MultipleGlobalOrMemberDeclarators", "tags": [ "readability", "maintainability" diff --git a/rule_packages/cpp/Literals.json b/rule_packages/cpp/Literals.json index 6c35af04dc..7721b7dd6a 100644 --- a/rule_packages/cpp/Literals.json +++ b/rule_packages/cpp/Literals.json @@ -39,7 +39,7 @@ "precision": "very-high", "severity": "error", "short_name": "EscapeSequenceOutsideISO", - "shared_implementation_short_name": "BackslashCharacterMisuse_shared", + "shared_implementation_short_name": "BackslashCharacterMisuse", "tags": [ "correctness" ] @@ -86,7 +86,7 @@ "precision": "very-high", "severity": "recommendation", "short_name": "NullPointerConstantNotNullptr", - "shared_implementation_short_name": "NullptrNotTheOnlyFormOfTheNullPointerConstant_shared", + "shared_implementation_short_name": "NullptrNotTheOnlyFormOfTheNullPointerConstant", "tags": [ "readability" ] @@ -134,7 +134,7 @@ "precision": "very-high", "severity": "recommendation", "short_name": "UseOfNonZeroOctalLiteral", - "shared_implementation_short_name": "UseOfNonZeroOctalLiteral_shared", + "shared_implementation_short_name": "UseOfNonZeroOctalLiteral", "tags": [ "readability" ] @@ -169,7 +169,7 @@ "precision": "very-high", "severity": "warning", "short_name": "MissingUSuffix", - "shared_implementation_short_name": "UnsignedIntegerLiteralsNotAppropriatelySuffixed_shared", + "shared_implementation_short_name": "UnsignedIntegerLiteralsNotAppropriatelySuffixed", "tags": [ "correctness", "readability" diff --git a/rule_packages/cpp/MoveForward.json b/rule_packages/cpp/MoveForward.json index 13917fcc30..b7e47116f1 100644 --- a/rule_packages/cpp/MoveForward.json +++ b/rule_packages/cpp/MoveForward.json @@ -40,7 +40,7 @@ "precision": "very-high", "severity": "error", "short_name": "ForwardingValuesToOtherFunctions", - "shared_implementation_short_name": "ForwardingReferencesAndForwardNotUsedTogether_shared", + "shared_implementation_short_name": "ForwardingReferencesAndForwardNotUsedTogether", "tags": [ "correctness" ] diff --git a/rule_packages/cpp/Naming.json b/rule_packages/cpp/Naming.json index 7cf9a97bbf..9e8ff9628a 100644 --- a/rule_packages/cpp/Naming.json +++ b/rule_packages/cpp/Naming.json @@ -314,7 +314,7 @@ "precision": "very-high", "severity": "warning", "short_name": "IdentifierMainUsedForAFunctionOtherThanGlobalMain", - "shared_implementation_short_name": "NonGlobalFunctionMain_shared", + "shared_implementation_short_name": "NonGlobalFunctionMain", "tags": [ "maintainability", "readability" diff --git a/rule_packages/cpp/OperatorInvariants.json b/rule_packages/cpp/OperatorInvariants.json index 68d45942b5..8ba76cd0f7 100644 --- a/rule_packages/cpp/OperatorInvariants.json +++ b/rule_packages/cpp/OperatorInvariants.json @@ -39,7 +39,7 @@ "precision": "very-high", "severity": "error", "short_name": "CopyAssignmentAndAMoveHandleSelfAssignment", - "shared_implementation_short_name": "CopyAndMoveAssignmentsShallHandleSelfAssignment_shared", + "shared_implementation_short_name": "CopyAndMoveAssignmentsShallHandleSelfAssignment", "tags": [ "correctness" ] diff --git a/rule_packages/cpp/Operators.json b/rule_packages/cpp/Operators.json index a04478c3df..e4600769c5 100644 --- a/rule_packages/cpp/Operators.json +++ b/rule_packages/cpp/Operators.json @@ -297,7 +297,7 @@ "precision": "very-high", "severity": "error", "short_name": "UnaryMinusOperatorAppliedToAnUnsignedExpression", - "shared_implementation_short_name": "BuiltInUnaryOperatorAppliedToUnsignedExpression_shared", + "shared_implementation_short_name": "BuiltInUnaryOperatorAppliedToUnsignedExpression", "tags": [] } ], @@ -319,7 +319,7 @@ "precision": "very-high", "severity": "error", "short_name": "UnaryOperatorOverloaded", - "shared_implementation_short_name": "AddressOfOperatorOverloaded_shared", + "shared_implementation_short_name": "AddressOfOperatorOverloaded", "tags": [] } ], diff --git a/rule_packages/cpp/Pointers.json b/rule_packages/cpp/Pointers.json index ad5bb34c44..83b77877d9 100644 --- a/rule_packages/cpp/Pointers.json +++ b/rule_packages/cpp/Pointers.json @@ -87,7 +87,7 @@ "precision": "very-high", "severity": "error", "short_name": "VirtualPointerOnlyComparesToNullptrConstant", - "shared_implementation_short_name": "PotentiallyVirtualPointerOnlyComparesToNullptr_shared", + "shared_implementation_short_name": "PotentiallyVirtualPointerOnlyComparesToNullptr", "tags": [ "correctness" ] @@ -280,7 +280,7 @@ "precision": "very-high", "severity": "warning", "short_name": "IdentifierPassedAsFunctionArgumentDecayToAPointer", - "shared_implementation_short_name": "ArrayPassedAsFunctionArgumentDecayToAPointer_shared", + "shared_implementation_short_name": "ArrayPassedAsFunctionArgumentDecayToAPointer", "tags": [ "correctness" ] @@ -327,7 +327,7 @@ "precision": "very-high", "severity": "error", "short_name": "CastNotConvertPointerToFunction", - "shared_implementation_short_name": "CastsBetweenAPointerToFunctionAndAnyOtherType_shared", + "shared_implementation_short_name": "CastsBetweenAPointerToFunctionAndAnyOtherType", "tags": [ "correctness" ] diff --git a/rule_packages/cpp/Representation.json b/rule_packages/cpp/Representation.json index 8cf6e7a3ed..c87094ea4b 100644 --- a/rule_packages/cpp/Representation.json +++ b/rule_packages/cpp/Representation.json @@ -96,7 +96,7 @@ "precision": "very-high", "severity": "error", "short_name": "NamedBitFieldsWithSignedIntegerTypeShallHaveALengthOfMoreThanOneBit", - "shared_implementation_short_name": "NamedBitFieldsWithSignedIntegerType_shared", + "shared_implementation_short_name": "NamedBitFieldsWithSignedIntegerType", "tags": [ "correctness" ] diff --git a/rule_packages/cpp/Scope.json b/rule_packages/cpp/Scope.json index 665091fdb6..6677b8b81a 100644 --- a/rule_packages/cpp/Scope.json +++ b/rule_packages/cpp/Scope.json @@ -64,7 +64,7 @@ "precision": "very-high", "severity": "error", "short_name": "HiddenInheritedNonOverridableMemberFunction", - "shared_implementation_short_name": "HiddenInheritedNonOverridableMemberFunction_shared", + "shared_implementation_short_name": "HiddenInheritedNonOverridableMemberFunction", "tags": [ "correctness" ] @@ -76,7 +76,7 @@ "precision": "very-high", "severity": "error", "short_name": "HiddenInheritedOverridableMemberFunction", - "shared_implementation_short_name": "HiddenInheritedOverridableMemberFunction_shared", + "shared_implementation_short_name": "HiddenInheritedOverridableMemberFunction", "tags": [ "correctness" ] @@ -88,7 +88,7 @@ "precision": "very-high", "severity": "error", "short_name": "DefinitionNotConsideredForUnqualifiedLookup", - "shared_implementation_short_name": "DefinitionNotConsideredForUnqualifiedLookup_shared", + "shared_implementation_short_name": "DefinitionNotConsideredForUnqualifiedLookup", "tags": [ "correctness" ] @@ -231,7 +231,7 @@ "precision": "very-high", "severity": "warning", "short_name": "GlobalNamespaceMembershipViolation", - "shared_implementation_short_name": "GlobalNamespaceDeclarations_shared", + "shared_implementation_short_name": "GlobalNamespaceDeclarations", "tags": [ "readability" ] diff --git a/rule_packages/cpp/Templates.json b/rule_packages/cpp/Templates.json index 5fd2946f1e..a6520a7780 100644 --- a/rule_packages/cpp/Templates.json +++ b/rule_packages/cpp/Templates.json @@ -112,7 +112,7 @@ "precision": "very-high", "severity": "warning", "short_name": "ExplicitSpecializationsOfFunctionTemplatesUsed", - "shared_implementation_short_name": "FunctionTemplatesExplicitlySpecialized_shared", + "shared_implementation_short_name": "FunctionTemplatesExplicitlySpecialized", "tags": [ "maintainability", "readability" @@ -172,7 +172,7 @@ "precision": "very-high", "severity": "warning", "short_name": "NameNotReferredUsingAQualifiedIdOrThis", - "shared_implementation_short_name": "NameNotReferredUsingAQualifiedIdOrThis_shared", + "shared_implementation_short_name": "NameNotReferredUsingAQualifiedIdOrThis", "tags": [ "maintainability", "readability" @@ -185,7 +185,7 @@ "precision": "very-high", "severity": "warning", "short_name": "NameNotReferredUsingAQualifiedIdOrThisAudit", - "shared_implementation_short_name": "NameNotReferredUsingAQualifiedIdOrThisAudit_shared", + "shared_implementation_short_name": "NameNotReferredUsingAQualifiedIdOrThisAudit", "tags": [ "maintainability", "readability" diff --git a/rule_packages/cpp/VirtualFunctions.json b/rule_packages/cpp/VirtualFunctions.json index 79a286aa2c..692705e8d4 100644 --- a/rule_packages/cpp/VirtualFunctions.json +++ b/rule_packages/cpp/VirtualFunctions.json @@ -177,7 +177,7 @@ "precision": "very-high", "severity": "warning", "short_name": "VirtualFunctionParametersUseSameDefaultArguments", - "shared_implementation_short_name": "OverridingShallSpecifyDifferentDefaultArguments_shared", + "shared_implementation_short_name": "OverridingShallSpecifyDifferentDefaultArguments", "tags": [ "correctness" ] diff --git a/scripts/generate_rules/templates/shared_library.ql.template b/scripts/generate_rules/templates/shared_library.ql.template index 24431edcc7..8c6540beee 100644 --- a/scripts/generate_rules/templates/shared_library.ql.template +++ b/scripts/generate_rules/templates/shared_library.ql.template @@ -1,5 +1,6 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library with a `problems` predicate for the following issue: + * {{ description|join('\n * ') }} */ import cpp From 55ffe9a95d5231a5923c8f80eec320058297f5c1 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 24 Jul 2024 22:26:39 +0200 Subject: [PATCH 1886/2573] Fix formatting --- cpp/autosar/src/rules/A15-4-2/NoExceptFunctionThrows.ql | 3 +-- cpp/autosar/src/rules/A18-1-2/VectorboolSpecializationUsed.ql | 3 +-- .../src/rules/M8-0-1/MultipleGlobalOrMemberDeclarators.ql | 3 +-- .../ArrayPassedAsFunctionArgumentDecayToAPointer.qll | 4 +--- .../BuiltInUnaryOperatorAppliedToUnsignedExpression.qll | 4 +--- .../CastsBetweenAPointerToFunctionAndAnyOtherType.qll | 4 +--- .../CopyAndMoveAssignmentsShallHandleSelfAssignment.qll | 4 +--- .../EnumerationNotDefinedWithAnExplicitUnderlyingType.qll | 4 +--- .../ForwardingReferencesAndForwardNotUsedTogether.qll | 4 +--- .../FunctionsCallThemselvesEitherDirectlyOrIndirectly.qll | 4 +--- .../InitializerListConstructorIsTheOnlyConstructor.qll | 4 +--- .../NoexceptFunctionShouldNotPropagateToTheCaller.qll | 4 +--- .../NullptrNotTheOnlyFormOfTheNullPointerConstant.qll | 4 +--- .../ObjectsDynamicTypeUsedFromConstructorOrDestructor.qll | 4 +--- .../OverridingShallSpecifyDifferentDefaultArguments.qll | 4 +--- .../PotentiallyVirtualPointerOnlyComparesToNullptr.qll | 4 +--- .../ReturnReferenceOrPointerToAutomaticLocalVariable.qll | 4 +--- .../UnsignedIntegerLiteralsNotAppropriatelySuffixed.qll | 4 +--- .../rules/RULE-10-0-1/UseSingleGlobalOrMemberDeclarators.ql | 3 +-- .../rules/RULE-12-2-2/BitFieldShallHaveAnAppropriateType.ql | 3 +-- .../src/rules/RULE-15-1-2/InitializeAllVirtualBaseClasses.ql | 3 +-- .../rules/RULE-18-1-2/EmptyThrowOnlyWithinACatchHandler.ql | 3 +-- .../src/rules/RULE-5-13-5/LowercaseLStartsInLiteralSuffix.ql | 3 +-- 23 files changed, 23 insertions(+), 61 deletions(-) diff --git a/cpp/autosar/src/rules/A15-4-2/NoExceptFunctionThrows.ql b/cpp/autosar/src/rules/A15-4-2/NoExceptFunctionThrows.ql index 56494147f4..169b5fc8f3 100644 --- a/cpp/autosar/src/rules/A15-4-2/NoExceptFunctionThrows.ql +++ b/cpp/autosar/src/rules/A15-4-2/NoExceptFunctionThrows.ql @@ -17,7 +17,6 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.noexceptfunctionshouldnotpropagatetothecaller.NoexceptFunctionShouldNotPropagateToTheCaller -class NoExceptFunctionThrowsQuery extends NoexceptFunctionShouldNotPropagateToTheCallerSharedQuery -{ +class NoExceptFunctionThrowsQuery extends NoexceptFunctionShouldNotPropagateToTheCallerSharedQuery { NoExceptFunctionThrowsQuery() { this = Exceptions1Package::noExceptFunctionThrowsQuery() } } diff --git a/cpp/autosar/src/rules/A18-1-2/VectorboolSpecializationUsed.ql b/cpp/autosar/src/rules/A18-1-2/VectorboolSpecializationUsed.ql index 6c517675f6..5bbe181927 100644 --- a/cpp/autosar/src/rules/A18-1-2/VectorboolSpecializationUsed.ql +++ b/cpp/autosar/src/rules/A18-1-2/VectorboolSpecializationUsed.ql @@ -19,8 +19,7 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.vectorshouldnotbespecializedwithbool.VectorShouldNotBeSpecializedWithBool -class VectorboolSpecializationUsedQuery extends VectorShouldNotBeSpecializedWithBoolSharedQuery -{ +class VectorboolSpecializationUsedQuery extends VectorShouldNotBeSpecializedWithBoolSharedQuery { VectorboolSpecializationUsedQuery() { this = BannedTypesPackage::vectorboolSpecializationUsedQuery() } diff --git a/cpp/autosar/src/rules/M8-0-1/MultipleGlobalOrMemberDeclarators.ql b/cpp/autosar/src/rules/M8-0-1/MultipleGlobalOrMemberDeclarators.ql index c615ae9d55..c152821ab2 100644 --- a/cpp/autosar/src/rules/M8-0-1/MultipleGlobalOrMemberDeclarators.ql +++ b/cpp/autosar/src/rules/M8-0-1/MultipleGlobalOrMemberDeclarators.ql @@ -18,8 +18,7 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.multipleglobalormemberdeclarators.MultipleGlobalOrMemberDeclarators -class MultipleGlobalOrMemberDeclaratorsQuery extends MultipleGlobalOrMemberDeclaratorsSharedQuery -{ +class MultipleGlobalOrMemberDeclaratorsQuery extends MultipleGlobalOrMemberDeclaratorsSharedQuery { MultipleGlobalOrMemberDeclaratorsQuery() { this = InitializationPackage::multipleGlobalOrMemberDeclaratorsQuery() } diff --git a/cpp/common/src/codingstandards/cpp/rules/arraypassedasfunctionargumentdecaytoapointer/ArrayPassedAsFunctionArgumentDecayToAPointer.qll b/cpp/common/src/codingstandards/cpp/rules/arraypassedasfunctionargumentdecaytoapointer/ArrayPassedAsFunctionArgumentDecayToAPointer.qll index 675bb1d85f..b7ec4917bd 100644 --- a/cpp/common/src/codingstandards/cpp/rules/arraypassedasfunctionargumentdecaytoapointer/ArrayPassedAsFunctionArgumentDecayToAPointer.qll +++ b/cpp/common/src/codingstandards/cpp/rules/arraypassedasfunctionargumentdecaytoapointer/ArrayPassedAsFunctionArgumentDecayToAPointer.qll @@ -9,9 +9,7 @@ import codingstandards.cpp.Exclusions abstract class ArrayPassedAsFunctionArgumentDecayToAPointerSharedQuery extends Query { } -Query getQuery() { - result instanceof ArrayPassedAsFunctionArgumentDecayToAPointerSharedQuery -} +Query getQuery() { result instanceof ArrayPassedAsFunctionArgumentDecayToAPointerSharedQuery } predicate arrayToPointerDecay(Access ae, Parameter p) { ( diff --git a/cpp/common/src/codingstandards/cpp/rules/builtinunaryoperatorappliedtounsignedexpression/BuiltInUnaryOperatorAppliedToUnsignedExpression.qll b/cpp/common/src/codingstandards/cpp/rules/builtinunaryoperatorappliedtounsignedexpression/BuiltInUnaryOperatorAppliedToUnsignedExpression.qll index e704617a16..0e516a43ec 100644 --- a/cpp/common/src/codingstandards/cpp/rules/builtinunaryoperatorappliedtounsignedexpression/BuiltInUnaryOperatorAppliedToUnsignedExpression.qll +++ b/cpp/common/src/codingstandards/cpp/rules/builtinunaryoperatorappliedtounsignedexpression/BuiltInUnaryOperatorAppliedToUnsignedExpression.qll @@ -10,9 +10,7 @@ import codingstandards.cpp.Exclusions abstract class BuiltInUnaryOperatorAppliedToUnsignedExpressionSharedQuery extends Query { } -Query getQuery() { - result instanceof BuiltInUnaryOperatorAppliedToUnsignedExpressionSharedQuery -} +Query getQuery() { result instanceof BuiltInUnaryOperatorAppliedToUnsignedExpressionSharedQuery } query predicate problems(Element e, string message) { exists(UnaryMinusExpr ex, IntegralType t | diff --git a/cpp/common/src/codingstandards/cpp/rules/castsbetweenapointertofunctionandanyothertype/CastsBetweenAPointerToFunctionAndAnyOtherType.qll b/cpp/common/src/codingstandards/cpp/rules/castsbetweenapointertofunctionandanyothertype/CastsBetweenAPointerToFunctionAndAnyOtherType.qll index f33531e371..48fa1f0c86 100644 --- a/cpp/common/src/codingstandards/cpp/rules/castsbetweenapointertofunctionandanyothertype/CastsBetweenAPointerToFunctionAndAnyOtherType.qll +++ b/cpp/common/src/codingstandards/cpp/rules/castsbetweenapointertofunctionandanyothertype/CastsBetweenAPointerToFunctionAndAnyOtherType.qll @@ -9,9 +9,7 @@ import codingstandards.cpp.Exclusions abstract class CastsBetweenAPointerToFunctionAndAnyOtherTypeSharedQuery extends Query { } -Query getQuery() { - result instanceof CastsBetweenAPointerToFunctionAndAnyOtherTypeSharedQuery -} +Query getQuery() { result instanceof CastsBetweenAPointerToFunctionAndAnyOtherTypeSharedQuery } query predicate problems(Cast c, string message) { not isExcluded(c, getQuery()) and diff --git a/cpp/common/src/codingstandards/cpp/rules/copyandmoveassignmentsshallhandleselfassignment/CopyAndMoveAssignmentsShallHandleSelfAssignment.qll b/cpp/common/src/codingstandards/cpp/rules/copyandmoveassignmentsshallhandleselfassignment/CopyAndMoveAssignmentsShallHandleSelfAssignment.qll index b11db11100..ae87176517 100644 --- a/cpp/common/src/codingstandards/cpp/rules/copyandmoveassignmentsshallhandleselfassignment/CopyAndMoveAssignmentsShallHandleSelfAssignment.qll +++ b/cpp/common/src/codingstandards/cpp/rules/copyandmoveassignmentsshallhandleselfassignment/CopyAndMoveAssignmentsShallHandleSelfAssignment.qll @@ -11,9 +11,7 @@ import codingstandards.cpp.Operator abstract class CopyAndMoveAssignmentsShallHandleSelfAssignmentSharedQuery extends Query { } -Query getQuery() { - result instanceof CopyAndMoveAssignmentsShallHandleSelfAssignmentSharedQuery -} +Query getQuery() { result instanceof CopyAndMoveAssignmentsShallHandleSelfAssignmentSharedQuery } predicate isUserCopyOrUserMove(Operator o) { o instanceof UserCopyOperator or diff --git a/cpp/common/src/codingstandards/cpp/rules/enumerationnotdefinedwithanexplicitunderlyingtype/EnumerationNotDefinedWithAnExplicitUnderlyingType.qll b/cpp/common/src/codingstandards/cpp/rules/enumerationnotdefinedwithanexplicitunderlyingtype/EnumerationNotDefinedWithAnExplicitUnderlyingType.qll index 44013997fa..d014e7be86 100644 --- a/cpp/common/src/codingstandards/cpp/rules/enumerationnotdefinedwithanexplicitunderlyingtype/EnumerationNotDefinedWithAnExplicitUnderlyingType.qll +++ b/cpp/common/src/codingstandards/cpp/rules/enumerationnotdefinedwithanexplicitunderlyingtype/EnumerationNotDefinedWithAnExplicitUnderlyingType.qll @@ -9,9 +9,7 @@ import codingstandards.cpp.Exclusions abstract class EnumerationNotDefinedWithAnExplicitUnderlyingTypeSharedQuery extends Query { } -Query getQuery() { - result instanceof EnumerationNotDefinedWithAnExplicitUnderlyingTypeSharedQuery -} +Query getQuery() { result instanceof EnumerationNotDefinedWithAnExplicitUnderlyingTypeSharedQuery } query predicate problems(Enum e, string message) { not isExcluded(e, getQuery()) and diff --git a/cpp/common/src/codingstandards/cpp/rules/forwardingreferencesandforwardnotusedtogether/ForwardingReferencesAndForwardNotUsedTogether.qll b/cpp/common/src/codingstandards/cpp/rules/forwardingreferencesandforwardnotusedtogether/ForwardingReferencesAndForwardNotUsedTogether.qll index eb5347816b..960b4ba2b6 100644 --- a/cpp/common/src/codingstandards/cpp/rules/forwardingreferencesandforwardnotusedtogether/ForwardingReferencesAndForwardNotUsedTogether.qll +++ b/cpp/common/src/codingstandards/cpp/rules/forwardingreferencesandforwardnotusedtogether/ForwardingReferencesAndForwardNotUsedTogether.qll @@ -10,9 +10,7 @@ import codingstandards.cpp.standardlibrary.Utility abstract class ForwardingReferencesAndForwardNotUsedTogetherSharedQuery extends Query { } -Query getQuery() { - result instanceof ForwardingReferencesAndForwardNotUsedTogetherSharedQuery -} +Query getQuery() { result instanceof ForwardingReferencesAndForwardNotUsedTogetherSharedQuery } query predicate problems(FunctionCall c, string message, Parameter a, string a_string) { not isExcluded(c, getQuery()) and diff --git a/cpp/common/src/codingstandards/cpp/rules/functionscallthemselveseitherdirectlyorindirectly/FunctionsCallThemselvesEitherDirectlyOrIndirectly.qll b/cpp/common/src/codingstandards/cpp/rules/functionscallthemselveseitherdirectlyorindirectly/FunctionsCallThemselvesEitherDirectlyOrIndirectly.qll index 4b4ec74bbb..87f27c134f 100644 --- a/cpp/common/src/codingstandards/cpp/rules/functionscallthemselveseitherdirectlyorindirectly/FunctionsCallThemselvesEitherDirectlyOrIndirectly.qll +++ b/cpp/common/src/codingstandards/cpp/rules/functionscallthemselveseitherdirectlyorindirectly/FunctionsCallThemselvesEitherDirectlyOrIndirectly.qll @@ -10,9 +10,7 @@ import codingstandards.cpp.Exclusions abstract class FunctionsCallThemselvesEitherDirectlyOrIndirectlySharedQuery extends Query { } -Query getQuery() { - result instanceof FunctionsCallThemselvesEitherDirectlyOrIndirectlySharedQuery -} +Query getQuery() { result instanceof FunctionsCallThemselvesEitherDirectlyOrIndirectlySharedQuery } class RecursiveCall extends FunctionCall { RecursiveCall() { diff --git a/cpp/common/src/codingstandards/cpp/rules/initializerlistconstructoristheonlyconstructor/InitializerListConstructorIsTheOnlyConstructor.qll b/cpp/common/src/codingstandards/cpp/rules/initializerlistconstructoristheonlyconstructor/InitializerListConstructorIsTheOnlyConstructor.qll index c0024b4463..e9579fcfba 100644 --- a/cpp/common/src/codingstandards/cpp/rules/initializerlistconstructoristheonlyconstructor/InitializerListConstructorIsTheOnlyConstructor.qll +++ b/cpp/common/src/codingstandards/cpp/rules/initializerlistconstructoristheonlyconstructor/InitializerListConstructorIsTheOnlyConstructor.qll @@ -10,9 +10,7 @@ import codingstandards.cpp.Exclusions abstract class InitializerListConstructorIsTheOnlyConstructorSharedQuery extends Query { } -Query getQuery() { - result instanceof InitializerListConstructorIsTheOnlyConstructorSharedQuery -} +Query getQuery() { result instanceof InitializerListConstructorIsTheOnlyConstructorSharedQuery } class StdInitializerList extends Class { StdInitializerList() { hasQualifiedName("std", "initializer_list") } diff --git a/cpp/common/src/codingstandards/cpp/rules/noexceptfunctionshouldnotpropagatetothecaller/NoexceptFunctionShouldNotPropagateToTheCaller.qll b/cpp/common/src/codingstandards/cpp/rules/noexceptfunctionshouldnotpropagatetothecaller/NoexceptFunctionShouldNotPropagateToTheCaller.qll index f53c558fa0..bc3b620718 100644 --- a/cpp/common/src/codingstandards/cpp/rules/noexceptfunctionshouldnotpropagatetothecaller/NoexceptFunctionShouldNotPropagateToTheCaller.qll +++ b/cpp/common/src/codingstandards/cpp/rules/noexceptfunctionshouldnotpropagatetothecaller/NoexceptFunctionShouldNotPropagateToTheCaller.qll @@ -13,9 +13,7 @@ import codingstandards.cpp.exceptions.ExceptionSpecifications abstract class NoexceptFunctionShouldNotPropagateToTheCallerSharedQuery extends Query { } -Query getQuery() { - result instanceof NoexceptFunctionShouldNotPropagateToTheCallerSharedQuery -} +Query getQuery() { result instanceof NoexceptFunctionShouldNotPropagateToTheCallerSharedQuery } class NoExceptThrowingFunction extends ExceptionThrowingFunction { NoExceptThrowingFunction() { diff --git a/cpp/common/src/codingstandards/cpp/rules/nullptrnottheonlyformofthenullpointerconstant/NullptrNotTheOnlyFormOfTheNullPointerConstant.qll b/cpp/common/src/codingstandards/cpp/rules/nullptrnottheonlyformofthenullpointerconstant/NullptrNotTheOnlyFormOfTheNullPointerConstant.qll index c997595ac6..2b24aa9410 100644 --- a/cpp/common/src/codingstandards/cpp/rules/nullptrnottheonlyformofthenullpointerconstant/NullptrNotTheOnlyFormOfTheNullPointerConstant.qll +++ b/cpp/common/src/codingstandards/cpp/rules/nullptrnottheonlyformofthenullpointerconstant/NullptrNotTheOnlyFormOfTheNullPointerConstant.qll @@ -10,9 +10,7 @@ import semmle.code.cpp.commons.NULL abstract class NullptrNotTheOnlyFormOfTheNullPointerConstantSharedQuery extends Query { } -Query getQuery() { - result instanceof NullptrNotTheOnlyFormOfTheNullPointerConstantSharedQuery -} +Query getQuery() { result instanceof NullptrNotTheOnlyFormOfTheNullPointerConstantSharedQuery } query predicate problems(Literal l, string message) { not isExcluded(l, getQuery()) and // Not the type of the nullptr literal diff --git a/cpp/common/src/codingstandards/cpp/rules/objectsdynamictypeusedfromconstructorordestructor/ObjectsDynamicTypeUsedFromConstructorOrDestructor.qll b/cpp/common/src/codingstandards/cpp/rules/objectsdynamictypeusedfromconstructorordestructor/ObjectsDynamicTypeUsedFromConstructorOrDestructor.qll index 6bb9590d33..1303646ef5 100644 --- a/cpp/common/src/codingstandards/cpp/rules/objectsdynamictypeusedfromconstructorordestructor/ObjectsDynamicTypeUsedFromConstructorOrDestructor.qll +++ b/cpp/common/src/codingstandards/cpp/rules/objectsdynamictypeusedfromconstructorordestructor/ObjectsDynamicTypeUsedFromConstructorOrDestructor.qll @@ -10,9 +10,7 @@ import codingstandards.cpp.Exclusions abstract class ObjectsDynamicTypeUsedFromConstructorOrDestructorSharedQuery extends Query { } -Query getQuery() { - result instanceof ObjectsDynamicTypeUsedFromConstructorOrDestructorSharedQuery -} +Query getQuery() { result instanceof ObjectsDynamicTypeUsedFromConstructorOrDestructorSharedQuery } predicate thisCall(FunctionCall c) { c.getQualifier() instanceof ThisExpr or diff --git a/cpp/common/src/codingstandards/cpp/rules/overridingshallspecifydifferentdefaultarguments/OverridingShallSpecifyDifferentDefaultArguments.qll b/cpp/common/src/codingstandards/cpp/rules/overridingshallspecifydifferentdefaultarguments/OverridingShallSpecifyDifferentDefaultArguments.qll index d4a85cbaac..acfa177561 100644 --- a/cpp/common/src/codingstandards/cpp/rules/overridingshallspecifydifferentdefaultarguments/OverridingShallSpecifyDifferentDefaultArguments.qll +++ b/cpp/common/src/codingstandards/cpp/rules/overridingshallspecifydifferentdefaultarguments/OverridingShallSpecifyDifferentDefaultArguments.qll @@ -10,9 +10,7 @@ import codingstandards.cpp.Exclusions abstract class OverridingShallSpecifyDifferentDefaultArgumentsSharedQuery extends Query { } -Query getQuery() { - result instanceof OverridingShallSpecifyDifferentDefaultArgumentsSharedQuery -} +Query getQuery() { result instanceof OverridingShallSpecifyDifferentDefaultArgumentsSharedQuery } query predicate problems(VirtualFunction f2, string message, VirtualFunction f1, string f1_string) { not isExcluded(f2, getQuery()) and diff --git a/cpp/common/src/codingstandards/cpp/rules/potentiallyvirtualpointeronlycomparestonullptr/PotentiallyVirtualPointerOnlyComparesToNullptr.qll b/cpp/common/src/codingstandards/cpp/rules/potentiallyvirtualpointeronlycomparestonullptr/PotentiallyVirtualPointerOnlyComparesToNullptr.qll index 12d9a297b9..667480a43a 100644 --- a/cpp/common/src/codingstandards/cpp/rules/potentiallyvirtualpointeronlycomparestonullptr/PotentiallyVirtualPointerOnlyComparesToNullptr.qll +++ b/cpp/common/src/codingstandards/cpp/rules/potentiallyvirtualpointeronlycomparestonullptr/PotentiallyVirtualPointerOnlyComparesToNullptr.qll @@ -10,9 +10,7 @@ import codingstandards.cpp.Exclusions abstract class PotentiallyVirtualPointerOnlyComparesToNullptrSharedQuery extends Query { } -Query getQuery() { - result instanceof PotentiallyVirtualPointerOnlyComparesToNullptrSharedQuery -} +Query getQuery() { result instanceof PotentiallyVirtualPointerOnlyComparesToNullptrSharedQuery } query predicate problems( EqualityOperation equalityComparison, string message, MemberFunction virtualFunction, diff --git a/cpp/common/src/codingstandards/cpp/rules/returnreferenceorpointertoautomaticlocalvariable/ReturnReferenceOrPointerToAutomaticLocalVariable.qll b/cpp/common/src/codingstandards/cpp/rules/returnreferenceorpointertoautomaticlocalvariable/ReturnReferenceOrPointerToAutomaticLocalVariable.qll index dce050d9d7..cd623f711c 100644 --- a/cpp/common/src/codingstandards/cpp/rules/returnreferenceorpointertoautomaticlocalvariable/ReturnReferenceOrPointerToAutomaticLocalVariable.qll +++ b/cpp/common/src/codingstandards/cpp/rules/returnreferenceorpointertoautomaticlocalvariable/ReturnReferenceOrPointerToAutomaticLocalVariable.qll @@ -10,9 +10,7 @@ import codingstandards.cpp.Exclusions abstract class ReturnReferenceOrPointerToAutomaticLocalVariableSharedQuery extends Query { } -Query getQuery() { - result instanceof ReturnReferenceOrPointerToAutomaticLocalVariableSharedQuery -} +Query getQuery() { result instanceof ReturnReferenceOrPointerToAutomaticLocalVariableSharedQuery } query predicate problems( ReturnStmt rs, string message, Function f, string f_string, Variable auto, string auto_string diff --git a/cpp/common/src/codingstandards/cpp/rules/unsignedintegerliteralsnotappropriatelysuffixed/UnsignedIntegerLiteralsNotAppropriatelySuffixed.qll b/cpp/common/src/codingstandards/cpp/rules/unsignedintegerliteralsnotappropriatelysuffixed/UnsignedIntegerLiteralsNotAppropriatelySuffixed.qll index 00745b6f7f..0b9ccb17f1 100644 --- a/cpp/common/src/codingstandards/cpp/rules/unsignedintegerliteralsnotappropriatelysuffixed/UnsignedIntegerLiteralsNotAppropriatelySuffixed.qll +++ b/cpp/common/src/codingstandards/cpp/rules/unsignedintegerliteralsnotappropriatelysuffixed/UnsignedIntegerLiteralsNotAppropriatelySuffixed.qll @@ -10,9 +10,7 @@ import codingstandards.cpp.Cpp14Literal abstract class UnsignedIntegerLiteralsNotAppropriatelySuffixedSharedQuery extends Query { } -Query getQuery() { - result instanceof UnsignedIntegerLiteralsNotAppropriatelySuffixedSharedQuery -} +Query getQuery() { result instanceof UnsignedIntegerLiteralsNotAppropriatelySuffixedSharedQuery } query predicate problems(Cpp14Literal::NumericLiteral nl, string message) { exists(string literalKind | diff --git a/cpp/misra/src/rules/RULE-10-0-1/UseSingleGlobalOrMemberDeclarators.ql b/cpp/misra/src/rules/RULE-10-0-1/UseSingleGlobalOrMemberDeclarators.ql index b7117682e2..ffbc5bacaf 100644 --- a/cpp/misra/src/rules/RULE-10-0-1/UseSingleGlobalOrMemberDeclarators.ql +++ b/cpp/misra/src/rules/RULE-10-0-1/UseSingleGlobalOrMemberDeclarators.ql @@ -17,8 +17,7 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.multipleglobalormemberdeclarators.MultipleGlobalOrMemberDeclarators -class UseSingleGlobalOrMemberDeclaratorsQuery extends MultipleGlobalOrMemberDeclaratorsSharedQuery -{ +class UseSingleGlobalOrMemberDeclaratorsQuery extends MultipleGlobalOrMemberDeclaratorsSharedQuery { UseSingleGlobalOrMemberDeclaratorsQuery() { this = ImportMisra23Package::useSingleGlobalOrMemberDeclaratorsQuery() } diff --git a/cpp/misra/src/rules/RULE-12-2-2/BitFieldShallHaveAnAppropriateType.ql b/cpp/misra/src/rules/RULE-12-2-2/BitFieldShallHaveAnAppropriateType.ql index 7f7df9cda3..f5041252f9 100644 --- a/cpp/misra/src/rules/RULE-12-2-2/BitFieldShallHaveAnAppropriateType.ql +++ b/cpp/misra/src/rules/RULE-12-2-2/BitFieldShallHaveAnAppropriateType.ql @@ -15,8 +15,7 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.bitfieldshallhaveanappropriatetype.BitFieldShallHaveAnAppropriateType -class BitFieldShallHaveAnAppropriateTypeQuery extends BitFieldShallHaveAnAppropriateTypeSharedQuery -{ +class BitFieldShallHaveAnAppropriateTypeQuery extends BitFieldShallHaveAnAppropriateTypeSharedQuery { BitFieldShallHaveAnAppropriateTypeQuery() { this = ImportMisra23Package::bitFieldShallHaveAnAppropriateTypeQuery() } diff --git a/cpp/misra/src/rules/RULE-15-1-2/InitializeAllVirtualBaseClasses.ql b/cpp/misra/src/rules/RULE-15-1-2/InitializeAllVirtualBaseClasses.ql index d128b2422a..3dd7b7e3e2 100644 --- a/cpp/misra/src/rules/RULE-15-1-2/InitializeAllVirtualBaseClasses.ql +++ b/cpp/misra/src/rules/RULE-15-1-2/InitializeAllVirtualBaseClasses.ql @@ -16,8 +16,7 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.initializeallvirtualbaseclasses.InitializeAllVirtualBaseClasses -class InitializeAllVirtualBaseClassesQuery extends InitializeAllVirtualBaseClassesSharedQuery -{ +class InitializeAllVirtualBaseClassesQuery extends InitializeAllVirtualBaseClassesSharedQuery { InitializeAllVirtualBaseClassesQuery() { this = ImportMisra23Package::initializeAllVirtualBaseClassesQuery() } diff --git a/cpp/misra/src/rules/RULE-18-1-2/EmptyThrowOnlyWithinACatchHandler.ql b/cpp/misra/src/rules/RULE-18-1-2/EmptyThrowOnlyWithinACatchHandler.ql index 2bea30cb83..15ca773943 100644 --- a/cpp/misra/src/rules/RULE-18-1-2/EmptyThrowOnlyWithinACatchHandler.ql +++ b/cpp/misra/src/rules/RULE-18-1-2/EmptyThrowOnlyWithinACatchHandler.ql @@ -15,8 +15,7 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.emptythrowonlywithinacatchhandler.EmptyThrowOnlyWithinACatchHandler -class EmptyThrowOnlyWithinACatchHandlerQuery extends EmptyThrowOnlyWithinACatchHandlerSharedQuery -{ +class EmptyThrowOnlyWithinACatchHandlerQuery extends EmptyThrowOnlyWithinACatchHandlerSharedQuery { EmptyThrowOnlyWithinACatchHandlerQuery() { this = ImportMisra23Package::emptyThrowOnlyWithinACatchHandlerQuery() } diff --git a/cpp/misra/src/rules/RULE-5-13-5/LowercaseLStartsInLiteralSuffix.ql b/cpp/misra/src/rules/RULE-5-13-5/LowercaseLStartsInLiteralSuffix.ql index 50e5d7faad..a47c0ded0c 100644 --- a/cpp/misra/src/rules/RULE-5-13-5/LowercaseLStartsInLiteralSuffix.ql +++ b/cpp/misra/src/rules/RULE-5-13-5/LowercaseLStartsInLiteralSuffix.ql @@ -16,8 +16,7 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.lowercaselstartsinliteralsuffix.LowercaseLStartsInLiteralSuffix -class LowercaseLStartsInLiteralSuffixQuery extends LowercaseLStartsInLiteralSuffixSharedQuery -{ +class LowercaseLStartsInLiteralSuffixQuery extends LowercaseLStartsInLiteralSuffixSharedQuery { LowercaseLStartsInLiteralSuffixQuery() { this = ImportMisra23Package::lowercaseLStartsInLiteralSuffixQuery() } From 1492e2a44aa51cc380de4517a9ca0df373d15f88 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 24 Jul 2024 22:29:47 +0200 Subject: [PATCH 1887/2573] Fix formatting --- c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql | 3 +-- .../RULE-20-11/MoreThanOneHashOperatorInMacroDefinition.ql | 3 +-- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql b/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql index 80a9c540c1..b71bb2f1c1 100644 --- a/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql +++ b/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql @@ -15,7 +15,6 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.memoryoperationsnotsequencedappropriately.MemoryOperationsNotSequencedAppropriately -class UnsequencedSideEffectsQuery extends MemoryOperationsNotSequencedAppropriatelySharedQuery -{ +class UnsequencedSideEffectsQuery extends MemoryOperationsNotSequencedAppropriatelySharedQuery { UnsequencedSideEffectsQuery() { this = SideEffects3Package::unsequencedSideEffectsQuery() } } diff --git a/c/misra/src/rules/RULE-20-11/MoreThanOneHashOperatorInMacroDefinition.ql b/c/misra/src/rules/RULE-20-11/MoreThanOneHashOperatorInMacroDefinition.ql index 8717afb4f1..42ea398e14 100644 --- a/c/misra/src/rules/RULE-20-11/MoreThanOneHashOperatorInMacroDefinition.ql +++ b/c/misra/src/rules/RULE-20-11/MoreThanOneHashOperatorInMacroDefinition.ql @@ -15,8 +15,7 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.macroparameterfollowinghash.MacroParameterFollowingHash -class MoreThanOneHashOperatorInMacroDefinitionQuery extends MacroParameterFollowingHashSharedQuery -{ +class MoreThanOneHashOperatorInMacroDefinitionQuery extends MacroParameterFollowingHashSharedQuery { MoreThanOneHashOperatorInMacroDefinitionQuery() { this = Preprocessor2Package::moreThanOneHashOperatorInMacroDefinitionQuery() } From c36bbe7091fe854f28a3fc8f8c22bdac2cde81e0 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 24 Jul 2024 22:55:42 +0200 Subject: [PATCH 1888/2573] Fix import --- .../EnumerationUnderlyingBaseTypeNotExplicitlyDefined.ql | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/src/rules/A7-2-2/EnumerationUnderlyingBaseTypeNotExplicitlyDefined.ql b/cpp/autosar/src/rules/A7-2-2/EnumerationUnderlyingBaseTypeNotExplicitlyDefined.ql index a630b51c00..7499ed65f4 100644 --- a/cpp/autosar/src/rules/A7-2-2/EnumerationUnderlyingBaseTypeNotExplicitlyDefined.ql +++ b/cpp/autosar/src/rules/A7-2-2/EnumerationUnderlyingBaseTypeNotExplicitlyDefined.ql @@ -16,10 +16,10 @@ */ import cpp +import codingstandards.cpp.autosar import codingstandards.cpp.rules.enumerationnotdefinedwithanexplicitunderlyingtype.EnumerationNotDefinedWithAnExplicitUnderlyingType -class EnumerationUnderlyingBaseTypeNotExplicitlyDefinedQuery extends EnumerationNotDefinedWithAnExplicitUnderlyingTypeSharedQuery -{ +class EnumerationUnderlyingBaseTypeNotExplicitlyDefinedQuery extends EnumerationNotDefinedWithAnExplicitUnderlyingTypeSharedQuery { EnumerationUnderlyingBaseTypeNotExplicitlyDefinedQuery() { this = DeclarationsPackage::enumerationUnderlyingBaseTypeNotExplicitlyDefinedQuery() } From c22c060db27b822904c6deb4233e598284cf1f4d Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 24 Jul 2024 23:07:57 +0200 Subject: [PATCH 1889/2573] Fix formatting --- .../EnumerationUnderlyingBaseTypeNotExplicitlyDefined.ql | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/cpp/autosar/src/rules/A7-2-2/EnumerationUnderlyingBaseTypeNotExplicitlyDefined.ql b/cpp/autosar/src/rules/A7-2-2/EnumerationUnderlyingBaseTypeNotExplicitlyDefined.ql index 7499ed65f4..42924945cd 100644 --- a/cpp/autosar/src/rules/A7-2-2/EnumerationUnderlyingBaseTypeNotExplicitlyDefined.ql +++ b/cpp/autosar/src/rules/A7-2-2/EnumerationUnderlyingBaseTypeNotExplicitlyDefined.ql @@ -19,7 +19,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.enumerationnotdefinedwithanexplicitunderlyingtype.EnumerationNotDefinedWithAnExplicitUnderlyingType -class EnumerationUnderlyingBaseTypeNotExplicitlyDefinedQuery extends EnumerationNotDefinedWithAnExplicitUnderlyingTypeSharedQuery { +class EnumerationUnderlyingBaseTypeNotExplicitlyDefinedQuery extends EnumerationNotDefinedWithAnExplicitUnderlyingTypeSharedQuery +{ EnumerationUnderlyingBaseTypeNotExplicitlyDefinedQuery() { this = DeclarationsPackage::enumerationUnderlyingBaseTypeNotExplicitlyDefinedQuery() } From 1de5223159e72821e9d5a8eb4215cf00b372d217 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 24 Jul 2024 22:26:49 +0100 Subject: [PATCH 1890/2573] Remove extra line --- cpp/autosar/test/rules/A3-1-5/test.cpp | 1 - 1 file changed, 1 deletion(-) diff --git a/cpp/autosar/test/rules/A3-1-5/test.cpp b/cpp/autosar/test/rules/A3-1-5/test.cpp index 0bff554785..1b2898bf63 100644 --- a/cpp/autosar/test/rules/A3-1-5/test.cpp +++ b/cpp/autosar/test/rules/A3-1-5/test.cpp @@ -172,7 +172,6 @@ void test_FooBar() { foobar.complexCalculation(); } - FooBar::~FooBar() {} // COMPLIANT want to ignore pImpl uses of destructors int FooBar::f1(int a, int b) { // COMPLIANT not a trivial function From 52c7e45ccf8efcb8459cbeb7be779e591e4c3c87 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 24 Jul 2024 22:30:25 +0100 Subject: [PATCH 1891/2573] Remove A3-1-5 deleted query --- .../cpp/exclusions/cpp/Classes.qll | 17 ----------------- rule_packages/cpp/Classes.json | 9 --------- 2 files changed, 26 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Classes.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Classes.qll index 92c7a4280e..3daf48c696 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Classes.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Classes.qll @@ -13,7 +13,6 @@ newtype ClassesQuery = TClassDataMembersInitializationConditionQuery() or TRedundantMemberFunctionsShouldBeDefaultedOrLeftUndefinedQuery() or TNonTemplateMemberDefinedInTemplateQuery() or - TTrivialOrTemplateFunctionDefinedOutsideClassDefinitionQuery() or TNonTrivialNonTemplateFunctionDefinedInsideClassDefinitionQuery() or TInParametersForNotCheapToCopyTypesNotPassedByReferenceQuery() or TInParametersForCheapToCopyTypesNotPassedByValueQuery() or @@ -105,15 +104,6 @@ predicate isClassesQueryMetadata(Query query, string queryId, string ruleId, str ruleId = "A14-5-2" and category = "advisory" or - query = - // `Query` instance for the `trivialOrTemplateFunctionDefinedOutsideClassDefinition` query - ClassesPackage::trivialOrTemplateFunctionDefinedOutsideClassDefinitionQuery() and - queryId = - // `@id` for the `trivialOrTemplateFunctionDefinedOutsideClassDefinition` query - "cpp/autosar/trivial-or-template-function-defined-outside-class-definition" and - ruleId = "A3-1-5" and - category = "required" - or query = // `Query` instance for the `nonTrivialNonTemplateFunctionDefinedInsideClassDefinition` query ClassesPackage::nonTrivialNonTemplateFunctionDefinedInsideClassDefinitionQuery() and @@ -251,13 +241,6 @@ module ClassesPackage { TQueryCPP(TClassesPackageQuery(TNonTemplateMemberDefinedInTemplateQuery())) } - Query trivialOrTemplateFunctionDefinedOutsideClassDefinitionQuery() { - //autogenerate `Query` type - result = - // `Query` type for `trivialOrTemplateFunctionDefinedOutsideClassDefinition` query - TQueryCPP(TClassesPackageQuery(TTrivialOrTemplateFunctionDefinedOutsideClassDefinitionQuery())) - } - Query nonTrivialNonTemplateFunctionDefinedInsideClassDefinitionQuery() { //autogenerate `Query` type result = diff --git a/rule_packages/cpp/Classes.json b/rule_packages/cpp/Classes.json index 61eab45081..6dd130a55b 100644 --- a/rule_packages/cpp/Classes.json +++ b/rule_packages/cpp/Classes.json @@ -178,15 +178,6 @@ "obligation": "required" }, "queries": [ - { - "description": "A function that is either trivial, a template function, or a member of a template class may not be defined outside of a class body.", - "kind": "problem", - "name": "A function shall be defined with a class body if and only if it is intended to be inlined", - "precision": "very-high", - "severity": "recommendation", - "short_name": "TrivialOrTemplateFunctionDefinedOutsideClassDefinition", - "tags": [] - }, { "description": "A function that is not either trivial, a template function, or a member of a template class may not be defined within a class body.", "kind": "problem", From 099dbb85308413ee319f42df22c6d3f870dee221 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 24 Jul 2024 23:28:04 +0100 Subject: [PATCH 1892/2573] Fix Class.qll formatting. --- cpp/common/src/codingstandards/cpp/Class.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/Class.qll b/cpp/common/src/codingstandards/cpp/Class.qll index 3aa7719fb8..6f730736f9 100644 --- a/cpp/common/src/codingstandards/cpp/Class.qll +++ b/cpp/common/src/codingstandards/cpp/Class.qll @@ -192,7 +192,7 @@ class TrivialMemberFunction extends IntrospectedMemberFunction { */ class TemplateOrTemplateClassMemberFunction extends MemberFunction { TemplateOrTemplateClassMemberFunction() { -( + ( isFromUninstantiatedTemplate(_) or isFromTemplateInstantiation(_) ) and From 743c80d7d04015f715678f8c283e15687b4ca67c Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 25 Jul 2024 12:55:12 +0200 Subject: [PATCH 1893/2573] The implementation of RULE-4-6-1 and RULE-13-2 should not be shared --- .vscode/settings.json | 5 + ...OnOrderOfScalarEvaluationForSideEffects.ql | 1 - .../common/src/codingstandards/c/Expr.qll | 0 .../common/src/codingstandards/c/Ordering.qll | 2 +- .../VariableAccessOrdering.qll | 2 +- ...erationsNotSequencedAppropriately.expected | 6 - ...moryOperationsNotSequencedAppropriately.ql | 4 - ...plicitPrecedenceOfOperatorsInExpression.ql | 2 +- .../rules/RULE-13-2/UnsequencedSideEffects.ql | 234 +++++++++++++++- .../SideEffectAndCrementInFullExpression.ql | 2 +- .../RULE-13-2/UnsequencedSideEffects.expected | 6 + .../RULE-13-2/UnsequencedSideEffects.qlref | 1 + .../RULE-13-2/UnsequencedSideEffects.testref | 1 - .../test/rules/RULE-13-2}/test.c | 4 +- .../cpp/exclusions/cpp/ImportMisra23.qll | 17 -- ...oryOperationsNotSequencedAppropriately.qll | 252 ------------------ ...erationsNotSequencedAppropriately.expected | 6 - ...moryOperationsNotSequencedAppropriately.ql | 4 - .../test.cpp | 39 --- ...moryOperationsNotSequencedAppropriately.ql | 23 -- ...perationsNotSequencedAppropriately.testref | 1 - rule_packages/c/SideEffects3.json | 1 - rule_packages/cpp/ImportMisra23.json | 21 -- rules.csv | 2 +- 24 files changed, 249 insertions(+), 387 deletions(-) create mode 100644 .vscode/settings.json rename cpp/common/src/codingstandards/cpp/CExpr.qll => c/common/src/codingstandards/c/Expr.qll (100%) rename cpp/common/src/codingstandards/cpp/COrdering.qll => c/common/src/codingstandards/c/Ordering.qll (99%) delete mode 100644 c/common/test/rules/memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.expected delete mode 100644 c/common/test/rules/memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.ql create mode 100644 c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.expected create mode 100644 c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.qlref delete mode 100644 c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.testref rename c/{common/test/rules/memoryoperationsnotsequencedappropriately => misra/test/rules/RULE-13-2}/test.c (86%) delete mode 100644 cpp/common/src/codingstandards/cpp/rules/memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.qll delete mode 100644 cpp/common/test/rules/memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.expected delete mode 100644 cpp/common/test/rules/memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.ql delete mode 100644 cpp/common/test/rules/memoryoperationsnotsequencedappropriately/test.cpp delete mode 100644 cpp/misra/src/rules/RULE-4-6-1/MemoryOperationsNotSequencedAppropriately.ql delete mode 100644 cpp/misra/test/rules/RULE-4-6-1/MemoryOperationsNotSequencedAppropriately.testref diff --git a/.vscode/settings.json b/.vscode/settings.json new file mode 100644 index 0000000000..30ba3d548b --- /dev/null +++ b/.vscode/settings.json @@ -0,0 +1,5 @@ +{ + "codeQL.cli.executablePath": "/Users/mauro/Desktop/CodeQL/bundles/codeql-2.14.6/codeql", + "codeQL.runningQueries.numberOfThreads": 0, + "codeQL.runningTests.numberOfThreads": 0 +} \ No newline at end of file diff --git a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects.ql b/c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects.ql index ff616277cd..862f00e822 100644 --- a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects.ql +++ b/c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects.ql @@ -14,7 +14,6 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.SideEffect -import codingstandards.cpp.COrdering import codingstandards.c.orderofevaluation.VariableAccessOrdering from diff --git a/cpp/common/src/codingstandards/cpp/CExpr.qll b/c/common/src/codingstandards/c/Expr.qll similarity index 100% rename from cpp/common/src/codingstandards/cpp/CExpr.qll rename to c/common/src/codingstandards/c/Expr.qll diff --git a/cpp/common/src/codingstandards/cpp/COrdering.qll b/c/common/src/codingstandards/c/Ordering.qll similarity index 99% rename from cpp/common/src/codingstandards/cpp/COrdering.qll rename to c/common/src/codingstandards/c/Ordering.qll index be8254aae9..575dc6f3fd 100644 --- a/cpp/common/src/codingstandards/cpp/COrdering.qll +++ b/c/common/src/codingstandards/c/Ordering.qll @@ -1,6 +1,6 @@ import cpp import codingstandards.cpp.SideEffect -import codingstandards.cpp.CExpr +import codingstandards.c.Expr import codingstandards.cpp.Variable module Ordering { diff --git a/c/common/src/codingstandards/c/orderofevaluation/VariableAccessOrdering.qll b/c/common/src/codingstandards/c/orderofevaluation/VariableAccessOrdering.qll index 6293a67d32..4c041e8e4c 100644 --- a/c/common/src/codingstandards/c/orderofevaluation/VariableAccessOrdering.qll +++ b/c/common/src/codingstandards/c/orderofevaluation/VariableAccessOrdering.qll @@ -1,5 +1,5 @@ import cpp -import codingstandards.cpp.COrdering +import codingstandards.c.Ordering class VariableAccessInFullExpressionOrdering extends Ordering::Configuration { VariableAccessInFullExpressionOrdering() { this = "VariableAccessInFullExpressionOrdering" } diff --git a/c/common/test/rules/memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.expected b/c/common/test/rules/memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.expected deleted file mode 100644 index 4ea36edc69..0000000000 --- a/c/common/test/rules/memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.expected +++ /dev/null @@ -1,6 +0,0 @@ -| test.c:8:12:8:18 | ... + ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:8:12:8:13 | l1 | side effect | test.c:8:17:8:18 | l1 | side effect | test.c:8:12:8:13 | l1 | l1 | test.c:8:17:8:18 | l1 | l1 | -| test.c:9:12:9:18 | ... + ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:9:12:9:13 | l1 | side effect | test.c:9:17:9:18 | l2 | side effect | test.c:9:12:9:13 | l1 | l1 | test.c:9:17:9:18 | l2 | l2 | -| test.c:19:3:19:21 | ... = ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:19:8:19:9 | l1 | side effect | test.c:19:13:19:14 | l1 | side effect | test.c:19:8:19:9 | l1 | l1 | test.c:19:13:19:14 | l1 | l1 | -| test.c:21:3:21:5 | call to foo | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:21:7:21:8 | l1 | side effect | test.c:21:11:21:12 | l2 | side effect | test.c:21:7:21:8 | l1 | l1 | test.c:21:11:21:12 | l2 | l2 | -| test.c:27:3:27:5 | call to foo | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:27:7:27:10 | ... ++ | side effect | test.c:27:13:27:14 | l8 | read | test.c:27:7:27:8 | l8 | l8 | test.c:27:13:27:14 | l8 | l8 | -| test.c:37:5:37:13 | ... = ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:37:10:37:12 | ... ++ | side effect | test.c:37:10:37:12 | ... ++ | side effect | test.c:37:10:37:10 | i | i | test.c:37:10:37:10 | i | i | diff --git a/c/common/test/rules/memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.ql b/c/common/test/rules/memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.ql deleted file mode 100644 index 63351377f0..0000000000 --- a/c/common/test/rules/memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.memoryoperationsnotsequencedappropriately.MemoryOperationsNotSequencedAppropriately - -class TestFileQuery extends MemoryOperationsNotSequencedAppropriatelySharedQuery, TestQuery { } diff --git a/c/misra/src/rules/RULE-12-1/ImplicitPrecedenceOfOperatorsInExpression.ql b/c/misra/src/rules/RULE-12-1/ImplicitPrecedenceOfOperatorsInExpression.ql index 7e9362d62a..005fffa32d 100644 --- a/c/misra/src/rules/RULE-12-1/ImplicitPrecedenceOfOperatorsInExpression.ql +++ b/c/misra/src/rules/RULE-12-1/ImplicitPrecedenceOfOperatorsInExpression.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.CExpr +import codingstandards.c.Expr int getPrecedence(Expr e) { e instanceof PrimaryExpr and result = 16 diff --git a/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql b/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql index b71bb2f1c1..45bf886dd5 100644 --- a/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql +++ b/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql @@ -13,8 +13,236 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.rules.memoryoperationsnotsequencedappropriately.MemoryOperationsNotSequencedAppropriately +import codingstandards.c.Ordering +import codingstandards.cpp.SideEffects -class UnsequencedSideEffectsQuery extends MemoryOperationsNotSequencedAppropriatelySharedQuery { - UnsequencedSideEffectsQuery() { this = SideEffects3Package::unsequencedSideEffectsQuery() } +class VariableEffectOrAccess extends Expr { + VariableEffectOrAccess() { + this instanceof VariableEffect or + this instanceof VariableAccess + } } + +pragma[noinline] +predicate partOfFullExpr(VariableEffectOrAccess e, FullExpr fe) { + ( + exists(VariableEffect ve | e = ve and ve.getAnAccess() = fe.getAChild+() and not ve.isPartial()) + or + e.(VariableAccess) = fe.getAChild+() + ) +} + +class ConstituentExprOrdering extends Ordering::Configuration { + ConstituentExprOrdering() { this = "ConstituentExprOrdering" } + + override predicate isCandidate(Expr e1, Expr e2) { + exists(FullExpr fe | + partOfFullExpr(e1, fe) and + partOfFullExpr(e2, fe) + ) + } +} + +predicate sameFullExpr(FullExpr fe, VariableAccess va1, VariableAccess va2) { + partOfFullExpr(va1, fe) and + partOfFullExpr(va2, fe) and + va1 != va2 and + exists(Variable v1, Variable v2 | + // Use `pragma[only_bind_into]` to prevent CP between variable accesses. + va1.getTarget() = pragma[only_bind_into](v1) and va2.getTarget() = pragma[only_bind_into](v2) + | + v1.isVolatile() and v2.isVolatile() + or + not (v1.isVolatile() and v2.isVolatile()) and + v1 = v2 + ) +} + +int getLeafCount(LeftRightOperation bop) { + if + not bop.getLeftOperand() instanceof BinaryOperation and + not bop.getRightOperand() instanceof BinaryOperation + then result = 2 + else + if + bop.getLeftOperand() instanceof BinaryOperation and + not bop.getRightOperand() instanceof BinaryOperation + then result = 1 + getLeafCount(bop.getLeftOperand()) + else + if + not bop.getLeftOperand() instanceof BinaryOperation and + bop.getRightOperand() instanceof BinaryOperation + then result = 1 + getLeafCount(bop.getRightOperand()) + else result = getLeafCount(bop.getLeftOperand()) + getLeafCount(bop.getRightOperand()) +} + +class LeftRightOperation extends Expr { + LeftRightOperation() { + this instanceof BinaryOperation or + this instanceof AssignOperation or + this instanceof AssignExpr + } + + Expr getLeftOperand() { + result = this.(BinaryOperation).getLeftOperand() + or + result = this.(AssignOperation).getLValue() + or + result = this.(AssignExpr).getLValue() + } + + Expr getRightOperand() { + result = this.(BinaryOperation).getRightOperand() + or + result = this.(AssignOperation).getRValue() + or + result = this.(AssignExpr).getRValue() + } + + Expr getAnOperand() { + result = getLeftOperand() or + result = getRightOperand() + } +} + +int getOperandIndexIn(FullExpr fullExpr, Expr operand) { + result = getOperandIndex(fullExpr, operand) + or + fullExpr.(Call).getArgument(result).getAChild*() = operand +} + +int getOperandIndex(LeftRightOperation binop, Expr operand) { + if operand = binop.getAnOperand() + then + operand = binop.getLeftOperand() and + result = 0 + or + operand = binop.getRightOperand() and + result = getLeafCount(binop.getLeftOperand()) + 1 + or + operand = binop.getRightOperand() and + not binop.getLeftOperand() instanceof LeftRightOperation and + result = 1 + else ( + // Child of left operand that is a binary operation. + result = getOperandIndex(binop.getLeftOperand(), operand) + or + // Child of left operand that is not a binary operation. + result = 0 and + not binop.getLeftOperand() instanceof LeftRightOperation and + binop.getLeftOperand().getAChild+() = operand + or + // Child of right operand and both left and right operands are binary operations. + result = + getLeafCount(binop.getLeftOperand()) + getOperandIndex(binop.getRightOperand(), operand) + or + // Child of right operand and left operand is not a binary operation. + result = 1 + getOperandIndex(binop.getRightOperand(), operand) and + not binop.getLeftOperand() instanceof LeftRightOperation + or + // Child of right operand that is not a binary operation and the left operand is a binary operation. + result = getLeafCount(binop.getLeftOperand()) + 1 and + binop.getRightOperand().getAChild+() = operand and + not binop.getRightOperand() instanceof LeftRightOperation + or + // Child of right operand that is not a binary operation and the left operand is not a binary operation. + result = 1 and + not binop.getLeftOperand() instanceof LeftRightOperation and + not binop.getRightOperand() instanceof LeftRightOperation and + binop.getRightOperand().getAChild+() = operand + ) +} + +predicate inConditionalThen(ConditionalExpr ce, Expr e) { + e = ce.getThen() + or + exists(Expr parent | + inConditionalThen(ce, parent) and + parent.getAChild() = e + ) +} + +predicate inConditionalElse(ConditionalExpr ce, Expr e) { + e = ce.getElse() + or + exists(Expr parent | + inConditionalElse(ce, parent) and + parent.getAChild() = e + ) +} + +predicate isUnsequencedEffect( + ConstituentExprOrdering orderingConfig, FullExpr fullExpr, VariableEffect variableEffect1, + VariableAccess va1, VariableAccess va2, Locatable placeHolder, string label +) { + // The two access are scoped to the same full expression. + sameFullExpr(fullExpr, va1, va2) and + // We are only interested in effects that change an object, + // i.e., exclude patterns suchs as `b->data[b->cursor++]` where `b` is considered modified and read or `foo.bar = 1` where `=` modifies to both `foo` and `bar`. + not variableEffect1.isPartial() and + variableEffect1.getAnAccess() = va1 and + ( + exists(VariableEffect variableEffect2 | + not variableEffect2.isPartial() and + variableEffect2.getAnAccess() = va2 and + // If the effect is not local (happens in a different function) we use the call with the access as a proxy. + ( + va1.getEnclosingStmt() = variableEffect1.getEnclosingStmt() and + va2.getEnclosingStmt() = variableEffect2.getEnclosingStmt() and + orderingConfig.isUnsequenced(variableEffect1, variableEffect2) + or + va1.getEnclosingStmt() = variableEffect1.getEnclosingStmt() and + not va2.getEnclosingStmt() = variableEffect2.getEnclosingStmt() and + exists(Call call | + call.getAnArgument() = va2 and call.getEnclosingStmt() = va1.getEnclosingStmt() + | + orderingConfig.isUnsequenced(variableEffect1, call) + ) + or + not va1.getEnclosingStmt() = variableEffect1.getEnclosingStmt() and + va2.getEnclosingStmt() = variableEffect2.getEnclosingStmt() and + exists(Call call | + call.getAnArgument() = va1 and call.getEnclosingStmt() = va2.getEnclosingStmt() + | + orderingConfig.isUnsequenced(call, variableEffect2) + ) + ) and + // Break the symmetry of the ordering relation by requiring that the first expression is located before the second. + // This builds upon the assumption that the expressions are part of the same full expression as specified in the ordering configuration. + getOperandIndexIn(fullExpr, va1) < getOperandIndexIn(fullExpr, va2) and + placeHolder = variableEffect2 and + label = "side effect" + ) + or + placeHolder = va2 and + label = "read" and + not exists(VariableEffect variableEffect2 | variableEffect1 != variableEffect2 | + variableEffect2.getAnAccess() = va2 + ) and + ( + va1.getEnclosingStmt() = variableEffect1.getEnclosingStmt() and + orderingConfig.isUnsequenced(variableEffect1, va2) + or + not va1.getEnclosingStmt() = variableEffect1.getEnclosingStmt() and + exists(Call call | + call.getAnArgument() = va1 and call.getEnclosingStmt() = va2.getEnclosingStmt() + | + orderingConfig.isUnsequenced(call, va2) + ) + ) and + // The read is not used to compute the effect on the variable. + // E.g., exclude x = x + 1 + not variableEffect1.getAChild+() = va2 + ) and + // Both are evaluated + not exists(ConditionalExpr ce | inConditionalThen(ce, va1) and inConditionalElse(ce, va2)) +} + +from + ConstituentExprOrdering orderingConfig, FullExpr fullExpr, VariableEffect variableEffect1, + VariableAccess va1, VariableAccess va2, Locatable placeHolder, string label +where + not isExcluded(fullExpr, SideEffects3Package::unsequencedSideEffectsQuery()) and + isUnsequencedEffect(orderingConfig, fullExpr, variableEffect1, va1, va2, placeHolder, label) +select fullExpr, "The expression contains unsequenced $@ to $@ and $@ to $@.", variableEffect1, + "side effect", va1, va1.getTarget().getName(), placeHolder, label, va2, va2.getTarget().getName() diff --git a/c/misra/src/rules/RULE-13-3/SideEffectAndCrementInFullExpression.ql b/c/misra/src/rules/RULE-13-3/SideEffectAndCrementInFullExpression.ql index c04b9a39ca..4191495b13 100644 --- a/c/misra/src/rules/RULE-13-3/SideEffectAndCrementInFullExpression.ql +++ b/c/misra/src/rules/RULE-13-3/SideEffectAndCrementInFullExpression.ql @@ -15,7 +15,7 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.CExpr +import codingstandards.c.Expr import codingstandards.cpp.SideEffects from FullExpr e, SideEffect se, CrementOperation op diff --git a/c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.expected b/c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.expected new file mode 100644 index 0000000000..75bd8169ba --- /dev/null +++ b/c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.expected @@ -0,0 +1,6 @@ +| test.c:6:12:6:18 | ... + ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:6:12:6:13 | l1 | side effect | test.c:6:12:6:13 | l1 | l1 | test.c:6:17:6:18 | l1 | side effect | test.c:6:17:6:18 | l1 | l1 | +| test.c:7:12:7:18 | ... + ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:7:12:7:13 | l1 | side effect | test.c:7:12:7:13 | l1 | l1 | test.c:7:17:7:18 | l2 | side effect | test.c:7:17:7:18 | l2 | l2 | +| test.c:17:3:17:21 | ... = ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:17:8:17:9 | l1 | side effect | test.c:17:8:17:9 | l1 | l1 | test.c:17:13:17:14 | l1 | side effect | test.c:17:13:17:14 | l1 | l1 | +| test.c:19:3:19:5 | call to foo | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:19:7:19:8 | l1 | side effect | test.c:19:7:19:8 | l1 | l1 | test.c:19:11:19:12 | l2 | side effect | test.c:19:11:19:12 | l2 | l2 | +| test.c:25:3:25:5 | call to foo | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:25:7:25:10 | ... ++ | side effect | test.c:25:7:25:8 | l8 | l8 | test.c:25:13:25:14 | l8 | read | test.c:25:13:25:14 | l8 | l8 | +| test.c:35:5:35:13 | ... = ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:35:10:35:12 | ... ++ | side effect | test.c:35:10:35:10 | i | i | test.c:35:10:35:12 | ... ++ | side effect | test.c:35:10:35:10 | i | i | \ No newline at end of file diff --git a/c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.qlref b/c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.qlref new file mode 100644 index 0000000000..0cb8d40dbb --- /dev/null +++ b/c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.qlref @@ -0,0 +1 @@ +rules/RULE-13-2/UnsequencedSideEffects.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.testref b/c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.testref deleted file mode 100644 index 4623176d42..0000000000 --- a/c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.testref +++ /dev/null @@ -1 +0,0 @@ -c/common/test/rules/memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.ql \ No newline at end of file diff --git a/c/common/test/rules/memoryoperationsnotsequencedappropriately/test.c b/c/misra/test/rules/RULE-13-2/test.c similarity index 86% rename from c/common/test/rules/memoryoperationsnotsequencedappropriately/test.c rename to c/misra/test/rules/RULE-13-2/test.c index ac04ce01d1..1bebec3775 100644 --- a/c/common/test/rules/memoryoperationsnotsequencedappropriately/test.c +++ b/c/misra/test/rules/RULE-13-2/test.c @@ -1,5 +1,3 @@ -// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND -// CHANGES SHOULD BE REFLECTED THERE AS WELL. void foo(int, int); void unsequenced_sideeffects1() { @@ -29,7 +27,7 @@ void unsequenced_sideeffects1() { int l10 = l8++, l11 = l8++; // COMPLIANT } -int g1[10], g2[10]; +int g1[], g2[]; #define test(i) (g1[i] = g2[i]) void unsequenced_sideeffects2() { int i; diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/ImportMisra23.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/ImportMisra23.qll index fe0c6ea6e3..d31affb27c 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/ImportMisra23.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/ImportMisra23.qll @@ -61,7 +61,6 @@ newtype ImportMisra23Query = TCstdioFunctionsShallNotBeUsedQuery() or TCstdioMacrosShallNotBeUsedQuery() or TCstdioTypesShallNotBeUsedQuery() or - TMemoryOperationsNotSequencedAppropriatelyQuery() or TBackslashCharacterMisuseQuery() or TNonTerminatedEscapeSequencesQuery() or TOctalConstantsUsedQuery() or @@ -604,15 +603,6 @@ predicate isImportMisra23QueryMetadata(Query query, string queryId, string ruleI ruleId = "RULE-30-0-1" and category = "required" or - query = - // `Query` instance for the `memoryOperationsNotSequencedAppropriately` query - ImportMisra23Package::memoryOperationsNotSequencedAppropriatelyQuery() and - queryId = - // `@id` for the `memoryOperationsNotSequencedAppropriately` query - "cpp/misra/memory-operations-not-sequenced-appropriately" and - ruleId = "RULE-4-6-1" and - category = "required" - or query = // `Query` instance for the `backslashCharacterMisuse` query ImportMisra23Package::backslashCharacterMisuseQuery() and @@ -1257,13 +1247,6 @@ module ImportMisra23Package { TQueryCPP(TImportMisra23PackageQuery(TCstdioTypesShallNotBeUsedQuery())) } - Query memoryOperationsNotSequencedAppropriatelyQuery() { - //autogenerate `Query` type - result = - // `Query` type for `memoryOperationsNotSequencedAppropriately` query - TQueryCPP(TImportMisra23PackageQuery(TMemoryOperationsNotSequencedAppropriatelyQuery())) - } - Query backslashCharacterMisuseQuery() { //autogenerate `Query` type result = diff --git a/cpp/common/src/codingstandards/cpp/rules/memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.qll b/cpp/common/src/codingstandards/cpp/rules/memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.qll deleted file mode 100644 index 83c5ac1c8f..0000000000 --- a/cpp/common/src/codingstandards/cpp/rules/memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.qll +++ /dev/null @@ -1,252 +0,0 @@ -/** - * Provides a library with a `problems` predicate for the following issue: - * Operations on a memory location shall be sequenced appropriately. - */ - -import cpp -import codingstandards.cpp.Customizations -import codingstandards.cpp.CExpr -import codingstandards.cpp.Exclusions -import codingstandards.cpp.SideEffects -import codingstandards.cpp.COrdering - -abstract class MemoryOperationsNotSequencedAppropriatelySharedQuery extends Query { } - -Query getQuery() { result instanceof MemoryOperationsNotSequencedAppropriatelySharedQuery } - -class VariableEffectOrAccess extends Expr { - VariableEffectOrAccess() { - this instanceof VariableEffect or - this instanceof VariableAccess - } -} - -pragma[noinline] -predicate partOfFullExpr(VariableEffectOrAccess e, FullExpr fe) { - ( - exists(VariableEffect ve | e = ve and ve.getAnAccess() = fe.getAChild+() and not ve.isPartial()) - or - e.(VariableAccess) = fe.getAChild+() - ) -} - -class ConstituentExprOrdering extends Ordering::Configuration { - ConstituentExprOrdering() { this = "ConstituentExprOrdering" } - - override predicate isCandidate(Expr e1, Expr e2) { - exists(FullExpr fe | - partOfFullExpr(e1, fe) and - partOfFullExpr(e2, fe) - ) - } -} - -predicate sameFullExpr(FullExpr fe, VariableAccess va1, VariableAccess va2) { - partOfFullExpr(va1, fe) and - partOfFullExpr(va2, fe) and - va1 != va2 and - exists(Variable v1, Variable v2 | - // Use `pragma[only_bind_into]` to prevent CP between variable accesses. - va1.getTarget() = pragma[only_bind_into](v1) and va2.getTarget() = pragma[only_bind_into](v2) - | - v1.isVolatile() and v2.isVolatile() - or - not (v1.isVolatile() and v2.isVolatile()) and - v1 = v2 - ) -} - -int getLeafCount(LeftRightOperation bop) { - if - not bop.getLeftOperand() instanceof BinaryOperation and - not bop.getRightOperand() instanceof BinaryOperation - then result = 2 - else - if - bop.getLeftOperand() instanceof BinaryOperation and - not bop.getRightOperand() instanceof BinaryOperation - then result = 1 + getLeafCount(bop.getLeftOperand()) - else - if - not bop.getLeftOperand() instanceof BinaryOperation and - bop.getRightOperand() instanceof BinaryOperation - then result = 1 + getLeafCount(bop.getRightOperand()) - else result = getLeafCount(bop.getLeftOperand()) + getLeafCount(bop.getRightOperand()) -} - -class LeftRightOperation extends Expr { - LeftRightOperation() { - this instanceof BinaryOperation or - this instanceof AssignOperation or - this instanceof AssignExpr - } - - Expr getLeftOperand() { - result = this.(BinaryOperation).getLeftOperand() - or - result = this.(AssignOperation).getLValue() - or - result = this.(AssignExpr).getLValue() - } - - Expr getRightOperand() { - result = this.(BinaryOperation).getRightOperand() - or - result = this.(AssignOperation).getRValue() - or - result = this.(AssignExpr).getRValue() - } - - Expr getAnOperand() { - result = getLeftOperand() or - result = getRightOperand() - } -} - -int getOperandIndexIn(FullExpr fullExpr, Expr operand) { - result = getOperandIndex(fullExpr, operand) - or - fullExpr.(Call).getArgument(result).getAChild*() = operand -} - -int getOperandIndex(LeftRightOperation binop, Expr operand) { - if operand = binop.getAnOperand() - then - operand = binop.getLeftOperand() and - result = 0 - or - operand = binop.getRightOperand() and - result = getLeafCount(binop.getLeftOperand()) + 1 - or - operand = binop.getRightOperand() and - not binop.getLeftOperand() instanceof LeftRightOperation and - result = 1 - else ( - // Child of left operand that is a binary operation. - result = getOperandIndex(binop.getLeftOperand(), operand) - or - // Child of left operand that is not a binary operation. - result = 0 and - not binop.getLeftOperand() instanceof LeftRightOperation and - binop.getLeftOperand().getAChild+() = operand - or - // Child of right operand and both left and right operands are binary operations. - result = - getLeafCount(binop.getLeftOperand()) + getOperandIndex(binop.getRightOperand(), operand) - or - // Child of right operand and left operand is not a binary operation. - result = 1 + getOperandIndex(binop.getRightOperand(), operand) and - not binop.getLeftOperand() instanceof LeftRightOperation - or - // Child of right operand that is not a binary operation and the left operand is a binary operation. - result = getLeafCount(binop.getLeftOperand()) + 1 and - binop.getRightOperand().getAChild+() = operand and - not binop.getRightOperand() instanceof LeftRightOperation - or - // Child of right operand that is not a binary operation and the left operand is not a binary operation. - result = 1 and - not binop.getLeftOperand() instanceof LeftRightOperation and - not binop.getRightOperand() instanceof LeftRightOperation and - binop.getRightOperand().getAChild+() = operand - ) -} - -predicate inConditionalThen(ConditionalExpr ce, Expr e) { - e = ce.getThen() - or - exists(Expr parent | - inConditionalThen(ce, parent) and - parent.getAChild() = e - ) -} - -predicate inConditionalElse(ConditionalExpr ce, Expr e) { - e = ce.getElse() - or - exists(Expr parent | - inConditionalElse(ce, parent) and - parent.getAChild() = e - ) -} - -predicate isUnsequencedEffect( - ConstituentExprOrdering orderingConfig, FullExpr fullExpr, VariableEffect variableEffect1, - VariableAccess va1, VariableAccess va2, Locatable placeHolder, string label -) { - // The two access are scoped to the same full expression. - sameFullExpr(fullExpr, va1, va2) and - // We are only interested in effects that change an object, - // i.e., exclude patterns suchs as `b->data[b->cursor++]` where `b` is considered modified and read or `foo.bar = 1` where `=` modifies to both `foo` and `bar`. - not variableEffect1.isPartial() and - variableEffect1.getAnAccess() = va1 and - ( - exists(VariableEffect variableEffect2 | - not variableEffect2.isPartial() and - variableEffect2.getAnAccess() = va2 and - // If the effect is not local (happens in a different function) we use the call with the access as a proxy. - ( - va1.getEnclosingStmt() = variableEffect1.getEnclosingStmt() and - va2.getEnclosingStmt() = variableEffect2.getEnclosingStmt() and - orderingConfig.isUnsequenced(variableEffect1, variableEffect2) - or - va1.getEnclosingStmt() = variableEffect1.getEnclosingStmt() and - not va2.getEnclosingStmt() = variableEffect2.getEnclosingStmt() and - exists(Call call | - call.getAnArgument() = va2 and call.getEnclosingStmt() = va1.getEnclosingStmt() - | - orderingConfig.isUnsequenced(variableEffect1, call) - ) - or - not va1.getEnclosingStmt() = variableEffect1.getEnclosingStmt() and - va2.getEnclosingStmt() = variableEffect2.getEnclosingStmt() and - exists(Call call | - call.getAnArgument() = va1 and call.getEnclosingStmt() = va2.getEnclosingStmt() - | - orderingConfig.isUnsequenced(call, variableEffect2) - ) - ) and - // Break the symmetry of the ordering relation by requiring that the first expression is located before the second. - // This builds upon the assumption that the expressions are part of the same full expression as specified in the ordering configuration. - getOperandIndexIn(fullExpr, va1) < getOperandIndexIn(fullExpr, va2) and - placeHolder = variableEffect2 and - label = "side effect" - ) - or - placeHolder = va2 and - label = "read" and - not exists(VariableEffect variableEffect2 | variableEffect1 != variableEffect2 | - variableEffect2.getAnAccess() = va2 - ) and - ( - va1.getEnclosingStmt() = variableEffect1.getEnclosingStmt() and - orderingConfig.isUnsequenced(variableEffect1, va2) - or - not va1.getEnclosingStmt() = variableEffect1.getEnclosingStmt() and - exists(Call call | - call.getAnArgument() = va1 and call.getEnclosingStmt() = va2.getEnclosingStmt() - | - orderingConfig.isUnsequenced(call, va2) - ) - ) and - // The read is not used to compute the effect on the variable. - // E.g., exclude x = x + 1 - not variableEffect1.getAChild+() = va2 - ) and - // Both are evaluated - not exists(ConditionalExpr ce | inConditionalThen(ce, va1) and inConditionalElse(ce, va2)) -} - -query predicate problems( - FullExpr fullExpr, string message, VariableEffect variableEffect1, string variableEffect1_string, - Locatable placeHolder, string label, VariableAccess va1, string va1_string, VariableAccess va2, - string va2_string -) { - exists(ConstituentExprOrdering orderingConfig | - not isExcluded(fullExpr, getQuery()) and - isUnsequencedEffect(orderingConfig, fullExpr, variableEffect1, va1, va2, placeHolder, label) and - message = "The expression contains unsequenced $@ to $@ and $@ to $@." and - variableEffect1_string = "side effect" and - va1_string = va1.getTarget().getName() and - va2_string = va2.getTarget().getName() - ) -} diff --git a/cpp/common/test/rules/memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.expected b/cpp/common/test/rules/memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.expected deleted file mode 100644 index 54c8ee481b..0000000000 --- a/cpp/common/test/rules/memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.expected +++ /dev/null @@ -1,6 +0,0 @@ -| test.cpp:8:12:8:18 | ... + ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.cpp:8:12:8:13 | l1 | side effect | test.cpp:8:17:8:18 | l1 | side effect | test.cpp:8:12:8:13 | l1 | l1 | test.cpp:8:17:8:18 | l1 | l1 | -| test.cpp:9:12:9:18 | ... + ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.cpp:9:12:9:13 | l1 | side effect | test.cpp:9:17:9:18 | l2 | side effect | test.cpp:9:12:9:13 | l1 | l1 | test.cpp:9:17:9:18 | l2 | l2 | -| test.cpp:19:3:19:21 | ... = ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.cpp:19:8:19:9 | l1 | side effect | test.cpp:19:13:19:14 | l1 | side effect | test.cpp:19:8:19:9 | l1 | l1 | test.cpp:19:13:19:14 | l1 | l1 | -| test.cpp:21:3:21:5 | call to foo | The expression contains unsequenced $@ to $@ and $@ to $@. | test.cpp:21:7:21:8 | l1 | side effect | test.cpp:21:11:21:12 | l2 | side effect | test.cpp:21:7:21:8 | l1 | l1 | test.cpp:21:11:21:12 | l2 | l2 | -| test.cpp:27:3:27:5 | call to foo | The expression contains unsequenced $@ to $@ and $@ to $@. | test.cpp:27:7:27:10 | ... ++ | side effect | test.cpp:27:13:27:14 | l8 | read | test.cpp:27:7:27:8 | l8 | l8 | test.cpp:27:13:27:14 | l8 | l8 | -| test.cpp:37:5:37:13 | ... = ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.cpp:37:10:37:12 | ... ++ | side effect | test.cpp:37:10:37:12 | ... ++ | side effect | test.cpp:37:10:37:10 | i | i | test.cpp:37:10:37:10 | i | i | diff --git a/cpp/common/test/rules/memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.ql b/cpp/common/test/rules/memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.ql deleted file mode 100644 index 63351377f0..0000000000 --- a/cpp/common/test/rules/memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.ql +++ /dev/null @@ -1,4 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.memoryoperationsnotsequencedappropriately.MemoryOperationsNotSequencedAppropriately - -class TestFileQuery extends MemoryOperationsNotSequencedAppropriatelySharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/memoryoperationsnotsequencedappropriately/test.cpp b/cpp/common/test/rules/memoryoperationsnotsequencedappropriately/test.cpp deleted file mode 100644 index 427555d735..0000000000 --- a/cpp/common/test/rules/memoryoperationsnotsequencedappropriately/test.cpp +++ /dev/null @@ -1,39 +0,0 @@ -// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C TEST CASE AND -// CHANGES SHOULD BE REFLECTED THERE AS WELL. -void foo(int, int); - -void unsequenced_sideeffects1() { - volatile int l1, l2; - - int l3 = l1 + l1; // NON_COMPLIANT - int l4 = l1 + l2; // NON_COMPLIANT - - // Store value of volatile object in temporary non-volatile object. - int l5 = l1; - // Store value of volatile object in temporary non-volatile object. - int l6 = l2; - int l7 = l5 + l6; // COMPLIANT - - int l8, l9; - l1 = l1 & 0x80; // COMPLIANT - l8 = l1 = l1 & 0x80; // NON_COMPLIANT - - foo(l1, l2); // NON_COMPLIANT - // Store value of volatile object in temporary non-volatile object. - l8 = l1; - // Store value of volatile object in temporary non-volatile object. - l9 = l2; - foo(l8, l9); // COMPLIANT - foo(l8++, l8); // NON_COMPLIANT - - int l10 = l8++, l11 = l8++; // COMPLIANT -} - -int g1[10], g2[10]; -#define test(i) (g1[i] = g2[i]) -void unsequenced_sideeffects2() { - int i; - for (i = 0; i < 10; i++) { - test(i++); // NON_COMPLIANT - } -} \ No newline at end of file diff --git a/cpp/misra/src/rules/RULE-4-6-1/MemoryOperationsNotSequencedAppropriately.ql b/cpp/misra/src/rules/RULE-4-6-1/MemoryOperationsNotSequencedAppropriately.ql deleted file mode 100644 index 20eb2167bf..0000000000 --- a/cpp/misra/src/rules/RULE-4-6-1/MemoryOperationsNotSequencedAppropriately.ql +++ /dev/null @@ -1,23 +0,0 @@ -/** - * @id cpp/misra/memory-operations-not-sequenced-appropriately - * @name RULE-4-6-1: Operations on a memory location shall be sequenced appropriately - * @description Operations on a memory location shall be sequenced appropriately. - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/misra/id/rule-4-6-1 - * scope/system - * external/misra/enforcement/undecidable - * external/misra/obligation/required - */ - -import cpp -import codingstandards.cpp.misra -import codingstandards.cpp.rules.memoryoperationsnotsequencedappropriately.MemoryOperationsNotSequencedAppropriately - -class MemoryOperationsNotSequencedAppropriatelyQuery extends MemoryOperationsNotSequencedAppropriatelySharedQuery -{ - MemoryOperationsNotSequencedAppropriatelyQuery() { - this = ImportMisra23Package::memoryOperationsNotSequencedAppropriatelyQuery() - } -} diff --git a/cpp/misra/test/rules/RULE-4-6-1/MemoryOperationsNotSequencedAppropriately.testref b/cpp/misra/test/rules/RULE-4-6-1/MemoryOperationsNotSequencedAppropriately.testref deleted file mode 100644 index 02034f66c6..0000000000 --- a/cpp/misra/test/rules/RULE-4-6-1/MemoryOperationsNotSequencedAppropriately.testref +++ /dev/null @@ -1 +0,0 @@ -cpp/common/test/rules/memoryoperationsnotsequencedappropriately/MemoryOperationsNotSequencedAppropriately.ql \ No newline at end of file diff --git a/rule_packages/c/SideEffects3.json b/rule_packages/c/SideEffects3.json index 19012b9c33..2d67df6e2e 100644 --- a/rule_packages/c/SideEffects3.json +++ b/rule_packages/c/SideEffects3.json @@ -12,7 +12,6 @@ "precision": "very-high", "severity": "error", "short_name": "UnsequencedSideEffects", - "shared_implementation_short_name": "MemoryOperationsNotSequencedAppropriately", "tags": [ "correctness" ] diff --git a/rule_packages/cpp/ImportMisra23.json b/rule_packages/cpp/ImportMisra23.json index 96bab2e25f..243fc7cc20 100644 --- a/rule_packages/cpp/ImportMisra23.json +++ b/rule_packages/cpp/ImportMisra23.json @@ -1187,27 +1187,6 @@ ], "title": "The C Library input/output functions shall not be used" }, - "RULE-4-6-1": { - "properties": { - "enforcement": "undecidable", - "obligation": "required" - }, - "queries": [ - { - "description": "Operations on a memory location shall be sequenced appropriately.", - "kind": "problem", - "name": "Operations on a memory location shall be sequenced appropriately", - "precision": "very-high", - "severity": "error", - "short_name": "MemoryOperationsNotSequencedAppropriately", - "shared_implementation_short_name": "MemoryOperationsNotSequencedAppropriately", - "tags": [ - "scope/system" - ] - } - ], - "title": "Operations on a memory location shall be sequenced appropriately" - }, "RULE-5-13-1": { "properties": { "enforcement": "decidable", diff --git a/rules.csv b/rules.csv index 8633ebe422..e494a82ea3 100644 --- a/rules.csv +++ b/rules.csv @@ -787,7 +787,7 @@ cpp,MISRA-C++-2023,DIR-0-3-2,Yes,Required,,,A function call shall not violate th cpp,MISRA-C++-2023,RULE-4-1-1,Yes,Required,Undecidable,System,A program shall conform to ISO/IEC 14882:2017 (C++17),,,Hard, cpp,MISRA-C++-2023,RULE-4-1-2,Yes,Advisory,Decidable,Single Translation Unit,Deprecated features should not be used,,,Very Hard, cpp,MISRA-C++-2023,RULE-4-1-3,Yes,Required,Undecidable,System,There shall be no occurrence of undefined or critical unspecified behaviour,,,Very Hard, -cpp,MISRA-C++-2023,RULE-4-6-1,Yes,Required,Undecidable,System,Operations on a memory location shall be sequenced appropriately,RULE-13-2,ImportMisra23,Import, +cpp,MISRA-C++-2023,RULE-4-6-1,Yes,Required,Undecidable,System,Operations on a memory location shall be sequenced appropriately,RULE-13-2,,Easy, cpp,MISRA-C++-2023,RULE-5-0-1,Yes,Advisory,Decidable,Single Translation Unit,Trigraph-like sequences should not be used,A2-5-1,,Very Hard, cpp,MISRA-C++-2023,RULE-5-7-1,Yes,Required,Decidable,Single Translation Unit,The character sequence /* shall not be used within a C-style comment,M2-7-1,ImportMisra23,Import, cpp,MISRA-C++-2023,DIR-5-7-2,Yes,Advisory,,,Sections of code should not be “commented out”,A2-7-2,ImportMisra23,Import, From e140e375679c9952e9d7090f1e6d030707c45367 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 25 Jul 2024 12:58:01 +0200 Subject: [PATCH 1894/2573] Delete VSC settings --- .vscode/settings.json | 5 ----- 1 file changed, 5 deletions(-) delete mode 100644 .vscode/settings.json diff --git a/.vscode/settings.json b/.vscode/settings.json deleted file mode 100644 index 30ba3d548b..0000000000 --- a/.vscode/settings.json +++ /dev/null @@ -1,5 +0,0 @@ -{ - "codeQL.cli.executablePath": "/Users/mauro/Desktop/CodeQL/bundles/codeql-2.14.6/codeql", - "codeQL.runningQueries.numberOfThreads": 0, - "codeQL.runningTests.numberOfThreads": 0 -} \ No newline at end of file From 3aa9843d81a897097d3c0504f9be08a225ce4c69 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 25 Jul 2024 13:12:53 +0200 Subject: [PATCH 1895/2573] Restore original import --- .../EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects.ql | 1 + 1 file changed, 1 insertion(+) diff --git a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects.ql b/c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects.ql index 862f00e822..c478a3d51e 100644 --- a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects.ql +++ b/c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects.ql @@ -14,6 +14,7 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.SideEffect +import codingstandards.c.Ordering import codingstandards.c.orderofevaluation.VariableAccessOrdering from From bd08d1b57a071140e1d156ff5c6ba2fcd210034b Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 25 Jul 2024 13:18:58 +0200 Subject: [PATCH 1896/2573] Restore original import --- c/cert/src/rules/EXP45-C/AssignmentsInSelectionStatements.ql | 2 +- c/common/test/library/expr/FullExpr.ql | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/c/cert/src/rules/EXP45-C/AssignmentsInSelectionStatements.ql b/c/cert/src/rules/EXP45-C/AssignmentsInSelectionStatements.ql index 8d65bb0088..f6e29eb28c 100644 --- a/c/cert/src/rules/EXP45-C/AssignmentsInSelectionStatements.ql +++ b/c/cert/src/rules/EXP45-C/AssignmentsInSelectionStatements.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.cert -import codingstandards.cpp.CExpr +import codingstandards.c.Expr Expr getRightMostOperand(CommaExpr e) { result = e.getRightOperand() and not result instanceof CommaExpr diff --git a/c/common/test/library/expr/FullExpr.ql b/c/common/test/library/expr/FullExpr.ql index 8760ed1a15..de7edf85c1 100644 --- a/c/common/test/library/expr/FullExpr.ql +++ b/c/common/test/library/expr/FullExpr.ql @@ -1,5 +1,5 @@ import cpp -import codingstandards.cpp.CExpr +import codingstandards.c.Expr from FullExpr e select e From e3113f6200f12c36ca6f16bdb189f683baa10d42 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 25 Jul 2024 19:07:06 +0200 Subject: [PATCH 1897/2573] Addressing the review comments --- c/misra/src/rules/RULE-15-6/SelectionCompoundCondition.ql | 2 +- rule_packages/c/Statements3.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/c/misra/src/rules/RULE-15-6/SelectionCompoundCondition.ql b/c/misra/src/rules/RULE-15-6/SelectionCompoundCondition.ql index 8f7b37f0d4..d181ca2d1c 100644 --- a/c/misra/src/rules/RULE-15-6/SelectionCompoundCondition.ql +++ b/c/misra/src/rules/RULE-15-6/SelectionCompoundCondition.ql @@ -1,6 +1,6 @@ /** * @id c/misra/selection-compound-condition - * @name RULE-15-6: the statement forming the body of a slection statement shall be a compound statement + * @name RULE-15-6: The statement forming the body of a slection statement shall be a compound statement * @description if the body of a selection statement is not enclosed in braces, then this can lead * to incorrect execution, and is hard for developers to maintain. * @kind problem diff --git a/rule_packages/c/Statements3.json b/rule_packages/c/Statements3.json index 6b881f9a95..532a711eb0 100644 --- a/rule_packages/c/Statements3.json +++ b/rule_packages/c/Statements3.json @@ -32,7 +32,7 @@ { "description": "if the body of a selection statement is not enclosed in braces, then this can lead to incorrect execution, and is hard for developers to maintain.", "kind": "problem", - "name": "the statement forming the body of a slection statement shall be a compound statement", + "name": "The statement forming the body of a slection statement shall be a compound statement", "precision": "very-high", "severity": "recommendation", "short_name": "SelectionCompoundCondition", From 050bdf76c078ce3f83473d42fec732e77d72301d Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 25 Jul 2024 19:08:14 +0200 Subject: [PATCH 1898/2573] Addressing the review comments --- .../src/codingstandards/c}/SideEffects.qll | 0 .../rules/RULE-13-2/UnsequencedSideEffects.ql | 2 +- .../SideEffectAndCrementInFullExpression.ql | 2 +- .../rules/RULE-15-6/LoopCompoundCondition.ql | 2 +- .../2024-06-27-misra-cpp-2023-import.md | 2 -- ...rVirtualFunctionWithNullPointerConstant.ql | 25 +++++++++++++++ ...ualPointerOnlyComparesToNullptrConstant.ql | 6 ++-- ...ssibleBaseClassBothVirtualAndNonVirtual.ql | 6 ++-- ...lassBothVirtualAndNonVirtualInHierarchy.ql | 23 +++++++++++++ ...PassedAsFunctionArgumentDecayToAPointer.ql | 6 ++-- ...PassedAsFunctionArgumentDecayToAPointer.ql | 24 ++++++++++++++ ...ExpressionWhoseUnderlyingTypeIsUnsigned.ql | 23 +++++++++++++ ...usOperatorAppliedToAnUnsignedExpression.ql | 6 ++-- ...MainUsedForAFunctionOtherThanGlobalMain.ql | 6 ++-- ...AFunctionOtherThanTheGlobalFunctionMain.ql | 24 ++++++++++++++ ...nctionParametersUseSameDefaultArguments.ql | 6 ++-- ...ionParametersUseTheSameDefaultArguments.ql | 25 +++++++++++++++ ...dAsFunctionArgumentDecayToAPointer.testref | 1 + ...ssionWhoseUnderlyingTypeIsUnsigned.testref | 1 + .../cpp/exclusions/cpp/Inheritance.qll | 16 +++++----- .../cpp/exclusions/cpp/Naming.qll | 16 +++++----- .../cpp/exclusions/cpp/Operators.qll | 16 +++++----- .../cpp/exclusions/cpp/Pointers.qll | 32 +++++++++---------- .../cpp/exclusions/cpp/VirtualFunctions.qll | 16 +++++----- .../test/includes/standard-library/assert.h | 7 +++- .../test/includes/standard-library/cassert | 1 + rule_packages/c/Statements3.json | 2 +- rule_packages/cpp/Inheritance.json | 2 +- rule_packages/cpp/Naming.json | 2 +- rule_packages/cpp/Operators.json | 2 +- rule_packages/cpp/Pointers.json | 4 +-- rule_packages/cpp/VirtualFunctions.json | 2 +- .../templates/shared_library.ql.template | 4 +++ 33 files changed, 233 insertions(+), 79 deletions(-) rename {cpp/common/src/codingstandards/cpp => c/common/src/codingstandards/c}/SideEffects.qll (100%) delete mode 100644 change_notes/2024-06-27-misra-cpp-2023-import.md create mode 100644 cpp/autosar/src/rules/A5-10-1/PointerToMemberVirtualFunctionWithNullPointerConstant.ql create mode 100644 cpp/autosar/src/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtualInHierarchy.ql create mode 100644 cpp/autosar/src/rules/M5-2-12/IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointer.ql create mode 100644 cpp/autosar/src/rules/M5-3-2/UnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsigned.ql create mode 100644 cpp/autosar/src/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMain.ql create mode 100644 cpp/autosar/src/rules/M8-3-1/VirtualFunctionParametersUseTheSameDefaultArguments.ql create mode 100644 cpp/autosar/test/rules/M5-2-12/IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointer.testref create mode 100644 cpp/autosar/test/rules/M5-3-2/UnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsigned.testref diff --git a/cpp/common/src/codingstandards/cpp/SideEffects.qll b/c/common/src/codingstandards/c/SideEffects.qll similarity index 100% rename from cpp/common/src/codingstandards/cpp/SideEffects.qll rename to c/common/src/codingstandards/c/SideEffects.qll diff --git a/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql b/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql index 45bf886dd5..2497e5d4a3 100644 --- a/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql +++ b/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.c.misra import codingstandards.c.Ordering -import codingstandards.cpp.SideEffects +import codingstandards.c.SideEffects class VariableEffectOrAccess extends Expr { VariableEffectOrAccess() { diff --git a/c/misra/src/rules/RULE-13-3/SideEffectAndCrementInFullExpression.ql b/c/misra/src/rules/RULE-13-3/SideEffectAndCrementInFullExpression.ql index 4191495b13..3dd03120c8 100644 --- a/c/misra/src/rules/RULE-13-3/SideEffectAndCrementInFullExpression.ql +++ b/c/misra/src/rules/RULE-13-3/SideEffectAndCrementInFullExpression.ql @@ -16,7 +16,7 @@ import cpp import codingstandards.c.misra import codingstandards.c.Expr -import codingstandards.cpp.SideEffects +import codingstandards.c.SideEffects from FullExpr e, SideEffect se, CrementOperation op where diff --git a/c/misra/src/rules/RULE-15-6/LoopCompoundCondition.ql b/c/misra/src/rules/RULE-15-6/LoopCompoundCondition.ql index c596cb2970..a3e30ec345 100644 --- a/c/misra/src/rules/RULE-15-6/LoopCompoundCondition.ql +++ b/c/misra/src/rules/RULE-15-6/LoopCompoundCondition.ql @@ -1,6 +1,6 @@ /** * @id c/misra/loop-compound-condition - * @name RULE-15-6: the statement forming the body of a loop shall be a compound statement + * @name RULE-15-6: The statement forming the body of a loop shall be a compound statement * @description if the body of a loop is not enclosed in braces, then this can lead to incorrect * execution, and is hard for developers to maintain. * @kind problem diff --git a/change_notes/2024-06-27-misra-cpp-2023-import.md b/change_notes/2024-06-27-misra-cpp-2023-import.md deleted file mode 100644 index 5de144c3af..0000000000 --- a/change_notes/2024-06-27-misra-cpp-2023-import.md +++ /dev/null @@ -1,2 +0,0 @@ -- `MISRA C++ 2023`: - - Adds support for `MISRA C++ 2023` rules that are already implemented by existing queries. diff --git a/cpp/autosar/src/rules/A5-10-1/PointerToMemberVirtualFunctionWithNullPointerConstant.ql b/cpp/autosar/src/rules/A5-10-1/PointerToMemberVirtualFunctionWithNullPointerConstant.ql new file mode 100644 index 0000000000..88594062ca --- /dev/null +++ b/cpp/autosar/src/rules/A5-10-1/PointerToMemberVirtualFunctionWithNullPointerConstant.ql @@ -0,0 +1,25 @@ +/** + * @id cpp/autosar/pointer-to-member-virtual-function-with-null-pointer-constant + * @name A5-10-1: A pointer to member virtual function shall only be tested for equality with null-pointer-constant + * @description A pointer to member virtual function shall only be tested for equality with + * null-pointer-constant, because an equality comparison with anything other than a + * null-pointer-constant is unspecified. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/autosar/id/a5-10-1 + * correctness + * external/autosar/allocated-target/implementation + * external/autosar/enforcement/automated + * external/autosar/obligation/required + */ + +import cpp +import codingstandards.cpp.autosar +import codingstandards.cpp.rules.potentiallyvirtualpointeronlycomparestonullptr.PotentiallyVirtualPointerOnlyComparesToNullptr + +class PointerToMemberVirtualFunctionWithNullPointerConstantQuery extends PotentiallyVirtualPointerOnlyComparesToNullptrSharedQuery { + PointerToMemberVirtualFunctionWithNullPointerConstantQuery() { + this = pointersPackage::pointerToMemberVirtualFunctionWithNullPointerConstantQuery() + } +} diff --git a/cpp/autosar/src/rules/A5-10-1/VirtualPointerOnlyComparesToNullptrConstant.ql b/cpp/autosar/src/rules/A5-10-1/VirtualPointerOnlyComparesToNullptrConstant.ql index 01a45e75f7..28e17ead1a 100644 --- a/cpp/autosar/src/rules/A5-10-1/VirtualPointerOnlyComparesToNullptrConstant.ql +++ b/cpp/autosar/src/rules/A5-10-1/VirtualPointerOnlyComparesToNullptrConstant.ql @@ -18,9 +18,9 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.potentiallyvirtualpointeronlycomparestonullptr.PotentiallyVirtualPointerOnlyComparesToNullptr -class VirtualPointerOnlyComparesToNullptrConstantQuery extends PotentiallyVirtualPointerOnlyComparesToNullptrSharedQuery +class PointerToMemberVirtualFunctionWithNullPointerConstantQuery extends PotentiallyVirtualPointerOnlyComparesToNullptrSharedQuery { - VirtualPointerOnlyComparesToNullptrConstantQuery() { - this = PointersPackage::virtualPointerOnlyComparesToNullptrConstantQuery() + PointerToMemberVirtualFunctionWithNullPointerConstantQuery() { + this = PointersPackage::pointerToMemberVirtualFunctionWithNullPointerConstantQuery() } } diff --git a/cpp/autosar/src/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtual.ql b/cpp/autosar/src/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtual.ql index 2e189ddd24..5b7086cb54 100644 --- a/cpp/autosar/src/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtual.ql +++ b/cpp/autosar/src/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtual.ql @@ -16,9 +16,9 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.virtualandnonvirtualclassinthehierarchy.VirtualAndNonVirtualClassInTheHierarchy -class AccessibleBaseClassBothVirtualAndNonVirtualQuery extends VirtualAndNonVirtualClassInTheHierarchySharedQuery +class AccessibleBaseClassBothVirtualAndNonVirtualInHierarchyQuery extends VirtualAndNonVirtualClassInTheHierarchySharedQuery { - AccessibleBaseClassBothVirtualAndNonVirtualQuery() { - this = InheritancePackage::accessibleBaseClassBothVirtualAndNonVirtualQuery() + AccessibleBaseClassBothVirtualAndNonVirtualInHierarchyQuery() { + this = InheritancePackage::accessibleBaseClassBothVirtualAndNonVirtualInHierarchyQuery() } } diff --git a/cpp/autosar/src/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtualInHierarchy.ql b/cpp/autosar/src/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtualInHierarchy.ql new file mode 100644 index 0000000000..df7840496f --- /dev/null +++ b/cpp/autosar/src/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtualInHierarchy.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/autosar/accessible-base-class-both-virtual-and-non-virtual-in-hierarchy + * @name M10-1-3: An accessible base class shall not be both virtual and non-virtual in the same hierarchy + * @description A base class must not be virtual and non-virtual in the same hierarchy to avoid + * copies of the object and confusing behavior. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/autosar/id/m10-1-3 + * external/autosar/allocated-target/implementation + * external/autosar/enforcement/automated + * external/autosar/obligation/required + */ + +import cpp +import codingstandards.cpp.autosar +import codingstandards.cpp.rules.virtualandnonvirtualclassinthehierarchy.VirtualAndNonVirtualClassInTheHierarchy + +class AccessibleBaseClassBothVirtualAndNonVirtualInHierarchyQuery extends VirtualAndNonVirtualClassInTheHierarchySharedQuery { + AccessibleBaseClassBothVirtualAndNonVirtualInHierarchyQuery() { + this = InheritancePackage::accessibleBaseClassBothVirtualAndNonVirtualInHierarchyQuery() + } +} diff --git a/cpp/autosar/src/rules/M5-2-12/IdentifierPassedAsFunctionArgumentDecayToAPointer.ql b/cpp/autosar/src/rules/M5-2-12/IdentifierPassedAsFunctionArgumentDecayToAPointer.ql index 6d1ee297a8..f1e7bb4a39 100644 --- a/cpp/autosar/src/rules/M5-2-12/IdentifierPassedAsFunctionArgumentDecayToAPointer.ql +++ b/cpp/autosar/src/rules/M5-2-12/IdentifierPassedAsFunctionArgumentDecayToAPointer.ql @@ -17,9 +17,9 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.arraypassedasfunctionargumentdecaytoapointer.ArrayPassedAsFunctionArgumentDecayToAPointer -class IdentifierPassedAsFunctionArgumentDecayToAPointerQuery extends ArrayPassedAsFunctionArgumentDecayToAPointerSharedQuery +class IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointerQuery extends ArrayPassedAsFunctionArgumentDecayToAPointerSharedQuery { - IdentifierPassedAsFunctionArgumentDecayToAPointerQuery() { - this = PointersPackage::identifierPassedAsFunctionArgumentDecayToAPointerQuery() + IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointerQuery() { + this = PointersPackage::identifierWithArrayTypePassedAsFunctionArgumentDecayToAPointerQuery() } } diff --git a/cpp/autosar/src/rules/M5-2-12/IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointer.ql b/cpp/autosar/src/rules/M5-2-12/IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointer.ql new file mode 100644 index 0000000000..852080c571 --- /dev/null +++ b/cpp/autosar/src/rules/M5-2-12/IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointer.ql @@ -0,0 +1,24 @@ +/** + * @id cpp/autosar/identifier-with-array-type-passed-as-function-argument-decay-to-a-pointer + * @name M5-2-12: An identifier with array type passed as a function argument shall not decay to a pointer + * @description An identifier with array type passed as a function argument shall not decay to a + * pointer to prevent loss of its bounds. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/autosar/id/m5-2-12 + * correctness + * external/autosar/allocated-target/implementation + * external/autosar/enforcement/automated + * external/autosar/obligation/required + */ + +import cpp +import codingstandards.cpp.autosar +import codingstandards.cpp.rules.arraypassedasfunctionargumentdecaytoapointer.ArrayPassedAsFunctionArgumentDecayToAPointer + +class IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointerQuery extends ArrayPassedAsFunctionArgumentDecayToAPointerSharedQuery { + IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointerQuery() { + this = pointersPackage::identifierWithArrayTypePassedAsFunctionArgumentDecayToAPointerQuery() + } +} diff --git a/cpp/autosar/src/rules/M5-3-2/UnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsigned.ql b/cpp/autosar/src/rules/M5-3-2/UnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsigned.ql new file mode 100644 index 0000000000..98deff4f78 --- /dev/null +++ b/cpp/autosar/src/rules/M5-3-2/UnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsigned.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/autosar/unary-minus-operator-applied-to-an-expression-whose-underlying-type-is-unsigned + * @name M5-3-2: The unary minus operator shall not be applied to an expression whose underlying type is unsigned + * @description The unary minus operator shall not be applied to an expression whose underlying type + * is unsigned. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/autosar/id/m5-3-2 + * external/autosar/allocated-target/implementation + * external/autosar/enforcement/automated + * external/autosar/obligation/required + */ + +import cpp +import codingstandards.cpp.autosar +import codingstandards.cpp.rules.builtinunaryoperatorappliedtounsignedexpression.BuiltInUnaryOperatorAppliedToUnsignedExpression + +class UnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsignedQuery extends BuiltInUnaryOperatorAppliedToUnsignedExpressionSharedQuery { + UnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsignedQuery() { + this = OperatorsPackage::unaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsignedQuery() + } +} diff --git a/cpp/autosar/src/rules/M5-3-2/UnaryMinusOperatorAppliedToAnUnsignedExpression.ql b/cpp/autosar/src/rules/M5-3-2/UnaryMinusOperatorAppliedToAnUnsignedExpression.ql index cac08b5bf2..d9406b2553 100644 --- a/cpp/autosar/src/rules/M5-3-2/UnaryMinusOperatorAppliedToAnUnsignedExpression.ql +++ b/cpp/autosar/src/rules/M5-3-2/UnaryMinusOperatorAppliedToAnUnsignedExpression.ql @@ -16,9 +16,9 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.builtinunaryoperatorappliedtounsignedexpression.BuiltInUnaryOperatorAppliedToUnsignedExpression -class UnaryMinusOperatorAppliedToAnUnsignedExpressionQuery extends BuiltInUnaryOperatorAppliedToUnsignedExpressionSharedQuery +class UnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsignedQuery extends BuiltInUnaryOperatorAppliedToUnsignedExpressionSharedQuery { - UnaryMinusOperatorAppliedToAnUnsignedExpressionQuery() { - this = OperatorsPackage::unaryMinusOperatorAppliedToAnUnsignedExpressionQuery() + UnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsignedQuery() { + this = OperatorsPackage::unaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsignedQuery() } } diff --git a/cpp/autosar/src/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanGlobalMain.ql b/cpp/autosar/src/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanGlobalMain.ql index 2d263f4683..8b3da17ab1 100644 --- a/cpp/autosar/src/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanGlobalMain.ql +++ b/cpp/autosar/src/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanGlobalMain.ql @@ -17,9 +17,9 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.nonglobalfunctionmain.NonGlobalFunctionMain -class IdentifierMainUsedForAFunctionOtherThanGlobalMainQuery extends NonGlobalFunctionMainSharedQuery +class IdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMainQuery extends NonGlobalFunctionMainSharedQuery { - IdentifierMainUsedForAFunctionOtherThanGlobalMainQuery() { - this = NamingPackage::identifierMainUsedForAFunctionOtherThanGlobalMainQuery() + IdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMainQuery() { + this = NamingPackage::identifierMainUsedForAFunctionOtherThanTheGlobalFunctionMainQuery() } } diff --git a/cpp/autosar/src/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMain.ql b/cpp/autosar/src/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMain.ql new file mode 100644 index 0000000000..a1820f08e3 --- /dev/null +++ b/cpp/autosar/src/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMain.ql @@ -0,0 +1,24 @@ +/** + * @id cpp/autosar/identifier-main-used-for-a-function-other-than-the-global-function-main + * @name M7-3-2: The identifier main shall not be used for a function other than the global function main + * @description Reusing the name main in non-main contexts can lead to developer confusion. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/autosar/id/m7-3-2 + * maintainability + * readability + * external/autosar/allocated-target/implementation + * external/autosar/enforcement/automated + * external/autosar/obligation/required + */ + +import cpp +import codingstandards.cpp.autosar +import codingstandards.cpp.rules.nonglobalfunctionmain.NonGlobalFunctionMain + +class IdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMainQuery extends NonGlobalFunctionMainSharedQuery { + IdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMainQuery() { + this = NamingPackage::identifierMainUsedForAFunctionOtherThanTheGlobalFunctionMainQuery() + } +} diff --git a/cpp/autosar/src/rules/M8-3-1/VirtualFunctionParametersUseSameDefaultArguments.ql b/cpp/autosar/src/rules/M8-3-1/VirtualFunctionParametersUseSameDefaultArguments.ql index 833585d096..02e880a909 100644 --- a/cpp/autosar/src/rules/M8-3-1/VirtualFunctionParametersUseSameDefaultArguments.ql +++ b/cpp/autosar/src/rules/M8-3-1/VirtualFunctionParametersUseSameDefaultArguments.ql @@ -18,9 +18,9 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.overridingshallspecifydifferentdefaultarguments.OverridingShallSpecifyDifferentDefaultArguments -class VirtualFunctionParametersUseSameDefaultArgumentsQuery extends OverridingShallSpecifyDifferentDefaultArgumentsSharedQuery +class VirtualFunctionParametersUseTheSameDefaultArgumentsQuery extends OverridingShallSpecifyDifferentDefaultArgumentsSharedQuery { - VirtualFunctionParametersUseSameDefaultArgumentsQuery() { - this = VirtualFunctionsPackage::virtualFunctionParametersUseSameDefaultArgumentsQuery() + VirtualFunctionParametersUseTheSameDefaultArgumentsQuery() { + this = VirtualFunctionsPackage::virtualFunctionParametersUseTheSameDefaultArgumentsQuery() } } diff --git a/cpp/autosar/src/rules/M8-3-1/VirtualFunctionParametersUseTheSameDefaultArguments.ql b/cpp/autosar/src/rules/M8-3-1/VirtualFunctionParametersUseTheSameDefaultArguments.ql new file mode 100644 index 0000000000..6eac6dc430 --- /dev/null +++ b/cpp/autosar/src/rules/M8-3-1/VirtualFunctionParametersUseTheSameDefaultArguments.ql @@ -0,0 +1,25 @@ +/** + * @id cpp/autosar/virtual-function-parameters-use-the-same-default-arguments + * @name M8-3-1: Parameters in an overriding virtual function shall have the same default arguments or no default arguments + * @description Parameters in an overriding virtual function shall either use the same default + * arguments as the function they override, or else shall not specify any default + * arguments. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/autosar/id/m8-3-1 + * correctness + * external/autosar/allocated-target/implementation + * external/autosar/enforcement/automated + * external/autosar/obligation/required + */ + +import cpp +import codingstandards.cpp.autosar +import codingstandards.cpp.rules.overridingshallspecifydifferentdefaultarguments.OverridingShallSpecifyDifferentDefaultArguments + +class VirtualFunctionParametersUseTheSameDefaultArgumentsQuery extends OverridingShallSpecifyDifferentDefaultArgumentsSharedQuery { + VirtualFunctionParametersUseTheSameDefaultArgumentsQuery() { + this = VirtualFunctionsPackage::virtualFunctionParametersUseTheSameDefaultArgumentsQuery() + } +} diff --git a/cpp/autosar/test/rules/M5-2-12/IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointer.testref b/cpp/autosar/test/rules/M5-2-12/IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointer.testref new file mode 100644 index 0000000000..06f2ec8fbb --- /dev/null +++ b/cpp/autosar/test/rules/M5-2-12/IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointer.testref @@ -0,0 +1 @@ +cpp/common/test/rules/arraypassedasfunctionargumentdecaytoapointer/ArrayPassedAsFunctionArgumentDecayToAPointer.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M5-3-2/UnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsigned.testref b/cpp/autosar/test/rules/M5-3-2/UnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsigned.testref new file mode 100644 index 0000000000..bd12c39fbd --- /dev/null +++ b/cpp/autosar/test/rules/M5-3-2/UnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsigned.testref @@ -0,0 +1 @@ +cpp/common/test/rules/builtinunaryoperatorappliedtounsignedexpression/BuiltInUnaryOperatorAppliedToUnsignedExpression.ql \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Inheritance.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Inheritance.qll index 9cb8aa8e03..a3775b87d6 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Inheritance.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Inheritance.qll @@ -10,7 +10,7 @@ newtype InheritanceQuery = THierarchiesShouldBeBasedOnInterfaceClassesQuery() or TClassesShouldNotBeDerivedFromVirtualBasesQuery() or TBaseClassCanBeVirtualOnlyInDiamondHierarchyQuery() or - TAccessibleBaseClassBothVirtualAndNonVirtualQuery() or + TAccessibleBaseClassBothVirtualAndNonVirtualInHierarchyQuery() or TUniqueAccessibleEntityNamesInMultipleInheritanceQuery() or TDynamicTypeOfThisUsedFromConstructorOrDestructorQuery() or TDowncastingShouldNotBePerformedOnPolymorphicTypesQuery() or @@ -74,11 +74,11 @@ predicate isInheritanceQueryMetadata(Query query, string queryId, string ruleId, category = "required" or query = - // `Query` instance for the `accessibleBaseClassBothVirtualAndNonVirtual` query - InheritancePackage::accessibleBaseClassBothVirtualAndNonVirtualQuery() and + // `Query` instance for the `accessibleBaseClassBothVirtualAndNonVirtualInHierarchy` query + InheritancePackage::accessibleBaseClassBothVirtualAndNonVirtualInHierarchyQuery() and queryId = - // `@id` for the `accessibleBaseClassBothVirtualAndNonVirtual` query - "cpp/autosar/accessible-base-class-both-virtual-and-non-virtual" and + // `@id` for the `accessibleBaseClassBothVirtualAndNonVirtualInHierarchy` query + "cpp/autosar/accessible-base-class-both-virtual-and-non-virtual-in-hierarchy" and ruleId = "M10-1-3" and category = "required" or @@ -180,11 +180,11 @@ module InheritancePackage { TQueryCPP(TInheritancePackageQuery(TBaseClassCanBeVirtualOnlyInDiamondHierarchyQuery())) } - Query accessibleBaseClassBothVirtualAndNonVirtualQuery() { + Query accessibleBaseClassBothVirtualAndNonVirtualInHierarchyQuery() { //autogenerate `Query` type result = - // `Query` type for `accessibleBaseClassBothVirtualAndNonVirtual` query - TQueryCPP(TInheritancePackageQuery(TAccessibleBaseClassBothVirtualAndNonVirtualQuery())) + // `Query` type for `accessibleBaseClassBothVirtualAndNonVirtualInHierarchy` query + TQueryCPP(TInheritancePackageQuery(TAccessibleBaseClassBothVirtualAndNonVirtualInHierarchyQuery())) } Query uniqueAccessibleEntityNamesInMultipleInheritanceQuery() { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Naming.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Naming.qll index ddb58d7deb..18f03e9c66 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Naming.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Naming.qll @@ -20,7 +20,7 @@ newtype NamingQuery = TNameOfStandardLibraryMacroOrObjectReusedQuery() or TNameOfStandardLibraryFunctionIsOverriddenQuery() or TDifferentIdentifiersNotTypographicallyUnambiguousQuery() or - TIdentifierMainUsedForAFunctionOtherThanGlobalMainQuery() or + TIdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMainQuery() or TUnnamedNamespacesInHeaderFileQuery() or TNonIdenticalIdentifierUsedForTheParameterInReDeclarationOfAFunctionQuery() or TRedefiningOfStandardLibraryNameQuery() or @@ -178,11 +178,11 @@ predicate isNamingQueryMetadata(Query query, string queryId, string ruleId, stri category = "required" or query = - // `Query` instance for the `identifierMainUsedForAFunctionOtherThanGlobalMain` query - NamingPackage::identifierMainUsedForAFunctionOtherThanGlobalMainQuery() and + // `Query` instance for the `identifierMainUsedForAFunctionOtherThanTheGlobalFunctionMain` query + NamingPackage::identifierMainUsedForAFunctionOtherThanTheGlobalFunctionMainQuery() and queryId = - // `@id` for the `identifierMainUsedForAFunctionOtherThanGlobalMain` query - "cpp/autosar/identifier-main-used-for-a-function-other-than-global-main" and + // `@id` for the `identifierMainUsedForAFunctionOtherThanTheGlobalFunctionMain` query + "cpp/autosar/identifier-main-used-for-a-function-other-than-the-global-function-main" and ruleId = "M7-3-2" and category = "required" or @@ -390,11 +390,11 @@ module NamingPackage { TQueryCPP(TNamingPackageQuery(TDifferentIdentifiersNotTypographicallyUnambiguousQuery())) } - Query identifierMainUsedForAFunctionOtherThanGlobalMainQuery() { + Query identifierMainUsedForAFunctionOtherThanTheGlobalFunctionMainQuery() { //autogenerate `Query` type result = - // `Query` type for `identifierMainUsedForAFunctionOtherThanGlobalMain` query - TQueryCPP(TNamingPackageQuery(TIdentifierMainUsedForAFunctionOtherThanGlobalMainQuery())) + // `Query` type for `identifierMainUsedForAFunctionOtherThanTheGlobalFunctionMain` query + TQueryCPP(TNamingPackageQuery(TIdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMainQuery())) } Query unnamedNamespacesInHeaderFileQuery() { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Operators.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Operators.qll index 29febc4430..fe71289dbc 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Operators.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Operators.qll @@ -17,7 +17,7 @@ newtype OperatorsQuery = TUnsignedBitwiseOperatorWithoutCastQuery() or TCommaOperatorAndOperatorAndTheOperatorOverloadedQuery() or TEachOperandOfTheOperatorTheLogicalAndOrTheLogicalOperatorsShallHaveTypeBoolQuery() or - TUnaryMinusOperatorAppliedToAnUnsignedExpressionQuery() or + TUnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsignedQuery() or TUnaryOperatorOverloadedQuery() predicate isOperatorsQueryMetadata(Query query, string queryId, string ruleId, string category) { @@ -139,11 +139,11 @@ predicate isOperatorsQueryMetadata(Query query, string queryId, string ruleId, s category = "required" or query = - // `Query` instance for the `unaryMinusOperatorAppliedToAnUnsignedExpression` query - OperatorsPackage::unaryMinusOperatorAppliedToAnUnsignedExpressionQuery() and + // `Query` instance for the `unaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsigned` query + OperatorsPackage::unaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsignedQuery() and queryId = - // `@id` for the `unaryMinusOperatorAppliedToAnUnsignedExpression` query - "cpp/autosar/unary-minus-operator-applied-to-an-unsigned-expression" and + // `@id` for the `unaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsigned` query + "cpp/autosar/unary-minus-operator-applied-to-an-expression-whose-underlying-type-is-unsigned" and ruleId = "M5-3-2" and category = "required" or @@ -249,11 +249,11 @@ module OperatorsPackage { TQueryCPP(TOperatorsPackageQuery(TEachOperandOfTheOperatorTheLogicalAndOrTheLogicalOperatorsShallHaveTypeBoolQuery())) } - Query unaryMinusOperatorAppliedToAnUnsignedExpressionQuery() { + Query unaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsignedQuery() { //autogenerate `Query` type result = - // `Query` type for `unaryMinusOperatorAppliedToAnUnsignedExpression` query - TQueryCPP(TOperatorsPackageQuery(TUnaryMinusOperatorAppliedToAnUnsignedExpressionQuery())) + // `Query` type for `unaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsigned` query + TQueryCPP(TOperatorsPackageQuery(TUnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsignedQuery())) } Query unaryOperatorOverloadedQuery() { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Pointers.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Pointers.qll index fda7ecb0ed..1dd5bef4c8 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Pointers.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Pointers.qll @@ -7,7 +7,7 @@ newtype PointersQuery = TPointerToAnElementOfAnArrayPassedToASmartPointerQuery() or TDeclarationContainLessThanTwoLevelsOfIndirectionQuery() or TPointerArithmeticUsedWithPointersToNonFinalClassesQuery() or - TVirtualPointerOnlyComparesToNullptrConstantQuery() or + TPointerToMemberVirtualFunctionWithNullPointerConstantQuery() or TDeletingPointerToIncompleteTypeQuery() or TPointerToMemberAccessNonExistentClassMembersQuery() or TNullPointerToMemberAccessNonExistentClassMembersQuery() or @@ -16,7 +16,7 @@ newtype PointersQuery = TPointerAndDerivedPointerAccessDifferentArrayQuery() or TPointerSubtractionOnDifferentArraysQuery() or TAppliedToObjectsOfPointerTypeQuery() or - TIdentifierPassedAsFunctionArgumentDecayToAPointerQuery() or + TIdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointerQuery() or TPointerToAVirtualBaseClassCastToAPointerQuery() or TCastNotConvertPointerToFunctionQuery() or TIntegerOrPointerToVoidConvertedToPointerTypeQuery() or @@ -57,11 +57,11 @@ predicate isPointersQueryMetadata(Query query, string queryId, string ruleId, st category = "required" or query = - // `Query` instance for the `virtualPointerOnlyComparesToNullptrConstant` query - PointersPackage::virtualPointerOnlyComparesToNullptrConstantQuery() and + // `Query` instance for the `pointerToMemberVirtualFunctionWithNullPointerConstant` query + PointersPackage::pointerToMemberVirtualFunctionWithNullPointerConstantQuery() and queryId = - // `@id` for the `virtualPointerOnlyComparesToNullptrConstant` query - "cpp/autosar/virtual-pointer-only-compares-to-nullptr-constant" and + // `@id` for the `pointerToMemberVirtualFunctionWithNullPointerConstant` query + "cpp/autosar/pointer-to-member-virtual-function-with-null-pointer-constant" and ruleId = "A5-10-1" and category = "required" or @@ -138,11 +138,11 @@ predicate isPointersQueryMetadata(Query query, string queryId, string ruleId, st category = "required" or query = - // `Query` instance for the `identifierPassedAsFunctionArgumentDecayToAPointer` query - PointersPackage::identifierPassedAsFunctionArgumentDecayToAPointerQuery() and + // `Query` instance for the `identifierWithArrayTypePassedAsFunctionArgumentDecayToAPointer` query + PointersPackage::identifierWithArrayTypePassedAsFunctionArgumentDecayToAPointerQuery() and queryId = - // `@id` for the `identifierPassedAsFunctionArgumentDecayToAPointer` query - "cpp/autosar/identifier-passed-as-function-argument-decay-to-a-pointer" and + // `@id` for the `identifierWithArrayTypePassedAsFunctionArgumentDecayToAPointer` query + "cpp/autosar/identifier-with-array-type-passed-as-function-argument-decay-to-a-pointer" and ruleId = "M5-2-12" and category = "required" or @@ -259,11 +259,11 @@ module PointersPackage { TQueryCPP(TPointersPackageQuery(TPointerArithmeticUsedWithPointersToNonFinalClassesQuery())) } - Query virtualPointerOnlyComparesToNullptrConstantQuery() { + Query pointerToMemberVirtualFunctionWithNullPointerConstantQuery() { //autogenerate `Query` type result = - // `Query` type for `virtualPointerOnlyComparesToNullptrConstant` query - TQueryCPP(TPointersPackageQuery(TVirtualPointerOnlyComparesToNullptrConstantQuery())) + // `Query` type for `pointerToMemberVirtualFunctionWithNullPointerConstant` query + TQueryCPP(TPointersPackageQuery(TPointerToMemberVirtualFunctionWithNullPointerConstantQuery())) } Query deletingPointerToIncompleteTypeQuery() { @@ -322,11 +322,11 @@ module PointersPackage { TQueryCPP(TPointersPackageQuery(TAppliedToObjectsOfPointerTypeQuery())) } - Query identifierPassedAsFunctionArgumentDecayToAPointerQuery() { + Query identifierWithArrayTypePassedAsFunctionArgumentDecayToAPointerQuery() { //autogenerate `Query` type result = - // `Query` type for `identifierPassedAsFunctionArgumentDecayToAPointer` query - TQueryCPP(TPointersPackageQuery(TIdentifierPassedAsFunctionArgumentDecayToAPointerQuery())) + // `Query` type for `identifierWithArrayTypePassedAsFunctionArgumentDecayToAPointer` query + TQueryCPP(TPointersPackageQuery(TIdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointerQuery())) } Query pointerToAVirtualBaseClassCastToAPointerQuery() { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/VirtualFunctions.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/VirtualFunctions.qll index e11ce49f1f..e2c73fc33d 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/VirtualFunctions.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/VirtualFunctions.qll @@ -11,7 +11,7 @@ newtype VirtualFunctionsQuery = TDestructorOfABaseClassNotPublicVirtualQuery() or TNonVirtualPublicDestructorInNonFinalClassQuery() or TVirtualFunctionOverriddenByAPureVirtualFunctionQuery() or - TVirtualFunctionParametersUseSameDefaultArgumentsQuery() + TVirtualFunctionParametersUseTheSameDefaultArgumentsQuery() predicate isVirtualFunctionsQueryMetadata( Query query, string queryId, string ruleId, string category @@ -80,11 +80,11 @@ predicate isVirtualFunctionsQueryMetadata( category = "required" or query = - // `Query` instance for the `virtualFunctionParametersUseSameDefaultArguments` query - VirtualFunctionsPackage::virtualFunctionParametersUseSameDefaultArgumentsQuery() and + // `Query` instance for the `virtualFunctionParametersUseTheSameDefaultArguments` query + VirtualFunctionsPackage::virtualFunctionParametersUseTheSameDefaultArgumentsQuery() and queryId = - // `@id` for the `virtualFunctionParametersUseSameDefaultArguments` query - "cpp/autosar/virtual-function-parameters-use-same-default-arguments" and + // `@id` for the `virtualFunctionParametersUseTheSameDefaultArguments` query + "cpp/autosar/virtual-function-parameters-use-the-same-default-arguments" and ruleId = "M8-3-1" and category = "required" } @@ -139,10 +139,10 @@ module VirtualFunctionsPackage { TQueryCPP(TVirtualFunctionsPackageQuery(TVirtualFunctionOverriddenByAPureVirtualFunctionQuery())) } - Query virtualFunctionParametersUseSameDefaultArgumentsQuery() { + Query virtualFunctionParametersUseTheSameDefaultArgumentsQuery() { //autogenerate `Query` type result = - // `Query` type for `virtualFunctionParametersUseSameDefaultArguments` query - TQueryCPP(TVirtualFunctionsPackageQuery(TVirtualFunctionParametersUseSameDefaultArgumentsQuery())) + // `Query` type for `virtualFunctionParametersUseTheSameDefaultArguments` query + TQueryCPP(TVirtualFunctionsPackageQuery(TVirtualFunctionParametersUseTheSameDefaultArgumentsQuery())) } } diff --git a/cpp/common/test/includes/standard-library/assert.h b/cpp/common/test/includes/standard-library/assert.h index ee60d0748f..e8ba88d635 100644 --- a/cpp/common/test/includes/standard-library/assert.h +++ b/cpp/common/test/includes/standard-library/assert.h @@ -1 +1,6 @@ -#define assert(x) (void)0 +#ifndef _GHLIBCPP_ASSERT +#define _GHLIBCPP_ASSERT + +#define assert(x) (void)0 + +#endif // _GHLIBCPP_ASSERT \ No newline at end of file diff --git a/cpp/common/test/includes/standard-library/cassert b/cpp/common/test/includes/standard-library/cassert index e69de29bb2..0477057664 100644 --- a/cpp/common/test/includes/standard-library/cassert +++ b/cpp/common/test/includes/standard-library/cassert @@ -0,0 +1 @@ +#include "assert.h" \ No newline at end of file diff --git a/rule_packages/c/Statements3.json b/rule_packages/c/Statements3.json index 532a711eb0..5471749a49 100644 --- a/rule_packages/c/Statements3.json +++ b/rule_packages/c/Statements3.json @@ -20,7 +20,7 @@ { "description": "if the body of a loop is not enclosed in braces, then this can lead to incorrect execution, and is hard for developers to maintain.", "kind": "problem", - "name": "the statement forming the body of a loop shall be a compound statement", + "name": "The statement forming the body of a loop shall be a compound statement", "precision": "very-high", "severity": "recommendation", "short_name": "LoopCompoundCondition", diff --git a/rule_packages/cpp/Inheritance.json b/rule_packages/cpp/Inheritance.json index dd0daec513..efc241a8e6 100644 --- a/rule_packages/cpp/Inheritance.json +++ b/rule_packages/cpp/Inheritance.json @@ -144,7 +144,7 @@ "name": "An accessible base class shall not be both virtual and non-virtual in the same hierarchy", "precision": "very-high", "severity": "warning", - "short_name": "AccessibleBaseClassBothVirtualAndNonVirtual", + "short_name": "AccessibleBaseClassBothVirtualAndNonVirtualInHierarchy", "shared_implementation_short_name": "VirtualAndNonVirtualClassInTheHierarchy", "tags": [] } diff --git a/rule_packages/cpp/Naming.json b/rule_packages/cpp/Naming.json index 9e8ff9628a..441979c3c9 100644 --- a/rule_packages/cpp/Naming.json +++ b/rule_packages/cpp/Naming.json @@ -313,7 +313,7 @@ "name": "The identifier main shall not be used for a function other than the global function main", "precision": "very-high", "severity": "warning", - "short_name": "IdentifierMainUsedForAFunctionOtherThanGlobalMain", + "short_name": "IdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMain", "shared_implementation_short_name": "NonGlobalFunctionMain", "tags": [ "maintainability", diff --git a/rule_packages/cpp/Operators.json b/rule_packages/cpp/Operators.json index e4600769c5..76be8a732a 100644 --- a/rule_packages/cpp/Operators.json +++ b/rule_packages/cpp/Operators.json @@ -296,7 +296,7 @@ "name": "The unary minus operator shall not be applied to an expression whose underlying type is unsigned", "precision": "very-high", "severity": "error", - "short_name": "UnaryMinusOperatorAppliedToAnUnsignedExpression", + "short_name": "UnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsigned", "shared_implementation_short_name": "BuiltInUnaryOperatorAppliedToUnsignedExpression", "tags": [] } diff --git a/rule_packages/cpp/Pointers.json b/rule_packages/cpp/Pointers.json index 83b77877d9..b6a0aaef09 100644 --- a/rule_packages/cpp/Pointers.json +++ b/rule_packages/cpp/Pointers.json @@ -86,7 +86,7 @@ "name": "A pointer to member virtual function shall only be tested for equality with null-pointer-constant", "precision": "very-high", "severity": "error", - "short_name": "VirtualPointerOnlyComparesToNullptrConstant", + "short_name": "PointerToMemberVirtualFunctionWithNullPointerConstant", "shared_implementation_short_name": "PotentiallyVirtualPointerOnlyComparesToNullptr", "tags": [ "correctness" @@ -279,7 +279,7 @@ "name": "An identifier with array type passed as a function argument shall not decay to a pointer", "precision": "very-high", "severity": "warning", - "short_name": "IdentifierPassedAsFunctionArgumentDecayToAPointer", + "short_name": "IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointer", "shared_implementation_short_name": "ArrayPassedAsFunctionArgumentDecayToAPointer", "tags": [ "correctness" diff --git a/rule_packages/cpp/VirtualFunctions.json b/rule_packages/cpp/VirtualFunctions.json index 692705e8d4..eff4e15beb 100644 --- a/rule_packages/cpp/VirtualFunctions.json +++ b/rule_packages/cpp/VirtualFunctions.json @@ -176,7 +176,7 @@ "name": "Parameters in an overriding virtual function shall have the same default arguments or no default arguments", "precision": "very-high", "severity": "warning", - "short_name": "VirtualFunctionParametersUseSameDefaultArguments", + "short_name": "VirtualFunctionParametersUseTheSameDefaultArguments", "shared_implementation_short_name": "OverridingShallSpecifyDifferentDefaultArguments", "tags": [ "correctness" diff --git a/scripts/generate_rules/templates/shared_library.ql.template b/scripts/generate_rules/templates/shared_library.ql.template index 8c6540beee..93dc503510 100644 --- a/scripts/generate_rules/templates/shared_library.ql.template +++ b/scripts/generate_rules/templates/shared_library.ql.template @@ -1,3 +1,7 @@ +{# + The autogenerated description of the shared query is copied from + the first matching query in `rule_packages`. +#} /** * Provides a library with a `problems` predicate for the following issue: * {{ description|join('\n * ') }} From 5423ee84f09d4c976428209c3042b2bb89513c37 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 25 Jul 2024 19:33:17 +0200 Subject: [PATCH 1899/2573] Remove renamed queries --- ...rVirtualFunctionWithNullPointerConstant.ql | 2 +- ...ualPointerOnlyComparesToNullptrConstant.ql | 26 ------------------- ...ssibleBaseClassBothVirtualAndNonVirtual.ql | 24 ----------------- ...PassedAsFunctionArgumentDecayToAPointer.ql | 25 ------------------ ...PassedAsFunctionArgumentDecayToAPointer.ql | 2 +- ...usOperatorAppliedToAnUnsignedExpression.ql | 24 ----------------- ...MainUsedForAFunctionOtherThanGlobalMain.ql | 25 ------------------ ...nctionParametersUseSameDefaultArguments.ql | 26 ------------------- ...interOnlyComparesToNullptrConstant.testref | 1 - ...eBaseClassBothVirtualAndNonVirtual.testref | 1 - ...dAsFunctionArgumentDecayToAPointer.testref | 1 - ...ratorAppliedToAnUnsignedExpression.testref | 1 - ...sedForAFunctionOtherThanGlobalMain.testref | 1 - ...nParametersUseSameDefaultArguments.testref | 1 - 14 files changed, 2 insertions(+), 158 deletions(-) delete mode 100644 cpp/autosar/src/rules/A5-10-1/VirtualPointerOnlyComparesToNullptrConstant.ql delete mode 100644 cpp/autosar/src/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtual.ql delete mode 100644 cpp/autosar/src/rules/M5-2-12/IdentifierPassedAsFunctionArgumentDecayToAPointer.ql delete mode 100644 cpp/autosar/src/rules/M5-3-2/UnaryMinusOperatorAppliedToAnUnsignedExpression.ql delete mode 100644 cpp/autosar/src/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanGlobalMain.ql delete mode 100644 cpp/autosar/src/rules/M8-3-1/VirtualFunctionParametersUseSameDefaultArguments.ql delete mode 100644 cpp/autosar/test/rules/A5-10-1/VirtualPointerOnlyComparesToNullptrConstant.testref delete mode 100644 cpp/autosar/test/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtual.testref delete mode 100644 cpp/autosar/test/rules/M5-2-12/IdentifierPassedAsFunctionArgumentDecayToAPointer.testref delete mode 100644 cpp/autosar/test/rules/M5-3-2/UnaryMinusOperatorAppliedToAnUnsignedExpression.testref delete mode 100644 cpp/autosar/test/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanGlobalMain.testref delete mode 100644 cpp/autosar/test/rules/M8-3-1/VirtualFunctionParametersUseSameDefaultArguments.testref diff --git a/cpp/autosar/src/rules/A5-10-1/PointerToMemberVirtualFunctionWithNullPointerConstant.ql b/cpp/autosar/src/rules/A5-10-1/PointerToMemberVirtualFunctionWithNullPointerConstant.ql index 88594062ca..de5ab0f10d 100644 --- a/cpp/autosar/src/rules/A5-10-1/PointerToMemberVirtualFunctionWithNullPointerConstant.ql +++ b/cpp/autosar/src/rules/A5-10-1/PointerToMemberVirtualFunctionWithNullPointerConstant.ql @@ -20,6 +20,6 @@ import codingstandards.cpp.rules.potentiallyvirtualpointeronlycomparestonullptr. class PointerToMemberVirtualFunctionWithNullPointerConstantQuery extends PotentiallyVirtualPointerOnlyComparesToNullptrSharedQuery { PointerToMemberVirtualFunctionWithNullPointerConstantQuery() { - this = pointersPackage::pointerToMemberVirtualFunctionWithNullPointerConstantQuery() + this = PointersPackage::pointerToMemberVirtualFunctionWithNullPointerConstantQuery() } } diff --git a/cpp/autosar/src/rules/A5-10-1/VirtualPointerOnlyComparesToNullptrConstant.ql b/cpp/autosar/src/rules/A5-10-1/VirtualPointerOnlyComparesToNullptrConstant.ql deleted file mode 100644 index 28e17ead1a..0000000000 --- a/cpp/autosar/src/rules/A5-10-1/VirtualPointerOnlyComparesToNullptrConstant.ql +++ /dev/null @@ -1,26 +0,0 @@ -/** - * @id cpp/autosar/virtual-pointer-only-compares-to-nullptr-constant - * @name A5-10-1: A pointer to member virtual function shall only be tested for equality with null-pointer-constant - * @description A pointer to member virtual function shall only be tested for equality with - * null-pointer-constant, because an equality comparison with anything other than a - * null-pointer-constant is unspecified. - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/autosar/id/a5-10-1 - * correctness - * external/autosar/allocated-target/implementation - * external/autosar/enforcement/automated - * external/autosar/obligation/required - */ - -import cpp -import codingstandards.cpp.autosar -import codingstandards.cpp.rules.potentiallyvirtualpointeronlycomparestonullptr.PotentiallyVirtualPointerOnlyComparesToNullptr - -class PointerToMemberVirtualFunctionWithNullPointerConstantQuery extends PotentiallyVirtualPointerOnlyComparesToNullptrSharedQuery -{ - PointerToMemberVirtualFunctionWithNullPointerConstantQuery() { - this = PointersPackage::pointerToMemberVirtualFunctionWithNullPointerConstantQuery() - } -} diff --git a/cpp/autosar/src/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtual.ql b/cpp/autosar/src/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtual.ql deleted file mode 100644 index 5b7086cb54..0000000000 --- a/cpp/autosar/src/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtual.ql +++ /dev/null @@ -1,24 +0,0 @@ -/** - * @id cpp/autosar/accessible-base-class-both-virtual-and-non-virtual - * @name M10-1-3: An accessible base class shall not be both virtual and non-virtual in the same hierarchy - * @description A base class must not be virtual and non-virtual in the same hierarchy to avoid - * copies of the object and confusing behavior. - * @kind problem - * @precision very-high - * @problem.severity warning - * @tags external/autosar/id/m10-1-3 - * external/autosar/allocated-target/implementation - * external/autosar/enforcement/automated - * external/autosar/obligation/required - */ - -import cpp -import codingstandards.cpp.autosar -import codingstandards.cpp.rules.virtualandnonvirtualclassinthehierarchy.VirtualAndNonVirtualClassInTheHierarchy - -class AccessibleBaseClassBothVirtualAndNonVirtualInHierarchyQuery extends VirtualAndNonVirtualClassInTheHierarchySharedQuery -{ - AccessibleBaseClassBothVirtualAndNonVirtualInHierarchyQuery() { - this = InheritancePackage::accessibleBaseClassBothVirtualAndNonVirtualInHierarchyQuery() - } -} diff --git a/cpp/autosar/src/rules/M5-2-12/IdentifierPassedAsFunctionArgumentDecayToAPointer.ql b/cpp/autosar/src/rules/M5-2-12/IdentifierPassedAsFunctionArgumentDecayToAPointer.ql deleted file mode 100644 index f1e7bb4a39..0000000000 --- a/cpp/autosar/src/rules/M5-2-12/IdentifierPassedAsFunctionArgumentDecayToAPointer.ql +++ /dev/null @@ -1,25 +0,0 @@ -/** - * @id cpp/autosar/identifier-passed-as-function-argument-decay-to-a-pointer - * @name M5-2-12: An identifier with array type passed as a function argument shall not decay to a pointer - * @description An identifier with array type passed as a function argument shall not decay to a - * pointer to prevent loss of its bounds. - * @kind problem - * @precision very-high - * @problem.severity warning - * @tags external/autosar/id/m5-2-12 - * correctness - * external/autosar/allocated-target/implementation - * external/autosar/enforcement/automated - * external/autosar/obligation/required - */ - -import cpp -import codingstandards.cpp.autosar -import codingstandards.cpp.rules.arraypassedasfunctionargumentdecaytoapointer.ArrayPassedAsFunctionArgumentDecayToAPointer - -class IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointerQuery extends ArrayPassedAsFunctionArgumentDecayToAPointerSharedQuery -{ - IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointerQuery() { - this = PointersPackage::identifierWithArrayTypePassedAsFunctionArgumentDecayToAPointerQuery() - } -} diff --git a/cpp/autosar/src/rules/M5-2-12/IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointer.ql b/cpp/autosar/src/rules/M5-2-12/IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointer.ql index 852080c571..ceb7ca9ecb 100644 --- a/cpp/autosar/src/rules/M5-2-12/IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointer.ql +++ b/cpp/autosar/src/rules/M5-2-12/IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointer.ql @@ -19,6 +19,6 @@ import codingstandards.cpp.rules.arraypassedasfunctionargumentdecaytoapointer.Ar class IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointerQuery extends ArrayPassedAsFunctionArgumentDecayToAPointerSharedQuery { IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointerQuery() { - this = pointersPackage::identifierWithArrayTypePassedAsFunctionArgumentDecayToAPointerQuery() + this = PointersPackage::identifierWithArrayTypePassedAsFunctionArgumentDecayToAPointerQuery() } } diff --git a/cpp/autosar/src/rules/M5-3-2/UnaryMinusOperatorAppliedToAnUnsignedExpression.ql b/cpp/autosar/src/rules/M5-3-2/UnaryMinusOperatorAppliedToAnUnsignedExpression.ql deleted file mode 100644 index d9406b2553..0000000000 --- a/cpp/autosar/src/rules/M5-3-2/UnaryMinusOperatorAppliedToAnUnsignedExpression.ql +++ /dev/null @@ -1,24 +0,0 @@ -/** - * @id cpp/autosar/unary-minus-operator-applied-to-an-unsigned-expression - * @name M5-3-2: The unary minus operator shall not be applied to an expression whose underlying type is unsigned - * @description The unary minus operator shall not be applied to an expression whose underlying type - * is unsigned. - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/autosar/id/m5-3-2 - * external/autosar/allocated-target/implementation - * external/autosar/enforcement/automated - * external/autosar/obligation/required - */ - -import cpp -import codingstandards.cpp.autosar -import codingstandards.cpp.rules.builtinunaryoperatorappliedtounsignedexpression.BuiltInUnaryOperatorAppliedToUnsignedExpression - -class UnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsignedQuery extends BuiltInUnaryOperatorAppliedToUnsignedExpressionSharedQuery -{ - UnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsignedQuery() { - this = OperatorsPackage::unaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsignedQuery() - } -} diff --git a/cpp/autosar/src/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanGlobalMain.ql b/cpp/autosar/src/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanGlobalMain.ql deleted file mode 100644 index 8b3da17ab1..0000000000 --- a/cpp/autosar/src/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanGlobalMain.ql +++ /dev/null @@ -1,25 +0,0 @@ -/** - * @id cpp/autosar/identifier-main-used-for-a-function-other-than-global-main - * @name M7-3-2: The identifier main shall not be used for a function other than the global function main - * @description Reusing the name main in non-main contexts can lead to developer confusion. - * @kind problem - * @precision very-high - * @problem.severity warning - * @tags external/autosar/id/m7-3-2 - * maintainability - * readability - * external/autosar/allocated-target/implementation - * external/autosar/enforcement/automated - * external/autosar/obligation/required - */ - -import cpp -import codingstandards.cpp.autosar -import codingstandards.cpp.rules.nonglobalfunctionmain.NonGlobalFunctionMain - -class IdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMainQuery extends NonGlobalFunctionMainSharedQuery -{ - IdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMainQuery() { - this = NamingPackage::identifierMainUsedForAFunctionOtherThanTheGlobalFunctionMainQuery() - } -} diff --git a/cpp/autosar/src/rules/M8-3-1/VirtualFunctionParametersUseSameDefaultArguments.ql b/cpp/autosar/src/rules/M8-3-1/VirtualFunctionParametersUseSameDefaultArguments.ql deleted file mode 100644 index 02e880a909..0000000000 --- a/cpp/autosar/src/rules/M8-3-1/VirtualFunctionParametersUseSameDefaultArguments.ql +++ /dev/null @@ -1,26 +0,0 @@ -/** - * @id cpp/autosar/virtual-function-parameters-use-same-default-arguments - * @name M8-3-1: Parameters in an overriding virtual function shall have the same default arguments or no default arguments - * @description Parameters in an overriding virtual function shall either use the same default - * arguments as the function they override, or else shall not specify any default - * arguments. - * @kind problem - * @precision very-high - * @problem.severity warning - * @tags external/autosar/id/m8-3-1 - * correctness - * external/autosar/allocated-target/implementation - * external/autosar/enforcement/automated - * external/autosar/obligation/required - */ - -import cpp -import codingstandards.cpp.autosar -import codingstandards.cpp.rules.overridingshallspecifydifferentdefaultarguments.OverridingShallSpecifyDifferentDefaultArguments - -class VirtualFunctionParametersUseTheSameDefaultArgumentsQuery extends OverridingShallSpecifyDifferentDefaultArgumentsSharedQuery -{ - VirtualFunctionParametersUseTheSameDefaultArgumentsQuery() { - this = VirtualFunctionsPackage::virtualFunctionParametersUseTheSameDefaultArgumentsQuery() - } -} diff --git a/cpp/autosar/test/rules/A5-10-1/VirtualPointerOnlyComparesToNullptrConstant.testref b/cpp/autosar/test/rules/A5-10-1/VirtualPointerOnlyComparesToNullptrConstant.testref deleted file mode 100644 index ca8eab9681..0000000000 --- a/cpp/autosar/test/rules/A5-10-1/VirtualPointerOnlyComparesToNullptrConstant.testref +++ /dev/null @@ -1 +0,0 @@ -cpp/common/test/rules/potentiallyvirtualpointeronlycomparestonullptr/PotentiallyVirtualPointerOnlyComparesToNullptr.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtual.testref b/cpp/autosar/test/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtual.testref deleted file mode 100644 index fe57c50fe3..0000000000 --- a/cpp/autosar/test/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtual.testref +++ /dev/null @@ -1 +0,0 @@ -cpp/common/test/rules/virtualandnonvirtualclassinthehierarchy/VirtualAndNonVirtualClassInTheHierarchy.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M5-2-12/IdentifierPassedAsFunctionArgumentDecayToAPointer.testref b/cpp/autosar/test/rules/M5-2-12/IdentifierPassedAsFunctionArgumentDecayToAPointer.testref deleted file mode 100644 index 06f2ec8fbb..0000000000 --- a/cpp/autosar/test/rules/M5-2-12/IdentifierPassedAsFunctionArgumentDecayToAPointer.testref +++ /dev/null @@ -1 +0,0 @@ -cpp/common/test/rules/arraypassedasfunctionargumentdecaytoapointer/ArrayPassedAsFunctionArgumentDecayToAPointer.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M5-3-2/UnaryMinusOperatorAppliedToAnUnsignedExpression.testref b/cpp/autosar/test/rules/M5-3-2/UnaryMinusOperatorAppliedToAnUnsignedExpression.testref deleted file mode 100644 index bd12c39fbd..0000000000 --- a/cpp/autosar/test/rules/M5-3-2/UnaryMinusOperatorAppliedToAnUnsignedExpression.testref +++ /dev/null @@ -1 +0,0 @@ -cpp/common/test/rules/builtinunaryoperatorappliedtounsignedexpression/BuiltInUnaryOperatorAppliedToUnsignedExpression.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanGlobalMain.testref b/cpp/autosar/test/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanGlobalMain.testref deleted file mode 100644 index e149f3a33b..0000000000 --- a/cpp/autosar/test/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanGlobalMain.testref +++ /dev/null @@ -1 +0,0 @@ -cpp/common/test/rules/nonglobalfunctionmain/NonGlobalFunctionMain.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M8-3-1/VirtualFunctionParametersUseSameDefaultArguments.testref b/cpp/autosar/test/rules/M8-3-1/VirtualFunctionParametersUseSameDefaultArguments.testref deleted file mode 100644 index 7e06403515..0000000000 --- a/cpp/autosar/test/rules/M8-3-1/VirtualFunctionParametersUseSameDefaultArguments.testref +++ /dev/null @@ -1 +0,0 @@ -cpp/common/test/rules/overridingshallspecifydifferentdefaultarguments/OverridingShallSpecifyDifferentDefaultArguments.ql \ No newline at end of file From 2b4dc1a1b84b0955720767b6d1de760b3b96752b Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 25 Jul 2024 19:40:53 +0200 Subject: [PATCH 1900/2573] Fix formatting --- ...PointerToMemberVirtualFunctionWithNullPointerConstant.ql | 3 ++- ...ccessibleBaseClassBothVirtualAndNonVirtualInHierarchy.ql | 3 ++- ...rWithArrayTypePassedAsFunctionArgumentDecayToAPointer.ql | 3 ++- ...torAppliedToAnExpressionWhoseUnderlyingTypeIsUnsigned.ql | 6 ++++-- ...ierMainUsedForAFunctionOtherThanTheGlobalFunctionMain.ql | 3 ++- .../VirtualFunctionParametersUseTheSameDefaultArguments.ql | 3 ++- 6 files changed, 14 insertions(+), 7 deletions(-) diff --git a/cpp/autosar/src/rules/A5-10-1/PointerToMemberVirtualFunctionWithNullPointerConstant.ql b/cpp/autosar/src/rules/A5-10-1/PointerToMemberVirtualFunctionWithNullPointerConstant.ql index de5ab0f10d..825347754d 100644 --- a/cpp/autosar/src/rules/A5-10-1/PointerToMemberVirtualFunctionWithNullPointerConstant.ql +++ b/cpp/autosar/src/rules/A5-10-1/PointerToMemberVirtualFunctionWithNullPointerConstant.ql @@ -18,7 +18,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.potentiallyvirtualpointeronlycomparestonullptr.PotentiallyVirtualPointerOnlyComparesToNullptr -class PointerToMemberVirtualFunctionWithNullPointerConstantQuery extends PotentiallyVirtualPointerOnlyComparesToNullptrSharedQuery { +class PointerToMemberVirtualFunctionWithNullPointerConstantQuery extends PotentiallyVirtualPointerOnlyComparesToNullptrSharedQuery +{ PointerToMemberVirtualFunctionWithNullPointerConstantQuery() { this = PointersPackage::pointerToMemberVirtualFunctionWithNullPointerConstantQuery() } diff --git a/cpp/autosar/src/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtualInHierarchy.ql b/cpp/autosar/src/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtualInHierarchy.ql index df7840496f..c16e5461f0 100644 --- a/cpp/autosar/src/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtualInHierarchy.ql +++ b/cpp/autosar/src/rules/M10-1-3/AccessibleBaseClassBothVirtualAndNonVirtualInHierarchy.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.virtualandnonvirtualclassinthehierarchy.VirtualAndNonVirtualClassInTheHierarchy -class AccessibleBaseClassBothVirtualAndNonVirtualInHierarchyQuery extends VirtualAndNonVirtualClassInTheHierarchySharedQuery { +class AccessibleBaseClassBothVirtualAndNonVirtualInHierarchyQuery extends VirtualAndNonVirtualClassInTheHierarchySharedQuery +{ AccessibleBaseClassBothVirtualAndNonVirtualInHierarchyQuery() { this = InheritancePackage::accessibleBaseClassBothVirtualAndNonVirtualInHierarchyQuery() } diff --git a/cpp/autosar/src/rules/M5-2-12/IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointer.ql b/cpp/autosar/src/rules/M5-2-12/IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointer.ql index ceb7ca9ecb..943fc026e8 100644 --- a/cpp/autosar/src/rules/M5-2-12/IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointer.ql +++ b/cpp/autosar/src/rules/M5-2-12/IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointer.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.arraypassedasfunctionargumentdecaytoapointer.ArrayPassedAsFunctionArgumentDecayToAPointer -class IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointerQuery extends ArrayPassedAsFunctionArgumentDecayToAPointerSharedQuery { +class IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointerQuery extends ArrayPassedAsFunctionArgumentDecayToAPointerSharedQuery +{ IdentifierWithArrayTypePassedAsFunctionArgumentDecayToAPointerQuery() { this = PointersPackage::identifierWithArrayTypePassedAsFunctionArgumentDecayToAPointerQuery() } diff --git a/cpp/autosar/src/rules/M5-3-2/UnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsigned.ql b/cpp/autosar/src/rules/M5-3-2/UnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsigned.ql index 98deff4f78..7017d5e7de 100644 --- a/cpp/autosar/src/rules/M5-3-2/UnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsigned.ql +++ b/cpp/autosar/src/rules/M5-3-2/UnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsigned.ql @@ -16,8 +16,10 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.builtinunaryoperatorappliedtounsignedexpression.BuiltInUnaryOperatorAppliedToUnsignedExpression -class UnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsignedQuery extends BuiltInUnaryOperatorAppliedToUnsignedExpressionSharedQuery { +class UnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsignedQuery extends BuiltInUnaryOperatorAppliedToUnsignedExpressionSharedQuery +{ UnaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsignedQuery() { - this = OperatorsPackage::unaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsignedQuery() + this = + OperatorsPackage::unaryMinusOperatorAppliedToAnExpressionWhoseUnderlyingTypeIsUnsignedQuery() } } diff --git a/cpp/autosar/src/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMain.ql b/cpp/autosar/src/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMain.ql index a1820f08e3..25a01c66f8 100644 --- a/cpp/autosar/src/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMain.ql +++ b/cpp/autosar/src/rules/M7-3-2/IdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMain.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.nonglobalfunctionmain.NonGlobalFunctionMain -class IdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMainQuery extends NonGlobalFunctionMainSharedQuery { +class IdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMainQuery extends NonGlobalFunctionMainSharedQuery +{ IdentifierMainUsedForAFunctionOtherThanTheGlobalFunctionMainQuery() { this = NamingPackage::identifierMainUsedForAFunctionOtherThanTheGlobalFunctionMainQuery() } diff --git a/cpp/autosar/src/rules/M8-3-1/VirtualFunctionParametersUseTheSameDefaultArguments.ql b/cpp/autosar/src/rules/M8-3-1/VirtualFunctionParametersUseTheSameDefaultArguments.ql index 6eac6dc430..a0ef5143e9 100644 --- a/cpp/autosar/src/rules/M8-3-1/VirtualFunctionParametersUseTheSameDefaultArguments.ql +++ b/cpp/autosar/src/rules/M8-3-1/VirtualFunctionParametersUseTheSameDefaultArguments.ql @@ -18,7 +18,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.overridingshallspecifydifferentdefaultarguments.OverridingShallSpecifyDifferentDefaultArguments -class VirtualFunctionParametersUseTheSameDefaultArgumentsQuery extends OverridingShallSpecifyDifferentDefaultArgumentsSharedQuery { +class VirtualFunctionParametersUseTheSameDefaultArgumentsQuery extends OverridingShallSpecifyDifferentDefaultArgumentsSharedQuery +{ VirtualFunctionParametersUseTheSameDefaultArgumentsQuery() { this = VirtualFunctionsPackage::virtualFunctionParametersUseTheSameDefaultArgumentsQuery() } From 9bdc84df2ba4caf4b8241135fe95fb0138900306 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 25 Jul 2024 20:01:14 +0200 Subject: [PATCH 1901/2573] Remove renamed tests --- .../rules/RULE-10-0-1/MultipleGlobalOrMemberDeclarators.testref | 1 - .../test/rules/RULE-10-0-1/MultipleLocalDeclarators.testref | 1 - 2 files changed, 2 deletions(-) delete mode 100644 cpp/misra/test/rules/RULE-10-0-1/MultipleGlobalOrMemberDeclarators.testref delete mode 100644 cpp/misra/test/rules/RULE-10-0-1/MultipleLocalDeclarators.testref diff --git a/cpp/misra/test/rules/RULE-10-0-1/MultipleGlobalOrMemberDeclarators.testref b/cpp/misra/test/rules/RULE-10-0-1/MultipleGlobalOrMemberDeclarators.testref deleted file mode 100644 index 434cb47456..0000000000 --- a/cpp/misra/test/rules/RULE-10-0-1/MultipleGlobalOrMemberDeclarators.testref +++ /dev/null @@ -1 +0,0 @@ -cpp/common/test/rules/multipleglobalormemberdeclarators/MultipleGlobalOrMemberDeclarators.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/RULE-10-0-1/MultipleLocalDeclarators.testref b/cpp/misra/test/rules/RULE-10-0-1/MultipleLocalDeclarators.testref deleted file mode 100644 index be7c9ac352..0000000000 --- a/cpp/misra/test/rules/RULE-10-0-1/MultipleLocalDeclarators.testref +++ /dev/null @@ -1 +0,0 @@ -cpp/common/test/rules/multiplelocaldeclarators/MultipleLocalDeclarators.ql \ No newline at end of file From e3a5b8cdd87726a0faa4862e24ee1db9b5257b08 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 25 Jul 2024 20:13:49 +0200 Subject: [PATCH 1902/2573] renamed the shared query --- .../CastCharBeforeConvertingToLargerSizes.ql | 4 +-- ...tCharBeforeConvertingToLargerSizes.testref | 2 +- ...harBeforeConvertingToLargerSizes.expected} | 0 ...oreConvertingToLargerSizes.expected.clang} | 0 ...eforeConvertingToLargerSizes.expected.gcc} | 0 ...eforeConvertingToLargerSizes.expected.qcc} | 0 .../CastCharBeforeConvertingToLargerSizes.ql} | 4 +-- .../test.c | 0 .../CastCharBeforeConvertingToLargerSizes.qll | 27 +++++++++++++++++++ ...arBeforeConvertingToLargerSizes_shared.qll | 26 ------------------ ...harBeforeConvertingToLargerSizes.expected} | 0 .../CastCharBeforeConvertingToLargerSizes.ql} | 4 +-- .../test.cpp | 0 rule_packages/c/Strings3.json | 2 +- 14 files changed, 35 insertions(+), 34 deletions(-) rename c/common/test/rules/{castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.expected => castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.expected} (100%) rename c/common/test/rules/{castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.expected.clang => castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.expected.clang} (100%) rename c/common/test/rules/{castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.expected.gcc => castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.expected.gcc} (100%) rename c/common/test/rules/{castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.expected.qcc => castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.expected.qcc} (100%) rename c/common/test/rules/{castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.ql => castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.ql} (63%) rename c/common/test/rules/{castcharbeforeconvertingtolargersizes_shared => castcharbeforeconvertingtolargersizes}/test.c (100%) create mode 100644 cpp/common/src/codingstandards/cpp/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.qll delete mode 100644 cpp/common/src/codingstandards/cpp/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.qll rename cpp/common/test/rules/{castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.expected => castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.expected} (100%) rename cpp/common/test/rules/{castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.ql => castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.ql} (63%) rename cpp/common/test/rules/{castcharbeforeconvertingtolargersizes_shared => castcharbeforeconvertingtolargersizes}/test.cpp (100%) diff --git a/c/cert/src/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.ql b/c/cert/src/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.ql index 1f2af0b588..394df49d99 100644 --- a/c/cert/src/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.ql +++ b/c/cert/src/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.ql @@ -14,9 +14,9 @@ import cpp import codingstandards.c.cert -import codingstandards.cpp.rules.castcharbeforeconvertingtolargersizes_shared.CastCharBeforeConvertingToLargerSizes_shared +import codingstandards.cpp.rules.castcharbeforeconvertingtolargersizes.CastCharBeforeConvertingToLargerSizes -class CastCharBeforeConvertingToLargerSizesQuery extends CastCharBeforeConvertingToLargerSizes_sharedSharedQuery +class CastCharBeforeConvertingToLargerSizesQuery extends CastCharBeforeConvertingToLargerSizesSharedQuery { CastCharBeforeConvertingToLargerSizesQuery() { this = Strings3Package::castCharBeforeConvertingToLargerSizesQuery() diff --git a/c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.testref b/c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.testref index fefb98580c..0e13e05dc3 100644 --- a/c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.testref +++ b/c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.testref @@ -1 +1 @@ -c/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.ql \ No newline at end of file +c/common/test/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.ql \ No newline at end of file diff --git a/c/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.expected b/c/common/test/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.expected similarity index 100% rename from c/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.expected rename to c/common/test/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.expected diff --git a/c/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.expected.clang b/c/common/test/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.expected.clang similarity index 100% rename from c/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.expected.clang rename to c/common/test/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.expected.clang diff --git a/c/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.expected.gcc b/c/common/test/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.expected.gcc similarity index 100% rename from c/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.expected.gcc rename to c/common/test/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.expected.gcc diff --git a/c/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.expected.qcc b/c/common/test/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.expected.qcc similarity index 100% rename from c/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.expected.qcc rename to c/common/test/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.expected.qcc diff --git a/c/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.ql b/c/common/test/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.ql similarity index 63% rename from c/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.ql rename to c/common/test/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.ql index 2aceff89c0..2a1e49774f 100644 --- a/c/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.ql +++ b/c/common/test/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.ql @@ -1,4 +1,4 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.castcharbeforeconvertingtolargersizes_shared.CastCharBeforeConvertingToLargerSizes_shared +import codingstandards.cpp.rules.castcharbeforeconvertingtolargersizes.CastCharBeforeConvertingToLargerSizes -class TestFileQuery extends CastCharBeforeConvertingToLargerSizes_sharedSharedQuery, TestQuery { } +class TestFileQuery extends CastCharBeforeConvertingToLargerSizesSharedQuery, TestQuery { } diff --git a/c/common/test/rules/castcharbeforeconvertingtolargersizes_shared/test.c b/c/common/test/rules/castcharbeforeconvertingtolargersizes/test.c similarity index 100% rename from c/common/test/rules/castcharbeforeconvertingtolargersizes_shared/test.c rename to c/common/test/rules/castcharbeforeconvertingtolargersizes/test.c diff --git a/cpp/common/src/codingstandards/cpp/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.qll b/cpp/common/src/codingstandards/cpp/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.qll new file mode 100644 index 0000000000..5d396f9a42 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.qll @@ -0,0 +1,27 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + + import cpp + import codingstandards.cpp.Customizations + import codingstandards.cpp.Exclusions + + abstract class CastCharBeforeConvertingToLargerSizesSharedQuery extends Query { } + + Query getQuery() { result instanceof CastCharBeforeConvertingToLargerSizesSharedQuery } + + query predicate problems(Cast c, string message) { + not isExcluded(c, getQuery()) and + // find cases where there is a conversion happening wherein the + // base type is a char + c.getExpr().getType() instanceof CharType and + not c.getExpr().getType() instanceof UnsignedCharType and + // it's a bigger type + c.getType().getSize() > c.getExpr().getType().getSize() and + // and it's some kind of integer type + c.getType().getUnderlyingType() instanceof IntegralType and + not c.isFromTemplateInstantiation(_) and + message = + "Expression not converted to `unsigned char` before converting to a larger integer type." + } + \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.qll b/cpp/common/src/codingstandards/cpp/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.qll deleted file mode 100644 index 3ef9033910..0000000000 --- a/cpp/common/src/codingstandards/cpp/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.qll +++ /dev/null @@ -1,26 +0,0 @@ -/** - * Provides a library which includes a `problems` predicate for reporting.... - */ - -import cpp -import codingstandards.cpp.Customizations -import codingstandards.cpp.Exclusions - -abstract class CastCharBeforeConvertingToLargerSizes_sharedSharedQuery extends Query { } - -Query getQuery() { result instanceof CastCharBeforeConvertingToLargerSizes_sharedSharedQuery } - -query predicate problems(Cast c, string message) { - not isExcluded(c, getQuery()) and - // find cases where there is a conversion happening wherein the - // base type is a char - c.getExpr().getType() instanceof CharType and - not c.getExpr().getType() instanceof UnsignedCharType and - // it's a bigger type - c.getType().getSize() > c.getExpr().getType().getSize() and - // and it's some kind of integer type - c.getType().getUnderlyingType() instanceof IntegralType and - not c.isFromTemplateInstantiation(_) and - message = - "Expression not converted to `unsigned char` before converting to a larger integer type." -} diff --git a/cpp/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.expected b/cpp/common/test/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.expected similarity index 100% rename from cpp/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.expected rename to cpp/common/test/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.expected diff --git a/cpp/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.ql b/cpp/common/test/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.ql similarity index 63% rename from cpp/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.ql rename to cpp/common/test/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.ql index 2aceff89c0..2a1e49774f 100644 --- a/cpp/common/test/rules/castcharbeforeconvertingtolargersizes_shared/CastCharBeforeConvertingToLargerSizes_shared.ql +++ b/cpp/common/test/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.ql @@ -1,4 +1,4 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.castcharbeforeconvertingtolargersizes_shared.CastCharBeforeConvertingToLargerSizes_shared +import codingstandards.cpp.rules.castcharbeforeconvertingtolargersizes.CastCharBeforeConvertingToLargerSizes -class TestFileQuery extends CastCharBeforeConvertingToLargerSizes_sharedSharedQuery, TestQuery { } +class TestFileQuery extends CastCharBeforeConvertingToLargerSizesSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/castcharbeforeconvertingtolargersizes_shared/test.cpp b/cpp/common/test/rules/castcharbeforeconvertingtolargersizes/test.cpp similarity index 100% rename from cpp/common/test/rules/castcharbeforeconvertingtolargersizes_shared/test.cpp rename to cpp/common/test/rules/castcharbeforeconvertingtolargersizes/test.cpp diff --git a/rule_packages/c/Strings3.json b/rule_packages/c/Strings3.json index b0131fb55b..1cecf390ec 100644 --- a/rule_packages/c/Strings3.json +++ b/rule_packages/c/Strings3.json @@ -12,7 +12,7 @@ "precision": "very-high", "severity": "error", "short_name": "CastCharBeforeConvertingToLargerSizes", - "shared_implementation_short_name": "CastCharBeforeConvertingToLargerSizes_shared", + "shared_implementation_short_name": "CastCharBeforeConvertingToLargerSizes", "tags": [ "correctness", "security" From 946d5dfcc98f602be23a7cdfc3a0c10dcb258c30 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 25 Jul 2024 20:26:02 +0200 Subject: [PATCH 1903/2573] Fix formatting --- .../CastCharBeforeConvertingToLargerSizes.qll | 45 +++++++++---------- 1 file changed, 22 insertions(+), 23 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.qll b/cpp/common/src/codingstandards/cpp/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.qll index 5d396f9a42..66f1006d17 100644 --- a/cpp/common/src/codingstandards/cpp/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.qll +++ b/cpp/common/src/codingstandards/cpp/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.qll @@ -2,26 +2,25 @@ * Provides a library which includes a `problems` predicate for reporting.... */ - import cpp - import codingstandards.cpp.Customizations - import codingstandards.cpp.Exclusions - - abstract class CastCharBeforeConvertingToLargerSizesSharedQuery extends Query { } - - Query getQuery() { result instanceof CastCharBeforeConvertingToLargerSizesSharedQuery } - - query predicate problems(Cast c, string message) { - not isExcluded(c, getQuery()) and - // find cases where there is a conversion happening wherein the - // base type is a char - c.getExpr().getType() instanceof CharType and - not c.getExpr().getType() instanceof UnsignedCharType and - // it's a bigger type - c.getType().getSize() > c.getExpr().getType().getSize() and - // and it's some kind of integer type - c.getType().getUnderlyingType() instanceof IntegralType and - not c.isFromTemplateInstantiation(_) and - message = - "Expression not converted to `unsigned char` before converting to a larger integer type." - } - \ No newline at end of file +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class CastCharBeforeConvertingToLargerSizesSharedQuery extends Query { } + +Query getQuery() { result instanceof CastCharBeforeConvertingToLargerSizesSharedQuery } + +query predicate problems(Cast c, string message) { + not isExcluded(c, getQuery()) and + // find cases where there is a conversion happening wherein the + // base type is a char + c.getExpr().getType() instanceof CharType and + not c.getExpr().getType() instanceof UnsignedCharType and + // it's a bigger type + c.getType().getSize() > c.getExpr().getType().getSize() and + // and it's some kind of integer type + c.getType().getUnderlyingType() instanceof IntegralType and + not c.isFromTemplateInstantiation(_) and + message = + "Expression not converted to `unsigned char` before converting to a larger integer type." +} From 0c200662d4ccb8de83792676e9d2f3d0030d7cd2 Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Fri, 26 Jul 2024 09:14:17 +0900 Subject: [PATCH 1904/2573] Add a non-compliant case. --- cpp/autosar/test/rules/M0-1-10.1/UnusedFunction.expected | 1 + cpp/autosar/test/rules/M0-1-10.1/test.cpp | 5 +++++ 2 files changed, 6 insertions(+) diff --git a/cpp/autosar/test/rules/M0-1-10.1/UnusedFunction.expected b/cpp/autosar/test/rules/M0-1-10.1/UnusedFunction.expected index e69de29bb2..3f58065520 100644 --- a/cpp/autosar/test/rules/M0-1-10.1/UnusedFunction.expected +++ b/cpp/autosar/test/rules/M0-1-10.1/UnusedFunction.expected @@ -0,0 +1 @@ +| test.cpp:23:14:23:26 | uncalled_func | Function uncalled_func is never called. | diff --git a/cpp/autosar/test/rules/M0-1-10.1/test.cpp b/cpp/autosar/test/rules/M0-1-10.1/test.cpp index 272f295a35..6c176f95d1 100644 --- a/cpp/autosar/test/rules/M0-1-10.1/test.cpp +++ b/cpp/autosar/test/rules/M0-1-10.1/test.cpp @@ -20,6 +20,11 @@ std::int32_t func1() { // COMPLIANT: Called from main return mains::var + func2(); // func2 called here. } +std::int32_t uncalled_func() // NON COMPLIANT: Not called. +{ + return mains::var + func1(); // func1 called here. +} + // @brief main // @return exit code std::int32_t main(void) { From 6a1b283118eccb5c386eff6ebbacb6dbc72397f9 Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Fri, 26 Jul 2024 09:16:21 +0900 Subject: [PATCH 1905/2573] Modify comment to follow standard convention. --- cpp/autosar/test/rules/M0-1-10.1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/M0-1-10.1/test.cpp b/cpp/autosar/test/rules/M0-1-10.1/test.cpp index 6c176f95d1..5b9c68a827 100644 --- a/cpp/autosar/test/rules/M0-1-10.1/test.cpp +++ b/cpp/autosar/test/rules/M0-1-10.1/test.cpp @@ -20,7 +20,7 @@ std::int32_t func1() { // COMPLIANT: Called from main return mains::var + func2(); // func2 called here. } -std::int32_t uncalled_func() // NON COMPLIANT: Not called. +std::int32_t uncalled_func() // NON_COMPLIANT: Not called. { return mains::var + func1(); // func1 called here. } From a0d99293280c52e8658495899225055294851cb2 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 26 Jul 2024 12:09:56 +0100 Subject: [PATCH 1906/2573] Add MISRA C++ 2023 to release testing and automation --- scripts/PSCodingStandards/Config.ps1 | 2 +- scripts/PSCodingStandards/Get-TestDirectory.ps1 | 3 +++ scripts/matrix_testing/CreateMatrixTestReport.ps1 | 4 ++-- scripts/release/create_supported_rules_list.py | 2 +- scripts/release/generate_release_notes.py | 2 +- 5 files changed, 8 insertions(+), 5 deletions(-) diff --git a/scripts/PSCodingStandards/Config.ps1 b/scripts/PSCodingStandards/Config.ps1 index 2dc8d8e5bc..53605c89f3 100644 --- a/scripts/PSCodingStandards/Config.ps1 +++ b/scripts/PSCodingStandards/Config.ps1 @@ -1,2 +1,2 @@ -$AVAILABLE_SUITES = @("CERT-C++", "AUTOSAR", "MISRA-C-2012", "CERT-C") +$AVAILABLE_SUITES = @("CERT-C++", "AUTOSAR", "MISRA-C-2012", "CERT-C", "MISRA-C++-2023") $AVAILABLE_LANGUAGES = @("c", "cpp") \ No newline at end of file diff --git a/scripts/PSCodingStandards/Get-TestDirectory.ps1 b/scripts/PSCodingStandards/Get-TestDirectory.ps1 index 341cb3d7d9..154a49dabe 100644 --- a/scripts/PSCodingStandards/Get-TestDirectory.ps1 +++ b/scripts/PSCodingStandards/Get-TestDirectory.ps1 @@ -27,6 +27,9 @@ function Get-TestDirectory { elseif ($RuleObject.__memberof_suite -eq "MISRA-C-2012") { $standardString = "misra" } + elseif ($RuleObject.__memberof_suite -eq "MISRA-C++-2023") { + $standardString = "misra" + } else { throw "Unknown standard $($RuleObject.__memberof_suite)" } diff --git a/scripts/matrix_testing/CreateMatrixTestReport.ps1 b/scripts/matrix_testing/CreateMatrixTestReport.ps1 index 6f570c1b82..a8de5034ce 100644 --- a/scripts/matrix_testing/CreateMatrixTestReport.ps1 +++ b/scripts/matrix_testing/CreateMatrixTestReport.ps1 @@ -147,9 +147,9 @@ param( $Configuration, # For a suite, the suites we support. Valid values are 'CERT-C++' and - # 'AUTOSAR' and MISRA-C-2012 and CERT-C + # 'AUTOSAR' and MISRA-C-2012, MISRA-C++-2023 and CERT-C [Parameter(Mandatory, ParameterSetName = 'Suite')] - [ValidateSet("CERT-C++", "AUTOSAR", "MISRA-C-2012", "CERT-C")] + [ValidateSet("CERT-C++", "AUTOSAR", "MISRA-C-2012", "CERT-C", "MISRA-C++-2023")] [string] $SuiteName, diff --git a/scripts/release/create_supported_rules_list.py b/scripts/release/create_supported_rules_list.py index e3294ed3b1..6d8f3e0991 100644 --- a/scripts/release/create_supported_rules_list.py +++ b/scripts/release/create_supported_rules_list.py @@ -27,7 +27,7 @@ repo_root = Path(__file__).parent.parent.parent -rules_covered = {"AUTOSAR" : {}, "CERT-C++" : {}, "MISRA-C-2012" : {}, "CERT-C" : {}} +rules_covered = {"AUTOSAR" : {}, "CERT-C++" : {}, "MISRA-C-2012" : {}, "CERT-C" : {}, "MISRA-C++-2023" : {},} # Iterate over rule packages for language_name in ["cpp", "c"]: diff --git a/scripts/release/generate_release_notes.py b/scripts/release/generate_release_notes.py index c6cea8d19f..3852a5eeb7 100644 --- a/scripts/release/generate_release_notes.py +++ b/scripts/release/generate_release_notes.py @@ -79,7 +79,7 @@ def transform_legacy_rule_path(p): diff_from_last_release = latest_release_commit.diff(head_commit) # Store a mapping from standard -> rules with new queries -> new queries for those rules -new_rules = {"AUTOSAR" : {}, "CERT-C++" : {}, "MISRA-C-2012" : {}, "CERT-C" : {}} +new_rules = {"AUTOSAR" : {}, "CERT-C++" : {}, "MISRA-C-2012" : {}, "CERT-C" : {}, "MISRA-C++-2023" : {}} # Store the text of the newly added change notes change_notes = [] # Store the names of the rule packages with new queries From daddf4d44c9877a9749be73958e3427b13afc471 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 29 Jul 2024 11:34:00 +0100 Subject: [PATCH 1907/2573] Set packages for MISRA C++ 2023 --- rules.csv | 206 +++++++++++++++++++++++++++--------------------------- 1 file changed, 103 insertions(+), 103 deletions(-) diff --git a/rules.csv b/rules.csv index e494a82ea3..0e08bef58f 100644 --- a/rules.csv +++ b/rules.csv @@ -774,182 +774,182 @@ c,MISRA-C-2012,RULE-22-7,Yes,Required,,,The macro EOF shall only be compared wit c,MISRA-C-2012,RULE-22-8,Yes,Required,,,The value of errno shall be set to zero prior to a call to an errno-setting-function,ERR30-C,Contracts3,Medium, c,MISRA-C-2012,RULE-22-9,Yes,Required,,,The value of errno shall be tested against zero after calling an errno-setting-function,,Contracts3,Medium, c,MISRA-C-2012,RULE-22-10,Yes,Required,,,The value of errno shall only be tested when the last function to be called was an errno-setting-function,,Contracts3,Medium, -cpp,MISRA-C++-2023,RULE-0-0-1,Yes,Required,Decidable,Single Translation Unit,A function shall not contain unreachable statements,M0-1-1,,Medium, -cpp,MISRA-C++-2023,RULE-0-0-2,Yes,Advisory,Undecidable,System,Controlling expressions should not be invariant,M0-1-2,,Easy, -cpp,MISRA-C++-2023,RULE-0-1-1,Yes,Advisory,Undecidable,System,A value should not be unnecessarily written to a local object,A0-1-1,,Medium, -cpp,MISRA-C++-2023,RULE-0-1-2,Yes,Required,Decidable,Single Translation Unit,The value returned by a function shall be used,A0-1-2,,Easy, -cpp,MISRA-C++-2023,RULE-0-2-1,Yes,Advisory,Decidable,Single Translation Unit,Variables with limited visibility should be used at least once,M0-1-3,,Easy, -cpp,MISRA-C++-2023,RULE-0-2-2,Yes,Required,Decidable,Single Translation Unit,A named function parameter shall be used at least once,"A0-1-4, A0-1-5",,Easy, -cpp,MISRA-C++-2023,RULE-0-2-3,Yes,Advisory,Decidable,Single Translation Unit,Types with limited visibility should be used at least once,A0-1-6,,Easy, -cpp,MISRA-C++-2023,RULE-0-2-4,Yes,Advisory,Decidable,System,Functions with limited visibility should be used at least once,A0-1-3,,Easy, -cpp,MISRA-C++-2023,DIR-0-3-1,Yes,Advisory,,,Floating-point arithmetic should be used appropriately,,,Hard, -cpp,MISRA-C++-2023,DIR-0-3-2,Yes,Required,,,A function call shall not violate the function’s preconditions,,,Hard, -cpp,MISRA-C++-2023,RULE-4-1-1,Yes,Required,Undecidable,System,A program shall conform to ISO/IEC 14882:2017 (C++17),,,Hard, -cpp,MISRA-C++-2023,RULE-4-1-2,Yes,Advisory,Decidable,Single Translation Unit,Deprecated features should not be used,,,Very Hard, -cpp,MISRA-C++-2023,RULE-4-1-3,Yes,Required,Undecidable,System,There shall be no occurrence of undefined or critical unspecified behaviour,,,Very Hard, -cpp,MISRA-C++-2023,RULE-4-6-1,Yes,Required,Undecidable,System,Operations on a memory location shall be sequenced appropriately,RULE-13-2,,Easy, -cpp,MISRA-C++-2023,RULE-5-0-1,Yes,Advisory,Decidable,Single Translation Unit,Trigraph-like sequences should not be used,A2-5-1,,Very Hard, +cpp,MISRA-C++-2023,RULE-0-0-1,Yes,Required,Decidable,Single Translation Unit,A function shall not contain unreachable statements,M0-1-1,DeadCode2,Medium, +cpp,MISRA-C++-2023,RULE-0-0-2,Yes,Advisory,Undecidable,System,Controlling expressions should not be invariant,M0-1-2,DeadCode2,Easy, +cpp,MISRA-C++-2023,RULE-0-1-1,Yes,Advisory,Undecidable,System,A value should not be unnecessarily written to a local object,A0-1-1,DeadCode2,Medium, +cpp,MISRA-C++-2023,RULE-0-1-2,Yes,Required,Decidable,Single Translation Unit,The value returned by a function shall be used,A0-1-2,DeadCode2,Easy, +cpp,MISRA-C++-2023,RULE-0-2-1,Yes,Advisory,Decidable,Single Translation Unit,Variables with limited visibility should be used at least once,M0-1-3,DeadCode2,Easy, +cpp,MISRA-C++-2023,RULE-0-2-2,Yes,Required,Decidable,Single Translation Unit,A named function parameter shall be used at least once,"A0-1-4, A0-1-5",DeadCode2,Easy, +cpp,MISRA-C++-2023,RULE-0-2-3,Yes,Advisory,Decidable,Single Translation Unit,Types with limited visibility should be used at least once,A0-1-6,DeadCode2,Easy, +cpp,MISRA-C++-2023,RULE-0-2-4,Yes,Advisory,Decidable,System,Functions with limited visibility should be used at least once,A0-1-3,DeadCode2,Easy, +cpp,MISRA-C++-2023,DIR-0-3-1,Yes,Advisory,,,Floating-point arithmetic should be used appropriately,,FloatingPoint,Hard, +cpp,MISRA-C++-2023,DIR-0-3-2,Yes,Required,,,A function call shall not violate the function’s preconditions,,Preconditions,Hard, +cpp,MISRA-C++-2023,RULE-4-1-1,Yes,Required,Undecidable,System,A program shall conform to ISO/IEC 14882:2017 (C++17),,Toolchain2,Hard, +cpp,MISRA-C++-2023,RULE-4-1-2,Yes,Advisory,Decidable,Single Translation Unit,Deprecated features should not be used,,Toolchain2,Very Hard, +cpp,MISRA-C++-2023,RULE-4-1-3,Yes,Required,Undecidable,System,There shall be no occurrence of undefined or critical unspecified behaviour,,Undefined,Very Hard, +cpp,MISRA-C++-2023,RULE-4-6-1,Yes,Required,Undecidable,System,Operations on a memory location shall be sequenced appropriately,RULE-13-2,SideEffects3,Easy, +cpp,MISRA-C++-2023,RULE-5-0-1,Yes,Advisory,Decidable,Single Translation Unit,Trigraph-like sequences should not be used,A2-5-1,Trigraph,Very Hard, cpp,MISRA-C++-2023,RULE-5-7-1,Yes,Required,Decidable,Single Translation Unit,The character sequence /* shall not be used within a C-style comment,M2-7-1,ImportMisra23,Import, cpp,MISRA-C++-2023,DIR-5-7-2,Yes,Advisory,,,Sections of code should not be “commented out”,A2-7-2,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-5-7-3,Yes,Required,Decidable,Single Translation Unit,Line-splicing shall not be used in // comments,A2-7-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-5-10-1,Yes,Required,Decidable,Single Translation Unit,User-defined identifiers shall have an appropriate form,,,Easy, +cpp,MISRA-C++-2023,RULE-5-10-1,Yes,Required,Decidable,Single Translation Unit,User-defined identifiers shall have an appropriate form,,Naming,Easy, cpp,MISRA-C++-2023,RULE-5-13-1,Yes,Required,Decidable,Single Translation Unit,"In character literals and non-raw string literals, \ shall only be used to form a defined escape sequence or universal character name",A2-13-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-5-13-2,Yes,Required,Decidable,Single Translation Unit,"Octal escape sequences, hexadecimal escape sequences, and universal character names shall be terminated",RULE-4-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-5-13-3,Yes,Required,Decidable,Single Translation Unit,Octal constants shall not be used,M2-13-2,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-5-13-4,Yes,Required,Decidable,Single Translation Unit,Unsigned integer literals shall be appropriately suffixed,M2-13-3,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-5-13-5,Yes,Required,Decidable,Single Translation Unit,The lowercase form of L shall not be used as the first character in a literal suffix,RULE-7-3,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-5-13-6,Yes,Required,Decidable,Single Translation Unit,An integer-literal of type long long shall not use a single L or l in any suffix,,,Easy, +cpp,MISRA-C++-2023,RULE-5-13-6,Yes,Required,Decidable,Single Translation Unit,An integer-literal of type long long shall not use a single L or l in any suffix,,Expressions2,Easy, cpp,MISRA-C++-2023,RULE-5-13-7,No,Required,Decidable,Single Translation Unit,String literals with different encoding prefixes shall not be concatenated,A2-13-2,,, -cpp,MISRA-C++-2023,RULE-6-0-1,Yes,Required,Decidable,Single Translation Unit,Block scope declarations shall not be visually ambiguous,"M3-1-2,DCL53-CPP",,Easy, -cpp,MISRA-C++-2023,RULE-6-0-2,Yes,Advisory,Decidable,Single Translation Unit,"When an array with external linkage is declared, its size should be explicitly specified",RULE-18-8,,Easy, +cpp,MISRA-C++-2023,RULE-6-0-1,Yes,Required,Decidable,Single Translation Unit,Block scope declarations shall not be visually ambiguous,"M3-1-2,DCL53-CPP",Declarations2,Easy, +cpp,MISRA-C++-2023,RULE-6-0-2,Yes,Advisory,Decidable,Single Translation Unit,"When an array with external linkage is declared, its size should be explicitly specified",RULE-18-8,Linkage,Easy, cpp,MISRA-C++-2023,RULE-6-0-3,Yes,Advisory,Decidable,Single Translation Unit,"The only declarations in the global namespace should be main, namespace declarations and extern ""C"" declarations",M7-3-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-6-0-4,Yes,Required,Decidable,Single Translation Unit,The identifier main shall not be used for a function other than the global function main,M7-3-2,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-6-2-1,Yes,Required,Decidable,System,The one-definition rule shall not be violated,M3-2-2,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-6-2-2,Yes,Required,Decidable,System,All declarations of a variable or function shall have the same type,"M3-9-1,DCL40-C",,Easy, -cpp,MISRA-C++-2023,RULE-6-2-3,Yes,Required,Decidable,System,The source code used to implement an entity shall appear only once,,,Medium, -cpp,MISRA-C++-2023,RULE-6-2-4,Yes,Required,Decidable,Single Translation Unit,A header file shall not contain definitions of functions or objects that are non-inline and have external linkage,,,Easy, +cpp,MISRA-C++-2023,RULE-6-2-2,Yes,Required,Decidable,System,All declarations of a variable or function shall have the same type,"M3-9-1,DCL40-C",Declarations2,Easy, +cpp,MISRA-C++-2023,RULE-6-2-3,Yes,Required,Decidable,System,The source code used to implement an entity shall appear only once,,Declarations2,Medium, +cpp,MISRA-C++-2023,RULE-6-2-4,Yes,Required,Decidable,Single Translation Unit,A header file shall not contain definitions of functions or objects that are non-inline and have external linkage,,Linkage,Easy, cpp,MISRA-C++-2023,RULE-6-4-1,Yes,Required,Decidable,Single Translation Unit,A variable declared in an inner scope shall not hide a variable declared in an outer scope,A2-10-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-6-4-2,Yes,Required,Decidable,Single Translation Unit,Derived classes shall not conceal functions that are inherited from their bases,A7-3-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-6-4-3,Yes,Required,Decidable,Single Translation Unit,A name that is present in a dependent base shall not be resolved by unqualified lookup,M14-6-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-6-5-1,Yes,Advisory,Decidable,Single Translation Unit,A function or object with external linkage should be introduced in a header file,,,Medium, -cpp,MISRA-C++-2023,RULE-6-5-2,Yes,Advisory,Decidable,Single Translation Unit,Internal linkage should be specified appropriately,,,Medium, -cpp,MISRA-C++-2023,RULE-6-7-1,Yes,Required,Decidable,Single Translation Unit,Local variables shall not have static storage duration,,,Easy, -cpp,MISRA-C++-2023,RULE-6-7-2,Yes,Required,Decidable,Single Translation Unit,Global variables shall not be used,,,Easy, +cpp,MISRA-C++-2023,RULE-6-5-1,Yes,Advisory,Decidable,Single Translation Unit,A function or object with external linkage should be introduced in a header file,,Linkage,Medium, +cpp,MISRA-C++-2023,RULE-6-5-2,Yes,Advisory,Decidable,Single Translation Unit,Internal linkage should be specified appropriately,,Linkage,Medium, +cpp,MISRA-C++-2023,RULE-6-7-1,Yes,Required,Decidable,Single Translation Unit,Local variables shall not have static storage duration,,Declarations2,Easy, +cpp,MISRA-C++-2023,RULE-6-7-2,Yes,Required,Decidable,Single Translation Unit,Global variables shall not be used,,Banned,Easy, cpp,MISRA-C++-2023,RULE-6-8-1,Yes,Required,Undecidable,System,An object shall not be accessed outside of its lifetime,A3-8-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-6-8-2,Yes,Mandatory,Decidable,Single Translation Unit,A function must not return a reference or a pointer to a local variable with automatic storage duration,M7-5-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-6-8-3,Yes,Required,Decidable,Single Translation Unit,An assignment operator shall not assign the address of an object with automatic storage duration to an object with a greater lifetime,,,Medium, -cpp,MISRA-C++-2023,RULE-6-8-4,Yes,Advisory,Decidable,Single Translation Unit,Member functions returning references to their object should be refqualified appropriately,,,Medium, -cpp,MISRA-C++-2023,RULE-6-9-1,Yes,Required,Decidable,Single Translation Unit,The same type aliases shall be used in all declarations of the same entity,,,Medium, -cpp,MISRA-C++-2023,RULE-6-9-2,Yes,Advisory,Decidable,Single Translation Unit,The names of the standard signed integer types and standard unsigned integer types should not be used,A3-9-1,,Easy, -cpp,MISRA-C++-2023,RULE-7-0-1,Yes,Required,Decidable,Single Translation Unit,There shall be no conversion from type bool,,,Easy, -cpp,MISRA-C++-2023,RULE-7-0-2,Yes,Required,Decidable,Single Translation Unit,There shall be no conversion to type bool,,,Easy, -cpp,MISRA-C++-2023,RULE-7-0-3,Yes,Required,Decidable,Single Translation Unit,The numerical value of a character shall not be used,M5-0-11,,Medium, -cpp,MISRA-C++-2023,RULE-7-0-4,Yes,Required,Decidable,Single Translation Unit,The operands of bitwise operators and shift operators shall be appropriate,RULE-10-1,,Medium, -cpp,MISRA-C++-2023,RULE-7-0-5,Yes,Required,Decidable,Single Translation Unit,Integral promotion and the usual arithmetic conversions shall not change the signedness or the type category of an operand,"M5-0-4,M5-0-9,INT31-C",,Medium, -cpp,MISRA-C++-2023,RULE-7-0-6,Yes,Required,Decidable,Single Translation Unit,Assignment between numeric types shall be appropriate,,,Hard, +cpp,MISRA-C++-2023,RULE-6-8-3,Yes,Required,Decidable,Single Translation Unit,An assignment operator shall not assign the address of an object with automatic storage duration to an object with a greater lifetime,,Lifetime,Medium, +cpp,MISRA-C++-2023,RULE-6-8-4,Yes,Advisory,Decidable,Single Translation Unit,Member functions returning references to their object should be refqualified appropriately,,Declarations2,Medium, +cpp,MISRA-C++-2023,RULE-6-9-1,Yes,Required,Decidable,Single Translation Unit,The same type aliases shall be used in all declarations of the same entity,,Declarations2,Medium, +cpp,MISRA-C++-2023,RULE-6-9-2,Yes,Advisory,Decidable,Single Translation Unit,The names of the standard signed integer types and standard unsigned integer types should not be used,A3-9-1,BannedAPIs,Easy, +cpp,MISRA-C++-2023,RULE-7-0-1,Yes,Required,Decidable,Single Translation Unit,There shall be no conversion from type bool,,Conversions,Easy, +cpp,MISRA-C++-2023,RULE-7-0-2,Yes,Required,Decidable,Single Translation Unit,There shall be no conversion to type bool,,Conversions,Easy, +cpp,MISRA-C++-2023,RULE-7-0-3,Yes,Required,Decidable,Single Translation Unit,The numerical value of a character shall not be used,M5-0-11,Conversions,Medium, +cpp,MISRA-C++-2023,RULE-7-0-4,Yes,Required,Decidable,Single Translation Unit,The operands of bitwise operators and shift operators shall be appropriate,RULE-10-1,Preconditions,Medium, +cpp,MISRA-C++-2023,RULE-7-0-5,Yes,Required,Decidable,Single Translation Unit,Integral promotion and the usual arithmetic conversions shall not change the signedness or the type category of an operand,"M5-0-4,M5-0-9,INT31-C",Conversions,Medium, +cpp,MISRA-C++-2023,RULE-7-0-6,Yes,Required,Decidable,Single Translation Unit,Assignment between numeric types shall be appropriate,,Conversions,Hard, cpp,MISRA-C++-2023,RULE-7-11-1,Yes,Required,Decidable,Single Translation Unit,nullptr shall be the only form of the null-pointer-constant,A4-10-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-7-11-2,Yes,Required,Decidable,Single Translation Unit,An array passed as a function argument shall not decay to a pointer,M5-2-12,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-7-11-3,Yes,Required,Decidable,Single Translation Unit,A conversion from function type to pointer-to-function type shall only occur in appropriate contexts,,,Easy, -cpp,MISRA-C++-2023,RULE-8-0-1,Yes,Advisory,Decidable,Single Translation Unit,Parentheses should be used to make the meaning of an expression appropriately explicit,M5-0-2,,Medium, -cpp,MISRA-C++-2023,RULE-8-1-1,Yes,Required,Decidable,Single Translation Unit,A non-transient lambda shall not implicitly capture this,,,Easy, -cpp,MISRA-C++-2023,RULE-8-1-2,Yes,Advisory,Decidable,Single Translation Unit,Variables should be captured explicitly in a non-transient lambda,A5-1-2,,Easy, -cpp,MISRA-C++-2023,RULE-8-2-1,Yes,Required,Decidable,Single Translation Unit,A virtual base class shall only be cast to a derived class by means of dynamic_cast,,,Easy, -cpp,MISRA-C++-2023,RULE-8-2-2,Yes,Required,Decidable,Single Translation Unit,C-style casts and functional notation casts shall not be used,A5-2-2,,Easy, +cpp,MISRA-C++-2023,RULE-7-11-3,Yes,Required,Decidable,Single Translation Unit,A conversion from function type to pointer-to-function type shall only occur in appropriate contexts,,Conversions,Easy, +cpp,MISRA-C++-2023,RULE-8-0-1,Yes,Advisory,Decidable,Single Translation Unit,Parentheses should be used to make the meaning of an expression appropriately explicit,M5-0-2,Expressions2,Medium, +cpp,MISRA-C++-2023,RULE-8-1-1,Yes,Required,Decidable,Single Translation Unit,A non-transient lambda shall not implicitly capture this,,Expressions2,Easy, +cpp,MISRA-C++-2023,RULE-8-1-2,Yes,Advisory,Decidable,Single Translation Unit,Variables should be captured explicitly in a non-transient lambda,A5-1-2,Expressions2,Easy, +cpp,MISRA-C++-2023,RULE-8-2-1,Yes,Required,Decidable,Single Translation Unit,A virtual base class shall only be cast to a derived class by means of dynamic_cast,,Conversions,Easy, +cpp,MISRA-C++-2023,RULE-8-2-2,Yes,Required,Decidable,Single Translation Unit,C-style casts and functional notation casts shall not be used,A5-2-2,Conversions,Easy, cpp,MISRA-C++-2023,RULE-8-2-3,Yes,Required,Decidable,Single Translation Unit,A cast shall not remove any const or volatile qualification from the type accessed via a pointer or by reference,A5-2-3,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-8-2-4,Yes,Required,Decidable,Single Translation Unit,Casts shall not be performed between a pointer to function and any other type,M5-2-6,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-8-2-5,Yes,Required,Decidable,Single Translation Unit,reinterpret_cast shall not be used,A5-2-4,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-8-2-6,Yes,Required,Decidable,Single Translation Unit,"An object with integral, enumerated, or pointer to void type shall not be cast to a pointer type","RULE-11-6, INT36-C",,Easy, -cpp,MISRA-C++-2023,RULE-8-2-7,Yes,Advisory,Decidable,Single Translation Unit,A cast should not convert a pointer type to an integral type,"RULE-11-6, INT36-C",,Easy, -cpp,MISRA-C++-2023,RULE-8-2-8,Yes,Required,Decidable,Single Translation Unit,An object pointer type shall not be cast to an integral type other than std::uintptr_t or std::intptr_t,"RULE-11-6, INT36-C",,Easy, -cpp,MISRA-C++-2023,RULE-8-2-9,Yes,Required,Decidable,Single Translation Unit,The operand to typeid shall not be an expression of polymorphic class type,,,Easy, +cpp,MISRA-C++-2023,RULE-8-2-6,Yes,Required,Decidable,Single Translation Unit,"An object with integral, enumerated, or pointer to void type shall not be cast to a pointer type","RULE-11-6, INT36-C",Conversions,Easy, +cpp,MISRA-C++-2023,RULE-8-2-7,Yes,Advisory,Decidable,Single Translation Unit,A cast should not convert a pointer type to an integral type,"RULE-11-6, INT36-C",Conversions,Easy, +cpp,MISRA-C++-2023,RULE-8-2-8,Yes,Required,Decidable,Single Translation Unit,An object pointer type shall not be cast to an integral type other than std::uintptr_t or std::intptr_t,"RULE-11-6, INT36-C",Conversions,Easy, +cpp,MISRA-C++-2023,RULE-8-2-9,Yes,Required,Decidable,Single Translation Unit,The operand to typeid shall not be an expression of polymorphic class type,,Preconditions,Easy, cpp,MISRA-C++-2023,RULE-8-2-10,Yes,Required,Undecidable,System,"Functions shall not call themselves, either directly or indirectly",A7-5-2,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-8-2-11,Yes,Required,Decidable,Single Translation Unit,An argument passed via ellipsis shall have an appropriate type,,,Easy, +cpp,MISRA-C++-2023,RULE-8-2-11,Yes,Required,Decidable,Single Translation Unit,An argument passed via ellipsis shall have an appropriate type,,Preconditions,Easy, cpp,MISRA-C++-2023,RULE-8-3-1,Yes,Advisory,Decidable,Single Translation Unit,The built-in unary - operator should not be applied to an expression of unsigned type,M5-3-2,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-8-3-2,Yes,Advisory,Decidable,Single Translation Unit,The built-in unary + operator should not be used,,,Easy, -cpp,MISRA-C++-2023,RULE-8-7-1,Yes,Required,Undecidable,System,Pointer arithmetic shall not form an invalid pointer,ARR30-C,,Easy, -cpp,MISRA-C++-2023,RULE-8-7-2,Yes,Required,Undecidable,System,Subtraction between pointers shall only be applied to pointers that address elements of the same array,ARR36-C,,Easy, -cpp,MISRA-C++-2023,RULE-8-9-1,Yes,Required,Undecidable,System,"The built-in relational operators >, >=, < and <= shall not be applied to objects of pointer type, except where they point to elements of the same array",ARR36-C,,Easy, -cpp,MISRA-C++-2023,RULE-8-14-1,Yes,Advisory,Undecidable,System,The right-hand operand of a logical && or operator should not contain persistent side effects,"M5-14-1, RULE-13-5",,Medium, -cpp,MISRA-C++-2023,RULE-8-18-1,Yes,Mandatory,Undecidable,System,An object or subobject must not be copied to an overlapping object,"M0-2-1, RULE-19-1",,Hard, +cpp,MISRA-C++-2023,RULE-8-3-2,Yes,Advisory,Decidable,Single Translation Unit,The built-in unary + operator should not be used,,Banned,Easy, +cpp,MISRA-C++-2023,RULE-8-7-1,Yes,Required,Undecidable,System,Pointer arithmetic shall not form an invalid pointer,ARR30-C,Memory,Easy, +cpp,MISRA-C++-2023,RULE-8-7-2,Yes,Required,Undecidable,System,Subtraction between pointers shall only be applied to pointers that address elements of the same array,ARR36-C,Memory,Easy, +cpp,MISRA-C++-2023,RULE-8-9-1,Yes,Required,Undecidable,System,"The built-in relational operators >, >=, < and <= shall not be applied to objects of pointer type, except where they point to elements of the same array",ARR36-C,Memory,Easy, +cpp,MISRA-C++-2023,RULE-8-14-1,Yes,Advisory,Undecidable,System,The right-hand operand of a logical && or operator should not contain persistent side effects,"M5-14-1, RULE-13-5",SideEffects3,Medium, +cpp,MISRA-C++-2023,RULE-8-18-1,Yes,Mandatory,Undecidable,System,An object or subobject must not be copied to an overlapping object,"M0-2-1, RULE-19-1",Memory,Hard, cpp,MISRA-C++-2023,RULE-8-18-2,Yes,Advisory,Decidable,Single Translation Unit,The result of an assignment operator should not be used,RULE-13-4,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-8-19-1,Yes,Advisory,Decidable,Single Translation Unit,The comma operator should not be used,M5-18-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-8-20-1,Yes,Advisory,Decidable,Single Translation Unit,An unsigned arithmetic operation with constant operands should not wrap,INT30-C,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-9-2-1,Yes,Required,Decidable,Single Translation Unit,An explicit type conversion shall not be an expression statement,DCL53-CPP,,Easy, +cpp,MISRA-C++-2023,RULE-9-2-1,Yes,Required,Decidable,Single Translation Unit,An explicit type conversion shall not be an expression statement,DCL53-CPP,Conversions,Easy, cpp,MISRA-C++-2023,RULE-9-3-1,Yes,Required,Decidable,Single Translation Unit,The body of an iteration-statement or a selection-statement shall be a compound-statement,RULE-15-6,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-9-4-1,Yes,Required,Decidable,Single Translation Unit,All if ... else if constructs shall be terminated with an else statement,RULE-15-7,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-9-4-2,Yes,Required,Decidable,Single Translation Unit,The structure of a switch statement shall be appropriate,"RULE-16-1, RULE-16-2,RULE-16-3,RULE-16-4,RULE-16-5,RULE-16-6,RULE-16-7",,Medium, -cpp,MISRA-C++-2023,RULE-9-5-1,Yes,Advisory,Decidable,Single Translation Unit,Legacy for statements should be simple,,,Hard, -cpp,MISRA-C++-2023,RULE-9-5-2,Yes,Required,Decidable,Single Translation Unit,A for-range-initializer shall contain at most one function call,,,Easy, +cpp,MISRA-C++-2023,RULE-9-4-2,Yes,Required,Decidable,Single Translation Unit,The structure of a switch statement shall be appropriate,"RULE-16-1, RULE-16-2,RULE-16-3,RULE-16-4,RULE-16-5,RULE-16-6,RULE-16-7",Statements,Medium, +cpp,MISRA-C++-2023,RULE-9-5-1,Yes,Advisory,Decidable,Single Translation Unit,Legacy for statements should be simple,,Statements,Hard, +cpp,MISRA-C++-2023,RULE-9-5-2,Yes,Required,Decidable,Single Translation Unit,A for-range-initializer shall contain at most one function call,,Statements,Easy, cpp,MISRA-C++-2023,RULE-9-6-1,Yes,Advisory,Decidable,Single Translation Unit,The goto statement should not be used,RULE-15-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-9-6-2,Yes,Required,Decidable,Single Translation Unit,A goto statement shall reference a label in a surrounding block,RULE-15-3,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-9-6-3,Yes,Required,Decidable,Single Translation Unit,The goto statement shall jump to a label declared later in the function body,RULE-15-2,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-9-6-4,Yes,Required,Undecidable,System,A function declared with the [[noreturn]] attribute shall not return,MSC53-CPP,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-9-6-5,Yes,Required,Decidable,Single Translation Unit,A function with non-void return type shall return a value on all paths,MSC52-CPP,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-10-0-1,Yes,Advisory,Decidable,Single Translation Unit,A declaration should not declare more than one variable or member variable,M8-0-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-10-1-1,Yes,Advisory,Decidable,Single Translation Unit,The target type of a pointer or lvalue reference parameter should be const-qualified appropriately,RULE-8-13,,Hard, -cpp,MISRA-C++-2023,RULE-10-1-2,Yes,Required,Decidable,Single Translation Unit,The volatile qualifier shall be used appropriately,,,Easy, +cpp,MISRA-C++-2023,RULE-10-1-1,Yes,Advisory,Decidable,Single Translation Unit,The target type of a pointer or lvalue reference parameter should be const-qualified appropriately,RULE-8-13,Declarations2,Hard, +cpp,MISRA-C++-2023,RULE-10-1-2,Yes,Required,Decidable,Single Translation Unit,The volatile qualifier shall be used appropriately,,Declarations2,Easy, cpp,MISRA-C++-2023,RULE-10-2-1,Yes,Required,Decidable,Single Translation Unit,An enumeration shall be defined with an explicit underlying type,A7-2-2,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-10-2-2,Yes,Advisory,Decidable,Single Translation Unit,Unscoped enumerations should not be declared,A7-2-3,,Easy, -cpp,MISRA-C++-2023,RULE-10-2-3,Yes,Required,Decidable,Single Translation Unit,The numeric value of an unscoped enumeration with no fixed underlying type shall not be used,A4-5-1,,Easy, -cpp,MISRA-C++-2023,RULE-10-3-1,Yes,Advisory,Decidable,Single Translation Unit,There should be no unnamed namespaces in header files,"DCL59-CPP, M7-3-3",,Easy, +cpp,MISRA-C++-2023,RULE-10-2-2,Yes,Advisory,Decidable,Single Translation Unit,Unscoped enumerations should not be declared,A7-2-3,Banned,Easy, +cpp,MISRA-C++-2023,RULE-10-2-3,Yes,Required,Decidable,Single Translation Unit,The numeric value of an unscoped enumeration with no fixed underlying type shall not be used,A4-5-1,Banned,Easy, +cpp,MISRA-C++-2023,RULE-10-3-1,Yes,Advisory,Decidable,Single Translation Unit,There should be no unnamed namespaces in header files,"DCL59-CPP, M7-3-3",Banned,Easy, cpp,MISRA-C++-2023,RULE-10-4-1,Yes,Required,Decidable,Single Translation Unit,The asm declaration shall not be used,A7-4-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-11-3-1,Yes,Advisory,Decidable,Single Translation Unit,Variables of array type should not be declared,,,Easy, +cpp,MISRA-C++-2023,RULE-11-3-1,Yes,Advisory,Decidable,Single Translation Unit,Variables of array type should not be declared,,Declarations2,Easy, cpp,MISRA-C++-2023,RULE-11-3-2,Yes,Advisory,Decidable,Single Translation Unit,The declaration of an object should contain no more than two levels of pointer indirection,A5-0-3,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-11-6-1,Yes,Advisory,Decidable,Single Translation Unit,All variables should be initialized,,,Easy, -cpp,MISRA-C++-2023,RULE-11-6-2,Yes,Mandatory,Undecidable,System,The value of an object must not be read before it has been set,A8-5-0,,Very Hard, +cpp,MISRA-C++-2023,RULE-11-6-1,Yes,Advisory,Decidable,Single Translation Unit,All variables should be initialized,,Declarations2,Easy, +cpp,MISRA-C++-2023,RULE-11-6-2,Yes,Mandatory,Undecidable,System,The value of an object must not be read before it has been set,A8-5-0,Lifetime,Very Hard, cpp,MISRA-C++-2023,RULE-11-6-3,Yes,Required,Decidable,Single Translation Unit,"Within an enumerator list, the value of an implicitly-specified enumeration constant shall be unique",RULE-8-12,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-12-2-1,Yes,Advisory,Decidable,Single Translation Unit,Bit-fields should not be declared,A9-6-2,,Easy, +cpp,MISRA-C++-2023,RULE-12-2-1,Yes,Advisory,Decidable,Single Translation Unit,Bit-fields should not be declared,A9-6-2,Banned,Easy, cpp,MISRA-C++-2023,RULE-12-2-2,Yes,Required,Decidable,Single Translation Unit,A bit-field shall have an appropriate type,RULE-6-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-12-2-3,Yes,Required,Decidable,Single Translation Unit,A named bit-field with signed integer type shall not have a length of one bit,M9-6-4,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-12-3-1,Yes,Required,Decidable,Single Translation Unit,The union keyword shall not be used,RULE-19-2,,Easy, -cpp,MISRA-C++-2023,RULE-13-1-1,Yes,Advisory,Decidable,Single Translation Unit,Classes should not be inherited virtually,,,Easy, +cpp,MISRA-C++-2023,RULE-12-3-1,Yes,Required,Decidable,Single Translation Unit,The union keyword shall not be used,RULE-19-2,Banned,Easy, +cpp,MISRA-C++-2023,RULE-13-1-1,Yes,Advisory,Decidable,Single Translation Unit,Classes should not be inherited virtually,,Classes2,Easy, cpp,MISRA-C++-2023,RULE-13-1-2,Yes,Required,Decidable,Single Translation Unit,An accessible base class shall not be both virtual and non-virtual in the same hierarchy,M10-1-3,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-13-3-1,Yes,Required,Decidable,Single Translation Unit,"User-declared member functions shall use the virtual, override and final specifiers appropriately",,,Easy, +cpp,MISRA-C++-2023,RULE-13-3-1,Yes,Required,Decidable,Single Translation Unit,"User-declared member functions shall use the virtual, override and final specifiers appropriately",,Classes2,Easy, cpp,MISRA-C++-2023,RULE-13-3-2,Yes,Required,Decidable,Single Translation Unit,Parameters in an overriding virtual function shall not specify different default arguments,M8-3-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-13-3-3,Yes,Required,Decidable,System,The parameters in all declarations or overrides of a function shall either be unnamed or have identical names,RULE-8-3,,Easy, +cpp,MISRA-C++-2023,RULE-13-3-3,Yes,Required,Decidable,System,The parameters in all declarations or overrides of a function shall either be unnamed or have identical names,RULE-8-3,Declarations2,Easy, cpp,MISRA-C++-2023,RULE-13-3-4,Yes,Required,Decidable,Single Translation Unit,A comparison of a potentially virtual pointer to member function shall only be with nullptr,A5-10-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-14-1-1,Yes,Advisory,Decidable,Single Translation Unit,Non-static data members should be either all private or all public,,,Easy, -cpp,MISRA-C++-2023,RULE-15-0-1,Yes,Required,Decidable,Single Translation Unit,Special member functions shall be provided appropriately,A12-0-1,,Medium, -cpp,MISRA-C++-2023,RULE-15-0-2,Yes,Advisory,Decidable,Single Translation Unit,User-provided copy and move member functions of a class should have appropriate signatures,,,Easy, +cpp,MISRA-C++-2023,RULE-14-1-1,Yes,Advisory,Decidable,Single Translation Unit,Non-static data members should be either all private or all public,,Classes2,Easy, +cpp,MISRA-C++-2023,RULE-15-0-1,Yes,Required,Decidable,Single Translation Unit,Special member functions shall be provided appropriately,A12-0-1,Classes2,Medium, +cpp,MISRA-C++-2023,RULE-15-0-2,Yes,Advisory,Decidable,Single Translation Unit,User-provided copy and move member functions of a class should have appropriate signatures,,Classes2,Easy, cpp,MISRA-C++-2023,RULE-15-1-1,Yes,Required,Undecidable,System,An object’s dynamic type shall not be used from within its constructor or destructor,M12-1-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-15-1-2,Yes,Advisory,Decidable,Single Translation Unit,All constructors of a class should explicitly initialize all of its virtual base classes and immediate base classes,A12-1-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-15-1-3,Yes,Required,Decidable,Single Translation Unit,Conversion operators and constructors that are callable with a single argument shall be explicit,"A12-1-4,A13-5-2",,Easy, -cpp,MISRA-C++-2023,RULE-15-1-4,Yes,Advisory,Decidable,Single Translation Unit,"All direct, non-static data members of a class should be initialized before the class object is accessible",,,Hard, +cpp,MISRA-C++-2023,RULE-15-1-3,Yes,Required,Decidable,Single Translation Unit,Conversion operators and constructors that are callable with a single argument shall be explicit,"A12-1-4,A13-5-2",Classes2,Easy, +cpp,MISRA-C++-2023,RULE-15-1-4,Yes,Advisory,Decidable,Single Translation Unit,"All direct, non-static data members of a class should be initialized before the class object is accessible",,Classes2,Hard, cpp,MISRA-C++-2023,RULE-15-1-5,Yes,Required,Decidable,Single Translation Unit,A class shall only define an initializer-list constructor when it is the only constructor,A8-5-4,ImportMisra23,Import, cpp,MISRA-C++-2023,DIR-15-8-1,Yes,Required,Decidable,Implementation,User-provided copy assignment operators and move assignment operators shall handle self-assignment,A12-8-5,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-16-5-1,Yes,Required,Decidable,Single Translation Unit,The logical AND and logical OR operators shall not be overloaded,M5-2-11,,Easy, +cpp,MISRA-C++-2023,RULE-16-5-1,Yes,Required,Decidable,Single Translation Unit,The logical AND and logical OR operators shall not be overloaded,M5-2-11,Classes2,Easy, cpp,MISRA-C++-2023,RULE-16-5-2,Yes,Required,Decidable,Single Translation Unit,The address-of operator shall not be overloaded,M5-3-3,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-16-6-1,Yes,Advisory,Decidable,Single Translation Unit,Symmetrical operators should only be implemented as non-member functions,,,Medium, +cpp,MISRA-C++-2023,RULE-16-6-1,Yes,Advisory,Decidable,Single Translation Unit,Symmetrical operators should only be implemented as non-member functions,,Classes2,Medium, cpp,MISRA-C++-2023,RULE-17-8-1,Yes,Required,Decidable,Single Translation Unit,Function templates shall not be explicitly specialized,A14-8-2,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-18-1-1,Yes,Required,Decidable,Single Translation Unit,An exception object shall not have pointer type,A15-1-2,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-18-1-2,Yes,Required,Decidable,Single Translation Unit,An empty throw shall only occur within the compound-statement of a catch handler,M15-1-3,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-18-3-1,Yes,Advisory,Decidable,Single Translation Unit,There should be at least one exception handler to catch all otherwise unhandled exceptions,A15-3-3,,Easy, -cpp,MISRA-C++-2023,RULE-18-3-2,Yes,Required,Decidable,Single Translation Unit,An exception of class type shall be caught by const reference or reference,A15-3-5,,Easy, +cpp,MISRA-C++-2023,RULE-18-3-1,Yes,Advisory,Decidable,Single Translation Unit,There should be at least one exception handler to catch all otherwise unhandled exceptions,A15-3-3,Exceptions3,Easy, +cpp,MISRA-C++-2023,RULE-18-3-2,Yes,Required,Decidable,Single Translation Unit,An exception of class type shall be caught by const reference or reference,A15-3-5,Exceptions3,Easy, cpp,MISRA-C++-2023,RULE-18-3-3,Yes,Required,Decidable,Single Translation Unit,Handlers for a function-try-block of a constructor or destructor shall not refer to non-static members from their class or its bases,M15-3-3,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-18-4-1,Yes,Required,Decidable,Single Translation Unit,Exception-unfriendly functions shall be noexcept,A15-5-1,,Easy, +cpp,MISRA-C++-2023,RULE-18-4-1,Yes,Required,Decidable,Single Translation Unit,Exception-unfriendly functions shall be noexcept,A15-5-1,Exceptions3,Easy, cpp,MISRA-C++-2023,RULE-18-5-1,Yes,Advisory,Undecidable,System,A noexcept function should not attempt to propagate an exception to the calling function,A15-4-2,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-18-5-2,Yes,Advisory,Decidable,Single Translation Unit,Program-terminating functions should not be used,,,Easy, +cpp,MISRA-C++-2023,RULE-18-5-2,Yes,Advisory,Decidable,Single Translation Unit,Program-terminating functions should not be used,,BannedAPIs,Easy, cpp,MISRA-C++-2023,RULE-19-0-1,No,Required,Decidable,Single Translation Unit,A line whose first token is # shall be a valid preprocessing directive,,,, cpp,MISRA-C++-2023,RULE-19-0-2,Yes,Required,Decidable,Single Translation Unit,Function-like macros shall not be defined,DIR-4-9,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-19-0-3,Yes,Advisory,Decidable,Single Translation Unit,#include directives should only be preceded by preprocessor directives or comments,RULE-20-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-19-0-4,Yes,Advisory,Decidable,Single Translation Unit,#undef should only be used for macros defined previously in the same file,,,Easy, -cpp,MISRA-C++-2023,RULE-19-1-1,Yes,Required,Decidable,Single Translation Unit,The defined preprocessor operator shall be used appropriately,M16-1-1,,Easy, +cpp,MISRA-C++-2023,RULE-19-0-4,Yes,Advisory,Decidable,Single Translation Unit,#undef should only be used for macros defined previously in the same file,,Preprocessor,Easy, +cpp,MISRA-C++-2023,RULE-19-1-1,Yes,Required,Decidable,Single Translation Unit,The defined preprocessor operator shall be used appropriately,M16-1-1,Preprocessor,Easy, cpp,MISRA-C++-2023,RULE-19-1-2,No,Required,Decidable,Single Translation Unit,"All #else, #elif and #endif preprocessor directives shall reside in the same file as the #if, #ifdef or #ifndef directive to which they are related",M16-1-2,,, cpp,MISRA-C++-2023,RULE-19-1-3,Yes,Required,Decidable,Single Translation Unit,All identifiers used in the controlling expression of #if or #elif preprocessing directives shall be defined prior to evaluation,M16-0-7,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-19-2-1,Yes,Required,Decidable,Single Translation Unit,Precautions shall be taken in order to prevent the contents of a header file being included more than once,M16-2-3,,Easy, -cpp,MISRA-C++-2023,RULE-19-2-2,Yes,Required,Decidable,Single Translation Unit,"The #include directive shall be followed by either a or ""filename"" sequence",,,Easy, +cpp,MISRA-C++-2023,RULE-19-2-1,Yes,Required,Decidable,Single Translation Unit,Precautions shall be taken in order to prevent the contents of a header file being included more than once,M16-2-3,Preprocessor,Easy, +cpp,MISRA-C++-2023,RULE-19-2-2,Yes,Required,Decidable,Single Translation Unit,"The #include directive shall be followed by either a or ""filename"" sequence",,Preprocessor,Easy, cpp,MISRA-C++-2023,RULE-19-2-3,Yes,Required,Decidable,Single Translation Unit,"The ' or "" or \ characters and the /* or // character sequences shall not occur in a header file name",A16-2-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-19-3-1,Yes,Advisory,Decidable,Single Translation Unit,The # and ## preprocessor operators should not be used,M16-3-2,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-19-3-2,Yes,Required,Decidable,Single Translation Unit,A macro parameter immediately following a # operator shall not be immediately followed by a ## operator,RULE-20-11,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-19-3-3,Yes,Required,Decidable,Single Translation Unit,The argument to a mixed-use macro parameter shall not be subject to further expansion,RULE-20-12,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-19-3-4,Yes,Required,Decidable,Single Translation Unit,Parentheses shall be used to ensure macro arguments are expanded appropriately,M16-0-6,,Medium, +cpp,MISRA-C++-2023,RULE-19-3-4,Yes,Required,Decidable,Single Translation Unit,Parentheses shall be used to ensure macro arguments are expanded appropriately,M16-0-6,Preprocessor,Medium, cpp,MISRA-C++-2023,RULE-19-3-5,Yes,Required,Decidable,Single Translation Unit,Tokens that look like a preprocessing directive shall not occur within a macro argument,RULE-20-6,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-19-6-1,Yes,Advisory,Decidable,Single Translation Unit,The #pragma directive and the _Pragma operator should not be used,A16-7-1,,Easy, +cpp,MISRA-C++-2023,RULE-19-6-1,Yes,Advisory,Decidable,Single Translation Unit,The #pragma directive and the _Pragma operator should not be used,A16-7-1,Preprocessor,Easy, cpp,MISRA-C++-2023,RULE-21-2-1,Yes,Required,Decidable,Single Translation Unit,"The library functions atof, atoi, atol and atoll from shall not be used",RULE-21-7,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-21-2-2,Yes,Required,Decidable,Single Translation Unit,"The string handling functions from , , and shall not be used",M18-0-5,,Easy, -cpp,MISRA-C++-2023,RULE-21-2-3,Yes,Required,Decidable,Single Translation Unit,The library function system from shall not be used,M18-0-3,,Easy, +cpp,MISRA-C++-2023,RULE-21-2-2,Yes,Required,Decidable,Single Translation Unit,"The string handling functions from , , and shall not be used",M18-0-5,BannedAPIs,Easy, +cpp,MISRA-C++-2023,RULE-21-2-3,Yes,Required,Decidable,Single Translation Unit,The library function system from shall not be used,M18-0-3,BannedAPIs,Easy, cpp,MISRA-C++-2023,RULE-21-2-4,Yes,Required,Decidable,Single Translation Unit,The macro offsetof shall not be used,M18-2-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-21-6-1,Yes,Advisory,Undecidable,Single Translation Unit,Dynamic memory should not be used,DIR-4-12,,Easy, -cpp,MISRA-C++-2023,RULE-21-6-2,Yes,Required,Decidable,Single Translation Unit,Dynamic memory shall be managed automatically,,,Easy, -cpp,MISRA-C++-2023,RULE-21-6-3,Yes,Required,Decidable,Single Translation Unit,Advanced memory management shall not be used,,,Medium, +cpp,MISRA-C++-2023,RULE-21-6-1,Yes,Advisory,Undecidable,Single Translation Unit,Dynamic memory should not be used,DIR-4-12,Banned,Easy, +cpp,MISRA-C++-2023,RULE-21-6-2,Yes,Required,Decidable,Single Translation Unit,Dynamic memory shall be managed automatically,,Memory,Easy, +cpp,MISRA-C++-2023,RULE-21-6-3,Yes,Required,Decidable,Single Translation Unit,Advanced memory management shall not be used,,Memory,Medium, cpp,MISRA-C++-2023,RULE-21-6-4,Yes,Required,Decidable,System,"If a project defines either a sized or unsized version of a global operator delete, then both shall be defined",A18-5-4,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-21-6-5,Yes,Required,Decidable,Single Translation Unit,A pointer to an incomplete class type shall not be deleted,A5-3-3,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-21-10-1,Yes,Required,Decidable,Single Translation Unit,The features of shall not be used,DCL50-CPP,,Easy, -cpp,MISRA-C++-2023,RULE-21-10-2,Yes,Required,Decidable,Single Translation Unit,The standard header file shall not be used,ERR52-CPP,,Easy, +cpp,MISRA-C++-2023,RULE-21-10-1,Yes,Required,Decidable,Single Translation Unit,The features of shall not be used,DCL50-CPP,BannedAPIs,Easy, +cpp,MISRA-C++-2023,RULE-21-10-2,Yes,Required,Decidable,Single Translation Unit,The standard header file shall not be used,ERR52-CPP,BannedAPIs,Easy, cpp,MISRA-C++-2023,RULE-21-10-3,Yes,Required,Decidable,Single Translation Unit,The facilities provided by the standard header file shall not be used,M18-7-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-22-3-1,Yes,Required,Decidable,Single Translation Unit,The assert macro shall not be used with a constant-expression,,,Easy, -cpp,MISRA-C++-2023,RULE-22-4-1,Yes,Required,Decidable,Single Translation Unit,The literal value zero shall be the only value assigned to errno,,,Easy, -cpp,MISRA-C++-2023,RULE-23-11-1,Yes,Advisory,Decidable,Single Translation Unit,The raw pointer constructors of std::shared_ptr and std::unique_ptr should not be used,,,Easy, -cpp,MISRA-C++-2023,RULE-24-5-1,Yes,Required,Decidable,Single Translation Unit,The character handling functions from and shall not be used,,,Easy, -cpp,MISRA-C++-2023,RULE-24-5-2,Yes,Required,Decidable,Single Translation Unit,"The C++ Standard Library functions memcpy, memmove and memcmp from shall not be used",,,Easy, -cpp,MISRA-C++-2023,RULE-25-5-1,Yes,Required,Decidable,Single Translation Unit,The setlocale and std::locale::global functions shall not be called,,,Easy, +cpp,MISRA-C++-2023,RULE-22-3-1,Yes,Required,Decidable,Single Translation Unit,The assert macro shall not be used with a constant-expression,,Preconditions,Easy, +cpp,MISRA-C++-2023,RULE-22-4-1,Yes,Required,Decidable,Single Translation Unit,The literal value zero shall be the only value assigned to errno,,Preconditions,Easy, +cpp,MISRA-C++-2023,RULE-23-11-1,Yes,Advisory,Decidable,Single Translation Unit,The raw pointer constructors of std::shared_ptr and std::unique_ptr should not be used,,BannedAPIs,Easy, +cpp,MISRA-C++-2023,RULE-24-5-1,Yes,Required,Decidable,Single Translation Unit,The character handling functions from and shall not be used,,BannedAPIs,Easy, +cpp,MISRA-C++-2023,RULE-24-5-2,Yes,Required,Decidable,Single Translation Unit,"The C++ Standard Library functions memcpy, memmove and memcmp from shall not be used",,BannedAPIs,Easy, +cpp,MISRA-C++-2023,RULE-25-5-1,Yes,Required,Decidable,Single Translation Unit,The setlocale and std::locale::global functions shall not be called,,BannedAPIs,Easy, cpp,MISRA-C++-2023,RULE-25-5-2,Yes,Mandatory,Decidable,Single Translation Unit,"The pointers returned by the C++ Standard Library functions localeconv, getenv, setlocale or strerror must only be used as if they have pointer to const-qualified type",RULE-21-19,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-25-5-3,Yes,Mandatory,Undecidable,System,"The pointer returned by the C++ Standard Library functions asctime, ctime, gmtime, localtime, localeconv, getenv, setlocale or strerror must not be used following a subsequent call to the same function",RULE-21-20,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-26-3-1,Yes,Advisory,Decidable,Single Translation Unit,std::vector should not be specialized with bool,A18-1-2,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-28-3-1,Yes,Required,Undecidable,System,Predicates shall not have persistent side effects,A25-1-1,,Easy, -cpp,MISRA-C++-2023,RULE-28-6-1,Yes,Required,Decidable,Single Translation Unit,The argument to std::move shall be a non-const lvalue,A18-9-3,,Easy, +cpp,MISRA-C++-2023,RULE-28-3-1,Yes,Required,Undecidable,System,Predicates shall not have persistent side effects,A25-1-1,SideEffects3,Easy, +cpp,MISRA-C++-2023,RULE-28-6-1,Yes,Required,Decidable,Single Translation Unit,The argument to std::move shall be a non-const lvalue,A18-9-3,Preconditions,Easy, cpp,MISRA-C++-2023,RULE-28-6-2,Yes,Required,Decidable,Single Translation Unit,Forwarding references and std::forward shall be used together,A18-9-2,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-28-6-3,Yes,Required,Decidable,Single Translation Unit,An object shall not be used while in a potentially moved-from state,A12-8-3,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-28-6-4,Yes,Required,Decidable,Single Translation Unit,"The result of std::remove, std::remove_if, std::unique and empty shall be used",,,Easy, +cpp,MISRA-C++-2023,RULE-28-6-4,Yes,Required,Decidable,Single Translation Unit,"The result of std::remove, std::remove_if, std::unique and empty shall be used",,DeadCode2,Easy, cpp,MISRA-C++-2023,RULE-30-0-1,Yes,Required,Decidable,Single Translation Unit,The C Library input/output functions shall not be used,M27-0-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-30-0-2,Yes,Required,Undecidable,System,Reads and writes on the same file stream shall be separated by a positioning operation,A27-0-3,ImportMisra23,Import, From d9f248e3333b22ab277e7271226a020562246761 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Mon, 29 Jul 2024 15:43:22 +0100 Subject: [PATCH 1908/2573] Avoid clash on Package name Naming was already used --- rules.csv | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rules.csv b/rules.csv index 0e08bef58f..f9c195e47a 100644 --- a/rules.csv +++ b/rules.csv @@ -792,7 +792,7 @@ cpp,MISRA-C++-2023,RULE-5-0-1,Yes,Advisory,Decidable,Single Translation Unit,Tri cpp,MISRA-C++-2023,RULE-5-7-1,Yes,Required,Decidable,Single Translation Unit,The character sequence /* shall not be used within a C-style comment,M2-7-1,ImportMisra23,Import, cpp,MISRA-C++-2023,DIR-5-7-2,Yes,Advisory,,,Sections of code should not be “commented out”,A2-7-2,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-5-7-3,Yes,Required,Decidable,Single Translation Unit,Line-splicing shall not be used in // comments,A2-7-1,ImportMisra23,Import, -cpp,MISRA-C++-2023,RULE-5-10-1,Yes,Required,Decidable,Single Translation Unit,User-defined identifiers shall have an appropriate form,,Naming,Easy, +cpp,MISRA-C++-2023,RULE-5-10-1,Yes,Required,Decidable,Single Translation Unit,User-defined identifiers shall have an appropriate form,,Naming2,Easy, cpp,MISRA-C++-2023,RULE-5-13-1,Yes,Required,Decidable,Single Translation Unit,"In character literals and non-raw string literals, \ shall only be used to form a defined escape sequence or universal character name",A2-13-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-5-13-2,Yes,Required,Decidable,Single Translation Unit,"Octal escape sequences, hexadecimal escape sequences, and universal character names shall be terminated",RULE-4-1,ImportMisra23,Import, cpp,MISRA-C++-2023,RULE-5-13-3,Yes,Required,Decidable,Single Translation Unit,Octal constants shall not be used,M2-13-2,ImportMisra23,Import, From 490a968c014036ab8fa01b099a618ded0dae1f57 Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Tue, 30 Jul 2024 14:19:55 +0900 Subject: [PATCH 1909/2573] Fix for #650 --- .../MacroOrFunctionArgsContainHashToken.ql | 37 ++++++++++++++++--- ...croOrFunctionArgsContainHashToken.expected | 2 - c/cert/test/rules/PRE32-C/test.c | 6 +-- change_notes/2024-07-30-fix-fp-650-PRE32-C.md | 2 + 4 files changed, 37 insertions(+), 10 deletions(-) create mode 100644 change_notes/2024-07-30-fix-fp-650-PRE32-C.md diff --git a/c/cert/src/rules/PRE32-C/MacroOrFunctionArgsContainHashToken.ql b/c/cert/src/rules/PRE32-C/MacroOrFunctionArgsContainHashToken.ql index c323c2d31f..9680bea813 100644 --- a/c/cert/src/rules/PRE32-C/MacroOrFunctionArgsContainHashToken.ql +++ b/c/cert/src/rules/PRE32-C/MacroOrFunctionArgsContainHashToken.ql @@ -32,11 +32,38 @@ predicate isFunctionSuccessorLocation(ControlFlowNode node, File f, int endline) PreprocessorDirective isLocatedInAFunctionInvocation(FunctionCall c) { exists(PreprocessorDirective p, File f, int startCall, int endCall | isFunctionInvocationLocation(c, f, startCall, endCall) and - exists(int startLine, int endLine | isPreprocDirectiveLine(p, f, startLine, endLine) | - startCall < startLine and - startCall < endLine and - endLine <= endCall and - endLine <= endCall + exists(Expr arg, int preprocStartLine, int preprocEndLine | + c.getAnArgument() = arg and + isPreprocDirectiveLine(p, f, preprocStartLine, preprocEndLine) and + // function call begins before preprocessor directive + startCall < preprocStartLine and + ( + // argument's location is after the preprocessor directive + arg.getLocation().getStartLine() > preprocStartLine + or + // arg's location is before an endif token that is part of a + // preprocessor directive defined before the argument. + // E.g. + // memcpy(dest, src, + // #ifdef SOMEMACRO + // 12 + // #else + // 24 // 'arg' exists here + // #endif // endif after 'arg', but part of a preproc. branch before 'arg' + // ); + p instanceof PreprocessorEndif and + // exists a preprocessor branch of which this is the endif + // and that preprocessor directive exists before + // the argument and after the function call begins. + exists(PreprocessorBranchDirective another | + another.getEndIf() = p and + another.getLocation().getFile() = f and + startCall < another.getLocation().getStartLine() and + arg.getLocation().getStartLine() > another.getLocation().getStartLine() + ) + ) and + // function call ends after preprocessor directive + endCall > preprocEndLine ) and result = p ) diff --git a/c/cert/test/rules/PRE32-C/MacroOrFunctionArgsContainHashToken.expected b/c/cert/test/rules/PRE32-C/MacroOrFunctionArgsContainHashToken.expected index f25c7ea0e0..efbf021972 100644 --- a/c/cert/test/rules/PRE32-C/MacroOrFunctionArgsContainHashToken.expected +++ b/c/cert/test/rules/PRE32-C/MacroOrFunctionArgsContainHashToken.expected @@ -4,5 +4,3 @@ | test.c:20:1:20:16 | #ifdef SOMEMACRO | Invocation of function memcpy includes a token "#ifdef SOMEMACRO" that could be confused for an argument preprocessor directive. | | test.c:22:1:22:5 | #else | Invocation of function memcpy includes a token "#else" that could be confused for an argument preprocessor directive. | | test.c:24:1:24:6 | #endif | Invocation of function memcpy includes a token "#endif" that could be confused for an argument preprocessor directive. | -| test.c:27:1:27:8 | #if TEST | Invocation of function memcpy includes a token "#if TEST" that could be confused for an argument preprocessor directive. | -| test.c:28:1:28:6 | #endif | Invocation of function memcpy includes a token "#endif" that could be confused for an argument preprocessor directive. | diff --git a/c/cert/test/rules/PRE32-C/test.c b/c/cert/test/rules/PRE32-C/test.c index af3606f24c..bf07beecb5 100644 --- a/c/cert/test/rules/PRE32-C/test.c +++ b/c/cert/test/rules/PRE32-C/test.c @@ -24,6 +24,6 @@ void func(const char *src) { #endif // NON_COMPLIANT ); -#if TEST // COMPLIANT[FALSE_POSITIVE] -#endif // COMPLIANT[FALSE_POSITIVE] -} \ No newline at end of file +#if TEST // COMPLIANT +#endif // COMPLIANT +} diff --git a/change_notes/2024-07-30-fix-fp-650-PRE32-C.md b/change_notes/2024-07-30-fix-fp-650-PRE32-C.md new file mode 100644 index 0000000000..e1ea391499 --- /dev/null +++ b/change_notes/2024-07-30-fix-fp-650-PRE32-C.md @@ -0,0 +1,2 @@ +- `PRE32-C` - `MacroOrFunctionArgsContainHashToken.ql`: + - Fixes #650. Correctly identifies presence of preprocessor directives in function calls. From e3e2911fa1280b8eae552a563b8a3e5d3d2d1d36 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 30 Jul 2024 16:20:47 -0400 Subject: [PATCH 1910/2573] Update handbook --- docs/development_handbook.md | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/docs/development_handbook.md b/docs/development_handbook.md index 10ad1637a5..6db6b51e73 100644 --- a/docs/development_handbook.md +++ b/docs/development_handbook.md @@ -1,4 +1,4 @@ -# Coding Standards: Developer handbook +# Coding Standards: Developer handbookA ## Document management @@ -39,7 +39,7 @@ | 0.29.1 | 2023-10-11 | Remco Vermeulen | Address Markdown linter problems. | | 0.30.0 | 2023-11-14 | Remco Vermeulen | Clarify release steps in case of a hotfix release. | | 0.31.0 | 2024-02-23 | Remco Vermeulen | Clarify the required use of Python version 3.9 | -| 0.32.0 | 2024-05-01 | Luke Cartey | Refer to the user manual for the list of supported standards. | +| 0.32.0 | 2024-05-01 | Luke Cartey | Refer to the user manual for the list of supported standards. | 0.33.0 | 2024-07-30 | Kristen Newbury | Remove out dated references to codeql modules directory usage. | ## Scope of work @@ -509,8 +509,7 @@ To upgrade the CodeQL external dependencies: 2. Determine if there is a compatible CodeQL CLI bundle version by looking at the releases specified at [CodeQL Action releases](https://github.com/github/codeql-action/releases). The bundle always includes the standard library at the version specified by the `codeql-cli/v` tag in the `github/codeql` repository. 3. If you find a compatible CodeQL CLI bundle, determine whether that bundle was released in a GitHub Enterprise server release, by inspecting the `defaults.json` file at https://github.com/github/codeql-action/blob/main/lib/defaults.json#L2 for the CodeQL Action submitted with 4. Populated the `supported_codeql_configs.json` file with the given values, ensuring to delete the optional fields if they are not populated. -5. Update the `codeql_modules/codeql` submodule pointer to the `codeql_standard_library` tag identified. -6. Submit a Pull Request to the `github/codeql-coding-standards` repository with the title `Upgrade `github/codeql` dependency to `. Use this template for the description, filling : +5. Submit a Pull Request to the `github/codeql-coding-standards` repository with the title `Upgrade `github/codeql` dependency to `. Use this template for the description, filling : ```md This PR updates the `supported_codeql_configs.json` file to target: @@ -532,9 +531,9 @@ To upgrade the CodeQL external dependencies: - [ ] Validate performance vs pre-upgrade ``` -7. Follow the dependency upgrade checklist, confirming each step. The `.github/workflows/standard_library_upgrade_tests.yml` will trigger automation for running the `github/codeql` unit tests with the appropriate CLI version. -8. Once all the automate tests have passed, and the checklist is complete, the PR can be merged. -9. An internal notification should be shared with the development team. +6. Follow the dependency upgrade checklist, confirming each step. The `.github/workflows/standard_library_upgrade_tests.yml` will trigger automation for running the `github/codeql` unit tests with the appropriate CLI version. +7. Once all the automate tests have passed, and the checklist is complete, the PR can be merged. +8. An internal notification should be shared with the development team. ### Release process From 7b0f058ae628a6a6fc199014b02aaf03a6443f76 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 30 Jul 2024 16:22:53 -0400 Subject: [PATCH 1911/2573] Update handbook - prev fix introduced typo --- docs/development_handbook.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/development_handbook.md b/docs/development_handbook.md index 6db6b51e73..b248919271 100644 --- a/docs/development_handbook.md +++ b/docs/development_handbook.md @@ -1,4 +1,4 @@ -# Coding Standards: Developer handbookA +# Coding Standards: Developer handbook ## Document management From 30e2830fb5c4599b14551126b0d85e6aaa5d30bc Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 31 Jul 2024 12:04:51 -0400 Subject: [PATCH 1912/2573] Update docs/development_handbook.md Co-authored-by: Luke Cartey <5377966+lcartey@users.noreply.github.com> --- docs/development_handbook.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/development_handbook.md b/docs/development_handbook.md index b248919271..b8b883b628 100644 --- a/docs/development_handbook.md +++ b/docs/development_handbook.md @@ -39,7 +39,8 @@ | 0.29.1 | 2023-10-11 | Remco Vermeulen | Address Markdown linter problems. | | 0.30.0 | 2023-11-14 | Remco Vermeulen | Clarify release steps in case of a hotfix release. | | 0.31.0 | 2024-02-23 | Remco Vermeulen | Clarify the required use of Python version 3.9 | -| 0.32.0 | 2024-05-01 | Luke Cartey | Refer to the user manual for the list of supported standards. | 0.33.0 | 2024-07-30 | Kristen Newbury | Remove out dated references to codeql modules directory usage. | +| 0.32.0 | 2024-05-01 | Luke Cartey | Refer to the user manual for the list of supported standards. | +| 0.33.0 | 2024-07-30 | Kristen Newbury | Remove out dated references to codeql modules directory usage. | ## Scope of work From 5f17c720cf56692e05f0faadcaf00491fd05827b Mon Sep 17 00:00:00 2001 From: knewbury01 Date: Fri, 2 Aug 2024 17:13:11 +0000 Subject: [PATCH 1913/2573] Bump version to 2.34.0-dev --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- docs/user_manual.md | 12 ++++++------ 16 files changed, 21 insertions(+), 21 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index fbae0e71e0..1f2e0ebae0 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards -version: 2.33.0-dev +version: 2.34.0-dev description: CERT C 2016 suites: codeql-suites license: MIT diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index 9b878b7b5c..f6ed827283 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards-tests -version: 2.33.0-dev +version: 2.34.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 474bb3bed7..a37d47ec49 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards -version: 2.33.0-dev +version: 2.34.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index c83d53ae3f..7516f70ba5 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards-tests -version: 2.33.0-dev +version: 2.34.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index bfb3a8e8a5..960416a409 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards -version: 2.33.0-dev +version: 2.34.0-dev description: MISRA C 2012 suites: codeql-suites license: MIT diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index efe05e7d75..354b1d81f3 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards-tests -version: 2.33.0-dev +version: 2.34.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index 9c0bccbc08..af1422fc68 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards -version: 2.33.0-dev +version: 2.34.0-dev description: AUTOSAR C++14 Guidelines R22-11, R21-11, R20-11, R19-11 and R19-03 suites: codeql-suites license: MIT diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index 6743c3b3ee..101f8f987e 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards-tests -version: 2.33.0-dev +version: 2.34.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index 47c2c319c7..cc0e71c7bd 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards -version: 2.33.0-dev +version: 2.34.0-dev description: CERT C++ 2016 suites: codeql-suites license: MIT diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index 7b8ed0858d..6cefec112e 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards-tests -version: 2.33.0-dev +version: 2.34.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index 764c164fcd..2d205f5921 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards -version: 2.33.0-dev +version: 2.34.0-dev license: MIT dependencies: codeql/cpp-all: 0.9.3 diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index 3ce9a6da2a..69ecca2036 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards-tests -version: 2.33.0-dev +version: 2.34.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index d177c9f651..b9d02663fc 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards -version: 2.33.0-dev +version: 2.34.0-dev description: MISRA C++ 2023 suites: codeql-suites license: MIT diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index 2627cf1b66..7fc85dc12a 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards-tests -version: 2.33.0-dev +version: 2.34.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index 085b1e8a9e..525379e38e 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/report-cpp-coding-standards -version: 2.33.0-dev +version: 2.34.0-dev license: MIT dependencies: codeql/cpp-all: 0.9.3 diff --git a/docs/user_manual.md b/docs/user_manual.md index a32abda8c4..60b695ebd4 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -30,13 +30,13 @@ ## Release information -This user manual documents release `2.33.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). +This user manual documents release `2.34.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). The release page documents the release notes and contains the following artifacts part of the release: -- `code-scanning-cpp-query-pack-2.33.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `supported_rules_list_2.33.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. -- `supported_rules_list_2.33.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. -- `user_manual_2.33.0-dev.md`: This user manual. +- `code-scanning-cpp-query-pack-2.34.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. +- `supported_rules_list_2.34.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. +- `supported_rules_list_2.34.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. +- `user_manual_2.34.0-dev.md`: This user manual. - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards - `checksums.txt`: A text file containing sha256 checksums for the aforementioned artifacts. @@ -499,7 +499,7 @@ This section describes known failure modes for "CodeQL Coding Standards" and des | | Ouf of space | Less output. Some files may be only be partially analyzed, or not analyzed at all. | Error reported on the command line. | Increase space. If it remains an issue report space consumption issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False positives | More output. Results are reported which are not violations of the guidelines. | All reported results must be reviewed. | Report false positive issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False negatives | Less output. Violations of the guidelines are not reported. | Other validation and verification processes during software development should be used to complement the analysis performed by CodeQL Coding Standards. | Report false negative issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | -| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.33.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | +| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.34.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | | | Incorrect deviation record specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation records with a reason. Ensure that all deviation records are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Incorrect deviation permit specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation permits with a reason. Ensure that all deviation permits are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Unapproved use of a deviation record | Less output. Results for guideline violations are not reported. | Validate that the deviation record use is approved by verifying the approved-by attribute of the deviation record specification. | Ensure that each raised deviation record is approved by an independent approver through an auditable process. | From 46f271b49e0878c10760b7d4cc08be93ec35b397 Mon Sep 17 00:00:00 2001 From: Nicolas Will Date: Mon, 5 Aug 2024 22:21:05 +0200 Subject: [PATCH 1914/2573] Update automation ACLs Removed jsinglet and kraiouchkine --- .github/workflows/dispatch-matrix-check.yml | 16 +++++++--------- .../dispatch-matrix-test-on-comment.yml | 5 +---- .../dispatch-release-performance-check.yml | 6 ++---- 3 files changed, 10 insertions(+), 17 deletions(-) diff --git a/.github/workflows/dispatch-matrix-check.yml b/.github/workflows/dispatch-matrix-check.yml index 350f2fb73f..77670e4bd0 100644 --- a/.github/workflows/dispatch-matrix-check.yml +++ b/.github/workflows/dispatch-matrix-check.yml @@ -1,8 +1,8 @@ -name: 🤖 Run Matrix Check +name: 🤖 Run Matrix Check on: pull_request_target: - types: [synchronize,opened] + types: [synchronize, opened] branches: - "matrix/**" workflow_dispatch: @@ -11,14 +11,13 @@ jobs: dispatch-matrix-check: runs-on: ubuntu-22.04 steps: - - name: Test Variables shell: pwsh run: | - Write-Host "Running as: ${{github.actor}}" - + Write-Host "Running as: ${{github.actor}}" + - name: Dispatch Matrix Testing Job - if: ${{ contains(fromJSON('["jsinglet", "mbaluda", "lcartey", "rvermeulen", "ravikprasad", "jeongsoolee09", "hohn", "knewbury01", "kraiouchkine"]'), github.actor) }} + if: ${{ contains(fromJSON('["mbaluda", "lcartey", "rvermeulen", "ravikprasad", "jeongsoolee09", "hohn", "knewbury01", "nicolaswill"]'), github.actor) }} uses: peter-evans/repository-dispatch@v2 with: token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} @@ -26,9 +25,8 @@ jobs: event-type: matrix-test client-payload: '{"pr": "${{ github.event.number }}"}' - - uses: actions/github-script@v6 - if: ${{ contains(fromJSON('["jsinglet", "mbaluda", "lcartey", "rvermeulen", "ravikprasad", "jeongsoolee09", "hohn", "knewbury01", "kraiouchkine"]'), github.actor) }} + if: ${{ contains(fromJSON('["mbaluda", "lcartey", "rvermeulen", "ravikprasad", "jeongsoolee09", "hohn", "knewbury01", "nicolaswill"]'), github.actor) }} with: script: | github.rest.issues.createComment({ @@ -36,4 +34,4 @@ jobs: owner: context.repo.owner, repo: context.repo.repo, body: '🤖 Beep Boop! Matrix Testing for this PR has been initiated. Please check back later for results.

:bulb: If you do not hear back from me please check my status! **I will report even if this PR does not contain files eligible for matrix testing.**' - }) \ No newline at end of file + }) diff --git a/.github/workflows/dispatch-matrix-test-on-comment.yml b/.github/workflows/dispatch-matrix-test-on-comment.yml index bef0ba7232..ba223380c7 100644 --- a/.github/workflows/dispatch-matrix-test-on-comment.yml +++ b/.github/workflows/dispatch-matrix-test-on-comment.yml @@ -8,12 +8,10 @@ on: - "rc/**" - next - jobs: dispatch-matrix-check: runs-on: ubuntu-22.04 steps: - - name: Test Variables shell: pwsh run: | @@ -21,13 +19,12 @@ jobs: $actor = "${{github.actor}}" - $acl = @("jsinglet","mbaluda", "lcartey", "rvermeulen", "ravikprasad", "jeongsoolee09", "hohn", "knewbury01", "kraiouchkine") + $acl = @("mbaluda", "lcartey", "rvermeulen", "ravikprasad", "jeongsoolee09", "hohn", "knewbury01", "nicolaswill") if(-not ($actor -in $acl)){ throw "Refusing to run workflow for user not in acl." } - - name: Dispatch Matrix Testing Job if: ${{ github.event.issue.pull_request && contains(github.event.comment.body, '/test-matrix') }} uses: peter-evans/repository-dispatch@v2 diff --git a/.github/workflows/dispatch-release-performance-check.yml b/.github/workflows/dispatch-release-performance-check.yml index 0858527721..437f80b322 100644 --- a/.github/workflows/dispatch-release-performance-check.yml +++ b/.github/workflows/dispatch-release-performance-check.yml @@ -12,7 +12,6 @@ jobs: dispatch-matrix-check: runs-on: ubuntu-22.04 steps: - - name: Test Variables shell: pwsh run: | @@ -20,7 +19,7 @@ jobs: $actor = "${{github.actor}}" - $acl = @("jsinglet","mbaluda", "lcartey", "rvermeulen", "ravikprasad", "jeongsoolee09", "hohn", "knewbury01", "kraiouchkine") + $acl = @("mbaluda", "lcartey", "rvermeulen", "ravikprasad", "jeongsoolee09", "hohn", "knewbury01", "nicolaswill") if(-not ($actor -in $acl)){ throw "Refusing to run workflow for user not in acl." @@ -35,7 +34,6 @@ jobs: event-type: performance-test client-payload: '{"pr": "${{ github.event.issue.number }}"}' - - uses: actions/github-script@v6 if: ${{ github.event.issue.pull_request && contains(github.event.comment.body, '/test-performance') }} with: @@ -45,4 +43,4 @@ jobs: owner: context.repo.owner, repo: context.repo.repo, body: '🏁 Beep Boop! Performance testing for this PR has been initiated. Please check back later for results. Note that the query package generation step must complete before testing will start so it might be a minute.

:bulb: If you do not hear back from me please check my status! **I will report even if I fail!**' - }) \ No newline at end of file + }) From 10a4dda0979397b22e20d633b68e6e2315e05e4e Mon Sep 17 00:00:00 2001 From: Nicolas Will Date: Mon, 5 Aug 2024 22:33:07 +0200 Subject: [PATCH 1915/2573] Remove duplicate whitespace Co-authored-by: Jeongsoo Lee --- .github/workflows/dispatch-matrix-check.yml | 2 +- .github/workflows/dispatch-release-performance-check.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/dispatch-matrix-check.yml b/.github/workflows/dispatch-matrix-check.yml index 77670e4bd0..a570777877 100644 --- a/.github/workflows/dispatch-matrix-check.yml +++ b/.github/workflows/dispatch-matrix-check.yml @@ -23,7 +23,7 @@ jobs: token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} repository: github/codeql-coding-standards-release-engineering event-type: matrix-test - client-payload: '{"pr": "${{ github.event.number }}"}' + client-payload: '{"pr": "${{ github.event.number }}"}' - uses: actions/github-script@v6 if: ${{ contains(fromJSON('["mbaluda", "lcartey", "rvermeulen", "ravikprasad", "jeongsoolee09", "hohn", "knewbury01", "nicolaswill"]'), github.actor) }} diff --git a/.github/workflows/dispatch-release-performance-check.yml b/.github/workflows/dispatch-release-performance-check.yml index 437f80b322..827c0c4463 100644 --- a/.github/workflows/dispatch-release-performance-check.yml +++ b/.github/workflows/dispatch-release-performance-check.yml @@ -32,7 +32,7 @@ jobs: token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} repository: github/codeql-coding-standards-release-engineering event-type: performance-test - client-payload: '{"pr": "${{ github.event.issue.number }}"}' + client-payload: '{"pr": "${{ github.event.issue.number }}"}' - uses: actions/github-script@v6 if: ${{ github.event.issue.pull_request && contains(github.event.comment.body, '/test-performance') }} From eaf9ccb7299ba6d26d54f9c230f98dda59b047fe Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Tue, 6 Aug 2024 15:35:20 +0900 Subject: [PATCH 1916/2573] Fix #658 --- .../src/rules/M0-1-3/UnusedLocalVariable.ql | 13 ++++++++--- .../rules/M0-1-3/UnusedLocalVariable.expected | 11 +++++----- cpp/autosar/test/rules/M0-1-3/test.cpp | 22 +++++++++++++++---- .../cpp/deadcode/UnusedVariables.qll | 7 +++++- 4 files changed, 39 insertions(+), 14 deletions(-) diff --git a/cpp/autosar/src/rules/M0-1-3/UnusedLocalVariable.ql b/cpp/autosar/src/rules/M0-1-3/UnusedLocalVariable.ql index f088bb1b74..70e8d13e3c 100644 --- a/cpp/autosar/src/rules/M0-1-3/UnusedLocalVariable.ql +++ b/cpp/autosar/src/rules/M0-1-3/UnusedLocalVariable.ql @@ -18,10 +18,10 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.deadcode.UnusedVariables -/** Gets the constant value of a constexpr variable. */ +/** Gets the constant value of a constexpr/const variable. */ private string getConstExprValue(Variable v) { result = v.getInitializer().getExpr().getValue() and - v.isConstexpr() + (v.isConst() or v.isConstexpr()) } // This predicate is similar to getUseCount for M0-1-4 except that it also @@ -41,7 +41,14 @@ int getUseCountConservatively(Variable v) { ) + // For static asserts too, check if there is a child which has the same value // as the constexpr variable. - count(StaticAssert s | s.getCondition().getAChild*().getValue() = getConstExprValue(v)) + count(StaticAssert s | s.getCondition().getAChild*().getValue() = getConstExprValue(v)) + + // In case an array type uses a constant in the same scope as the constexpr variable, + // consider it as used. + count(ArrayType at, LocalVariable arrayVariable | + arrayVariable.getType().resolveTypedefs() = at and + v.(PotentiallyUnusedLocalVariable).getFunction() = arrayVariable.getFunction() and + at.getArraySize().toString() = getConstExprValue(v) + ) } from PotentiallyUnusedLocalVariable v diff --git a/cpp/autosar/test/rules/M0-1-3/UnusedLocalVariable.expected b/cpp/autosar/test/rules/M0-1-3/UnusedLocalVariable.expected index d6f398369f..19317d1d0d 100644 --- a/cpp/autosar/test/rules/M0-1-3/UnusedLocalVariable.expected +++ b/cpp/autosar/test/rules/M0-1-3/UnusedLocalVariable.expected @@ -1,7 +1,6 @@ | test.cpp:7:7:7:7 | y | Local variable 'y' in 'test_simple' is not used. | -| test.cpp:14:13:14:13 | y | Local variable 'y' in 'test_const' is not used. | -| test.cpp:17:7:17:7 | z | Local variable 'z' in 'test_const' is not used. | -| test.cpp:23:5:23:5 | t | Local variable 't' in 'f1' is not used. | -| test.cpp:23:5:23:5 | t | Local variable 't' in 'f1' is not used. | -| test.cpp:44:6:44:6 | a | Local variable 'a' in 'test_side_effect_init' is not used. | -| test.cpp:91:5:91:5 | t | Local variable 't' in 'template_function' is not used. | +| test.cpp:15:7:15:7 | z | Local variable 'z' in 'test_const' is not used. | +| test.cpp:21:5:21:5 | t | Local variable 't' in 'f1' is not used. | +| test.cpp:21:5:21:5 | t | Local variable 't' in 'f1' is not used. | +| test.cpp:42:6:42:6 | a | Local variable 'a' in 'test_side_effect_init' is not used. | +| test.cpp:89:5:89:5 | t | Local variable 't' in 'template_function' is not used. | diff --git a/cpp/autosar/test/rules/M0-1-3/test.cpp b/cpp/autosar/test/rules/M0-1-3/test.cpp index a591c7e82b..0a8bdee7dd 100644 --- a/cpp/autosar/test/rules/M0-1-3/test.cpp +++ b/cpp/autosar/test/rules/M0-1-3/test.cpp @@ -11,9 +11,7 @@ int test_simple() { int test_const() { const int x = 1; // COMPLIANT - used below - const int y = 2; // COMPLIANT[FALSE_POSITIVE] - used in array initialization, - // but the database does not contain sufficient information - // for this case + const int y = 2; // COMPLIANT - used in array initialization, int z[y]; // NON_COMPLIANT - never used return x; } @@ -98,4 +96,20 @@ class ClassT { void test() {} }; -void test_template_function() { template_function(); } \ No newline at end of file +void test_template_function() { template_function(); } + +int foo() { + constexpr int arrayDim = 10; // COMPLIANT - used in array size below + static int array[arrayDim]{}; + return array[4]; +} + +template static T another_templ_function() { return T(); } + +template +static T another_templ_function(const First &first, const Rest &... rest) { + return first + + another_templ_function(rest...); // COMPLIANT - 'rest' is used here +} + +static int templ_fnc2() { return another_templ_function(1, 2, 3, 4, 5); } diff --git a/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll b/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll index f4607d82cb..578f06ebc6 100644 --- a/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll +++ b/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll @@ -52,7 +52,12 @@ class PotentiallyUnusedLocalVariable extends LocalVariable { // exclude uninstantiated template members not this.isFromUninstantiatedTemplate(_) and // Do not report compiler generated variables - not this.isCompilerGenerated() + not this.isCompilerGenerated() and + not exists(LocalScopeVariable another | + another.getDefinitionLocation() = this.getDefinitionLocation() and + another.hasName(this.getName()) and + exists(another.getAnAccess()) + ) } } From a7402b05a047a6a85da2d2b048c964ea2c581bf8 Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Tue, 6 Aug 2024 15:40:17 +0900 Subject: [PATCH 1917/2573] Update change_notes --- change_notes/2024-08-06-fix-fp-658-M0-1-3.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 change_notes/2024-08-06-fix-fp-658-M0-1-3.md diff --git a/change_notes/2024-08-06-fix-fp-658-M0-1-3.md b/change_notes/2024-08-06-fix-fp-658-M0-1-3.md new file mode 100644 index 0000000000..47a26705ae --- /dev/null +++ b/change_notes/2024-08-06-fix-fp-658-M0-1-3.md @@ -0,0 +1,2 @@ +- `M0-1-3` - `UnusedLocalVariable.ql`: + - Fixes #658. Considers usage of const/constexpr variables in array size and function parameters that are used in arguments of template functions. From cb0e45247d7228c28fdfd3733a539bc250acebdf Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Thu, 22 Aug 2024 00:44:48 -0400 Subject: [PATCH 1918/2573] Update development handbook --- docs/development_handbook.md | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/docs/development_handbook.md b/docs/development_handbook.md index b8b883b628..6c789c4fbd 100644 --- a/docs/development_handbook.md +++ b/docs/development_handbook.md @@ -41,6 +41,7 @@ | 0.31.0 | 2024-02-23 | Remco Vermeulen | Clarify the required use of Python version 3.9 | | 0.32.0 | 2024-05-01 | Luke Cartey | Refer to the user manual for the list of supported standards. | | 0.33.0 | 2024-07-30 | Kristen Newbury | Remove out dated references to codeql modules directory usage. | +| 0.34.0 | 2024-08-22 | Kristen Newbury | Remove out dated references to git submodules usage. | ## Scope of work @@ -737,12 +738,4 @@ codeql test accept \ cpp/cert/test/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclTypeOperand.qlref -``` - -### Troubleshooting: Unrecoverable mismatch between extractor and library dbschemes - -The following error could be indicative of the Git submodule *codeql-coding-standards/github_modules* being out-of-date: - ->Could not upgrade the dataset in /path/to/codeql-coding-standards/cpp/autosar/test/rules/...: Unrecoverable mismatch between extractor and library dbschemes. - -To resolve the problem, update the submodule by executing `git submodule update`. +``` \ No newline at end of file From 40c546fe9e1635df9ed1aa7dcf3856856d17917a Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Thu, 22 Aug 2024 12:18:59 -0400 Subject: [PATCH 1919/2573] Update development handbook --- docs/development_handbook.md | 3 --- 1 file changed, 3 deletions(-) diff --git a/docs/development_handbook.md b/docs/development_handbook.md index 6c789c4fbd..de283bb946 100644 --- a/docs/development_handbook.md +++ b/docs/development_handbook.md @@ -736,6 +736,3 @@ codeql test run --show-extractor-output \ # The actual output can be accepted via codeql test accept (which moves some files): codeql test accept \ cpp/cert/test/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclTypeOperand.qlref - - -``` \ No newline at end of file From 0f64260895bde831f7f964d24755d6d6353258ff Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Tue, 27 Aug 2024 10:05:29 +0900 Subject: [PATCH 1920/2573] Correct formatting in test --- cpp/autosar/test/rules/M0-1-3/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/M0-1-3/test.cpp b/cpp/autosar/test/rules/M0-1-3/test.cpp index 0a8bdee7dd..5c9c4a3413 100644 --- a/cpp/autosar/test/rules/M0-1-3/test.cpp +++ b/cpp/autosar/test/rules/M0-1-3/test.cpp @@ -107,7 +107,7 @@ int foo() { template static T another_templ_function() { return T(); } template -static T another_templ_function(const First &first, const Rest &... rest) { +static T another_templ_function(const First &first, const Rest &...rest) { return first + another_templ_function(rest...); // COMPLIANT - 'rest' is used here } From df7dc88b9cc0fb4ebdf4616119b6e8988e68bb2c Mon Sep 17 00:00:00 2001 From: knewbury01 Date: Tue, 27 Aug 2024 13:32:09 +0000 Subject: [PATCH 1921/2573] Bump version to 2.35.0-dev --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- docs/user_manual.md | 12 ++++++------ 16 files changed, 21 insertions(+), 21 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index 1f2e0ebae0..1cffeea095 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards -version: 2.34.0-dev +version: 2.35.0-dev description: CERT C 2016 suites: codeql-suites license: MIT diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index f6ed827283..defb929a0f 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards-tests -version: 2.34.0-dev +version: 2.35.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index a37d47ec49..03e55b4851 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards -version: 2.34.0-dev +version: 2.35.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index 7516f70ba5..97590a4d4e 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards-tests -version: 2.34.0-dev +version: 2.35.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 960416a409..0300f548bd 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards -version: 2.34.0-dev +version: 2.35.0-dev description: MISRA C 2012 suites: codeql-suites license: MIT diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index 354b1d81f3..26164b1e29 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards-tests -version: 2.34.0-dev +version: 2.35.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index af1422fc68..9342d641ae 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards -version: 2.34.0-dev +version: 2.35.0-dev description: AUTOSAR C++14 Guidelines R22-11, R21-11, R20-11, R19-11 and R19-03 suites: codeql-suites license: MIT diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index 101f8f987e..7bc49127a1 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards-tests -version: 2.34.0-dev +version: 2.35.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index cc0e71c7bd..d97fa9b2e3 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards -version: 2.34.0-dev +version: 2.35.0-dev description: CERT C++ 2016 suites: codeql-suites license: MIT diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index 6cefec112e..8832249332 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards-tests -version: 2.34.0-dev +version: 2.35.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index 2d205f5921..849866287f 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards -version: 2.34.0-dev +version: 2.35.0-dev license: MIT dependencies: codeql/cpp-all: 0.9.3 diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index 69ecca2036..51521c3ada 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards-tests -version: 2.34.0-dev +version: 2.35.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index b9d02663fc..75d1ef2e2c 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards -version: 2.34.0-dev +version: 2.35.0-dev description: MISRA C++ 2023 suites: codeql-suites license: MIT diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index 7fc85dc12a..b1e9fc383e 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards-tests -version: 2.34.0-dev +version: 2.35.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index 525379e38e..09ef198c5a 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/report-cpp-coding-standards -version: 2.34.0-dev +version: 2.35.0-dev license: MIT dependencies: codeql/cpp-all: 0.9.3 diff --git a/docs/user_manual.md b/docs/user_manual.md index 60b695ebd4..7315ed322a 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -30,13 +30,13 @@ ## Release information -This user manual documents release `2.34.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). +This user manual documents release `2.35.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). The release page documents the release notes and contains the following artifacts part of the release: -- `code-scanning-cpp-query-pack-2.34.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `supported_rules_list_2.34.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. -- `supported_rules_list_2.34.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. -- `user_manual_2.34.0-dev.md`: This user manual. +- `code-scanning-cpp-query-pack-2.35.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. +- `supported_rules_list_2.35.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. +- `supported_rules_list_2.35.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. +- `user_manual_2.35.0-dev.md`: This user manual. - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards - `checksums.txt`: A text file containing sha256 checksums for the aforementioned artifacts. @@ -499,7 +499,7 @@ This section describes known failure modes for "CodeQL Coding Standards" and des | | Ouf of space | Less output. Some files may be only be partially analyzed, or not analyzed at all. | Error reported on the command line. | Increase space. If it remains an issue report space consumption issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False positives | More output. Results are reported which are not violations of the guidelines. | All reported results must be reviewed. | Report false positive issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False negatives | Less output. Violations of the guidelines are not reported. | Other validation and verification processes during software development should be used to complement the analysis performed by CodeQL Coding Standards. | Report false negative issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | -| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.34.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | +| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.35.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | | | Incorrect deviation record specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation records with a reason. Ensure that all deviation records are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Incorrect deviation permit specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation permits with a reason. Ensure that all deviation permits are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Unapproved use of a deviation record | Less output. Results for guideline violations are not reported. | Validate that the deviation record use is approved by verifying the approved-by attribute of the deviation record specification. | Ensure that each raised deviation record is approved by an independent approver through an auditable process. | From c3666a15b222ef8701b8078f2dd4a31814b4a266 Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Wed, 28 Aug 2024 10:34:58 +0900 Subject: [PATCH 1922/2573] Fix for M0-1-4's testcase failures --- cpp/autosar/src/rules/M0-1-3/UnusedLocalVariable.ql | 8 ++++++++ .../src/codingstandards/cpp/deadcode/UnusedVariables.qll | 7 +------ 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/cpp/autosar/src/rules/M0-1-3/UnusedLocalVariable.ql b/cpp/autosar/src/rules/M0-1-3/UnusedLocalVariable.ql index 70e8d13e3c..5956515e5b 100644 --- a/cpp/autosar/src/rules/M0-1-3/UnusedLocalVariable.ql +++ b/cpp/autosar/src/rules/M0-1-3/UnusedLocalVariable.ql @@ -56,5 +56,13 @@ where not isExcluded(v, DeadCodePackage::unusedLocalVariableQuery()) and // Local variable is never accessed not exists(v.getAnAccess()) and + // Sometimes multiple objects representing the same entities are created in + // the AST. Check if those are not accessed as well. Refer issue #658 + not exists(LocalScopeVariable another | + another.getDefinitionLocation() = v.getDefinitionLocation() and + another.hasName(v.getName()) and + exists(another.getAnAccess()) and + another != v + ) and getUseCountConservatively(v) = 0 select v, "Local variable '" + v.getName() + "' in '" + v.getFunction().getName() + "' is not used." diff --git a/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll b/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll index 578f06ebc6..f4607d82cb 100644 --- a/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll +++ b/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll @@ -52,12 +52,7 @@ class PotentiallyUnusedLocalVariable extends LocalVariable { // exclude uninstantiated template members not this.isFromUninstantiatedTemplate(_) and // Do not report compiler generated variables - not this.isCompilerGenerated() and - not exists(LocalScopeVariable another | - another.getDefinitionLocation() = this.getDefinitionLocation() and - another.hasName(this.getName()) and - exists(another.getAnAccess()) - ) + not this.isCompilerGenerated() } } From f71f976234f82b4fe03eedac7ed6e53e3dffd6a0 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Thu, 29 Aug 2024 12:58:51 -0400 Subject: [PATCH 1923/2573] Fix package generation workflow --- .github/workflows/code-scanning-pack-gen.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index 1fd57cf755..0f07c1e14b 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -103,7 +103,7 @@ jobs: codeql query compile --precompile --threads 0 c cd .. - zip -r codeql-coding-standards/code-scanning-cpp-query-pack.zip codeql-coding-standards/c/ codeql-coding-standards/cpp/ codeql-coding-standards/.codeqlmanifest.json codeql-coding-standards/supported_codeql_configs.json codeql-coding-standards/scripts/configuration codeql-coding-standards/scripts/reports codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/guideline_recategorization codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/schemas + zip -r codeql-coding-standards/code-scanning-cpp-query-pack.zip codeql-coding-standards/c/ codeql-coding-standards/cpp/ codeql-coding-standards/.codeqlmanifest.json codeql-coding-standards/supported_codeql_configs.json codeql-coding-standards/scripts/configuration codeql-coding-standards/scripts/reports codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/guideline_recategorization codeql-coding-standards/schemas - name: Upload GHAS Query Pack uses: actions/upload-artifact@v2 From 94d711461dd6c7df5578614a854c8a423dee866b Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Tue, 3 Sep 2024 15:54:23 +0200 Subject: [PATCH 1924/2573] Update expected test results after merge from main --- ...sedPointerToRestrictQualifiedParamShared.expected | 12 ------------ .../A18-5-8/UnnecessaryUseOfDynamicStorage.expected | 7 ++++--- .../test/rules/M0-1-2/InfeasiblePath.expected | 3 --- .../ConstLikeReturnValue.expected | 10 +++++----- 4 files changed, 9 insertions(+), 23 deletions(-) diff --git a/c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.expected b/c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.expected index 1c8a649094..4d4c20a39c 100644 --- a/c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.expected +++ b/c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.expected @@ -1,15 +1,3 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:103,36-44) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:118,51-59) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:119,22-30) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:121,20-28) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:127,25-33) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:132,40-48) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:146,41-49) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:147,7-15) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:150,43-51) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:151,9-17) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:158,43-51) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotPassAliasedPointerToRestrictQualifiedParam.ql:159,9-17) | test.c:59:3:59:6 | call to copy | Call to 'copy' passes an $@ to a $@ (pointer value derived from a pair of address-of expressions ($@, $@). | test.c:59:13:59:15 | & ... | aliased pointer | test.c:59:8:59:10 | & ... | restrict-qualified parameter | test.c:59:8:59:10 | & ... | addressof1 | test.c:59:13:59:15 | & ... | addressof2 | | test.c:65:3:65:6 | call to copy | Call to 'copy' passes an $@ to a $@ (pointer value derived from a pair of address-of expressions ($@, $@). | test.c:65:15:65:19 | & ... | aliased pointer | test.c:65:8:65:12 | & ... | restrict-qualified parameter | test.c:65:8:65:12 | & ... | addressof1 | test.c:65:15:65:19 | & ... | addressof2 | | test.c:67:3:67:6 | call to copy | Call to 'copy' passes an $@ to a $@ (pointer value derived from a pair of address-of expressions ($@, $@). | test.c:67:15:67:16 | px | aliased pointer | test.c:67:8:67:12 | & ... | restrict-qualified parameter | test.c:67:8:67:12 | & ... | addressof1 | test.c:63:13:63:17 | & ... | addressof2 | diff --git a/cpp/autosar/test/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.expected b/cpp/autosar/test/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.expected index 6ab75d989e..68cab835fa 100644 --- a/cpp/autosar/test/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.expected +++ b/cpp/autosar/test/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.expected @@ -1,7 +1,8 @@ WARNING: module 'DataFlow' has been deprecated and may be removed in future (UnnecessaryUseOfDynamicStorage.ql:55,34-42) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (UnnecessaryUseOfDynamicStorage.ql:57,26-34) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (UnnecessaryUseOfDynamicStorage.ql:71,5-18) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (UnnecessaryUseOfDynamicStorage.ql:76,41-54) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (UnnecessaryUseOfDynamicStorage.ql:58,33-41) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (UnnecessaryUseOfDynamicStorage.ql:60,26-34) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (UnnecessaryUseOfDynamicStorage.ql:74,5-18) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (UnnecessaryUseOfDynamicStorage.ql:79,41-54) | test.cpp:17:17:17:29 | new | StructA object of size 8 bytes does not appear to outlive the function, but is created on the heap instead of the stack. | | test.cpp:21:17:21:32 | new[] | StructA[] object of size 800 bytes does not appear to outlive the function, but is created on the heap instead of the stack. | | test.cpp:35:20:35:44 | call to make_shared | StructA object of size 8 bytes does not appear to outlive the function, but is created on the heap instead of the stack. | diff --git a/cpp/autosar/test/rules/M0-1-2/InfeasiblePath.expected b/cpp/autosar/test/rules/M0-1-2/InfeasiblePath.expected index 9cb237e8b3..d0a819a794 100644 --- a/cpp/autosar/test/rules/M0-1-2/InfeasiblePath.expected +++ b/cpp/autosar/test/rules/M0-1-2/InfeasiblePath.expected @@ -2,9 +2,6 @@ | test.cpp:7:7:7:22 | ... <= ... | The false path is infeasible because a (max value: 4294967295) is always less than or equal to 4294967295 (minimum value: 4294967295). | | test.cpp:15:7:15:13 | ... < ... | The false path is infeasible because l1 (max value: 2) is always less than l2 (minimum value: 10). | | test.cpp:19:9:19:14 | ... < ... | The false path is infeasible because a (max value: 1) is always less than l2 (minimum value: 10). | -| test.cpp:33:7:33:7 | 0 | The path is unreachable in a template. | | test.cpp:77:9:77:14 | ... < ... | The true path is infeasible because 0 (max value: 0) is always less than or equal to a (minimum value: 0). | | test.cpp:80:9:80:15 | ... >= ... | The false path is infeasible because 0 (max value: 0) is always less than or equal to a (minimum value: 0). | | test.cpp:86:9:86:14 | ... < ... | The true path is infeasible because 0 (max value: 0) is always less than or equal to a (minimum value: 0). | -| test.cpp:117:7:117:7 | 0 | The path is unreachable in a template. | -| test.cpp:123:7:123:8 | ! ... | The path is unreachable in a template. | diff --git a/cpp/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.expected b/cpp/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.expected index b02aa464bb..2caa0d197c 100644 --- a/cpp/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.expected +++ b/cpp/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.expected @@ -3,11 +3,11 @@ problems | test.cpp:67:5:67:9 | conv4 | test.cpp:64:11:64:20 | call to localeconv | test.cpp:67:5:67:9 | conv4 | The object returned by the function localeconv should not be modified. | | test.cpp:76:5:76:8 | conv | test.cpp:72:25:72:34 | call to localeconv | test.cpp:76:5:76:8 | conv | The object returned by the function localeconv should not be modified. | edges -| test.cpp:8:18:8:22 | c_str | test.cpp:11:8:11:12 | c_str | -| test.cpp:18:16:18:21 | call to getenv | test.cpp:24:9:24:12 | env1 | -| test.cpp:24:9:24:12 | env1 | test.cpp:8:18:8:22 | c_str | -| test.cpp:64:11:64:20 | call to localeconv | test.cpp:67:5:67:9 | conv4 | -| test.cpp:72:25:72:34 | call to localeconv | test.cpp:76:5:76:8 | conv | +| test.cpp:8:18:8:22 | c_str | test.cpp:11:8:11:12 | c_str | provenance | | +| test.cpp:18:16:18:21 | call to getenv | test.cpp:24:9:24:12 | env1 | provenance | | +| test.cpp:24:9:24:12 | env1 | test.cpp:8:18:8:22 | c_str | provenance | | +| test.cpp:64:11:64:20 | call to localeconv | test.cpp:67:5:67:9 | conv4 | provenance | | +| test.cpp:72:25:72:34 | call to localeconv | test.cpp:76:5:76:8 | conv | provenance | | nodes | test.cpp:8:18:8:22 | c_str | semmle.label | c_str | | test.cpp:11:8:11:12 | c_str | semmle.label | c_str | From 6702c6449293c742076f5973c870ac31fcb89ca1 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 6 Sep 2024 09:22:40 +0100 Subject: [PATCH 1925/2573] Update 11.6 to reflect standard Rule text specifies that the exclusion is on integer constants with value 0 instead of null pointer constants --- .../RULE-11-6/CastBetweenPointerToVoidAndArithmeticType.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/misra/src/rules/RULE-11-6/CastBetweenPointerToVoidAndArithmeticType.ql b/c/misra/src/rules/RULE-11-6/CastBetweenPointerToVoidAndArithmeticType.ql index 987d8a32bb..de75e9d37a 100644 --- a/c/misra/src/rules/RULE-11-6/CastBetweenPointerToVoidAndArithmeticType.ql +++ b/c/misra/src/rules/RULE-11-6/CastBetweenPointerToVoidAndArithmeticType.ql @@ -22,5 +22,5 @@ where typeTo = cast.getUnderlyingType() and [typeFrom, typeTo] instanceof ArithmeticType and [typeFrom, typeTo] instanceof VoidPointerType and - not isNullPointerConstant(cast.getExpr()) + not cast.getExpr() instanceof Zero select cast, "Cast performed between a pointer to void type and an arithmetic type." From 2672d08b7cd7af1a37d3a2897f38b505f75b8ee5 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 6 Sep 2024 09:23:33 +0100 Subject: [PATCH 1926/2573] Update change note to reflect impact on other queries --- change_notes/2023-07-28-rule-11-4-improvements.md | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/change_notes/2023-07-28-rule-11-4-improvements.md b/change_notes/2023-07-28-rule-11-4-improvements.md index d97e554a26..7c7411beec 100644 --- a/change_notes/2023-07-28-rule-11-4-improvements.md +++ b/change_notes/2023-07-28-rule-11-4-improvements.md @@ -1,4 +1,10 @@ - - `RULE-11-4` - - Reduce false positives by considering `0` a null pointer constant. + - `RULE-11-1` - `ConversionBetweenFunctionPointerAndOtherType.ql`: + - Fixed issue #331 - consider `0` a null pointer constant. + - `RULE-11-4` - `ConversionBetweenPointerToObjectAndIntegerType.ql`: + - Fixed issue #331 - consider `0` a null pointer constant. - Improve reporting of the order of the cast and the actual types involved. - - Improve reporting where the result is expanded from a macro by either reporting the macro itself (if it is not dependent on the context) or by including a link to the macro in the alert message. \ No newline at end of file + - Improve reporting where the result is expanded from a macro by either reporting the macro itself (if it is not dependent on the context) or by including a link to the macro in the alert message. + - `RULE-11-5` - `ConversionFromPointerToVoidIntoPointerToObject.ql`: + - Fixed issue #331 - consider `0` a null pointer constant. + - `RULE-11-6` - `CastBetweenPointerToVoidAndArithmeticType.ql`: + - Fixed issue #331 - accept integer constant expressions with value `0` instead of null pointer constants. \ No newline at end of file From 0ec5f7204d7cf17cfcf0bd5e8646bdc15beb0c27 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 6 Sep 2024 10:00:24 +0100 Subject: [PATCH 1927/2573] RULE-11-9: do not accept 0 as a null pointer constant Rule 11.9 has a different set of requirements for null pointer constants to the other rules. --- ...MacroNullNotUsedAsIntegerNullPointerConstant.ql | 14 ++++++++++++-- cpp/common/src/codingstandards/cpp/Pointers.qll | 2 ++ 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/c/misra/src/rules/RULE-11-9/MacroNullNotUsedAsIntegerNullPointerConstant.ql b/c/misra/src/rules/RULE-11-9/MacroNullNotUsedAsIntegerNullPointerConstant.ql index b002ceb4c2..64414b2408 100644 --- a/c/misra/src/rules/RULE-11-9/MacroNullNotUsedAsIntegerNullPointerConstant.ql +++ b/c/misra/src/rules/RULE-11-9/MacroNullNotUsedAsIntegerNullPointerConstant.ql @@ -18,8 +18,18 @@ import codingstandards.cpp.Type from Zero zero, Expr e, string type where not isExcluded(zero, Pointers1Package::macroNullNotUsedAsIntegerNullPointerConstantQuery()) and - // exclude the base-case (NULL macros and void pointer casts) - not isNullPointerConstant(zero) and + // Exclude the base-case (NULL macros and void pointer casts) + // Note: we cannot use the isNullPointerConstant predicate here because it permits + // the use of `0` without casting, which is prohibited here. + not ( + zero.findRootCause() instanceof NullMacro + or + // integer constant `0` explicitly cast to void pointer + exists(Conversion c | c = zero.getConversion() | + not c.isImplicit() and + c.getUnderlyingType() instanceof VoidPointerType + ) + ) and ( // ?: operator exists(ConditionalExpr parent | diff --git a/cpp/common/src/codingstandards/cpp/Pointers.qll b/cpp/common/src/codingstandards/cpp/Pointers.qll index a1126693a5..22dcbd187b 100644 --- a/cpp/common/src/codingstandards/cpp/Pointers.qll +++ b/cpp/common/src/codingstandards/cpp/Pointers.qll @@ -62,6 +62,8 @@ class ArrayPointerArithmeticExpr extends PointerArithmeticExpr, ArrayExpr { predicate isNullPointerConstant(Expr e) { e.findRootCause() instanceof NullMacro or + // 8.11 Pointer type conversions states: + // A null pointer constant, i.e. the value 0, optionally cast to void *. e instanceof Zero or isNullPointerConstant(e.(Conversion).getExpr()) From 71559521957d574f8a4fde473b3addbdc2ed5a02 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 6 Sep 2024 10:05:46 +0100 Subject: [PATCH 1928/2573] RULE-11-9: Improve ternary test cases This rule intends to prohibit the use of 0 within branches of ternaries, where the ternary expression itself produces a pointer expression because the other branch of the ternary is a pointer. The previous test case didn't capture this behaviour, instead looking for assignments within branches. --- ...roNullNotUsedAsIntegerNullPointerConstant.expected | 4 ++-- c/misra/test/rules/RULE-11-9/test.c | 11 +++++++---- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/c/misra/test/rules/RULE-11-9/MacroNullNotUsedAsIntegerNullPointerConstant.expected b/c/misra/test/rules/RULE-11-9/MacroNullNotUsedAsIntegerNullPointerConstant.expected index 8cdd34edd1..25ec87d11c 100644 --- a/c/misra/test/rules/RULE-11-9/MacroNullNotUsedAsIntegerNullPointerConstant.expected +++ b/c/misra/test/rules/RULE-11-9/MacroNullNotUsedAsIntegerNullPointerConstant.expected @@ -1,4 +1,4 @@ | test.c:15:13:15:13 | 0 | $@ uses zero-value integer constant expression as null pointer constant. | test.c:15:7:15:13 | ... == ... | Equality operator | | test.c:17:8:17:8 | 0 | $@ uses zero-value integer constant expression as null pointer constant. | test.c:17:3:17:8 | ... = ... | Assignment to pointer | -| test.c:25:20:25:20 | 0 | $@ uses zero-value integer constant expression as null pointer constant. | test.c:25:3:25:35 | ... ? ... : ... | Ternary operator | -| test.c:25:20:25:20 | 0 | $@ uses zero-value integer constant expression as null pointer constant. | test.c:25:15:25:20 | ... = ... | Assignment to pointer | +| test.c:23:13:23:13 | 0 | $@ uses zero-value integer constant expression as null pointer constant. | test.c:23:3:23:13 | ... ? ... : ... | Ternary operator | +| test.c:24:8:24:8 | 0 | $@ uses zero-value integer constant expression as null pointer constant. | test.c:24:3:24:13 | ... ? ... : ... | Ternary operator | diff --git a/c/misra/test/rules/RULE-11-9/test.c b/c/misra/test/rules/RULE-11-9/test.c index 216ea2b280..8342660e2c 100644 --- a/c/misra/test/rules/RULE-11-9/test.c +++ b/c/misra/test/rules/RULE-11-9/test.c @@ -19,9 +19,12 @@ void *f1(void *p1, int p2) { p1 = NULL; // COMPLIANT if (p2 == 0) { // COMPLIANT return NULL; - } // COMPLIANT - (p1) ? (p1 = NULL) : (p1 = NULL); // COMPLIANT - (p2 > 0) ? (p1 = NULL) : (p1 = NULL); // COMPLIANT - (p2 > 0) ? (p1 = 0) : (p1 = NULL); // NON_COMPLIANT + } + p2 ? p1 : 0; // NON_COMPLIANT + p2 ? 0 : p1; // NON_COMPLIANT + p2 ? (void*) 0 : p1; // COMPLIANT + p2 ? p1 : (void*) 0; // COMPLIANT + p2 ? p2 : 0; // COMPLIANT - p2 is not a pointer type + p2 ? 0 : p2; // COMPLIANT - p2 is not a pointer type return 0; // COMPLIANT } \ No newline at end of file From 575be092f990b5f0f5e3a659df5264af008dca7b Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 6 Sep 2024 10:15:27 +0100 Subject: [PATCH 1929/2573] Fix issue with detecting ternary expressions. --- .../RULE-11-9/MacroNullNotUsedAsIntegerNullPointerConstant.ql | 4 ++-- .../MacroNullNotUsedAsIntegerNullPointerConstant.expected | 1 + c/misra/test/rules/RULE-11-9/test.c | 4 ++++ change_notes/2023-07-28-rule-11-4-improvements.md | 4 +++- 4 files changed, 10 insertions(+), 3 deletions(-) diff --git a/c/misra/src/rules/RULE-11-9/MacroNullNotUsedAsIntegerNullPointerConstant.ql b/c/misra/src/rules/RULE-11-9/MacroNullNotUsedAsIntegerNullPointerConstant.ql index 64414b2408..a5c34fb747 100644 --- a/c/misra/src/rules/RULE-11-9/MacroNullNotUsedAsIntegerNullPointerConstant.ql +++ b/c/misra/src/rules/RULE-11-9/MacroNullNotUsedAsIntegerNullPointerConstant.ql @@ -34,9 +34,9 @@ where // ?: operator exists(ConditionalExpr parent | ( - parent.getThen().getAChild*() = zero and parent.getElse().getType() instanceof PointerType + parent.getThen() = zero and parent.getElse().getType() instanceof PointerType or - parent.getElse().getAChild*() = zero and parent.getThen().getType() instanceof PointerType + parent.getElse() = zero and parent.getThen().getType() instanceof PointerType ) and // exclude a common conditional pattern used in macros such as 'assert' not parent.isInMacroExpansion() and diff --git a/c/misra/test/rules/RULE-11-9/MacroNullNotUsedAsIntegerNullPointerConstant.expected b/c/misra/test/rules/RULE-11-9/MacroNullNotUsedAsIntegerNullPointerConstant.expected index 25ec87d11c..d854730296 100644 --- a/c/misra/test/rules/RULE-11-9/MacroNullNotUsedAsIntegerNullPointerConstant.expected +++ b/c/misra/test/rules/RULE-11-9/MacroNullNotUsedAsIntegerNullPointerConstant.expected @@ -2,3 +2,4 @@ | test.c:17:8:17:8 | 0 | $@ uses zero-value integer constant expression as null pointer constant. | test.c:17:3:17:8 | ... = ... | Assignment to pointer | | test.c:23:13:23:13 | 0 | $@ uses zero-value integer constant expression as null pointer constant. | test.c:23:3:23:13 | ... ? ... : ... | Ternary operator | | test.c:24:8:24:8 | 0 | $@ uses zero-value integer constant expression as null pointer constant. | test.c:24:3:24:13 | ... ? ... : ... | Ternary operator | +| test.c:31:14:31:14 | 0 | $@ uses zero-value integer constant expression as null pointer constant. | test.c:31:9:31:14 | ... = ... | Assignment to pointer | diff --git a/c/misra/test/rules/RULE-11-9/test.c b/c/misra/test/rules/RULE-11-9/test.c index 8342660e2c..c9cce8687b 100644 --- a/c/misra/test/rules/RULE-11-9/test.c +++ b/c/misra/test/rules/RULE-11-9/test.c @@ -26,5 +26,9 @@ void *f1(void *p1, int p2) { p2 ? p1 : (void*) 0; // COMPLIANT p2 ? p2 : 0; // COMPLIANT - p2 is not a pointer type p2 ? 0 : p2; // COMPLIANT - p2 is not a pointer type + int x; + int *y; + p2 ? (p1 = 0) : p1; // NON_COMPLIANT - p1 is a pointer type + p2 ? (p2 = 0) : p1; // COMPLIANT - p2 is not a pointer type return 0; // COMPLIANT } \ No newline at end of file diff --git a/change_notes/2023-07-28-rule-11-4-improvements.md b/change_notes/2023-07-28-rule-11-4-improvements.md index 7c7411beec..3c385359a8 100644 --- a/change_notes/2023-07-28-rule-11-4-improvements.md +++ b/change_notes/2023-07-28-rule-11-4-improvements.md @@ -7,4 +7,6 @@ - `RULE-11-5` - `ConversionFromPointerToVoidIntoPointerToObject.ql`: - Fixed issue #331 - consider `0` a null pointer constant. - `RULE-11-6` - `CastBetweenPointerToVoidAndArithmeticType.ql`: - - Fixed issue #331 - accept integer constant expressions with value `0` instead of null pointer constants. \ No newline at end of file + - Fixed issue #331 - accept integer constant expressions with value `0` instead of null pointer constants. + - `RULE-11-9` - `MacroNullNotUsedAsIntegerNullPointerConstant.ql`: + - Remove false positives in branches of ternary expressions, where `0` was used correctly. \ No newline at end of file From 7a6b8df1ddce5778cb6b677abb9b82ee11f9cd2b Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 23 Jul 2023 18:13:04 +0100 Subject: [PATCH 1930/2573] RULE-12-2: Support RemAssignExpr Add %= support to our SimpleRangeAnalysisCustomizations. --- .../RightHandOperandOfAShiftRange.expected | 3 ++ c/misra/test/rules/RULE-12-2/test.c | 12 +++++++ .../cpp/SimpleRangeAnalysisCustomizations.qll | 35 +++++++++++++++++++ 3 files changed, 50 insertions(+) diff --git a/c/misra/test/rules/RULE-12-2/RightHandOperandOfAShiftRange.expected b/c/misra/test/rules/RULE-12-2/RightHandOperandOfAShiftRange.expected index a4deb83a14..9e2d3e9e6c 100644 --- a/c/misra/test/rules/RULE-12-2/RightHandOperandOfAShiftRange.expected +++ b/c/misra/test/rules/RULE-12-2/RightHandOperandOfAShiftRange.expected @@ -8,3 +8,6 @@ | test.c:25:10:25:10 | 8 | The right hand operand of the shift operator shall lie in the range 0 to 7. | | test.c:26:10:26:11 | 64 | The right hand operand of the shift operator shall lie in the range 0 to 7. | | test.c:30:16:30:17 | 64 | The right hand operand of the shift operator shall lie in the range 0 to 63. | +| test.c:34:8:34:8 | y | The right hand operand of the shift operator shall lie in the range 0 to 31. | +| test.c:40:8:40:8 | y | The right hand operand of the shift operator shall lie in the range 0 to 31. | +| test.c:42:8:42:8 | y | The right hand operand of the shift operator shall lie in the range 0 to 31. | diff --git a/c/misra/test/rules/RULE-12-2/test.c b/c/misra/test/rules/RULE-12-2/test.c index 449a47b7ae..db7b7b062d 100644 --- a/c/misra/test/rules/RULE-12-2/test.c +++ b/c/misra/test/rules/RULE-12-2/test.c @@ -29,3 +29,15 @@ void f1() { ULONG_MAX << 8; // COMPLIANT ULONG_MAX << 64; // NON_COMPLIANT } + +void unsignedRemAssign(unsigned int y, unsigned int x) { + x >> y; // NON_COMPLIANT + y %= 32; + x >> y; // COMPLIANT +} + +void signedRemAssign(signed int y, signed int x) { + x >> y; // NON_COMPLIANT + y %= 32; + x >> y; // NON_COMPLIANT - may be negative +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/SimpleRangeAnalysisCustomizations.qll b/cpp/common/src/codingstandards/cpp/SimpleRangeAnalysisCustomizations.qll index 469fe9a738..038d09413e 100644 --- a/cpp/common/src/codingstandards/cpp/SimpleRangeAnalysisCustomizations.qll +++ b/cpp/common/src/codingstandards/cpp/SimpleRangeAnalysisCustomizations.qll @@ -151,6 +151,41 @@ private class CastEnumToIntegerSimpleRange extends SimpleRangeAnalysisExpr, Cast override predicate dependsOnChild(Expr child) { child = getExpr() } } +/** + * A range analysis extension that supports `%=`. + */ +private class RemAssignSimpleRange extends SimpleRangeAnalysisExpr, AssignRemExpr { + override float getLowerBounds() { + exists(float maxDivisorNegated, float dividendLowerBounds | + // Find the max divisor, negated e.g. `%= 32` would be `-31` + maxDivisorNegated = (getFullyConvertedUpperBounds(getRValue()).abs() - 1) * -1 and + // Find the lower bounds of the dividend + dividendLowerBounds = getFullyConvertedLowerBounds(getLValue()) and + // The lower bound is caluclated in two steps: + // 1. Determine the maximum of the dividend lower bound and maxDivisorNegated. + // When the dividend is negative this will result in a negative result + // 2. Find the minimum with 0. If the divided is always >0 this will produce 0 + // otherwise it will produce the lowest negative number that can be held + // after the modulo. + result = 0.minimum(dividendLowerBounds.maximum(maxDivisorNegated)) + ) + } + + override float getUpperBounds() { + // TODO rem zero? + exists(float maxDivisor, float maxDividend | + // The maximum divisor value is the absolute value of the divisor minus 1 + maxDivisor = getFullyConvertedUpperBounds(getRValue()).abs() - 1 and + // value if > 0 otherwise 0 + maxDividend = getFullyConvertedUpperBounds(getLValue()).maximum(0) and + // In the case the numerator is definitely less than zero, the result could be negative + result = maxDividend.minimum(maxDivisor) + ) + } + + override predicate dependsOnChild(Expr expr) { expr = getAChild() } +} + /** * functions that read a character from the STDIN, * or return EOF if it fails to do so. From 7b7389648627ef61e17ea8dfd9add3601ff10d23 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 23 Jul 2023 18:41:05 +0100 Subject: [PATCH 1931/2573] EssentialTypes: Fix integer constant types Integer constants are only subject to the stlr or utlr if they are type int, signed int or unsigned int, otherwise they have the standard type. Fixes issues with RULE 12.2. --- .../codingstandards/c/misra/EssentialTypes.qll | 18 +++++++++++------- c/misra/test/c/misra/EssentialTypes.expected | 3 +++ c/misra/test/c/misra/test.c | 6 ++++++ 3 files changed, 20 insertions(+), 7 deletions(-) diff --git a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll index a1b8d6fdb0..7df233d2ab 100644 --- a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll +++ b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll @@ -355,13 +355,17 @@ class EssentialLiteral extends EssentialExpr, Literal { else ( if this.(CharLiteral).getCharacter().length() = 1 then result instanceof PlainCharType - else ( - getStandardType().(IntegralType).isSigned() and - result = stlr(this) - or - not getStandardType().(IntegralType).isSigned() and - result = utlr(this) - ) + else + exists(Type underlyingStandardType | + underlyingStandardType = getStandardType().getUnderlyingType() + | + if underlyingStandardType instanceof IntType + then + if underlyingStandardType.(IntType).isSigned() + then result = stlr(this) + else result = utlr(this) + else result = underlyingStandardType + ) ) } } diff --git a/c/misra/test/c/misra/EssentialTypes.expected b/c/misra/test/c/misra/EssentialTypes.expected index 8bf299bd63..d9245311da 100644 --- a/c/misra/test/c/misra/EssentialTypes.expected +++ b/c/misra/test/c/misra/EssentialTypes.expected @@ -38,3 +38,6 @@ | test.c:26:3:26:3 | f | float | float | essentially Floating type | | test.c:27:3:27:5 | f32 | float32_t | float32_t | essentially Floating type | | test.c:28:3:28:6 | cf32 | float | float | essentially Floating type | +| test.c:32:3:32:3 | 1 | signed char | signed char | essentially Signed type | +| test.c:33:3:33:4 | 1 | unsigned char | unsigned char | essentially Unsigned type | +| test.c:34:3:34:5 | 1 | unsigned long | unsigned long | essentially Unsigned type | diff --git a/c/misra/test/c/misra/test.c b/c/misra/test/c/misra/test.c index 8788f7e93a..d7064c4c12 100644 --- a/c/misra/test/c/misra/test.c +++ b/c/misra/test/c/misra/test.c @@ -26,4 +26,10 @@ void testCategoriesForComplexTypes() { f; // Should be essentially Floating type f32; // Should be essentially Floating type cf32; // Should be essentially Floating type +} + +void testConstants() { + 1; // Essentially signed char + 1U; // Essentially unsigned char + 1UL; // Essentially unsigned long } \ No newline at end of file From 12494a41e9e9b752cf9216a95305eb6490be9b7b Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 23 Jul 2023 20:05:02 +0100 Subject: [PATCH 1932/2573] RULE-12-2: Improve reporting Update the message to include the right operand range in addition to the valid shift range, the essential type of the left operand, and, if relevant, the macro in which the shift is defined. --- .../RightHandOperandOfAShiftRange.ql | 47 +++++++++++++++++-- .../RightHandOperandOfAShiftRange.expected | 25 +++++----- 2 files changed, 54 insertions(+), 18 deletions(-) diff --git a/c/misra/src/rules/RULE-12-2/RightHandOperandOfAShiftRange.ql b/c/misra/src/rules/RULE-12-2/RightHandOperandOfAShiftRange.ql index 891ca1e82a..bd77bdacd2 100644 --- a/c/misra/src/rules/RULE-12-2/RightHandOperandOfAShiftRange.ql +++ b/c/misra/src/rules/RULE-12-2/RightHandOperandOfAShiftRange.ql @@ -20,14 +20,51 @@ class ShiftExpr extends BinaryBitwiseOperation { ShiftExpr() { this instanceof LShiftExpr or this instanceof RShiftExpr } } -from ShiftExpr e, Expr right, int max_val +MacroInvocation getAMacroInvocation(ShiftExpr se) { result.getAnExpandedElement() = se } + +Macro getPrimaryMacro(ShiftExpr se) { + exists(MacroInvocation mi | + mi = getAMacroInvocation(se) and + not exists(MacroInvocation otherMi | + otherMi = getAMacroInvocation(se) and otherMi.getParentInvocation() = mi + ) and + result = mi.getMacro() + ) +} + +from + ShiftExpr e, Expr right, int max_val, float lowerBound, float upperBound, Type essentialType, + string extraMessage, Locatable optionalPlaceholderLocation, string optionalPlaceholderMessage where not isExcluded(right, Contracts7Package::rightHandOperandOfAShiftRangeQuery()) and right = e.getRightOperand().getFullyConverted() and - max_val = (8 * getEssentialType(e.getLeftOperand()).getSize()) - 1 and + essentialType = getEssentialType(e.getLeftOperand()) and + max_val = (8 * essentialType.getSize()) - 1 and + upperBound = upperBound(right) and + lowerBound = lowerBound(right) and + ( + lowerBound < 0 or + upperBound > max_val + ) and + // If this shift happens inside a macro, then report the macro as well + // for easier validation ( - lowerBound(right) < 0 or - upperBound(right) > max_val + if exists(getPrimaryMacro(e)) + then + extraMessage = " from expansion of macro $@" and + exists(Macro m | + m = getPrimaryMacro(e) and + optionalPlaceholderLocation = m and + optionalPlaceholderMessage = m.getName() + ) + else ( + extraMessage = "" and + optionalPlaceholderLocation = e and + optionalPlaceholderMessage = "" + ) ) select right, - "The right hand operand of the shift operator shall lie in the range 0 to " + max_val + "." + "The possible range of the right operand of the shift operator (" + lowerBound + ".." + upperBound + + ") is outside the the valid shift range (0.." + max_val + + ") for the essential type of the left operand (" + essentialType + ")" + extraMessage + ".", + optionalPlaceholderLocation, optionalPlaceholderMessage diff --git a/c/misra/test/rules/RULE-12-2/RightHandOperandOfAShiftRange.expected b/c/misra/test/rules/RULE-12-2/RightHandOperandOfAShiftRange.expected index 9e2d3e9e6c..5ac6f8bfd4 100644 --- a/c/misra/test/rules/RULE-12-2/RightHandOperandOfAShiftRange.expected +++ b/c/misra/test/rules/RULE-12-2/RightHandOperandOfAShiftRange.expected @@ -1,13 +1,12 @@ -| test.c:8:10:8:10 | 8 | The right hand operand of the shift operator shall lie in the range 0 to 7. | -| test.c:9:10:9:11 | - ... | The right hand operand of the shift operator shall lie in the range 0 to 7. | -| test.c:10:10:10:14 | ... + ... | The right hand operand of the shift operator shall lie in the range 0 to 7. | -| test.c:11:10:11:14 | ... + ... | The right hand operand of the shift operator shall lie in the range 0 to 7. | -| test.c:13:21:13:22 | 16 | The right hand operand of the shift operator shall lie in the range 0 to 15. | -| test.c:16:9:16:9 | 8 | The right hand operand of the shift operator shall lie in the range 0 to 7. | -| test.c:21:9:21:10 | 64 | The right hand operand of the shift operator shall lie in the range 0 to 63. | -| test.c:25:10:25:10 | 8 | The right hand operand of the shift operator shall lie in the range 0 to 7. | -| test.c:26:10:26:11 | 64 | The right hand operand of the shift operator shall lie in the range 0 to 7. | -| test.c:30:16:30:17 | 64 | The right hand operand of the shift operator shall lie in the range 0 to 63. | -| test.c:34:8:34:8 | y | The right hand operand of the shift operator shall lie in the range 0 to 31. | -| test.c:40:8:40:8 | y | The right hand operand of the shift operator shall lie in the range 0 to 31. | -| test.c:42:8:42:8 | y | The right hand operand of the shift operator shall lie in the range 0 to 31. | +| test.c:8:10:8:10 | 8 | The possible range of the right operand of the shift operator (8..8) is outside the the valid shift range (0..7) for the essential type of the left operand (uint8_t). | test.c:8:3:8:10 | ... >> ... | | +| test.c:9:10:9:11 | - ... | The possible range of the right operand of the shift operator (-1..-1) is outside the the valid shift range (0..7) for the essential type of the left operand (uint8_t). | test.c:9:3:9:11 | ... >> ... | | +| test.c:10:10:10:14 | ... + ... | The possible range of the right operand of the shift operator (8..8) is outside the the valid shift range (0..7) for the essential type of the left operand (uint8_t). | test.c:10:3:10:14 | ... >> ... | | +| test.c:11:10:11:14 | ... + ... | The possible range of the right operand of the shift operator (8..8) is outside the the valid shift range (0..7) for the essential type of the left operand (uint8_t). | test.c:11:3:11:14 | ... << ... | | +| test.c:13:21:13:22 | 16 | The possible range of the right operand of the shift operator (16..16) is outside the the valid shift range (0..15) for the essential type of the left operand (uint16_t). | test.c:13:3:13:22 | ... << ... | | +| test.c:16:9:16:9 | 8 | The possible range of the right operand of the shift operator (8..8) is outside the the valid shift range (0..7) for the essential type of the left operand (unsigned char). | test.c:16:3:16:9 | ... << ... | | +| test.c:21:9:21:10 | 64 | The possible range of the right operand of the shift operator (64..64) is outside the the valid shift range (0..63) for the essential type of the left operand (unsigned long). | test.c:21:3:21:10 | ... << ... | | +| test.c:26:10:26:11 | 64 | The possible range of the right operand of the shift operator (64..64) is outside the the valid shift range (0..63) for the essential type of the left operand (unsigned long). | test.c:26:3:26:11 | ... << ... | | +| test.c:30:16:30:17 | 64 | The possible range of the right operand of the shift operator (64..64) is outside the the valid shift range (0..63) for the essential type of the left operand (unsigned long). | test.c:30:3:30:17 | ... << ... | | +| test.c:34:8:34:8 | y | The possible range of the right operand of the shift operator (0..4294967295) is outside the the valid shift range (0..31) for the essential type of the left operand (unsigned int). | test.c:34:3:34:8 | ... >> ... | | +| test.c:40:8:40:8 | y | The possible range of the right operand of the shift operator (-2147483648..2147483647) is outside the the valid shift range (0..31) for the essential type of the left operand (signed int). | test.c:40:3:40:8 | ... >> ... | | +| test.c:42:8:42:8 | y | The possible range of the right operand of the shift operator (-31..31) is outside the the valid shift range (0..31) for the essential type of the left operand (signed int). | test.c:42:3:42:8 | ... >> ... | | From 88bc3dab507b6401d57ddd6242022028bc93671a Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 11 Sep 2024 11:10:08 +0100 Subject: [PATCH 1933/2573] Remove ACLs for dispatch targets Remove ACLs and replace with a check against write access to the repository. --- .github/actions/check-permissions/action.yml | 43 +++++++++++++++++++ .github/workflows/dispatch-matrix-check.yml | 13 +++--- .../dispatch-matrix-test-on-comment.yml | 25 +++-------- .../dispatch-release-performance-check.yml | 25 +++-------- 4 files changed, 64 insertions(+), 42 deletions(-) create mode 100644 .github/actions/check-permissions/action.yml diff --git a/.github/actions/check-permissions/action.yml b/.github/actions/check-permissions/action.yml new file mode 100644 index 0000000000..9a3ea6d7f7 --- /dev/null +++ b/.github/actions/check-permissions/action.yml @@ -0,0 +1,43 @@ +name: Check current actor permissions +description: | + Checks whether the current actor has the specified permssions +inputs: + minimum-permission: + description: | + The minimum required permission. One of: read, write, admin + required: true +outputs: + has-permission: + description: "Whether the actor had the minimum required permission" + value: ${{ steps.check-permission.outputs.has-permission }} + +runs: + using: composite + steps: + - uses: actions/github-script@v7 + id: check-permission + with: + script: | + // Valid permissions are none, read, write, admin (legacy base permissions) + const permissionsRanking = ["none", "read", "write", "admin"]; + + const minimumPermission = core.getInput('minimum-permission'); + if (!permissionsRanking.includes(minimumPermission)) { + core.setFailed(`Invalid minimum permission: ${minimumPermission}`); + return; + } + + const { data : { permission : actorPermission } } = await github.rest.repos.getCollaboratorPermissionLevel({ + owner: context.repo.owner, + repo: context.repo.repo, + username: tools.context.actor + }); + + // Confirm whether the actor permission is at least the selected permission + const hasPermission = permissionsRanking.indexOf(minimumPermission) <= permissionsRanking.indexOf(actorPermission) ? "1" : ""; + core.setOutput('has-permission', hasPermission); + if (!hasPermission) { + core.info(`Current actor (${tools.context.actor}) does not have the minimum required permission '${minimumPermission}' (has '${actorPermission}')`); + } else { + core.info(`Current actor (${tools.context.actor}) has the minimum required permission '${minimumPermission}' (has '${actorPermission}')`); + } \ No newline at end of file diff --git a/.github/workflows/dispatch-matrix-check.yml b/.github/workflows/dispatch-matrix-check.yml index a570777877..458a7a6a58 100644 --- a/.github/workflows/dispatch-matrix-check.yml +++ b/.github/workflows/dispatch-matrix-check.yml @@ -11,13 +11,14 @@ jobs: dispatch-matrix-check: runs-on: ubuntu-22.04 steps: - - name: Test Variables - shell: pwsh - run: | - Write-Host "Running as: ${{github.actor}}" + - name: Check permission + id: check-write-permission + uses: ./.github/actions/check-permissions + with: + minimum-permission: "write" - name: Dispatch Matrix Testing Job - if: ${{ contains(fromJSON('["mbaluda", "lcartey", "rvermeulen", "ravikprasad", "jeongsoolee09", "hohn", "knewbury01", "nicolaswill"]'), github.actor) }} + if: steps.check-write-permission.outputs.has-permission uses: peter-evans/repository-dispatch@v2 with: token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} @@ -26,7 +27,7 @@ jobs: client-payload: '{"pr": "${{ github.event.number }}"}' - uses: actions/github-script@v6 - if: ${{ contains(fromJSON('["mbaluda", "lcartey", "rvermeulen", "ravikprasad", "jeongsoolee09", "hohn", "knewbury01", "nicolaswill"]'), github.actor) }} + if: steps.check-write-permission.outputs.has-permission with: script: | github.rest.issues.createComment({ diff --git a/.github/workflows/dispatch-matrix-test-on-comment.yml b/.github/workflows/dispatch-matrix-test-on-comment.yml index ba223380c7..4dc69a035a 100644 --- a/.github/workflows/dispatch-matrix-test-on-comment.yml +++ b/.github/workflows/dispatch-matrix-test-on-comment.yml @@ -3,30 +3,19 @@ name: 🤖 Run Matrix Check (On Comment) on: issue_comment: types: [created] - branches: - - main - - "rc/**" - - next jobs: dispatch-matrix-check: runs-on: ubuntu-22.04 steps: - - name: Test Variables - shell: pwsh - run: | - Write-Host "Running as: ${{github.actor}}" - - $actor = "${{github.actor}}" - - $acl = @("mbaluda", "lcartey", "rvermeulen", "ravikprasad", "jeongsoolee09", "hohn", "knewbury01", "nicolaswill") - - if(-not ($actor -in $acl)){ - throw "Refusing to run workflow for user not in acl." - } + - name: Check permission + id: check-write-permission + uses: ./.github/actions/check-permissions + with: + minimum-permission: "write" - name: Dispatch Matrix Testing Job - if: ${{ github.event.issue.pull_request && contains(github.event.comment.body, '/test-matrix') }} + if: ${{ github.event.issue.pull_request && contains(github.event.comment.body, '/test-matrix') && steps.check-write-permission.outputs.has-permission }} uses: peter-evans/repository-dispatch@v2 with: token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} @@ -35,7 +24,7 @@ jobs: client-payload: '{"pr": "${{ github.event.issue.number }}"}' - uses: actions/github-script@v6 - if: ${{ github.event.issue.pull_request && contains(github.event.comment.body, '/test-matrix') }} + if: ${{ github.event.issue.pull_request && contains(github.event.comment.body, '/test-matrix') && steps.check-write-permission.outputs.has-permission }} with: script: | github.rest.issues.createComment({ diff --git a/.github/workflows/dispatch-release-performance-check.yml b/.github/workflows/dispatch-release-performance-check.yml index 827c0c4463..8933495382 100644 --- a/.github/workflows/dispatch-release-performance-check.yml +++ b/.github/workflows/dispatch-release-performance-check.yml @@ -3,30 +3,19 @@ name: 🏁 Run Release Performance Check on: issue_comment: types: [created] - branches: - - main - - "rc/**" - - next jobs: dispatch-matrix-check: runs-on: ubuntu-22.04 steps: - - name: Test Variables - shell: pwsh - run: | - Write-Host "Running as: ${{github.actor}}" - - $actor = "${{github.actor}}" - - $acl = @("mbaluda", "lcartey", "rvermeulen", "ravikprasad", "jeongsoolee09", "hohn", "knewbury01", "nicolaswill") - - if(-not ($actor -in $acl)){ - throw "Refusing to run workflow for user not in acl." - } + - name: Check permission + id: check-write-permission + uses: ./.github/actions/check-permissions + with: + minimum-permission: "write" - name: Dispatch Performance Testing Job - if: ${{ github.event.issue.pull_request && contains(github.event.comment.body, '/test-performance') }} + if: ${{ github.event.issue.pull_request && contains(github.event.comment.body, '/test-performance') && steps.check-write-permission.outputs.has-permission }} uses: peter-evans/repository-dispatch@v2 with: token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} @@ -35,7 +24,7 @@ jobs: client-payload: '{"pr": "${{ github.event.issue.number }}"}' - uses: actions/github-script@v6 - if: ${{ github.event.issue.pull_request && contains(github.event.comment.body, '/test-performance') }} + if: ${{ github.event.issue.pull_request && contains(github.event.comment.body, '/test-performance') && steps.check-write-permission.outputs.has-permission }} with: script: | github.rest.issues.createComment({ From 9a992f2d0f1c0f7b74646aeba15e8ba15d7f5975 Mon Sep 17 00:00:00 2001 From: Nicolas Will Date: Wed, 11 Sep 2024 10:26:22 +0000 Subject: [PATCH 1934/2573] Bump actions/upload-artifact@v2 to @v3 --- .github/workflows/code-scanning-pack-gen.yml | 2 +- .github/workflows/generate-html-docs.yml | 2 +- .github/workflows/standard_library_upgrade_tests.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index 0f07c1e14b..7b187b2980 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -106,7 +106,7 @@ jobs: zip -r codeql-coding-standards/code-scanning-cpp-query-pack.zip codeql-coding-standards/c/ codeql-coding-standards/cpp/ codeql-coding-standards/.codeqlmanifest.json codeql-coding-standards/supported_codeql_configs.json codeql-coding-standards/scripts/configuration codeql-coding-standards/scripts/reports codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/guideline_recategorization codeql-coding-standards/schemas - name: Upload GHAS Query Pack - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@v3 with: name: code-scanning-cpp-query-pack.zip path: code-scanning-cpp-query-pack.zip diff --git a/.github/workflows/generate-html-docs.yml b/.github/workflows/generate-html-docs.yml index f8e3d6d30c..71359a8e6f 100644 --- a/.github/workflows/generate-html-docs.yml +++ b/.github/workflows/generate-html-docs.yml @@ -35,7 +35,7 @@ jobs: python scripts/documentation/generate_iso26262_docs.py coding-standards-html-docs - name: Upload HTML documentation - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@v3 with: name: coding-standards-docs-${{ github.sha }} path: coding-standards-html-docs/ diff --git a/.github/workflows/standard_library_upgrade_tests.yml b/.github/workflows/standard_library_upgrade_tests.yml index aac2fd1e0e..5402dc9105 100644 --- a/.github/workflows/standard_library_upgrade_tests.yml +++ b/.github/workflows/standard_library_upgrade_tests.yml @@ -143,7 +143,7 @@ jobs: }, test_summary_file) - name: Upload test results - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@v3 with: name: test-results-${{runner.os}}-${{matrix.codeql_cli}}-${{matrix.codeql_standard_library_ident}} path: | From fec298bec004016ec1236f82b88844ba7e45307d Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 11 Sep 2024 12:05:20 +0100 Subject: [PATCH 1935/2573] Add GitHub Action for applying Coding Standards configuration --- .../action.yml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 .github/actions/apply-coding-standards-configuration/action.yml diff --git a/.github/actions/apply-coding-standards-configuration/action.yml b/.github/actions/apply-coding-standards-configuration/action.yml new file mode 100644 index 0000000000..f901238061 --- /dev/null +++ b/.github/actions/apply-coding-standards-configuration/action.yml @@ -0,0 +1,15 @@ +name: Applies Coding Standard configuration files in the repository +description: | + Installs Python and indexes the CodeQL Coding Standard configuration files in the repository + +runs: + using: composite + steps: + - name: Install Python + uses: actions/setup-python@v5 + with: + python-version: 3.9 + - name: Install dependencies + run: python -m pip install -r ${{ github.action_path }}/scripts/configuration/requirements.txt + - name: Process files + run: python ${{ github.action_path }}/scripts/configuration/process_coding_standards_config.py \ No newline at end of file From 422f17090e7e8aca666aa8ed1983cffb46572c5c Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 11 Sep 2024 14:54:57 +0100 Subject: [PATCH 1936/2573] Rule 11.1: Exclude null pointer constant Null pointer constants can be cast to a function pointer. --- .../ConversionBetweenFunctionPointerAndOtherType.expected | 1 - c/misra/test/rules/RULE-11-1/test.c | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/c/misra/test/rules/RULE-11-1/ConversionBetweenFunctionPointerAndOtherType.expected b/c/misra/test/rules/RULE-11-1/ConversionBetweenFunctionPointerAndOtherType.expected index ebe2c74742..0144180616 100644 --- a/c/misra/test/rules/RULE-11-1/ConversionBetweenFunctionPointerAndOtherType.expected +++ b/c/misra/test/rules/RULE-11-1/ConversionBetweenFunctionPointerAndOtherType.expected @@ -1,7 +1,6 @@ | test.c:11:8:11:16 | (fp1 *)... | Cast performed between a function pointer and another type. | | test.c:11:8:11:16 | (fp1)... | Cast performed between a function pointer and another type. | | test.c:12:14:12:23 | (void *)... | Cast performed between a function pointer and another type. | -| test.c:14:8:14:15 | (fp2)... | Cast performed between a function pointer and another type. | | test.c:15:8:15:15 | (fp2)... | Cast performed between a function pointer and another type. | | test.c:22:12:22:13 | (fp1)... | Cast performed between a function pointer and another type. | | test.c:25:8:25:9 | (fp1)... | Cast performed between a function pointer and another type. | diff --git a/c/misra/test/rules/RULE-11-1/test.c b/c/misra/test/rules/RULE-11-1/test.c index 858c6e68a9..4fcabb0599 100644 --- a/c/misra/test/rules/RULE-11-1/test.c +++ b/c/misra/test/rules/RULE-11-1/test.c @@ -11,7 +11,7 @@ void f1(void) { v1 = (fp1 *)v2; // NON_COMPLIANT void *v3 = (void *)v1; // NON_COMPLIANT - v2 = (fp2 *)0; // NON_COMPLIANT + v2 = (fp2 *)0; // COMPLIANT - null pointer constant v2 = (fp2 *)1; // NON_COMPLIANT pfp2 v4; From 8729c437e87d8aa6661e6819c3baaf351ba416b0 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 11 Sep 2024 14:55:25 +0100 Subject: [PATCH 1937/2573] Rule 11.9: Format test file --- c/misra/test/rules/RULE-11-9/test.c | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/c/misra/test/rules/RULE-11-9/test.c b/c/misra/test/rules/RULE-11-9/test.c index c9cce8687b..e87366d831 100644 --- a/c/misra/test/rules/RULE-11-9/test.c +++ b/c/misra/test/rules/RULE-11-9/test.c @@ -20,15 +20,15 @@ void *f1(void *p1, int p2) { if (p2 == 0) { // COMPLIANT return NULL; } - p2 ? p1 : 0; // NON_COMPLIANT - p2 ? 0 : p1; // NON_COMPLIANT - p2 ? (void*) 0 : p1; // COMPLIANT - p2 ? p1 : (void*) 0; // COMPLIANT - p2 ? p2 : 0; // COMPLIANT - p2 is not a pointer type - p2 ? 0 : p2; // COMPLIANT - p2 is not a pointer type + p2 ? p1 : 0; // NON_COMPLIANT + p2 ? 0 : p1; // NON_COMPLIANT + p2 ? (void *)0 : p1; // COMPLIANT + p2 ? p1 : (void *)0; // COMPLIANT + p2 ? p2 : 0; // COMPLIANT - p2 is not a pointer type + p2 ? 0 : p2; // COMPLIANT - p2 is not a pointer type int x; int *y; - p2 ? (p1 = 0) : p1; // NON_COMPLIANT - p1 is a pointer type - p2 ? (p2 = 0) : p1; // COMPLIANT - p2 is not a pointer type - return 0; // COMPLIANT + p2 ? (p1 = 0) : p1; // NON_COMPLIANT - p1 is a pointer type + p2 ? (p2 = 0) : p1; // COMPLIANT - p2 is not a pointer type + return 0; // COMPLIANT } \ No newline at end of file From 1accfabeaf01a8074f3cc8fc10cdb6946204bade Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 11 Sep 2024 14:58:17 +0100 Subject: [PATCH 1938/2573] Checkout repository before calling check-permissions action --- .github/workflows/dispatch-matrix-check.yml | 3 +++ .github/workflows/dispatch-matrix-test-on-comment.yml | 3 +++ .github/workflows/dispatch-release-performance-check.yml | 3 +++ 3 files changed, 9 insertions(+) diff --git a/.github/workflows/dispatch-matrix-check.yml b/.github/workflows/dispatch-matrix-check.yml index 458a7a6a58..afe78c948c 100644 --- a/.github/workflows/dispatch-matrix-check.yml +++ b/.github/workflows/dispatch-matrix-check.yml @@ -11,6 +11,9 @@ jobs: dispatch-matrix-check: runs-on: ubuntu-22.04 steps: + - name: Checkout repository + uses: actions/checkout@v4 + - name: Check permission id: check-write-permission uses: ./.github/actions/check-permissions diff --git a/.github/workflows/dispatch-matrix-test-on-comment.yml b/.github/workflows/dispatch-matrix-test-on-comment.yml index 4dc69a035a..98e1f9b7ba 100644 --- a/.github/workflows/dispatch-matrix-test-on-comment.yml +++ b/.github/workflows/dispatch-matrix-test-on-comment.yml @@ -8,6 +8,9 @@ jobs: dispatch-matrix-check: runs-on: ubuntu-22.04 steps: + - name: Checkout repository + uses: actions/checkout@v4 + - name: Check permission id: check-write-permission uses: ./.github/actions/check-permissions diff --git a/.github/workflows/dispatch-release-performance-check.yml b/.github/workflows/dispatch-release-performance-check.yml index 8933495382..64863b8b05 100644 --- a/.github/workflows/dispatch-release-performance-check.yml +++ b/.github/workflows/dispatch-release-performance-check.yml @@ -8,6 +8,9 @@ jobs: dispatch-matrix-check: runs-on: ubuntu-22.04 steps: + - name: Checkout repository + uses: actions/checkout@v4 + - name: Check permission id: check-write-permission uses: ./.github/actions/check-permissions From 122a8f7fc2ced656c652355e84e612de176504a8 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Wed, 11 Sep 2024 22:49:43 +0100 Subject: [PATCH 1939/2573] Fix input passing in check-permissions Composite actions do not get passed the input from the overall action - only the composite action. Address this by manually setting the appropriate env var to ensure the value is passed through. See: https://github.com/actions/github-script/issues/56 --- .github/actions/check-permissions/action.yml | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/.github/actions/check-permissions/action.yml b/.github/actions/check-permissions/action.yml index 9a3ea6d7f7..4d258d10cf 100644 --- a/.github/actions/check-permissions/action.yml +++ b/.github/actions/check-permissions/action.yml @@ -16,11 +16,17 @@ runs: steps: - uses: actions/github-script@v7 id: check-permission + env: + INPUT_MINIMUM-PERMISSION: ${{ inputs.minimum-permission }} with: script: | // Valid permissions are none, read, write, admin (legacy base permissions) const permissionsRanking = ["none", "read", "write", "admin"]; + // Note: core.getInput doesn't work by default in a composite action - in this case + // it would try to fetch the input to the github-script instead of the action + // itself. Instead, we set the appropriate magic env var with the actions input. + // See: https://github.com/actions/runner/issues/665 const minimumPermission = core.getInput('minimum-permission'); if (!permissionsRanking.includes(minimumPermission)) { core.setFailed(`Invalid minimum permission: ${minimumPermission}`); @@ -40,4 +46,4 @@ runs: core.info(`Current actor (${tools.context.actor}) does not have the minimum required permission '${minimumPermission}' (has '${actorPermission}')`); } else { core.info(`Current actor (${tools.context.actor}) has the minimum required permission '${minimumPermission}' (has '${actorPermission}')`); - } \ No newline at end of file + } From 3c223ace4e6c91e5302f8e851b10dd24c4bb9509 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 11 Sep 2024 22:57:12 +0100 Subject: [PATCH 1940/2573] Fix comments - Fix typo - Do not need to handle rem by zero --- .../codingstandards/cpp/SimpleRangeAnalysisCustomizations.qll | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/SimpleRangeAnalysisCustomizations.qll b/cpp/common/src/codingstandards/cpp/SimpleRangeAnalysisCustomizations.qll index 038d09413e..5144f63dc2 100644 --- a/cpp/common/src/codingstandards/cpp/SimpleRangeAnalysisCustomizations.qll +++ b/cpp/common/src/codingstandards/cpp/SimpleRangeAnalysisCustomizations.qll @@ -161,7 +161,7 @@ private class RemAssignSimpleRange extends SimpleRangeAnalysisExpr, AssignRemExp maxDivisorNegated = (getFullyConvertedUpperBounds(getRValue()).abs() - 1) * -1 and // Find the lower bounds of the dividend dividendLowerBounds = getFullyConvertedLowerBounds(getLValue()) and - // The lower bound is caluclated in two steps: + // The lower bound is calculated in two steps: // 1. Determine the maximum of the dividend lower bound and maxDivisorNegated. // When the dividend is negative this will result in a negative result // 2. Find the minimum with 0. If the divided is always >0 this will produce 0 @@ -172,7 +172,6 @@ private class RemAssignSimpleRange extends SimpleRangeAnalysisExpr, AssignRemExp } override float getUpperBounds() { - // TODO rem zero? exists(float maxDivisor, float maxDividend | // The maximum divisor value is the absolute value of the divisor minus 1 maxDivisor = getFullyConvertedUpperBounds(getRValue()).abs() - 1 and From c765f93757323ee5218c0670016ec4b76f3387e8 Mon Sep 17 00:00:00 2001 From: Fernando Jose Date: Thu, 12 Sep 2024 12:22:50 +0900 Subject: [PATCH 1941/2573] Fix(common/cpp): dead code alert on constexpr with array sizes. --- .../cpp/rules/deadcode/DeadCode.qll | 24 ++++++++++++++++++- .../test/rules/deadcode/DeadCode.expected | 2 ++ cpp/common/test/rules/deadcode/test.cpp | 5 ++++ 3 files changed, 30 insertions(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/deadcode/DeadCode.qll b/cpp/common/src/codingstandards/cpp/rules/deadcode/DeadCode.qll index 4a008dc15a..5f3b77e661 100644 --- a/cpp/common/src/codingstandards/cpp/rules/deadcode/DeadCode.qll +++ b/cpp/common/src/codingstandards/cpp/rules/deadcode/DeadCode.qll @@ -16,11 +16,31 @@ import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.deadcode.UselessAssignments import codingstandards.cpp.deadcode.UnreachableCode +import codingstandards.cpp.deadcode.UnusedVariables abstract class DeadCodeSharedQuery extends Query { } Query getQuery() { result instanceof DeadCodeSharedQuery } +/** + * Returns integer value of a constexpr variable + */ +int getConstexprValue(Variable v) { + result = v.getInitializer().getExpr().getValue().toInt() and v.isConstexpr() +} + +/** + * Holds if `Variable` v is used for a local array size with value `n` + */ +bindingset[n] +predicate isUsedInLocalArraySize(Variable v, int n) { + // Cf. https://github.com/github/codeql-coding-standards/pull/660/files. + count(ArrayType at, LocalVariable arrayVariable | + arrayVariable.getType().resolveTypedefs() = at and + v.(PotentiallyUnusedLocalVariable).getFunction() = arrayVariable.getFunction() and + at.getArraySize() = n) > 0 +} + /** * Holds if the `Stmt` `s` is either dead or unreachable. */ @@ -39,6 +59,7 @@ predicate isDeadStmt(Stmt s) { // - All the declarations are variable declarations // - None of those variables are ever accessed in non-dead code // - The initializers for each of the variables are pure + // - It isn't constexpr and used to declare an array size exists(DeclStmt ds | ds = s and // Use forex so that we don't flag "fake" generated `DeclStmt`s (e.g. those generated by the @@ -50,7 +71,8 @@ predicate isDeadStmt(Stmt s) { not exists(VariableAccess va | va.getTarget() = v and not isDeadOrUnreachableStmt(va.getEnclosingStmt()) - ) + ) and + not isUsedInLocalArraySize(v, getConstexprValue(v)) ) ) ) diff --git a/cpp/common/test/rules/deadcode/DeadCode.expected b/cpp/common/test/rules/deadcode/DeadCode.expected index 6c111d8a93..d3252e9401 100644 --- a/cpp/common/test/rules/deadcode/DeadCode.expected +++ b/cpp/common/test/rules/deadcode/DeadCode.expected @@ -12,3 +12,5 @@ | test.cpp:72:3:73:3 | try { ... } | This statement is dead code. | | test.cpp:73:17:74:3 | { ... } | This statement is dead code. | | test.cpp:79:17:80:3 | { ... } | This statement is dead code. | +| test.cpp:85:3:85:44 | declaration | This statement is dead code. | +| test.cpp:87:3:87:30 | declaration | This statement is dead code. | diff --git a/cpp/common/test/rules/deadcode/test.cpp b/cpp/common/test/rules/deadcode/test.cpp index ba5c59b07c..982c021563 100644 --- a/cpp/common/test/rules/deadcode/test.cpp +++ b/cpp/common/test/rules/deadcode/test.cpp @@ -81,5 +81,10 @@ int test_dead_code(int x) { static_assert(1); // COMPLIANT + constexpr int constexpr_array_size{6}; // COMPLIANT + int unused_array[constexpr_array_size] {}; // NON_COMPLIANT + + constexpr int unused_int{2}; // NON_COMPLIANT + return live5 + live6; // COMPLIANT } \ No newline at end of file From 2690409a7fde4c3256806eeda19dd4c4b418ceb2 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Thu, 12 Sep 2024 14:55:09 +0100 Subject: [PATCH 1942/2573] check-permission: Use the current context.actor property --- .github/actions/check-permissions/action.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/actions/check-permissions/action.yml b/.github/actions/check-permissions/action.yml index 4d258d10cf..b47466d080 100644 --- a/.github/actions/check-permissions/action.yml +++ b/.github/actions/check-permissions/action.yml @@ -36,14 +36,14 @@ runs: const { data : { permission : actorPermission } } = await github.rest.repos.getCollaboratorPermissionLevel({ owner: context.repo.owner, repo: context.repo.repo, - username: tools.context.actor + username: context.actor }); // Confirm whether the actor permission is at least the selected permission const hasPermission = permissionsRanking.indexOf(minimumPermission) <= permissionsRanking.indexOf(actorPermission) ? "1" : ""; core.setOutput('has-permission', hasPermission); if (!hasPermission) { - core.info(`Current actor (${tools.context.actor}) does not have the minimum required permission '${minimumPermission}' (has '${actorPermission}')`); + core.info(`Current actor (${context.actor}) does not have the minimum required permission '${minimumPermission}' (has '${actorPermission}')`); } else { - core.info(`Current actor (${tools.context.actor}) has the minimum required permission '${minimumPermission}' (has '${actorPermission}')`); + core.info(`Current actor (${context.actor}) has the minimum required permission '${minimumPermission}' (has '${actorPermission}')`); } From 073eaa2bf6cc693b442115e3b7389fb3c84c65bc Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 12 Sep 2024 12:44:39 -0700 Subject: [PATCH 1943/2573] Fix #1869 Compiler Compatability for clang for CERT-C++ rule DCL51-CPP tzname is char*[2] in the standard libraries of both clang and gcc. This will allow the test code to compile, and still triggers a non-compliance query result. --- cpp/cert/test/rules/DCL51-CPP/ObjectReusesReservedName.expected | 2 +- cpp/cert/test/rules/DCL51-CPP/test.cpp | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/cpp/cert/test/rules/DCL51-CPP/ObjectReusesReservedName.expected b/cpp/cert/test/rules/DCL51-CPP/ObjectReusesReservedName.expected index 698b0c6067..0d0491b42c 100644 --- a/cpp/cert/test/rules/DCL51-CPP/ObjectReusesReservedName.expected +++ b/cpp/cert/test/rules/DCL51-CPP/ObjectReusesReservedName.expected @@ -1 +1 @@ -| test.cpp:18:5:18:10 | tzname | The variable $@ reuses a reserved standard library name. | test.cpp:18:5:18:10 | tzname | tzname | +| test.cpp:18:7:18:12 | tzname | The variable $@ reuses a reserved standard library name. | test.cpp:18:7:18:12 | tzname | tzname | diff --git a/cpp/cert/test/rules/DCL51-CPP/test.cpp b/cpp/cert/test/rules/DCL51-CPP/test.cpp index 5e27dd2390..27c03210e9 100644 --- a/cpp/cert/test/rules/DCL51-CPP/test.cpp +++ b/cpp/cert/test/rules/DCL51-CPP/test.cpp @@ -15,7 +15,7 @@ enum { // int NULL = 0; // NON_COMPLIANT, but not supported by compilers in practice -int tzname = 0; // NON_COMPLIANT +char* tzname[2]; // NON_COMPLIANT void min() {} // NON_COMPLIANT From 3187f2c769fcc9bc35a53d712f13d4a857388e41 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Thu, 12 Sep 2024 16:57:52 -0400 Subject: [PATCH 1944/2573] A2-7-3: update test expected file --- .../UndocumentedUserDefinedType.expected | 22 ++++++++++--------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/cpp/autosar/test/rules/A2-7-3/UndocumentedUserDefinedType.expected b/cpp/autosar/test/rules/A2-7-3/UndocumentedUserDefinedType.expected index 90935f9396..d14f6e21f7 100644 --- a/cpp/autosar/test/rules/A2-7-3/UndocumentedUserDefinedType.expected +++ b/cpp/autosar/test/rules/A2-7-3/UndocumentedUserDefinedType.expected @@ -1,10 +1,12 @@ -| test.cpp:70:7:70:12 | definition of ClassD | Declaration entry for user-defined type ClassD is missing documentation. | -| test.cpp:72:7:72:7 | definition of a | Declaration entry for member variable a is missing documentation. | -| test.cpp:73:14:73:14 | declaration of b | Declaration entry for member variable b is missing documentation. | -| test.cpp:74:8:74:8 | declaration of f | Declaration entry for function f is missing documentation. | -| test.cpp:76:7:76:7 | definition of c | Declaration entry for member variable c is missing documentation. | -| test.cpp:78:6:78:6 | declaration of d | Declaration entry for function d is missing documentation. | -| test.cpp:81:6:81:6 | definition of e | Declaration entry for function e is missing documentation. | -| test.cpp:88:1:88:30 | definition of message_to_string_undocumented | Declaration entry for function message_to_string_undocumented is missing documentation. | -| test.cpp:160:21:160:24 | definition of kBar | Declaration entry for member variable kBar is missing documentation. | -| test.cpp:207:14:207:17 | definition of foo3 | Declaration entry for function foo3 is missing documentation. | +| test.cpp:74:8:74:8 | declaration of j | Declaration entry for function j is missing documentation. | +| test.cpp:75:8:75:8 | declaration of k | Declaration entry for function k is missing documentation. | +| test.cpp:90:7:90:12 | definition of ClassD | Declaration entry for user-defined type ClassD is missing documentation. | +| test.cpp:92:7:92:7 | definition of a | Declaration entry for member variable a is missing documentation. | +| test.cpp:93:14:93:14 | declaration of b | Declaration entry for member variable b is missing documentation. | +| test.cpp:94:8:94:8 | declaration of f | Declaration entry for function f is missing documentation. | +| test.cpp:96:7:96:7 | definition of c | Declaration entry for member variable c is missing documentation. | +| test.cpp:98:6:98:6 | declaration of d | Declaration entry for function d is missing documentation. | +| test.cpp:101:6:101:6 | definition of e | Declaration entry for function e is missing documentation. | +| test.cpp:108:1:108:30 | definition of message_to_string_undocumented | Declaration entry for function message_to_string_undocumented is missing documentation. | +| test.cpp:180:21:180:24 | definition of kBar | Declaration entry for member variable kBar is missing documentation. | +| test.cpp:227:14:227:17 | definition of foo3 | Declaration entry for function foo3 is missing documentation. | From 87346721e85ad3fb2cdf8c1c5e330fd601fb5319 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 12 Sep 2024 16:08:20 -0700 Subject: [PATCH 1945/2573] Fix clang format. --- cpp/cert/test/rules/DCL51-CPP/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/cert/test/rules/DCL51-CPP/test.cpp b/cpp/cert/test/rules/DCL51-CPP/test.cpp index 27c03210e9..0cb2496861 100644 --- a/cpp/cert/test/rules/DCL51-CPP/test.cpp +++ b/cpp/cert/test/rules/DCL51-CPP/test.cpp @@ -15,7 +15,7 @@ enum { // int NULL = 0; // NON_COMPLIANT, but not supported by compilers in practice -char* tzname[2]; // NON_COMPLIANT +char *tzname[2]; // NON_COMPLIANT void min() {} // NON_COMPLIANT From 19b54e2c667b85ddf5b4b3ce2298a96baef6910d Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 16 Sep 2024 11:29:38 +0100 Subject: [PATCH 1946/2573] Add change note --- change_notes/2024-09-11-rule-12-2-improvements.md | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 change_notes/2024-09-11-rule-12-2-improvements.md diff --git a/change_notes/2024-09-11-rule-12-2-improvements.md b/change_notes/2024-09-11-rule-12-2-improvements.md new file mode 100644 index 0000000000..0e713a5088 --- /dev/null +++ b/change_notes/2024-09-11-rule-12-2-improvements.md @@ -0,0 +1,6 @@ +- `RULE-12-2` - `RightHandOperandOfAShiftRange.ql`: + - Reduce false positives related to ranges determined by `%=`. + - Reduce false positives for integer constants with explicit size suffix were incorrectly identified as smaller types. + - Improve explanation of results, providing additional information on types and size ranges. + - Combine results stemming from the expansion of a macro, where the result is not dependent on the context. + \ No newline at end of file From 15801d9245b453c599f6445b0f52c54c2261e8dd Mon Sep 17 00:00:00 2001 From: Fernando Jose Date: Mon, 16 Sep 2024 20:56:00 +0900 Subject: [PATCH 1947/2573] Refactor to share a predicate between M0-1-3 and M0-1-9 reducing duplication. --- .../src/rules/M0-1-3/UnusedLocalVariable.ql | 6 +----- .../cpp/deadcode/UnusedVariables.qll | 16 ++++++++++++++ .../cpp/rules/deadcode/DeadCode.qll | 21 +------------------ 3 files changed, 18 insertions(+), 25 deletions(-) diff --git a/cpp/autosar/src/rules/M0-1-3/UnusedLocalVariable.ql b/cpp/autosar/src/rules/M0-1-3/UnusedLocalVariable.ql index 5956515e5b..0387208514 100644 --- a/cpp/autosar/src/rules/M0-1-3/UnusedLocalVariable.ql +++ b/cpp/autosar/src/rules/M0-1-3/UnusedLocalVariable.ql @@ -44,11 +44,7 @@ int getUseCountConservatively(Variable v) { count(StaticAssert s | s.getCondition().getAChild*().getValue() = getConstExprValue(v)) + // In case an array type uses a constant in the same scope as the constexpr variable, // consider it as used. - count(ArrayType at, LocalVariable arrayVariable | - arrayVariable.getType().resolveTypedefs() = at and - v.(PotentiallyUnusedLocalVariable).getFunction() = arrayVariable.getFunction() and - at.getArraySize().toString() = getConstExprValue(v) - ) + countUsesInLocalArraySize(v) } from PotentiallyUnusedLocalVariable v diff --git a/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll b/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll index f4607d82cb..92fa3b497f 100644 --- a/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll +++ b/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll @@ -150,3 +150,19 @@ predicate maybeACompileTimeTemplateArgument(Variable v) { ) ) } + +/** Gets the constant value of a constexpr/const variable. */ +private string getConstExprValue(Variable v) { + result = v.getInitializer().getExpr().getValue() and + (v.isConst() or v.isConstexpr()) +} + +/** + * Counts uses of `Variable` v in a local array of size `n` + */ +int countUsesInLocalArraySize(Variable v) { + result = count(ArrayType at, LocalVariable arrayVariable | + arrayVariable.getType().resolveTypedefs() = at and + v.(PotentiallyUnusedLocalVariable).getFunction() = arrayVariable.getFunction() and + at.getArraySize().toString() = getConstExprValue(v)) +} diff --git a/cpp/common/src/codingstandards/cpp/rules/deadcode/DeadCode.qll b/cpp/common/src/codingstandards/cpp/rules/deadcode/DeadCode.qll index 5f3b77e661..1cf4989680 100644 --- a/cpp/common/src/codingstandards/cpp/rules/deadcode/DeadCode.qll +++ b/cpp/common/src/codingstandards/cpp/rules/deadcode/DeadCode.qll @@ -22,25 +22,6 @@ abstract class DeadCodeSharedQuery extends Query { } Query getQuery() { result instanceof DeadCodeSharedQuery } -/** - * Returns integer value of a constexpr variable - */ -int getConstexprValue(Variable v) { - result = v.getInitializer().getExpr().getValue().toInt() and v.isConstexpr() -} - -/** - * Holds if `Variable` v is used for a local array size with value `n` - */ -bindingset[n] -predicate isUsedInLocalArraySize(Variable v, int n) { - // Cf. https://github.com/github/codeql-coding-standards/pull/660/files. - count(ArrayType at, LocalVariable arrayVariable | - arrayVariable.getType().resolveTypedefs() = at and - v.(PotentiallyUnusedLocalVariable).getFunction() = arrayVariable.getFunction() and - at.getArraySize() = n) > 0 -} - /** * Holds if the `Stmt` `s` is either dead or unreachable. */ @@ -72,7 +53,7 @@ predicate isDeadStmt(Stmt s) { va.getTarget() = v and not isDeadOrUnreachableStmt(va.getEnclosingStmt()) ) and - not isUsedInLocalArraySize(v, getConstexprValue(v)) + not (countUsesInLocalArraySize(v) > 0) ) ) ) From 468eabd2c684111f03f7b211dee5bf8054a02611 Mon Sep 17 00:00:00 2001 From: Fernando Jose Date: Mon, 16 Sep 2024 20:59:40 +0900 Subject: [PATCH 1948/2573] Add cases in dead code test where the arrays are constexpr. Complemeting previous case where the integers used for the sizes of the arrays were constexpr. --- cpp/common/test/rules/deadcode/DeadCode.expected | 1 + cpp/common/test/rules/deadcode/test.cpp | 7 +++++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/cpp/common/test/rules/deadcode/DeadCode.expected b/cpp/common/test/rules/deadcode/DeadCode.expected index d3252e9401..db68f5f8c4 100644 --- a/cpp/common/test/rules/deadcode/DeadCode.expected +++ b/cpp/common/test/rules/deadcode/DeadCode.expected @@ -14,3 +14,4 @@ | test.cpp:79:17:80:3 | { ... } | This statement is dead code. | | test.cpp:85:3:85:44 | declaration | This statement is dead code. | | test.cpp:87:3:87:30 | declaration | This statement is dead code. | +| test.cpp:90:3:90:50 | declaration | This statement is dead code. | diff --git a/cpp/common/test/rules/deadcode/test.cpp b/cpp/common/test/rules/deadcode/test.cpp index 982c021563..597c06af43 100644 --- a/cpp/common/test/rules/deadcode/test.cpp +++ b/cpp/common/test/rules/deadcode/test.cpp @@ -86,5 +86,8 @@ int test_dead_code(int x) { constexpr int unused_int{2}; // NON_COMPLIANT - return live5 + live6; // COMPLIANT -} \ No newline at end of file + constexpr int constexpr_used_array[]{3, 4, 5}; // COMPLIANT + constexpr int constexpr_unused_array[]{0, 1, 2}; // NON_COMPLIANT + + return live5 + live6 + constexpr_used_array[1]; // COMPLIANT +} From 8461696679fad63de78bcb71301b4980724f4a9f Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Fri, 13 Sep 2024 16:43:41 +0200 Subject: [PATCH 1949/2573] Remove data flow imports from queries that do not actually use it --- .../rules/CON30-C/CleanUpThreadSpecificStorage.ql | 1 - .../AppropriateThreadObjectStorageDurations.ql | 1 - .../ThreadObjectStorageDurationsNotInitialized.ql | 1 - c/cert/src/rules/ERR30-C/ErrnoReadBeforeReturn.ql | 1 + .../rules/ERR30-C/FunctionCallBeforeErrnoCheck.ql | 1 - c/cert/src/rules/ERR30-C/SetlocaleMightSetErrno.ql | 1 + ...ndenceOnOrderOfFunctionArgumentsForSideEffects.ql | 1 - .../SuccessfulFgetsOrFgetwsMayReturnAnEmptyString.ql | 2 +- .../CON30-C/CleanUpThreadSpecificStorage.expected | 12 ++++++------ .../AppropriateThreadObjectStorageDurations.expected | 12 ++++++------ ...readObjectStorageDurationsNotInitialized.expected | 6 +++--- .../rules/ERR30-C/ErrnoReadBeforeReturn.expected | 2 +- .../rules/ERR30-C/SetlocaleMightSetErrno.expected | 2 +- c/common/src/codingstandards/c/Errno.qll | 1 - .../RULE-17-7/ValueReturnedByAFunctionNotUsed.ql | 1 - .../RULE-19-1/ObjectCopiedToAnOverlappingObject.ql | 1 - .../src/rules/A18-5-2/DoNotUseNonPlacementNew.ql | 1 - .../A8-4-4/FunctionReturnMultipleValueCondition.ql | 1 - .../PointerToAVirtualBaseClassCastToAPointer.ql | 1 - .../lifetimes/lifetimeprofile/LifetimeProfile.qll | 1 - .../AccessOfUndefinedMemberThroughNullPointer.qll | 1 - .../UnusedReturnValue.ql | 1 - .../deviations_basic_test/UnusedReturnValue.ql | 1 - .../deviations_report_deviated/UnusedReturnValue.ql | 1 - 24 files changed, 20 insertions(+), 34 deletions(-) diff --git a/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql b/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql index d55f1326bf..69b1b333be 100644 --- a/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql +++ b/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql @@ -15,7 +15,6 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.Concurrency -import semmle.code.cpp.dataflow.TaintTracking import semmle.code.cpp.dataflow.DataFlow module TssCreateToTssDeleteConfig implements DataFlow::ConfigSig { diff --git a/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql b/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql index 71138f4ff8..78b5a090b2 100644 --- a/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql +++ b/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql @@ -15,7 +15,6 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.Concurrency -import semmle.code.cpp.dataflow.TaintTracking import semmle.code.cpp.dataflow.DataFlow import semmle.code.cpp.commons.Alloc diff --git a/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql b/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql index ddcddb8dc5..fc75cb94ff 100644 --- a/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql +++ b/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql @@ -16,7 +16,6 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.Concurrency -import semmle.code.cpp.dataflow.TaintTracking import semmle.code.cpp.dataflow.DataFlow from TSSGetFunctionCall tsg, ThreadedFunction tf diff --git a/c/cert/src/rules/ERR30-C/ErrnoReadBeforeReturn.ql b/c/cert/src/rules/ERR30-C/ErrnoReadBeforeReturn.ql index df8519f13f..527529cc30 100644 --- a/c/cert/src/rules/ERR30-C/ErrnoReadBeforeReturn.ql +++ b/c/cert/src/rules/ERR30-C/ErrnoReadBeforeReturn.ql @@ -14,6 +14,7 @@ import cpp import codingstandards.c.cert import codingstandards.c.Errno +import semmle.code.cpp.dataflow.DataFlow /** * A call to an `OutOfBandErrnoSettingFunction` diff --git a/c/cert/src/rules/ERR30-C/FunctionCallBeforeErrnoCheck.ql b/c/cert/src/rules/ERR30-C/FunctionCallBeforeErrnoCheck.ql index dd2e2175f7..17714c646f 100644 --- a/c/cert/src/rules/ERR30-C/FunctionCallBeforeErrnoCheck.ql +++ b/c/cert/src/rules/ERR30-C/FunctionCallBeforeErrnoCheck.ql @@ -14,7 +14,6 @@ import cpp import codingstandards.c.cert import codingstandards.c.Errno -import semmle.code.cpp.dataflow.DataFlow /** * A call to an `OutOfBandErrnoSettingFunction` diff --git a/c/cert/src/rules/ERR30-C/SetlocaleMightSetErrno.ql b/c/cert/src/rules/ERR30-C/SetlocaleMightSetErrno.ql index 899fa49e60..9c94284841 100644 --- a/c/cert/src/rules/ERR30-C/SetlocaleMightSetErrno.ql +++ b/c/cert/src/rules/ERR30-C/SetlocaleMightSetErrno.ql @@ -13,6 +13,7 @@ import cpp import codingstandards.c.cert import codingstandards.c.Errno +import semmle.code.cpp.dataflow.DataFlow class SetlocaleFunctionCall extends FunctionCall { SetlocaleFunctionCall() { this.getTarget().hasGlobalName("setlocale") } diff --git a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql b/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql index fb14515c61..a761ec7f48 100644 --- a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql +++ b/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql @@ -14,7 +14,6 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.SideEffect -import semmle.code.cpp.dataflow.DataFlow import semmle.code.cpp.dataflow.TaintTracking import semmle.code.cpp.valuenumbering.GlobalValueNumbering diff --git a/c/cert/src/rules/FIO37-C/SuccessfulFgetsOrFgetwsMayReturnAnEmptyString.ql b/c/cert/src/rules/FIO37-C/SuccessfulFgetsOrFgetwsMayReturnAnEmptyString.ql index 54f555d7cb..5945da57f4 100644 --- a/c/cert/src/rules/FIO37-C/SuccessfulFgetsOrFgetwsMayReturnAnEmptyString.ql +++ b/c/cert/src/rules/FIO37-C/SuccessfulFgetsOrFgetwsMayReturnAnEmptyString.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.FgetsErrorManagement import codingstandards.cpp.Dereferenced -import semmle.code.cpp.dataflow.TaintTracking +import semmle.code.cpp.dataflow.DataFlow /* * CFG nodes that follows a successful call to `fgets` diff --git a/c/cert/test/rules/CON30-C/CleanUpThreadSpecificStorage.expected b/c/cert/test/rules/CON30-C/CleanUpThreadSpecificStorage.expected index 2706474f29..047ed12e8e 100644 --- a/c/cert/test/rules/CON30-C/CleanUpThreadSpecificStorage.expected +++ b/c/cert/test/rules/CON30-C/CleanUpThreadSpecificStorage.expected @@ -1,9 +1,9 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:21,46-54) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:22,22-30) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:31,20-28) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:41,35-43) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:49,36-44) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:51,36-44) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:20,46-54) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:21,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:30,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:40,35-43) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:48,36-44) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:50,36-44) | test.c:27:3:27:12 | call to tss_create | Resources used by thread specific storage may not be cleaned up. | | test.c:49:3:49:12 | call to tss_create | Resources used by thread specific storage may not be cleaned up. | | test.c:71:3:71:12 | call to tss_create | Resources used by thread specific storage may not be cleaned up. | diff --git a/c/cert/test/rules/CON34-C/AppropriateThreadObjectStorageDurations.expected b/c/cert/test/rules/CON34-C/AppropriateThreadObjectStorageDurations.expected index 25cb74d7fa..7e4cf71c21 100644 --- a/c/cert/test/rules/CON34-C/AppropriateThreadObjectStorageDurations.expected +++ b/c/cert/test/rules/CON34-C/AppropriateThreadObjectStorageDurations.expected @@ -1,11 +1,11 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:28,29-37) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:28,54-62) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:35,62-70) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:27,29-37) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:27,54-62) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:34,62-70) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:39,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:39,30-38) WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:40,5-13) WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:40,30-38) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:41,5-13) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:41,30-38) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:28,3-16) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:27,3-16) | test.c:23:3:23:13 | call to thrd_create | $@ not declared with appropriate storage duration | test.c:23:24:23:29 | & ... | Shared object | | test.c:74:3:74:13 | call to thrd_create | $@ not declared with appropriate storage duration | test.c:74:24:74:24 | p | Shared object | | test.c:85:3:85:13 | call to thrd_create | $@ not declared with appropriate storage duration | test.c:85:24:85:24 | p | Shared object | diff --git a/c/cert/test/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.expected b/c/cert/test/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.expected index d6b6548581..f8e86fbb51 100644 --- a/c/cert/test/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.expected +++ b/c/cert/test/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.expected @@ -1,6 +1,6 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (ThreadObjectStorageDurationsNotInitialized.ql:28,38-46) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ThreadObjectStorageDurationsNotInitialized.ql:27,38-46) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ThreadObjectStorageDurationsNotInitialized.ql:30,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ThreadObjectStorageDurationsNotInitialized.ql:30,30-38) WARNING: module 'DataFlow' has been deprecated and may be removed in future (ThreadObjectStorageDurationsNotInitialized.ql:31,5-13) WARNING: module 'DataFlow' has been deprecated and may be removed in future (ThreadObjectStorageDurationsNotInitialized.ql:31,30-38) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (ThreadObjectStorageDurationsNotInitialized.ql:32,5-13) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (ThreadObjectStorageDurationsNotInitialized.ql:32,30-38) | test.c:14:7:14:13 | call to tss_get | Call to a thread specific storage function from within a threaded context on an object that may not be owned by this thread. | diff --git a/c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.expected b/c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.expected index 659a731d7c..e925901b47 100644 --- a/c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.expected +++ b/c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.expected @@ -1,4 +1,4 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (ErrnoReadBeforeReturn.ql:40,7-15) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ErrnoReadBeforeReturn.ql:41,7-15) | test.c:69:7:69:11 | * ... | Do not read `errno` before checking the return value of function $@. | test.c:68:3:68:7 | call to ftell | call to ftell | | test.c:69:7:69:11 | call to __errno_location | Do not read `errno` before checking the return value of function $@. | test.c:68:3:68:7 | call to ftell | call to ftell | | test.c:70:5:70:10 | call to perror | Do not read `errno` before checking the return value of function $@. | test.c:68:3:68:7 | call to ftell | call to ftell | diff --git a/c/cert/test/rules/ERR30-C/SetlocaleMightSetErrno.expected b/c/cert/test/rules/ERR30-C/SetlocaleMightSetErrno.expected index d20f4a4e34..489bfc6bb0 100644 --- a/c/cert/test/rules/ERR30-C/SetlocaleMightSetErrno.expected +++ b/c/cert/test/rules/ERR30-C/SetlocaleMightSetErrno.expected @@ -1,3 +1,3 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (SetlocaleMightSetErrno.ql:64,7-15) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (SetlocaleMightSetErrno.ql:65,7-15) | test.c:98:3:98:11 | call to setlocale | Do not read `errno` before checking the return value of a call to `setlocale`. | | test.c:104:7:104:15 | call to setlocale | The value of `errno` may be different than `0` when `setlocale` is called. The following `errno` check might be invalid. | diff --git a/c/common/src/codingstandards/c/Errno.qll b/c/common/src/codingstandards/c/Errno.qll index d606593a1e..768927f505 100644 --- a/c/common/src/codingstandards/c/Errno.qll +++ b/c/common/src/codingstandards/c/Errno.qll @@ -1,7 +1,6 @@ /** Provides a library for errno-setting functions. */ import cpp -import semmle.code.cpp.dataflow.DataFlow /** * An errno-setting function diff --git a/c/misra/src/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.ql b/c/misra/src/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.ql index 3b224544f2..5907d00769 100644 --- a/c/misra/src/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.ql +++ b/c/misra/src/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.ql @@ -13,7 +13,6 @@ import cpp import codingstandards.c.misra -import semmle.code.cpp.dataflow.DataFlow from Call c where diff --git a/c/misra/src/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.ql b/c/misra/src/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.ql index fe1226dcea..0e276773dc 100644 --- a/c/misra/src/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.ql +++ b/c/misra/src/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.ql @@ -13,7 +13,6 @@ import cpp import codingstandards.c.misra import semmle.code.cpp.valuenumbering.GlobalValueNumbering -import semmle.code.cpp.dataflow.DataFlow /** * Offset in bytes of a field access diff --git a/cpp/autosar/src/rules/A18-5-2/DoNotUseNonPlacementNew.ql b/cpp/autosar/src/rules/A18-5-2/DoNotUseNonPlacementNew.ql index 1320d6e486..3cfccbf11e 100644 --- a/cpp/autosar/src/rules/A18-5-2/DoNotUseNonPlacementNew.ql +++ b/cpp/autosar/src/rules/A18-5-2/DoNotUseNonPlacementNew.ql @@ -15,7 +15,6 @@ import cpp import codingstandards.cpp.autosar -import semmle.code.cpp.dataflow.DataFlow from NewOrNewArrayExpr na where diff --git a/cpp/autosar/src/rules/A8-4-4/FunctionReturnMultipleValueCondition.ql b/cpp/autosar/src/rules/A8-4-4/FunctionReturnMultipleValueCondition.ql index ff0040f26f..03f0c3cea6 100644 --- a/cpp/autosar/src/rules/A8-4-4/FunctionReturnMultipleValueCondition.ql +++ b/cpp/autosar/src/rules/A8-4-4/FunctionReturnMultipleValueCondition.ql @@ -16,7 +16,6 @@ import cpp import codingstandards.cpp.autosar -import semmle.code.cpp.dataflow.DataFlow abstract class OutputValue extends Element { abstract string getOutputName(); diff --git a/cpp/autosar/src/rules/M5-2-2/PointerToAVirtualBaseClassCastToAPointer.ql b/cpp/autosar/src/rules/M5-2-2/PointerToAVirtualBaseClassCastToAPointer.ql index d24c4d35df..086aa40ae7 100644 --- a/cpp/autosar/src/rules/M5-2-2/PointerToAVirtualBaseClassCastToAPointer.ql +++ b/cpp/autosar/src/rules/M5-2-2/PointerToAVirtualBaseClassCastToAPointer.ql @@ -15,7 +15,6 @@ import cpp import codingstandards.cpp.autosar -import semmle.code.cpp.dataflow.DataFlow from Cast cast, VirtualBaseClass castFrom, Class castTo where diff --git a/cpp/common/src/codingstandards/cpp/lifetimes/lifetimeprofile/LifetimeProfile.qll b/cpp/common/src/codingstandards/cpp/lifetimes/lifetimeprofile/LifetimeProfile.qll index 354dccdc56..b02f51380e 100644 --- a/cpp/common/src/codingstandards/cpp/lifetimes/lifetimeprofile/LifetimeProfile.qll +++ b/cpp/common/src/codingstandards/cpp/lifetimes/lifetimeprofile/LifetimeProfile.qll @@ -1,5 +1,4 @@ import cpp -private import semmle.code.cpp.dataflow.DataFlow private import semmle.code.cpp.controlflow.Nullness private import codingstandards.cpp.Dereferenced private import codingstandards.cpp.Expr diff --git a/cpp/common/src/codingstandards/cpp/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.qll b/cpp/common/src/codingstandards/cpp/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.qll index e0fb382008..b213087c5c 100644 --- a/cpp/common/src/codingstandards/cpp/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.qll +++ b/cpp/common/src/codingstandards/cpp/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.qll @@ -7,7 +7,6 @@ import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.Nullness import codingstandards.cpp.Expr -import semmle.code.cpp.dataflow.DataFlow import NullPointerToPointerMemberExpressionFlow::PathGraph abstract class AccessOfUndefinedMemberThroughNullPointerSharedQuery extends Query { } diff --git a/cpp/common/test/deviations/deviation_permits_basic_test/UnusedReturnValue.ql b/cpp/common/test/deviations/deviation_permits_basic_test/UnusedReturnValue.ql index 38b75bda3c..469a7f7f73 100644 --- a/cpp/common/test/deviations/deviation_permits_basic_test/UnusedReturnValue.ql +++ b/cpp/common/test/deviations/deviation_permits_basic_test/UnusedReturnValue.ql @@ -16,7 +16,6 @@ import cpp import codingstandards.cpp.CodingStandards -import semmle.code.cpp.dataflow.DataFlow import codingstandards.cpp.exclusions.cpp.RuleMetadata /* This is a copy of an AUTOSAR rule, which we are using for testing purposes. */ diff --git a/cpp/common/test/deviations/deviations_basic_test/UnusedReturnValue.ql b/cpp/common/test/deviations/deviations_basic_test/UnusedReturnValue.ql index 38b75bda3c..469a7f7f73 100644 --- a/cpp/common/test/deviations/deviations_basic_test/UnusedReturnValue.ql +++ b/cpp/common/test/deviations/deviations_basic_test/UnusedReturnValue.ql @@ -16,7 +16,6 @@ import cpp import codingstandards.cpp.CodingStandards -import semmle.code.cpp.dataflow.DataFlow import codingstandards.cpp.exclusions.cpp.RuleMetadata /* This is a copy of an AUTOSAR rule, which we are using for testing purposes. */ diff --git a/cpp/common/test/deviations/deviations_report_deviated/UnusedReturnValue.ql b/cpp/common/test/deviations/deviations_report_deviated/UnusedReturnValue.ql index 38b75bda3c..469a7f7f73 100644 --- a/cpp/common/test/deviations/deviations_report_deviated/UnusedReturnValue.ql +++ b/cpp/common/test/deviations/deviations_report_deviated/UnusedReturnValue.ql @@ -16,7 +16,6 @@ import cpp import codingstandards.cpp.CodingStandards -import semmle.code.cpp.dataflow.DataFlow import codingstandards.cpp.exclusions.cpp.RuleMetadata /* This is a copy of an AUTOSAR rule, which we are using for testing purposes. */ From 71570a0ee3720e50d53370790b7174752e9869c1 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Mon, 16 Sep 2024 14:48:15 +0200 Subject: [PATCH 1950/2573] Fix expected test results after import changes --- ...OfFunctionArgumentsForSideEffects.expected | 48 +++++++++---------- 1 file changed, 24 insertions(+), 24 deletions(-) diff --git a/c/cert/test/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.expected b/c/cert/test/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.expected index 6567ef6fd1..ec791fe3e4 100644 --- a/c/cert/test/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.expected +++ b/c/cert/test/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.expected @@ -1,25 +1,25 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:24,31-39) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:24,59-67) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:27,33-41) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:27,57-65) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:31,33-41) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:31,59-67) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:40,5-13) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:40,25-33) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:40,53-61) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:43,31-39) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:43,57-65) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:52,31-39) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:52,55-63) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:59,31-39) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:59,57-65) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:71,31-39) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:71,55-63) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:24,5-18) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:27,7-20) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:31,7-20) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:43,5-18) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:52,5-18) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:59,5-18) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:71,5-18) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:23,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:23,59-67) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:26,33-41) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:26,57-65) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:30,33-41) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:30,59-67) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:39,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:39,25-33) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:39,53-61) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:42,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:42,57-65) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:51,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:51,55-63) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:58,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:58,57-65) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:70,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:70,55-63) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:23,5-18) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:26,7-20) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:30,7-20) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:42,5-18) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:51,5-18) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:58,5-18) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:70,5-18) | test.c:20:3:20:4 | call to f1 | Depending on the order of evaluation for the arguments $@ and $@ for side effects on shared state is unspecified and can result in unexpected behavior. | test.c:20:6:20:7 | call to f2 | call to f2 | test.c:20:12:20:13 | call to f3 | call to f3 | From 8a20d0e9b51bc51fd8196f85bda603d5833b26ca Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Mon, 16 Sep 2024 07:43:34 -0700 Subject: [PATCH 1951/2573] Use namespace, to ensure tzname definition is distinct from std time. --- .../test/rules/DCL51-CPP/ObjectReusesReservedName.expected | 2 +- cpp/cert/test/rules/DCL51-CPP/test.cpp | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/cpp/cert/test/rules/DCL51-CPP/ObjectReusesReservedName.expected b/cpp/cert/test/rules/DCL51-CPP/ObjectReusesReservedName.expected index 0d0491b42c..f59486e814 100644 --- a/cpp/cert/test/rules/DCL51-CPP/ObjectReusesReservedName.expected +++ b/cpp/cert/test/rules/DCL51-CPP/ObjectReusesReservedName.expected @@ -1 +1 @@ -| test.cpp:18:7:18:12 | tzname | The variable $@ reuses a reserved standard library name. | test.cpp:18:7:18:12 | tzname | tzname | +| test.cpp:18:20:18:25 | tzname | The variable $@ reuses a reserved standard library name. | test.cpp:18:20:18:25 | tzname | tzname | diff --git a/cpp/cert/test/rules/DCL51-CPP/test.cpp b/cpp/cert/test/rules/DCL51-CPP/test.cpp index 0cb2496861..e344681fd5 100644 --- a/cpp/cert/test/rules/DCL51-CPP/test.cpp +++ b/cpp/cert/test/rules/DCL51-CPP/test.cpp @@ -15,7 +15,7 @@ enum { // int NULL = 0; // NON_COMPLIANT, but not supported by compilers in practice -char *tzname[2]; // NON_COMPLIANT +namespace ns { int tzname = 0; } // NON_COMPLIANT void min() {} // NON_COMPLIANT @@ -48,4 +48,4 @@ void test_lambda(const int y) { // Lambda generates a static function called `_FUN` when the lambda is // converted to a function pointer g([](int x) { return x; }); // COMPLIANT - compiler generated -} \ No newline at end of file +} From a6f52403db11f9a6a7f463e1f7b3285740bbd519 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Mon, 16 Sep 2024 07:59:39 -0700 Subject: [PATCH 1952/2573] Clang format; adjust all expected results accordingly. --- .../rules/DCL51-CPP/FunctionReusesReservedName.expected | 2 +- .../rules/DCL51-CPP/ObjectReusesReservedName.expected | 2 +- .../DCL51-CPP/RedefiningOfStandardLibraryName.expected | 2 +- .../UseOfDoubleUnderscoreReservedPrefix.expected | 4 ++-- .../UseOfReservedLiteralSuffixIdentifier.expected | 2 +- .../UseOfSingleUnderscoreReservedPrefix.expected | 8 ++++---- cpp/cert/test/rules/DCL51-CPP/test.cpp | 4 +++- 7 files changed, 13 insertions(+), 11 deletions(-) diff --git a/cpp/cert/test/rules/DCL51-CPP/FunctionReusesReservedName.expected b/cpp/cert/test/rules/DCL51-CPP/FunctionReusesReservedName.expected index e945f93c57..97bbccbbd0 100644 --- a/cpp/cert/test/rules/DCL51-CPP/FunctionReusesReservedName.expected +++ b/cpp/cert/test/rules/DCL51-CPP/FunctionReusesReservedName.expected @@ -1 +1 @@ -| test.cpp:20:6:20:8 | min | The function $@ reuses a reserved standard library name. | test.cpp:20:6:20:8 | min | min | +| test.cpp:22:6:22:8 | min | The function $@ reuses a reserved standard library name. | test.cpp:22:6:22:8 | min | min | diff --git a/cpp/cert/test/rules/DCL51-CPP/ObjectReusesReservedName.expected b/cpp/cert/test/rules/DCL51-CPP/ObjectReusesReservedName.expected index f59486e814..d1c0b8d60e 100644 --- a/cpp/cert/test/rules/DCL51-CPP/ObjectReusesReservedName.expected +++ b/cpp/cert/test/rules/DCL51-CPP/ObjectReusesReservedName.expected @@ -1 +1 @@ -| test.cpp:18:20:18:25 | tzname | The variable $@ reuses a reserved standard library name. | test.cpp:18:20:18:25 | tzname | tzname | +| test.cpp:19:5:19:10 | tzname | The variable $@ reuses a reserved standard library name. | test.cpp:19:5:19:10 | tzname | tzname | diff --git a/cpp/cert/test/rules/DCL51-CPP/RedefiningOfStandardLibraryName.expected b/cpp/cert/test/rules/DCL51-CPP/RedefiningOfStandardLibraryName.expected index f5b15966ba..fb01130c4d 100644 --- a/cpp/cert/test/rules/DCL51-CPP/RedefiningOfStandardLibraryName.expected +++ b/cpp/cert/test/rules/DCL51-CPP/RedefiningOfStandardLibraryName.expected @@ -1,3 +1,3 @@ | test.cpp:6:1:6:14 | #undef INT_MAX | Redefinition of INT_MAX declared in a standard library header. | | test.cpp:7:1:7:20 | #define SIZE_MAX 256 | Redefinition of SIZE_MAX declared in a standard library header. | -| test.cpp:37:1:38:9 | #define FD_SET(X) int _ ## X | Redefinition of FD_SET declared in a standard library header. | +| test.cpp:39:1:40:9 | #define FD_SET(X) int _ ## X | Redefinition of FD_SET declared in a standard library header. | diff --git a/cpp/cert/test/rules/DCL51-CPP/UseOfDoubleUnderscoreReservedPrefix.expected b/cpp/cert/test/rules/DCL51-CPP/UseOfDoubleUnderscoreReservedPrefix.expected index 3b0a94429a..0d52226d5f 100644 --- a/cpp/cert/test/rules/DCL51-CPP/UseOfDoubleUnderscoreReservedPrefix.expected +++ b/cpp/cert/test/rules/DCL51-CPP/UseOfDoubleUnderscoreReservedPrefix.expected @@ -1,2 +1,2 @@ -| test.cpp:25:5:25:7 | __x | Name $@ uses the reserved prefix '__'. | test.cpp:25:5:25:7 | __x | __x | -| test.cpp:30:5:30:7 | __x | Name $@ uses the reserved prefix '__'. | test.cpp:30:5:30:7 | __x | __x | +| test.cpp:27:5:27:7 | __x | Name $@ uses the reserved prefix '__'. | test.cpp:27:5:27:7 | __x | __x | +| test.cpp:32:5:32:7 | __x | Name $@ uses the reserved prefix '__'. | test.cpp:32:5:32:7 | __x | __x | diff --git a/cpp/cert/test/rules/DCL51-CPP/UseOfReservedLiteralSuffixIdentifier.expected b/cpp/cert/test/rules/DCL51-CPP/UseOfReservedLiteralSuffixIdentifier.expected index f8863eab59..96f3b1068e 100644 --- a/cpp/cert/test/rules/DCL51-CPP/UseOfReservedLiteralSuffixIdentifier.expected +++ b/cpp/cert/test/rules/DCL51-CPP/UseOfReservedLiteralSuffixIdentifier.expected @@ -1 +1 @@ -| test.cpp:22:6:22:17 | operator ""x | Literal suffix identifier $@ does not start with an underscore. | test.cpp:22:6:22:17 | operator ""x | operator ""x | +| test.cpp:24:6:24:17 | operator ""x | Literal suffix identifier $@ does not start with an underscore. | test.cpp:24:6:24:17 | operator ""x | operator ""x | diff --git a/cpp/cert/test/rules/DCL51-CPP/UseOfSingleUnderscoreReservedPrefix.expected b/cpp/cert/test/rules/DCL51-CPP/UseOfSingleUnderscoreReservedPrefix.expected index 679ad58deb..544a26c996 100644 --- a/cpp/cert/test/rules/DCL51-CPP/UseOfSingleUnderscoreReservedPrefix.expected +++ b/cpp/cert/test/rules/DCL51-CPP/UseOfSingleUnderscoreReservedPrefix.expected @@ -1,5 +1,5 @@ -| test.cpp:26:5:26:6 | _X | Name $@ uses the reserved prefix '_'. | test.cpp:26:5:26:6 | _X | _X | -| test.cpp:27:5:27:6 | _x | Name $@ uses the reserved prefix '_'. | test.cpp:27:5:27:6 | _x | _x | -| test.cpp:31:5:31:6 | _X | Name $@ uses the reserved prefix '_'. | test.cpp:31:5:31:6 | _X | _X | -| test.cpp:35:1:35:3 | _i | Name $@ uses the reserved prefix '_'. | test.cpp:35:1:35:3 | _i | _i | +| test.cpp:28:5:28:6 | _X | Name $@ uses the reserved prefix '_'. | test.cpp:28:5:28:6 | _X | _X | +| test.cpp:29:5:29:6 | _x | Name $@ uses the reserved prefix '_'. | test.cpp:29:5:29:6 | _x | _x | +| test.cpp:33:5:33:6 | _X | Name $@ uses the reserved prefix '_'. | test.cpp:33:5:33:6 | _X | _X | +| test.cpp:37:1:37:3 | _i | Name $@ uses the reserved prefix '_'. | test.cpp:37:1:37:3 | _i | _i | | test.h:2:1:2:15 | #define _TEST_H | Name $@ uses the reserved prefix '_'. | test.h:2:1:2:15 | #define _TEST_H | _TEST_H | diff --git a/cpp/cert/test/rules/DCL51-CPP/test.cpp b/cpp/cert/test/rules/DCL51-CPP/test.cpp index e344681fd5..9248041b57 100644 --- a/cpp/cert/test/rules/DCL51-CPP/test.cpp +++ b/cpp/cert/test/rules/DCL51-CPP/test.cpp @@ -15,7 +15,9 @@ enum { // int NULL = 0; // NON_COMPLIANT, but not supported by compilers in practice -namespace ns { int tzname = 0; } // NON_COMPLIANT +namespace ns { +int tzname = 0; // NON_COMPLIANT +} void min() {} // NON_COMPLIANT From 70f9756d04d905ffe45a1cf18ac0ee132a744e88 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 16 Sep 2024 23:16:15 +0100 Subject: [PATCH 1953/2573] RULE-5-8: Only consider decls conflicting if in same link target --- ...IdentifiersWithExternalLinkageNotUnique.ql | 20 ++++++++++++++++++- .../2024-09-16-rule-5-8-consider-linkage.md | 2 ++ 2 files changed, 21 insertions(+), 1 deletion(-) create mode 100644 change_notes/2024-09-16-rule-5-8-consider-linkage.md diff --git a/c/misra/src/rules/RULE-5-8/IdentifiersWithExternalLinkageNotUnique.ql b/c/misra/src/rules/RULE-5-8/IdentifiersWithExternalLinkageNotUnique.ql index 7406f05f14..1b21dd273e 100644 --- a/c/misra/src/rules/RULE-5-8/IdentifiersWithExternalLinkageNotUnique.ql +++ b/c/misra/src/rules/RULE-5-8/IdentifiersWithExternalLinkageNotUnique.ql @@ -41,7 +41,25 @@ class NotUniqueExternalIdentifier extends ExternalIdentifiers { Declaration getAConflictingDeclaration() { not result = this and - isConflictingDeclaration(result, getName()) + isConflictingDeclaration(result, getName()) and + // We only consider a declaration to be conflicting if it shares a link target with the external + // identifier. This avoids reporting false positives where multiple binaries or libraries are + // built in the same CodeQL database, but are not intended to be linked together. + exists(LinkTarget lt | + // External declaration can only be a function or global variable + lt = this.(Function).getALinkTarget() or + lt = this.(GlobalVariable).getALinkTarget() + | + lt = result.(Function).getALinkTarget() + or + lt = result.(GlobalVariable).getALinkTarget() + or + exists(Class c | c.getAMember() = result and c.getALinkTarget() = lt) + or + result.(LocalVariable).getFunction().getALinkTarget() = lt + or + result.(Class).getALinkTarget() = lt + ) } } diff --git a/change_notes/2024-09-16-rule-5-8-consider-linkage.md b/change_notes/2024-09-16-rule-5-8-consider-linkage.md new file mode 100644 index 0000000000..2877d53f50 --- /dev/null +++ b/change_notes/2024-09-16-rule-5-8-consider-linkage.md @@ -0,0 +1,2 @@ + - `RULE-5-8` - `IdentifiersWithExternalLinkageNotUnique.ql` + - Remove false positives where conflicting declarations do not appear in the same link target. \ No newline at end of file From fb4e41896beb3ad77bb82d1cfd551cf0611eae73 Mon Sep 17 00:00:00 2001 From: Fernando Jose Date: Tue, 17 Sep 2024 07:19:25 +0900 Subject: [PATCH 1954/2573] Refactor get constexpr helper to public in unused variable qll and remove from ql. --- cpp/autosar/src/rules/M0-1-3/UnusedLocalVariable.ql | 6 ------ .../src/codingstandards/cpp/deadcode/UnusedVariables.qll | 2 +- 2 files changed, 1 insertion(+), 7 deletions(-) diff --git a/cpp/autosar/src/rules/M0-1-3/UnusedLocalVariable.ql b/cpp/autosar/src/rules/M0-1-3/UnusedLocalVariable.ql index 0387208514..e89e9ec135 100644 --- a/cpp/autosar/src/rules/M0-1-3/UnusedLocalVariable.ql +++ b/cpp/autosar/src/rules/M0-1-3/UnusedLocalVariable.ql @@ -18,12 +18,6 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.deadcode.UnusedVariables -/** Gets the constant value of a constexpr/const variable. */ -private string getConstExprValue(Variable v) { - result = v.getInitializer().getExpr().getValue() and - (v.isConst() or v.isConstexpr()) -} - // This predicate is similar to getUseCount for M0-1-4 except that it also // considers static_asserts. This was created to cater for M0-1-3 specifically // and hence, doesn't attempt to reuse the M0-1-4 specific predicate diff --git a/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll b/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll index 92fa3b497f..56d1e2b998 100644 --- a/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll +++ b/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll @@ -152,7 +152,7 @@ predicate maybeACompileTimeTemplateArgument(Variable v) { } /** Gets the constant value of a constexpr/const variable. */ -private string getConstExprValue(Variable v) { +string getConstExprValue(Variable v) { result = v.getInitializer().getExpr().getValue() and (v.isConst() or v.isConstexpr()) } From 3223bcd7c4a47e8b27f280a23b4835b7e2391ac4 Mon Sep 17 00:00:00 2001 From: Fernando Jose Date: Tue, 17 Sep 2024 11:36:27 +0900 Subject: [PATCH 1955/2573] Format ql and test. --- .../codingstandards/cpp/deadcode/UnusedVariables.qll | 10 ++++++---- cpp/common/test/rules/deadcode/DeadCode.expected | 2 +- cpp/common/test/rules/deadcode/test.cpp | 6 +++--- 3 files changed, 10 insertions(+), 8 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll b/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll index 56d1e2b998..912d2babcd 100644 --- a/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll +++ b/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll @@ -161,8 +161,10 @@ string getConstExprValue(Variable v) { * Counts uses of `Variable` v in a local array of size `n` */ int countUsesInLocalArraySize(Variable v) { - result = count(ArrayType at, LocalVariable arrayVariable | - arrayVariable.getType().resolveTypedefs() = at and - v.(PotentiallyUnusedLocalVariable).getFunction() = arrayVariable.getFunction() and - at.getArraySize().toString() = getConstExprValue(v)) + result = + count(ArrayType at, LocalVariable arrayVariable | + arrayVariable.getType().resolveTypedefs() = at and + v.(PotentiallyUnusedLocalVariable).getFunction() = arrayVariable.getFunction() and + at.getArraySize().toString() = getConstExprValue(v) + ) } diff --git a/cpp/common/test/rules/deadcode/DeadCode.expected b/cpp/common/test/rules/deadcode/DeadCode.expected index db68f5f8c4..aec93e0914 100644 --- a/cpp/common/test/rules/deadcode/DeadCode.expected +++ b/cpp/common/test/rules/deadcode/DeadCode.expected @@ -12,6 +12,6 @@ | test.cpp:72:3:73:3 | try { ... } | This statement is dead code. | | test.cpp:73:17:74:3 | { ... } | This statement is dead code. | | test.cpp:79:17:80:3 | { ... } | This statement is dead code. | -| test.cpp:85:3:85:44 | declaration | This statement is dead code. | +| test.cpp:85:3:85:43 | declaration | This statement is dead code. | | test.cpp:87:3:87:30 | declaration | This statement is dead code. | | test.cpp:90:3:90:50 | declaration | This statement is dead code. | diff --git a/cpp/common/test/rules/deadcode/test.cpp b/cpp/common/test/rules/deadcode/test.cpp index 597c06af43..d9c0cab277 100644 --- a/cpp/common/test/rules/deadcode/test.cpp +++ b/cpp/common/test/rules/deadcode/test.cpp @@ -81,12 +81,12 @@ int test_dead_code(int x) { static_assert(1); // COMPLIANT - constexpr int constexpr_array_size{6}; // COMPLIANT - int unused_array[constexpr_array_size] {}; // NON_COMPLIANT + constexpr int constexpr_array_size{6}; // COMPLIANT + int unused_array[constexpr_array_size]{}; // NON_COMPLIANT constexpr int unused_int{2}; // NON_COMPLIANT - constexpr int constexpr_used_array[]{3, 4, 5}; // COMPLIANT + constexpr int constexpr_used_array[]{3, 4, 5}; // COMPLIANT constexpr int constexpr_unused_array[]{0, 1, 2}; // NON_COMPLIANT return live5 + live6 + constexpr_used_array[1]; // COMPLIANT From 55cb51debc0f8ee5ed97351892ac6911f532e042 Mon Sep 17 00:00:00 2001 From: Fernando Jose Date: Tue, 17 Sep 2024 13:21:20 +0900 Subject: [PATCH 1956/2573] Add change note --- change_notes/2024-09-17-fix-fp-678-m0-1-9.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 change_notes/2024-09-17-fix-fp-678-m0-1-9.md diff --git a/change_notes/2024-09-17-fix-fp-678-m0-1-9.md b/change_notes/2024-09-17-fix-fp-678-m0-1-9.md new file mode 100644 index 0000000000..e068825f4c --- /dev/null +++ b/change_notes/2024-09-17-fix-fp-678-m0-1-9.md @@ -0,0 +1,2 @@ +- `M0-1-9` - `DeadCode.qll`: + - Fixes #678. Remove dead code false positive when integer constant expression is used to define the size of an array. From d22328b2baa2bce7ea1499876199153a867dce0b Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 17 Sep 2024 11:47:45 +0100 Subject: [PATCH 1957/2573] EssentialTypes: Add support for unary logical operations These should return essentially boolean type --- .../c/misra/EssentialTypes.qll | 4 +++ c/misra/test/c/misra/EssentialTypes.expected | 32 +++++++++++++++++++ c/misra/test/c/misra/test.c | 20 ++++++++++++ 3 files changed, 56 insertions(+) diff --git a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll index 7df233d2ab..d01bc81038 100644 --- a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll +++ b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll @@ -179,6 +179,10 @@ class EssentialBinaryLogicalOperationExpr extends EssentialExpr, BinaryLogicalOp override Type getEssentialType() { result instanceof BoolType } } +class EssentialUnaryLogicalOperationExpr extends EssentialExpr, UnaryLogicalOperation { + override Type getEssentialType() { result instanceof BoolType } +} + class EssentialEqualityOperationExpr extends EssentialExpr, EqualityOperation { override Type getEssentialType() { result instanceof BoolType } } diff --git a/c/misra/test/c/misra/EssentialTypes.expected b/c/misra/test/c/misra/EssentialTypes.expected index d9245311da..8b6b45a2f0 100644 --- a/c/misra/test/c/misra/EssentialTypes.expected +++ b/c/misra/test/c/misra/EssentialTypes.expected @@ -41,3 +41,35 @@ | test.c:32:3:32:3 | 1 | signed char | signed char | essentially Signed type | | test.c:33:3:33:4 | 1 | unsigned char | unsigned char | essentially Unsigned type | | test.c:34:3:34:5 | 1 | unsigned long | unsigned long | essentially Unsigned type | +| test.c:38:13:38:16 | 1 | bool | bool | essentially Boolean type | +| test.c:38:13:38:16 | (bool)... | bool | bool | essentially Boolean type | +| test.c:39:20:39:20 | 1 | signed char | signed char | essentially Signed type | +| test.c:39:20:39:20 | (unsigned int)... | unsigned int | unsigned int | essentially Unsigned type | +| test.c:40:23:40:23 | 1 | signed char | signed char | essentially Signed type | +| test.c:40:23:40:23 | (unsigned short)... | unsigned short | unsigned short | essentially Unsigned type | +| test.c:41:17:41:18 | 1 | signed char | signed char | essentially Signed type | +| test.c:42:21:42:21 | 1 | signed char | signed char | essentially Signed type | +| test.c:42:21:42:21 | (signed short)... | signed short | signed short | essentially Signed type | +| test.c:44:3:44:4 | ! ... | bool | bool | essentially Boolean type | +| test.c:44:4:44:4 | b | bool | bool | essentially Boolean type | +| test.c:45:3:45:4 | ! ... | bool | bool | essentially Boolean type | +| test.c:45:4:45:4 | u | unsigned int | unsigned int | essentially Unsigned type | +| test.c:46:3:46:5 | ! ... | bool | bool | essentially Boolean type | +| test.c:46:4:46:5 | us | unsigned short | unsigned short | essentially Unsigned type | +| test.c:47:3:47:4 | ! ... | bool | bool | essentially Boolean type | +| test.c:47:4:47:4 | s | signed int | signed int | essentially Signed type | +| test.c:48:3:48:5 | ! ... | bool | bool | essentially Boolean type | +| test.c:48:4:48:5 | ss | signed short | signed short | essentially Signed type | +| test.c:50:3:50:4 | ~ ... | int | int | essentially Signed type | +| test.c:50:4:50:4 | (int)... | int | int | essentially Signed type | +| test.c:50:4:50:4 | b | bool | bool | essentially Boolean type | +| test.c:51:3:51:4 | ~ ... | unsigned int | unsigned int | essentially Unsigned type | +| test.c:51:4:51:4 | u | unsigned int | unsigned int | essentially Unsigned type | +| test.c:52:3:52:5 | ~ ... | unsigned short | unsigned short | essentially Unsigned type | +| test.c:52:4:52:5 | (int)... | int | int | essentially Signed type | +| test.c:52:4:52:5 | us | unsigned short | unsigned short | essentially Unsigned type | +| test.c:53:3:53:4 | ~ ... | signed int | signed int | essentially Signed type | +| test.c:53:4:53:4 | s | signed int | signed int | essentially Signed type | +| test.c:54:3:54:5 | ~ ... | int | int | essentially Signed type | +| test.c:54:4:54:5 | (int)... | int | int | essentially Signed type | +| test.c:54:4:54:5 | ss | signed short | signed short | essentially Signed type | diff --git a/c/misra/test/c/misra/test.c b/c/misra/test/c/misra/test.c index d7064c4c12..6156e9440e 100644 --- a/c/misra/test/c/misra/test.c +++ b/c/misra/test/c/misra/test.c @@ -32,4 +32,24 @@ void testConstants() { 1; // Essentially signed char 1U; // Essentially unsigned char 1UL; // Essentially unsigned long +} + +void testUnary() { + _Bool b = true; + unsigned int u = 1; + unsigned short us = 1; + signed int s = 1; + signed short ss = 1; + + !b; // Should be boolean + !u; // Should be boolean + !us; // Should be boolean + !s; // Should be boolean + !ss; // Should be boolean + + ~b; // Should be essentially signed + ~u; // Should be essentially unsigned + ~us; // Should be essentially unsigned + ~s; // Should be essentially signed + ~ss; // Should be essentially signed } \ No newline at end of file From 06866d869a628070bf40c7cbc15746c19042cbf8 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 17 Sep 2024 11:50:29 +0100 Subject: [PATCH 1958/2573] Rule 10.1: Handle ~, improve output - Add support for the ~ operator. - Report the operand, not the operator - Fix typo in one message --- .../OperandsOfAnInappropriateEssentialType.ql | 7 +- ...ndsOfAnInappropriateEssentialType.expected | 378 +++++++++--------- 2 files changed, 195 insertions(+), 190 deletions(-) diff --git a/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql b/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql index 6fdde80119..5c39f89003 100644 --- a/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql +++ b/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql @@ -178,7 +178,8 @@ predicate isInappropriateEssentialType( child = [ operator.(BinaryBitwiseOperation).getAnOperand(), - operator.(Bitwise::AssignBitwiseOperation).getAnOperand() + operator.(Bitwise::AssignBitwiseOperation).getAnOperand(), + operator.(ComplementExpr).getAnOperand() ] and not operator instanceof LShiftExpr and not operator instanceof RShiftExpr and @@ -240,7 +241,7 @@ string getRationaleMessage(int rationaleId, EssentialTypeCategory etc) { result = "Bitwise operator applied to operand of " + etc + " and not essentially unsigned." or rationaleId = 7 and - result = "Right hand operatand of shift operator is " + etc + " and not not essentially unsigned." + result = "Right hand operand of shift operator is " + etc + " and not not essentially unsigned." or rationaleId = 8 and result = @@ -251,4 +252,4 @@ from Expr operator, Expr child, int rationaleId, EssentialTypeCategory etc where not isExcluded(operator, EssentialTypesPackage::operandsOfAnInappropriateEssentialTypeQuery()) and isInappropriateEssentialType(operator, child, etc, rationaleId) -select operator, getRationaleMessage(rationaleId, etc) +select child, getRationaleMessage(rationaleId, etc) diff --git a/c/misra/test/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.expected b/c/misra/test/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.expected index b04a4ee4aa..8d1b1d8d1b 100644 --- a/c/misra/test/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.expected +++ b/c/misra/test/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.expected @@ -1,187 +1,191 @@ -| test.c:13:3:13:6 | access to array | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:14:3:14:6 | access to array | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:20:3:20:4 | + ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:21:3:21:4 | + ... | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:22:3:22:5 | + ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:27:3:27:4 | - ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:28:3:28:4 | - ... | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:29:3:29:5 | - ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:31:3:31:4 | - ... | Operand of essentially Unsigned type will be converted to a signed type with the signedness dependent on the implemented size of int. | -| test.c:34:3:34:7 | ... + ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:36:3:36:8 | ... + ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:41:3:41:7 | ... - ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:43:3:43:8 | ... - ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:48:3:48:7 | ... + ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:50:3:50:8 | ... + ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:55:3:55:7 | ... - ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:57:3:57:8 | ... - ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:62:3:62:5 | ... ++ | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:64:3:64:6 | ... ++ | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:69:3:69:5 | ... -- | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:71:3:71:6 | ... -- | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:76:3:76:5 | ++ ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:78:3:78:6 | ++ ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:83:3:83:5 | -- ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:85:3:85:6 | -- ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:90:3:90:7 | ... * ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:91:3:91:7 | ... * ... | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:92:3:92:8 | ... * ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:97:3:97:7 | ... / ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:98:3:98:7 | ... / ... | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:99:3:99:8 | ... / ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:104:3:104:7 | ... * ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:105:3:105:7 | ... * ... | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:106:3:106:8 | ... * ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:111:3:111:7 | ... / ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:112:3:112:7 | ... / ... | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:113:3:113:8 | ... / ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:118:3:118:7 | ... % ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:119:3:119:7 | ... % ... | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:120:3:120:8 | ... % ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:125:3:125:7 | ... % ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:126:3:126:7 | ... % ... | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:127:3:127:8 | ... % ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:132:3:132:7 | ... < ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:139:3:139:7 | ... > ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:146:3:146:8 | ... <= ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:153:3:153:8 | ... >= ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:160:3:160:7 | ... < ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:167:3:167:7 | ... > ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:174:3:174:8 | ... <= ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:181:3:181:8 | ... >= ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:217:3:217:4 | ! ... | Operand of essentially Character type type interpreted as a Boolean value. | -| test.c:218:3:218:5 | ! ... | Operand of essentially Enum Type type interpreted as a Boolean value. | -| test.c:219:3:219:4 | ! ... | Operand of essentially Signed type type interpreted as a Boolean value. | -| test.c:220:3:220:4 | ! ... | Operand of essentially Unsigned type type interpreted as a Boolean value. | -| test.c:221:3:221:4 | ! ... | Operand of essentially Floating type type interpreted as a Boolean value. | -| test.c:224:3:224:11 | ... && ... | Operand of essentially Character type type interpreted as a Boolean value. | -| test.c:225:3:225:12 | ... && ... | Operand of essentially Enum Type type interpreted as a Boolean value. | -| test.c:226:3:226:11 | ... && ... | Operand of essentially Signed type type interpreted as a Boolean value. | -| test.c:227:3:227:11 | ... && ... | Operand of essentially Unsigned type type interpreted as a Boolean value. | -| test.c:228:3:228:11 | ... && ... | Operand of essentially Floating type type interpreted as a Boolean value. | -| test.c:231:3:231:12 | ... \|\| ... | Operand of essentially Character type type interpreted as a Boolean value. | -| test.c:232:3:232:13 | ... \|\| ... | Operand of essentially Enum Type type interpreted as a Boolean value. | -| test.c:233:3:233:12 | ... \|\| ... | Operand of essentially Signed type type interpreted as a Boolean value. | -| test.c:234:3:234:12 | ... \|\| ... | Operand of essentially Unsigned type type interpreted as a Boolean value. | -| test.c:235:3:235:12 | ... \|\| ... | Operand of essentially Floating type type interpreted as a Boolean value. | -| test.c:238:3:238:11 | ... && ... | Operand of essentially Character type type interpreted as a Boolean value. | -| test.c:239:3:239:12 | ... && ... | Operand of essentially Enum Type type interpreted as a Boolean value. | -| test.c:240:3:240:11 | ... && ... | Operand of essentially Signed type type interpreted as a Boolean value. | -| test.c:241:3:241:11 | ... && ... | Operand of essentially Unsigned type type interpreted as a Boolean value. | -| test.c:242:3:242:11 | ... && ... | Operand of essentially Floating type type interpreted as a Boolean value. | -| test.c:245:3:245:12 | ... \|\| ... | Operand of essentially Character type type interpreted as a Boolean value. | -| test.c:246:3:246:13 | ... \|\| ... | Operand of essentially Enum Type type interpreted as a Boolean value. | -| test.c:247:3:247:12 | ... \|\| ... | Operand of essentially Signed type type interpreted as a Boolean value. | -| test.c:248:3:248:12 | ... \|\| ... | Operand of essentially Unsigned type type interpreted as a Boolean value. | -| test.c:249:3:249:12 | ... \|\| ... | Operand of essentially Floating type type interpreted as a Boolean value. | -| test.c:251:3:251:8 | ... << ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:252:3:252:8 | ... << ... | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:253:3:253:9 | ... << ... | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | -| test.c:254:3:254:8 | ... << ... | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | -| test.c:258:3:258:8 | ... >> ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:259:3:259:8 | ... >> ... | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:260:3:260:9 | ... >> ... | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | -| test.c:261:3:261:8 | ... >> ... | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | -| test.c:265:3:265:8 | ... << ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:266:3:266:8 | ... << ... | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:267:3:267:9 | ... << ... | Right hand operatand of shift operator is essentially Enum Type and not not essentially unsigned. | -| test.c:268:3:268:8 | ... << ... | Right hand operatand of shift operator is essentially Signed type and not not essentially unsigned. | -| test.c:272:3:272:8 | ... >> ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:273:3:273:8 | ... >> ... | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:274:3:274:9 | ... >> ... | Right hand operatand of shift operator is essentially Enum Type and not not essentially unsigned. | -| test.c:275:3:275:8 | ... >> ... | Right hand operatand of shift operator is essentially Signed type and not not essentially unsigned. | -| test.c:279:3:279:6 | ... & ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:280:3:280:6 | ... & ... | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:281:3:281:7 | ... & ... | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | -| test.c:282:3:282:6 | ... & ... | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | -| test.c:286:3:286:7 | ... \| ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:287:3:287:7 | ... \| ... | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:288:3:288:8 | ... \| ... | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | -| test.c:289:3:289:7 | ... \| ... | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | -| test.c:293:3:293:7 | ... ^ ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:294:3:294:7 | ... ^ ... | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:295:3:295:8 | ... ^ ... | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | -| test.c:296:3:296:7 | ... ^ ... | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | -| test.c:300:3:300:6 | ... & ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:301:3:301:6 | ... & ... | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:302:3:302:7 | ... & ... | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | -| test.c:303:3:303:6 | ... & ... | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | -| test.c:307:3:307:7 | ... \| ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:308:3:308:7 | ... \| ... | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:309:3:309:8 | ... \| ... | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | -| test.c:310:3:310:7 | ... \| ... | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | -| test.c:314:3:314:7 | ... ^ ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:315:3:315:7 | ... ^ ... | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:316:3:316:8 | ... ^ ... | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | -| test.c:317:3:317:7 | ... ^ ... | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | -| test.c:329:3:329:11 | ... ? ... : ... | Operand of essentially Character type type interpreted as a Boolean value. | -| test.c:330:3:330:12 | ... ? ... : ... | Operand of essentially Enum Type type interpreted as a Boolean value. | -| test.c:331:3:331:11 | ... ? ... : ... | Operand of essentially Signed type type interpreted as a Boolean value. | -| test.c:332:3:332:11 | ... ? ... : ... | Operand of essentially Unsigned type type interpreted as a Boolean value. | -| test.c:333:3:333:11 | ... ? ... : ... | Operand of essentially Floating type type interpreted as a Boolean value. | -| test.c:342:3:342:8 | ... += ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:344:3:344:9 | ... += ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:349:3:349:8 | ... -= ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:351:3:351:9 | ... -= ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:356:3:356:8 | ... += ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:358:3:358:9 | ... += ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:363:3:363:8 | ... -= ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:365:3:365:9 | ... -= ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:370:3:370:8 | ... *= ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:371:3:371:8 | ... *= ... | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:372:3:372:9 | ... *= ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:377:3:377:8 | ... /= ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:378:3:378:8 | ... /= ... | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:379:3:379:9 | ... /= ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:384:3:384:8 | ... *= ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:385:3:385:8 | ... *= ... | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:386:3:386:9 | ... *= ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:391:3:391:8 | ... /= ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:392:3:392:8 | ... /= ... | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:393:3:393:9 | ... /= ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:398:3:398:8 | ... %= ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:399:3:399:8 | ... %= ... | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:400:3:400:9 | ... %= ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:405:3:405:8 | ... %= ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:406:3:406:8 | ... %= ... | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:407:3:407:9 | ... %= ... | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:412:3:412:9 | ... <<= ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:413:3:413:9 | ... <<= ... | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:414:3:414:10 | ... <<= ... | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | -| test.c:415:3:415:9 | ... <<= ... | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | -| test.c:419:3:419:9 | ... >>= ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:420:3:420:9 | ... >>= ... | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:421:3:421:10 | ... >>= ... | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | -| test.c:422:3:422:9 | ... >>= ... | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | -| test.c:426:3:426:9 | ... <<= ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:427:3:427:9 | ... <<= ... | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:428:3:428:10 | ... <<= ... | Right hand operatand of shift operator is essentially Enum Type and not not essentially unsigned. | -| test.c:429:3:429:9 | ... <<= ... | Right hand operatand of shift operator is essentially Signed type and not not essentially unsigned. | -| test.c:433:3:433:9 | ... >>= ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:434:3:434:9 | ... >>= ... | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:435:3:435:10 | ... >>= ... | Right hand operatand of shift operator is essentially Enum Type and not not essentially unsigned. | -| test.c:436:3:436:9 | ... >>= ... | Right hand operatand of shift operator is essentially Signed type and not not essentially unsigned. | -| test.c:440:3:440:8 | ... &= ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:441:3:441:8 | ... &= ... | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:442:3:442:9 | ... &= ... | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | -| test.c:443:3:443:8 | ... &= ... | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | -| test.c:447:3:447:8 | ... ^= ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:448:3:448:8 | ... ^= ... | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:449:3:449:9 | ... ^= ... | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | -| test.c:450:3:450:8 | ... ^= ... | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | -| test.c:454:3:454:8 | ... \|= ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:455:3:455:8 | ... \|= ... | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:456:3:456:9 | ... \|= ... | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | -| test.c:457:3:457:8 | ... \|= ... | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | -| test.c:461:3:461:8 | ... &= ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:462:3:462:8 | ... &= ... | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:463:3:463:9 | ... &= ... | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | -| test.c:464:3:464:8 | ... &= ... | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | -| test.c:468:3:468:8 | ... ^= ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:469:3:469:8 | ... ^= ... | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:470:3:470:9 | ... ^= ... | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | -| test.c:471:3:471:8 | ... ^= ... | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | -| test.c:475:3:475:8 | ... \|= ... | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:476:3:476:8 | ... \|= ... | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:477:3:477:9 | ... \|= ... | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | -| test.c:478:3:478:8 | ... \|= ... | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:13:5:13:5 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:14:5:14:5 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:20:4:20:4 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:21:4:21:4 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:22:4:22:5 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:27:4:27:4 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:28:4:28:4 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:29:4:29:5 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:31:4:31:4 | u | Operand of essentially Unsigned type will be converted to a signed type with the signedness dependent on the implemented size of int. | +| test.c:34:7:34:7 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:36:7:36:8 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:41:7:41:7 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:43:7:43:8 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:48:3:48:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:50:3:50:4 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:55:3:55:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:57:3:57:4 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:62:3:62:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:64:3:64:4 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:69:3:69:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:71:3:71:4 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:76:5:76:5 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:78:5:78:6 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:83:5:83:5 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:85:5:85:6 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:90:7:90:7 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:91:7:91:7 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:92:7:92:8 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:97:7:97:7 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:98:7:98:7 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:99:7:99:8 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:104:3:104:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:105:3:105:3 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:106:3:106:4 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:111:3:111:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:112:3:112:3 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:113:3:113:4 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:118:3:118:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:119:3:119:3 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:120:3:120:4 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:125:7:125:7 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:126:7:126:7 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:127:7:127:8 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:132:7:132:7 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:139:7:139:7 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:146:8:146:8 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:153:8:153:8 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:160:3:160:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:167:3:167:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:174:3:174:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:181:3:181:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:217:4:217:4 | c | Operand of essentially Character type type interpreted as a Boolean value. | +| test.c:218:4:218:5 | e1 | Operand of essentially Enum Type type interpreted as a Boolean value. | +| test.c:219:4:219:4 | s | Operand of essentially Signed type type interpreted as a Boolean value. | +| test.c:220:4:220:4 | u | Operand of essentially Unsigned type type interpreted as a Boolean value. | +| test.c:221:4:221:4 | f | Operand of essentially Floating type type interpreted as a Boolean value. | +| test.c:224:3:224:3 | c | Operand of essentially Character type type interpreted as a Boolean value. | +| test.c:225:3:225:4 | e1 | Operand of essentially Enum Type type interpreted as a Boolean value. | +| test.c:226:3:226:3 | s | Operand of essentially Signed type type interpreted as a Boolean value. | +| test.c:227:3:227:3 | u | Operand of essentially Unsigned type type interpreted as a Boolean value. | +| test.c:228:3:228:3 | f | Operand of essentially Floating type type interpreted as a Boolean value. | +| test.c:231:3:231:3 | c | Operand of essentially Character type type interpreted as a Boolean value. | +| test.c:232:3:232:4 | e1 | Operand of essentially Enum Type type interpreted as a Boolean value. | +| test.c:233:3:233:3 | s | Operand of essentially Signed type type interpreted as a Boolean value. | +| test.c:234:3:234:3 | u | Operand of essentially Unsigned type type interpreted as a Boolean value. | +| test.c:235:3:235:3 | f | Operand of essentially Floating type type interpreted as a Boolean value. | +| test.c:238:11:238:11 | c | Operand of essentially Character type type interpreted as a Boolean value. | +| test.c:239:11:239:12 | e1 | Operand of essentially Enum Type type interpreted as a Boolean value. | +| test.c:240:11:240:11 | s | Operand of essentially Signed type type interpreted as a Boolean value. | +| test.c:241:11:241:11 | u | Operand of essentially Unsigned type type interpreted as a Boolean value. | +| test.c:242:11:242:11 | f | Operand of essentially Floating type type interpreted as a Boolean value. | +| test.c:245:12:245:12 | c | Operand of essentially Character type type interpreted as a Boolean value. | +| test.c:246:12:246:13 | e1 | Operand of essentially Enum Type type interpreted as a Boolean value. | +| test.c:247:12:247:12 | s | Operand of essentially Signed type type interpreted as a Boolean value. | +| test.c:248:12:248:12 | u | Operand of essentially Unsigned type type interpreted as a Boolean value. | +| test.c:249:12:249:12 | f | Operand of essentially Floating type type interpreted as a Boolean value. | +| test.c:251:3:251:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:252:3:252:3 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:253:3:253:4 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:254:3:254:3 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:258:3:258:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:259:3:259:3 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:260:3:260:4 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:261:3:261:3 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:265:8:265:8 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:266:8:266:8 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:267:8:267:9 | e1 | Right hand operand of shift operator is essentially Enum Type and not not essentially unsigned. | +| test.c:268:8:268:8 | s | Right hand operand of shift operator is essentially Signed type and not not essentially unsigned. | +| test.c:272:8:272:8 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:273:8:273:8 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:274:8:274:9 | e1 | Right hand operand of shift operator is essentially Enum Type and not not essentially unsigned. | +| test.c:275:8:275:8 | s | Right hand operand of shift operator is essentially Signed type and not not essentially unsigned. | +| test.c:279:3:279:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:280:3:280:3 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:281:3:281:4 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:282:3:282:3 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:286:3:286:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:287:3:287:3 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:288:3:288:4 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:289:3:289:3 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:293:3:293:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:294:3:294:3 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:295:3:295:4 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:296:3:296:3 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:300:6:300:6 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:301:6:301:6 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:302:6:302:7 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:303:6:303:6 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:307:7:307:7 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:308:7:308:7 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:309:7:309:8 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:310:7:310:7 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:314:7:314:7 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:315:7:315:7 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:316:7:316:8 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:317:7:317:7 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:321:4:321:4 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:322:4:322:4 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:323:4:323:5 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:324:4:324:4 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:329:3:329:3 | c | Operand of essentially Character type type interpreted as a Boolean value. | +| test.c:330:3:330:4 | e1 | Operand of essentially Enum Type type interpreted as a Boolean value. | +| test.c:331:3:331:3 | s | Operand of essentially Signed type type interpreted as a Boolean value. | +| test.c:332:3:332:3 | u | Operand of essentially Unsigned type type interpreted as a Boolean value. | +| test.c:333:3:333:3 | f | Operand of essentially Floating type type interpreted as a Boolean value. | +| test.c:342:3:342:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:344:3:344:4 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:349:3:349:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:351:3:351:4 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:356:8:356:8 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:358:8:358:9 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:363:8:363:8 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:365:8:365:9 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:370:3:370:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:371:3:371:3 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:372:3:372:4 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:377:3:377:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:378:3:378:3 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:379:3:379:4 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:384:8:384:8 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:385:8:385:8 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:386:8:386:9 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:391:8:391:8 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:392:8:392:8 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:393:8:393:9 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:398:3:398:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:399:3:399:3 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:400:3:400:4 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:405:8:405:8 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:406:8:406:8 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:407:8:407:9 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:412:3:412:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:413:3:413:3 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:414:3:414:4 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:415:3:415:3 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:419:3:419:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:420:3:420:3 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:421:3:421:4 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:422:3:422:3 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:426:9:426:9 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:427:9:427:9 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:428:9:428:10 | e1 | Right hand operand of shift operator is essentially Enum Type and not not essentially unsigned. | +| test.c:429:9:429:9 | s | Right hand operand of shift operator is essentially Signed type and not not essentially unsigned. | +| test.c:433:9:433:9 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:434:9:434:9 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:435:9:435:10 | e1 | Right hand operand of shift operator is essentially Enum Type and not not essentially unsigned. | +| test.c:436:9:436:9 | s | Right hand operand of shift operator is essentially Signed type and not not essentially unsigned. | +| test.c:440:3:440:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:441:3:441:3 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:442:3:442:4 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:443:3:443:3 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:447:3:447:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:448:3:448:3 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:449:3:449:4 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:450:3:450:3 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:454:3:454:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:455:3:455:3 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:456:3:456:4 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:457:3:457:3 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:461:8:461:8 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:462:8:462:8 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:463:8:463:9 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:464:8:464:8 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:468:8:468:8 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:469:8:469:8 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:470:8:470:9 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:471:8:471:8 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:475:8:475:8 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:476:8:476:8 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:477:8:477:9 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:478:8:478:8 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | From 1a1acdbd8eb7ea32bfbaa16eaee8cfafa8d383e4 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 17 Sep 2024 11:53:05 +0100 Subject: [PATCH 1959/2573] Add change note --- change_notes/2024-09-17-essential-types-unary.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 change_notes/2024-09-17-essential-types-unary.md diff --git a/change_notes/2024-09-17-essential-types-unary.md b/change_notes/2024-09-17-essential-types-unary.md new file mode 100644 index 0000000000..401f59a9a6 --- /dev/null +++ b/change_notes/2024-09-17-essential-types-unary.md @@ -0,0 +1,4 @@ + - `RULE-10-1` - `OperandsOfAnInappropriateEssentialType.ql` + - Reduce false negatives by supporting operands to the `~` operator with the incorrect essential type. + - Reduce false positives by identifying the essential type of `!` as essentially boolean type. + - Improve clarity reporting by reporting the violating operand, instead of the operator, and addressing message typos. \ No newline at end of file From 401568f32d0f34acad08f6f786a3949ecea1daff Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Mon, 16 Sep 2024 15:18:40 -0700 Subject: [PATCH 1960/2573] Fix gcc expected test output for M18-2-1, using macro offsetof --- .../test/rules/macrooffsetofused/MacroOffsetofUsed.expected.gcc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/common/test/rules/macrooffsetofused/MacroOffsetofUsed.expected.gcc b/cpp/common/test/rules/macrooffsetofused/MacroOffsetofUsed.expected.gcc index f09fafd410..87bf6e1b01 100644 --- a/cpp/common/test/rules/macrooffsetofused/MacroOffsetofUsed.expected.gcc +++ b/cpp/common/test/rules/macrooffsetofused/MacroOffsetofUsed.expected.gcc @@ -1 +1 @@ -| test.cpp:9:32:9:51 | offsetof(__typ,__id) | Use of banned macro offsetof. | +| test.cpp:9:32:9:51 | offsetof(TYPE,MEMBER) | Use of banned macro offsetof. | From 19834830d68c3d08ea07fe2b5fe1ebc2964be337 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 17 Sep 2024 22:39:28 +0100 Subject: [PATCH 1961/2573] Rule 8.3: Remove false positives for decls that don't share a link target --- .../DeclarationsOfAnObjectSameNameAndType.ql | 12 ++++++++++++ change_notes/2024-09-17-rule-8-3-linker-aware.md | 2 ++ 2 files changed, 14 insertions(+) create mode 100644 change_notes/2024-09-17-rule-8-3-linker-aware.md diff --git a/c/misra/src/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.ql b/c/misra/src/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.ql index dfd9d622e9..d68382503a 100644 --- a/c/misra/src/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.ql +++ b/c/misra/src/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.ql @@ -21,7 +21,19 @@ where not isExcluded(decl2, Declarations4Package::declarationsOfAnObjectSameNameAndTypeQuery()) and not decl1 = decl2 and not decl1.getVariable().getDeclaringType().isAnonymous() and + // Declarations are for the same qualified name + // Note: decl1.getVariable() = decl2.getVariable() does not work for common cases where an aliased + // type is used. decl1.getVariable().getQualifiedName() = decl2.getVariable().getQualifiedName() and + // As we use qualified name, require that they share a common link target to ensure they are + // for the same object + ( + decl1.getVariable().(GlobalVariable).getALinkTarget() = + decl2.getVariable().(GlobalVariable).getALinkTarget() + or + decl1.getVariable().(Field).getDeclaringType().(Class).getALinkTarget() = + decl2.getVariable().(Field).getDeclaringType().(Class).getALinkTarget() + ) and not typesCompatible(decl1.getType(), decl2.getType()) select decl1, "The object $@ of type " + decl1.getType().toString() + diff --git a/change_notes/2024-09-17-rule-8-3-linker-aware.md b/change_notes/2024-09-17-rule-8-3-linker-aware.md new file mode 100644 index 0000000000..3e48bb1228 --- /dev/null +++ b/change_notes/2024-09-17-rule-8-3-linker-aware.md @@ -0,0 +1,2 @@ + - `RULE-8-3` - `DeclarationsOfAnObjectSameNameAndType.ql` + - Remove false positives where two conflicting declarations are never linked together. \ No newline at end of file From 234bc05d5fdb566f3beda08adc924b97089f48d1 Mon Sep 17 00:00:00 2001 From: Fernando Jose Date: Wed, 18 Sep 2024 09:29:44 +0900 Subject: [PATCH 1962/2573] Fix query formatting (remove parentheses around not's argument). --- cpp/common/src/codingstandards/cpp/rules/deadcode/DeadCode.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/deadcode/DeadCode.qll b/cpp/common/src/codingstandards/cpp/rules/deadcode/DeadCode.qll index 1cf4989680..2b5be15e80 100644 --- a/cpp/common/src/codingstandards/cpp/rules/deadcode/DeadCode.qll +++ b/cpp/common/src/codingstandards/cpp/rules/deadcode/DeadCode.qll @@ -53,7 +53,7 @@ predicate isDeadStmt(Stmt s) { va.getTarget() = v and not isDeadOrUnreachableStmt(va.getEnclosingStmt()) ) and - not (countUsesInLocalArraySize(v) > 0) + not countUsesInLocalArraySize(v) > 0 ) ) ) From a6409e47d384c44019d780bb6ca683b5fed6ec8f Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 18 Sep 2024 22:52:51 +0100 Subject: [PATCH 1963/2573] Rule 1.2: Report specific extensions used Distinguish between the different types of extensions. --- c/common/src/codingstandards/c/Extensions.qll | 89 ++++++++++++--- .../LanguageExtensionsShouldNotBeUsed.ql | 2 +- ...LanguageExtensionsShouldNotBeUsed.expected | 102 +++++++++--------- 3 files changed, 129 insertions(+), 64 deletions(-) diff --git a/c/common/src/codingstandards/c/Extensions.qll b/c/common/src/codingstandards/c/Extensions.qll index 018359586e..a30f1ec45b 100644 --- a/c/common/src/codingstandards/c/Extensions.qll +++ b/c/common/src/codingstandards/c/Extensions.qll @@ -4,21 +4,28 @@ import codingstandards.cpp.Extensions /** * Common base class for modeling compiler extensions. */ -abstract class CCompilerExtension extends CompilerExtension { } +abstract class CCompilerExtension extends CompilerExtension { + abstract string getMessage(); +} // Reference: https://gcc.gnu.org/onlinedocs/gcc/Other-Builtins.html#Other-Builtins abstract class CConditionalDefineExtension extends CCompilerExtension, PreprocessorIfdef { + string feature; + CConditionalDefineExtension() { - exists(toString().indexOf("__has_builtin")) or - exists(toString().indexOf("__has_constexpr_builtin")) or - exists(toString().indexOf("__has_feature")) or - exists(toString().indexOf("__has_extension")) or - exists(toString().indexOf("__has_attribute")) or - exists(toString().indexOf("__has_declspec_attribute")) or - exists(toString().indexOf("__is_identifier")) or - exists(toString().indexOf("__has_include")) or - exists(toString().indexOf("__has_include_next")) or - exists(toString().indexOf("__has_warning")) + feature = + [ + "__has_builtin", "__has_constexpr_builtin", "__has_feature", "__has_extension", + "__has_attribute", "__has_declspec_attribute", "__is_identifier", "__has_include", + "__has_include_next", "__has_warning" + ] and + exists(toString().indexOf(feature)) + } + + override string getMessage() { + result = + "Call to builtin function '" + feature + + "' is a compiler extension and is not portable to other compilers." } } @@ -31,6 +38,12 @@ class CMacroBasedExtension extends CCompilerExtension, Macro { "__clang_version__", "__clang_literal_encoding__", "__clang_wide_literal_encoding__" ] } + + override string getMessage() { + result = + "Use of builtin macro '" + getBody() + + "' is a compiler extension and is not portable to other compilers." + } } // Reference: https://gcc.gnu.org/onlinedocs/gcc/Variable-Attributes.html#Variable-Attributes @@ -41,6 +54,12 @@ class CAttributeExtension extends CCompilerExtension, Attribute { "fallthrough", "read_only", "alias" ] } + + override string getMessage() { + result = + "Use of attribute '" + getName() + + "' is a compiler extension and is not portable to other compilers." + } } // Reference: https://gcc.gnu.org/onlinedocs/gcc/_005f_005fsync-Builtins.html#g_t_005f_005fsync-Builtins @@ -61,21 +80,41 @@ class CFunctionExtension extends CCompilerExtension, FunctionCall { // the built-in extensions getTarget().getName().indexOf("__builtin_") = 0 } + + override string getMessage() { + result = + "Call to builtin function '" + getTarget().getName() + + "' is a compiler extension and is not portable to other compilers." + } } // Reference: https://gcc.gnu.org/onlinedocs/gcc/Alignment.html#Alignment class CFunctionLikeExtension extends CCompilerExtension, AlignofExprOperator { CFunctionLikeExtension() { exists(getValueText().indexOf("__alignof__")) } + + override string getMessage() { + result = "'__alignof__' is a compiler extension and is not portable to other compilers." + } } // Reference: https://gcc.gnu.org/onlinedocs/gcc/Statement-Exprs.html#Statement-Exprs -class CStmtExprExtension extends CCompilerExtension, StmtExpr { } +class CStmtExprExtension extends CCompilerExtension, StmtExpr { + override string getMessage() { + result = + "Statement expressions are a compiler extension and are not portable to other compilers." + } +} // Use of ternary like the following: `int a = 0 ?: 0;` where the // one of the branches is omitted // Reference: https://gcc.gnu.org/onlinedocs/gcc/Conditionals.html#Conditionals class CTerseTernaryExtension extends CCompilerExtension, ConditionalExpr { CTerseTernaryExtension() { getCondition() = getElse() or getCondition() = getThen() } + + override string getMessage() { + result = + "Ternaries with omitted middle operands are a compiler extension and is not portable to other compilers." + } } // Reference: https://gcc.gnu.org/onlinedocs/gcc/_005f_005fint128.html#g_t_005f_005fint128 @@ -87,25 +126,46 @@ class CRealTypeExtensionExtension extends CCompilerExtension, DeclarationEntry { getType() instanceof Decimal64Type or getType() instanceof Float128Type } + + override string getMessage() { + result = "Decimal floats are a compiler extension and are not portable to other compilers." + } } // Reference: https://gcc.gnu.org/onlinedocs/gcc/_005f_005fint128.html#g_t_005f_005fint128 class CIntegerTypeExtension extends CCompilerExtension, DeclarationEntry { CIntegerTypeExtension() { getType() instanceof Int128Type } + + override string getMessage() { + result = "128-bit integers are a compiler extension and are not portable to other compilers." + } } // Reference: https://gcc.gnu.org/onlinedocs/gcc/Long-Long.html#Long-Long class CLongLongType extends CCompilerExtension, DeclarationEntry { CLongLongType() { getType() instanceof LongLongType } + + override string getMessage() { + result = + "Double-Word integers are a compiler extension and are not portable to other compilers." + } } class CZeroLengthArraysExtension extends CCompilerExtension, DeclarationEntry { CZeroLengthArraysExtension() { getType().(ArrayType).getArraySize() = 0 } + + override string getMessage() { + result = "Zero length arrays are a compiler extension and are not portable to other compilers." + } } // Reference: https://gcc.gnu.org/onlinedocs/gcc/Empty-Structures.html#Empty-Structures class CEmptyStructExtension extends CCompilerExtension, Struct { CEmptyStructExtension() { not exists(getAMember(_)) } + + override string getMessage() { + result = "Empty structures are a compiler extension and are not portable to other compilers." + } } // Reference: https://gcc.gnu.org/onlinedocs/gcc/Variable-Length.html#Variable-Length @@ -114,4 +174,9 @@ class CVariableLengthArraysExtension extends CCompilerExtension, DeclarationEntr getType() instanceof ArrayType and not getType().(ArrayType).hasArraySize() } + + override string getMessage() { + result = + "Variable length arrays are a compiler extension and are not portable to other compilers." + } } diff --git a/c/misra/src/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql b/c/misra/src/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql index f38e41a1b6..00a364a87e 100644 --- a/c/misra/src/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql +++ b/c/misra/src/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql @@ -17,4 +17,4 @@ import codingstandards.c.Extensions from CCompilerExtension e where not isExcluded(e, Language3Package::languageExtensionsShouldNotBeUsedQuery()) -select e, "Is a compiler extension and is not portable to other compilers." +select e, e.getMessage() diff --git a/c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.expected b/c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.expected index f9f034c980..d13141d7ac 100644 --- a/c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.expected +++ b/c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.expected @@ -1,51 +1,51 @@ -| test.c:34:1:34:23 | #define A __BASE_FILE__ | Is a compiler extension and is not portable to other compilers. | -| test.c:35:1:35:23 | #define B __FILE_NAME__ | Is a compiler extension and is not portable to other compilers. | -| test.c:36:1:36:21 | #define C __COUNTER__ | Is a compiler extension and is not portable to other compilers. | -| test.c:37:1:37:27 | #define D __INCLUDE_LEVEL__ | Is a compiler extension and is not portable to other compilers. | -| test.c:39:1:39:19 | #define F __clang__ | Is a compiler extension and is not portable to other compilers. | -| test.c:40:1:40:25 | #define G __clang_major__ | Is a compiler extension and is not portable to other compilers. | -| test.c:41:1:41:25 | #define H __clang_minor__ | Is a compiler extension and is not portable to other compilers. | -| test.c:42:1:42:30 | #define I __clang_patchlevel__ | Is a compiler extension and is not portable to other compilers. | -| test.c:43:1:43:27 | #define J __clang_version__ | Is a compiler extension and is not portable to other compilers. | -| test.c:44:1:44:36 | #define K __clang_literal_encoding__ | Is a compiler extension and is not portable to other compilers. | -| test.c:45:1:45:41 | #define L __clang_wide_literal_encoding__ | Is a compiler extension and is not portable to other compilers. | -| test.c:53:33:53:43 | vector_size | Is a compiler extension and is not portable to other compilers. | -| test.c:54:33:54:47 | vector_size | Is a compiler extension and is not portable to other compilers. | -| test.c:55:37:55:51 | ext_vector_type | Is a compiler extension and is not portable to other compilers. | -| test.c:56:37:56:51 | ext_vector_type | Is a compiler extension and is not portable to other compilers. | -| test.c:61:3:69:4 | (statement expression) | Is a compiler extension and is not portable to other compilers. | -| test.c:96:3:96:18 | call to __builtin_setjmp | Is a compiler extension and is not portable to other compilers. | -| test.c:97:3:97:19 | call to __builtin_longjmp | Is a compiler extension and is not portable to other compilers. | -| test.c:113:11:113:16 | ... ? ... : ... | Is a compiler extension and is not portable to other compilers. | -| test.c:124:12:124:12 | definition of a | Is a compiler extension and is not portable to other compilers. | -| test.c:128:17:128:17 | definition of a | Is a compiler extension and is not portable to other compilers. | -| test.c:165:8:165:15 | definition of contents | Is a compiler extension and is not portable to other compilers. | -| test.c:182:8:182:11 | gf19 | Is a compiler extension and is not portable to other compilers. | -| test.c:214:33:214:35 | declaration of out | Is a compiler extension and is not portable to other compilers. | -| test.c:215:25:215:26 | declaration of in | Is a compiler extension and is not portable to other compilers. | -| test.c:268:16:268:21 | access | Is a compiler extension and is not portable to other compilers. | -| test.c:271:27:271:31 | alias | Is a compiler extension and is not portable to other compilers. | -| test.c:274:23:274:29 | aligned | Is a compiler extension and is not portable to other compilers. | -| test.c:285:25:285:34 | deprecated | Is a compiler extension and is not portable to other compilers. | -| test.c:297:20:297:30 | fallthrough | Is a compiler extension and is not portable to other compilers. | -| test.c:321:3:321:22 | alignof() | Is a compiler extension and is not portable to other compilers. | -| test.c:340:3:340:31 | call to __builtin_extract_return_addr | Is a compiler extension and is not portable to other compilers. | -| test.c:341:3:341:28 | call to __builtin_frob_return_addr | Is a compiler extension and is not portable to other compilers. | -| test.c:342:3:342:25 | call to __builtin_frame_address | Is a compiler extension and is not portable to other compilers. | -| test.c:363:3:363:22 | call to __sync_fetch_and_add_4 | Is a compiler extension and is not portable to other compilers. | -| test.c:364:3:364:22 | call to __sync_fetch_and_sub_4 | Is a compiler extension and is not portable to other compilers. | -| test.c:365:3:365:21 | call to __sync_fetch_and_or_4 | Is a compiler extension and is not portable to other compilers. | -| test.c:366:3:366:22 | call to __sync_fetch_and_and_4 | Is a compiler extension and is not portable to other compilers. | -| test.c:367:3:367:22 | call to __sync_fetch_and_xor_4 | Is a compiler extension and is not portable to other compilers. | -| test.c:368:3:368:23 | call to __sync_fetch_and_nand_4 | Is a compiler extension and is not portable to other compilers. | -| test.c:369:3:369:22 | call to __sync_add_and_fetch_4 | Is a compiler extension and is not portable to other compilers. | -| test.c:370:3:370:22 | call to __sync_sub_and_fetch_4 | Is a compiler extension and is not portable to other compilers. | -| test.c:371:3:371:21 | call to __sync_or_and_fetch_4 | Is a compiler extension and is not portable to other compilers. | -| test.c:372:3:372:22 | call to __sync_and_and_fetch_4 | Is a compiler extension and is not portable to other compilers. | -| test.c:373:3:373:22 | call to __sync_xor_and_fetch_4 | Is a compiler extension and is not portable to other compilers. | -| test.c:374:3:374:23 | call to __sync_nand_and_fetch_4 | Is a compiler extension and is not portable to other compilers. | -| test.c:376:3:376:30 | call to __sync_bool_compare_and_swap_4 | Is a compiler extension and is not portable to other compilers. | -| test.c:377:3:377:29 | call to __sync_val_compare_and_swap_4 | Is a compiler extension and is not portable to other compilers. | -| test.c:378:3:378:26 | call to __sync_lock_test_and_set_4 | Is a compiler extension and is not portable to other compilers. | -| test.c:379:3:379:21 | call to __sync_lock_release_4 | Is a compiler extension and is not portable to other compilers. | -| test.c:407:3:407:18 | call to __builtin_alloca | Is a compiler extension and is not portable to other compilers. | +| test.c:34:1:34:23 | #define A __BASE_FILE__ | Use of builtin macro '__BASE_FILE__' is a compiler extension and is not portable to other compilers. | +| test.c:35:1:35:23 | #define B __FILE_NAME__ | Use of builtin macro '__FILE_NAME__' is a compiler extension and is not portable to other compilers. | +| test.c:36:1:36:21 | #define C __COUNTER__ | Use of builtin macro '__COUNTER__' is a compiler extension and is not portable to other compilers. | +| test.c:37:1:37:27 | #define D __INCLUDE_LEVEL__ | Use of builtin macro '__INCLUDE_LEVEL__' is a compiler extension and is not portable to other compilers. | +| test.c:39:1:39:19 | #define F __clang__ | Use of builtin macro '__clang__' is a compiler extension and is not portable to other compilers. | +| test.c:40:1:40:25 | #define G __clang_major__ | Use of builtin macro '__clang_major__' is a compiler extension and is not portable to other compilers. | +| test.c:41:1:41:25 | #define H __clang_minor__ | Use of builtin macro '__clang_minor__' is a compiler extension and is not portable to other compilers. | +| test.c:42:1:42:30 | #define I __clang_patchlevel__ | Use of builtin macro '__clang_patchlevel__' is a compiler extension and is not portable to other compilers. | +| test.c:43:1:43:27 | #define J __clang_version__ | Use of builtin macro '__clang_version__' is a compiler extension and is not portable to other compilers. | +| test.c:44:1:44:36 | #define K __clang_literal_encoding__ | Use of builtin macro '__clang_literal_encoding__' is a compiler extension and is not portable to other compilers. | +| test.c:45:1:45:41 | #define L __clang_wide_literal_encoding__ | Use of builtin macro '__clang_wide_literal_encoding__' is a compiler extension and is not portable to other compilers. | +| test.c:53:33:53:43 | vector_size | Use of attribute 'vector_size' is a compiler extension and is not portable to other compilers. | +| test.c:54:33:54:47 | vector_size | Use of attribute 'vector_size' is a compiler extension and is not portable to other compilers. | +| test.c:55:37:55:51 | ext_vector_type | Use of attribute 'ext_vector_type' is a compiler extension and is not portable to other compilers. | +| test.c:56:37:56:51 | ext_vector_type | Use of attribute 'ext_vector_type' is a compiler extension and is not portable to other compilers. | +| test.c:61:3:69:4 | (statement expression) | Statement expressions are a compiler extension and are not portable to other compilers. | +| test.c:96:3:96:18 | call to __builtin_setjmp | Call to builtin function '__builtin_setjmp' is a compiler extension and is not portable to other compilers. | +| test.c:97:3:97:19 | call to __builtin_longjmp | Call to builtin function '__builtin_longjmp' is a compiler extension and is not portable to other compilers. | +| test.c:113:11:113:16 | ... ? ... : ... | Ternaries with omitted middle operands are a compiler extension and is not portable to other compilers. | +| test.c:124:12:124:12 | definition of a | 128-bit integers are a compiler extension and are not portable to other compilers. | +| test.c:128:17:128:17 | definition of a | Double-Word integers are a compiler extension and are not portable to other compilers. | +| test.c:165:8:165:15 | definition of contents | Zero length arrays are a compiler extension and are not portable to other compilers. | +| test.c:182:8:182:11 | gf19 | Empty structures are a compiler extension and are not portable to other compilers. | +| test.c:214:33:214:35 | declaration of out | Variable length arrays are a compiler extension and are not portable to other compilers. | +| test.c:215:25:215:26 | declaration of in | Variable length arrays are a compiler extension and are not portable to other compilers. | +| test.c:268:16:268:21 | access | Use of attribute 'access' is a compiler extension and is not portable to other compilers. | +| test.c:271:27:271:31 | alias | Use of attribute 'alias' is a compiler extension and is not portable to other compilers. | +| test.c:274:23:274:29 | aligned | Use of attribute 'aligned' is a compiler extension and is not portable to other compilers. | +| test.c:285:25:285:34 | deprecated | Use of attribute 'deprecated' is a compiler extension and is not portable to other compilers. | +| test.c:297:20:297:30 | fallthrough | Use of attribute 'fallthrough' is a compiler extension and is not portable to other compilers. | +| test.c:321:3:321:22 | alignof() | '__alignof__' is a compiler extension and is not portable to other compilers. | +| test.c:340:3:340:31 | call to __builtin_extract_return_addr | Call to builtin function '__builtin_extract_return_addr' is a compiler extension and is not portable to other compilers. | +| test.c:341:3:341:28 | call to __builtin_frob_return_addr | Call to builtin function '__builtin_frob_return_addr' is a compiler extension and is not portable to other compilers. | +| test.c:342:3:342:25 | call to __builtin_frame_address | Call to builtin function '__builtin_frame_address' is a compiler extension and is not portable to other compilers. | +| test.c:363:3:363:22 | call to __sync_fetch_and_add_4 | Call to builtin function '__sync_fetch_and_add_4' is a compiler extension and is not portable to other compilers. | +| test.c:364:3:364:22 | call to __sync_fetch_and_sub_4 | Call to builtin function '__sync_fetch_and_sub_4' is a compiler extension and is not portable to other compilers. | +| test.c:365:3:365:21 | call to __sync_fetch_and_or_4 | Call to builtin function '__sync_fetch_and_or_4' is a compiler extension and is not portable to other compilers. | +| test.c:366:3:366:22 | call to __sync_fetch_and_and_4 | Call to builtin function '__sync_fetch_and_and_4' is a compiler extension and is not portable to other compilers. | +| test.c:367:3:367:22 | call to __sync_fetch_and_xor_4 | Call to builtin function '__sync_fetch_and_xor_4' is a compiler extension and is not portable to other compilers. | +| test.c:368:3:368:23 | call to __sync_fetch_and_nand_4 | Call to builtin function '__sync_fetch_and_nand_4' is a compiler extension and is not portable to other compilers. | +| test.c:369:3:369:22 | call to __sync_add_and_fetch_4 | Call to builtin function '__sync_add_and_fetch_4' is a compiler extension and is not portable to other compilers. | +| test.c:370:3:370:22 | call to __sync_sub_and_fetch_4 | Call to builtin function '__sync_sub_and_fetch_4' is a compiler extension and is not portable to other compilers. | +| test.c:371:3:371:21 | call to __sync_or_and_fetch_4 | Call to builtin function '__sync_or_and_fetch_4' is a compiler extension and is not portable to other compilers. | +| test.c:372:3:372:22 | call to __sync_and_and_fetch_4 | Call to builtin function '__sync_and_and_fetch_4' is a compiler extension and is not portable to other compilers. | +| test.c:373:3:373:22 | call to __sync_xor_and_fetch_4 | Call to builtin function '__sync_xor_and_fetch_4' is a compiler extension and is not portable to other compilers. | +| test.c:374:3:374:23 | call to __sync_nand_and_fetch_4 | Call to builtin function '__sync_nand_and_fetch_4' is a compiler extension and is not portable to other compilers. | +| test.c:376:3:376:30 | call to __sync_bool_compare_and_swap_4 | Call to builtin function '__sync_bool_compare_and_swap_4' is a compiler extension and is not portable to other compilers. | +| test.c:377:3:377:29 | call to __sync_val_compare_and_swap_4 | Call to builtin function '__sync_val_compare_and_swap_4' is a compiler extension and is not portable to other compilers. | +| test.c:378:3:378:26 | call to __sync_lock_test_and_set_4 | Call to builtin function '__sync_lock_test_and_set_4' is a compiler extension and is not portable to other compilers. | +| test.c:379:3:379:21 | call to __sync_lock_release_4 | Call to builtin function '__sync_lock_release_4' is a compiler extension and is not portable to other compilers. | +| test.c:407:3:407:18 | call to __builtin_alloca | Call to builtin function '__builtin_alloca' is a compiler extension and is not portable to other compilers. | From 9605d7954cc7d04a61bbf28d0ecdb35ae0aff0c6 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 18 Sep 2024 23:13:39 +0100 Subject: [PATCH 1964/2573] Rule 1.2: Correct detection of variable length arrays --- c/common/src/codingstandards/c/Extensions.qll | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/c/common/src/codingstandards/c/Extensions.qll b/c/common/src/codingstandards/c/Extensions.qll index a30f1ec45b..4f16a1f09a 100644 --- a/c/common/src/codingstandards/c/Extensions.qll +++ b/c/common/src/codingstandards/c/Extensions.qll @@ -169,10 +169,16 @@ class CEmptyStructExtension extends CCompilerExtension, Struct { } // Reference: https://gcc.gnu.org/onlinedocs/gcc/Variable-Length.html#Variable-Length -class CVariableLengthArraysExtension extends CCompilerExtension, DeclarationEntry { +class CVariableLengthArraysExtension extends CCompilerExtension, Field { CVariableLengthArraysExtension() { getType() instanceof ArrayType and - not getType().(ArrayType).hasArraySize() + not getType().(ArrayType).hasArraySize() and + // Not the final member of the struct, which is allowed to be variably sized + not exists(int lastIndex, Class declaringStruct | + declaringStruct = getDeclaringType() and + lastIndex = count(declaringStruct.getACanonicalMember()) - 1 and + this = declaringStruct.getCanonicalMember(lastIndex) + ) } override string getMessage() { From 110f4023ec899544b8d60c2222b04c4802514cd0 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Wed, 18 Sep 2024 16:12:50 -0700 Subject: [PATCH 1965/2573] Add new MISRA C-2023 rules to csv --- rules.csv | 46 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) diff --git a/rules.csv b/rules.csv index f9c195e47a..4ce53bf3bb 100644 --- a/rules.csv +++ b/rules.csv @@ -616,10 +616,15 @@ c,MISRA-C-2012,DIR-4-11,Yes,Required,,,The validity of values passed to library c,MISRA-C-2012,DIR-4-12,Yes,Required,,,Dynamic memory allocation shall not be used,,Banned,Medium, c,MISRA-C-2012,DIR-4-13,No,Advisory,,,Functions which are designed to provide operations on a resource should be called in an appropriate sequence,,,,"Rule 22.1, 22.2 and 22.6 cover aspects of this rule. In other cases this is a design issue and needs to be checked manually." c,MISRA-C-2012,DIR-4-14,Yes,Required,,,The validity of values received from external sources shall be checked,,Contracts,Hard,This is supported by CodeQLs default C security queries. +c,MISRA-C-2012,DIR-4-15,Yes,Required,,,Evaluation of floating-point expressions shall not lead to the undetected generation of infinities and NaNs,FLP32-C and FLP04-C,FloatingTypes2,Medium, +c,MISRA-C-2012,DIR-5-1,Yes,Required,,,There shall be no data races between threads,CON43-C and CON32-C,Concurrency6,Very Hard, +c,MISRA-C-2012,DIR-5-2,Yes,Required,,,There shall be no deadlocks between threads,CON35-C,Concurrency6,Import, +c,MISRA-C-2012,DIR-5-3,Yes,Required,,,There shall be no dynamic thread creation,,Concurrency6,Easy, c,MISRA-C-2012,RULE-1-1,No,Required,,,"The program shall contain no violations of the standard C syntax and constraints, and shall not exceed the implementation's translation limits",,,Easy,"This should be checked via the compiler output, rather than CodeQL, which adds unnecessary steps." c,MISRA-C-2012,RULE-1-2,Yes,Advisory,,,Language extensions should not be used,,Language3,Hard, c,MISRA-C-2012,RULE-1-3,Yes,Required,,,There shall be no occurrence of undefined or critical unspecified behaviour,,Language3,Hard, c,MISRA-C-2012,RULE-1-4,Yes,Required,,,Emergent language features shall not be used,,Language2,Medium, +c,MISRA-C-2012,RULE-1-5,Yes,Required,,,Obsolencent language features shall not be used,,Language4,Medium, c,MISRA-C-2012,RULE-2-1,Yes,Required,,,A project shall not contain unreachable code,M0-1-1,DeadCode,Import, c,MISRA-C-2012,RULE-2-2,Yes,Required,,,There shall be no dead code,M0-1-9,DeadCode,Import, c,MISRA-C-2012,RULE-2-3,Yes,Advisory,,,A project should not contain unused type declarations,A0-1-6,DeadCode,Import, @@ -627,6 +632,7 @@ c,MISRA-C-2012,RULE-2-4,Yes,Advisory,,,A project should not contain unused tag d c,MISRA-C-2012,RULE-2-5,Yes,Advisory,,,A project should not contain unused macro declarations,,DeadCode,Easy, c,MISRA-C-2012,RULE-2-6,Yes,Advisory,,,A function should not contain unused label declarations,,DeadCode,Easy, c,MISRA-C-2012,RULE-2-7,Yes,Advisory,,,There should be no unused parameters in functions,A0-1-4 A0-1-5,DeadCode,Easy, +c,MISRA-C-2012,RULE-2-8,Yes,Advisory,,,A project should not contain unused object definitions,Rules 2.3-2.7,DeadCode2,Medium, c,MISRA-C-2012,RULE-3-1,Yes,Required,,,The character sequences /* and // shall not be used within a comment,M2-7-1,Syntax,Easy, c,MISRA-C-2012,RULE-3-2,Yes,Required,,,Line-splicing shall not be used in // comments,,Syntax,Easy, c,MISRA-C-2012,RULE-4-1,Yes,Required,,,Octal and hexadecimal escape sequences shall be terminated,A2-13-1 M2-13-2,Syntax,Medium, @@ -642,10 +648,13 @@ c,MISRA-C-2012,RULE-5-8,Yes,Required,,,Identifiers that define objects or functi c,MISRA-C-2012,RULE-5-9,Yes,Advisory,,,Identifiers that define objects or functions with internal linkage should be unique,,Declarations6,Easy, c,MISRA-C-2012,RULE-6-1,Yes,Required,,,Bit-fields shall only be declared with an appropriate type,M9-6-4,BitfieldTypes,Medium, c,MISRA-C-2012,RULE-6-2,Yes,Required,,,Single-bit named bit fields shall not be of a signed type,M9-6-4,BitfieldTypes,Import, +c,MISRA-C-2012,RULE-6-3,Yes,Required,,,A bit field shall not be declared as a member of a union,DCL39-C,BitfieldTypes2,Easy, c,MISRA-C-2012,RULE-7-1,Yes,Required,,,Octal constants shall not be used,M2-13-2,Banned,Import, c,MISRA-C-2012,RULE-7-2,Yes,Required,,,A 'u' or 'U' suffix shall be applied to all integer constants that are represented in an unsigned type,M2-13-3,Syntax,Easy, c,MISRA-C-2012,RULE-7-3,Yes,Required,,,The lowercase character 'l' shall not be used in a literal suffix,M2-13-4,Syntax,Easy, c,MISRA-C-2012,RULE-7-4,Yes,Required,,,A string literal shall not be assigned to an object unless the object's type is 'pointer to const-qualified char',A2-13-4,Types1,Easy, +c,MISRA-C-2012,RULE-7-5,Yes,Required,,,The argument of an integer constant macro shall have an appropriate form,,Types2,Medium, +c,MISRA-C-2012,RULE-7-6,Yes,Required,,,The small integer variants of the minimum-width integer constant macros shall not be used,,Types2,Easy, c,MISRA-C-2012,RULE-8-1,Yes,Required,,,Types shall be explicitly specified,,Declarations3,Medium, c,MISRA-C-2012,RULE-8-2,Yes,Required,,,Function types shall be in prototype form with named parameters,,Declarations4,Medium, c,MISRA-C-2012,RULE-8-3,Yes,Required,,,All declarations of an object or function shall use the same names and type qualifiers,M3-2-1,Declarations4,Medium, @@ -660,11 +669,16 @@ c,MISRA-C-2012,RULE-8-11,Yes,Advisory,,,"When an array with external linkage is c,MISRA-C-2012,RULE-8-12,Yes,Required,,,"Within an enumerator list, the value of an implicitly-specified enumeration constant shall be unique",,Declarations7,Medium, c,MISRA-C-2012,RULE-8-13,Yes,Advisory,,,A pointer should point to a const-qualified type whenever possible,,Pointers1,Medium, c,MISRA-C-2012,RULE-8-14,Yes,Required,,,The restrict type qualifier shall not be used,,Banned,Easy, +c,MISRA-C-2012,RULE-8-15,Yes,Required,,,All declarations of an object with an explicit alignment specification shall specify the same alignment,,Alignment,Easy, +c,MISRA-C-2012,RULE-8-16,Yes,Advisory,,,The alignment specification of zero should not appear in an object declaration,,Alignment,Easy, +c,MISRA-C-2012,RULE-8-17,Yes,Advisory,,,At most one explicit alignment specifier should appear in an object declaration,,Alignment,Easy, c,MISRA-C-2012,RULE-9-1,Yes,Mandatory,,,The value of an object with automatic storage duration shall not be read before it has been set,,InvalidMemory1,Import, c,MISRA-C-2012,RULE-9-2,Yes,Required,,,The initializer for an aggregate or union shall be enclosed in braces,,Memory1,Easy, c,MISRA-C-2012,RULE-9-3,Yes,Required,,,Arrays shall not be partially initialized,,Memory1,Medium, c,MISRA-C-2012,RULE-9-4,Yes,Required,,,An element of an object shall not be initialized more than once,,Memory1,Medium, c,MISRA-C-2012,RULE-9-5,No,Required,,,Where designated initializers are used to initialize an array object the size of the array shall be specified explicitly,,,Medium, +c,MISRA-C-2012,RULE-9-6,Yes,Required,,,An initializer using chained designators shall not contain initializers without designators,,Declarations9,Hard, +c,MISRA-C-2012,RULE-9-7,Yes,Mandatory,,,Atomic objects shall be appropriately initialized before being accessed,,Concurrency6,Hard, c,MISRA-C-2012,RULE-10-1,Yes,Required,,,Operands shall not be of an inappropriate essential type,,EssentialTypes,Hard, c,MISRA-C-2012,RULE-10-2,Yes,Required,,,Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations,,EssentialTypes,Medium, c,MISRA-C-2012,RULE-10-3,Yes,Required,,,The value of an expression shall not be assigned to an object with a narrower essential type or of a different essential type category,,EssentialTypes,Hard, @@ -682,11 +696,13 @@ c,MISRA-C-2012,RULE-11-6,Yes,Required,,,A cast shall not be performed between po c,MISRA-C-2012,RULE-11-7,Yes,Required,,,A cast shall not be performed between pointer to object and a non- integer arithmetic type,,Pointers1,Easy, c,MISRA-C-2012,RULE-11-8,Yes,Required,,,A cast shall not remove any const or volatile qualification from the type pointed to by a pointer,,Pointers1,Easy, c,MISRA-C-2012,RULE-11-9,Yes,Required,,,The macro NULL shall be the only permitted form of integer null pointer constant,,Pointers1,Easy, +c,MISRA-C-2012,RULE-11-10,Yes,Required,,,The _Atomic qualifier shall not be applied to the incomplete type void,,Declarations9,Easy, c,MISRA-C-2012,RULE-12-1,Yes,Advisory,,,The precedence of operators within expressions should be made explicit,,SideEffects1,Medium, c,MISRA-C-2012,RULE-12-2,Yes,Required,,,The right hand operand of a shift operator shall lie in the range zero to one less than the width in bits of the essential type of the left hand operand,,Contracts7,Medium, c,MISRA-C-2012,RULE-12-3,Yes,Advisory,,,The comma operator should not be used,M5-18-1,Banned,Import, c,MISRA-C-2012,RULE-12-4,Yes,Advisory,,,Evaluation of constant expressions should not lead to unsigned integer wrap-around,INT30-C,IntegerOverflow,Easy, c,MISRA-C-2012,RULE-12-5,Yes,Mandatory,,,The sizeof operator shall not have an operand which is a function parameter declared as 'array of type',,Types1,Medium, +c,MISRA-C-2012,RULE-12-6,Yes,Required,,,Structure and union members of atomic objects shall not be directly accessed,,Concurrency6,Easy, c,MISRA-C-2012,RULE-13-1,Yes,Required,,,Initializer lists shall not contain persistent side effects,,SideEffects1,Medium, c,MISRA-C-2012,RULE-13-2,Yes,Required,,,The value of an expression and its persistent side effects shall be the same under all permitted evaluation orders,PRE31-C,SideEffects3,Medium, c,MISRA-C-2012,RULE-13-3,Yes,Advisory,,,A full expression containing an increment (++) or decrement (--) operator should have no other potential side effects other than that caused by the increment or decrement operator,,SideEffects2,Medium, @@ -719,6 +735,11 @@ c,MISRA-C-2012,RULE-17-5,Yes,Advisory,,,The function argument corresponding to a c,MISRA-C-2012,RULE-17-6,Yes,Mandatory,,,The declaration of an array parameter shall not contain the static keyword between the [ ],,Static,Easy, c,MISRA-C-2012,RULE-17-7,Yes,Required,,,The value returned by a function having non-void return type shall be used,A0-1-2,Contracts6,Easy, c,MISRA-C-2012,RULE-17-8,Yes,Advisory,,,A function parameter should not be modified,,SideEffects2,Medium, +c,MISRA-C-2012,RULE-17-9,Yes,Mandatory,,,Verify that a function declared with _Noreturn does not return,,NoReturn,Easy, +c,MISRA-C-2012,RULE-17-10,Yes,Required,,,A function declared with _noreturn shall have a return type of void,,NoReturn,Easy, +c,MISRA-C-2012,RULE-17-11,Yes,Advisory,,,A function without a branch that returns shall be declared with _Noreturn,,NoReturn,Easy, +c,MISRA-C-2012,RULE-17-12,Yes,Advisory,,,A function identifier should only be called with a parenthesized parameter list or used with a & (address-of),,FunctionTypes,Easy, +c,MISRA-C-2012,RULE-17-13,Yes,Required,,,A function type shall not include any type qualifiers (const\, volatile\, restrict\, or _Atomic),,FunctionTypes,Easy, c,MISRA-C-2012,RULE-18-1,Yes,Required,,,A pointer resulting from arithmetic on a pointer operand shall address an element of the same array as that pointer operand,M5-0-16,Pointers1,Import, c,MISRA-C-2012,RULE-18-2,Yes,Required,,,Subtraction between pointers shall only be applied to pointers that address elements of the same array,M5-0-17,Pointers1,Import, c,MISRA-C-2012,RULE-18-3,Yes,Required,,,"The relational operators >, >=, < and <= shall not be applied to objects of pointer type except where they point into the same object",M5-0-18,Pointers1,Import, @@ -727,6 +748,8 @@ c,MISRA-C-2012,RULE-18-5,Yes,Advisory,,,Declarations should contain no more than c,MISRA-C-2012,RULE-18-6,Yes,Required,,,The address of an object with automatic storage shall not be copied to another object that persists after the first object has ceased to exist,M7-5-2,Pointers1,Import, c,MISRA-C-2012,RULE-18-7,Yes,Required,,,Flexible array members shall not be declared,,Declarations6,Medium, c,MISRA-C-2012,RULE-18-8,Yes,Required,,,Variable-length array types shall not be used,,Declarations7,Medium, +c,MISRA-C-2012,RULE-18-9,Yes,Required,,,An object with temporary lifetime shall not undergo array to pointer conversion,EXP35-C,InvalidMemory3,Hard, +c,MISRA-C-2012,RULE-18-10,Yes,Mandatory,,,Pointers to variably-modified array types shall not be used,,InvalidMemory3,Import, c,MISRA-C-2012,RULE-19-1,Yes,Mandatory,,,An object shall not be assigned or copied to an overlapping object,M0-2-1,Contracts7,Hard, c,MISRA-C-2012,RULE-19-2,Yes,Advisory,,,The union keyword should not be used,A9-5-1,Banned,Import, c,MISRA-C-2012,RULE-20-1,Yes,Advisory,,,#include directives should only be preceded by preprocessor directives or comments,M16-0-1,Preprocessor1,Import, @@ -764,6 +787,11 @@ c,MISRA-C-2012,RULE-21-18,Yes,Mandatory,,,The size_t argument passed to any func c,MISRA-C-2012,RULE-21-19,Yes,Mandatory,,,"The pointers returned by the Standard Library functions localeconv, getenv, setlocale or, strerror shall only be used as if they have pointer to const-qualified type",ENV30-C,Contracts2,Medium, c,MISRA-C-2012,RULE-21-20,Yes,Mandatory,,,"The pointer returned by the Standard Library functions asctime, ctime, gmtime, localtime, localeconv, getenv, setlocale or strerror shall not be used following a subsequent call to the same function",ENV34-C,Contracts2,Import, c,MISRA-C-2012,RULE-21-21,Yes,Required,,,The Standard Library function system of shall not be used,ENV33-C,Banned,Import, +c,MISRA-C-2012,RULE-21-22,Yes,Mandatory,,,All operand arguments to any type-generic macros in shall have an appropriate essential type,EXP37-C,EssentialTypes2,Hard, +c,MISRA-C-2012,RULE-21-23,Yes,Required,,,All operand arguments to any multi-argument type-generic macros in shall have the same standard type,Rule-21-22,EssentialTypes2,Easy, +c,MISRA-C-2012,RULE-21-24,Yes,Required,,,The random number generator functions of shall not be used,MSC30-C,Banned2,Easy, +c,MISRA-C-2012,RULE-21-25,Yes,Required,,,All memory synchronization operations shall be executed in sequentially consistent order,,Concurrency6,Medium, +c,MISRA-C-2012,RULE-21-26,Yes,Required,,,The Standard Library function mtx_timedlock() shall only be invoked on mutex objects of appropriate mutex type,,Concurrency6,Hard, c,MISRA-C-2012,RULE-22-1,Yes,Required,,,All resources obtained dynamically by means of Standard Library functions shall be explicitly released,,Memory2,Hard, c,MISRA-C-2012,RULE-22-2,Yes,Mandatory,,,A block of memory shall only be freed if it was allocated by means of a Standard Library function,,Memory2,Hard, c,MISRA-C-2012,RULE-22-3,Yes,Required,,,The same file shall not be open for read and write access at the same time on different streams,,IO3,Hard, @@ -774,6 +802,24 @@ c,MISRA-C-2012,RULE-22-7,Yes,Required,,,The macro EOF shall only be compared wit c,MISRA-C-2012,RULE-22-8,Yes,Required,,,The value of errno shall be set to zero prior to a call to an errno-setting-function,ERR30-C,Contracts3,Medium, c,MISRA-C-2012,RULE-22-9,Yes,Required,,,The value of errno shall be tested against zero after calling an errno-setting-function,,Contracts3,Medium, c,MISRA-C-2012,RULE-22-10,Yes,Required,,,The value of errno shall only be tested when the last function to be called was an errno-setting-function,,Contracts3,Medium, +c,MISRA-C-2012,RULE-22-11,Yes,Required,,,A thread that was previously either joined or detached shall not be subsequently joined nor detached,CON39-C,Concurrency6,Import, +c,MISRA-C-2012,RULE-22-12,Yes,Mandatory,,,Thread objects\, thread synchronization objects\, and thread-specific storage pointers shall only be accessed by the appropriate Standard Library functions,,Concurrency6,Medium, +c,MISRA-C-2012,RULE-22-13,Yes,Required,,,Thread objects\, thread synchronization objects\, and thread specific storage pointers shall have appropriate storage duration,EXP54-CPP and CON34-C,Concurrency6,Medium, +c,MISRA-C-2012,RULE-22-14,Yes,Mandatory,,,Thread synchronization objects shall be initialized before being accessed,EXP53-CPP,Concurrency6,Hard, +c,MISRA-C-2012,RULE-22-15,Yes,Required,,,Thread synchronization objects and thread-specific storage pointers shall not be destroyed until after all threads accessing them have terminated,,Concurrency6,Hard, +c,MISRA-C-2012,RULE-22-16,Yes,Required,,,All mutex objects locked by a thread shall be explicitly unlocked by the same thread,MEM51-CPP,Concurrency6,Hard, +c,MISRA-C-2012,RULE-22-17,Yes,Required,,,No thread shall unlock a mutex or call cnd_wait() or cnd_timedwait() for a mutex it has not locked before,Rule 22.2,Concurrency6,Medium, +c,MISRA-C-2012,RULE-22-18,Yes,Required,,,Non-recursive mutexes shall not be recursively locked,CON56-CPP,Concurrency6,Medium, +c,MISRA-C-2012,RULE-22-19,Yes,Required,,,A condition variable shall be associated with at most one mutex object,,Concurrency6,Medium, +c,MISRA-C-2012,RULE-22-20,Yes,Mandatory,,,Thread-specific storage pointers shall be created before being accessed,,Concurrency6,Hard, +c,MISRA-C-2012,RULE-23-1,Yes,Advisory,,,A generic selection should only be expanded from a macro,,Generics,Medium, +c,MISRA-C-2012,RULE-23-2,Yes,Required,,,A generic selection that is not expanded from a macro shall not contain potential side effects in the controlling expression,,Generics,Hard, +c,MISRA-C-2012,RULE-23-3,Yes,Advisory,,,A generic selection should contain at least one non-default association,,Generics,Easy, +c,MISRA-C-2012,RULE-23-4,Yes,Required,,,A generic association shall list an appropriate type,,Generics,Medium, +c,MISRA-C-2012,RULE-23-5,Yes,Advisory,,,A generic selection should not depend on implicit pointer type conversion,,Generics,Medium, +c,MISRA-C-2012,RULE-23-6,Yes,Required,,,The controlling expression of a generic selection shall have an essential type that matches its standard type,,Generics,Medium, +c,MISRA-C-2012,RULE-23-7,Yes,Advisory,,,A generic selection that is expanded from a macro should evaluate its argument only once,,Generics,Medium, +c,MISRA-C-2012,RULE-23-8,Yes,Required,,,A default association shall appear as either the first or the last association of a generic selection,,Generics,Easy, cpp,MISRA-C++-2023,RULE-0-0-1,Yes,Required,Decidable,Single Translation Unit,A function shall not contain unreachable statements,M0-1-1,DeadCode2,Medium, cpp,MISRA-C++-2023,RULE-0-0-2,Yes,Advisory,Undecidable,System,Controlling expressions should not be invariant,M0-1-2,DeadCode2,Easy, cpp,MISRA-C++-2023,RULE-0-1-1,Yes,Advisory,Undecidable,System,A value should not be unnecessarily written to a local object,A0-1-1,DeadCode2,Medium, From 0fef17c85539f69a549ff29ab549403baa0fa316 Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Thu, 19 Sep 2024 11:10:57 +0900 Subject: [PATCH 1966/2573] Fix #665 --- change_notes/2024-09-19-fix-fp-665-M3-4-1.md | 2 + ...saryExposedIdentifierDeclarationShared.qll | 21 ++++- .../test.cpp | 94 ++++++++++++++++++- 3 files changed, 112 insertions(+), 5 deletions(-) create mode 100644 change_notes/2024-09-19-fix-fp-665-M3-4-1.md diff --git a/change_notes/2024-09-19-fix-fp-665-M3-4-1.md b/change_notes/2024-09-19-fix-fp-665-M3-4-1.md new file mode 100644 index 0000000000..63c5f91b56 --- /dev/null +++ b/change_notes/2024-09-19-fix-fp-665-M3-4-1.md @@ -0,0 +1,2 @@ +- `M3-4-1` - `UnnecessaryExposedIdentifierDeclarationShared.qll`: + - Fixes #665. Exclude variables that are constexpr and coming from template instantiations. diff --git a/cpp/common/src/codingstandards/cpp/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.qll b/cpp/common/src/codingstandards/cpp/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.qll index a18ab593bb..695a8740b6 100644 --- a/cpp/common/src/codingstandards/cpp/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.qll @@ -120,7 +120,10 @@ private predicate isTypeUse(Type t1, Type t2) { } newtype TDeclarationAccess = - ObjectAccess(Variable v, VariableAccess va) { va = v.getAnAccess() } or + ObjectAccess(Variable v, VariableAccess va) { + va = v.getAnAccess() or + v.(TemplateVariable).getAnInstantiation().getAnAccess() = va + } or /* Type access can be done in a declaration or an expression (e.g., static member function call) */ TypeAccess(Type t, Element access) { isTypeUse(access.(Variable).getUnspecifiedType(), t) @@ -205,9 +208,13 @@ class DeclarationAccess extends TDeclarationAccess { class CandidateDeclaration extends Declaration { CandidateDeclaration() { - this instanceof LocalVariable + this instanceof LocalVariable and + not this.(LocalVariable).isConstexpr() and + not this.isFromTemplateInstantiation(_) or - this instanceof GlobalOrNamespaceVariable + this instanceof GlobalOrNamespaceVariable and + not this.isFromTemplateInstantiation(_) and + not this.(GlobalOrNamespaceVariable).isConstexpr() or this instanceof Type and not this instanceof ClassTemplateInstantiation and @@ -229,7 +236,13 @@ Scope possibleScopesForDeclaration(CandidateDeclaration d) { result = scope.getStrictParent*() ) and // Limit the best scope to block statements and namespaces or control structures - (result instanceof BlockStmt or result instanceof Namespace) + ( + result instanceof BlockStmt and + // Template variables cannot be in block scope + not d instanceof TemplateVariable + or + result instanceof Namespace + ) } /* Gets the smallest scope that includes all the declaration accesses of declaration `d`. */ diff --git a/cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/test.cpp b/cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/test.cpp index ae3bb7b887..c4e01b8224 100644 --- a/cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/test.cpp +++ b/cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/test.cpp @@ -136,4 +136,96 @@ void f17() { ptr = &i; } *ptr = 1; -} \ No newline at end of file +} + +namespace a_namespace { + +constexpr static unsigned int a_constexpr_var{ + 10U}; // COMPLIANT; used in + // a_namespace and + // another_namespace_function +static unsigned int + a_namespace_var[a_constexpr_var]{}; // COMPLIANT; used in + // a_namespace_function and + // another_namespace_function + +constexpr static unsigned int a_namespace_function(void) noexcept { + unsigned int a_return_value{0U}; + + for (auto loop_var : a_namespace_var) { // usage of a_namespace_var + a_return_value += loop_var; + } + return a_return_value; +} + +constexpr static unsigned int another_namespace_function(void) noexcept { + unsigned int a_return_value{0U}; + + for (unsigned int i{0U}; i < a_constexpr_var; + i++) { // usage of a_constexpr_var + a_return_value += a_namespace_var[i]; // usage of a_namespace_var + } + return a_return_value; +} +} // namespace a_namespace + +namespace parent_namespace { +namespace child_namespace { +template class a_class_in_child_namespace { +public: + template constexpr auto &&operator()(To &&val) const noexcept { + return static_cast(val); + } +}; // a_class_in_child_namespace end + +template +extern constexpr a_class_in_child_namespace + a_class_in_child_namespace_impl{}; + +} // namespace child_namespace + +template +static constexpr auto const &a_parent_namespace_variable = + child_namespace::a_class_in_child_namespace_impl< + From>; // COMPLIANT; used in child_namespace2::a_class::bar() and + // parent_namespace::another_class::foo() + +namespace child_namespace2 { +class a_class { +public: + int func(...) { return 0; } + void foo(int x) { x++; } + template constexpr auto bar(F(*func), int b) { + foo(func(a_parent_namespace_variable( + b))); // usage of a_parent_namespace_variable + } +}; // a_class +} // namespace child_namespace2 + +class another_class { + int a; + int b; + void bar(int param) { param++; } + + bool has_value() { return a == b; } + +public: + template int foo(F(*func), int b) { + if (has_value()) { + bar(func(a_parent_namespace_variable( + b))); // usage of a_parent_namespace_variable + } + return 0; + } +}; // another_class +} // namespace parent_namespace + +template T a_func(T v) { return v++; } + +int main() { + parent_namespace::child_namespace2::a_class a_class_obj; + a_class_obj.bar(a_func, 10); + parent_namespace::another_class another_class_obj; + another_class_obj.foo(a_func, 10); + return 0; +} From 3797b83c90a6887a37970ae7b8ac5071368d7cd3 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Wed, 18 Sep 2024 21:00:33 -0700 Subject: [PATCH 1967/2573] Fix CSV escaping --- rules.csv | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/rules.csv b/rules.csv index 4ce53bf3bb..b5e15ba6f6 100644 --- a/rules.csv +++ b/rules.csv @@ -739,7 +739,7 @@ c,MISRA-C-2012,RULE-17-9,Yes,Mandatory,,,Verify that a function declared with _N c,MISRA-C-2012,RULE-17-10,Yes,Required,,,A function declared with _noreturn shall have a return type of void,,NoReturn,Easy, c,MISRA-C-2012,RULE-17-11,Yes,Advisory,,,A function without a branch that returns shall be declared with _Noreturn,,NoReturn,Easy, c,MISRA-C-2012,RULE-17-12,Yes,Advisory,,,A function identifier should only be called with a parenthesized parameter list or used with a & (address-of),,FunctionTypes,Easy, -c,MISRA-C-2012,RULE-17-13,Yes,Required,,,A function type shall not include any type qualifiers (const\, volatile\, restrict\, or _Atomic),,FunctionTypes,Easy, +c,MISRA-C-2012,RULE-17-13,Yes,Required,,,"A function type shall not include any type qualifiers (const, volatile, restrict, or _Atomic)",,FunctionTypes,Easy, c,MISRA-C-2012,RULE-18-1,Yes,Required,,,A pointer resulting from arithmetic on a pointer operand shall address an element of the same array as that pointer operand,M5-0-16,Pointers1,Import, c,MISRA-C-2012,RULE-18-2,Yes,Required,,,Subtraction between pointers shall only be applied to pointers that address elements of the same array,M5-0-17,Pointers1,Import, c,MISRA-C-2012,RULE-18-3,Yes,Required,,,"The relational operators >, >=, < and <= shall not be applied to objects of pointer type except where they point into the same object",M5-0-18,Pointers1,Import, @@ -803,8 +803,8 @@ c,MISRA-C-2012,RULE-22-8,Yes,Required,,,The value of errno shall be set to zero c,MISRA-C-2012,RULE-22-9,Yes,Required,,,The value of errno shall be tested against zero after calling an errno-setting-function,,Contracts3,Medium, c,MISRA-C-2012,RULE-22-10,Yes,Required,,,The value of errno shall only be tested when the last function to be called was an errno-setting-function,,Contracts3,Medium, c,MISRA-C-2012,RULE-22-11,Yes,Required,,,A thread that was previously either joined or detached shall not be subsequently joined nor detached,CON39-C,Concurrency6,Import, -c,MISRA-C-2012,RULE-22-12,Yes,Mandatory,,,Thread objects\, thread synchronization objects\, and thread-specific storage pointers shall only be accessed by the appropriate Standard Library functions,,Concurrency6,Medium, -c,MISRA-C-2012,RULE-22-13,Yes,Required,,,Thread objects\, thread synchronization objects\, and thread specific storage pointers shall have appropriate storage duration,EXP54-CPP and CON34-C,Concurrency6,Medium, +c,MISRA-C-2012,RULE-22-12,Yes,Mandatory,,,"Thread objects, thread synchronization objects, and thread-specific storage pointers shall only be accessed by the appropriate Standard Library functions",,Concurrency6,Medium, +c,MISRA-C-2012,RULE-22-13,Yes,Required,,,"Thread objects, thread synchronization objects, and thread specific storage pointers shall have appropriate storage duration",EXP54-CPP and CON34-C,Concurrency6,Medium, c,MISRA-C-2012,RULE-22-14,Yes,Mandatory,,,Thread synchronization objects shall be initialized before being accessed,EXP53-CPP,Concurrency6,Hard, c,MISRA-C-2012,RULE-22-15,Yes,Required,,,Thread synchronization objects and thread-specific storage pointers shall not be destroyed until after all threads accessing them have terminated,,Concurrency6,Hard, c,MISRA-C-2012,RULE-22-16,Yes,Required,,,All mutex objects locked by a thread shall be explicitly unlocked by the same thread,MEM51-CPP,Concurrency6,Hard, From 9139b8e21cb741cc56355ae7a19c68e04e572d58 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 19 Sep 2024 10:00:05 +0100 Subject: [PATCH 1968/2573] Rule 1.2: Fix test for variable length arrays Only variable length struct fields are a gcc extension. --- ...LanguageExtensionsShouldNotBeUsed.expected | 55 +++++++++---------- c/misra/test/rules/RULE-1-2/test.c | 14 ++--- 2 files changed, 33 insertions(+), 36 deletions(-) diff --git a/c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.expected b/c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.expected index d13141d7ac..b82fa2bbc5 100644 --- a/c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.expected +++ b/c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.expected @@ -21,31 +21,30 @@ | test.c:128:17:128:17 | definition of a | Double-Word integers are a compiler extension and are not portable to other compilers. | | test.c:165:8:165:15 | definition of contents | Zero length arrays are a compiler extension and are not portable to other compilers. | | test.c:182:8:182:11 | gf19 | Empty structures are a compiler extension and are not portable to other compilers. | -| test.c:214:33:214:35 | declaration of out | Variable length arrays are a compiler extension and are not portable to other compilers. | -| test.c:215:25:215:26 | declaration of in | Variable length arrays are a compiler extension and are not portable to other compilers. | -| test.c:268:16:268:21 | access | Use of attribute 'access' is a compiler extension and is not portable to other compilers. | -| test.c:271:27:271:31 | alias | Use of attribute 'alias' is a compiler extension and is not portable to other compilers. | -| test.c:274:23:274:29 | aligned | Use of attribute 'aligned' is a compiler extension and is not portable to other compilers. | -| test.c:285:25:285:34 | deprecated | Use of attribute 'deprecated' is a compiler extension and is not portable to other compilers. | -| test.c:297:20:297:30 | fallthrough | Use of attribute 'fallthrough' is a compiler extension and is not portable to other compilers. | -| test.c:321:3:321:22 | alignof() | '__alignof__' is a compiler extension and is not portable to other compilers. | -| test.c:340:3:340:31 | call to __builtin_extract_return_addr | Call to builtin function '__builtin_extract_return_addr' is a compiler extension and is not portable to other compilers. | -| test.c:341:3:341:28 | call to __builtin_frob_return_addr | Call to builtin function '__builtin_frob_return_addr' is a compiler extension and is not portable to other compilers. | -| test.c:342:3:342:25 | call to __builtin_frame_address | Call to builtin function '__builtin_frame_address' is a compiler extension and is not portable to other compilers. | -| test.c:363:3:363:22 | call to __sync_fetch_and_add_4 | Call to builtin function '__sync_fetch_and_add_4' is a compiler extension and is not portable to other compilers. | -| test.c:364:3:364:22 | call to __sync_fetch_and_sub_4 | Call to builtin function '__sync_fetch_and_sub_4' is a compiler extension and is not portable to other compilers. | -| test.c:365:3:365:21 | call to __sync_fetch_and_or_4 | Call to builtin function '__sync_fetch_and_or_4' is a compiler extension and is not portable to other compilers. | -| test.c:366:3:366:22 | call to __sync_fetch_and_and_4 | Call to builtin function '__sync_fetch_and_and_4' is a compiler extension and is not portable to other compilers. | -| test.c:367:3:367:22 | call to __sync_fetch_and_xor_4 | Call to builtin function '__sync_fetch_and_xor_4' is a compiler extension and is not portable to other compilers. | -| test.c:368:3:368:23 | call to __sync_fetch_and_nand_4 | Call to builtin function '__sync_fetch_and_nand_4' is a compiler extension and is not portable to other compilers. | -| test.c:369:3:369:22 | call to __sync_add_and_fetch_4 | Call to builtin function '__sync_add_and_fetch_4' is a compiler extension and is not portable to other compilers. | -| test.c:370:3:370:22 | call to __sync_sub_and_fetch_4 | Call to builtin function '__sync_sub_and_fetch_4' is a compiler extension and is not portable to other compilers. | -| test.c:371:3:371:21 | call to __sync_or_and_fetch_4 | Call to builtin function '__sync_or_and_fetch_4' is a compiler extension and is not portable to other compilers. | -| test.c:372:3:372:22 | call to __sync_and_and_fetch_4 | Call to builtin function '__sync_and_and_fetch_4' is a compiler extension and is not portable to other compilers. | -| test.c:373:3:373:22 | call to __sync_xor_and_fetch_4 | Call to builtin function '__sync_xor_and_fetch_4' is a compiler extension and is not portable to other compilers. | -| test.c:374:3:374:23 | call to __sync_nand_and_fetch_4 | Call to builtin function '__sync_nand_and_fetch_4' is a compiler extension and is not portable to other compilers. | -| test.c:376:3:376:30 | call to __sync_bool_compare_and_swap_4 | Call to builtin function '__sync_bool_compare_and_swap_4' is a compiler extension and is not portable to other compilers. | -| test.c:377:3:377:29 | call to __sync_val_compare_and_swap_4 | Call to builtin function '__sync_val_compare_and_swap_4' is a compiler extension and is not portable to other compilers. | -| test.c:378:3:378:26 | call to __sync_lock_test_and_set_4 | Call to builtin function '__sync_lock_test_and_set_4' is a compiler extension and is not portable to other compilers. | -| test.c:379:3:379:21 | call to __sync_lock_release_4 | Call to builtin function '__sync_lock_release_4' is a compiler extension and is not portable to other compilers. | -| test.c:407:3:407:18 | call to __builtin_alloca | Call to builtin function '__builtin_alloca' is a compiler extension and is not portable to other compilers. | +| test.c:216:9:216:10 | definition of x1 | Zero length arrays are a compiler extension and are not portable to other compilers. | +| test.c:266:16:266:21 | access | Use of attribute 'access' is a compiler extension and is not portable to other compilers. | +| test.c:270:5:270:9 | alias | Use of attribute 'alias' is a compiler extension and is not portable to other compilers. | +| test.c:272:23:272:29 | aligned | Use of attribute 'aligned' is a compiler extension and is not portable to other compilers. | +| test.c:283:25:283:34 | deprecated | Use of attribute 'deprecated' is a compiler extension and is not portable to other compilers. | +| test.c:295:20:295:30 | fallthrough | Use of attribute 'fallthrough' is a compiler extension and is not portable to other compilers. | +| test.c:319:3:319:22 | alignof() | '__alignof__' is a compiler extension and is not portable to other compilers. | +| test.c:338:3:338:31 | call to __builtin_extract_return_addr | Call to builtin function '__builtin_extract_return_addr' is a compiler extension and is not portable to other compilers. | +| test.c:339:3:339:28 | call to __builtin_frob_return_addr | Call to builtin function '__builtin_frob_return_addr' is a compiler extension and is not portable to other compilers. | +| test.c:340:3:340:25 | call to __builtin_frame_address | Call to builtin function '__builtin_frame_address' is a compiler extension and is not portable to other compilers. | +| test.c:361:3:361:22 | call to __sync_fetch_and_add_4 | Call to builtin function '__sync_fetch_and_add_4' is a compiler extension and is not portable to other compilers. | +| test.c:362:3:362:22 | call to __sync_fetch_and_sub_4 | Call to builtin function '__sync_fetch_and_sub_4' is a compiler extension and is not portable to other compilers. | +| test.c:363:3:363:21 | call to __sync_fetch_and_or_4 | Call to builtin function '__sync_fetch_and_or_4' is a compiler extension and is not portable to other compilers. | +| test.c:364:3:364:22 | call to __sync_fetch_and_and_4 | Call to builtin function '__sync_fetch_and_and_4' is a compiler extension and is not portable to other compilers. | +| test.c:365:3:365:22 | call to __sync_fetch_and_xor_4 | Call to builtin function '__sync_fetch_and_xor_4' is a compiler extension and is not portable to other compilers. | +| test.c:366:3:366:23 | call to __sync_fetch_and_nand_4 | Call to builtin function '__sync_fetch_and_nand_4' is a compiler extension and is not portable to other compilers. | +| test.c:367:3:367:22 | call to __sync_add_and_fetch_4 | Call to builtin function '__sync_add_and_fetch_4' is a compiler extension and is not portable to other compilers. | +| test.c:368:3:368:22 | call to __sync_sub_and_fetch_4 | Call to builtin function '__sync_sub_and_fetch_4' is a compiler extension and is not portable to other compilers. | +| test.c:369:3:369:21 | call to __sync_or_and_fetch_4 | Call to builtin function '__sync_or_and_fetch_4' is a compiler extension and is not portable to other compilers. | +| test.c:370:3:370:22 | call to __sync_and_and_fetch_4 | Call to builtin function '__sync_and_and_fetch_4' is a compiler extension and is not portable to other compilers. | +| test.c:371:3:371:22 | call to __sync_xor_and_fetch_4 | Call to builtin function '__sync_xor_and_fetch_4' is a compiler extension and is not portable to other compilers. | +| test.c:372:3:372:23 | call to __sync_nand_and_fetch_4 | Call to builtin function '__sync_nand_and_fetch_4' is a compiler extension and is not portable to other compilers. | +| test.c:374:3:374:30 | call to __sync_bool_compare_and_swap_4 | Call to builtin function '__sync_bool_compare_and_swap_4' is a compiler extension and is not portable to other compilers. | +| test.c:375:3:375:29 | call to __sync_val_compare_and_swap_4 | Call to builtin function '__sync_val_compare_and_swap_4' is a compiler extension and is not portable to other compilers. | +| test.c:376:3:376:26 | call to __sync_lock_test_and_set_4 | Call to builtin function '__sync_lock_test_and_set_4' is a compiler extension and is not portable to other compilers. | +| test.c:377:3:377:21 | call to __sync_lock_release_4 | Call to builtin function '__sync_lock_release_4' is a compiler extension and is not portable to other compilers. | +| test.c:405:3:405:18 | call to __builtin_alloca | Call to builtin function '__builtin_alloca' is a compiler extension and is not portable to other compilers. | diff --git a/c/misra/test/rules/RULE-1-2/test.c b/c/misra/test/rules/RULE-1-2/test.c index 86a3ae2f20..5a0759afba 100644 --- a/c/misra/test/rules/RULE-1-2/test.c +++ b/c/misra/test/rules/RULE-1-2/test.c @@ -211,14 +211,12 @@ void gf24(int f, int g) { // Reference: // https://gcc.gnu.org/onlinedocs/gcc/Variable-Length.html#Variable-Length -void gf25t(int N, int M, double out[M][N], // NON_COMPLIANT - const double in[N][M]); // NON_COMPLIANT -void gf25() { - double x[3][2]; - double y[2][3]; - gf25t(3, 2, y, - x); // in ISO C the const qualifier is formally attached - // to the element type of the array and not the array itself +void gf25(int n) { + struct S1 { + int x1[n]; // NON_COMPLIANT + int x2[5]; // COMPLIANT + int x3[]; // COMPLIANT + }; } // Reference: From ecf5e8beeba67957387fc2bdc8a6ff11b5b1d719 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 19 Sep 2024 10:57:50 +0100 Subject: [PATCH 1969/2573] Rule 1.2: Support aggregation of results at macro locations Add a new module/library for identifying the macro that generated an element as the primary location, and use it for Rule 1.2 to avoid overreporting. --- .../LanguageExtensionsShouldNotBeUsed.ql | 3 +- ...LanguageExtensionsShouldNotBeUsed.expected | 1 + c/misra/test/rules/RULE-1-2/test.c | 8 +++- .../codingstandards/cpp/AlertReporting.qll | 41 +++++++++++++++++++ 4 files changed, 51 insertions(+), 2 deletions(-) create mode 100644 cpp/common/src/codingstandards/cpp/AlertReporting.qll diff --git a/c/misra/src/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql b/c/misra/src/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql index 00a364a87e..8017f58fb5 100644 --- a/c/misra/src/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql +++ b/c/misra/src/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql @@ -13,8 +13,9 @@ import cpp import codingstandards.c.misra +import codingstandards.cpp.AlertReporting import codingstandards.c.Extensions from CCompilerExtension e where not isExcluded(e, Language3Package::languageExtensionsShouldNotBeUsedQuery()) -select e, e.getMessage() +select MacroUnwrapper::unwrapElement(e), e.getMessage() diff --git a/c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.expected b/c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.expected index b82fa2bbc5..d0303f9a7f 100644 --- a/c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.expected +++ b/c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.expected @@ -48,3 +48,4 @@ | test.c:376:3:376:26 | call to __sync_lock_test_and_set_4 | Call to builtin function '__sync_lock_test_and_set_4' is a compiler extension and is not portable to other compilers. | | test.c:377:3:377:21 | call to __sync_lock_release_4 | Call to builtin function '__sync_lock_release_4' is a compiler extension and is not portable to other compilers. | | test.c:405:3:405:18 | call to __builtin_alloca | Call to builtin function '__builtin_alloca' is a compiler extension and is not portable to other compilers. | +| test.c:409:1:411:8 | #define BUILTIN __builtin_alloca( 0) | Call to builtin function '__builtin_alloca' is a compiler extension and is not portable to other compilers. | diff --git a/c/misra/test/rules/RULE-1-2/test.c b/c/misra/test/rules/RULE-1-2/test.c index 5a0759afba..439df3733c 100644 --- a/c/misra/test/rules/RULE-1-2/test.c +++ b/c/misra/test/rules/RULE-1-2/test.c @@ -404,4 +404,10 @@ void gf47() { // NON_COMPLIANT in versions < C11. void gf48() { __builtin_alloca( 0); // NON_COMPLIANT (all __builtin functions are non-compliant.) -} \ No newline at end of file +} + +#define BUILTIN \ + __builtin_alloca( \ + 0) // NON_COMPLIANT (all __builtin functions are non-compliant.) + +void gf49() { BUILTIN; } \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/AlertReporting.qll b/cpp/common/src/codingstandards/cpp/AlertReporting.qll new file mode 100644 index 0000000000..4259e1b67d --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/AlertReporting.qll @@ -0,0 +1,41 @@ +/** + * Provides a library for managing how alerts are reported. + */ + +import cpp + +signature class ResultType extends Element; + +/** + * A module for unwrapping results that occur in macro expansions. + */ +module MacroUnwrapper { + /** + * Gets a macro invocation that applies to the result element. + */ + private MacroInvocation getAMacroInvocation(ResultElement re) { + result.getAnExpandedElement() = re + } + + /** + * Gets the primary macro that generated the result element. + */ + Macro getPrimaryMacro(ResultElement re) { + exists(MacroInvocation mi | + mi = getAMacroInvocation(re) and + // No other more specific macro that expands to element + not exists(MacroInvocation otherMi | + otherMi = getAMacroInvocation(re) and otherMi.getParentInvocation() = mi + ) and + result = mi.getMacro() + ) + } + + /** + * If a result element is expanded from a macro invocation, then return the "primary" macro that + * generated the element, otherwise return the element itself. + */ + Element unwrapElement(ResultElement re) { + if exists(getPrimaryMacro(re)) then result = getPrimaryMacro(re) else result = re + } +} From 3490238096744abae7265c58c8ae5b23ae72165a Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 19 Sep 2024 11:17:22 +0100 Subject: [PATCH 1970/2573] Remove duplicate predicate --- cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll | 6 ------ 1 file changed, 6 deletions(-) diff --git a/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll b/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll index 45ea8c35ab..c0a32baba9 100644 --- a/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll +++ b/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll @@ -4,12 +4,6 @@ import cpp import codingstandards.cpp.TrivialType import codingstandards.cpp.deadcode.UnusedVariables -/** Gets the constant value of a constexpr variable. */ -private string getConstExprValue(Variable v) { - result = v.getInitializer().getExpr().getValue() and - v.isConstexpr() -} - /** * Gets the number of uses of variable `v` in an opaque assignment, where an opaque assignment is a cast from one type to the other, and `v` is assumed to be a member of the resulting type. * e.g., From 4318622161d534399d9cb4e2f531ebc9bf17dd0c Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 19 Sep 2024 11:38:15 +0100 Subject: [PATCH 1971/2573] Rule 1.2: Add change note --- change_notes/2024-09-19-c-extensions.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 change_notes/2024-09-19-c-extensions.md diff --git a/change_notes/2024-09-19-c-extensions.md b/change_notes/2024-09-19-c-extensions.md new file mode 100644 index 0000000000..2f78574679 --- /dev/null +++ b/change_notes/2024-09-19-c-extensions.md @@ -0,0 +1,4 @@ + - `RULE-1-2` - `LanguageExtensionsShouldNotBeUsed.ql`: + - Improve reporting by describing which language extensions are used. + - Improve reporting by aggregating results generated from a macro expansion at the generating macro location. + - Reduce false positives for the variable length array check by permitting those extensions which are included in the C99 standard. \ No newline at end of file From f6c05fe6cd0c276543106b86caf72771fff9b424 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Thu, 19 Sep 2024 16:32:59 +0100 Subject: [PATCH 1972/2573] Update action.yml --- .../actions/apply-coding-standards-configuration/action.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/actions/apply-coding-standards-configuration/action.yml b/.github/actions/apply-coding-standards-configuration/action.yml index f901238061..a5b751793f 100644 --- a/.github/actions/apply-coding-standards-configuration/action.yml +++ b/.github/actions/apply-coding-standards-configuration/action.yml @@ -10,6 +10,8 @@ runs: with: python-version: 3.9 - name: Install dependencies + shell: bash run: python -m pip install -r ${{ github.action_path }}/scripts/configuration/requirements.txt - name: Process files - run: python ${{ github.action_path }}/scripts/configuration/process_coding_standards_config.py \ No newline at end of file + shell: bash + run: python ${{ github.action_path }}/scripts/configuration/process_coding_standards_config.py From 8c22681df43e205a66535b72daf54373c2df8614 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Thu, 19 Sep 2024 16:37:35 +0100 Subject: [PATCH 1973/2573] Update action.yml --- .../actions/apply-coding-standards-configuration/action.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/actions/apply-coding-standards-configuration/action.yml b/.github/actions/apply-coding-standards-configuration/action.yml index a5b751793f..e1580e5f23 100644 --- a/.github/actions/apply-coding-standards-configuration/action.yml +++ b/.github/actions/apply-coding-standards-configuration/action.yml @@ -11,7 +11,7 @@ runs: python-version: 3.9 - name: Install dependencies shell: bash - run: python -m pip install -r ${{ github.action_path }}/scripts/configuration/requirements.txt + run: cd ../../../; python -m pip install -r ${{ github.action_path }}/scripts/configuration/requirements.txt - name: Process files shell: bash - run: python ${{ github.action_path }}/scripts/configuration/process_coding_standards_config.py + run: cd ../../../; python ${{ github.action_path }}/scripts/configuration/process_coding_standards_config.py From 2dc4836be1bdc9ddde8a15e5f7a7af272bc93854 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Thu, 19 Sep 2024 16:39:34 +0100 Subject: [PATCH 1974/2573] Update action.yml --- .../actions/apply-coding-standards-configuration/action.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/actions/apply-coding-standards-configuration/action.yml b/.github/actions/apply-coding-standards-configuration/action.yml index e1580e5f23..49ecc01176 100644 --- a/.github/actions/apply-coding-standards-configuration/action.yml +++ b/.github/actions/apply-coding-standards-configuration/action.yml @@ -11,7 +11,7 @@ runs: python-version: 3.9 - name: Install dependencies shell: bash - run: cd ../../../; python -m pip install -r ${{ github.action_path }}/scripts/configuration/requirements.txt + run: cd ../../../; python -m pip install -r ${{ github.action_path }}/../../../scripts/configuration/requirements.txt - name: Process files shell: bash - run: cd ../../../; python ${{ github.action_path }}/scripts/configuration/process_coding_standards_config.py + run: cd ../../../; python ${{ github.action_path }}/../../../scripts/configuration/process_coding_standards_config.py From 6d95d66a17cca4933cd8262d0d1f4cbe68270c67 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Thu, 19 Sep 2024 16:53:58 +0100 Subject: [PATCH 1975/2573] Update action.yml --- .../actions/apply-coding-standards-configuration/action.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/actions/apply-coding-standards-configuration/action.yml b/.github/actions/apply-coding-standards-configuration/action.yml index 49ecc01176..ae107f80a2 100644 --- a/.github/actions/apply-coding-standards-configuration/action.yml +++ b/.github/actions/apply-coding-standards-configuration/action.yml @@ -11,7 +11,7 @@ runs: python-version: 3.9 - name: Install dependencies shell: bash - run: cd ../../../; python -m pip install -r ${{ github.action_path }}/../../../scripts/configuration/requirements.txt + run: ls ${{ github.action_path }}/../../..; python -m pip install -r ${{ github.action_path }}/../../../scripts/configuration/requirements.txt - name: Process files shell: bash - run: cd ../../../; python ${{ github.action_path }}/../../../scripts/configuration/process_coding_standards_config.py + run: python ${{ github.action_path }}/../../../scripts/configuration/process_coding_standards_config.py From b74b066d202dfec2351a222d5bcaf2bdfc7176fa Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 19 Sep 2024 17:31:10 -0700 Subject: [PATCH 1976/2573] Add `amendments.csv` with misra-c amdmts 2&3, and tc2. --- amendments.csv | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) create mode 100644 amendments.csv diff --git a/amendments.csv b/amendments.csv new file mode 100644 index 0000000000..9fc03ae951 --- /dev/null +++ b/amendments.csv @@ -0,0 +1,50 @@ +language,standard,amendment,rule_id,queryable,implementation_category,difficulty +c,misra-c-2012,Amendment3,DIR-4-6,Yes,Expand,Easy +c,misra-c-2012,Amendment3,DIR-4-9,Yes,Refine,Easy +c,misra-c-2012,Amendment3,DIR-4-11,Yes,Refine,Import +c,misra-c-2012,Amendment3,RULE-1-4,Yes,Replace,Easy +c,misra-c-2012,Amendment3,RULE-10-1,Yes,Replace,Easy +c,misra-c-2012,Amendment3,RULE-10-3,Yes,Refine,Easy +c,misra-c-2012,Amendment3,RULE-10-4,Yes,Refine,Import +c,misra-c-2012,Amendment3,RULE-10-5,Yes,Expand,Easy +c,misra-c-2012,Amendment3,RULE-10-7,Yes,Refine,Import +c,misra-c-2012,Amendment3,RULE-10-8,Yes,Refine,Import +c,misra-c-2012,Amendment3,RULE-21-11,Yes,Clarification,Import +c,misra-c-2012,Amendment3,RULE-21-12,Yes,Replace,Easy +c,misra-c-2012,Amendment4,RULE-11-3,Yes,Expand,Easy +c,misra-c-2012,Amendment4,RULE-11-8,Yes,Expand,Easy +c,misra-c-2012,Amendment4,RULE-13-2,Yes,Expand,Very Hard +c,misra-c-2012,Amendment4,RULE-18-6,Yes,Expand,Medium +c,misra-c-2012,Amendment4,RULE-18-8,Yes,Split,Easy +c,misra-c-2012,Corrigendum2,RULE-2-2,Yes,Clarification,Import +c,misra-c-2012,Corrigendum2,RULE-2-7,Yes,Clarification,Import +c,misra-c-2012,Corrigendum2,RULE-3-1,Yes,Refine,Easy +c,misra-c-2012,Corrigendum2,RULE-8-6,Yes,Clarification,Import +c,misra-c-2012,Corrigendum2,RULE-8-9,Yes,Clarification,Import +c,misra-c-2012,Corrigendum2,RULE-9-4,Yes,Clarification,Import +c,misra-c-2012,Corrigendum2,RULE-10-1,Yes,Clarification,Import +c,misra-c-2012,Corrigendum2,RULE-18-3,Yes,Clarification,Import +c,misra-c-2012,Corrigendum2,RULE-1-4,Yes,Replace,Easy +c,misra-c-2012,Corrigendum2,RULE-9-1,Yes,Refine,Easy +c,misra-c-2012,Corrigendum2,RULE-9-2,Yes,Refine,Import +c,misra-c-2012,Corrigendum2,DIR-4-10,Yes,Clarification,Import +c,misra-c-2012,Corrigendum2,RULE-7-4,Yes,Refine,Easy +c,misra-c-2012,Corrigendum2,RULE-8-2,Yes,Clarification,Import +c,misra-c-2012,Corrigendum2,RULE-8-3,Yes,Refine,Easy +c,misra-c-2012,Corrigendum2,RULE-8-7,Yes,Clarification,Import +c,misra-c-2012,Corrigendum2,RULE-10-1,Yes,Clarification,Import +c,misra-c-2012,Corrigendum2,RULE-10-2,Yes,Refine,Easy +c,misra-c-2012,Corrigendum2,RULE-10-3,Yes,Clarification,Import +c,misra-c-2012,Corrigendum2,RULE-11-3,Yes,Clarification,Import +c,misra-c-2012,Corrigendum2,RULE-11-6,Yes,Clarification,Import +c,misra-c-2012,Corrigendum2,RULE-13-2,Yes,Clarification,Import +c,misra-c-2012,Corrigendum2,RULE-13-6,Yes,Clarification,Import +c,misra-c-2012,Corrigendum2,RULE-14-3,Yes,Refine,Easy +c,misra-c-2012,Corrigendum2,RULE-15-7,Yes,Clarification,Import +c,misra-c-2012,Corrigendum2,RULE-17-4,Yes,Clarification,Import +c,misra-c-2012,Corrigendum2,RULE-17-5,Yes,Clarification,Import +c,misra-c-2012,Corrigendum2,RULE-18-1,Yes,Refine,Easy +c,misra-c-2012,Corrigendum2,RULE-20-14,Yes,Clarification,Import +c,misra-c-2012,Corrigendum2,RULE-21-19,Yes,Clarification,Import +c,misra-c-2012,Corrigendum2,RULE-21-20,Yes,Refine,Easy +c,misra-c-2012,Corrigendum2,RULE-22-9,Yes,Clarification,Import \ No newline at end of file From edd9071c275b42238337abf7c024b0116212840f Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 20 Sep 2024 10:52:13 +0100 Subject: [PATCH 1977/2573] Rule 7.2: Remove false positives in macros and implicit conversions - Remove false positives where integer constants are generated from macros. - Remove false positives where a signed integer is implicitly converted to unsigned, which is permitted by the standard. --- .../UOrUSuffixRepresentedInUnsignedType.ql | 13 +- ...rUSuffixRepresentedInUnsignedType.expected | 11 +- c/misra/test/rules/RULE-7-2/test.c | 266 +++++++++++++++--- change_notes/2024-09-20-fix-7-2-fps.md | 3 + rule_packages/c/Syntax.json | 5 +- 5 files changed, 252 insertions(+), 46 deletions(-) create mode 100644 change_notes/2024-09-20-fix-7-2-fps.md diff --git a/c/misra/src/rules/RULE-7-2/UOrUSuffixRepresentedInUnsignedType.ql b/c/misra/src/rules/RULE-7-2/UOrUSuffixRepresentedInUnsignedType.ql index b1dca9ac4a..b8f8d59718 100644 --- a/c/misra/src/rules/RULE-7-2/UOrUSuffixRepresentedInUnsignedType.ql +++ b/c/misra/src/rules/RULE-7-2/UOrUSuffixRepresentedInUnsignedType.ql @@ -19,6 +19,13 @@ from Literal l where not isExcluded(l, SyntaxPackage::uOrUSuffixRepresentedInUnsignedTypeQuery()) and not l instanceof StringLiteral and - l.getImplicitlyConverted().getType().(IntegralType).isUnsigned() and - not exists(l.getValueText().toUpperCase().indexOf("U")) -select l, "Unsigned literal does not explicitly express sign with a 'U' or 'u' suffix." + // Determine if the extractor deduced that the literal is unsigned, based on the C rules + l.getType().(IntegralType).isUnsigned() and + // And report if the literal does not contain a 'U' or 'u' suffix, e.g. explicitly unsigned + not exists(l.getValueText().toUpperCase().indexOf("U")) and + // Exclude constants generated by macro expansions, because the suffix information is lost in this + // case, so can cause false positives. + not l.isInMacroExpansion() +select l, + "Unsigned literal " + l.getValueText() + + " does not explicitly express sign with a 'U' or 'u' suffix." diff --git a/c/misra/test/rules/RULE-7-2/UOrUSuffixRepresentedInUnsignedType.expected b/c/misra/test/rules/RULE-7-2/UOrUSuffixRepresentedInUnsignedType.expected index 4a131f4eaa..07cd56b3d9 100644 --- a/c/misra/test/rules/RULE-7-2/UOrUSuffixRepresentedInUnsignedType.expected +++ b/c/misra/test/rules/RULE-7-2/UOrUSuffixRepresentedInUnsignedType.expected @@ -1,5 +1,6 @@ -| test.c:8:20:8:21 | 0 | Unsigned literal does not explicitly express sign with a 'U' or 'u' suffix. | -| test.c:9:20:9:22 | 0 | Unsigned literal does not explicitly express sign with a 'U' or 'u' suffix. | -| test.c:33:6:33:6 | 1 | Unsigned literal does not explicitly express sign with a 'U' or 'u' suffix. | -| test.c:35:6:35:9 | 1 | Unsigned literal does not explicitly express sign with a 'U' or 'u' suffix. | -| test.c:37:6:37:8 | 1 | Unsigned literal does not explicitly express sign with a 'U' or 'u' suffix. | +| test.c:111:3:111:12 | 2147483648 | Unsigned literal 0x80000000 does not explicitly express sign with a 'U' or 'u' suffix. | +| test.c:116:3:116:20 | 9223372036854775808 | Unsigned literal 0x8000000000000000 does not explicitly express sign with a 'U' or 'u' suffix. | +| test.c:139:3:139:21 | 9223372036854775808 | Unsigned literal 0x8000000000000000l does not explicitly express sign with a 'U' or 'u' suffix. | +| test.c:162:3:162:21 | 9223372036854775808 | Unsigned literal 0x8000000000000000L does not explicitly express sign with a 'U' or 'u' suffix. | +| test.c:185:3:185:22 | 9223372036854775808 | Unsigned literal 0x8000000000000000ll does not explicitly express sign with a 'U' or 'u' suffix. | +| test.c:208:3:208:22 | 9223372036854775808 | Unsigned literal 0x8000000000000000LL does not explicitly express sign with a 'U' or 'u' suffix. | diff --git a/c/misra/test/rules/RULE-7-2/test.c b/c/misra/test/rules/RULE-7-2/test.c index da62825755..b95d2b1e02 100644 --- a/c/misra/test/rules/RULE-7-2/test.c +++ b/c/misra/test/rules/RULE-7-2/test.c @@ -1,39 +1,231 @@ +// Assumed platform in qltest is linux_x86_64, so +// int, long, long long sizes are assumed to be 32, 64, 64 bits respectively -long a1 = 0L; // COMPLIANT -long a2 = 0LL; // COMPLIANT -long a3 = 0uL; // COMPLIANT -long a4 = 0Lu; // COMPLIANT -long a5 = 0LU; // COMPLIANT - -unsigned long b1 = 0L; // NON_COMPLIANT -unsigned long b2 = 0LL; // NON_COMPLIANT -unsigned long b3 = 0uL; // COMPLIANT -unsigned long b4 = 0Lu; // COMPLIANT -unsigned long b5 = 0LU; // COMPLIANT - -signed long c1 = 0L; // COMPLIANT -signed long c2 = 0LL; // COMPLIANT -signed long c3 = 0uL; // COMPLIANT -signed long c4 = 0Lu; // COMPLIANT -signed long c5 = 0LU; // COMPLIANT - -void f0(int a) {} - -void f1(unsigned int a) {} - -void f2() { - - f0(1); // COMPLIANT - f0(1U); // COMPLIANT - f0(0x01); // COMPLIANT - f0(0x01U); // COMPLIANT - f0(001); // COMPLIANT - f0(001U); // COMPLIANT - - f1(1); // NON_COMPLIANT - f1(1U); // COMPLIANT - f1(0x01); // NON_COMPLIANT - f1(0x01U); // COMPLIANT - f1(001); // NON_COMPLIANT - f1(001U); // COMPLIANT +// The type of an integer constant is determined by "6.4.4.1 Integer constants" +// in the C11 Standard. The principle is that any decimal integer constant will +// be signed, unless it has the `U` or `u` suffix. Any hexadecimal integer will +// depend on whether it is larger than the maximum value of the smallest signed +// integer value that can hold the value. So the signedness depends on the +// magnitude of the constant. + +void test_decimal_constants() { + 0; // COMPLIANT + 2147483648; // COMPLIANT - larger than int, but decimal constants never use + // unsigned without the suffix, so will be `long` + 4294967296; // COMPLIANT - larger than unsigned int, still `long` + 9223372036854775807; // COMPLIANT - max long int + // 9223372036854775808; Not a valid integer constant, out of signed range + 0U; // COMPLIANT - unsigned, but uses the suffix correctly + 2147483648U; // COMPLIANT - unsigned, but uses the suffix correctly + 4294967296U; // COMPLIANT - unsigned, but uses the suffix correctly + 9223372036854775807U; // COMPLIANT - max long int + 9223372036854775808U; // COMPLIANT - explicitly unsigned, so can go large than + // max long int + 0u; // COMPLIANT - unsigned, but uses the suffix correctly + 2147483648u; // COMPLIANT - unsigned, but uses the suffix correctly + 4294967296u; // COMPLIANT - unsigned, but uses the suffix correctly + 9223372036854775807u; // COMPLIANT - max long int + 9223372036854775808u; // COMPLIANT - explicitly unsigned, so can go large than + // max long int + + // l suffix + 0l; // COMPLIANT + 2147483648l; // COMPLIANT - within the range of long int + 4294967296l; // COMPLIANT - within the range of long int + 9223372036854775807l; // COMPLIANT - max long int + // 9223372036854775808l; Not a valid integer constant, out of signed range + 0lU; // COMPLIANT - unsigned, but uses the suffix correctly + 2147483648lU; // COMPLIANT - unsigned, but uses the suffix correctly + 4294967296lU; // COMPLIANT - unsigned, but uses the suffix correctly + 9223372036854775807lU; // COMPLIANT - max long int + 9223372036854775808lU; // COMPLIANT - explicitly unsigned, so can go large + // than max long int + 0lu; // COMPLIANT - unsigned, but uses the suffix correctly + 2147483648lu; // COMPLIANT - unsigned, but uses the suffix correctly + 4294967296lu; // COMPLIANT - unsigned, but uses the suffix correctly + 9223372036854775807lu; // COMPLIANT - max long int + 9223372036854775808lu; // COMPLIANT - explicitly unsigned, so can go large + // than max long int + + // L suffix + 0L; // COMPLIANT + 2147483648L; // COMPLIANT - within the range of long int + 4294967296L; // COMPLIANT - within the range of long int + 9223372036854775807L; // COMPLIANT - max long int + // 9223372036854775808L; Not a valid integer constant, out of signed range + 0LU; // COMPLIANT - unsigned, but uses the suffix correctly + 2147483648LU; // COMPLIANT - unsigned, but uses the suffix correctly + 4294967296LU; // COMPLIANT - unsigned, but uses the suffix correctly + 9223372036854775807LU; // COMPLIANT - max long int + 9223372036854775808LU; // COMPLIANT - explicitly unsigned, so can go large + // than max long int + 0Lu; // COMPLIANT - unsigned, but uses the suffix correctly + 2147483648Lu; // COMPLIANT - unsigned, but uses the suffix correctly + 4294967296Lu; // COMPLIANT - unsigned, but uses the suffix correctly + 9223372036854775807Lu; // COMPLIANT - max long int + 9223372036854775808Lu; // COMPLIANT - explicitly unsigned, so can go large + // than max long int + + // ll suffix + 0ll; // COMPLIANT + 2147483648ll; // COMPLIANT - within the range of long long int + 4294967296ll; // COMPLIANT - within the range of long long int + 9223372036854775807ll; // COMPLIANT - max long long int + // 9223372036854775808ll; Not a valid integer constant, out of signed range + 0llU; // COMPLIANT - unsigned, but uses the suffix correctly + 2147483648llU; // COMPLIANT - unsigned, but uses the suffix correctly + 4294967296llU; // COMPLIANT - unsigned, but uses the suffix correctly + 9223372036854775807llU; // COMPLIANT - max long long int + 9223372036854775808llU; // COMPLIANT - explicitly unsigned, so can go large + // than max long long int + 0llu; // COMPLIANT - unsigned, but uses the suffix correctly + 2147483648llu; // COMPLIANT - unsigned, but uses the suffix correctly + 4294967296llu; // COMPLIANT - unsigned, but uses the suffix correctly + 9223372036854775807llu; // COMPLIANT - max long long int + 9223372036854775808llu; // COMPLIANT - explicitly unsigned, so can go large + // than max long long int + + // LL suffix + 0LL; // COMPLIANT + 2147483648LL; // COMPLIANT - within the range of long long int + 4294967296LL; // COMPLIANT - within the range of long long int + 9223372036854775807LL; // COMPLIANT - max long long int + // 9223372036854775808LL; Not a valid integer constant, out of signed range + 0LLU; // COMPLIANT - unsigned, but uses the suffix correctly + 2147483648LLU; // COMPLIANT - unsigned, but uses the suffix correctly + 4294967296LLU; // COMPLIANT - unsigned, but uses the suffix correctly + 9223372036854775807LLU; // COMPLIANT - max long long int + 9223372036854775808LLU; // COMPLIANT - explicitly unsigned, so can go large + // than max long long int + 0LLu; // COMPLIANT - unsigned, but uses the suffix correctly + 2147483648LLu; // COMPLIANT - unsigned, but uses the suffix correctly + 4294967296LLu; // COMPLIANT - unsigned, but uses the suffix correctly + 9223372036854775807LLu; // COMPLIANT - max long long int + 9223372036854775808LLu; // COMPLIANT - explicitly unsigned, so can go large + // than max long long int } + +void test_hexadecimal_constants() { + 0x0; // COMPLIANT - uses signed int + 0x7FFFFFFF; // COMPLIANT - max value held by signed int + 0x80000000; // NON_COMPLIANT - larger than max signed int, so will be unsigned + // int + 0x100000000; // COMPLIANT - larger than unsigned int, but smaller than long + // int + 0x7FFFFFFFFFFFFFFF; // COMPLIANT - max long int + 0x8000000000000000; // NON_COMPLIANT - larger than long int, so will be + // unsigned long int + 0x0U; // COMPLIANT - unsigned, but uses the suffix correctly + 0x7FFFFFFFU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x80000000U; // COMPLIANT - unsigned, but uses the suffix correctly + 0x100000000U; // COMPLIANT - unsigned, but uses the suffix correctly + 0x7FFFFFFFFFFFFFFFU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x8000000000000000U; // COMPLIANT - unsigned, but uses the suffix correctly + 0x0u; // COMPLIANT - unsigned, but uses the suffix correctly + 0x7FFFFFFFu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x80000000u; // COMPLIANT - unsigned, but uses the suffix correctly + 0x100000000u; // COMPLIANT - unsigned, but uses the suffix correctly + 0x7FFFFFFFFFFFFFFFu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x8000000000000000u; // COMPLIANT - unsigned, but uses the suffix correctly + + // Use of the `l` suffix + 0x0l; // COMPLIANT - uses signed int + 0x7FFFFFFFl; // COMPLIANT - max value held by signed int + 0x80000000l; // COMPLIANT - larger than max signed int, but smaller than long + // int + 0x100000000l; // COMPLIANT - larger than unsigned int, but smaller than long + // int + 0x7FFFFFFFFFFFFFFFl; // COMPLIANT - max long int + 0x8000000000000000l; // NON_COMPLIANT - larger than long int, so will be + // unsigned long int + 0x0lU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x7FFFFFFFlU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x80000000lU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x100000000lU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x7FFFFFFFFFFFFFFFlU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x8000000000000000lU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x0lu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x7FFFFFFFlu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x80000000lu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x100000000lu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x7FFFFFFFFFFFFFFFlu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x8000000000000000lu; // COMPLIANT - unsigned, but uses the suffix correctly + + // Use of the `L` suffix + 0x0L; // COMPLIANT - uses signed int + 0x7FFFFFFFL; // COMPLIANT - max value held by signed int + 0x80000000L; // COMPLIANT - larger than max signed int, but smaller than long + // int + 0x100000000L; // COMPLIANT - larger than unsigned int, but smaller than long + // int + 0x7FFFFFFFFFFFFFFFL; // COMPLIANT - max long int + 0x8000000000000000L; // NON_COMPLIANT - larger than long int, so will be + // unsigned long int + 0x0LU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x7FFFFFFFLU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x80000000LU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x100000000LU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x7FFFFFFFFFFFFFFFLU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x8000000000000000LU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x0Lu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x7FFFFFFFLu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x80000000Lu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x100000000Lu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x7FFFFFFFFFFFFFFFLu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x8000000000000000Lu; // COMPLIANT - unsigned, but uses the suffix correctly + + // Use of the `ll` suffix + 0x0ll; // COMPLIANT - uses signed int + 0x7FFFFFFFll; // COMPLIANT - max value held by signed int + 0x80000000ll; // COMPLIANT - larger than max signed int, but smaller than long + // long int + 0x100000000ll; // COMPLIANT - larger than unsigned int, but smaller than long + // long int + 0x7FFFFFFFFFFFFFFFll; // COMPLIANT - max long long int + 0x8000000000000000ll; // NON_COMPLIANT - larger than long long int, so will be + // unsigned long long int + 0x0llU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x7FFFFFFFllU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x80000000llU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x100000000llU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x7FFFFFFFFFFFFFFFllU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x8000000000000000llU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x0llu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x7FFFFFFFllu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x80000000llu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x100000000llu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x7FFFFFFFFFFFFFFFllu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x8000000000000000llu; // COMPLIANT - unsigned, but uses the suffix correctly + + // Use of the `LL` suffix + 0x0LL; // COMPLIANT - uses signed int + 0x7FFFFFFFLL; // COMPLIANT - max value held by signed int + 0x80000000LL; // COMPLIANT - larger than max signed int, but smaller than long + // long int + 0x100000000LL; // COMPLIANT - larger than unsigned int, but smaller than long + // long int + 0x7FFFFFFFFFFFFFFFLL; // COMPLIANT - max long long int + 0x8000000000000000LL; // NON_COMPLIANT - larger than long long int, so will be + // unsigned long long int + 0x0LLU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x7FFFFFFFLLU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x80000000LLU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x100000000LLU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x7FFFFFFFFFFFFFFFLLU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x8000000000000000LLU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x0LLu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x7FFFFFFFLLu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x80000000LLu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x100000000LLu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x7FFFFFFFFFFFFFFFLLu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x8000000000000000LLu; // COMPLIANT - unsigned, but uses the suffix correctly +} + +#define COMPLIANT_VAL 0x80000000U +#define NON_COMPLIANT_VAL 0x80000000 + +void test_macro() { + COMPLIANT_VAL; // COMPLIANT + NON_COMPLIANT_VAL; // NON_COMPLIANT[FALSE_NEGATIVE] - cannot determine suffix + // in macro expansions +} \ No newline at end of file diff --git a/change_notes/2024-09-20-fix-7-2-fps.md b/change_notes/2024-09-20-fix-7-2-fps.md new file mode 100644 index 0000000000..897aebadb7 --- /dev/null +++ b/change_notes/2024-09-20-fix-7-2-fps.md @@ -0,0 +1,3 @@ + - `RULE-7-2` - `UOrUSuffixRepresentedInUnsignedType.ql` + - Remove false positives where integer constants are generated from macros. + - Remove false positives where a signed integer is implicitly converted to unsigned, which is permitted by the standard. \ No newline at end of file diff --git a/rule_packages/c/Syntax.json b/rule_packages/c/Syntax.json index b8899ccc97..99bcf8250e 100644 --- a/rule_packages/c/Syntax.json +++ b/rule_packages/c/Syntax.json @@ -121,7 +121,10 @@ "tags": [ "maintainability", "readability" - ] + ], + "implementation_scope": { + "description": "This implementation does not consider constants defined in macro bodies." + } } ], "title": "A 'U' or 'u' suffix shall be applied to all integer constants that are represented in an unsigned type" From 7315e190f5035ddee3b23f03b7452a3f15aa173a Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Fri, 20 Sep 2024 11:44:46 +0100 Subject: [PATCH 1978/2573] Update action.yml --- .github/actions/apply-coding-standards-configuration/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/apply-coding-standards-configuration/action.yml b/.github/actions/apply-coding-standards-configuration/action.yml index ae107f80a2..8edc6e954c 100644 --- a/.github/actions/apply-coding-standards-configuration/action.yml +++ b/.github/actions/apply-coding-standards-configuration/action.yml @@ -11,7 +11,7 @@ runs: python-version: 3.9 - name: Install dependencies shell: bash - run: ls ${{ github.action_path }}/../../..; python -m pip install -r ${{ github.action_path }}/../../../scripts/configuration/requirements.txt + run: cd ../../../; ls; python -m pip install -r ${{ github.action_path }}/../../../scripts/configuration/requirements.txt - name: Process files shell: bash run: python ${{ github.action_path }}/../../../scripts/configuration/process_coding_standards_config.py From 2d047cfdc826774039fc936c386c3604cd23e649 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Fri, 20 Sep 2024 11:47:02 +0100 Subject: [PATCH 1979/2573] Update action.yml --- .github/actions/apply-coding-standards-configuration/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/apply-coding-standards-configuration/action.yml b/.github/actions/apply-coding-standards-configuration/action.yml index 8edc6e954c..e0264a5cc8 100644 --- a/.github/actions/apply-coding-standards-configuration/action.yml +++ b/.github/actions/apply-coding-standards-configuration/action.yml @@ -11,7 +11,7 @@ runs: python-version: 3.9 - name: Install dependencies shell: bash - run: cd ../../../; ls; python -m pip install -r ${{ github.action_path }}/../../../scripts/configuration/requirements.txt + run: cd ${{ github.action_path }}; cd ../../../; ls; python -m pip install -r ${{ github.action_path }}/../../../scripts/configuration/requirements.txt - name: Process files shell: bash run: python ${{ github.action_path }}/../../../scripts/configuration/process_coding_standards_config.py From bac877f5d1c703c36c8874664fef0ad2c94054e5 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Fri, 20 Sep 2024 11:53:02 +0100 Subject: [PATCH 1980/2573] Update action.yml --- .../actions/apply-coding-standards-configuration/action.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/actions/apply-coding-standards-configuration/action.yml b/.github/actions/apply-coding-standards-configuration/action.yml index e0264a5cc8..c5c58ebc3c 100644 --- a/.github/actions/apply-coding-standards-configuration/action.yml +++ b/.github/actions/apply-coding-standards-configuration/action.yml @@ -11,7 +11,7 @@ runs: python-version: 3.9 - name: Install dependencies shell: bash - run: cd ${{ github.action_path }}; cd ../../../; ls; python -m pip install -r ${{ github.action_path }}/../../../scripts/configuration/requirements.txt + run: python -m pip install -r ${GITHUB_ACTION_PATH}/../../../scripts/configuration/requirements.txt - name: Process files shell: bash - run: python ${{ github.action_path }}/../../../scripts/configuration/process_coding_standards_config.py + run: python ${GITHUB_ACTION_PATH}/../../../scripts/configuration/process_coding_standards_config.py From b78397ac4e8f9f780e7b0d2ceb98ab24be87ffad Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Fri, 20 Sep 2024 13:35:41 +0100 Subject: [PATCH 1981/2573] Update action.yml --- .../apply-coding-standards-configuration/action.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/actions/apply-coding-standards-configuration/action.yml b/.github/actions/apply-coding-standards-configuration/action.yml index c5c58ebc3c..7a621bb45f 100644 --- a/.github/actions/apply-coding-standards-configuration/action.yml +++ b/.github/actions/apply-coding-standards-configuration/action.yml @@ -5,10 +5,10 @@ description: | runs: using: composite steps: - - name: Install Python - uses: actions/setup-python@v5 - with: - python-version: 3.9 + # - name: Install Python + # uses: actions/setup-python@v5 + # with: + # python-version: 3.9 - name: Install dependencies shell: bash run: python -m pip install -r ${GITHUB_ACTION_PATH}/../../../scripts/configuration/requirements.txt From 382d4f34c15170f029027f01e96ae10345f59e9f Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Fri, 20 Sep 2024 13:47:10 +0100 Subject: [PATCH 1982/2573] Update action.yml --- .../apply-coding-standards-configuration/action.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/actions/apply-coding-standards-configuration/action.yml b/.github/actions/apply-coding-standards-configuration/action.yml index 7a621bb45f..c5c58ebc3c 100644 --- a/.github/actions/apply-coding-standards-configuration/action.yml +++ b/.github/actions/apply-coding-standards-configuration/action.yml @@ -5,10 +5,10 @@ description: | runs: using: composite steps: - # - name: Install Python - # uses: actions/setup-python@v5 - # with: - # python-version: 3.9 + - name: Install Python + uses: actions/setup-python@v5 + with: + python-version: 3.9 - name: Install dependencies shell: bash run: python -m pip install -r ${GITHUB_ACTION_PATH}/../../../scripts/configuration/requirements.txt From 12370bc599deeb7bc406bd890d6edb7159e1620f Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 20 Sep 2024 11:17:13 -0700 Subject: [PATCH 1983/2573] Add support for MISRA-C Rule 6.3 --- .../BitFieldDeclaredAsMemberOfAUnion.ql | 22 ++++++++++++++++ .../BitFieldDeclaredAsMemberOfAUnion.expected | 2 ++ .../BitFieldDeclaredAsMemberOfAUnion.qlref | 1 + c/misra/test/rules/RULE-6-3/test.c | 21 +++++++++++++++ .../cpp/exclusions/c/BitfieldTypes2.qll | 26 +++++++++++++++++++ .../cpp/exclusions/c/RuleMetadata.qll | 3 +++ rule_packages/c/BitfieldTypes2.json | 21 +++++++++++++++ 7 files changed, 96 insertions(+) create mode 100644 c/misra/src/rules/RULE-6-3/BitFieldDeclaredAsMemberOfAUnion.ql create mode 100644 c/misra/test/rules/RULE-6-3/BitFieldDeclaredAsMemberOfAUnion.expected create mode 100644 c/misra/test/rules/RULE-6-3/BitFieldDeclaredAsMemberOfAUnion.qlref create mode 100644 c/misra/test/rules/RULE-6-3/test.c create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/BitfieldTypes2.qll create mode 100644 rule_packages/c/BitfieldTypes2.json diff --git a/c/misra/src/rules/RULE-6-3/BitFieldDeclaredAsMemberOfAUnion.ql b/c/misra/src/rules/RULE-6-3/BitFieldDeclaredAsMemberOfAUnion.ql new file mode 100644 index 0000000000..c91f25da10 --- /dev/null +++ b/c/misra/src/rules/RULE-6-3/BitFieldDeclaredAsMemberOfAUnion.ql @@ -0,0 +1,22 @@ +/** + * @id c/misra/bit-field-declared-as-member-of-a-union + * @name RULE-6-3: A bit field shall not be declared as a member of a union + * @description Type punning on a union with bit fields relies on implementation-specific alignment + * behavior. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/misra/id/rule-6-3 + * correctness + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +from BitField field, Union u +where + not isExcluded(field, BitfieldTypes2Package::bitFieldDeclaredAsMemberOfAUnionQuery()) and + u.getAField() = field +select + field, "Union member " + field.getName() + " is declared as a bit field which relies on implementation-specific behavior." \ No newline at end of file diff --git a/c/misra/test/rules/RULE-6-3/BitFieldDeclaredAsMemberOfAUnion.expected b/c/misra/test/rules/RULE-6-3/BitFieldDeclaredAsMemberOfAUnion.expected new file mode 100644 index 0000000000..7c39484796 --- /dev/null +++ b/c/misra/test/rules/RULE-6-3/BitFieldDeclaredAsMemberOfAUnion.expected @@ -0,0 +1,2 @@ +| test.c:7:7:7:7 | x | Union member x is declared as a bit field which relies on implementation-specific behavior. | +| test.c:20:7:20:7 | (unnamed bitfield) | Union member (unnamed bitfield) is declared as a bit field which relies on implementation-specific behavior. | diff --git a/c/misra/test/rules/RULE-6-3/BitFieldDeclaredAsMemberOfAUnion.qlref b/c/misra/test/rules/RULE-6-3/BitFieldDeclaredAsMemberOfAUnion.qlref new file mode 100644 index 0000000000..21c43d4826 --- /dev/null +++ b/c/misra/test/rules/RULE-6-3/BitFieldDeclaredAsMemberOfAUnion.qlref @@ -0,0 +1 @@ +rules/RULE-6-3/BitFieldDeclaredAsMemberOfAUnion.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-6-3/test.c b/c/misra/test/rules/RULE-6-3/test.c new file mode 100644 index 0000000000..74b7cb86ea --- /dev/null +++ b/c/misra/test/rules/RULE-6-3/test.c @@ -0,0 +1,21 @@ +union U1 { + int x; // COMPLIANT + char y; // COMPLIANT +}; + +union U2 { + int x: 2; // NON-COMPLIANT + char y; // COMPLIANT +}; + +union U3 { + struct str { + int x: 4; // COMPLIANT + int y: 2; // COMPLIANT + }; +}; + +union U4 { + char x; + int :0; // NON-COMPLIANT +}; \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/BitfieldTypes2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/BitfieldTypes2.qll new file mode 100644 index 0000000000..ca116bb51c --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/BitfieldTypes2.qll @@ -0,0 +1,26 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype BitfieldTypes2Query = TBitFieldDeclaredAsMemberOfAUnionQuery() + +predicate isBitfieldTypes2QueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `bitFieldDeclaredAsMemberOfAUnion` query + BitfieldTypes2Package::bitFieldDeclaredAsMemberOfAUnionQuery() and + queryId = + // `@id` for the `bitFieldDeclaredAsMemberOfAUnion` query + "c/misra/bit-field-declared-as-member-of-a-union" and + ruleId = "RULE-6-3" and + category = "required" +} + +module BitfieldTypes2Package { + Query bitFieldDeclaredAsMemberOfAUnionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `bitFieldDeclaredAsMemberOfAUnion` query + TQueryC(TBitfieldTypes2PackageQuery(TBitFieldDeclaredAsMemberOfAUnionQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index c2771f4171..2ddc5138b8 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -4,6 +4,7 @@ import codingstandards.cpp.exclusions.RuleMetadata //** Import packages for this language **/ import Banned import BitfieldTypes +import BitfieldTypes2 import Concurrency1 import Concurrency2 import Concurrency3 @@ -75,6 +76,7 @@ import Types1 newtype TCQuery = TBannedPackageQuery(BannedQuery q) or TBitfieldTypesPackageQuery(BitfieldTypesQuery q) or + TBitfieldTypes2PackageQuery(BitfieldTypes2Query q) or TConcurrency1PackageQuery(Concurrency1Query q) or TConcurrency2PackageQuery(Concurrency2Query q) or TConcurrency3PackageQuery(Concurrency3Query q) or @@ -146,6 +148,7 @@ newtype TCQuery = predicate isQueryMetadata(Query query, string queryId, string ruleId, string category) { isBannedQueryMetadata(query, queryId, ruleId, category) or isBitfieldTypesQueryMetadata(query, queryId, ruleId, category) or + isBitfieldTypes2QueryMetadata(query, queryId, ruleId, category) or isConcurrency1QueryMetadata(query, queryId, ruleId, category) or isConcurrency2QueryMetadata(query, queryId, ruleId, category) or isConcurrency3QueryMetadata(query, queryId, ruleId, category) or diff --git a/rule_packages/c/BitfieldTypes2.json b/rule_packages/c/BitfieldTypes2.json new file mode 100644 index 0000000000..d916421b1f --- /dev/null +++ b/rule_packages/c/BitfieldTypes2.json @@ -0,0 +1,21 @@ +{ + "MISRA-C-2012": { + "RULE-6-3": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Type punning on a union with bit fields relies on implementation-specific alignment behavior.", + "kind": "problem", + "name": "A bit field shall not be declared as a member of a union", + "precision": "very-high", + "severity": "warning", + "short_name": "BitFieldDeclaredAsMemberOfAUnion", + "tags": ["correctness"] + } + ], + "title": "A bit field shall not be declared as a member of a union" + } + } +} \ No newline at end of file From 0ccbf48e1493bb4b8e1fb4c1855fd2b130fed610 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 20 Sep 2024 11:21:50 -0700 Subject: [PATCH 1984/2573] Add "implemented" column to amendments.csv --- amendments.csv | 100 ++++++++++++++++++++++++------------------------- 1 file changed, 50 insertions(+), 50 deletions(-) diff --git a/amendments.csv b/amendments.csv index 9fc03ae951..ae6c85e7d1 100644 --- a/amendments.csv +++ b/amendments.csv @@ -1,50 +1,50 @@ -language,standard,amendment,rule_id,queryable,implementation_category,difficulty -c,misra-c-2012,Amendment3,DIR-4-6,Yes,Expand,Easy -c,misra-c-2012,Amendment3,DIR-4-9,Yes,Refine,Easy -c,misra-c-2012,Amendment3,DIR-4-11,Yes,Refine,Import -c,misra-c-2012,Amendment3,RULE-1-4,Yes,Replace,Easy -c,misra-c-2012,Amendment3,RULE-10-1,Yes,Replace,Easy -c,misra-c-2012,Amendment3,RULE-10-3,Yes,Refine,Easy -c,misra-c-2012,Amendment3,RULE-10-4,Yes,Refine,Import -c,misra-c-2012,Amendment3,RULE-10-5,Yes,Expand,Easy -c,misra-c-2012,Amendment3,RULE-10-7,Yes,Refine,Import -c,misra-c-2012,Amendment3,RULE-10-8,Yes,Refine,Import -c,misra-c-2012,Amendment3,RULE-21-11,Yes,Clarification,Import -c,misra-c-2012,Amendment3,RULE-21-12,Yes,Replace,Easy -c,misra-c-2012,Amendment4,RULE-11-3,Yes,Expand,Easy -c,misra-c-2012,Amendment4,RULE-11-8,Yes,Expand,Easy -c,misra-c-2012,Amendment4,RULE-13-2,Yes,Expand,Very Hard -c,misra-c-2012,Amendment4,RULE-18-6,Yes,Expand,Medium -c,misra-c-2012,Amendment4,RULE-18-8,Yes,Split,Easy -c,misra-c-2012,Corrigendum2,RULE-2-2,Yes,Clarification,Import -c,misra-c-2012,Corrigendum2,RULE-2-7,Yes,Clarification,Import -c,misra-c-2012,Corrigendum2,RULE-3-1,Yes,Refine,Easy -c,misra-c-2012,Corrigendum2,RULE-8-6,Yes,Clarification,Import -c,misra-c-2012,Corrigendum2,RULE-8-9,Yes,Clarification,Import -c,misra-c-2012,Corrigendum2,RULE-9-4,Yes,Clarification,Import -c,misra-c-2012,Corrigendum2,RULE-10-1,Yes,Clarification,Import -c,misra-c-2012,Corrigendum2,RULE-18-3,Yes,Clarification,Import -c,misra-c-2012,Corrigendum2,RULE-1-4,Yes,Replace,Easy -c,misra-c-2012,Corrigendum2,RULE-9-1,Yes,Refine,Easy -c,misra-c-2012,Corrigendum2,RULE-9-2,Yes,Refine,Import -c,misra-c-2012,Corrigendum2,DIR-4-10,Yes,Clarification,Import -c,misra-c-2012,Corrigendum2,RULE-7-4,Yes,Refine,Easy -c,misra-c-2012,Corrigendum2,RULE-8-2,Yes,Clarification,Import -c,misra-c-2012,Corrigendum2,RULE-8-3,Yes,Refine,Easy -c,misra-c-2012,Corrigendum2,RULE-8-7,Yes,Clarification,Import -c,misra-c-2012,Corrigendum2,RULE-10-1,Yes,Clarification,Import -c,misra-c-2012,Corrigendum2,RULE-10-2,Yes,Refine,Easy -c,misra-c-2012,Corrigendum2,RULE-10-3,Yes,Clarification,Import -c,misra-c-2012,Corrigendum2,RULE-11-3,Yes,Clarification,Import -c,misra-c-2012,Corrigendum2,RULE-11-6,Yes,Clarification,Import -c,misra-c-2012,Corrigendum2,RULE-13-2,Yes,Clarification,Import -c,misra-c-2012,Corrigendum2,RULE-13-6,Yes,Clarification,Import -c,misra-c-2012,Corrigendum2,RULE-14-3,Yes,Refine,Easy -c,misra-c-2012,Corrigendum2,RULE-15-7,Yes,Clarification,Import -c,misra-c-2012,Corrigendum2,RULE-17-4,Yes,Clarification,Import -c,misra-c-2012,Corrigendum2,RULE-17-5,Yes,Clarification,Import -c,misra-c-2012,Corrigendum2,RULE-18-1,Yes,Refine,Easy -c,misra-c-2012,Corrigendum2,RULE-20-14,Yes,Clarification,Import -c,misra-c-2012,Corrigendum2,RULE-21-19,Yes,Clarification,Import -c,misra-c-2012,Corrigendum2,RULE-21-20,Yes,Refine,Easy -c,misra-c-2012,Corrigendum2,RULE-22-9,Yes,Clarification,Import \ No newline at end of file +language,standard,amendment,rule_id,queryable,implementation_category,implemented,difficulty +c,misra-c-2012,Amendment3,DIR-4-6,Yes,Expand,No,Easy +c,misra-c-2012,Amendment3,DIR-4-9,Yes,Refine,No,Easy +c,misra-c-2012,Amendment3,DIR-4-11,Yes,Refine,No,Import +c,misra-c-2012,Amendment3,RULE-1-4,Yes,Replace,No,Easy +c,misra-c-2012,Amendment3,RULE-10-1,Yes,Replace,No,Easy +c,misra-c-2012,Amendment3,RULE-10-3,Yes,Refine,No,Easy +c,misra-c-2012,Amendment3,RULE-10-4,Yes,Refine,No,Import +c,misra-c-2012,Amendment3,RULE-10-5,Yes,Expand,No,Easy +c,misra-c-2012,Amendment3,RULE-10-7,Yes,Refine,No,Import +c,misra-c-2012,Amendment3,RULE-10-8,Yes,Refine,No,Import +c,misra-c-2012,Amendment3,RULE-21-11,Yes,Clarification,No,Import +c,misra-c-2012,Amendment3,RULE-21-12,Yes,Replace,No,Easy +c,misra-c-2012,Amendment4,RULE-11-3,Yes,Expand,No,Easy +c,misra-c-2012,Amendment4,RULE-11-8,Yes,Expand,No,Easy +c,misra-c-2012,Amendment4,RULE-13-2,Yes,Expand,No,Very Hard +c,misra-c-2012,Amendment4,RULE-18-6,Yes,Expand,No,Medium +c,misra-c-2012,Amendment4,RULE-18-8,Yes,Split,No,Easy +c,misra-c-2012,Corrigendum2,RULE-2-2,Yes,Clarification,No,Import +c,misra-c-2012,Corrigendum2,RULE-2-7,Yes,Clarification,No,Import +c,misra-c-2012,Corrigendum2,RULE-3-1,Yes,Refine,No,Easy +c,misra-c-2012,Corrigendum2,RULE-8-6,Yes,Clarification,No,Import +c,misra-c-2012,Corrigendum2,RULE-8-9,Yes,Clarification,No,Import +c,misra-c-2012,Corrigendum2,RULE-9-4,Yes,Clarification,No,Import +c,misra-c-2012,Corrigendum2,RULE-10-1,Yes,Clarification,No,Import +c,misra-c-2012,Corrigendum2,RULE-18-3,Yes,Clarification,No,Import +c,misra-c-2012,Corrigendum2,RULE-1-4,Yes,Replace,No,Easy +c,misra-c-2012,Corrigendum2,RULE-9-1,Yes,Refine,No,Easy +c,misra-c-2012,Corrigendum2,RULE-9-2,Yes,Refine,No,Import +c,misra-c-2012,Corrigendum2,DIR-4-10,Yes,Clarification,No,Import +c,misra-c-2012,Corrigendum2,RULE-7-4,Yes,Refine,No,Easy +c,misra-c-2012,Corrigendum2,RULE-8-2,Yes,Clarification,No,Import +c,misra-c-2012,Corrigendum2,RULE-8-3,Yes,Refine,No,Easy +c,misra-c-2012,Corrigendum2,RULE-8-7,Yes,Clarification,No,Import +c,misra-c-2012,Corrigendum2,RULE-10-1,Yes,Clarification,No,Import +c,misra-c-2012,Corrigendum2,RULE-10-2,Yes,Refine,No,Easy +c,misra-c-2012,Corrigendum2,RULE-10-3,Yes,Clarification,No,Import +c,misra-c-2012,Corrigendum2,RULE-11-3,Yes,Clarification,No,Import +c,misra-c-2012,Corrigendum2,RULE-11-6,Yes,Clarification,No,Import +c,misra-c-2012,Corrigendum2,RULE-13-2,Yes,Clarification,No,Import +c,misra-c-2012,Corrigendum2,RULE-13-6,Yes,Clarification,No,Import +c,misra-c-2012,Corrigendum2,RULE-14-3,Yes,Refine,No,Easy +c,misra-c-2012,Corrigendum2,RULE-15-7,Yes,Clarification,No,Import +c,misra-c-2012,Corrigendum2,RULE-17-4,Yes,Clarification,No,Import +c,misra-c-2012,Corrigendum2,RULE-17-5,Yes,Clarification,No,Import +c,misra-c-2012,Corrigendum2,RULE-18-1,Yes,Refine,No,Easy +c,misra-c-2012,Corrigendum2,RULE-20-14,Yes,Clarification,No,Import +c,misra-c-2012,Corrigendum2,RULE-21-19,Yes,Clarification,No,Import +c,misra-c-2012,Corrigendum2,RULE-21-20,Yes,Refine,No,Easy +c,misra-c-2012,Corrigendum2,RULE-22-9,Yes,Clarification,No,Import \ No newline at end of file From 9c0e6baa1ef4a6d890662bf7c18dcdb523fac63a Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 20 Sep 2024 11:28:02 -0700 Subject: [PATCH 1985/2573] clang format --- c/misra/test/rules/RULE-6-3/test.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/c/misra/test/rules/RULE-6-3/test.c b/c/misra/test/rules/RULE-6-3/test.c index 74b7cb86ea..1de648d294 100644 --- a/c/misra/test/rules/RULE-6-3/test.c +++ b/c/misra/test/rules/RULE-6-3/test.c @@ -1,21 +1,21 @@ union U1 { - int x; // COMPLIANT + int x; // COMPLIANT char y; // COMPLIANT }; union U2 { - int x: 2; // NON-COMPLIANT - char y; // COMPLIANT + int x : 2; // NON-COMPLIANT + char y; // COMPLIANT }; union U3 { - struct str { - int x: 4; // COMPLIANT - int y: 2; // COMPLIANT - }; + struct str { + int x : 4; // COMPLIANT + int y : 2; // COMPLIANT + }; }; union U4 { char x; - int :0; // NON-COMPLIANT + int : 0; // NON-COMPLIANT }; \ No newline at end of file From ba844d1698b99247842f830dfbfa871f46d1fa98 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 20 Sep 2024 11:35:20 -0700 Subject: [PATCH 1986/2573] Format codeql query --- .../src/rules/RULE-6-3/BitFieldDeclaredAsMemberOfAUnion.ql | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/c/misra/src/rules/RULE-6-3/BitFieldDeclaredAsMemberOfAUnion.ql b/c/misra/src/rules/RULE-6-3/BitFieldDeclaredAsMemberOfAUnion.ql index c91f25da10..5fcf938046 100644 --- a/c/misra/src/rules/RULE-6-3/BitFieldDeclaredAsMemberOfAUnion.ql +++ b/c/misra/src/rules/RULE-6-3/BitFieldDeclaredAsMemberOfAUnion.ql @@ -18,5 +18,6 @@ from BitField field, Union u where not isExcluded(field, BitfieldTypes2Package::bitFieldDeclaredAsMemberOfAUnionQuery()) and u.getAField() = field -select - field, "Union member " + field.getName() + " is declared as a bit field which relies on implementation-specific behavior." \ No newline at end of file +select field, + "Union member " + field.getName() + + " is declared as a bit field which relies on implementation-specific behavior." From 58fa16a218df4273db22ed24ba795263833567e6 Mon Sep 17 00:00:00 2001 From: Michael R Fairhurst Date: Tue, 17 Sep 2024 00:16:26 +0000 Subject: [PATCH 1987/2573] Detect compilations with no warnings when '-w' flag is present. Gcc may be compiled to auto include warnings such as -Wformat. However, passing in `-w` will suppress the enabled format warnings. The previous query would not raise an issue, as it saw the `-Wformat` flag etc, even though if `-w` was present, causing gcc to run with no warnings enabled. --- .../CompilerWarningLevelNotInCompliance.ql | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/cpp/autosar/src/rules/A1-1-2/CompilerWarningLevelNotInCompliance.ql b/cpp/autosar/src/rules/A1-1-2/CompilerWarningLevelNotInCompliance.ql index bd98ad9162..b22ffa9e29 100644 --- a/cpp/autosar/src/rules/A1-1-2/CompilerWarningLevelNotInCompliance.ql +++ b/cpp/autosar/src/rules/A1-1-2/CompilerWarningLevelNotInCompliance.ql @@ -18,15 +18,19 @@ import cpp import codingstandards.cpp.autosar -predicate hasResponseFileArgument(Compilation c) { c.getAnArgument().matches("@%") } +class CompilationWithNoWarnings extends Compilation { + CompilationWithNoWarnings() { + getAnArgument() = "-w" + or not getAnArgument().regexpMatch("-W[\\w=-]+") + } +} -predicate hasWarningOption(Compilation c) { c.getAnArgument().regexpMatch("-W[\\w=-]+") } +predicate hasResponseFileArgument(Compilation c) { c.getAnArgument().matches("@%") } from File f where not isExcluded(f, ToolchainPackage::compilerWarningLevelNotInComplianceQuery()) and - exists(Compilation c | f = c.getAFileCompiled() | - not hasResponseFileArgument(c) and - not hasWarningOption(c) + exists(CompilationWithNoWarnings c | f = c.getAFileCompiled() | + not hasResponseFileArgument(c) ) -select f, "No warning-level options were used in the compilation of '" + f.getBaseName() + "'." +select f, "No warning-level options were used in the compilation of '" + f.getBaseName() + "'." \ No newline at end of file From 89464ce521164ce6bc3b679ddbc7f9b3b561b4f0 Mon Sep 17 00:00:00 2001 From: Michael R Fairhurst Date: Tue, 17 Sep 2024 00:42:28 +0000 Subject: [PATCH 1988/2573] fix formatting --- .../rules/A1-1-2/CompilerWarningLevelNotInCompliance.ql | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/cpp/autosar/src/rules/A1-1-2/CompilerWarningLevelNotInCompliance.ql b/cpp/autosar/src/rules/A1-1-2/CompilerWarningLevelNotInCompliance.ql index b22ffa9e29..f21a70e776 100644 --- a/cpp/autosar/src/rules/A1-1-2/CompilerWarningLevelNotInCompliance.ql +++ b/cpp/autosar/src/rules/A1-1-2/CompilerWarningLevelNotInCompliance.ql @@ -20,8 +20,8 @@ import codingstandards.cpp.autosar class CompilationWithNoWarnings extends Compilation { CompilationWithNoWarnings() { - getAnArgument() = "-w" - or not getAnArgument().regexpMatch("-W[\\w=-]+") + getAnArgument() = "-w" or + not getAnArgument().regexpMatch("-W[\\w=-]+") } } @@ -30,7 +30,5 @@ predicate hasResponseFileArgument(Compilation c) { c.getAnArgument().matches("@% from File f where not isExcluded(f, ToolchainPackage::compilerWarningLevelNotInComplianceQuery()) and - exists(CompilationWithNoWarnings c | f = c.getAFileCompiled() | - not hasResponseFileArgument(c) - ) + exists(CompilationWithNoWarnings c | f = c.getAFileCompiled() | not hasResponseFileArgument(c)) select f, "No warning-level options were used in the compilation of '" + f.getBaseName() + "'." \ No newline at end of file From 88872a42fa12d84337ce712245be550744f30218 Mon Sep 17 00:00:00 2001 From: Michael R Fairhurst Date: Tue, 17 Sep 2024 22:32:56 +0000 Subject: [PATCH 1989/2573] Update test expectations -- codeql run test expects noncompliance. --- .../CompilerWarningLevelNotInCompliance.expected | 1 + ...pilerWarningLevelNotInCompliance.expected.clang | 0 ...ompilerWarningLevelNotInCompliance.expected.gcc | 0 ...ompilerWarningLevelNotInCompliance.expected.qcc | 0 .../test/rules/A1-1-2.2/Wcast-function-type.cpp | 14 +++++++++++++- .../CompilerWarningLevelNotInCompliance.expected | 1 + ...pilerWarningLevelNotInCompliance.expected.clang | 0 ...ompilerWarningLevelNotInCompliance.expected.gcc | 0 ...ompilerWarningLevelNotInCompliance.expected.qcc | 0 cpp/autosar/test/rules/A1-1-2/Wall.cpp | 12 +++++++++++- 10 files changed, 26 insertions(+), 2 deletions(-) create mode 100644 cpp/autosar/test/rules/A1-1-2.2/CompilerWarningLevelNotInCompliance.expected.clang create mode 100644 cpp/autosar/test/rules/A1-1-2.2/CompilerWarningLevelNotInCompliance.expected.gcc create mode 100644 cpp/autosar/test/rules/A1-1-2.2/CompilerWarningLevelNotInCompliance.expected.qcc create mode 100644 cpp/autosar/test/rules/A1-1-2/CompilerWarningLevelNotInCompliance.expected.clang create mode 100644 cpp/autosar/test/rules/A1-1-2/CompilerWarningLevelNotInCompliance.expected.gcc create mode 100644 cpp/autosar/test/rules/A1-1-2/CompilerWarningLevelNotInCompliance.expected.qcc diff --git a/cpp/autosar/test/rules/A1-1-2.2/CompilerWarningLevelNotInCompliance.expected b/cpp/autosar/test/rules/A1-1-2.2/CompilerWarningLevelNotInCompliance.expected index e69de29bb2..81a5c4327e 100644 --- a/cpp/autosar/test/rules/A1-1-2.2/CompilerWarningLevelNotInCompliance.expected +++ b/cpp/autosar/test/rules/A1-1-2.2/CompilerWarningLevelNotInCompliance.expected @@ -0,0 +1 @@ +| Wcast-function-type.cpp:0:0:0:0 | Wcast-function-type.cpp | No warning-level options were used in the compilation of 'Wcast-function-type.cpp'. | diff --git a/cpp/autosar/test/rules/A1-1-2.2/CompilerWarningLevelNotInCompliance.expected.clang b/cpp/autosar/test/rules/A1-1-2.2/CompilerWarningLevelNotInCompliance.expected.clang new file mode 100644 index 0000000000..e69de29bb2 diff --git a/cpp/autosar/test/rules/A1-1-2.2/CompilerWarningLevelNotInCompliance.expected.gcc b/cpp/autosar/test/rules/A1-1-2.2/CompilerWarningLevelNotInCompliance.expected.gcc new file mode 100644 index 0000000000..e69de29bb2 diff --git a/cpp/autosar/test/rules/A1-1-2.2/CompilerWarningLevelNotInCompliance.expected.qcc b/cpp/autosar/test/rules/A1-1-2.2/CompilerWarningLevelNotInCompliance.expected.qcc new file mode 100644 index 0000000000..e69de29bb2 diff --git a/cpp/autosar/test/rules/A1-1-2.2/Wcast-function-type.cpp b/cpp/autosar/test/rules/A1-1-2.2/Wcast-function-type.cpp index f405349bbb..79e42b4039 100644 --- a/cpp/autosar/test/rules/A1-1-2.2/Wcast-function-type.cpp +++ b/cpp/autosar/test/rules/A1-1-2.2/Wcast-function-type.cpp @@ -1,2 +1,14 @@ // semmle-extractor-options: --clang -std=c++14 -Wcast-function-type -// COMPLIANT \ No newline at end of file +// COMPLIAN + +// NOTE: When tested with `codeql test run`, the test extractor provides `-w` +// which overrides `-Wcast-function-type` and causes this test case to be +// non-compliant. +// +// However, when tested with our compiler matrix tests, this test db is built +// via `codeql database create --command="..."`, and the `-w` flag will NOT be +// used. This means the `-Wcast-function-type` flag is active and the test case +// is compliant. +// +// Therefore, the .expected file for this test expects non-compliance, and the +// .expected.gcc and .expected.clang files expect this test to be compliant. \ No newline at end of file diff --git a/cpp/autosar/test/rules/A1-1-2/CompilerWarningLevelNotInCompliance.expected b/cpp/autosar/test/rules/A1-1-2/CompilerWarningLevelNotInCompliance.expected index e69de29bb2..82ff1c0c36 100644 --- a/cpp/autosar/test/rules/A1-1-2/CompilerWarningLevelNotInCompliance.expected +++ b/cpp/autosar/test/rules/A1-1-2/CompilerWarningLevelNotInCompliance.expected @@ -0,0 +1 @@ +| Wall.cpp:0:0:0:0 | Wall.cpp | No warning-level options were used in the compilation of 'Wall.cpp'. | \ No newline at end of file diff --git a/cpp/autosar/test/rules/A1-1-2/CompilerWarningLevelNotInCompliance.expected.clang b/cpp/autosar/test/rules/A1-1-2/CompilerWarningLevelNotInCompliance.expected.clang new file mode 100644 index 0000000000..e69de29bb2 diff --git a/cpp/autosar/test/rules/A1-1-2/CompilerWarningLevelNotInCompliance.expected.gcc b/cpp/autosar/test/rules/A1-1-2/CompilerWarningLevelNotInCompliance.expected.gcc new file mode 100644 index 0000000000..e69de29bb2 diff --git a/cpp/autosar/test/rules/A1-1-2/CompilerWarningLevelNotInCompliance.expected.qcc b/cpp/autosar/test/rules/A1-1-2/CompilerWarningLevelNotInCompliance.expected.qcc new file mode 100644 index 0000000000..e69de29bb2 diff --git a/cpp/autosar/test/rules/A1-1-2/Wall.cpp b/cpp/autosar/test/rules/A1-1-2/Wall.cpp index cb21e0601e..b42189a8d1 100644 --- a/cpp/autosar/test/rules/A1-1-2/Wall.cpp +++ b/cpp/autosar/test/rules/A1-1-2/Wall.cpp @@ -1,2 +1,12 @@ // semmle-extractor-options: --clang -std=c++14 -Wall -// COMPLIANT \ No newline at end of file +// COMPLIANT + +// NOTE: When tested with `codeql test run`, the test extractor provides `-w` +// which overrides `-Wall` and causes this test case to be non-compliant. +// +// However, when tested with our compiler matrix tests, this test db is built +// via `codeql database create --command="..."`, and the `-w` flag will NOT be +// used. This means the `-Wall` flag is active and the test case is compliant. +// +// Therefore, the .expected file for this test expects non-compliance, and the +// .expected.gcc and .expected.clang files expect this test to be compliant. \ No newline at end of file From 495b32e340bdb7531abdb93bab1f9a03cbe5f7cd Mon Sep 17 00:00:00 2001 From: Michael R Fairhurst Date: Wed, 18 Sep 2024 00:18:59 +0000 Subject: [PATCH 1990/2573] Add newline to EOF --- .../src/rules/A1-1-2/CompilerWarningLevelNotInCompliance.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/src/rules/A1-1-2/CompilerWarningLevelNotInCompliance.ql b/cpp/autosar/src/rules/A1-1-2/CompilerWarningLevelNotInCompliance.ql index f21a70e776..60efab251a 100644 --- a/cpp/autosar/src/rules/A1-1-2/CompilerWarningLevelNotInCompliance.ql +++ b/cpp/autosar/src/rules/A1-1-2/CompilerWarningLevelNotInCompliance.ql @@ -31,4 +31,4 @@ from File f where not isExcluded(f, ToolchainPackage::compilerWarningLevelNotInComplianceQuery()) and exists(CompilationWithNoWarnings c | f = c.getAFileCompiled() | not hasResponseFileArgument(c)) -select f, "No warning-level options were used in the compilation of '" + f.getBaseName() + "'." \ No newline at end of file +select f, "No warning-level options were used in the compilation of '" + f.getBaseName() + "'." From 4b821be80dff4af5f0c60762c3615b8d7f6a5ef4 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 20 Sep 2024 14:35:40 -0700 Subject: [PATCH 1991/2573] Add changelog. --- change_notes/2024-9-20-a1-1-2-improvements.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 change_notes/2024-9-20-a1-1-2-improvements.md diff --git a/change_notes/2024-9-20-a1-1-2-improvements.md b/change_notes/2024-9-20-a1-1-2-improvements.md new file mode 100644 index 0000000000..25e393954b --- /dev/null +++ b/change_notes/2024-9-20-a1-1-2-improvements.md @@ -0,0 +1,2 @@ +- `A1-1-2` - `CompilerWarningLevelNotInCompliance.ql`: + - Report non-compliance for compilations that use the error-suppressing `-w` flag. From aa945830dd6dce3300ace0f27c6c09e4b3e76ba9 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 20 Sep 2024 14:39:29 -0700 Subject: [PATCH 1992/2573] fix typo --- cpp/autosar/test/rules/A1-1-2.2/Wcast-function-type.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/test/rules/A1-1-2.2/Wcast-function-type.cpp b/cpp/autosar/test/rules/A1-1-2.2/Wcast-function-type.cpp index 79e42b4039..bc48268931 100644 --- a/cpp/autosar/test/rules/A1-1-2.2/Wcast-function-type.cpp +++ b/cpp/autosar/test/rules/A1-1-2.2/Wcast-function-type.cpp @@ -1,5 +1,5 @@ // semmle-extractor-options: --clang -std=c++14 -Wcast-function-type -// COMPLIAN +// COMPLIANT // NOTE: When tested with `codeql test run`, the test extractor provides `-w` // which overrides `-Wcast-function-type` and causes this test case to be @@ -11,4 +11,4 @@ // is compliant. // // Therefore, the .expected file for this test expects non-compliance, and the -// .expected.gcc and .expected.clang files expect this test to be compliant. \ No newline at end of file +// .expected.gcc and .expected.clang files expect this test to be compliant. From 24adddae97cc5b19bc954a8eecf0f7aa0ec6adbc Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 20 Sep 2024 15:39:07 -0700 Subject: [PATCH 1993/2573] Add script that verifies amendements.csv, add to workflow. --- .github/workflows/validate-package-files.yml | 8 +- amendments.csv | 99 +++++++------- scripts/validate-amendments-csv.py | 128 +++++++++++++++++++ 3 files changed, 184 insertions(+), 51 deletions(-) create mode 100644 scripts/validate-amendments-csv.py diff --git a/.github/workflows/validate-package-files.yml b/.github/workflows/validate-package-files.yml index 0573b00590..28f265c197 100644 --- a/.github/workflows/validate-package-files.yml +++ b/.github/workflows/validate-package-files.yml @@ -56,4 +56,10 @@ jobs: find rule_packages/$LANGUAGE -name \*.json -exec basename {} .json \; | xargs python scripts/generate_rules/generate_package_files.py $LANGUAGE git diff git diff --compact-summary - git diff --quiet \ No newline at end of file + git diff --quiet + + - name: Validate Amendments + env: + LANGUAGE: ${{ matrix.language }} + run: | + python scripts/verify_amendments-csv.py $LANGUAGE \ No newline at end of file diff --git a/amendments.csv b/amendments.csv index ae6c85e7d1..cd0085493e 100644 --- a/amendments.csv +++ b/amendments.csv @@ -1,50 +1,49 @@ -language,standard,amendment,rule_id,queryable,implementation_category,implemented,difficulty -c,misra-c-2012,Amendment3,DIR-4-6,Yes,Expand,No,Easy -c,misra-c-2012,Amendment3,DIR-4-9,Yes,Refine,No,Easy -c,misra-c-2012,Amendment3,DIR-4-11,Yes,Refine,No,Import -c,misra-c-2012,Amendment3,RULE-1-4,Yes,Replace,No,Easy -c,misra-c-2012,Amendment3,RULE-10-1,Yes,Replace,No,Easy -c,misra-c-2012,Amendment3,RULE-10-3,Yes,Refine,No,Easy -c,misra-c-2012,Amendment3,RULE-10-4,Yes,Refine,No,Import -c,misra-c-2012,Amendment3,RULE-10-5,Yes,Expand,No,Easy -c,misra-c-2012,Amendment3,RULE-10-7,Yes,Refine,No,Import -c,misra-c-2012,Amendment3,RULE-10-8,Yes,Refine,No,Import -c,misra-c-2012,Amendment3,RULE-21-11,Yes,Clarification,No,Import -c,misra-c-2012,Amendment3,RULE-21-12,Yes,Replace,No,Easy -c,misra-c-2012,Amendment4,RULE-11-3,Yes,Expand,No,Easy -c,misra-c-2012,Amendment4,RULE-11-8,Yes,Expand,No,Easy -c,misra-c-2012,Amendment4,RULE-13-2,Yes,Expand,No,Very Hard -c,misra-c-2012,Amendment4,RULE-18-6,Yes,Expand,No,Medium -c,misra-c-2012,Amendment4,RULE-18-8,Yes,Split,No,Easy -c,misra-c-2012,Corrigendum2,RULE-2-2,Yes,Clarification,No,Import -c,misra-c-2012,Corrigendum2,RULE-2-7,Yes,Clarification,No,Import -c,misra-c-2012,Corrigendum2,RULE-3-1,Yes,Refine,No,Easy -c,misra-c-2012,Corrigendum2,RULE-8-6,Yes,Clarification,No,Import -c,misra-c-2012,Corrigendum2,RULE-8-9,Yes,Clarification,No,Import -c,misra-c-2012,Corrigendum2,RULE-9-4,Yes,Clarification,No,Import -c,misra-c-2012,Corrigendum2,RULE-10-1,Yes,Clarification,No,Import -c,misra-c-2012,Corrigendum2,RULE-18-3,Yes,Clarification,No,Import -c,misra-c-2012,Corrigendum2,RULE-1-4,Yes,Replace,No,Easy -c,misra-c-2012,Corrigendum2,RULE-9-1,Yes,Refine,No,Easy -c,misra-c-2012,Corrigendum2,RULE-9-2,Yes,Refine,No,Import -c,misra-c-2012,Corrigendum2,DIR-4-10,Yes,Clarification,No,Import -c,misra-c-2012,Corrigendum2,RULE-7-4,Yes,Refine,No,Easy -c,misra-c-2012,Corrigendum2,RULE-8-2,Yes,Clarification,No,Import -c,misra-c-2012,Corrigendum2,RULE-8-3,Yes,Refine,No,Easy -c,misra-c-2012,Corrigendum2,RULE-8-7,Yes,Clarification,No,Import -c,misra-c-2012,Corrigendum2,RULE-10-1,Yes,Clarification,No,Import -c,misra-c-2012,Corrigendum2,RULE-10-2,Yes,Refine,No,Easy -c,misra-c-2012,Corrigendum2,RULE-10-3,Yes,Clarification,No,Import -c,misra-c-2012,Corrigendum2,RULE-11-3,Yes,Clarification,No,Import -c,misra-c-2012,Corrigendum2,RULE-11-6,Yes,Clarification,No,Import -c,misra-c-2012,Corrigendum2,RULE-13-2,Yes,Clarification,No,Import -c,misra-c-2012,Corrigendum2,RULE-13-6,Yes,Clarification,No,Import -c,misra-c-2012,Corrigendum2,RULE-14-3,Yes,Refine,No,Easy -c,misra-c-2012,Corrigendum2,RULE-15-7,Yes,Clarification,No,Import -c,misra-c-2012,Corrigendum2,RULE-17-4,Yes,Clarification,No,Import -c,misra-c-2012,Corrigendum2,RULE-17-5,Yes,Clarification,No,Import -c,misra-c-2012,Corrigendum2,RULE-18-1,Yes,Refine,No,Easy -c,misra-c-2012,Corrigendum2,RULE-20-14,Yes,Clarification,No,Import -c,misra-c-2012,Corrigendum2,RULE-21-19,Yes,Clarification,No,Import -c,misra-c-2012,Corrigendum2,RULE-21-20,Yes,Refine,No,Easy -c,misra-c-2012,Corrigendum2,RULE-22-9,Yes,Clarification,No,Import \ No newline at end of file +language,standard,amendment,rule_id,supportable,implementation_category,implemented,difficulty +c,MISRA-C-2012,Amendment3,DIR-4-6,Yes,Expand,No,Easy +c,MISRA-C-2012,Amendment3,DIR-4-9,Yes,Refine,No,Easy +c,MISRA-C-2012,Amendment3,DIR-4-11,Yes,Refine,No,Import +c,MISRA-C-2012,Amendment3,RULE-1-4,Yes,Replace,No,Easy +c,MISRA-C-2012,Amendment3,RULE-10-1,Yes,Replace,No,Easy +c,MISRA-C-2012,Amendment3,RULE-10-3,Yes,Refine,No,Easy +c,MISRA-C-2012,Amendment3,RULE-10-4,Yes,Refine,No,Import +c,MISRA-C-2012,Amendment3,RULE-10-5,Yes,Expand,No,Easy +c,MISRA-C-2012,Amendment3,RULE-10-7,Yes,Refine,No,Import +c,MISRA-C-2012,Amendment3,RULE-10-8,Yes,Refine,No,Import +c,MISRA-C-2012,Amendment3,RULE-21-11,Yes,Clarification,No,Import +c,MISRA-C-2012,Amendment3,RULE-21-12,Yes,Replace,No,Easy +c,MISRA-C-2012,Amendment4,RULE-11-3,Yes,Expand,No,Easy +c,MISRA-C-2012,Amendment4,RULE-11-8,Yes,Expand,No,Easy +c,MISRA-C-2012,Amendment4,RULE-13-2,Yes,Expand,No,Very Hard +c,MISRA-C-2012,Amendment4,RULE-18-6,Yes,Expand,No,Medium +c,MISRA-C-2012,Amendment4,RULE-18-8,Yes,Split,No,Easy +c,MISRA-C-2012,Corrigendum2,RULE-2-2,Yes,Clarification,No,Import +c,MISRA-C-2012,Corrigendum2,RULE-2-7,Yes,Clarification,No,Import +c,MISRA-C-2012,Corrigendum2,RULE-3-1,Yes,Refine,No,Easy +c,MISRA-C-2012,Corrigendum2,RULE-8-6,Yes,Clarification,No,Import +c,MISRA-C-2012,Corrigendum2,RULE-8-9,Yes,Clarification,No,Import +c,MISRA-C-2012,Corrigendum2,RULE-9-4,Yes,Clarification,No,Import +c,MISRA-C-2012,Corrigendum2,RULE-10-1,Yes,Clarification,No,Import +c,MISRA-C-2012,Corrigendum2,RULE-18-3,Yes,Clarification,No,Import +c,MISRA-C-2012,Corrigendum2,RULE-1-4,Yes,Replace,No,Easy +c,MISRA-C-2012,Corrigendum2,RULE-9-1,Yes,Refine,No,Easy +c,MISRA-C-2012,Corrigendum2,RULE-9-2,Yes,Refine,No,Import +c,MISRA-C-2012,Corrigendum2,DIR-4-10,Yes,Clarification,No,Import +c,MISRA-C-2012,Corrigendum2,RULE-7-4,Yes,Refine,No,Easy +c,MISRA-C-2012,Corrigendum2,RULE-8-2,Yes,Clarification,No,Import +c,MISRA-C-2012,Corrigendum2,RULE-8-3,Yes,Refine,No,Easy +c,MISRA-C-2012,Corrigendum2,RULE-8-7,Yes,Clarification,No,Import +c,MISRA-C-2012,Corrigendum2,RULE-10-2,Yes,Refine,No,Easy +c,MISRA-C-2012,Corrigendum2,RULE-10-3,Yes,Clarification,No,Import +c,MISRA-C-2012,Corrigendum2,RULE-11-3,Yes,Clarification,No,Import +c,MISRA-C-2012,Corrigendum2,RULE-11-6,Yes,Clarification,No,Import +c,MISRA-C-2012,Corrigendum2,RULE-13-2,Yes,Clarification,No,Import +c,MISRA-C-2012,Corrigendum2,RULE-13-6,Yes,Clarification,No,Import +c,MISRA-C-2012,Corrigendum2,RULE-14-3,Yes,Refine,No,Easy +c,MISRA-C-2012,Corrigendum2,RULE-15-7,Yes,Clarification,No,Import +c,MISRA-C-2012,Corrigendum2,RULE-17-4,Yes,Clarification,No,Import +c,MISRA-C-2012,Corrigendum2,RULE-17-5,Yes,Clarification,No,Import +c,MISRA-C-2012,Corrigendum2,RULE-18-1,Yes,Refine,No,Easy +c,MISRA-C-2012,Corrigendum2,RULE-20-14,No,Clarification,No,Import +c,MISRA-C-2012,Corrigendum2,RULE-21-19,Yes,Clarification,No,Import +c,MISRA-C-2012,Corrigendum2,RULE-21-20,Yes,Refine,No,Easy +c,MISRA-C-2012,Corrigendum2,RULE-22-9,Yes,Clarification,No,Import \ No newline at end of file diff --git a/scripts/validate-amendments-csv.py b/scripts/validate-amendments-csv.py new file mode 100644 index 0000000000..9d83b7d0c9 --- /dev/null +++ b/scripts/validate-amendments-csv.py @@ -0,0 +1,128 @@ +from collections import defaultdict +import csv +import os +from pathlib import Path +import sys +import json + +help_statement = """ +Usage: {script_name} + +A script which detects invalid entries in amendments.csv. +""" + +if (len(sys.argv) == 2 and sys.argv[1] == "--help"): + print(help_statement.format(script_name=sys.argv[0])) + sys.exit(0) + +if not len(sys.argv) == 2: + print("Error: incorrect number of arguments", file=sys.stderr) + print("Usage: " + sys.argv[0] + " [--help]", file=sys.stderr) + sys.exit(1) + +repo_root = Path(__file__).parent.parent +rules_file_path = repo_root.joinpath('rules.csv') +amendments_file_path = repo_root.joinpath('amendments.csv') +language_name = sys.argv[1] + +failed = False + +rules_from_csv = {} +try: + rules_file = open(rules_file_path, "r") +except PermissionError: + print("Error: No permission to read the rules file located at '" + str(rules_file_path) + "'") + sys.exit(1) +else: + with rules_file: + rules_reader = csv.reader(rules_file) + # Skip header row + next(rules_reader, None) + for rule in rules_reader: + language = rule[0] + rule_id = rule[2] + + # only validate rules for the specified language + if not language == language_name: + continue + + rule_dict = { + "standard": rule[1], + "rule_id": rule_id, + "supportable": rule[3] + } + rules_from_csv[rule_id] = rule_dict + +print(f"Found {len(rules_from_csv)} rules.") +print(f"Verifying amendments") + +seen_amendments = set() +try: + amendments_file = open(amendments_file_path, "r") +except PermissionError: + print("Error: No permission to read the amendments file located at '" + str(amendments_file_path) + "'") + sys.exit(1) +else: + with amendments_file: + amendments_reader = csv.reader(amendments_file) + # Skip header row + next(amendments_reader, None) + for amendment in amendments_reader: + language = amendment[0] + + # only validate rules for the specified language + if not language == language_name: + continue + + if len(amendment) != 8: + print(f"🔴 Error: amendment {amendment} has wrong number of fields") + failed = True + continue + + standard = amendment[1] + amendment_name = amendment[2] + rule_id = amendment[3] + supportable = amendment[4] + implemented = amendment[6] + amendment_id = f"{rule_id}-{amendment_name}" + + if not rule_id in rules_from_csv: + print(f"🔴 Error: Amendment {amendment_id} references rule {rule_id}, not found in rules.csv") + failed = True + continue + + rule = rules_from_csv[rule_id] + + if rule["standard"] != standard: + print(f"🟡 Invalid: {amendment_id} has a different standard than the {rule_id} in rules.csv") + print(f" '{standard}' vs '{rule['standard']}'") + failed = True + + if supportable not in {"Yes", "No"}: + print(f"🟡 Invalid: {amendment_id} 'supportable' field should be 'Yes' or 'No'.") + print(f" got '{supportable}'") + failed = True + + if rule["supportable"] != supportable: + print(f"🟡 Invalid: {amendment_id} supportable does not match rules.csv supportable.") + print(f" '{supportable}' vs '{rule['supportable']}'") + failed = True + + if implemented not in {"Yes", "No"}: + print(f"🟡 Invalid: {amendment_id} 'implemented' field should be 'Yes' or 'No'.") + print(f" got '{implemented}'") + failed = True + + if amendment_id in seen_amendments: + print(f"🔴 Error: {amendment_id} has duplicate entries") + failed = True + + seen_amendments.add(amendment_id) + +print(f"Checked {len(seen_amendments)} amendments.") + +if failed: + print("❌ FAILED: Validity issues found in amendments.csv!") + sys.exit(1) +else: + print("✅ PASSED: No validity issues found in amendments.csv! 🎉") From 1c0353e51c3e99e4abcbaee4b3164ad708c3bfd1 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 20 Sep 2024 15:47:50 -0700 Subject: [PATCH 1994/2573] Fix validation script name in workflow yaml --- .github/workflows/validate-package-files.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/validate-package-files.yml b/.github/workflows/validate-package-files.yml index 28f265c197..0e38e4a1da 100644 --- a/.github/workflows/validate-package-files.yml +++ b/.github/workflows/validate-package-files.yml @@ -62,4 +62,4 @@ jobs: env: LANGUAGE: ${{ matrix.language }} run: | - python scripts/verify_amendments-csv.py $LANGUAGE \ No newline at end of file + python scripts/validate-amendments-csv.py $LANGUAGE \ No newline at end of file From 3387893fc378ac8b7c670745538ac15eade0372d Mon Sep 17 00:00:00 2001 From: Tom Hvitved Date: Tue, 24 Sep 2024 09:03:08 +0200 Subject: [PATCH 1995/2573] Adapt to `sourceLocationPrefix` change in `qltest` --- .../cpp/deviations/Deviations.qll | 8 ++++-- .../ListDeviationRecords.expected | 4 +-- .../InvalidDeviationPermits.expected | 4 +-- .../InvalidDeviationRecords.expected | 28 +++++++++---------- ...InvalidGuidelineRecategorizations.expected | 10 +++---- 5 files changed, 28 insertions(+), 26 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll b/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll index 4dfadd12eb..403a5b61c6 100644 --- a/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll +++ b/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll @@ -365,17 +365,19 @@ class DeviationRecord extends XmlElement { /** Gets a path to which this deviation applies. */ string getADeviationPath() { - ( + exists(string res | if exists(getPathAContainer()) then // Use the path, which will be relative to this file, if specified - result = getPathAContainer().getRelativePath() + res = getPathAContainer().getRelativePath() else ( // Otherwise, if no code identifier was supplied, it applies to the parent container of the // file itself not exists(getCodeIdentifier()) and - result = this.getFile().getParentContainer().getRelativePath() + res = this.getFile().getParentContainer().getRelativePath() ) + | + if res = "" then result = "(root)" else result = res ) } diff --git a/cpp/common/test/deviations/deviations_basic_test/ListDeviationRecords.expected b/cpp/common/test/deviations/deviations_basic_test/ListDeviationRecords.expected index 3a095d8fb9..5115cc8a70 100644 --- a/cpp/common/test/deviations/deviations_basic_test/ListDeviationRecords.expected +++ b/cpp/common/test/deviations/deviations_basic_test/ListDeviationRecords.expected @@ -1,3 +1,3 @@ -| A0-1-1 | cpp/autosar/useless-assignment | Applies to the following file paths: deviations/deviations_basic_test | | This useless assignment is required. | | | -| A0-1-2 | cpp/autosar/unused-return-value | Applies to the following file paths: deviations/deviations_basic_test/nested/nested1,deviations/deviations_basic_test/nested/nested2 | | Unused return value. | | | +| A0-1-1 | cpp/autosar/useless-assignment | Applies to the following file paths: (root) | | This useless assignment is required. | | | +| A0-1-2 | cpp/autosar/unused-return-value | Applies to the following file paths: nested/nested1,nested/nested2 | | Unused return value. | | | | A0-4-2 | cpp/autosar/type-long-double-used | Identified by the use of the code-identifier: a-0-4-2-deviation | | long double is required for interaction with third-party libraries. | | | diff --git a/cpp/common/test/deviations/invalid_deviations/InvalidDeviationPermits.expected b/cpp/common/test/deviations/invalid_deviations/InvalidDeviationPermits.expected index 433dc8a342..609d517c05 100644 --- a/cpp/common/test/deviations/invalid_deviations/InvalidDeviationPermits.expected +++ b/cpp/common/test/deviations/invalid_deviations/InvalidDeviationPermits.expected @@ -1,2 +1,2 @@ -| coding-standards.xml:100:7:103:33 | deviation-permits-entry | deviations/invalid_deviations/coding-standards.xml: Deviation permit does not specify a permit identifier. | -| coding-standards.xml:104:7:107:33 | deviation-permits-entry | deviations/invalid_deviations/coding-standards.xml: Deviation permit specifies unknown property `invalid-property`. | +| coding-standards.xml:100:7:103:33 | deviation-permits-entry | coding-standards.xml: Deviation permit does not specify a permit identifier. | +| coding-standards.xml:104:7:107:33 | deviation-permits-entry | coding-standards.xml: Deviation permit specifies unknown property `invalid-property`. | diff --git a/cpp/common/test/deviations/invalid_deviations/InvalidDeviationRecords.expected b/cpp/common/test/deviations/invalid_deviations/InvalidDeviationRecords.expected index c4f66eeaf5..2cd438c5c6 100644 --- a/cpp/common/test/deviations/invalid_deviations/InvalidDeviationRecords.expected +++ b/cpp/common/test/deviations/invalid_deviations/InvalidDeviationRecords.expected @@ -1,14 +1,14 @@ -| coding-standards.xml:5:7:5:27 | deviations-entry | deviations/invalid_deviations/coding-standards.xml: No rule-id and query-id specified for this deviation record. | -| coding-standards.xml:6:7:8:26 | deviations-entry | deviations/invalid_deviations/coding-standards.xml: The rule-id `bad rule id` for this deviation matches none of the available queries. | -| coding-standards.xml:9:7:11:26 | deviations-entry | deviations/invalid_deviations/coding-standards.xml: A query-id of `bad rule id` is specified for this deviation, but not rule-id is specified. | -| coding-standards.xml:15:7:17:26 | deviations-entry | deviations/invalid_deviations/coding-standards.xml: A query-id of `cpp/autosar/useless-assignment` is specified for this deviation, but not rule-id is specified. | -| coding-standards.xml:22:7:26:26 | deviations-entry | deviations/invalid_deviations/coding-standards.xml: A deviation `raised-by` is specified without providing an `approved-by`. | -| coding-standards.xml:22:7:26:26 | deviations-entry | deviations/invalid_deviations/coding-standards.xml: A deviation `raised-by` is specified without providing both a `name` and `date`. | -| coding-standards.xml:27:7:33:26 | deviations-entry | deviations/invalid_deviations/coding-standards.xml: A deviation `raised-by` is specified without providing an `approved-by`. | -| coding-standards.xml:27:7:33:26 | deviations-entry | deviations/invalid_deviations/coding-standards.xml: A deviation `raised-by` is specified without providing both a `name` and `date`. | -| coding-standards.xml:34:7:41:26 | deviations-entry | deviations/invalid_deviations/coding-standards.xml: A deviation `raised-by` is specified without providing an `approved-by`. | -| coding-standards.xml:42:7:50:26 | deviations-entry | deviations/invalid_deviations/coding-standards.xml: A deviation `approved-by` is specified without providing both a `name` and `date`. | -| coding-standards.xml:51:7:61:26 | deviations-entry | deviations/invalid_deviations/coding-standards.xml: A deviation `approved-by` is specified without providing both a `name` and `date`. | -| coding-standards.xml:74:7:78:26 | deviations-entry | deviations/invalid_deviations/coding-standards.xml: There is no deviation permit with id `non-existing-permit`. | -| coding-standards.xml:79:7:81:26 | deviations-entry | deviations/invalid_deviations/coding-standards.xml: No rule-id and query-id specified for this deviation record. | -| coding-standards.xml:85:7:88:26 | deviations-entry | deviations/invalid_deviations/coding-standards.xml: The deviation is applied to a query with the rule category 'mandatory' that does not permit a deviation. | +| coding-standards.xml:5:7:5:27 | deviations-entry | coding-standards.xml: No rule-id and query-id specified for this deviation record. | +| coding-standards.xml:6:7:8:26 | deviations-entry | coding-standards.xml: The rule-id `bad rule id` for this deviation matches none of the available queries. | +| coding-standards.xml:9:7:11:26 | deviations-entry | coding-standards.xml: A query-id of `bad rule id` is specified for this deviation, but not rule-id is specified. | +| coding-standards.xml:15:7:17:26 | deviations-entry | coding-standards.xml: A query-id of `cpp/autosar/useless-assignment` is specified for this deviation, but not rule-id is specified. | +| coding-standards.xml:22:7:26:26 | deviations-entry | coding-standards.xml: A deviation `raised-by` is specified without providing an `approved-by`. | +| coding-standards.xml:22:7:26:26 | deviations-entry | coding-standards.xml: A deviation `raised-by` is specified without providing both a `name` and `date`. | +| coding-standards.xml:27:7:33:26 | deviations-entry | coding-standards.xml: A deviation `raised-by` is specified without providing an `approved-by`. | +| coding-standards.xml:27:7:33:26 | deviations-entry | coding-standards.xml: A deviation `raised-by` is specified without providing both a `name` and `date`. | +| coding-standards.xml:34:7:41:26 | deviations-entry | coding-standards.xml: A deviation `raised-by` is specified without providing an `approved-by`. | +| coding-standards.xml:42:7:50:26 | deviations-entry | coding-standards.xml: A deviation `approved-by` is specified without providing both a `name` and `date`. | +| coding-standards.xml:51:7:61:26 | deviations-entry | coding-standards.xml: A deviation `approved-by` is specified without providing both a `name` and `date`. | +| coding-standards.xml:74:7:78:26 | deviations-entry | coding-standards.xml: There is no deviation permit with id `non-existing-permit`. | +| coding-standards.xml:79:7:81:26 | deviations-entry | coding-standards.xml: No rule-id and query-id specified for this deviation record. | +| coding-standards.xml:85:7:88:26 | deviations-entry | coding-standards.xml: The deviation is applied to a query with the rule category 'mandatory' that does not permit a deviation. | diff --git a/cpp/common/test/guideline_recategorizations/InvalidGuidelineRecategorizations.expected b/cpp/common/test/guideline_recategorizations/InvalidGuidelineRecategorizations.expected index 971c70a9b6..32a9837e46 100644 --- a/cpp/common/test/guideline_recategorizations/InvalidGuidelineRecategorizations.expected +++ b/cpp/common/test/guideline_recategorizations/InvalidGuidelineRecategorizations.expected @@ -1,5 +1,5 @@ -| invalid/coding-standards.xml:5:7:8:43 | guideline-recategorizations-entry | guideline_recategorizations/invalid/coding-standards.xml: 'Invalid recategorization from 'required' to 'advisory'.' for rule A0-1-1. | -| invalid/coding-standards.xml:9:7:12:43 | guideline-recategorizations-entry | guideline_recategorizations/invalid/coding-standards.xml: 'Invalid recategorization from 'required' to 'disapplied'.' for rule A0-1-2. | -| invalid/coding-standards.xml:13:7:16:43 | guideline-recategorizations-entry | guideline_recategorizations/invalid/coding-standards.xml: 'Unknown rule id 'A1-4-3'.' for rule A1-4-3. | -| invalid/coding-standards.xml:17:7:20:43 | guideline-recategorizations-entry | guideline_recategorizations/invalid/coding-standards.xml: 'Invalid recategorization from 'mandatory' to 'required'.' for rule RULE-13-6. | -| invalid/coding-standards.xml:21:7:24:43 | guideline-recategorizations-entry | guideline_recategorizations/invalid/coding-standards.xml: 'Invalid recategorization from 'rule' to 'required'.' for rule CON50-CPP. | +| invalid/coding-standards.xml:5:7:8:43 | guideline-recategorizations-entry | invalid/coding-standards.xml: 'Invalid recategorization from 'required' to 'advisory'.' for rule A0-1-1. | +| invalid/coding-standards.xml:9:7:12:43 | guideline-recategorizations-entry | invalid/coding-standards.xml: 'Invalid recategorization from 'required' to 'disapplied'.' for rule A0-1-2. | +| invalid/coding-standards.xml:13:7:16:43 | guideline-recategorizations-entry | invalid/coding-standards.xml: 'Unknown rule id 'A1-4-3'.' for rule A1-4-3. | +| invalid/coding-standards.xml:17:7:20:43 | guideline-recategorizations-entry | invalid/coding-standards.xml: 'Invalid recategorization from 'mandatory' to 'required'.' for rule RULE-13-6. | +| invalid/coding-standards.xml:21:7:24:43 | guideline-recategorizations-entry | invalid/coding-standards.xml: 'Invalid recategorization from 'rule' to 'required'.' for rule CON50-CPP. | From 941e1d6d175abcaca2d959c1613040fba71a506e Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Tue, 24 Sep 2024 16:23:10 +0100 Subject: [PATCH 1996/2573] Fail "Validate test" workflow if test runs fail --- .github/workflows/codeql_unit_tests.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index 62660d973d..e23377af9a 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -39,6 +39,7 @@ jobs: needs: prepare-unit-test-matrix runs-on: ${{ matrix.os }} + continue-on-error: true strategy: fail-fast: false matrix: ${{ fromJSON(needs.prepare-unit-test-matrix.outputs.matrix) }} @@ -163,6 +164,12 @@ jobs: needs: run-test-suites runs-on: ubuntu-22.04 steps: + - name: Check if a dependent job failed to complete + if: ${{ failure() }} + uses: actions/github-script@v3 + with: + script: | + core.setFailed('Test run job failed') - name: Collect test results uses: actions/download-artifact@v3 From 1651c1f30dda8df6f2e8553174b7e89fa1087886 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Tue, 24 Sep 2024 16:24:21 +0100 Subject: [PATCH 1997/2573] Introduce deliberate compilation error --- .../rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/misra/src/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.ql b/c/misra/src/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.ql index 9503024671..06c9274e8c 100644 --- a/c/misra/src/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.ql +++ b/c/misra/src/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.ql @@ -15,7 +15,7 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.usageofassemblernotdocumented.UsageOfAssemblerNotDocumented -class UsageOfAssemblyLanguageShouldBeDocumentedQuery extends UsageOfAssemblerNotDocumentedSharedQuery +class UsageOfAssemblyLanguageShouldBeDocumentedQuery UsageOfAssemblerNotDocumentedSharedQuery { UsageOfAssemblyLanguageShouldBeDocumentedQuery() { this = Language2Package::usageOfAssemblyLanguageShouldBeDocumentedQuery() From 104bdc7535c8c983cbde5832ab55a093e59c6def Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Tue, 24 Sep 2024 13:04:17 -0700 Subject: [PATCH 1998/2573] Implement Misra-c Noreturn rule package. Covers rules 17-9 through 17-11, regarding the use of the _Noreturn attribute. --- .../NonVoidReturnTypeOfNoreturnFunction.ql | 23 ++++++ ...onWithNoReturningBranchShouldBeNoreturn.ql | 24 ++++++ .../ReturnStatementInNoreturnFunction.ql | 24 ++++++ ...nVoidReturnTypeOfNoreturnFunction.expected | 1 + .../NonVoidReturnTypeOfNoreturnFunction.qlref | 1 + c/misra/test/rules/RULE-17-10/test.c | 24 ++++++ ...NoReturningBranchShouldBeNoreturn.expected | 4 + ...ithNoReturningBranchShouldBeNoreturn.qlref | 1 + c/misra/test/rules/RULE-17-11/test.c | 80 +++++++++++++++++++ ...ReturnStatementInNoreturnFunction.expected | 2 + .../ReturnStatementInNoreturnFunction.qlref | 1 + c/misra/test/rules/RULE-17-9/test.c | 45 +++++++++++ .../cpp/exclusions/c/NoReturn.qll | 61 ++++++++++++++ .../cpp/exclusions/c/RuleMetadata.qll | 3 + rule_packages/c/NoReturn.json | 55 +++++++++++++ 15 files changed, 349 insertions(+) create mode 100644 c/misra/src/rules/RULE-17-10/NonVoidReturnTypeOfNoreturnFunction.ql create mode 100644 c/misra/src/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.ql create mode 100644 c/misra/src/rules/RULE-17-9/ReturnStatementInNoreturnFunction.ql create mode 100644 c/misra/test/rules/RULE-17-10/NonVoidReturnTypeOfNoreturnFunction.expected create mode 100644 c/misra/test/rules/RULE-17-10/NonVoidReturnTypeOfNoreturnFunction.qlref create mode 100644 c/misra/test/rules/RULE-17-10/test.c create mode 100644 c/misra/test/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.expected create mode 100644 c/misra/test/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.qlref create mode 100644 c/misra/test/rules/RULE-17-11/test.c create mode 100644 c/misra/test/rules/RULE-17-9/ReturnStatementInNoreturnFunction.expected create mode 100644 c/misra/test/rules/RULE-17-9/ReturnStatementInNoreturnFunction.qlref create mode 100644 c/misra/test/rules/RULE-17-9/test.c create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/NoReturn.qll create mode 100644 rule_packages/c/NoReturn.json diff --git a/c/misra/src/rules/RULE-17-10/NonVoidReturnTypeOfNoreturnFunction.ql b/c/misra/src/rules/RULE-17-10/NonVoidReturnTypeOfNoreturnFunction.ql new file mode 100644 index 0000000000..162403f579 --- /dev/null +++ b/c/misra/src/rules/RULE-17-10/NonVoidReturnTypeOfNoreturnFunction.ql @@ -0,0 +1,23 @@ +/** + * @id c/misra/non-void-return-type-of-noreturn-function + * @name RULE-17-10: A function declared with _noreturn shall have a return type of void + * @description Function declared with _noreturn will by definition not return a value, and should + * be declared to return void. + * @kind problem + * @precision very-high + * @problem.severity recommendation + * @tags external/misra/id/rule-17-10 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +from Function f, Type returnType +where + not isExcluded(f, NoReturnPackage::nonVoidReturnTypeOfNoreturnFunctionQuery()) and + f.getASpecifier().getName() = "noreturn" and + returnType = f.getType() and + not returnType instanceof VoidType +select + f, "The function " + f.getName() + " is declared _noreturn but has a return type of " + returnType.toString() + "." diff --git a/c/misra/src/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.ql b/c/misra/src/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.ql new file mode 100644 index 0000000000..a711658fcc --- /dev/null +++ b/c/misra/src/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.ql @@ -0,0 +1,24 @@ +/** + * @id c/misra/function-with-no-returning-branch-should-be-noreturn + * @name RULE-17-11: A function without a branch that returns shall be declared with _Noreturn + * @description Functions which cannot return should be declared with _Noreturn. + * @kind problem + * @precision high + * @problem.severity recommendation + * @tags external/misra/id/rule-17-11 + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.c.misra + +from Function f +where + not isExcluded(f, NoReturnPackage::returnStatementInNoreturnFunctionQuery()) and + not f.getASpecifier().getName() = "noreturn" and + not exists(ReturnStmt s | + f = s.getEnclosingFunction() and + s.getBasicBlock().isReachable() + ) +select + f, "The function " + f.getName() + " cannot return and should be declared attribute _Noreturn." diff --git a/c/misra/src/rules/RULE-17-9/ReturnStatementInNoreturnFunction.ql b/c/misra/src/rules/RULE-17-9/ReturnStatementInNoreturnFunction.ql new file mode 100644 index 0000000000..0c291c20af --- /dev/null +++ b/c/misra/src/rules/RULE-17-9/ReturnStatementInNoreturnFunction.ql @@ -0,0 +1,24 @@ +/** + * @id c/misra/return-statement-in-noreturn-function + * @name RULE-17-9: Verify that a function declared with _Noreturn does not return + * @description Returning inside a function declared with _Noreturn is undefined behavior. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-17-9 + * external/misra/obligation/mandatory + */ + +import cpp +import codingstandards.c.misra + +from Function f +where + not isExcluded(f, NoReturnPackage::returnStatementInNoreturnFunctionQuery()) and + f.getASpecifier().getName() = "noreturn" and + exists(ReturnStmt s | + f = s.getEnclosingFunction() and + s.getBasicBlock().isReachable() + ) +select + f, "The function " + f.getName() + " declared with attribute _Noreturn returns a value." diff --git a/c/misra/test/rules/RULE-17-10/NonVoidReturnTypeOfNoreturnFunction.expected b/c/misra/test/rules/RULE-17-10/NonVoidReturnTypeOfNoreturnFunction.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/RULE-17-10/NonVoidReturnTypeOfNoreturnFunction.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-17-10/NonVoidReturnTypeOfNoreturnFunction.qlref b/c/misra/test/rules/RULE-17-10/NonVoidReturnTypeOfNoreturnFunction.qlref new file mode 100644 index 0000000000..6726b6957a --- /dev/null +++ b/c/misra/test/rules/RULE-17-10/NonVoidReturnTypeOfNoreturnFunction.qlref @@ -0,0 +1 @@ +rules/RULE-17-10/NonVoidReturnTypeOfNoreturnFunction.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-17-10/test.c b/c/misra/test/rules/RULE-17-10/test.c new file mode 100644 index 0000000000..5e3aadf165 --- /dev/null +++ b/c/misra/test/rules/RULE-17-10/test.c @@ -0,0 +1,24 @@ +#include "stdlib.h" + +void f1(); // COMPLIANT +int f2(); // COMPLIANT +_Noreturn void f3(); // COMPLIANT +_Noreturn int f4(); // NON-COMPLIANT + +void f5() { // COMPLIANT +} + +int f6() { // COMPLIANT + return 0; +} + +_Noreturn void f7() { // COMPLIANT + abort(); +} + +_Noreturn int f8() { // NON-COMPLIANT + abort(); + return 0; +} + +_Noreturn void* f9(); // NON-COMPLIANT \ No newline at end of file diff --git a/c/misra/test/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.expected b/c/misra/test/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.expected new file mode 100644 index 0000000000..5141f0c9c3 --- /dev/null +++ b/c/misra/test/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.expected @@ -0,0 +1,4 @@ +| test.c:7:6:7:21 | test_noreturn_f2 | The function test_noreturn_f2 cannot return and should be declared attribute _Noreturn. | +| test.c:19:6:19:21 | test_noreturn_f4 | The function test_noreturn_f4 cannot return and should be declared attribute _Noreturn. | +| test.c:48:6:48:21 | test_noreturn_f8 | The function test_noreturn_f8 cannot return and should be declared attribute _Noreturn. | +| test.c:64:6:64:22 | test_noreturn_f10 | The function test_noreturn_f10 cannot return and should be declared attribute _Noreturn. | diff --git a/c/misra/test/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.qlref b/c/misra/test/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.qlref new file mode 100644 index 0000000000..feb6f40804 --- /dev/null +++ b/c/misra/test/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.qlref @@ -0,0 +1 @@ +rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-17-11/test.c b/c/misra/test/rules/RULE-17-11/test.c new file mode 100644 index 0000000000..3d0144d6f0 --- /dev/null +++ b/c/misra/test/rules/RULE-17-11/test.c @@ -0,0 +1,80 @@ +#include "stdlib.h" + +_Noreturn void test_noreturn_f1(int i) { // COMPLIANT + abort(); +} + +void test_noreturn_f2(int i) { // NON_COMPLIANT + abort(); +} + + +_Noreturn void test_noreturn_f3(int i) { // COMPLIANT + if (i > 0) { + abort(); + } + exit(1); +} + +void test_noreturn_f4(int i) { // NON_COMPLIANT + if (i > 0) { + abort(); + } + exit(1); +} + +void test_noreturn_f5(int i) { // COMPLIANT + if (i > 0) { + return; + } + exit(1); +} + +void test_noreturn_f6(int i) { // COMPLIANT + if (i > 0) { + abort(); + } + if (i < 0) { + abort(); + } +} + +void test_noreturn_f7(int i) { // COMPLIANT + if (i > 0) { + abort(); + } +} + +void test_noreturn_f8(int i) { // NON_COMPLIANT + if (i > 0) { + abort(); + } else { + abort(); + } +} + +_Noreturn void test_noreturn_f9(int i) { // COMPLIANT + if (i > 0) { + abort(); + } else { + abort(); + } +} + +void test_noreturn_f10(int i) { // NON_COMPLIANT + if (i > 0) { + abort(); + } + while (1) { + i = 5; + } +} + +_Noreturn void test_noreturn_f11(int i) { // COMPLIANT + if (i > 0) { + abort(); + } + while (1) { + i = 5; + } +} diff --git a/c/misra/test/rules/RULE-17-9/ReturnStatementInNoreturnFunction.expected b/c/misra/test/rules/RULE-17-9/ReturnStatementInNoreturnFunction.expected new file mode 100644 index 0000000000..1e6a6ab180 --- /dev/null +++ b/c/misra/test/rules/RULE-17-9/ReturnStatementInNoreturnFunction.expected @@ -0,0 +1,2 @@ +| test.c:7:16:7:31 | test_noreturn_f2 | The function test_noreturn_f2 declared with attribute _Noreturn returns a value. | +| test.c:32:16:32:31 | test_noreturn_f5 | The function test_noreturn_f5 declared with attribute _Noreturn returns a value. | diff --git a/c/misra/test/rules/RULE-17-9/ReturnStatementInNoreturnFunction.qlref b/c/misra/test/rules/RULE-17-9/ReturnStatementInNoreturnFunction.qlref new file mode 100644 index 0000000000..eaa647d8a4 --- /dev/null +++ b/c/misra/test/rules/RULE-17-9/ReturnStatementInNoreturnFunction.qlref @@ -0,0 +1 @@ +rules/RULE-17-9/ReturnStatementInNoreturnFunction.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-17-9/test.c b/c/misra/test/rules/RULE-17-9/test.c new file mode 100644 index 0000000000..c3ff575672 --- /dev/null +++ b/c/misra/test/rules/RULE-17-9/test.c @@ -0,0 +1,45 @@ +#include "stdlib.h" + +_Noreturn void test_noreturn_f1(int i) { // COMPLIANT + abort(); +} + +_Noreturn void test_noreturn_f2(int i) { // NON_COMPLIANT + if (i > 0) { + abort(); + } + if (i < 0) { + abort(); + } +} + +_Noreturn void test_noreturn_f3(int i) { // COMPLIANT + if (i > 0) { + abort(); + } + exit(1); +} + +void test_noreturn_f4(int i) { // COMPLIANT + if (i > 0) { + abort(); + } + if (i < 0) { + abort(); + } +} + +_Noreturn void test_noreturn_f5(int i) { // NON_COMPLIANT + if (i > 0) { + abort(); + } +} + +_Noreturn void test_noreturn_f6(int i) { // COMPLIANT + if (i > 0) { + abort(); + } + while (1) { + i = 5; + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/NoReturn.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/NoReturn.qll new file mode 100644 index 0000000000..07b9360213 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/NoReturn.qll @@ -0,0 +1,61 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype NoReturnQuery = + TNonVoidReturnTypeOfNoreturnFunctionQuery() or + TFunctionWithNoReturningBranchShouldBeNoreturnQuery() or + TReturnStatementInNoreturnFunctionQuery() + +predicate isNoReturnQueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `nonVoidReturnTypeOfNoreturnFunction` query + NoReturnPackage::nonVoidReturnTypeOfNoreturnFunctionQuery() and + queryId = + // `@id` for the `nonVoidReturnTypeOfNoreturnFunction` query + "c/misra/non-void-return-type-of-noreturn-function" and + ruleId = "RULE-17-10" and + category = "required" + or + query = + // `Query` instance for the `functionWithNoReturningBranchShouldBeNoreturn` query + NoReturnPackage::functionWithNoReturningBranchShouldBeNoreturnQuery() and + queryId = + // `@id` for the `functionWithNoReturningBranchShouldBeNoreturn` query + "c/misra/function-with-no-returning-branch-should-be-noreturn" and + ruleId = "RULE-17-11" and + category = "advisory" + or + query = + // `Query` instance for the `returnStatementInNoreturnFunction` query + NoReturnPackage::returnStatementInNoreturnFunctionQuery() and + queryId = + // `@id` for the `returnStatementInNoreturnFunction` query + "c/misra/return-statement-in-noreturn-function" and + ruleId = "RULE-17-9" and + category = "mandatory" +} + +module NoReturnPackage { + Query nonVoidReturnTypeOfNoreturnFunctionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `nonVoidReturnTypeOfNoreturnFunction` query + TQueryC(TNoReturnPackageQuery(TNonVoidReturnTypeOfNoreturnFunctionQuery())) + } + + Query functionWithNoReturningBranchShouldBeNoreturnQuery() { + //autogenerate `Query` type + result = + // `Query` type for `functionWithNoReturningBranchShouldBeNoreturn` query + TQueryC(TNoReturnPackageQuery(TFunctionWithNoReturningBranchShouldBeNoreturnQuery())) + } + + Query returnStatementInNoreturnFunctionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `returnStatementInNoreturnFunction` query + TQueryC(TNoReturnPackageQuery(TReturnStatementInNoreturnFunctionQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index c2771f4171..b3ed02f204 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -42,6 +42,7 @@ import Memory1 import Memory2 import Memory3 import Misc +import NoReturn import OutOfBounds import Pointers1 import Pointers2 @@ -113,6 +114,7 @@ newtype TCQuery = TMemory2PackageQuery(Memory2Query q) or TMemory3PackageQuery(Memory3Query q) or TMiscPackageQuery(MiscQuery q) or + TNoReturnPackageQuery(NoReturnQuery q) or TOutOfBoundsPackageQuery(OutOfBoundsQuery q) or TPointers1PackageQuery(Pointers1Query q) or TPointers2PackageQuery(Pointers2Query q) or @@ -184,6 +186,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isMemory2QueryMetadata(query, queryId, ruleId, category) or isMemory3QueryMetadata(query, queryId, ruleId, category) or isMiscQueryMetadata(query, queryId, ruleId, category) or + isNoReturnQueryMetadata(query, queryId, ruleId, category) or isOutOfBoundsQueryMetadata(query, queryId, ruleId, category) or isPointers1QueryMetadata(query, queryId, ruleId, category) or isPointers2QueryMetadata(query, queryId, ruleId, category) or diff --git a/rule_packages/c/NoReturn.json b/rule_packages/c/NoReturn.json new file mode 100644 index 0000000000..1cb4d02ab4 --- /dev/null +++ b/rule_packages/c/NoReturn.json @@ -0,0 +1,55 @@ +{ + "MISRA-C-2012": { + "RULE-17-10": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Function declared with _noreturn will by definition not return a value, and should be declared to return void.", + "kind": "problem", + "name": "A function declared with _noreturn shall have a return type of void", + "precision": "very-high", + "severity": "recommendation", + "short_name": "NonVoidReturnTypeOfNoreturnFunction", + "tags": [] + } + ], + "title": "A function declared with _noreturn shall have a return type of void" + }, + "RULE-17-11": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "Functions which cannot return should be declared with _Noreturn.", + "kind": "problem", + "name": "A function without a branch that returns shall be declared with _Noreturn", + "precision": "high", + "severity": "recommendation", + "short_name": "FunctionWithNoReturningBranchShouldBeNoreturn", + "tags": [] + } + ], + "title": "A function without a branch that returns shall be declared with _Noreturn" + }, + "RULE-17-9": { + "properties": { + "obligation": "mandatory" + }, + "queries": [ + { + "description": "Returning inside a function declared with _Noreturn is undefined behavior.", + "kind": "problem", + "name": "Verify that a function declared with _Noreturn does not return", + "precision": "very-high", + "severity": "error", + "short_name": "ReturnStatementInNoreturnFunction", + "tags": [] + } + ], + "title": "Verify that a function declared with _Noreturn does not return" + } + } +} \ No newline at end of file From 778db73655fbbaebbcec2ec0a18958c1ae566e28 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Tue, 24 Sep 2024 13:43:47 -0700 Subject: [PATCH 1999/2573] Fix false positives by supporting __attribute__((noreturn)), format. Use shared qll to avoid duplicating logic of detecting noreturn across both specifiers and attributes, and to detect a possible returning stmt. --- c/common/src/codingstandards/c/Noreturn.qll | 22 +++++++++++++++++++ .../NonVoidReturnTypeOfNoreturnFunction.ql | 9 ++++---- ...onWithNoReturningBranchShouldBeNoreturn.ql | 14 ++++++------ .../ReturnStatementInNoreturnFunction.ql | 12 ++++------ ...nVoidReturnTypeOfNoreturnFunction.expected | 5 ++++- c/misra/test/rules/RULE-17-10/test.c | 10 +++++---- ...NoReturningBranchShouldBeNoreturn.expected | 6 ++--- c/misra/test/rules/RULE-17-11/test.c | 13 ++++++++++- ...ReturnStatementInNoreturnFunction.expected | 1 + c/misra/test/rules/RULE-17-9/test.c | 10 +++++++++ 10 files changed, 74 insertions(+), 28 deletions(-) create mode 100644 c/common/src/codingstandards/c/Noreturn.qll diff --git a/c/common/src/codingstandards/c/Noreturn.qll b/c/common/src/codingstandards/c/Noreturn.qll new file mode 100644 index 0000000000..eabe86b56e --- /dev/null +++ b/c/common/src/codingstandards/c/Noreturn.qll @@ -0,0 +1,22 @@ +import cpp + +/** + * A function marked with _Noreturn or __attribute((noreturn)) + */ +class NoreturnFunction extends Function { + NoreturnFunction() { + this.getASpecifier().getName() = "noreturn" or + this.getAnAttribute().getName() = "noreturn" + } +} + +/** + * A function that may complete normally, and/or contains an explicit reachable + * return statement. + */ +predicate mayReturn(Function function) { + exists(ReturnStmt s | + function = s.getEnclosingFunction() and + s.getBasicBlock().isReachable() + ) +} diff --git a/c/misra/src/rules/RULE-17-10/NonVoidReturnTypeOfNoreturnFunction.ql b/c/misra/src/rules/RULE-17-10/NonVoidReturnTypeOfNoreturnFunction.ql index 162403f579..3e6f2340fd 100644 --- a/c/misra/src/rules/RULE-17-10/NonVoidReturnTypeOfNoreturnFunction.ql +++ b/c/misra/src/rules/RULE-17-10/NonVoidReturnTypeOfNoreturnFunction.ql @@ -12,12 +12,13 @@ import cpp import codingstandards.c.misra +import codingstandards.c.Noreturn -from Function f, Type returnType +from NoreturnFunction f, Type returnType where not isExcluded(f, NoReturnPackage::nonVoidReturnTypeOfNoreturnFunctionQuery()) and - f.getASpecifier().getName() = "noreturn" and returnType = f.getType() and not returnType instanceof VoidType -select - f, "The function " + f.getName() + " is declared _noreturn but has a return type of " + returnType.toString() + "." +select f, + "The function " + f.getName() + " is declared _noreturn but has a return type of " + + returnType.toString() + "." diff --git a/c/misra/src/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.ql b/c/misra/src/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.ql index a711658fcc..c5d342c015 100644 --- a/c/misra/src/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.ql +++ b/c/misra/src/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.ql @@ -11,14 +11,14 @@ import cpp import codingstandards.c.misra +import codingstandards.c.Noreturn from Function f where not isExcluded(f, NoReturnPackage::returnStatementInNoreturnFunctionQuery()) and - not f.getASpecifier().getName() = "noreturn" and - not exists(ReturnStmt s | - f = s.getEnclosingFunction() and - s.getBasicBlock().isReachable() - ) -select - f, "The function " + f.getName() + " cannot return and should be declared attribute _Noreturn." + not f instanceof NoreturnFunction and + not mayReturn(f) and + f.hasDefinition() and + f.getName() != "main" // Allowed exception; _Noreturn main() is undefined behavior. +select f, + "The function " + f.getName() + " cannot return and should be declared attribute _Noreturn." diff --git a/c/misra/src/rules/RULE-17-9/ReturnStatementInNoreturnFunction.ql b/c/misra/src/rules/RULE-17-9/ReturnStatementInNoreturnFunction.ql index 0c291c20af..7c23cf306f 100644 --- a/c/misra/src/rules/RULE-17-9/ReturnStatementInNoreturnFunction.ql +++ b/c/misra/src/rules/RULE-17-9/ReturnStatementInNoreturnFunction.ql @@ -11,14 +11,10 @@ import cpp import codingstandards.c.misra +import codingstandards.c.Noreturn -from Function f +from NoreturnFunction f where not isExcluded(f, NoReturnPackage::returnStatementInNoreturnFunctionQuery()) and - f.getASpecifier().getName() = "noreturn" and - exists(ReturnStmt s | - f = s.getEnclosingFunction() and - s.getBasicBlock().isReachable() - ) -select - f, "The function " + f.getName() + " declared with attribute _Noreturn returns a value." + mayReturn(f) +select f, "The function " + f.getName() + " declared with attribute _Noreturn returns a value." diff --git a/c/misra/test/rules/RULE-17-10/NonVoidReturnTypeOfNoreturnFunction.expected b/c/misra/test/rules/RULE-17-10/NonVoidReturnTypeOfNoreturnFunction.expected index 2ec1a0ac6c..a94e37baa4 100644 --- a/c/misra/test/rules/RULE-17-10/NonVoidReturnTypeOfNoreturnFunction.expected +++ b/c/misra/test/rules/RULE-17-10/NonVoidReturnTypeOfNoreturnFunction.expected @@ -1 +1,4 @@ -No expected results have yet been specified \ No newline at end of file +| test.c:6:15:6:16 | f4 | The function f4 is declared _noreturn but has a return type of int. | +| test.c:19:15:19:16 | f8 | The function f8 is declared _noreturn but has a return type of int. | +| test.c:24:17:24:18 | f9 | The function f9 is declared _noreturn but has a return type of void *. | +| test.c:26:31:26:33 | f10 | The function f10 is declared _noreturn but has a return type of int. | diff --git a/c/misra/test/rules/RULE-17-10/test.c b/c/misra/test/rules/RULE-17-10/test.c index 5e3aadf165..b5fc988af2 100644 --- a/c/misra/test/rules/RULE-17-10/test.c +++ b/c/misra/test/rules/RULE-17-10/test.c @@ -1,9 +1,9 @@ #include "stdlib.h" -void f1(); // COMPLIANT -int f2(); // COMPLIANT +void f1(); // COMPLIANT +int f2(); // COMPLIANT _Noreturn void f3(); // COMPLIANT -_Noreturn int f4(); // NON-COMPLIANT +_Noreturn int f4(); // NON-COMPLIANT void f5() { // COMPLIANT } @@ -21,4 +21,6 @@ _Noreturn int f8() { // NON-COMPLIANT return 0; } -_Noreturn void* f9(); // NON-COMPLIANT \ No newline at end of file +_Noreturn void *f9(); // NON-COMPLIANT + +__attribute__((noreturn)) int f10(); // NON-COMPLIANT \ No newline at end of file diff --git a/c/misra/test/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.expected b/c/misra/test/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.expected index 5141f0c9c3..15389bfcdd 100644 --- a/c/misra/test/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.expected +++ b/c/misra/test/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.expected @@ -1,4 +1,4 @@ | test.c:7:6:7:21 | test_noreturn_f2 | The function test_noreturn_f2 cannot return and should be declared attribute _Noreturn. | -| test.c:19:6:19:21 | test_noreturn_f4 | The function test_noreturn_f4 cannot return and should be declared attribute _Noreturn. | -| test.c:48:6:48:21 | test_noreturn_f8 | The function test_noreturn_f8 cannot return and should be declared attribute _Noreturn. | -| test.c:64:6:64:22 | test_noreturn_f10 | The function test_noreturn_f10 cannot return and should be declared attribute _Noreturn. | +| test.c:18:6:18:21 | test_noreturn_f4 | The function test_noreturn_f4 cannot return and should be declared attribute _Noreturn. | +| test.c:47:6:47:21 | test_noreturn_f8 | The function test_noreturn_f8 cannot return and should be declared attribute _Noreturn. | +| test.c:63:6:63:22 | test_noreturn_f10 | The function test_noreturn_f10 cannot return and should be declared attribute _Noreturn. | diff --git a/c/misra/test/rules/RULE-17-11/test.c b/c/misra/test/rules/RULE-17-11/test.c index 3d0144d6f0..1ecc2b1c44 100644 --- a/c/misra/test/rules/RULE-17-11/test.c +++ b/c/misra/test/rules/RULE-17-11/test.c @@ -8,7 +8,6 @@ void test_noreturn_f2(int i) { // NON_COMPLIANT abort(); } - _Noreturn void test_noreturn_f3(int i) { // COMPLIANT if (i > 0) { abort(); @@ -78,3 +77,15 @@ _Noreturn void test_noreturn_f11(int i) { // COMPLIANT i = 5; } } + +void test_noreturn_f12(); // COMPLIANT + +__attribute__((noreturn)) void test_noreturn_f13(int i) { // COMPLIANT + abort(); +} + +// Allowed by exception. It is undefined behavior for main() to be declared with +// noreturn. +int main(char **argv, int argc) { // COMPLIANT + abort(); +} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-17-9/ReturnStatementInNoreturnFunction.expected b/c/misra/test/rules/RULE-17-9/ReturnStatementInNoreturnFunction.expected index 1e6a6ab180..9775f797de 100644 --- a/c/misra/test/rules/RULE-17-9/ReturnStatementInNoreturnFunction.expected +++ b/c/misra/test/rules/RULE-17-9/ReturnStatementInNoreturnFunction.expected @@ -1,2 +1,3 @@ | test.c:7:16:7:31 | test_noreturn_f2 | The function test_noreturn_f2 declared with attribute _Noreturn returns a value. | | test.c:32:16:32:31 | test_noreturn_f5 | The function test_noreturn_f5 declared with attribute _Noreturn returns a value. | +| test.c:47:32:47:47 | test_noreturn_f7 | The function test_noreturn_f7 declared with attribute _Noreturn returns a value. | diff --git a/c/misra/test/rules/RULE-17-9/test.c b/c/misra/test/rules/RULE-17-9/test.c index c3ff575672..05ff410562 100644 --- a/c/misra/test/rules/RULE-17-9/test.c +++ b/c/misra/test/rules/RULE-17-9/test.c @@ -43,3 +43,13 @@ _Noreturn void test_noreturn_f6(int i) { // COMPLIANT i = 5; } } + +__attribute__((noreturn)) void test_noreturn_f7(int i) { // NON_COMPLIANT + if (i > 0) { + abort(); + } +} + +__attribute__((noreturn)) void test_noreturn_f8(int i) { // COMPLIANT + abort(); +} \ No newline at end of file From b5b300dbefdbbb005ce030f6a111fa42b08d5fe6 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 24 Sep 2024 22:12:00 +0100 Subject: [PATCH 2000/2573] DeadCode: Use HoldsForAllInstances Eliminate false positives where a line of code is used in some copies (instances) but not others. --- .../cpp/rules/deadcode/DeadCode.qll | 43 ++++++++++++------- 1 file changed, 28 insertions(+), 15 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/deadcode/DeadCode.qll b/cpp/common/src/codingstandards/cpp/rules/deadcode/DeadCode.qll index 2b5be15e80..1ccfb91095 100644 --- a/cpp/common/src/codingstandards/cpp/rules/deadcode/DeadCode.qll +++ b/cpp/common/src/codingstandards/cpp/rules/deadcode/DeadCode.qll @@ -12,6 +12,7 @@ */ import cpp +import codingstandards.cpp.alertreporting.HoldsForAllInstances import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.deadcode.UselessAssignments @@ -31,10 +32,6 @@ predicate isDeadOrUnreachableStmt(Stmt s) { s.getBasicBlock() = any(UnreachableBasicBlock ubb).getABasicBlock() } -/** - * Holds if the `Stmt` `s` is dead, i.e. could be executed, but its removal would not meaningfully - * affect the program. - */ predicate isDeadStmt(Stmt s) { // A `DeclStmt` is dead code if: // - All the declarations are variable declarations @@ -108,17 +105,33 @@ predicate isDeadStmt(Stmt s) { exists(TryStmt ts | s = ts and isDeadStmt(ts.getStmt())) } -query predicate problems(Stmt s, string message) { - not isExcluded(s, getQuery()) and +/** + * Holds if the `Stmt` `s` is dead, i.e. could be executed, but its removal would not meaningfully + * affect the program. + */ +class DeadStmtInstance extends Stmt { + DeadStmtInstance() { + isDeadStmt(this) and + // Exclude compiler generated statements + not this.isCompilerGenerated() and + // Exclude code fully generated by macros, because the code may be "live" in other expansions + not this.isInMacroExpansion() and + // MISRA defines dead code as an "_executed_ statement whose removal would not affect the program + // output". We therefore exclude unreachable statements as they are, by definition, not executed. + not this.getBasicBlock() = any(UnreachableBasicBlock ubb).getABasicBlock() + } +} + +class DeadStmt = HoldsForAllInstances::LogicalResultStmt; + +query predicate problems(DeadStmt s, string message) { + not isExcluded(s.getAStmtInstance(), getQuery()) and message = "This statement is dead code." and - isDeadStmt(s) and // Report only the highest level dead statement, to avoid over reporting - not isDeadStmt(s.getParentStmt()) and - // MISRA defines dead code as an "_executed_ statement whose removal would not affect the program - // output". We therefore exclude unreachable statements as they are, by definition, not executed. - not s.getBasicBlock() = any(UnreachableBasicBlock ubb).getABasicBlock() and - // Exclude code fully generated by macros, because the code may be "live" in other expansions - not s.isInMacroExpansion() and - // Exclude compiler generated statements - not s.isCompilerGenerated() + not exists(DeadStmt parent | + // All instances must share a dead statement parent for us to report the parent instead + forall(Stmt instance | instance = s.getAStmtInstance() | + parent.getAStmtInstance() = instance.getParentStmt() + ) + ) } From efa556c0e33d7a24e482b237df09a8d0563e66d2 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 24 Sep 2024 23:25:44 +0100 Subject: [PATCH 2001/2573] Add library for reporting if all instances hold Add a utility library for determing whether a condition holds for all copies of a statement in a program. --- .../alertreporting/HoldsForAllInstances.qll | 106 ++++++++++++++++++ 1 file changed, 106 insertions(+) create mode 100644 cpp/common/src/codingstandards/cpp/alertreporting/HoldsForAllInstances.qll diff --git a/cpp/common/src/codingstandards/cpp/alertreporting/HoldsForAllInstances.qll b/cpp/common/src/codingstandards/cpp/alertreporting/HoldsForAllInstances.qll new file mode 100644 index 0000000000..fcf307c975 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/alertreporting/HoldsForAllInstances.qll @@ -0,0 +1,106 @@ +/** + * A module for considering whether a result occurs in all instances (e.g. copies) of the code at a + * given location. + * + * Multiple instances of a statement at the same location can occur for two main reasons: + * 1. Instantiations of a template + * 2. Re-compilation of a file under a different context + * This module helps ensure that a particular condition holds for all copies of a particular logical + * statement. For example, this can be used to determine whether a line of code is dead in all copies + * of a piece of code. + * + * This module is parameterized by a set of _candidate_ statements in the program. For each candidate + * statement, we determine whether all other statements that occur at the same location in the + * program are also part of the same set, ignoring any results generated by macros. + * + * We do so by reporting a new type of result, `LogicalResultStmt`, which represents a logical result + * where all instances of a statement at a given location are considered to be part of the same set. + */ + +import cpp + +/** + * Holds if the `Stmt` `s` is not within a macro expansion, i.e. generated by a macro, but not the + * outermost `Stmt` generated by the macro. + */ +predicate isNotWithinMacroExpansion(Stmt s) { + not s.isInMacroExpansion() + or + exists(MacroInvocation mi | + mi.getStmt() = s and + not exists(mi.getParentInvocation()) + ) +} + +/** A candidate set of types. */ +signature class CandidateStmtSig extends Stmt; + +/** + * A module for considering whether a result occurs in all instances (e.g. copies) of the code at a + * given location. + */ +module HoldsForAllInstances { + private predicate hasLocation( + Stmt s, string filepath, int startline, int startcolumn, int endline, int endcolumn + ) { + s.getLocation().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) + } + + final private class MyStmt = Stmt; + + /** + * A `Stmt` that appears at the same location as a candidate statement. + */ + private class RelevantStmt extends MyStmt { + CandidateStmt s; + + RelevantStmt() { + exists(string filepath, int startline, int startcolumn, int endline, int endcolumn | + hasLocation(this, filepath, startline, startcolumn, endline, endcolumn) and + hasLocation(s, filepath, startline, startcolumn, endline, endcolumn) + ) and + // Not within a macro expansion, as we cannot match up instances by location in that + // case + isNotWithinMacroExpansion(this) and + // Ignore catch handlers, as they occur at the same location as the catch block + not this instanceof Handler + } + + CandidateStmt getCandidateStmt() { result = s } + } + + newtype TResultStmts = + TLogicalResultStmt(string filepath, int startline, int startcolumn, int endline, int endcolumn) { + exists(CandidateStmt s | + // Only consider candidates where we can match up the location + isNotWithinMacroExpansion(s) and + hasLocation(s, filepath, startline, startcolumn, endline, endcolumn) and + // All relevant statements that occur at the same location are candidates + forex(RelevantStmt relevantStmt | s = relevantStmt.getCandidateStmt() | + relevantStmt instanceof CandidateStmt + ) + ) + } + + /** + * A logical result statement, representing all instances of a statement that occur at the same + * location. + */ + class LogicalResultStmt extends TLogicalResultStmt { + predicate hasLocationInfo( + string filepath, int startline, int startcolumn, int endline, int endcolumn + ) { + this = TLogicalResultStmt(filepath, startline, startcolumn, endline, endcolumn) + } + + /** Gets an instance of this logical result statement. */ + CandidateStmt getAStmtInstance() { + exists(string filepath, int startline, int startcolumn, int endline, int endcolumn | + this = TLogicalResultStmt(filepath, startline, startcolumn, endline, endcolumn) and + hasLocation(result, filepath, startline, startcolumn, endline, endcolumn) + ) + } + + string toString() { result = getAStmtInstance().toString() } + } +} From 61cd6ca2c3d79d1ac90d53f25ca863fb6fe0a755 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 25 Sep 2024 09:55:09 +0100 Subject: [PATCH 2002/2573] Consistently exclude macro generated statements --- cpp/common/src/codingstandards/cpp/rules/deadcode/DeadCode.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/deadcode/DeadCode.qll b/cpp/common/src/codingstandards/cpp/rules/deadcode/DeadCode.qll index 1ccfb91095..667c9020a9 100644 --- a/cpp/common/src/codingstandards/cpp/rules/deadcode/DeadCode.qll +++ b/cpp/common/src/codingstandards/cpp/rules/deadcode/DeadCode.qll @@ -115,7 +115,7 @@ class DeadStmtInstance extends Stmt { // Exclude compiler generated statements not this.isCompilerGenerated() and // Exclude code fully generated by macros, because the code may be "live" in other expansions - not this.isInMacroExpansion() and + isNotWithinMacroExpansion(this) and // MISRA defines dead code as an "_executed_ statement whose removal would not affect the program // output". We therefore exclude unreachable statements as they are, by definition, not executed. not this.getBasicBlock() = any(UnreachableBasicBlock ubb).getABasicBlock() From aca6d40da65a1158441363943198d6da6a15bc22 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 25 Sep 2024 10:04:10 +0100 Subject: [PATCH 2003/2573] Fix #604 - add test of template results The modifications to the query to handle multiple copies of a statement across different targets also support reporting of issues across multiple template instantiations. This commit adds additional tests to demonstrate that this works effectively. --- .../test/rules/deadcode/DeadCode.expected | 2 ++ cpp/common/test/rules/deadcode/test.cpp | 28 +++++++++++++++++++ 2 files changed, 30 insertions(+) diff --git a/cpp/common/test/rules/deadcode/DeadCode.expected b/cpp/common/test/rules/deadcode/DeadCode.expected index aec93e0914..bc0afc7c60 100644 --- a/cpp/common/test/rules/deadcode/DeadCode.expected +++ b/cpp/common/test/rules/deadcode/DeadCode.expected @@ -15,3 +15,5 @@ | test.cpp:85:3:85:43 | declaration | This statement is dead code. | | test.cpp:87:3:87:30 | declaration | This statement is dead code. | | test.cpp:90:3:90:50 | declaration | This statement is dead code. | +| test.cpp:108:3:108:21 | ExprStmt | This statement is dead code. | +| test.cpp:120:3:120:23 | ExprStmt | This statement is dead code. | diff --git a/cpp/common/test/rules/deadcode/test.cpp b/cpp/common/test/rules/deadcode/test.cpp index d9c0cab277..7632310e1c 100644 --- a/cpp/common/test/rules/deadcode/test.cpp +++ b/cpp/common/test/rules/deadcode/test.cpp @@ -91,3 +91,31 @@ int test_dead_code(int x) { return live5 + live6 + constexpr_used_array[1]; // COMPLIANT } + +class Foo { +public: + void bar() { may_have_side_effects(); } +}; + +class Baz { +public: + void bar() {} // No side effects +}; + +template void test_template() { + T t; + t.bar(); // COMPLIANT + no_side_effects(1); // NON_COMPLIANT +} + +template void test_unused_template() { + T t; + t.bar(); // COMPLIANT + no_side_effects( + 1); // NON_COMPLIANT[FALSE_NEGATIVE] - unused templates are not extracted +} + +void test() { + test_template(); + test_template(); // NON_COMPLIANT - template call has no affect +} \ No newline at end of file From 4d457b8084a885318230dc4cb773eece357e0087 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 25 Sep 2024 10:22:06 +0100 Subject: [PATCH 2004/2573] DeadCode: Add macro/template tests Ensure that macro expansions and multiple instances of code work together. --- .../test/rules/deadcode/DeadCode.expected | 6 +++-- cpp/common/test/rules/deadcode/test.cpp | 26 ++++++++++++++++--- 2 files changed, 27 insertions(+), 5 deletions(-) diff --git a/cpp/common/test/rules/deadcode/DeadCode.expected b/cpp/common/test/rules/deadcode/DeadCode.expected index bc0afc7c60..1756231343 100644 --- a/cpp/common/test/rules/deadcode/DeadCode.expected +++ b/cpp/common/test/rules/deadcode/DeadCode.expected @@ -15,5 +15,7 @@ | test.cpp:85:3:85:43 | declaration | This statement is dead code. | | test.cpp:87:3:87:30 | declaration | This statement is dead code. | | test.cpp:90:3:90:50 | declaration | This statement is dead code. | -| test.cpp:108:3:108:21 | ExprStmt | This statement is dead code. | -| test.cpp:120:3:120:23 | ExprStmt | This statement is dead code. | +| test.cpp:116:3:116:21 | ExprStmt | This statement is dead code. | +| test.cpp:117:3:117:27 | ExprStmt | This statement is dead code. | +| test.cpp:118:7:118:32 | ExprStmt | This statement is dead code. | +| test.cpp:139:3:139:35 | ExprStmt | This statement is dead code. | diff --git a/cpp/common/test/rules/deadcode/test.cpp b/cpp/common/test/rules/deadcode/test.cpp index 7632310e1c..d40667539d 100644 --- a/cpp/common/test/rules/deadcode/test.cpp +++ b/cpp/common/test/rules/deadcode/test.cpp @@ -102,10 +102,27 @@ class Baz { void bar() {} // No side effects }; +#define FULL_STMT_NO_SIDE_EFFECTS no_side_effects(1); +#define PART_STMT_NO_SIDE_EFFECTS no_side_effects(1) +#define BLOCK_SOME_SIDE_EFFECTS \ + { \ + may_have_side_effects(); \ + no_side_effects(1); \ + } + template void test_template() { T t; - t.bar(); // COMPLIANT - no_side_effects(1); // NON_COMPLIANT + t.bar(); // COMPLIANT + no_side_effects(1); // NON_COMPLIANT + FULL_STMT_NO_SIDE_EFFECTS // NON_COMPLIANT + PART_STMT_NO_SIDE_EFFECTS; // NON_COMPLIANT + BLOCK_SOME_SIDE_EFFECTS; // COMPLIANT - cannot determine loc for + // no_side_effects(1) +} + +template void test_variant_side_effects() { + T t; + t.bar(); // COMPLIANT - not dead in at least one instance } template void test_unused_template() { @@ -117,5 +134,8 @@ template void test_unused_template() { void test() { test_template(); - test_template(); // NON_COMPLIANT - template call has no affect + test_template(); + test_variant_side_effects(); // COMPLIANT + test_variant_side_effects(); // NON_COMPLIANT - no effect in this + // instantiation } \ No newline at end of file From 8d8fd09c2d3188917d8d1d4ec251c8e8f118ae89 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Wed, 25 Sep 2024 17:26:14 +0100 Subject: [PATCH 2005/2573] Refactor to try to trigger the failure step --- .github/workflows/codeql_unit_tests.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index e23377af9a..a0526551ff 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -39,7 +39,6 @@ jobs: needs: prepare-unit-test-matrix runs-on: ${{ matrix.os }} - continue-on-error: true strategy: fail-fast: false matrix: ${{ fromJSON(needs.prepare-unit-test-matrix.outputs.matrix) }} @@ -161,6 +160,7 @@ jobs: validate-test-results: name: Validate test results + if: ${{ always() }} needs: run-test-suites runs-on: ubuntu-22.04 steps: From 783f8d47cdc730db0f05f75568ef808a1967a8c0 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 25 Sep 2024 22:57:25 +0100 Subject: [PATCH 2006/2573] RULE-2-2: Refactor to detect dead operations The rule description for this rule in fact talks about dead operations, not dead statements. Therefore: - Unshare the rule from MISRA C++ 2008 - Implement dead operation, as per the rule --- c/misra/src/rules/RULE-2-2/DeadCode.ql | 60 ++++++++++++++++++- c/misra/test/rules/RULE-2-2/DeadCode.expected | 7 +++ c/misra/test/rules/RULE-2-2/DeadCode.qlref | 1 + c/misra/test/rules/RULE-2-2/DeadCode.testref | 1 - c/misra/test/rules/RULE-2-2/test.c | 30 ++++++++++ rule_packages/c/DeadCode.json | 16 +---- 6 files changed, 96 insertions(+), 19 deletions(-) create mode 100644 c/misra/test/rules/RULE-2-2/DeadCode.expected create mode 100644 c/misra/test/rules/RULE-2-2/DeadCode.qlref delete mode 100644 c/misra/test/rules/RULE-2-2/DeadCode.testref create mode 100644 c/misra/test/rules/RULE-2-2/test.c diff --git a/c/misra/src/rules/RULE-2-2/DeadCode.ql b/c/misra/src/rules/RULE-2-2/DeadCode.ql index c9ecb5e934..79f69e760d 100644 --- a/c/misra/src/rules/RULE-2-2/DeadCode.ql +++ b/c/misra/src/rules/RULE-2-2/DeadCode.ql @@ -14,8 +14,62 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.rules.deadcode.DeadCode +import codingstandards.cpp.deadcode.UselessAssignments -class MisraCDeadCodeQuery extends DeadCodeSharedQuery { - MisraCDeadCodeQuery() { this = DeadCodePackage::deadCodeQuery() } +/** + * Gets an explicit cast from `e` if one exists. + */ +Cast getExplicitCast(Expr e) { + exists(Conversion c | c = e.getExplicitlyConverted() | + result = c + or + result = c.(ParenthesisExpr).getExpr() + ) +} + +class ExprStmtExpr extends Expr { + ExprStmtExpr() { exists(ExprStmt es | es.getExpr() = this) } } + +/** + * An "operation" as defined by MISRA C Rule 2.2 that is dead, i.e. it's removal has no effect on + * the behaviour of the program. + */ +class DeadOperation extends Expr { + string description; + + DeadOperation() { + exists(ExprStmtExpr e | + if exists(getExplicitCast(e)) + then + this = getExplicitCast(e) and + // void conversions are permitted + not getExplicitCast(e) instanceof VoidConversion and + description = "Cast operation is unused" + else ( + this = e and + ( + if e instanceof Assignment + then + exists(SsaDefinition sd, LocalScopeVariable v | + e = sd.getDefinition() and + sd.getDefiningValue(v).isPure() and + // The definition is useless + isUselessSsaDefinition(sd, v) and + description = "Assignment to " + v.getName() + " is unused and has no side effects" + ) + else ( + e.isPure() and + description = "Result of operation is unused and has no side effects" + ) + ) + ) + ) + } + + string getDescription() { result = description } +} + +from DeadOperation deadOperation +where not isExcluded(deadOperation, DeadCodePackage::deadCodeQuery()) +select deadOperation, deadOperation.getDescription() + "." diff --git a/c/misra/test/rules/RULE-2-2/DeadCode.expected b/c/misra/test/rules/RULE-2-2/DeadCode.expected new file mode 100644 index 0000000000..6cb0fb0c60 --- /dev/null +++ b/c/misra/test/rules/RULE-2-2/DeadCode.expected @@ -0,0 +1,7 @@ +| test.c:15:3:15:11 | ... = ... | Assignment to dead1 is unused and has no side effects. | +| test.c:16:3:16:11 | ... = ... | Assignment to dead2 is unused and has no side effects. | +| test.c:19:3:19:7 | ... + ... | Result of operation is unused and has no side effects. | +| test.c:21:3:21:17 | call to no_side_effects | Result of operation is unused and has no side effects. | +| test.c:23:3:23:30 | (int)... | Cast operation is unused. | +| test.c:24:3:24:25 | (int)... | Cast operation is unused. | +| test.c:27:4:27:18 | call to no_side_effects | Result of operation is unused and has no side effects. | diff --git a/c/misra/test/rules/RULE-2-2/DeadCode.qlref b/c/misra/test/rules/RULE-2-2/DeadCode.qlref new file mode 100644 index 0000000000..761e04d51b --- /dev/null +++ b/c/misra/test/rules/RULE-2-2/DeadCode.qlref @@ -0,0 +1 @@ +rules/RULE-2-2/DeadCode.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-2-2/DeadCode.testref b/c/misra/test/rules/RULE-2-2/DeadCode.testref deleted file mode 100644 index f084f30aaa..0000000000 --- a/c/misra/test/rules/RULE-2-2/DeadCode.testref +++ /dev/null @@ -1 +0,0 @@ -c/common/test/rules/deadcode/DeadCode.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-2-2/test.c b/c/misra/test/rules/RULE-2-2/test.c new file mode 100644 index 0000000000..148af8dc9e --- /dev/null +++ b/c/misra/test/rules/RULE-2-2/test.c @@ -0,0 +1,30 @@ +int may_have_side_effects(); +int no_side_effects(int x) { return 1 + 2; } +int no_side_effects_nondeterministic(); + +int test_dead_code(int x) { + int live1 = may_have_side_effects(), + live2 = may_have_side_effects(); // COMPLIANT + int live3 = 0, + live4 = may_have_side_effects(); // COMPLIANT + int live5 = 0, live6 = 0; // COMPLIANT + live5 = 1; // COMPLIANT + live6 = 2; // COMPLIANT + + int dead1 = 0, dead2 = 0; // COMPLIANT - init not considered by this rule + dead1 = 1; // NON_COMPLIANT - useless assignment + dead2 = 1; // NON_COMPLIANT - useless assignment + + may_have_side_effects(); // COMPLIANT + 1 + 2; // NON_COMPLIANT + + no_side_effects(x); // NON_COMPLIANT + + (int)may_have_side_effects(); // NON_COMPLIANT + (int)no_side_effects(x); // NON_COMPLIANT + (void)no_side_effects(x); // COMPLIANT + (may_have_side_effects()); // COMPLIANT + (no_side_effects(x)); // NON_COMPLIANT + + return live5 + live6; // COMPLIANT +} \ No newline at end of file diff --git a/rule_packages/c/DeadCode.json b/rule_packages/c/DeadCode.json index 1de7625225..21c8a94ac8 100644 --- a/rule_packages/c/DeadCode.json +++ b/rule_packages/c/DeadCode.json @@ -39,21 +39,7 @@ "tags": [ "readability", "maintainability" - ], - "implementation_scope": { - "description": "This query identifies dead statements in the program of the following kinds:", - "items": [ - "Declarations of a non-static stack variable whose initializing expression is pure (i.e. has no side-effects) and that is never subsequently accessed in live code.", - "Blocks that contain only dead statements.", - "Do loops whose condition is pure, and whose body contains only dead statements.", - "If statements whose condition is pure, and whose then and else clauses (where they exist) only contain dead statements.", - "Label statements to which the code never jumps.", - "While loops whose condition is pure, and whose body contains only dead statements.", - "Expression statements whose expressions are pure.", - "Writes to a non-static stack variable that is never subsequently read in live code." - ] - }, - "shared_implementation_short_name": "DeadCode" + ] } ], "title": "There shall be no dead code" From 85b161a2d29826cc292cabb57e84487af342375b Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 26 Sep 2024 09:13:20 +0100 Subject: [PATCH 2007/2573] RULE-2-2: Exclude cases nested in macro expansions --- c/misra/src/rules/RULE-2-2/DeadCode.ql | 4 ++++ c/misra/test/rules/RULE-2-2/DeadCode.expected | 2 ++ c/misra/test/rules/RULE-2-2/test.c | 12 ++++++++++++ .../cpp/alertreporting/HoldsForAllInstances.qll | 15 ++++++++++----- 4 files changed, 28 insertions(+), 5 deletions(-) diff --git a/c/misra/src/rules/RULE-2-2/DeadCode.ql b/c/misra/src/rules/RULE-2-2/DeadCode.ql index 79f69e760d..f90a11eb70 100644 --- a/c/misra/src/rules/RULE-2-2/DeadCode.ql +++ b/c/misra/src/rules/RULE-2-2/DeadCode.ql @@ -14,6 +14,7 @@ import cpp import codingstandards.c.misra +import codingstandards.cpp.alertreporting.HoldsForAllInstances import codingstandards.cpp.deadcode.UselessAssignments /** @@ -39,6 +40,9 @@ class DeadOperation extends Expr { string description; DeadOperation() { + // Exclude cases nested within macro expansions, because the code may be "live" in other + // expansions + isNotWithinMacroExpansion(this) and exists(ExprStmtExpr e | if exists(getExplicitCast(e)) then diff --git a/c/misra/test/rules/RULE-2-2/DeadCode.expected b/c/misra/test/rules/RULE-2-2/DeadCode.expected index 6cb0fb0c60..1f4ff5f4a8 100644 --- a/c/misra/test/rules/RULE-2-2/DeadCode.expected +++ b/c/misra/test/rules/RULE-2-2/DeadCode.expected @@ -5,3 +5,5 @@ | test.c:23:3:23:30 | (int)... | Cast operation is unused. | | test.c:24:3:24:25 | (int)... | Cast operation is unused. | | test.c:27:4:27:18 | call to no_side_effects | Result of operation is unused and has no side effects. | +| test.c:37:3:37:27 | call to no_side_effects | Result of operation is unused and has no side effects. | +| test.c:38:7:38:31 | call to no_side_effects | Result of operation is unused and has no side effects. | diff --git a/c/misra/test/rules/RULE-2-2/test.c b/c/misra/test/rules/RULE-2-2/test.c index 148af8dc9e..f8248c52d2 100644 --- a/c/misra/test/rules/RULE-2-2/test.c +++ b/c/misra/test/rules/RULE-2-2/test.c @@ -26,5 +26,17 @@ int test_dead_code(int x) { (may_have_side_effects()); // COMPLIANT (no_side_effects(x)); // NON_COMPLIANT +#define FULL_STMT_NO_SIDE_EFFECTS no_side_effects(1); +#define PART_STMT_NO_SIDE_EFFECTS no_side_effects(1) +#define BLOCK_SOME_SIDE_EFFECTS \ + { \ + may_have_side_effects(); \ + no_side_effects(1); \ + } + + FULL_STMT_NO_SIDE_EFFECTS // NON_COMPLIANT + PART_STMT_NO_SIDE_EFFECTS; // NON_COMPLIANT + BLOCK_SOME_SIDE_EFFECTS; // COMPLIANT + return live5 + live6; // COMPLIANT } \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/alertreporting/HoldsForAllInstances.qll b/cpp/common/src/codingstandards/cpp/alertreporting/HoldsForAllInstances.qll index fcf307c975..aa2abd9e88 100644 --- a/cpp/common/src/codingstandards/cpp/alertreporting/HoldsForAllInstances.qll +++ b/cpp/common/src/codingstandards/cpp/alertreporting/HoldsForAllInstances.qll @@ -20,14 +20,19 @@ import cpp /** - * Holds if the `Stmt` `s` is not within a macro expansion, i.e. generated by a macro, but not the - * outermost `Stmt` generated by the macro. + * Holds if the `Element` `e` is not within a macro expansion, i.e. generated by a macro, but not + * the outermost `Stmt` or `Expr` generated by the macro. */ -predicate isNotWithinMacroExpansion(Stmt s) { - not s.isInMacroExpansion() +predicate isNotWithinMacroExpansion(Element e) { + not e.isInMacroExpansion() or exists(MacroInvocation mi | - mi.getStmt() = s and + mi.getStmt() = e + or + mi.getExpr() = e + or + mi.getStmt().(ExprStmt).getExpr() = e + | not exists(mi.getParentInvocation()) ) } From 0639b1992c239b17ae292ae7e9c5c943a06c7d2f Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 26 Sep 2024 22:53:39 +0100 Subject: [PATCH 2008/2573] Rule 2.2: Ignore results which are only dead in some compilations Use the HoldsForAllInstances module to eliminate cases where a line of code is compiled into multiple targets with different dead code behaviour. --- c/misra/src/rules/RULE-2-2/DeadCode.ql | 10 +-- .../alertreporting/HoldsForAllInstances.qll | 69 ++++++++++--------- .../cpp/rules/deadcode/DeadCode.qll | 8 +-- 3 files changed, 47 insertions(+), 40 deletions(-) diff --git a/c/misra/src/rules/RULE-2-2/DeadCode.ql b/c/misra/src/rules/RULE-2-2/DeadCode.ql index f90a11eb70..9c2671e1f4 100644 --- a/c/misra/src/rules/RULE-2-2/DeadCode.ql +++ b/c/misra/src/rules/RULE-2-2/DeadCode.ql @@ -36,10 +36,10 @@ class ExprStmtExpr extends Expr { * An "operation" as defined by MISRA C Rule 2.2 that is dead, i.e. it's removal has no effect on * the behaviour of the program. */ -class DeadOperation extends Expr { +class DeadOperationInstance extends Expr { string description; - DeadOperation() { + DeadOperationInstance() { // Exclude cases nested within macro expansions, because the code may be "live" in other // expansions isNotWithinMacroExpansion(this) and @@ -74,6 +74,8 @@ class DeadOperation extends Expr { string getDescription() { result = description } } +class DeadOperation = HoldsForAllInstances::LogicalResultElement; + from DeadOperation deadOperation -where not isExcluded(deadOperation, DeadCodePackage::deadCodeQuery()) -select deadOperation, deadOperation.getDescription() + "." +where not isExcluded(deadOperation.getAnElementInstance(), DeadCodePackage::deadCodeQuery()) +select deadOperation, deadOperation.getAnElementInstance().getDescription() + "." diff --git a/cpp/common/src/codingstandards/cpp/alertreporting/HoldsForAllInstances.qll b/cpp/common/src/codingstandards/cpp/alertreporting/HoldsForAllInstances.qll index aa2abd9e88..1ea8787c22 100644 --- a/cpp/common/src/codingstandards/cpp/alertreporting/HoldsForAllInstances.qll +++ b/cpp/common/src/codingstandards/cpp/alertreporting/HoldsForAllInstances.qll @@ -2,26 +2,26 @@ * A module for considering whether a result occurs in all instances (e.g. copies) of the code at a * given location. * - * Multiple instances of a statement at the same location can occur for two main reasons: + * Multiple instances of an element at the same location can occur for two main reasons: * 1. Instantiations of a template * 2. Re-compilation of a file under a different context * This module helps ensure that a particular condition holds for all copies of a particular logical - * statement. For example, this can be used to determine whether a line of code is dead in all copies + * element. For example, this can be used to determine whether a line of code is dead in all copies * of a piece of code. * - * This module is parameterized by a set of _candidate_ statements in the program. For each candidate - * statement, we determine whether all other statements that occur at the same location in the - * program are also part of the same set, ignoring any results generated by macros. + * This module is parameterized by a set of _candidate_ elements in the program. For each candidate + * element, we determine whether all other elements in the same element set that occur at the same + * location in the program are also part of the same set, ignoring any results generated by macros. * - * We do so by reporting a new type of result, `LogicalResultStmt`, which represents a logical result - * where all instances of a statement at a given location are considered to be part of the same set. + * We do so by reporting a new type of result, `LogicalResultElement`, which represents a logical result + * where all instances of a element at a given location are considered to be part of the same set. */ import cpp /** * Holds if the `Element` `e` is not within a macro expansion, i.e. generated by a macro, but not - * the outermost `Stmt` or `Expr` generated by the macro. + * the outermost `Element` or `Expr` generated by the macro. */ predicate isNotWithinMacroExpansion(Element e) { not e.isInMacroExpansion() @@ -37,32 +37,35 @@ predicate isNotWithinMacroExpansion(Element e) { ) } -/** A candidate set of types. */ -signature class CandidateStmtSig extends Stmt; +/** A candidate set of elements. */ +signature class CandidateElementSig extends Element; + +/** The super set of relevant elements. */ +signature class ElementSetSig extends Element; /** * A module for considering whether a result occurs in all instances (e.g. copies) of the code at a * given location. */ -module HoldsForAllInstances { +module HoldsForAllInstances { private predicate hasLocation( - Stmt s, string filepath, int startline, int startcolumn, int endline, int endcolumn + ElementSet s, string filepath, int startline, int startcolumn, int endline, int endcolumn ) { s.getLocation().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) } - final private class MyStmt = Stmt; + final private class MyElement = ElementSet; /** - * A `Stmt` that appears at the same location as a candidate statement. + * A `Element` that appears at the same location as a candidate element. */ - private class RelevantStmt extends MyStmt { - CandidateStmt s; + private class RelevantElement extends MyElement { + CandidateElement e; - RelevantStmt() { + RelevantElement() { exists(string filepath, int startline, int startcolumn, int endline, int endcolumn | hasLocation(this, filepath, startline, startcolumn, endline, endcolumn) and - hasLocation(s, filepath, startline, startcolumn, endline, endcolumn) + hasLocation(e, filepath, startline, startcolumn, endline, endcolumn) ) and // Not within a macro expansion, as we cannot match up instances by location in that // case @@ -71,41 +74,43 @@ module HoldsForAllInstances { not this instanceof Handler } - CandidateStmt getCandidateStmt() { result = s } + CandidateElement getCandidateElement() { result = e } } - newtype TResultStmts = - TLogicalResultStmt(string filepath, int startline, int startcolumn, int endline, int endcolumn) { - exists(CandidateStmt s | + newtype TResultElements = + TLogicalResultElement( + string filepath, int startline, int startcolumn, int endline, int endcolumn + ) { + exists(CandidateElement s | // Only consider candidates where we can match up the location isNotWithinMacroExpansion(s) and hasLocation(s, filepath, startline, startcolumn, endline, endcolumn) and - // All relevant statements that occur at the same location are candidates - forex(RelevantStmt relevantStmt | s = relevantStmt.getCandidateStmt() | - relevantStmt instanceof CandidateStmt + // All relevant elements that occur at the same location are candidates + forex(RelevantElement relevantElement | s = relevantElement.getCandidateElement() | + relevantElement instanceof CandidateElement ) ) } /** - * A logical result statement, representing all instances of a statement that occur at the same + * A logical result element, representing all instances of a element that occur at the same * location. */ - class LogicalResultStmt extends TLogicalResultStmt { + class LogicalResultElement extends TLogicalResultElement { predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn ) { - this = TLogicalResultStmt(filepath, startline, startcolumn, endline, endcolumn) + this = TLogicalResultElement(filepath, startline, startcolumn, endline, endcolumn) } - /** Gets an instance of this logical result statement. */ - CandidateStmt getAStmtInstance() { + /** Gets an instance of this logical result element. */ + CandidateElement getAnElementInstance() { exists(string filepath, int startline, int startcolumn, int endline, int endcolumn | - this = TLogicalResultStmt(filepath, startline, startcolumn, endline, endcolumn) and + this = TLogicalResultElement(filepath, startline, startcolumn, endline, endcolumn) and hasLocation(result, filepath, startline, startcolumn, endline, endcolumn) ) } - string toString() { result = getAStmtInstance().toString() } + string toString() { result = getAnElementInstance().toString() } } } diff --git a/cpp/common/src/codingstandards/cpp/rules/deadcode/DeadCode.qll b/cpp/common/src/codingstandards/cpp/rules/deadcode/DeadCode.qll index 667c9020a9..5023b8ae14 100644 --- a/cpp/common/src/codingstandards/cpp/rules/deadcode/DeadCode.qll +++ b/cpp/common/src/codingstandards/cpp/rules/deadcode/DeadCode.qll @@ -122,16 +122,16 @@ class DeadStmtInstance extends Stmt { } } -class DeadStmt = HoldsForAllInstances::LogicalResultStmt; +class DeadStmt = HoldsForAllInstances::LogicalResultElement; query predicate problems(DeadStmt s, string message) { - not isExcluded(s.getAStmtInstance(), getQuery()) and + not isExcluded(s.getAnElementInstance(), getQuery()) and message = "This statement is dead code." and // Report only the highest level dead statement, to avoid over reporting not exists(DeadStmt parent | // All instances must share a dead statement parent for us to report the parent instead - forall(Stmt instance | instance = s.getAStmtInstance() | - parent.getAStmtInstance() = instance.getParentStmt() + forall(Stmt instance | instance = s.getAnElementInstance() | + parent.getAnElementInstance() = instance.getParentStmt() ) ) } From 35d2f560d55e8737450d1f05a53766b9083dcc45 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 26 Sep 2024 23:08:12 +0100 Subject: [PATCH 2009/2573] Rule 2.2: Report dead function, if the op is a call --- c/misra/src/rules/RULE-2-2/DeadCode.ql | 21 ++++++++++++++++--- c/misra/test/rules/RULE-2-2/DeadCode.expected | 18 ++++++++-------- 2 files changed, 27 insertions(+), 12 deletions(-) diff --git a/c/misra/src/rules/RULE-2-2/DeadCode.ql b/c/misra/src/rules/RULE-2-2/DeadCode.ql index 9c2671e1f4..8d7ccce273 100644 --- a/c/misra/src/rules/RULE-2-2/DeadCode.ql +++ b/c/misra/src/rules/RULE-2-2/DeadCode.ql @@ -76,6 +76,21 @@ class DeadOperationInstance extends Expr { class DeadOperation = HoldsForAllInstances::LogicalResultElement; -from DeadOperation deadOperation -where not isExcluded(deadOperation.getAnElementInstance(), DeadCodePackage::deadCodeQuery()) -select deadOperation, deadOperation.getAnElementInstance().getDescription() + "." +from + DeadOperation deadOperation, DeadOperationInstance instance, string message, Element explainer, + string explainerDescription +where + not isExcluded(instance, DeadCodePackage::deadCodeQuery()) and + instance = deadOperation.getAnElementInstance() and + if instance instanceof FunctionCall + then + message = instance.getDescription() + " from call to function $@" and + explainer = instance.(FunctionCall).getTarget() and + explainerDescription = explainer.(Function).getName() + else ( + message = instance.getDescription() and + // Ignore the explainer + explainer = instance and + explainerDescription = "" + ) +select deadOperation, message + ".", explainer, explainerDescription diff --git a/c/misra/test/rules/RULE-2-2/DeadCode.expected b/c/misra/test/rules/RULE-2-2/DeadCode.expected index 1f4ff5f4a8..e25a5a97ef 100644 --- a/c/misra/test/rules/RULE-2-2/DeadCode.expected +++ b/c/misra/test/rules/RULE-2-2/DeadCode.expected @@ -1,9 +1,9 @@ -| test.c:15:3:15:11 | ... = ... | Assignment to dead1 is unused and has no side effects. | -| test.c:16:3:16:11 | ... = ... | Assignment to dead2 is unused and has no side effects. | -| test.c:19:3:19:7 | ... + ... | Result of operation is unused and has no side effects. | -| test.c:21:3:21:17 | call to no_side_effects | Result of operation is unused and has no side effects. | -| test.c:23:3:23:30 | (int)... | Cast operation is unused. | -| test.c:24:3:24:25 | (int)... | Cast operation is unused. | -| test.c:27:4:27:18 | call to no_side_effects | Result of operation is unused and has no side effects. | -| test.c:37:3:37:27 | call to no_side_effects | Result of operation is unused and has no side effects. | -| test.c:38:7:38:31 | call to no_side_effects | Result of operation is unused and has no side effects. | +| test.c:15:3:15:11 | ... = ... | Assignment to dead1 is unused and has no side effects. | test.c:15:3:15:11 | ... = ... | | +| test.c:16:3:16:11 | ... = ... | Assignment to dead2 is unused and has no side effects. | test.c:16:3:16:11 | ... = ... | | +| test.c:19:3:19:7 | ... + ... | Result of operation is unused and has no side effects. | test.c:19:3:19:7 | ... + ... | | +| test.c:21:3:21:17 | call to no_side_effects | Result of operation is unused and has no side effects from call to function $@. | test.c:2:5:2:19 | no_side_effects | no_side_effects | +| test.c:23:3:23:30 | (int)... | Cast operation is unused. | test.c:23:3:23:30 | (int)... | | +| test.c:24:3:24:25 | (int)... | Cast operation is unused. | test.c:24:3:24:25 | (int)... | | +| test.c:27:4:27:18 | call to no_side_effects | Result of operation is unused and has no side effects from call to function $@. | test.c:2:5:2:19 | no_side_effects | no_side_effects | +| test.c:37:3:37:27 | call to no_side_effects | Result of operation is unused and has no side effects from call to function $@. | test.c:2:5:2:19 | no_side_effects | no_side_effects | +| test.c:38:7:38:31 | call to no_side_effects | Result of operation is unused and has no side effects from call to function $@. | test.c:2:5:2:19 | no_side_effects | no_side_effects | From 785974b728b02f42b9a344ff1dd04c56652fd966 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 26 Sep 2024 23:12:33 +0100 Subject: [PATCH 2010/2573] DeadCode: Add change note --- change_notes/2024-09-25-dead-code-improvements.md | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 change_notes/2024-09-25-dead-code-improvements.md diff --git a/change_notes/2024-09-25-dead-code-improvements.md b/change_notes/2024-09-25-dead-code-improvements.md new file mode 100644 index 0000000000..9cd8d95ff5 --- /dev/null +++ b/change_notes/2024-09-25-dead-code-improvements.md @@ -0,0 +1,5 @@ + - `M0-1-9` - `DeadCode.ql` + - Remove false positives for statements where the enclosing function is compiled multiple times, either as part of different targets or a different template instantiations. Previously we would see false positives where a statement was dead in one instance of the code, but not other instances. We now only consider a statement dead if it is dead in all instances of that code. +- `RULE-2-2` - `DeadCode.ql`: + - Query has been rewritten to report only _operations_ that are considered dead, not statements. This should reduce false positives. + - Remove false positives for operations where the enclosing function is compiled multiple times, either as part of different targets or a different template instantiations. Previously we would see false positives where a operation was dead in one instance of the code, but not other instances. We now only consider a operation dead if it is dead in all instances of that code. \ No newline at end of file From 37696a908578a78ad32b8b4874deef75f08dbbfd Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Thu, 26 Sep 2024 23:16:44 +0100 Subject: [PATCH 2011/2573] Updates from editor --- .github/workflows/codeql_unit_tests.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index a0526551ff..41a2990b26 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -164,8 +164,8 @@ jobs: needs: run-test-suites runs-on: ubuntu-22.04 steps: - - name: Check if a dependent job failed to complete - if: ${{ failure() }} + - name: Check if run-test-suites job failed to complete, if so fail + if: ${{ needs.run-test-suites.result == 'failure }} uses: actions/github-script@v3 with: script: | From 33223fa18bf0fb2a6b57525866c7c6219020e715 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 26 Sep 2024 23:25:12 +0000 Subject: [PATCH 2012/2573] Bump actions/download-artifact Bumps the github_actions group with 1 update in the /.github/workflows directory: [actions/download-artifact](https://github.com/actions/download-artifact). Updates `actions/download-artifact` from 2 to 4 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/v2...v4) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-type: direct:production dependency-group: github_actions ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql_unit_tests.yml | 2 +- .github/workflows/standard_library_upgrade_tests.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index 62660d973d..a6488a728c 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -164,7 +164,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Collect test results - uses: actions/download-artifact@v3 + uses: actions/download-artifact@v4 - name: Validate test results run: | diff --git a/.github/workflows/standard_library_upgrade_tests.yml b/.github/workflows/standard_library_upgrade_tests.yml index 5402dc9105..35717b7b4e 100644 --- a/.github/workflows/standard_library_upgrade_tests.yml +++ b/.github/workflows/standard_library_upgrade_tests.yml @@ -162,7 +162,7 @@ jobs: python-version: "3.9" - name: Collect test results - uses: actions/download-artifact@v2 + uses: actions/download-artifact@v4 - name: Validate test results shell: python From 37c198ff0cc897a1b546b8694ffe8ee86b1230ac Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Fri, 27 Sep 2024 08:53:26 +0100 Subject: [PATCH 2013/2573] Updates from editor --- .github/workflows/codeql_unit_tests.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index 41a2990b26..5c2bc10733 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -165,7 +165,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Check if run-test-suites job failed to complete, if so fail - if: ${{ needs.run-test-suites.result == 'failure }} + if: ${{ needs.run-test-suites.result == 'failure' }} uses: actions/github-script@v3 with: script: | From e9cfc8ebe2284c47ed9858697f6c66dc09cb21fe Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Fri, 27 Sep 2024 09:43:01 +0100 Subject: [PATCH 2014/2573] Revert introduction of CodeQL error --- .../rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/misra/src/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.ql b/c/misra/src/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.ql index 06c9274e8c..9503024671 100644 --- a/c/misra/src/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.ql +++ b/c/misra/src/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.ql @@ -15,7 +15,7 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.usageofassemblernotdocumented.UsageOfAssemblerNotDocumented -class UsageOfAssemblyLanguageShouldBeDocumentedQuery UsageOfAssemblerNotDocumentedSharedQuery +class UsageOfAssemblyLanguageShouldBeDocumentedQuery extends UsageOfAssemblerNotDocumentedSharedQuery { UsageOfAssemblyLanguageShouldBeDocumentedQuery() { this = Language2Package::usageOfAssemblyLanguageShouldBeDocumentedQuery() From c8e50910bb1c292dbb395078aec2aef2f7f078b3 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 27 Sep 2024 13:29:11 -0700 Subject: [PATCH 2015/2573] Address feedback --- ...unctionNoReturnAttributeCondition.expected | 3 ++ .../FunctionNoReturnAttributeCondition.ql | 4 +++ .../test.c | 28 +++++++++++++++++++ .../NonVoidReturnTypeOfNoreturnFunction.ql | 6 ++-- ...onWithNoReturningBranchShouldBeNoreturn.ql | 6 ++-- .../ReturnStatementInNoreturnFunction.ql | 13 +++++---- ...NoReturningBranchShouldBeNoreturn.expected | 2 ++ c/misra/test/rules/RULE-17-11/test.c | 13 +++++++++ ...ReturnStatementInNoreturnFunction.expected | 3 -- .../ReturnStatementInNoreturnFunction.testref | 1 + .../src/codingstandards/cpp}/Noreturn.qll | 0 .../FunctionNoReturnAttributeCondition.qll | 23 ++++++++++----- rule_packages/c/NoReturn.json | 7 +++-- 13 files changed, 86 insertions(+), 23 deletions(-) create mode 100644 c/common/test/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.expected create mode 100644 c/common/test/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.ql rename c/{misra/test/rules/RULE-17-9 => common/test/rules/functionnoreturnattributecondition}/test.c (61%) delete mode 100644 c/misra/test/rules/RULE-17-9/ReturnStatementInNoreturnFunction.expected create mode 100644 c/misra/test/rules/RULE-17-9/ReturnStatementInNoreturnFunction.testref rename {c/common/src/codingstandards/c => cpp/common/src/codingstandards/cpp}/Noreturn.qll (100%) diff --git a/c/common/test/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.expected b/c/common/test/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.expected new file mode 100644 index 0000000000..5aede0a5ba --- /dev/null +++ b/c/common/test/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.expected @@ -0,0 +1,3 @@ +| test.c:9:16:9:31 | test_noreturn_f2 | The function test_noreturn_f2 declared with attribute _Noreturn returns a value. | +| test.c:34:16:34:31 | test_noreturn_f5 | The function test_noreturn_f5 declared with attribute _Noreturn returns a value. | +| test.c:49:32:49:47 | test_noreturn_f7 | The function test_noreturn_f7 declared with attribute _Noreturn returns a value. | diff --git a/c/common/test/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.ql b/c/common/test/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.ql new file mode 100644 index 0000000000..4af4aeceaf --- /dev/null +++ b/c/common/test/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.functionnoreturnattributecondition.FunctionNoReturnAttributeCondition + +class TestFileQuery extends FunctionNoReturnAttributeConditionSharedQuery, TestQuery { } diff --git a/c/misra/test/rules/RULE-17-9/test.c b/c/common/test/rules/functionnoreturnattributecondition/test.c similarity index 61% rename from c/misra/test/rules/RULE-17-9/test.c rename to c/common/test/rules/functionnoreturnattributecondition/test.c index 05ff410562..8299c0cc89 100644 --- a/c/misra/test/rules/RULE-17-9/test.c +++ b/c/common/test/rules/functionnoreturnattributecondition/test.c @@ -1,4 +1,6 @@ #include "stdlib.h" +#include "threads.h" +#include "setjmp.h" _Noreturn void test_noreturn_f1(int i) { // COMPLIANT abort(); @@ -52,4 +54,30 @@ __attribute__((noreturn)) void test_noreturn_f7(int i) { // NON_COMPLIANT __attribute__((noreturn)) void test_noreturn_f8(int i) { // COMPLIANT abort(); +} + +_Noreturn void test_noreturn_f9(int i) { // COMPLIANT + test_noreturn_f1(i); +} + +_Noreturn void test_noreturn_f10(int i) { // COMPLIANT + switch(i) { + case 0: + abort(); break; + case 1: + exit(0); break; + case 2: + _Exit(0); break; + case 3: + quick_exit(0); break; + case 4: + thrd_exit(0); break; + default: + jmp_buf jb; + longjmp(jb, 0); + } +} + +_Noreturn void test_noreturn_f11(int i) { // COMPLIANT + return test_noreturn_f11(i); } \ No newline at end of file diff --git a/c/misra/src/rules/RULE-17-10/NonVoidReturnTypeOfNoreturnFunction.ql b/c/misra/src/rules/RULE-17-10/NonVoidReturnTypeOfNoreturnFunction.ql index 3e6f2340fd..68c5faeb1b 100644 --- a/c/misra/src/rules/RULE-17-10/NonVoidReturnTypeOfNoreturnFunction.ql +++ b/c/misra/src/rules/RULE-17-10/NonVoidReturnTypeOfNoreturnFunction.ql @@ -7,18 +7,20 @@ * @precision very-high * @problem.severity recommendation * @tags external/misra/id/rule-17-10 + * correctness * external/misra/obligation/required */ import cpp import codingstandards.c.misra -import codingstandards.c.Noreturn +import codingstandards.cpp.Noreturn from NoreturnFunction f, Type returnType where not isExcluded(f, NoReturnPackage::nonVoidReturnTypeOfNoreturnFunctionQuery()) and returnType = f.getType() and - not returnType instanceof VoidType + not returnType instanceof VoidType and + not f.isCompilerGenerated() select f, "The function " + f.getName() + " is declared _noreturn but has a return type of " + returnType.toString() + "." diff --git a/c/misra/src/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.ql b/c/misra/src/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.ql index c5d342c015..5563822f9c 100644 --- a/c/misra/src/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.ql +++ b/c/misra/src/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.ql @@ -6,12 +6,13 @@ * @precision high * @problem.severity recommendation * @tags external/misra/id/rule-17-11 + * correctness * external/misra/obligation/advisory */ import cpp import codingstandards.c.misra -import codingstandards.c.Noreturn +import codingstandards.cpp.Noreturn from Function f where @@ -19,6 +20,7 @@ where not f instanceof NoreturnFunction and not mayReturn(f) and f.hasDefinition() and - f.getName() != "main" // Allowed exception; _Noreturn main() is undefined behavior. + not f.getName() = "main" and // Allowed exception; _Noreturn main() is undefined behavior. + not f.isCompilerGenerated() select f, "The function " + f.getName() + " cannot return and should be declared attribute _Noreturn." diff --git a/c/misra/src/rules/RULE-17-9/ReturnStatementInNoreturnFunction.ql b/c/misra/src/rules/RULE-17-9/ReturnStatementInNoreturnFunction.ql index 7c23cf306f..360be01b7c 100644 --- a/c/misra/src/rules/RULE-17-9/ReturnStatementInNoreturnFunction.ql +++ b/c/misra/src/rules/RULE-17-9/ReturnStatementInNoreturnFunction.ql @@ -6,15 +6,16 @@ * @precision very-high * @problem.severity error * @tags external/misra/id/rule-17-9 + * correctness * external/misra/obligation/mandatory */ import cpp import codingstandards.c.misra -import codingstandards.c.Noreturn +import codingstandards.cpp.rules.functionnoreturnattributecondition.FunctionNoReturnAttributeCondition -from NoreturnFunction f -where - not isExcluded(f, NoReturnPackage::returnStatementInNoreturnFunctionQuery()) and - mayReturn(f) -select f, "The function " + f.getName() + " declared with attribute _Noreturn returns a value." +class ReturnStatementInNoreturnFunctionQuery extends FunctionNoReturnAttributeConditionSharedQuery { + ReturnStatementInNoreturnFunctionQuery() { + this = NoReturnPackage::returnStatementInNoreturnFunctionQuery() + } +} diff --git a/c/misra/test/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.expected b/c/misra/test/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.expected index 15389bfcdd..fe275e9497 100644 --- a/c/misra/test/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.expected +++ b/c/misra/test/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.expected @@ -2,3 +2,5 @@ | test.c:18:6:18:21 | test_noreturn_f4 | The function test_noreturn_f4 cannot return and should be declared attribute _Noreturn. | | test.c:47:6:47:21 | test_noreturn_f8 | The function test_noreturn_f8 cannot return and should be declared attribute _Noreturn. | | test.c:63:6:63:22 | test_noreturn_f10 | The function test_noreturn_f10 cannot return and should be declared attribute _Noreturn. | +| test.c:97:6:97:22 | test_noreturn_f15 | The function test_noreturn_f15 cannot return and should be declared attribute _Noreturn. | +| test.c:101:6:101:22 | test_noreturn_f16 | The function test_noreturn_f16 cannot return and should be declared attribute _Noreturn. | diff --git a/c/misra/test/rules/RULE-17-11/test.c b/c/misra/test/rules/RULE-17-11/test.c index 1ecc2b1c44..7baaea5821 100644 --- a/c/misra/test/rules/RULE-17-11/test.c +++ b/c/misra/test/rules/RULE-17-11/test.c @@ -88,4 +88,17 @@ __attribute__((noreturn)) void test_noreturn_f13(int i) { // COMPLIANT // noreturn. int main(char **argv, int argc) { // COMPLIANT abort(); +} + +_Noreturn void test_noreturn_f14(int i) { // COMPLIANT + test_noreturn_f1(i); +} + +void test_noreturn_f15(int i) { // NON_COMPLIANT + test_noreturn_f1(i); +} + +void test_noreturn_f16(int i) { // NON_COMPLIANT + // Infinite tail recursion + test_noreturn_f16(i); } \ No newline at end of file diff --git a/c/misra/test/rules/RULE-17-9/ReturnStatementInNoreturnFunction.expected b/c/misra/test/rules/RULE-17-9/ReturnStatementInNoreturnFunction.expected deleted file mode 100644 index 9775f797de..0000000000 --- a/c/misra/test/rules/RULE-17-9/ReturnStatementInNoreturnFunction.expected +++ /dev/null @@ -1,3 +0,0 @@ -| test.c:7:16:7:31 | test_noreturn_f2 | The function test_noreturn_f2 declared with attribute _Noreturn returns a value. | -| test.c:32:16:32:31 | test_noreturn_f5 | The function test_noreturn_f5 declared with attribute _Noreturn returns a value. | -| test.c:47:32:47:47 | test_noreturn_f7 | The function test_noreturn_f7 declared with attribute _Noreturn returns a value. | diff --git a/c/misra/test/rules/RULE-17-9/ReturnStatementInNoreturnFunction.testref b/c/misra/test/rules/RULE-17-9/ReturnStatementInNoreturnFunction.testref new file mode 100644 index 0000000000..09a6d90538 --- /dev/null +++ b/c/misra/test/rules/RULE-17-9/ReturnStatementInNoreturnFunction.testref @@ -0,0 +1 @@ +c/common/test/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.ql \ No newline at end of file diff --git a/c/common/src/codingstandards/c/Noreturn.qll b/cpp/common/src/codingstandards/cpp/Noreturn.qll similarity index 100% rename from c/common/src/codingstandards/c/Noreturn.qll rename to cpp/common/src/codingstandards/cpp/Noreturn.qll diff --git a/cpp/common/src/codingstandards/cpp/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.qll b/cpp/common/src/codingstandards/cpp/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.qll index 2b910612cb..e2c210282b 100644 --- a/cpp/common/src/codingstandards/cpp/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.qll +++ b/cpp/common/src/codingstandards/cpp/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.qll @@ -5,20 +5,29 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions +import codingstandards.cpp.Noreturn abstract class FunctionNoReturnAttributeConditionSharedQuery extends Query { } Query getQuery() { result instanceof FunctionNoReturnAttributeConditionSharedQuery } +/** + * `noreturn` functions are declared differently in c/c++. Attempt to match + * the description to the file; low risk if it chooses incorrectly. + */ +string describeNoreturn(Function f) { + if f.getFile().getExtension() = ["c", "C", "h", "H"] + then result = "_Noreturn" + else result = "[[noreturn]]" +} + /** * This checks that the return statement is reachable from the function entry point */ -query predicate problems(Function f, string message) { +query predicate problems(NoreturnFunction f, string message) { not isExcluded(f, getQuery()) and - f.getAnAttribute().getName() = "noreturn" and - exists(ReturnStmt s | - f = s.getEnclosingFunction() and - s.getBasicBlock().isReachable() - ) and - message = "The function " + f.getName() + " declared with attribute [[noreturn]] returns a value." + mayReturn(f) and + not f.isCompilerGenerated() and + message = + "The function " + f.getName() + " declared with attribute " + describeNoreturn(f) + " returns a value." } diff --git a/rule_packages/c/NoReturn.json b/rule_packages/c/NoReturn.json index 1cb4d02ab4..d06068f376 100644 --- a/rule_packages/c/NoReturn.json +++ b/rule_packages/c/NoReturn.json @@ -12,7 +12,7 @@ "precision": "very-high", "severity": "recommendation", "short_name": "NonVoidReturnTypeOfNoreturnFunction", - "tags": [] + "tags": ["correctness"] } ], "title": "A function declared with _noreturn shall have a return type of void" @@ -29,7 +29,7 @@ "precision": "high", "severity": "recommendation", "short_name": "FunctionWithNoReturningBranchShouldBeNoreturn", - "tags": [] + "tags": ["correctness"] } ], "title": "A function without a branch that returns shall be declared with _Noreturn" @@ -46,7 +46,8 @@ "precision": "very-high", "severity": "error", "short_name": "ReturnStatementInNoreturnFunction", - "tags": [] + "tags": ["correctness"], + "shared_implementation_short_name": "FunctionNoReturnAttributeCondition" } ], "title": "Verify that a function declared with _Noreturn does not return" From 8991e5f98183d015d02e64b8d47f1748d70b7250 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 27 Sep 2024 13:35:39 -0700 Subject: [PATCH 2016/2573] Fix format --- .../functionnoreturnattributecondition/test.c | 35 +++++++++++-------- .../FunctionNoReturnAttributeCondition.qll | 3 +- 2 files changed, 22 insertions(+), 16 deletions(-) diff --git a/c/common/test/rules/functionnoreturnattributecondition/test.c b/c/common/test/rules/functionnoreturnattributecondition/test.c index 8299c0cc89..1b0ba759e1 100644 --- a/c/common/test/rules/functionnoreturnattributecondition/test.c +++ b/c/common/test/rules/functionnoreturnattributecondition/test.c @@ -1,6 +1,6 @@ +#include "setjmp.h" #include "stdlib.h" #include "threads.h" -#include "setjmp.h" _Noreturn void test_noreturn_f1(int i) { // COMPLIANT abort(); @@ -61,20 +61,25 @@ _Noreturn void test_noreturn_f9(int i) { // COMPLIANT } _Noreturn void test_noreturn_f10(int i) { // COMPLIANT - switch(i) { - case 0: - abort(); break; - case 1: - exit(0); break; - case 2: - _Exit(0); break; - case 3: - quick_exit(0); break; - case 4: - thrd_exit(0); break; - default: - jmp_buf jb; - longjmp(jb, 0); + switch (i) { + case 0: + abort(); + break; + case 1: + exit(0); + break; + case 2: + _Exit(0); + break; + case 3: + quick_exit(0); + break; + case 4: + thrd_exit(0); + break; + default: + jmp_buf jb; + longjmp(jb, 0); } } diff --git a/cpp/common/src/codingstandards/cpp/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.qll b/cpp/common/src/codingstandards/cpp/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.qll index e2c210282b..bb54a31df6 100644 --- a/cpp/common/src/codingstandards/cpp/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.qll +++ b/cpp/common/src/codingstandards/cpp/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.qll @@ -29,5 +29,6 @@ query predicate problems(NoreturnFunction f, string message) { mayReturn(f) and not f.isCompilerGenerated() and message = - "The function " + f.getName() + " declared with attribute " + describeNoreturn(f) + " returns a value." + "The function " + f.getName() + " declared with attribute " + describeNoreturn(f) + + " returns a value." } From b297513482e44fc24126b2c87250ace8fdc49338 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 27 Sep 2024 14:31:29 -0700 Subject: [PATCH 2017/2573] Fix tests --- .../test/rules/RULE-17-9/ReturnStatementInNoreturnFunction.qlref | 1 - 1 file changed, 1 deletion(-) delete mode 100644 c/misra/test/rules/RULE-17-9/ReturnStatementInNoreturnFunction.qlref diff --git a/c/misra/test/rules/RULE-17-9/ReturnStatementInNoreturnFunction.qlref b/c/misra/test/rules/RULE-17-9/ReturnStatementInNoreturnFunction.qlref deleted file mode 100644 index eaa647d8a4..0000000000 --- a/c/misra/test/rules/RULE-17-9/ReturnStatementInNoreturnFunction.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-17-9/ReturnStatementInNoreturnFunction.ql \ No newline at end of file From 6f860fcd49ccb88756ecc39c9c81d62093458aeb Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Mon, 30 Sep 2024 07:51:17 -0700 Subject: [PATCH 2018/2573] Add changelog; tweaks based on MRVA results. --- .../FunctionWithNoReturningBranchShouldBeNoreturn.ql | 7 +++++-- change_notes/2024-09-28-improved-noreturn-rules.md | 3 +++ 2 files changed, 8 insertions(+), 2 deletions(-) create mode 100644 change_notes/2024-09-28-improved-noreturn-rules.md diff --git a/c/misra/src/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.ql b/c/misra/src/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.ql index 5563822f9c..7383746d05 100644 --- a/c/misra/src/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.ql +++ b/c/misra/src/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.ql @@ -16,11 +16,14 @@ import codingstandards.cpp.Noreturn from Function f where - not isExcluded(f, NoReturnPackage::returnStatementInNoreturnFunctionQuery()) and + not isExcluded(f, NoReturnPackage::functionWithNoReturningBranchShouldBeNoreturnQuery()) and not f instanceof NoreturnFunction and not mayReturn(f) and f.hasDefinition() and not f.getName() = "main" and // Allowed exception; _Noreturn main() is undefined behavior. + // Harden against c++ cases. + not f.isFromUninstantiatedTemplate(_) and + not f.isDeleted() and not f.isCompilerGenerated() select f, - "The function " + f.getName() + " cannot return and should be declared attribute _Noreturn." + "The function " + f.getName() + " cannot return and should be declared as _Noreturn." diff --git a/change_notes/2024-09-28-improved-noreturn-rules.md b/change_notes/2024-09-28-improved-noreturn-rules.md new file mode 100644 index 0000000000..99fb4a0f46 --- /dev/null +++ b/change_notes/2024-09-28-improved-noreturn-rules.md @@ -0,0 +1,3 @@ + - `A7-6-1`, `MSC53-CPP`, `RULE-9-6-4` - `FunctionNoReturnAttbrituteCondition.qll` + - Analysis expanded from functions with "noreturn" attribute, now includes the "noreturn" specifier as well to handle new c rules. No difference in C++ results expected. + - Exclude compiler generated functions from being reported. \ No newline at end of file From 3356b5e0163cd51f1bf71cf8a235170c8d1563bf Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Mon, 30 Sep 2024 07:56:50 -0700 Subject: [PATCH 2019/2573] Fix format --- .../FunctionWithNoReturningBranchShouldBeNoreturn.ql | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/c/misra/src/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.ql b/c/misra/src/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.ql index 7383746d05..9769acdb7f 100644 --- a/c/misra/src/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.ql +++ b/c/misra/src/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.ql @@ -25,5 +25,4 @@ where not f.isFromUninstantiatedTemplate(_) and not f.isDeleted() and not f.isCompilerGenerated() -select f, - "The function " + f.getName() + " cannot return and should be declared as _Noreturn." +select f, "The function " + f.getName() + " cannot return and should be declared as _Noreturn." From 805a1935643ddaf55ea0b78739cca9c7ece087cf Mon Sep 17 00:00:00 2001 From: knewbury01 Date: Mon, 30 Sep 2024 15:30:10 +0000 Subject: [PATCH 2020/2573] Bump version to 2.36.0-dev --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- docs/user_manual.md | 12 ++++++------ 16 files changed, 21 insertions(+), 21 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index 1cffeea095..a0adb282a4 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards -version: 2.35.0-dev +version: 2.36.0-dev description: CERT C 2016 suites: codeql-suites license: MIT diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index defb929a0f..7a700897b0 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards-tests -version: 2.35.0-dev +version: 2.36.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 03e55b4851..b1571ec4ec 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards -version: 2.35.0-dev +version: 2.36.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index 97590a4d4e..47b71ea34a 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards-tests -version: 2.35.0-dev +version: 2.36.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 0300f548bd..fe7a2a0567 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards -version: 2.35.0-dev +version: 2.36.0-dev description: MISRA C 2012 suites: codeql-suites license: MIT diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index 26164b1e29..bc2f2e7546 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards-tests -version: 2.35.0-dev +version: 2.36.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index 9342d641ae..947013155f 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards -version: 2.35.0-dev +version: 2.36.0-dev description: AUTOSAR C++14 Guidelines R22-11, R21-11, R20-11, R19-11 and R19-03 suites: codeql-suites license: MIT diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index 7bc49127a1..41a02a6afb 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards-tests -version: 2.35.0-dev +version: 2.36.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index d97fa9b2e3..3a435b5e8e 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards -version: 2.35.0-dev +version: 2.36.0-dev description: CERT C++ 2016 suites: codeql-suites license: MIT diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index 8832249332..2464828aac 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards-tests -version: 2.35.0-dev +version: 2.36.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index 849866287f..a2448fd608 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards -version: 2.35.0-dev +version: 2.36.0-dev license: MIT dependencies: codeql/cpp-all: 0.9.3 diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index 51521c3ada..249c64696e 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards-tests -version: 2.35.0-dev +version: 2.36.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index 75d1ef2e2c..5e50eb563a 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards -version: 2.35.0-dev +version: 2.36.0-dev description: MISRA C++ 2023 suites: codeql-suites license: MIT diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index b1e9fc383e..0267a9ec70 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards-tests -version: 2.35.0-dev +version: 2.36.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index 09ef198c5a..81f95392c9 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/report-cpp-coding-standards -version: 2.35.0-dev +version: 2.36.0-dev license: MIT dependencies: codeql/cpp-all: 0.9.3 diff --git a/docs/user_manual.md b/docs/user_manual.md index 7315ed322a..0d42e698fb 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -30,13 +30,13 @@ ## Release information -This user manual documents release `2.35.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). +This user manual documents release `2.36.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). The release page documents the release notes and contains the following artifacts part of the release: -- `code-scanning-cpp-query-pack-2.35.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `supported_rules_list_2.35.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. -- `supported_rules_list_2.35.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. -- `user_manual_2.35.0-dev.md`: This user manual. +- `code-scanning-cpp-query-pack-2.36.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. +- `supported_rules_list_2.36.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. +- `supported_rules_list_2.36.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. +- `user_manual_2.36.0-dev.md`: This user manual. - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards - `checksums.txt`: A text file containing sha256 checksums for the aforementioned artifacts. @@ -499,7 +499,7 @@ This section describes known failure modes for "CodeQL Coding Standards" and des | | Ouf of space | Less output. Some files may be only be partially analyzed, or not analyzed at all. | Error reported on the command line. | Increase space. If it remains an issue report space consumption issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False positives | More output. Results are reported which are not violations of the guidelines. | All reported results must be reviewed. | Report false positive issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False negatives | Less output. Violations of the guidelines are not reported. | Other validation and verification processes during software development should be used to complement the analysis performed by CodeQL Coding Standards. | Report false negative issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | -| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.35.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | +| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.36.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | | | Incorrect deviation record specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation records with a reason. Ensure that all deviation records are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Incorrect deviation permit specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation permits with a reason. Ensure that all deviation permits are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Unapproved use of a deviation record | Less output. Results for guideline violations are not reported. | Validate that the deviation record use is approved by verifying the approved-by attribute of the deviation record specification. | Ensure that each raised deviation record is approved by an independent approver through an auditable process. | From 8ffbb1e41add56e47394e45abbaaefb65140aeea Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Mon, 30 Sep 2024 08:44:22 -0700 Subject: [PATCH 2021/2573] Update test expected message --- ...ionWithNoReturningBranchShouldBeNoreturn.expected | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/c/misra/test/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.expected b/c/misra/test/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.expected index fe275e9497..ecb77a477c 100644 --- a/c/misra/test/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.expected +++ b/c/misra/test/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.expected @@ -1,6 +1,6 @@ -| test.c:7:6:7:21 | test_noreturn_f2 | The function test_noreturn_f2 cannot return and should be declared attribute _Noreturn. | -| test.c:18:6:18:21 | test_noreturn_f4 | The function test_noreturn_f4 cannot return and should be declared attribute _Noreturn. | -| test.c:47:6:47:21 | test_noreturn_f8 | The function test_noreturn_f8 cannot return and should be declared attribute _Noreturn. | -| test.c:63:6:63:22 | test_noreturn_f10 | The function test_noreturn_f10 cannot return and should be declared attribute _Noreturn. | -| test.c:97:6:97:22 | test_noreturn_f15 | The function test_noreturn_f15 cannot return and should be declared attribute _Noreturn. | -| test.c:101:6:101:22 | test_noreturn_f16 | The function test_noreturn_f16 cannot return and should be declared attribute _Noreturn. | +| test.c:7:6:7:21 | test_noreturn_f2 | The function test_noreturn_f2 cannot return and should be declared as _Noreturn. | +| test.c:18:6:18:21 | test_noreturn_f4 | The function test_noreturn_f4 cannot return and should be declared as _Noreturn. | +| test.c:47:6:47:21 | test_noreturn_f8 | The function test_noreturn_f8 cannot return and should be declared as _Noreturn. | +| test.c:63:6:63:22 | test_noreturn_f10 | The function test_noreturn_f10 cannot return and should be declared as _Noreturn. | +| test.c:97:6:97:22 | test_noreturn_f15 | The function test_noreturn_f15 cannot return and should be declared as _Noreturn. | +| test.c:101:6:101:22 | test_noreturn_f16 | The function test_noreturn_f16 cannot return and should be declared as _Noreturn. | From a4985236a038b2163f4d189d1d240176281fbb32 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 30 Sep 2024 19:04:06 +0100 Subject: [PATCH 2022/2573] Rule 10.7: Avoid performance issues The essential type categories were joined prematurely, causing a cross product of all results against all types of the same essential type category. Fixed by ensuring the essential type category join occurs late. --- .../RULE-10-7/ImplicitConversionOfCompositeExpression.ql | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/c/misra/src/rules/RULE-10-7/ImplicitConversionOfCompositeExpression.ql b/c/misra/src/rules/RULE-10-7/ImplicitConversionOfCompositeExpression.ql index 1cf20378fa..3aa324b668 100644 --- a/c/misra/src/rules/RULE-10-7/ImplicitConversionOfCompositeExpression.ql +++ b/c/misra/src/rules/RULE-10-7/ImplicitConversionOfCompositeExpression.ql @@ -18,6 +18,12 @@ import codingstandards.c.misra import codingstandards.c.misra.EssentialTypes import codingstandards.c.misra.MisraExpressions +bindingset[essentialTypeLeft, essentialTypeRight] +pragma[inline_late] +predicate isSameEssentialTypeCategory(Type essentialTypeLeft, Type essentialTypeRight) { + getEssentialTypeCategory(essentialTypeLeft) = getEssentialTypeCategory(essentialTypeRight) +} + from OperationWithUsualArithmeticConversions arith, CompositeExpression compositeOp, Expr otherOp, Type compositeEssentialType, Type otherOpEssentialType @@ -32,7 +38,7 @@ where // Operands of a different type category in an operation with the usual arithmetic conversions is // prohibited by Rule 10.4, so we only report cases here where the essential type categories are // the same - getEssentialTypeCategory(compositeEssentialType) = getEssentialTypeCategory(otherOpEssentialType) + isSameEssentialTypeCategory(compositeEssentialType, otherOpEssentialType) select arith, "Implicit conversion of $@ from " + compositeEssentialType + " to " + otherOpEssentialType, compositeOp, "composite op" From 10bf70e865918939b679a64ec5ad647528ad140b Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 30 Sep 2024 19:34:38 +0100 Subject: [PATCH 2023/2573] SIG31-C: Improve performance Remove unintential cross product on target. --- ...oNotAccessSharedObjectsInSignalHandlers.ql | 21 ++++++++++--------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/c/cert/src/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.ql b/c/cert/src/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.ql index 8f9e907019..2a7a6a77f2 100644 --- a/c/cert/src/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.ql +++ b/c/cert/src/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.ql @@ -21,18 +21,19 @@ import codingstandards.c.Signal */ class UnsafeSharedVariableAccess extends VariableAccess { UnsafeSharedVariableAccess() { - // static or thread local storage duration - ( - this.getTarget() instanceof StaticStorageDurationVariable or - this.getTarget().isThreadLocal() - ) and // excluding `volatile sig_atomic_t` type not this.getType().(SigAtomicType).isVolatile() and - // excluding lock-free atomic objects - not exists(MacroInvocation mi, VariableAccess va | - mi.getMacroName() = "atomic_is_lock_free" and - mi.getExpr().getChild(0) = va.getEnclosingElement*() and - va.getTarget() = this.getTarget() + exists(Variable target | target = this.getTarget() | + // static or thread local storage duration + ( + target instanceof StaticStorageDurationVariable or + target.isThreadLocal() + ) and + // excluding lock-free atomic objects + not exists(MacroInvocation mi, VariableAccess va | va.getTarget() = target | + mi.getMacroName() = "atomic_is_lock_free" and + mi.getExpr().getChild(0) = va.getEnclosingElement*() + ) ) } } From 52a02f38ffa642ba4b7c0d03d69880ffc94cf326 Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Wed, 2 Oct 2024 16:13:21 +0900 Subject: [PATCH 2024/2573] Fix #711 --- change_notes/2024-10-02-fix-fp-711-M0-1-10.md | 2 + .../src/rules/M0-1-10/UnusedFunction.ql | 3 +- .../rules/M0-1-10/UnusedSplMemberFunction.ql | 32 ++++++++++++ .../rules/M0-1-10/UnusedFunction.expected | 3 +- .../M0-1-10/UnusedSplMemberFunction.expected | 2 + .../M0-1-10/UnusedSplMemberFunction.qlref | 1 + cpp/autosar/test/rules/M0-1-10/test.cpp | 51 ++++++++++++++++++- cpp/autosar/test/rules/M0-1-10/test.hpp | 4 ++ .../cpp/EncapsulatingFunctions.qll | 33 ++++++++++++ .../cpp/deadcode/UnusedFunctions.qll | 40 ++++++++++++++- 10 files changed, 166 insertions(+), 5 deletions(-) create mode 100644 change_notes/2024-10-02-fix-fp-711-M0-1-10.md create mode 100644 cpp/autosar/src/rules/M0-1-10/UnusedSplMemberFunction.ql create mode 100644 cpp/autosar/test/rules/M0-1-10/UnusedSplMemberFunction.expected create mode 100644 cpp/autosar/test/rules/M0-1-10/UnusedSplMemberFunction.qlref create mode 100644 cpp/autosar/test/rules/M0-1-10/test.hpp diff --git a/change_notes/2024-10-02-fix-fp-711-M0-1-10.md b/change_notes/2024-10-02-fix-fp-711-M0-1-10.md new file mode 100644 index 0000000000..cff5d5ab43 --- /dev/null +++ b/change_notes/2024-10-02-fix-fp-711-M0-1-10.md @@ -0,0 +1,2 @@ +- `M0-1-10` - `UnusedFunction.ql`: + - Fixes #711. Excludes constexpr functions, considers functions from GoogleTest as an EntryPoint and does not consider special member functions. Another query called UnusedSplMemberFunction.ql is created that reports unused special member functions. This is done so as to enable deviations to be applied to this case. diff --git a/cpp/autosar/src/rules/M0-1-10/UnusedFunction.ql b/cpp/autosar/src/rules/M0-1-10/UnusedFunction.ql index b8593e75c0..27306a9fc1 100644 --- a/cpp/autosar/src/rules/M0-1-10/UnusedFunction.ql +++ b/cpp/autosar/src/rules/M0-1-10/UnusedFunction.ql @@ -26,5 +26,6 @@ where then name = unusedFunction.getQualifiedName() else name = unusedFunction.getName() ) and - not unusedFunction.isDeleted() + not unusedFunction.isDeleted() and + not UnusedFunctions::isASpecialMemberFunction(unusedFunction) select unusedFunction, "Function " + name + " is " + unusedFunction.getDeadCodeType() diff --git a/cpp/autosar/src/rules/M0-1-10/UnusedSplMemberFunction.ql b/cpp/autosar/src/rules/M0-1-10/UnusedSplMemberFunction.ql new file mode 100644 index 0000000000..bf073dcced --- /dev/null +++ b/cpp/autosar/src/rules/M0-1-10/UnusedSplMemberFunction.ql @@ -0,0 +1,32 @@ +/** + * @id cpp/autosar/unused-spl-member-function + * @name M0-1-10: Every defined function should be called at least once + * @description Uncalled functions complicate the program and can indicate a possible mistake on the + * part of the programmer. This query specifically looks for unused Special Member + * Functions. + * @kind problem + * @precision medium + * @problem.severity warning + * @tags external/autosar/id/m0-1-10 + * readability + * maintainability + * external/autosar/allocated-target/implementation + * external/autosar/enforcement/automated + * external/autosar/obligation/advisory + */ + +import cpp +import codingstandards.cpp.autosar +import codingstandards.cpp.deadcode.UnusedFunctions + +from UnusedFunctions::UnusedSplMemberFunction unusedSplMemFunction, string name +where + not isExcluded(unusedSplMemFunction, DeadCodePackage::unusedFunctionQuery()) and + ( + if exists(unusedSplMemFunction.getQualifiedName()) + then name = unusedSplMemFunction.getQualifiedName() + else name = unusedSplMemFunction.getName() + ) and + not unusedSplMemFunction.isDeleted() +select unusedSplMemFunction, + "Special member function " + name + " is " + unusedSplMemFunction.getDeadCodeType() diff --git a/cpp/autosar/test/rules/M0-1-10/UnusedFunction.expected b/cpp/autosar/test/rules/M0-1-10/UnusedFunction.expected index d9ab0d38ac..912e2104e8 100644 --- a/cpp/autosar/test/rules/M0-1-10/UnusedFunction.expected +++ b/cpp/autosar/test/rules/M0-1-10/UnusedFunction.expected @@ -10,4 +10,5 @@ | test.cpp:50:5:50:6 | i3 | Function C::i3 is never called. | | test.cpp:51:8:51:9 | i4 | Function C::i4 is never called. | | test.cpp:52:15:52:16 | i5 | Function C::i5 is never called. | -| test.cpp:69:17:69:18 | g4 | Function g4 is never called. | +| test.cpp:79:6:79:21 | anUnusedFunction | Function anUnusedFunction is never called. | +| test.cpp:113:17:113:18 | g4 | Function g4 is never called. | diff --git a/cpp/autosar/test/rules/M0-1-10/UnusedSplMemberFunction.expected b/cpp/autosar/test/rules/M0-1-10/UnusedSplMemberFunction.expected new file mode 100644 index 0000000000..e2bf0acc79 --- /dev/null +++ b/cpp/autosar/test/rules/M0-1-10/UnusedSplMemberFunction.expected @@ -0,0 +1,2 @@ +| test.cpp:71:5:71:16 | ANestedClass | Special member function ANestedClass is never called. | +| test.cpp:82:5:82:22 | AnotherNestedClass | Special member function AnotherNestedClass is never called from a main function or entry point. | diff --git a/cpp/autosar/test/rules/M0-1-10/UnusedSplMemberFunction.qlref b/cpp/autosar/test/rules/M0-1-10/UnusedSplMemberFunction.qlref new file mode 100644 index 0000000000..b04687a48b --- /dev/null +++ b/cpp/autosar/test/rules/M0-1-10/UnusedSplMemberFunction.qlref @@ -0,0 +1 @@ +rules/M0-1-10/UnusedSplMemberFunction.ql diff --git a/cpp/autosar/test/rules/M0-1-10/test.cpp b/cpp/autosar/test/rules/M0-1-10/test.cpp index 748d2196ef..6e1220be5d 100644 --- a/cpp/autosar/test/rules/M0-1-10/test.cpp +++ b/cpp/autosar/test/rules/M0-1-10/test.cpp @@ -52,6 +52,50 @@ template class C { inline void i5() {} // NON_COMPLIANT - never used in any instantiation }; +#include "test.hpp" +#include + +template +constexpr bool aConstExprFunc() noexcept { // COMPLIANT + static_assert(std::is_trivially_copy_constructible() && + std::is_trivially_copy_constructible(), + "assert"); + return true; +} + +template class AClass { T anArr[val]; }; + +void aCalledFunc1() // COMPLIANT +{ + struct ANestedClass { + ANestedClass() noexcept(false) { // COMPLIANT: False Positive! + static_cast(0); + } + }; + static_assert(std::is_trivially_copy_constructible>(), + "Must be trivially copy constructible"); +} + +void anUnusedFunction() // NON_COMPLIANT +{ + struct AnotherNestedClass { + AnotherNestedClass() noexcept(false) { // NON_COMPLAINT + static_cast(0); + } + }; + AnotherNestedClass d; +} + +void aCalledFunc2() // COMPLIANT +{ + struct YetAnotherNestedClass { + YetAnotherNestedClass() noexcept(false) { + static_cast(0); + } // COMPLIANT + }; + YetAnotherNestedClass d; +}; + int main() { // COMPLIANT - this is a main like function which acts as an entry // point f3(); @@ -88,8 +132,13 @@ int main() { // COMPLIANT - this is a main like function which acts as an entry c1.getAT(); S s; c2.i1(s); + + int aVar; + aConstExprFunc(); + aCalledFunc1(); + aCalledFunc2(); } class M { public: M(const M &) = delete; // COMPLIANT - ignore if deleted -}; \ No newline at end of file +}; diff --git a/cpp/autosar/test/rules/M0-1-10/test.hpp b/cpp/autosar/test/rules/M0-1-10/test.hpp new file mode 100644 index 0000000000..a2da990951 --- /dev/null +++ b/cpp/autosar/test/rules/M0-1-10/test.hpp @@ -0,0 +1,4 @@ +template +constexpr T aCalledFuncInHeader(T value) noexcept { // COMPLIANT + return static_cast(value); +} diff --git a/cpp/common/src/codingstandards/cpp/EncapsulatingFunctions.qll b/cpp/common/src/codingstandards/cpp/EncapsulatingFunctions.qll index d8d9739033..f619429d0d 100644 --- a/cpp/common/src/codingstandards/cpp/EncapsulatingFunctions.qll +++ b/cpp/common/src/codingstandards/cpp/EncapsulatingFunctions.qll @@ -18,6 +18,39 @@ class MainFunction extends MainLikeFunction { } } +/** + * A test function from the GoogleTest infrastructure. + * + * Such functions can be treated as valid EntryPoint functions during analysis + * of "called" or "unused" functions. It is not straightforward to identify + * such functions, however, they have certain features that can be used for + * identification. This can be refined based on experiments/real-world use. + */ +class GTestFunction extends MainLikeFunction { + GTestFunction() { + // A GoogleTest function is named "TestBody" and + this.hasName("TestBody") and + // is enclosed by a class that inherits from a base class + this.getEnclosingAccessHolder() instanceof Class and + exists(Class base | + base = this.getEnclosingAccessHolder().(Class).getABaseClass() and + ( + // called "Test" or + exists(Class c | base.getABaseClass() = c and c.hasName("Test")) + or + // defined under a namespace called "testing" or + exists(Namespace n | n = base.getNamespace() | n.hasName("testing")) + or + // is templatized by a parameter called "gtest_TypeParam_" + exists(TemplateParameter tp | + tp = base.getATemplateArgument() and + tp.hasName("gtest_TypeParam_") + ) + ) + ) + } +} + /** * A "task main" function. */ diff --git a/cpp/common/src/codingstandards/cpp/deadcode/UnusedFunctions.qll b/cpp/common/src/codingstandards/cpp/deadcode/UnusedFunctions.qll index b01b80208e..2dc24025ce 100644 --- a/cpp/common/src/codingstandards/cpp/deadcode/UnusedFunctions.qll +++ b/cpp/common/src/codingstandards/cpp/deadcode/UnusedFunctions.qll @@ -75,7 +75,9 @@ module UnusedFunctions { */ private class MainLikeFunctionEntryPoint extends EntryPoint, MainLikeFunction { - MainLikeFunctionEntryPoint() { this instanceof MainLikeFunction } + MainLikeFunctionEntryPoint() { + this instanceof MainLikeFunction or this instanceof GTestFunction + } override Function getAReachableFunction() { reachable*(this, result) } } @@ -111,6 +113,26 @@ module UnusedFunctions { } } + /** + * A `MemberFunction` which is either a Default constructor, Destructor + * CopyConstructor, CopyAssingmentOperator, MoveConstructor or a + * MoveAssignmentOperator + */ + predicate isASpecialMemberFunction(MemberFunction f) { + // Default constructor + f instanceof NoArgConstructor + or + f instanceof Destructor + or + f instanceof CopyConstructor + or + f instanceof CopyAssignmentOperator + or + f instanceof MoveConstructor + or + f instanceof MoveAssignmentOperator + } + /** * A `Function` which is not used from an `EntryPoint`. * @@ -119,7 +141,12 @@ module UnusedFunctions { class UnusedFunction extends UsableFunction { UnusedFunction() { // This function, or an equivalent function, is not reachable from any entry point - not exists(EntryPoint ep | getAnEquivalentFunction(this) = ep.getAReachableFunction()) + not exists(EntryPoint ep | getAnEquivalentFunction(this) = ep.getAReachableFunction()) and + // and it is not a constexpr. Refer issue #646. + // The usages of constexpr is not well tracked and hence + // to avoid false positives, this is added. In case there is an improvement in + // handling constexpr in CodeQL, we can consider removing it. + not this.isConstexpr() } string getDeadCodeType() { @@ -128,4 +155,13 @@ module UnusedFunctions { else result = "never called." } } + + /** + * A Special `MemberFunction` which is an `UnusedFunction`. + * + * Refer isASpecialMemberFunction predicate. + */ + class UnusedSplMemberFunction extends UnusedFunction { + UnusedSplMemberFunction() { isASpecialMemberFunction(this) } + } } From 53a0834e3c4231c0f0e6c5583c154e079ba96250 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 2 Oct 2024 10:08:14 +0100 Subject: [PATCH 2025/2573] Add change note. --- change_notes/2024-10-02-c-perf-issues.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 change_notes/2024-10-02-c-perf-issues.md diff --git a/change_notes/2024-10-02-c-perf-issues.md b/change_notes/2024-10-02-c-perf-issues.md new file mode 100644 index 0000000000..e139267e39 --- /dev/null +++ b/change_notes/2024-10-02-c-perf-issues.md @@ -0,0 +1,4 @@ + - `RULE-10-7` - `.ql`: + - Improved performance on larger codebases. + - `SIG31-C` - `DoNotAccessSharedObjectsInSignalHandlers.ql`: + - Improved performance on larger codebases. \ No newline at end of file From 67cc2cdd299c1d84eef1167e38671d6c7263c7f7 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 2 Oct 2024 11:16:23 +0100 Subject: [PATCH 2026/2573] Replace PAT with GitHub App --- .github/workflows/dispatch-matrix-check.yml | 11 ++++++++++- .github/workflows/dispatch-matrix-test-on-comment.yml | 11 ++++++++++- .../workflows/dispatch-release-performance-check.yml | 11 ++++++++++- 3 files changed, 30 insertions(+), 3 deletions(-) diff --git a/.github/workflows/dispatch-matrix-check.yml b/.github/workflows/dispatch-matrix-check.yml index afe78c948c..f9b0260594 100644 --- a/.github/workflows/dispatch-matrix-check.yml +++ b/.github/workflows/dispatch-matrix-check.yml @@ -20,11 +20,20 @@ jobs: with: minimum-permission: "write" + - name: Generate token + id: generate-token + uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e + with: + app-id: ${{ vars.AUTOMATION_APP_ID }} + private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} + owner: ${{ github.repository_owner }} + repositories: "codeql-coding-standards-release-engineering" + - name: Dispatch Matrix Testing Job if: steps.check-write-permission.outputs.has-permission uses: peter-evans/repository-dispatch@v2 with: - token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} + token: ${{ steps.generate-token.outputs.token }} repository: github/codeql-coding-standards-release-engineering event-type: matrix-test client-payload: '{"pr": "${{ github.event.number }}"}' diff --git a/.github/workflows/dispatch-matrix-test-on-comment.yml b/.github/workflows/dispatch-matrix-test-on-comment.yml index 98e1f9b7ba..6500e3f6bc 100644 --- a/.github/workflows/dispatch-matrix-test-on-comment.yml +++ b/.github/workflows/dispatch-matrix-test-on-comment.yml @@ -17,11 +17,20 @@ jobs: with: minimum-permission: "write" + - name: Generate token + id: generate-token + uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e + with: + app-id: ${{ vars.AUTOMATION_APP_ID }} + private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} + owner: ${{ github.repository_owner }} + repositories: "codeql-coding-standards-release-engineering" + - name: Dispatch Matrix Testing Job if: ${{ github.event.issue.pull_request && contains(github.event.comment.body, '/test-matrix') && steps.check-write-permission.outputs.has-permission }} uses: peter-evans/repository-dispatch@v2 with: - token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} + token: ${{ steps.generate-token.outputs.token }} repository: github/codeql-coding-standards-release-engineering event-type: matrix-test client-payload: '{"pr": "${{ github.event.issue.number }}"}' diff --git a/.github/workflows/dispatch-release-performance-check.yml b/.github/workflows/dispatch-release-performance-check.yml index 64863b8b05..d6311babb3 100644 --- a/.github/workflows/dispatch-release-performance-check.yml +++ b/.github/workflows/dispatch-release-performance-check.yml @@ -17,11 +17,20 @@ jobs: with: minimum-permission: "write" + - name: Generate token + id: generate-token + uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e + with: + app-id: ${{ vars.AUTOMATION_APP_ID }} + private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} + owner: ${{ github.repository_owner }} + repositories: "codeql-coding-standards-release-engineering" + - name: Dispatch Performance Testing Job if: ${{ github.event.issue.pull_request && contains(github.event.comment.body, '/test-performance') && steps.check-write-permission.outputs.has-permission }} uses: peter-evans/repository-dispatch@v2 with: - token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} + token: ${{ steps.generate-token.outputs.token }} repository: github/codeql-coding-standards-release-engineering event-type: performance-test client-payload: '{"pr": "${{ github.event.issue.number }}"}' From 2fbb70f5c0be55164213c1b54dca2ccc705a08c6 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Wed, 2 Oct 2024 11:28:12 +0100 Subject: [PATCH 2027/2573] Use v4 for upload-artifact --- .github/workflows/codeql_unit_tests.yml | 2 +- .github/workflows/standard_library_upgrade_tests.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index a6488a728c..251e972a91 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -151,7 +151,7 @@ jobs: file.close() - name: Upload test results - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: ${{ matrix.language }}-test-results-${{ runner.os }}-${{ matrix.codeql_cli }}-${{ matrix.codeql_standard_library_ident }} path: | diff --git a/.github/workflows/standard_library_upgrade_tests.yml b/.github/workflows/standard_library_upgrade_tests.yml index 35717b7b4e..b6c3d38d87 100644 --- a/.github/workflows/standard_library_upgrade_tests.yml +++ b/.github/workflows/standard_library_upgrade_tests.yml @@ -143,7 +143,7 @@ jobs: }, test_summary_file) - name: Upload test results - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: test-results-${{runner.os}}-${{matrix.codeql_cli}}-${{matrix.codeql_standard_library_ident}} path: | From ce94e95aa35a9a1549cae96bc47300d25ac9aa93 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Wed, 2 Oct 2024 15:35:56 +0100 Subject: [PATCH 2028/2573] Update change_notes/2024-10-02-c-perf-issues.md Co-authored-by: Kristen Newbury --- change_notes/2024-10-02-c-perf-issues.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/change_notes/2024-10-02-c-perf-issues.md b/change_notes/2024-10-02-c-perf-issues.md index e139267e39..c9fcac1a05 100644 --- a/change_notes/2024-10-02-c-perf-issues.md +++ b/change_notes/2024-10-02-c-perf-issues.md @@ -1,4 +1,4 @@ - - `RULE-10-7` - `.ql`: + - `RULE-10-7` - `ImplicitConversionOfCompositeExpression.ql`: - Improved performance on larger codebases. - `SIG31-C` - `DoNotAccessSharedObjectsInSignalHandlers.ql`: - Improved performance on larger codebases. \ No newline at end of file From 81fb797339d5a9ea216fe41731956e07d7847df4 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Wed, 2 Oct 2024 13:46:24 -0700 Subject: [PATCH 2029/2573] Set FunctionWithNoReturningBranch... to very-high precision --- .../RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/misra/src/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.ql b/c/misra/src/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.ql index 9769acdb7f..90cb1af7c2 100644 --- a/c/misra/src/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.ql +++ b/c/misra/src/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.ql @@ -3,7 +3,7 @@ * @name RULE-17-11: A function without a branch that returns shall be declared with _Noreturn * @description Functions which cannot return should be declared with _Noreturn. * @kind problem - * @precision high + * @precision very-high * @problem.severity recommendation * @tags external/misra/id/rule-17-11 * correctness From 71b4c250ffd667c447e0cb2247c932229e867d56 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Wed, 2 Oct 2024 13:54:25 -0700 Subject: [PATCH 2030/2573] Fix NoReturn.json package description precision 17-11 --- rule_packages/c/NoReturn.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rule_packages/c/NoReturn.json b/rule_packages/c/NoReturn.json index d06068f376..49cdb4c255 100644 --- a/rule_packages/c/NoReturn.json +++ b/rule_packages/c/NoReturn.json @@ -26,7 +26,7 @@ "description": "Functions which cannot return should be declared with _Noreturn.", "kind": "problem", "name": "A function without a branch that returns shall be declared with _Noreturn", - "precision": "high", + "precision": "very-high", "severity": "recommendation", "short_name": "FunctionWithNoReturningBranchShouldBeNoreturn", "tags": ["correctness"] From ce6709d26cd590513bf90256bd4cddc0f9e32903 Mon Sep 17 00:00:00 2001 From: Michael R Fairhurst Date: Wed, 18 Sep 2024 19:58:23 +0000 Subject: [PATCH 2031/2573] Fix #689, false negatives for A1-1-2 thinking -Wno-foo is compliant. The presence of -Wno-foo should not mark the compilation compliant with A1-1-2, nor should the presence of -Wfoo=0. Easily check for all -Wfoo=bar flags, that foo is not no-baz, and bar is not 0. Also check there is no -Wno-foo flag overruling it. Otherwise the query functionality remains the same. Add test cases for non-compliant scenarios -Wfoo=0 and -Wno-foo, and for the compliant scenario -Wall -Wno-foo. This will have some compatibility issues with PR #688, after one is merged the other will need some small updates before this can be merged. --- ...2024-09-18-handle-warning-suppresion-flags | 2 + .../CompilerWarningLevelNotInCompliance.ql | 51 ++++++++++++++++++- ...mpilerWarningLevelNotInCompliance.expected | 1 + .../CompilerWarningLevelNotInCompliance.qlref | 1 + .../Wformat=0-Wno-format-security.cpp | 2 + cpp/autosar/test/rules/A1-1-2.4/options.clang | 1 + cpp/autosar/test/rules/A1-1-2.4/options.gcc | 1 + cpp/autosar/test/rules/A1-1-2.4/options.qcc | 1 + ...mpilerWarningLevelNotInCompliance.expected | 1 + ...WarningLevelNotInCompliance.expected.clang | 0 ...erWarningLevelNotInCompliance.expected.gcc | 0 ...erWarningLevelNotInCompliance.expected.qcc | 1 + .../CompilerWarningLevelNotInCompliance.qlref | 1 + .../test/rules/A1-1-2.5/Wall-Wno-format.cpp | 14 +++++ cpp/autosar/test/rules/A1-1-2.5/options.clang | 1 + cpp/autosar/test/rules/A1-1-2.5/options.gcc | 1 + cpp/autosar/test/rules/A1-1-2.5/options.qcc | 1 + ...mpilerWarningLevelNotInCompliance.expected | 2 +- 18 files changed, 79 insertions(+), 3 deletions(-) create mode 100644 change_notes/2024-09-18-handle-warning-suppresion-flags create mode 100644 cpp/autosar/test/rules/A1-1-2.4/CompilerWarningLevelNotInCompliance.expected create mode 100644 cpp/autosar/test/rules/A1-1-2.4/CompilerWarningLevelNotInCompliance.qlref create mode 100644 cpp/autosar/test/rules/A1-1-2.4/Wformat=0-Wno-format-security.cpp create mode 100644 cpp/autosar/test/rules/A1-1-2.4/options.clang create mode 100644 cpp/autosar/test/rules/A1-1-2.4/options.gcc create mode 100644 cpp/autosar/test/rules/A1-1-2.4/options.qcc create mode 100644 cpp/autosar/test/rules/A1-1-2.5/CompilerWarningLevelNotInCompliance.expected create mode 100644 cpp/autosar/test/rules/A1-1-2.5/CompilerWarningLevelNotInCompliance.expected.clang create mode 100644 cpp/autosar/test/rules/A1-1-2.5/CompilerWarningLevelNotInCompliance.expected.gcc create mode 100644 cpp/autosar/test/rules/A1-1-2.5/CompilerWarningLevelNotInCompliance.expected.qcc create mode 100644 cpp/autosar/test/rules/A1-1-2.5/CompilerWarningLevelNotInCompliance.qlref create mode 100644 cpp/autosar/test/rules/A1-1-2.5/Wall-Wno-format.cpp create mode 100644 cpp/autosar/test/rules/A1-1-2.5/options.clang create mode 100644 cpp/autosar/test/rules/A1-1-2.5/options.gcc create mode 100644 cpp/autosar/test/rules/A1-1-2.5/options.qcc diff --git a/change_notes/2024-09-18-handle-warning-suppresion-flags b/change_notes/2024-09-18-handle-warning-suppresion-flags new file mode 100644 index 0000000000..12bf30e937 --- /dev/null +++ b/change_notes/2024-09-18-handle-warning-suppresion-flags @@ -0,0 +1,2 @@ +- `A1-1-2` - `CompilerWarningLevelNotInCompliance.ql`: + - Fixes #689 false negatives where '-Wno-foo' was treated as enabling, rather than disabling warnings. \ No newline at end of file diff --git a/cpp/autosar/src/rules/A1-1-2/CompilerWarningLevelNotInCompliance.ql b/cpp/autosar/src/rules/A1-1-2/CompilerWarningLevelNotInCompliance.ql index 60efab251a..55f67a9301 100644 --- a/cpp/autosar/src/rules/A1-1-2/CompilerWarningLevelNotInCompliance.ql +++ b/cpp/autosar/src/rules/A1-1-2/CompilerWarningLevelNotInCompliance.ql @@ -18,14 +18,61 @@ import cpp import codingstandards.cpp.autosar +predicate hasResponseFileArgument(Compilation c) { c.getAnArgument().matches("@%") } + class CompilationWithNoWarnings extends Compilation { CompilationWithNoWarnings() { getAnArgument() = "-w" or - not getAnArgument().regexpMatch("-W[\\w=-]+") + not exists(EnableWarningFlag enableFlag | + this.getAnArgument() = enableFlag and + not exists(DisableWarningFlag disableFlag | + this.getAnArgument() = disableFlag and + enableFlag.getWarningType() = disableFlag.getWarningType() + ) + ) } } -predicate hasResponseFileArgument(Compilation c) { c.getAnArgument().matches("@%") } +class CompilationArgument extends string { + Compilation compilation; + + CompilationArgument() { + this = compilation.getAnArgument() + } +} + +/** + * Compiler flags of type -Wfoo or -Wfoo=bar, which enables the `foo` warning. + */ +class EnableWarningFlag extends CompilationArgument { + string warningType; + + EnableWarningFlag() { + warningType = regexpCapture("^-W([\\w-]+)(=.*)?$", 1) + and not this instanceof DisableWarningFlag + } + + string getWarningType() { + result = warningType + } +} + +/** + * Compiler flags of type -Wno-foo or -Wfoo=0, which disables the `foo` warning + * and overrules -Wfoo. + */ +class DisableWarningFlag extends CompilationArgument { + string warningType; + + DisableWarningFlag() { + warningType = regexpCapture("^-Wno-([\\w-]+)", 1) or + warningType = regexpCapture("^-W([\\w-]+)=0", 1) + } + + string getWarningType() { + result = warningType + } +} from File f where diff --git a/cpp/autosar/test/rules/A1-1-2.4/CompilerWarningLevelNotInCompliance.expected b/cpp/autosar/test/rules/A1-1-2.4/CompilerWarningLevelNotInCompliance.expected new file mode 100644 index 0000000000..dd7f320be2 --- /dev/null +++ b/cpp/autosar/test/rules/A1-1-2.4/CompilerWarningLevelNotInCompliance.expected @@ -0,0 +1 @@ +| Wformat=0-Wno-format-security.cpp:0:0:0:0 | Wformat=0-Wno-format-security.cpp | No warning-level options were used in the compilation of 'Wformat=0-Wno-format-security.cpp'. | diff --git a/cpp/autosar/test/rules/A1-1-2.4/CompilerWarningLevelNotInCompliance.qlref b/cpp/autosar/test/rules/A1-1-2.4/CompilerWarningLevelNotInCompliance.qlref new file mode 100644 index 0000000000..30fb98b639 --- /dev/null +++ b/cpp/autosar/test/rules/A1-1-2.4/CompilerWarningLevelNotInCompliance.qlref @@ -0,0 +1 @@ +rules/A1-1-2/CompilerWarningLevelNotInCompliance.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A1-1-2.4/Wformat=0-Wno-format-security.cpp b/cpp/autosar/test/rules/A1-1-2.4/Wformat=0-Wno-format-security.cpp new file mode 100644 index 0000000000..29523ad24e --- /dev/null +++ b/cpp/autosar/test/rules/A1-1-2.4/Wformat=0-Wno-format-security.cpp @@ -0,0 +1,2 @@ +// semmle-extractor-options: --clang -std=c++14 -Wformat=0 -Wno-format-security +// NON_COMPLIANT \ No newline at end of file diff --git a/cpp/autosar/test/rules/A1-1-2.4/options.clang b/cpp/autosar/test/rules/A1-1-2.4/options.clang new file mode 100644 index 0000000000..4544f91ecb --- /dev/null +++ b/cpp/autosar/test/rules/A1-1-2.4/options.clang @@ -0,0 +1 @@ +-Wformat=0 -Wno-format-security \ No newline at end of file diff --git a/cpp/autosar/test/rules/A1-1-2.4/options.gcc b/cpp/autosar/test/rules/A1-1-2.4/options.gcc new file mode 100644 index 0000000000..4544f91ecb --- /dev/null +++ b/cpp/autosar/test/rules/A1-1-2.4/options.gcc @@ -0,0 +1 @@ +-Wformat=0 -Wno-format-security \ No newline at end of file diff --git a/cpp/autosar/test/rules/A1-1-2.4/options.qcc b/cpp/autosar/test/rules/A1-1-2.4/options.qcc new file mode 100644 index 0000000000..e28a2c3ac5 --- /dev/null +++ b/cpp/autosar/test/rules/A1-1-2.4/options.qcc @@ -0,0 +1 @@ +-Wno-format -Wno-format-security \ No newline at end of file diff --git a/cpp/autosar/test/rules/A1-1-2.5/CompilerWarningLevelNotInCompliance.expected b/cpp/autosar/test/rules/A1-1-2.5/CompilerWarningLevelNotInCompliance.expected new file mode 100644 index 0000000000..df69d21d5a --- /dev/null +++ b/cpp/autosar/test/rules/A1-1-2.5/CompilerWarningLevelNotInCompliance.expected @@ -0,0 +1 @@ +| Wall-Wno-format.cpp:0:0:0:0 | Wall-Wno-format.cpp | No warning-level options were used in the compilation of 'Wall-Wno-format.cpp'. | \ No newline at end of file diff --git a/cpp/autosar/test/rules/A1-1-2.5/CompilerWarningLevelNotInCompliance.expected.clang b/cpp/autosar/test/rules/A1-1-2.5/CompilerWarningLevelNotInCompliance.expected.clang new file mode 100644 index 0000000000..e69de29bb2 diff --git a/cpp/autosar/test/rules/A1-1-2.5/CompilerWarningLevelNotInCompliance.expected.gcc b/cpp/autosar/test/rules/A1-1-2.5/CompilerWarningLevelNotInCompliance.expected.gcc new file mode 100644 index 0000000000..e69de29bb2 diff --git a/cpp/autosar/test/rules/A1-1-2.5/CompilerWarningLevelNotInCompliance.expected.qcc b/cpp/autosar/test/rules/A1-1-2.5/CompilerWarningLevelNotInCompliance.expected.qcc new file mode 100644 index 0000000000..c6354c2475 --- /dev/null +++ b/cpp/autosar/test/rules/A1-1-2.5/CompilerWarningLevelNotInCompliance.expected.qcc @@ -0,0 +1 @@ +| Wall-Wno-format.cpp:0:0:0:0 | Wall-Wno-format.cpp | No warning-level options were used in the compilation of 'Wall-Wno-format.cpp'. | diff --git a/cpp/autosar/test/rules/A1-1-2.5/CompilerWarningLevelNotInCompliance.qlref b/cpp/autosar/test/rules/A1-1-2.5/CompilerWarningLevelNotInCompliance.qlref new file mode 100644 index 0000000000..30fb98b639 --- /dev/null +++ b/cpp/autosar/test/rules/A1-1-2.5/CompilerWarningLevelNotInCompliance.qlref @@ -0,0 +1 @@ +rules/A1-1-2/CompilerWarningLevelNotInCompliance.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A1-1-2.5/Wall-Wno-format.cpp b/cpp/autosar/test/rules/A1-1-2.5/Wall-Wno-format.cpp new file mode 100644 index 0000000000..93c4b98248 --- /dev/null +++ b/cpp/autosar/test/rules/A1-1-2.5/Wall-Wno-format.cpp @@ -0,0 +1,14 @@ +// semmle-extractor-options: --clang -std=c++14 -Wall -Wno-format +// COMPLIANT + +// NOTE: When tested with `codeql test run`, the test extractor provides `-w` +// which overrides `-Wcast-function-type` and causes this test case to be +// non-compliant. +// +// However, when tested with our compiler matrix tests, this test db is built +// via `codeql database create --command="..."`, and the `-w` flag will NOT be +// used. This means the `-Wcast-function-type` flag is active and the test case +// is compliant. +// +// Therefore, the .expected file for this test expects non-compliance, and the +// .expected.gcc and .expected.clang files expect this test to be compliant. diff --git a/cpp/autosar/test/rules/A1-1-2.5/options.clang b/cpp/autosar/test/rules/A1-1-2.5/options.clang new file mode 100644 index 0000000000..735817b680 --- /dev/null +++ b/cpp/autosar/test/rules/A1-1-2.5/options.clang @@ -0,0 +1 @@ +-Wall -Wno-format \ No newline at end of file diff --git a/cpp/autosar/test/rules/A1-1-2.5/options.gcc b/cpp/autosar/test/rules/A1-1-2.5/options.gcc new file mode 100644 index 0000000000..735817b680 --- /dev/null +++ b/cpp/autosar/test/rules/A1-1-2.5/options.gcc @@ -0,0 +1 @@ +-Wall -Wno-format \ No newline at end of file diff --git a/cpp/autosar/test/rules/A1-1-2.5/options.qcc b/cpp/autosar/test/rules/A1-1-2.5/options.qcc new file mode 100644 index 0000000000..735817b680 --- /dev/null +++ b/cpp/autosar/test/rules/A1-1-2.5/options.qcc @@ -0,0 +1 @@ +-Wall -Wno-format \ No newline at end of file diff --git a/cpp/autosar/test/rules/A1-1-2/CompilerWarningLevelNotInCompliance.expected b/cpp/autosar/test/rules/A1-1-2/CompilerWarningLevelNotInCompliance.expected index 82ff1c0c36..ddc4e03f62 100644 --- a/cpp/autosar/test/rules/A1-1-2/CompilerWarningLevelNotInCompliance.expected +++ b/cpp/autosar/test/rules/A1-1-2/CompilerWarningLevelNotInCompliance.expected @@ -1 +1 @@ -| Wall.cpp:0:0:0:0 | Wall.cpp | No warning-level options were used in the compilation of 'Wall.cpp'. | \ No newline at end of file +| Wall.cpp:0:0:0:0 | Wall.cpp | No warning-level options were used in the compilation of 'Wall.cpp'. | From 20f790ac186614cd5054dfc5097c31f10b3719b7 Mon Sep 17 00:00:00 2001 From: Michael R Fairhurst Date: Wed, 18 Sep 2024 20:07:48 +0000 Subject: [PATCH 2032/2573] Query format --- .../CompilerWarningLevelNotInCompliance.ql | 16 +++++----------- 1 file changed, 5 insertions(+), 11 deletions(-) diff --git a/cpp/autosar/src/rules/A1-1-2/CompilerWarningLevelNotInCompliance.ql b/cpp/autosar/src/rules/A1-1-2/CompilerWarningLevelNotInCompliance.ql index 55f67a9301..dd51e31ed7 100644 --- a/cpp/autosar/src/rules/A1-1-2/CompilerWarningLevelNotInCompliance.ql +++ b/cpp/autosar/src/rules/A1-1-2/CompilerWarningLevelNotInCompliance.ql @@ -36,9 +36,7 @@ class CompilationWithNoWarnings extends Compilation { class CompilationArgument extends string { Compilation compilation; - CompilationArgument() { - this = compilation.getAnArgument() - } + CompilationArgument() { this = compilation.getAnArgument() } } /** @@ -48,13 +46,11 @@ class EnableWarningFlag extends CompilationArgument { string warningType; EnableWarningFlag() { - warningType = regexpCapture("^-W([\\w-]+)(=.*)?$", 1) - and not this instanceof DisableWarningFlag + warningType = regexpCapture("^-W([\\w-]+)(=.*)?$", 1) and + not this instanceof DisableWarningFlag } - string getWarningType() { - result = warningType - } + string getWarningType() { result = warningType } } /** @@ -69,9 +65,7 @@ class DisableWarningFlag extends CompilationArgument { warningType = regexpCapture("^-W([\\w-]+)=0", 1) } - string getWarningType() { - result = warningType - } + string getWarningType() { result = warningType } } from File f From 35c517beb317ea0ff94ee451af4c9a8b7c6b5a9d Mon Sep 17 00:00:00 2001 From: Michael R Fairhurst Date: Wed, 2 Oct 2024 21:33:44 +0000 Subject: [PATCH 2033/2573] query format again --- .../src/rules/A1-1-2/CompilerWarningLevelNotInCompliance.ql | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/src/rules/A1-1-2/CompilerWarningLevelNotInCompliance.ql b/cpp/autosar/src/rules/A1-1-2/CompilerWarningLevelNotInCompliance.ql index dd51e31ed7..1499191236 100644 --- a/cpp/autosar/src/rules/A1-1-2/CompilerWarningLevelNotInCompliance.ql +++ b/cpp/autosar/src/rules/A1-1-2/CompilerWarningLevelNotInCompliance.ql @@ -22,8 +22,9 @@ predicate hasResponseFileArgument(Compilation c) { c.getAnArgument().matches("@% class CompilationWithNoWarnings extends Compilation { CompilationWithNoWarnings() { - getAnArgument() = "-w" or - not exists(EnableWarningFlag enableFlag | + getAnArgument() = "-w" + or + not exists(EnableWarningFlag enableFlag | this.getAnArgument() = enableFlag and not exists(DisableWarningFlag disableFlag | this.getAnArgument() = disableFlag and From 0e9758e04c0d2fe3256dbcb5ef7c7ec6d9f2a6f9 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 2 Oct 2024 22:38:20 +0100 Subject: [PATCH 2034/2573] Add tags to represent which MISRA C version the rule was introduced in --- .../PrecautionIncludeGuardsNotProvided.ql | 1 + .../StdLibDynamicMemoryAllocationUsed.ql | 1 + ...ageOfAssemblyLanguageShouldBeDocumented.ql | 1 + .../LanguageNotEncapsulatedAndIsolated.ql | 1 + .../SectionsOfCodeShallNotBeCommentedOut.ql | 1 + ...dentifiersInTheSameNameSpaceUnambiguous.ql | 1 + ...ainNumericalTypeUsedOverExplicitTypedef.ql | 1 + ...tWithNoPointerDereferenceShouldBeOpaque.ql | 1 + .../DIR-4-9/FunctionOverFunctionLikeMacro.ql | 1 + .../LanguageExtensionsShouldNotBeUsed.ql | 1 + .../RULE-1-3/OccurrenceOfUndefinedBehavior.ql | 1 + .../RULE-1-4/EmergentLanguageFeaturesUsed.ql | 1 + .../OperandsOfAnInappropriateEssentialType.ql | 1 + .../RULE-10-1/PointerTypeOnLogicalOperator.ql | 1 + ...dditionSubtractionOnEssentiallyCharType.ql | 1 + .../AssignmentOfIncompatibleEssentialType.ql | 1 + ...andsWithMismatchedEssentialTypeCategory.ql | 1 + .../InappropriateEssentialTypeCast.ql | 1 + .../AssignmentToWiderEssentialType.ql | 1 + ...ImplicitConversionOfCompositeExpression.ql | 1 + .../InappropriateCastOfCompositeExpression.ql | 1 + ...rsionBetweenFunctionPointerAndOtherType.ql | 1 + ...etweenIncompleteTypePointerAndOtherType.ql | 1 + ...weenObjectPointerAndDifferentObjectType.ql | 1 + ...ionBetweenPointerToObjectAndIntegerType.ql | 1 + ...ionFromPointerToVoidIntoPointerToObject.ql | 1 + ...stBetweenPointerToVoidAndArithmeticType.ql | 1 + ...nPointerToObjectAndNonIntArithmeticType.ql | 1 + ...CastRemovesConstOrVolatileQualification.ql | 1 + ...NullNotUsedAsIntegerNullPointerConstant.ql | 1 + ...plicitPrecedenceOfOperatorsInExpression.ql | 1 + .../RULE-12-1/UnenclosedSizeofOperand.ql | 1 + .../RightHandOperandOfAShiftRange.ql | 1 + .../RULE-12-3/CommaOperatorShouldNotBeUsed.ql | 1 + ...antUnsignedIntegerExpressionsWrapAround.ql | 1 + .../SizeofOperatorUsedOnArrayTypeParam.ql | 1 + ...alizerListsContainPersistentSideEffects.ql | 1 + .../rules/RULE-13-2/UnsequencedSideEffects.ql | 1 + .../SideEffectAndCrementInFullExpression.ql | 1 + ...ltOfAnAssignmentOperatorShouldNotBeUsed.ql | 1 + ...pressedSideEffectInLogicOperatorOperand.ql | 1 + .../RULE-13-6/SizeofOperandWithSideEffect.ql | 1 + .../RULE-14-1/LoopOverEssentiallyFloatType.ql | 1 + .../rules/RULE-14-2/ForLoopNotWellFormed.ql | 1 + .../RULE-14-3/ControllingExprInvariant.ql | 1 + .../rules/RULE-14-4/NonBooleanIfCondition.ql | 1 + .../RULE-14-4/NonBooleanIterationCondition.ql | 1 + .../src/rules/RULE-15-1/GotoStatementUsed.ql | 1 + .../RULE-15-2/GotoLabelLocationCondition.ql | 1 + .../RULE-15-3/GotoLabelBlockCondition.ql | 1 + .../rules/RULE-15-4/LoopIterationCondition.ql | 1 + .../RULE-15-5/FunctionReturnCondition.ql | 1 + .../rules/RULE-15-6/LoopCompoundCondition.ql | 1 + .../RULE-15-6/SelectionCompoundCondition.ql | 1 + .../RULE-15-6/SwitchCompoundCondition.ql | 1 + .../src/rules/RULE-15-7/IfElseEndCondition.ql | 1 + .../RULE-16-1/SwitchCaseStartCondition.ql | 1 + .../RULE-16-1/SwitchStmtNotWellFormed.ql | 1 + .../NestSwitchLabelInSwitchStatement.ql | 1 + .../BreakShallTerminateSwitchClause.ql | 1 + .../EverySwitchShallHaveDefaultLabel.ql | 1 + .../DefaultNotFirstOrLastOfSwitch.ql | 1 + .../RULE-16-6/SwitchClauseNumberCondition.ql | 1 + .../SwitchExpressionBoolCondition.ql | 1 + .../rules/RULE-17-1/FeaturesOfStdarghUsed.ql | 1 + .../RULE-17-2/RecursiveFunctionCondition.ql | 1 + .../RULE-17-3/FunctionDeclaredImplicitly.ql | 1 + .../NonVoidFunctionReturnCondition.ql | 1 + .../ArrayFunctionArgumentNumberOfElements.ql | 1 + .../src/rules/RULE-17-6/UseOfArrayStatic.ql | 1 + .../ValueReturnedByAFunctionNotUsed.ql | 1 + .../ModificationOfFunctionParameter.ql | 1 + ...erAndDerivedPointerMustAddressSameArray.ql | 1 + ...tionBetweenPointersMustAddressSameArray.ql | 1 + ...OperatorComparesPointerToDifferentArray.ql | 1 + ...dditionOrSubtractionOperatorsOnPointers.ql | 1 + ...TwoLevelsOfPointerNestingInDeclarations.ql | 1 + ...StorageObjectAddressCopiedToOtherObject.ql | 1 + .../RULE-18-7/FlexibleArrayMembersDeclared.ql | 1 + .../RULE-18-8/VariableLengthArrayTypesUsed.ql | 1 + .../ObjectAssignedToAnOverlappingObject.ql | 1 + .../ObjectCopiedToAnOverlappingObject.ql | 1 + .../RULE-19-2/UnionKeywordShouldNotBeUsed.ql | 1 + c/misra/src/rules/RULE-2-1/UnreachableCode.ql | 1 + c/misra/src/rules/RULE-2-2/DeadCode.ql | 1 + .../rules/RULE-2-3/UnusedTypeDeclarations.ql | 1 + .../rules/RULE-2-4/UnusedTagDeclaration.ql | 1 + .../rules/RULE-2-5/UnusedMacroDeclaration.ql | 1 + .../rules/RULE-2-6/UnusedLabelDeclaration.ql | 1 + c/misra/src/rules/RULE-2-7/UnusedParameter.ql | 1 + ...irectivesPrecededByDirectivesOrComments.ql | 1 + ...reprocessorHashOperatorsShouldNotBeUsed.ql | 1 + ...oreThanOneHashOperatorInMacroDefinition.ql | 1 + .../MacroParameterUsedAsHashOperand.ql | 1 + .../ForbiddenCharactersInHeaderFileName.ql | 1 + .../MacroDefinedWithTheSameNameAsKeyword.ql | 1 + .../rules/RULE-20-5/UndefShouldNotBeUsed.ql | 1 + ...tionLikeMacroArgsContainHashTokenCQuery.ql | 1 + ...ParameterNotEnclosedInParenthesesCQuery.ql | 1 + .../ControllingExpressionIfDirective.ql | 1 + ...IdentifiersUsedInPreprocessorExpression.ql | 1 + ...ndefUsedOnReservedIdentifierOrMacroName.ql | 1 + ...StandardLibraryTimeAndDateFunctionsUsed.ql | 1 + .../StandardHeaderFileTgmathhUsed.ql | 1 + .../ExceptionHandlingFeaturesOfFenvhUsed.ql | 1 + .../CtypeFunctionArgNotUnsignedCharOrEof.ql | 1 + ...emcmpUsedToCompareNullTerminatedStrings.ql | 1 + ...veMemcmpArgNotPointersToCompatibleTypes.ql | 1 + .../MemcmpOnInappropriateEssentialTypeArgs.ql | 1 + ...tringFunctionPointerArgumentOutOfBounds.ql | 1 + .../StringLibrarySizeArgumentOutOfBounds.ql | 1 + ...ReturnedByLocaleSettingUsedAsPtrToConst.ql | 1 + .../DoNotDeclareAReservedIdentifier.ql | 1 + .../CallToSetlocaleInvalidatesOldPointers.ql | 1 + ...llToSetlocaleInvalidatesOldPointersWarn.ql | 1 + .../rules/RULE-21-21/SystemOfStdlibhUsed.ql | 1 + ...emoryAllocDeallocFunctionsOfStdlibhUsed.ql | 1 + .../StandardHeaderFileUsedSetjmph.ql | 1 + .../StandardHeaderFileUsedSignalh.ql | 1 + ...StandardLibraryInputoutputFunctionsUsed.ql | 1 + .../AtofAtoiAtolAndAtollOfStdlibhUsed.ql | 1 + .../TerminationFunctionsOfStdlibhUsed.ql | 1 + .../TerminationMacrosOfStdlibhUsed.ql | 1 + .../RULE-21-9/BsearchAndQsortOfStdlibhUsed.ql | 1 + .../CloseFileHandleWhenNoLongerNeededMisra.ql | 1 + .../FreeMemoryWhenNoLongerNeededMisra.ql | 1 + ...TestErrnoRightAfterErrnoSettingFunction.ql | 1 + ...OnlyFreeMemoryAllocatedDynamicallyMisra.ql | 1 + ...leOpenForReadAndWriteOnDifferentStreams.ql | 1 + .../AttemptToWriteToAReadOnlyStream.ql | 1 + .../PointerToAFileObjectDereferenced.ql | 1 + .../rules/RULE-22-6/FileUsedAfterClosed.ql | 1 + ...allBeComparedWithUnmodifiedReturnValues.ql | 1 + .../RULE-22-8/ErrnoSetToZeroPriorToCall.ql | 1 + .../RULE-22-9/ErrnoSetToZeroAfterCall.ql | 1 + ...CharacterSequencesAndUsedWithinAComment.ql | 1 + .../RULE-3-2/LineSplicingUsedInComments.ql | 1 + ...HexadecimalEscapeSequencesNotTerminated.ql | 1 + .../ExternalIdentifiersNotDistinct.ql | 1 + ...ifiersDeclaredInTheSameScopeNotDistinct.ql | 1 + .../src/rules/RULE-5-3/IdentifierHidingC.ql | 1 + ...MacroIdentifierNotDistinctFromParameter.ql | 1 + .../RULE-5-4/MacroIdentifiersNotDistinct.ql | 1 + .../IdentifiersNotDistinctFromMacroNames.ql | 1 + .../rules/RULE-5-6/TypedefNameNotUnique.ql | 1 + .../src/rules/RULE-5-7/TagNameNotUnique.ql | 1 + ...IdentifiersWithExternalLinkageNotUnique.ql | 1 + ...IdentifiersWithInternalLinkageNotUnique.ql | 1 + ...hallOnlyBeDeclaredWithAnAppropriateType.ql | 1 + .../SingleBitNamedBitFieldsOfASignedType.ql | 1 + .../BitFieldDeclaredAsMemberOfAUnion.ql | 1 + .../src/rules/RULE-7-1/OctalConstantsUsed.ql | 1 + .../UOrUSuffixRepresentedInUnsignedType.ql | 1 + .../LowercaseCharacterLUsedInLiteralSuffix.ql | 1 + .../StringLiteralAssignedToNonConstChar.ql | 1 + .../rules/RULE-8-1/ExplicitlyDeclareTypes.ql | 1 + .../InlineFunctionNotDeclaredStaticStorage.ql | 1 + ...yExternalLinkageSizeExplicitlySpecified.ql | 1 + ...lueImplicitEnumerationConstantNotUnique.ql | 1 + ...interShouldPointToConstTypeWhenPossible.ql | 1 + .../RULE-8-14/RestrictTypeQualifierUsed.ql | 1 + .../FunctionTypesNotInPrototypeForm.ql | 1 + .../DeclarationsOfAFunctionSameNameAndType.ql | 1 + .../DeclarationsOfAnObjectSameNameAndType.ql | 1 + .../CompatibleDeclarationFunctionDefined.ql | 1 + .../CompatibleDeclarationObjectDefined.ql | 1 + ...nalObjectOrFunctionNotDeclaredInOneFile.ql | 1 + ...ntifierWithExternalLinkageOneDefinition.ql | 1 + .../ShouldNotBeDefinedWithExternalLinkage.ql | 1 + ...ngStaticSpecifierFunctionRedeclarationC.ql | 1 + ...singStaticSpecifierObjectRedeclarationC.ql | 1 + ...nnecessaryExposedIdentifierDeclarationC.ql | 1 + ...ctWithAutoStorageDurationReadBeforeInit.ql | 1 + ...rForAggregateOrUnionNotEnclosedInBraces.ql | 1 + ...nitializedArrayWithExplicitInitializers.ql | 1 + ...dInitializationOfAggregateObjectElement.ql | 1 + rule_packages/c/Banned.json | 54 ++++-- rule_packages/c/BitfieldTypes.json | 8 +- rule_packages/c/BitfieldTypes2.json | 5 +- rule_packages/c/Concurrency4.json | 5 +- rule_packages/c/Contracts1.json | 54 +++--- rule_packages/c/Contracts2.json | 9 +- rule_packages/c/Contracts3.json | 71 +++++--- rule_packages/c/Contracts4.json | 22 ++- rule_packages/c/Contracts5.json | 52 +++--- rule_packages/c/Contracts6.json | 14 +- rule_packages/c/Contracts7.json | 9 +- rule_packages/c/DeadCode.json | 21 ++- rule_packages/c/Declarations1.json | 172 +++++++++--------- rule_packages/c/Declarations2.json | 162 ++++++++--------- rule_packages/c/Declarations3.json | 15 +- rule_packages/c/Declarations4.json | 18 +- rule_packages/c/Declarations5.json | 15 +- rule_packages/c/Declarations6.json | 21 ++- rule_packages/c/Declarations7.json | 6 +- rule_packages/c/EssentialTypes.json | 36 ++-- rule_packages/c/IO1.json | 3 +- rule_packages/c/IO3.json | 12 +- rule_packages/c/IO4.json | 2 +- rule_packages/c/IntegerOverflow.json | 3 +- rule_packages/c/InvalidMemory1.json | 3 +- rule_packages/c/Language1.json | 3 +- rule_packages/c/Language2.json | 6 +- rule_packages/c/Language3.json | 6 +- rule_packages/c/Memory1.json | 11 +- rule_packages/c/Memory2.json | 9 +- rule_packages/c/Misc.json | 2 +- rule_packages/c/OutOfBounds.json | 6 +- rule_packages/c/Pointers1.json | 51 ++++-- rule_packages/c/Pointers2.json | 2 +- rule_packages/c/Preprocessor1.json | 15 +- rule_packages/c/Preprocessor2.json | 12 +- rule_packages/c/Preprocessor3.json | 39 ++-- rule_packages/c/Preprocessor4.json | 9 +- rule_packages/c/Preprocessor5.json | 3 +- rule_packages/c/Preprocessor6.json | 3 +- rule_packages/c/SideEffects1.json | 18 +- rule_packages/c/SideEffects2.json | 6 +- rule_packages/c/SideEffects3.json | 3 +- .../c/StandardLibraryFunctionTypes.json | 8 +- rule_packages/c/Statements1.json | 13 +- rule_packages/c/Statements2.json | 15 +- rule_packages/c/Statements3.json | 21 ++- rule_packages/c/Statements4.json | 9 +- rule_packages/c/Statements5.json | 11 +- rule_packages/c/Statements6.json | 3 +- rule_packages/c/Static.json | 3 +- rule_packages/c/Syntax.json | 21 ++- rule_packages/c/Types1.json | 14 +- 229 files changed, 845 insertions(+), 445 deletions(-) diff --git a/c/misra/src/rules/DIR-4-10/PrecautionIncludeGuardsNotProvided.ql b/c/misra/src/rules/DIR-4-10/PrecautionIncludeGuardsNotProvided.ql index 58ec5c80a9..338437b5b2 100644 --- a/c/misra/src/rules/DIR-4-10/PrecautionIncludeGuardsNotProvided.ql +++ b/c/misra/src/rules/DIR-4-10/PrecautionIncludeGuardsNotProvided.ql @@ -10,6 +10,7 @@ * correctness * maintainability * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/DIR-4-12/StdLibDynamicMemoryAllocationUsed.ql b/c/misra/src/rules/DIR-4-12/StdLibDynamicMemoryAllocationUsed.ql index dc1e21c97a..5c70bec761 100644 --- a/c/misra/src/rules/DIR-4-12/StdLibDynamicMemoryAllocationUsed.ql +++ b/c/misra/src/rules/DIR-4-12/StdLibDynamicMemoryAllocationUsed.ql @@ -11,6 +11,7 @@ * security * correctness * maintainability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.ql b/c/misra/src/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.ql index 9503024671..1afd57913e 100644 --- a/c/misra/src/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.ql +++ b/c/misra/src/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.ql @@ -8,6 +8,7 @@ * @tags external/misra/id/dir-4-2 * maintainability * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/DIR-4-3/LanguageNotEncapsulatedAndIsolated.ql b/c/misra/src/rules/DIR-4-3/LanguageNotEncapsulatedAndIsolated.ql index fb9f00e9c4..698cbabf01 100644 --- a/c/misra/src/rules/DIR-4-3/LanguageNotEncapsulatedAndIsolated.ql +++ b/c/misra/src/rules/DIR-4-3/LanguageNotEncapsulatedAndIsolated.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/dir-4-3 * maintainability * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/DIR-4-4/SectionsOfCodeShallNotBeCommentedOut.ql b/c/misra/src/rules/DIR-4-4/SectionsOfCodeShallNotBeCommentedOut.ql index d0af758699..272a411f0e 100644 --- a/c/misra/src/rules/DIR-4-4/SectionsOfCodeShallNotBeCommentedOut.ql +++ b/c/misra/src/rules/DIR-4-4/SectionsOfCodeShallNotBeCommentedOut.ql @@ -9,6 +9,7 @@ * maintainability * readability * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/DIR-4-5/IdentifiersInTheSameNameSpaceUnambiguous.ql b/c/misra/src/rules/DIR-4-5/IdentifiersInTheSameNameSpaceUnambiguous.ql index ced5bce28f..5dd78fc340 100644 --- a/c/misra/src/rules/DIR-4-5/IdentifiersInTheSameNameSpaceUnambiguous.ql +++ b/c/misra/src/rules/DIR-4-5/IdentifiersInTheSameNameSpaceUnambiguous.ql @@ -8,6 +8,7 @@ * @tags external/misra/id/dir-4-5 * readability * maintainability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql b/c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql index c3ea6dfdbd..3891d8c99f 100644 --- a/c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql +++ b/c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql @@ -7,6 +7,7 @@ * @precision high * @problem.severity error * @tags external/misra/id/dir-4-6 + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/DIR-4-8/ObjectWithNoPointerDereferenceShouldBeOpaque.ql b/c/misra/src/rules/DIR-4-8/ObjectWithNoPointerDereferenceShouldBeOpaque.ql index 56f2dd785d..b32a0a4aee 100644 --- a/c/misra/src/rules/DIR-4-8/ObjectWithNoPointerDereferenceShouldBeOpaque.ql +++ b/c/misra/src/rules/DIR-4-8/ObjectWithNoPointerDereferenceShouldBeOpaque.ql @@ -10,6 +10,7 @@ * @tags external/misra/id/dir-4-8 * readability * maintainability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql b/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql index 3d8a51f219..582715e34f 100644 --- a/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql +++ b/c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql @@ -10,6 +10,7 @@ * external/misra/audit * maintainability * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql b/c/misra/src/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql index f38e41a1b6..9d1f27597f 100644 --- a/c/misra/src/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql +++ b/c/misra/src/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql @@ -8,6 +8,7 @@ * @tags external/misra/id/rule-1-2 * maintainability * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/RULE-1-3/OccurrenceOfUndefinedBehavior.ql b/c/misra/src/rules/RULE-1-3/OccurrenceOfUndefinedBehavior.ql index f6b295bd32..53f72e6bee 100644 --- a/c/misra/src/rules/RULE-1-3/OccurrenceOfUndefinedBehavior.ql +++ b/c/misra/src/rules/RULE-1-3/OccurrenceOfUndefinedBehavior.ql @@ -8,6 +8,7 @@ * @tags external/misra/id/rule-1-3 * maintainability * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-1-4/EmergentLanguageFeaturesUsed.ql b/c/misra/src/rules/RULE-1-4/EmergentLanguageFeaturesUsed.ql index 56ab349a11..a413b1c29a 100644 --- a/c/misra/src/rules/RULE-1-4/EmergentLanguageFeaturesUsed.ql +++ b/c/misra/src/rules/RULE-1-4/EmergentLanguageFeaturesUsed.ql @@ -8,6 +8,7 @@ * @tags external/misra/id/rule-1-4 * maintainability * readability + * external/misra/c/2012/amendment2 * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql b/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql index 5c39f89003..10612f3378 100644 --- a/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql +++ b/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql @@ -8,6 +8,7 @@ * @problem.severity warning * @tags external/misra/id/rule-10-1 * maintainability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-10-1/PointerTypeOnLogicalOperator.ql b/c/misra/src/rules/RULE-10-1/PointerTypeOnLogicalOperator.ql index 21bfdcb2be..b17f3710d5 100644 --- a/c/misra/src/rules/RULE-10-1/PointerTypeOnLogicalOperator.ql +++ b/c/misra/src/rules/RULE-10-1/PointerTypeOnLogicalOperator.ql @@ -8,6 +8,7 @@ * @problem.severity warning * @tags external/misra/id/rule-10-1 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-10-2/AdditionSubtractionOnEssentiallyCharType.ql b/c/misra/src/rules/RULE-10-2/AdditionSubtractionOnEssentiallyCharType.ql index ad0c630e23..750e589a1c 100644 --- a/c/misra/src/rules/RULE-10-2/AdditionSubtractionOnEssentiallyCharType.ql +++ b/c/misra/src/rules/RULE-10-2/AdditionSubtractionOnEssentiallyCharType.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-10-2 * maintainability * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-10-3/AssignmentOfIncompatibleEssentialType.ql b/c/misra/src/rules/RULE-10-3/AssignmentOfIncompatibleEssentialType.ql index 353f6a9c8d..af120fb13d 100644 --- a/c/misra/src/rules/RULE-10-3/AssignmentOfIncompatibleEssentialType.ql +++ b/c/misra/src/rules/RULE-10-3/AssignmentOfIncompatibleEssentialType.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-10-3 * maintainability * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-10-4/OperandsWithMismatchedEssentialTypeCategory.ql b/c/misra/src/rules/RULE-10-4/OperandsWithMismatchedEssentialTypeCategory.ql index d5ef8b6d26..cc4c860d7d 100644 --- a/c/misra/src/rules/RULE-10-4/OperandsWithMismatchedEssentialTypeCategory.ql +++ b/c/misra/src/rules/RULE-10-4/OperandsWithMismatchedEssentialTypeCategory.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-10-4 * maintainability * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-10-5/InappropriateEssentialTypeCast.ql b/c/misra/src/rules/RULE-10-5/InappropriateEssentialTypeCast.ql index 1ff8374e97..f782a16597 100644 --- a/c/misra/src/rules/RULE-10-5/InappropriateEssentialTypeCast.ql +++ b/c/misra/src/rules/RULE-10-5/InappropriateEssentialTypeCast.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-10-5 * maintainability * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/RULE-10-6/AssignmentToWiderEssentialType.ql b/c/misra/src/rules/RULE-10-6/AssignmentToWiderEssentialType.ql index 09e731ba71..8927e8570a 100644 --- a/c/misra/src/rules/RULE-10-6/AssignmentToWiderEssentialType.ql +++ b/c/misra/src/rules/RULE-10-6/AssignmentToWiderEssentialType.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-10-6 * maintainability * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-10-7/ImplicitConversionOfCompositeExpression.ql b/c/misra/src/rules/RULE-10-7/ImplicitConversionOfCompositeExpression.ql index 1cf20378fa..b330bca00a 100644 --- a/c/misra/src/rules/RULE-10-7/ImplicitConversionOfCompositeExpression.ql +++ b/c/misra/src/rules/RULE-10-7/ImplicitConversionOfCompositeExpression.ql @@ -10,6 +10,7 @@ * @tags external/misra/id/rule-10-7 * maintainability * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-10-8/InappropriateCastOfCompositeExpression.ql b/c/misra/src/rules/RULE-10-8/InappropriateCastOfCompositeExpression.ql index 8e58ded416..162ba4439c 100644 --- a/c/misra/src/rules/RULE-10-8/InappropriateCastOfCompositeExpression.ql +++ b/c/misra/src/rules/RULE-10-8/InappropriateCastOfCompositeExpression.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-10-8 * maintainability * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-11-1/ConversionBetweenFunctionPointerAndOtherType.ql b/c/misra/src/rules/RULE-11-1/ConversionBetweenFunctionPointerAndOtherType.ql index acb5480e4f..36157e130e 100644 --- a/c/misra/src/rules/RULE-11-1/ConversionBetweenFunctionPointerAndOtherType.ql +++ b/c/misra/src/rules/RULE-11-1/ConversionBetweenFunctionPointerAndOtherType.ql @@ -8,6 +8,7 @@ * @problem.severity error * @tags external/misra/id/rule-11-1 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-11-2/ConversionBetweenIncompleteTypePointerAndOtherType.ql b/c/misra/src/rules/RULE-11-2/ConversionBetweenIncompleteTypePointerAndOtherType.ql index 43ee303415..6c552b0f39 100644 --- a/c/misra/src/rules/RULE-11-2/ConversionBetweenIncompleteTypePointerAndOtherType.ql +++ b/c/misra/src/rules/RULE-11-2/ConversionBetweenIncompleteTypePointerAndOtherType.ql @@ -8,6 +8,7 @@ * @problem.severity error * @tags external/misra/id/rule-11-2 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-11-3/CastBetweenObjectPointerAndDifferentObjectType.ql b/c/misra/src/rules/RULE-11-3/CastBetweenObjectPointerAndDifferentObjectType.ql index 59674e11ac..8292bd3b6f 100644 --- a/c/misra/src/rules/RULE-11-3/CastBetweenObjectPointerAndDifferentObjectType.ql +++ b/c/misra/src/rules/RULE-11-3/CastBetweenObjectPointerAndDifferentObjectType.ql @@ -9,6 +9,7 @@ * @problem.severity error * @tags external/misra/id/rule-11-3 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.ql b/c/misra/src/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.ql index aaa64fc3c0..8877d04323 100644 --- a/c/misra/src/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.ql +++ b/c/misra/src/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.ql @@ -8,6 +8,7 @@ * @problem.severity error * @tags external/misra/id/rule-11-4 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/RULE-11-5/ConversionFromPointerToVoidIntoPointerToObject.ql b/c/misra/src/rules/RULE-11-5/ConversionFromPointerToVoidIntoPointerToObject.ql index 69419e13cd..bdaebcbf54 100644 --- a/c/misra/src/rules/RULE-11-5/ConversionFromPointerToVoidIntoPointerToObject.ql +++ b/c/misra/src/rules/RULE-11-5/ConversionFromPointerToVoidIntoPointerToObject.ql @@ -8,6 +8,7 @@ * @problem.severity error * @tags external/misra/id/rule-11-5 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/RULE-11-6/CastBetweenPointerToVoidAndArithmeticType.ql b/c/misra/src/rules/RULE-11-6/CastBetweenPointerToVoidAndArithmeticType.ql index de75e9d37a..cc0adf0517 100644 --- a/c/misra/src/rules/RULE-11-6/CastBetweenPointerToVoidAndArithmeticType.ql +++ b/c/misra/src/rules/RULE-11-6/CastBetweenPointerToVoidAndArithmeticType.ql @@ -8,6 +8,7 @@ * @problem.severity error * @tags external/misra/id/rule-11-6 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-11-7/CastBetweenPointerToObjectAndNonIntArithmeticType.ql b/c/misra/src/rules/RULE-11-7/CastBetweenPointerToObjectAndNonIntArithmeticType.ql index f898998d32..e499ea6485 100644 --- a/c/misra/src/rules/RULE-11-7/CastBetweenPointerToObjectAndNonIntArithmeticType.ql +++ b/c/misra/src/rules/RULE-11-7/CastBetweenPointerToObjectAndNonIntArithmeticType.ql @@ -8,6 +8,7 @@ * @problem.severity error * @tags external/misra/id/rule-11-7 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-11-8/CastRemovesConstOrVolatileQualification.ql b/c/misra/src/rules/RULE-11-8/CastRemovesConstOrVolatileQualification.ql index 17b0df1a0e..17b12aaf99 100644 --- a/c/misra/src/rules/RULE-11-8/CastRemovesConstOrVolatileQualification.ql +++ b/c/misra/src/rules/RULE-11-8/CastRemovesConstOrVolatileQualification.ql @@ -8,6 +8,7 @@ * @problem.severity error * @tags external/misra/id/rule-11-8 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-11-9/MacroNullNotUsedAsIntegerNullPointerConstant.ql b/c/misra/src/rules/RULE-11-9/MacroNullNotUsedAsIntegerNullPointerConstant.ql index a5c34fb747..cb18ed0d1d 100644 --- a/c/misra/src/rules/RULE-11-9/MacroNullNotUsedAsIntegerNullPointerConstant.ql +++ b/c/misra/src/rules/RULE-11-9/MacroNullNotUsedAsIntegerNullPointerConstant.ql @@ -7,6 +7,7 @@ * @problem.severity error * @tags external/misra/id/rule-11-9 * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-12-1/ImplicitPrecedenceOfOperatorsInExpression.ql b/c/misra/src/rules/RULE-12-1/ImplicitPrecedenceOfOperatorsInExpression.ql index 005fffa32d..134068463c 100644 --- a/c/misra/src/rules/RULE-12-1/ImplicitPrecedenceOfOperatorsInExpression.ql +++ b/c/misra/src/rules/RULE-12-1/ImplicitPrecedenceOfOperatorsInExpression.ql @@ -9,6 +9,7 @@ * @problem.severity warning * @tags external/misra/id/rule-12-1 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/RULE-12-1/UnenclosedSizeofOperand.ql b/c/misra/src/rules/RULE-12-1/UnenclosedSizeofOperand.ql index 8975e7dff7..0081de320c 100644 --- a/c/misra/src/rules/RULE-12-1/UnenclosedSizeofOperand.ql +++ b/c/misra/src/rules/RULE-12-1/UnenclosedSizeofOperand.ql @@ -9,6 +9,7 @@ * @problem.severity warning * @tags external/misra/id/rule-12-1 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/RULE-12-2/RightHandOperandOfAShiftRange.ql b/c/misra/src/rules/RULE-12-2/RightHandOperandOfAShiftRange.ql index bd77bdacd2..da7a0f181e 100644 --- a/c/misra/src/rules/RULE-12-2/RightHandOperandOfAShiftRange.ql +++ b/c/misra/src/rules/RULE-12-2/RightHandOperandOfAShiftRange.ql @@ -8,6 +8,7 @@ * @problem.severity error * @tags external/misra/id/rule-12-2 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-12-3/CommaOperatorShouldNotBeUsed.ql b/c/misra/src/rules/RULE-12-3/CommaOperatorShouldNotBeUsed.ql index ec782d84f5..bccb382804 100644 --- a/c/misra/src/rules/RULE-12-3/CommaOperatorShouldNotBeUsed.ql +++ b/c/misra/src/rules/RULE-12-3/CommaOperatorShouldNotBeUsed.ql @@ -7,6 +7,7 @@ * @problem.severity recommendation * @tags external/misra/id/rule-12-3 * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/RULE-12-4/ConstantUnsignedIntegerExpressionsWrapAround.ql b/c/misra/src/rules/RULE-12-4/ConstantUnsignedIntegerExpressionsWrapAround.ql index 5009ef292d..1ebbf184bb 100644 --- a/c/misra/src/rules/RULE-12-4/ConstantUnsignedIntegerExpressionsWrapAround.ql +++ b/c/misra/src/rules/RULE-12-4/ConstantUnsignedIntegerExpressionsWrapAround.ql @@ -14,6 +14,7 @@ * @tags external/misra/id/rule-12-4 * correctness * security + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/RULE-12-5/SizeofOperatorUsedOnArrayTypeParam.ql b/c/misra/src/rules/RULE-12-5/SizeofOperatorUsedOnArrayTypeParam.ql index 3eed267198..2e080419e1 100644 --- a/c/misra/src/rules/RULE-12-5/SizeofOperatorUsedOnArrayTypeParam.ql +++ b/c/misra/src/rules/RULE-12-5/SizeofOperatorUsedOnArrayTypeParam.ql @@ -7,6 +7,7 @@ * @precision very-high * @problem.severity error * @tags external/misra/id/rule-12-5 + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/mandatory */ diff --git a/c/misra/src/rules/RULE-13-1/InitializerListsContainPersistentSideEffects.ql b/c/misra/src/rules/RULE-13-1/InitializerListsContainPersistentSideEffects.ql index 3cce2bb825..69ecbede58 100644 --- a/c/misra/src/rules/RULE-13-1/InitializerListsContainPersistentSideEffects.ql +++ b/c/misra/src/rules/RULE-13-1/InitializerListsContainPersistentSideEffects.ql @@ -8,6 +8,7 @@ * @problem.severity error * @tags external/misra/id/rule-13-1 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql b/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql index 2497e5d4a3..90b0315e88 100644 --- a/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql +++ b/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql @@ -8,6 +8,7 @@ * @problem.severity error * @tags external/misra/id/rule-13-2 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-13-3/SideEffectAndCrementInFullExpression.ql b/c/misra/src/rules/RULE-13-3/SideEffectAndCrementInFullExpression.ql index 3dd03120c8..173827e04e 100644 --- a/c/misra/src/rules/RULE-13-3/SideEffectAndCrementInFullExpression.ql +++ b/c/misra/src/rules/RULE-13-3/SideEffectAndCrementInFullExpression.ql @@ -10,6 +10,7 @@ * @tags external/misra/id/rule-13-3 * readability * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/RULE-13-4/ResultOfAnAssignmentOperatorShouldNotBeUsed.ql b/c/misra/src/rules/RULE-13-4/ResultOfAnAssignmentOperatorShouldNotBeUsed.ql index 69a5d57f25..c840947b1f 100644 --- a/c/misra/src/rules/RULE-13-4/ResultOfAnAssignmentOperatorShouldNotBeUsed.ql +++ b/c/misra/src/rules/RULE-13-4/ResultOfAnAssignmentOperatorShouldNotBeUsed.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-13-4 * correctness * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/RULE-13-5/PossibleSuppressedSideEffectInLogicOperatorOperand.ql b/c/misra/src/rules/RULE-13-5/PossibleSuppressedSideEffectInLogicOperatorOperand.ql index 90faf9ec23..9a5b7b2b7b 100644 --- a/c/misra/src/rules/RULE-13-5/PossibleSuppressedSideEffectInLogicOperatorOperand.ql +++ b/c/misra/src/rules/RULE-13-5/PossibleSuppressedSideEffectInLogicOperatorOperand.ql @@ -9,6 +9,7 @@ * @problem.severity error * @tags external/misra/id/rule-13-5 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-13-6/SizeofOperandWithSideEffect.ql b/c/misra/src/rules/RULE-13-6/SizeofOperandWithSideEffect.ql index 10317b1169..ec1551c2a6 100644 --- a/c/misra/src/rules/RULE-13-6/SizeofOperandWithSideEffect.ql +++ b/c/misra/src/rules/RULE-13-6/SizeofOperandWithSideEffect.ql @@ -8,6 +8,7 @@ * @problem.severity error * @tags external/misra/id/rule-13-6 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/mandatory */ diff --git a/c/misra/src/rules/RULE-14-1/LoopOverEssentiallyFloatType.ql b/c/misra/src/rules/RULE-14-1/LoopOverEssentiallyFloatType.ql index 6a0f772f61..83d91dac63 100644 --- a/c/misra/src/rules/RULE-14-1/LoopOverEssentiallyFloatType.ql +++ b/c/misra/src/rules/RULE-14-1/LoopOverEssentiallyFloatType.ql @@ -8,6 +8,7 @@ * @tags external/misra/id/rule-14-1 * maintainability * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-14-2/ForLoopNotWellFormed.ql b/c/misra/src/rules/RULE-14-2/ForLoopNotWellFormed.ql index 106bd9b5c6..7b3dc3c8dc 100644 --- a/c/misra/src/rules/RULE-14-2/ForLoopNotWellFormed.ql +++ b/c/misra/src/rules/RULE-14-2/ForLoopNotWellFormed.ql @@ -8,6 +8,7 @@ * @tags external/misra/id/rule-14-2 * readability * maintainability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql b/c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql index eb8e9ede82..1bd2708750 100644 --- a/c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql +++ b/c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql @@ -10,6 +10,7 @@ * correctness * maintainability * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-14-4/NonBooleanIfCondition.ql b/c/misra/src/rules/RULE-14-4/NonBooleanIfCondition.ql index 87d9d31512..f9a24d9492 100644 --- a/c/misra/src/rules/RULE-14-4/NonBooleanIfCondition.ql +++ b/c/misra/src/rules/RULE-14-4/NonBooleanIfCondition.ql @@ -8,6 +8,7 @@ * @tags external/misra/id/rule-14-4 * maintainability * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-14-4/NonBooleanIterationCondition.ql b/c/misra/src/rules/RULE-14-4/NonBooleanIterationCondition.ql index b2644a7a92..8418993db2 100644 --- a/c/misra/src/rules/RULE-14-4/NonBooleanIterationCondition.ql +++ b/c/misra/src/rules/RULE-14-4/NonBooleanIterationCondition.ql @@ -8,6 +8,7 @@ * @tags external/misra/id/rule-14-4 * maintainability * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-15-1/GotoStatementUsed.ql b/c/misra/src/rules/RULE-15-1/GotoStatementUsed.ql index d1c9aadadd..84c7dbd408 100644 --- a/c/misra/src/rules/RULE-15-1/GotoStatementUsed.ql +++ b/c/misra/src/rules/RULE-15-1/GotoStatementUsed.ql @@ -8,6 +8,7 @@ * @tags external/misra/id/rule-15-1 * correctness * security + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/RULE-15-2/GotoLabelLocationCondition.ql b/c/misra/src/rules/RULE-15-2/GotoLabelLocationCondition.ql index d12521dd7e..623fb9baed 100644 --- a/c/misra/src/rules/RULE-15-2/GotoLabelLocationCondition.ql +++ b/c/misra/src/rules/RULE-15-2/GotoLabelLocationCondition.ql @@ -8,6 +8,7 @@ * @tags external/misra/id/rule-15-2 * maintainability * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql b/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql index 1f9f066f53..a88f3170de 100644 --- a/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql +++ b/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-15-3 * maintainability * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-15-4/LoopIterationCondition.ql b/c/misra/src/rules/RULE-15-4/LoopIterationCondition.ql index ed541a68d0..b172a2c1ea 100644 --- a/c/misra/src/rules/RULE-15-4/LoopIterationCondition.ql +++ b/c/misra/src/rules/RULE-15-4/LoopIterationCondition.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-15-4 * maintainability * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/RULE-15-5/FunctionReturnCondition.ql b/c/misra/src/rules/RULE-15-5/FunctionReturnCondition.ql index 2fb5ad9d65..8e777d7332 100644 --- a/c/misra/src/rules/RULE-15-5/FunctionReturnCondition.ql +++ b/c/misra/src/rules/RULE-15-5/FunctionReturnCondition.ql @@ -9,6 +9,7 @@ * maintainability * readability * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/RULE-15-6/LoopCompoundCondition.ql b/c/misra/src/rules/RULE-15-6/LoopCompoundCondition.ql index a3e30ec345..9cc5bf9dda 100644 --- a/c/misra/src/rules/RULE-15-6/LoopCompoundCondition.ql +++ b/c/misra/src/rules/RULE-15-6/LoopCompoundCondition.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-15-6 * maintainability * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-15-6/SelectionCompoundCondition.ql b/c/misra/src/rules/RULE-15-6/SelectionCompoundCondition.ql index d181ca2d1c..f84c142414 100644 --- a/c/misra/src/rules/RULE-15-6/SelectionCompoundCondition.ql +++ b/c/misra/src/rules/RULE-15-6/SelectionCompoundCondition.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-15-6 * maintainability * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-15-6/SwitchCompoundCondition.ql b/c/misra/src/rules/RULE-15-6/SwitchCompoundCondition.ql index 837bfb12c1..1d446f323f 100644 --- a/c/misra/src/rules/RULE-15-6/SwitchCompoundCondition.ql +++ b/c/misra/src/rules/RULE-15-6/SwitchCompoundCondition.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-15-6 * maintainability * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-15-7/IfElseEndCondition.ql b/c/misra/src/rules/RULE-15-7/IfElseEndCondition.ql index f3992d26f5..ee06f484fe 100644 --- a/c/misra/src/rules/RULE-15-7/IfElseEndCondition.ql +++ b/c/misra/src/rules/RULE-15-7/IfElseEndCondition.ql @@ -8,6 +8,7 @@ * @tags external/misra/id/rule-15-7 * readability * maintainability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-16-1/SwitchCaseStartCondition.ql b/c/misra/src/rules/RULE-16-1/SwitchCaseStartCondition.ql index e30ac1bd7b..4ceca23d8f 100644 --- a/c/misra/src/rules/RULE-16-1/SwitchCaseStartCondition.ql +++ b/c/misra/src/rules/RULE-16-1/SwitchCaseStartCondition.ql @@ -8,6 +8,7 @@ * @tags external/misra/id/rule-16-1 * maintainability * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-16-1/SwitchStmtNotWellFormed.ql b/c/misra/src/rules/RULE-16-1/SwitchStmtNotWellFormed.ql index 9da9242a78..644994562a 100644 --- a/c/misra/src/rules/RULE-16-1/SwitchStmtNotWellFormed.ql +++ b/c/misra/src/rules/RULE-16-1/SwitchStmtNotWellFormed.ql @@ -8,6 +8,7 @@ * @tags external/misra/id/rule-16-1 * maintainability * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-16-2/NestSwitchLabelInSwitchStatement.ql b/c/misra/src/rules/RULE-16-2/NestSwitchLabelInSwitchStatement.ql index df4b6fc93a..45ad0519bb 100644 --- a/c/misra/src/rules/RULE-16-2/NestSwitchLabelInSwitchStatement.ql +++ b/c/misra/src/rules/RULE-16-2/NestSwitchLabelInSwitchStatement.ql @@ -8,6 +8,7 @@ * @tags external/misra/id/rule-16-2 * maintainability * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-16-3/BreakShallTerminateSwitchClause.ql b/c/misra/src/rules/RULE-16-3/BreakShallTerminateSwitchClause.ql index e62fe8c8d4..5ff30b53e0 100644 --- a/c/misra/src/rules/RULE-16-3/BreakShallTerminateSwitchClause.ql +++ b/c/misra/src/rules/RULE-16-3/BreakShallTerminateSwitchClause.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-16-3 * maintainability * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-16-4/EverySwitchShallHaveDefaultLabel.ql b/c/misra/src/rules/RULE-16-4/EverySwitchShallHaveDefaultLabel.ql index a5d7c3cf2c..441e30b7e7 100644 --- a/c/misra/src/rules/RULE-16-4/EverySwitchShallHaveDefaultLabel.ql +++ b/c/misra/src/rules/RULE-16-4/EverySwitchShallHaveDefaultLabel.ql @@ -10,6 +10,7 @@ * @tags external/misra/id/rule-16-4 * maintainability * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-16-5/DefaultNotFirstOrLastOfSwitch.ql b/c/misra/src/rules/RULE-16-5/DefaultNotFirstOrLastOfSwitch.ql index f86e242ee3..5a93477b9a 100644 --- a/c/misra/src/rules/RULE-16-5/DefaultNotFirstOrLastOfSwitch.ql +++ b/c/misra/src/rules/RULE-16-5/DefaultNotFirstOrLastOfSwitch.ql @@ -6,6 +6,7 @@ * @precision very-high * @problem.severity recommendation * @tags external/misra/id/rule-16-5 + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-16-6/SwitchClauseNumberCondition.ql b/c/misra/src/rules/RULE-16-6/SwitchClauseNumberCondition.ql index 8ddb2e49b2..0259f8023d 100644 --- a/c/misra/src/rules/RULE-16-6/SwitchClauseNumberCondition.ql +++ b/c/misra/src/rules/RULE-16-6/SwitchClauseNumberCondition.ql @@ -8,6 +8,7 @@ * @tags external/misra/id/rule-16-6 * maintainability * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-16-7/SwitchExpressionBoolCondition.ql b/c/misra/src/rules/RULE-16-7/SwitchExpressionBoolCondition.ql index 9aeb50d26e..06be288e2c 100644 --- a/c/misra/src/rules/RULE-16-7/SwitchExpressionBoolCondition.ql +++ b/c/misra/src/rules/RULE-16-7/SwitchExpressionBoolCondition.ql @@ -8,6 +8,7 @@ * @tags external/misra/id/rule-16-7 * readability * maintainability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-17-1/FeaturesOfStdarghUsed.ql b/c/misra/src/rules/RULE-17-1/FeaturesOfStdarghUsed.ql index 1cde8b98f2..ddccb58ad1 100644 --- a/c/misra/src/rules/RULE-17-1/FeaturesOfStdarghUsed.ql +++ b/c/misra/src/rules/RULE-17-1/FeaturesOfStdarghUsed.ql @@ -7,6 +7,7 @@ * @problem.severity error * @tags external/misra/id/rule-17-1 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-17-2/RecursiveFunctionCondition.ql b/c/misra/src/rules/RULE-17-2/RecursiveFunctionCondition.ql index b6f13c4d1f..c7cb818119 100644 --- a/c/misra/src/rules/RULE-17-2/RecursiveFunctionCondition.ql +++ b/c/misra/src/rules/RULE-17-2/RecursiveFunctionCondition.ql @@ -8,6 +8,7 @@ * @tags external/misra/id/rule-17-2 * maintainability * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-17-3/FunctionDeclaredImplicitly.ql b/c/misra/src/rules/RULE-17-3/FunctionDeclaredImplicitly.ql index 304d0a9bf6..af6c9bccad 100644 --- a/c/misra/src/rules/RULE-17-3/FunctionDeclaredImplicitly.ql +++ b/c/misra/src/rules/RULE-17-3/FunctionDeclaredImplicitly.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-17-3 * correctness * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/mandatory */ diff --git a/c/misra/src/rules/RULE-17-4/NonVoidFunctionReturnCondition.ql b/c/misra/src/rules/RULE-17-4/NonVoidFunctionReturnCondition.ql index 24329e5ab5..1529a403c9 100644 --- a/c/misra/src/rules/RULE-17-4/NonVoidFunctionReturnCondition.ql +++ b/c/misra/src/rules/RULE-17-4/NonVoidFunctionReturnCondition.ql @@ -10,6 +10,7 @@ * correctness * maintainability * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/mandatory */ diff --git a/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql b/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql index 208e8153d6..bb29be50ac 100644 --- a/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql +++ b/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql @@ -8,6 +8,7 @@ * @problem.severity error * @tags external/misra/id/rule-17-5 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/RULE-17-6/UseOfArrayStatic.ql b/c/misra/src/rules/RULE-17-6/UseOfArrayStatic.ql index 876321c455..0a1232b6ad 100644 --- a/c/misra/src/rules/RULE-17-6/UseOfArrayStatic.ql +++ b/c/misra/src/rules/RULE-17-6/UseOfArrayStatic.ql @@ -8,6 +8,7 @@ * @problem.severity error * @tags external/misra/id/rule-17-6 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/mandatory */ diff --git a/c/misra/src/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.ql b/c/misra/src/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.ql index 02d0a54ec1..42b0d7a2e2 100644 --- a/c/misra/src/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.ql +++ b/c/misra/src/rules/RULE-17-7/ValueReturnedByAFunctionNotUsed.ql @@ -8,6 +8,7 @@ * @problem.severity error * @tags external/misra/id/rule-17-7 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-17-8/ModificationOfFunctionParameter.ql b/c/misra/src/rules/RULE-17-8/ModificationOfFunctionParameter.ql index 6867455a45..95cddb57d3 100644 --- a/c/misra/src/rules/RULE-17-8/ModificationOfFunctionParameter.ql +++ b/c/misra/src/rules/RULE-17-8/ModificationOfFunctionParameter.ql @@ -9,6 +9,7 @@ * @problem.severity warning * @tags external/misra/id/rule-17-8 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/RULE-18-1/PointerAndDerivedPointerMustAddressSameArray.ql b/c/misra/src/rules/RULE-18-1/PointerAndDerivedPointerMustAddressSameArray.ql index f17d596ead..c8944bd30d 100644 --- a/c/misra/src/rules/RULE-18-1/PointerAndDerivedPointerMustAddressSameArray.ql +++ b/c/misra/src/rules/RULE-18-1/PointerAndDerivedPointerMustAddressSameArray.ql @@ -8,6 +8,7 @@ * @problem.severity error * @tags external/misra/id/rule-18-1 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-18-2/SubtractionBetweenPointersMustAddressSameArray.ql b/c/misra/src/rules/RULE-18-2/SubtractionBetweenPointersMustAddressSameArray.ql index b6fbb31f1c..ec3a30d5ba 100644 --- a/c/misra/src/rules/RULE-18-2/SubtractionBetweenPointersMustAddressSameArray.ql +++ b/c/misra/src/rules/RULE-18-2/SubtractionBetweenPointersMustAddressSameArray.ql @@ -8,6 +8,7 @@ * @problem.severity error * @tags external/misra/id/rule-18-2 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-18-3/RelationalOperatorComparesPointerToDifferentArray.ql b/c/misra/src/rules/RULE-18-3/RelationalOperatorComparesPointerToDifferentArray.ql index d7785a2d0e..4624cea616 100644 --- a/c/misra/src/rules/RULE-18-3/RelationalOperatorComparesPointerToDifferentArray.ql +++ b/c/misra/src/rules/RULE-18-3/RelationalOperatorComparesPointerToDifferentArray.ql @@ -8,6 +8,7 @@ * @problem.severity error * @tags external/misra/id/rule-18-3 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-18-4/DoNotUseAdditionOrSubtractionOperatorsOnPointers.ql b/c/misra/src/rules/RULE-18-4/DoNotUseAdditionOrSubtractionOperatorsOnPointers.ql index a5f8a85ff1..a1a1ad367b 100644 --- a/c/misra/src/rules/RULE-18-4/DoNotUseAdditionOrSubtractionOperatorsOnPointers.ql +++ b/c/misra/src/rules/RULE-18-4/DoNotUseAdditionOrSubtractionOperatorsOnPointers.ql @@ -8,6 +8,7 @@ * @problem.severity error * @tags external/misra/id/rule-18-4 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/RULE-18-5/NoMoreThanTwoLevelsOfPointerNestingInDeclarations.ql b/c/misra/src/rules/RULE-18-5/NoMoreThanTwoLevelsOfPointerNestingInDeclarations.ql index 7a847acbfa..f467c41804 100644 --- a/c/misra/src/rules/RULE-18-5/NoMoreThanTwoLevelsOfPointerNestingInDeclarations.ql +++ b/c/misra/src/rules/RULE-18-5/NoMoreThanTwoLevelsOfPointerNestingInDeclarations.ql @@ -8,6 +8,7 @@ * @problem.severity error * @tags external/misra/id/rule-18-5 * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/RULE-18-6/AutomaticStorageObjectAddressCopiedToOtherObject.ql b/c/misra/src/rules/RULE-18-6/AutomaticStorageObjectAddressCopiedToOtherObject.ql index 6d947efb16..efbc8d1334 100644 --- a/c/misra/src/rules/RULE-18-6/AutomaticStorageObjectAddressCopiedToOtherObject.ql +++ b/c/misra/src/rules/RULE-18-6/AutomaticStorageObjectAddressCopiedToOtherObject.ql @@ -9,6 +9,7 @@ * @problem.severity error * @tags external/misra/id/rule-18-6 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-18-7/FlexibleArrayMembersDeclared.ql b/c/misra/src/rules/RULE-18-7/FlexibleArrayMembersDeclared.ql index 5ae2c9b9c6..73f0732ba5 100644 --- a/c/misra/src/rules/RULE-18-7/FlexibleArrayMembersDeclared.ql +++ b/c/misra/src/rules/RULE-18-7/FlexibleArrayMembersDeclared.ql @@ -7,6 +7,7 @@ * @problem.severity error * @tags external/misra/id/rule-18-7 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-18-8/VariableLengthArrayTypesUsed.ql b/c/misra/src/rules/RULE-18-8/VariableLengthArrayTypesUsed.ql index 00d02cdc02..a7c25ed35e 100644 --- a/c/misra/src/rules/RULE-18-8/VariableLengthArrayTypesUsed.ql +++ b/c/misra/src/rules/RULE-18-8/VariableLengthArrayTypesUsed.ql @@ -8,6 +8,7 @@ * @tags external/misra/id/rule-18-8 * correctness * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-19-1/ObjectAssignedToAnOverlappingObject.ql b/c/misra/src/rules/RULE-19-1/ObjectAssignedToAnOverlappingObject.ql index b39ce4fba4..31c24dcdd8 100644 --- a/c/misra/src/rules/RULE-19-1/ObjectAssignedToAnOverlappingObject.ql +++ b/c/misra/src/rules/RULE-19-1/ObjectAssignedToAnOverlappingObject.ql @@ -7,6 +7,7 @@ * @problem.severity error * @tags external/misra/id/rule-19-1 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/mandatory */ diff --git a/c/misra/src/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.ql b/c/misra/src/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.ql index bee9b41e2c..e3e85faf34 100644 --- a/c/misra/src/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.ql +++ b/c/misra/src/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.ql @@ -7,6 +7,7 @@ * @problem.severity error * @tags external/misra/id/rule-19-1 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/mandatory */ diff --git a/c/misra/src/rules/RULE-19-2/UnionKeywordShouldNotBeUsed.ql b/c/misra/src/rules/RULE-19-2/UnionKeywordShouldNotBeUsed.ql index b3028d9add..14d01c47e3 100644 --- a/c/misra/src/rules/RULE-19-2/UnionKeywordShouldNotBeUsed.ql +++ b/c/misra/src/rules/RULE-19-2/UnionKeywordShouldNotBeUsed.ql @@ -7,6 +7,7 @@ * @problem.severity warning * @tags external/misra/id/rule-19-2 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/RULE-2-1/UnreachableCode.ql b/c/misra/src/rules/RULE-2-1/UnreachableCode.ql index 5de46fd9ea..020338913a 100644 --- a/c/misra/src/rules/RULE-2-1/UnreachableCode.ql +++ b/c/misra/src/rules/RULE-2-1/UnreachableCode.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-2-1 * readability * maintainability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-2-2/DeadCode.ql b/c/misra/src/rules/RULE-2-2/DeadCode.ql index c9ecb5e934..19ac69c2c1 100644 --- a/c/misra/src/rules/RULE-2-2/DeadCode.ql +++ b/c/misra/src/rules/RULE-2-2/DeadCode.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-2-2 * readability * maintainability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-2-3/UnusedTypeDeclarations.ql b/c/misra/src/rules/RULE-2-3/UnusedTypeDeclarations.ql index 3192ee960f..b4c6bbf42c 100644 --- a/c/misra/src/rules/RULE-2-3/UnusedTypeDeclarations.ql +++ b/c/misra/src/rules/RULE-2-3/UnusedTypeDeclarations.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-2-3 * readability * maintainability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/RULE-2-4/UnusedTagDeclaration.ql b/c/misra/src/rules/RULE-2-4/UnusedTagDeclaration.ql index c10985f28c..08fe2568e9 100644 --- a/c/misra/src/rules/RULE-2-4/UnusedTagDeclaration.ql +++ b/c/misra/src/rules/RULE-2-4/UnusedTagDeclaration.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-2-4 * readability * maintainability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/RULE-2-5/UnusedMacroDeclaration.ql b/c/misra/src/rules/RULE-2-5/UnusedMacroDeclaration.ql index ed2b1f6065..b7ea9f64de 100644 --- a/c/misra/src/rules/RULE-2-5/UnusedMacroDeclaration.ql +++ b/c/misra/src/rules/RULE-2-5/UnusedMacroDeclaration.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-2-5 * readability * maintainability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/RULE-2-6/UnusedLabelDeclaration.ql b/c/misra/src/rules/RULE-2-6/UnusedLabelDeclaration.ql index 4ab96707e4..7838c5fc1f 100644 --- a/c/misra/src/rules/RULE-2-6/UnusedLabelDeclaration.ql +++ b/c/misra/src/rules/RULE-2-6/UnusedLabelDeclaration.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-2-6 * readability * maintainability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/RULE-2-7/UnusedParameter.ql b/c/misra/src/rules/RULE-2-7/UnusedParameter.ql index b9c2f32f60..e27caee50b 100644 --- a/c/misra/src/rules/RULE-2-7/UnusedParameter.ql +++ b/c/misra/src/rules/RULE-2-7/UnusedParameter.ql @@ -8,6 +8,7 @@ * @tags external/misra/id/rule-2-7 * readability * maintainability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/RULE-20-1/IncludeDirectivesPrecededByDirectivesOrComments.ql b/c/misra/src/rules/RULE-20-1/IncludeDirectivesPrecededByDirectivesOrComments.ql index aa0d733eb2..ba78abcb5e 100644 --- a/c/misra/src/rules/RULE-20-1/IncludeDirectivesPrecededByDirectivesOrComments.ql +++ b/c/misra/src/rules/RULE-20-1/IncludeDirectivesPrecededByDirectivesOrComments.ql @@ -8,6 +8,7 @@ * @problem.severity warning * @tags external/misra/id/rule-20-1 * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/RULE-20-10/PreprocessorHashOperatorsShouldNotBeUsed.ql b/c/misra/src/rules/RULE-20-10/PreprocessorHashOperatorsShouldNotBeUsed.ql index f0d82928fb..016589af94 100644 --- a/c/misra/src/rules/RULE-20-10/PreprocessorHashOperatorsShouldNotBeUsed.ql +++ b/c/misra/src/rules/RULE-20-10/PreprocessorHashOperatorsShouldNotBeUsed.ql @@ -8,6 +8,7 @@ * @problem.severity warning * @tags external/misra/id/rule-20-10 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/RULE-20-11/MoreThanOneHashOperatorInMacroDefinition.ql b/c/misra/src/rules/RULE-20-11/MoreThanOneHashOperatorInMacroDefinition.ql index 42ea398e14..fc87186d3e 100644 --- a/c/misra/src/rules/RULE-20-11/MoreThanOneHashOperatorInMacroDefinition.ql +++ b/c/misra/src/rules/RULE-20-11/MoreThanOneHashOperatorInMacroDefinition.ql @@ -8,6 +8,7 @@ * @problem.severity warning * @tags external/misra/id/rule-20-11 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-20-12/MacroParameterUsedAsHashOperand.ql b/c/misra/src/rules/RULE-20-12/MacroParameterUsedAsHashOperand.ql index 8b9d6ca763..da66f66fb2 100644 --- a/c/misra/src/rules/RULE-20-12/MacroParameterUsedAsHashOperand.ql +++ b/c/misra/src/rules/RULE-20-12/MacroParameterUsedAsHashOperand.ql @@ -10,6 +10,7 @@ * @tags external/misra/id/rule-20-12 * maintainability * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-20-2/ForbiddenCharactersInHeaderFileName.ql b/c/misra/src/rules/RULE-20-2/ForbiddenCharactersInHeaderFileName.ql index a9b27e8669..d9942c3e56 100644 --- a/c/misra/src/rules/RULE-20-2/ForbiddenCharactersInHeaderFileName.ql +++ b/c/misra/src/rules/RULE-20-2/ForbiddenCharactersInHeaderFileName.ql @@ -8,6 +8,7 @@ * @problem.severity error * @tags external/misra/id/rule-20-2 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-20-4/MacroDefinedWithTheSameNameAsKeyword.ql b/c/misra/src/rules/RULE-20-4/MacroDefinedWithTheSameNameAsKeyword.ql index 6b9ae71120..210e081bb1 100644 --- a/c/misra/src/rules/RULE-20-4/MacroDefinedWithTheSameNameAsKeyword.ql +++ b/c/misra/src/rules/RULE-20-4/MacroDefinedWithTheSameNameAsKeyword.ql @@ -11,6 +11,7 @@ * correctness * readability * maintainability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-20-5/UndefShouldNotBeUsed.ql b/c/misra/src/rules/RULE-20-5/UndefShouldNotBeUsed.ql index c253c795e8..15bec51bf8 100644 --- a/c/misra/src/rules/RULE-20-5/UndefShouldNotBeUsed.ql +++ b/c/misra/src/rules/RULE-20-5/UndefShouldNotBeUsed.ql @@ -8,6 +8,7 @@ * @tags external/misra/id/rule-20-5 * maintainability * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/RULE-20-6/FunctionLikeMacroArgsContainHashTokenCQuery.ql b/c/misra/src/rules/RULE-20-6/FunctionLikeMacroArgsContainHashTokenCQuery.ql index 3e212dc972..e0fc8e4510 100644 --- a/c/misra/src/rules/RULE-20-6/FunctionLikeMacroArgsContainHashTokenCQuery.ql +++ b/c/misra/src/rules/RULE-20-6/FunctionLikeMacroArgsContainHashTokenCQuery.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-20-6 * readability * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-20-7/MacroParameterNotEnclosedInParenthesesCQuery.ql b/c/misra/src/rules/RULE-20-7/MacroParameterNotEnclosedInParenthesesCQuery.ql index ad4882d07c..e557f99a18 100644 --- a/c/misra/src/rules/RULE-20-7/MacroParameterNotEnclosedInParenthesesCQuery.ql +++ b/c/misra/src/rules/RULE-20-7/MacroParameterNotEnclosedInParenthesesCQuery.ql @@ -10,6 +10,7 @@ * @tags external/misra/id/rule-20-7 * correctness * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-20-8/ControllingExpressionIfDirective.ql b/c/misra/src/rules/RULE-20-8/ControllingExpressionIfDirective.ql index cd55e03ee0..5e2c1fbc27 100644 --- a/c/misra/src/rules/RULE-20-8/ControllingExpressionIfDirective.ql +++ b/c/misra/src/rules/RULE-20-8/ControllingExpressionIfDirective.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-20-8 * maintainability * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-20-9/IdentifiersUsedInPreprocessorExpression.ql b/c/misra/src/rules/RULE-20-9/IdentifiersUsedInPreprocessorExpression.ql index 15ca323038..be6f3c00f3 100644 --- a/c/misra/src/rules/RULE-20-9/IdentifiersUsedInPreprocessorExpression.ql +++ b/c/misra/src/rules/RULE-20-9/IdentifiersUsedInPreprocessorExpression.ql @@ -10,6 +10,7 @@ * @tags external/misra/id/rule-20-9 * correctness * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-21-1/DefineAndUndefUsedOnReservedIdentifierOrMacroName.ql b/c/misra/src/rules/RULE-21-1/DefineAndUndefUsedOnReservedIdentifierOrMacroName.ql index b37b5cb92e..86d8426df8 100644 --- a/c/misra/src/rules/RULE-21-1/DefineAndUndefUsedOnReservedIdentifierOrMacroName.ql +++ b/c/misra/src/rules/RULE-21-1/DefineAndUndefUsedOnReservedIdentifierOrMacroName.ql @@ -10,6 +10,7 @@ * correctness * readability * maintainability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-21-10/StandardLibraryTimeAndDateFunctionsUsed.ql b/c/misra/src/rules/RULE-21-10/StandardLibraryTimeAndDateFunctionsUsed.ql index c519ebe701..0ad9c350f2 100644 --- a/c/misra/src/rules/RULE-21-10/StandardLibraryTimeAndDateFunctionsUsed.ql +++ b/c/misra/src/rules/RULE-21-10/StandardLibraryTimeAndDateFunctionsUsed.ql @@ -7,6 +7,7 @@ * @problem.severity error * @tags external/misra/id/rule-21-10 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-21-11/StandardHeaderFileTgmathhUsed.ql b/c/misra/src/rules/RULE-21-11/StandardHeaderFileTgmathhUsed.ql index 5a33f94fb6..1c6b1bcd3d 100644 --- a/c/misra/src/rules/RULE-21-11/StandardHeaderFileTgmathhUsed.ql +++ b/c/misra/src/rules/RULE-21-11/StandardHeaderFileTgmathhUsed.ql @@ -7,6 +7,7 @@ * @problem.severity error * @tags external/misra/id/rule-21-11 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-21-12/ExceptionHandlingFeaturesOfFenvhUsed.ql b/c/misra/src/rules/RULE-21-12/ExceptionHandlingFeaturesOfFenvhUsed.ql index 727cb190e9..33da2f5d03 100644 --- a/c/misra/src/rules/RULE-21-12/ExceptionHandlingFeaturesOfFenvhUsed.ql +++ b/c/misra/src/rules/RULE-21-12/ExceptionHandlingFeaturesOfFenvhUsed.ql @@ -8,6 +8,7 @@ * @problem.severity warning * @tags external/misra/id/rule-21-12 * correctness + * external/misra/c/2012/amendment2 * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql b/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql index 70ec91e3c1..b7ccf534fa 100644 --- a/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql +++ b/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql @@ -7,6 +7,7 @@ * @precision very-high * @problem.severity error * @tags external/misra/id/rule-21-13 + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/mandatory */ diff --git a/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql b/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql index 44e21d14db..c51ff10744 100644 --- a/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql +++ b/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-21-14 * maintainability * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql b/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql index 956fc5383e..f5d8057b3a 100644 --- a/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql +++ b/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql @@ -7,6 +7,7 @@ * @precision very-high * @problem.severity error * @tags external/misra/id/rule-21-15 + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-21-16/MemcmpOnInappropriateEssentialTypeArgs.ql b/c/misra/src/rules/RULE-21-16/MemcmpOnInappropriateEssentialTypeArgs.ql index 1a939e920c..cb70567660 100644 --- a/c/misra/src/rules/RULE-21-16/MemcmpOnInappropriateEssentialTypeArgs.ql +++ b/c/misra/src/rules/RULE-21-16/MemcmpOnInappropriateEssentialTypeArgs.ql @@ -10,6 +10,7 @@ * @tags external/misra/id/rule-21-16 * maintainability * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-21-17/StringFunctionPointerArgumentOutOfBounds.ql b/c/misra/src/rules/RULE-21-17/StringFunctionPointerArgumentOutOfBounds.ql index a4850781f6..31d3434c58 100644 --- a/c/misra/src/rules/RULE-21-17/StringFunctionPointerArgumentOutOfBounds.ql +++ b/c/misra/src/rules/RULE-21-17/StringFunctionPointerArgumentOutOfBounds.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-21-17 * correctness * security + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/mandatory */ diff --git a/c/misra/src/rules/RULE-21-18/StringLibrarySizeArgumentOutOfBounds.ql b/c/misra/src/rules/RULE-21-18/StringLibrarySizeArgumentOutOfBounds.ql index 3554b2791e..22ccc14b69 100644 --- a/c/misra/src/rules/RULE-21-18/StringLibrarySizeArgumentOutOfBounds.ql +++ b/c/misra/src/rules/RULE-21-18/StringLibrarySizeArgumentOutOfBounds.ql @@ -10,6 +10,7 @@ * @tags external/misra/id/rule-21-18 * correctness * security + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/mandatory */ diff --git a/c/misra/src/rules/RULE-21-19/ValuesReturnedByLocaleSettingUsedAsPtrToConst.ql b/c/misra/src/rules/RULE-21-19/ValuesReturnedByLocaleSettingUsedAsPtrToConst.ql index 0e02cc1d84..6fa3ad92be 100644 --- a/c/misra/src/rules/RULE-21-19/ValuesReturnedByLocaleSettingUsedAsPtrToConst.ql +++ b/c/misra/src/rules/RULE-21-19/ValuesReturnedByLocaleSettingUsedAsPtrToConst.ql @@ -9,6 +9,7 @@ * @problem.severity error * @tags external/misra/id/rule-21-19 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/mandatory */ diff --git a/c/misra/src/rules/RULE-21-2/DoNotDeclareAReservedIdentifier.ql b/c/misra/src/rules/RULE-21-2/DoNotDeclareAReservedIdentifier.ql index 89140222da..80ad8386bc 100644 --- a/c/misra/src/rules/RULE-21-2/DoNotDeclareAReservedIdentifier.ql +++ b/c/misra/src/rules/RULE-21-2/DoNotDeclareAReservedIdentifier.ql @@ -9,6 +9,7 @@ * correctness * maintainability * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-21-20/CallToSetlocaleInvalidatesOldPointers.ql b/c/misra/src/rules/RULE-21-20/CallToSetlocaleInvalidatesOldPointers.ql index c193e899db..6441add7fc 100644 --- a/c/misra/src/rules/RULE-21-20/CallToSetlocaleInvalidatesOldPointers.ql +++ b/c/misra/src/rules/RULE-21-20/CallToSetlocaleInvalidatesOldPointers.ql @@ -9,6 +9,7 @@ * @problem.severity error * @tags external/misra/id/rule-21-20 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/mandatory */ diff --git a/c/misra/src/rules/RULE-21-20/CallToSetlocaleInvalidatesOldPointersWarn.ql b/c/misra/src/rules/RULE-21-20/CallToSetlocaleInvalidatesOldPointersWarn.ql index 0bbcb045d9..e7e97e2639 100644 --- a/c/misra/src/rules/RULE-21-20/CallToSetlocaleInvalidatesOldPointersWarn.ql +++ b/c/misra/src/rules/RULE-21-20/CallToSetlocaleInvalidatesOldPointersWarn.ql @@ -9,6 +9,7 @@ * @problem.severity warning * @tags external/misra/id/rule-21-20 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/mandatory */ diff --git a/c/misra/src/rules/RULE-21-21/SystemOfStdlibhUsed.ql b/c/misra/src/rules/RULE-21-21/SystemOfStdlibhUsed.ql index b38f159c14..81dd6ba1a3 100644 --- a/c/misra/src/rules/RULE-21-21/SystemOfStdlibhUsed.ql +++ b/c/misra/src/rules/RULE-21-21/SystemOfStdlibhUsed.ql @@ -8,6 +8,7 @@ * @problem.severity error * @tags external/misra/id/rule-21-21 * security + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-21-3/MemoryAllocDeallocFunctionsOfStdlibhUsed.ql b/c/misra/src/rules/RULE-21-3/MemoryAllocDeallocFunctionsOfStdlibhUsed.ql index ed3317b696..ab3ba3e328 100644 --- a/c/misra/src/rules/RULE-21-3/MemoryAllocDeallocFunctionsOfStdlibhUsed.ql +++ b/c/misra/src/rules/RULE-21-3/MemoryAllocDeallocFunctionsOfStdlibhUsed.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-21-3 * correctness * security + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.ql b/c/misra/src/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.ql index 6de73499c0..88ad0aa6db 100644 --- a/c/misra/src/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.ql +++ b/c/misra/src/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.ql @@ -7,6 +7,7 @@ * @problem.severity error * @tags external/misra/id/rule-21-4 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-21-5/StandardHeaderFileUsedSignalh.ql b/c/misra/src/rules/RULE-21-5/StandardHeaderFileUsedSignalh.ql index 004060b5a5..d22ee55742 100644 --- a/c/misra/src/rules/RULE-21-5/StandardHeaderFileUsedSignalh.ql +++ b/c/misra/src/rules/RULE-21-5/StandardHeaderFileUsedSignalh.ql @@ -7,6 +7,7 @@ * @problem.severity error * @tags external/misra/id/rule-21-5 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-21-6/StandardLibraryInputoutputFunctionsUsed.ql b/c/misra/src/rules/RULE-21-6/StandardLibraryInputoutputFunctionsUsed.ql index 6ef8c84cfe..6395ddc5ac 100644 --- a/c/misra/src/rules/RULE-21-6/StandardLibraryInputoutputFunctionsUsed.ql +++ b/c/misra/src/rules/RULE-21-6/StandardLibraryInputoutputFunctionsUsed.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-21-6 * security * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-21-7/AtofAtoiAtolAndAtollOfStdlibhUsed.ql b/c/misra/src/rules/RULE-21-7/AtofAtoiAtolAndAtollOfStdlibhUsed.ql index 7263e91d53..ce781403b1 100644 --- a/c/misra/src/rules/RULE-21-7/AtofAtoiAtolAndAtollOfStdlibhUsed.ql +++ b/c/misra/src/rules/RULE-21-7/AtofAtoiAtolAndAtollOfStdlibhUsed.ql @@ -8,6 +8,7 @@ * @problem.severity error * @tags external/misra/id/rule-21-7 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-21-8/TerminationFunctionsOfStdlibhUsed.ql b/c/misra/src/rules/RULE-21-8/TerminationFunctionsOfStdlibhUsed.ql index 3414e82ab2..cbc7dd5a92 100644 --- a/c/misra/src/rules/RULE-21-8/TerminationFunctionsOfStdlibhUsed.ql +++ b/c/misra/src/rules/RULE-21-8/TerminationFunctionsOfStdlibhUsed.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-21-8 * correctness * security + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-21-8/TerminationMacrosOfStdlibhUsed.ql b/c/misra/src/rules/RULE-21-8/TerminationMacrosOfStdlibhUsed.ql index 2f83ec6b70..7a911c1525 100644 --- a/c/misra/src/rules/RULE-21-8/TerminationMacrosOfStdlibhUsed.ql +++ b/c/misra/src/rules/RULE-21-8/TerminationMacrosOfStdlibhUsed.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-21-8 * correctness * security + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-21-9/BsearchAndQsortOfStdlibhUsed.ql b/c/misra/src/rules/RULE-21-9/BsearchAndQsortOfStdlibhUsed.ql index b446b7f3f6..6759fa93d1 100644 --- a/c/misra/src/rules/RULE-21-9/BsearchAndQsortOfStdlibhUsed.ql +++ b/c/misra/src/rules/RULE-21-9/BsearchAndQsortOfStdlibhUsed.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-21-9 * security * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-22-1/CloseFileHandleWhenNoLongerNeededMisra.ql b/c/misra/src/rules/RULE-22-1/CloseFileHandleWhenNoLongerNeededMisra.ql index c756bc2526..d888d87b6c 100644 --- a/c/misra/src/rules/RULE-22-1/CloseFileHandleWhenNoLongerNeededMisra.ql +++ b/c/misra/src/rules/RULE-22-1/CloseFileHandleWhenNoLongerNeededMisra.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-22-1 * correctness * security + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-22-1/FreeMemoryWhenNoLongerNeededMisra.ql b/c/misra/src/rules/RULE-22-1/FreeMemoryWhenNoLongerNeededMisra.ql index 1650590559..ca5853dac9 100644 --- a/c/misra/src/rules/RULE-22-1/FreeMemoryWhenNoLongerNeededMisra.ql +++ b/c/misra/src/rules/RULE-22-1/FreeMemoryWhenNoLongerNeededMisra.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-22-1 * correctness * security + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-22-10/OnlyTestErrnoRightAfterErrnoSettingFunction.ql b/c/misra/src/rules/RULE-22-10/OnlyTestErrnoRightAfterErrnoSettingFunction.ql index eab5a0c089..50e5350936 100644 --- a/c/misra/src/rules/RULE-22-10/OnlyTestErrnoRightAfterErrnoSettingFunction.ql +++ b/c/misra/src/rules/RULE-22-10/OnlyTestErrnoRightAfterErrnoSettingFunction.ql @@ -9,6 +9,7 @@ * @problem.severity warning * @tags external/misra/id/rule-22-10 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-22-2/OnlyFreeMemoryAllocatedDynamicallyMisra.ql b/c/misra/src/rules/RULE-22-2/OnlyFreeMemoryAllocatedDynamicallyMisra.ql index a149103c9a..cdbe8e2c16 100644 --- a/c/misra/src/rules/RULE-22-2/OnlyFreeMemoryAllocatedDynamicallyMisra.ql +++ b/c/misra/src/rules/RULE-22-2/OnlyFreeMemoryAllocatedDynamicallyMisra.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-22-2 * correctness * security + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/mandatory */ diff --git a/c/misra/src/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.ql b/c/misra/src/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.ql index c01afea39f..ee103ca6dc 100644 --- a/c/misra/src/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.ql +++ b/c/misra/src/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.ql @@ -8,6 +8,7 @@ * @problem.severity error * @tags external/misra/id/rule-22-3 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.ql b/c/misra/src/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.ql index 6dc3b3ee71..19bad99baa 100644 --- a/c/misra/src/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.ql +++ b/c/misra/src/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.ql @@ -7,6 +7,7 @@ * @problem.severity error * @tags external/misra/id/rule-22-4 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/mandatory */ diff --git a/c/misra/src/rules/RULE-22-5/PointerToAFileObjectDereferenced.ql b/c/misra/src/rules/RULE-22-5/PointerToAFileObjectDereferenced.ql index 86e0b76e21..05cc4e3433 100644 --- a/c/misra/src/rules/RULE-22-5/PointerToAFileObjectDereferenced.ql +++ b/c/misra/src/rules/RULE-22-5/PointerToAFileObjectDereferenced.ql @@ -7,6 +7,7 @@ * @problem.severity error * @tags external/misra/id/rule-22-5 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/mandatory */ diff --git a/c/misra/src/rules/RULE-22-6/FileUsedAfterClosed.ql b/c/misra/src/rules/RULE-22-6/FileUsedAfterClosed.ql index 78c5063ddd..64318dbedd 100644 --- a/c/misra/src/rules/RULE-22-6/FileUsedAfterClosed.ql +++ b/c/misra/src/rules/RULE-22-6/FileUsedAfterClosed.ql @@ -7,6 +7,7 @@ * @problem.severity error * @tags external/misra/id/rule-22-6 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/mandatory */ diff --git a/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql b/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql index 307357a93a..a29ee7c898 100644 --- a/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql +++ b/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql @@ -8,6 +8,7 @@ * @problem.severity error * @tags external/misra/id/rule-22-7 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-22-8/ErrnoSetToZeroPriorToCall.ql b/c/misra/src/rules/RULE-22-8/ErrnoSetToZeroPriorToCall.ql index de9a083545..6a39070ef0 100644 --- a/c/misra/src/rules/RULE-22-8/ErrnoSetToZeroPriorToCall.ql +++ b/c/misra/src/rules/RULE-22-8/ErrnoSetToZeroPriorToCall.ql @@ -9,6 +9,7 @@ * @problem.severity error * @tags external/misra/id/rule-22-8 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-22-9/ErrnoSetToZeroAfterCall.ql b/c/misra/src/rules/RULE-22-9/ErrnoSetToZeroAfterCall.ql index da4504b75b..274bf5b2ae 100644 --- a/c/misra/src/rules/RULE-22-9/ErrnoSetToZeroAfterCall.ql +++ b/c/misra/src/rules/RULE-22-9/ErrnoSetToZeroAfterCall.ql @@ -8,6 +8,7 @@ * @problem.severity error * @tags external/misra/id/rule-22-9 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-3-1/CharacterSequencesAndUsedWithinAComment.ql b/c/misra/src/rules/RULE-3-1/CharacterSequencesAndUsedWithinAComment.ql index f59606a0ac..6eb605dbd9 100644 --- a/c/misra/src/rules/RULE-3-1/CharacterSequencesAndUsedWithinAComment.ql +++ b/c/misra/src/rules/RULE-3-1/CharacterSequencesAndUsedWithinAComment.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-3-1 * maintainability * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-3-2/LineSplicingUsedInComments.ql b/c/misra/src/rules/RULE-3-2/LineSplicingUsedInComments.ql index cf6a2bb547..f1fd85b129 100644 --- a/c/misra/src/rules/RULE-3-2/LineSplicingUsedInComments.ql +++ b/c/misra/src/rules/RULE-3-2/LineSplicingUsedInComments.ql @@ -10,6 +10,7 @@ * maintainability * readability * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-4-1/OctalAndHexadecimalEscapeSequencesNotTerminated.ql b/c/misra/src/rules/RULE-4-1/OctalAndHexadecimalEscapeSequencesNotTerminated.ql index fd77f1a688..0f04a7362b 100644 --- a/c/misra/src/rules/RULE-4-1/OctalAndHexadecimalEscapeSequencesNotTerminated.ql +++ b/c/misra/src/rules/RULE-4-1/OctalAndHexadecimalEscapeSequencesNotTerminated.ql @@ -10,6 +10,7 @@ * maintainability * readability * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-5-1/ExternalIdentifiersNotDistinct.ql b/c/misra/src/rules/RULE-5-1/ExternalIdentifiersNotDistinct.ql index fa7190c39b..2c2c302bc0 100644 --- a/c/misra/src/rules/RULE-5-1/ExternalIdentifiersNotDistinct.ql +++ b/c/misra/src/rules/RULE-5-1/ExternalIdentifiersNotDistinct.ql @@ -9,6 +9,7 @@ * correctness * maintainability * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-5-2/IdentifiersDeclaredInTheSameScopeNotDistinct.ql b/c/misra/src/rules/RULE-5-2/IdentifiersDeclaredInTheSameScopeNotDistinct.ql index 682d7538c5..eb24d1c094 100644 --- a/c/misra/src/rules/RULE-5-2/IdentifiersDeclaredInTheSameScopeNotDistinct.ql +++ b/c/misra/src/rules/RULE-5-2/IdentifiersDeclaredInTheSameScopeNotDistinct.ql @@ -9,6 +9,7 @@ * correctness * maintainability * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-5-3/IdentifierHidingC.ql b/c/misra/src/rules/RULE-5-3/IdentifierHidingC.ql index 3463d08e1c..1c54b70147 100644 --- a/c/misra/src/rules/RULE-5-3/IdentifierHidingC.ql +++ b/c/misra/src/rules/RULE-5-3/IdentifierHidingC.ql @@ -10,6 +10,7 @@ * @tags external/misra/id/rule-5-3 * readability * maintainability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-5-4/MacroIdentifierNotDistinctFromParameter.ql b/c/misra/src/rules/RULE-5-4/MacroIdentifierNotDistinctFromParameter.ql index 886e05f0ea..d8a78cb680 100644 --- a/c/misra/src/rules/RULE-5-4/MacroIdentifierNotDistinctFromParameter.ql +++ b/c/misra/src/rules/RULE-5-4/MacroIdentifierNotDistinctFromParameter.ql @@ -8,6 +8,7 @@ * @tags external/misra/id/rule-5-4 * maintainability * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-5-4/MacroIdentifiersNotDistinct.ql b/c/misra/src/rules/RULE-5-4/MacroIdentifiersNotDistinct.ql index 5b3683bdc4..abd22068dd 100644 --- a/c/misra/src/rules/RULE-5-4/MacroIdentifiersNotDistinct.ql +++ b/c/misra/src/rules/RULE-5-4/MacroIdentifiersNotDistinct.ql @@ -9,6 +9,7 @@ * correctness * maintainability * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-5-5/IdentifiersNotDistinctFromMacroNames.ql b/c/misra/src/rules/RULE-5-5/IdentifiersNotDistinctFromMacroNames.ql index a63d9656b8..da6b725ab5 100644 --- a/c/misra/src/rules/RULE-5-5/IdentifiersNotDistinctFromMacroNames.ql +++ b/c/misra/src/rules/RULE-5-5/IdentifiersNotDistinctFromMacroNames.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-5-5 * readability * maintainability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-5-6/TypedefNameNotUnique.ql b/c/misra/src/rules/RULE-5-6/TypedefNameNotUnique.ql index 2e9126d3af..1398df6a4d 100644 --- a/c/misra/src/rules/RULE-5-6/TypedefNameNotUnique.ql +++ b/c/misra/src/rules/RULE-5-6/TypedefNameNotUnique.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-5-6 * readability * maintainability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-5-7/TagNameNotUnique.ql b/c/misra/src/rules/RULE-5-7/TagNameNotUnique.ql index 1c8a7a6b34..fa6560ab49 100644 --- a/c/misra/src/rules/RULE-5-7/TagNameNotUnique.ql +++ b/c/misra/src/rules/RULE-5-7/TagNameNotUnique.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-5-7 * readability * maintainability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-5-8/IdentifiersWithExternalLinkageNotUnique.ql b/c/misra/src/rules/RULE-5-8/IdentifiersWithExternalLinkageNotUnique.ql index 1b21dd273e..fa1b2b1fad 100644 --- a/c/misra/src/rules/RULE-5-8/IdentifiersWithExternalLinkageNotUnique.ql +++ b/c/misra/src/rules/RULE-5-8/IdentifiersWithExternalLinkageNotUnique.ql @@ -8,6 +8,7 @@ * @tags external/misra/id/rule-5-8 * maintainability * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-5-9/IdentifiersWithInternalLinkageNotUnique.ql b/c/misra/src/rules/RULE-5-9/IdentifiersWithInternalLinkageNotUnique.ql index 45f63a3207..fcba48f2fd 100644 --- a/c/misra/src/rules/RULE-5-9/IdentifiersWithInternalLinkageNotUnique.ql +++ b/c/misra/src/rules/RULE-5-9/IdentifiersWithInternalLinkageNotUnique.ql @@ -8,6 +8,7 @@ * @tags external/misra/id/rule-5-9 * maintainability * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql b/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql index f5bc589a4d..078c2c48b7 100644 --- a/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql +++ b/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql @@ -7,6 +7,7 @@ * @precision very-high * @problem.severity error * @tags external/misra/id/rule-6-1 + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql b/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql index d699c1c9b7..142a0b542d 100644 --- a/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql +++ b/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql @@ -7,6 +7,7 @@ * @precision very-high * @problem.severity error * @tags external/misra/id/rule-6-2 + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-6-3/BitFieldDeclaredAsMemberOfAUnion.ql b/c/misra/src/rules/RULE-6-3/BitFieldDeclaredAsMemberOfAUnion.ql index 5fcf938046..4befbb9dd6 100644 --- a/c/misra/src/rules/RULE-6-3/BitFieldDeclaredAsMemberOfAUnion.ql +++ b/c/misra/src/rules/RULE-6-3/BitFieldDeclaredAsMemberOfAUnion.ql @@ -8,6 +8,7 @@ * @problem.severity warning * @tags external/misra/id/rule-6-3 * correctness + * external/misra/c/2012/amendment3 * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-7-1/OctalConstantsUsed.ql b/c/misra/src/rules/RULE-7-1/OctalConstantsUsed.ql index d4a6c332a7..9934e80487 100644 --- a/c/misra/src/rules/RULE-7-1/OctalConstantsUsed.ql +++ b/c/misra/src/rules/RULE-7-1/OctalConstantsUsed.ql @@ -10,6 +10,7 @@ * readability * correctness * maintainability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-7-2/UOrUSuffixRepresentedInUnsignedType.ql b/c/misra/src/rules/RULE-7-2/UOrUSuffixRepresentedInUnsignedType.ql index b8f8d59718..c02e0e2aca 100644 --- a/c/misra/src/rules/RULE-7-2/UOrUSuffixRepresentedInUnsignedType.ql +++ b/c/misra/src/rules/RULE-7-2/UOrUSuffixRepresentedInUnsignedType.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-7-2 * maintainability * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-7-3/LowercaseCharacterLUsedInLiteralSuffix.ql b/c/misra/src/rules/RULE-7-3/LowercaseCharacterLUsedInLiteralSuffix.ql index 85c14ff419..0b38b26eea 100644 --- a/c/misra/src/rules/RULE-7-3/LowercaseCharacterLUsedInLiteralSuffix.ql +++ b/c/misra/src/rules/RULE-7-3/LowercaseCharacterLUsedInLiteralSuffix.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-7-3 * maintainability * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql b/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql index c93740139b..bc2fa5f5bf 100644 --- a/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql +++ b/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql @@ -7,6 +7,7 @@ * @precision very-high * @problem.severity error * @tags external/misra/id/rule-7-4 + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-8-1/ExplicitlyDeclareTypes.ql b/c/misra/src/rules/RULE-8-1/ExplicitlyDeclareTypes.ql index bfcbac4435..6484372f5b 100644 --- a/c/misra/src/rules/RULE-8-1/ExplicitlyDeclareTypes.ql +++ b/c/misra/src/rules/RULE-8-1/ExplicitlyDeclareTypes.ql @@ -8,6 +8,7 @@ * @tags external/misra/id/rule-8-1 * correctness * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-8-10/InlineFunctionNotDeclaredStaticStorage.ql b/c/misra/src/rules/RULE-8-10/InlineFunctionNotDeclaredStaticStorage.ql index 47e80912af..250c00ca2e 100644 --- a/c/misra/src/rules/RULE-8-10/InlineFunctionNotDeclaredStaticStorage.ql +++ b/c/misra/src/rules/RULE-8-10/InlineFunctionNotDeclaredStaticStorage.ql @@ -8,6 +8,7 @@ * @problem.severity error * @tags external/misra/id/rule-8-10 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-8-11/ArrayExternalLinkageSizeExplicitlySpecified.ql b/c/misra/src/rules/RULE-8-11/ArrayExternalLinkageSizeExplicitlySpecified.ql index ada18c805d..d14e236755 100644 --- a/c/misra/src/rules/RULE-8-11/ArrayExternalLinkageSizeExplicitlySpecified.ql +++ b/c/misra/src/rules/RULE-8-11/ArrayExternalLinkageSizeExplicitlySpecified.ql @@ -10,6 +10,7 @@ * @tags external/misra/id/rule-8-11 * correctness * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.ql b/c/misra/src/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.ql index a4fcb0e4f3..6ebabc3810 100644 --- a/c/misra/src/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.ql +++ b/c/misra/src/rules/RULE-8-12/ValueImplicitEnumerationConstantNotUnique.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-8-12 * correctness * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql b/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql index 48bd9967b2..8b405d138c 100644 --- a/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql +++ b/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql @@ -10,6 +10,7 @@ * correctness * maintainability * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/RULE-8-14/RestrictTypeQualifierUsed.ql b/c/misra/src/rules/RULE-8-14/RestrictTypeQualifierUsed.ql index 1969947753..cff7d0df5c 100644 --- a/c/misra/src/rules/RULE-8-14/RestrictTypeQualifierUsed.ql +++ b/c/misra/src/rules/RULE-8-14/RestrictTypeQualifierUsed.ql @@ -8,6 +8,7 @@ * @tags external/misra/id/rule-8-14 * correctness * security + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.ql b/c/misra/src/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.ql index e46085750d..73294d776b 100644 --- a/c/misra/src/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.ql +++ b/c/misra/src/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.ql @@ -8,6 +8,7 @@ * @problem.severity error * @tags external/misra/id/rule-8-2 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.ql b/c/misra/src/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.ql index 6803af9380..8c80c64a40 100644 --- a/c/misra/src/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.ql +++ b/c/misra/src/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.ql @@ -8,6 +8,7 @@ * @problem.severity error * @tags external/misra/id/rule-8-3 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.ql b/c/misra/src/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.ql index d68382503a..421998c582 100644 --- a/c/misra/src/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.ql +++ b/c/misra/src/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.ql @@ -8,6 +8,7 @@ * @problem.severity error * @tags external/misra/id/rule-8-3 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.ql b/c/misra/src/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.ql index c87e5b556c..63f70d3541 100644 --- a/c/misra/src/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.ql +++ b/c/misra/src/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.ql @@ -10,6 +10,7 @@ * readability * maintainability * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-8-4/CompatibleDeclarationObjectDefined.ql b/c/misra/src/rules/RULE-8-4/CompatibleDeclarationObjectDefined.ql index 433597cf4a..7e5baacd9a 100644 --- a/c/misra/src/rules/RULE-8-4/CompatibleDeclarationObjectDefined.ql +++ b/c/misra/src/rules/RULE-8-4/CompatibleDeclarationObjectDefined.ql @@ -10,6 +10,7 @@ * readability * maintainability * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-8-5/ExternalObjectOrFunctionNotDeclaredInOneFile.ql b/c/misra/src/rules/RULE-8-5/ExternalObjectOrFunctionNotDeclaredInOneFile.ql index 56e1d742a6..9a3f1c7900 100644 --- a/c/misra/src/rules/RULE-8-5/ExternalObjectOrFunctionNotDeclaredInOneFile.ql +++ b/c/misra/src/rules/RULE-8-5/ExternalObjectOrFunctionNotDeclaredInOneFile.ql @@ -7,6 +7,7 @@ * @problem.severity warning * @tags external/misra/id/rule-8-5 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-8-6/IdentifierWithExternalLinkageOneDefinition.ql b/c/misra/src/rules/RULE-8-6/IdentifierWithExternalLinkageOneDefinition.ql index 1a85775236..0781eef539 100644 --- a/c/misra/src/rules/RULE-8-6/IdentifierWithExternalLinkageOneDefinition.ql +++ b/c/misra/src/rules/RULE-8-6/IdentifierWithExternalLinkageOneDefinition.ql @@ -8,6 +8,7 @@ * @problem.severity error * @tags external/misra/id/rule-8-6 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.ql b/c/misra/src/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.ql index 824a4cf1cf..faa915fdd5 100644 --- a/c/misra/src/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.ql +++ b/c/misra/src/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.ql @@ -12,6 +12,7 @@ * correctness * maintainability * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/RULE-8-8/MissingStaticSpecifierFunctionRedeclarationC.ql b/c/misra/src/rules/RULE-8-8/MissingStaticSpecifierFunctionRedeclarationC.ql index c210273cd1..c3a5ce897f 100644 --- a/c/misra/src/rules/RULE-8-8/MissingStaticSpecifierFunctionRedeclarationC.ql +++ b/c/misra/src/rules/RULE-8-8/MissingStaticSpecifierFunctionRedeclarationC.ql @@ -8,6 +8,7 @@ * @problem.severity warning * @tags external/misra/id/rule-8-8 * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.ql b/c/misra/src/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.ql index 2cb65c4fda..65c878e883 100644 --- a/c/misra/src/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.ql +++ b/c/misra/src/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.ql @@ -8,6 +8,7 @@ * @problem.severity warning * @tags external/misra/id/rule-8-8 * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-8-9/UnnecessaryExposedIdentifierDeclarationC.ql b/c/misra/src/rules/RULE-8-9/UnnecessaryExposedIdentifierDeclarationC.ql index 88cf72fdcd..5dc697e425 100644 --- a/c/misra/src/rules/RULE-8-9/UnnecessaryExposedIdentifierDeclarationC.ql +++ b/c/misra/src/rules/RULE-8-9/UnnecessaryExposedIdentifierDeclarationC.ql @@ -8,6 +8,7 @@ * @problem.severity warning * @tags external/misra/id/rule-8-9 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/RULE-9-1/ObjectWithAutoStorageDurationReadBeforeInit.ql b/c/misra/src/rules/RULE-9-1/ObjectWithAutoStorageDurationReadBeforeInit.ql index b9960fc886..f3204ef2e3 100644 --- a/c/misra/src/rules/RULE-9-1/ObjectWithAutoStorageDurationReadBeforeInit.ql +++ b/c/misra/src/rules/RULE-9-1/ObjectWithAutoStorageDurationReadBeforeInit.ql @@ -8,6 +8,7 @@ * @tags external/misra/id/rule-9-1 * correctness * security + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/mandatory */ diff --git a/c/misra/src/rules/RULE-9-2/InitializerForAggregateOrUnionNotEnclosedInBraces.ql b/c/misra/src/rules/RULE-9-2/InitializerForAggregateOrUnionNotEnclosedInBraces.ql index 02ee294036..c5a9ae4814 100644 --- a/c/misra/src/rules/RULE-9-2/InitializerForAggregateOrUnionNotEnclosedInBraces.ql +++ b/c/misra/src/rules/RULE-9-2/InitializerForAggregateOrUnionNotEnclosedInBraces.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-9-2 * maintainability * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-9-3/PartiallyInitializedArrayWithExplicitInitializers.ql b/c/misra/src/rules/RULE-9-3/PartiallyInitializedArrayWithExplicitInitializers.ql index 231520ce50..d10c8315e1 100644 --- a/c/misra/src/rules/RULE-9-3/PartiallyInitializedArrayWithExplicitInitializers.ql +++ b/c/misra/src/rules/RULE-9-3/PartiallyInitializedArrayWithExplicitInitializers.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-9-3 * maintainability * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-9-4/RepeatedInitializationOfAggregateObjectElement.ql b/c/misra/src/rules/RULE-9-4/RepeatedInitializationOfAggregateObjectElement.ql index 3566835ae3..4f72d6720b 100644 --- a/c/misra/src/rules/RULE-9-4/RepeatedInitializationOfAggregateObjectElement.ql +++ b/c/misra/src/rules/RULE-9-4/RepeatedInitializationOfAggregateObjectElement.ql @@ -10,6 +10,7 @@ * correctness * maintainability * readability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/rule_packages/c/Banned.json b/rule_packages/c/Banned.json index cab9ffc8c7..d3825f8f30 100644 --- a/rule_packages/c/Banned.json +++ b/rule_packages/c/Banned.json @@ -35,7 +35,8 @@ "short_name": "CommaOperatorShouldNotBeUsed", "shared_implementation_short_name": "CommaOperatorUsed", "tags": [ - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -54,7 +55,8 @@ "severity": "error", "short_name": "FeaturesOfStdarghUsed", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -73,7 +75,8 @@ "severity": "warning", "short_name": "UnionKeywordShouldNotBeUsed", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -92,7 +95,8 @@ "severity": "error", "short_name": "StandardLibraryTimeAndDateFunctionsUsed", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -111,7 +115,8 @@ "severity": "error", "short_name": "StandardHeaderFileTgmathhUsed", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -130,7 +135,8 @@ "severity": "warning", "short_name": "ExceptionHandlingFeaturesOfFenvhUsed", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/amendment2" ] } ], @@ -149,7 +155,8 @@ "severity": "error", "short_name": "SystemOfStdlibhUsed", "tags": [ - "security" + "security", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -169,7 +176,8 @@ "short_name": "MemoryAllocDeallocFunctionsOfStdlibhUsed", "tags": [ "correctness", - "security" + "security", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -188,7 +196,8 @@ "severity": "error", "short_name": "StandardHeaderFileUsedSetjmph", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -207,7 +216,8 @@ "severity": "error", "short_name": "StandardHeaderFileUsedSignalh", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -227,7 +237,8 @@ "short_name": "StandardLibraryInputoutputFunctionsUsed", "tags": [ "security", - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -247,7 +258,8 @@ "short_name": "AtofAtoiAtolAndAtollOfStdlibhUsed", "shared_implementation_short_name": "AtofAtoiAtolAndAtollUsed", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -267,7 +279,8 @@ "short_name": "TerminationFunctionsOfStdlibhUsed", "tags": [ "correctness", - "security" + "security", + "external/misra/c/2012/third-edition-first-revision" ] }, { @@ -279,7 +292,8 @@ "short_name": "TerminationMacrosOfStdlibhUsed", "tags": [ "correctness", - "security" + "security", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -299,7 +313,8 @@ "short_name": "BsearchAndQsortOfStdlibhUsed", "tags": [ "security", - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -320,7 +335,8 @@ "tags": [ "security", "correctness", - "maintainability" + "maintainability", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -342,7 +358,8 @@ "tags": [ "readability", "correctness", - "maintainability" + "maintainability", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -362,7 +379,8 @@ "short_name": "RestrictTypeQualifierUsed", "tags": [ "correctness", - "security" + "security", + "external/misra/c/2012/third-edition-first-revision" ] } ], diff --git a/rule_packages/c/BitfieldTypes.json b/rule_packages/c/BitfieldTypes.json index 76490d73d1..43ed42f174 100644 --- a/rule_packages/c/BitfieldTypes.json +++ b/rule_packages/c/BitfieldTypes.json @@ -13,7 +13,9 @@ "severity": "error", "short_name": "BitFieldsShallOnlyBeDeclaredWithAnAppropriateType", "shared_implementation_short_name": "BitFieldShallHaveAnAppropriateType", - "tags": [] + "tags": [ + "external/misra/c/2012/third-edition-first-revision" + ] } ], "title": "Bit-fields shall only be declared with an appropriate type" @@ -31,7 +33,9 @@ "severity": "error", "short_name": "SingleBitNamedBitFieldsOfASignedType", "shared_implementation_short_name": "NamedBitFieldsWithSignedIntegerType", - "tags": [] + "tags": [ + "external/misra/c/2012/third-edition-first-revision" + ] } ], "title": "Single-bit named bit fields shall not be of a signed type" diff --git a/rule_packages/c/BitfieldTypes2.json b/rule_packages/c/BitfieldTypes2.json index d916421b1f..957e9bb729 100644 --- a/rule_packages/c/BitfieldTypes2.json +++ b/rule_packages/c/BitfieldTypes2.json @@ -12,7 +12,10 @@ "precision": "very-high", "severity": "warning", "short_name": "BitFieldDeclaredAsMemberOfAUnion", - "tags": ["correctness"] + "tags": [ + "correctness", + "external/misra/c/2012/amendment3" + ] } ], "title": "A bit field shall not be declared as a member of a union" diff --git a/rule_packages/c/Concurrency4.json b/rule_packages/c/Concurrency4.json index 65a17ed2d7..d537ee713e 100644 --- a/rule_packages/c/Concurrency4.json +++ b/rule_packages/c/Concurrency4.json @@ -19,14 +19,13 @@ "implementation_scope": { "description": "This query does not attempt to ensure that the deallocation function in fact deallocates memory and instead assumes the contract is valid. Additionally, this query requires that all `tss_create` calls are bookended by calls to `tss_delete`, even if a thread is not created." } - } ], "title": "Clean up thread-specific storage" }, "CON34-C": { "properties": { - "obligation": "rule" + "obligation": "rule" }, "queries": [ { @@ -54,7 +53,7 @@ "tags": [ "external/cert/audit", "correctness", - "concurrency" + "concurrency" ] } ], diff --git a/rule_packages/c/Contracts1.json b/rule_packages/c/Contracts1.json index 2882bb617f..21641922af 100644 --- a/rule_packages/c/Contracts1.json +++ b/rule_packages/c/Contracts1.json @@ -4,38 +4,42 @@ "properties": { "obligation": "rule" }, - "queries": [{ - "description": "Modification of return values of getenv and similar functions results in undefined behaviour.", - "kind": "path-problem", - "name": "Do not modify the return value of certain functions", - "precision": "very-high", - "severity": "warning", - "short_name": "DoNotModifyTheReturnValueOfCertainFunctions", - "shared_implementation_short_name": "ConstLikeReturnValue", - "tags": [ - "correctness" - ] - }], + "queries": [ + { + "description": "Modification of return values of getenv and similar functions results in undefined behaviour.", + "kind": "path-problem", + "name": "Do not modify the return value of certain functions", + "precision": "very-high", + "severity": "warning", + "short_name": "DoNotModifyTheReturnValueOfCertainFunctions", + "shared_implementation_short_name": "ConstLikeReturnValue", + "tags": [ + "correctness" + ] + } + ], "title": "Do not modify the object referenced by the return value of certain functions" }, "ENV31-C": { "properties": { "obligation": "rule" }, - "queries": [{ - "description": "Using the envp pointer after environment modifications can result in undefined behavior.", - "kind": "problem", - "name": "Do not rely on an env pointer following an operation that may invalidate it", - "precision": "high", - "severity": "error", - "short_name": "EnvPointerIsInvalidAfterCertainOperations", - "tags": [ - "correctness" - ], - "implementation_scope": { - "description": "The rule is enforced in the context of a single function." + "queries": [ + { + "description": "Using the envp pointer after environment modifications can result in undefined behavior.", + "kind": "problem", + "name": "Do not rely on an env pointer following an operation that may invalidate it", + "precision": "high", + "severity": "error", + "short_name": "EnvPointerIsInvalidAfterCertainOperations", + "tags": [ + "correctness" + ], + "implementation_scope": { + "description": "The rule is enforced in the context of a single function." + } } - }], + ], "title": "Do not rely on an environment pointer following an operation that may invalidate it" } } diff --git a/rule_packages/c/Contracts2.json b/rule_packages/c/Contracts2.json index b4845fc2be..b07f8f0503 100644 --- a/rule_packages/c/Contracts2.json +++ b/rule_packages/c/Contracts2.json @@ -67,7 +67,8 @@ "short_name": "ValuesReturnedByLocaleSettingUsedAsPtrToConst", "shared_implementation_short_name": "ConstLikeReturnValue", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -87,7 +88,8 @@ "short_name": "CallToSetlocaleInvalidatesOldPointers", "shared_implementation_short_name": "InvalidatedEnvStringPointers", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] }, { @@ -99,7 +101,8 @@ "short_name": "CallToSetlocaleInvalidatesOldPointersWarn", "shared_implementation_short_name": "InvalidatedEnvStringPointersWarn", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], diff --git a/rule_packages/c/Contracts3.json b/rule_packages/c/Contracts3.json index 8cb997c3b2..0122b858b5 100644 --- a/rule_packages/c/Contracts3.json +++ b/rule_packages/c/Contracts3.json @@ -4,46 +4,61 @@ "properties": { "obligation": "required" }, - "queries": [{ - "description": "The value of errno shall only be tested when the last function to be called was an errno-setting-function. Testing the value in these conditions does not guarantee the absence of an errors.", - "kind": "problem", - "name": "The value of errno shall only be tested when the last called function is errno-setting", - "precision": "high", - "severity": "warning", - "short_name": "OnlyTestErrnoRightAfterErrnoSettingFunction", - "tags": ["correctness"] - }], + "queries": [ + { + "description": "The value of errno shall only be tested when the last function to be called was an errno-setting-function. Testing the value in these conditions does not guarantee the absence of an errors.", + "kind": "problem", + "name": "The value of errno shall only be tested when the last called function is errno-setting", + "precision": "high", + "severity": "warning", + "short_name": "OnlyTestErrnoRightAfterErrnoSettingFunction", + "tags": [ + "correctness", + "external/misra/c/2012/third-edition-first-revision" + ] + } + ], "title": "The value of errno shall only be tested when the last function to be called was an errno-setting-function" }, "RULE-22-8": { "properties": { "obligation": "required" }, - "queries": [{ - "description": "The value of errno shall be set to zero prior to a call to an errno-setting-function. Not setting the value leads to incorrectly identifying errors.", - "kind": "problem", - "name": "The value of errno shall be set to zero prior to a call to an errno-setting-function", - "precision": "very-high", - "severity": "error", - "short_name": "ErrnoSetToZeroPriorToCall", - "tags": ["correctness"] - }], + "queries": [ + { + "description": "The value of errno shall be set to zero prior to a call to an errno-setting-function. Not setting the value leads to incorrectly identifying errors.", + "kind": "problem", + "name": "The value of errno shall be set to zero prior to a call to an errno-setting-function", + "precision": "very-high", + "severity": "error", + "short_name": "ErrnoSetToZeroPriorToCall", + "tags": [ + "correctness", + "external/misra/c/2012/third-edition-first-revision" + ] + } + ], "title": "The value of errno shall be set to zero prior to a call to an errno-setting-function" }, "RULE-22-9": { "properties": { "obligation": "required" }, - "queries": [{ - "description": "The value of errno shall be tested against zero after calling an errno-setting-function. Not testing the value leads to unidentified errors.", - "kind": "problem", - "name": "The value of errno shall be tested against zero after calling an errno-setting-function", - "precision": "very-high", - "severity": "error", - "short_name": "ErrnoSetToZeroAfterCall", - "tags": ["correctness"] - }], + "queries": [ + { + "description": "The value of errno shall be tested against zero after calling an errno-setting-function. Not testing the value leads to unidentified errors.", + "kind": "problem", + "name": "The value of errno shall be tested against zero after calling an errno-setting-function", + "precision": "very-high", + "severity": "error", + "short_name": "ErrnoSetToZeroAfterCall", + "tags": [ + "correctness", + "external/misra/c/2012/third-edition-first-revision" + ] + } + ], "title": "The value of errno shall be tested against zero after calling an errno-setting-function" } } -} +} \ No newline at end of file diff --git a/rule_packages/c/Contracts4.json b/rule_packages/c/Contracts4.json index 90568bec98..8ba25ab32b 100644 --- a/rule_packages/c/Contracts4.json +++ b/rule_packages/c/Contracts4.json @@ -4,22 +4,28 @@ "properties": { "obligation": "rule" }, - "queries": [{ + "queries": [ + { "description": "Do not rely solely on errno to determine if en error occurred in setlocale.", "kind": "problem", "name": "Do not rely solely on errno to determine if en error occurred in setlocale", "precision": "high", "severity": "error", "short_name": "SetlocaleMightSetErrno", - "tags": ["correctness"] - }, { + "tags": [ + "correctness" + ] + }, + { "description": "Do not check errno before the function return value. Failing to do so might invalidate the error detection.", "kind": "problem", "name": "Do not check errno before the function return value", "precision": "high", "severity": "error", "short_name": "ErrnoReadBeforeReturn", - "tags": ["correctness"] + "tags": [ + "correctness" + ] }, { "description": "After calling an errno-setting function, check errno before calling any other function. Failing to do so might end in errno being overwritten.", @@ -28,7 +34,9 @@ "precision": "high", "severity": "error", "short_name": "FunctionCallBeforeErrnoCheck", - "tags": ["correctness"] + "tags": [ + "correctness" + ] }, { "description": "Set errno to zero prior to each call to an errno-setting function. Failing to do so might end in spurious errno values.", @@ -37,7 +45,9 @@ "precision": "high", "severity": "error", "short_name": "ErrnoNotSetToZero", - "tags": ["correctness"] + "tags": [ + "correctness" + ] } ], "title": "Take care when reading errno" diff --git a/rule_packages/c/Contracts5.json b/rule_packages/c/Contracts5.json index 1032e0546e..9f62ce9255 100644 --- a/rule_packages/c/Contracts5.json +++ b/rule_packages/c/Contracts5.json @@ -4,36 +4,44 @@ "properties": { "obligation": "rule" }, - "queries": [{ - "description": "Do not rely on indeterminate values of errno. This may result in undefined behavior.", - "kind": "problem", - "name": "Do not rely on indeterminate values of errno", - "precision": "high", - "severity": "error", - "short_name": "DoNotRelyOnIndeterminateValuesOfErrno", - "tags": ["correctness"], - "implementation_scope": { - "description": "The rule is enforced in the context of a single function." + "queries": [ + { + "description": "Do not rely on indeterminate values of errno. This may result in undefined behavior.", + "kind": "problem", + "name": "Do not rely on indeterminate values of errno", + "precision": "high", + "severity": "error", + "short_name": "DoNotRelyOnIndeterminateValuesOfErrno", + "tags": [ + "correctness" + ], + "implementation_scope": { + "description": "The rule is enforced in the context of a single function." + } } - }], + ], "title": "Do not rely on indeterminate values of errno" }, "ERR33-C": { "properties": { "obligation": "rule" }, - "queries": [{ - "description": "Detect and handle standard library errors. Undetected failures can lead to unexpected or undefined behavior.", - "kind": "problem", - "name": "Detect and handle standard library errors", - "precision": "high", - "severity": "error", - "short_name": "DetectAndHandleStandardLibraryErrors", - "tags": ["correctness"], - "implementation_scope": { - "description": "The rule is enforced in the context of a single function." + "queries": [ + { + "description": "Detect and handle standard library errors. Undetected failures can lead to unexpected or undefined behavior.", + "kind": "problem", + "name": "Detect and handle standard library errors", + "precision": "high", + "severity": "error", + "short_name": "DetectAndHandleStandardLibraryErrors", + "tags": [ + "correctness" + ], + "implementation_scope": { + "description": "The rule is enforced in the context of a single function." + } } - }], + ], "title": "Detect and handle standard library errors" } } diff --git a/rule_packages/c/Contracts6.json b/rule_packages/c/Contracts6.json index bc707f19f4..4dbae7e121 100644 --- a/rule_packages/c/Contracts6.json +++ b/rule_packages/c/Contracts6.json @@ -12,7 +12,9 @@ "precision": "high", "severity": "error", "short_name": "DoNotModifyConstantObjects", - "tags": ["correctness"], + "tags": [ + "correctness" + ], "implementation_scope": { "description": "The implementation does not consider pointer aliasing via multiple indirection." } @@ -34,7 +36,10 @@ "precision": "high", "severity": "error", "short_name": "ArrayFunctionArgumentNumberOfElements", - "tags": ["correctness"] + "tags": [ + "correctness", + "external/misra/c/2012/third-edition-first-revision" + ] } ], "title": "The function argument corresponding to an array parameter shall have an appropriate number of elements" @@ -51,7 +56,10 @@ "precision": "very-high", "severity": "error", "short_name": "ValueReturnedByAFunctionNotUsed", - "tags": ["correctness"] + "tags": [ + "correctness", + "external/misra/c/2012/third-edition-first-revision" + ] } ], "title": "The value returned by a function having non-void return type shall be used or cast to void" diff --git a/rule_packages/c/Contracts7.json b/rule_packages/c/Contracts7.json index 38a038621e..f76b737db1 100644 --- a/rule_packages/c/Contracts7.json +++ b/rule_packages/c/Contracts7.json @@ -54,7 +54,8 @@ "severity": "error", "short_name": "RightHandOperandOfAShiftRange", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -73,7 +74,8 @@ "severity": "error", "short_name": "ObjectAssignedToAnOverlappingObject", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] }, { @@ -84,7 +86,8 @@ "severity": "error", "short_name": "ObjectCopiedToAnOverlappingObject", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], diff --git a/rule_packages/c/DeadCode.json b/rule_packages/c/DeadCode.json index 1de7625225..ea5ddad703 100644 --- a/rule_packages/c/DeadCode.json +++ b/rule_packages/c/DeadCode.json @@ -14,7 +14,8 @@ "short_name": "UnreachableCode", "tags": [ "readability", - "maintainability" + "maintainability", + "external/misra/c/2012/third-edition-first-revision" ], "implementation_scope": { "description": "This query reports basic blocks in the program which are unreachable. For basic blocks within templates, the block is only consider unreachable if it is unreachable in all templates. Code generated by macros is ignored for this query, because it may be the case that basic blocks are reachable only in some expansions." @@ -38,7 +39,8 @@ "short_name": "DeadCode", "tags": [ "readability", - "maintainability" + "maintainability", + "external/misra/c/2012/third-edition-first-revision" ], "implementation_scope": { "description": "This query identifies dead statements in the program of the following kinds:", @@ -72,7 +74,8 @@ "short_name": "UnusedTypeDeclarations", "tags": [ "readability", - "maintainability" + "maintainability", + "external/misra/c/2012/third-edition-first-revision" ], "shared_implementation_short_name": "UnusedTypeDeclarations" } @@ -93,7 +96,8 @@ "short_name": "UnusedTagDeclaration", "tags": [ "readability", - "maintainability" + "maintainability", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -113,7 +117,8 @@ "short_name": "UnusedMacroDeclaration", "tags": [ "readability", - "maintainability" + "maintainability", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -133,7 +138,8 @@ "short_name": "UnusedLabelDeclaration", "tags": [ "readability", - "maintainability" + "maintainability", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -153,7 +159,8 @@ "short_name": "UnusedParameter", "tags": [ "readability", - "maintainability" + "maintainability", + "external/misra/c/2012/third-edition-first-revision" ], "shared_implementation_short_name": "UnusedParameter" } diff --git a/rule_packages/c/Declarations1.json b/rule_packages/c/Declarations1.json index 217e1e077c..90202a5b52 100644 --- a/rule_packages/c/Declarations1.json +++ b/rule_packages/c/Declarations1.json @@ -1,56 +1,56 @@ { "CERT-C": { "DCL31-C": { - "properties": { - "obligation": "rule" - }, - "queries": [ - { - "description": "Omission of type specifiers may not be supported by some compilers.", - "kind": "problem", - "name": "Declare identifiers before using them", - "precision": "very-high", - "severity": "error", - "short_name": "DeclareIdentifiersBeforeUsingThem", - "shared_implementation_short_name": "TypeOmitted", - "tags": [ - "correctness", - "readability" - ], - "implementation_scope": { - "description": "This query does not check for implicitly typed parameters, typedefs or member declarations as this is partially compiler checked.", - "items": [] - } + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Omission of type specifiers may not be supported by some compilers.", + "kind": "problem", + "name": "Declare identifiers before using them", + "precision": "very-high", + "severity": "error", + "short_name": "DeclareIdentifiersBeforeUsingThem", + "shared_implementation_short_name": "TypeOmitted", + "tags": [ + "correctness", + "readability" + ], + "implementation_scope": { + "description": "This query does not check for implicitly typed parameters, typedefs or member declarations as this is partially compiler checked.", + "items": [] } - ], - "title": "Declare identifiers before using them" + } + ], + "title": "Declare identifiers before using them" + }, + "DCL37-C": { + "properties": { + "obligation": "rule" }, - "DCL37-C": { - "properties": { - "obligation": "rule" - }, - "queries": [ - { - "description": "Declaring a reserved identifier can lead to undefined behaviour.", - "kind": "problem", - "name": "Do not declare or define a reserved identifier", - "precision": "very-high", - "severity": "warning", - "short_name": "DoNotDeclareOrDefineAReservedIdentifier", - "shared_implementation_short_name": "DeclaredAReservedIdentifier", - "tags": [ - "correctness", - "maintainability", - "readability" - ], - "implementation_scope": { - "description": "This query does not consider identifiers described in the future library directions section of the standard. This query also checks for any reserved identifier as declared regardless of whether its header file is included or not.", - "items": [] - } + "queries": [ + { + "description": "Declaring a reserved identifier can lead to undefined behaviour.", + "kind": "problem", + "name": "Do not declare or define a reserved identifier", + "precision": "very-high", + "severity": "warning", + "short_name": "DoNotDeclareOrDefineAReservedIdentifier", + "shared_implementation_short_name": "DeclaredAReservedIdentifier", + "tags": [ + "correctness", + "maintainability", + "readability" + ], + "implementation_scope": { + "description": "This query does not consider identifiers described in the future library directions section of the standard. This query also checks for any reserved identifier as declared regardless of whether its header file is included or not.", + "items": [] } - ], - "title": "Do not declare or define a reserved identifier" - } + } + ], + "title": "Do not declare or define a reserved identifier" + } }, "MISRA-C-2012": { "RULE-21-2": { @@ -69,7 +69,8 @@ "tags": [ "correctness", "maintainability", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -91,7 +92,8 @@ "tags": [ "correctness", "maintainability", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ], "implementation_scope": { "description": "This query considers the first 31 characters of identifiers as significant, as per C99 and reports the case when names are longer than 31 characters and differ in those characters past the 31 first only. This query does not consider universal or extended source characters.", @@ -102,41 +104,43 @@ "title": "External identifiers shall be distinct" }, "RULE-5-4": { - "properties": { - "obligation": "required" + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Declaring multiple macros with the same name leads to undefined behaviour.", + "kind": "problem", + "name": "Macro identifiers shall be distinct", + "precision": "very-high", + "severity": "warning", + "short_name": "MacroIdentifiersNotDistinct", + "tags": [ + "correctness", + "maintainability", + "readability", + "external/misra/c/2012/third-edition-first-revision" + ], + "implementation_scope": { + "description": "This query checks the first 63 characters of macro identifiers as significant, as per C99. Distinctness of parameters within the same function like macro are checked by compiler and therefore not checked by this rule.", + "items": [] + } }, - "queries": [ - { - "description": "Declaring multiple macros with the same name leads to undefined behaviour.", - "kind": "problem", - "name": "Macro identifiers shall be distinct", - "precision": "very-high", - "severity": "warning", - "short_name": "MacroIdentifiersNotDistinct", - "tags": [ - "correctness", - "maintainability", - "readability" - ], - "implementation_scope": { - "description": "This query checks the first 63 characters of macro identifiers as significant, as per C99. Distinctness of parameters within the same function like macro are checked by compiler and therefore not checked by this rule.", - "items": [] - } - }, - { - "description": "Macros with the same name as their parameters are less readable.", - "kind": "problem", - "name": "Macro identifiers shall be distinct from paramters", - "precision": "very-high", - "severity": "warning", - "short_name": "MacroIdentifierNotDistinctFromParameter", - "tags": [ - "maintainability", - "readability" - ] - } - ], - "title": "Macro identifiers shall be distinct" - } + { + "description": "Macros with the same name as their parameters are less readable.", + "kind": "problem", + "name": "Macro identifiers shall be distinct from paramters", + "precision": "very-high", + "severity": "warning", + "short_name": "MacroIdentifierNotDistinctFromParameter", + "tags": [ + "maintainability", + "readability", + "external/misra/c/2012/third-edition-first-revision" + ] + } + ], + "title": "Macro identifiers shall be distinct" + } } } \ No newline at end of file diff --git a/rule_packages/c/Declarations2.json b/rule_packages/c/Declarations2.json index 303965b6b6..9acb117d1e 100644 --- a/rule_packages/c/Declarations2.json +++ b/rule_packages/c/Declarations2.json @@ -1,98 +1,98 @@ { "CERT-C": { "DCL38-C": { - "properties": { - "obligation": "rule" - }, - "queries": [ - { - "description": "Structures with flexible array members can be declared in ways that will lead to undefined behaviour.", - "kind": "problem", - "name": "Use the correct syntax when declaring a flexible array member", - "precision": "very-high", - "severity": "error", - "short_name": "DeclaringAFlexibleArrayMember", - "tags": [ - "correctness", - "maintainability", - "readability" - ] - } - ], - "title": "Use the correct syntax when declaring a flexible array member" + "properties": { + "obligation": "rule" }, + "queries": [ + { + "description": "Structures with flexible array members can be declared in ways that will lead to undefined behaviour.", + "kind": "problem", + "name": "Use the correct syntax when declaring a flexible array member", + "precision": "very-high", + "severity": "error", + "short_name": "DeclaringAFlexibleArrayMember", + "tags": [ + "correctness", + "maintainability", + "readability" + ] + } + ], + "title": "Use the correct syntax when declaring a flexible array member" + }, "DCL40-C": { "properties": { "obligation": "rule" }, "queries": [ { - "description": "Using nondistinct external identifiers results in undefined behaviour.", - "kind": "problem", - "name": "External identifiers shall be distinct", - "precision": "very-high", - "severity": "warning", - "short_name": "ExcessLengthNamesIdentifiersNotDistinct", - "shared_implementation_short_name": "NotDistinctIdentifier", - "tags": [ - "correctness", - "maintainability", - "readability" - ], - "implementation_scope": { - "description": "This query considers the first 31 characters of identifiers as significant, as per C99 and reports the case when names are longer than 31 characters and differ in those characters past the 31 first only. This query does not consider universal or extended source characters.", - "items": [] - } - }, - { - "description": "Declaring incompatible objects, in other words same named objects of different types, then accessing those objects can lead to undefined behaviour.", - "kind": "problem", - "name": "Do not create incompatible declarations of the same function or object", - "precision": "high", - "severity": "error", - "short_name": "IncompatibleObjectDeclarations", - "tags": [ - "correctness", - "maintainability", - "readability" - ] - }, - { - "description": "Declaring incompatible functions, in other words same named function of different return types or with different numbers of parameters or parameter types, then accessing those functions can lead to undefined behaviour.", - "kind": "problem", - "name": "Do not create incompatible declarations of the same function or object", - "precision": "high", - "severity": "error", - "short_name": "IncompatibleFunctionDeclarations", - "tags": [ - "correctness", - "maintainability", - "readability" - ] + "description": "Using nondistinct external identifiers results in undefined behaviour.", + "kind": "problem", + "name": "External identifiers shall be distinct", + "precision": "very-high", + "severity": "warning", + "short_name": "ExcessLengthNamesIdentifiersNotDistinct", + "shared_implementation_short_name": "NotDistinctIdentifier", + "tags": [ + "correctness", + "maintainability", + "readability" + ], + "implementation_scope": { + "description": "This query considers the first 31 characters of identifiers as significant, as per C99 and reports the case when names are longer than 31 characters and differ in those characters past the 31 first only. This query does not consider universal or extended source characters.", + "items": [] } + }, + { + "description": "Declaring incompatible objects, in other words same named objects of different types, then accessing those objects can lead to undefined behaviour.", + "kind": "problem", + "name": "Do not create incompatible declarations of the same function or object", + "precision": "high", + "severity": "error", + "short_name": "IncompatibleObjectDeclarations", + "tags": [ + "correctness", + "maintainability", + "readability" + ] + }, + { + "description": "Declaring incompatible functions, in other words same named function of different return types or with different numbers of parameters or parameter types, then accessing those functions can lead to undefined behaviour.", + "kind": "problem", + "name": "Do not create incompatible declarations of the same function or object", + "precision": "high", + "severity": "error", + "short_name": "IncompatibleFunctionDeclarations", + "tags": [ + "correctness", + "maintainability", + "readability" + ] + } ], "title": "Do not create incompatible declarations of the same function or object" }, "DCL41-C": { - "properties": { - "obligation": "rule" - }, - "queries": [ - { - "description": "Declaring a variable in a switch statement before the first case label can result in reading uninitialized memory which is undefined behaviour.", - "kind": "problem", - "name": "Do not declare variables inside a switch statement before the first case label", - "precision": "very-high", - "severity": "error", - "short_name": "VariablesInsideSwitchStatement", - "tags": [ - "correctness", - "maintainability", - "readability" - ] - } - ], - "title": "Do not declare variables inside a switch statement before the first case label" - } + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Declaring a variable in a switch statement before the first case label can result in reading uninitialized memory which is undefined behaviour.", + "kind": "problem", + "name": "Do not declare variables inside a switch statement before the first case label", + "precision": "very-high", + "severity": "error", + "short_name": "VariablesInsideSwitchStatement", + "tags": [ + "correctness", + "maintainability", + "readability" + ] + } + ], + "title": "Do not declare variables inside a switch statement before the first case label" + } } } \ No newline at end of file diff --git a/rule_packages/c/Declarations3.json b/rule_packages/c/Declarations3.json index a22567b237..8c2e0879ff 100644 --- a/rule_packages/c/Declarations3.json +++ b/rule_packages/c/Declarations3.json @@ -14,7 +14,8 @@ "shared_implementation_short_name": "IdentifierHidden", "tags": [ "readability", - "maintainability" + "maintainability", + "external/misra/c/2012/third-edition-first-revision" ], "implementation_scope": { "description": "This query does not consider C90 or C99 definitions of significant name and instead uses full name matches only.", @@ -38,7 +39,8 @@ "short_name": "IdentifiersNotDistinctFromMacroNames", "tags": [ "readability", - "maintainability" + "maintainability", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -58,7 +60,8 @@ "short_name": "TypedefNameNotUnique", "tags": [ "readability", - "maintainability" + "maintainability", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -78,7 +81,8 @@ "short_name": "TagNameNotUnique", "tags": [ "readability", - "maintainability" + "maintainability", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -99,7 +103,8 @@ "shared_implementation_short_name": "TypeOmitted", "tags": [ "correctness", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ], "implementation_scope": { "description": "This query does not check for implicitly typed parameters, typedefs or member declarations as this is partially compiler checked.", diff --git a/rule_packages/c/Declarations4.json b/rule_packages/c/Declarations4.json index bfd0b18328..06475706f4 100644 --- a/rule_packages/c/Declarations4.json +++ b/rule_packages/c/Declarations4.json @@ -13,7 +13,8 @@ "severity": "error", "short_name": "FunctionTypesNotInPrototypeForm", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ], "implementation_scope": { "description": "This query does not check for implicitly typed parameters and checks function declarations and definitions but not function pointer types. This query cannot determine when the keyword void is used in place of no parameter.", @@ -36,7 +37,8 @@ "severity": "error", "short_name": "DeclarationsOfAnObjectSameNameAndType", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] }, { @@ -47,7 +49,8 @@ "severity": "error", "short_name": "DeclarationsOfAFunctionSameNameAndType", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -68,7 +71,8 @@ "tags": [ "readability", "maintainability", - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ], "implementation_scope": { "description": "This query does not check for the recommendation of declarations in headers.", @@ -85,7 +89,8 @@ "tags": [ "readability", "maintainability", - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ], "implementation_scope": { "description": "This query does not check for the recommendation of declarations in headers.", @@ -109,7 +114,8 @@ "short_name": "IdentifierWithExternalLinkageOneDefinition", "shared_implementation_short_name": "IdentifierWithExternalLinkageOneDefinitionShared", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], diff --git a/rule_packages/c/Declarations5.json b/rule_packages/c/Declarations5.json index 705f72791c..1106a1d705 100644 --- a/rule_packages/c/Declarations5.json +++ b/rule_packages/c/Declarations5.json @@ -15,7 +15,8 @@ "tags": [ "correctness", "maintainability", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ], "implementation_scope": { "description": "This query considers the first 63 characters of identifiers as significant, as per C99 for nonexternal identifiers and reports the case when names are longer than 63 characters and differ in those characters past the 63 first only. This query does not consider universal or extended source characters.", @@ -38,7 +39,8 @@ "severity": "warning", "short_name": "ExternalObjectOrFunctionNotDeclaredInOneFile", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -58,7 +60,8 @@ "short_name": "MissingStaticSpecifierFunctionRedeclarationC", "shared_implementation_short_name": "MissingStaticSpecifierFunctionRedeclarationShared", "tags": [ - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ] }, { @@ -69,7 +72,8 @@ "severity": "warning", "short_name": "MissingStaticSpecifierObjectRedeclarationC", "tags": [ - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -89,7 +93,8 @@ "short_name": "UnnecessaryExposedIdentifierDeclarationC", "shared_implementation_short_name": "UnnecessaryExposedIdentifierDeclarationShared", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], diff --git a/rule_packages/c/Declarations6.json b/rule_packages/c/Declarations6.json index 166d0c568b..198b4e8351 100644 --- a/rule_packages/c/Declarations6.json +++ b/rule_packages/c/Declarations6.json @@ -14,7 +14,8 @@ "short_name": "FunctionDeclaredImplicitly", "tags": [ "correctness", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -33,7 +34,8 @@ "severity": "error", "short_name": "FlexibleArrayMembersDeclared", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -53,7 +55,8 @@ "short_name": "IdentifiersWithExternalLinkageNotUnique", "tags": [ "maintainability", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -73,7 +76,8 @@ "short_name": "IdentifiersWithInternalLinkageNotUnique", "tags": [ "maintainability", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ], "implementation_scope": { "description": "This rule does not explicitly check for the exception of inline functions in header files across multiple translation units as the CodeQL database already represents these as the same entity." @@ -95,7 +99,8 @@ "severity": "error", "short_name": "InlineFunctionNotDeclaredStaticStorage", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -115,7 +120,8 @@ "short_name": "ArrayExternalLinkageSizeExplicitlySpecified", "tags": [ "correctness", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -136,7 +142,8 @@ "tags": [ "correctness", "maintainability", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ] } ], diff --git a/rule_packages/c/Declarations7.json b/rule_packages/c/Declarations7.json index b1be4f9d55..cdb74123b1 100644 --- a/rule_packages/c/Declarations7.json +++ b/rule_packages/c/Declarations7.json @@ -39,7 +39,8 @@ "short_name": "VariableLengthArrayTypesUsed", "tags": [ "correctness", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -60,7 +61,8 @@ "shared_implementation_short_name": "NonUniqueEnumerationConstant", "tags": [ "correctness", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ] } ], diff --git a/rule_packages/c/EssentialTypes.json b/rule_packages/c/EssentialTypes.json index 57c7ace1ba..a8ae26e8c6 100644 --- a/rule_packages/c/EssentialTypes.json +++ b/rule_packages/c/EssentialTypes.json @@ -13,7 +13,8 @@ "severity": "warning", "short_name": "OperandsOfAnInappropriateEssentialType", "tags": [ - "maintainability" + "maintainability", + "external/misra/c/2012/third-edition-first-revision" ] }, { @@ -24,7 +25,8 @@ "severity": "warning", "short_name": "PointerTypeOnLogicalOperator", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -44,7 +46,8 @@ "short_name": "AdditionSubtractionOnEssentiallyCharType", "tags": [ "maintainability", - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -64,7 +67,8 @@ "short_name": "AssignmentOfIncompatibleEssentialType", "tags": [ "maintainability", - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -84,7 +88,8 @@ "short_name": "OperandsWithMismatchedEssentialTypeCategory", "tags": [ "maintainability", - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -104,7 +109,8 @@ "short_name": "InappropriateEssentialTypeCast", "tags": [ "maintainability", - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -124,7 +130,8 @@ "short_name": "AssignmentToWiderEssentialType", "tags": [ "maintainability", - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -144,7 +151,8 @@ "short_name": "ImplicitConversionOfCompositeExpression", "tags": [ "maintainability", - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -164,7 +172,8 @@ "short_name": "InappropriateCastOfCompositeExpression", "tags": [ "maintainability", - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -184,7 +193,8 @@ "short_name": "LoopOverEssentiallyFloatType", "tags": [ "maintainability", - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -204,7 +214,8 @@ "short_name": "MemcmpUsedToCompareNullTerminatedStrings", "tags": [ "maintainability", - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -224,7 +235,8 @@ "short_name": "MemcmpOnInappropriateEssentialTypeArgs", "tags": [ "maintainability", - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], diff --git a/rule_packages/c/IO1.json b/rule_packages/c/IO1.json index 1d90c6f28f..f5b9ec8b0e 100644 --- a/rule_packages/c/IO1.json +++ b/rule_packages/c/IO1.json @@ -145,7 +145,8 @@ "short_name": "FileUsedAfterClosed", "shared_implementation_short_name": "DoNotAccessAClosedFile", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ], "implementation_scope": { "description": "The rule is enforced in the context of a single function." diff --git a/rule_packages/c/IO3.json b/rule_packages/c/IO3.json index 8d1c250eda..52276eb05c 100644 --- a/rule_packages/c/IO3.json +++ b/rule_packages/c/IO3.json @@ -60,7 +60,8 @@ "severity": "error", "short_name": "FileOpenForReadAndWriteOnDifferentStreams", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ], "implementation_scope": { "description": "The rule is enforced in the context of a single function." @@ -82,7 +83,8 @@ "severity": "error", "short_name": "AttemptToWriteToAReadOnlyStream", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -101,7 +103,8 @@ "severity": "error", "short_name": "PointerToAFileObjectDereferenced", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -120,7 +123,8 @@ "severity": "error", "short_name": "EofShallBeComparedWithUnmodifiedReturnValues", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], diff --git a/rule_packages/c/IO4.json b/rule_packages/c/IO4.json index 0873d2707b..1303f9b50f 100644 --- a/rule_packages/c/IO4.json +++ b/rule_packages/c/IO4.json @@ -68,4 +68,4 @@ "title": "Use valid format strings" } } -} +} \ No newline at end of file diff --git a/rule_packages/c/IntegerOverflow.json b/rule_packages/c/IntegerOverflow.json index 0fb1c5a4e7..a7897fad9e 100644 --- a/rule_packages/c/IntegerOverflow.json +++ b/rule_packages/c/IntegerOverflow.json @@ -115,7 +115,8 @@ "shared_implementation_short_name": "ConstantUnsignedIntegerExpressionsWrapAround", "tags": [ "correctness", - "security" + "security", + "external/misra/c/2012/third-edition-first-revision" ] } ], diff --git a/rule_packages/c/InvalidMemory1.json b/rule_packages/c/InvalidMemory1.json index 0d84c1c87e..227ec37558 100644 --- a/rule_packages/c/InvalidMemory1.json +++ b/rule_packages/c/InvalidMemory1.json @@ -78,7 +78,8 @@ "short_name": "ObjectWithAutoStorageDurationReadBeforeInit", "tags": [ "correctness", - "security" + "security", + "external/misra/c/2012/third-edition-first-revision" ] } ], diff --git a/rule_packages/c/Language1.json b/rule_packages/c/Language1.json index 50aed45c55..6b20822196 100644 --- a/rule_packages/c/Language1.json +++ b/rule_packages/c/Language1.json @@ -14,7 +14,8 @@ "short_name": "LanguageNotEncapsulatedAndIsolated", "tags": [ "maintainability", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ] } ], diff --git a/rule_packages/c/Language2.json b/rule_packages/c/Language2.json index 66f219a025..43dbb4ecef 100644 --- a/rule_packages/c/Language2.json +++ b/rule_packages/c/Language2.json @@ -15,7 +15,8 @@ "shared_implementation_short_name": "UsageOfAssemblerNotDocumented", "tags": [ "maintainability", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -35,7 +36,8 @@ "short_name": "EmergentLanguageFeaturesUsed", "tags": [ "maintainability", - "readability" + "readability", + "external/misra/c/2012/amendment2" ] } ], diff --git a/rule_packages/c/Language3.json b/rule_packages/c/Language3.json index d48444a4ab..c19881e05c 100644 --- a/rule_packages/c/Language3.json +++ b/rule_packages/c/Language3.json @@ -14,7 +14,8 @@ "short_name": "LanguageExtensionsShouldNotBeUsed", "tags": [ "maintainability", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ], "implementation_scope": { "description": "This implementation attempts to cover a broad section of the compiler specific extensions documented in: https://clang.llvm.org/docs/LanguageExtensions.html and https://gcc.gnu.org/onlinedocs/gcc/C-Extensions.html but is not comprehensive. The following topics are addressed in this query: Builtin macros, Variable Attributes, Function Attributes, Statement Expressions, Non-Local Gotos, Conditionals, Extended Integer / Numeric Types, Zero Length Structures, Zero Length Arrays, Variable Length Arrays, Case Attributes, Alignment, __sync and __fetch builtins. Other topics listed in the extension references are not covered by this query." @@ -37,7 +38,8 @@ "short_name": "OccurrenceOfUndefinedBehavior", "tags": [ "maintainability", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ], "implementation_scope": { "description": "This implementation only considers alternate forms of `main` and the undefined behavior that results. Note that the current version of CodeQL is not able to detect this issue if a function is named `main` since it will assume the return type and formal parameters. Additional cases from Appendix J of the C99 standard are not currently considered." diff --git a/rule_packages/c/Memory1.json b/rule_packages/c/Memory1.json index 7232b18751..8515fe15e1 100644 --- a/rule_packages/c/Memory1.json +++ b/rule_packages/c/Memory1.json @@ -14,8 +14,9 @@ "short_name": "InitializerForAggregateOrUnionNotEnclosedInBraces", "shared_implementation_short_name": "UseInitializerBracesToMatchAggregateTypeStructure", "tags": [ - "maintainability", - "readability" + "maintainability", + "readability", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -35,7 +36,8 @@ "short_name": "PartiallyInitializedArrayWithExplicitInitializers", "tags": [ "maintainability", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -56,7 +58,8 @@ "tags": [ "correctness", "maintainability", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ] } ], diff --git a/rule_packages/c/Memory2.json b/rule_packages/c/Memory2.json index 677711938a..358d482194 100644 --- a/rule_packages/c/Memory2.json +++ b/rule_packages/c/Memory2.json @@ -164,7 +164,8 @@ "shared_implementation_short_name": "FreeMemoryWhenNoLongerNeededShared", "tags": [ "correctness", - "security" + "security", + "external/misra/c/2012/third-edition-first-revision" ], "implementation_scope": { "description": "The rule is enforced in the context of a single function." @@ -180,7 +181,8 @@ "shared_implementation_short_name": "CloseFileHandleWhenNoLongerNeededShared", "tags": [ "correctness", - "security" + "security", + "external/misra/c/2012/third-edition-first-revision" ], "implementation_scope": { "description": "The rule is enforced in the context of a single function." @@ -204,7 +206,8 @@ "shared_implementation_short_name": "OnlyFreeMemoryAllocatedDynamicallyShared", "tags": [ "correctness", - "security" + "security", + "external/misra/c/2012/third-edition-first-revision" ] } ], diff --git a/rule_packages/c/Misc.json b/rule_packages/c/Misc.json index 323ec17350..bba96db85c 100644 --- a/rule_packages/c/Misc.json +++ b/rule_packages/c/Misc.json @@ -12,7 +12,7 @@ "precision": "very-high", "severity": "error", "short_name": "RandUsedForGeneratingPseudorandomNumbers", - "shared_implementation_short_name" : "DoNotUseRandForGeneratingPseudorandomNumbers", + "shared_implementation_short_name": "DoNotUseRandForGeneratingPseudorandomNumbers", "tags": [ "security" ] diff --git a/rule_packages/c/OutOfBounds.json b/rule_packages/c/OutOfBounds.json index 31d0349a63..759b68e294 100644 --- a/rule_packages/c/OutOfBounds.json +++ b/rule_packages/c/OutOfBounds.json @@ -56,7 +56,8 @@ "short_name": "StringFunctionPointerArgumentOutOfBounds", "tags": [ "correctness", - "security" + "security", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -76,7 +77,8 @@ "short_name": "StringLibrarySizeArgumentOutOfBounds", "tags": [ "correctness", - "security" + "security", + "external/misra/c/2012/third-edition-first-revision" ] } ], diff --git a/rule_packages/c/Pointers1.json b/rule_packages/c/Pointers1.json index 6b2df1595c..29b658d823 100644 --- a/rule_packages/c/Pointers1.json +++ b/rule_packages/c/Pointers1.json @@ -13,7 +13,8 @@ "severity": "error", "short_name": "ConversionBetweenFunctionPointerAndOtherType", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -32,7 +33,8 @@ "severity": "error", "short_name": "ConversionBetweenIncompleteTypePointerAndOtherType", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -51,7 +53,8 @@ "severity": "error", "short_name": "CastBetweenObjectPointerAndDifferentObjectType", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -70,7 +73,8 @@ "severity": "error", "short_name": "ConversionBetweenPointerToObjectAndIntegerType", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -89,7 +93,8 @@ "severity": "error", "short_name": "ConversionFromPointerToVoidIntoPointerToObject", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -108,7 +113,8 @@ "severity": "error", "short_name": "CastBetweenPointerToVoidAndArithmeticType", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -127,7 +133,8 @@ "severity": "error", "short_name": "CastBetweenPointerToObjectAndNonIntArithmeticType", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -146,7 +153,8 @@ "severity": "error", "short_name": "CastRemovesConstOrVolatileQualification", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -165,7 +173,8 @@ "severity": "error", "short_name": "MacroNullNotUsedAsIntegerNullPointerConstant", "tags": [ - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ], "implementation_scope": { "description": "This rule allows two forms of null-pointer constants: a Zero literal created by the NULL macro or a Zero literal cast to a void pointer." @@ -188,7 +197,8 @@ "short_name": "PointerAndDerivedPointerMustAddressSameArray", "shared_implementation_short_name": "DoNotUsePointerArithmeticToAddressDifferentArrays", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -208,7 +218,8 @@ "short_name": "SubtractionBetweenPointersMustAddressSameArray", "shared_implementation_short_name": "DoNotSubtractPointersAddressingDifferentArrays", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -228,7 +239,8 @@ "short_name": "RelationalOperatorComparesPointerToDifferentArray", "shared_implementation_short_name": "DoNotUseRelationalOperatorsWithDifferingArrays", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -248,7 +260,8 @@ "short_name": "DoNotUseAdditionOrSubtractionOperatorsOnPointers", "shared_implementation_short_name": "UseOnlyArrayIndexingForPointerArithmetic", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -268,7 +281,8 @@ "short_name": "NoMoreThanTwoLevelsOfPointerNestingInDeclarations", "shared_implementation_short_name": "DoNotUseMoreThanTwoLevelsOfPointerIndirection", "tags": [ - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -288,7 +302,8 @@ "short_name": "AutomaticStorageObjectAddressCopiedToOtherObject", "shared_implementation_short_name": "DoNotCopyAddressOfAutoStorageObjectToOtherObject", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -308,7 +323,8 @@ "short_name": "ObjectWithNoPointerDereferenceShouldBeOpaque", "tags": [ "readability", - "maintainability" + "maintainability", + "external/misra/c/2012/third-edition-first-revision" ], "implementation_scope": { "description": "This rule considers all cases where a structure or union is referenced as a pointer but has no FieldAccess within a translation unit. Further excluded from this rule are translation units in which the structure or union is declared as a non-pointer variable." @@ -332,7 +348,8 @@ "tags": [ "correctness", "maintainability", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ], "implementation_scope": { "description": "To exclude compliant exceptions, this rule only excludes direct assignments of pointers to non-const-qualified types in the context of a single function and does not cover memory-copying functions. This rule also excludes pointers passed to other functions without conversion." diff --git a/rule_packages/c/Pointers2.json b/rule_packages/c/Pointers2.json index da275001c4..9abf4c98ce 100644 --- a/rule_packages/c/Pointers2.json +++ b/rule_packages/c/Pointers2.json @@ -12,7 +12,7 @@ "precision": "high", "severity": "error", "short_name": "DoNotAddOrSubtractAScaledIntegerToAPointer", - "tags":[ + "tags": [ "correctness" ] } diff --git a/rule_packages/c/Preprocessor1.json b/rule_packages/c/Preprocessor1.json index b93bc72731..cf4f023023 100644 --- a/rule_packages/c/Preprocessor1.json +++ b/rule_packages/c/Preprocessor1.json @@ -14,7 +14,8 @@ "short_name": "IncludeDirectivesPrecededByDirectivesOrComments", "shared_implementation_short_name": "PreprocessorIncludesPreceded", "tags": [ - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -34,10 +35,10 @@ "short_name": "PreprocessorHashOperatorsShouldNotBeUsed", "shared_implementation_short_name": "HashOperatorsUsed", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } - ], "title": "The # and ## preprocessor operators should not be used" }, @@ -55,7 +56,8 @@ "short_name": "ForbiddenCharactersInHeaderFileName", "shared_implementation_short_name": "PreprocessorIncludesForbiddenHeaderNames", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ], "implementation_scope": { "description": "This query identifies the use of the ', \\, /*, // characters in header file names. The query is not able to detect the use of the \" character in header file names.", @@ -79,8 +81,9 @@ "short_name": "IdentifiersUsedInPreprocessorExpression", "shared_implementation_short_name": "UndefinedMacroIdentifiers", "tags": [ - "correctness", - "readability" + "correctness", + "readability", + "external/misra/c/2012/third-edition-first-revision" ], "implementation_scope": { "description": "This query does not detect the case where an undefined character is used but not actually evaluated, for example, as a result of the inclusion of a logical AND operator in the #if expression.", diff --git a/rule_packages/c/Preprocessor2.json b/rule_packages/c/Preprocessor2.json index 546f426135..62bb0b770a 100644 --- a/rule_packages/c/Preprocessor2.json +++ b/rule_packages/c/Preprocessor2.json @@ -14,7 +14,8 @@ "short_name": "MoreThanOneHashOperatorInMacroDefinition", "shared_implementation_short_name": "MacroParameterFollowingHash", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ], "implementation_scope": { "description": "This query applies to function like macros and not object like macros. This rule strictly disallows the use of # operator followed by a ## and other combinations are permitted.", @@ -39,7 +40,8 @@ "shared_implementation_short_name": "AMixedUseMacroArgumentSubjectToExpansion", "tags": [ "maintainability", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -59,7 +61,8 @@ "short_name": "UndefShouldNotBeUsed", "tags": [ "maintainability", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -81,7 +84,8 @@ "tags": [ "correctness", "maintainability", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ], "implementation_scope": { "description": "This query defines header file as any file that is included regardless of file extension. This query does not consider the use of `#pragma once` as a permitted header guard.", diff --git a/rule_packages/c/Preprocessor3.json b/rule_packages/c/Preprocessor3.json index 0b0c735a04..79e2aec59c 100644 --- a/rule_packages/c/Preprocessor3.json +++ b/rule_packages/c/Preprocessor3.json @@ -1,24 +1,25 @@ { "MISRA-C-2012": { "RULE-20-8": { - "properties": { - "obligation": "required" - }, - "queries": [ - { - "description": "A controlling expression of a #if or #elif preprocessing directive that does not evaluate to 0 or 1 makes code more difficult to understand.", - "kind": "problem", - "name": "The controlling expression of a #if or #elif preprocessing directive shall evaluate to 0 or 1", - "precision": "high", - "severity": "warning", - "short_name": "ControllingExpressionIfDirective", - "tags": [ - "maintainability", - "readability" - ] - } - ], - "title": "The controlling expression of a #if or #elif preprocessing directive shall evaluate to 0 or 1" - } + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "A controlling expression of a #if or #elif preprocessing directive that does not evaluate to 0 or 1 makes code more difficult to understand.", + "kind": "problem", + "name": "The controlling expression of a #if or #elif preprocessing directive shall evaluate to 0 or 1", + "precision": "high", + "severity": "warning", + "short_name": "ControllingExpressionIfDirective", + "tags": [ + "maintainability", + "readability", + "external/misra/c/2012/third-edition-first-revision" + ] + } + ], + "title": "The controlling expression of a #if or #elif preprocessing directive shall evaluate to 0 or 1" + } } } \ No newline at end of file diff --git a/rule_packages/c/Preprocessor4.json b/rule_packages/c/Preprocessor4.json index 404909c479..608a23d974 100644 --- a/rule_packages/c/Preprocessor4.json +++ b/rule_packages/c/Preprocessor4.json @@ -15,7 +15,8 @@ "tags": [ "correctness", "readability", - "maintainability" + "maintainability", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -36,7 +37,8 @@ "shared_implementation_short_name": "PreprocessingDirectiveWithinMacroArgument", "tags": [ "readability", - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -57,7 +59,8 @@ "tags": [ "correctness", "readability", - "maintainability" + "maintainability", + "external/misra/c/2012/third-edition-first-revision" ] } ], diff --git a/rule_packages/c/Preprocessor5.json b/rule_packages/c/Preprocessor5.json index 29c0156410..ef17b83c00 100644 --- a/rule_packages/c/Preprocessor5.json +++ b/rule_packages/c/Preprocessor5.json @@ -65,7 +65,8 @@ "shared_implementation_short_name": "MacroParameterNotEnclosedInParentheses", "tags": [ "correctness", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ], "implementation_scope": { "description": "This query checks for every instance of a parameter to be enclosed in parentheses regardless of whether the expansion of that parameter forms an expression or not.", diff --git a/rule_packages/c/Preprocessor6.json b/rule_packages/c/Preprocessor6.json index 0bb7f34f90..6d71b8697b 100644 --- a/rule_packages/c/Preprocessor6.json +++ b/rule_packages/c/Preprocessor6.json @@ -16,7 +16,8 @@ "tags": [ "external/misra/audit", "maintainability", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ] } ], diff --git a/rule_packages/c/SideEffects1.json b/rule_packages/c/SideEffects1.json index 821fb24d3c..9ecb79447d 100644 --- a/rule_packages/c/SideEffects1.json +++ b/rule_packages/c/SideEffects1.json @@ -83,7 +83,8 @@ "severity": "warning", "short_name": "UnenclosedSizeofOperand", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] }, { @@ -94,7 +95,8 @@ "severity": "warning", "short_name": "ImplicitPrecedenceOfOperatorsInExpression", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -113,7 +115,8 @@ "severity": "error", "short_name": "InitializerListsContainPersistentSideEffects", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -134,7 +137,8 @@ "shared_implementation_short_name": "ResultOfAnAssignmentOperatorShouldNotBeUsed", "tags": [ "correctness", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -153,7 +157,8 @@ "severity": "error", "short_name": "PossibleSuppressedSideEffectInLogicOperatorOperand", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -172,7 +177,8 @@ "severity": "error", "short_name": "SizeofOperandWithSideEffect", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], diff --git a/rule_packages/c/SideEffects2.json b/rule_packages/c/SideEffects2.json index 42467c2852..b7e1baa901 100644 --- a/rule_packages/c/SideEffects2.json +++ b/rule_packages/c/SideEffects2.json @@ -14,7 +14,8 @@ "short_name": "SideEffectAndCrementInFullExpression", "tags": [ "readability", - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -33,7 +34,8 @@ "severity": "warning", "short_name": "ModificationOfFunctionParameter", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], diff --git a/rule_packages/c/SideEffects3.json b/rule_packages/c/SideEffects3.json index 2d67df6e2e..2bf91d77b9 100644 --- a/rule_packages/c/SideEffects3.json +++ b/rule_packages/c/SideEffects3.json @@ -13,7 +13,8 @@ "severity": "error", "short_name": "UnsequencedSideEffects", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], diff --git a/rule_packages/c/StandardLibraryFunctionTypes.json b/rule_packages/c/StandardLibraryFunctionTypes.json index 274eadbced..ee0d7f5af1 100644 --- a/rule_packages/c/StandardLibraryFunctionTypes.json +++ b/rule_packages/c/StandardLibraryFunctionTypes.json @@ -12,7 +12,9 @@ "precision": "very-high", "severity": "error", "short_name": "CtypeFunctionArgNotUnsignedCharOrEof", - "tags": [] + "tags": [ + "external/misra/c/2012/third-edition-first-revision" + ] } ], "title": "Any value passed to a function in shall be representable as an unsigned char or be the value EOF" @@ -29,7 +31,9 @@ "precision": "very-high", "severity": "error", "short_name": "MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes", - "tags": [] + "tags": [ + "external/misra/c/2012/third-edition-first-revision" + ] } ], "title": "The pointer arguments to the Standard Library functions memcpy, memmove and memcmp shall be pointers to qualified or unqualified versions of compatible types" diff --git a/rule_packages/c/Statements1.json b/rule_packages/c/Statements1.json index a8dc1b55ea..c932a8642d 100644 --- a/rule_packages/c/Statements1.json +++ b/rule_packages/c/Statements1.json @@ -15,7 +15,8 @@ "shared_implementation_short_name": "NestedLabelInSwitch", "tags": [ "maintainability", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -35,7 +36,8 @@ "short_name": "BreakShallTerminateSwitchClause", "tags": [ "maintainability", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -55,7 +57,8 @@ "short_name": "EverySwitchShallHaveDefaultLabel", "tags": [ "maintainability", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -73,7 +76,9 @@ "precision": "very-high", "severity": "recommendation", "short_name": "DefaultNotFirstOrLastOfSwitch", - "tags": [] + "tags": [ + "external/misra/c/2012/third-edition-first-revision" + ] } ], "title": "A default label shall appear as either the first or the last switch label of a switch statement" diff --git a/rule_packages/c/Statements2.json b/rule_packages/c/Statements2.json index cb616429be..9cd71b69c9 100644 --- a/rule_packages/c/Statements2.json +++ b/rule_packages/c/Statements2.json @@ -15,7 +15,8 @@ "shared_implementation_short_name": "GotoStatementCondition", "tags": [ "maintainability", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -36,7 +37,8 @@ "shared_implementation_short_name": "GotoReferenceALabelInSurroundingBlock", "tags": [ "maintainability", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -56,7 +58,8 @@ "short_name": "LoopIterationCondition", "tags": [ "maintainability", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -76,7 +79,8 @@ "short_name": "SwitchClauseNumberCondition", "tags": [ "maintainability", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -96,7 +100,8 @@ "short_name": "SwitchExpressionBoolCondition", "tags": [ "readability", - "maintainability" + "maintainability", + "external/misra/c/2012/third-edition-first-revision" ] } ], diff --git a/rule_packages/c/Statements3.json b/rule_packages/c/Statements3.json index 5471749a49..94206d485f 100644 --- a/rule_packages/c/Statements3.json +++ b/rule_packages/c/Statements3.json @@ -14,7 +14,8 @@ "short_name": "SwitchCompoundCondition", "tags": [ "maintainability", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ] }, { @@ -26,7 +27,8 @@ "short_name": "LoopCompoundCondition", "tags": [ "maintainability", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ] }, { @@ -38,7 +40,8 @@ "short_name": "SelectionCompoundCondition", "tags": [ "maintainability", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -59,7 +62,8 @@ "short_name": "IfElseEndCondition", "tags": [ "readability", - "maintainability" + "maintainability", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -80,7 +84,8 @@ "short_name": "SwitchCaseStartCondition", "tags": [ "maintainability", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ] }, { @@ -93,7 +98,8 @@ "short_name": "SwitchStmtNotWellFormed", "tags": [ "maintainability", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -113,7 +119,8 @@ "short_name": "RecursiveFunctionCondition", "tags": [ "maintainability", - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], diff --git a/rule_packages/c/Statements4.json b/rule_packages/c/Statements4.json index 56e13c9de6..5b0cc9be26 100644 --- a/rule_packages/c/Statements4.json +++ b/rule_packages/c/Statements4.json @@ -37,7 +37,8 @@ "short_name": "ForLoopNotWellFormed", "tags": [ "readability", - "maintainability" + "maintainability", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -57,7 +58,8 @@ "short_name": "NonBooleanIfCondition", "tags": [ "maintainability", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ] }, { @@ -69,7 +71,8 @@ "short_name": "NonBooleanIterationCondition", "tags": [ "maintainability", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ] } ], diff --git a/rule_packages/c/Statements5.json b/rule_packages/c/Statements5.json index 93a533939b..329819b61f 100644 --- a/rule_packages/c/Statements5.json +++ b/rule_packages/c/Statements5.json @@ -15,7 +15,8 @@ "tags": [ "correctness", "maintainability", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -36,7 +37,8 @@ "tags": [ "maintainability", "readability", - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -58,11 +60,12 @@ "tags": [ "correctness", "maintainability", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ] } ], "title": "All exit paths from a function with non-void return type shall have an explicit return statement with an expression" } } -} +} \ No newline at end of file diff --git a/rule_packages/c/Statements6.json b/rule_packages/c/Statements6.json index 8d71f11cfd..c8ab3efe38 100644 --- a/rule_packages/c/Statements6.json +++ b/rule_packages/c/Statements6.json @@ -15,7 +15,8 @@ "shared_implementation_short_name": "GotoStatementShouldNotBeUsed", "tags": [ "correctness", - "security" + "security", + "external/misra/c/2012/third-edition-first-revision" ] } ], diff --git a/rule_packages/c/Static.json b/rule_packages/c/Static.json index 7edf903703..2af2af402a 100644 --- a/rule_packages/c/Static.json +++ b/rule_packages/c/Static.json @@ -13,7 +13,8 @@ "severity": "error", "short_name": "UseOfArrayStatic", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ], "implementation_scope": { "description": "The static keyword is associated with particular array types in our model. This means we can get false positives when two parameter use the same array type and size, but only one of which uses the `static` keyword." diff --git a/rule_packages/c/Syntax.json b/rule_packages/c/Syntax.json index 99bcf8250e..e588c366c0 100644 --- a/rule_packages/c/Syntax.json +++ b/rule_packages/c/Syntax.json @@ -14,7 +14,8 @@ "short_name": "CharacterSequencesAndUsedWithinAComment", "tags": [ "maintainability", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -35,7 +36,8 @@ "tags": [ "maintainability", "readability", - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -57,7 +59,8 @@ "tags": [ "maintainability", "readability", - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -79,7 +82,8 @@ "tags": [ "maintainability", "readability", - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -100,7 +104,8 @@ "shared_implementation_short_name": "DifferentIdentifiersNotTypographicallyUnambiguous", "tags": [ "readability", - "maintainability" + "maintainability", + "external/misra/c/2012/third-edition-first-revision" ] } ], @@ -120,7 +125,8 @@ "short_name": "UOrUSuffixRepresentedInUnsignedType", "tags": [ "maintainability", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ], "implementation_scope": { "description": "This implementation does not consider constants defined in macro bodies." @@ -144,7 +150,8 @@ "shared_implementation_short_name": "LowercaseLStartsInLiteralSuffix", "tags": [ "maintainability", - "readability" + "readability", + "external/misra/c/2012/third-edition-first-revision" ] } ], diff --git a/rule_packages/c/Types1.json b/rule_packages/c/Types1.json index fae0339d3c..cbf7f0b632 100644 --- a/rule_packages/c/Types1.json +++ b/rule_packages/c/Types1.json @@ -48,7 +48,9 @@ "precision": "high", "severity": "error", "short_name": "PlainNumericalTypeUsedOverExplicitTypedef", - "tags": [] + "tags": [ + "external/misra/c/2012/third-edition-first-revision" + ] } ], "title": "typedefs that indicate size and signedness should be used in place of the basic numerical types" @@ -65,7 +67,9 @@ "precision": "very-high", "severity": "error", "short_name": "SizeofOperatorUsedOnArrayTypeParam", - "tags": [] + "tags": [ + "external/misra/c/2012/third-edition-first-revision" + ] } ], "title": "The sizeof operator shall not have an operand which is a function parameter declared as 'array of type'" @@ -82,10 +86,12 @@ "precision": "very-high", "severity": "error", "short_name": "StringLiteralAssignedToNonConstChar", - "tags": [] + "tags": [ + "external/misra/c/2012/third-edition-first-revision" + ] } ], "title": "A string literal shall not be assigned to an object unless the object's type is 'pointer to const-qualified char'" } } -} +} \ No newline at end of file From 4c9e0489befb910a7a7fbf24791286d771f90c0d Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 2 Oct 2024 22:40:10 +0100 Subject: [PATCH 2035/2573] MISRA C: Update query suites * Provide a query suite for MISRA C 2012, 3rd Edition with Amendment 2 * Provide query suites for required/advisory --- .../misra-c-2012-third-edition-with-amendment-2.qls | 13 +++++++++++++ c/misra/src/codeql-suites/misra-c-advisory.qls | 12 ++++++++++++ .../{misra-default.qls => misra-c-default.qls} | 0 c/misra/src/codeql-suites/misra-c-required.qls | 12 ++++++++++++ c/misra/src/qlpack.yml | 1 + 5 files changed, 38 insertions(+) create mode 100644 c/misra/src/codeql-suites/misra-c-2012-third-edition-with-amendment-2.qls create mode 100644 c/misra/src/codeql-suites/misra-c-advisory.qls rename c/misra/src/codeql-suites/{misra-default.qls => misra-c-default.qls} (100%) create mode 100644 c/misra/src/codeql-suites/misra-c-required.qls diff --git a/c/misra/src/codeql-suites/misra-c-2012-third-edition-with-amendment-2.qls b/c/misra/src/codeql-suites/misra-c-2012-third-edition-with-amendment-2.qls new file mode 100644 index 0000000000..8d06e7c2c8 --- /dev/null +++ b/c/misra/src/codeql-suites/misra-c-2012-third-edition-with-amendment-2.qls @@ -0,0 +1,13 @@ +- description: MISRA C 2012 - Third Edition, First Revision including Amendment 2 +- qlpack: codeql/misra-c-coding-standards +- include: + kind: + - problem + - path-problem + tags contain: + - external/misra/c/2012/third-edition-first-revision + - external/misra/c/2012/amendment2 +- exclude: + tags contain: + - external/misra/audit + - external/misra/default-disabled diff --git a/c/misra/src/codeql-suites/misra-c-advisory.qls b/c/misra/src/codeql-suites/misra-c-advisory.qls new file mode 100644 index 0000000000..517f449b13 --- /dev/null +++ b/c/misra/src/codeql-suites/misra-c-advisory.qls @@ -0,0 +1,12 @@ +- description: MISRA C 2012 (Advisory) +- qlpack: codeql/misra-c-coding-standards +- include: + kind: + - problem + - path-problem + tags contain: + - external/misra/obligation/advisory +- exclude: + tags contain: + - external/misra/audit + - external/misra/default-disabled diff --git a/c/misra/src/codeql-suites/misra-default.qls b/c/misra/src/codeql-suites/misra-c-default.qls similarity index 100% rename from c/misra/src/codeql-suites/misra-default.qls rename to c/misra/src/codeql-suites/misra-c-default.qls diff --git a/c/misra/src/codeql-suites/misra-c-required.qls b/c/misra/src/codeql-suites/misra-c-required.qls new file mode 100644 index 0000000000..ca32b9ca97 --- /dev/null +++ b/c/misra/src/codeql-suites/misra-c-required.qls @@ -0,0 +1,12 @@ +- description: MISRA C 2012 (Required) +- qlpack: codeql/misra-c-coding-standards +- include: + kind: + - problem + - path-problem + tags contain: + - external/misra/obligation/required +- exclude: + tags contain: + - external/misra/audit + - external/misra/default-disabled diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index fe7a2a0567..5de8472821 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -3,6 +3,7 @@ version: 2.36.0-dev description: MISRA C 2012 suites: codeql-suites license: MIT +default-suite-file: codeql-suites/misra-c-default.qls dependencies: codeql/common-c-coding-standards: '*' codeql/cpp-all: 0.9.3 From 7bf12c4902c6acd803b90856b8af6b3c2fff317c Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Thu, 3 Oct 2024 10:07:05 +0900 Subject: [PATCH 2036/2573] Fix new query addition --- .../rules/M0-1-10/UnusedSplMemberFunction.ql | 5 ++--- .../rules/M0-1-10/UnusedSplMemberFunction.qlref | 2 +- .../cpp/exclusions/cpp/DeadCode.qll | 17 +++++++++++++++++ rule_packages/cpp/DeadCode.json | 15 +++++++++++++++ 4 files changed, 35 insertions(+), 4 deletions(-) diff --git a/cpp/autosar/src/rules/M0-1-10/UnusedSplMemberFunction.ql b/cpp/autosar/src/rules/M0-1-10/UnusedSplMemberFunction.ql index bf073dcced..9efa4bdfd1 100644 --- a/cpp/autosar/src/rules/M0-1-10/UnusedSplMemberFunction.ql +++ b/cpp/autosar/src/rules/M0-1-10/UnusedSplMemberFunction.ql @@ -2,8 +2,7 @@ * @id cpp/autosar/unused-spl-member-function * @name M0-1-10: Every defined function should be called at least once * @description Uncalled functions complicate the program and can indicate a possible mistake on the - * part of the programmer. This query specifically looks for unused Special Member - * Functions. + * part of the programmer. * @kind problem * @precision medium * @problem.severity warning @@ -21,7 +20,7 @@ import codingstandards.cpp.deadcode.UnusedFunctions from UnusedFunctions::UnusedSplMemberFunction unusedSplMemFunction, string name where - not isExcluded(unusedSplMemFunction, DeadCodePackage::unusedFunctionQuery()) and + not isExcluded(unusedSplMemberFunctionQuery, DeadCodePackage::unusedFunctionQuery()) and ( if exists(unusedSplMemFunction.getQualifiedName()) then name = unusedSplMemFunction.getQualifiedName() diff --git a/cpp/autosar/test/rules/M0-1-10/UnusedSplMemberFunction.qlref b/cpp/autosar/test/rules/M0-1-10/UnusedSplMemberFunction.qlref index b04687a48b..899f00fda1 100644 --- a/cpp/autosar/test/rules/M0-1-10/UnusedSplMemberFunction.qlref +++ b/cpp/autosar/test/rules/M0-1-10/UnusedSplMemberFunction.qlref @@ -1 +1 @@ -rules/M0-1-10/UnusedSplMemberFunction.ql +rules/M0-1-10/UnusedSplMemberFunction.ql \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/DeadCode.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/DeadCode.qll index 40b8795e5e..f11741fde5 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/DeadCode.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/DeadCode.qll @@ -12,6 +12,7 @@ newtype DeadCodeQuery = TUnusedTypeDeclarationsQuery() or TUnreachableCodeQuery() or TUnusedFunctionQuery() or + TUnusedSplMemberFunctionQuery() or TInfeasiblePathQuery() or TUnusedLocalVariableQuery() or TUnusedGlobalOrNamespaceVariableQuery() or @@ -94,6 +95,15 @@ predicate isDeadCodeQueryMetadata(Query query, string queryId, string ruleId, st ruleId = "M0-1-10" and category = "advisory" or + query = + // `Query` instance for the `unusedSplMemberFunction` query + DeadCodePackage::unusedSplMemberFunctionQuery() and + queryId = + // `@id` for the `unusedSplMemberFunction` query + "cpp/autosar/unused-spl-member-function" and + ruleId = "M0-1-10" and + category = "advisory" + or query = // `Query` instance for the `infeasiblePath` query DeadCodePackage::infeasiblePathQuery() and @@ -224,6 +234,13 @@ module DeadCodePackage { TQueryCPP(TDeadCodePackageQuery(TUnusedFunctionQuery())) } + Query unusedSplMemberFunctionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `unusedSplMemberFunction` query + TQueryCPP(TDeadCodePackageQuery(TUnusedSplMemberFunctionQuery())) + } + Query infeasiblePathQuery() { //autogenerate `Query` type result = diff --git a/rule_packages/cpp/DeadCode.json b/rule_packages/cpp/DeadCode.json index 7eb5c9f6f9..4746f86dee 100644 --- a/rule_packages/cpp/DeadCode.json +++ b/rule_packages/cpp/DeadCode.json @@ -194,6 +194,21 @@ "readability", "maintainability" ] + }, + { + "description": "Uncalled functions complicate the program and can indicate a possible mistake on the part of the programmer.", + "kind": "problem", + "name": "Every defined function should be called at least once", + "precision": "medium", + "severity": "warning", + "short_name": "UnusedSplMemberFunction", + "tags": [ + "readability", + "maintainability" + ], + "implementation_scope": { + "description": "In limited cases, this query can raise false-positives for special member function calls invoked from the C++ Metaprogramming library." + } } ], "title": "Every defined function should be called at least once." From a48c7cc6af11ed445cee5a43d1e823db6b2c3833 Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Thu, 3 Oct 2024 17:12:41 +0900 Subject: [PATCH 2037/2573] Simplify GoogleTestFunction --- .../cpp/EncapsulatingFunctions.qll | 26 +++++++------------ 1 file changed, 10 insertions(+), 16 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/EncapsulatingFunctions.qll b/cpp/common/src/codingstandards/cpp/EncapsulatingFunctions.qll index 4f7e423254..ad11bea21c 100644 --- a/cpp/common/src/codingstandards/cpp/EncapsulatingFunctions.qll +++ b/cpp/common/src/codingstandards/cpp/EncapsulatingFunctions.qll @@ -26,27 +26,21 @@ class MainFunction extends MainLikeFunction { * such functions, however, they have certain features that can be used for * identification. This can be refined based on experiments/real-world use. */ -class GTestFunction extends MainLikeFunction { - GTestFunction() { +class GoogleTestFunction extends MainLikeFunction { + GoogleTestFunction() { // A GoogleTest function is named "TestBody" and this.hasName("TestBody") and - // is enclosed by a class that inherits from a base class - this.getEnclosingAccessHolder() instanceof Class and + // it's parent class inherits a base class exists(Class base | - base = this.getEnclosingAccessHolder().(Class).getABaseClass() and + base = this.getEnclosingAccessHolder().(Class).getABaseClass+() and + // with a name "Test" inside a namespace called "testing" ( - // called "Test" or - exists(Class c | base.getABaseClass() = c and c.hasName("Test")) - or - // defined under a namespace called "testing" or - exists(Namespace n | n = base.getNamespace() | n.hasName("testing")) - or - // is templatized by a parameter called "gtest_TypeParam_" - exists(TemplateParameter tp | - tp = base.getATemplateArgument() and - tp.hasName("gtest_TypeParam_") - ) + base.hasName("Test") and + base.getNamespace().hasName("testing") ) + or + // or at a location in a file called "gtest.h". + base.getDefinitionLocation().getFile().getBaseName() = "gtest.h" ) } } From b2e35a77ce69059fbd89f69d7b4e52d30f954c83 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 3 Oct 2024 09:17:00 +0100 Subject: [PATCH 2038/2573] Add change note for MISRA C query suite --- change_notes/2024-10-03-misra-c-query-suites.md | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 change_notes/2024-10-03-misra-c-query-suites.md diff --git a/change_notes/2024-10-03-misra-c-query-suites.md b/change_notes/2024-10-03-misra-c-query-suites.md new file mode 100644 index 0000000000..3eb3521ec9 --- /dev/null +++ b/change_notes/2024-10-03-misra-c-query-suites.md @@ -0,0 +1,6 @@ + - The following query suites have been added or modified for MISRA C: + - A new query suite has been created `misra-c-default.qls` to avoid confusion with the MISRA C++ query suites. The `misra-default.qls` suite has been deprecated, and will be removed in a future releases, and is replaced by the `misra-c-default.qls` suite. + - The `misra-c-default.qls` suite has been specified as the default for the pack, and will include our most up-to-date coverage for MISRA C. + - A new query suite `misra-c-2012-third-edition-with-amendment-2.qls` has been created to represent our previous MISRA C coverage. Note: this query suite will run the rules that were present in MISRA C 2012, Third Edition, First Revision and Amendment 2. The interpretation of those + rules may be updated to reflect changes in more recent MISRA standards. + - A pair of new query suites, `misra-c-required.qls` and `misra-c-advisory.qls`, have been added to enable running only the required or advisory queries. \ No newline at end of file From eb6e77c9192ced49a4acbd101526c9a88c4cd0fd Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 3 Oct 2024 09:18:36 +0100 Subject: [PATCH 2039/2573] Re-add MISRA default suite for C To avoid compatibility problems --- c/misra/src/codeql-suites/misra-default.qls | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 c/misra/src/codeql-suites/misra-default.qls diff --git a/c/misra/src/codeql-suites/misra-default.qls b/c/misra/src/codeql-suites/misra-default.qls new file mode 100644 index 0000000000..343379a2b3 --- /dev/null +++ b/c/misra/src/codeql-suites/misra-default.qls @@ -0,0 +1,10 @@ +- description: MISRA C 2012 (Default) +- qlpack: codeql/misra-c-coding-standards +- include: + kind: + - problem + - path-problem +- exclude: + tags contain: + - external/misra/audit + - external/misra/default-disabled From d86432913437ffd75b040899b742c113c027fb49 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 2 Oct 2024 22:42:36 +0100 Subject: [PATCH 2040/2573] Update under development section --- README.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index d1de9b6372..cc148fbde3 100644 --- a/README.md +++ b/README.md @@ -18,7 +18,10 @@ The following coding standards are supported: ## :construction: Standards under development :construction: -- [MISRA C++ 2023](https://misra.org.uk/product/misra-cpp2023/) - under development _scheduled for release 2024 Q4_. +The following standards are under active development: + +- [MISRA C++ 2023](https://misra.org.uk/product/misra-cpp2023/) - under development - _scheduled for release 2025 Q1_ +- [MISRA C 2023](https://misra.org.uk/product/misra-c2023/) - under development - _scheduled for release 2025 Q1_ ## How do I use the CodeQL Coding Standards Queries? From aed2b139770c2c7fa46eb5f0c96231394b375ec9 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 3 Oct 2024 09:14:53 +0100 Subject: [PATCH 2041/2573] Update user manual and README for MISRA C 2023. --- README.md | 1 + docs/user_manual.md | 8 ++++++-- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index cc148fbde3..0f24587afe 100644 --- a/README.md +++ b/README.md @@ -22,6 +22,7 @@ The following standards are under active development: - [MISRA C++ 2023](https://misra.org.uk/product/misra-cpp2023/) - under development - _scheduled for release 2025 Q1_ - [MISRA C 2023](https://misra.org.uk/product/misra-c2023/) - under development - _scheduled for release 2025 Q1_ + - This includes the development of [MISRA C 2012 Amendment 3](https://misra.org.uk/app/uploads/2021/06/MISRA-C-2012-AMD3.pdf) and [MISRA C 2012 Amendment 4](https://misra.org.uk/app/uploads/2021/06/MISRA-C-2012-AMD4.pdf), which are incorporated into MISRA C 2023. ## How do I use the CodeQL Coding Standards Queries? diff --git a/docs/user_manual.md b/docs/user_manual.md index 0d42e698fb..5799d73e6f 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -27,6 +27,7 @@ | 0.19.0 | 2024-02-23 | Remco Vermeulen | Clarify the required use of Python version 3.9. | | 0.20.0 | 2024-02-23 | Remco Vermeulen | Add table describing the permitted guideline re-categorizations. | | 0.21.0 | 2024-05-01 | Luke Cartey | Add MISRA C++ 2023 as under development, and clarify MISRA C 2012 coverage. | +| 0.22.0 | 2024-10-02 | Luke Cartey | Add MISRA C 2023 as under development, and clarify MISRA C 2012 coverage. ## Release information @@ -58,8 +59,11 @@ The _CodeQL Coding Standards_ product is a set of CodeQL queries for identifying | AUTOSAR C++ | [^1] [R22-11](https://www.autosar.org/fileadmin/standards/R22-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf), R21-11, R20-11, R19-11, R19-03 | 397 | 372 | 370[^2] | Implemented | | CERT-C++ | [2016](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-cpp-coding-standard-2016-v01.pdf) | 83 | 82 | 82 | Implemented | | CERT C | [2016](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-c-coding-standard-2016-v01.pdf) | 99 | 97 | 97 | Implemented | -| MISRA C | [2012 Third Edition, First Revision](](https://www.misra.org.uk/product/misra-c2012-third-edition-first-revision/)), and [Amendment 2](https://misra.org.uk/app/uploads/2021/06/MISRA-C-2012-AMD2.pdf) and TC2 | 175 | 164 | 162[^3] | Implemented | -| MISRA C++ | [2023](https://misra.org.uk/product/misra-cpp2023/) | 179 | 176[^4] | 0 | Under development | +| MISRA C | [2012 Third Edition, First Revision](https://www.misra.org.uk/product/misra-c2012-third-edition-first-revision/), [Amendment 2](https://misra.org.uk/app/uploads/2021/06/MISRA-C-2012-AMD2.pdf) and TC2 | 175 | 164 | 162[^3] | Implemented | +| | [MISRA C 2012 Amendment 3](https://misra.org.uk/app/uploads/2021/06/MISRA-C-2012-AMD3.pdf) | 24 | 24 | - | Under development | +| | [MISRA C 2012 Amendment 4](https://misra.org.uk/app/uploads/2021/06/MISRA-C-2012-AMD4.pdf) | 22 | 22 | - | Under development | +| | [2023 Third Edition, Second Revision](https://misra.org.uk/product/misra-c2023/) | 221 | 210 | - | Under development | +| MISRA C++ | [2023](https://misra.org.uk/product/misra-cpp2023/) | 179 | 176[^4] | - | Under development | Not all rules in these standards are amenable to static analysis by CodeQL - some rules require external or domain specific knowledge to validate, or refer to properties which are not present in our representation of the codebase under analysis. In addition, some rules are natively enforced by the supported compilers. As CodeQL requires that the program under analysis compiles, we are unable to implement queries for these rules, and doing so would be redundant. From bd83048f7d9d9e76a9c7e8a5d6ee0d252947ff83 Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Thu, 3 Oct 2024 17:39:05 +0900 Subject: [PATCH 2042/2573] Reuse SpecialMemberFunction class --- .../cpp/deadcode/UnusedFunctions.qll | 35 +++---------------- 1 file changed, 4 insertions(+), 31 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/deadcode/UnusedFunctions.qll b/cpp/common/src/codingstandards/cpp/deadcode/UnusedFunctions.qll index 2dc24025ce..fdd713b436 100644 --- a/cpp/common/src/codingstandards/cpp/deadcode/UnusedFunctions.qll +++ b/cpp/common/src/codingstandards/cpp/deadcode/UnusedFunctions.qll @@ -13,6 +13,7 @@ import cpp import codingstandards.cpp.DynamicCallGraph import codingstandards.cpp.EncapsulatingFunctions import codingstandards.cpp.FunctionEquivalence +import codingstandards.cpp.Class module UnusedFunctions { /** @@ -75,9 +76,7 @@ module UnusedFunctions { */ private class MainLikeFunctionEntryPoint extends EntryPoint, MainLikeFunction { - MainLikeFunctionEntryPoint() { - this instanceof MainLikeFunction or this instanceof GTestFunction - } + MainLikeFunctionEntryPoint() { this instanceof MainLikeFunction } override Function getAReachableFunction() { reachable*(this, result) } } @@ -113,26 +112,6 @@ module UnusedFunctions { } } - /** - * A `MemberFunction` which is either a Default constructor, Destructor - * CopyConstructor, CopyAssingmentOperator, MoveConstructor or a - * MoveAssignmentOperator - */ - predicate isASpecialMemberFunction(MemberFunction f) { - // Default constructor - f instanceof NoArgConstructor - or - f instanceof Destructor - or - f instanceof CopyConstructor - or - f instanceof CopyAssignmentOperator - or - f instanceof MoveConstructor - or - f instanceof MoveAssignmentOperator - } - /** * A `Function` which is not used from an `EntryPoint`. * @@ -156,12 +135,6 @@ module UnusedFunctions { } } - /** - * A Special `MemberFunction` which is an `UnusedFunction`. - * - * Refer isASpecialMemberFunction predicate. - */ - class UnusedSplMemberFunction extends UnusedFunction { - UnusedSplMemberFunction() { isASpecialMemberFunction(this) } - } + /** A `SpecialMemberFunction` which is an `UnusedFunction`. */ + class UnusedSplMemberFunction extends UnusedFunction, SpecialMemberFunction { } } From ecb3a4a6ddeae46ff9bb3852688d97672fc5ea5d Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 3 Oct 2024 09:59:48 +0100 Subject: [PATCH 2043/2573] Add new MISRA C++ query suites Provide clearer naming for the MISRA C++ query suites, to avoid confusion with the MISRA C query suites. --- change_notes/2024-10-03-misra-c-query-suites.md | 6 +++++- cpp/misra/src/codeql-suites/misra-cpp-default.qls | 10 ++++++++++ .../misra-cpp-single-translation-unit.qls | 12 ++++++++++++ cpp/misra/src/codeql-suites/misra-default.qls | 12 ++---------- .../misra-single-translation-unit.qls | 14 ++------------ cpp/misra/src/qlpack.yml | 2 +- 6 files changed, 32 insertions(+), 24 deletions(-) create mode 100644 cpp/misra/src/codeql-suites/misra-cpp-default.qls create mode 100644 cpp/misra/src/codeql-suites/misra-cpp-single-translation-unit.qls diff --git a/change_notes/2024-10-03-misra-c-query-suites.md b/change_notes/2024-10-03-misra-c-query-suites.md index 3eb3521ec9..067944cf2f 100644 --- a/change_notes/2024-10-03-misra-c-query-suites.md +++ b/change_notes/2024-10-03-misra-c-query-suites.md @@ -3,4 +3,8 @@ - The `misra-c-default.qls` suite has been specified as the default for the pack, and will include our most up-to-date coverage for MISRA C. - A new query suite `misra-c-2012-third-edition-with-amendment-2.qls` has been created to represent our previous MISRA C coverage. Note: this query suite will run the rules that were present in MISRA C 2012, Third Edition, First Revision and Amendment 2. The interpretation of those rules may be updated to reflect changes in more recent MISRA standards. - - A pair of new query suites, `misra-c-required.qls` and `misra-c-advisory.qls`, have been added to enable running only the required or advisory queries. \ No newline at end of file + - A pair of new query suites, `misra-c-required.qls` and `misra-c-advisory.qls`, have been added to enable running only the required or advisory queries. + - The following query suites have been added or modified for MISRA C++: + - A new query suite has been created `misra-cpp-default.qls` to avoid confusion with the MISRA C query suites. The `misra-default.qls` suite has been deprecated, and will be removed in a future releases, and is replaced by the `misra-cpp-default.qls` suite. + - The `misra-cpp-default.qls` suite has been specified as the default for the pack, and will include our most up-to-date coverage for MISRA C. + - A new query suite has been created `misra-cpp-single-translation-unit.qls` to avoid confusion with the MISRA C query suites. The `misra-single-translation-unit.qls` suite has been deprecated, and will be removed in a future releases, and is replaced by the `misra-cpp-single-translation-unit.qls` suite. \ No newline at end of file diff --git a/cpp/misra/src/codeql-suites/misra-cpp-default.qls b/cpp/misra/src/codeql-suites/misra-cpp-default.qls new file mode 100644 index 0000000000..670b043caa --- /dev/null +++ b/cpp/misra/src/codeql-suites/misra-cpp-default.qls @@ -0,0 +1,10 @@ +- description: MISRA C++ 2023 (Default) +- qlpack: codeql/misra-cpp-coding-standards +- include: + kind: + - problem + - path-problem +- exclude: + tags contain: + - external/misra/audit + - external/misra/default-disabled diff --git a/cpp/misra/src/codeql-suites/misra-cpp-single-translation-unit.qls b/cpp/misra/src/codeql-suites/misra-cpp-single-translation-unit.qls new file mode 100644 index 0000000000..0782dd876d --- /dev/null +++ b/cpp/misra/src/codeql-suites/misra-cpp-single-translation-unit.qls @@ -0,0 +1,12 @@ +- description: MISRA C++ 2023 (Single Translation Unit) +- qlpack: codeql/misra-cpp-coding-standards +- include: + kind: + - problem + - path-problem + tags contain: + - scope/single-translation-unit +- exclude: + tags contain: + - external/misra/audit + - external/misra/default-disabled diff --git a/cpp/misra/src/codeql-suites/misra-default.qls b/cpp/misra/src/codeql-suites/misra-default.qls index 670b043caa..8609e3df64 100644 --- a/cpp/misra/src/codeql-suites/misra-default.qls +++ b/cpp/misra/src/codeql-suites/misra-default.qls @@ -1,10 +1,2 @@ -- description: MISRA C++ 2023 (Default) -- qlpack: codeql/misra-cpp-coding-standards -- include: - kind: - - problem - - path-problem -- exclude: - tags contain: - - external/misra/audit - - external/misra/default-disabled +- description: "DEPRECATED - MISRA C++ 2023 - use misra-cpp-default.qls instead" +- import: codeql-suites/misra-cpp-default.qls \ No newline at end of file diff --git a/cpp/misra/src/codeql-suites/misra-single-translation-unit.qls b/cpp/misra/src/codeql-suites/misra-single-translation-unit.qls index 0782dd876d..0351768470 100644 --- a/cpp/misra/src/codeql-suites/misra-single-translation-unit.qls +++ b/cpp/misra/src/codeql-suites/misra-single-translation-unit.qls @@ -1,12 +1,2 @@ -- description: MISRA C++ 2023 (Single Translation Unit) -- qlpack: codeql/misra-cpp-coding-standards -- include: - kind: - - problem - - path-problem - tags contain: - - scope/single-translation-unit -- exclude: - tags contain: - - external/misra/audit - - external/misra/default-disabled +- description: "DEPRECATED - MISRA C++ 2023 (Single Translation Unit) - use misra-cpp-single-translation-unit.qls instead" +- import: codeql-suites/misra-cpp-single-translation-unit.qls \ No newline at end of file diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index 5e50eb563a..4c0aa45f4f 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,7 +1,7 @@ name: codeql/misra-cpp-coding-standards version: 2.36.0-dev description: MISRA C++ 2023 -suites: codeql-suites +default-suite: codeql-suites/misra-cpp-default.qls license: MIT dependencies: codeql/common-cpp-coding-standards: '*' From b60dcd07b5ef8355c2e58a94394fecd67031bcf6 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 3 Oct 2024 10:08:28 +0100 Subject: [PATCH 2044/2573] Add query suites for mandatory, required and advisory rules. --- change_notes/2024-10-03-misra-c-query-suites.md | 3 ++- cpp/misra/src/codeql-suites/misra-cpp-advisory.qls | 12 ++++++++++++ cpp/misra/src/codeql-suites/misra-cpp-mandatory.qls | 12 ++++++++++++ cpp/misra/src/codeql-suites/misra-cpp-required.qls | 12 ++++++++++++ 4 files changed, 38 insertions(+), 1 deletion(-) create mode 100644 cpp/misra/src/codeql-suites/misra-cpp-advisory.qls create mode 100644 cpp/misra/src/codeql-suites/misra-cpp-mandatory.qls create mode 100644 cpp/misra/src/codeql-suites/misra-cpp-required.qls diff --git a/change_notes/2024-10-03-misra-c-query-suites.md b/change_notes/2024-10-03-misra-c-query-suites.md index 067944cf2f..2b34df98e5 100644 --- a/change_notes/2024-10-03-misra-c-query-suites.md +++ b/change_notes/2024-10-03-misra-c-query-suites.md @@ -7,4 +7,5 @@ - The following query suites have been added or modified for MISRA C++: - A new query suite has been created `misra-cpp-default.qls` to avoid confusion with the MISRA C query suites. The `misra-default.qls` suite has been deprecated, and will be removed in a future releases, and is replaced by the `misra-cpp-default.qls` suite. - The `misra-cpp-default.qls` suite has been specified as the default for the pack, and will include our most up-to-date coverage for MISRA C. - - A new query suite has been created `misra-cpp-single-translation-unit.qls` to avoid confusion with the MISRA C query suites. The `misra-single-translation-unit.qls` suite has been deprecated, and will be removed in a future releases, and is replaced by the `misra-cpp-single-translation-unit.qls` suite. \ No newline at end of file + - A new query suite has been created `misra-cpp-single-translation-unit.qls` to avoid confusion with the MISRA C query suites. The `misra-single-translation-unit.qls` suite has been deprecated, and will be removed in a future releases, and is replaced by the `misra-cpp-single-translation-unit.qls` suite. + - Three new query suites, `misra-cpp-mandatory.qls`, `misra-c-required.qls` and `misra-c-advisory.qls`, have been added to enable running mandatory, required or advisory queries. \ No newline at end of file diff --git a/cpp/misra/src/codeql-suites/misra-cpp-advisory.qls b/cpp/misra/src/codeql-suites/misra-cpp-advisory.qls new file mode 100644 index 0000000000..5da16cc2af --- /dev/null +++ b/cpp/misra/src/codeql-suites/misra-cpp-advisory.qls @@ -0,0 +1,12 @@ +- description: MISRA C++ 2023 (Default) +- qlpack: codeql/misra-cpp-coding-standards +- include: + kind: + - problem + - path-problem + tags contain: + - external/misra/obligation/advisory +- exclude: + tags contain: + - external/misra/audit + - external/misra/default-disabled diff --git a/cpp/misra/src/codeql-suites/misra-cpp-mandatory.qls b/cpp/misra/src/codeql-suites/misra-cpp-mandatory.qls new file mode 100644 index 0000000000..0c5ec7155f --- /dev/null +++ b/cpp/misra/src/codeql-suites/misra-cpp-mandatory.qls @@ -0,0 +1,12 @@ +- description: MISRA C++ 2023 (Default) +- qlpack: codeql/misra-cpp-coding-standards +- include: + kind: + - problem + - path-problem + tags contain: + - external/misra/obligation/mandatory +- exclude: + tags contain: + - external/misra/audit + - external/misra/default-disabled diff --git a/cpp/misra/src/codeql-suites/misra-cpp-required.qls b/cpp/misra/src/codeql-suites/misra-cpp-required.qls new file mode 100644 index 0000000000..2fe61301e7 --- /dev/null +++ b/cpp/misra/src/codeql-suites/misra-cpp-required.qls @@ -0,0 +1,12 @@ +- description: MISRA C++ 2023 (Default) +- qlpack: codeql/misra-cpp-coding-standards +- include: + kind: + - problem + - path-problem + tags contain: + - external/misra/obligation/required +- exclude: + tags contain: + - external/misra/audit + - external/misra/default-disabled From b06feabb069929e346dd18fa731826936bd286e3 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 3 Oct 2024 10:10:49 +0100 Subject: [PATCH 2045/2573] Add MISRA C mandatory query suite --- c/misra/src/codeql-suites/misra-c-mandatory.qls | 12 ++++++++++++ change_notes/2024-10-03-misra-c-query-suites.md | 2 +- 2 files changed, 13 insertions(+), 1 deletion(-) create mode 100644 c/misra/src/codeql-suites/misra-c-mandatory.qls diff --git a/c/misra/src/codeql-suites/misra-c-mandatory.qls b/c/misra/src/codeql-suites/misra-c-mandatory.qls new file mode 100644 index 0000000000..454b8487ab --- /dev/null +++ b/c/misra/src/codeql-suites/misra-c-mandatory.qls @@ -0,0 +1,12 @@ +- description: MISRA C 2012 (Advisory) +- qlpack: codeql/misra-c-coding-standards +- include: + kind: + - problem + - path-problem + tags contain: + - external/misra/obligation/mandatory +- exclude: + tags contain: + - external/misra/audit + - external/misra/default-disabled diff --git a/change_notes/2024-10-03-misra-c-query-suites.md b/change_notes/2024-10-03-misra-c-query-suites.md index 2b34df98e5..cdc6982673 100644 --- a/change_notes/2024-10-03-misra-c-query-suites.md +++ b/change_notes/2024-10-03-misra-c-query-suites.md @@ -3,7 +3,7 @@ - The `misra-c-default.qls` suite has been specified as the default for the pack, and will include our most up-to-date coverage for MISRA C. - A new query suite `misra-c-2012-third-edition-with-amendment-2.qls` has been created to represent our previous MISRA C coverage. Note: this query suite will run the rules that were present in MISRA C 2012, Third Edition, First Revision and Amendment 2. The interpretation of those rules may be updated to reflect changes in more recent MISRA standards. - - A pair of new query suites, `misra-c-required.qls` and `misra-c-advisory.qls`, have been added to enable running only the required or advisory queries. + - Three new query suites, `misra-c-mandatory.qls`, `misra-c-required.qls` and `misra-c-advisory.qls`, have been added to enable running mandatory, required or advisory queries. - The following query suites have been added or modified for MISRA C++: - A new query suite has been created `misra-cpp-default.qls` to avoid confusion with the MISRA C query suites. The `misra-default.qls` suite has been deprecated, and will be removed in a future releases, and is replaced by the `misra-cpp-default.qls` suite. - The `misra-cpp-default.qls` suite has been specified as the default for the pack, and will include our most up-to-date coverage for MISRA C. From fee630ba3ccdeea6f92e87d115a89b459244c67f Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 3 Oct 2024 10:11:49 +0100 Subject: [PATCH 2046/2573] MISRA C misra-default.qls update deprecation message, use import --- c/misra/src/codeql-suites/misra-default.qls | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/c/misra/src/codeql-suites/misra-default.qls b/c/misra/src/codeql-suites/misra-default.qls index 343379a2b3..66a0161628 100644 --- a/c/misra/src/codeql-suites/misra-default.qls +++ b/c/misra/src/codeql-suites/misra-default.qls @@ -1,10 +1,2 @@ -- description: MISRA C 2012 (Default) -- qlpack: codeql/misra-c-coding-standards -- include: - kind: - - problem - - path-problem -- exclude: - tags contain: - - external/misra/audit - - external/misra/default-disabled +- description: "DEPRECATED - MISRA C 2012 - use misra-c-default.qls instead" +- import: codeql-suites/misra-c-default.qls \ No newline at end of file From b946bd8850a15ac69c6de2af78dffa09fab644cf Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 3 Oct 2024 10:21:53 +0100 Subject: [PATCH 2047/2573] Pin actions/create-github-app-token to v1 --- .github/workflows/dispatch-matrix-check.yml | 2 +- .github/workflows/dispatch-matrix-test-on-comment.yml | 2 +- .github/workflows/dispatch-release-performance-check.yml | 2 +- .github/workflows/finalize-release.yml | 2 +- .github/workflows/prepare-release.yml | 2 +- .github/workflows/update-release.yml | 2 +- .github/workflows/validate-release.yml | 4 ++-- 7 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/dispatch-matrix-check.yml b/.github/workflows/dispatch-matrix-check.yml index f9b0260594..845a8fc4ae 100644 --- a/.github/workflows/dispatch-matrix-check.yml +++ b/.github/workflows/dispatch-matrix-check.yml @@ -22,7 +22,7 @@ jobs: - name: Generate token id: generate-token - uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e + uses: actions/create-github-app-token@v1 with: app-id: ${{ vars.AUTOMATION_APP_ID }} private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} diff --git a/.github/workflows/dispatch-matrix-test-on-comment.yml b/.github/workflows/dispatch-matrix-test-on-comment.yml index 6500e3f6bc..4f9f9a5b1e 100644 --- a/.github/workflows/dispatch-matrix-test-on-comment.yml +++ b/.github/workflows/dispatch-matrix-test-on-comment.yml @@ -19,7 +19,7 @@ jobs: - name: Generate token id: generate-token - uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e + uses: actions/create-github-app-token@v1 with: app-id: ${{ vars.AUTOMATION_APP_ID }} private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} diff --git a/.github/workflows/dispatch-release-performance-check.yml b/.github/workflows/dispatch-release-performance-check.yml index d6311babb3..7e28a9c4f9 100644 --- a/.github/workflows/dispatch-release-performance-check.yml +++ b/.github/workflows/dispatch-release-performance-check.yml @@ -19,7 +19,7 @@ jobs: - name: Generate token id: generate-token - uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e + uses: actions/create-github-app-token@v1 with: app-id: ${{ vars.AUTOMATION_APP_ID }} private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index d3f511caba..7afc516aac 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -103,7 +103,7 @@ jobs: - name: Generate token if: env.HOTFIX_RELEASE == 'false' id: generate-token - uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e + uses: actions/create-github-app-token@v1 with: app-id: ${{ vars.AUTOMATION_APP_ID }} private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 9bbd27ce26..ba258e06f5 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -143,7 +143,7 @@ jobs: - name: Generate token id: generate-token - uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e + uses: actions/create-github-app-token@v1 with: app-id: ${{ vars.AUTOMATION_APP_ID }} private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} diff --git a/.github/workflows/update-release.yml b/.github/workflows/update-release.yml index 21838c1d9f..c825fab347 100644 --- a/.github/workflows/update-release.yml +++ b/.github/workflows/update-release.yml @@ -43,7 +43,7 @@ jobs: - name: Generate token id: generate-token - uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e + uses: actions/create-github-app-token@v1 with: app-id: ${{ vars.AUTOMATION_APP_ID }} private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 5f5382f5dd..63aa9e90e3 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -40,7 +40,7 @@ jobs: steps: - name: Generate token id: generate-token - uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e + uses: actions/create-github-app-token@v1 with: app-id: ${{ vars.AUTOMATION_APP_ID }} private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} @@ -108,7 +108,7 @@ jobs: steps: - name: Generate token id: generate-token - uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e + uses: actions/create-github-app-token@v1 with: app-id: ${{ vars.AUTOMATION_APP_ID }} private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} From c407583245e547afc2ead0590f698f78d3accafe Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 3 Oct 2024 10:34:52 +0100 Subject: [PATCH 2048/2573] Update schema validation with new tags --- schemas/rule-package.schema.json | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/schemas/rule-package.schema.json b/schemas/rule-package.schema.json index daeb1ade51..b27815163e 100644 --- a/schemas/rule-package.schema.json +++ b/schemas/rule-package.schema.json @@ -338,7 +338,11 @@ "external/cert/default-disabled", "external/autosar/strict", "scope/single-translation-unit", - "scope/system" + "scope/system", + "external/misra/c/2012/third-edition-first-revision", + "external/misra/c/2012/amendment2", + "external/misra/c/2012/amendment3", + "external/misra/c/2012/amendment4" ] }, "minLength": 1 From 8cfa9cfa49a18f50578ac4bfcca5f7125fa6509e Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 3 Oct 2024 23:31:50 +0100 Subject: [PATCH 2049/2573] Upgrade CodeQL dependencies now updates qlpack.yml files The appropriate version of the `codeql/cpp-all` pack is identified by querying the qlpack.yml of the tag for the CodeQL version on github/codeql. This is then applied to all relevant qlpack.yml files in the repo, then codeql pack upgrade is used to update the lock files. --- .../requirements.txt | 1 + .../upgrade-codeql-dependencies.py | 47 ++++++++++++++++--- 2 files changed, 41 insertions(+), 7 deletions(-) diff --git a/scripts/upgrade-codeql-dependencies/requirements.txt b/scripts/upgrade-codeql-dependencies/requirements.txt index 009d2dc5aa..55b810e4aa 100644 --- a/scripts/upgrade-codeql-dependencies/requirements.txt +++ b/scripts/upgrade-codeql-dependencies/requirements.txt @@ -4,3 +4,4 @@ idna==3.4 requests==2.31.0 semantic-version==2.10.0 urllib3==1.26.18 +pyyaml==6.0.1 \ No newline at end of file diff --git a/scripts/upgrade-codeql-dependencies/upgrade-codeql-dependencies.py b/scripts/upgrade-codeql-dependencies/upgrade-codeql-dependencies.py index 6c98216ca0..6d0baab609 100644 --- a/scripts/upgrade-codeql-dependencies/upgrade-codeql-dependencies.py +++ b/scripts/upgrade-codeql-dependencies/upgrade-codeql-dependencies.py @@ -1,18 +1,23 @@ import json import requests -from typing import Optional, Dict, List +from typing import Optional, Dict, List, Tuple from semantic_version import Version from pathlib import Path +import yaml SCRIPT_PATH = Path(__file__) -SUPPORTED_VERSIONS_PATH = SCRIPT_PATH.parent.parent.parent / "supported_codeql_configs.json" +CODING_STANDARDS_ROOT = SCRIPT_PATH.parent.parent.parent +SUPPORTED_VERSIONS_PATH = CODING_STANDARDS_ROOT / "supported_codeql_configs.json" -def get_compatible_stdlib(version: Version) -> Optional[str]: +def get_compatible_stdlib(version: Version) -> Optional[Tuple[str, str]]: tag = f"codeql-cli/v{version}" response = requests.get(f"https://raw.githubusercontent.com/github/codeql/{tag}/cpp/ql/lib/qlpack.yml") if response.status_code == 200: - return tag + # Parse the qlpack.yml returned in the response as a yaml file to read the version property + qlpack = yaml.safe_load(response.text) + if qlpack is not None and "version" in qlpack: + return (tag, qlpack["version"]) return None def get_compatible_bundle(version: Version, token: str) -> Optional[str]: @@ -30,8 +35,8 @@ def get_compatible_bundle(version: Version, token: str) -> Optional[str]: def main(cli_version : str, github_token: str) -> None: try: parsed_cli_version = Version(cli_version) - compatible_stdlib = get_compatible_stdlib(parsed_cli_version) - if compatible_stdlib is None: + compatible_stdlib_return = get_compatible_stdlib(parsed_cli_version) + if compatible_stdlib_return is None: print(f"Unable to find compatible standard library for: {parsed_cli_version}") exit(1) compatible_bundle = get_compatible_bundle(parsed_cli_version, github_token) @@ -39,6 +44,8 @@ def main(cli_version : str, github_token: str) -> None: print(f"Unable to find compatible bundle for: {parsed_cli_version}") exit(1) + compatible_stdlib_tag, compatible_stdlib_version = compatible_stdlib_return + with SUPPORTED_VERSIONS_PATH.open("r") as f: supported_versions = json.load(f) @@ -49,10 +56,36 @@ def main(cli_version : str, github_token: str) -> None: supported_env = supported_envs[0] supported_env["codeql_cli"] = str(parsed_cli_version) supported_env["codeql_cli_bundle"] = compatible_bundle - supported_env["codeql_standard_library"] = compatible_stdlib + supported_env["codeql_standard_library"] = compatible_stdlib_tag with SUPPORTED_VERSIONS_PATH.open("w") as f: json.dump(supported_versions, f, indent=2) + + # Find every qlpack.yml file in the repository + qlpack_files = list(CODING_STANDARDS_ROOT.rglob("qlpack.yml")) + # Filter out any files that are in a hidden directory + qlpack_files = [f for f in qlpack_files if not any(part for part in f.parts if part.startswith("."))] + + # Update the "codeql/cpp-all" entries in the "dependencies" property in every qlpack.yml file + updated_qlpacks = [] + for qlpack_file in qlpack_files: + with qlpack_file.open("r") as f: + qlpack = yaml.safe_load(f) + print("Updating dependencies in " + str(qlpack_file)) + if "codeql/cpp-all" in qlpack["dependencies"]: + qlpack["dependencies"]["codeql/cpp-all"] = compatible_stdlib_version + with qlpack_file.open("w") as f: + yaml.safe_dump(qlpack, f) + updated_qlpacks.append(qlpack_file.parent) + + # Call CodeQL to update the lock files by running codeql pack upgrade + # Note: we need to do this after updating all the qlpack files, + # otherwise we may get dependency resolution errors + for qlpack in updated_qlpacks: + print("Updating lock files for " + str(qlpack)) + os.system(f"codeql pack upgrade {qlpack}") + + except ValueError as e: print(e) exit(1) From 4b13ea4fab6093653d72156b2842731cdf2ebcd1 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 3 Oct 2024 23:41:46 +0100 Subject: [PATCH 2050/2573] Upgrade workflow now provides codeql binary on path This enables the python script to update the lock files --- .../workflows/upgrade_codeql_dependencies.yml | 23 ++++++++++--------- 1 file changed, 12 insertions(+), 11 deletions(-) diff --git a/.github/workflows/upgrade_codeql_dependencies.yml b/.github/workflows/upgrade_codeql_dependencies.yml index 73721d5581..34018f9da8 100644 --- a/.github/workflows/upgrade_codeql_dependencies.yml +++ b/.github/workflows/upgrade_codeql_dependencies.yml @@ -20,6 +20,16 @@ jobs: - name: Checkout uses: actions/checkout@v2 + - name: Fetch CodeQL + env: + GITHUB_TOKEN: ${{ github.token }} + RUNNER_TEMP: ${{ runner.temp }} + run: | + cd $RUNNER_TEMP + gh release download "v${CODEQL_CLI_VERSION}" --repo https://github.com/github/codeql-cli-binaries --pattern codeql-linux64.zip + unzip -q codeql-linux64.zip + echo "$RUNNER_TEMP/codeql/" >> $GITHUB_PATH + - name: Install Python uses: actions/setup-python@v4 with: @@ -35,21 +45,12 @@ jobs: run: | python3 scripts/upgrade-codeql-dependencies/upgrade-codeql-dependencies.py --cli-version "$CODEQL_CLI_VERSION" - - name: Fetch CodeQL - env: - GITHUB_TOKEN: ${{ github.token }} - RUNNER_TEMP: ${{ runner.temp }} - run: | - cd $RUNNER_TEMP - gh release download "v${CODEQL_CLI_VERSION}" --repo https://github.com/github/codeql-cli-binaries --pattern codeql-linux64.zip - unzip -q codeql-linux64.zip - - name: Update CodeQL formatting based on new CLI version env: RUNNER_TEMP: ${{ runner.temp }} run: | - find cpp \( -name '*.ql' -or -name '*.qll' \) -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" $RUNNER_TEMP/codeql/codeql query format --in-place - find c \( -name '*.ql' -or -name '*.qll' \) -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" $RUNNER_TEMP/codeql/codeql query format --in-place + find cpp \( -name '*.ql' -or -name '*.qll' \) -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql query format --in-place + find c \( -name '*.ql' -or -name '*.qll' \) -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql query format --in-place - name: Create Pull Request uses: peter-evans/create-pull-request@v3 From 1fe51d596cbf8e360cbf662dab0a40a663c109c6 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 3 Oct 2024 23:42:24 +0100 Subject: [PATCH 2051/2573] Update upgrade documentation Improve the documentation and automatic commit message for upgrades. --- .github/workflows/upgrade_codeql_dependencies.yml | 13 +++++++++++-- docs/development_handbook.md | 14 +++----------- 2 files changed, 14 insertions(+), 13 deletions(-) diff --git a/.github/workflows/upgrade_codeql_dependencies.yml b/.github/workflows/upgrade_codeql_dependencies.yml index 34018f9da8..a978980e11 100644 --- a/.github/workflows/upgrade_codeql_dependencies.yml +++ b/.github/workflows/upgrade_codeql_dependencies.yml @@ -55,8 +55,17 @@ jobs: - name: Create Pull Request uses: peter-evans/create-pull-request@v3 with: - title: "Upgrading `github/codeql` dependency to ${{ github.event.inputs.codeql_cli_version }}" - body: "This PR upgrades the CodeQL CLI version to ${{ github.event.inputs.codeql_cli_version }}." + title: "Upgrade `github/codeql` dependency to ${{ github.event.inputs.codeql_cli_version }}" + body: | + This PR upgrades the CodeQL CLI version to ${{ github.event.inputs.codeql_cli_version }}. + + ## CodeQL dependency upgrade checklist: + + - [ ] Confirm the code has been correctly reformatted according to the new CodeQL CLI. + - [ ] Identify any CodeQL compiler warnings and errors, and update queries as required. + - [ ] Validate that the `github/codeql` test cases succeed. + - [ ] Address any CodeQL test failures in the `github/codeql-coding-standards` repository. + - [ ] Validate performance vs pre-upgrade, using /test-performance commit-message: "Upgrading `github/codeql` dependency to ${{ github.event.inputs.codeql_cli_version }}" delete-branch: true branch: "codeql/upgrade-to-${{ github.event.inputs.codeql_cli_version }}" diff --git a/docs/development_handbook.md b/docs/development_handbook.md index de283bb946..b9f5bd9e74 100644 --- a/docs/development_handbook.md +++ b/docs/development_handbook.md @@ -514,23 +514,15 @@ To upgrade the CodeQL external dependencies: 5. Submit a Pull Request to the `github/codeql-coding-standards` repository with the title `Upgrade `github/codeql` dependency to `. Use this template for the description, filling : ```md - This PR updates the `supported_codeql_configs.json` file to target: - - - CodeQL CLI - - CodeQL Standard Library - - GHES - - CodeQL CLI Bundle - - > - + This PR updates the `supported_codeql_configs.json` file to target CodeQL CLI . ## CodeQL dependency upgrade checklist: - - [ ] Reformat our CodeQL using the latest version (if required) + - [ ] Confirm the code has been correctly reformatted according to the new CodeQL CLI. - [ ] Identify any CodeQL compiler warnings and errors, and update queries as required. - [ ] Validate that the `github/codeql` test cases succeed. - [ ] Address any CodeQL test failures in the `github/codeql-coding-standards` repository. - - [ ] Validate performance vs pre-upgrade + - [ ] Validate performance vs pre-upgrade, using /test-performance ``` 6. Follow the dependency upgrade checklist, confirming each step. The `.github/workflows/standard_library_upgrade_tests.yml` will trigger automation for running the `github/codeql` unit tests with the appropriate CLI version. From 8bd60fb7956882f3b27e7720ae63fff5d6e9e427 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 3 Oct 2024 23:54:58 +0100 Subject: [PATCH 2052/2573] Developer handbook: improve upgrade documentation - Remove reference to GHES, which is no longer required. - Clarify use of the automatic workflow vs. manual workflow --- docs/development_handbook.md | 31 +++++++++++++++++++++++-------- 1 file changed, 23 insertions(+), 8 deletions(-) diff --git a/docs/development_handbook.md b/docs/development_handbook.md index b9f5bd9e74..dc50bf59ff 100644 --- a/docs/development_handbook.md +++ b/docs/development_handbook.md @@ -496,12 +496,11 @@ There are two external dependencies required for running the coding standards qu For the purpose of this repository, and any tool qualification, we consider these external dependencies to be "black boxes" which require verification when upgrading. -To (a) clearly specify the supported versions of these external dependencies and to (b) enable automation around them, the repository contains a `supported_codeql_configs.json` which lists the sets of supported configurations. There are four fields: +To (a) clearly specify the supported versions of these external dependencies and to (b) enable automation around them, the repository contains a `supported_codeql_configs.json` which lists the sets of supported configurations under the `supported_environments` property. There are three fields: - `codeql_cli` - this is the plain version number of the supported CodeQL CLI, e.g. `2.6.3`. - `codeql_standard_library` - this is the name of a tag on the `github.com/github/codeql` repository. The tag should be compatible with the CodeQL CLI given above. This would typically use the `codeql-cli/v` tag for the release, although any tag which is compatible is allowed. - `codeql_cli_bundle` - (optional) - if present, describes the CodeQL CLI bundle version that is compatible. The bundle should include precisely the CodeQL CLI version and CodeQL Standard Library versions specified in the two mandatory fields. -- `ghes` - (optional) - if present describes the GitHub Enterprise Server release whose integrated copy of the CodeQL Action points to the CodeQL CLI bundle specified in the `codeql_cli_bundle` field. #### Upgrading external dependencies @@ -509,9 +508,24 @@ To upgrade the CodeQL external dependencies: 1. Determine appropriate versions of the CodeQL CLI and `github/codeql` repository, according to the release schedule and customer demands. 2. Determine if there is a compatible CodeQL CLI bundle version by looking at the releases specified at [CodeQL Action releases](https://github.com/github/codeql-action/releases). The bundle always includes the standard library at the version specified by the `codeql-cli/v` tag in the `github/codeql` repository. -3. If you find a compatible CodeQL CLI bundle, determine whether that bundle was released in a GitHub Enterprise server release, by inspecting the `defaults.json` file at https://github.com/github/codeql-action/blob/main/lib/defaults.json#L2 for the CodeQL Action submitted with -4. Populated the `supported_codeql_configs.json` file with the given values, ensuring to delete the optional fields if they are not populated. -5. Submit a Pull Request to the `github/codeql-coding-standards` repository with the title `Upgrade `github/codeql` dependency to `. Use this template for the description, filling : + +If all components are being upgraded to a consistent veresion (e.g. CodeQL CLI v2.15.5, with `github/codeql` tag `codeql-cli/v2.15.5` and bundle `codeql-cli-bundle-v2.15.5`) then the following process can be used: + +1. Run the [upgrade_codeql_dependencies.yml](./github/workflows/upgrade_codeql_dependencies.yml) workflow, with the plain version number, e.g. `2.15.5`. This will: + - Download the specified version of the CodeQL CLI + - Run the [upgrade-codeql-dependencies.py](scripts/release/upgrade-codeql-dependencies.py) script, which + - Validates the version selected exists in all relevant places + - Updates the `supported_codeql_configs.json` file. + - Updates each `qlpack.yml` in the repository with an appropriate value for the `codeql/cpp-all` pack, consistent with the selected CodeQL CLI version. + - Updates each `codeql-lock.yml` file to upgrade to the new version. +2. Follow the dependency upgrade checklist, confirming each step. The `.github/workflows/standard_library_upgrade_tests.yml` will trigger automation for running the `github/codeql` unit tests with the appropriate CLI version. +3. Once all the automate tests have passed, and the checklist is complete, the PR can be merged. +4. An internal notification should be shared with the development team. + +If the upgrade is of mismatched versions you will need to manually create the upgrade following this process: + +1. Populate the `supported_codeql_configs.json` file with the given values, ensuring to delete the optional fields if they are not populated. +2. Submit a Pull Request to the `github/codeql-coding-standards` repository with the title `Upgrade `github/codeql` dependency to `. Use this template for the description, filling: ```md This PR updates the `supported_codeql_configs.json` file to target CodeQL CLI . @@ -525,9 +539,10 @@ To upgrade the CodeQL external dependencies: - [ ] Validate performance vs pre-upgrade, using /test-performance ``` -6. Follow the dependency upgrade checklist, confirming each step. The `.github/workflows/standard_library_upgrade_tests.yml` will trigger automation for running the `github/codeql` unit tests with the appropriate CLI version. -7. Once all the automate tests have passed, and the checklist is complete, the PR can be merged. -8. An internal notification should be shared with the development team. +3. Follow the dependency upgrade checklist, confirming each step. The `.github/workflows/standard_library_upgrade_tests.yml` will trigger automation for running the `github/codeql` unit tests with the appropriate CLI version. +4. Once all the automate tests have passed, and the checklist is complete, the PR can be merged. +5. An internal notification should be shared with the development team. + ### Release process From 6e89bb14c19a74284522fafd7f7280397a29b40e Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 3 Oct 2024 23:55:46 +0100 Subject: [PATCH 2053/2573] Upgrade CodeQL - ensure minimal changes to qlpacks.yml Ensure the qlpack.yml files are written out in the same order they were read. --- .../upgrade-codeql-dependencies/upgrade-codeql-dependencies.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/upgrade-codeql-dependencies/upgrade-codeql-dependencies.py b/scripts/upgrade-codeql-dependencies/upgrade-codeql-dependencies.py index 6d0baab609..ab947f0ef2 100644 --- a/scripts/upgrade-codeql-dependencies/upgrade-codeql-dependencies.py +++ b/scripts/upgrade-codeql-dependencies/upgrade-codeql-dependencies.py @@ -75,7 +75,7 @@ def main(cli_version : str, github_token: str) -> None: if "codeql/cpp-all" in qlpack["dependencies"]: qlpack["dependencies"]["codeql/cpp-all"] = compatible_stdlib_version with qlpack_file.open("w") as f: - yaml.safe_dump(qlpack, f) + yaml.safe_dump(qlpack, f, sort_keys=False) updated_qlpacks.append(qlpack_file.parent) # Call CodeQL to update the lock files by running codeql pack upgrade From e00e4501ee88fde0f5a6db34bfc578f4608c5e43 Mon Sep 17 00:00:00 2001 From: Fernando Jose Date: Fri, 4 Oct 2024 12:56:48 +0900 Subject: [PATCH 2054/2573] Fix(common/cpp): useless assignment false positive on constexpr array size. --- change_notes/2024-10-04-fix-constexpr-arr-size-fp-a0-1-1.md | 2 ++ .../src/codingstandards/cpp/deadcode/UselessAssignments.qll | 5 ++++- 2 files changed, 6 insertions(+), 1 deletion(-) create mode 100644 change_notes/2024-10-04-fix-constexpr-arr-size-fp-a0-1-1.md diff --git a/change_notes/2024-10-04-fix-constexpr-arr-size-fp-a0-1-1.md b/change_notes/2024-10-04-fix-constexpr-arr-size-fp-a0-1-1.md new file mode 100644 index 0000000000..184efa9462 --- /dev/null +++ b/change_notes/2024-10-04-fix-constexpr-arr-size-fp-a0-1-1.md @@ -0,0 +1,2 @@ +- `A0-1-1` - `UselessAssignments.qll`: + - Remove (dead code) useless assignment false positive when integer constant expression is used to define the size of an array. diff --git a/cpp/common/src/codingstandards/cpp/deadcode/UselessAssignments.qll b/cpp/common/src/codingstandards/cpp/deadcode/UselessAssignments.qll index 465b023f3f..031ad2aa7c 100644 --- a/cpp/common/src/codingstandards/cpp/deadcode/UselessAssignments.qll +++ b/cpp/common/src/codingstandards/cpp/deadcode/UselessAssignments.qll @@ -3,6 +3,7 @@ */ import cpp +import codingstandards.cpp.deadcode.UnusedVariables import codingstandards.cpp.enhancements.ControlFlowGraphEnhancements /** If a variable may escape from the local context */ @@ -47,7 +48,9 @@ class InterestingStackVariable extends StackVariable { // Ignore variables in uninstantiated templates not this.isFromUninstantiatedTemplate(_) and // Ignore compiler generated variables, such as those generated for range based for loops - not this.isCompilerGenerated() + not this.isCompilerGenerated() and + // Explicitly ignore (propagated) constants that may be used to define sizes of local arrays + not countUsesInLocalArraySize(this) > 0 } } From 6278a0948974f2058c46456f475bcdf206a1761d Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 4 Oct 2024 10:23:24 +0100 Subject: [PATCH 2055/2573] Upgrade GitHub Actions versions Upgrade to versions which use a more recent node. --- .github/workflows/upgrade_codeql_dependencies.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/upgrade_codeql_dependencies.yml b/.github/workflows/upgrade_codeql_dependencies.yml index a978980e11..b2be95a055 100644 --- a/.github/workflows/upgrade_codeql_dependencies.yml +++ b/.github/workflows/upgrade_codeql_dependencies.yml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Fetch CodeQL env: @@ -31,7 +31,7 @@ jobs: echo "$RUNNER_TEMP/codeql/" >> $GITHUB_PATH - name: Install Python - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: python-version: "3.9" @@ -53,7 +53,7 @@ jobs: find c \( -name '*.ql' -or -name '*.qll' \) -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql query format --in-place - name: Create Pull Request - uses: peter-evans/create-pull-request@v3 + uses: peter-evans/create-pull-request@v7 with: title: "Upgrade `github/codeql` dependency to ${{ github.event.inputs.codeql_cli_version }}" body: | From 51e4d9534f0ccadc8d80ccfbd0b3ed329f3fd2b2 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 4 Oct 2024 10:27:18 +0100 Subject: [PATCH 2056/2573] Use pinned commit to avoid supply chain injection --- .github/workflows/upgrade_codeql_dependencies.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/upgrade_codeql_dependencies.yml b/.github/workflows/upgrade_codeql_dependencies.yml index b2be95a055..841b78fcd6 100644 --- a/.github/workflows/upgrade_codeql_dependencies.yml +++ b/.github/workflows/upgrade_codeql_dependencies.yml @@ -53,7 +53,7 @@ jobs: find c \( -name '*.ql' -or -name '*.qll' \) -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql query format --in-place - name: Create Pull Request - uses: peter-evans/create-pull-request@v7 + uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f # v7.0.5 with: title: "Upgrade `github/codeql` dependency to ${{ github.event.inputs.codeql_cli_version }}" body: | From 6da5c4d051489348935a9e47ed980733e62931da Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 4 Oct 2024 11:11:08 +0100 Subject: [PATCH 2057/2573] Address whitespace issues --- c/misra/src/codeql-suites/misra-default.qls | 2 +- change_notes/2024-10-03-misra-c-query-suites.md | 3 +-- cpp/misra/src/codeql-suites/misra-default.qls | 2 +- cpp/misra/src/codeql-suites/misra-single-translation-unit.qls | 2 +- 4 files changed, 4 insertions(+), 5 deletions(-) diff --git a/c/misra/src/codeql-suites/misra-default.qls b/c/misra/src/codeql-suites/misra-default.qls index 66a0161628..e645bb1545 100644 --- a/c/misra/src/codeql-suites/misra-default.qls +++ b/c/misra/src/codeql-suites/misra-default.qls @@ -1,2 +1,2 @@ - description: "DEPRECATED - MISRA C 2012 - use misra-c-default.qls instead" -- import: codeql-suites/misra-c-default.qls \ No newline at end of file +- import: codeql-suites/misra-c-default.qls diff --git a/change_notes/2024-10-03-misra-c-query-suites.md b/change_notes/2024-10-03-misra-c-query-suites.md index cdc6982673..c60aac8941 100644 --- a/change_notes/2024-10-03-misra-c-query-suites.md +++ b/change_notes/2024-10-03-misra-c-query-suites.md @@ -1,8 +1,7 @@ - The following query suites have been added or modified for MISRA C: - A new query suite has been created `misra-c-default.qls` to avoid confusion with the MISRA C++ query suites. The `misra-default.qls` suite has been deprecated, and will be removed in a future releases, and is replaced by the `misra-c-default.qls` suite. - The `misra-c-default.qls` suite has been specified as the default for the pack, and will include our most up-to-date coverage for MISRA C. - - A new query suite `misra-c-2012-third-edition-with-amendment-2.qls` has been created to represent our previous MISRA C coverage. Note: this query suite will run the rules that were present in MISRA C 2012, Third Edition, First Revision and Amendment 2. The interpretation of those - rules may be updated to reflect changes in more recent MISRA standards. + - A new query suite `misra-c-2012-third-edition-with-amendment-2.qls` has been created to represent our previous MISRA C coverage. Note: this query suite will run the rules that were present in MISRA C 2012, Third Edition, First Revision and Amendment 2. The interpretation of those rules may be updated to reflect changes in more recent MISRA standards. - Three new query suites, `misra-c-mandatory.qls`, `misra-c-required.qls` and `misra-c-advisory.qls`, have been added to enable running mandatory, required or advisory queries. - The following query suites have been added or modified for MISRA C++: - A new query suite has been created `misra-cpp-default.qls` to avoid confusion with the MISRA C query suites. The `misra-default.qls` suite has been deprecated, and will be removed in a future releases, and is replaced by the `misra-cpp-default.qls` suite. diff --git a/cpp/misra/src/codeql-suites/misra-default.qls b/cpp/misra/src/codeql-suites/misra-default.qls index 8609e3df64..3c205157cd 100644 --- a/cpp/misra/src/codeql-suites/misra-default.qls +++ b/cpp/misra/src/codeql-suites/misra-default.qls @@ -1,2 +1,2 @@ - description: "DEPRECATED - MISRA C++ 2023 - use misra-cpp-default.qls instead" -- import: codeql-suites/misra-cpp-default.qls \ No newline at end of file +- import: codeql-suites/misra-cpp-default.qls diff --git a/cpp/misra/src/codeql-suites/misra-single-translation-unit.qls b/cpp/misra/src/codeql-suites/misra-single-translation-unit.qls index 0351768470..9dcd3f0c97 100644 --- a/cpp/misra/src/codeql-suites/misra-single-translation-unit.qls +++ b/cpp/misra/src/codeql-suites/misra-single-translation-unit.qls @@ -1,2 +1,2 @@ - description: "DEPRECATED - MISRA C++ 2023 (Single Translation Unit) - use misra-cpp-single-translation-unit.qls instead" -- import: codeql-suites/misra-cpp-single-translation-unit.qls \ No newline at end of file +- import: codeql-suites/misra-cpp-single-translation-unit.qls From 5497cfafca5f671db2221dfa659e4719ebbc4b3e Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 4 Oct 2024 11:41:23 +0100 Subject: [PATCH 2058/2573] Update NoReturn.json with MISRA C 2012 tags --- rule_packages/c/NoReturn.json | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/rule_packages/c/NoReturn.json b/rule_packages/c/NoReturn.json index 49cdb4c255..f485060095 100644 --- a/rule_packages/c/NoReturn.json +++ b/rule_packages/c/NoReturn.json @@ -12,7 +12,10 @@ "precision": "very-high", "severity": "recommendation", "short_name": "NonVoidReturnTypeOfNoreturnFunction", - "tags": ["correctness"] + "tags": [ + "correctness", + "external/misra/c/2012/amendment3" + ] } ], "title": "A function declared with _noreturn shall have a return type of void" @@ -29,7 +32,10 @@ "precision": "very-high", "severity": "recommendation", "short_name": "FunctionWithNoReturningBranchShouldBeNoreturn", - "tags": ["correctness"] + "tags": [ + "correctness", + "external/misra/c/2012/amendment3" + ] } ], "title": "A function without a branch that returns shall be declared with _Noreturn" @@ -46,7 +52,10 @@ "precision": "very-high", "severity": "error", "short_name": "ReturnStatementInNoreturnFunction", - "tags": ["correctness"], + "tags": [ + "correctness", + "external/misra/c/2012/amendment3" + ], "shared_implementation_short_name": "FunctionNoReturnAttributeCondition" } ], From 4b9e9fdd18b905fd455dae9028fefcc512316eb8 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 4 Oct 2024 11:41:40 +0100 Subject: [PATCH 2059/2573] Check MISRA C 2012 rules have MISRA C 2012 tags Needed to specify which amendment or rule set they come from. --- scripts/verify_rule_package_consistency.py | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/scripts/verify_rule_package_consistency.py b/scripts/verify_rule_package_consistency.py index 7d111e81bc..1f3ab337b4 100644 --- a/scripts/verify_rule_package_consistency.py +++ b/scripts/verify_rule_package_consistency.py @@ -100,6 +100,11 @@ print( f" - ERROR: Rule {rule_id} included in {package_name}.json but not marked as supportable in rules.csv.") failed = True + for query in rule_details["queries"]: + if standard_name == "MISRA-C-2012" and not any(tag for tag in query["tags"] if tag.startswith("external/misra/c/2012/")): + print( + f" - ERROR: MISRA C 2012 query {query["name"]} for Rule {rule_id} in {package_name}.json is missing a `external/misra/c/2012/...` tag.") + failed = True rules_csv_rule_ids = package_rules_from_csv[package_name] json_missing_rules = rules_csv_rule_ids.difference(package_json_rule_ids) From aab6e177af7431fd6c1c4ac5b882e5bc3a3196e2 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 4 Oct 2024 11:41:40 +0100 Subject: [PATCH 2060/2573] Check MISRA C 2012 tags are not on other rules --- scripts/verify_rule_package_consistency.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/scripts/verify_rule_package_consistency.py b/scripts/verify_rule_package_consistency.py index 1f3ab337b4..57caee8bb8 100644 --- a/scripts/verify_rule_package_consistency.py +++ b/scripts/verify_rule_package_consistency.py @@ -103,7 +103,11 @@ for query in rule_details["queries"]: if standard_name == "MISRA-C-2012" and not any(tag for tag in query["tags"] if tag.startswith("external/misra/c/2012/")): print( - f" - ERROR: MISRA C 2012 query {query["name"]} for Rule {rule_id} in {package_name}.json is missing a `external/misra/c/2012/...` tag.") + f" - ERROR: MISRA C 2012 query {query["short_name"]}.ql for Rule {rule_id} in {package_name}.json is missing a `external/misra/c/2012/...` tag.") + failed = True + if not standard_name == "MISRA-C-2012" and any(tag for tag in query["tags"] if tag.startswith("external/misra/c/2012/")): + print( + f" - ERROR: {standard_name} query {query["short_name"]}.ql for Rule {rule_id} in {package_name}.json has a spurious `external/misra/c/2012/...` tag.") failed = True rules_csv_rule_ids = package_rules_from_csv[package_name] From 7cc5b574fa734ec48f8c998c4e0dfbe5562c0cfb Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 4 Oct 2024 11:56:21 +0100 Subject: [PATCH 2061/2573] Upgrade all qlpacks Otherwise the lock files may not be updated for packs which transitively depend on codeql/cpp-all --- .../upgrade-codeql-dependencies.py | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/scripts/upgrade-codeql-dependencies/upgrade-codeql-dependencies.py b/scripts/upgrade-codeql-dependencies/upgrade-codeql-dependencies.py index ab947f0ef2..f6ab6aa383 100644 --- a/scripts/upgrade-codeql-dependencies/upgrade-codeql-dependencies.py +++ b/scripts/upgrade-codeql-dependencies/upgrade-codeql-dependencies.py @@ -67,7 +67,6 @@ def main(cli_version : str, github_token: str) -> None: qlpack_files = [f for f in qlpack_files if not any(part for part in f.parts if part.startswith("."))] # Update the "codeql/cpp-all" entries in the "dependencies" property in every qlpack.yml file - updated_qlpacks = [] for qlpack_file in qlpack_files: with qlpack_file.open("r") as f: qlpack = yaml.safe_load(f) @@ -76,12 +75,14 @@ def main(cli_version : str, github_token: str) -> None: qlpack["dependencies"]["codeql/cpp-all"] = compatible_stdlib_version with qlpack_file.open("w") as f: yaml.safe_dump(qlpack, f, sort_keys=False) - updated_qlpacks.append(qlpack_file.parent) # Call CodeQL to update the lock files by running codeql pack upgrade # Note: we need to do this after updating all the qlpack files, # otherwise we may get dependency resolution errors - for qlpack in updated_qlpacks: + # Note: we need to update all qlpack files, because they may + # transitively depend on the packs we changed + for qlpack_file in qlpack_files: + qlpack = qlpack.parent print("Updating lock files for " + str(qlpack)) os.system(f"codeql pack upgrade {qlpack}") From cbc63883d7b82c28b7166b7b106d3cfcc3c61563 Mon Sep 17 00:00:00 2001 From: Nicolas Will Date: Fri, 4 Oct 2024 13:29:03 +0200 Subject: [PATCH 2062/2573] Update c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.expected --- .../rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.expected | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.expected b/c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.expected index d0303f9a7f..0e2cbb26ee 100644 --- a/c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.expected +++ b/c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.expected @@ -23,7 +23,7 @@ | test.c:182:8:182:11 | gf19 | Empty structures are a compiler extension and are not portable to other compilers. | | test.c:216:9:216:10 | definition of x1 | Zero length arrays are a compiler extension and are not portable to other compilers. | | test.c:266:16:266:21 | access | Use of attribute 'access' is a compiler extension and is not portable to other compilers. | -| test.c:270:5:270:9 | alias | Use of attribute 'alias' is a compiler extension and is not portable to other compilers. | +| test.c:269:27:269:31 | alias | Use of attribute 'alias' is a compiler extension and is not portable to other compilers. | | test.c:272:23:272:29 | aligned | Use of attribute 'aligned' is a compiler extension and is not portable to other compilers. | | test.c:283:25:283:34 | deprecated | Use of attribute 'deprecated' is a compiler extension and is not portable to other compilers. | | test.c:295:20:295:30 | fallthrough | Use of attribute 'fallthrough' is a compiler extension and is not portable to other compilers. | From 9b1667ed924ca28ad54139ad015ab702fb67aa2f Mon Sep 17 00:00:00 2001 From: Tom Hvitved Date: Fri, 4 Oct 2024 14:38:07 +0200 Subject: [PATCH 2063/2573] Fix `isDeviated` predicate --- .../cpp/deviations/Deviations.qll | 27 ++++++++++--------- 1 file changed, 15 insertions(+), 12 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll b/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll index 403a5b61c6..99b9a33fe6 100644 --- a/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll +++ b/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll @@ -363,20 +363,23 @@ class DeviationRecord extends XmlElement { result.getRelativePath() = getAChild("paths").getAChild("paths-entry").getTextValue() } + private string getADeviationPath0() { + if exists(getPathAContainer()) + then + // Use the path, which will be relative to this file, if specified + result = getPathAContainer().getRelativePath() + else ( + // Otherwise, if no code identifier was supplied, it applies to the parent container of the + // file itself + not exists(getCodeIdentifier()) and + result = this.getFile().getParentContainer().getRelativePath() + ) + } + /** Gets a path to which this deviation applies. */ string getADeviationPath() { exists(string res | - if exists(getPathAContainer()) - then - // Use the path, which will be relative to this file, if specified - res = getPathAContainer().getRelativePath() - else ( - // Otherwise, if no code identifier was supplied, it applies to the parent container of the - // file itself - not exists(getCodeIdentifier()) and - res = this.getFile().getParentContainer().getRelativePath() - ) - | + res = getADeviationPath0() and if res = "" then result = "(root)" else result = res ) } @@ -384,6 +387,6 @@ class DeviationRecord extends XmlElement { cached predicate isDeviated(Query query, string deviationPath) { query = getQuery() and - deviationPath = getADeviationPath() + deviationPath = getADeviationPath0() } } From 61e7c6da6f98d0933477674b52c25828df2c2283 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 4 Oct 2024 14:17:40 +0100 Subject: [PATCH 2064/2573] Fix typo --- .../upgrade-codeql-dependencies/upgrade-codeql-dependencies.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/upgrade-codeql-dependencies/upgrade-codeql-dependencies.py b/scripts/upgrade-codeql-dependencies/upgrade-codeql-dependencies.py index f6ab6aa383..c76303e654 100644 --- a/scripts/upgrade-codeql-dependencies/upgrade-codeql-dependencies.py +++ b/scripts/upgrade-codeql-dependencies/upgrade-codeql-dependencies.py @@ -82,7 +82,7 @@ def main(cli_version : str, github_token: str) -> None: # Note: we need to update all qlpack files, because they may # transitively depend on the packs we changed for qlpack_file in qlpack_files: - qlpack = qlpack.parent + qlpack = qlpack_file.parent print("Updating lock files for " + str(qlpack)) os.system(f"codeql pack upgrade {qlpack}") From 0f89f16c2cd404ed21ec2c2b84ba7e93532a9b82 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 4 Oct 2024 14:31:41 +0100 Subject: [PATCH 2065/2573] Avoid confusion over double quotes in double quotes --- scripts/verify_rule_package_consistency.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/verify_rule_package_consistency.py b/scripts/verify_rule_package_consistency.py index 57caee8bb8..034e367db2 100644 --- a/scripts/verify_rule_package_consistency.py +++ b/scripts/verify_rule_package_consistency.py @@ -103,11 +103,11 @@ for query in rule_details["queries"]: if standard_name == "MISRA-C-2012" and not any(tag for tag in query["tags"] if tag.startswith("external/misra/c/2012/")): print( - f" - ERROR: MISRA C 2012 query {query["short_name"]}.ql for Rule {rule_id} in {package_name}.json is missing a `external/misra/c/2012/...` tag.") + f' - ERROR: MISRA C 2012 query {query["short_name"]}.ql for Rule {rule_id} in {package_name}.json is missing a `external/misra/c/2012/...` tag.') failed = True if not standard_name == "MISRA-C-2012" and any(tag for tag in query["tags"] if tag.startswith("external/misra/c/2012/")): print( - f" - ERROR: {standard_name} query {query["short_name"]}.ql for Rule {rule_id} in {package_name}.json has a spurious `external/misra/c/2012/...` tag.") + f' - ERROR: {standard_name} query {query["short_name"]}.ql for Rule {rule_id} in {package_name}.json has a spurious `external/misra/c/2012/...` tag.') failed = True rules_csv_rule_ids = package_rules_from_csv[package_name] From 893231056dc2b91e753748825352284ffc9aa88e Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 4 Oct 2024 14:53:17 +0100 Subject: [PATCH 2066/2573] Add tags to queries --- .../src/rules/RULE-17-10/NonVoidReturnTypeOfNoreturnFunction.ql | 1 + .../RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.ql | 1 + c/misra/src/rules/RULE-17-9/ReturnStatementInNoreturnFunction.ql | 1 + 3 files changed, 3 insertions(+) diff --git a/c/misra/src/rules/RULE-17-10/NonVoidReturnTypeOfNoreturnFunction.ql b/c/misra/src/rules/RULE-17-10/NonVoidReturnTypeOfNoreturnFunction.ql index 68c5faeb1b..1e32793c3f 100644 --- a/c/misra/src/rules/RULE-17-10/NonVoidReturnTypeOfNoreturnFunction.ql +++ b/c/misra/src/rules/RULE-17-10/NonVoidReturnTypeOfNoreturnFunction.ql @@ -8,6 +8,7 @@ * @problem.severity recommendation * @tags external/misra/id/rule-17-10 * correctness + * external/misra/c/2012/amendment3 * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.ql b/c/misra/src/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.ql index 90cb1af7c2..4dd939effe 100644 --- a/c/misra/src/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.ql +++ b/c/misra/src/rules/RULE-17-11/FunctionWithNoReturningBranchShouldBeNoreturn.ql @@ -7,6 +7,7 @@ * @problem.severity recommendation * @tags external/misra/id/rule-17-11 * correctness + * external/misra/c/2012/amendment3 * external/misra/obligation/advisory */ diff --git a/c/misra/src/rules/RULE-17-9/ReturnStatementInNoreturnFunction.ql b/c/misra/src/rules/RULE-17-9/ReturnStatementInNoreturnFunction.ql index 360be01b7c..dedac9da9e 100644 --- a/c/misra/src/rules/RULE-17-9/ReturnStatementInNoreturnFunction.ql +++ b/c/misra/src/rules/RULE-17-9/ReturnStatementInNoreturnFunction.ql @@ -7,6 +7,7 @@ * @problem.severity error * @tags external/misra/id/rule-17-9 * correctness + * external/misra/c/2012/amendment3 * external/misra/obligation/mandatory */ From 46d09db02ea2ce17a6a6996039dddb9a969592dd Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Tue, 24 Sep 2024 10:32:11 -0700 Subject: [PATCH 2067/2573] First pass on 17-12, 17-13, both facing extractor issues. --- .../FunctionAddressesShouldAddressOperator.ql | 83 ++++++++++ .../DisallowedFunctionTypeQualifier.ql | 147 ++++++++++++++++++ ...ionAddressesShouldAddressOperator.expected | 18 +++ ...nctionAddressesShouldAddressOperator.qlref | 1 + c/misra/test/rules/RULE-17-12/test.c | 106 +++++++++++++ .../DisallowedFunctionTypeQualifier.expected | 1 + .../DisallowedFunctionTypeQualifier.qlref | 1 + c/misra/test/rules/RULE-17-13/test.c | 56 +++++++ .../cpp/exclusions/c/FunctionTypes.qll | 44 ++++++ .../cpp/exclusions/c/RuleMetadata.qll | 3 + rule_packages/c/FunctionTypes.json | 42 +++++ 11 files changed, 502 insertions(+) create mode 100644 c/misra/src/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.ql create mode 100644 c/misra/src/rules/RULE-17-13/DisallowedFunctionTypeQualifier.ql create mode 100644 c/misra/test/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.expected create mode 100644 c/misra/test/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.qlref create mode 100644 c/misra/test/rules/RULE-17-12/test.c create mode 100644 c/misra/test/rules/RULE-17-13/DisallowedFunctionTypeQualifier.expected create mode 100644 c/misra/test/rules/RULE-17-13/DisallowedFunctionTypeQualifier.qlref create mode 100644 c/misra/test/rules/RULE-17-13/test.c create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/FunctionTypes.qll create mode 100644 rule_packages/c/FunctionTypes.json diff --git a/c/misra/src/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.ql b/c/misra/src/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.ql new file mode 100644 index 0000000000..4c3386c68b --- /dev/null +++ b/c/misra/src/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.ql @@ -0,0 +1,83 @@ +/** + * @id c/misra/function-addresses-should-address-operator + * @name RULE-17-12: A function identifier should only be called with a parenthesized parameter list or used with a & + * @description A function identifier should only be called with a parenthesized parameter list or + * used with a & (address-of). + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-17-12 + * readability + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.c.misra + +abstract class AddressOfFunction extends Expr { + abstract predicate isImplicitlyAddressed(); + + abstract string getFuncName(); +} + +class FunctionTypeAccess extends FunctionAccess, AddressOfFunction { + + predicate isImmediatelyParenthesized() { + exists(ParenthesisExpr parens | parens.getExpr() = this) + } + + predicate isExplicitlyAddressed() { + getParent() instanceof AddressOfExpr and + not isImmediatelyParenthesized() + } + + override predicate isImplicitlyAddressed() { + not isExplicitlyAddressed() + } + + override string getFuncName() { + result = getTarget().getName() + } +} + +/* +class IndirectFunctionCall extends FunctionCall, AddressOfFunction { + override predicate isImplicitlyAddressed() { + getConversion+() instanceof ParenthesisExpr + } + + override string getFuncName() { + result = getTarget().getName() + } +} + */ + +class MacroArgTakesFunction extends AddressOfFunction { + MacroInvocation m; + MacroArgTakesFunction() { + m.getExpr() = this + } + + override predicate isImplicitlyAddressed() { + any() + } + + string getProp() { + result = m.getExpandedArgument(_) + and this.get + } + + override string getFuncName() { + result = "a macro argument" + } + +} + +from AddressOfFunction funcAddr +where + not isExcluded(funcAddr, FunctionTypesPackage::functionAddressesShouldAddressOperatorQuery()) and + //not funcAccess.isImmediatelyCalled() and + //not funcAccess.isExplicitlyAddressed() + funcAddr.isImplicitlyAddressed() +select + funcAddr, "The address of function " + funcAddr.getFuncName() + " is taken without the & operator." \ No newline at end of file diff --git a/c/misra/src/rules/RULE-17-13/DisallowedFunctionTypeQualifier.ql b/c/misra/src/rules/RULE-17-13/DisallowedFunctionTypeQualifier.ql new file mode 100644 index 0000000000..a40dadef6c --- /dev/null +++ b/c/misra/src/rules/RULE-17-13/DisallowedFunctionTypeQualifier.ql @@ -0,0 +1,147 @@ +/** + * @id c/misra/disallowed-function-type-qualifier + * @name RULE-17-13: A function type shall not include any type qualifiers (const, volatile, restrict, or _Atomic) + * @description The behavior of type qualifiers on a function type is undefined. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-17-13 + * correctness + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +//from DeclarationEntry decl, Type type //, Specifier specifier +//where +// not isExcluded(decl, FunctionTypesPackage::disallowedFunctionTypeQualifierQuery()) and +// //decl.getType() instanceof FunctionPointerType and +// //decl.getType().(FunctionPointerType).hasSpecifier(specifier) +// (type = decl.getType().getUnderlyingType*() +// or type = decl.getType()) +// and +// //specifier = type.getASpecifier() +// any() +//select decl, type //, specifier // "The behavior of type qualifier " + specifier + " on a function type is undefined." + +newtype TDeclaredFunction = + TFunctionDeclaration(Declaration declaration) + +abstract class DeclaredFunction extends TDeclaredFunction { + abstract string toString(); +} + +predicate isConstFunction(Type type) { + (type.getASpecifier().getName() = "const" + or type.isConst()) + and isFunctionType(type) + or isConstFunction(type.getUnderlyingType()) +} + +predicate isFunctionType(Type type) { + type instanceof FunctionPointerType + or isFunctionType(type.getUnderlyingType()) +} + +predicate declaresConstFunction(DeclarationEntry entry) { + (entry.getDeclaration().getASpecifier().getName() = "const" + and isFunctionType(entry.getType())) + or isConstFunction(entry.getType()) +} + +class QualifiableRoutineType extends RoutineType, QualifiableType { + override string explainQualifiers() { + result = "func{" + + specifiersOf(this) + this.getReturnType().(QualifiableType).explainQualifiers() + + " (" + + paramString(0) + + ")}" + } + + string paramString(int i) { + i = 0 and result = "" and not exists(this.getAParameterType()) + or + ( + if i < max(int j | exists(this.getParameterType(j))) + then + // Not the last one + result = this.getParameterType(i).(QualifiableType).explainQualifiers() + "," + this.paramString(i + 1) + else + // Last parameter + result = this.getParameterType(i).(QualifiableType).explainQualifiers() + ) + } +} + +class QualifiableIntType extends IntType, QualifiableType { + override string explainQualifiers() { + result = specifiersOf(this) + " " + this.toString() + } +} + +class QualifiablePointerType extends PointerType, QualifiableType { + override string explainQualifiers() { + result = "{" + + specifiersOf(this) + + " pointer to " + + this.getBaseType().(QualifiableType).explainQualifiers() + + "}" + } +} + +class QualifiableType extends Type { + string explainQualifiers() { + result = "Unimplemented explainQualifiers for type(s): " + concat(string s | s = getAQlClass() | s, ",") + } +} + +class QualifiableTypedefType extends TypedefType, QualifiableType { + override string explainQualifiers() { + result = "{ typedef " + + specifiersOf(this) + + " " + + this.getBaseType().(QualifiableType).explainQualifiers() + + "}" + } +} + +class QualifiableSpecifiedType extends SpecifiedType, QualifiableType { + override string explainQualifiers() { + result = "{" + + specifiersOf(this) + + " " + + this.getBaseType().(QualifiableType).explainQualifiers() + + "}" + } +} + +string typeString(Type t) { + //if + // t instanceof CTypedefType + // then result = t.(CTypedefType).explain() + "specs:" + specifiersOf(t.(CTypedefType).getBaseType()) + "/" + typeString(t.(CTypedefType).getBaseType()) + // else + //result = concat(string s | s = t.getAQlClass() | s, ",") + result = t.(QualifiableType).explainQualifiers() +} + +string specifiersOf(Type t) { + result = concat(Specifier s | s = t.getASpecifier()| s.getName(), ", ") +} + +string declSpecifiersOf(Declaration d) { + result = concat(Specifier s | s = d.getASpecifier()| s.getName(), ", ") +} + +string underlying(Type t) { + exists(Type u | u = t.getUnderlyingType() | result = u.toString()) + or result = "[no underlying]" + +} + +from DeclarationEntry entry +select entry, entry.getType(), typeString(entry.getType()), declSpecifiersOf(entry.getDeclaration()), specifiersOf(entry.getType()) + +//from Type t +//where any()//isFunctionType(t) +//select t, specifiersOf(t), underlying(t) \ No newline at end of file diff --git a/c/misra/test/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.expected b/c/misra/test/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.expected new file mode 100644 index 0000000000..1cc92e95e1 --- /dev/null +++ b/c/misra/test/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.expected @@ -0,0 +1,18 @@ +| test.c:15:25:15:29 | func2 | The address of function func2 is taken without the & operator. | +| test.c:16:27:16:31 | func3 | The address of function func3 is taken without the & operator. | +| test.c:22:16:22:20 | func1 | The address of function func1 is taken without the & operator. | +| test.c:38:5:38:9 | func1 | The address of function func1 is taken without the & operator. | +| test.c:39:5:39:9 | func2 | The address of function func2 is taken without the & operator. | +| test.c:47:7:47:11 | func1 | The address of function func1 is taken without the & operator. | +| test.c:48:7:48:11 | func2 | The address of function func2 is taken without the & operator. | +| test.c:57:15:57:19 | func1 | The address of function func1 is taken without the & operator. | +| test.c:58:23:58:27 | func2 | The address of function func2 is taken without the & operator. | +| test.c:59:15:59:19 | func1 | The address of function func1 is taken without the & operator. | +| test.c:59:22:59:26 | func2 | The address of function func2 is taken without the & operator. | +| test.c:67:13:67:17 | func1 | The address of function func1 is taken without the & operator. | +| test.c:68:14:68:18 | func1 | The address of function func1 is taken without the & operator. | +| test.c:69:14:69:18 | func1 | The address of function func1 is taken without the & operator. | +| test.c:71:20:71:24 | func1 | The address of function func1 is taken without the & operator. | +| test.c:72:20:72:24 | func1 | The address of function func1 is taken without the & operator. | +| test.c:76:20:76:24 | func1 | The address of function func1 is taken without the & operator. | +| test.c:77:20:77:24 | func1 | The address of function func1 is taken without the & operator. | diff --git a/c/misra/test/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.qlref b/c/misra/test/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.qlref new file mode 100644 index 0000000000..f0a4753620 --- /dev/null +++ b/c/misra/test/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.qlref @@ -0,0 +1 @@ +rules/RULE-17-12/FunctionAddressesShouldAddressOperator.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-17-12/test.c b/c/misra/test/rules/RULE-17-12/test.c new file mode 100644 index 0000000000..1c580f917e --- /dev/null +++ b/c/misra/test/rules/RULE-17-12/test.c @@ -0,0 +1,106 @@ +void func1() {} +void func2(int x, char* y) {} + +typedef struct {} s; + +int func3() { + return 0; +} + +typedef void (*func_ptr_t1)(); +typedef void (*func_ptr_t2)(int x, char* y); +typedef s (*func_ptr_t3)(); + +func_ptr_t1 func_ptr1 = &func1; // COMPLIANT +func_ptr_t2 func_ptr2 = func2; // NON-COMPLIANT +func_ptr_t3 func_ptr3 = &(func3); // NON-COMPLIANT + +void take_func(func_ptr_t1 f1, func_ptr_t2 f2); + +func_ptr_t1 returns_func(int x) { + if (x == 0) { + return func1; // NON-COMPLIANT + } else if (x == 1) { + return &func1; // COMPLIANT + } + + return returns_func(0); // COMPLIANT +} + +#define MACRO_IDENTITY(f) (f) +#define MACRO_INVOKE_RISKY(f) (f()) +#define MACRO_INVOKE_IMPROVED(f) ((f)()) + +void test() { + func1(); // COMPLIANT + func2(1, "hello"); // COMPLIANT + + func1; // NON-COMPLIANT + func2; // NON-COMPLIANT + + &func1; // COMPLIANT + &func2; // COMPLIANT + + (func1)(); // COMPLIANT + (func2)(1, "hello"); // COMPLIANT + + &(func1); // NON-COMPLIANT + &(func2); // NON-COMPLIANT + + (&func1)(); // COMPLIANT + (&func2)(1, "hello"); // COMPLIANT + + (func1()); // COMPLIANT + (func2(1, "hello")); // COMPLIANT + + take_func(&func1, &func2); // COMPLIANT + take_func(func1, &func2); // NON-COMPLIANT + take_func(&func1, func2); // NON-COMPLIANT + take_func(func1, func2); // NON-COMPLIANT + + returns_func(0); // COMPLIANT + returns_func(0)(); // COMPLIANT + (returns_func(0))(); // COMPLIANT + + (void*) &func1; // COMPLIANT + (void*) (&func1); // COMPLIANT + (void*) func1; // NON-COMPLIANT + (void*) (func1); // NON-COMPLIANT + ((void*) func1); // NON-COMPLIANT + + MACRO_IDENTITY(func1); // NON-COMPLIANT + MACRO_IDENTITY(func1)(); // NON-COMPLIANT + MACRO_IDENTITY(&func1); // COMPLIANT + MACRO_IDENTITY(&func1)(); // COMPLIANT + + MACRO_INVOKE_RISKY(func3); // NON-COMPLIANT + MACRO_INVOKE_IMPROVED(func3); // NON-COMPLIANT + MACRO_INVOKE_IMPROVED(&func3); // COMPLIANT + + // Function pointers are exempt from this rule. + func_ptr1(); // COMPLIANT + func_ptr2(1, "hello"); // COMPLIANT + func_ptr1; // COMPLIANT + func_ptr2; // COMPLIANT + &func_ptr1; // COMPLIANT + &func_ptr2; // COMPLIANT + (func_ptr1)(); // COMPLIANT + (func_ptr2)(1, "hello"); // COMPLIANT + (*func_ptr1)(); // COMPLIANT + (*func_ptr2)(1, "hello"); // COMPLIANT + take_func(func_ptr1, func_ptr2); // COMPLIANT + (void*) func_ptr1; // COMPLIANT + (void*) &func_ptr1; // COMPLIANT + (void*) (&func_ptr1); // COMPLIANT + (void*) func_ptr1; // COMPLIANT + (void*) (func_ptr1); // COMPLIANT + ((void*) func_ptr1); // COMPLIANT + MACRO_IDENTITY(func_ptr1); // COMPLIANT + MACRO_IDENTITY(func_ptr1)(); // COMPLIANT + MACRO_IDENTITY(&func_ptr1); // COMPLIANT + (*MACRO_IDENTITY(&func_ptr1))(); // COMPLIANT + MACRO_INVOKE_RISKY(func_ptr3); // COMPLIANT + MACRO_INVOKE_IMPROVED(func_ptr3); // COMPLIANT + MACRO_INVOKE_IMPROVED(*&func_ptr3); // COMPLIANT + +} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-17-13/DisallowedFunctionTypeQualifier.expected b/c/misra/test/rules/RULE-17-13/DisallowedFunctionTypeQualifier.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/RULE-17-13/DisallowedFunctionTypeQualifier.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-17-13/DisallowedFunctionTypeQualifier.qlref b/c/misra/test/rules/RULE-17-13/DisallowedFunctionTypeQualifier.qlref new file mode 100644 index 0000000000..cbf7c583ec --- /dev/null +++ b/c/misra/test/rules/RULE-17-13/DisallowedFunctionTypeQualifier.qlref @@ -0,0 +1 @@ +rules/RULE-17-13/DisallowedFunctionTypeQualifier.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-17-13/test.c b/c/misra/test/rules/RULE-17-13/test.c new file mode 100644 index 0000000000..8326b30a28 --- /dev/null +++ b/c/misra/test/rules/RULE-17-13/test.c @@ -0,0 +1,56 @@ +// semmle-extractor-options: --language=c -std=c99 +const int x; // COMPLIANT +const int f_ret_const_int(void); // COMPLIANT +const int* f_ret_const_int_ptr(void); // COMPLIANT + +// Basic function typedefs +typedef int ftype_ret_int(void); +typedef const int ftype_ret_const_int(void); // COMPLIANT +typedef const int* ftype_ret_const_int_ptr(void); // COMPLIANT +typedef int const* ftype_ret_int_const_ptr(void); // COMPLIANT + +// Typedefs that use function typedefs +typedef ftype_ret_int ftype_ret_int2; // COMPLIANT +typedef const ftype_ret_int *ptr_const_ftype_ret_int; // NON-COMPLIANT +typedef ftype_ret_int *const const_ptr_ftype_ret_int; // COMPLIANT +typedef ftype_ret_int const* const_ptr_ftype_ret_int_; // NON-COMPLIANT + +// Test all qualifiers +typedef const ftype_ret_int const_ftype_ret_int; // NON-COMPLIANT +typedef volatile ftype_ret_int volatile_ftype_ret_int; // NON-COMPLIANT +typedef _Atomic ftype_ret_int atomic_ftype_ret_int; // NON-COMPLIANT +//extern restrict ftype_ret_int restrict_ftype_ret_int; // NON-COMPLIANT + +// Test parameters of declaration specifiers +typedef void (*take_ftype_ret_int)(ftype_ret_int); // COMPLIANT +typedef void (*take_const_ftype_ret_int)(const ftype_ret_int); // NON-COMPLIANT +typedef void (*take_ptr_ftype_ret_int)(ftype_ret_int*); // COMPLIANT +typedef void (*take_ptr_const_ftype_ret_int)(const ftype_ret_int *); // NON-COMPLIANT +typedef void (*take_const_ptr_ftype_ret_int)(ftype_ret_int const *); // COMPLIANT + +// Test return types of declaration specifiers +typedef ftype_ret_int* (return_ftype_ret_int)(void); // COMPLIANT +typedef const ftype_ret_int* (return_ftype_ret_int)(void); // NON-COMPLIANT +typedef ftype_ret_int const* (return_ftype_ret_int)(void); // COMPLIANT + +// Other storage class specifiers +extern const ftype_ret_int extern_ftype; // NON-COMPLIANT +extern const ftype_ret_int *extern_const_ftype_type; // NON-COMPLIANT +extern ftype_ret_int const * extern_ftype_const_ptr; // COMPLIANT + +// Other declarations +void param_list( + const ftype_ret_int *param_ftype, // NON-COMPLIANT + const ftype_ret_int *param_const_ftype_type, // NON-COMPLIANT + ftype_ret_int const *param_ftype_const_ptr // COMPLIANT +) { + const ftype_ret_int *var_ftype; // NON-COMPLIANT + const ftype_ret_int *var_const_ftype_type; // NON-COMPLIANT + ftype_ret_int const *var_ftype_const_ptr; // COMPLIANT + + struct TestStruct { + const ftype_ret_int *struct_ftype; // NON-COMPLIANT + const ftype_ret_int *struct_const_ftype_type; // NON-COMPLIANT + ftype_ret_int const *struct_ftype_const_ptr; // COMPLIANT + }; +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/FunctionTypes.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/FunctionTypes.qll new file mode 100644 index 0000000000..176b9871d3 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/FunctionTypes.qll @@ -0,0 +1,44 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype FunctionTypesQuery = + TFunctionAddressesShouldAddressOperatorQuery() or + TDisallowedFunctionTypeQualifierQuery() + +predicate isFunctionTypesQueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `functionAddressesShouldAddressOperator` query + FunctionTypesPackage::functionAddressesShouldAddressOperatorQuery() and + queryId = + // `@id` for the `functionAddressesShouldAddressOperator` query + "c/misra/function-addresses-should-address-operator" and + ruleId = "RULE-17-12" and + category = "advisory" + or + query = + // `Query` instance for the `disallowedFunctionTypeQualifier` query + FunctionTypesPackage::disallowedFunctionTypeQualifierQuery() and + queryId = + // `@id` for the `disallowedFunctionTypeQualifier` query + "c/misra/disallowed-function-type-qualifier" and + ruleId = "RULE-17-13" and + category = "required" +} + +module FunctionTypesPackage { + Query functionAddressesShouldAddressOperatorQuery() { + //autogenerate `Query` type + result = + // `Query` type for `functionAddressesShouldAddressOperator` query + TQueryC(TFunctionTypesPackageQuery(TFunctionAddressesShouldAddressOperatorQuery())) + } + + Query disallowedFunctionTypeQualifierQuery() { + //autogenerate `Query` type + result = + // `Query` type for `disallowedFunctionTypeQualifier` query + TQueryC(TFunctionTypesPackageQuery(TDisallowedFunctionTypeQualifierQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index b10fbf0a2f..581585da5c 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -29,6 +29,7 @@ import Declarations8 import EssentialTypes import Expressions import FloatingTypes +import FunctionTypes import IO1 import IO2 import IO3 @@ -102,6 +103,7 @@ newtype TCQuery = TEssentialTypesPackageQuery(EssentialTypesQuery q) or TExpressionsPackageQuery(ExpressionsQuery q) or TFloatingTypesPackageQuery(FloatingTypesQuery q) or + TFunctionTypesPackageQuery(FunctionTypesQuery q) or TIO1PackageQuery(IO1Query q) or TIO2PackageQuery(IO2Query q) or TIO3PackageQuery(IO3Query q) or @@ -175,6 +177,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isEssentialTypesQueryMetadata(query, queryId, ruleId, category) or isExpressionsQueryMetadata(query, queryId, ruleId, category) or isFloatingTypesQueryMetadata(query, queryId, ruleId, category) or + isFunctionTypesQueryMetadata(query, queryId, ruleId, category) or isIO1QueryMetadata(query, queryId, ruleId, category) or isIO2QueryMetadata(query, queryId, ruleId, category) or isIO3QueryMetadata(query, queryId, ruleId, category) or diff --git a/rule_packages/c/FunctionTypes.json b/rule_packages/c/FunctionTypes.json new file mode 100644 index 0000000000..bfa96d09eb --- /dev/null +++ b/rule_packages/c/FunctionTypes.json @@ -0,0 +1,42 @@ +{ + "MISRA-C-2012": { + "RULE-17-12": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "A function identifier should only be called with a parenthesized parameter list or used with a & (address-of).", + "kind": "problem", + "name": "A function identifier should only be called with a parenthesized parameter list or used with a &", + "precision": "very-high", + "severity": "error", + "short_name": "FunctionAddressesShouldAddressOperator", + "tags": [ + "readability" + ] + } + ], + "title": "A function identifier should only be called with a parenthesized parameter list or used with a & (address-of)" + }, + "RULE-17-13": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "The behavior of type qualifiers on a function type is undefined.", + "kind": "problem", + "name": "A function type shall not include any type qualifiers (const, volatile, restrict, or _Atomic)", + "precision": "very-high", + "severity": "error", + "short_name": "DisallowedFunctionTypeQualifier", + "tags": [ + "correctness" + ] + } + ], + "title": "A function type shall not include any type qualifiers (const, volatile, restrict, or _Atomic)" + } + } +} \ No newline at end of file From d798fc87149908f801fceb4d495888d9d909ff08 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 27 Sep 2024 15:34:14 -0700 Subject: [PATCH 2068/2573] Remove 17-13, simpler implementation for 17-12. --- .../FunctionAddressesShouldAddressOperator.ql | 73 ++------- .../DisallowedFunctionTypeQualifier.ql | 147 ------------------ ...ionAddressesShouldAddressOperator.expected | 23 ++- c/misra/test/rules/RULE-17-12/test.c | 9 +- .../DisallowedFunctionTypeQualifier.expected | 1 - .../DisallowedFunctionTypeQualifier.qlref | 1 - c/misra/test/rules/RULE-17-13/test.c | 56 ------- .../cpp/exclusions/c/FunctionTypes.qll | 20 +-- rule_packages/c/FunctionTypes.json | 14 +- 9 files changed, 27 insertions(+), 317 deletions(-) delete mode 100644 c/misra/src/rules/RULE-17-13/DisallowedFunctionTypeQualifier.ql delete mode 100644 c/misra/test/rules/RULE-17-13/DisallowedFunctionTypeQualifier.expected delete mode 100644 c/misra/test/rules/RULE-17-13/DisallowedFunctionTypeQualifier.qlref delete mode 100644 c/misra/test/rules/RULE-17-13/test.c diff --git a/c/misra/src/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.ql b/c/misra/src/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.ql index 4c3386c68b..96c466150b 100644 --- a/c/misra/src/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.ql +++ b/c/misra/src/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.ql @@ -14,70 +14,15 @@ import cpp import codingstandards.c.misra -abstract class AddressOfFunction extends Expr { - abstract predicate isImplicitlyAddressed(); - - abstract string getFuncName(); -} - -class FunctionTypeAccess extends FunctionAccess, AddressOfFunction { - - predicate isImmediatelyParenthesized() { - exists(ParenthesisExpr parens | parens.getExpr() = this) - } - - predicate isExplicitlyAddressed() { - getParent() instanceof AddressOfExpr and - not isImmediatelyParenthesized() - } - - override predicate isImplicitlyAddressed() { - not isExplicitlyAddressed() - } - - override string getFuncName() { - result = getTarget().getName() - } -} - -/* -class IndirectFunctionCall extends FunctionCall, AddressOfFunction { - override predicate isImplicitlyAddressed() { - getConversion+() instanceof ParenthesisExpr - } - - override string getFuncName() { - result = getTarget().getName() - } -} - */ - -class MacroArgTakesFunction extends AddressOfFunction { - MacroInvocation m; - MacroArgTakesFunction() { - m.getExpr() = this - } - - override predicate isImplicitlyAddressed() { - any() - } - - string getProp() { - result = m.getExpandedArgument(_) - and this.get - } - - override string getFuncName() { - result = "a macro argument" - } - +predicate isImplicitlyAddressed(FunctionAccess access) { + not access.getParent() instanceof AddressOfExpr or + exists(ParenthesisExpr parens | parens.getExpr() = access) } -from AddressOfFunction funcAddr +from FunctionAccess funcAccess where - not isExcluded(funcAddr, FunctionTypesPackage::functionAddressesShouldAddressOperatorQuery()) and - //not funcAccess.isImmediatelyCalled() and - //not funcAccess.isExplicitlyAddressed() - funcAddr.isImplicitlyAddressed() -select - funcAddr, "The address of function " + funcAddr.getFuncName() + " is taken without the & operator." \ No newline at end of file + not isExcluded(funcAccess, FunctionTypesPackage::functionAddressesShouldAddressOperatorQuery()) and + isImplicitlyAddressed(funcAccess) +select funcAccess, + "The address of function " + funcAccess.getTarget().getName() + + " is taken without the & operator." diff --git a/c/misra/src/rules/RULE-17-13/DisallowedFunctionTypeQualifier.ql b/c/misra/src/rules/RULE-17-13/DisallowedFunctionTypeQualifier.ql deleted file mode 100644 index a40dadef6c..0000000000 --- a/c/misra/src/rules/RULE-17-13/DisallowedFunctionTypeQualifier.ql +++ /dev/null @@ -1,147 +0,0 @@ -/** - * @id c/misra/disallowed-function-type-qualifier - * @name RULE-17-13: A function type shall not include any type qualifiers (const, volatile, restrict, or _Atomic) - * @description The behavior of type qualifiers on a function type is undefined. - * @kind problem - * @precision very-high - * @problem.severity error - * @tags external/misra/id/rule-17-13 - * correctness - * external/misra/obligation/required - */ - -import cpp -import codingstandards.c.misra - -//from DeclarationEntry decl, Type type //, Specifier specifier -//where -// not isExcluded(decl, FunctionTypesPackage::disallowedFunctionTypeQualifierQuery()) and -// //decl.getType() instanceof FunctionPointerType and -// //decl.getType().(FunctionPointerType).hasSpecifier(specifier) -// (type = decl.getType().getUnderlyingType*() -// or type = decl.getType()) -// and -// //specifier = type.getASpecifier() -// any() -//select decl, type //, specifier // "The behavior of type qualifier " + specifier + " on a function type is undefined." - -newtype TDeclaredFunction = - TFunctionDeclaration(Declaration declaration) - -abstract class DeclaredFunction extends TDeclaredFunction { - abstract string toString(); -} - -predicate isConstFunction(Type type) { - (type.getASpecifier().getName() = "const" - or type.isConst()) - and isFunctionType(type) - or isConstFunction(type.getUnderlyingType()) -} - -predicate isFunctionType(Type type) { - type instanceof FunctionPointerType - or isFunctionType(type.getUnderlyingType()) -} - -predicate declaresConstFunction(DeclarationEntry entry) { - (entry.getDeclaration().getASpecifier().getName() = "const" - and isFunctionType(entry.getType())) - or isConstFunction(entry.getType()) -} - -class QualifiableRoutineType extends RoutineType, QualifiableType { - override string explainQualifiers() { - result = "func{" - + specifiersOf(this) + this.getReturnType().(QualifiableType).explainQualifiers() - + " (" - + paramString(0) - + ")}" - } - - string paramString(int i) { - i = 0 and result = "" and not exists(this.getAParameterType()) - or - ( - if i < max(int j | exists(this.getParameterType(j))) - then - // Not the last one - result = this.getParameterType(i).(QualifiableType).explainQualifiers() + "," + this.paramString(i + 1) - else - // Last parameter - result = this.getParameterType(i).(QualifiableType).explainQualifiers() - ) - } -} - -class QualifiableIntType extends IntType, QualifiableType { - override string explainQualifiers() { - result = specifiersOf(this) + " " + this.toString() - } -} - -class QualifiablePointerType extends PointerType, QualifiableType { - override string explainQualifiers() { - result = "{" - + specifiersOf(this) - + " pointer to " - + this.getBaseType().(QualifiableType).explainQualifiers() - + "}" - } -} - -class QualifiableType extends Type { - string explainQualifiers() { - result = "Unimplemented explainQualifiers for type(s): " + concat(string s | s = getAQlClass() | s, ",") - } -} - -class QualifiableTypedefType extends TypedefType, QualifiableType { - override string explainQualifiers() { - result = "{ typedef " - + specifiersOf(this) - + " " - + this.getBaseType().(QualifiableType).explainQualifiers() - + "}" - } -} - -class QualifiableSpecifiedType extends SpecifiedType, QualifiableType { - override string explainQualifiers() { - result = "{" - + specifiersOf(this) - + " " - + this.getBaseType().(QualifiableType).explainQualifiers() - + "}" - } -} - -string typeString(Type t) { - //if - // t instanceof CTypedefType - // then result = t.(CTypedefType).explain() + "specs:" + specifiersOf(t.(CTypedefType).getBaseType()) + "/" + typeString(t.(CTypedefType).getBaseType()) - // else - //result = concat(string s | s = t.getAQlClass() | s, ",") - result = t.(QualifiableType).explainQualifiers() -} - -string specifiersOf(Type t) { - result = concat(Specifier s | s = t.getASpecifier()| s.getName(), ", ") -} - -string declSpecifiersOf(Declaration d) { - result = concat(Specifier s | s = d.getASpecifier()| s.getName(), ", ") -} - -string underlying(Type t) { - exists(Type u | u = t.getUnderlyingType() | result = u.toString()) - or result = "[no underlying]" - -} - -from DeclarationEntry entry -select entry, entry.getType(), typeString(entry.getType()), declSpecifiersOf(entry.getDeclaration()), specifiersOf(entry.getType()) - -//from Type t -//where any()//isFunctionType(t) -//select t, specifiersOf(t), underlying(t) \ No newline at end of file diff --git a/c/misra/test/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.expected b/c/misra/test/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.expected index 1cc92e95e1..d4862c5978 100644 --- a/c/misra/test/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.expected +++ b/c/misra/test/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.expected @@ -1,18 +1,15 @@ | test.c:15:25:15:29 | func2 | The address of function func2 is taken without the & operator. | | test.c:16:27:16:31 | func3 | The address of function func3 is taken without the & operator. | | test.c:22:16:22:20 | func1 | The address of function func1 is taken without the & operator. | -| test.c:38:5:38:9 | func1 | The address of function func1 is taken without the & operator. | -| test.c:39:5:39:9 | func2 | The address of function func2 is taken without the & operator. | -| test.c:47:7:47:11 | func1 | The address of function func1 is taken without the & operator. | -| test.c:48:7:48:11 | func2 | The address of function func2 is taken without the & operator. | -| test.c:57:15:57:19 | func1 | The address of function func1 is taken without the & operator. | -| test.c:58:23:58:27 | func2 | The address of function func2 is taken without the & operator. | -| test.c:59:15:59:19 | func1 | The address of function func1 is taken without the & operator. | -| test.c:59:22:59:26 | func2 | The address of function func2 is taken without the & operator. | -| test.c:67:13:67:17 | func1 | The address of function func1 is taken without the & operator. | -| test.c:68:14:68:18 | func1 | The address of function func1 is taken without the & operator. | +| test.c:39:5:39:9 | func1 | The address of function func1 is taken without the & operator. | +| test.c:40:5:40:9 | func2 | The address of function func2 is taken without the & operator. | +| test.c:48:7:48:11 | func1 | The address of function func1 is taken without the & operator. | +| test.c:49:7:49:11 | func2 | The address of function func2 is taken without the & operator. | +| test.c:58:15:58:19 | func1 | The address of function func1 is taken without the & operator. | +| test.c:59:23:59:27 | func2 | The address of function func2 is taken without the & operator. | +| test.c:60:15:60:19 | func1 | The address of function func1 is taken without the & operator. | +| test.c:60:22:60:26 | func2 | The address of function func2 is taken without the & operator. | +| test.c:68:13:68:17 | func1 | The address of function func1 is taken without the & operator. | | test.c:69:14:69:18 | func1 | The address of function func1 is taken without the & operator. | -| test.c:71:20:71:24 | func1 | The address of function func1 is taken without the & operator. | +| test.c:70:14:70:18 | func1 | The address of function func1 is taken without the & operator. | | test.c:72:20:72:24 | func1 | The address of function func1 is taken without the & operator. | -| test.c:76:20:76:24 | func1 | The address of function func1 is taken without the & operator. | -| test.c:77:20:77:24 | func1 | The address of function func1 is taken without the & operator. | diff --git a/c/misra/test/rules/RULE-17-12/test.c b/c/misra/test/rules/RULE-17-12/test.c index 1c580f917e..4cfe1f6de6 100644 --- a/c/misra/test/rules/RULE-17-12/test.c +++ b/c/misra/test/rules/RULE-17-12/test.c @@ -30,6 +30,7 @@ func_ptr_t1 returns_func(int x) { #define MACRO_IDENTITY(f) (f) #define MACRO_INVOKE_RISKY(f) (f()) #define MACRO_INVOKE_IMPROVED(f) ((f)()) +#define MACRO_INVOKE_AND_USE_AS_TOKEN(f) f(0, #f) void test() { func1(); // COMPLIANT @@ -69,14 +70,16 @@ void test() { ((void*) func1); // NON-COMPLIANT MACRO_IDENTITY(func1); // NON-COMPLIANT - MACRO_IDENTITY(func1)(); // NON-COMPLIANT + MACRO_IDENTITY(func1)(); // NON-COMPLIANT[FALSE NEGATIVE] MACRO_IDENTITY(&func1); // COMPLIANT MACRO_IDENTITY(&func1)(); // COMPLIANT - MACRO_INVOKE_RISKY(func3); // NON-COMPLIANT - MACRO_INVOKE_IMPROVED(func3); // NON-COMPLIANT + MACRO_INVOKE_RISKY(func3); // NON-COMPLIANT[FALSE NEGATIVE] + MACRO_INVOKE_IMPROVED(func3); // NON-COMPLIANT[FALSE NEGATIVE] MACRO_INVOKE_IMPROVED(&func3); // COMPLIANT + MACRO_INVOKE_AND_USE_AS_TOKEN(func1); // COMPLIANT + // Function pointers are exempt from this rule. func_ptr1(); // COMPLIANT func_ptr2(1, "hello"); // COMPLIANT diff --git a/c/misra/test/rules/RULE-17-13/DisallowedFunctionTypeQualifier.expected b/c/misra/test/rules/RULE-17-13/DisallowedFunctionTypeQualifier.expected deleted file mode 100644 index 2ec1a0ac6c..0000000000 --- a/c/misra/test/rules/RULE-17-13/DisallowedFunctionTypeQualifier.expected +++ /dev/null @@ -1 +0,0 @@ -No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-17-13/DisallowedFunctionTypeQualifier.qlref b/c/misra/test/rules/RULE-17-13/DisallowedFunctionTypeQualifier.qlref deleted file mode 100644 index cbf7c583ec..0000000000 --- a/c/misra/test/rules/RULE-17-13/DisallowedFunctionTypeQualifier.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-17-13/DisallowedFunctionTypeQualifier.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-17-13/test.c b/c/misra/test/rules/RULE-17-13/test.c deleted file mode 100644 index 8326b30a28..0000000000 --- a/c/misra/test/rules/RULE-17-13/test.c +++ /dev/null @@ -1,56 +0,0 @@ -// semmle-extractor-options: --language=c -std=c99 -const int x; // COMPLIANT -const int f_ret_const_int(void); // COMPLIANT -const int* f_ret_const_int_ptr(void); // COMPLIANT - -// Basic function typedefs -typedef int ftype_ret_int(void); -typedef const int ftype_ret_const_int(void); // COMPLIANT -typedef const int* ftype_ret_const_int_ptr(void); // COMPLIANT -typedef int const* ftype_ret_int_const_ptr(void); // COMPLIANT - -// Typedefs that use function typedefs -typedef ftype_ret_int ftype_ret_int2; // COMPLIANT -typedef const ftype_ret_int *ptr_const_ftype_ret_int; // NON-COMPLIANT -typedef ftype_ret_int *const const_ptr_ftype_ret_int; // COMPLIANT -typedef ftype_ret_int const* const_ptr_ftype_ret_int_; // NON-COMPLIANT - -// Test all qualifiers -typedef const ftype_ret_int const_ftype_ret_int; // NON-COMPLIANT -typedef volatile ftype_ret_int volatile_ftype_ret_int; // NON-COMPLIANT -typedef _Atomic ftype_ret_int atomic_ftype_ret_int; // NON-COMPLIANT -//extern restrict ftype_ret_int restrict_ftype_ret_int; // NON-COMPLIANT - -// Test parameters of declaration specifiers -typedef void (*take_ftype_ret_int)(ftype_ret_int); // COMPLIANT -typedef void (*take_const_ftype_ret_int)(const ftype_ret_int); // NON-COMPLIANT -typedef void (*take_ptr_ftype_ret_int)(ftype_ret_int*); // COMPLIANT -typedef void (*take_ptr_const_ftype_ret_int)(const ftype_ret_int *); // NON-COMPLIANT -typedef void (*take_const_ptr_ftype_ret_int)(ftype_ret_int const *); // COMPLIANT - -// Test return types of declaration specifiers -typedef ftype_ret_int* (return_ftype_ret_int)(void); // COMPLIANT -typedef const ftype_ret_int* (return_ftype_ret_int)(void); // NON-COMPLIANT -typedef ftype_ret_int const* (return_ftype_ret_int)(void); // COMPLIANT - -// Other storage class specifiers -extern const ftype_ret_int extern_ftype; // NON-COMPLIANT -extern const ftype_ret_int *extern_const_ftype_type; // NON-COMPLIANT -extern ftype_ret_int const * extern_ftype_const_ptr; // COMPLIANT - -// Other declarations -void param_list( - const ftype_ret_int *param_ftype, // NON-COMPLIANT - const ftype_ret_int *param_const_ftype_type, // NON-COMPLIANT - ftype_ret_int const *param_ftype_const_ptr // COMPLIANT -) { - const ftype_ret_int *var_ftype; // NON-COMPLIANT - const ftype_ret_int *var_const_ftype_type; // NON-COMPLIANT - ftype_ret_int const *var_ftype_const_ptr; // COMPLIANT - - struct TestStruct { - const ftype_ret_int *struct_ftype; // NON-COMPLIANT - const ftype_ret_int *struct_const_ftype_type; // NON-COMPLIANT - ftype_ret_int const *struct_ftype_const_ptr; // COMPLIANT - }; -} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/FunctionTypes.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/FunctionTypes.qll index 176b9871d3..3d6faadb42 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/FunctionTypes.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/FunctionTypes.qll @@ -3,9 +3,7 @@ import cpp import RuleMetadata import codingstandards.cpp.exclusions.RuleMetadata -newtype FunctionTypesQuery = - TFunctionAddressesShouldAddressOperatorQuery() or - TDisallowedFunctionTypeQualifierQuery() +newtype FunctionTypesQuery = TFunctionAddressesShouldAddressOperatorQuery() predicate isFunctionTypesQueryMetadata(Query query, string queryId, string ruleId, string category) { query = @@ -16,15 +14,6 @@ predicate isFunctionTypesQueryMetadata(Query query, string queryId, string ruleI "c/misra/function-addresses-should-address-operator" and ruleId = "RULE-17-12" and category = "advisory" - or - query = - // `Query` instance for the `disallowedFunctionTypeQualifier` query - FunctionTypesPackage::disallowedFunctionTypeQualifierQuery() and - queryId = - // `@id` for the `disallowedFunctionTypeQualifier` query - "c/misra/disallowed-function-type-qualifier" and - ruleId = "RULE-17-13" and - category = "required" } module FunctionTypesPackage { @@ -34,11 +23,4 @@ module FunctionTypesPackage { // `Query` type for `functionAddressesShouldAddressOperator` query TQueryC(TFunctionTypesPackageQuery(TFunctionAddressesShouldAddressOperatorQuery())) } - - Query disallowedFunctionTypeQualifierQuery() { - //autogenerate `Query` type - result = - // `Query` type for `disallowedFunctionTypeQualifier` query - TQueryC(TFunctionTypesPackageQuery(TDisallowedFunctionTypeQualifierQuery())) - } } diff --git a/rule_packages/c/FunctionTypes.json b/rule_packages/c/FunctionTypes.json index bfa96d09eb..aae4ba8a0f 100644 --- a/rule_packages/c/FunctionTypes.json +++ b/rule_packages/c/FunctionTypes.json @@ -23,19 +23,7 @@ "properties": { "obligation": "required" }, - "queries": [ - { - "description": "The behavior of type qualifiers on a function type is undefined.", - "kind": "problem", - "name": "A function type shall not include any type qualifiers (const, volatile, restrict, or _Atomic)", - "precision": "very-high", - "severity": "error", - "short_name": "DisallowedFunctionTypeQualifier", - "tags": [ - "correctness" - ] - } - ], + "queries": [], "title": "A function type shall not include any type qualifiers (const, volatile, restrict, or _Atomic)" } } From d49984d0216a62f25e983e70198e6f7b11a50f0e Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 27 Sep 2024 16:13:42 -0700 Subject: [PATCH 2069/2573] Format test, commit user README changes. --- ...ionAddressesShouldAddressOperator.expected | 30 +-- c/misra/test/rules/RULE-17-12/test.c | 172 +++++++++--------- docs/user_manual.md | 2 +- 3 files changed, 101 insertions(+), 103 deletions(-) diff --git a/c/misra/test/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.expected b/c/misra/test/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.expected index d4862c5978..1a3165a32f 100644 --- a/c/misra/test/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.expected +++ b/c/misra/test/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.expected @@ -1,15 +1,15 @@ -| test.c:15:25:15:29 | func2 | The address of function func2 is taken without the & operator. | -| test.c:16:27:16:31 | func3 | The address of function func3 is taken without the & operator. | -| test.c:22:16:22:20 | func1 | The address of function func1 is taken without the & operator. | -| test.c:39:5:39:9 | func1 | The address of function func1 is taken without the & operator. | -| test.c:40:5:40:9 | func2 | The address of function func2 is taken without the & operator. | -| test.c:48:7:48:11 | func1 | The address of function func1 is taken without the & operator. | -| test.c:49:7:49:11 | func2 | The address of function func2 is taken without the & operator. | -| test.c:58:15:58:19 | func1 | The address of function func1 is taken without the & operator. | -| test.c:59:23:59:27 | func2 | The address of function func2 is taken without the & operator. | -| test.c:60:15:60:19 | func1 | The address of function func1 is taken without the & operator. | -| test.c:60:22:60:26 | func2 | The address of function func2 is taken without the & operator. | -| test.c:68:13:68:17 | func1 | The address of function func1 is taken without the & operator. | -| test.c:69:14:69:18 | func1 | The address of function func1 is taken without the & operator. | -| test.c:70:14:70:18 | func1 | The address of function func1 is taken without the & operator. | -| test.c:72:20:72:24 | func1 | The address of function func1 is taken without the & operator. | +| test.c:14:25:14:29 | func2 | The address of function func2 is taken without the & operator. | +| test.c:15:27:15:31 | func3 | The address of function func3 is taken without the & operator. | +| test.c:21:12:21:16 | func1 | The address of function func1 is taken without the & operator. | +| test.c:38:3:38:7 | func1 | The address of function func1 is taken without the & operator. | +| test.c:39:3:39:7 | func2 | The address of function func2 is taken without the & operator. | +| test.c:47:5:47:9 | func1 | The address of function func1 is taken without the & operator. | +| test.c:48:5:48:9 | func2 | The address of function func2 is taken without the & operator. | +| test.c:57:13:57:17 | func1 | The address of function func1 is taken without the & operator. | +| test.c:58:21:58:25 | func2 | The address of function func2 is taken without the & operator. | +| test.c:59:13:59:17 | func1 | The address of function func1 is taken without the & operator. | +| test.c:59:20:59:24 | func2 | The address of function func2 is taken without the & operator. | +| test.c:67:11:67:15 | func1 | The address of function func1 is taken without the & operator. | +| test.c:68:12:68:16 | func1 | The address of function func1 is taken without the & operator. | +| test.c:69:12:69:16 | func1 | The address of function func1 is taken without the & operator. | +| test.c:71:18:71:22 | func1 | The address of function func1 is taken without the & operator. | diff --git a/c/misra/test/rules/RULE-17-12/test.c b/c/misra/test/rules/RULE-17-12/test.c index 4cfe1f6de6..04aaa96af6 100644 --- a/c/misra/test/rules/RULE-17-12/test.c +++ b/c/misra/test/rules/RULE-17-12/test.c @@ -1,30 +1,29 @@ void func1() {} -void func2(int x, char* y) {} +void func2(int x, char *y) {} -typedef struct {} s; +typedef struct { +} s; -int func3() { - return 0; -} +int func3() { return 0; } typedef void (*func_ptr_t1)(); -typedef void (*func_ptr_t2)(int x, char* y); +typedef void (*func_ptr_t2)(int x, char *y); typedef s (*func_ptr_t3)(); -func_ptr_t1 func_ptr1 = &func1; // COMPLIANT -func_ptr_t2 func_ptr2 = func2; // NON-COMPLIANT +func_ptr_t1 func_ptr1 = &func1; // COMPLIANT +func_ptr_t2 func_ptr2 = func2; // NON-COMPLIANT func_ptr_t3 func_ptr3 = &(func3); // NON-COMPLIANT void take_func(func_ptr_t1 f1, func_ptr_t2 f2); func_ptr_t1 returns_func(int x) { - if (x == 0) { - return func1; // NON-COMPLIANT - } else if (x == 1) { - return &func1; // COMPLIANT - } + if (x == 0) { + return func1; // NON-COMPLIANT + } else if (x == 1) { + return &func1; // COMPLIANT + } - return returns_func(0); // COMPLIANT + return returns_func(0); // COMPLIANT } #define MACRO_IDENTITY(f) (f) @@ -33,77 +32,76 @@ func_ptr_t1 returns_func(int x) { #define MACRO_INVOKE_AND_USE_AS_TOKEN(f) f(0, #f) void test() { - func1(); // COMPLIANT - func2(1, "hello"); // COMPLIANT - - func1; // NON-COMPLIANT - func2; // NON-COMPLIANT - - &func1; // COMPLIANT - &func2; // COMPLIANT - - (func1)(); // COMPLIANT - (func2)(1, "hello"); // COMPLIANT - - &(func1); // NON-COMPLIANT - &(func2); // NON-COMPLIANT - - (&func1)(); // COMPLIANT - (&func2)(1, "hello"); // COMPLIANT - - (func1()); // COMPLIANT - (func2(1, "hello")); // COMPLIANT - - take_func(&func1, &func2); // COMPLIANT - take_func(func1, &func2); // NON-COMPLIANT - take_func(&func1, func2); // NON-COMPLIANT - take_func(func1, func2); // NON-COMPLIANT - - returns_func(0); // COMPLIANT - returns_func(0)(); // COMPLIANT - (returns_func(0))(); // COMPLIANT - - (void*) &func1; // COMPLIANT - (void*) (&func1); // COMPLIANT - (void*) func1; // NON-COMPLIANT - (void*) (func1); // NON-COMPLIANT - ((void*) func1); // NON-COMPLIANT - - MACRO_IDENTITY(func1); // NON-COMPLIANT - MACRO_IDENTITY(func1)(); // NON-COMPLIANT[FALSE NEGATIVE] - MACRO_IDENTITY(&func1); // COMPLIANT - MACRO_IDENTITY(&func1)(); // COMPLIANT - - MACRO_INVOKE_RISKY(func3); // NON-COMPLIANT[FALSE NEGATIVE] - MACRO_INVOKE_IMPROVED(func3); // NON-COMPLIANT[FALSE NEGATIVE] - MACRO_INVOKE_IMPROVED(&func3); // COMPLIANT - - MACRO_INVOKE_AND_USE_AS_TOKEN(func1); // COMPLIANT - - // Function pointers are exempt from this rule. - func_ptr1(); // COMPLIANT - func_ptr2(1, "hello"); // COMPLIANT - func_ptr1; // COMPLIANT - func_ptr2; // COMPLIANT - &func_ptr1; // COMPLIANT - &func_ptr2; // COMPLIANT - (func_ptr1)(); // COMPLIANT - (func_ptr2)(1, "hello"); // COMPLIANT - (*func_ptr1)(); // COMPLIANT - (*func_ptr2)(1, "hello"); // COMPLIANT - take_func(func_ptr1, func_ptr2); // COMPLIANT - (void*) func_ptr1; // COMPLIANT - (void*) &func_ptr1; // COMPLIANT - (void*) (&func_ptr1); // COMPLIANT - (void*) func_ptr1; // COMPLIANT - (void*) (func_ptr1); // COMPLIANT - ((void*) func_ptr1); // COMPLIANT - MACRO_IDENTITY(func_ptr1); // COMPLIANT - MACRO_IDENTITY(func_ptr1)(); // COMPLIANT - MACRO_IDENTITY(&func_ptr1); // COMPLIANT - (*MACRO_IDENTITY(&func_ptr1))(); // COMPLIANT - MACRO_INVOKE_RISKY(func_ptr3); // COMPLIANT - MACRO_INVOKE_IMPROVED(func_ptr3); // COMPLIANT - MACRO_INVOKE_IMPROVED(*&func_ptr3); // COMPLIANT - + func1(); // COMPLIANT + func2(1, "hello"); // COMPLIANT + + func1; // NON-COMPLIANT + func2; // NON-COMPLIANT + + &func1; // COMPLIANT + &func2; // COMPLIANT + + (func1)(); // COMPLIANT + (func2)(1, "hello"); // COMPLIANT + + &(func1); // NON-COMPLIANT + &(func2); // NON-COMPLIANT + + (&func1)(); // COMPLIANT + (&func2)(1, "hello"); // COMPLIANT + + (func1()); // COMPLIANT + (func2(1, "hello")); // COMPLIANT + + take_func(&func1, &func2); // COMPLIANT + take_func(func1, &func2); // NON-COMPLIANT + take_func(&func1, func2); // NON-COMPLIANT + take_func(func1, func2); // NON-COMPLIANT + + returns_func(0); // COMPLIANT + returns_func(0)(); // COMPLIANT + (returns_func(0))(); // COMPLIANT + + (void *)&func1; // COMPLIANT + (void *)(&func1); // COMPLIANT + (void *)func1; // NON-COMPLIANT + (void *)(func1); // NON-COMPLIANT + ((void *)func1); // NON-COMPLIANT + + MACRO_IDENTITY(func1); // NON-COMPLIANT + MACRO_IDENTITY(func1)(); // NON-COMPLIANT[FALSE NEGATIVE] + MACRO_IDENTITY(&func1); // COMPLIANT + MACRO_IDENTITY (&func1)(); // COMPLIANT + + MACRO_INVOKE_RISKY(func3); // NON-COMPLIANT[FALSE NEGATIVE] + MACRO_INVOKE_IMPROVED(func3); // NON-COMPLIANT[FALSE NEGATIVE] + MACRO_INVOKE_IMPROVED(&func3); // COMPLIANT + + MACRO_INVOKE_AND_USE_AS_TOKEN(func1); // COMPLIANT + + // Function pointers are exempt from this rule. + func_ptr1(); // COMPLIANT + func_ptr2(1, "hello"); // COMPLIANT + func_ptr1; // COMPLIANT + func_ptr2; // COMPLIANT + &func_ptr1; // COMPLIANT + &func_ptr2; // COMPLIANT + (func_ptr1)(); // COMPLIANT + (func_ptr2)(1, "hello"); // COMPLIANT + (*func_ptr1)(); // COMPLIANT + (*func_ptr2)(1, "hello"); // COMPLIANT + take_func(func_ptr1, func_ptr2); // COMPLIANT + (void *)func_ptr1; // COMPLIANT + (void *)&func_ptr1; // COMPLIANT + (void *)(&func_ptr1); // COMPLIANT + (void *)func_ptr1; // COMPLIANT + (void *)(func_ptr1); // COMPLIANT + ((void *)func_ptr1); // COMPLIANT + MACRO_IDENTITY(func_ptr1); // COMPLIANT + MACRO_IDENTITY(func_ptr1)(); // COMPLIANT + MACRO_IDENTITY(&func_ptr1); // COMPLIANT + (*MACRO_IDENTITY(&func_ptr1))(); // COMPLIANT + MACRO_INVOKE_RISKY(func_ptr3); // COMPLIANT + MACRO_INVOKE_IMPROVED(func_ptr3); // COMPLIANT + MACRO_INVOKE_IMPROVED(*&func_ptr3); // COMPLIANT } \ No newline at end of file diff --git a/docs/user_manual.md b/docs/user_manual.md index 5799d73e6f..db0f836339 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -78,7 +78,7 @@ The datasheet _"CodeQL Coding Standards: supported rules"_, provided with each r [^1]: AUTOSAR C++ versions R22-11, R21-11, R20-11, R19-11 and R19-03 are all identical as indicated in the document change history. [^2]: The unimplemented supportable AUTOSAR rules are `A7-1-8` and `A8-2-1`. These rules require additional support in the CodeQL CLI to ensure the required information is available in the CodeQL database to identify violations of these rules. -[^3]: The unimplemented supportable MISRA C 2012 rules are `Rule 9.5` and `Dir 4.14`. `Rule 9.5` requires additional support in the CodeQL CLI to ensure the required information is available in the CodeQL database to identify violations of these rules. `Dir 4.14` is covered by the default CodeQL queries, which identify potential security vulnerabilities caused by not validating external input. +[^3]: The unimplemented supportable MISRA C 2012 rules are `Rule 9.5`, `Rule 17.13`, and `Dir 4.14`. `Rule 9.5` and `Rule 17.13` require additional support in the CodeQL CLI to ensure the required information is available in the CodeQL database to identify violations of these rules. `Dir 4.14` is covered by the default CodeQL queries, which identify potential security vulnerabilities caused by not validating external input. [^4]: The rules 5.13.7, 19.0.1 and 19.1.2 are not planned to be implemented by CodeQL as they are compiler checked in all supported compilers. ## Supported environment From a8d832b0606b46a5dd05bc22558b95ebbc7c0df7 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Sat, 28 Sep 2024 11:24:01 -0700 Subject: [PATCH 2070/2573] Add defense against cpp code based on MRVA results. Add comments. --- .../FunctionAddressesShouldAddressOperator.ql | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/c/misra/src/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.ql b/c/misra/src/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.ql index 96c466150b..824e873e28 100644 --- a/c/misra/src/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.ql +++ b/c/misra/src/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.ql @@ -15,8 +15,18 @@ import cpp import codingstandards.c.misra predicate isImplicitlyAddressed(FunctionAccess access) { - not access.getParent() instanceof AddressOfExpr or - exists(ParenthesisExpr parens | parens.getExpr() = access) + ( + not access.getParent() instanceof AddressOfExpr + or + // This catches "&(foo)", which could be considered to be somewhat less + // readable than "(&foo)". + exists(ParenthesisExpr parens | parens.getExpr() = access) + ) and + // Note: the following *seems* to only exist in c++ codebases, for instance, + // when calling a member. In c, this syntax should always extract as a + // [FunctionCall] rather than a [ExprCall] of a [FunctionAccess]. Still, this + // is a good pattern to be defensive against. + not exists(ExprCall call | call.getExpr() = access) } from FunctionAccess funcAccess From 1007a5324883e41523ff7e4bd6e20024c4f151a4 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 4 Oct 2024 09:38:41 -0700 Subject: [PATCH 2071/2573] Allow `&(f)` under rule 17-12 --- .../FunctionAddressesShouldAddressOperator.ql | 8 +------- .../FunctionAddressesShouldAddressOperator.expected | 4 +--- c/misra/test/rules/RULE-17-12/test.c | 10 +++++----- 3 files changed, 7 insertions(+), 15 deletions(-) diff --git a/c/misra/src/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.ql b/c/misra/src/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.ql index 824e873e28..30d86b0447 100644 --- a/c/misra/src/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.ql +++ b/c/misra/src/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.ql @@ -15,13 +15,7 @@ import cpp import codingstandards.c.misra predicate isImplicitlyAddressed(FunctionAccess access) { - ( - not access.getParent() instanceof AddressOfExpr - or - // This catches "&(foo)", which could be considered to be somewhat less - // readable than "(&foo)". - exists(ParenthesisExpr parens | parens.getExpr() = access) - ) and + not access.getParent() instanceof AddressOfExpr and // Note: the following *seems* to only exist in c++ codebases, for instance, // when calling a member. In c, this syntax should always extract as a // [FunctionCall] rather than a [ExprCall] of a [FunctionAccess]. Still, this diff --git a/c/misra/test/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.expected b/c/misra/test/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.expected index 1a3165a32f..5a37cbd97e 100644 --- a/c/misra/test/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.expected +++ b/c/misra/test/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.expected @@ -1,10 +1,8 @@ | test.c:14:25:14:29 | func2 | The address of function func2 is taken without the & operator. | -| test.c:15:27:15:31 | func3 | The address of function func3 is taken without the & operator. | +| test.c:15:25:15:29 | func3 | The address of function func3 is taken without the & operator. | | test.c:21:12:21:16 | func1 | The address of function func1 is taken without the & operator. | | test.c:38:3:38:7 | func1 | The address of function func1 is taken without the & operator. | | test.c:39:3:39:7 | func2 | The address of function func2 is taken without the & operator. | -| test.c:47:5:47:9 | func1 | The address of function func1 is taken without the & operator. | -| test.c:48:5:48:9 | func2 | The address of function func2 is taken without the & operator. | | test.c:57:13:57:17 | func1 | The address of function func1 is taken without the & operator. | | test.c:58:21:58:25 | func2 | The address of function func2 is taken without the & operator. | | test.c:59:13:59:17 | func1 | The address of function func1 is taken without the & operator. | diff --git a/c/misra/test/rules/RULE-17-12/test.c b/c/misra/test/rules/RULE-17-12/test.c index 04aaa96af6..5ab5a4984d 100644 --- a/c/misra/test/rules/RULE-17-12/test.c +++ b/c/misra/test/rules/RULE-17-12/test.c @@ -10,9 +10,9 @@ typedef void (*func_ptr_t1)(); typedef void (*func_ptr_t2)(int x, char *y); typedef s (*func_ptr_t3)(); -func_ptr_t1 func_ptr1 = &func1; // COMPLIANT -func_ptr_t2 func_ptr2 = func2; // NON-COMPLIANT -func_ptr_t3 func_ptr3 = &(func3); // NON-COMPLIANT +func_ptr_t1 func_ptr1 = &func1; // COMPLIANT +func_ptr_t2 func_ptr2 = func2; // NON-COMPLIANT +func_ptr_t3 func_ptr3 = func3 + 0; // NON-COMPLIANT void take_func(func_ptr_t1 f1, func_ptr_t2 f2); @@ -44,8 +44,8 @@ void test() { (func1)(); // COMPLIANT (func2)(1, "hello"); // COMPLIANT - &(func1); // NON-COMPLIANT - &(func2); // NON-COMPLIANT + &(func1); // COMPLIANT + &(func2); // COMPLIANT (&func1)(); // COMPLIANT (&func2)(1, "hello"); // COMPLIANT From c972403d1a2f39874d66a355cc69cdbb6d5cd523 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 4 Oct 2024 11:35:49 -0700 Subject: [PATCH 2072/2573] Tag as amendment3, mark 17-13 not supportable --- .../FunctionAddressesShouldAddressOperator.ql | 1 + rule_packages/c/FunctionTypes.json | 10 ++-------- rules.csv | 2 +- 3 files changed, 4 insertions(+), 9 deletions(-) diff --git a/c/misra/src/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.ql b/c/misra/src/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.ql index 30d86b0447..c95612b7ba 100644 --- a/c/misra/src/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.ql +++ b/c/misra/src/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.ql @@ -8,6 +8,7 @@ * @problem.severity error * @tags external/misra/id/rule-17-12 * readability + * external/misra/c/2012/amendment3 * external/misra/obligation/advisory */ diff --git a/rule_packages/c/FunctionTypes.json b/rule_packages/c/FunctionTypes.json index aae4ba8a0f..d9d8b6496d 100644 --- a/rule_packages/c/FunctionTypes.json +++ b/rule_packages/c/FunctionTypes.json @@ -13,18 +13,12 @@ "severity": "error", "short_name": "FunctionAddressesShouldAddressOperator", "tags": [ - "readability" + "readability", + "external/misra/c/2012/amendment3" ] } ], "title": "A function identifier should only be called with a parenthesized parameter list or used with a & (address-of)" - }, - "RULE-17-13": { - "properties": { - "obligation": "required" - }, - "queries": [], - "title": "A function type shall not include any type qualifiers (const, volatile, restrict, or _Atomic)" } } } \ No newline at end of file diff --git a/rules.csv b/rules.csv index b5e15ba6f6..475ea1d66c 100644 --- a/rules.csv +++ b/rules.csv @@ -739,7 +739,7 @@ c,MISRA-C-2012,RULE-17-9,Yes,Mandatory,,,Verify that a function declared with _N c,MISRA-C-2012,RULE-17-10,Yes,Required,,,A function declared with _noreturn shall have a return type of void,,NoReturn,Easy, c,MISRA-C-2012,RULE-17-11,Yes,Advisory,,,A function without a branch that returns shall be declared with _Noreturn,,NoReturn,Easy, c,MISRA-C-2012,RULE-17-12,Yes,Advisory,,,A function identifier should only be called with a parenthesized parameter list or used with a & (address-of),,FunctionTypes,Easy, -c,MISRA-C-2012,RULE-17-13,Yes,Required,,,"A function type shall not include any type qualifiers (const, volatile, restrict, or _Atomic)",,FunctionTypes,Easy, +c,MISRA-C-2012,RULE-17-13,No,Required,,,"A function type shall not include any type qualifiers (const, volatile, restrict, or _Atomic)",,,Easy, c,MISRA-C-2012,RULE-18-1,Yes,Required,,,A pointer resulting from arithmetic on a pointer operand shall address an element of the same array as that pointer operand,M5-0-16,Pointers1,Import, c,MISRA-C-2012,RULE-18-2,Yes,Required,,,Subtraction between pointers shall only be applied to pointers that address elements of the same array,M5-0-17,Pointers1,Import, c,MISRA-C-2012,RULE-18-3,Yes,Required,,,"The relational operators >, >=, < and <= shall not be applied to objects of pointer type except where they point into the same object",M5-0-18,Pointers1,Import, From 6de14caa4d36f6fd9d19a97987c8e1ef55004fc1 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 3 Oct 2024 15:38:08 -0700 Subject: [PATCH 2073/2573] Implement Language4 package, banning obsolete language features. Many of the cases outlined in the amendment are covered by other rules. Add support for new cases where possible (was not possible for ID 3, storage class specifiers not at beginning of declaration, or ID 2, which is a feature of the implementation not determinable by static analysis), and reference existing rules in one comprehensive test for maximal clarity that those parts of rule 1-5 are indeed supported by our existing queries. --- .../RULE-1-5/CallToReallocWithSizeZero.ql | 24 +++++++ .../InvalidDefineOrUndefOfStdBoolMacro.ql | 31 +++++++++ .../UseOfObsoleteMacroAtomicVarInit.ql | 24 +++++++ .../CallToReallocWithSizeZero.expected | 1 + .../RULE-1-5/CallToReallocWithSizeZero.qlref | 1 + .../FunctionTypesNotInPrototypeForm.expected | 2 + .../FunctionTypesNotInPrototypeForm.qlref | 1 + ...nvalidDefineOrUndefOfStdBoolMacro.expected | 6 ++ .../InvalidDefineOrUndefOfStdBoolMacro.qlref | 1 + ...llocDeallocFunctionsOfStdlibhUsed.expected | 3 + ...ryAllocDeallocFunctionsOfStdlibhUsed.qlref | 1 + ...aticSpecifierObjectRedeclarationC.expected | 1 + ...gStaticSpecifierObjectRedeclarationC.qlref | 1 + ...rdLibraryInputoutputFunctionsUsed.expected | 3 + ...ndardLibraryInputoutputFunctionsUsed.qlref | 1 + .../UseOfObsoleteMacroAtomicVarInit.expected | 1 + .../UseOfObsoleteMacroAtomicVarInit.qlref | 1 + c/misra/test/rules/RULE-1-5/options | 1 + c/misra/test/rules/RULE-1-5/test.c | 63 +++++++++++++++++++ .../cpp/exclusions/c/Language4.qll | 61 ++++++++++++++++++ .../cpp/exclusions/c/RuleMetadata.qll | 3 + rule_packages/c/Language4.json | 47 ++++++++++++++ 22 files changed, 278 insertions(+) create mode 100644 c/misra/src/rules/RULE-1-5/CallToReallocWithSizeZero.ql create mode 100644 c/misra/src/rules/RULE-1-5/InvalidDefineOrUndefOfStdBoolMacro.ql create mode 100644 c/misra/src/rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.ql create mode 100644 c/misra/test/rules/RULE-1-5/CallToReallocWithSizeZero.expected create mode 100644 c/misra/test/rules/RULE-1-5/CallToReallocWithSizeZero.qlref create mode 100644 c/misra/test/rules/RULE-1-5/FunctionTypesNotInPrototypeForm.expected create mode 100644 c/misra/test/rules/RULE-1-5/FunctionTypesNotInPrototypeForm.qlref create mode 100644 c/misra/test/rules/RULE-1-5/InvalidDefineOrUndefOfStdBoolMacro.expected create mode 100644 c/misra/test/rules/RULE-1-5/InvalidDefineOrUndefOfStdBoolMacro.qlref create mode 100644 c/misra/test/rules/RULE-1-5/MemoryAllocDeallocFunctionsOfStdlibhUsed.expected create mode 100644 c/misra/test/rules/RULE-1-5/MemoryAllocDeallocFunctionsOfStdlibhUsed.qlref create mode 100644 c/misra/test/rules/RULE-1-5/MissingStaticSpecifierObjectRedeclarationC.expected create mode 100644 c/misra/test/rules/RULE-1-5/MissingStaticSpecifierObjectRedeclarationC.qlref create mode 100644 c/misra/test/rules/RULE-1-5/StandardLibraryInputoutputFunctionsUsed.expected create mode 100644 c/misra/test/rules/RULE-1-5/StandardLibraryInputoutputFunctionsUsed.qlref create mode 100644 c/misra/test/rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.expected create mode 100644 c/misra/test/rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.qlref create mode 100644 c/misra/test/rules/RULE-1-5/options create mode 100644 c/misra/test/rules/RULE-1-5/test.c create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/Language4.qll create mode 100644 rule_packages/c/Language4.json diff --git a/c/misra/src/rules/RULE-1-5/CallToReallocWithSizeZero.ql b/c/misra/src/rules/RULE-1-5/CallToReallocWithSizeZero.ql new file mode 100644 index 0000000000..224ca2a6bf --- /dev/null +++ b/c/misra/src/rules/RULE-1-5/CallToReallocWithSizeZero.ql @@ -0,0 +1,24 @@ +/** + * @id c/misra/call-to-realloc-with-size-zero + * @name RULE-1-5: Disallowed size argument value equal to zero in call to realloc + * @description Invoking realloc with a size argument set to zero is implementation-defined behavior + * and declared as an obsolete feature in C18. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-1-5 + * correctness + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import semmle.code.cpp.rangeanalysis.new.RangeAnalysis + +from FunctionCall call, Expr arg +where + not isExcluded(call, Language4Package::callToReallocWithSizeZeroQuery()) and + call.getTarget().hasGlobalOrStdName("realloc") and + arg = call.getArgument(1) and + upperBound(arg) = 0 +select arg, "Calling realloc with size zero results in implementation-defined behavior." diff --git a/c/misra/src/rules/RULE-1-5/InvalidDefineOrUndefOfStdBoolMacro.ql b/c/misra/src/rules/RULE-1-5/InvalidDefineOrUndefOfStdBoolMacro.ql new file mode 100644 index 0000000000..3d33103988 --- /dev/null +++ b/c/misra/src/rules/RULE-1-5/InvalidDefineOrUndefOfStdBoolMacro.ql @@ -0,0 +1,31 @@ +/** + * @id c/misra/invalid-define-or-undef-of-std-bool-macro + * @name RULE-1-5: Programs may not undefine or redefine the macros bool, true, or false + * @description Directives that undefine and/or redefine the standard boolean macros has been + * declared an obsolescent language feature since C99. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/misra/id/rule-1-5 + * maintainability + * readability + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +string getABoolMacroName() { result = ["true", "false", "bool"] } + +from PreprocessorDirective directive, string opString, string macroName +where + not isExcluded(directive, Language4Package::invalidDefineOrUndefOfStdBoolMacroQuery()) and + macroName = getABoolMacroName() and + ( + macroName = directive.(Macro).getName() and + opString = "define" + or + macroName = directive.(PreprocessorUndef).getName() and + opString = "undefine" + ) +select directive, "Invalid " + opString + " of boolean standard macro " + macroName diff --git a/c/misra/src/rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.ql b/c/misra/src/rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.ql new file mode 100644 index 0000000000..38dd7c0386 --- /dev/null +++ b/c/misra/src/rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.ql @@ -0,0 +1,24 @@ +/** + * @id c/misra/use-of-obsolete-macro-atomic-var-init + * @name RULE-1-5: Disallowed usage of obsolete macro ATOMIC_VAR_INIT compiled as C18 + * @description The macro ATOMIC_VAR_INIT is has been declared an obsolescent language feature since + * C18. + * @kind problem + * @precision very-high + * @problem.severity recommendation + * @tags external/misra/id/rule-1-5 + * maintainability + * readability + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +from MacroInvocation invoke, Compilation c, string flag +where + not isExcluded(invoke, Language4Package::useOfObsoleteMacroAtomicVarInitQuery()) and + invoke.getMacroName() = "ATOMIC_VAR_INIT" and + flag = c.getAnArgument() and + flag.regexpMatch("-std=c1[78]") +select invoke, "Usage of macro ATOMIC_VAR_INIT() is considered obsolete for c version " + flag diff --git a/c/misra/test/rules/RULE-1-5/CallToReallocWithSizeZero.expected b/c/misra/test/rules/RULE-1-5/CallToReallocWithSizeZero.expected new file mode 100644 index 0000000000..0e58d0cd0d --- /dev/null +++ b/c/misra/test/rules/RULE-1-5/CallToReallocWithSizeZero.expected @@ -0,0 +1 @@ +| test.c:13:14:13:14 | 0 | Calling realloc with size zero results in implementation-defined behavior. | diff --git a/c/misra/test/rules/RULE-1-5/CallToReallocWithSizeZero.qlref b/c/misra/test/rules/RULE-1-5/CallToReallocWithSizeZero.qlref new file mode 100644 index 0000000000..218be6b3ef --- /dev/null +++ b/c/misra/test/rules/RULE-1-5/CallToReallocWithSizeZero.qlref @@ -0,0 +1 @@ +rules/RULE-1-5/CallToReallocWithSizeZero.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-1-5/FunctionTypesNotInPrototypeForm.expected b/c/misra/test/rules/RULE-1-5/FunctionTypesNotInPrototypeForm.expected new file mode 100644 index 0000000000..9f9157ca8e --- /dev/null +++ b/c/misra/test/rules/RULE-1-5/FunctionTypesNotInPrototypeForm.expected @@ -0,0 +1,2 @@ +| test.c:40:6:40:7 | f2 | Function f2 does not specify void for no parameters present. | +| test.c:44:5:44:6 | f5 | Function f5 declares parameter in unsupported declaration list. | \ No newline at end of file diff --git a/c/misra/test/rules/RULE-1-5/FunctionTypesNotInPrototypeForm.qlref b/c/misra/test/rules/RULE-1-5/FunctionTypesNotInPrototypeForm.qlref new file mode 100644 index 0000000000..0a6121b324 --- /dev/null +++ b/c/misra/test/rules/RULE-1-5/FunctionTypesNotInPrototypeForm.qlref @@ -0,0 +1 @@ +rules/RULE-8-2/FunctionTypesNotInPrototypeForm.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-1-5/InvalidDefineOrUndefOfStdBoolMacro.expected b/c/misra/test/rules/RULE-1-5/InvalidDefineOrUndefOfStdBoolMacro.expected new file mode 100644 index 0000000000..a29c5efe56 --- /dev/null +++ b/c/misra/test/rules/RULE-1-5/InvalidDefineOrUndefOfStdBoolMacro.expected @@ -0,0 +1,6 @@ +| test.c:23:1:23:14 | #define true 3 | Invalid define of boolean standard macro true | +| test.c:24:1:24:15 | #define false 3 | Invalid define of boolean standard macro false | +| test.c:25:1:25:18 | #define bool int * | Invalid define of boolean standard macro bool | +| test.c:26:1:26:11 | #undef true | Invalid undefine of boolean standard macro true | +| test.c:27:1:27:12 | #undef false | Invalid undefine of boolean standard macro false | +| test.c:28:1:28:11 | #undef bool | Invalid undefine of boolean standard macro bool | diff --git a/c/misra/test/rules/RULE-1-5/InvalidDefineOrUndefOfStdBoolMacro.qlref b/c/misra/test/rules/RULE-1-5/InvalidDefineOrUndefOfStdBoolMacro.qlref new file mode 100644 index 0000000000..5b112609cc --- /dev/null +++ b/c/misra/test/rules/RULE-1-5/InvalidDefineOrUndefOfStdBoolMacro.qlref @@ -0,0 +1 @@ +rules/RULE-1-5/InvalidDefineOrUndefOfStdBoolMacro.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-1-5/MemoryAllocDeallocFunctionsOfStdlibhUsed.expected b/c/misra/test/rules/RULE-1-5/MemoryAllocDeallocFunctionsOfStdlibhUsed.expected new file mode 100644 index 0000000000..3f8fa3cf3f --- /dev/null +++ b/c/misra/test/rules/RULE-1-5/MemoryAllocDeallocFunctionsOfStdlibhUsed.expected @@ -0,0 +1,3 @@ +| test.c:10:12:10:17 | call to malloc | Use of banned dynamic memory allocation. | +| test.c:13:3:13:9 | call to realloc | Use of banned dynamic memory allocation. | +| test.c:16:3:16:9 | call to realloc | Use of banned dynamic memory allocation. | diff --git a/c/misra/test/rules/RULE-1-5/MemoryAllocDeallocFunctionsOfStdlibhUsed.qlref b/c/misra/test/rules/RULE-1-5/MemoryAllocDeallocFunctionsOfStdlibhUsed.qlref new file mode 100644 index 0000000000..8f64b81ced --- /dev/null +++ b/c/misra/test/rules/RULE-1-5/MemoryAllocDeallocFunctionsOfStdlibhUsed.qlref @@ -0,0 +1 @@ +rules/RULE-21-3/MemoryAllocDeallocFunctionsOfStdlibhUsed.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-1-5/MissingStaticSpecifierObjectRedeclarationC.expected b/c/misra/test/rules/RULE-1-5/MissingStaticSpecifierObjectRedeclarationC.expected new file mode 100644 index 0000000000..4c3d4614fa --- /dev/null +++ b/c/misra/test/rules/RULE-1-5/MissingStaticSpecifierObjectRedeclarationC.expected @@ -0,0 +1 @@ +| test.c:37:12:37:13 | declaration of g5 | The redeclaration of $@ with internal linkage misses the static specifier. | test.c:36:12:36:13 | definition of g5 | g5 | diff --git a/c/misra/test/rules/RULE-1-5/MissingStaticSpecifierObjectRedeclarationC.qlref b/c/misra/test/rules/RULE-1-5/MissingStaticSpecifierObjectRedeclarationC.qlref new file mode 100644 index 0000000000..70b6073e14 --- /dev/null +++ b/c/misra/test/rules/RULE-1-5/MissingStaticSpecifierObjectRedeclarationC.qlref @@ -0,0 +1 @@ +rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-1-5/StandardLibraryInputoutputFunctionsUsed.expected b/c/misra/test/rules/RULE-1-5/StandardLibraryInputoutputFunctionsUsed.expected new file mode 100644 index 0000000000..ca49894238 --- /dev/null +++ b/c/misra/test/rules/RULE-1-5/StandardLibraryInputoutputFunctionsUsed.expected @@ -0,0 +1,3 @@ +| test.c:57:3:57:8 | call to ungetc | Call to banned function ungetc. | +| test.c:60:3:60:7 | call to fread | Call to banned function fread. | +| test.c:62:3:62:8 | call to ungetc | Call to banned function ungetc. | diff --git a/c/misra/test/rules/RULE-1-5/StandardLibraryInputoutputFunctionsUsed.qlref b/c/misra/test/rules/RULE-1-5/StandardLibraryInputoutputFunctionsUsed.qlref new file mode 100644 index 0000000000..0a8cd754ef --- /dev/null +++ b/c/misra/test/rules/RULE-1-5/StandardLibraryInputoutputFunctionsUsed.qlref @@ -0,0 +1 @@ +rules/RULE-21-6/StandardLibraryInputoutputFunctionsUsed.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.expected b/c/misra/test/rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.expected new file mode 100644 index 0000000000..6fe4cee5f4 --- /dev/null +++ b/c/misra/test/rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.expected @@ -0,0 +1 @@ +| test.c:30:18:30:36 | ATOMIC_VAR_INIT(value) | Usage of macro ATOMIC_VAR_INIT() is considered obsolete for c version -std=c17 | diff --git a/c/misra/test/rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.qlref b/c/misra/test/rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.qlref new file mode 100644 index 0000000000..9a54fdc83a --- /dev/null +++ b/c/misra/test/rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.qlref @@ -0,0 +1 @@ +rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-1-5/options b/c/misra/test/rules/RULE-1-5/options new file mode 100644 index 0000000000..2ba2218a05 --- /dev/null +++ b/c/misra/test/rules/RULE-1-5/options @@ -0,0 +1 @@ +semmle-extractor-options:-std=c17 -I../../../../common/test/includes/standard-library \ No newline at end of file diff --git a/c/misra/test/rules/RULE-1-5/test.c b/c/misra/test/rules/RULE-1-5/test.c new file mode 100644 index 0000000000..43faa71f3c --- /dev/null +++ b/c/misra/test/rules/RULE-1-5/test.c @@ -0,0 +1,63 @@ +// Compiled with -std=c17 + +#include "stdatomic.h" +#include "stdbool.h" +#include "stdio.h" +#include "stdlib.h" + +void f1(void) { + // malloc() is not obsolete, but banned by Rule 21.3 + int *t = malloc(10); // COMPLIANT[False Negative] + + // Obsolete usage of realloc. + realloc(t, 0); // NON-COMPLIANT + + // Valid usage of realloc, but all use of realloc is banned by Rule 21.3 + realloc(t, 20); // NON-COMPLIANT +} + +extern const int g1; // COMPLIANT +const extern int g2; // NON-COMPLIANT + +#define MY_TRUE 3 // COMPLIANT +#define true 3 // NON-COMPLIANT +#define false 3 // NON-COMPLIANT +#define bool int * // NON-COMPLIANT +#undef true // NON-COMPLIANT +#undef false // NON-COMPLIANT +#undef bool // NON-COMPLIANT + +_Atomic int g3 = ATOMIC_VAR_INIT(18); // NON-COMPLIANT +_Atomic int g4 = 18; // COMPLIANT + +// The following cases are already covered by other rules: + +// Rule 8.8: +static int g5 = 3; // COMPLIANT +extern int g5; // NON-COMPLIANT + +// Rule 8.2: +void f2(); // NON-COMPLIANT +void f3(void); // COMPLIANT + +void f4(int p1) {}; // COMPLIANT +int f5(x) // NON_COMPLIANT +int x; +{ + return 1; +} + +// Rule 21.6 covers the below cases: +void f6(void) { + // `gets` was removed from C11. + // gets(stdin); // NON_COMPLIANT + + FILE *file = fopen("", 0); + // Obsolete usage of ungetc. + ungetc('c', file); // NON-COMPLIANT + + char buf[10]; + fread(buf, sizeof(buf), 10, file); + // This is not an obsolete usage of ungetc, but ungetc isn't allowed. + ungetc('c', file); // NON-COMPLIANT[FALSE NEGATIVE] +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Language4.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Language4.qll new file mode 100644 index 0000000000..f26cae3e9a --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Language4.qll @@ -0,0 +1,61 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype Language4Query = + TUseOfObsoleteMacroAtomicVarInitQuery() or + TInvalidDefineOrUndefOfStdBoolMacroQuery() or + TCallToReallocWithSizeZeroQuery() + +predicate isLanguage4QueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `useOfObsoleteMacroAtomicVarInit` query + Language4Package::useOfObsoleteMacroAtomicVarInitQuery() and + queryId = + // `@id` for the `useOfObsoleteMacroAtomicVarInit` query + "c/misra/use-of-obsolete-macro-atomic-var-init" and + ruleId = "RULE-1-5" and + category = "required" + or + query = + // `Query` instance for the `invalidDefineOrUndefOfStdBoolMacro` query + Language4Package::invalidDefineOrUndefOfStdBoolMacroQuery() and + queryId = + // `@id` for the `invalidDefineOrUndefOfStdBoolMacro` query + "c/misra/invalid-define-or-undef-of-std-bool-macro" and + ruleId = "RULE-1-5" and + category = "required" + or + query = + // `Query` instance for the `callToReallocWithSizeZero` query + Language4Package::callToReallocWithSizeZeroQuery() and + queryId = + // `@id` for the `callToReallocWithSizeZero` query + "c/misra/call-to-realloc-with-size-zero" and + ruleId = "RULE-1-5" and + category = "required" +} + +module Language4Package { + Query useOfObsoleteMacroAtomicVarInitQuery() { + //autogenerate `Query` type + result = + // `Query` type for `useOfObsoleteMacroAtomicVarInit` query + TQueryC(TLanguage4PackageQuery(TUseOfObsoleteMacroAtomicVarInitQuery())) + } + + Query invalidDefineOrUndefOfStdBoolMacroQuery() { + //autogenerate `Query` type + result = + // `Query` type for `invalidDefineOrUndefOfStdBoolMacro` query + TQueryC(TLanguage4PackageQuery(TInvalidDefineOrUndefOfStdBoolMacroQuery())) + } + + Query callToReallocWithSizeZeroQuery() { + //autogenerate `Query` type + result = + // `Query` type for `callToReallocWithSizeZero` query + TQueryC(TLanguage4PackageQuery(TCallToReallocWithSizeZeroQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index b10fbf0a2f..cff145d562 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -39,6 +39,7 @@ import InvalidMemory2 import Language1 import Language2 import Language3 +import Language4 import Memory1 import Memory2 import Memory3 @@ -112,6 +113,7 @@ newtype TCQuery = TLanguage1PackageQuery(Language1Query q) or TLanguage2PackageQuery(Language2Query q) or TLanguage3PackageQuery(Language3Query q) or + TLanguage4PackageQuery(Language4Query q) or TMemory1PackageQuery(Memory1Query q) or TMemory2PackageQuery(Memory2Query q) or TMemory3PackageQuery(Memory3Query q) or @@ -185,6 +187,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isLanguage1QueryMetadata(query, queryId, ruleId, category) or isLanguage2QueryMetadata(query, queryId, ruleId, category) or isLanguage3QueryMetadata(query, queryId, ruleId, category) or + isLanguage4QueryMetadata(query, queryId, ruleId, category) or isMemory1QueryMetadata(query, queryId, ruleId, category) or isMemory2QueryMetadata(query, queryId, ruleId, category) or isMemory3QueryMetadata(query, queryId, ruleId, category) or diff --git a/rule_packages/c/Language4.json b/rule_packages/c/Language4.json new file mode 100644 index 0000000000..ff85927a61 --- /dev/null +++ b/rule_packages/c/Language4.json @@ -0,0 +1,47 @@ +{ + "MISRA-C-2012": { + "RULE-1-5": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "The macro ATOMIC_VAR_INIT is has been declared an obsolescent language feature since C18.", + "kind": "problem", + "name": "Disallowed usage of obsolete macro ATOMIC_VAR_INIT compiled as C18", + "precision": "very-high", + "severity": "recommendation", + "short_name": "UseOfObsoleteMacroAtomicVarInit", + "tags": [ + "maintainability", + "readability" + ] + }, + { + "description": "Directives that undefine and/or redefine the standard boolean macros has been declared an obsolescent language feature since C99.", + "kind": "problem", + "name": "Programs may not undefine or redefine the macros bool, true, or false", + "precision": "very-high", + "severity": "warning", + "short_name": "InvalidDefineOrUndefOfStdBoolMacro", + "tags": [ + "maintainability", + "readability" + ] + }, + { + "description": "Invoking realloc with a size argument set to zero is implementation-defined behavior and declared as an obsolete feature in C18.", + "kind": "problem", + "name": "Disallowed size argument value equal to zero in call to realloc", + "precision": "very-high", + "severity": "error", + "short_name": "CallToReallocWithSizeZero", + "tags": [ + "correctness" + ] + } + ], + "title": "Obsolencent language features shall not be used" + } + } +} \ No newline at end of file From 3adf181c92efb89e3d8fc4fa4b58f0ebb076a712 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 3 Oct 2024 15:49:44 -0700 Subject: [PATCH 2074/2573] Add full stops to query messages. --- .../RULE-1-5/InvalidDefineOrUndefOfStdBoolMacro.ql | 2 +- .../RULE-1-5/UseOfObsoleteMacroAtomicVarInit.ql | 3 ++- .../InvalidDefineOrUndefOfStdBoolMacro.expected | 12 ++++++------ .../UseOfObsoleteMacroAtomicVarInit.expected | 2 +- 4 files changed, 10 insertions(+), 9 deletions(-) diff --git a/c/misra/src/rules/RULE-1-5/InvalidDefineOrUndefOfStdBoolMacro.ql b/c/misra/src/rules/RULE-1-5/InvalidDefineOrUndefOfStdBoolMacro.ql index 3d33103988..8b6abe47dd 100644 --- a/c/misra/src/rules/RULE-1-5/InvalidDefineOrUndefOfStdBoolMacro.ql +++ b/c/misra/src/rules/RULE-1-5/InvalidDefineOrUndefOfStdBoolMacro.ql @@ -28,4 +28,4 @@ where macroName = directive.(PreprocessorUndef).getName() and opString = "undefine" ) -select directive, "Invalid " + opString + " of boolean standard macro " + macroName +select directive, "Invalid " + opString + " of boolean standard macro '" + macroName + "'." diff --git a/c/misra/src/rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.ql b/c/misra/src/rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.ql index 38dd7c0386..82bde8471a 100644 --- a/c/misra/src/rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.ql +++ b/c/misra/src/rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.ql @@ -21,4 +21,5 @@ where invoke.getMacroName() = "ATOMIC_VAR_INIT" and flag = c.getAnArgument() and flag.regexpMatch("-std=c1[78]") -select invoke, "Usage of macro ATOMIC_VAR_INIT() is considered obsolete for c version " + flag +select invoke, + "Usage of macro ATOMIC_VAR_INIT() is considered obsolete for c version '" + flag + "'." diff --git a/c/misra/test/rules/RULE-1-5/InvalidDefineOrUndefOfStdBoolMacro.expected b/c/misra/test/rules/RULE-1-5/InvalidDefineOrUndefOfStdBoolMacro.expected index a29c5efe56..e2a072d2b4 100644 --- a/c/misra/test/rules/RULE-1-5/InvalidDefineOrUndefOfStdBoolMacro.expected +++ b/c/misra/test/rules/RULE-1-5/InvalidDefineOrUndefOfStdBoolMacro.expected @@ -1,6 +1,6 @@ -| test.c:23:1:23:14 | #define true 3 | Invalid define of boolean standard macro true | -| test.c:24:1:24:15 | #define false 3 | Invalid define of boolean standard macro false | -| test.c:25:1:25:18 | #define bool int * | Invalid define of boolean standard macro bool | -| test.c:26:1:26:11 | #undef true | Invalid undefine of boolean standard macro true | -| test.c:27:1:27:12 | #undef false | Invalid undefine of boolean standard macro false | -| test.c:28:1:28:11 | #undef bool | Invalid undefine of boolean standard macro bool | +| test.c:23:1:23:14 | #define true 3 | Invalid define of boolean standard macro 'true'. | +| test.c:24:1:24:15 | #define false 3 | Invalid define of boolean standard macro 'false'. | +| test.c:25:1:25:18 | #define bool int * | Invalid define of boolean standard macro 'bool'. | +| test.c:26:1:26:11 | #undef true | Invalid undefine of boolean standard macro 'true'. | +| test.c:27:1:27:12 | #undef false | Invalid undefine of boolean standard macro 'false'. | +| test.c:28:1:28:11 | #undef bool | Invalid undefine of boolean standard macro 'bool'. | diff --git a/c/misra/test/rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.expected b/c/misra/test/rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.expected index 6fe4cee5f4..c38a6263a9 100644 --- a/c/misra/test/rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.expected +++ b/c/misra/test/rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.expected @@ -1 +1 @@ -| test.c:30:18:30:36 | ATOMIC_VAR_INIT(value) | Usage of macro ATOMIC_VAR_INIT() is considered obsolete for c version -std=c17 | +| test.c:30:18:30:36 | ATOMIC_VAR_INIT(value) | Usage of macro ATOMIC_VAR_INIT() is considered obsolete for c version '-std=c17'. | From 31dc8bc08c49e8872f6ebf79fc7bf46059a172b5 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 3 Oct 2024 15:56:04 -0700 Subject: [PATCH 2075/2573] Fix test.c format --- .../StandardLibraryInputoutputFunctionsUsed.expected | 6 +++--- c/misra/test/rules/RULE-1-5/test.c | 8 +++----- 2 files changed, 6 insertions(+), 8 deletions(-) diff --git a/c/misra/test/rules/RULE-1-5/StandardLibraryInputoutputFunctionsUsed.expected b/c/misra/test/rules/RULE-1-5/StandardLibraryInputoutputFunctionsUsed.expected index ca49894238..d0cf1351c7 100644 --- a/c/misra/test/rules/RULE-1-5/StandardLibraryInputoutputFunctionsUsed.expected +++ b/c/misra/test/rules/RULE-1-5/StandardLibraryInputoutputFunctionsUsed.expected @@ -1,3 +1,3 @@ -| test.c:57:3:57:8 | call to ungetc | Call to banned function ungetc. | -| test.c:60:3:60:7 | call to fread | Call to banned function fread. | -| test.c:62:3:62:8 | call to ungetc | Call to banned function ungetc. | +| test.c:55:3:55:8 | call to ungetc | Call to banned function ungetc. | +| test.c:58:3:58:7 | call to fread | Call to banned function fread. | +| test.c:60:3:60:8 | call to ungetc | Call to banned function ungetc. | diff --git a/c/misra/test/rules/RULE-1-5/test.c b/c/misra/test/rules/RULE-1-5/test.c index 43faa71f3c..51399e32c6 100644 --- a/c/misra/test/rules/RULE-1-5/test.c +++ b/c/misra/test/rules/RULE-1-5/test.c @@ -40,12 +40,10 @@ extern int g5; // NON-COMPLIANT void f2(); // NON-COMPLIANT void f3(void); // COMPLIANT -void f4(int p1) {}; // COMPLIANT -int f5(x) // NON_COMPLIANT +void f4(int p1){}; // COMPLIANT +int f5(x) // NON_COMPLIANT int x; -{ - return 1; -} +{ return 1; } // Rule 21.6 covers the below cases: void f6(void) { From d077885f68d65ee72c17614aa41c066ddf4c7c3b Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 4 Oct 2024 07:51:44 -0700 Subject: [PATCH 2076/2573] Add tag misra c 2012 amendment 3 --- c/misra/src/rules/RULE-1-5/CallToReallocWithSizeZero.ql | 1 + .../rules/RULE-1-5/InvalidDefineOrUndefOfStdBoolMacro.ql | 1 + .../rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.ql | 1 + rule_packages/c/Language4.json | 9 ++++++--- 4 files changed, 9 insertions(+), 3 deletions(-) diff --git a/c/misra/src/rules/RULE-1-5/CallToReallocWithSizeZero.ql b/c/misra/src/rules/RULE-1-5/CallToReallocWithSizeZero.ql index 224ca2a6bf..2ea90e8b12 100644 --- a/c/misra/src/rules/RULE-1-5/CallToReallocWithSizeZero.ql +++ b/c/misra/src/rules/RULE-1-5/CallToReallocWithSizeZero.ql @@ -8,6 +8,7 @@ * @problem.severity error * @tags external/misra/id/rule-1-5 * correctness + * external/misra/c/2012/amendment3 * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-1-5/InvalidDefineOrUndefOfStdBoolMacro.ql b/c/misra/src/rules/RULE-1-5/InvalidDefineOrUndefOfStdBoolMacro.ql index 8b6abe47dd..9d10522ecf 100644 --- a/c/misra/src/rules/RULE-1-5/InvalidDefineOrUndefOfStdBoolMacro.ql +++ b/c/misra/src/rules/RULE-1-5/InvalidDefineOrUndefOfStdBoolMacro.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-1-5 * maintainability * readability + * external/misra/c/2012/amendment3 * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.ql b/c/misra/src/rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.ql index 82bde8471a..b2fb5f0167 100644 --- a/c/misra/src/rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.ql +++ b/c/misra/src/rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.ql @@ -9,6 +9,7 @@ * @tags external/misra/id/rule-1-5 * maintainability * readability + * external/misra/c/2012/amendment3 * external/misra/obligation/required */ diff --git a/rule_packages/c/Language4.json b/rule_packages/c/Language4.json index ff85927a61..a9f5ddde92 100644 --- a/rule_packages/c/Language4.json +++ b/rule_packages/c/Language4.json @@ -14,7 +14,8 @@ "short_name": "UseOfObsoleteMacroAtomicVarInit", "tags": [ "maintainability", - "readability" + "readability", + "external/misra/c/2012/amendment3" ] }, { @@ -26,7 +27,8 @@ "short_name": "InvalidDefineOrUndefOfStdBoolMacro", "tags": [ "maintainability", - "readability" + "readability", + "external/misra/c/2012/amendment3" ] }, { @@ -37,7 +39,8 @@ "severity": "error", "short_name": "CallToReallocWithSizeZero", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/amendment3" ] } ], From e27e49a004f4ac240535d9cc4971c3261d32208b Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 4 Oct 2024 12:10:22 -0700 Subject: [PATCH 2077/2573] Add implementation scope to Language4.json --- rule_packages/c/Language4.json | 5 ++++- schemas/rule-package.schema.json | 12 ++++++++++++ 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/rule_packages/c/Language4.json b/rule_packages/c/Language4.json index a9f5ddde92..0ba6bfcc55 100644 --- a/rule_packages/c/Language4.json +++ b/rule_packages/c/Language4.json @@ -44,7 +44,10 @@ ] } ], - "title": "Obsolencent language features shall not be used" + "title": "Obsolencent language features shall not be used", + "implementation_scope": { + "description": "Usage of obsolescent language features that are already disallowed by Rule 8.2, Rule 8.8, and 21.6 are not redundantly checked by this rule." + } } } } \ No newline at end of file diff --git a/schemas/rule-package.schema.json b/schemas/rule-package.schema.json index b27815163e..087a6087ea 100644 --- a/schemas/rule-package.schema.json +++ b/schemas/rule-package.schema.json @@ -207,6 +207,18 @@ }, "title": { "type": "string" + }, + "implementation_scope": { + "type": "object", + "properties": { + "description": { + "type": "string" + } + }, + "required": [ + "description" + ], + "additionalProperties": false } }, "required": [ From cca63e439ff2d3bf9a0dd9124a77c6f311838095 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 4 Oct 2024 12:22:22 -0700 Subject: [PATCH 2078/2573] Report ATOMIC_VAR_INIT for all C versions. --- .../RULE-1-5/UseOfObsoleteMacroAtomicVarInit.ql | 8 +++----- .../RULE-1-5/CallToReallocWithSizeZero.expected | 2 +- .../FunctionTypesNotInPrototypeForm.expected | 4 ++-- .../InvalidDefineOrUndefOfStdBoolMacro.expected | 12 ++++++------ ...MemoryAllocDeallocFunctionsOfStdlibhUsed.expected | 6 +++--- ...ssingStaticSpecifierObjectRedeclarationC.expected | 2 +- .../StandardLibraryInputoutputFunctionsUsed.expected | 6 +++--- .../UseOfObsoleteMacroAtomicVarInit.expected | 2 +- c/misra/test/rules/RULE-1-5/options | 1 - c/misra/test/rules/RULE-1-5/test.c | 2 -- 10 files changed, 20 insertions(+), 25 deletions(-) delete mode 100644 c/misra/test/rules/RULE-1-5/options diff --git a/c/misra/src/rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.ql b/c/misra/src/rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.ql index b2fb5f0167..e8abf1bbfb 100644 --- a/c/misra/src/rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.ql +++ b/c/misra/src/rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.ql @@ -16,11 +16,9 @@ import cpp import codingstandards.c.misra -from MacroInvocation invoke, Compilation c, string flag +from MacroInvocation invoke where not isExcluded(invoke, Language4Package::useOfObsoleteMacroAtomicVarInitQuery()) and - invoke.getMacroName() = "ATOMIC_VAR_INIT" and - flag = c.getAnArgument() and - flag.regexpMatch("-std=c1[78]") + invoke.getMacroName() = "ATOMIC_VAR_INIT" select invoke, - "Usage of macro ATOMIC_VAR_INIT() is considered obsolete for c version '" + flag + "'." + "Usage of macro ATOMIC_VAR_INIT() is declared obscelescent in C18, and discouraged in earlier C versions." diff --git a/c/misra/test/rules/RULE-1-5/CallToReallocWithSizeZero.expected b/c/misra/test/rules/RULE-1-5/CallToReallocWithSizeZero.expected index 0e58d0cd0d..89e54a38c2 100644 --- a/c/misra/test/rules/RULE-1-5/CallToReallocWithSizeZero.expected +++ b/c/misra/test/rules/RULE-1-5/CallToReallocWithSizeZero.expected @@ -1 +1 @@ -| test.c:13:14:13:14 | 0 | Calling realloc with size zero results in implementation-defined behavior. | +| test.c:11:14:11:14 | 0 | Calling realloc with size zero results in implementation-defined behavior. | diff --git a/c/misra/test/rules/RULE-1-5/FunctionTypesNotInPrototypeForm.expected b/c/misra/test/rules/RULE-1-5/FunctionTypesNotInPrototypeForm.expected index 9f9157ca8e..29faec8b55 100644 --- a/c/misra/test/rules/RULE-1-5/FunctionTypesNotInPrototypeForm.expected +++ b/c/misra/test/rules/RULE-1-5/FunctionTypesNotInPrototypeForm.expected @@ -1,2 +1,2 @@ -| test.c:40:6:40:7 | f2 | Function f2 does not specify void for no parameters present. | -| test.c:44:5:44:6 | f5 | Function f5 declares parameter in unsupported declaration list. | \ No newline at end of file +| test.c:38:6:38:7 | f2 | Function f2 does not specify void for no parameters present. | +| test.c:42:5:42:6 | f5 | Function f5 declares parameter in unsupported declaration list. | \ No newline at end of file diff --git a/c/misra/test/rules/RULE-1-5/InvalidDefineOrUndefOfStdBoolMacro.expected b/c/misra/test/rules/RULE-1-5/InvalidDefineOrUndefOfStdBoolMacro.expected index e2a072d2b4..7a6ca9824e 100644 --- a/c/misra/test/rules/RULE-1-5/InvalidDefineOrUndefOfStdBoolMacro.expected +++ b/c/misra/test/rules/RULE-1-5/InvalidDefineOrUndefOfStdBoolMacro.expected @@ -1,6 +1,6 @@ -| test.c:23:1:23:14 | #define true 3 | Invalid define of boolean standard macro 'true'. | -| test.c:24:1:24:15 | #define false 3 | Invalid define of boolean standard macro 'false'. | -| test.c:25:1:25:18 | #define bool int * | Invalid define of boolean standard macro 'bool'. | -| test.c:26:1:26:11 | #undef true | Invalid undefine of boolean standard macro 'true'. | -| test.c:27:1:27:12 | #undef false | Invalid undefine of boolean standard macro 'false'. | -| test.c:28:1:28:11 | #undef bool | Invalid undefine of boolean standard macro 'bool'. | +| test.c:21:1:21:14 | #define true 3 | Invalid define of boolean standard macro 'true'. | +| test.c:22:1:22:15 | #define false 3 | Invalid define of boolean standard macro 'false'. | +| test.c:23:1:23:18 | #define bool int * | Invalid define of boolean standard macro 'bool'. | +| test.c:24:1:24:11 | #undef true | Invalid undefine of boolean standard macro 'true'. | +| test.c:25:1:25:12 | #undef false | Invalid undefine of boolean standard macro 'false'. | +| test.c:26:1:26:11 | #undef bool | Invalid undefine of boolean standard macro 'bool'. | diff --git a/c/misra/test/rules/RULE-1-5/MemoryAllocDeallocFunctionsOfStdlibhUsed.expected b/c/misra/test/rules/RULE-1-5/MemoryAllocDeallocFunctionsOfStdlibhUsed.expected index 3f8fa3cf3f..de87fc8542 100644 --- a/c/misra/test/rules/RULE-1-5/MemoryAllocDeallocFunctionsOfStdlibhUsed.expected +++ b/c/misra/test/rules/RULE-1-5/MemoryAllocDeallocFunctionsOfStdlibhUsed.expected @@ -1,3 +1,3 @@ -| test.c:10:12:10:17 | call to malloc | Use of banned dynamic memory allocation. | -| test.c:13:3:13:9 | call to realloc | Use of banned dynamic memory allocation. | -| test.c:16:3:16:9 | call to realloc | Use of banned dynamic memory allocation. | +| test.c:8:12:8:17 | call to malloc | Use of banned dynamic memory allocation. | +| test.c:11:3:11:9 | call to realloc | Use of banned dynamic memory allocation. | +| test.c:14:3:14:9 | call to realloc | Use of banned dynamic memory allocation. | diff --git a/c/misra/test/rules/RULE-1-5/MissingStaticSpecifierObjectRedeclarationC.expected b/c/misra/test/rules/RULE-1-5/MissingStaticSpecifierObjectRedeclarationC.expected index 4c3d4614fa..48275eb504 100644 --- a/c/misra/test/rules/RULE-1-5/MissingStaticSpecifierObjectRedeclarationC.expected +++ b/c/misra/test/rules/RULE-1-5/MissingStaticSpecifierObjectRedeclarationC.expected @@ -1 +1 @@ -| test.c:37:12:37:13 | declaration of g5 | The redeclaration of $@ with internal linkage misses the static specifier. | test.c:36:12:36:13 | definition of g5 | g5 | +| test.c:35:12:35:13 | declaration of g5 | The redeclaration of $@ with internal linkage misses the static specifier. | test.c:34:12:34:13 | definition of g5 | g5 | diff --git a/c/misra/test/rules/RULE-1-5/StandardLibraryInputoutputFunctionsUsed.expected b/c/misra/test/rules/RULE-1-5/StandardLibraryInputoutputFunctionsUsed.expected index d0cf1351c7..396b181150 100644 --- a/c/misra/test/rules/RULE-1-5/StandardLibraryInputoutputFunctionsUsed.expected +++ b/c/misra/test/rules/RULE-1-5/StandardLibraryInputoutputFunctionsUsed.expected @@ -1,3 +1,3 @@ -| test.c:55:3:55:8 | call to ungetc | Call to banned function ungetc. | -| test.c:58:3:58:7 | call to fread | Call to banned function fread. | -| test.c:60:3:60:8 | call to ungetc | Call to banned function ungetc. | +| test.c:53:3:53:8 | call to ungetc | Call to banned function ungetc. | +| test.c:56:3:56:7 | call to fread | Call to banned function fread. | +| test.c:58:3:58:8 | call to ungetc | Call to banned function ungetc. | diff --git a/c/misra/test/rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.expected b/c/misra/test/rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.expected index c38a6263a9..bc903de094 100644 --- a/c/misra/test/rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.expected +++ b/c/misra/test/rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.expected @@ -1 +1 @@ -| test.c:30:18:30:36 | ATOMIC_VAR_INIT(value) | Usage of macro ATOMIC_VAR_INIT() is considered obsolete for c version '-std=c17'. | +| test.c:28:18:28:36 | ATOMIC_VAR_INIT(value) | Usage of macro ATOMIC_VAR_INIT() is declared obscelescent in C18, and discouraged in earlier C versions. | diff --git a/c/misra/test/rules/RULE-1-5/options b/c/misra/test/rules/RULE-1-5/options deleted file mode 100644 index 2ba2218a05..0000000000 --- a/c/misra/test/rules/RULE-1-5/options +++ /dev/null @@ -1 +0,0 @@ -semmle-extractor-options:-std=c17 -I../../../../common/test/includes/standard-library \ No newline at end of file diff --git a/c/misra/test/rules/RULE-1-5/test.c b/c/misra/test/rules/RULE-1-5/test.c index 51399e32c6..4709381898 100644 --- a/c/misra/test/rules/RULE-1-5/test.c +++ b/c/misra/test/rules/RULE-1-5/test.c @@ -1,5 +1,3 @@ -// Compiled with -std=c17 - #include "stdatomic.h" #include "stdbool.h" #include "stdio.h" From 794e97ab06f22edcad8759ae167463ffdd9d0aa9 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 4 Oct 2024 12:42:55 -0700 Subject: [PATCH 2079/2573] Reuse implementation_scope schema, detailed items for 1.5 --- rule_packages/c/Language4.json | 12 +++++++++- schemas/rule-package.schema.json | 38 ++++++++++++++------------------ 2 files changed, 28 insertions(+), 22 deletions(-) diff --git a/rule_packages/c/Language4.json b/rule_packages/c/Language4.json index 0ba6bfcc55..54708d73da 100644 --- a/rule_packages/c/Language4.json +++ b/rule_packages/c/Language4.json @@ -46,7 +46,17 @@ ], "title": "Obsolencent language features shall not be used", "implementation_scope": { - "description": "Usage of obsolescent language features that are already disallowed by Rule 8.2, Rule 8.8, and 21.6 are not redundantly checked by this rule." + "description": "Not all items from Appendix F are covered by this rule. Some are not supportable and some are covered already by other rules.", + "items": [ + "Appendix F, item ID 1 is covered by Rule 8.8 and not reported as part of this implementation of Rule 1.5.", + "Appendix F, item ID 2 refers to compiler behavior which cannot be statically analyzed.", + "Appendix F, item ID 3, which states that storage-class specifiers may not be used except in the beginning of a declaration, is not supportable without additional changes to the CodeQL CLI.", + "Appendix F, item ID 6 is reported for all C versions, though the macro ATOMIC_VAR_INIT was not officially declared obsolescent until C18.", + "Appendix F, item IDs 4 and 5 are covered by Rule 8.2 and not reported as part of this implementation of Rule 1.5.", + "Appendix F, item IDs 8 and 9 is covered by Rule 21.6 and not reported as part of this implementation of Rule 1.5.", + "Appendix F, item ID 10 is checked by this implementation of 1.5, though it is a redundant subset of cases reported by Rule 21.3.", + "Appendix F, item ID 10 is reported for all C versions, as realloc() with a size argument of zero was implementation-defined behavior in C99 and C11." + ] } } } diff --git a/schemas/rule-package.schema.json b/schemas/rule-package.schema.json index 087a6087ea..63cbbf3ac5 100644 --- a/schemas/rule-package.schema.json +++ b/schemas/rule-package.schema.json @@ -209,16 +209,7 @@ "type": "string" }, "implementation_scope": { - "type": "object", - "properties": { - "description": { - "type": "string" - } - }, - "required": [ - "description" - ], - "additionalProperties": false + "$ref": "#/$defs/implementation_scope" } }, "required": [ @@ -360,6 +351,20 @@ "minLength": 1 }, "implementation_scope": { + "$ref": "#/$defs/implementation_scope" + } + }, + "required": [ + "description", + "name", + "precision", + "severity", + "short_name", + "tags" + ] + }, + "implementation_scope": { + "$id": "/schemas/implementation_scope", "type": "object", "properties": { "description": { @@ -374,17 +379,8 @@ }, "required": [ "description" - ] + ], + "additionalProperties": false } - }, - "required": [ - "description", - "name", - "precision", - "severity", - "short_name", - "tags" - ] - } } } \ No newline at end of file From 38a467ddd5c08caa083cbf66a220b6190cbda6d6 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 4 Oct 2024 12:52:25 -0700 Subject: [PATCH 2080/2573] Add cross-linking comments to tests referencing other rules. --- ...moryAllocDeallocFunctionsOfStdlibhUsed.expected | 10 +++++----- c/misra/test/rules/RULE-21-3/test.c | 5 +++++ ...tandardLibraryInputoutputFunctionsUsed.expected | 14 +++++++------- c/misra/test/rules/RULE-21-6/test.c | 5 +++++ .../FunctionTypesNotInPrototypeForm.expected | 8 ++++---- c/misra/test/rules/RULE-8-2/test.c | 5 +++++ ...ingStaticSpecifierObjectRedeclarationC.expected | 2 +- c/misra/test/rules/RULE-8-8/test.c | 5 +++++ 8 files changed, 37 insertions(+), 17 deletions(-) diff --git a/c/misra/test/rules/RULE-21-3/MemoryAllocDeallocFunctionsOfStdlibhUsed.expected b/c/misra/test/rules/RULE-21-3/MemoryAllocDeallocFunctionsOfStdlibhUsed.expected index 0215c2e5b8..e9ea6daecc 100644 --- a/c/misra/test/rules/RULE-21-3/MemoryAllocDeallocFunctionsOfStdlibhUsed.expected +++ b/c/misra/test/rules/RULE-21-3/MemoryAllocDeallocFunctionsOfStdlibhUsed.expected @@ -1,5 +1,5 @@ -| test.c:8:15:8:20 | call to malloc | Use of banned dynamic memory allocation. | -| test.c:9:15:9:20 | call to calloc | Use of banned dynamic memory allocation. | -| test.c:10:8:10:14 | call to realloc | Use of banned dynamic memory allocation. | -| test.c:11:3:11:6 | call to free | Use of banned dynamic memory deallocation. | -| test.c:12:3:12:6 | call to free | Use of banned dynamic memory deallocation. | +| test.c:13:15:13:20 | call to malloc | Use of banned dynamic memory allocation. | +| test.c:14:15:14:20 | call to calloc | Use of banned dynamic memory allocation. | +| test.c:15:8:15:14 | call to realloc | Use of banned dynamic memory allocation. | +| test.c:16:3:16:6 | call to free | Use of banned dynamic memory deallocation. | +| test.c:17:3:17:6 | call to free | Use of banned dynamic memory deallocation. | diff --git a/c/misra/test/rules/RULE-21-3/test.c b/c/misra/test/rules/RULE-21-3/test.c index d9aee3a322..fd4543faaf 100644 --- a/c/misra/test/rules/RULE-21-3/test.c +++ b/c/misra/test/rules/RULE-21-3/test.c @@ -1,3 +1,8 @@ +// Note: A subset of these cases are also tested in c/misra/test/rules/RULE-1-5 +// via a MemoryAllocDeallocFunctionsOfStdlibhUsed.qlref and .expected file in +// that directory. Changes to these tests may require updating the test code or +// expectations in that directory as well. + #include #include void f2(); diff --git a/c/misra/test/rules/RULE-21-6/StandardLibraryInputoutputFunctionsUsed.expected b/c/misra/test/rules/RULE-21-6/StandardLibraryInputoutputFunctionsUsed.expected index 0dee7e9b3d..672480db33 100644 --- a/c/misra/test/rules/RULE-21-6/StandardLibraryInputoutputFunctionsUsed.expected +++ b/c/misra/test/rules/RULE-21-6/StandardLibraryInputoutputFunctionsUsed.expected @@ -1,7 +1,7 @@ -| test.c:8:10:8:14 | call to scanf | Call to banned function scanf. | -| test.c:9:5:9:10 | call to printf | Call to banned function printf. | -| test.c:16:16:16:21 | call to fgetwc | Call to banned function fgetwc. | -| test.c:17:5:17:12 | call to putwchar | Call to banned function putwchar. | -| test.c:22:7:22:10 | call to puts | Call to banned function puts. | -| test.c:24:7:24:10 | call to puts | Call to banned function puts. | -| test.c:26:5:26:8 | call to puts | Call to banned function puts. | +| test.c:13:10:13:14 | call to scanf | Call to banned function scanf. | +| test.c:14:5:14:10 | call to printf | Call to banned function printf. | +| test.c:21:16:21:21 | call to fgetwc | Call to banned function fgetwc. | +| test.c:22:5:22:12 | call to putwchar | Call to banned function putwchar. | +| test.c:27:7:27:10 | call to puts | Call to banned function puts. | +| test.c:29:7:29:10 | call to puts | Call to banned function puts. | +| test.c:31:5:31:8 | call to puts | Call to banned function puts. | diff --git a/c/misra/test/rules/RULE-21-6/test.c b/c/misra/test/rules/RULE-21-6/test.c index 0ae580164e..b66bb9b6b7 100644 --- a/c/misra/test/rules/RULE-21-6/test.c +++ b/c/misra/test/rules/RULE-21-6/test.c @@ -1,3 +1,8 @@ +// Note: A subset of these cases are also tested in c/misra/test/rules/RULE-1-5 +// via a StandardLibraryInputoutputFunctionsUsed.qlref and .expected file in +// that directory. Changes to these tests may require updating the test code or +// expectations in that directory as well. + #include #include #include diff --git a/c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.expected b/c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.expected index f2c08897b8..1264797088 100644 --- a/c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.expected +++ b/c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.expected @@ -1,4 +1,4 @@ -| test.c:3:6:3:7 | f1 | Function f1 declares parameter that is unnamed. | -| test.c:4:6:4:7 | f2 | Function f2 does not specify void for no parameters present. | -| test.c:5:6:5:7 | f3 | Function f3 does not specify void for no parameters present. | -| test.c:7:5:7:6 | f5 | Function f5 declares parameter in unsupported declaration list. | +| test.c:8:6:8:7 | f1 | Function f1 declares parameter that is unnamed. | +| test.c:9:6:9:7 | f2 | Function f2 does not specify void for no parameters present. | +| test.c:10:6:10:7 | f3 | Function f3 does not specify void for no parameters present. | +| test.c:12:5:12:6 | f5 | Function f5 declares parameter in unsupported declaration list. | diff --git a/c/misra/test/rules/RULE-8-2/test.c b/c/misra/test/rules/RULE-8-2/test.c index c254a221d9..1ed64c0011 100644 --- a/c/misra/test/rules/RULE-8-2/test.c +++ b/c/misra/test/rules/RULE-8-2/test.c @@ -1,3 +1,8 @@ +// Note: A subset of these cases are also tested in c/misra/test/rules/RULE-1-5 +// via a FunctionTypesNotInPrototypeForm.qlref and .expected file in that +// directory. Changes to these tests may require updating the test code or +// expectations in that directory as well. + void f(int x); // COMPLIANT void f0(void); // COMPLIANT void f1(int); // NON_COMPLIANT diff --git a/c/misra/test/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.expected b/c/misra/test/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.expected index 34a7723bcd..9c357cf38f 100644 --- a/c/misra/test/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.expected +++ b/c/misra/test/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.expected @@ -1 +1 @@ -| test.c:2:12:2:12 | declaration of g | The redeclaration of $@ with internal linkage misses the static specifier. | test.c:1:12:1:12 | definition of g | g | +| test.c:7:12:7:12 | declaration of g | The redeclaration of $@ with internal linkage misses the static specifier. | test.c:6:12:6:12 | definition of g | g | diff --git a/c/misra/test/rules/RULE-8-8/test.c b/c/misra/test/rules/RULE-8-8/test.c index d98d71c6f0..ba78432a40 100644 --- a/c/misra/test/rules/RULE-8-8/test.c +++ b/c/misra/test/rules/RULE-8-8/test.c @@ -1,3 +1,8 @@ +// Note: A subset of these cases are also tested in c/misra/test/rules/RULE-1-5 +// via a MissingStaticSpecifierObjectRedeclarationC.qlref and .expected file in +// that directory. Changes to these tests may require updating the test code or +// expectations in that directory as well. + static int g = 0; extern int g; // NON_COMPLIANT From 730341f99138ca5451dc62e8db19d77a980266d7 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 4 Oct 2024 13:03:25 -0700 Subject: [PATCH 2081/2573] Fix rule schema for implementation_scope in queries. --- schemas/rule-package.schema.json | 36 ++++++++++++++++---------------- 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/schemas/rule-package.schema.json b/schemas/rule-package.schema.json index 63cbbf3ac5..a43deb2141 100644 --- a/schemas/rule-package.schema.json +++ b/schemas/rule-package.schema.json @@ -351,7 +351,7 @@ "minLength": 1 }, "implementation_scope": { - "$ref": "#/$defs/implementation_scope" + "$ref": "/schemas/implementation_scope" } }, "required": [ @@ -363,24 +363,24 @@ "tags" ] }, - "implementation_scope": { + "implementation_scope": { "$id": "/schemas/implementation_scope", - "type": "object", - "properties": { - "description": { - "kind": "string" - }, - "items": { - "type": "array", - "items": { - "type": "string" - } - } - }, - "required": [ - "description" - ], - "additionalProperties": false + "type": "object", + "properties": { + "description": { + "kind": "string" + }, + "items": { + "type": "array", + "items": { + "type": "string" + } } + }, + "required": [ + "description" + ], + "additionalProperties": false + } } } \ No newline at end of file From c9a7b05a886028d36521b01e3db63b4766045f89 Mon Sep 17 00:00:00 2001 From: lcartey <5377966+lcartey@users.noreply.github.com> Date: Fri, 4 Oct 2024 22:18:22 +0000 Subject: [PATCH 2082/2573] Upgrading `github/codeql` dependency to 2.15.5 --- c/cert/src/codeql-pack.lock.yml | 12 ++++++++---- c/cert/src/qlpack.yml | 2 +- c/cert/test/codeql-pack.lock.yml | 12 ++++++++---- c/common/src/codeql-pack.lock.yml | 12 ++++++++---- c/common/src/qlpack.yml | 2 +- c/common/test/codeql-pack.lock.yml | 12 ++++++++---- c/misra/src/codeql-pack.lock.yml | 12 ++++++++---- c/misra/src/qlpack.yml | 2 +- c/misra/test/codeql-pack.lock.yml | 12 ++++++++---- cpp/autosar/src/codeql-pack.lock.yml | 12 ++++++++---- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/codeql-pack.lock.yml | 12 ++++++++---- cpp/cert/src/codeql-pack.lock.yml | 12 ++++++++---- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/codeql-pack.lock.yml | 12 ++++++++---- cpp/common/src/codeql-pack.lock.yml | 12 ++++++++---- cpp/common/src/qlpack.yml | 4 ++-- cpp/common/test/codeql-pack.lock.yml | 12 ++++++++---- cpp/misra/src/codeql-pack.lock.yml | 12 ++++++++---- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/codeql-pack.lock.yml | 12 ++++++++---- cpp/report/src/codeql-pack.lock.yml | 12 ++++++++---- cpp/report/src/qlpack.yml | 2 +- .../generate_modules/queries/codeql-pack.lock.yml | 12 ++++++++---- scripts/generate_modules/queries/qlpack.yml | 2 +- supported_codeql_configs.json | 6 +++--- 26 files changed, 141 insertions(+), 77 deletions(-) diff --git a/c/cert/src/codeql-pack.lock.yml b/c/cert/src/codeql-pack.lock.yml index 514e6963d0..4edf97c6f8 100644 --- a/c/cert/src/codeql-pack.lock.yml +++ b/c/cert/src/codeql-pack.lock.yml @@ -2,13 +2,17 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.9.3 + version: 0.12.2 codeql/dataflow: + version: 0.1.5 + codeql/rangeanalysis: version: 0.0.4 codeql/ssa: - version: 0.1.5 + version: 0.2.5 codeql/tutorial: - version: 0.1.5 + version: 0.2.5 + codeql/typetracking: + version: 0.2.5 codeql/util: - version: 0.1.5 + version: 0.2.5 compiled: false diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index a0adb282a4..f0daa6334a 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -5,4 +5,4 @@ suites: codeql-suites license: MIT dependencies: codeql/common-c-coding-standards: '*' - codeql/cpp-all: 0.9.3 + codeql/cpp-all: 0.12.2 diff --git a/c/cert/test/codeql-pack.lock.yml b/c/cert/test/codeql-pack.lock.yml index 514e6963d0..4edf97c6f8 100644 --- a/c/cert/test/codeql-pack.lock.yml +++ b/c/cert/test/codeql-pack.lock.yml @@ -2,13 +2,17 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.9.3 + version: 0.12.2 codeql/dataflow: + version: 0.1.5 + codeql/rangeanalysis: version: 0.0.4 codeql/ssa: - version: 0.1.5 + version: 0.2.5 codeql/tutorial: - version: 0.1.5 + version: 0.2.5 + codeql/typetracking: + version: 0.2.5 codeql/util: - version: 0.1.5 + version: 0.2.5 compiled: false diff --git a/c/common/src/codeql-pack.lock.yml b/c/common/src/codeql-pack.lock.yml index 514e6963d0..4edf97c6f8 100644 --- a/c/common/src/codeql-pack.lock.yml +++ b/c/common/src/codeql-pack.lock.yml @@ -2,13 +2,17 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.9.3 + version: 0.12.2 codeql/dataflow: + version: 0.1.5 + codeql/rangeanalysis: version: 0.0.4 codeql/ssa: - version: 0.1.5 + version: 0.2.5 codeql/tutorial: - version: 0.1.5 + version: 0.2.5 + codeql/typetracking: + version: 0.2.5 codeql/util: - version: 0.1.5 + version: 0.2.5 compiled: false diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index b1571ec4ec..5f18365483 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -3,4 +3,4 @@ version: 2.36.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.9.3 + codeql/cpp-all: 0.12.2 diff --git a/c/common/test/codeql-pack.lock.yml b/c/common/test/codeql-pack.lock.yml index 514e6963d0..4edf97c6f8 100644 --- a/c/common/test/codeql-pack.lock.yml +++ b/c/common/test/codeql-pack.lock.yml @@ -2,13 +2,17 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.9.3 + version: 0.12.2 codeql/dataflow: + version: 0.1.5 + codeql/rangeanalysis: version: 0.0.4 codeql/ssa: - version: 0.1.5 + version: 0.2.5 codeql/tutorial: - version: 0.1.5 + version: 0.2.5 + codeql/typetracking: + version: 0.2.5 codeql/util: - version: 0.1.5 + version: 0.2.5 compiled: false diff --git a/c/misra/src/codeql-pack.lock.yml b/c/misra/src/codeql-pack.lock.yml index 514e6963d0..4edf97c6f8 100644 --- a/c/misra/src/codeql-pack.lock.yml +++ b/c/misra/src/codeql-pack.lock.yml @@ -2,13 +2,17 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.9.3 + version: 0.12.2 codeql/dataflow: + version: 0.1.5 + codeql/rangeanalysis: version: 0.0.4 codeql/ssa: - version: 0.1.5 + version: 0.2.5 codeql/tutorial: - version: 0.1.5 + version: 0.2.5 + codeql/typetracking: + version: 0.2.5 codeql/util: - version: 0.1.5 + version: 0.2.5 compiled: false diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 5de8472821..9d0ed62e06 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -6,4 +6,4 @@ license: MIT default-suite-file: codeql-suites/misra-c-default.qls dependencies: codeql/common-c-coding-standards: '*' - codeql/cpp-all: 0.9.3 + codeql/cpp-all: 0.12.2 diff --git a/c/misra/test/codeql-pack.lock.yml b/c/misra/test/codeql-pack.lock.yml index 514e6963d0..4edf97c6f8 100644 --- a/c/misra/test/codeql-pack.lock.yml +++ b/c/misra/test/codeql-pack.lock.yml @@ -2,13 +2,17 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.9.3 + version: 0.12.2 codeql/dataflow: + version: 0.1.5 + codeql/rangeanalysis: version: 0.0.4 codeql/ssa: - version: 0.1.5 + version: 0.2.5 codeql/tutorial: - version: 0.1.5 + version: 0.2.5 + codeql/typetracking: + version: 0.2.5 codeql/util: - version: 0.1.5 + version: 0.2.5 compiled: false diff --git a/cpp/autosar/src/codeql-pack.lock.yml b/cpp/autosar/src/codeql-pack.lock.yml index 514e6963d0..4edf97c6f8 100644 --- a/cpp/autosar/src/codeql-pack.lock.yml +++ b/cpp/autosar/src/codeql-pack.lock.yml @@ -2,13 +2,17 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.9.3 + version: 0.12.2 codeql/dataflow: + version: 0.1.5 + codeql/rangeanalysis: version: 0.0.4 codeql/ssa: - version: 0.1.5 + version: 0.2.5 codeql/tutorial: - version: 0.1.5 + version: 0.2.5 + codeql/typetracking: + version: 0.2.5 codeql/util: - version: 0.1.5 + version: 0.2.5 compiled: false diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index 947013155f..93a0f4bd9a 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -5,4 +5,4 @@ suites: codeql-suites license: MIT dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.9.3 + codeql/cpp-all: 0.12.2 diff --git a/cpp/autosar/test/codeql-pack.lock.yml b/cpp/autosar/test/codeql-pack.lock.yml index 514e6963d0..4edf97c6f8 100644 --- a/cpp/autosar/test/codeql-pack.lock.yml +++ b/cpp/autosar/test/codeql-pack.lock.yml @@ -2,13 +2,17 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.9.3 + version: 0.12.2 codeql/dataflow: + version: 0.1.5 + codeql/rangeanalysis: version: 0.0.4 codeql/ssa: - version: 0.1.5 + version: 0.2.5 codeql/tutorial: - version: 0.1.5 + version: 0.2.5 + codeql/typetracking: + version: 0.2.5 codeql/util: - version: 0.1.5 + version: 0.2.5 compiled: false diff --git a/cpp/cert/src/codeql-pack.lock.yml b/cpp/cert/src/codeql-pack.lock.yml index 514e6963d0..4edf97c6f8 100644 --- a/cpp/cert/src/codeql-pack.lock.yml +++ b/cpp/cert/src/codeql-pack.lock.yml @@ -2,13 +2,17 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.9.3 + version: 0.12.2 codeql/dataflow: + version: 0.1.5 + codeql/rangeanalysis: version: 0.0.4 codeql/ssa: - version: 0.1.5 + version: 0.2.5 codeql/tutorial: - version: 0.1.5 + version: 0.2.5 + codeql/typetracking: + version: 0.2.5 codeql/util: - version: 0.1.5 + version: 0.2.5 compiled: false diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index 3a435b5e8e..3a85e2aa20 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -4,5 +4,5 @@ description: CERT C++ 2016 suites: codeql-suites license: MIT dependencies: - codeql/cpp-all: 0.9.3 + codeql/cpp-all: 0.12.2 codeql/common-cpp-coding-standards: '*' diff --git a/cpp/cert/test/codeql-pack.lock.yml b/cpp/cert/test/codeql-pack.lock.yml index 514e6963d0..4edf97c6f8 100644 --- a/cpp/cert/test/codeql-pack.lock.yml +++ b/cpp/cert/test/codeql-pack.lock.yml @@ -2,13 +2,17 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.9.3 + version: 0.12.2 codeql/dataflow: + version: 0.1.5 + codeql/rangeanalysis: version: 0.0.4 codeql/ssa: - version: 0.1.5 + version: 0.2.5 codeql/tutorial: - version: 0.1.5 + version: 0.2.5 + codeql/typetracking: + version: 0.2.5 codeql/util: - version: 0.1.5 + version: 0.2.5 compiled: false diff --git a/cpp/common/src/codeql-pack.lock.yml b/cpp/common/src/codeql-pack.lock.yml index 514e6963d0..4edf97c6f8 100644 --- a/cpp/common/src/codeql-pack.lock.yml +++ b/cpp/common/src/codeql-pack.lock.yml @@ -2,13 +2,17 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.9.3 + version: 0.12.2 codeql/dataflow: + version: 0.1.5 + codeql/rangeanalysis: version: 0.0.4 codeql/ssa: - version: 0.1.5 + version: 0.2.5 codeql/tutorial: - version: 0.1.5 + version: 0.2.5 + codeql/typetracking: + version: 0.2.5 codeql/util: - version: 0.1.5 + version: 0.2.5 compiled: false diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index a2448fd608..b7f90b4cd3 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -2,6 +2,6 @@ name: codeql/common-cpp-coding-standards version: 2.36.0-dev license: MIT dependencies: - codeql/cpp-all: 0.9.3 + codeql/cpp-all: 0.12.2 dataExtensions: - - ext/*.model.yml \ No newline at end of file +- ext/*.model.yml diff --git a/cpp/common/test/codeql-pack.lock.yml b/cpp/common/test/codeql-pack.lock.yml index 514e6963d0..4edf97c6f8 100644 --- a/cpp/common/test/codeql-pack.lock.yml +++ b/cpp/common/test/codeql-pack.lock.yml @@ -2,13 +2,17 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.9.3 + version: 0.12.2 codeql/dataflow: + version: 0.1.5 + codeql/rangeanalysis: version: 0.0.4 codeql/ssa: - version: 0.1.5 + version: 0.2.5 codeql/tutorial: - version: 0.1.5 + version: 0.2.5 + codeql/typetracking: + version: 0.2.5 codeql/util: - version: 0.1.5 + version: 0.2.5 compiled: false diff --git a/cpp/misra/src/codeql-pack.lock.yml b/cpp/misra/src/codeql-pack.lock.yml index 514e6963d0..4edf97c6f8 100644 --- a/cpp/misra/src/codeql-pack.lock.yml +++ b/cpp/misra/src/codeql-pack.lock.yml @@ -2,13 +2,17 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.9.3 + version: 0.12.2 codeql/dataflow: + version: 0.1.5 + codeql/rangeanalysis: version: 0.0.4 codeql/ssa: - version: 0.1.5 + version: 0.2.5 codeql/tutorial: - version: 0.1.5 + version: 0.2.5 + codeql/typetracking: + version: 0.2.5 codeql/util: - version: 0.1.5 + version: 0.2.5 compiled: false diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index 4c0aa45f4f..b713614f68 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -5,4 +5,4 @@ default-suite: codeql-suites/misra-cpp-default.qls license: MIT dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.9.3 + codeql/cpp-all: 0.12.2 diff --git a/cpp/misra/test/codeql-pack.lock.yml b/cpp/misra/test/codeql-pack.lock.yml index 514e6963d0..4edf97c6f8 100644 --- a/cpp/misra/test/codeql-pack.lock.yml +++ b/cpp/misra/test/codeql-pack.lock.yml @@ -2,13 +2,17 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.9.3 + version: 0.12.2 codeql/dataflow: + version: 0.1.5 + codeql/rangeanalysis: version: 0.0.4 codeql/ssa: - version: 0.1.5 + version: 0.2.5 codeql/tutorial: - version: 0.1.5 + version: 0.2.5 + codeql/typetracking: + version: 0.2.5 codeql/util: - version: 0.1.5 + version: 0.2.5 compiled: false diff --git a/cpp/report/src/codeql-pack.lock.yml b/cpp/report/src/codeql-pack.lock.yml index 514e6963d0..4edf97c6f8 100644 --- a/cpp/report/src/codeql-pack.lock.yml +++ b/cpp/report/src/codeql-pack.lock.yml @@ -2,13 +2,17 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.9.3 + version: 0.12.2 codeql/dataflow: + version: 0.1.5 + codeql/rangeanalysis: version: 0.0.4 codeql/ssa: - version: 0.1.5 + version: 0.2.5 codeql/tutorial: - version: 0.1.5 + version: 0.2.5 + codeql/typetracking: + version: 0.2.5 codeql/util: - version: 0.1.5 + version: 0.2.5 compiled: false diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index 81f95392c9..f90669908d 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/report-cpp-coding-standards version: 2.36.0-dev license: MIT dependencies: - codeql/cpp-all: 0.9.3 + codeql/cpp-all: 0.12.2 diff --git a/scripts/generate_modules/queries/codeql-pack.lock.yml b/scripts/generate_modules/queries/codeql-pack.lock.yml index 514e6963d0..4edf97c6f8 100644 --- a/scripts/generate_modules/queries/codeql-pack.lock.yml +++ b/scripts/generate_modules/queries/codeql-pack.lock.yml @@ -2,13 +2,17 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.9.3 + version: 0.12.2 codeql/dataflow: + version: 0.1.5 + codeql/rangeanalysis: version: 0.0.4 codeql/ssa: - version: 0.1.5 + version: 0.2.5 codeql/tutorial: - version: 0.1.5 + version: 0.2.5 + codeql/typetracking: + version: 0.2.5 codeql/util: - version: 0.1.5 + version: 0.2.5 compiled: false diff --git a/scripts/generate_modules/queries/qlpack.yml b/scripts/generate_modules/queries/qlpack.yml index 4f3768cd79..4ab2483c04 100644 --- a/scripts/generate_modules/queries/qlpack.yml +++ b/scripts/generate_modules/queries/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/standard-library-extraction-cpp-coding-standards version: 0.0.0 license: MIT dependencies: - codeql/cpp-all: 0.9.3 + codeql/cpp-all: 0.12.2 diff --git a/supported_codeql_configs.json b/supported_codeql_configs.json index 227f41babd..a97c7d83d2 100644 --- a/supported_codeql_configs.json +++ b/supported_codeql_configs.json @@ -1,9 +1,9 @@ { "supported_environment": [ { - "codeql_cli": "2.14.6", - "codeql_standard_library": "codeql-cli/v2.14.6", - "codeql_cli_bundle": "codeql-bundle-v2.14.6" + "codeql_cli": "2.15.5", + "codeql_standard_library": "codeql-cli/v2.15.5", + "codeql_cli_bundle": "codeql-bundle-v2.15.5" } ], "supported_language": [ From c7d3c73855de9b5f71e3fb09bda4c0356ba11eca Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 4 Oct 2024 23:31:26 +0100 Subject: [PATCH 2083/2573] Fix query formatting issue In CodeQL CLI 2.15.5 it formats this line together. --- .../rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql b/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql index 2b435de94e..10b24b8c8a 100644 --- a/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql +++ b/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql @@ -178,8 +178,7 @@ predicate isInappropriateEssentialType( child = [ operator.(BinaryBitwiseOperation).getAnOperand(), - operator.(AssignBitwiseOperation).getAnOperand(), - operator.(ComplementExpr).getAnOperand() + operator.(AssignBitwiseOperation).getAnOperand(), operator.(ComplementExpr).getAnOperand() ] and not operator instanceof LShiftExpr and not operator instanceof RShiftExpr and From f8b7805652e22402a10a16baf2063fae75794150 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 27 Sep 2024 08:21:00 -0700 Subject: [PATCH 2084/2573] save work --- .../InvalidIntegerConstantMacroArgument.ql | 86 ++++++++++ .../UseOfBannedSmallIntegerConstantMacro.ql | 25 +++ ...validIntegerConstantMacroArgument.expected | 55 ++++++ .../InvalidIntegerConstantMacroArgument.qlref | 1 + c/misra/test/rules/RULE-7-5/test.c | 156 ++++++++++++++++++ ...OfBannedSmallIntegerConstantMacro.expected | 4 + ...UseOfBannedSmallIntegerConstantMacro.qlref | 1 + c/misra/test/rules/RULE-7-6/test.c | 10 ++ .../cpp/IntegerConstantMacro.qll | 35 ++++ .../cpp/exclusions/c/RuleMetadata.qll | 7 +- .../cpp/exclusions/c/Types2.qll | 44 +++++ rule_packages/c/Types2.json | 42 +++++ 12 files changed, 464 insertions(+), 2 deletions(-) create mode 100644 c/misra/src/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.ql create mode 100644 c/misra/src/rules/RULE-7-6/UseOfBannedSmallIntegerConstantMacro.ql create mode 100644 c/misra/test/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.expected create mode 100644 c/misra/test/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.qlref create mode 100644 c/misra/test/rules/RULE-7-5/test.c create mode 100644 c/misra/test/rules/RULE-7-6/UseOfBannedSmallIntegerConstantMacro.expected create mode 100644 c/misra/test/rules/RULE-7-6/UseOfBannedSmallIntegerConstantMacro.qlref create mode 100644 c/misra/test/rules/RULE-7-6/test.c create mode 100644 cpp/common/src/codingstandards/cpp/IntegerConstantMacro.qll create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/Types2.qll create mode 100644 rule_packages/c/Types2.json diff --git a/c/misra/src/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.ql b/c/misra/src/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.ql new file mode 100644 index 0000000000..b58f87a5ca --- /dev/null +++ b/c/misra/src/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.ql @@ -0,0 +1,86 @@ +/** + * @id c/misra/invalid-integer-constant-macro-argument + * @name RULE-7-5: The argument of an integer constant macro shall have an appropriate form + * @description Integer constant macros should be given appropriate values for the size of the + * integer type. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-7-5 + * correctness + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.IntegerConstantMacro +import codingstandards.cpp.Cpp14Literal +import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis + +abstract class PossiblyNegativeLiteral extends Expr { + abstract Cpp14Literal::IntegerLiteral getBaseLiteral(); + + predicate isNegative() { + this instanceof NegativeLiteral + } +} + +class NegativeLiteral extends PossiblyNegativeLiteral, UnaryMinusExpr { + Cpp14Literal::IntegerLiteral literal; + + NegativeLiteral() { + literal = getOperand() + } + + override Cpp14Literal::IntegerLiteral getBaseLiteral() { + result = literal + } +} + +class PositiveLiteral extends PossiblyNegativeLiteral, Cpp14Literal::IntegerLiteral { + PositiveLiteral() { + not exists(UnaryMinusExpr l | l.getOperand() = this) + } + + override Cpp14Literal::IntegerLiteral getBaseLiteral() { + result = this + } +} + +predicate validExpr(Expr expr) { + expr instanceof PossiblyNegativeLiteral +} + +predicate usesSuffix(MacroInvocation invoke) { + invoke.getUnexpandedArgument(0).regexpMatch(".*[uUlL]") +} + +predicate matchedSign(IntegerConstantMacro macro, PossiblyNegativeLiteral literal) { + literal.isNegative() implies macro.isSigned() +} + +predicate validLiteralType(PossiblyNegativeLiteral expr) { + expr.getBaseLiteral() instanceof Cpp14Literal::DecimalLiteral or + expr.getBaseLiteral() instanceof Cpp14Literal::OctalLiteral or + expr.getBaseLiteral() instanceof Cpp14Literal::HexLiteral +} + +predicate matchesSize(IntegerConstantMacro macro, PossiblyNegativeLiteral literal) { + // Note: upperBound should equal lowerBound. + upperBound(literal) <= macro.maxValue() and + lowerBound(literal) >= macro.minValue() and exists("123".toBigInt()) +} + +from MacroInvocation invoke, IntegerConstantMacro macro, string explanation +where + not isExcluded(invoke, Types2Package::invalidIntegerConstantMacroArgumentQuery()) and + invoke.getMacro() = macro and + ( + (not validExpr(invoke.getExpr()) and explanation = "invalid expression") or + (validLiteralType(invoke.getExpr()) and explanation = "invalid literal type" + invoke.getExpr().getAQlClass()) or + (usesSuffix(invoke) and explanation = "literal suffixes not allowed") or + (not matchedSign(macro, invoke.getExpr()) and explanation = "signed/unsigned mismatch") or + (not matchesSize(macro, invoke.getExpr()) and explanation = "invalid size") + ) + +select invoke.getExpr(), "Invalid integer constant macro: " + explanation diff --git a/c/misra/src/rules/RULE-7-6/UseOfBannedSmallIntegerConstantMacro.ql b/c/misra/src/rules/RULE-7-6/UseOfBannedSmallIntegerConstantMacro.ql new file mode 100644 index 0000000000..cac7f091a8 --- /dev/null +++ b/c/misra/src/rules/RULE-7-6/UseOfBannedSmallIntegerConstantMacro.ql @@ -0,0 +1,25 @@ +/** + * @id c/misra/use-of-banned-small-integer-constant-macro + * @name RULE-7-6: The small integer variants of the minimum-width integer constant macros shall not be used + * @description Small integer constant macros expression are promoted to type int, which can lead to + * unexpected results. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/misra/id/rule-7-6 + * readability + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.IntegerConstantMacro + + +from MacroInvocation macroInvoke, IntegerConstantMacro macro +where + not isExcluded(macroInvoke, Types2Package::useOfBannedSmallIntegerConstantMacroQuery()) and + macroInvoke.getMacro() = macro + and macro.isSmall() +select + macroInvoke, "Usage of small integer constant macro " + macro.getName() + " is not allowed." diff --git a/c/misra/test/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.expected b/c/misra/test/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.expected new file mode 100644 index 0000000000..b38863eccd --- /dev/null +++ b/c/misra/test/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.expected @@ -0,0 +1,55 @@ +| test.c:12:13:12:15 | 1.0 | Invalid integer constant macro: invalid literal type | +| test.c:13:13:12:15 | 0b111 | Invalid integer constant macro: invalid literal type | +| test.c:16:13:16:14 | 1 | Invalid integer constant macro: literal suffixes not allowed | +| test.c:17:13:17:14 | 2 | Invalid integer constant macro: literal suffixes not allowed | +| test.c:18:13:18:14 | 3 | Invalid integer constant macro: literal suffixes not allowed | +| test.c:19:13:19:14 | 4 | Invalid integer constant macro: literal suffixes not allowed | +| test.c:20:13:20:15 | 5 | Invalid integer constant macro: literal suffixes not allowed | +| test.c:26:13:26:15 | 256 | Invalid integer constant macro: invalid size | +| test.c:27:13:27:16 | 256 | Invalid integer constant macro: invalid size | +| test.c:28:13:28:17 | 256 | Invalid integer constant macro: invalid size | +| test.c:31:13:31:14 | - ... | Invalid integer constant macro: signed/unsigned mismatch | +| test.c:32:13:32:15 | - ... | Invalid integer constant macro: signed/unsigned mismatch | +| test.c:33:13:33:15 | - ... | Invalid integer constant macro: signed/unsigned mismatch | +| test.c:34:13:34:17 | - ... | Invalid integer constant macro: signed/unsigned mismatch | +| test.c:37:13:37:17 | ... + ... | Invalid integer constant macro: invalid expression | +| test.c:38:13:38:18 | access to array | Invalid integer constant macro: invalid expression | +| test.c:39:13:39:18 | access to array | Invalid integer constant macro: invalid expression | +| test.c:40:13:39:18 | UINT8_MAX | Invalid integer constant macro: invalid expression | +| test.c:54:12:54:15 | 191 | Invalid integer constant macro: invalid size | +| test.c:55:12:55:14 | 255 | Invalid integer constant macro: invalid size | +| test.c:56:12:56:15 | 192 | Invalid integer constant macro: invalid size | +| test.c:57:12:57:15 | 128 | Invalid integer constant macro: invalid size | +| test.c:61:12:57:15 | -129 | Invalid integer constant macro: invalid size | +| test.c:62:12:57:15 | -129 | Invalid integer constant macro: invalid size | +| test.c:63:12:57:15 | -201 | Invalid integer constant macro: invalid size | +| test.c:64:12:57:15 | -0x81 | Invalid integer constant macro: invalid size | +| test.c:76:14:76:18 | 65536 | Invalid integer constant macro: invalid size | +| test.c:78:14:78:20 | 65536 | Invalid integer constant macro: invalid size | +| test.c:91:13:91:17 | 32768 | Invalid integer constant macro: invalid size | +| test.c:93:13:93:18 | 32768 | Invalid integer constant macro: invalid size | +| test.c:97:13:93:18 | -32769 | Invalid integer constant macro: invalid size | +| test.c:98:13:93:18 | -040001 | Invalid integer constant macro: invalid size | +| test.c:99:13:93:18 | -0x8001 | Invalid integer constant macro: invalid size | +| test.c:109:14:109:24 | 4294967296 | Invalid integer constant macro: invalid size | +| test.c:110:14:110:25 | 4294967296 | Invalid integer constant macro: invalid size | +| test.c:120:13:120:22 | 2147483648 | Invalid integer constant macro: invalid size | +| test.c:121:13:121:23 | 34359738368 | Invalid integer constant macro: invalid size | +| test.c:130:14:130:15 | 0 | Invalid integer constant macro: invalid size | +| test.c:133:14:133:34 | 18446744073709551615 | Invalid integer constant macro: invalid size | +| test.c:134:14:134:32 | 18446744073709551615 | Invalid integer constant macro: invalid size | +| test.c:140:13:140:14 | 0 | Invalid integer constant macro: invalid size | +| test.c:143:13:143:32 | 9223372036854775807 | Invalid integer constant macro: invalid size | +| test.c:147:13:147:33 | - ... | Invalid integer constant macro: invalid size | +| test.c:148:13:148:37 | ... - ... | Invalid integer constant macro: invalid expression | +| test.c:148:13:148:37 | ... - ... | Invalid integer constant macro: invalid literal type | +| test.c:148:13:148:37 | ... - ... | Invalid integer constant macro: invalid size | +| test.c:148:13:148:37 | ... - ... | Invalid integer constant macro: signed/unsigned mismatch | +| test.c:150:13:150:37 | ... - ... | Invalid integer constant macro: invalid expression | +| test.c:150:13:150:37 | ... - ... | Invalid integer constant macro: invalid literal type | +| test.c:150:13:150:37 | ... - ... | Invalid integer constant macro: invalid size | +| test.c:150:13:150:37 | ... - ... | Invalid integer constant macro: signed/unsigned mismatch | +| test.c:152:13:152:31 | 9223372036854775807 | Invalid integer constant macro: invalid size | +| test.c:153:13:153:31 | 9223372036854775808 | Invalid integer constant macro: invalid size | +| test.c:154:13:154:31 | - ... | Invalid integer constant macro: invalid size | +| test.c:155:13:155:30 | - ... | Invalid integer constant macro: invalid size | diff --git a/c/misra/test/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.qlref b/c/misra/test/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.qlref new file mode 100644 index 0000000000..802f415bc9 --- /dev/null +++ b/c/misra/test/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.qlref @@ -0,0 +1 @@ +rules/RULE-7-5/InvalidIntegerConstantMacroArgument.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-7-5/test.c b/c/misra/test/rules/RULE-7-5/test.c new file mode 100644 index 0000000000..4412bdf82f --- /dev/null +++ b/c/misra/test/rules/RULE-7-5/test.c @@ -0,0 +1,156 @@ +#include "stdint.h" + +uint_least8_t g1[] = { + // Basic valid + UINT8_C(0), // COMPLIANT + UINT8_C(1), // COMPLIANT + UINT8_C(8), // COMPLIANT + UINT8_C(0x23), // COMPLIANT + UINT8_C(034), // COMPLIANT + + // Incorrect literal types + UINT8_C(1.0), // NON-COMPLIANT + UINT8_C(0b111), // NON-COMPLIANT + + // Suffixes disallowed + UINT8_C(1u), // NON-COMPLIANT + UINT8_C(2U), // NON-COMPLIANT + UINT8_C(3l), // NON-COMPLIANT + UINT8_C(4L), // NON-COMPLIANT + UINT8_C(5ul), // NON-COMPLIANT + + // Range tests + UINT8_C(255), // COMPLIANT + UINT8_C(0xFF), // COMPLIANT + UINT8_C(0377), // COMPLIANT + UINT8_C(256), // NON-COMPLIANT + UINT8_C(0400), // NON-COMPLIANT + UINT8_C(0x100), // NON-COMPLIANT + + // Signage tests + UINT8_C(-1), // NON-COMPLIANT + UINT8_C(-20), // NON-COMPLIANT + UINT8_C(-33), // NON-COMPLIANT + UINT8_C(-0x44), // NON-COMPLIANT + + // Invalid nonliteral expressions + UINT8_C(0 + 0), // NON-COMPLIANT + UINT8_C("a"[0]), // NON-COMPLIANT + UINT8_C(0["a"]), // NON-COMPLIANT + UINT8_C(UINT8_MAX), // NON-COMPLIANT +}; + +int_least8_t g2[] = { + // Basic valid + INT8_C(0), // COMPLIANT + INT8_C(1), // COMPLIANT + INT8_C(8), // COMPLIANT + INT8_C(0x23), // COMPLIANT + INT8_C(034), // COMPLIANT + + // Range tests + INT8_C(127), // COMPLIANT + INT8_C(0x79), // COMPLIANT + INT8_C(0177), // COMPLIANT + INT8_C(128), // NON-COMPLIANT + INT8_C(0200), // NON-COMPLIANT + INT8_C(0x80), // NON-COMPLIANT + INT8_C(-128), // COMPLIANT + INT8_C(-0x80), // COMPLIANT + INT8_C(-0200), // COMPLIANT + INT8_C(-129), // NON-COMPLIANT + INT8_C(-0201), // NON-COMPLIANT + INT8_C(-0x81), // NON-COMPLIANT +}; + +uint_least16_t g3[] = { + // Basic valid + UINT16_C(0), // COMPLIANT + UINT16_C(0x23), // COMPLIANT + UINT16_C(034), // COMPLIANT + + // Range tests + UINT16_C(65535), // COMPLIANT + UINT16_C(0xFFFF), // COMPLIANT + UINT16_C(0177777), // COMPLIANT + UINT16_C(65536), // NON-COMPLIANT + UINT16_C(0200000), // NON-COMPLIANT + UINT16_C(0x10000), // NON-COMPLIANT +}; + +int_least16_t g4[] = { + // Basic valid + INT16_C(0), // COMPLIANT + INT16_C(0x23), // COMPLIANT + INT16_C(034), // COMPLIANT + + // Range tests + INT16_C(32767), // COMPLIANT + INT16_C(0x7FFF), // COMPLIANT + INT16_C(077777), // COMPLIANT + INT16_C(32768), // NON-COMPLIANT + INT16_C(0100000), // NON-COMPLIANT + INT16_C(0x8000), // NON-COMPLIANT + INT16_C(-32768), // COMPLIANT + INT16_C(-040000), // COMPLIANT + INT16_C(-0x8000), // COMPLIANT + INT16_C(-32769), // NON-COMPLIANT + INT16_C(-040001), // NON-COMPLIANT + INT16_C(-0x8001), // NON-COMPLIANT +}; + +uint_least32_t g5[] = { + // Basic valid + UINT32_C(0), // COMPLIANT + + // Range tests + UINT32_C(4294967295), // COMPLIANT + UINT32_C(0xFFFFFFFF), // COMPLIANT + UINT32_C(4294967296), // NON-COMPLIANT + UINT32_C(0x100000000), // NON-COMPLIANT +}; + +int_least32_t g6[] = { + // Basic valid + INT32_C(0), // COMPLIANT + + // Range tests + INT32_C(2147483647), // COMPLIANT + INT32_C(0x7FFFFFFF), // COMPLIANT + INT32_C(2147483648), // NON-COMPLIANT + INT32_C(0x800000000), // NON-COMPLIANT + INT32_C(-2147483648), // COMPLIANT + INT32_C(-0x80000000), // COMPLIANT + INT32_C(-2147483647), // NON-COMPLIANT + INT32_C(-0x800000001), // NON-COMPLIANT +}; + +uint_least64_t g7[] = { + // Basic valid + UINT64_C(0), // COMPLIANT + + // Range tests + UINT64_C(18446744073709551615), // COMPLIANT + UINT64_C(0xFFFFFFFFFFFFFFFF), // COMPLIANT + // Compile time error if we try to create integer literals beyond this. +}; + +int_least64_t g8[] = { + // Basic valid + INT64_C(0), // COMPLIANT + + // Range tests + INT64_C(9223372036854775807), // COMPLIANT + // INT64_C(9223372036854775808) is a compile-time error + + // -9223372036854775808 allowed, but cannot be created via unary- without compile time errors. + INT64_C(-9223372036854775807), // COMPLIANT + INT64_C(-9223372036854775807 - 1), // COMPLIANT + // -9223372036854775809 is not allowed, and cannot be created via unary- without compile time errors. + INT64_C(-9223372036854775807 - 2), // NON-COMPLIANT + + INT64_C(0x7FFFFFFFFFFFFFFF), // COMPLIANT + INT64_C(0x8000000000000000), // NON-COMPLIANT + INT64_C(-0x8000000000000000), // COMPLIANT + INT64_C(-0x8000000000000001), // NON-COMPLIANT +}; \ No newline at end of file diff --git a/c/misra/test/rules/RULE-7-6/UseOfBannedSmallIntegerConstantMacro.expected b/c/misra/test/rules/RULE-7-6/UseOfBannedSmallIntegerConstantMacro.expected new file mode 100644 index 0000000000..ddf517ed9e --- /dev/null +++ b/c/misra/test/rules/RULE-7-6/UseOfBannedSmallIntegerConstantMacro.expected @@ -0,0 +1,4 @@ +| test.c:3:13:3:24 | INT8_C(c) | Usage of small integer constant macro INT8_C is not allowed. | +| test.c:4:14:4:26 | UINT8_C(c) | Usage of small integer constant macro UINT8_C is not allowed. | +| test.c:5:14:5:28 | INT16_C(c) | Usage of small integer constant macro INT16_C is not allowed. | +| test.c:6:15:6:30 | UINT16_C(c) | Usage of small integer constant macro UINT16_C is not allowed. | diff --git a/c/misra/test/rules/RULE-7-6/UseOfBannedSmallIntegerConstantMacro.qlref b/c/misra/test/rules/RULE-7-6/UseOfBannedSmallIntegerConstantMacro.qlref new file mode 100644 index 0000000000..e41e2912d8 --- /dev/null +++ b/c/misra/test/rules/RULE-7-6/UseOfBannedSmallIntegerConstantMacro.qlref @@ -0,0 +1 @@ +rules/RULE-7-6/UseOfBannedSmallIntegerConstantMacro.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-7-6/test.c b/c/misra/test/rules/RULE-7-6/test.c new file mode 100644 index 0000000000..f2b783e800 --- /dev/null +++ b/c/misra/test/rules/RULE-7-6/test.c @@ -0,0 +1,10 @@ +#include "stdint.h" + +int8_t g1 = INT8_C(0x12); // NON-COMPLIANT +uint8_t g2 = UINT8_C(0x12); // NON-COMPLIANT +int16_t g3 = INT16_C(0x1234); // NON-COMPLIANT +uint16_t g4 = UINT16_C(0x1234); // NON-COMPLIANT +int32_t g5 = INT32_C(0x1234); // COMPLIANT +uint32_t g6 = UINT32_C(0x1234); // COMPLIANT +int64_t g7 = INT64_C(0x1234); // COMPLIANT +uint64_t g8 = UINT64_C(0x1234); // COMPLIANT \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/IntegerConstantMacro.qll b/cpp/common/src/codingstandards/cpp/IntegerConstantMacro.qll new file mode 100644 index 0000000000..472866fdea --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/IntegerConstantMacro.qll @@ -0,0 +1,35 @@ +import cpp + +class IntegerConstantMacro extends Macro { + boolean signed; + int size; + IntegerConstantMacro() { + ( + signed = true and size = getName().regexpCapture("INT(8|16|32|64)_C", 1).toInt() + ) or ( + signed = false and size = getName().regexpCapture("UINT(8|16|32|64)_C", 1).toInt() + ) + } + + predicate isSmall() { + size < 32 + } + + int getSize() { + result = size + } + + predicate isSigned() { + signed = true + } + + int maxValue() { + (signed = true and result = 2.pow(getSize() - 1) - 1) or + (signed = false and result = 2.pow(getSize()) - 1) + } + + int minValue() { + (signed = true and result = -(2.0.pow(getSize() - 1))) or + (signed = false and result = 0) + } +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index b10fbf0a2f..e4b7c88563 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -72,6 +72,7 @@ import Strings2 import Strings3 import Syntax import Types1 +import Types2 /** The TQuery type representing this language * */ newtype TCQuery = @@ -144,7 +145,8 @@ newtype TCQuery = TStrings2PackageQuery(Strings2Query q) or TStrings3PackageQuery(Strings3Query q) or TSyntaxPackageQuery(SyntaxQuery q) or - TTypes1PackageQuery(Types1Query q) + TTypes1PackageQuery(Types1Query q) or + TTypes2PackageQuery(Types2Query q) /** The metadata predicate * */ predicate isQueryMetadata(Query query, string queryId, string ruleId, string category) { @@ -217,5 +219,6 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isStrings2QueryMetadata(query, queryId, ruleId, category) or isStrings3QueryMetadata(query, queryId, ruleId, category) or isSyntaxQueryMetadata(query, queryId, ruleId, category) or - isTypes1QueryMetadata(query, queryId, ruleId, category) + isTypes1QueryMetadata(query, queryId, ruleId, category) or + isTypes2QueryMetadata(query, queryId, ruleId, category) } diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Types2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Types2.qll new file mode 100644 index 0000000000..fbb5d06ee4 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Types2.qll @@ -0,0 +1,44 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype Types2Query = + TInvalidIntegerConstantMacroArgumentQuery() or + TUseOfBannedSmallIntegerConstantMacroQuery() + +predicate isTypes2QueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `invalidIntegerConstantMacroArgument` query + Types2Package::invalidIntegerConstantMacroArgumentQuery() and + queryId = + // `@id` for the `invalidIntegerConstantMacroArgument` query + "c/misra/invalid-integer-constant-macro-argument" and + ruleId = "RULE-7-5" and + category = "required" + or + query = + // `Query` instance for the `useOfBannedSmallIntegerConstantMacro` query + Types2Package::useOfBannedSmallIntegerConstantMacroQuery() and + queryId = + // `@id` for the `useOfBannedSmallIntegerConstantMacro` query + "c/misra/use-of-banned-small-integer-constant-macro" and + ruleId = "RULE-7-6" and + category = "required" +} + +module Types2Package { + Query invalidIntegerConstantMacroArgumentQuery() { + //autogenerate `Query` type + result = + // `Query` type for `invalidIntegerConstantMacroArgument` query + TQueryC(TTypes2PackageQuery(TInvalidIntegerConstantMacroArgumentQuery())) + } + + Query useOfBannedSmallIntegerConstantMacroQuery() { + //autogenerate `Query` type + result = + // `Query` type for `useOfBannedSmallIntegerConstantMacro` query + TQueryC(TTypes2PackageQuery(TUseOfBannedSmallIntegerConstantMacroQuery())) + } +} diff --git a/rule_packages/c/Types2.json b/rule_packages/c/Types2.json new file mode 100644 index 0000000000..9468af278c --- /dev/null +++ b/rule_packages/c/Types2.json @@ -0,0 +1,42 @@ +{ + "MISRA-C-2012": { + "RULE-7-5": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Integer constant macros should be given appropriate values for the size of the integer type.", + "kind": "problem", + "name": "The argument of an integer constant macro shall have an appropriate form", + "precision": "very-high", + "severity": "error", + "short_name": "InvalidIntegerConstantMacroArgument", + "tags": [ + "correctness" + ] + } + ], + "title": "The argument of an integer constant macro shall have an appropriate form" + }, + "RULE-7-6": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Small integer constant macros expression are promoted to type int, which can lead to unexpected results.", + "kind": "problem", + "name": "The small integer variants of the minimum-width integer constant macros shall not be used", + "precision": "very-high", + "severity": "warning", + "short_name": "UseOfBannedSmallIntegerConstantMacro", + "tags": [ + "readability" + ] + } + ], + "title": "The small integer variants of the minimum-width integer constant macros shall not be used" + } + } +} \ No newline at end of file From 581366094b70e13905c602470a6b699c868fde13 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Mon, 30 Sep 2024 16:41:15 -0700 Subject: [PATCH 2085/2573] Implement Types2 package. Break up integer constant macro rules into several queries to make it easier to handle exceptions and deviations. --- ...rectlySizedIntegerConstantMacroArgument.ql | 44 ++++++ .../IntegerConstantMacroArgumentUsesSuffix.ql | 29 ++++ .../InvalidIntegerConstantMacroArgument.ql | 87 +++-------- ...dLiteralForIntegerConstantMacroArgument.ql | 47 ++++++ ...SizedIntegerConstantMacroArgument.expected | 28 ++++ ...tlySizedIntegerConstantMacroArgument.qlref | 1 + ...erConstantMacroArgumentUsesSuffix.expected | 5 + ...tegerConstantMacroArgumentUsesSuffix.qlref | 1 + ...validIntegerConstantMacroArgument.expected | 60 +------- ...alForIntegerConstantMacroArgument.expected | 2 + ...teralForIntegerConstantMacroArgument.qlref | 1 + c/misra/test/rules/RULE-7-5/test.c | 142 +++++++++--------- .../cpp/IntegerConstantMacro.qll | 38 ++--- .../src/codingstandards/cpp/Literals.qll | 44 ++++++ .../cpp/exclusions/c/Types2.qll | 51 +++++++ rule_packages/c/Types2.json | 41 ++++- 16 files changed, 410 insertions(+), 211 deletions(-) create mode 100644 c/misra/src/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.ql create mode 100644 c/misra/src/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.ql create mode 100644 c/misra/src/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.ql create mode 100644 c/misra/test/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.expected create mode 100644 c/misra/test/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.qlref create mode 100644 c/misra/test/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.expected create mode 100644 c/misra/test/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.qlref create mode 100644 c/misra/test/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.expected create mode 100644 c/misra/test/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.qlref diff --git a/c/misra/src/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.ql b/c/misra/src/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.ql new file mode 100644 index 0000000000..dd1417c2a6 --- /dev/null +++ b/c/misra/src/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.ql @@ -0,0 +1,44 @@ +/** + * @id c/misra/incorrectly-sized-integer-constant-macro-argument + * @name RULE-7-5: The argument of an integer constant macro shall have an appropriate size + * @description Integer constant macros argument values should be values of a compatible size + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-7-5 + * correctness + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.IntegerConstantMacro +import codingstandards.cpp.Literals + +predicate matchesSign(IntegerConstantMacro macro, PossiblyNegativeLiteral literal) { + literal.isNegative() implies macro.isSigned() +} + +predicate matchesSize(IntegerConstantMacro macro, PossiblyNegativeLiteral literal) { + // Wait for BigInt support to check 64 bit macro types. + (macro.getSize() < 64 and matchesSign(macro, literal)) + implies + ( + literal.getRawValue() <= macro.maxValue() and + literal.getRawValue() >= macro.minValue() + ) +} + +from + PossiblyNegativeLiteral literal, MacroInvocation invoke, IntegerConstantMacro macro, + string explanation +where + not isExcluded(invoke, Types2Package::incorrectlySizedIntegerConstantMacroArgumentQuery()) and + invoke.getMacro() = macro and + literal = invoke.getExpr() and + ( + not matchesSign(macro, invoke.getExpr()) and explanation = "cannot be negative" + or + not matchesSize(macro, invoke.getExpr()) and explanation = "is too large for the specified type" + ) +select invoke.getExpr(), "Integer constant macro value " + explanation diff --git a/c/misra/src/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.ql b/c/misra/src/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.ql new file mode 100644 index 0000000000..f4ca73e16c --- /dev/null +++ b/c/misra/src/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.ql @@ -0,0 +1,29 @@ +/** + * @id c/misra/integer-constant-macro-argument-uses-suffix + * @name RULE-7-5: The argument of an integer constant macro shall not use literal suffixes u, l, or ul + * @description Integer constant macros should be used integer literal values with no u/l suffix. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-7-5 + * readability + * maintainability + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.IntegerConstantMacro +import codingstandards.cpp.Literals + +predicate usesSuffix(MacroInvocation invoke) { + invoke.getUnexpandedArgument(0).regexpMatch(".*[uUlL]") +} + +from MacroInvocation invoke, PossiblyNegativeLiteral argument +where + not isExcluded(invoke, Types2Package::integerConstantMacroArgumentUsesSuffixQuery()) and + invoke.getMacro() instanceof IntegerConstantMacro and + invoke.getExpr() = argument and + usesSuffix(invoke) +select invoke.getExpr(), "Integer constant macro arguments should not have 'u'/'l' suffix." diff --git a/c/misra/src/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.ql b/c/misra/src/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.ql index b58f87a5ca..33ec266b51 100644 --- a/c/misra/src/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.ql +++ b/c/misra/src/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.ql @@ -1,8 +1,7 @@ /** * @id c/misra/invalid-integer-constant-macro-argument - * @name RULE-7-5: The argument of an integer constant macro shall have an appropriate form - * @description Integer constant macros should be given appropriate values for the size of the - * integer type. + * @name RULE-7-5: The argument of an integer constant macro shall be a literal + * @description Integer constant macros should be given a literal value as an argument * @kind problem * @precision very-high * @problem.severity error @@ -14,73 +13,29 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.IntegerConstantMacro -import codingstandards.cpp.Cpp14Literal +import codingstandards.cpp.Literals import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis -abstract class PossiblyNegativeLiteral extends Expr { - abstract Cpp14Literal::IntegerLiteral getBaseLiteral(); - - predicate isNegative() { - this instanceof NegativeLiteral - } -} - -class NegativeLiteral extends PossiblyNegativeLiteral, UnaryMinusExpr { - Cpp14Literal::IntegerLiteral literal; - - NegativeLiteral() { - literal = getOperand() - } - - override Cpp14Literal::IntegerLiteral getBaseLiteral() { - result = literal - } -} - -class PositiveLiteral extends PossiblyNegativeLiteral, Cpp14Literal::IntegerLiteral { - PositiveLiteral() { - not exists(UnaryMinusExpr l | l.getOperand() = this) - } - - override Cpp14Literal::IntegerLiteral getBaseLiteral() { - result = this - } -} - -predicate validExpr(Expr expr) { - expr instanceof PossiblyNegativeLiteral -} - -predicate usesSuffix(MacroInvocation invoke) { - invoke.getUnexpandedArgument(0).regexpMatch(".*[uUlL]") -} - -predicate matchedSign(IntegerConstantMacro macro, PossiblyNegativeLiteral literal) { - literal.isNegative() implies macro.isSigned() -} - -predicate validLiteralType(PossiblyNegativeLiteral expr) { - expr.getBaseLiteral() instanceof Cpp14Literal::DecimalLiteral or - expr.getBaseLiteral() instanceof Cpp14Literal::OctalLiteral or - expr.getBaseLiteral() instanceof Cpp14Literal::HexLiteral -} - -predicate matchesSize(IntegerConstantMacro macro, PossiblyNegativeLiteral literal) { - // Note: upperBound should equal lowerBound. - upperBound(literal) <= macro.maxValue() and - lowerBound(literal) >= macro.minValue() and exists("123".toBigInt()) +/** + * The max negative 64 bit signed integer is one less than the negative of the + * max positive signed 64 bit integer. The only way to create a "negative" + * literal is to use unary- negation of a positive literal. Therefore, clang + * (and likely other compilers) rejects `INT64_C(-92233...808)` but accepts + * `INT64_C(-92233...807 - 1)`. Therefore, in this case allow non-literal + * expressions. + */ +predicate specialMaxNegative64Exception(IntegerConstantMacro macro, Expr expr) { + macro.getSize() = 64 and + macro.isSigned() and + // Set a cutoff with precision, fix once BigInt library is available. + upperBound(expr) < macro.minValue() * 0.999999999 and + upperBound(expr) > macro.minValue() * 1.000000001 } -from MacroInvocation invoke, IntegerConstantMacro macro, string explanation +from MacroInvocation invoke, IntegerConstantMacro macro where not isExcluded(invoke, Types2Package::invalidIntegerConstantMacroArgumentQuery()) and invoke.getMacro() = macro and - ( - (not validExpr(invoke.getExpr()) and explanation = "invalid expression") or - (validLiteralType(invoke.getExpr()) and explanation = "invalid literal type" + invoke.getExpr().getAQlClass()) or - (usesSuffix(invoke) and explanation = "literal suffixes not allowed") or - (not matchedSign(macro, invoke.getExpr()) and explanation = "signed/unsigned mismatch") or - (not matchesSize(macro, invoke.getExpr()) and explanation = "invalid size") - ) - -select invoke.getExpr(), "Invalid integer constant macro: " + explanation + not invoke.getExpr() instanceof PossiblyNegativeLiteral and + not specialMaxNegative64Exception(macro, invoke.getExpr()) +select invoke.getExpr(), "Integer constant macro argument must be an integer literal." diff --git a/c/misra/src/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.ql b/c/misra/src/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.ql new file mode 100644 index 0000000000..2447d82f6f --- /dev/null +++ b/c/misra/src/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.ql @@ -0,0 +1,47 @@ +/** + * @id c/misra/invalid-literal-for-integer-constant-macro-argument + * @name RULE-7-5: The argument of an integer constant macro shall be a decimal, hex, or octal literal + * @description Integer constant macro arguments should be a decimal, hex, or octal literal + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-7-5 + * correctness + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.IntegerConstantMacro +import codingstandards.cpp.Literals + +/** + * Floating point literals are not allowed. Neither are char or string + * literals, although those are not `NumericLiteral`s and therefore detected in + * `InvalidIntegerConstantMacroArgument.ql`. + */ +predicate validLiteralType(PossiblyNegativeLiteral literal) { + literal.getBaseLiteral() instanceof Cpp14Literal::DecimalLiteral or + literal.getBaseLiteral() instanceof Cpp14Literal::OctalLiteral or + literal.getBaseLiteral() instanceof Cpp14Literal::HexLiteral +} + +/** + * Clang accepts `xINTsize_C(0b01)`, and expands the argument into a decimal + * literal. Binary literals are not standard c nor are they allowed by rule 7-5. + * Detect this pattern before macro expansion. + */ +predicate seemsBinaryLiteral(MacroInvocation invoke) { + invoke.getUnexpandedArgument(0).regexpMatch("0[bB][01]+") +} + +from MacroInvocation invoke, PossiblyNegativeLiteral literal +where + not isExcluded(invoke, Types2Package::invalidLiteralForIntegerConstantMacroArgumentQuery()) and + invoke.getMacro() instanceof IntegerConstantMacro and + literal = invoke.getExpr() and + ( + not validLiteralType(literal) or + seemsBinaryLiteral(invoke) + ) +select literal, "Integer constant macro arguments must be a decimal, octal, or hex integer literal." diff --git a/c/misra/test/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.expected b/c/misra/test/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.expected new file mode 100644 index 0000000000..9ce9b29e3c --- /dev/null +++ b/c/misra/test/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.expected @@ -0,0 +1,28 @@ +| test.c:26:13:26:15 | 256 | Integer constant macro value is too large for the specified type | +| test.c:27:13:27:16 | 256 | Integer constant macro value is too large for the specified type | +| test.c:28:13:28:17 | 256 | Integer constant macro value is too large for the specified type | +| test.c:31:13:31:14 | - ... | Integer constant macro value cannot be negative | +| test.c:32:13:32:15 | - ... | Integer constant macro value cannot be negative | +| test.c:33:13:33:15 | - ... | Integer constant macro value cannot be negative | +| test.c:34:13:34:17 | - ... | Integer constant macro value cannot be negative | +| test.c:55:12:55:14 | 128 | Integer constant macro value is too large for the specified type | +| test.c:56:12:56:15 | 128 | Integer constant macro value is too large for the specified type | +| test.c:57:12:57:15 | 128 | Integer constant macro value is too large for the specified type | +| test.c:61:12:61:15 | - ... | Integer constant macro value is too large for the specified type | +| test.c:62:12:62:16 | - ... | Integer constant macro value is too large for the specified type | +| test.c:63:12:63:16 | - ... | Integer constant macro value is too large for the specified type | +| test.c:76:14:76:18 | 65536 | Integer constant macro value is too large for the specified type | +| test.c:77:14:77:20 | 65536 | Integer constant macro value is too large for the specified type | +| test.c:78:14:78:20 | 65536 | Integer constant macro value is too large for the specified type | +| test.c:91:13:91:17 | 32768 | Integer constant macro value is too large for the specified type | +| test.c:92:13:92:19 | 32768 | Integer constant macro value is too large for the specified type | +| test.c:93:13:93:18 | 32768 | Integer constant macro value is too large for the specified type | +| test.c:97:13:97:18 | - ... | Integer constant macro value is too large for the specified type | +| test.c:98:13:98:20 | - ... | Integer constant macro value is too large for the specified type | +| test.c:99:13:99:19 | - ... | Integer constant macro value is too large for the specified type | +| test.c:109:14:109:24 | 4294967296 | Integer constant macro value is too large for the specified type | +| test.c:110:14:110:25 | 4294967296 | Integer constant macro value is too large for the specified type | +| test.c:120:13:120:22 | 2147483648 | Integer constant macro value is too large for the specified type | +| test.c:121:13:121:22 | 2147483648 | Integer constant macro value is too large for the specified type | +| test.c:124:13:124:23 | - ... | Integer constant macro value is too large for the specified type | +| test.c:125:13:125:23 | - ... | Integer constant macro value is too large for the specified type | \ No newline at end of file diff --git a/c/misra/test/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.qlref b/c/misra/test/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.qlref new file mode 100644 index 0000000000..ca6959acec --- /dev/null +++ b/c/misra/test/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.qlref @@ -0,0 +1 @@ +rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.expected b/c/misra/test/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.expected new file mode 100644 index 0000000000..cabe2c5c51 --- /dev/null +++ b/c/misra/test/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.expected @@ -0,0 +1,5 @@ +| test.c:16:13:16:14 | 1 | Integer constant macro arguments should not have 'u'/'l' suffix. | +| test.c:17:13:17:14 | 2 | Integer constant macro arguments should not have 'u'/'l' suffix. | +| test.c:18:13:18:14 | 3 | Integer constant macro arguments should not have 'u'/'l' suffix. | +| test.c:19:13:19:14 | 4 | Integer constant macro arguments should not have 'u'/'l' suffix. | +| test.c:20:13:20:15 | 5 | Integer constant macro arguments should not have 'u'/'l' suffix. | \ No newline at end of file diff --git a/c/misra/test/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.qlref b/c/misra/test/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.qlref new file mode 100644 index 0000000000..afadb6e34b --- /dev/null +++ b/c/misra/test/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.qlref @@ -0,0 +1 @@ +rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.expected b/c/misra/test/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.expected index b38863eccd..16e28bcd84 100644 --- a/c/misra/test/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.expected +++ b/c/misra/test/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.expected @@ -1,55 +1,5 @@ -| test.c:12:13:12:15 | 1.0 | Invalid integer constant macro: invalid literal type | -| test.c:13:13:12:15 | 0b111 | Invalid integer constant macro: invalid literal type | -| test.c:16:13:16:14 | 1 | Invalid integer constant macro: literal suffixes not allowed | -| test.c:17:13:17:14 | 2 | Invalid integer constant macro: literal suffixes not allowed | -| test.c:18:13:18:14 | 3 | Invalid integer constant macro: literal suffixes not allowed | -| test.c:19:13:19:14 | 4 | Invalid integer constant macro: literal suffixes not allowed | -| test.c:20:13:20:15 | 5 | Invalid integer constant macro: literal suffixes not allowed | -| test.c:26:13:26:15 | 256 | Invalid integer constant macro: invalid size | -| test.c:27:13:27:16 | 256 | Invalid integer constant macro: invalid size | -| test.c:28:13:28:17 | 256 | Invalid integer constant macro: invalid size | -| test.c:31:13:31:14 | - ... | Invalid integer constant macro: signed/unsigned mismatch | -| test.c:32:13:32:15 | - ... | Invalid integer constant macro: signed/unsigned mismatch | -| test.c:33:13:33:15 | - ... | Invalid integer constant macro: signed/unsigned mismatch | -| test.c:34:13:34:17 | - ... | Invalid integer constant macro: signed/unsigned mismatch | -| test.c:37:13:37:17 | ... + ... | Invalid integer constant macro: invalid expression | -| test.c:38:13:38:18 | access to array | Invalid integer constant macro: invalid expression | -| test.c:39:13:39:18 | access to array | Invalid integer constant macro: invalid expression | -| test.c:40:13:39:18 | UINT8_MAX | Invalid integer constant macro: invalid expression | -| test.c:54:12:54:15 | 191 | Invalid integer constant macro: invalid size | -| test.c:55:12:55:14 | 255 | Invalid integer constant macro: invalid size | -| test.c:56:12:56:15 | 192 | Invalid integer constant macro: invalid size | -| test.c:57:12:57:15 | 128 | Invalid integer constant macro: invalid size | -| test.c:61:12:57:15 | -129 | Invalid integer constant macro: invalid size | -| test.c:62:12:57:15 | -129 | Invalid integer constant macro: invalid size | -| test.c:63:12:57:15 | -201 | Invalid integer constant macro: invalid size | -| test.c:64:12:57:15 | -0x81 | Invalid integer constant macro: invalid size | -| test.c:76:14:76:18 | 65536 | Invalid integer constant macro: invalid size | -| test.c:78:14:78:20 | 65536 | Invalid integer constant macro: invalid size | -| test.c:91:13:91:17 | 32768 | Invalid integer constant macro: invalid size | -| test.c:93:13:93:18 | 32768 | Invalid integer constant macro: invalid size | -| test.c:97:13:93:18 | -32769 | Invalid integer constant macro: invalid size | -| test.c:98:13:93:18 | -040001 | Invalid integer constant macro: invalid size | -| test.c:99:13:93:18 | -0x8001 | Invalid integer constant macro: invalid size | -| test.c:109:14:109:24 | 4294967296 | Invalid integer constant macro: invalid size | -| test.c:110:14:110:25 | 4294967296 | Invalid integer constant macro: invalid size | -| test.c:120:13:120:22 | 2147483648 | Invalid integer constant macro: invalid size | -| test.c:121:13:121:23 | 34359738368 | Invalid integer constant macro: invalid size | -| test.c:130:14:130:15 | 0 | Invalid integer constant macro: invalid size | -| test.c:133:14:133:34 | 18446744073709551615 | Invalid integer constant macro: invalid size | -| test.c:134:14:134:32 | 18446744073709551615 | Invalid integer constant macro: invalid size | -| test.c:140:13:140:14 | 0 | Invalid integer constant macro: invalid size | -| test.c:143:13:143:32 | 9223372036854775807 | Invalid integer constant macro: invalid size | -| test.c:147:13:147:33 | - ... | Invalid integer constant macro: invalid size | -| test.c:148:13:148:37 | ... - ... | Invalid integer constant macro: invalid expression | -| test.c:148:13:148:37 | ... - ... | Invalid integer constant macro: invalid literal type | -| test.c:148:13:148:37 | ... - ... | Invalid integer constant macro: invalid size | -| test.c:148:13:148:37 | ... - ... | Invalid integer constant macro: signed/unsigned mismatch | -| test.c:150:13:150:37 | ... - ... | Invalid integer constant macro: invalid expression | -| test.c:150:13:150:37 | ... - ... | Invalid integer constant macro: invalid literal type | -| test.c:150:13:150:37 | ... - ... | Invalid integer constant macro: invalid size | -| test.c:150:13:150:37 | ... - ... | Invalid integer constant macro: signed/unsigned mismatch | -| test.c:152:13:152:31 | 9223372036854775807 | Invalid integer constant macro: invalid size | -| test.c:153:13:153:31 | 9223372036854775808 | Invalid integer constant macro: invalid size | -| test.c:154:13:154:31 | - ... | Invalid integer constant macro: invalid size | -| test.c:155:13:155:30 | - ... | Invalid integer constant macro: invalid size | +| test.c:37:13:37:17 | ... + ... | Integer constant macro argument must be an integer literal. | +| test.c:38:13:38:18 | access to array | Integer constant macro argument must be an integer literal. | +| test.c:39:13:39:19 | access to array | Integer constant macro argument must be an integer literal. | +| test.c:152:13:152:37 | ... - ... | Integer constant macro argument must be an integer literal. | +| test.c:153:13:153:47 | ... - ... | Integer constant macro argument must be an integer literal. | diff --git a/c/misra/test/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.expected b/c/misra/test/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.expected new file mode 100644 index 0000000000..9d8c525527 --- /dev/null +++ b/c/misra/test/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.expected @@ -0,0 +1,2 @@ +| test.c:12:13:12:15 | 1.0 | Integer constant macro arguments must be a decimal, octal, or hex integer literal. | +| test.c:13:13:13:17 | 7 | Integer constant macro arguments must be a decimal, octal, or hex integer literal. | \ No newline at end of file diff --git a/c/misra/test/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.qlref b/c/misra/test/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.qlref new file mode 100644 index 0000000000..5584fe8d46 --- /dev/null +++ b/c/misra/test/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.qlref @@ -0,0 +1 @@ +rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-7-5/test.c b/c/misra/test/rules/RULE-7-5/test.c index 4412bdf82f..f9650254ca 100644 --- a/c/misra/test/rules/RULE-7-5/test.c +++ b/c/misra/test/rules/RULE-7-5/test.c @@ -2,101 +2,101 @@ uint_least8_t g1[] = { // Basic valid - UINT8_C(0), // COMPLIANT - UINT8_C(1), // COMPLIANT - UINT8_C(8), // COMPLIANT + UINT8_C(0), // COMPLIANT + UINT8_C(1), // COMPLIANT + UINT8_C(8), // COMPLIANT UINT8_C(0x23), // COMPLIANT - UINT8_C(034), // COMPLIANT + UINT8_C(034), // COMPLIANT // Incorrect literal types - UINT8_C(1.0), // NON-COMPLIANT + UINT8_C(1.0), // NON-COMPLIANT UINT8_C(0b111), // NON-COMPLIANT // Suffixes disallowed - UINT8_C(1u), // NON-COMPLIANT - UINT8_C(2U), // NON-COMPLIANT - UINT8_C(3l), // NON-COMPLIANT - UINT8_C(4L), // NON-COMPLIANT + UINT8_C(1u), // NON-COMPLIANT + UINT8_C(2U), // NON-COMPLIANT + UINT8_C(3l), // NON-COMPLIANT + UINT8_C(4L), // NON-COMPLIANT UINT8_C(5ul), // NON-COMPLIANT // Range tests - UINT8_C(255), // COMPLIANT - UINT8_C(0xFF), // COMPLIANT - UINT8_C(0377), // COMPLIANT - UINT8_C(256), // NON-COMPLIANT - UINT8_C(0400), // NON-COMPLIANT + UINT8_C(255), // COMPLIANT + UINT8_C(0xFF), // COMPLIANT + UINT8_C(0377), // COMPLIANT + UINT8_C(256), // NON-COMPLIANT + UINT8_C(0400), // NON-COMPLIANT UINT8_C(0x100), // NON-COMPLIANT // Signage tests - UINT8_C(-1), // NON-COMPLIANT - UINT8_C(-20), // NON-COMPLIANT - UINT8_C(-33), // NON-COMPLIANT + UINT8_C(-1), // NON-COMPLIANT + UINT8_C(-20), // NON-COMPLIANT + UINT8_C(-33), // NON-COMPLIANT UINT8_C(-0x44), // NON-COMPLIANT // Invalid nonliteral expressions - UINT8_C(0 + 0), // NON-COMPLIANT - UINT8_C("a"[0]), // NON-COMPLIANT - UINT8_C(0["a"]), // NON-COMPLIANT - UINT8_C(UINT8_MAX), // NON-COMPLIANT + UINT8_C(0 + 0), // NON-COMPLIANT + UINT8_C("a"[0]), // NON-COMPLIANT + UINT8_C(0 ["a"]), // NON-COMPLIANT + UINT8_C(UINT8_MAX), // COMPLIANT }; int_least8_t g2[] = { // Basic valid - INT8_C(0), // COMPLIANT - INT8_C(1), // COMPLIANT - INT8_C(8), // COMPLIANT + INT8_C(0), // COMPLIANT + INT8_C(1), // COMPLIANT + INT8_C(8), // COMPLIANT INT8_C(0x23), // COMPLIANT - INT8_C(034), // COMPLIANT + INT8_C(034), // COMPLIANT // Range tests - INT8_C(127), // COMPLIANT - INT8_C(0x79), // COMPLIANT - INT8_C(0177), // COMPLIANT - INT8_C(128), // NON-COMPLIANT - INT8_C(0200), // NON-COMPLIANT - INT8_C(0x80), // NON-COMPLIANT - INT8_C(-128), // COMPLIANT + INT8_C(127), // COMPLIANT + INT8_C(0x79), // COMPLIANT + INT8_C(0177), // COMPLIANT + INT8_C(128), // NON-COMPLIANT + INT8_C(0200), // NON-COMPLIANT + INT8_C(0x80), // NON-COMPLIANT + INT8_C(-128), // COMPLIANT INT8_C(-0x80), // COMPLIANT INT8_C(-0200), // COMPLIANT - INT8_C(-129), // NON-COMPLIANT + INT8_C(-129), // NON-COMPLIANT INT8_C(-0201), // NON-COMPLIANT INT8_C(-0x81), // NON-COMPLIANT }; uint_least16_t g3[] = { // Basic valid - UINT16_C(0), // COMPLIANT + UINT16_C(0), // COMPLIANT UINT16_C(0x23), // COMPLIANT - UINT16_C(034), // COMPLIANT + UINT16_C(034), // COMPLIANT // Range tests - UINT16_C(65535), // COMPLIANT - UINT16_C(0xFFFF), // COMPLIANT + UINT16_C(65535), // COMPLIANT + UINT16_C(0xFFFF), // COMPLIANT UINT16_C(0177777), // COMPLIANT - UINT16_C(65536), // NON-COMPLIANT + UINT16_C(65536), // NON-COMPLIANT UINT16_C(0200000), // NON-COMPLIANT UINT16_C(0x10000), // NON-COMPLIANT }; int_least16_t g4[] = { // Basic valid - INT16_C(0), // COMPLIANT + INT16_C(0), // COMPLIANT INT16_C(0x23), // COMPLIANT - INT16_C(034), // COMPLIANT + INT16_C(034), // COMPLIANT // Range tests - INT16_C(32767), // COMPLIANT - INT16_C(0x7FFF), // COMPLIANT - INT16_C(077777), // COMPLIANT - INT16_C(32768), // NON-COMPLIANT - INT16_C(0100000), // NON-COMPLIANT - INT16_C(0x8000), // NON-COMPLIANT - INT16_C(-32768), // COMPLIANT - INT16_C(-040000), // COMPLIANT - INT16_C(-0x8000), // COMPLIANT - INT16_C(-32769), // NON-COMPLIANT - INT16_C(-040001), // NON-COMPLIANT - INT16_C(-0x8001), // NON-COMPLIANT + INT16_C(32767), // COMPLIANT + INT16_C(0x7FFF), // COMPLIANT + INT16_C(077777), // COMPLIANT + INT16_C(32768), // NON-COMPLIANT + INT16_C(0100000), // NON-COMPLIANT + INT16_C(0x8000), // NON-COMPLIANT + INT16_C(-32768), // COMPLIANT + INT16_C(-0100000), // COMPLIANT + INT16_C(-0x8000), // COMPLIANT + INT16_C(-32769), // NON-COMPLIANT + INT16_C(-0100001), // NON-COMPLIANT + INT16_C(-0x8001), // NON-COMPLIANT }; uint_least32_t g5[] = { @@ -104,9 +104,9 @@ uint_least32_t g5[] = { UINT32_C(0), // COMPLIANT // Range tests - UINT32_C(4294967295), // COMPLIANT - UINT32_C(0xFFFFFFFF), // COMPLIANT - UINT32_C(4294967296), // NON-COMPLIANT + UINT32_C(4294967295), // COMPLIANT + UINT32_C(0xFFFFFFFF), // COMPLIANT + UINT32_C(4294967296), // NON-COMPLIANT UINT32_C(0x100000000), // NON-COMPLIANT }; @@ -115,14 +115,14 @@ int_least32_t g6[] = { INT32_C(0), // COMPLIANT // Range tests - INT32_C(2147483647), // COMPLIANT - INT32_C(0x7FFFFFFF), // COMPLIANT - INT32_C(2147483648), // NON-COMPLIANT - INT32_C(0x800000000), // NON-COMPLIANT + INT32_C(2147483647), // COMPLIANT + INT32_C(0x7FFFFFFF), // COMPLIANT + INT32_C(2147483648), // NON-COMPLIANT + INT32_C(0x80000000), // NON-COMPLIANT INT32_C(-2147483648), // COMPLIANT INT32_C(-0x80000000), // COMPLIANT - INT32_C(-2147483647), // NON-COMPLIANT - INT32_C(-0x800000001), // NON-COMPLIANT + INT32_C(-2147483649), // NON-COMPLIANT + INT32_C(-0x80000001), // NON-COMPLIANT }; uint_least64_t g7[] = { @@ -131,7 +131,7 @@ uint_least64_t g7[] = { // Range tests UINT64_C(18446744073709551615), // COMPLIANT - UINT64_C(0xFFFFFFFFFFFFFFFF), // COMPLIANT + UINT64_C(0xFFFFFFFFFFFFFFFF), // COMPLIANT // Compile time error if we try to create integer literals beyond this. }; @@ -143,14 +143,18 @@ int_least64_t g8[] = { INT64_C(9223372036854775807), // COMPLIANT // INT64_C(9223372036854775808) is a compile-time error - // -9223372036854775808 allowed, but cannot be created via unary- without compile time errors. - INT64_C(-9223372036854775807), // COMPLIANT + // -9223372036854775808 allowed, but cannot be created via unary- without + // compile time errors. + INT64_C(-9223372036854775807), // COMPLIANT INT64_C(-9223372036854775807 - 1), // COMPLIANT - // -9223372036854775809 is not allowed, and cannot be created via unary- without compile time errors. - INT64_C(-9223372036854775807 - 2), // NON-COMPLIANT + // -9223372036854775809 is not allowed, and cannot be created via unary- + // without compile time errors. + INT64_C(-9223372036854775807 - 2), // NON-COMPLIANT + INT64_C(-9223372036854775807 - 20000000000), // NON-COMPLIANT - INT64_C(0x7FFFFFFFFFFFFFFF), // COMPLIANT - INT64_C(0x8000000000000000), // NON-COMPLIANT + INT64_C(0x7FFFFFFFFFFFFFFF), // COMPLIANT + INT64_C(0x8000000000000000), // NON-COMPLIANT[FALSE NEGATIVE] INT64_C(-0x8000000000000000), // COMPLIANT - INT64_C(-0x8000000000000001), // NON-COMPLIANT + INT64_C(-0x8000000000000001), // NON-COMPLIANT[FALSE NEGATIVE] + INT64_C(-0x8001000000000000), // NON-COMPLIANT }; \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/IntegerConstantMacro.qll b/cpp/common/src/codingstandards/cpp/IntegerConstantMacro.qll index 472866fdea..e38293c8cb 100644 --- a/cpp/common/src/codingstandards/cpp/IntegerConstantMacro.qll +++ b/cpp/common/src/codingstandards/cpp/IntegerConstantMacro.qll @@ -1,35 +1,35 @@ import cpp +/** + * The family of macros `xINTsize_C(arg)` (e.g. `UINT16_C(123)`) which are used + * to create an integer constant of type `Xint_leastSIZE_t` (e.g. + * `uint_least16_t). + */ class IntegerConstantMacro extends Macro { boolean signed; int size; + IntegerConstantMacro() { - ( signed = true and size = getName().regexpCapture("INT(8|16|32|64)_C", 1).toInt() - ) or ( + or signed = false and size = getName().regexpCapture("UINT(8|16|32|64)_C", 1).toInt() - ) } - predicate isSmall() { - size < 32 - } + predicate isSmall() { size < 32 } - int getSize() { - result = size - } + int getSize() { result = size } - predicate isSigned() { - signed = true - } + predicate isSigned() { signed = true } - int maxValue() { - (signed = true and result = 2.pow(getSize() - 1) - 1) or - (signed = false and result = 2.pow(getSize()) - 1) + float maxValue() { + signed = true and result = 2.pow(size - 1 * 1.0) - 1 + or + signed = false and result = 2.pow(size) - 1 } - int minValue() { - (signed = true and result = -(2.0.pow(getSize() - 1))) or - (signed = false and result = 0) + float minValue() { + signed = true and result = -2.pow(size - 1) + or + signed = false and result = 0 } -} \ No newline at end of file +} diff --git a/cpp/common/src/codingstandards/cpp/Literals.qll b/cpp/common/src/codingstandards/cpp/Literals.qll index 66e15b28dc..cc0d28dec9 100644 --- a/cpp/common/src/codingstandards/cpp/Literals.qll +++ b/cpp/common/src/codingstandards/cpp/Literals.qll @@ -4,6 +4,7 @@ import cpp import codingstandards.cpp.Cpp14Literal +import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis class IntegerLiteral = Cpp14Literal::IntegerLiteral; @@ -70,3 +71,46 @@ class BoolLiteral extends Literal { this.getValue() = "0" and this.getValueText() = "false" } } + +/** + * Abstract case to handle positive and negative "literal" expressions. + * + * All numeric literals in c/cpp are positive. To create a negative constant + * value in a program means applying the unary- operator to a positive literal. + * This class effectively describes positive or negative literals. + */ +abstract class PossiblyNegativeLiteral extends Expr { + /* The syntactic literal, stripped of potential negation */ + abstract Cpp14Literal::NumericLiteral getBaseLiteral(); + + /* The value as a literal reads, without potential underflows from negation */ + abstract float getRawValue(); + + predicate isNegative() { this instanceof NegativeLiteral } +} + +/** + * A negation of a positive literal, creating what can be thought of as a + * "negative literal." + */ +class NegativeLiteral extends PossiblyNegativeLiteral, UnaryMinusExpr { + Cpp14Literal::NumericLiteral literal; + + NegativeLiteral() { literal = getOperand() } + + override Cpp14Literal::NumericLiteral getBaseLiteral() { result = literal } + + override float getRawValue() { result = -lowerBound(literal) } +} + +/** + * A literal which is not immediately negated by a parent unary- expression, + * which can be thought of as a "positive literal." + */ +class PositiveLiteral extends PossiblyNegativeLiteral, Cpp14Literal::NumericLiteral { + PositiveLiteral() { not exists(UnaryMinusExpr l | l.getOperand() = this) } + + override Cpp14Literal::NumericLiteral getBaseLiteral() { result = this } + + override float getRawValue() { result = lowerBound(this) } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Types2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Types2.qll index fbb5d06ee4..3b2d3a4342 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Types2.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Types2.qll @@ -5,6 +5,9 @@ import codingstandards.cpp.exclusions.RuleMetadata newtype Types2Query = TInvalidIntegerConstantMacroArgumentQuery() or + TInvalidLiteralForIntegerConstantMacroArgumentQuery() or + TIntegerConstantMacroArgumentUsesSuffixQuery() or + TIncorrectlySizedIntegerConstantMacroArgumentQuery() or TUseOfBannedSmallIntegerConstantMacroQuery() predicate isTypes2QueryMetadata(Query query, string queryId, string ruleId, string category) { @@ -17,6 +20,33 @@ predicate isTypes2QueryMetadata(Query query, string queryId, string ruleId, stri ruleId = "RULE-7-5" and category = "required" or + query = + // `Query` instance for the `invalidLiteralForIntegerConstantMacroArgument` query + Types2Package::invalidLiteralForIntegerConstantMacroArgumentQuery() and + queryId = + // `@id` for the `invalidLiteralForIntegerConstantMacroArgument` query + "c/misra/invalid-literal-for-integer-constant-macro-argument" and + ruleId = "RULE-7-5" and + category = "required" + or + query = + // `Query` instance for the `integerConstantMacroArgumentUsesSuffix` query + Types2Package::integerConstantMacroArgumentUsesSuffixQuery() and + queryId = + // `@id` for the `integerConstantMacroArgumentUsesSuffix` query + "c/misra/integer-constant-macro-argument-uses-suffix" and + ruleId = "RULE-7-5" and + category = "required" + or + query = + // `Query` instance for the `incorrectlySizedIntegerConstantMacroArgument` query + Types2Package::incorrectlySizedIntegerConstantMacroArgumentQuery() and + queryId = + // `@id` for the `incorrectlySizedIntegerConstantMacroArgument` query + "c/misra/incorrectly-sized-integer-constant-macro-argument" and + ruleId = "RULE-7-5" and + category = "required" + or query = // `Query` instance for the `useOfBannedSmallIntegerConstantMacro` query Types2Package::useOfBannedSmallIntegerConstantMacroQuery() and @@ -35,6 +65,27 @@ module Types2Package { TQueryC(TTypes2PackageQuery(TInvalidIntegerConstantMacroArgumentQuery())) } + Query invalidLiteralForIntegerConstantMacroArgumentQuery() { + //autogenerate `Query` type + result = + // `Query` type for `invalidLiteralForIntegerConstantMacroArgument` query + TQueryC(TTypes2PackageQuery(TInvalidLiteralForIntegerConstantMacroArgumentQuery())) + } + + Query integerConstantMacroArgumentUsesSuffixQuery() { + //autogenerate `Query` type + result = + // `Query` type for `integerConstantMacroArgumentUsesSuffix` query + TQueryC(TTypes2PackageQuery(TIntegerConstantMacroArgumentUsesSuffixQuery())) + } + + Query incorrectlySizedIntegerConstantMacroArgumentQuery() { + //autogenerate `Query` type + result = + // `Query` type for `incorrectlySizedIntegerConstantMacroArgument` query + TQueryC(TTypes2PackageQuery(TIncorrectlySizedIntegerConstantMacroArgumentQuery())) + } + Query useOfBannedSmallIntegerConstantMacroQuery() { //autogenerate `Query` type result = diff --git a/rule_packages/c/Types2.json b/rule_packages/c/Types2.json index 9468af278c..6933d3eb63 100644 --- a/rule_packages/c/Types2.json +++ b/rule_packages/c/Types2.json @@ -6,15 +6,52 @@ }, "queries": [ { - "description": "Integer constant macros should be given appropriate values for the size of the integer type.", + "description": "Integer constant macros should be given a literal value as an argument", "kind": "problem", - "name": "The argument of an integer constant macro shall have an appropriate form", + "name": "The argument of an integer constant macro shall be a literal", "precision": "very-high", "severity": "error", "short_name": "InvalidIntegerConstantMacroArgument", "tags": [ "correctness" ] + }, + { + "description": "Integer constant macro arguments should be a decimal, hex, or octal literal", + "kind": "problem", + "name": "The argument of an integer constant macro shall be a decimal, hex, or octal literal", + "precision": "very-high", + "severity": "error", + "short_name": "InvalidLiteralForIntegerConstantMacroArgument", + "tags": [ + "correctness" + ] + }, + { + "description": "Integer constant macros should be used integer literal values with no u/l suffix.", + "kind": "problem", + "name": "The argument of an integer constant macro shall not use literal suffixes u, l, or ul", + "precision": "very-high", + "severity": "error", + "short_name": "IntegerConstantMacroArgumentUsesSuffix", + "tags": [ + "readability", + "maintainability" + ] + }, + { + "description": "Integer constant macros argument values should be values of a compatible size", + "kind": "problem", + "name": "The argument of an integer constant macro shall have an appropriate size", + "precision": "very-high", + "severity": "error", + "short_name": "IncorrectlySizedIntegerConstantMacroArgument", + "tags": [ + "correctness" + ], + "implementation_scope": { + "description": "This rule can validate integers sized 32 or smaller. When the CodeQL runtime supports big ints, this will be expanded to include 64 bit integer types." + } } ], "title": "The argument of an integer constant macro shall have an appropriate form" From 67d5426e048f1b84e965a477c283a09421dfd9e1 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Mon, 30 Sep 2024 16:51:54 -0700 Subject: [PATCH 2086/2573] Fix 7-6 formatting --- .../RULE-7-6/UseOfBannedSmallIntegerConstantMacro.ql | 8 +++----- c/misra/test/rules/RULE-7-6/test.c | 10 +++++----- 2 files changed, 8 insertions(+), 10 deletions(-) diff --git a/c/misra/src/rules/RULE-7-6/UseOfBannedSmallIntegerConstantMacro.ql b/c/misra/src/rules/RULE-7-6/UseOfBannedSmallIntegerConstantMacro.ql index cac7f091a8..9a1844601b 100644 --- a/c/misra/src/rules/RULE-7-6/UseOfBannedSmallIntegerConstantMacro.ql +++ b/c/misra/src/rules/RULE-7-6/UseOfBannedSmallIntegerConstantMacro.ql @@ -15,11 +15,9 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.IntegerConstantMacro - from MacroInvocation macroInvoke, IntegerConstantMacro macro where not isExcluded(macroInvoke, Types2Package::useOfBannedSmallIntegerConstantMacroQuery()) and - macroInvoke.getMacro() = macro - and macro.isSmall() -select - macroInvoke, "Usage of small integer constant macro " + macro.getName() + " is not allowed." + macroInvoke.getMacro() = macro and + macro.isSmall() +select macroInvoke, "Usage of small integer constant macro " + macro.getName() + " is not allowed." diff --git a/c/misra/test/rules/RULE-7-6/test.c b/c/misra/test/rules/RULE-7-6/test.c index f2b783e800..9832cdf251 100644 --- a/c/misra/test/rules/RULE-7-6/test.c +++ b/c/misra/test/rules/RULE-7-6/test.c @@ -1,10 +1,10 @@ #include "stdint.h" -int8_t g1 = INT8_C(0x12); // NON-COMPLIANT -uint8_t g2 = UINT8_C(0x12); // NON-COMPLIANT -int16_t g3 = INT16_C(0x1234); // NON-COMPLIANT +int8_t g1 = INT8_C(0x12); // NON-COMPLIANT +uint8_t g2 = UINT8_C(0x12); // NON-COMPLIANT +int16_t g3 = INT16_C(0x1234); // NON-COMPLIANT uint16_t g4 = UINT16_C(0x1234); // NON-COMPLIANT -int32_t g5 = INT32_C(0x1234); // COMPLIANT +int32_t g5 = INT32_C(0x1234); // COMPLIANT uint32_t g6 = UINT32_C(0x1234); // COMPLIANT -int64_t g7 = INT64_C(0x1234); // COMPLIANT +int64_t g7 = INT64_C(0x1234); // COMPLIANT uint64_t g8 = UINT64_C(0x1234); // COMPLIANT \ No newline at end of file From 24984097e6e9ac62be452367e1dbe4731fe81f15 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Mon, 30 Sep 2024 16:53:50 -0700 Subject: [PATCH 2087/2573] Add full stops to Types.json --- rule_packages/c/Types2.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/rule_packages/c/Types2.json b/rule_packages/c/Types2.json index 6933d3eb63..4c4aaaaa7a 100644 --- a/rule_packages/c/Types2.json +++ b/rule_packages/c/Types2.json @@ -6,7 +6,7 @@ }, "queries": [ { - "description": "Integer constant macros should be given a literal value as an argument", + "description": "Integer constant macros should be given a literal value as an argument.", "kind": "problem", "name": "The argument of an integer constant macro shall be a literal", "precision": "very-high", @@ -17,7 +17,7 @@ ] }, { - "description": "Integer constant macro arguments should be a decimal, hex, or octal literal", + "description": "Integer constant macro arguments should be a decimal, hex, or octal literal.", "kind": "problem", "name": "The argument of an integer constant macro shall be a decimal, hex, or octal literal", "precision": "very-high", @@ -40,7 +40,7 @@ ] }, { - "description": "Integer constant macros argument values should be values of a compatible size", + "description": "Integer constant macros argument values should be values of a compatible size.", "kind": "problem", "name": "The argument of an integer constant macro shall have an appropriate size", "precision": "very-high", From 9696f7b4c7b14abd24773ab9045df5803610cf64 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Mon, 30 Sep 2024 16:55:11 -0700 Subject: [PATCH 2088/2573] Add full stops to query metadata. --- .../RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.ql | 2 +- .../src/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.ql | 2 +- .../RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.ql | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/c/misra/src/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.ql b/c/misra/src/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.ql index dd1417c2a6..b0ed49f9cc 100644 --- a/c/misra/src/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.ql +++ b/c/misra/src/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.ql @@ -1,7 +1,7 @@ /** * @id c/misra/incorrectly-sized-integer-constant-macro-argument * @name RULE-7-5: The argument of an integer constant macro shall have an appropriate size - * @description Integer constant macros argument values should be values of a compatible size + * @description Integer constant macros argument values should be values of a compatible size. * @kind problem * @precision very-high * @problem.severity error diff --git a/c/misra/src/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.ql b/c/misra/src/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.ql index 33ec266b51..b7516a1ff8 100644 --- a/c/misra/src/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.ql +++ b/c/misra/src/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.ql @@ -1,7 +1,7 @@ /** * @id c/misra/invalid-integer-constant-macro-argument * @name RULE-7-5: The argument of an integer constant macro shall be a literal - * @description Integer constant macros should be given a literal value as an argument + * @description Integer constant macros should be given a literal value as an argument. * @kind problem * @precision very-high * @problem.severity error diff --git a/c/misra/src/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.ql b/c/misra/src/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.ql index 2447d82f6f..7d102f667b 100644 --- a/c/misra/src/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.ql +++ b/c/misra/src/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.ql @@ -1,7 +1,7 @@ /** * @id c/misra/invalid-literal-for-integer-constant-macro-argument * @name RULE-7-5: The argument of an integer constant macro shall be a decimal, hex, or octal literal - * @description Integer constant macro arguments should be a decimal, hex, or octal literal + * @description Integer constant macro arguments should be a decimal, hex, or octal literal. * @kind problem * @precision very-high * @problem.severity error From 916ef4dec056d4280505e2b3497222693ff4003c Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Tue, 1 Oct 2024 16:56:18 -0700 Subject: [PATCH 2089/2573] Handle cases where AST/extractor give us incomplete/messy information. Add a new UnrecognizedNumericLiteral class in Literal.qll which matches literals that have a numeric value but don't match any regexes for the literal types (hex, decimal, float, octal, binary). Exclude that from results in InvalidLiteralForIntegerConstantMacroArgument.ql --- ...dLiteralForIntegerConstantMacroArgument.ql | 4 ++- c/misra/test/rules/RULE-7-5/test.c | 9 +++++- .../src/codingstandards/cpp/Cpp14Literal.qll | 30 +++++++++++++++---- 3 files changed, 36 insertions(+), 7 deletions(-) diff --git a/c/misra/src/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.ql b/c/misra/src/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.ql index 7d102f667b..893151f2be 100644 --- a/c/misra/src/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.ql +++ b/c/misra/src/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.ql @@ -23,7 +23,9 @@ import codingstandards.cpp.Literals predicate validLiteralType(PossiblyNegativeLiteral literal) { literal.getBaseLiteral() instanceof Cpp14Literal::DecimalLiteral or literal.getBaseLiteral() instanceof Cpp14Literal::OctalLiteral or - literal.getBaseLiteral() instanceof Cpp14Literal::HexLiteral + literal.getBaseLiteral() instanceof Cpp14Literal::HexLiteral or + // Ignore cases where the AST/extractor don't give us enough information: + literal.getBaseLiteral() instanceof Cpp14Literal::UnrecognizedNumericLiteral } /** diff --git a/c/misra/test/rules/RULE-7-5/test.c b/c/misra/test/rules/RULE-7-5/test.c index f9650254ca..027ecb1827 100644 --- a/c/misra/test/rules/RULE-7-5/test.c +++ b/c/misra/test/rules/RULE-7-5/test.c @@ -157,4 +157,11 @@ int_least64_t g8[] = { INT64_C(-0x8000000000000000), // COMPLIANT INT64_C(-0x8000000000000001), // NON-COMPLIANT[FALSE NEGATIVE] INT64_C(-0x8001000000000000), // NON-COMPLIANT -}; \ No newline at end of file +}; + +// Other edge cases: +void f(void) { + uint32_t l1 = 1; + // `UnrecognizedNumericLiteral` case: + int64_t l2 = ((int32_t)UINT64_C(0x1b2) * (l1)); // COMPLIANT +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/Cpp14Literal.qll b/cpp/common/src/codingstandards/cpp/Cpp14Literal.qll index c974ec7eb8..b77702fef6 100644 --- a/cpp/common/src/codingstandards/cpp/Cpp14Literal.qll +++ b/cpp/common/src/codingstandards/cpp/Cpp14Literal.qll @@ -9,6 +9,9 @@ module Cpp14Literal { /** An numeric literal. */ abstract class NumericLiteral extends StandardLibrary::Literal { } + /** Convenience for implementing class `UnrecognizedNumericLiteral` */ + abstract private class RecognizedNumericLiteral extends StandardLibrary::Literal { } + /** An integer literal. */ abstract class IntegerLiteral extends NumericLiteral { predicate isSigned() { not isUnsigned() } @@ -23,7 +26,7 @@ module Cpp14Literal { * ``` * Octal literals must always start with the digit `0`. */ - class OctalLiteral extends IntegerLiteral { + class OctalLiteral extends IntegerLiteral, RecognizedNumericLiteral { OctalLiteral() { getValueText().regexpMatch("\\s*0[0-7']*[uUlL]*\\s*") } override string getAPrimaryQlClass() { result = "OctalLiteral" } @@ -35,7 +38,7 @@ module Cpp14Literal { * unsigned int32_t minus2 = 0xfffffffe; * ``` */ - class HexLiteral extends IntegerLiteral { + class HexLiteral extends IntegerLiteral, RecognizedNumericLiteral { HexLiteral() { getValueText().regexpMatch("\\s*0[xX][0-9a-fA-F']+[uUlL]*\\s*") } override string getAPrimaryQlClass() { result = "HexLiteral" } @@ -47,7 +50,7 @@ module Cpp14Literal { * unsigned int32_t binary = 0b101010; * ``` */ - class BinaryLiteral extends IntegerLiteral { + class BinaryLiteral extends IntegerLiteral, RecognizedNumericLiteral { BinaryLiteral() { getValueText().regexpMatch("\\s*0[bB][0-1']*[uUlL]*\\s*") } override string getAPrimaryQlClass() { result = "BinaryLiteral" } @@ -59,7 +62,7 @@ module Cpp14Literal { * unsigned int32_t decimal = 10340923; * ``` */ - class DecimalLiteral extends IntegerLiteral { + class DecimalLiteral extends IntegerLiteral, RecognizedNumericLiteral { DecimalLiteral() { getValueText().regexpMatch("\\s*[1-9][0-9']*[uUlL]*\\s*") } override string getAPrimaryQlClass() { result = "DecimalLiteral" } @@ -71,7 +74,7 @@ module Cpp14Literal { * double floating = 1.340923e-19; * ``` */ - class FloatingLiteral extends NumericLiteral { + class FloatingLiteral extends RecognizedNumericLiteral { FloatingLiteral() { getValueText().regexpMatch("\\s*[0-9][0-9']*(\\.[0-9']+)?([eE][\\+\\-]?[0-9']+)?[flFL]?\\s*") and // A decimal literal takes precedent @@ -83,6 +86,23 @@ module Cpp14Literal { override string getAPrimaryQlClass() { result = "FloatingLiteral" } } + /** + * Literal values with conversions and macros cannot always be trivially + * parsed from `Literal.getValueText()`, and have loss of required + * information in `Literal.getValue()`. This class covers cases that appear + * to be `NumericLiteral`s but cannot be determined to be a hex, decimal, + * octal, binary, or float literal, but still are parsed as a Literal with a + * number value. + */ + class UnrecognizedNumericLiteral extends NumericLiteral { + UnrecognizedNumericLiteral() { + this.getValue().regexpMatch("[0-9.e]+") and + not this instanceof RecognizedNumericLiteral + } + } + + predicate test(RecognizedNumericLiteral r, string valueText) { valueText = r.getValueText() } + /** * A character literal. For example: * ``` From c9436f9af3d46f6d86bbf06e0f15faec7d854d74 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Wed, 2 Oct 2024 09:33:20 -0700 Subject: [PATCH 2090/2573] Fix broken test, remove debug code --- cpp/common/src/codingstandards/cpp/Cpp14Literal.qll | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Cpp14Literal.qll b/cpp/common/src/codingstandards/cpp/Cpp14Literal.qll index b77702fef6..ca3a7fb251 100644 --- a/cpp/common/src/codingstandards/cpp/Cpp14Literal.qll +++ b/cpp/common/src/codingstandards/cpp/Cpp14Literal.qll @@ -74,7 +74,7 @@ module Cpp14Literal { * double floating = 1.340923e-19; * ``` */ - class FloatingLiteral extends RecognizedNumericLiteral { + class FloatingLiteral extends NumericLiteral, RecognizedNumericLiteral { FloatingLiteral() { getValueText().regexpMatch("\\s*[0-9][0-9']*(\\.[0-9']+)?([eE][\\+\\-]?[0-9']+)?[flFL]?\\s*") and // A decimal literal takes precedent @@ -101,8 +101,6 @@ module Cpp14Literal { } } - predicate test(RecognizedNumericLiteral r, string valueText) { valueText = r.getValueText() } - /** * A character literal. For example: * ``` From 581eb32720ac0a86bb4fa94b8b0d068455fe18ab Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Wed, 2 Oct 2024 11:33:20 -0700 Subject: [PATCH 2091/2573] Add more info to query result strings --- ...rectlySizedIntegerConstantMacroArgument.ql | 7 ++- .../IntegerConstantMacroArgumentUsesSuffix.ql | 12 ++-- .../InvalidIntegerConstantMacroArgument.ql | 3 +- ...dLiteralForIntegerConstantMacroArgument.ql | 17 +++++- ...SizedIntegerConstantMacroArgument.expected | 58 ++++++++++--------- ...erConstantMacroArgumentUsesSuffix.expected | 12 ++-- ...validIntegerConstantMacroArgument.expected | 10 ++-- ...alForIntegerConstantMacroArgument.expected | 5 +- c/misra/test/rules/RULE-7-5/test.c | 18 +++--- .../cpp/IntegerConstantMacro.qll | 4 ++ 10 files changed, 89 insertions(+), 57 deletions(-) diff --git a/c/misra/src/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.ql b/c/misra/src/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.ql index b0ed49f9cc..06a7eb7658 100644 --- a/c/misra/src/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.ql +++ b/c/misra/src/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.ql @@ -37,8 +37,9 @@ where invoke.getMacro() = macro and literal = invoke.getExpr() and ( - not matchesSign(macro, invoke.getExpr()) and explanation = "cannot be negative" + not matchesSign(macro, invoke.getExpr()) and explanation = " cannot be negative" or - not matchesSize(macro, invoke.getExpr()) and explanation = "is too large for the specified type" + not matchesSize(macro, invoke.getExpr()) and + explanation = " is outside of the allowed range " + macro.getRangeString() ) -select invoke.getExpr(), "Integer constant macro value " + explanation +select invoke.getExpr(), "Value provided to integer constant macro " + macro.getName() + explanation diff --git a/c/misra/src/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.ql b/c/misra/src/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.ql index f4ca73e16c..15243ecb29 100644 --- a/c/misra/src/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.ql +++ b/c/misra/src/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.ql @@ -16,14 +16,16 @@ import codingstandards.c.misra import codingstandards.cpp.IntegerConstantMacro import codingstandards.cpp.Literals -predicate usesSuffix(MacroInvocation invoke) { - invoke.getUnexpandedArgument(0).regexpMatch(".*[uUlL]") +string argumentSuffix(MacroInvocation invoke) { + result = invoke.getUnexpandedArgument(0).regexpCapture(".*[^uUlL]([uUlL]+)$", 1) } -from MacroInvocation invoke, PossiblyNegativeLiteral argument +from MacroInvocation invoke, PossiblyNegativeLiteral argument, string suffix where not isExcluded(invoke, Types2Package::integerConstantMacroArgumentUsesSuffixQuery()) and invoke.getMacro() instanceof IntegerConstantMacro and invoke.getExpr() = argument and - usesSuffix(invoke) -select invoke.getExpr(), "Integer constant macro arguments should not have 'u'/'l' suffix." + suffix = argumentSuffix(invoke) +select invoke.getExpr(), + "Value suffix '" + suffix + "' is not allowed on provided argument to integer constant macro " + + invoke.getMacroName() + "." diff --git a/c/misra/src/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.ql b/c/misra/src/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.ql index b7516a1ff8..7b20159bb0 100644 --- a/c/misra/src/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.ql +++ b/c/misra/src/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.ql @@ -38,4 +38,5 @@ where invoke.getMacro() = macro and not invoke.getExpr() instanceof PossiblyNegativeLiteral and not specialMaxNegative64Exception(macro, invoke.getExpr()) -select invoke.getExpr(), "Integer constant macro argument must be an integer literal." +select invoke.getExpr(), + "Argument to integer constant macro " + macro.getName() + " must be an integer literal." diff --git a/c/misra/src/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.ql b/c/misra/src/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.ql index 893151f2be..9d3cd33d00 100644 --- a/c/misra/src/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.ql +++ b/c/misra/src/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.ql @@ -37,6 +37,18 @@ predicate seemsBinaryLiteral(MacroInvocation invoke) { invoke.getUnexpandedArgument(0).regexpMatch("0[bB][01]+") } +string explainIncorrectArgument(MacroInvocation invoke) { + if seemsBinaryLiteral(invoke) + then result = "binary literal" + else + exists(PossiblyNegativeLiteral literal | + literal = invoke.getExpr() and + if literal.getBaseLiteral() instanceof Cpp14Literal::FloatingLiteral + then result = "floating point literal" + else result = "invalid literal" + ) +} + from MacroInvocation invoke, PossiblyNegativeLiteral literal where not isExcluded(invoke, Types2Package::invalidLiteralForIntegerConstantMacroArgumentQuery()) and @@ -46,4 +58,7 @@ where not validLiteralType(literal) or seemsBinaryLiteral(invoke) ) -select literal, "Integer constant macro arguments must be a decimal, octal, or hex integer literal." +select literal, + "Integer constant macro " + invoke.getMacroName() + " used with " + + explainIncorrectArgument(invoke) + + " argument, only decimal, octal, or hex integer literal allowed." diff --git a/c/misra/test/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.expected b/c/misra/test/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.expected index 9ce9b29e3c..08816f8351 100644 --- a/c/misra/test/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.expected +++ b/c/misra/test/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.expected @@ -1,28 +1,30 @@ -| test.c:26:13:26:15 | 256 | Integer constant macro value is too large for the specified type | -| test.c:27:13:27:16 | 256 | Integer constant macro value is too large for the specified type | -| test.c:28:13:28:17 | 256 | Integer constant macro value is too large for the specified type | -| test.c:31:13:31:14 | - ... | Integer constant macro value cannot be negative | -| test.c:32:13:32:15 | - ... | Integer constant macro value cannot be negative | -| test.c:33:13:33:15 | - ... | Integer constant macro value cannot be negative | -| test.c:34:13:34:17 | - ... | Integer constant macro value cannot be negative | -| test.c:55:12:55:14 | 128 | Integer constant macro value is too large for the specified type | -| test.c:56:12:56:15 | 128 | Integer constant macro value is too large for the specified type | -| test.c:57:12:57:15 | 128 | Integer constant macro value is too large for the specified type | -| test.c:61:12:61:15 | - ... | Integer constant macro value is too large for the specified type | -| test.c:62:12:62:16 | - ... | Integer constant macro value is too large for the specified type | -| test.c:63:12:63:16 | - ... | Integer constant macro value is too large for the specified type | -| test.c:76:14:76:18 | 65536 | Integer constant macro value is too large for the specified type | -| test.c:77:14:77:20 | 65536 | Integer constant macro value is too large for the specified type | -| test.c:78:14:78:20 | 65536 | Integer constant macro value is too large for the specified type | -| test.c:91:13:91:17 | 32768 | Integer constant macro value is too large for the specified type | -| test.c:92:13:92:19 | 32768 | Integer constant macro value is too large for the specified type | -| test.c:93:13:93:18 | 32768 | Integer constant macro value is too large for the specified type | -| test.c:97:13:97:18 | - ... | Integer constant macro value is too large for the specified type | -| test.c:98:13:98:20 | - ... | Integer constant macro value is too large for the specified type | -| test.c:99:13:99:19 | - ... | Integer constant macro value is too large for the specified type | -| test.c:109:14:109:24 | 4294967296 | Integer constant macro value is too large for the specified type | -| test.c:110:14:110:25 | 4294967296 | Integer constant macro value is too large for the specified type | -| test.c:120:13:120:22 | 2147483648 | Integer constant macro value is too large for the specified type | -| test.c:121:13:121:22 | 2147483648 | Integer constant macro value is too large for the specified type | -| test.c:124:13:124:23 | - ... | Integer constant macro value is too large for the specified type | -| test.c:125:13:125:23 | - ... | Integer constant macro value is too large for the specified type | \ No newline at end of file +| test.c:13:13:13:16 | - ... | Value provided to integer constant macro UINT8_C cannot be negative | +| test.c:15:13:15:18 | - ... | Value provided to integer constant macro UINT8_C cannot be negative | +| test.c:30:13:30:15 | 256 | Value provided to integer constant macro UINT8_C is outside of the allowed range 0..255 | +| test.c:31:13:31:16 | 256 | Value provided to integer constant macro UINT8_C is outside of the allowed range 0..255 | +| test.c:32:13:32:17 | 256 | Value provided to integer constant macro UINT8_C is outside of the allowed range 0..255 | +| test.c:35:13:35:14 | - ... | Value provided to integer constant macro UINT8_C cannot be negative | +| test.c:36:13:36:15 | - ... | Value provided to integer constant macro UINT8_C cannot be negative | +| test.c:37:13:37:15 | - ... | Value provided to integer constant macro UINT8_C cannot be negative | +| test.c:38:13:38:17 | - ... | Value provided to integer constant macro UINT8_C cannot be negative | +| test.c:59:12:59:14 | 128 | Value provided to integer constant macro INT8_C is outside of the allowed range -128..127 | +| test.c:60:12:60:15 | 128 | Value provided to integer constant macro INT8_C is outside of the allowed range -128..127 | +| test.c:61:12:61:15 | 128 | Value provided to integer constant macro INT8_C is outside of the allowed range -128..127 | +| test.c:65:12:65:15 | - ... | Value provided to integer constant macro INT8_C is outside of the allowed range -128..127 | +| test.c:66:12:66:16 | - ... | Value provided to integer constant macro INT8_C is outside of the allowed range -128..127 | +| test.c:67:12:67:16 | - ... | Value provided to integer constant macro INT8_C is outside of the allowed range -128..127 | +| test.c:80:14:80:18 | 65536 | Value provided to integer constant macro UINT16_C is outside of the allowed range 0..65535 | +| test.c:81:14:81:20 | 65536 | Value provided to integer constant macro UINT16_C is outside of the allowed range 0..65535 | +| test.c:82:14:82:20 | 65536 | Value provided to integer constant macro UINT16_C is outside of the allowed range 0..65535 | +| test.c:95:13:95:17 | 32768 | Value provided to integer constant macro INT16_C is outside of the allowed range -32768..32767 | +| test.c:96:13:96:19 | 32768 | Value provided to integer constant macro INT16_C is outside of the allowed range -32768..32767 | +| test.c:97:13:97:18 | 32768 | Value provided to integer constant macro INT16_C is outside of the allowed range -32768..32767 | +| test.c:101:13:101:18 | - ... | Value provided to integer constant macro INT16_C is outside of the allowed range -32768..32767 | +| test.c:102:13:102:20 | - ... | Value provided to integer constant macro INT16_C is outside of the allowed range -32768..32767 | +| test.c:103:13:103:19 | - ... | Value provided to integer constant macro INT16_C is outside of the allowed range -32768..32767 | +| test.c:113:14:113:24 | 4294967296 | Value provided to integer constant macro UINT32_C is outside of the allowed range 0..4294967295 | +| test.c:114:14:114:25 | 4294967296 | Value provided to integer constant macro UINT32_C is outside of the allowed range 0..4294967295 | +| test.c:124:13:124:22 | 2147483648 | Value provided to integer constant macro INT32_C is outside of the allowed range -2147483648..2147483647 | +| test.c:125:13:125:22 | 2147483648 | Value provided to integer constant macro INT32_C is outside of the allowed range -2147483648..2147483647 | +| test.c:128:13:128:23 | - ... | Value provided to integer constant macro INT32_C is outside of the allowed range -2147483648..2147483647 | +| test.c:129:13:129:23 | - ... | Value provided to integer constant macro INT32_C is outside of the allowed range -2147483648..2147483647 | diff --git a/c/misra/test/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.expected b/c/misra/test/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.expected index cabe2c5c51..52adf1233e 100644 --- a/c/misra/test/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.expected +++ b/c/misra/test/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.expected @@ -1,5 +1,7 @@ -| test.c:16:13:16:14 | 1 | Integer constant macro arguments should not have 'u'/'l' suffix. | -| test.c:17:13:17:14 | 2 | Integer constant macro arguments should not have 'u'/'l' suffix. | -| test.c:18:13:18:14 | 3 | Integer constant macro arguments should not have 'u'/'l' suffix. | -| test.c:19:13:19:14 | 4 | Integer constant macro arguments should not have 'u'/'l' suffix. | -| test.c:20:13:20:15 | 5 | Integer constant macro arguments should not have 'u'/'l' suffix. | \ No newline at end of file +| test.c:18:13:18:14 | 1 | Value suffix 'u' is not allowed on provided argument to integer constant macro UINT8_C. | +| test.c:19:13:19:14 | 2 | Value suffix 'U' is not allowed on provided argument to integer constant macro UINT8_C. | +| test.c:20:13:20:14 | 3 | Value suffix 'l' is not allowed on provided argument to integer constant macro UINT8_C. | +| test.c:21:13:21:14 | 4 | Value suffix 'L' is not allowed on provided argument to integer constant macro UINT8_C. | +| test.c:22:13:22:15 | 5 | Value suffix 'ul' is not allowed on provided argument to integer constant macro UINT8_C. | +| test.c:23:13:23:15 | 5 | Value suffix 'll' is not allowed on provided argument to integer constant macro UINT8_C. | +| test.c:24:13:24:16 | 5 | Value suffix 'ull' is not allowed on provided argument to integer constant macro UINT8_C. | diff --git a/c/misra/test/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.expected b/c/misra/test/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.expected index 16e28bcd84..b3191fa74c 100644 --- a/c/misra/test/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.expected +++ b/c/misra/test/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.expected @@ -1,5 +1,5 @@ -| test.c:37:13:37:17 | ... + ... | Integer constant macro argument must be an integer literal. | -| test.c:38:13:38:18 | access to array | Integer constant macro argument must be an integer literal. | -| test.c:39:13:39:19 | access to array | Integer constant macro argument must be an integer literal. | -| test.c:152:13:152:37 | ... - ... | Integer constant macro argument must be an integer literal. | -| test.c:153:13:153:47 | ... - ... | Integer constant macro argument must be an integer literal. | +| test.c:41:13:41:17 | ... + ... | Argument to integer constant macro UINT8_C must be an integer literal. | +| test.c:42:13:42:18 | access to array | Argument to integer constant macro UINT8_C must be an integer literal. | +| test.c:43:13:43:19 | access to array | Argument to integer constant macro UINT8_C must be an integer literal. | +| test.c:156:13:156:37 | ... - ... | Argument to integer constant macro INT64_C must be an integer literal. | +| test.c:157:13:157:47 | ... - ... | Argument to integer constant macro INT64_C must be an integer literal. | diff --git a/c/misra/test/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.expected b/c/misra/test/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.expected index 9d8c525527..320b6dd208 100644 --- a/c/misra/test/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.expected +++ b/c/misra/test/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.expected @@ -1,2 +1,3 @@ -| test.c:12:13:12:15 | 1.0 | Integer constant macro arguments must be a decimal, octal, or hex integer literal. | -| test.c:13:13:13:17 | 7 | Integer constant macro arguments must be a decimal, octal, or hex integer literal. | \ No newline at end of file +| test.c:12:13:12:15 | 1.0 | Integer constant macro UINT8_C used with floating point literal argument, only decimal, octal, or hex integer literal allowed. | +| test.c:13:13:13:16 | - ... | Integer constant macro UINT8_C used with floating point literal argument, only decimal, octal, or hex integer literal allowed. | +| test.c:14:13:14:17 | 7 | Integer constant macro UINT8_C used with binary literal argument, only decimal, octal, or hex integer literal allowed. | diff --git a/c/misra/test/rules/RULE-7-5/test.c b/c/misra/test/rules/RULE-7-5/test.c index 027ecb1827..db145a844b 100644 --- a/c/misra/test/rules/RULE-7-5/test.c +++ b/c/misra/test/rules/RULE-7-5/test.c @@ -9,15 +9,19 @@ uint_least8_t g1[] = { UINT8_C(034), // COMPLIANT // Incorrect literal types - UINT8_C(1.0), // NON-COMPLIANT - UINT8_C(0b111), // NON-COMPLIANT + UINT8_C(1.0), // NON-COMPLIANT + UINT8_C(-1.0), // NON-COMPLIANT + UINT8_C(0b111), // NON-COMPLIANT + UINT8_C(-0b111), // NON-COMPLIANT // Suffixes disallowed - UINT8_C(1u), // NON-COMPLIANT - UINT8_C(2U), // NON-COMPLIANT - UINT8_C(3l), // NON-COMPLIANT - UINT8_C(4L), // NON-COMPLIANT - UINT8_C(5ul), // NON-COMPLIANT + UINT8_C(1u), // NON-COMPLIANT + UINT8_C(2U), // NON-COMPLIANT + UINT8_C(3l), // NON-COMPLIANT + UINT8_C(4L), // NON-COMPLIANT + UINT8_C(5ul), // NON-COMPLIANT + UINT8_C(5ll), // NON-COMPLIANT + UINT8_C(5ull), // NON-COMPLIANT // Range tests UINT8_C(255), // COMPLIANT diff --git a/cpp/common/src/codingstandards/cpp/IntegerConstantMacro.qll b/cpp/common/src/codingstandards/cpp/IntegerConstantMacro.qll index e38293c8cb..c82024f2f0 100644 --- a/cpp/common/src/codingstandards/cpp/IntegerConstantMacro.qll +++ b/cpp/common/src/codingstandards/cpp/IntegerConstantMacro.qll @@ -32,4 +32,8 @@ class IntegerConstantMacro extends Macro { or signed = false and result = 0 } + + string getRangeString() { + result = minValue().toString() + ".." + maxValue().toString() + } } From d763b9109aa9f05fda75a2e5fe8ea2fec5f6737d Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Wed, 2 Oct 2024 11:40:45 -0700 Subject: [PATCH 2092/2573] Fix format in IntegerConstantMacro.qll --- cpp/common/src/codingstandards/cpp/IntegerConstantMacro.qll | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/IntegerConstantMacro.qll b/cpp/common/src/codingstandards/cpp/IntegerConstantMacro.qll index c82024f2f0..8f3fff1e1b 100644 --- a/cpp/common/src/codingstandards/cpp/IntegerConstantMacro.qll +++ b/cpp/common/src/codingstandards/cpp/IntegerConstantMacro.qll @@ -33,7 +33,5 @@ class IntegerConstantMacro extends Macro { signed = false and result = 0 } - string getRangeString() { - result = minValue().toString() + ".." + maxValue().toString() - } + string getRangeString() { result = minValue().toString() + ".." + maxValue().toString() } } From fdaacc76086c38045c3a335c063d782c38a7e31b Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Wed, 2 Oct 2024 13:44:39 -0700 Subject: [PATCH 2093/2573] Reject char literals, add false negatives for macros. --- .../IntegerConstantMacroArgumentUsesSuffix.ql | 9 ++- .../InvalidIntegerConstantMacroArgument.ql | 2 +- ...dLiteralForIntegerConstantMacroArgument.ql | 28 ++++++--- ...SizedIntegerConstantMacroArgument.expected | 61 ++++++++++--------- ...erConstantMacroArgumentUsesSuffix.expected | 14 ++--- ...validIntegerConstantMacroArgument.expected | 10 +-- ...alForIntegerConstantMacroArgument.expected | 10 ++- c/misra/test/rules/RULE-7-5/test.c | 11 ++++ 8 files changed, 88 insertions(+), 57 deletions(-) diff --git a/c/misra/src/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.ql b/c/misra/src/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.ql index 15243ecb29..3b58cf7a92 100644 --- a/c/misra/src/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.ql +++ b/c/misra/src/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.ql @@ -3,8 +3,8 @@ * @name RULE-7-5: The argument of an integer constant macro shall not use literal suffixes u, l, or ul * @description Integer constant macros should be used integer literal values with no u/l suffix. * @kind problem - * @precision very-high - * @problem.severity error + * @precision high + * @problem.severity warning * @tags external/misra/id/rule-7-5 * readability * maintainability @@ -17,7 +17,10 @@ import codingstandards.cpp.IntegerConstantMacro import codingstandards.cpp.Literals string argumentSuffix(MacroInvocation invoke) { - result = invoke.getUnexpandedArgument(0).regexpCapture(".*[^uUlL]([uUlL]+)$", 1) + // Compiler strips the suffix unless we look at the unexpanded argument text. + // Unexpanded argument text can be malformed in all sorts of ways, so make + // this match relatively strict, to be safe. + result = invoke.getUnexpandedArgument(0).regexpCapture("([0-9]+|0[xX][0-9A-F]+)([uUlL]+)$", 2) } from MacroInvocation invoke, PossiblyNegativeLiteral argument, string suffix diff --git a/c/misra/src/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.ql b/c/misra/src/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.ql index 7b20159bb0..851569899e 100644 --- a/c/misra/src/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.ql +++ b/c/misra/src/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.ql @@ -4,7 +4,7 @@ * @description Integer constant macros should be given a literal value as an argument. * @kind problem * @precision very-high - * @problem.severity error + * @problem.severity warning * @tags external/misra/id/rule-7-5 * correctness * external/misra/obligation/required diff --git a/c/misra/src/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.ql b/c/misra/src/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.ql index 9d3cd33d00..e333adfb7e 100644 --- a/c/misra/src/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.ql +++ b/c/misra/src/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.ql @@ -34,19 +34,30 @@ predicate validLiteralType(PossiblyNegativeLiteral literal) { * Detect this pattern before macro expansion. */ predicate seemsBinaryLiteral(MacroInvocation invoke) { - invoke.getUnexpandedArgument(0).regexpMatch("0[bB][01]+") + invoke.getUnexpandedArgument(0).regexpMatch("-?0[bB][01]+") +} + +/** + * Extractor converts `xINTsize_C('a')` to a decimal literal. Therefore, detect + * this pattern before macro expansion. + */ +predicate seemsCharLiteral(MacroInvocation invoke) { + invoke.getUnexpandedArgument(0).regexpMatch("-?'\\\\?.'") } string explainIncorrectArgument(MacroInvocation invoke) { if seemsBinaryLiteral(invoke) then result = "binary literal" else - exists(PossiblyNegativeLiteral literal | - literal = invoke.getExpr() and - if literal.getBaseLiteral() instanceof Cpp14Literal::FloatingLiteral - then result = "floating point literal" - else result = "invalid literal" - ) + if seemsCharLiteral(invoke) + then result = "char literal" + else + exists(PossiblyNegativeLiteral literal | + literal = invoke.getExpr() and + if literal.getBaseLiteral() instanceof Cpp14Literal::FloatingLiteral + then result = "floating point literal" + else result = "invalid literal" + ) } from MacroInvocation invoke, PossiblyNegativeLiteral literal @@ -56,7 +67,8 @@ where literal = invoke.getExpr() and ( not validLiteralType(literal) or - seemsBinaryLiteral(invoke) + seemsBinaryLiteral(invoke) or + seemsCharLiteral(invoke) ) select literal, "Integer constant macro " + invoke.getMacroName() + " used with " + diff --git a/c/misra/test/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.expected b/c/misra/test/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.expected index 08816f8351..d3724e21a4 100644 --- a/c/misra/test/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.expected +++ b/c/misra/test/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.expected @@ -1,30 +1,31 @@ -| test.c:13:13:13:16 | - ... | Value provided to integer constant macro UINT8_C cannot be negative | -| test.c:15:13:15:18 | - ... | Value provided to integer constant macro UINT8_C cannot be negative | -| test.c:30:13:30:15 | 256 | Value provided to integer constant macro UINT8_C is outside of the allowed range 0..255 | -| test.c:31:13:31:16 | 256 | Value provided to integer constant macro UINT8_C is outside of the allowed range 0..255 | -| test.c:32:13:32:17 | 256 | Value provided to integer constant macro UINT8_C is outside of the allowed range 0..255 | -| test.c:35:13:35:14 | - ... | Value provided to integer constant macro UINT8_C cannot be negative | -| test.c:36:13:36:15 | - ... | Value provided to integer constant macro UINT8_C cannot be negative | -| test.c:37:13:37:15 | - ... | Value provided to integer constant macro UINT8_C cannot be negative | -| test.c:38:13:38:17 | - ... | Value provided to integer constant macro UINT8_C cannot be negative | -| test.c:59:12:59:14 | 128 | Value provided to integer constant macro INT8_C is outside of the allowed range -128..127 | -| test.c:60:12:60:15 | 128 | Value provided to integer constant macro INT8_C is outside of the allowed range -128..127 | -| test.c:61:12:61:15 | 128 | Value provided to integer constant macro INT8_C is outside of the allowed range -128..127 | -| test.c:65:12:65:15 | - ... | Value provided to integer constant macro INT8_C is outside of the allowed range -128..127 | -| test.c:66:12:66:16 | - ... | Value provided to integer constant macro INT8_C is outside of the allowed range -128..127 | -| test.c:67:12:67:16 | - ... | Value provided to integer constant macro INT8_C is outside of the allowed range -128..127 | -| test.c:80:14:80:18 | 65536 | Value provided to integer constant macro UINT16_C is outside of the allowed range 0..65535 | -| test.c:81:14:81:20 | 65536 | Value provided to integer constant macro UINT16_C is outside of the allowed range 0..65535 | -| test.c:82:14:82:20 | 65536 | Value provided to integer constant macro UINT16_C is outside of the allowed range 0..65535 | -| test.c:95:13:95:17 | 32768 | Value provided to integer constant macro INT16_C is outside of the allowed range -32768..32767 | -| test.c:96:13:96:19 | 32768 | Value provided to integer constant macro INT16_C is outside of the allowed range -32768..32767 | -| test.c:97:13:97:18 | 32768 | Value provided to integer constant macro INT16_C is outside of the allowed range -32768..32767 | -| test.c:101:13:101:18 | - ... | Value provided to integer constant macro INT16_C is outside of the allowed range -32768..32767 | -| test.c:102:13:102:20 | - ... | Value provided to integer constant macro INT16_C is outside of the allowed range -32768..32767 | -| test.c:103:13:103:19 | - ... | Value provided to integer constant macro INT16_C is outside of the allowed range -32768..32767 | -| test.c:113:14:113:24 | 4294967296 | Value provided to integer constant macro UINT32_C is outside of the allowed range 0..4294967295 | -| test.c:114:14:114:25 | 4294967296 | Value provided to integer constant macro UINT32_C is outside of the allowed range 0..4294967295 | -| test.c:124:13:124:22 | 2147483648 | Value provided to integer constant macro INT32_C is outside of the allowed range -2147483648..2147483647 | -| test.c:125:13:125:22 | 2147483648 | Value provided to integer constant macro INT32_C is outside of the allowed range -2147483648..2147483647 | -| test.c:128:13:128:23 | - ... | Value provided to integer constant macro INT32_C is outside of the allowed range -2147483648..2147483647 | -| test.c:129:13:129:23 | - ... | Value provided to integer constant macro INT32_C is outside of the allowed range -2147483648..2147483647 | +| test.c:17:13:17:16 | - ... | Value provided to integer constant macro UINT8_C cannot be negative | +| test.c:19:13:19:18 | - ... | Value provided to integer constant macro UINT8_C cannot be negative | +| test.c:21:13:21:16 | - ... | Value provided to integer constant macro UINT8_C cannot be negative | +| test.c:37:13:37:15 | 256 | Value provided to integer constant macro UINT8_C is outside of the allowed range 0..255 | +| test.c:38:13:38:16 | 256 | Value provided to integer constant macro UINT8_C is outside of the allowed range 0..255 | +| test.c:39:13:39:17 | 256 | Value provided to integer constant macro UINT8_C is outside of the allowed range 0..255 | +| test.c:42:13:42:14 | - ... | Value provided to integer constant macro UINT8_C cannot be negative | +| test.c:43:13:43:15 | - ... | Value provided to integer constant macro UINT8_C cannot be negative | +| test.c:44:13:44:15 | - ... | Value provided to integer constant macro UINT8_C cannot be negative | +| test.c:45:13:45:17 | - ... | Value provided to integer constant macro UINT8_C cannot be negative | +| test.c:70:12:70:14 | 128 | Value provided to integer constant macro INT8_C is outside of the allowed range -128..127 | +| test.c:71:12:71:15 | 128 | Value provided to integer constant macro INT8_C is outside of the allowed range -128..127 | +| test.c:72:12:72:15 | 128 | Value provided to integer constant macro INT8_C is outside of the allowed range -128..127 | +| test.c:76:12:76:15 | - ... | Value provided to integer constant macro INT8_C is outside of the allowed range -128..127 | +| test.c:77:12:77:16 | - ... | Value provided to integer constant macro INT8_C is outside of the allowed range -128..127 | +| test.c:78:12:78:16 | - ... | Value provided to integer constant macro INT8_C is outside of the allowed range -128..127 | +| test.c:91:14:91:18 | 65536 | Value provided to integer constant macro UINT16_C is outside of the allowed range 0..65535 | +| test.c:92:14:92:20 | 65536 | Value provided to integer constant macro UINT16_C is outside of the allowed range 0..65535 | +| test.c:93:14:93:20 | 65536 | Value provided to integer constant macro UINT16_C is outside of the allowed range 0..65535 | +| test.c:106:13:106:17 | 32768 | Value provided to integer constant macro INT16_C is outside of the allowed range -32768..32767 | +| test.c:107:13:107:19 | 32768 | Value provided to integer constant macro INT16_C is outside of the allowed range -32768..32767 | +| test.c:108:13:108:18 | 32768 | Value provided to integer constant macro INT16_C is outside of the allowed range -32768..32767 | +| test.c:112:13:112:18 | - ... | Value provided to integer constant macro INT16_C is outside of the allowed range -32768..32767 | +| test.c:113:13:113:20 | - ... | Value provided to integer constant macro INT16_C is outside of the allowed range -32768..32767 | +| test.c:114:13:114:19 | - ... | Value provided to integer constant macro INT16_C is outside of the allowed range -32768..32767 | +| test.c:124:14:124:24 | 4294967296 | Value provided to integer constant macro UINT32_C is outside of the allowed range 0..4294967295 | +| test.c:125:14:125:25 | 4294967296 | Value provided to integer constant macro UINT32_C is outside of the allowed range 0..4294967295 | +| test.c:135:13:135:22 | 2147483648 | Value provided to integer constant macro INT32_C is outside of the allowed range -2147483648..2147483647 | +| test.c:136:13:136:22 | 2147483648 | Value provided to integer constant macro INT32_C is outside of the allowed range -2147483648..2147483647 | +| test.c:139:13:139:23 | - ... | Value provided to integer constant macro INT32_C is outside of the allowed range -2147483648..2147483647 | +| test.c:140:13:140:23 | - ... | Value provided to integer constant macro INT32_C is outside of the allowed range -2147483648..2147483647 | diff --git a/c/misra/test/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.expected b/c/misra/test/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.expected index 52adf1233e..97a35dd977 100644 --- a/c/misra/test/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.expected +++ b/c/misra/test/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.expected @@ -1,7 +1,7 @@ -| test.c:18:13:18:14 | 1 | Value suffix 'u' is not allowed on provided argument to integer constant macro UINT8_C. | -| test.c:19:13:19:14 | 2 | Value suffix 'U' is not allowed on provided argument to integer constant macro UINT8_C. | -| test.c:20:13:20:14 | 3 | Value suffix 'l' is not allowed on provided argument to integer constant macro UINT8_C. | -| test.c:21:13:21:14 | 4 | Value suffix 'L' is not allowed on provided argument to integer constant macro UINT8_C. | -| test.c:22:13:22:15 | 5 | Value suffix 'ul' is not allowed on provided argument to integer constant macro UINT8_C. | -| test.c:23:13:23:15 | 5 | Value suffix 'll' is not allowed on provided argument to integer constant macro UINT8_C. | -| test.c:24:13:24:16 | 5 | Value suffix 'ull' is not allowed on provided argument to integer constant macro UINT8_C. | +| test.c:25:13:25:14 | 1 | Value suffix 'u' is not allowed on provided argument to integer constant macro UINT8_C. | +| test.c:26:13:26:14 | 2 | Value suffix 'U' is not allowed on provided argument to integer constant macro UINT8_C. | +| test.c:27:13:27:14 | 3 | Value suffix 'l' is not allowed on provided argument to integer constant macro UINT8_C. | +| test.c:28:13:28:14 | 4 | Value suffix 'L' is not allowed on provided argument to integer constant macro UINT8_C. | +| test.c:29:13:29:15 | 5 | Value suffix 'ul' is not allowed on provided argument to integer constant macro UINT8_C. | +| test.c:30:13:30:15 | 5 | Value suffix 'll' is not allowed on provided argument to integer constant macro UINT8_C. | +| test.c:31:13:31:16 | 5 | Value suffix 'ull' is not allowed on provided argument to integer constant macro UINT8_C. | diff --git a/c/misra/test/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.expected b/c/misra/test/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.expected index b3191fa74c..44b5d78994 100644 --- a/c/misra/test/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.expected +++ b/c/misra/test/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.expected @@ -1,5 +1,5 @@ -| test.c:41:13:41:17 | ... + ... | Argument to integer constant macro UINT8_C must be an integer literal. | -| test.c:42:13:42:18 | access to array | Argument to integer constant macro UINT8_C must be an integer literal. | -| test.c:43:13:43:19 | access to array | Argument to integer constant macro UINT8_C must be an integer literal. | -| test.c:156:13:156:37 | ... - ... | Argument to integer constant macro INT64_C must be an integer literal. | -| test.c:157:13:157:47 | ... - ... | Argument to integer constant macro INT64_C must be an integer literal. | +| test.c:48:13:48:17 | ... + ... | Argument to integer constant macro UINT8_C must be an integer literal. | +| test.c:49:13:49:18 | access to array | Argument to integer constant macro UINT8_C must be an integer literal. | +| test.c:50:13:50:19 | access to array | Argument to integer constant macro UINT8_C must be an integer literal. | +| test.c:167:13:167:37 | ... - ... | Argument to integer constant macro INT64_C must be an integer literal. | +| test.c:168:13:168:47 | ... - ... | Argument to integer constant macro INT64_C must be an integer literal. | diff --git a/c/misra/test/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.expected b/c/misra/test/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.expected index 320b6dd208..ee5b75cb91 100644 --- a/c/misra/test/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.expected +++ b/c/misra/test/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.expected @@ -1,3 +1,7 @@ -| test.c:12:13:12:15 | 1.0 | Integer constant macro UINT8_C used with floating point literal argument, only decimal, octal, or hex integer literal allowed. | -| test.c:13:13:13:16 | - ... | Integer constant macro UINT8_C used with floating point literal argument, only decimal, octal, or hex integer literal allowed. | -| test.c:14:13:14:17 | 7 | Integer constant macro UINT8_C used with binary literal argument, only decimal, octal, or hex integer literal allowed. | +| test.c:16:13:16:15 | 1.0 | Integer constant macro UINT8_C used with floating point literal argument, only decimal, octal, or hex integer literal allowed. | +| test.c:17:13:17:16 | - ... | Integer constant macro UINT8_C used with floating point literal argument, only decimal, octal, or hex integer literal allowed. | +| test.c:18:13:18:17 | 7 | Integer constant macro UINT8_C used with binary literal argument, only decimal, octal, or hex integer literal allowed. | +| test.c:19:13:19:18 | - ... | Integer constant macro UINT8_C used with binary literal argument, only decimal, octal, or hex integer literal allowed. | +| test.c:20:13:20:15 | 97 | Integer constant macro UINT8_C used with char literal argument, only decimal, octal, or hex integer literal allowed. | +| test.c:21:13:21:16 | - ... | Integer constant macro UINT8_C used with char literal argument, only decimal, octal, or hex integer literal allowed. | +| test.c:22:13:22:16 | 10 | Integer constant macro UINT8_C used with char literal argument, only decimal, octal, or hex integer literal allowed. | diff --git a/c/misra/test/rules/RULE-7-5/test.c b/c/misra/test/rules/RULE-7-5/test.c index db145a844b..432c6ceed5 100644 --- a/c/misra/test/rules/RULE-7-5/test.c +++ b/c/misra/test/rules/RULE-7-5/test.c @@ -1,5 +1,9 @@ +#include "stdbool.h" #include "stdint.h" +#define NULL 0 +#define NULLPTR ((void *)NULL) + uint_least8_t g1[] = { // Basic valid UINT8_C(0), // COMPLIANT @@ -13,6 +17,9 @@ uint_least8_t g1[] = { UINT8_C(-1.0), // NON-COMPLIANT UINT8_C(0b111), // NON-COMPLIANT UINT8_C(-0b111), // NON-COMPLIANT + UINT8_C('a'), // NON-COMPLIANT + UINT8_C(-'$'), // NON-COMPLIANT + UINT8_C('\n'), // NON-COMPLIANT // Suffixes disallowed UINT8_C(1u), // NON-COMPLIANT @@ -42,6 +49,10 @@ uint_least8_t g1[] = { UINT8_C("a"[0]), // NON-COMPLIANT UINT8_C(0 ["a"]), // NON-COMPLIANT UINT8_C(UINT8_MAX), // COMPLIANT + UINT8_C(true), // NON-COMPLIANT[False Negative] + UINT8_C(false), // NON-COMPLIANT[False Negative] + UINT8_C(NULL), // NON-COMPLIANT[False Negative] + UINT8_C(NULLPTR), // NON-COMPLIANT[False Negative] }; int_least8_t g2[] = { From 51098868065d90d55b7e83874241de40ea7e81cb Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Wed, 2 Oct 2024 13:53:27 -0700 Subject: [PATCH 2094/2573] Fix types2 package json vs query --- rule_packages/c/Types2.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/rule_packages/c/Types2.json b/rule_packages/c/Types2.json index 4c4aaaaa7a..7489a99de5 100644 --- a/rule_packages/c/Types2.json +++ b/rule_packages/c/Types2.json @@ -31,8 +31,8 @@ "description": "Integer constant macros should be used integer literal values with no u/l suffix.", "kind": "problem", "name": "The argument of an integer constant macro shall not use literal suffixes u, l, or ul", - "precision": "very-high", - "severity": "error", + "precision": "high", + "severity": "warning", "short_name": "IntegerConstantMacroArgumentUsesSuffix", "tags": [ "readability", From 3012bfaf3e1d113f3f5d5f9bbfb4b9738c3e2f65 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Wed, 2 Oct 2024 14:32:01 -0700 Subject: [PATCH 2095/2573] Fix package file consistency, c format --- c/misra/test/rules/RULE-7-5/test.c | 2 +- rule_packages/c/Types2.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/c/misra/test/rules/RULE-7-5/test.c b/c/misra/test/rules/RULE-7-5/test.c index 432c6ceed5..fad34ac160 100644 --- a/c/misra/test/rules/RULE-7-5/test.c +++ b/c/misra/test/rules/RULE-7-5/test.c @@ -19,7 +19,7 @@ uint_least8_t g1[] = { UINT8_C(-0b111), // NON-COMPLIANT UINT8_C('a'), // NON-COMPLIANT UINT8_C(-'$'), // NON-COMPLIANT - UINT8_C('\n'), // NON-COMPLIANT + UINT8_C('\n'), // NON-COMPLIANT // Suffixes disallowed UINT8_C(1u), // NON-COMPLIANT diff --git a/rule_packages/c/Types2.json b/rule_packages/c/Types2.json index 7489a99de5..efed56c511 100644 --- a/rule_packages/c/Types2.json +++ b/rule_packages/c/Types2.json @@ -10,7 +10,7 @@ "kind": "problem", "name": "The argument of an integer constant macro shall be a literal", "precision": "very-high", - "severity": "error", + "severity": "warning", "short_name": "InvalidIntegerConstantMacroArgument", "tags": [ "correctness" From 3708edfbefdc68ae9a9558ba4f4170b325e5bb55 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Wed, 2 Oct 2024 23:41:04 -0700 Subject: [PATCH 2096/2573] Reject macros inside (u)INT_C macros (eg, `1NT8_C(true)`) and remove exception Added exception to handle INT63_MIN as an addition expression, but that exception is actually quite dangerous and should be removed. --- .../InvalidIntegerConstantMacroArgument.ql | 24 ++++++------------ ...validIntegerConstantMacroArgument.expected | 7 ++++-- c/misra/test/rules/RULE-7-5/test.c | 25 ++++++++----------- 3 files changed, 24 insertions(+), 32 deletions(-) diff --git a/c/misra/src/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.ql b/c/misra/src/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.ql index 851569899e..9c35c3c2d6 100644 --- a/c/misra/src/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.ql +++ b/c/misra/src/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.ql @@ -16,27 +16,19 @@ import codingstandards.cpp.IntegerConstantMacro import codingstandards.cpp.Literals import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis -/** - * The max negative 64 bit signed integer is one less than the negative of the - * max positive signed 64 bit integer. The only way to create a "negative" - * literal is to use unary- negation of a positive literal. Therefore, clang - * (and likely other compilers) rejects `INT64_C(-92233...808)` but accepts - * `INT64_C(-92233...807 - 1)`. Therefore, in this case allow non-literal - * expressions. - */ -predicate specialMaxNegative64Exception(IntegerConstantMacro macro, Expr expr) { - macro.getSize() = 64 and - macro.isSigned() and - // Set a cutoff with precision, fix once BigInt library is available. - upperBound(expr) < macro.minValue() * 0.999999999 and - upperBound(expr) > macro.minValue() * 1.000000001 +predicate containsMacroInvocation(MacroInvocation outer, MacroInvocation inner) { + outer.getExpr() = inner.getExpr() and + exists(outer.getUnexpandedArgument(0).indexOf(inner.getMacroName())) } from MacroInvocation invoke, IntegerConstantMacro macro where not isExcluded(invoke, Types2Package::invalidIntegerConstantMacroArgumentQuery()) and invoke.getMacro() = macro and - not invoke.getExpr() instanceof PossiblyNegativeLiteral and - not specialMaxNegative64Exception(macro, invoke.getExpr()) + ( + not invoke.getExpr() instanceof PossiblyNegativeLiteral + or + containsMacroInvocation(invoke, _) + ) select invoke.getExpr(), "Argument to integer constant macro " + macro.getName() + " must be an integer literal." diff --git a/c/misra/test/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.expected b/c/misra/test/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.expected index 44b5d78994..b29228b6df 100644 --- a/c/misra/test/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.expected +++ b/c/misra/test/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.expected @@ -1,5 +1,8 @@ | test.c:48:13:48:17 | ... + ... | Argument to integer constant macro UINT8_C must be an integer literal. | | test.c:49:13:49:18 | access to array | Argument to integer constant macro UINT8_C must be an integer literal. | | test.c:50:13:50:19 | access to array | Argument to integer constant macro UINT8_C must be an integer literal. | -| test.c:167:13:167:37 | ... - ... | Argument to integer constant macro INT64_C must be an integer literal. | -| test.c:168:13:168:47 | ... - ... | Argument to integer constant macro INT64_C must be an integer literal. | +| test.c:51:5:51:22 | 255 | Argument to integer constant macro UINT8_C must be an integer literal. | +| test.c:52:5:52:17 | 1 | Argument to integer constant macro UINT8_C must be an integer literal. | +| test.c:53:5:53:18 | 0 | Argument to integer constant macro UINT8_C must be an integer literal. | +| test.c:54:5:54:17 | 0 | Argument to integer constant macro UINT8_C must be an integer literal. | +| test.c:55:5:55:20 | 0 | Argument to integer constant macro UINT8_C must be an integer literal. | diff --git a/c/misra/test/rules/RULE-7-5/test.c b/c/misra/test/rules/RULE-7-5/test.c index fad34ac160..a3fb4b60e4 100644 --- a/c/misra/test/rules/RULE-7-5/test.c +++ b/c/misra/test/rules/RULE-7-5/test.c @@ -48,11 +48,11 @@ uint_least8_t g1[] = { UINT8_C(0 + 0), // NON-COMPLIANT UINT8_C("a"[0]), // NON-COMPLIANT UINT8_C(0 ["a"]), // NON-COMPLIANT - UINT8_C(UINT8_MAX), // COMPLIANT - UINT8_C(true), // NON-COMPLIANT[False Negative] - UINT8_C(false), // NON-COMPLIANT[False Negative] - UINT8_C(NULL), // NON-COMPLIANT[False Negative] - UINT8_C(NULLPTR), // NON-COMPLIANT[False Negative] + UINT8_C(UINT8_MAX), // NON-COMPLIANT + UINT8_C(true), // NON-COMPLIANT + UINT8_C(false), // NON-COMPLIANT + UINT8_C(NULL), // NON-COMPLIANT + UINT8_C(NULLPTR), // NON-COMPLIANT }; int_least8_t g2[] = { @@ -158,20 +158,17 @@ int_least64_t g8[] = { INT64_C(9223372036854775807), // COMPLIANT // INT64_C(9223372036854775808) is a compile-time error - // -9223372036854775808 allowed, but cannot be created via unary- without - // compile time errors. - INT64_C(-9223372036854775807), // COMPLIANT - INT64_C(-9223372036854775807 - 1), // COMPLIANT - // -9223372036854775809 is not allowed, and cannot be created via unary- - // without compile time errors. - INT64_C(-9223372036854775807 - 2), // NON-COMPLIANT - INT64_C(-9223372036854775807 - 20000000000), // NON-COMPLIANT + INT64_C(-9223372036854775807), // COMPLIANT + // -9223372036854775808 is correctly sized, but not a valid decimal literal + // value. + // -9223372036854775809 is not correctly sized, and not a valid decimal + // literal value. INT64_C(0x7FFFFFFFFFFFFFFF), // COMPLIANT INT64_C(0x8000000000000000), // NON-COMPLIANT[FALSE NEGATIVE] INT64_C(-0x8000000000000000), // COMPLIANT INT64_C(-0x8000000000000001), // NON-COMPLIANT[FALSE NEGATIVE] - INT64_C(-0x8001000000000000), // NON-COMPLIANT + INT64_C(-0x8001000000000000), // NON-COMPLIANT[FALSE NEGATIVE] }; // Other edge cases: From 445d18e9c9d42b0c399624b655e0480f8b1385ac Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 4 Oct 2024 23:33:39 -0700 Subject: [PATCH 2097/2573] Add misra c 2012 amendment3 tag --- rule_packages/c/Types2.json | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/rule_packages/c/Types2.json b/rule_packages/c/Types2.json index efed56c511..7e4c0827fe 100644 --- a/rule_packages/c/Types2.json +++ b/rule_packages/c/Types2.json @@ -13,7 +13,8 @@ "severity": "warning", "short_name": "InvalidIntegerConstantMacroArgument", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/amendment3" ] }, { @@ -24,7 +25,8 @@ "severity": "error", "short_name": "InvalidLiteralForIntegerConstantMacroArgument", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/amendment3" ] }, { @@ -36,7 +38,8 @@ "short_name": "IntegerConstantMacroArgumentUsesSuffix", "tags": [ "readability", - "maintainability" + "maintainability", + "external/misra/c/2012/amendment3" ] }, { @@ -47,7 +50,8 @@ "severity": "error", "short_name": "IncorrectlySizedIntegerConstantMacroArgument", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/amendment3" ], "implementation_scope": { "description": "This rule can validate integers sized 32 or smaller. When the CodeQL runtime supports big ints, this will be expanded to include 64 bit integer types." @@ -69,7 +73,8 @@ "severity": "warning", "short_name": "UseOfBannedSmallIntegerConstantMacro", "tags": [ - "readability" + "readability", + "external/misra/c/2012/amendment3" ] } ], From 07d28ef432bcd0d51047a6fb14bf8ac3b4b1bb13 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 4 Oct 2024 23:39:46 -0700 Subject: [PATCH 2098/2573] Regenerate query file tags --- .../RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.ql | 1 + .../src/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.ql | 1 + .../src/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.ql | 1 + .../RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.ql | 1 + .../src/rules/RULE-7-6/UseOfBannedSmallIntegerConstantMacro.ql | 1 + 5 files changed, 5 insertions(+) diff --git a/c/misra/src/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.ql b/c/misra/src/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.ql index 06a7eb7658..ac8cd56a7a 100644 --- a/c/misra/src/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.ql +++ b/c/misra/src/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.ql @@ -7,6 +7,7 @@ * @problem.severity error * @tags external/misra/id/rule-7-5 * correctness + * external/misra/c/2012/amendment3 * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.ql b/c/misra/src/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.ql index 3b58cf7a92..13e7ee6b7b 100644 --- a/c/misra/src/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.ql +++ b/c/misra/src/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.ql @@ -8,6 +8,7 @@ * @tags external/misra/id/rule-7-5 * readability * maintainability + * external/misra/c/2012/amendment3 * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.ql b/c/misra/src/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.ql index 9c35c3c2d6..40b66d0067 100644 --- a/c/misra/src/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.ql +++ b/c/misra/src/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.ql @@ -7,6 +7,7 @@ * @problem.severity warning * @tags external/misra/id/rule-7-5 * correctness + * external/misra/c/2012/amendment3 * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.ql b/c/misra/src/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.ql index e333adfb7e..e4e660c628 100644 --- a/c/misra/src/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.ql +++ b/c/misra/src/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.ql @@ -7,6 +7,7 @@ * @problem.severity error * @tags external/misra/id/rule-7-5 * correctness + * external/misra/c/2012/amendment3 * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-7-6/UseOfBannedSmallIntegerConstantMacro.ql b/c/misra/src/rules/RULE-7-6/UseOfBannedSmallIntegerConstantMacro.ql index 9a1844601b..47e88196d5 100644 --- a/c/misra/src/rules/RULE-7-6/UseOfBannedSmallIntegerConstantMacro.ql +++ b/c/misra/src/rules/RULE-7-6/UseOfBannedSmallIntegerConstantMacro.ql @@ -8,6 +8,7 @@ * @problem.severity warning * @tags external/misra/id/rule-7-6 * readability + * external/misra/c/2012/amendment3 * external/misra/obligation/required */ From 3520d1b9ec0209ed58fe02ba8bd6b885af898f8c Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Sat, 5 Oct 2024 00:08:41 -0700 Subject: [PATCH 2099/2573] Implement banned2 package, rule 21-24 ban rand() and srand(). --- .../RULE-21-24/CallToBannedRandomFunction.ql | 23 ++++++++++++++++ .../CallToBannedRandomFunction.expected | 2 ++ .../CallToBannedRandomFunction.qlref | 1 + c/misra/test/rules/RULE-21-24/test.c | 11 ++++++++ .../cpp/exclusions/c/Banned2.qll | 26 +++++++++++++++++++ .../cpp/exclusions/c/RuleMetadata.qll | 3 +++ rule_packages/c/Banned2.json | 24 +++++++++++++++++ 7 files changed, 90 insertions(+) create mode 100644 c/misra/src/rules/RULE-21-24/CallToBannedRandomFunction.ql create mode 100644 c/misra/test/rules/RULE-21-24/CallToBannedRandomFunction.expected create mode 100644 c/misra/test/rules/RULE-21-24/CallToBannedRandomFunction.qlref create mode 100644 c/misra/test/rules/RULE-21-24/test.c create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/Banned2.qll create mode 100644 rule_packages/c/Banned2.json diff --git a/c/misra/src/rules/RULE-21-24/CallToBannedRandomFunction.ql b/c/misra/src/rules/RULE-21-24/CallToBannedRandomFunction.ql new file mode 100644 index 0000000000..dda3dd4b9e --- /dev/null +++ b/c/misra/src/rules/RULE-21-24/CallToBannedRandomFunction.ql @@ -0,0 +1,23 @@ +/** + * @id c/misra/call-to-banned-random-function + * @name RULE-21-24: The random number generator functions of shall not be used + * @description The standard functions rand() and srand() will not give high quality random results + * in all implementations and is thus banned. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/misra/id/rule-21-24 + * security + * external/misra/c/2012/amendment3 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +from FunctionCall call, string name +where + not isExcluded(call, Banned2Package::callToBannedRandomFunctionQuery()) and + name = ["rand", "srand"] and + call.getTarget().hasGlobalOrStdName(name) +select call, "Call to banned random number generation function '" + name + "'." diff --git a/c/misra/test/rules/RULE-21-24/CallToBannedRandomFunction.expected b/c/misra/test/rules/RULE-21-24/CallToBannedRandomFunction.expected new file mode 100644 index 0000000000..b3953d166b --- /dev/null +++ b/c/misra/test/rules/RULE-21-24/CallToBannedRandomFunction.expected @@ -0,0 +1,2 @@ +| test.c:5:3:5:7 | call to srand | Call to banned random number generation function 'srand'. | +| test.c:6:11:6:14 | call to rand | Call to banned random number generation function 'rand'. | diff --git a/c/misra/test/rules/RULE-21-24/CallToBannedRandomFunction.qlref b/c/misra/test/rules/RULE-21-24/CallToBannedRandomFunction.qlref new file mode 100644 index 0000000000..b229c0e84f --- /dev/null +++ b/c/misra/test/rules/RULE-21-24/CallToBannedRandomFunction.qlref @@ -0,0 +1 @@ +rules/RULE-21-24/CallToBannedRandomFunction.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-24/test.c b/c/misra/test/rules/RULE-21-24/test.c new file mode 100644 index 0000000000..56cfae3cb1 --- /dev/null +++ b/c/misra/test/rules/RULE-21-24/test.c @@ -0,0 +1,11 @@ +#include "stdlib.h" + +void f() { + // rand() is banned -- and thus, so is srand(). + srand(0); // NON-COMPLIANT + int x = rand(); // NON-COMPLIANT + + // Other functions from stdlib are not banned by this rule. + x = abs(-4); // COMPLIANT + getenv("ENV_VAR"); // COMPLIANT +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Banned2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Banned2.qll new file mode 100644 index 0000000000..024aa9b76c --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Banned2.qll @@ -0,0 +1,26 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype Banned2Query = TCallToBannedRandomFunctionQuery() + +predicate isBanned2QueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `callToBannedRandomFunction` query + Banned2Package::callToBannedRandomFunctionQuery() and + queryId = + // `@id` for the `callToBannedRandomFunction` query + "c/misra/call-to-banned-random-function" and + ruleId = "RULE-21-24" and + category = "required" +} + +module Banned2Package { + Query callToBannedRandomFunctionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `callToBannedRandomFunction` query + TQueryC(TBanned2PackageQuery(TCallToBannedRandomFunctionQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index b10fbf0a2f..facc8c0420 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -3,6 +3,7 @@ import cpp import codingstandards.cpp.exclusions.RuleMetadata //** Import packages for this language **/ import Banned +import Banned2 import BitfieldTypes import BitfieldTypes2 import Concurrency1 @@ -76,6 +77,7 @@ import Types1 /** The TQuery type representing this language * */ newtype TCQuery = TBannedPackageQuery(BannedQuery q) or + TBanned2PackageQuery(Banned2Query q) or TBitfieldTypesPackageQuery(BitfieldTypesQuery q) or TBitfieldTypes2PackageQuery(BitfieldTypes2Query q) or TConcurrency1PackageQuery(Concurrency1Query q) or @@ -149,6 +151,7 @@ newtype TCQuery = /** The metadata predicate * */ predicate isQueryMetadata(Query query, string queryId, string ruleId, string category) { isBannedQueryMetadata(query, queryId, ruleId, category) or + isBanned2QueryMetadata(query, queryId, ruleId, category) or isBitfieldTypesQueryMetadata(query, queryId, ruleId, category) or isBitfieldTypes2QueryMetadata(query, queryId, ruleId, category) or isConcurrency1QueryMetadata(query, queryId, ruleId, category) or diff --git a/rule_packages/c/Banned2.json b/rule_packages/c/Banned2.json new file mode 100644 index 0000000000..461e269413 --- /dev/null +++ b/rule_packages/c/Banned2.json @@ -0,0 +1,24 @@ +{ + "MISRA-C-2012": { + "RULE-21-24": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "The standard functions rand() and srand() will not give high quality random results in all implementations and is thus banned.", + "kind": "problem", + "name": "The random number generator functions of shall not be used", + "precision": "very-high", + "severity": "warning", + "short_name": "CallToBannedRandomFunction", + "tags": [ + "security", + "external/misra/c/2012/amendment3" + ] + } + ], + "title": "The random number generator functions of shall not be used" + } + } +} \ No newline at end of file From cbeb018366a0fce1fa5d246d5299e1de905d1ee8 Mon Sep 17 00:00:00 2001 From: Fernando Jose Date: Mon, 7 Oct 2024 09:28:24 +0900 Subject: [PATCH 2100/2573] Add test cases to A0-1-1 useless assignment. --- .../test/rules/A0-1-1/UselessAssignment.expected | 2 ++ cpp/autosar/test/rules/A0-1-1/test.cpp | 14 +++++++++++++- 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/UselessAssignment.expected b/cpp/autosar/test/rules/A0-1-1/UselessAssignment.expected index bdd73be2eb..a38f3afddf 100644 --- a/cpp/autosar/test/rules/A0-1-1/UselessAssignment.expected +++ b/cpp/autosar/test/rules/A0-1-1/UselessAssignment.expected @@ -12,3 +12,5 @@ | test.cpp:94:11:94:17 | new | Definition of $@ is unused. | test.cpp:94:6:94:7 | b4 | b4 | | test.cpp:95:11:95:17 | 0 | Definition of $@ is unused. | test.cpp:95:6:95:7 | b5 | b5 | | test.cpp:103:11:103:17 | 0 | Definition of $@ is unused. | test.cpp:103:6:103:7 | c5 | c5 | +| test.cpp:132:43:132:45 | {...} | Definition of $@ is unused. | test.cpp:132:7:132:18 | unused_array | unused_array | +| test.cpp:134:29:134:31 | 0 | Definition of $@ is unused. | test.cpp:134:17:134:26 | unused_int | unused_int | diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index 021b1bf792..694396406a 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -123,4 +123,16 @@ template void test_range_based_for_loop_template() { // template elem; } -} \ No newline at end of file +} + +#include + +std::int32_t test_constexpr_array_size() { + constexpr int constexpr_array_size = 7; // COMPLIANT + int unused_array[constexpr_array_size] = {}; // NON_COMPLIANT + + constexpr int unused_int = {}; // NON_COMPLIANT + + std::int32_t used_array[] = {-1, 0, 1}; // COMPLIANT + return used_array[1]; +} From 97bf53af4294acb6afe3a0a794f4840e75c93bb1 Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Mon, 7 Oct 2024 10:21:03 +0900 Subject: [PATCH 2101/2573] Correct exclusion --- cpp/autosar/src/rules/M0-1-10/UnusedSplMemberFunction.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/src/rules/M0-1-10/UnusedSplMemberFunction.ql b/cpp/autosar/src/rules/M0-1-10/UnusedSplMemberFunction.ql index 9efa4bdfd1..03ddfbbd43 100644 --- a/cpp/autosar/src/rules/M0-1-10/UnusedSplMemberFunction.ql +++ b/cpp/autosar/src/rules/M0-1-10/UnusedSplMemberFunction.ql @@ -20,7 +20,7 @@ import codingstandards.cpp.deadcode.UnusedFunctions from UnusedFunctions::UnusedSplMemberFunction unusedSplMemFunction, string name where - not isExcluded(unusedSplMemberFunctionQuery, DeadCodePackage::unusedFunctionQuery()) and + not isExcluded(DeadCodePackage::unusedSplMemberFunctionQuery(), DeadCodePackage::unusedFunctionQuery()) and ( if exists(unusedSplMemFunction.getQualifiedName()) then name = unusedSplMemFunction.getQualifiedName() From c5cdf0e0b7e40239966e5bfb0127264f0b1e5627 Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Mon, 7 Oct 2024 14:21:19 +0900 Subject: [PATCH 2102/2573] Add GoogleTest stub and test cases --- .../M0-1-10/UnusedSplMemberFunction.expected | 1 + cpp/autosar/test/rules/M0-1-10/test.cpp | 19 ++++++++++++ .../cpp/EncapsulatingFunctions.qll | 5 ++-- .../custom-library/gtest/gtest-internal.h | 29 +++++++++++++++++++ .../includes/custom-library/gtest/gtest.h | 28 ++++++++++++++++++ cpp/options | 2 +- 6 files changed, 81 insertions(+), 3 deletions(-) create mode 100644 cpp/common/test/includes/custom-library/gtest/gtest-internal.h create mode 100644 cpp/common/test/includes/custom-library/gtest/gtest.h diff --git a/cpp/autosar/test/rules/M0-1-10/UnusedSplMemberFunction.expected b/cpp/autosar/test/rules/M0-1-10/UnusedSplMemberFunction.expected index e2bf0acc79..f26e8dfe33 100644 --- a/cpp/autosar/test/rules/M0-1-10/UnusedSplMemberFunction.expected +++ b/cpp/autosar/test/rules/M0-1-10/UnusedSplMemberFunction.expected @@ -1,2 +1,3 @@ | test.cpp:71:5:71:16 | ANestedClass | Special member function ANestedClass is never called. | | test.cpp:82:5:82:22 | AnotherNestedClass | Special member function AnotherNestedClass is never called from a main function or entry point. | +| test.cpp:155:1:157:37 | ~sample_test_called_from_google_test_function_Test | Special member function sample_test_called_from_google_test_function_Test::~sample_test_called_from_google_test_function_Test is never called. | diff --git a/cpp/autosar/test/rules/M0-1-10/test.cpp b/cpp/autosar/test/rules/M0-1-10/test.cpp index 6e1220be5d..27534590fd 100644 --- a/cpp/autosar/test/rules/M0-1-10/test.cpp +++ b/cpp/autosar/test/rules/M0-1-10/test.cpp @@ -142,3 +142,22 @@ class M { public: M(const M &) = delete; // COMPLIANT - ignore if deleted }; + +#include +int called_from_google_test_function( + int a_param) // COMPLIANT - called from TEST +{ + int something = a_param; + something++; + return something; +} + +TEST( + sample_test, + called_from_google_test_function) // COMPLIANT - False positive! + // ~sample_test_called_from_google_test_function_Test +{ + bool pass = false; + if (called_from_google_test_function(0) >= 10) + pass = true; +} diff --git a/cpp/common/src/codingstandards/cpp/EncapsulatingFunctions.qll b/cpp/common/src/codingstandards/cpp/EncapsulatingFunctions.qll index ad11bea21c..7b2d715d01 100644 --- a/cpp/common/src/codingstandards/cpp/EncapsulatingFunctions.qll +++ b/cpp/common/src/codingstandards/cpp/EncapsulatingFunctions.qll @@ -39,8 +39,9 @@ class GoogleTestFunction extends MainLikeFunction { base.getNamespace().hasName("testing") ) or - // or at a location in a file called "gtest.h". - base.getDefinitionLocation().getFile().getBaseName() = "gtest.h" + // or at a location in a file called gtest.h (or gtest-internal.h, + // gtest-typed-test.h etc). + base.getDefinitionLocation().getFile().getBaseName().regexpMatch("gtest*.h") ) } } diff --git a/cpp/common/test/includes/custom-library/gtest/gtest-internal.h b/cpp/common/test/includes/custom-library/gtest/gtest-internal.h new file mode 100644 index 0000000000..31d47b714f --- /dev/null +++ b/cpp/common/test/includes/custom-library/gtest/gtest-internal.h @@ -0,0 +1,29 @@ +#ifndef GOOGLETEST_INCLUDE_GTEST_INTERNAL_GTEST_INTERNAL_H_ +#define GOOGLETEST_INCLUDE_GTEST_INTERNAL_GTEST_INTERNAL_H_ + +#define GTEST_TEST_CLASS_NAME_(test_suite_name, test_name) \ + test_suite_name##_##test_name##_Test + +#define GTEST_TEST_(test_suite_name, test_name, parent_class) \ + class GTEST_TEST_CLASS_NAME_(test_suite_name, test_name) \ + : public parent_class { \ + public: \ + GTEST_TEST_CLASS_NAME_(test_suite_name, test_name)() = default; \ + ~GTEST_TEST_CLASS_NAME_(test_suite_name, test_name)() override = default; \ + GTEST_TEST_CLASS_NAME_(test_suite_name, test_name) \ + (const GTEST_TEST_CLASS_NAME_(test_suite_name, test_name) &) = delete; \ + GTEST_TEST_CLASS_NAME_(test_suite_name, test_name) & operator=( \ + const GTEST_TEST_CLASS_NAME_(test_suite_name, \ + test_name) &) = delete; /* NOLINT */ \ + GTEST_TEST_CLASS_NAME_(test_suite_name, test_name) \ + (GTEST_TEST_CLASS_NAME_(test_suite_name, test_name) &&) noexcept = delete; \ + GTEST_TEST_CLASS_NAME_(test_suite_name, test_name) & operator=( \ + GTEST_TEST_CLASS_NAME_(test_suite_name, \ + test_name) &&) noexcept = delete; /* NOLINT */ \ + \ + private: \ + void TestBody() override; \ + }; \ + void GTEST_TEST_CLASS_NAME_(test_suite_name, test_name)::TestBody() \ + +#endif // GOOGLETEST_INCLUDE_GTEST_INTERNAL_GTEST_INTERNAL_H_ diff --git a/cpp/common/test/includes/custom-library/gtest/gtest.h b/cpp/common/test/includes/custom-library/gtest/gtest.h new file mode 100644 index 0000000000..65fce9fc5a --- /dev/null +++ b/cpp/common/test/includes/custom-library/gtest/gtest.h @@ -0,0 +1,28 @@ +#ifndef GOOGLETEST_INCLUDE_GTEST_GTEST_H_ +#define GOOGLETEST_INCLUDE_GTEST_GTEST_H_ + +#include "gtest/gtest-internal.h" + +namespace testing { + +class Test +{ + public: + virtual ~Test(); + protected: + // Creates a Test object. + Test(); + private: + virtual void TestBody() = 0; + Test(const Test&) = delete; + Test& operator=(const Test&) = delete; +}; + +#define GTEST_TEST(test_suite_name, test_name) \ + GTEST_TEST_(test_suite_name, test_name, ::testing::Test) + +#define TEST(test_suite_name, test_name) GTEST_TEST(test_suite_name, test_name) + +} // namespace testing + +#endif // GOOGLETEST_INCLUDE_GTEST_GTEST_H_ diff --git a/cpp/options b/cpp/options index 1f8961ecda..44267e9323 100644 --- a/cpp/options +++ b/cpp/options @@ -1 +1 @@ -semmle-extractor-options:--clang -std=c++14 -nostdinc++ -I../../../../common/test/includes/standard-library -I../../../../common/test/includes/custom-library \ No newline at end of file +semmle-extractor-options:--clang -std=c++14 -nostdinc++ -I../../../../common/test/includes/standard-library -I../../../../common/test/includes/custom-library From b3ca674febc91551b08656e02985685701b38305 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 7 Oct 2024 10:19:42 +0100 Subject: [PATCH 2103/2573] Switch to workflow dispatch for cross repo testing The PR testing jobs were still using repository dispatch, but the target workflows had changed to use workflow dispatch. --- .github/workflows/dispatch-matrix-check.yml | 50 ------------------- .../dispatch-matrix-test-on-comment.yml | 19 ++++--- .../dispatch-release-performance-check.yml | 19 ++++--- 3 files changed, 24 insertions(+), 64 deletions(-) delete mode 100644 .github/workflows/dispatch-matrix-check.yml diff --git a/.github/workflows/dispatch-matrix-check.yml b/.github/workflows/dispatch-matrix-check.yml deleted file mode 100644 index 845a8fc4ae..0000000000 --- a/.github/workflows/dispatch-matrix-check.yml +++ /dev/null @@ -1,50 +0,0 @@ -name: 🤖 Run Matrix Check - -on: - pull_request_target: - types: [synchronize, opened] - branches: - - "matrix/**" - workflow_dispatch: - -jobs: - dispatch-matrix-check: - runs-on: ubuntu-22.04 - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - - name: Check permission - id: check-write-permission - uses: ./.github/actions/check-permissions - with: - minimum-permission: "write" - - - name: Generate token - id: generate-token - uses: actions/create-github-app-token@v1 - with: - app-id: ${{ vars.AUTOMATION_APP_ID }} - private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} - owner: ${{ github.repository_owner }} - repositories: "codeql-coding-standards-release-engineering" - - - name: Dispatch Matrix Testing Job - if: steps.check-write-permission.outputs.has-permission - uses: peter-evans/repository-dispatch@v2 - with: - token: ${{ steps.generate-token.outputs.token }} - repository: github/codeql-coding-standards-release-engineering - event-type: matrix-test - client-payload: '{"pr": "${{ github.event.number }}"}' - - - uses: actions/github-script@v6 - if: steps.check-write-permission.outputs.has-permission - with: - script: | - github.rest.issues.createComment({ - issue_number: context.issue.number, - owner: context.repo.owner, - repo: context.repo.repo, - body: '🤖 Beep Boop! Matrix Testing for this PR has been initiated. Please check back later for results.

:bulb: If you do not hear back from me please check my status! **I will report even if this PR does not contain files eligible for matrix testing.**' - }) diff --git a/.github/workflows/dispatch-matrix-test-on-comment.yml b/.github/workflows/dispatch-matrix-test-on-comment.yml index 4f9f9a5b1e..297b6fbc7e 100644 --- a/.github/workflows/dispatch-matrix-test-on-comment.yml +++ b/.github/workflows/dispatch-matrix-test-on-comment.yml @@ -26,14 +26,19 @@ jobs: owner: ${{ github.repository_owner }} repositories: "codeql-coding-standards-release-engineering" - - name: Dispatch Matrix Testing Job + - name: Invoke matrix testing job if: ${{ github.event.issue.pull_request && contains(github.event.comment.body, '/test-matrix') && steps.check-write-permission.outputs.has-permission }} - uses: peter-evans/repository-dispatch@v2 - with: - token: ${{ steps.generate-token.outputs.token }} - repository: github/codeql-coding-standards-release-engineering - event-type: matrix-test - client-payload: '{"pr": "${{ github.event.issue.number }}"}' + env: + ISSUE_NR: ${{ github.event.issue.number }} + GH_TOKEN: ${{ steps.generate-token.outputs.token }} + run: | + jq -n \ + --arg issue_nr "$ISSUE_NR" \ + '{"issue-nr": $issue_nr}' \ + | \ + gh workflow run pr-compiler-validation.yml \ + --json \ + -R github/codeql-coding-standards-release-engineering - uses: actions/github-script@v6 if: ${{ github.event.issue.pull_request && contains(github.event.comment.body, '/test-matrix') && steps.check-write-permission.outputs.has-permission }} diff --git a/.github/workflows/dispatch-release-performance-check.yml b/.github/workflows/dispatch-release-performance-check.yml index 7e28a9c4f9..260846185a 100644 --- a/.github/workflows/dispatch-release-performance-check.yml +++ b/.github/workflows/dispatch-release-performance-check.yml @@ -26,14 +26,19 @@ jobs: owner: ${{ github.repository_owner }} repositories: "codeql-coding-standards-release-engineering" - - name: Dispatch Performance Testing Job + - name: Invoke performance test if: ${{ github.event.issue.pull_request && contains(github.event.comment.body, '/test-performance') && steps.check-write-permission.outputs.has-permission }} - uses: peter-evans/repository-dispatch@v2 - with: - token: ${{ steps.generate-token.outputs.token }} - repository: github/codeql-coding-standards-release-engineering - event-type: performance-test - client-payload: '{"pr": "${{ github.event.issue.number }}"}' + env: + ISSUE_NR: ${{ github.event.issue.number }} + GH_TOKEN: ${{ steps.generate-token.outputs.token }} + run: | + jq -n \ + --arg issue_nr "$ISSUE_NR" \ + '{"issue-nr": $issue_nr}' \ + | \ + gh workflow run pr-performance-testing.yml \ + --json \ + -R github/codeql-coding-standards-release-engineering - uses: actions/github-script@v6 if: ${{ github.event.issue.pull_request && contains(github.event.comment.body, '/test-performance') && steps.check-write-permission.outputs.has-permission }} From 4c17999deb60b01c81f82a704665eee2ddbcf4fd Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 7 Oct 2024 14:00:23 +0100 Subject: [PATCH 2104/2573] MEM53-CPP: Remove FP introduced by upgrade to 2.15.5 Flow through realloc was added in the standard library, so move to barrier instead of node filter --- cpp/cert/src/rules/MEM53-CPP/ManuallyManagedLifetime.qll | 9 ++++++--- ...ssingConstructorCallForManuallyManagedObject.expected | 4 ---- cpp/cert/test/rules/MEM53-CPP/test.cpp | 5 ++--- 3 files changed, 8 insertions(+), 10 deletions(-) diff --git a/cpp/cert/src/rules/MEM53-CPP/ManuallyManagedLifetime.qll b/cpp/cert/src/rules/MEM53-CPP/ManuallyManagedLifetime.qll index 358a3583fc..54fafc60d7 100644 --- a/cpp/cert/src/rules/MEM53-CPP/ManuallyManagedLifetime.qll +++ b/cpp/cert/src/rules/MEM53-CPP/ManuallyManagedLifetime.qll @@ -14,12 +14,15 @@ module AllocToStaticCastConfig implements DataFlow::ConfigSig { predicate isSource(DataFlow::Node source) { exists(AllocationExpr ae | ae.getType().getUnspecifiedType() instanceof VoidPointerType and - source.asExpr() = ae and - // Ignore realloc, as that memory may already be partially constructed - not ae.(FunctionCall).getTarget().getName().toLowerCase().matches("%realloc%") + source.asExpr() = ae ) } + predicate isBarrier(DataFlow::Node sanitizer) { + // Ignore realloc, as that memory may already be partially constructed + sanitizer.asExpr().(FunctionCall).getTarget().getName().toLowerCase().matches("%realloc%") + } + predicate isSink(DataFlow::Node sink) { exists(StaticOrCStyleCast sc, Class nonTrivialClass | sc.getExpr() = sink.asExpr() and diff --git a/cpp/cert/test/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.expected b/cpp/cert/test/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.expected index e64315e044..12dcb2d8ff 100644 --- a/cpp/cert/test/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.expected +++ b/cpp/cert/test/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.expected @@ -1,5 +1,4 @@ edges -| test.cpp:65:21:65:34 | call to operator new | test.cpp:67:26:67:32 | call to realloc | nodes | test.cpp:16:26:16:31 | call to malloc | semmle.label | call to malloc | | test.cpp:17:38:17:43 | call to malloc | semmle.label | call to malloc | @@ -10,8 +9,6 @@ nodes | test.cpp:47:26:47:39 | call to operator new | semmle.label | call to operator new | | test.cpp:49:29:49:42 | call to operator new | semmle.label | call to operator new | | test.cpp:51:29:51:42 | call to operator new | semmle.label | call to operator new | -| test.cpp:65:21:65:34 | call to operator new | semmle.label | call to operator new | -| test.cpp:67:26:67:32 | call to realloc | semmle.label | call to realloc | subpaths #select | test.cpp:16:26:16:31 | call to malloc | test.cpp:16:26:16:31 | call to malloc | test.cpp:16:26:16:31 | call to malloc | Allocation to cast without constructor call | @@ -23,4 +20,3 @@ subpaths | test.cpp:47:26:47:39 | call to operator new | test.cpp:47:26:47:39 | call to operator new | test.cpp:47:26:47:39 | call to operator new | Allocation to cast without constructor call | | test.cpp:49:29:49:42 | call to operator new | test.cpp:49:29:49:42 | call to operator new | test.cpp:49:29:49:42 | call to operator new | Allocation to cast without constructor call | | test.cpp:51:29:51:42 | call to operator new | test.cpp:51:29:51:42 | call to operator new | test.cpp:51:29:51:42 | call to operator new | Allocation to cast without constructor call | -| test.cpp:67:26:67:32 | call to realloc | test.cpp:65:21:65:34 | call to operator new | test.cpp:67:26:67:32 | call to realloc | Allocation to cast without constructor call | diff --git a/cpp/cert/test/rules/MEM53-CPP/test.cpp b/cpp/cert/test/rules/MEM53-CPP/test.cpp index 82c0953a60..12c6d1ee56 100644 --- a/cpp/cert/test/rules/MEM53-CPP/test.cpp +++ b/cpp/cert/test/rules/MEM53-CPP/test.cpp @@ -63,7 +63,6 @@ void test_no_constructor_but_has_destructor() { void test_realloc() { void *goodAlloc = ::operator new(sizeof(ClassA)); - ClassA *a1 = new (goodAlloc) ClassA{1}; // COMPLIANT - ClassA *a2 = (ClassA *)realloc( - goodAlloc, sizeof(ClassA) * 2); // COMPLIANT [FALSE_POSITIVE] + ClassA *a1 = new (goodAlloc) ClassA{1}; // COMPLIANT + ClassA *a2 = (ClassA *)realloc(goodAlloc, sizeof(ClassA) * 2); // COMPLIANT } \ No newline at end of file From 12b1c4ee138fcbb56d35247702f0049f6d913c16 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 7 Oct 2024 14:03:05 +0100 Subject: [PATCH 2105/2573] Add change note --- change_notes/2024-10-07-upgrade-to-2.15.5.md | 1 + 1 file changed, 1 insertion(+) create mode 100644 change_notes/2024-10-07-upgrade-to-2.15.5.md diff --git a/change_notes/2024-10-07-upgrade-to-2.15.5.md b/change_notes/2024-10-07-upgrade-to-2.15.5.md new file mode 100644 index 0000000000..d3d4151e78 --- /dev/null +++ b/change_notes/2024-10-07-upgrade-to-2.15.5.md @@ -0,0 +1 @@ +- Updated the CodeQL version to `2.15.5`. \ No newline at end of file From 23574944cb6a31795a28a7a343971f0e76b62294 Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Tue, 8 Oct 2024 10:44:43 +0900 Subject: [PATCH 2106/2573] Dont report SpecialMemberFunction --- cpp/autosar/src/rules/M0-1-10/UnusedFunction.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/src/rules/M0-1-10/UnusedFunction.ql b/cpp/autosar/src/rules/M0-1-10/UnusedFunction.ql index 27306a9fc1..f175cb8992 100644 --- a/cpp/autosar/src/rules/M0-1-10/UnusedFunction.ql +++ b/cpp/autosar/src/rules/M0-1-10/UnusedFunction.ql @@ -27,5 +27,5 @@ where else name = unusedFunction.getName() ) and not unusedFunction.isDeleted() and - not UnusedFunctions::isASpecialMemberFunction(unusedFunction) + not unusedFunction instanceof SpecialMemberFunction select unusedFunction, "Function " + name + " is " + unusedFunction.getDeadCodeType() From 0c3a1a50374ac68baed2ef0e6b858338077e8480 Mon Sep 17 00:00:00 2001 From: lcartey <5377966+lcartey@users.noreply.github.com> Date: Tue, 8 Oct 2024 14:32:43 +0000 Subject: [PATCH 2107/2573] Upgrading `github/codeql` dependency to 2.16.6 --- c/cert/src/codeql-pack.lock.yml | 14 +++++++------- c/cert/src/qlpack.yml | 2 +- c/cert/test/codeql-pack.lock.yml | 14 +++++++------- c/common/src/codeql-pack.lock.yml | 14 +++++++------- c/common/src/qlpack.yml | 2 +- c/common/test/codeql-pack.lock.yml | 14 +++++++------- c/misra/src/codeql-pack.lock.yml | 14 +++++++------- c/misra/src/qlpack.yml | 2 +- c/misra/test/codeql-pack.lock.yml | 14 +++++++------- cpp/autosar/src/codeql-pack.lock.yml | 14 +++++++------- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/codeql-pack.lock.yml | 14 +++++++------- cpp/cert/src/codeql-pack.lock.yml | 14 +++++++------- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/codeql-pack.lock.yml | 14 +++++++------- cpp/common/src/codeql-pack.lock.yml | 14 +++++++------- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/codeql-pack.lock.yml | 14 +++++++------- cpp/misra/src/codeql-pack.lock.yml | 14 +++++++------- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/codeql-pack.lock.yml | 14 +++++++------- cpp/report/src/codeql-pack.lock.yml | 14 +++++++------- cpp/report/src/qlpack.yml | 2 +- .../generate_modules/queries/codeql-pack.lock.yml | 14 +++++++------- scripts/generate_modules/queries/qlpack.yml | 2 +- supported_codeql_configs.json | 6 +++--- 26 files changed, 124 insertions(+), 124 deletions(-) diff --git a/c/cert/src/codeql-pack.lock.yml b/c/cert/src/codeql-pack.lock.yml index 4edf97c6f8..2cbbccee53 100644 --- a/c/cert/src/codeql-pack.lock.yml +++ b/c/cert/src/codeql-pack.lock.yml @@ -2,17 +2,17 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.12.2 + version: 0.12.9 codeql/dataflow: - version: 0.1.5 + version: 0.2.3 codeql/rangeanalysis: - version: 0.0.4 + version: 0.0.11 codeql/ssa: - version: 0.2.5 + version: 0.2.12 codeql/tutorial: - version: 0.2.5 + version: 0.2.12 codeql/typetracking: - version: 0.2.5 + version: 0.2.12 codeql/util: - version: 0.2.5 + version: 0.2.12 compiled: false diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index f0daa6334a..a55d7391da 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -5,4 +5,4 @@ suites: codeql-suites license: MIT dependencies: codeql/common-c-coding-standards: '*' - codeql/cpp-all: 0.12.2 + codeql/cpp-all: 0.12.9 diff --git a/c/cert/test/codeql-pack.lock.yml b/c/cert/test/codeql-pack.lock.yml index 4edf97c6f8..2cbbccee53 100644 --- a/c/cert/test/codeql-pack.lock.yml +++ b/c/cert/test/codeql-pack.lock.yml @@ -2,17 +2,17 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.12.2 + version: 0.12.9 codeql/dataflow: - version: 0.1.5 + version: 0.2.3 codeql/rangeanalysis: - version: 0.0.4 + version: 0.0.11 codeql/ssa: - version: 0.2.5 + version: 0.2.12 codeql/tutorial: - version: 0.2.5 + version: 0.2.12 codeql/typetracking: - version: 0.2.5 + version: 0.2.12 codeql/util: - version: 0.2.5 + version: 0.2.12 compiled: false diff --git a/c/common/src/codeql-pack.lock.yml b/c/common/src/codeql-pack.lock.yml index 4edf97c6f8..2cbbccee53 100644 --- a/c/common/src/codeql-pack.lock.yml +++ b/c/common/src/codeql-pack.lock.yml @@ -2,17 +2,17 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.12.2 + version: 0.12.9 codeql/dataflow: - version: 0.1.5 + version: 0.2.3 codeql/rangeanalysis: - version: 0.0.4 + version: 0.0.11 codeql/ssa: - version: 0.2.5 + version: 0.2.12 codeql/tutorial: - version: 0.2.5 + version: 0.2.12 codeql/typetracking: - version: 0.2.5 + version: 0.2.12 codeql/util: - version: 0.2.5 + version: 0.2.12 compiled: false diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 5f18365483..f1b5271d74 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -3,4 +3,4 @@ version: 2.36.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.12.2 + codeql/cpp-all: 0.12.9 diff --git a/c/common/test/codeql-pack.lock.yml b/c/common/test/codeql-pack.lock.yml index 4edf97c6f8..2cbbccee53 100644 --- a/c/common/test/codeql-pack.lock.yml +++ b/c/common/test/codeql-pack.lock.yml @@ -2,17 +2,17 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.12.2 + version: 0.12.9 codeql/dataflow: - version: 0.1.5 + version: 0.2.3 codeql/rangeanalysis: - version: 0.0.4 + version: 0.0.11 codeql/ssa: - version: 0.2.5 + version: 0.2.12 codeql/tutorial: - version: 0.2.5 + version: 0.2.12 codeql/typetracking: - version: 0.2.5 + version: 0.2.12 codeql/util: - version: 0.2.5 + version: 0.2.12 compiled: false diff --git a/c/misra/src/codeql-pack.lock.yml b/c/misra/src/codeql-pack.lock.yml index 4edf97c6f8..2cbbccee53 100644 --- a/c/misra/src/codeql-pack.lock.yml +++ b/c/misra/src/codeql-pack.lock.yml @@ -2,17 +2,17 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.12.2 + version: 0.12.9 codeql/dataflow: - version: 0.1.5 + version: 0.2.3 codeql/rangeanalysis: - version: 0.0.4 + version: 0.0.11 codeql/ssa: - version: 0.2.5 + version: 0.2.12 codeql/tutorial: - version: 0.2.5 + version: 0.2.12 codeql/typetracking: - version: 0.2.5 + version: 0.2.12 codeql/util: - version: 0.2.5 + version: 0.2.12 compiled: false diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 9d0ed62e06..7839b51dd3 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -6,4 +6,4 @@ license: MIT default-suite-file: codeql-suites/misra-c-default.qls dependencies: codeql/common-c-coding-standards: '*' - codeql/cpp-all: 0.12.2 + codeql/cpp-all: 0.12.9 diff --git a/c/misra/test/codeql-pack.lock.yml b/c/misra/test/codeql-pack.lock.yml index 4edf97c6f8..2cbbccee53 100644 --- a/c/misra/test/codeql-pack.lock.yml +++ b/c/misra/test/codeql-pack.lock.yml @@ -2,17 +2,17 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.12.2 + version: 0.12.9 codeql/dataflow: - version: 0.1.5 + version: 0.2.3 codeql/rangeanalysis: - version: 0.0.4 + version: 0.0.11 codeql/ssa: - version: 0.2.5 + version: 0.2.12 codeql/tutorial: - version: 0.2.5 + version: 0.2.12 codeql/typetracking: - version: 0.2.5 + version: 0.2.12 codeql/util: - version: 0.2.5 + version: 0.2.12 compiled: false diff --git a/cpp/autosar/src/codeql-pack.lock.yml b/cpp/autosar/src/codeql-pack.lock.yml index 4edf97c6f8..2cbbccee53 100644 --- a/cpp/autosar/src/codeql-pack.lock.yml +++ b/cpp/autosar/src/codeql-pack.lock.yml @@ -2,17 +2,17 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.12.2 + version: 0.12.9 codeql/dataflow: - version: 0.1.5 + version: 0.2.3 codeql/rangeanalysis: - version: 0.0.4 + version: 0.0.11 codeql/ssa: - version: 0.2.5 + version: 0.2.12 codeql/tutorial: - version: 0.2.5 + version: 0.2.12 codeql/typetracking: - version: 0.2.5 + version: 0.2.12 codeql/util: - version: 0.2.5 + version: 0.2.12 compiled: false diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index 93a0f4bd9a..fede5b3e69 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -5,4 +5,4 @@ suites: codeql-suites license: MIT dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.12.2 + codeql/cpp-all: 0.12.9 diff --git a/cpp/autosar/test/codeql-pack.lock.yml b/cpp/autosar/test/codeql-pack.lock.yml index 4edf97c6f8..2cbbccee53 100644 --- a/cpp/autosar/test/codeql-pack.lock.yml +++ b/cpp/autosar/test/codeql-pack.lock.yml @@ -2,17 +2,17 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.12.2 + version: 0.12.9 codeql/dataflow: - version: 0.1.5 + version: 0.2.3 codeql/rangeanalysis: - version: 0.0.4 + version: 0.0.11 codeql/ssa: - version: 0.2.5 + version: 0.2.12 codeql/tutorial: - version: 0.2.5 + version: 0.2.12 codeql/typetracking: - version: 0.2.5 + version: 0.2.12 codeql/util: - version: 0.2.5 + version: 0.2.12 compiled: false diff --git a/cpp/cert/src/codeql-pack.lock.yml b/cpp/cert/src/codeql-pack.lock.yml index 4edf97c6f8..2cbbccee53 100644 --- a/cpp/cert/src/codeql-pack.lock.yml +++ b/cpp/cert/src/codeql-pack.lock.yml @@ -2,17 +2,17 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.12.2 + version: 0.12.9 codeql/dataflow: - version: 0.1.5 + version: 0.2.3 codeql/rangeanalysis: - version: 0.0.4 + version: 0.0.11 codeql/ssa: - version: 0.2.5 + version: 0.2.12 codeql/tutorial: - version: 0.2.5 + version: 0.2.12 codeql/typetracking: - version: 0.2.5 + version: 0.2.12 codeql/util: - version: 0.2.5 + version: 0.2.12 compiled: false diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index 3a85e2aa20..f7cd4a0291 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -4,5 +4,5 @@ description: CERT C++ 2016 suites: codeql-suites license: MIT dependencies: - codeql/cpp-all: 0.12.2 + codeql/cpp-all: 0.12.9 codeql/common-cpp-coding-standards: '*' diff --git a/cpp/cert/test/codeql-pack.lock.yml b/cpp/cert/test/codeql-pack.lock.yml index 4edf97c6f8..2cbbccee53 100644 --- a/cpp/cert/test/codeql-pack.lock.yml +++ b/cpp/cert/test/codeql-pack.lock.yml @@ -2,17 +2,17 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.12.2 + version: 0.12.9 codeql/dataflow: - version: 0.1.5 + version: 0.2.3 codeql/rangeanalysis: - version: 0.0.4 + version: 0.0.11 codeql/ssa: - version: 0.2.5 + version: 0.2.12 codeql/tutorial: - version: 0.2.5 + version: 0.2.12 codeql/typetracking: - version: 0.2.5 + version: 0.2.12 codeql/util: - version: 0.2.5 + version: 0.2.12 compiled: false diff --git a/cpp/common/src/codeql-pack.lock.yml b/cpp/common/src/codeql-pack.lock.yml index 4edf97c6f8..2cbbccee53 100644 --- a/cpp/common/src/codeql-pack.lock.yml +++ b/cpp/common/src/codeql-pack.lock.yml @@ -2,17 +2,17 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.12.2 + version: 0.12.9 codeql/dataflow: - version: 0.1.5 + version: 0.2.3 codeql/rangeanalysis: - version: 0.0.4 + version: 0.0.11 codeql/ssa: - version: 0.2.5 + version: 0.2.12 codeql/tutorial: - version: 0.2.5 + version: 0.2.12 codeql/typetracking: - version: 0.2.5 + version: 0.2.12 codeql/util: - version: 0.2.5 + version: 0.2.12 compiled: false diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index b7f90b4cd3..69483ef611 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -2,6 +2,6 @@ name: codeql/common-cpp-coding-standards version: 2.36.0-dev license: MIT dependencies: - codeql/cpp-all: 0.12.2 + codeql/cpp-all: 0.12.9 dataExtensions: - ext/*.model.yml diff --git a/cpp/common/test/codeql-pack.lock.yml b/cpp/common/test/codeql-pack.lock.yml index 4edf97c6f8..2cbbccee53 100644 --- a/cpp/common/test/codeql-pack.lock.yml +++ b/cpp/common/test/codeql-pack.lock.yml @@ -2,17 +2,17 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.12.2 + version: 0.12.9 codeql/dataflow: - version: 0.1.5 + version: 0.2.3 codeql/rangeanalysis: - version: 0.0.4 + version: 0.0.11 codeql/ssa: - version: 0.2.5 + version: 0.2.12 codeql/tutorial: - version: 0.2.5 + version: 0.2.12 codeql/typetracking: - version: 0.2.5 + version: 0.2.12 codeql/util: - version: 0.2.5 + version: 0.2.12 compiled: false diff --git a/cpp/misra/src/codeql-pack.lock.yml b/cpp/misra/src/codeql-pack.lock.yml index 4edf97c6f8..2cbbccee53 100644 --- a/cpp/misra/src/codeql-pack.lock.yml +++ b/cpp/misra/src/codeql-pack.lock.yml @@ -2,17 +2,17 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.12.2 + version: 0.12.9 codeql/dataflow: - version: 0.1.5 + version: 0.2.3 codeql/rangeanalysis: - version: 0.0.4 + version: 0.0.11 codeql/ssa: - version: 0.2.5 + version: 0.2.12 codeql/tutorial: - version: 0.2.5 + version: 0.2.12 codeql/typetracking: - version: 0.2.5 + version: 0.2.12 codeql/util: - version: 0.2.5 + version: 0.2.12 compiled: false diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index b713614f68..19a37a8650 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -5,4 +5,4 @@ default-suite: codeql-suites/misra-cpp-default.qls license: MIT dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.12.2 + codeql/cpp-all: 0.12.9 diff --git a/cpp/misra/test/codeql-pack.lock.yml b/cpp/misra/test/codeql-pack.lock.yml index 4edf97c6f8..2cbbccee53 100644 --- a/cpp/misra/test/codeql-pack.lock.yml +++ b/cpp/misra/test/codeql-pack.lock.yml @@ -2,17 +2,17 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.12.2 + version: 0.12.9 codeql/dataflow: - version: 0.1.5 + version: 0.2.3 codeql/rangeanalysis: - version: 0.0.4 + version: 0.0.11 codeql/ssa: - version: 0.2.5 + version: 0.2.12 codeql/tutorial: - version: 0.2.5 + version: 0.2.12 codeql/typetracking: - version: 0.2.5 + version: 0.2.12 codeql/util: - version: 0.2.5 + version: 0.2.12 compiled: false diff --git a/cpp/report/src/codeql-pack.lock.yml b/cpp/report/src/codeql-pack.lock.yml index 4edf97c6f8..2cbbccee53 100644 --- a/cpp/report/src/codeql-pack.lock.yml +++ b/cpp/report/src/codeql-pack.lock.yml @@ -2,17 +2,17 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.12.2 + version: 0.12.9 codeql/dataflow: - version: 0.1.5 + version: 0.2.3 codeql/rangeanalysis: - version: 0.0.4 + version: 0.0.11 codeql/ssa: - version: 0.2.5 + version: 0.2.12 codeql/tutorial: - version: 0.2.5 + version: 0.2.12 codeql/typetracking: - version: 0.2.5 + version: 0.2.12 codeql/util: - version: 0.2.5 + version: 0.2.12 compiled: false diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index f90669908d..b37f2ca9ad 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/report-cpp-coding-standards version: 2.36.0-dev license: MIT dependencies: - codeql/cpp-all: 0.12.2 + codeql/cpp-all: 0.12.9 diff --git a/scripts/generate_modules/queries/codeql-pack.lock.yml b/scripts/generate_modules/queries/codeql-pack.lock.yml index 4edf97c6f8..2cbbccee53 100644 --- a/scripts/generate_modules/queries/codeql-pack.lock.yml +++ b/scripts/generate_modules/queries/codeql-pack.lock.yml @@ -2,17 +2,17 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.12.2 + version: 0.12.9 codeql/dataflow: - version: 0.1.5 + version: 0.2.3 codeql/rangeanalysis: - version: 0.0.4 + version: 0.0.11 codeql/ssa: - version: 0.2.5 + version: 0.2.12 codeql/tutorial: - version: 0.2.5 + version: 0.2.12 codeql/typetracking: - version: 0.2.5 + version: 0.2.12 codeql/util: - version: 0.2.5 + version: 0.2.12 compiled: false diff --git a/scripts/generate_modules/queries/qlpack.yml b/scripts/generate_modules/queries/qlpack.yml index 4ab2483c04..fea871b973 100644 --- a/scripts/generate_modules/queries/qlpack.yml +++ b/scripts/generate_modules/queries/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/standard-library-extraction-cpp-coding-standards version: 0.0.0 license: MIT dependencies: - codeql/cpp-all: 0.12.2 + codeql/cpp-all: 0.12.9 diff --git a/supported_codeql_configs.json b/supported_codeql_configs.json index a97c7d83d2..e8b2597100 100644 --- a/supported_codeql_configs.json +++ b/supported_codeql_configs.json @@ -1,9 +1,9 @@ { "supported_environment": [ { - "codeql_cli": "2.15.5", - "codeql_standard_library": "codeql-cli/v2.15.5", - "codeql_cli_bundle": "codeql-bundle-v2.15.5" + "codeql_cli": "2.16.6", + "codeql_standard_library": "codeql-cli/v2.16.6", + "codeql_cli_bundle": "codeql-bundle-v2.16.6" } ], "supported_language": [ From def30fb63abb445c4e27410536f08d06387e8434 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 8 Oct 2024 22:44:30 +0100 Subject: [PATCH 2108/2573] Update CodeQL dependency change note --- ...10-07-upgrade-to-2.15.5.md => 2024-10-08-upgrade-to-2.16.6.md} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename change_notes/{2024-10-07-upgrade-to-2.15.5.md => 2024-10-08-upgrade-to-2.16.6.md} (100%) diff --git a/change_notes/2024-10-07-upgrade-to-2.15.5.md b/change_notes/2024-10-08-upgrade-to-2.16.6.md similarity index 100% rename from change_notes/2024-10-07-upgrade-to-2.15.5.md rename to change_notes/2024-10-08-upgrade-to-2.16.6.md From 896242cf1218e32041f37449a63ec0bcb756a18e Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 8 Oct 2024 22:48:06 +0100 Subject: [PATCH 2109/2573] Update release note --- change_notes/2024-10-08-upgrade-to-2.16.6.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/change_notes/2024-10-08-upgrade-to-2.16.6.md b/change_notes/2024-10-08-upgrade-to-2.16.6.md index d3d4151e78..a087679667 100644 --- a/change_notes/2024-10-08-upgrade-to-2.16.6.md +++ b/change_notes/2024-10-08-upgrade-to-2.16.6.md @@ -1 +1 @@ -- Updated the CodeQL version to `2.15.5`. \ No newline at end of file +- Updated the CodeQL version to `2.16.6`. \ No newline at end of file From 202fb667b2087f32d3c14e6bcd229f3d64a29a15 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Tue, 8 Oct 2024 20:54:23 -0700 Subject: [PATCH 2110/2573] Address feedback. --- ...rectlySizedIntegerConstantMacroArgument.ql | 19 +++++++++---------- .../IntegerConstantMacroArgumentUsesSuffix.ql | 4 ++-- .../InvalidIntegerConstantMacroArgument.ql | 7 +------ .../cpp/IntegerConstantMacro.qll | 2 +- .../src/codingstandards/cpp/Literals.qll | 5 ++--- 5 files changed, 15 insertions(+), 22 deletions(-) diff --git a/c/misra/src/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.ql b/c/misra/src/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.ql index ac8cd56a7a..87c945d6b6 100644 --- a/c/misra/src/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.ql +++ b/c/misra/src/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.ql @@ -21,13 +21,8 @@ predicate matchesSign(IntegerConstantMacro macro, PossiblyNegativeLiteral litera } predicate matchesSize(IntegerConstantMacro macro, PossiblyNegativeLiteral literal) { - // Wait for BigInt support to check 64 bit macro types. - (macro.getSize() < 64 and matchesSign(macro, literal)) - implies - ( - literal.getRawValue() <= macro.maxValue() and - literal.getRawValue() >= macro.minValue() - ) + literal.getRawValue() <= macro.maxValue() and + literal.getRawValue() >= macro.minValue() } from @@ -38,9 +33,13 @@ where invoke.getMacro() = macro and literal = invoke.getExpr() and ( - not matchesSign(macro, invoke.getExpr()) and explanation = " cannot be negative" + not matchesSign(macro, literal) and + explanation = " cannot be negative" or - not matchesSize(macro, invoke.getExpr()) and + matchesSign(macro, literal) and + // Wait for BigInt support to check 64 bit macro types. + macro.getSize() < 64 and + not matchesSize(macro, literal) and explanation = " is outside of the allowed range " + macro.getRangeString() ) -select invoke.getExpr(), "Value provided to integer constant macro " + macro.getName() + explanation +select literal, "Value provided to integer constant macro " + macro.getName() + explanation diff --git a/c/misra/src/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.ql b/c/misra/src/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.ql index 13e7ee6b7b..84fb1a9872 100644 --- a/c/misra/src/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.ql +++ b/c/misra/src/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.ql @@ -18,7 +18,7 @@ import codingstandards.cpp.IntegerConstantMacro import codingstandards.cpp.Literals string argumentSuffix(MacroInvocation invoke) { - // Compiler strips the suffix unless we look at the unexpanded argument text. + // Extractor strips the suffix unless we look at the unexpanded argument text. // Unexpanded argument text can be malformed in all sorts of ways, so make // this match relatively strict, to be safe. result = invoke.getUnexpandedArgument(0).regexpCapture("([0-9]+|0[xX][0-9A-F]+)([uUlL]+)$", 2) @@ -30,6 +30,6 @@ where invoke.getMacro() instanceof IntegerConstantMacro and invoke.getExpr() = argument and suffix = argumentSuffix(invoke) -select invoke.getExpr(), +select argument, "Value suffix '" + suffix + "' is not allowed on provided argument to integer constant macro " + invoke.getMacroName() + "." diff --git a/c/misra/src/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.ql b/c/misra/src/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.ql index 40b66d0067..4c750e32d8 100644 --- a/c/misra/src/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.ql +++ b/c/misra/src/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.ql @@ -17,11 +17,6 @@ import codingstandards.cpp.IntegerConstantMacro import codingstandards.cpp.Literals import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis -predicate containsMacroInvocation(MacroInvocation outer, MacroInvocation inner) { - outer.getExpr() = inner.getExpr() and - exists(outer.getUnexpandedArgument(0).indexOf(inner.getMacroName())) -} - from MacroInvocation invoke, IntegerConstantMacro macro where not isExcluded(invoke, Types2Package::invalidIntegerConstantMacroArgumentQuery()) and @@ -29,7 +24,7 @@ where ( not invoke.getExpr() instanceof PossiblyNegativeLiteral or - containsMacroInvocation(invoke, _) + any(MacroInvocation inner).getParentInvocation() = invoke ) select invoke.getExpr(), "Argument to integer constant macro " + macro.getName() + " must be an integer literal." diff --git a/cpp/common/src/codingstandards/cpp/IntegerConstantMacro.qll b/cpp/common/src/codingstandards/cpp/IntegerConstantMacro.qll index 8f3fff1e1b..bc4ea3d125 100644 --- a/cpp/common/src/codingstandards/cpp/IntegerConstantMacro.qll +++ b/cpp/common/src/codingstandards/cpp/IntegerConstantMacro.qll @@ -15,7 +15,7 @@ class IntegerConstantMacro extends Macro { signed = false and size = getName().regexpCapture("UINT(8|16|32|64)_C", 1).toInt() } - predicate isSmall() { size < 32 } + predicate isSmall() { size < any(IntType it | it.isSigned()).getSize() } int getSize() { result = size } diff --git a/cpp/common/src/codingstandards/cpp/Literals.qll b/cpp/common/src/codingstandards/cpp/Literals.qll index cc0d28dec9..edec04152e 100644 --- a/cpp/common/src/codingstandards/cpp/Literals.qll +++ b/cpp/common/src/codingstandards/cpp/Literals.qll @@ -4,7 +4,6 @@ import cpp import codingstandards.cpp.Cpp14Literal -import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis class IntegerLiteral = Cpp14Literal::IntegerLiteral; @@ -100,7 +99,7 @@ class NegativeLiteral extends PossiblyNegativeLiteral, UnaryMinusExpr { override Cpp14Literal::NumericLiteral getBaseLiteral() { result = literal } - override float getRawValue() { result = -lowerBound(literal) } + override float getRawValue() { result = -literal.getValue().toFloat() } } /** @@ -112,5 +111,5 @@ class PositiveLiteral extends PossiblyNegativeLiteral, Cpp14Literal::NumericLite override Cpp14Literal::NumericLiteral getBaseLiteral() { result = this } - override float getRawValue() { result = lowerBound(this) } + override float getRawValue() { result = getValue().toFloat() } } From 47a6600a2f8801728b1fa9602b93538c493b6f0d Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Tue, 8 Oct 2024 22:00:36 -0700 Subject: [PATCH 2111/2573] Fix small integer macro size, bytes not bits. --- cpp/common/src/codingstandards/cpp/IntegerConstantMacro.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/IntegerConstantMacro.qll b/cpp/common/src/codingstandards/cpp/IntegerConstantMacro.qll index bc4ea3d125..ce72033ecc 100644 --- a/cpp/common/src/codingstandards/cpp/IntegerConstantMacro.qll +++ b/cpp/common/src/codingstandards/cpp/IntegerConstantMacro.qll @@ -15,7 +15,7 @@ class IntegerConstantMacro extends Macro { signed = false and size = getName().regexpCapture("UINT(8|16|32|64)_C", 1).toInt() } - predicate isSmall() { size < any(IntType it | it.isSigned()).getSize() } + predicate isSmall() { size < any(IntType it | it.isSigned()).getSize() * 8 } int getSize() { result = size } From 2ffccb0003c382882f6009034fe430e36ad13d77 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Wed, 9 Oct 2024 09:18:34 +0100 Subject: [PATCH 2112/2573] Fix isExcluded function parameter in query --- cpp/autosar/src/rules/M0-1-10/UnusedSplMemberFunction.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/src/rules/M0-1-10/UnusedSplMemberFunction.ql b/cpp/autosar/src/rules/M0-1-10/UnusedSplMemberFunction.ql index 03ddfbbd43..bcbf6f4e1b 100644 --- a/cpp/autosar/src/rules/M0-1-10/UnusedSplMemberFunction.ql +++ b/cpp/autosar/src/rules/M0-1-10/UnusedSplMemberFunction.ql @@ -20,7 +20,7 @@ import codingstandards.cpp.deadcode.UnusedFunctions from UnusedFunctions::UnusedSplMemberFunction unusedSplMemFunction, string name where - not isExcluded(DeadCodePackage::unusedSplMemberFunctionQuery(), DeadCodePackage::unusedFunctionQuery()) and + not isExcluded(unusedSplMemFunction, DeadCodePackage::unusedFunctionQuery()) and ( if exists(unusedSplMemFunction.getQualifiedName()) then name = unusedSplMemFunction.getQualifiedName() From 4b1429b6bf94bce541c32395eab0529a6d5ce9cb Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Wed, 9 Oct 2024 19:07:52 +0900 Subject: [PATCH 2113/2573] SpecialMemberFunction from GoogleTest as entry pts --- .../M0-1-10/UnusedSplMemberFunction.expected | 1 - cpp/autosar/test/rules/M0-1-10/test.cpp | 6 ++---- .../cpp/EncapsulatingFunctions.qll | 16 ++++++++++------ 3 files changed, 12 insertions(+), 11 deletions(-) diff --git a/cpp/autosar/test/rules/M0-1-10/UnusedSplMemberFunction.expected b/cpp/autosar/test/rules/M0-1-10/UnusedSplMemberFunction.expected index f26e8dfe33..e2bf0acc79 100644 --- a/cpp/autosar/test/rules/M0-1-10/UnusedSplMemberFunction.expected +++ b/cpp/autosar/test/rules/M0-1-10/UnusedSplMemberFunction.expected @@ -1,3 +1,2 @@ | test.cpp:71:5:71:16 | ANestedClass | Special member function ANestedClass is never called. | | test.cpp:82:5:82:22 | AnotherNestedClass | Special member function AnotherNestedClass is never called from a main function or entry point. | -| test.cpp:155:1:157:37 | ~sample_test_called_from_google_test_function_Test | Special member function sample_test_called_from_google_test_function_Test::~sample_test_called_from_google_test_function_Test is never called. | diff --git a/cpp/autosar/test/rules/M0-1-10/test.cpp b/cpp/autosar/test/rules/M0-1-10/test.cpp index 27534590fd..84b17c4c21 100644 --- a/cpp/autosar/test/rules/M0-1-10/test.cpp +++ b/cpp/autosar/test/rules/M0-1-10/test.cpp @@ -152,10 +152,8 @@ int called_from_google_test_function( return something; } -TEST( - sample_test, - called_from_google_test_function) // COMPLIANT - False positive! - // ~sample_test_called_from_google_test_function_Test +TEST(sample_test, + called_from_google_test_function) // COMPLIANT - Google Test function { bool pass = false; if (called_from_google_test_function(0) >= 10) diff --git a/cpp/common/src/codingstandards/cpp/EncapsulatingFunctions.qll b/cpp/common/src/codingstandards/cpp/EncapsulatingFunctions.qll index 7b2d715d01..8a0d4ffab9 100644 --- a/cpp/common/src/codingstandards/cpp/EncapsulatingFunctions.qll +++ b/cpp/common/src/codingstandards/cpp/EncapsulatingFunctions.qll @@ -3,6 +3,7 @@ */ import cpp +import codingstandards.cpp.Class /** A function which represents the entry point into a specific thread of execution in the program. */ abstract class MainLikeFunction extends Function { } @@ -29,19 +30,22 @@ class MainFunction extends MainLikeFunction { class GoogleTestFunction extends MainLikeFunction { GoogleTestFunction() { // A GoogleTest function is named "TestBody" and - this.hasName("TestBody") and + ( + this.hasName("TestBody") or + this instanceof SpecialMemberFunction + ) and // it's parent class inherits a base class exists(Class base | base = this.getEnclosingAccessHolder().(Class).getABaseClass+() and - // with a name "Test" inside a namespace called "testing" ( + // with a name "Test" inside a namespace called "testing" base.hasName("Test") and base.getNamespace().hasName("testing") + or + // or at a location in a file called gtest.h (or gtest-internal.h, + // gtest-typed-test.h etc). + base.getDefinitionLocation().getFile().getBaseName().regexpMatch("gtest*.h") ) - or - // or at a location in a file called gtest.h (or gtest-internal.h, - // gtest-typed-test.h etc). - base.getDefinitionLocation().getFile().getBaseName().regexpMatch("gtest*.h") ) } } From d0540e450382754719c7a0bc0d3010a7a6e88ce6 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 9 Oct 2024 23:19:04 +0100 Subject: [PATCH 2114/2573] M0-1-2: Remove reference to GuardCondition In the upgrade to 2.16.6 GuardCondition has been modified to use the IR instead of the AST mode it used before. One of the consequences of this change is that GuardConditions no longer exist for uninstantiated templates (because the IR does not apply for uninstantiated templates). Instead of using GuardCondition we can use the same logic for deducing infeasible paths for uninstantiated templates as for non template code. This avoids the dependency on GuardCondition, and provides consistency with the rest of the query, while shortening the query. --- change_notes/2024-10-08-upgrade-to-2.16.6.md | 4 +- .../src/rules/M0-1-2/InfeasiblePath.ql | 185 +----------------- 2 files changed, 12 insertions(+), 177 deletions(-) diff --git a/change_notes/2024-10-08-upgrade-to-2.16.6.md b/change_notes/2024-10-08-upgrade-to-2.16.6.md index a087679667..9f1e11d3d3 100644 --- a/change_notes/2024-10-08-upgrade-to-2.16.6.md +++ b/change_notes/2024-10-08-upgrade-to-2.16.6.md @@ -1 +1,3 @@ -- Updated the CodeQL version to `2.16.6`. \ No newline at end of file +- Updated the CodeQL version to `2.16.6`. +- `M0-1-2` - `InfeasiblePath.ql`: + - This query may now report additional results within templates where a relational operation is performed which has a constant value given the specified arguments. \ No newline at end of file diff --git a/cpp/autosar/src/rules/M0-1-2/InfeasiblePath.ql b/cpp/autosar/src/rules/M0-1-2/InfeasiblePath.ql index 76ccdead69..83e056472b 100644 --- a/cpp/autosar/src/rules/M0-1-2/InfeasiblePath.ql +++ b/cpp/autosar/src/rules/M0-1-2/InfeasiblePath.ql @@ -151,186 +151,19 @@ predicate isConstantRelationalOperation( * Holds if the `ConditionalNode` has an infeasible `path` for the reason given in `explanation`. */ predicate hasInfeasiblePath(ConditionalControlFlowNode node, string message) { - //deal with the infeasible in all uninstantiated templates separately - node.isFromUninstantiatedTemplate(_) and - node instanceof ConditionControllingUnreachable and - message = "The path is unreachable in a template." - or exists(boolean infeasiblePath, string explanation | - ( - not node.isFromUninstantiatedTemplate(_) and - not node.isFromTemplateInstantiation(_) and - message = "The " + infeasiblePath + " path is infeasible because " + explanation + "." - ) and - ( - hasCFGDeducedInfeasiblePath(node, infeasiblePath, explanation) and - not isConstantRelationalOperation(node, infeasiblePath, _) - or - isConstantRelationalOperation(node, infeasiblePath, explanation) - ) + not node.isFromTemplateInstantiation(_) and + if node.isFromUninstantiatedTemplate(_) + then message = "The path is unreachable in a template." + else message = "The " + infeasiblePath + " path is infeasible because " + explanation + "." + | + hasCFGDeducedInfeasiblePath(node, infeasiblePath, explanation) and + not isConstantRelationalOperation(node, infeasiblePath, _) + or + isConstantRelationalOperation(node, infeasiblePath, explanation) ) } -/** - * A newtype representing "unreachable" blocks in the program. We use a newtype here to avoid - * reporting the same block in multiple `Function` instances created from one function in a template. - */ -private newtype TUnreachableBasicBlock = - TUnreachableNonTemplateBlock(BasicBlock bb) { - bb.isUnreachable() and - // Exclude anything template related from this case - not bb.getEnclosingFunction().isFromTemplateInstantiation(_) and - not bb.getEnclosingFunction().isFromUninstantiatedTemplate(_) and - // Exclude compiler generated basic blocks - not isCompilerGenerated(bb) - } or - /** - * A `BasicBlock` that occurs in at least one `Function` instance for a template. `BasicBlock`s - * are matched up across templates by location. - */ - TUnreachableTemplateBlock( - string filepath, int startline, int startcolumn, int endline, int endcolumn, - GuardCondition uninstantiatedGuardCondition - ) { - exists(BasicBlock bb | - // BasicBlock occurs in this location - bb.hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) and - // And is contained in the `uninstantiatedFunction` only - // not from anything constructed from it - // because we want infeasible paths independent of parameters - exists(Function enclosing | enclosing = bb.getEnclosingFunction() | - //guard is in the template function - ( - enclosing.getBlock().getAChild*() = uninstantiatedGuardCondition and - //function template - enclosing.isFromUninstantiatedTemplate(_) and - uninstantiatedGuardCondition.isFromUninstantiatedTemplate(_) and - //true condition is unreachable: basic block starts on same line as guard - ( - not exists(uninstantiatedGuardCondition.getATrueSuccessor()) and - bb.hasLocationInfo(filepath, uninstantiatedGuardCondition.getLocation().getStartLine(), - startcolumn, endline, endcolumn) - or - //false condition is unreachable: false basic block starts on one line after its true basic block - not exists(uninstantiatedGuardCondition.getAFalseSuccessor()) and - bb.hasLocationInfo(filepath, - uninstantiatedGuardCondition.getATrueSuccessor().getLocation().getEndLine() + 1, - startcolumn, endline, endcolumn) - ) - ) - ) and - // And is unreachable - bb.isUnreachable() and - // //Exclude compiler generated control flow nodes - not isCompilerGenerated(bb) and - //Exclude nodes affected by macros, because our find-the-same-basic-block-by-location doesn't - //work in that case - not bb.(ControlFlowNode).isAffectedByMacro() - ) - } - -/** - * An unreachable basic block. - */ -class UnreachableBasicBlock extends TUnreachableBasicBlock { - /** Gets a `BasicBlock` which is represented by this set of unreachable basic blocks. */ - BasicBlock getABasicBlock() { none() } - - /** Gets a `GuardCondition` instance which we treat as the original GuardCondition. */ - GuardCondition getGuardCondition() { none() } - - predicate hasLocationInfo( - string filepath, int startline, int startcolumn, int endline, int endcolumn - ) { - none() - } - - string toString() { result = "default" } -} - -/** - * A non-templated unreachable basic block. - */ -class UnreachableNonTemplateBlock extends UnreachableBasicBlock, TUnreachableNonTemplateBlock { - BasicBlock getBasicBlock() { this = TUnreachableNonTemplateBlock(result) } - - override BasicBlock getABasicBlock() { result = getBasicBlock() } - - override GuardCondition getGuardCondition() { result.controls(getBasicBlock(), true) } - - override predicate hasLocationInfo( - string filepath, int startline, int startcolumn, int endline, int endcolumn - ) { - getBasicBlock().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) - } - - override string toString() { result = getBasicBlock().toString() } -} - -/** - * A templated unreachable basic block. - */ -class UnreachableTemplateBlock extends UnreachableBasicBlock, TUnreachableTemplateBlock { - override BasicBlock getABasicBlock() { - exists( - string filepath, int startline, int startcolumn, int endline, int endcolumn, - GuardCondition uninstantiatedGuardCondition - | - this = - TUnreachableTemplateBlock(filepath, startline, startcolumn, endline, endcolumn, - uninstantiatedGuardCondition) and - result.hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) and - exists(Function enclosing | - //guard is in the template function - ( - enclosing.getBlock().getAChild*() = uninstantiatedGuardCondition and - //function template - enclosing.isFromUninstantiatedTemplate(_) and - uninstantiatedGuardCondition.isFromUninstantiatedTemplate(_) and - //true condition is unreachable: basic block starts on same line as guard - ( - not exists(uninstantiatedGuardCondition.getATrueSuccessor()) and - this.hasLocationInfo(filepath, - uninstantiatedGuardCondition.getLocation().getStartLine(), startcolumn, endline, - endcolumn) - or - //false condition is unreachable: false basic block starts on one line after its true basic block - not exists(uninstantiatedGuardCondition.getAFalseSuccessor()) and - this.hasLocationInfo(filepath, - uninstantiatedGuardCondition.getATrueSuccessor().getLocation().getEndLine() + 1, - startcolumn, endline, endcolumn) - ) - ) - ) - | - result.isUnreachable() and - // Exclude compiler generated control flow nodes - not isCompilerGenerated(result) and - // Exclude nodes affected by macros, because our find-the-same-basic-block-by-location doesn't - // work in that case - not result.(ControlFlowNode).isAffectedByMacro() - ) - } - - override GuardCondition getGuardCondition() { - this = TUnreachableTemplateBlock(_, _, _, _, _, result) - } - - override predicate hasLocationInfo( - string filepath, int startline, int startcolumn, int endline, int endcolumn - ) { - this = TUnreachableTemplateBlock(filepath, startline, startcolumn, endline, endcolumn, _) - } - - override string toString() { result = getABasicBlock().toString() } -} - -class ConditionControllingUnreachable extends GuardCondition { - ConditionControllingUnreachable() { - exists(UnreachableTemplateBlock b | this = b.getGuardCondition()) - } -} - from ConditionalControlFlowNode cond, string explanation where not isExcluded(cond, DeadCodePackage::infeasiblePathQuery()) and From b715dba7f675b687025e81a90d7788efab0630bf Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 9 Oct 2024 23:55:49 +0100 Subject: [PATCH 2115/2573] Generate qlpack bundles when generating artifacts --- .github/workflows/code-scanning-pack-gen.yml | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index 7b187b2980..02d57bd18b 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -102,11 +102,21 @@ jobs: codeql query compile --precompile --threads 0 cpp codeql query compile --precompile --threads 0 c + codeql pack bundle --output=misra-c-coding-standards.tgz c/misra/src + codeql pack bundle --output=cert-c-coding-standards.tgz c/cert/src + codeql pack bundle --output=cert-cpp-coding-standards.tgz cpp/cert/src + codeql pack bundle --output=autosar-cpp-coding-standards.tgz cpp/autosar/src + cd .. zip -r codeql-coding-standards/code-scanning-cpp-query-pack.zip codeql-coding-standards/c/ codeql-coding-standards/cpp/ codeql-coding-standards/.codeqlmanifest.json codeql-coding-standards/supported_codeql_configs.json codeql-coding-standards/scripts/configuration codeql-coding-standards/scripts/reports codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/guideline_recategorization codeql-coding-standards/schemas - name: Upload GHAS Query Pack - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: code-scanning-cpp-query-pack.zip path: code-scanning-cpp-query-pack.zip + + - uses: actions/upload-artifact@v4 + with: + name: coding-standards-qlpacks + path: *-cp?p?-coding-standards.tgz \ No newline at end of file From 3bedebb4df2dc52cf1e1a587e0e007adef78b1e1 Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Thu, 10 Oct 2024 11:06:15 +0900 Subject: [PATCH 2116/2573] Minor improvement --- cpp/autosar/test/rules/M0-1-10/test.cpp | 7 +++++++ .../src/codingstandards/cpp/EncapsulatingFunctions.qll | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/M0-1-10/test.cpp b/cpp/autosar/test/rules/M0-1-10/test.cpp index 84b17c4c21..e1a19abf24 100644 --- a/cpp/autosar/test/rules/M0-1-10/test.cpp +++ b/cpp/autosar/test/rules/M0-1-10/test.cpp @@ -158,4 +158,11 @@ TEST(sample_test, bool pass = false; if (called_from_google_test_function(0) >= 10) pass = true; + struct a_nested_class_in_gtest { + a_nested_class_in_gtest() noexcept(false) { + static_cast(0); + } // COMPLIANT + }; + static_assert(std::is_trivially_copy_constructible(), + "assert"); } diff --git a/cpp/common/src/codingstandards/cpp/EncapsulatingFunctions.qll b/cpp/common/src/codingstandards/cpp/EncapsulatingFunctions.qll index 8a0d4ffab9..559c04ce98 100644 --- a/cpp/common/src/codingstandards/cpp/EncapsulatingFunctions.qll +++ b/cpp/common/src/codingstandards/cpp/EncapsulatingFunctions.qll @@ -36,7 +36,7 @@ class GoogleTestFunction extends MainLikeFunction { ) and // it's parent class inherits a base class exists(Class base | - base = this.getEnclosingAccessHolder().(Class).getABaseClass+() and + base = this.getEnclosingAccessHolder+().(Class).getABaseClass+() and ( // with a name "Test" inside a namespace called "testing" base.hasName("Test") and From f41d71de0cc57ea62e7952e1d421327dc5c1856a Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 10 Oct 2024 09:29:31 +0100 Subject: [PATCH 2117/2573] Remove spurious line break --- .github/workflows/code-scanning-pack-gen.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index 02d57bd18b..97b24f917a 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -8,7 +8,6 @@ on: - main - next - "rc/**" - push: branches: - main From 29881baf5f4637fd0c554a7fcb2b3bd04df984a3 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 10 Oct 2024 09:29:45 +0100 Subject: [PATCH 2118/2573] Run codeql pack bundle after zipping up the existing pack --- .github/workflows/code-scanning-pack-gen.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index 97b24f917a..12350e4855 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -101,14 +101,14 @@ jobs: codeql query compile --precompile --threads 0 cpp codeql query compile --precompile --threads 0 c - codeql pack bundle --output=misra-c-coding-standards.tgz c/misra/src - codeql pack bundle --output=cert-c-coding-standards.tgz c/cert/src - codeql pack bundle --output=cert-cpp-coding-standards.tgz cpp/cert/src - codeql pack bundle --output=autosar-cpp-coding-standards.tgz cpp/autosar/src - cd .. zip -r codeql-coding-standards/code-scanning-cpp-query-pack.zip codeql-coding-standards/c/ codeql-coding-standards/cpp/ codeql-coding-standards/.codeqlmanifest.json codeql-coding-standards/supported_codeql_configs.json codeql-coding-standards/scripts/configuration codeql-coding-standards/scripts/reports codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/guideline_recategorization codeql-coding-standards/schemas + codeql pack bundle --output=misra-c-coding-standards.tgz codeql-coding-standards/c/misra/src + codeql pack bundle --output=cert-c-coding-standards.tgz codeql-coding-standards/c/cert/src + codeql pack bundle --output=cert-cpp-coding-standards.tgz codeql-coding-standards/cpp/cert/src + codeql pack bundle --output=autosar-cpp-coding-standards.tgz codeql-coding-standards/cpp/autosar/src + - name: Upload GHAS Query Pack uses: actions/upload-artifact@v4 with: From c669f45c40d2dcdc7b3bd74e4a7f35ea2d95d16e Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 10 Oct 2024 09:30:12 +0100 Subject: [PATCH 2119/2573] Correctly quote the path pattern for upload-artifact --- .github/workflows/code-scanning-pack-gen.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index 12350e4855..dab56addae 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -115,7 +115,8 @@ jobs: name: code-scanning-cpp-query-pack.zip path: code-scanning-cpp-query-pack.zip - - uses: actions/upload-artifact@v4 + - name: Upload qlpacks + uses: actions/upload-artifact@v4 with: name: coding-standards-qlpacks - path: *-cp?p?-coding-standards.tgz \ No newline at end of file + path: '*-cp?p?-coding-standards.tgz' \ No newline at end of file From 147725dc1dff3df864d7c22033f1a8d1ffa5d16a Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 10 Oct 2024 23:30:24 +0100 Subject: [PATCH 2120/2573] Expand set of packs created, separate step --- .github/workflows/code-scanning-pack-gen.yml | 21 ++++++++++++++------ 1 file changed, 15 insertions(+), 6 deletions(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index dab56addae..3166f0dc64 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -104,18 +104,27 @@ jobs: cd .. zip -r codeql-coding-standards/code-scanning-cpp-query-pack.zip codeql-coding-standards/c/ codeql-coding-standards/cpp/ codeql-coding-standards/.codeqlmanifest.json codeql-coding-standards/supported_codeql_configs.json codeql-coding-standards/scripts/configuration codeql-coding-standards/scripts/reports codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/guideline_recategorization codeql-coding-standards/schemas - codeql pack bundle --output=misra-c-coding-standards.tgz codeql-coding-standards/c/misra/src - codeql pack bundle --output=cert-c-coding-standards.tgz codeql-coding-standards/c/cert/src - codeql pack bundle --output=cert-cpp-coding-standards.tgz codeql-coding-standards/cpp/cert/src - codeql pack bundle --output=autosar-cpp-coding-standards.tgz codeql-coding-standards/cpp/autosar/src - - name: Upload GHAS Query Pack uses: actions/upload-artifact@v4 with: name: code-scanning-cpp-query-pack.zip path: code-scanning-cpp-query-pack.zip - - name: Upload qlpacks + - name: Create qlpack bundles + env: + CODEQL_HOME: ${{ github.workspace }}/codeql_home + run: | + PATH=$PATH:$CODEQL_HOME/codeql + + codeql pack bundle --output=common-cpp-coding-standards.tgz cpp/common/src + codeql pack bundle --output=common-c-coding-standards.tgz c/common/src + codeql pack bundle --output=misra-c-coding-standards.tgz c/misra/src + codeql pack bundle --output=cert-c-coding-standards.tgz c/cert/src + codeql pack bundle --output=cert-cpp-coding-standards.tgz cpp/cert/src + codeql pack bundle --output=autosar-cpp-coding-standards.tgz -vvv cpp/autosar/src + codeql pack bundle --output=report-cpp-coding-standards.tgz cpp/report/src + + - name: Upload qlpack bundles uses: actions/upload-artifact@v4 with: name: coding-standards-qlpacks From 9ddbe53a50bddbdd0c4ede338b8833180a5e4693 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Fri, 11 Oct 2024 09:13:04 +0100 Subject: [PATCH 2121/2573] Address workflow issues - Update pattern to capture .tgz qlpack files. - Add extra verbosity to the cert-cpp call to see what discrepancies occur with the autosar-cpp (as we see the autosar pack bundling retrigger compilation) - Combine the query compile calls in the earlier step to try to promote retaining all the cache. --- .github/workflows/code-scanning-pack-gen.yml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index 3166f0dc64..3965e7d26d 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -98,8 +98,7 @@ jobs: run: | PATH=$PATH:$CODEQL_HOME/codeql - codeql query compile --precompile --threads 0 cpp - codeql query compile --precompile --threads 0 c + codeql query compile --precompile --threads 0 cpp c cd .. zip -r codeql-coding-standards/code-scanning-cpp-query-pack.zip codeql-coding-standards/c/ codeql-coding-standards/cpp/ codeql-coding-standards/.codeqlmanifest.json codeql-coding-standards/supported_codeql_configs.json codeql-coding-standards/scripts/configuration codeql-coding-standards/scripts/reports codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/guideline_recategorization codeql-coding-standards/schemas @@ -120,7 +119,7 @@ jobs: codeql pack bundle --output=common-c-coding-standards.tgz c/common/src codeql pack bundle --output=misra-c-coding-standards.tgz c/misra/src codeql pack bundle --output=cert-c-coding-standards.tgz c/cert/src - codeql pack bundle --output=cert-cpp-coding-standards.tgz cpp/cert/src + codeql pack bundle --output=cert-cpp-coding-standards.tgz -vvv cpp/cert/src codeql pack bundle --output=autosar-cpp-coding-standards.tgz -vvv cpp/autosar/src codeql pack bundle --output=report-cpp-coding-standards.tgz cpp/report/src @@ -128,4 +127,4 @@ jobs: uses: actions/upload-artifact@v4 with: name: coding-standards-qlpacks - path: '*-cp?p?-coding-standards.tgz' \ No newline at end of file + path: '*-coding-standards.tgz' \ No newline at end of file From c353b289d4d23b7e4495b22073f3774a94e9792e Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 11 Oct 2024 09:43:11 +0100 Subject: [PATCH 2122/2573] RULE-11-*: Handle pointers to specified void types MISRA does not consider void* to be a _pointer-to-object_. However, we did not correctly strip specifiers on the base type when considering whether to exclude void* types, which incorrectly lead us to consider `const void*` as a pointer-to-object type. --- c/misra/test/rules/RULE-11-3/test.c | 4 ++++ ...onversionBetweenPointerToObjectAndIntegerType.expected | 6 +++--- c/misra/test/rules/RULE-11-4/test.c | 3 +++ c/misra/test/rules/RULE-11-5/test.c | 4 ++++ c/misra/test/rules/RULE-11-7/test.c | 8 ++++++++ change_notes/2024-10-11-specifiers-rule-11-misra-c.md | 2 ++ cpp/common/src/codingstandards/cpp/Pointers.qll | 6 +++--- 7 files changed, 27 insertions(+), 6 deletions(-) create mode 100644 change_notes/2024-10-11-specifiers-rule-11-misra-c.md diff --git a/c/misra/test/rules/RULE-11-3/test.c b/c/misra/test/rules/RULE-11-3/test.c index 64ae688993..1f13899638 100644 --- a/c/misra/test/rules/RULE-11-3/test.c +++ b/c/misra/test/rules/RULE-11-3/test.c @@ -13,4 +13,8 @@ void f1(void) { int *v8 = (int *)0; // COMPLIANT v8 = v2; // NON_COMPLIANT v8 = (int *)(short *)v2; // NON_COMPLIANT + (const void *)v1; // COMPLIANT + const void *v9 = v1; // COMPLIANT + (int *)v9; // COMPLIANT - cast from void* + (const void *)v2; // COMPLIANT } \ No newline at end of file diff --git a/c/misra/test/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.expected b/c/misra/test/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.expected index 44d5ca5943..17a2fa223f 100644 --- a/c/misra/test/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.expected +++ b/c/misra/test/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.expected @@ -1,6 +1,6 @@ | test.c:6:21:6:37 | (unsigned int)... | Cast from pointer to object type 'unsigned int *' to integer type 'unsigned int'. | test.c:6:21:6:37 | (unsigned int)... | | | test.c:8:8:8:24 | (unsigned int)... | Cast from pointer to object type 'unsigned int *' to integer type 'unsigned int'. | test.c:8:8:8:24 | (unsigned int)... | | | test.c:12:22:12:39 | (unsigned int *)... | Cast from integer type 'unsigned int' to pointer to object type 'unsigned int *'. | test.c:12:22:12:39 | (unsigned int *)... | | -| test.c:15:1:15:24 | #define FOO (int *)0x200 | Cast from integer type 'int' to pointer to object type 'int *'. | test.c:15:1:15:24 | #define FOO (int *)0x200 | | -| test.c:23:3:23:22 | (int *)... | Cast from integer type 'int' to pointer to object type 'int *' from expansion of macro $@. | test.c:17:1:17:34 | #define FOO_FUNCTIONAL(x) (int *)x | FOO_FUNCTIONAL | -| test.c:24:14:24:25 | (int *)... | Cast from integer type 'int' to pointer to object type 'int *' from expansion of macro $@. | test.c:18:1:18:23 | #define FOO_INSERT(x) x | FOO_INSERT | +| test.c:18:1:18:24 | #define FOO (int *)0x200 | Cast from integer type 'int' to pointer to object type 'int *'. | test.c:18:1:18:24 | #define FOO (int *)0x200 | | +| test.c:26:3:26:22 | (int *)... | Cast from integer type 'int' to pointer to object type 'int *' from expansion of macro $@. | test.c:20:1:20:34 | #define FOO_FUNCTIONAL(x) (int *)x | FOO_FUNCTIONAL | +| test.c:27:14:27:25 | (int *)... | Cast from integer type 'int' to pointer to object type 'int *' from expansion of macro $@. | test.c:21:1:21:23 | #define FOO_INSERT(x) x | FOO_INSERT | diff --git a/c/misra/test/rules/RULE-11-4/test.c b/c/misra/test/rules/RULE-11-4/test.c index 5a78387247..283af5e560 100644 --- a/c/misra/test/rules/RULE-11-4/test.c +++ b/c/misra/test/rules/RULE-11-4/test.c @@ -10,6 +10,9 @@ void f1(void) { unsigned int *v4 = 0; // COMPLIANT unsigned int *v5 = NULL; // COMPLIANT unsigned int *v6 = (unsigned int *)v2; // NON_COMPLIANT + const void *v7 = 0; + (unsigned int)v7; // COMPLIANT - cast const void to int + (const void *)v1; // COMPLIANT - casting int to const void } #define FOO (int *)0x200 // NON_COMPLIANT diff --git a/c/misra/test/rules/RULE-11-5/test.c b/c/misra/test/rules/RULE-11-5/test.c index a7ffa4822e..b14333e536 100644 --- a/c/misra/test/rules/RULE-11-5/test.c +++ b/c/misra/test/rules/RULE-11-5/test.c @@ -7,4 +7,8 @@ void f1(void) { v2 = NULL; // COMPLIANT void *v3 = (void *)v1; // COMPLIANT v3 = (void *)v2; // COMPLIANT + const void *v4 = 0; + (int *)v4; // NON_COMPLIANT[FALSE_NEGATIVE] - const in type is irrelevant + (const void *)v1; // COMPLIANT - casting is from void to void, const addition + // should be irrelevant } \ No newline at end of file diff --git a/c/misra/test/rules/RULE-11-7/test.c b/c/misra/test/rules/RULE-11-7/test.c index b7dd989b00..4891aaae85 100644 --- a/c/misra/test/rules/RULE-11-7/test.c +++ b/c/misra/test/rules/RULE-11-7/test.c @@ -7,4 +7,12 @@ void f1(void) { float v4 = (float)(bool)v1; // NON_COMPLIANT v1 = (int *)v2; // NON_COMPLIANT v4 = (float)v3; // COMPLIANT + void *v5 = 0; + const void *v6 = 0; + // void pointers (regardless of specifier) are not pointers to object, so all + // these examples are compliant according to this rule + (bool)v5; // COMPLIANT + (bool)v6; // COMPLIANT + (void *)v2; // COMPLIANT + (const void *)v2; // COMPLIANT } \ No newline at end of file diff --git a/change_notes/2024-10-11-specifiers-rule-11-misra-c.md b/change_notes/2024-10-11-specifiers-rule-11-misra-c.md new file mode 100644 index 0000000000..910a66ec71 --- /dev/null +++ b/change_notes/2024-10-11-specifiers-rule-11-misra-c.md @@ -0,0 +1,2 @@ +- `RULE-11-3`, `RULE-11-4`, `RULE-11-5`, `RULE-11-7` - `CastBetweenObjectPointerAndDifferentObjectType.ql`, `ConversionBetweenPointerToObjectAndIntegerType.ql`, `ConversionFromPointerToVoidIntoPointerToObject.ql`, `CastBetweenPointerToObjectAndNonIntArithmeticType.ql`: + - Removed false positives where casts involved a specified void type pointer, e.g. `const void*`, which should not be considered as a pointer to object. diff --git a/cpp/common/src/codingstandards/cpp/Pointers.qll b/cpp/common/src/codingstandards/cpp/Pointers.qll index 22dcbd187b..8ed55b2bc0 100644 --- a/cpp/common/src/codingstandards/cpp/Pointers.qll +++ b/cpp/common/src/codingstandards/cpp/Pointers.qll @@ -80,9 +80,9 @@ predicate isCastNullPointerConstant(Cast c) { class PointerToObjectType extends PointerType { PointerToObjectType() { not ( - this.getUnderlyingType() instanceof FunctionPointerType or - this.getUnderlyingType() instanceof VoidPointerType or - this.getBaseType().getUnderlyingType() instanceof IncompleteType + this.getUnspecifiedType() instanceof FunctionPointerType or + this.getUnspecifiedType() instanceof VoidPointerType or + this.getBaseType().getUnspecifiedType() instanceof IncompleteType ) } } From d4ed99e93049a6eefb5bb2635a5bbe39fdcf24c0 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 11 Oct 2024 10:46:15 +0100 Subject: [PATCH 2123/2573] // Ignore realloc, as that memory may already be partially constructed RULE-11-5: Handle const pointers --- .../RULE-11-5/ConversionFromPointerToVoidIntoPointerToObject.ql | 2 +- .../ConversionFromPointerToVoidIntoPointerToObject.expected | 1 + c/misra/test/rules/RULE-11-5/test.c | 2 +- 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/c/misra/src/rules/RULE-11-5/ConversionFromPointerToVoidIntoPointerToObject.ql b/c/misra/src/rules/RULE-11-5/ConversionFromPointerToVoidIntoPointerToObject.ql index bdaebcbf54..0363c28c19 100644 --- a/c/misra/src/rules/RULE-11-5/ConversionFromPointerToVoidIntoPointerToObject.ql +++ b/c/misra/src/rules/RULE-11-5/ConversionFromPointerToVoidIntoPointerToObject.ql @@ -19,7 +19,7 @@ import codingstandards.cpp.Pointers from Cast cast, VoidPointerType type, PointerToObjectType newType where not isExcluded(cast, Pointers1Package::conversionFromPointerToVoidIntoPointerToObjectQuery()) and - type = cast.getExpr().getUnderlyingType() and + type = cast.getExpr().getUnspecifiedType() and newType = cast.getUnderlyingType() and not isNullPointerConstant(cast.getExpr()) select cast, diff --git a/c/misra/test/rules/RULE-11-5/ConversionFromPointerToVoidIntoPointerToObject.expected b/c/misra/test/rules/RULE-11-5/ConversionFromPointerToVoidIntoPointerToObject.expected index 5b4eec8d15..42cf288b34 100644 --- a/c/misra/test/rules/RULE-11-5/ConversionFromPointerToVoidIntoPointerToObject.expected +++ b/c/misra/test/rules/RULE-11-5/ConversionFromPointerToVoidIntoPointerToObject.expected @@ -1 +1,2 @@ | test.c:6:13:6:21 | (int *)... | Cast performed from a void pointer into a pointer to an object (int *). | +| test.c:11:3:11:11 | (int *)... | Cast performed from a void pointer into a pointer to an object (int *). | diff --git a/c/misra/test/rules/RULE-11-5/test.c b/c/misra/test/rules/RULE-11-5/test.c index b14333e536..5b5a5b3a52 100644 --- a/c/misra/test/rules/RULE-11-5/test.c +++ b/c/misra/test/rules/RULE-11-5/test.c @@ -8,7 +8,7 @@ void f1(void) { void *v3 = (void *)v1; // COMPLIANT v3 = (void *)v2; // COMPLIANT const void *v4 = 0; - (int *)v4; // NON_COMPLIANT[FALSE_NEGATIVE] - const in type is irrelevant + (int *)v4; // NON_COMPLIANT - const in type is irrelevant (const void *)v1; // COMPLIANT - casting is from void to void, const addition // should be irrelevant } \ No newline at end of file From 7504a96d6cfc098b187da4265d1fef302a5058bd Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 11 Oct 2024 10:47:31 +0100 Subject: [PATCH 2124/2573] Add extra test cases, update release note --- .../CastBetweenObjectPointerAndDifferentObjectType.expected | 4 ++++ c/misra/test/rules/RULE-11-3/test.c | 4 ++++ change_notes/2024-10-11-specifiers-rule-11-misra-c.md | 2 +- 3 files changed, 9 insertions(+), 1 deletion(-) diff --git a/c/misra/test/rules/RULE-11-3/CastBetweenObjectPointerAndDifferentObjectType.expected b/c/misra/test/rules/RULE-11-3/CastBetweenObjectPointerAndDifferentObjectType.expected index 91fd9f274a..94cf6ee635 100644 --- a/c/misra/test/rules/RULE-11-3/CastBetweenObjectPointerAndDifferentObjectType.expected +++ b/c/misra/test/rules/RULE-11-3/CastBetweenObjectPointerAndDifferentObjectType.expected @@ -2,3 +2,7 @@ | test.c:14:8:14:9 | (int *)... | Cast performed between a pointer to object type (char) and a pointer to a different object type (int). | | test.c:15:8:15:25 | (int *)... | Cast performed between a pointer to object type (short) and a pointer to a different object type (int). | | test.c:15:15:15:25 | (short *)... | Cast performed between a pointer to object type (char) and a pointer to a different object type (short). | +| test.c:20:3:20:17 | (const int *)... | Cast performed between a pointer to object type (char) and a pointer to a different object type (const int). | +| test.c:21:3:21:16 | (int *)... | Cast performed between a pointer to object type (char) and a pointer to a different object type (int). | +| test.c:22:20:22:21 | (int *)... | Cast performed between a pointer to object type (char) and a pointer to a different object type (int). | +| test.c:23:3:23:18 | (long long *)... | Cast performed between a pointer to object type (int) and a pointer to a different object type (long long). | diff --git a/c/misra/test/rules/RULE-11-3/test.c b/c/misra/test/rules/RULE-11-3/test.c index 1f13899638..4730aeac03 100644 --- a/c/misra/test/rules/RULE-11-3/test.c +++ b/c/misra/test/rules/RULE-11-3/test.c @@ -17,4 +17,8 @@ void f1(void) { const void *v9 = v1; // COMPLIANT (int *)v9; // COMPLIANT - cast from void* (const void *)v2; // COMPLIANT + (const int *)v2; // NON_COMPLIANT + (int *const)v2; // NON_COMPLIANT + int *const v10 = v2; // NON_COMPLIANT + (long long *)v10; // NON_COMPLIANT } \ No newline at end of file diff --git a/change_notes/2024-10-11-specifiers-rule-11-misra-c.md b/change_notes/2024-10-11-specifiers-rule-11-misra-c.md index 910a66ec71..bde621f220 100644 --- a/change_notes/2024-10-11-specifiers-rule-11-misra-c.md +++ b/change_notes/2024-10-11-specifiers-rule-11-misra-c.md @@ -1,2 +1,2 @@ - `RULE-11-3`, `RULE-11-4`, `RULE-11-5`, `RULE-11-7` - `CastBetweenObjectPointerAndDifferentObjectType.ql`, `ConversionBetweenPointerToObjectAndIntegerType.ql`, `ConversionFromPointerToVoidIntoPointerToObject.ql`, `CastBetweenPointerToObjectAndNonIntArithmeticType.ql`: - - Removed false positives where casts involved a specified void type pointer, e.g. `const void*`, which should not be considered as a pointer to object. + - Removed false positives where casts involved a specified void type pointer, e.g. `const void*`, which should not be considered as a pointer to object, but should be considered a pointer-to-void. \ No newline at end of file From 6e930255395323629061b5a0f684869e011d773b Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 11 Oct 2024 10:56:30 +0100 Subject: [PATCH 2125/2573] Update release notes --- change_notes/2024-10-11-specifiers-rule-11-misra-c.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/change_notes/2024-10-11-specifiers-rule-11-misra-c.md b/change_notes/2024-10-11-specifiers-rule-11-misra-c.md index bde621f220..5f74dc6b3f 100644 --- a/change_notes/2024-10-11-specifiers-rule-11-misra-c.md +++ b/change_notes/2024-10-11-specifiers-rule-11-misra-c.md @@ -1,2 +1,4 @@ - `RULE-11-3`, `RULE-11-4`, `RULE-11-5`, `RULE-11-7` - `CastBetweenObjectPointerAndDifferentObjectType.ql`, `ConversionBetweenPointerToObjectAndIntegerType.ql`, `ConversionFromPointerToVoidIntoPointerToObject.ql`, `CastBetweenPointerToObjectAndNonIntArithmeticType.ql`: - - Removed false positives where casts involved a specified void type pointer, e.g. `const void*`, which should not be considered as a pointer to object, but should be considered a pointer-to-void. \ No newline at end of file + - Removed false positives where casts involved a specified void type pointer, e.g. `const void*`, which should not be considered as a pointer to object. +- `RULE-11-5` - `ConversionFromPointerToVoidIntoPointerToObject.ql`: + - Addressed false negatives where the pointer-to-void was specified. \ No newline at end of file From f4626971076b1168253c0e77afbe1f89d4cfaa7c Mon Sep 17 00:00:00 2001 From: Fernando Jose Date: Mon, 14 Oct 2024 10:30:29 +0900 Subject: [PATCH 2126/2573] feat(a14-5-2): do not consider type members declared with using aliases. --- .../src/rules/A14-5-2/NonTemplateMemberDefinedInTemplate.ql | 4 +++- .../A14-5-2/NonTemplateMemberDefinedInTemplate.expected | 2 -- cpp/autosar/test/rules/A14-5-2/test.cpp | 6 +++--- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/cpp/autosar/src/rules/A14-5-2/NonTemplateMemberDefinedInTemplate.ql b/cpp/autosar/src/rules/A14-5-2/NonTemplateMemberDefinedInTemplate.ql index 4a81e32b0f..b8dff92ca6 100644 --- a/cpp/autosar/src/rules/A14-5-2/NonTemplateMemberDefinedInTemplate.ql +++ b/cpp/autosar/src/rules/A14-5-2/NonTemplateMemberDefinedInTemplate.ql @@ -167,7 +167,9 @@ where mf = c.getAMemberFunction() and not mf.isCompilerGenerated() and not exists(mf.getBlock()) ) ) - ) + ) and + // Omit using alias (cf. https://github.com/github/codeql-coding-standards/issues/739) + not d instanceof UsingAliasTypedefType select d, "Member " + d.getName() + " template class does not use any of template arguments of its $@.", d.getDeclaringType(), "declaring type" diff --git a/cpp/autosar/test/rules/A14-5-2/NonTemplateMemberDefinedInTemplate.expected b/cpp/autosar/test/rules/A14-5-2/NonTemplateMemberDefinedInTemplate.expected index d45a3c6871..454a1c6b83 100644 --- a/cpp/autosar/test/rules/A14-5-2/NonTemplateMemberDefinedInTemplate.expected +++ b/cpp/autosar/test/rules/A14-5-2/NonTemplateMemberDefinedInTemplate.expected @@ -1,5 +1,3 @@ -| test.cpp:10:9:10:10 | T1 | Member T1 template class does not use any of template arguments of its $@. | test.cpp:6:29:6:30 | C1 | declaring type | -| test.cpp:11:9:11:10 | T2 | Member T2 template class does not use any of template arguments of its $@. | test.cpp:6:29:6:30 | C1 | declaring type | | test.cpp:28:31:28:33 | C12 | Member C12 template class does not use any of template arguments of its $@. | test.cpp:6:29:6:30 | C1 | declaring type | | test.cpp:45:7:45:8 | a1 | Member a1 template class does not use any of template arguments of its $@. | test.cpp:37:31:37:33 | C22 | declaring type | | test.cpp:46:9:46:10 | a2 | Member a2 template class does not use any of template arguments of its $@. | test.cpp:37:31:37:33 | C22 | declaring type | diff --git a/cpp/autosar/test/rules/A14-5-2/test.cpp b/cpp/autosar/test/rules/A14-5-2/test.cpp index e60a955c68..236f3beb7a 100644 --- a/cpp/autosar/test/rules/A14-5-2/test.cpp +++ b/cpp/autosar/test/rules/A14-5-2/test.cpp @@ -7,8 +7,8 @@ template class C1 { public: enum E1 : T { e1, e2 }; // COMPLIANT - using T1 = typename template_base::type; // COMPLIANT[FALSE_POSITIVE] - using T2 = typename template_base::type; // NON_COMPLIANT + using T1 = typename template_base::type; // COMPLIANT + using T2 = typename template_base::type; // NON_COMPLIANT[FALSE_NEGATIVE] class C11 { // COMPLIANT enum E2 { @@ -156,4 +156,4 @@ template class V { void f4() { V v; v.type(); -} \ No newline at end of file +} From 006e4a1d464573e48e7fdfd866549d2939e09a7a Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 15 Oct 2024 00:00:10 +0100 Subject: [PATCH 2127/2573] EssentialTypes: Correctly handle enumerations --- .../c/misra/EssentialTypes.qll | 42 ++++++++++++++++++- c/misra/test/c/misra/EssentialTypes.expected | 14 +++++++ c/misra/test/c/misra/test.c | 21 ++++++++++ 3 files changed, 75 insertions(+), 2 deletions(-) diff --git a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll index d01bc81038..c92b6403c7 100644 --- a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll +++ b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll @@ -130,12 +130,17 @@ EssentialTypeCategory getEssentialTypeCategory(Type type) { essentialType.(IntegralType).isSigned() and not essentialType instanceof PlainCharType or + // Anonymous enums are considered to be signed + result = EssentiallySignedType() and + essentialType instanceof AnonymousEnumType and + not essentialType instanceof MisraBoolType + or result = EssentiallyUnsignedType() and essentialType.(IntegralType).isUnsigned() and not essentialType instanceof PlainCharType or result = EssentiallyEnumType() and - essentialType instanceof Enum and + essentialType instanceof NamedEnumType and not essentialType instanceof MisraBoolType or result = EssentiallyFloatingType() and @@ -348,8 +353,41 @@ class EssentialBinaryArithmeticExpr extends EssentialExpr, BinaryArithmeticOpera } } +/** + * A named Enum type, as per D.5. + */ +class NamedEnumType extends Enum { + NamedEnumType() { + not isAnonymous() + or + exists(Type useOfEnum | this = useOfEnum.stripType() | + exists(TypedefType t | t.getBaseType() = useOfEnum) + or + exists(Function f | f.getType() = useOfEnum or f.getAParameter().getType() = useOfEnum) + or + exists(Struct s | s.getAField().getType() = useOfEnum) + or + exists(Variable v | v.getType() = useOfEnum) + ) + } +} + +/** + * An anonymous Enum type, as per D.5. + */ +class AnonymousEnumType extends Enum { + AnonymousEnumType() { not this instanceof NamedEnumType } +} + +/** + * The EssentialType of an EnumConstantAccess, which may be essentially enum or essentially signed. + */ class EssentialEnumConstantAccess extends EssentialExpr, EnumConstantAccess { - override Type getEssentialType() { result = getTarget().getDeclaringEnum() } + override Type getEssentialType() { + exists(Enum e | e = getTarget().getDeclaringEnum() | + if e instanceof NamedEnumType then result = e else result = stlr(this) + ) + } } class EssentialLiteral extends EssentialExpr, Literal { diff --git a/c/misra/test/c/misra/EssentialTypes.expected b/c/misra/test/c/misra/EssentialTypes.expected index 8b6b45a2f0..f7f8aed9c8 100644 --- a/c/misra/test/c/misra/EssentialTypes.expected +++ b/c/misra/test/c/misra/EssentialTypes.expected @@ -1,3 +1,9 @@ +| file://:0:0:0:0 | 0 | signed char | signed char | essentially Signed type | +| file://:0:0:0:0 | 0 | signed char | signed char | essentially Signed type | +| file://:0:0:0:0 | 0 | signed char | signed char | essentially Signed type | +| file://:0:0:0:0 | 0 | signed char | signed char | essentially Signed type | +| file://:0:0:0:0 | 0 | signed char | signed char | essentially Signed type | +| file://:0:0:0:0 | 0 | signed char | signed char | essentially Signed type | | test.c:4:20:4:20 | 1 | signed char | signed char | essentially Signed type | | test.c:4:20:4:20 | (unsigned int)... | unsigned int | unsigned int | essentially Unsigned type | | test.c:5:23:5:23 | 1 | signed char | signed char | essentially Signed type | @@ -73,3 +79,11 @@ | test.c:54:3:54:5 | ~ ... | int | int | essentially Signed type | | test.c:54:4:54:5 | (int)... | int | int | essentially Signed type | | test.c:54:4:54:5 | ss | signed short | signed short | essentially Signed type | +| test.c:63:30:63:32 | ((unnamed enum))... | (unnamed enum) | (unnamed enum) | essentially Enum Type | +| test.c:63:30:63:32 | EC5 | (unnamed enum) | (unnamed enum) | essentially Enum Type | +| test.c:70:3:70:5 | EC1 | signed char | signed char | essentially Signed type | +| test.c:71:3:71:5 | EC2 | E1 | E1 | essentially Enum Type | +| test.c:72:3:72:5 | EC3 | (unnamed enum) | (unnamed enum) | essentially Enum Type | +| test.c:73:3:73:5 | EC4 | (unnamed enum) | (unnamed enum) | essentially Enum Type | +| test.c:74:3:74:5 | EC5 | (unnamed enum) | (unnamed enum) | essentially Enum Type | +| test.c:75:3:75:5 | EC6 | (unnamed enum) | (unnamed enum) | essentially Enum Type | diff --git a/c/misra/test/c/misra/test.c b/c/misra/test/c/misra/test.c index 6156e9440e..64546f410c 100644 --- a/c/misra/test/c/misra/test.c +++ b/c/misra/test/c/misra/test.c @@ -52,4 +52,25 @@ void testUnary() { ~us; // Should be essentially unsigned ~s; // Should be essentially signed ~ss; // Should be essentially signed +} + +enum { EC1 }; +enum E1 { EC2 }; +typedef enum { EC3 } E2; + +enum { EC4 } g; + +enum { EC5 } test() { return EC5; } + +struct S1 { + enum { EC6 } m; +}; + +void testEnums() { + EC1; // Should be essentially signed + EC2; // Should be essentially enum + EC3; // Should be essentially enum + EC4; // Should be essentially enum + EC5; // Should be essentially enum + EC6; // Should be essentially enum } \ No newline at end of file From 352f778af08e8d7eae2c071bd62c495bb6cc5351 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 15 Oct 2024 00:02:48 +0100 Subject: [PATCH 2128/2573] Handle non-zero length characters --- c/misra/src/codingstandards/c/misra/EssentialTypes.qll | 6 ++++-- c/misra/test/c/misra/EssentialTypes.expected | 3 +++ c/misra/test/c/misra/test.c | 6 ++++++ 3 files changed, 13 insertions(+), 2 deletions(-) diff --git a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll index c92b6403c7..4783547ed2 100644 --- a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll +++ b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll @@ -393,9 +393,11 @@ class EssentialEnumConstantAccess extends EssentialExpr, EnumConstantAccess { class EssentialLiteral extends EssentialExpr, Literal { override Type getEssentialType() { if this instanceof BooleanLiteral - then result instanceof MisraBoolType + then + // This returns a multitude of types - not sure if we really want that + result instanceof MisraBoolType else ( - if this.(CharLiteral).getCharacter().length() = 1 + if this instanceof CharLiteral then result instanceof PlainCharType else exists(Type underlyingStandardType | diff --git a/c/misra/test/c/misra/EssentialTypes.expected b/c/misra/test/c/misra/EssentialTypes.expected index f7f8aed9c8..c0e010b8e4 100644 --- a/c/misra/test/c/misra/EssentialTypes.expected +++ b/c/misra/test/c/misra/EssentialTypes.expected @@ -87,3 +87,6 @@ | test.c:73:3:73:5 | EC4 | (unnamed enum) | (unnamed enum) | essentially Enum Type | | test.c:74:3:74:5 | EC5 | (unnamed enum) | (unnamed enum) | essentially Enum Type | | test.c:75:3:75:5 | EC6 | (unnamed enum) | (unnamed enum) | essentially Enum Type | +| test.c:79:3:79:5 | 97 | char | char | essentially Character type | +| test.c:80:3:80:6 | 10 | char | char | essentially Character type | +| test.c:81:3:81:6 | 0 | char | char | essentially Character type | diff --git a/c/misra/test/c/misra/test.c b/c/misra/test/c/misra/test.c index 64546f410c..b3fdddd591 100644 --- a/c/misra/test/c/misra/test.c +++ b/c/misra/test/c/misra/test.c @@ -73,4 +73,10 @@ void testEnums() { EC4; // Should be essentially enum EC5; // Should be essentially enum EC6; // Should be essentially enum +} + +void testControlChar() { + 'a'; // Essentially char + '\n'; // Essentially char + '\0'; // Essentially char } \ No newline at end of file From b5377b402bb0f15575cfb7afb8412c6907c021b2 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 15 Oct 2024 00:05:16 +0100 Subject: [PATCH 2129/2573] Rule 10.4: Update to reflect EssentialType improvements --- c/misra/test/rules/RULE-10-4/test.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/c/misra/test/rules/RULE-10-4/test.c b/c/misra/test/rules/RULE-10-4/test.c index 666590a2d5..b803d487a0 100644 --- a/c/misra/test/rules/RULE-10-4/test.c +++ b/c/misra/test/rules/RULE-10-4/test.c @@ -33,4 +33,8 @@ void testOps() { A < A; // COMPLIANT e1a < e2a; // NON_COMPLIANT A < D; // NON_COMPLIANT + + enum { G }; + s32 + G; // COMPLIANT + c == '\n'; // COMPLIANT } \ No newline at end of file From 54f724e76885a05605fb9a5bb4439f2dfa17cb38 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 15 Oct 2024 00:07:03 +0100 Subject: [PATCH 2130/2573] Rule 10.4: Resolve typedefs before determining if enums are equal --- .../RULE-10-4/OperandsWithMismatchedEssentialTypeCategory.ql | 2 +- c/misra/test/rules/RULE-10-4/test.c | 5 +++++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/c/misra/src/rules/RULE-10-4/OperandsWithMismatchedEssentialTypeCategory.ql b/c/misra/src/rules/RULE-10-4/OperandsWithMismatchedEssentialTypeCategory.ql index cc4c860d7d..d1fed06319 100644 --- a/c/misra/src/rules/RULE-10-4/OperandsWithMismatchedEssentialTypeCategory.ql +++ b/c/misra/src/rules/RULE-10-4/OperandsWithMismatchedEssentialTypeCategory.ql @@ -38,7 +38,7 @@ where // be reported as non-compliant. leftOpTypeCategory = EssentiallyEnumType() and rightOpTypeCategory = EssentiallyEnumType() and - not leftOpEssentialType = rightOpEssentialType and + not leftOpEssentialType.getUnspecifiedType() = rightOpEssentialType.getUnspecifiedType() and message = "The operands of this operator with usual arithmetic conversions have mismatched essentially Enum types (left operand: " + leftOpEssentialType + ", right operand: " + rightOpEssentialType + ")." diff --git a/c/misra/test/rules/RULE-10-4/test.c b/c/misra/test/rules/RULE-10-4/test.c index b803d487a0..cbcb7191f6 100644 --- a/c/misra/test/rules/RULE-10-4/test.c +++ b/c/misra/test/rules/RULE-10-4/test.c @@ -37,4 +37,9 @@ void testOps() { enum { G }; s32 + G; // COMPLIANT c == '\n'; // COMPLIANT + + typedef enum { H } E3; + + E3 e3a = H; + e3a < H; // COMPLIANT } \ No newline at end of file From 2ae343c294b5ec893677b289f63cadf57a1fc8ac Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 15 Oct 2024 00:11:02 +0100 Subject: [PATCH 2131/2573] Add change note --- change_notes/2024-10-15-lits-and-constants-10-4.md | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 change_notes/2024-10-15-lits-and-constants-10-4.md diff --git a/change_notes/2024-10-15-lits-and-constants-10-4.md b/change_notes/2024-10-15-lits-and-constants-10-4.md new file mode 100644 index 0000000000..cfcb309204 --- /dev/null +++ b/change_notes/2024-10-15-lits-and-constants-10-4.md @@ -0,0 +1,5 @@ + - `RULE-10-4` - `OperandswithMismatchedEssentialTypeCategory.ql`: + - Removed false positives where a specified or typedef'd enum type was compared to an enum constant type. + - `EssentialType` - for all queries related to essential types: + - `\n` and other control characters are now correctly deduced as essentially char type, instead of an essentially integer type. + - Enum constants for anonymous enums are now correctly deduced as an essentially signed integer type instead of essentially enum. \ No newline at end of file From 7e8d2a13dba6d7097f3362899f1aee5548ee55bd Mon Sep 17 00:00:00 2001 From: Fernando Jose Date: Tue, 15 Oct 2024 09:47:52 +0900 Subject: [PATCH 2132/2573] Add change note. --- change_notes/2024-10-15-fix-fp-739-a14-5-2.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 change_notes/2024-10-15-fix-fp-739-a14-5-2.md diff --git a/change_notes/2024-10-15-fix-fp-739-a14-5-2.md b/change_notes/2024-10-15-fix-fp-739-a14-5-2.md new file mode 100644 index 0000000000..39cb00e3ae --- /dev/null +++ b/change_notes/2024-10-15-fix-fp-739-a14-5-2.md @@ -0,0 +1,2 @@ +- `A14-5-2` - `NonTemplateMemberDefinedInTemplate.ql` + - Fixes #739. Omit type members declared with using aliases. From 3842b4cd3e2a8ba9121e9b6b441f105c7c50265f Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 15 Oct 2024 11:23:05 +0100 Subject: [PATCH 2133/2573] A7-1-3: Fix #601. We did not correctly constrain the type mention for the type to be before the variable declaration itself. --- change_notes/2024-10-15-a7-1-3-multi-refs.md | 2 ++ ...CvQualifiersNotPlacedOnTheRightHandSide.ql | 22 +++++++++---------- ...ifiersNotPlacedOnTheRightHandSide.expected | 1 + cpp/autosar/test/rules/A7-1-3/test.cpp | 12 ++++++++++ 4 files changed, 25 insertions(+), 12 deletions(-) create mode 100644 change_notes/2024-10-15-a7-1-3-multi-refs.md diff --git a/change_notes/2024-10-15-a7-1-3-multi-refs.md b/change_notes/2024-10-15-a7-1-3-multi-refs.md new file mode 100644 index 0000000000..39e00495cb --- /dev/null +++ b/change_notes/2024-10-15-a7-1-3-multi-refs.md @@ -0,0 +1,2 @@ +- `A7-1-3` - `CvQualifiersNotPlacedOnTheRightHandSide.ql`: + - Removed false positives where a correctly CV-qualified typedef variable type was also referenced in the initializer. \ No newline at end of file diff --git a/cpp/autosar/src/rules/A7-1-3/CvQualifiersNotPlacedOnTheRightHandSide.ql b/cpp/autosar/src/rules/A7-1-3/CvQualifiersNotPlacedOnTheRightHandSide.ql index 54968dc223..f60fcd51de 100644 --- a/cpp/autosar/src/rules/A7-1-3/CvQualifiersNotPlacedOnTheRightHandSide.ql +++ b/cpp/autosar/src/rules/A7-1-3/CvQualifiersNotPlacedOnTheRightHandSide.ql @@ -20,14 +20,12 @@ import cpp import codingstandards.cpp.autosar /** - * Holds if declaration `e` using a `TypedefType` is CV-qualified - * - * For example, given `using intconstptr = int * const`: - * the predicate holds for `const/volatile intconstptr ptr1`, but not for `intconstptr ptr2` + * Unwrap layers of indirection that occur on the right side of the type. */ -predicate containsExtraSpecifiers(VariableDeclarationEntry e) { - e.getType().toString().matches("const %") or - e.getType().toString().matches("volatile %") +Type unwrapIndirection(Type type) { + if type instanceof DerivedType and not type instanceof SpecifiedType + then result = unwrapIndirection(type.(DerivedType).getBaseType()) + else result = type } // DeclStmts that have a TypedefType name use (ie TypeMention) in them @@ -36,19 +34,19 @@ predicate containsExtraSpecifiers(VariableDeclarationEntry e) { from VariableDeclarationEntry e, TypedefType t, TypeMention tm where not isExcluded(e, ConstPackage::cvQualifiersNotPlacedOnTheRightHandSideQuery()) and - containsExtraSpecifiers(e) and + // Variable type is specified, and has the typedef type as a base type + unwrapIndirection(e.getType()).(SpecifiedType).getBaseType() = t and exists(string filepath, int startline | e.getLocation().hasLocationInfo(filepath, startline, _, _, _) and tm.getLocation().hasLocationInfo(filepath, startline, _, _, _) and e = t.getATypeNameUse() and tm.getMentionedType() = t and + // TypeMention occurs before the variable declaration + tm.getLocation().getStartColumn() < e.getLocation().getStartColumn() and exists(DeclStmt s | s.getDeclarationEntry(_) = e and - //const could fit in there + // TypeMention occurs after the start of the StmtDecl, with enough space for const/volatile tm.getLocation().getStartColumn() - s.getLocation().getStartColumn() > 5 - //volatile could fit in there - //but the above condition subsumes this one - //l.getStartColumn() - tm.getLocation().getStartColumn() > 8 ) ) select e, diff --git a/cpp/autosar/test/rules/A7-1-3/CvQualifiersNotPlacedOnTheRightHandSide.expected b/cpp/autosar/test/rules/A7-1-3/CvQualifiersNotPlacedOnTheRightHandSide.expected index 9d6a710449..7eea341903 100644 --- a/cpp/autosar/test/rules/A7-1-3/CvQualifiersNotPlacedOnTheRightHandSide.expected +++ b/cpp/autosar/test/rules/A7-1-3/CvQualifiersNotPlacedOnTheRightHandSide.expected @@ -1,3 +1,4 @@ | test.cpp:9:16:9:19 | definition of ptr1 | There is possibly a const or volatile specifier on the left hand side of typedef name $@. | test.cpp:1:7:1:12 | intptr | intptr | | test.cpp:10:19:10:22 | definition of ptr2 | There is possibly a const or volatile specifier on the left hand side of typedef name $@. | test.cpp:1:7:1:12 | intptr | intptr | | test.cpp:19:21:19:24 | definition of ptr8 | There is possibly a const or volatile specifier on the left hand side of typedef name $@. | test.cpp:3:7:3:17 | constintptr | constintptr | +| test.cpp:32:23:32:26 | definition of u32d | There is possibly a const or volatile specifier on the left hand side of typedef name $@. | file:///Users/luke/git/codeql-coding-standards/cpp/common/test/includes/standard-library/cstdint.h:9:22:9:29 | uint32_t | uint32_t | diff --git a/cpp/autosar/test/rules/A7-1-3/test.cpp b/cpp/autosar/test/rules/A7-1-3/test.cpp index 621a64115d..39f53b8623 100644 --- a/cpp/autosar/test/rules/A7-1-3/test.cpp +++ b/cpp/autosar/test/rules/A7-1-3/test.cpp @@ -18,4 +18,16 @@ void f() { constintptr const ptr7 = &l; // COMPLIANT const constintptr ptr8 = &l; // NON_COMPLIANT inttypedef ptr9 = l; // COMPLIANT +} + +#include + +void false_positive() { + std::uint8_t u8{0}; + + auto const u32 = static_cast(u8); // COMPLIANT - auto ignored + std::uint32_t const u32b = static_cast(u8); // COMPLIANT + + const auto u32c = static_cast(u8); // COMPLIANT - auto ignored + const std::uint32_t u32d = static_cast(u8); // NON_COMPLIANT } \ No newline at end of file From 2a17ba73405d5a76d126173d597490a4f20df2e9 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 15 Oct 2024 11:40:02 +0100 Subject: [PATCH 2134/2573] Address review comments * Rename HoldsForAllInstances to HoldsForAllCopies * Improve documentation --- c/misra/src/rules/RULE-2-2/DeadCode.ql | 4 ++-- ...AllInstances.qll => HoldsForAllCopies.qll} | 23 +++++++++++-------- .../cpp/rules/deadcode/DeadCode.qll | 4 ++-- 3 files changed, 17 insertions(+), 14 deletions(-) rename cpp/common/src/codingstandards/cpp/alertreporting/{HoldsForAllInstances.qll => HoldsForAllCopies.qll} (82%) diff --git a/c/misra/src/rules/RULE-2-2/DeadCode.ql b/c/misra/src/rules/RULE-2-2/DeadCode.ql index 03a6e7d36a..97c3808607 100644 --- a/c/misra/src/rules/RULE-2-2/DeadCode.ql +++ b/c/misra/src/rules/RULE-2-2/DeadCode.ql @@ -15,7 +15,7 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.alertreporting.HoldsForAllInstances +import codingstandards.cpp.alertreporting.HoldsForAllCopies import codingstandards.cpp.deadcode.UselessAssignments /** @@ -75,7 +75,7 @@ class DeadOperationInstance extends Expr { string getDescription() { result = description } } -class DeadOperation = HoldsForAllInstances::LogicalResultElement; +class DeadOperation = HoldsForAllCopies::LogicalResultElement; from DeadOperation deadOperation, DeadOperationInstance instance, string message, Element explainer, diff --git a/cpp/common/src/codingstandards/cpp/alertreporting/HoldsForAllInstances.qll b/cpp/common/src/codingstandards/cpp/alertreporting/HoldsForAllCopies.qll similarity index 82% rename from cpp/common/src/codingstandards/cpp/alertreporting/HoldsForAllInstances.qll rename to cpp/common/src/codingstandards/cpp/alertreporting/HoldsForAllCopies.qll index 1ea8787c22..634c1bf610 100644 --- a/cpp/common/src/codingstandards/cpp/alertreporting/HoldsForAllInstances.qll +++ b/cpp/common/src/codingstandards/cpp/alertreporting/HoldsForAllCopies.qll @@ -1,8 +1,7 @@ /** - * A module for considering whether a result occurs in all instances (e.g. copies) of the code at a - * given location. + * A module for considering whether a result occurs in all copies of the code at a given location. * - * Multiple instances of an element at the same location can occur for two main reasons: + * Multiple copies of an element at the same location can occur for two main reasons: * 1. Instantiations of a template * 2. Re-compilation of a file under a different context * This module helps ensure that a particular condition holds for all copies of a particular logical @@ -37,17 +36,21 @@ predicate isNotWithinMacroExpansion(Element e) { ) } -/** A candidate set of elements. */ +/** + * A type representing a set of Element's in the program that satisfy some condition. + * + * `HoldsForAllCopies::LogicalResultElement` will represent an element in this set + * iff all copies of that element satisfy the condition. + */ signature class CandidateElementSig extends Element; /** The super set of relevant elements. */ signature class ElementSetSig extends Element; /** - * A module for considering whether a result occurs in all instances (e.g. copies) of the code at a - * given location. + * A module for considering whether a result occurs in all copies of the code at a given location. */ -module HoldsForAllInstances { +module HoldsForAllCopies { private predicate hasLocation( ElementSet s, string filepath, int startline, int startcolumn, int endline, int endcolumn ) { @@ -93,8 +96,8 @@ module HoldsForAllInstances::LogicalResultElement; +class DeadStmt = HoldsForAllCopies::LogicalResultElement; query predicate problems(DeadStmt s, string message) { not isExcluded(s.getAnElementInstance(), getQuery()) and From b9474d55fd6a57589440e962d5bb92183aeb69b7 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Tue, 15 Oct 2024 12:04:40 +0100 Subject: [PATCH 2135/2573] Update rule_packages/c/Banned2.json Reword description. --- rule_packages/c/Banned2.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rule_packages/c/Banned2.json b/rule_packages/c/Banned2.json index 461e269413..3898125d73 100644 --- a/rule_packages/c/Banned2.json +++ b/rule_packages/c/Banned2.json @@ -6,7 +6,7 @@ }, "queries": [ { - "description": "The standard functions rand() and srand() will not give high quality random results in all implementations and is thus banned.", + "description": "The standard functions rand() and srand() will not give high quality random results in all implementations and are therefore banned.", "kind": "problem", "name": "The random number generator functions of shall not be used", "precision": "very-high", From 917bb45c82c9ee1e5f97698b306bb8d0f9548dfe Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 15 Oct 2024 15:57:42 +0100 Subject: [PATCH 2136/2573] A7-1-3: Avoid producing machine specific locations Modify the alert message to only report a link if the target is within the source root of the database. --- ...CvQualifiersNotPlacedOnTheRightHandSide.ql | 23 +++++++++++++++---- ...ifiersNotPlacedOnTheRightHandSide.expected | 2 +- 2 files changed, 20 insertions(+), 5 deletions(-) diff --git a/cpp/autosar/src/rules/A7-1-3/CvQualifiersNotPlacedOnTheRightHandSide.ql b/cpp/autosar/src/rules/A7-1-3/CvQualifiersNotPlacedOnTheRightHandSide.ql index f60fcd51de..5d34f89c7d 100644 --- a/cpp/autosar/src/rules/A7-1-3/CvQualifiersNotPlacedOnTheRightHandSide.ql +++ b/cpp/autosar/src/rules/A7-1-3/CvQualifiersNotPlacedOnTheRightHandSide.ql @@ -31,7 +31,9 @@ Type unwrapIndirection(Type type) { // DeclStmts that have a TypedefType name use (ie TypeMention) in them //AND TypeMention.getStartColumn() - DeclStmt.getStartColumn() > len(const) //AND the declared thing contains one of these "extra" specifiers in the DeclarationEntry Location -from VariableDeclarationEntry e, TypedefType t, TypeMention tm +from + VariableDeclarationEntry e, TypedefType t, TypeMention tm, string message, Element explainer, + string explainerMessage where not isExcluded(e, ConstPackage::cvQualifiersNotPlacedOnTheRightHandSideQuery()) and // Variable type is specified, and has the typedef type as a base type @@ -48,7 +50,20 @@ where // TypeMention occurs after the start of the StmtDecl, with enough space for const/volatile tm.getLocation().getStartColumn() - s.getLocation().getStartColumn() > 5 ) + ) and + if exists(t.getFile().getRelativePath()) + then + message = + "There is possibly a const or volatile specifier on the left hand side of typedef name $@." and + explainer = t and + explainerMessage = t.getName() + else ( + // Type occurs outside source root, so don't link + message = + "There is possibly a const or volatile specifier on the left hand side of typedef name " + + t.getName() + "." and + // explainer not used in this case + explainer = e and + explainerMessage = "" ) -select e, - "There is possibly a const or volatile specifier on the left hand side of typedef name $@.", t, - t.getName() +select e, message, explainer, explainerMessage diff --git a/cpp/autosar/test/rules/A7-1-3/CvQualifiersNotPlacedOnTheRightHandSide.expected b/cpp/autosar/test/rules/A7-1-3/CvQualifiersNotPlacedOnTheRightHandSide.expected index 7eea341903..d845df142d 100644 --- a/cpp/autosar/test/rules/A7-1-3/CvQualifiersNotPlacedOnTheRightHandSide.expected +++ b/cpp/autosar/test/rules/A7-1-3/CvQualifiersNotPlacedOnTheRightHandSide.expected @@ -1,4 +1,4 @@ | test.cpp:9:16:9:19 | definition of ptr1 | There is possibly a const or volatile specifier on the left hand side of typedef name $@. | test.cpp:1:7:1:12 | intptr | intptr | | test.cpp:10:19:10:22 | definition of ptr2 | There is possibly a const or volatile specifier on the left hand side of typedef name $@. | test.cpp:1:7:1:12 | intptr | intptr | | test.cpp:19:21:19:24 | definition of ptr8 | There is possibly a const or volatile specifier on the left hand side of typedef name $@. | test.cpp:3:7:3:17 | constintptr | constintptr | -| test.cpp:32:23:32:26 | definition of u32d | There is possibly a const or volatile specifier on the left hand side of typedef name $@. | file:///Users/luke/git/codeql-coding-standards/cpp/common/test/includes/standard-library/cstdint.h:9:22:9:29 | uint32_t | uint32_t | +| test.cpp:32:23:32:26 | definition of u32d | There is possibly a const or volatile specifier on the left hand side of typedef name uint32_t. | test.cpp:32:23:32:26 | definition of u32d | | From 43bf6f87ded8e77ced5838009fdcee705d67f8e8 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 15 Oct 2024 17:49:46 +0100 Subject: [PATCH 2137/2573] Fix DeadCode.json syntax error introduced on merge --- rule_packages/c/DeadCode.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rule_packages/c/DeadCode.json b/rule_packages/c/DeadCode.json index fbcdfe2976..d8e80d14d1 100644 --- a/rule_packages/c/DeadCode.json +++ b/rule_packages/c/DeadCode.json @@ -39,7 +39,7 @@ "short_name": "DeadCode", "tags": [ "readability", - "maintainability" + "maintainability", "external/misra/c/2012/third-edition-first-revision" ] } From 327436ce43a632b60edc02a37868cb9a9df30ee8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fernando=20Jos=C3=A9=20=7C=20=EF=BE=8C=EF=BD=AA=EF=BE=99?= =?UTF-8?q?=EF=BE=85=EF=BE=9D=EF=BE=84=EF=BE=9E=20=EF=BE=8E=EF=BD=BE?= Date: Wed, 16 Oct 2024 12:29:34 +0900 Subject: [PATCH 2138/2573] Update change_notes/2024-10-15-fix-fp-739-a14-5-2.md Co-authored-by: Luke Cartey <5377966+lcartey@users.noreply.github.com> --- change_notes/2024-10-15-fix-fp-739-a14-5-2.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/change_notes/2024-10-15-fix-fp-739-a14-5-2.md b/change_notes/2024-10-15-fix-fp-739-a14-5-2.md index 39cb00e3ae..6e3f422718 100644 --- a/change_notes/2024-10-15-fix-fp-739-a14-5-2.md +++ b/change_notes/2024-10-15-fix-fp-739-a14-5-2.md @@ -1,2 +1,2 @@ - `A14-5-2` - `NonTemplateMemberDefinedInTemplate.ql` - - Fixes #739. Omit type members declared with using aliases. + - Fixes #739. Correctly detect template parameters specified in using alias base types, e.g. `using T1 = some_type::Type;`. From 5609f092dd4151d6464ea70e5c7d826d43d3d91f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fernando=20Jos=C3=A9=20=7C=20=EF=BE=8C=EF=BD=AA=EF=BE=99?= =?UTF-8?q?=EF=BE=85=EF=BE=9D=EF=BE=84=EF=BE=9E=20=EF=BE=8E=EF=BD=BE?= Date: Wed, 16 Oct 2024 12:30:10 +0900 Subject: [PATCH 2139/2573] Apply suggestions from code review Co-authored-by: Luke Cartey <5377966+lcartey@users.noreply.github.com> --- .../src/rules/A14-5-2/NonTemplateMemberDefinedInTemplate.ql | 3 ++- cpp/autosar/test/rules/A14-5-2/test.cpp | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/src/rules/A14-5-2/NonTemplateMemberDefinedInTemplate.ql b/cpp/autosar/src/rules/A14-5-2/NonTemplateMemberDefinedInTemplate.ql index b8dff92ca6..7f9ced9909 100644 --- a/cpp/autosar/src/rules/A14-5-2/NonTemplateMemberDefinedInTemplate.ql +++ b/cpp/autosar/src/rules/A14-5-2/NonTemplateMemberDefinedInTemplate.ql @@ -169,7 +169,8 @@ where ) ) and // Omit using alias (cf. https://github.com/github/codeql-coding-standards/issues/739) - not d instanceof UsingAliasTypedefType + // Exclude Using alias which refer directly to a TypeParameter + not d.(UsingAliasTypedefType).getBaseType() instanceof TemplateParameter select d, "Member " + d.getName() + " template class does not use any of template arguments of its $@.", d.getDeclaringType(), "declaring type" diff --git a/cpp/autosar/test/rules/A14-5-2/test.cpp b/cpp/autosar/test/rules/A14-5-2/test.cpp index 236f3beb7a..260ff5b4b2 100644 --- a/cpp/autosar/test/rules/A14-5-2/test.cpp +++ b/cpp/autosar/test/rules/A14-5-2/test.cpp @@ -8,7 +8,7 @@ template class C1 { enum E1 : T { e1, e2 }; // COMPLIANT using T1 = typename template_base::type; // COMPLIANT - using T2 = typename template_base::type; // NON_COMPLIANT[FALSE_NEGATIVE] + using T2 = typename template_base::type; // NON_COMPLIANT class C11 { // COMPLIANT enum E2 { From e0b581ae432312715a0341bb99adafd5d7f670b3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fernando=20Jos=C3=A9=20=7C=20=EF=BE=8C=EF=BD=AA=EF=BE=99?= =?UTF-8?q?=EF=BE=85=EF=BE=9D=EF=BE=84=EF=BE=9E=20=EF=BE=8E=EF=BD=BE?= Date: Wed, 16 Oct 2024 12:33:18 +0900 Subject: [PATCH 2140/2573] Update NonTemplateMemberDefinedInTemplate.expected --- .../rules/A14-5-2/NonTemplateMemberDefinedInTemplate.expected | 1 + 1 file changed, 1 insertion(+) diff --git a/cpp/autosar/test/rules/A14-5-2/NonTemplateMemberDefinedInTemplate.expected b/cpp/autosar/test/rules/A14-5-2/NonTemplateMemberDefinedInTemplate.expected index 454a1c6b83..f0c78e2af1 100644 --- a/cpp/autosar/test/rules/A14-5-2/NonTemplateMemberDefinedInTemplate.expected +++ b/cpp/autosar/test/rules/A14-5-2/NonTemplateMemberDefinedInTemplate.expected @@ -1,3 +1,4 @@ +| test.cpp:11:9:11:10 | T2 | Member T2 template class does not use any of template arguments of its $@. | test.cpp:6:29:6:30 | C1 | declaring type | | test.cpp:28:31:28:33 | C12 | Member C12 template class does not use any of template arguments of its $@. | test.cpp:6:29:6:30 | C1 | declaring type | | test.cpp:45:7:45:8 | a1 | Member a1 template class does not use any of template arguments of its $@. | test.cpp:37:31:37:33 | C22 | declaring type | | test.cpp:46:9:46:10 | a2 | Member a2 template class does not use any of template arguments of its $@. | test.cpp:37:31:37:33 | C22 | declaring type | From cf5dc696022020aa61781dbe03585a285496a96a Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Wed, 16 Oct 2024 11:01:33 +0200 Subject: [PATCH 2141/2573] Update expected test results after merging `main` --- ...rrayFunctionArgumentNumberOfElements.expected | 12 ++++++------ ...mpUsedToCompareNullTerminatedStrings.expected | 8 ++++---- ...penForReadAndWriteOnDifferentStreams.expected | 2 +- .../AttemptToWriteToAReadOnlyStream.expected | 12 ++++++------ ...BeComparedWithUnmodifiedReturnValues.expected | 16 ++++++++-------- 5 files changed, 25 insertions(+), 25 deletions(-) diff --git a/c/misra/test/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.expected b/c/misra/test/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.expected index cb4422f5f1..174c6aa40f 100644 --- a/c/misra/test/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.expected +++ b/c/misra/test/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.expected @@ -1,9 +1,9 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:47,36-44) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:48,22-30) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:50,20-28) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:55,25-33) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:71,28-36) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:71,51-59) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:48,36-44) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:49,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:51,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:56,25-33) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:72,28-36) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:72,51-59) | test.c:18:6:18:6 | 0 | The function argument does not have a sufficient number or elements declared in the $@. | test.c:1:13:1:14 | ar | parameter | | test.c:19:6:19:7 | ar | The function argument does not have a sufficient number or elements declared in the $@. | test.c:1:13:1:14 | ar | parameter | | test.c:21:6:21:9 | ar2p | The function argument does not have a sufficient number or elements declared in the $@. | test.c:1:13:1:14 | ar | parameter | diff --git a/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected b/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected index cf45b21eb4..5ae49919a9 100644 --- a/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected +++ b/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected @@ -1,7 +1,7 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (MemcmpUsedToCompareNullTerminatedStrings.ql:22,54-62) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (MemcmpUsedToCompareNullTerminatedStrings.ql:23,22-30) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (MemcmpUsedToCompareNullTerminatedStrings.ql:49,20-28) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (MemcmpUsedToCompareNullTerminatedStrings.ql:57,43-56) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (MemcmpUsedToCompareNullTerminatedStrings.ql:23,54-62) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (MemcmpUsedToCompareNullTerminatedStrings.ql:24,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (MemcmpUsedToCompareNullTerminatedStrings.ql:50,20-28) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (MemcmpUsedToCompareNullTerminatedStrings.ql:58,43-56) edges | test.c:12:13:12:15 | a | test.c:14:10:14:10 | a | provenance | | | test.c:12:13:12:15 | a | test.c:23:13:23:13 | a | provenance | | diff --git a/c/misra/test/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.expected b/c/misra/test/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.expected index 6360b21973..0365f4980d 100644 --- a/c/misra/test/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.expected +++ b/c/misra/test/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.expected @@ -1,4 +1,4 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (FileOpenForReadAndWriteOnDifferentStreams.ql:38,9-17) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (FileOpenForReadAndWriteOnDifferentStreams.ql:39,9-17) | test.c:6:14:6:18 | call to fopen | The same file was already opened $@. Files should not be read and written at the same time using different streams. | test.c:5:14:5:18 | call to fopen | here | | test.c:17:14:17:18 | call to fopen | The same file was already opened $@. Files should not be read and written at the same time using different streams. | test.c:16:14:16:18 | call to fopen | here | | test.c:33:14:33:18 | call to fopen | The same file was already opened $@. Files should not be read and written at the same time using different streams. | test.c:32:14:32:18 | call to fopen | here | diff --git a/c/misra/test/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.expected b/c/misra/test/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.expected index 88dca316a2..dbf08e3d3d 100644 --- a/c/misra/test/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.expected +++ b/c/misra/test/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.expected @@ -1,8 +1,8 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:18,32-40) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:19,22-30) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:24,20-28) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:30,21-29) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:32,6-14) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:35,28-36) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:19,32-40) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:20,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:25,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:31,21-29) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:33,6-14) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:36,28-36) | test.c:10:3:10:9 | call to fprintf | Attempt to write to a $@ opened as read-only. | test.c:9:14:9:18 | call to fopen | stream | | test.c:15:3:15:9 | call to fprintf | Attempt to write to a $@ opened as read-only. | test.c:18:14:18:18 | call to fopen | stream | diff --git a/c/misra/test/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.expected b/c/misra/test/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.expected index a7ee20c0b0..83a10a46fb 100644 --- a/c/misra/test/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.expected +++ b/c/misra/test/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.expected @@ -1,10 +1,10 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:22,28-36) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:23,22-30) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:27,20-28) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:36,23-31) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:41,17-25) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:50,5-13) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:58,20-28) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:58,46-54) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:23,28-36) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:24,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:28,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:37,23-31) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:42,17-25) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:51,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:59,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:59,46-54) | test.c:6:7:6:20 | ... != ... | The check is not reliable as the type of the return value of $@ is converted. | test.c:5:14:5:20 | call to getchar | call to getchar | | test.c:13:7:13:15 | ... != ... | The check is not reliable as the type of the return value of $@ is converted. | test.c:12:14:12:20 | call to getchar | call to getchar | From 2778d662e2cf701b351b2466916e9e0f03dd31f8 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Wed, 16 Oct 2024 13:12:54 +0200 Subject: [PATCH 2142/2573] Update test results after QL library changes --- .../identifierhidden/IdentifierHidden.expected | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected b/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected index fd657590ef..47d191d758 100644 --- a/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected +++ b/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected @@ -4,10 +4,21 @@ | test.cpp:23:13:23:15 | id1 | Variable is hiding variable $@. | test.cpp:1:5:1:7 | id1 | id1 | | test.cpp:26:12:26:14 | id1 | Variable is hiding variable $@. | test.cpp:1:5:1:7 | id1 | id1 | | test.cpp:27:14:27:16 | id1 | Variable is hiding variable $@. | test.cpp:26:12:26:14 | id1 | id1 | +| test.cpp:48:11:48:11 | i | Variable is hiding variable $@. | test.cpp:58:16:58:16 | i | i | +| test.cpp:48:11:48:11 | i | Variable is hiding variable $@. | test.cpp:75:16:75:16 | i | i | +| test.cpp:50:9:50:9 | i | Variable is hiding variable $@. | test.cpp:58:16:58:16 | i | i | +| test.cpp:50:9:50:9 | i | Variable is hiding variable $@. | test.cpp:75:16:75:16 | i | i | +| test.cpp:53:12:53:12 | i | Variable is hiding variable $@. | test.cpp:58:16:58:16 | i | i | +| test.cpp:53:12:53:12 | i | Variable is hiding variable $@. | test.cpp:75:16:75:16 | i | i | +| test.cpp:65:11:65:11 | i | Variable is hiding variable $@. | test.cpp:58:16:58:16 | i | i | | test.cpp:65:11:65:11 | i | Variable is hiding variable $@. | test.cpp:61:7:61:7 | i | i | +| test.cpp:65:11:65:11 | i | Variable is hiding variable $@. | test.cpp:75:16:75:16 | i | i | +| test.cpp:67:9:67:9 | i | Variable is hiding variable $@. | test.cpp:58:16:58:16 | i | i | | test.cpp:67:9:67:9 | i | Variable is hiding variable $@. | test.cpp:61:7:61:7 | i | i | +| test.cpp:67:9:67:9 | i | Variable is hiding variable $@. | test.cpp:75:16:75:16 | i | i | +| test.cpp:70:12:70:12 | i | Variable is hiding variable $@. | test.cpp:58:16:58:16 | i | i | | test.cpp:70:12:70:12 | i | Variable is hiding variable $@. | test.cpp:61:7:61:7 | i | i | -| test.cpp:75:16:75:16 | i | Variable is hiding variable $@. | test.cpp:61:7:61:7 | i | i | +| test.cpp:70:12:70:12 | i | Variable is hiding variable $@. | test.cpp:75:16:75:16 | i | i | | test.cpp:86:9:86:9 | b | Variable is hiding variable $@. | test.cpp:80:11:80:11 | b | b | | test.cpp:94:9:94:17 | globalvar | Variable is hiding variable $@. | test.cpp:91:5:91:13 | globalvar | globalvar | | test.cpp:113:11:113:11 | b | Variable is hiding variable $@. | test.cpp:107:13:107:13 | b | b | From dd475bef82a8d41d74bcfed2d2515dd64f921859 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Wed, 16 Oct 2024 16:51:21 -0700 Subject: [PATCH 2143/2573] Implement InvalidMemory, Rule 18-8 amendment. --- amendments.csv | 2 +- ...DoNotModifyObjectsWithTemporaryLifetime.ql | 13 +- ...ointersToVariablyModifiedArrayTypesUsed.ql | 123 ++++++++++++++ .../RULE-18-8/VariableLengthArrayTypesUsed.ql | 39 ++--- ...rayToPointerConversionOfTemporaryObject.ql | 86 ++++++++++ ...eLValueSubscriptedWithTemporaryLifetime.ql | 60 +++++++ ...sToVariablyModifiedArrayTypesUsed.expected | 17 ++ ...tersToVariablyModifiedArrayTypesUsed.qlref | 1 + c/misra/test/rules/RULE-18-10/test.c | 95 +++++++++++ .../VariableLengthArrayTypesUsed.expected | 10 +- c/misra/test/rules/RULE-18-8/test.c | 30 +++- ...ointerConversionOfTemporaryObject.expected | 30 ++++ ...ToPointerConversionOfTemporaryObject.qlref | 1 + ...eSubscriptedWithTemporaryLifetime.expected | 15 ++ ...alueSubscriptedWithTemporaryLifetime.qlref | 1 + c/misra/test/rules/RULE-18-9/test.c | 151 ++++++++++++++++++ ...0-rule-18-8-vla-rule-changes-amendment4.md | 4 + .../src/codingstandards/cpp/Clvalues.qll | 17 ++ .../cpp/VariablyModifiedTypes.qll | 143 +++++++++++++++++ .../cpp/exclusions/c/InvalidMemory3.qll | 61 +++++++ .../cpp/exclusions/c/RuleMetadata.qll | 3 + .../cpp/lifetimes/CLifetimes.qll | 48 ++++++ rule_packages/c/InvalidMemory3.json | 59 +++++++ 23 files changed, 958 insertions(+), 51 deletions(-) create mode 100644 c/misra/src/rules/RULE-18-10/PointersToVariablyModifiedArrayTypesUsed.ql create mode 100644 c/misra/src/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.ql create mode 100644 c/misra/src/rules/RULE-18-9/ModifiableLValueSubscriptedWithTemporaryLifetime.ql create mode 100644 c/misra/test/rules/RULE-18-10/PointersToVariablyModifiedArrayTypesUsed.expected create mode 100644 c/misra/test/rules/RULE-18-10/PointersToVariablyModifiedArrayTypesUsed.qlref create mode 100644 c/misra/test/rules/RULE-18-10/test.c create mode 100644 c/misra/test/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.expected create mode 100644 c/misra/test/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.qlref create mode 100644 c/misra/test/rules/RULE-18-9/ModifiableLValueSubscriptedWithTemporaryLifetime.expected create mode 100644 c/misra/test/rules/RULE-18-9/ModifiableLValueSubscriptedWithTemporaryLifetime.qlref create mode 100644 c/misra/test/rules/RULE-18-9/test.c create mode 100644 change_notes/2024-10-10-rule-18-8-vla-rule-changes-amendment4.md create mode 100644 cpp/common/src/codingstandards/cpp/Clvalues.qll create mode 100644 cpp/common/src/codingstandards/cpp/VariablyModifiedTypes.qll create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/InvalidMemory3.qll create mode 100644 cpp/common/src/codingstandards/cpp/lifetimes/CLifetimes.qll create mode 100644 rule_packages/c/InvalidMemory3.json diff --git a/amendments.csv b/amendments.csv index cd0085493e..ce285a29ba 100644 --- a/amendments.csv +++ b/amendments.csv @@ -15,7 +15,7 @@ c,MISRA-C-2012,Amendment4,RULE-11-3,Yes,Expand,No,Easy c,MISRA-C-2012,Amendment4,RULE-11-8,Yes,Expand,No,Easy c,MISRA-C-2012,Amendment4,RULE-13-2,Yes,Expand,No,Very Hard c,MISRA-C-2012,Amendment4,RULE-18-6,Yes,Expand,No,Medium -c,MISRA-C-2012,Amendment4,RULE-18-8,Yes,Split,No,Easy +c,MISRA-C-2012,Amendment4,RULE-18-8,Yes,Split,Yes,Easy c,MISRA-C-2012,Corrigendum2,RULE-2-2,Yes,Clarification,No,Import c,MISRA-C-2012,Corrigendum2,RULE-2-7,Yes,Clarification,No,Import c,MISRA-C-2012,Corrigendum2,RULE-3-1,Yes,Refine,No,Easy diff --git a/c/cert/src/rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.ql b/c/cert/src/rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.ql index 2d66b8643c..6a018ed8c4 100644 --- a/c/cert/src/rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.ql +++ b/c/cert/src/rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.ql @@ -13,18 +13,7 @@ import cpp import codingstandards.c.cert - -/** - * A struct or union type that contains an array type - */ -class StructOrUnionTypeWithArrayField extends Struct { - StructOrUnionTypeWithArrayField() { - this.getAField().getUnspecifiedType() instanceof ArrayType - or - // nested struct or union containing an array type - this.getAField().getUnspecifiedType().(Struct) instanceof StructOrUnionTypeWithArrayField - } -} +import codingstandards.cpp.lifetimes.CLifetimes // Note: Undefined behavior is possible regardless of whether the accessed field from the returned // struct is an array or a scalar (i.e. arithmetic and pointer types) member, according to the standard. diff --git a/c/misra/src/rules/RULE-18-10/PointersToVariablyModifiedArrayTypesUsed.ql b/c/misra/src/rules/RULE-18-10/PointersToVariablyModifiedArrayTypesUsed.ql new file mode 100644 index 0000000000..5a4edb4a98 --- /dev/null +++ b/c/misra/src/rules/RULE-18-10/PointersToVariablyModifiedArrayTypesUsed.ql @@ -0,0 +1,123 @@ +/** + * @id c/misra/pointers-to-variably-modified-array-types-used + * @name RULE-18-10: Pointers to variably-modified array types shall not be used + * @description Pointers to variably-modified array types shall not be used, as these pointer types + * are frequently incompatible with other fixed or variably sized arrays, resulting in + * undefined behavior. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/misra/id/rule-18-10 + * external/misra/c/2012/amendment4 + * correctness + * security + * external/misra/obligation/mandatory + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.VariablyModifiedTypes + +/** + * Check that the declaration entry, which may be a parameter or a variable + * etc., seems to subsume the location of `inner`, including the declaration + * type text. + * + * The location of the `DeclarationEntry` itself points to the _identifier_ + * that is declared. This range will not include the type of the declaration. + * + * For parameters, the `before` and `end` `Location` objects will be + * constrained to the closest earlier element (parameter or function body), + * these values can therefore be captured and inspected for debugging. + * + * For declarations which occur in statements, the `before` and `end` + * `Location` objects will be both constrained to be equal, and equal to, + * the `Location` of the containing `DeclStmt`. + */ +predicate declarationSubsumes( + DeclarationEntry entry, Location inner, Location before, Location after +) { + inner.getFile() = entry.getLocation().getFile() and + ( + exists(ParameterDeclarationEntry param, FunctionDeclarationEntry func, int i | + param = entry and + func = param.getFunctionDeclarationEntry() and + func.getParameterDeclarationEntry(i) = param and + before = entry.getLocation() and + ( + after = func.getParameterDeclarationEntry(i + 1).getLocation() + or + not exists(ParameterDeclarationEntry afterParam | + afterParam = func.getParameterDeclarationEntry(i + 1) + ) and + after = func.getBlock().getLocation() + ) + ) and + before.isBefore(inner, _) and + inner.isBefore(after, _) + or + exists(DeclStmt s | + s.getADeclaration() = entry.getDeclaration() and + before = s.getLocation() and + after = before and + before.subsumes(inner) + ) + ) +} + +/** + * A declaration involving a pointer to a variably-modified type. + */ +class InvalidDeclaration extends DeclarationEntry { + Expr sizeExpr; + CandidateVlaType vlaType; + + // `before` and `after` are captured for debugging, see doc comment for + // `declarationSubsumes`. + Location before; + Location after; + + InvalidDeclaration() { + sizeExpr = any(VlaDimensionStmt vla).getDimensionExpr() and + declarationSubsumes(this, sizeExpr.getLocation(), before, after) and + ( + if this instanceof ParameterDeclarationEntry + then vlaType = this.getType().(VariablyModifiedTypeIfAdjusted).getInnerVlaType() + else vlaType = this.getType().(VariablyModifiedTypeIfUnadjusted).getInnerVlaType() + ) + // Capture only pointers to VLA types, not raw VLA types. + and not vlaType = this.getType() + } + + Expr getSizeExpr() { result = sizeExpr } + + CandidateVlaType getVlaType() { result = vlaType } +} + +from InvalidDeclaration v, string declstr, string adjuststr, string relationstr +where + not isExcluded(v, InvalidMemory3Package::pointersToVariablyModifiedArrayTypesUsedQuery()) and + ( + if v instanceof ParameterDeclarationEntry + then declstr = "Parameter " + else + if v instanceof VariableDeclarationEntry + then declstr = "Variable " + else declstr = "Declaration " + ) and + ( + if + v instanceof ParameterDeclarationEntry and + v.getType() instanceof ParameterAdjustedVariablyModifiedType + then adjuststr = "adjusted to" + else adjuststr = "declared with" + ) and + ( + if v.getType().(PointerType).getBaseType() instanceof CandidateVlaType + then relationstr = "pointer to" + else relationstr = "with inner" + ) +select v, + declstr + v.getName() + " is " + adjuststr + " variably-modified type, " + relationstr + + " variable length array of non constant size $@ and element type '" + + v.getVlaType().getVariableBaseType() + "'", v.getSizeExpr(), v.getSizeExpr().toString() diff --git a/c/misra/src/rules/RULE-18-8/VariableLengthArrayTypesUsed.ql b/c/misra/src/rules/RULE-18-8/VariableLengthArrayTypesUsed.ql index a7c25ed35e..96fbf697af 100644 --- a/c/misra/src/rules/RULE-18-8/VariableLengthArrayTypesUsed.ql +++ b/c/misra/src/rules/RULE-18-8/VariableLengthArrayTypesUsed.ql @@ -15,34 +15,15 @@ import cpp import codingstandards.c.misra -/** - * A variable length array (VLA) - * ie an array where the size - * is not an integer constant expression - */ -class VariableLengthArray extends VariableDeclarationEntry { - VariableLengthArray() { - //VLAs will not have: static/extern specifiers (compilation error) - not this.hasSpecifier("static") and - not this.hasSpecifier("extern") and - //VLAs are not allowed to be initialized - not this.getDeclaration().hasInitializer() and - exists(ArrayType a | - //a.hasArraySize() does not catch multidimensional VLAs like a[1][] - a.toString().matches("%[]%") and - this.getUnspecifiedType() = a and - //variable length array is one declared in block or function prototype - ( - this.getDeclaration().getParentScope() instanceof Function or - this.getDeclaration().getParentScope() instanceof BlockStmt - ) - ) - } -} - -from VariableLengthArray v +from VlaDeclStmt v, Expr size, ArrayType arrayType, string typeStr where not isExcluded(v, Declarations7Package::variableLengthArrayTypesUsedQuery()) and - //an exception, argv in : int main(int argc, char *argv[]) - not v.getDeclaration().getParentScope().(Function).hasName("main") -select v, "Variable length array declared." + size = v.getVlaDimensionStmt(0).getDimensionExpr() and + ( + arrayType = v.getVariable().getType() + or + arrayType = v.getType().getUnspecifiedType() + ) and + typeStr = arrayType.getBaseType().toString() +select v, "Variable length array of element type '" + typeStr + "' with non-constant size $@.", + size, size.toString() diff --git a/c/misra/src/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.ql b/c/misra/src/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.ql new file mode 100644 index 0000000000..7df4e5371c --- /dev/null +++ b/c/misra/src/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.ql @@ -0,0 +1,86 @@ +/** + * @id c/misra/array-to-pointer-conversion-of-temporary-object + * @name RULE-18-9: An object with temporary lifetime shall not undergo array to pointer conversion + * @description Modifying or accessing elements of an array with temporary lifetime that has been + * converted to a pointer will result in undefined behavior. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/misra/id/rule-18-9 + * external/misra/c/2012/amendment3 + * correctness + * security + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.lifetimes.CLifetimes + +/** + * Get the expression(s) whose value is "used" by this expression. + * + * For instance, `(x)` does not use any values, but `x + y` uses `x` and `y`. + * + * A pointer-to-array conversion does not need to be flagged if the result of + * that conversion is not used or stored. + */ +Expr usedValuesOf(Expr expr) { + result = expr.(BinaryOperation).getLeftOperand() + or + result = expr.(BinaryOperation).getRightOperand() + or + result = expr.(UnaryOperation).getOperand() + or + result = expr.(ConditionalExpr).getCondition() + or + result = expr.(Call).getAnArgument() +} + +/** + * Get the expression(s) whose value is stored by this declaration. + * + * A pointer-to-array conversion does not need to be flagged if the result of + * that conversion is not used or stored. + */ +predicate isStored(Expr e) { + e = any(VariableDeclarationEntry d).getDeclaration().getInitializer().getExpr() + or + e = any(ClassAggregateLiteral l).getAFieldExpr(_) +} + +/** + * Find expressions that defer their value directly to an inner expression + * value. + * + * When an array is on the rhs of a comma expr, or in the then/else branch of a + * ternary expr, and the result us used as a pointer, then the ArrayToPointer + * conversion is marked inside comma expr/ternary expr, on the operands. These + * conversions are only non-compliant if they flow into an operation or store. + * + * Full flow analysis with localFlowStep should not be necessary, and may cast a + * wider net than needed for some queries, potentially resulting in false + * positives. + */ +Expr temporaryObjectFlowStep(Expr e) { + e = result.(CommaExpr).getRightOperand() + or + e = result.(ConditionalExpr).getThen() + or + e = result.(ConditionalExpr).getElse() +} + +from + TemporaryLifetimeArrayAccess fa, TemporaryLifetimeExpr temporary, + ArrayToPointerConversion conversion +where + not isExcluded(conversion, InvalidMemory3Package::arrayToPointerConversionOfTemporaryObjectQuery()) and + fa.getTemporary() = temporary and + conversion.getExpr() = fa and + ( + temporaryObjectFlowStep*(conversion.getExpr()) = usedValuesOf(any(Expr e)) + or + isStored(temporaryObjectFlowStep*(conversion.getExpr())) + ) +select conversion, "Array to pointer conversion of array $@ from temporary object $@", + fa.getTarget(), fa.getTarget().getName(), temporary, temporary.toString() diff --git a/c/misra/src/rules/RULE-18-9/ModifiableLValueSubscriptedWithTemporaryLifetime.ql b/c/misra/src/rules/RULE-18-9/ModifiableLValueSubscriptedWithTemporaryLifetime.ql new file mode 100644 index 0000000000..468e44f3bb --- /dev/null +++ b/c/misra/src/rules/RULE-18-9/ModifiableLValueSubscriptedWithTemporaryLifetime.ql @@ -0,0 +1,60 @@ +/** + * @id c/misra/modifiable-l-value-subscripted-with-temporary-lifetime + * @name RULE-18-9: Usage of the subscript operator on an object with temporary lifetime shall not return a modifiable value + * @description Modifying elements of an array with temporary lifetime will result in undefined + * behavior. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/misra/id/rule-18-9 + * external/misra/c/2012/amendment3 + * correctness + * security + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.lifetimes.CLifetimes + +class TemporaryLifetimeArrayExpr extends ArrayExpr { + TemporaryLifetimeArrayAccess member; + Type elementType; + + TemporaryLifetimeArrayExpr() { + member = getArrayBase() and + elementType = member.getType().(ArrayType).getBaseType() + or + exists(TemporaryLifetimeArrayExpr inner | + inner = getArrayBase() and + member = inner.getMember() and + elementType = inner.getElementType().(ArrayType).getBaseType() + ) + } + + TemporaryLifetimeArrayAccess getMember() { result = member } + + Type getElementType() { result = elementType } +} + +predicate usedAsModifiableLvalue(Expr expr) { + exists(Assignment parent | parent.getLValue() = expr) + or + exists(CrementOperation parent | parent.getOperand() = expr) + or + exists(AddressOfExpr parent | parent.getOperand() = expr) + or + exists(FieldAccess parent | parent.getQualifier() = expr and usedAsModifiableLvalue(parent)) + +} + +from TemporaryLifetimeArrayExpr expr, TemporaryLifetimeArrayAccess member +where + not isExcluded(expr, + InvalidMemory3Package::modifiableLValueSubscriptedWithTemporaryLifetimeQuery()) and + member = expr.getMember() and + not expr.isUnevaluated() and + usedAsModifiableLvalue(expr) +select expr, + "Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ ", + member, member.getTarget().getName(), member.getTemporary(), member.getTemporary().toString() diff --git a/c/misra/test/rules/RULE-18-10/PointersToVariablyModifiedArrayTypesUsed.expected b/c/misra/test/rules/RULE-18-10/PointersToVariablyModifiedArrayTypesUsed.expected new file mode 100644 index 0000000000..87cb3de5c7 --- /dev/null +++ b/c/misra/test/rules/RULE-18-10/PointersToVariablyModifiedArrayTypesUsed.expected @@ -0,0 +1,17 @@ +| test.c:17:11:17:12 | definition of p5 | Parameter p5 is declared with variably-modified type, pointer to variable length array of non constant size $@ and element type 'int' | test.c:17:15:17:16 | p0 | p0 | +| test.c:18:11:18:12 | definition of p6 | Parameter p6 is declared with variably-modified type, with inner variable length array of non constant size $@ and element type 'int' | test.c:18:18:18:19 | p0 | p0 | +| test.c:19:11:19:12 | definition of p7 | Parameter p7 is declared with variably-modified type, pointer to variable length array of non constant size $@ and element type 'int[2]' | test.c:19:15:19:16 | p0 | p0 | +| test.c:20:11:20:12 | definition of p8 | Parameter p8 is declared with variably-modified type, pointer to variable length array of non constant size $@ and element type 'int[]' | test.c:20:15:20:16 | p0 | p0 | +| test.c:20:11:20:12 | definition of p8 | Parameter p8 is declared with variably-modified type, pointer to variable length array of non constant size $@ and element type 'int[]' | test.c:20:19:20:20 | p0 | p0 | +| test.c:24:12:24:13 | definition of p9 | Parameter p9 is declared with variably-modified type, pointer to variable length array of non constant size $@ and element type 'int *' | test.c:24:16:24:17 | p0 | p0 | +| test.c:25:13:25:15 | definition of p10 | Parameter p10 is declared with variably-modified type, with inner variable length array of non constant size $@ and element type 'int *' | test.c:25:18:25:19 | p0 | p0 | +| test.c:28:12:28:14 | definition of p11 | Parameter p11 is adjusted to variably-modified type, with inner variable length array of non constant size $@ and element type 'int' | test.c:28:21:28:22 | p0 | p0 | +| test.c:32:17:32:19 | definition of p13 | Parameter p13 is declared with variably-modified type, pointer to variable length array of non constant size $@ and element type 'const int' | test.c:32:22:32:23 | p0 | p0 | +| test.c:33:18:33:20 | definition of p14 | Parameter p14 is declared with variably-modified type, with inner variable length array of non constant size $@ and element type 'int' | test.c:33:23:33:24 | p0 | p0 | +| test.c:40:12:40:14 | definition of p17 | Parameter p17 is declared with variably-modified type, with inner variable length array of non constant size $@ and element type 'int' | test.c:40:24:40:25 | p0 | p0 | +| test.c:41:14:41:16 | definition of p18 | Parameter p18 is declared with variably-modified type, with inner variable length array of non constant size $@ and element type 'int' | test.c:41:27:41:28 | p0 | p0 | +| test.c:68:9:68:11 | definition of p27 | Parameter p27 is adjusted to variably-modified type, with inner variable length array of non constant size $@ and element type 'int' | test.c:68:13:68:14 | p0 | p0 | +| test.c:68:9:68:11 | definition of p27 | Parameter p27 is adjusted to variably-modified type, with inner variable length array of non constant size $@ and element type 'int' | test.c:68:17:68:18 | p0 | p0 | +| test.c:74:8:74:9 | definition of l3 | Variable l3 is declared with variably-modified type, pointer to variable length array of non constant size $@ and element type 'int' | test.c:74:12:74:13 | p0 | p0 | +| test.c:79:15:79:16 | definition of l4 | Variable l4 is declared with variably-modified type, pointer to variable length array of non constant size $@ and element type 'int' | test.c:79:19:79:20 | p0 | p0 | +| test.c:84:17:84:19 | declaration of td3 | Declaration td3 is declared with variably-modified type, with inner variable length array of non constant size $@ and element type 'int' | test.c:84:22:84:23 | p0 | p0 | diff --git a/c/misra/test/rules/RULE-18-10/PointersToVariablyModifiedArrayTypesUsed.qlref b/c/misra/test/rules/RULE-18-10/PointersToVariablyModifiedArrayTypesUsed.qlref new file mode 100644 index 0000000000..1a60cfacca --- /dev/null +++ b/c/misra/test/rules/RULE-18-10/PointersToVariablyModifiedArrayTypesUsed.qlref @@ -0,0 +1 @@ +rules/RULE-18-10/PointersToVariablyModifiedArrayTypesUsed.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-18-10/test.c b/c/misra/test/rules/RULE-18-10/test.c new file mode 100644 index 0000000000..cf90e256e7 --- /dev/null +++ b/c/misra/test/rules/RULE-18-10/test.c @@ -0,0 +1,95 @@ +#define CONSTANT 1 + +int g1[3]; // COMPLIANT +int (*g2)[3]; // COMPLIANT +int (*g3)[CONSTANT]; // COMPLIANT + +void f1( + int p0, + + // Basic fixed length array types: + int p1[3], // COMPLIANT + int (*p2)[3], // COMPLIANT + int (*p3)[2][3], // COMPLIANT + int (*p4)[CONSTANT], // COMPLIANT + + // Basic pointers to VMTs: + int (*p5)[p0], // NON-COMPLIANT + int (*p6)[2][p0], // NON-COMPLIANT + int (*p7)[p0][2], // NON-COMPLIANT + int (*p8)[p0][p0], // NON-COMPLIANT + + // Types referring to pointers to VMTs: + // - pointer to pointer to VMT + int(*(*p9)[p0]), // NON-COMPLIANT + int(*(**p10)[p0]), // NON-COMPLIANT + + // - array of pointers to VMT + int (*(p11[3]))[p0], // NON-COMPLIANT + + // - const VMTs, const array-to-pointer adjustment + const int p12[p0], // COMPLIANT + const int (*p13)[p0], // NON-COMPLIANT + int (* const p14)[p0], // NON-COMPLIANT + + // - function types with argument that is a pointer to a VMT + int p15(int (*inner)[p0]), // NON-COMPLIANT[FALSE_NEGATIVE] + int (*p16)(int (*inner)[p0]), // NON-COMPLIANT[FALSE_NEGATIVE] + + // - function types that returns a pointer to a VMT + int (*(p17(void)))[p0], // NON-COMPLIANT + int (*((*p18)(void)))[p0], // NON-COMPLIANT + + // - structs cannot contain a VMT as a member. + struct { + int g1[3]; // COMPLIANT + int(*g2)[3]; // COMPLIANT + int(*g3)[CONSTANT]; // COMPLIANT + // Pointer to VMT (`int (*g4)[p0]`) is not allowed. + } p19, + + // - unions cannot contain a VMT as a member. + union { + int g1[3]; // COMPLIANT + int(*g2)[3]; // COMPLIANT + int(*g3)[CONSTANT]; // COMPLIANT + // Pointer to VMT (`int (*g4)[p0]`) is not allowed. + } p20, + + // Unknown array length types: + int p21[], // COMPLIANT + int p22[][], // COMPLIANT + int (*p23)[], // COMPLIANT + int (*p24)[2][], // COMPLIANT + int (*p25)[][2], // COMPLIANT + + // VLA types that are rewritten as pointers: + int p26[p0], // COMPLIANT + int p27[p0][p0] // NON-COMPLIANT +) { + // Local variables may contain pointers to VMTs: + int l0[p0]; // COMPLIANT + int(*l1)[]; // COMPLIANT + int(*l2)[3]; // COMPLIANT + int(*l3)[p0]; // NON-COMPLIANT + + int l6[10] = p23; + + // A pointer to a VMT may be declared `static`. + static int(*l4)[p0]; // NON-COMPLIANT + + // Block scope typedefs may refer to VMTs + typedef int (*td1)[3]; // COMPLIANT + typedef int (*td2)[]; // COMPLIANT + typedef int (*td3)[p0]; // NON-COMPLIANT + + td3 l5; // NON-COMPLIANT +} + +// Function prototypes may contain VMTs using '*' syntax: +void f2(int (*p1)[3], // COMPLIANT + int (*p2)[*], // NON-COMPLIANT[FALSE_NEGATIVE] + int (*p3)[2][*], // NON-COMPLIANT[FALSE_NEGATIVE] + int (*p4)[*][2], // NON-COMPLIANT[FALSE_NEGATIVE] + int (*p5)[*][*] // NON-COMPLIANT[FALSE_NEGATIVE] +); \ No newline at end of file diff --git a/c/misra/test/rules/RULE-18-8/VariableLengthArrayTypesUsed.expected b/c/misra/test/rules/RULE-18-8/VariableLengthArrayTypesUsed.expected index e9721ce642..24856619bf 100644 --- a/c/misra/test/rules/RULE-18-8/VariableLengthArrayTypesUsed.expected +++ b/c/misra/test/rules/RULE-18-8/VariableLengthArrayTypesUsed.expected @@ -1,5 +1,5 @@ -| test.c:3:19:3:20 | definition of pa | Variable length array declared. | -| test.c:6:7:6:8 | definition of a1 | Variable length array declared. | -| test.c:7:7:7:8 | definition of a2 | Variable length array declared. | -| test.c:8:7:8:8 | definition of a3 | Variable length array declared. | -| test.c:14:20:14:21 | definition of pa | Variable length array declared. | +| test.c:6:7:6:7 | VLA declaration | Variable length array of element type 'int' with non-constant size $@. | test.c:6:10:6:14 | ... + ... | ... + ... | +| test.c:7:7:7:7 | VLA declaration | Variable length array of element type 'int' with non-constant size $@. | test.c:7:10:7:10 | n | n | +| test.c:8:7:8:7 | VLA declaration | Variable length array of element type 'int[]' with non-constant size $@. | test.c:8:13:8:13 | n | n | +| test.c:12:7:12:7 | VLA declaration | Variable length array of element type 'int[1]' with non-constant size $@. | test.c:12:10:12:10 | n | n | +| test.c:18:15:18:15 | VLA declaration | Variable length array of element type 'int' with non-constant size $@. | test.c:18:26:18:26 | n | n | diff --git a/c/misra/test/rules/RULE-18-8/test.c b/c/misra/test/rules/RULE-18-8/test.c index 3a0a040f6d..c2f6027216 100644 --- a/c/misra/test/rules/RULE-18-8/test.c +++ b/c/misra/test/rules/RULE-18-8/test.c @@ -1,7 +1,7 @@ #define TEST 1 -void f(int n, int pa[1][n]) { // NON_COMPLIANT - int a[1]; // COMPLIANT +void f(int n) { + int a[1]; // COMPLIANT int x = 1; int a1[1 + x]; // NON_COMPLIANT - not integer constant expr int a2[n]; // NON_COMPLIANT @@ -9,7 +9,29 @@ void f(int n, int pa[1][n]) { // NON_COMPLIANT int a4[] = {1}; // COMPLIANT - not a VLA int a5[TEST]; // COMPLIANT int a6[1 + 1]; // COMPLIANT + int a7[n][1]; // NON_COMPLIANT + int(*a8)[n]; // COMPLIANT - pointer to VLA, see RULE-18-10 + + extern int e1[]; // COMPLIANT + + // A typedef is not a VLA. However, `VlaDeclStmt`s match the typedef. + typedef int vlaTypedef[n]; // COMPLIANT[FALSE_POSITIVE] + vlaTypedef t1; // NON_COMPLIANT[FALSE_NEGATIVE] } -void f1(int n, int pa[n]) { // NON_COMPLIANT -} \ No newline at end of file +void f1(int n, + // Parameter array types are adjusted to pointers + int p1[n], // COMPLIANT + // Pointers to variably-modified types are not VLAs. + int p2[n][n], + int p3[], // array of unknown length is converted to pointer + int p4[][] // array of unknown length are not VLAs. +) {} + +struct s { + // Structs must have at least one non-flexible array member. + int foo; + + // Flexible array members are not VLAs. + int flexibleArrayMember[]; // COMPLIANT +}; \ No newline at end of file diff --git a/c/misra/test/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.expected b/c/misra/test/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.expected new file mode 100644 index 0000000000..7d760dc4a6 --- /dev/null +++ b/c/misra/test/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.expected @@ -0,0 +1,30 @@ +| test.c:45:3:45:20 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:45:3:45:8 | call to get_s1 | call to get_s1 | +| test.c:46:3:46:20 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:46:3:46:8 | call to get_s1 | call to get_s1 | +| test.c:47:7:47:24 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:47:7:47:12 | call to get_s1 | call to get_s1 | +| test.c:48:4:48:21 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:48:4:48:9 | call to get_s1 | call to get_s1 | +| test.c:49:4:49:21 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:49:4:49:9 | call to get_s1 | call to get_s1 | +| test.c:50:3:50:20 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:50:3:50:8 | call to get_s1 | call to get_s1 | +| test.c:51:3:51:20 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:51:3:51:8 | call to get_s1 | call to get_s1 | +| test.c:52:3:52:20 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:52:3:52:8 | call to get_s1 | call to get_s1 | +| test.c:53:3:53:20 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:53:3:53:8 | call to get_s1 | call to get_s1 | +| test.c:54:3:54:20 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:54:3:54:8 | call to get_s1 | call to get_s1 | +| test.c:55:8:55:25 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:55:8:55:13 | call to get_s1 | call to get_s1 | +| test.c:56:3:56:20 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:56:3:56:8 | call to get_s1 | call to get_s1 | +| test.c:57:8:57:25 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:57:8:57:13 | call to get_s1 | call to get_s1 | +| test.c:58:3:58:20 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:58:3:58:8 | call to get_s1 | call to get_s1 | +| test.c:59:3:59:20 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:59:3:59:8 | call to get_s1 | call to get_s1 | +| test.c:60:15:60:32 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:60:15:60:20 | call to get_s1 | call to get_s1 | +| test.c:61:16:61:33 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:61:16:61:21 | call to get_s1 | call to get_s1 | +| test.c:62:23:62:40 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:62:23:62:28 | call to get_s1 | call to get_s1 | +| test.c:63:7:63:24 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:63:7:63:12 | call to get_s1 | call to get_s1 | +| test.c:64:16:64:33 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:64:16:64:21 | call to get_s1 | call to get_s1 | +| test.c:65:15:65:32 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:65:15:65:20 | call to get_s1 | call to get_s1 | +| test.c:66:16:66:33 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:66:16:66:21 | call to get_s1 | call to get_s1 | +| test.c:67:23:67:40 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:67:23:67:28 | call to get_s1 | call to get_s1 | +| test.c:89:3:89:30 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:89:12:89:20 | member_s1 | member_s1 | +| test.c:90:3:90:36 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:90:3:90:26 | access to array | access to array | +| test.c:91:15:91:42 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:91:24:91:32 | member_s1 | member_s1 | +| test.c:92:15:92:48 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:92:15:92:38 | access to array | access to array | +| test.c:111:15:111:33 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:111:16:111:22 | ... = ... | ... = ... | +| test.c:113:15:113:37 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:113:16:113:26 | ... ? ... : ... | ... ? ... : ... | +| test.c:114:15:114:31 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:114:16:114:20 | ... , ... | ... , ... | diff --git a/c/misra/test/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.qlref b/c/misra/test/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.qlref new file mode 100644 index 0000000000..d2db40e77c --- /dev/null +++ b/c/misra/test/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.qlref @@ -0,0 +1 @@ +rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-18-9/ModifiableLValueSubscriptedWithTemporaryLifetime.expected b/c/misra/test/rules/RULE-18-9/ModifiableLValueSubscriptedWithTemporaryLifetime.expected new file mode 100644 index 0000000000..ae140dcd59 --- /dev/null +++ b/c/misra/test/rules/RULE-18-9/ModifiableLValueSubscriptedWithTemporaryLifetime.expected @@ -0,0 +1,15 @@ +| test.c:80:3:80:17 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:80:12:80:14 | arr | arr | test.c:80:3:80:8 | call to get_s1 | call to get_s1 | +| test.c:81:3:81:17 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:81:12:81:14 | arr | arr | test.c:81:3:81:8 | call to get_s1 | call to get_s1 | +| test.c:82:3:82:17 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:82:12:82:14 | arr | arr | test.c:82:3:82:8 | call to get_s1 | call to get_s1 | +| test.c:83:3:83:17 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:83:12:83:14 | arr | arr | test.c:83:3:83:8 | call to get_s1 | call to get_s1 | +| test.c:84:5:84:19 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:84:14:84:16 | arr | arr | test.c:84:5:84:10 | call to get_s1 | call to get_s1 | +| test.c:93:3:93:27 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:93:22:93:24 | arr | arr | test.c:93:12:93:20 | member_s1 | member_s1 | +| test.c:94:3:94:27 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:94:22:94:24 | arr | arr | test.c:94:3:94:20 | access to array | access to array | +| test.c:137:3:137:23 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:137:12:137:20 | arr_union | arr_union | test.c:137:3:137:8 | call to get_s3 | call to get_s3 | +| test.c:138:3:138:24 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:138:12:138:21 | arr_struct | arr_struct | test.c:138:3:138:8 | call to get_s3 | call to get_s3 | +| test.c:139:3:139:24 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:139:12:139:21 | arr_struct | arr_struct | test.c:139:3:139:8 | call to get_s3 | call to get_s3 | +| test.c:140:3:140:24 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:140:12:140:21 | arr_struct | arr_struct | test.c:140:3:140:8 | call to get_s3 | call to get_s3 | +| test.c:141:3:141:24 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:141:12:141:21 | arr_struct | arr_struct | test.c:141:3:141:8 | call to get_s3 | call to get_s3 | +| test.c:142:4:142:25 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:142:13:142:22 | arr_struct | arr_struct | test.c:142:4:142:9 | call to get_s3 | call to get_s3 | +| test.c:146:3:146:22 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:146:12:146:16 | arr2d | arr2d | test.c:146:3:146:8 | call to get_s3 | call to get_s3 | +| test.c:147:4:147:20 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:147:13:147:17 | arr2d | arr2d | test.c:147:4:147:9 | call to get_s3 | call to get_s3 | diff --git a/c/misra/test/rules/RULE-18-9/ModifiableLValueSubscriptedWithTemporaryLifetime.qlref b/c/misra/test/rules/RULE-18-9/ModifiableLValueSubscriptedWithTemporaryLifetime.qlref new file mode 100644 index 0000000000..c1fb0bd2d4 --- /dev/null +++ b/c/misra/test/rules/RULE-18-9/ModifiableLValueSubscriptedWithTemporaryLifetime.qlref @@ -0,0 +1 @@ +rules/RULE-18-9/ModifiableLValueSubscriptedWithTemporaryLifetime.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-18-9/test.c b/c/misra/test/rules/RULE-18-9/test.c new file mode 100644 index 0000000000..f2fb44fdc9 --- /dev/null +++ b/c/misra/test/rules/RULE-18-9/test.c @@ -0,0 +1,151 @@ +struct s1 { + int m1; + const int const_arr[10]; + int arr[10]; +}; + +struct s1 get_s1(); + +struct s2 { + struct s1 member_s1; + struct s1 const const_s1_arr[10]; + struct s1 *s1ptr; + struct s1 s1_arr[10]; +}; + +struct s2 get_s2(); +struct s2 *get_s2_ptr(); + +void use_int(int x) {} +void use_int_ptr(int *x) {} + +void f(void) { + struct s1 l1; + + // Auto lifetime, allowed: + l1.const_arr + 1; // COMPLIANT + l1.const_arr - 1; // COMPLIANT + &l1.const_arr; // COMPLIANT + use_int_ptr(l1.const_arr); // COMPLIANT + l1.arr[0] = 1; // COMPLIANT + + // Extern lifetime, allowed: + extern struct s1 g1; + g1.const_arr + 1; // COMPLIANT + g1.const_arr - 1; // COMPLIANT + &g1.const_arr; // COMPLIANT + use_int_ptr(g1.const_arr); // COMPLIANT + g1.arr[0] = 1; // COMPLIANT + + // Temporary lifetime, no conversion: + get_s1().const_arr; // COMPLIANT - not used as a value. + get_s1().m1 + 1; // COMPLIANT - not an array. + + // Temporary lifetime, array to pointer conversions: + get_s1().const_arr + 1; // NON-COMPLIANT + get_s1().const_arr - 1; // NON-COMPLIANT + 1 + get_s1().const_arr; // NON-COMPLIANT + *get_s1().const_arr; // NON-COMPLIANT + !get_s1().const_arr; // NON-COMPLIANT + get_s1().const_arr < 1; // NON-COMPLIANT + get_s1().const_arr <= 1; // NON-COMPLIANT + get_s1().const_arr > 1; // NON-COMPLIANT + get_s1().const_arr >= 1; // NON-COMPLIANT + get_s1().const_arr == 1; // NON-COMPLIANT + 1 == get_s1().const_arr; // NON-COMPLIANT + get_s1().const_arr && 1; // NON-COMPLIANT + 1 && get_s1().const_arr; // NON-COMPLIANT + get_s1().const_arr || 1; // NON-COMPLIANT + get_s1().const_arr ? 1 : 1; // NON-COMPLIANT + use_int_ptr(get_s1().const_arr); // NON-COMPLIANT + use_int_ptr((get_s1().const_arr)); // NON-COMPLIANT + use_int_ptr((void *)get_s1().const_arr); // NON-COMPLIANT + (1, get_s1().const_arr) + 1; // NON-COMPLIANT + int *local = get_s1().const_arr; // NON-COMPLIANT + (struct s1){get_s1().const_arr}; // NON-COMPLIANT + (struct s2){{get_s1().const_arr}}; // NON-COMPLIANT + struct s1 local2 = {get_s1().const_arr}; // NON-COMPLIANT + + // Results are not 'used' as a value. + (void *)get_s1().const_arr; // COMPLIANT + sizeof(get_s1().const_arr); // COMPLIANT + get_s1().const_arr, 1; // COMPLIANT + 1, get_s1().const_arr; // COMPLIANT + (get_s1().const_arr); // COMPLIANT + + get_s1().const_arr[0]; // COMPLIANT - subscripted value not modifiable + get_s1().arr[0]; // COMPLIANT - subscripted value not used as modifiable + use_int(get_s1().const_arr[0]); // COMPLIANT + use_int(get_s1().arr[0]); // COMPLIANT + get_s1().arr[0] = 1; // NON-COMPLIANT + get_s1().arr[0] -= 1; // NON-COMPLIANT + get_s1().arr[0]--; // NON-COMPLIANT + get_s1().arr[0]++; // NON-COMPLIANT + &(get_s1().arr[0]); // NON-COMPLIANT + + struct s2 l2; + + // Deeper accesses: + get_s2().member_s1.const_arr + 1; // NON-COMPLIANT + get_s2().const_s1_arr[0].const_arr + 1; // NON-COMPLIANT + use_int_ptr(get_s2().member_s1.const_arr); // NON-COMPLIANT + use_int_ptr(get_s2().const_s1_arr[0].const_arr); // NON-COMPLIANT + get_s2().member_s1.arr[0] = 1; // NON-COMPLIANT + get_s2().s1_arr[0].arr[0] = 1; // NON-COMPLIANT + get_s2().member_s1.const_arr[0]; // COMPLIANT + get_s2().const_s1_arr[0].const_arr[0]; // COMPLIANT + get_s2().s1_arr[0].const_arr[0]; // COMPLIANT + get_s2().s1ptr->const_arr[0]; // COMPLIANT + use_int(get_s2().member_s1.const_arr[0]); // COMPLIANT + use_int(get_s2().const_s1_arr[0].const_arr[0]); // COMPLIANT + use_int(get_s2().s1ptr->const_arr[0]); // COMPLIANT + + // Pointer members of a struct don't have temporary lifetime. + get_s2().s1ptr->const_arr + 1; // COMPLIANT + use_int_ptr(get_s2().s1ptr->const_arr); // COMPLIANT + get_s2().s1ptr->arr[0] = 1; // COMPLIANT + get_s2_ptr()->member_s1.const_arr + 1; // COMPLIANT + get_s2_ptr()->member_s1.arr[0] = 1; // COMPLIANT + + // Other types of non-lvalue types + use_int_ptr((l1 = l1).const_arr); // NON-COMPLIANT + use_int_ptr(((struct s1)l1).const_arr); // NON-COMPLIANT[FALSE_NEGATIVE] + use_int_ptr((1 ? l1 : l1).const_arr); // NON-COMPLIANT + use_int_ptr((0, l1).const_arr); // NON-COMPLIANT + use_int_ptr((l2.s1ptr++)->const_arr); // COMPLIANT + use_int_ptr((--l2.s1ptr)->const_arr); // COMPLIANT +} + +// Additional modifiable lvalue tests +struct s3 { + struct s4 { + struct s5 { + struct s6 { + int x; + } m1; + } m1; + } arr_struct[1]; + + union u1 { + int x; + } arr_union[1]; + + int arr2d[1][1]; +} get_s3(); + +void f2(void) { + get_s3().arr_union[0].x = 1; // NON_COMPLIANT + get_s3().arr_struct[0] = (struct s4){0}; // NON_COMPLIANT + get_s3().arr_struct[0].m1 = (struct s5){0}; // NON_COMPLIANT + get_s3().arr_struct[0].m1.m1 = (struct s6){0}; // NON_COMPLIANT + get_s3().arr_struct[0].m1.m1.x = 1; // NON_COMPLIANT + &get_s3().arr_struct[0].m1.m1.x; // NON_COMPLIANT + get_s3().arr_struct[0].m1.m1.x + 1; // COMPLIANT + + get_s3().arr2d[1][1] + 1; // COMPLIANT + get_s3().arr2d[1][1] = 1; // NON_COMPLIANT + &get_s3().arr2d[1]; // NON_COMPLIANT + // The following cases are missing an ArrayToPointerConversion + use_int_ptr(get_s3().arr2d[1]); // NON_COMPLIANT[FALSE NEGATIVE] + get_s3().arr2d[1] + 1; // NON_COMPLIANT[FALSE NEGATIVE] +} \ No newline at end of file diff --git a/change_notes/2024-10-10-rule-18-8-vla-rule-changes-amendment4.md b/change_notes/2024-10-10-rule-18-8-vla-rule-changes-amendment4.md new file mode 100644 index 0000000000..f465836052 --- /dev/null +++ b/change_notes/2024-10-10-rule-18-8-vla-rule-changes-amendment4.md @@ -0,0 +1,4 @@ +- `RULE-18-8` - `VariableLengthArrayTypesUsed.ql`: + - Implement changes declared in MISRA C 2012 Amendment 4. This rule now only bans the use of VLA objects. Rules restricting the use of VLA types -- specifically, pointers to VLA types -- are now implemented in `RULE-18-10`. +- `EXP-35-C` - `DoNotModifyObjectsWithTemporaryLifetime.ql` + - Refactor component into a shared library, should not have any effect on rule results. \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/Clvalues.qll b/cpp/common/src/codingstandards/cpp/Clvalues.qll new file mode 100644 index 0000000000..2e330e0732 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/Clvalues.qll @@ -0,0 +1,17 @@ +import cpp + +/** + * An lvalue in C (as opposed to C++). + * + * Note that `Expr.isLValue()` matches for C++ lvalues, which is a larger set + * than the set of C lvalues. + */ +predicate isCLValue(Expr expr) { + expr instanceof PointerFieldAccess + or + expr.isLValue() and + not expr instanceof ConditionalExpr and + not expr instanceof AssignExpr and + not expr instanceof CommaExpr and + not exists(Cast c | c = expr.getConversion*()) +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/VariablyModifiedTypes.qll b/cpp/common/src/codingstandards/cpp/VariablyModifiedTypes.qll new file mode 100644 index 0000000000..730a52d763 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/VariablyModifiedTypes.qll @@ -0,0 +1,143 @@ +import cpp + +/** + * A candidate to be a variably length array type (VLA). + * + * This class represents a candidate only, for a few reasons. + * + * Firstly, the `ArrayType` class does not know when it has variable size, so + * this class matches all array types with unknown size, including `x[]` which + * is not a VLA. To determine the difference, we must compare locations between + * where * these types are declared, and the location of `VlaDecl`s etc. + * + * Secondly, function parameters of array type are adjusted into pointers. This + * means that while a parameter type can be a `CandidateVlaType`, that + * parameter is not a VLA. + */ +class CandidateVlaType extends ArrayType { + CandidateVlaType() { not hasArraySize() } + + Type getVariableBaseType() { result = this.getBaseType() } +} + +/** + * A type that is a variably modified type (VMT) if it does not undergo + * parameter type adjustment. + * + * A variably modified type is a VLA type, or a type containing a VMT type, for + * instance, a pointer to a VLA or a pointer to a pointer to a VLA. + * + * Function parameters and function type parameters of type `T[]` are adjusted + * to type `T*`, which can turn VMTs into non-VMTs. To check if a parameter + * type is a VMT, use `VariablyModifiedTypeIfAdjusted`. + */ +class VariablyModifiedTypeIfUnadjusted extends Type { + CandidateVlaType innerVlaType; + + VariablyModifiedTypeIfUnadjusted() { + // Take care that `int[x][y]` only matches for `innerVlaType = int[y]`. + if this instanceof CandidateVlaType + then innerVlaType = this + else innerVlaType = this.(NoAdjustmentVariablyModifiedType).getInnerVlaType() + } + + CandidateVlaType getInnerVlaType() { result = innerVlaType } +} + +/** + * A type that is a variably modified type (VMT) if it undergoes parameter type + * adjustment. + * + * A variably modified type is a VLA type, or a type containing a VMT type, for + * instance, a pointer to a VLA or a pointer to a pointer to a VLA. + * + * Function parameters and function type parameters of type `T[]` are adjusted + * to type `T*`, which can turn VMTs into non-VMTs. To check if a non-parameter + * type (for instance, the type of a local variable) is a VMT, use + * `VariablyModifiedTypeIfUnadjusted`. + */ +class VariablyModifiedTypeIfAdjusted extends Type { + CandidateVlaType innerVlaType; + + VariablyModifiedTypeIfAdjusted() { + innerVlaType = this.(ParameterAdjustedVariablyModifiedType).getInnerVlaType() + or + innerVlaType = this.(NoAdjustmentVariablyModifiedType).getInnerVlaType() + } + + CandidateVlaType getInnerVlaType() { result = innerVlaType } +} + +/** + * A variably modified type candidate which is unaffected by parameter type + * adjustment (from `T[]` to `*T`). + * + * Parameter adjustment (from `T[]` to `*T`) occurs on all function parameter + * types for exactly one level of depth. + * + * A variably-modified type (VMT) is a type which includes an inner type that is + * a VLA type. That is to say, a pointer to a VLA is a VMT, and a pointer to a + * VMT is a VMT. + * + * Note: This class does *not* match all VLA types. While VLA types *are* VMTs, + * VMTs can be parameter-adjusted to pointers, which are not VLA types. This + * class *will* match multidimensional VLAs, as those are adjusted to pointers + * to VLAs, and pointers to VLAs are VMTs. + */ +class NoAdjustmentVariablyModifiedType extends Type { + CandidateVlaType vlaType; + + NoAdjustmentVariablyModifiedType() { + exists(Type innerType | + ( + innerType = this.(PointerType).getBaseType() + or + innerType = this.(ArrayType).getBaseType() + or + innerType = this.(RoutineType).getReturnType() + or + innerType = this.(RoutineType).getAParameterType() + or + innerType = this.(FunctionPointerType).getReturnType() + or + innerType = this.(TypedefType).getBaseType() + or + innerType = this.(SpecifiedType).getBaseType() + ) and + vlaType = innerType.(VariablyModifiedTypeIfUnadjusted).getInnerVlaType() + ) + or + vlaType = + this.(FunctionPointerType) + .getAParameterType() + .(VariablyModifiedTypeIfAdjusted) + .getInnerVlaType() + or + vlaType = + this.(RoutineType).getAParameterType().(VariablyModifiedTypeIfAdjusted).getInnerVlaType() + } + + CandidateVlaType getInnerVlaType() { result = vlaType } +} + +/** + * An array type that adjusts to a variably-modified type (a type which is or + * contains a VLA type) when it is a parameter type. + * + * A variably-modified type (VMT) is a VLA type or a type which has an inner type + * that is a VMT type, for instance, a pointer to a VLA type. + * + * Parameter adjustment occurs on all function parameter types, changing type + * `T[]` to `*T` for exactly one level of depth. Therefore, a VLA type will not + * be a VLA type/VMT after parameter adjustment, unless it is an array of VMTs, + * such that it parameter adjustment produces a pointer to a VMT. + */ +class ParameterAdjustedVariablyModifiedType extends ArrayType { + CandidateVlaType innerVlaType; + + ParameterAdjustedVariablyModifiedType() { + innerVlaType = getBaseType().(VariablyModifiedTypeIfUnadjusted).getInnerVlaType() + } + + CandidateVlaType getInnerVlaType() { result = innerVlaType } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/InvalidMemory3.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/InvalidMemory3.qll new file mode 100644 index 0000000000..c4e39882ec --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/InvalidMemory3.qll @@ -0,0 +1,61 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype InvalidMemory3Query = + TPointersToVariablyModifiedArrayTypesUsedQuery() or + TArrayToPointerConversionOfTemporaryObjectQuery() or + TModifiableLValueSubscriptedWithTemporaryLifetimeQuery() + +predicate isInvalidMemory3QueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `pointersToVariablyModifiedArrayTypesUsed` query + InvalidMemory3Package::pointersToVariablyModifiedArrayTypesUsedQuery() and + queryId = + // `@id` for the `pointersToVariablyModifiedArrayTypesUsed` query + "c/misra/pointers-to-variably-modified-array-types-used" and + ruleId = "RULE-18-10" and + category = "mandatory" + or + query = + // `Query` instance for the `arrayToPointerConversionOfTemporaryObject` query + InvalidMemory3Package::arrayToPointerConversionOfTemporaryObjectQuery() and + queryId = + // `@id` for the `arrayToPointerConversionOfTemporaryObject` query + "c/misra/array-to-pointer-conversion-of-temporary-object" and + ruleId = "RULE-18-9" and + category = "required" + or + query = + // `Query` instance for the `modifiableLValueSubscriptedWithTemporaryLifetime` query + InvalidMemory3Package::modifiableLValueSubscriptedWithTemporaryLifetimeQuery() and + queryId = + // `@id` for the `modifiableLValueSubscriptedWithTemporaryLifetime` query + "c/misra/modifiable-l-value-subscripted-with-temporary-lifetime" and + ruleId = "RULE-18-9" and + category = "required" +} + +module InvalidMemory3Package { + Query pointersToVariablyModifiedArrayTypesUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `pointersToVariablyModifiedArrayTypesUsed` query + TQueryC(TInvalidMemory3PackageQuery(TPointersToVariablyModifiedArrayTypesUsedQuery())) + } + + Query arrayToPointerConversionOfTemporaryObjectQuery() { + //autogenerate `Query` type + result = + // `Query` type for `arrayToPointerConversionOfTemporaryObject` query + TQueryC(TInvalidMemory3PackageQuery(TArrayToPointerConversionOfTemporaryObjectQuery())) + } + + Query modifiableLValueSubscriptedWithTemporaryLifetimeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `modifiableLValueSubscriptedWithTemporaryLifetime` query + TQueryC(TInvalidMemory3PackageQuery(TModifiableLValueSubscriptedWithTemporaryLifetimeQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index 581585da5c..ca2097f073 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -37,6 +37,7 @@ import IO4 import IntegerOverflow import InvalidMemory1 import InvalidMemory2 +import InvalidMemory3 import Language1 import Language2 import Language3 @@ -111,6 +112,7 @@ newtype TCQuery = TIntegerOverflowPackageQuery(IntegerOverflowQuery q) or TInvalidMemory1PackageQuery(InvalidMemory1Query q) or TInvalidMemory2PackageQuery(InvalidMemory2Query q) or + TInvalidMemory3PackageQuery(InvalidMemory3Query q) or TLanguage1PackageQuery(Language1Query q) or TLanguage2PackageQuery(Language2Query q) or TLanguage3PackageQuery(Language3Query q) or @@ -185,6 +187,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isIntegerOverflowQueryMetadata(query, queryId, ruleId, category) or isInvalidMemory1QueryMetadata(query, queryId, ruleId, category) or isInvalidMemory2QueryMetadata(query, queryId, ruleId, category) or + isInvalidMemory3QueryMetadata(query, queryId, ruleId, category) or isLanguage1QueryMetadata(query, queryId, ruleId, category) or isLanguage2QueryMetadata(query, queryId, ruleId, category) or isLanguage3QueryMetadata(query, queryId, ruleId, category) or diff --git a/cpp/common/src/codingstandards/cpp/lifetimes/CLifetimes.qll b/cpp/common/src/codingstandards/cpp/lifetimes/CLifetimes.qll new file mode 100644 index 0000000000..d27034f50d --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/lifetimes/CLifetimes.qll @@ -0,0 +1,48 @@ +import cpp +import codingstandards.cpp.Clvalues + +/** + * A struct or union type that contains an array type. + */ +class StructOrUnionTypeWithArrayField extends Struct { + StructOrUnionTypeWithArrayField() { + this.getAField().getUnspecifiedType() instanceof ArrayType + or + // nested struct or union containing an array type + this.getAField().getUnspecifiedType().(Struct) instanceof StructOrUnionTypeWithArrayField + } +} + +/** + * A non-lvalue expression with struct or or union type that has a field member + * of array type, has a temporary lifetime. + * + * The array members are also part of that object, and thus also have temporary + * lifetime. + */ +class TemporaryLifetimeExpr extends Expr { + TemporaryLifetimeExpr() { + getUnconverted().getUnspecifiedType() instanceof StructOrUnionTypeWithArrayField and + not isCLValue(this) + or + this.(ArrayExpr).getArrayBase() instanceof TemporaryLifetimeArrayAccess + } +} + +/** + * A field access on a temporary object that returns an array member. + */ +class TemporaryLifetimeArrayAccess extends FieldAccess { + // The temporary lifetime object which owns the array that is returned. + TemporaryLifetimeExpr temporary; + + TemporaryLifetimeArrayAccess() { + getQualifier().getUnconverted() = temporary and + getUnspecifiedType() instanceof ArrayType + } + + /** + * Get the temporary lifetime object which own the array that is returned. + */ + Expr getTemporary() { result = temporary } +} diff --git a/rule_packages/c/InvalidMemory3.json b/rule_packages/c/InvalidMemory3.json new file mode 100644 index 0000000000..feeb8b2b47 --- /dev/null +++ b/rule_packages/c/InvalidMemory3.json @@ -0,0 +1,59 @@ +{ + "MISRA-C-2012": { + "RULE-18-10": { + "properties": { + "obligation": "mandatory" + }, + "queries": [ + { + "description": "Pointers to variably-modified array types shall not be used, as these pointer types are frequently incompatible with other fixed or variably sized arrays, resulting in undefined behavior.", + "kind": "problem", + "name": "Pointers to variably-modified array types shall not be used", + "precision": "high", + "severity": "error", + "short_name": "PointersToVariablyModifiedArrayTypesUsed", + "tags": [ + "external/misra/c/2012/amendment4", + "correctness", + "security" + ] + } + ], + "title": "Pointers to variably-modified array types shall not be used" + }, + "RULE-18-9": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Modifying or accessing elements of an array with temporary lifetime that has been converted to a pointer will result in undefined behavior.", + "kind": "problem", + "name": "An object with temporary lifetime shall not undergo array to pointer conversion", + "precision": "high", + "severity": "error", + "short_name": "ArrayToPointerConversionOfTemporaryObject", + "tags": [ + "external/misra/c/2012/amendment3", + "correctness", + "security" + ] + }, + { + "description": "Modifying elements of an array with temporary lifetime will result in undefined behavior.", + "kind": "problem", + "name": "Usage of the subscript operator on an object with temporary lifetime shall not return a modifiable value", + "precision": "high", + "severity": "error", + "short_name": "ModifiableLValueSubscriptedWithTemporaryLifetime", + "tags": [ + "external/misra/c/2012/amendment3", + "correctness", + "security" + ] + } + ], + "title": "An object with temporary lifetime shall not undergo array to pointer conversion" + } + } +} \ No newline at end of file From ee78b9bd4ca36b9d0897844fd88b0e7747cd07ba Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Wed, 16 Oct 2024 17:00:02 -0700 Subject: [PATCH 2144/2573] Fix query metadata --- c/misra/src/rules/RULE-21-24/CallToBannedRandomFunction.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/misra/src/rules/RULE-21-24/CallToBannedRandomFunction.ql b/c/misra/src/rules/RULE-21-24/CallToBannedRandomFunction.ql index dda3dd4b9e..8066cc80cb 100644 --- a/c/misra/src/rules/RULE-21-24/CallToBannedRandomFunction.ql +++ b/c/misra/src/rules/RULE-21-24/CallToBannedRandomFunction.ql @@ -2,7 +2,7 @@ * @id c/misra/call-to-banned-random-function * @name RULE-21-24: The random number generator functions of shall not be used * @description The standard functions rand() and srand() will not give high quality random results - * in all implementations and is thus banned. + * in all implementations and are therefore banned. * @kind problem * @precision very-high * @problem.severity warning From 5b5777f324fe95090641e5cd8eb922b176377f6a Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Wed, 16 Oct 2024 17:03:59 -0700 Subject: [PATCH 2145/2573] Fix formatting --- ...PointersToVariablyModifiedArrayTypesUsed.ql | 11 +++++------ ...leLValueSubscriptedWithTemporaryLifetime.ql | 1 - ...rsToVariablyModifiedArrayTypesUsed.expected | 4 ++-- c/misra/test/rules/RULE-18-10/test.c | 18 +++++++++--------- .../src/codingstandards/cpp/Clvalues.qll | 2 +- 5 files changed, 17 insertions(+), 19 deletions(-) diff --git a/c/misra/src/rules/RULE-18-10/PointersToVariablyModifiedArrayTypesUsed.ql b/c/misra/src/rules/RULE-18-10/PointersToVariablyModifiedArrayTypesUsed.ql index 5a4edb4a98..fec8f5d2e1 100644 --- a/c/misra/src/rules/RULE-18-10/PointersToVariablyModifiedArrayTypesUsed.ql +++ b/c/misra/src/rules/RULE-18-10/PointersToVariablyModifiedArrayTypesUsed.ql @@ -22,14 +22,14 @@ import codingstandards.cpp.VariablyModifiedTypes * Check that the declaration entry, which may be a parameter or a variable * etc., seems to subsume the location of `inner`, including the declaration * type text. - * + * * The location of the `DeclarationEntry` itself points to the _identifier_ * that is declared. This range will not include the type of the declaration. - * + * * For parameters, the `before` and `end` `Location` objects will be * constrained to the closest earlier element (parameter or function body), * these values can therefore be captured and inspected for debugging. - * + * * For declarations which occur in statements, the `before` and `end` * `Location` objects will be both constrained to be equal, and equal to, * the `Location` of the containing `DeclStmt`. @@ -71,7 +71,6 @@ predicate declarationSubsumes( class InvalidDeclaration extends DeclarationEntry { Expr sizeExpr; CandidateVlaType vlaType; - // `before` and `after` are captured for debugging, see doc comment for // `declarationSubsumes`. Location before; @@ -84,9 +83,9 @@ class InvalidDeclaration extends DeclarationEntry { if this instanceof ParameterDeclarationEntry then vlaType = this.getType().(VariablyModifiedTypeIfAdjusted).getInnerVlaType() else vlaType = this.getType().(VariablyModifiedTypeIfUnadjusted).getInnerVlaType() - ) + ) and // Capture only pointers to VLA types, not raw VLA types. - and not vlaType = this.getType() + not vlaType = this.getType() } Expr getSizeExpr() { result = sizeExpr } diff --git a/c/misra/src/rules/RULE-18-9/ModifiableLValueSubscriptedWithTemporaryLifetime.ql b/c/misra/src/rules/RULE-18-9/ModifiableLValueSubscriptedWithTemporaryLifetime.ql index 468e44f3bb..f8a341b9bd 100644 --- a/c/misra/src/rules/RULE-18-9/ModifiableLValueSubscriptedWithTemporaryLifetime.ql +++ b/c/misra/src/rules/RULE-18-9/ModifiableLValueSubscriptedWithTemporaryLifetime.ql @@ -45,7 +45,6 @@ predicate usedAsModifiableLvalue(Expr expr) { exists(AddressOfExpr parent | parent.getOperand() = expr) or exists(FieldAccess parent | parent.getQualifier() = expr and usedAsModifiableLvalue(parent)) - } from TemporaryLifetimeArrayExpr expr, TemporaryLifetimeArrayAccess member diff --git a/c/misra/test/rules/RULE-18-10/PointersToVariablyModifiedArrayTypesUsed.expected b/c/misra/test/rules/RULE-18-10/PointersToVariablyModifiedArrayTypesUsed.expected index 87cb3de5c7..76b3da5eb0 100644 --- a/c/misra/test/rules/RULE-18-10/PointersToVariablyModifiedArrayTypesUsed.expected +++ b/c/misra/test/rules/RULE-18-10/PointersToVariablyModifiedArrayTypesUsed.expected @@ -7,11 +7,11 @@ | test.c:25:13:25:15 | definition of p10 | Parameter p10 is declared with variably-modified type, with inner variable length array of non constant size $@ and element type 'int *' | test.c:25:18:25:19 | p0 | p0 | | test.c:28:12:28:14 | definition of p11 | Parameter p11 is adjusted to variably-modified type, with inner variable length array of non constant size $@ and element type 'int' | test.c:28:21:28:22 | p0 | p0 | | test.c:32:17:32:19 | definition of p13 | Parameter p13 is declared with variably-modified type, pointer to variable length array of non constant size $@ and element type 'const int' | test.c:32:22:32:23 | p0 | p0 | -| test.c:33:18:33:20 | definition of p14 | Parameter p14 is declared with variably-modified type, with inner variable length array of non constant size $@ and element type 'int' | test.c:33:23:33:24 | p0 | p0 | +| test.c:33:17:33:19 | definition of p14 | Parameter p14 is declared with variably-modified type, with inner variable length array of non constant size $@ and element type 'int' | test.c:33:22:33:23 | p0 | p0 | | test.c:40:12:40:14 | definition of p17 | Parameter p17 is declared with variably-modified type, with inner variable length array of non constant size $@ and element type 'int' | test.c:40:24:40:25 | p0 | p0 | | test.c:41:14:41:16 | definition of p18 | Parameter p18 is declared with variably-modified type, with inner variable length array of non constant size $@ and element type 'int' | test.c:41:27:41:28 | p0 | p0 | | test.c:68:9:68:11 | definition of p27 | Parameter p27 is adjusted to variably-modified type, with inner variable length array of non constant size $@ and element type 'int' | test.c:68:13:68:14 | p0 | p0 | | test.c:68:9:68:11 | definition of p27 | Parameter p27 is adjusted to variably-modified type, with inner variable length array of non constant size $@ and element type 'int' | test.c:68:17:68:18 | p0 | p0 | | test.c:74:8:74:9 | definition of l3 | Variable l3 is declared with variably-modified type, pointer to variable length array of non constant size $@ and element type 'int' | test.c:74:12:74:13 | p0 | p0 | | test.c:79:15:79:16 | definition of l4 | Variable l4 is declared with variably-modified type, pointer to variable length array of non constant size $@ and element type 'int' | test.c:79:19:79:20 | p0 | p0 | -| test.c:84:17:84:19 | declaration of td3 | Declaration td3 is declared with variably-modified type, with inner variable length array of non constant size $@ and element type 'int' | test.c:84:22:84:23 | p0 | p0 | +| test.c:84:16:84:18 | declaration of td3 | Declaration td3 is declared with variably-modified type, with inner variable length array of non constant size $@ and element type 'int' | test.c:84:21:84:22 | p0 | p0 | diff --git a/c/misra/test/rules/RULE-18-10/test.c b/c/misra/test/rules/RULE-18-10/test.c index cf90e256e7..dbddbecec8 100644 --- a/c/misra/test/rules/RULE-18-10/test.c +++ b/c/misra/test/rules/RULE-18-10/test.c @@ -21,16 +21,16 @@ void f1( // Types referring to pointers to VMTs: // - pointer to pointer to VMT - int(*(*p9)[p0]), // NON-COMPLIANT + int(*(*p9)[p0]), // NON-COMPLIANT int(*(**p10)[p0]), // NON-COMPLIANT // - array of pointers to VMT int (*(p11[3]))[p0], // NON-COMPLIANT // - const VMTs, const array-to-pointer adjustment - const int p12[p0], // COMPLIANT - const int (*p13)[p0], // NON-COMPLIANT - int (* const p14)[p0], // NON-COMPLIANT + const int p12[p0], // COMPLIANT + const int (*p13)[p0], // NON-COMPLIANT + int (*const p14)[p0], // NON-COMPLIANT // - function types with argument that is a pointer to a VMT int p15(int (*inner)[p0]), // NON-COMPLIANT[FALSE_NEGATIVE] @@ -58,7 +58,7 @@ void f1( // Unknown array length types: int p21[], // COMPLIANT - int p22[][], // COMPLIANT + int p22[][], // COMPLIANT int (*p23)[], // COMPLIANT int (*p24)[2][], // COMPLIANT int (*p25)[][2], // COMPLIANT @@ -68,7 +68,7 @@ void f1( int p27[p0][p0] // NON-COMPLIANT ) { // Local variables may contain pointers to VMTs: - int l0[p0]; // COMPLIANT + int l0[p0]; // COMPLIANT int(*l1)[]; // COMPLIANT int(*l2)[3]; // COMPLIANT int(*l3)[p0]; // NON-COMPLIANT @@ -79,9 +79,9 @@ void f1( static int(*l4)[p0]; // NON-COMPLIANT // Block scope typedefs may refer to VMTs - typedef int (*td1)[3]; // COMPLIANT - typedef int (*td2)[]; // COMPLIANT - typedef int (*td3)[p0]; // NON-COMPLIANT + typedef int(*td1)[3]; // COMPLIANT + typedef int(*td2)[]; // COMPLIANT + typedef int(*td3)[p0]; // NON-COMPLIANT td3 l5; // NON-COMPLIANT } diff --git a/cpp/common/src/codingstandards/cpp/Clvalues.qll b/cpp/common/src/codingstandards/cpp/Clvalues.qll index 2e330e0732..73fcd65eb1 100644 --- a/cpp/common/src/codingstandards/cpp/Clvalues.qll +++ b/cpp/common/src/codingstandards/cpp/Clvalues.qll @@ -14,4 +14,4 @@ predicate isCLValue(Expr expr) { not expr instanceof AssignExpr and not expr instanceof CommaExpr and not exists(Cast c | c = expr.getConversion*()) -} \ No newline at end of file +} From b7783606813a27a79cfec71e6fc1de62a980f5df Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 17 Oct 2024 15:05:20 -0700 Subject: [PATCH 2146/2573] Use shared queries / generally report obsolescent features even if redundant. Redundant reports should not be a common user issue; these features are obsolescent and likely rarely used and less often to be excepted. Implement ungetc() on a zero-offset stream and specific banning of gets(), as the redundant rules for those obsolescent features report a far wider set of issues than banned by RULE-1-5. Implementation of banning ungetc() on a zero-offset stream is not thorough or comprehensive. This should be fine. False positives should not create any user issues because the call of the function overall is banned. And false negatives should not be an issue, for the same reason. --- ...tionTypesNotInPrototypeFormShared.expected | 4 + ...esNotInPrototypeFormShared.expected.clang} | 0 .../FunctionTypesNotInPrototypeFormShared.ql | 4 + .../test.c | 5 -- .../test.c.clang | 0 ...pecifierObjectRedeclarationShared.expected | 1 + ...taticSpecifierObjectRedeclarationShared.ql | 5 ++ .../test.c | 8 ++ .../RULE-1-5/CallToObsolescentFunctionGets.ql | 22 +++++ ...FunctionTypesNotInPrototypeFormObsolete.ql | 23 +++++ ...taticSpecifierFuncRedeclarationObsolete.ql | 23 +++++ ...ticSpecifierObjectRedeclarationObsolete.ql | 23 +++++ .../UngetcCallOnStreamPositionZero.ql | 69 +++++++++++++++ .../FunctionTypesNotInPrototypeForm.ql | 46 ++-------- ...singStaticSpecifierObjectRedeclarationC.ql | 17 ++-- .../CallToObsolescentFunctionGets.expected | 1 + .../CallToObsolescentFunctionGets.qlref | 1 + .../FunctionTypesNotInPrototypeForm.expected | 2 - .../FunctionTypesNotInPrototypeForm.qlref | 1 - ...ionTypesNotInPrototypeFormObsolete.testref | 1 + ...llocDeallocFunctionsOfStdlibhUsed.expected | 3 - ...ryAllocDeallocFunctionsOfStdlibhUsed.qlref | 1 - ...SpecifierFuncRedeclarationObsolete.testref | 1 + ...aticSpecifierObjectRedeclarationC.expected | 1 - ...gStaticSpecifierObjectRedeclarationC.qlref | 1 - ...ecifierObjectRedeclarationObsolete.testref | 1 + ...rdLibraryInputoutputFunctionsUsed.expected | 3 - ...ndardLibraryInputoutputFunctionsUsed.qlref | 1 - .../UngetcCallOnStreamPositionZero.expected | 1 + .../UngetcCallOnStreamPositionZero.qlref | 1 + c/misra/test/rules/RULE-1-5/test.c | 27 ++---- .../FunctionTypesNotInPrototypeForm.expected | 4 - .../FunctionTypesNotInPrototypeForm.qlref | 1 - .../FunctionTypesNotInPrototypeForm.testref | 1 + ...aticSpecifierObjectRedeclarationC.expected | 1 - ...gStaticSpecifierObjectRedeclarationC.qlref | 1 - ...taticSpecifierObjectRedeclarationC.testref | 1 + c/misra/test/rules/RULE-8-8/test.c | 13 --- .../cpp/exclusions/c/Language4.qll | 85 +++++++++++++++++++ .../FunctionTypesNotInPrototypeFormShared.qll | 54 ++++++++++++ ...aticSpecifierObjectRedeclarationShared.qll | 27 ++++++ rule_packages/c/Declarations4.json | 1 + rule_packages/c/Declarations5.json | 1 + rule_packages/c/Language4.json | 77 ++++++++++++++++- 44 files changed, 450 insertions(+), 114 deletions(-) create mode 100644 c/common/test/rules/functiontypesnotinprototypeformshared/FunctionTypesNotInPrototypeFormShared.expected rename c/{misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.expected.clang => common/test/rules/functiontypesnotinprototypeformshared/FunctionTypesNotInPrototypeFormShared.expected.clang} (100%) create mode 100644 c/common/test/rules/functiontypesnotinprototypeformshared/FunctionTypesNotInPrototypeFormShared.ql rename c/{misra/test/rules/RULE-8-2 => common/test/rules/functiontypesnotinprototypeformshared}/test.c (50%) rename c/{misra/test/rules/RULE-8-2 => common/test/rules/functiontypesnotinprototypeformshared}/test.c.clang (100%) create mode 100644 c/common/test/rules/missingstaticspecifierobjectredeclarationshared/MissingStaticSpecifierObjectRedeclarationShared.expected create mode 100644 c/common/test/rules/missingstaticspecifierobjectredeclarationshared/MissingStaticSpecifierObjectRedeclarationShared.ql create mode 100644 c/common/test/rules/missingstaticspecifierobjectredeclarationshared/test.c create mode 100644 c/misra/src/rules/RULE-1-5/CallToObsolescentFunctionGets.ql create mode 100644 c/misra/src/rules/RULE-1-5/FunctionTypesNotInPrototypeFormObsolete.ql create mode 100644 c/misra/src/rules/RULE-1-5/MissingStaticSpecifierFuncRedeclarationObsolete.ql create mode 100644 c/misra/src/rules/RULE-1-5/MissingStaticSpecifierObjectRedeclarationObsolete.ql create mode 100644 c/misra/src/rules/RULE-1-5/UngetcCallOnStreamPositionZero.ql create mode 100644 c/misra/test/rules/RULE-1-5/CallToObsolescentFunctionGets.expected create mode 100644 c/misra/test/rules/RULE-1-5/CallToObsolescentFunctionGets.qlref delete mode 100644 c/misra/test/rules/RULE-1-5/FunctionTypesNotInPrototypeForm.expected delete mode 100644 c/misra/test/rules/RULE-1-5/FunctionTypesNotInPrototypeForm.qlref create mode 100644 c/misra/test/rules/RULE-1-5/FunctionTypesNotInPrototypeFormObsolete.testref delete mode 100644 c/misra/test/rules/RULE-1-5/MemoryAllocDeallocFunctionsOfStdlibhUsed.expected delete mode 100644 c/misra/test/rules/RULE-1-5/MemoryAllocDeallocFunctionsOfStdlibhUsed.qlref create mode 100644 c/misra/test/rules/RULE-1-5/MissingStaticSpecifierFuncRedeclarationObsolete.testref delete mode 100644 c/misra/test/rules/RULE-1-5/MissingStaticSpecifierObjectRedeclarationC.expected delete mode 100644 c/misra/test/rules/RULE-1-5/MissingStaticSpecifierObjectRedeclarationC.qlref create mode 100644 c/misra/test/rules/RULE-1-5/MissingStaticSpecifierObjectRedeclarationObsolete.testref delete mode 100644 c/misra/test/rules/RULE-1-5/StandardLibraryInputoutputFunctionsUsed.expected delete mode 100644 c/misra/test/rules/RULE-1-5/StandardLibraryInputoutputFunctionsUsed.qlref create mode 100644 c/misra/test/rules/RULE-1-5/UngetcCallOnStreamPositionZero.expected create mode 100644 c/misra/test/rules/RULE-1-5/UngetcCallOnStreamPositionZero.qlref delete mode 100644 c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.expected delete mode 100644 c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.qlref create mode 100644 c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.testref delete mode 100644 c/misra/test/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.expected delete mode 100644 c/misra/test/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.qlref create mode 100644 c/misra/test/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.testref delete mode 100644 c/misra/test/rules/RULE-8-8/test.c create mode 100644 cpp/common/src/codingstandards/cpp/rules/functiontypesnotinprototypeformshared/FunctionTypesNotInPrototypeFormShared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/missingstaticspecifierobjectredeclarationshared/MissingStaticSpecifierObjectRedeclarationShared.qll diff --git a/c/common/test/rules/functiontypesnotinprototypeformshared/FunctionTypesNotInPrototypeFormShared.expected b/c/common/test/rules/functiontypesnotinprototypeformshared/FunctionTypesNotInPrototypeFormShared.expected new file mode 100644 index 0000000000..f2c08897b8 --- /dev/null +++ b/c/common/test/rules/functiontypesnotinprototypeformshared/FunctionTypesNotInPrototypeFormShared.expected @@ -0,0 +1,4 @@ +| test.c:3:6:3:7 | f1 | Function f1 declares parameter that is unnamed. | +| test.c:4:6:4:7 | f2 | Function f2 does not specify void for no parameters present. | +| test.c:5:6:5:7 | f3 | Function f3 does not specify void for no parameters present. | +| test.c:7:5:7:6 | f5 | Function f5 declares parameter in unsupported declaration list. | diff --git a/c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.expected.clang b/c/common/test/rules/functiontypesnotinprototypeformshared/FunctionTypesNotInPrototypeFormShared.expected.clang similarity index 100% rename from c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.expected.clang rename to c/common/test/rules/functiontypesnotinprototypeformshared/FunctionTypesNotInPrototypeFormShared.expected.clang diff --git a/c/common/test/rules/functiontypesnotinprototypeformshared/FunctionTypesNotInPrototypeFormShared.ql b/c/common/test/rules/functiontypesnotinprototypeformshared/FunctionTypesNotInPrototypeFormShared.ql new file mode 100644 index 0000000000..25d273354d --- /dev/null +++ b/c/common/test/rules/functiontypesnotinprototypeformshared/FunctionTypesNotInPrototypeFormShared.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.functiontypesnotinprototypeformshared.FunctionTypesNotInPrototypeFormShared + +class TestFileQuery extends FunctionTypesNotInPrototypeFormSharedSharedQuery, TestQuery { } diff --git a/c/misra/test/rules/RULE-8-2/test.c b/c/common/test/rules/functiontypesnotinprototypeformshared/test.c similarity index 50% rename from c/misra/test/rules/RULE-8-2/test.c rename to c/common/test/rules/functiontypesnotinprototypeformshared/test.c index 1ed64c0011..c254a221d9 100644 --- a/c/misra/test/rules/RULE-8-2/test.c +++ b/c/common/test/rules/functiontypesnotinprototypeformshared/test.c @@ -1,8 +1,3 @@ -// Note: A subset of these cases are also tested in c/misra/test/rules/RULE-1-5 -// via a FunctionTypesNotInPrototypeForm.qlref and .expected file in that -// directory. Changes to these tests may require updating the test code or -// expectations in that directory as well. - void f(int x); // COMPLIANT void f0(void); // COMPLIANT void f1(int); // NON_COMPLIANT diff --git a/c/misra/test/rules/RULE-8-2/test.c.clang b/c/common/test/rules/functiontypesnotinprototypeformshared/test.c.clang similarity index 100% rename from c/misra/test/rules/RULE-8-2/test.c.clang rename to c/common/test/rules/functiontypesnotinprototypeformshared/test.c.clang diff --git a/c/common/test/rules/missingstaticspecifierobjectredeclarationshared/MissingStaticSpecifierObjectRedeclarationShared.expected b/c/common/test/rules/missingstaticspecifierobjectredeclarationshared/MissingStaticSpecifierObjectRedeclarationShared.expected new file mode 100644 index 0000000000..34a7723bcd --- /dev/null +++ b/c/common/test/rules/missingstaticspecifierobjectredeclarationshared/MissingStaticSpecifierObjectRedeclarationShared.expected @@ -0,0 +1 @@ +| test.c:2:12:2:12 | declaration of g | The redeclaration of $@ with internal linkage misses the static specifier. | test.c:1:12:1:12 | definition of g | g | diff --git a/c/common/test/rules/missingstaticspecifierobjectredeclarationshared/MissingStaticSpecifierObjectRedeclarationShared.ql b/c/common/test/rules/missingstaticspecifierobjectredeclarationshared/MissingStaticSpecifierObjectRedeclarationShared.ql new file mode 100644 index 0000000000..3d6d2019fb --- /dev/null +++ b/c/common/test/rules/missingstaticspecifierobjectredeclarationshared/MissingStaticSpecifierObjectRedeclarationShared.ql @@ -0,0 +1,5 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.missingstaticspecifierobjectredeclarationshared.MissingStaticSpecifierObjectRedeclarationShared + +class TestFileQuery extends MissingStaticSpecifierObjectRedeclarationSharedSharedQuery, TestQuery { +} diff --git a/c/common/test/rules/missingstaticspecifierobjectredeclarationshared/test.c b/c/common/test/rules/missingstaticspecifierobjectredeclarationshared/test.c new file mode 100644 index 0000000000..d98d71c6f0 --- /dev/null +++ b/c/common/test/rules/missingstaticspecifierobjectredeclarationshared/test.c @@ -0,0 +1,8 @@ +static int g = 0; +extern int g; // NON_COMPLIANT + +static int g1; +static int g1 = 0; // COMPLIANT + +int g2; +int g2 = 0; // COMPLIANT diff --git a/c/misra/src/rules/RULE-1-5/CallToObsolescentFunctionGets.ql b/c/misra/src/rules/RULE-1-5/CallToObsolescentFunctionGets.ql new file mode 100644 index 0000000000..4994c4ea6e --- /dev/null +++ b/c/misra/src/rules/RULE-1-5/CallToObsolescentFunctionGets.ql @@ -0,0 +1,22 @@ +/** + * @id c/misra/call-to-obsolescent-function-gets + * @name RULE-1-5: Disallowed usage of obsolescent function 'gets' + * @description The function 'gets' is an obsolescent language feature which was removed in C11. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-1-5 + * external/misra/c/2012/amendment3 + * security + * maintainability + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +from FunctionCall fc +where + not isExcluded(fc, Language4Package::callToObsolescentFunctionGetsQuery()) and + fc.getTarget().hasGlobalOrStdName("gets") +select fc, "Call to obsolescent function 'gets'." diff --git a/c/misra/src/rules/RULE-1-5/FunctionTypesNotInPrototypeFormObsolete.ql b/c/misra/src/rules/RULE-1-5/FunctionTypesNotInPrototypeFormObsolete.ql new file mode 100644 index 0000000000..8f0e626bc8 --- /dev/null +++ b/c/misra/src/rules/RULE-1-5/FunctionTypesNotInPrototypeFormObsolete.ql @@ -0,0 +1,23 @@ +/** + * @id c/misra/function-types-not-in-prototype-form-obsolete + * @name RULE-1-5: Function types shall be in prototype form with named parameters + * @description The use of non-prototype format parameter type declarators is an obsolescent + * language feature. + * @kind problem + * @precision medium + * @problem.severity error + * @tags external/misra/id/rule-1-5 + * correctness + * external/misra/c/2012/amendment3 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.rules.functiontypesnotinprototypeformshared.FunctionTypesNotInPrototypeFormShared + +class FunctionTypesNotInPrototypeFormObsoleteQuery extends FunctionTypesNotInPrototypeFormSharedSharedQuery { + FunctionTypesNotInPrototypeFormObsoleteQuery() { + this = Language4Package::functionTypesNotInPrototypeFormObsoleteQuery() + } +} diff --git a/c/misra/src/rules/RULE-1-5/MissingStaticSpecifierFuncRedeclarationObsolete.ql b/c/misra/src/rules/RULE-1-5/MissingStaticSpecifierFuncRedeclarationObsolete.ql new file mode 100644 index 0000000000..5a70e0287a --- /dev/null +++ b/c/misra/src/rules/RULE-1-5/MissingStaticSpecifierFuncRedeclarationObsolete.ql @@ -0,0 +1,23 @@ +/** + * @id c/misra/missing-static-specifier-func-redeclaration-obsolete + * @name RULE-1-5: If a function has internal linkage then all re-declarations shall include the static storage class + * @description Declaring a function with internal linkage without the static storage class + * specifier is an obselescent feature. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/misra/id/rule-1-5 + * readability + * external/misra/c/2012/amendment3 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.rules.missingstaticspecifierfunctionredeclarationshared.MissingStaticSpecifierFunctionRedeclarationShared + +class MissingStaticSpecifierFuncRedeclarationObsoleteQuery extends MissingStaticSpecifierFunctionRedeclarationSharedSharedQuery { + MissingStaticSpecifierFuncRedeclarationObsoleteQuery() { + this = Language4Package::missingStaticSpecifierFuncRedeclarationObsoleteQuery() + } +} diff --git a/c/misra/src/rules/RULE-1-5/MissingStaticSpecifierObjectRedeclarationObsolete.ql b/c/misra/src/rules/RULE-1-5/MissingStaticSpecifierObjectRedeclarationObsolete.ql new file mode 100644 index 0000000000..5e32d57c6a --- /dev/null +++ b/c/misra/src/rules/RULE-1-5/MissingStaticSpecifierObjectRedeclarationObsolete.ql @@ -0,0 +1,23 @@ +/** + * @id c/misra/missing-static-specifier-object-redeclaration-obsolete + * @name RULE-1-5: If an object has internal linkage then all re-declarations shall include the static storage class + * @description Declaring an identifier with internal linkage without the static storage class + * specifier is an obselescent feature. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/misra/id/rule-1-5 + * readability + * external/misra/c/2012/amendment3 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.rules.missingstaticspecifierobjectredeclarationshared.MissingStaticSpecifierObjectRedeclarationShared + +class MissingStaticSpecifierObjectRedeclarationObsoleteQuery extends MissingStaticSpecifierObjectRedeclarationSharedSharedQuery { + MissingStaticSpecifierObjectRedeclarationObsoleteQuery() { + this = Language4Package::missingStaticSpecifierObjectRedeclarationObsoleteQuery() + } +} diff --git a/c/misra/src/rules/RULE-1-5/UngetcCallOnStreamPositionZero.ql b/c/misra/src/rules/RULE-1-5/UngetcCallOnStreamPositionZero.ql new file mode 100644 index 0000000000..a973442203 --- /dev/null +++ b/c/misra/src/rules/RULE-1-5/UngetcCallOnStreamPositionZero.ql @@ -0,0 +1,69 @@ +/** + * @id c/misra/ungetc-call-on-stream-position-zero + * @name RULE-1-5: Disallowed obsolescent usage of 'ungetc' on a file stream at position zero + * @description Calling the function 'ungetc' on a file stream with a position of zero is an + * obsolescent language feature. + * @kind problem + * @precision medium + * @problem.severity error + * @tags external/misra/id/rule-1-5 + * external/misra/c/2012/amendment3 + * security + * maintainability + * external/misra/obligation/required + */ + +import cpp +import semmle.code.cpp.dataflow.new.DataFlow +import semmle.code.cpp.controlflow.Dominance +import codingstandards.c.misra + +/** + * This is an inconclusive list, which is adequate, as RULE-21-3 provides + * assurance we won't have false negatives, or care too much about false + * positives. + */ +class MoveStreamPositionCall extends FunctionCall { + Expr streamArgument; + + MoveStreamPositionCall() { + getTarget().hasGlobalOrStdName("fgetc") and + streamArgument = getArgument(0) + or + getTarget().hasGlobalOrStdName("getc") and + streamArgument = getArgument(0) + or + getTarget().hasGlobalOrStdName("fget") and + streamArgument = getArgument(2) + or + getTarget().hasGlobalOrStdName("fscanf") and + streamArgument = getArgument(0) + or + getTarget().hasGlobalOrStdName("fsetpos") and + streamArgument = getArgument(0) + or + getTarget().hasGlobalOrStdName("fseek") and + streamArgument = getArgument(0) + or + getTarget().hasGlobalOrStdName("fread") and + streamArgument = getArgument(3) + } + + Expr getStreamArgument() { result = streamArgument } +} + +from FunctionCall ungetc, DataFlow::Node file +where + not isExcluded(ungetc, Language4Package::ungetcCallOnStreamPositionZeroQuery()) and + // ungetc() called on file stream + ungetc.getTarget().hasGlobalOrStdName("ungetc") and + DataFlow::localFlow(file, DataFlow::exprNode(ungetc.getArgument(1))) and + // ungetc() is not dominated by a fread() etc to that file stream + not exists(MoveStreamPositionCall moveStreamCall | + DataFlow::localFlow(file, DataFlow::exprNode(moveStreamCall.getStreamArgument())) and + dominates(moveStreamCall, ungetc) + ) + // the file stream is the root of the local data flow + and not DataFlow::localFlow(any(DataFlow::Node n | not n = file), file) +select ungetc, "Obsolescent call to ungetc on file stream $@ at position zero.", file, + file.toString() diff --git a/c/misra/src/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.ql b/c/misra/src/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.ql index 73294d776b..1136dd714e 100644 --- a/c/misra/src/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.ql +++ b/c/misra/src/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.ql @@ -14,46 +14,10 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.Identifiers +import codingstandards.cpp.rules.functiontypesnotinprototypeformshared.FunctionTypesNotInPrototypeFormShared -/** - * `Parameter`s without names - */ -class UnnamedParameter extends Parameter { - UnnamedParameter() { not this.isNamed() } +class FunctionTypesNotInPrototypeFormQuery extends FunctionTypesNotInPrototypeFormSharedSharedQuery { + FunctionTypesNotInPrototypeFormQuery() { + this = Declarations4Package::functionTypesNotInPrototypeFormQuery() + } } - -/* - * This is a copy of the private `hasZeroParamDecl` predicate from the standard set of - * queries as of the `codeql-cli/2.11.2` tag in `github/codeql`. - */ - -predicate hasZeroParamDecl(Function f) { - exists(FunctionDeclarationEntry fde | fde = f.getADeclarationEntry() | - not fde.isImplicit() and - not fde.hasVoidParamList() and - fde.getNumberOfParameters() = 0 and - not fde.isDefinition() - ) -} - -from Function f, string msg -where - not isExcluded(f, Declarations4Package::functionTypesNotInPrototypeFormQuery()) and - f instanceof InterestingIdentifiers and - ( - f.getAParameter() instanceof UnnamedParameter and - msg = "Function " + f + " declares parameter that is unnamed." - or - hasZeroParamDecl(f) and - msg = "Function " + f + " does not specify void for no parameters present." - or - //parameters declared in declaration list (not in function signature) - //have placeholder file location associated only - exists(Parameter p | - p.getFunction() = f and - not p.getFile() = f.getFile() and - msg = "Function " + f + " declares parameter in unsupported declaration list." - ) - ) -select f, msg diff --git a/c/misra/src/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.ql b/c/misra/src/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.ql index 65c878e883..6f731c636f 100644 --- a/c/misra/src/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.ql +++ b/c/misra/src/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.ql @@ -14,15 +14,10 @@ import cpp import codingstandards.c.misra +import codingstandards.cpp.rules.missingstaticspecifierobjectredeclarationshared.MissingStaticSpecifierObjectRedeclarationShared -from VariableDeclarationEntry redeclaration, VariableDeclarationEntry de -where - not isExcluded(redeclaration, - Declarations5Package::missingStaticSpecifierObjectRedeclarationCQuery()) and - //following implies de != redeclaration - de.hasSpecifier("static") and - not redeclaration.hasSpecifier("static") and - de.getDeclaration().isTopLevel() and - redeclaration.getDeclaration() = de.getDeclaration() -select redeclaration, "The redeclaration of $@ with internal linkage misses the static specifier.", - de, de.getName() +class MissingStaticSpecifierObjectRedeclarationCQuery extends MissingStaticSpecifierObjectRedeclarationSharedSharedQuery { + MissingStaticSpecifierObjectRedeclarationCQuery() { + this = Declarations5Package::missingStaticSpecifierObjectRedeclarationCQuery() + } +} diff --git a/c/misra/test/rules/RULE-1-5/CallToObsolescentFunctionGets.expected b/c/misra/test/rules/RULE-1-5/CallToObsolescentFunctionGets.expected new file mode 100644 index 0000000000..6e0088f4ac --- /dev/null +++ b/c/misra/test/rules/RULE-1-5/CallToObsolescentFunctionGets.expected @@ -0,0 +1 @@ +| test.c:36:3:36:6 | call to gets | Call to obsolescent function 'gets'. | diff --git a/c/misra/test/rules/RULE-1-5/CallToObsolescentFunctionGets.qlref b/c/misra/test/rules/RULE-1-5/CallToObsolescentFunctionGets.qlref new file mode 100644 index 0000000000..1a2ec096cf --- /dev/null +++ b/c/misra/test/rules/RULE-1-5/CallToObsolescentFunctionGets.qlref @@ -0,0 +1 @@ +rules/RULE-1-5/CallToObsolescentFunctionGets.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-1-5/FunctionTypesNotInPrototypeForm.expected b/c/misra/test/rules/RULE-1-5/FunctionTypesNotInPrototypeForm.expected deleted file mode 100644 index 29faec8b55..0000000000 --- a/c/misra/test/rules/RULE-1-5/FunctionTypesNotInPrototypeForm.expected +++ /dev/null @@ -1,2 +0,0 @@ -| test.c:38:6:38:7 | f2 | Function f2 does not specify void for no parameters present. | -| test.c:42:5:42:6 | f5 | Function f5 declares parameter in unsupported declaration list. | \ No newline at end of file diff --git a/c/misra/test/rules/RULE-1-5/FunctionTypesNotInPrototypeForm.qlref b/c/misra/test/rules/RULE-1-5/FunctionTypesNotInPrototypeForm.qlref deleted file mode 100644 index 0a6121b324..0000000000 --- a/c/misra/test/rules/RULE-1-5/FunctionTypesNotInPrototypeForm.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-8-2/FunctionTypesNotInPrototypeForm.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-1-5/FunctionTypesNotInPrototypeFormObsolete.testref b/c/misra/test/rules/RULE-1-5/FunctionTypesNotInPrototypeFormObsolete.testref new file mode 100644 index 0000000000..1a6a69fc24 --- /dev/null +++ b/c/misra/test/rules/RULE-1-5/FunctionTypesNotInPrototypeFormObsolete.testref @@ -0,0 +1 @@ +c/common/test/rules/functiontypesnotinprototypeformshared/FunctionTypesNotInPrototypeFormShared.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-1-5/MemoryAllocDeallocFunctionsOfStdlibhUsed.expected b/c/misra/test/rules/RULE-1-5/MemoryAllocDeallocFunctionsOfStdlibhUsed.expected deleted file mode 100644 index de87fc8542..0000000000 --- a/c/misra/test/rules/RULE-1-5/MemoryAllocDeallocFunctionsOfStdlibhUsed.expected +++ /dev/null @@ -1,3 +0,0 @@ -| test.c:8:12:8:17 | call to malloc | Use of banned dynamic memory allocation. | -| test.c:11:3:11:9 | call to realloc | Use of banned dynamic memory allocation. | -| test.c:14:3:14:9 | call to realloc | Use of banned dynamic memory allocation. | diff --git a/c/misra/test/rules/RULE-1-5/MemoryAllocDeallocFunctionsOfStdlibhUsed.qlref b/c/misra/test/rules/RULE-1-5/MemoryAllocDeallocFunctionsOfStdlibhUsed.qlref deleted file mode 100644 index 8f64b81ced..0000000000 --- a/c/misra/test/rules/RULE-1-5/MemoryAllocDeallocFunctionsOfStdlibhUsed.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-21-3/MemoryAllocDeallocFunctionsOfStdlibhUsed.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-1-5/MissingStaticSpecifierFuncRedeclarationObsolete.testref b/c/misra/test/rules/RULE-1-5/MissingStaticSpecifierFuncRedeclarationObsolete.testref new file mode 100644 index 0000000000..7d9f2ebc04 --- /dev/null +++ b/c/misra/test/rules/RULE-1-5/MissingStaticSpecifierFuncRedeclarationObsolete.testref @@ -0,0 +1 @@ +c/common/test/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-1-5/MissingStaticSpecifierObjectRedeclarationC.expected b/c/misra/test/rules/RULE-1-5/MissingStaticSpecifierObjectRedeclarationC.expected deleted file mode 100644 index 48275eb504..0000000000 --- a/c/misra/test/rules/RULE-1-5/MissingStaticSpecifierObjectRedeclarationC.expected +++ /dev/null @@ -1 +0,0 @@ -| test.c:35:12:35:13 | declaration of g5 | The redeclaration of $@ with internal linkage misses the static specifier. | test.c:34:12:34:13 | definition of g5 | g5 | diff --git a/c/misra/test/rules/RULE-1-5/MissingStaticSpecifierObjectRedeclarationC.qlref b/c/misra/test/rules/RULE-1-5/MissingStaticSpecifierObjectRedeclarationC.qlref deleted file mode 100644 index 70b6073e14..0000000000 --- a/c/misra/test/rules/RULE-1-5/MissingStaticSpecifierObjectRedeclarationC.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-1-5/MissingStaticSpecifierObjectRedeclarationObsolete.testref b/c/misra/test/rules/RULE-1-5/MissingStaticSpecifierObjectRedeclarationObsolete.testref new file mode 100644 index 0000000000..23ed7c9fc5 --- /dev/null +++ b/c/misra/test/rules/RULE-1-5/MissingStaticSpecifierObjectRedeclarationObsolete.testref @@ -0,0 +1 @@ +c/common/test/rules/missingstaticspecifierobjectredeclarationshared/MissingStaticSpecifierObjectRedeclarationShared.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-1-5/StandardLibraryInputoutputFunctionsUsed.expected b/c/misra/test/rules/RULE-1-5/StandardLibraryInputoutputFunctionsUsed.expected deleted file mode 100644 index 396b181150..0000000000 --- a/c/misra/test/rules/RULE-1-5/StandardLibraryInputoutputFunctionsUsed.expected +++ /dev/null @@ -1,3 +0,0 @@ -| test.c:53:3:53:8 | call to ungetc | Call to banned function ungetc. | -| test.c:56:3:56:7 | call to fread | Call to banned function fread. | -| test.c:58:3:58:8 | call to ungetc | Call to banned function ungetc. | diff --git a/c/misra/test/rules/RULE-1-5/StandardLibraryInputoutputFunctionsUsed.qlref b/c/misra/test/rules/RULE-1-5/StandardLibraryInputoutputFunctionsUsed.qlref deleted file mode 100644 index 0a8cd754ef..0000000000 --- a/c/misra/test/rules/RULE-1-5/StandardLibraryInputoutputFunctionsUsed.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-21-6/StandardLibraryInputoutputFunctionsUsed.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-1-5/UngetcCallOnStreamPositionZero.expected b/c/misra/test/rules/RULE-1-5/UngetcCallOnStreamPositionZero.expected new file mode 100644 index 0000000000..4dd298197f --- /dev/null +++ b/c/misra/test/rules/RULE-1-5/UngetcCallOnStreamPositionZero.expected @@ -0,0 +1 @@ +| test.c:40:3:40:8 | call to ungetc | Obsolescent call to ungetc on file stream $@ at position zero. | test.c:38:16:38:20 | call to fopen | call to fopen | diff --git a/c/misra/test/rules/RULE-1-5/UngetcCallOnStreamPositionZero.qlref b/c/misra/test/rules/RULE-1-5/UngetcCallOnStreamPositionZero.qlref new file mode 100644 index 0000000000..8c28919dcb --- /dev/null +++ b/c/misra/test/rules/RULE-1-5/UngetcCallOnStreamPositionZero.qlref @@ -0,0 +1 @@ +rules/RULE-1-5/UngetcCallOnStreamPositionZero.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-1-5/test.c b/c/misra/test/rules/RULE-1-5/test.c index 4709381898..7632e0a727 100644 --- a/c/misra/test/rules/RULE-1-5/test.c +++ b/c/misra/test/rules/RULE-1-5/test.c @@ -4,8 +4,8 @@ #include "stdlib.h" void f1(void) { - // malloc() is not obsolete, but banned by Rule 21.3 - int *t = malloc(10); // COMPLIANT[False Negative] + // malloc() is not obsolete, though it is banned by Rule 21.3 + int *t = malloc(10); // COMPLIANT // Obsolete usage of realloc. realloc(t, 0); // NON-COMPLIANT @@ -28,25 +28,12 @@ const extern int g2; // NON-COMPLIANT _Atomic int g3 = ATOMIC_VAR_INIT(18); // NON-COMPLIANT _Atomic int g4 = 18; // COMPLIANT -// The following cases are already covered by other rules: - -// Rule 8.8: -static int g5 = 3; // COMPLIANT -extern int g5; // NON-COMPLIANT - -// Rule 8.2: -void f2(); // NON-COMPLIANT -void f3(void); // COMPLIANT - -void f4(int p1){}; // COMPLIANT -int f5(x) // NON_COMPLIANT -int x; -{ return 1; } +// `gets` was removed from C11. +extern char* gets(FILE *stream); // Rule 21.6 covers the below cases: void f6(void) { - // `gets` was removed from C11. - // gets(stdin); // NON_COMPLIANT + gets(stdin); // NON_COMPLIANT FILE *file = fopen("", 0); // Obsolete usage of ungetc. @@ -54,6 +41,6 @@ void f6(void) { char buf[10]; fread(buf, sizeof(buf), 10, file); - // This is not an obsolete usage of ungetc, but ungetc isn't allowed. - ungetc('c', file); // NON-COMPLIANT[FALSE NEGATIVE] + // This is not an obsolete usage of ungetc, though ungetc isn't allowed by 21-3. + ungetc('c', file); // COMPLIANT } \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.expected b/c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.expected deleted file mode 100644 index 1264797088..0000000000 --- a/c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.expected +++ /dev/null @@ -1,4 +0,0 @@ -| test.c:8:6:8:7 | f1 | Function f1 declares parameter that is unnamed. | -| test.c:9:6:9:7 | f2 | Function f2 does not specify void for no parameters present. | -| test.c:10:6:10:7 | f3 | Function f3 does not specify void for no parameters present. | -| test.c:12:5:12:6 | f5 | Function f5 declares parameter in unsupported declaration list. | diff --git a/c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.qlref b/c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.qlref deleted file mode 100644 index 0a6121b324..0000000000 --- a/c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-8-2/FunctionTypesNotInPrototypeForm.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.testref b/c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.testref new file mode 100644 index 0000000000..1a6a69fc24 --- /dev/null +++ b/c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.testref @@ -0,0 +1 @@ +c/common/test/rules/functiontypesnotinprototypeformshared/FunctionTypesNotInPrototypeFormShared.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.expected b/c/misra/test/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.expected deleted file mode 100644 index 9c357cf38f..0000000000 --- a/c/misra/test/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.expected +++ /dev/null @@ -1 +0,0 @@ -| test.c:7:12:7:12 | declaration of g | The redeclaration of $@ with internal linkage misses the static specifier. | test.c:6:12:6:12 | definition of g | g | diff --git a/c/misra/test/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.qlref b/c/misra/test/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.qlref deleted file mode 100644 index 70b6073e14..0000000000 --- a/c/misra/test/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.testref b/c/misra/test/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.testref new file mode 100644 index 0000000000..23ed7c9fc5 --- /dev/null +++ b/c/misra/test/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.testref @@ -0,0 +1 @@ +c/common/test/rules/missingstaticspecifierobjectredeclarationshared/MissingStaticSpecifierObjectRedeclarationShared.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-8/test.c b/c/misra/test/rules/RULE-8-8/test.c deleted file mode 100644 index ba78432a40..0000000000 --- a/c/misra/test/rules/RULE-8-8/test.c +++ /dev/null @@ -1,13 +0,0 @@ -// Note: A subset of these cases are also tested in c/misra/test/rules/RULE-1-5 -// via a MissingStaticSpecifierObjectRedeclarationC.qlref and .expected file in -// that directory. Changes to these tests may require updating the test code or -// expectations in that directory as well. - -static int g = 0; -extern int g; // NON_COMPLIANT - -static int g1; -static int g1 = 0; // COMPLIANT - -int g2; -int g2 = 0; // COMPLIANT diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Language4.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Language4.qll index f26cae3e9a..7bca9feefc 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Language4.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Language4.qll @@ -4,11 +4,43 @@ import RuleMetadata import codingstandards.cpp.exclusions.RuleMetadata newtype Language4Query = + TMissingStaticSpecifierFuncRedeclarationObsoleteQuery() or + TMissingStaticSpecifierObjectRedeclarationObsoleteQuery() or + TFunctionTypesNotInPrototypeFormObsoleteQuery() or TUseOfObsoleteMacroAtomicVarInitQuery() or TInvalidDefineOrUndefOfStdBoolMacroQuery() or + TCallToObsolescentFunctionGetsQuery() or + TUngetcCallOnStreamPositionZeroQuery() or TCallToReallocWithSizeZeroQuery() predicate isLanguage4QueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `missingStaticSpecifierFuncRedeclarationObsolete` query + Language4Package::missingStaticSpecifierFuncRedeclarationObsoleteQuery() and + queryId = + // `@id` for the `missingStaticSpecifierFuncRedeclarationObsolete` query + "c/misra/missing-static-specifier-func-redeclaration-obsolete" and + ruleId = "RULE-1-5" and + category = "required" + or + query = + // `Query` instance for the `missingStaticSpecifierObjectRedeclarationObsolete` query + Language4Package::missingStaticSpecifierObjectRedeclarationObsoleteQuery() and + queryId = + // `@id` for the `missingStaticSpecifierObjectRedeclarationObsolete` query + "c/misra/missing-static-specifier-object-redeclaration-obsolete" and + ruleId = "RULE-1-5" and + category = "required" + or + query = + // `Query` instance for the `functionTypesNotInPrototypeFormObsolete` query + Language4Package::functionTypesNotInPrototypeFormObsoleteQuery() and + queryId = + // `@id` for the `functionTypesNotInPrototypeFormObsolete` query + "c/misra/function-types-not-in-prototype-form-obsolete" and + ruleId = "RULE-1-5" and + category = "required" + or query = // `Query` instance for the `useOfObsoleteMacroAtomicVarInit` query Language4Package::useOfObsoleteMacroAtomicVarInitQuery() and @@ -27,6 +59,24 @@ predicate isLanguage4QueryMetadata(Query query, string queryId, string ruleId, s ruleId = "RULE-1-5" and category = "required" or + query = + // `Query` instance for the `callToObsolescentFunctionGets` query + Language4Package::callToObsolescentFunctionGetsQuery() and + queryId = + // `@id` for the `callToObsolescentFunctionGets` query + "c/misra/call-to-obsolescent-function-gets" and + ruleId = "RULE-1-5" and + category = "required" + or + query = + // `Query` instance for the `ungetcCallOnStreamPositionZero` query + Language4Package::ungetcCallOnStreamPositionZeroQuery() and + queryId = + // `@id` for the `ungetcCallOnStreamPositionZero` query + "c/misra/ungetc-call-on-stream-position-zero" and + ruleId = "RULE-1-5" and + category = "required" + or query = // `Query` instance for the `callToReallocWithSizeZero` query Language4Package::callToReallocWithSizeZeroQuery() and @@ -38,6 +88,27 @@ predicate isLanguage4QueryMetadata(Query query, string queryId, string ruleId, s } module Language4Package { + Query missingStaticSpecifierFuncRedeclarationObsoleteQuery() { + //autogenerate `Query` type + result = + // `Query` type for `missingStaticSpecifierFuncRedeclarationObsolete` query + TQueryC(TLanguage4PackageQuery(TMissingStaticSpecifierFuncRedeclarationObsoleteQuery())) + } + + Query missingStaticSpecifierObjectRedeclarationObsoleteQuery() { + //autogenerate `Query` type + result = + // `Query` type for `missingStaticSpecifierObjectRedeclarationObsolete` query + TQueryC(TLanguage4PackageQuery(TMissingStaticSpecifierObjectRedeclarationObsoleteQuery())) + } + + Query functionTypesNotInPrototypeFormObsoleteQuery() { + //autogenerate `Query` type + result = + // `Query` type for `functionTypesNotInPrototypeFormObsolete` query + TQueryC(TLanguage4PackageQuery(TFunctionTypesNotInPrototypeFormObsoleteQuery())) + } + Query useOfObsoleteMacroAtomicVarInitQuery() { //autogenerate `Query` type result = @@ -52,6 +123,20 @@ module Language4Package { TQueryC(TLanguage4PackageQuery(TInvalidDefineOrUndefOfStdBoolMacroQuery())) } + Query callToObsolescentFunctionGetsQuery() { + //autogenerate `Query` type + result = + // `Query` type for `callToObsolescentFunctionGets` query + TQueryC(TLanguage4PackageQuery(TCallToObsolescentFunctionGetsQuery())) + } + + Query ungetcCallOnStreamPositionZeroQuery() { + //autogenerate `Query` type + result = + // `Query` type for `ungetcCallOnStreamPositionZero` query + TQueryC(TLanguage4PackageQuery(TUngetcCallOnStreamPositionZeroQuery())) + } + Query callToReallocWithSizeZeroQuery() { //autogenerate `Query` type result = diff --git a/cpp/common/src/codingstandards/cpp/rules/functiontypesnotinprototypeformshared/FunctionTypesNotInPrototypeFormShared.qll b/cpp/common/src/codingstandards/cpp/rules/functiontypesnotinprototypeformshared/FunctionTypesNotInPrototypeFormShared.qll new file mode 100644 index 0000000000..ecc84f8651 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/functiontypesnotinprototypeformshared/FunctionTypesNotInPrototypeFormShared.qll @@ -0,0 +1,54 @@ +/** + * Provides a library with a `problems` predicate for the following issue: + * The use of non-prototype format parameter type declarators is an obsolescent + * language feature. + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import codingstandards.cpp.Identifiers + +abstract class FunctionTypesNotInPrototypeFormSharedSharedQuery extends Query { } + +/** + * `Parameter`s without names + */ +class UnnamedParameter extends Parameter { + UnnamedParameter() { not this.isNamed() } +} + +/* + * This is a copy of the private `hasZeroParamDecl` predicate from the standard set of + * queries as of the `codeql-cli/2.11.2` tag in `github/codeql`. + */ +predicate hasZeroParamDecl(Function f) { + exists(FunctionDeclarationEntry fde | fde = f.getADeclarationEntry() | + not fde.isImplicit() and + not fde.hasVoidParamList() and + fde.getNumberOfParameters() = 0 and + not fde.isDefinition() + ) +} + +Query getQuery() { result instanceof FunctionTypesNotInPrototypeFormSharedSharedQuery } + +query predicate problems(Function f, string msg) { +not isExcluded(f, getQuery()) and + f instanceof InterestingIdentifiers and + ( + f.getAParameter() instanceof UnnamedParameter and + msg = "Function " + f + " declares parameter that is unnamed." + or + hasZeroParamDecl(f) and + msg = "Function " + f + " does not specify void for no parameters present." + or + //parameters declared in declaration list (not in function signature) + //have placeholder file location associated only + exists(Parameter p | + p.getFunction() = f and + not p.getFile() = f.getFile() and + msg = "Function " + f + " declares parameter in unsupported declaration list." + ) + ) +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/rules/missingstaticspecifierobjectredeclarationshared/MissingStaticSpecifierObjectRedeclarationShared.qll b/cpp/common/src/codingstandards/cpp/rules/missingstaticspecifierobjectredeclarationshared/MissingStaticSpecifierObjectRedeclarationShared.qll new file mode 100644 index 0000000000..90f28e6cc8 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/missingstaticspecifierobjectredeclarationshared/MissingStaticSpecifierObjectRedeclarationShared.qll @@ -0,0 +1,27 @@ +/** + * Provides a library with a `problems` predicate for the following issue: + * Declaring an identifier with internal linkage without the static storage class + * specifier is an obselescent feature. + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class MissingStaticSpecifierObjectRedeclarationSharedSharedQuery extends Query { } + +Query getQuery() { result instanceof MissingStaticSpecifierObjectRedeclarationSharedSharedQuery } + +query predicate problems( + VariableDeclarationEntry redeclaration, string message, VariableDeclarationEntry de, + string deString +) { + not isExcluded(redeclaration, getQuery()) and + //following implies de != redeclaration + de.hasSpecifier("static") and + not redeclaration.hasSpecifier("static") and + de.getDeclaration().isTopLevel() and + redeclaration.getDeclaration() = de.getDeclaration() and + message = "The redeclaration of $@ with internal linkage misses the static specifier." and + deString = de.getName() +} diff --git a/rule_packages/c/Declarations4.json b/rule_packages/c/Declarations4.json index 06475706f4..dedc6a73d4 100644 --- a/rule_packages/c/Declarations4.json +++ b/rule_packages/c/Declarations4.json @@ -12,6 +12,7 @@ "precision": "medium", "severity": "error", "short_name": "FunctionTypesNotInPrototypeForm", + "shared_implementation_short_name": "FunctionTypesNotInPrototypeFormShared", "tags": [ "correctness", "external/misra/c/2012/third-edition-first-revision" diff --git a/rule_packages/c/Declarations5.json b/rule_packages/c/Declarations5.json index 1106a1d705..36591e575b 100644 --- a/rule_packages/c/Declarations5.json +++ b/rule_packages/c/Declarations5.json @@ -71,6 +71,7 @@ "precision": "very-high", "severity": "warning", "short_name": "MissingStaticSpecifierObjectRedeclarationC", + "shared_implementation_short_name": "MissingStaticSpecifierObjectRedeclarationShared", "tags": [ "readability", "external/misra/c/2012/third-edition-first-revision" diff --git a/rule_packages/c/Language4.json b/rule_packages/c/Language4.json index 54708d73da..8698407b5f 100644 --- a/rule_packages/c/Language4.json +++ b/rule_packages/c/Language4.json @@ -5,6 +5,48 @@ "obligation": "required" }, "queries": [ + { + "description": "Declaring a function with internal linkage without the static storage class specifier is an obselescent feature.", + "kind": "problem", + "name": "If a function has internal linkage then all re-declarations shall include the static storage class", + "precision": "very-high", + "severity": "warning", + "short_name": "MissingStaticSpecifierFuncRedeclarationObsolete", + "shared_implementation_short_name": "MissingStaticSpecifierFunctionRedeclarationShared", + "tags": [ + "readability", + "external/misra/c/2012/amendment3" + ] + }, + { + "description": "Declaring an identifier with internal linkage without the static storage class specifier is an obselescent feature.", + "kind": "problem", + "name": "If an object has internal linkage then all re-declarations shall include the static storage class", + "precision": "very-high", + "severity": "warning", + "short_name": "MissingStaticSpecifierObjectRedeclarationObsolete", + "shared_implementation_short_name": "MissingStaticSpecifierObjectRedeclarationShared", + "tags": [ + "readability", + "external/misra/c/2012/amendment3" + ] + }, + { + "description": "The use of non-prototype format parameter type declarators is an obsolescent language feature.", + "kind": "problem", + "name": "Function types shall be in prototype form with named parameters", + "precision": "medium", + "severity": "error", + "short_name": "FunctionTypesNotInPrototypeFormObsolete", + "shared_implementation_short_name": "FunctionTypesNotInPrototypeFormShared", + "tags": [ + "correctness", + "external/misra/c/2012/amendment3" + ], + "implementation_scope": { + "description": "This query does not check for implicitly typed parameters and checks function declarations and definitions but not function pointer types." + } + }, { "description": "The macro ATOMIC_VAR_INIT is has been declared an obsolescent language feature since C18.", "kind": "problem", @@ -31,6 +73,32 @@ "external/misra/c/2012/amendment3" ] }, + { + "description": "The function 'gets' is an obsolescent language feature which was removed in C11.", + "kind": "problem", + "name": "Disallowed usage of obsolescent function 'gets'", + "precision": "very-high", + "severity": "error", + "short_name": "CallToObsolescentFunctionGets", + "tags": [ + "external/misra/c/2012/amendment3", + "security", + "maintainability" + ] + }, + { + "description": "Calling the function 'ungetc' on a file stream with a position of zero is an obsolescent language feature.", + "kind": "problem", + "name": "Disallowed obsolescent usage of 'ungetc' on a file stream at position zero", + "precision": "medium", + "severity": "error", + "short_name": "UngetcCallOnStreamPositionZero", + "tags": [ + "external/misra/c/2012/amendment3", + "security", + "maintainability" + ] + }, { "description": "Invoking realloc with a size argument set to zero is implementation-defined behavior and declared as an obsolete feature in C18.", "kind": "problem", @@ -48,13 +116,14 @@ "implementation_scope": { "description": "Not all items from Appendix F are covered by this rule. Some are not supportable and some are covered already by other rules.", "items": [ - "Appendix F, item ID 1 is covered by Rule 8.8 and not reported as part of this implementation of Rule 1.5.", + "Appendix F, item ID 1 is reported by both Rule 8.8 and by this implementation of Rule 1.5.", "Appendix F, item ID 2 refers to compiler behavior which cannot be statically analyzed.", "Appendix F, item ID 3, which states that storage-class specifiers may not be used except in the beginning of a declaration, is not supportable without additional changes to the CodeQL CLI.", + "Appendix F, item IDs 4 and 5 are reported by both Rule 8.2 and by this implementation of Rule 1.5.", "Appendix F, item ID 6 is reported for all C versions, though the macro ATOMIC_VAR_INIT was not officially declared obsolescent until C18.", - "Appendix F, item IDs 4 and 5 are covered by Rule 8.2 and not reported as part of this implementation of Rule 1.5.", - "Appendix F, item IDs 8 and 9 is covered by Rule 21.6 and not reported as part of this implementation of Rule 1.5.", - "Appendix F, item ID 10 is checked by this implementation of 1.5, though it is a redundant subset of cases reported by Rule 21.3.", + "Appendix F, item ID 8 is reported by both Rule 21.6 and by this implementation of Rule 1.5.", + "Appendix F, item ID 9 is reported by this implementation of 1.5, though all uses of ungetc() are also reported by Rule 21.3.", + "Appendix F, item ID 10 is reported by this implementation of 1.5, though all uses of realloc() are also reported by Rule 21.3.", "Appendix F, item ID 10 is reported for all C versions, as realloc() with a size argument of zero was implementation-defined behavior in C99 and C11." ] } From 061efb7cbe520ab022b5effb6a46f40f3a5fd0ca Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 17 Oct 2024 23:25:14 +0100 Subject: [PATCH 2147/2573] Rule 7.2: Add test for octal literals --- ...rUSuffixRepresentedInUnsignedType.expected | 6 ++ c/misra/test/rules/RULE-7-2/test.c | 88 +++++++++++++++++++ 2 files changed, 94 insertions(+) diff --git a/c/misra/test/rules/RULE-7-2/UOrUSuffixRepresentedInUnsignedType.expected b/c/misra/test/rules/RULE-7-2/UOrUSuffixRepresentedInUnsignedType.expected index 07cd56b3d9..0b460bb4bc 100644 --- a/c/misra/test/rules/RULE-7-2/UOrUSuffixRepresentedInUnsignedType.expected +++ b/c/misra/test/rules/RULE-7-2/UOrUSuffixRepresentedInUnsignedType.expected @@ -4,3 +4,9 @@ | test.c:162:3:162:21 | 9223372036854775808 | Unsigned literal 0x8000000000000000L does not explicitly express sign with a 'U' or 'u' suffix. | | test.c:185:3:185:22 | 9223372036854775808 | Unsigned literal 0x8000000000000000ll does not explicitly express sign with a 'U' or 'u' suffix. | | test.c:208:3:208:22 | 9223372036854775808 | Unsigned literal 0x8000000000000000LL does not explicitly express sign with a 'U' or 'u' suffix. | +| test.c:227:3:227:14 | 2147483648 | Unsigned literal 020000000000 does not explicitly express sign with a 'U' or 'u' suffix. | +| test.c:232:3:232:25 | 9223372036854775808 | Unsigned literal 01000000000000000000000 does not explicitly express sign with a 'U' or 'u' suffix. | +| test.c:249:3:249:26 | 9223372036854775808 | Unsigned literal 01000000000000000000000l does not explicitly express sign with a 'U' or 'u' suffix. | +| test.c:266:3:266:26 | 9223372036854775808 | Unsigned literal 01000000000000000000000L does not explicitly express sign with a 'U' or 'u' suffix. | +| test.c:283:3:283:26 | 9223372036854775808 | Unsigned literal 01000000000000000000000l does not explicitly express sign with a 'U' or 'u' suffix. | +| test.c:300:3:300:26 | 9223372036854775808 | Unsigned literal 01000000000000000000000L does not explicitly express sign with a 'U' or 'u' suffix. | diff --git a/c/misra/test/rules/RULE-7-2/test.c b/c/misra/test/rules/RULE-7-2/test.c index b95d2b1e02..b31957d1be 100644 --- a/c/misra/test/rules/RULE-7-2/test.c +++ b/c/misra/test/rules/RULE-7-2/test.c @@ -221,6 +221,94 @@ void test_hexadecimal_constants() { 0x8000000000000000LLu; // COMPLIANT - unsigned, but uses the suffix correctly } +void test_octal_constants() { + 00; // COMPLIANT - uses signed int + 017777777777; // COMPLIANT - max value held by signed int + 020000000000; // NON_COMPLIANT - larger than max signed int, so will be + // unsigned int + 040000000000; // COMPLIANT - larger than unsigned int, but smaller than long + // int + 0777777777777777777777; // COMPLIANT - max long int + 01000000000000000000000; // NON_COMPLIANT - larger than long int, so will be + // unsigned long int + 00U; // COMPLIANT - unsigned, but uses the suffix correctly + 017777777777U; // COMPLIANT - unsigned, but uses the suffix correctly + 020000000000U; // COMPLIANT - unsigned, but uses the suffix correctly + 040000000000U; // COMPLIANT - unsigned, but uses the suffix correctly + 0777777777777777777777U; // COMPLIANT - unsigned, but uses the suffix + // correctly + 01000000000000000000000U; // COMPLIANT - unsigned, but uses the suffix + // correctly + + // Use of the `l` suffix + 00l; // COMPLIANT - uses signed long + 017777777777l; // COMPLIANT - uses signed long + 020000000000l; // COMPLIANT - uses signed long + 040000000000l; // COMPLIANT - uses signed long + 0777777777777777777777l; // COMPLIANT - max long int + 01000000000000000000000l; // NON_COMPLIANT - larger than long int, so will be + // unsigned long int + 00Ul; // COMPLIANT - unsigned, but uses the suffix correctly + 017777777777Ul; // COMPLIANT - unsigned, but uses the suffix correctly + 020000000000Ul; // COMPLIANT - unsigned, but uses the suffix correctly + 040000000000Ul; // COMPLIANT - unsigned, but uses the suffix correctly + 0777777777777777777777Ul; // COMPLIANT - unsigned, but uses the suffix + // correctly + 01000000000000000000000Ul; // COMPLIANT - unsigned, but uses the suffix + // correctly + + // Use of the `L` suffix + 00L; // COMPLIANT - uses signed long + 017777777777L; // COMPLIANT - uses signed long + 020000000000L; // COMPLIANT - uses signed long + 040000000000L; // COMPLIANT - uses signed long + 0777777777777777777777L; // COMPLIANT - COMPLIANT - uses signed long + 01000000000000000000000L; // NON_COMPLIANT - larger than long int, so will be + // unsigned long int + 00UL; // COMPLIANT - unsigned, but uses the suffix correctly + 017777777777UL; // COMPLIANT - unsigned, but uses the suffix correctly + 020000000000UL; // COMPLIANT - unsigned, but uses the suffix correctly + 040000000000UL; // COMPLIANT - unsigned, but uses the suffix correctly + 0777777777777777777777UL; // COMPLIANT - unsigned, but uses the suffix + // correctly + 01000000000000000000000UL; // COMPLIANT - unsigned, but uses the suffix + // correctly + + // Use of the `ll` suffix + 00ll; // COMPLIANT - uses signed long long + 017777777777l; // COMPLIANT - uses signed long long + 020000000000l; // COMPLIANT - uses signed long long + 040000000000l; // COMPLIANT - uses signed long long + 0777777777777777777777l; // COMPLIANT - max long int + 01000000000000000000000l; // NON_COMPLIANT - larger than long int, so will be + // unsigned long int + 00Ul; // COMPLIANT - unsigned, but uses the suffix correctly + 017777777777Ul; // COMPLIANT - unsigned, but uses the suffix correctly + 020000000000Ul; // COMPLIANT - unsigned, but uses the suffix correctly + 040000000000Ul; // COMPLIANT - unsigned, but uses the suffix correctly + 0777777777777777777777Ul; // COMPLIANT - unsigned, but uses the suffix + // correctly + 01000000000000000000000Ul; // COMPLIANT - unsigned, but uses the suffix + // correctly + + // Use of the `LL` suffix + 00L; // COMPLIANT - uses signed long long + 017777777777L; // COMPLIANT - uses signed long long + 020000000000L; // COMPLIANT - uses signed long long + 040000000000L; // COMPLIANT - uses signed long long + 0777777777777777777777L; // COMPLIANT - max long int + 01000000000000000000000L; // NON_COMPLIANT - larger than long int, so will be + // unsigned long int + 00UL; // COMPLIANT - unsigned, but uses the suffix correctly + 017777777777UL; // COMPLIANT - unsigned, but uses the suffix correctly + 020000000000UL; // COMPLIANT - unsigned, but uses the suffix correctly + 040000000000UL; // COMPLIANT - unsigned, but uses the suffix correctly + 0777777777777777777777UL; // COMPLIANT - unsigned, but uses the suffix + // correctly + 01000000000000000000000UL; // COMPLIANT - unsigned, but uses the suffix + // correctly +} + #define COMPLIANT_VAL 0x80000000U #define NON_COMPLIANT_VAL 0x80000000 From b05afcaac10100bc56a429400192d41d3d425d99 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 17 Oct 2024 23:27:08 +0100 Subject: [PATCH 2148/2573] UnsignedIntegerLiterals: Add testing for octals --- ...rLiteralsNotAppropriatelySuffixed.expected | 13 +- .../test.cpp | 322 +++++++++++++++++- 2 files changed, 330 insertions(+), 5 deletions(-) diff --git a/cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed/UnsignedIntegerLiteralsNotAppropriatelySuffixed.expected b/cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed/UnsignedIntegerLiteralsNotAppropriatelySuffixed.expected index 56dce901dd..31579f857a 100644 --- a/cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed/UnsignedIntegerLiteralsNotAppropriatelySuffixed.expected +++ b/cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed/UnsignedIntegerLiteralsNotAppropriatelySuffixed.expected @@ -1 +1,12 @@ -| test.cpp:3:3:3:12 | 4294967295 | Hex literal is an unsigned integer but does not include a 'U' suffix. | +| test.cpp:111:3:111:12 | 2147483648 | Hex literal is an unsigned integer but does not include a 'U' suffix. | +| test.cpp:116:3:116:20 | 9223372036854775808 | Hex literal is an unsigned integer but does not include a 'U' suffix. | +| test.cpp:139:3:139:21 | 9223372036854775808 | Hex literal is an unsigned integer but does not include a 'U' suffix. | +| test.cpp:162:3:162:21 | 9223372036854775808 | Hex literal is an unsigned integer but does not include a 'U' suffix. | +| test.cpp:185:3:185:22 | 9223372036854775808 | Hex literal is an unsigned integer but does not include a 'U' suffix. | +| test.cpp:208:3:208:22 | 9223372036854775808 | Hex literal is an unsigned integer but does not include a 'U' suffix. | +| test.cpp:227:3:227:14 | 2147483648 | Octal literal is an unsigned integer but does not include a 'U' suffix. | +| test.cpp:232:3:232:25 | 9223372036854775808 | Octal literal is an unsigned integer but does not include a 'U' suffix. | +| test.cpp:249:3:249:26 | 9223372036854775808 | Octal literal is an unsigned integer but does not include a 'U' suffix. | +| test.cpp:266:3:266:26 | 9223372036854775808 | Octal literal is an unsigned integer but does not include a 'U' suffix. | +| test.cpp:283:3:283:26 | 9223372036854775808 | Octal literal is an unsigned integer but does not include a 'U' suffix. | +| test.cpp:300:3:300:26 | 9223372036854775808 | Octal literal is an unsigned integer but does not include a 'U' suffix. | diff --git a/cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed/test.cpp b/cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed/test.cpp index e5b3abfa47..b31957d1be 100644 --- a/cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed/test.cpp +++ b/cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed/test.cpp @@ -1,5 +1,319 @@ -void test_unsigned_literals_without_suffix() { - 0xFFFFFFFFU; // COMPLIANT - literal explicitly marked as unsigned - 0xFFFFFFFF; // NON_COMPLIANT - literal is too large for a signed int, so has - // type unsigned int +// Assumed platform in qltest is linux_x86_64, so +// int, long, long long sizes are assumed to be 32, 64, 64 bits respectively + +// The type of an integer constant is determined by "6.4.4.1 Integer constants" +// in the C11 Standard. The principle is that any decimal integer constant will +// be signed, unless it has the `U` or `u` suffix. Any hexadecimal integer will +// depend on whether it is larger than the maximum value of the smallest signed +// integer value that can hold the value. So the signedness depends on the +// magnitude of the constant. + +void test_decimal_constants() { + 0; // COMPLIANT + 2147483648; // COMPLIANT - larger than int, but decimal constants never use + // unsigned without the suffix, so will be `long` + 4294967296; // COMPLIANT - larger than unsigned int, still `long` + 9223372036854775807; // COMPLIANT - max long int + // 9223372036854775808; Not a valid integer constant, out of signed range + 0U; // COMPLIANT - unsigned, but uses the suffix correctly + 2147483648U; // COMPLIANT - unsigned, but uses the suffix correctly + 4294967296U; // COMPLIANT - unsigned, but uses the suffix correctly + 9223372036854775807U; // COMPLIANT - max long int + 9223372036854775808U; // COMPLIANT - explicitly unsigned, so can go large than + // max long int + 0u; // COMPLIANT - unsigned, but uses the suffix correctly + 2147483648u; // COMPLIANT - unsigned, but uses the suffix correctly + 4294967296u; // COMPLIANT - unsigned, but uses the suffix correctly + 9223372036854775807u; // COMPLIANT - max long int + 9223372036854775808u; // COMPLIANT - explicitly unsigned, so can go large than + // max long int + + // l suffix + 0l; // COMPLIANT + 2147483648l; // COMPLIANT - within the range of long int + 4294967296l; // COMPLIANT - within the range of long int + 9223372036854775807l; // COMPLIANT - max long int + // 9223372036854775808l; Not a valid integer constant, out of signed range + 0lU; // COMPLIANT - unsigned, but uses the suffix correctly + 2147483648lU; // COMPLIANT - unsigned, but uses the suffix correctly + 4294967296lU; // COMPLIANT - unsigned, but uses the suffix correctly + 9223372036854775807lU; // COMPLIANT - max long int + 9223372036854775808lU; // COMPLIANT - explicitly unsigned, so can go large + // than max long int + 0lu; // COMPLIANT - unsigned, but uses the suffix correctly + 2147483648lu; // COMPLIANT - unsigned, but uses the suffix correctly + 4294967296lu; // COMPLIANT - unsigned, but uses the suffix correctly + 9223372036854775807lu; // COMPLIANT - max long int + 9223372036854775808lu; // COMPLIANT - explicitly unsigned, so can go large + // than max long int + + // L suffix + 0L; // COMPLIANT + 2147483648L; // COMPLIANT - within the range of long int + 4294967296L; // COMPLIANT - within the range of long int + 9223372036854775807L; // COMPLIANT - max long int + // 9223372036854775808L; Not a valid integer constant, out of signed range + 0LU; // COMPLIANT - unsigned, but uses the suffix correctly + 2147483648LU; // COMPLIANT - unsigned, but uses the suffix correctly + 4294967296LU; // COMPLIANT - unsigned, but uses the suffix correctly + 9223372036854775807LU; // COMPLIANT - max long int + 9223372036854775808LU; // COMPLIANT - explicitly unsigned, so can go large + // than max long int + 0Lu; // COMPLIANT - unsigned, but uses the suffix correctly + 2147483648Lu; // COMPLIANT - unsigned, but uses the suffix correctly + 4294967296Lu; // COMPLIANT - unsigned, but uses the suffix correctly + 9223372036854775807Lu; // COMPLIANT - max long int + 9223372036854775808Lu; // COMPLIANT - explicitly unsigned, so can go large + // than max long int + + // ll suffix + 0ll; // COMPLIANT + 2147483648ll; // COMPLIANT - within the range of long long int + 4294967296ll; // COMPLIANT - within the range of long long int + 9223372036854775807ll; // COMPLIANT - max long long int + // 9223372036854775808ll; Not a valid integer constant, out of signed range + 0llU; // COMPLIANT - unsigned, but uses the suffix correctly + 2147483648llU; // COMPLIANT - unsigned, but uses the suffix correctly + 4294967296llU; // COMPLIANT - unsigned, but uses the suffix correctly + 9223372036854775807llU; // COMPLIANT - max long long int + 9223372036854775808llU; // COMPLIANT - explicitly unsigned, so can go large + // than max long long int + 0llu; // COMPLIANT - unsigned, but uses the suffix correctly + 2147483648llu; // COMPLIANT - unsigned, but uses the suffix correctly + 4294967296llu; // COMPLIANT - unsigned, but uses the suffix correctly + 9223372036854775807llu; // COMPLIANT - max long long int + 9223372036854775808llu; // COMPLIANT - explicitly unsigned, so can go large + // than max long long int + + // LL suffix + 0LL; // COMPLIANT + 2147483648LL; // COMPLIANT - within the range of long long int + 4294967296LL; // COMPLIANT - within the range of long long int + 9223372036854775807LL; // COMPLIANT - max long long int + // 9223372036854775808LL; Not a valid integer constant, out of signed range + 0LLU; // COMPLIANT - unsigned, but uses the suffix correctly + 2147483648LLU; // COMPLIANT - unsigned, but uses the suffix correctly + 4294967296LLU; // COMPLIANT - unsigned, but uses the suffix correctly + 9223372036854775807LLU; // COMPLIANT - max long long int + 9223372036854775808LLU; // COMPLIANT - explicitly unsigned, so can go large + // than max long long int + 0LLu; // COMPLIANT - unsigned, but uses the suffix correctly + 2147483648LLu; // COMPLIANT - unsigned, but uses the suffix correctly + 4294967296LLu; // COMPLIANT - unsigned, but uses the suffix correctly + 9223372036854775807LLu; // COMPLIANT - max long long int + 9223372036854775808LLu; // COMPLIANT - explicitly unsigned, so can go large + // than max long long int +} + +void test_hexadecimal_constants() { + 0x0; // COMPLIANT - uses signed int + 0x7FFFFFFF; // COMPLIANT - max value held by signed int + 0x80000000; // NON_COMPLIANT - larger than max signed int, so will be unsigned + // int + 0x100000000; // COMPLIANT - larger than unsigned int, but smaller than long + // int + 0x7FFFFFFFFFFFFFFF; // COMPLIANT - max long int + 0x8000000000000000; // NON_COMPLIANT - larger than long int, so will be + // unsigned long int + 0x0U; // COMPLIANT - unsigned, but uses the suffix correctly + 0x7FFFFFFFU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x80000000U; // COMPLIANT - unsigned, but uses the suffix correctly + 0x100000000U; // COMPLIANT - unsigned, but uses the suffix correctly + 0x7FFFFFFFFFFFFFFFU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x8000000000000000U; // COMPLIANT - unsigned, but uses the suffix correctly + 0x0u; // COMPLIANT - unsigned, but uses the suffix correctly + 0x7FFFFFFFu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x80000000u; // COMPLIANT - unsigned, but uses the suffix correctly + 0x100000000u; // COMPLIANT - unsigned, but uses the suffix correctly + 0x7FFFFFFFFFFFFFFFu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x8000000000000000u; // COMPLIANT - unsigned, but uses the suffix correctly + + // Use of the `l` suffix + 0x0l; // COMPLIANT - uses signed int + 0x7FFFFFFFl; // COMPLIANT - max value held by signed int + 0x80000000l; // COMPLIANT - larger than max signed int, but smaller than long + // int + 0x100000000l; // COMPLIANT - larger than unsigned int, but smaller than long + // int + 0x7FFFFFFFFFFFFFFFl; // COMPLIANT - max long int + 0x8000000000000000l; // NON_COMPLIANT - larger than long int, so will be + // unsigned long int + 0x0lU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x7FFFFFFFlU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x80000000lU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x100000000lU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x7FFFFFFFFFFFFFFFlU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x8000000000000000lU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x0lu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x7FFFFFFFlu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x80000000lu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x100000000lu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x7FFFFFFFFFFFFFFFlu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x8000000000000000lu; // COMPLIANT - unsigned, but uses the suffix correctly + + // Use of the `L` suffix + 0x0L; // COMPLIANT - uses signed int + 0x7FFFFFFFL; // COMPLIANT - max value held by signed int + 0x80000000L; // COMPLIANT - larger than max signed int, but smaller than long + // int + 0x100000000L; // COMPLIANT - larger than unsigned int, but smaller than long + // int + 0x7FFFFFFFFFFFFFFFL; // COMPLIANT - max long int + 0x8000000000000000L; // NON_COMPLIANT - larger than long int, so will be + // unsigned long int + 0x0LU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x7FFFFFFFLU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x80000000LU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x100000000LU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x7FFFFFFFFFFFFFFFLU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x8000000000000000LU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x0Lu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x7FFFFFFFLu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x80000000Lu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x100000000Lu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x7FFFFFFFFFFFFFFFLu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x8000000000000000Lu; // COMPLIANT - unsigned, but uses the suffix correctly + + // Use of the `ll` suffix + 0x0ll; // COMPLIANT - uses signed int + 0x7FFFFFFFll; // COMPLIANT - max value held by signed int + 0x80000000ll; // COMPLIANT - larger than max signed int, but smaller than long + // long int + 0x100000000ll; // COMPLIANT - larger than unsigned int, but smaller than long + // long int + 0x7FFFFFFFFFFFFFFFll; // COMPLIANT - max long long int + 0x8000000000000000ll; // NON_COMPLIANT - larger than long long int, so will be + // unsigned long long int + 0x0llU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x7FFFFFFFllU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x80000000llU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x100000000llU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x7FFFFFFFFFFFFFFFllU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x8000000000000000llU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x0llu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x7FFFFFFFllu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x80000000llu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x100000000llu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x7FFFFFFFFFFFFFFFllu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x8000000000000000llu; // COMPLIANT - unsigned, but uses the suffix correctly + + // Use of the `LL` suffix + 0x0LL; // COMPLIANT - uses signed int + 0x7FFFFFFFLL; // COMPLIANT - max value held by signed int + 0x80000000LL; // COMPLIANT - larger than max signed int, but smaller than long + // long int + 0x100000000LL; // COMPLIANT - larger than unsigned int, but smaller than long + // long int + 0x7FFFFFFFFFFFFFFFLL; // COMPLIANT - max long long int + 0x8000000000000000LL; // NON_COMPLIANT - larger than long long int, so will be + // unsigned long long int + 0x0LLU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x7FFFFFFFLLU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x80000000LLU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x100000000LLU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x7FFFFFFFFFFFFFFFLLU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x8000000000000000LLU; // COMPLIANT - unsigned, but uses the suffix correctly + 0x0LLu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x7FFFFFFFLLu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x80000000LLu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x100000000LLu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x7FFFFFFFFFFFFFFFLLu; // COMPLIANT - unsigned, but uses the suffix correctly + 0x8000000000000000LLu; // COMPLIANT - unsigned, but uses the suffix correctly +} + +void test_octal_constants() { + 00; // COMPLIANT - uses signed int + 017777777777; // COMPLIANT - max value held by signed int + 020000000000; // NON_COMPLIANT - larger than max signed int, so will be + // unsigned int + 040000000000; // COMPLIANT - larger than unsigned int, but smaller than long + // int + 0777777777777777777777; // COMPLIANT - max long int + 01000000000000000000000; // NON_COMPLIANT - larger than long int, so will be + // unsigned long int + 00U; // COMPLIANT - unsigned, but uses the suffix correctly + 017777777777U; // COMPLIANT - unsigned, but uses the suffix correctly + 020000000000U; // COMPLIANT - unsigned, but uses the suffix correctly + 040000000000U; // COMPLIANT - unsigned, but uses the suffix correctly + 0777777777777777777777U; // COMPLIANT - unsigned, but uses the suffix + // correctly + 01000000000000000000000U; // COMPLIANT - unsigned, but uses the suffix + // correctly + + // Use of the `l` suffix + 00l; // COMPLIANT - uses signed long + 017777777777l; // COMPLIANT - uses signed long + 020000000000l; // COMPLIANT - uses signed long + 040000000000l; // COMPLIANT - uses signed long + 0777777777777777777777l; // COMPLIANT - max long int + 01000000000000000000000l; // NON_COMPLIANT - larger than long int, so will be + // unsigned long int + 00Ul; // COMPLIANT - unsigned, but uses the suffix correctly + 017777777777Ul; // COMPLIANT - unsigned, but uses the suffix correctly + 020000000000Ul; // COMPLIANT - unsigned, but uses the suffix correctly + 040000000000Ul; // COMPLIANT - unsigned, but uses the suffix correctly + 0777777777777777777777Ul; // COMPLIANT - unsigned, but uses the suffix + // correctly + 01000000000000000000000Ul; // COMPLIANT - unsigned, but uses the suffix + // correctly + + // Use of the `L` suffix + 00L; // COMPLIANT - uses signed long + 017777777777L; // COMPLIANT - uses signed long + 020000000000L; // COMPLIANT - uses signed long + 040000000000L; // COMPLIANT - uses signed long + 0777777777777777777777L; // COMPLIANT - COMPLIANT - uses signed long + 01000000000000000000000L; // NON_COMPLIANT - larger than long int, so will be + // unsigned long int + 00UL; // COMPLIANT - unsigned, but uses the suffix correctly + 017777777777UL; // COMPLIANT - unsigned, but uses the suffix correctly + 020000000000UL; // COMPLIANT - unsigned, but uses the suffix correctly + 040000000000UL; // COMPLIANT - unsigned, but uses the suffix correctly + 0777777777777777777777UL; // COMPLIANT - unsigned, but uses the suffix + // correctly + 01000000000000000000000UL; // COMPLIANT - unsigned, but uses the suffix + // correctly + + // Use of the `ll` suffix + 00ll; // COMPLIANT - uses signed long long + 017777777777l; // COMPLIANT - uses signed long long + 020000000000l; // COMPLIANT - uses signed long long + 040000000000l; // COMPLIANT - uses signed long long + 0777777777777777777777l; // COMPLIANT - max long int + 01000000000000000000000l; // NON_COMPLIANT - larger than long int, so will be + // unsigned long int + 00Ul; // COMPLIANT - unsigned, but uses the suffix correctly + 017777777777Ul; // COMPLIANT - unsigned, but uses the suffix correctly + 020000000000Ul; // COMPLIANT - unsigned, but uses the suffix correctly + 040000000000Ul; // COMPLIANT - unsigned, but uses the suffix correctly + 0777777777777777777777Ul; // COMPLIANT - unsigned, but uses the suffix + // correctly + 01000000000000000000000Ul; // COMPLIANT - unsigned, but uses the suffix + // correctly + + // Use of the `LL` suffix + 00L; // COMPLIANT - uses signed long long + 017777777777L; // COMPLIANT - uses signed long long + 020000000000L; // COMPLIANT - uses signed long long + 040000000000L; // COMPLIANT - uses signed long long + 0777777777777777777777L; // COMPLIANT - max long int + 01000000000000000000000L; // NON_COMPLIANT - larger than long int, so will be + // unsigned long int + 00UL; // COMPLIANT - unsigned, but uses the suffix correctly + 017777777777UL; // COMPLIANT - unsigned, but uses the suffix correctly + 020000000000UL; // COMPLIANT - unsigned, but uses the suffix correctly + 040000000000UL; // COMPLIANT - unsigned, but uses the suffix correctly + 0777777777777777777777UL; // COMPLIANT - unsigned, but uses the suffix + // correctly + 01000000000000000000000UL; // COMPLIANT - unsigned, but uses the suffix + // correctly +} + +#define COMPLIANT_VAL 0x80000000U +#define NON_COMPLIANT_VAL 0x80000000 + +void test_macro() { + COMPLIANT_VAL; // COMPLIANT + NON_COMPLIANT_VAL; // NON_COMPLIANT[FALSE_NEGATIVE] - cannot determine suffix + // in macro expansions } \ No newline at end of file From 6c24820757e215f3f9be09e0b19916ba43155f1a Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 17 Oct 2024 23:37:45 +0100 Subject: [PATCH 2149/2573] Fix ll suffixes on tests --- ...rUSuffixRepresentedInUnsignedType.expected | 4 +- c/misra/test/rules/RULE-7-2/test.c | 60 +++++++++---------- ...rLiteralsNotAppropriatelySuffixed.expected | 4 +- .../test.cpp | 60 +++++++++---------- 4 files changed, 64 insertions(+), 64 deletions(-) diff --git a/c/misra/test/rules/RULE-7-2/UOrUSuffixRepresentedInUnsignedType.expected b/c/misra/test/rules/RULE-7-2/UOrUSuffixRepresentedInUnsignedType.expected index 0b460bb4bc..0d5504ba03 100644 --- a/c/misra/test/rules/RULE-7-2/UOrUSuffixRepresentedInUnsignedType.expected +++ b/c/misra/test/rules/RULE-7-2/UOrUSuffixRepresentedInUnsignedType.expected @@ -8,5 +8,5 @@ | test.c:232:3:232:25 | 9223372036854775808 | Unsigned literal 01000000000000000000000 does not explicitly express sign with a 'U' or 'u' suffix. | | test.c:249:3:249:26 | 9223372036854775808 | Unsigned literal 01000000000000000000000l does not explicitly express sign with a 'U' or 'u' suffix. | | test.c:266:3:266:26 | 9223372036854775808 | Unsigned literal 01000000000000000000000L does not explicitly express sign with a 'U' or 'u' suffix. | -| test.c:283:3:283:26 | 9223372036854775808 | Unsigned literal 01000000000000000000000l does not explicitly express sign with a 'U' or 'u' suffix. | -| test.c:300:3:300:26 | 9223372036854775808 | Unsigned literal 01000000000000000000000L does not explicitly express sign with a 'U' or 'u' suffix. | +| test.c:283:3:283:27 | 9223372036854775808 | Unsigned literal 01000000000000000000000ll does not explicitly express sign with a 'U' or 'u' suffix. | +| test.c:300:3:300:27 | 9223372036854775808 | Unsigned literal 01000000000000000000000LL does not explicitly express sign with a 'U' or 'u' suffix. | diff --git a/c/misra/test/rules/RULE-7-2/test.c b/c/misra/test/rules/RULE-7-2/test.c index b31957d1be..170e822023 100644 --- a/c/misra/test/rules/RULE-7-2/test.c +++ b/c/misra/test/rules/RULE-7-2/test.c @@ -275,38 +275,38 @@ void test_octal_constants() { // correctly // Use of the `ll` suffix - 00ll; // COMPLIANT - uses signed long long - 017777777777l; // COMPLIANT - uses signed long long - 020000000000l; // COMPLIANT - uses signed long long - 040000000000l; // COMPLIANT - uses signed long long - 0777777777777777777777l; // COMPLIANT - max long int - 01000000000000000000000l; // NON_COMPLIANT - larger than long int, so will be - // unsigned long int - 00Ul; // COMPLIANT - unsigned, but uses the suffix correctly - 017777777777Ul; // COMPLIANT - unsigned, but uses the suffix correctly - 020000000000Ul; // COMPLIANT - unsigned, but uses the suffix correctly - 040000000000Ul; // COMPLIANT - unsigned, but uses the suffix correctly - 0777777777777777777777Ul; // COMPLIANT - unsigned, but uses the suffix - // correctly - 01000000000000000000000Ul; // COMPLIANT - unsigned, but uses the suffix - // correctly + 00ll; // COMPLIANT - uses signed long long + 017777777777ll; // COMPLIANT - uses signed long long + 020000000000ll; // COMPLIANT - uses signed long long + 040000000000ll; // COMPLIANT - uses signed long long + 0777777777777777777777ll; // COMPLIANT - max long int + 01000000000000000000000ll; // NON_COMPLIANT - larger than long int, so will be + // unsigned long int + 00Ull; // COMPLIANT - unsigned, but uses the suffix correctly + 017777777777Ull; // COMPLIANT - unsigned, but uses the suffix correctly + 020000000000Ull; // COMPLIANT - unsigned, but uses the suffix correctly + 040000000000Ull; // COMPLIANT - unsigned, but uses the suffix correctly + 0777777777777777777777Ull; // COMPLIANT - unsigned, but uses the suffix + // correctly + 01000000000000000000000Ull; // COMPLIANT - unsigned, but uses the suffix + // correctly // Use of the `LL` suffix - 00L; // COMPLIANT - uses signed long long - 017777777777L; // COMPLIANT - uses signed long long - 020000000000L; // COMPLIANT - uses signed long long - 040000000000L; // COMPLIANT - uses signed long long - 0777777777777777777777L; // COMPLIANT - max long int - 01000000000000000000000L; // NON_COMPLIANT - larger than long int, so will be - // unsigned long int - 00UL; // COMPLIANT - unsigned, but uses the suffix correctly - 017777777777UL; // COMPLIANT - unsigned, but uses the suffix correctly - 020000000000UL; // COMPLIANT - unsigned, but uses the suffix correctly - 040000000000UL; // COMPLIANT - unsigned, but uses the suffix correctly - 0777777777777777777777UL; // COMPLIANT - unsigned, but uses the suffix - // correctly - 01000000000000000000000UL; // COMPLIANT - unsigned, but uses the suffix - // correctly + 00LL; // COMPLIANT - uses signed long long + 017777777777LL; // COMPLIANT - uses signed long long + 020000000000LL; // COMPLIANT - uses signed long long + 040000000000LL; // COMPLIANT - uses signed long long + 0777777777777777777777LL; // COMPLIANT - max long int + 01000000000000000000000LL; // NON_COMPLIANT - larger than long int, so will be + // unsigned long int + 00ULL; // COMPLIANT - unsigned, but uses the suffix correctly + 017777777777ULL; // COMPLIANT - unsigned, but uses the suffix correctly + 020000000000ULL; // COMPLIANT - unsigned, but uses the suffix correctly + 040000000000ULL; // COMPLIANT - unsigned, but uses the suffix correctly + 0777777777777777777777ULL; // COMPLIANT - unsigned, but uses the suffix + // correctly + 01000000000000000000000ULL; // COMPLIANT - unsigned, but uses the suffix + // correctly } #define COMPLIANT_VAL 0x80000000U diff --git a/cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed/UnsignedIntegerLiteralsNotAppropriatelySuffixed.expected b/cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed/UnsignedIntegerLiteralsNotAppropriatelySuffixed.expected index 31579f857a..5987f8ca45 100644 --- a/cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed/UnsignedIntegerLiteralsNotAppropriatelySuffixed.expected +++ b/cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed/UnsignedIntegerLiteralsNotAppropriatelySuffixed.expected @@ -8,5 +8,5 @@ | test.cpp:232:3:232:25 | 9223372036854775808 | Octal literal is an unsigned integer but does not include a 'U' suffix. | | test.cpp:249:3:249:26 | 9223372036854775808 | Octal literal is an unsigned integer but does not include a 'U' suffix. | | test.cpp:266:3:266:26 | 9223372036854775808 | Octal literal is an unsigned integer but does not include a 'U' suffix. | -| test.cpp:283:3:283:26 | 9223372036854775808 | Octal literal is an unsigned integer but does not include a 'U' suffix. | -| test.cpp:300:3:300:26 | 9223372036854775808 | Octal literal is an unsigned integer but does not include a 'U' suffix. | +| test.cpp:283:3:283:27 | 9223372036854775808 | Octal literal is an unsigned integer but does not include a 'U' suffix. | +| test.cpp:300:3:300:27 | 9223372036854775808 | Octal literal is an unsigned integer but does not include a 'U' suffix. | diff --git a/cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed/test.cpp b/cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed/test.cpp index b31957d1be..170e822023 100644 --- a/cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed/test.cpp +++ b/cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed/test.cpp @@ -275,38 +275,38 @@ void test_octal_constants() { // correctly // Use of the `ll` suffix - 00ll; // COMPLIANT - uses signed long long - 017777777777l; // COMPLIANT - uses signed long long - 020000000000l; // COMPLIANT - uses signed long long - 040000000000l; // COMPLIANT - uses signed long long - 0777777777777777777777l; // COMPLIANT - max long int - 01000000000000000000000l; // NON_COMPLIANT - larger than long int, so will be - // unsigned long int - 00Ul; // COMPLIANT - unsigned, but uses the suffix correctly - 017777777777Ul; // COMPLIANT - unsigned, but uses the suffix correctly - 020000000000Ul; // COMPLIANT - unsigned, but uses the suffix correctly - 040000000000Ul; // COMPLIANT - unsigned, but uses the suffix correctly - 0777777777777777777777Ul; // COMPLIANT - unsigned, but uses the suffix - // correctly - 01000000000000000000000Ul; // COMPLIANT - unsigned, but uses the suffix - // correctly + 00ll; // COMPLIANT - uses signed long long + 017777777777ll; // COMPLIANT - uses signed long long + 020000000000ll; // COMPLIANT - uses signed long long + 040000000000ll; // COMPLIANT - uses signed long long + 0777777777777777777777ll; // COMPLIANT - max long int + 01000000000000000000000ll; // NON_COMPLIANT - larger than long int, so will be + // unsigned long int + 00Ull; // COMPLIANT - unsigned, but uses the suffix correctly + 017777777777Ull; // COMPLIANT - unsigned, but uses the suffix correctly + 020000000000Ull; // COMPLIANT - unsigned, but uses the suffix correctly + 040000000000Ull; // COMPLIANT - unsigned, but uses the suffix correctly + 0777777777777777777777Ull; // COMPLIANT - unsigned, but uses the suffix + // correctly + 01000000000000000000000Ull; // COMPLIANT - unsigned, but uses the suffix + // correctly // Use of the `LL` suffix - 00L; // COMPLIANT - uses signed long long - 017777777777L; // COMPLIANT - uses signed long long - 020000000000L; // COMPLIANT - uses signed long long - 040000000000L; // COMPLIANT - uses signed long long - 0777777777777777777777L; // COMPLIANT - max long int - 01000000000000000000000L; // NON_COMPLIANT - larger than long int, so will be - // unsigned long int - 00UL; // COMPLIANT - unsigned, but uses the suffix correctly - 017777777777UL; // COMPLIANT - unsigned, but uses the suffix correctly - 020000000000UL; // COMPLIANT - unsigned, but uses the suffix correctly - 040000000000UL; // COMPLIANT - unsigned, but uses the suffix correctly - 0777777777777777777777UL; // COMPLIANT - unsigned, but uses the suffix - // correctly - 01000000000000000000000UL; // COMPLIANT - unsigned, but uses the suffix - // correctly + 00LL; // COMPLIANT - uses signed long long + 017777777777LL; // COMPLIANT - uses signed long long + 020000000000LL; // COMPLIANT - uses signed long long + 040000000000LL; // COMPLIANT - uses signed long long + 0777777777777777777777LL; // COMPLIANT - max long int + 01000000000000000000000LL; // NON_COMPLIANT - larger than long int, so will be + // unsigned long int + 00ULL; // COMPLIANT - unsigned, but uses the suffix correctly + 017777777777ULL; // COMPLIANT - unsigned, but uses the suffix correctly + 020000000000ULL; // COMPLIANT - unsigned, but uses the suffix correctly + 040000000000ULL; // COMPLIANT - unsigned, but uses the suffix correctly + 0777777777777777777777ULL; // COMPLIANT - unsigned, but uses the suffix + // correctly + 01000000000000000000000ULL; // COMPLIANT - unsigned, but uses the suffix + // correctly } #define COMPLIANT_VAL 0x80000000U From 8760c3c6663819343f8ca5450ed026f79b137d90 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 17 Oct 2024 23:43:33 +0100 Subject: [PATCH 2150/2573] Add change note --- change_notes/2024-10-17-suffixes.md | 4 + ...ntegerLiteralsNotAppropriatelySuffixed.qll | 2 + ...rLiteralsNotAppropriatelySuffixed.expected | 6 + .../test.cpp | 227 ++++++++++++++++++ 4 files changed, 239 insertions(+) create mode 100644 change_notes/2024-10-17-suffixes.md diff --git a/change_notes/2024-10-17-suffixes.md b/change_notes/2024-10-17-suffixes.md new file mode 100644 index 0000000000..16d8ca4cda --- /dev/null +++ b/change_notes/2024-10-17-suffixes.md @@ -0,0 +1,4 @@ + - `5.13.4` - `UnsignedLiteralsNotAppropriatelySuffixed.ql`: + - Expand detection to binary literals. + - `M2-13-3` - `MissingUSuffix.ql`: + - Expand detection to binary literals. \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/rules/unsignedintegerliteralsnotappropriatelysuffixed/UnsignedIntegerLiteralsNotAppropriatelySuffixed.qll b/cpp/common/src/codingstandards/cpp/rules/unsignedintegerliteralsnotappropriatelysuffixed/UnsignedIntegerLiteralsNotAppropriatelySuffixed.qll index 0b9ccb17f1..a9535d9bfc 100644 --- a/cpp/common/src/codingstandards/cpp/rules/unsignedintegerliteralsnotappropriatelysuffixed/UnsignedIntegerLiteralsNotAppropriatelySuffixed.qll +++ b/cpp/common/src/codingstandards/cpp/rules/unsignedintegerliteralsnotappropriatelysuffixed/UnsignedIntegerLiteralsNotAppropriatelySuffixed.qll @@ -19,6 +19,8 @@ query predicate problems(Cpp14Literal::NumericLiteral nl, string message) { nl instanceof Cpp14Literal::OctalLiteral and literalKind = "Octal" or nl instanceof Cpp14Literal::HexLiteral and literalKind = "Hex" + or + nl instanceof Cpp14Literal::BinaryLiteral and literalKind = "Binary" ) and // This either directly has an unsigned integer type, or it is converted to an unsigned integer type nl.getType().getUnspecifiedType().(IntegralType).isUnsigned() and diff --git a/cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed/UnsignedIntegerLiteralsNotAppropriatelySuffixed.expected b/cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed/UnsignedIntegerLiteralsNotAppropriatelySuffixed.expected index 5987f8ca45..3326ede548 100644 --- a/cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed/UnsignedIntegerLiteralsNotAppropriatelySuffixed.expected +++ b/cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed/UnsignedIntegerLiteralsNotAppropriatelySuffixed.expected @@ -10,3 +10,9 @@ | test.cpp:266:3:266:26 | 9223372036854775808 | Octal literal is an unsigned integer but does not include a 'U' suffix. | | test.cpp:283:3:283:27 | 9223372036854775808 | Octal literal is an unsigned integer but does not include a 'U' suffix. | | test.cpp:300:3:300:27 | 9223372036854775808 | Octal literal is an unsigned integer but does not include a 'U' suffix. | +| test.cpp:315:3:315:36 | 2147483648 | Binary literal is an unsigned integer but does not include a 'U' suffix. | +| test.cpp:322:3:322:68 | 9223372036854775808 | Binary literal is an unsigned integer but does not include a 'U' suffix. | +| test.cpp:365:3:365:69 | 9223372036854775808 | Binary literal is an unsigned integer but does not include a 'U' suffix. | +| test.cpp:412:3:412:69 | 9223372036854775808 | Binary literal is an unsigned integer but does not include a 'U' suffix. | +| test.cpp:457:3:457:70 | 9223372036854775808 | Binary literal is an unsigned integer but does not include a 'U' suffix. | +| test.cpp:502:3:502:70 | 9223372036854775808 | Binary literal is an unsigned integer but does not include a 'U' suffix. | diff --git a/cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed/test.cpp b/cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed/test.cpp index 170e822023..fcbd51b3de 100644 --- a/cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed/test.cpp +++ b/cpp/common/test/rules/unsignedintegerliteralsnotappropriatelysuffixed/test.cpp @@ -309,6 +309,233 @@ void test_octal_constants() { // correctly } +void test_binary_constants() { + 0b0; // COMPLIANT - uses signed int + 0b1111111111111111111111111111111; // COMPLIANT - max value held by signed int + 0b10000000000000000000000000000000; // NON_COMPLIANT - larger than max signed + // int, so will be unsigned int + 0b100000000000000000000000000000000; // COMPLIANT - larger than unsigned int, + // but smaller than long int + 0b111111111111111111111111111111111111111111111111111111111111111; // COMPLIANT + // - max + // long int + 0b1000000000000000000000000000000000000000000000000000000000000000; // NON_COMPLIANT + // - + // larger + // than + // long + // int, so + // will be + // unsigned + // long + // int + 0b0U; // COMPLIANT - unsigned, but uses the suffix correctly + 0b1111111111111111111111111111111U; // COMPLIANT - unsigned, but uses the + // suffix correctly + 0b10000000000000000000000000000000U; // COMPLIANT - unsigned, but uses the + // suffix correctly + 0b100000000000000000000000000000000U; // COMPLIANT - unsigned, but uses the + // suffix correctly + 0b111111111111111111111111111111111111111111111111111111111111111U; // COMPLIANT + // - + // unsigned, + // but + // uses + // the + // suffix + // correctly + 0b1000000000000000000000000000000000000000000000000000000000000000U; // COMPLIANT + // - + // unsigned, + // but + // uses + // the + // suffix + // correctly + + // Use of the `l` suffix + 0b0l; // COMPLIANT - uses signed long + 0b1111111111111111111111111111111l; // COMPLIANT - uses signed long + 0b10000000000000000000000000000000l; // COMPLIANT - uses signed long + 0b100000000000000000000000000000000l; // COMPLIANT - uses signed long + 0b111111111111111111111111111111111111111111111111111111111111111l; // COMPLIANT + // - max + // long + // int + 0b1000000000000000000000000000000000000000000000000000000000000000l; // NON_COMPLIANT + // - + // larger + // than + // long + // int, + // so + // will + // be + // unsigned + // long + // int + 0b0Ul; // COMPLIANT - unsigned, but uses the suffix correctly + 0b1111111111111111111111111111111Ul; // COMPLIANT - unsigned, but uses the + // suffix correctly + 0b10000000000000000000000000000000Ul; // COMPLIANT - unsigned, but uses the + // suffix correctly + 0b100000000000000000000000000000000Ul; // COMPLIANT - unsigned, but uses the + // suffix correctly + 0b111111111111111111111111111111111111111111111111111111111111111Ul; // COMPLIANT + // - + // unsigned, + // but + // uses + // the + // suffix + // correctly + 0b1000000000000000000000000000000000000000000000000000000000000000Ul; // COMPLIANT + // - + // unsigned, + // but + // uses + // the + // suffix + // correctly + + // Use of the `L` suffix + 0b0L; // COMPLIANT - uses signed long + 0b1111111111111111111111111111111L; // COMPLIANT - uses signed long + 0b10000000000000000000000000000000L; // COMPLIANT - uses signed long + 0b100000000000000000000000000000000L; // COMPLIANT - uses signed long + 0b111111111111111111111111111111111111111111111111111111111111111L; // COMPLIANT + // - + // COMPLIANT + // - uses + // signed + // long + 0b1000000000000000000000000000000000000000000000000000000000000000L; // NON_COMPLIANT + // - + // larger + // than + // long + // int, + // so + // will + // be + // unsigned + // long + // int + 0b0UL; // COMPLIANT - unsigned, but uses the suffix correctly + 0b1111111111111111111111111111111UL; // COMPLIANT - unsigned, but uses the + // suffix correctly + 0b10000000000000000000000000000000UL; // COMPLIANT - unsigned, but uses the + // suffix correctly + 0b100000000000000000000000000000000UL; // COMPLIANT - unsigned, but uses the + // suffix correctly + 0b111111111111111111111111111111111111111111111111111111111111111UL; // COMPLIANT + // - + // unsigned, + // but + // uses + // the + // suffix + // correctly + 0b1000000000000000000000000000000000000000000000000000000000000000UL; // COMPLIANT + // - + // unsigned, + // but + // uses + // the + // suffix + // correctly + + // Use of the `ll` suffix + 0b0ll; // COMPLIANT - uses signed long long + 0b1111111111111111111111111111111ll; // COMPLIANT - uses signed long long + 0b10000000000000000000000000000000ll; // COMPLIANT - uses signed long long + 0b100000000000000000000000000000000ll; // COMPLIANT - uses signed long long + 0b111111111111111111111111111111111111111111111111111111111111111ll; // COMPLIANT + // - max + // long + // int + 0b1000000000000000000000000000000000000000000000000000000000000000ll; // NON_COMPLIANT + // - + // larger + // than + // long + // int, + // so + // will + // be + // unsigned + // long + // int + 0b0Ull; // COMPLIANT - unsigned, but uses the suffix correctly + 0b1111111111111111111111111111111Ull; // COMPLIANT - unsigned, but uses the + // suffix correctly + 0b10000000000000000000000000000000Ull; // COMPLIANT - unsigned, but uses the + // suffix correctly + 0b100000000000000000000000000000000Ull; // COMPLIANT - unsigned, but uses the + // suffix correctly + 0b111111111111111111111111111111111111111111111111111111111111111Ull; // COMPLIANT + // - + // unsigned, + // but + // uses + // the + // suffix + // correctly + 0b1000000000000000000000000000000000000000000000000000000000000000Ull; // COMPLIANT + // - + // unsigned, + // but + // uses + // the + // suffix + // correctly + + // Use of the `LL` suffix + 00LL; // COMPLIANT - uses signed long long + 0b1111111111111111111111111111111LL; // COMPLIANT - uses signed long long + 0b10000000000000000000000000000000LL; // COMPLIANT - uses signed long long + 0b100000000000000000000000000000000LL; // COMPLIANT - uses signed long long + 0b111111111111111111111111111111111111111111111111111111111111111LL; // COMPLIANT + // - max + // long + // int + 0b1000000000000000000000000000000000000000000000000000000000000000LL; // NON_COMPLIANT + // - + // larger + // than + // long + // int, + // so + // will + // be + // unsigned + // long + // int + 00ULL; // COMPLIANT - unsigned, but uses the suffix correctly + 0b1111111111111111111111111111111ULL; // COMPLIANT - unsigned, but uses the + // suffix correctly + 0b10000000000000000000000000000000ULL; // COMPLIANT - unsigned, but uses the + // suffix correctly + 0b100000000000000000000000000000000ULL; // COMPLIANT - unsigned, but uses the + // suffix correctly + 0b111111111111111111111111111111111111111111111111111111111111111ULL; // COMPLIANT + // - + // unsigned, + // but + // uses + // the + // suffix + // correctly + 0b1000000000000000000000000000000000000000000000000000000000000000ULL; // COMPLIANT + // - + // unsigned, + // but + // uses + // the + // suffix + // correctly +} + #define COMPLIANT_VAL 0x80000000U #define NON_COMPLIANT_VAL 0x80000000 From 2b909fb32128c8457b0f0ce2640ccb6531071a85 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 17 Oct 2024 23:59:44 +0100 Subject: [PATCH 2151/2573] A5-2-6: Avoid reporting cases with the same operator --- change_notes/2024-10-17-a5-2-6-no-ambiguity.md | 2 ++ .../src/rules/A5-2-6/OperandsOfALogicalAndOrNotParenthesized.ql | 2 ++ cpp/autosar/test/rules/A5-2-6/test.cpp | 2 ++ 3 files changed, 6 insertions(+) create mode 100644 change_notes/2024-10-17-a5-2-6-no-ambiguity.md diff --git a/change_notes/2024-10-17-a5-2-6-no-ambiguity.md b/change_notes/2024-10-17-a5-2-6-no-ambiguity.md new file mode 100644 index 0000000000..661c1c7ab7 --- /dev/null +++ b/change_notes/2024-10-17-a5-2-6-no-ambiguity.md @@ -0,0 +1,2 @@ + - `A5-2-6` - `OperandsOfAlogicalAndOrNotParenthesized.ql`: + - Remove false positives where the operator is identical. \ No newline at end of file diff --git a/cpp/autosar/src/rules/A5-2-6/OperandsOfALogicalAndOrNotParenthesized.ql b/cpp/autosar/src/rules/A5-2-6/OperandsOfALogicalAndOrNotParenthesized.ql index dd63288587..b35c4c96ea 100644 --- a/cpp/autosar/src/rules/A5-2-6/OperandsOfALogicalAndOrNotParenthesized.ql +++ b/cpp/autosar/src/rules/A5-2-6/OperandsOfALogicalAndOrNotParenthesized.ql @@ -21,6 +21,8 @@ from BinaryLogicalOperation op, BinaryOperation binop where not isExcluded(op, OrderOfEvaluationPackage::operandsOfALogicalAndOrNotParenthesizedQuery()) and op.getAnOperand() = binop and + // Ignore cases with the same operator + not op.getOperator() = binop.getOperator() and not exists(ParenthesisExpr p | p = binop.getFullyConverted()) and // Exclude binary operations expanded by a macro. not binop.isInMacroExpansion() diff --git a/cpp/autosar/test/rules/A5-2-6/test.cpp b/cpp/autosar/test/rules/A5-2-6/test.cpp index 0649f7dbc9..961eef3b36 100644 --- a/cpp/autosar/test/rules/A5-2-6/test.cpp +++ b/cpp/autosar/test/rules/A5-2-6/test.cpp @@ -25,6 +25,8 @@ void f2(int p1, int p2) { f1(); } + (p1 > 0) && (p2 > 0) && (p1 > p2); // COMPLIANT - no ambiguity + Sample *sample_ptr = &sample; if ((p1 > 0) || sample_ptr->x) { // COMPLIANT: struct member accessors with From 5235b0b0bec377d7887ff76fd4609147c8ef2724 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 18 Oct 2024 00:04:16 +0100 Subject: [PATCH 2152/2573] A5-2-6: Improve alert message Attempt to clarify which expression is to be parenthesized --- change_notes/2024-10-17-a5-2-6-no-ambiguity.md | 3 ++- .../OperandsOfALogicalAndOrNotParenthesized.ql | 13 ++++++++++--- ...OperandsOfALogicalAndOrNotParenthesized.expected | 6 +++--- 3 files changed, 15 insertions(+), 7 deletions(-) diff --git a/change_notes/2024-10-17-a5-2-6-no-ambiguity.md b/change_notes/2024-10-17-a5-2-6-no-ambiguity.md index 661c1c7ab7..6e00b3bbaf 100644 --- a/change_notes/2024-10-17-a5-2-6-no-ambiguity.md +++ b/change_notes/2024-10-17-a5-2-6-no-ambiguity.md @@ -1,2 +1,3 @@ - `A5-2-6` - `OperandsOfAlogicalAndOrNotParenthesized.ql`: - - Remove false positives where the operator is identical. \ No newline at end of file + - Remove false positives where the operator is identical. + - Improve alert message to clarify which expression needs to be parenthesized. \ No newline at end of file diff --git a/cpp/autosar/src/rules/A5-2-6/OperandsOfALogicalAndOrNotParenthesized.ql b/cpp/autosar/src/rules/A5-2-6/OperandsOfALogicalAndOrNotParenthesized.ql index b35c4c96ea..b2c3120556 100644 --- a/cpp/autosar/src/rules/A5-2-6/OperandsOfALogicalAndOrNotParenthesized.ql +++ b/cpp/autosar/src/rules/A5-2-6/OperandsOfALogicalAndOrNotParenthesized.ql @@ -17,13 +17,20 @@ import cpp import codingstandards.cpp.autosar -from BinaryLogicalOperation op, BinaryOperation binop +from BinaryLogicalOperation op, BinaryOperation binop, string leftOrRight where not isExcluded(op, OrderOfEvaluationPackage::operandsOfALogicalAndOrNotParenthesizedQuery()) and - op.getAnOperand() = binop and + ( + op.getLeftOperand() = binop and + leftOrRight = "Left" + or + op.getRightOperand() = binop and + leftOrRight = "Right" + ) and // Ignore cases with the same operator not op.getOperator() = binop.getOperator() and not exists(ParenthesisExpr p | p = binop.getFullyConverted()) and // Exclude binary operations expanded by a macro. not binop.isInMacroExpansion() -select op, "Binary $@ operand of logical operation is not parenthesized.", binop, "operator" +select op, "$@ of logical operation " + op.getOperator() + " is not parenthesized.", binop, + leftOrRight + " operand " + binop.getOperator() diff --git a/cpp/autosar/test/rules/A5-2-6/OperandsOfALogicalAndOrNotParenthesized.expected b/cpp/autosar/test/rules/A5-2-6/OperandsOfALogicalAndOrNotParenthesized.expected index 90516e6d96..34dbb0db4d 100644 --- a/cpp/autosar/test/rules/A5-2-6/OperandsOfALogicalAndOrNotParenthesized.expected +++ b/cpp/autosar/test/rules/A5-2-6/OperandsOfALogicalAndOrNotParenthesized.expected @@ -1,3 +1,3 @@ -| test.cpp:3:7:3:23 | ... && ... | Binary $@ operand of logical operation is not parenthesized. | test.cpp:3:7:3:12 | ... > ... | operator | -| test.cpp:3:7:3:23 | ... && ... | Binary $@ operand of logical operation is not parenthesized. | test.cpp:3:17:3:23 | ... < ... | operator | -| test.cpp:7:7:7:24 | ... \|\| ... | Binary $@ operand of logical operation is not parenthesized. | test.cpp:7:19:7:24 | ... > ... | operator | +| test.cpp:3:7:3:23 | ... && ... | $@ of logical operation && is not parenthesized. | test.cpp:3:7:3:12 | ... > ... | Left operand > | +| test.cpp:3:7:3:23 | ... && ... | $@ of logical operation && is not parenthesized. | test.cpp:3:17:3:23 | ... < ... | Right operand < | +| test.cpp:7:7:7:24 | ... \|\| ... | $@ of logical operation \|\| is not parenthesized. | test.cpp:7:19:7:24 | ... > ... | Right operand > | From 1908bbf71887d9a1e118f36276cdc6ffadeb1ffc Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 17 Oct 2024 16:25:08 -0700 Subject: [PATCH 2153/2573] Format queries and tests --- .../RULE-1-5/FunctionTypesNotInPrototypeFormObsolete.ql | 3 ++- .../MissingStaticSpecifierFuncRedeclarationObsolete.ql | 3 ++- .../MissingStaticSpecifierObjectRedeclarationObsolete.ql | 3 ++- .../MissingStaticSpecifierObjectRedeclarationC.ql | 3 ++- .../RULE-1-5/UngetcCallOnStreamPositionZero.expected | 9 ++++++++- c/misra/test/rules/RULE-1-5/test.c | 5 +++-- 6 files changed, 19 insertions(+), 7 deletions(-) diff --git a/c/misra/src/rules/RULE-1-5/FunctionTypesNotInPrototypeFormObsolete.ql b/c/misra/src/rules/RULE-1-5/FunctionTypesNotInPrototypeFormObsolete.ql index 8f0e626bc8..645285f438 100644 --- a/c/misra/src/rules/RULE-1-5/FunctionTypesNotInPrototypeFormObsolete.ql +++ b/c/misra/src/rules/RULE-1-5/FunctionTypesNotInPrototypeFormObsolete.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.functiontypesnotinprototypeformshared.FunctionTypesNotInPrototypeFormShared -class FunctionTypesNotInPrototypeFormObsoleteQuery extends FunctionTypesNotInPrototypeFormSharedSharedQuery { +class FunctionTypesNotInPrototypeFormObsoleteQuery extends FunctionTypesNotInPrototypeFormSharedSharedQuery +{ FunctionTypesNotInPrototypeFormObsoleteQuery() { this = Language4Package::functionTypesNotInPrototypeFormObsoleteQuery() } diff --git a/c/misra/src/rules/RULE-1-5/MissingStaticSpecifierFuncRedeclarationObsolete.ql b/c/misra/src/rules/RULE-1-5/MissingStaticSpecifierFuncRedeclarationObsolete.ql index 5a70e0287a..ba800885ef 100644 --- a/c/misra/src/rules/RULE-1-5/MissingStaticSpecifierFuncRedeclarationObsolete.ql +++ b/c/misra/src/rules/RULE-1-5/MissingStaticSpecifierFuncRedeclarationObsolete.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.missingstaticspecifierfunctionredeclarationshared.MissingStaticSpecifierFunctionRedeclarationShared -class MissingStaticSpecifierFuncRedeclarationObsoleteQuery extends MissingStaticSpecifierFunctionRedeclarationSharedSharedQuery { +class MissingStaticSpecifierFuncRedeclarationObsoleteQuery extends MissingStaticSpecifierFunctionRedeclarationSharedSharedQuery +{ MissingStaticSpecifierFuncRedeclarationObsoleteQuery() { this = Language4Package::missingStaticSpecifierFuncRedeclarationObsoleteQuery() } diff --git a/c/misra/src/rules/RULE-1-5/MissingStaticSpecifierObjectRedeclarationObsolete.ql b/c/misra/src/rules/RULE-1-5/MissingStaticSpecifierObjectRedeclarationObsolete.ql index 5e32d57c6a..9f9953aa6f 100644 --- a/c/misra/src/rules/RULE-1-5/MissingStaticSpecifierObjectRedeclarationObsolete.ql +++ b/c/misra/src/rules/RULE-1-5/MissingStaticSpecifierObjectRedeclarationObsolete.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.missingstaticspecifierobjectredeclarationshared.MissingStaticSpecifierObjectRedeclarationShared -class MissingStaticSpecifierObjectRedeclarationObsoleteQuery extends MissingStaticSpecifierObjectRedeclarationSharedSharedQuery { +class MissingStaticSpecifierObjectRedeclarationObsoleteQuery extends MissingStaticSpecifierObjectRedeclarationSharedSharedQuery +{ MissingStaticSpecifierObjectRedeclarationObsoleteQuery() { this = Language4Package::missingStaticSpecifierObjectRedeclarationObsoleteQuery() } diff --git a/c/misra/src/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.ql b/c/misra/src/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.ql index 6f731c636f..877ef19d2a 100644 --- a/c/misra/src/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.ql +++ b/c/misra/src/rules/RULE-8-8/MissingStaticSpecifierObjectRedeclarationC.ql @@ -16,7 +16,8 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.missingstaticspecifierobjectredeclarationshared.MissingStaticSpecifierObjectRedeclarationShared -class MissingStaticSpecifierObjectRedeclarationCQuery extends MissingStaticSpecifierObjectRedeclarationSharedSharedQuery { +class MissingStaticSpecifierObjectRedeclarationCQuery extends MissingStaticSpecifierObjectRedeclarationSharedSharedQuery +{ MissingStaticSpecifierObjectRedeclarationCQuery() { this = Declarations5Package::missingStaticSpecifierObjectRedeclarationCQuery() } diff --git a/c/misra/test/rules/RULE-1-5/UngetcCallOnStreamPositionZero.expected b/c/misra/test/rules/RULE-1-5/UngetcCallOnStreamPositionZero.expected index 4dd298197f..3a6f6bc821 100644 --- a/c/misra/test/rules/RULE-1-5/UngetcCallOnStreamPositionZero.expected +++ b/c/misra/test/rules/RULE-1-5/UngetcCallOnStreamPositionZero.expected @@ -1 +1,8 @@ -| test.c:40:3:40:8 | call to ungetc | Obsolescent call to ungetc on file stream $@ at position zero. | test.c:38:16:38:20 | call to fopen | call to fopen | +edges +| test.c:38:16:38:20 | call to fopen indirection | test.c:40:15:40:18 | file indirection | +nodes +| test.c:38:16:38:20 | call to fopen indirection | semmle.label | call to fopen indirection | +| test.c:40:15:40:18 | file indirection | semmle.label | file indirection | +subpaths +#select +| test.c:40:15:40:18 | file indirection | test.c:38:16:38:20 | call to fopen indirection | test.c:40:15:40:18 | file indirection | Obsolescent call to ungetc on file stream $@ at position zero. | test.c:38:16:38:20 | call to fopen indirection | call to fopen indirection | diff --git a/c/misra/test/rules/RULE-1-5/test.c b/c/misra/test/rules/RULE-1-5/test.c index 7632e0a727..38d701c44b 100644 --- a/c/misra/test/rules/RULE-1-5/test.c +++ b/c/misra/test/rules/RULE-1-5/test.c @@ -29,7 +29,7 @@ _Atomic int g3 = ATOMIC_VAR_INIT(18); // NON-COMPLIANT _Atomic int g4 = 18; // COMPLIANT // `gets` was removed from C11. -extern char* gets(FILE *stream); +extern char *gets(FILE *stream); // Rule 21.6 covers the below cases: void f6(void) { @@ -41,6 +41,7 @@ void f6(void) { char buf[10]; fread(buf, sizeof(buf), 10, file); - // This is not an obsolete usage of ungetc, though ungetc isn't allowed by 21-3. + // This is not an obsolete usage of ungetc, though ungetc isn't allowed by + // 21-3. ungetc('c', file); // COMPLIANT } \ No newline at end of file From fd9eb8a0ee86cd53ec1c82c202756aba71c9140a Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 17 Oct 2024 16:25:30 -0700 Subject: [PATCH 2154/2573] Remodel ungetc() query as a sanitization/path problem --- .../UngetcCallOnStreamPositionZero.ql | 42 ++++++++++++------- 1 file changed, 27 insertions(+), 15 deletions(-) diff --git a/c/misra/src/rules/RULE-1-5/UngetcCallOnStreamPositionZero.ql b/c/misra/src/rules/RULE-1-5/UngetcCallOnStreamPositionZero.ql index a973442203..8a1615d08c 100644 --- a/c/misra/src/rules/RULE-1-5/UngetcCallOnStreamPositionZero.ql +++ b/c/misra/src/rules/RULE-1-5/UngetcCallOnStreamPositionZero.ql @@ -3,7 +3,7 @@ * @name RULE-1-5: Disallowed obsolescent usage of 'ungetc' on a file stream at position zero * @description Calling the function 'ungetc' on a file stream with a position of zero is an * obsolescent language feature. - * @kind problem + * @kind path-problem * @precision medium * @problem.severity error * @tags external/misra/id/rule-1-5 @@ -52,18 +52,30 @@ class MoveStreamPositionCall extends FunctionCall { Expr getStreamArgument() { result = streamArgument } } -from FunctionCall ungetc, DataFlow::Node file +module FilePositionZeroFlowConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node node) { + node.asIndirectExpr().(FunctionCall).getTarget().hasGlobalOrStdName("fopen") + } + + predicate isSink(DataFlow::Node node) { + exists(FunctionCall fc | + fc.getTarget().hasGlobalOrStdName("ungetc") and + node.asIndirectExpr() = fc.getArgument(1) + ) + } + + predicate isBarrierIn(DataFlow::Node node) { + exists(MoveStreamPositionCall fc | node.asIndirectExpr() = fc.getStreamArgument()) + } +} + +module FilePositionZeroFlow = DataFlow::Global; + +import FilePositionZeroFlow::PathGraph + +from FilePositionZeroFlow::PathNode sink, FilePositionZeroFlow::PathNode source where - not isExcluded(ungetc, Language4Package::ungetcCallOnStreamPositionZeroQuery()) and - // ungetc() called on file stream - ungetc.getTarget().hasGlobalOrStdName("ungetc") and - DataFlow::localFlow(file, DataFlow::exprNode(ungetc.getArgument(1))) and - // ungetc() is not dominated by a fread() etc to that file stream - not exists(MoveStreamPositionCall moveStreamCall | - DataFlow::localFlow(file, DataFlow::exprNode(moveStreamCall.getStreamArgument())) and - dominates(moveStreamCall, ungetc) - ) - // the file stream is the root of the local data flow - and not DataFlow::localFlow(any(DataFlow::Node n | not n = file), file) -select ungetc, "Obsolescent call to ungetc on file stream $@ at position zero.", file, - file.toString() + not isExcluded(sink.getNode().asExpr(), Language4Package::ungetcCallOnStreamPositionZeroQuery()) and + FilePositionZeroFlow::flowPath(source, sink) +select sink.getNode(), source, sink, + "Obsolescent call to ungetc on file stream $@ at position zero.", source, source.toString() From 46b272ac2833b15984686eb6cb5569d03cfe177b Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 17 Oct 2024 16:30:12 -0700 Subject: [PATCH 2155/2573] Fix query metadata --- c/misra/src/rules/RULE-1-5/UngetcCallOnStreamPositionZero.ql | 2 +- rule_packages/c/Language4.json | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/c/misra/src/rules/RULE-1-5/UngetcCallOnStreamPositionZero.ql b/c/misra/src/rules/RULE-1-5/UngetcCallOnStreamPositionZero.ql index 8a1615d08c..6a10c94030 100644 --- a/c/misra/src/rules/RULE-1-5/UngetcCallOnStreamPositionZero.ql +++ b/c/misra/src/rules/RULE-1-5/UngetcCallOnStreamPositionZero.ql @@ -4,7 +4,7 @@ * @description Calling the function 'ungetc' on a file stream with a position of zero is an * obsolescent language feature. * @kind path-problem - * @precision medium + * @precision high * @problem.severity error * @tags external/misra/id/rule-1-5 * external/misra/c/2012/amendment3 diff --git a/rule_packages/c/Language4.json b/rule_packages/c/Language4.json index 8698407b5f..fb448bd8a3 100644 --- a/rule_packages/c/Language4.json +++ b/rule_packages/c/Language4.json @@ -88,9 +88,9 @@ }, { "description": "Calling the function 'ungetc' on a file stream with a position of zero is an obsolescent language feature.", - "kind": "problem", + "kind": "path-problem", "name": "Disallowed obsolescent usage of 'ungetc' on a file stream at position zero", - "precision": "medium", + "precision": "high", "severity": "error", "short_name": "UngetcCallOnStreamPositionZero", "tags": [ From b94ab828dd73ee41aecce7d7ec01e72bbdae7237 Mon Sep 17 00:00:00 2001 From: Fernando Jose Date: Fri, 18 Oct 2024 14:44:08 +0900 Subject: [PATCH 2156/2573] Fix typo and update generation script message. --- scripts/generate_rules/generate_package_description.py | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/scripts/generate_rules/generate_package_description.py b/scripts/generate_rules/generate_package_description.py index bf993af574..843d3bd78f 100644 --- a/scripts/generate_rules/generate_package_description.py +++ b/scripts/generate_rules/generate_package_description.py @@ -197,11 +197,10 @@ def generate_short_name(title): json.dump(package_description, rule_package_file, indent=2, sort_keys=True) print("Rule package file generated at " + str(rule_package_file_path) + ".") print("") - print("A default query has been generated for each for each rule. Please review each rule in the generated JSON file and:") + print("A default query has been generated for each rule. Please review each rule in the generated JSON file and:") print(" (1) Add additional queries as required") print(" (2) Confirm that the following auto-generated properties are appropriate:") - print(" - 'camel_name'.") print(" - 'precision'.") - print(" - 'query_name'.") + print(" - 'short_name'.") print(" - 'severity'.") print(" (3) Add additional 'tags' as required, particularly 'security' or 'correctness'.") From bc2aac35e64699819989b9f765dfe5b4ebdaedd6 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 18 Oct 2024 09:57:18 +0100 Subject: [PATCH 2157/2573] Ignore deleted constructors when considering whether a base class is initialized --- change_notes/2024-10-18-init-base-class-deleted.md | 2 ++ .../InitializeAllVirtualBaseClasses.qll | 2 ++ .../test/rules/initializeallvirtualbaseclasses/test.cpp | 9 +++++++++ 3 files changed, 13 insertions(+) create mode 100644 change_notes/2024-10-18-init-base-class-deleted.md diff --git a/change_notes/2024-10-18-init-base-class-deleted.md b/change_notes/2024-10-18-init-base-class-deleted.md new file mode 100644 index 0000000000..992e1e88a2 --- /dev/null +++ b/change_notes/2024-10-18-init-base-class-deleted.md @@ -0,0 +1,2 @@ +- `A12-1-1`, `RULE-15-1-2` - `InitializeAllVirtualBaseClasses.ql`, `ExplicitConstructorBaseClassInitialization.ql`: + - Remove false positives for deleted member functions. \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/rules/initializeallvirtualbaseclasses/InitializeAllVirtualBaseClasses.qll b/cpp/common/src/codingstandards/cpp/rules/initializeallvirtualbaseclasses/InitializeAllVirtualBaseClasses.qll index b3cfe203ac..ffb08283cd 100644 --- a/cpp/common/src/codingstandards/cpp/rules/initializeallvirtualbaseclasses/InitializeAllVirtualBaseClasses.qll +++ b/cpp/common/src/codingstandards/cpp/rules/initializeallvirtualbaseclasses/InitializeAllVirtualBaseClasses.qll @@ -38,6 +38,8 @@ query predicate problems( not c.isCompilerGenerated() and // Not a defaulted constructor not c.isDefaulted() and + // Not a deleted constructor + not c.isDeleted() and declaringType_string = declaringType.getSimpleName() and baseClass_string = baseClass.getSimpleName() and message = diff --git a/cpp/common/test/rules/initializeallvirtualbaseclasses/test.cpp b/cpp/common/test/rules/initializeallvirtualbaseclasses/test.cpp index 7721da8b01..8e6b318b19 100644 --- a/cpp/common/test/rules/initializeallvirtualbaseclasses/test.cpp +++ b/cpp/common/test/rules/initializeallvirtualbaseclasses/test.cpp @@ -61,4 +61,13 @@ class Derived6 : public Base2 { private: Base2 b; +}; + +class Base3 {}; + +class Derived7 final : public Base3 { +public: + Derived7() = delete; // COMPLIANT + Derived7(const Derived7 &) = delete; // COMPLIANT + Derived7(Derived7 &&) = delete; // COMPLIANT }; \ No newline at end of file From f548ebb56675efe01a44f48cef1c6b7abc99f8a9 Mon Sep 17 00:00:00 2001 From: knewbury01 Date: Fri, 18 Oct 2024 21:55:05 +0000 Subject: [PATCH 2158/2573] Bump version to 2.37.0-dev --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- docs/user_manual.md | 12 ++++++------ 16 files changed, 21 insertions(+), 21 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index f0daa6334a..09d40aed0b 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards -version: 2.36.0-dev +version: 2.37.0-dev description: CERT C 2016 suites: codeql-suites license: MIT diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index 7a700897b0..b9ae07d6ef 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards-tests -version: 2.36.0-dev +version: 2.37.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 5f18365483..9793da257e 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards -version: 2.36.0-dev +version: 2.37.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index 47b71ea34a..ec8fdff257 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards-tests -version: 2.36.0-dev +version: 2.37.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 9d0ed62e06..a7b19e707c 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards -version: 2.36.0-dev +version: 2.37.0-dev description: MISRA C 2012 suites: codeql-suites license: MIT diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index bc2f2e7546..b205f34897 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards-tests -version: 2.36.0-dev +version: 2.37.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index 93a0f4bd9a..3b48c14255 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards -version: 2.36.0-dev +version: 2.37.0-dev description: AUTOSAR C++14 Guidelines R22-11, R21-11, R20-11, R19-11 and R19-03 suites: codeql-suites license: MIT diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index 41a02a6afb..d470b12f70 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards-tests -version: 2.36.0-dev +version: 2.37.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index 3a85e2aa20..be45e129ad 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards -version: 2.36.0-dev +version: 2.37.0-dev description: CERT C++ 2016 suites: codeql-suites license: MIT diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index 2464828aac..ae70b1f71c 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards-tests -version: 2.36.0-dev +version: 2.37.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index b7f90b4cd3..ba215c7d20 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards -version: 2.36.0-dev +version: 2.37.0-dev license: MIT dependencies: codeql/cpp-all: 0.12.2 diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index 249c64696e..de878794a7 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards-tests -version: 2.36.0-dev +version: 2.37.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index b713614f68..a09da80932 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards -version: 2.36.0-dev +version: 2.37.0-dev description: MISRA C++ 2023 default-suite: codeql-suites/misra-cpp-default.qls license: MIT diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index 0267a9ec70..e77a784a18 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards-tests -version: 2.36.0-dev +version: 2.37.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index f90669908d..5f698e7dd7 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/report-cpp-coding-standards -version: 2.36.0-dev +version: 2.37.0-dev license: MIT dependencies: codeql/cpp-all: 0.12.2 diff --git a/docs/user_manual.md b/docs/user_manual.md index db0f836339..2c99421851 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -31,13 +31,13 @@ ## Release information -This user manual documents release `2.36.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). +This user manual documents release `2.37.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). The release page documents the release notes and contains the following artifacts part of the release: -- `code-scanning-cpp-query-pack-2.36.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `supported_rules_list_2.36.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. -- `supported_rules_list_2.36.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. -- `user_manual_2.36.0-dev.md`: This user manual. +- `code-scanning-cpp-query-pack-2.37.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. +- `supported_rules_list_2.37.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. +- `supported_rules_list_2.37.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. +- `user_manual_2.37.0-dev.md`: This user manual. - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards - `checksums.txt`: A text file containing sha256 checksums for the aforementioned artifacts. @@ -503,7 +503,7 @@ This section describes known failure modes for "CodeQL Coding Standards" and des | | Ouf of space | Less output. Some files may be only be partially analyzed, or not analyzed at all. | Error reported on the command line. | Increase space. If it remains an issue report space consumption issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False positives | More output. Results are reported which are not violations of the guidelines. | All reported results must be reviewed. | Report false positive issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False negatives | Less output. Violations of the guidelines are not reported. | Other validation and verification processes during software development should be used to complement the analysis performed by CodeQL Coding Standards. | Report false negative issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | -| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.36.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | +| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.37.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | | | Incorrect deviation record specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation records with a reason. Ensure that all deviation records are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Incorrect deviation permit specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation permits with a reason. Ensure that all deviation permits are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Unapproved use of a deviation record | Less output. Results for guideline violations are not reported. | Validate that the deviation record use is approved by verifying the approved-by attribute of the deviation record specification. | Ensure that each raised deviation record is approved by an independent approver through an auditable process. | From f59040284efd42e5f59d0996ad4a8dbae8b44341 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 18 Oct 2024 14:45:31 -0700 Subject: [PATCH 2159/2573] Implement alignment package for MISRA-C 2012 amendment 3 --- ...clarationOfObjectWithUnmatchedAlignment.ql | 47 +++++++++ .../RedeclarationOfObjectWithoutAlignment.ql | 99 +++++++++++++++++++ .../rules/RULE-8-16/AlignmentWithSizeZero.ql | 24 +++++ ...eThanOneAlignmentSpecifierOnDeclaration.ql | 35 +++++++ ...ionOfObjectWithUnmatchedAlignment.expected | 8 ++ ...rationOfObjectWithUnmatchedAlignment.qlref | 1 + ...clarationOfObjectWithoutAlignment.expected | 2 + ...edeclarationOfObjectWithoutAlignment.qlref | 1 + c/misra/test/rules/RULE-8-15/test.c | 35 +++++++ .../RULE-8-16/AlignmentWithSizeZero.expected | 4 + .../RULE-8-16/AlignmentWithSizeZero.qlref | 1 + c/misra/test/rules/RULE-8-16/test.c | 14 +++ ...neAlignmentSpecifierOnDeclaration.expected | 6 ++ ...anOneAlignmentSpecifierOnDeclaration.qlref | 1 + c/misra/test/rules/RULE-8-17/test.c | 16 +++ .../cpp/exclusions/c/Alignment.qll | 78 +++++++++++++++ .../cpp/exclusions/c/RuleMetadata.qll | 3 + rule_packages/c/Alignment.json | 79 +++++++++++++++ 18 files changed, 454 insertions(+) create mode 100644 c/misra/src/rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.ql create mode 100644 c/misra/src/rules/RULE-8-15/RedeclarationOfObjectWithoutAlignment.ql create mode 100644 c/misra/src/rules/RULE-8-16/AlignmentWithSizeZero.ql create mode 100644 c/misra/src/rules/RULE-8-17/MoreThanOneAlignmentSpecifierOnDeclaration.ql create mode 100644 c/misra/test/rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.expected create mode 100644 c/misra/test/rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.qlref create mode 100644 c/misra/test/rules/RULE-8-15/RedeclarationOfObjectWithoutAlignment.expected create mode 100644 c/misra/test/rules/RULE-8-15/RedeclarationOfObjectWithoutAlignment.qlref create mode 100644 c/misra/test/rules/RULE-8-15/test.c create mode 100644 c/misra/test/rules/RULE-8-16/AlignmentWithSizeZero.expected create mode 100644 c/misra/test/rules/RULE-8-16/AlignmentWithSizeZero.qlref create mode 100644 c/misra/test/rules/RULE-8-16/test.c create mode 100644 c/misra/test/rules/RULE-8-17/MoreThanOneAlignmentSpecifierOnDeclaration.expected create mode 100644 c/misra/test/rules/RULE-8-17/MoreThanOneAlignmentSpecifierOnDeclaration.qlref create mode 100644 c/misra/test/rules/RULE-8-17/test.c create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/Alignment.qll create mode 100644 rule_packages/c/Alignment.json diff --git a/c/misra/src/rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.ql b/c/misra/src/rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.ql new file mode 100644 index 0000000000..74fc68d04d --- /dev/null +++ b/c/misra/src/rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.ql @@ -0,0 +1,47 @@ +/** + * @id c/misra/redeclaration-of-object-with-unmatched-alignment + * @name RULE-8-15: Alignment should match between all declarations of an object + * @description All declarations of an object with an explicit alignment specification shall specify + * the same alignment. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-8-15 + * extern/misra/c/2012/amendment3 + * readability + * maintainability + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +predicate lexicallyEqualExpr(Expr a, Expr b) { + a.toString() = b.toString() and + a.getNumChild() = b.getNumChild() and + forall(Expr aChild, Expr bChild, int i | + aChild = a.getChild(i) and + bChild = b.getChild(i) and + i < a.getNumChild() + | + lexicallyEqualExpr(aChild, bChild) + ) +} + +predicate lexicallyEqual(AttributeArgument a, AttributeArgument b) { + lexicallyEqualExpr(a.getValueConstant(), b.getValueConstant()) or + a.getValueType() = b.getValueType() +} + +from Attribute alignment, Attribute mismatched, string variable +where + not isExcluded(alignment, AlignmentPackage::redeclarationOfObjectWithUnmatchedAlignmentQuery()) and + alignment.hasName("_Alignas") and + mismatched.hasName("_Alignas") and + exists(Variable v | + v.getAnAttribute() = alignment and v.getAnAttribute() = mismatched and v.getName() = variable + ) and + not lexicallyEqual(alignment.getArgument(0), mismatched.getArgument(0)) +select alignment, + "Variable " + variable + " declared with lexically different _Alignof() values '$@' and '$@'", + alignment, alignment.getArgument(0).toString(), mismatched, mismatched.getArgument(0).toString() diff --git a/c/misra/src/rules/RULE-8-15/RedeclarationOfObjectWithoutAlignment.ql b/c/misra/src/rules/RULE-8-15/RedeclarationOfObjectWithoutAlignment.ql new file mode 100644 index 0000000000..9af3839e16 --- /dev/null +++ b/c/misra/src/rules/RULE-8-15/RedeclarationOfObjectWithoutAlignment.ql @@ -0,0 +1,99 @@ +/** + * @id c/misra/redeclaration-of-object-without-alignment + * @name RULE-8-15: Alignment should match between all declarations of an object + * @description An object declared with an explicit alignment shall be explicitly aligned in all + * declarations. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-8-15 + * extern/misra/c/2012/amendment3 + * readability + * maintainability + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +/** + * Performance optimization; start query by joining attributes to declarations + * rather than locations. + * + * Including the entry location also speeds up search. + */ +newtype TAttributeDeclLocation = + TAttributeDeclLocationInfo( + Attribute attribute, DeclarationEntry entry, Location entryLocation + ) { + entry.getDeclaration().(Variable).getAnAttribute() = attribute and + entryLocation = entry.getLocation() + } + +/** + * Get a DeclarationEntry along with its explicitly declared Attributes. + * + * DeclarationEntry does not have a method for getting Attributes by default, + * because an attribute declared on any DeclarationEntry affects all others, + * and attributes really belong to the declared variable rather than the + * declaration itself. + * + * In order to support this rule, we find for each attribute + * - A declaration entry which + * - corresponds to a variable associated with this attribute + * - is in the same file as this attribute + * - has identifier location after the attribute declaration + * - has no other declaration entry between this one and the attribute. + * + * This should give us a highly reliable means of finding which attributes are + * associated with which `DeclarationEntry`s. + * + * One note of caution: the associated `Variable` must be treated with caution, + * as there are multiple instances of that `Variable` if it is declared + * multiple times, they equal each other, and `getLocation()` on each variable + * returns every location result. This class must act on `DeclarationEntry`s to + * deliver reliable results. + */ +class DeclarationEntryAttribute extends Attribute { + DeclarationEntry declarationEntry; + Location location; + Location declLocation; + File file; + TAttributeDeclLocation locInfo; + + DeclarationEntryAttribute() { + locInfo = TAttributeDeclLocationInfo(this, declarationEntry, declLocation) and + file = getFile() and + location = getLocation() and + declLocation = declarationEntry.getLocation() and + declarationEntry.getDeclaration().(Variable).getAnAttribute() = this and + declarationEntry.getFile() = file and + location.isBefore(declLocation, _) and + not exists(TAttributeDeclLocation blocInfo, DeclarationEntry betterFit, Location blocation | + blocInfo = TAttributeDeclLocationInfo(this, betterFit, blocation) and + not betterFit = declarationEntry and + blocation = betterFit.getLocation() and + betterFit.getFile() = file and + betterFit.getDeclaration() = declarationEntry.getDeclaration() and + blocation.isBefore(declLocation, _) and + location.isBefore(blocation, _) + ) + } + + DeclarationEntry getDeclarationEntry() { result = declarationEntry } +} + +from DeclarationEntry unaligned, DeclarationEntry aligned, DeclarationEntryAttribute attribute +where + not isExcluded(unaligned, AlignmentPackage::redeclarationOfObjectWithoutAlignmentQuery()) and + attribute.hasName("_Alignas") and + attribute.getDeclarationEntry() = aligned and + aligned.getDeclaration() = unaligned.getDeclaration() and + not exists(DeclarationEntryAttribute matchingAlignment | + matchingAlignment.hasName("_Alignas") and + matchingAlignment.getDeclarationEntry() = unaligned + ) +select unaligned, + "Variable " + unaligned.getName() + + " declared without explicit alignment to match $@ with alignment $@", aligned, + "other definition", attribute, attribute.toString() diff --git a/c/misra/src/rules/RULE-8-16/AlignmentWithSizeZero.ql b/c/misra/src/rules/RULE-8-16/AlignmentWithSizeZero.ql new file mode 100644 index 0000000000..52d282c4a2 --- /dev/null +++ b/c/misra/src/rules/RULE-8-16/AlignmentWithSizeZero.ql @@ -0,0 +1,24 @@ +/** + * @id c/misra/alignment-with-size-zero + * @name RULE-8-16: The alignment specification of zero should not appear in an object declaration + * @description A declaration shall not have an alignment of size zero. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-8-16 + * extern/misra/c/2012/amendment3 + * readability + * maintainability + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.c.misra + +from Attribute a, Variable v +where + not isExcluded(a, AlignmentPackage::alignmentWithSizeZeroQuery()) and + a.hasName("_Alignas") and + a.getArgument(0).getValueInt() = 0 and + v.getAnAttribute() = a +select a.getArgument(0), "Invalid alignof() size set to zero for variable $@.", v, v.getName() diff --git a/c/misra/src/rules/RULE-8-17/MoreThanOneAlignmentSpecifierOnDeclaration.ql b/c/misra/src/rules/RULE-8-17/MoreThanOneAlignmentSpecifierOnDeclaration.ql new file mode 100644 index 0000000000..f7952d1266 --- /dev/null +++ b/c/misra/src/rules/RULE-8-17/MoreThanOneAlignmentSpecifierOnDeclaration.ql @@ -0,0 +1,35 @@ +/** + * @id c/misra/more-than-one-alignment-specifier-on-declaration + * @name RULE-8-17: At most one explicit alignment specifier should appear in an object declaration + * @description While C permits the usage of multiple alignment specifiers, doing so reduces + * readability and may obscure the intent of the declaration. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-8-17 + * extern/misra/c/2012/amendment3 + * readability + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.c.misra + +from Variable v, Attribute first, Attribute last +where + not isExcluded(v, AlignmentPackage::moreThanOneAlignmentSpecifierOnDeclarationQuery()) and + first = v.getAnAttribute() and + last = v.getAnAttribute() and + first != last and + first.hasName("_Alignas") and + last.hasName("_Alignas") and + not exists(Attribute beforeFirst | + beforeFirst.getLocation().isBefore(first.getLocation(), _) and + v.getAnAttribute() = beforeFirst + ) and + not exists(Attribute afterLast | + last.getLocation().isBefore(afterLast.getLocation(), _) and + v.getAnAttribute() = afterLast + ) +select v, "Variable " + v.getName() + " contains more than one alignment specifier, $@ and $@", + first, first.toString(), last, last.toString() diff --git a/c/misra/test/rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.expected b/c/misra/test/rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.expected new file mode 100644 index 0000000000..83a27f9074 --- /dev/null +++ b/c/misra/test/rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.expected @@ -0,0 +1,8 @@ +| test.c:18:8:18:15 | alignas(...) | Variable g6 declared with lexically different _Alignof() values '$@' and '$@' | test.c:18:8:18:15 | alignas(...) | int | test.c:19:8:19:15 | alignas(...) | 4 | +| test.c:19:8:19:15 | alignas(...) | Variable g6 declared with lexically different _Alignof() values '$@' and '$@' | test.c:19:8:19:15 | alignas(...) | 4 | test.c:18:8:18:15 | alignas(...) | int | +| test.c:22:8:22:15 | alignas(...) | Variable g7 declared with lexically different _Alignof() values '$@' and '$@' | test.c:22:8:22:15 | alignas(...) | ... * ... | test.c:23:8:23:15 | alignas(...) | 32 | +| test.c:23:8:23:15 | alignas(...) | Variable g7 declared with lexically different _Alignof() values '$@' and '$@' | test.c:23:8:23:15 | alignas(...) | 32 | test.c:22:8:22:15 | alignas(...) | ... * ... | +| test.c:28:8:28:15 | alignas(...) | Variable g9 declared with lexically different _Alignof() values '$@' and '$@' | test.c:28:8:28:15 | alignas(...) | ... * ... | test.c:29:8:29:15 | alignas(...) | ... * ... | +| test.c:29:8:29:15 | alignas(...) | Variable g9 declared with lexically different _Alignof() values '$@' and '$@' | test.c:29:8:29:15 | alignas(...) | ... * ... | test.c:28:8:28:15 | alignas(...) | ... * ... | +| test.c:34:8:34:15 | alignas(...) | Variable g11 declared with lexically different _Alignof() values '$@' and '$@' | test.c:34:8:34:15 | alignas(...) | signed int | test.c:35:8:35:15 | alignas(...) | unsigned int | +| test.c:35:8:35:15 | alignas(...) | Variable g11 declared with lexically different _Alignof() values '$@' and '$@' | test.c:35:8:35:15 | alignas(...) | unsigned int | test.c:34:8:34:15 | alignas(...) | signed int | diff --git a/c/misra/test/rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.qlref b/c/misra/test/rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.qlref new file mode 100644 index 0000000000..08648fd168 --- /dev/null +++ b/c/misra/test/rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.qlref @@ -0,0 +1 @@ +rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-15/RedeclarationOfObjectWithoutAlignment.expected b/c/misra/test/rules/RULE-8-15/RedeclarationOfObjectWithoutAlignment.expected new file mode 100644 index 0000000000..e9b91d33a4 --- /dev/null +++ b/c/misra/test/rules/RULE-8-15/RedeclarationOfObjectWithoutAlignment.expected @@ -0,0 +1,2 @@ +| test.c:5:12:5:13 | declaration of g2 | Variable g2 declared without explicit alignment to match $@ with alignment $@ | test.c:4:25:4:26 | declaration of g2 | other definition | test.c:4:8:4:15 | alignas(...) | alignas(...) | +| test.c:7:12:7:13 | declaration of g3 | Variable g3 declared without explicit alignment to match $@ with alignment $@ | test.c:8:25:8:26 | declaration of g3 | other definition | test.c:8:8:8:15 | alignas(...) | alignas(...) | diff --git a/c/misra/test/rules/RULE-8-15/RedeclarationOfObjectWithoutAlignment.qlref b/c/misra/test/rules/RULE-8-15/RedeclarationOfObjectWithoutAlignment.qlref new file mode 100644 index 0000000000..f5f13e2125 --- /dev/null +++ b/c/misra/test/rules/RULE-8-15/RedeclarationOfObjectWithoutAlignment.qlref @@ -0,0 +1 @@ +rules/RULE-8-15/RedeclarationOfObjectWithoutAlignment.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-15/test.c b/c/misra/test/rules/RULE-8-15/test.c new file mode 100644 index 0000000000..f97a79d5b6 --- /dev/null +++ b/c/misra/test/rules/RULE-8-15/test.c @@ -0,0 +1,35 @@ +extern _Alignas(16) int g1; // COMPLIANT +extern _Alignas(16) int g1; // COMPLIANT + +extern _Alignas(16) int g2; +extern int g2; // NON_COMPLIANT + +extern int g3; // NON_COMPLIANT +extern _Alignas(16) int g3; + +// Does not compile on clang: +// extern _Alignas(16) int g4; // COMPLIANT +// extern _Alignas(32) int g4; // COMPLIANT + +extern int g5; // COMPLIANT +extern int g5; // COMPLIANT + +// Spec says elements must be lexically identical after macro expansion +extern _Alignas(int) int g6; // NON_COMPLIANT +extern _Alignas(4) int g6; // NON_COMPLIANT + +#define THIRTY_TWO 32 +extern _Alignas(16 * 2) int g7; // NON_COMPLIANT +extern _Alignas(32) int g7; // NON_COMPLIANT + +extern _Alignas(THIRTY_TWO) int g8; // COMPLIANT +extern _Alignas(32) int g8; // COMPLIANT + +extern _Alignas(16 * 2) int g9; // NON_COMPLIANT +extern _Alignas(2 * 16) int g9; // NON_COMPLIANT + +extern _Alignas(int) int g10; // COMPLIANT +extern _Alignas(int) int g10; // COMPLIANT + +extern _Alignas(signed int) int g11; // NON_COMPLIANT +extern _Alignas(unsigned int) int g11; // NON_COMPLIANT \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-16/AlignmentWithSizeZero.expected b/c/misra/test/rules/RULE-8-16/AlignmentWithSizeZero.expected new file mode 100644 index 0000000000..4daa3475ed --- /dev/null +++ b/c/misra/test/rules/RULE-8-16/AlignmentWithSizeZero.expected @@ -0,0 +1,4 @@ +| test.c:2:10:2:10 | 0 | Invalid alignof() size set to zero for variable $@. | test.c:2:17:2:18 | g2 | g2 | +| test.c:3:10:3:14 | ... - ... | Invalid alignof() size set to zero for variable $@. | test.c:3:21:3:22 | g3 | g3 | +| test.c:8:12:8:12 | 0 | Invalid alignof() size set to zero for variable $@. | test.c:8:19:8:20 | m2 | m2 | +| test.c:13:12:13:12 | 0 | Invalid alignof() size set to zero for variable $@. | test.c:13:19:13:20 | l2 | l2 | diff --git a/c/misra/test/rules/RULE-8-16/AlignmentWithSizeZero.qlref b/c/misra/test/rules/RULE-8-16/AlignmentWithSizeZero.qlref new file mode 100644 index 0000000000..c8e19d1fe5 --- /dev/null +++ b/c/misra/test/rules/RULE-8-16/AlignmentWithSizeZero.qlref @@ -0,0 +1 @@ +rules/RULE-8-16/AlignmentWithSizeZero.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-16/test.c b/c/misra/test/rules/RULE-8-16/test.c new file mode 100644 index 0000000000..3e96b7b8cc --- /dev/null +++ b/c/misra/test/rules/RULE-8-16/test.c @@ -0,0 +1,14 @@ +_Alignas(8) int g1; // COMPLIANT +_Alignas(0) int g2; // NON-COMPLIANT +_Alignas(8 - 8) int g3; // NON-COMPLIANT +_Alignas(float) int g4; // COMPLIANT + +struct s { + _Alignas(64) int m1; // COMPLIANT + _Alignas(0) int m2; // NON_COMPLIANT +}; + +void f() { + _Alignas(8) int l1; // COMPLIANT + _Alignas(0) int l2; // NON-COMPLIANT +} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-17/MoreThanOneAlignmentSpecifierOnDeclaration.expected b/c/misra/test/rules/RULE-8-17/MoreThanOneAlignmentSpecifierOnDeclaration.expected new file mode 100644 index 0000000000..24707ca457 --- /dev/null +++ b/c/misra/test/rules/RULE-8-17/MoreThanOneAlignmentSpecifierOnDeclaration.expected @@ -0,0 +1,6 @@ +| test.c:2:30:2:31 | g2 | Variable g2 contains more than one alignment specifier, $@ and $@ | test.c:2:1:2:8 | alignas(...) | alignas(...) | test.c:2:13:2:20 | alignas(...) | alignas(...) | +| test.c:3:29:3:30 | g3 | Variable g3 contains more than one alignment specifier, $@ and $@ | test.c:3:1:3:8 | alignas(...) | alignas(...) | test.c:3:13:3:20 | alignas(...) | alignas(...) | +| test.c:4:35:4:36 | g4 | Variable g4 contains more than one alignment specifier, $@ and $@ | test.c:4:1:4:8 | alignas(...) | alignas(...) | test.c:4:17:4:24 | alignas(...) | alignas(...) | +| test.c:6:53:6:54 | g5 | Variable g5 contains more than one alignment specifier, $@ and $@ | test.c:5:1:5:8 | alignas(...) | alignas(...) | test.c:6:33:6:40 | alignas(...) | alignas(...) | +| test.c:10:35:10:36 | m2 | Variable m2 contains more than one alignment specifier, $@ and $@ | test.c:10:3:10:10 | alignas(...) | alignas(...) | test.c:10:18:10:25 | alignas(...) | alignas(...) | +| test.c:15:35:15:36 | l2 | Variable l2 contains more than one alignment specifier, $@ and $@ | test.c:15:3:15:10 | alignas(...) | alignas(...) | test.c:15:18:15:25 | alignas(...) | alignas(...) | diff --git a/c/misra/test/rules/RULE-8-17/MoreThanOneAlignmentSpecifierOnDeclaration.qlref b/c/misra/test/rules/RULE-8-17/MoreThanOneAlignmentSpecifierOnDeclaration.qlref new file mode 100644 index 0000000000..7ff11e8a61 --- /dev/null +++ b/c/misra/test/rules/RULE-8-17/MoreThanOneAlignmentSpecifierOnDeclaration.qlref @@ -0,0 +1 @@ +rules/RULE-8-17/MoreThanOneAlignmentSpecifierOnDeclaration.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-17/test.c b/c/misra/test/rules/RULE-8-17/test.c new file mode 100644 index 0000000000..e2f8b2b44f --- /dev/null +++ b/c/misra/test/rules/RULE-8-17/test.c @@ -0,0 +1,16 @@ +_Alignas(8) int g1; // COMPLIANT +_Alignas(8) _Alignas(16) int g2; // NON-COMPLIANT +_Alignas(8) _Alignas(8) int g3; // NON-COMPLIANT +_Alignas(float) _Alignas(int) int g4; // NON-COMPLIANT +_Alignas(float) _Alignas(float) int g5; // NON-COMPLIANT +_Alignas(float) _Alignas(float) _Alignas(float) int g5; // NON-COMPLIANT + +struct s { + _Alignas(64) int m1; // COMPLIANT + _Alignas(long) _Alignas(16) int m2; // NON_COMPLIANT +}; + +void f() { + _Alignas(8) int l1; // COMPLIANT + _Alignas(long) _Alignas(16) int l2; // NON_COMPLIANT +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Alignment.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Alignment.qll new file mode 100644 index 0000000000..9447abf636 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Alignment.qll @@ -0,0 +1,78 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype AlignmentQuery = + TRedeclarationOfObjectWithoutAlignmentQuery() or + TRedeclarationOfObjectWithUnmatchedAlignmentQuery() or + TAlignmentWithSizeZeroQuery() or + TMoreThanOneAlignmentSpecifierOnDeclarationQuery() + +predicate isAlignmentQueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `redeclarationOfObjectWithoutAlignment` query + AlignmentPackage::redeclarationOfObjectWithoutAlignmentQuery() and + queryId = + // `@id` for the `redeclarationOfObjectWithoutAlignment` query + "c/misra/redeclaration-of-object-without-alignment" and + ruleId = "RULE-8-15" and + category = "required" + or + query = + // `Query` instance for the `redeclarationOfObjectWithUnmatchedAlignment` query + AlignmentPackage::redeclarationOfObjectWithUnmatchedAlignmentQuery() and + queryId = + // `@id` for the `redeclarationOfObjectWithUnmatchedAlignment` query + "c/misra/redeclaration-of-object-with-unmatched-alignment" and + ruleId = "RULE-8-15" and + category = "required" + or + query = + // `Query` instance for the `alignmentWithSizeZero` query + AlignmentPackage::alignmentWithSizeZeroQuery() and + queryId = + // `@id` for the `alignmentWithSizeZero` query + "c/misra/alignment-with-size-zero" and + ruleId = "RULE-8-16" and + category = "advisory" + or + query = + // `Query` instance for the `moreThanOneAlignmentSpecifierOnDeclaration` query + AlignmentPackage::moreThanOneAlignmentSpecifierOnDeclarationQuery() and + queryId = + // `@id` for the `moreThanOneAlignmentSpecifierOnDeclaration` query + "c/misra/more-than-one-alignment-specifier-on-declaration" and + ruleId = "RULE-8-17" and + category = "advisory" +} + +module AlignmentPackage { + Query redeclarationOfObjectWithoutAlignmentQuery() { + //autogenerate `Query` type + result = + // `Query` type for `redeclarationOfObjectWithoutAlignment` query + TQueryC(TAlignmentPackageQuery(TRedeclarationOfObjectWithoutAlignmentQuery())) + } + + Query redeclarationOfObjectWithUnmatchedAlignmentQuery() { + //autogenerate `Query` type + result = + // `Query` type for `redeclarationOfObjectWithUnmatchedAlignment` query + TQueryC(TAlignmentPackageQuery(TRedeclarationOfObjectWithUnmatchedAlignmentQuery())) + } + + Query alignmentWithSizeZeroQuery() { + //autogenerate `Query` type + result = + // `Query` type for `alignmentWithSizeZero` query + TQueryC(TAlignmentPackageQuery(TAlignmentWithSizeZeroQuery())) + } + + Query moreThanOneAlignmentSpecifierOnDeclarationQuery() { + //autogenerate `Query` type + result = + // `Query` type for `moreThanOneAlignmentSpecifierOnDeclaration` query + TQueryC(TAlignmentPackageQuery(TMoreThanOneAlignmentSpecifierOnDeclarationQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index 3833533d50..51fe53cf6f 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -2,6 +2,7 @@ import cpp import codingstandards.cpp.exclusions.RuleMetadata //** Import packages for this language **/ +import Alignment import Banned import Banned2 import BitfieldTypes @@ -78,6 +79,7 @@ import Types2 /** The TQuery type representing this language * */ newtype TCQuery = + TAlignmentPackageQuery(AlignmentQuery q) or TBannedPackageQuery(BannedQuery q) or TBanned2PackageQuery(Banned2Query q) or TBitfieldTypesPackageQuery(BitfieldTypesQuery q) or @@ -154,6 +156,7 @@ newtype TCQuery = /** The metadata predicate * */ predicate isQueryMetadata(Query query, string queryId, string ruleId, string category) { + isAlignmentQueryMetadata(query, queryId, ruleId, category) or isBannedQueryMetadata(query, queryId, ruleId, category) or isBanned2QueryMetadata(query, queryId, ruleId, category) or isBitfieldTypesQueryMetadata(query, queryId, ruleId, category) or diff --git a/rule_packages/c/Alignment.json b/rule_packages/c/Alignment.json new file mode 100644 index 0000000000..1cbdf279fb --- /dev/null +++ b/rule_packages/c/Alignment.json @@ -0,0 +1,79 @@ +{ + "MISRA-C-2012": { + "RULE-8-15": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "An object declared with an explicit alignment shall be explicitly aligned in all declarations.", + "kind": "problem", + "name": "Alignment should match between all declarations of an object", + "precision": "very-high", + "severity": "error", + "short_name": "RedeclarationOfObjectWithoutAlignment", + "tags": [ + "extern/misra/c/2012/amendment3", + "readability", + "maintainability" + ] + }, + { + "description": "All declarations of an object with an explicit alignment specification shall specify the same alignment.", + "kind": "problem", + "name": "Alignment should match between all declarations of an object", + "precision": "very-high", + "severity": "error", + "short_name": "RedeclarationOfObjectWithUnmatchedAlignment", + "tags": [ + "extern/misra/c/2012/amendment3", + "readability", + "maintainability" + ] + } + ], + "title": "All declarations of an object with an explicit alignment specification shall specify the same alignment" + }, + "RULE-8-16": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "A declaration shall not have an alignment of size zero.", + "kind": "problem", + "name": "The alignment specification of zero should not appear in an object declaration", + "precision": "very-high", + "severity": "error", + "short_name": "AlignmentWithSizeZero", + "tags": [ + "extern/misra/c/2012/amendment3", + "readability", + "maintainability" + ] + } + ], + "title": "The alignment specification of zero should not appear in an object declaration" + }, + "RULE-8-17": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "While C permits the usage of multiple alignment specifiers, doing so reduces readability and may obscure the intent of the declaration.", + "kind": "problem", + "name": "At most one explicit alignment specifier should appear in an object declaration", + "precision": "very-high", + "severity": "error", + "short_name": "MoreThanOneAlignmentSpecifierOnDeclaration", + "tags": [ + "extern/misra/c/2012/amendment3", + "readability" + ] + } + ], + "title": "At most one explicit alignment specifier should appear in an object declaration" + } + } +} \ No newline at end of file From 7ae79abf9955cd785571cb83b3e59a6bfc201e9f Mon Sep 17 00:00:00 2001 From: Michael R Fairhurst Date: Fri, 18 Oct 2024 22:11:30 +0000 Subject: [PATCH 2160/2573] Add test for mismatched alignments on gcc --- ...fObjectWithUnmatchedAlignment.expected.gcc | 10 ++++++ c/misra/test/rules/RULE-8-15/test.c.gcc | 35 +++++++++++++++++++ 2 files changed, 45 insertions(+) create mode 100644 c/misra/test/rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.expected.gcc create mode 100644 c/misra/test/rules/RULE-8-15/test.c.gcc diff --git a/c/misra/test/rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.expected.gcc b/c/misra/test/rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.expected.gcc new file mode 100644 index 0000000000..f1054946a7 --- /dev/null +++ b/c/misra/test/rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.expected.gcc @@ -0,0 +1,10 @@ +| test.c:11:8:11:15 | alignas(...) | Variable g4 declared with lexically different _Alignof() values '$@' and '$@' | test.c:11:8:11:15 | alignas(...) | 16 | test.c:12:8:12:15 | alignas(...) | 32 | +| test.c:12:8:12:15 | alignas(...) | Variable g4 declared with lexically different _Alignof() values '$@' and '$@' | test.c:12:8:12:15 | alignas(...) | 32 | test.c:11:8:11:15 | alignas(...) | 16 | +| test.c:18:8:18:15 | alignas(...) | Variable g6 declared with lexically different _Alignof() values '$@' and '$@' | test.c:18:8:18:15 | alignas(...) | int | test.c:19:8:19:15 | alignas(...) | 4 | +| test.c:19:8:19:15 | alignas(...) | Variable g6 declared with lexically different _Alignof() values '$@' and '$@' | test.c:19:8:19:15 | alignas(...) | 4 | test.c:18:8:18:15 | alignas(...) | int | +| test.c:22:8:22:15 | alignas(...) | Variable g7 declared with lexically different _Alignof() values '$@' and '$@' | test.c:22:8:22:15 | alignas(...) | ... * ... | test.c:23:8:23:15 | alignas(...) | 32 | +| test.c:23:8:23:15 | alignas(...) | Variable g7 declared with lexically different _Alignof() values '$@' and '$@' | test.c:23:8:23:15 | alignas(...) | 32 | test.c:22:8:22:15 | alignas(...) | ... * ... | +| test.c:28:8:28:15 | alignas(...) | Variable g9 declared with lexically different _Alignof() values '$@' and '$@' | test.c:28:8:28:15 | alignas(...) | ... * ... | test.c:29:8:29:15 | alignas(...) | ... * ... | +| test.c:29:8:29:15 | alignas(...) | Variable g9 declared with lexically different _Alignof() values '$@' and '$@' | test.c:29:8:29:15 | alignas(...) | ... * ... | test.c:28:8:28:15 | alignas(...) | ... * ... | +| test.c:34:8:34:15 | alignas(...) | Variable g11 declared with lexically different _Alignof() values '$@' and '$@' | test.c:34:8:34:15 | alignas(...) | signed int | test.c:35:8:35:15 | alignas(...) | unsigned int | +| test.c:35:8:35:15 | alignas(...) | Variable g11 declared with lexically different _Alignof() values '$@' and '$@' | test.c:35:8:35:15 | alignas(...) | unsigned int | test.c:34:8:34:15 | alignas(...) | signed int | diff --git a/c/misra/test/rules/RULE-8-15/test.c.gcc b/c/misra/test/rules/RULE-8-15/test.c.gcc new file mode 100644 index 0000000000..d0f53bf89a --- /dev/null +++ b/c/misra/test/rules/RULE-8-15/test.c.gcc @@ -0,0 +1,35 @@ +extern _Alignas(16) int g1; // COMPLIANT +extern _Alignas(16) int g1; // COMPLIANT + +extern _Alignas(16) int g2; +extern int g2; // NON_COMPLIANT + +extern int g3; // NON_COMPLIANT +extern _Alignas(16) int g3; + +// Does not compile on clang: +extern _Alignas(16) int g4; // COMPLIANT +extern _Alignas(32) int g4; // COMPLIANT + +extern int g5; // COMPLIANT +extern int g5; // COMPLIANT + +// Spec says elements must be lexically identical after macro expansion +extern _Alignas(int) int g6; // NON_COMPLIANT +extern _Alignas(4) int g6; // NON_COMPLIANT + +#define THIRTY_TWO 32 +extern _Alignas(16 * 2) int g7; // NON_COMPLIANT +extern _Alignas(32) int g7; // NON_COMPLIANT + +extern _Alignas(THIRTY_TWO) int g8; // COMPLIANT +extern _Alignas(32) int g8; // COMPLIANT + +extern _Alignas(16 * 2) int g9; // NON_COMPLIANT +extern _Alignas(2 * 16) int g9; // NON_COMPLIANT + +extern _Alignas(int) int g10; // COMPLIANT +extern _Alignas(int) int g10; // COMPLIANT + +extern _Alignas(signed int) int g11; // NON_COMPLIANT +extern _Alignas(unsigned int) int g11; // NON_COMPLIANT \ No newline at end of file From 9b325f63887e509063666d7e2b040df383f57d41 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 18 Oct 2024 15:20:25 -0700 Subject: [PATCH 2161/2573] Fix misra c amendment tag --- rule_packages/c/Alignment.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/rule_packages/c/Alignment.json b/rule_packages/c/Alignment.json index 1cbdf279fb..edf06a09ca 100644 --- a/rule_packages/c/Alignment.json +++ b/rule_packages/c/Alignment.json @@ -13,7 +13,7 @@ "severity": "error", "short_name": "RedeclarationOfObjectWithoutAlignment", "tags": [ - "extern/misra/c/2012/amendment3", + "external/misra/c/2012/amendment3", "readability", "maintainability" ] @@ -26,7 +26,7 @@ "severity": "error", "short_name": "RedeclarationOfObjectWithUnmatchedAlignment", "tags": [ - "extern/misra/c/2012/amendment3", + "external/misra/c/2012/amendment3", "readability", "maintainability" ] @@ -47,7 +47,7 @@ "severity": "error", "short_name": "AlignmentWithSizeZero", "tags": [ - "extern/misra/c/2012/amendment3", + "external/misra/c/2012/amendment3", "readability", "maintainability" ] @@ -68,7 +68,7 @@ "severity": "error", "short_name": "MoreThanOneAlignmentSpecifierOnDeclaration", "tags": [ - "extern/misra/c/2012/amendment3", + "external/misra/c/2012/amendment3", "readability" ] } From feea1e4d97c0d9105e8355fb39eb94ea382e4c6c Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 18 Oct 2024 15:21:16 -0700 Subject: [PATCH 2162/2573] Fix query format --- .../RULE-8-15/RedeclarationOfObjectWithoutAlignment.ql | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/c/misra/src/rules/RULE-8-15/RedeclarationOfObjectWithoutAlignment.ql b/c/misra/src/rules/RULE-8-15/RedeclarationOfObjectWithoutAlignment.ql index 9af3839e16..9161c74a38 100644 --- a/c/misra/src/rules/RULE-8-15/RedeclarationOfObjectWithoutAlignment.ql +++ b/c/misra/src/rules/RULE-8-15/RedeclarationOfObjectWithoutAlignment.ql @@ -19,13 +19,11 @@ import codingstandards.c.misra /** * Performance optimization; start query by joining attributes to declarations * rather than locations. - * + * * Including the entry location also speeds up search. */ newtype TAttributeDeclLocation = - TAttributeDeclLocationInfo( - Attribute attribute, DeclarationEntry entry, Location entryLocation - ) { + TAttributeDeclLocationInfo(Attribute attribute, DeclarationEntry entry, Location entryLocation) { entry.getDeclaration().(Variable).getAnAttribute() = attribute and entryLocation = entry.getLocation() } From d214ba7b19415b80b36d3b5c01e9b1ff60c3b134 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 18 Oct 2024 15:28:52 -0700 Subject: [PATCH 2163/2573] Regenerate queries with updated metadata --- .../RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.ql | 2 +- .../rules/RULE-8-15/RedeclarationOfObjectWithoutAlignment.ql | 2 +- c/misra/src/rules/RULE-8-16/AlignmentWithSizeZero.ql | 2 +- .../RULE-8-17/MoreThanOneAlignmentSpecifierOnDeclaration.ql | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/c/misra/src/rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.ql b/c/misra/src/rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.ql index 74fc68d04d..b17c1ef6c1 100644 --- a/c/misra/src/rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.ql +++ b/c/misra/src/rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.ql @@ -7,7 +7,7 @@ * @precision very-high * @problem.severity error * @tags external/misra/id/rule-8-15 - * extern/misra/c/2012/amendment3 + * external/misra/c/2012/amendment3 * readability * maintainability * external/misra/obligation/required diff --git a/c/misra/src/rules/RULE-8-15/RedeclarationOfObjectWithoutAlignment.ql b/c/misra/src/rules/RULE-8-15/RedeclarationOfObjectWithoutAlignment.ql index 9161c74a38..986ab92f5a 100644 --- a/c/misra/src/rules/RULE-8-15/RedeclarationOfObjectWithoutAlignment.ql +++ b/c/misra/src/rules/RULE-8-15/RedeclarationOfObjectWithoutAlignment.ql @@ -7,7 +7,7 @@ * @precision very-high * @problem.severity error * @tags external/misra/id/rule-8-15 - * extern/misra/c/2012/amendment3 + * external/misra/c/2012/amendment3 * readability * maintainability * external/misra/obligation/required diff --git a/c/misra/src/rules/RULE-8-16/AlignmentWithSizeZero.ql b/c/misra/src/rules/RULE-8-16/AlignmentWithSizeZero.ql index 52d282c4a2..4a0cd9d50b 100644 --- a/c/misra/src/rules/RULE-8-16/AlignmentWithSizeZero.ql +++ b/c/misra/src/rules/RULE-8-16/AlignmentWithSizeZero.ql @@ -6,7 +6,7 @@ * @precision very-high * @problem.severity error * @tags external/misra/id/rule-8-16 - * extern/misra/c/2012/amendment3 + * external/misra/c/2012/amendment3 * readability * maintainability * external/misra/obligation/advisory diff --git a/c/misra/src/rules/RULE-8-17/MoreThanOneAlignmentSpecifierOnDeclaration.ql b/c/misra/src/rules/RULE-8-17/MoreThanOneAlignmentSpecifierOnDeclaration.ql index f7952d1266..3c89a190ec 100644 --- a/c/misra/src/rules/RULE-8-17/MoreThanOneAlignmentSpecifierOnDeclaration.ql +++ b/c/misra/src/rules/RULE-8-17/MoreThanOneAlignmentSpecifierOnDeclaration.ql @@ -7,7 +7,7 @@ * @precision very-high * @problem.severity error * @tags external/misra/id/rule-8-17 - * extern/misra/c/2012/amendment3 + * external/misra/c/2012/amendment3 * readability * external/misra/obligation/advisory */ From 9dc3c2a154d70f7171ed204907ed5173b95389b4 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 18 Oct 2024 18:15:06 -0700 Subject: [PATCH 2164/2573] Use range analysis to detect realloc() where size may be zero, vs, is exactly zero. --- ...SizeZero.ql => SizeInReallocCallIsZero.ql} | 17 +++++----- .../RULE-1-5/SizeInReallocCallMayBeZero.ql | 26 +++++++++++++++ .../CallToObsolescentFunctionGets.expected | 2 +- .../CallToReallocWithSizeZero.expected | 1 - .../RULE-1-5/CallToReallocWithSizeZero.qlref | 1 - ...nvalidDefineOrUndefOfStdBoolMacro.expected | 12 +++---- .../RULE-1-5/SizeInReallocCallIsZero.expected | 1 + .../RULE-1-5/SizeInReallocCallIsZero.qlref | 1 + .../SizeInReallocCallMayBeZero.expected | 1 + .../RULE-1-5/SizeInReallocCallMayBeZero.qlref | 1 + .../UngetcCallOnStreamPositionZero.expected | 8 ++--- .../UseOfObsoleteMacroAtomicVarInit.expected | 2 +- c/misra/test/rules/RULE-1-5/test.c | 9 ++--- .../src/codingstandards/cpp/Realloc.qll | 18 ++++++++++ .../cpp/exclusions/c/Language4.qll | 33 ++++++++++++++----- rule_packages/c/Language4.json | 16 +++++++-- 16 files changed, 113 insertions(+), 36 deletions(-) rename c/misra/src/rules/RULE-1-5/{CallToReallocWithSizeZero.ql => SizeInReallocCallIsZero.ql} (50%) create mode 100644 c/misra/src/rules/RULE-1-5/SizeInReallocCallMayBeZero.ql delete mode 100644 c/misra/test/rules/RULE-1-5/CallToReallocWithSizeZero.expected delete mode 100644 c/misra/test/rules/RULE-1-5/CallToReallocWithSizeZero.qlref create mode 100644 c/misra/test/rules/RULE-1-5/SizeInReallocCallIsZero.expected create mode 100644 c/misra/test/rules/RULE-1-5/SizeInReallocCallIsZero.qlref create mode 100644 c/misra/test/rules/RULE-1-5/SizeInReallocCallMayBeZero.expected create mode 100644 c/misra/test/rules/RULE-1-5/SizeInReallocCallMayBeZero.qlref create mode 100644 cpp/common/src/codingstandards/cpp/Realloc.qll diff --git a/c/misra/src/rules/RULE-1-5/CallToReallocWithSizeZero.ql b/c/misra/src/rules/RULE-1-5/SizeInReallocCallIsZero.ql similarity index 50% rename from c/misra/src/rules/RULE-1-5/CallToReallocWithSizeZero.ql rename to c/misra/src/rules/RULE-1-5/SizeInReallocCallIsZero.ql index 2ea90e8b12..2b5cdaa851 100644 --- a/c/misra/src/rules/RULE-1-5/CallToReallocWithSizeZero.ql +++ b/c/misra/src/rules/RULE-1-5/SizeInReallocCallIsZero.ql @@ -1,6 +1,6 @@ /** - * @id c/misra/call-to-realloc-with-size-zero - * @name RULE-1-5: Disallowed size argument value equal to zero in call to realloc + * @id c/misra/size-in-realloc-call-is-zero + * @name RULE-1-5: Size argument value in realloc call is equal zero * @description Invoking realloc with a size argument set to zero is implementation-defined behavior * and declared as an obsolete feature in C18. * @kind problem @@ -15,11 +15,12 @@ import cpp import codingstandards.c.misra import semmle.code.cpp.rangeanalysis.new.RangeAnalysis +import codingstandards.cpp.Realloc -from FunctionCall call, Expr arg +from ReallocCall call where - not isExcluded(call, Language4Package::callToReallocWithSizeZeroQuery()) and - call.getTarget().hasGlobalOrStdName("realloc") and - arg = call.getArgument(1) and - upperBound(arg) = 0 -select arg, "Calling realloc with size zero results in implementation-defined behavior." + not isExcluded(call, Language4Package::sizeInReallocCallIsZeroQuery()) and + call.sizeIsExactlyZero() +select call, + "Size argument '$@' may equal zero in realloc call, resulting in obsolescent and/or implementation-defined behavior.", + call.getSizeArgument(), call.getSizeArgument().toString() diff --git a/c/misra/src/rules/RULE-1-5/SizeInReallocCallMayBeZero.ql b/c/misra/src/rules/RULE-1-5/SizeInReallocCallMayBeZero.ql new file mode 100644 index 0000000000..3e883e45f4 --- /dev/null +++ b/c/misra/src/rules/RULE-1-5/SizeInReallocCallMayBeZero.ql @@ -0,0 +1,26 @@ +/** + * @id c/misra/size-in-realloc-call-may-be-zero + * @name RULE-1-5: Size argument value in realloc call may equal zero + * @description Invoking realloc with a size argument set to zero is implementation-defined behavior + * and declared as an obsolete feature in C18. + * @kind problem + * @precision medium + * @problem.severity error + * @tags external/misra/id/rule-1-5 + * correctness + * external/misra/c/2012/amendment3 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.Realloc + +from ReallocCall call +where + not isExcluded(call, Language4Package::sizeInReallocCallMayBeZeroQuery()) and + call.sizeMayBeZero() and + not call.sizeIsExactlyZero() +select call, + "Size argument '$@' equals zero in realloc call, resulting in obsolescent and/or implementation-defined behavior.", + call.getSizeArgument(), call.getSizeArgument().toString() diff --git a/c/misra/test/rules/RULE-1-5/CallToObsolescentFunctionGets.expected b/c/misra/test/rules/RULE-1-5/CallToObsolescentFunctionGets.expected index 6e0088f4ac..4c8fdc27cf 100644 --- a/c/misra/test/rules/RULE-1-5/CallToObsolescentFunctionGets.expected +++ b/c/misra/test/rules/RULE-1-5/CallToObsolescentFunctionGets.expected @@ -1 +1 @@ -| test.c:36:3:36:6 | call to gets | Call to obsolescent function 'gets'. | +| test.c:37:3:37:6 | call to gets | Call to obsolescent function 'gets'. | diff --git a/c/misra/test/rules/RULE-1-5/CallToReallocWithSizeZero.expected b/c/misra/test/rules/RULE-1-5/CallToReallocWithSizeZero.expected deleted file mode 100644 index 89e54a38c2..0000000000 --- a/c/misra/test/rules/RULE-1-5/CallToReallocWithSizeZero.expected +++ /dev/null @@ -1 +0,0 @@ -| test.c:11:14:11:14 | 0 | Calling realloc with size zero results in implementation-defined behavior. | diff --git a/c/misra/test/rules/RULE-1-5/CallToReallocWithSizeZero.qlref b/c/misra/test/rules/RULE-1-5/CallToReallocWithSizeZero.qlref deleted file mode 100644 index 218be6b3ef..0000000000 --- a/c/misra/test/rules/RULE-1-5/CallToReallocWithSizeZero.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-1-5/CallToReallocWithSizeZero.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-1-5/InvalidDefineOrUndefOfStdBoolMacro.expected b/c/misra/test/rules/RULE-1-5/InvalidDefineOrUndefOfStdBoolMacro.expected index 7a6ca9824e..854b200553 100644 --- a/c/misra/test/rules/RULE-1-5/InvalidDefineOrUndefOfStdBoolMacro.expected +++ b/c/misra/test/rules/RULE-1-5/InvalidDefineOrUndefOfStdBoolMacro.expected @@ -1,6 +1,6 @@ -| test.c:21:1:21:14 | #define true 3 | Invalid define of boolean standard macro 'true'. | -| test.c:22:1:22:15 | #define false 3 | Invalid define of boolean standard macro 'false'. | -| test.c:23:1:23:18 | #define bool int * | Invalid define of boolean standard macro 'bool'. | -| test.c:24:1:24:11 | #undef true | Invalid undefine of boolean standard macro 'true'. | -| test.c:25:1:25:12 | #undef false | Invalid undefine of boolean standard macro 'false'. | -| test.c:26:1:26:11 | #undef bool | Invalid undefine of boolean standard macro 'bool'. | +| test.c:22:1:22:14 | #define true 3 | Invalid define of boolean standard macro 'true'. | +| test.c:23:1:23:15 | #define false 3 | Invalid define of boolean standard macro 'false'. | +| test.c:24:1:24:18 | #define bool int * | Invalid define of boolean standard macro 'bool'. | +| test.c:25:1:25:11 | #undef true | Invalid undefine of boolean standard macro 'true'. | +| test.c:26:1:26:12 | #undef false | Invalid undefine of boolean standard macro 'false'. | +| test.c:27:1:27:11 | #undef bool | Invalid undefine of boolean standard macro 'bool'. | diff --git a/c/misra/test/rules/RULE-1-5/SizeInReallocCallIsZero.expected b/c/misra/test/rules/RULE-1-5/SizeInReallocCallIsZero.expected new file mode 100644 index 0000000000..7b05a5fc0a --- /dev/null +++ b/c/misra/test/rules/RULE-1-5/SizeInReallocCallIsZero.expected @@ -0,0 +1 @@ +| test.c:14:3:14:9 | call to realloc | Size argument '$@' may equal zero in realloc call, resulting in obsolescent and/or implementation-defined behavior. | test.c:14:14:14:14 | 0 | 0 | diff --git a/c/misra/test/rules/RULE-1-5/SizeInReallocCallIsZero.qlref b/c/misra/test/rules/RULE-1-5/SizeInReallocCallIsZero.qlref new file mode 100644 index 0000000000..cef5e76d54 --- /dev/null +++ b/c/misra/test/rules/RULE-1-5/SizeInReallocCallIsZero.qlref @@ -0,0 +1 @@ +rules/RULE-1-5/SizeInReallocCallIsZero.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-1-5/SizeInReallocCallMayBeZero.expected b/c/misra/test/rules/RULE-1-5/SizeInReallocCallMayBeZero.expected new file mode 100644 index 0000000000..f86ad4c57c --- /dev/null +++ b/c/misra/test/rules/RULE-1-5/SizeInReallocCallMayBeZero.expected @@ -0,0 +1 @@ +| test.c:15:3:15:9 | call to realloc | Size argument '$@' equals zero in realloc call, resulting in obsolescent and/or implementation-defined behavior. | test.c:15:14:15:15 | p0 | p0 | diff --git a/c/misra/test/rules/RULE-1-5/SizeInReallocCallMayBeZero.qlref b/c/misra/test/rules/RULE-1-5/SizeInReallocCallMayBeZero.qlref new file mode 100644 index 0000000000..1287327c5d --- /dev/null +++ b/c/misra/test/rules/RULE-1-5/SizeInReallocCallMayBeZero.qlref @@ -0,0 +1 @@ +rules/RULE-1-5/SizeInReallocCallMayBeZero.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-1-5/UngetcCallOnStreamPositionZero.expected b/c/misra/test/rules/RULE-1-5/UngetcCallOnStreamPositionZero.expected index 3a6f6bc821..98e7b34fbe 100644 --- a/c/misra/test/rules/RULE-1-5/UngetcCallOnStreamPositionZero.expected +++ b/c/misra/test/rules/RULE-1-5/UngetcCallOnStreamPositionZero.expected @@ -1,8 +1,8 @@ edges -| test.c:38:16:38:20 | call to fopen indirection | test.c:40:15:40:18 | file indirection | +| test.c:39:16:39:20 | call to fopen indirection | test.c:41:15:41:18 | file indirection | nodes -| test.c:38:16:38:20 | call to fopen indirection | semmle.label | call to fopen indirection | -| test.c:40:15:40:18 | file indirection | semmle.label | file indirection | +| test.c:39:16:39:20 | call to fopen indirection | semmle.label | call to fopen indirection | +| test.c:41:15:41:18 | file indirection | semmle.label | file indirection | subpaths #select -| test.c:40:15:40:18 | file indirection | test.c:38:16:38:20 | call to fopen indirection | test.c:40:15:40:18 | file indirection | Obsolescent call to ungetc on file stream $@ at position zero. | test.c:38:16:38:20 | call to fopen indirection | call to fopen indirection | +| test.c:41:15:41:18 | file indirection | test.c:39:16:39:20 | call to fopen indirection | test.c:41:15:41:18 | file indirection | Obsolescent call to ungetc on file stream $@ at position zero. | test.c:39:16:39:20 | call to fopen indirection | call to fopen indirection | diff --git a/c/misra/test/rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.expected b/c/misra/test/rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.expected index bc903de094..edd607c52f 100644 --- a/c/misra/test/rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.expected +++ b/c/misra/test/rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.expected @@ -1 +1 @@ -| test.c:28:18:28:36 | ATOMIC_VAR_INIT(value) | Usage of macro ATOMIC_VAR_INIT() is declared obscelescent in C18, and discouraged in earlier C versions. | +| test.c:29:18:29:36 | ATOMIC_VAR_INIT(value) | Usage of macro ATOMIC_VAR_INIT() is declared obscelescent in C18, and discouraged in earlier C versions. | diff --git a/c/misra/test/rules/RULE-1-5/test.c b/c/misra/test/rules/RULE-1-5/test.c index 38d701c44b..52144bad13 100644 --- a/c/misra/test/rules/RULE-1-5/test.c +++ b/c/misra/test/rules/RULE-1-5/test.c @@ -3,15 +3,16 @@ #include "stdio.h" #include "stdlib.h" -void f1(void) { +void f1(int p0) { // malloc() is not obsolete, though it is banned by Rule 21.3 int *t = malloc(10); // COMPLIANT - // Obsolete usage of realloc. - realloc(t, 0); // NON-COMPLIANT - // Valid usage of realloc, but all use of realloc is banned by Rule 21.3 realloc(t, 20); // NON-COMPLIANT + + // Obsolete usage of realloc. + realloc(t, 0); // NON-COMPLIANT + realloc(t, p0); // NON-COMPLIANT } extern const int g1; // COMPLIANT diff --git a/cpp/common/src/codingstandards/cpp/Realloc.qll b/cpp/common/src/codingstandards/cpp/Realloc.qll new file mode 100644 index 0000000000..71acb7d7b1 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/Realloc.qll @@ -0,0 +1,18 @@ +import cpp +import codingstandards.cpp.CodingStandards + +class ReallocCall extends FunctionCall { + ReallocCall() { getTarget().hasGlobalOrStdName("realloc") } + + Expr getSizeArgument() { result = getArgument(1) } + + predicate sizeIsExactlyZero() { + upperBound(getSizeArgument().getConversion()) = 0 and + lowerBound(getSizeArgument().getConversion()) = 0 + } + + predicate sizeMayBeZero() { + upperBound(getSizeArgument().getConversion()) >= 0 and + lowerBound(getSizeArgument().getConversion()) <= 0 + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Language4.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Language4.qll index 7bca9feefc..b4391ff5c2 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Language4.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Language4.qll @@ -11,7 +11,8 @@ newtype Language4Query = TInvalidDefineOrUndefOfStdBoolMacroQuery() or TCallToObsolescentFunctionGetsQuery() or TUngetcCallOnStreamPositionZeroQuery() or - TCallToReallocWithSizeZeroQuery() + TSizeInReallocCallMayBeZeroQuery() or + TSizeInReallocCallIsZeroQuery() predicate isLanguage4QueryMetadata(Query query, string queryId, string ruleId, string category) { query = @@ -78,11 +79,20 @@ predicate isLanguage4QueryMetadata(Query query, string queryId, string ruleId, s category = "required" or query = - // `Query` instance for the `callToReallocWithSizeZero` query - Language4Package::callToReallocWithSizeZeroQuery() and + // `Query` instance for the `sizeInReallocCallMayBeZero` query + Language4Package::sizeInReallocCallMayBeZeroQuery() and queryId = - // `@id` for the `callToReallocWithSizeZero` query - "c/misra/call-to-realloc-with-size-zero" and + // `@id` for the `sizeInReallocCallMayBeZero` query + "c/misra/size-in-realloc-call-may-be-zero" and + ruleId = "RULE-1-5" and + category = "required" + or + query = + // `Query` instance for the `sizeInReallocCallIsZero` query + Language4Package::sizeInReallocCallIsZeroQuery() and + queryId = + // `@id` for the `sizeInReallocCallIsZero` query + "c/misra/size-in-realloc-call-is-zero" and ruleId = "RULE-1-5" and category = "required" } @@ -137,10 +147,17 @@ module Language4Package { TQueryC(TLanguage4PackageQuery(TUngetcCallOnStreamPositionZeroQuery())) } - Query callToReallocWithSizeZeroQuery() { + Query sizeInReallocCallMayBeZeroQuery() { + //autogenerate `Query` type + result = + // `Query` type for `sizeInReallocCallMayBeZero` query + TQueryC(TLanguage4PackageQuery(TSizeInReallocCallMayBeZeroQuery())) + } + + Query sizeInReallocCallIsZeroQuery() { //autogenerate `Query` type result = - // `Query` type for `callToReallocWithSizeZero` query - TQueryC(TLanguage4PackageQuery(TCallToReallocWithSizeZeroQuery())) + // `Query` type for `sizeInReallocCallIsZero` query + TQueryC(TLanguage4PackageQuery(TSizeInReallocCallIsZeroQuery())) } } diff --git a/rule_packages/c/Language4.json b/rule_packages/c/Language4.json index fb448bd8a3..fdc11924f4 100644 --- a/rule_packages/c/Language4.json +++ b/rule_packages/c/Language4.json @@ -102,10 +102,22 @@ { "description": "Invoking realloc with a size argument set to zero is implementation-defined behavior and declared as an obsolete feature in C18.", "kind": "problem", - "name": "Disallowed size argument value equal to zero in call to realloc", + "name": "Size argument value in realloc call may equal zero", + "precision": "medium", + "severity": "error", + "short_name": "SizeInReallocCallMayBeZero", + "tags": [ + "correctness", + "external/misra/c/2012/amendment3" + ] + }, + { + "description": "Invoking realloc with a size argument set to zero is implementation-defined behavior and declared as an obsolete feature in C18.", + "kind": "problem", + "name": "Size argument value in realloc call is equal zero", "precision": "very-high", "severity": "error", - "short_name": "CallToReallocWithSizeZero", + "short_name": "SizeInReallocCallIsZero", "tags": [ "correctness", "external/misra/c/2012/amendment3" From cb0785575cf7fad87a01d045d37a25cc98c56794 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 20 Oct 2024 22:50:47 +0100 Subject: [PATCH 2165/2573] Rule 8.13: Handle multiple copies If the same code is compiled multiple times, variables may be const in one case but non-const in another. Handle this by requiring all such copies to be const-able before flagging. --- ...interShouldPointToConstTypeWhenPossible.ql | 66 ++++++++++++------- 1 file changed, 42 insertions(+), 24 deletions(-) diff --git a/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql b/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql index 8b405d138c..a9fd7155a4 100644 --- a/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql +++ b/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql @@ -18,29 +18,47 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.Pointers import codingstandards.cpp.SideEffect +import codingstandards.cpp.alertreporting.HoldsForAllCopies -from Variable ptr, PointerOrArrayType type +class NonConstPointerVariableCandidate extends Variable { + NonConstPointerVariableCandidate() { + // Avoid elements in macro expansions, as they cannot be equated across copies + not this.isInMacroExpansion() and + exists(PointerOrArrayType type | + // include only pointers which point to a const-qualified type + this.getType() = type and + not type.isDeeplyConstBelow() + ) and + // exclude pointers passed as arguments to functions which take a + // parameter that points to a non-const-qualified type + not exists(FunctionCall fc, int i | + fc.getArgument(i) = this.getAnAccess() and + not fc.getTarget().getParameter(i).getType().isDeeplyConstBelow() + ) and + // exclude any pointers which have their underlying data modified + not exists(VariableEffect effect | + effect.getTarget() = this and + // but not pointers that are only themselves modified + not effect.(AssignExpr).getLValue() = effect.getAnAccess() and + not effect.(CrementOperation).getOperand() = effect.getAnAccess() + ) and + // exclude pointers assigned to another pointer to a non-const-qualified type + not exists(Variable a | + a.getAnAssignedValue() = this.getAnAccess() and + not a.getType().(PointerOrArrayType).isDeeplyConstBelow() + ) + } +} + +/** + * Ensure that all copies of a variable are considered to be missing const qualification to avoid + * false positives where a variable is only used/modified in a single copy. + */ +class NonConstPointerVariable = + HoldsForAllCopies::LogicalResultElement; + +from NonConstPointerVariable ptr where - not isExcluded(ptr, Pointers1Package::pointerShouldPointToConstTypeWhenPossibleQuery()) and - // include only pointers which point to a const-qualified type - ptr.getType() = type and - not type.isDeeplyConstBelow() and - // exclude pointers passed as arguments to functions which take a - // parameter that points to a non-const-qualified type - not exists(FunctionCall fc, int i | - fc.getArgument(i) = ptr.getAnAccess() and - not fc.getTarget().getParameter(i).getType().isDeeplyConstBelow() - ) and - // exclude any pointers which have their underlying data modified - not exists(VariableEffect effect | - effect.getTarget() = ptr and - // but not pointers that are only themselves modified - not effect.(AssignExpr).getLValue() = effect.getAnAccess() and - not effect.(CrementOperation).getOperand() = effect.getAnAccess() - ) and - // exclude pointers assigned to another pointer to a non-const-qualified type - not exists(Variable a | - a.getAnAssignedValue() = ptr.getAnAccess() and - not a.getType().(PointerOrArrayType).isDeeplyConstBelow() - ) -select ptr, "$@ points to a non-const-qualified type.", ptr, ptr.getName() + not isExcluded(ptr.getAnElementInstance(), + Pointers1Package::pointerShouldPointToConstTypeWhenPossibleQuery()) +select ptr, "$@ points to a non-const-qualified type.", ptr, ptr.getAnElementInstance().getName() From 4aacef197f7ecb0fb149151031997ff2fe3422c5 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 20 Oct 2024 23:03:19 +0100 Subject: [PATCH 2166/2573] Rule 8.13: Exclude results in ASM functions --- .../PointerShouldPointToConstTypeWhenPossible.ql | 2 ++ c/misra/test/rules/RULE-8-13/test.c | 9 +++++++++ 2 files changed, 11 insertions(+) diff --git a/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql b/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql index a9fd7155a4..312662fe30 100644 --- a/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql +++ b/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql @@ -22,6 +22,8 @@ import codingstandards.cpp.alertreporting.HoldsForAllCopies class NonConstPointerVariableCandidate extends Variable { NonConstPointerVariableCandidate() { + // Ignore variables in functions that use ASM commands + not exists(AsmStmt a | a.getEnclosingFunction() = this.(LocalScopeVariable).getFunction()) and // Avoid elements in macro expansions, as they cannot be equated across copies not this.isInMacroExpansion() and exists(PointerOrArrayType type | diff --git a/c/misra/test/rules/RULE-8-13/test.c b/c/misra/test/rules/RULE-8-13/test.c index 1ac9e5028c..8c469e290c 100644 --- a/c/misra/test/rules/RULE-8-13/test.c +++ b/c/misra/test/rules/RULE-8-13/test.c @@ -75,4 +75,13 @@ char *f16(char *p1) { // NON_COMPLIANT int f17(char *p1) { // NON_COMPLIANT p1++; return 0; +} + +#include + +int16_t +test_r(int16_t *value) { // COMPLIANT - ignored because of the use of ASM + int16_t result; + __asm__("movb %bh (%eax)"); + return result; } \ No newline at end of file From f4f11605c5643d531b8c605a7574ffd160988939 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 20 Oct 2024 23:28:35 +0100 Subject: [PATCH 2167/2573] Rule 8.13: Correctly handle assignment into structs --- .../PointerShouldPointToConstTypeWhenPossible.ql | 4 ++-- ...ointerShouldPointToConstTypeWhenPossible.expected | 1 + c/misra/test/rules/RULE-8-13/test.c | 12 ++++++++++++ 3 files changed, 15 insertions(+), 2 deletions(-) diff --git a/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql b/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql index 312662fe30..0150e39cb3 100644 --- a/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql +++ b/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql @@ -41,8 +41,8 @@ class NonConstPointerVariableCandidate extends Variable { not exists(VariableEffect effect | effect.getTarget() = this and // but not pointers that are only themselves modified - not effect.(AssignExpr).getLValue() = effect.getAnAccess() and - not effect.(CrementOperation).getOperand() = effect.getAnAccess() + not effect.(AssignExpr).getLValue() = this.getAnAccess() and + not effect.(CrementOperation).getOperand() = this.getAnAccess() ) and // exclude pointers assigned to another pointer to a non-const-qualified type not exists(Variable a | diff --git a/c/misra/test/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.expected b/c/misra/test/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.expected index 39dbf04763..23ab0828b2 100644 --- a/c/misra/test/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.expected +++ b/c/misra/test/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.expected @@ -12,3 +12,4 @@ | test.c:66:23:66:24 | p1 | $@ points to a non-const-qualified type. | test.c:66:23:66:24 | p1 | p1 | | test.c:71:17:71:18 | p1 | $@ points to a non-const-qualified type. | test.c:71:17:71:18 | p1 | p1 | | test.c:75:15:75:16 | p1 | $@ points to a non-const-qualified type. | test.c:75:15:75:16 | p1 | p1 | +| test.c:97:30:97:30 | s | $@ points to a non-const-qualified type. | test.c:97:30:97:30 | s | s | diff --git a/c/misra/test/rules/RULE-8-13/test.c b/c/misra/test/rules/RULE-8-13/test.c index 8c469e290c..7bd42a1d98 100644 --- a/c/misra/test/rules/RULE-8-13/test.c +++ b/c/misra/test/rules/RULE-8-13/test.c @@ -84,4 +84,16 @@ test_r(int16_t *value) { // COMPLIANT - ignored because of the use of ASM int16_t result; __asm__("movb %bh (%eax)"); return result; +} + +struct S { + int x; +}; + +void test_struct(struct S *s) { // COMPLIANT + s->x = 1; +} + +void test_struct_2(struct S *s) { // NON_COMPLIANT - could be const + s = 0; } \ No newline at end of file From 2976916569a0716880d28a47e59f1050027c0819 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 20 Oct 2024 23:34:45 +0100 Subject: [PATCH 2168/2573] Rule 8.13: Remove results in functions without bodies --- .../RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql | 2 ++ c/misra/test/rules/RULE-8-13/test.c | 5 ++++- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql b/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql index 0150e39cb3..23579965a8 100644 --- a/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql +++ b/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql @@ -22,6 +22,8 @@ import codingstandards.cpp.alertreporting.HoldsForAllCopies class NonConstPointerVariableCandidate extends Variable { NonConstPointerVariableCandidate() { + // Ignore parameters in functions without bodies + (this instanceof Parameter implies exists(this.(Parameter).getFunction().getBlock())) and // Ignore variables in functions that use ASM commands not exists(AsmStmt a | a.getEnclosingFunction() = this.(LocalScopeVariable).getFunction()) and // Avoid elements in macro expansions, as they cannot be equated across copies diff --git a/c/misra/test/rules/RULE-8-13/test.c b/c/misra/test/rules/RULE-8-13/test.c index 7bd42a1d98..75ec2febc3 100644 --- a/c/misra/test/rules/RULE-8-13/test.c +++ b/c/misra/test/rules/RULE-8-13/test.c @@ -96,4 +96,7 @@ void test_struct(struct S *s) { // COMPLIANT void test_struct_2(struct S *s) { // NON_COMPLIANT - could be const s = 0; -} \ No newline at end of file +} + +void test_no_body(int *p); // COMPLIANT - no body, so cannot evaluate whether it + // should be const \ No newline at end of file From 808554e093df1054ff8e521d4dede66a702525f6 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 20 Oct 2024 23:42:48 +0100 Subject: [PATCH 2169/2573] Rule 8.13: Expand ASM test --- .../RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql | 7 ++++++- .../PointerShouldPointToConstTypeWhenPossible.expected | 2 +- c/misra/test/rules/RULE-8-13/test.c | 6 ++++++ 3 files changed, 13 insertions(+), 2 deletions(-) diff --git a/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql b/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql index 23579965a8..f5cf07f8fc 100644 --- a/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql +++ b/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql @@ -25,7 +25,12 @@ class NonConstPointerVariableCandidate extends Variable { // Ignore parameters in functions without bodies (this instanceof Parameter implies exists(this.(Parameter).getFunction().getBlock())) and // Ignore variables in functions that use ASM commands - not exists(AsmStmt a | a.getEnclosingFunction() = this.(LocalScopeVariable).getFunction()) and + not exists(AsmStmt a | + a.getEnclosingFunction() = this.(LocalScopeVariable).getFunction() + or + // In a type declared locally + this.(Field).getDeclaringType+().getEnclosingFunction() = a.getEnclosingFunction() + ) and // Avoid elements in macro expansions, as they cannot be equated across copies not this.isInMacroExpansion() and exists(PointerOrArrayType type | diff --git a/c/misra/test/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.expected b/c/misra/test/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.expected index 23ab0828b2..e3e0963087 100644 --- a/c/misra/test/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.expected +++ b/c/misra/test/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.expected @@ -12,4 +12,4 @@ | test.c:66:23:66:24 | p1 | $@ points to a non-const-qualified type. | test.c:66:23:66:24 | p1 | p1 | | test.c:71:17:71:18 | p1 | $@ points to a non-const-qualified type. | test.c:71:17:71:18 | p1 | p1 | | test.c:75:15:75:16 | p1 | $@ points to a non-const-qualified type. | test.c:75:15:75:16 | p1 | p1 | -| test.c:97:30:97:30 | s | $@ points to a non-const-qualified type. | test.c:97:30:97:30 | s | s | +| test.c:103:30:103:30 | s | $@ points to a non-const-qualified type. | test.c:103:30:103:30 | s | s | diff --git a/c/misra/test/rules/RULE-8-13/test.c b/c/misra/test/rules/RULE-8-13/test.c index 75ec2febc3..7739f3aa77 100644 --- a/c/misra/test/rules/RULE-8-13/test.c +++ b/c/misra/test/rules/RULE-8-13/test.c @@ -82,6 +82,12 @@ int f17(char *p1) { // NON_COMPLIANT int16_t test_r(int16_t *value) { // COMPLIANT - ignored because of the use of ASM int16_t result; + struct S { + int *x; // COMPLIANT - ignored because of the use of ASM + struct S2 { + int *y; // COMPLIANT - ignored because of the use of ASM + } s2; + }; __asm__("movb %bh (%eax)"); return result; } From ccb20d5210c59be23a3f56ce37656fb0160b0f69 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 21 Oct 2024 00:00:58 +0100 Subject: [PATCH 2170/2573] Rule 8.13: Support crement operatios. --- c/misra/test/rules/RULE-8-13/test.c | 6 +++++- cpp/common/src/codingstandards/cpp/SideEffect.qll | 2 ++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/c/misra/test/rules/RULE-8-13/test.c b/c/misra/test/rules/RULE-8-13/test.c index 7739f3aa77..a2333d2a3d 100644 --- a/c/misra/test/rules/RULE-8-13/test.c +++ b/c/misra/test/rules/RULE-8-13/test.c @@ -105,4 +105,8 @@ void test_struct_2(struct S *s) { // NON_COMPLIANT - could be const } void test_no_body(int *p); // COMPLIANT - no body, so cannot evaluate whether it - // should be const \ No newline at end of file + // should be const + +void increment(int *p) { // COMPLIANT + *p++ = 1; +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/SideEffect.qll b/cpp/common/src/codingstandards/cpp/SideEffect.qll index 08cd9394d3..68fe2cd0cd 100644 --- a/cpp/common/src/codingstandards/cpp/SideEffect.qll +++ b/cpp/common/src/codingstandards/cpp/SideEffect.qll @@ -190,6 +190,8 @@ Expr getAnEffect(Expr base) { or exists(PointerDereferenceExpr e | e.getOperand() = base | result = getAnEffect(e)) or + exists(CrementOperation c | c.getOperand() = base | result = getAnEffect(c)) + or // local alias analysis, assume alias when data flows to derived type (pointer/reference) // auto ptr = &base; exists(VariableAccess va, AddressOfExpr addressOf | From e90a13397b5c79817dfd2ac293174abc4ba6822e Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 21 Oct 2024 00:01:13 +0100 Subject: [PATCH 2171/2573] Add change note. --- change_notes/2024-10-20-8-13-fixes.md | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 change_notes/2024-10-20-8-13-fixes.md diff --git a/change_notes/2024-10-20-8-13-fixes.md b/change_notes/2024-10-20-8-13-fixes.md new file mode 100644 index 0000000000..8b58ca821f --- /dev/null +++ b/change_notes/2024-10-20-8-13-fixes.md @@ -0,0 +1,5 @@ + - `RULE-8-13` - `PointerShouldPointToConstTypeWhenPossible.ql` + - Exclude false positives where a variable occurs in a file compiled multiple times, but where it may only be const in some of those scenarios. + - Exclude results for local scope variables in functions that use assembly code, as CodeQL cannot determine the impact of the assembly. + - Exclude false positives when an assignment is made to a struct field. + - Exclude false positives where the object pointed to by the variable is modified using `*p++ = ...`. \ No newline at end of file From 3dbdc9cb144b6f0b569b7e36117b79ece2844d82 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 21 Oct 2024 09:43:45 +0100 Subject: [PATCH 2172/2573] Update release note --- change_notes/2024-10-20-8-13-fixes.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/change_notes/2024-10-20-8-13-fixes.md b/change_notes/2024-10-20-8-13-fixes.md index 8b58ca821f..d771023456 100644 --- a/change_notes/2024-10-20-8-13-fixes.md +++ b/change_notes/2024-10-20-8-13-fixes.md @@ -2,4 +2,5 @@ - Exclude false positives where a variable occurs in a file compiled multiple times, but where it may only be const in some of those scenarios. - Exclude results for local scope variables in functions that use assembly code, as CodeQL cannot determine the impact of the assembly. - Exclude false positives when an assignment is made to a struct field. - - Exclude false positives where the object pointed to by the variable is modified using `*p++ = ...`. \ No newline at end of file + - Exclude false positives where the object pointed to by the variable is modified using `*p++ = ...`. + - Exclude false positives for functions without bodies. \ No newline at end of file From a02baeb18d5343d10570f2b8ca78a0b60c116e2d Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 21 Oct 2024 09:52:50 +0100 Subject: [PATCH 2173/2573] Update release note. --- change_notes/2024-10-20-8-13-fixes.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/change_notes/2024-10-20-8-13-fixes.md b/change_notes/2024-10-20-8-13-fixes.md index d771023456..6ee8e3a32c 100644 --- a/change_notes/2024-10-20-8-13-fixes.md +++ b/change_notes/2024-10-20-8-13-fixes.md @@ -3,4 +3,5 @@ - Exclude results for local scope variables in functions that use assembly code, as CodeQL cannot determine the impact of the assembly. - Exclude false positives when an assignment is made to a struct field. - Exclude false positives where the object pointed to by the variable is modified using `*p++ = ...`. - - Exclude false positives for functions without bodies. \ No newline at end of file + - Exclude false positives for functions without bodies. + - Rules that rely on the determination of side-effects of an expression may change as a result of considering `*p++ = ...` as having a side-effect on `p`. \ No newline at end of file From 7fb44731ccb32b740f4616e899293312f1d9f34a Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Mon, 21 Oct 2024 10:04:29 +0100 Subject: [PATCH 2174/2573] User manual: add assembly language as a hazard --- docs/user_manual.md | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/docs/user_manual.md b/docs/user_manual.md index db0f836339..949e2bb51a 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -26,8 +26,9 @@ | 0.18.0 | 2024-01-30 | Luke Cartey | Update product description and coverage table. | | 0.19.0 | 2024-02-23 | Remco Vermeulen | Clarify the required use of Python version 3.9. | | 0.20.0 | 2024-02-23 | Remco Vermeulen | Add table describing the permitted guideline re-categorizations. | -| 0.21.0 | 2024-05-01 | Luke Cartey | Add MISRA C++ 2023 as under development, and clarify MISRA C 2012 coverage. | -| 0.22.0 | 2024-10-02 | Luke Cartey | Add MISRA C 2023 as under development, and clarify MISRA C 2012 coverage. +| 0.21.0 | 2024-05-01 | Luke Cartey | Add MISRA C++ 2023 as under development, and clarify MISRA C 2012 coverage. | +| 0.22.0 | 2024-10-02 | Luke Cartey | Add MISRA C 2023 as under development, and clarify MISRA C 2012 coverage. | +| 0.23.0 | 2024-10-21 | Luke Cartey | Add assembly as a hazard. | ## Release information @@ -500,7 +501,7 @@ This section describes known failure modes for "CodeQL Coding Standards" and des | | Use of incorrect build command | Less output. Some files may be only be partially analyzed, or not analyzed at all. | Analysis integrity report lists all analyzed files, and must be crossed referenced with the list of files that are expected to be analyzed. | Ensure the build command corresponds to the build command that is used to build the release artifacts. | | | Incorrect build environment (e.g., concurrent builds writing to same file, overwriting translation unit/object file with different content) | Less or more output. Results are reported that are not violations of the guidelines or guideline violations are not reported | All reported results must be reviewed. | Ensure the build environment is configured to not use shared resources such as caches or artifact providers that can introduce race conditions. Report inconsistent results via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | Source root misspecification | Less output. The results cannot be correctly correlated to source files when viewing the resulting Sarif file in a Sarif viewer. | Verify that the reported results are display on the correct files in the Sarif viewer | Ensure the CodeQL CLI configured to use the correct source root that correspond to the root of the repository under consideration. | -| | Ouf of space | Less output. Some files may be only be partially analyzed, or not analyzed at all. | Error reported on the command line. | Increase space. If it remains an issue report space consumption issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | +| | Out of space | Less output. Some files may be only be partially analyzed, or not analyzed at all. | Error reported on the command line. | Increase space. If it remains an issue report space consumption issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False positives | More output. Results are reported which are not violations of the guidelines. | All reported results must be reviewed. | Report false positive issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False negatives | Less output. Violations of the guidelines are not reported. | Other validation and verification processes during software development should be used to complement the analysis performed by CodeQL Coding Standards. | Report false negative issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.36.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | @@ -508,6 +509,7 @@ This section describes known failure modes for "CodeQL Coding Standards" and des | | Incorrect deviation permit specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation permits with a reason. Ensure that all deviation permits are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Unapproved use of a deviation record | Less output. Results for guideline violations are not reported. | Validate that the deviation record use is approved by verifying the approved-by attribute of the deviation record specification. | Ensure that each raised deviation record is approved by an independent approver through an auditable process. | | | Incorrect database. The information extracted by the CodeQL extractor deviates from what the compiler extracts resulting in an incorrect model of the source-code. | More or less output. Incorrect extraction can result in false positives or false negatives. | Combinations of supported compilers and CodeQL CLIs are tested against a [provided](https://github.com/github/codeql/tree/main/cpp/ql/test/library-tests) suite of test cases and a coding standards specific test suite to determine if the extracted information deviates from the expected information. | Report incorrect database issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | +| | Use of assembly language instructions, which are not inspected by CodeQL. | More or less output. Can result in false positives or false negatives. | Avoid the use of assembly language instructions where possible. Where unavoidable, encapasulate and isolate the use of assembly language in separate functions to limit impact. Careful manual review of all functions that use assembly language. | Ensure that all functions which use assembly language instructions are manually reviewed for compliance. | ## Reporting bugs From f5437d2d8c38e2fd8711c8db912713cdba1d35a8 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 21 Oct 2024 13:51:23 +0100 Subject: [PATCH 2175/2573] Add an "Includes" library for detecting conditional includes --- .../src/codingstandards/cpp/Includes.qll | 31 +++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 cpp/common/src/codingstandards/cpp/Includes.qll diff --git a/cpp/common/src/codingstandards/cpp/Includes.qll b/cpp/common/src/codingstandards/cpp/Includes.qll new file mode 100644 index 0000000000..bb72dafeda --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/Includes.qll @@ -0,0 +1,31 @@ +/** A library which supports analysis of includes. */ + +import cpp +import semmle.code.cpp.headers.MultipleInclusion + +/** + * Holds if `include` is included conditionally based on the branch directive `b1`. + */ +predicate conditionallyIncluded(PreprocessorBranchDirective b1, Include include) { + exists(File f, int include1StartLine | + not b1 = any(CorrectIncludeGuard c).getIfndef() and + not b1.getHead().regexpMatch(".*_H(_.*)?") and + include.getLocation().hasLocationInfo(f.getAbsolutePath(), include1StartLine, _, _, _) and + f.getAbsolutePath() = b1.getFile().getAbsolutePath() + | + b1.getLocation().getStartLine() < include1StartLine and + b1.getNext().getLocation().getStartLine() > include1StartLine + ) +} + +/** + * Gets a file which is directly included from `fromFile` unconditionally. + */ +File getAnUnconditionallyIncludedFile(File fromFile) { + // Find an include which isn't conditional + exists(Include i | + i.getFile() = fromFile and + not conditionallyIncluded(_, i) and + result = i.getIncludedFile() + ) +} From 650842bce1e1a1245913fdcd15db95c8248d46ea Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 21 Oct 2024 13:51:58 +0100 Subject: [PATCH 2176/2573] PreprocessDirectives: Add detection for conditionally defined macros Add helper predicates for identifying macros defined in conditional blocks, and pairs of macros which are mutually exclusive. --- .../cpp/PreprocessorDirective.qll | 67 +++++++++++++++++++ 1 file changed, 67 insertions(+) diff --git a/cpp/common/src/codingstandards/cpp/PreprocessorDirective.qll b/cpp/common/src/codingstandards/cpp/PreprocessorDirective.qll index fe619e5317..5f360e4d31 100644 --- a/cpp/common/src/codingstandards/cpp/PreprocessorDirective.qll +++ b/cpp/common/src/codingstandards/cpp/PreprocessorDirective.qll @@ -40,3 +40,70 @@ class PreprocessorIfOrElif extends PreprocessorBranch { this instanceof PreprocessorElif } } + +/** + * Holds if the preprocessor directive `m` is located at `filepath` and `startline`. + */ +private predicate hasPreprocessorLocation(PreprocessorDirective m, string filepath, int startline) { + m.getLocation().hasLocationInfo(filepath, startline, _, _, _) +} + +/** + * Holds if `first` and `second` are a pair of branch directives in the same file, such that they + * share the same root if condition. + */ +pragma[noinline] +private predicate isBranchDirectivePair( + PreprocessorBranchDirective first, PreprocessorBranchDirective second, string filepath, + int b1StartLocation, int b2StartLocation +) { + first.getIf() = second.getIf() and + not first = second and + hasPreprocessorLocation(first, filepath, b1StartLocation) and + hasPreprocessorLocation(second, filepath, b2StartLocation) and + b1StartLocation < b2StartLocation +} + +/** + * Holds if `bd` is a branch directive in the range `filepath`, `startline`, `endline`. + */ +pragma[noinline] +predicate isBranchDirectiveRange( + PreprocessorBranchDirective bd, string filepath, int startline, int endline +) { + hasPreprocessorLocation(bd, filepath, startline) and + exists(PreprocessorBranchDirective next | + next = bd.getNext() and + // Avoid referencing filepath here, otherwise the optimiser will try to join + // on it + hasPreprocessorLocation(next, _, endline) + ) +} + +/** + * Holds if the macro `m` is defined within the branch directive `bd`. + */ +pragma[noinline] +predicate isMacroDefinedWithinBranch(PreprocessorBranchDirective bd, Macro m) { + exists(string filepath, int startline, int endline, int macroline | + isBranchDirectiveRange(bd, filepath, startline, endline) and + hasPreprocessorLocation(m, filepath, macroline) and + startline < macroline and + endline > macroline + ) +} + +/** + * Holds if the pair of macros are "conditional" i.e. only one of the macros is followed in any + * particular compilation of the containing file. + */ +predicate mutuallyExclusiveMacros(Macro firstMacro, Macro secondMacro) { + exists( + PreprocessorBranchDirective b1, PreprocessorBranchDirective b2, string filepath, + int b1StartLocation, int b2StartLocation + | + isBranchDirectivePair(b1, b2, filepath, b1StartLocation, b2StartLocation) and + isMacroDefinedWithinBranch(b1, firstMacro) and + isMacroDefinedWithinBranch(b2, secondMacro) + ) +} From 15430197f9c409cc0e4fb2ca4aacfdac6c43b0c8 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 21 Oct 2024 14:14:26 +0100 Subject: [PATCH 2177/2573] Includes: Improve performance --- .../src/codingstandards/cpp/Includes.qll | 26 ++++++++++++------- .../cpp/PreprocessorDirective.qll | 3 ++- 2 files changed, 18 insertions(+), 11 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Includes.qll b/cpp/common/src/codingstandards/cpp/Includes.qll index bb72dafeda..c0c66ae2f5 100644 --- a/cpp/common/src/codingstandards/cpp/Includes.qll +++ b/cpp/common/src/codingstandards/cpp/Includes.qll @@ -1,20 +1,26 @@ /** A library which supports analysis of includes. */ import cpp +import codingstandards.cpp.PreprocessorDirective import semmle.code.cpp.headers.MultipleInclusion +pragma[noinline] +private predicate hasIncludeLocation(Include include, string filepath, int startline) { + include.getLocation().hasLocationInfo(filepath, startline, _, _, _) +} + /** * Holds if `include` is included conditionally based on the branch directive `b1`. */ -predicate conditionallyIncluded(PreprocessorBranchDirective b1, Include include) { - exists(File f, int include1StartLine | - not b1 = any(CorrectIncludeGuard c).getIfndef() and - not b1.getHead().regexpMatch(".*_H(_.*)?") and - include.getLocation().hasLocationInfo(f.getAbsolutePath(), include1StartLine, _, _, _) and - f.getAbsolutePath() = b1.getFile().getAbsolutePath() - | - b1.getLocation().getStartLine() < include1StartLine and - b1.getNext().getLocation().getStartLine() > include1StartLine +pragma[noinline] +predicate isConditionallyIncluded(PreprocessorBranchDirective bd, Include include) { + not bd = any(CorrectIncludeGuard c).getIfndef() and + not bd.getHead().regexpMatch(".*_H(_.*)?") and + exists(string filepath, int startline, int endline, int includeline | + isBranchDirectiveRange(bd, filepath, startline, endline) and + hasIncludeLocation(include, filepath, includeline) and + startline < includeline and + endline > includeline ) } @@ -25,7 +31,7 @@ File getAnUnconditionallyIncludedFile(File fromFile) { // Find an include which isn't conditional exists(Include i | i.getFile() = fromFile and - not conditionallyIncluded(_, i) and + not isConditionallyIncluded(_, i) and result = i.getIncludedFile() ) } diff --git a/cpp/common/src/codingstandards/cpp/PreprocessorDirective.qll b/cpp/common/src/codingstandards/cpp/PreprocessorDirective.qll index 5f360e4d31..1f6cc140d8 100644 --- a/cpp/common/src/codingstandards/cpp/PreprocessorDirective.qll +++ b/cpp/common/src/codingstandards/cpp/PreprocessorDirective.qll @@ -44,7 +44,8 @@ class PreprocessorIfOrElif extends PreprocessorBranch { /** * Holds if the preprocessor directive `m` is located at `filepath` and `startline`. */ -private predicate hasPreprocessorLocation(PreprocessorDirective m, string filepath, int startline) { +pragma[noinline] +predicate hasPreprocessorLocation(PreprocessorDirective m, string filepath, int startline) { m.getLocation().hasLocationInfo(filepath, startline, _, _, _) } From 34abb425d726de2f6abd9095108620136642121d Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 21 Oct 2024 15:23:23 +0100 Subject: [PATCH 2178/2573] Rule 5.4: Exclude cases where the two macros are conditional - Macros in #ifndef MACRO_NAME blocks - Pairs of macros that exists in different #if/#elif/#else cases - Pairs of macros defined in files that are mutually exclusively included. - If the macros are used, they must be both occur in the same link target. --- .../RULE-5-4/MacroIdentifiersNotDistinct.ql | 45 ++++++++++++++++++- 1 file changed, 44 insertions(+), 1 deletion(-) diff --git a/c/misra/src/rules/RULE-5-4/MacroIdentifiersNotDistinct.ql b/c/misra/src/rules/RULE-5-4/MacroIdentifiersNotDistinct.ql index abd22068dd..8399524984 100644 --- a/c/misra/src/rules/RULE-5-4/MacroIdentifiersNotDistinct.ql +++ b/c/misra/src/rules/RULE-5-4/MacroIdentifiersNotDistinct.ql @@ -15,6 +15,25 @@ import cpp import codingstandards.c.misra +import codingstandards.cpp.Macro +import codingstandards.cpp.Includes +import codingstandards.cpp.PreprocessorDirective + +/** + * Gets a link target that this macro is expanded in. + */ +LinkTarget getALinkTarget(Macro m) { + exists(Element e | e = m.getAnInvocation().getAnAffectedElement() | + result = e.(Expr).getEnclosingFunction().getALinkTarget() + or + result = e.(Stmt).getEnclosingFunction().getALinkTarget() + or + exists(GlobalOrNamespaceVariable g | + result = g.getALinkTarget() and + g.getInitializer().getExpr().getAChild*() = e + ) + ) +} from Macro m, Macro m2 where @@ -30,7 +49,31 @@ where else m.getName() = m2.getName() ) and //reduce double report since both macros are in alert, arbitrary ordering - m.getLocation().getStartLine() >= m2.getLocation().getStartLine() + m.getLocation().getStartLine() >= m2.getLocation().getStartLine() and + // Not within an #ifndef MACRO_NAME + not exists(PreprocessorIfndef ifBranch | + m.getAGuard() = ifBranch or + m2.getAGuard() = ifBranch + | + ifBranch.getHead() = m.getName() + ) and + // Must be included unconditionally from the same file, otherwise m1 may not be defined + // when m2 is defined + exists(File f | + getAnUnconditionallyIncludedFile*(f) = m.getFile() and + getAnUnconditionallyIncludedFile*(f) = m2.getFile() + ) and + // Macros can't be mutually exclusive + not mutuallyExclusiveMacros(m, m2) and + not mutuallyExclusiveMacros(m2, m) and + // If at least one invocation exists for at least one of the macros, then they must share a link + // target - i.e. must both be expanded in the same context + ( + (exists(m.getAnInvocation()) and exists(m2.getAnInvocation())) + implies + // Must share a link target - e.g. must both be expanded in the same context + getALinkTarget(m) = getALinkTarget(m2) + ) select m, "Macro identifer " + m.getName() + " is nondistinct in first 63 characters, compared to $@.", m2, m2.getName() From 08c0aafd8ba03c62643f046ddcbf3ba41dff8868 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 21 Oct 2024 16:42:30 +0100 Subject: [PATCH 2179/2573] Rule 5.4: add conditional test cases --- .../MacroIdentifiersNotDistinct.expected | 2 ++ c/misra/test/rules/RULE-5-4/conditional.h | 11 +++++++++++ c/misra/test/rules/RULE-5-4/header1.h | 1 + c/misra/test/rules/RULE-5-4/header2.h | 1 + c/misra/test/rules/RULE-5-4/header3.h | 16 ++++++++++++++++ c/misra/test/rules/RULE-5-4/header4.h | 13 +++++++++++++ c/misra/test/rules/RULE-5-4/root1.c | 6 ++++++ c/misra/test/rules/RULE-5-4/root2.c | 3 +++ 8 files changed, 53 insertions(+) create mode 100644 c/misra/test/rules/RULE-5-4/conditional.h create mode 100644 c/misra/test/rules/RULE-5-4/header1.h create mode 100644 c/misra/test/rules/RULE-5-4/header2.h create mode 100644 c/misra/test/rules/RULE-5-4/header3.h create mode 100644 c/misra/test/rules/RULE-5-4/header4.h create mode 100644 c/misra/test/rules/RULE-5-4/root1.c create mode 100644 c/misra/test/rules/RULE-5-4/root2.c diff --git a/c/misra/test/rules/RULE-5-4/MacroIdentifiersNotDistinct.expected b/c/misra/test/rules/RULE-5-4/MacroIdentifiersNotDistinct.expected index 12507b2d3f..d31f32acb2 100644 --- a/c/misra/test/rules/RULE-5-4/MacroIdentifiersNotDistinct.expected +++ b/c/misra/test/rules/RULE-5-4/MacroIdentifiersNotDistinct.expected @@ -1,2 +1,4 @@ +| header3.h:7:1:7:24 | #define MULTIPLE_INCLUDE | Macro identifer MULTIPLE_INCLUDE is nondistinct in first 63 characters, compared to $@. | header4.h:1:1:1:24 | #define MULTIPLE_INCLUDE | MULTIPLE_INCLUDE | +| header3.h:14:1:14:21 | #define NOT_PROTECTED | Macro identifer NOT_PROTECTED is nondistinct in first 63 characters, compared to $@. | header4.h:12:1:12:23 | #define NOT_PROTECTED 1 | NOT_PROTECTED | | test.c:2:1:2:72 | #define iltiqzxgfqsgigwfuyntzghvzltueatcxqnqofnnvjyszmcsylyohvqaosjbqyyB | Macro identifer iltiqzxgfqsgigwfuyntzghvzltueatcxqnqofnnvjyszmcsylyohvqaosjbqyyB is nondistinct in first 63 characters, compared to $@. | test.c:1:1:1:72 | #define iltiqzxgfqsgigwfuyntzghvzltueatcxqnqofnnvjyszmcsylyohvqaosjbqyyA | iltiqzxgfqsgigwfuyntzghvzltueatcxqnqofnnvjyszmcsylyohvqaosjbqyyA | | test.c:8:1:8:31 | #define FUNCTION_MACRO(X) X + 1 | Macro identifer FUNCTION_MACRO is nondistinct in first 63 characters, compared to $@. | test.c:7:1:7:57 | #define FUNCTION_MACRO(FUNCTION_MACRO) FUNCTION_MACRO + 1 | FUNCTION_MACRO | diff --git a/c/misra/test/rules/RULE-5-4/conditional.h b/c/misra/test/rules/RULE-5-4/conditional.h new file mode 100644 index 0000000000..d30701c8e0 --- /dev/null +++ b/c/misra/test/rules/RULE-5-4/conditional.h @@ -0,0 +1,11 @@ +#ifdef FOO +#include "header1.h" +#else +#include "header2.h" +#endif + +#ifdef FOO +#define A_MACRO 1 // COMPLIANT +#else +#define A_MACRO 2 // COMPLIANT +#endif \ No newline at end of file diff --git a/c/misra/test/rules/RULE-5-4/header1.h b/c/misra/test/rules/RULE-5-4/header1.h new file mode 100644 index 0000000000..526f4fa659 --- /dev/null +++ b/c/misra/test/rules/RULE-5-4/header1.h @@ -0,0 +1 @@ +#define REPEATED 11 // COMPLIANT \ No newline at end of file diff --git a/c/misra/test/rules/RULE-5-4/header2.h b/c/misra/test/rules/RULE-5-4/header2.h new file mode 100644 index 0000000000..bd5dde123d --- /dev/null +++ b/c/misra/test/rules/RULE-5-4/header2.h @@ -0,0 +1 @@ +#define REPEATED 1 // COMPLIANT \ No newline at end of file diff --git a/c/misra/test/rules/RULE-5-4/header3.h b/c/misra/test/rules/RULE-5-4/header3.h new file mode 100644 index 0000000000..3aa82f5fd7 --- /dev/null +++ b/c/misra/test/rules/RULE-5-4/header3.h @@ -0,0 +1,16 @@ +#ifndef HEADER3_H +#define HEADER3_H + +// We should ignore the header guards in this file + +// This is defined unconditionally by both header3.h and header4.h +#define MULTIPLE_INCLUDE // NON_COMPLIANT + +// This is redefined in header3.h, but only if it isn't already defined +#define PROTECTED // COMPLIANT + +// This is redefined in header3.h, but is conditional on some other condition, +// so this is redefined +#define NOT_PROTECTED // NON_COMPLIANT + +#endif \ No newline at end of file diff --git a/c/misra/test/rules/RULE-5-4/header4.h b/c/misra/test/rules/RULE-5-4/header4.h new file mode 100644 index 0000000000..8fa6e8b5e8 --- /dev/null +++ b/c/misra/test/rules/RULE-5-4/header4.h @@ -0,0 +1,13 @@ +#define MULTIPLE_INCLUDE // NON_COMPLIANT + +// This case is triggered from root2.c +// because PROTECTED isn't defined in +// that case +#ifndef PROTECTED +#define PROTECTED // COMPLIANT - checked by guard +#endif + +// Always enabled, so conflicts in root1.c case +#ifdef MULTIPLE_INCLUDE +#define NOT_PROTECTED 1 // NON_COMPLIANT +#endif diff --git a/c/misra/test/rules/RULE-5-4/root1.c b/c/misra/test/rules/RULE-5-4/root1.c new file mode 100644 index 0000000000..98a94abed5 --- /dev/null +++ b/c/misra/test/rules/RULE-5-4/root1.c @@ -0,0 +1,6 @@ +#define FOO 1 +#include "conditional.h" + +// Both headers define MULTIPLE_INCLUDE +#include "header3.h" +#include "header4.h" \ No newline at end of file diff --git a/c/misra/test/rules/RULE-5-4/root2.c b/c/misra/test/rules/RULE-5-4/root2.c new file mode 100644 index 0000000000..39926b9b1e --- /dev/null +++ b/c/misra/test/rules/RULE-5-4/root2.c @@ -0,0 +1,3 @@ +#include "conditional.h" + +#include "header4.h" \ No newline at end of file From 671620fb96e777fb38c90fb769f6c13190a0929c Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 21 Oct 2024 21:15:02 +0100 Subject: [PATCH 2180/2573] Rule 5.4: Improve alert message, ensure efficient performance --- .../RULE-5-4/MacroIdentifiersNotDistinct.ql | 59 +++++++++++++++---- .../MacroIdentifiersNotDistinct.expected | 6 +- 2 files changed, 49 insertions(+), 16 deletions(-) diff --git a/c/misra/src/rules/RULE-5-4/MacroIdentifiersNotDistinct.ql b/c/misra/src/rules/RULE-5-4/MacroIdentifiersNotDistinct.ql index 8399524984..ed124692e5 100644 --- a/c/misra/src/rules/RULE-5-4/MacroIdentifiersNotDistinct.ql +++ b/c/misra/src/rules/RULE-5-4/MacroIdentifiersNotDistinct.ql @@ -19,23 +19,52 @@ import codingstandards.cpp.Macro import codingstandards.cpp.Includes import codingstandards.cpp.PreprocessorDirective +/** + * Gets a top level element that this macro is expanded to, e.g. an element which does not also have + * an enclosing element in the macro. + */ +Element getATopLevelElement(MacroInvocation mi) { + result = mi.getAnExpandedElement() and + not result.getEnclosingElement() = mi.getAnExpandedElement() and + not result instanceof Conversion +} + /** * Gets a link target that this macro is expanded in. */ LinkTarget getALinkTarget(Macro m) { - exists(Element e | e = m.getAnInvocation().getAnAffectedElement() | + exists(MacroInvocation mi, Element e | + mi = m.getAnInvocation() and + e = getATopLevelElement(mi) + | result = e.(Expr).getEnclosingFunction().getALinkTarget() or result = e.(Stmt).getEnclosingFunction().getALinkTarget() or exists(GlobalOrNamespaceVariable g | result = g.getALinkTarget() and - g.getInitializer().getExpr().getAChild*() = e + g = e.(Expr).getEnclosingDeclaration() ) ) } -from Macro m, Macro m2 +/** + * Holds if the m1 and m2 are unconditionally included from a common file. + * + * Extracted out for performance reasons - otherwise the call to determine the file path for the + * message was specializing the calls to `getAnUnconditionallyIncludedFile*(..)` and causing + * slow performance. + */ +bindingset[m1, m2] +pragma[inline_late] +private predicate isIncludedUnconditionallyFromCommonFile(Macro m1, Macro m2) { + exists(File f | + getAnUnconditionallyIncludedFile*(f) = m1.getFile() and + getAnUnconditionallyIncludedFile*(f) = m2.getFile() + ) +} + +from Macro m, Macro m2, string message where not isExcluded(m, Declarations1Package::macroIdentifiersNotDistinctQuery()) and not m = m2 and @@ -44,9 +73,18 @@ where //C90 states the first 31 characters of macro identifiers are significant and is not currently considered by this rule //ie an identifier differing on the 32nd character would be indistinct for C90 but distinct for C99 //and is currently not reported by this rule - if m.getName().length() >= 64 - then m.getName().prefix(63) = m2.getName().prefix(63) - else m.getName() = m2.getName() + if m.getName().length() >= 64 and not m.getName() = m2.getName() + then ( + m.getName().prefix(63) = m2.getName().prefix(63) and + message = + "Macro identifer " + m.getName() + " is nondistinct in first 63 characters, compared to $@." + ) else ( + m.getName() = m2.getName() and + message = + "Definition of macro " + m.getName() + + " is not distinct from alternative definition of $@ in " + + m2.getLocation().getFile().getRelativePath() + "." + ) ) and //reduce double report since both macros are in alert, arbitrary ordering m.getLocation().getStartLine() >= m2.getLocation().getStartLine() and @@ -59,10 +97,7 @@ where ) and // Must be included unconditionally from the same file, otherwise m1 may not be defined // when m2 is defined - exists(File f | - getAnUnconditionallyIncludedFile*(f) = m.getFile() and - getAnUnconditionallyIncludedFile*(f) = m2.getFile() - ) and + isIncludedUnconditionallyFromCommonFile(m, m2) and // Macros can't be mutually exclusive not mutuallyExclusiveMacros(m, m2) and not mutuallyExclusiveMacros(m2, m) and @@ -74,6 +109,4 @@ where // Must share a link target - e.g. must both be expanded in the same context getALinkTarget(m) = getALinkTarget(m2) ) -select m, - "Macro identifer " + m.getName() + " is nondistinct in first 63 characters, compared to $@.", m2, - m2.getName() +select m, message, m2, m2.getName() diff --git a/c/misra/test/rules/RULE-5-4/MacroIdentifiersNotDistinct.expected b/c/misra/test/rules/RULE-5-4/MacroIdentifiersNotDistinct.expected index d31f32acb2..d44164d116 100644 --- a/c/misra/test/rules/RULE-5-4/MacroIdentifiersNotDistinct.expected +++ b/c/misra/test/rules/RULE-5-4/MacroIdentifiersNotDistinct.expected @@ -1,4 +1,4 @@ -| header3.h:7:1:7:24 | #define MULTIPLE_INCLUDE | Macro identifer MULTIPLE_INCLUDE is nondistinct in first 63 characters, compared to $@. | header4.h:1:1:1:24 | #define MULTIPLE_INCLUDE | MULTIPLE_INCLUDE | -| header3.h:14:1:14:21 | #define NOT_PROTECTED | Macro identifer NOT_PROTECTED is nondistinct in first 63 characters, compared to $@. | header4.h:12:1:12:23 | #define NOT_PROTECTED 1 | NOT_PROTECTED | +| header3.h:7:1:7:24 | #define MULTIPLE_INCLUDE | Definition of macro MULTIPLE_INCLUDE is not distinct from alternative definition of $@ in rules/RULE-5-4/header4.h. | header4.h:1:1:1:24 | #define MULTIPLE_INCLUDE | MULTIPLE_INCLUDE | +| header3.h:14:1:14:21 | #define NOT_PROTECTED | Definition of macro NOT_PROTECTED is not distinct from alternative definition of $@ in rules/RULE-5-4/header4.h. | header4.h:12:1:12:23 | #define NOT_PROTECTED 1 | NOT_PROTECTED | | test.c:2:1:2:72 | #define iltiqzxgfqsgigwfuyntzghvzltueatcxqnqofnnvjyszmcsylyohvqaosjbqyyB | Macro identifer iltiqzxgfqsgigwfuyntzghvzltueatcxqnqofnnvjyszmcsylyohvqaosjbqyyB is nondistinct in first 63 characters, compared to $@. | test.c:1:1:1:72 | #define iltiqzxgfqsgigwfuyntzghvzltueatcxqnqofnnvjyszmcsylyohvqaosjbqyyA | iltiqzxgfqsgigwfuyntzghvzltueatcxqnqofnnvjyszmcsylyohvqaosjbqyyA | -| test.c:8:1:8:31 | #define FUNCTION_MACRO(X) X + 1 | Macro identifer FUNCTION_MACRO is nondistinct in first 63 characters, compared to $@. | test.c:7:1:7:57 | #define FUNCTION_MACRO(FUNCTION_MACRO) FUNCTION_MACRO + 1 | FUNCTION_MACRO | +| test.c:8:1:8:31 | #define FUNCTION_MACRO(X) X + 1 | Definition of macro FUNCTION_MACRO is not distinct from alternative definition of $@ in rules/RULE-5-4/test.c. | test.c:7:1:7:57 | #define FUNCTION_MACRO(FUNCTION_MACRO) FUNCTION_MACRO + 1 | FUNCTION_MACRO | From 892cb965e612dbf8c602fadfdea59499e5cf8bf3 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 21 Oct 2024 21:15:30 +0100 Subject: [PATCH 2181/2573] Add change note --- change_notes/2024-10-21-rule-5-4-conditional.md | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 change_notes/2024-10-21-rule-5-4-conditional.md diff --git a/change_notes/2024-10-21-rule-5-4-conditional.md b/change_notes/2024-10-21-rule-5-4-conditional.md new file mode 100644 index 0000000000..cfc22f3642 --- /dev/null +++ b/change_notes/2024-10-21-rule-5-4-conditional.md @@ -0,0 +1,3 @@ + - `RULE-5-4` - `MacroIdentifiersNotDistinct.ql`: + - Exclude false positives related to conditional compilation, where a macro may be defined twice, but not within the same compilation. + - Improve alert message in the case the 63 char limit is not relevant by using the form "Definition of macro `` is not distinct from alternative definition of `` in ``. \ No newline at end of file From 8e830bc3f5cae97e7169b5d7f7a9c229abd35e26 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 21 Oct 2024 23:00:53 +0100 Subject: [PATCH 2182/2573] RULE-1-3: Improve detection of standard compliant main functions - Improve alert message to report the undefined behavior triggered. - Address both false positives and false negatives in identifying standard compliant main methods. Previously, `void main()` was considered permitted and `int main(void)` banned. In addition, we now detect main methods as standard compliant if they use typedefs, and if arrays are used in the definition of `argv`. --- .../codingstandards/c/UndefinedBehavior.qll | 39 +++++++++++++++---- .../RULE-1-3/OccurrenceOfUndefinedBehavior.ql | 2 +- .../OccurrenceOfUndefinedBehavior.expected | 13 ++++--- c/misra/test/rules/RULE-1-3/test.c | 39 +++++++++++++++---- change_notes/2024-10-21-rule-1-3-main.md | 3 ++ 5 files changed, 76 insertions(+), 20 deletions(-) create mode 100644 change_notes/2024-10-21-rule-1-3-main.md diff --git a/c/common/src/codingstandards/c/UndefinedBehavior.qll b/c/common/src/codingstandards/c/UndefinedBehavior.qll index 5c9dc230d8..bbbb08678b 100644 --- a/c/common/src/codingstandards/c/UndefinedBehavior.qll +++ b/c/common/src/codingstandards/c/UndefinedBehavior.qll @@ -6,28 +6,53 @@ import codingstandards.cpp.UndefinedBehavior */ abstract class CUndefinedBehavior extends UndefinedBehavior { } +class PointerOrArrayType extends DerivedType { + PointerOrArrayType() { + this instanceof PointerType or + this instanceof ArrayType + } +} + +Type get(Function main) { + main.getName() = "main" and + main.getNumberOfParameters() = 2 and + main.getType().getUnderlyingType() instanceof IntType and + main.getParameter(0).getType().getUnderlyingType() instanceof IntType and + result = main.getParameter(1).getType().getUnderlyingType().(PointerOrArrayType).getBaseType() +} + +/** + * A function which has the signature - but not the name - of a main function. + */ class C99MainFunction extends Function { C99MainFunction() { this.getNumberOfParameters() = 2 and - this.getType() instanceof IntType and - this.getParameter(0).getType() instanceof IntType and - this.getParameter(1).getType().(PointerType).getBaseType().(PointerType).getBaseType() - instanceof CharType + this.getType().getUnderlyingType() instanceof IntType and + this.getParameter(0).getType().getUnderlyingType() instanceof IntType and + this.getParameter(1) + .getType() + .getUnderlyingType() + .(PointerOrArrayType) + .getBaseType() + .(PointerOrArrayType) + .getBaseType() instanceof CharType or this.getNumberOfParameters() = 0 and - this.getType() instanceof VoidType + // Must be explicitly declared as `int main(void)`. + this.getADeclarationEntry().hasVoidParamList() and + this.getType().getUnderlyingType() instanceof IntType } } class CUndefinedMainDefinition extends CUndefinedBehavior, Function { CUndefinedMainDefinition() { // for testing purposes, we use the prefix ____codeql_coding_standards` - (this.getName() = "main" or this.getName().indexOf("____codeql_coding_standards") = 0) and + (this.getName() = "main" or this.getName().indexOf("____codeql_coding_standards_main") = 0) and not this instanceof C99MainFunction } override string getReason() { result = - "The behavior of the program is undefined because the main function is not defined according to the C standard." + "main function may trigger undefined behavior because it is not in one of the formats specified by the C standard." } } diff --git a/c/misra/src/rules/RULE-1-3/OccurrenceOfUndefinedBehavior.ql b/c/misra/src/rules/RULE-1-3/OccurrenceOfUndefinedBehavior.ql index 53f72e6bee..00ef875985 100644 --- a/c/misra/src/rules/RULE-1-3/OccurrenceOfUndefinedBehavior.ql +++ b/c/misra/src/rules/RULE-1-3/OccurrenceOfUndefinedBehavior.ql @@ -18,4 +18,4 @@ import codingstandards.c.UndefinedBehavior from CUndefinedBehavior c where not isExcluded(c, Language3Package::occurrenceOfUndefinedBehaviorQuery()) -select c, "May result in undefined behavior." +select c, c.getReason() diff --git a/c/misra/test/rules/RULE-1-3/OccurrenceOfUndefinedBehavior.expected b/c/misra/test/rules/RULE-1-3/OccurrenceOfUndefinedBehavior.expected index 68216d500f..1e57f92e4a 100644 --- a/c/misra/test/rules/RULE-1-3/OccurrenceOfUndefinedBehavior.expected +++ b/c/misra/test/rules/RULE-1-3/OccurrenceOfUndefinedBehavior.expected @@ -1,5 +1,8 @@ -| test.c:8:6:8:35 | ____codeql_coding_standards_m2 | May result in undefined behavior. | -| test.c:11:5:11:34 | ____codeql_coding_standards_m3 | May result in undefined behavior. | -| test.c:15:5:15:34 | ____codeql_coding_standards_m4 | May result in undefined behavior. | -| test.c:19:5:19:34 | ____codeql_coding_standards_m5 | May result in undefined behavior. | -| test.c:23:5:23:34 | ____codeql_coding_standards_m6 | May result in undefined behavior. | +| test.c:4:6:4:38 | ____codeql_coding_standards_main1 | main function may trigger undefined behavior because it is not in one of the formats specified by the C standard. | +| test.c:8:5:8:37 | ____codeql_coding_standards_main2 | main function may trigger undefined behavior because it is not in one of the formats specified by the C standard. | +| test.c:27:5:27:37 | ____codeql_coding_standards_main6 | main function may trigger undefined behavior because it is not in one of the formats specified by the C standard. | +| test.c:32:6:32:38 | ____codeql_coding_standards_main7 | main function may trigger undefined behavior because it is not in one of the formats specified by the C standard. | +| test.c:36:5:36:37 | ____codeql_coding_standards_main8 | main function may trigger undefined behavior because it is not in one of the formats specified by the C standard. | +| test.c:40:5:40:37 | ____codeql_coding_standards_main9 | main function may trigger undefined behavior because it is not in one of the formats specified by the C standard. | +| test.c:44:5:44:38 | ____codeql_coding_standards_main10 | main function may trigger undefined behavior because it is not in one of the formats specified by the C standard. | +| test.c:48:5:48:38 | ____codeql_coding_standards_main11 | main function may trigger undefined behavior because it is not in one of the formats specified by the C standard. | diff --git a/c/misra/test/rules/RULE-1-3/test.c b/c/misra/test/rules/RULE-1-3/test.c index 190cff4000..fd54959f56 100644 --- a/c/misra/test/rules/RULE-1-3/test.c +++ b/c/misra/test/rules/RULE-1-3/test.c @@ -1,25 +1,50 @@ -void main(void) { // COMPLIANT +int main(void) { // COMPLIANT } -int ____codeql_coding_standards_m1(int argc, char **argv) { // NON_COMPLIANT +void ____codeql_coding_standards_main1(void) { // NON_COMPLIANT return 0; } -void ____codeql_coding_standards_m2(char *argc, char **argv) { // NON_COMPLIANT +int ____codeql_coding_standards_main2() { // NON_COMPLIANT + return 0; +} + +int ____codeql_coding_standards_main3(int argc, char **argv) { // COMPLIANT + return 0; +} + +int ____codeql_coding_standards_main4(int argc, char argv[][]) { // COMPLIANT + return 0; +} + +int ____codeql_coding_standards_main5(int argc, char *argv[]) { // COMPLIANT + return 0; +} + +typedef int MY_INT; +typedef char *MY_CHAR_PTR; + +int ____codeql_coding_standards_main6(MY_INT argc, + MY_CHAR_PTR argv[]) { // COMPLIANT + return 0; +} + +void ____codeql_coding_standards_main7(char *argc, + char **argv) { // NON_COMPLIANT } -int ____codeql_coding_standards_m3(int argc, char *argv) { // NON_COMPLIANT +int ____codeql_coding_standards_main8(int argc, char *argv) { // NON_COMPLIANT return 0; } -int ____codeql_coding_standards_m4() { // NON_COMPLIANT +int ____codeql_coding_standards_main9() { // NON_COMPLIANT return 0; } -int ____codeql_coding_standards_m5(int argc, int *argv) { // NON_COMPLIANT +int ____codeql_coding_standards_main10(int argc, int *argv) { // NON_COMPLIANT return 0; } -int ____codeql_coding_standards_m6(int argc, int **argv) { // NON_COMPLIANT +int ____codeql_coding_standards_main11(int argc, int **argv) { // NON_COMPLIANT return 0; } diff --git a/change_notes/2024-10-21-rule-1-3-main.md b/change_notes/2024-10-21-rule-1-3-main.md new file mode 100644 index 0000000000..7bd8d4bd54 --- /dev/null +++ b/change_notes/2024-10-21-rule-1-3-main.md @@ -0,0 +1,3 @@ + - `RULE-1-3` - `OccurrenceOfUndefinedBehavior.ql`: + - Improve alert message to report the undefined behavior triggered. + - Address both false positives and false negatives in identifying standard compliant main methods. Previously, `void main()` was considered permitted and `int main(void)` banned. In addition, we now detect main methods as standard compliant if they use typedefs, and if arrays are used in the definition of `argv`. \ No newline at end of file From 9e5aa28e080b6205095fd5e5320b2fbc8ae11f58 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Mon, 21 Oct 2024 23:45:34 +0100 Subject: [PATCH 2183/2573] Increase CodeQL compilation cache size --- .github/workflows/code-scanning-pack-gen.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index 3965e7d26d..5a37353f19 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -97,8 +97,9 @@ jobs: CODEQL_HOME: ${{ github.workspace }}/codeql_home run: | PATH=$PATH:$CODEQL_HOME/codeql - - codeql query compile --precompile --threads 0 cpp c + # Precompile all queries, and use a compilation cache larger than default + # to ensure we cache all the queries for later steps + codeql query compile --precompile --threads 0 --compilation-cache-size=1024 cpp c cd .. zip -r codeql-coding-standards/code-scanning-cpp-query-pack.zip codeql-coding-standards/c/ codeql-coding-standards/cpp/ codeql-coding-standards/.codeqlmanifest.json codeql-coding-standards/supported_codeql_configs.json codeql-coding-standards/scripts/configuration codeql-coding-standards/scripts/reports codeql-coding-standards/scripts/shared codeql-coding-standards/scripts/guideline_recategorization codeql-coding-standards/schemas From 66b4267e37592389e7f60510bf852abe4b0a7915 Mon Sep 17 00:00:00 2001 From: Fernando Jose Date: Tue, 22 Oct 2024 15:12:51 +0900 Subject: [PATCH 2184/2573] Fix #755. --- change_notes/2024-10-22-fix-fp-m6-5-3.md | 2 ++ cpp/common/src/codingstandards/cpp/Loops.qll | 4 ++-- 2 files changed, 4 insertions(+), 2 deletions(-) create mode 100644 change_notes/2024-10-22-fix-fp-m6-5-3.md diff --git a/change_notes/2024-10-22-fix-fp-m6-5-3.md b/change_notes/2024-10-22-fix-fp-m6-5-3.md new file mode 100644 index 0000000000..0d8ca573d9 --- /dev/null +++ b/change_notes/2024-10-22-fix-fp-m6-5-3.md @@ -0,0 +1,2 @@ +- `M6-5-3` - `Loops.qll`: + - Fixes #755. Specifies that the access to the loop counter must be via non-const address. diff --git a/cpp/common/src/codingstandards/cpp/Loops.qll b/cpp/common/src/codingstandards/cpp/Loops.qll index bfd68c49a0..aa3dc64ea5 100644 --- a/cpp/common/src/codingstandards/cpp/Loops.qll +++ b/cpp/common/src/codingstandards/cpp/Loops.qll @@ -204,7 +204,7 @@ predicate isLoopCounterModifiedInCondition(ForStmt forLoop, VariableAccess loopC loopCounterAccess = getAnIterationVariable(forLoop).getAnAccess() and ( loopCounterAccess.isModified() or - loopCounterAccess.isAddressOfAccess() + loopCounterAccess.isAddressOfAccessNonConst() ) } @@ -219,7 +219,7 @@ predicate isLoopCounterModifiedInStatement( loopCounterAccess = loopCounter.getAnAccess() and ( loopCounterAccess.isModified() or - loopCounterAccess.isAddressOfAccess() + loopCounterAccess.isAddressOfAccessNonConst() ) and forLoop.getStmt().getChildStmt*() = loopCounterAccess.getEnclosingStmt() } From 92427e6161f563a67c751b0bfcd1f5b44e86a13c Mon Sep 17 00:00:00 2001 From: Fernando Jose Date: Tue, 22 Oct 2024 15:15:37 +0900 Subject: [PATCH 2185/2573] Fix sneaky typo in A18-1-1 test. --- cpp/autosar/test/rules/A18-1-1/test.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/test/rules/A18-1-1/test.cpp b/cpp/autosar/test/rules/A18-1-1/test.cpp index 90596780d9..0e9bffa3d7 100644 --- a/cpp/autosar/test/rules/A18-1-1/test.cpp +++ b/cpp/autosar/test/rules/A18-1-1/test.cpp @@ -11,6 +11,6 @@ int test_c_arrays() { int x[100]; // NON_COMPLIANT constexpr int a[]{0, 1, 2}; // NON_COMPLIANT - __func__; // COMPLAINT + __func__; // COMPLIANT return 0; -} \ No newline at end of file +} From c7f04f531f08de27ab4f1f49543654bd2d408709 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 22 Oct 2024 10:24:04 +0100 Subject: [PATCH 2186/2573] Add coding-standards-qlpacks as a release artifact --- scripts/release/release-layout.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/scripts/release/release-layout.yml b/scripts/release/release-layout.yml index 5e496120f2..32ba2b63d9 100644 --- a/scripts/release/release-layout.yml +++ b/scripts/release/release-layout.yml @@ -10,6 +10,10 @@ layout: - workflow-artifact: name: "Code Scanning Query Pack Generation" artifact: code-scanning-cpp-query-pack.zip + coding-standards-qlpacks.zip: + - workflow-artifact: + name: "Code Scanning Query Pack Generation" + artifact: coding-standards-qlpacks.zip supported_rules_list.csv: - shell: | python ${{ coding-standards.root }}/scripts/release/create_supported_rules_list.py --csv > supported_rules_list.csv From d238d2e0753a34b9297e772231c25b2bb2d9518c Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 22 Oct 2024 11:05:56 +0100 Subject: [PATCH 2187/2573] Fix name --- scripts/release/release-layout.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/release/release-layout.yml b/scripts/release/release-layout.yml index 32ba2b63d9..357b7a56fc 100644 --- a/scripts/release/release-layout.yml +++ b/scripts/release/release-layout.yml @@ -13,7 +13,7 @@ layout: coding-standards-qlpacks.zip: - workflow-artifact: name: "Code Scanning Query Pack Generation" - artifact: coding-standards-qlpacks.zip + artifact: coding-standards-qlpacks supported_rules_list.csv: - shell: | python ${{ coding-standards.root }}/scripts/release/create_supported_rules_list.py --csv > supported_rules_list.csv From 0266e46e26a2a96bae92b2ae833c1e420be94106 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 22 Oct 2024 11:14:48 +0100 Subject: [PATCH 2188/2573] Move the action to a more discoverable location, improve isolation --- .../action.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) rename {.github/actions/apply-coding-standards-configuration => apply-configuration}/action.yml (54%) diff --git a/.github/actions/apply-coding-standards-configuration/action.yml b/apply-configuration/action.yml similarity index 54% rename from .github/actions/apply-coding-standards-configuration/action.yml rename to apply-configuration/action.yml index c5c58ebc3c..ea4e48cb8d 100644 --- a/.github/actions/apply-coding-standards-configuration/action.yml +++ b/apply-configuration/action.yml @@ -6,12 +6,14 @@ runs: using: composite steps: - name: Install Python + id: cs-install-python uses: actions/setup-python@v5 with: python-version: 3.9 + update-environment: false - name: Install dependencies shell: bash - run: python -m pip install -r ${GITHUB_ACTION_PATH}/../../../scripts/configuration/requirements.txt + run: ${{ steps.cs-install-python.outputs.python-path }} -m pip install -r ${GITHUB_ACTION_PATH}/../scripts/configuration/requirements.txt - name: Process files shell: bash - run: python ${GITHUB_ACTION_PATH}/../../../scripts/configuration/process_coding_standards_config.py + run: ${{ steps.cs-install-python.outputs.python-path }} ${GITHUB_ACTION_PATH}/../scripts/configuration/process_coding_standards_config.py From c94e7189cb599098653ecb1444e143056dba1034 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 22 Oct 2024 13:01:39 +0100 Subject: [PATCH 2189/2573] Address LD_LIBRARY_PATH issue --- apply-configuration/action.yml | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/apply-configuration/action.yml b/apply-configuration/action.yml index ea4e48cb8d..bc12db4f60 100644 --- a/apply-configuration/action.yml +++ b/apply-configuration/action.yml @@ -13,7 +13,14 @@ runs: update-environment: false - name: Install dependencies shell: bash - run: ${{ steps.cs-install-python.outputs.python-path }} -m pip install -r ${GITHUB_ACTION_PATH}/../scripts/configuration/requirements.txt + run: | + install_dir=$(dirname $(dirname "${{ steps.cs-install-python.outputs.python-path }}")) + if [[ -z "$LD_LIBRARY_PATH" ]]; then + export LD_LIBRARY_PATH="$install_dir/lib" + else + export LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$install_dir/lib" + fi + ${{ steps.cs-install-python.outputs.python-path }} -m pip install -r ${GITHUB_ACTION_PATH}/../scripts/configuration/requirements.txt - name: Process files shell: bash run: ${{ steps.cs-install-python.outputs.python-path }} ${GITHUB_ACTION_PATH}/../scripts/configuration/process_coding_standards_config.py From 2180087c2a7ae458cc87b81f67bdb4a4614ff267 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 22 Oct 2024 13:12:57 +0100 Subject: [PATCH 2190/2573] Combine steps to apply LD_LIBRARY_PATH to both steps --- apply-configuration/action.yml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/apply-configuration/action.yml b/apply-configuration/action.yml index bc12db4f60..89a702b72a 100644 --- a/apply-configuration/action.yml +++ b/apply-configuration/action.yml @@ -11,7 +11,7 @@ runs: with: python-version: 3.9 update-environment: false - - name: Install dependencies + - name: Install dependencies and process files shell: bash run: | install_dir=$(dirname $(dirname "${{ steps.cs-install-python.outputs.python-path }}")) @@ -21,6 +21,4 @@ runs: export LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$install_dir/lib" fi ${{ steps.cs-install-python.outputs.python-path }} -m pip install -r ${GITHUB_ACTION_PATH}/../scripts/configuration/requirements.txt - - name: Process files - shell: bash - run: ${{ steps.cs-install-python.outputs.python-path }} ${GITHUB_ACTION_PATH}/../scripts/configuration/process_coding_standards_config.py + ${{ steps.cs-install-python.outputs.python-path }} ${GITHUB_ACTION_PATH}/../scripts/configuration/process_coding_standards_config.py \ No newline at end of file From 80988039fccdeef7b5f375ff26f269d3db513391 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 22 Oct 2024 14:11:09 +0100 Subject: [PATCH 2191/2573] Removed leftover debugging --- .github/workflows/code-scanning-pack-gen.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index 5a37353f19..306a33e735 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -120,8 +120,8 @@ jobs: codeql pack bundle --output=common-c-coding-standards.tgz c/common/src codeql pack bundle --output=misra-c-coding-standards.tgz c/misra/src codeql pack bundle --output=cert-c-coding-standards.tgz c/cert/src - codeql pack bundle --output=cert-cpp-coding-standards.tgz -vvv cpp/cert/src - codeql pack bundle --output=autosar-cpp-coding-standards.tgz -vvv cpp/autosar/src + codeql pack bundle --output=cert-cpp-coding-standards.tgz cpp/cert/src + codeql pack bundle --output=autosar-cpp-coding-standards.tgz cpp/autosar/src codeql pack bundle --output=report-cpp-coding-standards.tgz cpp/report/src - name: Upload qlpack bundles From 772d593ef3279626b062abade169dd7c9c2ed72e Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 22 Oct 2024 14:11:23 +0100 Subject: [PATCH 2192/2573] Pack generation: update report pack name for clarity --- .github/workflows/code-scanning-pack-gen.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index 306a33e735..68961b3202 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -122,7 +122,7 @@ jobs: codeql pack bundle --output=cert-c-coding-standards.tgz c/cert/src codeql pack bundle --output=cert-cpp-coding-standards.tgz cpp/cert/src codeql pack bundle --output=autosar-cpp-coding-standards.tgz cpp/autosar/src - codeql pack bundle --output=report-cpp-coding-standards.tgz cpp/report/src + codeql pack bundle --output=report-coding-standards.tgz cpp/report/src - name: Upload qlpack bundles uses: actions/upload-artifact@v4 From f146f74ebf5d39509bcd94529660bff334728894 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 22 Oct 2024 17:23:09 +0100 Subject: [PATCH 2193/2573] Rename to coding-standards-codeql-packs --- .github/workflows/code-scanning-pack-gen.yml | 2 +- scripts/release/release-layout.yml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index 68961b3202..e03b377424 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -127,5 +127,5 @@ jobs: - name: Upload qlpack bundles uses: actions/upload-artifact@v4 with: - name: coding-standards-qlpacks + name: coding-standards-codeql-packs path: '*-coding-standards.tgz' \ No newline at end of file diff --git a/scripts/release/release-layout.yml b/scripts/release/release-layout.yml index 357b7a56fc..4ced0b4d30 100644 --- a/scripts/release/release-layout.yml +++ b/scripts/release/release-layout.yml @@ -10,10 +10,10 @@ layout: - workflow-artifact: name: "Code Scanning Query Pack Generation" artifact: code-scanning-cpp-query-pack.zip - coding-standards-qlpacks.zip: + coding-standards-codeql-packs.zip: - workflow-artifact: name: "Code Scanning Query Pack Generation" - artifact: coding-standards-qlpacks + artifact: coding-standards-codeql-packs supported_rules_list.csv: - shell: | python ${{ coding-standards.root }}/scripts/release/create_supported_rules_list.py --csv > supported_rules_list.csv From eee63999c5bb6714c07d4b20cc68f40a9b02ed62 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 22 Oct 2024 18:13:34 +0100 Subject: [PATCH 2194/2573] Add MISRA C++ 2023 CodeQL pack --- .github/workflows/code-scanning-pack-gen.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index e03b377424..ea13a4e76c 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -122,6 +122,7 @@ jobs: codeql pack bundle --output=cert-c-coding-standards.tgz c/cert/src codeql pack bundle --output=cert-cpp-coding-standards.tgz cpp/cert/src codeql pack bundle --output=autosar-cpp-coding-standards.tgz cpp/autosar/src + codeql pack bundle --output=misra-cpp-coding-standards.tgz cpp/misra/src codeql pack bundle --output=report-coding-standards.tgz cpp/report/src - name: Upload qlpack bundles From 499fa76800e24e7e28879d6f87e2858bc037ea1d Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 22 Oct 2024 18:14:10 +0100 Subject: [PATCH 2195/2573] Update user manual with CodeQL packs --- docs/user_manual.md | 101 +++++++++++++++++++++++++++----- scripts/release/bump-version.sh | 1 + 2 files changed, 86 insertions(+), 16 deletions(-) diff --git a/docs/user_manual.md b/docs/user_manual.md index 17c08237ef..b74c962d0e 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -29,13 +29,15 @@ | 0.21.0 | 2024-05-01 | Luke Cartey | Add MISRA C++ 2023 as under development, and clarify MISRA C 2012 coverage. | | 0.22.0 | 2024-10-02 | Luke Cartey | Add MISRA C 2023 as under development, and clarify MISRA C 2012 coverage. | | 0.23.0 | 2024-10-21 | Luke Cartey | Add assembly as a hazard. | +| 0.24.0 | 2024-10-22 | Luke Cartey | Add CodeQL packs as a usable output, update release artifacts list. | ## Release information This user manual documents release `2.37.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). The release page documents the release notes and contains the following artifacts part of the release: -- `code-scanning-cpp-query-pack-2.37.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. +- `coding-standards-codeql-packs-2.37.0-dev.zip`: CodeQL packs that can be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. +- `code-scanning-cpp-query-pack-2.37.0-dev.zip`: Legacy packaging for the queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. - `supported_rules_list_2.37.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. - `supported_rules_list_2.37.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. - `user_manual_2.37.0-dev.md`: This user manual. @@ -158,22 +160,52 @@ This section describes how to operate the "CodeQL Coding Standards". #### Pre-requisite: downloading the CodeQL CLI -You must download a compatible version of the CodeQL CLI and CodeQL Standard Library for C++. +You must download a compatible version of the CodeQL CLI, as specified in the release notes for the release you are using. -**Option 1:** Use the CodeQL CLI bundle, which includes both required components: +**Option 1:** Use the CodeQL CLI bundle, which includes both the CodeQL CLI and GitHub's default security queries: 1. Download the CodeQL CLI bundle from the [`github/codeql-action` releases page](https://github.com/github/codeql-action/releases). 2. Expand the compressed archive to a specified location on your machine. 3. [Optional] Add the CodeQL CLI to your user or system path. -**Option 2:** Fetch the components separately: +This approach is suitable if you wish to use the default queries provided by GitHub in addition to the Coding Standards queries. + +**Option 2:** Use the CodeQL CLI binary: 1. Download the CodeQL CLI from the [`github/codeql-cli-binaries` releases page](https://github.com/github/codeql-cli-binaries/releases) 2. Expand the compressed archive to a specified location on your machine. - 3. Using `git`, clone the [`github/codeql`](https://github.com/github/codeql) repository to a sibling directory of the CodeQL CLI. The `github/codeql` repository contains the CodeQL Standard Library for C++. - 4. [Optional] Add the CodeQL CLI to your user or system path. +3. [Optional] Add the CodeQL CLI to your user or system path. + +#### Pre-requisite: downloading the Coding Standards queries + +The Coding Standards packs can be downloaded into the local CodeQL package cache using the following command: + +```bash +codeql pack download codeql/--coding-standards@ +``` + +The supported standards and languages are: + * `codeql/misra-c-coding-standards` - a CodeQL query pack for reporting violations of MISRA C. + * `codeql/cert-c-coding-standards` - a CodeQL query pack for reporting violations of CERT C. + * `codeql/misra-cpp-coding-standards` - a CodeQL query pack for reporting violations of MISRA C++. + * `codeql/cert-cpp-coding-standards` - a CodeQL query pack for reporting violations of CERT C++. + * `codeql/autosar-cpp-coding-standards` - - a CodeQL query pack for reporting violations of AUTOSAR for C++. + +Ensure that the `@` string matches the desired Coding Standards version. + +Alternatively, the packs can be downloaded directly from a release on the `github/codeql-coding-standards` repository by choosing the `coding-standards-codeql-packs.zip`, which contains the following files: + + * `misra-c-coding-standards.tgz` - a CodeQL query pack for reporting violations of MISRA C. + * `cert-c-coding-standards.tgz` - a CodeQL query pack for reporting violations of CERT C. + * `cert-cpp-coding-standards.tgz` - a CodeQL query pack for reporting violations of CERT C++. + * `autosar-cpp-coding-standards.tgz` - a CodeQL query pack for reporting violations of AUTOSAR for C++. + * `common-cpp-coding-standards.tgz` - a CodeQL library pack, used if you are writing your own C++ queries against Coding Standards. + * `common-c-coding-standards.tgz` - a CodeQL library pack, used if you are writing your own C queries against Coding Standards. + * `report-coding-standards.tgz` - a CodeQL query pack for running diagnostics on databases. -The release notes for the "CodeQL Coding Standards" pack you are using will specify the appropriate versions to use. +Each pack will need to be decompressed using the `tar` program, and placed in a known location. + +Finally, we provide a legacy single zip containing all the artifacts from a release, named `code-scanning-cpp-query-pack.zip`. This also contains the CodeQL packs listed above. #### Creating a CodeQL database @@ -194,26 +226,65 @@ Reference: [CodeQL CLI: Creating a CodeQL database](https://codeql.github.com/do #### Running the default analysis for one or more Coding Standards -Once you have a CodeQL database for your project, you can run the "default" query suite. This will run all the "automated" queries for each implemented rule in the specified Coding Standards. +Once you have a CodeQL database for your project you can run the default analysis for a specified Coding Standard using the `codeql database analyze` command by specifying the names of the QL packs which you want to run as arguments, along with a version specifier: + +```bash +codeql database analyze --format=sarifv2.1.0 --output=.sarif path/to/ codeql/--coding-standard@version +``` + +For example, this command would run MISRA C and CERT C with the default query sets: + +```bash +codeql database analyze --format=sarifv2.1.0 --output=results.sarif path/to/ codeql/misra-c-coding-standard@version codeql/cert-c-coding-standard@version +``` +The output of this command will be a [SARIF file](https://sarifweb.azurewebsites.net/) called `.sarif`. + +##### Locating the Coding Standards CodeQL packs + +If you have downloaded a release artifact containing the packs, you will need to provide the `--search-path` parameter, pointing to each of the uncompressed query packs. +``` +--search-path path/to/pack1:path/to/pack2 +``` + +Alternatively, the packs can be made available to CodeQL without specification on the comamnd line by placing them inside the distribution under the `qlpacks/codeql/` directory, or placed inside a directory adjacent to the folder containing the distribution. + +##### Alternative query sets + +Each supported standard includes a variety of query suites, which enable the running of different sets of queries based on specified properties. In addition, a custom query suite can be defined as specified by the CodeQL CLI documentation, in order to select any arbitrary sets of queries in this repository. To run + +```bash +codeql database analyze --format=sarifv2.1.0 --output=.sarif path/to/ codeql/--coding-standard@version:codeql-suites/.qls +``` -The query suites can be run by using the `codeql database analyze` command: +If modifying the query suite, ensure that all Rules you expect to be covered by CodeQL in your Guideline Enforcement Plan (or similar) are included in the query suite, by running: ```bash -codeql database analyze --format=sarifv2.1.0 --output=.sarif path/to/ path/to/codeql-coding-standards/cpp//src/codeql-suites/-default.qls... +codeql resolve queries codeql/--coding-standard@version:codeql-suites/.qls ``` -For each Coding Standard you want to run, add a trailing entry in the following format: `path/to/codeql-coding-standards/cpp//src/codeql-suites/-default.qls`. +##### Supported SARIF versions The only supported SARIF version for use in a functional safety environment is version 2.1.0. To select this SARIF version you **must** specify the flag `--format=sarifv2.1.0` when invoking the database analyze command `codeql database analyze ...` as shown in the above example. -Running the default analysis for one or more Coding Standards may require further performance customizations for larger codebases. -The following flags may be passed to the `database analyze` command to adjust the performance: +##### Performance optimizations + +Running the default analysis for one or more Coding Standards may require further performance customizations for larger codebases. The following flags may be passed to the `database analyze` command to adjust the performance: - `--ram` - to specify the maximum amount of RAM to use during the analysis as [documented](https://codeql.github.com/docs/codeql-cli/manual/database-analyze/#options-to-control-ram-usage) in the CodeQL CLI manual. - `--thread` - to specify number of threads to use while evaluating as [documented](https://codeql.github.com/docs/codeql-cli/manual/database-analyze/#cmdoption-codeql-database-analyze-j) in the CodeQL CLI manual. -The output of this command will be a [SARIF file](https://sarifweb.azurewebsites.net/) called `.sarif`. +##### Legacy approach + +If you have downloaded the legacy release artifact `code-scanning-query-pack.zip`, you can run the default query suite using the `codeql database analyze` command as follows: + +```bash +codeql database analyze --format=sarifv2.1.0 --output=.sarif path/to/ path/to/codeql-coding-standards///src/codeql-suites/-default.qls... +``` + +For each Coding Standard you want to run, add a trailing entry in the following format: `path/to/codeql-coding-standards///src/codeql-suites/-default.qls`. Custom query suites can be run by specifying the appropriate paths. + +All other options discussed above are valid. #### Running the analysis for audit level queries @@ -223,8 +294,6 @@ Optionally, you may want to run the "audit" level queries. These queries produce codeql database analyze --format=sarifv2.1.0 --output=.sarif path/to/ path/to/codeql-coding-standards/cpp//src/codeql-suites/-audit.qls... ``` -For each Coding Standard you want to run, add a trailing entry in the following format: `path/to/codeql-coding-standards/cpp//src/codeql-suites/-default.qls`. - #### Producing an analysis report In addition to producing a results file, an analysis report can be produced that summarizes: diff --git a/scripts/release/bump-version.sh b/scripts/release/bump-version.sh index fd5ab5ea0d..5bbd0eeae0 100755 --- a/scripts/release/bump-version.sh +++ b/scripts/release/bump-version.sh @@ -15,6 +15,7 @@ find . -name 'qlpack.yml' | grep -v './codeql_modules' | grep -v './scripts' | x # update the documentation. find docs -name 'user_manual.md' -print0 | xargs -0 sed -i "s/code-scanning-cpp-query-pack-.*\.zip\`/code-scanning-cpp-query-pack-${1}.zip\`/" +find docs -name 'user_manual.md' -print0 | xargs -0 sed -i "s/coding-standard-codeql-pack-.*\.zip\`/coding-standard-codeql-pack-${1}.zip\`/" find docs -name 'user_manual.md' -print0 | xargs -0 sed -i "s/supported_rules_list_.*\.csv\`/supported_rules_list_${1}.csv\`/" find docs -name 'user_manual.md' -print0 | xargs -0 sed -i "s/supported_rules_list_.*\.md\`/supported_rules_list_${1}.md\`/" find docs -name 'user_manual.md' -print0 | xargs -0 sed -i "s/user_manual_.*\.md\`/user_manual_${1}.md\`/" From 1c6fce51adf7e2bc0441603f487de61d5322d9d0 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 22 Oct 2024 19:11:02 +0100 Subject: [PATCH 2196/2573] Update wording of recommendation to use the bundle --- docs/user_manual.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/user_manual.md b/docs/user_manual.md index b74c962d0e..c9fbacdd4b 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -168,7 +168,7 @@ You must download a compatible version of the CodeQL CLI, as specified in the re 2. Expand the compressed archive to a specified location on your machine. 3. [Optional] Add the CodeQL CLI to your user or system path. -This approach is suitable if you wish to use the default queries provided by GitHub in addition to the Coding Standards queries. +This approach is recommended if you wish to use the default queries provided by GitHub in addition to the Coding Standards queries. **Option 2:** Use the CodeQL CLI binary: From 47804a7b52f4606d123bb4ca0f45e1e0acd558ca Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 22 Oct 2024 19:11:19 +0100 Subject: [PATCH 2197/2573] Add release notes --- change_notes/2024-10-22-update-release-artifacts.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 change_notes/2024-10-22-update-release-artifacts.md diff --git a/change_notes/2024-10-22-update-release-artifacts.md b/change_notes/2024-10-22-update-release-artifacts.md new file mode 100644 index 0000000000..46d0ed0c30 --- /dev/null +++ b/change_notes/2024-10-22-update-release-artifacts.md @@ -0,0 +1,4 @@ + - Modifications to the release artifacts: + - New CodeQL pack release artifacts have been created. These release artifacts can be downloaded from the release, and will be published to the GitHub registry under the `codeql` org for ease of deployment. + - The user manual has been updated to describe how to use the CodeQL packs. + - We no longer require a separate download of the CodeQL Standard Library for C++ - all queries have been pre-compiled and linked with the appropriate standard library. \ No newline at end of file From 4b9d8136208c4cc002c24bba794d4c208663ebcf Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 22 Oct 2024 21:12:32 +0100 Subject: [PATCH 2198/2573] Share PointerOrArrayType --- .../codingstandards/c/UndefinedBehavior.qll | 20 +++---------------- .../src/codingstandards/cpp/Pointers.qll | 12 ++++++++++- 2 files changed, 14 insertions(+), 18 deletions(-) diff --git a/c/common/src/codingstandards/c/UndefinedBehavior.qll b/c/common/src/codingstandards/c/UndefinedBehavior.qll index bbbb08678b..6a72cb6eb7 100644 --- a/c/common/src/codingstandards/c/UndefinedBehavior.qll +++ b/c/common/src/codingstandards/c/UndefinedBehavior.qll @@ -1,4 +1,5 @@ import cpp +import codingstandards.cpp.Pointers import codingstandards.cpp.UndefinedBehavior /** @@ -6,21 +7,6 @@ import codingstandards.cpp.UndefinedBehavior */ abstract class CUndefinedBehavior extends UndefinedBehavior { } -class PointerOrArrayType extends DerivedType { - PointerOrArrayType() { - this instanceof PointerType or - this instanceof ArrayType - } -} - -Type get(Function main) { - main.getName() = "main" and - main.getNumberOfParameters() = 2 and - main.getType().getUnderlyingType() instanceof IntType and - main.getParameter(0).getType().getUnderlyingType() instanceof IntType and - result = main.getParameter(1).getType().getUnderlyingType().(PointerOrArrayType).getBaseType() -} - /** * A function which has the signature - but not the name - of a main function. */ @@ -32,9 +18,9 @@ class C99MainFunction extends Function { this.getParameter(1) .getType() .getUnderlyingType() - .(PointerOrArrayType) + .(UnspecifiedPointerOrArrayType) .getBaseType() - .(PointerOrArrayType) + .(UnspecifiedPointerOrArrayType) .getBaseType() instanceof CharType or this.getNumberOfParameters() = 0 and diff --git a/cpp/common/src/codingstandards/cpp/Pointers.qll b/cpp/common/src/codingstandards/cpp/Pointers.qll index 8ed55b2bc0..28b6abc340 100644 --- a/cpp/common/src/codingstandards/cpp/Pointers.qll +++ b/cpp/common/src/codingstandards/cpp/Pointers.qll @@ -6,7 +6,7 @@ import cpp import codingstandards.cpp.Type /** - * A type that is a pointer or array type. + * A type that is a pointer or array type after stripping top-level specifiers. */ class PointerOrArrayType extends DerivedType { PointerOrArrayType() { @@ -15,6 +15,16 @@ class PointerOrArrayType extends DerivedType { } } +/** + * A type that is a pointer or array type. + */ +class UnspecifiedPointerOrArrayType extends DerivedType { + UnspecifiedPointerOrArrayType() { + this instanceof PointerType or + this instanceof ArrayType + } +} + /** * An expression which performs pointer arithmetic */ From 57dd7485f67c15a414d079a8b5a15902cf3c5b7b Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 22 Oct 2024 21:18:01 +0100 Subject: [PATCH 2199/2573] Rule 5.4: Address review comments --- .../src/rules/RULE-5-4/MacroIdentifiersNotDistinct.ql | 4 ++-- .../src/codingstandards/cpp/PreprocessorDirective.qll | 9 +++------ 2 files changed, 5 insertions(+), 8 deletions(-) diff --git a/c/misra/src/rules/RULE-5-4/MacroIdentifiersNotDistinct.ql b/c/misra/src/rules/RULE-5-4/MacroIdentifiersNotDistinct.ql index ed124692e5..36b946491b 100644 --- a/c/misra/src/rules/RULE-5-4/MacroIdentifiersNotDistinct.ql +++ b/c/misra/src/rules/RULE-5-4/MacroIdentifiersNotDistinct.ql @@ -99,8 +99,8 @@ where // when m2 is defined isIncludedUnconditionallyFromCommonFile(m, m2) and // Macros can't be mutually exclusive - not mutuallyExclusiveMacros(m, m2) and - not mutuallyExclusiveMacros(m2, m) and + not mutuallyExclusiveBranchDirectiveMacros(m, m2) and + not mutuallyExclusiveBranchDirectiveMacros(m2, m) and // If at least one invocation exists for at least one of the macros, then they must share a link // target - i.e. must both be expanded in the same context ( diff --git a/cpp/common/src/codingstandards/cpp/PreprocessorDirective.qll b/cpp/common/src/codingstandards/cpp/PreprocessorDirective.qll index 1f6cc140d8..ca943742d9 100644 --- a/cpp/common/src/codingstandards/cpp/PreprocessorDirective.qll +++ b/cpp/common/src/codingstandards/cpp/PreprocessorDirective.qll @@ -98,12 +98,9 @@ predicate isMacroDefinedWithinBranch(PreprocessorBranchDirective bd, Macro m) { * Holds if the pair of macros are "conditional" i.e. only one of the macros is followed in any * particular compilation of the containing file. */ -predicate mutuallyExclusiveMacros(Macro firstMacro, Macro secondMacro) { - exists( - PreprocessorBranchDirective b1, PreprocessorBranchDirective b2, string filepath, - int b1StartLocation, int b2StartLocation - | - isBranchDirectivePair(b1, b2, filepath, b1StartLocation, b2StartLocation) and +predicate mutuallyExclusiveBranchDirectiveMacros(Macro firstMacro, Macro secondMacro) { + exists(PreprocessorBranchDirective b1, PreprocessorBranchDirective b2 | + isBranchDirectivePair(b1, b2, _, _, _) and isMacroDefinedWithinBranch(b1, firstMacro) and isMacroDefinedWithinBranch(b2, secondMacro) ) From 68c1dafa713f5654e2aacd9b9be6a957ae6999ac Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 22 Oct 2024 21:26:58 +0100 Subject: [PATCH 2200/2573] Add test case --- cpp/autosar/test/rules/M0-1-2/InfeasiblePath.expected | 1 + cpp/autosar/test/rules/M0-1-2/test.cpp | 11 +++++++++++ 2 files changed, 12 insertions(+) diff --git a/cpp/autosar/test/rules/M0-1-2/InfeasiblePath.expected b/cpp/autosar/test/rules/M0-1-2/InfeasiblePath.expected index 9cb237e8b3..b5528014d1 100644 --- a/cpp/autosar/test/rules/M0-1-2/InfeasiblePath.expected +++ b/cpp/autosar/test/rules/M0-1-2/InfeasiblePath.expected @@ -8,3 +8,4 @@ | test.cpp:86:9:86:14 | ... < ... | The true path is infeasible because 0 (max value: 0) is always less than or equal to a (minimum value: 0). | | test.cpp:117:7:117:7 | 0 | The path is unreachable in a template. | | test.cpp:123:7:123:8 | ! ... | The path is unreachable in a template. | +| test.cpp:137:7:137:12 | ... > ... | The path is unreachable in a template. | diff --git a/cpp/autosar/test/rules/M0-1-2/test.cpp b/cpp/autosar/test/rules/M0-1-2/test.cpp index 31c564d8a5..f36cbc790d 100644 --- a/cpp/autosar/test/rules/M0-1-2/test.cpp +++ b/cpp/autosar/test/rules/M0-1-2/test.cpp @@ -131,4 +131,15 @@ void test_infeasible_instantiates() { template_infeasible_true_path(); template_infeasible_false_path(); template_infeasible_false_path(); +} + +template int template_infeasible_relation() { + if (i > -1) { // NON_COMPLIANT - true path is infeasible in all circumstances + return 3; + } +} + +void test_infeasible_relation() { + template_infeasible_relation<0>(); + template_infeasible_relation<1>(); } \ No newline at end of file From 460fb26a4b4971bf3014c8a3081a809105322f63 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 22 Oct 2024 22:22:15 +0100 Subject: [PATCH 2201/2573] Reinstate macro instantiation results --- .../RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql | 2 -- .../codingstandards/cpp/alertreporting/HoldsForAllCopies.qll | 4 +--- 2 files changed, 1 insertion(+), 5 deletions(-) diff --git a/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql b/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql index f5cf07f8fc..ddb8cbcdcc 100644 --- a/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql +++ b/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql @@ -31,8 +31,6 @@ class NonConstPointerVariableCandidate extends Variable { // In a type declared locally this.(Field).getDeclaringType+().getEnclosingFunction() = a.getEnclosingFunction() ) and - // Avoid elements in macro expansions, as they cannot be equated across copies - not this.isInMacroExpansion() and exists(PointerOrArrayType type | // include only pointers which point to a const-qualified type this.getType() = type and diff --git a/cpp/common/src/codingstandards/cpp/alertreporting/HoldsForAllCopies.qll b/cpp/common/src/codingstandards/cpp/alertreporting/HoldsForAllCopies.qll index 634c1bf610..1d47e833dc 100644 --- a/cpp/common/src/codingstandards/cpp/alertreporting/HoldsForAllCopies.qll +++ b/cpp/common/src/codingstandards/cpp/alertreporting/HoldsForAllCopies.qll @@ -85,11 +85,9 @@ module HoldsForAllCopies Date: Tue, 22 Oct 2024 22:58:36 +0100 Subject: [PATCH 2202/2573] Rule 2.5: Consider macros accessed before definition --- .../rules/RULE-2-5/UnusedMacroDeclaration.ql | 11 +++++++ c/misra/test/rules/RULE-2-5/test.c | 33 ++++++++++++++++++- change_notes/2024-10-22-rule-2-5.md | 2 ++ 3 files changed, 45 insertions(+), 1 deletion(-) create mode 100644 change_notes/2024-10-22-rule-2-5.md diff --git a/c/misra/src/rules/RULE-2-5/UnusedMacroDeclaration.ql b/c/misra/src/rules/RULE-2-5/UnusedMacroDeclaration.ql index b7ea9f64de..5e70755eea 100644 --- a/c/misra/src/rules/RULE-2-5/UnusedMacroDeclaration.ql +++ b/c/misra/src/rules/RULE-2-5/UnusedMacroDeclaration.ql @@ -19,7 +19,18 @@ import codingstandards.c.misra from Macro m where not isExcluded(m, DeadCodePackage::unusedMacroDeclarationQuery()) and + // We consider a macro "used" if there is a macro access not exists(MacroAccess ma | ma.getMacro() = m) and + // Or if there exists a check whether the macro is defined which the extractor + // hasn't been able to tie to a macro (usually because this use came before + // the macro was defined e.g. a header guard) + not exists(PreprocessorBranchDirective bd | + // Covers the #ifdef and #ifndef cases + bd.getHead() = m.getName() + or + // Covers the use of defined() to check if a macro is defined + m.getName() = bd.getHead().regexpCapture(".*defined\\((.*)\\).*", 1) + ) and // We consider a macro "used" if the name is undef-ed at some point in the same file, or a file // that includes the file defining the macro. This will over approximate use in the case of a // macro which is defined, then undefined, then re-defined but not used. diff --git a/c/misra/test/rules/RULE-2-5/test.c b/c/misra/test/rules/RULE-2-5/test.c index f37acb1509..755b783eab 100644 --- a/c/misra/test/rules/RULE-2-5/test.c +++ b/c/misra/test/rules/RULE-2-5/test.c @@ -13,4 +13,35 @@ void test() { MACRO2; HEADER_MACRO2; -} \ No newline at end of file +} + +#define CHECKED_MACRO_1 // COMPLIANT - used in branch +#define CHECKED_MACRO_2 // COMPLIANT - used in branch +#define CHECKED_MACRO_3 // COMPLIANT - used in branch + +#ifdef CHECKED_MACRO_1 +#endif + +#ifndef CHECKED_MACRO_2 +#endif + +#if defined(CHECKED_MACRO_3) +#endif + +// In the case above, the extractor will identify macro accesses with each use +// of the macro. In the case above, the extractor does not tie them together, +// but the standard considers this acceptable usage. Notably, this type of +// pattern occurs for header guards. + +#ifdef CHECKED_MACRO_BEFORE_1 +#endif + +#ifndef CHECKED_MACRO_BEFORE_2 +#endif + +#if defined(CHECKED_MACRO_BEFORE_3) +#endif + +#define CHECKED_MACRO_BEFORE_1 // COMPLIANT - used in branch +#define CHECKED_MACRO_BEFORE_2 // COMPLIANT - used in branch +#define CHECKED_MACRO_BEFORE_3 // COMPLIANT - used in branch \ No newline at end of file diff --git a/change_notes/2024-10-22-rule-2-5.md b/change_notes/2024-10-22-rule-2-5.md new file mode 100644 index 0000000000..6de3f0be11 --- /dev/null +++ b/change_notes/2024-10-22-rule-2-5.md @@ -0,0 +1,2 @@ + - `RULE-2-5` - `UnusedMacroDeclaration.ql`: + - Exclude false positives where a macro was used before definition, for example a header guard. \ No newline at end of file From 96366ae6cb1c006e1176d55cf285fd606bed1fdb Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 23 Oct 2024 09:33:16 +0100 Subject: [PATCH 2203/2573] Update links --- docs/user_manual.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/user_manual.md b/docs/user_manual.md index c9fbacdd4b..926d1b13f4 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -271,8 +271,8 @@ To select this SARIF version you **must** specify the flag `--format=sarifv2.1.0 Running the default analysis for one or more Coding Standards may require further performance customizations for larger codebases. The following flags may be passed to the `database analyze` command to adjust the performance: -- `--ram` - to specify the maximum amount of RAM to use during the analysis as [documented](https://codeql.github.com/docs/codeql-cli/manual/database-analyze/#options-to-control-ram-usage) in the CodeQL CLI manual. -- `--thread` - to specify number of threads to use while evaluating as [documented](https://codeql.github.com/docs/codeql-cli/manual/database-analyze/#cmdoption-codeql-database-analyze-j) in the CodeQL CLI manual. +- `--ram` - to specify the maximum amount of RAM to use during the analysis as [documented](https://docs.github.com/en/code-security/codeql-cli/codeql-cli-manual/database-analyze#options-to-control-ram-usage) in the CodeQL CLI manual. +- `--thread` - to specify number of threads to use while evaluating as [documented](https://docs.github.com/en/code-security/codeql-cli/codeql-cli-manual/database-analyze#-j---threadsnum) in the CodeQL CLI manual. ##### Legacy approach From 5b61358f7f3dc1fb525b279b19ed098bfa56b1c7 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 23 Oct 2024 14:38:02 +0100 Subject: [PATCH 2204/2573] Improve regex to handle spaces --- .../src/rules/RULE-2-5/UnusedMacroDeclaration.ql | 2 +- c/misra/test/rules/RULE-2-5/test.c | 14 +++++++++++++- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/c/misra/src/rules/RULE-2-5/UnusedMacroDeclaration.ql b/c/misra/src/rules/RULE-2-5/UnusedMacroDeclaration.ql index 5e70755eea..2b5a8e8c1d 100644 --- a/c/misra/src/rules/RULE-2-5/UnusedMacroDeclaration.ql +++ b/c/misra/src/rules/RULE-2-5/UnusedMacroDeclaration.ql @@ -29,7 +29,7 @@ where bd.getHead() = m.getName() or // Covers the use of defined() to check if a macro is defined - m.getName() = bd.getHead().regexpCapture(".*defined\\((.*)\\).*", 1) + m.getName() = bd.getHead().regexpCapture(".*defined *\\(? *([^\\s()]+) *\\)?\\.*", 1) ) and // We consider a macro "used" if the name is undef-ed at some point in the same file, or a file // that includes the file defining the macro. This will over approximate use in the case of a diff --git a/c/misra/test/rules/RULE-2-5/test.c b/c/misra/test/rules/RULE-2-5/test.c index 755b783eab..e220b3d444 100644 --- a/c/misra/test/rules/RULE-2-5/test.c +++ b/c/misra/test/rules/RULE-2-5/test.c @@ -42,6 +42,18 @@ void test() { #if defined(CHECKED_MACRO_BEFORE_3) #endif +#if defined(CHECKED_MACRO_BEFORE_4) +#endif + +#if defined(CHECKED_MACRO_BEFORE_5) +#endif + +#if defined(CHECKED_MACRO_BEFORE_6) +#endif + #define CHECKED_MACRO_BEFORE_1 // COMPLIANT - used in branch #define CHECKED_MACRO_BEFORE_2 // COMPLIANT - used in branch -#define CHECKED_MACRO_BEFORE_3 // COMPLIANT - used in branch \ No newline at end of file +#define CHECKED_MACRO_BEFORE_3 // COMPLIANT - used in branch +#define CHECKED_MACRO_BEFORE_4 // COMPLIANT - used in branch +#define CHECKED_MACRO_BEFORE_5 // COMPLIANT - used in branch +#define CHECKED_MACRO_BEFORE_6 // COMPLIANT - used in branch \ No newline at end of file From cbcf0374aa9ac115e25b428a70717cdd705497c1 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 23 Oct 2024 14:43:45 +0100 Subject: [PATCH 2205/2573] Add test case for spaces, ensure no clang-format --- c/misra/test/rules/RULE-2-5/test.c | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/c/misra/test/rules/RULE-2-5/test.c b/c/misra/test/rules/RULE-2-5/test.c index e220b3d444..15930f68d1 100644 --- a/c/misra/test/rules/RULE-2-5/test.c +++ b/c/misra/test/rules/RULE-2-5/test.c @@ -42,18 +42,26 @@ void test() { #if defined(CHECKED_MACRO_BEFORE_3) #endif -#if defined(CHECKED_MACRO_BEFORE_4) +// clang-format off + +#if defined (CHECKED_MACRO_BEFORE_4) +#endif + +#if defined( CHECKED_MACRO_BEFORE_5 ) #endif -#if defined(CHECKED_MACRO_BEFORE_5) +#if defined ( CHECKED_MACRO_BEFORE_6 ) #endif -#if defined(CHECKED_MACRO_BEFORE_6) +#if defined CHECKED_MACRO_BEFORE_7 #endif +// clang-format on + #define CHECKED_MACRO_BEFORE_1 // COMPLIANT - used in branch #define CHECKED_MACRO_BEFORE_2 // COMPLIANT - used in branch #define CHECKED_MACRO_BEFORE_3 // COMPLIANT - used in branch #define CHECKED_MACRO_BEFORE_4 // COMPLIANT - used in branch #define CHECKED_MACRO_BEFORE_5 // COMPLIANT - used in branch -#define CHECKED_MACRO_BEFORE_6 // COMPLIANT - used in branch \ No newline at end of file +#define CHECKED_MACRO_BEFORE_6 // COMPLIANT - used in branch +#define CHECKED_MACRO_BEFORE_7 // COMPLIANT - used in branch \ No newline at end of file From a183198b68b2e27c72c4e79855bbf4c41905c2bb Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 23 Oct 2024 18:04:35 +0100 Subject: [PATCH 2206/2573] Ignore explicit casts when idenitying cvalues by parent --- ...ConvertedToDifferentUnderlyingType.expected | 8 +++++--- cpp/autosar/test/rules/M5-0-3/test.cpp | 18 ++++++++++++++++++ cpp/autosar/test/rules/M5-0-7/test.cpp | 9 +++++++++ cpp/autosar/test/rules/M5-0-8/test.cpp | 18 ++++++++++++++++++ ...plicitSignednessConversionOfCValue.expected | 6 +++--- cpp/autosar/test/rules/M5-0-9/test.cpp | 7 +++++++ cpp/common/src/codingstandards/cpp/Expr.qll | 12 ++++++++++-- 7 files changed, 70 insertions(+), 8 deletions(-) diff --git a/cpp/autosar/test/rules/M5-0-3/CvalueExpressionConvertedToDifferentUnderlyingType.expected b/cpp/autosar/test/rules/M5-0-3/CvalueExpressionConvertedToDifferentUnderlyingType.expected index 5782ac9849..773691efd1 100644 --- a/cpp/autosar/test/rules/M5-0-3/CvalueExpressionConvertedToDifferentUnderlyingType.expected +++ b/cpp/autosar/test/rules/M5-0-3/CvalueExpressionConvertedToDifferentUnderlyingType.expected @@ -1,3 +1,5 @@ -| test.cpp:11:8:11:14 | (int16_t)... | Implicit conversion converts cvalue $@ from signed char to signed short. | test.cpp:11:8:11:14 | ... + ... | expression | -| test.cpp:11:8:11:14 | ... + ... | Implicit conversion converts cvalue $@ from signed char to signed short. | test.cpp:11:8:11:14 | ... + ... | expression | -| test.cpp:13:8:13:13 | ... + ... | Implicit conversion converts cvalue $@ from signed short to signed int. | test.cpp:13:8:13:13 | ... + ... | expression | +| test.cpp:12:8:12:14 | (int16_t)... | Implicit conversion converts cvalue $@ from signed char to signed short. | test.cpp:12:8:12:14 | ... + ... | expression | +| test.cpp:12:8:12:14 | ... + ... | Implicit conversion converts cvalue $@ from signed char to signed short. | test.cpp:12:8:12:14 | ... + ... | expression | +| test.cpp:14:8:14:13 | ... + ... | Implicit conversion converts cvalue $@ from signed short to signed int. | test.cpp:14:8:14:13 | ... + ... | expression | +| test.cpp:23:13:23:19 | (int16_t)... | Implicit conversion converts cvalue $@ from signed char to signed short. | test.cpp:23:13:23:19 | ... + ... | expression | +| test.cpp:30:12:30:18 | (int16_t)... | Implicit conversion converts cvalue $@ from signed char to signed short. | test.cpp:30:12:30:18 | ... + ... | expression | diff --git a/cpp/autosar/test/rules/M5-0-3/test.cpp b/cpp/autosar/test/rules/M5-0-3/test.cpp index cb74512979..9f368bae3f 100644 --- a/cpp/autosar/test/rules/M5-0-3/test.cpp +++ b/cpp/autosar/test/rules/M5-0-3/test.cpp @@ -1,4 +1,5 @@ #include + void f1() { using std::int16_t; using std::int32_t; @@ -13,4 +14,21 @@ void f1() { l3 = l2 + 1; // NON_COMPLIANT l3 = static_cast(l2) + 1; // COMPLIANT l3 = l2 + 0x01ffff; // COMPLIANT +} + +void int16_arg(std::int16_t t); + +void test_func_call() { + std::int8_t l1; + int16_arg(l1 + l1); // NON_COMPLIANT + int16_arg(static_cast(l1 + l1)); // COMPLIANT +} + +std::int16_t test_return(int test) { + std::int8_t l1; + if (test > 0) { + return l1 + l1; // NON_COMPLIANT + } else { + return static_cast(l1 + l1); // COMPLIANT + } } \ No newline at end of file diff --git a/cpp/autosar/test/rules/M5-0-7/test.cpp b/cpp/autosar/test/rules/M5-0-7/test.cpp index 36a2259028..ecbddd6750 100644 --- a/cpp/autosar/test/rules/M5-0-7/test.cpp +++ b/cpp/autosar/test/rules/M5-0-7/test.cpp @@ -18,4 +18,13 @@ void f1() { s16a = static_cast(f32a / f32b); // NON_COMPLIANT s16a = static_cast(f32a); // COMPLIANT s16a = static_cast(f32a) / f32b; // COMPLIANT +} + +void int_arg(std::int32_t i); + +std::int16_t test_args() { + float f32a; + float f32b; + int_arg(static_cast(f32a)); // COMPLIANT - f32a is not a cvalue + return static_cast(f32a); // COMPLIANT - f32a is not a cvalue } \ No newline at end of file diff --git a/cpp/autosar/test/rules/M5-0-8/test.cpp b/cpp/autosar/test/rules/M5-0-8/test.cpp index 198bebed9f..ab785c661a 100644 --- a/cpp/autosar/test/rules/M5-0-8/test.cpp +++ b/cpp/autosar/test/rules/M5-0-8/test.cpp @@ -22,4 +22,22 @@ void f() { f64 = static_cast(1.0f + 1.0f); // NON_COMPLIANT f32 = static_cast(1.0f + 1); // COMPLIANT f64 = static_cast(1.0 + 1); // COMPLIANT; no suffix defines a double +} + +#include + +void function_args() { + std::vector v{0}; + + std::uint32_t u32{0}; + v.at(static_cast(u32)); // COMPLIANT - cast is not a cvalue + std::size_t st = + static_cast(u32); // COMPLIANT - cast is not a cvalue + v.at(st); +} + +std::size_t return_args() { + std::uint32_t u32{0}; + + return static_cast(u32); // COMPLIANT } \ No newline at end of file diff --git a/cpp/autosar/test/rules/M5-0-9/ExplicitSignednessConversionOfCValue.expected b/cpp/autosar/test/rules/M5-0-9/ExplicitSignednessConversionOfCValue.expected index b2619503b3..b7fc97f99c 100644 --- a/cpp/autosar/test/rules/M5-0-9/ExplicitSignednessConversionOfCValue.expected +++ b/cpp/autosar/test/rules/M5-0-9/ExplicitSignednessConversionOfCValue.expected @@ -1,3 +1,3 @@ -| test.cpp:16:8:16:35 | static_cast... | Explicit integral conversion converts the signedness of the $@ from unsigned to signed. | test.cpp:16:28:16:34 | ... + ... | cvalue | -| test.cpp:18:8:18:40 | static_cast... | Explicit integral conversion converts the signedness of the $@ from unsigned to signed. | test.cpp:18:28:18:39 | ... + ... | cvalue | -| test.cpp:20:8:20:35 | static_cast... | Explicit integral conversion converts the signedness of the $@ from unsigned to signed. | test.cpp:20:28:20:34 | ... * ... | cvalue | +| test.cpp:20:8:20:35 | static_cast... | Explicit integral conversion converts the signedness of the $@ from unsigned to signed. | test.cpp:20:28:20:34 | ... + ... | cvalue | +| test.cpp:22:8:22:40 | static_cast... | Explicit integral conversion converts the signedness of the $@ from unsigned to signed. | test.cpp:22:28:22:39 | ... + ... | cvalue | +| test.cpp:24:8:24:35 | static_cast... | Explicit integral conversion converts the signedness of the $@ from unsigned to signed. | test.cpp:24:28:24:34 | ... * ... | cvalue | diff --git a/cpp/autosar/test/rules/M5-0-9/test.cpp b/cpp/autosar/test/rules/M5-0-9/test.cpp index b46dbc390f..7b050d24de 100644 --- a/cpp/autosar/test/rules/M5-0-9/test.cpp +++ b/cpp/autosar/test/rules/M5-0-9/test.cpp @@ -1,4 +1,8 @@ #include + +void signed_arg(std::uint32_t s); +void unsigned_arg(std::uint32_t u); + void f() { using std::int16_t; using std::int32_t; @@ -22,4 +26,7 @@ void f() { i16 = static_cast(i16 / i8); // NON_COMPLIANT i8 = static_cast(u8) + static_cast(u8); // COMPLIANT + + unsigned(static_cast(i32)); // COMPLIANT - i32 is not a cvalue + signed(static_cast(u32)); // COMPLIANT - u32 is not a cvalue } \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/Expr.qll b/cpp/common/src/codingstandards/cpp/Expr.qll index fe2877f849..51066cf4cb 100644 --- a/cpp/common/src/codingstandards/cpp/Expr.qll +++ b/cpp/common/src/codingstandards/cpp/Expr.qll @@ -148,9 +148,17 @@ module MisraExpr { private predicate isCValue(Expr e) { not e.isConstant() and ( - exists(ReturnStmt return | e = return.getExpr()) + exists(ReturnStmt return | + e = return.getExpr() and + // Only return statements which are not explicitly casted are considered + not exists(Cast c | not c.isImplicit() and c.getExpr() = e) + ) or - exists(Call call | e = call.getAnArgument()) + exists(FunctionCall call | + e = call.getAnArgument() and + // // Only function arguments which are not explicitly casted are considered + not exists(Cast c | not c.isImplicit() and c.getExpr() = e) + ) ) or isCValue(e.(ParenthesisExpr).getExpr()) From 7eaad201460a779c21e79b0e427a9a9fed9b230f Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 24 Oct 2024 12:00:15 +0100 Subject: [PATCH 2207/2573] Compatible types: performance improvements Modify the `Compatible.qll` library to improve performance by restricting to function declarations for the same function. Adopt the Compatible library in DCL40-C, which has also improved detection of compatible types. --- .../IncompatibleFunctionDeclarations.ql | 36 ++++++++++--------- change_notes/2024-10-24-compatible-types.md | 2 ++ .../src/codingstandards/cpp/Compatible.qll | 4 +++ 3 files changed, 25 insertions(+), 17 deletions(-) create mode 100644 change_notes/2024-10-24-compatible-types.md diff --git a/c/cert/src/rules/DCL40-C/IncompatibleFunctionDeclarations.ql b/c/cert/src/rules/DCL40-C/IncompatibleFunctionDeclarations.ql index 4660e69b68..20b6e5e59e 100644 --- a/c/cert/src/rules/DCL40-C/IncompatibleFunctionDeclarations.ql +++ b/c/cert/src/rules/DCL40-C/IncompatibleFunctionDeclarations.ql @@ -16,30 +16,32 @@ import cpp import codingstandards.c.cert +import codingstandards.cpp.Compatible import ExternalIdentifiers -//checks if they are incompatible based on return type, number of parameters and parameter types -predicate checkMatchingFunction(FunctionDeclarationEntry d, FunctionDeclarationEntry d2) { - not d.getType() = d2.getType() - or - not d.getNumberOfParameters() = d2.getNumberOfParameters() - or - exists(ParameterDeclarationEntry p, ParameterDeclarationEntry p2, int i | - d.getParameterDeclarationEntry(i) = p and - d2.getParameterDeclarationEntry(i) = p2 and - not p.getType() = p2.getType() - ) -} - from ExternalIdentifiers d, FunctionDeclarationEntry f1, FunctionDeclarationEntry f2 where not isExcluded(f1, Declarations2Package::incompatibleFunctionDeclarationsQuery()) and not isExcluded(f2, Declarations2Package::incompatibleFunctionDeclarationsQuery()) and - f1 = d.getADeclarationEntry() and - f2 = d.getADeclarationEntry() and not f1 = f2 and - f1.getLocation().getStartLine() >= f2.getLocation().getStartLine() and + f1.getDeclaration() = d and + f2.getDeclaration() = d and f1.getName() = f2.getName() and - checkMatchingFunction(f1, f2) + ( + //return type check + not typesCompatible(f1.getType(), f2.getType()) + or + //parameter type check + parameterTypesIncompatible(f1, f2) + or + not f1.getNumberOfParameters() = f2.getNumberOfParameters() + ) and + // Apply ordering on start line, trying to avoid the optimiser applying this join too early + // in the pipeline + exists(int f1Line, int f2Line | + f1.getLocation().hasLocationInfo(_, f1Line, _, _, _) and + f2.getLocation().hasLocationInfo(_, f2Line, _, _, _) and + f1Line >= f2Line + ) select f1, "The object $@ is not compatible with re-declaration $@", f1, f1.getName(), f2, f2.getName() diff --git a/change_notes/2024-10-24-compatible-types.md b/change_notes/2024-10-24-compatible-types.md new file mode 100644 index 0000000000..05afbd64d9 --- /dev/null +++ b/change_notes/2024-10-24-compatible-types.md @@ -0,0 +1,2 @@ + - `DCL40-C` - `IncompatibleFunctionDeclarations.ql`: + - Reduce false positives by identifying compatible integer arithmetic types (e.g. "signed int" and "int"). \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/Compatible.qll b/cpp/common/src/codingstandards/cpp/Compatible.qll index 12a53965fe..0f6e2108ff 100644 --- a/cpp/common/src/codingstandards/cpp/Compatible.qll +++ b/cpp/common/src/codingstandards/cpp/Compatible.qll @@ -1,5 +1,7 @@ import cpp +pragma[noinline] +pragma[nomagic] predicate typesCompatible(Type t1, Type t2) { t1 = t2 or @@ -8,6 +10,7 @@ predicate typesCompatible(Type t1, Type t2) { } predicate parameterTypesIncompatible(FunctionDeclarationEntry f1, FunctionDeclarationEntry f2) { + f1.getDeclaration() = f2.getDeclaration() and exists(ParameterDeclarationEntry p1, ParameterDeclarationEntry p2, int i | p1 = f1.getParameterDeclarationEntry(i) and p2 = f2.getParameterDeclarationEntry(i) @@ -17,6 +20,7 @@ predicate parameterTypesIncompatible(FunctionDeclarationEntry f1, FunctionDeclar } predicate parameterNamesIncompatible(FunctionDeclarationEntry f1, FunctionDeclarationEntry f2) { + f1.getDeclaration() = f2.getDeclaration() and exists(ParameterDeclarationEntry p1, ParameterDeclarationEntry p2, int i | p1 = f1.getParameterDeclarationEntry(i) and p2 = f2.getParameterDeclarationEntry(i) From dfdfe9b6984e8d83c977e65f4bd6e3f97d82f047 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 24 Oct 2024 12:06:38 +0100 Subject: [PATCH 2208/2573] NotDistinctIdentifier: Performance optimization Hint optimizer to perform join of exclusions after determining results. --- .../notdistinctidentifier/NotDistinctIdentifier.qll | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/notdistinctidentifier/NotDistinctIdentifier.qll b/cpp/common/src/codingstandards/cpp/rules/notdistinctidentifier/NotDistinctIdentifier.qll index 093b804e0f..102c53428b 100644 --- a/cpp/common/src/codingstandards/cpp/rules/notdistinctidentifier/NotDistinctIdentifier.qll +++ b/cpp/common/src/codingstandards/cpp/rules/notdistinctidentifier/NotDistinctIdentifier.qll @@ -12,6 +12,16 @@ abstract class NotDistinctIdentifierSharedQuery extends Query { } Query getQuery() { result instanceof NotDistinctIdentifierSharedQuery } +bindingset[d, d2] +pragma[inline_late] +private predicate after(ExternalIdentifiers d, ExternalIdentifiers d2) { + exists(int dStartLine, int d2StartLine | + d.getLocation().hasLocationInfo(_, dStartLine, _, _, _) and + d2.getLocation().hasLocationInfo(_, d2StartLine, _, _, _) and + dStartLine >= d2StartLine + ) +} + query predicate problems( ExternalIdentifiers d, string message, ExternalIdentifiers d2, string nameplaceholder ) { @@ -20,10 +30,10 @@ query predicate problems( d.getName().length() >= 31 and d2.getName().length() >= 31 and not d = d2 and - d.getLocation().getStartLine() >= d2.getLocation().getStartLine() and d.getSignificantName() = d2.getSignificantName() and not d.getName() = d2.getName() and nameplaceholder = d2.getName() and + after(d, d2) and message = "External identifer " + d.getName() + " is nondistinct in characters at or over 31 limit, compared to $@" From 8f909177a25d6a68435603aa01922ef8a10383bd Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 24 Oct 2024 12:07:35 +0100 Subject: [PATCH 2209/2573] MSC39-C: Hint optimizer to join isExcluded after determining results --- ...CallVaArgOnAVaListThatHasAnIndeterminateValue.ql | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql b/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql index 821b79c8e4..2fc334ba50 100644 --- a/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql +++ b/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql @@ -71,12 +71,19 @@ predicate sameSource(VaAccess e1, VaAccess e2) { ) } +/** + * Extracted to avoid poor magic join ordering on the `isExcluded` predicate. + */ +predicate query(VaAccess va_acc, VaArgArg va_arg, FunctionCall fc) { + sameSource(va_acc, va_arg) and + fc = preceedsFC(va_acc) and + fc.getTarget().calls*(va_arg.getEnclosingFunction()) +} + from VaAccess va_acc, VaArgArg va_arg, FunctionCall fc where not isExcluded(va_acc, Contracts7Package::doNotCallVaArgOnAVaListThatHasAnIndeterminateValueQuery()) and - sameSource(va_acc, va_arg) and - fc = preceedsFC(va_acc) and - fc.getTarget().calls*(va_arg.getEnclosingFunction()) + query(va_acc, va_arg, fc) select va_acc, "The value of " + va_acc.toString() + " is indeterminate after the $@.", fc, fc.toString() From a124f6346fe76fd398660c092c8162c1eea27a50 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 24 Oct 2024 12:08:03 +0100 Subject: [PATCH 2210/2573] Rule 9.4: Performance optimization of aggregate initializer pairs Refactored calculation to work top down, instead of bottom up, which ensures we are always comparing elements from within the same initializer. --- ...dInitializationOfAggregateObjectElement.ql | 60 ++++++++++++------- 1 file changed, 40 insertions(+), 20 deletions(-) diff --git a/c/misra/src/rules/RULE-9-4/RepeatedInitializationOfAggregateObjectElement.ql b/c/misra/src/rules/RULE-9-4/RepeatedInitializationOfAggregateObjectElement.ql index 4f72d6720b..8663843a78 100644 --- a/c/misra/src/rules/RULE-9-4/RepeatedInitializationOfAggregateObjectElement.ql +++ b/c/misra/src/rules/RULE-9-4/RepeatedInitializationOfAggregateObjectElement.ql @@ -60,35 +60,55 @@ int getMaxDepth(ArrayAggregateLiteral al) { else result = 1 + max(Expr child | child = al.getAnElementExpr(_) | getMaxDepth(child)) } -// internal recursive predicate for `hasMultipleInitializerExprsForSameIndex` predicate hasMultipleInitializerExprsForSameIndexInternal( - ArrayAggregateLiteral al1, ArrayAggregateLiteral al2, Expr out_al1_expr, Expr out_al2_expr + ArrayAggregateLiteral root, Expr e1, Expr e2 ) { - exists(int shared_index, Expr al1_expr, Expr al2_expr | - // an `Expr` initializing an element of the same index in both `al1` and `al2` - shared_index = [0 .. al1.getArraySize() - 1] and - al1_expr = al1.getAnElementExpr(shared_index) and - al2_expr = al2.getAnElementExpr(shared_index) and - // but not the same `Expr` - not al1_expr = al2_expr and - ( - // case A - the children are not aggregate literals - // holds if `al1` and `al2` both hold for .getElement[sharedIndex] - not al1_expr instanceof ArrayAggregateLiteral and - out_al1_expr = al1_expr and - out_al2_expr = al2_expr - or - // case B - `al1` and `al2` both have an aggregate literal child at the same index, so recurse - hasMultipleInitializerExprsForSameIndexInternal(al1_expr, al2_expr, out_al1_expr, out_al2_expr) - ) + root = e1 and root = e2 + or + exists(ArrayAggregateLiteral parent1, ArrayAggregateLiteral parent2, int shared_index | + hasMultipleInitializerExprsForSameIndexInternal(root, parent1, parent2) and + shared_index = [0 .. parent1.getArraySize() - 1] and + e1 = parent1.getAnElementExpr(shared_index) and + e2 = parent2.getAnElementExpr(shared_index) ) } +// // internal recursive predicate for `hasMultipleInitializerExprsForSameIndex` +// predicate hasMultipleInitializerExprsForSameIndexInternal( +// ArrayAggregateLiteral al1, ArrayAggregateLiteral al2, Expr out_al1_expr, Expr out_al2_expr +// ) { +// exists(int shared_index, Expr al1_expr, Expr al2_expr | +// // an `Expr` initializing an element of the same index in both `al1` and `al2` +// shared_index = [0 .. al1.getArraySize() - 1] and +// al1_expr = al1.getAnElementExpr(shared_index) and +// al2_expr = al2.getAnElementExpr(shared_index) and +// // but not the same `Expr` +// not al1_expr = al2_expr and +// ( +// // case A - the children are not aggregate literals +// // holds if `al1` and `al2` both hold for .getElement[sharedIndex] +// not al1_expr instanceof ArrayAggregateLiteral and +// out_al1_expr = al1_expr and +// out_al2_expr = al2_expr +// or +// // case B - `al1` and `al2` both have an aggregate literal child at the same index, so recurse +// hasMultipleInitializerExprsForSameIndexInternal(al1_expr, al2_expr, out_al1_expr, out_al2_expr) +// ) +// ) +// } /** * Holds if `expr1` and `expr2` both initialize the same array element of `root`. */ predicate hasMultipleInitializerExprsForSameIndex(ArrayAggregateLiteral root, Expr expr1, Expr expr2) { - hasMultipleInitializerExprsForSameIndexInternal(root, root, expr1, expr2) + hasMultipleInitializerExprsForSameIndexInternal(root, expr1, expr2) and + not root = expr1 and + not root = expr2 and + not expr1 = expr2 and + ( + not expr1 instanceof ArrayAggregateLiteral + or + not expr2 instanceof ArrayAggregateLiteral + ) } /** From 10b84ec9ec41aea5fb96114cadf24662c410ac71 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Thu, 24 Oct 2024 16:17:48 +0100 Subject: [PATCH 2211/2573] Remove commented-out code --- ...dInitializationOfAggregateObjectElement.ql | 24 +------------------ 1 file changed, 1 insertion(+), 23 deletions(-) diff --git a/c/misra/src/rules/RULE-9-4/RepeatedInitializationOfAggregateObjectElement.ql b/c/misra/src/rules/RULE-9-4/RepeatedInitializationOfAggregateObjectElement.ql index 8663843a78..dfe3fd8fff 100644 --- a/c/misra/src/rules/RULE-9-4/RepeatedInitializationOfAggregateObjectElement.ql +++ b/c/misra/src/rules/RULE-9-4/RepeatedInitializationOfAggregateObjectElement.ql @@ -60,6 +60,7 @@ int getMaxDepth(ArrayAggregateLiteral al) { else result = 1 + max(Expr child | child = al.getAnElementExpr(_) | getMaxDepth(child)) } +// internal recursive predicate for `hasMultipleInitializerExprsForSameIndex` predicate hasMultipleInitializerExprsForSameIndexInternal( ArrayAggregateLiteral root, Expr e1, Expr e2 ) { @@ -73,29 +74,6 @@ predicate hasMultipleInitializerExprsForSameIndexInternal( ) } -// // internal recursive predicate for `hasMultipleInitializerExprsForSameIndex` -// predicate hasMultipleInitializerExprsForSameIndexInternal( -// ArrayAggregateLiteral al1, ArrayAggregateLiteral al2, Expr out_al1_expr, Expr out_al2_expr -// ) { -// exists(int shared_index, Expr al1_expr, Expr al2_expr | -// // an `Expr` initializing an element of the same index in both `al1` and `al2` -// shared_index = [0 .. al1.getArraySize() - 1] and -// al1_expr = al1.getAnElementExpr(shared_index) and -// al2_expr = al2.getAnElementExpr(shared_index) and -// // but not the same `Expr` -// not al1_expr = al2_expr and -// ( -// // case A - the children are not aggregate literals -// // holds if `al1` and `al2` both hold for .getElement[sharedIndex] -// not al1_expr instanceof ArrayAggregateLiteral and -// out_al1_expr = al1_expr and -// out_al2_expr = al2_expr -// or -// // case B - `al1` and `al2` both have an aggregate literal child at the same index, so recurse -// hasMultipleInitializerExprsForSameIndexInternal(al1_expr, al2_expr, out_al1_expr, out_al2_expr) -// ) -// ) -// } /** * Holds if `expr1` and `expr2` both initialize the same array element of `root`. */ From 9f4b33209789eb18ab044ab29caf9bc3f4723e05 Mon Sep 17 00:00:00 2001 From: knewbury01 Date: Thu, 24 Oct 2024 20:44:19 +0000 Subject: [PATCH 2212/2573] Bump version to 2.38.0-dev --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- docs/user_manual.md | 12 ++++++------ 16 files changed, 21 insertions(+), 21 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index 2b94485102..db08fb3ebe 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards -version: 2.37.0-dev +version: 2.38.0-dev description: CERT C 2016 suites: codeql-suites license: MIT diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index b9ae07d6ef..0242ecdd10 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards-tests -version: 2.37.0-dev +version: 2.38.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index b4128cbbe8..9d05e536fd 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards -version: 2.37.0-dev +version: 2.38.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index ec8fdff257..e19cb371e8 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards-tests -version: 2.37.0-dev +version: 2.38.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 36619027dd..0c78ad44b6 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards -version: 2.37.0-dev +version: 2.38.0-dev description: MISRA C 2012 suites: codeql-suites license: MIT diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index b205f34897..f27c03ca9e 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards-tests -version: 2.37.0-dev +version: 2.38.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index c7c633184a..810af3bde4 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards -version: 2.37.0-dev +version: 2.38.0-dev description: AUTOSAR C++14 Guidelines R22-11, R21-11, R20-11, R19-11 and R19-03 suites: codeql-suites license: MIT diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index d470b12f70..37dd488774 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards-tests -version: 2.37.0-dev +version: 2.38.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index d70429c0de..2fb82cfe3f 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards -version: 2.37.0-dev +version: 2.38.0-dev description: CERT C++ 2016 suites: codeql-suites license: MIT diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index ae70b1f71c..dfe027d387 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards-tests -version: 2.37.0-dev +version: 2.38.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index ed33ca2398..eeee5f1fa9 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards -version: 2.37.0-dev +version: 2.38.0-dev license: MIT dependencies: codeql/cpp-all: 0.12.9 diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index de878794a7..8c37adba8d 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards-tests -version: 2.37.0-dev +version: 2.38.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index e0d399484e..2ca5752f9c 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards -version: 2.37.0-dev +version: 2.38.0-dev description: MISRA C++ 2023 default-suite: codeql-suites/misra-cpp-default.qls license: MIT diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index e77a784a18..b1601bcb74 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards-tests -version: 2.37.0-dev +version: 2.38.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index 58b473f755..797c50b92b 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/report-cpp-coding-standards -version: 2.37.0-dev +version: 2.38.0-dev license: MIT dependencies: codeql/cpp-all: 0.12.9 diff --git a/docs/user_manual.md b/docs/user_manual.md index 926d1b13f4..7f505673df 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -33,14 +33,14 @@ ## Release information -This user manual documents release `2.37.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). +This user manual documents release `2.38.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). The release page documents the release notes and contains the following artifacts part of the release: - `coding-standards-codeql-packs-2.37.0-dev.zip`: CodeQL packs that can be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `code-scanning-cpp-query-pack-2.37.0-dev.zip`: Legacy packaging for the queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `supported_rules_list_2.37.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. -- `supported_rules_list_2.37.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. -- `user_manual_2.37.0-dev.md`: This user manual. +- `code-scanning-cpp-query-pack-2.38.0-dev.zip`: Legacy packaging for the queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. +- `supported_rules_list_2.38.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. +- `supported_rules_list_2.38.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. +- `user_manual_2.38.0-dev.md`: This user manual. - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards - `checksums.txt`: A text file containing sha256 checksums for the aforementioned artifacts. @@ -573,7 +573,7 @@ This section describes known failure modes for "CodeQL Coding Standards" and des | | Out of space | Less output. Some files may be only be partially analyzed, or not analyzed at all. | Error reported on the command line. | Increase space. If it remains an issue report space consumption issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False positives | More output. Results are reported which are not violations of the guidelines. | All reported results must be reviewed. | Report false positive issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False negatives | Less output. Violations of the guidelines are not reported. | Other validation and verification processes during software development should be used to complement the analysis performed by CodeQL Coding Standards. | Report false negative issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | -| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.37.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | +| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.38.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | | | Incorrect deviation record specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation records with a reason. Ensure that all deviation records are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Incorrect deviation permit specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation permits with a reason. Ensure that all deviation permits are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Unapproved use of a deviation record | Less output. Results for guideline violations are not reported. | Validate that the deviation record use is approved by verifying the approved-by attribute of the deviation record specification. | Ensure that each raised deviation record is approved by an independent approver through an auditable process. | From 1340cdbcef49a5f7b99fa65370a5fef97e5977db Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 24 Oct 2024 23:23:50 -0700 Subject: [PATCH 2213/2573] Implement RULE-2-8, project should not contain unused object definitions. Also add a new AlertReporting shared query library for deduplicating results across macro definitions/invocations/etc. Split __attribute__((unused)) variables (and similar) to a Strict pair of queries. --- .../rules/RULE-2-8/UnusedObjectDefinition.ql | 24 ++ .../RULE-2-8/UnusedObjectDefinitionInMacro.ql | 24 ++ .../UnusedObjectDefinitionInMacroStrict.ql | 27 ++ .../RULE-2-8/UnusedObjectDefinitionStrict.ql | 26 ++ .../RULE-2-8/UnusedObjectDefinition.expected | 8 + .../RULE-2-8/UnusedObjectDefinition.qlref | 1 + .../UnusedObjectDefinitionInMacro.expected | 2 + .../UnusedObjectDefinitionInMacro.qlref | 1 + ...usedObjectDefinitionInMacroStrict.expected | 2 + .../UnusedObjectDefinitionInMacroStrict.qlref | 1 + .../UnusedObjectDefinitionStrict.expected | 2 + .../UnusedObjectDefinitionStrict.qlref | 1 + c/misra/test/rules/RULE-2-8/test.c | 113 ++++++ .../codingstandards/cpp/AlertReporting.qll | 28 +- .../DeduplicateMacroResults.qll | 379 ++++++++++++++++++ .../cpp/deadcode/UnusedObjects.qll | 176 ++++++++ .../cpp/exclusions/c/DeadCode2.qll | 78 ++++ .../cpp/exclusions/c/RuleMetadata.qll | 3 + .../DeduplicateMacroResults.expected | 6 + .../alertreporting/DeduplicateMacroResults.ql | 32 ++ .../deduplicatemacroresults.cpp | 53 +++ rule_packages/c/DeadCode2.json | 66 +++ 22 files changed, 1050 insertions(+), 3 deletions(-) create mode 100644 c/misra/src/rules/RULE-2-8/UnusedObjectDefinition.ql create mode 100644 c/misra/src/rules/RULE-2-8/UnusedObjectDefinitionInMacro.ql create mode 100644 c/misra/src/rules/RULE-2-8/UnusedObjectDefinitionInMacroStrict.ql create mode 100644 c/misra/src/rules/RULE-2-8/UnusedObjectDefinitionStrict.ql create mode 100644 c/misra/test/rules/RULE-2-8/UnusedObjectDefinition.expected create mode 100644 c/misra/test/rules/RULE-2-8/UnusedObjectDefinition.qlref create mode 100644 c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionInMacro.expected create mode 100644 c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionInMacro.qlref create mode 100644 c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionInMacroStrict.expected create mode 100644 c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionInMacroStrict.qlref create mode 100644 c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionStrict.expected create mode 100644 c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionStrict.qlref create mode 100644 c/misra/test/rules/RULE-2-8/test.c create mode 100644 cpp/common/src/codingstandards/cpp/alertreporting/DeduplicateMacroResults.qll create mode 100644 cpp/common/src/codingstandards/cpp/deadcode/UnusedObjects.qll create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/DeadCode2.qll create mode 100644 cpp/common/test/library/codingstandards/cpp/alertreporting/DeduplicateMacroResults.expected create mode 100644 cpp/common/test/library/codingstandards/cpp/alertreporting/DeduplicateMacroResults.ql create mode 100644 cpp/common/test/library/codingstandards/cpp/alertreporting/deduplicatemacroresults.cpp create mode 100644 rule_packages/c/DeadCode2.json diff --git a/c/misra/src/rules/RULE-2-8/UnusedObjectDefinition.ql b/c/misra/src/rules/RULE-2-8/UnusedObjectDefinition.ql new file mode 100644 index 0000000000..420733d4ac --- /dev/null +++ b/c/misra/src/rules/RULE-2-8/UnusedObjectDefinition.ql @@ -0,0 +1,24 @@ +/** + * @id c/misra/unused-object-definition + * @name RULE-2-8: A project should not contain unused object definitions + * @description Object definitions which are unused should be removed. + * @kind problem + * @precision very-high + * @problem.severity recommendation + * @tags external/misra/id/rule-2-8 + * maintainability + * performance + * external/misra/c/2012/amendment4 + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.deadcode.UnusedObjects + +from ReportDeadObjectAtDefinition report +where + not isExcluded(report.getPrimaryElement(), DeadCode2Package::unusedObjectDefinitionQuery()) and + not report.hasAttrUnused() +select report.getPrimaryElement(), report.getMessage(), report.getOptionalPlaceholderLocation(), + report.getOptionalPlaceholderMessage() diff --git a/c/misra/src/rules/RULE-2-8/UnusedObjectDefinitionInMacro.ql b/c/misra/src/rules/RULE-2-8/UnusedObjectDefinitionInMacro.ql new file mode 100644 index 0000000000..d5c339c157 --- /dev/null +++ b/c/misra/src/rules/RULE-2-8/UnusedObjectDefinitionInMacro.ql @@ -0,0 +1,24 @@ +/** + * @id c/misra/unused-object-definition-in-macro + * @name RULE-2-8: Project macros should not include unused object definitions + * @description Macros should not have unused object definitions. + * @kind problem + * @precision very-high + * @problem.severity recommendation + * @tags external/misra/id/rule-2-8 + * maintainability + * performance + * external/misra/c/2012/amendment4 + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.deadcode.UnusedObjects + +from ReportDeadObjectInMacro report +where + not isExcluded(report.getPrimaryElement(), DeadCode2Package::unusedObjectDefinitionInMacroQuery()) and + not report.hasAttrUnused() +select report.getPrimaryElement(), report.getMessage(), report.getOptionalPlaceholderLocation(), + report.getOptionalPlaceholderMessage() diff --git a/c/misra/src/rules/RULE-2-8/UnusedObjectDefinitionInMacroStrict.ql b/c/misra/src/rules/RULE-2-8/UnusedObjectDefinitionInMacroStrict.ql new file mode 100644 index 0000000000..7eead60424 --- /dev/null +++ b/c/misra/src/rules/RULE-2-8/UnusedObjectDefinitionInMacroStrict.ql @@ -0,0 +1,27 @@ +/** + * @id c/misra/unused-object-definition-in-macro-strict + * @name RULE-2-8: Project macros should not include '__attribute__((unused))' object definitions + * @description A strict query which reports all unused object definitions in macros with + * '__attribute__((unused))'. + * @kind problem + * @precision very-high + * @problem.severity recommendation + * @tags external/misra/id/rule-2-8 + * maintainability + * performance + * external/misra/c/2012/amendment4 + * external/misra/c/strict + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.deadcode.UnusedObjects + +from ReportDeadObjectInMacro report +where + not isExcluded(report.getPrimaryElement(), + DeadCode2Package::unusedObjectDefinitionInMacroStrictQuery()) and + report.hasAttrUnused() +select report.getPrimaryElement(), report.getMessage(), report.getOptionalPlaceholderLocation(), + report.getOptionalPlaceholderMessage() diff --git a/c/misra/src/rules/RULE-2-8/UnusedObjectDefinitionStrict.ql b/c/misra/src/rules/RULE-2-8/UnusedObjectDefinitionStrict.ql new file mode 100644 index 0000000000..ad92c79481 --- /dev/null +++ b/c/misra/src/rules/RULE-2-8/UnusedObjectDefinitionStrict.ql @@ -0,0 +1,26 @@ +/** + * @id c/misra/unused-object-definition-strict + * @name RULE-2-8: A project should not contain '__attribute__((unused))' object definitions + * @description A strict query which reports all unused object definitions with + * '__attribute__((unused))'. + * @kind problem + * @precision very-high + * @problem.severity recommendation + * @tags external/misra/id/rule-2-8 + * maintainability + * performance + * external/misra/c/2012/amendment4 + * external/misra/c/strict + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.deadcode.UnusedObjects + +from ReportDeadObjectAtDefinition report +where + not isExcluded(report.getPrimaryElement(), DeadCode2Package::unusedObjectDefinitionStrictQuery()) and + report.hasAttrUnused() +select report.getPrimaryElement(), report.getMessage(), report.getOptionalPlaceholderLocation(), + report.getOptionalPlaceholderMessage() diff --git a/c/misra/test/rules/RULE-2-8/UnusedObjectDefinition.expected b/c/misra/test/rules/RULE-2-8/UnusedObjectDefinition.expected new file mode 100644 index 0000000000..fc6f320539 --- /dev/null +++ b/c/misra/test/rules/RULE-2-8/UnusedObjectDefinition.expected @@ -0,0 +1,8 @@ +| test.c:6:5:6:6 | definition of g2 | Unused object definition 'g2'. | test.c:6:5:6:6 | test.c:6:5:6:6 | | +| test.c:9:5:9:6 | definition of g3 | Unused object definition 'g3'. | test.c:9:5:9:6 | test.c:9:5:9:6 | | +| test.c:20:7:20:8 | definition of l2 | Unused object definition 'l2'. | test.c:20:7:20:8 | test.c:20:7:20:8 | | +| test.c:27:7:27:8 | definition of l5 | Unused object definition 'l5'. | test.c:27:7:27:8 | test.c:27:7:27:8 | | +| test.c:37:10:37:11 | definition of g5 | Unused object definition 'g5'. | test.c:37:10:37:11 | test.c:37:10:37:11 | | +| test.c:45:9:45:10 | definition of g6 | Unused object definition 'g6'. | test.c:45:9:45:10 | test.c:45:9:45:10 | | +| test.c:51:5:51:6 | definition of g7 | Unused object definition 'g7'. | test.c:51:5:51:6 | test.c:51:5:51:6 | | +| test.c:64:3:64:18 | ONLY_DEF_VAR(x) | Unused object definition 'l2' from macro '$@'. | test.c:60:1:60:34 | test.c:60:1:60:34 | ONLY_DEF_VAR | diff --git a/c/misra/test/rules/RULE-2-8/UnusedObjectDefinition.qlref b/c/misra/test/rules/RULE-2-8/UnusedObjectDefinition.qlref new file mode 100644 index 0000000000..096c4c64f1 --- /dev/null +++ b/c/misra/test/rules/RULE-2-8/UnusedObjectDefinition.qlref @@ -0,0 +1 @@ +rules/RULE-2-8/UnusedObjectDefinition.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionInMacro.expected b/c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionInMacro.expected new file mode 100644 index 0000000000..c25c136789 --- /dev/null +++ b/c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionInMacro.expected @@ -0,0 +1,2 @@ +| test.c:68:1:71:5 | #define ALSO_DEF_VAR(x) int x = 0; while (1) ; | Macro 'ALSO_DEF_VAR' defines unused object of varied names, for example, '$@'. | test.c:73:16:73:17 | test.c:73:16:73:17 | l1 | +| test.c:77:1:82:3 | #define DEF_UNUSED_INNER_VAR() { int _v = 0; while (1) ; } | Macro 'DEF_UNUSED_INNER_VAR' defines unused object '_v'. | test.c:77:1:82:3 | test.c:77:1:82:3 | (ignored) | diff --git a/c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionInMacro.qlref b/c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionInMacro.qlref new file mode 100644 index 0000000000..057e684fd0 --- /dev/null +++ b/c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionInMacro.qlref @@ -0,0 +1 @@ +rules/RULE-2-8/UnusedObjectDefinitionInMacro.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionInMacroStrict.expected b/c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionInMacroStrict.expected new file mode 100644 index 0000000000..2919c65cb7 --- /dev/null +++ b/c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionInMacroStrict.expected @@ -0,0 +1,2 @@ +| test.c:94:1:97:5 | #define ALSO_DEF_ATTR_UNUSED_VAR(x) __attribute__((unused)) int x = 0; while (1) ; | Macro 'ALSO_DEF_ATTR_UNUSED_VAR' defines unused object of varied names, for example, '$@'. | test.c:99:28:99:29 | test.c:99:28:99:29 | l1 | +| test.c:104:1:109:3 | #define DEF_ATTR_UNUSED_INNER_VAR() { __attribute__((unused)) int _v = 0; while (1) ; } | Macro 'DEF_ATTR_UNUSED_INNER_VAR' defines unused object '_v'. | test.c:104:1:109:3 | test.c:104:1:109:3 | (ignored) | diff --git a/c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionInMacroStrict.qlref b/c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionInMacroStrict.qlref new file mode 100644 index 0000000000..f04653dcb6 --- /dev/null +++ b/c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionInMacroStrict.qlref @@ -0,0 +1 @@ +rules/RULE-2-8/UnusedObjectDefinitionInMacroStrict.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionStrict.expected b/c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionStrict.expected new file mode 100644 index 0000000000..624368ac54 --- /dev/null +++ b/c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionStrict.expected @@ -0,0 +1,2 @@ +| test.c:87:29:87:30 | definition of g8 | Unused object definition 'g8'. | test.c:87:29:87:30 | test.c:87:29:87:30 | | +| test.c:90:3:90:30 | ONLY_DEF_ATTR_UNUSED_VAR(x) | Unused object definition 'l2' from macro '$@'. | test.c:88:1:88:70 | test.c:88:1:88:70 | ONLY_DEF_ATTR_UNUSED_VAR | diff --git a/c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionStrict.qlref b/c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionStrict.qlref new file mode 100644 index 0000000000..4aa7269881 --- /dev/null +++ b/c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionStrict.qlref @@ -0,0 +1 @@ +rules/RULE-2-8/UnusedObjectDefinitionStrict.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-2-8/test.c b/c/misra/test/rules/RULE-2-8/test.c new file mode 100644 index 0000000000..21a2479163 --- /dev/null +++ b/c/misra/test/rules/RULE-2-8/test.c @@ -0,0 +1,113 @@ +// Not a definition, only a declaration: +extern int g1; // COMPLIANT + +// Both declared + defined: +extern int g2; // COMPLIANT +int g2 = 1; // NON_COMPLIANT + +// Definition is only declaration: +int g3 = 1; // NON_COMPLIANT + +// Definition, but value is required for program to compile: +int g4 = 1; // COMPLIANT +void f1() { g4; } + +// Local variables: +void f2() { + int l1; // COMPLIANT + l1; + + int l2; // NON-COMPLIANT + + // Value is required for the program to compile: + int l3; // COMPLIANT + sizeof(l3); + + int l4, // COMPLIANT + l5; // NON-COMPLIANT + l4; +} + +// Struct fields are not objects: +struct s { + int x; // COMPLIANT +}; + +// Declaration of type struct is an object: +struct s g5; // NON-COMPLIANT + +// Struct fields are not objects: +union u { + int x; // COMPLIANT +}; + +// Declaration of type union is an object: +union u g6; // NON-COMPLIANT + +// Typedefs are not objects: +typedef int td1; // COMPLIANT + +// Declaration of typedef type object: +td1 g7; // NON-COMPLIANT + +// Function parameters are not objects: +void f3(int p) {} // COMPLIANT + +// Function type parameters are not objects: +typedef int td2(int x); // COMPLIANT + +// Macros that define unused vars tests: +#define ONLY_DEF_VAR(x) int x = 0; +void f4() { + ONLY_DEF_VAR(l1); // COMPLIANT + l1; + ONLY_DEF_VAR(l2); // NON-COMPLIANT +} + +// NON-COMPLIANT +#define ALSO_DEF_VAR(x) \ + int x = 0; \ + while (1) \ + ; +void f5() { + ALSO_DEF_VAR(l1); // COMPLIANT + ALSO_DEF_VAR(l2); // COMPLIANT +} + +#define DEF_UNUSED_INNER_VAR() \ + { \ + int _v = 0; \ + while (1) \ + ; \ + } // NON-COMPLIANT +void f6() { + DEF_UNUSED_INNER_VAR(); // COMPLIANT +} + +__attribute__((unused)) int g8 = 1; // NON-COMPLIANT +#define ONLY_DEF_ATTR_UNUSED_VAR(x) __attribute__((unused)) int x = 0; +void f7() { + ONLY_DEF_ATTR_UNUSED_VAR(l2); // NON-COMPLIANT +} + +// NON-COMPLIANT +#define ALSO_DEF_ATTR_UNUSED_VAR(x) \ + __attribute__((unused)) int x = 0; \ + while (1) \ + ; +void f8() { + ALSO_DEF_ATTR_UNUSED_VAR(l1); // COMPLIANT + ALSO_DEF_ATTR_UNUSED_VAR(l2); // COMPLIANT +} + +// NON-COMPLIANT +#define DEF_ATTR_UNUSED_INNER_VAR() \ + { \ + __attribute__((unused)) int _v = 0; \ + while (1) \ + ; \ + } + +void f9() { + DEF_ATTR_UNUSED_INNER_VAR(); // COMPLIANT +} diff --git a/cpp/common/src/codingstandards/cpp/AlertReporting.qll b/cpp/common/src/codingstandards/cpp/AlertReporting.qll index 4259e1b67d..3ef5315906 100644 --- a/cpp/common/src/codingstandards/cpp/AlertReporting.qll +++ b/cpp/common/src/codingstandards/cpp/AlertReporting.qll @@ -18,19 +18,24 @@ module MacroUnwrapper { } /** - * Gets the primary macro that generated the result element. + * Gets the primary macro invocation that generated the result element. */ - Macro getPrimaryMacro(ResultElement re) { + MacroInvocation getPrimaryMacroInvocation(ResultElement re) { exists(MacroInvocation mi | mi = getAMacroInvocation(re) and // No other more specific macro that expands to element not exists(MacroInvocation otherMi | otherMi = getAMacroInvocation(re) and otherMi.getParentInvocation() = mi ) and - result = mi.getMacro() + result = mi ) } + /** + * Gets the primary macro that generated the result element. + */ + Macro getPrimaryMacro(ResultElement re) { result = getPrimaryMacroInvocation(re).getMacro() } + /** * If a result element is expanded from a macro invocation, then return the "primary" macro that * generated the element, otherwise return the element itself. @@ -38,4 +43,21 @@ module MacroUnwrapper { Element unwrapElement(ResultElement re) { if exists(getPrimaryMacro(re)) then result = getPrimaryMacro(re) else result = re } + + /* Final class so we can extend it */ + final private class FinalMacroInvocation = MacroInvocation; + + /* A macro invocation that expands to create a `ResultElement` */ + class ResultMacroExpansion extends FinalMacroInvocation { + ResultElement re; + + ResultMacroExpansion() { re = getAnExpandedElement() } + + ResultElement getResultElement() { result = re } + } + + /* The most specific macro invocation that expands to create this `ResultElement`. */ + class PrimaryMacroExpansion extends ResultMacroExpansion { + PrimaryMacroExpansion() { this = getPrimaryMacroInvocation(re) } + } } diff --git a/cpp/common/src/codingstandards/cpp/alertreporting/DeduplicateMacroResults.qll b/cpp/common/src/codingstandards/cpp/alertreporting/DeduplicateMacroResults.qll new file mode 100644 index 0000000000..7c4e8ef41d --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/alertreporting/DeduplicateMacroResults.qll @@ -0,0 +1,379 @@ +import codingstandards.cpp.AlertReporting + +/** + * A configuration for deduplicating query results inside of macros. + * + * See doc comment on `DeduplicateMacroResults` module. + */ +signature module DeduplicateMacroConfigSig { + /** + * Stringify the `ResultElement`. All `ResultElement`s that share an "identity" should stringify + * to the same string to get proper results. + */ + string describe(ResultElement re); +} + +/** + * A configuration for generating reports from reports that may or may not be duplicated across + * macro expansions. + * + * See doc comment on `DeduplicateMacroResults` module. + * + * This signature is used to parameterize the module `DeduplicateMacroResults::Report`. + */ +signature module MacroReportConfigSig { + /* Create a message to describe this macro, with a string describing its `ResultElement`. */ + bindingset[description] + string getMessageSameResultInAllExpansions(Macro m, string description); + + /* Create a message to describe this macro, using '$@' to describe an example `ResultElement`. */ + string getMessageVariedResultInAllExpansions(Macro m); + + /* + * Create a message to describe this macro expansion which produces a `ResultElement`, using '$@' + * to describe the relevant macro. + */ + + string getMessageResultInIsolatedExpansion(ResultElement element); +} + +/** + * A module for taking the results of `MacroUnwrapper` and consolidating them. + * + * The module `MacroUnwrapper` is great for simple alerts such as usage of banned functions. In + * such cases, reporting "call to 'foo()' in macro 'M'" will only have one result even if the macro + * is expanded multiple times. + * + * However, other queries may have a dynamic message which can vary per macro call site due to + * token manipulation (`a ## b`), for instance, "Macro 'M' defines unused object 'generated_name_x'" + * which will lead to hundreds of results if there are hundreds of such generated names. + * + * This module can be used to find and easily report non-compliant behavior, grouped by the macro + * it originates in, regardless of whether the messages will exactly match. + * + * ## General Usage + * + * To use this macro, define a class for the relevant behavior, and a means of stringifying + * relevant elements as a config, to parameterize the `DeduplicateMacroResults` module. + * + * ``` + * class InvalidFoo extends Foo { + * InvalidFoo() { ... } + * } + * + * module DeduplicateFooInMacrosConfig implements DeduplicateMacroConfigSig { + * string describe(InvalidFoo foo) { result = ... } + * } + * + * import DeduplicateMacroResults as DeduplicateFooInMacros; + * ``` + * + * This module exposes the following classes: + * - `PrimaryMacroSameResultElementInAllInvocations extends Macro`: Every invocation of this macro + * generates an `InvalidFoo` which stringifies to the same thing. Use the method + * `getResultElementDescription()` to get that shared string. + * - `PrimaryMacroDifferentResultElementInAllInvocations extends Macro`: Every invocation of this + * macro generates an `InvalidFoo`, but they do not all stringify to the same thing. Use the + * method `getExampleResultElement()` to get an *single* example `InvalidFoo` to help users fix + * and understand the issue. + * - `IsolatedMacroExpansionWithResultElement extends MacroInvocation`: An invocation of a macro + * which in this particular instance generates an `InvalidFoo`, while other invocations of the + * same macro do not. + * + * The three above classes all attempt to resolve to the most *specific* macro to the issue at + * hand. For instance, if macro `M1` calls macro `M2` which expands to an `InvalidFoo`, then the + * problem may be with `M2` (it is the most specific macro call here), or the problem may be with + * `M2` (if all expansions of `M2` generate an `InvalidFoo` but not all expansions of `M1` do so). + * + * ## Generating Report Objects + * + * This module also can be used to more easily report issues across these cases, by implementing + * `MacroReportConfigSig` and importing `DeduplicateMacroResults::Report::ReportResultInMacro`. + * + * ``` + * module InvalidFooInMacroReportConfig implements MacroReportConfigSig { + * + * // ***Take care that usage of $@ is correct in the following predicates***!!!! + * bindingset[description] + * string getMessageSameResultInAllExpansions(Macro m, string description) { + * result = "Macro " + m.getName() + " always has invalid foo " + description + * } + * + * string getMessageVariedResultInAllExpansions(Macro m) { + * result = "Macro " + m.getName() + " always has invalid foo, for example '$@'." + * } + * + * string getMessageResultInIsolatedExpansion(InvalidFoo foo) { + * result = "Invocation of macro $@ has invalid foo '" + foo.getName() + "'." + * } + * } + * + * import DeduplicateFooInMacros::Report as Report; + * + * from Report::ReportResultInMacro report + * where not excluded(report.getPrimaryElement(), ...) + * select report.getPrimaryElement(), report.getMessage(), report.getOptionalPlaceholderLocation(), + * report.getOptionalPlaceholderMessage() + * ``` + * + * Note that this does *not* (currently) generate a result for elements not contained by a macro. + * To do report such cases, either add support for that in this module, or write a separate query + * that reports `InvalidFoo` cases where not `.isInMacroExpansion()`. + */ +module DeduplicateMacroResults< + ResultType ResultElement, DeduplicateMacroConfigSig Config> +{ + /* A final class so that we may extend Macro. */ + final private class FinalMacro = Macro; + + /* Helper final class import so that we may reference/extend it. */ + final private class ResultMacroExpansion = MacroUnwrapper::ResultMacroExpansion; + + /** + * A macro for which all of its invocations produce an element that is described the same way. + * + * This is not necessarily the "primary" / most specific macro for these result elements. + * This difference is captured in `PrimarySameResultElementInAllMacroInvocations`, and the two + * classes are only separate to avoid non-monotonic recursion. + */ + private class SameResultElementInAllMacroInvocations extends FinalMacro { + string resultElementDescription; + + SameResultElementInAllMacroInvocations() { + forex(MacroInvocation mi | mi = getAnInvocation() | + Config::describe(mi.(ResultMacroExpansion).getResultElement()) = resultElementDescription + ) + } + + string getResultElementDescription() { result = resultElementDescription } + + ResultElement getAResultElement() { + result = getAnInvocation().(ResultMacroExpansion).getResultElement() + } + } + + /** + * A macro for which all of its invocations produce an element that is described the same way. + * + * This is the necessarily the "primary" / most specific macro for these result elements. + */ + class PrimaryMacroSameResultElementInAllInvocations extends SameResultElementInAllMacroInvocations + { + PrimaryMacroSameResultElementInAllInvocations() { + not exists(MacroInvocation inner | + inner.getParentInvocation() = getAnInvocation() and + inner.getMacro() instanceof SameResultElementInAllMacroInvocations + ) + } + } + + /** + * A expansion that generates a `ResultElement` that is uniquely described by the config. + * + * This is used so that we can find a single example invocation site to report as an example for + * macros which generate an array of different `ResultElement`s that are described differently. + * + * For example, two macro invocations may be given the same arguments, and generate the same + * `ResultElement`, while a third macro invocation is unique and generates a unique + * `ResultElement`. We wish to direct the user to that unique example or we will show the user + * two different reports for one underlying issue. + */ + private class UniqueResultMacroExpansion extends ResultMacroExpansion { + UniqueResultMacroExpansion() { + not exists(ResultMacroExpansion other | + not this = other and + this.getMacroName() = other.getMacroName() and + Config::describe(this.getResultElement()) = Config::describe(other.getResultElement()) + ) + } + } + + /** + * A macro for which all of its invocations produce an element, but they are not all described the + * same way. + * + * This is not necessarily the "primary" / most specific macro for these result elements. + * This difference is captured in `PrimaryDiferentResultElementInAllMacroInvocations`, and the two + * classes are only separate to avoid non-monotonic recursion. + */ + private class DifferentResultElementInAllMacroInvocations extends FinalMacro { + ResultElement exampleResultElement; + + DifferentResultElementInAllMacroInvocations() { + forex(MacroInvocation mi | mi = getAnInvocation() | mi instanceof ResultMacroExpansion) and + count(getAnInvocation().(ResultMacroExpansion).getResultElement()) > 1 and + exists(string description | + description = + rank[1](Config::describe(getAnInvocation().(UniqueResultMacroExpansion).getResultElement()) + ) and + Config::describe(exampleResultElement) = description and + exampleResultElement = getAnInvocation().(ResultMacroExpansion).getResultElement() + ) + } + + ResultElement getExampleResultElement() { result = exampleResultElement } + + ResultElement getAResultElement() { + result = getAnInvocation().(ResultMacroExpansion).getResultElement() + } + } + + /** + * A macro for which all of its invocations produce an element, but they are not all described the + * same way. + * + * This is "primary" / most specific macro for these result elements. + */ + class PrimaryMacroDifferentResultElementInAllInvocations extends DifferentResultElementInAllMacroInvocations + { + PrimaryMacroDifferentResultElementInAllInvocations() { + not exists(MacroInvocation inner | + inner.getParentInvocation() = getAnInvocation() and + inner.getMacro() instanceof DifferentResultElementInAllMacroInvocations + ) + } + } + + /* + * Convenience predicate to know when invalid macro expansions have been reported at their macro + * definition. + */ + + private predicate reported(Macro macro) { + macro instanceof PrimaryMacroSameResultElementInAllInvocations or + macro instanceof PrimaryMacroDifferentResultElementInAllInvocations + } + + /** + * A macro invocation for which the target macro does not always produce a `ResultElement`, but + * this specific invocation of it does. + * + * This is "primary" / most specific macro for these result elements. It will also does not match + * `MacroInvocation`s inside of a `MacroInvocation` of a `Macro` which always produces a + * `ResultElement`, indicating that the real problem lies with that other `Macro` instead of with + * this particular invocation. + */ + class IsolatedMacroExpansionWithResultElement extends ResultMacroExpansion { + IsolatedMacroExpansionWithResultElement() { + not reported(getParentInvocation*().getMacro()) and + not exists(MacroInvocation inner | + reported(inner.getMacro()) and + inner.getParentInvocation*() = this + ) and + not exists(ResultMacroExpansion moreSpecific | + moreSpecific.getResultElement() = getResultElement() and + moreSpecific.getParentInvocation+() = this + ) + } + } + + /** + * A module for generating reports across the various cases of problematic macros, problematic + * macro invocations. + * + * See the doc comment for the `DeduplicateMacroResults` module for more info. + */ + module Report ReportConfig> { + newtype TReportResultInMacro = + TReportMacroResultWithSameName(PrimaryMacroSameResultElementInAllInvocations def) or + TReportMacroResultWithVariedName(PrimaryMacroDifferentResultElementInAllInvocations def) or + TReportIsolatedMacroResult(IsolatedMacroExpansionWithResultElement def) + + /** + * An instance of a `ResultElement` to be reported to a user. + * + * To show a report, use the following methods: + * - `report.getPrimaryElement()` + * - `report.getMessage()` + * - `report.getOptionalPlaceholderLocation()` + * - `report.getOptionalPlaceholderMessage()` + * + * The values returned by these methods are configured by the `MacroReportConfigSig` + * signature parameter. + */ + class ReportResultInMacro extends TReportResultInMacro { + string toString() { result = getMessage() } + + string getMessage() { + exists(PrimaryMacroDifferentResultElementInAllInvocations def | + this = TReportMacroResultWithVariedName(def) and + result = ReportConfig::getMessageVariedResultInAllExpansions(def) + ) + or + exists(PrimaryMacroSameResultElementInAllInvocations def | + this = TReportMacroResultWithSameName(def) and + result = + ReportConfig::getMessageSameResultInAllExpansions(def, def.getResultElementDescription()) + ) + or + exists(IsolatedMacroExpansionWithResultElement def | + this = TReportIsolatedMacroResult(def) and + result = ReportConfig::getMessageResultInIsolatedExpansion(def.getResultElement()) + ) + } + + Element getPrimaryElement() { + this = TReportMacroResultWithSameName(result) + or + this = TReportMacroResultWithVariedName(result) + or + this = TReportIsolatedMacroResult(result) + } + + Location getOptionalPlaceholderLocation() { + exists(PrimaryMacroDifferentResultElementInAllInvocations def | + this = TReportMacroResultWithVariedName(def) and + result = def.getExampleResultElement().getLocation() + ) + or + exists(PrimaryMacroSameResultElementInAllInvocations def | + this = TReportMacroResultWithSameName(def) and + result = def.getLocation() + ) + or + exists(IsolatedMacroExpansionWithResultElement def | + this = TReportIsolatedMacroResult(def) and + result = def.getMacro().getLocation() + ) + } + + string getOptionalPlaceholderMessage() { + exists(PrimaryMacroDifferentResultElementInAllInvocations def | + this = TReportMacroResultWithVariedName(def) and + result = Config::describe(def.getExampleResultElement()) + ) + or + this = TReportMacroResultWithSameName(_) and + result = "(ignored)" + or + this = TReportIsolatedMacroResult(_) and + result = getMacro().getName() + } + + Macro getMacro() { + this = TReportMacroResultWithVariedName(result) + or + this = TReportMacroResultWithSameName(result) + or + exists(IsolatedMacroExpansionWithResultElement def | + this = TReportIsolatedMacroResult(def) and + result = def.getMacro() + ) + } + + ResultMacroExpansion getAResultMacroExpansion() { + exists(PrimaryMacroDifferentResultElementInAllInvocations def | + this = TReportMacroResultWithVariedName(def) and + result = def.getAnInvocation() + ) + or + exists(PrimaryMacroSameResultElementInAllInvocations def | + this = TReportMacroResultWithSameName(def) and + result = def.getAnInvocation() + ) + or + this = TReportIsolatedMacroResult(result) + } + } + } +} diff --git a/cpp/common/src/codingstandards/cpp/deadcode/UnusedObjects.qll b/cpp/common/src/codingstandards/cpp/deadcode/UnusedObjects.qll new file mode 100644 index 0000000000..70944dfad4 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/deadcode/UnusedObjects.qll @@ -0,0 +1,176 @@ +import cpp +import codingstandards.cpp.alertreporting.HoldsForAllCopies +import codingstandards.cpp.alertreporting.DeduplicateMacroResults + +/** + * An unused object definition is an object, meaning a place in memory, whose definition could be + * removed and the program would still compile. + * + * Technically, parameters may be considered objects, but they are covered by their own rule. + * Similarly, members of structs are an addressable place in memory, and may be considered objects. + * However, the member declaration is nothing but a layout offset, which is not an object. + * + * This therefore only reports variables (local or top level) which have a definition, and are + * unused. + */ +class UnusedObjectDefinition extends VariableDeclarationEntry { + UnusedObjectDefinition() { + not exists(VariableAccess access | access.getTarget() = getVariable()) and + getVariable().getDefinition() = this and + not this instanceof ParameterDeclarationEntry and + not getVariable() instanceof MemberVariable + } + + /* Dead objects with these attributes are reported in the "strict" queries. */ + predicate hasAttrUnused() { + getVariable().getAnAttribute().hasName(["unused", "used", "maybe_unused", "cleanup"]) + } +} + +/* Configuration to use the `DedupMacroResults` module to reduce alert noise */ +module UnusedObjectDefinitionDedupeConfig implements + DeduplicateMacroConfigSig +{ + string describe(UnusedObjectDefinition def) { result = def.getName() } +} + +import DeduplicateMacroResults as DeduplicateUnusedMacroObjects + +/** + * A macro invocation that only defines one unused variable. + * + * These are reported at the invocation site when the variable is unused. + */ +class MacroExpansionWithOnlyUnusedObjectDefinition extends MacroInvocation { + UnusedObjectDefinition unusedObject; + + MacroExpansionWithOnlyUnusedObjectDefinition() { + exists(DeclStmt stmt, Declaration decl | + stmt = getStmt() and + count(getStmt()) = 1 and + count(stmt.getADeclaration()) = 1 and + decl = stmt.getADeclaration() and + count(decl.getADeclarationEntry()) = 1 and + unusedObject = decl.getADeclarationEntry() + ) and + not exists(this.getParentInvocation()) + } + + UnusedObjectDefinition getUnusedObject() { result = unusedObject } +} + +/** + * An object definition which is not from a macro, and for which all copies are unused. + * + * Extends the `HoldForAllCopies::LogicalResultElement` class, because these dead objects are often + * duplicated across defines and sometimes aren't marked used due to extractor bugs. + */ +class SimpleDeadObjectDefinition extends HoldsForAllCopies::LogicalResultElement +{ + SimpleDeadObjectDefinition() { not getAnElementInstance().isInMacroExpansion() } + + string getName() { result = getAnElementInstance().getName() } +} + +/* Make a type for reporting these two results in one query */ +newtype TReportDeadObjectAtDefinition = + TSimpleDeadObjectDefinition(SimpleDeadObjectDefinition def) or + TMacroExpansionWithOnlyUnusedObject(MacroExpansionWithOnlyUnusedObjectDefinition def) + +/** + * Class to report simple dead object definitions, and dead objects from macros that do nothing but + * define an object. + * + * To report all cases, make sure to also use the `DeduplicateUnusedMacroObjects::Report` module. + * + * To report these cases, use the methods: + * - `getMessage()` + * - `getPrimaryElement()`, + * - `getOptionalPlaceholderLocation()` + * - `getOptionalPlaceholderMessage()` + */ +class ReportDeadObjectAtDefinition extends TReportDeadObjectAtDefinition { + string toString() { result = getMessage() } + + string getMessage() { + exists(MacroExpansionWithOnlyUnusedObjectDefinition def | + this = TMacroExpansionWithOnlyUnusedObject(def) and + result = "Unused object definition '" + def.getUnusedObject().getName() + "' from macro '$@'." + ) + or + exists(SimpleDeadObjectDefinition def | + this = TSimpleDeadObjectDefinition(def) and + result = "Unused object definition '" + def.getName() + "'." + ) + } + + predicate hasAttrUnused() { + exists(MacroExpansionWithOnlyUnusedObjectDefinition def | + this = TMacroExpansionWithOnlyUnusedObject(def) and + def.getUnusedObject().hasAttrUnused() + ) + or + exists(SimpleDeadObjectDefinition def | + this = TSimpleDeadObjectDefinition(def) and + def.getAnElementInstance().hasAttrUnused() + ) + } + + Element getPrimaryElement() { + this = TMacroExpansionWithOnlyUnusedObject(result) + or + exists(SimpleDeadObjectDefinition def | + this = TSimpleDeadObjectDefinition(def) and + result = def.getAnElementInstance() + ) + } + + Location getOptionalPlaceholderLocation() { + exists(MacroExpansionWithOnlyUnusedObjectDefinition def | + this = TMacroExpansionWithOnlyUnusedObject(def) and + result = def.getMacro().getLocation() + ) + or + exists(SimpleDeadObjectDefinition def | + this = TSimpleDeadObjectDefinition(def) and + result = def.getAnElementInstance().getLocation() + ) + } + + string getOptionalPlaceholderMessage() { + exists(MacroExpansionWithOnlyUnusedObjectDefinition def | + this = TMacroExpansionWithOnlyUnusedObject(def) and + result = def.getMacroName() + ) + or + this = TSimpleDeadObjectDefinition(_) and + result = "" + } +} + +/* Module config to use the `DeduplicateUnusedMacroObjects::Report` module */ +module ReportDeadObjectInMacroConfig implements MacroReportConfigSig { + bindingset[description] + string getMessageSameResultInAllExpansions(Macro m, string description) { + result = "Macro '" + m.getName() + "' defines unused object '" + description + "'." + } + + string getMessageVariedResultInAllExpansions(Macro m) { + result = "Macro '" + m.getName() + "' defines unused object of varied names, for example, '$@'." + } + + string getMessageResultInIsolatedExpansion(UnusedObjectDefinition unused) { + result = "Invocation of macro '$@' defines unused object '" + unused.getName() + "'." + } +} + +/* The object to report in queries of dead objects used in macros */ +class ReportDeadObjectInMacro extends DeduplicateUnusedMacroObjects::Report::ReportResultInMacro +{ + ReportDeadObjectInMacro() { + // `MacroExpansionWithOnlyUnusedObjectDefinition` is reported by class `ReportDeadObjectAtDefinition` + not getAResultMacroExpansion() instanceof MacroExpansionWithOnlyUnusedObjectDefinition + } + + predicate hasAttrUnused() { getAResultMacroExpansion().getResultElement().hasAttrUnused() } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/DeadCode2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/DeadCode2.qll new file mode 100644 index 0000000000..8f8edc03fa --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/DeadCode2.qll @@ -0,0 +1,78 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype DeadCode2Query = + TUnusedObjectDefinitionQuery() or + TUnusedObjectDefinitionInMacroQuery() or + TUnusedObjectDefinitionStrictQuery() or + TUnusedObjectDefinitionInMacroStrictQuery() + +predicate isDeadCode2QueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `unusedObjectDefinition` query + DeadCode2Package::unusedObjectDefinitionQuery() and + queryId = + // `@id` for the `unusedObjectDefinition` query + "c/misra/unused-object-definition" and + ruleId = "RULE-2-8" and + category = "advisory" + or + query = + // `Query` instance for the `unusedObjectDefinitionInMacro` query + DeadCode2Package::unusedObjectDefinitionInMacroQuery() and + queryId = + // `@id` for the `unusedObjectDefinitionInMacro` query + "c/misra/unused-object-definition-in-macro" and + ruleId = "RULE-2-8" and + category = "advisory" + or + query = + // `Query` instance for the `unusedObjectDefinitionStrict` query + DeadCode2Package::unusedObjectDefinitionStrictQuery() and + queryId = + // `@id` for the `unusedObjectDefinitionStrict` query + "c/misra/unused-object-definition-strict" and + ruleId = "RULE-2-8" and + category = "advisory" + or + query = + // `Query` instance for the `unusedObjectDefinitionInMacroStrict` query + DeadCode2Package::unusedObjectDefinitionInMacroStrictQuery() and + queryId = + // `@id` for the `unusedObjectDefinitionInMacroStrict` query + "c/misra/unused-object-definition-in-macro-strict" and + ruleId = "RULE-2-8" and + category = "advisory" +} + +module DeadCode2Package { + Query unusedObjectDefinitionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `unusedObjectDefinition` query + TQueryC(TDeadCode2PackageQuery(TUnusedObjectDefinitionQuery())) + } + + Query unusedObjectDefinitionInMacroQuery() { + //autogenerate `Query` type + result = + // `Query` type for `unusedObjectDefinitionInMacro` query + TQueryC(TDeadCode2PackageQuery(TUnusedObjectDefinitionInMacroQuery())) + } + + Query unusedObjectDefinitionStrictQuery() { + //autogenerate `Query` type + result = + // `Query` type for `unusedObjectDefinitionStrict` query + TQueryC(TDeadCode2PackageQuery(TUnusedObjectDefinitionStrictQuery())) + } + + Query unusedObjectDefinitionInMacroStrictQuery() { + //autogenerate `Query` type + result = + // `Query` type for `unusedObjectDefinitionInMacroStrict` query + TQueryC(TDeadCode2PackageQuery(TUnusedObjectDefinitionInMacroStrictQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index 3833533d50..75aad6f02c 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -19,6 +19,7 @@ import Contracts5 import Contracts6 import Contracts7 import DeadCode +import DeadCode2 import Declarations1 import Declarations2 import Declarations3 @@ -95,6 +96,7 @@ newtype TCQuery = TContracts6PackageQuery(Contracts6Query q) or TContracts7PackageQuery(Contracts7Query q) or TDeadCodePackageQuery(DeadCodeQuery q) or + TDeadCode2PackageQuery(DeadCode2Query q) or TDeclarations1PackageQuery(Declarations1Query q) or TDeclarations2PackageQuery(Declarations2Query q) or TDeclarations3PackageQuery(Declarations3Query q) or @@ -171,6 +173,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isContracts6QueryMetadata(query, queryId, ruleId, category) or isContracts7QueryMetadata(query, queryId, ruleId, category) or isDeadCodeQueryMetadata(query, queryId, ruleId, category) or + isDeadCode2QueryMetadata(query, queryId, ruleId, category) or isDeclarations1QueryMetadata(query, queryId, ruleId, category) or isDeclarations2QueryMetadata(query, queryId, ruleId, category) or isDeclarations3QueryMetadata(query, queryId, ruleId, category) or diff --git a/cpp/common/test/library/codingstandards/cpp/alertreporting/DeduplicateMacroResults.expected b/cpp/common/test/library/codingstandards/cpp/alertreporting/DeduplicateMacroResults.expected new file mode 100644 index 0000000000..eb55b83924 --- /dev/null +++ b/cpp/common/test/library/codingstandards/cpp/alertreporting/DeduplicateMacroResults.expected @@ -0,0 +1,6 @@ +| deduplicatemacroresults.cpp:10:1:10:34 | SOMETIMES_HAS_RESULTS1(type,name) | Invocation of macro $@ has findme var 'g3'. | deduplicatemacroresults.cpp:6:1:6:52 | deduplicatemacroresults.cpp:6:1:6:52 | SOMETIMES_HAS_RESULTS1 | +| deduplicatemacroresults.cpp:13:1:13:34 | SOMETIMES_HAS_RESULTS2(type,name) | Invocation of macro $@ has findme var 'g5'. | deduplicatemacroresults.cpp:7:1:7:53 | deduplicatemacroresults.cpp:7:1:7:53 | SOMETIMES_HAS_RESULTS2 | +| deduplicatemacroresults.cpp:15:1:15:50 | #define ALWAYS_HAS_SAME_RESULT() extern findme g6; | Macro ALWAYS_HAS_SAME_RESULT always has findme var named g6 | deduplicatemacroresults.cpp:15:1:15:50 | deduplicatemacroresults.cpp:15:1:15:50 | (ignored) | +| deduplicatemacroresults.cpp:21:1:21:70 | #define ALWAYS_HAS_RESULT_VARIED_DESCRIPTION(name) extern findme name; | Macro ALWAYS_HAS_RESULT_VARIED_DESCRIPTION always has findme var, for example '$@'. | deduplicatemacroresults.cpp:23:38:23:39 | deduplicatemacroresults.cpp:23:38:23:39 | g7 | +| deduplicatemacroresults.cpp:30:1:31:50 | #define OUTER_ALWAYS_HAS_SAME_RESULT() extern INNER_SOMETIMES_HAS_RESULTS(findme, g10); | Macro OUTER_ALWAYS_HAS_SAME_RESULT always has findme var named g10 | deduplicatemacroresults.cpp:30:1:31:50 | deduplicatemacroresults.cpp:30:1:31:50 | (ignored) | +| deduplicatemacroresults.cpp:37:1:38:52 | #define OUTER_ALWAYS_HAS_RESULT_VARIED_DESCRIPTION(name) INNER_SOMETIMES_HAS_RESULTS(findme, name ## suffix); | Macro OUTER_ALWAYS_HAS_RESULT_VARIED_DESCRIPTION always has findme var, for example '$@'. | deduplicatemacroresults.cpp:40:44:40:47 | deduplicatemacroresults.cpp:40:44:40:47 | g11suffix | diff --git a/cpp/common/test/library/codingstandards/cpp/alertreporting/DeduplicateMacroResults.ql b/cpp/common/test/library/codingstandards/cpp/alertreporting/DeduplicateMacroResults.ql new file mode 100644 index 0000000000..cd999d72c9 --- /dev/null +++ b/cpp/common/test/library/codingstandards/cpp/alertreporting/DeduplicateMacroResults.ql @@ -0,0 +1,32 @@ +import cpp +import codingstandards.cpp.alertreporting.DeduplicateMacroResults + +class FindMe extends VariableDeclarationEntry { + FindMe() { getType().toString() = "findme" } +} + +module FindMeDedupeConfig implements DeduplicateMacroConfigSig { + string describe(FindMe def) { result = def.getName() } +} + +module FindMeReportConfig implements MacroReportConfigSig { + bindingset[description] + string getMessageSameResultInAllExpansions(Macro m, string description) { + result = "Macro " + m.getName() + " always has findme var named " + description + } + + string getMessageVariedResultInAllExpansions(Macro m) { + result = "Macro " + m.getName() + " always has findme var, for example '$@'." + } + + string getMessageResultInIsolatedExpansion(FindMe f) { + result = "Invocation of macro $@ has findme var '" + f.getName() + "'." + } +} + +import DeduplicateMacroResults +import DeduplicateMacroResults::Report + +from ReportResultInMacro report +select report.getPrimaryElement(), report.getMessage(), report.getOptionalPlaceholderLocation(), + report.getOptionalPlaceholderMessage() diff --git a/cpp/common/test/library/codingstandards/cpp/alertreporting/deduplicatemacroresults.cpp b/cpp/common/test/library/codingstandards/cpp/alertreporting/deduplicatemacroresults.cpp new file mode 100644 index 0000000000..3c5d8bca5b --- /dev/null +++ b/cpp/common/test/library/codingstandards/cpp/alertreporting/deduplicatemacroresults.cpp @@ -0,0 +1,53 @@ +typedef struct { +} findme; + +findme g1; // ignore -- not in a macro + +#define SOMETIMES_HAS_RESULTS1(type, name) type name // ignore +#define SOMETIMES_HAS_RESULTS2(type, name) type name; // ignore + +SOMETIMES_HAS_RESULTS1(int, g2); // ignore +SOMETIMES_HAS_RESULTS1(findme, g3); // RESULT + +SOMETIMES_HAS_RESULTS2(int, g4) // ignore +SOMETIMES_HAS_RESULTS2(findme, g5) // RESULT + +#define ALWAYS_HAS_SAME_RESULT() extern findme g6; // RESULT + +ALWAYS_HAS_SAME_RESULT() // ignore +ALWAYS_HAS_SAME_RESULT() // ignore +ALWAYS_HAS_SAME_RESULT() // ignore + +#define ALWAYS_HAS_RESULT_VARIED_DESCRIPTION(name) extern findme name; // RESULT + +ALWAYS_HAS_RESULT_VARIED_DESCRIPTION(g7) // ignore +ALWAYS_HAS_RESULT_VARIED_DESCRIPTION(g8) // ignore +ALWAYS_HAS_RESULT_VARIED_DESCRIPTION(g9) // ignore +ALWAYS_HAS_RESULT_VARIED_DESCRIPTION(g9) // ignore +ALWAYS_HAS_RESULT_VARIED_DESCRIPTION(g9) // ignore + +#define INNER_SOMETIMES_HAS_RESULTS(type, name) type name; // ignore +#define OUTER_ALWAYS_HAS_SAME_RESULT() \ + extern INNER_SOMETIMES_HAS_RESULTS(findme, g10); // RESULT + +OUTER_ALWAYS_HAS_SAME_RESULT() // ignore +OUTER_ALWAYS_HAS_SAME_RESULT() // ignore + +// 'name ## suffix' required to work around extractor bug. +#define OUTER_ALWAYS_HAS_RESULT_VARIED_DESCRIPTION(name) \ + INNER_SOMETIMES_HAS_RESULTS(findme, name##suffix); // RESULT + +OUTER_ALWAYS_HAS_RESULT_VARIED_DESCRIPTION(g11) // ignore +OUTER_ALWAYS_HAS_RESULT_VARIED_DESCRIPTION(g12) // ignore + +#define OUTER_OUTER_ALWAYS_HAS_SAME_RESULT() \ + OUTER_ALWAYS_HAS_SAME_RESULT(); // ignore +OUTER_OUTER_ALWAYS_HAS_SAME_RESULT() // ignore +OUTER_OUTER_ALWAYS_HAS_SAME_RESULT() // ignore + +// 'name ## suffix' required to work around extractor bug. +#define OUTER_OUTER_ALWAYS_HAS_RESULT_VARIED_DESCRIPTION(name) \ + OUTER_ALWAYS_HAS_RESULT_VARIED_DESCRIPTION(name##suffix); // ignore + +OUTER_OUTER_ALWAYS_HAS_RESULT_VARIED_DESCRIPTION(g13) // ignore +OUTER_OUTER_ALWAYS_HAS_RESULT_VARIED_DESCRIPTION(g14) // ignore \ No newline at end of file diff --git a/rule_packages/c/DeadCode2.json b/rule_packages/c/DeadCode2.json new file mode 100644 index 0000000000..da114a2349 --- /dev/null +++ b/rule_packages/c/DeadCode2.json @@ -0,0 +1,66 @@ +{ + "MISRA-C-2012": { + "RULE-2-8": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "Object definitions which are unused should be removed.", + "kind": "problem", + "name": "A project should not contain unused object definitions", + "precision": "very-high", + "severity": "recommendation", + "short_name": "UnusedObjectDefinition", + "tags": [ + "maintainability", + "performance", + "external/misra/c/2012/amendment4" + ] + }, + { + "description": "Macros should not have unused object definitions.", + "kind": "problem", + "name": "Project macros should not include unused object definitions", + "precision": "very-high", + "severity": "recommendation", + "short_name": "UnusedObjectDefinitionInMacro", + "tags": [ + "maintainability", + "performance", + "external/misra/c/2012/amendment4" + ] + }, + { + "description": "A strict query which reports all unused object definitions with '__attribute__((unused))'.", + "kind": "problem", + "name": "A project should not contain '__attribute__((unused))' object definitions", + "precision": "very-high", + "severity": "recommendation", + "short_name": "UnusedObjectDefinitionStrict", + "tags": [ + "maintainability", + "performance", + "external/misra/c/2012/amendment4", + "external/misra/c/strict" + ] + }, + { + "description": "A strict query which reports all unused object definitions in macros with '__attribute__((unused))'.", + "kind": "problem", + "name": "Project macros should not include '__attribute__((unused))' object definitions", + "precision": "very-high", + "severity": "recommendation", + "short_name": "UnusedObjectDefinitionInMacroStrict", + "tags": [ + "maintainability", + "performance", + "external/misra/c/2012/amendment4", + "external/misra/c/strict" + ] + } + ], + "title": "A project should not contain unused object definitions" + } + } +} \ No newline at end of file From ff562f9e93d803242cc0a8413277daad64f3d376 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 24 Oct 2024 23:31:58 -0700 Subject: [PATCH 2214/2573] Fix strict misra tag in rules schema --- schemas/rule-package.schema.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/schemas/rule-package.schema.json b/schemas/rule-package.schema.json index b27815163e..b27136634f 100644 --- a/schemas/rule-package.schema.json +++ b/schemas/rule-package.schema.json @@ -342,7 +342,8 @@ "external/misra/c/2012/third-edition-first-revision", "external/misra/c/2012/amendment2", "external/misra/c/2012/amendment3", - "external/misra/c/2012/amendment4" + "external/misra/c/2012/amendment4", + "external/misra/c/strict" ] }, "minLength": 1 From 8f81b4e7dcef93295bb1f486f12cdb4bf2bc9a03 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 27 Oct 2024 14:50:03 +0000 Subject: [PATCH 2215/2573] EssentialTypes: Correct handling of bitwise binary expressions They shouldn't have the standard type if either both the operands are signed or they are both unsigned. --- .../c/misra/EssentialTypes.qll | 49 +++- c/misra/test/c/misra/EssentialTypes.expected | 275 ++++++++++++++++++ c/misra/test/c/misra/test.c | 80 +++++ 3 files changed, 402 insertions(+), 2 deletions(-) diff --git a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll index 4783547ed2..4dbe8dbb34 100644 --- a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll +++ b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll @@ -192,8 +192,8 @@ class EssentialEqualityOperationExpr extends EssentialExpr, EqualityOperation { override Type getEssentialType() { result instanceof BoolType } } -class EssentialBinaryBitwiseOperationExpr extends EssentialExpr, BinaryBitwiseOperation { - EssentialBinaryBitwiseOperationExpr() { +class EssentialShiftOperationExpr extends EssentialExpr, BinaryBitwiseOperation { + EssentialShiftOperationExpr() { this instanceof LShiftExpr or this instanceof RShiftExpr } @@ -353,6 +353,51 @@ class EssentialBinaryArithmeticExpr extends EssentialExpr, BinaryArithmeticOpera } } +class EssentialBinaryBitwiseExpr extends EssentialExpr, BinaryBitwiseOperation { + EssentialBinaryBitwiseExpr() { + not this instanceof LShiftExpr and + not this instanceof RShiftExpr + } + + override Type getEssentialType() { + exists( + Type leftEssentialType, Type rightEssentialType, + EssentialTypeCategory leftEssentialTypeCategory, + EssentialTypeCategory rightEssentialTypeCategory + | + leftEssentialType = getEssentialType(getLeftOperand()) and + rightEssentialType = getEssentialType(getRightOperand()) and + leftEssentialTypeCategory = getEssentialTypeCategory(leftEssentialType) and + rightEssentialTypeCategory = getEssentialTypeCategory(rightEssentialType) + | + if + leftEssentialTypeCategory = EssentiallySignedType() and + rightEssentialTypeCategory = EssentiallySignedType() + then + if exists(getValue()) + then result = stlr(this) + else ( + if leftEssentialType.getSize() > rightEssentialType.getSize() + then result = leftEssentialType + else result = rightEssentialType + ) + else + if + leftEssentialTypeCategory = EssentiallyUnsignedType() and + rightEssentialTypeCategory = EssentiallyUnsignedType() + then + if exists(getValue()) + then result = utlr(this) + else ( + if leftEssentialType.getSize() > rightEssentialType.getSize() + then result = leftEssentialType + else result = rightEssentialType + ) + else result = this.getStandardType() + ) + } +} + /** * A named Enum type, as per D.5. */ diff --git a/c/misra/test/c/misra/EssentialTypes.expected b/c/misra/test/c/misra/EssentialTypes.expected index c0e010b8e4..19a7090fe9 100644 --- a/c/misra/test/c/misra/EssentialTypes.expected +++ b/c/misra/test/c/misra/EssentialTypes.expected @@ -90,3 +90,278 @@ | test.c:79:3:79:5 | 97 | char | char | essentially Character type | | test.c:80:3:80:6 | 10 | char | char | essentially Character type | | test.c:81:3:81:6 | 0 | char | char | essentially Character type | +| test.c:87:16:87:16 | 0 | signed char | signed char | essentially Signed type | +| test.c:87:16:87:16 | (uint8_t)... | uint8_t | uint8_t | essentially Unsigned type | +| test.c:88:18:88:18 | 0 | signed char | signed char | essentially Signed type | +| test.c:88:18:88:18 | (uint16_t)... | uint16_t | uint16_t | essentially Unsigned type | +| test.c:89:18:89:18 | 0 | signed char | signed char | essentially Signed type | +| test.c:89:18:89:18 | (uint32_t)... | uint32_t | uint32_t | essentially Unsigned type | +| test.c:90:15:90:15 | 0 | signed char | signed char | essentially Signed type | +| test.c:90:15:90:15 | (int8_t)... | int8_t | int8_t | essentially Signed type | +| test.c:91:17:91:17 | 0 | signed char | signed char | essentially Signed type | +| test.c:91:17:91:17 | (int16_t)... | int16_t | int16_t | essentially Signed type | +| test.c:92:16:92:17 | 0 | signed char | signed char | essentially Signed type | +| test.c:94:3:94:4 | (int)... | int | int | essentially Signed type | +| test.c:94:3:94:4 | u8 | uint8_t | uint8_t | essentially Unsigned type | +| test.c:94:3:94:9 | ... & ... | uint8_t | uint8_t | essentially Unsigned type | +| test.c:94:8:94:9 | (int)... | int | int | essentially Signed type | +| test.c:94:8:94:9 | u8 | uint8_t | uint8_t | essentially Unsigned type | +| test.c:95:3:95:5 | (int)... | int | int | essentially Signed type | +| test.c:95:3:95:5 | u16 | uint16_t | uint16_t | essentially Unsigned type | +| test.c:95:3:95:10 | ... & ... | uint16_t | uint16_t | essentially Unsigned type | +| test.c:95:9:95:10 | (int)... | int | int | essentially Signed type | +| test.c:95:9:95:10 | u8 | uint8_t | uint8_t | essentially Unsigned type | +| test.c:96:3:96:4 | (int)... | int | int | essentially Signed type | +| test.c:96:3:96:4 | u8 | uint8_t | uint8_t | essentially Unsigned type | +| test.c:96:3:96:10 | ... & ... | uint16_t | uint16_t | essentially Unsigned type | +| test.c:96:8:96:10 | (int)... | int | int | essentially Signed type | +| test.c:96:8:96:10 | u16 | uint16_t | uint16_t | essentially Unsigned type | +| test.c:97:3:97:5 | u32 | uint32_t | uint32_t | essentially Unsigned type | +| test.c:97:3:97:10 | ... & ... | uint32_t | uint32_t | essentially Unsigned type | +| test.c:97:9:97:10 | (unsigned int)... | unsigned int | unsigned int | essentially Unsigned type | +| test.c:97:9:97:10 | u8 | uint8_t | uint8_t | essentially Unsigned type | +| test.c:98:3:98:4 | (unsigned int)... | unsigned int | unsigned int | essentially Unsigned type | +| test.c:98:3:98:4 | u8 | uint8_t | uint8_t | essentially Unsigned type | +| test.c:98:3:98:10 | ... & ... | uint32_t | uint32_t | essentially Unsigned type | +| test.c:98:8:98:10 | u32 | uint32_t | uint32_t | essentially Unsigned type | +| test.c:99:3:99:5 | u32 | uint32_t | uint32_t | essentially Unsigned type | +| test.c:99:3:99:11 | ... & ... | uint32_t | uint32_t | essentially Unsigned type | +| test.c:99:9:99:11 | (unsigned int)... | unsigned int | unsigned int | essentially Unsigned type | +| test.c:99:9:99:11 | u16 | uint16_t | uint16_t | essentially Unsigned type | +| test.c:100:3:100:5 | (unsigned int)... | unsigned int | unsigned int | essentially Unsigned type | +| test.c:100:3:100:5 | u16 | uint16_t | uint16_t | essentially Unsigned type | +| test.c:100:3:100:11 | ... & ... | uint32_t | uint32_t | essentially Unsigned type | +| test.c:100:9:100:11 | u32 | uint32_t | uint32_t | essentially Unsigned type | +| test.c:102:3:102:4 | (int)... | int | int | essentially Signed type | +| test.c:102:3:102:4 | u8 | uint8_t | uint8_t | essentially Unsigned type | +| test.c:102:3:102:9 | ... \| ... | uint8_t | uint8_t | essentially Unsigned type | +| test.c:102:8:102:9 | (int)... | int | int | essentially Signed type | +| test.c:102:8:102:9 | u8 | uint8_t | uint8_t | essentially Unsigned type | +| test.c:103:3:103:5 | (int)... | int | int | essentially Signed type | +| test.c:103:3:103:5 | u16 | uint16_t | uint16_t | essentially Unsigned type | +| test.c:103:3:103:10 | ... \| ... | uint16_t | uint16_t | essentially Unsigned type | +| test.c:103:9:103:10 | (int)... | int | int | essentially Signed type | +| test.c:103:9:103:10 | u8 | uint8_t | uint8_t | essentially Unsigned type | +| test.c:104:3:104:4 | (int)... | int | int | essentially Signed type | +| test.c:104:3:104:4 | u8 | uint8_t | uint8_t | essentially Unsigned type | +| test.c:104:3:104:10 | ... \| ... | uint16_t | uint16_t | essentially Unsigned type | +| test.c:104:8:104:10 | (int)... | int | int | essentially Signed type | +| test.c:104:8:104:10 | u16 | uint16_t | uint16_t | essentially Unsigned type | +| test.c:105:3:105:5 | u32 | uint32_t | uint32_t | essentially Unsigned type | +| test.c:105:3:105:10 | ... \| ... | uint32_t | uint32_t | essentially Unsigned type | +| test.c:105:9:105:10 | (unsigned int)... | unsigned int | unsigned int | essentially Unsigned type | +| test.c:105:9:105:10 | u8 | uint8_t | uint8_t | essentially Unsigned type | +| test.c:106:3:106:4 | (unsigned int)... | unsigned int | unsigned int | essentially Unsigned type | +| test.c:106:3:106:4 | u8 | uint8_t | uint8_t | essentially Unsigned type | +| test.c:106:3:106:10 | ... \| ... | uint32_t | uint32_t | essentially Unsigned type | +| test.c:106:8:106:10 | u32 | uint32_t | uint32_t | essentially Unsigned type | +| test.c:107:3:107:5 | u32 | uint32_t | uint32_t | essentially Unsigned type | +| test.c:107:3:107:11 | ... \| ... | uint32_t | uint32_t | essentially Unsigned type | +| test.c:107:9:107:11 | (unsigned int)... | unsigned int | unsigned int | essentially Unsigned type | +| test.c:107:9:107:11 | u16 | uint16_t | uint16_t | essentially Unsigned type | +| test.c:108:3:108:5 | (unsigned int)... | unsigned int | unsigned int | essentially Unsigned type | +| test.c:108:3:108:5 | u16 | uint16_t | uint16_t | essentially Unsigned type | +| test.c:108:3:108:11 | ... \| ... | uint32_t | uint32_t | essentially Unsigned type | +| test.c:108:9:108:11 | u32 | uint32_t | uint32_t | essentially Unsigned type | +| test.c:110:3:110:4 | (int)... | int | int | essentially Signed type | +| test.c:110:3:110:4 | u8 | uint8_t | uint8_t | essentially Unsigned type | +| test.c:110:3:110:9 | ... ^ ... | uint8_t | uint8_t | essentially Unsigned type | +| test.c:110:8:110:9 | (int)... | int | int | essentially Signed type | +| test.c:110:8:110:9 | u8 | uint8_t | uint8_t | essentially Unsigned type | +| test.c:111:3:111:5 | (int)... | int | int | essentially Signed type | +| test.c:111:3:111:5 | u16 | uint16_t | uint16_t | essentially Unsigned type | +| test.c:111:3:111:10 | ... ^ ... | uint16_t | uint16_t | essentially Unsigned type | +| test.c:111:9:111:10 | (int)... | int | int | essentially Signed type | +| test.c:111:9:111:10 | u8 | uint8_t | uint8_t | essentially Unsigned type | +| test.c:112:3:112:4 | (int)... | int | int | essentially Signed type | +| test.c:112:3:112:4 | u8 | uint8_t | uint8_t | essentially Unsigned type | +| test.c:112:3:112:10 | ... ^ ... | uint16_t | uint16_t | essentially Unsigned type | +| test.c:112:8:112:10 | (int)... | int | int | essentially Signed type | +| test.c:112:8:112:10 | u16 | uint16_t | uint16_t | essentially Unsigned type | +| test.c:113:3:113:5 | u32 | uint32_t | uint32_t | essentially Unsigned type | +| test.c:113:3:113:10 | ... ^ ... | uint32_t | uint32_t | essentially Unsigned type | +| test.c:113:9:113:10 | (unsigned int)... | unsigned int | unsigned int | essentially Unsigned type | +| test.c:113:9:113:10 | u8 | uint8_t | uint8_t | essentially Unsigned type | +| test.c:114:3:114:4 | (unsigned int)... | unsigned int | unsigned int | essentially Unsigned type | +| test.c:114:3:114:4 | u8 | uint8_t | uint8_t | essentially Unsigned type | +| test.c:114:3:114:10 | ... ^ ... | uint32_t | uint32_t | essentially Unsigned type | +| test.c:114:8:114:10 | u32 | uint32_t | uint32_t | essentially Unsigned type | +| test.c:115:3:115:5 | u32 | uint32_t | uint32_t | essentially Unsigned type | +| test.c:115:3:115:11 | ... ^ ... | uint32_t | uint32_t | essentially Unsigned type | +| test.c:115:9:115:11 | (unsigned int)... | unsigned int | unsigned int | essentially Unsigned type | +| test.c:115:9:115:11 | u16 | uint16_t | uint16_t | essentially Unsigned type | +| test.c:116:3:116:5 | (unsigned int)... | unsigned int | unsigned int | essentially Unsigned type | +| test.c:116:3:116:5 | u16 | uint16_t | uint16_t | essentially Unsigned type | +| test.c:116:3:116:11 | ... ^ ... | uint32_t | uint32_t | essentially Unsigned type | +| test.c:116:9:116:11 | u32 | uint32_t | uint32_t | essentially Unsigned type | +| test.c:118:3:118:4 | (int)... | int | int | essentially Signed type | +| test.c:118:3:118:4 | s8 | int8_t | int8_t | essentially Signed type | +| test.c:118:3:118:9 | ... & ... | int8_t | int8_t | essentially Signed type | +| test.c:118:8:118:9 | (int)... | int | int | essentially Signed type | +| test.c:118:8:118:9 | s8 | int8_t | int8_t | essentially Signed type | +| test.c:119:3:119:5 | (int)... | int | int | essentially Signed type | +| test.c:119:3:119:5 | s16 | int16_t | int16_t | essentially Signed type | +| test.c:119:3:119:10 | ... & ... | int16_t | int16_t | essentially Signed type | +| test.c:119:9:119:10 | (int)... | int | int | essentially Signed type | +| test.c:119:9:119:10 | s8 | int8_t | int8_t | essentially Signed type | +| test.c:120:3:120:4 | (int)... | int | int | essentially Signed type | +| test.c:120:3:120:4 | s8 | int8_t | int8_t | essentially Signed type | +| test.c:120:3:120:10 | ... & ... | int16_t | int16_t | essentially Signed type | +| test.c:120:8:120:10 | (int)... | int | int | essentially Signed type | +| test.c:120:8:120:10 | s16 | int16_t | int16_t | essentially Signed type | +| test.c:121:3:121:5 | s32 | int32_t | int32_t | essentially Signed type | +| test.c:121:3:121:10 | ... & ... | int32_t | int32_t | essentially Signed type | +| test.c:121:9:121:10 | (int)... | int | int | essentially Signed type | +| test.c:121:9:121:10 | s8 | int8_t | int8_t | essentially Signed type | +| test.c:122:3:122:4 | (int)... | int | int | essentially Signed type | +| test.c:122:3:122:4 | s8 | int8_t | int8_t | essentially Signed type | +| test.c:122:3:122:10 | ... & ... | int32_t | int32_t | essentially Signed type | +| test.c:122:8:122:10 | s32 | int32_t | int32_t | essentially Signed type | +| test.c:123:3:123:5 | s32 | int32_t | int32_t | essentially Signed type | +| test.c:123:3:123:11 | ... & ... | int32_t | int32_t | essentially Signed type | +| test.c:123:9:123:11 | (int)... | int | int | essentially Signed type | +| test.c:123:9:123:11 | s16 | int16_t | int16_t | essentially Signed type | +| test.c:124:3:124:5 | (int)... | int | int | essentially Signed type | +| test.c:124:3:124:5 | s16 | int16_t | int16_t | essentially Signed type | +| test.c:124:3:124:11 | ... & ... | int32_t | int32_t | essentially Signed type | +| test.c:124:9:124:11 | s32 | int32_t | int32_t | essentially Signed type | +| test.c:126:3:126:4 | (int)... | int | int | essentially Signed type | +| test.c:126:3:126:4 | s8 | int8_t | int8_t | essentially Signed type | +| test.c:126:3:126:9 | ... \| ... | int8_t | int8_t | essentially Signed type | +| test.c:126:8:126:9 | (int)... | int | int | essentially Signed type | +| test.c:126:8:126:9 | s8 | int8_t | int8_t | essentially Signed type | +| test.c:127:3:127:5 | (int)... | int | int | essentially Signed type | +| test.c:127:3:127:5 | s16 | int16_t | int16_t | essentially Signed type | +| test.c:127:3:127:10 | ... \| ... | int16_t | int16_t | essentially Signed type | +| test.c:127:9:127:10 | (int)... | int | int | essentially Signed type | +| test.c:127:9:127:10 | s8 | int8_t | int8_t | essentially Signed type | +| test.c:128:3:128:4 | (int)... | int | int | essentially Signed type | +| test.c:128:3:128:4 | s8 | int8_t | int8_t | essentially Signed type | +| test.c:128:3:128:10 | ... \| ... | int16_t | int16_t | essentially Signed type | +| test.c:128:8:128:10 | (int)... | int | int | essentially Signed type | +| test.c:128:8:128:10 | s16 | int16_t | int16_t | essentially Signed type | +| test.c:129:3:129:5 | s32 | int32_t | int32_t | essentially Signed type | +| test.c:129:3:129:10 | ... \| ... | int32_t | int32_t | essentially Signed type | +| test.c:129:9:129:10 | (int)... | int | int | essentially Signed type | +| test.c:129:9:129:10 | s8 | int8_t | int8_t | essentially Signed type | +| test.c:130:3:130:4 | (int)... | int | int | essentially Signed type | +| test.c:130:3:130:4 | s8 | int8_t | int8_t | essentially Signed type | +| test.c:130:3:130:10 | ... \| ... | int32_t | int32_t | essentially Signed type | +| test.c:130:8:130:10 | s32 | int32_t | int32_t | essentially Signed type | +| test.c:131:3:131:5 | s32 | int32_t | int32_t | essentially Signed type | +| test.c:131:3:131:11 | ... \| ... | int32_t | int32_t | essentially Signed type | +| test.c:131:9:131:11 | (int)... | int | int | essentially Signed type | +| test.c:131:9:131:11 | s16 | int16_t | int16_t | essentially Signed type | +| test.c:132:3:132:5 | (int)... | int | int | essentially Signed type | +| test.c:132:3:132:5 | s16 | int16_t | int16_t | essentially Signed type | +| test.c:132:3:132:11 | ... \| ... | int32_t | int32_t | essentially Signed type | +| test.c:132:9:132:11 | s32 | int32_t | int32_t | essentially Signed type | +| test.c:134:3:134:4 | (int)... | int | int | essentially Signed type | +| test.c:134:3:134:4 | s8 | int8_t | int8_t | essentially Signed type | +| test.c:134:3:134:9 | ... ^ ... | int8_t | int8_t | essentially Signed type | +| test.c:134:8:134:9 | (int)... | int | int | essentially Signed type | +| test.c:134:8:134:9 | s8 | int8_t | int8_t | essentially Signed type | +| test.c:135:3:135:5 | (int)... | int | int | essentially Signed type | +| test.c:135:3:135:5 | s16 | int16_t | int16_t | essentially Signed type | +| test.c:135:3:135:10 | ... ^ ... | int16_t | int16_t | essentially Signed type | +| test.c:135:9:135:10 | (int)... | int | int | essentially Signed type | +| test.c:135:9:135:10 | s8 | int8_t | int8_t | essentially Signed type | +| test.c:136:3:136:4 | (int)... | int | int | essentially Signed type | +| test.c:136:3:136:4 | s8 | int8_t | int8_t | essentially Signed type | +| test.c:136:3:136:10 | ... ^ ... | int16_t | int16_t | essentially Signed type | +| test.c:136:8:136:10 | (int)... | int | int | essentially Signed type | +| test.c:136:8:136:10 | s16 | int16_t | int16_t | essentially Signed type | +| test.c:137:3:137:5 | s32 | int32_t | int32_t | essentially Signed type | +| test.c:137:3:137:10 | ... ^ ... | int32_t | int32_t | essentially Signed type | +| test.c:137:9:137:10 | (int)... | int | int | essentially Signed type | +| test.c:137:9:137:10 | s8 | int8_t | int8_t | essentially Signed type | +| test.c:138:3:138:4 | (int)... | int | int | essentially Signed type | +| test.c:138:3:138:4 | s8 | int8_t | int8_t | essentially Signed type | +| test.c:138:3:138:10 | ... ^ ... | int32_t | int32_t | essentially Signed type | +| test.c:138:8:138:10 | s32 | int32_t | int32_t | essentially Signed type | +| test.c:139:3:139:5 | s32 | int32_t | int32_t | essentially Signed type | +| test.c:139:3:139:11 | ... ^ ... | int32_t | int32_t | essentially Signed type | +| test.c:139:9:139:11 | (int)... | int | int | essentially Signed type | +| test.c:139:9:139:11 | s16 | int16_t | int16_t | essentially Signed type | +| test.c:140:3:140:5 | (int)... | int | int | essentially Signed type | +| test.c:140:3:140:5 | s16 | int16_t | int16_t | essentially Signed type | +| test.c:140:3:140:11 | ... ^ ... | int32_t | int32_t | essentially Signed type | +| test.c:140:9:140:11 | s32 | int32_t | int32_t | essentially Signed type | +| test.c:142:3:142:5 | u32 | uint32_t | uint32_t | essentially Unsigned type | +| test.c:142:3:142:11 | ... & ... | unsigned int | unsigned int | essentially Unsigned type | +| test.c:142:9:142:11 | (unsigned int)... | unsigned int | unsigned int | essentially Unsigned type | +| test.c:142:9:142:11 | s32 | int32_t | int32_t | essentially Signed type | +| test.c:143:3:143:5 | (unsigned int)... | unsigned int | unsigned int | essentially Unsigned type | +| test.c:143:3:143:5 | s32 | int32_t | int32_t | essentially Signed type | +| test.c:143:3:143:11 | ... & ... | unsigned int | unsigned int | essentially Unsigned type | +| test.c:143:9:143:11 | u32 | uint32_t | uint32_t | essentially Unsigned type | +| test.c:144:3:144:4 | (int)... | int | int | essentially Signed type | +| test.c:144:3:144:4 | u8 | uint8_t | uint8_t | essentially Unsigned type | +| test.c:144:3:144:10 | ... & ... | int | int | essentially Signed type | +| test.c:144:8:144:10 | s32 | int32_t | int32_t | essentially Signed type | +| test.c:145:3:145:5 | s32 | int32_t | int32_t | essentially Signed type | +| test.c:145:3:145:10 | ... & ... | int | int | essentially Signed type | +| test.c:145:9:145:10 | (int)... | int | int | essentially Signed type | +| test.c:145:9:145:10 | u8 | uint8_t | uint8_t | essentially Unsigned type | +| test.c:146:3:146:4 | (int)... | int | int | essentially Signed type | +| test.c:146:3:146:4 | u8 | uint8_t | uint8_t | essentially Unsigned type | +| test.c:146:3:146:9 | ... & ... | int | int | essentially Signed type | +| test.c:146:8:146:9 | (int)... | int | int | essentially Signed type | +| test.c:146:8:146:9 | s8 | int8_t | int8_t | essentially Signed type | +| test.c:147:3:147:4 | (int)... | int | int | essentially Signed type | +| test.c:147:3:147:4 | s8 | int8_t | int8_t | essentially Signed type | +| test.c:147:3:147:9 | ... & ... | int | int | essentially Signed type | +| test.c:147:8:147:9 | (int)... | int | int | essentially Signed type | +| test.c:147:8:147:9 | u8 | uint8_t | uint8_t | essentially Unsigned type | +| test.c:149:3:149:5 | u32 | uint32_t | uint32_t | essentially Unsigned type | +| test.c:149:3:149:11 | ... \| ... | unsigned int | unsigned int | essentially Unsigned type | +| test.c:149:9:149:11 | (unsigned int)... | unsigned int | unsigned int | essentially Unsigned type | +| test.c:149:9:149:11 | s32 | int32_t | int32_t | essentially Signed type | +| test.c:150:3:150:5 | (unsigned int)... | unsigned int | unsigned int | essentially Unsigned type | +| test.c:150:3:150:5 | s32 | int32_t | int32_t | essentially Signed type | +| test.c:150:3:150:11 | ... \| ... | unsigned int | unsigned int | essentially Unsigned type | +| test.c:150:9:150:11 | u32 | uint32_t | uint32_t | essentially Unsigned type | +| test.c:151:3:151:4 | (int)... | int | int | essentially Signed type | +| test.c:151:3:151:4 | u8 | uint8_t | uint8_t | essentially Unsigned type | +| test.c:151:3:151:10 | ... \| ... | int | int | essentially Signed type | +| test.c:151:8:151:10 | s32 | int32_t | int32_t | essentially Signed type | +| test.c:152:3:152:5 | s32 | int32_t | int32_t | essentially Signed type | +| test.c:152:3:152:10 | ... \| ... | int | int | essentially Signed type | +| test.c:152:9:152:10 | (int)... | int | int | essentially Signed type | +| test.c:152:9:152:10 | u8 | uint8_t | uint8_t | essentially Unsigned type | +| test.c:153:3:153:4 | (int)... | int | int | essentially Signed type | +| test.c:153:3:153:4 | u8 | uint8_t | uint8_t | essentially Unsigned type | +| test.c:153:3:153:9 | ... \| ... | int | int | essentially Signed type | +| test.c:153:8:153:9 | (int)... | int | int | essentially Signed type | +| test.c:153:8:153:9 | s8 | int8_t | int8_t | essentially Signed type | +| test.c:154:3:154:4 | (int)... | int | int | essentially Signed type | +| test.c:154:3:154:4 | s8 | int8_t | int8_t | essentially Signed type | +| test.c:154:3:154:9 | ... \| ... | int | int | essentially Signed type | +| test.c:154:8:154:9 | (int)... | int | int | essentially Signed type | +| test.c:154:8:154:9 | u8 | uint8_t | uint8_t | essentially Unsigned type | +| test.c:156:3:156:5 | u32 | uint32_t | uint32_t | essentially Unsigned type | +| test.c:156:3:156:11 | ... ^ ... | unsigned int | unsigned int | essentially Unsigned type | +| test.c:156:9:156:11 | (unsigned int)... | unsigned int | unsigned int | essentially Unsigned type | +| test.c:156:9:156:11 | s32 | int32_t | int32_t | essentially Signed type | +| test.c:157:3:157:5 | (unsigned int)... | unsigned int | unsigned int | essentially Unsigned type | +| test.c:157:3:157:5 | s32 | int32_t | int32_t | essentially Signed type | +| test.c:157:3:157:11 | ... ^ ... | unsigned int | unsigned int | essentially Unsigned type | +| test.c:157:9:157:11 | u32 | uint32_t | uint32_t | essentially Unsigned type | +| test.c:158:3:158:4 | (int)... | int | int | essentially Signed type | +| test.c:158:3:158:4 | u8 | uint8_t | uint8_t | essentially Unsigned type | +| test.c:158:3:158:10 | ... ^ ... | int | int | essentially Signed type | +| test.c:158:8:158:10 | s32 | int32_t | int32_t | essentially Signed type | +| test.c:159:3:159:5 | s32 | int32_t | int32_t | essentially Signed type | +| test.c:159:3:159:10 | ... ^ ... | int | int | essentially Signed type | +| test.c:159:9:159:10 | (int)... | int | int | essentially Signed type | +| test.c:159:9:159:10 | u8 | uint8_t | uint8_t | essentially Unsigned type | +| test.c:160:3:160:4 | (int)... | int | int | essentially Signed type | +| test.c:160:3:160:4 | u8 | uint8_t | uint8_t | essentially Unsigned type | +| test.c:160:3:160:9 | ... ^ ... | int | int | essentially Signed type | +| test.c:160:8:160:9 | (int)... | int | int | essentially Signed type | +| test.c:160:8:160:9 | s8 | int8_t | int8_t | essentially Signed type | +| test.c:161:3:161:4 | (int)... | int | int | essentially Signed type | +| test.c:161:3:161:4 | s8 | int8_t | int8_t | essentially Signed type | +| test.c:161:3:161:9 | ... ^ ... | int | int | essentially Signed type | +| test.c:161:8:161:9 | (int)... | int | int | essentially Signed type | +| test.c:161:8:161:9 | u8 | uint8_t | uint8_t | essentially Unsigned type | diff --git a/c/misra/test/c/misra/test.c b/c/misra/test/c/misra/test.c index b3fdddd591..dcdfef4eb4 100644 --- a/c/misra/test/c/misra/test.c +++ b/c/misra/test/c/misra/test.c @@ -79,4 +79,84 @@ void testControlChar() { 'a'; // Essentially char '\n'; // Essentially char '\0'; // Essentially char +} + +#include + +void testBitwise() { + uint8_t u8 = 0; + uint16_t u16 = 0; + uint32_t u32 = 0; + int8_t s8 = 0; + int16_t s16 = 0; + int32_t s32 = 0; + + u8 & u8; // Essentially unsigned, char + u16 & u8; // Essentially unsigned, short + u8 & u16; // Essentially unsigned, short + u32 & u8; // Essentially unsigned, int + u8 & u32; // Essentially unsigned, int + u32 & u16; // Essentially unsigned, int + u16 & u32; // Essentially unsigned, int + + u8 | u8; // Essentially unsigned, char + u16 | u8; // Essentially unsigned, short + u8 | u16; // Essentially unsigned, short + u32 | u8; // Essentially unsigned, int + u8 | u32; // Essentially unsigned, int + u32 | u16; // Essentially unsigned, int + u16 | u32; // Essentially unsigned, int + + u8 ^ u8; // Essentially unsigned, char + u16 ^ u8; // Essentially unsigned, short + u8 ^ u16; // Essentially unsigned, short + u32 ^ u8; // Essentially unsigned, int + u8 ^ u32; // Essentially unsigned, int + u32 ^ u16; // Essentially unsigned, int + u16 ^ u32; // Essentially unsigned, int + + s8 & s8; // Essentially signed, char + s16 & s8; // Essentially signed, short + s8 & s16; // Essentially signed, short + s32 & s8; // Essentially signed, int + s8 & s32; // Essentially signed, int + s32 & s16; // Essentially signed, int + s16 & s32; // Essentially signed, int + + s8 | s8; // Essentially signed, char + s16 | s8; // Essentially signed, short + s8 | s16; // Essentially signed, short + s32 | s8; // Essentially signed, int + s8 | s32; // Essentially signed, int + s32 | s16; // Essentially signed, int + s16 | s32; // Essentially signed, int + + s8 ^ s8; // Essentially signed, char + s16 ^ s8; // Essentially signed, short + s8 ^ s16; // Essentially signed, short + s32 ^ s8; // Essentially signed, int + s8 ^ s32; // Essentially signed, int + s32 ^ s16; // Essentially signed, int + s16 ^ s32; // Essentially signed, int + + u32 & s32; // Essentially signed, int + s32 & u32; // Essentially signed, int + u8 & s32; // Essentially signed, int + s32 & u8; // Essentially signed, int + u8 & s8; // Essentially signed, int + s8 & u8; // Essentially signed, int + + u32 | s32; // Essentially signed, int + s32 | u32; // Essentially signed, int + u8 | s32; // Essentially signed, int + s32 | u8; // Essentially signed, int + u8 | s8; // Essentially signed, int + s8 | u8; // Essentially signed, int + + u32 ^ s32; // Essentially signed, int + s32 ^ u32; // Essentially signed, int + u8 ^ s32; // Essentially signed, int + s32 ^ u8; // Essentially signed, int + u8 ^ s8; // Essentially signed, int + s8 ^ u8; // Essentially signed, int } \ No newline at end of file From a5ed461557c57b44df2f6a420e6ecc1bd89cbed2 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 27 Oct 2024 15:28:27 +0000 Subject: [PATCH 2216/2573] EssentialTypes: Add test cases for shifts --- c/misra/test/c/misra/EssentialTypes.expected | 73 ++++++++++++++++++++ c/misra/test/c/misra/test.c | 38 ++++++++++ 2 files changed, 111 insertions(+) diff --git a/c/misra/test/c/misra/EssentialTypes.expected b/c/misra/test/c/misra/EssentialTypes.expected index 19a7090fe9..95976fe2ab 100644 --- a/c/misra/test/c/misra/EssentialTypes.expected +++ b/c/misra/test/c/misra/EssentialTypes.expected @@ -365,3 +365,76 @@ | test.c:161:3:161:9 | ... ^ ... | int | int | essentially Signed type | | test.c:161:8:161:9 | (int)... | int | int | essentially Signed type | | test.c:161:8:161:9 | u8 | uint8_t | uint8_t | essentially Unsigned type | +| test.c:165:16:165:17 | 1 | signed char | signed char | essentially Signed type | +| test.c:170:3:170:4 | 1 | unsigned char | unsigned char | essentially Unsigned type | +| test.c:170:3:170:9 | ... << ... | unsigned char | unsigned char | essentially Unsigned type | +| test.c:170:9:170:9 | 1 | signed char | signed char | essentially Signed type | +| test.c:171:3:171:6 | 256 | unsigned short | unsigned short | essentially Unsigned type | +| test.c:171:3:171:11 | ... << ... | unsigned short | unsigned short | essentially Unsigned type | +| test.c:171:11:171:11 | 1 | signed char | signed char | essentially Signed type | +| test.c:172:3:172:8 | 65536 | unsigned int | unsigned int | essentially Unsigned type | +| test.c:172:3:172:13 | ... << ... | unsigned int | unsigned int | essentially Unsigned type | +| test.c:172:13:172:13 | 1 | signed char | signed char | essentially Signed type | +| test.c:173:3:173:4 | 2 | unsigned char | unsigned char | essentially Unsigned type | +| test.c:173:3:173:9 | ... >> ... | unsigned char | unsigned char | essentially Unsigned type | +| test.c:173:9:173:9 | 1 | signed char | signed char | essentially Signed type | +| test.c:174:3:174:8 | 32768 | unsigned short | unsigned short | essentially Unsigned type | +| test.c:174:3:174:13 | ... >> ... | unsigned short | unsigned short | essentially Unsigned type | +| test.c:174:13:174:13 | 1 | signed char | signed char | essentially Signed type | +| test.c:175:3:175:13 | 2147483648 | unsigned int | unsigned int | essentially Unsigned type | +| test.c:175:3:175:18 | ... >> ... | unsigned int | unsigned int | essentially Unsigned type | +| test.c:175:18:175:18 | 1 | signed char | signed char | essentially Signed type | +| test.c:176:3:176:14 | 4294967295 | unsigned long | unsigned long | essentially Unsigned type | +| test.c:176:3:176:19 | ... << ... | unsigned long | unsigned long | essentially Unsigned type | +| test.c:176:3:176:19 | ... << ... | unsigned long | unsigned long long | essentially Unsigned type | +| test.c:176:3:176:19 | ... << ... | unsigned long long | unsigned long | essentially Unsigned type | +| test.c:176:3:176:19 | ... << ... | unsigned long long | unsigned long long | essentially Unsigned type | +| test.c:176:19:176:19 | 1 | signed char | signed char | essentially Signed type | +| test.c:181:3:181:6 | 256 | unsigned short | unsigned short | essentially Unsigned type | +| test.c:181:3:181:11 | ... >> ... | unsigned char | unsigned char | essentially Unsigned type | +| test.c:181:11:181:11 | 1 | signed char | signed char | essentially Signed type | +| test.c:182:3:182:8 | 65536 | unsigned int | unsigned int | essentially Unsigned type | +| test.c:182:3:182:13 | ... >> ... | unsigned short | unsigned short | essentially Unsigned type | +| test.c:182:13:182:13 | 1 | signed char | signed char | essentially Signed type | +| test.c:183:3:183:13 | 4294967296 | unsigned long | unsigned long | essentially Unsigned type | +| test.c:183:3:183:18 | ... >> ... | unsigned int | unsigned int | essentially Unsigned type | +| test.c:183:18:183:18 | 1 | signed char | signed char | essentially Signed type | +| test.c:184:3:184:6 | 255 | unsigned char | unsigned char | essentially Unsigned type | +| test.c:184:3:184:11 | ... << ... | unsigned short | unsigned short | essentially Unsigned type | +| test.c:184:11:184:11 | 1 | signed char | signed char | essentially Signed type | +| test.c:185:3:185:8 | 65535 | unsigned short | unsigned short | essentially Unsigned type | +| test.c:185:3:185:13 | ... << ... | unsigned int | unsigned int | essentially Unsigned type | +| test.c:185:13:185:13 | 1 | signed char | signed char | essentially Signed type | +| test.c:189:3:189:6 | 255 | unsigned char | unsigned char | essentially Unsigned type | +| test.c:189:3:189:13 | ... >> ... | unsigned char | unsigned char | essentially Unsigned type | +| test.c:189:11:189:13 | s32 | int32_t | int32_t | essentially Signed type | +| test.c:190:3:190:8 | 65535 | unsigned short | unsigned short | essentially Unsigned type | +| test.c:190:3:190:15 | ... >> ... | unsigned short | unsigned short | essentially Unsigned type | +| test.c:190:13:190:15 | s32 | int32_t | int32_t | essentially Signed type | +| test.c:191:3:191:13 | 4294967295 | unsigned int | unsigned int | essentially Unsigned type | +| test.c:191:3:191:20 | ... >> ... | unsigned int | unsigned int | essentially Unsigned type | +| test.c:191:18:191:20 | s32 | int32_t | int32_t | essentially Signed type | +| test.c:192:3:192:6 | 255 | unsigned char | unsigned char | essentially Unsigned type | +| test.c:192:3:192:13 | ... << ... | unsigned char | unsigned char | essentially Unsigned type | +| test.c:192:11:192:13 | s32 | int32_t | int32_t | essentially Signed type | +| test.c:193:3:193:8 | 65535 | unsigned short | unsigned short | essentially Unsigned type | +| test.c:193:3:193:15 | ... << ... | unsigned short | unsigned short | essentially Unsigned type | +| test.c:193:13:193:15 | s32 | int32_t | int32_t | essentially Signed type | +| test.c:194:3:194:13 | 4294967295 | unsigned int | unsigned int | essentially Unsigned type | +| test.c:194:3:194:20 | ... << ... | unsigned int | unsigned int | essentially Unsigned type | +| test.c:194:18:194:20 | s32 | int32_t | int32_t | essentially Signed type | +| test.c:197:3:197:5 | 257 | short | short | essentially Signed type | +| test.c:197:3:197:5 | 257 | short | signed short | essentially Signed type | +| test.c:197:3:197:5 | 257 | signed short | short | essentially Signed type | +| test.c:197:3:197:5 | 257 | signed short | signed short | essentially Signed type | +| test.c:197:3:197:10 | ... >> ... | int | int | essentially Signed type | +| test.c:197:10:197:10 | 1 | signed char | signed char | essentially Signed type | +| test.c:198:3:198:7 | 65537 | int | int | essentially Signed type | +| test.c:198:3:198:7 | 65537 | int | signed int | essentially Signed type | +| test.c:198:3:198:7 | 65537 | signed int | int | essentially Signed type | +| test.c:198:3:198:7 | 65537 | signed int | signed int | essentially Signed type | +| test.c:198:3:198:12 | ... >> ... | int | int | essentially Signed type | +| test.c:198:12:198:12 | 1 | signed char | signed char | essentially Signed type | +| test.c:199:3:199:12 | 4294967297 | long | long | essentially Signed type | +| test.c:199:3:199:17 | ... >> ... | long | long | essentially Signed type | +| test.c:199:17:199:17 | 1 | signed char | signed char | essentially Signed type | diff --git a/c/misra/test/c/misra/test.c b/c/misra/test/c/misra/test.c index dcdfef4eb4..e271a67e30 100644 --- a/c/misra/test/c/misra/test.c +++ b/c/misra/test/c/misra/test.c @@ -159,4 +159,42 @@ void testBitwise() { s32 ^ u8; // Essentially signed, int u8 ^ s8; // Essentially signed, int s8 ^ u8; // Essentially signed, int +} + +void testShifts() { + int32_t s32 = 1; + + // Left hand is unsigned and both are constants, so UTLR + // In these cases the UTLR is the same as the essential type of + // the left operand + 1U << 1; // Essentially unsigned char + 256U << 1; // Essentially unsigned short + 65536U << 1; // Essentially unsigned int + 2U >> 1; // Essentially unsigned char + 32768U >> 1; // Essentially unsigned short - 2^15 >> 1 = 2^14 + 2147483648U >> 1; // Essentially unsigned int - 2^31 >> 1 = 2^30 + 4294967295LU << 1; // Essentially unsigned long + + // Left hand is unsigned and both are constants, so UTLR + // In these cases the UTLR is not the same as the essential type of + // the left operand + 256U >> 1; // Essentially unsigned char + 65536U >> 1; // Essentially unsigned short + 4294967296U >> 1; // Essentially unsigned int + 255U << 1; // Essentially unsigned short + 65535U << 1; // Essentially unsigned int + + // Left hand is unsigned, but left isn't a constant, so essential type of left + // operand + 255U >> s32; // Essentially unsigned char + 65535U >> s32; // Essentially unsigned short + 4294967295U >> s32; // Essentially unsigned int + 255U << s32; // Essentially unsigned char + 65535U << s32; // Essentially unsigned short + 4294967295U << s32; // Essentially unsigned int + + // Left hand operand signed int, so result is standard type + 257 >> 1; // Essentially signed int + 65537 >> 1; // Essentially signed int + 4294967297 >> 1; // Essentially signed long } \ No newline at end of file From aba9528b7341251ee35555a32be7e04f5cfa226d Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 27 Oct 2024 15:41:21 +0000 Subject: [PATCH 2217/2573] RULE-10-3: Expand test cases for binary bitwise operators --- ...gnmentOfIncompatibleEssentialType.expected | 6 +++++ c/misra/test/rules/RULE-10-3/test.c | 25 +++++++++++++++++++ 2 files changed, 31 insertions(+) diff --git a/c/misra/test/rules/RULE-10-3/AssignmentOfIncompatibleEssentialType.expected b/c/misra/test/rules/RULE-10-3/AssignmentOfIncompatibleEssentialType.expected index 3867abd0ca..b64f970bfe 100644 --- a/c/misra/test/rules/RULE-10-3/AssignmentOfIncompatibleEssentialType.expected +++ b/c/misra/test/rules/RULE-10-3/AssignmentOfIncompatibleEssentialType.expected @@ -131,3 +131,9 @@ | test.c:356:10:356:11 | e1 | Assignment of essentially Enum Type value to an object of essentially Floating type. | | test.c:357:10:357:10 | s | Assignment of essentially Signed type value to an object of essentially Floating type. | | test.c:358:10:358:10 | u | Assignment of essentially Unsigned type value to an object of essentially Floating type. | +| test.c:369:12:369:20 | ... & ... | Assignment of essentially Unsigned type value to an object of essentially Signed type. | +| test.c:370:12:370:20 | ... \| ... | Assignment of essentially Unsigned type value to an object of essentially Signed type. | +| test.c:371:12:371:20 | ... ^ ... | Assignment of essentially Unsigned type value to an object of essentially Signed type. | +| test.c:376:20:376:27 | ... & ... | Assignment of value of essentially Signed type of size 2 bytes to an object narrower essential type of size 1 bytes. | +| test.c:381:23:381:30 | ... & ... | Assignment of value of essentially Unsigned type of size 2 bytes to an object narrower essential type of size 1 bytes. | +| test.c:384:22:384:29 | ... & ... | Assignment of essentially Signed type value to an object of essentially Unsigned type. | diff --git a/c/misra/test/rules/RULE-10-3/test.c b/c/misra/test/rules/RULE-10-3/test.c index 30ab2985ae..f4ad487ae1 100644 --- a/c/misra/test/rules/RULE-10-3/test.c +++ b/c/misra/test/rules/RULE-10-3/test.c @@ -357,4 +357,29 @@ void testStructAssignment() { s1.f = s; // NON_COMPLIANT s1.f = u; // NON_COMPLIANT s1.f = f; // COMPLIANT +} + +void testBinaryBitwise() { + signed int s32 = 100; // COMPLIANT - wider + signed short s16 = 0; // COMPLIANT - wider + signed char s8 = 0; // COMPLIANT - wider + unsigned int u32 = 100; // COMPLIANT - by exception 1 + unsigned char u8 = 0; // COMPLIANT - by exception 1 + unsigned short u16 = 0; // COMPLIANT - by exception 1 + int x1 = s32 & u32; // NON_COMPLIANT - integer promotion to u32 + int x2 = s32 | u32; // NON_COMPLIANT - integer promotion to u32 + int x3 = s32 ^ u32; // NON_COMPLIANT - integer promotion to u32 + int x4 = s16 & s32; // COMPLIANT + int x5 = s16 & u16; // COMPLIANT + int x6 = s16 & s8; // COMPLIANT + signed short x7 = s16 & s8; // COMPLIANT + signed char x8 = s16 & s8; // NON_COMPLIANT + signed char x9 = s8 & s8; // COMPLIANT + signed short x10 = s8 & s8; // COMPLIANT + unsigned int x11 = u16 & u8; // COMPLIANT + unsigned short x12 = u16 & u8; // COMPLIANT + unsigned char x13 = u16 & u8; // NON_COMPLIANT + unsigned char x14 = u8 & u8; // COMPLIANT + unsigned short x15 = u8 & u8; // COMPLIANT + unsigned int x16 = s16 & s8; // NON_COMPLIANT } \ No newline at end of file From 5b753e0cbde1f57b22909fc05922e2c61ab032df Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 28 Oct 2024 08:47:04 -0700 Subject: [PATCH 2218/2573] Add change note --- change_notes/2024-10-28-essential-types-bitwise.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 change_notes/2024-10-28-essential-types-bitwise.md diff --git a/change_notes/2024-10-28-essential-types-bitwise.md b/change_notes/2024-10-28-essential-types-bitwise.md new file mode 100644 index 0000000000..a382290351 --- /dev/null +++ b/change_notes/2024-10-28-essential-types-bitwise.md @@ -0,0 +1,2 @@ + - `RULE-10-1`, `RULE-10-3`, `RULE-10-4`, `RULE-10-5`, `RULE-10-6`, `RULE-10-7`, `RULE-10-8`, `RULE-12-2` - `OperandsOfAnInappropriateEssentialType.ql`, `AssignmentOfIncompatibleEssentialType.ql`, `OperandsWithMismatchedEssentialTypeCategory.ql`, `InappropriateEssentialTypeCast.ql`, `AssignmentToWiderEssentialType,ql`, `ImplicitConversionOfCompositeExpression.ql`, `InappropriateCastOfCompositeExpression.ql`: + - False positives and false negatives removed due to fixing incorrect essential type of the binary bitwise operations `^`, `|` and `&`. Previously the standard type was used, instead of applying the essential type rules which dictate that if both arguments have the same signedness, the essential type will have the same signedness and a rank equal to the larger of the two operands. \ No newline at end of file From 61d4ba36397e33de69e05362826c5e6ff11ecb87 Mon Sep 17 00:00:00 2001 From: Fernando Jose Date: Wed, 30 Oct 2024 14:02:40 +0900 Subject: [PATCH 2219/2573] Fix #629. --- change_notes/2024-10-30-fix-issue-629.md | 2 ++ ...DeclarationAndInitializationNotOnSeparateLines.ql | 4 ++-- cpp/autosar/test/rules/A7-1-7/test.cpp | 12 +++++++++++- 3 files changed, 15 insertions(+), 3 deletions(-) create mode 100644 change_notes/2024-10-30-fix-issue-629.md diff --git a/change_notes/2024-10-30-fix-issue-629.md b/change_notes/2024-10-30-fix-issue-629.md new file mode 100644 index 0000000000..1e7421f6f6 --- /dev/null +++ b/change_notes/2024-10-30-fix-issue-629.md @@ -0,0 +1,2 @@ +- `A7-1-7` - `IdentifierDeclarationAndInitializationNotOnSeparateLines.ql` + - Fixes #629. Adds brackets, excluding expressions statements in macros. diff --git a/cpp/autosar/src/rules/A7-1-7/IdentifierDeclarationAndInitializationNotOnSeparateLines.ql b/cpp/autosar/src/rules/A7-1-7/IdentifierDeclarationAndInitializationNotOnSeparateLines.ql index 8c10a0f80c..9cc593ecb1 100644 --- a/cpp/autosar/src/rules/A7-1-7/IdentifierDeclarationAndInitializationNotOnSeparateLines.ql +++ b/cpp/autosar/src/rules/A7-1-7/IdentifierDeclarationAndInitializationNotOnSeparateLines.ql @@ -19,7 +19,7 @@ import codingstandards.cpp.autosar class UniqueLineStmt extends Locatable { UniqueLineStmt() { not isAffectedByMacro() and - exists(Declaration d | + (exists(Declaration d | this = d.getADeclarationEntry() and not d instanceof Parameter and not d instanceof TemplateParameter and @@ -38,7 +38,7 @@ class UniqueLineStmt extends Locatable { or this instanceof ExprStmt and not exists(ForStmt f | f.getInitialization().getAChild*() = this) and - not exists(LambdaExpression l | l.getLambdaFunction().getBlock().getAChild*() = this) + not exists(LambdaExpression l | l.getLambdaFunction().getBlock().getAChild*() = this)) } } diff --git a/cpp/autosar/test/rules/A7-1-7/test.cpp b/cpp/autosar/test/rules/A7-1-7/test.cpp index 7c5a6263cf..80f6542b11 100644 --- a/cpp/autosar/test/rules/A7-1-7/test.cpp +++ b/cpp/autosar/test/rules/A7-1-7/test.cpp @@ -152,4 +152,14 @@ void example_function() { f1(); } // COMPLIANT // clang-format off typedef struct x { int y; } z; //COMPLIANT - for struct typedef and struct var //NON_COMPLIANT - for struct all on one line -// clang-format on \ No newline at end of file +// clang-format on + +#define foo(x, y) \ + x++; \ + y++; + +void test_foo() { + int a = 1; + int b = 1; + foo(a, b); // COMPLIANT +} From 525fba7fec474c0ac46c4ac162c2593804dea214 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 31 Oct 2024 15:37:02 -0700 Subject: [PATCH 2220/2573] Pack creation: load help from base reference For pull requests the current process attempts to load the help from the equivalent ref in the help repo. As most PRs do not add an equivalent branch on the help repo, this means that most PRs do not load any help at all, and the constructed artifacts are missing help. This is problematic during the release process, where we appear to use the artifacts built from the PR event, instead of the artifacts built from the branch itself, therefore using artifacts without any help included. This commit modifies the behaviour to fetch the help for the base ref for the pull request or merge group. This should ensure that help files are always loaded, regardless of where the artifacts are built. --- .github/workflows/code-scanning-pack-gen.yml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index ea13a4e76c..c665c4e6ea 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -68,11 +68,14 @@ jobs: - name: Determine ref for external help files id: determine-ref run: | - if [[ $GITHUB_EVENT_NAME == "pull_request" || $GITHUB_EVENT_NAME == "merge_group" ]]; then - echo "EXTERNAL_HELP_REF=$GITHUB_HEAD_REF" >> "$GITHUB_ENV" + if [[ $GITHUB_EVENT_NAME == "pull_request" ]]; then + EXTERNAL_HELP_REF="${{ github.event.pull_request.base.ref }}" + elif [[ $GITHUB_EVENT_NAME == "merge_group" ]]; then + EXTERNAL_HELP_REF="${{ github.event.merge_group.base_ref }}" else - echo "EXTERNAL_HELP_REF=$GITHUB_REF" >> "$GITHUB_ENV" + EXTERNAL_HELP_REF="$GITHUB_REF" fi + echo "EXTERNAL_HELP_REF=$EXTERNAL_HELP_REF" >> "$GITHUB_ENV" echo "Using ref $EXTERNAL_HELP_REF for external help files." - name: Checkout external help files From 839112f3c6d6516bdaf6bd698759f15f0ab914e9 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 31 Oct 2024 15:44:33 -0700 Subject: [PATCH 2221/2573] Do not continue on error for checkout of the help repo This is to avoid accidental errors when loading the reference. --- .github/workflows/code-scanning-pack-gen.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index c665c4e6ea..a217c5781e 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -79,7 +79,6 @@ jobs: echo "Using ref $EXTERNAL_HELP_REF for external help files." - name: Checkout external help files - continue-on-error: true id: checkout-external-help-files uses: actions/checkout@v4 with: From 98c76101502b0bc50e6e504d7bb20edb04161f2a Mon Sep 17 00:00:00 2001 From: Fernando Jose Date: Fri, 1 Nov 2024 08:17:21 +0900 Subject: [PATCH 2222/2573] Fix query formatting. --- ...tionAndInitializationNotOnSeparateLines.ql | 40 ++++++++++--------- 1 file changed, 21 insertions(+), 19 deletions(-) diff --git a/cpp/autosar/src/rules/A7-1-7/IdentifierDeclarationAndInitializationNotOnSeparateLines.ql b/cpp/autosar/src/rules/A7-1-7/IdentifierDeclarationAndInitializationNotOnSeparateLines.ql index 9cc593ecb1..89aca8048e 100644 --- a/cpp/autosar/src/rules/A7-1-7/IdentifierDeclarationAndInitializationNotOnSeparateLines.ql +++ b/cpp/autosar/src/rules/A7-1-7/IdentifierDeclarationAndInitializationNotOnSeparateLines.ql @@ -19,26 +19,28 @@ import codingstandards.cpp.autosar class UniqueLineStmt extends Locatable { UniqueLineStmt() { not isAffectedByMacro() and - (exists(Declaration d | - this = d.getADeclarationEntry() and - not d instanceof Parameter and - not d instanceof TemplateParameter and - // TODO - Needs to be enhanced to solve issues with - // templated inner classes. - not d instanceof Function and - not d.isFromTemplateInstantiation(_) and - not d.(Variable).isCompilerGenerated() and - not exists(RangeBasedForStmt f | f.getADeclaration() = d) and - not exists(DeclStmt declStmt, ForStmt f | - f.getInitialization() = declStmt and - declStmt.getADeclaration() = d - ) and - not exists(LambdaCapture lc | lc.getField().getADeclarationEntry() = this) + ( + exists(Declaration d | + this = d.getADeclarationEntry() and + not d instanceof Parameter and + not d instanceof TemplateParameter and + // TODO - Needs to be enhanced to solve issues with + // templated inner classes. + not d instanceof Function and + not d.isFromTemplateInstantiation(_) and + not d.(Variable).isCompilerGenerated() and + not exists(RangeBasedForStmt f | f.getADeclaration() = d) and + not exists(DeclStmt declStmt, ForStmt f | + f.getInitialization() = declStmt and + declStmt.getADeclaration() = d + ) and + not exists(LambdaCapture lc | lc.getField().getADeclarationEntry() = this) + ) + or + this instanceof ExprStmt and + not exists(ForStmt f | f.getInitialization().getAChild*() = this) and + not exists(LambdaExpression l | l.getLambdaFunction().getBlock().getAChild*() = this) ) - or - this instanceof ExprStmt and - not exists(ForStmt f | f.getInitialization().getAChild*() = this) and - not exists(LambdaExpression l | l.getLambdaFunction().getBlock().getAChild*() = this)) } } From fb3c5e7cb804d69ba1caa7537c181ccd0bee73eb Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 31 Oct 2024 21:38:49 -0700 Subject: [PATCH 2223/2573] Implement Concurrency6 package -- split out Concurrency7 --- .../ThreadWasPreviouslyJoinedOrDetached.ql | 39 +--- ...hreadWasPreviouslyJoinedOrDetached.testref | 1 + .../includes/standard-library/stdatomic.h | 74 +++++++- .../JoinOrDetachThreadOnlyOnce.expected} | 0 .../JoinOrDetachThreadOnlyOnce.ql | 4 + .../rules/joinordetachthreadonlyonce}/test.c | 0 .../DIR-5-2/NotNoDeadlocksBetweenThreads.ql | 24 +++ .../DIR-5-3/BannedDynamicThreadCreation.ql | 29 +++ .../rules/DIR-5-3/ThreadCreatedByThread.ql | 45 +++++ .../AtomicAggregateObjectDirectlyAccessed.ql | 35 ++++ .../RULE-21-25/InvalidMemoryOrderArgument.ql | 176 ++++++++++++++++++ .../ThreadPreviouslyJoinedOrDetached.ql | 24 +++ .../NotNoDeadlocksBetweenThreads.testref | 1 + .../BannedDynamicThreadCreation.expected | 16 ++ .../DIR-5-3/BannedDynamicThreadCreation.qlref | 1 + .../DIR-5-3/ThreadCreatedByThread.expected | 14 ++ .../rules/DIR-5-3/ThreadCreatedByThread.qlref | 1 + c/misra/test/rules/DIR-5-3/test.c | 95 ++++++++++ ...icAggregateObjectDirectlyAccessed.expected | 4 + ...tomicAggregateObjectDirectlyAccessed.qlref | 1 + c/misra/test/rules/RULE-12-6/test.c | 59 ++++++ .../InvalidMemoryOrderArgument.expected | 99 ++++++++++ .../InvalidMemoryOrderArgument.qlref | 1 + c/misra/test/rules/RULE-21-25/test.c | 85 +++++++++ .../ThreadPreviouslyJoinedOrDetached.testref | 1 + ...hreadWasPreviouslyJoinedOrDetached.testref | 1 + .../src/codingstandards/cpp/Concurrency.qll | 31 ++- .../cpp/exclusions/c/Concurrency6.qll | 112 +++++++++++ .../cpp/exclusions/c/RuleMetadata.qll | 3 + .../JoinOrDetachThreadOnlyOnce.qll | 49 +++++ rule_packages/c/Concurrency5.json | 1 + rule_packages/c/Concurrency6.json | 132 +++++++++++++ rules.csv | 26 +-- 33 files changed, 1125 insertions(+), 59 deletions(-) create mode 100644 c/cert/test/rules/CON39-C/ThreadWasPreviouslyJoinedOrDetached.testref rename c/{cert/test/rules/CON39-C/ThreadWasPreviouslyJoinedOrDetached.expected => common/test/rules/joinordetachthreadonlyonce/JoinOrDetachThreadOnlyOnce.expected} (100%) create mode 100644 c/common/test/rules/joinordetachthreadonlyonce/JoinOrDetachThreadOnlyOnce.ql rename c/{cert/test/rules/CON39-C => common/test/rules/joinordetachthreadonlyonce}/test.c (100%) create mode 100644 c/misra/src/rules/DIR-5-2/NotNoDeadlocksBetweenThreads.ql create mode 100644 c/misra/src/rules/DIR-5-3/BannedDynamicThreadCreation.ql create mode 100644 c/misra/src/rules/DIR-5-3/ThreadCreatedByThread.ql create mode 100644 c/misra/src/rules/RULE-12-6/AtomicAggregateObjectDirectlyAccessed.ql create mode 100644 c/misra/src/rules/RULE-21-25/InvalidMemoryOrderArgument.ql create mode 100644 c/misra/src/rules/RULE-22-11/ThreadPreviouslyJoinedOrDetached.ql create mode 100644 c/misra/test/rules/DIR-5-2/NotNoDeadlocksBetweenThreads.testref create mode 100644 c/misra/test/rules/DIR-5-3/BannedDynamicThreadCreation.expected create mode 100644 c/misra/test/rules/DIR-5-3/BannedDynamicThreadCreation.qlref create mode 100644 c/misra/test/rules/DIR-5-3/ThreadCreatedByThread.expected create mode 100644 c/misra/test/rules/DIR-5-3/ThreadCreatedByThread.qlref create mode 100644 c/misra/test/rules/DIR-5-3/test.c create mode 100644 c/misra/test/rules/RULE-12-6/AtomicAggregateObjectDirectlyAccessed.expected create mode 100644 c/misra/test/rules/RULE-12-6/AtomicAggregateObjectDirectlyAccessed.qlref create mode 100644 c/misra/test/rules/RULE-12-6/test.c create mode 100644 c/misra/test/rules/RULE-21-25/InvalidMemoryOrderArgument.expected create mode 100644 c/misra/test/rules/RULE-21-25/InvalidMemoryOrderArgument.qlref create mode 100644 c/misra/test/rules/RULE-21-25/test.c create mode 100644 c/misra/test/rules/RULE-22-11/ThreadPreviouslyJoinedOrDetached.testref create mode 100644 c/misra/test/rules/RULE-22-11/ThreadWasPreviouslyJoinedOrDetached.testref create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency6.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/joinordetachthreadonlyonce/JoinOrDetachThreadOnlyOnce.qll create mode 100644 rule_packages/c/Concurrency6.json diff --git a/c/cert/src/rules/CON39-C/ThreadWasPreviouslyJoinedOrDetached.ql b/c/cert/src/rules/CON39-C/ThreadWasPreviouslyJoinedOrDetached.ql index a8dead535d..0604d2d483 100644 --- a/c/cert/src/rules/CON39-C/ThreadWasPreviouslyJoinedOrDetached.ql +++ b/c/cert/src/rules/CON39-C/ThreadWasPreviouslyJoinedOrDetached.ql @@ -14,37 +14,10 @@ import cpp import codingstandards.c.cert -import codingstandards.cpp.Concurrency +import codingstandards.cpp.rules.joinordetachthreadonlyonce.JoinOrDetachThreadOnlyOnce -// OK -// 1) Thread calls detach parent DOES NOT call join -// 2) Parent calls join, thread does NOT call detach() -// NOT OK -// 1) Thread calls detach, parent calls join -// 2) Thread calls detach twice, parent does not call join -// 3) Parent calls join twice, thread does not call detach -from C11ThreadCreateCall tcc -where - not isExcluded(tcc, Concurrency5Package::threadWasPreviouslyJoinedOrDetachedQuery()) and - // Note: These cases can be simplified but they are presented like this for clarity - // case 1 - calls to `thrd_join` and `thrd_detach` within the parent or - // within the parent / child CFG. - exists(C11ThreadWait tw, C11ThreadDetach dt | - tw = getAThreadContextAwareSuccessor(tcc) and - dt = getAThreadContextAwareSuccessor(tcc) - ) - or - // case 2 - multiple calls to `thrd_detach` within the threaded CFG. - exists(C11ThreadDetach dt1, C11ThreadDetach dt2 | - dt1 = getAThreadContextAwareSuccessor(tcc) and - dt2 = getAThreadContextAwareSuccessor(tcc) and - not dt1 = dt2 - ) - or - // case 3 - multiple calls to `thrd_join` within the threaded CFG. - exists(C11ThreadWait tw1, C11ThreadWait tw2 | - tw1 = getAThreadContextAwareSuccessor(tcc) and - tw2 = getAThreadContextAwareSuccessor(tcc) and - not tw1 = tw2 - ) -select tcc, "Thread may call join or detach after the thread is joined or detached." +class ThreadWasPreviouslyJoinedOrDetachedQuery extends JoinOrDetachThreadOnlyOnceSharedQuery { + ThreadWasPreviouslyJoinedOrDetachedQuery() { + this = Concurrency5Package::threadWasPreviouslyJoinedOrDetachedQuery() + } +} diff --git a/c/cert/test/rules/CON39-C/ThreadWasPreviouslyJoinedOrDetached.testref b/c/cert/test/rules/CON39-C/ThreadWasPreviouslyJoinedOrDetached.testref new file mode 100644 index 0000000000..61fa88fd08 --- /dev/null +++ b/c/cert/test/rules/CON39-C/ThreadWasPreviouslyJoinedOrDetached.testref @@ -0,0 +1 @@ +c/common/test/rules/joinordetachthreadonlyonce/JoinOrDetachThreadOnlyOnce.ql \ No newline at end of file diff --git a/c/common/test/includes/standard-library/stdatomic.h b/c/common/test/includes/standard-library/stdatomic.h index 66b74ae61a..49a5b3cfcd 100644 --- a/c/common/test/includes/standard-library/stdatomic.h +++ b/c/common/test/includes/standard-library/stdatomic.h @@ -1,9 +1,69 @@ -#define atomic_compare_exchange_weak(a, b, c) 0 -#define atomic_compare_exchange_weak_explicit(a, b, c, d, e) 0 -#define atomic_load(a) 0 -#define atomic_load_explicit(a, b) -#define atomic_store(a, b) 0 -#define atomic_store_explicit(a, b, c) 0 #define ATOMIC_VAR_INIT(value) (value) #define atomic_is_lock_free(obj) __c11_atomic_is_lock_free(sizeof(*(obj))) -typedef _Atomic(int) atomic_int; \ No newline at end of file +typedef _Atomic(int) atomic_int; + +#define __ATOMIC_RELAXED 0 +#define __ATOMIC_CONSUME 1 +#define __ATOMIC_ACQUIRE 2 +#define __ATOMIC_RELEASE 3 +#define __ATOMIC_ACQ_REL 4 +#define __ATOMIC_SEQ_CST 5 + +typedef enum memory_order { + memory_order_relaxed = __ATOMIC_RELAXED, + memory_order_consume = __ATOMIC_CONSUME, + memory_order_acquire = __ATOMIC_ACQUIRE, + memory_order_release = __ATOMIC_RELEASE, + memory_order_acq_rel = __ATOMIC_ACQ_REL, + memory_order_seq_cst = __ATOMIC_SEQ_CST +} memory_order; + +void atomic_thread_fence(memory_order); +void atomic_signal_fence(memory_order); + +#define atomic_thread_fence(order) __c11_atomic_thread_fence(order) +#define atomic_signal_fence(order) __c11_atomic_signal_fence(order) + +#define atomic_store(object, desired) __c11_atomic_store(object, desired, __ATOMIC_SEQ_CST) +#define atomic_store_explicit __c11_atomic_store + +#define atomic_load(object) __c11_atomic_load(object, __ATOMIC_SEQ_CST) +#define atomic_load_explicit __c11_atomic_load + +#define atomic_exchange(object, desired) __c11_atomic_exchange(object, desired, __ATOMIC_SEQ_CST) +#define atomic_exchange_explicit __c11_atomic_exchange + +#define atomic_compare_exchange_strong(object, expected, desired) __c11_atomic_compare_exchange_strong(object, expected, desired, __ATOMIC_SEQ_CST, __ATOMIC_SEQ_CST) +#define atomic_compare_exchange_strong_explicit __c11_atomic_compare_exchange_strong + +#define atomic_compare_exchange_weak(object, expected, desired) __c11_atomic_compare_exchange_weak(object, expected, desired, __ATOMIC_SEQ_CST, __ATOMIC_SEQ_CST) +#define atomic_compare_exchange_weak_explicit __c11_atomic_compare_exchange_weak + +#define atomic_fetch_add(object, operand) __c11_atomic_fetch_add(object, operand, __ATOMIC_SEQ_CST) +#define atomic_fetch_add_explicit __c11_atomic_fetch_add + +#define atomic_fetch_sub(object, operand) __c11_atomic_fetch_sub(object, operand, __ATOMIC_SEQ_CST) +#define atomic_fetch_sub_explicit __c11_atomic_fetch_sub + +#define atomic_fetch_or(object, operand) __c11_atomic_fetch_or(object, operand, __ATOMIC_SEQ_CST) +#define atomic_fetch_or_explicit __c11_atomic_fetch_or + +#define atomic_fetch_xor(object, operand) __c11_atomic_fetch_xor(object, operand, __ATOMIC_SEQ_CST) +#define atomic_fetch_xor_explicit __c11_atomic_fetch_xor + +#define atomic_fetch_and(object, operand) __c11_atomic_fetch_and(object, operand, __ATOMIC_SEQ_CST) +#define atomic_fetch_and_explicit __c11_atomic_fetch_and + +typedef struct atomic_flag { _Atomic(_Bool) _Value; } atomic_flag; + +_Bool atomic_flag_test_and_set(volatile atomic_flag *); +_Bool atomic_flag_test_and_set_explicit(volatile atomic_flag *, memory_order); + +void atomic_flag_clear(volatile atomic_flag *); +void atomic_flag_clear_explicit(volatile atomic_flag *, memory_order); + +#define atomic_flag_test_and_set(object) __c11_atomic_exchange(&(object)->_Value, 1, __ATOMIC_SEQ_CST) +#define atomic_flag_test_and_set_explicit(object, order) __c11_atomic_exchange(&(object)->_Value, 1, order) + +#define atomic_flag_clear(object) __c11_atomic_store(&(object)->_Value, 0, __ATOMIC_SEQ_CST) +#define atomic_flag_clear_explicit(object, order) __c11_atomic_store(&(object)->_Value, 0, order) \ No newline at end of file diff --git a/c/cert/test/rules/CON39-C/ThreadWasPreviouslyJoinedOrDetached.expected b/c/common/test/rules/joinordetachthreadonlyonce/JoinOrDetachThreadOnlyOnce.expected similarity index 100% rename from c/cert/test/rules/CON39-C/ThreadWasPreviouslyJoinedOrDetached.expected rename to c/common/test/rules/joinordetachthreadonlyonce/JoinOrDetachThreadOnlyOnce.expected diff --git a/c/common/test/rules/joinordetachthreadonlyonce/JoinOrDetachThreadOnlyOnce.ql b/c/common/test/rules/joinordetachthreadonlyonce/JoinOrDetachThreadOnlyOnce.ql new file mode 100644 index 0000000000..87188403af --- /dev/null +++ b/c/common/test/rules/joinordetachthreadonlyonce/JoinOrDetachThreadOnlyOnce.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.joinordetachthreadonlyonce.JoinOrDetachThreadOnlyOnce + +class TestFileQuery extends JoinOrDetachThreadOnlyOnceSharedQuery, TestQuery { } diff --git a/c/cert/test/rules/CON39-C/test.c b/c/common/test/rules/joinordetachthreadonlyonce/test.c similarity index 100% rename from c/cert/test/rules/CON39-C/test.c rename to c/common/test/rules/joinordetachthreadonlyonce/test.c diff --git a/c/misra/src/rules/DIR-5-2/NotNoDeadlocksBetweenThreads.ql b/c/misra/src/rules/DIR-5-2/NotNoDeadlocksBetweenThreads.ql new file mode 100644 index 0000000000..ffe30a2b6a --- /dev/null +++ b/c/misra/src/rules/DIR-5-2/NotNoDeadlocksBetweenThreads.ql @@ -0,0 +1,24 @@ +/** + * @id c/misra/not-no-deadlocks-between-threads + * @name DIR-5-2: There shall be no deadlocks between threads + * @description Circular waits leading to thread deadlocks may be avoided by locking in a predefined + * order. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/dir-5-2 + * external/misra/c/2012/amendment4 + * correctness + * concurrency + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.rules.preventdeadlockbylockinginpredefinedorder.PreventDeadlockByLockingInPredefinedOrder + +class NotNoDeadlocksBetweenThreadsQuery extends PreventDeadlockByLockingInPredefinedOrderSharedQuery { + NotNoDeadlocksBetweenThreadsQuery() { + this = Concurrency6Package::notNoDeadlocksBetweenThreadsQuery() + } +} diff --git a/c/misra/src/rules/DIR-5-3/BannedDynamicThreadCreation.ql b/c/misra/src/rules/DIR-5-3/BannedDynamicThreadCreation.ql new file mode 100644 index 0000000000..4bb526306b --- /dev/null +++ b/c/misra/src/rules/DIR-5-3/BannedDynamicThreadCreation.ql @@ -0,0 +1,29 @@ +/** + * @id c/misra/banned-dynamic-thread-creation + * @name DIR-5-3: There shall be no dynamic thread creation + * @description Creating threads outside of a well-defined program start-up phase creates + * uncertainty in program behavior and concurrency overhead costs. + * @kind problem + * @precision low + * @problem.severity error + * @tags external/misra/id/dir-5-3 + * external/misra/c/2012/amendment4 + * external/misra/c/audit + * correctness + * maintainability + * concurrency + * performance + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.Concurrency + +from CThreadCreateCall tc, Function enclosingFunction +where + not isExcluded(tc, Concurrency6Package::bannedDynamicThreadCreationQuery()) and + enclosingFunction = tc.getEnclosingFunction() and + not enclosingFunction.getName() = "main" +select tc, "Possible dynamic creation of thread outside initialization in function '$@'.", + enclosingFunction, enclosingFunction.toString() diff --git a/c/misra/src/rules/DIR-5-3/ThreadCreatedByThread.ql b/c/misra/src/rules/DIR-5-3/ThreadCreatedByThread.ql new file mode 100644 index 0000000000..cf08a0c809 --- /dev/null +++ b/c/misra/src/rules/DIR-5-3/ThreadCreatedByThread.ql @@ -0,0 +1,45 @@ +/** + * @id c/misra/thread-created-by-thread + * @name DIR-5-3: Threads shall not be created by other threads + * @description Creating threads within threads creates uncertainty in program behavior and + * concurrency overhead costs. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/misra/id/dir-5-3 + * external/misra/c/2012/amendment4 + * correctness + * maintainability + * concurrency + * performance + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.Concurrency + +Function callers(Function f) { result = f.getACallToThisFunction().getEnclosingFunction() } + +class ThreadReachableFunction extends Function { + /* The root threaded function from which this function is reachable */ + Function threadRoot; + + ThreadReachableFunction() { + exists(CThreadCreateCall tc | + tc.getFunction() = callers*(this) and + threadRoot = tc.getFunction() + ) + } + + /* Get the root threaded function from which this function is reachable */ + Function getThreadRoot() { result = threadRoot } +} + +from CThreadCreateCall tc, ThreadReachableFunction enclosingFunction, Function threadRoot +where + not isExcluded(tc, Concurrency6Package::threadCreatedByThreadQuery()) and + enclosingFunction = tc.getEnclosingFunction() and + threadRoot = enclosingFunction.getThreadRoot() +select tc, "Thread creation call reachable from threaded function '$@'.", threadRoot, + threadRoot.toString() \ No newline at end of file diff --git a/c/misra/src/rules/RULE-12-6/AtomicAggregateObjectDirectlyAccessed.ql b/c/misra/src/rules/RULE-12-6/AtomicAggregateObjectDirectlyAccessed.ql new file mode 100644 index 0000000000..4e65fa3f91 --- /dev/null +++ b/c/misra/src/rules/RULE-12-6/AtomicAggregateObjectDirectlyAccessed.ql @@ -0,0 +1,35 @@ +/** + * @id c/misra/atomic-aggregate-object-directly-accessed + * @name RULE-12-6: Structure and union members of atomic objects shall not be directly accessed + * @description Accessing a member of an atomic structure or union results in undefined behavior. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-12-6 + * external/misra/c/2012/amendment4 + * correctness + * concurrency + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +from Expr expr, Field field +where + not isExcluded(expr, Concurrency6Package::atomicAggregateObjectDirectlyAccessedQuery()) and + not expr.isUnevaluated() and + ( + exists(FieldAccess fa | + expr = fa and + fa.getQualifier().getUnderlyingType().hasSpecifier("atomic") and + field = fa.getTarget() + ) + or + exists(PointerFieldAccess fa | + expr = fa and + fa.getQualifier().getUnderlyingType().(PointerType).getBaseType().hasSpecifier("atomic") and + field = fa.getTarget() + ) + ) +select expr, "Invalid access to member '$@' on atomic struct or union.", field, field.getName() diff --git a/c/misra/src/rules/RULE-21-25/InvalidMemoryOrderArgument.ql b/c/misra/src/rules/RULE-21-25/InvalidMemoryOrderArgument.ql new file mode 100644 index 0000000000..4924c0df33 --- /dev/null +++ b/c/misra/src/rules/RULE-21-25/InvalidMemoryOrderArgument.ql @@ -0,0 +1,176 @@ +/** + * @id c/misra/invalid-memory-order-argument + * @name RULE-21-25: All memory synchronization operations shall be executed in sequentially consistent order + * @description Only the memory ordering of 'memory_order_seq_cst' is fully portable and consistent. + * @kind path-problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-21-25 + * external/misra/c/2012/amendment4 + * correctness + * concurrency + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import semmle.code.cpp.dataflow.new.DataFlow + +/* A member of the set of memory orders defined in the `memory_order` enum */ +class MemoryOrder extends EnumConstant { + MemoryOrder() { getDeclaringEnum().getName() = "memory_order" } + + int getIntValue() { result = getValue().toInt() } +} + +/* This is the only standardized memory order, allowed by RULE-21-25. */ +class AllowedMemoryOrder extends MemoryOrder { + AllowedMemoryOrder() { getName() = "memory_order_seq_cst" } +} + +/* An expression referring to a memory order */ +class MemoryOrderConstantAccess extends EnumConstantAccess { + MemoryOrderConstantAccess() { getTarget() instanceof MemoryOrder } + + predicate isAllowedOrder() { getTarget() instanceof AllowedMemoryOrder } +} + +/* An expression with a constant value that equals a `MemoryOrder` constant */ +class MemoryOrderConstantExpr extends Expr { + MemoryOrder ord; + + MemoryOrderConstantExpr() { + if + this instanceof MemoryOrderConstantAccess + then + ord = this.(MemoryOrderConstantAccess).getTarget() + else + ord.getIntValue() = getValue().toInt() + } + + /* Get the name of the `MemoryOrder` this expression is valued as. */ + string getMemoryOrderString() { + result = ord.toString() + } +} + +/** + * A `stdatomic.h` function which accepts a `memory_order` value as a parameter. + */ +class MemoryOrderedStdAtomicFunction extends Function { + int orderParamIdx; + + MemoryOrderedStdAtomicFunction() { + exists(int baseParamIdx, int baseParams, string prefix, string suffix | + prefix = ["__", "__c11_"] and + suffix = ["", ".*", "_explicit"] and + ( + getName().regexpMatch(prefix + ["atomic_thread_fence", "atomic_signal_fence"] + suffix) and + baseParamIdx = 0 and + baseParams = 1 + or + getName() + .regexpMatch(prefix + ["atomic_load", "atomic_flag_clear", "atomic_flag_test_and_set"] + + suffix) and + baseParamIdx = 1 and + baseParams = 2 + or + getName().regexpMatch(prefix + ["atomic_store", "atomic_fetch_.*", "atomic_exchange"] + suffix) and + baseParamIdx = 2 and + baseParams = 3 + or + getName().regexpMatch(prefix + "atomic_compare_exchange_.*" + suffix) and + baseParamIdx = [3, 4] and + baseParams = 5 + ) and + ( + // GCC case, may have one or two inserted parameters, e.g.: + // __atomic_load(8, &repr->a, &desired, order) + // or + // __atomic_load_8(&repr->a, &desired, order) + prefix = "__" and + suffix = ".*" and + exists(int extraParams | + extraParams = getNumberOfParameters() - baseParams and + extraParams >= 0 and + orderParamIdx = baseParamIdx + extraParams + ) + or + // Clang case, no inserted parameters: + // __c11_atomic_load(object, order) + suffix = "" and + prefix = "__c11_" and + orderParamIdx = baseParamIdx + or + // Non-macro case, may occur in a subset of gcc/clang functions: + prefix = "" and + suffix = "_explicit" and + orderParamIdx = baseParamIdx + ) + ) + } + + int getOrderParameterIdx() { result = orderParamIdx } +} + +module MemoryOrderFlowConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node node) { + // Direct usage of memory order constant + exists(MemoryOrderConstantAccess constant | + node.asExpr() = constant and + not constant.isAllowedOrder() + ) + or + // A literal with a disallowed constant integer value + exists(Literal literal | + node.asExpr() = literal and + not literal.getValue().toInt() = any(AllowedMemoryOrder a).getValue().toInt() + ) + or + // Everything else: not a memory order constant or an integer valued literal, also exclude + // variables and functions, things that flow further back. + exists(Expr e | + node.asExpr() = e and + not e instanceof MemoryOrderConstantAccess and + not e instanceof Literal and + not e instanceof VariableAccess and + not e instanceof FunctionCall and + not DataFlow::localFlowStep(_, node) + ) + } + + predicate isSink(DataFlow::Node node) { + exists(FunctionCall fc | + node.asExpr() = + fc.getArgument(fc.getTarget().(MemoryOrderedStdAtomicFunction).getOrderParameterIdx()) + ) + } +} + +module MemoryOrderFlow = DataFlow::Global; + +import MemoryOrderFlow::PathGraph + +/** + * If the node is a memory order constant, or shares a value with a memory order constant, then + * return the name of that cnonstant. Otherwise, simply print the node. + */ +string describeMemoryOrderNode(DataFlow::Node node) { + if node.asExpr() instanceof MemoryOrderConstantExpr + then result = node.asExpr().(MemoryOrderConstantExpr).getMemoryOrderString() + else result = node.toString() +} + +from + Expr argument, Function function, string value, MemoryOrderFlow::PathNode source, + MemoryOrderFlow::PathNode sink +where + not isExcluded(argument, Concurrency6Package::invalidMemoryOrderArgumentQuery()) and + MemoryOrderFlow::flowPath(source, sink) and + argument = sink.getNode().asExpr() and + value = describeMemoryOrderNode(source.getNode()) and + // Double check that we didn't find flow from something equivalent to the allowed value. + not value = any(AllowedMemoryOrder e).getName() and + function.getACallToThisFunction().getAnArgument() = argument +select argument, source, sink, "Invalid memory order '$@' in call to function '$@'.", value, value, + function, function.toString() diff --git a/c/misra/src/rules/RULE-22-11/ThreadPreviouslyJoinedOrDetached.ql b/c/misra/src/rules/RULE-22-11/ThreadPreviouslyJoinedOrDetached.ql new file mode 100644 index 0000000000..1a6476b1a7 --- /dev/null +++ b/c/misra/src/rules/RULE-22-11/ThreadPreviouslyJoinedOrDetached.ql @@ -0,0 +1,24 @@ +/** + * @id c/misra/thread-previously-joined-or-detached + * @name RULE-22-11: A thread that was previously either joined or detached shall not be subsequently joined nor detached + * @description Joining or detaching a previously joined or detached thread can lead to undefined + * program behavior. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/misra/id/rule-22-11 + * external/misra/c/2012/amendment4 + * correctness + * concurrency + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.rules.joinordetachthreadonlyonce.JoinOrDetachThreadOnlyOnce + +class ThreadPreviouslyJoinedOrDetachedQuery extends JoinOrDetachThreadOnlyOnceSharedQuery { + ThreadPreviouslyJoinedOrDetachedQuery() { + this = Concurrency6Package::threadPreviouslyJoinedOrDetachedQuery() + } +} diff --git a/c/misra/test/rules/DIR-5-2/NotNoDeadlocksBetweenThreads.testref b/c/misra/test/rules/DIR-5-2/NotNoDeadlocksBetweenThreads.testref new file mode 100644 index 0000000000..4625d1a24d --- /dev/null +++ b/c/misra/test/rules/DIR-5-2/NotNoDeadlocksBetweenThreads.testref @@ -0,0 +1 @@ +c/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql \ No newline at end of file diff --git a/c/misra/test/rules/DIR-5-3/BannedDynamicThreadCreation.expected b/c/misra/test/rules/DIR-5-3/BannedDynamicThreadCreation.expected new file mode 100644 index 0000000000..ff829918fd --- /dev/null +++ b/c/misra/test/rules/DIR-5-3/BannedDynamicThreadCreation.expected @@ -0,0 +1,16 @@ +| test.c:37:3:37:13 | call to thrd_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:36:6:36:34 | make_threads_called_from_main | make_threads_called_from_main | +| test.c:38:3:38:16 | call to pthread_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:36:6:36:34 | make_threads_called_from_main | make_threads_called_from_main | +| test.c:46:3:46:13 | call to thrd_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:45:6:45:51 | make_threads_called_from_func_called_from_main | make_threads_called_from_func_called_from_main | +| test.c:47:3:47:16 | call to pthread_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:45:6:45:51 | make_threads_called_from_func_called_from_main | make_threads_called_from_func_called_from_main | +| test.c:56:3:56:13 | call to thrd_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:55:7:55:18 | pthread_func | pthread_func | +| test.c:57:3:57:16 | call to pthread_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:55:7:55:18 | pthread_func | pthread_func | +| test.c:65:3:65:13 | call to thrd_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:64:5:64:13 | thrd_func | thrd_func | +| test.c:66:3:66:16 | call to pthread_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:64:5:64:13 | thrd_func | thrd_func | +| test.c:74:3:74:13 | call to thrd_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:73:6:73:39 | make_threads_called_from_thrd_func | make_threads_called_from_thrd_func | +| test.c:75:3:75:16 | call to pthread_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:73:6:73:39 | make_threads_called_from_thrd_func | make_threads_called_from_thrd_func | +| test.c:83:3:83:13 | call to thrd_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:82:6:82:59 | make_threads_called_from_func_called_from_pthread_thrd | make_threads_called_from_func_called_from_pthread_thrd | +| test.c:84:3:84:16 | call to pthread_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:82:6:82:59 | make_threads_called_from_func_called_from_pthread_thrd | make_threads_called_from_func_called_from_pthread_thrd | +| test.c:88:3:88:13 | call to thrd_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:87:6:87:47 | make_threads_called_from_main_pthread_thrd | make_threads_called_from_main_pthread_thrd | +| test.c:89:3:89:16 | call to pthread_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:87:6:87:47 | make_threads_called_from_main_pthread_thrd | make_threads_called_from_main_pthread_thrd | +| test.c:93:3:93:13 | call to thrd_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:92:6:92:38 | make_threads_not_called_by_anyone | make_threads_not_called_by_anyone | +| test.c:94:3:94:16 | call to pthread_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:92:6:92:38 | make_threads_not_called_by_anyone | make_threads_not_called_by_anyone | diff --git a/c/misra/test/rules/DIR-5-3/BannedDynamicThreadCreation.qlref b/c/misra/test/rules/DIR-5-3/BannedDynamicThreadCreation.qlref new file mode 100644 index 0000000000..16c9614cec --- /dev/null +++ b/c/misra/test/rules/DIR-5-3/BannedDynamicThreadCreation.qlref @@ -0,0 +1 @@ +rules/DIR-5-3/BannedDynamicThreadCreation.ql \ No newline at end of file diff --git a/c/misra/test/rules/DIR-5-3/ThreadCreatedByThread.expected b/c/misra/test/rules/DIR-5-3/ThreadCreatedByThread.expected new file mode 100644 index 0000000000..74be75ffeb --- /dev/null +++ b/c/misra/test/rules/DIR-5-3/ThreadCreatedByThread.expected @@ -0,0 +1,14 @@ +| test.c:56:3:56:13 | call to thrd_create | Thread creation call reachable from threaded function '$@'. | test.c:55:7:55:18 | pthread_func | pthread_func | +| test.c:57:3:57:16 | call to pthread_create | Thread creation call reachable from threaded function '$@'. | test.c:55:7:55:18 | pthread_func | pthread_func | +| test.c:65:3:65:13 | call to thrd_create | Thread creation call reachable from threaded function '$@'. | test.c:64:5:64:13 | thrd_func | thrd_func | +| test.c:66:3:66:16 | call to pthread_create | Thread creation call reachable from threaded function '$@'. | test.c:64:5:64:13 | thrd_func | thrd_func | +| test.c:74:3:74:13 | call to thrd_create | Thread creation call reachable from threaded function '$@'. | test.c:64:5:64:13 | thrd_func | thrd_func | +| test.c:75:3:75:16 | call to pthread_create | Thread creation call reachable from threaded function '$@'. | test.c:64:5:64:13 | thrd_func | thrd_func | +| test.c:83:3:83:13 | call to thrd_create | Thread creation call reachable from threaded function '$@'. | test.c:55:7:55:18 | pthread_func | pthread_func | +| test.c:83:3:83:13 | call to thrd_create | Thread creation call reachable from threaded function '$@'. | test.c:64:5:64:13 | thrd_func | thrd_func | +| test.c:84:3:84:16 | call to pthread_create | Thread creation call reachable from threaded function '$@'. | test.c:55:7:55:18 | pthread_func | pthread_func | +| test.c:84:3:84:16 | call to pthread_create | Thread creation call reachable from threaded function '$@'. | test.c:64:5:64:13 | thrd_func | thrd_func | +| test.c:88:3:88:13 | call to thrd_create | Thread creation call reachable from threaded function '$@'. | test.c:55:7:55:18 | pthread_func | pthread_func | +| test.c:88:3:88:13 | call to thrd_create | Thread creation call reachable from threaded function '$@'. | test.c:64:5:64:13 | thrd_func | thrd_func | +| test.c:89:3:89:16 | call to pthread_create | Thread creation call reachable from threaded function '$@'. | test.c:55:7:55:18 | pthread_func | pthread_func | +| test.c:89:3:89:16 | call to pthread_create | Thread creation call reachable from threaded function '$@'. | test.c:64:5:64:13 | thrd_func | thrd_func | diff --git a/c/misra/test/rules/DIR-5-3/ThreadCreatedByThread.qlref b/c/misra/test/rules/DIR-5-3/ThreadCreatedByThread.qlref new file mode 100644 index 0000000000..99cecb8311 --- /dev/null +++ b/c/misra/test/rules/DIR-5-3/ThreadCreatedByThread.qlref @@ -0,0 +1 @@ +rules/DIR-5-3/ThreadCreatedByThread.ql \ No newline at end of file diff --git a/c/misra/test/rules/DIR-5-3/test.c b/c/misra/test/rules/DIR-5-3/test.c new file mode 100644 index 0000000000..294f79a276 --- /dev/null +++ b/c/misra/test/rules/DIR-5-3/test.c @@ -0,0 +1,95 @@ +#include "threads.h" +#include "pthread.h" + +thrd_t g1; // COMPLIANT +pthread_t g2; // COMPLIANT +thrd_t g3[10]; // COMPLIANT +pthread_t g4[10]; // COMPLIANT + +struct { + thrd_t m1; // COMPLIANT + pthread_t m2; // COMPLIANT +} g7; + +void* pthread_func(void* arg); +int thrd_func(void* arg); + +void make_threads_called_from_main(void); +void func_called_from_main(void); +void make_threads_called_from_func_called_from_main(void); +void make_threads_called_from_main_pthread_thrd(void); + +void main() { + // Main starting top level threads -- ok. + thrd_create(&g1, &thrd_func, NULL); // COMPLIANT + pthread_create(&g2, NULL, &pthread_func, NULL); // COMPLIANT + + // Starting thread in pool -- ok. + thrd_create(&g3[0], &thrd_func, NULL); // COMPLIANT + pthread_create(&g4[0], NULL, &pthread_func, NULL); // COMPLIANT + + make_threads_called_from_main(); + func_called_from_main(); + make_threads_called_from_main_pthread_thrd(); +} + +void make_threads_called_from_main() { + thrd_create(&g3[0], &thrd_func, NULL); // COMPLIANT + pthread_create(&g4[0], NULL, &pthread_func, NULL); // COMPLIANT +} + +void func_called_from_main() { + make_threads_called_from_func_called_from_main(); +} + +void make_threads_called_from_func_called_from_main() { + thrd_create(&g3[0], &thrd_func, NULL); // COMPLIANT + pthread_create(&g4[0], NULL, &pthread_func, NULL); // COMPLIANT +} + +void make_threads_called_from_pthread_func(void); +void make_threads_called_from_thrd_func(void); +void func_called_from_pthread_thrd(void); +void make_threads_called_from_func_called_from_pthread_thrd(void); + +void* pthread_func(void* arg) { + thrd_create(&g3[0], &thrd_func, NULL); // NON-COMPLIANT + pthread_create(&g4[0], NULL, &pthread_func, NULL); // NON-COMPLIANT + + make_threads_called_from_pthread_func(); + func_called_from_pthread_thrd(); + make_threads_called_from_main_pthread_thrd(); +} + +int thrd_func(void* arg) { + thrd_create(&g3[0], &thrd_func, NULL); // NON-COMPLIANT + pthread_create(&g4[0], NULL, &pthread_func, NULL); // NON-COMPLIANT + + make_threads_called_from_thrd_func(); + func_called_from_pthread_thrd(); + make_threads_called_from_main_pthread_thrd(); +} + +void make_threads_called_from_thrd_func(void) { + thrd_create(&g3[0], &thrd_func, NULL); // NON-COMPLIANT + pthread_create(&g4[0], NULL, &pthread_func, NULL); // NON-COMPLIANT +} + +void func_called_from_pthread_thrd(void) { + make_threads_called_from_func_called_from_pthread_thrd(); +} + +void make_threads_called_from_func_called_from_pthread_thrd(void) { + thrd_create(&g3[0], &thrd_func, NULL); // NON-COMPLIANT + pthread_create(&g4[0], NULL, &pthread_func, NULL); // NON-COMPLIANT +} + +void make_threads_called_from_main_pthread_thrd() { + thrd_create(&g3[0], &thrd_func, NULL); // NON-COMPLIANT + pthread_create(&g4[0], NULL, &pthread_func, NULL); // NON-COMPLIANT +} + +void make_threads_not_called_by_anyone() { + thrd_create(&g3[0], &thrd_func, NULL); // COMPLIANT + pthread_create(&g4[0], NULL, &pthread_func, NULL); // COMPLIANT +} diff --git a/c/misra/test/rules/RULE-12-6/AtomicAggregateObjectDirectlyAccessed.expected b/c/misra/test/rules/RULE-12-6/AtomicAggregateObjectDirectlyAccessed.expected new file mode 100644 index 0000000000..02159bef69 --- /dev/null +++ b/c/misra/test/rules/RULE-12-6/AtomicAggregateObjectDirectlyAccessed.expected @@ -0,0 +1,4 @@ +| test.c:41:13:41:13 | x | Invalid access to member '$@' on atomic struct or union. | test.c:5:7:5:7 | x | x | +| test.c:42:18:42:18 | x | Invalid access to member '$@' on atomic struct or union. | test.c:5:7:5:7 | x | x | +| test.c:43:13:43:13 | x | Invalid access to member '$@' on atomic struct or union. | test.c:5:7:5:7 | x | x | +| test.c:44:18:44:18 | x | Invalid access to member '$@' on atomic struct or union. | test.c:5:7:5:7 | x | x | diff --git a/c/misra/test/rules/RULE-12-6/AtomicAggregateObjectDirectlyAccessed.qlref b/c/misra/test/rules/RULE-12-6/AtomicAggregateObjectDirectlyAccessed.qlref new file mode 100644 index 0000000000..2196eeace1 --- /dev/null +++ b/c/misra/test/rules/RULE-12-6/AtomicAggregateObjectDirectlyAccessed.qlref @@ -0,0 +1 @@ +rules/RULE-12-6/AtomicAggregateObjectDirectlyAccessed.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-12-6/test.c b/c/misra/test/rules/RULE-12-6/test.c new file mode 100644 index 0000000000..2b1eeb7568 --- /dev/null +++ b/c/misra/test/rules/RULE-12-6/test.c @@ -0,0 +1,59 @@ +#include "stdatomic.h" +#include "string.h" + +typedef struct s2 { + int x; +} s1; + +_Atomic s1 atomic_s1; +// A non-atomic pointer to an atomic s1 +_Atomic s1 *ptr_atomic_s1; +// An atomic pointer to a non-atomic s1 +s1 *_Atomic s1_atomic_ptr; + +_Atomic int g3; + +void takeCopy(s1 p1); + +void f1() { + s1 *l1; + l1 = atomic_load(&atomic_s1); // COMPLIANT + l1 = atomic_load(ptr_atomic_s1); // COMPLIANT + l1 = atomic_load(&s1_atomic_ptr); // COMPLIANT + l1->x = 4; // COMPLIANT + atomic_store(&atomic_s1, l1); // COMPLIANT + atomic_store(ptr_atomic_s1, l1); // COMPLIANT + atomic_store(&s1_atomic_ptr, l1); // COMPLIANT + + // Undefined behavior, but not banned by this rule. + memset(&atomic_s1, sizeof(atomic_s1), 0); // COMPLIANT + memset(ptr_atomic_s1, sizeof(*ptr_atomic_s1), 0); // COMPLIANT + + // OK: whole loads and stores are protected from data-races. + takeCopy(atomic_s1); // COMPLIANT + takeCopy(*ptr_atomic_s1); // COMPLIANT + atomic_s1 = (s1){0}; // COMPLIANT + *ptr_atomic_s1 = (s1){0}; // COMPLIANT + atomic_s1 = *l1; // COMPLIANT + ptr_atomic_s1 = l1; // COMPLIANT + + // Banned: circumvents data-race protection, results in UB. + atomic_s1.x; // NON-COMPLIANT + ptr_atomic_s1->x; // NON-COMPLIANT + atomic_s1.x = 0; // NON-COMPLIANT + ptr_atomic_s1->x = 0; // NON-COMPLIANT + + // OK: not evaluated. + sizeof(atomic_s1); // COMPLIANT + sizeof(ptr_atomic_s1); // COMPLIANT + sizeof(atomic_s1.x); // COMPLIANT + sizeof(ptr_atomic_s1->x); // COMPLIANT + + // All OK: not an atomic struct, but rather an atomic pointer to non-atomic + // struct. + memset(s1_atomic_ptr, sizeof(*s1_atomic_ptr), 0); // COMPLIANT + takeCopy(*s1_atomic_ptr); // COMPLIANT + *s1_atomic_ptr = (s1){0}; // COMPLIANT + s1_atomic_ptr = l1; // COMPLIANT + s1_atomic_ptr->x; // COMPLIANT +} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-25/InvalidMemoryOrderArgument.expected b/c/misra/test/rules/RULE-21-25/InvalidMemoryOrderArgument.expected new file mode 100644 index 0000000000..07229ff975 --- /dev/null +++ b/c/misra/test/rules/RULE-21-25/InvalidMemoryOrderArgument.expected @@ -0,0 +1,99 @@ +edges +| test.c:4:5:4:6 | *g2 | test.c:53:33:53:34 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:54:29:54:30 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:55:42:55:43 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:56:35:56:36 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:57:36:57:37 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:58:54:58:55 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:59:58:59:59 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:60:52:60:53 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:61:56:61:57 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:62:37:62:38 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:63:37:63:38 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:64:36:64:37 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:65:37:65:38 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:66:37:66:38 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:67:23:67:24 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:68:23:68:24 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:71:23:71:24 | g2 | provenance | | +| test.c:4:10:4:29 | memory_order_relaxed | test.c:4:5:4:6 | *g2 | provenance | | +| test.c:5:5:5:6 | *g3 | test.c:72:23:72:24 | g3 | provenance | | +| test.c:5:10:5:29 | memory_order_acquire | test.c:5:5:5:6 | *g3 | provenance | | +| test.c:6:5:6:6 | *g4 | test.c:73:23:73:24 | g4 | provenance | | +| test.c:6:10:6:29 | memory_order_consume | test.c:6:5:6:6 | *g4 | provenance | | +| test.c:7:5:7:6 | *g5 | test.c:74:23:74:24 | g5 | provenance | | +| test.c:7:10:7:29 | memory_order_acq_rel | test.c:7:5:7:6 | *g5 | provenance | | +| test.c:8:5:8:6 | *g6 | test.c:75:23:75:24 | g6 | provenance | | +| test.c:8:10:8:29 | memory_order_release | test.c:8:5:8:6 | *g6 | provenance | | +nodes +| test.c:4:5:4:6 | *g2 | semmle.label | *g2 | +| test.c:4:10:4:29 | memory_order_relaxed | semmle.label | memory_order_relaxed | +| test.c:5:5:5:6 | *g3 | semmle.label | *g3 | +| test.c:5:10:5:29 | memory_order_acquire | semmle.label | memory_order_acquire | +| test.c:6:5:6:6 | *g4 | semmle.label | *g4 | +| test.c:6:10:6:29 | memory_order_consume | semmle.label | memory_order_consume | +| test.c:7:5:7:6 | *g5 | semmle.label | *g5 | +| test.c:7:10:7:29 | memory_order_acq_rel | semmle.label | memory_order_acq_rel | +| test.c:8:5:8:6 | *g6 | semmle.label | *g6 | +| test.c:8:10:8:29 | memory_order_release | semmle.label | memory_order_release | +| test.c:16:29:16:48 | memory_order_relaxed | semmle.label | memory_order_relaxed | +| test.c:17:29:17:48 | memory_order_acquire | semmle.label | memory_order_acquire | +| test.c:18:29:18:48 | memory_order_consume | semmle.label | memory_order_consume | +| test.c:19:29:19:48 | memory_order_acq_rel | semmle.label | memory_order_acq_rel | +| test.c:20:29:20:48 | memory_order_release | semmle.label | memory_order_release | +| test.c:53:33:53:34 | g2 | semmle.label | g2 | +| test.c:54:29:54:30 | g2 | semmle.label | g2 | +| test.c:55:42:55:43 | g2 | semmle.label | g2 | +| test.c:56:35:56:36 | g2 | semmle.label | g2 | +| test.c:57:36:57:37 | g2 | semmle.label | g2 | +| test.c:58:54:58:55 | g2 | semmle.label | g2 | +| test.c:59:58:59:59 | g2 | semmle.label | g2 | +| test.c:60:52:60:53 | g2 | semmle.label | g2 | +| test.c:61:56:61:57 | g2 | semmle.label | g2 | +| test.c:62:37:62:38 | g2 | semmle.label | g2 | +| test.c:63:37:63:38 | g2 | semmle.label | g2 | +| test.c:64:36:64:37 | g2 | semmle.label | g2 | +| test.c:65:37:65:38 | g2 | semmle.label | g2 | +| test.c:66:37:66:38 | g2 | semmle.label | g2 | +| test.c:67:23:67:24 | g2 | semmle.label | g2 | +| test.c:68:23:68:24 | g2 | semmle.label | g2 | +| test.c:71:23:71:24 | g2 | semmle.label | g2 | +| test.c:72:23:72:24 | g3 | semmle.label | g3 | +| test.c:73:23:73:24 | g4 | semmle.label | g4 | +| test.c:74:23:74:24 | g5 | semmle.label | g5 | +| test.c:75:23:75:24 | g6 | semmle.label | g6 | +| test.c:78:23:78:46 | ... * ... | semmle.label | ... * ... | +| test.c:79:23:79:23 | 1 | semmle.label | 1 | +| test.c:80:23:80:25 | 100 | semmle.label | 100 | +| test.c:81:23:81:28 | ... + ... | semmle.label | ... + ... | +subpaths +#select +| test.c:16:29:16:48 | memory_order_relaxed | test.c:16:29:16:48 | memory_order_relaxed | test.c:16:29:16:48 | memory_order_relaxed | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | file://:0:0:0:0 | __c11_atomic_load | __c11_atomic_load | +| test.c:17:29:17:48 | memory_order_acquire | test.c:17:29:17:48 | memory_order_acquire | test.c:17:29:17:48 | memory_order_acquire | Invalid memory order '$@' in call to function '$@'. | memory_order_acquire | memory_order_acquire | file://:0:0:0:0 | __c11_atomic_load | __c11_atomic_load | +| test.c:18:29:18:48 | memory_order_consume | test.c:18:29:18:48 | memory_order_consume | test.c:18:29:18:48 | memory_order_consume | Invalid memory order '$@' in call to function '$@'. | memory_order_consume | memory_order_consume | file://:0:0:0:0 | __c11_atomic_load | __c11_atomic_load | +| test.c:19:29:19:48 | memory_order_acq_rel | test.c:19:29:19:48 | memory_order_acq_rel | test.c:19:29:19:48 | memory_order_acq_rel | Invalid memory order '$@' in call to function '$@'. | memory_order_acq_rel | memory_order_acq_rel | file://:0:0:0:0 | __c11_atomic_load | __c11_atomic_load | +| test.c:20:29:20:48 | memory_order_release | test.c:20:29:20:48 | memory_order_release | test.c:20:29:20:48 | memory_order_release | Invalid memory order '$@' in call to function '$@'. | memory_order_release | memory_order_release | file://:0:0:0:0 | __c11_atomic_load | __c11_atomic_load | +| test.c:53:33:53:34 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:53:33:53:34 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | file://:0:0:0:0 | __c11_atomic_store | __c11_atomic_store | +| test.c:54:29:54:30 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:54:29:54:30 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | file://:0:0:0:0 | __c11_atomic_load | __c11_atomic_load | +| test.c:55:42:55:43 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:55:42:55:43 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | file://:0:0:0:0 | __c11_atomic_exchange | __c11_atomic_exchange | +| test.c:56:35:56:36 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:56:35:56:36 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | file://:0:0:0:0 | __c11_atomic_store | __c11_atomic_store | +| test.c:57:36:57:37 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:57:36:57:37 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | file://:0:0:0:0 | __c11_atomic_exchange | __c11_atomic_exchange | +| test.c:58:54:58:55 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:58:54:58:55 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | file://:0:0:0:0 | __c11_atomic_compare_exchange_strong | __c11_atomic_compare_exchange_strong | +| test.c:59:58:59:59 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:59:58:59:59 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | file://:0:0:0:0 | __c11_atomic_compare_exchange_strong | __c11_atomic_compare_exchange_strong | +| test.c:60:52:60:53 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:60:52:60:53 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | file://:0:0:0:0 | __c11_atomic_compare_exchange_weak | __c11_atomic_compare_exchange_weak | +| test.c:61:56:61:57 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:61:56:61:57 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | file://:0:0:0:0 | __c11_atomic_compare_exchange_weak | __c11_atomic_compare_exchange_weak | +| test.c:62:37:62:38 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:62:37:62:38 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | file://:0:0:0:0 | __c11_atomic_fetch_add | __c11_atomic_fetch_add | +| test.c:63:37:63:38 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:63:37:63:38 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | file://:0:0:0:0 | __c11_atomic_fetch_sub | __c11_atomic_fetch_sub | +| test.c:64:36:64:37 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:64:36:64:37 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | file://:0:0:0:0 | __c11_atomic_fetch_or | __c11_atomic_fetch_or | +| test.c:65:37:65:38 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:65:37:65:38 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | file://:0:0:0:0 | __c11_atomic_fetch_xor | __c11_atomic_fetch_xor | +| test.c:66:37:66:38 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:66:37:66:38 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | file://:0:0:0:0 | __c11_atomic_fetch_and | __c11_atomic_fetch_and | +| test.c:67:23:67:24 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:67:23:67:24 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | file://:0:0:0:0 | __c11_atomic_thread_fence | __c11_atomic_thread_fence | +| test.c:68:23:68:24 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:68:23:68:24 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | file://:0:0:0:0 | __c11_atomic_signal_fence | __c11_atomic_signal_fence | +| test.c:71:23:71:24 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:71:23:71:24 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | file://:0:0:0:0 | __c11_atomic_thread_fence | __c11_atomic_thread_fence | +| test.c:72:23:72:24 | g3 | test.c:5:10:5:29 | memory_order_acquire | test.c:72:23:72:24 | g3 | Invalid memory order '$@' in call to function '$@'. | memory_order_acquire | memory_order_acquire | file://:0:0:0:0 | __c11_atomic_thread_fence | __c11_atomic_thread_fence | +| test.c:73:23:73:24 | g4 | test.c:6:10:6:29 | memory_order_consume | test.c:73:23:73:24 | g4 | Invalid memory order '$@' in call to function '$@'. | memory_order_consume | memory_order_consume | file://:0:0:0:0 | __c11_atomic_thread_fence | __c11_atomic_thread_fence | +| test.c:74:23:74:24 | g5 | test.c:7:10:7:29 | memory_order_acq_rel | test.c:74:23:74:24 | g5 | Invalid memory order '$@' in call to function '$@'. | memory_order_acq_rel | memory_order_acq_rel | file://:0:0:0:0 | __c11_atomic_thread_fence | __c11_atomic_thread_fence | +| test.c:75:23:75:24 | g6 | test.c:8:10:8:29 | memory_order_release | test.c:75:23:75:24 | g6 | Invalid memory order '$@' in call to function '$@'. | memory_order_release | memory_order_release | file://:0:0:0:0 | __c11_atomic_thread_fence | __c11_atomic_thread_fence | +| test.c:79:23:79:23 | 1 | test.c:79:23:79:23 | 1 | test.c:79:23:79:23 | 1 | Invalid memory order '$@' in call to function '$@'. | memory_order_consume | memory_order_consume | file://:0:0:0:0 | __c11_atomic_thread_fence | __c11_atomic_thread_fence | +| test.c:80:23:80:25 | 100 | test.c:80:23:80:25 | 100 | test.c:80:23:80:25 | 100 | Invalid memory order '$@' in call to function '$@'. | 100 | 100 | file://:0:0:0:0 | __c11_atomic_thread_fence | __c11_atomic_thread_fence | +| test.c:81:23:81:28 | ... + ... | test.c:81:23:81:28 | ... + ... | test.c:81:23:81:28 | ... + ... | Invalid memory order '$@' in call to function '$@'. | ... + ... | ... + ... | file://:0:0:0:0 | __c11_atomic_thread_fence | __c11_atomic_thread_fence | diff --git a/c/misra/test/rules/RULE-21-25/InvalidMemoryOrderArgument.qlref b/c/misra/test/rules/RULE-21-25/InvalidMemoryOrderArgument.qlref new file mode 100644 index 0000000000..5c205adc24 --- /dev/null +++ b/c/misra/test/rules/RULE-21-25/InvalidMemoryOrderArgument.qlref @@ -0,0 +1 @@ +rules/RULE-21-25/InvalidMemoryOrderArgument.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-25/test.c b/c/misra/test/rules/RULE-21-25/test.c new file mode 100644 index 0000000000..51df24555c --- /dev/null +++ b/c/misra/test/rules/RULE-21-25/test.c @@ -0,0 +1,85 @@ +#include "stdatomic.h" + +int g1 = memory_order_seq_cst; +int g2 = memory_order_relaxed; +int g3 = memory_order_acquire; +int g4 = memory_order_consume; +int g5 = memory_order_acq_rel; +int g6 = memory_order_release; + +void f(int p) { + _Atomic int l1; + atomic_flag l2; + + // Directly specified values: + atomic_load_explicit(&l1, memory_order_seq_cst); // COMPLIANT + atomic_load_explicit(&l1, memory_order_relaxed); // NON-COMPLIANT + atomic_load_explicit(&l1, memory_order_acquire); // NON-COMPLIANT + atomic_load_explicit(&l1, memory_order_consume); // NON-COMPLIANT + atomic_load_explicit(&l1, memory_order_acq_rel); // NON-COMPLIANT + atomic_load_explicit(&l1, memory_order_release); // NON-COMPLIANT + + // Implicit values: + atomic_store(&l1, 0); // COMPLIANT + atomic_load(&l1); // COMPLIANT + atomic_flag_test_and_set(&l2); // COMPLIANT + atomic_flag_clear(&l2); // COMPLIANT + atomic_exchange(&l1, 0); // COMPLIANT + atomic_compare_exchange_strong(&l1, 0, 1); // COMPLIANT + atomic_compare_exchange_weak(&l1, 0, 1); // COMPLIANT + atomic_fetch_add(&l1, 0); // COMPLIANT + atomic_fetch_sub(&l1, 0); // COMPLIANT + atomic_fetch_or(&l1, 0); // COMPLIANT + atomic_fetch_xor(&l1, 0); // COMPLIANT + atomic_fetch_and(&l1, 0); // COMPLIANT + + // Compliant flowed values (one test per sink): + atomic_store_explicit(&l1, 0, g1); // COMPLIANT + atomic_load_explicit(&l1, g1); // COMPLIANT + atomic_flag_test_and_set_explicit(&l2, g1); // COMPLIANT + atomic_flag_clear_explicit(&l2, g1); // COMPLIANT + atomic_exchange_explicit(&l1, 0, g1); // COMPLIANT + atomic_compare_exchange_strong_explicit(&l1, 0, 1, g1, g1); // COMPLIANT + atomic_compare_exchange_weak_explicit(&l1, 0, 1, g1, g1); // COMPLIANT + atomic_fetch_add_explicit(&l1, 0, g1); // COMPLIANT + atomic_fetch_sub_explicit(&l1, 0, g1); // COMPLIANT + atomic_fetch_or_explicit(&l1, 0, g1); // COMPLIANT + atomic_fetch_xor_explicit(&l1, 0, g1); // COMPLIANT + atomic_fetch_and_explicit(&l1, 0, g1); // COMPLIANT + atomic_thread_fence(g1); // COMPLIANT + atomic_signal_fence(g1); // COMPLIANT + + // Non-compliant flowed values (one test per sink): + atomic_store_explicit(&l1, 0, g2); // NON-COMPLIANT + atomic_load_explicit(&l1, g2); // NON-COMPLIANT + atomic_flag_test_and_set_explicit(&l2, g2); // NON-COMPLIANT + atomic_flag_clear_explicit(&l2, g2); // NON-COMPLIANT + atomic_exchange_explicit(&l1, 0, g2); // NON-COMPLIANT + atomic_compare_exchange_strong_explicit(&l1, 0, 1, g2, g1); // NON-COMPLIANT + atomic_compare_exchange_strong_explicit(&l1, 0, 1, g1, g2); // NON-COMPLIANT + atomic_compare_exchange_weak_explicit(&l1, 0, 1, g2, g1); // NON-COMPLIANT + atomic_compare_exchange_weak_explicit(&l1, 0, 1, g1, g2); // NON-COMPLIANT + atomic_fetch_add_explicit(&l1, 0, g2); // NON-COMPLIANT + atomic_fetch_sub_explicit(&l1, 0, g2); // NON-COMPLIANT + atomic_fetch_or_explicit(&l1, 0, g2); // NON-COMPLIANT + atomic_fetch_xor_explicit(&l1, 0, g2); // NON-COMPLIANT + atomic_fetch_and_explicit(&l1, 0, g2); // NON-COMPLIANT + atomic_thread_fence(g2); // NON-COMPLIANT + atomic_signal_fence(g2); // NON-COMPLIANT + + // Non-compliant flowed values (one test per source): + atomic_thread_fence(g2); // NON-COMPLIANT + atomic_thread_fence(g3); // NON-COMPLIANT + atomic_thread_fence(g4); // NON-COMPLIANT + atomic_thread_fence(g5); // NON-COMPLIANT + atomic_thread_fence(g6); // NON-COMPLIANT + + // Computed flow sources: + atomic_thread_fence(memory_order_seq_cst * 1); // COMPLIANT + atomic_thread_fence(1); // NON-COMPLIANT + atomic_thread_fence(100); // NON-COMPLIANT + atomic_thread_fence(g1 + 1); // NON-COMPLIANT + + // No unsafe flow, currently accepted: + atomic_thread_fence(p); // COMPLIANT +} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-22-11/ThreadPreviouslyJoinedOrDetached.testref b/c/misra/test/rules/RULE-22-11/ThreadPreviouslyJoinedOrDetached.testref new file mode 100644 index 0000000000..61fa88fd08 --- /dev/null +++ b/c/misra/test/rules/RULE-22-11/ThreadPreviouslyJoinedOrDetached.testref @@ -0,0 +1 @@ +c/common/test/rules/joinordetachthreadonlyonce/JoinOrDetachThreadOnlyOnce.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-22-11/ThreadWasPreviouslyJoinedOrDetached.testref b/c/misra/test/rules/RULE-22-11/ThreadWasPreviouslyJoinedOrDetached.testref new file mode 100644 index 0000000000..61fa88fd08 --- /dev/null +++ b/c/misra/test/rules/RULE-22-11/ThreadWasPreviouslyJoinedOrDetached.testref @@ -0,0 +1 @@ +c/common/test/rules/joinordetachthreadonlyonce/JoinOrDetachThreadOnlyOnce.ql \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/Concurrency.qll b/cpp/common/src/codingstandards/cpp/Concurrency.qll index d856fa4515..ed7519dd5d 100644 --- a/cpp/common/src/codingstandards/cpp/Concurrency.qll +++ b/cpp/common/src/codingstandards/cpp/Concurrency.qll @@ -48,19 +48,38 @@ class ThreadConstructorCall extends ConstructorCall, ThreadCreationFunction { } /** - * Models a call to a thread constructor via `thrd_create`. + * Models a call to a thread creation via `thrd_create` or `pthread_create`. */ -class C11ThreadCreateCall extends ThreadCreationFunction { +class CThreadCreateCall extends FunctionCall { Function f; + int fArgIdx; - C11ThreadCreateCall() { - getTarget().getName() = "thrd_create" and + CThreadCreateCall() { + ( + getTarget().getName() = "thrd_create" and + fArgIdx = 1 + or + getTarget().getName() = "pthread_create" and + fArgIdx = 2 + ) and ( - f = getArgument(1).(FunctionAccess).getTarget() or - f = getArgument(1).(AddressOfExpr).getOperand().(FunctionAccess).getTarget() + f = getArgument(fArgIdx).(FunctionAccess).getTarget() or + f = getArgument(fArgIdx).(AddressOfExpr).getOperand().(FunctionAccess).getTarget() ) } + /** + * Returns the function that will be invoked by this thread. + */ + Function getFunction() { result = f } +} + +/** + * Models a call to a thread constructor via `thrd_create`. + */ +class C11ThreadCreateCall extends ThreadCreationFunction, CThreadCreateCall { + C11ThreadCreateCall() { getTarget().getName() = "thrd_create" } + /** * Returns the function that will be invoked by this thread. */ diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency6.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency6.qll new file mode 100644 index 0000000000..62d9f362fe --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency6.qll @@ -0,0 +1,112 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype Concurrency6Query = + TNotNoDeadlocksBetweenThreadsQuery() or + TThreadCreatedByThreadQuery() or + TBannedDynamicThreadCreationQuery() or + TAtomicAggregateObjectDirectlyAccessedQuery() or + TInvalidMemoryOrderArgumentQuery() or + TThreadPreviouslyJoinedOrDetachedQuery() + +predicate isConcurrency6QueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `notNoDeadlocksBetweenThreads` query + Concurrency6Package::notNoDeadlocksBetweenThreadsQuery() and + queryId = + // `@id` for the `notNoDeadlocksBetweenThreads` query + "c/misra/not-no-deadlocks-between-threads" and + ruleId = "DIR-5-2" and + category = "required" + or + query = + // `Query` instance for the `threadCreatedByThread` query + Concurrency6Package::threadCreatedByThreadQuery() and + queryId = + // `@id` for the `threadCreatedByThread` query + "c/misra/thread-created-by-thread" and + ruleId = "DIR-5-3" and + category = "required" + or + query = + // `Query` instance for the `bannedDynamicThreadCreation` query + Concurrency6Package::bannedDynamicThreadCreationQuery() and + queryId = + // `@id` for the `bannedDynamicThreadCreation` query + "c/misra/banned-dynamic-thread-creation" and + ruleId = "DIR-5-3" and + category = "required" + or + query = + // `Query` instance for the `atomicAggregateObjectDirectlyAccessed` query + Concurrency6Package::atomicAggregateObjectDirectlyAccessedQuery() and + queryId = + // `@id` for the `atomicAggregateObjectDirectlyAccessed` query + "c/misra/atomic-aggregate-object-directly-accessed" and + ruleId = "RULE-12-6" and + category = "required" + or + query = + // `Query` instance for the `invalidMemoryOrderArgument` query + Concurrency6Package::invalidMemoryOrderArgumentQuery() and + queryId = + // `@id` for the `invalidMemoryOrderArgument` query + "c/misra/invalid-memory-order-argument" and + ruleId = "RULE-21-25" and + category = "required" + or + query = + // `Query` instance for the `threadPreviouslyJoinedOrDetached` query + Concurrency6Package::threadPreviouslyJoinedOrDetachedQuery() and + queryId = + // `@id` for the `threadPreviouslyJoinedOrDetached` query + "c/misra/thread-previously-joined-or-detached" and + ruleId = "RULE-22-11" and + category = "required" +} + +module Concurrency6Package { + Query notNoDeadlocksBetweenThreadsQuery() { + //autogenerate `Query` type + result = + // `Query` type for `notNoDeadlocksBetweenThreads` query + TQueryC(TConcurrency6PackageQuery(TNotNoDeadlocksBetweenThreadsQuery())) + } + + Query threadCreatedByThreadQuery() { + //autogenerate `Query` type + result = + // `Query` type for `threadCreatedByThread` query + TQueryC(TConcurrency6PackageQuery(TThreadCreatedByThreadQuery())) + } + + Query bannedDynamicThreadCreationQuery() { + //autogenerate `Query` type + result = + // `Query` type for `bannedDynamicThreadCreation` query + TQueryC(TConcurrency6PackageQuery(TBannedDynamicThreadCreationQuery())) + } + + Query atomicAggregateObjectDirectlyAccessedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `atomicAggregateObjectDirectlyAccessed` query + TQueryC(TConcurrency6PackageQuery(TAtomicAggregateObjectDirectlyAccessedQuery())) + } + + Query invalidMemoryOrderArgumentQuery() { + //autogenerate `Query` type + result = + // `Query` type for `invalidMemoryOrderArgument` query + TQueryC(TConcurrency6PackageQuery(TInvalidMemoryOrderArgumentQuery())) + } + + Query threadPreviouslyJoinedOrDetachedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `threadPreviouslyJoinedOrDetached` query + TQueryC(TConcurrency6PackageQuery(TThreadPreviouslyJoinedOrDetachedQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index 3833533d50..ca06ec0912 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -11,6 +11,7 @@ import Concurrency2 import Concurrency3 import Concurrency4 import Concurrency5 +import Concurrency6 import Contracts1 import Contracts2 import Contracts3 @@ -87,6 +88,7 @@ newtype TCQuery = TConcurrency3PackageQuery(Concurrency3Query q) or TConcurrency4PackageQuery(Concurrency4Query q) or TConcurrency5PackageQuery(Concurrency5Query q) or + TConcurrency6PackageQuery(Concurrency6Query q) or TContracts1PackageQuery(Contracts1Query q) or TContracts2PackageQuery(Contracts2Query q) or TContracts3PackageQuery(Contracts3Query q) or @@ -163,6 +165,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isConcurrency3QueryMetadata(query, queryId, ruleId, category) or isConcurrency4QueryMetadata(query, queryId, ruleId, category) or isConcurrency5QueryMetadata(query, queryId, ruleId, category) or + isConcurrency6QueryMetadata(query, queryId, ruleId, category) or isContracts1QueryMetadata(query, queryId, ruleId, category) or isContracts2QueryMetadata(query, queryId, ruleId, category) or isContracts3QueryMetadata(query, queryId, ruleId, category) or diff --git a/cpp/common/src/codingstandards/cpp/rules/joinordetachthreadonlyonce/JoinOrDetachThreadOnlyOnce.qll b/cpp/common/src/codingstandards/cpp/rules/joinordetachthreadonlyonce/JoinOrDetachThreadOnlyOnce.qll new file mode 100644 index 0000000000..5ccbe83c72 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/joinordetachthreadonlyonce/JoinOrDetachThreadOnlyOnce.qll @@ -0,0 +1,49 @@ +/** + * Provides a library with a `problems` predicate for the following issue: + * Joining or detaching a previously joined or detached thread can lead to undefined + * program behavior. + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import codingstandards.cpp.Concurrency + +abstract class JoinOrDetachThreadOnlyOnceSharedQuery extends Query { } + +Query getQuery() { result instanceof JoinOrDetachThreadOnlyOnceSharedQuery } + +// OK +// 1) Thread calls detach parent DOES NOT call join +// 2) Parent calls join, thread does NOT call detach() +// NOT OK +// 1) Thread calls detach, parent calls join +// 2) Thread calls detach twice, parent does not call join +// 3) Parent calls join twice, thread does not call detach +query predicate problems(C11ThreadCreateCall tcc, string message) { + not isExcluded(tcc, getQuery()) and + message = "Thread may call join or detach after the thread is joined or detached." and + ( + // Note: These cases can be simplified but they are presented like this for clarity + // case 1 - calls to `thrd_join` and `thrd_detach` within the parent or + // within the parent / child CFG. + exists(C11ThreadWait tw, C11ThreadDetach dt | + tw = getAThreadContextAwareSuccessor(tcc) and + dt = getAThreadContextAwareSuccessor(tcc) + ) + or + // case 2 - multiple calls to `thrd_detach` within the threaded CFG. + exists(C11ThreadDetach dt1, C11ThreadDetach dt2 | + dt1 = getAThreadContextAwareSuccessor(tcc) and + dt2 = getAThreadContextAwareSuccessor(tcc) and + not dt1 = dt2 + ) + or + // case 3 - multiple calls to `thrd_join` within the threaded CFG. + exists(C11ThreadWait tw1, C11ThreadWait tw2 | + tw1 = getAThreadContextAwareSuccessor(tcc) and + tw2 = getAThreadContextAwareSuccessor(tcc) and + not tw1 = tw2 + ) + ) +} diff --git a/rule_packages/c/Concurrency5.json b/rule_packages/c/Concurrency5.json index 67707201fd..0cef2d8b3a 100644 --- a/rule_packages/c/Concurrency5.json +++ b/rule_packages/c/Concurrency5.json @@ -12,6 +12,7 @@ "precision": "high", "severity": "error", "short_name": "ThreadWasPreviouslyJoinedOrDetached", + "shared_implementation_short_name": "JoinOrDetachThreadOnlyOnce", "tags": [ "correctness", "concurrency" diff --git a/rule_packages/c/Concurrency6.json b/rule_packages/c/Concurrency6.json new file mode 100644 index 0000000000..cfb793877e --- /dev/null +++ b/rule_packages/c/Concurrency6.json @@ -0,0 +1,132 @@ +{ + "MISRA-C-2012": { + "DIR-5-2": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Circular waits leading to thread deadlocks may be avoided by locking in a predefined order.", + "kind": "problem", + "name": "There shall be no deadlocks between threads", + "precision": "very-high", + "severity": "error", + "short_name": "NotNoDeadlocksBetweenThreads", + "shared_implementation_short_name": "PreventDeadlockByLockingInPredefinedOrder", + "tags": [ + "external/misra/c/2012/amendment4", + "correctness", + "concurrency" + ] + } + ], + "title": "There shall be no deadlocks between threads" + }, + "DIR-5-3": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Creating threads within threads creates uncertainty in program behavior and concurrency overhead costs.", + "kind": "problem", + "name": "Threads shall not be created by other threads", + "precision": "high", + "severity": "error", + "short_name": "ThreadCreatedByThread", + "tags": [ + "external/misra/c/2012/amendment4", + "correctness", + "maintainability", + "concurrency", + "performance" + ] + }, + { + "description": "Creating threads outside of a well-defined program start-up phase creates uncertainty in program behavior and concurrency overhead costs.", + "kind": "problem", + "name": "There shall be no dynamic thread creation", + "precision": "low", + "severity": "error", + "short_name": "BannedDynamicThreadCreation", + "tags": [ + "external/misra/c/2012/amendment4", + "external/misra/c/audit", + "correctness", + "maintainability", + "concurrency", + "performance" + ] + } + ], + "title": "There shall be no dynamic thread creation" + }, + "RULE-12-6": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Accessing a member of an atomic structure or union results in undefined behavior.", + "kind": "problem", + "name": "Structure and union members of atomic objects shall not be directly accessed", + "precision": "very-high", + "severity": "error", + "short_name": "AtomicAggregateObjectDirectlyAccessed", + "tags": [ + "external/misra/c/2012/amendment4", + "correctness", + "concurrency" + ] + } + ], + "title": "Structure and union members of atomic objects shall not be directly accessed" + }, + "RULE-21-25": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Only the memory ordering of 'memory_order_seq_cst' is fully portable and consistent.", + "kind": "path-problem", + "name": "All memory synchronization operations shall be executed in sequentially consistent order", + "precision": "very-high", + "severity": "error", + "short_name": "InvalidMemoryOrderArgument", + "tags": [ + "external/misra/c/2012/amendment4", + "correctness", + "concurrency" + ] + } + ], + "title": "All memory synchronization operations shall be executed in sequentially consistent order" + }, + "RULE-22-11": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Joining or detaching a previously joined or detached thread can lead to undefined program behavior.", + "kind": "problem", + "name": "A thread that was previously either joined or detached shall not be subsequently joined nor detached", + "precision": "high", + "severity": "error", + "short_name": "ThreadPreviouslyJoinedOrDetached", + "shared_implementation_short_name": "JoinOrDetachThreadOnlyOnce", + "tags": [ + "external/misra/c/2012/amendment4", + "correctness", + "concurrency" + ], + "implementation_scope": { + "description": "This query considers problematic usages of join and detach irrespective of the execution of the program and other synchronization and interprocess communication mechanisms that may be used." + } + } + ], + "title": "A thread that was previously either joined or detached shall not be subsequently joined nor detached" + } + } +} \ No newline at end of file diff --git a/rules.csv b/rules.csv index 475ea1d66c..7648052954 100644 --- a/rules.csv +++ b/rules.csv @@ -617,7 +617,7 @@ c,MISRA-C-2012,DIR-4-12,Yes,Required,,,Dynamic memory allocation shall not be us c,MISRA-C-2012,DIR-4-13,No,Advisory,,,Functions which are designed to provide operations on a resource should be called in an appropriate sequence,,,,"Rule 22.1, 22.2 and 22.6 cover aspects of this rule. In other cases this is a design issue and needs to be checked manually." c,MISRA-C-2012,DIR-4-14,Yes,Required,,,The validity of values received from external sources shall be checked,,Contracts,Hard,This is supported by CodeQLs default C security queries. c,MISRA-C-2012,DIR-4-15,Yes,Required,,,Evaluation of floating-point expressions shall not lead to the undetected generation of infinities and NaNs,FLP32-C and FLP04-C,FloatingTypes2,Medium, -c,MISRA-C-2012,DIR-5-1,Yes,Required,,,There shall be no data races between threads,CON43-C and CON32-C,Concurrency6,Very Hard, +c,MISRA-C-2012,DIR-5-1,Yes,Required,,,There shall be no data races between threads,CON43-C and CON32-C,Concurrency7,Very Hard, c,MISRA-C-2012,DIR-5-2,Yes,Required,,,There shall be no deadlocks between threads,CON35-C,Concurrency6,Import, c,MISRA-C-2012,DIR-5-3,Yes,Required,,,There shall be no dynamic thread creation,,Concurrency6,Easy, c,MISRA-C-2012,RULE-1-1,No,Required,,,"The program shall contain no violations of the standard C syntax and constraints, and shall not exceed the implementation's translation limits",,,Easy,"This should be checked via the compiler output, rather than CodeQL, which adds unnecessary steps." @@ -678,7 +678,7 @@ c,MISRA-C-2012,RULE-9-3,Yes,Required,,,Arrays shall not be partially initialized c,MISRA-C-2012,RULE-9-4,Yes,Required,,,An element of an object shall not be initialized more than once,,Memory1,Medium, c,MISRA-C-2012,RULE-9-5,No,Required,,,Where designated initializers are used to initialize an array object the size of the array shall be specified explicitly,,,Medium, c,MISRA-C-2012,RULE-9-6,Yes,Required,,,An initializer using chained designators shall not contain initializers without designators,,Declarations9,Hard, -c,MISRA-C-2012,RULE-9-7,Yes,Mandatory,,,Atomic objects shall be appropriately initialized before being accessed,,Concurrency6,Hard, +c,MISRA-C-2012,RULE-9-7,Yes,Mandatory,,,Atomic objects shall be appropriately initialized before being accessed,,Concurrency7,Hard, c,MISRA-C-2012,RULE-10-1,Yes,Required,,,Operands shall not be of an inappropriate essential type,,EssentialTypes,Hard, c,MISRA-C-2012,RULE-10-2,Yes,Required,,,Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations,,EssentialTypes,Medium, c,MISRA-C-2012,RULE-10-3,Yes,Required,,,The value of an expression shall not be assigned to an object with a narrower essential type or of a different essential type category,,EssentialTypes,Hard, @@ -790,8 +790,8 @@ c,MISRA-C-2012,RULE-21-21,Yes,Required,,,The Standard Library function system of c,MISRA-C-2012,RULE-21-22,Yes,Mandatory,,,All operand arguments to any type-generic macros in shall have an appropriate essential type,EXP37-C,EssentialTypes2,Hard, c,MISRA-C-2012,RULE-21-23,Yes,Required,,,All operand arguments to any multi-argument type-generic macros in shall have the same standard type,Rule-21-22,EssentialTypes2,Easy, c,MISRA-C-2012,RULE-21-24,Yes,Required,,,The random number generator functions of shall not be used,MSC30-C,Banned2,Easy, -c,MISRA-C-2012,RULE-21-25,Yes,Required,,,All memory synchronization operations shall be executed in sequentially consistent order,,Concurrency6,Medium, -c,MISRA-C-2012,RULE-21-26,Yes,Required,,,The Standard Library function mtx_timedlock() shall only be invoked on mutex objects of appropriate mutex type,,Concurrency6,Hard, +c,MISRA-C-2012,RULE-21-25,Yes,Required,,,All memory synchronization operations shall be executed in sequentially consistent order,,Concurrency7,Medium, +c,MISRA-C-2012,RULE-21-26,Yes,Required,,,The Standard Library function mtx_timedlock() shall only be invoked on mutex objects of appropriate mutex type,,Concurrency7,Hard, c,MISRA-C-2012,RULE-22-1,Yes,Required,,,All resources obtained dynamically by means of Standard Library functions shall be explicitly released,,Memory2,Hard, c,MISRA-C-2012,RULE-22-2,Yes,Mandatory,,,A block of memory shall only be freed if it was allocated by means of a Standard Library function,,Memory2,Hard, c,MISRA-C-2012,RULE-22-3,Yes,Required,,,The same file shall not be open for read and write access at the same time on different streams,,IO3,Hard, @@ -803,15 +803,15 @@ c,MISRA-C-2012,RULE-22-8,Yes,Required,,,The value of errno shall be set to zero c,MISRA-C-2012,RULE-22-9,Yes,Required,,,The value of errno shall be tested against zero after calling an errno-setting-function,,Contracts3,Medium, c,MISRA-C-2012,RULE-22-10,Yes,Required,,,The value of errno shall only be tested when the last function to be called was an errno-setting-function,,Contracts3,Medium, c,MISRA-C-2012,RULE-22-11,Yes,Required,,,A thread that was previously either joined or detached shall not be subsequently joined nor detached,CON39-C,Concurrency6,Import, -c,MISRA-C-2012,RULE-22-12,Yes,Mandatory,,,"Thread objects, thread synchronization objects, and thread-specific storage pointers shall only be accessed by the appropriate Standard Library functions",,Concurrency6,Medium, -c,MISRA-C-2012,RULE-22-13,Yes,Required,,,"Thread objects, thread synchronization objects, and thread specific storage pointers shall have appropriate storage duration",EXP54-CPP and CON34-C,Concurrency6,Medium, -c,MISRA-C-2012,RULE-22-14,Yes,Mandatory,,,Thread synchronization objects shall be initialized before being accessed,EXP53-CPP,Concurrency6,Hard, -c,MISRA-C-2012,RULE-22-15,Yes,Required,,,Thread synchronization objects and thread-specific storage pointers shall not be destroyed until after all threads accessing them have terminated,,Concurrency6,Hard, -c,MISRA-C-2012,RULE-22-16,Yes,Required,,,All mutex objects locked by a thread shall be explicitly unlocked by the same thread,MEM51-CPP,Concurrency6,Hard, -c,MISRA-C-2012,RULE-22-17,Yes,Required,,,No thread shall unlock a mutex or call cnd_wait() or cnd_timedwait() for a mutex it has not locked before,Rule 22.2,Concurrency6,Medium, -c,MISRA-C-2012,RULE-22-18,Yes,Required,,,Non-recursive mutexes shall not be recursively locked,CON56-CPP,Concurrency6,Medium, -c,MISRA-C-2012,RULE-22-19,Yes,Required,,,A condition variable shall be associated with at most one mutex object,,Concurrency6,Medium, -c,MISRA-C-2012,RULE-22-20,Yes,Mandatory,,,Thread-specific storage pointers shall be created before being accessed,,Concurrency6,Hard, +c,MISRA-C-2012,RULE-22-12,Yes,Mandatory,,,"Thread objects, thread synchronization objects, and thread-specific storage pointers shall only be accessed by the appropriate Standard Library functions",,Concurrency7,Medium, +c,MISRA-C-2012,RULE-22-13,Yes,Required,,,"Thread objects, thread synchronization objects, and thread specific storage pointers shall have appropriate storage duration",EXP54-CPP and CON34-C,Concurrency7,Medium, +c,MISRA-C-2012,RULE-22-14,Yes,Mandatory,,,Thread synchronization objects shall be initialized before being accessed,EXP53-CPP,Concurrency7,Hard, +c,MISRA-C-2012,RULE-22-15,Yes,Required,,,Thread synchronization objects and thread-specific storage pointers shall not be destroyed until after all threads accessing them have terminated,,Concurrency7,Hard, +c,MISRA-C-2012,RULE-22-16,Yes,Required,,,All mutex objects locked by a thread shall be explicitly unlocked by the same thread,MEM51-CPP,Concurrency7,Hard, +c,MISRA-C-2012,RULE-22-17,Yes,Required,,,No thread shall unlock a mutex or call cnd_wait() or cnd_timedwait() for a mutex it has not locked before,Rule 22.2,Concurrency7,Medium, +c,MISRA-C-2012,RULE-22-18,Yes,Required,,,Non-recursive mutexes shall not be recursively locked,CON56-CPP,Concurrency7,Medium, +c,MISRA-C-2012,RULE-22-19,Yes,Required,,,A condition variable shall be associated with at most one mutex object,,Concurrency7,Medium, +c,MISRA-C-2012,RULE-22-20,Yes,Mandatory,,,Thread-specific storage pointers shall be created before being accessed,,Concurrency7,Hard, c,MISRA-C-2012,RULE-23-1,Yes,Advisory,,,A generic selection should only be expanded from a macro,,Generics,Medium, c,MISRA-C-2012,RULE-23-2,Yes,Required,,,A generic selection that is not expanded from a macro shall not contain potential side effects in the controlling expression,,Generics,Hard, c,MISRA-C-2012,RULE-23-3,Yes,Advisory,,,A generic selection should contain at least one non-default association,,Generics,Easy, From 20bae2046c2d38fb4a8de54682d1d7f69922475e Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 31 Oct 2024 21:46:20 -0700 Subject: [PATCH 2224/2573] Fix format, remove unneeded test complexity --- .../BannedDynamicThreadCreation.expected | 32 +++++----- .../DIR-5-3/ThreadCreatedByThread.expected | 28 ++++----- c/misra/test/rules/DIR-5-3/test.c | 63 ++++++++----------- 3 files changed, 57 insertions(+), 66 deletions(-) diff --git a/c/misra/test/rules/DIR-5-3/BannedDynamicThreadCreation.expected b/c/misra/test/rules/DIR-5-3/BannedDynamicThreadCreation.expected index ff829918fd..fa12a62f41 100644 --- a/c/misra/test/rules/DIR-5-3/BannedDynamicThreadCreation.expected +++ b/c/misra/test/rules/DIR-5-3/BannedDynamicThreadCreation.expected @@ -1,16 +1,16 @@ -| test.c:37:3:37:13 | call to thrd_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:36:6:36:34 | make_threads_called_from_main | make_threads_called_from_main | -| test.c:38:3:38:16 | call to pthread_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:36:6:36:34 | make_threads_called_from_main | make_threads_called_from_main | -| test.c:46:3:46:13 | call to thrd_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:45:6:45:51 | make_threads_called_from_func_called_from_main | make_threads_called_from_func_called_from_main | -| test.c:47:3:47:16 | call to pthread_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:45:6:45:51 | make_threads_called_from_func_called_from_main | make_threads_called_from_func_called_from_main | -| test.c:56:3:56:13 | call to thrd_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:55:7:55:18 | pthread_func | pthread_func | -| test.c:57:3:57:16 | call to pthread_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:55:7:55:18 | pthread_func | pthread_func | -| test.c:65:3:65:13 | call to thrd_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:64:5:64:13 | thrd_func | thrd_func | -| test.c:66:3:66:16 | call to pthread_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:64:5:64:13 | thrd_func | thrd_func | -| test.c:74:3:74:13 | call to thrd_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:73:6:73:39 | make_threads_called_from_thrd_func | make_threads_called_from_thrd_func | -| test.c:75:3:75:16 | call to pthread_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:73:6:73:39 | make_threads_called_from_thrd_func | make_threads_called_from_thrd_func | -| test.c:83:3:83:13 | call to thrd_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:82:6:82:59 | make_threads_called_from_func_called_from_pthread_thrd | make_threads_called_from_func_called_from_pthread_thrd | -| test.c:84:3:84:16 | call to pthread_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:82:6:82:59 | make_threads_called_from_func_called_from_pthread_thrd | make_threads_called_from_func_called_from_pthread_thrd | -| test.c:88:3:88:13 | call to thrd_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:87:6:87:47 | make_threads_called_from_main_pthread_thrd | make_threads_called_from_main_pthread_thrd | -| test.c:89:3:89:16 | call to pthread_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:87:6:87:47 | make_threads_called_from_main_pthread_thrd | make_threads_called_from_main_pthread_thrd | -| test.c:93:3:93:13 | call to thrd_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:92:6:92:38 | make_threads_not_called_by_anyone | make_threads_not_called_by_anyone | -| test.c:94:3:94:16 | call to pthread_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:92:6:92:38 | make_threads_not_called_by_anyone | make_threads_not_called_by_anyone | +| test.c:28:3:28:13 | call to thrd_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:27:6:27:34 | make_threads_called_from_main | make_threads_called_from_main | +| test.c:29:3:29:16 | call to pthread_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:27:6:27:34 | make_threads_called_from_main | make_threads_called_from_main | +| test.c:37:3:37:13 | call to thrd_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:36:6:36:51 | make_threads_called_from_func_called_from_main | make_threads_called_from_func_called_from_main | +| test.c:38:3:38:16 | call to pthread_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:36:6:36:51 | make_threads_called_from_func_called_from_main | make_threads_called_from_func_called_from_main | +| test.c:47:3:47:13 | call to thrd_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:46:7:46:18 | pthread_func | pthread_func | +| test.c:48:3:48:16 | call to pthread_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:46:7:46:18 | pthread_func | pthread_func | +| test.c:56:3:56:13 | call to thrd_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:55:5:55:13 | thrd_func | thrd_func | +| test.c:57:3:57:16 | call to pthread_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:55:5:55:13 | thrd_func | thrd_func | +| test.c:65:3:65:13 | call to thrd_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:64:6:64:39 | make_threads_called_from_thrd_func | make_threads_called_from_thrd_func | +| test.c:66:3:66:16 | call to pthread_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:64:6:64:39 | make_threads_called_from_thrd_func | make_threads_called_from_thrd_func | +| test.c:74:3:74:13 | call to thrd_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:73:6:73:59 | make_threads_called_from_func_called_from_pthread_thrd | make_threads_called_from_func_called_from_pthread_thrd | +| test.c:75:3:75:16 | call to pthread_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:73:6:73:59 | make_threads_called_from_func_called_from_pthread_thrd | make_threads_called_from_func_called_from_pthread_thrd | +| test.c:79:3:79:13 | call to thrd_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:78:6:78:47 | make_threads_called_from_main_pthread_thrd | make_threads_called_from_main_pthread_thrd | +| test.c:80:3:80:16 | call to pthread_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:78:6:78:47 | make_threads_called_from_main_pthread_thrd | make_threads_called_from_main_pthread_thrd | +| test.c:84:3:84:13 | call to thrd_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:83:6:83:38 | make_threads_not_called_by_anyone | make_threads_not_called_by_anyone | +| test.c:85:3:85:16 | call to pthread_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:83:6:83:38 | make_threads_not_called_by_anyone | make_threads_not_called_by_anyone | diff --git a/c/misra/test/rules/DIR-5-3/ThreadCreatedByThread.expected b/c/misra/test/rules/DIR-5-3/ThreadCreatedByThread.expected index 74be75ffeb..5b73fd97aa 100644 --- a/c/misra/test/rules/DIR-5-3/ThreadCreatedByThread.expected +++ b/c/misra/test/rules/DIR-5-3/ThreadCreatedByThread.expected @@ -1,14 +1,14 @@ -| test.c:56:3:56:13 | call to thrd_create | Thread creation call reachable from threaded function '$@'. | test.c:55:7:55:18 | pthread_func | pthread_func | -| test.c:57:3:57:16 | call to pthread_create | Thread creation call reachable from threaded function '$@'. | test.c:55:7:55:18 | pthread_func | pthread_func | -| test.c:65:3:65:13 | call to thrd_create | Thread creation call reachable from threaded function '$@'. | test.c:64:5:64:13 | thrd_func | thrd_func | -| test.c:66:3:66:16 | call to pthread_create | Thread creation call reachable from threaded function '$@'. | test.c:64:5:64:13 | thrd_func | thrd_func | -| test.c:74:3:74:13 | call to thrd_create | Thread creation call reachable from threaded function '$@'. | test.c:64:5:64:13 | thrd_func | thrd_func | -| test.c:75:3:75:16 | call to pthread_create | Thread creation call reachable from threaded function '$@'. | test.c:64:5:64:13 | thrd_func | thrd_func | -| test.c:83:3:83:13 | call to thrd_create | Thread creation call reachable from threaded function '$@'. | test.c:55:7:55:18 | pthread_func | pthread_func | -| test.c:83:3:83:13 | call to thrd_create | Thread creation call reachable from threaded function '$@'. | test.c:64:5:64:13 | thrd_func | thrd_func | -| test.c:84:3:84:16 | call to pthread_create | Thread creation call reachable from threaded function '$@'. | test.c:55:7:55:18 | pthread_func | pthread_func | -| test.c:84:3:84:16 | call to pthread_create | Thread creation call reachable from threaded function '$@'. | test.c:64:5:64:13 | thrd_func | thrd_func | -| test.c:88:3:88:13 | call to thrd_create | Thread creation call reachable from threaded function '$@'. | test.c:55:7:55:18 | pthread_func | pthread_func | -| test.c:88:3:88:13 | call to thrd_create | Thread creation call reachable from threaded function '$@'. | test.c:64:5:64:13 | thrd_func | thrd_func | -| test.c:89:3:89:16 | call to pthread_create | Thread creation call reachable from threaded function '$@'. | test.c:55:7:55:18 | pthread_func | pthread_func | -| test.c:89:3:89:16 | call to pthread_create | Thread creation call reachable from threaded function '$@'. | test.c:64:5:64:13 | thrd_func | thrd_func | +| test.c:47:3:47:13 | call to thrd_create | Thread creation call reachable from threaded function '$@'. | test.c:46:7:46:18 | pthread_func | pthread_func | +| test.c:48:3:48:16 | call to pthread_create | Thread creation call reachable from threaded function '$@'. | test.c:46:7:46:18 | pthread_func | pthread_func | +| test.c:56:3:56:13 | call to thrd_create | Thread creation call reachable from threaded function '$@'. | test.c:55:5:55:13 | thrd_func | thrd_func | +| test.c:57:3:57:16 | call to pthread_create | Thread creation call reachable from threaded function '$@'. | test.c:55:5:55:13 | thrd_func | thrd_func | +| test.c:65:3:65:13 | call to thrd_create | Thread creation call reachable from threaded function '$@'. | test.c:55:5:55:13 | thrd_func | thrd_func | +| test.c:66:3:66:16 | call to pthread_create | Thread creation call reachable from threaded function '$@'. | test.c:55:5:55:13 | thrd_func | thrd_func | +| test.c:74:3:74:13 | call to thrd_create | Thread creation call reachable from threaded function '$@'. | test.c:46:7:46:18 | pthread_func | pthread_func | +| test.c:74:3:74:13 | call to thrd_create | Thread creation call reachable from threaded function '$@'. | test.c:55:5:55:13 | thrd_func | thrd_func | +| test.c:75:3:75:16 | call to pthread_create | Thread creation call reachable from threaded function '$@'. | test.c:46:7:46:18 | pthread_func | pthread_func | +| test.c:75:3:75:16 | call to pthread_create | Thread creation call reachable from threaded function '$@'. | test.c:55:5:55:13 | thrd_func | thrd_func | +| test.c:79:3:79:13 | call to thrd_create | Thread creation call reachable from threaded function '$@'. | test.c:46:7:46:18 | pthread_func | pthread_func | +| test.c:79:3:79:13 | call to thrd_create | Thread creation call reachable from threaded function '$@'. | test.c:55:5:55:13 | thrd_func | thrd_func | +| test.c:80:3:80:16 | call to pthread_create | Thread creation call reachable from threaded function '$@'. | test.c:46:7:46:18 | pthread_func | pthread_func | +| test.c:80:3:80:16 | call to pthread_create | Thread creation call reachable from threaded function '$@'. | test.c:55:5:55:13 | thrd_func | thrd_func | diff --git a/c/misra/test/rules/DIR-5-3/test.c b/c/misra/test/rules/DIR-5-3/test.c index 294f79a276..24e03d9a33 100644 --- a/c/misra/test/rules/DIR-5-3/test.c +++ b/c/misra/test/rules/DIR-5-3/test.c @@ -1,18 +1,11 @@ -#include "threads.h" #include "pthread.h" +#include "threads.h" -thrd_t g1; // COMPLIANT +thrd_t g1; // COMPLIANT pthread_t g2; // COMPLIANT -thrd_t g3[10]; // COMPLIANT -pthread_t g4[10]; // COMPLIANT -struct { - thrd_t m1; // COMPLIANT - pthread_t m2; // COMPLIANT -} g7; - -void* pthread_func(void* arg); -int thrd_func(void* arg); +void *pthread_func(void *arg); +int thrd_func(void *arg); void make_threads_called_from_main(void); void func_called_from_main(void); @@ -20,13 +13,11 @@ void make_threads_called_from_func_called_from_main(void); void make_threads_called_from_main_pthread_thrd(void); void main() { - // Main starting top level threads -- ok. - thrd_create(&g1, &thrd_func, NULL); // COMPLIANT + thrd_create(&g1, &thrd_func, NULL); // COMPLIANT pthread_create(&g2, NULL, &pthread_func, NULL); // COMPLIANT - // Starting thread in pool -- ok. - thrd_create(&g3[0], &thrd_func, NULL); // COMPLIANT - pthread_create(&g4[0], NULL, &pthread_func, NULL); // COMPLIANT + thrd_create(&g1, &thrd_func, NULL); // COMPLIANT + pthread_create(&g2, NULL, &pthread_func, NULL); // COMPLIANT make_threads_called_from_main(); func_called_from_main(); @@ -34,17 +25,17 @@ void main() { } void make_threads_called_from_main() { - thrd_create(&g3[0], &thrd_func, NULL); // COMPLIANT - pthread_create(&g4[0], NULL, &pthread_func, NULL); // COMPLIANT + thrd_create(&g1, &thrd_func, NULL); // COMPLIANT + pthread_create(&g2, NULL, &pthread_func, NULL); // COMPLIANT } void func_called_from_main() { - make_threads_called_from_func_called_from_main(); + make_threads_called_from_func_called_from_main(); } void make_threads_called_from_func_called_from_main() { - thrd_create(&g3[0], &thrd_func, NULL); // COMPLIANT - pthread_create(&g4[0], NULL, &pthread_func, NULL); // COMPLIANT + thrd_create(&g1, &thrd_func, NULL); // COMPLIANT + pthread_create(&g2, NULL, &pthread_func, NULL); // COMPLIANT } void make_threads_called_from_pthread_func(void); @@ -52,18 +43,18 @@ void make_threads_called_from_thrd_func(void); void func_called_from_pthread_thrd(void); void make_threads_called_from_func_called_from_pthread_thrd(void); -void* pthread_func(void* arg) { - thrd_create(&g3[0], &thrd_func, NULL); // NON-COMPLIANT - pthread_create(&g4[0], NULL, &pthread_func, NULL); // NON-COMPLIANT +void *pthread_func(void *arg) { + thrd_create(&g1, &thrd_func, NULL); // NON-COMPLIANT + pthread_create(&g2, NULL, &pthread_func, NULL); // NON-COMPLIANT make_threads_called_from_pthread_func(); func_called_from_pthread_thrd(); make_threads_called_from_main_pthread_thrd(); } -int thrd_func(void* arg) { - thrd_create(&g3[0], &thrd_func, NULL); // NON-COMPLIANT - pthread_create(&g4[0], NULL, &pthread_func, NULL); // NON-COMPLIANT +int thrd_func(void *arg) { + thrd_create(&g1, &thrd_func, NULL); // NON-COMPLIANT + pthread_create(&g2, NULL, &pthread_func, NULL); // NON-COMPLIANT make_threads_called_from_thrd_func(); func_called_from_pthread_thrd(); @@ -71,25 +62,25 @@ int thrd_func(void* arg) { } void make_threads_called_from_thrd_func(void) { - thrd_create(&g3[0], &thrd_func, NULL); // NON-COMPLIANT - pthread_create(&g4[0], NULL, &pthread_func, NULL); // NON-COMPLIANT + thrd_create(&g1, &thrd_func, NULL); // NON-COMPLIANT + pthread_create(&g2, NULL, &pthread_func, NULL); // NON-COMPLIANT } void func_called_from_pthread_thrd(void) { - make_threads_called_from_func_called_from_pthread_thrd(); + make_threads_called_from_func_called_from_pthread_thrd(); } void make_threads_called_from_func_called_from_pthread_thrd(void) { - thrd_create(&g3[0], &thrd_func, NULL); // NON-COMPLIANT - pthread_create(&g4[0], NULL, &pthread_func, NULL); // NON-COMPLIANT + thrd_create(&g1, &thrd_func, NULL); // NON-COMPLIANT + pthread_create(&g2, NULL, &pthread_func, NULL); // NON-COMPLIANT } void make_threads_called_from_main_pthread_thrd() { - thrd_create(&g3[0], &thrd_func, NULL); // NON-COMPLIANT - pthread_create(&g4[0], NULL, &pthread_func, NULL); // NON-COMPLIANT + thrd_create(&g1, &thrd_func, NULL); // NON-COMPLIANT + pthread_create(&g2, NULL, &pthread_func, NULL); // NON-COMPLIANT } void make_threads_not_called_by_anyone() { - thrd_create(&g3[0], &thrd_func, NULL); // COMPLIANT - pthread_create(&g4[0], NULL, &pthread_func, NULL); // COMPLIANT + thrd_create(&g1, &thrd_func, NULL); // COMPLIANT + pthread_create(&g2, NULL, &pthread_func, NULL); // COMPLIANT } From 14b7c61df9f5e4d18213b99a6a1f36c1fe1f0661 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 31 Oct 2024 21:50:31 -0700 Subject: [PATCH 2225/2573] Move 21-25 to Concurrency6 --- rules.csv | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rules.csv b/rules.csv index 7648052954..329d0d1bc5 100644 --- a/rules.csv +++ b/rules.csv @@ -790,7 +790,7 @@ c,MISRA-C-2012,RULE-21-21,Yes,Required,,,The Standard Library function system of c,MISRA-C-2012,RULE-21-22,Yes,Mandatory,,,All operand arguments to any type-generic macros in shall have an appropriate essential type,EXP37-C,EssentialTypes2,Hard, c,MISRA-C-2012,RULE-21-23,Yes,Required,,,All operand arguments to any multi-argument type-generic macros in shall have the same standard type,Rule-21-22,EssentialTypes2,Easy, c,MISRA-C-2012,RULE-21-24,Yes,Required,,,The random number generator functions of shall not be used,MSC30-C,Banned2,Easy, -c,MISRA-C-2012,RULE-21-25,Yes,Required,,,All memory synchronization operations shall be executed in sequentially consistent order,,Concurrency7,Medium, +c,MISRA-C-2012,RULE-21-25,Yes,Required,,,All memory synchronization operations shall be executed in sequentially consistent order,,Concurrency6,Medium, c,MISRA-C-2012,RULE-21-26,Yes,Required,,,The Standard Library function mtx_timedlock() shall only be invoked on mutex objects of appropriate mutex type,,Concurrency7,Hard, c,MISRA-C-2012,RULE-22-1,Yes,Required,,,All resources obtained dynamically by means of Standard Library functions shall be explicitly released,,Memory2,Hard, c,MISRA-C-2012,RULE-22-2,Yes,Mandatory,,,A block of memory shall only be freed if it was allocated by means of a Standard Library function,,Memory2,Hard, From 3259d17e5d699628303d64f0d52345d0f62eaeca Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 31 Oct 2024 21:53:43 -0700 Subject: [PATCH 2226/2573] Fix query formatting --- .../DIR-5-2/NotNoDeadlocksBetweenThreads.ql | 3 ++- .../src/rules/DIR-5-3/ThreadCreatedByThread.ql | 2 +- .../RULE-21-25/InvalidMemoryOrderArgument.ql | 16 ++++++---------- 3 files changed, 9 insertions(+), 12 deletions(-) diff --git a/c/misra/src/rules/DIR-5-2/NotNoDeadlocksBetweenThreads.ql b/c/misra/src/rules/DIR-5-2/NotNoDeadlocksBetweenThreads.ql index ffe30a2b6a..5d949f56ed 100644 --- a/c/misra/src/rules/DIR-5-2/NotNoDeadlocksBetweenThreads.ql +++ b/c/misra/src/rules/DIR-5-2/NotNoDeadlocksBetweenThreads.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.preventdeadlockbylockinginpredefinedorder.PreventDeadlockByLockingInPredefinedOrder -class NotNoDeadlocksBetweenThreadsQuery extends PreventDeadlockByLockingInPredefinedOrderSharedQuery { +class NotNoDeadlocksBetweenThreadsQuery extends PreventDeadlockByLockingInPredefinedOrderSharedQuery +{ NotNoDeadlocksBetweenThreadsQuery() { this = Concurrency6Package::notNoDeadlocksBetweenThreadsQuery() } diff --git a/c/misra/src/rules/DIR-5-3/ThreadCreatedByThread.ql b/c/misra/src/rules/DIR-5-3/ThreadCreatedByThread.ql index cf08a0c809..25b8b4cb9f 100644 --- a/c/misra/src/rules/DIR-5-3/ThreadCreatedByThread.ql +++ b/c/misra/src/rules/DIR-5-3/ThreadCreatedByThread.ql @@ -42,4 +42,4 @@ where enclosingFunction = tc.getEnclosingFunction() and threadRoot = enclosingFunction.getThreadRoot() select tc, "Thread creation call reachable from threaded function '$@'.", threadRoot, - threadRoot.toString() \ No newline at end of file + threadRoot.toString() diff --git a/c/misra/src/rules/RULE-21-25/InvalidMemoryOrderArgument.ql b/c/misra/src/rules/RULE-21-25/InvalidMemoryOrderArgument.ql index 4924c0df33..b0945db559 100644 --- a/c/misra/src/rules/RULE-21-25/InvalidMemoryOrderArgument.ql +++ b/c/misra/src/rules/RULE-21-25/InvalidMemoryOrderArgument.ql @@ -40,18 +40,13 @@ class MemoryOrderConstantExpr extends Expr { MemoryOrder ord; MemoryOrderConstantExpr() { - if - this instanceof MemoryOrderConstantAccess - then - ord = this.(MemoryOrderConstantAccess).getTarget() - else - ord.getIntValue() = getValue().toInt() + if this instanceof MemoryOrderConstantAccess + then ord = this.(MemoryOrderConstantAccess).getTarget() + else ord.getIntValue() = getValue().toInt() } /* Get the name of the `MemoryOrder` this expression is valued as. */ - string getMemoryOrderString() { - result = ord.toString() - } + string getMemoryOrderString() { result = ord.toString() } } /** @@ -75,7 +70,8 @@ class MemoryOrderedStdAtomicFunction extends Function { baseParamIdx = 1 and baseParams = 2 or - getName().regexpMatch(prefix + ["atomic_store", "atomic_fetch_.*", "atomic_exchange"] + suffix) and + getName() + .regexpMatch(prefix + ["atomic_store", "atomic_fetch_.*", "atomic_exchange"] + suffix) and baseParamIdx = 2 and baseParams = 3 or From 9ee2af69016c2bd07b39bfd48269674bd870243e Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 1 Nov 2024 02:35:55 -0700 Subject: [PATCH 2227/2573] Fix test issues --- .../ThreadWasPreviouslyJoinedOrDetached.qlref | 1 - .../AtomicVariableTwiceInExpression.expected | 8 ++++---- ...micAggregateObjectDirectlyAccessed.expected | 4 ++-- c/misra/test/rules/RULE-12-6/test.c | 18 ++++++++++-------- 4 files changed, 16 insertions(+), 15 deletions(-) delete mode 100644 c/cert/test/rules/CON39-C/ThreadWasPreviouslyJoinedOrDetached.qlref diff --git a/c/cert/test/rules/CON39-C/ThreadWasPreviouslyJoinedOrDetached.qlref b/c/cert/test/rules/CON39-C/ThreadWasPreviouslyJoinedOrDetached.qlref deleted file mode 100644 index 5daa5a5046..0000000000 --- a/c/cert/test/rules/CON39-C/ThreadWasPreviouslyJoinedOrDetached.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/CON39-C/ThreadWasPreviouslyJoinedOrDetached.ql \ No newline at end of file diff --git a/c/cert/test/rules/CON40-C/AtomicVariableTwiceInExpression.expected b/c/cert/test/rules/CON40-C/AtomicVariableTwiceInExpression.expected index ddff311b59..42d3ea924d 100644 --- a/c/cert/test/rules/CON40-C/AtomicVariableTwiceInExpression.expected +++ b/c/cert/test/rules/CON40-C/AtomicVariableTwiceInExpression.expected @@ -1,6 +1,6 @@ | test.c:7:18:7:39 | ATOMIC_VAR_INIT(value) | Atomic variable possibly referred to twice in an $@. | test.c:33:3:33:10 | ... += ... | expression | | test.c:7:18:7:39 | ATOMIC_VAR_INIT(value) | Atomic variable possibly referred to twice in an $@. | test.c:34:3:34:13 | ... = ... | expression | -| test.c:11:3:11:23 | atomic_store(a,b) | Atomic variable possibly referred to twice in an $@. | test.c:11:3:11:23 | atomic_store(a,b) | expression | -| test.c:12:3:12:35 | atomic_store_explicit(a,b,c) | Atomic variable possibly referred to twice in an $@. | test.c:12:3:12:35 | atomic_store_explicit(a,b,c) | expression | -| test.c:25:3:25:49 | atomic_compare_exchange_weak(a,b,c) | Atomic variable possibly referred to twice in an $@. | test.c:25:3:25:49 | atomic_compare_exchange_weak(a,b,c) | expression | -| test.c:26:3:27:42 | atomic_compare_exchange_weak_explicit(a,b,c,d,e) | Atomic variable possibly referred to twice in an $@. | test.c:26:3:27:42 | atomic_compare_exchange_weak_explicit(a,b,c,d,e) | expression | +| test.c:11:3:11:23 | atomic_store(object,desired) | Atomic variable possibly referred to twice in an $@. | test.c:11:3:11:23 | atomic_store(object,desired) | expression | +| test.c:12:3:12:23 | atomic_store_explicit | Atomic variable possibly referred to twice in an $@. | test.c:12:3:12:23 | atomic_store_explicit | expression | +| test.c:25:3:25:49 | atomic_compare_exchange_weak(object,expected,desired) | Atomic variable possibly referred to twice in an $@. | test.c:25:3:25:49 | atomic_compare_exchange_weak(object,expected,desired) | expression | +| test.c:26:3:26:39 | atomic_compare_exchange_weak_explicit | Atomic variable possibly referred to twice in an $@. | test.c:26:3:26:39 | atomic_compare_exchange_weak_explicit | expression | diff --git a/c/misra/test/rules/RULE-12-6/AtomicAggregateObjectDirectlyAccessed.expected b/c/misra/test/rules/RULE-12-6/AtomicAggregateObjectDirectlyAccessed.expected index 02159bef69..df7f149fcc 100644 --- a/c/misra/test/rules/RULE-12-6/AtomicAggregateObjectDirectlyAccessed.expected +++ b/c/misra/test/rules/RULE-12-6/AtomicAggregateObjectDirectlyAccessed.expected @@ -1,4 +1,4 @@ -| test.c:41:13:41:13 | x | Invalid access to member '$@' on atomic struct or union. | test.c:5:7:5:7 | x | x | -| test.c:42:18:42:18 | x | Invalid access to member '$@' on atomic struct or union. | test.c:5:7:5:7 | x | x | | test.c:43:13:43:13 | x | Invalid access to member '$@' on atomic struct or union. | test.c:5:7:5:7 | x | x | | test.c:44:18:44:18 | x | Invalid access to member '$@' on atomic struct or union. | test.c:5:7:5:7 | x | x | +| test.c:45:13:45:13 | x | Invalid access to member '$@' on atomic struct or union. | test.c:5:7:5:7 | x | x | +| test.c:46:18:46:18 | x | Invalid access to member '$@' on atomic struct or union. | test.c:5:7:5:7 | x | x | diff --git a/c/misra/test/rules/RULE-12-6/test.c b/c/misra/test/rules/RULE-12-6/test.c index 2b1eeb7568..ae6125da96 100644 --- a/c/misra/test/rules/RULE-12-6/test.c +++ b/c/misra/test/rules/RULE-12-6/test.c @@ -1,7 +1,7 @@ #include "stdatomic.h" #include "string.h" -typedef struct s2 { +typedef struct s1 { int x; } s1; @@ -16,14 +16,16 @@ _Atomic int g3; void takeCopy(s1 p1); void f1() { - s1 *l1; + s1 l1; + s1 *l2; l1 = atomic_load(&atomic_s1); // COMPLIANT l1 = atomic_load(ptr_atomic_s1); // COMPLIANT - l1 = atomic_load(&s1_atomic_ptr); // COMPLIANT - l1->x = 4; // COMPLIANT + l2 = atomic_load(&s1_atomic_ptr); // COMPLIANT + l1.x = 4; // COMPLIANT + l2->x = 4; // COMPLIANT atomic_store(&atomic_s1, l1); // COMPLIANT atomic_store(ptr_atomic_s1, l1); // COMPLIANT - atomic_store(&s1_atomic_ptr, l1); // COMPLIANT + atomic_store(&s1_atomic_ptr, l2); // COMPLIANT // Undefined behavior, but not banned by this rule. memset(&atomic_s1, sizeof(atomic_s1), 0); // COMPLIANT @@ -34,8 +36,8 @@ void f1() { takeCopy(*ptr_atomic_s1); // COMPLIANT atomic_s1 = (s1){0}; // COMPLIANT *ptr_atomic_s1 = (s1){0}; // COMPLIANT - atomic_s1 = *l1; // COMPLIANT - ptr_atomic_s1 = l1; // COMPLIANT + atomic_s1 = *l2; // COMPLIANT + ptr_atomic_s1 = l2; // COMPLIANT // Banned: circumvents data-race protection, results in UB. atomic_s1.x; // NON-COMPLIANT @@ -54,6 +56,6 @@ void f1() { memset(s1_atomic_ptr, sizeof(*s1_atomic_ptr), 0); // COMPLIANT takeCopy(*s1_atomic_ptr); // COMPLIANT *s1_atomic_ptr = (s1){0}; // COMPLIANT - s1_atomic_ptr = l1; // COMPLIANT + s1_atomic_ptr = l2; // COMPLIANT s1_atomic_ptr->x; // COMPLIANT } \ No newline at end of file From 1ed65cf5cd38ccb9add67211d6e8bd26401ba375 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Sat, 2 Nov 2024 09:35:42 -0700 Subject: [PATCH 2228/2573] Fix another stdlib affected test --- .../WrapFunctionsThatCanFailSpuriouslyInLoop.expected | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/c/cert/test/rules/CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.expected b/c/cert/test/rules/CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.expected index 0c1e25cd00..b1c224173e 100644 --- a/c/cert/test/rules/CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.expected +++ b/c/cert/test/rules/CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.expected @@ -1,4 +1,4 @@ -| test.c:6:8:6:46 | atomic_compare_exchange_weak(a,b,c) | Function that can spuriously fail not wrapped in a loop. | -| test.c:10:3:10:41 | atomic_compare_exchange_weak(a,b,c) | Function that can spuriously fail not wrapped in a loop. | -| test.c:12:8:13:47 | atomic_compare_exchange_weak_explicit(a,b,c,d,e) | Function that can spuriously fail not wrapped in a loop. | -| test.c:17:3:17:56 | atomic_compare_exchange_weak_explicit(a,b,c,d,e) | Function that can spuriously fail not wrapped in a loop. | +| test.c:6:8:6:46 | atomic_compare_exchange_weak(object,expected,desired) | Function that can spuriously fail not wrapped in a loop. | +| test.c:10:3:10:41 | atomic_compare_exchange_weak(object,expected,desired) | Function that can spuriously fail not wrapped in a loop. | +| test.c:12:8:12:44 | atomic_compare_exchange_weak_explicit | Function that can spuriously fail not wrapped in a loop. | +| test.c:17:3:17:39 | atomic_compare_exchange_weak_explicit | Function that can spuriously fail not wrapped in a loop. | From bc8bcfe45b179e6f26a86079c63b4ba8a47de895 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 5 Nov 2024 23:21:09 +0000 Subject: [PATCH 2229/2573] Update actions/upload-artifact to v4 --- .github/workflows/extra-rule-validation.yml | 8 ++++---- .github/workflows/generate-html-docs.yml | 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/extra-rule-validation.yml b/.github/workflows/extra-rule-validation.yml index a18f47c65d..02d37f92b2 100644 --- a/.github/workflows/extra-rule-validation.yml +++ b/.github/workflows/extra-rule-validation.yml @@ -21,7 +21,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Check Rules shell: pwsh @@ -33,7 +33,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Ensure CPP Shared Rules Have Valid Structure shell: pwsh @@ -44,13 +44,13 @@ jobs: run: scripts/util/Test-SharedImplementationsHaveTestCases.ps1 -Language c -CIMode - - uses: actions/upload-artifact@v3 + - uses: actions/upload-artifact@v4 if: failure() with: name: missing-test-report.csv path: MissingTestReport*.csv - - uses: actions/upload-artifact@v3 + - uses: actions/upload-artifact@v4 if: failure() with: name: test-report.csv diff --git a/.github/workflows/generate-html-docs.yml b/.github/workflows/generate-html-docs.yml index 71359a8e6f..8ae26b0270 100644 --- a/.github/workflows/generate-html-docs.yml +++ b/.github/workflows/generate-html-docs.yml @@ -20,7 +20,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Install Python uses: actions/setup-python@v4 @@ -35,7 +35,7 @@ jobs: python scripts/documentation/generate_iso26262_docs.py coding-standards-html-docs - name: Upload HTML documentation - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: coding-standards-docs-${{ github.sha }} path: coding-standards-html-docs/ From 0ac5171884bba2abde0be1c746f78ba815b26c5a Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 5 Nov 2024 23:21:25 +0000 Subject: [PATCH 2230/2573] Update actions/cache to v4 --- .github/workflows/code-scanning-pack-gen.yml | 2 +- .github/workflows/codeql_unit_tests.yml | 2 +- .github/workflows/standard_library_upgrade_tests.yml | 2 +- .github/workflows/tooling-unit-tests.yml | 2 +- .github/workflows/verify-standard-library-dependencies.yml | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index ea13a4e76c..c88dae52cd 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -46,7 +46,7 @@ jobs: - name: Cache CodeQL id: cache-codeql - uses: actions/cache@v2.1.3 + uses: actions/cache@v4 with: path: ${{ github.workspace }}/codeql_home key: codeql-home-${{ matrix.os }}-${{ matrix.codeql_cli }}-${{ matrix.codeql_standard_library }} diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index d20198af35..9cfa886e8b 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -57,7 +57,7 @@ jobs: - name: Cache CodeQL id: cache-codeql - uses: actions/cache@v3 + uses: actions/cache@v4 with: # A list of files, directories, and wildcard patterns to cache and restore path: ${{github.workspace}}/codeql_home diff --git a/.github/workflows/standard_library_upgrade_tests.yml b/.github/workflows/standard_library_upgrade_tests.yml index b6c3d38d87..cf77a5ff8a 100644 --- a/.github/workflows/standard_library_upgrade_tests.yml +++ b/.github/workflows/standard_library_upgrade_tests.yml @@ -50,7 +50,7 @@ jobs: - name: Cache CodeQL id: cache-codeql - uses: actions/cache@v2.1.3 + uses: actions/cache@v4 with: # A list of files, directories, and wildcard patterns to cache and restore path: ${{github.workspace}}/codeql_home diff --git a/.github/workflows/tooling-unit-tests.yml b/.github/workflows/tooling-unit-tests.yml index 490d399e8b..b2374c8e16 100644 --- a/.github/workflows/tooling-unit-tests.yml +++ b/.github/workflows/tooling-unit-tests.yml @@ -52,7 +52,7 @@ jobs: - name: Cache CodeQL id: cache-codeql - uses: actions/cache@v2.1.3 + uses: actions/cache@v4 with: path: ${{ github.workspace }}/codeql_home key: codeql-home-${{ matrix.os }}-${{ matrix.codeql_cli }}-${{ matrix.codeql_standard_library }} diff --git a/.github/workflows/verify-standard-library-dependencies.yml b/.github/workflows/verify-standard-library-dependencies.yml index cd5d35248d..f44183a27c 100644 --- a/.github/workflows/verify-standard-library-dependencies.yml +++ b/.github/workflows/verify-standard-library-dependencies.yml @@ -53,7 +53,7 @@ jobs: - name: Cache CodeQL id: cache-codeql - uses: actions/cache@v2.1.3 + uses: actions/cache@v4 with: # A list of files, directories, and wildcard patterns to cache and restore path: ${{github.workspace}}/codeql_home From 3e8c336866f622c055be8f4b54283520ca999b5c Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 5 Nov 2024 23:21:48 +0000 Subject: [PATCH 2231/2573] Update actions/checkout to v4 --- .github/workflows/prepare-release.yml | 2 +- .github/workflows/standard_library_upgrade_tests.yml | 4 ++-- .github/workflows/tooling-unit-tests.yml | 8 ++++---- .github/workflows/validate-package-files.yml | 2 +- .github/workflows/validate-query-formatting.yml | 2 +- .github/workflows/validate-query-help.yml | 2 +- .github/workflows/validate-query-test-case-formatting.yml | 2 +- .../workflows/verify-standard-library-dependencies.yml | 4 ++-- 8 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index ba258e06f5..f23db508b2 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -34,7 +34,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: ref: ${{ inputs.ref }} diff --git a/.github/workflows/standard_library_upgrade_tests.yml b/.github/workflows/standard_library_upgrade_tests.yml index cf77a5ff8a..811194dd7e 100644 --- a/.github/workflows/standard_library_upgrade_tests.yml +++ b/.github/workflows/standard_library_upgrade_tests.yml @@ -19,7 +19,7 @@ jobs: matrix: ${{ steps.export-unit-test-matrix.outputs.matrix }} steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Export unit test matrix id: export-unit-test-matrix @@ -41,7 +41,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Setup Python 3 uses: actions/setup-python@v2 diff --git a/.github/workflows/tooling-unit-tests.yml b/.github/workflows/tooling-unit-tests.yml index b2374c8e16..e952474408 100644 --- a/.github/workflows/tooling-unit-tests.yml +++ b/.github/workflows/tooling-unit-tests.yml @@ -22,7 +22,7 @@ jobs: matrix: ${{ steps.export-supported-codeql-env-matrix.outputs.matrix }} steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Export supported CodeQL environment matrix id: export-supported-codeql-env-matrix @@ -40,7 +40,7 @@ jobs: matrix: ${{ fromJSON(needs.prepare-supported-codeql-env-matrix.outputs.matrix) }} steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Install Python uses: actions/setup-python@v4 @@ -83,7 +83,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Install Python uses: actions/setup-python@v4 @@ -102,7 +102,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Install Python uses: actions/setup-python@v4 diff --git a/.github/workflows/validate-package-files.yml b/.github/workflows/validate-package-files.yml index 0e38e4a1da..a0a09d8ecb 100644 --- a/.github/workflows/validate-package-files.yml +++ b/.github/workflows/validate-package-files.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: ref: ${{ inputs.ref }} diff --git a/.github/workflows/validate-query-formatting.yml b/.github/workflows/validate-query-formatting.yml index e4c6871ad5..88b4c0d438 100644 --- a/.github/workflows/validate-query-formatting.yml +++ b/.github/workflows/validate-query-formatting.yml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: ref: ${{ inputs.ref }} diff --git a/.github/workflows/validate-query-help.yml b/.github/workflows/validate-query-help.yml index d99144fc7f..90f0d16dbc 100644 --- a/.github/workflows/validate-query-help.yml +++ b/.github/workflows/validate-query-help.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: ref: ${{ inputs.ref }} diff --git a/.github/workflows/validate-query-test-case-formatting.yml b/.github/workflows/validate-query-test-case-formatting.yml index 7b95484376..879c1c9058 100644 --- a/.github/workflows/validate-query-test-case-formatting.yml +++ b/.github/workflows/validate-query-test-case-formatting.yml @@ -20,7 +20,7 @@ jobs: fail-fast: false steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: ref: ${{ inputs.ref }} diff --git a/.github/workflows/verify-standard-library-dependencies.yml b/.github/workflows/verify-standard-library-dependencies.yml index f44183a27c..b04f200157 100644 --- a/.github/workflows/verify-standard-library-dependencies.yml +++ b/.github/workflows/verify-standard-library-dependencies.yml @@ -22,7 +22,7 @@ jobs: matrix: ${{ steps.export-matrix.outputs.matrix }} steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Export unit test matrix id: export-matrix @@ -44,7 +44,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Setup Python 3 uses: actions/setup-python@v4 From b5c1a95311ae8635ea2f4b23e8c844e7b1d016f8 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 5 Nov 2024 23:24:42 +0000 Subject: [PATCH 2232/2573] Update actions/setup-python to v5 --- .github/workflows/codeql_unit_tests.yml | 2 +- .github/workflows/finalize-release.yml | 2 +- .github/workflows/generate-html-docs.yml | 2 +- .github/workflows/prepare-release.yml | 2 +- .github/workflows/standard_library_upgrade_tests.yml | 4 ++-- .github/workflows/tooling-unit-tests.yml | 6 +++--- .github/workflows/update-release.yml | 2 +- .github/workflows/validate-package-files.yml | 2 +- .github/workflows/verify-standard-library-dependencies.yml | 2 +- 9 files changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index 9cfa886e8b..2c771b4575 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -48,7 +48,7 @@ jobs: uses: actions/checkout@v4 - name: Install Python - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: python-version: "3.9" diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index 7afc516aac..a7ccc0375e 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -52,7 +52,7 @@ jobs: path: tooling - name: Install Python - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: python-version: "3.9" diff --git a/.github/workflows/generate-html-docs.yml b/.github/workflows/generate-html-docs.yml index 8ae26b0270..d63f631421 100644 --- a/.github/workflows/generate-html-docs.yml +++ b/.github/workflows/generate-html-docs.yml @@ -23,7 +23,7 @@ jobs: uses: actions/checkout@v4 - name: Install Python - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: python-version: "3.9" diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index f23db508b2..19dbe1adbd 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -39,7 +39,7 @@ jobs: ref: ${{ inputs.ref }} - name: Install Python - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: python-version: "3.9" diff --git a/.github/workflows/standard_library_upgrade_tests.yml b/.github/workflows/standard_library_upgrade_tests.yml index 811194dd7e..a401150b07 100644 --- a/.github/workflows/standard_library_upgrade_tests.yml +++ b/.github/workflows/standard_library_upgrade_tests.yml @@ -44,7 +44,7 @@ jobs: uses: actions/checkout@v4 - name: Setup Python 3 - uses: actions/setup-python@v2 + uses: actions/setup-python@v5 with: python-version: "3.x" @@ -157,7 +157,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Install Python - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: python-version: "3.9" diff --git a/.github/workflows/tooling-unit-tests.yml b/.github/workflows/tooling-unit-tests.yml index e952474408..3f4fde932d 100644 --- a/.github/workflows/tooling-unit-tests.yml +++ b/.github/workflows/tooling-unit-tests.yml @@ -43,7 +43,7 @@ jobs: uses: actions/checkout@v4 - name: Install Python - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: python-version: "3.9" @@ -86,7 +86,7 @@ jobs: uses: actions/checkout@v4 - name: Install Python - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: python-version: "3.9" @@ -105,7 +105,7 @@ jobs: uses: actions/checkout@v4 - name: Install Python - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: python-version: "3.9" diff --git a/.github/workflows/update-release.yml b/.github/workflows/update-release.yml index c825fab347..4f779d0841 100644 --- a/.github/workflows/update-release.yml +++ b/.github/workflows/update-release.yml @@ -34,7 +34,7 @@ jobs: ref: ${{ inputs.head-sha }} - name: Install Python - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: python-version: "3.9" diff --git a/.github/workflows/validate-package-files.yml b/.github/workflows/validate-package-files.yml index a0a09d8ecb..a716921053 100644 --- a/.github/workflows/validate-package-files.yml +++ b/.github/workflows/validate-package-files.yml @@ -21,7 +21,7 @@ jobs: ref: ${{ inputs.ref }} - name: Install Python - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: python-version: "3.9" diff --git a/.github/workflows/verify-standard-library-dependencies.yml b/.github/workflows/verify-standard-library-dependencies.yml index b04f200157..06ab4d23e2 100644 --- a/.github/workflows/verify-standard-library-dependencies.yml +++ b/.github/workflows/verify-standard-library-dependencies.yml @@ -47,7 +47,7 @@ jobs: uses: actions/checkout@v4 - name: Setup Python 3 - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: python-version: "3.9" From a9f2bf141dfe551f2f2d2f877554ec7337f1c2bb Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 5 Nov 2024 23:30:37 +0000 Subject: [PATCH 2233/2573] Add dependabot.yml file to keep Actions up-to-date --- .github/dependabot.yml | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000000..73f11c1f47 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,8 @@ +version: 2 +updates: + + - package-ecosystem: "github-actions" + directory: "/" + schedule: + # Check for updates to GitHub Actions every week + interval: "weekly" \ No newline at end of file From de24d43f7c5590528e026a6ea21f76d7a971a8a3 Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Mon, 11 Nov 2024 13:17:25 +0900 Subject: [PATCH 2234/2573] Fix #789 --- change_notes/2024-11-11-fix-fp-789.md | 2 ++ .../rules/A7-1-2/VariableMissingConstexpr.ql | 6 +++++ .../A7-1-2/VariableMissingConstexpr.expected | 5 ++-- cpp/autosar/test/rules/A7-1-2/test.cpp | 25 +++++++++++++------ cpp/common/src/codingstandards/cpp/Expr.qll | 4 ++- 5 files changed, 31 insertions(+), 11 deletions(-) create mode 100644 change_notes/2024-11-11-fix-fp-789.md diff --git a/change_notes/2024-11-11-fix-fp-789.md b/change_notes/2024-11-11-fix-fp-789.md new file mode 100644 index 0000000000..6ba34dbd7c --- /dev/null +++ b/change_notes/2024-11-11-fix-fp-789.md @@ -0,0 +1,2 @@ +- `A7-1-2` - `VariableMissingConstexpr.ql`: + - Fixes #789. Doesn't alert on non-static member variables and compiler generated variables of range based for-loops. diff --git a/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql b/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql index f0adab07d4..b051965a56 100644 --- a/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql +++ b/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql @@ -42,6 +42,12 @@ where not v.isConstexpr() and not v instanceof Parameter and not v.isAffectedByMacro() and + // Don't consider non-static member variables. + ( + not v instanceof MemberVariable + or + v.isStatic() + ) and isLiteralType(v.getType()) and // Unfortunately, `isConstant` is not sufficient here because it doesn't include calls to // constexpr constructors, and does not take into account zero initialization diff --git a/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected b/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected index f86faf1a7b..ee33044a2d 100644 --- a/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected +++ b/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected @@ -7,9 +7,8 @@ | test.cpp:41:14:41:15 | l2 | Variable 'l2' could be marked 'constexpr'. | | test.cpp:44:16:44:17 | lc | Variable 'lc' could be marked 'constexpr'. | | test.cpp:45:17:45:19 | lc2 | Variable 'lc2' could be marked 'constexpr'. | -| test.cpp:55:7:55:8 | m2 | Variable 'm2' could be marked 'constexpr'. | -| test.cpp:130:7:130:8 | m1 | Variable 'm1' could be marked 'constexpr'. | -| test.cpp:141:7:141:8 | m1 | Variable 'm1' could be marked 'constexpr'. | +| test.cpp:55:20:55:21 | m2 | Variable 'm2' could be marked 'constexpr'. | +| test.cpp:143:5:143:20 | m1 | Variable 'm1' could be marked 'constexpr'. | | test.cpp:221:7:221:8 | l1 | Variable 'l1' could be marked 'constexpr'. | | test.cpp:235:7:235:8 | l6 | Variable 'l6' could be marked 'constexpr'. | | test.cpp:237:7:237:8 | l8 | Variable 'l8' could be marked 'constexpr'. | diff --git a/cpp/autosar/test/rules/A7-1-2/test.cpp b/cpp/autosar/test/rules/A7-1-2/test.cpp index 8395f60ff3..3b45516bc3 100644 --- a/cpp/autosar/test/rules/A7-1-2/test.cpp +++ b/cpp/autosar/test/rules/A7-1-2/test.cpp @@ -51,9 +51,9 @@ class MemberConstExpr { MemberConstExpr(int p3) : m3(p3) {} private: - int m1; // COMPLIANT - is not always zero initialized - int m2 = 0; // NON_COMPLIANT - int m3 = 0; // COMPLIANT - can be set by constructor + int m1; // COMPLIANT - is not always zero initialized + static const int m2 = 0; // NON_COMPLIANT + int m3 = 0; // COMPLIANT - can be set by constructor }; int h1(int x, int y) { // NON_COMPLIANT @@ -127,7 +127,7 @@ class MissingConstexprClass { MissingConstexprClass(int i) = delete; // NON_COMPLIANT MissingConstexprClass(int i, LiteralClass lc) {} // NON_COMPLIANT private: - int m1 = 0; + int m1 = 0; // COMPLIANT - non-static member variable }; class VirtualBaseClass {}; @@ -138,9 +138,9 @@ class DerivedClass : public virtual VirtualBaseClass { DerivedClass(int i) = delete; // COMPLIANT DerivedClass(int i, LiteralClass lc) {} // COMPLIANT private: - int m1 = 0; + static int m1; // NON_COMPLAINT - static member variable can be constexpr }; - +int DerivedClass::m1 = 0; class NotAllMembersInitializedClass { public: NotAllMembersInitializedClass() = default; // COMPLIANT @@ -274,4 +274,15 @@ template T *init() { return t; } -void test_template_instantiation() { int *t = init(); } \ No newline at end of file +void test_template_instantiation() { int *t = init(); } + +#include +#include +void a_function() { + auto origin = std::vector{1, 2, 3, 4, 5, 6, 7, 8, 9}; + auto values = std::vector>{}; + for (auto &value : + origin) { // Sometimes, CodeQL reports "value" should be constexpr + values.emplace_back(std::make_unique(value)); + } +} diff --git a/cpp/common/src/codingstandards/cpp/Expr.qll b/cpp/common/src/codingstandards/cpp/Expr.qll index fe2877f849..90730b9718 100644 --- a/cpp/common/src/codingstandards/cpp/Expr.qll +++ b/cpp/common/src/codingstandards/cpp/Expr.qll @@ -267,7 +267,9 @@ predicate isCompileTimeEvaluatedCall(Call call) { parameterUsingDefaultValue.getAnAssignedValue() = defaultValue | isDirectCompileTimeEvaluatedExpression(defaultValue) - ) + ) and + // 4. the call's qualifier is compile time evaluated. + (not call.hasQualifier() or isCompileTimeEvaluatedExpression(call.getQualifier())) } /* From 9aa4c38e4a54856234e9dc1d2c5297a0cbba1125 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 12 Nov 2024 16:39:26 +0000 Subject: [PATCH 2235/2573] Bump actions/github-script from 3 to 7 Bumps [actions/github-script](https://github.com/actions/github-script) from 3 to 7. - [Release notes](https://github.com/actions/github-script/releases) - [Commits](https://github.com/actions/github-script/compare/v3...v7) --- updated-dependencies: - dependency-name: actions/github-script dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql_unit_tests.yml | 2 +- .github/workflows/dispatch-matrix-test-on-comment.yml | 2 +- .github/workflows/dispatch-release-performance-check.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index 2c771b4575..2fc28fc900 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -166,7 +166,7 @@ jobs: steps: - name: Check if run-test-suites job failed to complete, if so fail if: ${{ needs.run-test-suites.result == 'failure' }} - uses: actions/github-script@v3 + uses: actions/github-script@v7 with: script: | core.setFailed('Test run job failed') diff --git a/.github/workflows/dispatch-matrix-test-on-comment.yml b/.github/workflows/dispatch-matrix-test-on-comment.yml index 297b6fbc7e..964fb7e9f3 100644 --- a/.github/workflows/dispatch-matrix-test-on-comment.yml +++ b/.github/workflows/dispatch-matrix-test-on-comment.yml @@ -40,7 +40,7 @@ jobs: --json \ -R github/codeql-coding-standards-release-engineering - - uses: actions/github-script@v6 + - uses: actions/github-script@v7 if: ${{ github.event.issue.pull_request && contains(github.event.comment.body, '/test-matrix') && steps.check-write-permission.outputs.has-permission }} with: script: | diff --git a/.github/workflows/dispatch-release-performance-check.yml b/.github/workflows/dispatch-release-performance-check.yml index 260846185a..a8df297f7d 100644 --- a/.github/workflows/dispatch-release-performance-check.yml +++ b/.github/workflows/dispatch-release-performance-check.yml @@ -40,7 +40,7 @@ jobs: --json \ -R github/codeql-coding-standards-release-engineering - - uses: actions/github-script@v6 + - uses: actions/github-script@v7 if: ${{ github.event.issue.pull_request && contains(github.event.comment.body, '/test-performance') && steps.check-write-permission.outputs.has-permission }} with: script: | From 73c075d2bc1b745a00efa5b1a4cbc5e8ede13b74 Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Wed, 13 Nov 2024 14:36:39 +0900 Subject: [PATCH 2236/2573] Fix #796 --- change_notes/2024-11-13-fix-fp-796.md | 2 ++ ...onThatContainsForwardingReferenceAsItsArgumentOverloaded.ql | 3 +++ 2 files changed, 5 insertions(+) create mode 100644 change_notes/2024-11-13-fix-fp-796.md diff --git a/change_notes/2024-11-13-fix-fp-796.md b/change_notes/2024-11-13-fix-fp-796.md new file mode 100644 index 0000000000..5fa32f57e8 --- /dev/null +++ b/change_notes/2024-11-13-fix-fp-796.md @@ -0,0 +1,2 @@ + - `A13-3-1` - `FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql`: + - Reduce false positives by explicitly checking that the locations of overloaded functions are different. diff --git a/cpp/autosar/src/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql b/cpp/autosar/src/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql index 81ca7039c3..e3fb59bd8a 100644 --- a/cpp/autosar/src/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql +++ b/cpp/autosar/src/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql @@ -29,6 +29,9 @@ where OperatorsPackage::functionThatContainsForwardingReferenceAsItsArgumentOverloadedQuery()) and not f.isDeleted() and f = c.getAnOverload() and + // CodeQL sometimes fetches an overloaded function at the same location. + // Thus, a check is added explicitly (refer #796). + f.getLocation() != c.getLocation() and // allow for overloading with different number of parameters, because there is no // confusion on what function will be called. f.getNumberOfParameters() = c.getNumberOfParameters() and From b1c76190f42c28f51edceadb944b83c3daa7a28c Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 14 Nov 2024 20:56:51 -0800 Subject: [PATCH 2237/2573] Fix broken test --- .../RULE-1-5/UngetcCallOnStreamPositionZero.expected | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/c/misra/test/rules/RULE-1-5/UngetcCallOnStreamPositionZero.expected b/c/misra/test/rules/RULE-1-5/UngetcCallOnStreamPositionZero.expected index 98e7b34fbe..ff25a58e3c 100644 --- a/c/misra/test/rules/RULE-1-5/UngetcCallOnStreamPositionZero.expected +++ b/c/misra/test/rules/RULE-1-5/UngetcCallOnStreamPositionZero.expected @@ -1,8 +1,8 @@ edges -| test.c:39:16:39:20 | call to fopen indirection | test.c:41:15:41:18 | file indirection | +| test.c:39:16:39:20 | *call to fopen | test.c:41:15:41:18 | *file | provenance | | nodes -| test.c:39:16:39:20 | call to fopen indirection | semmle.label | call to fopen indirection | -| test.c:41:15:41:18 | file indirection | semmle.label | file indirection | +| test.c:39:16:39:20 | *call to fopen | semmle.label | *call to fopen | +| test.c:41:15:41:18 | *file | semmle.label | *file | subpaths #select -| test.c:41:15:41:18 | file indirection | test.c:39:16:39:20 | call to fopen indirection | test.c:41:15:41:18 | file indirection | Obsolescent call to ungetc on file stream $@ at position zero. | test.c:39:16:39:20 | call to fopen indirection | call to fopen indirection | +| test.c:41:15:41:18 | *file | test.c:39:16:39:20 | *call to fopen | test.c:41:15:41:18 | *file | Obsolescent call to ungetc on file stream $@ at position zero. | test.c:39:16:39:20 | *call to fopen | *call to fopen | From bed2b88b76964c690aa327b73e08671e1d1bc0b4 Mon Sep 17 00:00:00 2001 From: Fernando Jose Date: Mon, 18 Nov 2024 08:30:26 +0900 Subject: [PATCH 2238/2573] review: add test cases. --- ...oopCounterModifiedWithinStatement.expected | 1 + cpp/autosar/test/rules/M6-5-3/test.cpp | 57 +++++++++++++++++++ 2 files changed, 58 insertions(+) diff --git a/cpp/autosar/test/rules/M6-5-3/LoopCounterModifiedWithinStatement.expected b/cpp/autosar/test/rules/M6-5-3/LoopCounterModifiedWithinStatement.expected index a6988586f0..a8fc2afff6 100644 --- a/cpp/autosar/test/rules/M6-5-3/LoopCounterModifiedWithinStatement.expected +++ b/cpp/autosar/test/rules/M6-5-3/LoopCounterModifiedWithinStatement.expected @@ -2,3 +2,4 @@ | test.cpp:25:35:25:35 | x | Loop counters should not be modified within a statement in a for loop. | | test.cpp:36:5:36:5 | x | Loop counters should not be modified within a statement in a for loop. | | test.cpp:43:9:43:9 | i | Loop counters should not be modified within a statement in a for loop. | +| test.cpp:99:15:99:15 | i | Loop counters should not be modified within a statement in a for loop. | diff --git a/cpp/autosar/test/rules/M6-5-3/test.cpp b/cpp/autosar/test/rules/M6-5-3/test.cpp index a534e6ba8e..d60980588b 100644 --- a/cpp/autosar/test/rules/M6-5-3/test.cpp +++ b/cpp/autosar/test/rules/M6-5-3/test.cpp @@ -43,3 +43,60 @@ void test_loop_counter_mod_in_side_effect() { inc(i); // NON_COMPLIANT - modifies `i` } } + +void test_loop_counter_reference_mod_in_condition() { + auto loop = [](int& i){ + for (; (i++ < 10); i++) { // NON_COMPLIANT + } + }; + int i = 0; + loop(i); +} + +void test_loop_counter_reference_mod() { + auto loop = [](int& i){ + for (; i < 10; i++) { // COMPLIANT + } + }; + int i = 0; + loop(i); +} + +void test_loop_const_reference() { + auto loop = []([[maybe_unused]] int const& i){ + for (int i = 0; i < 10; i++) { // COMPLIANT + } + }; + int i = 0; + loop(i); +} + +void test_loop_counter_reference_mod_in_statement() { + auto loop = [](int& i){ + for (; (i < 10); i++) { + i++; // NON_COMPLIANT + } + }; + int i = 0; + loop(i); +} + +int const_reference(int const& i) { + return i; +} + +int reference(int& i) { + return i; +} + +int copy(int i) { + return i; +} + +void test_pass_argument_by() { + for (int i = 0; i < 10; i++) { + const_reference(i); // COMPLIANT + reference(i); // NON_COMPLIANT + copy(i); // COMPLIANT + } +} From dac5019b346f902eeef2a0889e7dbde3b523b647 Mon Sep 17 00:00:00 2001 From: Fernando Jose Date: Mon, 18 Nov 2024 08:48:15 +0900 Subject: [PATCH 2239/2573] Format test case. --- cpp/autosar/test/rules/M6-5-3/test.cpp | 20 +++++++------------- 1 file changed, 7 insertions(+), 13 deletions(-) diff --git a/cpp/autosar/test/rules/M6-5-3/test.cpp b/cpp/autosar/test/rules/M6-5-3/test.cpp index d60980588b..a41ba8a22d 100644 --- a/cpp/autosar/test/rules/M6-5-3/test.cpp +++ b/cpp/autosar/test/rules/M6-5-3/test.cpp @@ -45,7 +45,7 @@ void test_loop_counter_mod_in_side_effect() { } void test_loop_counter_reference_mod_in_condition() { - auto loop = [](int& i){ + auto loop = [](int &i) { for (; (i++ < 10); i++) { // NON_COMPLIANT } }; @@ -54,7 +54,7 @@ void test_loop_counter_reference_mod_in_condition() { } void test_loop_counter_reference_mod() { - auto loop = [](int& i){ + auto loop = [](int &i) { for (; i < 10; i++) { // COMPLIANT } }; @@ -63,7 +63,7 @@ void test_loop_counter_reference_mod() { } void test_loop_const_reference() { - auto loop = []([[maybe_unused]] int const& i){ + auto loop = []([[maybe_unused]] int const &i) { for (int i = 0; i < 10; i++) { // COMPLIANT } }; @@ -72,7 +72,7 @@ void test_loop_const_reference() { } void test_loop_counter_reference_mod_in_statement() { - auto loop = [](int& i){ + auto loop = [](int &i) { for (; (i < 10); i++) { i++; // NON_COMPLIANT } @@ -81,17 +81,11 @@ void test_loop_counter_reference_mod_in_statement() { loop(i); } -int const_reference(int const& i) { - return i; -} +int const_reference(int const &i) { return i; } -int reference(int& i) { - return i; -} +int reference(int &i) { return i; } -int copy(int i) { - return i; -} +int copy(int i) { return i; } void test_pass_argument_by() { for (int i = 0; i < 10; i++) { From 916388130da293b0831348dcfe04d3fc6e52c18d Mon Sep 17 00:00:00 2001 From: Fernando Jose Date: Mon, 18 Nov 2024 10:46:53 +0900 Subject: [PATCH 2240/2573] Update test case expected's line number after previous format. --- .../rules/M6-5-3/LoopCounterModifiedWithinStatement.expected | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/M6-5-3/LoopCounterModifiedWithinStatement.expected b/cpp/autosar/test/rules/M6-5-3/LoopCounterModifiedWithinStatement.expected index a8fc2afff6..4643298e3a 100644 --- a/cpp/autosar/test/rules/M6-5-3/LoopCounterModifiedWithinStatement.expected +++ b/cpp/autosar/test/rules/M6-5-3/LoopCounterModifiedWithinStatement.expected @@ -2,4 +2,4 @@ | test.cpp:25:35:25:35 | x | Loop counters should not be modified within a statement in a for loop. | | test.cpp:36:5:36:5 | x | Loop counters should not be modified within a statement in a for loop. | | test.cpp:43:9:43:9 | i | Loop counters should not be modified within a statement in a for loop. | -| test.cpp:99:15:99:15 | i | Loop counters should not be modified within a statement in a for loop. | +| test.cpp:93:15:93:15 | i | Loop counters should not be modified within a statement in a for loop. | From 0683d4c67a47fd17732673bf6475ac406ed47b99 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Sun, 17 Nov 2024 19:12:24 -0800 Subject: [PATCH 2241/2573] Address feedback. --- ...RedeclarationOfObjectWithUnmatchedAlignment.ql | 15 ++------------- .../RedeclarationOfObjectWithoutAlignment.ql | 7 +++---- .../MoreThanOneAlignmentSpecifierOnDeclaration.ql | 5 ++++- 3 files changed, 9 insertions(+), 18 deletions(-) diff --git a/c/misra/src/rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.ql b/c/misra/src/rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.ql index b17c1ef6c1..2969c0ea06 100644 --- a/c/misra/src/rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.ql +++ b/c/misra/src/rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.ql @@ -15,21 +15,10 @@ import cpp import codingstandards.c.misra - -predicate lexicallyEqualExpr(Expr a, Expr b) { - a.toString() = b.toString() and - a.getNumChild() = b.getNumChild() and - forall(Expr aChild, Expr bChild, int i | - aChild = a.getChild(i) and - bChild = b.getChild(i) and - i < a.getNumChild() - | - lexicallyEqualExpr(aChild, bChild) - ) -} +import semmle.code.cpp.valuenumbering.HashCons predicate lexicallyEqual(AttributeArgument a, AttributeArgument b) { - lexicallyEqualExpr(a.getValueConstant(), b.getValueConstant()) or + hashCons(a.getValueConstant()) = hashCons(b.getValueConstant()) or a.getValueType() = b.getValueType() } diff --git a/c/misra/src/rules/RULE-8-15/RedeclarationOfObjectWithoutAlignment.ql b/c/misra/src/rules/RULE-8-15/RedeclarationOfObjectWithoutAlignment.ql index 986ab92f5a..3088708de0 100644 --- a/c/misra/src/rules/RULE-8-15/RedeclarationOfObjectWithoutAlignment.ql +++ b/c/misra/src/rules/RULE-8-15/RedeclarationOfObjectWithoutAlignment.ql @@ -46,10 +46,9 @@ newtype TAttributeDeclLocation = * This should give us a highly reliable means of finding which attributes are * associated with which `DeclarationEntry`s. * - * One note of caution: the associated `Variable` must be treated with caution, - * as there are multiple instances of that `Variable` if it is declared - * multiple times, they equal each other, and `getLocation()` on each variable - * returns every location result. This class must act on `DeclarationEntry`s to + * One note of caution: the location of the associated `Variable` must be + * treated with caution, as calls to `getLocation()` on a redeclared `Variable` + * can return multiple results. This class must act on `DeclarationEntry`s to * deliver reliable results. */ class DeclarationEntryAttribute extends Attribute { diff --git a/c/misra/src/rules/RULE-8-17/MoreThanOneAlignmentSpecifierOnDeclaration.ql b/c/misra/src/rules/RULE-8-17/MoreThanOneAlignmentSpecifierOnDeclaration.ql index 3c89a190ec..f4e0d93d92 100644 --- a/c/misra/src/rules/RULE-8-17/MoreThanOneAlignmentSpecifierOnDeclaration.ql +++ b/c/misra/src/rules/RULE-8-17/MoreThanOneAlignmentSpecifierOnDeclaration.ql @@ -20,9 +20,12 @@ where not isExcluded(v, AlignmentPackage::moreThanOneAlignmentSpecifierOnDeclarationQuery()) and first = v.getAnAttribute() and last = v.getAnAttribute() and - first != last and + not first = last and first.hasName("_Alignas") and last.hasName("_Alignas") and + // Handle double reporting: the first Attribute should really be first, and the last Attribute + // should really be last. This implies the first is before the last. This approach also ensures + // a single result for variables that have more than two alignment specifiers. not exists(Attribute beforeFirst | beforeFirst.getLocation().isBefore(first.getLocation(), _) and v.getAnAttribute() = beforeFirst From d584e309b212ad29e05e74a4a0760fb567ed92e7 Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Mon, 18 Nov 2024 13:12:44 +0900 Subject: [PATCH 2242/2573] Consider feedback on #789 --- .../rules/A7-1-2/VariableMissingConstexpr.ql | 17 ++++++++++---- .../A7-1-2/VariableMissingConstexpr.expected | 5 ++-- cpp/autosar/test/rules/A7-1-2/test.cpp | 23 +++++-------------- 3 files changed, 21 insertions(+), 24 deletions(-) diff --git a/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql b/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql index b051965a56..a07dbd43f7 100644 --- a/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql +++ b/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql @@ -35,18 +35,24 @@ predicate isTypeZeroInitializable(Type t) { t.getUnderlyingType() instanceof ArrayType } -from Variable v +from Variable v, string msg where not isExcluded(v, ConstPackage::variableMissingConstexprQuery()) and v.hasDefinition() and not v.isConstexpr() and not v instanceof Parameter and not v.isAffectedByMacro() and - // Don't consider non-static member variables. ( not v instanceof MemberVariable or - v.isStatic() + // In case member functions are left un-instantiated, it is possible + // the member variable could be modified in them. + // Hence, don't raise an alert in case this member variable's class + // has a member function that doesn't have a definition. + not exists(MemberFunction mf | + mf.getDeclaringType() = v.getDeclaringType() and + mf.isFromUninstantiatedTemplate(_) + ) ) and isLiteralType(v.getType()) and // Unfortunately, `isConstant` is not sufficient here because it doesn't include calls to @@ -72,5 +78,6 @@ where // Exclude variables in uninstantiated templates, as they may be incomplete not v.isFromUninstantiatedTemplate(_) and // Exclude compiler generated variables, which are not user controllable - not v.isCompilerGenerated() -select v, "Variable '" + v.getName() + "' could be marked 'constexpr'." + not v.isCompilerGenerated() and + if v instanceof MemberVariable and not v.isStatic() then msg = " and static." else msg = "." +select v, "Variable '" + v.getName() + "' could be marked 'constexpr'" + msg diff --git a/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected b/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected index ee33044a2d..31c26a11ff 100644 --- a/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected +++ b/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected @@ -7,8 +7,9 @@ | test.cpp:41:14:41:15 | l2 | Variable 'l2' could be marked 'constexpr'. | | test.cpp:44:16:44:17 | lc | Variable 'lc' could be marked 'constexpr'. | | test.cpp:45:17:45:19 | lc2 | Variable 'lc2' could be marked 'constexpr'. | -| test.cpp:55:20:55:21 | m2 | Variable 'm2' could be marked 'constexpr'. | -| test.cpp:143:5:143:20 | m1 | Variable 'm1' could be marked 'constexpr'. | +| test.cpp:55:7:55:8 | m2 | Variable 'm2' could be marked 'constexpr' and static. | +| test.cpp:130:7:130:8 | m1 | Variable 'm1' could be marked 'constexpr' and static. | +| test.cpp:141:7:141:8 | m1 | Variable 'm1' could be marked 'constexpr' and static. | | test.cpp:221:7:221:8 | l1 | Variable 'l1' could be marked 'constexpr'. | | test.cpp:235:7:235:8 | l6 | Variable 'l6' could be marked 'constexpr'. | | test.cpp:237:7:237:8 | l8 | Variable 'l8' could be marked 'constexpr'. | diff --git a/cpp/autosar/test/rules/A7-1-2/test.cpp b/cpp/autosar/test/rules/A7-1-2/test.cpp index 3b45516bc3..1bbe32a933 100644 --- a/cpp/autosar/test/rules/A7-1-2/test.cpp +++ b/cpp/autosar/test/rules/A7-1-2/test.cpp @@ -51,9 +51,9 @@ class MemberConstExpr { MemberConstExpr(int p3) : m3(p3) {} private: - int m1; // COMPLIANT - is not always zero initialized - static const int m2 = 0; // NON_COMPLIANT - int m3 = 0; // COMPLIANT - can be set by constructor + int m1; // COMPLIANT - is not always zero initialized + int m2 = 0; // NON_COMPLIANT + int m3 = 0; // COMPLIANT - can be set by constructor }; int h1(int x, int y) { // NON_COMPLIANT @@ -127,7 +127,7 @@ class MissingConstexprClass { MissingConstexprClass(int i) = delete; // NON_COMPLIANT MissingConstexprClass(int i, LiteralClass lc) {} // NON_COMPLIANT private: - int m1 = 0; // COMPLIANT - non-static member variable + int m1 = 0; }; class VirtualBaseClass {}; @@ -138,9 +138,9 @@ class DerivedClass : public virtual VirtualBaseClass { DerivedClass(int i) = delete; // COMPLIANT DerivedClass(int i, LiteralClass lc) {} // COMPLIANT private: - static int m1; // NON_COMPLAINT - static member variable can be constexpr + int m1 = 0; }; -int DerivedClass::m1 = 0; + class NotAllMembersInitializedClass { public: NotAllMembersInitializedClass() = default; // COMPLIANT @@ -275,14 +275,3 @@ template T *init() { } void test_template_instantiation() { int *t = init(); } - -#include -#include -void a_function() { - auto origin = std::vector{1, 2, 3, 4, 5, 6, 7, 8, 9}; - auto values = std::vector>{}; - for (auto &value : - origin) { // Sometimes, CodeQL reports "value" should be constexpr - values.emplace_back(std::make_unique(value)); - } -} From e736cb0dd3c50a7648b89c66f7a2b6f2ad52b468 Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Mon, 18 Nov 2024 13:18:14 +0900 Subject: [PATCH 2243/2573] Update change notes --- change_notes/2024-11-11-fix-fp-789.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/change_notes/2024-11-11-fix-fp-789.md b/change_notes/2024-11-11-fix-fp-789.md index 6ba34dbd7c..b06ebb9b11 100644 --- a/change_notes/2024-11-11-fix-fp-789.md +++ b/change_notes/2024-11-11-fix-fp-789.md @@ -1,2 +1,3 @@ - `A7-1-2` - `VariableMissingConstexpr.ql`: - - Fixes #789. Doesn't alert on non-static member variables and compiler generated variables of range based for-loops. + - Do not report on member variables if the class has un-instantiated member function(s). + - Check a call's qualifier as well whether it can be compile time evaluated or not. From 06ba26dca5afee4bd7a708ea2e0ab01e36f26007 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Sun, 17 Nov 2024 22:03:28 -0800 Subject: [PATCH 2244/2573] Address feedback --- ...ointersToVariablyModifiedArrayTypesUsed.ql | 79 +---------------- .../RULE-18-8/VariableLengthArrayTypesUsed.ql | 6 +- ...rayToPointerConversionOfTemporaryObject.ql | 28 ++---- .../cpp/VariablyModifiedTypes.qll | 85 +++++++++++++++++-- .../cpp/lifetimes/CLifetimes.qll | 2 +- 5 files changed, 92 insertions(+), 108 deletions(-) diff --git a/c/misra/src/rules/RULE-18-10/PointersToVariablyModifiedArrayTypesUsed.ql b/c/misra/src/rules/RULE-18-10/PointersToVariablyModifiedArrayTypesUsed.ql index fec8f5d2e1..6ca2289c67 100644 --- a/c/misra/src/rules/RULE-18-10/PointersToVariablyModifiedArrayTypesUsed.ql +++ b/c/misra/src/rules/RULE-18-10/PointersToVariablyModifiedArrayTypesUsed.ql @@ -18,84 +18,11 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.VariablyModifiedTypes -/** - * Check that the declaration entry, which may be a parameter or a variable - * etc., seems to subsume the location of `inner`, including the declaration - * type text. - * - * The location of the `DeclarationEntry` itself points to the _identifier_ - * that is declared. This range will not include the type of the declaration. - * - * For parameters, the `before` and `end` `Location` objects will be - * constrained to the closest earlier element (parameter or function body), - * these values can therefore be captured and inspected for debugging. - * - * For declarations which occur in statements, the `before` and `end` - * `Location` objects will be both constrained to be equal, and equal to, - * the `Location` of the containing `DeclStmt`. - */ -predicate declarationSubsumes( - DeclarationEntry entry, Location inner, Location before, Location after -) { - inner.getFile() = entry.getLocation().getFile() and - ( - exists(ParameterDeclarationEntry param, FunctionDeclarationEntry func, int i | - param = entry and - func = param.getFunctionDeclarationEntry() and - func.getParameterDeclarationEntry(i) = param and - before = entry.getLocation() and - ( - after = func.getParameterDeclarationEntry(i + 1).getLocation() - or - not exists(ParameterDeclarationEntry afterParam | - afterParam = func.getParameterDeclarationEntry(i + 1) - ) and - after = func.getBlock().getLocation() - ) - ) and - before.isBefore(inner, _) and - inner.isBefore(after, _) - or - exists(DeclStmt s | - s.getADeclaration() = entry.getDeclaration() and - before = s.getLocation() and - after = before and - before.subsumes(inner) - ) - ) -} - -/** - * A declaration involving a pointer to a variably-modified type. - */ -class InvalidDeclaration extends DeclarationEntry { - Expr sizeExpr; - CandidateVlaType vlaType; - // `before` and `after` are captured for debugging, see doc comment for - // `declarationSubsumes`. - Location before; - Location after; - - InvalidDeclaration() { - sizeExpr = any(VlaDimensionStmt vla).getDimensionExpr() and - declarationSubsumes(this, sizeExpr.getLocation(), before, after) and - ( - if this instanceof ParameterDeclarationEntry - then vlaType = this.getType().(VariablyModifiedTypeIfAdjusted).getInnerVlaType() - else vlaType = this.getType().(VariablyModifiedTypeIfUnadjusted).getInnerVlaType() - ) and - // Capture only pointers to VLA types, not raw VLA types. - not vlaType = this.getType() - } - - Expr getSizeExpr() { result = sizeExpr } - - CandidateVlaType getVlaType() { result = vlaType } -} - -from InvalidDeclaration v, string declstr, string adjuststr, string relationstr +from VmtDeclarationEntry v, string declstr, string adjuststr, string relationstr where not isExcluded(v, InvalidMemory3Package::pointersToVariablyModifiedArrayTypesUsedQuery()) and + // Capture only pointers to VLA types, not raw VLA types. + not v.getVlaType() = v.getType() and ( if v instanceof ParameterDeclarationEntry then declstr = "Parameter " diff --git a/c/misra/src/rules/RULE-18-8/VariableLengthArrayTypesUsed.ql b/c/misra/src/rules/RULE-18-8/VariableLengthArrayTypesUsed.ql index 96fbf697af..8e599f39f7 100644 --- a/c/misra/src/rules/RULE-18-8/VariableLengthArrayTypesUsed.ql +++ b/c/misra/src/rules/RULE-18-8/VariableLengthArrayTypesUsed.ql @@ -20,9 +20,11 @@ where not isExcluded(v, Declarations7Package::variableLengthArrayTypesUsedQuery()) and size = v.getVlaDimensionStmt(0).getDimensionExpr() and ( - arrayType = v.getVariable().getType() + // Holds is if v is a variable declaration: + arrayType = v.getVariable().getType().stripTopLevelSpecifiers() or - arrayType = v.getType().getUnspecifiedType() + // Holds is if v is a typedef declaration: + arrayType = v.getType().stripTopLevelSpecifiers() ) and typeStr = arrayType.getBaseType().toString() select v, "Variable length array of element type '" + typeStr + "' with non-constant size $@.", diff --git a/c/misra/src/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.ql b/c/misra/src/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.ql index 7df4e5371c..a64ccd44ff 100644 --- a/c/misra/src/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.ql +++ b/c/misra/src/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.ql @@ -18,32 +18,20 @@ import codingstandards.c.misra import codingstandards.cpp.lifetimes.CLifetimes /** - * Get the expression(s) whose value is "used" by this expression. + * Holds if the value of an expression is used or stored. * * For instance, `(x)` does not use any values, but `x + y` uses `x` and `y`. * * A pointer-to-array conversion does not need to be flagged if the result of * that conversion is not used or stored. */ -Expr usedValuesOf(Expr expr) { - result = expr.(BinaryOperation).getLeftOperand() +predicate isUsedOrStored(Expr e) { + e = any(Operation o).getAnOperand() or - result = expr.(BinaryOperation).getRightOperand() + e = any(ConditionalExpr c).getCondition() or - result = expr.(UnaryOperation).getOperand() + e = any(Call c).getAnArgument() or - result = expr.(ConditionalExpr).getCondition() - or - result = expr.(Call).getAnArgument() -} - -/** - * Get the expression(s) whose value is stored by this declaration. - * - * A pointer-to-array conversion does not need to be flagged if the result of - * that conversion is not used or stored. - */ -predicate isStored(Expr e) { e = any(VariableDeclarationEntry d).getDeclaration().getInitializer().getExpr() or e = any(ClassAggregateLiteral l).getAFieldExpr(_) @@ -77,10 +65,6 @@ where not isExcluded(conversion, InvalidMemory3Package::arrayToPointerConversionOfTemporaryObjectQuery()) and fa.getTemporary() = temporary and conversion.getExpr() = fa and - ( - temporaryObjectFlowStep*(conversion.getExpr()) = usedValuesOf(any(Expr e)) - or - isStored(temporaryObjectFlowStep*(conversion.getExpr())) - ) + isUsedOrStored(temporaryObjectFlowStep*(conversion.getExpr())) select conversion, "Array to pointer conversion of array $@ from temporary object $@", fa.getTarget(), fa.getTarget().getName(), temporary, temporary.toString() diff --git a/cpp/common/src/codingstandards/cpp/VariablyModifiedTypes.qll b/cpp/common/src/codingstandards/cpp/VariablyModifiedTypes.qll index 730a52d763..c0fb3a3db6 100644 --- a/cpp/common/src/codingstandards/cpp/VariablyModifiedTypes.qll +++ b/cpp/common/src/codingstandards/cpp/VariablyModifiedTypes.qll @@ -1,5 +1,82 @@ import cpp +/** + * A declaration involving a variably-modified type. + */ +class VmtDeclarationEntry extends DeclarationEntry { + Expr sizeExpr; + CandidateVlaType vlaType; + // `before` and `after` are captured for debugging, see doc comment for + // `declarationSubsumes`. + Location before; + Location after; + + VmtDeclarationEntry() { + // Most of this library looks for candidate VLA types, by looking for arrays + // without a size. These may or may not be VLA types. To confirm an a + // candidate type is really a VLA type, we check that the location of the + // declaration subsumes a `VlaDimensionStmt` which indicates a real VLA. + sizeExpr = any(VlaDimensionStmt vla).getDimensionExpr() and + declarationSubsumes(this, sizeExpr.getLocation(), before, after) and + ( + if this instanceof ParameterDeclarationEntry + then vlaType = this.getType().(VariablyModifiedTypeIfAdjusted).getInnerVlaType() + else vlaType = this.getType().(VariablyModifiedTypeIfUnadjusted).getInnerVlaType() + ) + } + + Expr getSizeExpr() { result = sizeExpr } + + CandidateVlaType getVlaType() { result = vlaType } +} + +/** + * Check that the declaration entry, which may be a parameter or a variable + * etc., seems to subsume the location of `inner`, including the declaration + * type text. + * + * The location of the `DeclarationEntry` itself points to the _identifier_ + * that is declared. This range will not include the type of the declaration. + * + * For parameters, the `before` and `end` `Location` objects will be + * constrained to the closest earlier element (parameter or function body), + * these values can therefore be captured and inspected for debugging. + * + * For declarations which occur in statements, the `before` and `end` + * `Location` objects will be both constrained to be equal, and equal to, + * the `Location` of the containing `DeclStmt`. + */ +private predicate declarationSubsumes( + DeclarationEntry entry, Location inner, Location before, Location after +) { + inner.getFile() = entry.getLocation().getFile() and + ( + exists(ParameterDeclarationEntry param, FunctionDeclarationEntry func, int i | + param = entry and + func = param.getFunctionDeclarationEntry() and + func.getParameterDeclarationEntry(i) = param and + before = entry.getLocation() and + ( + after = func.getParameterDeclarationEntry(i + 1).getLocation() + or + not exists(ParameterDeclarationEntry afterParam | + afterParam = func.getParameterDeclarationEntry(i + 1) + ) and + after = func.getBlock().getLocation() + ) + ) and + before.isBefore(inner, _) and + inner.isBefore(after, _) + or + exists(DeclStmt s | + s.getADeclaration() = entry.getDeclaration() and + before = s.getLocation() and + after = before and + before.subsumes(inner) + ) + ) +} + /** * A candidate to be a variably length array type (VLA). * @@ -90,19 +167,13 @@ class NoAdjustmentVariablyModifiedType extends Type { NoAdjustmentVariablyModifiedType() { exists(Type innerType | ( - innerType = this.(PointerType).getBaseType() - or - innerType = this.(ArrayType).getBaseType() + innerType = this.(DerivedType).getBaseType() or innerType = this.(RoutineType).getReturnType() or - innerType = this.(RoutineType).getAParameterType() - or innerType = this.(FunctionPointerType).getReturnType() or innerType = this.(TypedefType).getBaseType() - or - innerType = this.(SpecifiedType).getBaseType() ) and vlaType = innerType.(VariablyModifiedTypeIfUnadjusted).getInnerVlaType() ) diff --git a/cpp/common/src/codingstandards/cpp/lifetimes/CLifetimes.qll b/cpp/common/src/codingstandards/cpp/lifetimes/CLifetimes.qll index d27034f50d..9282260fb9 100644 --- a/cpp/common/src/codingstandards/cpp/lifetimes/CLifetimes.qll +++ b/cpp/common/src/codingstandards/cpp/lifetimes/CLifetimes.qll @@ -25,7 +25,7 @@ class TemporaryLifetimeExpr extends Expr { getUnconverted().getUnspecifiedType() instanceof StructOrUnionTypeWithArrayField and not isCLValue(this) or - this.(ArrayExpr).getArrayBase() instanceof TemporaryLifetimeArrayAccess + this.getUnconverted().(ArrayExpr).getArrayBase() instanceof TemporaryLifetimeArrayAccess } } From 0ec29359aaf921e5bc6c9af3b41327106f32542e Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Sun, 17 Nov 2024 22:05:43 -0800 Subject: [PATCH 2245/2573] fix format --- .../RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/misra/src/rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.ql b/c/misra/src/rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.ql index 2969c0ea06..878bfeeeaf 100644 --- a/c/misra/src/rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.ql +++ b/c/misra/src/rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.ql @@ -18,7 +18,7 @@ import codingstandards.c.misra import semmle.code.cpp.valuenumbering.HashCons predicate lexicallyEqual(AttributeArgument a, AttributeArgument b) { - hashCons(a.getValueConstant()) = hashCons(b.getValueConstant()) or + hashCons(a.getValueConstant()) = hashCons(b.getValueConstant()) or a.getValueType() = b.getValueType() } From 9ff699b63c073f5be42b6007864e605a01bc9dc1 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Sun, 17 Nov 2024 16:58:14 -0800 Subject: [PATCH 2246/2573] Implement Concurrency7 package --- .../includes/standard-library/stdatomic.h | 1 + .../TimedlockOnInappropriateMutexType.ql | 74 +++++++++++++++++++ .../RULE-9-7/UninitializedAtomicObject.ql | 73 ++++++++++++++++++ ...TimedlockOnInappropriateMutexType.expected | 45 +++++++++++ .../TimedlockOnInappropriateMutexType.qlref | 1 + c/misra/test/rules/RULE-21-26/test.c | 45 +++++++++++ .../UninitializedAtomicObject.expected | 3 + .../RULE-9-7/UninitializedAtomicObject.qlref | 1 + c/misra/test/rules/RULE-9-7/test.c | 34 +++++++++ .../cpp/exclusions/c/Concurrency7.qll | 44 +++++++++++ .../cpp/exclusions/c/RuleMetadata.qll | 3 + rule_packages/c/Concurrency7.json | 45 +++++++++++ rules.csv | 4 +- 13 files changed, 371 insertions(+), 2 deletions(-) create mode 100644 c/misra/src/rules/RULE-21-26/TimedlockOnInappropriateMutexType.ql create mode 100644 c/misra/src/rules/RULE-9-7/UninitializedAtomicObject.ql create mode 100644 c/misra/test/rules/RULE-21-26/TimedlockOnInappropriateMutexType.expected create mode 100644 c/misra/test/rules/RULE-21-26/TimedlockOnInappropriateMutexType.qlref create mode 100644 c/misra/test/rules/RULE-21-26/test.c create mode 100644 c/misra/test/rules/RULE-9-7/UninitializedAtomicObject.expected create mode 100644 c/misra/test/rules/RULE-9-7/UninitializedAtomicObject.qlref create mode 100644 c/misra/test/rules/RULE-9-7/test.c create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency7.qll create mode 100644 rule_packages/c/Concurrency7.json diff --git a/c/common/test/includes/standard-library/stdatomic.h b/c/common/test/includes/standard-library/stdatomic.h index 66b74ae61a..229b8db906 100644 --- a/c/common/test/includes/standard-library/stdatomic.h +++ b/c/common/test/includes/standard-library/stdatomic.h @@ -5,5 +5,6 @@ #define atomic_store(a, b) 0 #define atomic_store_explicit(a, b, c) 0 #define ATOMIC_VAR_INIT(value) (value) +#define atomic_init __c11_atomic_init #define atomic_is_lock_free(obj) __c11_atomic_is_lock_free(sizeof(*(obj))) typedef _Atomic(int) atomic_int; \ No newline at end of file diff --git a/c/misra/src/rules/RULE-21-26/TimedlockOnInappropriateMutexType.ql b/c/misra/src/rules/RULE-21-26/TimedlockOnInappropriateMutexType.ql new file mode 100644 index 0000000000..d8d465045e --- /dev/null +++ b/c/misra/src/rules/RULE-21-26/TimedlockOnInappropriateMutexType.ql @@ -0,0 +1,74 @@ +/** + * @id c/misra/timedlock-on-inappropriate-mutex-type + * @name RULE-21-26: The Standard Library function mtx_timedlock() shall only be invoked on mutexes of type mtx_timed + * @description The Standard Library function mtx_timedlock() shall only be invoked on mutex objects + * of appropriate mutex type + * @kind path-problem + * @precision high + * @problem.severity error + * @tags external/misra/id/rule-21-26 + * correctness + * concurrency + * external/misra/c/2012/amendment4 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import semmle.code.cpp.dataflow.new.DataFlow + +class MutexTimed extends EnumConstant { + MutexTimed() { hasName("mtx_timed") } +} + +class MutexInitCall extends FunctionCall { + Expr mutexExpr; + Expr mutexTypeExpr; + + MutexInitCall() { + getTarget().hasName("mtx_init") and + mutexExpr = getArgument(0) and + mutexTypeExpr = getArgument(1) + } + + predicate isTimedMutexType() { + exists(EnumConstantAccess baseTypeAccess | + ( + baseTypeAccess = mutexTypeExpr + or + baseTypeAccess = mutexTypeExpr.(BinaryBitwiseOperation).getAnOperand() + ) and + baseTypeAccess.getTarget() instanceof MutexTimed + ) + or + mutexTypeExpr.getValue().toInt() = any(MutexTimed m).getValue().toInt() + } + + Expr getMutexExpr() { result = mutexExpr } +} + +module MutexTimedlockFlowConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node node) { + exists(MutexInitCall init | + node.asDefiningArgument() = init.getMutexExpr() and not init.isTimedMutexType() + ) + } + + predicate isSink(DataFlow::Node node) { + exists(FunctionCall fc | + fc.getTarget().hasName("mtx_timedlock") and + node.asIndirectExpr() = fc.getArgument(0) + ) + } +} + +module Flow = DataFlow::Global; + +import Flow::PathGraph + +from Flow::PathNode source, Flow::PathNode sink +where + not isExcluded(sink.getNode().asExpr(), + Concurrency7Package::timedlockOnInappropriateMutexTypeQuery()) and + Flow::flowPath(source, sink) +select sink.getNode(), source, sink, "Call to mtx_timedlock with mutex not of type 'mtx_timed'." diff --git a/c/misra/src/rules/RULE-9-7/UninitializedAtomicObject.ql b/c/misra/src/rules/RULE-9-7/UninitializedAtomicObject.ql new file mode 100644 index 0000000000..40f833a740 --- /dev/null +++ b/c/misra/src/rules/RULE-9-7/UninitializedAtomicObject.ql @@ -0,0 +1,73 @@ +/** + * @id c/misra/uninitialized-atomic-object + * @name RULE-9-7: Atomic objects shall be appropriately initialized before being accessed + * @description Atomic objects that do not have static storage duration shall be initialized with a + * value or by using 'atomic_init()'. + * @kind problem + * @precision high + * @problem.severity warning + * @tags external/misra/id/rule-9-7 + * concurrency + * external/misra/c/2012/amendment4 + * external/misra/obligation/mandatory + */ + +import cpp +import codingstandards.c.misra +import semmle.code.cpp.controlflow.Dominance + +class ThreadSpawningFunction extends Function { + ThreadSpawningFunction() { + this.hasName("pthread_create") or + this.hasName("thrd_create") or + exists(FunctionCall fc | + fc.getTarget() instanceof ThreadSpawningFunction and + fc.getEnclosingFunction() = this) + } +} + +class AtomicInitAddressOfExpr extends FunctionCall { + Expr addressedExpr; + + AtomicInitAddressOfExpr() { + exists(AddressOfExpr addrOf | + getArgument(0) = addrOf and + addrOf.getOperand() = addressedExpr and + getTarget().getName() = "__c11_atomic_init" + ) + } + + Expr getAddressedExpr() { + result = addressedExpr + } +} + +ControlFlowNode getARequiredInitializationPoint(LocalScopeVariable v) { + result = v.getParentScope().(BlockStmt).getFollowingStmt() + or + exists(DeclStmt decl | + decl.getADeclaration() = v and + result = any(FunctionCall fc + | fc.getTarget() instanceof ThreadSpawningFunction and + fc.getEnclosingBlock().getEnclosingBlock*() = v.getParentScope() and + fc.getAPredecessor*() = decl + ) + ) +} + +from VariableDeclarationEntry decl, Variable v +where + not isExcluded(decl, Concurrency7Package::uninitializedAtomicObjectQuery()) and + v = decl.getVariable() and + v.getUnderlyingType().hasSpecifier("atomic") and + not v.isTopLevel() and + not exists(v.getInitializer()) and + exists(ControlFlowNode missingInitPoint | + missingInitPoint = getARequiredInitializationPoint(v) + and not exists(AtomicInitAddressOfExpr initialization | + initialization.getAddressedExpr().(VariableAccess).getTarget() = v and + dominates(initialization, missingInitPoint) + ) + ) +select decl, + "Atomic object '" + v.getName() + "' has no initializer or corresponding use of 'atomic_init()'." diff --git a/c/misra/test/rules/RULE-21-26/TimedlockOnInappropriateMutexType.expected b/c/misra/test/rules/RULE-21-26/TimedlockOnInappropriateMutexType.expected new file mode 100644 index 0000000000..442f20bf73 --- /dev/null +++ b/c/misra/test/rules/RULE-21-26/TimedlockOnInappropriateMutexType.expected @@ -0,0 +1,45 @@ +edges +| test.c:10:24:10:24 | *m | test.c:10:43:10:43 | *m | provenance | | +| test.c:13:12:13:14 | mtx_init output argument | test.c:14:17:14:19 | *& ... | provenance | | +| test.c:13:12:13:14 | mtx_init output argument | test.c:15:14:15:16 | *& ... | provenance | | +| test.c:15:14:15:16 | *& ... | test.c:10:24:10:24 | *m | provenance | | +| test.c:17:12:17:14 | mtx_init output argument | test.c:18:17:18:19 | *& ... | provenance | | +| test.c:17:12:17:14 | mtx_init output argument | test.c:19:14:19:16 | *& ... | provenance | | +| test.c:19:14:19:16 | *& ... | test.c:10:24:10:24 | *m | provenance | | +| test.c:30:12:30:14 | mtx_init output argument | test.c:31:17:31:19 | *& ... | provenance | | +| test.c:30:12:30:14 | mtx_init output argument | test.c:32:14:32:16 | *& ... | provenance | | +| test.c:32:14:32:16 | *& ... | test.c:10:24:10:24 | *m | provenance | | +| test.c:42:12:42:16 | mtx_init output argument | test.c:42:13:42:14 | *l3 [post update] [m] | provenance | | +| test.c:42:13:42:14 | *l3 [post update] [m] | test.c:43:18:43:19 | *l3 [m] | provenance | | +| test.c:42:13:42:14 | *l3 [post update] [m] | test.c:44:15:44:16 | *l3 [m] | provenance | | +| test.c:43:18:43:19 | *l3 [m] | test.c:43:17:43:21 | *& ... | provenance | | +| test.c:44:14:44:18 | *& ... | test.c:10:24:10:24 | *m | provenance | | +| test.c:44:15:44:16 | *l3 [m] | test.c:44:14:44:18 | *& ... | provenance | | +nodes +| test.c:10:24:10:24 | *m | semmle.label | *m | +| test.c:10:43:10:43 | *m | semmle.label | *m | +| test.c:13:12:13:14 | mtx_init output argument | semmle.label | mtx_init output argument | +| test.c:14:17:14:19 | *& ... | semmle.label | *& ... | +| test.c:15:14:15:16 | *& ... | semmle.label | *& ... | +| test.c:17:12:17:14 | mtx_init output argument | semmle.label | mtx_init output argument | +| test.c:18:17:18:19 | *& ... | semmle.label | *& ... | +| test.c:19:14:19:16 | *& ... | semmle.label | *& ... | +| test.c:30:12:30:14 | mtx_init output argument | semmle.label | mtx_init output argument | +| test.c:31:17:31:19 | *& ... | semmle.label | *& ... | +| test.c:32:14:32:16 | *& ... | semmle.label | *& ... | +| test.c:42:12:42:16 | mtx_init output argument | semmle.label | mtx_init output argument | +| test.c:42:13:42:14 | *l3 [post update] [m] | semmle.label | *l3 [post update] [m] | +| test.c:43:17:43:21 | *& ... | semmle.label | *& ... | +| test.c:43:18:43:19 | *l3 [m] | semmle.label | *l3 [m] | +| test.c:44:14:44:18 | *& ... | semmle.label | *& ... | +| test.c:44:15:44:16 | *l3 [m] | semmle.label | *l3 [m] | +subpaths +#select +| test.c:10:43:10:43 | *m | test.c:13:12:13:14 | mtx_init output argument | test.c:10:43:10:43 | *m | Call to mtx_timedlock with mutex not of type 'mtx_timed'. | +| test.c:10:43:10:43 | *m | test.c:17:12:17:14 | mtx_init output argument | test.c:10:43:10:43 | *m | Call to mtx_timedlock with mutex not of type 'mtx_timed'. | +| test.c:10:43:10:43 | *m | test.c:30:12:30:14 | mtx_init output argument | test.c:10:43:10:43 | *m | Call to mtx_timedlock with mutex not of type 'mtx_timed'. | +| test.c:10:43:10:43 | *m | test.c:42:12:42:16 | mtx_init output argument | test.c:10:43:10:43 | *m | Call to mtx_timedlock with mutex not of type 'mtx_timed'. | +| test.c:14:17:14:19 | *& ... | test.c:13:12:13:14 | mtx_init output argument | test.c:14:17:14:19 | *& ... | Call to mtx_timedlock with mutex not of type 'mtx_timed'. | +| test.c:18:17:18:19 | *& ... | test.c:17:12:17:14 | mtx_init output argument | test.c:18:17:18:19 | *& ... | Call to mtx_timedlock with mutex not of type 'mtx_timed'. | +| test.c:31:17:31:19 | *& ... | test.c:30:12:30:14 | mtx_init output argument | test.c:31:17:31:19 | *& ... | Call to mtx_timedlock with mutex not of type 'mtx_timed'. | +| test.c:43:17:43:21 | *& ... | test.c:42:12:42:16 | mtx_init output argument | test.c:43:17:43:21 | *& ... | Call to mtx_timedlock with mutex not of type 'mtx_timed'. | diff --git a/c/misra/test/rules/RULE-21-26/TimedlockOnInappropriateMutexType.qlref b/c/misra/test/rules/RULE-21-26/TimedlockOnInappropriateMutexType.qlref new file mode 100644 index 0000000000..9ffe7e7494 --- /dev/null +++ b/c/misra/test/rules/RULE-21-26/TimedlockOnInappropriateMutexType.qlref @@ -0,0 +1 @@ +rules/RULE-21-26/TimedlockOnInappropriateMutexType.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-26/test.c b/c/misra/test/rules/RULE-21-26/test.c new file mode 100644 index 0000000000..d26f9c1f2f --- /dev/null +++ b/c/misra/test/rules/RULE-21-26/test.c @@ -0,0 +1,45 @@ +#include "threads.h" + +mtx_t g1; +mtx_t g2; +mtx_t g3; +mtx_t g4; + +struct timespec ts = {0, 0}; + +void doTimeLock(mtx_t *m) { mtx_timedlock(m, &ts); } + +void main(void) { + mtx_init(&g1, mtx_plain); + mtx_timedlock(&g1, &ts); // NON-COMPLIANT + doTimeLock(&g1); // NON-COMPLIANT + + mtx_init(&g2, mtx_plain | mtx_recursive); + mtx_timedlock(&g2, &ts); // NON-COMPLIANT + doTimeLock(&g2); // NON-COMPLIANT + + mtx_init(&g3, mtx_timed); + mtx_timedlock(&g3, &ts); // COMPLIANT + doTimeLock(&g3); // COMPLIANT + + mtx_init(&g4, mtx_timed | mtx_recursive); + mtx_timedlock(&g4, &ts); // COMPLIANT + doTimeLock(&g4); // COMPLIANT + + mtx_t l1; + mtx_init(&l1, mtx_plain); + mtx_timedlock(&l1, &ts); // NON-COMPLIANT + doTimeLock(&l1); // NON-COMPLIANT + + mtx_t l2; + mtx_init(&l2, mtx_timed); + mtx_timedlock(&l2, &ts); // COMPLIANT + doTimeLock(&l2); // COMPLIANT + + struct s { + mtx_t m; + } l3; + mtx_init(&l3.m, mtx_plain); + mtx_timedlock(&l3.m, &ts); // NON-COMPLIANT + doTimeLock(&l3.m); // NON-COMPLIANT +} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-9-7/UninitializedAtomicObject.expected b/c/misra/test/rules/RULE-9-7/UninitializedAtomicObject.expected new file mode 100644 index 0000000000..89facda9bb --- /dev/null +++ b/c/misra/test/rules/RULE-9-7/UninitializedAtomicObject.expected @@ -0,0 +1,3 @@ +| test.c:22:15:22:16 | definition of l3 | Atomic object 'l3' has no initializer or corresponding use of 'atomic_init()'. | +| test.c:25:15:25:16 | definition of l4 | Atomic object 'l4' has no initializer or corresponding use of 'atomic_init()'. | +| test.c:29:15:29:16 | definition of l5 | Atomic object 'l5' has no initializer or corresponding use of 'atomic_init()'. | diff --git a/c/misra/test/rules/RULE-9-7/UninitializedAtomicObject.qlref b/c/misra/test/rules/RULE-9-7/UninitializedAtomicObject.qlref new file mode 100644 index 0000000000..11219b0741 --- /dev/null +++ b/c/misra/test/rules/RULE-9-7/UninitializedAtomicObject.qlref @@ -0,0 +1 @@ +rules/RULE-9-7/UninitializedAtomicObject.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-9-7/test.c b/c/misra/test/rules/RULE-9-7/test.c new file mode 100644 index 0000000000..5b3d8e36ec --- /dev/null +++ b/c/misra/test/rules/RULE-9-7/test.c @@ -0,0 +1,34 @@ +#include "stdatomic.h" +#include "threads.h" + +_Atomic int g1; // COMPLIANT +_Atomic int g2 = 0; // COMPLIANT + +void f_thread(void *x); + +void f_starts_thread() { + thrd_t t; + thrd_create(&t, f_thread, 0); +} + +void main() { + _Atomic int l1 = 1; // COMPLIANT + f_starts_thread(); + + _Atomic int l2; // COMPLIANT + atomic_init(&l2, 0); + f_starts_thread(); + + _Atomic int l3; // NON-COMPLIANT + f_starts_thread(); + + _Atomic int l4; // NON-COMPLIANT + f_starts_thread(); + atomic_init(&l4, 0); + + _Atomic int l5; // NON-COMPLIANT + if (g1 == 0) { + atomic_init(&l5, 0); + } + f_starts_thread(); +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency7.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency7.qll new file mode 100644 index 0000000000..ba492b2a6b --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency7.qll @@ -0,0 +1,44 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype Concurrency7Query = + TUninitializedAtomicObjectQuery() or + TTimedlockOnInappropriateMutexTypeQuery() + +predicate isConcurrency7QueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `uninitializedAtomicObject` query + Concurrency7Package::uninitializedAtomicObjectQuery() and + queryId = + // `@id` for the `uninitializedAtomicObject` query + "c/misra/uninitialized-atomic-object" and + ruleId = "RULE-9-7" and + category = "mandatory" + or + query = + // `Query` instance for the `timedlockOnInappropriateMutexType` query + Concurrency7Package::timedlockOnInappropriateMutexTypeQuery() and + queryId = + // `@id` for the `timedlockOnInappropriateMutexType` query + "c/misra/timedlock-on-inappropriate-mutex-type" and + ruleId = "RULE-21-26" and + category = "required" +} + +module Concurrency7Package { + Query uninitializedAtomicObjectQuery() { + //autogenerate `Query` type + result = + // `Query` type for `uninitializedAtomicObject` query + TQueryC(TConcurrency7PackageQuery(TUninitializedAtomicObjectQuery())) + } + + Query timedlockOnInappropriateMutexTypeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `timedlockOnInappropriateMutexType` query + TQueryC(TConcurrency7PackageQuery(TTimedlockOnInappropriateMutexTypeQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index 3833533d50..b980584877 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -11,6 +11,7 @@ import Concurrency2 import Concurrency3 import Concurrency4 import Concurrency5 +import Concurrency7 import Contracts1 import Contracts2 import Contracts3 @@ -87,6 +88,7 @@ newtype TCQuery = TConcurrency3PackageQuery(Concurrency3Query q) or TConcurrency4PackageQuery(Concurrency4Query q) or TConcurrency5PackageQuery(Concurrency5Query q) or + TConcurrency7PackageQuery(Concurrency7Query q) or TContracts1PackageQuery(Contracts1Query q) or TContracts2PackageQuery(Contracts2Query q) or TContracts3PackageQuery(Contracts3Query q) or @@ -163,6 +165,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isConcurrency3QueryMetadata(query, queryId, ruleId, category) or isConcurrency4QueryMetadata(query, queryId, ruleId, category) or isConcurrency5QueryMetadata(query, queryId, ruleId, category) or + isConcurrency7QueryMetadata(query, queryId, ruleId, category) or isContracts1QueryMetadata(query, queryId, ruleId, category) or isContracts2QueryMetadata(query, queryId, ruleId, category) or isContracts3QueryMetadata(query, queryId, ruleId, category) or diff --git a/rule_packages/c/Concurrency7.json b/rule_packages/c/Concurrency7.json new file mode 100644 index 0000000000..c544cb88c7 --- /dev/null +++ b/rule_packages/c/Concurrency7.json @@ -0,0 +1,45 @@ +{ + "MISRA-C-2012": { + "RULE-9-7": { + "properties": { + "obligation": "mandatory" + }, + "queries": [ + { + "description": "Atomic objects that do not have static storage duration shall be initialized with a value or by using 'atomic_init()'.", + "kind": "problem", + "name": "Atomic objects shall be appropriately initialized before being accessed", + "precision": "high", + "severity": "warning", + "short_name": "UninitializedAtomicObject", + "tags": [ + "concurrency", + "external/misra/c/2012/amendment4" + ] + } + ], + "title": "Atomic objects shall be appropriately initialized before being accessed" + }, + "RULE-21-26": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "The Standard Library function mtx_timedlock() shall only be invoked on mutex objects of appropriate mutex type", + "kind": "problem", + "name": "The Standard Library function mtx_timedlock() shall only be invoked on mutexes of type mtx_timed", + "precision": "high", + "severity": "error", + "short_name": "TimedlockOnInappropriateMutexType", + "tags": [ + "correctness", + "concurrency", + "external/misra/c/2012/amendment4" + ] + } + ], + "title": "The Standard Library function mtx_timedlock() shall only be invoked on mutex objects of appropriate mutex type" + } + } +} \ No newline at end of file diff --git a/rules.csv b/rules.csv index 475ea1d66c..c07aeb58ed 100644 --- a/rules.csv +++ b/rules.csv @@ -678,7 +678,7 @@ c,MISRA-C-2012,RULE-9-3,Yes,Required,,,Arrays shall not be partially initialized c,MISRA-C-2012,RULE-9-4,Yes,Required,,,An element of an object shall not be initialized more than once,,Memory1,Medium, c,MISRA-C-2012,RULE-9-5,No,Required,,,Where designated initializers are used to initialize an array object the size of the array shall be specified explicitly,,,Medium, c,MISRA-C-2012,RULE-9-6,Yes,Required,,,An initializer using chained designators shall not contain initializers without designators,,Declarations9,Hard, -c,MISRA-C-2012,RULE-9-7,Yes,Mandatory,,,Atomic objects shall be appropriately initialized before being accessed,,Concurrency6,Hard, +c,MISRA-C-2012,RULE-9-7,Yes,Mandatory,,,Atomic objects shall be appropriately initialized before being accessed,,Concurrency7,Hard, c,MISRA-C-2012,RULE-10-1,Yes,Required,,,Operands shall not be of an inappropriate essential type,,EssentialTypes,Hard, c,MISRA-C-2012,RULE-10-2,Yes,Required,,,Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations,,EssentialTypes,Medium, c,MISRA-C-2012,RULE-10-3,Yes,Required,,,The value of an expression shall not be assigned to an object with a narrower essential type or of a different essential type category,,EssentialTypes,Hard, @@ -791,7 +791,7 @@ c,MISRA-C-2012,RULE-21-22,Yes,Mandatory,,,All operand arguments to any type-gene c,MISRA-C-2012,RULE-21-23,Yes,Required,,,All operand arguments to any multi-argument type-generic macros in shall have the same standard type,Rule-21-22,EssentialTypes2,Easy, c,MISRA-C-2012,RULE-21-24,Yes,Required,,,The random number generator functions of shall not be used,MSC30-C,Banned2,Easy, c,MISRA-C-2012,RULE-21-25,Yes,Required,,,All memory synchronization operations shall be executed in sequentially consistent order,,Concurrency6,Medium, -c,MISRA-C-2012,RULE-21-26,Yes,Required,,,The Standard Library function mtx_timedlock() shall only be invoked on mutex objects of appropriate mutex type,,Concurrency6,Hard, +c,MISRA-C-2012,RULE-21-26,Yes,Required,,,The Standard Library function mtx_timedlock() shall only be invoked on mutex objects of appropriate mutex type,,Concurrency8,Hard, c,MISRA-C-2012,RULE-22-1,Yes,Required,,,All resources obtained dynamically by means of Standard Library functions shall be explicitly released,,Memory2,Hard, c,MISRA-C-2012,RULE-22-2,Yes,Mandatory,,,A block of memory shall only be freed if it was allocated by means of a Standard Library function,,Memory2,Hard, c,MISRA-C-2012,RULE-22-3,Yes,Required,,,The same file shall not be open for read and write access at the same time on different streams,,IO3,Hard, From 8a2076e5934d46a0ef70478ffd82b6bc146f884b Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Mon, 18 Nov 2024 00:03:04 -0800 Subject: [PATCH 2247/2573] Fix query metadata --- rule_packages/c/Concurrency7.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rule_packages/c/Concurrency7.json b/rule_packages/c/Concurrency7.json index c544cb88c7..f764468ae3 100644 --- a/rule_packages/c/Concurrency7.json +++ b/rule_packages/c/Concurrency7.json @@ -27,7 +27,7 @@ "queries": [ { "description": "The Standard Library function mtx_timedlock() shall only be invoked on mutex objects of appropriate mutex type", - "kind": "problem", + "kind": "path-problem", "name": "The Standard Library function mtx_timedlock() shall only be invoked on mutexes of type mtx_timed", "precision": "high", "severity": "error", From 6f36b1c322d9c48599de3bc6829aeaa158c76704 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Mon, 18 Nov 2024 12:48:30 -0800 Subject: [PATCH 2248/2573] Fix query metadata, format --- .../TimedlockOnInappropriateMutexType.ql | 2 +- .../RULE-9-7/UninitializedAtomicObject.ql | 28 ++++++++++--------- rule_packages/c/Concurrency7.json | 2 +- 3 files changed, 17 insertions(+), 15 deletions(-) diff --git a/c/misra/src/rules/RULE-21-26/TimedlockOnInappropriateMutexType.ql b/c/misra/src/rules/RULE-21-26/TimedlockOnInappropriateMutexType.ql index d8d465045e..e6dda61d79 100644 --- a/c/misra/src/rules/RULE-21-26/TimedlockOnInappropriateMutexType.ql +++ b/c/misra/src/rules/RULE-21-26/TimedlockOnInappropriateMutexType.ql @@ -2,7 +2,7 @@ * @id c/misra/timedlock-on-inappropriate-mutex-type * @name RULE-21-26: The Standard Library function mtx_timedlock() shall only be invoked on mutexes of type mtx_timed * @description The Standard Library function mtx_timedlock() shall only be invoked on mutex objects - * of appropriate mutex type + * of appropriate mutex type. * @kind path-problem * @precision high * @problem.severity error diff --git a/c/misra/src/rules/RULE-9-7/UninitializedAtomicObject.ql b/c/misra/src/rules/RULE-9-7/UninitializedAtomicObject.ql index 40f833a740..006e8e8178 100644 --- a/c/misra/src/rules/RULE-9-7/UninitializedAtomicObject.ql +++ b/c/misra/src/rules/RULE-9-7/UninitializedAtomicObject.ql @@ -18,11 +18,14 @@ import semmle.code.cpp.controlflow.Dominance class ThreadSpawningFunction extends Function { ThreadSpawningFunction() { - this.hasName("pthread_create") or - this.hasName("thrd_create") or + this.hasName("pthread_create") + or + this.hasName("thrd_create") + or exists(FunctionCall fc | fc.getTarget() instanceof ThreadSpawningFunction and - fc.getEnclosingFunction() = this) + fc.getEnclosingFunction() = this + ) } } @@ -37,9 +40,7 @@ class AtomicInitAddressOfExpr extends FunctionCall { ) } - Expr getAddressedExpr() { - result = addressedExpr - } + Expr getAddressedExpr() { result = addressedExpr } } ControlFlowNode getARequiredInitializationPoint(LocalScopeVariable v) { @@ -47,11 +48,12 @@ ControlFlowNode getARequiredInitializationPoint(LocalScopeVariable v) { or exists(DeclStmt decl | decl.getADeclaration() = v and - result = any(FunctionCall fc - | fc.getTarget() instanceof ThreadSpawningFunction and - fc.getEnclosingBlock().getEnclosingBlock*() = v.getParentScope() and - fc.getAPredecessor*() = decl - ) + result = + any(FunctionCall fc | + fc.getTarget() instanceof ThreadSpawningFunction and + fc.getEnclosingBlock().getEnclosingBlock*() = v.getParentScope() and + fc.getAPredecessor*() = decl + ) ) } @@ -63,8 +65,8 @@ where not v.isTopLevel() and not exists(v.getInitializer()) and exists(ControlFlowNode missingInitPoint | - missingInitPoint = getARequiredInitializationPoint(v) - and not exists(AtomicInitAddressOfExpr initialization | + missingInitPoint = getARequiredInitializationPoint(v) and + not exists(AtomicInitAddressOfExpr initialization | initialization.getAddressedExpr().(VariableAccess).getTarget() = v and dominates(initialization, missingInitPoint) ) diff --git a/rule_packages/c/Concurrency7.json b/rule_packages/c/Concurrency7.json index f764468ae3..6fdc49984b 100644 --- a/rule_packages/c/Concurrency7.json +++ b/rule_packages/c/Concurrency7.json @@ -26,7 +26,7 @@ }, "queries": [ { - "description": "The Standard Library function mtx_timedlock() shall only be invoked on mutex objects of appropriate mutex type", + "description": "The Standard Library function mtx_timedlock() shall only be invoked on mutex objects of appropriate mutex type.", "kind": "path-problem", "name": "The Standard Library function mtx_timedlock() shall only be invoked on mutexes of type mtx_timed", "precision": "high", From 9ac5159694585358fe6bf267d26b4062350b726f Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Mon, 18 Nov 2024 12:56:07 -0800 Subject: [PATCH 2249/2573] Fix rule 21-26 packages in rules.csv: Concurrency7 not 8. --- rules.csv | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rules.csv b/rules.csv index c07aeb58ed..b914f7cad5 100644 --- a/rules.csv +++ b/rules.csv @@ -791,7 +791,7 @@ c,MISRA-C-2012,RULE-21-22,Yes,Mandatory,,,All operand arguments to any type-gene c,MISRA-C-2012,RULE-21-23,Yes,Required,,,All operand arguments to any multi-argument type-generic macros in shall have the same standard type,Rule-21-22,EssentialTypes2,Easy, c,MISRA-C-2012,RULE-21-24,Yes,Required,,,The random number generator functions of shall not be used,MSC30-C,Banned2,Easy, c,MISRA-C-2012,RULE-21-25,Yes,Required,,,All memory synchronization operations shall be executed in sequentially consistent order,,Concurrency6,Medium, -c,MISRA-C-2012,RULE-21-26,Yes,Required,,,The Standard Library function mtx_timedlock() shall only be invoked on mutex objects of appropriate mutex type,,Concurrency8,Hard, +c,MISRA-C-2012,RULE-21-26,Yes,Required,,,The Standard Library function mtx_timedlock() shall only be invoked on mutex objects of appropriate mutex type,,Concurrency7,Hard, c,MISRA-C-2012,RULE-22-1,Yes,Required,,,All resources obtained dynamically by means of Standard Library functions shall be explicitly released,,Memory2,Hard, c,MISRA-C-2012,RULE-22-2,Yes,Mandatory,,,A block of memory shall only be freed if it was allocated by means of a Standard Library function,,Memory2,Hard, c,MISRA-C-2012,RULE-22-3,Yes,Required,,,The same file shall not be open for read and write access at the same time on different streams,,IO3,Hard, From 492da67c1fa4f08075cbb6d8918abf966690da08 Mon Sep 17 00:00:00 2001 From: knewbury01 Date: Fri, 22 Nov 2024 18:24:29 +0000 Subject: [PATCH 2250/2573] Bump version to 2.39.0-dev --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- docs/user_manual.md | 12 ++++++------ 16 files changed, 21 insertions(+), 21 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index db08fb3ebe..00a8221f28 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards -version: 2.38.0-dev +version: 2.39.0-dev description: CERT C 2016 suites: codeql-suites license: MIT diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index 0242ecdd10..a79ef5f692 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards-tests -version: 2.38.0-dev +version: 2.39.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 9d05e536fd..41bf42d337 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards -version: 2.38.0-dev +version: 2.39.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index e19cb371e8..41737a34ec 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards-tests -version: 2.38.0-dev +version: 2.39.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 0c78ad44b6..b160f27b6e 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards -version: 2.38.0-dev +version: 2.39.0-dev description: MISRA C 2012 suites: codeql-suites license: MIT diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index f27c03ca9e..3acb8455b1 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards-tests -version: 2.38.0-dev +version: 2.39.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index 810af3bde4..cd37cef87e 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards -version: 2.38.0-dev +version: 2.39.0-dev description: AUTOSAR C++14 Guidelines R22-11, R21-11, R20-11, R19-11 and R19-03 suites: codeql-suites license: MIT diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index 37dd488774..e7e8d3e2ce 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards-tests -version: 2.38.0-dev +version: 2.39.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index 2fb82cfe3f..464a5172fc 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards -version: 2.38.0-dev +version: 2.39.0-dev description: CERT C++ 2016 suites: codeql-suites license: MIT diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index dfe027d387..ba7415c43e 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards-tests -version: 2.38.0-dev +version: 2.39.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index eeee5f1fa9..3912f3531f 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards -version: 2.38.0-dev +version: 2.39.0-dev license: MIT dependencies: codeql/cpp-all: 0.12.9 diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index 8c37adba8d..3f061a2920 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards-tests -version: 2.38.0-dev +version: 2.39.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index 2ca5752f9c..c27400fc8e 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards -version: 2.38.0-dev +version: 2.39.0-dev description: MISRA C++ 2023 default-suite: codeql-suites/misra-cpp-default.qls license: MIT diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index b1601bcb74..e79e5934fa 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards-tests -version: 2.38.0-dev +version: 2.39.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index 797c50b92b..6477e52747 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/report-cpp-coding-standards -version: 2.38.0-dev +version: 2.39.0-dev license: MIT dependencies: codeql/cpp-all: 0.12.9 diff --git a/docs/user_manual.md b/docs/user_manual.md index 7f505673df..4c020dc73b 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -33,14 +33,14 @@ ## Release information -This user manual documents release `2.38.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). +This user manual documents release `2.39.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). The release page documents the release notes and contains the following artifacts part of the release: - `coding-standards-codeql-packs-2.37.0-dev.zip`: CodeQL packs that can be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `code-scanning-cpp-query-pack-2.38.0-dev.zip`: Legacy packaging for the queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `supported_rules_list_2.38.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. -- `supported_rules_list_2.38.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. -- `user_manual_2.38.0-dev.md`: This user manual. +- `code-scanning-cpp-query-pack-2.39.0-dev.zip`: Legacy packaging for the queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. +- `supported_rules_list_2.39.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. +- `supported_rules_list_2.39.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. +- `user_manual_2.39.0-dev.md`: This user manual. - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards - `checksums.txt`: A text file containing sha256 checksums for the aforementioned artifacts. @@ -573,7 +573,7 @@ This section describes known failure modes for "CodeQL Coding Standards" and des | | Out of space | Less output. Some files may be only be partially analyzed, or not analyzed at all. | Error reported on the command line. | Increase space. If it remains an issue report space consumption issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False positives | More output. Results are reported which are not violations of the guidelines. | All reported results must be reviewed. | Report false positive issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False negatives | Less output. Violations of the guidelines are not reported. | Other validation and verification processes during software development should be used to complement the analysis performed by CodeQL Coding Standards. | Report false negative issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | -| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.38.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | +| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.39.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | | | Incorrect deviation record specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation records with a reason. Ensure that all deviation records are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Incorrect deviation permit specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation permits with a reason. Ensure that all deviation permits are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Unapproved use of a deviation record | Less output. Results for guideline violations are not reported. | Validate that the deviation record use is approved by verifying the approved-by attribute of the deviation record specification. | Ensure that each raised deviation record is approved by an independent approver through an auditable process. | From a490400e4eacd36f0d36ed626c317e7609adad34 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 22 Nov 2024 20:40:25 -0800 Subject: [PATCH 2251/2573] Add full stops to report messages --- ...edeclarationOfObjectWithUnmatchedAlignment.ql | 2 +- .../RedeclarationOfObjectWithoutAlignment.ql | 2 +- ...rationOfObjectWithUnmatchedAlignment.expected | 16 ++++++++-------- ...edeclarationOfObjectWithoutAlignment.expected | 4 ++-- 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/c/misra/src/rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.ql b/c/misra/src/rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.ql index 878bfeeeaf..dc82f63d10 100644 --- a/c/misra/src/rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.ql +++ b/c/misra/src/rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.ql @@ -32,5 +32,5 @@ where ) and not lexicallyEqual(alignment.getArgument(0), mismatched.getArgument(0)) select alignment, - "Variable " + variable + " declared with lexically different _Alignof() values '$@' and '$@'", + "Variable " + variable + " declared with lexically different _Alignof() values '$@' and '$@'.", alignment, alignment.getArgument(0).toString(), mismatched, mismatched.getArgument(0).toString() diff --git a/c/misra/src/rules/RULE-8-15/RedeclarationOfObjectWithoutAlignment.ql b/c/misra/src/rules/RULE-8-15/RedeclarationOfObjectWithoutAlignment.ql index 3088708de0..df9f3f2d1c 100644 --- a/c/misra/src/rules/RULE-8-15/RedeclarationOfObjectWithoutAlignment.ql +++ b/c/misra/src/rules/RULE-8-15/RedeclarationOfObjectWithoutAlignment.ql @@ -92,5 +92,5 @@ where ) select unaligned, "Variable " + unaligned.getName() + - " declared without explicit alignment to match $@ with alignment $@", aligned, + " declared without explicit alignment to match $@ with alignment $@.", aligned, "other definition", attribute, attribute.toString() diff --git a/c/misra/test/rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.expected b/c/misra/test/rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.expected index 83a27f9074..3479ef1e35 100644 --- a/c/misra/test/rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.expected +++ b/c/misra/test/rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.expected @@ -1,8 +1,8 @@ -| test.c:18:8:18:15 | alignas(...) | Variable g6 declared with lexically different _Alignof() values '$@' and '$@' | test.c:18:8:18:15 | alignas(...) | int | test.c:19:8:19:15 | alignas(...) | 4 | -| test.c:19:8:19:15 | alignas(...) | Variable g6 declared with lexically different _Alignof() values '$@' and '$@' | test.c:19:8:19:15 | alignas(...) | 4 | test.c:18:8:18:15 | alignas(...) | int | -| test.c:22:8:22:15 | alignas(...) | Variable g7 declared with lexically different _Alignof() values '$@' and '$@' | test.c:22:8:22:15 | alignas(...) | ... * ... | test.c:23:8:23:15 | alignas(...) | 32 | -| test.c:23:8:23:15 | alignas(...) | Variable g7 declared with lexically different _Alignof() values '$@' and '$@' | test.c:23:8:23:15 | alignas(...) | 32 | test.c:22:8:22:15 | alignas(...) | ... * ... | -| test.c:28:8:28:15 | alignas(...) | Variable g9 declared with lexically different _Alignof() values '$@' and '$@' | test.c:28:8:28:15 | alignas(...) | ... * ... | test.c:29:8:29:15 | alignas(...) | ... * ... | -| test.c:29:8:29:15 | alignas(...) | Variable g9 declared with lexically different _Alignof() values '$@' and '$@' | test.c:29:8:29:15 | alignas(...) | ... * ... | test.c:28:8:28:15 | alignas(...) | ... * ... | -| test.c:34:8:34:15 | alignas(...) | Variable g11 declared with lexically different _Alignof() values '$@' and '$@' | test.c:34:8:34:15 | alignas(...) | signed int | test.c:35:8:35:15 | alignas(...) | unsigned int | -| test.c:35:8:35:15 | alignas(...) | Variable g11 declared with lexically different _Alignof() values '$@' and '$@' | test.c:35:8:35:15 | alignas(...) | unsigned int | test.c:34:8:34:15 | alignas(...) | signed int | +| test.c:18:8:18:15 | alignas(...) | Variable g6 declared with lexically different _Alignof() values '$@' and '$@'. | test.c:18:8:18:15 | alignas(...) | int | test.c:19:8:19:15 | alignas(...) | 4 | +| test.c:19:8:19:15 | alignas(...) | Variable g6 declared with lexically different _Alignof() values '$@' and '$@'. | test.c:19:8:19:15 | alignas(...) | 4 | test.c:18:8:18:15 | alignas(...) | int | +| test.c:22:8:22:15 | alignas(...) | Variable g7 declared with lexically different _Alignof() values '$@' and '$@'. | test.c:22:8:22:15 | alignas(...) | ... * ... | test.c:23:8:23:15 | alignas(...) | 32 | +| test.c:23:8:23:15 | alignas(...) | Variable g7 declared with lexically different _Alignof() values '$@' and '$@'. | test.c:23:8:23:15 | alignas(...) | 32 | test.c:22:8:22:15 | alignas(...) | ... * ... | +| test.c:28:8:28:15 | alignas(...) | Variable g9 declared with lexically different _Alignof() values '$@' and '$@'. | test.c:28:8:28:15 | alignas(...) | ... * ... | test.c:29:8:29:15 | alignas(...) | ... * ... | +| test.c:29:8:29:15 | alignas(...) | Variable g9 declared with lexically different _Alignof() values '$@' and '$@'. | test.c:29:8:29:15 | alignas(...) | ... * ... | test.c:28:8:28:15 | alignas(...) | ... * ... | +| test.c:34:8:34:15 | alignas(...) | Variable g11 declared with lexically different _Alignof() values '$@' and '$@'. | test.c:34:8:34:15 | alignas(...) | signed int | test.c:35:8:35:15 | alignas(...) | unsigned int | +| test.c:35:8:35:15 | alignas(...) | Variable g11 declared with lexically different _Alignof() values '$@' and '$@'. | test.c:35:8:35:15 | alignas(...) | unsigned int | test.c:34:8:34:15 | alignas(...) | signed int | diff --git a/c/misra/test/rules/RULE-8-15/RedeclarationOfObjectWithoutAlignment.expected b/c/misra/test/rules/RULE-8-15/RedeclarationOfObjectWithoutAlignment.expected index e9b91d33a4..69d2c8bb2d 100644 --- a/c/misra/test/rules/RULE-8-15/RedeclarationOfObjectWithoutAlignment.expected +++ b/c/misra/test/rules/RULE-8-15/RedeclarationOfObjectWithoutAlignment.expected @@ -1,2 +1,2 @@ -| test.c:5:12:5:13 | declaration of g2 | Variable g2 declared without explicit alignment to match $@ with alignment $@ | test.c:4:25:4:26 | declaration of g2 | other definition | test.c:4:8:4:15 | alignas(...) | alignas(...) | -| test.c:7:12:7:13 | declaration of g3 | Variable g3 declared without explicit alignment to match $@ with alignment $@ | test.c:8:25:8:26 | declaration of g3 | other definition | test.c:8:8:8:15 | alignas(...) | alignas(...) | +| test.c:5:12:5:13 | declaration of g2 | Variable g2 declared without explicit alignment to match $@ with alignment $@. | test.c:4:25:4:26 | declaration of g2 | other definition | test.c:4:8:4:15 | alignas(...) | alignas(...) | +| test.c:7:12:7:13 | declaration of g3 | Variable g3 declared without explicit alignment to match $@ with alignment $@. | test.c:8:25:8:26 | declaration of g3 | other definition | test.c:8:8:8:15 | alignas(...) | alignas(...) | From 791526e1583c7db9dd1175dff816a45697ce5cdb Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 22 Nov 2024 21:49:09 -0800 Subject: [PATCH 2252/2573] Address next round of feedback --- ...ointersToVariablyModifiedArrayTypesUsed.ql | 4 +- .../RULE-18-8/VariableLengthArrayTypesUsed.ql | 47 +++++++++++++++++-- ...rayToPointerConversionOfTemporaryObject.ql | 2 +- c/misra/test/rules/RULE-18-10/test.c | 12 ++++- c/misra/test/rules/RULE-18-8/test.c | 10 ++-- .../cpp/VariablyModifiedTypes.qll | 10 ++++ 6 files changed, 75 insertions(+), 10 deletions(-) diff --git a/c/misra/src/rules/RULE-18-10/PointersToVariablyModifiedArrayTypesUsed.ql b/c/misra/src/rules/RULE-18-10/PointersToVariablyModifiedArrayTypesUsed.ql index 6ca2289c67..3a99ebd842 100644 --- a/c/misra/src/rules/RULE-18-10/PointersToVariablyModifiedArrayTypesUsed.ql +++ b/c/misra/src/rules/RULE-18-10/PointersToVariablyModifiedArrayTypesUsed.ql @@ -42,7 +42,9 @@ where if v.getType().(PointerType).getBaseType() instanceof CandidateVlaType then relationstr = "pointer to" else relationstr = "with inner" - ) + ) and + // Remove results that appear to be unreliable, potentially from a macro. + not v.appearsDuplicated() select v, declstr + v.getName() + " is " + adjuststr + " variably-modified type, " + relationstr + " variable length array of non constant size $@ and element type '" + diff --git a/c/misra/src/rules/RULE-18-8/VariableLengthArrayTypesUsed.ql b/c/misra/src/rules/RULE-18-8/VariableLengthArrayTypesUsed.ql index 8e599f39f7..6e6f5c10c5 100644 --- a/c/misra/src/rules/RULE-18-8/VariableLengthArrayTypesUsed.ql +++ b/c/misra/src/rules/RULE-18-8/VariableLengthArrayTypesUsed.ql @@ -15,16 +15,55 @@ import cpp import codingstandards.c.misra -from VlaDeclStmt v, Expr size, ArrayType arrayType, string typeStr +/** + * Typedefs may be declared as VLAs, eg, `typedef int vla[x];`. This query finds types that refer to + * such typedef types, for instance `vla foo;` or adding a dimension via `vla bar[10];`. + * + * Consts and other specifiers may be added, but `vla *ptr;` is not a VLA any more, and is excluded. + */ +class VlaTypedefType extends Type { + VlaDeclStmt vlaDecl; + ArrayType arrayType; + + VlaTypedefType() { + // Holds for direct references to the typedef type: + this = vlaDecl.getType() and + vlaDecl.getType() instanceof TypedefType and + arrayType = vlaDecl.getType().stripTopLevelSpecifiers() + or + // Holds for adding a constant dimension to a VLA typedef type: + arrayType = this.stripTopLevelSpecifiers() and + vlaDecl = arrayType.getBaseType().(VlaTypedefType).getVlaDeclStmt() + or + // Carefully ignore specifiers, `stripTopLevelSpecifiers()` resolves past the typedef + exists(SpecifiedType st, VlaTypedefType inner | + st = this and + st.getBaseType() = inner and + arrayType = inner.getArrayType() and + vlaDecl = inner.getVlaDeclStmt() + ) + } + + VlaDeclStmt getVlaDeclStmt() { result = vlaDecl } + + ArrayType getArrayType() { result = arrayType } +} + +from Variable v, Expr size, ArrayType arrayType, VlaDeclStmt vlaDecl, string typeStr where not isExcluded(v, Declarations7Package::variableLengthArrayTypesUsedQuery()) and - size = v.getVlaDimensionStmt(0).getDimensionExpr() and + size = vlaDecl.getVlaDimensionStmt(0).getDimensionExpr() and ( // Holds is if v is a variable declaration: - arrayType = v.getVariable().getType().stripTopLevelSpecifiers() + v = vlaDecl.getVariable() and + arrayType = v.getType().stripTopLevelSpecifiers() or // Holds is if v is a typedef declaration: - arrayType = v.getType().stripTopLevelSpecifiers() + exists(VlaTypedefType typedef | + v.getType() = typedef and + arrayType = typedef.getArrayType() and + vlaDecl = typedef.getVlaDeclStmt() + ) ) and typeStr = arrayType.getBaseType().toString() select v, "Variable length array of element type '" + typeStr + "' with non-constant size $@.", diff --git a/c/misra/src/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.ql b/c/misra/src/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.ql index a64ccd44ff..5317966f3b 100644 --- a/c/misra/src/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.ql +++ b/c/misra/src/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.ql @@ -66,5 +66,5 @@ where fa.getTemporary() = temporary and conversion.getExpr() = fa and isUsedOrStored(temporaryObjectFlowStep*(conversion.getExpr())) -select conversion, "Array to pointer conversion of array $@ from temporary object $@", +select conversion, "Array to pointer conversion of array $@ from temporary object $@.", fa.getTarget(), fa.getTarget().getName(), temporary, temporary.toString() diff --git a/c/misra/test/rules/RULE-18-10/test.c b/c/misra/test/rules/RULE-18-10/test.c index dbddbecec8..3a44abd264 100644 --- a/c/misra/test/rules/RULE-18-10/test.c +++ b/c/misra/test/rules/RULE-18-10/test.c @@ -92,4 +92,14 @@ void f2(int (*p1)[3], // COMPLIANT int (*p3)[2][*], // NON-COMPLIANT[FALSE_NEGATIVE] int (*p4)[*][2], // NON-COMPLIANT[FALSE_NEGATIVE] int (*p5)[*][*] // NON-COMPLIANT[FALSE_NEGATIVE] -); \ No newline at end of file +); + +#define CONFUSING_MACRO() \ + int x; \ + int (*vla)[x]; \ + int (*not_vla)[]; + +void f3() { + // We cannot report `vla` in this macro without a false positive for `not_vla`. + CONFUSING_MACRO() // COMPLIANT +} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-18-8/test.c b/c/misra/test/rules/RULE-18-8/test.c index c2f6027216..e6e038049c 100644 --- a/c/misra/test/rules/RULE-18-8/test.c +++ b/c/misra/test/rules/RULE-18-8/test.c @@ -14,9 +14,13 @@ void f(int n) { extern int e1[]; // COMPLIANT - // A typedef is not a VLA. However, `VlaDeclStmt`s match the typedef. - typedef int vlaTypedef[n]; // COMPLIANT[FALSE_POSITIVE] - vlaTypedef t1; // NON_COMPLIANT[FALSE_NEGATIVE] + // A typedef is not a VLA. + typedef int vlaTypedef[n]; // COMPLIANT + // The declarations using the typedef may or may not be VLAs. + vlaTypedef t1; // NON_COMPLIANT + vlaTypedef t2[1]; // NON_COMPLIANT + vlaTypedef t3[x]; // NON_COMPLIANT + vlaTypedef *t4; // COMPLIANT } void f1(int n, diff --git a/cpp/common/src/codingstandards/cpp/VariablyModifiedTypes.qll b/cpp/common/src/codingstandards/cpp/VariablyModifiedTypes.qll index c0fb3a3db6..9de533d050 100644 --- a/cpp/common/src/codingstandards/cpp/VariablyModifiedTypes.qll +++ b/cpp/common/src/codingstandards/cpp/VariablyModifiedTypes.qll @@ -2,6 +2,8 @@ import cpp /** * A declaration involving a variably-modified type. + * + * Note, this holds for both VLA variable and VLA typedefs. */ class VmtDeclarationEntry extends DeclarationEntry { Expr sizeExpr; @@ -28,6 +30,14 @@ class VmtDeclarationEntry extends DeclarationEntry { Expr getSizeExpr() { result = sizeExpr } CandidateVlaType getVlaType() { result = vlaType } + + /* VLAs may occur in macros, and result in duplication that messes up our analysis. */ + predicate appearsDuplicated() { + exists(VmtDeclarationEntry other | + other != this and + other.getSizeExpr() = getSizeExpr() + ) + } } /** From b477e34ef5ab008e6b5ce3e7586fa4308427dcbc Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 22 Nov 2024 21:51:29 -0800 Subject: [PATCH 2253/2573] Fix macro testcase formatting --- c/misra/test/rules/RULE-18-10/test.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/c/misra/test/rules/RULE-18-10/test.c b/c/misra/test/rules/RULE-18-10/test.c index 3a44abd264..645943733d 100644 --- a/c/misra/test/rules/RULE-18-10/test.c +++ b/c/misra/test/rules/RULE-18-10/test.c @@ -94,12 +94,13 @@ void f2(int (*p1)[3], // COMPLIANT int (*p5)[*][*] // NON-COMPLIANT[FALSE_NEGATIVE] ); -#define CONFUSING_MACRO() \ - int x; \ - int (*vla)[x]; \ - int (*not_vla)[]; +#define CONFUSING_MACRO() \ + int x; \ + int(*vla)[x]; \ + int(*not_vla)[]; void f3() { - // We cannot report `vla` in this macro without a false positive for `not_vla`. + // We cannot report `vla` in this macro without a false positive for + // `not_vla`. CONFUSING_MACRO() // COMPLIANT } \ No newline at end of file From 3873be762a39d123b9b3048a83881c2a992a6777 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Sat, 23 Nov 2024 00:03:59 -0800 Subject: [PATCH 2254/2573] Commit changes to expected files, improve problem messages --- .../RULE-18-8/VariableLengthArrayTypesUsed.ql | 18 +++--- .../VariableLengthArrayTypesUsed.expected | 13 ++-- ...ointerConversionOfTemporaryObject.expected | 60 +++++++++---------- 3 files changed, 46 insertions(+), 45 deletions(-) diff --git a/c/misra/src/rules/RULE-18-8/VariableLengthArrayTypesUsed.ql b/c/misra/src/rules/RULE-18-8/VariableLengthArrayTypesUsed.ql index 6e6f5c10c5..cf19c02eca 100644 --- a/c/misra/src/rules/RULE-18-8/VariableLengthArrayTypesUsed.ql +++ b/c/misra/src/rules/RULE-18-8/VariableLengthArrayTypesUsed.ql @@ -31,16 +31,14 @@ class VlaTypedefType extends Type { vlaDecl.getType() instanceof TypedefType and arrayType = vlaDecl.getType().stripTopLevelSpecifiers() or - // Holds for adding a constant dimension to a VLA typedef type: - arrayType = this.stripTopLevelSpecifiers() and - vlaDecl = arrayType.getBaseType().(VlaTypedefType).getVlaDeclStmt() - or - // Carefully ignore specifiers, `stripTopLevelSpecifiers()` resolves past the typedef - exists(SpecifiedType st, VlaTypedefType inner | - st = this and - st.getBaseType() = inner and - arrayType = inner.getArrayType() and - vlaDecl = inner.getVlaDeclStmt() + // Handle arrays of VLA typedefs, and carefully handle specified VLA typedef types, as + // `stripTopLevelSpecifiers` resolves past the VLA typedef type. + exists(DerivedType dt, VlaTypedefType vlaType | + (dt instanceof ArrayType or dt instanceof SpecifiedType) and + this = dt and + vlaType = dt.getBaseType() and + vlaDecl = vlaType.getVlaDeclStmt() and + arrayType = vlaType.getArrayType() ) } diff --git a/c/misra/test/rules/RULE-18-8/VariableLengthArrayTypesUsed.expected b/c/misra/test/rules/RULE-18-8/VariableLengthArrayTypesUsed.expected index 24856619bf..af73daccfd 100644 --- a/c/misra/test/rules/RULE-18-8/VariableLengthArrayTypesUsed.expected +++ b/c/misra/test/rules/RULE-18-8/VariableLengthArrayTypesUsed.expected @@ -1,5 +1,8 @@ -| test.c:6:7:6:7 | VLA declaration | Variable length array of element type 'int' with non-constant size $@. | test.c:6:10:6:14 | ... + ... | ... + ... | -| test.c:7:7:7:7 | VLA declaration | Variable length array of element type 'int' with non-constant size $@. | test.c:7:10:7:10 | n | n | -| test.c:8:7:8:7 | VLA declaration | Variable length array of element type 'int[]' with non-constant size $@. | test.c:8:13:8:13 | n | n | -| test.c:12:7:12:7 | VLA declaration | Variable length array of element type 'int[1]' with non-constant size $@. | test.c:12:10:12:10 | n | n | -| test.c:18:15:18:15 | VLA declaration | Variable length array of element type 'int' with non-constant size $@. | test.c:18:26:18:26 | n | n | +| test.c:6:7:6:8 | a1 | Variable length array of element type 'int' with non-constant size $@. | test.c:6:10:6:14 | ... + ... | ... + ... | +| test.c:7:7:7:8 | a2 | Variable length array of element type 'int' with non-constant size $@. | test.c:7:10:7:10 | n | n | +| test.c:8:7:8:8 | a3 | Variable length array of element type 'int[]' with non-constant size $@. | test.c:8:13:8:13 | n | n | +| test.c:12:7:12:8 | a7 | Variable length array of element type 'int[1]' with non-constant size $@. | test.c:12:10:12:10 | n | n | +| test.c:20:14:20:15 | t1 | Variable length array of element type 'int' with non-constant size $@. | test.c:18:26:18:26 | n | n | +| test.c:21:14:21:15 | t2 | Variable length array of element type 'int' with non-constant size $@. | test.c:18:26:18:26 | n | n | +| test.c:22:14:22:15 | t3 | Variable length array of element type 'int' with non-constant size $@. | test.c:18:26:18:26 | n | n | +| test.c:22:14:22:15 | t3 | Variable length array of element type 'vlaTypedef' with non-constant size $@. | test.c:22:17:22:17 | x | x | diff --git a/c/misra/test/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.expected b/c/misra/test/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.expected index 7d760dc4a6..688dde4650 100644 --- a/c/misra/test/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.expected +++ b/c/misra/test/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.expected @@ -1,30 +1,30 @@ -| test.c:45:3:45:20 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:45:3:45:8 | call to get_s1 | call to get_s1 | -| test.c:46:3:46:20 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:46:3:46:8 | call to get_s1 | call to get_s1 | -| test.c:47:7:47:24 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:47:7:47:12 | call to get_s1 | call to get_s1 | -| test.c:48:4:48:21 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:48:4:48:9 | call to get_s1 | call to get_s1 | -| test.c:49:4:49:21 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:49:4:49:9 | call to get_s1 | call to get_s1 | -| test.c:50:3:50:20 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:50:3:50:8 | call to get_s1 | call to get_s1 | -| test.c:51:3:51:20 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:51:3:51:8 | call to get_s1 | call to get_s1 | -| test.c:52:3:52:20 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:52:3:52:8 | call to get_s1 | call to get_s1 | -| test.c:53:3:53:20 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:53:3:53:8 | call to get_s1 | call to get_s1 | -| test.c:54:3:54:20 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:54:3:54:8 | call to get_s1 | call to get_s1 | -| test.c:55:8:55:25 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:55:8:55:13 | call to get_s1 | call to get_s1 | -| test.c:56:3:56:20 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:56:3:56:8 | call to get_s1 | call to get_s1 | -| test.c:57:8:57:25 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:57:8:57:13 | call to get_s1 | call to get_s1 | -| test.c:58:3:58:20 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:58:3:58:8 | call to get_s1 | call to get_s1 | -| test.c:59:3:59:20 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:59:3:59:8 | call to get_s1 | call to get_s1 | -| test.c:60:15:60:32 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:60:15:60:20 | call to get_s1 | call to get_s1 | -| test.c:61:16:61:33 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:61:16:61:21 | call to get_s1 | call to get_s1 | -| test.c:62:23:62:40 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:62:23:62:28 | call to get_s1 | call to get_s1 | -| test.c:63:7:63:24 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:63:7:63:12 | call to get_s1 | call to get_s1 | -| test.c:64:16:64:33 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:64:16:64:21 | call to get_s1 | call to get_s1 | -| test.c:65:15:65:32 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:65:15:65:20 | call to get_s1 | call to get_s1 | -| test.c:66:16:66:33 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:66:16:66:21 | call to get_s1 | call to get_s1 | -| test.c:67:23:67:40 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:67:23:67:28 | call to get_s1 | call to get_s1 | -| test.c:89:3:89:30 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:89:12:89:20 | member_s1 | member_s1 | -| test.c:90:3:90:36 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:90:3:90:26 | access to array | access to array | -| test.c:91:15:91:42 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:91:24:91:32 | member_s1 | member_s1 | -| test.c:92:15:92:48 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:92:15:92:38 | access to array | access to array | -| test.c:111:15:111:33 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:111:16:111:22 | ... = ... | ... = ... | -| test.c:113:15:113:37 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:113:16:113:26 | ... ? ... : ... | ... ? ... : ... | -| test.c:114:15:114:31 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@ | test.c:3:13:3:21 | const_arr | const_arr | test.c:114:16:114:20 | ... , ... | ... , ... | +| test.c:45:3:45:20 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:45:3:45:8 | call to get_s1 | call to get_s1 | +| test.c:46:3:46:20 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:46:3:46:8 | call to get_s1 | call to get_s1 | +| test.c:47:7:47:24 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:47:7:47:12 | call to get_s1 | call to get_s1 | +| test.c:48:4:48:21 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:48:4:48:9 | call to get_s1 | call to get_s1 | +| test.c:49:4:49:21 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:49:4:49:9 | call to get_s1 | call to get_s1 | +| test.c:50:3:50:20 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:50:3:50:8 | call to get_s1 | call to get_s1 | +| test.c:51:3:51:20 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:51:3:51:8 | call to get_s1 | call to get_s1 | +| test.c:52:3:52:20 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:52:3:52:8 | call to get_s1 | call to get_s1 | +| test.c:53:3:53:20 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:53:3:53:8 | call to get_s1 | call to get_s1 | +| test.c:54:3:54:20 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:54:3:54:8 | call to get_s1 | call to get_s1 | +| test.c:55:8:55:25 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:55:8:55:13 | call to get_s1 | call to get_s1 | +| test.c:56:3:56:20 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:56:3:56:8 | call to get_s1 | call to get_s1 | +| test.c:57:8:57:25 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:57:8:57:13 | call to get_s1 | call to get_s1 | +| test.c:58:3:58:20 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:58:3:58:8 | call to get_s1 | call to get_s1 | +| test.c:59:3:59:20 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:59:3:59:8 | call to get_s1 | call to get_s1 | +| test.c:60:15:60:32 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:60:15:60:20 | call to get_s1 | call to get_s1 | +| test.c:61:16:61:33 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:61:16:61:21 | call to get_s1 | call to get_s1 | +| test.c:62:23:62:40 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:62:23:62:28 | call to get_s1 | call to get_s1 | +| test.c:63:7:63:24 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:63:7:63:12 | call to get_s1 | call to get_s1 | +| test.c:64:16:64:33 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:64:16:64:21 | call to get_s1 | call to get_s1 | +| test.c:65:15:65:32 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:65:15:65:20 | call to get_s1 | call to get_s1 | +| test.c:66:16:66:33 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:66:16:66:21 | call to get_s1 | call to get_s1 | +| test.c:67:23:67:40 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:67:23:67:28 | call to get_s1 | call to get_s1 | +| test.c:89:3:89:30 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:89:12:89:20 | member_s1 | member_s1 | +| test.c:90:3:90:36 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:90:3:90:26 | access to array | access to array | +| test.c:91:15:91:42 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:91:24:91:32 | member_s1 | member_s1 | +| test.c:92:15:92:48 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:92:15:92:38 | access to array | access to array | +| test.c:111:15:111:33 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:111:16:111:22 | ... = ... | ... = ... | +| test.c:113:15:113:37 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:113:16:113:26 | ... ? ... : ... | ... ? ... : ... | +| test.c:114:15:114:31 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:114:16:114:20 | ... , ... | ... , ... | From e9b3ebd1c9e4e92d83ac47a6a65f119709e0a5a5 Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Mon, 25 Nov 2024 10:15:29 +0900 Subject: [PATCH 2255/2573] Add markers for non-compliant cases --- cpp/autosar/test/rules/A7-1-2/test.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/test/rules/A7-1-2/test.cpp b/cpp/autosar/test/rules/A7-1-2/test.cpp index 1bbe32a933..664a9cb8e7 100644 --- a/cpp/autosar/test/rules/A7-1-2/test.cpp +++ b/cpp/autosar/test/rules/A7-1-2/test.cpp @@ -127,7 +127,7 @@ class MissingConstexprClass { MissingConstexprClass(int i) = delete; // NON_COMPLIANT MissingConstexprClass(int i, LiteralClass lc) {} // NON_COMPLIANT private: - int m1 = 0; + int m1 = 0; // NON_COMPLIANT }; class VirtualBaseClass {}; @@ -138,7 +138,7 @@ class DerivedClass : public virtual VirtualBaseClass { DerivedClass(int i) = delete; // COMPLIANT DerivedClass(int i, LiteralClass lc) {} // COMPLIANT private: - int m1 = 0; + int m1 = 0; // NON_COMPLIANT }; class NotAllMembersInitializedClass { From 56d886e8cd24d9ee2c9120e91881d9174f8a5b89 Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Tue, 26 Nov 2024 13:05:28 +0900 Subject: [PATCH 2256/2573] Fix as per review comments --- ...hatContainsForwardingReferenceAsItsArgumentOverloaded.ql | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cpp/autosar/src/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql b/cpp/autosar/src/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql index e3fb59bd8a..1ae2bc87ab 100644 --- a/cpp/autosar/src/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql +++ b/cpp/autosar/src/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql @@ -14,6 +14,7 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.FunctionEquivalence class Candidate extends TemplateFunction { Candidate() { @@ -29,9 +30,8 @@ where OperatorsPackage::functionThatContainsForwardingReferenceAsItsArgumentOverloadedQuery()) and not f.isDeleted() and f = c.getAnOverload() and - // CodeQL sometimes fetches an overloaded function at the same location. - // Thus, a check is added explicitly (refer #796). - f.getLocation() != c.getLocation() and + // Ensure the functions are not equivalent to each other (refer #796). + not f = getAnEquivalentFunction(c) and // allow for overloading with different number of parameters, because there is no // confusion on what function will be called. f.getNumberOfParameters() = c.getNumberOfParameters() and From b8d399e2a327c0d8d6c74e8b5863b95d5228d905 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 27 Nov 2024 23:49:55 +0000 Subject: [PATCH 2257/2573] M5-0-3: Consider static casts to be cvalues, as per spec --- ...essionConvertedToDifferentUnderlyingType.expected | 4 +++- cpp/autosar/test/rules/M5-0-3/test.cpp | 3 +++ cpp/common/src/codingstandards/cpp/Expr.qll | 12 ++---------- 3 files changed, 8 insertions(+), 11 deletions(-) diff --git a/cpp/autosar/test/rules/M5-0-3/CvalueExpressionConvertedToDifferentUnderlyingType.expected b/cpp/autosar/test/rules/M5-0-3/CvalueExpressionConvertedToDifferentUnderlyingType.expected index 773691efd1..8ce6a225dc 100644 --- a/cpp/autosar/test/rules/M5-0-3/CvalueExpressionConvertedToDifferentUnderlyingType.expected +++ b/cpp/autosar/test/rules/M5-0-3/CvalueExpressionConvertedToDifferentUnderlyingType.expected @@ -2,4 +2,6 @@ | test.cpp:12:8:12:14 | ... + ... | Implicit conversion converts cvalue $@ from signed char to signed short. | test.cpp:12:8:12:14 | ... + ... | expression | | test.cpp:14:8:14:13 | ... + ... | Implicit conversion converts cvalue $@ from signed short to signed int. | test.cpp:14:8:14:13 | ... + ... | expression | | test.cpp:23:13:23:19 | (int16_t)... | Implicit conversion converts cvalue $@ from signed char to signed short. | test.cpp:23:13:23:19 | ... + ... | expression | -| test.cpp:30:12:30:18 | (int16_t)... | Implicit conversion converts cvalue $@ from signed char to signed short. | test.cpp:30:12:30:18 | ... + ... | expression | +| test.cpp:25:13:25:45 | (int16_t)... | Implicit conversion converts cvalue $@ from signed char to signed short. | test.cpp:25:13:25:45 | static_cast... | expression | +| test.cpp:31:12:31:18 | (int16_t)... | Implicit conversion converts cvalue $@ from signed char to signed short. | test.cpp:31:12:31:18 | ... + ... | expression | +| test.cpp:33:12:33:44 | (int16_t)... | Implicit conversion converts cvalue $@ from signed char to signed short. | test.cpp:33:12:33:44 | static_cast... | expression | diff --git a/cpp/autosar/test/rules/M5-0-3/test.cpp b/cpp/autosar/test/rules/M5-0-3/test.cpp index 9f368bae3f..7275204519 100644 --- a/cpp/autosar/test/rules/M5-0-3/test.cpp +++ b/cpp/autosar/test/rules/M5-0-3/test.cpp @@ -22,12 +22,15 @@ void test_func_call() { std::int8_t l1; int16_arg(l1 + l1); // NON_COMPLIANT int16_arg(static_cast(l1 + l1)); // COMPLIANT + int16_arg(static_cast(l1 + l1)); // NON_COMPLIANT } std::int16_t test_return(int test) { std::int8_t l1; if (test > 0) { return l1 + l1; // NON_COMPLIANT + } else if (test < 0) { + return static_cast(l1 + l1); // NON_COMPLIANT } else { return static_cast(l1 + l1); // COMPLIANT } diff --git a/cpp/common/src/codingstandards/cpp/Expr.qll b/cpp/common/src/codingstandards/cpp/Expr.qll index 51066cf4cb..c97c808f6f 100644 --- a/cpp/common/src/codingstandards/cpp/Expr.qll +++ b/cpp/common/src/codingstandards/cpp/Expr.qll @@ -148,17 +148,9 @@ module MisraExpr { private predicate isCValue(Expr e) { not e.isConstant() and ( - exists(ReturnStmt return | - e = return.getExpr() and - // Only return statements which are not explicitly casted are considered - not exists(Cast c | not c.isImplicit() and c.getExpr() = e) - ) + exists(ReturnStmt return | e = return.getExpr().getExplicitlyConverted()) or - exists(FunctionCall call | - e = call.getAnArgument() and - // // Only function arguments which are not explicitly casted are considered - not exists(Cast c | not c.isImplicit() and c.getExpr() = e) - ) + exists(FunctionCall call | e = call.getAnArgument().getExplicitlyConverted()) ) or isCValue(e.(ParenthesisExpr).getExpr()) From 503830ae350fd6979d120ceb992ca855e28680ce Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 22 Nov 2024 20:36:39 -0800 Subject: [PATCH 2258/2573] Implement Concurrency8 package --- ...AppropriateThreadObjectStorageDurations.ql | 43 +- ...propriateStorageDurationsFunctionReturn.ql | 11 +- ...DoNotModifyObjectsWithTemporaryLifetime.ql | 12 +- ...uctsWithAFlexibleArrayMemberDynamically.ql | 20 +- ...odifyObjectsWithTemporaryLifetime.expected | 8 +- .../codingstandards/c/IdentifierLinkage.qll | 47 +++ c/common/src/codingstandards/c/Objects.qll | 393 ++++++++++++++++++ .../src/codingstandards/c/StorageDuration.qll | 31 ++ .../codingstandards/c/UninitializedMutex.qll | 0 .../IdentifierLinkage.expected | 10 + .../identifierlinkage/IdentifierLinkage.ql | 5 + .../identifierlinkage/identifierlinkage.c | 30 ++ .../library/objects/ObjectIdentity.expected | 21 + .../test/library/objects/ObjectIdentity.ql | 5 + .../test/library/objects/objectidentity.c | 41 ++ ...rayToPointerConversionOfTemporaryObject.ql | 6 +- ...eLValueSubscriptedWithTemporaryLifetime.ql | 40 +- .../NonstandardUseOfThreadingObject.ql | 54 +++ ...readingObjectWithInvalidStorageDuration.ql | 31 ++ .../MutexInitWithInvalidMutexType.ql | 36 ++ .../MutexInitializedInsideThread.ql | 27 ++ .../MutexNotInitializedBeforeUse.ql | 130 ++++++ .../MutexObjectsNotAlwaysUnlocked.ql | 52 +++ ...ointerConversionOfTemporaryObject.expected | 8 +- ...eSubscriptedWithTemporaryLifetime.expected | 6 +- .../NonstandardUseOfThreadingObject.expected | 27 ++ .../NonstandardUseOfThreadingObject.qlref | 1 + c/misra/test/rules/RULE-22-12/test.c | 65 +++ ...gObjectWithInvalidStorageDuration.expected | 13 + ...dingObjectWithInvalidStorageDuration.qlref | 1 + c/misra/test/rules/RULE-22-13/test.c | 53 +++ .../MutexInitWithInvalidMutexType.expected | 5 + .../MutexInitWithInvalidMutexType.qlref | 1 + .../MutexInitializedInsideThread.expected | 1 + .../MutexInitializedInsideThread.qlref | 1 + .../MutexNotInitializedBeforeUse.expected | 14 + .../MutexNotInitializedBeforeUse.qlref | 1 + c/misra/test/rules/RULE-22-14/test.c | 146 +++++++ .../MutexObjectsNotAlwaysUnlocked.expected | 7 + .../MutexObjectsNotAlwaysUnlocked.qlref | 1 + c/misra/test/rules/RULE-22-16/test.c | 107 +++++ change_notes/2024-11-27-c-object-refactor.md | 21 + ...24-11-27-raii-concurrency-analysis-perf.md | 2 + ...4-11-27-resource-leak-analysis-refactor.md | 10 + .../src/codingstandards/cpp/Clvalues.qll | 3 + .../src/codingstandards/cpp/Concurrency.qll | 67 ++- cpp/common/src/codingstandards/cpp/Type.qll | 26 +- .../cpp/exclusions/c/Concurrency8.qll | 112 +++++ .../cpp/exclusions/c/RuleMetadata.qll | 3 + .../cpp/lifetimes/CLifetimes.qll | 48 --- .../cpp/resources/ResourceLeakAnalysis.qll | 101 +++++ .../cpp/resources/ResourceManagement.qll | 75 ++-- .../ExceptionSafetyValidState.qll | 63 +-- .../ExceptionSafetyValidState.expected | 8 +- rule_packages/c/Concurrency8.json | 115 +++++ rules.csv | 8 +- 56 files changed, 1964 insertions(+), 209 deletions(-) create mode 100644 c/common/src/codingstandards/c/IdentifierLinkage.qll create mode 100644 c/common/src/codingstandards/c/Objects.qll create mode 100644 c/common/src/codingstandards/c/StorageDuration.qll create mode 100644 c/common/src/codingstandards/c/UninitializedMutex.qll create mode 100644 c/common/test/library/identifierlinkage/IdentifierLinkage.expected create mode 100644 c/common/test/library/identifierlinkage/IdentifierLinkage.ql create mode 100644 c/common/test/library/identifierlinkage/identifierlinkage.c create mode 100644 c/common/test/library/objects/ObjectIdentity.expected create mode 100644 c/common/test/library/objects/ObjectIdentity.ql create mode 100644 c/common/test/library/objects/objectidentity.c create mode 100644 c/misra/src/rules/RULE-22-12/NonstandardUseOfThreadingObject.ql create mode 100644 c/misra/src/rules/RULE-22-13/ThreadingObjectWithInvalidStorageDuration.ql create mode 100644 c/misra/src/rules/RULE-22-14/MutexInitWithInvalidMutexType.ql create mode 100644 c/misra/src/rules/RULE-22-14/MutexInitializedInsideThread.ql create mode 100644 c/misra/src/rules/RULE-22-14/MutexNotInitializedBeforeUse.ql create mode 100644 c/misra/src/rules/RULE-22-16/MutexObjectsNotAlwaysUnlocked.ql create mode 100644 c/misra/test/rules/RULE-22-12/NonstandardUseOfThreadingObject.expected create mode 100644 c/misra/test/rules/RULE-22-12/NonstandardUseOfThreadingObject.qlref create mode 100644 c/misra/test/rules/RULE-22-12/test.c create mode 100644 c/misra/test/rules/RULE-22-13/ThreadingObjectWithInvalidStorageDuration.expected create mode 100644 c/misra/test/rules/RULE-22-13/ThreadingObjectWithInvalidStorageDuration.qlref create mode 100644 c/misra/test/rules/RULE-22-13/test.c create mode 100644 c/misra/test/rules/RULE-22-14/MutexInitWithInvalidMutexType.expected create mode 100644 c/misra/test/rules/RULE-22-14/MutexInitWithInvalidMutexType.qlref create mode 100644 c/misra/test/rules/RULE-22-14/MutexInitializedInsideThread.expected create mode 100644 c/misra/test/rules/RULE-22-14/MutexInitializedInsideThread.qlref create mode 100644 c/misra/test/rules/RULE-22-14/MutexNotInitializedBeforeUse.expected create mode 100644 c/misra/test/rules/RULE-22-14/MutexNotInitializedBeforeUse.qlref create mode 100644 c/misra/test/rules/RULE-22-14/test.c create mode 100644 c/misra/test/rules/RULE-22-16/MutexObjectsNotAlwaysUnlocked.expected create mode 100644 c/misra/test/rules/RULE-22-16/MutexObjectsNotAlwaysUnlocked.qlref create mode 100644 c/misra/test/rules/RULE-22-16/test.c create mode 100644 change_notes/2024-11-27-c-object-refactor.md create mode 100644 change_notes/2024-11-27-raii-concurrency-analysis-perf.md create mode 100644 change_notes/2024-11-27-resource-leak-analysis-refactor.md create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency8.qll delete mode 100644 cpp/common/src/codingstandards/cpp/lifetimes/CLifetimes.qll create mode 100644 cpp/common/src/codingstandards/cpp/resources/ResourceLeakAnalysis.qll create mode 100644 rule_packages/c/Concurrency8.json diff --git a/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql b/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql index e0617c266d..6d9caacc5c 100644 --- a/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql +++ b/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql @@ -14,30 +14,39 @@ import cpp import codingstandards.c.cert +import codingstandards.c.Objects import codingstandards.cpp.Concurrency import codingstandards.cpp.dataflow.TaintTracking import codingstandards.cpp.dataflow.DataFlow import semmle.code.cpp.commons.Alloc -from C11ThreadCreateCall tcc, StackVariable sv, Expr arg, Expr acc +from C11ThreadCreateCall tcc, Expr arg where not isExcluded(tcc, Concurrency4Package::appropriateThreadObjectStorageDurationsQuery()) and tcc.getArgument(2) = arg and - sv.getAnAccess() = acc and - // a stack variable that is given as an argument to a thread - TaintTracking::localTaint(DataFlow::exprNode(acc), DataFlow::exprNode(arg)) and - // or isn't one of the allowed usage patterns - not exists(Expr mfc | - isAllocationExpr(mfc) and - sv.getAnAssignedValue() = mfc and - acc.getAPredecessor*() = mfc - ) and - not exists(TSSGetFunctionCall tsg, TSSSetFunctionCall tss, DataFlow::Node src | - sv.getAnAssignedValue() = tsg and - acc.getAPredecessor*() = tsg and - // there should be dataflow from somewhere (the same somewhere) - // into each of the first arguments - DataFlow::localFlow(src, DataFlow::exprNode(tsg.getArgument(0))) and - DataFlow::localFlow(src, DataFlow::exprNode(tss.getArgument(0))) + ( + exists(ObjectIdentity obj, Expr acc | + obj.getASubobjectAccess() = acc and + obj.getStorageDuration().isAutomatic() and + exists(DataFlow::Node addrNode | + ( + addrNode = DataFlow::exprNode(any(AddressOfExpr e | e.getOperand() = acc)) + or + addrNode = DataFlow::exprNode(acc) and exists(ArrayToPointerConversion c | c.getExpr() = acc) + ) and + TaintTracking::localTaint(addrNode, DataFlow::exprNode(arg)) + ) + ) + or + // TODO: Remove/replace with tss_t type check, see #801. + exists(TSSGetFunctionCall tsg | + TaintTracking::localTaint(DataFlow::exprNode(tsg), DataFlow::exprNode(arg)) and + not exists(TSSSetFunctionCall tss, DataFlow::Node src | + // there should be dataflow from somewhere (the same somewhere) + // into each of the first arguments + DataFlow::localFlow(src, DataFlow::exprNode(tsg.getArgument(0))) and + DataFlow::localFlow(src, DataFlow::exprNode(tss.getArgument(0))) + ) + ) ) select tcc, "$@ not declared with appropriate storage duration", arg, "Shared object" diff --git a/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql b/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql index 9097f14297..1e1e19c7c6 100644 --- a/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql +++ b/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql @@ -13,10 +13,15 @@ import cpp import codingstandards.c.cert +import codingstandards.c.Objects import codingstandards.cpp.dataflow.DataFlow -class Source extends StackVariable { - Source() { not this instanceof Parameter } +class Source extends Expr { + ObjectIdentity rootObject; + Source() { + rootObject.getStorageDuration().isAutomatic() + and this = rootObject.getASubobjectAddressExpr() + } } class Sink extends DataFlow::Node { @@ -40,7 +45,7 @@ from DataFlow::Node src, DataFlow::Node sink where not isExcluded(sink.asExpr(), Declarations8Package::appropriateStorageDurationsFunctionReturnQuery()) and - exists(Source s | src.asExpr() = s.getAnAccess()) and + exists(Source s | src.asExpr() = s) and sink instanceof Sink and DataFlow::localFlow(src, sink) select sink, "$@ with automatic storage may be accessible outside of its lifetime.", src, diff --git a/c/cert/src/rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.ql b/c/cert/src/rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.ql index 6a018ed8c4..3689aa4397 100644 --- a/c/cert/src/rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.ql +++ b/c/cert/src/rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.ql @@ -13,15 +13,13 @@ import cpp import codingstandards.c.cert -import codingstandards.cpp.lifetimes.CLifetimes +import codingstandards.c.Objects // Note: Undefined behavior is possible regardless of whether the accessed field from the returned // struct is an array or a scalar (i.e. arithmetic and pointer types) member, according to the standard. -from FieldAccess fa, FunctionCall fc +from FieldAccess fa, TemporaryObjectIdentity tempObject where not isExcluded(fa, InvalidMemory2Package::doNotModifyObjectsWithTemporaryLifetimeQuery()) and - not fa.getQualifier().isLValue() and - fa.getQualifier().getUnconverted() = fc and - fa.getQualifier().getUnconverted().getUnspecifiedType() instanceof StructOrUnionTypeWithArrayField -select fa, "Field access on $@ qualifier occurs after its temporary object lifetime.", fc, - "function call" + fa.getQualifier().getUnconverted() = tempObject +select fa, "Field access on $@ qualifier occurs after its temporary object lifetime.", tempObject, + "temporary object" diff --git a/c/cert/src/rules/MEM33-C/AllocStructsWithAFlexibleArrayMemberDynamically.ql b/c/cert/src/rules/MEM33-C/AllocStructsWithAFlexibleArrayMemberDynamically.ql index 620c4486a9..4e4ccc2171 100644 --- a/c/cert/src/rules/MEM33-C/AllocStructsWithAFlexibleArrayMemberDynamically.ql +++ b/c/cert/src/rules/MEM33-C/AllocStructsWithAFlexibleArrayMemberDynamically.ql @@ -14,6 +14,7 @@ import cpp import codingstandards.c.cert import codingstandards.c.Variable +import codingstandards.c.Objects import semmle.code.cpp.models.interfaces.Allocation import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis @@ -21,7 +22,7 @@ abstract class FlexibleArrayAlloc extends Element { /** * Returns the `Variable` being allocated. */ - abstract Variable getVariable(); + abstract Element getReportElement(); } /** @@ -53,18 +54,25 @@ class FlexibleArrayStructDynamicAlloc extends FlexibleArrayAlloc, FunctionCall { ) } - override Variable getVariable() { result = v } + override Element getReportElement() { result = v } } /** * A `Variable` of type `FlexibleArrayStructType` that is not allocated dynamically. */ -class FlexibleArrayNonDynamicAlloc extends FlexibleArrayAlloc, Variable { +class FlexibleArrayNonDynamicAlloc extends FlexibleArrayAlloc { + ObjectIdentity object; FlexibleArrayNonDynamicAlloc() { - this.getUnspecifiedType().getUnspecifiedType() instanceof FlexibleArrayStructType + this = object and + not object.getStorageDuration().isAllocated() and + // Exclude temporaries. Though they should violate this rule, in practice these results are + // often spurious and redundant, such as (*x = *x) which creates an unused temporary object. + not object.hasTemporaryLifetime() and + object.getType().getUnspecifiedType() instanceof FlexibleArrayStructType + and not exists(Variable v | v.getInitializer().getExpr() = this) } - override Variable getVariable() { result = this } + override Element getReportElement() { result = object } } from FlexibleArrayAlloc alloc, string message @@ -77,4 +85,4 @@ where alloc instanceof FlexibleArrayNonDynamicAlloc and message = "$@ contains a flexible array member but is not dynamically allocated." ) -select alloc, message, alloc.getVariable(), alloc.getVariable().getName() +select alloc, message, alloc.getReportElement(), alloc.getReportElement().toString() diff --git a/c/cert/test/rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.expected b/c/cert/test/rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.expected index f14ab4de4a..3fb10f3267 100644 --- a/c/cert/test/rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.expected +++ b/c/cert/test/rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.expected @@ -1,4 +1,4 @@ -| test.c:65:18:65:18 | a | Field access on $@ qualifier occurs after its temporary object lifetime. | test.c:65:9:65:14 | call to get_s1 | function call | -| test.c:67:18:67:19 | s1 | Field access on $@ qualifier occurs after its temporary object lifetime. | test.c:67:9:67:14 | call to get_s3 | function call | -| test.c:68:18:68:19 | i1 | Field access on $@ qualifier occurs after its temporary object lifetime. | test.c:68:9:68:14 | call to get_s3 | function call | -| test.c:69:18:69:21 | af12 | Field access on $@ qualifier occurs after its temporary object lifetime. | test.c:69:9:69:14 | call to get_s4 | function call | +| test.c:65:18:65:18 | a | Field access on $@ qualifier occurs after its temporary object lifetime. | test.c:65:9:65:14 | call to get_s1 | temporary object | +| test.c:67:18:67:19 | s1 | Field access on $@ qualifier occurs after its temporary object lifetime. | test.c:67:9:67:14 | call to get_s3 | temporary object | +| test.c:68:18:68:19 | i1 | Field access on $@ qualifier occurs after its temporary object lifetime. | test.c:68:9:68:14 | call to get_s3 | temporary object | +| test.c:69:18:69:21 | af12 | Field access on $@ qualifier occurs after its temporary object lifetime. | test.c:69:9:69:14 | call to get_s4 | temporary object | diff --git a/c/common/src/codingstandards/c/IdentifierLinkage.qll b/c/common/src/codingstandards/c/IdentifierLinkage.qll new file mode 100644 index 0000000000..085ebf5a7b --- /dev/null +++ b/c/common/src/codingstandards/c/IdentifierLinkage.qll @@ -0,0 +1,47 @@ +import cpp + +newtype TIdentifierLinkage = + TIdentifierLinkageExternal() or + TIdentifierLinkageInternal() or + TIdentifierLinkageNone() + +/** + * In C, identifiers have internal linkage, or external linkage, or no linkage (6.2.2.1). + * + * The linkage of an identifier is used to, among other things, determine the storage duration + * and/or lifetime of that identifier. Storage durations and lifetimes are often used to define + * rules in the various coding standards. + */ +class IdentifierLinkage extends TIdentifierLinkage { + predicate isExternal() { this = TIdentifierLinkageExternal() } + + predicate isInternal() { this = TIdentifierLinkageInternal() } + + predicate isNone() { this = TIdentifierLinkageNone() } + + string toString() { + this.isExternal() and result = "external linkage" + or + this.isInternal() and result = "internal linkage" + or + this.isNone() and result = "no linkage" + } +} + +/** + * Determine the linkage of a variable: external, or static, or none. + * + * The linkage of a variable is determined by its scope and storage class. Note that other types of + * identifiers (e.g. functions) may also have linkage, but that behavior is not covered in this + * predicate. + */ +IdentifierLinkage linkageOfVariable(Variable v) { + // 6.2.2.3, file scope identifiers marked static have internal linkage. + v.isTopLevel() and v.isStatic() and result.isInternal() + or + // 6.2.2.4 describes generally non-static file scope identifiers, which have external linkage. + v.isTopLevel() and not v.isStatic() and result.isExternal() + or + // Note: Not all identifiers have linkage, see 6.2.2.6 + not v.isTopLevel() and result.isNone() +} diff --git a/c/common/src/codingstandards/c/Objects.qll b/c/common/src/codingstandards/c/Objects.qll new file mode 100644 index 0000000000..105291c688 --- /dev/null +++ b/c/common/src/codingstandards/c/Objects.qll @@ -0,0 +1,393 @@ +import cpp +import codingstandards.c.StorageDuration +import codingstandards.c.IdentifierLinkage +import semmle.code.cpp.valuenumbering.HashCons +import codingstandards.cpp.Clvalues + +/** + * A libary for handling "Objects" in C. + * + * Objects may be stored in registers or memory, they have an address, a type, a storage duration, + * and a lifetime (which is different than storage duration). Objects which are structs or arrays + * have subobjects, which share the storage duration and lifetime of the parent object. + * + * Note: lifetime analysis is not performed in this library, but is available in + * the module `codingstandards.cpp.lifetimes.LifetimeProfile`. In the future, these libraries could + * be merged for more complete analysis. + * + * To get objects in a project, use the `ObjectIdentity` class which finds the following types of + * objects: + * - global variables + * - local variables + * - literals + * - malloc calls + * - certain temporary object expressions + * + * And direct references to these objects can be found via the member predicate `getAnAccess()`. + * However, much of a project's code will not refer to these objects directly, but rather, refer to + * their subobjects. The class `ObjectIdentity` exposes several member predicates for finding when + * these subobjects are used: + * - `getASubobjectType()` + * - `getASubobjectAccess()` + * - `getASubobjectAddressExpr()` + * + * These methods do not use flow analysis, and will not return a conclusive list of accesses. To + * get better results here, this library should be integrated with flow analysis or the library + * `LifetimeProfile.qll`. + * + * Additionally, subobjects are currently not tracked individually. In the future subobjects could + * be tracked as a root object and an access chain to refer to them. For now, however, finding *any* + * subobject access is sufficient for many analyses. + * + * To get the storage duration, `ObjectIdentity` exposes the member predicate + * `getStorageDuration()` with the following options: + * - `obj.getStorageDuration().isAutomatic()`: Stack objects + * - `obj.getStorageDuration().isStatic()`: Global objects + * - `obj.getStorageDuration().isThread()`: Threadlocal objects + * - `obj.getStorageDuration().isAllocated()`: Dynamic objects + * + * Note that lifetimes are not storage durations. The only lifetime tracking currently implemented + * is `hasTemporaryLifetime()`, which is a subset of automatic storage duration objects, and may + * be filtered out, or selected directly with `TemporaryObjectIdentity`. + */ +final class ObjectIdentity = ObjectIdentityBase; + +/** + * A base class for objects in C, along with the source location where the object can be identified + * in the project code (thus, this class extends `Element`), which may be variable, or may be an + * expression such as a literal or a malloc call. + * + * Extend this class to define a new type of object identity. To create a class which filters the + * set of object identities, users of this library should extend the final subclass + * `ObjectIdentity` instead. + */ +abstract class ObjectIdentityBase extends Element { + /** + * The type of this object. + * + * Note that for allocated objects, this is inferred from the sizeof() statement or the variable + * it is assigned to. + */ + abstract Type getType(); + + /* The storage duration of this object: static, thread, automatic, or allocated. */ + abstract StorageDuration getStorageDuration(); + + /** + * Get the nested objects within this object (members, array element types). + * + * Note that if a struct has a pointer member, the pointer itself is a subobject, but the value + * it points to is not. Therefore `struct { int* x; }` has a subobject of type `int*`, but not + * `int`. + */ + Type getASubObjectType() { result = getADirectSubobjectType*(getType()) } + + /** + * Get expressions which trivially access this object. Does not perform flow analysis. + * + * For dynamically allocated objects, this is a dereference of the malloc call. + */ + abstract Expr getAnAccess(); + + /** + * Get expressions which trivially access this object or a subobject of this object. Does not + * perform flow analysis. + * + * For dynamically allocated objects, this is a dereference of the malloc call or direct access + * of the result of dereferencing the malloc call. + */ + Expr getASubobjectAccess() { result = getASubobjectAccessOf(getAnAccess()) } + + /** + * Get expressions which trivially take the address of this object or a subobject of this object. + * Does not perform flow analysis. + */ + Expr getASubobjectAddressExpr() { + exists(Expr subobject | + subobject = getASubobjectAccess() and + ( + result = any(AddressOfExpr e | e.getOperand() = subobject) + or + exists(ArrayToPointerConversion c | c.getExpr() = subobject) and + not exists(ArrayExpr a | a.getArrayBase() = subobject) and + result = subobject + ) + ) + } + + /** + * Holds if the object has temporary lifetime. This is not a storage duration, but only objects + * with automatic storage duration have temporary lifetime. + */ + abstract predicate hasTemporaryLifetime(); +} + +/** + * Finds expressions `e.x` or `e[x]` for expression `e`, recursively. Does not resolve pointers. + * + * Note that this does not hold for `e->x` or `e[x]` where `e` is a pointer. + */ +private Expr getASubobjectAccessOf(Expr e) { + result = e + or + result.(DotFieldAccess).getQualifier() = getASubobjectAccessOf(e) + or + result.(ArrayExpr).getArrayBase() = getASubobjectAccessOf(e) and + not result.(ArrayExpr).getArrayBase().getUnspecifiedType() instanceof PointerType +} + +/** + * Find the object types that are embedded within the current type. + * + * For example, a block of memory with type `T[]` has subobjects of type `T`, and a struct with a + * member of `T member;` has a subobject of type `T`. + * + * Note that subobjects may be pointers, but the value they point to is not a subobject. For + * instance, `struct { int* x; }` has a subobject of type `int*`, but not `int`. + */ +Type getADirectSubobjectType(Type type) { + result = type.stripTopLevelSpecifiers().(Struct).getAMember().getADeclarationEntry().getType() + or + result = type.stripTopLevelSpecifiers().(ArrayType).getBaseType() +} + +/** + * An object in memory which may be identified by the variable that holds it. + * + * This may be a local variable, a global variable, or a parameter, etc. However, it cannot be a + * member of a struct or union, as these do not have storage duration. + */ +class VariableObjectIdentity extends Variable, ObjectIdentityBase { + VariableObjectIdentity() { + // Exclude members; member definitions does not allocate storage and thus do not have a storage + // duration. They are therefore not objects. To get the storage duration of members, use one of + // the predicates related to sub objects, e.g. `getASubObjectType()`. + not isMember() + } + + override StorageDuration getStorageDuration() { + // 6.2.4.4, objects declared _Thread_local have thread storage duration. + isThreadLocal() and result.isThread() + or + // 6.2.4.3, Non _ThreadLocal objects with internal or external linkage or declared static have + // static storage duration. + not isThreadLocal() and + (hasLinkage() or isStatic()) and + result.isStatic() + or + // 6.2.4.3, Non _ThreadLocal objects no linkage that are not static have automatic storage + // duration. + not isThreadLocal() and + not hasLinkage() and + not isStatic() and + result.isAutomatic() + } + + override Type getType() { + // Caution here: If we use `Variable.super.getType()` then override resolution is skipped, and + // it uses the base predicate defined as `none()`. By casting this to `Variable` and calling + // `getType()`, all overrides (harmlessly, *including this one*...) are considered, which means + // we defer to the subclasses such as `GlobalVariable` overrides of `getType()`, which is what + // we want. + result = this.(Variable).getType() + } + + /* The storage duration of a variable depends on its linkage. */ + IdentifierLinkage getLinkage() { result = linkageOfVariable(this) } + + predicate hasLinkage() { not getLinkage().isNone() } + + override VariableAccess getAnAccess() { result = Variable.super.getAnAccess() } + + override predicate hasTemporaryLifetime() { + none() // Objects identified by a variable do not have temporary lifetime. + } +} + +/** + * A string literal is an object with static storage duration. + * + * 6.4.5.6, multibyte character sequences initialize an array of static storage duration. + */ +class LiteralObjectIdentity extends Literal, ObjectIdentityBase { + override StorageDuration getStorageDuration() { result.isStatic() } + + override Type getType() { result = Literal.super.getType() } + + override Expr getAnAccess() { result = this } + + override predicate hasTemporaryLifetime() { + none() // String literal objects do not have temporary lifetime. + } +} + +/** + * An object identifiable as a struct or array literal, which is an lvalue that may have static or + * automatic storage duration depending on context. + * + * 6.5.2.5.5, compound literals outside of a function have static storage duration, while literals + * inside a function have automatic storage duration. + */ +class AggregateLiteralObjectIdentity extends AggregateLiteral, ObjectIdentityBase { + override StorageDuration getStorageDuration() { + if exists(getEnclosingFunction()) then result.isAutomatic() else result.isStatic() + } + + override Type getType() { result = AggregateLiteral.super.getType() } + + override Expr getAnAccess() { result = this } + + override predicate hasTemporaryLifetime() { + // Confusing; a struct literal is an lvalue, and therefore does not have temporary lifetime. + none() + } +} + +/** + * An object identified by a call to `malloc`. + * + * Note: the malloc expression returns an address to this object, not the object itself. Therefore, + * `getAnAccess()` returns cases where this malloc result is dereferenced, and not the malloc call + * itself. + * + * Note that the predicates for tracking accesses, subobject accesses, and address expresisons may + * be less reliable as dynamic memory is fundamentally more difficult to track. However, this class + * attempts to give reasonable results. In the future, this could be improved by integrating with + * LifetimeProfile.qll or by integrating flow analysis. + * + * Additionally, the type of this object is inferred based on its size and use. + */ +class AllocatedObjectIdentity extends AllocationExpr, ObjectIdentityBase { + AllocatedObjectIdentity() { + this.(FunctionCall).getTarget().(AllocationFunction).requiresDealloc() + } + + override StorageDuration getStorageDuration() { result.isAllocated() } + + /** Attempt to infer the type of the allocated memory */ + override Type getType() { result = this.getAllocatedElementType() } + + /** Find dereferences of direct aliases of this pointer result. */ + override Expr getAnAccess() { result.(PointerDereferenceExpr).getOperand() = getAnAlias() } + + /** + * Find the following subobject accesses, given a pointer alias `x`: + * - `(*x)` + * - `(*x).y` + * - `(*x)[i]` + * - `x->y` + * - `x[i]` + * - `x->y.z` + * - `x[i].y` + * - all direct accesses (`foo.x`, `foo[i]`) of the above + */ + override Expr getASubobjectAccess() { + result = getASubobjectAccessOf(getAnAccess()) + or + exists(PointerFieldAccess pfa | + pfa.getQualifier() = getASubobjectAddressExpr() and + result = getASubobjectAccessOf(pfa) + ) + or + exists(ArrayExpr arrayExpr | + arrayExpr.getArrayBase() = getASubobjectAddressExpr() and + result = getASubobjectAccessOf(arrayExpr) + ) + } + + /** + * Given a pointer alias `x`, finds `x` itself. Additionally, defers to the default class + * behavior, which finds address-of (`&`) and array-to-pointer conversions of all subobject + * accesses. (See `AllocatedObjectIdentity.getASubobjectAccess()`.) + */ + override Expr getASubobjectAddressExpr() { + result = getAnAlias() + or + result = super.getASubobjectAddressExpr() + } + + /** + * Find an obvious direct reference to the result of a `malloc()` function call. This includes + * the function call itself, but additionally: + * - For `T* x = malloc(...)`, accesses to variable `x` are likely aliases of the malloc result + * - For `(expr) = malloc(...)` future lexically identical uses of `expr` are likely aliases of + * the malloc result. + * + * This is used so that member predicates such as `getAnAccess()`, `getASubobjectAccess()` can + * find cases such as: + * + * ```c + * int *x = malloc(sizeof(int)); + * return *x; // accesses the malloc result + * ``` + */ + Expr getAnAlias() { + result = this + or + exists(AssignExpr assignExpr | + assignExpr.getRValue() = this and + hashCons(result) = hashCons(assignExpr.getLValue()) + ) + or + exists(Variable v | + v.getInitializer().getExpr() = this and + result = v.getAnAccess() + ) + } + + override predicate hasTemporaryLifetime() { + none() // Allocated objects do not have "temporary lifetime." + } +} + +/** + * A struct or union type that contains an array type, used to find objects with temporary + * lifetime. + */ +private class StructOrUnionTypeWithArrayField extends Struct { + StructOrUnionTypeWithArrayField() { + this.getAField().getUnspecifiedType() instanceof ArrayType + or + // nested struct or union containing an array type + this.getAField().getUnspecifiedType().(Struct) instanceof StructOrUnionTypeWithArrayField + } +} + +/** + * 6.2.4.7, A non-lvalue expression with struct or or union type that has a field member of array + * type, refers to an object with automatic storage duration (and has temporary lifetime). + * + * The spec uses the lanugage "refers to." This is likely intended to mean that the expression + * `foo().x` does not create a new temporary object, but rather "refers to" the temporary object + * storing the value of the expression `foo()`. + * + * Separate this predicate to avoid non-monotonic recursion (`C() { not exists(C c | ... ) }`). + */ +private class TemporaryObjectIdentityExpr extends Expr { + TemporaryObjectIdentityExpr() { + getType() instanceof StructOrUnionTypeWithArrayField and + not isCLValue(this) + } +} + +/** + * 6.2.4.7, A non-lvalue expression with struct or or union type that has a field member of array + * type, is an object with automatic storage duration (and has temporary lifetime). + */ +class TemporaryObjectIdentity extends ObjectIdentityBase instanceof TemporaryObjectIdentityExpr { + TemporaryObjectIdentity() { + // See comment in `TemporaryObjectIdentityExpr` for why we check `getASubobjectAccess()` here. + not exists(TemporaryObjectIdentityExpr parent | + this = getASubobjectAccessOf(parent) and + not this = parent + ) + } + + override StorageDuration getStorageDuration() { result.isAutomatic() } + + override Type getType() { result = this.(Expr).getType() } + + override Expr getAnAccess() { result = this } + + override predicate hasTemporaryLifetime() { any() } +} diff --git a/c/common/src/codingstandards/c/StorageDuration.qll b/c/common/src/codingstandards/c/StorageDuration.qll new file mode 100644 index 0000000000..4669d467bb --- /dev/null +++ b/c/common/src/codingstandards/c/StorageDuration.qll @@ -0,0 +1,31 @@ +import cpp + +class DeclarationWithStorageDuration extends Declaration { } + +newtype TStorageDuration = + StorageDurationStatic() or + StorageDurationAutomatic() or + StorageDurationThread() or + StorageDurationAllocated() + +class StorageDuration extends TStorageDuration { + predicate isStatic() { this = StorageDurationStatic() } + + predicate isAutomatic() { this = StorageDurationAutomatic() } + + predicate isThread() { this = StorageDurationThread() } + + predicate isAllocated() { this = StorageDurationAllocated() } + + string toString() { result = getStorageTypeName() + " storage duration" } + + string getStorageTypeName() { + isStatic() and result = "static" + or + isAutomatic() and result = "automatic" + or + isThread() and result = "thread" + or + isAllocated() and result = "allocated" + } +} diff --git a/c/common/src/codingstandards/c/UninitializedMutex.qll b/c/common/src/codingstandards/c/UninitializedMutex.qll new file mode 100644 index 0000000000..e69de29bb2 diff --git a/c/common/test/library/identifierlinkage/IdentifierLinkage.expected b/c/common/test/library/identifierlinkage/IdentifierLinkage.expected new file mode 100644 index 0000000000..c3f1bc39ef --- /dev/null +++ b/c/common/test/library/identifierlinkage/IdentifierLinkage.expected @@ -0,0 +1,10 @@ +| identifierlinkage.c:2:5:2:10 | g_ext1 | external linkage | +| identifierlinkage.c:3:12:3:17 | g_ext2 | external linkage | +| identifierlinkage.c:6:12:6:17 | g_int1 | internal linkage | +| identifierlinkage.c:9:5:9:10 | g_ext3 | external linkage | +| identifierlinkage.c:12:12:12:17 | g_int2 | internal linkage | +| identifierlinkage.c:15:12:15:12 | p | no linkage | +| identifierlinkage.c:16:7:16:13 | l_none1 | no linkage | +| identifierlinkage.c:17:14:17:20 | l_none2 | no linkage | +| identifierlinkage.c:18:14:18:19 | l_ext1 | external linkage | +| identifierlinkage.c:24:7:24:7 | m | no linkage | diff --git a/c/common/test/library/identifierlinkage/IdentifierLinkage.ql b/c/common/test/library/identifierlinkage/IdentifierLinkage.ql new file mode 100644 index 0000000000..37e5b4cd58 --- /dev/null +++ b/c/common/test/library/identifierlinkage/IdentifierLinkage.ql @@ -0,0 +1,5 @@ +import codingstandards.c.IdentifierLinkage + +from Variable v +where not v.getLocation().toString() = "file://:0:0:0:0" +select v, linkageOfVariable(v) diff --git a/c/common/test/library/identifierlinkage/identifierlinkage.c b/c/common/test/library/identifierlinkage/identifierlinkage.c new file mode 100644 index 0000000000..cf6b439797 --- /dev/null +++ b/c/common/test/library/identifierlinkage/identifierlinkage.c @@ -0,0 +1,30 @@ +// Simple external linkage +int g_ext1; +extern int g_ext2; + +// Simple internal linkage +static int g_int1; + +// Redefined maintaining linkage +int g_ext3; +extern int g_ext3; + +static int g_int2; +extern int g_int2; + +void f(int p) { + int l_none1; + static int l_none2; + extern int l_ext1; +} + +// Structs are not variables +struct s { + // Struct members are variables with no linkage. + int m; +}; + +// Enums and enum constants are not variables and have no linkage. +enum e { + E1 +}; \ No newline at end of file diff --git a/c/common/test/library/objects/ObjectIdentity.expected b/c/common/test/library/objects/ObjectIdentity.expected new file mode 100644 index 0000000000..34be1974f5 --- /dev/null +++ b/c/common/test/library/objects/ObjectIdentity.expected @@ -0,0 +1,21 @@ +| objectidentity.c:3:5:3:14 | g_statstg1 | static storage duration | file://:0:0:0:0 | int | +| objectidentity.c:4:12:4:21 | g_statstg2 | static storage duration | file://:0:0:0:0 | int | +| objectidentity.c:5:12:5:21 | g_statstg3 | static storage duration | file://:0:0:0:0 | int | +| objectidentity.c:8:13:8:22 | p_autostg1 | automatic storage duration | file://:0:0:0:0 | int | +| objectidentity.c:8:31:8:40 | l_autostg2 | automatic storage duration | file://:0:0:0:0 | int | +| objectidentity.c:12:14:12:23 | l_statstg1 | static storage duration | file://:0:0:0:0 | int | +| objectidentity.c:13:14:13:23 | l_statstg2 | static storage duration | file://:0:0:0:0 | int | +| objectidentity.c:17:15:17:24 | g_thrdstg1 | thread storage duration | file://:0:0:0:0 | int | +| objectidentity.c:18:22:18:31 | g_thrdstg2 | thread storage duration | file://:0:0:0:0 | int | +| objectidentity.c:19:22:19:31 | g_thrdstg3 | thread storage duration | file://:0:0:0:0 | int | +| objectidentity.c:21:24:21:33 | l_statstg3 | thread storage duration | file://:0:0:0:0 | int | +| objectidentity.c:22:24:22:33 | l_statstg4 | thread storage duration | file://:0:0:0:0 | int | +| objectidentity.c:35:11:35:20 | g_statstg4 | static storage duration | file://:0:0:0:0 | s * | +| objectidentity.c:35:35:35:37 | {...} | static storage duration | objectidentity.c:27:8:27:8 | s | +| objectidentity.c:35:36:35:36 | 0 | static storage duration | file://:0:0:0:0 | int | +| objectidentity.c:36:7:36:16 | g_statstg5 | static storage duration | file://:0:0:0:0 | char * | +| objectidentity.c:36:20:36:26 | hello | static storage duration | file://:0:0:0:0 | char[6] | +| objectidentity.c:38:3:38:3 | 1 | static storage duration | file://:0:0:0:0 | int | +| objectidentity.c:39:3:39:9 | hello | static storage duration | file://:0:0:0:0 | char[6] | +| objectidentity.c:40:3:40:15 | {...} | automatic storage duration | objectidentity.c:27:8:27:8 | s | +| objectidentity.c:40:14:40:14 | 1 | static storage duration | file://:0:0:0:0 | int | diff --git a/c/common/test/library/objects/ObjectIdentity.ql b/c/common/test/library/objects/ObjectIdentity.ql new file mode 100644 index 0000000000..28e6832bb2 --- /dev/null +++ b/c/common/test/library/objects/ObjectIdentity.ql @@ -0,0 +1,5 @@ +import codingstandards.c.Objects + +from ObjectIdentity obj +where obj.getFile().getBaseName() = "objectidentity.c" +select obj, obj.getStorageDuration(), obj.getType() \ No newline at end of file diff --git a/c/common/test/library/objects/objectidentity.c b/c/common/test/library/objects/objectidentity.c new file mode 100644 index 0000000000..066f68b1fd --- /dev/null +++ b/c/common/test/library/objects/objectidentity.c @@ -0,0 +1,41 @@ +#include "threads.h" +// Basic static storage duration +int g_statstg1; +extern int g_statstg2; +static int g_statstg3; + +// Basic automatic storage duration +void f1(int p_autostg1) { int l_autostg2; } + +// Block identifiers with static storage duration +void f2(void) { + extern int l_statstg1; + static int l_statstg2; +} + +// Thread storage duration +_Thread_local g_thrdstg1; +extern _Thread_local g_thrdstg2; +static _Thread_local g_thrdstg3; +void f3() { + extern _Thread_local l_statstg3; + static _Thread_local l_statstg4; +} + +// Struct declarations do not allocate storage, and do not have a storage +// duration. +struct s { + int m; +}; + +// Enums and enum constants are not variables and have no linkage. +enum e { E1 }; + +// Various literals: +struct s *g_statstg4 = &(struct s){0}; +char *g_statstg5 = "hello"; +void f4(void) { + 1; + "hello"; + (struct s){1}; +} \ No newline at end of file diff --git a/c/misra/src/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.ql b/c/misra/src/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.ql index 5317966f3b..c65890f6bc 100644 --- a/c/misra/src/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.ql +++ b/c/misra/src/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.ql @@ -15,7 +15,7 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.lifetimes.CLifetimes +import codingstandards.c.Objects /** * Holds if the value of an expression is used or stored. @@ -59,11 +59,11 @@ Expr temporaryObjectFlowStep(Expr e) { } from - TemporaryLifetimeArrayAccess fa, TemporaryLifetimeExpr temporary, + FieldAccess fa, TemporaryObjectIdentity temporary, ArrayToPointerConversion conversion where not isExcluded(conversion, InvalidMemory3Package::arrayToPointerConversionOfTemporaryObjectQuery()) and - fa.getTemporary() = temporary and + fa = temporary.getASubobjectAccess() and conversion.getExpr() = fa and isUsedOrStored(temporaryObjectFlowStep*(conversion.getExpr())) select conversion, "Array to pointer conversion of array $@ from temporary object $@.", diff --git a/c/misra/src/rules/RULE-18-9/ModifiableLValueSubscriptedWithTemporaryLifetime.ql b/c/misra/src/rules/RULE-18-9/ModifiableLValueSubscriptedWithTemporaryLifetime.ql index f8a341b9bd..e10b478ee7 100644 --- a/c/misra/src/rules/RULE-18-9/ModifiableLValueSubscriptedWithTemporaryLifetime.ql +++ b/c/misra/src/rules/RULE-18-9/ModifiableLValueSubscriptedWithTemporaryLifetime.ql @@ -15,45 +15,31 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.lifetimes.CLifetimes +import codingstandards.c.Objects +import codeql.util.Boolean -class TemporaryLifetimeArrayExpr extends ArrayExpr { - TemporaryLifetimeArrayAccess member; - Type elementType; - - TemporaryLifetimeArrayExpr() { - member = getArrayBase() and - elementType = member.getType().(ArrayType).getBaseType() - or - exists(TemporaryLifetimeArrayExpr inner | - inner = getArrayBase() and - member = inner.getMember() and - elementType = inner.getElementType().(ArrayType).getBaseType() - ) - } - - TemporaryLifetimeArrayAccess getMember() { result = member } - - Type getElementType() { result = elementType } -} - -predicate usedAsModifiableLvalue(Expr expr) { +predicate usedAsModifiableLvalue(Expr expr, Boolean allowArrayAccess) { exists(Assignment parent | parent.getLValue() = expr) or exists(CrementOperation parent | parent.getOperand() = expr) or exists(AddressOfExpr parent | parent.getOperand() = expr) or - exists(FieldAccess parent | parent.getQualifier() = expr and usedAsModifiableLvalue(parent)) + // Don't report `x.y[0].m[0]++` twice. Recurse with `allowArrayAccess` set to false. + exists(FieldAccess parent | parent.getQualifier() = expr and usedAsModifiableLvalue(parent, false)) + or + allowArrayAccess = true and + exists(ArrayExpr parent | parent.getArrayBase() = expr and usedAsModifiableLvalue(parent, true)) } -from TemporaryLifetimeArrayExpr expr, TemporaryLifetimeArrayAccess member +from ArrayExpr expr, FieldAccess fieldAccess, TemporaryObjectIdentity tempObject where not isExcluded(expr, InvalidMemory3Package::modifiableLValueSubscriptedWithTemporaryLifetimeQuery()) and - member = expr.getMember() and + expr = tempObject.getASubobjectAccess() and + fieldAccess = expr.getArrayBase() and not expr.isUnevaluated() and - usedAsModifiableLvalue(expr) + usedAsModifiableLvalue(expr, true) select expr, "Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ ", - member, member.getTarget().getName(), member.getTemporary(), member.getTemporary().toString() + fieldAccess, fieldAccess.getTarget().getName(), tempObject, tempObject.toString() diff --git a/c/misra/src/rules/RULE-22-12/NonstandardUseOfThreadingObject.ql b/c/misra/src/rules/RULE-22-12/NonstandardUseOfThreadingObject.ql new file mode 100644 index 0000000000..d92b4ccea6 --- /dev/null +++ b/c/misra/src/rules/RULE-22-12/NonstandardUseOfThreadingObject.ql @@ -0,0 +1,54 @@ +/** + * @id c/misra/nonstandard-use-of-threading-object + * @name RULE-22-12: Standard library threading objects (mutexes, threads, etc.) shall only be accessed by the appropriate Standard Library functions + * @description Thread objects, thread synchronization objects, and thread-specific storage pointers + * shall only be accessed by the appropriate Standard Library functions. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-22-12 + * correctness + * concurrency + * external/misra/c/2012/amendment4 + * external/misra/obligation/mandatory + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.Concurrency +import codingstandards.cpp.Type + +predicate isThreadingObject(Type t) { t instanceof PossiblySpecified::Type } + +predicate validUseOfStdThreadObject(Expr e) { + e.getParent() instanceof AddressOfExpr + or + exists(Call c | + c.getTarget().hasName(["tss_get", "tss_set", "tss_delete"]) and + e = c.getArgument(0) + ) +} + +predicate isStdThreadObjectPtr(Type t) { isThreadingObject(t.(PointerType).getBaseType()) } + +predicate invalidStdThreadObjectUse(Expr e) { + // Invalid use of mtx_t, etc. + isThreadingObject(e.getType()) and + not validUseOfStdThreadObject(e) + or + // Invalid cast from mtx_t* to void*, etc. + isStdThreadObjectPtr(e.getType()) and + exists(Cast cast | + cast.getExpr() = e and + not isStdThreadObjectPtr(cast.getType()) + ) +} + +from Expr e +where + not isExcluded(e, Concurrency8Package::nonstandardUseOfThreadingObjectQuery()) and + invalidStdThreadObjectUse(e) and + // Deduplicate results: (mtx = mtx) is an expression of mtx type, but don't flag the equality + // check, only flag the two `mtx` references. + not invalidStdThreadObjectUse(e.getAChild+()) +select e, "Invalid usage of standard thread object type '" + e.getType().toString() + "'." diff --git a/c/misra/src/rules/RULE-22-13/ThreadingObjectWithInvalidStorageDuration.ql b/c/misra/src/rules/RULE-22-13/ThreadingObjectWithInvalidStorageDuration.ql new file mode 100644 index 0000000000..066cf3c295 --- /dev/null +++ b/c/misra/src/rules/RULE-22-13/ThreadingObjectWithInvalidStorageDuration.ql @@ -0,0 +1,31 @@ +/** + * @id c/misra/threading-object-with-invalid-storage-duration + * @name RULE-22-13: Threading objects (mutexes, threads, etc). shall have not have automatic or thread storage duration + * @description Thread objects, thread synchronization objects, and thread specific storage pointers + * shall have appropriate storage duration. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-22-13 + * correctness + * concurrency + * external/misra/c/2012/amendment4 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.c.Objects +import codingstandards.cpp.Concurrency +import codingstandards.cpp.Type + +from ObjectIdentity obj, StorageDuration storageDuration, Type type +where + not isExcluded(obj, Concurrency8Package::threadingObjectWithInvalidStorageDurationQuery()) and + storageDuration = obj.getStorageDuration() and + not storageDuration.isStatic() and + type = obj.getASubObjectType() and + type instanceof PossiblySpecified::Type +select obj, + "Object of type '" + obj.getType().getName() + "' has invalid storage duration type '" + + storageDuration.getStorageTypeName() + "'." diff --git a/c/misra/src/rules/RULE-22-14/MutexInitWithInvalidMutexType.ql b/c/misra/src/rules/RULE-22-14/MutexInitWithInvalidMutexType.ql new file mode 100644 index 0000000000..a122a0bec4 --- /dev/null +++ b/c/misra/src/rules/RULE-22-14/MutexInitWithInvalidMutexType.ql @@ -0,0 +1,36 @@ +/** + * @id c/misra/mutex-init-with-invalid-mutex-type + * @name RULE-22-14: Mutexes shall be initialized with a valid mutex type + * @description Mutexes shall be initialized with a valid mutex type. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/misra/id/rule-22-14 + * correctness + * concurrency + * external/misra/c/2012/amendment4 + * external/misra/obligation/mandatory + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.Concurrency + +predicate isBaseMutexType(EnumConstantAccess access) { + access.getTarget().hasName(["mtx_plain", "mtx_timed"]) +} + +predicate isValidMutexType(Expr expr) { + isBaseMutexType(expr) + or + exists(BinaryBitwiseOperation binOr | binOr = expr | + isBaseMutexType(binOr.getLeftOperand()) and + binOr.getRightOperand().(EnumConstantAccess).getTarget().hasName("mtx_recursive") + ) +} + +from C11MutexSource init +where + not isExcluded(init, Concurrency8Package::mutexInitWithInvalidMutexTypeQuery()) and + not isValidMutexType(init.getMutexTypeExpr()) +select init, "Mutex initialized with incorrect type expression." diff --git a/c/misra/src/rules/RULE-22-14/MutexInitializedInsideThread.ql b/c/misra/src/rules/RULE-22-14/MutexInitializedInsideThread.ql new file mode 100644 index 0000000000..649c941e66 --- /dev/null +++ b/c/misra/src/rules/RULE-22-14/MutexInitializedInsideThread.ql @@ -0,0 +1,27 @@ +/** + * @id c/misra/mutex-initialized-inside-thread + * @name RULE-22-14: Thread synchronization objects shall be initialized deterministically + * @description Mutex and condition objects initialized inside of threads may result in + * indeterministic state + * @kind problem + * @precision high + * @problem.severity recommendation + * @tags external/misra/id/rule-22-14 + * readability + * maintainability + * concurrency + * external/misra/c/2012/amendment4 + * external/misra/obligation/mandatory + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.Concurrency + +from C11MutexSource mutexCreate, ThreadedFunction thread +where + not isExcluded(mutexCreate, Concurrency8Package::mutexInitializedInsideThreadQuery()) and + thread.calls*(mutexCreate.getEnclosingFunction()) +select +mutexCreate, "Mutex initialization reachable from threaded function '$@'.", +thread, thread.getName() diff --git a/c/misra/src/rules/RULE-22-14/MutexNotInitializedBeforeUse.ql b/c/misra/src/rules/RULE-22-14/MutexNotInitializedBeforeUse.ql new file mode 100644 index 0000000000..ed4226c207 --- /dev/null +++ b/c/misra/src/rules/RULE-22-14/MutexNotInitializedBeforeUse.ql @@ -0,0 +1,130 @@ +/** + * @id c/misra/mutex-not-initialized-before-use + * @name RULE-22-14: Thread synchronization objects shall be initialized before being accessed + * @description Mutex and condition objects shall be initialized with the standard library functions + * before using them. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/misra/id/rule-22-14 + * correctness + * concurrency + * external/misra/c/2012/amendment4 + * external/misra/obligation/mandatory + */ + +import cpp +import codingstandards.c.misra +import codingstandards.c.Objects +import codingstandards.cpp.Concurrency +import codingstandards.cpp.Type + +/** A function which is not called or started as a thread */ +class RootFunction extends Function { + RootFunction() { + not exists(Function f | f.calls(this)) and + not this instanceof ThreadedFunction + } +} + +/** A function call which initializes a mutex or a condition */ +class ThreadObjectInitialization extends FunctionCall { + ObjectIdentity owningObject; + + ThreadObjectInitialization() { + this.(C11MutexSource).getMutexExpr() = owningObject.getASubobjectAddressExpr() + or + exists(CConditionOperation condOp | + this = condOp and + condOp.isInit() and + condOp.getConditionExpr() = owningObject.getASubobjectAddressExpr() + ) + } + + ObjectIdentity getOwningObject() { result = owningObject } +} + +/** + * A function argument where that argument is used as a mutex or condition object. + */ +class ThreadObjectUse extends Expr { + ObjectIdentity owningObject; + string typeString; + ThreadObjectUse() { + owningObject.getASubobjectAddressExpr() = this and + ( + exists(CMutexFunctionCall mutexUse | this = mutexUse.getLockExpr()) and + typeString = "Mutex" + or + exists(CConditionOperation condOp | this = condOp.getMutexExpr()) and + typeString = "Mutex" + or + exists(CConditionOperation condOp | + condOp.isUse() and + this = condOp.getConditionExpr() and + typeString = "Condition" + ) + ) + } + + ObjectIdentity getOwningObject() { result = owningObject } + + string getDescription() { + if + getOwningObject().getType() instanceof PossiblySpecified::Type or + getOwningObject().getType() instanceof PossiblySpecified::Type + then result = typeString + else result = typeString + " in object" + } +} + + +predicate requiresInitializedMutexObject( + Function func, ThreadObjectUse mutexUse, ObjectIdentity owningObject +) { + mutexUse.getEnclosingFunction() = func and + owningObject = mutexUse.getOwningObject() and + not exists(ThreadObjectInitialization init | + init.getEnclosingFunction() = func and + init.getOwningObject() = owningObject and + mutexUse.getAPredecessor+() = init + ) + or + exists(FunctionCall call | + func = call.getEnclosingFunction() and + requiresInitializedMutexObject(call.getTarget(), mutexUse, owningObject) and + not exists(ThreadObjectInitialization init | + call.getAPredecessor*() = init and + init.getOwningObject() = owningObject + ) + ) + or + exists(C11ThreadCreateCall call | + func = call.getEnclosingFunction() and + not owningObject.getStorageDuration().isThread() and + requiresInitializedMutexObject(call.getFunction(), mutexUse, owningObject) and + not exists(ThreadObjectInitialization init | + call.getAPredecessor*() = init and + init.getOwningObject() = owningObject + ) + ) +} + +from ThreadObjectUse objUse, ObjectIdentity obj, Function callRoot +where + not isExcluded(objUse, Concurrency8Package::mutexNotInitializedBeforeUseQuery()) and + obj = objUse.getOwningObject() and + requiresInitializedMutexObject(callRoot, objUse, obj) and + ( + if obj.getStorageDuration().isAutomatic() + then obj.getEnclosingElement+() = callRoot + else ( + obj.getStorageDuration().isThread() and callRoot instanceof ThreadedFunction + or + callRoot instanceof RootFunction + ) + ) +select objUse, + objUse.getDescription() + + " '$@' possibly used before initialization, from entry point function '$@'.", obj, + obj.toString(), callRoot, callRoot.getName() diff --git a/c/misra/src/rules/RULE-22-16/MutexObjectsNotAlwaysUnlocked.ql b/c/misra/src/rules/RULE-22-16/MutexObjectsNotAlwaysUnlocked.ql new file mode 100644 index 0000000000..c86c9b9d9d --- /dev/null +++ b/c/misra/src/rules/RULE-22-16/MutexObjectsNotAlwaysUnlocked.ql @@ -0,0 +1,52 @@ +/** + * @id c/misra/mutex-objects-not-always-unlocked + * @name RULE-22-16: All mutex objects locked by a thread shall be explicitly unlocked by the same thread + * @description Mutex not unlocked by thread on all execution paths in current thread after being + * locked. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/misra/id/rule-22-16 + * correctness + * concurrency + * external/misra/c/2012/amendment4 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.Concurrency +import codingstandards.cpp.resources.ResourceLeakAnalysis + +module MutexLeakConfig implements ResourceLeakConfigSig { + predicate isAllocate(ControlFlowNode allocPoint, DataFlow::Node node) { + exists(MutexFunctionCall lock | + allocPoint = lock and + lock.isLock() and + node.asDefiningArgument() = lock.getLockExpr() + ) + } + + predicate isFree(ControlFlowNode node, DataFlow::Node resource) { + exists(MutexFunctionCall mfc | + node = mfc and + mfc.isUnlock() and + mfc.getLockExpr() = resource.asExpr() + ) + } +} + +string describeMutex(Expr mutexExpr) { + if mutexExpr instanceof AddressOfExpr + then result = mutexExpr.(AddressOfExpr).getOperand().toString() + else result = mutexExpr.toString() +} + +from MutexFunctionCall lockCall, string mutexDescription +where + not isExcluded(lockCall, Concurrency8Package::mutexObjectsNotAlwaysUnlockedQuery()) and + //lockCall.getLockExpr() = mutexNode.asDefiningArgument() and + exists(ResourceLeak::getALeak(lockCall)) and + mutexDescription = describeMutex(lockCall.getLockExpr()) +select lockCall, + "Mutex '" + mutexDescription + "' is locked here and may not always be subsequently unlocked." diff --git a/c/misra/test/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.expected b/c/misra/test/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.expected index 688dde4650..34bec03490 100644 --- a/c/misra/test/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.expected +++ b/c/misra/test/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.expected @@ -21,10 +21,10 @@ | test.c:65:15:65:32 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:65:15:65:20 | call to get_s1 | call to get_s1 | | test.c:66:16:66:33 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:66:16:66:21 | call to get_s1 | call to get_s1 | | test.c:67:23:67:40 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:67:23:67:28 | call to get_s1 | call to get_s1 | -| test.c:89:3:89:30 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:89:12:89:20 | member_s1 | member_s1 | -| test.c:90:3:90:36 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:90:3:90:26 | access to array | access to array | -| test.c:91:15:91:42 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:91:24:91:32 | member_s1 | member_s1 | -| test.c:92:15:92:48 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:92:15:92:38 | access to array | access to array | +| test.c:89:3:89:30 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:89:3:89:8 | call to get_s2 | call to get_s2 | +| test.c:90:3:90:36 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:90:3:90:8 | call to get_s2 | call to get_s2 | +| test.c:91:15:91:42 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:91:15:91:20 | call to get_s2 | call to get_s2 | +| test.c:92:15:92:48 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:92:15:92:20 | call to get_s2 | call to get_s2 | | test.c:111:15:111:33 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:111:16:111:22 | ... = ... | ... = ... | | test.c:113:15:113:37 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:113:16:113:26 | ... ? ... : ... | ... ? ... : ... | | test.c:114:15:114:31 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:114:16:114:20 | ... , ... | ... , ... | diff --git a/c/misra/test/rules/RULE-18-9/ModifiableLValueSubscriptedWithTemporaryLifetime.expected b/c/misra/test/rules/RULE-18-9/ModifiableLValueSubscriptedWithTemporaryLifetime.expected index ae140dcd59..19604e2092 100644 --- a/c/misra/test/rules/RULE-18-9/ModifiableLValueSubscriptedWithTemporaryLifetime.expected +++ b/c/misra/test/rules/RULE-18-9/ModifiableLValueSubscriptedWithTemporaryLifetime.expected @@ -3,13 +3,13 @@ | test.c:82:3:82:17 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:82:12:82:14 | arr | arr | test.c:82:3:82:8 | call to get_s1 | call to get_s1 | | test.c:83:3:83:17 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:83:12:83:14 | arr | arr | test.c:83:3:83:8 | call to get_s1 | call to get_s1 | | test.c:84:5:84:19 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:84:14:84:16 | arr | arr | test.c:84:5:84:10 | call to get_s1 | call to get_s1 | -| test.c:93:3:93:27 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:93:22:93:24 | arr | arr | test.c:93:12:93:20 | member_s1 | member_s1 | -| test.c:94:3:94:27 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:94:22:94:24 | arr | arr | test.c:94:3:94:20 | access to array | access to array | +| test.c:93:3:93:27 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:93:22:93:24 | arr | arr | test.c:93:3:93:8 | call to get_s2 | call to get_s2 | +| test.c:94:3:94:27 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:94:22:94:24 | arr | arr | test.c:94:3:94:8 | call to get_s2 | call to get_s2 | | test.c:137:3:137:23 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:137:12:137:20 | arr_union | arr_union | test.c:137:3:137:8 | call to get_s3 | call to get_s3 | | test.c:138:3:138:24 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:138:12:138:21 | arr_struct | arr_struct | test.c:138:3:138:8 | call to get_s3 | call to get_s3 | | test.c:139:3:139:24 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:139:12:139:21 | arr_struct | arr_struct | test.c:139:3:139:8 | call to get_s3 | call to get_s3 | | test.c:140:3:140:24 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:140:12:140:21 | arr_struct | arr_struct | test.c:140:3:140:8 | call to get_s3 | call to get_s3 | | test.c:141:3:141:24 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:141:12:141:21 | arr_struct | arr_struct | test.c:141:3:141:8 | call to get_s3 | call to get_s3 | | test.c:142:4:142:25 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:142:13:142:22 | arr_struct | arr_struct | test.c:142:4:142:9 | call to get_s3 | call to get_s3 | -| test.c:146:3:146:22 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:146:12:146:16 | arr2d | arr2d | test.c:146:3:146:8 | call to get_s3 | call to get_s3 | +| test.c:146:3:146:19 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:146:12:146:16 | arr2d | arr2d | test.c:146:3:146:8 | call to get_s3 | call to get_s3 | | test.c:147:4:147:20 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:147:13:147:17 | arr2d | arr2d | test.c:147:4:147:9 | call to get_s3 | call to get_s3 | diff --git a/c/misra/test/rules/RULE-22-12/NonstandardUseOfThreadingObject.expected b/c/misra/test/rules/RULE-22-12/NonstandardUseOfThreadingObject.expected new file mode 100644 index 0000000000..62a740f960 --- /dev/null +++ b/c/misra/test/rules/RULE-22-12/NonstandardUseOfThreadingObject.expected @@ -0,0 +1,27 @@ +| test.c:37:3:37:7 | mutex | Invalid usage of standard thread object type 'mtx_t'. | +| test.c:37:11:37:21 | * ... | Invalid usage of standard thread object type 'mtx_t'. | +| test.c:38:3:38:8 | thread | Invalid usage of standard thread object type 'thrd_t'. | +| test.c:38:12:38:23 | * ... | Invalid usage of standard thread object type 'thrd_t'. | +| test.c:39:3:39:13 | threadlocal | Invalid usage of standard thread object type 'tss_t'. | +| test.c:39:17:39:27 | * ... | Invalid usage of standard thread object type 'tss_t'. | +| test.c:40:3:40:11 | condition | Invalid usage of standard thread object type 'cnd_t'. | +| test.c:40:15:40:25 | * ... | Invalid usage of standard thread object type 'cnd_t'. | +| test.c:43:10:43:15 | & ... | Invalid usage of standard thread object type 'mtx_t *'. | +| test.c:44:10:44:16 | & ... | Invalid usage of standard thread object type 'thrd_t *'. | +| test.c:45:10:45:21 | & ... | Invalid usage of standard thread object type 'tss_t *'. | +| test.c:46:10:46:19 | & ... | Invalid usage of standard thread object type 'cnd_t *'. | +| test.c:48:3:48:13 | threadlocal | Invalid usage of standard thread object type 'tss_t'. | +| test.c:49:3:49:13 | threadlocal | Invalid usage of standard thread object type 'tss_t'. | +| test.c:50:3:50:13 | threadlocal | Invalid usage of standard thread object type 'tss_t'. | +| test.c:54:3:54:8 | thread | Invalid usage of standard thread object type 'thrd_t'. | +| test.c:54:13:54:18 | thread | Invalid usage of standard thread object type 'thrd_t'. | +| test.c:55:3:55:8 | thread | Invalid usage of standard thread object type 'thrd_t'. | +| test.c:55:13:55:18 | thread | Invalid usage of standard thread object type 'thrd_t'. | +| test.c:56:3:56:13 | threadlocal | Invalid usage of standard thread object type 'tss_t'. | +| test.c:56:18:56:28 | threadlocal | Invalid usage of standard thread object type 'tss_t'. | +| test.c:57:3:57:13 | threadlocal | Invalid usage of standard thread object type 'tss_t'. | +| test.c:57:18:57:28 | threadlocal | Invalid usage of standard thread object type 'tss_t'. | +| test.c:61:14:61:18 | mutex | Invalid usage of standard thread object type 'mtx_t'. | +| test.c:62:15:62:20 | thread | Invalid usage of standard thread object type 'thrd_t'. | +| test.c:63:20:63:30 | threadlocal | Invalid usage of standard thread object type 'tss_t'. | +| test.c:64:18:64:26 | condition | Invalid usage of standard thread object type 'cnd_t'. | diff --git a/c/misra/test/rules/RULE-22-12/NonstandardUseOfThreadingObject.qlref b/c/misra/test/rules/RULE-22-12/NonstandardUseOfThreadingObject.qlref new file mode 100644 index 0000000000..d1d345420d --- /dev/null +++ b/c/misra/test/rules/RULE-22-12/NonstandardUseOfThreadingObject.qlref @@ -0,0 +1 @@ +rules/RULE-22-12/NonstandardUseOfThreadingObject.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-22-12/test.c b/c/misra/test/rules/RULE-22-12/test.c new file mode 100644 index 0000000000..1c59c43d8c --- /dev/null +++ b/c/misra/test/rules/RULE-22-12/test.c @@ -0,0 +1,65 @@ +#include "string.h" +#include "threads.h" + +mtx_t mutex; +thrd_t thread; +tss_t threadlocal; +cnd_t condition; + +extern void use_mutex(mtx_t *m); +extern void use_thread(thrd_t *t); +extern void use_threadlocal(tss_t *t); +extern void use_condition(cnd_t *c); + +void valid_usages(void) { + mtx_init(&mutex, mtx_plain); // COMPLIANT + mtx_lock(&mutex); // COMPLIANT + mtx_unlock(&mutex); // COMPLIANT + thrd_create(&thread, NULL, NULL); // COMPLIANT + tss_create(&threadlocal, NULL); // COMPLIANT + tss_set(threadlocal, NULL); // COMPLIANT + cnd_init(&condition); // COMPLIANT + cnd_signal(&condition); // COMPLIANT + cnd_wait(&condition, &mutex); // COMPLIANT + + use_mutex(&mutex); // COMPLIANT + use_thread(&thread); // COMPLIANT + use_threadlocal(&threadlocal); // COMPLIANT + use_condition(&condition); // COMPLIANT +} + +extern void copy_mutex(mtx_t m); +extern void copy_thread(thrd_t t); +extern void copy_threadlocal(tss_t t); +extern void copy_condition(cnd_t t); + +void invalid_usages(void) { + mutex = *(mtx_t *)0; // NON-COMPLIANT + thread = *(thrd_t *)0; // NON-COMPLIANT + threadlocal = *(tss_t *)0; // NON-COMPLIANT + condition = *(cnd_t *)0; // NON-COMPLIANT + + int *buf; + memcpy(&mutex, buf, sizeof(mtx_t)); // NON-COMPLIANT + memcpy(&thread, buf, sizeof(thrd_t)); // NON-COMPLIANT + memcpy(&threadlocal, buf, sizeof(tss_t)); // NON-COMPLIANT + memcpy(&condition, buf, sizeof(cnd_t)); // NON-COMPLIANT + + threadlocal++; // NON-COMPLIANT + threadlocal += 1; // NON-COMPLIANT + threadlocal + 1; // NON-COMPLIANT + + // mutex == mutex; // NON-COMPLIANT + // mutex != mutex; // NON-COMPLIANT + thread == thread; // NON-COMPLIANT + thread != thread; // NON-COMPLIANT + threadlocal == threadlocal; // NON-COMPLIANT + threadlocal != threadlocal; // NON-COMPLIANT + // condition == condition; // NON-COMPLIANT + // condition != condition; // NON-COMPLIANT + + copy_mutex(mutex); // COMPLIANT + copy_thread(thread); // COMPLIANT + copy_threadlocal(threadlocal); // COMPLIANT + copy_condition(condition); // COMPLIANT +} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-22-13/ThreadingObjectWithInvalidStorageDuration.expected b/c/misra/test/rules/RULE-22-13/ThreadingObjectWithInvalidStorageDuration.expected new file mode 100644 index 0000000000..0fe033366d --- /dev/null +++ b/c/misra/test/rules/RULE-22-13/ThreadingObjectWithInvalidStorageDuration.expected @@ -0,0 +1,13 @@ +| test.c:14:21:14:22 | g9 | Object of type 'mtx_t' has invalid storage duration type 'thread'. | +| test.c:15:22:15:24 | g10 | Object of type 'thrd_t' has invalid storage duration type 'thread'. | +| test.c:16:21:16:23 | g11 | Object of type 'tss_t' has invalid storage duration type 'thread'. | +| test.c:17:21:17:23 | g12 | Object of type 'cnd_t' has invalid storage duration type 'thread'. | +| test.c:34:9:34:10 | l1 | Object of type 'mtx_t' has invalid storage duration type 'automatic'. | +| test.c:35:10:35:11 | l2 | Object of type 'thrd_t' has invalid storage duration type 'automatic'. | +| test.c:36:9:36:10 | l3 | Object of type 'tss_t' has invalid storage duration type 'automatic'. | +| test.c:37:9:37:10 | l4 | Object of type 'cnd_t' has invalid storage duration type 'automatic'. | +| test.c:44:9:44:10 | l9 | Object of type 'mtx_t[10]' has invalid storage duration type 'automatic'. | +| test.c:46:13:46:15 | l11 | Object of type 'has_mtx_t' has invalid storage duration type 'automatic'. | +| test.c:48:13:48:15 | l13 | Object of type 'has_mtx_t[10]' has invalid storage duration type 'automatic'. | +| test.c:51:9:51:14 | call to malloc | Object of type 'mtx_t' has invalid storage duration type 'allocated'. | +| test.c:52:9:52:14 | call to malloc | Object of type 'mtx_t' has invalid storage duration type 'allocated'. | diff --git a/c/misra/test/rules/RULE-22-13/ThreadingObjectWithInvalidStorageDuration.qlref b/c/misra/test/rules/RULE-22-13/ThreadingObjectWithInvalidStorageDuration.qlref new file mode 100644 index 0000000000..9c054fc623 --- /dev/null +++ b/c/misra/test/rules/RULE-22-13/ThreadingObjectWithInvalidStorageDuration.qlref @@ -0,0 +1 @@ +rules/RULE-22-13/ThreadingObjectWithInvalidStorageDuration.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-22-13/test.c b/c/misra/test/rules/RULE-22-13/test.c new file mode 100644 index 0000000000..0a5a84167d --- /dev/null +++ b/c/misra/test/rules/RULE-22-13/test.c @@ -0,0 +1,53 @@ +#include "stdlib.h" +#include "threads.h" + +mtx_t g1; // COMPLIANT +thrd_t g2; // COMPLIANT +tss_t g3; // COMPLIANT +cnd_t g4; // COMPLIANT + +static mtx_t g5; // COMPLIANT +static thrd_t g6; // COMPLIANT +static tss_t g7; // COMPLIANT +static cnd_t g8; // COMPLIANT + +_Thread_local mtx_t g9; // NON-COMPLIANT +_Thread_local thrd_t g10; // NON-COMPLIANT +_Thread_local tss_t g11; // NON-COMPLIANT +_Thread_local cnd_t g12; // NON-COMPLIANT + +typedef struct { + mtx_t m; +} has_mtx_t; + +typedef struct { + mtx_t *m; +} has_ptr_mtx_t; + +mtx_t g13[10]; // COMPLIANT +mtx_t *g14; // COMPLIANT +has_mtx_t g15; // COMPLIANT +has_ptr_mtx_t g16; // COMPLIANT +has_mtx_t g17[10]; // COMPLIANT + +void f1(void) { + mtx_t l1; // NON-COMPLIANT + thrd_t l2; // NON-COMPLIANT + tss_t l3; // NON-COMPLIANT + cnd_t l4; // NON-COMPLIANT + + static mtx_t l5; // COMPLIANT + static thrd_t l6; // COMPLIANT + static tss_t l7; // COMPLIANT + static cnd_t l8; // COMPLIANT + + mtx_t l9[10]; // NON-COMPLIANT + mtx_t *l10; // COMPLIANT + has_mtx_t l11; // NON-COMPLIANT + has_ptr_mtx_t l12; // COMPLIANT + has_mtx_t l13[10]; // NON-COMPLIANT + + l10 = &g1; // COMPLIANT + l10 = malloc(sizeof(mtx_t)); // NON-COMPLIANT + l10 = malloc(sizeof(mtx_t) * 4); // NON-COMPLIANT +} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-22-14/MutexInitWithInvalidMutexType.expected b/c/misra/test/rules/RULE-22-14/MutexInitWithInvalidMutexType.expected new file mode 100644 index 0000000000..1ea39b6b1d --- /dev/null +++ b/c/misra/test/rules/RULE-22-14/MutexInitWithInvalidMutexType.expected @@ -0,0 +1,5 @@ +| test.c:140:3:140:10 | call to mtx_init | Mutex initialized with incorrect type expression. | +| test.c:141:3:141:10 | call to mtx_init | Mutex initialized with incorrect type expression. | +| test.c:142:3:142:10 | call to mtx_init | Mutex initialized with incorrect type expression. | +| test.c:144:3:144:10 | call to mtx_init | Mutex initialized with incorrect type expression. | +| test.c:145:3:145:10 | call to mtx_init | Mutex initialized with incorrect type expression. | diff --git a/c/misra/test/rules/RULE-22-14/MutexInitWithInvalidMutexType.qlref b/c/misra/test/rules/RULE-22-14/MutexInitWithInvalidMutexType.qlref new file mode 100644 index 0000000000..32b57cfd07 --- /dev/null +++ b/c/misra/test/rules/RULE-22-14/MutexInitWithInvalidMutexType.qlref @@ -0,0 +1 @@ +rules/RULE-22-14/MutexInitWithInvalidMutexType.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-22-14/MutexInitializedInsideThread.expected b/c/misra/test/rules/RULE-22-14/MutexInitializedInsideThread.expected new file mode 100644 index 0000000000..360c02f622 --- /dev/null +++ b/c/misra/test/rules/RULE-22-14/MutexInitializedInsideThread.expected @@ -0,0 +1 @@ +| test.c:110:3:110:10 | call to mtx_init | Mutex initialization reachable from threaded function '$@'. | test.c:105:6:105:32 | from_root7_use_thread_local | from_root7_use_thread_local | diff --git a/c/misra/test/rules/RULE-22-14/MutexInitializedInsideThread.qlref b/c/misra/test/rules/RULE-22-14/MutexInitializedInsideThread.qlref new file mode 100644 index 0000000000..83ada06139 --- /dev/null +++ b/c/misra/test/rules/RULE-22-14/MutexInitializedInsideThread.qlref @@ -0,0 +1 @@ +rules/RULE-22-14/MutexInitializedInsideThread.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-22-14/MutexNotInitializedBeforeUse.expected b/c/misra/test/rules/RULE-22-14/MutexNotInitializedBeforeUse.expected new file mode 100644 index 0000000000..b9560165ce --- /dev/null +++ b/c/misra/test/rules/RULE-22-14/MutexNotInitializedBeforeUse.expected @@ -0,0 +1,14 @@ +| test.c:6:12:6:14 | & ... | Mutex '$@' possibly used before initialization, from entry point function '$@'. | test.c:5:9:5:10 | l1 | l1 | test.c:4:6:4:19 | use_local_mtxs | use_local_mtxs | +| test.c:13:12:13:16 | & ... | Mutex in object '$@' possibly used before initialization, from entry point function '$@'. | test.c:12:5:12:6 | l2 | l2 | test.c:4:6:4:19 | use_local_mtxs | use_local_mtxs | +| test.c:18:12:18:17 | & ... | Mutex in object '$@' possibly used before initialization, from entry point function '$@'. | test.c:17:9:17:10 | l3 | l3 | test.c:4:6:4:19 | use_local_mtxs | use_local_mtxs | +| test.c:23:12:23:13 | l4 | Mutex '$@' possibly used before initialization, from entry point function '$@'. | test.c:22:15:22:20 | call to malloc | call to malloc | test.c:28:6:28:31 | root1_calls_use_local_mtxs | root1_calls_use_local_mtxs | +| test.c:41:12:41:14 | & ... | Mutex '$@' possibly used before initialization, from entry point function '$@'. | test.c:34:7:34:8 | g1 | g1 | test.c:40:6:40:30 | root2_uses_global_mutexes | root2_uses_global_mutexes | +| test.c:42:12:42:17 | & ... | Mutex in object '$@' possibly used before initialization, from entry point function '$@'. | test.c:37:3:37:4 | g2 | g2 | test.c:40:6:40:30 | root2_uses_global_mutexes | root2_uses_global_mutexes | +| test.c:43:12:43:13 | g3 | Mutex '$@' possibly used before initialization, from entry point function '$@'. | test.c:56:8:56:13 | call to malloc | call to malloc | test.c:40:6:40:30 | root2_uses_global_mutexes | root2_uses_global_mutexes | +| test.c:64:12:64:14 | & ... | Mutex '$@' possibly used before initialization, from entry point function '$@'. | test.c:34:7:34:8 | g1 | g1 | test.c:67:6:67:45 | root4_call_thread_without_initialization | root4_call_thread_without_initialization | +| test.c:88:12:88:14 | & ... | Mutex '$@' possibly used before initialization, from entry point function '$@'. | test.c:87:9:87:10 | l1 | l1 | test.c:86:6:86:36 | island1_use_uninitialized_mutex | island1_use_uninitialized_mutex | +| test.c:100:12:100:14 | & ... | Mutex '$@' possibly used before initialization, from entry point function '$@'. | test.c:98:21:98:22 | g5 | g5 | test.c:99:6:99:27 | root6_use_thread_local | root6_use_thread_local | +| test.c:107:12:107:14 | & ... | Mutex '$@' possibly used before initialization, from entry point function '$@'. | test.c:98:21:98:22 | g5 | g5 | test.c:105:6:105:32 | from_root7_use_thread_local | from_root7_use_thread_local | +| test.c:124:12:124:13 | & ... | Condition '$@' possibly used before initialization, from entry point function '$@'. | test.c:122:9:122:9 | c | c | test.c:121:6:121:28 | root8_uninitialized_cnd | root8_uninitialized_cnd | +| test.c:124:16:124:17 | & ... | Mutex '$@' possibly used before initialization, from entry point function '$@'. | test.c:123:9:123:9 | m | m | test.c:121:6:121:28 | root8_uninitialized_cnd | root8_uninitialized_cnd | +| test.c:127:12:127:13 | & ... | Condition '$@' possibly used before initialization, from entry point function '$@'. | test.c:122:9:122:9 | c | c | test.c:121:6:121:28 | root8_uninitialized_cnd | root8_uninitialized_cnd | diff --git a/c/misra/test/rules/RULE-22-14/MutexNotInitializedBeforeUse.qlref b/c/misra/test/rules/RULE-22-14/MutexNotInitializedBeforeUse.qlref new file mode 100644 index 0000000000..2827a9c571 --- /dev/null +++ b/c/misra/test/rules/RULE-22-14/MutexNotInitializedBeforeUse.qlref @@ -0,0 +1 @@ +rules/RULE-22-14/MutexNotInitializedBeforeUse.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-22-14/test.c b/c/misra/test/rules/RULE-22-14/test.c new file mode 100644 index 0000000000..d8f1770ad8 --- /dev/null +++ b/c/misra/test/rules/RULE-22-14/test.c @@ -0,0 +1,146 @@ +#include "stdlib.h" +#include "threads.h" + +void use_local_mtxs(int x, int y) { + mtx_t l1; + mtx_lock(&l1); // NON-COMPLIANT + mtx_init(&l1, mtx_plain); + mtx_lock(&l1); // COMPLIANT + + struct { + mtx_t m; + } l2; + mtx_lock(&l2.m); // NON-COMPLIANT + mtx_init(&l2.m, mtx_plain); + mtx_lock(&l2.m); // COMPLIANT + + mtx_t l3[10]; + mtx_lock(&l3[y]); // NON-COMPLIANT + mtx_init(&l3[x], mtx_plain); + mtx_lock(&l3[y]); // COMPLIANT + + mtx_t *l4 = malloc(sizeof(mtx_t)); + mtx_lock(l4); // NON-COMPLIANT + mtx_init(l4, mtx_plain); + mtx_lock(l4); // COMPLIANT +} + +void root1_calls_use_local_mtxs() { + // Since a function exists which calls use_local_mtxs(), that function is not + // a root function. The query should still report unused locals in this case. + use_local_mtxs(1, 2); +} + +mtx_t g1; +struct { + mtx_t m1; +} g2; +mtx_t *g3; + +void root2_uses_global_mutexes() { + mtx_lock(&g1); // NON-COMPLIANT + mtx_lock(&g2.m1); // NON-COMPLIANT + mtx_lock(g3); // NON-COMPLIANT +} + +void from_root3_use_global_mutexes() { + mtx_lock(&g1); // COMPLIANT + mtx_lock(&g2.m1); // COMPLIANT + mtx_lock(g3); // COMPLIANT +} + +void root3_initializes_and_uses_global_mutexes() { + // Init global mutex with an allocated storage duration object. The existence + // of this malloc() is not checked by the query, but if its exists, the object + // and its uses should be trackable as a nice bonus. + g3 = malloc(sizeof(mtx_t)); + mtx_init(&g1, mtx_plain); + mtx_init(&g2.m1, mtx_plain); + mtx_init(g3, mtx_plain); + from_root3_use_global_mutexes(); +} + +void from_root4_use_global_mutex(void *arg) { + mtx_lock(&g1); // NON-COMPLIANT +} + +void root4_call_thread_without_initialization() { + thrd_t t; + thrd_create(&t, &from_root4_use_global_mutex, NULL); +} + +void from_root5_use_global_mutex(void *arg) { + mtx_lock(&g1); // COMPLIANT +} + +void root5_thread_with_initialization() { + mtx_init(&g1, mtx_plain); + thrd_t t; + thrd_create(&t, &from_root5_use_global_mutex, NULL); +} + +// Set up two functions such that a calls b and b calls a. This means there is +// no root function, but we should still report unused locals. +void island2_call_island1(); + +void island1_use_uninitialized_mutex() { + mtx_t l1; + mtx_lock(&l1); // NON-COMPLIANT + + // Globals are hard to detect + mtx_lock(&g1); // NON-COMPLIANT[False negative] + + island2_call_island1(); +} + +void island2_call_island1() { island1_use_uninitialized_mutex(); } + +_Thread_local mtx_t g5; +void root6_use_thread_local() { + mtx_lock(&g5); // NON-COMPLIANT + mtx_init(&g5, mtx_plain); + mtx_lock(&g5); // COMPLIANT +} + +void from_root7_use_thread_local() { + // Invalid, thread local g5 hasn't been initialized in this thread. + mtx_lock(&g5); // NON-COMPLIANT + + // Violates recommendation, mutexes initialized within a thread. + mtx_init(&g5, mtx_plain); // NON-COMPLIANT + + // Valid if we except the above initialization. + mtx_lock(&g5); // COMPLIANT +} + +void root7_spawn_thread_uninitialized_thread_local() { + thrd_t t; + thrd_create(&t, &from_root7_use_thread_local, NULL); +} + +void root8_uninitialized_cnd() { + cnd_t c; + mtx_t m; + cnd_wait(&c, &m); // NON-COMPLIANT + + mtx_init(&m, mtx_plain); + cnd_wait(&c, &m); // NON-COMPLIANT + + cnd_init(&c); + cnd_wait(&c, &m); // COMPLIANT +} + +void invalid_mtx_init_types() { + mtx_t m; + mtx_init(&m, mtx_plain); // COMPLIANT + mtx_init(&m, mtx_plain | mtx_recursive); // COMPLIANT + mtx_init(&m, mtx_timed); // COMPLIANT + mtx_init(&m, mtx_timed | mtx_recursive); // COMPLIANT + + mtx_init(&m, mtx_recursive); // NON-COMPLIANT + mtx_init(&m, mtx_plain | mtx_timed); // NON-COMPLIANT + mtx_init(&m, mtx_plain | mtx_plain); // NON-COMPLIANT + mtx_init(&m, mtx_plain & mtx_recursive); // NON-COMPLIANT + mtx_init(&m, mtx_plain * mtx_recursive); // NON-COMPLIANT + mtx_init(&m, -1); // NON-COMPLIANT +} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-22-16/MutexObjectsNotAlwaysUnlocked.expected b/c/misra/test/rules/RULE-22-16/MutexObjectsNotAlwaysUnlocked.expected new file mode 100644 index 0000000000..126e75bca7 --- /dev/null +++ b/c/misra/test/rules/RULE-22-16/MutexObjectsNotAlwaysUnlocked.expected @@ -0,0 +1,7 @@ +| test.c:16:3:16:10 | call to mtx_lock | Mutex 'm' is locked here and may not always be subsequently unlocked. | +| test.c:21:3:21:10 | call to mtx_lock | Mutex 'm' is locked here and may not always be subsequently unlocked. | +| test.c:39:3:39:10 | call to mtx_lock | Mutex 'm' is locked here and may not always be subsequently unlocked. | +| test.c:55:3:55:10 | call to mtx_lock | Mutex 'm' is locked here and may not always be subsequently unlocked. | +| test.c:72:3:72:10 | call to mtx_lock | Mutex 'g1' is locked here and may not always be subsequently unlocked. | +| test.c:79:3:79:10 | call to mtx_lock | Mutex 'm' is locked here and may not always be subsequently unlocked. | +| test.c:101:5:101:12 | call to mtx_lock | Mutex 'm' is locked here and may not always be subsequently unlocked. | diff --git a/c/misra/test/rules/RULE-22-16/MutexObjectsNotAlwaysUnlocked.qlref b/c/misra/test/rules/RULE-22-16/MutexObjectsNotAlwaysUnlocked.qlref new file mode 100644 index 0000000000..a1877f944d --- /dev/null +++ b/c/misra/test/rules/RULE-22-16/MutexObjectsNotAlwaysUnlocked.qlref @@ -0,0 +1 @@ +rules/RULE-22-16/MutexObjectsNotAlwaysUnlocked.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-22-16/test.c b/c/misra/test/rules/RULE-22-16/test.c new file mode 100644 index 0000000000..b9a19165e8 --- /dev/null +++ b/c/misra/test/rules/RULE-22-16/test.c @@ -0,0 +1,107 @@ +#include "threads.h" + +void f1() { + mtx_t m; + mtx_lock(&m); // COMPLIANT + mtx_unlock(&m); +} + +void f2() { + mtx_t m; + mtx_unlock(&m); // COMPLIANT +} + +void f3() { + mtx_t m; + mtx_lock(&m); // NON-COMPLIANT +} + +void f4(int p) { + mtx_t m; + mtx_lock(&m); // NON-COMPLIANT + if (p) { + mtx_unlock(&m); + } +} + +void f5(int p) { + mtx_t m; + mtx_lock(&m); // COMPLIANT + if (p) { + mtx_unlock(&m); + } else { + mtx_unlock(&m); + } +} + +void f6(int p) { + mtx_t m; + mtx_lock(&m); // NON-COMPLIANT + if (p) { + goto skipped; + } + mtx_unlock(&m); + skipped: +} + +void f7(int p) { + mtx_t *m; + mtx_lock(m); // COMPLIANT + mtx_unlock(m); +} + +void f8(int p) { + mtx_t *m; + mtx_lock(m); // NON-COMPLIANT +} + +void f9(int p) { + mtx_t m; + mtx_lock(&m); // COMPLIANT + mtx_t *ptr_m = &m; + mtx_unlock(ptr_m); +} + +mtx_t g1; +void f10() { + mtx_lock(&g1); // COMPLIANT + mtx_unlock(&g1); +} + +void f11() { + mtx_lock(&g1); // NON-COMPLIANT +} + +void f12() { + struct { + mtx_t m; + } s; + mtx_lock(&s.m); // NON-COMPLIANT +} + +void f13() { + struct { + mtx_t m; + } s; + mtx_lock(&s.m); // COMPLIANT + mtx_unlock(&s.m); +} + +void f14() { + for(;;) { + mtx_t m; + mtx_lock(&m); // COMPLIANT + mtx_unlock(&m); + } +} + +void f15(int p) { + for(;;) { + mtx_t m; + mtx_lock(&m); // NON-COMPLIANT + if (p) { + break; + } + mtx_unlock(&m); + } +} \ No newline at end of file diff --git a/change_notes/2024-11-27-c-object-refactor.md b/change_notes/2024-11-27-c-object-refactor.md new file mode 100644 index 0000000000..511ce1b7ce --- /dev/null +++ b/change_notes/2024-11-27-c-object-refactor.md @@ -0,0 +1,21 @@ +- `CON34-C` - `AppropriateThreadObjectStorageDurations.ql`: + - Improved analysis for detecting objects with automatic storage duration + - New reports will include `a.x`, `a[x]` for object `a` with automatic storage duration +- `DCL30-C` - `AppropriateStorageDurationsFunctionReturn.ql`: + - Improved analysis for detecting objects with automatic storage duration + - New reports will include `a.x`, `a[x]` for object `a` with automatic storage duration + - False positives related to returning copying pointer values +- `EXP35-C` - `DoNotModifyObjectsWithTemporaryLifetime.ql`: + - Improved analysis for detecting objects with temporary lifetime + - More non-lvalue expressions that produce temporary objects detected, for instance `(x = y).x`, previously only `f().x` discovered +- `MEM33-C` - `AllocStructsWithAFlexibleArrayMemberDynamically.ql`: + - Improved analysis for detecting objects with automatic storage duration + - New reports will include struct literals with a flexible array member +- `RULE-18-9` - `ModifiableLValueSubscriptedWithTemporaryLifetime.ql`: + - Problems will be reported at more obviously non-lvalue locations + - Implementation refactored to be shared with other libraries + - No other changes expected +- `RULE-18-9` - `ArrayToPointerConversionOfTemporaryLifetime.ql`: + - Problems will be reported at more obviously non-lvalue locations + - Implementation refactored to be shared with other libraries + - No other changes expected \ No newline at end of file diff --git a/change_notes/2024-11-27-raii-concurrency-analysis-perf.md b/change_notes/2024-11-27-raii-concurrency-analysis-perf.md new file mode 100644 index 0000000000..3a08427808 --- /dev/null +++ b/change_notes/2024-11-27-raii-concurrency-analysis-perf.md @@ -0,0 +1,2 @@ + - `Concurrency` - for all queries related to RAII-style mutexes + - These types of locks have been refactored to improve performance in some queries. No change in query results expected. \ No newline at end of file diff --git a/change_notes/2024-11-27-resource-leak-analysis-refactor.md b/change_notes/2024-11-27-resource-leak-analysis-refactor.md new file mode 100644 index 0000000000..8f2799b543 --- /dev/null +++ b/change_notes/2024-11-27-resource-leak-analysis-refactor.md @@ -0,0 +1,10 @@ +- `ERR57-CPP` - `DoNotLeakResourcesWhenHandlingExceptions.ql`: + - Resource leak detection code refactored for sharing across queries + - Control flow no longer uses "cut nodes." This could impact performance positively or negatively, however measurements have been taken that indicate no significant change + - Some false positives have been suppressed due to slightly different control flow approach + - Leaked mutex locks and open files are reported at slightly different location, reported at call site (e.g. `f.open(...)`, `m.lock()`) rather than on the variable itself (`f` and `m`). +- `A15-1-4` - `ValidResourcesStateBeforeThrow.ql`: + - Resource leak detection code refactored for sharing across queries + - Control flow no longer uses "cut nodes." This could impact performance positively or negatively, however measurements have been taken that indicate no significant change + - Some false positives have been suppressed due to slightly different control flow approach + - Leaked mutex locks and open files are reported at slightly different location, reported at call site (e.g. `f.open(...)`, `m.lock()`) rather than on the variable itself (`f` and `m`). \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/Clvalues.qll b/cpp/common/src/codingstandards/cpp/Clvalues.qll index 73fcd65eb1..157041f13b 100644 --- a/cpp/common/src/codingstandards/cpp/Clvalues.qll +++ b/cpp/common/src/codingstandards/cpp/Clvalues.qll @@ -14,4 +14,7 @@ predicate isCLValue(Expr expr) { not expr instanceof AssignExpr and not expr instanceof CommaExpr and not exists(Cast c | c = expr.getConversion*()) + or + // 6.5.2.5.4: Compound literals are always lvalues. + expr instanceof AggregateLiteral } diff --git a/cpp/common/src/codingstandards/cpp/Concurrency.qll b/cpp/common/src/codingstandards/cpp/Concurrency.qll index d856fa4515..f68553dfd9 100644 --- a/cpp/common/src/codingstandards/cpp/Concurrency.qll +++ b/cpp/common/src/codingstandards/cpp/Concurrency.qll @@ -69,6 +69,42 @@ class C11ThreadCreateCall extends ThreadCreationFunction { override ControlFlowNode getNext() { result = getFunction().getEntryPoint() } } +class C11MutexType extends TypedefType { + C11MutexType() { + this.hasName("mtx_t") + } +} + +class C11ThreadType extends TypedefType { + C11ThreadType() { + this.hasName("thrd_t") + } +} + +class C11ConditionType extends TypedefType { + C11ConditionType() { + this.hasName("cnd_t") + } +} + +class C11ThreadStorageType extends TypedefType { + C11ThreadStorageType() { + this.hasName("tss_t") + } +} + +class C11ThreadingObjectType extends TypedefType { + C11ThreadingObjectType() { + this instanceof C11MutexType + or + this instanceof C11ThreadType + or + this instanceof C11ConditionType + or + this instanceof C11ThreadStorageType + } +} + /** * Common base class providing an interface into function call * based mutex locks. @@ -317,14 +353,14 @@ abstract class LockingOperation extends FunctionCall { */ class RAIIStyleLock extends LockingOperation { VariableAccess lock; - Element e; RAIIStyleLock() { ( getTarget().getDeclaringType().hasQualifiedName("std", "lock_guard") or getTarget().getDeclaringType().hasQualifiedName("std", "unique_lock") or getTarget().getDeclaringType().hasQualifiedName("std", "scoped_lock") - ) + ) and + lock = getArgument(0).getAChild*() } /** @@ -333,7 +369,6 @@ class RAIIStyleLock extends LockingOperation { override predicate isLock() { not isLockingOperationWithinLockingOperation(this) and this instanceof ConstructorCall and - lock = getArgument(0).getAChild*() and // defer_locks don't cause a lock not exists(Expr exp | exp = getArgument(1) and @@ -463,6 +498,28 @@ class CConditionalWait extends ConditionalWait { CConditionalWait() { getTarget().getName() in ["cnd_wait"] } } +/** + * Models a function which uses a c condition variable. Not integrated into the thread aware CFG. + */ +class CConditionOperation extends FunctionCall { + CConditionOperation() { + getTarget().hasName(["cnd_broadcast", "cnd_signal", "cnd_timedwait", "cnd_wait", "cnd_init"]) + } + + predicate isInit() { + getTarget().hasName("cnd_init") + } + + predicate isUse() { + not isInit() + } + + Expr getConditionExpr() { result = getArgument(0) } + + /* Note: only holds for `cnd_wait()` and `cnd_timedwait()` */ + Expr getMutexExpr() { result = getArgument(1) } +} + /** * Models a call to a `std::thread` constructor that depends on a mutex. */ @@ -531,6 +588,10 @@ class CPPMutexSource extends MutexSource, ConstructorCall { */ class C11MutexSource extends MutexSource, FunctionCall { C11MutexSource() { getTarget().hasName("mtx_init") } + + Expr getMutexExpr() { result = getArgument(0) } + + Expr getMutexTypeExpr() { result = getArgument(1) } } /** diff --git a/cpp/common/src/codingstandards/cpp/Type.qll b/cpp/common/src/codingstandards/cpp/Type.qll index 4199b4a12d..4f72f5612e 100644 --- a/cpp/common/src/codingstandards/cpp/Type.qll +++ b/cpp/common/src/codingstandards/cpp/Type.qll @@ -60,6 +60,30 @@ Type stripSpecifiers(Type type) { else result = type } +signature class PossiblySpecifiedBaseType extends Type; + +/** + * This module defines a class `Type` which holds for types `T` and `const/volatile T` etc. + * + * Similar to `getUnspecifiedType()`, but does not resolve typedefs. Useful for matching + * potentially qualified versions of standard typedef types, such as `const mtx_t`. + * + * Example usage: `someType.(PossiblySpecified::Type).strip()` + */ +module PossiblySpecified { + import cpp as cpp + final class CppType = cpp::Type; + + class Type extends CppType { + BaseType baseType; + Type() { + baseType = stripSpecifiers(this) + } + + BaseType strip() { result = baseType } + } +} + /** * Get the precision of an integral type, where precision is defined as the number of bits * that can be used to represent the numeric value. @@ -69,4 +93,4 @@ int getPrecision(IntegralType type) { type.isExplicitlyUnsigned() and result = type.getSize() * 8 or type.isExplicitlySigned() and result = type.getSize() * 8 - 1 -} +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency8.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency8.qll new file mode 100644 index 0000000000..677b35d12b --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency8.qll @@ -0,0 +1,112 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype Concurrency8Query = + TNonstandardUseOfThreadingObjectQuery() or + TThreadingObjectWithInvalidStorageDurationQuery() or + TMutexNotInitializedBeforeUseQuery() or + TMutexInitializedInsideThreadQuery() or + TMutexInitWithInvalidMutexTypeQuery() or + TMutexObjectsNotAlwaysUnlockedQuery() + +predicate isConcurrency8QueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `nonstandardUseOfThreadingObject` query + Concurrency8Package::nonstandardUseOfThreadingObjectQuery() and + queryId = + // `@id` for the `nonstandardUseOfThreadingObject` query + "c/misra/nonstandard-use-of-threading-object" and + ruleId = "RULE-22-12" and + category = "mandatory" + or + query = + // `Query` instance for the `threadingObjectWithInvalidStorageDuration` query + Concurrency8Package::threadingObjectWithInvalidStorageDurationQuery() and + queryId = + // `@id` for the `threadingObjectWithInvalidStorageDuration` query + "c/misra/threading-object-with-invalid-storage-duration" and + ruleId = "RULE-22-13" and + category = "required" + or + query = + // `Query` instance for the `mutexNotInitializedBeforeUse` query + Concurrency8Package::mutexNotInitializedBeforeUseQuery() and + queryId = + // `@id` for the `mutexNotInitializedBeforeUse` query + "c/misra/mutex-not-initialized-before-use" and + ruleId = "RULE-22-14" and + category = "mandatory" + or + query = + // `Query` instance for the `mutexInitializedInsideThread` query + Concurrency8Package::mutexInitializedInsideThreadQuery() and + queryId = + // `@id` for the `mutexInitializedInsideThread` query + "c/misra/mutex-initialized-inside-thread" and + ruleId = "RULE-22-14" and + category = "mandatory" + or + query = + // `Query` instance for the `mutexInitWithInvalidMutexType` query + Concurrency8Package::mutexInitWithInvalidMutexTypeQuery() and + queryId = + // `@id` for the `mutexInitWithInvalidMutexType` query + "c/misra/mutex-init-with-invalid-mutex-type" and + ruleId = "RULE-22-14" and + category = "mandatory" + or + query = + // `Query` instance for the `mutexObjectsNotAlwaysUnlocked` query + Concurrency8Package::mutexObjectsNotAlwaysUnlockedQuery() and + queryId = + // `@id` for the `mutexObjectsNotAlwaysUnlocked` query + "c/misra/mutex-objects-not-always-unlocked" and + ruleId = "RULE-22-16" and + category = "required" +} + +module Concurrency8Package { + Query nonstandardUseOfThreadingObjectQuery() { + //autogenerate `Query` type + result = + // `Query` type for `nonstandardUseOfThreadingObject` query + TQueryC(TConcurrency8PackageQuery(TNonstandardUseOfThreadingObjectQuery())) + } + + Query threadingObjectWithInvalidStorageDurationQuery() { + //autogenerate `Query` type + result = + // `Query` type for `threadingObjectWithInvalidStorageDuration` query + TQueryC(TConcurrency8PackageQuery(TThreadingObjectWithInvalidStorageDurationQuery())) + } + + Query mutexNotInitializedBeforeUseQuery() { + //autogenerate `Query` type + result = + // `Query` type for `mutexNotInitializedBeforeUse` query + TQueryC(TConcurrency8PackageQuery(TMutexNotInitializedBeforeUseQuery())) + } + + Query mutexInitializedInsideThreadQuery() { + //autogenerate `Query` type + result = + // `Query` type for `mutexInitializedInsideThread` query + TQueryC(TConcurrency8PackageQuery(TMutexInitializedInsideThreadQuery())) + } + + Query mutexInitWithInvalidMutexTypeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `mutexInitWithInvalidMutexType` query + TQueryC(TConcurrency8PackageQuery(TMutexInitWithInvalidMutexTypeQuery())) + } + + Query mutexObjectsNotAlwaysUnlockedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `mutexObjectsNotAlwaysUnlocked` query + TQueryC(TConcurrency8PackageQuery(TMutexObjectsNotAlwaysUnlockedQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index 1562ba7894..f91f80f17a 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -12,6 +12,7 @@ import Concurrency2 import Concurrency3 import Concurrency4 import Concurrency5 +import Concurrency8 import Contracts1 import Contracts2 import Contracts3 @@ -91,6 +92,7 @@ newtype TCQuery = TConcurrency3PackageQuery(Concurrency3Query q) or TConcurrency4PackageQuery(Concurrency4Query q) or TConcurrency5PackageQuery(Concurrency5Query q) or + TConcurrency8PackageQuery(Concurrency8Query q) or TContracts1PackageQuery(Contracts1Query q) or TContracts2PackageQuery(Contracts2Query q) or TContracts3PackageQuery(Contracts3Query q) or @@ -170,6 +172,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isConcurrency3QueryMetadata(query, queryId, ruleId, category) or isConcurrency4QueryMetadata(query, queryId, ruleId, category) or isConcurrency5QueryMetadata(query, queryId, ruleId, category) or + isConcurrency8QueryMetadata(query, queryId, ruleId, category) or isContracts1QueryMetadata(query, queryId, ruleId, category) or isContracts2QueryMetadata(query, queryId, ruleId, category) or isContracts3QueryMetadata(query, queryId, ruleId, category) or diff --git a/cpp/common/src/codingstandards/cpp/lifetimes/CLifetimes.qll b/cpp/common/src/codingstandards/cpp/lifetimes/CLifetimes.qll deleted file mode 100644 index 9282260fb9..0000000000 --- a/cpp/common/src/codingstandards/cpp/lifetimes/CLifetimes.qll +++ /dev/null @@ -1,48 +0,0 @@ -import cpp -import codingstandards.cpp.Clvalues - -/** - * A struct or union type that contains an array type. - */ -class StructOrUnionTypeWithArrayField extends Struct { - StructOrUnionTypeWithArrayField() { - this.getAField().getUnspecifiedType() instanceof ArrayType - or - // nested struct or union containing an array type - this.getAField().getUnspecifiedType().(Struct) instanceof StructOrUnionTypeWithArrayField - } -} - -/** - * A non-lvalue expression with struct or or union type that has a field member - * of array type, has a temporary lifetime. - * - * The array members are also part of that object, and thus also have temporary - * lifetime. - */ -class TemporaryLifetimeExpr extends Expr { - TemporaryLifetimeExpr() { - getUnconverted().getUnspecifiedType() instanceof StructOrUnionTypeWithArrayField and - not isCLValue(this) - or - this.getUnconverted().(ArrayExpr).getArrayBase() instanceof TemporaryLifetimeArrayAccess - } -} - -/** - * A field access on a temporary object that returns an array member. - */ -class TemporaryLifetimeArrayAccess extends FieldAccess { - // The temporary lifetime object which owns the array that is returned. - TemporaryLifetimeExpr temporary; - - TemporaryLifetimeArrayAccess() { - getQualifier().getUnconverted() = temporary and - getUnspecifiedType() instanceof ArrayType - } - - /** - * Get the temporary lifetime object which own the array that is returned. - */ - Expr getTemporary() { result = temporary } -} diff --git a/cpp/common/src/codingstandards/cpp/resources/ResourceLeakAnalysis.qll b/cpp/common/src/codingstandards/cpp/resources/ResourceLeakAnalysis.qll new file mode 100644 index 0000000000..4623b3e95e --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/resources/ResourceLeakAnalysis.qll @@ -0,0 +1,101 @@ +import cpp +import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.valuenumbering.GlobalValueNumbering +import semmle.code.cpp.controlflow.Dominance +import codeql.util.Boolean + +/** + * A library for detecting leaked resources. + * + * To use this library, implement `ResourceLeakConfigSig`: + * + * ``` + * class UnjoinedThreadConfig implements ResourceLeakConfigSig { + * predicate isResource(DataFlow::Node node) { + * node.asExpr().isThreadCreate() + * } + * + * predicate isFree(ControlFlowNode node, DataFlow::Node resource) { + * node.asExpr().isThreadJoin(resource.asExpr()) + * } + * } + * ``` + * + * You can now check if a resource is leaked through the module predicate + * `ResourceLeak::isLeaked(resource)`. + * + * The leak analysis finds the exit point of the function in which the resource is is declared, and + * then reverses execution from there using `getAPredecessor()`. When this backwards walk discovers + * a control flow node that frees the resource, that exploration stops. If any exploration reaches + * a resource, that resource may be leaked via that path. + * + * Uses `DataFlow::Node` in order to track aliases of the resource to better detect when the + * resource is freed. + * + * This library by default assumes that resources are expression nodes. To use it with other kinds + * of nodes requires overriding `resourceInitPoint`. + */ +signature module ResourceLeakConfigSig { + predicate isAllocate(ControlFlowNode node, DataFlow::Node resource); + + predicate isFree(ControlFlowNode node, DataFlow::Node resource); + + default DataFlow::Node getAnAlias(DataFlow::Node node) { + DataFlow::localFlow(node, result) or + exists(Expr current, Expr after | + current in [node.asExpr(), node.asDefiningArgument()] and + after in [result.asExpr(), result.asDefiningArgument()] and + globalValueNumber(current) = globalValueNumber(after) and + strictlyDominates(current, after) + ) + } + + /* A point at which a resource is considered to have leaked if it has not been freed. */ + default ControlFlowNode outOfScope(ControlFlowNode allocPoint) { + result = allocPoint.(Expr).getEnclosingFunction().getBlock().getLastStmt() + } +} + +module ResourceLeak { + private newtype TResource = TJustResource(DataFlow::Node resource, ControlFlowNode cfgNode) { + Config::isAllocate(cfgNode, resource) + } + + /** + * Get an alias of a resource, and aliases of nodes that are aliased by a resource. + */ + private DataFlow::Node getAnAliasRecursive(DataFlow::Node node) { + result = Config::getAnAlias(node) and + Config::isAllocate(_, node) + or + exists(DataFlow::Node parent | + node = getAnAliasRecursive(parent) and + result = Config::getAnAlias(parent) + ) + } + + private predicate isLeakedAtControlPoint(TResource resource, ControlFlowNode cfgNode) { + // Holds if this control point is where the resource was allocated (and therefore not freed). + resource = TJustResource(_, cfgNode) + or + // Holds if this control point does not free the resource, and is reachable from a point that + // does not free the resource. + isLeakedAtControlPoint(resource, cfgNode.getAPredecessor()) and + not exists(DataFlow::Node freed, DataFlow::Node resourceNode | + Config::isFree(cfgNode, freed) and + freed = getAnAliasRecursive(resourceNode) and + resource = TJustResource(resourceNode, _) + ) + } + + /** + * Holds if `resource` is leaked. Use this module predicate to find leaked resources. + */ + ControlFlowNode getALeak(ControlFlowNode allocPoint) { + exists(TResource resourceWrapper, DataFlow::Node resource | + resourceWrapper = TJustResource(resource, allocPoint) and + result = Config::outOfScope(allocPoint) and + isLeakedAtControlPoint(resourceWrapper, result) + ) + } +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/resources/ResourceManagement.qll b/cpp/common/src/codingstandards/cpp/resources/ResourceManagement.qll index 0798575495..93c26e0a46 100644 --- a/cpp/common/src/codingstandards/cpp/resources/ResourceManagement.qll +++ b/cpp/common/src/codingstandards/cpp/resources/ResourceManagement.qll @@ -1,58 +1,45 @@ import cpp import codingstandards.cpp.dataflow.DataFlow +import codingstandards.cpp.resources.ResourceLeakAnalysis -/** - * The `ResourceAcquisitionExpr` abstract class models resource - * acquisition and release expressions - */ -abstract class ResourceAcquisitionExpr extends Expr { - abstract Expr getReleaseExpr(); -} - -// allocation - deallocation -class AllocExpr extends ResourceAcquisitionExpr { - AllocExpr() { this.(AllocationExpr).requiresDealloc() } - - override Expr getReleaseExpr() { - exists(DeallocationExpr d | result = d.getFreedExpr()) and - DataFlow::localFlow(DataFlow::exprNode(this), DataFlow::exprNode(result)) - } -} - -// file open-close -class FstreamAcquisitionExpr extends ResourceAcquisitionExpr { - FstreamAcquisitionExpr() { +module ResourceLeakConfig implements ResourceLeakConfigSig { + predicate isAllocate(ControlFlowNode allocPoint, DataFlow::Node node) { + exists(AllocationExpr alloc | + allocPoint = alloc and + alloc.requiresDealloc() and + node.asExpr() = alloc + ) + or exists(FunctionCall f | - f.getTarget().hasQualifiedName("std", "basic_fstream", "open") and this = f.getQualifier() + f.getTarget().hasQualifiedName("std", "basic_fstream", "open") + and allocPoint = f + and node.asDefiningArgument() = f.getQualifier() ) - } - - override Expr getReleaseExpr() { + or exists(FunctionCall f | - f.getTarget().hasQualifiedName("std", "basic_fstream", "close") and result = f.getQualifier() - ) and - exists(DataFlow::Node def | - def.asDefiningArgument() = this and - DataFlow::localFlow(def, DataFlow::exprNode(result)) + f.getTarget().hasQualifiedName("std", "mutex", "lock") and + allocPoint = f and + node.asDefiningArgument() = f.getQualifier() ) } -} -// mutex lock unlock -class MutexAcquisitionExpr extends ResourceAcquisitionExpr { - MutexAcquisitionExpr() { + predicate isFree(ControlFlowNode node, DataFlow::Node resource) { + exists(DeallocationExpr d, Expr freedExpr| + freedExpr = d.getFreedExpr() and + node = d and + resource.asExpr() = freedExpr + ) + or exists(FunctionCall f | - f.getTarget().hasQualifiedName("std", "mutex", "lock") and this = f.getQualifier() + f.getTarget().hasQualifiedName("std", "basic_fstream", "close") + and node = f and + resource.asExpr() = f.getQualifier() ) - } - - override Expr getReleaseExpr() { + or exists(FunctionCall f | - f.getTarget().hasQualifiedName("std", "mutex", "unlock") and result = f.getQualifier() - ) and - exists(DataFlow::Node def | - def.asDefiningArgument() = this and - DataFlow::localFlow(def, DataFlow::exprNode(result)) + f.getTarget().hasQualifiedName("std", "mutex", "unlock") + and node = f and + resource.asExpr() = f.getQualifier() ) } -} +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/rules/exceptionsafetyvalidstate/ExceptionSafetyValidState.qll b/cpp/common/src/codingstandards/cpp/rules/exceptionsafetyvalidstate/ExceptionSafetyValidState.qll index 16f86f78be..8ed5342def 100644 --- a/cpp/common/src/codingstandards/cpp/rules/exceptionsafetyvalidstate/ExceptionSafetyValidState.qll +++ b/cpp/common/src/codingstandards/cpp/rules/exceptionsafetyvalidstate/ExceptionSafetyValidState.qll @@ -4,42 +4,17 @@ */ import cpp -import semmle.code.cpp.controlflow.SubBasicBlocks import codingstandards.cpp.Exclusions import codingstandards.cpp.Customizations import codingstandards.cpp.exceptions.ExceptionFlow import codingstandards.cpp.ExceptionSafety import codingstandards.cpp.resources.ResourceManagement +import codingstandards.cpp.resources.ResourceLeakAnalysis abstract class ExceptionSafetyValidStateSharedQuery extends Query { } Query getQuery() { result instanceof ExceptionSafetyValidStateSharedQuery } -/** - * Ensures that `UncaughtThrowExpr` and `Expr` appear at the start of a `SubBasicBlock`. - */ -class SafetyValidStateSubBasicBlock extends SubBasicBlockCutNode { - SafetyValidStateSubBasicBlock() { - this instanceof ResourceAcquisitionExpr or - this = any(ResourceAcquisitionExpr rae).getReleaseExpr() or - this instanceof UncaughtThrowExpr - } -} - -/** - * Execution continues from an allocation expression - * without releasing the resource - */ -SubBasicBlock followsInitialized(ResourceAcquisitionExpr src) { - result = src - or - exists(SubBasicBlock mid | - mid = followsInitialized(src) and - result = mid.getASuccessor() and - //stop recursion on resource release - not result = src.getReleaseExpr() - ) -} /** * `UncaughtThrowExpr` models a `throw` expression that is not handled @@ -48,14 +23,40 @@ class UncaughtThrowExpr extends ThrowExpr { UncaughtThrowExpr() { getASuccessor() = getEnclosingFunction() } } +module ThrowLeakConfig implements ResourceLeakConfigSig { + + predicate isAllocate(ControlFlowNode node, DataFlow::Node resource) { + //exists(ResourceAcquisitionExpr rae | + // node = rae and resource.asExpr() = rae + //) + ResourceLeakConfig::isAllocate(node, resource) + } + + predicate isFree(ControlFlowNode node, DataFlow::Node resource) { + //exists(ResourceAcquisitionExpr rae | + // node = rae.getReleaseExpr() and resource.asExpr() = rae + //) + ResourceLeakConfig::isFree(node, resource) + } + + ControlFlowNode outOfScope(ControlFlowNode allocPoint) { + result.(UncaughtThrowExpr).getEnclosingFunction() = allocPoint.(Expr).getEnclosingFunction() + } + + DataFlow::Node getAnAlias(DataFlow::Node node) { + DataFlow::localFlow(node, result) + } +} + query predicate problems( - UncaughtThrowExpr te, string message, ResourceAcquisitionExpr e, string eDescription + UncaughtThrowExpr te, string message, Element e, string eDescription ) { not isExcluded(te, getQuery()) and - exists(SubBasicBlock sbb | - sbb.getANode() = e and - te = followsInitialized(sbb) - ) and + //exists(SubBasicBlock sbb | + // sbb.getANode() = e and + // te = followsInitialized(sbb) + //) and + te = ResourceLeak::getALeak(e) and message = "The $@ is not released explicitly before throwing an exception." and eDescription = "allocated resource" } diff --git a/cpp/common/test/rules/exceptionsafetyvalidstate/ExceptionSafetyValidState.expected b/cpp/common/test/rules/exceptionsafetyvalidstate/ExceptionSafetyValidState.expected index 18689c333b..b8a8c17435 100644 --- a/cpp/common/test/rules/exceptionsafetyvalidstate/ExceptionSafetyValidState.expected +++ b/cpp/common/test/rules/exceptionsafetyvalidstate/ExceptionSafetyValidState.expected @@ -6,7 +6,7 @@ | test.cpp:103:5:103:9 | re-throw exception | The $@ is not released explicitly before throwing an exception. | test.cpp:99:12:99:21 | new | allocated resource | | test.cpp:125:5:125:37 | throw ... | The $@ is not released explicitly before throwing an exception. | test.cpp:124:9:124:18 | new | allocated resource | | test.cpp:134:5:134:37 | throw ... | The $@ is not released explicitly before throwing an exception. | test.cpp:133:23:133:32 | new | allocated resource | -| test.cpp:142:3:142:35 | throw ... | The $@ is not released explicitly before throwing an exception. | test.cpp:141:3:141:4 | fs | allocated resource | -| test.cpp:154:3:154:35 | throw ... | The $@ is not released explicitly before throwing an exception. | test.cpp:152:3:152:4 | fs | allocated resource | -| test.cpp:160:3:160:35 | throw ... | The $@ is not released explicitly before throwing an exception. | test.cpp:159:3:159:5 | mtx | allocated resource | -| test.cpp:172:3:172:35 | throw ... | The $@ is not released explicitly before throwing an exception. | test.cpp:170:3:170:5 | mtx | allocated resource | +| test.cpp:142:3:142:35 | throw ... | The $@ is not released explicitly before throwing an exception. | test.cpp:141:6:141:9 | call to open | allocated resource | +| test.cpp:154:3:154:35 | throw ... | The $@ is not released explicitly before throwing an exception. | test.cpp:152:6:152:9 | call to open | allocated resource | +| test.cpp:160:3:160:35 | throw ... | The $@ is not released explicitly before throwing an exception. | test.cpp:159:7:159:10 | call to lock | allocated resource | +| test.cpp:172:3:172:35 | throw ... | The $@ is not released explicitly before throwing an exception. | test.cpp:170:7:170:10 | call to lock | allocated resource | diff --git a/rule_packages/c/Concurrency8.json b/rule_packages/c/Concurrency8.json new file mode 100644 index 0000000000..c27563f81e --- /dev/null +++ b/rule_packages/c/Concurrency8.json @@ -0,0 +1,115 @@ +{ + "MISRA-C-2012": { + "RULE-22-12": { + "properties": { + "obligation": "mandatory" + }, + "queries": [ + { + "description": "Thread objects, thread synchronization objects, and thread-specific storage pointers shall only be accessed by the appropriate Standard Library functions.", + "kind": "problem", + "name": "Standard library threading objects (mutexes, threads, etc.) shall only be accessed by the appropriate Standard Library functions", + "precision": "very-high", + "severity": "error", + "short_name": "NonstandardUseOfThreadingObject", + "tags": [ + "correctness", + "concurrency", + "external/misra/c/2012/amendment4" + ] + } + ], + "title": "Thread objects, thread synchronization objects, and thread-specific storage pointers shall only be accessed by the appropriate Standard Library functions" + }, + "RULE-22-13": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Thread objects, thread synchronization objects, and thread specific storage pointers shall have appropriate storage duration.", + "kind": "problem", + "name": "Threading objects (mutexes, threads, etc). shall have not have automatic or thread storage duration", + "precision": "very-high", + "severity": "error", + "short_name": "ThreadingObjectWithInvalidStorageDuration", + "tags": [ + "correctness", + "concurrency", + "external/misra/c/2012/amendment4" + ] + } + ], + "title": "Thread objects, thread synchronization objects, and thread specific storage pointers shall have appropriate storage duration" + }, + "RULE-22-14": { + "properties": { + "obligation": "mandatory" + }, + "queries": [ + { + "description": "Mutex and condition objects shall be initialized with the standard library functions before using them.", + "kind": "problem", + "name": "Thread synchronization objects shall be initialized before being accessed", + "precision": "high", + "severity": "error", + "short_name": "MutexNotInitializedBeforeUse", + "tags": [ + "correctness", + "concurrency", + "external/misra/c/2012/amendment4" + ] + }, + { + "description": "Mutex and condition objects initialized inside of threads may result in indeterministic state", + "kind": "problem", + "name": "Thread synchronization objects shall be initialized deterministically", + "precision": "high", + "severity": "recommendation", + "short_name": "MutexInitializedInsideThread", + "tags": [ + "readability", + "maintainability", + "concurrency", + "external/misra/c/2012/amendment4" + ] + }, + { + "description": "Mutexes shall be initialized with a valid mutex type.", + "kind": "problem", + "name": "Mutexes shall be initialized with a valid mutex type", + "precision": "high", + "severity": "error", + "short_name": "MutexInitWithInvalidMutexType", + "tags": [ + "correctness", + "concurrency", + "external/misra/c/2012/amendment4" + ] + } + ], + "title": "Thread synchronization objects shall be initialized before being accessed" + }, + "RULE-22-16": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Mutex not unlocked by thread on all execution paths in current thread after being locked.", + "kind": "problem", + "name": "All mutex objects locked by a thread shall be explicitly unlocked by the same thread", + "precision": "high", + "severity": "error", + "short_name": "MutexObjectsNotAlwaysUnlocked", + "tags": [ + "correctness", + "concurrency", + "external/misra/c/2012/amendment4" + ] + } + ], + "title": "All mutex objects locked by a thread shall be explicitly unlocked by the same thread" + } + } +} \ No newline at end of file diff --git a/rules.csv b/rules.csv index 475ea1d66c..624de41885 100644 --- a/rules.csv +++ b/rules.csv @@ -803,11 +803,11 @@ c,MISRA-C-2012,RULE-22-8,Yes,Required,,,The value of errno shall be set to zero c,MISRA-C-2012,RULE-22-9,Yes,Required,,,The value of errno shall be tested against zero after calling an errno-setting-function,,Contracts3,Medium, c,MISRA-C-2012,RULE-22-10,Yes,Required,,,The value of errno shall only be tested when the last function to be called was an errno-setting-function,,Contracts3,Medium, c,MISRA-C-2012,RULE-22-11,Yes,Required,,,A thread that was previously either joined or detached shall not be subsequently joined nor detached,CON39-C,Concurrency6,Import, -c,MISRA-C-2012,RULE-22-12,Yes,Mandatory,,,"Thread objects, thread synchronization objects, and thread-specific storage pointers shall only be accessed by the appropriate Standard Library functions",,Concurrency6,Medium, -c,MISRA-C-2012,RULE-22-13,Yes,Required,,,"Thread objects, thread synchronization objects, and thread specific storage pointers shall have appropriate storage duration",EXP54-CPP and CON34-C,Concurrency6,Medium, -c,MISRA-C-2012,RULE-22-14,Yes,Mandatory,,,Thread synchronization objects shall be initialized before being accessed,EXP53-CPP,Concurrency6,Hard, +c,MISRA-C-2012,RULE-22-12,Yes,Mandatory,,,"Thread objects, thread synchronization objects, and thread-specific storage pointers shall only be accessed by the appropriate Standard Library functions",,Concurrency8,Medium, +c,MISRA-C-2012,RULE-22-13,Yes,Required,,,"Thread objects, thread synchronization objects, and thread specific storage pointers shall have appropriate storage duration",EXP54-CPP and CON34-C,Concurrency8,Medium, +c,MISRA-C-2012,RULE-22-14,Yes,Mandatory,,,Thread synchronization objects shall be initialized before being accessed,EXP53-CPP,Concurrency9,Hard, c,MISRA-C-2012,RULE-22-15,Yes,Required,,,Thread synchronization objects and thread-specific storage pointers shall not be destroyed until after all threads accessing them have terminated,,Concurrency6,Hard, -c,MISRA-C-2012,RULE-22-16,Yes,Required,,,All mutex objects locked by a thread shall be explicitly unlocked by the same thread,MEM51-CPP,Concurrency6,Hard, +c,MISRA-C-2012,RULE-22-16,Yes,Required,,,All mutex objects locked by a thread shall be explicitly unlocked by the same thread,MEM51-CPP,Concurrency9,Hard, c,MISRA-C-2012,RULE-22-17,Yes,Required,,,No thread shall unlock a mutex or call cnd_wait() or cnd_timedwait() for a mutex it has not locked before,Rule 22.2,Concurrency6,Medium, c,MISRA-C-2012,RULE-22-18,Yes,Required,,,Non-recursive mutexes shall not be recursively locked,CON56-CPP,Concurrency6,Medium, c,MISRA-C-2012,RULE-22-19,Yes,Required,,,A condition variable shall be associated with at most one mutex object,,Concurrency6,Medium, From 6a1fa993e30b666121ef65d6ed6ea42c51d22ce0 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 28 Nov 2024 05:12:32 -0800 Subject: [PATCH 2259/2573] Code format & package description fixes --- .../identifierlinkage/identifierlinkage.c | 4 +-- .../MutexInitializedInsideThread.ql | 2 +- c/misra/test/rules/RULE-22-13/test.c | 4 +-- c/misra/test/rules/RULE-22-16/test.c | 12 ++++----- .../src/codingstandards/cpp/Concurrency.qll | 26 +++++-------------- cpp/common/src/codingstandards/cpp/Type.qll | 12 ++++----- .../cpp/resources/ResourceLeakAnalysis.qll | 26 ++++++++++--------- .../cpp/resources/ResourceManagement.qll | 18 ++++++------- .../ExceptionSafetyValidState.qll | 20 ++------------ rule_packages/c/Concurrency8.json | 2 +- 10 files changed, 49 insertions(+), 77 deletions(-) diff --git a/c/common/test/library/identifierlinkage/identifierlinkage.c b/c/common/test/library/identifierlinkage/identifierlinkage.c index cf6b439797..25265aa144 100644 --- a/c/common/test/library/identifierlinkage/identifierlinkage.c +++ b/c/common/test/library/identifierlinkage/identifierlinkage.c @@ -25,6 +25,4 @@ struct s { }; // Enums and enum constants are not variables and have no linkage. -enum e { - E1 -}; \ No newline at end of file +enum e { E1 }; \ No newline at end of file diff --git a/c/misra/src/rules/RULE-22-14/MutexInitializedInsideThread.ql b/c/misra/src/rules/RULE-22-14/MutexInitializedInsideThread.ql index 649c941e66..a3a8f0b382 100644 --- a/c/misra/src/rules/RULE-22-14/MutexInitializedInsideThread.ql +++ b/c/misra/src/rules/RULE-22-14/MutexInitializedInsideThread.ql @@ -2,7 +2,7 @@ * @id c/misra/mutex-initialized-inside-thread * @name RULE-22-14: Thread synchronization objects shall be initialized deterministically * @description Mutex and condition objects initialized inside of threads may result in - * indeterministic state + * indeterministic state. * @kind problem * @precision high * @problem.severity recommendation diff --git a/c/misra/test/rules/RULE-22-13/test.c b/c/misra/test/rules/RULE-22-13/test.c index 0a5a84167d..193f4be471 100644 --- a/c/misra/test/rules/RULE-22-13/test.c +++ b/c/misra/test/rules/RULE-22-13/test.c @@ -47,7 +47,7 @@ void f1(void) { has_ptr_mtx_t l12; // COMPLIANT has_mtx_t l13[10]; // NON-COMPLIANT - l10 = &g1; // COMPLIANT - l10 = malloc(sizeof(mtx_t)); // NON-COMPLIANT + l10 = &g1; // COMPLIANT + l10 = malloc(sizeof(mtx_t)); // NON-COMPLIANT l10 = malloc(sizeof(mtx_t) * 4); // NON-COMPLIANT } \ No newline at end of file diff --git a/c/misra/test/rules/RULE-22-16/test.c b/c/misra/test/rules/RULE-22-16/test.c index b9a19165e8..00764645a4 100644 --- a/c/misra/test/rules/RULE-22-16/test.c +++ b/c/misra/test/rules/RULE-22-16/test.c @@ -41,7 +41,7 @@ void f6(int p) { goto skipped; } mtx_unlock(&m); - skipped: +skipped: } void f7(int p) { @@ -84,24 +84,24 @@ void f13() { mtx_t m; } s; mtx_lock(&s.m); // COMPLIANT - mtx_unlock(&s.m); + mtx_unlock(&s.m); } void f14() { - for(;;) { + for (;;) { mtx_t m; mtx_lock(&m); // COMPLIANT - mtx_unlock(&m); + mtx_unlock(&m); } } void f15(int p) { - for(;;) { + for (;;) { mtx_t m; mtx_lock(&m); // NON-COMPLIANT if (p) { break; } - mtx_unlock(&m); + mtx_unlock(&m); } } \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/Concurrency.qll b/cpp/common/src/codingstandards/cpp/Concurrency.qll index f68553dfd9..ba4517a284 100644 --- a/cpp/common/src/codingstandards/cpp/Concurrency.qll +++ b/cpp/common/src/codingstandards/cpp/Concurrency.qll @@ -70,27 +70,19 @@ class C11ThreadCreateCall extends ThreadCreationFunction { } class C11MutexType extends TypedefType { - C11MutexType() { - this.hasName("mtx_t") - } + C11MutexType() { this.hasName("mtx_t") } } class C11ThreadType extends TypedefType { - C11ThreadType() { - this.hasName("thrd_t") - } + C11ThreadType() { this.hasName("thrd_t") } } class C11ConditionType extends TypedefType { - C11ConditionType() { - this.hasName("cnd_t") - } + C11ConditionType() { this.hasName("cnd_t") } } class C11ThreadStorageType extends TypedefType { - C11ThreadStorageType() { - this.hasName("tss_t") - } + C11ThreadStorageType() { this.hasName("tss_t") } } class C11ThreadingObjectType extends TypedefType { @@ -100,7 +92,7 @@ class C11ThreadingObjectType extends TypedefType { this instanceof C11ThreadType or this instanceof C11ConditionType - or + or this instanceof C11ThreadStorageType } } @@ -506,13 +498,9 @@ class CConditionOperation extends FunctionCall { getTarget().hasName(["cnd_broadcast", "cnd_signal", "cnd_timedwait", "cnd_wait", "cnd_init"]) } - predicate isInit() { - getTarget().hasName("cnd_init") - } + predicate isInit() { getTarget().hasName("cnd_init") } - predicate isUse() { - not isInit() - } + predicate isUse() { not isInit() } Expr getConditionExpr() { result = getArgument(0) } diff --git a/cpp/common/src/codingstandards/cpp/Type.qll b/cpp/common/src/codingstandards/cpp/Type.qll index 4f72f5612e..42d77b8055 100644 --- a/cpp/common/src/codingstandards/cpp/Type.qll +++ b/cpp/common/src/codingstandards/cpp/Type.qll @@ -64,21 +64,21 @@ signature class PossiblySpecifiedBaseType extends Type; /** * This module defines a class `Type` which holds for types `T` and `const/volatile T` etc. - * + * * Similar to `getUnspecifiedType()`, but does not resolve typedefs. Useful for matching * potentially qualified versions of standard typedef types, such as `const mtx_t`. - * + * * Example usage: `someType.(PossiblySpecified::Type).strip()` */ module PossiblySpecified { import cpp as cpp + final class CppType = cpp::Type; class Type extends CppType { BaseType baseType; - Type() { - baseType = stripSpecifiers(this) - } + + Type() { baseType = stripSpecifiers(this) } BaseType strip() { result = baseType } } @@ -93,4 +93,4 @@ int getPrecision(IntegralType type) { type.isExplicitlyUnsigned() and result = type.getSize() * 8 or type.isExplicitlySigned() and result = type.getSize() * 8 - 1 -} \ No newline at end of file +} diff --git a/cpp/common/src/codingstandards/cpp/resources/ResourceLeakAnalysis.qll b/cpp/common/src/codingstandards/cpp/resources/ResourceLeakAnalysis.qll index 4623b3e95e..2f932870b3 100644 --- a/cpp/common/src/codingstandards/cpp/resources/ResourceLeakAnalysis.qll +++ b/cpp/common/src/codingstandards/cpp/resources/ResourceLeakAnalysis.qll @@ -6,32 +6,32 @@ import codeql.util.Boolean /** * A library for detecting leaked resources. - * + * * To use this library, implement `ResourceLeakConfigSig`: - * + * * ``` * class UnjoinedThreadConfig implements ResourceLeakConfigSig { * predicate isResource(DataFlow::Node node) { * node.asExpr().isThreadCreate() * } - * + * * predicate isFree(ControlFlowNode node, DataFlow::Node resource) { * node.asExpr().isThreadJoin(resource.asExpr()) * } * } * ``` - * + * * You can now check if a resource is leaked through the module predicate * `ResourceLeak::isLeaked(resource)`. - * + * * The leak analysis finds the exit point of the function in which the resource is is declared, and * then reverses execution from there using `getAPredecessor()`. When this backwards walk discovers * a control flow node that frees the resource, that exploration stops. If any exploration reaches * a resource, that resource may be leaked via that path. - * + * * Uses `DataFlow::Node` in order to track aliases of the resource to better detect when the * resource is freed. - * + * * This library by default assumes that resources are expression nodes. To use it with other kinds * of nodes requires overriding `resourceInitPoint`. */ @@ -41,7 +41,8 @@ signature module ResourceLeakConfigSig { predicate isFree(ControlFlowNode node, DataFlow::Node resource); default DataFlow::Node getAnAlias(DataFlow::Node node) { - DataFlow::localFlow(node, result) or + DataFlow::localFlow(node, result) + or exists(Expr current, Expr after | current in [node.asExpr(), node.asDefiningArgument()] and after in [result.asExpr(), result.asDefiningArgument()] and @@ -57,9 +58,10 @@ signature module ResourceLeakConfigSig { } module ResourceLeak { - private newtype TResource = TJustResource(DataFlow::Node resource, ControlFlowNode cfgNode) { - Config::isAllocate(cfgNode, resource) - } + private newtype TResource = + TJustResource(DataFlow::Node resource, ControlFlowNode cfgNode) { + Config::isAllocate(cfgNode, resource) + } /** * Get an alias of a resource, and aliases of nodes that are aliased by a resource. @@ -98,4 +100,4 @@ module ResourceLeak { isLeakedAtControlPoint(resourceWrapper, result) ) } -} \ No newline at end of file +} diff --git a/cpp/common/src/codingstandards/cpp/resources/ResourceManagement.qll b/cpp/common/src/codingstandards/cpp/resources/ResourceManagement.qll index 93c26e0a46..58cf6fc8d2 100644 --- a/cpp/common/src/codingstandards/cpp/resources/ResourceManagement.qll +++ b/cpp/common/src/codingstandards/cpp/resources/ResourceManagement.qll @@ -11,9 +11,9 @@ module ResourceLeakConfig implements ResourceLeakConfigSig { ) or exists(FunctionCall f | - f.getTarget().hasQualifiedName("std", "basic_fstream", "open") - and allocPoint = f - and node.asDefiningArgument() = f.getQualifier() + f.getTarget().hasQualifiedName("std", "basic_fstream", "open") and + allocPoint = f and + node.asDefiningArgument() = f.getQualifier() ) or exists(FunctionCall f | @@ -24,22 +24,22 @@ module ResourceLeakConfig implements ResourceLeakConfigSig { } predicate isFree(ControlFlowNode node, DataFlow::Node resource) { - exists(DeallocationExpr d, Expr freedExpr| + exists(DeallocationExpr d, Expr freedExpr | freedExpr = d.getFreedExpr() and node = d and resource.asExpr() = freedExpr ) or exists(FunctionCall f | - f.getTarget().hasQualifiedName("std", "basic_fstream", "close") - and node = f and + f.getTarget().hasQualifiedName("std", "basic_fstream", "close") and + node = f and resource.asExpr() = f.getQualifier() ) or exists(FunctionCall f | - f.getTarget().hasQualifiedName("std", "mutex", "unlock") - and node = f and + f.getTarget().hasQualifiedName("std", "mutex", "unlock") and + node = f and resource.asExpr() = f.getQualifier() ) } -} \ No newline at end of file +} diff --git a/cpp/common/src/codingstandards/cpp/rules/exceptionsafetyvalidstate/ExceptionSafetyValidState.qll b/cpp/common/src/codingstandards/cpp/rules/exceptionsafetyvalidstate/ExceptionSafetyValidState.qll index 8ed5342def..5a712dd522 100644 --- a/cpp/common/src/codingstandards/cpp/rules/exceptionsafetyvalidstate/ExceptionSafetyValidState.qll +++ b/cpp/common/src/codingstandards/cpp/rules/exceptionsafetyvalidstate/ExceptionSafetyValidState.qll @@ -15,7 +15,6 @@ abstract class ExceptionSafetyValidStateSharedQuery extends Query { } Query getQuery() { result instanceof ExceptionSafetyValidStateSharedQuery } - /** * `UncaughtThrowExpr` models a `throw` expression that is not handled */ @@ -24,18 +23,11 @@ class UncaughtThrowExpr extends ThrowExpr { } module ThrowLeakConfig implements ResourceLeakConfigSig { - predicate isAllocate(ControlFlowNode node, DataFlow::Node resource) { - //exists(ResourceAcquisitionExpr rae | - // node = rae and resource.asExpr() = rae - //) ResourceLeakConfig::isAllocate(node, resource) } predicate isFree(ControlFlowNode node, DataFlow::Node resource) { - //exists(ResourceAcquisitionExpr rae | - // node = rae.getReleaseExpr() and resource.asExpr() = rae - //) ResourceLeakConfig::isFree(node, resource) } @@ -43,19 +35,11 @@ module ThrowLeakConfig implements ResourceLeakConfigSig { result.(UncaughtThrowExpr).getEnclosingFunction() = allocPoint.(Expr).getEnclosingFunction() } - DataFlow::Node getAnAlias(DataFlow::Node node) { - DataFlow::localFlow(node, result) - } + DataFlow::Node getAnAlias(DataFlow::Node node) { DataFlow::localFlow(node, result) } } -query predicate problems( - UncaughtThrowExpr te, string message, Element e, string eDescription -) { +query predicate problems(UncaughtThrowExpr te, string message, Element e, string eDescription) { not isExcluded(te, getQuery()) and - //exists(SubBasicBlock sbb | - // sbb.getANode() = e and - // te = followsInitialized(sbb) - //) and te = ResourceLeak::getALeak(e) and message = "The $@ is not released explicitly before throwing an exception." and eDescription = "allocated resource" diff --git a/rule_packages/c/Concurrency8.json b/rule_packages/c/Concurrency8.json index c27563f81e..2dc5d48042 100644 --- a/rule_packages/c/Concurrency8.json +++ b/rule_packages/c/Concurrency8.json @@ -61,7 +61,7 @@ ] }, { - "description": "Mutex and condition objects initialized inside of threads may result in indeterministic state", + "description": "Mutex and condition objects initialized inside of threads may result in indeterministic state.", "kind": "problem", "name": "Thread synchronization objects shall be initialized deterministically", "precision": "high", From f73df15dab20ade19313fc45e0db062ae1026255 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 28 Nov 2024 05:14:49 -0800 Subject: [PATCH 2260/2573] fix rules.csv package changes --- rules.csv | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/rules.csv b/rules.csv index 624de41885..e58d5658af 100644 --- a/rules.csv +++ b/rules.csv @@ -805,9 +805,9 @@ c,MISRA-C-2012,RULE-22-10,Yes,Required,,,The value of errno shall only be tested c,MISRA-C-2012,RULE-22-11,Yes,Required,,,A thread that was previously either joined or detached shall not be subsequently joined nor detached,CON39-C,Concurrency6,Import, c,MISRA-C-2012,RULE-22-12,Yes,Mandatory,,,"Thread objects, thread synchronization objects, and thread-specific storage pointers shall only be accessed by the appropriate Standard Library functions",,Concurrency8,Medium, c,MISRA-C-2012,RULE-22-13,Yes,Required,,,"Thread objects, thread synchronization objects, and thread specific storage pointers shall have appropriate storage duration",EXP54-CPP and CON34-C,Concurrency8,Medium, -c,MISRA-C-2012,RULE-22-14,Yes,Mandatory,,,Thread synchronization objects shall be initialized before being accessed,EXP53-CPP,Concurrency9,Hard, +c,MISRA-C-2012,RULE-22-14,Yes,Mandatory,,,Thread synchronization objects shall be initialized before being accessed,EXP53-CPP,Concurrency8,Hard, c,MISRA-C-2012,RULE-22-15,Yes,Required,,,Thread synchronization objects and thread-specific storage pointers shall not be destroyed until after all threads accessing them have terminated,,Concurrency6,Hard, -c,MISRA-C-2012,RULE-22-16,Yes,Required,,,All mutex objects locked by a thread shall be explicitly unlocked by the same thread,MEM51-CPP,Concurrency9,Hard, +c,MISRA-C-2012,RULE-22-16,Yes,Required,,,All mutex objects locked by a thread shall be explicitly unlocked by the same thread,MEM51-CPP,Concurrency8,Hard, c,MISRA-C-2012,RULE-22-17,Yes,Required,,,No thread shall unlock a mutex or call cnd_wait() or cnd_timedwait() for a mutex it has not locked before,Rule 22.2,Concurrency6,Medium, c,MISRA-C-2012,RULE-22-18,Yes,Required,,,Non-recursive mutexes shall not be recursively locked,CON56-CPP,Concurrency6,Medium, c,MISRA-C-2012,RULE-22-19,Yes,Required,,,A condition variable shall be associated with at most one mutex object,,Concurrency6,Medium, From 616935254fd44bb1b3b96158e0169873fafeafc1 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 28 Nov 2024 05:21:53 -0800 Subject: [PATCH 2261/2573] Query formatting --- .../rules/CON34-C/AppropriateThreadObjectStorageDurations.ql | 3 ++- .../DCL30-C/AppropriateStorageDurationsFunctionReturn.ql | 5 +++-- .../AllocStructsWithAFlexibleArrayMemberDynamically.ql | 5 +++-- c/common/src/codingstandards/c/UninitializedMutex.qll | 0 c/common/test/library/objects/ObjectIdentity.ql | 2 +- .../RULE-18-9/ArrayToPointerConversionOfTemporaryObject.ql | 4 +--- .../ModifiableLValueSubscriptedWithTemporaryLifetime.ql | 4 +++- c/misra/src/rules/RULE-22-14/MutexInitializedInsideThread.ql | 5 ++--- c/misra/src/rules/RULE-22-14/MutexNotInitializedBeforeUse.ql | 2 +- 9 files changed, 16 insertions(+), 14 deletions(-) delete mode 100644 c/common/src/codingstandards/c/UninitializedMutex.qll diff --git a/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql b/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql index 6d9caacc5c..5a1dd3c461 100644 --- a/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql +++ b/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql @@ -32,7 +32,8 @@ where ( addrNode = DataFlow::exprNode(any(AddressOfExpr e | e.getOperand() = acc)) or - addrNode = DataFlow::exprNode(acc) and exists(ArrayToPointerConversion c | c.getExpr() = acc) + addrNode = DataFlow::exprNode(acc) and + exists(ArrayToPointerConversion c | c.getExpr() = acc) ) and TaintTracking::localTaint(addrNode, DataFlow::exprNode(arg)) ) diff --git a/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql b/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql index 1e1e19c7c6..02f195e768 100644 --- a/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql +++ b/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql @@ -18,9 +18,10 @@ import codingstandards.cpp.dataflow.DataFlow class Source extends Expr { ObjectIdentity rootObject; + Source() { - rootObject.getStorageDuration().isAutomatic() - and this = rootObject.getASubobjectAddressExpr() + rootObject.getStorageDuration().isAutomatic() and + this = rootObject.getASubobjectAddressExpr() } } diff --git a/c/cert/src/rules/MEM33-C/AllocStructsWithAFlexibleArrayMemberDynamically.ql b/c/cert/src/rules/MEM33-C/AllocStructsWithAFlexibleArrayMemberDynamically.ql index 4e4ccc2171..f4483bd9fe 100644 --- a/c/cert/src/rules/MEM33-C/AllocStructsWithAFlexibleArrayMemberDynamically.ql +++ b/c/cert/src/rules/MEM33-C/AllocStructsWithAFlexibleArrayMemberDynamically.ql @@ -62,14 +62,15 @@ class FlexibleArrayStructDynamicAlloc extends FlexibleArrayAlloc, FunctionCall { */ class FlexibleArrayNonDynamicAlloc extends FlexibleArrayAlloc { ObjectIdentity object; + FlexibleArrayNonDynamicAlloc() { this = object and not object.getStorageDuration().isAllocated() and // Exclude temporaries. Though they should violate this rule, in practice these results are // often spurious and redundant, such as (*x = *x) which creates an unused temporary object. not object.hasTemporaryLifetime() and - object.getType().getUnspecifiedType() instanceof FlexibleArrayStructType - and not exists(Variable v | v.getInitializer().getExpr() = this) + object.getType().getUnspecifiedType() instanceof FlexibleArrayStructType and + not exists(Variable v | v.getInitializer().getExpr() = this) } override Element getReportElement() { result = object } diff --git a/c/common/src/codingstandards/c/UninitializedMutex.qll b/c/common/src/codingstandards/c/UninitializedMutex.qll deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/c/common/test/library/objects/ObjectIdentity.ql b/c/common/test/library/objects/ObjectIdentity.ql index 28e6832bb2..0e92e588ba 100644 --- a/c/common/test/library/objects/ObjectIdentity.ql +++ b/c/common/test/library/objects/ObjectIdentity.ql @@ -2,4 +2,4 @@ import codingstandards.c.Objects from ObjectIdentity obj where obj.getFile().getBaseName() = "objectidentity.c" -select obj, obj.getStorageDuration(), obj.getType() \ No newline at end of file +select obj, obj.getStorageDuration(), obj.getType() diff --git a/c/misra/src/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.ql b/c/misra/src/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.ql index c65890f6bc..da73214859 100644 --- a/c/misra/src/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.ql +++ b/c/misra/src/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.ql @@ -58,9 +58,7 @@ Expr temporaryObjectFlowStep(Expr e) { e = result.(ConditionalExpr).getElse() } -from - FieldAccess fa, TemporaryObjectIdentity temporary, - ArrayToPointerConversion conversion +from FieldAccess fa, TemporaryObjectIdentity temporary, ArrayToPointerConversion conversion where not isExcluded(conversion, InvalidMemory3Package::arrayToPointerConversionOfTemporaryObjectQuery()) and fa = temporary.getASubobjectAccess() and diff --git a/c/misra/src/rules/RULE-18-9/ModifiableLValueSubscriptedWithTemporaryLifetime.ql b/c/misra/src/rules/RULE-18-9/ModifiableLValueSubscriptedWithTemporaryLifetime.ql index e10b478ee7..5ccc8316ec 100644 --- a/c/misra/src/rules/RULE-18-9/ModifiableLValueSubscriptedWithTemporaryLifetime.ql +++ b/c/misra/src/rules/RULE-18-9/ModifiableLValueSubscriptedWithTemporaryLifetime.ql @@ -26,7 +26,9 @@ predicate usedAsModifiableLvalue(Expr expr, Boolean allowArrayAccess) { exists(AddressOfExpr parent | parent.getOperand() = expr) or // Don't report `x.y[0].m[0]++` twice. Recurse with `allowArrayAccess` set to false. - exists(FieldAccess parent | parent.getQualifier() = expr and usedAsModifiableLvalue(parent, false)) + exists(FieldAccess parent | + parent.getQualifier() = expr and usedAsModifiableLvalue(parent, false) + ) or allowArrayAccess = true and exists(ArrayExpr parent | parent.getArrayBase() = expr and usedAsModifiableLvalue(parent, true)) diff --git a/c/misra/src/rules/RULE-22-14/MutexInitializedInsideThread.ql b/c/misra/src/rules/RULE-22-14/MutexInitializedInsideThread.ql index a3a8f0b382..497fdaf14d 100644 --- a/c/misra/src/rules/RULE-22-14/MutexInitializedInsideThread.ql +++ b/c/misra/src/rules/RULE-22-14/MutexInitializedInsideThread.ql @@ -22,6 +22,5 @@ from C11MutexSource mutexCreate, ThreadedFunction thread where not isExcluded(mutexCreate, Concurrency8Package::mutexInitializedInsideThreadQuery()) and thread.calls*(mutexCreate.getEnclosingFunction()) -select -mutexCreate, "Mutex initialization reachable from threaded function '$@'.", -thread, thread.getName() +select mutexCreate, "Mutex initialization reachable from threaded function '$@'.", thread, + thread.getName() diff --git a/c/misra/src/rules/RULE-22-14/MutexNotInitializedBeforeUse.ql b/c/misra/src/rules/RULE-22-14/MutexNotInitializedBeforeUse.ql index ed4226c207..f02891d5d0 100644 --- a/c/misra/src/rules/RULE-22-14/MutexNotInitializedBeforeUse.ql +++ b/c/misra/src/rules/RULE-22-14/MutexNotInitializedBeforeUse.ql @@ -50,6 +50,7 @@ class ThreadObjectInitialization extends FunctionCall { class ThreadObjectUse extends Expr { ObjectIdentity owningObject; string typeString; + ThreadObjectUse() { owningObject.getASubobjectAddressExpr() = this and ( @@ -78,7 +79,6 @@ class ThreadObjectUse extends Expr { } } - predicate requiresInitializedMutexObject( Function func, ThreadObjectUse mutexUse, ObjectIdentity owningObject ) { From 6ad3660b0245b7c93509ed2389bc8a62ba139de7 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 28 Nov 2024 08:14:31 -0800 Subject: [PATCH 2262/2573] Fix RAII mutex test --- cpp/common/src/codingstandards/cpp/Concurrency.qll | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/Concurrency.qll b/cpp/common/src/codingstandards/cpp/Concurrency.qll index ba4517a284..8043352c5a 100644 --- a/cpp/common/src/codingstandards/cpp/Concurrency.qll +++ b/cpp/common/src/codingstandards/cpp/Concurrency.qll @@ -352,7 +352,15 @@ class RAIIStyleLock extends LockingOperation { getTarget().getDeclaringType().hasQualifiedName("std", "unique_lock") or getTarget().getDeclaringType().hasQualifiedName("std", "scoped_lock") ) and - lock = getArgument(0).getAChild*() + ( + lock = getArgument(0).getAChild*() + or + this instanceof DestructorCall and + exists(RAIIStyleLock constructor | + constructor = getQualifier().(VariableAccess).getTarget().getInitializer().getExpr() and + lock = constructor.getArgument(0).getAChild*() + ) + ) } /** @@ -361,6 +369,7 @@ class RAIIStyleLock extends LockingOperation { override predicate isLock() { not isLockingOperationWithinLockingOperation(this) and this instanceof ConstructorCall and + lock = getArgument(0).getAChild*() and // defer_locks don't cause a lock not exists(Expr exp | exp = getArgument(1) and From f3a6c3f4e53fbc80870d848da14c7f9b50d2a6c7 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 2 Dec 2024 14:33:04 +0000 Subject: [PATCH 2263/2573] Deviations: remove no longer required query lgtm-style suppressions are no longer supported by CodeQL and Code Scanning. --- .../deviations/DeviationsSuppression.qhelp | 12 -- .../cpp/deviations/DeviationsSuppression.ql | 120 ------------------ 2 files changed, 132 deletions(-) delete mode 100644 cpp/common/src/codingstandards/cpp/deviations/DeviationsSuppression.qhelp delete mode 100644 cpp/common/src/codingstandards/cpp/deviations/DeviationsSuppression.ql diff --git a/cpp/common/src/codingstandards/cpp/deviations/DeviationsSuppression.qhelp b/cpp/common/src/codingstandards/cpp/deviations/DeviationsSuppression.qhelp deleted file mode 100644 index 0bf3a3a71b..0000000000 --- a/cpp/common/src/codingstandards/cpp/deviations/DeviationsSuppression.qhelp +++ /dev/null @@ -1,12 +0,0 @@ - - - -

This query generates suppression information for rules that have an associated deviation record.

- - - - - \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/deviations/DeviationsSuppression.ql b/cpp/common/src/codingstandards/cpp/deviations/DeviationsSuppression.ql deleted file mode 100644 index 9035b7d288..0000000000 --- a/cpp/common/src/codingstandards/cpp/deviations/DeviationsSuppression.ql +++ /dev/null @@ -1,120 +0,0 @@ -/** - * @name Deviation suppression - * @description Generates information about files and locations where certain alerts should be considered suppressed by deviations. - * @kind alert-suppression - * @id cpp/coding-standards/deviation-suppression - */ - -import cpp -import Deviations - -/** Holds if `lineNumber` is an indexed line number in file `f`. */ -private predicate isLineNumber(File f, int lineNumber) { - exists(Location l | l.getFile() = f | - l.getStartLine() = lineNumber - or - l.getEndLine() = lineNumber - ) -} - -/** Gets the last line number in `f`. */ -private int getLastLineNumber(File f) { result = max(int lineNumber | isLineNumber(f, lineNumber)) } - -/** Gets the last column number on the last line of `f`. */ -int getLastColumnNumber(File f) { - result = - max(Location l | - l.getFile() = f and - l.getEndLine() = getLastLineNumber(f) - | - l.getEndColumn() - ) -} - -newtype TDeviationScope = - TDeviationRecordFileScope(DeviationRecord dr, File file) { - exists(string deviationPath | - dr.isDeviated(_, deviationPath) and - file.getRelativePath().prefix(deviationPath.length()) = deviationPath - ) - } or - TDeviationRecordCommentScope(DeviationRecord dr, Comment c) { c = dr.getACodeIdentifierComment() } - -/** A deviation scope. */ -class DeviationScope extends TDeviationScope { - /** Gets the location at which this deviation was defined. */ - abstract Locatable getDeviationDefinitionLocation(); - - /** Gets the Query being deviated. */ - abstract Query getQuery(); - - abstract string toString(); - - abstract predicate hasLocationInfo( - string filepath, int startline, int startcolumn, int endline, int endcolumn - ); -} - -/** A deviation scope derived from a "path" entry in a `DeviationRecord`. */ -class DeviationRecordFileScope extends DeviationScope, TDeviationRecordFileScope { - private DeviationRecord getDeviationRecord() { this = TDeviationRecordFileScope(result, _) } - - override Locatable getDeviationDefinitionLocation() { result = getDeviationRecord() } - - private File getFile() { this = TDeviationRecordFileScope(_, result) } - - override Query getQuery() { result = getDeviationRecord().getQuery() } - - override predicate hasLocationInfo( - string filepath, int startline, int startcolumn, int endline, int endcolumn - ) { - // In an ideal world, we would produce a URL here that informed the AlertSuppression code that - // the whole file was suppressed. However, experimentation suggestions the alert suppression - // code only works with locations with lines and columns, so we generate a location that covers - // the whole "indexed" file, by finding the location indexed in the database with the latest - // line and column number. - exists(File f | f = getFile() | - f.getLocation().hasLocationInfo(filepath, _, _, _, _) and - startline = 1 and - startcolumn = 1 and - endline = getLastLineNumber(f) and - endcolumn = getLastColumnNumber(f) - ) - } - - override string toString() { - result = "Deviation of " + getDeviationRecord().getQuery() + " for " + getFile() + "." - } -} - -/** - * A deviation scope derived from a comment corresponding to a "code-identifier" entry for a - * `DeviationRecord`. - */ -class DeviationRecordCommentScope extends DeviationScope, TDeviationRecordCommentScope { - private DeviationRecord getDeviationRecord() { this = TDeviationRecordCommentScope(result, _) } - - private Comment getComment() { this = TDeviationRecordCommentScope(_, result) } - - override Locatable getDeviationDefinitionLocation() { result = getDeviationRecord() } - - override Query getQuery() { result = getDeviationRecord().getQuery() } - - override predicate hasLocationInfo( - string filepath, int startline, int startcolumn, int endline, int endcolumn - ) { - getComment().getLocation().hasLocationInfo(filepath, startline, _, endline, endcolumn) and - startcolumn = 1 - } - - override string toString() { - result = - "Deviation of " + getDeviationRecord().getQuery() + " for comment " + getComment() + "." - } -} - -from DeviationScope deviationScope -select deviationScope.getDeviationDefinitionLocation(), // suppression comment - "// lgtm[" + deviationScope.getQuery().getQueryId() + "]", // text of suppression comment (excluding delimiters) - "lgtm[" + deviationScope.getQuery().getQueryId() + "]", // text of suppression annotation - deviationScope // scope of suppression From 7b2a2e0e183931cc12c2138f792ecfb045f74513 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 3 Dec 2024 12:02:37 +0000 Subject: [PATCH 2264/2573] Add library for more complex code identifier deviations This new library supports deviating on the next line, or on ranges, in addition to deviating on the current line. --- .../deviations/CodeIdentifierDeviation.qll | 242 ++++++++++++++++++ 1 file changed, 242 insertions(+) create mode 100644 cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll diff --git a/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll b/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll new file mode 100644 index 0000000000..e6220711a9 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll @@ -0,0 +1,242 @@ +/** + * A module for identifying comment markers in code that trigger deviations. + * + * Each comment marker consists of a `code-identifier` with some optional annotations. A deviation will be applied to + * some range of lines in the file containing the comment based on the annotation. The supported marker annotation + * formats are: + * - `` - the deviation applies to results on the current line. + * - `DEVIATION()` - same as above. + * - `DEVIATION_NEXT_LINE()` - this deviation applies to results on the next line. + * - `DEVIATION_BEGIN()` - marks the beginning of a range of lines where the deviation applies. + * - `DEVIATION_END()` - marks the end of a range of lines where the deviation applies. + * + * The valid `code-identifier`s are specified in deviation records, which also specify the query whose results are + * suppressed by the deviation. + * + * For begin/end, we maintain a stack of begin markers. When we encounter an end marker, we pop the stack to determine + * the range of that begin/end marker. If the stack is empty, the end marker is considered unmatched and invalid. If + * the stack is non-empty at the end of the file, all the begin markers are considered unmatched and invalid. + * + * Begin/end markers are not valid across include boundaries, as the stack is not maintained across files. + */ + +import cpp +import Deviations + +/** + * Holds if the given comment contains the code identifier. + */ +bindingset[codeIdentifier] +private predicate commentMatches(Comment comment, string codeIdentifier) { + exists(string text | + comment instanceof CppStyleComment and + // strip the beginning slashes + text = comment.getContents().suffix(2).trim() + or + comment instanceof CStyleComment and + // strip both the beginning /* and the end */ the comment + exists(string text0 | + text0 = comment.getContents().suffix(2) and + text = text0.prefix(text0.length() - 2).trim() + ) and + // The /* */ comment must be a single-line comment + not text.matches("%\n%") + | + // Code identifier appears at the start of the comment (modulo whitespace) + text.prefix(codeIdentifier.length()) = codeIdentifier + or + // Code identifier appears at the end of the comment (modulo whitespace) + text.suffix(text.length() - codeIdentifier.length()) = codeIdentifier + ) +} + +/** + * A deviation marker in the code. + */ +abstract class DeviationMarker extends Comment { + DeviationRecord record; + + /** + * Gets the deviation record associated with this deviation marker. + */ + DeviationRecord getRecord() { result = record } +} + +/** + * A deviation marker for a deviation that applies to the current line. + */ +class DeviationEndOfLineMarker extends DeviationMarker { + DeviationEndOfLineMarker() { + commentMatches(this, "DEVIATION(" + record.getCodeIdentifier() + ")") + } +} + +/** + * A deviation marker for a deviation that applies to the next line. + */ +class DeviationNextLineMarker extends DeviationMarker { + DeviationNextLineMarker() { + commentMatches(this, "DEVIATION_NEXT_LINE(" + record.getCodeIdentifier() + ")") + } +} + +/** + * A deviation marker for a deviation that applies to a range of lines + */ +abstract class DeviationRangeMarker extends DeviationMarker { } + +/** + * A deviation marker for a deviation that begins on this line. + */ +class DeviationBegin extends DeviationRangeMarker { + DeviationBegin() { commentMatches(this, "DEVIATION_BEGIN(" + record.getCodeIdentifier() + ")") } +} + +/** + * A deviation marker for a deviation that ends on this line. + */ +class DeviationEnd extends DeviationRangeMarker { + DeviationEnd() { commentMatches(this, "DEVIATION_END(" + record.getCodeIdentifier() + ")") } +} + +private predicate hasDeviationCommentFileOrdering( + DeviationRecord record, DeviationRangeMarker comment, File file, int index +) { + comment = + rank[index](DeviationRangeMarker c | + c.getRecord() = record and + file = c.getFile() + | + c order by c.getLocation().getStartLine(), c.getLocation().getStartColumn() + ) +} + +private predicate mkBeginStack(DeviationRecord record, File file, BeginStack stack, int index) { + // Stack is empty at the start + index = 0 and + stack = TEmptyBeginStack() and + exists(DeviationRangeMarker marker | + marker.getRecord() = record and marker.getLocation().getFile() = file + ) + or + // Next token is begin, so push it to the stack + exists(DeviationBegin begin, BeginStack prev | + record = begin.getRecord() and + hasDeviationCommentFileOrdering(record, begin, file, index) and + mkBeginStack(record, file, prev, index - 1) and + stack = TConsBeginStack(begin, prev) + ) + or + // Next token is end + exists(DeviationEnd end, BeginStack prevStack | + record = end.getRecord() and + hasDeviationCommentFileOrdering(record, end, file, index) and + mkBeginStack(record, file, prevStack, index - 1) + | + // There is, so pop the most recent begin off the stack + prevStack = TConsBeginStack(_, stack) + or + // Error, no begin on the stack, ignore and continue + prevStack = TEmptyBeginStack() and + stack = TEmptyBeginStack() + ) +} + +newtype TBeginStack = + TConsBeginStack(DeviationBegin begin, TBeginStack prev) { + exists(File file, int index | + hasDeviationCommentFileOrdering(begin.getRecord(), begin, file, index) and + mkBeginStack(begin.getRecord(), file, prev, index - 1) + ) + } or + TEmptyBeginStack() + +private class BeginStack extends TBeginStack { + string toString() { + exists(DeviationBegin begin, BeginStack prev | this = TConsBeginStack(begin, prev) | + result = "(" + begin + ", " + prev.toString() + ")" + ) + or + this = TEmptyBeginStack() and + result = "()" + } +} + +private predicate isDeviationRangePaired( + DeviationRecord record, DeviationBegin begin, DeviationEnd end +) { + exists(File file, int index | + record = end.getRecord() and + hasDeviationCommentFileOrdering(record, end, file, index) and + mkBeginStack(record, file, TConsBeginStack(begin, _), index - 1) + ) +} + +newtype TCodeIndentifierDeviation = + TSingleLineDeviation(DeviationRecord record, Comment comment, string filepath, int suppressedLine) { + ( + commentMatches(comment, record.getCodeIdentifier()) or + comment.(DeviationEndOfLineMarker).getRecord() = record + ) and + comment.getLocation().hasLocationInfo(filepath, suppressedLine, _, _, _) + or + comment.(DeviationNextLineMarker).getRecord() = record and + comment.getLocation().hasLocationInfo(filepath, suppressedLine - 1, _, _, _) + } or + TMultiLineDeviation( + DeviationRecord record, DeviationBegin beginComment, DeviationEnd endComment, string filepath, + int suppressedStartLine, int suppressedEndLine + ) { + isDeviationRangePaired(record, beginComment, endComment) and + beginComment.getLocation().hasLocationInfo(filepath, suppressedStartLine, _, _, _) and + endComment.getLocation().hasLocationInfo(filepath, suppressedEndLine, _, _, _) + } + +class CodeIdentifierDeviation extends TCodeIndentifierDeviation { + /** The deviation record associated with the deviation comment. */ + DeviationRecord getDeviationRecord() { + this = TSingleLineDeviation(result, _, _, _) + or + this = TMultiLineDeviation(result, _, _, _, _, _) + } + + /** + * Holds if the given element is matched by this code identifier deviation. + */ + bindingset[e] + pragma[inline_late] + predicate isElementMatching(Element e) { + exists(string filepath, int elementLocationStart | + e.getLocation().hasLocationInfo(filepath, elementLocationStart, _, _, _) + | + exists(int suppressedLine | + this = TSingleLineDeviation(_, _, filepath, suppressedLine) and + suppressedLine = elementLocationStart + ) + or + exists(int suppressedStartLine, int suppressedEndLine | + this = TMultiLineDeviation(_, _, _, filepath, suppressedStartLine, suppressedEndLine) and + suppressedStartLine < elementLocationStart and + suppressedEndLine > elementLocationStart + ) + ) + } + + string toString() { + exists(string filepath | + exists(int suppressedLine | + this = TSingleLineDeviation(_, _, filepath, suppressedLine) and + result = + "Deviation record " + getDeviationRecord() + " applied to " + filepath + " Line " + + suppressedLine + ) + or + exists(int suppressedStartLine, int suppressedEndLine | + this = TMultiLineDeviation(_, _, _, filepath, suppressedStartLine, suppressedEndLine) and + result = + "Deviation record " + getDeviationRecord() + " applied to " + filepath + " Line" + + suppressedStartLine + ":" + suppressedEndLine + ) + ) + } +} From f1730722ed98a0c7df7b27b755a43d27beb97302 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 3 Dec 2024 12:04:31 +0000 Subject: [PATCH 2265/2573] Deviations: Integrate extended code-identifier deviations This ties in the code-identifier deviation support to the deviations and exclusions libraries. --- .../src/codingstandards/cpp/Exclusions.qll | 21 +++++--------- .../cpp/deviations/Deviations.qll | 29 ++----------------- 2 files changed, 11 insertions(+), 39 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Exclusions.qll b/cpp/common/src/codingstandards/cpp/Exclusions.qll index b718f6535d..e6a477b220 100644 --- a/cpp/common/src/codingstandards/cpp/Exclusions.qll +++ b/cpp/common/src/codingstandards/cpp/Exclusions.qll @@ -35,19 +35,14 @@ predicate isExcluded(Element e, Query query, string reason) { ) and reason = "Query has an associated deviation record for the element's file." or - // The element is on the same line as a suppression comment - exists(Comment c | - c = dr.getACodeIdentifierComment() and - query = dr.getQuery() - | - exists(string filepath, int endLine | - // Comment occurs on the same line as the end line of the element - e.getLocation().hasLocationInfo(filepath, _, _, endLine, _) and - c.getLocation().hasLocationInfo(filepath, endLine, _, _, _) - ) - ) and - reason = - "Query has an associated deviation record with a code identifier that is applied to the element." + // The element is annotated by a code identifier that deviates this rule + exists(CodeIdentifierDeviation deviationInCode | + dr.getQuery() = query and + deviationInCode = dr.getACodeIdentifierDeviation() and + deviationInCode.isElementMatching(e) and + reason = + "Query has an associated deviation record with a code identifier that is applied to the element." + ) ) or // The effective category of the query is 'Disapplied'. diff --git a/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll b/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll index 4dfadd12eb..2388f95a37 100644 --- a/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll +++ b/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll @@ -8,6 +8,7 @@ import cpp import semmle.code.cpp.XML import codingstandards.cpp.exclusions.RuleMetadata import codingstandards.cpp.Config +import CodeIdentifierDeviation predicate applyDeviationsAtQueryLevel() { not exists(CodingStandardsReportDeviatedAlerts reportDeviatedResults | @@ -219,32 +220,8 @@ class DeviationRecord extends XmlElement { else result = getADeviationPermit().getCodeIdentifier() } - /** Gets a comment which starts or ends with the code identifier comment. */ - Comment getACodeIdentifierComment() { - exists(string text | - ( - result instanceof CppStyleComment and - // strip the beginning slashes - text = result.getContents().suffix(2).trim() - or - result instanceof CStyleComment and - // strip both the beginning /* and the end */ the comment - exists(string text0 | - text0 = result.getContents().suffix(2) and - text = text0.prefix(text0.length() - 2).trim() - ) and - // The /* */ comment must be a single-line comment - not text.matches("%\n%") - ) and - ( - // Code identifier appears at the start of the comment (modulo whitespace) - text.prefix(getCodeIdentifier().length()) = getCodeIdentifier() - or - // Code identifier appears at the end of the comment (modulo whitespace) - text.suffix(text.length() - getCodeIdentifier().length()) = getCodeIdentifier() - ) - ) - } + /** Gets a code identifier deviation in code which starts or ends with the code identifier comment. */ + CodeIdentifierDeviation getACodeIdentifierDeviation() { this = result.getDeviationRecord() } /** Gets the `rule-id` specified for this record, if any. */ private string getRawRuleId() { result = getAChild("rule-id").getTextValue() } From e36828d9236f6c8c1fbfb631dc639aa6724f92cd Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 3 Dec 2024 12:05:28 +0000 Subject: [PATCH 2266/2573] Deviations: Add test cases for new code-identifier deviations --- .../TypeLongDoubleUsed.expected | 4 +++ .../deviations/deviations_basic_test/main.cpp | 25 +++++++++++++++++++ 2 files changed, 29 insertions(+) diff --git a/cpp/common/test/deviations/deviations_basic_test/TypeLongDoubleUsed.expected b/cpp/common/test/deviations/deviations_basic_test/TypeLongDoubleUsed.expected index 7b78d54892..a4e045edcf 100644 --- a/cpp/common/test/deviations/deviations_basic_test/TypeLongDoubleUsed.expected +++ b/cpp/common/test/deviations/deviations_basic_test/TypeLongDoubleUsed.expected @@ -1 +1,5 @@ | main.cpp:13:15:13:16 | d1 | Use of long double type. | +| main.cpp:18:15:18:16 | d4 | Use of long double type. | +| main.cpp:21:15:21:16 | d6 | Use of long double type. | +| main.cpp:30:15:30:17 | d10 | Use of long double type. | +| main.cpp:38:15:38:17 | d14 | Use of long double type. | diff --git a/cpp/common/test/deviations/deviations_basic_test/main.cpp b/cpp/common/test/deviations/deviations_basic_test/main.cpp index 0b302ea1f2..53258f00fd 100644 --- a/cpp/common/test/deviations/deviations_basic_test/main.cpp +++ b/cpp/common/test/deviations/deviations_basic_test/main.cpp @@ -12,5 +12,30 @@ int main(int argc, char **argv) { getX(); // NON_COMPLIANT long double d1; // NON_COMPLIANT (A0-4-2) long double d2; // a-0-4-2-deviation COMPLIANT[DEVIATED] + + long double d3; // DEVIATION(a-0-4-2-deviation) COMPLIANT[DEVIATED] + + long double d4; // NON_COMPLIANT (A0-4-2) + // DEVIATION_NEXT_LINE(a-0-4-2-deviation) + long double d5; // COMPLIANT[DEVIATED] + long double d6; // NON_COMPLIANT (A0-4-2) + + // DEVIATION_BEGIN(a-0-4-2-deviation) + long double d7; // COMPLIANT[DEVIATED] + getX(); // NON_COMPLIANT (A0-1-2) + long double d8; // COMPLIANT[DEVIATED] + getX(); // NON_COMPLIANT (A0-1-2) + long double d9; // COMPLIANT[DEVIATED] + // DEVIATION_END(a-0-4-2-deviation) + long double d10; // NON_COMPLIANT (A0-4-2) + // DEVIATION_BEGIN(a-0-4-2-deviation) + long double d11; // COMPLIANT[DEVIATED] + getX(); // NON_COMPLIANT (A0-1-2) + long double d12; // COMPLIANT[DEVIATED] + getX(); // NON_COMPLIANT (A0-1-2) + long double d13; // COMPLIANT[DEVIATED] + // DEVIATION_END(a-0-4-2-deviation) + long double d14; // NON_COMPLIANT (A0-4-2) + getX(); // NON_COMPLIANT (A0-1-2) return 0; } \ No newline at end of file From e0779350a71ca7cbcafaa483017ff686aba7724e Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 3 Dec 2024 12:06:53 +0000 Subject: [PATCH 2267/2573] Update user manual for new code identifier deviations --- docs/user_manual.md | 49 +++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 47 insertions(+), 2 deletions(-) diff --git a/docs/user_manual.md b/docs/user_manual.md index 4c020dc73b..7ad4dc4208 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -29,7 +29,8 @@ | 0.21.0 | 2024-05-01 | Luke Cartey | Add MISRA C++ 2023 as under development, and clarify MISRA C 2012 coverage. | | 0.22.0 | 2024-10-02 | Luke Cartey | Add MISRA C 2023 as under development, and clarify MISRA C 2012 coverage. | | 0.23.0 | 2024-10-21 | Luke Cartey | Add assembly as a hazard. | -| 0.24.0 | 2024-10-22 | Luke Cartey | Add CodeQL packs as a usable output, update release artifacts list. | +| 0.24.0 | 2024-10-22 | Luke Cartey | Add CodeQL packs as a usable output, update release artifacts list. | +| 0.25.0 | 2024-12-03 | Luke Cartey | Discuss support for new deviation code identifier formats | ## Release information @@ -405,7 +406,7 @@ The example describes three ways of scoping a deviation: 1. The deviation for `A18-1-1` applies to any source file in the same or a child directory of the directory containing the example `coding-standards.yml`. 2. The deviation for `A18-5-1` applies to any source file in the directory `foo/bar` or a child directory of `foo/bar` relative to the directory containing the `coding-standards.yml`. -3. The deviation for `A0-4-2` applies to any source element that has a comment residing on **the same line** containing the identifier specified in `code-identifier`. +3. The deviation for `A0-4-2` applies to any source element that marked by a comment containing the identifier specified in `code-identifier`. The different acceptable formats are discussed in the next section. The activation of the deviation mechanism requires an extra step in the database creation process. This extra step is the invocation of the Python script `path/to/codeql-coding-standards/scripts/configuration/process_coding_standards_config.py` that is part of the coding standards code scanning pack. @@ -420,6 +421,50 @@ The `process_coding_standards_config.py` has a dependency on the package `pyyaml `pip3 install -r path/to/codeql-coding-standards/scripts/configuration/requirements.txt` +##### Deviation code identifiers + +A code identifier specified in a deviation record can be applied to certain results in the code by adding a comment marker consisting of a `code-identifier` with some optional annotations. The supported marker annotation formats are: + + - `` - the deviation applies to results on the current line. + - `DEVIATION()` - the deviation applies to results on the current line. + - `DEVIATION_NEXT_LINE()` - this deviation applies to results on the next line. + - `DEVIATION_BEGIN()` - marks the beginning of a range of lines where the deviation applies. + - `DEVIATION_END()` - marks the end of a range of lines where the deviation applies. + +Here are some examples, using the deviation record with the `a-0-4-2-deviation` code-identifier specified above: +```cpp + long double x1; // NON_COMPLIANT + + long double x2; // a-0-4-2-deviation - COMPLIANT + long double x3; // COMPLIANT - a-0-4-2-deviation + + long double x4; // DEVIATION(a-0-4-2-deviation) - COMPLIANT + long double x5; // COMPLIANT - DEVIATION(a-0-4-2-deviation) + + // DEVIATION_NEXT_LINE(a-0-4-2-deviation) + long double x6; // COMPLIANT + + // DEVIATION_BEGIN(a-0-4-2-deviation) + long double x7; // COMPLIANT + // DEVIATION_END(a-0-4-2-deviation) +``` + +`DEVIATION_END` markers will pair with the closest unmatched `DEVIATION_BEGIN` for the same `code-identifier`. Consider this example: +```cpp +1 | // DEVIATION_BEGIN(a-0-4-2-deviation) +2 | +3 | // DEVIATION_BEGIN(a-0-4-2-deviation) +4 | +5 | // DEVIATION_END(a-0-4-2-deviation) +6 | +7 | // DEVIATION_END(a-0-4-2-deviation) +``` +Here, Line 1 will pair with Line 7, and Line 3 will pair with Line 8. + +A `DEVIATION_END` without a matching `DEVIATION_BEGIN`, or `DEVIATION_BEGIN` without a matching `DEVIATION_END` is invalid and will be ignored. + +`DEVIATION_BEGIN` and `DEVIATION_END` markers only apply within a single file. Markers cannot be paired across files, and deviations do not apply to included files. + ##### Deviation permit The current implementation supports _deviation permits_ as described in the [MISRA Compliance:2020](https://www.misra.org.uk/app/uploads/2021/06/MISRA-Compliance-2020.pdf) section _4.3 Deviation permits_. From 9a1cbf3e1ddd88bbb6c8ca7b6eb61f5a9b9513aa Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 3 Dec 2024 15:02:22 +0000 Subject: [PATCH 2268/2573] Cvalue widening change note --- change_notes/2024-10-23-cvalue-widening.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 change_notes/2024-10-23-cvalue-widening.md diff --git a/change_notes/2024-10-23-cvalue-widening.md b/change_notes/2024-10-23-cvalue-widening.md new file mode 100644 index 0000000000..1d7a0f876a --- /dev/null +++ b/change_notes/2024-10-23-cvalue-widening.md @@ -0,0 +1,2 @@ + - `M5-0-3`, `M5-0-7`, `M5-0-8`, `M5-0-9` - `CvalueExpressionConvertedToDifferentUnderlyingType.ql`, `ExplicitFloatingIntegralConversionOfACValueExpr.ql`, `ExplicitWideningConversionOfACValueExpr.ql`, `ExplicitSignedness.ql`: + - Reduce false positives from misidentifying an explicitly casted expression used as a function argument or return value as a `cvalue`. From d77250ae1823f43e26875993df50d490525249d9 Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Wed, 4 Dec 2024 16:40:28 +0000 Subject: [PATCH 2269/2573] C++: Change an 'extends' to an 'instanceof' to make the query compile even if IRGuard is a final class. --- .../rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql b/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql index ab121a5cc6..0e3bf26124 100644 --- a/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql +++ b/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql @@ -20,17 +20,17 @@ import semmle.code.cpp.controlflow.Guards * A check on `signal` call return value * `if (signal(SIGINT, handler) == SIG_ERR)` */ -class SignalCheckOperation extends EqualityOperation, GuardCondition { +class SignalCheckOperation extends EqualityOperation instanceof GuardCondition { BasicBlock errorSuccessor; SignalCheckOperation() { this.getAnOperand() = any(MacroInvocation m | m.getMacroName() = "SIG_ERR").getExpr() and ( this.getOperator() = "==" and - this.controls(errorSuccessor, true) + super.controls(errorSuccessor, true) or this.getOperator() = "!=" and - this.controls(errorSuccessor, false) + super.controls(errorSuccessor, false) ) } From 466f16ec87d17af43abcb67357f7c503a3a2512b Mon Sep 17 00:00:00 2001 From: lcartey <5377966+lcartey@users.noreply.github.com> Date: Wed, 4 Dec 2024 18:01:54 +0000 Subject: [PATCH 2270/2573] Upgrading `github/codeql` dependency to 2.18.4 --- c/cert/src/codeql-pack.lock.yml | 20 ++++++++++++------- c/cert/src/qlpack.yml | 2 +- c/cert/test/codeql-pack.lock.yml | 20 ++++++++++++------- c/common/src/codeql-pack.lock.yml | 20 ++++++++++++------- c/common/src/qlpack.yml | 2 +- c/common/test/codeql-pack.lock.yml | 20 ++++++++++++------- c/misra/src/codeql-pack.lock.yml | 20 ++++++++++++------- c/misra/src/qlpack.yml | 2 +- c/misra/test/codeql-pack.lock.yml | 20 ++++++++++++------- cpp/autosar/src/codeql-pack.lock.yml | 20 ++++++++++++------- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/codeql-pack.lock.yml | 20 ++++++++++++------- cpp/cert/src/codeql-pack.lock.yml | 20 ++++++++++++------- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/codeql-pack.lock.yml | 20 ++++++++++++------- cpp/common/src/codeql-pack.lock.yml | 20 ++++++++++++------- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/codeql-pack.lock.yml | 20 ++++++++++++------- cpp/misra/src/codeql-pack.lock.yml | 20 ++++++++++++------- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/codeql-pack.lock.yml | 20 ++++++++++++------- cpp/report/src/codeql-pack.lock.yml | 20 ++++++++++++------- cpp/report/src/qlpack.yml | 2 +- .../queries/codeql-pack.lock.yml | 20 ++++++++++++------- scripts/generate_modules/queries/qlpack.yml | 2 +- supported_codeql_configs.json | 6 +++--- 26 files changed, 220 insertions(+), 124 deletions(-) diff --git a/c/cert/src/codeql-pack.lock.yml b/c/cert/src/codeql-pack.lock.yml index 2cbbccee53..910a6e060e 100644 --- a/c/cert/src/codeql-pack.lock.yml +++ b/c/cert/src/codeql-pack.lock.yml @@ -2,17 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.12.9 + version: 1.4.2 codeql/dataflow: - version: 0.2.3 + version: 1.1.1 + codeql/mad: + version: 1.0.7 codeql/rangeanalysis: - version: 0.0.11 + version: 1.0.7 codeql/ssa: - version: 0.2.12 + version: 1.0.7 codeql/tutorial: - version: 0.2.12 + version: 1.0.7 + codeql/typeflow: + version: 1.0.7 codeql/typetracking: - version: 0.2.12 + version: 1.0.7 codeql/util: - version: 0.2.12 + version: 1.0.7 + codeql/xml: + version: 1.0.7 compiled: false diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index 00a8221f28..f7454d1ff0 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -5,4 +5,4 @@ suites: codeql-suites license: MIT dependencies: codeql/common-c-coding-standards: '*' - codeql/cpp-all: 0.12.9 + codeql/cpp-all: 1.4.2 diff --git a/c/cert/test/codeql-pack.lock.yml b/c/cert/test/codeql-pack.lock.yml index 2cbbccee53..910a6e060e 100644 --- a/c/cert/test/codeql-pack.lock.yml +++ b/c/cert/test/codeql-pack.lock.yml @@ -2,17 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.12.9 + version: 1.4.2 codeql/dataflow: - version: 0.2.3 + version: 1.1.1 + codeql/mad: + version: 1.0.7 codeql/rangeanalysis: - version: 0.0.11 + version: 1.0.7 codeql/ssa: - version: 0.2.12 + version: 1.0.7 codeql/tutorial: - version: 0.2.12 + version: 1.0.7 + codeql/typeflow: + version: 1.0.7 codeql/typetracking: - version: 0.2.12 + version: 1.0.7 codeql/util: - version: 0.2.12 + version: 1.0.7 + codeql/xml: + version: 1.0.7 compiled: false diff --git a/c/common/src/codeql-pack.lock.yml b/c/common/src/codeql-pack.lock.yml index 2cbbccee53..910a6e060e 100644 --- a/c/common/src/codeql-pack.lock.yml +++ b/c/common/src/codeql-pack.lock.yml @@ -2,17 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.12.9 + version: 1.4.2 codeql/dataflow: - version: 0.2.3 + version: 1.1.1 + codeql/mad: + version: 1.0.7 codeql/rangeanalysis: - version: 0.0.11 + version: 1.0.7 codeql/ssa: - version: 0.2.12 + version: 1.0.7 codeql/tutorial: - version: 0.2.12 + version: 1.0.7 + codeql/typeflow: + version: 1.0.7 codeql/typetracking: - version: 0.2.12 + version: 1.0.7 codeql/util: - version: 0.2.12 + version: 1.0.7 + codeql/xml: + version: 1.0.7 compiled: false diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 41bf42d337..1930faeeb0 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -3,4 +3,4 @@ version: 2.39.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.12.9 + codeql/cpp-all: 1.4.2 diff --git a/c/common/test/codeql-pack.lock.yml b/c/common/test/codeql-pack.lock.yml index 2cbbccee53..910a6e060e 100644 --- a/c/common/test/codeql-pack.lock.yml +++ b/c/common/test/codeql-pack.lock.yml @@ -2,17 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.12.9 + version: 1.4.2 codeql/dataflow: - version: 0.2.3 + version: 1.1.1 + codeql/mad: + version: 1.0.7 codeql/rangeanalysis: - version: 0.0.11 + version: 1.0.7 codeql/ssa: - version: 0.2.12 + version: 1.0.7 codeql/tutorial: - version: 0.2.12 + version: 1.0.7 + codeql/typeflow: + version: 1.0.7 codeql/typetracking: - version: 0.2.12 + version: 1.0.7 codeql/util: - version: 0.2.12 + version: 1.0.7 + codeql/xml: + version: 1.0.7 compiled: false diff --git a/c/misra/src/codeql-pack.lock.yml b/c/misra/src/codeql-pack.lock.yml index 2cbbccee53..910a6e060e 100644 --- a/c/misra/src/codeql-pack.lock.yml +++ b/c/misra/src/codeql-pack.lock.yml @@ -2,17 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.12.9 + version: 1.4.2 codeql/dataflow: - version: 0.2.3 + version: 1.1.1 + codeql/mad: + version: 1.0.7 codeql/rangeanalysis: - version: 0.0.11 + version: 1.0.7 codeql/ssa: - version: 0.2.12 + version: 1.0.7 codeql/tutorial: - version: 0.2.12 + version: 1.0.7 + codeql/typeflow: + version: 1.0.7 codeql/typetracking: - version: 0.2.12 + version: 1.0.7 codeql/util: - version: 0.2.12 + version: 1.0.7 + codeql/xml: + version: 1.0.7 compiled: false diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index b160f27b6e..656394ad1d 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -6,4 +6,4 @@ license: MIT default-suite-file: codeql-suites/misra-c-default.qls dependencies: codeql/common-c-coding-standards: '*' - codeql/cpp-all: 0.12.9 + codeql/cpp-all: 1.4.2 diff --git a/c/misra/test/codeql-pack.lock.yml b/c/misra/test/codeql-pack.lock.yml index 2cbbccee53..910a6e060e 100644 --- a/c/misra/test/codeql-pack.lock.yml +++ b/c/misra/test/codeql-pack.lock.yml @@ -2,17 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.12.9 + version: 1.4.2 codeql/dataflow: - version: 0.2.3 + version: 1.1.1 + codeql/mad: + version: 1.0.7 codeql/rangeanalysis: - version: 0.0.11 + version: 1.0.7 codeql/ssa: - version: 0.2.12 + version: 1.0.7 codeql/tutorial: - version: 0.2.12 + version: 1.0.7 + codeql/typeflow: + version: 1.0.7 codeql/typetracking: - version: 0.2.12 + version: 1.0.7 codeql/util: - version: 0.2.12 + version: 1.0.7 + codeql/xml: + version: 1.0.7 compiled: false diff --git a/cpp/autosar/src/codeql-pack.lock.yml b/cpp/autosar/src/codeql-pack.lock.yml index 2cbbccee53..910a6e060e 100644 --- a/cpp/autosar/src/codeql-pack.lock.yml +++ b/cpp/autosar/src/codeql-pack.lock.yml @@ -2,17 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.12.9 + version: 1.4.2 codeql/dataflow: - version: 0.2.3 + version: 1.1.1 + codeql/mad: + version: 1.0.7 codeql/rangeanalysis: - version: 0.0.11 + version: 1.0.7 codeql/ssa: - version: 0.2.12 + version: 1.0.7 codeql/tutorial: - version: 0.2.12 + version: 1.0.7 + codeql/typeflow: + version: 1.0.7 codeql/typetracking: - version: 0.2.12 + version: 1.0.7 codeql/util: - version: 0.2.12 + version: 1.0.7 + codeql/xml: + version: 1.0.7 compiled: false diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index cd37cef87e..e1843eb2e7 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -5,4 +5,4 @@ suites: codeql-suites license: MIT dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.12.9 + codeql/cpp-all: 1.4.2 diff --git a/cpp/autosar/test/codeql-pack.lock.yml b/cpp/autosar/test/codeql-pack.lock.yml index 2cbbccee53..910a6e060e 100644 --- a/cpp/autosar/test/codeql-pack.lock.yml +++ b/cpp/autosar/test/codeql-pack.lock.yml @@ -2,17 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.12.9 + version: 1.4.2 codeql/dataflow: - version: 0.2.3 + version: 1.1.1 + codeql/mad: + version: 1.0.7 codeql/rangeanalysis: - version: 0.0.11 + version: 1.0.7 codeql/ssa: - version: 0.2.12 + version: 1.0.7 codeql/tutorial: - version: 0.2.12 + version: 1.0.7 + codeql/typeflow: + version: 1.0.7 codeql/typetracking: - version: 0.2.12 + version: 1.0.7 codeql/util: - version: 0.2.12 + version: 1.0.7 + codeql/xml: + version: 1.0.7 compiled: false diff --git a/cpp/cert/src/codeql-pack.lock.yml b/cpp/cert/src/codeql-pack.lock.yml index 2cbbccee53..910a6e060e 100644 --- a/cpp/cert/src/codeql-pack.lock.yml +++ b/cpp/cert/src/codeql-pack.lock.yml @@ -2,17 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.12.9 + version: 1.4.2 codeql/dataflow: - version: 0.2.3 + version: 1.1.1 + codeql/mad: + version: 1.0.7 codeql/rangeanalysis: - version: 0.0.11 + version: 1.0.7 codeql/ssa: - version: 0.2.12 + version: 1.0.7 codeql/tutorial: - version: 0.2.12 + version: 1.0.7 + codeql/typeflow: + version: 1.0.7 codeql/typetracking: - version: 0.2.12 + version: 1.0.7 codeql/util: - version: 0.2.12 + version: 1.0.7 + codeql/xml: + version: 1.0.7 compiled: false diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index 464a5172fc..949087dfd5 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -4,5 +4,5 @@ description: CERT C++ 2016 suites: codeql-suites license: MIT dependencies: - codeql/cpp-all: 0.12.9 + codeql/cpp-all: 1.4.2 codeql/common-cpp-coding-standards: '*' diff --git a/cpp/cert/test/codeql-pack.lock.yml b/cpp/cert/test/codeql-pack.lock.yml index 2cbbccee53..910a6e060e 100644 --- a/cpp/cert/test/codeql-pack.lock.yml +++ b/cpp/cert/test/codeql-pack.lock.yml @@ -2,17 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.12.9 + version: 1.4.2 codeql/dataflow: - version: 0.2.3 + version: 1.1.1 + codeql/mad: + version: 1.0.7 codeql/rangeanalysis: - version: 0.0.11 + version: 1.0.7 codeql/ssa: - version: 0.2.12 + version: 1.0.7 codeql/tutorial: - version: 0.2.12 + version: 1.0.7 + codeql/typeflow: + version: 1.0.7 codeql/typetracking: - version: 0.2.12 + version: 1.0.7 codeql/util: - version: 0.2.12 + version: 1.0.7 + codeql/xml: + version: 1.0.7 compiled: false diff --git a/cpp/common/src/codeql-pack.lock.yml b/cpp/common/src/codeql-pack.lock.yml index 2cbbccee53..910a6e060e 100644 --- a/cpp/common/src/codeql-pack.lock.yml +++ b/cpp/common/src/codeql-pack.lock.yml @@ -2,17 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.12.9 + version: 1.4.2 codeql/dataflow: - version: 0.2.3 + version: 1.1.1 + codeql/mad: + version: 1.0.7 codeql/rangeanalysis: - version: 0.0.11 + version: 1.0.7 codeql/ssa: - version: 0.2.12 + version: 1.0.7 codeql/tutorial: - version: 0.2.12 + version: 1.0.7 + codeql/typeflow: + version: 1.0.7 codeql/typetracking: - version: 0.2.12 + version: 1.0.7 codeql/util: - version: 0.2.12 + version: 1.0.7 + codeql/xml: + version: 1.0.7 compiled: false diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index 3912f3531f..1cfc63d8d9 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -2,6 +2,6 @@ name: codeql/common-cpp-coding-standards version: 2.39.0-dev license: MIT dependencies: - codeql/cpp-all: 0.12.9 + codeql/cpp-all: 1.4.2 dataExtensions: - ext/*.model.yml diff --git a/cpp/common/test/codeql-pack.lock.yml b/cpp/common/test/codeql-pack.lock.yml index 2cbbccee53..910a6e060e 100644 --- a/cpp/common/test/codeql-pack.lock.yml +++ b/cpp/common/test/codeql-pack.lock.yml @@ -2,17 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.12.9 + version: 1.4.2 codeql/dataflow: - version: 0.2.3 + version: 1.1.1 + codeql/mad: + version: 1.0.7 codeql/rangeanalysis: - version: 0.0.11 + version: 1.0.7 codeql/ssa: - version: 0.2.12 + version: 1.0.7 codeql/tutorial: - version: 0.2.12 + version: 1.0.7 + codeql/typeflow: + version: 1.0.7 codeql/typetracking: - version: 0.2.12 + version: 1.0.7 codeql/util: - version: 0.2.12 + version: 1.0.7 + codeql/xml: + version: 1.0.7 compiled: false diff --git a/cpp/misra/src/codeql-pack.lock.yml b/cpp/misra/src/codeql-pack.lock.yml index 2cbbccee53..910a6e060e 100644 --- a/cpp/misra/src/codeql-pack.lock.yml +++ b/cpp/misra/src/codeql-pack.lock.yml @@ -2,17 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.12.9 + version: 1.4.2 codeql/dataflow: - version: 0.2.3 + version: 1.1.1 + codeql/mad: + version: 1.0.7 codeql/rangeanalysis: - version: 0.0.11 + version: 1.0.7 codeql/ssa: - version: 0.2.12 + version: 1.0.7 codeql/tutorial: - version: 0.2.12 + version: 1.0.7 + codeql/typeflow: + version: 1.0.7 codeql/typetracking: - version: 0.2.12 + version: 1.0.7 codeql/util: - version: 0.2.12 + version: 1.0.7 + codeql/xml: + version: 1.0.7 compiled: false diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index c27400fc8e..4f94ff4bec 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -5,4 +5,4 @@ default-suite: codeql-suites/misra-cpp-default.qls license: MIT dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.12.9 + codeql/cpp-all: 1.4.2 diff --git a/cpp/misra/test/codeql-pack.lock.yml b/cpp/misra/test/codeql-pack.lock.yml index 2cbbccee53..910a6e060e 100644 --- a/cpp/misra/test/codeql-pack.lock.yml +++ b/cpp/misra/test/codeql-pack.lock.yml @@ -2,17 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.12.9 + version: 1.4.2 codeql/dataflow: - version: 0.2.3 + version: 1.1.1 + codeql/mad: + version: 1.0.7 codeql/rangeanalysis: - version: 0.0.11 + version: 1.0.7 codeql/ssa: - version: 0.2.12 + version: 1.0.7 codeql/tutorial: - version: 0.2.12 + version: 1.0.7 + codeql/typeflow: + version: 1.0.7 codeql/typetracking: - version: 0.2.12 + version: 1.0.7 codeql/util: - version: 0.2.12 + version: 1.0.7 + codeql/xml: + version: 1.0.7 compiled: false diff --git a/cpp/report/src/codeql-pack.lock.yml b/cpp/report/src/codeql-pack.lock.yml index 2cbbccee53..910a6e060e 100644 --- a/cpp/report/src/codeql-pack.lock.yml +++ b/cpp/report/src/codeql-pack.lock.yml @@ -2,17 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.12.9 + version: 1.4.2 codeql/dataflow: - version: 0.2.3 + version: 1.1.1 + codeql/mad: + version: 1.0.7 codeql/rangeanalysis: - version: 0.0.11 + version: 1.0.7 codeql/ssa: - version: 0.2.12 + version: 1.0.7 codeql/tutorial: - version: 0.2.12 + version: 1.0.7 + codeql/typeflow: + version: 1.0.7 codeql/typetracking: - version: 0.2.12 + version: 1.0.7 codeql/util: - version: 0.2.12 + version: 1.0.7 + codeql/xml: + version: 1.0.7 compiled: false diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index 6477e52747..73f4cf3276 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/report-cpp-coding-standards version: 2.39.0-dev license: MIT dependencies: - codeql/cpp-all: 0.12.9 + codeql/cpp-all: 1.4.2 diff --git a/scripts/generate_modules/queries/codeql-pack.lock.yml b/scripts/generate_modules/queries/codeql-pack.lock.yml index 2cbbccee53..910a6e060e 100644 --- a/scripts/generate_modules/queries/codeql-pack.lock.yml +++ b/scripts/generate_modules/queries/codeql-pack.lock.yml @@ -2,17 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.12.9 + version: 1.4.2 codeql/dataflow: - version: 0.2.3 + version: 1.1.1 + codeql/mad: + version: 1.0.7 codeql/rangeanalysis: - version: 0.0.11 + version: 1.0.7 codeql/ssa: - version: 0.2.12 + version: 1.0.7 codeql/tutorial: - version: 0.2.12 + version: 1.0.7 + codeql/typeflow: + version: 1.0.7 codeql/typetracking: - version: 0.2.12 + version: 1.0.7 codeql/util: - version: 0.2.12 + version: 1.0.7 + codeql/xml: + version: 1.0.7 compiled: false diff --git a/scripts/generate_modules/queries/qlpack.yml b/scripts/generate_modules/queries/qlpack.yml index fea871b973..88a48269e7 100644 --- a/scripts/generate_modules/queries/qlpack.yml +++ b/scripts/generate_modules/queries/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/standard-library-extraction-cpp-coding-standards version: 0.0.0 license: MIT dependencies: - codeql/cpp-all: 0.12.9 + codeql/cpp-all: 1.4.2 diff --git a/supported_codeql_configs.json b/supported_codeql_configs.json index e8b2597100..b143f67fe9 100644 --- a/supported_codeql_configs.json +++ b/supported_codeql_configs.json @@ -1,9 +1,9 @@ { "supported_environment": [ { - "codeql_cli": "2.16.6", - "codeql_standard_library": "codeql-cli/v2.16.6", - "codeql_cli_bundle": "codeql-bundle-v2.16.6" + "codeql_cli": "2.18.4", + "codeql_standard_library": "codeql-cli/v2.18.4", + "codeql_cli_bundle": "codeql-bundle-v2.18.4" } ], "supported_language": [ From 585b864eccb3b836659b41941f1d87c8eaabe374 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 4 Dec 2024 23:02:33 +0000 Subject: [PATCH 2271/2573] ValidContainerElementAccess: Address new FPs We had some new false positives because in 2.18.4 string taint is tracked into the qualifier of a string operation, such as insert. This caused us to erroneously identify the container itself as a reference to an element of the container. This has been addressed by excluding uses of the owning container from pointer or reference access. --- cpp/common/src/codingstandards/cpp/Iterators.qll | 4 +++- .../ValidContainerElementAccess.expected | 2 -- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Iterators.qll b/cpp/common/src/codingstandards/cpp/Iterators.qll index 8add8598fc..76751aa87b 100644 --- a/cpp/common/src/codingstandards/cpp/Iterators.qll +++ b/cpp/common/src/codingstandards/cpp/Iterators.qll @@ -37,7 +37,9 @@ class ContainerPointerOrReferenceAccess extends ContainerAccess { ) and localTaint(DataFlow::exprNode(fc), DataFlow::exprNode(this)) and (getUnderlyingType() instanceof ReferenceType or getUnderlyingType() instanceof PointerType) and - fc.getQualifier().(VariableAccess).getTarget() = owningContainer + fc.getQualifier().(VariableAccess).getTarget() = owningContainer and + // Exclude cases where we see taint into the owning container + not this = owningContainer.getAnAccess() ) } diff --git a/cpp/common/test/rules/validcontainerelementaccess/ValidContainerElementAccess.expected b/cpp/common/test/rules/validcontainerelementaccess/ValidContainerElementAccess.expected index 1738cbe330..988846beef 100644 --- a/cpp/common/test/rules/validcontainerelementaccess/ValidContainerElementAccess.expected +++ b/cpp/common/test/rules/validcontainerelementaccess/ValidContainerElementAccess.expected @@ -7,6 +7,4 @@ | test.cpp:89:15:89:16 | it | Elements of $@ not accessed with valid reference, pointer, or iterator because of a prior $@. | test.cpp:86:20:86:20 | d | container | test.cpp:92:7:92:12 | call to insert | invalidation | | test.cpp:91:9:91:10 | it | Elements of $@ not accessed with valid reference, pointer, or iterator because of a prior $@. | test.cpp:86:20:86:20 | d | container | test.cpp:92:7:92:12 | call to insert | invalidation | | test.cpp:98:56:98:58 | loc | Elements of $@ not accessed with valid reference, pointer, or iterator because of a prior $@. | test.cpp:96:44:96:46 | str | container | test.cpp:99:9:99:14 | call to insert | invalidation | -| test.cpp:99:5:99:7 | str | Elements of $@ not accessed with valid reference, pointer, or iterator because of a prior $@. | test.cpp:96:44:96:46 | str | container | test.cpp:99:9:99:14 | call to insert | invalidation | | test.cpp:99:16:99:18 | loc | Elements of $@ not accessed with valid reference, pointer, or iterator because of a prior $@. | test.cpp:96:44:96:46 | str | container | test.cpp:99:9:99:14 | call to insert | invalidation | -| test.cpp:106:11:106:13 | str | Elements of $@ not accessed with valid reference, pointer, or iterator because of a prior $@. | test.cpp:103:45:103:47 | str | container | test.cpp:106:15:106:20 | call to insert | invalidation | From 365c090bc85532c53605b43b1f47aa8c7a765ed9 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 5 Dec 2024 10:18:40 +0000 Subject: [PATCH 2272/2573] Update expected results files after upgrade - Rule 1.5 has an extra data flow node that is harmless. - The other rules had changes to the .ql which affected the location of the deprecated data flow library warnings. --- .../UngetcCallOnStreamPositionZero.expected | 2 ++ ...rrayFunctionArgumentNumberOfElements.expected | 12 ++++++------ ...mpUsedToCompareNullTerminatedStrings.expected | 8 ++++---- ...penForReadAndWriteOnDifferentStreams.expected | 2 +- .../AttemptToWriteToAReadOnlyStream.expected | 12 ++++++------ ...BeComparedWithUnmodifiedReturnValues.expected | 16 ++++++++-------- 6 files changed, 27 insertions(+), 25 deletions(-) diff --git a/c/misra/test/rules/RULE-1-5/UngetcCallOnStreamPositionZero.expected b/c/misra/test/rules/RULE-1-5/UngetcCallOnStreamPositionZero.expected index ff25a58e3c..fb8d44ea19 100644 --- a/c/misra/test/rules/RULE-1-5/UngetcCallOnStreamPositionZero.expected +++ b/c/misra/test/rules/RULE-1-5/UngetcCallOnStreamPositionZero.expected @@ -1,7 +1,9 @@ edges +| test.c:39:16:39:20 | *call to fopen | test.c:39:16:39:20 | *call to fopen | provenance | | | test.c:39:16:39:20 | *call to fopen | test.c:41:15:41:18 | *file | provenance | | nodes | test.c:39:16:39:20 | *call to fopen | semmle.label | *call to fopen | +| test.c:39:16:39:20 | *call to fopen | semmle.label | *call to fopen | | test.c:41:15:41:18 | *file | semmle.label | *file | subpaths #select diff --git a/c/misra/test/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.expected b/c/misra/test/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.expected index cb4422f5f1..174c6aa40f 100644 --- a/c/misra/test/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.expected +++ b/c/misra/test/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.expected @@ -1,9 +1,9 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:47,36-44) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:48,22-30) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:50,20-28) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:55,25-33) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:71,28-36) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:71,51-59) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:48,36-44) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:49,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:51,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:56,25-33) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:72,28-36) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ArrayFunctionArgumentNumberOfElements.ql:72,51-59) | test.c:18:6:18:6 | 0 | The function argument does not have a sufficient number or elements declared in the $@. | test.c:1:13:1:14 | ar | parameter | | test.c:19:6:19:7 | ar | The function argument does not have a sufficient number or elements declared in the $@. | test.c:1:13:1:14 | ar | parameter | | test.c:21:6:21:9 | ar2p | The function argument does not have a sufficient number or elements declared in the $@. | test.c:1:13:1:14 | ar | parameter | diff --git a/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected b/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected index cf45b21eb4..5ae49919a9 100644 --- a/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected +++ b/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected @@ -1,7 +1,7 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (MemcmpUsedToCompareNullTerminatedStrings.ql:22,54-62) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (MemcmpUsedToCompareNullTerminatedStrings.ql:23,22-30) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (MemcmpUsedToCompareNullTerminatedStrings.ql:49,20-28) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (MemcmpUsedToCompareNullTerminatedStrings.ql:57,43-56) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (MemcmpUsedToCompareNullTerminatedStrings.ql:23,54-62) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (MemcmpUsedToCompareNullTerminatedStrings.ql:24,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (MemcmpUsedToCompareNullTerminatedStrings.ql:50,20-28) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (MemcmpUsedToCompareNullTerminatedStrings.ql:58,43-56) edges | test.c:12:13:12:15 | a | test.c:14:10:14:10 | a | provenance | | | test.c:12:13:12:15 | a | test.c:23:13:23:13 | a | provenance | | diff --git a/c/misra/test/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.expected b/c/misra/test/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.expected index 6360b21973..0365f4980d 100644 --- a/c/misra/test/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.expected +++ b/c/misra/test/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.expected @@ -1,4 +1,4 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (FileOpenForReadAndWriteOnDifferentStreams.ql:38,9-17) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (FileOpenForReadAndWriteOnDifferentStreams.ql:39,9-17) | test.c:6:14:6:18 | call to fopen | The same file was already opened $@. Files should not be read and written at the same time using different streams. | test.c:5:14:5:18 | call to fopen | here | | test.c:17:14:17:18 | call to fopen | The same file was already opened $@. Files should not be read and written at the same time using different streams. | test.c:16:14:16:18 | call to fopen | here | | test.c:33:14:33:18 | call to fopen | The same file was already opened $@. Files should not be read and written at the same time using different streams. | test.c:32:14:32:18 | call to fopen | here | diff --git a/c/misra/test/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.expected b/c/misra/test/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.expected index 88dca316a2..dbf08e3d3d 100644 --- a/c/misra/test/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.expected +++ b/c/misra/test/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.expected @@ -1,8 +1,8 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:18,32-40) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:19,22-30) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:24,20-28) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:30,21-29) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:32,6-14) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:35,28-36) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:19,32-40) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:20,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:25,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:31,21-29) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:33,6-14) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AttemptToWriteToAReadOnlyStream.ql:36,28-36) | test.c:10:3:10:9 | call to fprintf | Attempt to write to a $@ opened as read-only. | test.c:9:14:9:18 | call to fopen | stream | | test.c:15:3:15:9 | call to fprintf | Attempt to write to a $@ opened as read-only. | test.c:18:14:18:18 | call to fopen | stream | diff --git a/c/misra/test/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.expected b/c/misra/test/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.expected index a7ee20c0b0..83a10a46fb 100644 --- a/c/misra/test/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.expected +++ b/c/misra/test/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.expected @@ -1,10 +1,10 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:22,28-36) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:23,22-30) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:27,20-28) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:36,23-31) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:41,17-25) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:50,5-13) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:58,20-28) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:58,46-54) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:23,28-36) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:24,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:28,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:37,23-31) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:42,17-25) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:51,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:59,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:59,46-54) | test.c:6:7:6:20 | ... != ... | The check is not reliable as the type of the return value of $@ is converted. | test.c:5:14:5:20 | call to getchar | call to getchar | | test.c:13:7:13:15 | ... != ... | The check is not reliable as the type of the return value of $@ is converted. | test.c:12:14:12:20 | call to getchar | call to getchar | From 7595aa41a7e0bfff32776d5a679e5f9366b30528 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 5 Dec 2024 10:54:28 +0000 Subject: [PATCH 2273/2573] Add FALSE_NEGATIVE markers for #811 https://github.com/github/codeql-coding-standards/issues/811 --- cpp/autosar/test/rules/A12-8-6/test.cpp | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/cpp/autosar/test/rules/A12-8-6/test.cpp b/cpp/autosar/test/rules/A12-8-6/test.cpp index 6a31ca60ae..d197fc18fb 100644 --- a/cpp/autosar/test/rules/A12-8-6/test.cpp +++ b/cpp/autosar/test/rules/A12-8-6/test.cpp @@ -12,8 +12,8 @@ class DerivedClass1 // COMPLIANT - not a base class itself // Base class with compiler generated move/copy is not compliant, because they // are public by default -class BaseClass2 {}; // NON_COMPLIANT - compiler generated move and assignment - // are in contravention +class BaseClass2 {}; // NON_COMPLIANT[FALSE_NEGATIVE] - compiler generated move + // and assignment are in contravention class DerivedClass2 // COMPLIANT - not a base class itself : public BaseClass2 {}; @@ -87,7 +87,7 @@ template class BaseClass7 { BaseClass7 &operator=(BaseClass7 const &) = default; // NON_COMPLIANT BaseClass7 &operator=(BaseClass7 &&) = default; // NON_COMPLIANT int operator=(int i); // COMPLIANT - not an assignment operator -}; // COMPLIANT +}; template class DerivedClass7 // COMPLIANT - not a base class itself @@ -121,7 +121,7 @@ class DerivedClass9 // COMPLIANT - not a base class itself T t; }; -template class BaseClass9 { // NON_COMPLIANT +template class BaseClass9 { // NON_COMPLIANT[FALSE_NEGATIVE] public: BaseClass9() {} From d7be5cca7f47055a1de40a2e51b308680147c852 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 5 Dec 2024 10:55:05 +0000 Subject: [PATCH 2274/2573] Add change note for upgrade --- change_notes/2024-12-05-upgrade-to-2.18.4.md | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 change_notes/2024-12-05-upgrade-to-2.18.4.md diff --git a/change_notes/2024-12-05-upgrade-to-2.18.4.md b/change_notes/2024-12-05-upgrade-to-2.18.4.md new file mode 100644 index 0000000000..6f3d4ba404 --- /dev/null +++ b/change_notes/2024-12-05-upgrade-to-2.18.4.md @@ -0,0 +1,3 @@ +- Updated the CodeQL version to `2.18.4`. +- `A12-8-6` - `CopyAndMoveNotDeclaredProtected.ql`: + - Implicitly created copy and move constructors will no longer be flagged in tenplate instantiations when they are unused, or trivial (tracked at https://github.com/github/codeql-coding-standards/issues/811). \ No newline at end of file From 0aa1f5f6965b7835fdcabab09fa60f1b8eea7208 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 5 Dec 2024 22:45:24 +0000 Subject: [PATCH 2275/2573] Remove no longer needed false positive markers --- cpp/common/test/rules/validcontainerelementaccess/test.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cpp/common/test/rules/validcontainerelementaccess/test.cpp b/cpp/common/test/rules/validcontainerelementaccess/test.cpp index d9e2c2d89a..55c94cf8f1 100644 --- a/cpp/common/test/rules/validcontainerelementaccess/test.cpp +++ b/cpp/common/test/rules/validcontainerelementaccess/test.cpp @@ -96,14 +96,14 @@ void f8(const int *ar) { void f9(const std::string &s, std::string &str) { std::string::iterator loc = str.begin(); for (auto i = s.begin(), e = s.end(); i != e; ++i, ++loc) { // NON_COMPLIANT - str.insert(loc, 'c'); // NON_COMPLIANT[FALSE POSITIVE for str] + str.insert(loc, 'c'); // NON_COMPLIANT } } void f10(const std::string &s, std::string &str) { std::string::iterator loc = str.begin(); for (auto i = s.begin(), e = s.end(); i != e; ++i, ++loc) { // COMPLIANT - loc = str.insert(loc, 'c'); // COMPLIANT[FALSE POSITIVE] + loc = str.insert(loc, 'c'); // COMPLIANT } } From 27efc319d67e44524f3eeeae10b61b85f71671c0 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 6 Dec 2024 22:53:18 +0000 Subject: [PATCH 2276/2573] Remove unused Scope import --- cpp/cert/src/rules/DCL53-CPP/LocalFunctionDeclaration.ql | 1 - 1 file changed, 1 deletion(-) diff --git a/cpp/cert/src/rules/DCL53-CPP/LocalFunctionDeclaration.ql b/cpp/cert/src/rules/DCL53-CPP/LocalFunctionDeclaration.ql index 3f91530c84..368c0a05e4 100644 --- a/cpp/cert/src/rules/DCL53-CPP/LocalFunctionDeclaration.ql +++ b/cpp/cert/src/rules/DCL53-CPP/LocalFunctionDeclaration.ql @@ -13,7 +13,6 @@ import cpp import codingstandards.cpp.cert -import codingstandards.cpp.Scope class LocalUserFunctionDeclarationEntry extends FunctionDeclarationEntry { DeclStmt ds; From 0c92f2efa9b6305fae4e3e188c5eab2939f71886 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 6 Dec 2024 23:54:56 +0000 Subject: [PATCH 2277/2573] DCL53-CPP: Migrate to hidesStrict Any conflicting variable will be, by definition, in a different scope. --- .../LocalConstructorInitializedObjectHidesIdentifier.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/cert/src/rules/DCL53-CPP/LocalConstructorInitializedObjectHidesIdentifier.ql b/cpp/cert/src/rules/DCL53-CPP/LocalConstructorInitializedObjectHidesIdentifier.ql index 237ebbe985..f6fe18a3db 100644 --- a/cpp/cert/src/rules/DCL53-CPP/LocalConstructorInitializedObjectHidesIdentifier.ql +++ b/cpp/cert/src/rules/DCL53-CPP/LocalConstructorInitializedObjectHidesIdentifier.ql @@ -20,6 +20,6 @@ from UserVariable v, UserVariable hidden where not isExcluded(v, ScopePackage::localConstructorInitializedObjectHidesIdentifierQuery()) and v.getInitializer().getExpr() instanceof ConstructorCall and - hides(hidden, v) + hidesStrict(hidden, v) select v, "The declaration declares variable " + v.getName() + " that hides $@", hidden, hidden.getName() From 90d4127a7bc8c8f3a9a09541f39aebb50f25a98d Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sat, 7 Dec 2024 00:04:46 +0000 Subject: [PATCH 2278/2573] Scope: Remove hides(..) and related predicates There are no more consumers of hides(..). In addition, it doesn't make sense conceptually to look for variables in the same scope with the same name, as scopes will prohibit using the same name in the same scope. Reviewing real world cases where this occurs, they all seem to be extractor oddities (multiple copies of parameters for the same function etc.) which provides further evidence that this mode is not required. --- cpp/common/src/codingstandards/cpp/Scope.qll | 28 -------------------- 1 file changed, 28 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Scope.qll b/cpp/common/src/codingstandards/cpp/Scope.qll index d9a81b98e3..b05c5dc9c4 100644 --- a/cpp/common/src/codingstandards/cpp/Scope.qll +++ b/cpp/common/src/codingstandards/cpp/Scope.qll @@ -160,15 +160,6 @@ predicate inSameTranslationUnit(File f1, File f2) { ) } -/** - * Gets a user variable which occurs in the "potential scope" of variable `v`. - */ -cached -UserVariable getPotentialScopeOfVariable(UserVariable v) { - result = getPotentialScopeOfVariable_candidate(v) and - inSameTranslationUnit(v.getFile(), result.getFile()) -} - /** * Gets a user variable which occurs in the "outer scope" of variable `v`. */ @@ -203,15 +194,6 @@ class TranslationUnit extends SourceFile { } } -/** Holds if `v2` may hide `v1`. */ -private predicate hides_candidate(UserVariable v1, UserVariable v2) { - not v1 = v2 and - v2 = getPotentialScopeOfVariable(v1) and - v1.getName() = v2.getName() and - // Member variables cannot hide other variables nor be hidden because the can be referenced through their qualified name. - not (v1.isMember() or v2.isMember()) -} - /** Holds if `v2` may hide `v1`. */ private predicate hides_candidateStrict(UserVariable v1, UserVariable v2) { not v1 = v2 and @@ -256,16 +238,6 @@ private Stmt getEnclosingStmt(LocalScopeVariable v) { ) } -/** Holds if `v2` hides `v1`. */ -predicate hides(UserVariable v1, UserVariable v2) { - hides_candidate(v1, v2) and - // Confirm that there's no closer candidate variable which `v2` hides - not exists(UserVariable mid | - hides_candidate(v1, mid) and - hides_candidate(mid, v2) - ) -} - /** Holds if `v2` strictly (`v2` is in an inner scope compared to `v1`) hides `v1`. */ predicate hidesStrict(UserVariable v1, UserVariable v2) { hides_candidateStrict(v1, v2) and From 6b5021a923702d9b85bca2e923ff279b8e5fd69f Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 8 Dec 2024 17:23:28 +0000 Subject: [PATCH 2279/2573] Scope: Add getParentScope testing - Expose the internal getParentScope for testing. - Add test cases --- cpp/common/src/codingstandards/cpp/Scope.qll | 107 ++++++++++-------- .../cpp/scope/ParentScope.expected | 96 ++++++++++++++++ .../codingstandards/cpp/scope/ParentScope.ql | 5 + .../codingstandards/cpp/scope/test.cpp | 37 ++++++ 4 files changed, 195 insertions(+), 50 deletions(-) create mode 100644 cpp/common/test/library/codingstandards/cpp/scope/ParentScope.expected create mode 100644 cpp/common/test/library/codingstandards/cpp/scope/ParentScope.ql create mode 100644 cpp/common/test/library/codingstandards/cpp/scope/test.cpp diff --git a/cpp/common/src/codingstandards/cpp/Scope.qll b/cpp/common/src/codingstandards/cpp/Scope.qll index b05c5dc9c4..9af5c8e21c 100644 --- a/cpp/common/src/codingstandards/cpp/Scope.qll +++ b/cpp/common/src/codingstandards/cpp/Scope.qll @@ -5,54 +5,59 @@ import cpp /** - * Gets the parent scope of this `Element`, if any. - * A scope is a `Type` (`Class` / `Enum`), a `Namespace`, a `Block`, a `Function`, - * or certain kinds of `Statement`. - * Differs from `Element::getParentScope` when `e` is a `LoopControlVariable` + * Internal module, exposed for testing. */ -private Element getParentScope(Element e) { - /* - * A `Block` cannot have a `ForStmt` as its parent scope so we have to special case - * for loop bodies to ensure that identifiers inside the loop bodies have the for stmt as a parent scope. - * If this is not the case then `i2` in the following example cannot be in `i1`'s potential scope, because - * the parent scope of `i1` is the `ForStmt` while the transitive closure of the parent scope for `i2` doesn't include - * outer scope. Blocks can only have blocks as parent scopes. - * void f() { - * for( int i1; ... ) { - * for (int i2; ...) { - * } - * } - * } +module Internal { + /** + * Gets the parent scope of this `Element`, if any. + * A scope is a `Type` (`Class` / `Enum`), a `Namespace`, a `Block`, a `Function`, + * or certain kinds of `Statement`. + * Differs from `Element::getParentScope` when `e` is a `LoopControlVariable` */ - - exists(Loop loop | loop.getStmt() = e and result = loop) - or - exists(IfStmt ifStmt | - (ifStmt.getThen() = e or ifStmt.getElse() = e) and - result = ifStmt - ) - or - exists(SwitchStmt switchStmt | switchStmt.getStmt() = e and result = switchStmt) - or - not result.(Loop).getStmt() = e and - not result.(IfStmt).getThen() = e and - not result.(IfStmt).getElse() = e and - not result.(SwitchStmt).getStmt() = e and - if exists(e.getParentScope()) - then result = e.getParentScope() - else ( - // Statements do no have a parent scope, so return the enclosing block. - result = e.(Stmt).getEnclosingBlock() + Element getParentScope(Element e) { + /* + * A `Block` cannot have a `ForStmt` as its parent scope so we have to special case + * for loop bodies to ensure that identifiers inside the loop bodies have the for stmt as a parent scope. + * If this is not the case then `i2` in the following example cannot be in `i1`'s potential scope, because + * the parent scope of `i1` is the `ForStmt` while the transitive closure of the parent scope for `i2` doesn't include + * outer scope. Blocks can only have blocks as parent scopes. + * void f() { + * for( int i1; ... ) { + * for (int i2; ...) { + * } + * } + * } + */ + + exists(Loop loop | loop.getStmt() = e and result = loop) + or + exists(IfStmt ifStmt | + (ifStmt.getThen() = e or ifStmt.getElse() = e) and + result = ifStmt + ) or - result = e.(Expr).getEnclosingBlock() + exists(SwitchStmt switchStmt | switchStmt.getStmt() = e and result = switchStmt) or - // Catch block parameters don't have an enclosing scope, so attach them to the - // the block itself - exists(CatchBlock cb | - e = cb.getParameter() and - result = cb + not result.(Loop).getStmt() = e and + not result.(IfStmt).getThen() = e and + not result.(IfStmt).getElse() = e and + not result.(SwitchStmt).getStmt() = e and + if exists(e.getParentScope()) + then result = e.getParentScope() + else ( + // Statements do no have a parent scope, so return the enclosing block. + result = e.(Stmt).getEnclosingBlock() + or + result = e.(Expr).getEnclosingBlock() + or + // Catch block parameters don't have an enclosing scope, so attach them to the + // the block itself + exists(CatchBlock cb | + e = cb.getParameter() and + result = cb + ) ) - ) + } } /** A variable which is defined by the user, rather than being from a third party or compiler generated. */ @@ -68,19 +73,19 @@ class UserVariable extends Variable { /** An element which is the parent scope of at least one other element in the program. */ class Scope extends Element { - Scope() { this = getParentScope(_) } + Scope() { this = Internal::getParentScope(_) } - UserVariable getAVariable() { getParentScope(result) = this } + UserVariable getAVariable() { Internal::getParentScope(result) = this } int getNumberOfVariables() { result = count(getAVariable()) } Scope getAnAncestor() { result = this.getStrictParent+() } - Scope getStrictParent() { result = getParentScope(this) } + Scope getStrictParent() { result = Internal::getParentScope(this) } - Declaration getADeclaration() { getParentScope(result) = this } + Declaration getADeclaration() { Internal::getParentScope(result) = this } - Expr getAnExpr() { this = getParentScope(result) } + Expr getAnExpr() { this = Internal::getParentScope(result) } private predicate getLocationInfo( PreprocessorBranchDirective pbd, string file1, string file2, int startline1, int startline2 @@ -112,9 +117,11 @@ class Scope extends Element { predicate isGenerated() { this instanceof GeneratedBlockStmt } int getDepth() { - exists(Scope parent | parent = getParentScope(this) and result = 1 + parent.getDepth()) + exists(Scope parent | + parent = Internal::getParentScope(this) and result = 1 + parent.getDepth() + ) or - not exists(getParentScope(this)) and result = 0 + not exists(Internal::getParentScope(this)) and result = 0 } } diff --git a/cpp/common/test/library/codingstandards/cpp/scope/ParentScope.expected b/cpp/common/test/library/codingstandards/cpp/scope/ParentScope.expected new file mode 100644 index 0000000000..0d36cc980d --- /dev/null +++ b/cpp/common/test/library/codingstandards/cpp/scope/ParentScope.expected @@ -0,0 +1,96 @@ +| file://:0:0:0:0 | (unnamed parameter 0) | file://:0:0:0:0 | operator= | +| file://:0:0:0:0 | (unnamed parameter 0) | file://:0:0:0:0 | operator= | +| file://:0:0:0:0 | (unnamed parameter 0) | test.cpp:8:7:8:7 | operator= | +| file://:0:0:0:0 | (unnamed parameter 0) | test.cpp:8:7:8:7 | operator= | +| file://:0:0:0:0 | (unnamed parameter 0) | test.cpp:27:28:27:28 | (unnamed constructor) | +| file://:0:0:0:0 | (unnamed parameter 0) | test.cpp:27:28:27:28 | (unnamed constructor) | +| file://:0:0:0:0 | (unnamed parameter 0) | test.cpp:27:28:27:28 | operator= | +| file://:0:0:0:0 | __va_list_tag | file://:0:0:0:0 | (global namespace) | +| file://:0:0:0:0 | fp_offset | file://:0:0:0:0 | __va_list_tag | +| file://:0:0:0:0 | gp_offset | file://:0:0:0:0 | __va_list_tag | +| file://:0:0:0:0 | operator= | file://:0:0:0:0 | __va_list_tag | +| file://:0:0:0:0 | operator= | file://:0:0:0:0 | __va_list_tag | +| file://:0:0:0:0 | overflow_arg_area | file://:0:0:0:0 | __va_list_tag | +| file://:0:0:0:0 | reg_save_area | file://:0:0:0:0 | __va_list_tag | +| test.cpp:1:5:1:7 | id1 | file://:0:0:0:0 | (global namespace) | +| test.cpp:3:11:3:13 | ns1 | file://:0:0:0:0 | (global namespace) | +| test.cpp:4:5:4:7 | id1 | test.cpp:3:11:3:13 | ns1 | +| test.cpp:6:11:6:13 | ns1::ns2 | test.cpp:3:11:3:13 | ns1 | +| test.cpp:7:5:7:7 | id1 | test.cpp:6:11:6:13 | ns1::ns2 | +| test.cpp:8:7:8:7 | C1 | test.cpp:8:7:8:8 | C1 | +| test.cpp:8:7:8:7 | operator= | test.cpp:8:7:8:8 | C1 | +| test.cpp:8:7:8:7 | operator= | test.cpp:8:7:8:8 | C1 | +| test.cpp:8:7:8:8 | C1 | test.cpp:6:11:6:13 | ns1::ns2 | +| test.cpp:9:7:9:9 | id1 | test.cpp:8:7:8:8 | C1 | +| test.cpp:10:8:10:17 | test_scope | test.cpp:8:7:8:8 | C1 | +| test.cpp:10:23:10:25 | id1 | test.cpp:10:8:10:17 | test_scope | +| test.cpp:10:28:34:3 | { ... } | test.cpp:10:8:10:17 | test_scope | +| test.cpp:11:5:33:5 | for(...;...;...) ... | test.cpp:10:28:34:3 | { ... } | +| test.cpp:11:10:11:17 | declaration | test.cpp:10:28:34:3 | { ... } | +| test.cpp:11:14:11:16 | id1 | test.cpp:11:5:33:5 | for(...;...;...) ... | +| test.cpp:11:19:11:21 | id1 | test.cpp:10:28:34:3 | { ... } | +| test.cpp:11:19:11:25 | ... < ... | test.cpp:10:28:34:3 | { ... } | +| test.cpp:11:25:11:25 | 1 | test.cpp:10:28:34:3 | { ... } | +| test.cpp:11:28:11:30 | id1 | test.cpp:10:28:34:3 | { ... } | +| test.cpp:11:28:11:32 | ... ++ | test.cpp:10:28:34:3 | { ... } | +| test.cpp:11:35:33:5 | { ... } | test.cpp:10:28:34:3 | { ... } | +| test.cpp:11:35:33:5 | { ... } | test.cpp:11:5:33:5 | for(...;...;...) ... | +| test.cpp:12:7:32:7 | for(...;...;...) ... | test.cpp:11:35:33:5 | { ... } | +| test.cpp:12:12:12:19 | declaration | test.cpp:11:35:33:5 | { ... } | +| test.cpp:12:16:12:18 | id1 | test.cpp:12:7:32:7 | for(...;...;...) ... | +| test.cpp:12:21:12:23 | id1 | test.cpp:11:35:33:5 | { ... } | +| test.cpp:12:21:12:27 | ... < ... | test.cpp:11:35:33:5 | { ... } | +| test.cpp:12:27:12:27 | 1 | test.cpp:11:35:33:5 | { ... } | +| test.cpp:12:30:12:32 | id1 | test.cpp:11:35:33:5 | { ... } | +| test.cpp:12:30:12:34 | ... ++ | test.cpp:11:35:33:5 | { ... } | +| test.cpp:12:37:32:7 | { ... } | test.cpp:11:35:33:5 | { ... } | +| test.cpp:12:37:32:7 | { ... } | test.cpp:12:7:32:7 | for(...;...;...) ... | +| test.cpp:13:9:31:9 | { ... } | test.cpp:12:37:32:7 | { ... } | +| test.cpp:14:11:14:18 | declaration | test.cpp:13:9:31:9 | { ... } | +| test.cpp:14:15:14:17 | id1 | test.cpp:13:9:31:9 | { ... } | +| test.cpp:16:11:20:11 | if (...) ... | test.cpp:13:9:31:9 | { ... } | +| test.cpp:16:15:16:17 | id1 | test.cpp:13:9:31:9 | { ... } | +| test.cpp:16:15:16:22 | ... == ... | test.cpp:13:9:31:9 | { ... } | +| test.cpp:16:22:16:22 | 0 | test.cpp:13:9:31:9 | { ... } | +| test.cpp:16:25:18:11 | { ... } | test.cpp:13:9:31:9 | { ... } | +| test.cpp:16:25:18:11 | { ... } | test.cpp:16:11:20:11 | if (...) ... | +| test.cpp:17:13:17:20 | declaration | test.cpp:16:25:18:11 | { ... } | +| test.cpp:17:17:17:19 | id1 | test.cpp:16:25:18:11 | { ... } | +| test.cpp:18:18:20:11 | { ... } | test.cpp:13:9:31:9 | { ... } | +| test.cpp:18:18:20:11 | { ... } | test.cpp:16:11:20:11 | if (...) ... | +| test.cpp:19:13:19:20 | declaration | test.cpp:18:18:20:11 | { ... } | +| test.cpp:19:17:19:19 | id1 | test.cpp:18:18:20:11 | { ... } | +| test.cpp:21:11:25:11 | switch (...) ... | test.cpp:13:9:31:9 | { ... } | +| test.cpp:21:19:21:21 | id1 | test.cpp:13:9:31:9 | { ... } | +| test.cpp:21:24:25:11 | { ... } | test.cpp:13:9:31:9 | { ... } | +| test.cpp:21:24:25:11 | { ... } | test.cpp:21:11:25:11 | switch (...) ... | +| test.cpp:22:11:22:17 | case ...: | test.cpp:21:24:25:11 | { ... } | +| test.cpp:22:16:22:16 | 0 | test.cpp:21:24:25:11 | { ... } | +| test.cpp:23:13:23:20 | declaration | test.cpp:21:24:25:11 | { ... } | +| test.cpp:23:17:23:19 | id1 | test.cpp:21:24:25:11 | { ... } | +| test.cpp:24:13:24:18 | break; | test.cpp:21:24:25:11 | { ... } | +| test.cpp:25:11:25:11 | label ...: | test.cpp:13:9:31:9 | { ... } | +| test.cpp:26:11:28:11 | try { ... } | test.cpp:13:9:31:9 | { ... } | +| test.cpp:26:15:28:11 | { ... } | test.cpp:13:9:31:9 | { ... } | +| test.cpp:27:13:27:53 | declaration | test.cpp:26:15:28:11 | { ... } | +| test.cpp:27:18:27:24 | lambda1 | test.cpp:26:15:28:11 | { ... } | +| test.cpp:27:27:27:52 | [...](...){...} | test.cpp:26:15:28:11 | { ... } | +| test.cpp:27:27:27:52 | {...} | test.cpp:26:15:28:11 | { ... } | +| test.cpp:27:28:27:28 | (unnamed constructor) | file://:0:0:0:0 | decltype([...](...){...}) | +| test.cpp:27:28:27:28 | (unnamed constructor) | file://:0:0:0:0 | decltype([...](...){...}) | +| test.cpp:27:28:27:28 | (unnamed constructor) | file://:0:0:0:0 | decltype([...](...){...}) | +| test.cpp:27:28:27:28 | operator= | file://:0:0:0:0 | decltype([...](...){...}) | +| test.cpp:27:29:27:29 | id1 | file://:0:0:0:0 | decltype([...](...){...}) | +| test.cpp:27:29:27:31 | id1 | test.cpp:26:15:28:11 | { ... } | +| test.cpp:27:33:27:33 | operator() | file://:0:0:0:0 | decltype([...](...){...}) | +| test.cpp:27:36:27:52 | { ... } | test.cpp:27:33:27:33 | operator() | +| test.cpp:27:38:27:50 | declaration | test.cpp:27:36:27:52 | { ... } | +| test.cpp:27:42:27:44 | id1 | test.cpp:27:36:27:52 | { ... } | +| test.cpp:27:47:27:49 | 10 | test.cpp:27:36:27:52 | { ... } | +| test.cpp:27:52:27:52 | return ... | test.cpp:27:36:27:52 | { ... } | +| test.cpp:28:24:28:26 | id1 | test.cpp:28:29:30:11 | { ... } | +| test.cpp:28:29:30:11 | | test.cpp:13:9:31:9 | { ... } | +| test.cpp:28:29:30:11 | { ... } | test.cpp:13:9:31:9 | { ... } | +| test.cpp:29:13:29:20 | declaration | test.cpp:28:29:30:11 | { ... } | +| test.cpp:29:17:29:19 | id1 | test.cpp:28:29:30:11 | { ... } | +| test.cpp:34:3:34:3 | return ... | test.cpp:10:28:34:3 | { ... } | diff --git a/cpp/common/test/library/codingstandards/cpp/scope/ParentScope.ql b/cpp/common/test/library/codingstandards/cpp/scope/ParentScope.ql new file mode 100644 index 0000000000..47d27fb0f0 --- /dev/null +++ b/cpp/common/test/library/codingstandards/cpp/scope/ParentScope.ql @@ -0,0 +1,5 @@ +import codingstandards.cpp.Scope + +from Element e, Element parent +where Internal::getParentScope(e) = parent +select e, parent diff --git a/cpp/common/test/library/codingstandards/cpp/scope/test.cpp b/cpp/common/test/library/codingstandards/cpp/scope/test.cpp new file mode 100644 index 0000000000..a0b617916d --- /dev/null +++ b/cpp/common/test/library/codingstandards/cpp/scope/test.cpp @@ -0,0 +1,37 @@ +int id1; + +namespace ns1 { +int id1; // COMPLIANT + +namespace ns2 { +int id1; // COMPLIANT +class C1 { + int id1; + void test_scope(int id1) { + for (int id1; id1 < 1; id1++) { + for (int id1; id1 < 1; id1++) { + { + int id1; + + if (id1 == 0) { + int id1; + } else { + int id1; + } + switch (id1) { + case 0: + int id1; + break; + } + try { + auto lambda1 = [id1]() { int id1 = 10; }; + } catch (int id1) { + int id1; + } + } + } + } + } +}; +} // namespace ns2 +} // namespace ns1 From b8b41312c24fa6d9ce511a5d0543ddef08c7f6ee Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 8 Dec 2024 17:26:09 +0000 Subject: [PATCH 2280/2573] Scope: Address logic flaw creating multiple parents We adjust the parent scope explicitly for loops, if statements and switch statements, but, due to a logic bug, we previously retained the existing results provided by Element.getParentScope(). --- cpp/common/src/codingstandards/cpp/Scope.qll | 7 +++---- .../library/codingstandards/cpp/scope/ParentScope.expected | 5 ----- 2 files changed, 3 insertions(+), 9 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Scope.qll b/cpp/common/src/codingstandards/cpp/Scope.qll index 9af5c8e21c..ce8c5be113 100644 --- a/cpp/common/src/codingstandards/cpp/Scope.qll +++ b/cpp/common/src/codingstandards/cpp/Scope.qll @@ -38,10 +38,9 @@ module Internal { or exists(SwitchStmt switchStmt | switchStmt.getStmt() = e and result = switchStmt) or - not result.(Loop).getStmt() = e and - not result.(IfStmt).getThen() = e and - not result.(IfStmt).getElse() = e and - not result.(SwitchStmt).getStmt() = e and + not exists(Loop loop | loop.getStmt() = e) and + not exists(IfStmt ifStmt | ifStmt.getThen() = e or ifStmt.getElse() = e) and + not exists(SwitchStmt switchStmt | switchStmt.getStmt() = e) and if exists(e.getParentScope()) then result = e.getParentScope() else ( diff --git a/cpp/common/test/library/codingstandards/cpp/scope/ParentScope.expected b/cpp/common/test/library/codingstandards/cpp/scope/ParentScope.expected index 0d36cc980d..6335394970 100644 --- a/cpp/common/test/library/codingstandards/cpp/scope/ParentScope.expected +++ b/cpp/common/test/library/codingstandards/cpp/scope/ParentScope.expected @@ -33,7 +33,6 @@ | test.cpp:11:25:11:25 | 1 | test.cpp:10:28:34:3 | { ... } | | test.cpp:11:28:11:30 | id1 | test.cpp:10:28:34:3 | { ... } | | test.cpp:11:28:11:32 | ... ++ | test.cpp:10:28:34:3 | { ... } | -| test.cpp:11:35:33:5 | { ... } | test.cpp:10:28:34:3 | { ... } | | test.cpp:11:35:33:5 | { ... } | test.cpp:11:5:33:5 | for(...;...;...) ... | | test.cpp:12:7:32:7 | for(...;...;...) ... | test.cpp:11:35:33:5 | { ... } | | test.cpp:12:12:12:19 | declaration | test.cpp:11:35:33:5 | { ... } | @@ -43,7 +42,6 @@ | test.cpp:12:27:12:27 | 1 | test.cpp:11:35:33:5 | { ... } | | test.cpp:12:30:12:32 | id1 | test.cpp:11:35:33:5 | { ... } | | test.cpp:12:30:12:34 | ... ++ | test.cpp:11:35:33:5 | { ... } | -| test.cpp:12:37:32:7 | { ... } | test.cpp:11:35:33:5 | { ... } | | test.cpp:12:37:32:7 | { ... } | test.cpp:12:7:32:7 | for(...;...;...) ... | | test.cpp:13:9:31:9 | { ... } | test.cpp:12:37:32:7 | { ... } | | test.cpp:14:11:14:18 | declaration | test.cpp:13:9:31:9 | { ... } | @@ -52,17 +50,14 @@ | test.cpp:16:15:16:17 | id1 | test.cpp:13:9:31:9 | { ... } | | test.cpp:16:15:16:22 | ... == ... | test.cpp:13:9:31:9 | { ... } | | test.cpp:16:22:16:22 | 0 | test.cpp:13:9:31:9 | { ... } | -| test.cpp:16:25:18:11 | { ... } | test.cpp:13:9:31:9 | { ... } | | test.cpp:16:25:18:11 | { ... } | test.cpp:16:11:20:11 | if (...) ... | | test.cpp:17:13:17:20 | declaration | test.cpp:16:25:18:11 | { ... } | | test.cpp:17:17:17:19 | id1 | test.cpp:16:25:18:11 | { ... } | -| test.cpp:18:18:20:11 | { ... } | test.cpp:13:9:31:9 | { ... } | | test.cpp:18:18:20:11 | { ... } | test.cpp:16:11:20:11 | if (...) ... | | test.cpp:19:13:19:20 | declaration | test.cpp:18:18:20:11 | { ... } | | test.cpp:19:17:19:19 | id1 | test.cpp:18:18:20:11 | { ... } | | test.cpp:21:11:25:11 | switch (...) ... | test.cpp:13:9:31:9 | { ... } | | test.cpp:21:19:21:21 | id1 | test.cpp:13:9:31:9 | { ... } | -| test.cpp:21:24:25:11 | { ... } | test.cpp:13:9:31:9 | { ... } | | test.cpp:21:24:25:11 | { ... } | test.cpp:21:11:25:11 | switch (...) ... | | test.cpp:22:11:22:17 | case ...: | test.cpp:21:24:25:11 | { ... } | | test.cpp:22:16:22:16 | 0 | test.cpp:21:24:25:11 | { ... } | From 1f8e2baedb543b5a4318fc87d63b797865902f18 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 8 Dec 2024 17:31:41 +0000 Subject: [PATCH 2281/2573] Scope: Ensure loop entries have correct parent scope All direct children of a for loop should have the for loop itself as the scope. --- cpp/common/src/codingstandards/cpp/Scope.qll | 4 ++-- .../codingstandards/cpp/scope/ParentScope.expected | 12 ++++++------ 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Scope.qll b/cpp/common/src/codingstandards/cpp/Scope.qll index ce8c5be113..ad99ab8bd4 100644 --- a/cpp/common/src/codingstandards/cpp/Scope.qll +++ b/cpp/common/src/codingstandards/cpp/Scope.qll @@ -29,7 +29,7 @@ module Internal { * } */ - exists(Loop loop | loop.getStmt() = e and result = loop) + exists(Loop loop | loop.getAChild() = e and result = loop) or exists(IfStmt ifStmt | (ifStmt.getThen() = e or ifStmt.getElse() = e) and @@ -38,7 +38,7 @@ module Internal { or exists(SwitchStmt switchStmt | switchStmt.getStmt() = e and result = switchStmt) or - not exists(Loop loop | loop.getStmt() = e) and + not exists(Loop loop | loop.getAChild() = e) and not exists(IfStmt ifStmt | ifStmt.getThen() = e or ifStmt.getElse() = e) and not exists(SwitchStmt switchStmt | switchStmt.getStmt() = e) and if exists(e.getParentScope()) diff --git a/cpp/common/test/library/codingstandards/cpp/scope/ParentScope.expected b/cpp/common/test/library/codingstandards/cpp/scope/ParentScope.expected index 6335394970..34a48c8065 100644 --- a/cpp/common/test/library/codingstandards/cpp/scope/ParentScope.expected +++ b/cpp/common/test/library/codingstandards/cpp/scope/ParentScope.expected @@ -26,22 +26,22 @@ | test.cpp:10:23:10:25 | id1 | test.cpp:10:8:10:17 | test_scope | | test.cpp:10:28:34:3 | { ... } | test.cpp:10:8:10:17 | test_scope | | test.cpp:11:5:33:5 | for(...;...;...) ... | test.cpp:10:28:34:3 | { ... } | -| test.cpp:11:10:11:17 | declaration | test.cpp:10:28:34:3 | { ... } | +| test.cpp:11:10:11:17 | declaration | test.cpp:11:5:33:5 | for(...;...;...) ... | | test.cpp:11:14:11:16 | id1 | test.cpp:11:5:33:5 | for(...;...;...) ... | | test.cpp:11:19:11:21 | id1 | test.cpp:10:28:34:3 | { ... } | -| test.cpp:11:19:11:25 | ... < ... | test.cpp:10:28:34:3 | { ... } | +| test.cpp:11:19:11:25 | ... < ... | test.cpp:11:5:33:5 | for(...;...;...) ... | | test.cpp:11:25:11:25 | 1 | test.cpp:10:28:34:3 | { ... } | | test.cpp:11:28:11:30 | id1 | test.cpp:10:28:34:3 | { ... } | -| test.cpp:11:28:11:32 | ... ++ | test.cpp:10:28:34:3 | { ... } | +| test.cpp:11:28:11:32 | ... ++ | test.cpp:11:5:33:5 | for(...;...;...) ... | | test.cpp:11:35:33:5 | { ... } | test.cpp:11:5:33:5 | for(...;...;...) ... | | test.cpp:12:7:32:7 | for(...;...;...) ... | test.cpp:11:35:33:5 | { ... } | -| test.cpp:12:12:12:19 | declaration | test.cpp:11:35:33:5 | { ... } | +| test.cpp:12:12:12:19 | declaration | test.cpp:12:7:32:7 | for(...;...;...) ... | | test.cpp:12:16:12:18 | id1 | test.cpp:12:7:32:7 | for(...;...;...) ... | | test.cpp:12:21:12:23 | id1 | test.cpp:11:35:33:5 | { ... } | -| test.cpp:12:21:12:27 | ... < ... | test.cpp:11:35:33:5 | { ... } | +| test.cpp:12:21:12:27 | ... < ... | test.cpp:12:7:32:7 | for(...;...;...) ... | | test.cpp:12:27:12:27 | 1 | test.cpp:11:35:33:5 | { ... } | | test.cpp:12:30:12:32 | id1 | test.cpp:11:35:33:5 | { ... } | -| test.cpp:12:30:12:34 | ... ++ | test.cpp:11:35:33:5 | { ... } | +| test.cpp:12:30:12:34 | ... ++ | test.cpp:12:7:32:7 | for(...;...;...) ... | | test.cpp:12:37:32:7 | { ... } | test.cpp:12:7:32:7 | for(...;...;...) ... | | test.cpp:13:9:31:9 | { ... } | test.cpp:12:37:32:7 | { ... } | | test.cpp:14:11:14:18 | declaration | test.cpp:13:9:31:9 | { ... } | From 63a60b1855f00c96a63e16242055ab2f660782f8 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 8 Dec 2024 18:19:26 +0000 Subject: [PATCH 2282/2573] Scope: Address performance issues with excludedViaNestedNamespace Add pragma_inline to ensure we consider this as a post-filtering step. --- cpp/common/src/codingstandards/cpp/Scope.qll | 2 ++ 1 file changed, 2 insertions(+) diff --git a/cpp/common/src/codingstandards/cpp/Scope.qll b/cpp/common/src/codingstandards/cpp/Scope.qll index ad99ab8bd4..3e1bb6c803 100644 --- a/cpp/common/src/codingstandards/cpp/Scope.qll +++ b/cpp/common/src/codingstandards/cpp/Scope.qll @@ -269,6 +269,8 @@ predicate hasBlockScope(Declaration decl) { exists(BlockStmt b | b.getADeclarati /** * identifiers in nested (named/nonglobal) namespaces are exceptions to hiding due to being able access via fully qualified ids */ +bindingset[outerDecl, innerDecl] +pragma[inline_late] predicate excludedViaNestedNamespaces(UserVariable outerDecl, UserVariable innerDecl) { exists(Namespace inner, Namespace outer | outer.getAChildNamespace+() = inner and From 1bd839c34c39e3546484d666ebe8b15d0e9e0451 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sat, 7 Dec 2024 00:43:37 +0000 Subject: [PATCH 2283/2573] Scope: Improve performance of hidesStrict Improves performance by: - Capturing for each scope the list of names defined by nested scopes - Use that to determine hidden identifiers for a scope. - Separately determine the hiding identifiers for a scope. This addresses performance issues in the now deleted predicate getOuterScopesOfVariable_candidate(). --- cpp/common/src/codingstandards/cpp/Scope.qll | 119 +++++++++++++------ 1 file changed, 82 insertions(+), 37 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Scope.qll b/cpp/common/src/codingstandards/cpp/Scope.qll index 3e1bb6c803..8e618cb21e 100644 --- a/cpp/common/src/codingstandards/cpp/Scope.qll +++ b/cpp/common/src/codingstandards/cpp/Scope.qll @@ -122,39 +122,77 @@ class Scope extends Element { or not exists(Internal::getParentScope(this)) and result = 0 } -} -class GeneratedBlockStmt extends BlockStmt { - GeneratedBlockStmt() { this.getLocation() instanceof UnknownLocation } -} + /** + * Holds if `name` is declared in this scope, or in a nested scope. + */ + private predicate isNameDeclaredInThisOrNestedScope(string name) { + name = getAVariable().getName() + or + isNameDeclaredInNestedScope(name) + } + + /** + * Holds if `name` is declared in a nested scope. + */ + private predicate isNameDeclaredInNestedScope(string name) { + exists(Scope child | + child.getStrictParent() = this and + child.isNameDeclaredInThisOrNestedScope(name) + ) + } + + /** + * Holds if `name` is declared in this scope and is hidden in a child scope. + */ + private predicate isDeclaredNameHiddenByChild(string name) { + isNameDeclaredInNestedScope(name) and + name = getAVariable().getName() + } + + /** + * Gets a variable with `name` which is hidden in at least one nested scope. + */ + UserVariable getAHiddenVariable(string name) { + result = getAVariable() and + result.getName() = name and + isDeclaredNameHiddenByChild(name) + } -/** Gets a variable that is in the potential scope of variable `v`. */ -private UserVariable getPotentialScopeOfVariable_candidate(UserVariable v) { - exists(Scope s | - result = s.getAVariable() and + /** + * Holds if `name` is declared above this scope and hidden by this or a nested scope. + */ + private predicate isNameDeclaredAboveHiddenByThisOrNested(string name) { ( - // Variable in an ancestor scope, but only if there are less than 100 variables in this scope - v = s.getAnAncestor().getAVariable() and - s.getNumberOfVariables() < 100 + this.getStrictParent().isDeclaredNameHiddenByChild(name) or + this.getStrictParent().isNameDeclaredAboveHiddenByThisOrNested(name) + ) and + isNameDeclaredInThisOrNestedScope(name) + } + + /** + * Gets a variable with `name` which is declared above and hidden by a variable in this or a nested scope. + */ + UserVariable getAHidingVariable(string name) { + isNameDeclaredAboveHiddenByThisOrNested(name) and + ( + // Declared in this scope + getAVariable().getName() = name and + result = getAVariable() and + result.getName() = name or - // In the same scope, but not the same variable, and choose just one to report - v = s.getAVariable() and - not result = v and - v.getName() <= result.getName() + // Declared in a child scope + exists(Scope child | + child.getStrictParent() = this and + child.isNameDeclaredInThisOrNestedScope(name) and + result = child.getAHidingVariable(name) + ) ) - ) + } } -/** Gets a variable that is in the potential scope of variable `v`. */ -private UserVariable getOuterScopesOfVariable_candidate(UserVariable v) { - exists(Scope s | - result = s.getAVariable() and - ( - // Variable in an ancestor scope, but only if there are less than 100 variables in this scope - v = s.getAnAncestor().getAVariable() and - s.getNumberOfVariables() < 100 - ) - ) +class GeneratedBlockStmt extends BlockStmt { + GeneratedBlockStmt() { this.getLocation() instanceof UnknownLocation } } /** Holds if there exists a translation unit that includes both `f1` and `f2`. */ @@ -167,12 +205,17 @@ predicate inSameTranslationUnit(File f1, File f2) { } /** - * Gets a user variable which occurs in the "outer scope" of variable `v`. + * Holds if there exists a translation unit that includes both `f1` and `f2`. + * + * This version is late bound. */ -cached -UserVariable getPotentialScopeOfVariableStrict(UserVariable v) { - result = getOuterScopesOfVariable_candidate(v) and - inSameTranslationUnit(v.getFile(), result.getFile()) +bindingset[f1, f2] +pragma[inline_late] +predicate inSameTranslationUnitLate(File f1, File f2) { + exists(TranslationUnit c | + c.getAUserFile() = f1 and + c.getAUserFile() = f2 + ) } /** A file that is a C/C++ source file */ @@ -200,12 +243,14 @@ class TranslationUnit extends SourceFile { } } -/** Holds if `v2` may hide `v1`. */ -private predicate hides_candidateStrict(UserVariable v1, UserVariable v2) { - not v1 = v2 and - v2 = getPotentialScopeOfVariableStrict(v1) and - v1.getName() = v2.getName() and - // Member variables cannot hide other variables nor be hidden because the can be referenced through their qualified name. +/** Holds if `v2` strictly (`v2` is in an inner scope compared to `v1`) hides `v1`. */ +predicate hides_candidateStrict(UserVariable v1, UserVariable v2) { + exists(Scope s, string name | + v1 = s.getStrictParent().getAHiddenVariable(name) and + v2 = s.getAHidingVariable(name) and + not v1 = v2 + ) and + inSameTranslationUnitLate(v1.getFile(), v2.getFile()) and not (v1.isMember() or v2.isMember()) and ( // If v1 is a local variable, ensure that v1 is declared before v2 From f25507e821aeae14df6e2b676599b57768016387 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 8 Dec 2024 19:20:03 +0000 Subject: [PATCH 2284/2573] Scope: Add a child scope accessor --- cpp/common/src/codingstandards/cpp/Scope.qll | 2 ++ 1 file changed, 2 insertions(+) diff --git a/cpp/common/src/codingstandards/cpp/Scope.qll b/cpp/common/src/codingstandards/cpp/Scope.qll index 8e618cb21e..1c9a621b39 100644 --- a/cpp/common/src/codingstandards/cpp/Scope.qll +++ b/cpp/common/src/codingstandards/cpp/Scope.qll @@ -80,6 +80,8 @@ class Scope extends Element { Scope getAnAncestor() { result = this.getStrictParent+() } + Scope getAChildScope() { result.getStrictParent() = this } + Scope getStrictParent() { result = Internal::getParentScope(this) } Declaration getADeclaration() { Internal::getParentScope(result) = this } From b5ff407e07197d229664b462503916f1da268104 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 8 Dec 2024 19:20:40 +0000 Subject: [PATCH 2285/2573] Scope: Adopt use of getAChildScope() --- cpp/common/src/codingstandards/cpp/Scope.qll | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Scope.qll b/cpp/common/src/codingstandards/cpp/Scope.qll index 1c9a621b39..d0f5995537 100644 --- a/cpp/common/src/codingstandards/cpp/Scope.qll +++ b/cpp/common/src/codingstandards/cpp/Scope.qll @@ -138,10 +138,7 @@ class Scope extends Element { * Holds if `name` is declared in a nested scope. */ private predicate isNameDeclaredInNestedScope(string name) { - exists(Scope child | - child.getStrictParent() = this and - child.isNameDeclaredInThisOrNestedScope(name) - ) + this.getAChildScope().isNameDeclaredInThisOrNestedScope(name) } /** @@ -173,7 +170,8 @@ class Scope extends Element { } /** - * Gets a variable with `name` which is declared above and hidden by a variable in this or a nested scope. + * Gets a variable with `name` which is declared in a scope above this one, and hidden by a variable in this or a + * nested scope. */ UserVariable getAHidingVariable(string name) { isNameDeclaredAboveHiddenByThisOrNested(name) and @@ -185,7 +183,7 @@ class Scope extends Element { or // Declared in a child scope exists(Scope child | - child.getStrictParent() = this and + getAChildScope() = child and child.isNameDeclaredInThisOrNestedScope(name) and result = child.getAHidingVariable(name) ) @@ -248,8 +246,8 @@ class TranslationUnit extends SourceFile { /** Holds if `v2` strictly (`v2` is in an inner scope compared to `v1`) hides `v1`. */ predicate hides_candidateStrict(UserVariable v1, UserVariable v2) { exists(Scope s, string name | - v1 = s.getStrictParent().getAHiddenVariable(name) and - v2 = s.getAHidingVariable(name) and + v1 = s.getAHiddenVariable(name) and + v2 = s.getAChildScope().getAHidingVariable(name) and not v1 = v2 ) and inSameTranslationUnitLate(v1.getFile(), v2.getFile()) and From dbd3fe6eeb10a1db03b2599765632a80539557e7 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 8 Dec 2024 22:27:35 +0000 Subject: [PATCH 2286/2573] Scope: Fix the parent scope of catch blocks We now tie the Handler into the TryStmt, and catch-block parameters into the Handler for a consistent AST hierarchy. --- cpp/common/src/codingstandards/cpp/Scope.qll | 18 ++++++++++-------- .../cpp/scope/ParentScope.expected | 4 ++-- 2 files changed, 12 insertions(+), 10 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Scope.qll b/cpp/common/src/codingstandards/cpp/Scope.qll index d0f5995537..1027e251f2 100644 --- a/cpp/common/src/codingstandards/cpp/Scope.qll +++ b/cpp/common/src/codingstandards/cpp/Scope.qll @@ -38,23 +38,25 @@ module Internal { or exists(SwitchStmt switchStmt | switchStmt.getStmt() = e and result = switchStmt) or + // A catch-block parameter, whose parent is the `Handler` + exists(CatchBlock c | c.getParameter() = e and result = c.getParent()) + or + // A catch-block `Handler`, whose parent is the `TryStmt` + e.(Handler).getParent() = result + or not exists(Loop loop | loop.getAChild() = e) and not exists(IfStmt ifStmt | ifStmt.getThen() = e or ifStmt.getElse() = e) and not exists(SwitchStmt switchStmt | switchStmt.getStmt() = e) and + not exists(CatchBlock c | c.getParameter() = e) and + not e instanceof Handler and if exists(e.getParentScope()) then result = e.getParentScope() else ( - // Statements do no have a parent scope, so return the enclosing block. + // Statements do not have a parent scope, so return the enclosing block. result = e.(Stmt).getEnclosingBlock() or + // Expressions do not have a parent scope, so return the enclosing block. result = e.(Expr).getEnclosingBlock() - or - // Catch block parameters don't have an enclosing scope, so attach them to the - // the block itself - exists(CatchBlock cb | - e = cb.getParameter() and - result = cb - ) ) } } diff --git a/cpp/common/test/library/codingstandards/cpp/scope/ParentScope.expected b/cpp/common/test/library/codingstandards/cpp/scope/ParentScope.expected index 34a48c8065..e2152773af 100644 --- a/cpp/common/test/library/codingstandards/cpp/scope/ParentScope.expected +++ b/cpp/common/test/library/codingstandards/cpp/scope/ParentScope.expected @@ -83,8 +83,8 @@ | test.cpp:27:42:27:44 | id1 | test.cpp:27:36:27:52 | { ... } | | test.cpp:27:47:27:49 | 10 | test.cpp:27:36:27:52 | { ... } | | test.cpp:27:52:27:52 | return ... | test.cpp:27:36:27:52 | { ... } | -| test.cpp:28:24:28:26 | id1 | test.cpp:28:29:30:11 | { ... } | -| test.cpp:28:29:30:11 | | test.cpp:13:9:31:9 | { ... } | +| test.cpp:28:24:28:26 | id1 | test.cpp:28:29:30:11 | | +| test.cpp:28:29:30:11 | | test.cpp:26:11:28:11 | try { ... } | | test.cpp:28:29:30:11 | { ... } | test.cpp:13:9:31:9 | { ... } | | test.cpp:29:13:29:20 | declaration | test.cpp:28:29:30:11 | { ... } | | test.cpp:29:17:29:19 | id1 | test.cpp:28:29:30:11 | { ... } | From 61521e0144707fe65c611988f2412d86af94e07c Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 8 Dec 2024 23:20:37 +0000 Subject: [PATCH 2287/2573] Scope: Simplify mechanism for identifying declaration order --- cpp/common/src/codingstandards/cpp/Scope.qll | 50 +++++++------------- 1 file changed, 16 insertions(+), 34 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Scope.qll b/cpp/common/src/codingstandards/cpp/Scope.qll index 1027e251f2..c716896356 100644 --- a/cpp/common/src/codingstandards/cpp/Scope.qll +++ b/cpp/common/src/codingstandards/cpp/Scope.qll @@ -247,48 +247,30 @@ class TranslationUnit extends SourceFile { /** Holds if `v2` strictly (`v2` is in an inner scope compared to `v1`) hides `v1`. */ predicate hides_candidateStrict(UserVariable v1, UserVariable v2) { - exists(Scope s, string name | - v1 = s.getAHiddenVariable(name) and - v2 = s.getAChildScope().getAHidingVariable(name) and + exists(Scope parentScope, Scope childScope, string name | + v1 = parentScope.getAHiddenVariable(name) and + childScope = parentScope.getAChildScope() and + v2 = childScope.getAHidingVariable(name) and not v1 = v2 - ) and - inSameTranslationUnitLate(v1.getFile(), v2.getFile()) and - not (v1.isMember() or v2.isMember()) and - ( - // If v1 is a local variable, ensure that v1 is declared before v2 + | + // If v1 is a local variable defined in a `DeclStmt` ensure that it is declared before `v2`, + // otherwise it would not be hidden ( - v1 instanceof LocalVariable and - // Ignore variables declared in conditional expressions, as they apply to - // the nested scope - not v1 = any(ConditionDeclExpr cde).getVariable() and - // Ignore variables declared in loops - not exists(Loop l | l.getADeclaration() = v1) + parentScope instanceof BlockStmt and + exists(DeclStmt ds | ds.getADeclaration() = v1) and + exists(parentScope.(BlockStmt).getIndexOfStmt(childScope)) ) implies exists(BlockStmt bs, DeclStmt v1Stmt, Stmt v2Stmt | - v1 = v1Stmt.getADeclaration() and - getEnclosingStmt(v2).getParentStmt*() = v2Stmt + bs = parentScope and + v2Stmt = childScope and + v1Stmt.getADeclaration() = v1 | bs.getIndexOfStmt(v1Stmt) <= bs.getIndexOfStmt(v2Stmt) ) - ) -} - -/** - * Gets the enclosing statement of the given variable, if any. - */ -private Stmt getEnclosingStmt(LocalScopeVariable v) { - result.(DeclStmt).getADeclaration() = v - or - exists(ConditionDeclExpr cde | - cde.getVariable() = v and - result = cde.getEnclosingStmt() - ) - or - exists(CatchBlock cb | - cb.getParameter() = v and - result = cb.getEnclosingStmt() - ) + ) and + inSameTranslationUnitLate(v1.getFile(), v2.getFile()) and + not (v1.isMember() or v2.isMember()) } /** Holds if `v2` strictly (`v2` is in an inner scope compared to `v1`) hides `v1`. */ From 47b3fb272f27f2fd7f06ab09d0c1195a7d06a16d Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 9 Dec 2024 12:15:50 +0000 Subject: [PATCH 2288/2573] Scope: refactor hides calculation to expose pairs of variables Behaviour preserving refactor to allow future filtering of invalid pairs of variables during the traversal algorithm. For example, whether a variable declared within a lambda variable hides an outer scope variable depends on the type and nature of the variable. By exposing pairs of candidate variables, we can more easily filter on these conditions. --- cpp/common/src/codingstandards/cpp/Scope.qll | 54 ++++++++++++-------- 1 file changed, 33 insertions(+), 21 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Scope.qll b/cpp/common/src/codingstandards/cpp/Scope.qll index c716896356..6ca3fc8657 100644 --- a/cpp/common/src/codingstandards/cpp/Scope.qll +++ b/cpp/common/src/codingstandards/cpp/Scope.qll @@ -78,6 +78,14 @@ class Scope extends Element { UserVariable getAVariable() { Internal::getParentScope(result) = this } + /** + * Gets the `Variable` with the given `name` that is declared in this scope. + */ + UserVariable getVariable(string name) { + result = getAVariable() and + result.getName() = name + } + int getNumberOfVariables() { result = count(getAVariable()) } Scope getAnAncestor() { result = this.getStrictParent+() } @@ -152,9 +160,9 @@ class Scope extends Element { } /** - * Gets a variable with `name` which is hidden in at least one nested scope. + * Gets a variable with `name` which is potentially hidden in at least one nested scope. */ - UserVariable getAHiddenVariable(string name) { + private UserVariable getAPotentiallyHiddenVariable(string name) { result = getAVariable() and result.getName() = name and isDeclaredNameHiddenByChild(name) @@ -163,34 +171,43 @@ class Scope extends Element { /** * Holds if `name` is declared above this scope and hidden by this or a nested scope. */ - private predicate isNameDeclaredAboveHiddenByThisOrNested(string name) { - ( - this.getStrictParent().isDeclaredNameHiddenByChild(name) or - this.getStrictParent().isNameDeclaredAboveHiddenByThisOrNested(name) + UserVariable getAVariableHiddenByThisOrNestedScope(string name) { + exists(Scope parent | parent = this.getStrictParent() | + result = parent.getAPotentiallyHiddenVariable(name) or + result = parent.getAVariableHiddenByThisOrNestedScope(name) ) and isNameDeclaredInThisOrNestedScope(name) } /** - * Gets a variable with `name` which is declared in a scope above this one, and hidden by a variable in this or a - * nested scope. + * Holds if `hiddenVariable` and `hidingVariable` are a candidate hiding pair at this scope. */ - UserVariable getAHidingVariable(string name) { - isNameDeclaredAboveHiddenByThisOrNested(name) and + private predicate hidesCandidate( + UserVariable hiddenVariable, UserVariable hidingVariable, string name + ) { ( // Declared in this scope - getAVariable().getName() = name and - result = getAVariable() and - result.getName() = name + hidingVariable = getVariable(name) and + hiddenVariable = getAVariableHiddenByThisOrNestedScope(name) or // Declared in a child scope exists(Scope child | getAChildScope() = child and - child.isNameDeclaredInThisOrNestedScope(name) and - result = child.getAHidingVariable(name) + child.hidesCandidate(hiddenVariable, hidingVariable, name) ) ) } + + /** + * Holds if `hiddenVariable` is declared in this scope and hidden by `hidingVariable`. + */ + predicate hides(UserVariable hiddenVariable, UserVariable hidingVariable, Scope childScope) { + exists(string name | + hiddenVariable = getAPotentiallyHiddenVariable(name) and + childScope = getAChildScope() and + childScope.hidesCandidate(hiddenVariable, hidingVariable, name) + ) + } } class GeneratedBlockStmt extends BlockStmt { @@ -247,12 +264,7 @@ class TranslationUnit extends SourceFile { /** Holds if `v2` strictly (`v2` is in an inner scope compared to `v1`) hides `v1`. */ predicate hides_candidateStrict(UserVariable v1, UserVariable v2) { - exists(Scope parentScope, Scope childScope, string name | - v1 = parentScope.getAHiddenVariable(name) and - childScope = parentScope.getAChildScope() and - v2 = childScope.getAHidingVariable(name) and - not v1 = v2 - | + exists(Scope parentScope, Scope childScope | parentScope.hides(v1, v2, childScope) | // If v1 is a local variable defined in a `DeclStmt` ensure that it is declared before `v2`, // otherwise it would not be hidden ( From 9b7e1299fc91d9845f5e9250d33102b6fb627755 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 9 Dec 2024 12:27:50 +0000 Subject: [PATCH 2289/2573] Scope: Special case lambda expressions Lambda expressions have special visibility rules that affect identifier hiding, which we incorporate into the Scope hiding calculations. Note: Lambda expressions are not currently tied into the parent scope hierarchy, so this change doesn't affect calculations until getParentScope(Element e) is extended to support them. --- cpp/common/src/codingstandards/cpp/Scope.qll | 59 ++++++++++++++++++++ 1 file changed, 59 insertions(+) diff --git a/cpp/common/src/codingstandards/cpp/Scope.qll b/cpp/common/src/codingstandards/cpp/Scope.qll index 6ca3fc8657..c705137d8c 100644 --- a/cpp/common/src/codingstandards/cpp/Scope.qll +++ b/cpp/common/src/codingstandards/cpp/Scope.qll @@ -3,6 +3,19 @@ */ import cpp +import codingstandards.cpp.ConstHelpers + +/** + * a `Variable` that is nonvolatile and const + * and of type `IntegralOrEnumType` + */ +class NonVolatileConstIntegralOrEnumVariable extends Variable { + NonVolatileConstIntegralOrEnumVariable() { + not this.isVolatile() and + this.isConst() and + this.getUnspecifiedType() instanceof IntegralOrEnumType + } +} /** * Internal module, exposed for testing. @@ -210,6 +223,52 @@ class Scope extends Element { } } +/** + * A scope representing the generated `operator()` of a lambda function. + */ +class LambdaScope extends Scope { + Closure closure; + + LambdaScope() { this = closure.getLambdaFunction() } + + override UserVariable getAVariableHiddenByThisOrNestedScope(string name) { + // Handle special cases for lambdas + exists(UserVariable hiddenVariable, LambdaExpression lambdaExpr | + // Find the variable that is potentially hidden inside the lambda + hiddenVariable = super.getAVariableHiddenByThisOrNestedScope(name) and + result = hiddenVariable and + lambdaExpr = closure.getLambdaExpression() + | + // A definition can be hidden if it is in scope and it is captured by the lambda, + exists(LambdaCapture cap | + lambdaExpr.getACapture() = cap and + // The outer declaration is captured by the lambda + hiddenVariable.getAnAccess() = cap.getInitializer() + ) + or + // it is is non-local, + hiddenVariable instanceof GlobalVariable + or + // it has static or thread local storage duration, + (hiddenVariable.isThreadLocal() or hiddenVariable.isStatic()) + or + //it is a reference that has been initialized with a constant expression. + hiddenVariable.getType().stripTopLevelSpecifiers() instanceof ReferenceType and + hiddenVariable.getInitializer().getExpr() instanceof Literal + or + // //it const non-volatile integral or enumeration type and has been initialized with a constant expression + hiddenVariable instanceof NonVolatileConstIntegralOrEnumVariable and + hiddenVariable.getInitializer().getExpr() instanceof Literal + or + //it is constexpr and has no mutable members + hiddenVariable.isConstexpr() and + not exists(Class c | + c = hiddenVariable.getType() and not c.getAMember() instanceof MutableVariable + ) + ) + } +} + class GeneratedBlockStmt extends BlockStmt { GeneratedBlockStmt() { this.getLocation() instanceof UnknownLocation } } From 117d0fba033e58ac03d7903ada230e2a09114972 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 9 Dec 2024 12:30:30 +0000 Subject: [PATCH 2290/2573] Scope: Extend getParentScope for lambda expressions Lambda functions are tied into the parent statement of their declaring lambda expression, which enables Scope's hiding predicates to calculate hiding behaviour for lambda expressions. --- cpp/common/src/codingstandards/cpp/Scope.qll | 11 +++++++++++ .../codingstandards/cpp/scope/ParentScope.expected | 2 +- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/Scope.qll b/cpp/common/src/codingstandards/cpp/Scope.qll index c705137d8c..5438c17133 100644 --- a/cpp/common/src/codingstandards/cpp/Scope.qll +++ b/cpp/common/src/codingstandards/cpp/Scope.qll @@ -57,11 +57,22 @@ module Internal { // A catch-block `Handler`, whose parent is the `TryStmt` e.(Handler).getParent() = result or + // The parent scope of a lambda is the scope in which the lambda expression is defined. + // + // Lambda functions are defined in a generated `Closure` class, as the `operator()` function. We choose the + // enclosing statement of the lambda expression as the parent scope of the lambda function. This is so we can + // determine the order of definition if a variable is defined in the same scope as the lambda expression. + exists(Closure lambdaClosure | + lambdaClosure.getLambdaFunction() = e and + lambdaClosure.getLambdaExpression().getEnclosingStmt() = result + ) + or not exists(Loop loop | loop.getAChild() = e) and not exists(IfStmt ifStmt | ifStmt.getThen() = e or ifStmt.getElse() = e) and not exists(SwitchStmt switchStmt | switchStmt.getStmt() = e) and not exists(CatchBlock c | c.getParameter() = e) and not e instanceof Handler and + not exists(Closure lambdaClosure | lambdaClosure.getLambdaFunction() = e) and if exists(e.getParentScope()) then result = e.getParentScope() else ( diff --git a/cpp/common/test/library/codingstandards/cpp/scope/ParentScope.expected b/cpp/common/test/library/codingstandards/cpp/scope/ParentScope.expected index e2152773af..90aa3b30c8 100644 --- a/cpp/common/test/library/codingstandards/cpp/scope/ParentScope.expected +++ b/cpp/common/test/library/codingstandards/cpp/scope/ParentScope.expected @@ -77,7 +77,7 @@ | test.cpp:27:28:27:28 | operator= | file://:0:0:0:0 | decltype([...](...){...}) | | test.cpp:27:29:27:29 | id1 | file://:0:0:0:0 | decltype([...](...){...}) | | test.cpp:27:29:27:31 | id1 | test.cpp:26:15:28:11 | { ... } | -| test.cpp:27:33:27:33 | operator() | file://:0:0:0:0 | decltype([...](...){...}) | +| test.cpp:27:33:27:33 | operator() | test.cpp:27:13:27:53 | declaration | | test.cpp:27:36:27:52 | { ... } | test.cpp:27:33:27:33 | operator() | | test.cpp:27:38:27:50 | declaration | test.cpp:27:36:27:52 | { ... } | | test.cpp:27:42:27:44 | id1 | test.cpp:27:36:27:52 | { ... } | From 411ecde2794bb92bb6981ee6107044d66d5de4ac Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 9 Dec 2024 12:32:08 +0000 Subject: [PATCH 2291/2573] IdentifierHidden: remove lambda special casing This removes the special handling of lambda expressions, which was causing performance issues. Instead, we rely on the new behviour of the Scope library, which calculates identifier hiding for lambda expressions as part of the main calculation. This has one semantic change - the new code applies `isInSameTranslationUnit`, which reduces false positives where the identifier "hiding" in a lambda occurred with an outer variable in a different translation unit. --- .../identifierhidden/IdentifierHidden.qll | 66 +------------------ 1 file changed, 1 insertion(+), 65 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll b/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll index 9534c2f78a..39d24299b8 100644 --- a/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll +++ b/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll @@ -9,75 +9,11 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.Scope -import codingstandards.cpp.ConstHelpers abstract class IdentifierHiddenSharedQuery extends Query { } Query getQuery() { result instanceof IdentifierHiddenSharedQuery } -/** - * a `Variable` that is nonvolatile and const - * and of type `IntegralOrEnumType` - */ -class NonVolatileConstIntegralOrEnumVariable extends Variable { - NonVolatileConstIntegralOrEnumVariable() { - not this.isVolatile() and - this.isConst() and - this.getUnspecifiedType() instanceof IntegralOrEnumType - } -} - -/** - * Holds if declaration `innerDecl`, declared in a lambda, hides a declaration `outerDecl` by the lambda. - */ -predicate hiddenInLambda(UserVariable outerDecl, UserVariable innerDecl) { - exists( - Scope innerScope, LambdaExpression lambdaExpr, Scope lambdaExprScope, Scope outerScope, - Closure lambdaClosure - | - // The variable `innerDecl` is declared inside of the lambda. - innerScope.getADeclaration() = innerDecl and - // Because a lambda is compiled down to a closure, we need to use the closure to determine if the declaration - // is part of the lambda. - innerScope.getAnAncestor() = lambdaClosure and - // Next we determine the scope of the lambda expression to determine if `outerDecl` is visible in the scope of the lambda. - lambdaClosure.getLambdaExpression() = lambdaExpr and - lambdaExprScope.getAnExpr() = lambdaExpr and - outerScope.getADeclaration() = outerDecl and - lambdaExprScope.getStrictParent*() = outerScope and - ( - // A definition can be hidden if it is in scope and it is captured by the lambda, - exists(LambdaCapture cap | - lambdaExpr.getACapture() = cap and - // The outer declaration is captured by the lambda - outerDecl.getAnAccess() = cap.getInitializer() - ) - or - // it is is non-local, - outerDecl instanceof GlobalVariable - or - // it has static or thread local storage duration, - (outerDecl.isThreadLocal() or outerDecl.isStatic()) - or - //it is a reference that has been initialized with a constant expression. - outerDecl.getType().stripTopLevelSpecifiers() instanceof ReferenceType and - outerDecl.getInitializer().getExpr() instanceof Literal - or - // //it const non-volatile integral or enumeration type and has been initialized with a constant expression - outerDecl instanceof NonVolatileConstIntegralOrEnumVariable and - outerDecl.getInitializer().getExpr() instanceof Literal - or - //it is constexpr and has no mutable members - outerDecl.isConstexpr() and - not exists(Class c | - c = outerDecl.getType() and not c.getAMember() instanceof MutableVariable - ) - ) and - // Finally, the variables must have the same names. - innerDecl.getName() = outerDecl.getName() - ) -} - query predicate problems( UserVariable innerDecl, string message, UserVariable outerDecl, string varName ) { @@ -86,7 +22,7 @@ query predicate problems( //ignore template variables for this rule not outerDecl instanceof TemplateVariable and not innerDecl instanceof TemplateVariable and - (hidesStrict(outerDecl, innerDecl) or hiddenInLambda(outerDecl, innerDecl)) and + hidesStrict(outerDecl, innerDecl) and not excludedViaNestedNamespaces(outerDecl, innerDecl) and varName = outerDecl.getName() and message = "Variable is hiding variable $@." From 52e1bc142013d35d1ebb6050111b7939dc1f25cb Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 9 Dec 2024 12:54:54 +0000 Subject: [PATCH 2292/2573] IdentifierHiding - Add change note --- change_notes/2024-12-08-identifier-hiding.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 change_notes/2024-12-08-identifier-hiding.md diff --git a/change_notes/2024-12-08-identifier-hiding.md b/change_notes/2024-12-08-identifier-hiding.md new file mode 100644 index 0000000000..0600c9e6ee --- /dev/null +++ b/change_notes/2024-12-08-identifier-hiding.md @@ -0,0 +1,4 @@ + - `A2-10-1` - `IdentifierHiding.ql`: + - Improved evaluation performance. + - Addressed false negatives where nested loops used the same variable name. + - Exclude cases where a variable declared in a lambda expression shadowed a globa or namespace variable that did not appear in the same translation unit. From cf315bad52bb20208ab84809f90310e3875bb7b3 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 9 Dec 2024 12:57:12 +0000 Subject: [PATCH 2293/2573] Add extra change note entry --- change_notes/2024-12-08-identifier-hiding.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/change_notes/2024-12-08-identifier-hiding.md b/change_notes/2024-12-08-identifier-hiding.md index 0600c9e6ee..c983f5390a 100644 --- a/change_notes/2024-12-08-identifier-hiding.md +++ b/change_notes/2024-12-08-identifier-hiding.md @@ -2,3 +2,6 @@ - Improved evaluation performance. - Addressed false negatives where nested loops used the same variable name. - Exclude cases where a variable declared in a lambda expression shadowed a globa or namespace variable that did not appear in the same translation unit. + - `RULE-5-3` - `IdentifierHidingC.ql`: + - Improved evaluation performance. + - Addressed false negatives where nested loops used the same variable name. \ No newline at end of file From c56e1ce54401c05d5f27c9c86a843625f6f6b37c Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 9 Dec 2024 23:34:03 +0000 Subject: [PATCH 2294/2573] TypographicallyDifferent: Update after changes to Scope Scope no longer provides a suitable predicate for determining variables in nested scopes. Instead, first determine the set of conflicting names, then identify a set of variables which are conflicting, and are hidden within a nested scope. --- ...entifiersNotTypographicallyUnambiguous.qll | 47 ++++++++++++++++--- 1 file changed, 40 insertions(+), 7 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.qll b/cpp/common/src/codingstandards/cpp/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.qll index 87a4580ab3..5c7475883e 100644 --- a/cpp/common/src/codingstandards/cpp/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.qll +++ b/cpp/common/src/codingstandards/cpp/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.qll @@ -46,16 +46,32 @@ string step1(string s) { string step2(string s) { s = "m_" and result = "rn" } -predicate violation(UserVariable v1, UserVariable v2) { - v2 = getPotentialScopeOfVariable(v1) and +class VariableName extends string { + VariableName() { exists(UserVariable uv | uv.getName() = this) } + + string getCanon() { + result = + this.toLowerCase() + .replaceAll("_", "") + .regexpReplaceAll("[il]", "1") + .replaceAll("s", "5") + .replaceAll("z", "2") + .replaceAll("b", "8") + .replaceAll("h", "n") + .replaceAll("m", "rn") + .replaceAll("o", "0") + } +} + +predicate isConflictingName(VariableName name1, VariableName name2) { exists(string s1, string s2 | // over-approximate a match, because it is cheaper to compute - getCanon(v1) = getCanon(v2) and - v1 != v2 and - not v1.getName() = v2.getName() and + name1.getCanon() = name2.getCanon() and + // Exclude identical names + not name1 = name2 and // expand 'm' to 'm_' to match either 'm_' or 'rn' - s1 = v1.getName().replaceAll("_", "").replaceAll("m", "m_") and - s2 = v2.getName().replaceAll("_", "").replaceAll("m", "m_") and + s1 = name1.replaceAll("_", "").replaceAll("m", "m_") and + s2 = name2.replaceAll("_", "").replaceAll("m", "m_") and // at this point the strings must have equal length, the substitutions do not expand nor contract the string s1.length() = s2.length() and forall(int i | i in [0 .. s1.length() - 1] | @@ -87,6 +103,23 @@ predicate violation(UserVariable v1, UserVariable v2) { ) } +predicate violation(UserVariable v1, UserVariable v2) { + exists(string name1, string name2 | + isConflictingName(name1, name2) and + exists(Scope parentScope, Scope childScope | + parentScope.getVariable(name1) = v1 and + childScope.getVariable(name2) = v2 + | + childScope.getStrictParent+() = parentScope + or + // Disambiguate names in the same scope by name order + childScope = parentScope and + name1 < name2 + ) and + inSameTranslationUnitLate(v1.getFile(), v2.getFile()) + ) +} + query predicate problems( UserVariable v, string message, UserVariable v1, string v1Description, UserVariable v2, string v2Description From 125650c582ec38fb4785940444fdf6fe927c4efd Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Mon, 9 Dec 2024 16:37:57 -0800 Subject: [PATCH 2295/2573] Address review feedback --- c/misra/src/codeql-suites/misra-c-default.qls | 1 + c/misra/src/codeql-suites/misra-c-strict.qls | 8 ++++ .../RULE-2-8/UnusedObjectDefinition.expected | 2 + c/misra/test/rules/RULE-2-8/test.c | 18 +++++++++ .../cpp/deadcode/UnusedObjects.qll | 10 +++-- .../cpp/deadcode/UnusedVariables.qll | 39 ++++++++++++++----- docs/development_handbook.md | 2 + docs/user_manual.md | 13 ++++++- rule_packages/c/DeadCode2.json | 5 ++- 9 files changed, 82 insertions(+), 16 deletions(-) create mode 100644 c/misra/src/codeql-suites/misra-c-strict.qls diff --git a/c/misra/src/codeql-suites/misra-c-default.qls b/c/misra/src/codeql-suites/misra-c-default.qls index 343379a2b3..f72a63ba49 100644 --- a/c/misra/src/codeql-suites/misra-c-default.qls +++ b/c/misra/src/codeql-suites/misra-c-default.qls @@ -7,4 +7,5 @@ - exclude: tags contain: - external/misra/audit + - external/misra/strict - external/misra/default-disabled diff --git a/c/misra/src/codeql-suites/misra-c-strict.qls b/c/misra/src/codeql-suites/misra-c-strict.qls new file mode 100644 index 0000000000..6fb642424c --- /dev/null +++ b/c/misra/src/codeql-suites/misra-c-strict.qls @@ -0,0 +1,8 @@ +- description: MISRA C 2012 (Strict) +- qlpack: codeql/misra-c-coding-standards +- include: + kind: + - problem + - path-problem + tags contain: + - external/misra/strict diff --git a/c/misra/test/rules/RULE-2-8/UnusedObjectDefinition.expected b/c/misra/test/rules/RULE-2-8/UnusedObjectDefinition.expected index fc6f320539..ce7e198122 100644 --- a/c/misra/test/rules/RULE-2-8/UnusedObjectDefinition.expected +++ b/c/misra/test/rules/RULE-2-8/UnusedObjectDefinition.expected @@ -6,3 +6,5 @@ | test.c:45:9:45:10 | definition of g6 | Unused object definition 'g6'. | test.c:45:9:45:10 | test.c:45:9:45:10 | | | test.c:51:5:51:6 | definition of g7 | Unused object definition 'g7'. | test.c:51:5:51:6 | test.c:51:5:51:6 | | | test.c:64:3:64:18 | ONLY_DEF_VAR(x) | Unused object definition 'l2' from macro '$@'. | test.c:60:1:60:34 | test.c:60:1:60:34 | ONLY_DEF_VAR | +| test.c:117:11:117:13 | definition of g10 | Unused object definition 'g10'. | test.c:117:11:117:13 | test.c:117:11:117:13 | | +| test.c:122:13:122:14 | definition of l2 | Unused object definition 'l2'. | test.c:122:13:122:14 | test.c:122:13:122:14 | | diff --git a/c/misra/test/rules/RULE-2-8/test.c b/c/misra/test/rules/RULE-2-8/test.c index 21a2479163..cffb4f2e33 100644 --- a/c/misra/test/rules/RULE-2-8/test.c +++ b/c/misra/test/rules/RULE-2-8/test.c @@ -111,3 +111,21 @@ void f8() { void f9() { DEF_ATTR_UNUSED_INNER_VAR(); // COMPLIANT } + +// Const variable tests: +const int g9 = 1; // COMPLIANT +const int g10 = 1; // NON-COMPLIANT + +void f10() { + g9; + const int l1 = 1; // COMPLIANT + const int l2 = 1; // NON-COMPLIANT + l1; +} + +// Side effects should not disable this rule: +void f11() { + int l1 = 1; // COMPLIANT + int l2 = l1++; // COMPLIANT + l2; +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/deadcode/UnusedObjects.qll b/cpp/common/src/codingstandards/cpp/deadcode/UnusedObjects.qll index 70944dfad4..96dcc8d315 100644 --- a/cpp/common/src/codingstandards/cpp/deadcode/UnusedObjects.qll +++ b/cpp/common/src/codingstandards/cpp/deadcode/UnusedObjects.qll @@ -1,4 +1,5 @@ import cpp +import codingstandards.cpp.deadcode.UnusedVariables import codingstandards.cpp.alertreporting.HoldsForAllCopies import codingstandards.cpp.alertreporting.DeduplicateMacroResults @@ -15,10 +16,13 @@ import codingstandards.cpp.alertreporting.DeduplicateMacroResults */ class UnusedObjectDefinition extends VariableDeclarationEntry { UnusedObjectDefinition() { + ( + getVariable() instanceof BasePotentiallyUnusedLocalVariable + or + getVariable() instanceof BasePotentiallyUnusedGlobalOrNamespaceVariable + ) and not exists(VariableAccess access | access.getTarget() = getVariable()) and - getVariable().getDefinition() = this and - not this instanceof ParameterDeclarationEntry and - not getVariable() instanceof MemberVariable + getVariable().getDefinition() = this } /* Dead objects with these attributes are reported in the "strict" queries. */ diff --git a/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll b/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll index 912d2babcd..b896fb6f9e 100644 --- a/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll +++ b/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll @@ -36,11 +36,11 @@ predicate declarationHasSideEffects(Variable v) { v.getType() instanceof TemplateDependentType } -/** A `LocalVariable` which is a candidate for being unused. */ -class PotentiallyUnusedLocalVariable extends LocalVariable { - PotentiallyUnusedLocalVariable() { - // Ignore variables declared in macro expansions - not exists(DeclStmt ds | ds.getADeclaration() = this and ds.isInMacroExpansion()) and +/** + * A `LocalVariable` which is a candidate for being unused, and may or may not be defined in a macro. + */ +class BasePotentiallyUnusedLocalVariable extends LocalVariable { + BasePotentiallyUnusedLocalVariable() { // Ignore variables where initializing the variable has side effects not declarationHasSideEffects(this) and // TODO non POD types with initializers? Also, do something different with templates? exists(Function f | f = getFunction() | @@ -56,6 +56,16 @@ class PotentiallyUnusedLocalVariable extends LocalVariable { } } +/** + * A `LocalVariable` which is a candidate for being unused, and not defined in a macro. + */ +class PotentiallyUnusedLocalVariable extends BasePotentiallyUnusedLocalVariable { + PotentiallyUnusedLocalVariable() { + // Ignore variables declared in macro expansions + not exists(DeclStmt ds | ds.getADeclaration() = this and ds.isInMacroExpansion()) + } +} + /** Holds if `mf` is "defined" in this database. */ predicate isDefined(MemberFunction mf) { exists(MemberFunction definedMemberFunction | @@ -105,13 +115,11 @@ class PotentiallyUnusedMemberVariable extends MemberVariable { } } -/** A `GlobalOrNamespaceVariable` which is potentially unused. */ -class PotentiallyUnusedGlobalOrNamespaceVariable extends GlobalOrNamespaceVariable { - PotentiallyUnusedGlobalOrNamespaceVariable() { +/** A `GlobalOrNamespaceVariable` which is potentially unused and may or may not be defined in a macro */ +class BasePotentiallyUnusedGlobalOrNamespaceVariable extends GlobalOrNamespaceVariable { + BasePotentiallyUnusedGlobalOrNamespaceVariable() { // A non-defined variable may never be used hasDefinition() and - // Not declared in a macro expansion - not isInMacroExpansion() and // No side-effects from declaration not declarationHasSideEffects(this) and // exclude uninstantiated template members @@ -121,6 +129,17 @@ class PotentiallyUnusedGlobalOrNamespaceVariable extends GlobalOrNamespaceVariab } } +/** + * A `GlobalOrNamespaceVariable` which is potentially unused, and is not defined in a macro. +*/ +class PotentiallyUnusedGlobalOrNamespaceVariable extends BasePotentiallyUnusedGlobalOrNamespaceVariable +{ + PotentiallyUnusedGlobalOrNamespaceVariable() { + // Not declared in a macro expansion + not isInMacroExpansion() + } +} + predicate isUnused(Variable variable) { not exists(variable.getAnAccess()) and variable.getInitializer().fromSource() diff --git a/docs/development_handbook.md b/docs/development_handbook.md index dc50bf59ff..97c615ba2e 100644 --- a/docs/development_handbook.md +++ b/docs/development_handbook.md @@ -51,6 +51,8 @@ Each coding standard consists of a list of "guidelines", however not all the gui For some of the rules which are not amenable to static analysis, we may opt to provide a query which aids with "auditing" the rules. For example, AUTOSAR includes a rule (A10-0-1) "Public inheritance shall be used to implement 'is-a' relationship.". This is not directly amenable to static analysis, because it requires external context around the concept being modeled. However, we can provide an "audit" rule which reports all the public and private inheritance relationships in the program, so they can be manually verified. +For other rules, there may be means of indicating that a contravention is intentional, and where requiring a _devation report_ may be extra burdensome on developers and require double-entry. These results should be reported under a "strict" query. For instance, `RULE-2-8` "A project should not contain unused object definitions," where adding `__attribute__((unused))` may be preferable in order to suppress compiler warnings (which _deviation reports_ do not do) and are highly indicative of an intentional contravention by a developer. + For each rule which will be implemented with a query we have assigned a "rule package". Rule packages represent sets of rules, possibly across standards, that will be implemented together. Examples of rule packages include "Exceptions", "Naming", "Pointers" and so forth. By implementing queries for related rules together, we intend to maximize the amount of code shared between queries, and to ensure query developers can gain a deep understanding of that specific topic. The canonical list of rules, with implementation categorization and assigned rule packages, are stored in this repository in the `rules.csv` file. diff --git a/docs/user_manual.md b/docs/user_manual.md index db0f836339..1ddf68870e 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -71,6 +71,7 @@ For each rule we therefore identify whether it is supportable or not. Furthermor - **Automated** - the queries for the rule find contraventions directly. - **Audit only** - the queries for the rule does not find contraventions directly, but instead report a list of _candidates_ that can be used as input into a manual audit. For example, `A10-0-1` (_Public inheritance shall be used to implement 'is-a' relationship_) is not directly amenable to static analysis, but CodeQL can be used to produce a list of all the locations that use public inheritance so they can be manually reviewed. +- **Strict only** - the queries for the rule find contraventions directly, but find results which are strongly indicated to be intentional, and where adding a _deviation report_ may be extra burden on developers. For example, in `RULE-2-8` (_A project should not contain unused object definitions_), declaring objects with `__attribute__((unused))` may be preferable to a _deviation report_, which will not suppress relevant compiler warnings, and therefore would otherwise require developer double-entry. Each supported rule is implemented as one or more CodeQL queries, with each query covering an aspect of the rule. In many coding standards, the rules cover non-trivial semantic properties of the codebase under analysis. @@ -214,14 +215,22 @@ The following flags may be passed to the `database analyze` command to adjust th The output of this command will be a [SARIF file](https://sarifweb.azurewebsites.net/) called `.sarif`. -#### Running the analysis for audit level queries +#### Running the analysis for strict and/or audit level queries -Optionally, you may want to run the "audit" level queries. These queries produce lists of results that do not directly highlight contraventions of the rule. Instead, they identify locations in the code that can be manually audited to verify the absence of problems for that particular rule. +Optionally, you may want to run the "strict" or "audit" level queries. + +Audit queries produce lists of results that do not directly highlight contraventions of the rule. Instead, they identify locations in the code that can be manually audited to verify the absence of problems for that particular rule. ```bash codeql database analyze --format=sarifv2.1.0 --output=.sarif path/to/ path/to/codeql-coding-standards/cpp//src/codeql-suites/-audit.qls... ``` +Strict queries identify contraventions in the code that strongly suggest they are deliberate, and where adding an explicit _deviation report_ may be extra burden on developers. + +```bash +codeql database analyze --format=sarifv2.1.0 --output=.sarif path/to/ path/to/codeql-coding-standards/cpp//src/codeql-suites/-strict.qls... +``` + For each Coding Standard you want to run, add a trailing entry in the following format: `path/to/codeql-coding-standards/cpp//src/codeql-suites/-default.qls`. #### Producing an analysis report diff --git a/rule_packages/c/DeadCode2.json b/rule_packages/c/DeadCode2.json index da114a2349..b897f595e6 100644 --- a/rule_packages/c/DeadCode2.json +++ b/rule_packages/c/DeadCode2.json @@ -60,7 +60,10 @@ ] } ], - "title": "A project should not contain unused object definitions" + "title": "A project should not contain unused object definitions", + "implementation_scope": { + "description": "Unused object definitions marked with `__attribute__((unused))` (and `used`, `maybe_used`, `cleanup`) are separately reported under the 'strict' query suite. This is because these attributes strongly indicate the contravention is intentional, and a deviation report alone will not suppress compiler warnings." + } } } } \ No newline at end of file From 003feefeafe2d02809060551c07aa1aa5d5a25ca Mon Sep 17 00:00:00 2001 From: Fernando Jose Date: Tue, 10 Dec 2024 11:50:33 +0900 Subject: [PATCH 2296/2573] Exclude rvalue references from const in AUTOSAR rule 7-1-1. --- .../A7-1-1/DeclarationUnmodifiedObjectMissingConstSpecifier.ql | 1 + 1 file changed, 1 insertion(+) diff --git a/cpp/autosar/src/rules/A7-1-1/DeclarationUnmodifiedObjectMissingConstSpecifier.ql b/cpp/autosar/src/rules/A7-1-1/DeclarationUnmodifiedObjectMissingConstSpecifier.ql index ff07bcbdb2..b961acce64 100644 --- a/cpp/autosar/src/rules/A7-1-1/DeclarationUnmodifiedObjectMissingConstSpecifier.ql +++ b/cpp/autosar/src/rules/A7-1-1/DeclarationUnmodifiedObjectMissingConstSpecifier.ql @@ -38,6 +38,7 @@ where not exists(LambdaExpression lc | lc.getACapture().getField() = v) and not v.isFromUninstantiatedTemplate(_) and not v.isCompilerGenerated() and + not v.getType() instanceof RValueReferenceType and //if the instantiation is not constexpr but the template is, still exclude it as a candidate not exists(TemplateVariable b | b.getAnInstantiation() = v and b.isConstexpr()) select v, "Non-constant variable " + v.getName() + cond + " and is not modified." From 18b92ec47d9121d990a12c7b59b8f956b3a59fdc Mon Sep 17 00:00:00 2001 From: Fernando Jose Date: Tue, 10 Dec 2024 12:42:56 +0900 Subject: [PATCH 2297/2573] Add change note. --- change_notes/2024-12-10-udpate-a7-1-1.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 change_notes/2024-12-10-udpate-a7-1-1.md diff --git a/change_notes/2024-12-10-udpate-a7-1-1.md b/change_notes/2024-12-10-udpate-a7-1-1.md new file mode 100644 index 0000000000..6efa1ae01f --- /dev/null +++ b/change_notes/2024-12-10-udpate-a7-1-1.md @@ -0,0 +1,2 @@ +- `A7-1-1` - `DeclarationUnmodifiedObjectMissingConstSpecifier.ql`: + - Exclude rvalue references. From 4d31f5f11cd33031a87d1c1ff070c791f0049529 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 10 Dec 2024 01:16:51 -0500 Subject: [PATCH 2298/2573] Update change_notes/2024-12-08-identifier-hiding.md Co-authored-by: Fernando Jose --- change_notes/2024-12-08-identifier-hiding.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/change_notes/2024-12-08-identifier-hiding.md b/change_notes/2024-12-08-identifier-hiding.md index c983f5390a..b769b16e57 100644 --- a/change_notes/2024-12-08-identifier-hiding.md +++ b/change_notes/2024-12-08-identifier-hiding.md @@ -1,7 +1,7 @@ - `A2-10-1` - `IdentifierHiding.ql`: - Improved evaluation performance. - Addressed false negatives where nested loops used the same variable name. - - Exclude cases where a variable declared in a lambda expression shadowed a globa or namespace variable that did not appear in the same translation unit. + - Exclude cases where a variable declared in a lambda expression shadowed a global or namespace variable that did not appear in the same translation unit. - `RULE-5-3` - `IdentifierHidingC.ql`: - Improved evaluation performance. - Addressed false negatives where nested loops used the same variable name. \ No newline at end of file From 0673c778943ceda34d7156bf5108f6b9d3a87960 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 29 Nov 2024 15:20:54 +0000 Subject: [PATCH 2299/2573] A15-4-4: Support deviation on the function declaration --- cpp/autosar/src/rules/A15-4-4/MissingNoExcept.ql | 2 +- cpp/autosar/test/rules/A15-4-4/test.cpp | 10 +++++++++- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/src/rules/A15-4-4/MissingNoExcept.ql b/cpp/autosar/src/rules/A15-4-4/MissingNoExcept.ql index 7701a8a1ea..bbdb8d93f3 100644 --- a/cpp/autosar/src/rules/A15-4-4/MissingNoExcept.ql +++ b/cpp/autosar/src/rules/A15-4-4/MissingNoExcept.ql @@ -21,7 +21,7 @@ import codingstandards.cpp.exceptions.ExceptionFlow from Function f where - not isExcluded(f, Exceptions1Package::missingNoExceptQuery()) and + not isExcluded(f.getADeclarationEntry(), Exceptions1Package::missingNoExceptQuery()) and // No thrown exceptions not exists(getAFunctionThrownType(f, _)) and // But not marked noexcept(true) diff --git a/cpp/autosar/test/rules/A15-4-4/test.cpp b/cpp/autosar/test/rules/A15-4-4/test.cpp index 1f9d0d5a85..faae76ca8e 100644 --- a/cpp/autosar/test/rules/A15-4-4/test.cpp +++ b/cpp/autosar/test/rules/A15-4-4/test.cpp @@ -56,4 +56,12 @@ std::string test_fp_reported_in_424( s3.append(s1.c_str(), s1.size()); s3.append(s2.c_str(), s2.size()); return s3; -} \ No newline at end of file +} + +void test_no_except_deviated_decl(); // a-15-4-4-deviation + +void test_no_except_deviated_decl() {} + +void test_no_except_deviated_defn(); + +void test_no_except_deviated_defn() {} // a-15-4-4-deviation \ No newline at end of file From 5e753af5dc4e815a3de2046dc94b1f08a42a5824 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 10 Dec 2024 13:44:36 +0000 Subject: [PATCH 2300/2573] Add change note --- change_notes/2024-12-10-a15-4-4-deviations.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 change_notes/2024-12-10-a15-4-4-deviations.md diff --git a/change_notes/2024-12-10-a15-4-4-deviations.md b/change_notes/2024-12-10-a15-4-4-deviations.md new file mode 100644 index 0000000000..4a595e3e00 --- /dev/null +++ b/change_notes/2024-12-10-a15-4-4-deviations.md @@ -0,0 +1,2 @@ + - `A15-4-4` - `MissingNoExcept.ql`: + - Enable deviations on either declarations or definitions. \ No newline at end of file From 9492933c0ac32ac1a98b2bcb51e8f985f5ce5d3b Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Tue, 10 Dec 2024 08:25:01 -0800 Subject: [PATCH 2301/2573] Format --- cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll b/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll index b896fb6f9e..a7accd5252 100644 --- a/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll +++ b/cpp/common/src/codingstandards/cpp/deadcode/UnusedVariables.qll @@ -131,7 +131,7 @@ class BasePotentiallyUnusedGlobalOrNamespaceVariable extends GlobalOrNamespaceVa /** * A `GlobalOrNamespaceVariable` which is potentially unused, and is not defined in a macro. -*/ + */ class PotentiallyUnusedGlobalOrNamespaceVariable extends BasePotentiallyUnusedGlobalOrNamespaceVariable { PotentiallyUnusedGlobalOrNamespaceVariable() { From 8c31c8c296b5992b931fe1cbc8b338b89e8dc048 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Tue, 10 Dec 2024 08:26:37 -0800 Subject: [PATCH 2302/2573] format c --- c/misra/test/rules/RULE-2-8/test.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/c/misra/test/rules/RULE-2-8/test.c b/c/misra/test/rules/RULE-2-8/test.c index cffb4f2e33..ef40dfb2a4 100644 --- a/c/misra/test/rules/RULE-2-8/test.c +++ b/c/misra/test/rules/RULE-2-8/test.c @@ -113,7 +113,7 @@ void f9() { } // Const variable tests: -const int g9 = 1; // COMPLIANT +const int g9 = 1; // COMPLIANT const int g10 = 1; // NON-COMPLIANT void f10() { @@ -125,7 +125,7 @@ void f10() { // Side effects should not disable this rule: void f11() { - int l1 = 1; // COMPLIANT + int l1 = 1; // COMPLIANT int l2 = l1++; // COMPLIANT l2; } \ No newline at end of file From 7631a61cdd55ec9b46804941bdd04d65d3a40f38 Mon Sep 17 00:00:00 2001 From: knewbury01 Date: Tue, 10 Dec 2024 21:27:28 +0000 Subject: [PATCH 2303/2573] Bump version to 2.40.0-dev --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- docs/user_manual.md | 12 ++++++------ 16 files changed, 21 insertions(+), 21 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index f7454d1ff0..2778e44435 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards -version: 2.39.0-dev +version: 2.40.0-dev description: CERT C 2016 suites: codeql-suites license: MIT diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index a79ef5f692..461ebe9677 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards-tests -version: 2.39.0-dev +version: 2.40.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 1930faeeb0..f39f3cb1c4 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards -version: 2.39.0-dev +version: 2.40.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index 41737a34ec..d417a17df2 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards-tests -version: 2.39.0-dev +version: 2.40.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 656394ad1d..9aceed1a49 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards -version: 2.39.0-dev +version: 2.40.0-dev description: MISRA C 2012 suites: codeql-suites license: MIT diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index 3acb8455b1..d53bc95f28 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards-tests -version: 2.39.0-dev +version: 2.40.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index e1843eb2e7..f44ad54c74 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards -version: 2.39.0-dev +version: 2.40.0-dev description: AUTOSAR C++14 Guidelines R22-11, R21-11, R20-11, R19-11 and R19-03 suites: codeql-suites license: MIT diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index e7e8d3e2ce..178d8cc314 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards-tests -version: 2.39.0-dev +version: 2.40.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index 949087dfd5..735dd9f5b4 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards -version: 2.39.0-dev +version: 2.40.0-dev description: CERT C++ 2016 suites: codeql-suites license: MIT diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index ba7415c43e..3a6d02e7d4 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards-tests -version: 2.39.0-dev +version: 2.40.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index 1cfc63d8d9..1ae6dfd997 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards -version: 2.39.0-dev +version: 2.40.0-dev license: MIT dependencies: codeql/cpp-all: 1.4.2 diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index 3f061a2920..90236b203e 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards-tests -version: 2.39.0-dev +version: 2.40.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index 4f94ff4bec..96fc96ce24 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards -version: 2.39.0-dev +version: 2.40.0-dev description: MISRA C++ 2023 default-suite: codeql-suites/misra-cpp-default.qls license: MIT diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index e79e5934fa..207facda4e 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards-tests -version: 2.39.0-dev +version: 2.40.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index 73f4cf3276..e569153ae8 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/report-cpp-coding-standards -version: 2.39.0-dev +version: 2.40.0-dev license: MIT dependencies: codeql/cpp-all: 1.4.2 diff --git a/docs/user_manual.md b/docs/user_manual.md index 4c020dc73b..952a9a3c99 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -33,14 +33,14 @@ ## Release information -This user manual documents release `2.39.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). +This user manual documents release `2.40.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). The release page documents the release notes and contains the following artifacts part of the release: - `coding-standards-codeql-packs-2.37.0-dev.zip`: CodeQL packs that can be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `code-scanning-cpp-query-pack-2.39.0-dev.zip`: Legacy packaging for the queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `supported_rules_list_2.39.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. -- `supported_rules_list_2.39.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. -- `user_manual_2.39.0-dev.md`: This user manual. +- `code-scanning-cpp-query-pack-2.40.0-dev.zip`: Legacy packaging for the queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. +- `supported_rules_list_2.40.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. +- `supported_rules_list_2.40.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. +- `user_manual_2.40.0-dev.md`: This user manual. - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards - `checksums.txt`: A text file containing sha256 checksums for the aforementioned artifacts. @@ -573,7 +573,7 @@ This section describes known failure modes for "CodeQL Coding Standards" and des | | Out of space | Less output. Some files may be only be partially analyzed, or not analyzed at all. | Error reported on the command line. | Increase space. If it remains an issue report space consumption issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False positives | More output. Results are reported which are not violations of the guidelines. | All reported results must be reviewed. | Report false positive issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False negatives | Less output. Violations of the guidelines are not reported. | Other validation and verification processes during software development should be used to complement the analysis performed by CodeQL Coding Standards. | Report false negative issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | -| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.39.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | +| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.40.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | | | Incorrect deviation record specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation records with a reason. Ensure that all deviation records are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Incorrect deviation permit specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation permits with a reason. Ensure that all deviation permits are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Unapproved use of a deviation record | Less output. Results for guideline violations are not reported. | Validate that the deviation record use is approved by verifying the approved-by attribute of the deviation record specification. | Ensure that each raised deviation record is approved by an independent approver through an auditable process. | From 78ae4ce64cc8b7188234e618aa3ae33fd57d3f30 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Tue, 10 Dec 2024 18:03:04 -0800 Subject: [PATCH 2304/2573] Implement MISRA-C clarifications from amendments3, 4, at TC2. Some amendments were improperly categorized, fixed. Rule 10.1 also had an additional amendment (amdt4 and tc2). --- amendments.csv | 53 ++++++++++++++++--------------- rule_packages/c/Banned.json | 2 +- rule_packages/c/Contracts6.json | 2 +- rule_packages/c/Pointers1.json | 2 +- rule_packages/c/SideEffects1.json | 2 +- 5 files changed, 31 insertions(+), 30 deletions(-) diff --git a/amendments.csv b/amendments.csv index ce285a29ba..2d7254efec 100644 --- a/amendments.csv +++ b/amendments.csv @@ -9,41 +9,42 @@ c,MISRA-C-2012,Amendment3,RULE-10-4,Yes,Refine,No,Import c,MISRA-C-2012,Amendment3,RULE-10-5,Yes,Expand,No,Easy c,MISRA-C-2012,Amendment3,RULE-10-7,Yes,Refine,No,Import c,MISRA-C-2012,Amendment3,RULE-10-8,Yes,Refine,No,Import -c,MISRA-C-2012,Amendment3,RULE-21-11,Yes,Clarification,No,Import +c,MISRA-C-2012,Amendment3,RULE-21-11,Yes,Clarification,Yes,Import c,MISRA-C-2012,Amendment3,RULE-21-12,Yes,Replace,No,Easy c,MISRA-C-2012,Amendment4,RULE-11-3,Yes,Expand,No,Easy c,MISRA-C-2012,Amendment4,RULE-11-8,Yes,Expand,No,Easy c,MISRA-C-2012,Amendment4,RULE-13-2,Yes,Expand,No,Very Hard c,MISRA-C-2012,Amendment4,RULE-18-6,Yes,Expand,No,Medium c,MISRA-C-2012,Amendment4,RULE-18-8,Yes,Split,Yes,Easy -c,MISRA-C-2012,Corrigendum2,RULE-2-2,Yes,Clarification,No,Import -c,MISRA-C-2012,Corrigendum2,RULE-2-7,Yes,Clarification,No,Import -c,MISRA-C-2012,Corrigendum2,RULE-3-1,Yes,Refine,No,Easy -c,MISRA-C-2012,Corrigendum2,RULE-8-6,Yes,Clarification,No,Import -c,MISRA-C-2012,Corrigendum2,RULE-8-9,Yes,Clarification,No,Import -c,MISRA-C-2012,Corrigendum2,RULE-9-4,Yes,Clarification,No,Import -c,MISRA-C-2012,Corrigendum2,RULE-10-1,Yes,Clarification,No,Import -c,MISRA-C-2012,Corrigendum2,RULE-18-3,Yes,Clarification,No,Import -c,MISRA-C-2012,Corrigendum2,RULE-1-4,Yes,Replace,No,Easy -c,MISRA-C-2012,Corrigendum2,RULE-9-1,Yes,Refine,No,Easy -c,MISRA-C-2012,Corrigendum2,RULE-9-2,Yes,Refine,No,Import -c,MISRA-C-2012,Corrigendum2,DIR-4-10,Yes,Clarification,No,Import +c,MISRA-C-2012,Amendment4,RULE-2-2,Yes,Clarification,Yes,Import +c,MISRA-C-2012,Amendment4,RULE-2-7,Yes,Clarification,Yes,Import +c,MISRA-C-2012,Amendment4,RULE-3-1,Yes,Refine,No,Easy +c,MISRA-C-2012,Amendment4,RULE-8-6,Yes,Clarification,Yes,Import +c,MISRA-C-2012,Amendment4,RULE-8-9,Yes,Clarification,Yes,Import +c,MISRA-C-2012,Amendment4,RULE-9-4,Yes,Clarification,Yes,Import +c,MISRA-C-2012,Amendment4,RULE-10-1,Yes,Clarification,Yes,Import +c,MISRA-C-2012,Amendment4,RULE-18-3,Yes,Clarification,Yes,Import +c,MISRA-C-2012,Amendment4,RULE-1-4,Yes,Replace,No,Easy +c,MISRA-C-2012,Amendment4,RULE-9-1,Yes,Refine,No,Easy +c,MISRA-C-2012,Amendment4,RULE-9-2,Yes,Refine,No,Import +c,MISRA-C-2012,Corrigendum2,DIR-4-10,Yes,Clarification,Yes,Import c,MISRA-C-2012,Corrigendum2,RULE-7-4,Yes,Refine,No,Easy -c,MISRA-C-2012,Corrigendum2,RULE-8-2,Yes,Clarification,No,Import +c,MISRA-C-2012,Corrigendum2,RULE-8-2,Yes,Clarification,Yes,Import c,MISRA-C-2012,Corrigendum2,RULE-8-3,Yes,Refine,No,Easy -c,MISRA-C-2012,Corrigendum2,RULE-8-7,Yes,Clarification,No,Import +c,MISRA-C-2012,Corrigendum2,RULE-8-7,Yes,Clarification,Yes,Import +c,MISRA-C-2012,Corrigendum2,RULE-10-1,Yes,Clarification,Yes,Import c,MISRA-C-2012,Corrigendum2,RULE-10-2,Yes,Refine,No,Easy -c,MISRA-C-2012,Corrigendum2,RULE-10-3,Yes,Clarification,No,Import -c,MISRA-C-2012,Corrigendum2,RULE-11-3,Yes,Clarification,No,Import -c,MISRA-C-2012,Corrigendum2,RULE-11-6,Yes,Clarification,No,Import -c,MISRA-C-2012,Corrigendum2,RULE-13-2,Yes,Clarification,No,Import -c,MISRA-C-2012,Corrigendum2,RULE-13-6,Yes,Clarification,No,Import +c,MISRA-C-2012,Corrigendum2,RULE-10-3,Yes,Clarification,Yes,Import +c,MISRA-C-2012,Corrigendum2,RULE-11-3,Yes,Clarification,Yes,Import +c,MISRA-C-2012,Corrigendum2,RULE-11-6,Yes,Clarification,Yes,Import +c,MISRA-C-2012,Corrigendum2,RULE-13-2,Yes,Clarification,Yes,Import +c,MISRA-C-2012,Corrigendum2,RULE-13-6,Yes,Clarification,Yes,Import c,MISRA-C-2012,Corrigendum2,RULE-14-3,Yes,Refine,No,Easy -c,MISRA-C-2012,Corrigendum2,RULE-15-7,Yes,Clarification,No,Import -c,MISRA-C-2012,Corrigendum2,RULE-17-4,Yes,Clarification,No,Import -c,MISRA-C-2012,Corrigendum2,RULE-17-5,Yes,Clarification,No,Import +c,MISRA-C-2012,Corrigendum2,RULE-15-7,Yes,Clarification,Yes,Import +c,MISRA-C-2012,Corrigendum2,RULE-17-4,Yes,Clarification,Yes,Import +c,MISRA-C-2012,Corrigendum2,RULE-17-5,Yes,Clarification,Yes,Import c,MISRA-C-2012,Corrigendum2,RULE-18-1,Yes,Refine,No,Easy -c,MISRA-C-2012,Corrigendum2,RULE-20-14,No,Clarification,No,Import -c,MISRA-C-2012,Corrigendum2,RULE-21-19,Yes,Clarification,No,Import +c,MISRA-C-2012,Corrigendum2,RULE-20-14,No,Clarification,Yes,Import +c,MISRA-C-2012,Corrigendum2,RULE-21-19,Yes,Clarification,Yes,Import c,MISRA-C-2012,Corrigendum2,RULE-21-20,Yes,Refine,No,Easy -c,MISRA-C-2012,Corrigendum2,RULE-22-9,Yes,Clarification,No,Import \ No newline at end of file +c,MISRA-C-2012,Corrigendum2,RULE-22-9,Yes,Clarification,Yes,Import \ No newline at end of file diff --git a/rule_packages/c/Banned.json b/rule_packages/c/Banned.json index d3825f8f30..4decbae6f2 100644 --- a/rule_packages/c/Banned.json +++ b/rule_packages/c/Banned.json @@ -104,7 +104,7 @@ }, "RULE-21-11": { "properties": { - "obligation": "required" + "obligation": "advisory" }, "queries": [ { diff --git a/rule_packages/c/Contracts6.json b/rule_packages/c/Contracts6.json index 4dbae7e121..c46ef2f710 100644 --- a/rule_packages/c/Contracts6.json +++ b/rule_packages/c/Contracts6.json @@ -26,7 +26,7 @@ "MISRA-C-2012": { "RULE-17-5": { "properties": { - "obligation": "advisory" + "obligation": "required" }, "queries": [ { diff --git a/rule_packages/c/Pointers1.json b/rule_packages/c/Pointers1.json index 29b658d823..5f53d15702 100644 --- a/rule_packages/c/Pointers1.json +++ b/rule_packages/c/Pointers1.json @@ -244,7 +244,7 @@ ] } ], - "title": "The relational operators >, >=, < and <= shall not be applied to objects of pointer type except where they point into the same object" + "title": "The relational operators >, >=, < and <= shall not be applied to expressions of pointer type except where they point into the same object" }, "RULE-18-4": { "properties": { diff --git a/rule_packages/c/SideEffects1.json b/rule_packages/c/SideEffects1.json index 9ecb79447d..9d91fce671 100644 --- a/rule_packages/c/SideEffects1.json +++ b/rule_packages/c/SideEffects1.json @@ -166,7 +166,7 @@ }, "RULE-13-6": { "properties": { - "obligation": "mandatory" + "obligation": "required" }, "queries": [ { From 08fdda904d09921412d6ee1d3e85d2c5484cc07d Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Tue, 10 Dec 2024 18:10:39 -0800 Subject: [PATCH 2305/2573] Regenerate query files --- c/misra/src/rules/RULE-13-6/SizeofOperandWithSideEffect.ql | 2 +- .../rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql | 2 +- c/misra/src/rules/RULE-21-11/StandardHeaderFileTgmathhUsed.ql | 2 +- cpp/common/src/codingstandards/cpp/exclusions/c/Banned.qll | 2 +- cpp/common/src/codingstandards/cpp/exclusions/c/Contracts6.qll | 2 +- .../src/codingstandards/cpp/exclusions/c/SideEffects1.qll | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/c/misra/src/rules/RULE-13-6/SizeofOperandWithSideEffect.ql b/c/misra/src/rules/RULE-13-6/SizeofOperandWithSideEffect.ql index ec1551c2a6..759ad9b06a 100644 --- a/c/misra/src/rules/RULE-13-6/SizeofOperandWithSideEffect.ql +++ b/c/misra/src/rules/RULE-13-6/SizeofOperandWithSideEffect.ql @@ -9,7 +9,7 @@ * @tags external/misra/id/rule-13-6 * correctness * external/misra/c/2012/third-edition-first-revision - * external/misra/obligation/mandatory + * external/misra/obligation/required */ import cpp diff --git a/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql b/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql index 9673b39eb2..1a142ddb22 100644 --- a/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql +++ b/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql @@ -9,7 +9,7 @@ * @tags external/misra/id/rule-17-5 * correctness * external/misra/c/2012/third-edition-first-revision - * external/misra/obligation/advisory + * external/misra/obligation/required */ import cpp diff --git a/c/misra/src/rules/RULE-21-11/StandardHeaderFileTgmathhUsed.ql b/c/misra/src/rules/RULE-21-11/StandardHeaderFileTgmathhUsed.ql index 1c6b1bcd3d..50c4d48cb6 100644 --- a/c/misra/src/rules/RULE-21-11/StandardHeaderFileTgmathhUsed.ql +++ b/c/misra/src/rules/RULE-21-11/StandardHeaderFileTgmathhUsed.ql @@ -8,7 +8,7 @@ * @tags external/misra/id/rule-21-11 * correctness * external/misra/c/2012/third-edition-first-revision - * external/misra/obligation/required + * external/misra/obligation/advisory */ import cpp diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Banned.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Banned.qll index 888e0863a3..f8a4e027bb 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Banned.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Banned.qll @@ -77,7 +77,7 @@ predicate isBannedQueryMetadata(Query query, string queryId, string ruleId, stri // `@id` for the `standardHeaderFileTgmathhUsed` query "c/misra/standard-header-file-tgmathh-used" and ruleId = "RULE-21-11" and - category = "required" + category = "advisory" or query = // `Query` instance for the `exceptionHandlingFeaturesOfFenvhUsed` query diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts6.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts6.qll index bd897bd79f..eed78ae507 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts6.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts6.qll @@ -25,7 +25,7 @@ predicate isContracts6QueryMetadata(Query query, string queryId, string ruleId, // `@id` for the `arrayFunctionArgumentNumberOfElements` query "c/misra/array-function-argument-number-of-elements" and ruleId = "RULE-17-5" and - category = "advisory" + category = "required" or query = // `Query` instance for the `valueReturnedByAFunctionNotUsed` query diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects1.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects1.qll index 24175cdfb7..ec8ab3eae8 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects1.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects1.qll @@ -104,7 +104,7 @@ predicate isSideEffects1QueryMetadata(Query query, string queryId, string ruleId // `@id` for the `sizeofOperandWithSideEffect` query "c/misra/sizeof-operand-with-side-effect" and ruleId = "RULE-13-6" and - category = "mandatory" + category = "required" } module SideEffects1Package { From dbb452317756c635407229676c5d19fc31e3b817 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 12 Dec 2024 17:15:17 -0800 Subject: [PATCH 2306/2573] Address most MISRA C 2012 rule amendments in Amendment3. Does not address amendments that are covered in other PRs (clarifications) or Generics behavior. Most updates related to complex floating types. One update related to emergent language features. --- amendments.csv | 18 +- .../c/misra/EssentialTypes.qll | 28 +- ...ainNumericalTypeUsedOverExplicitTypedef.ql | 58 ++- .../OperandsOfAnInappropriateEssentialType.ql | 68 ++- .../AssignmentOfIncompatibleEssentialType.ql | 6 + ...andsWithMismatchedEssentialTypeCategory.ql | 5 + .../InappropriateEssentialTypeCast.ql | 6 +- ...ImplicitConversionOfCompositeExpression.ql | 6 +- .../InappropriateCastOfCompositeExpression.ql | 21 +- .../RULE-14-1/LoopOverEssentiallyFloatType.ql | 2 +- ...ericalTypeUsedOverExplicitTypedef.expected | 40 +- c/misra/test/rules/DIR-4-6/test.c | 11 +- .../EmergentLanguageFeaturesUsed.expected | 14 - c/misra/test/rules/RULE-1-4/test.c | 32 +- ...ndsOfAnInappropriateEssentialType.expected | 392 +++++++++--------- .../PointerTypeOnLogicalOperator.expected | 10 +- c/misra/test/rules/RULE-10-1/test.c | 169 ++++++-- ...gnmentOfIncompatibleEssentialType.expected | 321 ++++++++------ c/misra/test/rules/RULE-10-3/test.c | 283 +++++++++---- ...thMismatchedEssentialTypeCategory.expected | 23 +- c/misra/test/rules/RULE-10-4/test.c | 9 + .../InappropriateEssentialTypeCast.expected | 45 +- c/misra/test/rules/RULE-10-5/test.c | 90 ++-- ...itConversionOfCompositeExpression.expected | 4 + c/misra/test/rules/RULE-10-7/test.c | 14 + ...ropriateCastOfCompositeExpression.expected | 10 +- c/misra/test/rules/RULE-10-8/test.c | 25 ++ .../src/codingstandards/cpp/Emergent.qll | 34 -- 28 files changed, 1104 insertions(+), 640 deletions(-) diff --git a/amendments.csv b/amendments.csv index ce285a29ba..0f588b0e05 100644 --- a/amendments.csv +++ b/amendments.csv @@ -1,14 +1,14 @@ language,standard,amendment,rule_id,supportable,implementation_category,implemented,difficulty -c,MISRA-C-2012,Amendment3,DIR-4-6,Yes,Expand,No,Easy +c,MISRA-C-2012,Amendment3,DIR-4-6,Yes,Expand,Yes,Easy c,MISRA-C-2012,Amendment3,DIR-4-9,Yes,Refine,No,Easy c,MISRA-C-2012,Amendment3,DIR-4-11,Yes,Refine,No,Import -c,MISRA-C-2012,Amendment3,RULE-1-4,Yes,Replace,No,Easy -c,MISRA-C-2012,Amendment3,RULE-10-1,Yes,Replace,No,Easy -c,MISRA-C-2012,Amendment3,RULE-10-3,Yes,Refine,No,Easy -c,MISRA-C-2012,Amendment3,RULE-10-4,Yes,Refine,No,Import -c,MISRA-C-2012,Amendment3,RULE-10-5,Yes,Expand,No,Easy -c,MISRA-C-2012,Amendment3,RULE-10-7,Yes,Refine,No,Import -c,MISRA-C-2012,Amendment3,RULE-10-8,Yes,Refine,No,Import +c,MISRA-C-2012,Amendment3,RULE-1-4,Yes,Replace,Yes,Easy +c,MISRA-C-2012,Amendment3,RULE-10-1,Yes,Replace,Yes,Easy +c,MISRA-C-2012,Amendment3,RULE-10-3,Yes,Refine,Yes,Easy +c,MISRA-C-2012,Amendment3,RULE-10-4,Yes,Refine,Yes,Import +c,MISRA-C-2012,Amendment3,RULE-10-5,Yes,Expand,Yes,Easy +c,MISRA-C-2012,Amendment3,RULE-10-7,Yes,Refine,Yes,Import +c,MISRA-C-2012,Amendment3,RULE-10-8,Yes,Refine,Yes,Import c,MISRA-C-2012,Amendment3,RULE-21-11,Yes,Clarification,No,Import c,MISRA-C-2012,Amendment3,RULE-21-12,Yes,Replace,No,Easy c,MISRA-C-2012,Amendment4,RULE-11-3,Yes,Expand,No,Easy @@ -24,7 +24,7 @@ c,MISRA-C-2012,Corrigendum2,RULE-8-9,Yes,Clarification,No,Import c,MISRA-C-2012,Corrigendum2,RULE-9-4,Yes,Clarification,No,Import c,MISRA-C-2012,Corrigendum2,RULE-10-1,Yes,Clarification,No,Import c,MISRA-C-2012,Corrigendum2,RULE-18-3,Yes,Clarification,No,Import -c,MISRA-C-2012,Corrigendum2,RULE-1-4,Yes,Replace,No,Easy +c,MISRA-C-2012,Corrigendum2,RULE-1-4,Yes,Replace,Yes,Easy c,MISRA-C-2012,Corrigendum2,RULE-9-1,Yes,Refine,No,Easy c,MISRA-C-2012,Corrigendum2,RULE-9-2,Yes,Refine,No,Import c,MISRA-C-2012,Corrigendum2,DIR-4-10,Yes,Clarification,No,Import diff --git a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll index 4783547ed2..98c110f979 100644 --- a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll +++ b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll @@ -6,13 +6,17 @@ import codingstandards.c.misra import semmle.code.cpp.rangeanalysis.RangeAnalysisUtils import MisraExpressions +newtype TEssentialFloatCategory = + Real() or + Complex() + newtype TEssentialTypeCategory = EssentiallyBooleanType() or EssentiallyCharacterType() or EssentiallyEnumType() or EssentiallySignedType() or EssentiallyUnsignedType() or - EssentiallyFloatingType() + EssentiallyFloatingType(TEssentialFloatCategory c) /** An essential type category, as specified by Appendix D.1. */ class EssentialTypeCategory extends TEssentialTypeCategory { @@ -27,7 +31,9 @@ class EssentialTypeCategory extends TEssentialTypeCategory { or this = EssentiallyUnsignedType() and result = "essentially Unsigned type" or - this = EssentiallyFloatingType() and result = "essentially Floating type" + this = EssentiallyFloatingType(Real()) and result = "essentially Floating type" + or + this = EssentiallyFloatingType(Complex()) and result = "essentially Complex Floating type" } } @@ -143,8 +149,11 @@ EssentialTypeCategory getEssentialTypeCategory(Type type) { essentialType instanceof NamedEnumType and not essentialType instanceof MisraBoolType or - result = EssentiallyFloatingType() and - essentialType instanceof FloatingPointType + result = EssentiallyFloatingType(Real()) and + essentialType instanceof RealNumberType + or + result = EssentiallyFloatingType(Complex()) and + essentialType instanceof ComplexNumberType ) } @@ -166,6 +175,17 @@ Type getEssentialType(Expr e) { Type getEssentialTypeBeforeConversions(Expr e) { result = e.(EssentialExpr).getEssentialType() } +/** + * For most essential types, `Type.getSize()` is correct, except for complex floating types. + * + * For complex floating types, the size is the size of the real part, so we divide by 2. + */ +int getEssentialSize(Type essentialType) { + if getEssentialTypeCategory(essentialType) = EssentiallyFloatingType(Complex()) + then result = essentialType.getSize() / 2 + else result = essentialType.getSize() +} + class EssentialExpr extends Expr { Type getEssentialType() { result = this.getType() } diff --git a/c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql b/c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql index 3891d8c99f..0e6c902441 100644 --- a/c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql +++ b/c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql @@ -29,6 +29,8 @@ class BuiltInNumericType extends BuiltInType { this instanceof DoubleType or this instanceof LongDoubleType + or + this instanceof ComplexNumberType } } @@ -38,22 +40,64 @@ predicate forbiddenBuiltinNumericUsedInDecl(Variable var, string message) { message = "The type " + var.getType() + " is not a fixed-width numeric type." } +class SizedTypeString extends string { + string pattern; + int size; + + bindingset[this] + pragma[inline] + SizedTypeString() { + pattern = "(u?int|c?float)(4|8|16|32|64|128)_t" and + this.regexpMatch(pattern) and + size = this.regexpCapture(pattern, 2).toInt() + } + + bindingset[this] + pragma[inline] + int getSize() { result = size } + + bindingset[this] + pragma[inline] + predicate isComplex() { this.charAt(0) = "c" } +} + +predicate forbiddenComplexType(CTypedefType typedef, string message) { + typedef.getName().(SizedTypeString).isComplex() and + ( + if typedef.getBaseType().stripTopLevelSpecifiers() instanceof ComplexNumberType + then + typedef.getSize() * 8 != typedef.getName().(SizedTypeString).getSize() * 2 and + message = "The typedef type " + typedef.getName() + " does not have its indicated real size." + else message = "The typedef type " + typedef.getName() + " is not a complex type." + ) +} + +predicate forbiddenRealType(CTypedefType typedef, string message) { + not typedef.getName().(SizedTypeString).isComplex() and + ( + if typedef.getBaseType().stripTopLevelSpecifiers() instanceof ComplexNumberType + then message = "The typedef name " + typedef.getName() + " does not indicate a complex type." + else ( + typedef.getSize() * 8 != typedef.getName().(SizedTypeString).getSize() and + message = "The typedef type " + typedef.getName() + " does not have its indicated size." + ) + ) +} + predicate forbiddenTypedef(CTypedefType typedef, string message) { /* If the typedef's name contains an explicit size */ ( - if typedef.getName().regexpMatch("u?(int|float)(4|8|16|32|64|128)_t") + if typedef.getName() instanceof SizedTypeString then ( - /* Then the actual type size should match. */ - not typedef.getSize() * 8 = - // times 8 because getSize() gets the size in bytes - typedef.getName().regexpCapture("u?(int|float)(4|8|16|32|64|128)_t", 2).toInt() and - message = "The typedef type " + typedef.getName() + " does not have its indicated size." + forbiddenRealType(typedef, message) + or + forbiddenComplexType(typedef, message) ) else ( ( // type def is to a built in numeric type typedef.getBaseType() instanceof BuiltInNumericType and // but does not include the size in the name - not typedef.getName().regexpMatch("u?(int|float)(4|8|16|32|64|128)_t") + not typedef.getName() instanceof SizedTypeString or // this is a typedef to a forbidden type def forbiddenTypedef(typedef.getBaseType(), _) diff --git a/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql b/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql index 10b24b8c8a..d06ba09f3d 100644 --- a/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql +++ b/c/misra/src/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.ql @@ -16,6 +16,15 @@ import cpp import codingstandards.c.misra import codingstandards.c.misra.EssentialTypes +predicate hasComparableFloatValue(Expr e) { + exists(float value | + value = e.getValue().toFloat() or + value = -e.(UnaryMinusExpr).getOperand().getValue().toFloat() + | + value in [0.0, "Infinity".toFloat(), -"Infinity".toFloat()] + ) +} + /** * Holds if the operator `operator` has an operand `child` that is of an inappropriate essential type * according to MISRA C 2012 Rule 10.1. @@ -33,8 +42,11 @@ predicate isInappropriateEssentialType( etc = EssentiallyCharacterType() and rationaleId = 4 or - etc = EssentiallyFloatingType() and + etc = EssentiallyFloatingType(Real()) and rationaleId = 1 + or + etc = EssentiallyFloatingType(Complex()) and + rationaleId = 9 ) or child = operator.(UnaryPlusExpr).getOperand() and @@ -64,8 +76,6 @@ predicate isInappropriateEssentialType( rationaleId = 8 ) or - // The table only talks about + and -, but below it clarifies ++ and -- are also considered to - // be equivalent. child = [ operator.(AddExpr).getAnOperand(), operator.(SubExpr).getAnOperand(), @@ -80,6 +90,13 @@ predicate isInappropriateEssentialType( rationaleId = 5 ) or + child = + [operator.(IncrementOperation).getAnOperand(), operator.(DecrementOperation).getAnOperand()] and + ( + etc = EssentiallyFloatingType(Complex()) and + rationaleId = 9 + ) + or child = [ operator.(DivExpr).getAnOperand(), operator.(MulExpr).getAnOperand(), @@ -107,13 +124,26 @@ predicate isInappropriateEssentialType( etc = EssentiallyEnumType() and rationaleId = 5 or - etc = EssentiallyFloatingType() and + etc = EssentiallyFloatingType(Real()) and rationaleId = 1 + or + etc = EssentiallyFloatingType(Complex()) and + rationaleId = 9 ) or child = operator.(RelationalOperation).getAnOperand() and - etc = EssentiallyBooleanType() and - rationaleId = 3 + ( + etc = EssentiallyBooleanType() and + rationaleId = 3 + or + etc = EssentiallyFloatingType(Complex()) and + rationaleId = 9 + ) + or + child = operator.(EqualityOperation).getAnOperand() and + rationaleId = 10 and + not hasComparableFloatValue(operator.(EqualityOperation).getAnOperand()) and + etc = EssentiallyFloatingType(_) or child = [operator.(NotExpr).getAnOperand(), operator.(BinaryLogicalOperation).getAnOperand()] and rationaleId = 2 and @@ -126,7 +156,7 @@ predicate isInappropriateEssentialType( or etc = EssentiallyUnsignedType() or - etc = EssentiallyFloatingType() + etc = EssentiallyFloatingType(_) ) or child = @@ -147,8 +177,11 @@ predicate isInappropriateEssentialType( etc = EssentiallySignedType() and rationaleId = 6 or - etc = EssentiallyFloatingType() and + etc = EssentiallyFloatingType(Real()) and rationaleId = 1 + or + etc = EssentiallyFloatingType(Complex()) and + rationaleId = 9 ) or child = @@ -171,8 +204,11 @@ predicate isInappropriateEssentialType( etc = EssentiallySignedType() and rationaleId = 7 or - etc = EssentiallyFloatingType() and + etc = EssentiallyFloatingType(Real()) and rationaleId = 1 + or + etc = EssentiallyFloatingType(Complex()) and + rationaleId = 9 ) or child = @@ -197,8 +233,11 @@ predicate isInappropriateEssentialType( etc = EssentiallySignedType() and rationaleId = 6 or - etc = EssentiallyFloatingType() and + etc = EssentiallyFloatingType(Real()) and rationaleId = 1 + or + etc = EssentiallyFloatingType(Complex()) and + rationaleId = 9 ) or child = operator.(ConditionalExpr).getCondition() and @@ -215,7 +254,7 @@ predicate isInappropriateEssentialType( etc = EssentiallyUnsignedType() and rationaleId = 2 or - etc = EssentiallyFloatingType() and + etc = EssentiallyFloatingType(_) and rationaleId = 2 ) ) @@ -245,6 +284,13 @@ string getRationaleMessage(int rationaleId, EssentialTypeCategory etc) { rationaleId = 8 and result = "Operand of essentially Unsigned type will be converted to a signed type with the signedness dependent on the implemented size of int." + or + rationaleId = 9 and + result = "Use of essentially Complex type in this way is a constraint violation." + or + rationaleId = 10 and + result = + "Floating point numbers have inherent error such that comparisons should consider precision and not exact equality." } from Expr operator, Expr child, int rationaleId, EssentialTypeCategory etc diff --git a/c/misra/src/rules/RULE-10-3/AssignmentOfIncompatibleEssentialType.ql b/c/misra/src/rules/RULE-10-3/AssignmentOfIncompatibleEssentialType.ql index af120fb13d..7574531332 100644 --- a/c/misra/src/rules/RULE-10-3/AssignmentOfIncompatibleEssentialType.ql +++ b/c/misra/src/rules/RULE-10-3/AssignmentOfIncompatibleEssentialType.ql @@ -48,5 +48,11 @@ where lValueTypeCategory = EssentiallyUnsignedType() and const >= 0 and const <= 2.pow(lValueEssentialType.getSize() * 8) + ) and + // Exception 4: Real floating point values may be assignable to complex floating point values + not ( + lValueTypeCategory = EssentiallyFloatingType(Complex()) and + rValueTypeCategory = EssentiallyFloatingType(Real()) and + lValueEssentialType.getSize() >= rValueEssentialType.getSize() * 2 ) select rValue, message diff --git a/c/misra/src/rules/RULE-10-4/OperandsWithMismatchedEssentialTypeCategory.ql b/c/misra/src/rules/RULE-10-4/OperandsWithMismatchedEssentialTypeCategory.ql index d1fed06319..71681ad3bc 100644 --- a/c/misra/src/rules/RULE-10-4/OperandsWithMismatchedEssentialTypeCategory.ql +++ b/c/misra/src/rules/RULE-10-4/OperandsWithMismatchedEssentialTypeCategory.ql @@ -30,6 +30,11 @@ where rightOpTypeCategory = getEssentialTypeCategory(rightOpEssentialType) and ( not leftOpTypeCategory = rightOpTypeCategory and + not ( + // Exception 3: Operands where both are real or complex floating types are allowed. + leftOpTypeCategory = EssentiallyFloatingType(_) and + rightOpTypeCategory = EssentiallyFloatingType(_) + ) and message = "The operands of this operator with usual arithmetic conversions have mismatched essential types (left operand: " + leftOpTypeCategory + ", right operand: " + rightOpTypeCategory + ")." diff --git a/c/misra/src/rules/RULE-10-5/InappropriateEssentialTypeCast.ql b/c/misra/src/rules/RULE-10-5/InappropriateEssentialTypeCast.ql index f782a16597..7cadb104ad 100644 --- a/c/misra/src/rules/RULE-10-5/InappropriateEssentialTypeCast.ql +++ b/c/misra/src/rules/RULE-10-5/InappropriateEssentialTypeCast.ql @@ -23,14 +23,14 @@ predicate isIncompatibleEssentialTypeCast(EssentialTypeCategory fromCat, Essenti toCat = [ EssentiallyCharacterType(), EssentiallyEnumType(), EssentiallySignedType(), - EssentiallyUnsignedType(), EssentiallyFloatingType().(TEssentialTypeCategory) + EssentiallyUnsignedType(), EssentiallyFloatingType(_).(TEssentialTypeCategory) ] or fromCat = EssentiallyCharacterType() and toCat = [ EssentiallyBooleanType(), EssentiallyEnumType(), - EssentiallyFloatingType().(TEssentialTypeCategory) + EssentiallyFloatingType(_).(TEssentialTypeCategory) ] or fromCat = EssentiallyEnumType() and @@ -42,7 +42,7 @@ predicate isIncompatibleEssentialTypeCast(EssentialTypeCategory fromCat, Essenti fromCat = EssentiallyUnsignedType() and toCat = [EssentiallyBooleanType(), EssentiallyEnumType().(TEssentialTypeCategory)] or - fromCat = EssentiallyFloatingType() and + fromCat = EssentiallyFloatingType(_) and toCat = [ EssentiallyBooleanType(), EssentiallyCharacterType(), diff --git a/c/misra/src/rules/RULE-10-7/ImplicitConversionOfCompositeExpression.ql b/c/misra/src/rules/RULE-10-7/ImplicitConversionOfCompositeExpression.ql index 911aa5e00e..d674f78dc3 100644 --- a/c/misra/src/rules/RULE-10-7/ImplicitConversionOfCompositeExpression.ql +++ b/c/misra/src/rules/RULE-10-7/ImplicitConversionOfCompositeExpression.ql @@ -23,6 +23,10 @@ bindingset[essentialTypeLeft, essentialTypeRight] pragma[inline_late] predicate isSameEssentialTypeCategory(Type essentialTypeLeft, Type essentialTypeRight) { getEssentialTypeCategory(essentialTypeLeft) = getEssentialTypeCategory(essentialTypeRight) + or + // Complex and real floating types are considered interchangeable + getEssentialTypeCategory(essentialTypeLeft) = EssentiallyFloatingType(_) and + getEssentialTypeCategory(essentialTypeRight) = EssentiallyFloatingType(_) } from @@ -35,7 +39,7 @@ where not otherOp = compositeOp and compositeEssentialType = getEssentialType(compositeOp) and otherOpEssentialType = getEssentialType(otherOp) and - compositeEssentialType.getSize() < otherOpEssentialType.getSize() and + getEssentialSize(compositeEssentialType) < getEssentialSize(otherOpEssentialType) and // Operands of a different type category in an operation with the usual arithmetic conversions is // prohibited by Rule 10.4, so we only report cases here where the essential type categories are // the same diff --git a/c/misra/src/rules/RULE-10-8/InappropriateCastOfCompositeExpression.ql b/c/misra/src/rules/RULE-10-8/InappropriateCastOfCompositeExpression.ql index 162ba4439c..b4d54bf2e8 100644 --- a/c/misra/src/rules/RULE-10-8/InappropriateCastOfCompositeExpression.ql +++ b/c/misra/src/rules/RULE-10-8/InappropriateCastOfCompositeExpression.ql @@ -30,12 +30,19 @@ where castTypeCategory = getEssentialTypeCategory(castEssentialType) and compositeTypeCategory = getEssentialTypeCategory(compositeExprEssentialType) and ( - not castTypeCategory = compositeTypeCategory and - message = - "Cast from " + compositeTypeCategory + " to " + castTypeCategory + " changes type category." - or - castTypeCategory = compositeTypeCategory and - castEssentialType.getSize() > compositeExprEssentialType.getSize() and - message = "Cast from " + compositeTypeCategory + " to " + castTypeCategory + " widens type." + if + not castTypeCategory = compositeTypeCategory and + not ( + // Exception 2: Casts between real or complex floating types are allowed + castTypeCategory = EssentiallyFloatingType(_) and + compositeTypeCategory = EssentiallyFloatingType(_) + ) + then + message = + "Cast from " + compositeTypeCategory + " to " + castTypeCategory + " changes type category." + else ( + getEssentialSize(castEssentialType) > getEssentialSize(compositeExprEssentialType) and + message = "Cast from " + compositeTypeCategory + " to " + castTypeCategory + " widens type." + ) ) select ce, message diff --git a/c/misra/src/rules/RULE-14-1/LoopOverEssentiallyFloatType.ql b/c/misra/src/rules/RULE-14-1/LoopOverEssentiallyFloatType.ql index 83d91dac63..3d351c898e 100644 --- a/c/misra/src/rules/RULE-14-1/LoopOverEssentiallyFloatType.ql +++ b/c/misra/src/rules/RULE-14-1/LoopOverEssentiallyFloatType.ql @@ -21,6 +21,6 @@ from ForStmt forLoop, Variable loopIterationVariable where not isExcluded(loopIterationVariable, EssentialTypesPackage::loopOverEssentiallyFloatTypeQuery()) and getAnIterationVariable(forLoop) = loopIterationVariable and - getEssentialTypeCategory(loopIterationVariable.getType()) = EssentiallyFloatingType() + getEssentialTypeCategory(loopIterationVariable.getType()) = EssentiallyFloatingType(_) select loopIterationVariable, "Loop iteration variable " + loopIterationVariable.getName() + " is essentially Floating type." diff --git a/c/misra/test/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.expected b/c/misra/test/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.expected index c7f1cba77a..49e0b1c34c 100644 --- a/c/misra/test/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.expected +++ b/c/misra/test/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.expected @@ -1,20 +1,24 @@ | test.c:14:5:14:10 | int4_t | The typedef type int4_t does not have its indicated size. | | test.c:16:5:16:11 | uint4_t | The typedef type uint4_t does not have its indicated size. | -| test.c:27:5:27:26 | _astronomical_number_t | The type _astronomical_number_t is not an alias to a fixed-width numeric type. | -| test.c:34:15:34:16 | c2 | The type signed char is not a fixed-width numeric type. | -| test.c:35:17:35:18 | c3 | The type unsigned char is not a fixed-width numeric type. | -| test.c:38:9:38:10 | s1 | The type short is not a fixed-width numeric type. | -| test.c:39:16:39:17 | s2 | The type signed short is not a fixed-width numeric type. | -| test.c:40:18:40:19 | s3 | The type unsigned short is not a fixed-width numeric type. | -| test.c:43:7:43:8 | i1 | The type int is not a fixed-width numeric type. | -| test.c:44:14:44:15 | i2 | The type signed int is not a fixed-width numeric type. | -| test.c:45:16:45:17 | i3 | The type unsigned int is not a fixed-width numeric type. | -| test.c:48:8:48:9 | l1 | The type long is not a fixed-width numeric type. | -| test.c:49:15:49:16 | l2 | The type signed long is not a fixed-width numeric type. | -| test.c:50:17:50:18 | l3 | The type unsigned long is not a fixed-width numeric type. | -| test.c:53:13:53:15 | ll1 | The type long long is not a fixed-width numeric type. | -| test.c:54:20:54:22 | ll2 | The type signed long long is not a fixed-width numeric type. | -| test.c:55:22:55:24 | ll3 | The type unsigned long long is not a fixed-width numeric type. | -| test.c:58:9:58:10 | f1 | The type float is not a fixed-width numeric type. | -| test.c:61:10:61:11 | d1 | The type double is not a fixed-width numeric type. | -| test.c:64:15:64:17 | ld1 | The type long double is not a fixed-width numeric type. | +| test.c:19:25:19:33 | float64_t | The typedef name float64_t does not indicate a complex type. | +| test.c:22:15:22:24 | cfloat32_t | The typedef type cfloat32_t is not a complex type. | +| test.c:24:25:24:35 | cfloat128_t | The typedef type cfloat128_t does not have its indicated real size. | +| test.c:31:5:31:26 | _astronomical_number_t | The type _astronomical_number_t is not an alias to a fixed-width numeric type. | +| test.c:38:15:38:16 | c2 | The type signed char is not a fixed-width numeric type. | +| test.c:39:17:39:18 | c3 | The type unsigned char is not a fixed-width numeric type. | +| test.c:42:9:42:10 | s1 | The type short is not a fixed-width numeric type. | +| test.c:43:16:43:17 | s2 | The type signed short is not a fixed-width numeric type. | +| test.c:44:18:44:19 | s3 | The type unsigned short is not a fixed-width numeric type. | +| test.c:47:7:47:8 | i1 | The type int is not a fixed-width numeric type. | +| test.c:48:14:48:15 | i2 | The type signed int is not a fixed-width numeric type. | +| test.c:49:16:49:17 | i3 | The type unsigned int is not a fixed-width numeric type. | +| test.c:52:8:52:9 | l1 | The type long is not a fixed-width numeric type. | +| test.c:53:15:53:16 | l2 | The type signed long is not a fixed-width numeric type. | +| test.c:54:17:54:18 | l3 | The type unsigned long is not a fixed-width numeric type. | +| test.c:57:13:57:15 | ll1 | The type long long is not a fixed-width numeric type. | +| test.c:58:20:58:22 | ll2 | The type signed long long is not a fixed-width numeric type. | +| test.c:59:22:59:24 | ll3 | The type unsigned long long is not a fixed-width numeric type. | +| test.c:62:9:62:10 | f1 | The type float is not a fixed-width numeric type. | +| test.c:65:10:65:11 | d1 | The type double is not a fixed-width numeric type. | +| test.c:68:15:68:17 | ld1 | The type long double is not a fixed-width numeric type. | +| test.c:71:18:71:20 | cf1 | The type _Complex float is not a fixed-width numeric type. | diff --git a/c/misra/test/rules/DIR-4-6/test.c b/c/misra/test/rules/DIR-4-6/test.c index db0842c4f6..0fc79faa2e 100644 --- a/c/misra/test/rules/DIR-4-6/test.c +++ b/c/misra/test/rules/DIR-4-6/test.c @@ -15,10 +15,14 @@ typedef signed long long typedef unsigned long long uint4_t; // NON_COMPLIANT: typedef does not have its indicated size -typedef float float32_t; // COMPLIANT: exception, typedefs are permitted -typedef double float64_t; // COMPLIANT: exception, typedefs are permitted +typedef float float32_t; // COMPLIANT: exception, typedefs are permitted +typedef double _Complex float64_t; // NON-COMPLIANT: not complex floating type typedef long double float128_t; // COMPLIANT: exception, typedefs are permitted +typedef float cfloat32_t; // NON-COMPLIANT: not a complex floating type +typedef double _Complex cfloat64_t; // COMPLIANT: correct complex floating type +typedef double _Complex cfloat128_t; // NON-COMPLIANT: incorrect complex size + typedef int8_t astronomical_number_t; // COMPLIANT: aliasing a fixed-width numeric typedef typedef uint8_t u_astronomical_number_t; // COMPLIANT: aliasing a fixed-width @@ -63,4 +67,7 @@ main(int argc, // COMPLIANT: exception, argc's type can be plain int long double ld1 = 1; // NON_COMPLIANT: int is a basic numeric type float128_t ld2 = 1; // COMPLIANT: typedef used instead + + float _Complex cf1 = 1; // NON_COMPLIANT: complex basic numeric type + cfloat64_t cf2 = 1; // COMPLIANT: typedef used instead } \ No newline at end of file diff --git a/c/misra/test/rules/RULE-1-4/EmergentLanguageFeaturesUsed.expected b/c/misra/test/rules/RULE-1-4/EmergentLanguageFeaturesUsed.expected index 2745223358..3f63a6c26c 100644 --- a/c/misra/test/rules/RULE-1-4/EmergentLanguageFeaturesUsed.expected +++ b/c/misra/test/rules/RULE-1-4/EmergentLanguageFeaturesUsed.expected @@ -1,15 +1 @@ -| test.c:1:1:1:21 | #include | Usage of emergent language feature. | -| test.c:2:1:2:22 | #include | Usage of emergent language feature. | -| test.c:3:1:3:24 | #include | Usage of emergent language feature. | -| test.c:4:1:4:20 | #include | Usage of emergent language feature. | -| test.c:6:1:6:49 | #define MACRO(x) _Generic((x), int : 0, long : 1) | Usage of emergent language feature. | | test.c:7:1:7:32 | #define __STDC_WANT_LIB_EXT1__ 1 | Usage of emergent language feature. | -| test.c:9:16:9:17 | f0 | Usage of emergent language feature. | -| test.c:12:26:12:40 | atomic_new_type | Usage of emergent language feature. | -| test.c:17:15:17:15 | i | Usage of emergent language feature. | -| test.c:19:3:19:10 | alignas(...) | Usage of emergent language feature. | -| test.c:20:3:20:9 | alignas(...) | Usage of emergent language feature. | -| test.c:21:11:21:23 | alignof(int) | Usage of emergent language feature. | -| test.c:22:12:22:23 | alignof(int) | Usage of emergent language feature. | -| test.c:24:27:24:28 | i3 | Usage of emergent language feature. | -| test.c:25:28:25:29 | i4 | Usage of emergent language feature. | diff --git a/c/misra/test/rules/RULE-1-4/test.c b/c/misra/test/rules/RULE-1-4/test.c index 153c722c94..8c1e44e6bd 100644 --- a/c/misra/test/rules/RULE-1-4/test.c +++ b/c/misra/test/rules/RULE-1-4/test.c @@ -1,26 +1,26 @@ -#include //NON_COMPLIANT -#include //NON_COMPLIANT -#include //NON_COMPLIANT -#include //NON_COMPLIANT +#include //COMPLIANT +#include //COMPLIANT +#include //COMPLIANT +#include //COMPLIANT -#define MACRO(x) _Generic((x), int : 0, long : 1) // NON_COMPLIANT -#define __STDC_WANT_LIB_EXT1__ 1 // NON_COMPLIANT +#define MACRO(x) _Generic((x), int : 0, long : 1) // COMPLIANT +#define __STDC_WANT_LIB_EXT1__ 1 // NON-COMPLIANT -_Noreturn void f0(); // NON_COMPLIANT +_Noreturn void f0(); // COMPLIANT typedef int new_type; // COMPLIANT -typedef _Atomic new_type atomic_new_type; // NON_COMPLIANT +typedef _Atomic new_type atomic_new_type; // COMPLIANT void f(int p) { - int i0 = _Generic(p, int : 0, long : 1); // NON_COMPLIANT[FALSE_NEGATIVE] + int i0 = _Generic(p, int : 0, long : 1); // COMPLIANT - _Atomic int i; // NON_COMPLIANT + _Atomic int i; // COMPLIANT - _Alignas(4) int i1; // NON_COMPLIANT - alignas(4) int i2; // NON_COMPLIANT - int a = _Alignof(int); // NON_COMPLIANT - int a1 = alignof(int); // NON_COMPLIANT + _Alignas(4) int i1; // COMPLIANT + alignas(4) int i2; // COMPLIANT + int a = _Alignof(int); // COMPLIANT + int a1 = alignof(int); // COMPLIANT - static thread_local int i3; // NON_COMPLIANT - static _Thread_local int i4; // NON_COMPLIANT + static thread_local int i3; // COMPLIANT + static _Thread_local int i4; // COMPLIANT } \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.expected b/c/misra/test/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.expected index 8d1b1d8d1b..aad8dadf99 100644 --- a/c/misra/test/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.expected +++ b/c/misra/test/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.expected @@ -1,191 +1,209 @@ -| test.c:13:5:13:5 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:14:5:14:5 | c | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:20:4:20:4 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:21:4:21:4 | c | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:22:4:22:5 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:27:4:27:4 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:28:4:28:4 | c | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:29:4:29:5 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:31:4:31:4 | u | Operand of essentially Unsigned type will be converted to a signed type with the signedness dependent on the implemented size of int. | -| test.c:34:7:34:7 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:36:7:36:8 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:41:7:41:7 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:43:7:43:8 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:48:3:48:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:50:3:50:4 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:15:5:15:5 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:16:5:16:5 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:23:4:23:4 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:24:4:24:4 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:25:4:25:5 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:31:4:31:4 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:32:4:32:4 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:33:4:33:5 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:35:4:35:4 | u | Operand of essentially Unsigned type will be converted to a signed type with the signedness dependent on the implemented size of int. | +| test.c:39:7:39:7 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:41:7:41:8 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:47:7:47:7 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:49:7:49:8 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | | test.c:55:3:55:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | | test.c:57:3:57:4 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:62:3:62:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:64:3:64:4 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:69:3:69:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:71:3:71:4 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:76:5:76:5 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:78:5:78:6 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:83:5:83:5 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:85:5:85:6 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:90:7:90:7 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:91:7:91:7 | c | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:92:7:92:8 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:97:7:97:7 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:98:7:98:7 | c | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:99:7:99:8 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:104:3:104:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:105:3:105:3 | c | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:106:3:106:4 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:111:3:111:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:112:3:112:3 | c | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:113:3:113:4 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:118:3:118:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:119:3:119:3 | c | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:120:3:120:4 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:125:7:125:7 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:126:7:126:7 | c | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:127:7:127:8 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:132:7:132:7 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:139:7:139:7 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:146:8:146:8 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:153:8:153:8 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:160:3:160:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:167:3:167:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:174:3:174:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:181:3:181:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:217:4:217:4 | c | Operand of essentially Character type type interpreted as a Boolean value. | -| test.c:218:4:218:5 | e1 | Operand of essentially Enum Type type interpreted as a Boolean value. | -| test.c:219:4:219:4 | s | Operand of essentially Signed type type interpreted as a Boolean value. | -| test.c:220:4:220:4 | u | Operand of essentially Unsigned type type interpreted as a Boolean value. | -| test.c:221:4:221:4 | f | Operand of essentially Floating type type interpreted as a Boolean value. | -| test.c:224:3:224:3 | c | Operand of essentially Character type type interpreted as a Boolean value. | -| test.c:225:3:225:4 | e1 | Operand of essentially Enum Type type interpreted as a Boolean value. | -| test.c:226:3:226:3 | s | Operand of essentially Signed type type interpreted as a Boolean value. | -| test.c:227:3:227:3 | u | Operand of essentially Unsigned type type interpreted as a Boolean value. | -| test.c:228:3:228:3 | f | Operand of essentially Floating type type interpreted as a Boolean value. | -| test.c:231:3:231:3 | c | Operand of essentially Character type type interpreted as a Boolean value. | -| test.c:232:3:232:4 | e1 | Operand of essentially Enum Type type interpreted as a Boolean value. | -| test.c:233:3:233:3 | s | Operand of essentially Signed type type interpreted as a Boolean value. | -| test.c:234:3:234:3 | u | Operand of essentially Unsigned type type interpreted as a Boolean value. | -| test.c:235:3:235:3 | f | Operand of essentially Floating type type interpreted as a Boolean value. | -| test.c:238:11:238:11 | c | Operand of essentially Character type type interpreted as a Boolean value. | -| test.c:239:11:239:12 | e1 | Operand of essentially Enum Type type interpreted as a Boolean value. | -| test.c:240:11:240:11 | s | Operand of essentially Signed type type interpreted as a Boolean value. | -| test.c:241:11:241:11 | u | Operand of essentially Unsigned type type interpreted as a Boolean value. | -| test.c:242:11:242:11 | f | Operand of essentially Floating type type interpreted as a Boolean value. | -| test.c:245:12:245:12 | c | Operand of essentially Character type type interpreted as a Boolean value. | -| test.c:246:12:246:13 | e1 | Operand of essentially Enum Type type interpreted as a Boolean value. | -| test.c:247:12:247:12 | s | Operand of essentially Signed type type interpreted as a Boolean value. | -| test.c:248:12:248:12 | u | Operand of essentially Unsigned type type interpreted as a Boolean value. | -| test.c:249:12:249:12 | f | Operand of essentially Floating type type interpreted as a Boolean value. | -| test.c:251:3:251:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:252:3:252:3 | c | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:253:3:253:4 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | -| test.c:254:3:254:3 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | -| test.c:258:3:258:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:259:3:259:3 | c | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:260:3:260:4 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | -| test.c:261:3:261:3 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | -| test.c:265:8:265:8 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:266:8:266:8 | c | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:267:8:267:9 | e1 | Right hand operand of shift operator is essentially Enum Type and not not essentially unsigned. | -| test.c:268:8:268:8 | s | Right hand operand of shift operator is essentially Signed type and not not essentially unsigned. | -| test.c:272:8:272:8 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:273:8:273:8 | c | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:274:8:274:9 | e1 | Right hand operand of shift operator is essentially Enum Type and not not essentially unsigned. | -| test.c:275:8:275:8 | s | Right hand operand of shift operator is essentially Signed type and not not essentially unsigned. | -| test.c:279:3:279:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:280:3:280:3 | c | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:281:3:281:4 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | -| test.c:282:3:282:3 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | -| test.c:286:3:286:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:287:3:287:3 | c | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:288:3:288:4 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | -| test.c:289:3:289:3 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | -| test.c:293:3:293:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:294:3:294:3 | c | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:295:3:295:4 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | -| test.c:296:3:296:3 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | -| test.c:300:6:300:6 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:301:6:301:6 | c | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:302:6:302:7 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | -| test.c:303:6:303:6 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | -| test.c:307:7:307:7 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:308:7:308:7 | c | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:309:7:309:8 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | -| test.c:310:7:310:7 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | -| test.c:314:7:314:7 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:315:7:315:7 | c | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:316:7:316:8 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | -| test.c:317:7:317:7 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | -| test.c:321:4:321:4 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:322:4:322:4 | c | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:323:4:323:5 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | -| test.c:324:4:324:4 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | -| test.c:329:3:329:3 | c | Operand of essentially Character type type interpreted as a Boolean value. | -| test.c:330:3:330:4 | e1 | Operand of essentially Enum Type type interpreted as a Boolean value. | -| test.c:331:3:331:3 | s | Operand of essentially Signed type type interpreted as a Boolean value. | -| test.c:332:3:332:3 | u | Operand of essentially Unsigned type type interpreted as a Boolean value. | -| test.c:333:3:333:3 | f | Operand of essentially Floating type type interpreted as a Boolean value. | -| test.c:342:3:342:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:344:3:344:4 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:349:3:349:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:351:3:351:4 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:356:8:356:8 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:358:8:358:9 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:363:8:363:8 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:365:8:365:9 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:370:3:370:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:371:3:371:3 | c | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:372:3:372:4 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:377:3:377:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:378:3:378:3 | c | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:379:3:379:4 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:384:8:384:8 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:385:8:385:8 | c | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:386:8:386:9 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:391:8:391:8 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:392:8:392:8 | c | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:393:8:393:9 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:398:3:398:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:399:3:399:3 | c | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:400:3:400:4 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:405:8:405:8 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:406:8:406:8 | c | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:407:8:407:9 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | -| test.c:412:3:412:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:413:3:413:3 | c | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:414:3:414:4 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | -| test.c:415:3:415:3 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | -| test.c:419:3:419:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:420:3:420:3 | c | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:421:3:421:4 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | -| test.c:422:3:422:3 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | -| test.c:426:9:426:9 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:427:9:427:9 | c | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:428:9:428:10 | e1 | Right hand operand of shift operator is essentially Enum Type and not not essentially unsigned. | -| test.c:429:9:429:9 | s | Right hand operand of shift operator is essentially Signed type and not not essentially unsigned. | -| test.c:433:9:433:9 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:434:9:434:9 | c | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:435:9:435:10 | e1 | Right hand operand of shift operator is essentially Enum Type and not not essentially unsigned. | -| test.c:436:9:436:9 | s | Right hand operand of shift operator is essentially Signed type and not not essentially unsigned. | -| test.c:440:3:440:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:441:3:441:3 | c | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:442:3:442:4 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | -| test.c:443:3:443:3 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:63:3:63:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:65:3:65:4 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:71:3:71:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:73:3:73:4 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:77:3:77:4 | cf | Use of essentially Complex type in this way is a constraint violation. | +| test.c:79:3:79:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:81:3:81:4 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:85:3:85:4 | cf | Use of essentially Complex type in this way is a constraint violation. | +| test.c:87:5:87:5 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:89:5:89:6 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:93:5:93:6 | cf | Use of essentially Complex type in this way is a constraint violation. | +| test.c:95:5:95:5 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:97:5:97:6 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:101:5:101:6 | cf | Use of essentially Complex type in this way is a constraint violation. | +| test.c:103:7:103:7 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:104:7:104:7 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:105:7:105:8 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:111:7:111:7 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:112:7:112:7 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:113:7:113:8 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:119:3:119:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:120:3:120:3 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:121:3:121:4 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:127:3:127:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:128:3:128:3 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:129:3:129:4 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:135:3:135:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:136:3:136:3 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:137:3:137:4 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:143:7:143:7 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:144:7:144:7 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:145:7:145:8 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:151:7:151:7 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:159:7:159:7 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:167:8:167:8 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:175:8:175:8 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:183:3:183:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:191:3:191:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:199:3:199:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:207:3:207:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:220:3:220:3 | f | Floating point numbers have inherent error such that comparisons should consider precision and not exact equality. | +| test.c:221:3:221:4 | cf | Floating point numbers have inherent error such that comparisons should consider precision and not exact equality. | +| test.c:234:3:234:3 | f | Floating point numbers have inherent error such that comparisons should consider precision and not exact equality. | +| test.c:235:3:235:4 | cf | Floating point numbers have inherent error such that comparisons should consider precision and not exact equality. | +| test.c:248:8:248:8 | f | Floating point numbers have inherent error such that comparisons should consider precision and not exact equality. | +| test.c:249:8:249:9 | cf | Floating point numbers have inherent error such that comparisons should consider precision and not exact equality. | +| test.c:262:8:262:8 | f | Floating point numbers have inherent error such that comparisons should consider precision and not exact equality. | +| test.c:263:8:263:9 | cf | Floating point numbers have inherent error such that comparisons should consider precision and not exact equality. | +| test.c:272:4:272:4 | c | Operand of essentially Character type type interpreted as a Boolean value. | +| test.c:273:4:273:5 | e1 | Operand of essentially Enum Type type interpreted as a Boolean value. | +| test.c:274:4:274:4 | s | Operand of essentially Signed type type interpreted as a Boolean value. | +| test.c:275:4:275:4 | u | Operand of essentially Unsigned type type interpreted as a Boolean value. | +| test.c:276:4:276:4 | f | Operand of essentially Floating type type interpreted as a Boolean value. | +| test.c:277:4:277:5 | cf | Operand of essentially Complex Floating type type interpreted as a Boolean value. | +| test.c:280:3:280:3 | c | Operand of essentially Character type type interpreted as a Boolean value. | +| test.c:281:3:281:4 | e1 | Operand of essentially Enum Type type interpreted as a Boolean value. | +| test.c:282:3:282:3 | s | Operand of essentially Signed type type interpreted as a Boolean value. | +| test.c:283:3:283:3 | u | Operand of essentially Unsigned type type interpreted as a Boolean value. | +| test.c:284:3:284:3 | f | Operand of essentially Floating type type interpreted as a Boolean value. | +| test.c:285:3:285:4 | cf | Operand of essentially Complex Floating type type interpreted as a Boolean value. | +| test.c:288:3:288:3 | c | Operand of essentially Character type type interpreted as a Boolean value. | +| test.c:289:3:289:4 | e1 | Operand of essentially Enum Type type interpreted as a Boolean value. | +| test.c:290:3:290:3 | s | Operand of essentially Signed type type interpreted as a Boolean value. | +| test.c:291:3:291:3 | u | Operand of essentially Unsigned type type interpreted as a Boolean value. | +| test.c:292:3:292:3 | f | Operand of essentially Floating type type interpreted as a Boolean value. | +| test.c:293:3:293:4 | cf | Operand of essentially Complex Floating type type interpreted as a Boolean value. | +| test.c:296:11:296:11 | c | Operand of essentially Character type type interpreted as a Boolean value. | +| test.c:297:11:297:12 | e1 | Operand of essentially Enum Type type interpreted as a Boolean value. | +| test.c:298:11:298:11 | s | Operand of essentially Signed type type interpreted as a Boolean value. | +| test.c:299:11:299:11 | u | Operand of essentially Unsigned type type interpreted as a Boolean value. | +| test.c:300:11:300:11 | f | Operand of essentially Floating type type interpreted as a Boolean value. | +| test.c:301:11:301:12 | cf | Operand of essentially Complex Floating type type interpreted as a Boolean value. | +| test.c:304:12:304:12 | c | Operand of essentially Character type type interpreted as a Boolean value. | +| test.c:305:12:305:13 | e1 | Operand of essentially Enum Type type interpreted as a Boolean value. | +| test.c:306:12:306:12 | s | Operand of essentially Signed type type interpreted as a Boolean value. | +| test.c:307:12:307:12 | u | Operand of essentially Unsigned type type interpreted as a Boolean value. | +| test.c:308:12:308:12 | f | Operand of essentially Floating type type interpreted as a Boolean value. | +| test.c:309:12:309:13 | cf | Operand of essentially Complex Floating type type interpreted as a Boolean value. | +| test.c:311:3:311:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:312:3:312:3 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:313:3:313:4 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:314:3:314:3 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:319:3:319:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:320:3:320:3 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:321:3:321:4 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:322:3:322:3 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:327:8:327:8 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:328:8:328:8 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:329:8:329:9 | e1 | Right hand operand of shift operator is essentially Enum Type and not not essentially unsigned. | +| test.c:330:8:330:8 | s | Right hand operand of shift operator is essentially Signed type and not not essentially unsigned. | +| test.c:335:8:335:8 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:336:8:336:8 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:337:8:337:9 | e1 | Right hand operand of shift operator is essentially Enum Type and not not essentially unsigned. | +| test.c:338:8:338:8 | s | Right hand operand of shift operator is essentially Signed type and not not essentially unsigned. | +| test.c:343:3:343:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:344:3:344:3 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:345:3:345:4 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:346:3:346:3 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:351:3:351:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:352:3:352:3 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:353:3:353:4 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:354:3:354:3 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:359:3:359:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:360:3:360:3 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:361:3:361:4 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:362:3:362:3 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:367:7:367:7 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:368:7:368:7 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:369:7:369:8 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:370:7:370:7 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:375:7:375:7 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:376:7:376:7 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:377:7:377:8 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:378:7:378:7 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:383:7:383:7 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:384:7:384:7 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:385:7:385:8 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:386:7:386:7 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:391:4:391:4 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:392:4:392:4 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:393:4:393:5 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:394:4:394:4 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:400:3:400:3 | c | Operand of essentially Character type type interpreted as a Boolean value. | +| test.c:401:3:401:4 | e1 | Operand of essentially Enum Type type interpreted as a Boolean value. | +| test.c:402:3:402:3 | s | Operand of essentially Signed type type interpreted as a Boolean value. | +| test.c:403:3:403:3 | u | Operand of essentially Unsigned type type interpreted as a Boolean value. | +| test.c:404:3:404:3 | f | Operand of essentially Floating type type interpreted as a Boolean value. | +| test.c:405:3:405:4 | cf | Operand of essentially Complex Floating type type interpreted as a Boolean value. | +| test.c:415:3:415:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:417:3:417:4 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:423:3:423:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:425:3:425:4 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:431:8:431:8 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:433:8:433:9 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:439:8:439:8 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:441:8:441:9 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | | test.c:447:3:447:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | | test.c:448:3:448:3 | c | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:449:3:449:4 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | -| test.c:450:3:450:3 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | -| test.c:454:3:454:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:455:3:455:3 | c | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:456:3:456:4 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | -| test.c:457:3:457:3 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | -| test.c:461:8:461:8 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:462:8:462:8 | c | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:463:8:463:9 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | -| test.c:464:8:464:8 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | -| test.c:468:8:468:8 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:469:8:469:8 | c | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:470:8:470:9 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | -| test.c:471:8:471:8 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | -| test.c:475:8:475:8 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:476:8:476:8 | c | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:477:8:477:9 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | -| test.c:478:8:478:8 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:449:3:449:4 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:455:3:455:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:456:3:456:3 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:457:3:457:4 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:463:8:463:8 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:464:8:464:8 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:465:8:465:9 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:471:8:471:8 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:472:8:472:8 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:473:8:473:9 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:479:3:479:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:480:3:480:3 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:481:3:481:4 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:487:8:487:8 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:488:8:488:8 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:489:8:489:9 | e1 | Operand of essentially Enum type used in arithmetic operation, but has an implementation defined integer type. | +| test.c:495:3:495:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:496:3:496:3 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:497:3:497:4 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:498:3:498:3 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:503:3:503:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:504:3:504:3 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:505:3:505:4 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:506:3:506:3 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:511:9:511:9 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:512:9:512:9 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:513:9:513:10 | e1 | Right hand operand of shift operator is essentially Enum Type and not not essentially unsigned. | +| test.c:514:9:514:9 | s | Right hand operand of shift operator is essentially Signed type and not not essentially unsigned. | +| test.c:519:9:519:9 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:520:9:520:9 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:521:9:521:10 | e1 | Right hand operand of shift operator is essentially Enum Type and not not essentially unsigned. | +| test.c:522:9:522:9 | s | Right hand operand of shift operator is essentially Signed type and not not essentially unsigned. | +| test.c:527:3:527:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:528:3:528:3 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:529:3:529:4 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:530:3:530:3 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:535:3:535:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:536:3:536:3 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:537:3:537:4 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:538:3:538:3 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:543:3:543:3 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:544:3:544:3 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:545:3:545:4 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:546:3:546:3 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:551:8:551:8 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:552:8:552:8 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:553:8:553:9 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:554:8:554:8 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:559:8:559:8 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:560:8:560:8 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:561:8:561:9 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:562:8:562:8 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:567:8:567:8 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:568:8:568:8 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:569:8:569:9 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:570:8:570:8 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | diff --git a/c/misra/test/rules/RULE-10-1/PointerTypeOnLogicalOperator.expected b/c/misra/test/rules/RULE-10-1/PointerTypeOnLogicalOperator.expected index 35a55919fd..34d2993389 100644 --- a/c/misra/test/rules/RULE-10-1/PointerTypeOnLogicalOperator.expected +++ b/c/misra/test/rules/RULE-10-1/PointerTypeOnLogicalOperator.expected @@ -1,5 +1,5 @@ -| test.c:488:4:488:4 | p | Logical operators should not be used with pointer types. | -| test.c:490:3:490:3 | p | Logical operators should not be used with pointer types. | -| test.c:491:7:491:7 | p | Logical operators should not be used with pointer types. | -| test.c:493:3:493:3 | p | Logical operators should not be used with pointer types. | -| test.c:494:8:494:8 | p | Logical operators should not be used with pointer types. | +| test.c:581:4:581:4 | p | Logical operators should not be used with pointer types. | +| test.c:583:3:583:3 | p | Logical operators should not be used with pointer types. | +| test.c:584:7:584:7 | p | Logical operators should not be used with pointer types. | +| test.c:586:3:586:3 | p | Logical operators should not be used with pointer types. | +| test.c:587:8:587:8 | p | Logical operators should not be used with pointer types. | diff --git a/c/misra/test/rules/RULE-10-1/test.c b/c/misra/test/rules/RULE-10-1/test.c index 19b7d2e3e8..f8d1a4fca5 100644 --- a/c/misra/test/rules/RULE-10-1/test.c +++ b/c/misra/test/rules/RULE-10-1/test.c @@ -1,3 +1,4 @@ +#include "math.h" #include "stdbool.h" void testInappropriateOperands() { @@ -7,6 +8,7 @@ void testInappropriateOperands() { signed int s = 100; unsigned int u = 1; float f = 1.0; + float _Complex cf = 1.0 + 1.0i; int a[20]; @@ -16,6 +18,7 @@ void testInappropriateOperands() { a[s]; // COMPLIANT a[u]; // COMPLIANT // a[f]; // NON_COMPILABLE + // a[cf]; // NON_COMPILABLE +b; // NON_COMPLIANT +c; // NON_COMPLIANT @@ -23,6 +26,7 @@ void testInappropriateOperands() { +s; // COMPLIANT +u; // COMPLIANT +f; // COMPLIANT + +cf; // COMPLIANT -b; // NON_COMPLIANT -c; // NON_COMPLIANT @@ -30,6 +34,7 @@ void testInappropriateOperands() { -s; // COMPLIANT -u; // NON_COMPLIANT -f; // COMPLIANT + -cf; // COMPLIANT 1 + b; // NON_COMPLIANT 1 + c; // COMPLIANT @@ -37,6 +42,7 @@ void testInappropriateOperands() { 1 + s; // COMPLIANT 1 + u; // COMPLIANT 1 + f; // COMPLIANT + 1 + cf; // COMPLIANT 1 - b; // NON_COMPLIANT 1 - c; // COMPLIANT @@ -44,6 +50,7 @@ void testInappropriateOperands() { 1 - s; // COMPLIANT 1 - u; // COMPLIANT 1 - f; // COMPLIANT + 1 - cf; // COMPLIANT b + 1; // NON_COMPLIANT c + 1; // COMPLIANT @@ -51,6 +58,7 @@ void testInappropriateOperands() { s + 1; // COMPLIANT u + 1; // COMPLIANT f + 1; // COMPLIANT + cf + 1; // COMPLIANT b - 1; // NON_COMPLIANT c - 1; // COMPLIANT @@ -58,6 +66,7 @@ void testInappropriateOperands() { s - 1; // COMPLIANT u - 1; // COMPLIANT f - 1; // COMPLIANT + cf - 1; // COMPLIANT b++; // NON_COMPLIANT c++; // COMPLIANT @@ -65,6 +74,7 @@ void testInappropriateOperands() { s++; // COMPLIANT u++; // COMPLIANT f++; // COMPLIANT + cf++; // NON_COMPLIANT b--; // NON_COMPLIANT c--; // COMPLIANT @@ -72,6 +82,7 @@ void testInappropriateOperands() { s--; // COMPLIANT u--; // COMPLIANT f--; // COMPLIANT + cf--; // NON_COMPLIANT ++b; // NON_COMPLIANT ++c; // COMPLIANT @@ -79,6 +90,7 @@ void testInappropriateOperands() { ++s; // COMPLIANT ++u; // COMPLIANT ++f; // COMPLIANT + ++cf; // NON_COMPLIANT --b; // NON_COMPLIANT --c; // COMPLIANT @@ -86,6 +98,7 @@ void testInappropriateOperands() { --s; // COMPLIANT --u; // COMPLIANT --f; // COMPLIANT + --cf; // NON_COMPLIANT 1 * b; // NON_COMPLIANT 1 * c; // NON_COMPLIANT @@ -93,6 +106,7 @@ void testInappropriateOperands() { 1 * s; // COMPLIANT 1 * u; // COMPLIANT 1 * f; // COMPLIANT + 1 * cf; // COMPLIANT 1 / b; // NON_COMPLIANT 1 / c; // NON_COMPLIANT @@ -100,6 +114,7 @@ void testInappropriateOperands() { 1 / s; // COMPLIANT 1 / u; // COMPLIANT 1 / f; // COMPLIANT + 1 / cf; // COMPLIANT b * 1; // NON_COMPLIANT c * 1; // NON_COMPLIANT @@ -107,6 +122,7 @@ void testInappropriateOperands() { s * 1; // COMPLIANT u * 1; // COMPLIANT f * 1; // COMPLIANT + cf * 1; // COMPLIANT b / 1; // NON_COMPLIANT c / 1; // NON_COMPLIANT @@ -114,6 +130,7 @@ void testInappropriateOperands() { s / 1; // COMPLIANT u / 1; // COMPLIANT f / 1; // COMPLIANT + cf / 1; // COMPLIANT b % 1; // NON_COMPLIANT c % 1; // NON_COMPLIANT @@ -121,6 +138,7 @@ void testInappropriateOperands() { s % 1; // COMPLIANT u % 1; // COMPLIANT // f % 1; // NON_COMPILABLE + // cf % 1; // NON_COMPILABLE 1 % b; // NON_COMPLIANT 1 % c; // NON_COMPLIANT @@ -128,6 +146,7 @@ void testInappropriateOperands() { 1 % s; // COMPLIANT 1 % u; // COMPLIANT // 1 % f; // NON_COMPILABLE + // 1 % cf; // NON_COMPILABLE 1 < b; // NON_COMPLIANT 1 < c; // COMPLIANT @@ -135,6 +154,7 @@ void testInappropriateOperands() { 1 < s; // COMPLIANT 1 < u; // COMPLIANT 1 < f; // COMPLIANT + // 1 < cf; // NON_COMPILABLE 1 > b; // NON_COMPLIANT 1 > c; // COMPLIANT @@ -142,6 +162,7 @@ void testInappropriateOperands() { 1 > s; // COMPLIANT 1 > u; // COMPLIANT 1 > f; // COMPLIANT + // 1 > cf; // NON_COMPILABLE 1 <= b; // NON_COMPLIANT 1 <= c; // COMPLIANT @@ -149,6 +170,7 @@ void testInappropriateOperands() { 1 <= s; // COMPLIANT 1 <= u; // COMPLIANT 1 <= f; // COMPLIANT + // 1 <= cf; // NON_COMPILABLE 1 >= b; // NON_COMPLIANT 1 >= c; // COMPLIANT @@ -156,6 +178,7 @@ void testInappropriateOperands() { 1 >= s; // COMPLIANT 1 >= u; // COMPLIANT 1 >= f; // COMPLIANT + // 1 >= cf; // NON_COMPILABLE b < 1; // NON_COMPLIANT c < 1; // COMPLIANT @@ -163,6 +186,7 @@ void testInappropriateOperands() { s < 1; // COMPLIANT u < 1; // COMPLIANT f < 1; // COMPLIANT + // cf < 1; // NON_COMPILABLE b > 1; // NON_COMPLIANT c > 1; // COMPLIANT @@ -170,6 +194,7 @@ void testInappropriateOperands() { s > 1; // COMPLIANT u > 1; // COMPLIANT f > 1; // COMPLIANT + // cf > 1; // NON_COMPILABLE b <= 1; // NON_COMPLIANT c <= 1; // COMPLIANT @@ -177,6 +202,7 @@ void testInappropriateOperands() { s <= 1; // COMPLIANT u <= 1; // COMPLIANT f <= 1; // COMPLIANT + // cf <= 1; // NON_COMPILABLE b >= 1; // NON_COMPLIANT c >= 1; // COMPLIANT @@ -184,34 +210,63 @@ void testInappropriateOperands() { s >= 1; // COMPLIANT u >= 1; // COMPLIANT f >= 1; // COMPLIANT - - b == 1; // COMPLIANT - c == 1; // COMPLIANT - e1 == 1; // COMPLIANT - s == 1; // COMPLIANT - u == 1; // COMPLIANT - f == 1; // COMPLIANT - - b != 1; // COMPLIANT - c != 1; // COMPLIANT - e1 != 1; // COMPLIANT - s != 1; // COMPLIANT - u != 1; // COMPLIANT - f != 1; // COMPLIANT - - 1 == b; // COMPLIANT - 1 == c; // COMPLIANT - 1 == e1; // COMPLIANT - 1 == s; // COMPLIANT - 1 == u; // COMPLIANT - 1 == f; // COMPLIANT - - 1 != b; // COMPLIANT - 1 != c; // COMPLIANT - 1 != e1; // COMPLIANT - 1 != s; // COMPLIANT - 1 != u; // COMPLIANT - 1 != f; // COMPLIANT + // cf >= 1; // NON_COMPILABLE + + b == 1; // COMPLIANT + c == 1; // COMPLIANT + e1 == 1; // COMPLIANT + s == 1; // COMPLIANT + u == 1; // COMPLIANT + f == 1; // NON_COMPLIANT + cf == 1; // NON_COMPLIANT + f == 0; // COMPLIANT + f == INFINITY; // COMPLIANT + f == -INFINITY; // COMPLIANT + cf == 0; // COMPLIANT + cf == INFINITY; // COMPLIANT + cf == -INFINITY; // COMPLIANT + + b != 1; // COMPLIANT + c != 1; // COMPLIANT + e1 != 1; // COMPLIANT + s != 1; // COMPLIANT + u != 1; // COMPLIANT + f != 1; // NON_COMPLIANT + cf != 1; // NON_COMPLIANT + f != 0; // COMPLIANT + f != INFINITY; // COMPLIANT + f != -INFINITY; // COMPLIANT + cf != 0; // COMPLIANT + cf != INFINITY; // COMPLIANT + cf != -INFINITY; // COMPLIANT + + 1 == b; // COMPLIANT + 1 == c; // COMPLIANT + 1 == e1; // COMPLIANT + 1 == s; // COMPLIANT + 1 == u; // COMPLIANT + 1 == f; // NON_COMPLIANT + 1 == cf; // NON_COMPLIANT + 0 == f; // COMPLIANT + INFINITY == f; // COMPLIANT + -INFINITY == f; // COMPLIANT + 0 == cf; // COMPLIANT + INFINITY == cf; // COMPLIANT + -INFINITY == cf; // COMPLIANT + + 1 != b; // COMPLIANT + 1 != c; // COMPLIANT + 1 != e1; // COMPLIANT + 1 != s; // COMPLIANT + 1 != u; // COMPLIANT + 1 != f; // NON_COMPLIANT + 1 != cf; // NON_COMPLIANT + 0 != f; // COMPLIANT + INFINITY != f; // COMPLIANT + -INFINITY != f; // COMPLIANT + 0 != cf; // COMPLIANT + INFINITY != cf; // COMPLIANT + -INFINITY != cf; // COMPLIANT !b; // COMPLIANT !c; // NON_COMPLIANT @@ -219,6 +274,7 @@ void testInappropriateOperands() { !s; // NON_COMPLIANT !u; // NON_COMPLIANT !f; // NON_COMPLIANT + !cf; // NON_COMPLIANT b && true; // COMPLIANT c && true; // NON_COMPLIANT @@ -226,6 +282,7 @@ void testInappropriateOperands() { s && true; // NON_COMPLIANT u && true; // NON_COMPLIANT f && true; // NON_COMPLIANT + cf && true; // NON_COMPLIANT b || false; // COMPLIANT c || false; // NON_COMPLIANT @@ -233,6 +290,7 @@ void testInappropriateOperands() { s || false; // NON_COMPLIANT u || false; // NON_COMPLIANT f || false; // NON_COMPLIANT + cf || false; // NON_COMPLIANT true && b; // COMPLIANT true && c; // NON_COMPLIANT @@ -240,6 +298,7 @@ void testInappropriateOperands() { true && s; // NON_COMPLIANT true && u; // NON_COMPLIANT true && f; // NON_COMPLIANT + true && cf; // NON_COMPLIANT false || b; // COMPLIANT false || c; // NON_COMPLIANT @@ -247,6 +306,7 @@ void testInappropriateOperands() { false || s; // NON_COMPLIANT false || u; // NON_COMPLIANT false || f; // NON_COMPLIANT + false || cf; // NON_COMPLIANT b << u; // NON_COMPLIANT c << u; // NON_COMPLIANT @@ -254,6 +314,7 @@ void testInappropriateOperands() { s << u; // NON_COMPLIANT u << u; // COMPLIANT // f << u; // NON_COMPILABLE + // cf << u; // NON_COMPILABLE b >> u; // NON_COMPLIANT c >> u; // NON_COMPLIANT @@ -261,6 +322,7 @@ void testInappropriateOperands() { s >> u; // NON_COMPLIANT u >> u; // COMPLIANT // f >> u; // NON_COMPILABLE + // cf >> u; // NON_COMPILABLE u << b; // NON_COMPLIANT u << c; // NON_COMPLIANT @@ -268,6 +330,7 @@ void testInappropriateOperands() { u << s; // NON_COMPLIANT u << u; // COMPLIANT // u << f; // NON_COMPILABLE + // u << cf; // NON_COMPILABLE u >> b; // NON_COMPLIANT u >> c; // NON_COMPLIANT @@ -275,13 +338,15 @@ void testInappropriateOperands() { u >> s; // NON_COMPLIANT u >> u; // COMPLIANT // u >> f; // NON_COMPILABLE + // u >> cf; // NON_COMPILABLE - b &u; // NON_COMPLIANT - c &u; // NON_COMPLIANT - e1 &u; // NON_COMPLIANT - s &u; // NON_COMPLIANT - u &u; // COMPLIANT + b & u; // NON_COMPLIANT + c & u; // NON_COMPLIANT + e1 & u; // NON_COMPLIANT + s & u; // NON_COMPLIANT + u & u; // COMPLIANT // f &u; // NON_COMPILABLE + // cf &u; // NON_COMPILABLE b | u; // NON_COMPLIANT c | u; // NON_COMPLIANT @@ -289,6 +354,7 @@ void testInappropriateOperands() { s | u; // NON_COMPLIANT u | u; // COMPLIANT // f | u; // NON_COMPILABLE + // cf | u; // NON_COMPILABLE b ^ u; // NON_COMPLIANT c ^ u; // NON_COMPLIANT @@ -296,13 +362,15 @@ void testInappropriateOperands() { s ^ u; // NON_COMPLIANT u ^ u; // COMPLIANT // f ^ u; // NON_COMPILABLE + // cf ^ u; // NON_COMPILABLE - u &b; // NON_COMPLIANT - u &c; // NON_COMPLIANT - u &e1; // NON_COMPLIANT - u &s; // NON_COMPLIANT - u &u; // COMPLIANT + u & b; // NON_COMPLIANT + u & c; // NON_COMPLIANT + u & e1; // NON_COMPLIANT + u & s; // NON_COMPLIANT + u & u; // COMPLIANT // u &f; // NON_COMPILABLE + // u &cf; // NON_COMPILABLE u | b; // NON_COMPLIANT u | c; // NON_COMPLIANT @@ -310,6 +378,7 @@ void testInappropriateOperands() { u | s; // NON_COMPLIANT u | u; // COMPLIANT // u | f; // NON_COMPILABLE + // u | cf; // NON_COMPILABLE u ^ b; // NON_COMPLIANT u ^ c; // NON_COMPLIANT @@ -317,6 +386,7 @@ void testInappropriateOperands() { u ^ s; // NON_COMPLIANT u ^ u; // COMPLIANT // u ^ f; // NON_COMPILABLE + // u ^ cf; // NON_COMPILABLE ~b; // NON_COMPLIANT ~c; // NON_COMPLIANT @@ -324,6 +394,7 @@ void testInappropriateOperands() { ~s; // NON_COMPLIANT ~u; // COMPLIANT //~f; // NON_COMPILABLE + ~cf; // NON_COMPLIANT b ? 1 : 2; // COMPLIANT c ? 1 : 2; // NON_COMPLIANT @@ -331,6 +402,7 @@ void testInappropriateOperands() { s ? 1 : 2; // NON_COMPLIANT u ? 1 : 2; // NON_COMPLIANT f ? 1 : 2; // NON_COMPLIANT + cf ? 1 : 2; // NON_COMPLIANT b ? b : b; // COMPLIANT b ? c : c; // COMPLIANT @@ -338,6 +410,7 @@ void testInappropriateOperands() { b ? s : s; // COMPLIANT b ? u : u; // COMPLIANT b ? f : f; // COMPLIANT + b ? cf : cf; // COMPLIANT b += 1; // NON_COMPLIANT c += 1; // COMPLIANT @@ -345,6 +418,7 @@ void testInappropriateOperands() { s += 1; // COMPLIANT u += 1; // COMPLIANT f += 1; // COMPLIANT + cf += 1; // COMPLIANT b -= 1; // NON_COMPLIANT c -= 1; // COMPLIANT @@ -352,6 +426,7 @@ void testInappropriateOperands() { s -= 1; // COMPLIANT u -= 1; // COMPLIANT f -= 1; // COMPLIANT + cf -= 1; // COMPLIANT u += b; // NON_COMPLIANT u += c; // COMPLIANT @@ -359,6 +434,7 @@ void testInappropriateOperands() { u += s; // COMPLIANT u += u; // COMPLIANT u += f; // COMPLIANT + u += cf; // COMPLIANT u -= b; // NON_COMPLIANT u -= c; // COMPLIANT @@ -366,6 +442,7 @@ void testInappropriateOperands() { u -= s; // COMPLIANT u -= u; // COMPLIANT u -= f; // COMPLIANT + u -= cf; // COMPLIANT b *= 1; // NON_COMPLIANT c *= 1; // NON_COMPLIANT @@ -373,6 +450,7 @@ void testInappropriateOperands() { s *= 1; // COMPLIANT u *= 1; // COMPLIANT f *= 1; // COMPLIANT + cf *= 1; // COMPLIANT b /= 1; // NON_COMPLIANT c /= 1; // NON_COMPLIANT @@ -380,6 +458,7 @@ void testInappropriateOperands() { s /= 1; // COMPLIANT u /= 1; // COMPLIANT f /= 1; // COMPLIANT + cf /= 1; // COMPLIANT u *= b; // NON_COMPLIANT u *= c; // NON_COMPLIANT @@ -387,6 +466,7 @@ void testInappropriateOperands() { u *= s; // COMPLIANT u *= u; // COMPLIANT u *= f; // COMPLIANT + u *= cf; // COMPLIANT u /= b; // NON_COMPLIANT u /= c; // NON_COMPLIANT @@ -394,6 +474,7 @@ void testInappropriateOperands() { u /= s; // COMPLIANT u /= u; // COMPLIANT u /= f; // COMPLIANT + u /= cf; // COMPLIANT b %= 1; // NON_COMPLIANT c %= 1; // NON_COMPLIANT @@ -401,6 +482,7 @@ void testInappropriateOperands() { s %= 1; // COMPLIANT u %= 1; // COMPLIANT // f %= 1; // NON_COMPILABLE + // cf %= 1; // NON_COMPILABLE u %= b; // NON_COMPLIANT u %= c; // NON_COMPLIANT @@ -408,6 +490,7 @@ void testInappropriateOperands() { u %= s; // COMPLIANT u %= u; // COMPLIANT // u %= f; // NON_COMPILABLE + // u %= cf; // NON_COMPILABLE b <<= u; // NON_COMPLIANT c <<= u; // NON_COMPLIANT @@ -415,6 +498,7 @@ void testInappropriateOperands() { s <<= u; // NON_COMPLIANT u <<= u; // COMPLIANT // f <<= u; // NON_COMPILABLE + // cf <<= u; // NON_COMPILABLE b >>= u; // NON_COMPLIANT c >>= u; // NON_COMPLIANT @@ -422,6 +506,7 @@ void testInappropriateOperands() { s >>= u; // NON_COMPLIANT u >>= u; // COMPLIANT // f >>= u; // NON_COMPILABLE + // cf >>= u; // NON_COMPILABLE u <<= b; // NON_COMPLIANT u <<= c; // NON_COMPLIANT @@ -429,6 +514,7 @@ void testInappropriateOperands() { u <<= s; // NON_COMPLIANT u <<= u; // COMPLIANT // u <<= f; // NON_COMPILABLE + // u <<= cf; // NON_COMPILABLE u >>= b; // NON_COMPLIANT u >>= c; // NON_COMPLIANT @@ -436,6 +522,7 @@ void testInappropriateOperands() { u >>= s; // NON_COMPLIANT u >>= u; // COMPLIANT // u >>= f; // NON_COMPILABLE + // u >>= cf; // NON_COMPILABLE b &= u; // NON_COMPLIANT c &= u; // NON_COMPLIANT @@ -443,6 +530,7 @@ void testInappropriateOperands() { s &= u; // NON_COMPLIANT u &= u; // COMPLIANT // f &= u; // NON_COMPILABLE + // cf &= u; // NON_COMPILABLE b ^= u; // NON_COMPLIANT c ^= u; // NON_COMPLIANT @@ -450,6 +538,7 @@ void testInappropriateOperands() { s ^= u; // NON_COMPLIANT u ^= u; // COMPLIANT // f ^= u; // NON_COMPILABLE + // cf ^= u; // NON_COMPILABLE b |= u; // NON_COMPLIANT c |= u; // NON_COMPLIANT @@ -457,6 +546,7 @@ void testInappropriateOperands() { s |= u; // NON_COMPLIANT u |= u; // COMPLIANT // f |= u; // NON_COMPILABLE + // cf |= u; // NON_COMPILABLE u &= b; // NON_COMPLIANT u &= c; // NON_COMPLIANT @@ -464,6 +554,7 @@ void testInappropriateOperands() { u &= s; // NON_COMPLIANT u &= u; // COMPLIANT // u &= f; // NON_COMPILABLE + // u &= cf; // NON_COMPILABLE u ^= b; // NON_COMPLIANT u ^= c; // NON_COMPLIANT @@ -471,6 +562,7 @@ void testInappropriateOperands() { u ^= s; // NON_COMPLIANT u ^= u; // COMPLIANT // u ^= f; // NON_COMPILABLE + // u ^= cf; // NON_COMPILABLE u |= b; // NON_COMPLIANT u |= c; // NON_COMPLIANT @@ -478,6 +570,7 @@ void testInappropriateOperands() { u |= s; // NON_COMPLIANT u |= u; // COMPLIANT // u |= f; // NON_COMPILABLE + // u |= cf; // NON_COMPILABLE } void pointerType() { diff --git a/c/misra/test/rules/RULE-10-3/AssignmentOfIncompatibleEssentialType.expected b/c/misra/test/rules/RULE-10-3/AssignmentOfIncompatibleEssentialType.expected index 3867abd0ca..42af35cb47 100644 --- a/c/misra/test/rules/RULE-10-3/AssignmentOfIncompatibleEssentialType.expected +++ b/c/misra/test/rules/RULE-10-3/AssignmentOfIncompatibleEssentialType.expected @@ -1,133 +1,188 @@ -| test.c:11:7:11:8 | e1 | Assignment of essentially Enum Type value to an object of essentially Boolean type. | -| test.c:12:7:12:7 | s | Assignment of essentially Signed type value to an object of essentially Boolean type. | -| test.c:13:7:13:7 | u | Assignment of essentially Unsigned type value to an object of essentially Boolean type. | -| test.c:14:7:14:7 | f | Assignment of essentially Floating type value to an object of essentially Boolean type. | -| test.c:16:8:16:8 | b | Assignment of essentially Boolean type value to an object of essentially Enum Type. | -| test.c:18:8:18:8 | s | Assignment of essentially Signed type value to an object of essentially Enum Type. | -| test.c:19:8:19:8 | u | Assignment of essentially Unsigned type value to an object of essentially Enum Type. | -| test.c:20:8:20:8 | f | Assignment of essentially Floating type value to an object of essentially Enum Type. | -| test.c:22:7:22:7 | b | Assignment of essentially Boolean type value to an object of essentially Signed type. | -| test.c:23:7:23:8 | e1 | Assignment of essentially Enum Type value to an object of essentially Signed type. | -| test.c:25:7:25:7 | u | Assignment of essentially Unsigned type value to an object of essentially Signed type. | -| test.c:26:7:26:7 | f | Assignment of essentially Floating type value to an object of essentially Signed type. | -| test.c:28:7:28:7 | b | Assignment of essentially Boolean type value to an object of essentially Unsigned type. | -| test.c:29:7:29:8 | e1 | Assignment of essentially Enum Type value to an object of essentially Unsigned type. | -| test.c:30:7:30:7 | s | Assignment of essentially Signed type value to an object of essentially Unsigned type. | -| test.c:32:7:32:7 | f | Assignment of essentially Floating type value to an object of essentially Unsigned type. | -| test.c:34:7:34:7 | b | Assignment of essentially Boolean type value to an object of essentially Floating type. | -| test.c:35:7:35:8 | e1 | Assignment of essentially Enum Type value to an object of essentially Floating type. | -| test.c:36:7:36:7 | s | Assignment of essentially Signed type value to an object of essentially Floating type. | -| test.c:37:7:37:7 | u | Assignment of essentially Unsigned type value to an object of essentially Floating type. | -| test.c:49:14:49:15 | e1 | Assignment of essentially Enum Type value to an object of essentially Boolean type. | -| test.c:50:14:50:14 | s | Assignment of essentially Signed type value to an object of essentially Boolean type. | -| test.c:51:14:51:14 | u | Assignment of essentially Unsigned type value to an object of essentially Boolean type. | -| test.c:52:14:52:14 | f | Assignment of essentially Floating type value to an object of essentially Boolean type. | -| test.c:54:17:54:17 | b | Assignment of essentially Boolean type value to an object of essentially Enum Type. | -| test.c:56:17:56:17 | s | Assignment of essentially Signed type value to an object of essentially Enum Type. | -| test.c:57:17:57:17 | u | Assignment of essentially Unsigned type value to an object of essentially Enum Type. | -| test.c:58:17:58:17 | f | Assignment of essentially Floating type value to an object of essentially Enum Type. | -| test.c:60:19:60:19 | b | Assignment of essentially Boolean type value to an object of essentially Signed type. | -| test.c:61:19:61:20 | e1 | Assignment of essentially Enum Type value to an object of essentially Signed type. | -| test.c:63:19:63:19 | u | Assignment of essentially Unsigned type value to an object of essentially Signed type. | -| test.c:64:19:64:19 | f | Assignment of essentially Floating type value to an object of essentially Signed type. | -| test.c:66:21:66:21 | b | Assignment of essentially Boolean type value to an object of essentially Unsigned type. | -| test.c:67:21:67:22 | e1 | Assignment of essentially Enum Type value to an object of essentially Unsigned type. | -| test.c:68:21:68:21 | s | Assignment of essentially Signed type value to an object of essentially Unsigned type. | -| test.c:70:21:70:21 | f | Assignment of essentially Floating type value to an object of essentially Unsigned type. | -| test.c:72:14:72:14 | b | Assignment of essentially Boolean type value to an object of essentially Floating type. | -| test.c:73:14:73:15 | e1 | Assignment of essentially Enum Type value to an object of essentially Floating type. | -| test.c:74:14:74:14 | s | Assignment of essentially Signed type value to an object of essentially Floating type. | -| test.c:75:14:75:14 | u | Assignment of essentially Unsigned type value to an object of essentially Floating type. | -| test.c:80:7:80:8 | e1 | Assignment of essentially Enum Type value to an object of essentially Boolean type. | -| test.c:81:7:81:7 | s | Assignment of essentially Signed type value to an object of essentially Boolean type. | -| test.c:82:7:82:7 | u | Assignment of essentially Unsigned type value to an object of essentially Boolean type. | -| test.c:83:7:83:7 | f | Assignment of essentially Floating type value to an object of essentially Boolean type. | -| test.c:86:7:86:7 | b | Assignment of essentially Boolean type value to an object of essentially Enum Type. | -| test.c:88:7:88:7 | s | Assignment of essentially Signed type value to an object of essentially Enum Type. | -| test.c:89:7:89:7 | u | Assignment of essentially Unsigned type value to an object of essentially Enum Type. | -| test.c:90:7:90:7 | f | Assignment of essentially Floating type value to an object of essentially Enum Type. | -| test.c:93:7:93:7 | b | Assignment of essentially Boolean type value to an object of essentially Signed type. | -| test.c:94:7:94:8 | e1 | Assignment of essentially Enum Type value to an object of essentially Signed type. | -| test.c:96:7:96:7 | u | Assignment of essentially Unsigned type value to an object of essentially Signed type. | -| test.c:97:7:97:7 | f | Assignment of essentially Floating type value to an object of essentially Signed type. | -| test.c:100:7:100:7 | b | Assignment of essentially Boolean type value to an object of essentially Unsigned type. | -| test.c:101:7:101:8 | e1 | Assignment of essentially Enum Type value to an object of essentially Unsigned type. | -| test.c:102:7:102:7 | s | Assignment of essentially Signed type value to an object of essentially Unsigned type. | -| test.c:104:7:104:7 | f | Assignment of essentially Floating type value to an object of essentially Unsigned type. | -| test.c:107:7:107:7 | b | Assignment of essentially Boolean type value to an object of essentially Floating type. | -| test.c:108:7:108:8 | e1 | Assignment of essentially Enum Type value to an object of essentially Floating type. | -| test.c:109:7:109:7 | s | Assignment of essentially Signed type value to an object of essentially Floating type. | -| test.c:110:7:110:7 | u | Assignment of essentially Unsigned type value to an object of essentially Floating type. | -| test.c:118:7:118:8 | - ... | Assignment of essentially Signed type value to an object of essentially Unsigned type. | -| test.c:119:7:119:16 | 4294967296 | Assignment of essentially Signed type value to an object of essentially Unsigned type. | -| test.c:131:8:131:8 | A | Assignment of essentially Enum Type value to an object of essentially Boolean type. | -| test.c:132:8:132:10 | 100 | Assignment of essentially Signed type value to an object of essentially Boolean type. | -| test.c:133:23:133:25 | 200 | Assignment of essentially Unsigned type value to an object of essentially Boolean type. | -| test.c:138:8:138:11 | 1 | Assignment of essentially Boolean type value to an object of essentially Enum Type. | -| test.c:140:8:140:10 | 100 | Assignment of essentially Signed type value to an object of essentially Enum Type. | -| test.c:141:23:141:25 | 200 | Assignment of essentially Unsigned type value to an object of essentially Enum Type. | -| test.c:146:8:146:11 | 1 | Assignment of essentially Boolean type value to an object of essentially Signed type. | -| test.c:147:8:147:8 | A | Assignment of essentially Enum Type value to an object of essentially Signed type. | -| test.c:149:23:149:25 | 200 | Assignment of essentially Unsigned type value to an object of essentially Signed type. | -| test.c:154:8:154:11 | 1 | Assignment of essentially Boolean type value to an object of essentially Unsigned type. | -| test.c:155:8:155:8 | A | Assignment of essentially Enum Type value to an object of essentially Unsigned type. | -| test.c:174:8:174:8 | b | Assignment of essentially Boolean type value to an object of essentially Enum Type. | -| test.c:175:8:175:8 | b | Assignment of essentially Boolean type value to an object of essentially Signed type. | -| test.c:176:8:176:8 | b | Assignment of essentially Boolean type value to an object of essentially Unsigned type. | -| test.c:177:8:177:8 | b | Assignment of essentially Boolean type value to an object of essentially Floating type. | -| test.c:180:8:180:9 | e1 | Assignment of essentially Enum Type value to an object of essentially Boolean type. | -| test.c:182:8:182:9 | e1 | Assignment of essentially Enum Type value to an object of essentially Signed type. | -| test.c:183:8:183:9 | e1 | Assignment of essentially Enum Type value to an object of essentially Unsigned type. | -| test.c:184:8:184:9 | e1 | Assignment of essentially Enum Type value to an object of essentially Floating type. | -| test.c:187:8:187:8 | s | Assignment of essentially Signed type value to an object of essentially Boolean type. | -| test.c:188:8:188:8 | s | Assignment of essentially Signed type value to an object of essentially Enum Type. | -| test.c:190:8:190:8 | s | Assignment of essentially Signed type value to an object of essentially Unsigned type. | -| test.c:191:8:191:8 | s | Assignment of essentially Signed type value to an object of essentially Floating type. | -| test.c:194:8:194:8 | u | Assignment of essentially Unsigned type value to an object of essentially Boolean type. | -| test.c:195:8:195:8 | u | Assignment of essentially Unsigned type value to an object of essentially Enum Type. | -| test.c:196:8:196:8 | u | Assignment of essentially Unsigned type value to an object of essentially Signed type. | -| test.c:198:8:198:8 | u | Assignment of essentially Unsigned type value to an object of essentially Floating type. | -| test.c:201:8:201:8 | f | Assignment of essentially Floating type value to an object of essentially Boolean type. | -| test.c:202:8:202:8 | f | Assignment of essentially Floating type value to an object of essentially Enum Type. | -| test.c:203:8:203:8 | f | Assignment of essentially Floating type value to an object of essentially Signed type. | -| test.c:204:8:204:8 | f | Assignment of essentially Floating type value to an object of essentially Unsigned type. | -| test.c:220:12:220:13 | e1 | Assignment of essentially Enum Type value to an object of essentially Boolean type. | -| test.c:222:12:222:12 | s | Assignment of essentially Signed type value to an object of essentially Boolean type. | -| test.c:224:12:224:12 | u | Assignment of essentially Unsigned type value to an object of essentially Boolean type. | -| test.c:226:12:226:12 | f | Assignment of essentially Floating type value to an object of essentially Boolean type. | -| test.c:239:12:239:12 | b | Assignment of essentially Boolean type value to an object of essentially Enum Type. | -| test.c:243:12:243:12 | s | Assignment of essentially Signed type value to an object of essentially Enum Type. | -| test.c:245:12:245:12 | u | Assignment of essentially Unsigned type value to an object of essentially Enum Type. | -| test.c:247:12:247:12 | f | Assignment of essentially Floating type value to an object of essentially Enum Type. | -| test.c:260:12:260:12 | b | Assignment of essentially Boolean type value to an object of essentially Signed type. | -| test.c:262:12:262:13 | e1 | Assignment of essentially Enum Type value to an object of essentially Signed type. | -| test.c:266:12:266:12 | u | Assignment of essentially Unsigned type value to an object of essentially Signed type. | -| test.c:268:12:268:12 | f | Assignment of essentially Floating type value to an object of essentially Signed type. | -| test.c:281:12:281:12 | b | Assignment of essentially Boolean type value to an object of essentially Unsigned type. | -| test.c:283:12:283:13 | e1 | Assignment of essentially Enum Type value to an object of essentially Unsigned type. | -| test.c:285:12:285:12 | s | Assignment of essentially Signed type value to an object of essentially Unsigned type. | -| test.c:289:12:289:12 | f | Assignment of essentially Floating type value to an object of essentially Unsigned type. | -| test.c:302:12:302:12 | b | Assignment of essentially Boolean type value to an object of essentially Floating type. | -| test.c:304:12:304:13 | e1 | Assignment of essentially Enum Type value to an object of essentially Floating type. | -| test.c:306:12:306:12 | s | Assignment of essentially Signed type value to an object of essentially Floating type. | -| test.c:308:12:308:12 | u | Assignment of essentially Unsigned type value to an object of essentially Floating type. | -| test.c:332:10:332:11 | e1 | Assignment of essentially Enum Type value to an object of essentially Boolean type. | -| test.c:333:10:333:10 | s | Assignment of essentially Signed type value to an object of essentially Boolean type. | -| test.c:334:10:334:10 | u | Assignment of essentially Unsigned type value to an object of essentially Boolean type. | -| test.c:335:10:335:10 | f | Assignment of essentially Floating type value to an object of essentially Boolean type. | -| test.c:337:11:337:11 | b | Assignment of essentially Boolean type value to an object of essentially Enum Type. | -| test.c:339:11:339:11 | s | Assignment of essentially Signed type value to an object of essentially Enum Type. | -| test.c:340:11:340:11 | u | Assignment of essentially Unsigned type value to an object of essentially Enum Type. | -| test.c:341:11:341:11 | f | Assignment of essentially Floating type value to an object of essentially Enum Type. | -| test.c:343:10:343:10 | b | Assignment of essentially Boolean type value to an object of essentially Signed type. | -| test.c:344:10:344:11 | e1 | Assignment of essentially Enum Type value to an object of essentially Signed type. | -| test.c:346:10:346:10 | u | Assignment of essentially Unsigned type value to an object of essentially Signed type. | -| test.c:347:10:347:10 | f | Assignment of essentially Floating type value to an object of essentially Signed type. | -| test.c:349:10:349:10 | b | Assignment of essentially Boolean type value to an object of essentially Unsigned type. | -| test.c:350:10:350:11 | e1 | Assignment of essentially Enum Type value to an object of essentially Unsigned type. | -| test.c:351:10:351:10 | s | Assignment of essentially Signed type value to an object of essentially Unsigned type. | -| test.c:353:10:353:10 | f | Assignment of essentially Floating type value to an object of essentially Unsigned type. | -| test.c:355:10:355:10 | b | Assignment of essentially Boolean type value to an object of essentially Floating type. | -| test.c:356:10:356:11 | e1 | Assignment of essentially Enum Type value to an object of essentially Floating type. | -| test.c:357:10:357:10 | s | Assignment of essentially Signed type value to an object of essentially Floating type. | -| test.c:358:10:358:10 | u | Assignment of essentially Unsigned type value to an object of essentially Floating type. | +| test.c:13:7:13:8 | e1 | Assignment of essentially Enum Type value to an object of essentially Boolean type. | +| test.c:14:7:14:7 | s | Assignment of essentially Signed type value to an object of essentially Boolean type. | +| test.c:15:7:15:7 | u | Assignment of essentially Unsigned type value to an object of essentially Boolean type. | +| test.c:16:7:16:7 | f | Assignment of essentially Floating type value to an object of essentially Boolean type. | +| test.c:17:7:17:8 | cf | Assignment of essentially Complex Floating type value to an object of essentially Boolean type. | +| test.c:19:8:19:8 | b | Assignment of essentially Boolean type value to an object of essentially Enum Type. | +| test.c:21:8:21:8 | s | Assignment of essentially Signed type value to an object of essentially Enum Type. | +| test.c:22:8:22:8 | u | Assignment of essentially Unsigned type value to an object of essentially Enum Type. | +| test.c:23:8:23:8 | f | Assignment of essentially Floating type value to an object of essentially Enum Type. | +| test.c:24:8:24:9 | cf | Assignment of essentially Complex Floating type value to an object of essentially Enum Type. | +| test.c:26:7:26:7 | b | Assignment of essentially Boolean type value to an object of essentially Signed type. | +| test.c:27:7:27:8 | e1 | Assignment of essentially Enum Type value to an object of essentially Signed type. | +| test.c:29:7:29:7 | u | Assignment of essentially Unsigned type value to an object of essentially Signed type. | +| test.c:30:7:30:7 | f | Assignment of essentially Floating type value to an object of essentially Signed type. | +| test.c:31:7:31:8 | cf | Assignment of essentially Complex Floating type value to an object of essentially Signed type. | +| test.c:33:7:33:7 | b | Assignment of essentially Boolean type value to an object of essentially Unsigned type. | +| test.c:34:7:34:8 | e1 | Assignment of essentially Enum Type value to an object of essentially Unsigned type. | +| test.c:35:7:35:7 | s | Assignment of essentially Signed type value to an object of essentially Unsigned type. | +| test.c:37:7:37:7 | f | Assignment of essentially Floating type value to an object of essentially Unsigned type. | +| test.c:38:7:38:8 | cf | Assignment of essentially Complex Floating type value to an object of essentially Unsigned type. | +| test.c:40:7:40:7 | b | Assignment of essentially Boolean type value to an object of essentially Floating type. | +| test.c:41:7:41:8 | e1 | Assignment of essentially Enum Type value to an object of essentially Floating type. | +| test.c:42:7:42:7 | s | Assignment of essentially Signed type value to an object of essentially Floating type. | +| test.c:43:7:43:7 | u | Assignment of essentially Unsigned type value to an object of essentially Floating type. | +| test.c:45:7:45:8 | cf | Assignment of essentially Complex Floating type value to an object of essentially Floating type. | +| test.c:47:8:47:8 | b | Assignment of essentially Boolean type value to an object of essentially Complex Floating type. | +| test.c:48:8:48:9 | e1 | Assignment of essentially Enum Type value to an object of essentially Complex Floating type. | +| test.c:49:8:49:8 | s | Assignment of essentially Signed type value to an object of essentially Complex Floating type. | +| test.c:50:8:50:8 | u | Assignment of essentially Unsigned type value to an object of essentially Complex Floating type. | +| test.c:64:14:64:15 | e1 | Assignment of essentially Enum Type value to an object of essentially Boolean type. | +| test.c:65:14:65:14 | s | Assignment of essentially Signed type value to an object of essentially Boolean type. | +| test.c:66:14:66:14 | u | Assignment of essentially Unsigned type value to an object of essentially Boolean type. | +| test.c:67:14:67:14 | f | Assignment of essentially Floating type value to an object of essentially Boolean type. | +| test.c:68:15:68:16 | cf | Assignment of essentially Complex Floating type value to an object of essentially Boolean type. | +| test.c:70:17:70:17 | b | Assignment of essentially Boolean type value to an object of essentially Enum Type. | +| test.c:72:17:72:17 | s | Assignment of essentially Signed type value to an object of essentially Enum Type. | +| test.c:73:17:73:17 | u | Assignment of essentially Unsigned type value to an object of essentially Enum Type. | +| test.c:74:17:74:17 | f | Assignment of essentially Floating type value to an object of essentially Enum Type. | +| test.c:75:18:75:19 | cf | Assignment of essentially Complex Floating type value to an object of essentially Enum Type. | +| test.c:77:19:77:19 | b | Assignment of essentially Boolean type value to an object of essentially Signed type. | +| test.c:78:19:78:20 | e1 | Assignment of essentially Enum Type value to an object of essentially Signed type. | +| test.c:80:19:80:19 | u | Assignment of essentially Unsigned type value to an object of essentially Signed type. | +| test.c:81:19:81:19 | f | Assignment of essentially Floating type value to an object of essentially Signed type. | +| test.c:82:20:82:21 | cf | Assignment of essentially Complex Floating type value to an object of essentially Signed type. | +| test.c:84:21:84:21 | b | Assignment of essentially Boolean type value to an object of essentially Unsigned type. | +| test.c:85:21:85:22 | e1 | Assignment of essentially Enum Type value to an object of essentially Unsigned type. | +| test.c:86:21:86:21 | s | Assignment of essentially Signed type value to an object of essentially Unsigned type. | +| test.c:88:21:88:21 | f | Assignment of essentially Floating type value to an object of essentially Unsigned type. | +| test.c:89:22:89:23 | cf | Assignment of essentially Complex Floating type value to an object of essentially Unsigned type. | +| test.c:91:14:91:14 | b | Assignment of essentially Boolean type value to an object of essentially Floating type. | +| test.c:92:14:92:15 | e1 | Assignment of essentially Enum Type value to an object of essentially Floating type. | +| test.c:93:14:93:14 | s | Assignment of essentially Signed type value to an object of essentially Floating type. | +| test.c:94:14:94:14 | u | Assignment of essentially Unsigned type value to an object of essentially Floating type. | +| test.c:96:15:96:16 | cf | Assignment of essentially Complex Floating type value to an object of essentially Floating type. | +| test.c:98:24:98:24 | b | Assignment of essentially Boolean type value to an object of essentially Complex Floating type. | +| test.c:99:24:99:25 | e1 | Assignment of essentially Enum Type value to an object of essentially Complex Floating type. | +| test.c:100:24:100:24 | s | Assignment of essentially Signed type value to an object of essentially Complex Floating type. | +| test.c:101:24:101:24 | u | Assignment of essentially Unsigned type value to an object of essentially Complex Floating type. | +| test.c:107:7:107:8 | e1 | Assignment of essentially Enum Type value to an object of essentially Boolean type. | +| test.c:108:7:108:7 | s | Assignment of essentially Signed type value to an object of essentially Boolean type. | +| test.c:109:7:109:7 | u | Assignment of essentially Unsigned type value to an object of essentially Boolean type. | +| test.c:110:7:110:7 | f | Assignment of essentially Floating type value to an object of essentially Boolean type. | +| test.c:111:7:111:8 | cf | Assignment of essentially Complex Floating type value to an object of essentially Boolean type. | +| test.c:114:7:114:7 | b | Assignment of essentially Boolean type value to an object of essentially Enum Type. | +| test.c:116:7:116:7 | s | Assignment of essentially Signed type value to an object of essentially Enum Type. | +| test.c:117:7:117:7 | u | Assignment of essentially Unsigned type value to an object of essentially Enum Type. | +| test.c:118:7:118:7 | f | Assignment of essentially Floating type value to an object of essentially Enum Type. | +| test.c:119:7:119:8 | cf | Assignment of essentially Complex Floating type value to an object of essentially Enum Type. | +| test.c:122:7:122:7 | b | Assignment of essentially Boolean type value to an object of essentially Signed type. | +| test.c:123:7:123:8 | e1 | Assignment of essentially Enum Type value to an object of essentially Signed type. | +| test.c:125:7:125:7 | u | Assignment of essentially Unsigned type value to an object of essentially Signed type. | +| test.c:126:7:126:7 | f | Assignment of essentially Floating type value to an object of essentially Signed type. | +| test.c:127:7:127:8 | cf | Assignment of essentially Complex Floating type value to an object of essentially Signed type. | +| test.c:130:7:130:7 | b | Assignment of essentially Boolean type value to an object of essentially Unsigned type. | +| test.c:131:7:131:8 | e1 | Assignment of essentially Enum Type value to an object of essentially Unsigned type. | +| test.c:132:7:132:7 | s | Assignment of essentially Signed type value to an object of essentially Unsigned type. | +| test.c:134:7:134:7 | f | Assignment of essentially Floating type value to an object of essentially Unsigned type. | +| test.c:135:7:135:8 | cf | Assignment of essentially Complex Floating type value to an object of essentially Unsigned type. | +| test.c:138:7:138:7 | b | Assignment of essentially Boolean type value to an object of essentially Floating type. | +| test.c:139:7:139:8 | e1 | Assignment of essentially Enum Type value to an object of essentially Floating type. | +| test.c:140:7:140:7 | s | Assignment of essentially Signed type value to an object of essentially Floating type. | +| test.c:141:7:141:7 | u | Assignment of essentially Unsigned type value to an object of essentially Floating type. | +| test.c:143:7:143:8 | cf | Assignment of essentially Complex Floating type value to an object of essentially Floating type. | +| test.c:146:7:146:7 | b | Assignment of essentially Boolean type value to an object of essentially Complex Floating type. | +| test.c:147:7:147:8 | e1 | Assignment of essentially Enum Type value to an object of essentially Complex Floating type. | +| test.c:148:7:148:7 | s | Assignment of essentially Signed type value to an object of essentially Complex Floating type. | +| test.c:149:7:149:7 | u | Assignment of essentially Unsigned type value to an object of essentially Complex Floating type. | +| test.c:158:7:158:8 | - ... | Assignment of essentially Signed type value to an object of essentially Unsigned type. | +| test.c:159:7:159:16 | 4294967296 | Assignment of essentially Signed type value to an object of essentially Unsigned type. | +| test.c:171:8:171:8 | A | Assignment of essentially Enum Type value to an object of essentially Boolean type. | +| test.c:172:8:172:10 | 100 | Assignment of essentially Signed type value to an object of essentially Boolean type. | +| test.c:173:23:173:25 | 200 | Assignment of essentially Unsigned type value to an object of essentially Boolean type. | +| test.c:178:8:178:11 | 1 | Assignment of essentially Boolean type value to an object of essentially Enum Type. | +| test.c:180:8:180:10 | 100 | Assignment of essentially Signed type value to an object of essentially Enum Type. | +| test.c:181:23:181:25 | 200 | Assignment of essentially Unsigned type value to an object of essentially Enum Type. | +| test.c:186:8:186:11 | 1 | Assignment of essentially Boolean type value to an object of essentially Signed type. | +| test.c:187:8:187:8 | A | Assignment of essentially Enum Type value to an object of essentially Signed type. | +| test.c:189:23:189:25 | 200 | Assignment of essentially Unsigned type value to an object of essentially Signed type. | +| test.c:194:8:194:11 | 1 | Assignment of essentially Boolean type value to an object of essentially Unsigned type. | +| test.c:195:8:195:8 | A | Assignment of essentially Enum Type value to an object of essentially Unsigned type. | +| test.c:216:8:216:8 | b | Assignment of essentially Boolean type value to an object of essentially Enum Type. | +| test.c:217:8:217:8 | b | Assignment of essentially Boolean type value to an object of essentially Signed type. | +| test.c:218:8:218:8 | b | Assignment of essentially Boolean type value to an object of essentially Unsigned type. | +| test.c:219:8:219:8 | b | Assignment of essentially Boolean type value to an object of essentially Floating type. | +| test.c:220:8:220:8 | b | Assignment of essentially Boolean type value to an object of essentially Complex Floating type. | +| test.c:223:8:223:9 | e1 | Assignment of essentially Enum Type value to an object of essentially Boolean type. | +| test.c:225:8:225:9 | e1 | Assignment of essentially Enum Type value to an object of essentially Signed type. | +| test.c:226:8:226:9 | e1 | Assignment of essentially Enum Type value to an object of essentially Unsigned type. | +| test.c:227:8:227:9 | e1 | Assignment of essentially Enum Type value to an object of essentially Floating type. | +| test.c:228:8:228:9 | e1 | Assignment of essentially Enum Type value to an object of essentially Complex Floating type. | +| test.c:231:8:231:8 | s | Assignment of essentially Signed type value to an object of essentially Boolean type. | +| test.c:232:8:232:8 | s | Assignment of essentially Signed type value to an object of essentially Enum Type. | +| test.c:234:8:234:8 | s | Assignment of essentially Signed type value to an object of essentially Unsigned type. | +| test.c:235:8:235:8 | s | Assignment of essentially Signed type value to an object of essentially Floating type. | +| test.c:236:8:236:8 | s | Assignment of essentially Signed type value to an object of essentially Complex Floating type. | +| test.c:239:8:239:8 | u | Assignment of essentially Unsigned type value to an object of essentially Boolean type. | +| test.c:240:8:240:8 | u | Assignment of essentially Unsigned type value to an object of essentially Enum Type. | +| test.c:241:8:241:8 | u | Assignment of essentially Unsigned type value to an object of essentially Signed type. | +| test.c:243:8:243:8 | u | Assignment of essentially Unsigned type value to an object of essentially Floating type. | +| test.c:244:8:244:8 | u | Assignment of essentially Unsigned type value to an object of essentially Complex Floating type. | +| test.c:247:8:247:8 | f | Assignment of essentially Floating type value to an object of essentially Boolean type. | +| test.c:248:8:248:8 | f | Assignment of essentially Floating type value to an object of essentially Enum Type. | +| test.c:249:8:249:8 | f | Assignment of essentially Floating type value to an object of essentially Signed type. | +| test.c:250:8:250:8 | f | Assignment of essentially Floating type value to an object of essentially Unsigned type. | +| test.c:255:8:255:9 | cf | Assignment of essentially Complex Floating type value to an object of essentially Boolean type. | +| test.c:256:8:256:9 | cf | Assignment of essentially Complex Floating type value to an object of essentially Enum Type. | +| test.c:257:8:257:9 | cf | Assignment of essentially Complex Floating type value to an object of essentially Signed type. | +| test.c:258:8:258:9 | cf | Assignment of essentially Complex Floating type value to an object of essentially Unsigned type. | +| test.c:259:8:259:9 | cf | Assignment of essentially Complex Floating type value to an object of essentially Floating type. | +| test.c:275:12:275:13 | e1 | Assignment of essentially Enum Type value to an object of essentially Boolean type. | +| test.c:277:12:277:12 | s | Assignment of essentially Signed type value to an object of essentially Boolean type. | +| test.c:279:12:279:12 | u | Assignment of essentially Unsigned type value to an object of essentially Boolean type. | +| test.c:281:12:281:12 | f | Assignment of essentially Floating type value to an object of essentially Boolean type. | +| test.c:283:12:283:13 | cf | Assignment of essentially Complex Floating type value to an object of essentially Boolean type. | +| test.c:297:12:297:12 | b | Assignment of essentially Boolean type value to an object of essentially Enum Type. | +| test.c:301:12:301:12 | s | Assignment of essentially Signed type value to an object of essentially Enum Type. | +| test.c:303:12:303:12 | u | Assignment of essentially Unsigned type value to an object of essentially Enum Type. | +| test.c:305:12:305:12 | f | Assignment of essentially Floating type value to an object of essentially Enum Type. | +| test.c:307:12:307:13 | cf | Assignment of essentially Complex Floating type value to an object of essentially Enum Type. | +| test.c:321:12:321:12 | b | Assignment of essentially Boolean type value to an object of essentially Signed type. | +| test.c:323:12:323:13 | e1 | Assignment of essentially Enum Type value to an object of essentially Signed type. | +| test.c:327:12:327:12 | u | Assignment of essentially Unsigned type value to an object of essentially Signed type. | +| test.c:329:12:329:12 | f | Assignment of essentially Floating type value to an object of essentially Signed type. | +| test.c:331:12:331:13 | cf | Assignment of essentially Complex Floating type value to an object of essentially Signed type. | +| test.c:345:12:345:12 | b | Assignment of essentially Boolean type value to an object of essentially Unsigned type. | +| test.c:347:12:347:13 | e1 | Assignment of essentially Enum Type value to an object of essentially Unsigned type. | +| test.c:349:12:349:12 | s | Assignment of essentially Signed type value to an object of essentially Unsigned type. | +| test.c:353:12:353:12 | f | Assignment of essentially Floating type value to an object of essentially Unsigned type. | +| test.c:355:12:355:13 | cf | Assignment of essentially Complex Floating type value to an object of essentially Unsigned type. | +| test.c:369:12:369:12 | b | Assignment of essentially Boolean type value to an object of essentially Floating type. | +| test.c:371:12:371:13 | e1 | Assignment of essentially Enum Type value to an object of essentially Floating type. | +| test.c:373:12:373:12 | s | Assignment of essentially Signed type value to an object of essentially Floating type. | +| test.c:375:12:375:12 | u | Assignment of essentially Unsigned type value to an object of essentially Floating type. | +| test.c:379:12:379:13 | cf | Assignment of essentially Complex Floating type value to an object of essentially Floating type. | +| test.c:393:12:393:12 | b | Assignment of essentially Boolean type value to an object of essentially Complex Floating type. | +| test.c:395:12:395:13 | e1 | Assignment of essentially Enum Type value to an object of essentially Complex Floating type. | +| test.c:397:12:397:12 | s | Assignment of essentially Signed type value to an object of essentially Complex Floating type. | +| test.c:399:12:399:12 | u | Assignment of essentially Unsigned type value to an object of essentially Complex Floating type. | +| test.c:427:10:427:11 | e1 | Assignment of essentially Enum Type value to an object of essentially Boolean type. | +| test.c:428:10:428:10 | s | Assignment of essentially Signed type value to an object of essentially Boolean type. | +| test.c:429:10:429:10 | u | Assignment of essentially Unsigned type value to an object of essentially Boolean type. | +| test.c:430:10:430:10 | f | Assignment of essentially Floating type value to an object of essentially Boolean type. | +| test.c:431:10:431:11 | cf | Assignment of essentially Complex Floating type value to an object of essentially Boolean type. | +| test.c:433:11:433:11 | b | Assignment of essentially Boolean type value to an object of essentially Enum Type. | +| test.c:435:11:435:11 | s | Assignment of essentially Signed type value to an object of essentially Enum Type. | +| test.c:436:11:436:11 | u | Assignment of essentially Unsigned type value to an object of essentially Enum Type. | +| test.c:437:11:437:11 | f | Assignment of essentially Floating type value to an object of essentially Enum Type. | +| test.c:438:11:438:12 | cf | Assignment of essentially Complex Floating type value to an object of essentially Enum Type. | +| test.c:440:10:440:10 | b | Assignment of essentially Boolean type value to an object of essentially Signed type. | +| test.c:441:10:441:11 | e1 | Assignment of essentially Enum Type value to an object of essentially Signed type. | +| test.c:443:10:443:10 | u | Assignment of essentially Unsigned type value to an object of essentially Signed type. | +| test.c:444:10:444:10 | f | Assignment of essentially Floating type value to an object of essentially Signed type. | +| test.c:445:10:445:11 | cf | Assignment of essentially Complex Floating type value to an object of essentially Signed type. | +| test.c:447:10:447:10 | b | Assignment of essentially Boolean type value to an object of essentially Unsigned type. | +| test.c:448:10:448:11 | e1 | Assignment of essentially Enum Type value to an object of essentially Unsigned type. | +| test.c:449:10:449:10 | s | Assignment of essentially Signed type value to an object of essentially Unsigned type. | +| test.c:451:10:451:10 | f | Assignment of essentially Floating type value to an object of essentially Unsigned type. | +| test.c:452:10:452:11 | cf | Assignment of essentially Complex Floating type value to an object of essentially Unsigned type. | +| test.c:454:10:454:10 | b | Assignment of essentially Boolean type value to an object of essentially Floating type. | +| test.c:455:10:455:11 | e1 | Assignment of essentially Enum Type value to an object of essentially Floating type. | +| test.c:456:10:456:10 | s | Assignment of essentially Signed type value to an object of essentially Floating type. | +| test.c:457:10:457:10 | u | Assignment of essentially Unsigned type value to an object of essentially Floating type. | +| test.c:459:10:459:11 | cf | Assignment of essentially Complex Floating type value to an object of essentially Floating type. | +| test.c:461:11:461:11 | b | Assignment of essentially Boolean type value to an object of essentially Complex Floating type. | +| test.c:462:11:462:12 | e1 | Assignment of essentially Enum Type value to an object of essentially Complex Floating type. | +| test.c:463:11:463:11 | s | Assignment of essentially Signed type value to an object of essentially Complex Floating type. | +| test.c:464:11:464:11 | u | Assignment of essentially Unsigned type value to an object of essentially Complex Floating type. | +| test.c:473:26:473:28 | f64 | Assignment of essentially Floating type value to an object of essentially Complex Floating type. | diff --git a/c/misra/test/rules/RULE-10-3/test.c b/c/misra/test/rules/RULE-10-3/test.c index 30ab2985ae..c208890490 100644 --- a/c/misra/test/rules/RULE-10-3/test.c +++ b/c/misra/test/rules/RULE-10-3/test.c @@ -1,3 +1,4 @@ +#include #include void testAssignment() { @@ -6,36 +7,49 @@ void testAssignment() { signed int s = 100; // COMPLIANT unsigned int u = 100; // COMPLIANT - by exception 1 float f = 10.0f; // COMPLIANT + float _Complex cf = 10.0f; // COMPLIANT b = false; // COMPLIANT b = e1; // NON_COMPLIANT b = s; // NON_COMPLIANT b = u; // NON_COMPLIANT b = f; // NON_COMPLIANT + b = cf; // NON_COMPLIANT e1 = b; // NON_COMPLIANT e1 = e1; // COMPLIANT e1 = s; // NON_COMPLIANT e1 = u; // NON_COMPLIANT e1 = f; // NON_COMPLIANT + e1 = cf; // NON_COMPLIANT s = b; // NON_COMPLIANT s = e1; // NON_COMPLIANT s = s; // COMPLIANT s = u; // NON_COMPLIANT s = f; // NON_COMPLIANT + s = cf; // NON_COMPLIANT u = b; // NON_COMPLIANT u = e1; // NON_COMPLIANT u = s; // NON_COMPLIANT u = u; // COMPLIANT u = f; // NON_COMPLIANT + u = cf; // NON_COMPLIANT f = b; // NON_COMPLIANT f = e1; // NON_COMPLIANT f = s; // NON_COMPLIANT f = u; // NON_COMPLIANT f = f; // COMPLIANT + f = cf; // NON-COMPLIANT + + cf = b; // NON_COMPLIANT + cf = e1; // NON_COMPLIANT + cf = s; // NON_COMPLIANT + cf = u; // NON_COMPLIANT + cf = f; // COMPLIANT + cf = cf; // COMPLIANT } void testInitializers() { @@ -44,71 +58,97 @@ void testInitializers() { signed int s = 100; // COMPLIANT unsigned int u = 100; // COMPLIANT - by exception 1 float f = 10.0f; // COMPLIANT - - _Bool bb = b; // COMPLIANT - _Bool be = e1; // NON_COMPLIANT - _Bool bs = s; // NON_COMPLIANT - _Bool bu = u; // NON_COMPLIANT - _Bool bf = f; // NON_COMPLIANT - - enum E1 e1b = b; // NON_COMPLIANT - enum E1 e1e = e1; // COMPLIANT - enum E1 e1s = s; // NON_COMPLIANT - enum E1 e1u = u; // NON_COMPLIANT - enum E1 e1f = f; // NON_COMPLIANT - - signed int sb = b; // NON_COMPLIANT - signed int se = e1; // NON_COMPLIANT - signed int ss = s; // COMPLIANT - signed int su = u; // NON_COMPLIANT - signed int sf = f; // NON_COMPLIANT - - unsigned int ub = b; // NON_COMPLIANT - unsigned int ue = e1; // NON_COMPLIANT - unsigned int us = s; // NON_COMPLIANT - unsigned int uu = u; // COMPLIANT - unsigned int uf = f; // NON_COMPLIANT - - float fb = b; // NON_COMPLIANT - float fe = e1; // NON_COMPLIANT - float fs = s; // NON_COMPLIANT - float fu = u; // NON_COMPLIANT - float ff = f; // COMPLIANT - - _Bool ba[5] = { + float _Complex cf = 10.0f; // COMPLIANT + + _Bool bb = b; // COMPLIANT + _Bool be = e1; // NON_COMPLIANT + _Bool bs = s; // NON_COMPLIANT + _Bool bu = u; // NON_COMPLIANT + _Bool bf = f; // NON_COMPLIANT + _Bool bcf = cf; // NON_COMPLIANT + + enum E1 e1b = b; // NON_COMPLIANT + enum E1 e1e = e1; // COMPLIANT + enum E1 e1s = s; // NON_COMPLIANT + enum E1 e1u = u; // NON_COMPLIANT + enum E1 e1f = f; // NON_COMPLIANT + enum E1 e1cf = cf; // NON_COMPLIANT + + signed int sb = b; // NON_COMPLIANT + signed int se = e1; // NON_COMPLIANT + signed int ss = s; // COMPLIANT + signed int su = u; // NON_COMPLIANT + signed int sf = f; // NON_COMPLIANT + signed int scf = cf; // NON_COMPLIANT + + unsigned int ub = b; // NON_COMPLIANT + unsigned int ue = e1; // NON_COMPLIANT + unsigned int us = s; // NON_COMPLIANT + unsigned int uu = u; // COMPLIANT + unsigned int uf = f; // NON_COMPLIANT + unsigned int ucf = cf; // NON_COMPLIANT + + float fb = b; // NON_COMPLIANT + float fe = e1; // NON_COMPLIANT + float fs = s; // NON_COMPLIANT + float fu = u; // NON_COMPLIANT + float ff = f; // COMPLIANT + float fcf = cf; // NON-COMPLIANT + + float _Complex cfb = b; // NON_COMPLIANT + float _Complex cfe = e1; // NON_COMPLIANT + float _Complex cfs = s; // NON_COMPLIANT + float _Complex cfu = u; // NON_COMPLIANT + float _Complex cff = f; // COMPLIANT + float _Complex cfcf = cf; // COMPLIANT + + _Bool ba[6] = { b, // COMPLIANT e1, // NON_COMPLIANT s, // NON_COMPLIANT u, // NON_COMPLIANT - f // NON_COMPLIANT + f, // NON_COMPLIANT + cf // NON_COMPLIANT }; - enum E1 ea[5] = { + enum E1 ea[6] = { b, // NON_COMPLIANT e1, // COMPLIANT s, // NON_COMPLIANT u, // NON_COMPLIANT - f // NON_COMPLIANT + f, // NON_COMPLIANT + cf // NON_COMPLIANT }; - signed int sa[5] = { + signed int sa[6] = { b, // NON_COMPLIANT e1, // NON_COMPLIANT s, // COMPLIANT u, // NON_COMPLIANT - f // NON_COMPLIANT + f, // NON_COMPLIANT + cf // NON_COMPLIANT }; - unsigned int ua[5] = { + unsigned int ua[6] = { b, // NON_COMPLIANT e1, // NON_COMPLIANT s, // NON_COMPLIANT u, // COMPLIANT - f // NON_COMPLIANT + f, // NON_COMPLIANT + cf // NON_COMPLIANT + }; + float fa[6] = { + b, // NON_COMPLIANT + e1, // NON_COMPLIANT + s, // NON_COMPLIANT + u, // NON_COMPLIANT + f, // COMPLIANT + cf // NON_COMPLIANT }; - float fa[5] = { + float _Complex cfa[6] = { b, // NON_COMPLIANT e1, // NON_COMPLIANT s, // NON_COMPLIANT u, // NON_COMPLIANT - f // COMPLIANT + f, // COMPLIANT + cf // COMPLIANT }; } @@ -161,19 +201,22 @@ void testSwitchCase() { enum EG { EGA, EGB, EGC }; -void func(_Bool b, enum EG eg, signed int i, unsigned int u, float f); +void func(_Bool b, enum EG eg, signed int i, unsigned int u, float f, + float _Complex cf); void testFunctionCall() { - _Bool b = true; // COMPLIANT - enum EG e1 = EGA; // COMPLIANT - signed int s = 100; // COMPLIANT - unsigned int u = 100; // COMPLIANT - by exception 1 - float f = 10.0f; // COMPLIANT + _Bool b = true; // COMPLIANT + enum EG e1 = EGA; // COMPLIANT + signed int s = 100; // COMPLIANT + unsigned int u = 100; // COMPLIANT - by exception 1 + float f = 10.0f; // COMPLIANT + float _Complex cf = 10.0f; // COMPLIANT func(b, // COMPLIANT b, // NON_COMPLIANT b, // NON_COMPLIANT b, // NON_COMPLIANT + b, // NON_COMPLIANT b // NON_COMPLIANT ); @@ -181,6 +224,7 @@ void testFunctionCall() { e1, // COMPLIANT e1, // NON_COMPLIANT e1, // NON_COMPLIANT + e1, // NON_COMPLIANT e1 // NON_COMPLIANT ); @@ -188,6 +232,7 @@ void testFunctionCall() { s, // NON_COMPLIANT s, // COMPLIANT s, // NON_COMPLIANT + s, // NON_COMPLIANT s // NON_COMPLIANT ); @@ -195,6 +240,7 @@ void testFunctionCall() { u, // NON_COMPLIANT u, // NON_COMPLIANT u, // COMPLIANT + u, // NON_COMPLIANT u // NON_COMPLIANT ); @@ -202,16 +248,25 @@ void testFunctionCall() { f, // NON_COMPLIANT f, // NON_COMPLIANT f, // NON_COMPLIANT + f, // COMPLIANT f // COMPLIANT ); + + func(cf, // NON_COMPLIANT + cf, // NON_COMPLIANT + cf, // NON_COMPLIANT + cf, // NON_COMPLIANT + cf, // NON_COMPLIANT + cf); } _Bool testBoolFunctionReturn(int x) { - _Bool b = true; // COMPLIANT - enum EG e1 = EGA; // COMPLIANT - signed int s = 100; // COMPLIANT - unsigned int u = 100; // COMPLIANT - by exception 1 - float f = 10.0f; // COMPLIANT + _Bool b = true; // COMPLIANT + enum EG e1 = EGA; // COMPLIANT + signed int s = 100; // COMPLIANT + unsigned int u = 100; // COMPLIANT - by exception 1 + float f = 10.0f; // COMPLIANT + float _Complex cf = 10.0f; // COMPLIANT switch (x) { case 0: @@ -222,17 +277,20 @@ _Bool testBoolFunctionReturn(int x) { return s; // NON_COMPLIANT case 3: return u; // NON_COMPLIANT - default: + case 4: return f; // NON_COMPLIANT + default: + return cf; // NON_COMPLIANT } } enum EG testEnumFunctionReturn(int x) { - _Bool b = true; // COMPLIANT - enum EG e1 = EGA; // COMPLIANT - signed int s = 100; // COMPLIANT - unsigned int u = 100; // COMPLIANT - by exception 1 - float f = 10.0f; // COMPLIANT + _Bool b = true; // COMPLIANT + enum EG e1 = EGA; // COMPLIANT + signed int s = 100; // COMPLIANT + unsigned int u = 100; // COMPLIANT - by exception 1 + float f = 10.0f; // COMPLIANT + float _Complex cf = 10.0f; // COMPLIANT switch (x) { case 0: @@ -243,17 +301,20 @@ enum EG testEnumFunctionReturn(int x) { return s; // NON_COMPLIANT case 3: return u; // NON_COMPLIANT - default: + case 4: return f; // NON_COMPLIANT + default: + return cf; // NON_COMPLIANT } } signed int testSignedIntFunctionReturn(int x) { - _Bool b = true; // COMPLIANT - enum EG e1 = EGA; // COMPLIANT - signed int s = 100; // COMPLIANT - unsigned int u = 100; // COMPLIANT - by exception 1 - float f = 10.0f; // COMPLIANT + _Bool b = true; // COMPLIANT + enum EG e1 = EGA; // COMPLIANT + signed int s = 100; // COMPLIANT + unsigned int u = 100; // COMPLIANT - by exception 1 + float f = 10.0f; // COMPLIANT + float _Complex cf = 10.0f; // COMPLIANT switch (x) { case 0: @@ -264,17 +325,20 @@ signed int testSignedIntFunctionReturn(int x) { return s; // COMPLIANT case 3: return u; // NON_COMPLIANT - default: + case 4: return f; // NON_COMPLIANT + default: + return cf; // NON_COMPLIANT } } unsigned int testUnsignedIntFunctionReturn(int x) { - _Bool b = true; // COMPLIANT - enum EG e1 = EGA; // COMPLIANT - signed int s = 100; // COMPLIANT - unsigned int u = 100; // COMPLIANT - by exception 1 - float f = 10.0f; // COMPLIANT + _Bool b = true; // COMPLIANT + enum EG e1 = EGA; // COMPLIANT + signed int s = 100; // COMPLIANT + unsigned int u = 100; // COMPLIANT - by exception 1 + float f = 10.0f; // COMPLIANT + float _Complex cf = 10.0f; // COMPLIANT switch (x) { case 0: @@ -285,17 +349,20 @@ unsigned int testUnsignedIntFunctionReturn(int x) { return s; // NON_COMPLIANT case 3: return u; // COMPLIANT - default: + case 4: return f; // NON_COMPLIANT + default: + return cf; // NON_COMPLIANT } } float testFloatFunctionReturn(int x) { - _Bool b = true; // COMPLIANT - enum EG e1 = EGA; // COMPLIANT - signed int s = 100; // COMPLIANT - unsigned int u = 100; // COMPLIANT - by exception 1 - float f = 10.0f; // COMPLIANT + _Bool b = true; // COMPLIANT + enum EG e1 = EGA; // COMPLIANT + signed int s = 100; // COMPLIANT + unsigned int u = 100; // COMPLIANT - by exception 1 + float f = 10.0f; // COMPLIANT + float _Complex cf = 10.0f; // COMPLIANT switch (x) { case 0: @@ -306,8 +373,34 @@ float testFloatFunctionReturn(int x) { return s; // NON_COMPLIANT case 3: return u; // NON_COMPLIANT + case 4: + return f; // COMPLIANT default: + return cf; // NON_COMPLIANT + } +} + +float _Complex testComplexFunctionReturn(int x) { + _Bool b = true; // COMPLIANT + enum EG e1 = EGA; // COMPLIANT + signed int s = 100; // COMPLIANT + unsigned int u = 100; // COMPLIANT - by exception 1 + float f = 10.0f; // COMPLIANT + float _Complex cf = 10.0f; // COMPLIANT + + switch (x) { + case 0: + return b; // NON_COMPLIANT + case 1: + return e1; // NON_COMPLIANT + case 2: + return s; // NON_COMPLIANT + case 3: + return u; // NON_COMPLIANT + case 4: return f; // COMPLIANT + default: + return cf; // COMPLIANT } } @@ -317,14 +410,16 @@ struct S1 { signed int s; unsigned int u; float f; + float _Complex cf; }; void testStructAssignment() { - _Bool b = true; // COMPLIANT - enum EG e1 = EGA; // COMPLIANT - signed int s = 100; // COMPLIANT - unsigned int u = 100; // COMPLIANT - by exception 1 - float f = 10.0f; // COMPLIANT + _Bool b = true; // COMPLIANT + enum EG e1 = EGA; // COMPLIANT + signed int s = 100; // COMPLIANT + unsigned int u = 100; // COMPLIANT - by exception 1 + float f = 10.0f; // COMPLIANT + float _Complex cf = 10.0f; // COMPLIANT struct S1 s1; @@ -333,28 +428,54 @@ void testStructAssignment() { s1.b = s; // NON_COMPLIANT s1.b = u; // NON_COMPLIANT s1.b = f; // NON_COMPLIANT + s1.b = cf; // NON_COMPLIANT s1.e1 = b; // NON_COMPLIANT s1.e1 = e1; // COMPLIANT s1.e1 = s; // NON_COMPLIANT s1.e1 = u; // NON_COMPLIANT s1.e1 = f; // NON_COMPLIANT + s1.e1 = cf; // NON_COMPLIANT s1.s = b; // NON_COMPLIANT s1.s = e1; // NON_COMPLIANT s1.s = s; // COMPLIANT s1.s = u; // NON_COMPLIANT s1.s = f; // NON_COMPLIANT + s1.s = cf; // NON_COMPLIANT s1.u = b; // NON_COMPLIANT s1.u = e1; // NON_COMPLIANT s1.u = s; // NON_COMPLIANT s1.u = u; // COMPLIANT s1.u = f; // NON_COMPLIANT + s1.u = cf; // NON_COMPLIANT s1.f = b; // NON_COMPLIANT s1.f = e1; // NON_COMPLIANT s1.f = s; // NON_COMPLIANT s1.f = u; // NON_COMPLIANT s1.f = f; // COMPLIANT + s1.f = cf; // NON_COMPLIANT + + s1.cf = b; // NON_COMPLIANT + s1.cf = e1; // NON_COMPLIANT + s1.cf = s; // NON_COMPLIANT + s1.cf = u; // NON_COMPLIANT + s1.cf = f; // COMPLIANT + s1.cf = cf; // COMPLIANT +} + +void testException4() { + float f32 = 10.0f; // COMPLIANT + double f64 = 10.0f; // COMPLIANT + float _Complex cf32a = f32; // COMPLIANT + float _Complex cf32b = f64; // NON_COMPLIANT + double _Complex cf64a = f32; // COMPLIANT + double _Complex cf64b = f64; // COMPLIANT + + double _Complex f64byparts_a = 10.0i; // COMPLIANT + double _Complex f64byparts_b = 10.0 * I; // COMPLIANT + double _Complex f64byparts_c = 10.0f + 10.0i; // COMPLIANT + double _Complex f64byparts_d = 10.0f + 10.0f * I; // COMPLIANT } \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-4/OperandsWithMismatchedEssentialTypeCategory.expected b/c/misra/test/rules/RULE-10-4/OperandsWithMismatchedEssentialTypeCategory.expected index 333c3ad581..c85f2a447e 100644 --- a/c/misra/test/rules/RULE-10-4/OperandsWithMismatchedEssentialTypeCategory.expected +++ b/c/misra/test/rules/RULE-10-4/OperandsWithMismatchedEssentialTypeCategory.expected @@ -1,10 +1,13 @@ -| test.c:14:3:14:9 | ... + ... | The operands of this operator with usual arithmetic conversions have mismatched essential types (left operand: essentially Unsigned type, right operand: essentially Signed type). | -| test.c:15:3:15:9 | ... + ... | The operands of this operator with usual arithmetic conversions have mismatched essential types (left operand: essentially Signed type, right operand: essentially Unsigned type). | -| test.c:16:3:16:10 | ... += ... | The operands of this operator with usual arithmetic conversions have mismatched essential types (left operand: essentially Signed type, right operand: essentially Unsigned type). | -| test.c:17:3:17:9 | ... + ... | The operands of this operator with usual arithmetic conversions have mismatched essential types (left operand: essentially Floating type, right operand: essentially Signed type). | -| test.c:18:3:18:9 | ... + ... | The operands of this operator with usual arithmetic conversions have mismatched essential types (left operand: essentially Signed type, right operand: essentially Floating type). | -| test.c:19:3:19:10 | ... += ... | The operands of this operator with usual arithmetic conversions have mismatched essential types (left operand: essentially Signed type, right operand: essentially Floating type). | -| test.c:27:3:27:9 | ... - ... | The operands of this operator with usual arithmetic conversions have mismatched essential types (left operand: essentially Signed type, right operand: essentially Character type). | -| test.c:28:3:28:10 | ... -= ... | The operands of this operator with usual arithmetic conversions have mismatched essential types (left operand: essentially Signed type, right operand: essentially Character type). | -| test.c:34:3:34:11 | ... < ... | The operands of this operator with usual arithmetic conversions have mismatched essentially Enum types (left operand: E1, right operand: E2). | -| test.c:35:3:35:7 | ... < ... | The operands of this operator with usual arithmetic conversions have mismatched essentially Enum types (left operand: E1, right operand: E2). | +| test.c:15:3:15:9 | ... + ... | The operands of this operator with usual arithmetic conversions have mismatched essential types (left operand: essentially Unsigned type, right operand: essentially Signed type). | +| test.c:16:3:16:9 | ... + ... | The operands of this operator with usual arithmetic conversions have mismatched essential types (left operand: essentially Signed type, right operand: essentially Unsigned type). | +| test.c:17:3:17:10 | ... += ... | The operands of this operator with usual arithmetic conversions have mismatched essential types (left operand: essentially Signed type, right operand: essentially Unsigned type). | +| test.c:18:3:18:9 | ... + ... | The operands of this operator with usual arithmetic conversions have mismatched essential types (left operand: essentially Floating type, right operand: essentially Signed type). | +| test.c:19:3:19:9 | ... + ... | The operands of this operator with usual arithmetic conversions have mismatched essential types (left operand: essentially Signed type, right operand: essentially Floating type). | +| test.c:20:3:20:10 | ... += ... | The operands of this operator with usual arithmetic conversions have mismatched essential types (left operand: essentially Signed type, right operand: essentially Floating type). | +| test.c:21:3:21:10 | ... + ... | The operands of this operator with usual arithmetic conversions have mismatched essential types (left operand: essentially Complex Floating type, right operand: essentially Signed type). | +| test.c:22:3:22:10 | ... + ... | The operands of this operator with usual arithmetic conversions have mismatched essential types (left operand: essentially Signed type, right operand: essentially Complex Floating type). | +| test.c:23:3:23:11 | ... += ... | The operands of this operator with usual arithmetic conversions have mismatched essential types (left operand: essentially Signed type, right operand: essentially Complex Floating type). | +| test.c:31:3:31:9 | ... - ... | The operands of this operator with usual arithmetic conversions have mismatched essential types (left operand: essentially Signed type, right operand: essentially Character type). | +| test.c:32:3:32:10 | ... -= ... | The operands of this operator with usual arithmetic conversions have mismatched essential types (left operand: essentially Signed type, right operand: essentially Character type). | +| test.c:43:3:43:11 | ... < ... | The operands of this operator with usual arithmetic conversions have mismatched essentially Enum types (left operand: E1, right operand: E2). | +| test.c:44:3:44:7 | ... < ... | The operands of this operator with usual arithmetic conversions have mismatched essentially Enum types (left operand: E1, right operand: E2). | diff --git a/c/misra/test/rules/RULE-10-4/test.c b/c/misra/test/rules/RULE-10-4/test.c index cbcb7191f6..223aacbdad 100644 --- a/c/misra/test/rules/RULE-10-4/test.c +++ b/c/misra/test/rules/RULE-10-4/test.c @@ -3,6 +3,7 @@ void testOps() { signed long long s64 = 100; unsigned int u = 100; float f = 10.0f; + float _Complex cf = 10.0f; char c = 'A'; s32 + s32; // COMPLIANT @@ -17,6 +18,9 @@ void testOps() { f + s32; // NON_COMPLIANT s32 + f; // NON_COMPLIANT s32 += f; // NON_COMPLIANT + cf + s32; // NON_COMPLIANT + s32 + cf; // NON_COMPLIANT + s32 += cf; // NON_COMPLIANT c + s32; // COMPLIANT - by exception c += s32; // COMPLIANT - by exception @@ -27,6 +31,11 @@ void testOps() { s32 - c; // NON_COMPLIANT s32 -= c; // NON_COMPLIANT + cf + f; // COMPLIANT - by exception + f + cf; // COMPLIANT - by exception + cf *f; // COMPLIANT - by exception + f *cf; // COMPLIANT - by exception + enum E1 { A, B, C } e1a; enum E2 { D, E, F } e2a; e1a < e1a; // COMPLIANT diff --git a/c/misra/test/rules/RULE-10-5/InappropriateEssentialTypeCast.expected b/c/misra/test/rules/RULE-10-5/InappropriateEssentialTypeCast.expected index 731ad9f312..2f4c38eb95 100644 --- a/c/misra/test/rules/RULE-10-5/InappropriateEssentialTypeCast.expected +++ b/c/misra/test/rules/RULE-10-5/InappropriateEssentialTypeCast.expected @@ -1,20 +1,25 @@ -| test.c:9:3:9:9 | (char)... | Incompatible cast from essentially Boolean type to essentially Character type. | -| test.c:10:3:10:13 | (E1)... | Incompatible cast from essentially Boolean type to essentially Enum Type. | -| test.c:11:3:11:15 | (signed int)... | Incompatible cast from essentially Boolean type to essentially Signed type. | -| test.c:12:3:12:17 | (unsigned int)... | Incompatible cast from essentially Boolean type to essentially Unsigned type. | -| test.c:13:3:13:10 | (float)... | Incompatible cast from essentially Boolean type to essentially Floating type. | -| test.c:16:3:16:11 | (bool)... | Incompatible cast from essentially Character type to essentially Boolean type. | -| test.c:18:3:18:13 | (E1)... | Incompatible cast from essentially Character type to essentially Enum Type. | -| test.c:21:3:21:10 | (float)... | Incompatible cast from essentially Character type to essentially Floating type. | -| test.c:24:3:24:11 | (bool)... | Incompatible cast from essentially Enum Type to essentially Boolean type. | -| test.c:26:3:26:13 | (E1)... | Incompatible cast from E2 to E1. | -| test.c:33:3:33:11 | (bool)... | Incompatible cast from essentially Signed type to essentially Boolean type. | -| test.c:35:3:35:13 | (E1)... | Incompatible cast from essentially Signed type to essentially Enum Type. | -| test.c:41:3:41:11 | (bool)... | Incompatible cast from essentially Unsigned type to essentially Boolean type. | -| test.c:43:3:43:13 | (E1)... | Incompatible cast from essentially Unsigned type to essentially Enum Type. | -| test.c:49:3:49:11 | (bool)... | Incompatible cast from essentially Floating type to essentially Boolean type. | -| test.c:50:3:50:9 | (char)... | Incompatible cast from essentially Floating type to essentially Character type. | -| test.c:51:3:51:13 | (E1)... | Incompatible cast from essentially Floating type to essentially Enum Type. | -| test.c:68:3:68:10 | (bool)... | Incompatible cast from essentially Signed type to essentially Boolean type. | -| test.c:72:3:72:16 | (MyBool)... | Incompatible cast from essentially Signed type to essentially Boolean type. | -| test.c:76:3:76:12 | (boolean)... | Incompatible cast from essentially Signed type to essentially Boolean type. | +| test.c:10:3:10:9 | (char)... | Incompatible cast from essentially Boolean type to essentially Character type. | +| test.c:11:3:11:13 | (E1)... | Incompatible cast from essentially Boolean type to essentially Enum Type. | +| test.c:12:3:12:15 | (signed int)... | Incompatible cast from essentially Boolean type to essentially Signed type. | +| test.c:13:3:13:17 | (unsigned int)... | Incompatible cast from essentially Boolean type to essentially Unsigned type. | +| test.c:14:3:14:10 | (float)... | Incompatible cast from essentially Boolean type to essentially Floating type. | +| test.c:15:3:15:20 | (_Complex float)... | Incompatible cast from essentially Boolean type to essentially Complex Floating type. | +| test.c:18:3:18:11 | (bool)... | Incompatible cast from essentially Character type to essentially Boolean type. | +| test.c:20:3:20:13 | (E1)... | Incompatible cast from essentially Character type to essentially Enum Type. | +| test.c:23:3:23:10 | (float)... | Incompatible cast from essentially Character type to essentially Floating type. | +| test.c:24:3:24:20 | (_Complex float)... | Incompatible cast from essentially Character type to essentially Complex Floating type. | +| test.c:27:3:27:11 | (bool)... | Incompatible cast from essentially Enum Type to essentially Boolean type. | +| test.c:29:3:29:13 | (E1)... | Incompatible cast from E2 to E1. | +| test.c:37:3:37:11 | (bool)... | Incompatible cast from essentially Signed type to essentially Boolean type. | +| test.c:39:3:39:13 | (E1)... | Incompatible cast from essentially Signed type to essentially Enum Type. | +| test.c:46:3:46:11 | (bool)... | Incompatible cast from essentially Unsigned type to essentially Boolean type. | +| test.c:48:3:48:13 | (E1)... | Incompatible cast from essentially Unsigned type to essentially Enum Type. | +| test.c:55:3:55:11 | (bool)... | Incompatible cast from essentially Floating type to essentially Boolean type. | +| test.c:56:3:56:9 | (char)... | Incompatible cast from essentially Floating type to essentially Character type. | +| test.c:57:3:57:13 | (E1)... | Incompatible cast from essentially Floating type to essentially Enum Type. | +| test.c:64:3:64:12 | (bool)... | Incompatible cast from essentially Complex Floating type to essentially Boolean type. | +| test.c:65:3:65:10 | (char)... | Incompatible cast from essentially Complex Floating type to essentially Character type. | +| test.c:66:3:66:14 | (E1)... | Incompatible cast from essentially Complex Floating type to essentially Enum Type. | +| test.c:84:3:84:10 | (bool)... | Incompatible cast from essentially Signed type to essentially Boolean type. | +| test.c:88:3:88:16 | (MyBool)... | Incompatible cast from essentially Signed type to essentially Boolean type. | +| test.c:92:3:92:12 | (boolean)... | Incompatible cast from essentially Signed type to essentially Boolean type. | diff --git a/c/misra/test/rules/RULE-10-5/test.c b/c/misra/test/rules/RULE-10-5/test.c index dbc5939f0f..d7a6d878f1 100644 --- a/c/misra/test/rules/RULE-10-5/test.c +++ b/c/misra/test/rules/RULE-10-5/test.c @@ -1,3 +1,4 @@ +#include #include void testIncompatibleCasts() { @@ -5,53 +6,68 @@ void testIncompatibleCasts() { _Bool b = true; - (_Bool) b; // COMPLIANT - (char)b; // NON_COMPLIANT - (enum E1) b; // NON_COMPLIANT - (signed int)b; // NON_COMPLIANT - (unsigned int)b; // NON_COMPLIANT - (float)b; // NON_COMPLIANT + (_Bool) b; // COMPLIANT + (char)b; // NON_COMPLIANT + (enum E1) b; // NON_COMPLIANT + (signed int)b; // NON_COMPLIANT + (unsigned int)b; // NON_COMPLIANT + (float)b; // NON_COMPLIANT + (float _Complex) b; // NON_COMPLIANT char c = 100; - (_Bool) c; // NON_COMPLIANT - (char)c; // COMPLIANT - (enum E1) c; // NON_COMPLIANT - (signed int)c; // COMPLIANT - (unsigned int)c; // COMPLIANT - (float)c; // NON_COMPLIANT + (_Bool) c; // NON_COMPLIANT + (char)c; // COMPLIANT + (enum E1) c; // NON_COMPLIANT + (signed int)c; // COMPLIANT + (unsigned int)c; // COMPLIANT + (float)c; // NON_COMPLIANT + (float _Complex) c; // NON_COMPLIANT enum E2 { C, D } e = C; - (_Bool) e; // NON_COMPLIANT - (char)e; // COMPLIANT - (enum E1) e; // NON_COMPLIANT - (enum E2) e; // COMPLIANT - (signed int)e; // COMPLIANT - (unsigned int)e; // COMPLIANT - (float)e; // COMPLIANT + (_Bool) e; // NON_COMPLIANT + (char)e; // COMPLIANT + (enum E1) e; // NON_COMPLIANT + (enum E2) e; // COMPLIANT + (signed int)e; // COMPLIANT + (unsigned int)e; // COMPLIANT + (float)e; // COMPLIANT + (float _Complex) e; // COMPLIANT signed int i = 100; - (_Bool) i; // NON_COMPLIANT - (char)i; // COMPLIANT - (enum E1) i; // NON_COMPLIANT - (signed int)i; // COMPLIANT - (unsigned int)i; // COMPLIANT - (float)i; // COMPLIANT + (_Bool) i; // NON_COMPLIANT + (char)i; // COMPLIANT + (enum E1) i; // NON_COMPLIANT + (signed int)i; // COMPLIANT + (unsigned int)i; // COMPLIANT + (float)i; // COMPLIANT + (float _Complex) i; // COMPLIANT unsigned int u = 100; - (_Bool) u; // NON_COMPLIANT - (char)u; // COMPLIANT - (enum E1) u; // NON_COMPLIANT - (signed int)u; // COMPLIANT - (unsigned int)u; // COMPLIANT - (float)u; // COMPLIANT + (_Bool) u; // NON_COMPLIANT + (char)u; // COMPLIANT + (enum E1) u; // NON_COMPLIANT + (signed int)u; // COMPLIANT + (unsigned int)u; // COMPLIANT + (float)u; // COMPLIANT + (float _Complex) u; // COMPLIANT float f = 100.0; - (_Bool) f; // NON_COMPLIANT - (char)f; // NON_COMPLIANT - (enum E1) f; // NON_COMPLIANT - (signed int)f; // COMPLIANT - (unsigned int)f; // COMPLIANT - (float)f; // COMPLIANT + (_Bool) f; // NON_COMPLIANT + (char)f; // NON_COMPLIANT + (enum E1) f; // NON_COMPLIANT + (signed int)f; // COMPLIANT + (unsigned int)f; // COMPLIANT + (float)f; // COMPLIANT + (float _Complex) f; // COMPLIANT + + float _Complex cf = 100.0; + (_Bool) cf; // NON_COMPLIANT + (char)cf; // NON_COMPLIANT + (enum E1) cf; // NON_COMPLIANT + (signed int)cf; // COMPLIANT + (unsigned int)cf; // COMPLIANT + (float)cf; // COMPLIANT + (float _Complex) cf; // COMPLIANT } void testImplicit() { diff --git a/c/misra/test/rules/RULE-10-7/ImplicitConversionOfCompositeExpression.expected b/c/misra/test/rules/RULE-10-7/ImplicitConversionOfCompositeExpression.expected index 30b5e1efb7..ea8fc433b1 100644 --- a/c/misra/test/rules/RULE-10-7/ImplicitConversionOfCompositeExpression.expected +++ b/c/misra/test/rules/RULE-10-7/ImplicitConversionOfCompositeExpression.expected @@ -1,3 +1,7 @@ | test.c:5:3:5:16 | ... + ... | Implicit conversion of $@ from unsigned short to unsigned int | test.c:5:9:5:16 | ... * ... | composite op | | test.c:6:3:6:18 | ... * ... | Implicit conversion of $@ from unsigned short to unsigned int | test.c:6:9:6:17 | ... + ... | composite op | | test.c:9:3:9:20 | ... += ... | Implicit conversion of $@ from unsigned short to unsigned int | test.c:9:11:9:19 | ... + ... | composite op | +| test.c:24:3:24:19 | ... + ... | Implicit conversion of $@ from float to double | test.c:24:10:24:18 | ... + ... | composite op | +| test.c:25:3:25:21 | ... + ... | Implicit conversion of $@ from _Complex float to double | test.c:25:10:25:20 | ... + ... | composite op | +| test.c:26:3:26:20 | ... + ... | Implicit conversion of $@ from float to _Complex double | test.c:26:11:26:19 | ... + ... | composite op | +| test.c:27:3:27:22 | ... + ... | Implicit conversion of $@ from _Complex float to _Complex double | test.c:27:11:27:21 | ... + ... | composite op | diff --git a/c/misra/test/rules/RULE-10-7/test.c b/c/misra/test/rules/RULE-10-7/test.c index 59d0ed1437..7aaa1847e4 100644 --- a/c/misra/test/rules/RULE-10-7/test.c +++ b/c/misra/test/rules/RULE-10-7/test.c @@ -11,4 +11,18 @@ void testComposite() { signed int s32 = 100; s32 += (u16 + u16); // // ignored - prohibited by Rule 10.4 + + float f32 = 10.0f; + double f64 = 10.0f; + float _Complex cf32 = 10.0f; + double _Complex cf64 = 10.0f; + + f32 + (f32 + f32); // COMPLIANT + cf32 + (cf32 + cf32); // COMPLIANT + f32 + (cf32 + cf32); // COMPLIANT + cf32 + (f32 + f32); // COMPLIANT + f64 + (f32 + f32); // NON_COMPLIANT + f64 + (cf32 + cf32); // NON_COMPLIANT + cf64 + (f32 + f32); // NON_COMPLIANT + cf64 + (cf32 + cf32); // NON_COMPLIANT } \ No newline at end of file diff --git a/c/misra/test/rules/RULE-10-8/InappropriateCastOfCompositeExpression.expected b/c/misra/test/rules/RULE-10-8/InappropriateCastOfCompositeExpression.expected index 85e2471a41..659b41199d 100644 --- a/c/misra/test/rules/RULE-10-8/InappropriateCastOfCompositeExpression.expected +++ b/c/misra/test/rules/RULE-10-8/InappropriateCastOfCompositeExpression.expected @@ -1,4 +1,10 @@ | test.c:4:16:4:20 | ... + ... | Cast from essentially Unsigned type to essentially Signed type changes type category. | | test.c:5:18:5:22 | ... + ... | Cast from essentially Signed type to essentially Unsigned type changes type category. | -| test.c:14:18:14:24 | ... + ... | Cast from essentially Unsigned type to essentially Unsigned type widens type. | -| test.c:20:16:20:22 | ... + ... | Cast from essentially Signed type to essentially Signed type widens type. | +| test.c:11:11:11:15 | ... + ... | Cast from essentially Unsigned type to essentially Floating type changes type category. | +| test.c:12:20:12:24 | ... + ... | Cast from essentially Unsigned type to essentially Complex Floating type changes type category. | +| test.c:13:18:13:22 | ... + ... | Cast from essentially Floating type to essentially Unsigned type changes type category. | +| test.c:14:18:14:24 | ... + ... | Cast from essentially Complex Floating type to essentially Unsigned type changes type category. | +| test.c:25:18:25:24 | ... + ... | Cast from essentially Unsigned type to essentially Unsigned type widens type. | +| test.c:31:16:31:22 | ... + ... | Cast from essentially Signed type to essentially Signed type widens type. | +| test.c:43:12:43:20 | ... + ... | Cast from essentially Floating type to essentially Floating type widens type. | +| test.c:44:12:44:22 | ... + ... | Cast from essentially Complex Floating type to essentially Floating type widens type. | diff --git a/c/misra/test/rules/RULE-10-8/test.c b/c/misra/test/rules/RULE-10-8/test.c index 41efb6b8d8..31294ed550 100644 --- a/c/misra/test/rules/RULE-10-8/test.c +++ b/c/misra/test/rules/RULE-10-8/test.c @@ -5,6 +5,17 @@ void testDifferentEssentialType() { (unsigned int)(s + s); // NON_COMPLIANT (signed int)(s + s); // COMPLIANT (unsigned int)(u + u); // COMPLIANT + + float f = 1.0; + float _Complex cf = 1.0; + (float)(u + u); // NON_COMPLIANT + (float _Complex)(u + u); // NON_COMPLIANT + (unsigned int)(f + f); // NON_COMPLIANT + (unsigned int)(cf + cf); // NON_COMPLIANT + (float)(f + f); // COMPLIANT + (float)(cf + cf); // COMPLIANT + (float _Complex)(f + f); // COMPLIANT + (float _Complex)(cf + cf); // COMPLIANT } void testWiderType() { @@ -19,4 +30,18 @@ void testWiderType() { (signed int)(ss + ss); // NON_COMPLIANT (signed short)(s + s); // COMPLIANT + + float f32 = 1.0; + double f64 = 1.0; + float _Complex cf32 = 1.0; + double _Complex cf64 = 1.0; + + (float)(f32 + f32); // COMPLIANT + (float)(cf32 + cf32); // COMPLIANT + (float _Complex)(f32 + f32); // COMPLIANT + (float _Complex)(cf32 + cf32); // COMPLIANT + (double)(f32 + f32); // NON_COMPLIANT + (double)(cf32 + cf32); // NON_COMPLIANT + (double _Complex)(f64 + f64); // COMPLIANT + (double _Complex)(cf64 + cf64); // COMPLIANT } \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/Emergent.qll b/cpp/common/src/codingstandards/cpp/Emergent.qll index 9036c12bd7..30f1df58e4 100644 --- a/cpp/common/src/codingstandards/cpp/Emergent.qll +++ b/cpp/common/src/codingstandards/cpp/Emergent.qll @@ -6,44 +6,10 @@ import cpp module C11 { abstract class EmergentLanguageFeature extends Element { } - class AlignAsAttribute extends EmergentLanguageFeature, Attribute { - AlignAsAttribute() { getName() = "_Alignas" } - } - - class AtomicVariableSpecifier extends EmergentLanguageFeature, Variable { - AtomicVariableSpecifier() { - getType().(DerivedType).getBaseType*().getASpecifier().getName() = "atomic" - } - } - - class AtomicDeclaration extends EmergentLanguageFeature, Declaration { - AtomicDeclaration() { getASpecifier().getName() = "atomic" } - } - - class ThreadLocalDeclaration extends EmergentLanguageFeature, Declaration { - ThreadLocalDeclaration() { getASpecifier().getName() = "is_thread_local" } - } - - class EmergentHeader extends EmergentLanguageFeature, Include { - EmergentHeader() { - getIncludedFile().getBaseName() = ["stdalign.h", "stdatomic.h", "stdnoreturn.h", "threads.h"] - } - } - class LibExt1Macro extends EmergentLanguageFeature, Macro { LibExt1Macro() { getName() = "__STDC_WANT_LIB_EXT1__" and getBody() = "1" } } - - class GenericMacro extends EmergentLanguageFeature, Macro { - GenericMacro() { getBody().indexOf("_Generic") = 0 } - } - - class NoReturnSpecificer extends EmergentLanguageFeature, Function { - NoReturnSpecificer() { getASpecifier().getName() = "noreturn" } - } - - class AlignOf extends EmergentLanguageFeature, AlignofTypeOperator { } } From 72250d74fb596b8403e0da0d1b315bc783b3c1fd Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 12 Dec 2024 17:26:47 -0800 Subject: [PATCH 2307/2573] Add changelog --- .../2024-12-12-complex-floating-essential-types.md | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 change_notes/2024-12-12-complex-floating-essential-types.md diff --git a/change_notes/2024-12-12-complex-floating-essential-types.md b/change_notes/2024-12-12-complex-floating-essential-types.md new file mode 100644 index 0000000000..5f5b6b519f --- /dev/null +++ b/change_notes/2024-12-12-complex-floating-essential-types.md @@ -0,0 +1,8 @@ + - `EssentialType` - for all queries related to essential types: + - Complex floating types are now considered a different essential type than real floating types. + - `RULE-10-1` `RULE-10-3`, `RULE-10-4`, `RULE-10-5`, `RULE-10-7`, `RULE-10-8` - `OperandsOfAnInappropriateEssentialType.ql`, `AssignmentOfIncompatibleEssentialType.ql`, `OperandsWithMismatchedEssentialTypeCategory.ql`, `InappropriateEssentialTypeCast.ql`, `ImplicitConversionOfCompositeExpression.ql`, `InappropriateCastOfCompositeExpression.ql`: + - Updates to rules handling complex floating types in MISRA-C 2012 Amendment 3 have been implemented. +- `RULE-14-1`, `LoopOverEssentiallyFloatType.ql`: + - Query updated to account for the existence of complex essentially floating point types. No change in query results or performance expected. + - `DIR-4-6` - `PlainNumericalTypeUsedOverExplicitTypedef.ql`: + - Updates from MISRA-C 2012 Amendment 3 specifying complex fixed width typedef support has been implemented. \ No newline at end of file From 6625d1ba9ff6dfaa5d4efe71c96c288b1dd0bb81 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 12 Dec 2024 17:36:09 -0800 Subject: [PATCH 2308/2573] format test case --- c/misra/test/rules/RULE-10-1/test.c | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/c/misra/test/rules/RULE-10-1/test.c b/c/misra/test/rules/RULE-10-1/test.c index f8d1a4fca5..3b96c7151d 100644 --- a/c/misra/test/rules/RULE-10-1/test.c +++ b/c/misra/test/rules/RULE-10-1/test.c @@ -340,11 +340,11 @@ void testInappropriateOperands() { // u >> f; // NON_COMPILABLE // u >> cf; // NON_COMPILABLE - b & u; // NON_COMPLIANT - c & u; // NON_COMPLIANT - e1 & u; // NON_COMPLIANT - s & u; // NON_COMPLIANT - u & u; // COMPLIANT + b &u; // NON_COMPLIANT + c &u; // NON_COMPLIANT + e1 &u; // NON_COMPLIANT + s &u; // NON_COMPLIANT + u &u; // COMPLIANT // f &u; // NON_COMPILABLE // cf &u; // NON_COMPILABLE @@ -364,11 +364,11 @@ void testInappropriateOperands() { // f ^ u; // NON_COMPILABLE // cf ^ u; // NON_COMPILABLE - u & b; // NON_COMPLIANT - u & c; // NON_COMPLIANT - u & e1; // NON_COMPLIANT - u & s; // NON_COMPLIANT - u & u; // COMPLIANT + u &b; // NON_COMPLIANT + u &c; // NON_COMPLIANT + u &e1; // NON_COMPLIANT + u &s; // NON_COMPLIANT + u &u; // COMPLIANT // u &f; // NON_COMPILABLE // u &cf; // NON_COMPILABLE From a7d2c136f6a7734788005190ca359faee5624789 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 13 Dec 2024 11:07:04 -0800 Subject: [PATCH 2309/2573] Attempt fix tests --- .../ListGuidelineRecategorizations.expected | 2 +- .../guideline_recategorizations/invalid/coding-standards.xml | 2 +- .../guideline_recategorizations/invalid/coding-standards.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/cpp/common/test/guideline_recategorizations/ListGuidelineRecategorizations.expected b/cpp/common/test/guideline_recategorizations/ListGuidelineRecategorizations.expected index 0a8aeb9ba1..8e6a397620 100644 --- a/cpp/common/test/guideline_recategorizations/ListGuidelineRecategorizations.expected +++ b/cpp/common/test/guideline_recategorizations/ListGuidelineRecategorizations.expected @@ -5,4 +5,4 @@ | A10-4-1 | advisory | required | | A11-0-1 | advisory | mandatory | | CON50-CPP | rule | required | -| RULE-13-6 | mandatory | required | +| RULE-9-1 | mandatory | required | diff --git a/cpp/common/test/guideline_recategorizations/invalid/coding-standards.xml b/cpp/common/test/guideline_recategorizations/invalid/coding-standards.xml index d89f27050b..dfb7b6f13c 100644 --- a/cpp/common/test/guideline_recategorizations/invalid/coding-standards.xml +++ b/cpp/common/test/guideline_recategorizations/invalid/coding-standards.xml @@ -15,7 +15,7 @@ mandatory - RULE-13-6 + RULE-9-1 required diff --git a/cpp/common/test/guideline_recategorizations/invalid/coding-standards.yml b/cpp/common/test/guideline_recategorizations/invalid/coding-standards.yml index 89e562c05c..cd6abbf120 100644 --- a/cpp/common/test/guideline_recategorizations/invalid/coding-standards.yml +++ b/cpp/common/test/guideline_recategorizations/invalid/coding-standards.yml @@ -5,7 +5,7 @@ guideline-recategorizations: category: "disapplied" - rule-id: "A1-4-3" category: "mandatory" - - rule-id: "RULE-13-6" + - rule-id: "RULE-9-1" category: "required" - rule-id: "CON50-CPP" category: "required" From 9f60b60991ea74450c65b1d0ae6975c4dab2c4aa Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 13 Dec 2024 11:11:30 -0800 Subject: [PATCH 2310/2573] Fix test expectations post format --- .../OperandsOfAnInappropriateEssentialType.expected | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/c/misra/test/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.expected b/c/misra/test/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.expected index aad8dadf99..7a8fd1e07c 100644 --- a/c/misra/test/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.expected +++ b/c/misra/test/rules/RULE-10-1/OperandsOfAnInappropriateEssentialType.expected @@ -119,10 +119,10 @@ | test.c:360:3:360:3 | c | Operand of essentially Charater type interpreted as a numeric value. | | test.c:361:3:361:4 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | | test.c:362:3:362:3 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | -| test.c:367:7:367:7 | b | Operand of essentially Boolean type interpreted as a numeric value. | -| test.c:368:7:368:7 | c | Operand of essentially Charater type interpreted as a numeric value. | -| test.c:369:7:369:8 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | -| test.c:370:7:370:7 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | +| test.c:367:6:367:6 | b | Operand of essentially Boolean type interpreted as a numeric value. | +| test.c:368:6:368:6 | c | Operand of essentially Charater type interpreted as a numeric value. | +| test.c:369:6:369:7 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | +| test.c:370:6:370:6 | s | Bitwise operator applied to operand of essentially Signed type and not essentially unsigned. | | test.c:375:7:375:7 | b | Operand of essentially Boolean type interpreted as a numeric value. | | test.c:376:7:376:7 | c | Operand of essentially Charater type interpreted as a numeric value. | | test.c:377:7:377:8 | e1 | Bitwise operator applied to operand of essentially Enum Type and not essentially unsigned. | From b5e55952c362062eab6efb1f1424682c8d20aa0e Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 13 Dec 2024 11:42:50 -0800 Subject: [PATCH 2311/2573] Fix deviations report tests --- .../reports/test-data/deviations/invalid/coding-standards.yml | 4 ++-- .../guideline_recategorizations_report.md.expected | 4 ++-- .../guideline-recategorizations/invalid/coding-standards.yml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/scripts/reports/test-data/deviations/invalid/coding-standards.yml b/scripts/reports/test-data/deviations/invalid/coding-standards.yml index 7b12c7a8c2..1ce8cc718a 100644 --- a/scripts/reports/test-data/deviations/invalid/coding-standards.yml +++ b/scripts/reports/test-data/deviations/invalid/coding-standards.yml @@ -44,8 +44,8 @@ deviations: permit-id: non-existing-permit - permit-id: DP1 - permit-id: DP2 - - rule-id: RULE-13-6 - query-id: c/misra/sizeof-operand-with-side-effect + - rule-id: RULE-9-1 + query-id: c/misra/object-with-auto-storage-duration-read-before-init deviation-permits: - permit-id: DP1 justification: foo bar baz diff --git a/scripts/reports/test-data/guideline-recategorizations/guideline_recategorizations_report.md.expected b/scripts/reports/test-data/guideline-recategorizations/guideline_recategorizations_report.md.expected index 54fb25ae83..425eba1bc3 100644 --- a/scripts/reports/test-data/guideline-recategorizations/guideline_recategorizations_report.md.expected +++ b/scripts/reports/test-data/guideline-recategorizations/guideline_recategorizations_report.md.expected @@ -13,7 +13,7 @@ | A0-1-1 | required | advisory | | A0-1-1 | required | mandatory | | A0-1-2 | required | disapplied | -| RULE-13-6 | mandatory | required | +| RULE-9-1 | mandatory | required | | CON50-CPP | rule | required | | A0-1-6 | advisory | disapplied | | A10-4-1 | advisory | required | @@ -25,5 +25,5 @@ | invalid/coding-standards.xml:5:7:8:43 | 'Invalid recategorization from 'required' to 'advisory'.' for rule A0-1-1. | | invalid/coding-standards.xml:9:7:12:43 | 'Invalid recategorization from 'required' to 'disapplied'.' for rule A0-1-2. | | invalid/coding-standards.xml:13:7:16:43 | 'Unknown rule id 'A1-4-3'.' for rule A1-4-3. | -| invalid/coding-standards.xml:17:7:20:43 | 'Invalid recategorization from 'mandatory' to 'required'.' for rule RULE-13-6. | +| invalid/coding-standards.xml:17:7:20:43 | 'Invalid recategorization from 'mandatory' to 'required'.' for rule RULE-9-1. | | invalid/coding-standards.xml:21:7:24:43 | 'Invalid recategorization from 'rule' to 'required'.' for rule CON50-CPP. | diff --git a/scripts/reports/test-data/guideline-recategorizations/invalid/coding-standards.yml b/scripts/reports/test-data/guideline-recategorizations/invalid/coding-standards.yml index 89e562c05c..cd6abbf120 100644 --- a/scripts/reports/test-data/guideline-recategorizations/invalid/coding-standards.yml +++ b/scripts/reports/test-data/guideline-recategorizations/invalid/coding-standards.yml @@ -5,7 +5,7 @@ guideline-recategorizations: category: "disapplied" - rule-id: "A1-4-3" category: "mandatory" - - rule-id: "RULE-13-6" + - rule-id: "RULE-9-1" category: "required" - rule-id: "CON50-CPP" category: "required" From fde9973bff0ca359f1df9b175c9b78e4783a4f41 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 13 Dec 2024 13:13:47 -0800 Subject: [PATCH 2312/2573] Add draft 0.1 of document ID detection-infinities-nans --- ...ection_of_genenated_infinities_and_nans.md | 294 ++++++++++++++++++ 1 file changed, 294 insertions(+) create mode 100644 docs/design/detection_of_genenated_infinities_and_nans.md diff --git a/docs/design/detection_of_genenated_infinities_and_nans.md b/docs/design/detection_of_genenated_infinities_and_nans.md new file mode 100644 index 0000000000..62396eea99 --- /dev/null +++ b/docs/design/detection_of_genenated_infinities_and_nans.md @@ -0,0 +1,294 @@ +# Coding Standards: Detection of generated Infinities and NaNs + +- [Coding Standards: Detection of generated Infinities and NaNs](#coding-standards-detection-of-generated-infinities-and-nans) + - [Document management](#document-management) + - [Background](#background) + - [Critical problems](#critical-problems) + - [TL;DR](#tldr) + - [Range / Source Analysis, In Detail](#range-source-analysis-in-detail) + - [Mathematical Operations](#mathematical-operations) + - [Range / Source Proposal #1 (Recommended)](#range-source-proposal-1-recommended) + - [Range / Source Proposal #2 (Not Recommended)](#range-source-proposal-2-not-recommended) + - [Range / Source Proposal #3 (Not Recommended)](#range-source-proposal-3-not-recommended) + - [Range / Source Proposal #4 (Not Recommended)](#range-source-proposal-4-not-recommended) + - [Detection / Sink Analysis, In Detail](#detection-sink-analysis-in-detail) + - [Detection / Sink Proposal #1 (Recommended)](#range-source-proposal-1-recommended) + - [Detection / Sink Proposal #2 (Not Recommended)](#range-source-proposal-2-not-recommended) + - [Case study examples](#case-study-examples) + +## Document management + +**ID**: codeql-coding-standards/design/detection-infinities-nans
+**Status**: Draft + +| Version | Date | Author(s) | Reviewer (s) | +| ------- | ---------- | -------------- | ---------------------------------------------------------------------------------------------- | +| 0.1 | 12/13/2024 | Mike Fairhurst | Robert C. Seacord, J.F. Bastien, Luke Cartey, Vincent Mailhol, Fernando Jose, Rakesh Pothengil | + +## Background + +Directive 4-15 of MISRA-C 2023 states that a program shall not have undetected generation of Infinities and NaNs. It also states that infinities and NaNs may propagate across various FLOPs, but may not propagate into sections of code not designed to handle infinities and NaNs. + +This directive is intentionally open to a large degree of interpretation. This document is intended to help guide the decision making for how to implement this directive in the most useful way. + +## Critical problems + +There are two fundamental problems to decide on before implementing this directive: +- **Range / source analysis**, even a simple expression like `a + b` can be a source of infinity or NaN if there is no estimated value for `a` and/or `b`, which violates developer expectations and produces false positives. +- **Detection / sink analysis**, how we decide which sources need to be reported to users. This can be flow analysis with sinks, or it can be modeled as a resource leak analysis where certain actions (`isnan(x), x < 10`) are handled as freeing the NaN/infinite value. + +## TL;DR + +This document proposes to create a float-specialized copy of standard range analysis which assumes most values are in the range of +/-1e15, which covers most valid program use cases, and allows `a * b` without generating `Infinity`. Then standard flow analysis will be used to detect when these values flow into underflowing operations (`x / infinity` and `x % infinity`, etc.), and when NaNs flow into comparison operations (`>`, `>=`, `<`, `<=`). If the query is noisy, we may ignore NaNs and/or infinities that come from the mostly safe basic operations (`+`, `-`, `*`). + +## Range / Source Analysis, In Detail: + +Default CodeQL range analysis is limited for performance reasons (etc): + +- Range analysis is local, not interprocedural +- Global variables are assumed to be in the range of [-Infinity, Infinity] +- Struct members, array values are assumed to be in the range of [-Infinity, Infinity] +- Guards (e.g. `x != 0 ? y / x : ...`) are not always tracked + +This creates a scenario where even `a + b` can be `Infinity` or `NaN`; if either `a` or `b` is `Inf` then the expression is `Inf`, and if `a` is `+Inf` while `b` is `-Inf` then the result is `NaN`. + +Perhaps the flaw is in assuming `a` or `b` may be an infinite value. However, if the analysis considered `a` and `b` to be between the largest positive and negative finite floating values, then still `a + b` can produce an infinity, and only offers a single step of protection from false positives and negatives. + +There are a few proposals to handle this. + +#### Mathematical Operations + +IEEE 754-1985 specifies floating point semantics for “add, subtract, multiply, divide, square root, remainder, and compare operations,” including invalid use of these operators that produce NaN, propagating NaNs, and overflows that produce +/- Infinity. These semantics shall be used in the analysis. + +The C17 standard states that implementations compiling with IEEE 754-1985 shall define `__STDC_IEC_559__`. Under this proposal we will detect compilations where this macro is not defined and report a warning. + +Beyond the standard binary operators defined by IEEE 754-1985, programs may generate Infinity and/or NaN in the standard library mathematical functions. Note that technically, the c spec is vague in certain ways about when range errors, pole errors, and invalid operation errors in the standard math functions produce infinities or NaNs. We propose to assume IEEE 754-2019 behavior in this regard as a practical matter, though there is no guarantee that is the case. An alternative approach which we do not plan to take would be to broadly assume that all range errors, pole errors, invalid operation errors produce both Infinities and NaNs. This alternative would increase false positives. + +### Range / Source Proposal #1 (Recommended): + +We will create a new float-specific version of range analysis. The actual values stored in floating point variables in real programs are very unlikely to be close to the limits of finite floating point numbers (+/- 3.4e38 for floats, 1.8e308 for doubles). This proposal is that we, for the purposes of this rule, create a new range analysis for floats where otherwise undeterminable values are assumed to be a very large range that is small compared to the range of floating point values, such as +/-1e15. + +Creating a new version of float analysis rather than extending previous analysis is likely to have better performance than extending standard range analysis. When floats and integers interact, the integer from standard range analysis can be used. + +Implications of this approach (assuming values `a` and `b` have no estimated range): +- `a + b` will be finite +- `a * b` will be finite +- `a * b * c` will be possibly infinite +- `a / b` will be possibly infinite, as the range includes small values such as 1e-30, as well as zero +- `acos(a)` will be considered out of domain + +**Additional option**: If this query is still noisy, we may simply exclude reporting NaN’s and Infinities that come from a basic float operation such as `+`, `-`, or `*`. We would most likely still choose to report `/`, as divide-by-zero errors are the most common and most important to catch. + +### Range / Source Proposal #2 (Not Recommended): + +This proposal mirrors Proposal #1 except that otherwise undeterminable values will be treated as the max finite value +/-3.4e38 (floats) or 1.7e308 (doubles). + +The implications are as above except: +- `a + b` will be possibly infinite +- `a * b` will be possibly infinite + +### Range / Source Proposal #3 (Not Recommended): + +Under this proposal, standard CodeQL range analysis is used to detect generation of NaN/Infinity. All uses of a global or otherwise undeterminable value will be considered possibly infinite. + +### Range / Source Proposal #4 (Recommended): + +Under this proposal, standard CodeQL range analysis is extended to provide the support of proposal #1. While this should mostly have the same results, it will likely create performance problems, as it would rerun all range analysis code on every expression in order to have different findings in a subset of them. + +## Detection / Sink Analysis, In Detail: + +The directive states that: + +- Generated Infinities and NaNs may not be unchecked +- Infinities and NaNs may propagate to delay NaN/Infinity checking for performance reasons +- Infinities and NaNs may not reach sections of code not designed to handle them + +This leaves open some questions. For instance, is `printf("%f", a * b)` possibly sending an infinity to code prepared to handle it? + +### Detection / Sink Proposal #1 (recommended): + +This proposal is to identify sinks that should not accept Infinity or NaN, and then rely on standard flow analysis as the backbone of supporting this directive. + +If a valid propagation of a NaN or an Infinity can be distinguished from cases where a program was not prepared to receive a NaN or Infinity, then flow analysis is the only thing that is needed, and a resource-leak approach is not necessary. This proposes that the following cases are detected as sinks, such that if NaN or Infinity flows into them they are reported. + +**Case 1**: _NaNs shall not be compared, except to themselves_ +```c +void f(float x, float y) { + float z = x / y; // Could be 0.0 / 0.0 which produces NaN + + if (x < 10) { ... } // Not allowed + if (x != x) { ... } // OK +} +``` + +**Case 2**: _NaNs and infinities shall not be cast to integers_ +```c +void f(float x, float y) { + int z = x / y; // 0.0 / 0.0 may produce Infinity or NaN +} +``` + +**Case 3**: _Infinite values shall not underflow or otherwise produce finite values_ +```c +float f(void) { + float x = ...; // Could be a positive number / 0.0, which produces Infinity + 1 / x; // If x is Infinity, this underflows to 0.0 + 1 % x; // If x is Infinity, this is defined to produce 1. +} +``` + +**Case 4**: _Functions shall not return NaNs and infinities_ +```c +void f(float* p) { + float local1 = ...; // Could be infinity + + return local1; +} +``` + +**Case 5**: _NaNs and infinities shall only be stored in local stack variables_ +```c +float global; +void f(float* p) { + float local1 = ...; // Could be infinity + + // The following assignments could store an infinity in the heap: + global = local1; + extern_function(local1); + *p = local1; + + // The following cases should be possible to analyze correctly as well + // with modest effort: + float arr[10] = ...; + struct my_struct = ...; + arr[0] = local2; + my_struct.member = local1; +} +``` + +**Case 6 (not planned, compiler specific)**: _Functions can use assume() to declare they are not prepared for Infinity or NaN_ +```c +void f(float x, float[] y, struct foo z) { + assume(!isnan(x)); // May be supportable, not planned + assert(!isnan(y[0])); // Not supportable + assert(!isnan(z.member)); // Not supportable +} +``` + +With these cases specified, we can detect invalid usage of Infinity and NaN with simple flow analysis. + +## Detection / Sink Proposal #2 (not recommended): + +This proposed solution takes inspiration from resource leak detection. In this metaphor, a generated infinity or NaN is treated like a resource that must be disposed. [There is a draft WIP of this approach here.](https://github.com/github/codeql-coding-standards/compare/main...michaelrfairhurst/implement-floatingtype-package) + +The advantage of this solution is that we do not need to define every way in which a NaN or an Infinity could be misused. Rather, we only need to define a few ways that a NaN or Infinity can be checked, and then find possible Infinities and NaNs that are not checked (or propagated to a value that is checked). + +Under this proposal, the following are echecks for infinity and NaN: + +- The macros `isnan(x)`, `isinf(x)`, `isfinite(x)` should be considered checks for infinity. +- Reflexive equality checks (`x == x` or `x != x`) should be considered checks for NaN. +- Any comparison operation (`>`, `>=`, `<`, and `<=`) should be considered a check on both positive and negative and positive infinities for an operand if the other is finite. + - If `a` may only be positive infinity, `a < b` and `a > b` both create a branch of the code where `a` is not positive infinity. + - If `a` may only be negative infinity, the same as above is the case for negative infinity cases. + - If `a` may be both positive or negative infinity, then a single check is not sufficient, however detecting an appropriate pair of checks would be a much more difficult implementation + +Only local leak detection analysis is feasible at this time. Therefore, this proposal suggests that an infinite or NaN value should be flagged if it goes out of scope before it is checked. _(In other leak detection problems, this would typically be considered a free event to avoid false positives, and that is an option here as well)_. + +```c +float g; +void f(void) { + float l = 1 / 0; // Must be checked + g = l; // May send Infinity to code not prepared to handle it + isinf(l); // check occurs too late +} +``` + +Overall, this option is not recommended for the following reasons: + +- Slower performance than Proposal #1 +- Limited benefits over Proposal #1 +- Detecting out-of-scope cases heavily resembles Proposal #1 +- Unused values will be flagged, which is not useful to developers +- Intraprocedural analysis will be difficult to support +- High false positive rate if too few checks are detected, as opposed to the alternative where missing sinks do not create false positives + +In this analysis, a method or function call which can generate an infinity, such as `x / y` is treated somewhat like opening a file descriptor, and calls to `isinf(x)` or `isnan(x)` are treated as closing that file descriptor. _There are some differences between how we would approach this and how an actual resource leak detection would be modeled. For instance, we are not searching for use-after-free or double-free bugs, in this metaphor._ + +Note that resource leak detection is not the same as standard CodeQL flow analysis. For instance, if the below example is analyzed with flow analysis, CodeQL will detect that the result of `fopen` flows into a call to `fclose`. However, this only means it is possible that the program will close the file, it does not mean the file descriptor cannot leak. + +```c +void f(bool p) { + FILE* fd = fopen(...); + if (p) { + fclose(fd); + } +} +``` + +The drafted leak detection algorithm follows [this paper](https://arxiv.org/html/2312.01912v2/#S2.SS2). In this approach, the program flow from the exit of `f()` is walked backwards. The walk stops upon reaching a call to `fclose()`, and if a call to `fopen()` is reached by this iterative process then that resource could leak. + +_Note that this approach still uses flow analysis to determine that fclose(fd) is referring to an initial fopen() call. In the paper, flow analysis is used to find aliases of resources, so that disposing an alias of a resource is handled correctly._ + +This approach is still neither 100% accurate nor precise. It can generate both false positives and false negatives, though it is hopefully accurate and precise enough for our purposes: + +```c +// FALSE POSITIVE: See fprintf call marked (1). Not all successors from (1) + // call fclose(), and not all predecessors of (1) call fclose() either. + // All paths dispose fd, but this algorithm does not see that. + fd = fopen(...); + if (!cond) { + fclose(fd); + } + fprintf(...); // (1) + if (cond) { + fclose(fd); + } + + // FALSE NEGATIVE: The file descriptor opened at (2) flows into the dispose + // call at (3) if the values of x and y are not known. However, the resource + // is only closed when x == y, which is not necessarily the case. + fds[x] = fopen(...); // (2) + fclose(fds[y]); // (3) +``` + +Nevertheless, their approach is sensible and likely good enough. + +Lastly, this approach has the unfortunate downside that unused float values which could be NaN or Infinity will be reported, when they do not have any negative effect on a program (as opposed to the negative effects of leaking unused file descriptors, or unused memory, etc). + +## Case study examples + +The following is an interesting set of examples and code snippets that come from the open source project [pandas](https://github.com/commaai/panda), which aims to be MISRA compliant and is used for self-driving cars. + +These examples are hand picked results from a query that selected expressions with a floating point type along with their upper and lower bounds. + +**Example 1**: +```c +float filtered_pcm_speed = + ((to_push->data[6] << 8) | to_push->data[7]) + * 0.01 / 3.6; +// Disable controls if speeds from ABS and PCM ECUs are too far apart. +bool is_invalid_speed = ABS(filtered_pcm_speed + - ((float)vehicle_speed.values[0] / VEHICLE_SPEED_FACTOR)) + > FORD_MAX_SPEED_DELTA; +``` + +While `filter_pcm_speed` cannot be infinity or NaN, it is interesting to see how this value is sanity checked. If this code were refactored such that it could produce NaN, the greater-than check would return false, resulting in a bug. If the condition were flipped (check inside valid range, rather than outside), it would handle NaN correctly. This cannot be captured via static analysis. + +**Example 2**: +```c + float x0 = xy.x[i]; + float y0 = xy.y[i]; + float dx = xy.x[i+1] - x0; + float dy = xy.y[i+1] - y0; + // dx should not be zero as xy.x is supposed to be monotonic + dx = MAX(dx, 0.0001); + ret = (dy * (x - x0) / dx) + y0; +``` + +This is an [interpolation function](https://github.com/commaai/panda/blob/dec9223f9726e400e4a4eb91ca19fffcd745f97a/board/safety.h#L538), where `xy` is a struct parameter, with array members `x` and `y` that represent points in the domain and range to interpolate across. + +Range analysis is performed with local information only, and therefore, the expression `xy.x[i]` is given the range [-Infinity, Infinity]. This is not a generated infinity. However, the computations of `dx` and `dy` could generate a positive or negative infinity (if both numbers are finite and the result exceeds the maximum float value), they could propagate a positive or negative infinity, and/or they could generate a NaN (if an infinite value is subtracted from itself). + +The call to `MAX()` will not check if `dx` = positive infinity, and is unsafe to use with NaN. It prevents a divide-by-zero error, but `ret` could still propagate or generate a NaN or one of the infinities since we know so little about `dy`, `x0`, and `y0`. + +It’s worth noting that if `dx` is positive Infinity, then `(x - x0) / dx` will produce zero, rather than propagating the infinity. This may be worth flagging. \ No newline at end of file From ad066bb4d4550e15a194f66f1559bc414df84744 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 13 Dec 2024 13:24:35 -0800 Subject: [PATCH 2313/2573] Continued attempts to resolve deviations tests --- .../test/deviations/invalid_deviations/coding-standards.xml | 4 ++-- .../test/deviations/invalid_deviations/coding-standards.yml | 4 ++-- .../InvalidGuidelineRecategorizations.expected | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/cpp/common/test/deviations/invalid_deviations/coding-standards.xml b/cpp/common/test/deviations/invalid_deviations/coding-standards.xml index 179227a13d..36dedead00 100644 --- a/cpp/common/test/deviations/invalid_deviations/coding-standards.xml +++ b/cpp/common/test/deviations/invalid_deviations/coding-standards.xml @@ -83,8 +83,8 @@ DP2 - RULE-13-6 - c/misra/sizeof-operand-with-side-effect + RULE-9-1 + c/misra/object-with-auto-storage-duration-read-before-init diff --git a/cpp/common/test/deviations/invalid_deviations/coding-standards.yml b/cpp/common/test/deviations/invalid_deviations/coding-standards.yml index 7b12c7a8c2..1ce8cc718a 100644 --- a/cpp/common/test/deviations/invalid_deviations/coding-standards.yml +++ b/cpp/common/test/deviations/invalid_deviations/coding-standards.yml @@ -44,8 +44,8 @@ deviations: permit-id: non-existing-permit - permit-id: DP1 - permit-id: DP2 - - rule-id: RULE-13-6 - query-id: c/misra/sizeof-operand-with-side-effect + - rule-id: RULE-9-1 + query-id: c/misra/object-with-auto-storage-duration-read-before-init deviation-permits: - permit-id: DP1 justification: foo bar baz diff --git a/cpp/common/test/guideline_recategorizations/InvalidGuidelineRecategorizations.expected b/cpp/common/test/guideline_recategorizations/InvalidGuidelineRecategorizations.expected index 971c70a9b6..d41c27f23a 100644 --- a/cpp/common/test/guideline_recategorizations/InvalidGuidelineRecategorizations.expected +++ b/cpp/common/test/guideline_recategorizations/InvalidGuidelineRecategorizations.expected @@ -1,5 +1,5 @@ | invalid/coding-standards.xml:5:7:8:43 | guideline-recategorizations-entry | guideline_recategorizations/invalid/coding-standards.xml: 'Invalid recategorization from 'required' to 'advisory'.' for rule A0-1-1. | | invalid/coding-standards.xml:9:7:12:43 | guideline-recategorizations-entry | guideline_recategorizations/invalid/coding-standards.xml: 'Invalid recategorization from 'required' to 'disapplied'.' for rule A0-1-2. | | invalid/coding-standards.xml:13:7:16:43 | guideline-recategorizations-entry | guideline_recategorizations/invalid/coding-standards.xml: 'Unknown rule id 'A1-4-3'.' for rule A1-4-3. | -| invalid/coding-standards.xml:17:7:20:43 | guideline-recategorizations-entry | guideline_recategorizations/invalid/coding-standards.xml: 'Invalid recategorization from 'mandatory' to 'required'.' for rule RULE-13-6. | +| invalid/coding-standards.xml:17:7:20:43 | guideline-recategorizations-entry | guideline_recategorizations/invalid/coding-standards.xml: 'Invalid recategorization from 'mandatory' to 'required'.' for rule RULE-9-1. | | invalid/coding-standards.xml:21:7:24:43 | guideline-recategorizations-entry | guideline_recategorizations/invalid/coding-standards.xml: 'Invalid recategorization from 'rule' to 'required'.' for rule CON50-CPP. | From 3342bb525e410e4c8d2b4232e73a5c3f06b00659 Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Tue, 17 Dec 2024 16:07:55 +0900 Subject: [PATCH 2314/2573] Fixes #824 --- change_notes/2024-12-17-fix-fp-824-a15-4-4 | 2 ++ cpp/autosar/src/rules/A15-4-4/MissingNoExcept.ql | 3 +++ 2 files changed, 5 insertions(+) create mode 100644 change_notes/2024-12-17-fix-fp-824-a15-4-4 diff --git a/change_notes/2024-12-17-fix-fp-824-a15-4-4 b/change_notes/2024-12-17-fix-fp-824-a15-4-4 new file mode 100644 index 0000000000..0908c14ffa --- /dev/null +++ b/change_notes/2024-12-17-fix-fp-824-a15-4-4 @@ -0,0 +1,2 @@ + - `A15-4-4` - `MissingNoExcept.ql`: + - Reduce false positives by not reporting on functions that have a noexcept specification with a complex expression. diff --git a/cpp/autosar/src/rules/A15-4-4/MissingNoExcept.ql b/cpp/autosar/src/rules/A15-4-4/MissingNoExcept.ql index 7701a8a1ea..2721b42af3 100644 --- a/cpp/autosar/src/rules/A15-4-4/MissingNoExcept.ql +++ b/cpp/autosar/src/rules/A15-4-4/MissingNoExcept.ql @@ -28,6 +28,9 @@ where not isNoExceptTrue(f) and // Not explicitly marked noexcept(false) not isNoExceptExplicitlyFalse(f) and + // Not having a noexcept specification that + // could not be computed as true or false above. + not exists(f.getADeclarationEntry().getNoExceptExpr()) and // Not compiler generated not f.isCompilerGenerated() and // The function is defined in this database From 40d7800f77d588e67b394a1604682cb7320e1236 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Tue, 17 Dec 2024 19:23:18 +0100 Subject: [PATCH 2315/2573] Update expected test results --- .../RULE-5-4/MacroIdentifiersNotDistinct.expected | 6 +++--- .../identifierhidden/IdentifierHidden.expected | 13 +------------ 2 files changed, 4 insertions(+), 15 deletions(-) diff --git a/c/misra/test/rules/RULE-5-4/MacroIdentifiersNotDistinct.expected b/c/misra/test/rules/RULE-5-4/MacroIdentifiersNotDistinct.expected index d44164d116..b079b7e94d 100644 --- a/c/misra/test/rules/RULE-5-4/MacroIdentifiersNotDistinct.expected +++ b/c/misra/test/rules/RULE-5-4/MacroIdentifiersNotDistinct.expected @@ -1,4 +1,4 @@ -| header3.h:7:1:7:24 | #define MULTIPLE_INCLUDE | Definition of macro MULTIPLE_INCLUDE is not distinct from alternative definition of $@ in rules/RULE-5-4/header4.h. | header4.h:1:1:1:24 | #define MULTIPLE_INCLUDE | MULTIPLE_INCLUDE | -| header3.h:14:1:14:21 | #define NOT_PROTECTED | Definition of macro NOT_PROTECTED is not distinct from alternative definition of $@ in rules/RULE-5-4/header4.h. | header4.h:12:1:12:23 | #define NOT_PROTECTED 1 | NOT_PROTECTED | +| header3.h:7:1:7:24 | #define MULTIPLE_INCLUDE | Definition of macro MULTIPLE_INCLUDE is not distinct from alternative definition of $@ in header4.h. | header4.h:1:1:1:24 | #define MULTIPLE_INCLUDE | MULTIPLE_INCLUDE | +| header3.h:14:1:14:21 | #define NOT_PROTECTED | Definition of macro NOT_PROTECTED is not distinct from alternative definition of $@ in header4.h. | header4.h:12:1:12:23 | #define NOT_PROTECTED 1 | NOT_PROTECTED | | test.c:2:1:2:72 | #define iltiqzxgfqsgigwfuyntzghvzltueatcxqnqofnnvjyszmcsylyohvqaosjbqyyB | Macro identifer iltiqzxgfqsgigwfuyntzghvzltueatcxqnqofnnvjyszmcsylyohvqaosjbqyyB is nondistinct in first 63 characters, compared to $@. | test.c:1:1:1:72 | #define iltiqzxgfqsgigwfuyntzghvzltueatcxqnqofnnvjyszmcsylyohvqaosjbqyyA | iltiqzxgfqsgigwfuyntzghvzltueatcxqnqofnnvjyszmcsylyohvqaosjbqyyA | -| test.c:8:1:8:31 | #define FUNCTION_MACRO(X) X + 1 | Definition of macro FUNCTION_MACRO is not distinct from alternative definition of $@ in rules/RULE-5-4/test.c. | test.c:7:1:7:57 | #define FUNCTION_MACRO(FUNCTION_MACRO) FUNCTION_MACRO + 1 | FUNCTION_MACRO | +| test.c:8:1:8:31 | #define FUNCTION_MACRO(X) X + 1 | Definition of macro FUNCTION_MACRO is not distinct from alternative definition of $@ in test.c. | test.c:7:1:7:57 | #define FUNCTION_MACRO(FUNCTION_MACRO) FUNCTION_MACRO + 1 | FUNCTION_MACRO | diff --git a/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected b/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected index 47d191d758..fd657590ef 100644 --- a/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected +++ b/cpp/common/test/rules/identifierhidden/IdentifierHidden.expected @@ -4,21 +4,10 @@ | test.cpp:23:13:23:15 | id1 | Variable is hiding variable $@. | test.cpp:1:5:1:7 | id1 | id1 | | test.cpp:26:12:26:14 | id1 | Variable is hiding variable $@. | test.cpp:1:5:1:7 | id1 | id1 | | test.cpp:27:14:27:16 | id1 | Variable is hiding variable $@. | test.cpp:26:12:26:14 | id1 | id1 | -| test.cpp:48:11:48:11 | i | Variable is hiding variable $@. | test.cpp:58:16:58:16 | i | i | -| test.cpp:48:11:48:11 | i | Variable is hiding variable $@. | test.cpp:75:16:75:16 | i | i | -| test.cpp:50:9:50:9 | i | Variable is hiding variable $@. | test.cpp:58:16:58:16 | i | i | -| test.cpp:50:9:50:9 | i | Variable is hiding variable $@. | test.cpp:75:16:75:16 | i | i | -| test.cpp:53:12:53:12 | i | Variable is hiding variable $@. | test.cpp:58:16:58:16 | i | i | -| test.cpp:53:12:53:12 | i | Variable is hiding variable $@. | test.cpp:75:16:75:16 | i | i | -| test.cpp:65:11:65:11 | i | Variable is hiding variable $@. | test.cpp:58:16:58:16 | i | i | | test.cpp:65:11:65:11 | i | Variable is hiding variable $@. | test.cpp:61:7:61:7 | i | i | -| test.cpp:65:11:65:11 | i | Variable is hiding variable $@. | test.cpp:75:16:75:16 | i | i | -| test.cpp:67:9:67:9 | i | Variable is hiding variable $@. | test.cpp:58:16:58:16 | i | i | | test.cpp:67:9:67:9 | i | Variable is hiding variable $@. | test.cpp:61:7:61:7 | i | i | -| test.cpp:67:9:67:9 | i | Variable is hiding variable $@. | test.cpp:75:16:75:16 | i | i | -| test.cpp:70:12:70:12 | i | Variable is hiding variable $@. | test.cpp:58:16:58:16 | i | i | | test.cpp:70:12:70:12 | i | Variable is hiding variable $@. | test.cpp:61:7:61:7 | i | i | -| test.cpp:70:12:70:12 | i | Variable is hiding variable $@. | test.cpp:75:16:75:16 | i | i | +| test.cpp:75:16:75:16 | i | Variable is hiding variable $@. | test.cpp:61:7:61:7 | i | i | | test.cpp:86:9:86:9 | b | Variable is hiding variable $@. | test.cpp:80:11:80:11 | b | b | | test.cpp:94:9:94:17 | globalvar | Variable is hiding variable $@. | test.cpp:91:5:91:13 | globalvar | globalvar | | test.cpp:113:11:113:11 | b | Variable is hiding variable $@. | test.cpp:107:13:107:13 | b | b | From 065dc013edd676c420fa86f9fe6cebb9a7ae9394 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Tue, 17 Dec 2024 20:18:18 +0100 Subject: [PATCH 2316/2573] Update queries after `TemplateParameter` deprecation --- .../rules/RULE-2-4/UnusedTagDeclaration.ql | 2 +- ...wardingReferenceAsItsArgumentOverloaded.ql | 3 +- .../NonTemplateMemberDefinedInTemplate.ql | 28 +++++++++---------- .../NonMemberGenericOperatorCondition.ql | 2 +- ...tionAndInitializationNotOnSeparateLines.ql | 2 +- .../CopyAssignmentOperatorNotDeclared.ql | 4 +-- .../DisappliedQuery.ql | 2 +- 7 files changed, 22 insertions(+), 21 deletions(-) diff --git a/c/misra/src/rules/RULE-2-4/UnusedTagDeclaration.ql b/c/misra/src/rules/RULE-2-4/UnusedTagDeclaration.ql index 08fe2568e9..e277139c1a 100644 --- a/c/misra/src/rules/RULE-2-4/UnusedTagDeclaration.ql +++ b/c/misra/src/rules/RULE-2-4/UnusedTagDeclaration.ql @@ -32,5 +32,5 @@ where // `isInMacroExpansion` is broken for `UserType`s. not s.isInMacroExpansion() and // Exclude template parameters, in case this is run on C++ code. - not s instanceof TemplateParameter + not s instanceof TypeTemplateParameter select s, "struct " + s.getName() + " has an unused tag." diff --git a/cpp/autosar/src/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql b/cpp/autosar/src/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql index 1ae2bc87ab..7b31ae5d9e 100644 --- a/cpp/autosar/src/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql +++ b/cpp/autosar/src/rules/A13-3-1/FunctionThatContainsForwardingReferenceAsItsArgumentOverloaded.ql @@ -18,7 +18,8 @@ import codingstandards.cpp.FunctionEquivalence class Candidate extends TemplateFunction { Candidate() { - this.getAParameter().getType().(RValueReferenceType).getBaseType() instanceof TemplateParameter + this.getAParameter().getType().(RValueReferenceType).getBaseType() instanceof + TypeTemplateParameter } } diff --git a/cpp/autosar/src/rules/A14-5-2/NonTemplateMemberDefinedInTemplate.ql b/cpp/autosar/src/rules/A14-5-2/NonTemplateMemberDefinedInTemplate.ql index 7f9ced9909..95465bbb6a 100644 --- a/cpp/autosar/src/rules/A14-5-2/NonTemplateMemberDefinedInTemplate.ql +++ b/cpp/autosar/src/rules/A14-5-2/NonTemplateMemberDefinedInTemplate.ql @@ -18,7 +18,7 @@ import codingstandards.cpp.autosar import codingstandards.cpp.TypeUses import codingstandards.cpp.Operator -predicate templateDefinitionMentionsTypeParameter(Declaration d, TemplateParameter tp) { +predicate templateDefinitionMentionsTypeParameter(Declaration d, TypeTemplateParameter tp) { exists(Type t | ( // direct reference, e.g., fields. @@ -50,36 +50,36 @@ predicate templateDefinitionMentionsTypeParameter(Declaration d, TemplateParamet } /** - * The set of `TemplateParameter` references within an `Enum`. + * The set of `TypeTemplateParameter` references within an `Enum`. */ -TemplateParameter enumTemplateReferences(Enum e) { +TypeTemplateParameter enumTemplateReferences(Enum e) { templateDefinitionMentionsTypeParameter(e.getADeclaration(), result) or result = e.getExplicitUnderlyingType() } /** - * The set of `TemplateParameter` references within an `Class`. + * The set of `TypeTemplateParameter` references within an `Class`. */ -TemplateParameter classTemplateReferences(Class c) { +TypeTemplateParameter classTemplateReferences(Class c) { templateDefinitionMentionsTypeParameter(c.getAMember(), result) or c.getADerivation().getBaseType() = result } /** - * The set of all of the `TemplateParameter`s referenced by a `EnumConstant`. + * The set of all of the `TypeTemplateParameter`s referenced by a `EnumConstant`. */ -TemplateParameter enumConstantTemplateReferences(EnumConstant ec) { +TypeTemplateParameter enumConstantTemplateReferences(EnumConstant ec) { templateDefinitionMentionsTypeParameter(ec.getDeclaringType(), result) } /** - * The set of all `TemplateParameter`s referenced by a `Function`. + * The set of all `TypeTemplateParameter`s referenced by a `Function`. */ -TemplateParameter functionTemplateReferences(Function mf) { +TypeTemplateParameter functionTemplateReferences(Function mf) { // the type of the function - exists(TemplateParameter tp | + exists(TypeTemplateParameter tp | result = tp and ( mf.getType().refersTo(result) @@ -115,10 +115,10 @@ TemplateParameter functionTemplateReferences(Function mf) { } /** - * The set of all `TemplateParameters` available as arguments to the declaring + * The set of all `TypeTemplateParameters` available as arguments to the declaring * element of some `Declarations`. */ -TemplateParameter templateParametersOfDeclaringTemplateClass(Declaration d) { +TypeTemplateParameter templateParametersOfDeclaringTemplateClass(Declaration d) { result = d.getDeclaringType().getATemplateArgument() } @@ -149,7 +149,7 @@ where not d instanceof UserNegationOperator and // for each declaration within a template class get the // template parameters of the declaring class - not exists(TemplateParameter t | + not exists(TypeTemplateParameter t | t = templateParametersOfDeclaringTemplateClass(d) and // and require that the declaration depends on at least // one of those template parameters. @@ -170,7 +170,7 @@ where ) and // Omit using alias (cf. https://github.com/github/codeql-coding-standards/issues/739) // Exclude Using alias which refer directly to a TypeParameter - not d.(UsingAliasTypedefType).getBaseType() instanceof TemplateParameter + not d.(UsingAliasTypedefType).getBaseType() instanceof TypeTemplateParameter select d, "Member " + d.getName() + " template class does not use any of template arguments of its $@.", d.getDeclaringType(), "declaring type" diff --git a/cpp/autosar/src/rules/A14-5-3/NonMemberGenericOperatorCondition.ql b/cpp/autosar/src/rules/A14-5-3/NonMemberGenericOperatorCondition.ql index a2211368ed..c2d28d3ef9 100644 --- a/cpp/autosar/src/rules/A14-5-3/NonMemberGenericOperatorCondition.ql +++ b/cpp/autosar/src/rules/A14-5-3/NonMemberGenericOperatorCondition.ql @@ -18,7 +18,7 @@ import codingstandards.cpp.autosar class NonMemberGenericOperator extends TemplateFunction { NonMemberGenericOperator() { this instanceof Operator and - exists(TemplateParameter tp, Type pType | + exists(TypeTemplateParameter tp, Type pType | pType = getAParameter().getType().getUnspecifiedType() //Parameter Type | pType = tp or diff --git a/cpp/autosar/src/rules/A7-1-7/IdentifierDeclarationAndInitializationNotOnSeparateLines.ql b/cpp/autosar/src/rules/A7-1-7/IdentifierDeclarationAndInitializationNotOnSeparateLines.ql index 89aca8048e..ac98fe699d 100644 --- a/cpp/autosar/src/rules/A7-1-7/IdentifierDeclarationAndInitializationNotOnSeparateLines.ql +++ b/cpp/autosar/src/rules/A7-1-7/IdentifierDeclarationAndInitializationNotOnSeparateLines.ql @@ -23,7 +23,7 @@ class UniqueLineStmt extends Locatable { exists(Declaration d | this = d.getADeclarationEntry() and not d instanceof Parameter and - not d instanceof TemplateParameter and + not d instanceof TypeTemplateParameter and // TODO - Needs to be enhanced to solve issues with // templated inner classes. not d instanceof Function and diff --git a/cpp/autosar/src/rules/M14-5-3/CopyAssignmentOperatorNotDeclared.ql b/cpp/autosar/src/rules/M14-5-3/CopyAssignmentOperatorNotDeclared.ql index 05e99d6e66..1b41fe81bc 100644 --- a/cpp/autosar/src/rules/M14-5-3/CopyAssignmentOperatorNotDeclared.ql +++ b/cpp/autosar/src/rules/M14-5-3/CopyAssignmentOperatorNotDeclared.ql @@ -34,10 +34,10 @@ class TemplateAssignmentOperatorMember extends MemberFunction { } /** - * is a copy assigment operator candidate if it has only one param and form in [T, T&, const T&, volatile T&, const volatile T&] + * is a copy assignment operator candidate if it has only one param and form in [T, T&, const T&, volatile T&, const volatile T&] */ predicate hasGenericCopyCompatibleParameter() { - exists(TemplateParameter tp, Type pType | + exists(TypeTemplateParameter tp, Type pType | pType = this.getAParameter().getType().getUnspecifiedType() and //Parameter Type ( tp = pType //T diff --git a/cpp/common/test/guideline_recategorizations/DisappliedQuery.ql b/cpp/common/test/guideline_recategorizations/DisappliedQuery.ql index 0254eca9bd..9c6f732aa9 100644 --- a/cpp/common/test/guideline_recategorizations/DisappliedQuery.ql +++ b/cpp/common/test/guideline_recategorizations/DisappliedQuery.ql @@ -17,7 +17,7 @@ from UserType ut, string reason where isExcluded(ut, DeadCodePackage::unusedTypeDeclarationsQuery(), reason) and exists(ut.getFile()) and - not ut instanceof TemplateParameter and + not ut instanceof TypeTemplateParameter and not ut instanceof ProxyClass and not exists(getATypeUse(ut)) and not ut.isFromUninstantiatedTemplate(_) From 23ddafa76ec60d06ef5f339062647f41cfb436ef Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Wed, 18 Dec 2024 11:13:46 +0900 Subject: [PATCH 2317/2573] Fix #540 --- change_notes/2024-12-18-fix-fp-540-a3-9-1.md | 2 ++ .../rules/A3-9-1/VariableWidthIntegerTypesUsed.ql | 4 ++++ cpp/autosar/test/rules/A3-9-1/test.cpp | 13 ++++++++++++- 3 files changed, 18 insertions(+), 1 deletion(-) create mode 100644 change_notes/2024-12-18-fix-fp-540-a3-9-1.md diff --git a/change_notes/2024-12-18-fix-fp-540-a3-9-1.md b/change_notes/2024-12-18-fix-fp-540-a3-9-1.md new file mode 100644 index 0000000000..fbd09ca840 --- /dev/null +++ b/change_notes/2024-12-18-fix-fp-540-a3-9-1.md @@ -0,0 +1,2 @@ + - `A3-9-1` - `VariableWidthIntegerTypesUsed.ql`: + - Reduce false positives by not considering variables from template instantiations. diff --git a/cpp/autosar/src/rules/A3-9-1/VariableWidthIntegerTypesUsed.ql b/cpp/autosar/src/rules/A3-9-1/VariableWidthIntegerTypesUsed.ql index 84a38b0f6a..fa19ad998f 100644 --- a/cpp/autosar/src/rules/A3-9-1/VariableWidthIntegerTypesUsed.ql +++ b/cpp/autosar/src/rules/A3-9-1/VariableWidthIntegerTypesUsed.ql @@ -32,6 +32,10 @@ where typeStrippedOfSpecifiers instanceof SignedCharType ) and not v instanceof ExcludedVariable and + // Dont consider template instantiations because instantiations with + // Fixed Width Types are recorded after stripping their typedef'd type, + // thereby, causing false positives (#540). + not v.isFromTemplateInstantiation(_) and //post-increment/post-decrement operators are required by the standard to have a dummy int parameter not v.(Parameter).getFunction() instanceof PostIncrementOperator and not v.(Parameter).getFunction() instanceof PostDecrementOperator diff --git a/cpp/autosar/test/rules/A3-9-1/test.cpp b/cpp/autosar/test/rules/A3-9-1/test.cpp index 882738eea1..7ffb87ca39 100644 --- a/cpp/autosar/test/rules/A3-9-1/test.cpp +++ b/cpp/autosar/test/rules/A3-9-1/test.cpp @@ -75,4 +75,15 @@ void test_variable_width_type_qualified_variables() { struct test_fix_fp_614 { test_fix_fp_614 operator++(int); // COMPLIANT test_fix_fp_614 operator--(int); // COMPLIANT -}; \ No newline at end of file +}; + +// COMPLIANT - instantiated with Fixed Width Types. +template constexpr void test_fix_fp_540(MyType value) { + value++; +} + +int call_test_fix_fp_540() { + test_fix_fp_540(19); + test_fix_fp_540(20); + return 0; +} From f5394d0b1ef8bad2b32ef07298eebb7803a902b6 Mon Sep 17 00:00:00 2001 From: "rakesh.pothengil" Date: Thu, 19 Dec 2024 11:17:11 +0900 Subject: [PATCH 2318/2573] Check called functions with noexcept(unknown) --- change_notes/2024-12-17-fix-fp-824-a15-4-4 | 2 +- .../src/rules/A15-4-4/MissingNoExcept.ql | 33 +++++++++++++++++++ 2 files changed, 34 insertions(+), 1 deletion(-) diff --git a/change_notes/2024-12-17-fix-fp-824-a15-4-4 b/change_notes/2024-12-17-fix-fp-824-a15-4-4 index 0908c14ffa..89ccf49815 100644 --- a/change_notes/2024-12-17-fix-fp-824-a15-4-4 +++ b/change_notes/2024-12-17-fix-fp-824-a15-4-4 @@ -1,2 +1,2 @@ - `A15-4-4` - `MissingNoExcept.ql`: - - Reduce false positives by not reporting on functions that have a noexcept specification with a complex expression. + - Reduce false positives by not reporting on functions that have a noexcept specification with a complex expression or call other such functions. diff --git a/cpp/autosar/src/rules/A15-4-4/MissingNoExcept.ql b/cpp/autosar/src/rules/A15-4-4/MissingNoExcept.ql index 2721b42af3..33369e00a4 100644 --- a/cpp/autosar/src/rules/A15-4-4/MissingNoExcept.ql +++ b/cpp/autosar/src/rules/A15-4-4/MissingNoExcept.ql @@ -19,6 +19,36 @@ import codingstandards.cpp.autosar import codingstandards.cpp.exceptions.ExceptionSpecifications import codingstandards.cpp.exceptions.ExceptionFlow +// These functions have a noexcept specification that could not be resolved +// to noexcept(true). So either, they are noexcept(false) functions which +// means, they can throw an exception OR they have an expression which +// could not be resolved to "true" or "false". Even in this case, lets +// be more conservative and assume they may thrown an exception. +class FunctionWithUnknownNoExcept extends Function { + FunctionWithUnknownNoExcept() { + // Exists a noexcept specification but not noexcept(true) + exists(this.getADeclarationEntry().getNoExceptExpr()) and + not isNoExceptTrue(this) + } +} + +// This predicate checks if a function can call to other functions +// that may have a noexcept specification which cannot be resolved to +// noexcept(true). +predicate mayCallThrowingFunctions(Function f) { + // Exists a call in this function + exists(Call fc | + fc.getEnclosingFunction() = f and + ( + // Either this call is to a function with an unknown noexcept OR + fc.getTarget() instanceof FunctionWithUnknownNoExcept + or + // That function can further have calls to unknown noexcept functions. + mayCallThrowingFunctions(fc.getTarget()) + ) + ) +} + from Function f where not isExcluded(f, Exceptions1Package::missingNoExceptQuery()) and @@ -31,6 +61,9 @@ where // Not having a noexcept specification that // could not be computed as true or false above. not exists(f.getADeclarationEntry().getNoExceptExpr()) and + // Not calling function(s) which have a noexcept specification that + // could not be computed as true. + not mayCallThrowingFunctions(f) and // Not compiler generated not f.isCompilerGenerated() and // The function is defined in this database From ae63dcbd93178c83693ec7c06b0105be3088c445 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Wed, 18 Dec 2024 18:28:45 -0800 Subject: [PATCH 2319/2573] Implement most MISRA-C amendment4 rule amendments --- amendments.csv | 10 +- .../includes/standard-library/stdatomic.h | 74 +++++++++++++-- .../rules/readofuninitializedmemory/test.c | 2 + ...weenObjectPointerAndDifferentObjectType.ql | 6 +- ...CastRemovesConstOrVolatileQualification.ql | 4 + .../rules/RULE-13-2/UnsequencedAtomicReads.ql | 94 +++++++++++++++++++ ...CharacterSequencesAndUsedWithinAComment.ql | 33 ++++--- ...jectPointerAndDifferentObjectType.expected | 4 + c/misra/test/rules/RULE-11-3/test.c | 6 ++ ...movesConstOrVolatileQualification.expected | 4 + c/misra/test/rules/RULE-11-8/test.c | 7 ++ .../RULE-13-2/UnsequencedAtomicReads.expected | 5 + .../RULE-13-2/UnsequencedAtomicReads.qlref | 1 + .../RULE-13-2/UnsequencedSideEffects.expected | 12 +-- c/misra/test/rules/RULE-13-2/test.c | 13 +++ ...terSequencesAndUsedWithinAComment.expected | 2 + c/misra/test/rules/RULE-3-1/test.c | 15 +++ ...ment-misra-c-amendment4-rule-amendments.md | 10 ++ .../cpp/exclusions/c/SideEffects3.qll | 20 +++- .../ReadOfUninitializedMemory.qll | 2 + .../rules/readofuninitializedmemory/test.cpp | 2 + rule_packages/c/SideEffects3.json | 12 +++ 22 files changed, 307 insertions(+), 31 deletions(-) create mode 100644 c/misra/src/rules/RULE-13-2/UnsequencedAtomicReads.ql create mode 100644 c/misra/test/rules/RULE-13-2/UnsequencedAtomicReads.expected create mode 100644 c/misra/test/rules/RULE-13-2/UnsequencedAtomicReads.qlref create mode 100644 change_notes/2024-12-13-implement-misra-c-amendment4-rule-amendments.md diff --git a/amendments.csv b/amendments.csv index ce285a29ba..bb2ceac27a 100644 --- a/amendments.csv +++ b/amendments.csv @@ -11,21 +11,21 @@ c,MISRA-C-2012,Amendment3,RULE-10-7,Yes,Refine,No,Import c,MISRA-C-2012,Amendment3,RULE-10-8,Yes,Refine,No,Import c,MISRA-C-2012,Amendment3,RULE-21-11,Yes,Clarification,No,Import c,MISRA-C-2012,Amendment3,RULE-21-12,Yes,Replace,No,Easy -c,MISRA-C-2012,Amendment4,RULE-11-3,Yes,Expand,No,Easy -c,MISRA-C-2012,Amendment4,RULE-11-8,Yes,Expand,No,Easy -c,MISRA-C-2012,Amendment4,RULE-13-2,Yes,Expand,No,Very Hard +c,MISRA-C-2012,Amendment4,RULE-11-3,Yes,Expand,Yes,Easy +c,MISRA-C-2012,Amendment4,RULE-11-8,Yes,Expand,Yes,Easy +c,MISRA-C-2012,Amendment4,RULE-13-2,Yes,Expand,Yes,Very Hard c,MISRA-C-2012,Amendment4,RULE-18-6,Yes,Expand,No,Medium c,MISRA-C-2012,Amendment4,RULE-18-8,Yes,Split,Yes,Easy c,MISRA-C-2012,Corrigendum2,RULE-2-2,Yes,Clarification,No,Import c,MISRA-C-2012,Corrigendum2,RULE-2-7,Yes,Clarification,No,Import -c,MISRA-C-2012,Corrigendum2,RULE-3-1,Yes,Refine,No,Easy +c,MISRA-C-2012,Corrigendum2,RULE-3-1,Yes,Refine,Yes,Easy c,MISRA-C-2012,Corrigendum2,RULE-8-6,Yes,Clarification,No,Import c,MISRA-C-2012,Corrigendum2,RULE-8-9,Yes,Clarification,No,Import c,MISRA-C-2012,Corrigendum2,RULE-9-4,Yes,Clarification,No,Import c,MISRA-C-2012,Corrigendum2,RULE-10-1,Yes,Clarification,No,Import c,MISRA-C-2012,Corrigendum2,RULE-18-3,Yes,Clarification,No,Import c,MISRA-C-2012,Corrigendum2,RULE-1-4,Yes,Replace,No,Easy -c,MISRA-C-2012,Corrigendum2,RULE-9-1,Yes,Refine,No,Easy +c,MISRA-C-2012,Corrigendum2,RULE-9-1,Yes,Refine,Yes,Easy c,MISRA-C-2012,Corrigendum2,RULE-9-2,Yes,Refine,No,Import c,MISRA-C-2012,Corrigendum2,DIR-4-10,Yes,Clarification,No,Import c,MISRA-C-2012,Corrigendum2,RULE-7-4,Yes,Refine,No,Easy diff --git a/c/common/test/includes/standard-library/stdatomic.h b/c/common/test/includes/standard-library/stdatomic.h index 66b74ae61a..49a5b3cfcd 100644 --- a/c/common/test/includes/standard-library/stdatomic.h +++ b/c/common/test/includes/standard-library/stdatomic.h @@ -1,9 +1,69 @@ -#define atomic_compare_exchange_weak(a, b, c) 0 -#define atomic_compare_exchange_weak_explicit(a, b, c, d, e) 0 -#define atomic_load(a) 0 -#define atomic_load_explicit(a, b) -#define atomic_store(a, b) 0 -#define atomic_store_explicit(a, b, c) 0 #define ATOMIC_VAR_INIT(value) (value) #define atomic_is_lock_free(obj) __c11_atomic_is_lock_free(sizeof(*(obj))) -typedef _Atomic(int) atomic_int; \ No newline at end of file +typedef _Atomic(int) atomic_int; + +#define __ATOMIC_RELAXED 0 +#define __ATOMIC_CONSUME 1 +#define __ATOMIC_ACQUIRE 2 +#define __ATOMIC_RELEASE 3 +#define __ATOMIC_ACQ_REL 4 +#define __ATOMIC_SEQ_CST 5 + +typedef enum memory_order { + memory_order_relaxed = __ATOMIC_RELAXED, + memory_order_consume = __ATOMIC_CONSUME, + memory_order_acquire = __ATOMIC_ACQUIRE, + memory_order_release = __ATOMIC_RELEASE, + memory_order_acq_rel = __ATOMIC_ACQ_REL, + memory_order_seq_cst = __ATOMIC_SEQ_CST +} memory_order; + +void atomic_thread_fence(memory_order); +void atomic_signal_fence(memory_order); + +#define atomic_thread_fence(order) __c11_atomic_thread_fence(order) +#define atomic_signal_fence(order) __c11_atomic_signal_fence(order) + +#define atomic_store(object, desired) __c11_atomic_store(object, desired, __ATOMIC_SEQ_CST) +#define atomic_store_explicit __c11_atomic_store + +#define atomic_load(object) __c11_atomic_load(object, __ATOMIC_SEQ_CST) +#define atomic_load_explicit __c11_atomic_load + +#define atomic_exchange(object, desired) __c11_atomic_exchange(object, desired, __ATOMIC_SEQ_CST) +#define atomic_exchange_explicit __c11_atomic_exchange + +#define atomic_compare_exchange_strong(object, expected, desired) __c11_atomic_compare_exchange_strong(object, expected, desired, __ATOMIC_SEQ_CST, __ATOMIC_SEQ_CST) +#define atomic_compare_exchange_strong_explicit __c11_atomic_compare_exchange_strong + +#define atomic_compare_exchange_weak(object, expected, desired) __c11_atomic_compare_exchange_weak(object, expected, desired, __ATOMIC_SEQ_CST, __ATOMIC_SEQ_CST) +#define atomic_compare_exchange_weak_explicit __c11_atomic_compare_exchange_weak + +#define atomic_fetch_add(object, operand) __c11_atomic_fetch_add(object, operand, __ATOMIC_SEQ_CST) +#define atomic_fetch_add_explicit __c11_atomic_fetch_add + +#define atomic_fetch_sub(object, operand) __c11_atomic_fetch_sub(object, operand, __ATOMIC_SEQ_CST) +#define atomic_fetch_sub_explicit __c11_atomic_fetch_sub + +#define atomic_fetch_or(object, operand) __c11_atomic_fetch_or(object, operand, __ATOMIC_SEQ_CST) +#define atomic_fetch_or_explicit __c11_atomic_fetch_or + +#define atomic_fetch_xor(object, operand) __c11_atomic_fetch_xor(object, operand, __ATOMIC_SEQ_CST) +#define atomic_fetch_xor_explicit __c11_atomic_fetch_xor + +#define atomic_fetch_and(object, operand) __c11_atomic_fetch_and(object, operand, __ATOMIC_SEQ_CST) +#define atomic_fetch_and_explicit __c11_atomic_fetch_and + +typedef struct atomic_flag { _Atomic(_Bool) _Value; } atomic_flag; + +_Bool atomic_flag_test_and_set(volatile atomic_flag *); +_Bool atomic_flag_test_and_set_explicit(volatile atomic_flag *, memory_order); + +void atomic_flag_clear(volatile atomic_flag *); +void atomic_flag_clear_explicit(volatile atomic_flag *, memory_order); + +#define atomic_flag_test_and_set(object) __c11_atomic_exchange(&(object)->_Value, 1, __ATOMIC_SEQ_CST) +#define atomic_flag_test_and_set_explicit(object, order) __c11_atomic_exchange(&(object)->_Value, 1, order) + +#define atomic_flag_clear(object) __c11_atomic_store(&(object)->_Value, 0, __ATOMIC_SEQ_CST) +#define atomic_flag_clear_explicit(object, order) __c11_atomic_store(&(object)->_Value, 0, order) \ No newline at end of file diff --git a/c/common/test/rules/readofuninitializedmemory/test.c b/c/common/test/rules/readofuninitializedmemory/test.c index ce2c60484e..e76c5a22b3 100644 --- a/c/common/test/rules/readofuninitializedmemory/test.c +++ b/c/common/test/rules/readofuninitializedmemory/test.c @@ -94,4 +94,6 @@ void test_non_default_init() { static struct A ss; use_struct_A( ss); // COMPLIANT - static struct type variables are zero initialized + _Atomic int x; + use_int(x); // COMPLIANT - atomics are special, covered by other rules } \ No newline at end of file diff --git a/c/misra/src/rules/RULE-11-3/CastBetweenObjectPointerAndDifferentObjectType.ql b/c/misra/src/rules/RULE-11-3/CastBetweenObjectPointerAndDifferentObjectType.ql index 8292bd3b6f..c51ecbc81d 100644 --- a/c/misra/src/rules/RULE-11-3/CastBetweenObjectPointerAndDifferentObjectType.ql +++ b/c/misra/src/rules/RULE-11-3/CastBetweenObjectPointerAndDifferentObjectType.ql @@ -23,7 +23,11 @@ where baseTypeFrom = cast.getExpr().getType().(PointerToObjectType).getBaseType() and baseTypeTo = cast.getType().(PointerToObjectType).getBaseType() and // exception: cast to a char, signed char, or unsigned char is permitted - not baseTypeTo.stripType() instanceof CharType and + not ( + baseTypeTo.stripType() instanceof CharType and + // Exception does not apply to _Atomic types + not baseTypeFrom.hasSpecifier("atomic") + ) and ( ( baseTypeFrom.isVolatile() and not baseTypeTo.isVolatile() diff --git a/c/misra/src/rules/RULE-11-8/CastRemovesConstOrVolatileQualification.ql b/c/misra/src/rules/RULE-11-8/CastRemovesConstOrVolatileQualification.ql index 17b12aaf99..c0f447d5b5 100644 --- a/c/misra/src/rules/RULE-11-8/CastRemovesConstOrVolatileQualification.ql +++ b/c/misra/src/rules/RULE-11-8/CastRemovesConstOrVolatileQualification.ql @@ -24,5 +24,9 @@ where baseTypeFrom.isVolatile() and not baseTypeTo.isVolatile() and qualificationName = "volatile" or baseTypeFrom.isConst() and not baseTypeTo.isConst() and qualificationName = "const" + or + baseTypeFrom.hasSpecifier("atomic") and + not baseTypeTo.hasSpecifier("atomic") and + qualificationName = "atomic" ) select cast, "Cast of pointer removes " + qualificationName + " qualification from its base type." diff --git a/c/misra/src/rules/RULE-13-2/UnsequencedAtomicReads.ql b/c/misra/src/rules/RULE-13-2/UnsequencedAtomicReads.ql new file mode 100644 index 0000000000..d7638229d6 --- /dev/null +++ b/c/misra/src/rules/RULE-13-2/UnsequencedAtomicReads.ql @@ -0,0 +1,94 @@ +/** + * @id c/misra/unsequenced-atomic-reads + * @name RULE-13-2: The value of an atomic variable depend on its evaluation order and interleave of threads + * @description The value of an atomic variable shall not depend on evaluation order and + * interleaving of threads. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-13-2 + * correctness + * external/misra/c/2012/amendment3 + * external/misra/obligation/required + */ + +import cpp +import semmle.code.cpp.dataflow.TaintTracking +import codingstandards.c.misra +import codingstandards.c.Ordering +import codingstandards.c.orderofevaluation.VariableAccessOrdering + +class AtomicAccessInFullExpressionOrdering extends Ordering::Configuration { + AtomicAccessInFullExpressionOrdering() { this = "AtomicAccessInFullExpressionOrdering" } + + override predicate isCandidate(Expr e1, Expr e2) { + exists(AtomicVariableAccess a, AtomicVariableAccess b, FullExpr e | a = e1 and b = e2 | + a.getTarget() = b.getTarget() and + a.(ConstituentExpr).getFullExpr() = e and + b.(ConstituentExpr).getFullExpr() = e and + not a = b + ) + } +} + +/** + * A read of a variable specified as `_Atomic`. + * + * Note, it may be accessed directly, or by passing its address into the std atomic functions. + */ +class AtomicVariableAccess extends VariableAccess { + pragma[noinline] + AtomicVariableAccess() { + getTarget().getType().hasSpecifier("atomic") + } + + /* Get the `atomic_()` call this VarAccess occurs in. */ + FunctionCall getAtomicFunctionCall() { + exists(AddressOfExpr addrParent, FunctionCall fc | + fc.getTarget().getName().matches("__c11_atomic%") and + addrParent = fc.getArgument(0) and + addrParent.getAnOperand() = this + and result = fc + ) + } + + /** + * Gets an assigned expr, either in the form `x = ` or `atomic_store(&x, )`. + */ + Expr getAnAssignedExpr() { + result = getAtomicFunctionCall().getArgument(1) + or + exists(AssignExpr assign | + assign.getLValue() = this + and result = assign.getRValue() + ) + } + + /** + * Gets the expression holding this variable access, either in the form `x` or `atomic_read(&x)`. + */ + Expr getARead() { + result = getAtomicFunctionCall() + or + result = this + } +} + +from + AtomicAccessInFullExpressionOrdering config, FullExpr e, Variable v, + AtomicVariableAccess va1, AtomicVariableAccess va2 +where + not isExcluded(e, SideEffects3Package::unsequencedAtomicReadsQuery()) and + e = va1.(ConstituentExpr).getFullExpr() and + config.isUnsequenced(va1, va2) and + v = va1.getTarget() and + v = va2.getTarget() and + // Exclude cases where the variable is assigned a value tainted by the other variable access. + not exists(Expr write | + write = va1.getAnAssignedExpr() and + TaintTracking::localTaint(DataFlow::exprNode(va2.getARead()), DataFlow::exprNode(write)) + ) and + // Impose an ordering, show the first access. + va1.getLocation().isBefore(va2.getLocation(), _) +select e, "Atomic variable $@ has a $@ that is unsequenced with $@.", + v, v.getName(), va1, "previous read", va2, "another read" diff --git a/c/misra/src/rules/RULE-3-1/CharacterSequencesAndUsedWithinAComment.ql b/c/misra/src/rules/RULE-3-1/CharacterSequencesAndUsedWithinAComment.ql index 6eb605dbd9..58d449a59b 100644 --- a/c/misra/src/rules/RULE-3-1/CharacterSequencesAndUsedWithinAComment.ql +++ b/c/misra/src/rules/RULE-3-1/CharacterSequencesAndUsedWithinAComment.ql @@ -16,27 +16,38 @@ import cpp import codingstandards.c.misra -class IllegalCCommentCharacter extends string { - IllegalCCommentCharacter() { - this = "/*" or - this = "//" - } +/* Character sequence is banned from all comment types */ +class IllegalCommentSequence extends string { + IllegalCommentSequence() { this = "/*" } } -class IllegalCPPCommentCharacter extends string { - IllegalCPPCommentCharacter() { this = "/*" } +/* A regexp to check for illegal C-style comments */ +class IllegalCCommentRegexp extends string { + IllegalCCommentRegexp() { + // Regexp to match "//" in C-style comments, which do not appear to be URLs. General format + // uses negative lookahead/lookbehind to match like `.*(? 0 + exists(IllegalCommentSequence c | illegalSequence = c | + comment.getContents().indexOf(illegalSequence) > 0 ) or - exists(IllegalCPPCommentCharacter c | illegalSequence = c | - comment.(CppStyleComment).getContents().indexOf(illegalSequence) > 0 + exists(IllegalCCommentRegexp c | illegalSequence = c.getDescription() | + comment.(CStyleComment).getContents().regexpMatch(c) ) ) select comment, "Comment contains an illegal sequence '" + illegalSequence + "'" diff --git a/c/misra/test/rules/RULE-11-3/CastBetweenObjectPointerAndDifferentObjectType.expected b/c/misra/test/rules/RULE-11-3/CastBetweenObjectPointerAndDifferentObjectType.expected index 94cf6ee635..24e6c4d5af 100644 --- a/c/misra/test/rules/RULE-11-3/CastBetweenObjectPointerAndDifferentObjectType.expected +++ b/c/misra/test/rules/RULE-11-3/CastBetweenObjectPointerAndDifferentObjectType.expected @@ -6,3 +6,7 @@ | test.c:21:3:21:16 | (int *)... | Cast performed between a pointer to object type (char) and a pointer to a different object type (int). | | test.c:22:20:22:21 | (int *)... | Cast performed between a pointer to object type (char) and a pointer to a different object type (int). | | test.c:23:3:23:18 | (long long *)... | Cast performed between a pointer to object type (int) and a pointer to a different object type (long long). | +| test.c:26:3:26:13 | (char *)... | Cast performed between a pointer to object type (_Atomic(int)) and a pointer to a different object type (char). | +| test.c:27:8:27:10 | (char *)... | Cast performed between a pointer to object type (_Atomic(int)) and a pointer to a different object type (char). | +| test.c:28:3:28:21 | (_Atomic(char) *)... | Cast performed between a pointer to object type (_Atomic(int)) and a pointer to a different object type (_Atomic(char)). | +| test.c:29:23:29:25 | (_Atomic(char) *)... | Cast performed between a pointer to object type (_Atomic(int)) and a pointer to a different object type (_Atomic(char)). | diff --git a/c/misra/test/rules/RULE-11-3/test.c b/c/misra/test/rules/RULE-11-3/test.c index 4730aeac03..0d91740438 100644 --- a/c/misra/test/rules/RULE-11-3/test.c +++ b/c/misra/test/rules/RULE-11-3/test.c @@ -21,4 +21,10 @@ void f1(void) { (int *const)v2; // NON_COMPLIANT int *const v10 = v2; // NON_COMPLIANT (long long *)v10; // NON_COMPLIANT + + _Atomic int *v11 = 0; + (char *)v11; // NON_COMPLIANT + v2 = v11; // NON_COMPLIANT + (_Atomic char *)v11; // NON_COMPLIANT + _Atomic char *v12 = v11; // NON_COMPLIANT } \ No newline at end of file diff --git a/c/misra/test/rules/RULE-11-8/CastRemovesConstOrVolatileQualification.expected b/c/misra/test/rules/RULE-11-8/CastRemovesConstOrVolatileQualification.expected index 48658e2176..aa7752d28a 100644 --- a/c/misra/test/rules/RULE-11-8/CastRemovesConstOrVolatileQualification.expected +++ b/c/misra/test/rules/RULE-11-8/CastRemovesConstOrVolatileQualification.expected @@ -1,2 +1,6 @@ | test.c:4:19:4:33 | (const char *)... | Cast of pointer removes volatile qualification from its base type. | | test.c:6:13:6:21 | (char *)... | Cast of pointer removes const qualification from its base type. | +| test.c:9:3:9:11 | (char *)... | Cast of pointer removes atomic qualification from its base type. | +| test.c:10:7:10:7 | (char *)... | Cast of pointer removes atomic qualification from its base type. | +| test.c:11:3:11:17 | (const char *)... | Cast of pointer removes atomic qualification from its base type. | +| test.c:12:7:12:7 | (const char *)... | Cast of pointer removes atomic qualification from its base type. | diff --git a/c/misra/test/rules/RULE-11-8/test.c b/c/misra/test/rules/RULE-11-8/test.c index 75c7fc189a..e0e3b3a2fb 100644 --- a/c/misra/test/rules/RULE-11-8/test.c +++ b/c/misra/test/rules/RULE-11-8/test.c @@ -5,5 +5,12 @@ int f1(void) { const char *c2 = (const char *)c; // COMPLIANT char *d = (char *)c; // NON_COMPLIANT const char *e = (const char *)d; // COMPLIANT + _Atomic char *f = 0; + (char *)f; // NON_COMPLIANT + d = f; // NON_COMPLIANT + (const char *)f; // NON_COMPLIANT + e = f; // NON_COMPLIANT + (const _Atomic char *)f; // COMPLIANT + (const _Atomic char *)f; // COMPLIANT return 0; } \ No newline at end of file diff --git a/c/misra/test/rules/RULE-13-2/UnsequencedAtomicReads.expected b/c/misra/test/rules/RULE-13-2/UnsequencedAtomicReads.expected new file mode 100644 index 0000000000..e84aef7128 --- /dev/null +++ b/c/misra/test/rules/RULE-13-2/UnsequencedAtomicReads.expected @@ -0,0 +1,5 @@ +WARNING: module 'DataFlow' has been deprecated and may be removed in future (UnsequencedAtomicReads.ql:89,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (UnsequencedAtomicReads.ql:89,67-75) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (UnsequencedAtomicReads.ql:89,5-18) +| test.c:44:12:44:18 | ... + ... | Atomic variable $@ has a $@ that is unsequenced with $@. | test.c:42:15:42:16 | a1 | a1 | test.c:44:12:44:13 | a1 | previous read | test.c:44:17:44:18 | a1 | another read | +| test.c:46:3:46:37 | ... + ... | Atomic variable $@ has a $@ that is unsequenced with $@. | test.c:42:15:42:16 | a1 | a1 | test.c:46:16:46:17 | a1 | previous read | test.c:46:35:46:36 | a1 | another read | diff --git a/c/misra/test/rules/RULE-13-2/UnsequencedAtomicReads.qlref b/c/misra/test/rules/RULE-13-2/UnsequencedAtomicReads.qlref new file mode 100644 index 0000000000..46242df1b0 --- /dev/null +++ b/c/misra/test/rules/RULE-13-2/UnsequencedAtomicReads.qlref @@ -0,0 +1 @@ +rules/RULE-13-2/UnsequencedAtomicReads.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.expected b/c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.expected index 75bd8169ba..b6c704322c 100644 --- a/c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.expected +++ b/c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.expected @@ -1,6 +1,6 @@ -| test.c:6:12:6:18 | ... + ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:6:12:6:13 | l1 | side effect | test.c:6:12:6:13 | l1 | l1 | test.c:6:17:6:18 | l1 | side effect | test.c:6:17:6:18 | l1 | l1 | -| test.c:7:12:7:18 | ... + ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:7:12:7:13 | l1 | side effect | test.c:7:12:7:13 | l1 | l1 | test.c:7:17:7:18 | l2 | side effect | test.c:7:17:7:18 | l2 | l2 | -| test.c:17:3:17:21 | ... = ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:17:8:17:9 | l1 | side effect | test.c:17:8:17:9 | l1 | l1 | test.c:17:13:17:14 | l1 | side effect | test.c:17:13:17:14 | l1 | l1 | -| test.c:19:3:19:5 | call to foo | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:19:7:19:8 | l1 | side effect | test.c:19:7:19:8 | l1 | l1 | test.c:19:11:19:12 | l2 | side effect | test.c:19:11:19:12 | l2 | l2 | -| test.c:25:3:25:5 | call to foo | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:25:7:25:10 | ... ++ | side effect | test.c:25:7:25:8 | l8 | l8 | test.c:25:13:25:14 | l8 | read | test.c:25:13:25:14 | l8 | l8 | -| test.c:35:5:35:13 | ... = ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:35:10:35:12 | ... ++ | side effect | test.c:35:10:35:10 | i | i | test.c:35:10:35:12 | ... ++ | side effect | test.c:35:10:35:10 | i | i | \ No newline at end of file +| test.c:8:12:8:18 | ... + ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:8:12:8:13 | l1 | side effect | test.c:8:12:8:13 | l1 | l1 | test.c:8:17:8:18 | l1 | side effect | test.c:8:17:8:18 | l1 | l1 | +| test.c:9:12:9:18 | ... + ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:9:12:9:13 | l1 | side effect | test.c:9:12:9:13 | l1 | l1 | test.c:9:17:9:18 | l2 | side effect | test.c:9:17:9:18 | l2 | l2 | +| test.c:19:3:19:21 | ... = ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:19:8:19:9 | l1 | side effect | test.c:19:8:19:9 | l1 | l1 | test.c:19:13:19:14 | l1 | side effect | test.c:19:13:19:14 | l1 | l1 | +| test.c:21:3:21:5 | call to foo | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:21:7:21:8 | l1 | side effect | test.c:21:7:21:8 | l1 | l1 | test.c:21:11:21:12 | l2 | side effect | test.c:21:11:21:12 | l2 | l2 | +| test.c:27:3:27:5 | call to foo | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:27:7:27:10 | ... ++ | side effect | test.c:27:7:27:8 | l8 | l8 | test.c:27:13:27:14 | l8 | read | test.c:27:13:27:14 | l8 | l8 | +| test.c:37:5:37:13 | ... = ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:37:10:37:12 | ... ++ | side effect | test.c:37:10:37:10 | i | i | test.c:37:10:37:12 | ... ++ | side effect | test.c:37:10:37:10 | i | i | diff --git a/c/misra/test/rules/RULE-13-2/test.c b/c/misra/test/rules/RULE-13-2/test.c index 1bebec3775..6821a37296 100644 --- a/c/misra/test/rules/RULE-13-2/test.c +++ b/c/misra/test/rules/RULE-13-2/test.c @@ -1,3 +1,5 @@ +#include + void foo(int, int); void unsequenced_sideeffects1() { @@ -34,4 +36,15 @@ void unsequenced_sideeffects2() { for (i = 0; i < 10; i++) { test(i++); // NON_COMPLIANT } +} + +void atomics() { + _Atomic int a1, a2; + int l3 = a1 + a2; // COMPLIANT + int l4 = a1 + a1; // NON_COMPLIANT + a1 = a1 + 1; // COMPLIANT + atomic_load(&a1) + atomic_load(&a1); // NON_COMPLIANT + atomic_load(&a1) + atomic_load(&a2); // COMPLIANT + atomic_store(&a1, atomic_load(&a1)); // COMPLIANT + atomic_store(&a1, a1); // COMPLIANT } \ No newline at end of file diff --git a/c/misra/test/rules/RULE-3-1/CharacterSequencesAndUsedWithinAComment.expected b/c/misra/test/rules/RULE-3-1/CharacterSequencesAndUsedWithinAComment.expected index 5e876cecc3..5008fb100d 100644 --- a/c/misra/test/rules/RULE-3-1/CharacterSequencesAndUsedWithinAComment.expected +++ b/c/misra/test/rules/RULE-3-1/CharacterSequencesAndUsedWithinAComment.expected @@ -1,3 +1,5 @@ | test.c:9:1:9:8 | /* /* */ | Comment contains an illegal sequence '/*' | | test.c:12:1:12:8 | /* // */ | Comment contains an illegal sequence '//' | | test.c:21:1:21:7 | // /* | Comment contains an illegal sequence '/*' | +| test.c:30:1:30:27 | /* https://github.com // */ | Comment contains an illegal sequence '//' | +| test.c:33:1:33:60 | /* a://b, a://b., ://a.b, a://b., a://.b, ://, a://, ://b */ | Comment contains an illegal sequence '//' | diff --git a/c/misra/test/rules/RULE-3-1/test.c b/c/misra/test/rules/RULE-3-1/test.c index c1a135f972..ad61fd0f91 100644 --- a/c/misra/test/rules/RULE-3-1/test.c +++ b/c/misra/test/rules/RULE-3-1/test.c @@ -20,4 +20,19 @@ // NON_COMPLIANT // /* +// COMPLIANT +/* https://github.com */ + +// COMPLIANT +/* https://name-with-hyphen-and-num-12345.com */ + +// NON_COMPLIANT +/* https://github.com // */ + +// NON_COMPLIANT +/* a://b, a://b., ://a.b, a://b., a://.b, ://, a://, ://b */ + +// COMPLIANT +// https://github.com + void f(){} \ No newline at end of file diff --git a/change_notes/2024-12-13-implement-misra-c-amendment4-rule-amendments.md b/change_notes/2024-12-13-implement-misra-c-amendment4-rule-amendments.md new file mode 100644 index 0000000000..a8fbd282d8 --- /dev/null +++ b/change_notes/2024-12-13-implement-misra-c-amendment4-rule-amendments.md @@ -0,0 +1,10 @@ + - `RULE-11-3` - `CastBetweenObjectPointerAndDifferentObjectType.ql` + - Constrain exception that pointer types to may be cast to char types, so that it does not apply to atomic pointer types, in compliance with MISRA-C 2012 Amendment 4. + - `RULE-11-8` - `CastRemovesConstOrVolatileQualification.ql` + - Query expanded to detect cases of removing `_Atomic` qualification, in compliance with MISRA-C 2012 Amendment 4. + - `EXP33-C`, `RULE-9-1`, `A8-5-0`, `EXP53-CPP` - `DoNotReadUninitializedMemory.ql`, `ObjectWithAutoStorageDurationReadBeforeInit.ql`, `MemoryNotInitializedBeforeItIsRead.ql`, `DoNotReadUninitializedMemory.ql` + - Atomic local variables excluded from query results, in compliance with MISRA-C 2012 Amendment 4, and to reduce false positives in the other standards. + - `RULE-13-2` - `UnsequencedAtomicReads.ql` + - New query to find expressions which read an atomic variable more than once between sequence points, to address new case from MISRA-C 2012 Amendment 4. + - `RULE-3-1` - `CharacterSequencesAndUsedWithinAComment.ql` + - Add exception allowing URLs inside of cpp-style `/* ... */` comments, in compliance with MISRA-C 2012 Amendment 4 \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects3.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects3.qll index eff4f2caf9..7b01c18099 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects3.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects3.qll @@ -3,7 +3,9 @@ import cpp import RuleMetadata import codingstandards.cpp.exclusions.RuleMetadata -newtype SideEffects3Query = TUnsequencedSideEffectsQuery() +newtype SideEffects3Query = + TUnsequencedSideEffectsQuery() or + TUnsequencedAtomicReadsQuery() predicate isSideEffects3QueryMetadata(Query query, string queryId, string ruleId, string category) { query = @@ -14,6 +16,15 @@ predicate isSideEffects3QueryMetadata(Query query, string queryId, string ruleId "c/misra/unsequenced-side-effects" and ruleId = "RULE-13-2" and category = "required" + or + query = + // `Query` instance for the `unsequencedAtomicReads` query + SideEffects3Package::unsequencedAtomicReadsQuery() and + queryId = + // `@id` for the `unsequencedAtomicReads` query + "c/misra/unsequenced-atomic-reads" and + ruleId = "RULE-13-2" and + category = "required" } module SideEffects3Package { @@ -23,4 +34,11 @@ module SideEffects3Package { // `Query` type for `unsequencedSideEffects` query TQueryC(TSideEffects3PackageQuery(TUnsequencedSideEffectsQuery())) } + + Query unsequencedAtomicReadsQuery() { + //autogenerate `Query` type + result = + // `Query` type for `unsequencedAtomicReads` query + TQueryC(TSideEffects3PackageQuery(TUnsequencedAtomicReadsQuery())) + } } diff --git a/cpp/common/src/codingstandards/cpp/rules/readofuninitializedmemory/ReadOfUninitializedMemory.qll b/cpp/common/src/codingstandards/cpp/rules/readofuninitializedmemory/ReadOfUninitializedMemory.qll index 9de640db9c..8d701cb26c 100644 --- a/cpp/common/src/codingstandards/cpp/rules/readofuninitializedmemory/ReadOfUninitializedMemory.qll +++ b/cpp/common/src/codingstandards/cpp/rules/readofuninitializedmemory/ReadOfUninitializedMemory.qll @@ -131,6 +131,8 @@ class UninitializedVariable extends LocalVariable { // Not static or thread local, because they are not initialized with indeterminate values not isStatic() and not isThreadLocal() and + // Not atomic, which have special initialization rules + not getType().hasSpecifier("atomic") and // Not a class type, because default initialization of a class calls the default constructor // The default constructor may leave certain fields uninitialized, but that would be a separate // field-wise analysis diff --git a/cpp/common/test/rules/readofuninitializedmemory/test.cpp b/cpp/common/test/rules/readofuninitializedmemory/test.cpp index bdd3fdc203..6ed07d795f 100644 --- a/cpp/common/test/rules/readofuninitializedmemory/test.cpp +++ b/cpp/common/test/rules/readofuninitializedmemory/test.cpp @@ -121,4 +121,6 @@ void test_non_default_init() { use(slp); // COMPLIANT - static variables are zero initialized thread_local int *tlp; use(tlp); // COMPLIANT - thread local variables are zero initialized + _Atomic int ai; + use(ai); // COMPLIANT - atomics are special and not covered by this rule } \ No newline at end of file diff --git a/rule_packages/c/SideEffects3.json b/rule_packages/c/SideEffects3.json index 2bf91d77b9..369f5db9ee 100644 --- a/rule_packages/c/SideEffects3.json +++ b/rule_packages/c/SideEffects3.json @@ -16,6 +16,18 @@ "correctness", "external/misra/c/2012/third-edition-first-revision" ] + }, + { + "description": "The value of an atomic variable shall not depend on evaluation order and interleaving of threads.", + "kind": "problem", + "name": "The value of an atomic variable depend on its evaluation order and interleave of threads", + "precision": "very-high", + "severity": "error", + "short_name": "UnsequencedAtomicReads", + "tags": [ + "correctness", + "external/misra/c/2012/amendment3" + ] } ], "title": "The value of an expression and its persistent side effects shall be the same under all permitted evaluation orders" From 8403a4bcd6d5f52afd8ab29441b33b52c002e3bd Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Wed, 18 Dec 2024 18:39:46 -0800 Subject: [PATCH 2320/2573] Fix format --- .../rules/RULE-13-2/UnsequencedAtomicReads.ql | 24 +++++++++---------- c/misra/test/rules/RULE-13-2/test.c | 8 +++---- 2 files changed, 15 insertions(+), 17 deletions(-) diff --git a/c/misra/src/rules/RULE-13-2/UnsequencedAtomicReads.ql b/c/misra/src/rules/RULE-13-2/UnsequencedAtomicReads.ql index d7638229d6..68f00be15f 100644 --- a/c/misra/src/rules/RULE-13-2/UnsequencedAtomicReads.ql +++ b/c/misra/src/rules/RULE-13-2/UnsequencedAtomicReads.ql @@ -33,22 +33,20 @@ class AtomicAccessInFullExpressionOrdering extends Ordering::Configuration { /** * A read of a variable specified as `_Atomic`. - * + * * Note, it may be accessed directly, or by passing its address into the std atomic functions. */ class AtomicVariableAccess extends VariableAccess { pragma[noinline] - AtomicVariableAccess() { - getTarget().getType().hasSpecifier("atomic") - } + AtomicVariableAccess() { getTarget().getType().hasSpecifier("atomic") } /* Get the `atomic_()` call this VarAccess occurs in. */ FunctionCall getAtomicFunctionCall() { exists(AddressOfExpr addrParent, FunctionCall fc | fc.getTarget().getName().matches("__c11_atomic%") and addrParent = fc.getArgument(0) and - addrParent.getAnOperand() = this - and result = fc + addrParent.getAnOperand() = this and + result = fc ) } @@ -59,8 +57,8 @@ class AtomicVariableAccess extends VariableAccess { result = getAtomicFunctionCall().getArgument(1) or exists(AssignExpr assign | - assign.getLValue() = this - and result = assign.getRValue() + assign.getLValue() = this and + result = assign.getRValue() ) } @@ -75,8 +73,8 @@ class AtomicVariableAccess extends VariableAccess { } from - AtomicAccessInFullExpressionOrdering config, FullExpr e, Variable v, - AtomicVariableAccess va1, AtomicVariableAccess va2 + AtomicAccessInFullExpressionOrdering config, FullExpr e, Variable v, AtomicVariableAccess va1, + AtomicVariableAccess va2 where not isExcluded(e, SideEffects3Package::unsequencedAtomicReadsQuery()) and e = va1.(ConstituentExpr).getFullExpr() and @@ -89,6 +87,6 @@ where TaintTracking::localTaint(DataFlow::exprNode(va2.getARead()), DataFlow::exprNode(write)) ) and // Impose an ordering, show the first access. - va1.getLocation().isBefore(va2.getLocation(), _) -select e, "Atomic variable $@ has a $@ that is unsequenced with $@.", - v, v.getName(), va1, "previous read", va2, "another read" + va1.getLocation().isBefore(va2.getLocation(), _) +select e, "Atomic variable $@ has a $@ that is unsequenced with $@.", v, v.getName(), va1, + "previous read", va2, "another read" diff --git a/c/misra/test/rules/RULE-13-2/test.c b/c/misra/test/rules/RULE-13-2/test.c index 6821a37296..e1be53a037 100644 --- a/c/misra/test/rules/RULE-13-2/test.c +++ b/c/misra/test/rules/RULE-13-2/test.c @@ -40,11 +40,11 @@ void unsequenced_sideeffects2() { void atomics() { _Atomic int a1, a2; - int l3 = a1 + a2; // COMPLIANT - int l4 = a1 + a1; // NON_COMPLIANT - a1 = a1 + 1; // COMPLIANT + int l3 = a1 + a2; // COMPLIANT + int l4 = a1 + a1; // NON_COMPLIANT + a1 = a1 + 1; // COMPLIANT atomic_load(&a1) + atomic_load(&a1); // NON_COMPLIANT atomic_load(&a1) + atomic_load(&a2); // COMPLIANT atomic_store(&a1, atomic_load(&a1)); // COMPLIANT - atomic_store(&a1, a1); // COMPLIANT + atomic_store(&a1, a1); // COMPLIANT } \ No newline at end of file From 7732fd690d5704f939acc732e96581f83e00772b Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 19 Dec 2024 12:49:47 -0800 Subject: [PATCH 2321/2573] Fix cert test --- .../CON40-C/AtomicVariableTwiceInExpression.expected | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/c/cert/test/rules/CON40-C/AtomicVariableTwiceInExpression.expected b/c/cert/test/rules/CON40-C/AtomicVariableTwiceInExpression.expected index ddff311b59..42d3ea924d 100644 --- a/c/cert/test/rules/CON40-C/AtomicVariableTwiceInExpression.expected +++ b/c/cert/test/rules/CON40-C/AtomicVariableTwiceInExpression.expected @@ -1,6 +1,6 @@ | test.c:7:18:7:39 | ATOMIC_VAR_INIT(value) | Atomic variable possibly referred to twice in an $@. | test.c:33:3:33:10 | ... += ... | expression | | test.c:7:18:7:39 | ATOMIC_VAR_INIT(value) | Atomic variable possibly referred to twice in an $@. | test.c:34:3:34:13 | ... = ... | expression | -| test.c:11:3:11:23 | atomic_store(a,b) | Atomic variable possibly referred to twice in an $@. | test.c:11:3:11:23 | atomic_store(a,b) | expression | -| test.c:12:3:12:35 | atomic_store_explicit(a,b,c) | Atomic variable possibly referred to twice in an $@. | test.c:12:3:12:35 | atomic_store_explicit(a,b,c) | expression | -| test.c:25:3:25:49 | atomic_compare_exchange_weak(a,b,c) | Atomic variable possibly referred to twice in an $@. | test.c:25:3:25:49 | atomic_compare_exchange_weak(a,b,c) | expression | -| test.c:26:3:27:42 | atomic_compare_exchange_weak_explicit(a,b,c,d,e) | Atomic variable possibly referred to twice in an $@. | test.c:26:3:27:42 | atomic_compare_exchange_weak_explicit(a,b,c,d,e) | expression | +| test.c:11:3:11:23 | atomic_store(object,desired) | Atomic variable possibly referred to twice in an $@. | test.c:11:3:11:23 | atomic_store(object,desired) | expression | +| test.c:12:3:12:23 | atomic_store_explicit | Atomic variable possibly referred to twice in an $@. | test.c:12:3:12:23 | atomic_store_explicit | expression | +| test.c:25:3:25:49 | atomic_compare_exchange_weak(object,expected,desired) | Atomic variable possibly referred to twice in an $@. | test.c:25:3:25:49 | atomic_compare_exchange_weak(object,expected,desired) | expression | +| test.c:26:3:26:39 | atomic_compare_exchange_weak_explicit | Atomic variable possibly referred to twice in an $@. | test.c:26:3:26:39 | atomic_compare_exchange_weak_explicit | expression | From 45e6b5289862db731a59e025ec5b2fab5ff8bc2a Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 20 Dec 2024 13:43:59 -0800 Subject: [PATCH 2322/2573] fix tests --- .../WrapFunctionsThatCanFailSpuriouslyInLoop.expected | 8 ++++---- .../test/rules/RULE-13-2/UnsequencedAtomicReads.expected | 6 +++--- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/c/cert/test/rules/CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.expected b/c/cert/test/rules/CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.expected index 0c1e25cd00..b1c224173e 100644 --- a/c/cert/test/rules/CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.expected +++ b/c/cert/test/rules/CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.expected @@ -1,4 +1,4 @@ -| test.c:6:8:6:46 | atomic_compare_exchange_weak(a,b,c) | Function that can spuriously fail not wrapped in a loop. | -| test.c:10:3:10:41 | atomic_compare_exchange_weak(a,b,c) | Function that can spuriously fail not wrapped in a loop. | -| test.c:12:8:13:47 | atomic_compare_exchange_weak_explicit(a,b,c,d,e) | Function that can spuriously fail not wrapped in a loop. | -| test.c:17:3:17:56 | atomic_compare_exchange_weak_explicit(a,b,c,d,e) | Function that can spuriously fail not wrapped in a loop. | +| test.c:6:8:6:46 | atomic_compare_exchange_weak(object,expected,desired) | Function that can spuriously fail not wrapped in a loop. | +| test.c:10:3:10:41 | atomic_compare_exchange_weak(object,expected,desired) | Function that can spuriously fail not wrapped in a loop. | +| test.c:12:8:12:44 | atomic_compare_exchange_weak_explicit | Function that can spuriously fail not wrapped in a loop. | +| test.c:17:3:17:39 | atomic_compare_exchange_weak_explicit | Function that can spuriously fail not wrapped in a loop. | diff --git a/c/misra/test/rules/RULE-13-2/UnsequencedAtomicReads.expected b/c/misra/test/rules/RULE-13-2/UnsequencedAtomicReads.expected index e84aef7128..2231a83735 100644 --- a/c/misra/test/rules/RULE-13-2/UnsequencedAtomicReads.expected +++ b/c/misra/test/rules/RULE-13-2/UnsequencedAtomicReads.expected @@ -1,5 +1,5 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (UnsequencedAtomicReads.ql:89,31-39) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (UnsequencedAtomicReads.ql:89,67-75) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (UnsequencedAtomicReads.ql:89,5-18) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (UnsequencedAtomicReads.ql:87,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (UnsequencedAtomicReads.ql:87,67-75) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (UnsequencedAtomicReads.ql:87,5-18) | test.c:44:12:44:18 | ... + ... | Atomic variable $@ has a $@ that is unsequenced with $@. | test.c:42:15:42:16 | a1 | a1 | test.c:44:12:44:13 | a1 | previous read | test.c:44:17:44:18 | a1 | another read | | test.c:46:3:46:37 | ... + ... | Atomic variable $@ has a $@ that is unsequenced with $@. | test.c:42:15:42:16 | a1 | a1 | test.c:46:16:46:17 | a1 | previous read | test.c:46:35:46:36 | a1 | another read | From 81ff0c08005b59e4b2bcd87c97b30da738e4e435 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 27 Dec 2024 23:38:55 +0000 Subject: [PATCH 2323/2573] Skip external help integration from forks PRs from forks do not have access to the help repo. --- .github/workflows/code-scanning-pack-gen.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index 1b620260c3..51ffb1edb7 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -80,6 +80,8 @@ jobs: - name: Checkout external help files id: checkout-external-help-files + # Forks do not have access to an appropriate token for the help files + if: !github.event.pull_request.head.repo.fork uses: actions/checkout@v4 with: ssh-key: ${{ secrets.CODEQL_CODING_STANDARDS_HELP_KEY }} @@ -88,7 +90,7 @@ jobs: path: external-help-files - name: Include external help files - if: steps.checkout-external-help-files.outcome == 'success' + if: !github.event.pull_request.head.repo.fork && steps.checkout-external-help-files.outcome == 'success' run: | pushd external-help-files find . -name '*.md' -exec rsync -av --relative {} "$GITHUB_WORKSPACE" \; From 30fdad18a36ea99fa6049748373b8b7bc2b59a38 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 30 Dec 2024 04:17:43 +0000 Subject: [PATCH 2324/2573] Bump peter-evans/create-pull-request from 7.0.5 to 7.0.6 Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 7.0.5 to 7.0.6. - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](https://github.com/peter-evans/create-pull-request/compare/5e914681df9dc83aa4e4905692ca88beb2f9e91f...67ccf781d68cd99b580ae25a5c18a1cc84ffff1f) --- updated-dependencies: - dependency-name: peter-evans/create-pull-request dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/upgrade_codeql_dependencies.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/upgrade_codeql_dependencies.yml b/.github/workflows/upgrade_codeql_dependencies.yml index 841b78fcd6..ca6779871e 100644 --- a/.github/workflows/upgrade_codeql_dependencies.yml +++ b/.github/workflows/upgrade_codeql_dependencies.yml @@ -53,7 +53,7 @@ jobs: find c \( -name '*.ql' -or -name '*.qll' \) -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql query format --in-place - name: Create Pull Request - uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f # v7.0.5 + uses: peter-evans/create-pull-request@67ccf781d68cd99b580ae25a5c18a1cc84ffff1f # v7.0.6 with: title: "Upgrade `github/codeql` dependency to ${{ github.event.inputs.codeql_cli_version }}" body: | From 99af17c4b0737a51b460456bc82f6757f4f8868a Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Sat, 4 Jan 2025 21:00:10 -0800 Subject: [PATCH 2325/2573] Implement RULE-11-10 banning atomic void. --- .../AtomicQualifierAppliedToVoid.ql | 36 +++++++++++++++++++ .../AtomicQualifierAppliedToVoid.expected | 3 ++ .../AtomicQualifierAppliedToVoid.qlref | 1 + c/misra/test/rules/RULE-11-10/test.c | 18 ++++++++++ .../cpp/exclusions/c/Declarations9.qll | 26 ++++++++++++++ .../cpp/exclusions/c/RuleMetadata.qll | 3 ++ rule_packages/c/Declarations9.json | 25 +++++++++++++ rules.csv | 2 +- 8 files changed, 113 insertions(+), 1 deletion(-) create mode 100644 c/misra/src/rules/RULE-11-10/AtomicQualifierAppliedToVoid.ql create mode 100644 c/misra/test/rules/RULE-11-10/AtomicQualifierAppliedToVoid.expected create mode 100644 c/misra/test/rules/RULE-11-10/AtomicQualifierAppliedToVoid.qlref create mode 100644 c/misra/test/rules/RULE-11-10/test.c create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/Declarations9.qll create mode 100644 rule_packages/c/Declarations9.json diff --git a/c/misra/src/rules/RULE-11-10/AtomicQualifierAppliedToVoid.ql b/c/misra/src/rules/RULE-11-10/AtomicQualifierAppliedToVoid.ql new file mode 100644 index 0000000000..d867241518 --- /dev/null +++ b/c/misra/src/rules/RULE-11-10/AtomicQualifierAppliedToVoid.ql @@ -0,0 +1,36 @@ +/** + * @id c/misra/atomic-qualifier-applied-to-void + * @name RULE-11-10: The _Atomic qualifier shall not be applied to the incomplete type void + * @description Conversions between types by using an _Atomic void type may result in undefined + * behavior. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-11-10 + * correctness + * external/misra/c/2012/third-edition-first-revision + * external/misra/c/2012/amendment4 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +class AtomicVoidType extends Type { + AtomicVoidType() { + hasSpecifier("atomic") and + getUnspecifiedType() instanceof VoidType + } +} + +Type getNestedType(Type root) { + result = root + or + exists(DerivedType derived | derived = root | result = getNestedType(derived.getBaseType())) +} + +from DeclarationEntry decl, AtomicVoidType atomicVoid +where + not isExcluded(decl, Declarations9Package::atomicQualifierAppliedToVoidQuery()) and + atomicVoid = getNestedType(decl.getType()) +select decl, decl.getName() + " declared with an atomic void type." diff --git a/c/misra/test/rules/RULE-11-10/AtomicQualifierAppliedToVoid.expected b/c/misra/test/rules/RULE-11-10/AtomicQualifierAppliedToVoid.expected new file mode 100644 index 0000000000..e3a6746ae7 --- /dev/null +++ b/c/misra/test/rules/RULE-11-10/AtomicQualifierAppliedToVoid.expected @@ -0,0 +1,3 @@ +| test.c:3:15:3:16 | definition of g3 | g3 declared with an atomic void type. | +| test.c:10:17:10:18 | definition of m3 | m3 declared with an atomic void type. | +| test.c:15:22:15:23 | definition of p2 | p2 declared with an atomic void type. | diff --git a/c/misra/test/rules/RULE-11-10/AtomicQualifierAppliedToVoid.qlref b/c/misra/test/rules/RULE-11-10/AtomicQualifierAppliedToVoid.qlref new file mode 100644 index 0000000000..2046575237 --- /dev/null +++ b/c/misra/test/rules/RULE-11-10/AtomicQualifierAppliedToVoid.qlref @@ -0,0 +1 @@ +rules/RULE-11-10/AtomicQualifierAppliedToVoid.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-11-10/test.c b/c/misra/test/rules/RULE-11-10/test.c new file mode 100644 index 0000000000..e030345dde --- /dev/null +++ b/c/misra/test/rules/RULE-11-10/test.c @@ -0,0 +1,18 @@ +// _Atomic void g1; // doesn't compile +_Atomic int g2; // COMPLIANT +_Atomic void *g3; // NON_COMPLIANT +// _Atomic void g4[]; // doesn't compile +void *_Atomic g5; // COMPLIANT + +struct { + _Atomic int m1; // COMPLIANT + // _Atomic void m2; // doesn't compile + _Atomic void *m3; // NON_COMPLIANT + void *_Atomic m4; // COMPLIANT +} s1; + +void f(_Atomic int p1, // COMPLIANT + _Atomic void *p2 // NON_COMPLIANT + // _Atomic void p3[] // doesn't compile, even though it perhaps should as + // it is adjusted to void*. +) {} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations9.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations9.qll new file mode 100644 index 0000000000..8a63e50ed4 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Declarations9.qll @@ -0,0 +1,26 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype Declarations9Query = TAtomicQualifierAppliedToVoidQuery() + +predicate isDeclarations9QueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `atomicQualifierAppliedToVoid` query + Declarations9Package::atomicQualifierAppliedToVoidQuery() and + queryId = + // `@id` for the `atomicQualifierAppliedToVoid` query + "c/misra/atomic-qualifier-applied-to-void" and + ruleId = "RULE-11-10" and + category = "required" +} + +module Declarations9Package { + Query atomicQualifierAppliedToVoidQuery() { + //autogenerate `Query` type + result = + // `Query` type for `atomicQualifierAppliedToVoid` query + TQueryC(TDeclarations9PackageQuery(TAtomicQualifierAppliedToVoidQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index 1562ba7894..448b764526 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -28,6 +28,7 @@ import Declarations5 import Declarations6 import Declarations7 import Declarations8 +import Declarations9 import EssentialTypes import Expressions import FloatingTypes @@ -107,6 +108,7 @@ newtype TCQuery = TDeclarations6PackageQuery(Declarations6Query q) or TDeclarations7PackageQuery(Declarations7Query q) or TDeclarations8PackageQuery(Declarations8Query q) or + TDeclarations9PackageQuery(Declarations9Query q) or TEssentialTypesPackageQuery(EssentialTypesQuery q) or TExpressionsPackageQuery(ExpressionsQuery q) or TFloatingTypesPackageQuery(FloatingTypesQuery q) or @@ -186,6 +188,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isDeclarations6QueryMetadata(query, queryId, ruleId, category) or isDeclarations7QueryMetadata(query, queryId, ruleId, category) or isDeclarations8QueryMetadata(query, queryId, ruleId, category) or + isDeclarations9QueryMetadata(query, queryId, ruleId, category) or isEssentialTypesQueryMetadata(query, queryId, ruleId, category) or isExpressionsQueryMetadata(query, queryId, ruleId, category) or isFloatingTypesQueryMetadata(query, queryId, ruleId, category) or diff --git a/rule_packages/c/Declarations9.json b/rule_packages/c/Declarations9.json new file mode 100644 index 0000000000..ebfcf7c41f --- /dev/null +++ b/rule_packages/c/Declarations9.json @@ -0,0 +1,25 @@ +{ + "MISRA-C-2012": { + "RULE-11-10": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Conversions between types by using an _Atomic void type may result in undefined behavior.", + "kind": "problem", + "name": "The _Atomic qualifier shall not be applied to the incomplete type void", + "precision": "very-high", + "severity": "error", + "short_name": "AtomicQualifierAppliedToVoid", + "tags": [ + "correctness", + "external/misra/c/2012/third-edition-first-revision", + "external/misra/c/2012/amendment4" + ] + } + ], + "title": "The _Atomic qualifier shall not be applied to the incomplete type void" + } + } +} \ No newline at end of file diff --git a/rules.csv b/rules.csv index 475ea1d66c..6657055cad 100644 --- a/rules.csv +++ b/rules.csv @@ -677,7 +677,7 @@ c,MISRA-C-2012,RULE-9-2,Yes,Required,,,The initializer for an aggregate or union c,MISRA-C-2012,RULE-9-3,Yes,Required,,,Arrays shall not be partially initialized,,Memory1,Medium, c,MISRA-C-2012,RULE-9-4,Yes,Required,,,An element of an object shall not be initialized more than once,,Memory1,Medium, c,MISRA-C-2012,RULE-9-5,No,Required,,,Where designated initializers are used to initialize an array object the size of the array shall be specified explicitly,,,Medium, -c,MISRA-C-2012,RULE-9-6,Yes,Required,,,An initializer using chained designators shall not contain initializers without designators,,Declarations9,Hard, +c,MISRA-C-2012,RULE-9-6,Yes,Required,,,An initializer using chained designators shall not contain initializers without designators,,Declarations10,Hard, c,MISRA-C-2012,RULE-9-7,Yes,Mandatory,,,Atomic objects shall be appropriately initialized before being accessed,,Concurrency6,Hard, c,MISRA-C-2012,RULE-10-1,Yes,Required,,,Operands shall not be of an inappropriate essential type,,EssentialTypes,Hard, c,MISRA-C-2012,RULE-10-2,Yes,Required,,,Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations,,EssentialTypes,Medium, From 6b8ba85dea62ff4ebac192b15db278e51cb431c0 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Sun, 5 Jan 2025 23:05:14 +0000 Subject: [PATCH 2326/2573] Update rules.csv Use Contracts8 as next entry --- rules.csv | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rules.csv b/rules.csv index 8391149b9f..a7f6c1f0db 100644 --- a/rules.csv +++ b/rules.csv @@ -615,7 +615,7 @@ c,MISRA-C-2012,DIR-4-10,Yes,Required,,,Precautions shall be taken in order to pr c,MISRA-C-2012,DIR-4-11,Yes,Required,,,The validity of values passed to library functions shall be checked,,Contracts,Hard, c,MISRA-C-2012,DIR-4-12,Yes,Required,,,Dynamic memory allocation shall not be used,,Banned,Medium, c,MISRA-C-2012,DIR-4-13,No,Advisory,,,Functions which are designed to provide operations on a resource should be called in an appropriate sequence,,,,"Rule 22.1, 22.2 and 22.6 cover aspects of this rule. In other cases this is a design issue and needs to be checked manually." -c,MISRA-C-2012,DIR-4-14,Yes,Required,,,The validity of values received from external sources shall be checked,,Contracts9,Hard,This is supported by CodeQLs default C security queries. +c,MISRA-C-2012,DIR-4-14,Yes,Required,,,The validity of values received from external sources shall be checked,,Contracts8,Hard,This is supported by CodeQLs default C security queries. c,MISRA-C-2012,RULE-1-1,No,Required,,,"The program shall contain no violations of the standard C syntax and constraints, and shall not exceed the implementation's translation limits",,,Easy,"This should be checked via the compiler output, rather than CodeQL, which adds unnecessary steps." c,MISRA-C-2012,RULE-1-2,Yes,Advisory,,,Language extensions should not be used,,Language3,Hard, c,MISRA-C-2012,RULE-1-3,Yes,Required,,,There shall be no occurrence of undefined or critical unspecified behaviour,,Language3,Hard, From 6f595af4c404c3d77e6eea7f7f0568ecb4d5c189 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Mon, 6 Jan 2025 10:21:17 +0000 Subject: [PATCH 2327/2573] Exclude Dependabot PRs from help checkout Dependabot does not have access to the external help repo. --- .github/workflows/code-scanning-pack-gen.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index 51ffb1edb7..b67db3d413 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -81,7 +81,7 @@ jobs: - name: Checkout external help files id: checkout-external-help-files # Forks do not have access to an appropriate token for the help files - if: !github.event.pull_request.head.repo.fork + if: !github.event.pull_request.head.repo.fork && github.actor != 'dependabot[bot]' uses: actions/checkout@v4 with: ssh-key: ${{ secrets.CODEQL_CODING_STANDARDS_HELP_KEY }} @@ -90,7 +90,7 @@ jobs: path: external-help-files - name: Include external help files - if: !github.event.pull_request.head.repo.fork && steps.checkout-external-help-files.outcome == 'success' + if: !github.event.pull_request.head.repo.fork && github.actor != 'dependabot[bot]'&& steps.checkout-external-help-files.outcome == 'success' run: | pushd external-help-files find . -name '*.md' -exec rsync -av --relative {} "$GITHUB_WORKSPACE" \; From b817d0cde9701c3d2b1e343a9eb37ab224f6aff7 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Mon, 6 Jan 2025 20:17:03 +0000 Subject: [PATCH 2328/2573] Improve comment Explain why we exclude dependabot PRs. --- .github/workflows/code-scanning-pack-gen.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index b67db3d413..85a157d8b6 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -80,7 +80,7 @@ jobs: - name: Checkout external help files id: checkout-external-help-files - # Forks do not have access to an appropriate token for the help files + # PRs from forks and dependabot do not have access to an appropriate token for cloning the help files repos if: !github.event.pull_request.head.repo.fork && github.actor != 'dependabot[bot]' uses: actions/checkout@v4 with: From b952fc8595c121804533c184eeeed739d138c09e Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 6 Jan 2025 23:27:04 +0000 Subject: [PATCH 2329/2573] Use expression syntax --- .github/workflows/code-scanning-pack-gen.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index 85a157d8b6..678b3be403 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -81,7 +81,7 @@ jobs: - name: Checkout external help files id: checkout-external-help-files # PRs from forks and dependabot do not have access to an appropriate token for cloning the help files repos - if: !github.event.pull_request.head.repo.fork && github.actor != 'dependabot[bot]' + if: ${{ !github.event.pull_request.head.repo.fork && github.actor != 'dependabot[bot]' }} uses: actions/checkout@v4 with: ssh-key: ${{ secrets.CODEQL_CODING_STANDARDS_HELP_KEY }} @@ -90,7 +90,7 @@ jobs: path: external-help-files - name: Include external help files - if: !github.event.pull_request.head.repo.fork && github.actor != 'dependabot[bot]'&& steps.checkout-external-help-files.outcome == 'success' + if: ${{ !github.event.pull_request.head.repo.fork && github.actor != 'dependabot[bot]'&& steps.checkout-external-help-files.outcome == 'success' }} run: | pushd external-help-files find . -name '*.md' -exec rsync -av --relative {} "$GITHUB_WORKSPACE" \; From d9a41f0f5b559e44753bdf25fa1b6f84e6a2ac60 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Thu, 9 Jan 2025 14:14:17 +0100 Subject: [PATCH 2330/2573] Update A2-10-4 after QL changes --- .../IdentifierNameOfStaticNonMemberObjectReusedInNamespace.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/src/rules/A2-10-4/IdentifierNameOfStaticNonMemberObjectReusedInNamespace.ql b/cpp/autosar/src/rules/A2-10-4/IdentifierNameOfStaticNonMemberObjectReusedInNamespace.ql index e04bb89cfa..79e17305fb 100644 --- a/cpp/autosar/src/rules/A2-10-4/IdentifierNameOfStaticNonMemberObjectReusedInNamespace.ql +++ b/cpp/autosar/src/rules/A2-10-4/IdentifierNameOfStaticNonMemberObjectReusedInNamespace.ql @@ -22,7 +22,7 @@ class CandidateVariable extends Variable { isStatic() and not this instanceof MemberVariable and //exclude partially specialized template variables - not exists(TemplateVariable v | this = v.getAnInstantiation()) + not this.isSpecialization() } } From 0c7b50321f47936b7857e7e5f788a62c2596bae4 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 10 Jan 2025 20:06:49 -0800 Subject: [PATCH 2331/2573] save work --- amendments.csv | 12 +- .../c/misra/EssentialTypes.qll | 10 +- ...dditionSubtractionOnEssentiallyCharType.ql | 2 +- ...nSubtractionOnEssentiallyCharType.expected | 34 ++-- c/misra/test/rules/RULE-10-2/test.c | 14 +- .../ControllingExprInvariant.expected | 1 + c/misra/test/rules/RULE-14-3/test.c | 7 + ...ringLiteralAssignedToNonConstChar.expected | 1 + c/misra/test/rules/RULE-7-4/test.c | 12 ++ c/misra/test/rules/RULE-8-3/function1.c | 4 + c/misra/test/rules/RULE-8-3/function2.c | 4 +- ...025-1-04-misra-c-technical-corrigenda-2.md | 11 ++ .../src/codingstandards/cpp/Compatible.qll | 8 +- ...nterArithmeticToAddressDifferentArrays.qll | 158 ++++++++++++++---- .../InvalidatedEnvStringPointers.qll | 6 + ...rithmeticToAddressDifferentArrays.expected | 14 +- .../test.cpp | 24 +++ .../InvalidatedEnvStringPointers.expected | 5 + .../invalidatedenvstringpointers/test.cpp | 37 ++++ 19 files changed, 298 insertions(+), 66 deletions(-) create mode 100644 change_notes/2025-1-04-misra-c-technical-corrigenda-2.md diff --git a/amendments.csv b/amendments.csv index ce285a29ba..20eb874fde 100644 --- a/amendments.csv +++ b/amendments.csv @@ -28,22 +28,22 @@ c,MISRA-C-2012,Corrigendum2,RULE-1-4,Yes,Replace,No,Easy c,MISRA-C-2012,Corrigendum2,RULE-9-1,Yes,Refine,No,Easy c,MISRA-C-2012,Corrigendum2,RULE-9-2,Yes,Refine,No,Import c,MISRA-C-2012,Corrigendum2,DIR-4-10,Yes,Clarification,No,Import -c,MISRA-C-2012,Corrigendum2,RULE-7-4,Yes,Refine,No,Easy +c,MISRA-C-2012,Corrigendum2,RULE-7-4,Yes,Refine,Yes,Easy c,MISRA-C-2012,Corrigendum2,RULE-8-2,Yes,Clarification,No,Import -c,MISRA-C-2012,Corrigendum2,RULE-8-3,Yes,Refine,No,Easy +c,MISRA-C-2012,Corrigendum2,RULE-8-3,Yes,Refine,Yes,Easy c,MISRA-C-2012,Corrigendum2,RULE-8-7,Yes,Clarification,No,Import -c,MISRA-C-2012,Corrigendum2,RULE-10-2,Yes,Refine,No,Easy +c,MISRA-C-2012,Corrigendum2,RULE-10-2,Yes,Refine,Yes,Easy c,MISRA-C-2012,Corrigendum2,RULE-10-3,Yes,Clarification,No,Import c,MISRA-C-2012,Corrigendum2,RULE-11-3,Yes,Clarification,No,Import c,MISRA-C-2012,Corrigendum2,RULE-11-6,Yes,Clarification,No,Import c,MISRA-C-2012,Corrigendum2,RULE-13-2,Yes,Clarification,No,Import c,MISRA-C-2012,Corrigendum2,RULE-13-6,Yes,Clarification,No,Import -c,MISRA-C-2012,Corrigendum2,RULE-14-3,Yes,Refine,No,Easy +c,MISRA-C-2012,Corrigendum2,RULE-14-3,Yes,Refine,Yes,Easy c,MISRA-C-2012,Corrigendum2,RULE-15-7,Yes,Clarification,No,Import c,MISRA-C-2012,Corrigendum2,RULE-17-4,Yes,Clarification,No,Import c,MISRA-C-2012,Corrigendum2,RULE-17-5,Yes,Clarification,No,Import -c,MISRA-C-2012,Corrigendum2,RULE-18-1,Yes,Refine,No,Easy +c,MISRA-C-2012,Corrigendum2,RULE-18-1,Yes,Refine,Yes,Easy c,MISRA-C-2012,Corrigendum2,RULE-20-14,No,Clarification,No,Import c,MISRA-C-2012,Corrigendum2,RULE-21-19,Yes,Clarification,No,Import -c,MISRA-C-2012,Corrigendum2,RULE-21-20,Yes,Refine,No,Easy +c,MISRA-C-2012,Corrigendum2,RULE-21-20,Yes,Refine,Yes,Easy c,MISRA-C-2012,Corrigendum2,RULE-22-9,Yes,Clarification,No,Import \ No newline at end of file diff --git a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll index 4783547ed2..b229bd54e2 100644 --- a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll +++ b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll @@ -297,12 +297,15 @@ class EssentialBinaryArithmeticExpr extends EssentialExpr, BinaryArithmeticOpera exists( Type leftEssentialType, Type rightEssentialType, EssentialTypeCategory leftEssentialTypeCategory, - EssentialTypeCategory rightEssentialTypeCategory + EssentialTypeCategory rightEssentialTypeCategory, + int intTypeSize | leftEssentialType = getEssentialType(getLeftOperand()) and rightEssentialType = getEssentialType(getRightOperand()) and leftEssentialTypeCategory = getEssentialTypeCategory(leftEssentialType) and - rightEssentialTypeCategory = getEssentialTypeCategory(rightEssentialType) + rightEssentialTypeCategory = getEssentialTypeCategory(rightEssentialType) and + // For rules around addition/subtraction with char types: + intTypeSize = any(IntType i | i.isSigned()).getSize() | if leftEssentialTypeCategory = EssentiallySignedType() and @@ -338,15 +341,18 @@ class EssentialBinaryArithmeticExpr extends EssentialExpr, BinaryArithmeticOpera ( leftEssentialTypeCategory = [EssentiallySignedType(), EssentiallyUnsignedType().(TEssentialTypeCategory)] + and leftEssentialType.getSize() <= intTypeSize or rightEssentialTypeCategory = [EssentiallySignedType(), EssentiallyUnsignedType().(TEssentialTypeCategory)] + and rightEssentialType.getSize() <= intTypeSize ) or this instanceof SubExpr and leftEssentialTypeCategory = EssentiallyCharacterType() and rightEssentialTypeCategory = [EssentiallySignedType(), EssentiallyUnsignedType().(TEssentialTypeCategory)] + and rightEssentialType.getSize() <= intTypeSize then result instanceof PlainCharType else result = this.getStandardType() ) diff --git a/c/misra/src/rules/RULE-10-2/AdditionSubtractionOnEssentiallyCharType.ql b/c/misra/src/rules/RULE-10-2/AdditionSubtractionOnEssentiallyCharType.ql index 750e589a1c..0e98c6c570 100644 --- a/c/misra/src/rules/RULE-10-2/AdditionSubtractionOnEssentiallyCharType.ql +++ b/c/misra/src/rules/RULE-10-2/AdditionSubtractionOnEssentiallyCharType.ql @@ -32,7 +32,7 @@ where // But the overall essential type is not essentially character type getEssentialTypeCategory(getEssentialType(addOrSub)) = EssentiallyCharacterType() or - // Or this is a subtration of one character with another, which is permitted, but produces an integral type + // Or this is a subtraction of one character with another, which is permitted, but produces an integral type getEssentialTypeCategory(getEssentialType(addOrSub.getLeftOperand())) = EssentiallyCharacterType() and getEssentialTypeCategory(getEssentialType(addOrSub.getRightOperand())) = diff --git a/c/misra/test/rules/RULE-10-2/AdditionSubtractionOnEssentiallyCharType.expected b/c/misra/test/rules/RULE-10-2/AdditionSubtractionOnEssentiallyCharType.expected index 0a5c7ae0bb..a1d3657a1e 100644 --- a/c/misra/test/rules/RULE-10-2/AdditionSubtractionOnEssentiallyCharType.expected +++ b/c/misra/test/rules/RULE-10-2/AdditionSubtractionOnEssentiallyCharType.expected @@ -1,15 +1,19 @@ -| test.c:15:3:15:11 | ... + ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | -| test.c:16:3:16:9 | ... + ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | -| test.c:17:3:17:9 | ... + ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | -| test.c:18:3:18:9 | ... + ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | -| test.c:19:3:19:9 | ... + ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | -| test.c:20:3:20:10 | ... + ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | -| test.c:21:3:21:10 | ... + ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | -| test.c:27:3:27:9 | ... - ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | -| test.c:28:3:28:9 | ... - ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | -| test.c:29:3:29:9 | ... - ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | -| test.c:30:3:30:9 | ... - ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | -| test.c:31:3:31:9 | ... - ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | -| test.c:32:3:32:9 | ... - ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | -| test.c:33:3:33:10 | ... - ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | -| test.c:34:3:34:10 | ... - ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | +| test.c:19:3:19:11 | ... + ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | +| test.c:20:3:20:9 | ... + ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | +| test.c:21:3:21:9 | ... + ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | +| test.c:22:3:22:9 | ... + ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | +| test.c:23:3:23:9 | ... + ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | +| test.c:24:3:24:10 | ... + ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | +| test.c:25:3:25:10 | ... + ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | +| test.c:28:3:28:9 | ... + ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | +| test.c:29:3:29:10 | ... + ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | +| test.c:35:3:35:9 | ... - ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | +| test.c:36:3:36:9 | ... - ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | +| test.c:37:3:37:9 | ... - ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | +| test.c:38:3:38:9 | ... - ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | +| test.c:39:3:39:9 | ... - ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | +| test.c:40:3:40:9 | ... - ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | +| test.c:41:3:41:10 | ... - ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | +| test.c:42:3:42:10 | ... - ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | +| test.c:45:3:45:9 | ... - ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | +| test.c:46:3:46:10 | ... - ... | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations | diff --git a/c/misra/test/rules/RULE-10-2/test.c b/c/misra/test/rules/RULE-10-2/test.c index 186c49226e..1d86013c07 100644 --- a/c/misra/test/rules/RULE-10-2/test.c +++ b/c/misra/test/rules/RULE-10-2/test.c @@ -5,6 +5,10 @@ void testRules() { enum E1 { A, B, C } e1 = A; signed int i = 100; unsigned int u = 100; + signed short s = 100; + unsigned short us = 100; + signed long l = 100L; + unsigned long ul = 100UL; float f = 10.0f; // Addition cases @@ -19,8 +23,12 @@ void testRules() { b + 'a'; // NON_COMPLIANT 'a' + e1; // NON_COMPLIANT e1 + 'a'; // NON_COMPLIANT + 'a' + s; // COMPLIANT + 'a' + us; // COMPLIANT + 'a' + l; // NON_COMPLIANT + 'a' + ul; // NON_COMPLIANT - // Subtration cases + // Subtraction cases 'a' - i; // COMPLIANT 'a' - u; // COMPLIANT 'a' - 'a'; // COMPLIANT @@ -32,4 +40,8 @@ void testRules() { 'a' - b; // NON_COMPLIANT e1 - 'a'; // NON_COMPLIANT 'a' - e1; // NON_COMPLIANT + 'a' - s; // COMPLIANT + 'a' - us; // COMPLIANT + 'a' - l; // NON_COMPLIANT + 'a' - ul; // NON_COMPLIANT } \ No newline at end of file diff --git a/c/misra/test/rules/RULE-14-3/ControllingExprInvariant.expected b/c/misra/test/rules/RULE-14-3/ControllingExprInvariant.expected index c03c04d6cc..3beb834f84 100644 --- a/c/misra/test/rules/RULE-14-3/ControllingExprInvariant.expected +++ b/c/misra/test/rules/RULE-14-3/ControllingExprInvariant.expected @@ -5,3 +5,4 @@ | test.c:27:10:27:14 | ... < ... | Controlling expression in loop statement has an invariant value. | | test.c:37:3:37:6 | 1 | Controlling expression in conditional statement has an invariant value. | | test.c:38:3:38:3 | 1 | Controlling expression in conditional statement has an invariant value. | +| test.c:45:10:45:26 | ... && ... | Controlling expression in loop statement has an invariant value. | diff --git a/c/misra/test/rules/RULE-14-3/test.c b/c/misra/test/rules/RULE-14-3/test.c index 38db3e1286..ed8854afd2 100644 --- a/c/misra/test/rules/RULE-14-3/test.c +++ b/c/misra/test/rules/RULE-14-3/test.c @@ -37,4 +37,11 @@ void f5(bool b1) { true ? 1 : 2; // NON_COMPLIANT 1 ? 1 : 2; // NON_COMPLIANT b1 ? 1 : 2; // COMPLIANT +} + +void f6(int p1) { + while (p1 < 10 && p1 > 12) { // NON_COMPLIANT[FALSE_NEGATIVE] + } + while (1 == 0 && p1 > 12) { // NON_COMPLIANT + } } \ No newline at end of file diff --git a/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.expected b/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.expected index 46b8e5a47b..208e98f632 100644 --- a/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.expected +++ b/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.expected @@ -6,3 +6,4 @@ | test.c:58:5:58:22 | return ... | wchar_t * function w_sample3 is returning a string literal. | | test.c:69:3:69:9 | call to sample4 | char * parameter of sample4 is passed a string literal. | | test.c:78:3:78:11 | call to w_sample4 | wchar_t * parameter of w_sample4 is passed a string literal. | +| test.c:91:3:91:11 | call to w_sample7 | char * parameter of w_sample7 is passed a string literal. | diff --git a/c/misra/test/rules/RULE-7-4/test.c b/c/misra/test/rules/RULE-7-4/test.c index c178915200..ff270b611f 100644 --- a/c/misra/test/rules/RULE-7-4/test.c +++ b/c/misra/test/rules/RULE-7-4/test.c @@ -79,4 +79,16 @@ void w_call45() { w_sample5(L"string9"); // COMPLIANT: passing string literal to const char* } +void w_sample6(int x, ...) {} + +void w_call6() { + w_sample6(1, "string10"); // COMPLIANT by first (and only) exception +} + +void w_sample7(char* x, ...) {} + +void w_call7() { + w_sample7("string11", 1); // NON_COMPLIANT, does not fit exceptional case +} + int main() { return 0; } diff --git a/c/misra/test/rules/RULE-8-3/function1.c b/c/misra/test/rules/RULE-8-3/function1.c index 2072748047..7f42f87f53 100644 --- a/c/misra/test/rules/RULE-8-3/function1.c +++ b/c/misra/test/rules/RULE-8-3/function1.c @@ -24,4 +24,8 @@ a f21(wi w, wi h) { // NON_COMPLIANT void f22(int f22b, int f22a) { // NON_COMPLIANT return; +} + +void f23(int f23a) { // COMPLIANT + return; } \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-3/function2.c b/c/misra/test/rules/RULE-8-3/function2.c index 979e002466..159dbe105d 100644 --- a/c/misra/test/rules/RULE-8-3/function2.c +++ b/c/misra/test/rules/RULE-8-3/function2.c @@ -16,4 +16,6 @@ typedef long a; extern a f21(wi w, hi h); // NON_COMPLIANT -extern void f22(int f22a, int f22b); // NON_COMPLIANT \ No newline at end of file +extern void f22(int f22a, int f22b); // NON_COMPLIANT + +extern void f23(int); // COMPLIANT \ No newline at end of file diff --git a/change_notes/2025-1-04-misra-c-technical-corrigenda-2.md b/change_notes/2025-1-04-misra-c-technical-corrigenda-2.md new file mode 100644 index 0000000000..81ae3eb561 --- /dev/null +++ b/change_notes/2025-1-04-misra-c-technical-corrigenda-2.md @@ -0,0 +1,11 @@ + - `RULE-8-3` - `DeclarationsOfAFunctionSameNameAndType.ql`: + - Implement new exception, unnamed parameters are not covered by this rule. + - `RULE-10-2` - `AdditionSubtractionOnEssentiallCharType.ql`: + - Disallow `+` and `-` operations with an essentially char type and other types larger than int type. + - Note, this change affects the essential type of such expressions, which may affect other essential types rules. + - `RULE-18-1`, `M5-0-16` - `PointerAndDerivedPointerMustAddressSameArray.ql`, `PointerAndDerivedPointerAccessDifferentArray.ql`: + - Treat casts to byte pointers as pointers to arrays of the size of the pointed-to type + - Fix typo in report message, "passed" replaced with "past." + - `RULE-21-10`, `RULE-25-5-3`, `ENV34-C` - `CallToSetlocaleInvalidatesOldPointers.ql`, `CallToSetlocaleInvalidatesOldPointersMisra.ql`, `DoNotStorePointersReturnedByEnvFunctions.ql`: + - Report usage of returned pointers from `asctime`, `ctime`, during a call to either of the former. + - Report usage of returned pointers from `gmtime`, `localtime`, during a call to either of the former. \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/Compatible.qll b/cpp/common/src/codingstandards/cpp/Compatible.qll index 0f6e2108ff..d2dbc55778 100644 --- a/cpp/common/src/codingstandards/cpp/Compatible.qll +++ b/cpp/common/src/codingstandards/cpp/Compatible.qll @@ -21,10 +21,10 @@ predicate parameterTypesIncompatible(FunctionDeclarationEntry f1, FunctionDeclar predicate parameterNamesIncompatible(FunctionDeclarationEntry f1, FunctionDeclarationEntry f2) { f1.getDeclaration() = f2.getDeclaration() and - exists(ParameterDeclarationEntry p1, ParameterDeclarationEntry p2, int i | - p1 = f1.getParameterDeclarationEntry(i) and - p2 = f2.getParameterDeclarationEntry(i) + exists(string p1Name, string p2Name, int i | + p1Name = f1.getParameterDeclarationEntry(i).getName() and + p2Name = f2.getParameterDeclarationEntry(i).getName() | - not p1.getName() = p2.getName() + not p1Name = p2Name ) } diff --git a/cpp/common/src/codingstandards/cpp/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.qll b/cpp/common/src/codingstandards/cpp/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.qll index 57b4eb0bfb..9728bc1f6d 100644 --- a/cpp/common/src/codingstandards/cpp/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.qll +++ b/cpp/common/src/codingstandards/cpp/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.qll @@ -7,20 +7,118 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -import semmle.code.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.new.DataFlow import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis +import codeql.util.Boolean abstract class DoNotUsePointerArithmeticToAddressDifferentArraysSharedQuery extends Query { } Query getQuery() { result instanceof DoNotUsePointerArithmeticToAddressDifferentArraysSharedQuery } +/** + * A `VariableAccess` of a variable that is an array, or a pointer type casted to a byte pointer. + */ +abstract class ArrayLikeAccess extends Expr { + abstract Element getElement(); + + abstract string getName(); + + abstract int getSize(); + + abstract DataFlow::Node getNode(); +} + +/** + * A `VariableAccess` of a variable that is an array. + */ +class ArrayVariableAccess extends ArrayLikeAccess, VariableAccess { + int size; + + ArrayVariableAccess() { size = getType().(ArrayType).getArraySize() } + + override Variable getElement() { result = getTarget() } + + override string getName() { result = getElement().getName() } + + override int getSize() { result = size } + + override DataFlow::Node getNode() { result.asExpr() = this } +} + +/** + * Get the size of the object pointed to by a type (pointer or array). + * + * Depth of type unwrapping depends on the type. Pointer will be dereferenced only once: the element + * size of `T*` is `sizeof(T)` while the element size of `T**` is `sizeof(T*)`. However, array types + * will be deeply unwrapped, as the pointed to size of `T[][]` is `sizeof(T)`. These processes + * interact, so the element size of a pointer to an array of `T` has an element size of `sizeof(T)` + * and not `sizeof(T[length])`. + */ +int elementSize(Type type, Boolean deref) { + if type instanceof ArrayType + then result = elementSize(type.(ArrayType).getBaseType(), false) + else + if deref = true and type instanceof PointerType + then result = elementSize(type.(PointerType).getBaseType(), false) + else result = type.getSize() +} + +/** + * A pointer type casted to a byte pointer, which is effectively a pointer to a byte array whose + * length depends on `elementSize()` of the original pointed-to type. + */ +class CastedToBytePointer extends ArrayLikeAccess, Conversion { + int size; + + CastedToBytePointer() { + getType().(PointerType).getBaseType().getSize() = 1 and + size = elementSize(getExpr().getType(), true) + } + + override Element getElement() { result = this } + + override string getName() { + result = "cast to btye pointer " + this.toString() + or + exists(Cast cast | + cast.getExpr() = this and + result = cast.getType().(PointerType).getBaseType().toString() + ) + } + + override int getSize() { result = size } + + override DataFlow::Node getNode() { result.asConvertedExpr() = this } +} + +/** + * A data-flow configuration that tracks access to an array to type to an array index expression. + * This is used to determine possible pointer to array creations. + */ +module ByteArrayToArrayExprConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { exists(CastedToBytePointer a | a.getNode() = source) } + + // TODO: casting to different size pointed-to-type invalidates + predicate isSink(DataFlow::Node sink) { exists(ArrayExpr c | c.getArrayBase() = sink.asExpr()) } +} + +module BytePointerToArrayExprFlow = DataFlow::Global; + /** * A data-flow configuration that tracks access to an array to type to an array index expression. * This is used to determine possible pointer to array creations. */ module ArrayToArrayExprConfig implements DataFlow::ConfigSig { - predicate isSource(DataFlow::Node source) { - source.asExpr().(VariableAccess).getType() instanceof ArrayType + predicate isSource(DataFlow::Node source) { exists(ArrayVariableAccess a | a.getNode() = source) } + + predicate isBarrier(DataFlow::Node barrier) { + // Casting to a differently sized pointer invalidates this analysis. + exists(CStyleCast cast, Expr casted | + cast.getExpr() = casted and casted = barrier.asConvertedExpr() + | + not casted.getType().(PointerType).getBaseType().getSize() = + cast.getType().(PointerType).getBaseType().getSize() + ) } predicate isSink(DataFlow::Node sink) { exists(ArrayExpr c | c.getArrayBase() = sink.asExpr()) } @@ -28,12 +126,19 @@ module ArrayToArrayExprConfig implements DataFlow::ConfigSig { module ArrayToArrayExprFlow = DataFlow::Global; -/** Holds if the address taken expression `addressOf` takes the address of an array element at `index` of `array` with size `arraySize`. */ -predicate pointerOperandCreation(AddressOfExpr addressOf, Variable array, int arraySize, int index) { - arraySize = array.getType().(ArrayType).getArraySize() and +/** Holds if the address taken expression `addressOf` takes the address of an array element at `index` of `array`. */ +predicate pointerOperandCreation(AddressOfExpr addressOf, ArrayLikeAccess array, int index) { exists(ArrayExpr ae | - ArrayToArrayExprFlow::flow(DataFlow::exprNode(array.getAnAccess()), - DataFlow::exprNode(ae.getArrayBase())) and + ( + ArrayToArrayExprFlow::flow(array.getNode(), DataFlow::exprNode(ae.getArrayBase())) and + array instanceof ArrayVariableAccess + or + // Since casts can occur in the middle of flow, barriers are not perfect for modeling the + // desired behavior. Handle casts to byte pointers as sources in a separate flow analysis. + BytePointerToArrayExprFlow::flow(array.getNode(), DataFlow::exprNode(ae.getArrayBase())) and + // flow() may hold for `ArrayVariableAccess` in the above, even though they aren't sources + array instanceof CastedToBytePointer + ) and index = lowerBound(ae.getArrayOffset().getFullyConverted()) and addressOf.getOperand() = ae ) @@ -41,19 +146,16 @@ predicate pointerOperandCreation(AddressOfExpr addressOf, Variable array, int ar /** A variable that points to an element of an array. */ class PointerOperand extends Variable { - Variable array; - int arraySize; + ArrayLikeAccess array; int index; AddressOfExpr source; PointerOperand() { - pointerOperandCreation(source, array, arraySize, index) and + pointerOperandCreation(source, array, index) and this.getAnAssignedValue() = source } - Variable getArray() { result = array } - - int getArraySize() { result = arraySize } + ArrayLikeAccess getArray() { result = array } int getIndex() { result = index } @@ -111,9 +213,7 @@ class DerivedArrayPointer extends Variable { DerivedArrayPointer() { derivedPointer(this, source, operand, index) } - Variable getArray() { result = operand.getArray() } - - int getArraySize() { result = operand.getArraySize() } + ArrayLikeAccess getArray() { result = operand.getArray() } int getIndex() { result = index } @@ -131,15 +231,10 @@ class DerivedArrayPointerOrPointerOperand extends Variable { this instanceof PointerOperand } - Variable getArray() { + ArrayLikeAccess getArray() { result = this.(DerivedArrayPointer).getArray() or result = this.(PointerOperand).getArray() } - int getArraySize() { - result = this.(DerivedArrayPointer).getArraySize() or - result = this.(PointerOperand).getArraySize() - } - int getIndex() { result = this.(DerivedArrayPointer).getIndex() or result = this.(PointerOperand).getIndex() } @@ -149,14 +244,16 @@ class DerivedArrayPointerOrPointerOperand extends Variable { } } -query predicate problems(Expr arrayPointerCreation, string message, Variable array, string arrayName) { +query predicate problems(Expr arrayPointerCreation, string message, Element array, string arrayName) { not isExcluded(arrayPointerCreation, getQuery()) and exists( DerivedArrayPointerOrPointerOperand derivedArrayPointerOrPointerOperand, int index, - int arraySize, int difference, string denomination + ArrayLikeAccess arrayAccess, int arraySize, int difference, string denomination | - array = derivedArrayPointerOrPointerOperand.getArray() and - arraySize = derivedArrayPointerOrPointerOperand.getArraySize() and + arrayAccess = derivedArrayPointerOrPointerOperand.getArray() and + array = arrayAccess.getElement() and + arrayName = arrayAccess.getName() and + arraySize = arrayAccess.getSize() and index = derivedArrayPointerOrPointerOperand.getIndex() and arrayPointerCreation = derivedArrayPointerOrPointerOperand.getSource() and difference = index - arraySize and @@ -173,7 +270,6 @@ query predicate problems(Expr arrayPointerCreation, string message, Variable arr ) and message = "Array pointer " + derivedArrayPointerOrPointerOperand.getName() + " points " + - (index - arraySize).toString() + " " + denomination + " passed the end of $@." - ) and - arrayName = array.getName() -} + difference.toString() + " " + denomination + " past the end of $@." + ) +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.qll b/cpp/common/src/codingstandards/cpp/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.qll index 3949ff50a8..0f4a98cf6f 100644 --- a/cpp/common/src/codingstandards/cpp/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.qll +++ b/cpp/common/src/codingstandards/cpp/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.qll @@ -45,6 +45,12 @@ predicate incompatibleFunctions(GetenvFunction f1, GetenvFunction f2) { or f1.getName() = ["setlocale", "localeconv"] and f2.getName() = ["setlocale", "localeconv"] + or + f1.getName() = ["asctime", "ctime"] and + f2.getName() = ["asctime", "ctime"] + or + f1.getName() = ["gmtime", "localtime"] and + f2.getName() = ["gmtime", "localtime"] } query predicate problems( diff --git a/cpp/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.expected b/cpp/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.expected index fa181755e8..438b697775 100644 --- a/cpp/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.expected +++ b/cpp/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.expected @@ -1,5 +1,9 @@ -| test.cpp:4:13:4:18 | ... + ... | Array pointer p2 points 1 element passed the end of $@. | test.cpp:2:7:2:8 | l1 | l1 | -| test.cpp:5:13:5:18 | ... + ... | Array pointer p3 points 1 element passed the end of $@. | test.cpp:2:7:2:8 | l1 | l1 | -| test.cpp:6:13:6:18 | & ... | Array pointer p4 points 1 element passed the end of $@. | test.cpp:2:7:2:8 | l1 | l1 | -| test.cpp:11:8:11:11 | ... -- | Array pointer p7 points 1 element passed the end of $@. | test.cpp:2:7:2:8 | l1 | l1 | -| test.cpp:12:8:12:9 | p3 | Array pointer p8 points 1 element passed the end of $@. | test.cpp:2:7:2:8 | l1 | l1 | +| test.cpp:4:13:4:18 | ... + ... | Array pointer p2 points 1 element past the end of $@. | test.cpp:2:7:2:8 | l1 | l1 | +| test.cpp:5:13:5:18 | ... + ... | Array pointer p3 points 1 element past the end of $@. | test.cpp:2:7:2:8 | l1 | l1 | +| test.cpp:6:13:6:18 | & ... | Array pointer p4 points 1 element past the end of $@. | test.cpp:2:7:2:8 | l1 | l1 | +| test.cpp:11:8:11:11 | ... -- | Array pointer p7 points 1 element past the end of $@. | test.cpp:2:7:2:8 | l1 | l1 | +| test.cpp:12:8:12:9 | p3 | Array pointer p8 points 1 element past the end of $@. | test.cpp:2:7:2:8 | l1 | l1 | +| test.cpp:25:15:25:21 | & ... | Array pointer p14 points 1 element past the end of $@. | test.cpp:2:7:2:8 | l1 | l1 | +| test.cpp:30:15:30:21 | & ... | Array pointer p17 points 1 element past the end of $@. | test.cpp:28:24:28:42 | (unsigned char *)... | cast to btye pointer (unsigned char *)... | +| test.cpp:35:15:35:21 | & ... | Array pointer p20 points 1 element past the end of $@. | test.cpp:33:24:33:43 | (unsigned char *)... | cast to btye pointer (unsigned char *)... | +| test.cpp:43:15:43:23 | & ... | Array pointer p23 points 96 elements past the end of $@. | test.cpp:28:24:28:42 | (unsigned char *)... | cast to btye pointer (unsigned char *)... | diff --git a/cpp/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/test.cpp b/cpp/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/test.cpp index c1032ee735..f81026870d 100644 --- a/cpp/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/test.cpp +++ b/cpp/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/test.cpp @@ -17,4 +17,28 @@ void f1() { 3 + p1; // COMPLIANT - points to an element on beyond the end of the array int *p11 = &l1[3]; // COMPLIANT - points to an element on beyond the end of the array + + // Casting to a pointer to a type of the same size doesn't invalidate the + // analysis + unsigned int *p12 = (unsigned int *)l1; + void *p13 = &p12[3]; // COMPLIANT + void *p14 = &p12[4]; // NON_COMPLIANT + + // Casting to a char* is effectively a new array of length sizeof(T) + unsigned char *p15 = (unsigned char *)l1; + void *p16 = &p15[4]; // COMPLIANT + void *p17 = &p15[5]; // NON_COMPLIANT + + long l2[3]; + unsigned char *p18 = (unsigned char *)&l2; + void *p19 = &p18[8]; // COMPLIANT + void *p20 = &p18[9]; // NON_COMPLIANT + + // Casting to a pointer to a differently sized type that isn't char + // invalidates analysis + int l3[3]; + long *p21 = (long*)&l1; + void *p22 = &p21[0]; // COMPLIANT + // Not compliant, but we shouldn't detect it, but we do for the wrong reason: + void *p23 = &p21[100]; // NON_COMPLIANT[FALSE_NEGATIVE][FALSE_POSITIVE] } \ No newline at end of file diff --git a/cpp/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.expected b/cpp/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.expected index 9a39d3a88d..36c66a94fe 100644 --- a/cpp/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.expected +++ b/cpp/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.expected @@ -4,3 +4,8 @@ | test.cpp:165:14:165:26 | tmpvar_global | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.cpp:157:19:157:24 | call to getenv | call to getenv | test.cpp:161:20:161:25 | call to getenv | call to getenv | | test.cpp:188:18:188:18 | r | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.cpp:185:7:185:15 | call to setlocale | call to setlocale | test.cpp:187:8:187:17 | call to localeconv | call to localeconv | | test.cpp:208:10:208:15 | tmpvar | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.cpp:202:12:202:17 | call to getenv | call to getenv | test.cpp:206:3:206:8 | call to f11fun | call to f11fun | +| test.cpp:216:16:216:17 | r1 | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.cpp:214:14:214:18 | call to ctime | call to ctime | test.cpp:215:3:215:9 | call to asctime | call to asctime | +| test.cpp:226:16:226:17 | r1 | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.cpp:222:14:222:18 | call to ctime | call to ctime | test.cpp:225:14:225:20 | call to asctime | call to asctime | +| test.cpp:231:16:231:17 | r2 | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.cpp:225:14:225:20 | call to asctime | call to asctime | test.cpp:229:8:229:12 | call to ctime | call to ctime | +| test.cpp:240:16:240:17 | r1 | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.cpp:236:19:236:27 | call to localtime | call to localtime | test.cpp:239:19:239:24 | call to gmtime | call to gmtime | +| test.cpp:245:16:245:17 | r2 | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.cpp:239:19:239:24 | call to gmtime | call to gmtime | test.cpp:243:8:243:16 | call to localtime | call to localtime | diff --git a/cpp/common/test/rules/invalidatedenvstringpointers/test.cpp b/cpp/common/test/rules/invalidatedenvstringpointers/test.cpp index 74e3d1b8f5..167d770ef6 100644 --- a/cpp/common/test/rules/invalidatedenvstringpointers/test.cpp +++ b/cpp/common/test/rules/invalidatedenvstringpointers/test.cpp @@ -207,3 +207,40 @@ void f11(void) { printf(tmpvar); // NON_COMPLIANT } + +void f12(void) { + time_t rawtime; + time(&rawtime); + char* r1 = ctime(&rawtime); + asctime(localtime(&rawtime)); + printf("%s", r1); // NON_COMPLIANT +} + +void f13(void) { + time_t rawtime; + time(&rawtime); + char* r1 = ctime(&rawtime); + printf("%s", r1); // COMPLIANT + + char* r2 = asctime(localtime(&rawtime)); + printf("%s", r1); // NON_COMPLIANT + printf("%s", r2); // COMPLIANT + + r1 = ctime(&rawtime); + printf("%s", r1); // COMPLIANT + printf("%s", r2); // NON_COMPLIANT +} + +void f14(void) { + time_t rawtime; + struct tm *r1 = localtime(&rawtime); + printf("%d", r1->tm_year); // COMPLIANT + + struct tm *r2 = gmtime(&rawtime); + printf("%s", r1->tm_year); // NON_COMPLIANT + printf("%s", r2->tm_year); // COMPLIANT + + r1 = localtime(&rawtime); + printf("%s", r1->tm_year); // COMPLIANT + printf("%s", r2->tm_year); // NON_COMPLIANT +} \ No newline at end of file From 6316375dfcd09132d0f1759571f1da5959a0f1b3 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 12 Jan 2025 22:00:41 +0000 Subject: [PATCH 2332/2573] ReturnRefOrPointerToAutoVar: Exclude global or member variables This false positive case was introduced when the rule was shared during the creation of RULE-6-8-2, where `Variable` was used instead of `StackVariable`. --- change_notes/2025-01-09-return-reference.md | 2 ++ ...rnReferenceOrPointerToAutomaticLocalVariable.qll | 2 +- .../test.cpp | 13 +++++++++++++ 3 files changed, 16 insertions(+), 1 deletion(-) create mode 100644 change_notes/2025-01-09-return-reference.md diff --git a/change_notes/2025-01-09-return-reference.md b/change_notes/2025-01-09-return-reference.md new file mode 100644 index 0000000000..69480916c7 --- /dev/null +++ b/change_notes/2025-01-09-return-reference.md @@ -0,0 +1,2 @@ + - `M7-5-1`, `RULE-6-8-2` - `FunctionReturnAutomaticVarCondition.ql`, `ReturnReferenceOrPointerToAutomaticLocalVariable.ql`: + - Remove false positives for member and global variables reported under this rule. \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/rules/returnreferenceorpointertoautomaticlocalvariable/ReturnReferenceOrPointerToAutomaticLocalVariable.qll b/cpp/common/src/codingstandards/cpp/rules/returnreferenceorpointertoautomaticlocalvariable/ReturnReferenceOrPointerToAutomaticLocalVariable.qll index cd623f711c..b37a9cd02b 100644 --- a/cpp/common/src/codingstandards/cpp/rules/returnreferenceorpointertoautomaticlocalvariable/ReturnReferenceOrPointerToAutomaticLocalVariable.qll +++ b/cpp/common/src/codingstandards/cpp/rules/returnreferenceorpointertoautomaticlocalvariable/ReturnReferenceOrPointerToAutomaticLocalVariable.qll @@ -13,7 +13,7 @@ abstract class ReturnReferenceOrPointerToAutomaticLocalVariableSharedQuery exten Query getQuery() { result instanceof ReturnReferenceOrPointerToAutomaticLocalVariableSharedQuery } query predicate problems( - ReturnStmt rs, string message, Function f, string f_string, Variable auto, string auto_string + ReturnStmt rs, string message, Function f, string f_string, StackVariable auto, string auto_string ) { exists(VariableAccess va, string returnType | not isExcluded(rs, getQuery()) and diff --git a/cpp/common/test/rules/returnreferenceorpointertoautomaticlocalvariable/test.cpp b/cpp/common/test/rules/returnreferenceorpointertoautomaticlocalvariable/test.cpp index bc4fbf8f1d..d383d7859f 100644 --- a/cpp/common/test/rules/returnreferenceorpointertoautomaticlocalvariable/test.cpp +++ b/cpp/common/test/rules/returnreferenceorpointertoautomaticlocalvariable/test.cpp @@ -32,4 +32,17 @@ void test_templatefunction_return() { int j = 2; int k = 3; t1(j, k); +} + +class C1 { +private: + int x; + +public: + int test() { return x; } // COMPLIANT - ignore member vars +}; + +int x; +int test_global() { + return x; // COMPLIANT - ignore global vars } \ No newline at end of file From 99a310642c211ff13204cbbe624ea999b6d545a0 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 12 Jan 2025 22:08:19 +0000 Subject: [PATCH 2333/2573] Contracts: Add MISRA C 2012 tags --- rule_packages/c/Contracts.json | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/rule_packages/c/Contracts.json b/rule_packages/c/Contracts.json index 735e84d9da..40bf3d8b0b 100644 --- a/rule_packages/c/Contracts.json +++ b/rule_packages/c/Contracts.json @@ -38,7 +38,8 @@ "short_name": "CheckMathLibraryFunctionParameters", "shared_implementation_short_name": "UncheckedRangeDomainPoleErrors", "tags": [ - "correctness" + "correctness", + "external/misra/c/2012/third-edition-first-revision" ], "implementation_scope": { "description": "This query identifies possible domain, pole and range errors on a selection of C standard library fuctions from math.h." @@ -61,7 +62,8 @@ "short_name": "FunctionErrorInformationUntested", "shared_implementation_short_name": "FunctionErroneousReturnValueNotTested", "tags": [ - "maintainability" + "maintainability", + "external/misra/c/2012/third-edition-first-revision" ], "implementation_scope": { "description": "This query enforces checking on some C standard library functions that may return error codes." From 82440695528fce9e12846cb92298572cd7aa1fdd Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 12 Jan 2025 22:15:43 +0000 Subject: [PATCH 2334/2573] Regenerate package files --- c/misra/src/rules/DIR-4-11/CheckMathLibraryFunctionParameters.ql | 1 + c/misra/src/rules/DIR-4-7/FunctionErrorInformationUntested.ql | 1 + 2 files changed, 2 insertions(+) diff --git a/c/misra/src/rules/DIR-4-11/CheckMathLibraryFunctionParameters.ql b/c/misra/src/rules/DIR-4-11/CheckMathLibraryFunctionParameters.ql index 6810784a0e..4011b210f8 100644 --- a/c/misra/src/rules/DIR-4-11/CheckMathLibraryFunctionParameters.ql +++ b/c/misra/src/rules/DIR-4-11/CheckMathLibraryFunctionParameters.ql @@ -8,6 +8,7 @@ * @problem.severity error * @tags external/misra/id/dir-4-11 * correctness + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ diff --git a/c/misra/src/rules/DIR-4-7/FunctionErrorInformationUntested.ql b/c/misra/src/rules/DIR-4-7/FunctionErrorInformationUntested.ql index 63236d422d..0c0a3d7b1a 100644 --- a/c/misra/src/rules/DIR-4-7/FunctionErrorInformationUntested.ql +++ b/c/misra/src/rules/DIR-4-7/FunctionErrorInformationUntested.ql @@ -12,6 +12,7 @@ * @problem.severity recommendation * @tags external/misra/id/dir-4-7 * maintainability + * external/misra/c/2012/third-edition-first-revision * external/misra/obligation/required */ From 37ac088223e3cab5e000fb36103d4fa70056e84a Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 12 Jan 2025 23:03:53 +0000 Subject: [PATCH 2335/2573] EssentialType: Merge binary operation implementations EssentialBinaryArithmeticOperation and EssentialBinaryBitwiseOperation only differ in their handling of + and - operations, so combine the two implementations to reduce duplication. In addition, change the characteristic predicate to an allow list. This ensures we only capture the intended binary operations, and exclude any others. --- .../c/misra/EssentialTypes.qll | 71 ++++++------------- 1 file changed, 21 insertions(+), 50 deletions(-) diff --git a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll index 4dbe8dbb34..57250d42c5 100644 --- a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll +++ b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll @@ -286,11 +286,26 @@ class EssentialConditionalExpr extends EssentialExpr, ConditionalExpr { } } -class EssentialBinaryArithmeticExpr extends EssentialExpr, BinaryArithmeticOperation { - EssentialBinaryArithmeticExpr() { - // GNU C extension has min/max which we can ignore - not this instanceof MinExpr and - not this instanceof MaxExpr +/** + * A binary operation subject to usual conversions, with essential type behaviour as specified by D.7.9. + */ +class EssentialBinaryOperationSubjectToUsualConversions extends EssentialExpr, BinaryOperation { + EssentialBinaryOperationSubjectToUsualConversions() { + this instanceof MulExpr + or + this instanceof DivExpr + or + this instanceof RemExpr + or + this instanceof AddExpr + or + this instanceof SubExpr + or + this instanceof BitwiseAndExpr + or + this instanceof BitwiseOrExpr + or + this instanceof BitwiseXorExpr } override Type getEssentialType() { @@ -353,51 +368,7 @@ class EssentialBinaryArithmeticExpr extends EssentialExpr, BinaryArithmeticOpera } } -class EssentialBinaryBitwiseExpr extends EssentialExpr, BinaryBitwiseOperation { - EssentialBinaryBitwiseExpr() { - not this instanceof LShiftExpr and - not this instanceof RShiftExpr - } - - override Type getEssentialType() { - exists( - Type leftEssentialType, Type rightEssentialType, - EssentialTypeCategory leftEssentialTypeCategory, - EssentialTypeCategory rightEssentialTypeCategory - | - leftEssentialType = getEssentialType(getLeftOperand()) and - rightEssentialType = getEssentialType(getRightOperand()) and - leftEssentialTypeCategory = getEssentialTypeCategory(leftEssentialType) and - rightEssentialTypeCategory = getEssentialTypeCategory(rightEssentialType) - | - if - leftEssentialTypeCategory = EssentiallySignedType() and - rightEssentialTypeCategory = EssentiallySignedType() - then - if exists(getValue()) - then result = stlr(this) - else ( - if leftEssentialType.getSize() > rightEssentialType.getSize() - then result = leftEssentialType - else result = rightEssentialType - ) - else - if - leftEssentialTypeCategory = EssentiallyUnsignedType() and - rightEssentialTypeCategory = EssentiallyUnsignedType() - then - if exists(getValue()) - then result = utlr(this) - else ( - if leftEssentialType.getSize() > rightEssentialType.getSize() - then result = leftEssentialType - else result = rightEssentialType - ) - else result = this.getStandardType() - ) - } -} - +// } /** * A named Enum type, as per D.5. */ From 9dc3f1894b3b853c7c8459cc25715698d06eaff2 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 12 Jan 2025 23:19:27 +0000 Subject: [PATCH 2336/2573] EssentialType: extract Add/Sub expressions Extract out add/sub expressions special behaviour to improve clarity. This commit also simplifies the add case by avoiding referring to left/right explicitly. --- .../c/misra/EssentialTypes.qll | 66 ++++++++++++------- 1 file changed, 44 insertions(+), 22 deletions(-) diff --git a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll index 57250d42c5..2852f5d842 100644 --- a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll +++ b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll @@ -342,28 +342,50 @@ class EssentialBinaryOperationSubjectToUsualConversions extends EssentialExpr, B then result = leftEssentialType else result = rightEssentialType ) - else - if - this instanceof AddExpr and - ( - leftEssentialTypeCategory = EssentiallyCharacterType() - or - rightEssentialTypeCategory = EssentiallyCharacterType() - ) and - ( - leftEssentialTypeCategory = - [EssentiallySignedType(), EssentiallyUnsignedType().(TEssentialTypeCategory)] - or - rightEssentialTypeCategory = - [EssentiallySignedType(), EssentiallyUnsignedType().(TEssentialTypeCategory)] - ) - or - this instanceof SubExpr and - leftEssentialTypeCategory = EssentiallyCharacterType() and - rightEssentialTypeCategory = - [EssentiallySignedType(), EssentiallyUnsignedType().(TEssentialTypeCategory)] - then result instanceof PlainCharType - else result = this.getStandardType() + else result = this.getStandardType() + ) + } +} + +/** + * An add expression, with essential type behaviour as specified by D.7.9. + */ +class EssentialAddExpr extends EssentialBinaryOperationSubjectToUsualConversions, AddExpr { + override Type getEssentialType() { + exists( + EssentialTypeCategory operandTypeCategory, EssentialTypeCategory otherOperandTypeCategory + | + operandTypeCategory = getEssentialTypeCategory(getEssentialType(getAnOperand())) and + otherOperandTypeCategory = getEssentialTypeCategory(getEssentialType(getAnOperand())) + | + if + operandTypeCategory = EssentiallyCharacterType() and + otherOperandTypeCategory = + [EssentiallySignedType(), EssentiallyUnsignedType().(TEssentialTypeCategory)] + then result instanceof PlainCharType + else result = super.getEssentialType() + ) + } +} + +/** + * A sub expression, with essential type behaviour as specified by D.7.9. + */ +class EssentialSubExpr extends EssentialBinaryOperationSubjectToUsualConversions, SubExpr { + override Type getEssentialType() { + exists( + EssentialTypeCategory leftEssentialTypeCategory, + EssentialTypeCategory rightEssentialTypeCategory + | + leftEssentialTypeCategory = getEssentialTypeCategory(getEssentialType(getLeftOperand())) and + rightEssentialTypeCategory = getEssentialTypeCategory(getEssentialType(getRightOperand())) + | + if + leftEssentialTypeCategory = EssentiallyCharacterType() and + rightEssentialTypeCategory = + [EssentiallySignedType(), EssentiallyUnsignedType().(TEssentialTypeCategory)] + then result instanceof PlainCharType + else result = super.getEssentialType() ) } } From 29420e93e0f286a6cafe06a6ef44989c2e517676 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 12 Jan 2025 23:33:13 +0000 Subject: [PATCH 2337/2573] EssentialType: Combine binary cases Reduce repitition through combining cases. --- .../c/misra/EssentialTypes.qll | 26 +++++++------------ 1 file changed, 9 insertions(+), 17 deletions(-) diff --git a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll index 2852f5d842..633660b952 100644 --- a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll +++ b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll @@ -320,29 +320,21 @@ class EssentialBinaryOperationSubjectToUsualConversions extends EssentialExpr, B rightEssentialTypeCategory = getEssentialTypeCategory(rightEssentialType) | if - leftEssentialTypeCategory = EssentiallySignedType() and - rightEssentialTypeCategory = EssentiallySignedType() + leftEssentialTypeCategory = rightEssentialTypeCategory and + leftEssentialTypeCategory = + [EssentiallyUnsignedType(), EssentiallySignedType().(TEssentialTypeCategory)] then if exists(getValue()) - then result = stlr(this) - else ( + then ( + leftEssentialTypeCategory = EssentiallySignedType() and result = stlr(this) + or + leftEssentialTypeCategory = EssentiallyUnsignedType() and result = utlr(this) + ) else ( if leftEssentialType.getSize() > rightEssentialType.getSize() then result = leftEssentialType else result = rightEssentialType ) - else - if - leftEssentialTypeCategory = EssentiallyUnsignedType() and - rightEssentialTypeCategory = EssentiallyUnsignedType() - then - if exists(getValue()) - then result = utlr(this) - else ( - if leftEssentialType.getSize() > rightEssentialType.getSize() - then result = leftEssentialType - else result = rightEssentialType - ) - else result = this.getStandardType() + else result = this.getStandardType() ) } } From 62da9c88ba9c6a5acb88f79a94405947f3505a4c Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 12 Jan 2025 23:45:14 +0000 Subject: [PATCH 2338/2573] EssentialType: Simplify (Signed or Unsigned) --- .../c/misra/EssentialTypes.qll | 25 ++++++++----------- 1 file changed, 11 insertions(+), 14 deletions(-) diff --git a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll index 633660b952..555d3d2b2d 100644 --- a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll +++ b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll @@ -31,17 +31,19 @@ class EssentialTypeCategory extends TEssentialTypeCategory { } } +class EssentiallySignedOrUnsignedType extends EssentialTypeCategory { + EssentiallySignedOrUnsignedType() { + this = EssentiallySignedType() or this = EssentiallyUnsignedType() + } +} + /** * An expression in the program that evaluates to a compile time constant signed or unsigned integer. */ private class ConstantIntegerExpr extends Expr { pragma[noinline] ConstantIntegerExpr() { - getEssentialTypeCategory(this.getType()) = - [ - EssentiallyUnsignedType().(EssentialTypeCategory), - EssentiallySignedType().(EssentialTypeCategory) - ] and + getEssentialTypeCategory(this.getType()) instanceof EssentiallySignedOrUnsignedType and exists(this.getValue().toFloat()) and not this instanceof Conversion } @@ -235,9 +237,7 @@ class EssentialUnaryPlusExpr extends EssentialExpr, UnaryPlusExpr { operandEssentialType = getEssentialType(getOperand()) and operandEssentialTypeCategory = getEssentialTypeCategory(operandEssentialType) | - if - operandEssentialTypeCategory = - [EssentiallyUnsignedType().(TEssentialTypeCategory), EssentiallySignedType()] + if operandEssentialTypeCategory instanceof EssentiallySignedOrUnsignedType then result = operandEssentialType else result = getStandardType() ) @@ -321,8 +321,7 @@ class EssentialBinaryOperationSubjectToUsualConversions extends EssentialExpr, B | if leftEssentialTypeCategory = rightEssentialTypeCategory and - leftEssentialTypeCategory = - [EssentiallyUnsignedType(), EssentiallySignedType().(TEssentialTypeCategory)] + leftEssentialTypeCategory instanceof EssentiallySignedOrUnsignedType then if exists(getValue()) then ( @@ -352,8 +351,7 @@ class EssentialAddExpr extends EssentialBinaryOperationSubjectToUsualConversions | if operandTypeCategory = EssentiallyCharacterType() and - otherOperandTypeCategory = - [EssentiallySignedType(), EssentiallyUnsignedType().(TEssentialTypeCategory)] + otherOperandTypeCategory instanceof EssentiallySignedOrUnsignedType then result instanceof PlainCharType else result = super.getEssentialType() ) @@ -374,8 +372,7 @@ class EssentialSubExpr extends EssentialBinaryOperationSubjectToUsualConversions | if leftEssentialTypeCategory = EssentiallyCharacterType() and - rightEssentialTypeCategory = - [EssentiallySignedType(), EssentiallyUnsignedType().(TEssentialTypeCategory)] + rightEssentialTypeCategory instanceof EssentiallySignedOrUnsignedType then result instanceof PlainCharType else result = super.getEssentialType() ) From cd8ea6767da83d0783502e826a4c7be6b86bdb05 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 12 Jan 2025 23:48:01 +0000 Subject: [PATCH 2339/2573] EssentialType: Reduce duplication in conditional calc Avoid repeating code for both the signed and unsigned cases. --- .../src/codingstandards/c/misra/EssentialTypes.qll | 14 +++----------- 1 file changed, 3 insertions(+), 11 deletions(-) diff --git a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll index 555d3d2b2d..97a9604f58 100644 --- a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll +++ b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll @@ -267,21 +267,13 @@ class EssentialConditionalExpr extends EssentialExpr, ConditionalExpr { then result = thenEssentialType else if - getEssentialTypeCategory(thenEssentialType) = EssentiallySignedType() and - getEssentialTypeCategory(elseEssentialType) = EssentiallySignedType() + getEssentialTypeCategory(thenEssentialType) = getEssentialTypeCategory(elseEssentialType) and + getEssentialTypeCategory(thenEssentialType) instanceof EssentiallySignedOrUnsignedType then if thenEssentialType.getSize() > elseEssentialType.getSize() then result = thenEssentialType else result = elseEssentialType - else - if - getEssentialTypeCategory(thenEssentialType) = EssentiallyUnsignedType() and - getEssentialTypeCategory(elseEssentialType) = EssentiallyUnsignedType() - then - if thenEssentialType.getSize() > elseEssentialType.getSize() - then result = thenEssentialType - else result = elseEssentialType - else result = this.getStandardType() + else result = this.getStandardType() ) } } From 7a465dd340948eb3a6a5a0e6f5b14c068bc601a7 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 12 Jan 2025 23:52:35 +0000 Subject: [PATCH 2340/2573] EssentialType: Add maxRank predicate --- .../c/misra/EssentialTypes.qll | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll index 97a9604f58..0a4e64e98d 100644 --- a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll +++ b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll @@ -257,6 +257,13 @@ class EssentialUnaryMinusExpr extends EssentialExpr, UnaryMinusExpr { } } +bindingset[essentialTypeA, essentialTypeB] +private Type maxRankType(Type essentialTypeA, Type essentialTypeB) { + if essentialTypeA.getSize() > essentialTypeB.getSize() + then result = essentialTypeA + else result = essentialTypeB +} + class EssentialConditionalExpr extends EssentialExpr, ConditionalExpr { override Type getEssentialType() { exists(Type thenEssentialType, Type elseEssentialType | @@ -269,10 +276,7 @@ class EssentialConditionalExpr extends EssentialExpr, ConditionalExpr { if getEssentialTypeCategory(thenEssentialType) = getEssentialTypeCategory(elseEssentialType) and getEssentialTypeCategory(thenEssentialType) instanceof EssentiallySignedOrUnsignedType - then - if thenEssentialType.getSize() > elseEssentialType.getSize() - then result = thenEssentialType - else result = elseEssentialType + then result = maxRankType(thenEssentialType, elseEssentialType) else result = this.getStandardType() ) } @@ -316,15 +320,11 @@ class EssentialBinaryOperationSubjectToUsualConversions extends EssentialExpr, B leftEssentialTypeCategory instanceof EssentiallySignedOrUnsignedType then if exists(getValue()) - then ( + then leftEssentialTypeCategory = EssentiallySignedType() and result = stlr(this) or leftEssentialTypeCategory = EssentiallyUnsignedType() and result = utlr(this) - ) else ( - if leftEssentialType.getSize() > rightEssentialType.getSize() - then result = leftEssentialType - else result = rightEssentialType - ) + else result = maxRankType(leftEssentialType, rightEssentialType) else result = this.getStandardType() ) } From 3fd82fd7bf2cb2a61f2c1c476d53806f2e932834 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 13 Jan 2025 00:06:10 +0000 Subject: [PATCH 2341/2573] EssentialType: Fix test comments --- c/misra/test/c/misra/test.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/c/misra/test/c/misra/test.c b/c/misra/test/c/misra/test.c index e271a67e30..7bcb5d7bad 100644 --- a/c/misra/test/c/misra/test.c +++ b/c/misra/test/c/misra/test.c @@ -139,8 +139,8 @@ void testBitwise() { s32 ^ s16; // Essentially signed, int s16 ^ s32; // Essentially signed, int - u32 & s32; // Essentially signed, int - s32 & u32; // Essentially signed, int + u32 & s32; // Essentially unsigned, int + s32 & u32; // Essentially unsigned, int u8 & s32; // Essentially signed, int s32 & u8; // Essentially signed, int u8 & s8; // Essentially signed, int From 8a070839bb679f5eb7ed57638cfb3ed4ab662485 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 13 Jan 2025 00:11:41 +0000 Subject: [PATCH 2342/2573] Avoid formatting colisions --- c/misra/test/c/misra/test.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/c/misra/test/c/misra/test.c b/c/misra/test/c/misra/test.c index 7bcb5d7bad..36a3eb0b10 100644 --- a/c/misra/test/c/misra/test.c +++ b/c/misra/test/c/misra/test.c @@ -82,8 +82,8 @@ void testControlChar() { } #include - -void testBitwise() { +// clang-format off +void testBitwise() { // Clang format disabled to avoid confusion with variable declarations uint8_t u8 = 0; uint16_t u16 = 0; uint32_t u32 = 0; @@ -160,7 +160,7 @@ void testBitwise() { u8 ^ s8; // Essentially signed, int s8 ^ u8; // Essentially signed, int } - +// clang-format on void testShifts() { int32_t s32 = 1; From 2c2c3fbac9f7efeca6199d9ee626ccc67092e863 Mon Sep 17 00:00:00 2001 From: knewbury01 Date: Tue, 14 Jan 2025 14:59:01 +0000 Subject: [PATCH 2343/2573] Bump version to 2.41.0-dev --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- docs/user_manual.md | 12 ++++++------ 16 files changed, 21 insertions(+), 21 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index 2778e44435..4945abe49c 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards -version: 2.40.0-dev +version: 2.41.0-dev description: CERT C 2016 suites: codeql-suites license: MIT diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index 461ebe9677..af5e71d2a1 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards-tests -version: 2.40.0-dev +version: 2.41.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index f39f3cb1c4..9545a88178 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards -version: 2.40.0-dev +version: 2.41.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index d417a17df2..febda7a63b 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards-tests -version: 2.40.0-dev +version: 2.41.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 9aceed1a49..758c059c01 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards -version: 2.40.0-dev +version: 2.41.0-dev description: MISRA C 2012 suites: codeql-suites license: MIT diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index d53bc95f28..d367e8d06d 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards-tests -version: 2.40.0-dev +version: 2.41.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index f44ad54c74..565cfc12db 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards -version: 2.40.0-dev +version: 2.41.0-dev description: AUTOSAR C++14 Guidelines R22-11, R21-11, R20-11, R19-11 and R19-03 suites: codeql-suites license: MIT diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index 178d8cc314..66755fe907 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards-tests -version: 2.40.0-dev +version: 2.41.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index 735dd9f5b4..cc981411c2 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards -version: 2.40.0-dev +version: 2.41.0-dev description: CERT C++ 2016 suites: codeql-suites license: MIT diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index 3a6d02e7d4..af6e4f8659 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards-tests -version: 2.40.0-dev +version: 2.41.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index 1ae6dfd997..4d0aeb01f1 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards -version: 2.40.0-dev +version: 2.41.0-dev license: MIT dependencies: codeql/cpp-all: 1.4.2 diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index 90236b203e..a6d2ae30eb 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards-tests -version: 2.40.0-dev +version: 2.41.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index 96fc96ce24..a6ac09f1b1 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards -version: 2.40.0-dev +version: 2.41.0-dev description: MISRA C++ 2023 default-suite: codeql-suites/misra-cpp-default.qls license: MIT diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index 207facda4e..0265144f4f 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards-tests -version: 2.40.0-dev +version: 2.41.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index e569153ae8..d1c854206c 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/report-cpp-coding-standards -version: 2.40.0-dev +version: 2.41.0-dev license: MIT dependencies: codeql/cpp-all: 1.4.2 diff --git a/docs/user_manual.md b/docs/user_manual.md index 952a9a3c99..d076759571 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -33,14 +33,14 @@ ## Release information -This user manual documents release `2.40.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). +This user manual documents release `2.41.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). The release page documents the release notes and contains the following artifacts part of the release: - `coding-standards-codeql-packs-2.37.0-dev.zip`: CodeQL packs that can be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `code-scanning-cpp-query-pack-2.40.0-dev.zip`: Legacy packaging for the queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `supported_rules_list_2.40.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. -- `supported_rules_list_2.40.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. -- `user_manual_2.40.0-dev.md`: This user manual. +- `code-scanning-cpp-query-pack-2.41.0-dev.zip`: Legacy packaging for the queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. +- `supported_rules_list_2.41.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. +- `supported_rules_list_2.41.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. +- `user_manual_2.41.0-dev.md`: This user manual. - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards - `checksums.txt`: A text file containing sha256 checksums for the aforementioned artifacts. @@ -573,7 +573,7 @@ This section describes known failure modes for "CodeQL Coding Standards" and des | | Out of space | Less output. Some files may be only be partially analyzed, or not analyzed at all. | Error reported on the command line. | Increase space. If it remains an issue report space consumption issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False positives | More output. Results are reported which are not violations of the guidelines. | All reported results must be reviewed. | Report false positive issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False negatives | Less output. Violations of the guidelines are not reported. | Other validation and verification processes during software development should be used to complement the analysis performed by CodeQL Coding Standards. | Report false negative issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | -| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.40.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | +| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.41.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | | | Incorrect deviation record specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation records with a reason. Ensure that all deviation records are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Incorrect deviation permit specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation permits with a reason. Ensure that all deviation permits are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Unapproved use of a deviation record | Less output. Results for guideline violations are not reported. | Validate that the deviation record use is approved by verifying the approved-by attribute of the deviation record specification. | Ensure that each raised deviation record is approved by an independent approver through an auditable process. | From a75dc0af9db6f80aaff1ca18af5839912c9edc8c Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Wed, 15 Jan 2025 20:01:39 -0800 Subject: [PATCH 2344/2573] Address feedback --- .../rules/RULE-2-8/UnusedObjectDefinition.ql | 2 +- .../RULE-2-8/UnusedObjectDefinitionInMacro.ql | 24 ---- .../UnusedObjectDefinitionInMacroStrict.ql | 27 ---- .../RULE-2-8/UnusedObjectDefinitionStrict.ql | 2 +- .../RULE-2-8/UnusedObjectDefinition.expected | 22 +-- .../UnusedObjectDefinitionInMacro.expected | 2 - .../UnusedObjectDefinitionInMacro.qlref | 1 - ...usedObjectDefinitionInMacroStrict.expected | 2 - .../UnusedObjectDefinitionInMacroStrict.qlref | 1 - .../UnusedObjectDefinitionStrict.expected | 6 +- c/misra/test/rules/RULE-2-8/test.c | 2 + .../DeduplicateMacroResults.qll | 55 ++++++-- .../cpp/deadcode/UnusedObjects.qll | 129 ++---------------- .../cpp/exclusions/c/DeadCode2.qll | 36 +---- .../DeduplicateMacroResults.expected | 1 + .../alertreporting/DeduplicateMacroResults.ql | 7 +- .../deduplicatemacroresults.cpp | 2 +- docs/development_handbook.md | 1 + docs/user_manual.md | 3 +- rule_packages/c/DeadCode2.json | 27 ---- 20 files changed, 84 insertions(+), 268 deletions(-) delete mode 100644 c/misra/src/rules/RULE-2-8/UnusedObjectDefinitionInMacro.ql delete mode 100644 c/misra/src/rules/RULE-2-8/UnusedObjectDefinitionInMacroStrict.ql delete mode 100644 c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionInMacro.expected delete mode 100644 c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionInMacro.qlref delete mode 100644 c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionInMacroStrict.expected delete mode 100644 c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionInMacroStrict.qlref diff --git a/c/misra/src/rules/RULE-2-8/UnusedObjectDefinition.ql b/c/misra/src/rules/RULE-2-8/UnusedObjectDefinition.ql index 420733d4ac..2230a74592 100644 --- a/c/misra/src/rules/RULE-2-8/UnusedObjectDefinition.ql +++ b/c/misra/src/rules/RULE-2-8/UnusedObjectDefinition.ql @@ -16,7 +16,7 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.deadcode.UnusedObjects -from ReportDeadObjectAtDefinition report +from ReportDeadObject report where not isExcluded(report.getPrimaryElement(), DeadCode2Package::unusedObjectDefinitionQuery()) and not report.hasAttrUnused() diff --git a/c/misra/src/rules/RULE-2-8/UnusedObjectDefinitionInMacro.ql b/c/misra/src/rules/RULE-2-8/UnusedObjectDefinitionInMacro.ql deleted file mode 100644 index d5c339c157..0000000000 --- a/c/misra/src/rules/RULE-2-8/UnusedObjectDefinitionInMacro.ql +++ /dev/null @@ -1,24 +0,0 @@ -/** - * @id c/misra/unused-object-definition-in-macro - * @name RULE-2-8: Project macros should not include unused object definitions - * @description Macros should not have unused object definitions. - * @kind problem - * @precision very-high - * @problem.severity recommendation - * @tags external/misra/id/rule-2-8 - * maintainability - * performance - * external/misra/c/2012/amendment4 - * external/misra/obligation/advisory - */ - -import cpp -import codingstandards.c.misra -import codingstandards.cpp.deadcode.UnusedObjects - -from ReportDeadObjectInMacro report -where - not isExcluded(report.getPrimaryElement(), DeadCode2Package::unusedObjectDefinitionInMacroQuery()) and - not report.hasAttrUnused() -select report.getPrimaryElement(), report.getMessage(), report.getOptionalPlaceholderLocation(), - report.getOptionalPlaceholderMessage() diff --git a/c/misra/src/rules/RULE-2-8/UnusedObjectDefinitionInMacroStrict.ql b/c/misra/src/rules/RULE-2-8/UnusedObjectDefinitionInMacroStrict.ql deleted file mode 100644 index 7eead60424..0000000000 --- a/c/misra/src/rules/RULE-2-8/UnusedObjectDefinitionInMacroStrict.ql +++ /dev/null @@ -1,27 +0,0 @@ -/** - * @id c/misra/unused-object-definition-in-macro-strict - * @name RULE-2-8: Project macros should not include '__attribute__((unused))' object definitions - * @description A strict query which reports all unused object definitions in macros with - * '__attribute__((unused))'. - * @kind problem - * @precision very-high - * @problem.severity recommendation - * @tags external/misra/id/rule-2-8 - * maintainability - * performance - * external/misra/c/2012/amendment4 - * external/misra/c/strict - * external/misra/obligation/advisory - */ - -import cpp -import codingstandards.c.misra -import codingstandards.cpp.deadcode.UnusedObjects - -from ReportDeadObjectInMacro report -where - not isExcluded(report.getPrimaryElement(), - DeadCode2Package::unusedObjectDefinitionInMacroStrictQuery()) and - report.hasAttrUnused() -select report.getPrimaryElement(), report.getMessage(), report.getOptionalPlaceholderLocation(), - report.getOptionalPlaceholderMessage() diff --git a/c/misra/src/rules/RULE-2-8/UnusedObjectDefinitionStrict.ql b/c/misra/src/rules/RULE-2-8/UnusedObjectDefinitionStrict.ql index ad92c79481..cc117763ee 100644 --- a/c/misra/src/rules/RULE-2-8/UnusedObjectDefinitionStrict.ql +++ b/c/misra/src/rules/RULE-2-8/UnusedObjectDefinitionStrict.ql @@ -18,7 +18,7 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.deadcode.UnusedObjects -from ReportDeadObjectAtDefinition report +from ReportDeadObject report where not isExcluded(report.getPrimaryElement(), DeadCode2Package::unusedObjectDefinitionStrictQuery()) and report.hasAttrUnused() diff --git a/c/misra/test/rules/RULE-2-8/UnusedObjectDefinition.expected b/c/misra/test/rules/RULE-2-8/UnusedObjectDefinition.expected index ce7e198122..731aebb1be 100644 --- a/c/misra/test/rules/RULE-2-8/UnusedObjectDefinition.expected +++ b/c/misra/test/rules/RULE-2-8/UnusedObjectDefinition.expected @@ -1,10 +1,12 @@ -| test.c:6:5:6:6 | definition of g2 | Unused object definition 'g2'. | test.c:6:5:6:6 | test.c:6:5:6:6 | | -| test.c:9:5:9:6 | definition of g3 | Unused object definition 'g3'. | test.c:9:5:9:6 | test.c:9:5:9:6 | | -| test.c:20:7:20:8 | definition of l2 | Unused object definition 'l2'. | test.c:20:7:20:8 | test.c:20:7:20:8 | | -| test.c:27:7:27:8 | definition of l5 | Unused object definition 'l5'. | test.c:27:7:27:8 | test.c:27:7:27:8 | | -| test.c:37:10:37:11 | definition of g5 | Unused object definition 'g5'. | test.c:37:10:37:11 | test.c:37:10:37:11 | | -| test.c:45:9:45:10 | definition of g6 | Unused object definition 'g6'. | test.c:45:9:45:10 | test.c:45:9:45:10 | | -| test.c:51:5:51:6 | definition of g7 | Unused object definition 'g7'. | test.c:51:5:51:6 | test.c:51:5:51:6 | | -| test.c:64:3:64:18 | ONLY_DEF_VAR(x) | Unused object definition 'l2' from macro '$@'. | test.c:60:1:60:34 | test.c:60:1:60:34 | ONLY_DEF_VAR | -| test.c:117:11:117:13 | definition of g10 | Unused object definition 'g10'. | test.c:117:11:117:13 | test.c:117:11:117:13 | | -| test.c:122:13:122:14 | definition of l2 | Unused object definition 'l2'. | test.c:122:13:122:14 | test.c:122:13:122:14 | | +| test.c:6:5:6:6 | definition of g2 | Unused object 'g2'. | test.c:6:5:6:6 | test.c:6:5:6:6 | (ignored) | +| test.c:9:5:9:6 | definition of g3 | Unused object 'g3'. | test.c:9:5:9:6 | test.c:9:5:9:6 | (ignored) | +| test.c:20:7:20:8 | definition of l2 | Unused object 'l2'. | test.c:20:7:20:8 | test.c:20:7:20:8 | (ignored) | +| test.c:27:7:27:8 | definition of l5 | Unused object 'l5'. | test.c:27:7:27:8 | test.c:27:7:27:8 | (ignored) | +| test.c:37:10:37:11 | definition of g5 | Unused object 'g5'. | test.c:37:10:37:11 | test.c:37:10:37:11 | (ignored) | +| test.c:45:9:45:10 | definition of g6 | Unused object 'g6'. | test.c:45:9:45:10 | test.c:45:9:45:10 | (ignored) | +| test.c:51:5:51:6 | definition of g7 | Unused object 'g7'. | test.c:51:5:51:6 | test.c:51:5:51:6 | (ignored) | +| test.c:64:3:64:18 | ONLY_DEF_VAR(x) | Invocation of macro '$@' defines unused object 'l2'. | test.c:60:1:60:34 | test.c:60:1:60:34 | ONLY_DEF_VAR | +| test.c:68:1:71:5 | #define ALSO_DEF_VAR(x) int x = 0; while (1) ; | Macro 'ALSO_DEF_VAR' defines unused object with an invocation-dependent name, for example, '$@'. | test.c:73:16:73:17 | test.c:73:16:73:17 | l1 | +| test.c:77:1:82:3 | #define DEF_UNUSED_INNER_VAR() { int _v = 0; while (1) ; } | Macro 'DEF_UNUSED_INNER_VAR' defines unused object '_v'. | test.c:77:1:82:3 | test.c:77:1:82:3 | (ignored) | +| test.c:119:11:119:13 | definition of g10 | Unused object 'g10'. | test.c:119:11:119:13 | test.c:119:11:119:13 | (ignored) | +| test.c:124:13:124:14 | definition of l2 | Unused object 'l2'. | test.c:124:13:124:14 | test.c:124:13:124:14 | (ignored) | diff --git a/c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionInMacro.expected b/c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionInMacro.expected deleted file mode 100644 index c25c136789..0000000000 --- a/c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionInMacro.expected +++ /dev/null @@ -1,2 +0,0 @@ -| test.c:68:1:71:5 | #define ALSO_DEF_VAR(x) int x = 0; while (1) ; | Macro 'ALSO_DEF_VAR' defines unused object of varied names, for example, '$@'. | test.c:73:16:73:17 | test.c:73:16:73:17 | l1 | -| test.c:77:1:82:3 | #define DEF_UNUSED_INNER_VAR() { int _v = 0; while (1) ; } | Macro 'DEF_UNUSED_INNER_VAR' defines unused object '_v'. | test.c:77:1:82:3 | test.c:77:1:82:3 | (ignored) | diff --git a/c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionInMacro.qlref b/c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionInMacro.qlref deleted file mode 100644 index 057e684fd0..0000000000 --- a/c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionInMacro.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-2-8/UnusedObjectDefinitionInMacro.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionInMacroStrict.expected b/c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionInMacroStrict.expected deleted file mode 100644 index 2919c65cb7..0000000000 --- a/c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionInMacroStrict.expected +++ /dev/null @@ -1,2 +0,0 @@ -| test.c:94:1:97:5 | #define ALSO_DEF_ATTR_UNUSED_VAR(x) __attribute__((unused)) int x = 0; while (1) ; | Macro 'ALSO_DEF_ATTR_UNUSED_VAR' defines unused object of varied names, for example, '$@'. | test.c:99:28:99:29 | test.c:99:28:99:29 | l1 | -| test.c:104:1:109:3 | #define DEF_ATTR_UNUSED_INNER_VAR() { __attribute__((unused)) int _v = 0; while (1) ; } | Macro 'DEF_ATTR_UNUSED_INNER_VAR' defines unused object '_v'. | test.c:104:1:109:3 | test.c:104:1:109:3 | (ignored) | diff --git a/c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionInMacroStrict.qlref b/c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionInMacroStrict.qlref deleted file mode 100644 index f04653dcb6..0000000000 --- a/c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionInMacroStrict.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-2-8/UnusedObjectDefinitionInMacroStrict.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionStrict.expected b/c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionStrict.expected index 624368ac54..cf3c0b64e1 100644 --- a/c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionStrict.expected +++ b/c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionStrict.expected @@ -1,2 +1,4 @@ -| test.c:87:29:87:30 | definition of g8 | Unused object definition 'g8'. | test.c:87:29:87:30 | test.c:87:29:87:30 | | -| test.c:90:3:90:30 | ONLY_DEF_ATTR_UNUSED_VAR(x) | Unused object definition 'l2' from macro '$@'. | test.c:88:1:88:70 | test.c:88:1:88:70 | ONLY_DEF_ATTR_UNUSED_VAR | +| test.c:87:29:87:30 | definition of g8 | Unused object 'g8'. | test.c:87:29:87:30 | test.c:87:29:87:30 | (ignored) | +| test.c:92:3:92:30 | ONLY_DEF_ATTR_UNUSED_VAR(x) | Invocation of macro '$@' defines unused object 'l2'. | test.c:88:1:88:70 | test.c:88:1:88:70 | ONLY_DEF_ATTR_UNUSED_VAR | +| test.c:96:1:99:5 | #define ALSO_DEF_ATTR_UNUSED_VAR(x) __attribute__((unused)) int x = 0; while (1) ; | Macro 'ALSO_DEF_ATTR_UNUSED_VAR' defines unused object with an invocation-dependent name, for example, '$@'. | test.c:101:28:101:29 | test.c:101:28:101:29 | l1 | +| test.c:106:1:111:3 | #define DEF_ATTR_UNUSED_INNER_VAR() { __attribute__((unused)) int _v = 0; while (1) ; } | Macro 'DEF_ATTR_UNUSED_INNER_VAR' defines unused object '_v'. | test.c:106:1:111:3 | test.c:106:1:111:3 | (ignored) | diff --git a/c/misra/test/rules/RULE-2-8/test.c b/c/misra/test/rules/RULE-2-8/test.c index ef40dfb2a4..e35bf15567 100644 --- a/c/misra/test/rules/RULE-2-8/test.c +++ b/c/misra/test/rules/RULE-2-8/test.c @@ -87,6 +87,8 @@ void f6() { __attribute__((unused)) int g8 = 1; // NON-COMPLIANT #define ONLY_DEF_ATTR_UNUSED_VAR(x) __attribute__((unused)) int x = 0; void f7() { + ONLY_DEF_ATTR_UNUSED_VAR(l1); // COMPLIANT + l1; ONLY_DEF_ATTR_UNUSED_VAR(l2); // NON-COMPLIANT } diff --git a/cpp/common/src/codingstandards/cpp/alertreporting/DeduplicateMacroResults.qll b/cpp/common/src/codingstandards/cpp/alertreporting/DeduplicateMacroResults.qll index 7c4e8ef41d..6462ac855a 100644 --- a/cpp/common/src/codingstandards/cpp/alertreporting/DeduplicateMacroResults.qll +++ b/cpp/common/src/codingstandards/cpp/alertreporting/DeduplicateMacroResults.qll @@ -29,12 +29,16 @@ signature module MacroReportConfigSig { /* Create a message to describe this macro, using '$@' to describe an example `ResultElement`. */ string getMessageVariedResultInAllExpansions(Macro m); - /* + /** * Create a message to describe this macro expansion which produces a `ResultElement`, using '$@' * to describe the relevant macro. */ - string getMessageResultInIsolatedExpansion(ResultElement element); + + /** + * Create a message to describe a `ResultElement` which is not generated by a macro expansion. + */ + string getMessageNotInMacro(ResultElement element); } /** @@ -88,7 +92,7 @@ signature module MacroReportConfigSig { * ## Generating Report Objects * * This module also can be used to more easily report issues across these cases, by implementing - * `MacroReportConfigSig` and importing `DeduplicateMacroResults::Report::ReportResultInMacro`. + * `MacroReportConfigSig` and importing `DeduplicateMacroResults::Report::ReportResult`. * * ``` * module InvalidFooInMacroReportConfig implements MacroReportConfigSig { @@ -106,11 +110,15 @@ signature module MacroReportConfigSig { * string getMessageResultInIsolatedExpansion(InvalidFoo foo) { * result = "Invocation of macro $@ has invalid foo '" + foo.getName() + "'." * } + * + * string getMessageNotInMacro(ResultElement element) { + * result = "Invalid foo '" + element.getName() + "'." + * } * } * * import DeduplicateFooInMacros::Report as Report; * - * from Report::ReportResultInMacro report + * from Report::ReportResult report * where not excluded(report.getPrimaryElement(), ...) * select report.getPrimaryElement(), report.getMessage(), report.getOptionalPlaceholderLocation(), * report.getOptionalPlaceholderMessage() @@ -234,11 +242,10 @@ module DeduplicateMacroResults< } } - /* + /** * Convenience predicate to know when invalid macro expansions have been reported at their macro * definition. */ - private predicate reported(Macro macro) { macro instanceof PrimaryMacroSameResultElementInAllInvocations or macro instanceof PrimaryMacroDifferentResultElementInAllInvocations @@ -248,7 +255,7 @@ module DeduplicateMacroResults< * A macro invocation for which the target macro does not always produce a `ResultElement`, but * this specific invocation of it does. * - * This is "primary" / most specific macro for these result elements. It will also does not match + * This is the "primary" / most specific macro for these result elements. It also does not match * `MacroInvocation`s inside of a `MacroInvocation` of a `Macro` which always produces a * `ResultElement`, indicating that the real problem lies with that other `Macro` instead of with * this particular invocation. @@ -274,10 +281,15 @@ module DeduplicateMacroResults< * See the doc comment for the `DeduplicateMacroResults` module for more info. */ module Report ReportConfig> { - newtype TReportResultInMacro = + newtype TReportResult = TReportMacroResultWithSameName(PrimaryMacroSameResultElementInAllInvocations def) or TReportMacroResultWithVariedName(PrimaryMacroDifferentResultElementInAllInvocations def) or - TReportIsolatedMacroResult(IsolatedMacroExpansionWithResultElement def) + TReportIsolatedMacroResult(IsolatedMacroExpansionWithResultElement def) or + TReportNotInMacro(ResultElement def) { + not exists (ResultMacroExpansion macroExpansion | + macroExpansion.getResultElement() = def + ) + } /** * An instance of a `ResultElement` to be reported to a user. @@ -291,7 +303,7 @@ module DeduplicateMacroResults< * The values returned by these methods are configured by the `MacroReportConfigSig` * signature parameter. */ - class ReportResultInMacro extends TReportResultInMacro { + class ReportResult extends TReportResult { string toString() { result = getMessage() } string getMessage() { @@ -310,6 +322,11 @@ module DeduplicateMacroResults< this = TReportIsolatedMacroResult(def) and result = ReportConfig::getMessageResultInIsolatedExpansion(def.getResultElement()) ) + or + exists(ResultElement def | + this = TReportNotInMacro(def) and + result = ReportConfig::getMessageNotInMacro(def) + ) } Element getPrimaryElement() { @@ -318,6 +335,8 @@ module DeduplicateMacroResults< this = TReportMacroResultWithVariedName(result) or this = TReportIsolatedMacroResult(result) + or + this = TReportNotInMacro(result) } Location getOptionalPlaceholderLocation() { @@ -335,6 +354,11 @@ module DeduplicateMacroResults< this = TReportIsolatedMacroResult(def) and result = def.getMacro().getLocation() ) + or + exists(ResultElement def | + this = TReportNotInMacro(def) and + result = def.getLocation() + ) } string getOptionalPlaceholderMessage() { @@ -343,7 +367,10 @@ module DeduplicateMacroResults< result = Config::describe(def.getExampleResultElement()) ) or - this = TReportMacroResultWithSameName(_) and + ( + this = TReportMacroResultWithSameName(_) + or this = TReportNotInMacro(_) + ) and result = "(ignored)" or this = TReportIsolatedMacroResult(_) and @@ -374,6 +401,12 @@ module DeduplicateMacroResults< or this = TReportIsolatedMacroResult(result) } + + ResultElement getAResultElement() { + result = getAResultMacroExpansion().getResultElement() + or + this = TReportNotInMacro(result) + } } } } diff --git a/cpp/common/src/codingstandards/cpp/deadcode/UnusedObjects.qll b/cpp/common/src/codingstandards/cpp/deadcode/UnusedObjects.qll index 96dcc8d315..fc262b5d93 100644 --- a/cpp/common/src/codingstandards/cpp/deadcode/UnusedObjects.qll +++ b/cpp/common/src/codingstandards/cpp/deadcode/UnusedObjects.qll @@ -40,141 +40,28 @@ module UnusedObjectDefinitionDedupeConfig implements import DeduplicateMacroResults as DeduplicateUnusedMacroObjects -/** - * A macro invocation that only defines one unused variable. - * - * These are reported at the invocation site when the variable is unused. - */ -class MacroExpansionWithOnlyUnusedObjectDefinition extends MacroInvocation { - UnusedObjectDefinition unusedObject; - - MacroExpansionWithOnlyUnusedObjectDefinition() { - exists(DeclStmt stmt, Declaration decl | - stmt = getStmt() and - count(getStmt()) = 1 and - count(stmt.getADeclaration()) = 1 and - decl = stmt.getADeclaration() and - count(decl.getADeclarationEntry()) = 1 and - unusedObject = decl.getADeclarationEntry() - ) and - not exists(this.getParentInvocation()) - } - - UnusedObjectDefinition getUnusedObject() { result = unusedObject } -} - -/** - * An object definition which is not from a macro, and for which all copies are unused. - * - * Extends the `HoldForAllCopies::LogicalResultElement` class, because these dead objects are often - * duplicated across defines and sometimes aren't marked used due to extractor bugs. - */ -class SimpleDeadObjectDefinition extends HoldsForAllCopies::LogicalResultElement -{ - SimpleDeadObjectDefinition() { not getAnElementInstance().isInMacroExpansion() } - - string getName() { result = getAnElementInstance().getName() } -} - -/* Make a type for reporting these two results in one query */ -newtype TReportDeadObjectAtDefinition = - TSimpleDeadObjectDefinition(SimpleDeadObjectDefinition def) or - TMacroExpansionWithOnlyUnusedObject(MacroExpansionWithOnlyUnusedObjectDefinition def) - -/** - * Class to report simple dead object definitions, and dead objects from macros that do nothing but - * define an object. - * - * To report all cases, make sure to also use the `DeduplicateUnusedMacroObjects::Report` module. - * - * To report these cases, use the methods: - * - `getMessage()` - * - `getPrimaryElement()`, - * - `getOptionalPlaceholderLocation()` - * - `getOptionalPlaceholderMessage()` - */ -class ReportDeadObjectAtDefinition extends TReportDeadObjectAtDefinition { - string toString() { result = getMessage() } - - string getMessage() { - exists(MacroExpansionWithOnlyUnusedObjectDefinition def | - this = TMacroExpansionWithOnlyUnusedObject(def) and - result = "Unused object definition '" + def.getUnusedObject().getName() + "' from macro '$@'." - ) - or - exists(SimpleDeadObjectDefinition def | - this = TSimpleDeadObjectDefinition(def) and - result = "Unused object definition '" + def.getName() + "'." - ) - } - - predicate hasAttrUnused() { - exists(MacroExpansionWithOnlyUnusedObjectDefinition def | - this = TMacroExpansionWithOnlyUnusedObject(def) and - def.getUnusedObject().hasAttrUnused() - ) - or - exists(SimpleDeadObjectDefinition def | - this = TSimpleDeadObjectDefinition(def) and - def.getAnElementInstance().hasAttrUnused() - ) - } - - Element getPrimaryElement() { - this = TMacroExpansionWithOnlyUnusedObject(result) - or - exists(SimpleDeadObjectDefinition def | - this = TSimpleDeadObjectDefinition(def) and - result = def.getAnElementInstance() - ) - } - - Location getOptionalPlaceholderLocation() { - exists(MacroExpansionWithOnlyUnusedObjectDefinition def | - this = TMacroExpansionWithOnlyUnusedObject(def) and - result = def.getMacro().getLocation() - ) - or - exists(SimpleDeadObjectDefinition def | - this = TSimpleDeadObjectDefinition(def) and - result = def.getAnElementInstance().getLocation() - ) - } - - string getOptionalPlaceholderMessage() { - exists(MacroExpansionWithOnlyUnusedObjectDefinition def | - this = TMacroExpansionWithOnlyUnusedObject(def) and - result = def.getMacroName() - ) - or - this = TSimpleDeadObjectDefinition(_) and - result = "" - } -} - /* Module config to use the `DeduplicateUnusedMacroObjects::Report` module */ -module ReportDeadObjectInMacroConfig implements MacroReportConfigSig { +module ReportDeadObjectConfig implements MacroReportConfigSig { bindingset[description] string getMessageSameResultInAllExpansions(Macro m, string description) { result = "Macro '" + m.getName() + "' defines unused object '" + description + "'." } string getMessageVariedResultInAllExpansions(Macro m) { - result = "Macro '" + m.getName() + "' defines unused object of varied names, for example, '$@'." + result = "Macro '" + m.getName() + "' defines unused object with an invocation-dependent name, for example, '$@'." } string getMessageResultInIsolatedExpansion(UnusedObjectDefinition unused) { result = "Invocation of macro '$@' defines unused object '" + unused.getName() + "'." } + + string getMessageNotInMacro(UnusedObjectDefinition unused) { + result = "Unused object '" + unused.getName() + "'." + } } /* The object to report in queries of dead objects used in macros */ -class ReportDeadObjectInMacro extends DeduplicateUnusedMacroObjects::Report::ReportResultInMacro +class ReportDeadObject extends DeduplicateUnusedMacroObjects::Report::ReportResult { - ReportDeadObjectInMacro() { - // `MacroExpansionWithOnlyUnusedObjectDefinition` is reported by class `ReportDeadObjectAtDefinition` - not getAResultMacroExpansion() instanceof MacroExpansionWithOnlyUnusedObjectDefinition - } - - predicate hasAttrUnused() { getAResultMacroExpansion().getResultElement().hasAttrUnused() } + predicate hasAttrUnused() { getAResultElement().hasAttrUnused() } } diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/DeadCode2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/DeadCode2.qll index 8f8edc03fa..611062a5ac 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/DeadCode2.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/DeadCode2.qll @@ -5,9 +5,7 @@ import codingstandards.cpp.exclusions.RuleMetadata newtype DeadCode2Query = TUnusedObjectDefinitionQuery() or - TUnusedObjectDefinitionInMacroQuery() or - TUnusedObjectDefinitionStrictQuery() or - TUnusedObjectDefinitionInMacroStrictQuery() + TUnusedObjectDefinitionStrictQuery() predicate isDeadCode2QueryMetadata(Query query, string queryId, string ruleId, string category) { query = @@ -19,15 +17,6 @@ predicate isDeadCode2QueryMetadata(Query query, string queryId, string ruleId, s ruleId = "RULE-2-8" and category = "advisory" or - query = - // `Query` instance for the `unusedObjectDefinitionInMacro` query - DeadCode2Package::unusedObjectDefinitionInMacroQuery() and - queryId = - // `@id` for the `unusedObjectDefinitionInMacro` query - "c/misra/unused-object-definition-in-macro" and - ruleId = "RULE-2-8" and - category = "advisory" - or query = // `Query` instance for the `unusedObjectDefinitionStrict` query DeadCode2Package::unusedObjectDefinitionStrictQuery() and @@ -36,15 +25,6 @@ predicate isDeadCode2QueryMetadata(Query query, string queryId, string ruleId, s "c/misra/unused-object-definition-strict" and ruleId = "RULE-2-8" and category = "advisory" - or - query = - // `Query` instance for the `unusedObjectDefinitionInMacroStrict` query - DeadCode2Package::unusedObjectDefinitionInMacroStrictQuery() and - queryId = - // `@id` for the `unusedObjectDefinitionInMacroStrict` query - "c/misra/unused-object-definition-in-macro-strict" and - ruleId = "RULE-2-8" and - category = "advisory" } module DeadCode2Package { @@ -55,24 +35,10 @@ module DeadCode2Package { TQueryC(TDeadCode2PackageQuery(TUnusedObjectDefinitionQuery())) } - Query unusedObjectDefinitionInMacroQuery() { - //autogenerate `Query` type - result = - // `Query` type for `unusedObjectDefinitionInMacro` query - TQueryC(TDeadCode2PackageQuery(TUnusedObjectDefinitionInMacroQuery())) - } - Query unusedObjectDefinitionStrictQuery() { //autogenerate `Query` type result = // `Query` type for `unusedObjectDefinitionStrict` query TQueryC(TDeadCode2PackageQuery(TUnusedObjectDefinitionStrictQuery())) } - - Query unusedObjectDefinitionInMacroStrictQuery() { - //autogenerate `Query` type - result = - // `Query` type for `unusedObjectDefinitionInMacroStrict` query - TQueryC(TDeadCode2PackageQuery(TUnusedObjectDefinitionInMacroStrictQuery())) - } } diff --git a/cpp/common/test/library/codingstandards/cpp/alertreporting/DeduplicateMacroResults.expected b/cpp/common/test/library/codingstandards/cpp/alertreporting/DeduplicateMacroResults.expected index eb55b83924..d9a7fe6a07 100644 --- a/cpp/common/test/library/codingstandards/cpp/alertreporting/DeduplicateMacroResults.expected +++ b/cpp/common/test/library/codingstandards/cpp/alertreporting/DeduplicateMacroResults.expected @@ -1,3 +1,4 @@ +| deduplicatemacroresults.cpp:4:8:4:9 | definition of g1 | Findme var 'g1'. | deduplicatemacroresults.cpp:4:8:4:9 | deduplicatemacroresults.cpp:4:8:4:9 | (ignored) | | deduplicatemacroresults.cpp:10:1:10:34 | SOMETIMES_HAS_RESULTS1(type,name) | Invocation of macro $@ has findme var 'g3'. | deduplicatemacroresults.cpp:6:1:6:52 | deduplicatemacroresults.cpp:6:1:6:52 | SOMETIMES_HAS_RESULTS1 | | deduplicatemacroresults.cpp:13:1:13:34 | SOMETIMES_HAS_RESULTS2(type,name) | Invocation of macro $@ has findme var 'g5'. | deduplicatemacroresults.cpp:7:1:7:53 | deduplicatemacroresults.cpp:7:1:7:53 | SOMETIMES_HAS_RESULTS2 | | deduplicatemacroresults.cpp:15:1:15:50 | #define ALWAYS_HAS_SAME_RESULT() extern findme g6; | Macro ALWAYS_HAS_SAME_RESULT always has findme var named g6 | deduplicatemacroresults.cpp:15:1:15:50 | deduplicatemacroresults.cpp:15:1:15:50 | (ignored) | diff --git a/cpp/common/test/library/codingstandards/cpp/alertreporting/DeduplicateMacroResults.ql b/cpp/common/test/library/codingstandards/cpp/alertreporting/DeduplicateMacroResults.ql index cd999d72c9..9cae8d4ae8 100644 --- a/cpp/common/test/library/codingstandards/cpp/alertreporting/DeduplicateMacroResults.ql +++ b/cpp/common/test/library/codingstandards/cpp/alertreporting/DeduplicateMacroResults.ql @@ -22,11 +22,16 @@ module FindMeReportConfig implements MacroReportConfigSig { string getMessageResultInIsolatedExpansion(FindMe f) { result = "Invocation of macro $@ has findme var '" + f.getName() + "'." } + + string getMessageNotInMacro(FindMe f) { + result = "Findme var '" + f.getName() + "'." + + } } import DeduplicateMacroResults import DeduplicateMacroResults::Report -from ReportResultInMacro report +from ReportResult report select report.getPrimaryElement(), report.getMessage(), report.getOptionalPlaceholderLocation(), report.getOptionalPlaceholderMessage() diff --git a/cpp/common/test/library/codingstandards/cpp/alertreporting/deduplicatemacroresults.cpp b/cpp/common/test/library/codingstandards/cpp/alertreporting/deduplicatemacroresults.cpp index 3c5d8bca5b..d9b3659bf6 100644 --- a/cpp/common/test/library/codingstandards/cpp/alertreporting/deduplicatemacroresults.cpp +++ b/cpp/common/test/library/codingstandards/cpp/alertreporting/deduplicatemacroresults.cpp @@ -1,7 +1,7 @@ typedef struct { } findme; -findme g1; // ignore -- not in a macro +findme g1; // baseline report, not in a macro #define SOMETIMES_HAS_RESULTS1(type, name) type name // ignore #define SOMETIMES_HAS_RESULTS2(type, name) type name; // ignore diff --git a/docs/development_handbook.md b/docs/development_handbook.md index 97c615ba2e..83670dbbc8 100644 --- a/docs/development_handbook.md +++ b/docs/development_handbook.md @@ -42,6 +42,7 @@ | 0.32.0 | 2024-05-01 | Luke Cartey | Refer to the user manual for the list of supported standards. | | 0.33.0 | 2024-07-30 | Kristen Newbury | Remove out dated references to codeql modules directory usage. | | 0.34.0 | 2024-08-22 | Kristen Newbury | Remove out dated references to git submodules usage. | +| 0.35.0 | 2025-01-15 | Mike Fairhurst | Add guidance for the addition of 'strict' queries. | ## Scope of work diff --git a/docs/user_manual.md b/docs/user_manual.md index 5e808a1401..ae02555091 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -29,7 +29,8 @@ | 0.21.0 | 2024-05-01 | Luke Cartey | Add MISRA C++ 2023 as under development, and clarify MISRA C 2012 coverage. | | 0.22.0 | 2024-10-02 | Luke Cartey | Add MISRA C 2023 as under development, and clarify MISRA C 2012 coverage. | | 0.23.0 | 2024-10-21 | Luke Cartey | Add assembly as a hazard. | -| 0.24.0 | 2024-10-22 | Luke Cartey | Add CodeQL packs as a usable output, update release artifacts list. | +| 0.24.0 | 2024-10-22 | Luke Cartey | Add CodeQL packs as a usable output, update release artifacts list. | +| 0.25.0 | 2025-01-15 | Mike Fairhurst | Add guidance for the usage of 'strict' queries. | ## Release information diff --git a/rule_packages/c/DeadCode2.json b/rule_packages/c/DeadCode2.json index b897f595e6..8b373c31b6 100644 --- a/rule_packages/c/DeadCode2.json +++ b/rule_packages/c/DeadCode2.json @@ -18,19 +18,6 @@ "external/misra/c/2012/amendment4" ] }, - { - "description": "Macros should not have unused object definitions.", - "kind": "problem", - "name": "Project macros should not include unused object definitions", - "precision": "very-high", - "severity": "recommendation", - "short_name": "UnusedObjectDefinitionInMacro", - "tags": [ - "maintainability", - "performance", - "external/misra/c/2012/amendment4" - ] - }, { "description": "A strict query which reports all unused object definitions with '__attribute__((unused))'.", "kind": "problem", @@ -44,20 +31,6 @@ "external/misra/c/2012/amendment4", "external/misra/c/strict" ] - }, - { - "description": "A strict query which reports all unused object definitions in macros with '__attribute__((unused))'.", - "kind": "problem", - "name": "Project macros should not include '__attribute__((unused))' object definitions", - "precision": "very-high", - "severity": "recommendation", - "short_name": "UnusedObjectDefinitionInMacroStrict", - "tags": [ - "maintainability", - "performance", - "external/misra/c/2012/amendment4", - "external/misra/c/strict" - ] } ], "title": "A project should not contain unused object definitions", From 333cc77a08606fc3ecf089791555647b295aef98 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Wed, 15 Jan 2025 20:04:29 -0800 Subject: [PATCH 2345/2573] Code format --- .../cpp/alertreporting/DeduplicateMacroResults.qll | 10 ++++------ .../src/codingstandards/cpp/deadcode/UnusedObjects.qll | 4 +++- .../cpp/alertreporting/DeduplicateMacroResults.ql | 5 +---- 3 files changed, 8 insertions(+), 11 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/alertreporting/DeduplicateMacroResults.qll b/cpp/common/src/codingstandards/cpp/alertreporting/DeduplicateMacroResults.qll index 6462ac855a..c56c40b730 100644 --- a/cpp/common/src/codingstandards/cpp/alertreporting/DeduplicateMacroResults.qll +++ b/cpp/common/src/codingstandards/cpp/alertreporting/DeduplicateMacroResults.qll @@ -110,7 +110,7 @@ signature module MacroReportConfigSig { * string getMessageResultInIsolatedExpansion(InvalidFoo foo) { * result = "Invocation of macro $@ has invalid foo '" + foo.getName() + "'." * } - * + * * string getMessageNotInMacro(ResultElement element) { * result = "Invalid foo '" + element.getName() + "'." * } @@ -286,9 +286,7 @@ module DeduplicateMacroResults< TReportMacroResultWithVariedName(PrimaryMacroDifferentResultElementInAllInvocations def) or TReportIsolatedMacroResult(IsolatedMacroExpansionWithResultElement def) or TReportNotInMacro(ResultElement def) { - not exists (ResultMacroExpansion macroExpansion | - macroExpansion.getResultElement() = def - ) + not exists(ResultMacroExpansion macroExpansion | macroExpansion.getResultElement() = def) } /** @@ -368,8 +366,8 @@ module DeduplicateMacroResults< ) or ( - this = TReportMacroResultWithSameName(_) - or this = TReportNotInMacro(_) + this = TReportMacroResultWithSameName(_) or + this = TReportNotInMacro(_) ) and result = "(ignored)" or diff --git a/cpp/common/src/codingstandards/cpp/deadcode/UnusedObjects.qll b/cpp/common/src/codingstandards/cpp/deadcode/UnusedObjects.qll index fc262b5d93..60e732873a 100644 --- a/cpp/common/src/codingstandards/cpp/deadcode/UnusedObjects.qll +++ b/cpp/common/src/codingstandards/cpp/deadcode/UnusedObjects.qll @@ -48,7 +48,9 @@ module ReportDeadObjectConfig implements MacroReportConfigSig { result = "Invocation of macro $@ has findme var '" + f.getName() + "'." } - string getMessageNotInMacro(FindMe f) { - result = "Findme var '" + f.getName() + "'." - - } + string getMessageNotInMacro(FindMe f) { result = "Findme var '" + f.getName() + "'." } } import DeduplicateMacroResults From bd3e06bc63297ab0dd992e2e5f2ad8be2ce15d87 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Wed, 15 Jan 2025 20:47:22 -0800 Subject: [PATCH 2346/2573] Fix 18-1 amendment use-use flow --- ...interArithmeticToAddressDifferentArrays.qll | 18 ++++++++++++++---- ...ArithmeticToAddressDifferentArrays.expected | 1 - .../test.cpp | 6 ++---- 3 files changed, 16 insertions(+), 9 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.qll b/cpp/common/src/codingstandards/cpp/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.qll index 9728bc1f6d..b19df81570 100644 --- a/cpp/common/src/codingstandards/cpp/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.qll +++ b/cpp/common/src/codingstandards/cpp/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.qll @@ -33,7 +33,7 @@ abstract class ArrayLikeAccess extends Expr { */ class ArrayVariableAccess extends ArrayLikeAccess, VariableAccess { int size; - + ArrayVariableAccess() { size = getType().(ArrayType).getArraySize() } override Variable getElement() { result = getTarget() } @@ -47,7 +47,7 @@ class ArrayVariableAccess extends ArrayLikeAccess, VariableAccess { /** * Get the size of the object pointed to by a type (pointer or array). - * + * * Depth of type unwrapping depends on the type. Pointer will be dereferenced only once: the element * size of `T*` is `sizeof(T)` while the element size of `T**` is `sizeof(T*)`. However, array types * will be deeply unwrapped, as the pointed to size of `T[][]` is `sizeof(T)`. These processes @@ -88,7 +88,17 @@ class CastedToBytePointer extends ArrayLikeAccess, Conversion { override int getSize() { result = size } - override DataFlow::Node getNode() { result.asConvertedExpr() = this } + override DataFlow::Node getNode() { + // Carefully avoid use-use flow, which would mean any later usage of the original pointer value + // after the cast would be considered a usage of the byte pointer value. + // + // To fix this, we currently assume the value is assigned to a variable, and find that variable + // with `.asDefinition()` like so: + exists(DataFlow::Node conversion | + conversion.asConvertedExpr() = this and + result.asDefinition() = conversion.asExpr() + ) + } } /** @@ -272,4 +282,4 @@ query predicate problems(Expr arrayPointerCreation, string message, Element arra "Array pointer " + derivedArrayPointerOrPointerOperand.getName() + " points " + difference.toString() + " " + denomination + " past the end of $@." ) -} \ No newline at end of file +} diff --git a/cpp/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.expected b/cpp/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.expected index 438b697775..5bb4881b81 100644 --- a/cpp/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.expected +++ b/cpp/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.expected @@ -6,4 +6,3 @@ | test.cpp:25:15:25:21 | & ... | Array pointer p14 points 1 element past the end of $@. | test.cpp:2:7:2:8 | l1 | l1 | | test.cpp:30:15:30:21 | & ... | Array pointer p17 points 1 element past the end of $@. | test.cpp:28:24:28:42 | (unsigned char *)... | cast to btye pointer (unsigned char *)... | | test.cpp:35:15:35:21 | & ... | Array pointer p20 points 1 element past the end of $@. | test.cpp:33:24:33:43 | (unsigned char *)... | cast to btye pointer (unsigned char *)... | -| test.cpp:43:15:43:23 | & ... | Array pointer p23 points 96 elements past the end of $@. | test.cpp:28:24:28:42 | (unsigned char *)... | cast to btye pointer (unsigned char *)... | diff --git a/cpp/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/test.cpp b/cpp/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/test.cpp index f81026870d..70b26a2a57 100644 --- a/cpp/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/test.cpp +++ b/cpp/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/test.cpp @@ -36,9 +36,7 @@ void f1() { // Casting to a pointer to a differently sized type that isn't char // invalidates analysis - int l3[3]; - long *p21 = (long*)&l1; + long *p21 = (long *)&l1; void *p22 = &p21[0]; // COMPLIANT - // Not compliant, but we shouldn't detect it, but we do for the wrong reason: - void *p23 = &p21[100]; // NON_COMPLIANT[FALSE_NEGATIVE][FALSE_POSITIVE] + void *p23 = &p21[100]; // NON_COMPLIANT[FALSE_NEGATIVE] } \ No newline at end of file From a5eb426ee248936e93dc1e51b8c7298094091038 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Wed, 15 Jan 2025 21:07:49 -0800 Subject: [PATCH 2347/2573] Fix format issues --- .../codingstandards/c/misra/EssentialTypes.qll | 15 +++++++-------- c/misra/test/rules/RULE-7-4/test.c | 2 +- .../rules/invalidatedenvstringpointers/test.cpp | 6 +++--- 3 files changed, 11 insertions(+), 12 deletions(-) diff --git a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll index b229bd54e2..7120921eed 100644 --- a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll +++ b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll @@ -297,8 +297,7 @@ class EssentialBinaryArithmeticExpr extends EssentialExpr, BinaryArithmeticOpera exists( Type leftEssentialType, Type rightEssentialType, EssentialTypeCategory leftEssentialTypeCategory, - EssentialTypeCategory rightEssentialTypeCategory, - int intTypeSize + EssentialTypeCategory rightEssentialTypeCategory, int intTypeSize | leftEssentialType = getEssentialType(getLeftOperand()) and rightEssentialType = getEssentialType(getRightOperand()) and @@ -340,19 +339,19 @@ class EssentialBinaryArithmeticExpr extends EssentialExpr, BinaryArithmeticOpera ) and ( leftEssentialTypeCategory = - [EssentiallySignedType(), EssentiallyUnsignedType().(TEssentialTypeCategory)] - and leftEssentialType.getSize() <= intTypeSize + [EssentiallySignedType(), EssentiallyUnsignedType().(TEssentialTypeCategory)] and + leftEssentialType.getSize() <= intTypeSize or rightEssentialTypeCategory = - [EssentiallySignedType(), EssentiallyUnsignedType().(TEssentialTypeCategory)] - and rightEssentialType.getSize() <= intTypeSize + [EssentiallySignedType(), EssentiallyUnsignedType().(TEssentialTypeCategory)] and + rightEssentialType.getSize() <= intTypeSize ) or this instanceof SubExpr and leftEssentialTypeCategory = EssentiallyCharacterType() and rightEssentialTypeCategory = - [EssentiallySignedType(), EssentiallyUnsignedType().(TEssentialTypeCategory)] - and rightEssentialType.getSize() <= intTypeSize + [EssentiallySignedType(), EssentiallyUnsignedType().(TEssentialTypeCategory)] and + rightEssentialType.getSize() <= intTypeSize then result instanceof PlainCharType else result = this.getStandardType() ) diff --git a/c/misra/test/rules/RULE-7-4/test.c b/c/misra/test/rules/RULE-7-4/test.c index ff270b611f..ab7ea21ce9 100644 --- a/c/misra/test/rules/RULE-7-4/test.c +++ b/c/misra/test/rules/RULE-7-4/test.c @@ -85,7 +85,7 @@ void w_call6() { w_sample6(1, "string10"); // COMPLIANT by first (and only) exception } -void w_sample7(char* x, ...) {} +void w_sample7(char *x, ...) {} void w_call7() { w_sample7("string11", 1); // NON_COMPLIANT, does not fit exceptional case diff --git a/cpp/common/test/rules/invalidatedenvstringpointers/test.cpp b/cpp/common/test/rules/invalidatedenvstringpointers/test.cpp index 167d770ef6..920d97c657 100644 --- a/cpp/common/test/rules/invalidatedenvstringpointers/test.cpp +++ b/cpp/common/test/rules/invalidatedenvstringpointers/test.cpp @@ -211,7 +211,7 @@ void f11(void) { void f12(void) { time_t rawtime; time(&rawtime); - char* r1 = ctime(&rawtime); + char *r1 = ctime(&rawtime); asctime(localtime(&rawtime)); printf("%s", r1); // NON_COMPLIANT } @@ -219,10 +219,10 @@ void f12(void) { void f13(void) { time_t rawtime; time(&rawtime); - char* r1 = ctime(&rawtime); + char *r1 = ctime(&rawtime); printf("%s", r1); // COMPLIANT - char* r2 = asctime(localtime(&rawtime)); + char *r2 = asctime(localtime(&rawtime)); printf("%s", r1); // NON_COMPLIANT printf("%s", r2); // COMPLIANT From 57b2067abce8fe8b55080bb6bfd560e60bc6fd4e Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 16 Jan 2025 10:14:18 -0800 Subject: [PATCH 2348/2573] Improve 18-1, void* casts and FPs where lowerBound appears incorrect --- .../2025-1-04-misra-c-technical-corrigenda-2.md | 3 ++- ...tUsePointerArithmeticToAddressDifferentArrays.qll | 12 +++++++++--- .../test.cpp | 6 ++++++ 3 files changed, 17 insertions(+), 4 deletions(-) diff --git a/change_notes/2025-1-04-misra-c-technical-corrigenda-2.md b/change_notes/2025-1-04-misra-c-technical-corrigenda-2.md index 81ae3eb561..be037074f6 100644 --- a/change_notes/2025-1-04-misra-c-technical-corrigenda-2.md +++ b/change_notes/2025-1-04-misra-c-technical-corrigenda-2.md @@ -4,8 +4,9 @@ - Disallow `+` and `-` operations with an essentially char type and other types larger than int type. - Note, this change affects the essential type of such expressions, which may affect other essential types rules. - `RULE-18-1`, `M5-0-16` - `PointerAndDerivedPointerMustAddressSameArray.ql`, `PointerAndDerivedPointerAccessDifferentArray.ql`: - - Treat casts to byte pointers as pointers to arrays of the size of the pointed-to type + - Treat casts to byte pointers as pointers to arrays of the size of the pointed-to type. - Fix typo in report message, "passed" replaced with "past." + - Suppress results where range analysis appears potentially unreliable. - `RULE-21-10`, `RULE-25-5-3`, `ENV34-C` - `CallToSetlocaleInvalidatesOldPointers.ql`, `CallToSetlocaleInvalidatesOldPointersMisra.ql`, `DoNotStorePointersReturnedByEnvFunctions.ql`: - Report usage of returned pointers from `asctime`, `ctime`, during a call to either of the former. - Report usage of returned pointers from `gmtime`, `localtime`, during a call to either of the former. \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.qll b/cpp/common/src/codingstandards/cpp/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.qll index b19df81570..5a45ff703e 100644 --- a/cpp/common/src/codingstandards/cpp/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.qll +++ b/cpp/common/src/codingstandards/cpp/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.qll @@ -9,6 +9,7 @@ import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import semmle.code.cpp.dataflow.new.DataFlow import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis +import semmle.code.cpp.rangeanalysis.RangeAnalysisUtils import codeql.util.Boolean abstract class DoNotUsePointerArithmeticToAddressDifferentArraysSharedQuery extends Query { } @@ -68,11 +69,13 @@ int elementSize(Type type, Boolean deref) { * length depends on `elementSize()` of the original pointed-to type. */ class CastedToBytePointer extends ArrayLikeAccess, Conversion { + /** The sizeof() the pointed-to type */ int size; CastedToBytePointer() { getType().(PointerType).getBaseType().getSize() = 1 and - size = elementSize(getExpr().getType(), true) + size = elementSize(getExpr().getType(), true) and + size > 1 } override Element getElement() { result = this } @@ -138,7 +141,7 @@ module ArrayToArrayExprFlow = DataFlow::Global; /** Holds if the address taken expression `addressOf` takes the address of an array element at `index` of `array`. */ predicate pointerOperandCreation(AddressOfExpr addressOf, ArrayLikeAccess array, int index) { - exists(ArrayExpr ae | + exists(ArrayExpr ae, Expr arrayOffset | ( ArrayToArrayExprFlow::flow(array.getNode(), DataFlow::exprNode(ae.getArrayBase())) and array instanceof ArrayVariableAccess @@ -149,7 +152,10 @@ predicate pointerOperandCreation(AddressOfExpr addressOf, ArrayLikeAccess array, // flow() may hold for `ArrayVariableAccess` in the above, even though they aren't sources array instanceof CastedToBytePointer ) and - index = lowerBound(ae.getArrayOffset().getFullyConverted()) and + arrayOffset = ae.getArrayOffset().getFullyConverted() and + index = lowerBound(arrayOffset) and + // This case typically indicates range analysis has gone wrong: + not index = exprMaxVal(arrayOffset) and addressOf.getOperand() = ae ) } diff --git a/cpp/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/test.cpp b/cpp/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/test.cpp index 70b26a2a57..4e373420e6 100644 --- a/cpp/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/test.cpp +++ b/cpp/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/test.cpp @@ -39,4 +39,10 @@ void f1() { long *p21 = (long *)&l1; void *p22 = &p21[0]; // COMPLIANT void *p23 = &p21[100]; // NON_COMPLIANT[FALSE_NEGATIVE] + + // Void pointers have size zero and can't be analyzed. + void *p24 = 0; + unsigned char* p25 = (unsigned char*)p24; + void *p26 = &p25[100]; // COMPLIANT + } \ No newline at end of file From 2d1cc22a68c1245831d66c483703deb4223db690 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 16 Jan 2025 10:14:29 -0800 Subject: [PATCH 2349/2573] Fix c tests --- ...ePointerArithmeticToAddressDifferentArrays.expected | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/c/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.expected b/c/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.expected index 1d487765df..bc471c0dc4 100644 --- a/c/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.expected +++ b/c/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.expected @@ -1,5 +1,5 @@ -| test.c:4:13:4:18 | ... + ... | Array pointer p2 points 1 element passed the end of $@. | test.c:2:7:2:8 | l1 | l1 | -| test.c:5:13:5:18 | ... + ... | Array pointer p3 points 1 element passed the end of $@. | test.c:2:7:2:8 | l1 | l1 | -| test.c:6:13:6:18 | & ... | Array pointer p4 points 1 element passed the end of $@. | test.c:2:7:2:8 | l1 | l1 | -| test.c:11:8:11:11 | ... -- | Array pointer p7 points 1 element passed the end of $@. | test.c:2:7:2:8 | l1 | l1 | -| test.c:12:8:12:9 | p3 | Array pointer p8 points 1 element passed the end of $@. | test.c:2:7:2:8 | l1 | l1 | +| test.c:4:13:4:18 | ... + ... | Array pointer p2 points 1 element past the end of $@. | test.c:2:7:2:8 | l1 | l1 | +| test.c:5:13:5:18 | ... + ... | Array pointer p3 points 1 element past the end of $@. | test.c:2:7:2:8 | l1 | l1 | +| test.c:6:13:6:18 | & ... | Array pointer p4 points 1 element past the end of $@. | test.c:2:7:2:8 | l1 | l1 | +| test.c:11:8:11:11 | ... -- | Array pointer p7 points 1 element past the end of $@. | test.c:2:7:2:8 | l1 | l1 | +| test.c:12:8:12:9 | p3 | Array pointer p8 points 1 element past the end of $@. | test.c:2:7:2:8 | l1 | l1 | From 5289894bc6a592628bda47bf24b806dfc16d11a8 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 16 Jan 2025 12:10:32 -0800 Subject: [PATCH 2350/2573] Fix test case format --- .../donotusepointerarithmetictoaddressdifferentarrays/test.cpp | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/cpp/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/test.cpp b/cpp/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/test.cpp index 4e373420e6..3a86d7963e 100644 --- a/cpp/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/test.cpp +++ b/cpp/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/test.cpp @@ -42,7 +42,6 @@ void f1() { // Void pointers have size zero and can't be analyzed. void *p24 = 0; - unsigned char* p25 = (unsigned char*)p24; + unsigned char *p25 = (unsigned char *)p24; void *p26 = &p25[100]; // COMPLIANT - } \ No newline at end of file From eae738532551f269a1c5cf07f6748c6ed708d6ee Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 16 Jan 2025 23:02:20 +0000 Subject: [PATCH 2351/2573] Remove stray comment --- c/misra/src/codingstandards/c/misra/EssentialTypes.qll | 1 - 1 file changed, 1 deletion(-) diff --git a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll index 0a4e64e98d..50b588d422 100644 --- a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll +++ b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll @@ -371,7 +371,6 @@ class EssentialSubExpr extends EssentialBinaryOperationSubjectToUsualConversions } } -// } /** * A named Enum type, as per D.5. */ From a8784e1c26bc68622cb16389f9a0e1562db436e5 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Sun, 19 Jan 2025 17:26:38 -0800 Subject: [PATCH 2352/2573] Simplify DeduplicateMacroResults::Report::ReportResult::toString() for performance reasons --- .../alertreporting/DeduplicateMacroResults.qll | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/alertreporting/DeduplicateMacroResults.qll b/cpp/common/src/codingstandards/cpp/alertreporting/DeduplicateMacroResults.qll index c56c40b730..b3c3d44ff4 100644 --- a/cpp/common/src/codingstandards/cpp/alertreporting/DeduplicateMacroResults.qll +++ b/cpp/common/src/codingstandards/cpp/alertreporting/DeduplicateMacroResults.qll @@ -302,7 +302,21 @@ module DeduplicateMacroResults< * signature parameter. */ class ReportResult extends TReportResult { - string toString() { result = getMessage() } + string toString() { + this = TReportMacroResultWithVariedName(_) and + result = + "Macro that always expands to a result element with invocation-dependent description" + or + this = TReportMacroResultWithSameName(_) and + result = "Macro that always expands to a result element with a constant description" + or + this = TReportIsolatedMacroResult(_) and + result = + "Specific macro expansion which produces a result element, but not all expansions do" + or + this = TReportNotInMacro(_) and + result = "Result element that is not in a macro" + } string getMessage() { exists(PrimaryMacroDifferentResultElementInAllInvocations def | From 0ba3359671fee9bb186aaf35cc3ce8794a3dfc01 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 21 Jan 2025 23:14:56 +0000 Subject: [PATCH 2353/2573] A7-1-2: Remove FunctionMissingConstexpr query As per #843 --- .../rules/A7-1-2/FunctionMissingConstexpr.ql | 160 ------------------ .../A7-1-2/FunctionMissingConstexpr.expected | 16 -- .../A7-1-2/FunctionMissingConstexpr.qlref | 1 - .../cpp/exclusions/cpp/Const.qll | 17 -- rule_packages/cpp/Const.json | 11 -- 5 files changed, 205 deletions(-) delete mode 100644 cpp/autosar/src/rules/A7-1-2/FunctionMissingConstexpr.ql delete mode 100644 cpp/autosar/test/rules/A7-1-2/FunctionMissingConstexpr.expected delete mode 100644 cpp/autosar/test/rules/A7-1-2/FunctionMissingConstexpr.qlref diff --git a/cpp/autosar/src/rules/A7-1-2/FunctionMissingConstexpr.ql b/cpp/autosar/src/rules/A7-1-2/FunctionMissingConstexpr.ql deleted file mode 100644 index 1cd68447fe..0000000000 --- a/cpp/autosar/src/rules/A7-1-2/FunctionMissingConstexpr.ql +++ /dev/null @@ -1,160 +0,0 @@ -/** - * @id cpp/autosar/function-missing-constexpr - * @name A7-1-2: The constexpr specifier shall be used for functions whose return value can be determined at compile time - * @description Using 'constexpr' makes it clear that a function is intended to return a compile - * time constant. - * @kind problem - * @precision high - * @problem.severity recommendation - * @tags external/autosar/id/a7-1-2 - * maintainability - * external/autosar/allocated-target/implementation - * external/autosar/enforcement/automated - * external/autosar/obligation/required - */ - -import cpp -import codingstandards.cpp.autosar -import codingstandards.cpp.TrivialType - -/** Gets a non-variant member field. */ -Field getANonVariantField(Class c) { - result = c.getAField() and - result.isInitializable() and - not result instanceof AnonymousUnionField -} - -/** - * A `Field` holding an "anonymous union" as described by `[class.union]`. - * - * For example, the union in this example: - * ``` - * class C { - * union { - * int x; - * short y; - * }; - * } - * ``` - */ -class AnonymousUnionField extends Field { - AnonymousUnionField() { hasName("(unknown field)") } - - /** - * Get a direct or indirect union member. - * - * Indirect members can come from nested anonymous unions. - */ - Field getAVariantMember() { - exists(Field f | f = getType().(Union).getAField() | - if f instanceof AnonymousUnionField - then result = f.(AnonymousUnionField).getAVariantMember() - else result = f - ) - } - - /** - * Holds if one variant member of this anonymous union field is initialized using NSDMI. - */ - predicate isExplicitlyInitialized() { exists(getAVariantMember().getInitializer().getExpr()) } -} - -/** - * Get a union which is not initialized by NSDMI. - */ -AnonymousUnionField getAnUninitializedAnonymousUnionField(Class c) { - result = c.getAField() and - not result.isExplicitlyInitialized() -} - -/** - * A function that can be `constexpr` specified according to the constraints for a `constexpr` - * function as specified in `[dcl.constexpr]/3`. - */ -class EffectivelyConstExprFunction extends Function { - EffectivelyConstExprFunction() { - // Not already marked as constexpr - not isDeclaredConstexpr() and - // Not virtual - not isVirtual() and - // Returns a literal type (which can be 'void') - (isLiteralType(getType()) or this instanceof Constructor) and - // Exclude cases that shouldn't be const or can't be const - not this instanceof Destructor and - not this instanceof CopyAssignmentOperator and - not this instanceof MoveAssignmentOperator and - not this.isCompilerGenerated() and - // All parameters are literal types - forall(Parameter p | p = getAParameter() | isLiteralType(p.getType())) and - // The function body is either deleted, defaulted or does not include one of the precluding - // statement kinds and is both side-effect free and created by the user - ( - isDeleted() - or - isDefaulted() - or - not this = any(AsmStmt a).getEnclosingFunction() and - not this = any(GotoStmt g).getEnclosingFunction() and - not this = any(TryStmt t).getEnclosingFunction() and - not exists(LocalVariable lv | this = lv.getFunction() | - not isLiteralType(lv.getType()) - or - lv instanceof StaticStorageDurationVariable - or - lv.isThreadLocal() - or - not exists(lv.getInitializer().getExpr()) - ) and - // For `constexpr` functions, the compiler only checks the rules above - it doesn't check - // whether the function can be evaluated as a compile time constant until the function is used, - // and then only confirms that it evaluates to a compile-time constant for a specific set of - // arguments used in another constexpr calculation. We approximate this by identifying the set - // of functions that are (conservatively) side-effect free. - isSideEffectFree() and - // "User defined" in some way - hasDefinition() and - not isCompilerGenerated() - ) and - ( - // A constructor should satisfy the constraints as specified in `[dcl.constexpr]/4`. - this instanceof Constructor - implies - ( - // No virtual base class - not getDeclaringType().getDerivation(_).isVirtual() and - ( - // All non-variant members initialized by this constructor - forall(Field f | f = getANonVariantField(getDeclaringType()) | - exists(ConstructorFieldInit cfi | - // Even if this field has a `getInitializer()` a `ConstructorFieldInit` will also be - // present on each constructor - cfi.getEnclosingFunction() = this and cfi.getTarget() = f - ) - ) and - // At least one variant member is initialized for each `AnonymousUnionField` which is not - // initialized with a `Field.getInitializer()`. This is different to the non-variant - // member case above - forall(AnonymousUnionField f | - f = getAnUninitializedAnonymousUnionField(getDeclaringType()) - | - exists(ConstructorFieldInit cfi | - cfi.getEnclosingFunction() = this and cfi.getTarget() = f.getAVariantMember() - ) - ) - or - // The function is deleted or defaulted, and every field has an NSDMI, and there are no - // uninitialized anonymous union fields - (isDeleted() or isDefaulted()) and - forall(Field f | f = getANonVariantField(getDeclaringType()) | - exists(f.getInitializer().getExpr()) - ) and - not exists(getAnUninitializedAnonymousUnionField(getDeclaringType())) - ) - ) - ) - } -} - -from EffectivelyConstExprFunction ecef -where not isExcluded(ecef, ConstPackage::functionMissingConstexprQuery()) -select ecef, ecef.getName() + " function could be marked as 'constexpr'." diff --git a/cpp/autosar/test/rules/A7-1-2/FunctionMissingConstexpr.expected b/cpp/autosar/test/rules/A7-1-2/FunctionMissingConstexpr.expected deleted file mode 100644 index a6de3fd724..0000000000 --- a/cpp/autosar/test/rules/A7-1-2/FunctionMissingConstexpr.expected +++ /dev/null @@ -1,16 +0,0 @@ -| test.cpp:30:3:30:17 | NonLiteralClass | NonLiteralClass function could be marked as 'constexpr'. | -| test.cpp:59:5:59:6 | h1 | h1 function could be marked as 'constexpr'. | -| test.cpp:67:5:67:6 | h2 | h2 function could be marked as 'constexpr'. | -| test.cpp:100:5:100:6 | h8 | h8 function could be marked as 'constexpr'. | -| test.cpp:117:7:117:9 | mf1 | mf1 function could be marked as 'constexpr'. | -| test.cpp:126:3:126:23 | MissingConstexprClass | MissingConstexprClass function could be marked as 'constexpr'. | -| test.cpp:127:3:127:23 | MissingConstexprClass | MissingConstexprClass function could be marked as 'constexpr'. | -| test.cpp:128:3:128:23 | MissingConstexprClass | MissingConstexprClass function could be marked as 'constexpr'. | -| test.cpp:161:3:161:26 | VariantMemberInitialized | VariantMemberInitialized function could be marked as 'constexpr'. | -| test.cpp:162:3:162:26 | VariantMemberInitialized | VariantMemberInitialized function could be marked as 'constexpr'. | -| test.cpp:163:3:163:26 | VariantMemberInitialized | VariantMemberInitialized function could be marked as 'constexpr'. | -| test.cpp:190:3:190:22 | VariantMemberNotInit | VariantMemberNotInit function could be marked as 'constexpr'. | -| test.cpp:269:26:269:26 | init | init function could be marked as 'constexpr'. | -| test.cpp:269:26:269:29 | init | init function could be marked as 'constexpr'. | -| test.cpp:271:26:271:26 | init | init function could be marked as 'constexpr'. | -| test.cpp:277:6:277:32 | test_template_instantiation | test_template_instantiation function could be marked as 'constexpr'. | diff --git a/cpp/autosar/test/rules/A7-1-2/FunctionMissingConstexpr.qlref b/cpp/autosar/test/rules/A7-1-2/FunctionMissingConstexpr.qlref deleted file mode 100644 index 723a910948..0000000000 --- a/cpp/autosar/test/rules/A7-1-2/FunctionMissingConstexpr.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/A7-1-2/FunctionMissingConstexpr.ql \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Const.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Const.qll index 09f40388cc..f542ddf486 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Const.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Const.qll @@ -7,7 +7,6 @@ newtype ConstQuery = TRemoveConstOrVolatileQualificationAutosarQuery() or TDeclarationUnmodifiedObjectMissingConstSpecifierQuery() or TVariableMissingConstexprQuery() or - TFunctionMissingConstexprQuery() or TCvQualifiersNotPlacedOnTheRightHandSideQuery() or TOutputParametersUsedQuery() or TInOutParametersDeclaredAsTNotModifiedQuery() or @@ -45,15 +44,6 @@ predicate isConstQueryMetadata(Query query, string queryId, string ruleId, strin ruleId = "A7-1-2" and category = "required" or - query = - // `Query` instance for the `functionMissingConstexpr` query - ConstPackage::functionMissingConstexprQuery() and - queryId = - // `@id` for the `functionMissingConstexpr` query - "cpp/autosar/function-missing-constexpr" and - ruleId = "A7-1-2" and - category = "required" - or query = // `Query` instance for the `cvQualifiersNotPlacedOnTheRightHandSide` query ConstPackage::cvQualifiersNotPlacedOnTheRightHandSideQuery() and @@ -149,13 +139,6 @@ module ConstPackage { TQueryCPP(TConstPackageQuery(TVariableMissingConstexprQuery())) } - Query functionMissingConstexprQuery() { - //autogenerate `Query` type - result = - // `Query` type for `functionMissingConstexpr` query - TQueryCPP(TConstPackageQuery(TFunctionMissingConstexprQuery())) - } - Query cvQualifiersNotPlacedOnTheRightHandSideQuery() { //autogenerate `Query` type result = diff --git a/rule_packages/cpp/Const.json b/rule_packages/cpp/Const.json index c574e547bf..55c5ed6f90 100644 --- a/rule_packages/cpp/Const.json +++ b/rule_packages/cpp/Const.json @@ -71,17 +71,6 @@ "tags": [ "maintainability" ] - }, - { - "description": "Using 'constexpr' makes it clear that a function is intended to return a compile time constant.", - "kind": "problem", - "name": "The constexpr specifier shall be used for functions whose return value can be determined at compile time", - "precision": "high", - "severity": "recommendation", - "short_name": "FunctionMissingConstexpr", - "tags": [ - "maintainability" - ] } ], "title": "The constexpr specifier shall be used for values that can be determined at compile time." From f0e3c45740e1605d26108446809147f135c5cae2 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 21 Jan 2025 23:17:00 +0000 Subject: [PATCH 2354/2573] A7-1-2: Refactor test case to reflect rule intention Change the test case related to constexpr functions to highlight expected behaviour for local variables. --- .../A7-1-2/VariableMissingConstexpr.expected | 2 ++ cpp/autosar/test/rules/A7-1-2/test.cpp | 16 ++++++++-------- 2 files changed, 10 insertions(+), 8 deletions(-) diff --git a/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected b/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected index 31c26a11ff..20fbeebe4a 100644 --- a/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected +++ b/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected @@ -8,6 +8,8 @@ | test.cpp:44:16:44:17 | lc | Variable 'lc' could be marked 'constexpr'. | | test.cpp:45:17:45:19 | lc2 | Variable 'lc2' could be marked 'constexpr'. | | test.cpp:55:7:55:8 | m2 | Variable 'm2' could be marked 'constexpr' and static. | +| test.cpp:65:7:65:8 | x2 | Variable 'x2' could be marked 'constexpr'. | +| test.cpp:66:13:66:14 | x3 | Variable 'x3' could be marked 'constexpr'. | | test.cpp:130:7:130:8 | m1 | Variable 'm1' could be marked 'constexpr' and static. | | test.cpp:141:7:141:8 | m1 | Variable 'm1' could be marked 'constexpr' and static. | | test.cpp:221:7:221:8 | l1 | Variable 'l1' could be marked 'constexpr'. | diff --git a/cpp/autosar/test/rules/A7-1-2/test.cpp b/cpp/autosar/test/rules/A7-1-2/test.cpp index 664a9cb8e7..12c4fed384 100644 --- a/cpp/autosar/test/rules/A7-1-2/test.cpp +++ b/cpp/autosar/test/rules/A7-1-2/test.cpp @@ -56,16 +56,16 @@ class MemberConstExpr { int m3 = 0; // COMPLIANT - can be set by constructor }; -int h1(int x, int y) { // NON_COMPLIANT - return x + y; -} +int h1(int x, int y) { return x + y; } -constexpr int h1_correct(int x, int y) { // COMPLIANT - return x + y; -} +constexpr int h1_const(int x, int y) { return x + y; } -int h2(int x) { return h1(x, 1) + 1; } // NON_COMPLIANT -constexpr int h2_correct(int x) { return h1_correct(x, 1) + 1; } // COMPLIANT +int h2() { + int x1 = h1(1, 1); // COMPLIANT + int x2 = h1_const(1, 1); // NON_COMPLIANT + const int x3 = h1_const(1, 1); // NON_COMPLIANT + constexpr int x4 = h1_const(1, 1); // COMPLIANT +} int h3(int x) { // COMPLIANT - uses goto, so can't be constexpr if (x) { From 5d0bfeeb5203c7a71cc57d1e4e6d3d36a076b5c0 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 21 Jan 2025 23:22:28 +0000 Subject: [PATCH 2355/2573] A7-1-2: Remove function constexpr test cases --- .../A7-1-2/VariableMissingConstexpr.expected | 25 ++-- cpp/autosar/test/rules/A7-1-2/test.cpp | 130 ------------------ 2 files changed, 12 insertions(+), 143 deletions(-) diff --git a/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected b/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected index 20fbeebe4a..5feec712b8 100644 --- a/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected +++ b/cpp/autosar/test/rules/A7-1-2/VariableMissingConstexpr.expected @@ -10,16 +10,15 @@ | test.cpp:55:7:55:8 | m2 | Variable 'm2' could be marked 'constexpr' and static. | | test.cpp:65:7:65:8 | x2 | Variable 'x2' could be marked 'constexpr'. | | test.cpp:66:13:66:14 | x3 | Variable 'x3' could be marked 'constexpr'. | -| test.cpp:130:7:130:8 | m1 | Variable 'm1' could be marked 'constexpr' and static. | -| test.cpp:141:7:141:8 | m1 | Variable 'm1' could be marked 'constexpr' and static. | -| test.cpp:221:7:221:8 | l1 | Variable 'l1' could be marked 'constexpr'. | -| test.cpp:235:7:235:8 | l6 | Variable 'l6' could be marked 'constexpr'. | -| test.cpp:237:7:237:8 | l8 | Variable 'l8' could be marked 'constexpr'. | -| test.cpp:240:7:240:9 | l10 | Variable 'l10' could be marked 'constexpr'. | -| test.cpp:243:7:243:9 | l12 | Variable 'l12' could be marked 'constexpr'. | -| test.cpp:248:7:248:9 | l15 | Variable 'l15' could be marked 'constexpr'. | -| test.cpp:250:7:250:9 | l16 | Variable 'l16' could be marked 'constexpr'. | -| test.cpp:251:7:251:9 | l17 | Variable 'l17' could be marked 'constexpr'. | -| test.cpp:257:7:257:9 | l21 | Variable 'l21' could be marked 'constexpr'. | -| test.cpp:262:7:262:9 | l24 | Variable 'l24' could be marked 'constexpr'. | -| test.cpp:263:7:263:9 | l25 | Variable 'l25' could be marked 'constexpr'. | +| test.cpp:76:7:76:8 | m1 | Variable 'm1' could be marked 'constexpr' and static. | +| test.cpp:91:7:91:8 | l1 | Variable 'l1' could be marked 'constexpr'. | +| test.cpp:105:7:105:8 | l6 | Variable 'l6' could be marked 'constexpr'. | +| test.cpp:107:7:107:8 | l8 | Variable 'l8' could be marked 'constexpr'. | +| test.cpp:110:7:110:9 | l10 | Variable 'l10' could be marked 'constexpr'. | +| test.cpp:113:7:113:9 | l12 | Variable 'l12' could be marked 'constexpr'. | +| test.cpp:118:7:118:9 | l15 | Variable 'l15' could be marked 'constexpr'. | +| test.cpp:120:7:120:9 | l16 | Variable 'l16' could be marked 'constexpr'. | +| test.cpp:121:7:121:9 | l17 | Variable 'l17' could be marked 'constexpr'. | +| test.cpp:127:7:127:9 | l21 | Variable 'l21' could be marked 'constexpr'. | +| test.cpp:132:7:132:9 | l24 | Variable 'l24' could be marked 'constexpr'. | +| test.cpp:133:7:133:9 | l25 | Variable 'l25' could be marked 'constexpr'. | diff --git a/cpp/autosar/test/rules/A7-1-2/test.cpp b/cpp/autosar/test/rules/A7-1-2/test.cpp index 12c4fed384..5366a59f95 100644 --- a/cpp/autosar/test/rules/A7-1-2/test.cpp +++ b/cpp/autosar/test/rules/A7-1-2/test.cpp @@ -67,60 +67,6 @@ int h2() { constexpr int x4 = h1_const(1, 1); // COMPLIANT } -int h3(int x) { // COMPLIANT - uses goto, so can't be constexpr - if (x) { - goto l1; - } else { - return 10; - } -l1: - return 1; -} - -int h4(int x) { // COMPLIANT - uses try, so can't be constexpr - try { - return 1; - } catch (...) { - } -} - -int h5(int x) { // COMPLIANT - declares non literal local var - NonLiteralClass nlc; -} - -int h6(int x) { // COMPLIANT - declares static variable - static int i = x; - return x; -} - -int h7(int x) { // COMPLIANT - declares no init variable - int i; -} - -int h8(int x) { // NON_COMPLIANT - could be constexpr - int i = x; - return i; -} - -constexpr int h8_correct(int x) { // COMPLIANT - int i = x; - return i; -} - -int h9(int x) { // COMPLIANT - declares thread local variable - thread_local int i = x; - return x; -} - -class ConstexprFunctionClass { -public: - int mf1(int x) { return m1 + x; } // NON_COMPLIANT - constexpr int mf1_correct(int x) { return m1 + x; } // COMPLIANT - -private: - int m1; -}; - class MissingConstexprClass { public: MissingConstexprClass() = default; // NON_COMPLIANT @@ -130,82 +76,6 @@ class MissingConstexprClass { int m1 = 0; // NON_COMPLIANT }; -class VirtualBaseClass {}; - -class DerivedClass : public virtual VirtualBaseClass { -public: - DerivedClass() = default; // COMPLIANT - DerivedClass(int i) = delete; // COMPLIANT - DerivedClass(int i, LiteralClass lc) {} // COMPLIANT -private: - int m1 = 0; // NON_COMPLIANT -}; - -class NotAllMembersInitializedClass { -public: - NotAllMembersInitializedClass() = default; // COMPLIANT - NotAllMembersInitializedClass(int i) = delete; // COMPLIANT - NotAllMembersInitializedClass(int i, LiteralClass lc) {} // COMPLIANT -private: - int m1; -}; - -class NonLiteralParamsClass { -public: - NonLiteralParamsClass(int i, NonLiteralClass lc) {} // COMPLIANT -}; - -// Variant members are always initialized, so this can be marked constexpr -class VariantMemberInitialized { -public: - VariantMemberInitialized() = default; // NON_COMPLIANT - VariantMemberInitialized(int i) = delete; // NON_COMPLIANT - VariantMemberInitialized(int i, LiteralClass lc) {} // NON_COMPLIANT -private: - union { - int i = 0; - short s; - }; -}; - -class VariantMemberInitConstexpr { -public: - constexpr VariantMemberInitConstexpr() = default; // COMPLIANT - constexpr VariantMemberInitConstexpr(int i) = delete; // COMPLIANT - constexpr VariantMemberInitConstexpr(int i, LiteralClass lc) {} // COMPLIANT -private: - union { - int i = 0; - short s; - }; -}; - -// Variant members are not initialized at declaration, so we can only mark the -// constructors as constexpr if we explicitly initialize the variant member -class VariantMemberNotInit { -public: - VariantMemberNotInit() = default; // COMPLIANT - VariantMemberNotInit(int pi) = delete; // COMPLIANT - VariantMemberNotInit(int pi, LiteralClass lc) {} // COMPLIANT - VariantMemberNotInit(LiteralClass lc, int pi) : i(pi) {} // NON_COMPLIANT - constexpr VariantMemberNotInit(LiteralClass lc, short pi) // COMPLIANT - : i(pi) {} - -private: - union { - int i; - short s; - }; -}; - -class ExcludedCases { -public: - ~ExcludedCases() {} // COMPLIANT - - void operator=(ExcludedCases &) {} // COMPLIANT - void operator=(ExcludedCases &&) {} // COMPLIANT -}; - extern int random(); constexpr int add(int x, int y) { return x + y; } // Example with compile time constant literal value as default argument From 07cea2acc07dd2854bee201d52dade4e4b5ca41b Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 21 Jan 2025 23:23:49 +0000 Subject: [PATCH 2356/2573] Add A7-1-2 change note --- change_notes/2025-01-21-a7-1-2-remove-function-constexpr.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 change_notes/2025-01-21-a7-1-2-remove-function-constexpr.md diff --git a/change_notes/2025-01-21-a7-1-2-remove-function-constexpr.md b/change_notes/2025-01-21-a7-1-2-remove-function-constexpr.md new file mode 100644 index 0000000000..ac9964adc9 --- /dev/null +++ b/change_notes/2025-01-21-a7-1-2-remove-function-constexpr.md @@ -0,0 +1,2 @@ + - `A7-1-2` - `FunctionMissingConstexpr.ql` + - Address false positives by removing the query - the rule is not intended to cover functions. \ No newline at end of file From 3180bfb0cfb2050e04773049a3baa69e5469837a Mon Sep 17 00:00:00 2001 From: Fernando Jose Date: Wed, 22 Jan 2025 09:56:51 +0900 Subject: [PATCH 2357/2573] Update A7-1-1 test for the exclusion of rvalue references. --- cpp/autosar/test/rules/A7-1-1/test.cpp | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A7-1-1/test.cpp b/cpp/autosar/test/rules/A7-1-1/test.cpp index 7895fd950f..1fdc0d66eb 100644 --- a/cpp/autosar/test/rules/A7-1-1/test.cpp +++ b/cpp/autosar/test/rules/A7-1-1/test.cpp @@ -83,4 +83,16 @@ template extern constexpr bool recurse_var = true; // COMPLIANT template extern constexpr bool recurse_var = B1 &&recurse_var; -void fp_621() { recurse_var; } \ No newline at end of file +void fp_621() { recurse_var; } + +#include + +void variadic_forwarding() {} + +template +void variadic_forwarding(T &&first, Args &&...rest) { + first; + variadic_forwarding(std::forward(rest)...); +} + +int test_variadic_forwarding() { variadic_forwarding(1, 1.1, "a"); } From dd892ffc18a6b60e56b83c288779bf60fbf8b8a7 Mon Sep 17 00:00:00 2001 From: Fernando Jose Date: Wed, 22 Jan 2025 12:49:55 +0900 Subject: [PATCH 2358/2573] Formatting fix in test. --- cpp/autosar/test/rules/A7-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A7-1-1/test.cpp b/cpp/autosar/test/rules/A7-1-1/test.cpp index 1fdc0d66eb..5e47b9c0bf 100644 --- a/cpp/autosar/test/rules/A7-1-1/test.cpp +++ b/cpp/autosar/test/rules/A7-1-1/test.cpp @@ -90,7 +90,7 @@ void fp_621() { recurse_var; } void variadic_forwarding() {} template -void variadic_forwarding(T &&first, Args &&...rest) { +void variadic_forwarding(T &&first, Args &&... rest) { first; variadic_forwarding(std::forward(rest)...); } From 6e68fb86452eb386a972aae9c81c14e4f85347b1 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 23 Jan 2025 23:08:40 +0000 Subject: [PATCH 2359/2573] Deviations: Support an attribute like comment syntax --- .../deviations/CodeIdentifierDeviation.qll | 39 +++++++++++-------- .../deviations/deviations_basic_test/main.cpp | 14 +++---- docs/user_manual.md | 28 ++++++------- 3 files changed, 43 insertions(+), 38 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll b/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll index e6220711a9..94587dca34 100644 --- a/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll +++ b/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll @@ -5,10 +5,10 @@ * some range of lines in the file containing the comment based on the annotation. The supported marker annotation * formats are: * - `` - the deviation applies to results on the current line. - * - `DEVIATION()` - same as above. - * - `DEVIATION_NEXT_LINE()` - this deviation applies to results on the next line. - * - `DEVIATION_BEGIN()` - marks the beginning of a range of lines where the deviation applies. - * - `DEVIATION_END()` - marks the end of a range of lines where the deviation applies. + * - `[[codingstandards::deviation()]]` - same as above. + * - `[[codingstandards::deviation_next_line()]]` - this deviation applies to results on the next line. + * - `[[codingstandards::deviation_begin()]]` - marks the beginning of a range of lines where the deviation applies. + * - `[[codingstandards::deviation_end()]]` - marks the end of a range of lines where the deviation applies. * * The valid `code-identifier`s are specified in deviation records, which also specify the query whose results are * suppressed by the deviation. @@ -53,7 +53,7 @@ private predicate commentMatches(Comment comment, string codeIdentifier) { /** * A deviation marker in the code. */ -abstract class DeviationMarker extends Comment { +abstract class CommentDeviationMarker extends Comment { DeviationRecord record; /** @@ -65,45 +65,50 @@ abstract class DeviationMarker extends Comment { /** * A deviation marker for a deviation that applies to the current line. */ -class DeviationEndOfLineMarker extends DeviationMarker { +class DeviationEndOfLineMarker extends CommentDeviationMarker { DeviationEndOfLineMarker() { - commentMatches(this, "DEVIATION(" + record.getCodeIdentifier() + ")") + commentMatches(this, "[[codingstandards::deviation(" + record.getCodeIdentifier() + ")]]") } } /** * A deviation marker for a deviation that applies to the next line. */ -class DeviationNextLineMarker extends DeviationMarker { +class DeviationNextLineMarker extends CommentDeviationMarker { DeviationNextLineMarker() { - commentMatches(this, "DEVIATION_NEXT_LINE(" + record.getCodeIdentifier() + ")") + commentMatches(this, + "[[codingstandards::deviation_next_line(" + record.getCodeIdentifier() + ")]]") } } /** * A deviation marker for a deviation that applies to a range of lines */ -abstract class DeviationRangeMarker extends DeviationMarker { } +abstract class CommentDeviationRangeMarker extends CommentDeviationMarker { } /** * A deviation marker for a deviation that begins on this line. */ -class DeviationBegin extends DeviationRangeMarker { - DeviationBegin() { commentMatches(this, "DEVIATION_BEGIN(" + record.getCodeIdentifier() + ")") } +class DeviationBegin extends CommentDeviationRangeMarker { + DeviationBegin() { + commentMatches(this, "[[codingstandards::deviation_begin(" + record.getCodeIdentifier() + ")]]") + } } /** * A deviation marker for a deviation that ends on this line. */ -class DeviationEnd extends DeviationRangeMarker { - DeviationEnd() { commentMatches(this, "DEVIATION_END(" + record.getCodeIdentifier() + ")") } +class DeviationEnd extends CommentDeviationRangeMarker { + DeviationEnd() { + commentMatches(this, "[[codingstandards::deviation_end(" + record.getCodeIdentifier() + ")]]") + } } private predicate hasDeviationCommentFileOrdering( - DeviationRecord record, DeviationRangeMarker comment, File file, int index + DeviationRecord record, CommentDeviationRangeMarker comment, File file, int index ) { comment = - rank[index](DeviationRangeMarker c | + rank[index](CommentDeviationRangeMarker c | c.getRecord() = record and file = c.getFile() | @@ -115,7 +120,7 @@ private predicate mkBeginStack(DeviationRecord record, File file, BeginStack sta // Stack is empty at the start index = 0 and stack = TEmptyBeginStack() and - exists(DeviationRangeMarker marker | + exists(CommentDeviationRangeMarker marker | marker.getRecord() = record and marker.getLocation().getFile() = file ) or diff --git a/cpp/common/test/deviations/deviations_basic_test/main.cpp b/cpp/common/test/deviations/deviations_basic_test/main.cpp index 53258f00fd..e1faaec68c 100644 --- a/cpp/common/test/deviations/deviations_basic_test/main.cpp +++ b/cpp/common/test/deviations/deviations_basic_test/main.cpp @@ -13,28 +13,28 @@ int main(int argc, char **argv) { long double d1; // NON_COMPLIANT (A0-4-2) long double d2; // a-0-4-2-deviation COMPLIANT[DEVIATED] - long double d3; // DEVIATION(a-0-4-2-deviation) COMPLIANT[DEVIATED] - + long double d3; // [[codingstandards::deviation(a-0-4-2-deviation)]] + // COMPLIANT[DEVIATED] long double d4; // NON_COMPLIANT (A0-4-2) - // DEVIATION_NEXT_LINE(a-0-4-2-deviation) + // [[codingstandards::deviation_next_line(a-0-4-2-deviation)]] long double d5; // COMPLIANT[DEVIATED] long double d6; // NON_COMPLIANT (A0-4-2) - // DEVIATION_BEGIN(a-0-4-2-deviation) + // [[codingstandards::deviation_begin(a-0-4-2-deviation)]] long double d7; // COMPLIANT[DEVIATED] getX(); // NON_COMPLIANT (A0-1-2) long double d8; // COMPLIANT[DEVIATED] getX(); // NON_COMPLIANT (A0-1-2) long double d9; // COMPLIANT[DEVIATED] - // DEVIATION_END(a-0-4-2-deviation) + // [[codingstandards::deviation_end(a-0-4-2-deviation)]] long double d10; // NON_COMPLIANT (A0-4-2) - // DEVIATION_BEGIN(a-0-4-2-deviation) + // [[codingstandards::deviation_begin(a-0-4-2-deviation)]] long double d11; // COMPLIANT[DEVIATED] getX(); // NON_COMPLIANT (A0-1-2) long double d12; // COMPLIANT[DEVIATED] getX(); // NON_COMPLIANT (A0-1-2) long double d13; // COMPLIANT[DEVIATED] - // DEVIATION_END(a-0-4-2-deviation) + // [[codingstandards::deviation_end(a-0-4-2-deviation)]] long double d14; // NON_COMPLIANT (A0-4-2) getX(); // NON_COMPLIANT (A0-1-2) return 0; diff --git a/docs/user_manual.md b/docs/user_manual.md index 7ad4dc4208..a936118758 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -426,8 +426,8 @@ The `process_coding_standards_config.py` has a dependency on the package `pyyaml A code identifier specified in a deviation record can be applied to certain results in the code by adding a comment marker consisting of a `code-identifier` with some optional annotations. The supported marker annotation formats are: - `` - the deviation applies to results on the current line. - - `DEVIATION()` - the deviation applies to results on the current line. - - `DEVIATION_NEXT_LINE()` - this deviation applies to results on the next line. + - `codingstandards::deviation()` - the deviation applies to results on the current line. + - `codingstandards::deviation_next_line()` - this deviation applies to results on the next line. - `DEVIATION_BEGIN()` - marks the beginning of a range of lines where the deviation applies. - `DEVIATION_END()` - marks the end of a range of lines where the deviation applies. @@ -438,32 +438,32 @@ Here are some examples, using the deviation record with the `a-0-4-2-deviation` long double x2; // a-0-4-2-deviation - COMPLIANT long double x3; // COMPLIANT - a-0-4-2-deviation - long double x4; // DEVIATION(a-0-4-2-deviation) - COMPLIANT - long double x5; // COMPLIANT - DEVIATION(a-0-4-2-deviation) + long double x4; // [[codingstandards::deviation(a-0-4-2-deviation)]] - COMPLIANT + long double x5; // COMPLIANT - [[codingstandards::deviation(a-0-4-2-deviation)]] - // DEVIATION_NEXT_LINE(a-0-4-2-deviation) + // [[codingstandards::deviation_next_line(a-0-4-2-deviation)]] long double x6; // COMPLIANT - // DEVIATION_BEGIN(a-0-4-2-deviation) + // [[codingstandards::deviation_begin(a-0-4-2-deviation)]] long double x7; // COMPLIANT - // DEVIATION_END(a-0-4-2-deviation) + // [[codingstandards::deviation_end(a-0-4-2-deviation)]] ``` -`DEVIATION_END` markers will pair with the closest unmatched `DEVIATION_BEGIN` for the same `code-identifier`. Consider this example: +`codingstandards::deviation_end` markers will pair with the closest unmatched `codingstandards::deviation_begin` for the same `code-identifier`. Consider this example: ```cpp -1 | // DEVIATION_BEGIN(a-0-4-2-deviation) +1 | // [[codingstandards::deviation_begin(a-0-4-2-deviation)]] 2 | -3 | // DEVIATION_BEGIN(a-0-4-2-deviation) +3 | // [[codingstandards::deviation_begin(a-0-4-2-deviation)]] 4 | -5 | // DEVIATION_END(a-0-4-2-deviation) +5 | // [[codingstandards::deviation_end(a-0-4-2-deviation)]] 6 | -7 | // DEVIATION_END(a-0-4-2-deviation) +7 | // [[codingstandards::deviation_end(a-0-4-2-deviation)]] ``` Here, Line 1 will pair with Line 7, and Line 3 will pair with Line 8. -A `DEVIATION_END` without a matching `DEVIATION_BEGIN`, or `DEVIATION_BEGIN` without a matching `DEVIATION_END` is invalid and will be ignored. +A `codingstandards::deviation_end` without a matching `codingstandards::deviation_begin`, or `codingstandards::deviation_begin` without a matching `codingstandards::deviation_end` is invalid and will be ignored. -`DEVIATION_BEGIN` and `DEVIATION_END` markers only apply within a single file. Markers cannot be paired across files, and deviations do not apply to included files. +`codingstandards::deviation_begin` and `codingstandards::deviation_end` markers only apply within a single file. Markers cannot be paired across files, and deviations do not apply to included files. ##### Deviation permit From a19965e7643c5efdd7cb8cf10d3d9ed0c620cf4d Mon Sep 17 00:00:00 2001 From: Michael R Fairhurst Date: Fri, 24 Jan 2025 19:32:56 -0800 Subject: [PATCH 2360/2573] Fix typo Co-authored-by: Luke Cartey <5377966+lcartey@users.noreply.github.com> --- c/misra/src/rules/RULE-21-25/InvalidMemoryOrderArgument.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/misra/src/rules/RULE-21-25/InvalidMemoryOrderArgument.ql b/c/misra/src/rules/RULE-21-25/InvalidMemoryOrderArgument.ql index b0945db559..6c03d32dab 100644 --- a/c/misra/src/rules/RULE-21-25/InvalidMemoryOrderArgument.ql +++ b/c/misra/src/rules/RULE-21-25/InvalidMemoryOrderArgument.ql @@ -149,7 +149,7 @@ import MemoryOrderFlow::PathGraph /** * If the node is a memory order constant, or shares a value with a memory order constant, then - * return the name of that cnonstant. Otherwise, simply print the node. + * return the name of that constant. Otherwise, simply print the node. */ string describeMemoryOrderNode(DataFlow::Node node) { if node.asExpr() instanceof MemoryOrderConstantExpr From 74867cc66ab0f70941255a99620543a695d9d69a Mon Sep 17 00:00:00 2001 From: knewbury01 Date: Mon, 27 Jan 2025 20:59:21 +0000 Subject: [PATCH 2361/2573] Bump version to 2.42.0-dev --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- docs/user_manual.md | 12 ++++++------ 16 files changed, 21 insertions(+), 21 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index 4945abe49c..d5ba524b14 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards -version: 2.41.0-dev +version: 2.42.0-dev description: CERT C 2016 suites: codeql-suites license: MIT diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index af5e71d2a1..98d9895612 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards-tests -version: 2.41.0-dev +version: 2.42.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 9545a88178..e775358108 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards -version: 2.41.0-dev +version: 2.42.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index febda7a63b..f76badccfc 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards-tests -version: 2.41.0-dev +version: 2.42.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 758c059c01..0ed5ef8b97 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards -version: 2.41.0-dev +version: 2.42.0-dev description: MISRA C 2012 suites: codeql-suites license: MIT diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index d367e8d06d..bf45171e18 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards-tests -version: 2.41.0-dev +version: 2.42.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index 565cfc12db..80f6d1b0d2 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards -version: 2.41.0-dev +version: 2.42.0-dev description: AUTOSAR C++14 Guidelines R22-11, R21-11, R20-11, R19-11 and R19-03 suites: codeql-suites license: MIT diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index 66755fe907..a1c802fec5 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards-tests -version: 2.41.0-dev +version: 2.42.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index cc981411c2..3005c15ec3 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards -version: 2.41.0-dev +version: 2.42.0-dev description: CERT C++ 2016 suites: codeql-suites license: MIT diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index af6e4f8659..9c49caac9f 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards-tests -version: 2.41.0-dev +version: 2.42.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index 4d0aeb01f1..d97b322120 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards -version: 2.41.0-dev +version: 2.42.0-dev license: MIT dependencies: codeql/cpp-all: 1.4.2 diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index a6d2ae30eb..a207965a5e 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards-tests -version: 2.41.0-dev +version: 2.42.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index a6ac09f1b1..fc3162ffb4 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards -version: 2.41.0-dev +version: 2.42.0-dev description: MISRA C++ 2023 default-suite: codeql-suites/misra-cpp-default.qls license: MIT diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index 0265144f4f..d0bd3a8b5a 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards-tests -version: 2.41.0-dev +version: 2.42.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index d1c854206c..1a8ea75e77 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/report-cpp-coding-standards -version: 2.41.0-dev +version: 2.42.0-dev license: MIT dependencies: codeql/cpp-all: 1.4.2 diff --git a/docs/user_manual.md b/docs/user_manual.md index b45b32639a..df3ce9a6b8 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -34,14 +34,14 @@ ## Release information -This user manual documents release `2.41.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). +This user manual documents release `2.42.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). The release page documents the release notes and contains the following artifacts part of the release: - `coding-standards-codeql-packs-2.37.0-dev.zip`: CodeQL packs that can be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `code-scanning-cpp-query-pack-2.41.0-dev.zip`: Legacy packaging for the queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `supported_rules_list_2.41.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. -- `supported_rules_list_2.41.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. -- `user_manual_2.41.0-dev.md`: This user manual. +- `code-scanning-cpp-query-pack-2.42.0-dev.zip`: Legacy packaging for the queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. +- `supported_rules_list_2.42.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. +- `supported_rules_list_2.42.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. +- `user_manual_2.42.0-dev.md`: This user manual. - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards - `checksums.txt`: A text file containing sha256 checksums for the aforementioned artifacts. @@ -583,7 +583,7 @@ This section describes known failure modes for "CodeQL Coding Standards" and des | | Out of space | Less output. Some files may be only be partially analyzed, or not analyzed at all. | Error reported on the command line. | Increase space. If it remains an issue report space consumption issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False positives | More output. Results are reported which are not violations of the guidelines. | All reported results must be reviewed. | Report false positive issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False negatives | Less output. Violations of the guidelines are not reported. | Other validation and verification processes during software development should be used to complement the analysis performed by CodeQL Coding Standards. | Report false negative issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | -| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.41.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | +| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.42.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | | | Incorrect deviation record specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation records with a reason. Ensure that all deviation records are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Incorrect deviation permit specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation permits with a reason. Ensure that all deviation permits are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Unapproved use of a deviation record | Less output. Results for guideline violations are not reported. | Validate that the deviation record use is approved by verifying the approved-by attribute of the deviation record specification. | Ensure that each raised deviation record is approved by an independent approver through an auditable process. | From d26d960cda7d843cef8d8f5b326246b6051e7e89 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Mon, 27 Jan 2025 15:56:52 -0800 Subject: [PATCH 2362/2573] Address feedback --- c/misra/src/codeql-suites/misra-c-audit.qls | 8 ++++ .../rules/DIR-5-3/ThreadCreatedByThread.ql | 29 +++++------- .../AtomicAggregateObjectDirectlyAccessed.ql | 4 +- .../RULE-21-25/InvalidMemoryOrderArgument.ql | 46 ++++++------------- ...icAggregateObjectDirectlyAccessed.expected | 9 ++++ c/misra/test/rules/RULE-12-6/test.c | 28 +++++++++++ .../InvalidMemoryOrderArgument.expected | 13 ++++-- c/misra/test/rules/RULE-21-25/test.c | 2 +- 8 files changed, 84 insertions(+), 55 deletions(-) create mode 100644 c/misra/src/codeql-suites/misra-c-audit.qls diff --git a/c/misra/src/codeql-suites/misra-c-audit.qls b/c/misra/src/codeql-suites/misra-c-audit.qls new file mode 100644 index 0000000000..ce1b9fed68 --- /dev/null +++ b/c/misra/src/codeql-suites/misra-c-audit.qls @@ -0,0 +1,8 @@ +- description: MISRA C 2012 (Audit) +- qlpack: codeql/misra-c-coding-standards +- include: + kind: + - problem + - path-problem + tags contain: + - external/misra/c/audit diff --git a/c/misra/src/rules/DIR-5-3/ThreadCreatedByThread.ql b/c/misra/src/rules/DIR-5-3/ThreadCreatedByThread.ql index 25b8b4cb9f..355b30808d 100644 --- a/c/misra/src/rules/DIR-5-3/ThreadCreatedByThread.ql +++ b/c/misra/src/rules/DIR-5-3/ThreadCreatedByThread.ql @@ -19,27 +19,22 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.Concurrency -Function callers(Function f) { result = f.getACallToThisFunction().getEnclosingFunction() } +class CThreadRoot extends Function { + CThreadCreateCall threadCreate; -class ThreadReachableFunction extends Function { - /* The root threaded function from which this function is reachable */ - Function threadRoot; - - ThreadReachableFunction() { - exists(CThreadCreateCall tc | - tc.getFunction() = callers*(this) and - threadRoot = tc.getFunction() - ) + CThreadRoot() { + threadCreate.getFunction() = this } - /* Get the root threaded function from which this function is reachable */ - Function getThreadRoot() { result = threadRoot } + /* Get a function which is reachable from this function */ + Function getAReachableFunction() { calls*(result) } + + CThreadCreateCall getCThreadCreateCall() { result = threadCreate } } -from CThreadCreateCall tc, ThreadReachableFunction enclosingFunction, Function threadRoot + from CThreadCreateCall tc, CThreadRoot threadRoot where not isExcluded(tc, Concurrency6Package::threadCreatedByThreadQuery()) and - enclosingFunction = tc.getEnclosingFunction() and - threadRoot = enclosingFunction.getThreadRoot() -select tc, "Thread creation call reachable from threaded function '$@'.", threadRoot, - threadRoot.toString() + tc.getEnclosingFunction() = threadRoot.getAReachableFunction() +select tc, "Thread creation call reachable from function '$@', which may also be $@.", threadRoot, + threadRoot.toString(), threadRoot.getCThreadCreateCall(), "started as a thread" diff --git a/c/misra/src/rules/RULE-12-6/AtomicAggregateObjectDirectlyAccessed.ql b/c/misra/src/rules/RULE-12-6/AtomicAggregateObjectDirectlyAccessed.ql index 4e65fa3f91..7478bb2787 100644 --- a/c/misra/src/rules/RULE-12-6/AtomicAggregateObjectDirectlyAccessed.ql +++ b/c/misra/src/rules/RULE-12-6/AtomicAggregateObjectDirectlyAccessed.ql @@ -22,13 +22,13 @@ where ( exists(FieldAccess fa | expr = fa and - fa.getQualifier().getUnderlyingType().hasSpecifier("atomic") and + fa.getQualifier().getType().hasSpecifier("atomic") and field = fa.getTarget() ) or exists(PointerFieldAccess fa | expr = fa and - fa.getQualifier().getUnderlyingType().(PointerType).getBaseType().hasSpecifier("atomic") and + fa.getQualifier().getType().stripTopLevelSpecifiers().(PointerType).getBaseType().hasSpecifier("atomic") and field = fa.getTarget() ) ) diff --git a/c/misra/src/rules/RULE-21-25/InvalidMemoryOrderArgument.ql b/c/misra/src/rules/RULE-21-25/InvalidMemoryOrderArgument.ql index 6c03d32dab..92ec2694b3 100644 --- a/c/misra/src/rules/RULE-21-25/InvalidMemoryOrderArgument.ql +++ b/c/misra/src/rules/RULE-21-25/InvalidMemoryOrderArgument.ql @@ -46,7 +46,7 @@ class MemoryOrderConstantExpr extends Expr { } /* Get the name of the `MemoryOrder` this expression is valued as. */ - string getMemoryOrderString() { result = ord.toString() } + string getMemoryOrderString() { result = ord.getName() } } /** @@ -56,26 +56,26 @@ class MemoryOrderedStdAtomicFunction extends Function { int orderParamIdx; MemoryOrderedStdAtomicFunction() { - exists(int baseParamIdx, int baseParams, string prefix, string suffix | - prefix = ["__", "__c11_"] and - suffix = ["", ".*", "_explicit"] and + exists(int baseParamIdx, int baseParams, string prefix, string regex, string basename | + regex = "__(c11_)?atomic_([a-z_]+)" and + prefix = getName().regexpCapture(regex, 1) and + basename = "atomic_" + getName().regexpCapture(regex, 2) + ["", "_explicit"] and ( - getName().regexpMatch(prefix + ["atomic_thread_fence", "atomic_signal_fence"] + suffix) and + basename in ["atomic_thread_fence", "atomic_signal_fence"] and baseParamIdx = 0 and baseParams = 1 or - getName() - .regexpMatch(prefix + ["atomic_load", "atomic_flag_clear", "atomic_flag_test_and_set"] + - suffix) and + basename in ["atomic_load", "atomic_flag_clear", "atomic_flag_test_and_set"] and baseParamIdx = 1 and baseParams = 2 or - getName() - .regexpMatch(prefix + ["atomic_store", "atomic_fetch_.*", "atomic_exchange"] + suffix) and + basename in [ + "atomic_store", "atomic_fetch_" + ["add", "sub", "or", "xor", "and"], "atomic_exchange" + ] and baseParamIdx = 2 and baseParams = 3 or - getName().regexpMatch(prefix + "atomic_compare_exchange_.*" + suffix) and + basename in ["atomic_compare_exchange_" + ["strong", "weak"]] and baseParamIdx = [3, 4] and baseParams = 5 ) and @@ -84,8 +84,7 @@ class MemoryOrderedStdAtomicFunction extends Function { // __atomic_load(8, &repr->a, &desired, order) // or // __atomic_load_8(&repr->a, &desired, order) - prefix = "__" and - suffix = ".*" and + prefix = "" and exists(int extraParams | extraParams = getNumberOfParameters() - baseParams and extraParams >= 0 and @@ -94,13 +93,7 @@ class MemoryOrderedStdAtomicFunction extends Function { or // Clang case, no inserted parameters: // __c11_atomic_load(object, order) - suffix = "" and - prefix = "__c11_" and - orderParamIdx = baseParamIdx - or - // Non-macro case, may occur in a subset of gcc/clang functions: - prefix = "" and - suffix = "_explicit" and + prefix = "c11_" and orderParamIdx = baseParamIdx ) ) @@ -122,17 +115,6 @@ module MemoryOrderFlowConfig implements DataFlow::ConfigSig { node.asExpr() = literal and not literal.getValue().toInt() = any(AllowedMemoryOrder a).getValue().toInt() ) - or - // Everything else: not a memory order constant or an integer valued literal, also exclude - // variables and functions, things that flow further back. - exists(Expr e | - node.asExpr() = e and - not e instanceof MemoryOrderConstantAccess and - not e instanceof Literal and - not e instanceof VariableAccess and - not e instanceof FunctionCall and - not DataFlow::localFlowStep(_, node) - ) } predicate isSink(DataFlow::Node node) { @@ -169,4 +151,4 @@ where not value = any(AllowedMemoryOrder e).getName() and function.getACallToThisFunction().getAnArgument() = argument select argument, source, sink, "Invalid memory order '$@' in call to function '$@'.", value, value, - function, function.toString() + function, function.getName() diff --git a/c/misra/test/rules/RULE-12-6/AtomicAggregateObjectDirectlyAccessed.expected b/c/misra/test/rules/RULE-12-6/AtomicAggregateObjectDirectlyAccessed.expected index df7f149fcc..5a92fc72fd 100644 --- a/c/misra/test/rules/RULE-12-6/AtomicAggregateObjectDirectlyAccessed.expected +++ b/c/misra/test/rules/RULE-12-6/AtomicAggregateObjectDirectlyAccessed.expected @@ -2,3 +2,12 @@ | test.c:44:18:44:18 | x | Invalid access to member '$@' on atomic struct or union. | test.c:5:7:5:7 | x | x | | test.c:45:13:45:13 | x | Invalid access to member '$@' on atomic struct or union. | test.c:5:7:5:7 | x | x | | test.c:46:18:46:18 | x | Invalid access to member '$@' on atomic struct or union. | test.c:5:7:5:7 | x | x | +| test.c:65:6:65:6 | x | Invalid access to member '$@' on atomic struct or union. | test.c:5:7:5:7 | x | x | +| test.c:71:9:71:9 | x | Invalid access to member '$@' on atomic struct or union. | test.c:5:7:5:7 | x | x | +| test.c:82:18:82:18 | x | Invalid access to member '$@' on atomic struct or union. | test.c:5:7:5:7 | x | x | +| test.c:83:3:83:31 | x | Invalid access to member '$@' on atomic struct or union. | test.c:5:7:5:7 | x | x | +| test.c:84:3:84:39 | x | Invalid access to member '$@' on atomic struct or union. | test.c:5:7:5:7 | x | x | +| test.c:85:3:85:19 | x | Invalid access to member '$@' on atomic struct or union. | test.c:5:7:5:7 | x | x | +| test.c:86:3:86:23 | x | Invalid access to member '$@' on atomic struct or union. | test.c:5:7:5:7 | x | x | +| test.c:87:3:87:19 | x | Invalid access to member '$@' on atomic struct or union. | test.c:5:7:5:7 | x | x | +| test.c:88:3:88:23 | x | Invalid access to member '$@' on atomic struct or union. | test.c:5:7:5:7 | x | x | diff --git a/c/misra/test/rules/RULE-12-6/test.c b/c/misra/test/rules/RULE-12-6/test.c index ae6125da96..0281e6b0d8 100644 --- a/c/misra/test/rules/RULE-12-6/test.c +++ b/c/misra/test/rules/RULE-12-6/test.c @@ -58,4 +58,32 @@ void f1() { *s1_atomic_ptr = (s1){0}; // COMPLIANT s1_atomic_ptr = l2; // COMPLIANT s1_atomic_ptr->x; // COMPLIANT + + // Atomic specifier hidden behind a typedef, still atomic: + typedef _Atomic s1 atomic_s1; + atomic_s1 l3; + l3.x; // NON_COMPLIANT + + // Worst case scenario: a typedef of a volatile const pointer to an atomic + // typedef type. + typedef atomic_s1 *volatile const atomic_s1_specified_ptr; + atomic_s1_specified_ptr l4; + (l4)->x; // NON_COMPLIANT +} + +#define NOOP(x) (x) +#define DOT_FIELD_ACCESS_X(v) (v).x +#define POINTER_FIELD_ACCESS_X(v) (v)->x +#define GET_X_ATOMIC_S1() atomic_s1.x +#define GET_X_PTR_ATOMIC_S1() atomic_s1.x + +void f2() { + // Banned UB with user macros: + NOOP(atomic_s1.x); // NON-COMPLIANT + DOT_FIELD_ACCESS_X(atomic_s1); // NON-COMPLIANT + POINTER_FIELD_ACCESS_X(ptr_atomic_s1); // NON-COMPLIANT + GET_X_ATOMIC_S1(); // NON-COMPLIANT + GET_X_PTR_ATOMIC_S1(); // NON-COMPLIANT + GET_X_ATOMIC_S1() = 0; // NON-COMPLIANT + GET_X_PTR_ATOMIC_S1() = 0; // NON-COMPLIANT } \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-25/InvalidMemoryOrderArgument.expected b/c/misra/test/rules/RULE-21-25/InvalidMemoryOrderArgument.expected index 07229ff975..967621d71f 100644 --- a/c/misra/test/rules/RULE-21-25/InvalidMemoryOrderArgument.expected +++ b/c/misra/test/rules/RULE-21-25/InvalidMemoryOrderArgument.expected @@ -17,25 +17,35 @@ edges | test.c:4:5:4:6 | *g2 | test.c:68:23:68:24 | g2 | provenance | | | test.c:4:5:4:6 | *g2 | test.c:71:23:71:24 | g2 | provenance | | | test.c:4:10:4:29 | memory_order_relaxed | test.c:4:5:4:6 | *g2 | provenance | | +| test.c:4:10:4:29 | memory_order_relaxed | test.c:4:10:4:29 | memory_order_relaxed | provenance | | | test.c:5:5:5:6 | *g3 | test.c:72:23:72:24 | g3 | provenance | | | test.c:5:10:5:29 | memory_order_acquire | test.c:5:5:5:6 | *g3 | provenance | | +| test.c:5:10:5:29 | memory_order_acquire | test.c:5:10:5:29 | memory_order_acquire | provenance | | | test.c:6:5:6:6 | *g4 | test.c:73:23:73:24 | g4 | provenance | | | test.c:6:10:6:29 | memory_order_consume | test.c:6:5:6:6 | *g4 | provenance | | +| test.c:6:10:6:29 | memory_order_consume | test.c:6:10:6:29 | memory_order_consume | provenance | | | test.c:7:5:7:6 | *g5 | test.c:74:23:74:24 | g5 | provenance | | | test.c:7:10:7:29 | memory_order_acq_rel | test.c:7:5:7:6 | *g5 | provenance | | +| test.c:7:10:7:29 | memory_order_acq_rel | test.c:7:10:7:29 | memory_order_acq_rel | provenance | | | test.c:8:5:8:6 | *g6 | test.c:75:23:75:24 | g6 | provenance | | | test.c:8:10:8:29 | memory_order_release | test.c:8:5:8:6 | *g6 | provenance | | +| test.c:8:10:8:29 | memory_order_release | test.c:8:10:8:29 | memory_order_release | provenance | | nodes | test.c:4:5:4:6 | *g2 | semmle.label | *g2 | | test.c:4:10:4:29 | memory_order_relaxed | semmle.label | memory_order_relaxed | +| test.c:4:10:4:29 | memory_order_relaxed | semmle.label | memory_order_relaxed | | test.c:5:5:5:6 | *g3 | semmle.label | *g3 | | test.c:5:10:5:29 | memory_order_acquire | semmle.label | memory_order_acquire | +| test.c:5:10:5:29 | memory_order_acquire | semmle.label | memory_order_acquire | | test.c:6:5:6:6 | *g4 | semmle.label | *g4 | | test.c:6:10:6:29 | memory_order_consume | semmle.label | memory_order_consume | +| test.c:6:10:6:29 | memory_order_consume | semmle.label | memory_order_consume | | test.c:7:5:7:6 | *g5 | semmle.label | *g5 | | test.c:7:10:7:29 | memory_order_acq_rel | semmle.label | memory_order_acq_rel | +| test.c:7:10:7:29 | memory_order_acq_rel | semmle.label | memory_order_acq_rel | | test.c:8:5:8:6 | *g6 | semmle.label | *g6 | | test.c:8:10:8:29 | memory_order_release | semmle.label | memory_order_release | +| test.c:8:10:8:29 | memory_order_release | semmle.label | memory_order_release | | test.c:16:29:16:48 | memory_order_relaxed | semmle.label | memory_order_relaxed | | test.c:17:29:17:48 | memory_order_acquire | semmle.label | memory_order_acquire | | test.c:18:29:18:48 | memory_order_consume | semmle.label | memory_order_consume | @@ -62,10 +72,8 @@ nodes | test.c:73:23:73:24 | g4 | semmle.label | g4 | | test.c:74:23:74:24 | g5 | semmle.label | g5 | | test.c:75:23:75:24 | g6 | semmle.label | g6 | -| test.c:78:23:78:46 | ... * ... | semmle.label | ... * ... | | test.c:79:23:79:23 | 1 | semmle.label | 1 | | test.c:80:23:80:25 | 100 | semmle.label | 100 | -| test.c:81:23:81:28 | ... + ... | semmle.label | ... + ... | subpaths #select | test.c:16:29:16:48 | memory_order_relaxed | test.c:16:29:16:48 | memory_order_relaxed | test.c:16:29:16:48 | memory_order_relaxed | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | file://:0:0:0:0 | __c11_atomic_load | __c11_atomic_load | @@ -96,4 +104,3 @@ subpaths | test.c:75:23:75:24 | g6 | test.c:8:10:8:29 | memory_order_release | test.c:75:23:75:24 | g6 | Invalid memory order '$@' in call to function '$@'. | memory_order_release | memory_order_release | file://:0:0:0:0 | __c11_atomic_thread_fence | __c11_atomic_thread_fence | | test.c:79:23:79:23 | 1 | test.c:79:23:79:23 | 1 | test.c:79:23:79:23 | 1 | Invalid memory order '$@' in call to function '$@'. | memory_order_consume | memory_order_consume | file://:0:0:0:0 | __c11_atomic_thread_fence | __c11_atomic_thread_fence | | test.c:80:23:80:25 | 100 | test.c:80:23:80:25 | 100 | test.c:80:23:80:25 | 100 | Invalid memory order '$@' in call to function '$@'. | 100 | 100 | file://:0:0:0:0 | __c11_atomic_thread_fence | __c11_atomic_thread_fence | -| test.c:81:23:81:28 | ... + ... | test.c:81:23:81:28 | ... + ... | test.c:81:23:81:28 | ... + ... | Invalid memory order '$@' in call to function '$@'. | ... + ... | ... + ... | file://:0:0:0:0 | __c11_atomic_thread_fence | __c11_atomic_thread_fence | diff --git a/c/misra/test/rules/RULE-21-25/test.c b/c/misra/test/rules/RULE-21-25/test.c index 51df24555c..2e8c641032 100644 --- a/c/misra/test/rules/RULE-21-25/test.c +++ b/c/misra/test/rules/RULE-21-25/test.c @@ -78,7 +78,7 @@ void f(int p) { atomic_thread_fence(memory_order_seq_cst * 1); // COMPLIANT atomic_thread_fence(1); // NON-COMPLIANT atomic_thread_fence(100); // NON-COMPLIANT - atomic_thread_fence(g1 + 1); // NON-COMPLIANT + atomic_thread_fence(g1 + 1); // NON_COMPLIANT[FALSE_NEGATIVE] // No unsafe flow, currently accepted: atomic_thread_fence(p); // COMPLIANT From 763f4c1fa710055290a137c15ed8dc8290f7f10c Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Mon, 27 Jan 2025 16:06:01 -0800 Subject: [PATCH 2363/2573] Fix formatting --- c/misra/src/rules/DIR-5-3/ThreadCreatedByThread.ql | 6 ++---- .../RULE-12-6/AtomicAggregateObjectDirectlyAccessed.ql | 7 ++++++- c/misra/test/rules/RULE-21-25/test.c | 2 +- 3 files changed, 9 insertions(+), 6 deletions(-) diff --git a/c/misra/src/rules/DIR-5-3/ThreadCreatedByThread.ql b/c/misra/src/rules/DIR-5-3/ThreadCreatedByThread.ql index 355b30808d..d780437141 100644 --- a/c/misra/src/rules/DIR-5-3/ThreadCreatedByThread.ql +++ b/c/misra/src/rules/DIR-5-3/ThreadCreatedByThread.ql @@ -22,9 +22,7 @@ import codingstandards.cpp.Concurrency class CThreadRoot extends Function { CThreadCreateCall threadCreate; - CThreadRoot() { - threadCreate.getFunction() = this - } + CThreadRoot() { threadCreate.getFunction() = this } /* Get a function which is reachable from this function */ Function getAReachableFunction() { calls*(result) } @@ -32,7 +30,7 @@ class CThreadRoot extends Function { CThreadCreateCall getCThreadCreateCall() { result = threadCreate } } - from CThreadCreateCall tc, CThreadRoot threadRoot +from CThreadCreateCall tc, CThreadRoot threadRoot where not isExcluded(tc, Concurrency6Package::threadCreatedByThreadQuery()) and tc.getEnclosingFunction() = threadRoot.getAReachableFunction() diff --git a/c/misra/src/rules/RULE-12-6/AtomicAggregateObjectDirectlyAccessed.ql b/c/misra/src/rules/RULE-12-6/AtomicAggregateObjectDirectlyAccessed.ql index 7478bb2787..5085e5dc7b 100644 --- a/c/misra/src/rules/RULE-12-6/AtomicAggregateObjectDirectlyAccessed.ql +++ b/c/misra/src/rules/RULE-12-6/AtomicAggregateObjectDirectlyAccessed.ql @@ -28,7 +28,12 @@ where or exists(PointerFieldAccess fa | expr = fa and - fa.getQualifier().getType().stripTopLevelSpecifiers().(PointerType).getBaseType().hasSpecifier("atomic") and + fa.getQualifier() + .getType() + .stripTopLevelSpecifiers() + .(PointerType) + .getBaseType() + .hasSpecifier("atomic") and field = fa.getTarget() ) ) diff --git a/c/misra/test/rules/RULE-21-25/test.c b/c/misra/test/rules/RULE-21-25/test.c index 2e8c641032..d1831785ba 100644 --- a/c/misra/test/rules/RULE-21-25/test.c +++ b/c/misra/test/rules/RULE-21-25/test.c @@ -78,7 +78,7 @@ void f(int p) { atomic_thread_fence(memory_order_seq_cst * 1); // COMPLIANT atomic_thread_fence(1); // NON-COMPLIANT atomic_thread_fence(100); // NON-COMPLIANT - atomic_thread_fence(g1 + 1); // NON_COMPLIANT[FALSE_NEGATIVE] + atomic_thread_fence(g1 + 1); // NON_COMPLIANT[FALSE_NEGATIVE] // No unsafe flow, currently accepted: atomic_thread_fence(p); // COMPLIANT From 1a2454165d16e8babd686b19727c6c7b6f77674b Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 28 Jan 2025 13:17:02 +0000 Subject: [PATCH 2364/2573] Deviations: Support C/C++ attributes This commit adds support for C/C++ attributes to specify deviations with code identifiers in the code. Attributes are inherited from parents, and support multiple code identifiers in a single definition. --- .../deviations/CodeIdentifierDeviation.qll | 49 +++++++++++++++++++ .../TypeLongDoubleUsed.expected | 4 ++ .../UnusedReturnValue.expected | 12 +++++ .../attribute_syntax.cpp | 44 +++++++++++++++++ docs/user_manual.md | 47 ++++++++++++++++-- 5 files changed, 151 insertions(+), 5 deletions(-) create mode 100644 cpp/common/test/deviations/deviations_basic_test/attribute_syntax.cpp diff --git a/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll b/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll index 94587dca34..bd7100021a 100644 --- a/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll +++ b/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll @@ -177,6 +177,40 @@ private predicate isDeviationRangePaired( ) } +/** + * A standard attribute that either deviates a result. + */ +class DeviationAttribute extends StdAttribute { + DeviationRecord record; + + DeviationAttribute() { + this.hasQualifiedName("codingstandards", "deviation") and + // Support multiple argument deviations + "\"" + record.getCodeIdentifier() + "\"" = this.getAnArgument().getValueText() + } + + DeviationRecord getDeviationRecord() { result = record } + + pragma[nomagic] + Element getASuppressedElement() { + result.(Type).getAnAttribute() = this + or + result.(Stmt).getAnAttribute() = this + or + result.(Variable).getAnAttribute() = this + or + result.(Function).getAnAttribute() = this + or + result.(Expr).getEnclosingStmt() = this.getASuppressedElement() + or + result.(Stmt).getParentStmt() = this.getASuppressedElement() + or + result.(Stmt).getEnclosingFunction() = this.getASuppressedElement() + or + result.(LocalVariable) = this.getASuppressedElement().(DeclStmt).getADeclaration() + } +} + newtype TCodeIndentifierDeviation = TSingleLineDeviation(DeviationRecord record, Comment comment, string filepath, int suppressedLine) { ( @@ -195,6 +229,9 @@ newtype TCodeIndentifierDeviation = isDeviationRangePaired(record, beginComment, endComment) and beginComment.getLocation().hasLocationInfo(filepath, suppressedStartLine, _, _, _) and endComment.getLocation().hasLocationInfo(filepath, suppressedEndLine, _, _, _) + } or + TCodeIdentifierDeviation(DeviationRecord record, DeviationAttribute attribute) { + attribute.getDeviationRecord() = record } class CodeIdentifierDeviation extends TCodeIndentifierDeviation { @@ -203,6 +240,8 @@ class CodeIdentifierDeviation extends TCodeIndentifierDeviation { this = TSingleLineDeviation(result, _, _, _) or this = TMultiLineDeviation(result, _, _, _, _, _) + or + this = TCodeIdentifierDeviation(result, _) } /** @@ -225,6 +264,11 @@ class CodeIdentifierDeviation extends TCodeIndentifierDeviation { suppressedEndLine > elementLocationStart ) ) + or + exists(DeviationAttribute attribute | + this = TCodeIdentifierDeviation(_, attribute) and + attribute.getASuppressedElement() = e + ) } string toString() { @@ -243,5 +287,10 @@ class CodeIdentifierDeviation extends TCodeIndentifierDeviation { suppressedStartLine + ":" + suppressedEndLine ) ) + or + exists(DeviationAttribute attribute | + this = TCodeIdentifierDeviation(_, attribute) and + result = "Deviation record " + getDeviationRecord() + " applied to " + attribute + ) } } diff --git a/cpp/common/test/deviations/deviations_basic_test/TypeLongDoubleUsed.expected b/cpp/common/test/deviations/deviations_basic_test/TypeLongDoubleUsed.expected index a4e045edcf..99b3c89bfb 100644 --- a/cpp/common/test/deviations/deviations_basic_test/TypeLongDoubleUsed.expected +++ b/cpp/common/test/deviations/deviations_basic_test/TypeLongDoubleUsed.expected @@ -1,3 +1,7 @@ +| attribute_syntax.cpp:6:15:6:17 | dd1 | Use of long double type. | +| attribute_syntax.cpp:22:15:22:17 | d10 | Use of long double type. | +| attribute_syntax.cpp:30:15:30:17 | d14 | Use of long double type. | +| attribute_syntax.cpp:34:20:34:22 | d16 | Use of long double type. | | main.cpp:13:15:13:16 | d1 | Use of long double type. | | main.cpp:18:15:18:16 | d4 | Use of long double type. | | main.cpp:21:15:21:16 | d6 | Use of long double type. | diff --git a/cpp/common/test/deviations/deviations_basic_test/UnusedReturnValue.expected b/cpp/common/test/deviations/deviations_basic_test/UnusedReturnValue.expected index 7cc5d2e1ab..7538df2195 100644 --- a/cpp/common/test/deviations/deviations_basic_test/UnusedReturnValue.expected +++ b/cpp/common/test/deviations/deviations_basic_test/UnusedReturnValue.expected @@ -1,3 +1,15 @@ +| attribute_syntax.cpp:5:3:5:6 | call to getZ | Return value from call to $@ is unused. | attribute_syntax.cpp:1:5:1:8 | getZ | getZ | +| attribute_syntax.cpp:17:5:17:8 | call to getZ | Return value from call to $@ is unused. | attribute_syntax.cpp:1:5:1:8 | getZ | getZ | +| attribute_syntax.cpp:19:5:19:8 | call to getZ | Return value from call to $@ is unused. | attribute_syntax.cpp:1:5:1:8 | getZ | getZ | +| attribute_syntax.cpp:25:5:25:8 | call to getZ | Return value from call to $@ is unused. | attribute_syntax.cpp:1:5:1:8 | getZ | getZ | +| attribute_syntax.cpp:27:5:27:8 | call to getZ | Return value from call to $@ is unused. | attribute_syntax.cpp:1:5:1:8 | getZ | getZ | +| attribute_syntax.cpp:31:3:31:6 | call to getZ | Return value from call to $@ is unused. | attribute_syntax.cpp:1:5:1:8 | getZ | getZ | +| attribute_syntax.cpp:42:3:42:6 | call to getZ | Return value from call to $@ is unused. | attribute_syntax.cpp:1:5:1:8 | getZ | getZ | | main.cpp:12:3:12:6 | call to getX | Return value from call to $@ is unused. | main.cpp:8:5:8:8 | getX | getX | +| main.cpp:25:3:25:6 | call to getX | Return value from call to $@ is unused. | main.cpp:8:5:8:8 | getX | getX | +| main.cpp:27:3:27:6 | call to getX | Return value from call to $@ is unused. | main.cpp:8:5:8:8 | getX | getX | +| main.cpp:33:3:33:6 | call to getX | Return value from call to $@ is unused. | main.cpp:8:5:8:8 | getX | getX | +| main.cpp:35:3:35:6 | call to getX | Return value from call to $@ is unused. | main.cpp:8:5:8:8 | getX | getX | +| main.cpp:39:3:39:6 | call to getX | Return value from call to $@ is unused. | main.cpp:8:5:8:8 | getX | getX | | nested/nested3/test3.h:5:3:5:7 | call to getZ3 | Return value from call to $@ is unused. | nested/nested3/test3.h:1:5:1:9 | getZ3 | getZ3 | | nested/test.h:5:3:5:6 | call to getY | Return value from call to $@ is unused. | nested/test.h:1:5:1:8 | getY | getY | diff --git a/cpp/common/test/deviations/deviations_basic_test/attribute_syntax.cpp b/cpp/common/test/deviations/deviations_basic_test/attribute_syntax.cpp new file mode 100644 index 0000000000..97b4ba987d --- /dev/null +++ b/cpp/common/test/deviations/deviations_basic_test/attribute_syntax.cpp @@ -0,0 +1,44 @@ +int getZ() { return 5; } + +int alt() { + int x = 0; // COMPLIANT[DEVIATED] + getZ(); // NON_COMPLIANT + long double dd1; // NON_COMPLIANT (A0-4-2) + + long double [[codingstandards::deviation( + "a-0-4-2-deviation")]] dd3; // COMPLIANT[DEVIATED] + long double [[codingstandards::deviation("a")]] dd3a; // NON_COMPLIAT + + [[codingstandards::deviation( + "a-0-4-2-deviation")]] long double dd4; // COMPLIANT[DEVIATED] + + [[codingstandards::deviation("a-0-4-2-deviation")]] { + long double d7; // COMPLIANT[DEVIATED] + getZ(); // NON_COMPLIANT (A0-1-2) + long double d8; // COMPLIANT[DEVIATED] + getZ(); // NON_COMPLIANT (A0-1-2) + long double d9; // COMPLIANT[DEVIATED] + } + long double d10; // NON_COMPLIANT (A0-4-2) + [[codingstandards::deviation("a-0-4-2-deviation")]] { + long double d11; // COMPLIANT[DEVIATED] + getZ(); // NON_COMPLIANT (A0-1-2) + long double d12; // COMPLIANT[DEVIATED] + getZ(); // NON_COMPLIANT (A0-1-2) + long double d13; // COMPLIANT[DEVIATED] + } + long double d14; // NON_COMPLIANT (A0-4-2) + getZ(); // NON_COMPLIANT (A0-1-2) + [[codingstandards::deviation("a-0-4-2-deviation")]] + for (long double d15 = 0.0; true;) {} // COMPLIANT[DEVIATED] + for (long double d16 = 0.0; true;) { // NON_COMPLIANT (A0-4-2) + } + return 0; +} + +[[codingstandards::deviation("a-0-4-2-deviation")]] +int alt2() { + int x = 0; // COMPLIANT[DEVIATED] + getZ(); // NON_COMPLIANT + long double dd1; // COMPLIANT[DEVIATED] +} \ No newline at end of file diff --git a/docs/user_manual.md b/docs/user_manual.md index a936118758..5d2236ed10 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -421,15 +421,50 @@ The `process_coding_standards_config.py` has a dependency on the package `pyyaml `pip3 install -r path/to/codeql-coding-standards/scripts/configuration/requirements.txt` -##### Deviation code identifiers +##### Deviation code identifier attributes -A code identifier specified in a deviation record can be applied to certain results in the code by adding a comment marker consisting of a `code-identifier` with some optional annotations. The supported marker annotation formats are: +A code identifier specified in a deviation record can be applied to certain results in the code by adding a C or C++ attribute of the following format: + +``` +[[codingstandards::deviation("code-identifier")]] +``` + +This attribute may be added to the following program elements: + * Functions + * Statements + * Variables + * Type declarations + +Deviation attributes are inherited from parents in the code structure. For example, a deviation attribute applied to a function will apply the deviation to all code within the function. Note: deviations are not inherited by lambda expressions. + +Multiple code identifiers may be passed in a single attribute to apply multiple deviations, for example: + +``` +[[codingstandards::deviation("code-identifier-1", "code-identifier-2")]] +``` + +Note - considation should be taken to ensure the use of custom attributes for deviations is compatible with your chosen language version, compiler, compiler configuration and coding standard. + +**Use of attributes in C Coding Standards**: The C Standard introduces attributes in C23, however some compilers support attributes as a language extension in prior versions. You should: + * Confirm that your compiler supports attributes for your chosen compiler configuration, if necessary as a language extension. + * Confirm that unknown attributes are ignored by the compiler. + * For MISRA C, add a project deviation against "Rule 1.2: Language extensions should not be used", if attribute support is a language extension in your language version. + +**Use of attributes in C++ Coding Standards**: The C++ Standard supports attributes in C++14, however the handling of unknown attributes is implementation defined. From C++17 onwards, unknown attributes are mandated to be ignored. Unknown attributes will usually raise an "unknown attribute" warning. You should: + * If using C++14, confirm that your compiler ignores unknown attributes. + * If using AUTOSAR and a compiler which produces warnings on unknown attributes, the compiler warning should be disabled (as per `A1-1-2: A warning level of the compilation process shall be set in compliance with project policies`), to ensure compliance with `A1-4-3: All code should compiler free of compiler warnings`. + +If you cannot satisfy these condition, please use the deviation code identifier comment format instead. + +##### Deviation code identifier comments + +As an alternative to attributes, a code identifier specified in a deviation record can be applied to certain results in the code by adding a comment marker consisting of a `code-identifier` with some optional annotations. The supported marker annotation formats are: - `` - the deviation applies to results on the current line. - `codingstandards::deviation()` - the deviation applies to results on the current line. - `codingstandards::deviation_next_line()` - this deviation applies to results on the next line. - - `DEVIATION_BEGIN()` - marks the beginning of a range of lines where the deviation applies. - - `DEVIATION_END()` - marks the end of a range of lines where the deviation applies. + - `codingstandards::deviation_begin()` - marks the beginning of a range of lines where the deviation applies. + - `codingstandards::deviation_end()` - marks the end of a range of lines where the deviation applies. Here are some examples, using the deviation record with the `a-0-4-2-deviation` code-identifier specified above: ```cpp @@ -465,7 +500,9 @@ A `codingstandards::deviation_end` without a matching `codingstandards::deviatio `codingstandards::deviation_begin` and `codingstandards::deviation_end` markers only apply within a single file. Markers cannot be paired across files, and deviations do not apply to included files. -##### Deviation permit +Note: deviation markers cannot be applied to the body of a macro. Please apply the deviation to macro expansion, or use the attribute deviation format. + +##### Deviation permits The current implementation supports _deviation permits_ as described in the [MISRA Compliance:2020](https://www.misra.org.uk/app/uploads/2021/06/MISRA-Compliance-2020.pdf) section _4.3 Deviation permits_. From 5ad258842d90afd1d10ca1ef3b1227f518ebca45 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Tue, 28 Jan 2025 10:30:15 -0800 Subject: [PATCH 2365/2573] fix test --- .../rules/DIR-5-3/ThreadCreatedByThread.ql | 4 +- .../DIR-5-3/ThreadCreatedByThread.expected | 28 +++++++------- c/misra/test/rules/DIR-5-3/test.c | 38 ++++++++++--------- 3 files changed, 36 insertions(+), 34 deletions(-) diff --git a/c/misra/src/rules/DIR-5-3/ThreadCreatedByThread.ql b/c/misra/src/rules/DIR-5-3/ThreadCreatedByThread.ql index d780437141..207e763fa7 100644 --- a/c/misra/src/rules/DIR-5-3/ThreadCreatedByThread.ql +++ b/c/misra/src/rules/DIR-5-3/ThreadCreatedByThread.ql @@ -27,7 +27,7 @@ class CThreadRoot extends Function { /* Get a function which is reachable from this function */ Function getAReachableFunction() { calls*(result) } - CThreadCreateCall getCThreadCreateCall() { result = threadCreate } + CThreadCreateCall getACThreadCreateCall() { result = threadCreate } } from CThreadCreateCall tc, CThreadRoot threadRoot @@ -35,4 +35,4 @@ where not isExcluded(tc, Concurrency6Package::threadCreatedByThreadQuery()) and tc.getEnclosingFunction() = threadRoot.getAReachableFunction() select tc, "Thread creation call reachable from function '$@', which may also be $@.", threadRoot, - threadRoot.toString(), threadRoot.getCThreadCreateCall(), "started as a thread" + threadRoot.toString(), threadRoot.getACThreadCreateCall(), "started as a thread" diff --git a/c/misra/test/rules/DIR-5-3/ThreadCreatedByThread.expected b/c/misra/test/rules/DIR-5-3/ThreadCreatedByThread.expected index 5b73fd97aa..b8dc2bfe4b 100644 --- a/c/misra/test/rules/DIR-5-3/ThreadCreatedByThread.expected +++ b/c/misra/test/rules/DIR-5-3/ThreadCreatedByThread.expected @@ -1,14 +1,14 @@ -| test.c:47:3:47:13 | call to thrd_create | Thread creation call reachable from threaded function '$@'. | test.c:46:7:46:18 | pthread_func | pthread_func | -| test.c:48:3:48:16 | call to pthread_create | Thread creation call reachable from threaded function '$@'. | test.c:46:7:46:18 | pthread_func | pthread_func | -| test.c:56:3:56:13 | call to thrd_create | Thread creation call reachable from threaded function '$@'. | test.c:55:5:55:13 | thrd_func | thrd_func | -| test.c:57:3:57:16 | call to pthread_create | Thread creation call reachable from threaded function '$@'. | test.c:55:5:55:13 | thrd_func | thrd_func | -| test.c:65:3:65:13 | call to thrd_create | Thread creation call reachable from threaded function '$@'. | test.c:55:5:55:13 | thrd_func | thrd_func | -| test.c:66:3:66:16 | call to pthread_create | Thread creation call reachable from threaded function '$@'. | test.c:55:5:55:13 | thrd_func | thrd_func | -| test.c:74:3:74:13 | call to thrd_create | Thread creation call reachable from threaded function '$@'. | test.c:46:7:46:18 | pthread_func | pthread_func | -| test.c:74:3:74:13 | call to thrd_create | Thread creation call reachable from threaded function '$@'. | test.c:55:5:55:13 | thrd_func | thrd_func | -| test.c:75:3:75:16 | call to pthread_create | Thread creation call reachable from threaded function '$@'. | test.c:46:7:46:18 | pthread_func | pthread_func | -| test.c:75:3:75:16 | call to pthread_create | Thread creation call reachable from threaded function '$@'. | test.c:55:5:55:13 | thrd_func | thrd_func | -| test.c:79:3:79:13 | call to thrd_create | Thread creation call reachable from threaded function '$@'. | test.c:46:7:46:18 | pthread_func | pthread_func | -| test.c:79:3:79:13 | call to thrd_create | Thread creation call reachable from threaded function '$@'. | test.c:55:5:55:13 | thrd_func | thrd_func | -| test.c:80:3:80:16 | call to pthread_create | Thread creation call reachable from threaded function '$@'. | test.c:46:7:46:18 | pthread_func | pthread_func | -| test.c:80:3:80:16 | call to pthread_create | Thread creation call reachable from threaded function '$@'. | test.c:55:5:55:13 | thrd_func | thrd_func | +| test.c:49:3:49:13 | call to thrd_create | Thread creation call reachable from function '$@', which may also be $@. | test.c:48:7:48:18 | pthread_func | pthread_func | test.c:19:3:19:16 | call to pthread_create | started as a thread | +| test.c:50:3:50:16 | call to pthread_create | Thread creation call reachable from function '$@', which may also be $@. | test.c:48:7:48:18 | pthread_func | pthread_func | test.c:19:3:19:16 | call to pthread_create | started as a thread | +| test.c:58:3:58:13 | call to thrd_create | Thread creation call reachable from function '$@', which may also be $@. | test.c:57:5:57:13 | thrd_func | thrd_func | test.c:18:3:18:13 | call to thrd_create | started as a thread | +| test.c:59:3:59:16 | call to pthread_create | Thread creation call reachable from function '$@', which may also be $@. | test.c:57:5:57:13 | thrd_func | thrd_func | test.c:18:3:18:13 | call to thrd_create | started as a thread | +| test.c:67:3:67:13 | call to thrd_create | Thread creation call reachable from function '$@', which may also be $@. | test.c:57:5:57:13 | thrd_func | thrd_func | test.c:18:3:18:13 | call to thrd_create | started as a thread | +| test.c:68:3:68:16 | call to pthread_create | Thread creation call reachable from function '$@', which may also be $@. | test.c:57:5:57:13 | thrd_func | thrd_func | test.c:18:3:18:13 | call to thrd_create | started as a thread | +| test.c:76:3:76:13 | call to thrd_create | Thread creation call reachable from function '$@', which may also be $@. | test.c:48:7:48:18 | pthread_func | pthread_func | test.c:19:3:19:16 | call to pthread_create | started as a thread | +| test.c:76:3:76:13 | call to thrd_create | Thread creation call reachable from function '$@', which may also be $@. | test.c:57:5:57:13 | thrd_func | thrd_func | test.c:18:3:18:13 | call to thrd_create | started as a thread | +| test.c:77:3:77:16 | call to pthread_create | Thread creation call reachable from function '$@', which may also be $@. | test.c:48:7:48:18 | pthread_func | pthread_func | test.c:19:3:19:16 | call to pthread_create | started as a thread | +| test.c:77:3:77:16 | call to pthread_create | Thread creation call reachable from function '$@', which may also be $@. | test.c:57:5:57:13 | thrd_func | thrd_func | test.c:18:3:18:13 | call to thrd_create | started as a thread | +| test.c:81:3:81:13 | call to thrd_create | Thread creation call reachable from function '$@', which may also be $@. | test.c:48:7:48:18 | pthread_func | pthread_func | test.c:19:3:19:16 | call to pthread_create | started as a thread | +| test.c:81:3:81:13 | call to thrd_create | Thread creation call reachable from function '$@', which may also be $@. | test.c:57:5:57:13 | thrd_func | thrd_func | test.c:18:3:18:13 | call to thrd_create | started as a thread | +| test.c:82:3:82:16 | call to pthread_create | Thread creation call reachable from function '$@', which may also be $@. | test.c:48:7:48:18 | pthread_func | pthread_func | test.c:19:3:19:16 | call to pthread_create | started as a thread | +| test.c:82:3:82:16 | call to pthread_create | Thread creation call reachable from function '$@', which may also be $@. | test.c:57:5:57:13 | thrd_func | thrd_func | test.c:18:3:18:13 | call to thrd_create | started as a thread | diff --git a/c/misra/test/rules/DIR-5-3/test.c b/c/misra/test/rules/DIR-5-3/test.c index 24e03d9a33..ebdf53cfb4 100644 --- a/c/misra/test/rules/DIR-5-3/test.c +++ b/c/misra/test/rules/DIR-5-3/test.c @@ -5,7 +5,9 @@ thrd_t g1; // COMPLIANT pthread_t g2; // COMPLIANT void *pthread_func(void *arg); +void *pthread_func_inner(void *arg); int thrd_func(void *arg); +int thrd_func_inner(void *arg); void make_threads_called_from_main(void); void func_called_from_main(void); @@ -16,8 +18,8 @@ void main() { thrd_create(&g1, &thrd_func, NULL); // COMPLIANT pthread_create(&g2, NULL, &pthread_func, NULL); // COMPLIANT - thrd_create(&g1, &thrd_func, NULL); // COMPLIANT - pthread_create(&g2, NULL, &pthread_func, NULL); // COMPLIANT + thrd_create(&g1, &thrd_func_inner, NULL); // COMPLIANT + pthread_create(&g2, NULL, &pthread_func_inner, NULL); // COMPLIANT make_threads_called_from_main(); func_called_from_main(); @@ -25,8 +27,8 @@ void main() { } void make_threads_called_from_main() { - thrd_create(&g1, &thrd_func, NULL); // COMPLIANT - pthread_create(&g2, NULL, &pthread_func, NULL); // COMPLIANT + thrd_create(&g1, &thrd_func_inner, NULL); // COMPLIANT + pthread_create(&g2, NULL, &pthread_func_inner, NULL); // COMPLIANT } void func_called_from_main() { @@ -34,8 +36,8 @@ void func_called_from_main() { } void make_threads_called_from_func_called_from_main() { - thrd_create(&g1, &thrd_func, NULL); // COMPLIANT - pthread_create(&g2, NULL, &pthread_func, NULL); // COMPLIANT + thrd_create(&g1, &thrd_func_inner, NULL); // COMPLIANT + pthread_create(&g2, NULL, &pthread_func_inner, NULL); // COMPLIANT } void make_threads_called_from_pthread_func(void); @@ -44,8 +46,8 @@ void func_called_from_pthread_thrd(void); void make_threads_called_from_func_called_from_pthread_thrd(void); void *pthread_func(void *arg) { - thrd_create(&g1, &thrd_func, NULL); // NON-COMPLIANT - pthread_create(&g2, NULL, &pthread_func, NULL); // NON-COMPLIANT + thrd_create(&g1, &thrd_func_inner, NULL); // NON-COMPLIANT + pthread_create(&g2, NULL, &pthread_func_inner, NULL); // NON-COMPLIANT make_threads_called_from_pthread_func(); func_called_from_pthread_thrd(); @@ -53,8 +55,8 @@ void *pthread_func(void *arg) { } int thrd_func(void *arg) { - thrd_create(&g1, &thrd_func, NULL); // NON-COMPLIANT - pthread_create(&g2, NULL, &pthread_func, NULL); // NON-COMPLIANT + thrd_create(&g1, &thrd_func_inner, NULL); // NON-COMPLIANT + pthread_create(&g2, NULL, &pthread_func_inner, NULL); // NON-COMPLIANT make_threads_called_from_thrd_func(); func_called_from_pthread_thrd(); @@ -62,8 +64,8 @@ int thrd_func(void *arg) { } void make_threads_called_from_thrd_func(void) { - thrd_create(&g1, &thrd_func, NULL); // NON-COMPLIANT - pthread_create(&g2, NULL, &pthread_func, NULL); // NON-COMPLIANT + thrd_create(&g1, &thrd_func_inner, NULL); // NON-COMPLIANT + pthread_create(&g2, NULL, &pthread_func_inner, NULL); // NON-COMPLIANT } void func_called_from_pthread_thrd(void) { @@ -71,16 +73,16 @@ void func_called_from_pthread_thrd(void) { } void make_threads_called_from_func_called_from_pthread_thrd(void) { - thrd_create(&g1, &thrd_func, NULL); // NON-COMPLIANT - pthread_create(&g2, NULL, &pthread_func, NULL); // NON-COMPLIANT + thrd_create(&g1, &thrd_func_inner, NULL); // NON-COMPLIANT + pthread_create(&g2, NULL, &pthread_func_inner, NULL); // NON-COMPLIANT } void make_threads_called_from_main_pthread_thrd() { - thrd_create(&g1, &thrd_func, NULL); // NON-COMPLIANT - pthread_create(&g2, NULL, &pthread_func, NULL); // NON-COMPLIANT + thrd_create(&g1, &thrd_func_inner, NULL); // NON-COMPLIANT + pthread_create(&g2, NULL, &pthread_func_inner, NULL); // NON-COMPLIANT } void make_threads_not_called_by_anyone() { - thrd_create(&g1, &thrd_func, NULL); // COMPLIANT - pthread_create(&g2, NULL, &pthread_func, NULL); // COMPLIANT + thrd_create(&g1, &thrd_func_inner, NULL); // COMPLIANT + pthread_create(&g2, NULL, &pthread_func_inner, NULL); // COMPLIANT } From 22e4fd3e0775f3aa17ee57c199b73cf5bd72f8f4 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Tue, 28 Jan 2025 14:07:32 -0800 Subject: [PATCH 2366/2573] fix test affected by changes in test.c --- .../BannedDynamicThreadCreation.expected | 32 +++++++++---------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/c/misra/test/rules/DIR-5-3/BannedDynamicThreadCreation.expected b/c/misra/test/rules/DIR-5-3/BannedDynamicThreadCreation.expected index fa12a62f41..3bc3ab579a 100644 --- a/c/misra/test/rules/DIR-5-3/BannedDynamicThreadCreation.expected +++ b/c/misra/test/rules/DIR-5-3/BannedDynamicThreadCreation.expected @@ -1,16 +1,16 @@ -| test.c:28:3:28:13 | call to thrd_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:27:6:27:34 | make_threads_called_from_main | make_threads_called_from_main | -| test.c:29:3:29:16 | call to pthread_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:27:6:27:34 | make_threads_called_from_main | make_threads_called_from_main | -| test.c:37:3:37:13 | call to thrd_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:36:6:36:51 | make_threads_called_from_func_called_from_main | make_threads_called_from_func_called_from_main | -| test.c:38:3:38:16 | call to pthread_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:36:6:36:51 | make_threads_called_from_func_called_from_main | make_threads_called_from_func_called_from_main | -| test.c:47:3:47:13 | call to thrd_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:46:7:46:18 | pthread_func | pthread_func | -| test.c:48:3:48:16 | call to pthread_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:46:7:46:18 | pthread_func | pthread_func | -| test.c:56:3:56:13 | call to thrd_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:55:5:55:13 | thrd_func | thrd_func | -| test.c:57:3:57:16 | call to pthread_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:55:5:55:13 | thrd_func | thrd_func | -| test.c:65:3:65:13 | call to thrd_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:64:6:64:39 | make_threads_called_from_thrd_func | make_threads_called_from_thrd_func | -| test.c:66:3:66:16 | call to pthread_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:64:6:64:39 | make_threads_called_from_thrd_func | make_threads_called_from_thrd_func | -| test.c:74:3:74:13 | call to thrd_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:73:6:73:59 | make_threads_called_from_func_called_from_pthread_thrd | make_threads_called_from_func_called_from_pthread_thrd | -| test.c:75:3:75:16 | call to pthread_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:73:6:73:59 | make_threads_called_from_func_called_from_pthread_thrd | make_threads_called_from_func_called_from_pthread_thrd | -| test.c:79:3:79:13 | call to thrd_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:78:6:78:47 | make_threads_called_from_main_pthread_thrd | make_threads_called_from_main_pthread_thrd | -| test.c:80:3:80:16 | call to pthread_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:78:6:78:47 | make_threads_called_from_main_pthread_thrd | make_threads_called_from_main_pthread_thrd | -| test.c:84:3:84:13 | call to thrd_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:83:6:83:38 | make_threads_not_called_by_anyone | make_threads_not_called_by_anyone | -| test.c:85:3:85:16 | call to pthread_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:83:6:83:38 | make_threads_not_called_by_anyone | make_threads_not_called_by_anyone | +| test.c:30:3:30:13 | call to thrd_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:29:6:29:34 | make_threads_called_from_main | make_threads_called_from_main | +| test.c:31:3:31:16 | call to pthread_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:29:6:29:34 | make_threads_called_from_main | make_threads_called_from_main | +| test.c:39:3:39:13 | call to thrd_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:38:6:38:51 | make_threads_called_from_func_called_from_main | make_threads_called_from_func_called_from_main | +| test.c:40:3:40:16 | call to pthread_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:38:6:38:51 | make_threads_called_from_func_called_from_main | make_threads_called_from_func_called_from_main | +| test.c:49:3:49:13 | call to thrd_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:48:7:48:18 | pthread_func | pthread_func | +| test.c:50:3:50:16 | call to pthread_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:48:7:48:18 | pthread_func | pthread_func | +| test.c:58:3:58:13 | call to thrd_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:57:5:57:13 | thrd_func | thrd_func | +| test.c:59:3:59:16 | call to pthread_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:57:5:57:13 | thrd_func | thrd_func | +| test.c:67:3:67:13 | call to thrd_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:66:6:66:39 | make_threads_called_from_thrd_func | make_threads_called_from_thrd_func | +| test.c:68:3:68:16 | call to pthread_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:66:6:66:39 | make_threads_called_from_thrd_func | make_threads_called_from_thrd_func | +| test.c:76:3:76:13 | call to thrd_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:75:6:75:59 | make_threads_called_from_func_called_from_pthread_thrd | make_threads_called_from_func_called_from_pthread_thrd | +| test.c:77:3:77:16 | call to pthread_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:75:6:75:59 | make_threads_called_from_func_called_from_pthread_thrd | make_threads_called_from_func_called_from_pthread_thrd | +| test.c:81:3:81:13 | call to thrd_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:80:6:80:47 | make_threads_called_from_main_pthread_thrd | make_threads_called_from_main_pthread_thrd | +| test.c:82:3:82:16 | call to pthread_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:80:6:80:47 | make_threads_called_from_main_pthread_thrd | make_threads_called_from_main_pthread_thrd | +| test.c:86:3:86:13 | call to thrd_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:85:6:85:38 | make_threads_not_called_by_anyone | make_threads_not_called_by_anyone | +| test.c:87:3:87:16 | call to pthread_create | Possible dynamic creation of thread outside initialization in function '$@'. | test.c:85:6:85:38 | make_threads_not_called_by_anyone | make_threads_not_called_by_anyone | From 93a773c00482a8b25d933759830cdda8684212c9 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Tue, 28 Jan 2025 19:51:11 -0800 Subject: [PATCH 2367/2573] Add comments where intention was unclear --- .../CON34-C/AppropriateThreadObjectStorageDurations.ql | 6 +++++- c/common/src/codingstandards/c/Objects.qll | 5 +++++ 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql b/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql index 5a1dd3c461..4115a801e6 100644 --- a/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql +++ b/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql @@ -39,7 +39,11 @@ where ) ) or - // TODO: Remove/replace with tss_t type check, see #801. + // TODO: This case is handling threadlocals in a useful way that's not intended to be covered + // by the rule. See issue #801. The actual rule should expect no tss_t objects is used, and + // this check that this is initialized doesn't seem to belong here. However, it is a useful + // check in and of itself, so we should figure out if this is part of an optional rule we + // haven't yet implemented and move this behavior there. exists(TSSGetFunctionCall tsg | TaintTracking::localTaint(DataFlow::exprNode(tsg), DataFlow::exprNode(arg)) and not exists(TSSSetFunctionCall tss, DataFlow::Node src | diff --git a/c/common/src/codingstandards/c/Objects.qll b/c/common/src/codingstandards/c/Objects.qll index 105291c688..9a0206771b 100644 --- a/c/common/src/codingstandards/c/Objects.qll +++ b/c/common/src/codingstandards/c/Objects.qll @@ -106,9 +106,14 @@ abstract class ObjectIdentityBase extends Element { exists(Expr subobject | subobject = getASubobjectAccess() and ( + // Holds for address-of expressions. result = any(AddressOfExpr e | e.getOperand() = subobject) or + // Holds for array-to-pointer conversions, which evaluate to a usable subobject address. exists(ArrayToPointerConversion c | c.getExpr() = subobject) and + // Note that `arr[x]` has an array-to-pointer conversion, and returns the `x`th item by + // value, not the address of the `x`th item. Therefore, exclude `arr` if `arr` is part of + // an expression `arr[x]`. not exists(ArrayExpr a | a.getArrayBase() = subobject) and result = subobject ) From 22f95addf5d7fcfbcc850480b266fb8577c01459 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 29 Jan 2025 11:12:40 +0000 Subject: [PATCH 2368/2573] Add deviation file --- cpp/autosar/test/rules/A15-4-4/coding-standards.xml | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 cpp/autosar/test/rules/A15-4-4/coding-standards.xml diff --git a/cpp/autosar/test/rules/A15-4-4/coding-standards.xml b/cpp/autosar/test/rules/A15-4-4/coding-standards.xml new file mode 100644 index 0000000000..6ae9c299fa --- /dev/null +++ b/cpp/autosar/test/rules/A15-4-4/coding-standards.xml @@ -0,0 +1,11 @@ + + + + + + A15-4-4 + Suppress entry. + a-15-4-4-deviation + + + From d307ab3db791b689f6664ff6bc33d4b1a84efeda Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Wed, 29 Jan 2025 12:41:31 -0800 Subject: [PATCH 2369/2573] Fix DataFlow imports --- .../AppropriateStorageDurationsFunctionReturn.ql | 1 + .../AppropriateStorageDurationsFunctionReturn.expected | 10 +++++----- .../cpp/resources/ResourceLeakAnalysis.qll | 2 +- 3 files changed, 7 insertions(+), 6 deletions(-) diff --git a/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql b/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql index 773d71acca..e4f5341014 100644 --- a/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql +++ b/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql @@ -14,6 +14,7 @@ import cpp import codingstandards.c.cert import codingstandards.c.Objects +import semmle.code.cpp.dataflow.DataFlow class Source extends Expr { ObjectIdentity rootObject; diff --git a/c/cert/test/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.expected b/c/cert/test/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.expected index 905c9cc22b..f60689dbb1 100644 --- a/c/cert/test/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.expected +++ b/c/cert/test/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.expected @@ -1,7 +1,7 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateStorageDurationsFunctionReturn.ql:22,20-28) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateStorageDurationsFunctionReturn.ql:26,31-39) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateStorageDurationsFunctionReturn.ql:39,6-14) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateStorageDurationsFunctionReturn.ql:39,26-34) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateStorageDurationsFunctionReturn.ql:45,3-11) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateStorageDurationsFunctionReturn.ql:28,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateStorageDurationsFunctionReturn.ql:32,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateStorageDurationsFunctionReturn.ql:45,6-14) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateStorageDurationsFunctionReturn.ql:45,26-34) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateStorageDurationsFunctionReturn.ql:51,3-11) | test.c:3:10:3:10 | a | $@ with automatic storage may be accessible outside of its lifetime. | test.c:3:10:3:10 | a | a | | test.c:15:4:15:8 | param [inner post update] | $@ with automatic storage may be accessible outside of its lifetime. | test.c:15:12:15:13 | a2 | a2 | diff --git a/cpp/common/src/codingstandards/cpp/resources/ResourceLeakAnalysis.qll b/cpp/common/src/codingstandards/cpp/resources/ResourceLeakAnalysis.qll index 2f932870b3..7d767b5cb4 100644 --- a/cpp/common/src/codingstandards/cpp/resources/ResourceLeakAnalysis.qll +++ b/cpp/common/src/codingstandards/cpp/resources/ResourceLeakAnalysis.qll @@ -1,5 +1,5 @@ import cpp -import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow import semmle.code.cpp.valuenumbering.GlobalValueNumbering import semmle.code.cpp.controlflow.Dominance import codeql.util.Boolean From 127c6045f10de0895116dc17ee22107780291eac Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Wed, 29 Jan 2025 13:07:47 -0800 Subject: [PATCH 2370/2573] Address feedback --- ...1-29-implement-misra-clarifications-change-categories.md | 6 ++++++ rules.csv | 6 +++--- 2 files changed, 9 insertions(+), 3 deletions(-) create mode 100644 change_notes/2025-01-29-implement-misra-clarifications-change-categories.md diff --git a/change_notes/2025-01-29-implement-misra-clarifications-change-categories.md b/change_notes/2025-01-29-implement-misra-clarifications-change-categories.md new file mode 100644 index 0000000000..04ef636392 --- /dev/null +++ b/change_notes/2025-01-29-implement-misra-clarifications-change-categories.md @@ -0,0 +1,6 @@ + - `RULE-13-6` - `SizeofOperandWithSideEffect.ql`: + - Changed from Mandatory to Required in implementation of Technical Corrigenda 2. + - `RULE-17-5` - `ArrayFunctionArgumentNumberOfElements.ql`: + - Changed from Advisory to Required in implementation of Technical Corrigenda 2. + - `RULE-21-11` - `StandardHeaderFileTgmathhUsed.ql`: + - Changed from Required to Advisory in implementation of Amendment 3. \ No newline at end of file diff --git a/rules.csv b/rules.csv index 475ea1d66c..ec3f80dab3 100644 --- a/rules.csv +++ b/rules.csv @@ -708,7 +708,7 @@ c,MISRA-C-2012,RULE-13-2,Yes,Required,,,The value of an expression and its persi c,MISRA-C-2012,RULE-13-3,Yes,Advisory,,,A full expression containing an increment (++) or decrement (--) operator should have no other potential side effects other than that caused by the increment or decrement operator,,SideEffects2,Medium, c,MISRA-C-2012,RULE-13-4,Yes,Advisory,,,The result of an assignment operator should not be used,M6-2-1,SideEffects1,Easy, c,MISRA-C-2012,RULE-13-5,Yes,Required,,,The right hand operand of a logical && or || operator shall not contain persistent side effects,M5-14-1,SideEffects1,Import, -c,MISRA-C-2012,RULE-13-6,Yes,Mandatory,,,The operand of the sizeof operator shall not contain any expressiosn which has potential side effects,M5-3-4,SideEffects1,Import, +c,MISRA-C-2012,RULE-13-6,Yes,Required,,,The operand of the sizeof operator shall not contain any expressiosn which has potential side effects,M5-3-4,SideEffects1,Import, c,MISRA-C-2012,RULE-14-1,Yes,Required,,,A loop counter shall not have essentially floating type,FLP30-C A6-5-2,EssentialTypes,Hard, c,MISRA-C-2012,RULE-14-2,Yes,Required,,,A for loop shall be well-formed,M6-5-1...M6-5-6,Statements4,Medium, c,MISRA-C-2012,RULE-14-3,Yes,Required,,,Controlling expressions shall not be invariant,,Statements5,Medium, @@ -731,7 +731,7 @@ c,MISRA-C-2012,RULE-17-1,Yes,Required,,,The features of shall not be c,MISRA-C-2012,RULE-17-2,Yes,Required,,,"Functions shall not call themselves, either directly or indirectly",A7-5-2,Statements3,Import, c,MISRA-C-2012,RULE-17-3,Yes,Mandatory,,,A function shall not be declared implicitly,,Declarations6,Medium, c,MISRA-C-2012,RULE-17-4,Yes,Mandatory,,,All exit paths from a function with non-void return type shall have an explicit return statement with an expression,MSC52-CPP,Statements5,Medium, -c,MISRA-C-2012,RULE-17-5,Yes,Advisory,,,The function argument corresponding to a parameter declared to have an array type shall have an appropriate number of elements,,Contracts6,Hard, +c,MISRA-C-2012,RULE-17-5,Yes,Required,,,The function argument corresponding to a parameter declared to have an array type shall have an appropriate number of elements,,Contracts6,Hard, c,MISRA-C-2012,RULE-17-6,Yes,Mandatory,,,The declaration of an array parameter shall not contain the static keyword between the [ ],,Static,Easy, c,MISRA-C-2012,RULE-17-7,Yes,Required,,,The value returned by a function having non-void return type shall be used,A0-1-2,Contracts6,Easy, c,MISRA-C-2012,RULE-17-8,Yes,Advisory,,,A function parameter should not be modified,,SideEffects2,Medium, @@ -776,7 +776,7 @@ c,MISRA-C-2012,RULE-21-7,Yes,Required,,,"The Standard Library functions atof, at c,MISRA-C-2012,RULE-21-8,Yes,Required,,,The Standard Library termination functions of shall not be used,ERR50-CPP,Banned,Easy, c,MISRA-C-2012,RULE-21-9,Yes,Required,,,The Standard Library functions bsearch and qsort of shall not be used,,Banned,Easy, c,MISRA-C-2012,RULE-21-10,Yes,Required,,,The Standard Library time and date functions shall not be used,,Banned,Easy, -c,MISRA-C-2012,RULE-21-11,Yes,Required,,,The standard header file shall not be used,,Banned,Easy, +c,MISRA-C-2012,RULE-21-11,Yes,Advisory,,,The standard header file shall not be used,,Banned,Easy, c,MISRA-C-2012,RULE-21-12,Yes,Advisory,,,The exception handling features of should not be used,,Banned,Easy, c,MISRA-C-2012,RULE-21-13,Yes,Mandatory,,,Any value passed to a function in shall be representable as an unsigned char or be the value EOF,,StandardLibraryFunctionTypes,Medium, c,MISRA-C-2012,RULE-21-14,Yes,Required,,,The Standard Library function memcmp shall not be used to compare null terminated strings,,EssentialTypes,Hard, From 963ba5c41638ad33cc548f7ad2e3a1ade5463a1b Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Wed, 29 Jan 2025 15:59:33 -0800 Subject: [PATCH 2371/2573] Fix broken test expectation --- .../rules/RULE-22-16/MutexObjectsNotAlwaysUnlocked.expected | 2 ++ 1 file changed, 2 insertions(+) diff --git a/c/misra/test/rules/RULE-22-16/MutexObjectsNotAlwaysUnlocked.expected b/c/misra/test/rules/RULE-22-16/MutexObjectsNotAlwaysUnlocked.expected index 126e75bca7..dbee52ed58 100644 --- a/c/misra/test/rules/RULE-22-16/MutexObjectsNotAlwaysUnlocked.expected +++ b/c/misra/test/rules/RULE-22-16/MutexObjectsNotAlwaysUnlocked.expected @@ -1,3 +1,5 @@ +WARNING: module 'DataFlow' has been deprecated and may be removed in future (MutexObjectsNotAlwaysUnlocked.ql:22,52-60) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (MutexObjectsNotAlwaysUnlocked.ql:30,42-50) | test.c:16:3:16:10 | call to mtx_lock | Mutex 'm' is locked here and may not always be subsequently unlocked. | | test.c:21:3:21:10 | call to mtx_lock | Mutex 'm' is locked here and may not always be subsequently unlocked. | | test.c:39:3:39:10 | call to mtx_lock | Mutex 'm' is locked here and may not always be subsequently unlocked. | From a26959808c685f011b7356bafc778562b8e1dddb Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Wed, 29 Jan 2025 18:48:02 -0800 Subject: [PATCH 2372/2573] Fix another set of test expectations --- ...riateThreadObjectStorageDurations.expected | 21 ++++++++++++------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/c/cert/test/rules/CON34-C/AppropriateThreadObjectStorageDurations.expected b/c/cert/test/rules/CON34-C/AppropriateThreadObjectStorageDurations.expected index 25cb74d7fa..085083228b 100644 --- a/c/cert/test/rules/CON34-C/AppropriateThreadObjectStorageDurations.expected +++ b/c/cert/test/rules/CON34-C/AppropriateThreadObjectStorageDurations.expected @@ -1,11 +1,16 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:28,29-37) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:28,54-62) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:35,62-70) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:40,5-13) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:40,30-38) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:41,5-13) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:41,30-38) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:28,3-16) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:31,14-22) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:33,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:35,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:38,45-53) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:48,33-41) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:48,58-66) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:49,42-50) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:52,9-17) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:52,34-42) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:53,9-17) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:53,34-42) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:38,9-22) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:48,7-20) | test.c:23:3:23:13 | call to thrd_create | $@ not declared with appropriate storage duration | test.c:23:24:23:29 | & ... | Shared object | | test.c:74:3:74:13 | call to thrd_create | $@ not declared with appropriate storage duration | test.c:74:24:74:24 | p | Shared object | | test.c:85:3:85:13 | call to thrd_create | $@ not declared with appropriate storage duration | test.c:85:24:85:24 | p | Shared object | From 3a20ccca17259b3a5597f637cd9cce5156f5bd75 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Thu, 30 Jan 2025 22:43:18 +0000 Subject: [PATCH 2373/2573] Update cpp/autosar/test/rules/A7-1-1/test.cpp --- cpp/autosar/test/rules/A7-1-1/test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A7-1-1/test.cpp b/cpp/autosar/test/rules/A7-1-1/test.cpp index 5e47b9c0bf..1fdc0d66eb 100644 --- a/cpp/autosar/test/rules/A7-1-1/test.cpp +++ b/cpp/autosar/test/rules/A7-1-1/test.cpp @@ -90,7 +90,7 @@ void fp_621() { recurse_var; } void variadic_forwarding() {} template -void variadic_forwarding(T &&first, Args &&... rest) { +void variadic_forwarding(T &&first, Args &&...rest) { first; variadic_forwarding(std::forward(rest)...); } From 638c083b3b55c790a3b588d9bc70ba02a0ced449 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Tue, 29 Oct 2024 14:48:44 -0700 Subject: [PATCH 2374/2573] save work for draft PR --- .../PossibleMisuseOfUndetectedInfinity.ql | 104 + .../DIR-4-15/PossibleMisuseOfUndetectedNaN.ql | 157 ++ .../PossibleUndetectedNaNorInfinity.ql | 223 ++ ...ossibleMisuseOfUndetectedInfinity.expected | 48 + .../PossibleMisuseOfUndetectedInfinity.qlref | 1 + .../PossibleMisuseOfUndetectedNaN.expected | 63 + .../PossibleMisuseOfUndetectedNaN.qlref | 1 + .../PossibleUndetectedNaNorInfinity.expected | 1 + .../PossibleUndetectedNaNorInfinity.qlref | 1 + c/misra/test/rules/DIR-4-15/test.c | 76 + .../src/codingstandards/cpp/FloatingPoint.qll | 61 + .../cpp/RestrictedRangeAnalysis.qll | 1903 +++++++++++++++++ .../cpp/SimpleRangeAnalysisCustomizations.qll | 39 + .../cpp/exclusions/c/FloatingTypes2.qll | 44 + .../cpp/exclusions/c/RuleMetadata.qll | 3 + rule_packages/c/FloatingTypes2.json | 36 + 16 files changed, 2761 insertions(+) create mode 100644 c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.ql create mode 100644 c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql create mode 100644 c/misra/src/rules/DIR-4-15/PossibleUndetectedNaNorInfinity.ql create mode 100644 c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.expected create mode 100644 c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.qlref create mode 100644 c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.expected create mode 100644 c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.qlref create mode 100644 c/misra/test/rules/DIR-4-15/PossibleUndetectedNaNorInfinity.expected create mode 100644 c/misra/test/rules/DIR-4-15/PossibleUndetectedNaNorInfinity.qlref create mode 100644 c/misra/test/rules/DIR-4-15/test.c create mode 100644 cpp/common/src/codingstandards/cpp/FloatingPoint.qll create mode 100644 cpp/common/src/codingstandards/cpp/RestrictedRangeAnalysis.qll create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/FloatingTypes2.qll create mode 100644 rule_packages/c/FloatingTypes2.json diff --git a/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.ql b/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.ql new file mode 100644 index 0000000000..84a3fbfd3c --- /dev/null +++ b/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.ql @@ -0,0 +1,104 @@ +/** + * @id c/misra/possible-misuse-of-undetected-infinity + * @name DIR-4-15: Evaluation of floating-point expressions shall not lead to the undetected generation of infinities + * @description Evaluation of floating-point expressions shall not lead to the undetected generation + * of infinities. + * @kind path-problem + * @precision high + * @problem.severity error + * @tags external/misra/id/dir-4-15 + * correctness + * external/misra/c/2012/amendment3 + * external/misra/obligation/required + */ + +import cpp +import codeql.util.Boolean +import codingstandards.c.misra +import codingstandards.cpp.RestrictedRangeAnalysis +import codingstandards.cpp.FloatingPoint +import codingstandards.cpp.AlertReporting +import semmle.code.cpp.controlflow.Guards +import semmle.code.cpp.dataflow.new.DataFlow +import semmle.code.cpp.dataflow.new.TaintTracking +import semmle.code.cpp.controlflow.Dominance + +module InvalidInfinityUsage implements DataFlow::ConfigSig { + /** + * An operation which does not have Infinity as an input, but may produce Infinity, according + * to the `RestrictedRangeAnalysis` module. + */ + predicate isSource(DataFlow::Node node) { + potentialSource(node) and + not exists(DataFlow::Node prior | + isAdditionalFlowStep(prior, node) and + potentialSource(prior) + ) + } + + /** + * An operation which may produce Infinity acconding to the `RestrictedRangeAnalysis` module. + */ + additional predicate potentialSource(DataFlow::Node node) { + node.asExpr() instanceof Operation and + exprMayEqualInfinity(node.asExpr(), _) + } + + /** + * An additional flow step to handle operations which propagate Infinity. + * + * This double checks that an Infinity may propagate by checking the `RestrictedRangeAnalysis` + * value estimate. This is conservative, since `RestrictedRangeAnalysis` is performed locally + * in scope with unanalyzable values in a finite range. However, this conservative approach + * leverages analysis of guards and other local conditions to avoid false positives. + */ + predicate isAdditionalFlowStep(DataFlow::Node source, DataFlow::Node sink) { + exists(Operation o | + o.getAnOperand() = source.asExpr() and + o = sink.asExpr() and + potentialSource(sink) + ) + } + + predicate isSink(DataFlow::Node node) { + ( + // Require that range analysis finds this value potentially infinite, to avoid false positives + // in the presence of guards. This may induce false negatives. + exprMayEqualInfinity(node.asExpr(), _) or + // Unanalyzable expressions are not checked against range analysis, which assumes a finite + // range. + not RestrictedRangeAnalysis::analyzableExpr(node.asExpr()) + ) and + ( + // Case 2: NaNs and infinities shall not be cast to integers + exists(Conversion c | + node.asExpr() = c.getUnconverted() and + c.getExpr().getType() instanceof FloatingPointType and + c.getType() instanceof IntegralType + ) + or + // Case 3: Infinities shall not underflow or otherwise produce finite values + exists(BinaryOperation op | + node.asExpr() = op.getRightOperand() and + op.getOperator() = ["/", "%"] + ) + ) + } +} + +module InvalidInfinityFlow = DataFlow::Global; + +import InvalidInfinityFlow::PathGraph + +from + Element elem, InvalidInfinityFlow::PathNode source, InvalidInfinityFlow::PathNode sink, + string msg, string sourceString +where + elem = MacroUnwrapper::unwrapElement(sink.getNode().asExpr()) and + not isExcluded(elem, FloatingTypes2Package::possibleMisuseOfUndetectedInfinityQuery()) and + ( + InvalidInfinityFlow::flow(source.getNode(), sink.getNode()) and + msg = "Invalid usage of possible $@." and + sourceString = "infinity" + ) +select elem, source, sink, msg, source, sourceString diff --git a/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql b/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql new file mode 100644 index 0000000000..6962a1c36d --- /dev/null +++ b/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql @@ -0,0 +1,157 @@ +/** + * @id c/misra/possible-misuse-of-undetected-na-n + * @name DIR-4-15: Evaluation of floating-point expressions shall not lead to the undetected generation of NaNs + * @description Evaluation of floating-point expressions shall not lead to the undetected generation + * of NaNs. + * @kind path-problem + * @precision high + * @problem.severity error + * @tags external/misra/id/dir-4-15 + * correctness + * external/misra/c/2012/amendment3 + * external/misra/obligation/required + */ + +import cpp +import codeql.util.Boolean +import codingstandards.c.misra +import codingstandards.cpp.RestrictedRangeAnalysis +import codingstandards.cpp.FloatingPoint +import codingstandards.cpp.AlertReporting +import semmle.code.cpp.controlflow.Guards +import semmle.code.cpp.dataflow.new.DataFlow +import semmle.code.cpp.dataflow.new.TaintTracking +import semmle.code.cpp.controlflow.Dominance + +// IEEE 754-1985 Section 7.1 invalid operations +class InvalidOperationExpr extends BinaryOperation { + string reason; + + InvalidOperationExpr() { + // Usual arithmetic conversions in both languages mean that if either operand is a floating + // type, the other one is converted to a floating type as well. + getAnOperand().getFullyConverted().getType() instanceof FloatingPointType and + ( + // 7.1.1 propagates signaling NaNs, we rely on flow analysis and/or assume quiet NaNs, so we + // intentionally do not cover this case. + // 7.1.2: magnitude subtraction of infinities, such as +Inf + -Inf + getOperator() = "+" and + exists(Boolean sign | + exprMayEqualInfinity(getLeftOperand(), sign) and + exprMayEqualInfinity(getRightOperand(), sign.booleanNot()) + ) and + reason = "possible addition of infinity and negative infinity" + or + // 7.1.2 continued + getOperator() = "-" and + exists(Boolean sign | + exprMayEqualInfinity(getLeftOperand(), sign) and + exprMayEqualInfinity(getRightOperand(), sign) + ) and + reason = "possible subtraction of an infinity from itself" + or + // 7.1.3: multiplication of zero by infinity + getOperator() = "*" and + exprMayEqualZero(getAnOperand()) and + exprMayEqualInfinity(getAnOperand(), _) and + reason = "possible multiplication of zero by infinity" + or + // 7.1.4: Division of zero by zero, or infinity by infinity + getOperator() = "/" and + exprMayEqualZero(getLeftOperand()) and + exprMayEqualZero(getRightOperand()) and + reason = "possible division of zero by zero" + or + // 7.1.4 continued + getOperator() = "/" and + exprMayEqualInfinity(getLeftOperand(), _) and + exprMayEqualInfinity(getRightOperand(), _) and + reason = "possible division of infinity by infinity" + or + // 7.1.5: x % y where y is zero or x is infinite + getOperator() = "%" and + exprMayEqualInfinity(getLeftOperand(), _) and + reason = "possible modulus of infinity" + or + // 7.1.5 continued + getOperator() = "%" and + exprMayEqualZero(getRightOperand()) and + reason = "possible modulus by zero" + // 7.1.6 handles the sqrt function, not covered here. + // 7.1.7 declares exceptions during invalid conversions, which we catch as sinks in our flow + // analysis. + // 7.1.8 declares exceptions for unordered comparisons, which we catch as sinks in our flow + // analysis. + ) + } + + string getReason() { result = reason } +} + +module InvalidNaNUsage implements DataFlow::ConfigSig { + + /** + * An expression which has non-NaN inputs and may produce a NaN output. + */ + predicate isSource(DataFlow::Node node) { + potentialSource(node) and + not exists(DataFlow::Node prior | + isAdditionalFlowStep(prior, node) and + potentialSource(prior) + ) + } + + /** + * An expression which may produce a NaN output. + */ + additional predicate potentialSource(DataFlow::Node node) { + node.asExpr() instanceof InvalidOperationExpr + } + + /** + * Add an additional flow step to handle NaN propagation through floating point operations. + */ + predicate isAdditionalFlowStep(DataFlow::Node source, DataFlow::Node sink) { + exists(Operation o | + o.getAnOperand() = source.asExpr() and + o = sink.asExpr() and + o.getType() instanceof FloatingPointType + ) + } + + predicate isSink(DataFlow::Node node) { + // Case 1: NaNs shall not be compared, except to themselves + exists(ComparisonOperation cmp | + node.asExpr() = cmp.getAnOperand() and + not hashCons(cmp.getLeftOperand()) = hashCons(cmp.getRightOperand()) + ) + or + // Case 2: NaNs and infinities shall not be cast to integers + exists(Conversion c | + node.asExpr() = c.getUnconverted() and + c.getExpr().getType() instanceof FloatingPointType and + c.getType() instanceof IntegralType + ) + //or + //// Case 4: Functions shall not return NaNs or infinities + //exists(ReturnStmt ret | node.asExpr() = ret.getExpr()) + } +} + +module InvalidNaNFlow = DataFlow::Global; + +import InvalidNaNFlow::PathGraph + +from + Element elem, InvalidNaNFlow::PathNode source, InvalidNaNFlow::PathNode sink, string msg, + string sourceString +where + elem = MacroUnwrapper::unwrapElement(sink.getNode().asExpr()) and + not isExcluded(elem, FloatingTypes2Package::possibleMisuseOfUndetectedNaNQuery()) and + ( + InvalidNaNFlow::flow(source.getNode(), sink.getNode()) and + msg = "Invalid usage of possible $@." and + sourceString = + "NaN resulting from " + source.getNode().asExpr().(InvalidOperationExpr).getReason() + ) +select elem, source, sink, msg, source, sourceString diff --git a/c/misra/src/rules/DIR-4-15/PossibleUndetectedNaNorInfinity.ql b/c/misra/src/rules/DIR-4-15/PossibleUndetectedNaNorInfinity.ql new file mode 100644 index 0000000000..94888a95e6 --- /dev/null +++ b/c/misra/src/rules/DIR-4-15/PossibleUndetectedNaNorInfinity.ql @@ -0,0 +1,223 @@ +/** + * @id c/misra/possible-undetected-na-nor-infinity + * @name DIR-4-15: Evaluation of floating-point expressions shall not lead to the undetected generation of infinities + * @description Evaluation of floating-point expressions shall not lead to the undetected generation + * of infinities and NaNs. + * @kind path-problem + * @precision high + * @problem.severity error + * @tags external/misra/id/dir-4-15 + * correctness + * external/misra/c/2012/amendment3 + * external/misra/obligation/required + */ + +import cpp +import codeql.util.Boolean +import codingstandards.c.misra +import codingstandards.cpp.RestrictedRangeAnalysis +import codingstandards.cpp.FloatingPoint +import codingstandards.cpp.AlertReporting +import semmle.code.cpp.controlflow.Guards +import semmle.code.cpp.dataflow.new.DataFlow +import semmle.code.cpp.dataflow.new.TaintTracking +import semmle.code.cpp.controlflow.Dominance + +class CantHandleInfinityFunction extends Function { + CantHandleInfinityFunction() { not hasDefinition() and not getName() = "__fpclassifyl" } +} + +class InfinityCheckedExpr extends Expr { + InfinityCheckedExpr() { + exists(MacroInvocation mi | + mi.getMacroName() = ["isfinite", "isinf"] and + mi.getExpr() = this + ) + } + + Expr getCheckedExpr() { + result = + this.(ConditionalExpr) + .getThen() + .(LTExpr) + .getLesserOperand() + .(BitwiseAndExpr) + .getLeftOperand() + .(FunctionCall) + .getArgument(0) + } +} + +/* +signature module ResourceLeakConfigSig { + predicate isResource(DataFlow::Node node); + + predicate isFree(DataFlow::Node node, DataFlow::Node resource); + + default ControlFlowNode outOfScope(DataFlow::Node resource) { + result = resource.asExpr().getEnclosingFunction().getBlock().getLastStmt() + } + + default predicate isAlias(DataFlow::Node alias, DataFlow::Node resource) { + isResource(resource) and + DataFlow::localFlow(resource, alias) + } +} + +module ResourceLeak { + predicate isLeaked(DataFlow::Node resource, ControlFlowNode cfgNode) { + resource.asExpr() = cfgNode + or + isLeaked(resource, cfgNode.getAPredecessor()) and + not exists(DataFlow::Node free, DataFlow::Node freed | + free.asExpr() = cfgNode and + Config::isFree(free, freed) and + Config::isAlias(freed, resource) + ) + } + + private ControlFlowNode getARawLeak(DataFlow::Node resource) { + Config::isResource(resource) and + result = Config::outOfScope(resource) and + isLeaked(resource, result) + } + + ControlFlowNode getALeak(DataFlow::Node resource) { + result = getARawLeak(resource) and + not exists(DataFlow::Node dealiased | + Config::isResource(dealiased) and + Config::isAlias(resource, dealiased) and + not resource = dealiased and + result = getARawLeak(dealiased) + ) and + not exists(ControlFlowNode dominator | + dominator = getARawLeak(resource) and + strictlyDominates(dominator, result) + ) + } +} + +module MissedInfinityConfig implements ResourceLeakConfigSig { + predicate isResource(DataFlow::Node node) { + //exists(BinaryOperation expr | + // expr = node.asExpr() and + // expr.getOperator() = "/" and + // RestrictedRangeAnalysis::upperBound(expr.getRightOperand()) <= 0 and + // RestrictedRangeAnalysis::lowerBound(expr.getRightOperand()) >= 0 + //) + [ + RestrictedRangeAnalysis::upperBound(node.asExpr()), + RestrictedRangeAnalysis::lowerBound(node.asExpr()) + ].toString() = "Infinity" + //and not node.asExpr() instanceof VariableAccess + //and not node.asExpr() instanceof ArrayExpr + } + + predicate test(Expr expr, string lowerBound, string upperBound) { + //expr.getType() instanceof FloatingPointType + //and + lowerBound = RestrictedRangeAnalysis::lowerBound(expr).toString() and + upperBound = RestrictedRangeAnalysis::upperBound(expr).toString() and + [lowerBound, upperBound] = "Infinity" + } + + additional predicate testDiv( + DivExpr div, string lbDiv, string ubDiv, string lbNum, string ubNum, string lbDenom, + string ubDenom + ) { + lbDiv = RestrictedRangeAnalysis::lowerBound(div).toString() and + ubDiv = RestrictedRangeAnalysis::upperBound(div).toString() and + lbNum = RestrictedRangeAnalysis::lowerBound(div.getLeftOperand()).toString() and + ubNum = RestrictedRangeAnalysis::upperBound(div.getLeftOperand()).toString() and + lbDenom = RestrictedRangeAnalysis::lowerBound(div.getRightOperand()).toString() and + ubDenom = RestrictedRangeAnalysis::upperBound(div.getRightOperand()).toString() and + not lbDiv = ubDiv and + InvalidNaNUsage::isSource(DataFlow::exprNode(div)) + } + + predicate isFree(DataFlow::Node node, DataFlow::Node resource) { + isResource(resource) and + ( + node.asExpr().(InfinityCheckedExpr).getCheckedExpr() = resource.asExpr() + or + not [ + RestrictedRangeAnalysis::lowerBound(node.asExpr()), + RestrictedRangeAnalysis::upperBound(node.asExpr()) + ].toString() = "Infinity" and + isMove(node, resource) + ) + } + + predicate isMove(DataFlow::Node node, DataFlow::Node moved) { + isResource(moved) and + isAlias(node, moved) and + not exists(DataFlow::Node laterUse, ControlFlowNode later | + later = laterUse.asExpr() and + later = node.asExpr().getASuccessor+() and + hashCons(laterUse.asExpr()) = hashCons(moved.asExpr()) + ) + } + + ControlFlowNode outOfScope(DataFlow::Node resource) { + result = resource.asExpr().getEnclosingFunction().getBlock().getLastStmt() + or + exists(AssignExpr assign, DataFlow::Node alias | + assign.getRValue() = alias.asExpr() and + isAlias(alias, resource) and + not assign.getRValue().(VariableAccess).getTarget() instanceof StackVariable and + result = assign + ) + or + exists(FunctionCall fc | + fc.getArgument(_) = resource.asExpr() and + result = fc + ) + } + + predicate isAlias(DataFlow::Node alias, DataFlow::Node resource) { + TaintTracking::localTaint(resource, alias) + } +} + +import ResourceLeak as MissedInfinity +*/ + +//from Expr value, FunctionCall fc +//where +// not isExcluded(value, FloatingTypes2Package::possibleUndetectedNaNorInfinityQuery()) and +// [RestrictedRangeAnalysis::lowerBound(value), RestrictedRangeAnalysis::upperBound(value)].toString() = "Infinity" and +// value = fc.getAnArgument() and +// fc.getTarget() instanceof CantHandleInfinityFunction and +// not value instanceof InfinityCheckedExpr and +// not exists (GuardCondition g | +// g.controls(fc.getBasicBlock(), true) and +// g instanceof InfinityCheckedExpr +// // TODO check we check the right expr +// ) +//select +// value, "possible use of unchecked infinity as arg to " + fc.getTarget().getName() +//from DataFlow::Node node, ControlFlowNode leakPoint +//where +// not isExcluded(node.asExpr(), FloatingTypes2Package::possibleUndetectedNaNorInfinityQuery()) and +// leakPoint = MissedInfinity::getALeak(node) +// select node, "Expression generates an infinity which is not checked before $@.", leakPoint, "external leak point" + + +//import InvalidNaNFlow::PathGraph +//from Element elem, DataFlow::Node source, DataFlow::Node sink, string msg, string sourceString +from + Element elem, InvalidInfinityFlow::PathNode source, InvalidInfinityFlow::PathNode sink, + string msg, string sourceString +where + elem = MacroUnwrapper::unwrapElement(sink.getNode().asExpr()) and + not isExcluded(elem, FloatingTypes2Package::possibleUndetectedNaNorInfinityQuery()) and + ( + InvalidInfinityFlow::flow(source.getNode(), sink.getNode()) and + msg = "Invalid usage of possible $@." and + sourceString = "infinity" + //or + //InvalidNaNFlow::flow(source, sink) and + //msg = "Invalid usage of possible $@." and + //sourceString = "NaN resulting from " + source.asExpr().(InvalidOperationExpr).getReason() + ) +select elem, source, sink, msg, source, sourceString diff --git a/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.expected b/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.expected new file mode 100644 index 0000000000..78f4c6baec --- /dev/null +++ b/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.expected @@ -0,0 +1,48 @@ +edges +| test.c:8:14:8:20 | ... / ... | test.c:8:14:8:20 | ... / ... | provenance | | +| test.c:8:14:8:20 | ... / ... | test.c:12:8:12:9 | l2 | provenance | | +| test.c:8:14:8:20 | ... / ... | test.c:18:3:18:9 | l2 | provenance | | +| test.c:8:14:8:20 | ... / ... | test.c:27:19:27:20 | l2 | provenance | | +| test.c:9:14:9:16 | - ... | test.c:9:14:9:16 | - ... | provenance | | +| test.c:9:14:9:16 | - ... | test.c:13:8:13:9 | l3 | provenance | | +| test.c:9:14:9:16 | - ... | test.c:19:3:19:9 | l3 | provenance | | +| test.c:9:14:9:16 | - ... | test.c:28:19:28:20 | l3 | provenance | | +| test.c:31:14:32:15 | ... / ... | test.c:31:14:32:15 | ... / ... | provenance | | +| test.c:31:14:32:15 | ... / ... | test.c:38:3:38:9 | l7 | provenance | | +| test.c:33:14:33:22 | ... / ... | test.c:33:14:33:22 | ... / ... | provenance | | +| test.c:33:14:33:22 | ... / ... | test.c:39:3:39:9 | l8 | provenance | | +nodes +| test.c:8:14:8:20 | ... / ... | semmle.label | ... / ... | +| test.c:8:14:8:20 | ... / ... | semmle.label | ... / ... | +| test.c:9:14:9:16 | - ... | semmle.label | - ... | +| test.c:9:14:9:16 | - ... | semmle.label | - ... | +| test.c:12:8:12:9 | l2 | semmle.label | l2 | +| test.c:13:8:13:9 | l3 | semmle.label | l3 | +| test.c:18:3:18:9 | l2 | semmle.label | l2 | +| test.c:19:3:19:9 | l3 | semmle.label | l3 | +| test.c:27:19:27:20 | l2 | semmle.label | l2 | +| test.c:28:19:28:20 | l3 | semmle.label | l3 | +| test.c:31:14:32:15 | ... / ... | semmle.label | ... / ... | +| test.c:31:14:32:15 | ... / ... | semmle.label | ... / ... | +| test.c:33:14:33:22 | ... / ... | semmle.label | ... / ... | +| test.c:33:14:33:22 | ... / ... | semmle.label | ... / ... | +| test.c:38:3:38:9 | l7 | semmle.label | l7 | +| test.c:39:3:39:9 | l8 | semmle.label | l8 | +| test.c:61:5:61:19 | ... / ... | semmle.label | ... / ... | +| test.c:66:5:66:21 | ... / ... | semmle.label | ... / ... | +| test.c:72:14:72:30 | ... / ... | semmle.label | ... / ... | +| test.c:75:18:75:34 | ... / ... | semmle.label | ... / ... | +subpaths +#select +| test.c:12:8:12:9 | l2 | test.c:8:14:8:20 | ... / ... | test.c:12:8:12:9 | l2 | Invalid usage of possible $@. | test.c:8:14:8:20 | ... / ... | infinity | +| test.c:13:8:13:9 | l3 | test.c:9:14:9:16 | - ... | test.c:13:8:13:9 | l3 | Invalid usage of possible $@. | test.c:9:14:9:16 | - ... | infinity | +| test.c:18:8:18:9 | l2 | test.c:8:14:8:20 | ... / ... | test.c:18:3:18:9 | l2 | Invalid usage of possible $@. | test.c:8:14:8:20 | ... / ... | infinity | +| test.c:19:8:19:9 | l3 | test.c:9:14:9:16 | - ... | test.c:19:3:19:9 | l3 | Invalid usage of possible $@. | test.c:9:14:9:16 | - ... | infinity | +| test.c:27:19:27:20 | l2 | test.c:8:14:8:20 | ... / ... | test.c:27:19:27:20 | l2 | Invalid usage of possible $@. | test.c:8:14:8:20 | ... / ... | infinity | +| test.c:28:19:28:20 | l3 | test.c:9:14:9:16 | - ... | test.c:28:19:28:20 | l3 | Invalid usage of possible $@. | test.c:9:14:9:16 | - ... | infinity | +| test.c:38:8:38:9 | l7 | test.c:31:14:32:15 | ... / ... | test.c:38:3:38:9 | l7 | Invalid usage of possible $@. | test.c:31:14:32:15 | ... / ... | infinity | +| test.c:39:8:39:9 | l8 | test.c:33:14:33:22 | ... / ... | test.c:39:3:39:9 | l8 | Invalid usage of possible $@. | test.c:33:14:33:22 | ... / ... | infinity | +| test.c:61:12:61:18 | ... / ... | test.c:61:5:61:19 | ... / ... | test.c:61:5:61:19 | ... / ... | Invalid usage of possible $@. | test.c:61:5:61:19 | ... / ... | infinity | +| test.c:66:12:66:20 | ... / ... | test.c:66:5:66:21 | ... / ... | test.c:66:5:66:21 | ... / ... | Invalid usage of possible $@. | test.c:66:5:66:21 | ... / ... | infinity | +| test.c:72:21:72:29 | ... / ... | test.c:72:14:72:30 | ... / ... | test.c:72:14:72:30 | ... / ... | Invalid usage of possible $@. | test.c:72:14:72:30 | ... / ... | infinity | +| test.c:75:25:75:33 | ... / ... | test.c:75:18:75:34 | ... / ... | test.c:75:18:75:34 | ... / ... | Invalid usage of possible $@. | test.c:75:18:75:34 | ... / ... | infinity | diff --git a/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.qlref b/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.qlref new file mode 100644 index 0000000000..dccac37c5f --- /dev/null +++ b/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.qlref @@ -0,0 +1 @@ +rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.ql \ No newline at end of file diff --git a/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.expected b/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.expected new file mode 100644 index 0000000000..f317f236ef --- /dev/null +++ b/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.expected @@ -0,0 +1,63 @@ +edges +| test.c:27:14:27:20 | ... / ... | test.c:27:14:27:20 | ... / ... | provenance | | +| test.c:27:14:27:20 | ... / ... | test.c:36:3:36:9 | l5 | provenance | | +| test.c:27:14:27:20 | ... / ... | test.c:46:3:46:4 | l5 | provenance | | +| test.c:27:14:27:20 | ... / ... | test.c:47:3:47:4 | l5 | provenance | | +| test.c:27:14:27:20 | ... / ... | test.c:48:3:48:4 | l5 | provenance | | +| test.c:27:14:27:20 | ... / ... | test.c:49:3:49:4 | l5 | provenance | | +| test.c:27:14:27:20 | ... / ... | test.c:50:3:50:4 | l5 | provenance | | +| test.c:27:14:27:20 | ... / ... | test.c:51:3:51:4 | l5 | provenance | | +| test.c:28:14:28:20 | ... / ... | test.c:28:14:28:20 | ... / ... | provenance | | +| test.c:28:14:28:20 | ... / ... | test.c:37:3:37:9 | l6 | provenance | | +| test.c:28:14:28:20 | ... / ... | test.c:52:3:52:4 | l6 | provenance | | +| test.c:31:14:32:15 | ... / ... | test.c:31:14:32:15 | ... / ... | provenance | | +| test.c:31:14:32:15 | ... / ... | test.c:38:3:38:9 | l7 | provenance | | +| test.c:31:14:32:15 | ... / ... | test.c:53:3:53:4 | l7 | provenance | | +| test.c:33:14:33:22 | ... / ... | test.c:33:14:33:22 | ... / ... | provenance | | +| test.c:33:14:33:22 | ... / ... | test.c:39:3:39:9 | l8 | provenance | | +| test.c:33:14:33:22 | ... / ... | test.c:54:3:54:4 | l8 | provenance | | +nodes +| test.c:27:14:27:20 | ... / ... | semmle.label | ... / ... | +| test.c:27:14:27:20 | ... / ... | semmle.label | ... / ... | +| test.c:28:14:28:20 | ... / ... | semmle.label | ... / ... | +| test.c:28:14:28:20 | ... / ... | semmle.label | ... / ... | +| test.c:31:14:32:15 | ... / ... | semmle.label | ... / ... | +| test.c:31:14:32:15 | ... / ... | semmle.label | ... / ... | +| test.c:33:14:33:22 | ... / ... | semmle.label | ... / ... | +| test.c:33:14:33:22 | ... / ... | semmle.label | ... / ... | +| test.c:36:3:36:9 | l5 | semmle.label | l5 | +| test.c:37:3:37:9 | l6 | semmle.label | l6 | +| test.c:38:3:38:9 | l7 | semmle.label | l7 | +| test.c:39:3:39:9 | l8 | semmle.label | l8 | +| test.c:46:3:46:4 | l5 | semmle.label | l5 | +| test.c:47:3:47:4 | l5 | semmle.label | l5 | +| test.c:48:3:48:4 | l5 | semmle.label | l5 | +| test.c:49:3:49:4 | l5 | semmle.label | l5 | +| test.c:50:3:50:4 | l5 | semmle.label | l5 | +| test.c:51:3:51:4 | l5 | semmle.label | l5 | +| test.c:52:3:52:4 | l6 | semmle.label | l6 | +| test.c:53:3:53:4 | l7 | semmle.label | l7 | +| test.c:54:3:54:4 | l8 | semmle.label | l8 | +| test.c:61:5:61:19 | ... / ... | semmle.label | ... / ... | +| test.c:66:5:66:21 | ... / ... | semmle.label | ... / ... | +| test.c:72:14:72:30 | ... / ... | semmle.label | ... / ... | +| test.c:75:18:75:34 | ... / ... | semmle.label | ... / ... | +subpaths +#select +| test.c:36:8:36:9 | l5 | test.c:27:14:27:20 | ... / ... | test.c:36:3:36:9 | l5 | Invalid usage of possible $@. | test.c:27:14:27:20 | ... / ... | NaN resulting from possible division of infinity by infinity | +| test.c:37:8:37:9 | l6 | test.c:28:14:28:20 | ... / ... | test.c:37:3:37:9 | l6 | Invalid usage of possible $@. | test.c:28:14:28:20 | ... / ... | NaN resulting from possible division of infinity by infinity | +| test.c:38:8:38:9 | l7 | test.c:31:14:32:15 | ... / ... | test.c:38:3:38:9 | l7 | Invalid usage of possible $@. | test.c:31:14:32:15 | ... / ... | NaN resulting from possible division of zero by zero | +| test.c:39:8:39:9 | l8 | test.c:33:14:33:22 | ... / ... | test.c:39:3:39:9 | l8 | Invalid usage of possible $@. | test.c:33:14:33:22 | ... / ... | NaN resulting from possible division of zero by zero | +| test.c:46:3:46:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:46:3:46:4 | l5 | Invalid usage of possible $@. | test.c:27:14:27:20 | ... / ... | NaN resulting from possible division of infinity by infinity | +| test.c:47:3:47:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:47:3:47:4 | l5 | Invalid usage of possible $@. | test.c:27:14:27:20 | ... / ... | NaN resulting from possible division of infinity by infinity | +| test.c:48:3:48:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:48:3:48:4 | l5 | Invalid usage of possible $@. | test.c:27:14:27:20 | ... / ... | NaN resulting from possible division of infinity by infinity | +| test.c:49:3:49:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:49:3:49:4 | l5 | Invalid usage of possible $@. | test.c:27:14:27:20 | ... / ... | NaN resulting from possible division of infinity by infinity | +| test.c:50:3:50:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:50:3:50:4 | l5 | Invalid usage of possible $@. | test.c:27:14:27:20 | ... / ... | NaN resulting from possible division of infinity by infinity | +| test.c:51:3:51:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:51:3:51:4 | l5 | Invalid usage of possible $@. | test.c:27:14:27:20 | ... / ... | NaN resulting from possible division of infinity by infinity | +| test.c:52:3:52:4 | l6 | test.c:28:14:28:20 | ... / ... | test.c:52:3:52:4 | l6 | Invalid usage of possible $@. | test.c:28:14:28:20 | ... / ... | NaN resulting from possible division of infinity by infinity | +| test.c:53:3:53:4 | l7 | test.c:31:14:32:15 | ... / ... | test.c:53:3:53:4 | l7 | Invalid usage of possible $@. | test.c:31:14:32:15 | ... / ... | NaN resulting from possible division of zero by zero | +| test.c:54:3:54:4 | l8 | test.c:33:14:33:22 | ... / ... | test.c:54:3:54:4 | l8 | Invalid usage of possible $@. | test.c:33:14:33:22 | ... / ... | NaN resulting from possible division of zero by zero | +| test.c:61:12:61:18 | ... / ... | test.c:61:5:61:19 | ... / ... | test.c:61:5:61:19 | ... / ... | Invalid usage of possible $@. | test.c:61:5:61:19 | ... / ... | NaN resulting from possible division of zero by zero | +| test.c:66:12:66:20 | ... / ... | test.c:66:5:66:21 | ... / ... | test.c:66:5:66:21 | ... / ... | Invalid usage of possible $@. | test.c:66:5:66:21 | ... / ... | NaN resulting from possible division of zero by zero | +| test.c:72:21:72:29 | ... / ... | test.c:72:14:72:30 | ... / ... | test.c:72:14:72:30 | ... / ... | Invalid usage of possible $@. | test.c:72:14:72:30 | ... / ... | NaN resulting from possible division of zero by zero | +| test.c:75:25:75:33 | ... / ... | test.c:75:18:75:34 | ... / ... | test.c:75:18:75:34 | ... / ... | Invalid usage of possible $@. | test.c:75:18:75:34 | ... / ... | NaN resulting from possible division of zero by zero | diff --git a/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.qlref b/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.qlref new file mode 100644 index 0000000000..d88c172bd5 --- /dev/null +++ b/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.qlref @@ -0,0 +1 @@ +rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql \ No newline at end of file diff --git a/c/misra/test/rules/DIR-4-15/PossibleUndetectedNaNorInfinity.expected b/c/misra/test/rules/DIR-4-15/PossibleUndetectedNaNorInfinity.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/DIR-4-15/PossibleUndetectedNaNorInfinity.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/DIR-4-15/PossibleUndetectedNaNorInfinity.qlref b/c/misra/test/rules/DIR-4-15/PossibleUndetectedNaNorInfinity.qlref new file mode 100644 index 0000000000..1ffb7ad071 --- /dev/null +++ b/c/misra/test/rules/DIR-4-15/PossibleUndetectedNaNorInfinity.qlref @@ -0,0 +1 @@ +rules/DIR-4-15/PossibleUndetectedNaNorInfinity.ql \ No newline at end of file diff --git a/c/misra/test/rules/DIR-4-15/test.c b/c/misra/test/rules/DIR-4-15/test.c new file mode 100644 index 0000000000..d634a6e594 --- /dev/null +++ b/c/misra/test/rules/DIR-4-15/test.c @@ -0,0 +1,76 @@ +#include "math.h" + +float getFloat() { return 1.0; } + +// Parameter could be infinity +void f1(float p1) { + float l1 = 1; + float l2 = 1.0 / 0; + float l3 = -l2; + + 10 / l1; // COMPLIANT + 10 / l2; // NON_COMPLIANT: Underflows to zero + 10 / l3; // NON_COMPLIANT: Underflow to negative zero + 10 / p1; // COMPLIANT: Reduce false positives by assuming not infinity + 10 / getFloat(); // COMPLIANT: Reduce false positives by assuming not infinity + + (int)l1; // COMPLIANT + (int)l2; // NON_COMPLIANT + (int)l3; // NON_COMPLIANT + (int)p1; // COMPLIANT: Reduce false positives by assuming not infinity + (int)getFloat(); // COMPLIANT: Reduce false positives by assuming not infinity + + // Not NaN: + float l4 = l1 / l1; // COMPLIANT + + // NaN because of infinity divided by itself: + float l5 = l2 / l2; // NON_COMPLIANT: Division by infinity not allowed. + float l6 = l3 / l3; // NON_COMPLIANT: Division by infinity not allowed. + + // NaN because of zero divided by itself: + float l7 = getFloat() / + p1; // COMPLIANT: Reduce false positives by assuming not infinity + float l8 = 0.0 / 0.0; + + (int)l4; // COMPLIANT + (int)l5; // NON_COMPLIANT: Casting NaN to int + (int)l6; // NON_COMPLIANT: Casting NaN to int + (int)l7; // NON_COMPLIANT: Casting NaN to int + (int)l8; // NON_COMPLIANT: Casting NaN to int + + l4 == 0; // COMPLIANT + l4 != 0; // COMPLIANT + l4 <= 0; // COMPLIANT + l4 < 0; // COMPLIANT + l4 >= 0; // COMPLIANT + l5 == 0; // NON_COMPLIANT: Comparison with NaN always false + l5 != 0; // NON_COMPLIANT: Comparison with NaN always false + l5 < 0; // NON_COMPLIANT: Comparison with NaN always false + l5 <= 0; // NON_COMPLIANT: Comparison with NaN always false + l5 > 0; // NON_COMPLIANT: Comparison with NaN always false + l5 >= 0; // NON_COMPLIANT: Comparison with NaN always false + l6 == 0; // NON_COMPLIANT: Comparison with NaN always false + l7 == 0; // NON_COMPLIANT: Comparison with NaN always false + l8 == 0; // NON_COMPLIANT: Comparison with NaN always false + + // Guards + float l9 = 0; + if (l9 != 0) { + (int) (l9 / l9); // COMPLIANT: l9 is not zero + } else { + (int) (l9 / l9); // NON_COMPLIANT: Casting NaN to integer + } + + float l10 = 0; + if (l10 == 0) { + (int) (l10 / l10); // NON_COMPLIANT: Casting NaN to integer + } else { + (int) (l10 / l10); // COMPLIANT: l10 is not zero + } + + float l11 = 0; + l11 == 0 ? (int) (l11 / l11) : 0; // NON_COMPLIANT + l11 == 0 ? 0 : (int) (l11 / l11); // COMPLIANT + l11 != 0 ? (int) (l11 / l11) : 0; // COMPLIANT + l11 != 0 ? 0 : (int) (l11 / l11); // NON_COMPLIANT +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/FloatingPoint.qll b/cpp/common/src/codingstandards/cpp/FloatingPoint.qll new file mode 100644 index 0000000000..d143f81418 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/FloatingPoint.qll @@ -0,0 +1,61 @@ +import codeql.util.Boolean +import codingstandards.cpp.RestrictedRangeAnalysis + +predicate exprMayEqualZero(Expr e) { + RestrictedRangeAnalysis::upperBound(e) >= 0 and + RestrictedRangeAnalysis::lowerBound(e) <= 0 and + not guardedNotEqualZero(e) +} + +predicate guardedNotEqualZero(Expr e) { + /* Note Boolean cmpEq, false means cmpNeq */ + exists(Expr checked, GuardCondition guard, boolean cmpEq, BooleanValue value | + hashCons(checked) = hashCons(e) and + guard.controls(e.getBasicBlock(), cmpEq) and + value.getValue() = cmpEq and + guard.comparesEq(checked, 0, false, value) + ) + or + exists(Expr checked, Expr val, int valVal, GuardCondition guard, boolean cmpEq | + hashCons(checked) = hashCons(e) and + forex(float v | + v = [RestrictedRangeAnalysis::lowerBound(val), RestrictedRangeAnalysis::upperBound(val)] + | + valVal = v + ) and + guard.controls(e.getBasicBlock(), cmpEq) and + guard.comparesEq(checked, val, -valVal, false, cmpEq) + ) +} + +predicate guardedNotInfinite(Expr e) { + /* Note Boolean cmpEq, false means cmpNeq */ + exists(Expr c, GuardCondition guard, boolean cmpEq | + hashCons(c) = hashCons(e) and + guard.controls(e, cmpEq) and + guard.comparesEq(c, 0, cmpEq.booleanNot(), _) + ) +} + +predicate test(Expr e, Expr v, int k, boolean areEqual, Boolean value, Expr gce, BasicBlock bb) { + exists(GuardCondition gc | gce = gc | + gc.controls(bb, _) and + gc.comparesEq(e, v, k, areEqual, value) and + ( + //gc.getAChild+().toString().matches("%dfYRes%") or + e.getAChild*().toString().matches("%dfPseudoPanchro%") or + v.getAChild*().toString().matches("%dfPseudoPanchro%") + ) + ) +} + +predicate exprMayEqualInfinity(Expr e, Boolean positive) { + exists(float target | + positive = true and target = 1.0 / 0.0 + or + positive = false and target = -1.0 / 0.0 + | + RestrictedRangeAnalysis::upperBound(e.getUnconverted()) = target or + RestrictedRangeAnalysis::lowerBound(e.getUnconverted()) = target + ) +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/RestrictedRangeAnalysis.qll b/cpp/common/src/codingstandards/cpp/RestrictedRangeAnalysis.qll new file mode 100644 index 0000000000..79ae2f367a --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/RestrictedRangeAnalysis.qll @@ -0,0 +1,1903 @@ +import semmle.code.cpp.controlflow.Guards +import semmle.code.cpp.valuenumbering.HashCons +/** + * A fork of SimpleRangeAnalysis.qll, which is intended to only give + * results with a conservative basis. + * + * For instance, since range analysis is local, a function call (e.g. + * `f()`) is given the widest possible range in the original library. In + * this fork, we do not provide any result. + * + * Original library level doc comment from SimpleRangeAnalysis.qll: + * + * Simple range analysis library. Range analysis is usually done as an + * abstract interpretation over the lattice of range values. (A range is a + * pair, containing a lower and upper bound for the value.) The problem + * with this approach is that the lattice is very tall, which means it can + * take an extremely large number of iterations to find the least fixed + * point. This example illustrates the problem: + * + * int count = 0; + * for (; p; p = p->next) { + * count = count+1; + * } + * + * The range of 'count' is initially (0,0), then (0,1) on the second + * iteration, (0,2) on the third iteration, and so on until we eventually + * reach maxInt. + * + * This library uses a crude solution to the problem described above: if + * the upper (or lower) bound of an expression might depend recursively on + * itself then we round it up (down for lower bounds) to one of a fixed set + * of values, such as 0, 1, 2, 256, and +Inf. This limits the height of the + * lattice which ensures that the analysis will terminate in a reasonable + * amount of time. This solution is similar to the abstract interpretation + * technique known as 'widening', but it is less precise because we are + * unable to inspect the bounds from the previous iteration of the fixed + * point computation. For example, widening might be able to deduce that + * the lower bound is -11 but we would approximate it to -16. + * + * QL does not allow us to compute an aggregate over a recursive + * sub-expression, so we cannot compute the minimum lower bound and maximum + * upper bound during the recursive phase of the query. Instead, the + * recursive phase computes a set of lower bounds and a set of upper bounds + * for each expression. We compute the minimum lower bound and maximum + * upper bound after the recursion is finished. This is another reason why + * we need to limit the number of bounds per expression, because they will + * all be stored until the recursive phase is finished. + * + * The ranges are represented using a pair of floating point numbers. This + * is simpler than using integers because floating point numbers cannot + * overflow and wrap. It is also convenient because we can detect overflow + * and negative overflow by looking for bounds that are outside the range + * of the type. + */ +module RestrictedRangeAnalysis { + import cpp + private import semmle.code.cpp.rangeanalysis.RangeAnalysisUtils as Util + import semmle.code.cpp.rangeanalysis.RangeSSA + import SimpleRangeAnalysisCached + private import semmle.code.cpp.rangeanalysis.NanAnalysis + + float largeValue() { result = 1000000000000000.0 } + + /** + * This fixed set of lower bounds is used when the lower bounds of an + * expression are recursively defined. The inferred lower bound is rounded + * down to the nearest lower bound in the fixed set. This restricts the + * height of the lattice, which prevents the analysis from exploding. + * + * Note: these bounds were chosen fairly arbitrarily. Feel free to add more + * bounds to the set if it helps on specific examples and does not make + * performance dramatically worse on large codebases, such as libreoffice. + */ + private float wideningLowerBounds(ArithmeticType t) { + result = 2.0 or + result = 1.0 or + result = 0.0 or + result = -1.0 or + result = -2.0 or + result = -8.0 or + result = -16.0 or + result = -128.0 or + result = -256.0 or + result = -32768.0 or + result = -65536.0 or + result = max(float v | v = Util::typeLowerBound(t) or v = -largeValue()) + } + + /** See comment for `wideningLowerBounds`, above. */ + private float wideningUpperBounds(ArithmeticType t) { + result = -2.0 or + result = -1.0 or + result = 0.0 or + result = 1.0 or + result = 2.0 or + result = 7.0 or + result = 15.0 or + result = 127.0 or + result = 255.0 or + result = 32767.0 or + result = 65535.0 or + result = min(float v | v = Util::typeLowerBound(t) or v = largeValue()) + } + + /** + * Gets the value of the expression `e`, if it is a constant. + * This predicate also handles the case of constant variables initialized in different + * compilation units, which doesn't necessarily have a getValue() result from the extractor. + */ + private string getValue(Expr e) { + if exists(e.getValue()) + then result = e.getValue() + else + /* + * It should be safe to propagate the initialization value to a variable if: + * The type of v is const, and + * The type of v is not volatile, and + * Either: + * v is a local/global variable, or + * v is a static member variable + */ + + exists(VariableAccess access, StaticStorageDurationVariable v | + not v.getUnderlyingType().isVolatile() and + v.getUnderlyingType().isConst() and + e = access and + v = access.getTarget() and + result = getValue(v.getAnAssignedValue()) + ) + } + + private float varMaxVal(Variable v) { + result = min(float f | f = Util::varMaxVal(v) or f = largeValue()) + } + + private float varMinVal(Variable v) { + result = max(float f | f = Util::varMinVal(v) or f = -largeValue()) + } + + private float exprMaxVal(Expr e) { + result = min(float f | f = Util::exprMaxVal(e) or f = largeValue()) + } + + private float exprMinVal(Expr e) { + result = max(float f | f = Util::exprMinVal(e) or f = -largeValue()) + } + + /** + * A bitwise `&` expression in which both operands are unsigned, or are effectively + * unsigned due to being a non-negative constant. + */ + private class UnsignedBitwiseAndExpr extends BitwiseAndExpr { + UnsignedBitwiseAndExpr() { + ( + this.getLeftOperand() + .getFullyConverted() + .getType() + .getUnderlyingType() + .(IntegralType) + .isUnsigned() or + getValue(this.getLeftOperand().getFullyConverted()).toInt() >= 0 + ) and + ( + this.getRightOperand() + .getFullyConverted() + .getType() + .getUnderlyingType() + .(IntegralType) + .isUnsigned() or + getValue(this.getRightOperand().getFullyConverted()).toInt() >= 0 + ) + } + } + + /** + * Gets the floor of `v`, with additional logic to work around issues with + * large numbers. + */ + bindingset[v] + float safeFloor(float v) { + // return the floor of v + v.abs() < 2.pow(31) and + result = v.floor() + or + // `floor()` doesn't work correctly on large numbers (since it returns an integer), + // so fall back to unrounded numbers at this scale. + not v.abs() < 2.pow(31) and + result = v + } + + /** A `MulExpr` where exactly one operand is constant. */ + private class MulByConstantExpr extends MulExpr { + float constant; + Expr operand; + + MulByConstantExpr() { + exists(Expr constantExpr | + this.hasOperands(constantExpr, operand) and + constant = getValue(constantExpr.getFullyConverted()).toFloat() and + not exists(getValue(operand.getFullyConverted()).toFloat()) + ) + } + + /** Gets the value of the constant operand. */ + float getConstant() { result = constant } + + /** Gets the non-constant operand. */ + Expr getOperand() { result = operand } + } + + private class UnsignedMulExpr extends MulExpr { + UnsignedMulExpr() { + this.getType().(IntegralType).isUnsigned() and + // Avoid overlap. It should be slightly cheaper to analyze + // `MulByConstantExpr`. + not this instanceof MulByConstantExpr + } + } + + /** + * Holds if `expr` is effectively a multiplication of `operand` with the + * positive constant `positive`. + */ + private predicate effectivelyMultipliesByPositive(Expr expr, Expr operand, float positive) { + operand = expr.(MulByConstantExpr).getOperand() and + positive = expr.(MulByConstantExpr).getConstant() and + positive >= 0.0 // includes positive zero + or + operand = expr.(UnaryPlusExpr).getOperand() and + positive = 1.0 + or + operand = expr.(CommaExpr).getRightOperand() and + positive = 1.0 + or + operand = expr.(StmtExpr).getResultExpr() and + positive = 1.0 + } + + /** + * Holds if `expr` is effectively a multiplication of `operand` with the + * negative constant `negative`. + */ + private predicate effectivelyMultipliesByNegative(Expr expr, Expr operand, float negative) { + operand = expr.(MulByConstantExpr).getOperand() and + negative = expr.(MulByConstantExpr).getConstant() and + negative < 0.0 // includes negative zero + or + operand = expr.(UnaryMinusExpr).getOperand() and + negative = -1.0 + } + + private class AssignMulByConstantExpr extends AssignMulExpr { + float constant; + + AssignMulByConstantExpr() { + constant = getValue(this.getRValue().getFullyConverted()).toFloat() + } + + float getConstant() { result = constant } + } + + private class AssignMulByPositiveConstantExpr extends AssignMulByConstantExpr { + AssignMulByPositiveConstantExpr() { constant >= 0.0 } + } + + private class AssignMulByNegativeConstantExpr extends AssignMulByConstantExpr { + AssignMulByNegativeConstantExpr() { constant < 0.0 } + } + + private class UnsignedAssignMulExpr extends AssignMulExpr { + UnsignedAssignMulExpr() { + this.getType().(IntegralType).isUnsigned() and + // Avoid overlap. It should be slightly cheaper to analyze + // `AssignMulByConstantExpr`. + not this instanceof AssignMulByConstantExpr + } + } + + /** + * Holds if `expr` is effectively a division of `operand` with the + * positive constant `positive`. + */ + private predicate dividesByPositive(DivExpr expr, Expr operand, float positive) { + operand = expr.(DivExpr).getLeftOperand() and + positive = expr.(DivExpr).getRightOperand().getValue().toFloat() and + positive > 0.0 // doesn't include zero + } + + /** + * Holds if `expr` is effectively a division of `operand` with the + * negative constant `negative`. + */ + private predicate dividesByNegative(Expr expr, Expr operand, float negative) { + operand = expr.(DivExpr).getLeftOperand() and + negative = getValue(expr.(DivExpr).getRightOperand().getFullyConverted()).toFloat() and + negative < 0.0 // doesn't include zero + } + + /** + * Holds if `expr` may divide by zero. + */ + predicate dividesByZero(Expr expr) { + exists(Expr divisor | + divisor = expr.(DivExpr).getRightOperand() and + getTruncatedLowerBounds(divisor) <= 0.0 and + getTruncatedUpperBounds(divisor) >= 0.0 and + not isCheckedNotZero(divisor) + ) + } + + /** + * Holds if `expr` is checked with a guard to not be zero. + * + * Since our range analysis only tracks an upper and lower bound, that means if a variable has + * range [-10, 10], its range includes zero. In the body of an if statement that checks it's not + * equal to zero, we cannot update the range to reflect that as the upper and lower bounds are + * not changed. This problem is not the case for gt, lt, gte, lte, or ==, as these can be used to + * create a new subset range that does not include zero. + * + * It is important to know if an expr may be zero to avoid division by zero creating infinities. + */ + predicate isCheckedNotZero(Expr expr) { + exists(RangeSsaDefinition def, StackVariable v, VariableAccess guardVa, Expr guard | + // This is copied from getGuardedUpperBound, which says its only an approximation. This is + // indeed wrong in many cases. + def.isGuardPhi(v, guardVa, guard, _) and + exists(unique(BasicBlock b | b = def.(BasicBlock).getAPredecessor())) and + expr = def.getAUse(v) and + isNEPhi(v, def, guardVa, 0) + ) + or guardedHashConsNotEqualZero(expr) + } + + predicate guardedHashConsNotEqualZero(Expr e) { + /* Note Boolean cmpEq, false means cmpNeq */ + exists(Expr check, Expr val, int valVal, GuardCondition guard, boolean cmpEq | + hashCons(check) = hashCons(e) and + valVal = getValue(val).toFloat() and + guard.controls(e.getBasicBlock(), cmpEq) and + ( + guard.comparesEq(check, val, -valVal, false, cmpEq) or + guard.comparesEq(val, check, -valVal, false, cmpEq) + ) + ) + } + + /** Set of expressions which we know how to analyze. */ + predicate analyzableExpr(Expr e) { + // The type of the expression must be arithmetic. We reuse the logic in + // `exprMinVal` to check this. + exists(Util::exprMinVal(e)) and + ( + exists(getValue(e).toFloat()) + or + effectivelyMultipliesByPositive(e, _, _) + or + effectivelyMultipliesByNegative(e, _, _) + or + dividesByPositive(e, _, _) + or + dividesByNegative(e, _, _) + // Introduces non-monotonic recursion. However, analysis mostly works with this + // commented out. + // or + // dividesByZero(e) + or + e instanceof DivExpr // TODO: confirm this is OK + or + e instanceof MinExpr + or + e instanceof MaxExpr + or + e instanceof ConditionalExpr + or + e instanceof AddExpr + or + e instanceof SubExpr + or + e instanceof UnsignedMulExpr + or + e instanceof AssignExpr + or + e instanceof AssignAddExpr + or + e instanceof AssignSubExpr + or + e instanceof UnsignedAssignMulExpr + or + e instanceof AssignMulByConstantExpr + or + e instanceof CrementOperation + or + e instanceof RemExpr + or + // A conversion is analyzable, provided that its child has an arithmetic + // type. (Sometimes the child is a reference type, and so does not get + // any bounds.) Rather than checking whether the type of the child is + // arithmetic, we reuse the logic that is already encoded in + // `exprMinVal`. + exists(Util::exprMinVal(e.(Conversion).getExpr())) + or + // Also allow variable accesses, provided that they have SSA + // information. + exists(RangeSsaDefinition def | e = def.getAUse(_)) + or + e instanceof UnsignedBitwiseAndExpr + or + // `>>` by a constant + exists(getValue(e.(RShiftExpr).getRightOperand())) + ) + } + + /** + * Set of definitions that this definition depends on. The transitive + * closure of this relation is used to detect definitions which are + * recursively defined, so that we can prevent the analysis from exploding. + * + * The structure of `defDependsOnDef` and its helper predicates matches the + * structure of `getDefLowerBoundsImpl` and + * `getDefUpperBoundsImpl`. Therefore, if changes are made to the structure + * of the main analysis algorithm then matching changes need to be made + * here. + */ + private predicate defDependsOnDef( + RangeSsaDefinition def, StackVariable v, RangeSsaDefinition srcDef, StackVariable srcVar + ) { + // Definitions with a defining value. + exists(Expr expr | assignmentDef(def, v, expr) | exprDependsOnDef(expr, srcDef, srcVar)) + or + // Assignment operations with a defining value + exists(AssignOperation assignOp | + analyzableExpr(assignOp) and + def = assignOp and + def.getAVariable() = v and + exprDependsOnDef(assignOp, srcDef, srcVar) + ) + or + exists(CrementOperation crem | + def = crem and + def.getAVariable() = v and + exprDependsOnDef(crem.getOperand(), srcDef, srcVar) + ) + or + // Phi nodes. + phiDependsOnDef(def, v, srcDef, srcVar) + } + + /** + * Helper predicate for `defDependsOnDef`. This predicate matches + * the structure of `getLowerBoundsImpl` and `getUpperBoundsImpl`. + */ + private predicate exprDependsOnDef(Expr e, RangeSsaDefinition srcDef, StackVariable srcVar) { + exists(Expr operand | + effectivelyMultipliesByNegative(e, operand, _) and + exprDependsOnDef(operand, srcDef, srcVar) + ) + or + exists(Expr operand | + effectivelyMultipliesByPositive(e, operand, _) and + exprDependsOnDef(operand, srcDef, srcVar) + ) + or + exists(Expr operand | + (dividesByPositive(e, operand, _) or dividesByNegative(e, operand, _)) and + exprDependsOnDef(operand, srcDef, srcVar) + ) + or + exists(MinExpr minExpr | e = minExpr | exprDependsOnDef(minExpr.getAnOperand(), srcDef, srcVar)) + or + exists(MaxExpr maxExpr | e = maxExpr | exprDependsOnDef(maxExpr.getAnOperand(), srcDef, srcVar)) + or + exists(ConditionalExpr condExpr | e = condExpr | + exprDependsOnDef(condExpr.getAnOperand(), srcDef, srcVar) + ) + or + exists(AddExpr addExpr | e = addExpr | exprDependsOnDef(addExpr.getAnOperand(), srcDef, srcVar)) + or + exists(SubExpr subExpr | e = subExpr | exprDependsOnDef(subExpr.getAnOperand(), srcDef, srcVar)) + or + exists(UnsignedMulExpr mulExpr | e = mulExpr | + exprDependsOnDef(mulExpr.getAnOperand(), srcDef, srcVar) + ) + or + exists(AssignExpr addExpr | e = addExpr | exprDependsOnDef(addExpr.getRValue(), srcDef, srcVar)) + or + exists(AssignAddExpr addExpr | e = addExpr | + exprDependsOnDef(addExpr.getAnOperand(), srcDef, srcVar) + ) + or + exists(AssignSubExpr subExpr | e = subExpr | + exprDependsOnDef(subExpr.getAnOperand(), srcDef, srcVar) + ) + or + exists(UnsignedAssignMulExpr mulExpr | e = mulExpr | + exprDependsOnDef(mulExpr.getAnOperand(), srcDef, srcVar) + ) + or + exists(AssignMulByConstantExpr mulExpr | e = mulExpr | + exprDependsOnDef(mulExpr.getLValue(), srcDef, srcVar) + ) + or + exists(CrementOperation crementExpr | e = crementExpr | + exprDependsOnDef(crementExpr.getOperand(), srcDef, srcVar) + ) + or + exists(RemExpr remExpr | e = remExpr | exprDependsOnDef(remExpr.getAnOperand(), srcDef, srcVar)) + or + exists(Conversion convExpr | e = convExpr | + exprDependsOnDef(convExpr.getExpr(), srcDef, srcVar) + ) + or + // unsigned `&` + exists(UnsignedBitwiseAndExpr andExpr | + andExpr = e and + exprDependsOnDef(andExpr.getAnOperand(), srcDef, srcVar) + ) + or + // `>>` by a constant + exists(RShiftExpr rs | + rs = e and + exists(getValue(rs.getRightOperand())) and + exprDependsOnDef(rs.getLeftOperand(), srcDef, srcVar) + ) + or + e = srcDef.getAUse(srcVar) + } + + /** + * Helper predicate for `defDependsOnDef`. This predicate matches + * the structure of `getPhiLowerBounds` and `getPhiUpperBounds`. + */ + private predicate phiDependsOnDef( + RangeSsaDefinition phi, StackVariable v, RangeSsaDefinition srcDef, StackVariable srcVar + ) { + exists(VariableAccess access, Expr guard | phi.isGuardPhi(v, access, guard, _) | + exprDependsOnDef(guard.(ComparisonOperation).getAnOperand(), srcDef, srcVar) or + exprDependsOnDef(access, srcDef, srcVar) + ) + or + srcDef = phi.getAPhiInput(v) and srcVar = v + } + + /** The transitive closure of `defDependsOnDef`. */ + private predicate defDependsOnDefTransitively( + RangeSsaDefinition def, StackVariable v, RangeSsaDefinition srcDef, StackVariable srcVar + ) { + defDependsOnDef(def, v, srcDef, srcVar) + or + exists(RangeSsaDefinition midDef, StackVariable midVar | + defDependsOnDef(def, v, midDef, midVar) + | + defDependsOnDefTransitively(midDef, midVar, srcDef, srcVar) + ) + } + + /** The set of definitions that depend recursively on themselves. */ + private predicate isRecursiveDef(RangeSsaDefinition def, StackVariable v) { + defDependsOnDefTransitively(def, v, def, v) + } + + /** + * Holds if the bounds of `e` depend on a recursive definition, meaning that + * `e` is likely to have many candidate bounds during the main recursion. + */ + private predicate isRecursiveExpr(Expr e) { + exists(RangeSsaDefinition def, StackVariable v | exprDependsOnDef(e, def, v) | + isRecursiveDef(def, v) + ) + } + + /** + * Holds if `binop` is a binary operation that's likely to be assigned a + * quadratic (or more) number of candidate bounds during the analysis. This can + * happen when two conditions are satisfied: + * 1. It is likely there are many more candidate bounds for `binop` than for + * its operands. For example, the number of candidate bounds for `x + y`, + * denoted here nbounds(`x + y`), will be O(nbounds(`x`) * nbounds(`y`)). + * In contrast, nbounds(`b ? x : y`) is only O(nbounds(`x`) + nbounds(`y`)). + * 2. Both operands of `binop` are recursively determined and are therefore + * likely to have a large number of candidate bounds. + */ + private predicate isRecursiveBinary(BinaryOperation binop) { + ( + binop instanceof UnsignedMulExpr + or + binop instanceof AddExpr + or + binop instanceof SubExpr + ) and + isRecursiveExpr(binop.getLeftOperand()) and + isRecursiveExpr(binop.getRightOperand()) + } + + /** + * We distinguish 3 kinds of RangeSsaDefinition: + * + * 1. Definitions with a defining value. + * For example: x = y+3 is a definition of x with defining value y+3. + * + * 2. Phi nodes: x3 = phi(x0,x1,x2) + * + * 3. Unanalyzable definitions. + * For example: a parameter is unanalyzable because we know nothing + * about its value. We assign these range [-largeValue(), largeValue()] + * + * This predicate finds all the definitions in the first set. + */ + private predicate assignmentDef(RangeSsaDefinition def, StackVariable v, Expr expr) { + Util::getVariableRangeType(v) instanceof ArithmeticType and + ( + def = v.getInitializer().getExpr() and def = expr + or + exists(AssignExpr assign | + def = assign and + assign.getLValue() = v.getAnAccess() and + expr = assign.getRValue() + ) + ) + } + + /** See comment above assignmentDef. */ + private predicate analyzableDef(RangeSsaDefinition def, StackVariable v) { + assignmentDef(def, v, _) + or + analyzableExpr(def.(AssignOperation)) and + v = def.getAVariable() + or + analyzableExpr(def.(CrementOperation)) and + v = def.getAVariable() + or + phiDependsOnDef(def, v, _, _) + } + + /** + * Computes a normal form of `x` where -0.0 has changed to +0.0. This can be + * needed on the lesser side of a floating-point comparison or on both sides of + * a floating point equality because QL does not follow IEEE in floating-point + * comparisons but instead defines -0.0 to be less than and distinct from 0.0. + */ + bindingset[x] + private float normalizeFloatUp(float x) { result = x + 0.0 } + + /** + * Computes `x + y`, rounded towards +Inf. This is the general case where both + * `x` and `y` may be large numbers. + */ + bindingset[x, y] + private float addRoundingUp(float x, float y) { + if normalizeFloatUp((x + y) - x) < y or normalizeFloatUp((x + y) - y) < x + then result = (x + y).nextUp() + else result = (x + y) + } + + /** + * Computes `x + y`, rounded towards -Inf. This is the general case where both + * `x` and `y` may be large numbers. + */ + bindingset[x, y] + private float addRoundingDown(float x, float y) { + if (x + y) - x > normalizeFloatUp(y) or (x + y) - y > normalizeFloatUp(x) + then result = (x + y).nextDown() + else result = (x + y) + } + + /** + * Computes `x + small`, rounded towards +Inf, where `small` is a small + * constant. + */ + bindingset[x, small] + private float addRoundingUpSmall(float x, float small) { + if (x + small) - x < small then result = (x + small).nextUp() else result = (x + small) + } + + /** + * Computes `x + small`, rounded towards -Inf, where `small` is a small + * constant. + */ + bindingset[x, small] + private float addRoundingDownSmall(float x, float small) { + if (x + small) - x > small then result = (x + small).nextDown() else result = (x + small) + } + + private predicate lowerBoundableExpr(Expr expr) { + (analyzableExpr(expr) or dividesByZero(expr)) and + getUpperBoundsImpl(expr) <= Util::exprMaxVal(expr) and + not exists(getValue(expr).toFloat()) + } + + /** + * Gets the lower bounds of the expression. + * + * Most of the work of computing the lower bounds is done by + * `getLowerBoundsImpl`. However, the lower bounds computed by + * `getLowerBoundsImpl` may not be representable by the result type of the + * expression. For example, if `x` and `y` are of type `int32` and each + * have lower bound -2147483648, then getLowerBoundsImpl` will compute a + * lower bound -4294967296 for the expression `x+y`, even though + * -4294967296 cannot be represented as an `int32`. Such unrepresentable + * bounds are replaced with `exprMinVal(expr)`. This predicate also adds + * `exprMinVal(expr)` as a lower bound if the expression might overflow + * positively, or if it is unanalyzable. + * + * Note: most callers should use `getFullyConvertedLowerBounds` rather than + * this predicate. + */ + private float getTruncatedLowerBounds(Expr expr) { + // If the expression evaluates to a constant, then there is no + // need to call getLowerBoundsImpl. + analyzableExpr(expr) and + result = getValue(expr).toFloat() + or + // Some of the bounds computed by getLowerBoundsImpl might + // overflow, so we replace invalid bounds with exprMinVal. + exists(float newLB | newLB = normalizeFloatUp(getLowerBoundsImpl(expr)) | + if Util::exprMinVal(expr) <= newLB and newLB <= Util::exprMaxVal(expr) + then + // Apply widening where we might get a combinatorial explosion. + if isRecursiveBinary(expr) + then + result = + max(float widenLB | + widenLB = wideningLowerBounds(expr.getUnspecifiedType()) and + not widenLB > newLB + ) + else result = newLB + else result = Util::exprMinVal(expr) + ) and + lowerBoundableExpr(expr) + or + // The expression might overflow and wrap. If so, the + // lower bound is exprMinVal. + analyzableExpr(expr) and + exprMightOverflowPositively(expr) and + not result = getValue(expr).toFloat() and + result = Util::exprMinVal(expr) + or + // The expression is not analyzable, so its lower bound is + // unknown. Note that the call to exprMinVal restricts the + // expressions to just those with arithmetic types. There is no + // need to return results for non-arithmetic expressions. + not analyzableExpr(expr) and + result = exprMinVal(expr) + } + + /** + * Gets the upper bounds of the expression. + * + * Most of the work of computing the upper bounds is done by + * `getUpperBoundsImpl`. However, the upper bounds computed by + * `getUpperBoundsImpl` may not be representable by the result type of the + * expression. For example, if `x` and `y` are of type `int32` and each + * have upper bound 2147483647, then getUpperBoundsImpl` will compute an + * upper bound 4294967294 for the expression `x+y`, even though 4294967294 + * cannot be represented as an `int32`. Such unrepresentable bounds are + * replaced with `exprMaxVal(expr)`. This predicate also adds + * `exprMaxVal(expr)` as an upper bound if the expression might overflow + * negatively, or if it is unanalyzable. + * + * Note: most callers should use `getFullyConvertedUpperBounds` rather than + * this predicate. + */ + private float getTruncatedUpperBounds(Expr expr) { + (analyzableExpr(expr) or dividesByZero(expr)) + and ( + // If the expression evaluates to a constant, then there is no + // need to call getUpperBoundsImpl. + if exists(getValue(expr).toFloat()) + then result = getValue(expr).toFloat() + else ( + // Some of the bounds computed by `getUpperBoundsImpl` + // might overflow, so we replace invalid bounds with + // `exprMaxVal`. + exists(float newUB | newUB = normalizeFloatUp(getUpperBoundsImpl(expr)) | + if Util::exprMinVal(expr) <= newUB and newUB <= Util::exprMaxVal(expr) + then + // Apply widening where we might get a combinatorial explosion. + if isRecursiveBinary(expr) + then + result = + min(float widenUB | + widenUB = wideningUpperBounds(expr.getUnspecifiedType()) and + not widenUB < newUB + ) + else result = newUB + else result = Util::exprMaxVal(expr) + ) + or + // The expression might overflow negatively and wrap. If so, + // the upper bound is `exprMaxVal`. + exprMightOverflowNegatively(expr) and + result = Util::exprMaxVal(expr) + ) + ) or + not analyzableExpr(expr) and + // The expression is not analyzable, so its upper bound is + // unknown. Note that the call to exprMaxVal restricts the + // expressions to just those with arithmetic types. There is no + // need to return results for non-arithmetic expressions. + result = exprMaxVal(expr) + } + + /** Only to be called by `getTruncatedLowerBounds`. */ + private float getLowerBoundsImpl(Expr expr) { + ( + exists(Expr operand, float operandLow, float positive | + effectivelyMultipliesByPositive(expr, operand, positive) and + operandLow = getFullyConvertedLowerBounds(operand) and + result = positive * operandLow + ) + or + exists(Expr operand, float operandHigh, float negative | + effectivelyMultipliesByNegative(expr, operand, negative) and + operandHigh = getFullyConvertedUpperBounds(operand) and + result = negative * operandHigh + ) + or + exists(Expr operand, float operandLow, float positive | + dividesByPositive(expr, operand, positive) and + operandLow = getFullyConvertedLowerBounds(operand) and + result = operandLow / positive + ) + or + exists(Expr operand, float operandLow, float negative | + dividesByNegative(expr, operand, negative) and + operandLow = getFullyConvertedUpperBounds(operand) and + result = operandLow / negative + ) + or + exists(DivExpr div | expr = div | + dividesByZero(expr) and + result = getFullyConvertedLowerBounds(div.getLeftOperand()) / 0 + ) + or + exists(MinExpr minExpr | + expr = minExpr and + // Return the union of the lower bounds from both children. + result = getFullyConvertedLowerBounds(minExpr.getAnOperand()) + ) + or + exists(MaxExpr maxExpr | + expr = maxExpr and + // Compute the cross product of the bounds from both children. We are + // using this mathematical property: + // + // max (minimum{X}, minimum{Y}) + // = minimum { max(x,y) | x in X, y in Y } + exists(float x, float y | + x = getFullyConvertedLowerBounds(maxExpr.getLeftOperand()) and + y = getFullyConvertedLowerBounds(maxExpr.getRightOperand()) and + if x >= y then result = x else result = y + ) + ) + or + // ConditionalExpr (true branch) + exists(ConditionalExpr condExpr | + expr = condExpr and + // Use `boolConversionUpperBound` to determine whether the condition + // might evaluate to `true`. + boolConversionUpperBound(condExpr.getCondition().getFullyConverted()) = 1 and + result = getFullyConvertedLowerBounds(condExpr.getThen()) + ) + or + // ConditionalExpr (false branch) + exists(ConditionalExpr condExpr | + expr = condExpr and + // Use `boolConversionLowerBound` to determine whether the condition + // might evaluate to `false`. + boolConversionLowerBound(condExpr.getCondition().getFullyConverted()) = 0 and + result = getFullyConvertedLowerBounds(condExpr.getElse()) + ) + or + exists(AddExpr addExpr, float xLow, float yLow | + expr = addExpr and + xLow = getFullyConvertedLowerBounds(addExpr.getLeftOperand()) and + yLow = getFullyConvertedLowerBounds(addExpr.getRightOperand()) and + result = addRoundingDown(xLow, yLow) + ) + or + exists(SubExpr subExpr, float xLow, float yHigh | + expr = subExpr and + xLow = getFullyConvertedLowerBounds(subExpr.getLeftOperand()) and + yHigh = getFullyConvertedUpperBounds(subExpr.getRightOperand()) and + result = addRoundingDown(xLow, -yHigh) + ) + or + exists(UnsignedMulExpr mulExpr, float xLow, float yLow | + expr = mulExpr and + xLow = getFullyConvertedLowerBounds(mulExpr.getLeftOperand()) and + yLow = getFullyConvertedLowerBounds(mulExpr.getRightOperand()) and + result = xLow * yLow + ) + or + exists(AssignExpr assign | + expr = assign and + result = getFullyConvertedLowerBounds(assign.getRValue()) + ) + or + exists(AssignAddExpr addExpr, float xLow, float yLow | + expr = addExpr and + xLow = getFullyConvertedLowerBounds(addExpr.getLValue()) and + yLow = getFullyConvertedLowerBounds(addExpr.getRValue()) and + result = addRoundingDown(xLow, yLow) + ) + or + exists(AssignSubExpr subExpr, float xLow, float yHigh | + expr = subExpr and + xLow = getFullyConvertedLowerBounds(subExpr.getLValue()) and + yHigh = getFullyConvertedUpperBounds(subExpr.getRValue()) and + result = addRoundingDown(xLow, -yHigh) + ) + or + exists(UnsignedAssignMulExpr mulExpr, float xLow, float yLow | + expr = mulExpr and + xLow = getFullyConvertedLowerBounds(mulExpr.getLValue()) and + yLow = getFullyConvertedLowerBounds(mulExpr.getRValue()) and + result = xLow * yLow + ) + or + exists(AssignMulByPositiveConstantExpr mulExpr, float xLow | + expr = mulExpr and + xLow = getFullyConvertedLowerBounds(mulExpr.getLValue()) and + result = xLow * mulExpr.getConstant() + ) + or + exists(AssignMulByNegativeConstantExpr mulExpr, float xHigh | + expr = mulExpr and + xHigh = getFullyConvertedUpperBounds(mulExpr.getLValue()) and + result = xHigh * mulExpr.getConstant() + ) + or + exists(PrefixIncrExpr incrExpr, float xLow | + expr = incrExpr and + xLow = getFullyConvertedLowerBounds(incrExpr.getOperand()) and + result = xLow + 1 + ) + or + exists(PrefixDecrExpr decrExpr, float xLow | + expr = decrExpr and + xLow = getFullyConvertedLowerBounds(decrExpr.getOperand()) and + result = addRoundingDownSmall(xLow, -1) + ) + or + // `PostfixIncrExpr` and `PostfixDecrExpr` return the value of their + // operand. The incrementing/decrementing behavior is handled in + // `getDefLowerBoundsImpl`. + exists(PostfixIncrExpr incrExpr | + expr = incrExpr and + result = getFullyConvertedLowerBounds(incrExpr.getOperand()) + ) + or + exists(PostfixDecrExpr decrExpr | + expr = decrExpr and + result = getFullyConvertedLowerBounds(decrExpr.getOperand()) + ) + or + exists(RemExpr remExpr | expr = remExpr | + // If both inputs are positive then the lower bound is zero. + result = 0 + or + // If either input could be negative then the output could be + // negative. If so, the lower bound of `x%y` is `-abs(y) + 1`, which is + // equal to `min(-y + 1,y - 1)`. + exists(float childLB | + childLB = getFullyConvertedLowerBounds(remExpr.getAnOperand()) and + not childLB >= 0 + | + result = getFullyConvertedLowerBounds(remExpr.getRightOperand()) - 1 + or + exists(float rhsUB | rhsUB = getFullyConvertedUpperBounds(remExpr.getRightOperand()) | + result = -rhsUB + 1 + ) + ) + ) + or + // If the conversion is to an arithmetic type then we just return the + // lower bound of the child. We do not need to handle truncation and + // overflow here, because that is done in `getTruncatedLowerBounds`. + // Conversions to `bool` need to be handled specially because they test + // whether the value of the expression is equal to 0. + exists(Conversion convExpr | expr = convExpr | + if convExpr.getUnspecifiedType() instanceof BoolType + then result = boolConversionLowerBound(convExpr.getExpr()) + else result = getTruncatedLowerBounds(convExpr.getExpr()) + ) + or + // Use SSA to get the lower bounds for a variable use. + exists(RangeSsaDefinition def, StackVariable v | expr = def.getAUse(v) | + result = getDefLowerBounds(def, v) + ) + or + // unsigned `&` (tighter bounds may exist) + exists(UnsignedBitwiseAndExpr andExpr | + andExpr = expr and + result = 0.0 + ) + or + // `>>` by a constant + exists(RShiftExpr rsExpr, float left, int right | + rsExpr = expr and + left = getFullyConvertedLowerBounds(rsExpr.getLeftOperand()) and + right = getValue(rsExpr.getRightOperand().getFullyConverted()).toInt() and + result = safeFloor(left / 2.pow(right)) + ) + ) + } + + /** Only to be called by `getTruncatedUpperBounds`. */ + private float getUpperBoundsImpl(Expr expr) { + ( + exists(Expr operand, float operandHigh, float positive | + effectivelyMultipliesByPositive(expr, operand, positive) and + operandHigh = getFullyConvertedUpperBounds(operand) and + result = positive * operandHigh + ) + or + exists(Expr operand, float operandLow, float negative | + effectivelyMultipliesByNegative(expr, operand, negative) and + operandLow = getFullyConvertedLowerBounds(operand) and + result = negative * operandLow + ) + or + exists(Expr operand, float operandHigh, float positive | + dividesByPositive(expr, operand, positive) and + operandHigh = getFullyConvertedUpperBounds(operand) and + result = operandHigh / positive + ) + or + exists(Expr operand, float operandHigh, float negative | + dividesByNegative(expr, operand, negative) and + operandHigh = getFullyConvertedLowerBounds(operand) and + result = operandHigh / negative + ) + or + exists(DivExpr div | expr = div | + dividesByZero(expr) and + result = getFullyConvertedUpperBounds(div.getLeftOperand()) / 0 + ) + or + exists(MaxExpr maxExpr | + expr = maxExpr and + // Return the union of the upper bounds from both children. + result = getFullyConvertedUpperBounds(maxExpr.getAnOperand()) + ) + or + exists(MinExpr minExpr | + expr = minExpr and + // Compute the cross product of the bounds from both children. We are + // using this mathematical property: + // + // min (maximum{X}, maximum{Y}) + // = maximum { min(x,y) | x in X, y in Y } + exists(float x, float y | + x = getFullyConvertedUpperBounds(minExpr.getLeftOperand()) and + y = getFullyConvertedUpperBounds(minExpr.getRightOperand()) and + if x <= y then result = x else result = y + ) + ) + or + // ConditionalExpr (true branch) + exists(ConditionalExpr condExpr | + expr = condExpr and + // Use `boolConversionUpperBound` to determine whether the condition + // might evaluate to `true`. + boolConversionUpperBound(condExpr.getCondition().getFullyConverted()) = 1 and + result = getFullyConvertedUpperBounds(condExpr.getThen()) + ) + or + // ConditionalExpr (false branch) + exists(ConditionalExpr condExpr | + expr = condExpr and + // Use `boolConversionLowerBound` to determine whether the condition + // might evaluate to `false`. + boolConversionLowerBound(condExpr.getCondition().getFullyConverted()) = 0 and + result = getFullyConvertedUpperBounds(condExpr.getElse()) + ) + or + exists(AddExpr addExpr, float xHigh, float yHigh | + expr = addExpr and + xHigh = getFullyConvertedUpperBounds(addExpr.getLeftOperand()) and + yHigh = getFullyConvertedUpperBounds(addExpr.getRightOperand()) and + result = addRoundingUp(xHigh, yHigh) + ) + or + exists(SubExpr subExpr, float xHigh, float yLow | + expr = subExpr and + xHigh = getFullyConvertedUpperBounds(subExpr.getLeftOperand()) and + yLow = getFullyConvertedLowerBounds(subExpr.getRightOperand()) and + result = addRoundingUp(xHigh, -yLow) + ) + or + exists(UnsignedMulExpr mulExpr, float xHigh, float yHigh | + expr = mulExpr and + xHigh = getFullyConvertedUpperBounds(mulExpr.getLeftOperand()) and + yHigh = getFullyConvertedUpperBounds(mulExpr.getRightOperand()) and + result = xHigh * yHigh + ) + or + exists(AssignExpr assign | + expr = assign and + result = getFullyConvertedUpperBounds(assign.getRValue()) + ) + or + exists(AssignAddExpr addExpr, float xHigh, float yHigh | + expr = addExpr and + xHigh = getFullyConvertedUpperBounds(addExpr.getLValue()) and + yHigh = getFullyConvertedUpperBounds(addExpr.getRValue()) and + result = addRoundingUp(xHigh, yHigh) + ) + or + exists(AssignSubExpr subExpr, float xHigh, float yLow | + expr = subExpr and + xHigh = getFullyConvertedUpperBounds(subExpr.getLValue()) and + yLow = getFullyConvertedLowerBounds(subExpr.getRValue()) and + result = addRoundingUp(xHigh, -yLow) + ) + or + exists(UnsignedAssignMulExpr mulExpr, float xHigh, float yHigh | + expr = mulExpr and + xHigh = getFullyConvertedUpperBounds(mulExpr.getLValue()) and + yHigh = getFullyConvertedUpperBounds(mulExpr.getRValue()) and + result = xHigh * yHigh + ) + or + exists(AssignMulByPositiveConstantExpr mulExpr, float xHigh | + expr = mulExpr and + xHigh = getFullyConvertedUpperBounds(mulExpr.getLValue()) and + result = xHigh * mulExpr.getConstant() + ) + or + exists(AssignMulByNegativeConstantExpr mulExpr, float xLow | + expr = mulExpr and + xLow = getFullyConvertedLowerBounds(mulExpr.getLValue()) and + result = xLow * mulExpr.getConstant() + ) + or + exists(PrefixIncrExpr incrExpr, float xHigh | + expr = incrExpr and + xHigh = getFullyConvertedUpperBounds(incrExpr.getOperand()) and + result = addRoundingUpSmall(xHigh, 1) + ) + or + exists(PrefixDecrExpr decrExpr, float xHigh | + expr = decrExpr and + xHigh = getFullyConvertedUpperBounds(decrExpr.getOperand()) and + result = xHigh - 1 + ) + or + // `PostfixIncrExpr` and `PostfixDecrExpr` return the value of their operand. + // The incrementing/decrementing behavior is handled in + // `getDefUpperBoundsImpl`. + exists(PostfixIncrExpr incrExpr | + expr = incrExpr and + result = getFullyConvertedUpperBounds(incrExpr.getOperand()) + ) + or + exists(PostfixDecrExpr decrExpr | + expr = decrExpr and + result = getFullyConvertedUpperBounds(decrExpr.getOperand()) + ) + or + exists(RemExpr remExpr, float rhsUB | + expr = remExpr and + rhsUB = getFullyConvertedUpperBounds(remExpr.getRightOperand()) + | + result = rhsUB - 1 + or + // If the right hand side could be negative then we need to take its + // absolute value. Since `abs(x) = max(-x,x)` this is equivalent to + // adding `-rhsLB` to the set of upper bounds. + exists(float rhsLB | + rhsLB = getFullyConvertedLowerBounds(remExpr.getRightOperand()) and + not rhsLB >= 0 + | + result = -rhsLB + 1 + ) + ) + or + // If the conversion is to an arithmetic type then we just return the + // upper bound of the child. We do not need to handle truncation and + // overflow here, because that is done in `getTruncatedUpperBounds`. + // Conversions to `bool` need to be handled specially because they test + // whether the value of the expression is equal to 0. + exists(Conversion convExpr | expr = convExpr | + if convExpr.getUnspecifiedType() instanceof BoolType + then result = boolConversionUpperBound(convExpr.getExpr()) + else result = getTruncatedUpperBounds(convExpr.getExpr()) + ) + or + // Use SSA to get the upper bounds for a variable use. + exists(RangeSsaDefinition def, StackVariable v | expr = def.getAUse(v) | + result = getDefUpperBounds(def, v) + ) + or + // unsigned `&` (tighter bounds may exist) + exists(UnsignedBitwiseAndExpr andExpr, float left, float right | + andExpr = expr and + left = getFullyConvertedUpperBounds(andExpr.getLeftOperand()) and + right = getFullyConvertedUpperBounds(andExpr.getRightOperand()) and + result = left.minimum(right) + ) + or + // `>>` by a constant + exists(RShiftExpr rsExpr, float left, int right | + rsExpr = expr and + left = getFullyConvertedUpperBounds(rsExpr.getLeftOperand()) and + right = getValue(rsExpr.getRightOperand().getFullyConverted()).toInt() and + result = safeFloor(left / 2.pow(right)) + ) + ) + } + + /** + * Holds if `expr` is converted to `bool` or if it is the child of a + * logical operation. + * + * The purpose of this predicate is to optimize `boolConversionLowerBound` + * and `boolConversionUpperBound` by preventing them from computing + * unnecessary results. In other words, `exprIsUsedAsBool(expr)` holds if + * `expr` is an expression that might be passed as an argument to + * `boolConversionLowerBound` or `boolConversionUpperBound`. + */ + private predicate exprIsUsedAsBool(Expr expr) { + expr = any(BinaryLogicalOperation op).getAnOperand().getFullyConverted() + or + expr = any(UnaryLogicalOperation op).getOperand().getFullyConverted() + or + expr = any(ConditionalExpr c).getCondition().getFullyConverted() + or + exists(Conversion cast | cast.getUnspecifiedType() instanceof BoolType | expr = cast.getExpr()) + } + + /** + * Gets the lower bound of the conversion `(bool)expr`. If we can prove that + * the value of `expr` is never 0 then `lb = 1`. Otherwise `lb = 0`. + */ + private float boolConversionLowerBound(Expr expr) { + // Case 1: if the range for `expr` includes the value 0, + // then `result = 0`. + exprIsUsedAsBool(expr) and + exists(float lb | lb = getTruncatedLowerBounds(expr) and not lb > 0) and + exists(float ub | ub = getTruncatedUpperBounds(expr) and not ub < 0) and + result = 0 + or + // Case 2a: if the range for `expr` does not include the value 0, + // then `result = 1`. + exprIsUsedAsBool(expr) and getTruncatedLowerBounds(expr) > 0 and result = 1 + or + // Case 2b: if the range for `expr` does not include the value 0, + // then `result = 1`. + exprIsUsedAsBool(expr) and getTruncatedUpperBounds(expr) < 0 and result = 1 + or + // Case 3: the type of `expr` is not arithmetic. For example, it might + // be a pointer. + exprIsUsedAsBool(expr) and not exists(Util::exprMinVal(expr)) and result = 0 + } + + /** + * Gets the upper bound of the conversion `(bool)expr`. If we can prove that + * the value of `expr` is always 0 then `ub = 0`. Otherwise `ub = 1`. + */ + private float boolConversionUpperBound(Expr expr) { + // Case 1a: if the upper bound of the operand is <= 0, then the upper + // bound might be 0. + exprIsUsedAsBool(expr) and getTruncatedUpperBounds(expr) <= 0 and result = 0 + or + // Case 1b: if the upper bound of the operand is not <= 0, then the upper + // bound is 1. + exprIsUsedAsBool(expr) and + exists(float ub | ub = getTruncatedUpperBounds(expr) and not ub <= 0) and + result = 1 + or + // Case 2a: if the lower bound of the operand is >= 0, then the upper + // bound might be 0. + exprIsUsedAsBool(expr) and getTruncatedLowerBounds(expr) >= 0 and result = 0 + or + // Case 2b: if the lower bound of the operand is not >= 0, then the upper + // bound is 1. + exprIsUsedAsBool(expr) and + exists(float lb | lb = getTruncatedLowerBounds(expr) and not lb >= 0) and + result = 1 + or + // Case 3: the type of `expr` is not arithmetic. For example, it might + // be a pointer. + exprIsUsedAsBool(expr) and not exists(Util::exprMaxVal(expr)) and result = 1 + } + + /** + * This predicate computes the lower bounds of a phi definition. If the + * phi definition corresponds to a guard, then the guard is used to + * deduce a better lower bound. + * For example: + * + * def: x = y % 10; + * guard: if (x >= 2) { + * block: f(x) + * } + * + * In this example, the lower bound of x is 0, but we can + * use the guard to deduce that the lower bound is 2 inside the block. + */ + private float getPhiLowerBounds(StackVariable v, RangeSsaDefinition phi) { + exists(VariableAccess access, Expr guard, boolean branch, float defLB, float guardLB | + phi.isGuardPhi(v, access, guard, branch) and + lowerBoundFromGuard(guard, access, guardLB, branch) and + defLB = getFullyConvertedLowerBounds(access) + | + // Compute the maximum of `guardLB` and `defLB`. + if guardLB > defLB then result = guardLB else result = defLB + ) + or + exists(VariableAccess access, float neConstant, float lower | + isNEPhi(v, phi, access, neConstant) and + lower = getTruncatedLowerBounds(access) and + if lower = neConstant then result = lower + 1 else result = lower + ) + or + exists(VariableAccess access | + isUnsupportedGuardPhi(v, phi, access) and + result = getTruncatedLowerBounds(access) + ) + or + result = getDefLowerBounds(phi.getAPhiInput(v), v) + } + + /** See comment for `getPhiLowerBounds`, above. */ + private float getPhiUpperBounds(StackVariable v, RangeSsaDefinition phi) { + exists(VariableAccess access, Expr guard, boolean branch, float defUB, float guardUB | + phi.isGuardPhi(v, access, guard, branch) and + upperBoundFromGuard(guard, access, guardUB, branch) and + defUB = getFullyConvertedUpperBounds(access) + | + // Compute the minimum of `guardUB` and `defUB`. + if guardUB < defUB then result = guardUB else result = defUB + ) + or + exists(VariableAccess access, float neConstant, float upper | + isNEPhi(v, phi, access, neConstant) and + upper = getTruncatedUpperBounds(access) and + if upper = neConstant then result = upper - 1 else result = upper + ) + or + exists(VariableAccess access | + isUnsupportedGuardPhi(v, phi, access) and + result = getTruncatedUpperBounds(access) + ) + or + result = getDefUpperBounds(phi.getAPhiInput(v), v) + } + + /** Only to be called by `getDefLowerBounds`. */ + private float getDefLowerBoundsImpl(RangeSsaDefinition def, StackVariable v) { + // Definitions with a defining value. + exists(Expr expr | assignmentDef(def, v, expr) | result = getFullyConvertedLowerBounds(expr)) + or + // Assignment operations with a defining value + exists(AssignOperation assignOp | + def = assignOp and + assignOp.getLValue() = v.getAnAccess() and + result = getTruncatedLowerBounds(assignOp) + ) + or + exists(IncrementOperation incr, float newLB | + def = incr and + incr.getOperand() = v.getAnAccess() and + newLB = getFullyConvertedLowerBounds(incr.getOperand()) and + result = newLB + 1 + ) + or + exists(DecrementOperation decr, float newLB | + def = decr and + decr.getOperand() = v.getAnAccess() and + newLB = getFullyConvertedLowerBounds(decr.getOperand()) and + result = addRoundingDownSmall(newLB, -1) + ) + or + // Phi nodes. + result = getPhiLowerBounds(v, def) + or + // Unanalyzable definitions. + unanalyzableDefBounds(def, v, result, _) + } + + /** Only to be called by `getDefUpperBounds`. */ + private float getDefUpperBoundsImpl(RangeSsaDefinition def, StackVariable v) { + // Definitions with a defining value. + exists(Expr expr | assignmentDef(def, v, expr) | result = getFullyConvertedUpperBounds(expr)) + or + // Assignment operations with a defining value + exists(AssignOperation assignOp | + def = assignOp and + assignOp.getLValue() = v.getAnAccess() and + result = getTruncatedUpperBounds(assignOp) + ) + or + exists(IncrementOperation incr, float newUB | + def = incr and + incr.getOperand() = v.getAnAccess() and + newUB = getFullyConvertedUpperBounds(incr.getOperand()) and + result = addRoundingUpSmall(newUB, 1) + ) + or + exists(DecrementOperation decr, float newUB | + def = decr and + decr.getOperand() = v.getAnAccess() and + newUB = getFullyConvertedUpperBounds(decr.getOperand()) and + result = newUB - 1 + ) + or + // Phi nodes. + result = getPhiUpperBounds(v, def) + or + // Unanalyzable definitions. + unanalyzableDefBounds(def, v, _, result) + } + + /** + * Helper for `getDefLowerBounds` and `getDefUpperBounds`. Find the set of + * unanalyzable definitions (such as function parameters) and make their + * bounds unknown. + */ + private predicate unanalyzableDefBounds( + RangeSsaDefinition def, StackVariable v, float lb, float ub + ) { + v = def.getAVariable() and + not analyzableDef(def, v) and + lb = varMinVal(v) and + ub = varMaxVal(v) + } + + /** + * Holds if in the `branch` branch of a guard `guard` involving `v`, + * we know that `v` is not NaN, and therefore it is safe to make range + * inferences about `v`. + */ + bindingset[guard, v, branch] + predicate nonNanGuardedVariable(Expr guard, VariableAccess v, boolean branch) { + Util::getVariableRangeType(v.getTarget()) instanceof IntegralType + or + Util::getVariableRangeType(v.getTarget()) instanceof FloatingPointType and + v instanceof NonNanVariableAccess + or + // The reason the following case is here is to ensure that when we say + // `if (x > 5) { ...then... } else { ...else... }` + // it is ok to conclude that `x > 5` in the `then`, (though not safe + // to conclude that x <= 5 in `else`) even if we had no prior + // knowledge of `x` not being `NaN`. + nanExcludingComparison(guard, branch) + } + + /** + * If the guard is a comparison of the form `p*v + q r`, then this + * predicate uses the bounds information for `r` to compute a lower bound + * for `v`. + */ + private predicate lowerBoundFromGuard(Expr guard, VariableAccess v, float lb, boolean branch) { + exists(float childLB, Util::RelationStrictness strictness | + boundFromGuard(guard, v, childLB, true, strictness, branch) + | + if nonNanGuardedVariable(guard, v, branch) + then + if + strictness = Util::Nonstrict() or + not Util::getVariableRangeType(v.getTarget()) instanceof IntegralType + then lb = childLB + else lb = childLB + 1 + else lb = varMinVal(v.getTarget()) + ) + } + + /** + * If the guard is a comparison of the form `p*v + q r`, then this + * predicate uses the bounds information for `r` to compute a upper bound + * for `v`. + */ + private predicate upperBoundFromGuard(Expr guard, VariableAccess v, float ub, boolean branch) { + exists(float childUB, Util::RelationStrictness strictness | + boundFromGuard(guard, v, childUB, false, strictness, branch) + | + if nonNanGuardedVariable(guard, v, branch) + then + if + strictness = Util::Nonstrict() or + not Util::getVariableRangeType(v.getTarget()) instanceof IntegralType + then ub = childUB + else ub = childUB - 1 + else ub = varMaxVal(v.getTarget()) + ) + } + + /** + * This predicate simplifies the results returned by + * `linearBoundFromGuard`. + */ + private predicate boundFromGuard( + Expr guard, VariableAccess v, float boundValue, boolean isLowerBound, + Util::RelationStrictness strictness, boolean branch + ) { + exists(float p, float q, float r, boolean isLB | + linearBoundFromGuard(guard, v, p, q, r, isLB, strictness, branch) and + boundValue = (r - q) / p + | + // If the multiplier is negative then the direction of the comparison + // needs to be flipped. + p > 0 and isLowerBound = isLB + or + p < 0 and isLowerBound = isLB.booleanNot() + ) + or + // When `!e` is true, we know that `0 <= e <= 0` + exists(float p, float q, Expr e | + Util::linearAccess(e, v, p, q) and + Util::eqZeroWithNegate(guard, e, true, branch) and + boundValue = (0.0 - q) / p and + isLowerBound = [false, true] and + strictness = Util::Nonstrict() + ) + } + + /** + * This predicate finds guards of the form `p*v + q < r or p*v + q == r` + * and decomposes them into a tuple of values which can be used to deduce a + * lower or upper bound for `v`. + */ + private predicate linearBoundFromGuard( + ComparisonOperation guard, VariableAccess v, float p, float q, float boundValue, + boolean isLowerBound, // Is this a lower or an upper bound? + Util::RelationStrictness strictness, boolean branch // Which control-flow branch is this bound valid on? + ) { + // For the comparison x < RHS, we create two bounds: + // + // 1. x < upperbound(RHS) + // 2. x >= typeLowerBound(RHS.getUnspecifiedType()) + // + exists(Expr lhs, Expr rhs, Util::RelationDirection dir, Util::RelationStrictness st | + Util::linearAccess(lhs, v, p, q) and + Util::relOpWithSwapAndNegate(guard, lhs, rhs, dir, st, branch) + | + isLowerBound = Util::directionIsGreater(dir) and + strictness = st and + getBounds(rhs, boundValue, isLowerBound) + or + isLowerBound = Util::directionIsLesser(dir) and + strictness = Util::Nonstrict() and + exprTypeBounds(rhs, boundValue, isLowerBound) + ) + or + // For x == RHS, we create the following bounds: + // + // 1. x <= upperbound(RHS) + // 2. x >= lowerbound(RHS) + // + exists(Expr lhs, Expr rhs | + Util::linearAccess(lhs, v, p, q) and + Util::eqOpWithSwapAndNegate(guard, lhs, rhs, true, branch) and + getBounds(rhs, boundValue, isLowerBound) and + strictness = Util::Nonstrict() + ) + // x != RHS and !x are handled elsewhere + } + + /** Utility for `linearBoundFromGuard`. */ + private predicate getBounds(Expr expr, float boundValue, boolean isLowerBound) { + isLowerBound = true and boundValue = getFullyConvertedLowerBounds(expr) + or + isLowerBound = false and boundValue = getFullyConvertedUpperBounds(expr) + } + + /** Utility for `linearBoundFromGuard`. */ + private predicate exprTypeBounds(Expr expr, float boundValue, boolean isLowerBound) { + isLowerBound = true and boundValue = exprMinVal(expr.getFullyConverted()) + or + isLowerBound = false and boundValue = exprMaxVal(expr.getFullyConverted()) + } + + /** + * Holds if `(v, phi)` ensures that `access` is not equal to `neConstant`. For + * example, the condition `if (x + 1 != 3)` ensures that `x` is not equal to 2. + * Only integral types are supported. + */ + private predicate isNEPhi( + Variable v, RangeSsaDefinition phi, VariableAccess access, float neConstant + ) { + exists( + ComparisonOperation cmp, boolean branch, Expr linearExpr, Expr rExpr, float p, float q, + float r + | + phi.isGuardPhi(v, access, cmp, branch) and + Util::eqOpWithSwapAndNegate(cmp, linearExpr, rExpr, false, branch) and + v.getUnspecifiedType() instanceof IntegralOrEnumType and // Float `!=` is too imprecise + r = getValue(rExpr).toFloat() and + Util::linearAccess(linearExpr, access, p, q) and + neConstant = (r - q) / p + ) + or + exists(Expr op, boolean branch, Expr linearExpr, float p, float q | + phi.isGuardPhi(v, access, op, branch) and + Util::eqZeroWithNegate(op, linearExpr, false, branch) and + v.getUnspecifiedType() instanceof IntegralOrEnumType and // Float `!` is too imprecise + Util::linearAccess(linearExpr, access, p, q) and + neConstant = (0.0 - q) / p + ) + } + + /** + * Holds if `(v, phi)` constrains the value of `access` but in a way that + * doesn't allow this library to constrain the upper or lower bounds of + * `access`. An example is `if (x != y)` if neither `x` nor `y` is a + * compile-time constant. + */ + private predicate isUnsupportedGuardPhi(Variable v, RangeSsaDefinition phi, VariableAccess access) { + exists(Expr cmp, boolean branch | + Util::eqOpWithSwapAndNegate(cmp, _, _, false, branch) + or + Util::eqZeroWithNegate(cmp, _, false, branch) + | + phi.isGuardPhi(v, access, cmp, branch) and + not isNEPhi(v, phi, access, _) + ) + } + + /** + * Gets the upper bound of the expression, if the expression is guarded. + * An upper bound can only be found, if a guard phi node can be found, and the + * expression has only one immediate predecessor. + */ + private float getGuardedUpperBound(VariableAccess guardedAccess) { + exists( + RangeSsaDefinition def, StackVariable v, VariableAccess guardVa, Expr guard, boolean branch + | + def.isGuardPhi(v, guardVa, guard, branch) and + // If the basic block for the variable access being examined has + // more than one predecessor, the guard phi node could originate + // from one of the predecessors. This is because the guard phi + // node is attached to the block at the end of the edge and not on + // the actual edge. It is therefore not possible to determine which + // edge the guard phi node belongs to. The predicate below ensures + // that there is one predecessor, albeit somewhat conservative. + exists(unique(BasicBlock b | b = def.(BasicBlock).getAPredecessor())) and + guardedAccess = def.getAUse(v) and + result = max(float ub | upperBoundFromGuard(guard, guardVa, ub, branch)) and + not convertedExprMightOverflow(guard.getAChild+()) + ) + } + + cached + private module SimpleRangeAnalysisCached { + /** + * Gets the lower bound of the expression. + * + * Note: expressions in C/C++ are often implicitly or explicitly cast to a + * different result type. Such casts can cause the value of the expression + * to overflow or to be truncated. This predicate computes the lower bound + * of the expression without including the effect of the casts. To compute + * the lower bound of the expression after all the casts have been applied, + * call `lowerBound` like this: + * + * `lowerBound(expr.getFullyConverted())` + */ + cached + float lowerBound(Expr expr) { + // Combine the lower bounds returned by getTruncatedLowerBounds into a + // single minimum value. + result = min(float lb | lb = getTruncatedLowerBounds(expr) | lb) + } + + /** + * Gets the upper bound of the expression. + * + * Note: expressions in C/C++ are often implicitly or explicitly cast to a + * different result type. Such casts can cause the value of the expression + * to overflow or to be truncated. This predicate computes the upper bound + * of the expression without including the effect of the casts. To compute + * the upper bound of the expression after all the casts have been applied, + * call `upperBound` like this: + * + * `upperBound(expr.getFullyConverted())` + */ + cached + float upperBound(Expr expr) { + // Combine the upper bounds returned by getTruncatedUpperBounds and + // getGuardedUpperBound into a single maximum value + result = min([max(getTruncatedUpperBounds(expr)), getGuardedUpperBound(expr)]) + } + + /** Holds if the upper bound of `expr` may have been widened. This means the upper bound is in practice likely to be overly wide. */ + cached + predicate upperBoundMayBeWidened(Expr e) { + isRecursiveExpr(e) and + // Widening is not a problem if the post-analysis in `getGuardedUpperBound` has overridden the widening. + // Note that the RHS of `<` may be multi-valued. + not getGuardedUpperBound(e) < getTruncatedUpperBounds(e) + } + + /** + * Holds if `expr` has a provably empty range. For example: + * + * 10 < expr and expr < 5 + * + * The range of an expression can only be empty if it can never be + * executed. For example: + * + * if (10 < x) { + * if (x < 5) { + * // Unreachable code + * return x; // x has an empty range: 10 < x && x < 5 + * } + * } + */ + cached + predicate exprWithEmptyRange(Expr expr) { + analyzableExpr(expr) and + ( + not exists(lowerBound(expr)) or + not exists(upperBound(expr)) or + lowerBound(expr) > upperBound(expr) + ) + } + + /** Holds if the definition might overflow negatively. */ + cached + predicate defMightOverflowNegatively(RangeSsaDefinition def, StackVariable v) { + getDefLowerBoundsImpl(def, v) < Util::varMinVal(v) + } + + /** Holds if the definition might overflow positively. */ + cached + predicate defMightOverflowPositively(RangeSsaDefinition def, StackVariable v) { + getDefUpperBoundsImpl(def, v) > Util::varMaxVal(v) + } + + /** + * Holds if the definition might overflow (either positively or + * negatively). + */ + cached + predicate defMightOverflow(RangeSsaDefinition def, StackVariable v) { + defMightOverflowNegatively(def, v) or + defMightOverflowPositively(def, v) + } + + /** + * Holds if `e` is an expression where the concept of overflow makes sense. + * This predicate is used to filter out some of the unanalyzable expressions + * from `exprMightOverflowPositively` and `exprMightOverflowNegatively`. + */ + pragma[inline] + private predicate exprThatCanOverflow(Expr e) { + e instanceof UnaryArithmeticOperation or + e instanceof BinaryArithmeticOperation or + e instanceof AssignArithmeticOperation or + e instanceof LShiftExpr or + e instanceof AssignLShiftExpr + } + + /** + * Holds if the expression might overflow negatively. This predicate + * does not consider the possibility that the expression might overflow + * due to a conversion. + */ + cached + predicate exprMightOverflowNegatively(Expr expr) { + getLowerBoundsImpl(expr) < Util::exprMinVal(expr) + or + // The lower bound of the expression `x--` is the same as the lower + // bound of `x`, so the standard logic (above) does not work for + // detecting whether it might overflow. + getLowerBoundsImpl(expr.(PostfixDecrExpr)) = Util::exprMinVal(expr) + or + // We can't conclude that any unanalyzable expression might overflow. This + // is because there are many expressions that the range analysis doesn't + // handle, but where the concept of overflow doesn't make sense. + exprThatCanOverflow(expr) and not analyzableExpr(expr) + } + + /** + * Holds if the expression might overflow negatively. Conversions + * are also taken into account. For example the expression + * `(int16)(x+y)` might overflow due to the `(int16)` cast, rather than + * due to the addition. + */ + cached + predicate convertedExprMightOverflowNegatively(Expr expr) { + exprMightOverflowNegatively(expr) or + convertedExprMightOverflowNegatively(expr.getConversion()) + } + + /** + * Holds if the expression might overflow positively. This predicate + * does not consider the possibility that the expression might overflow + * due to a conversion. + */ + cached + predicate exprMightOverflowPositively(Expr expr) { + getUpperBoundsImpl(expr) > Util::exprMaxVal(expr) + or + // The upper bound of the expression `x++` is the same as the upper + // bound of `x`, so the standard logic (above) does not work for + // detecting whether it might overflow. + getUpperBoundsImpl(expr.(PostfixIncrExpr)) = Util::exprMaxVal(expr) + } + + /** + * Holds if the expression might overflow positively. Conversions + * are also taken into account. For example the expression + * `(int16)(x+y)` might overflow due to the `(int16)` cast, rather than + * due to the addition. + */ + cached + predicate convertedExprMightOverflowPositively(Expr expr) { + exprMightOverflowPositively(expr) or + convertedExprMightOverflowPositively(expr.getConversion()) + } + + /** + * Holds if the expression might overflow (either positively or + * negatively). The possibility that the expression might overflow + * due to an implicit or explicit cast is also considered. + */ + cached + predicate convertedExprMightOverflow(Expr expr) { + convertedExprMightOverflowNegatively(expr) or + convertedExprMightOverflowPositively(expr) + } + } + + /** + * Gets the truncated lower bounds of the fully converted expression. + */ + float getFullyConvertedLowerBounds(Expr expr) { + result = getTruncatedLowerBounds(expr.getFullyConverted()) + } + + /** + * Gets the truncated upper bounds of the fully converted expression. + */ + float getFullyConvertedUpperBounds(Expr expr) { + result = getTruncatedUpperBounds(expr.getFullyConverted()) + } + + /** + * Get the lower bounds for a `RangeSsaDefinition`. Most of the work is + * done by `getDefLowerBoundsImpl`, but this is where widening is applied + * to prevent the analysis from exploding due to a recursive definition. + */ + float getDefLowerBounds(RangeSsaDefinition def, StackVariable v) { + exists(float newLB, float truncatedLB | + newLB = getDefLowerBoundsImpl(def, v) and + if Util::varMinVal(v) <= newLB and newLB <= Util::varMaxVal(v) + then truncatedLB = newLB + else truncatedLB = Util::varMinVal(v) + | + // Widening: check whether the new lower bound is from a source which + // depends recursively on the current definition. + if isRecursiveDef(def, v) + then + // The new lower bound is from a recursive source, so we round + // down to one of a limited set of values to prevent the + // recursion from exploding. + result = + max(float widenLB | + widenLB = wideningLowerBounds(Util::getVariableRangeType(v)) and + not widenLB > truncatedLB + | + widenLB + ) + else result = truncatedLB + ) + or + // The definition might overflow positively and wrap. If so, the lower + // bound is `typeLowerBound`. + defMightOverflowPositively(def, v) and result = Util::varMinVal(v) + } + + /** See comment for `getDefLowerBounds`, above. */ + float getDefUpperBounds(RangeSsaDefinition def, StackVariable v) { + exists(float newUB, float truncatedUB | + newUB = getDefUpperBoundsImpl(def, v) and + if Util::varMinVal(v) <= newUB and newUB <= Util::varMaxVal(v) + then truncatedUB = newUB + else truncatedUB = Util::varMaxVal(v) + | + // Widening: check whether the new upper bound is from a source which + // depends recursively on the current definition. + if isRecursiveDef(def, v) + then + // The new upper bound is from a recursive source, so we round + // up to one of a fixed set of values to prevent the recursion + // from exploding. + result = + min(float widenUB | + widenUB = wideningUpperBounds(Util::getVariableRangeType(v)) and + not widenUB < truncatedUB + | + widenUB + ) + else result = truncatedUB + ) + or + // The definition might overflow negatively and wrap. If so, the upper + // bound is `typeUpperBound`. + defMightOverflowNegatively(def, v) and result = Util::varMaxVal(v) + } +} diff --git a/cpp/common/src/codingstandards/cpp/SimpleRangeAnalysisCustomizations.qll b/cpp/common/src/codingstandards/cpp/SimpleRangeAnalysisCustomizations.qll index 5144f63dc2..2688452d28 100644 --- a/cpp/common/src/codingstandards/cpp/SimpleRangeAnalysisCustomizations.qll +++ b/cpp/common/src/codingstandards/cpp/SimpleRangeAnalysisCustomizations.qll @@ -14,6 +14,45 @@ import semmle.code.cpp.rangeanalysis.RangeAnalysisUtils import experimental.semmle.code.cpp.rangeanalysis.extensions.ConstantBitwiseAndExprRange private import experimental.semmle.code.cpp.models.interfaces.SimpleRangeAnalysisExpr +// Disabled, causing performance issues in grpc: +/* +private class DivByConstantExpr extends SimpleRangeAnalysisExpr, DivExpr { + float quotient; + + DivByConstantExpr() { + quotient = evaluateConstantExpr(getRightOperand()) + } + + override predicate dependsOnChild(Expr e) { + e = getLeftOperand() + } + + override float getLowerBounds() { + exists(float numerator | + result = numerator / quotient and + if (quotient > 0) then + // x / y where and y is positive scales the UB/LB. + numerator = getFullyConvertedLowerBounds(getLeftOperand()) + else + // x / -y where and -y is negative will invert and scale the UB/LB. + numerator = getFullyConvertedUpperBounds(getLeftOperand()) + ) + } + + override float getUpperBounds() { + exists(float numerator | + result = numerator / quotient and + if (quotient > 0) then + // x / y where and y is positive scales the UB/LB. + numerator = getFullyConvertedUpperBounds(getLeftOperand()) + else + // x / -y where and -y is negative will invert and scale the UB/LB. + numerator = getFullyConvertedLowerBounds(getLeftOperand()) + ) + } +} + */ + /** * A range analysis extension that support bitwise `|` and `|=` where at least one operand is a * non-negative constant. diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/FloatingTypes2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/FloatingTypes2.qll new file mode 100644 index 0000000000..7cdc6430a3 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/FloatingTypes2.qll @@ -0,0 +1,44 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype FloatingTypes2Query = + TPossibleMisuseOfUndetectedInfinityQuery() or + TPossibleMisuseOfUndetectedNaNQuery() + +predicate isFloatingTypes2QueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `possibleMisuseOfUndetectedInfinity` query + FloatingTypes2Package::possibleMisuseOfUndetectedInfinityQuery() and + queryId = + // `@id` for the `possibleMisuseOfUndetectedInfinity` query + "c/misra/possible-misuse-of-undetected-infinity" and + ruleId = "DIR-4-15" and + category = "required" + or + query = + // `Query` instance for the `possibleMisuseOfUndetectedNaN` query + FloatingTypes2Package::possibleMisuseOfUndetectedNaNQuery() and + queryId = + // `@id` for the `possibleMisuseOfUndetectedNaN` query + "c/misra/possible-misuse-of-undetected-na-n" and + ruleId = "DIR-4-15" and + category = "required" +} + +module FloatingTypes2Package { + Query possibleMisuseOfUndetectedInfinityQuery() { + //autogenerate `Query` type + result = + // `Query` type for `possibleMisuseOfUndetectedInfinity` query + TQueryC(TFloatingTypes2PackageQuery(TPossibleMisuseOfUndetectedInfinityQuery())) + } + + Query possibleMisuseOfUndetectedNaNQuery() { + //autogenerate `Query` type + result = + // `Query` type for `possibleMisuseOfUndetectedNaN` query + TQueryC(TFloatingTypes2PackageQuery(TPossibleMisuseOfUndetectedNaNQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index 6ab695fb99..41ae2931b1 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -32,6 +32,7 @@ import Declarations8 import EssentialTypes import Expressions import FloatingTypes +import FloatingTypes2 import FunctionTypes import IO1 import IO2 @@ -112,6 +113,7 @@ newtype TCQuery = TEssentialTypesPackageQuery(EssentialTypesQuery q) or TExpressionsPackageQuery(ExpressionsQuery q) or TFloatingTypesPackageQuery(FloatingTypesQuery q) or + TFloatingTypes2PackageQuery(FloatingTypes2Query q) or TFunctionTypesPackageQuery(FunctionTypesQuery q) or TIO1PackageQuery(IO1Query q) or TIO2PackageQuery(IO2Query q) or @@ -192,6 +194,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isEssentialTypesQueryMetadata(query, queryId, ruleId, category) or isExpressionsQueryMetadata(query, queryId, ruleId, category) or isFloatingTypesQueryMetadata(query, queryId, ruleId, category) or + isFloatingTypes2QueryMetadata(query, queryId, ruleId, category) or isFunctionTypesQueryMetadata(query, queryId, ruleId, category) or isIO1QueryMetadata(query, queryId, ruleId, category) or isIO2QueryMetadata(query, queryId, ruleId, category) or diff --git a/rule_packages/c/FloatingTypes2.json b/rule_packages/c/FloatingTypes2.json new file mode 100644 index 0000000000..152ead08d3 --- /dev/null +++ b/rule_packages/c/FloatingTypes2.json @@ -0,0 +1,36 @@ +{ + "MISRA-C-2012": { + "DIR-4-15": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Evaluation of floating-point expressions shall not lead to the undetected generation of infinities.", + "kind": "path-problem", + "name": "Evaluation of floating-point expressions shall not lead to the undetected generation of infinities", + "precision": "high", + "severity": "error", + "short_name": "PossibleMisuseOfUndetectedInfinity", + "tags": [ + "correctness", + "external/misra/c/2012/amendment3" + ] + }, + { + "description": "Evaluation of floating-point expressions shall not lead to the undetected generation of NaNs.", + "kind": "path-problem", + "name": "Evaluation of floating-point expressions shall not lead to the undetected generation of NaNs", + "precision": "high", + "severity": "error", + "short_name": "PossibleMisuseOfUndetectedNaN", + "tags": [ + "correctness", + "external/misra/c/2012/amendment3" + ] + } + ], + "title": "Evaluation of floating-point expressions shall not lead to the undetected generation of infinities and NaNs" + } + } +} \ No newline at end of file From 16d44f1ae793cbdcca2854bf610cd8f0d707776c Mon Sep 17 00:00:00 2001 From: MichaelRFairhurst <1627771+MichaelRFairhurst@users.noreply.github.com> Date: Sat, 1 Feb 2025 03:15:52 +0000 Subject: [PATCH 2375/2573] Upgrading `github/codeql` dependency to 2.19.4 --- c/cert/src/codeql-pack.lock.yml | 20 +++++++++---------- c/cert/src/qlpack.yml | 2 +- c/cert/test/codeql-pack.lock.yml | 20 +++++++++---------- c/common/src/codeql-pack.lock.yml | 20 +++++++++---------- c/common/src/qlpack.yml | 2 +- c/common/test/codeql-pack.lock.yml | 20 +++++++++---------- c/misra/src/codeql-pack.lock.yml | 20 +++++++++---------- c/misra/src/qlpack.yml | 2 +- c/misra/test/codeql-pack.lock.yml | 20 +++++++++---------- cpp/autosar/src/codeql-pack.lock.yml | 20 +++++++++---------- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/codeql-pack.lock.yml | 20 +++++++++---------- cpp/cert/src/codeql-pack.lock.yml | 20 +++++++++---------- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/codeql-pack.lock.yml | 20 +++++++++---------- cpp/common/src/codeql-pack.lock.yml | 20 +++++++++---------- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/codeql-pack.lock.yml | 20 +++++++++---------- cpp/misra/src/codeql-pack.lock.yml | 20 +++++++++---------- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/codeql-pack.lock.yml | 20 +++++++++---------- cpp/report/src/codeql-pack.lock.yml | 20 +++++++++---------- cpp/report/src/qlpack.yml | 2 +- .../queries/codeql-pack.lock.yml | 20 +++++++++---------- scripts/generate_modules/queries/qlpack.yml | 2 +- supported_codeql_configs.json | 6 +++--- 26 files changed, 172 insertions(+), 172 deletions(-) diff --git a/c/cert/src/codeql-pack.lock.yml b/c/cert/src/codeql-pack.lock.yml index 910a6e060e..ab9a39f9c1 100644 --- a/c/cert/src/codeql-pack.lock.yml +++ b/c/cert/src/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 1.4.2 + version: 2.1.1 codeql/dataflow: - version: 1.1.1 + version: 1.1.6 codeql/mad: - version: 1.0.7 + version: 1.0.12 codeql/rangeanalysis: - version: 1.0.7 + version: 1.0.12 codeql/ssa: - version: 1.0.7 + version: 1.0.12 codeql/tutorial: - version: 1.0.7 + version: 1.0.12 codeql/typeflow: - version: 1.0.7 + version: 1.0.12 codeql/typetracking: - version: 1.0.7 + version: 1.0.12 codeql/util: - version: 1.0.7 + version: 1.0.12 codeql/xml: - version: 1.0.7 + version: 1.0.12 compiled: false diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index d5ba524b14..6e023bc238 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -5,4 +5,4 @@ suites: codeql-suites license: MIT dependencies: codeql/common-c-coding-standards: '*' - codeql/cpp-all: 1.4.2 + codeql/cpp-all: 2.1.1 diff --git a/c/cert/test/codeql-pack.lock.yml b/c/cert/test/codeql-pack.lock.yml index 910a6e060e..ab9a39f9c1 100644 --- a/c/cert/test/codeql-pack.lock.yml +++ b/c/cert/test/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 1.4.2 + version: 2.1.1 codeql/dataflow: - version: 1.1.1 + version: 1.1.6 codeql/mad: - version: 1.0.7 + version: 1.0.12 codeql/rangeanalysis: - version: 1.0.7 + version: 1.0.12 codeql/ssa: - version: 1.0.7 + version: 1.0.12 codeql/tutorial: - version: 1.0.7 + version: 1.0.12 codeql/typeflow: - version: 1.0.7 + version: 1.0.12 codeql/typetracking: - version: 1.0.7 + version: 1.0.12 codeql/util: - version: 1.0.7 + version: 1.0.12 codeql/xml: - version: 1.0.7 + version: 1.0.12 compiled: false diff --git a/c/common/src/codeql-pack.lock.yml b/c/common/src/codeql-pack.lock.yml index 910a6e060e..ab9a39f9c1 100644 --- a/c/common/src/codeql-pack.lock.yml +++ b/c/common/src/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 1.4.2 + version: 2.1.1 codeql/dataflow: - version: 1.1.1 + version: 1.1.6 codeql/mad: - version: 1.0.7 + version: 1.0.12 codeql/rangeanalysis: - version: 1.0.7 + version: 1.0.12 codeql/ssa: - version: 1.0.7 + version: 1.0.12 codeql/tutorial: - version: 1.0.7 + version: 1.0.12 codeql/typeflow: - version: 1.0.7 + version: 1.0.12 codeql/typetracking: - version: 1.0.7 + version: 1.0.12 codeql/util: - version: 1.0.7 + version: 1.0.12 codeql/xml: - version: 1.0.7 + version: 1.0.12 compiled: false diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index e775358108..9188ad8bda 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -3,4 +3,4 @@ version: 2.42.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 1.4.2 + codeql/cpp-all: 2.1.1 diff --git a/c/common/test/codeql-pack.lock.yml b/c/common/test/codeql-pack.lock.yml index 910a6e060e..ab9a39f9c1 100644 --- a/c/common/test/codeql-pack.lock.yml +++ b/c/common/test/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 1.4.2 + version: 2.1.1 codeql/dataflow: - version: 1.1.1 + version: 1.1.6 codeql/mad: - version: 1.0.7 + version: 1.0.12 codeql/rangeanalysis: - version: 1.0.7 + version: 1.0.12 codeql/ssa: - version: 1.0.7 + version: 1.0.12 codeql/tutorial: - version: 1.0.7 + version: 1.0.12 codeql/typeflow: - version: 1.0.7 + version: 1.0.12 codeql/typetracking: - version: 1.0.7 + version: 1.0.12 codeql/util: - version: 1.0.7 + version: 1.0.12 codeql/xml: - version: 1.0.7 + version: 1.0.12 compiled: false diff --git a/c/misra/src/codeql-pack.lock.yml b/c/misra/src/codeql-pack.lock.yml index 910a6e060e..ab9a39f9c1 100644 --- a/c/misra/src/codeql-pack.lock.yml +++ b/c/misra/src/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 1.4.2 + version: 2.1.1 codeql/dataflow: - version: 1.1.1 + version: 1.1.6 codeql/mad: - version: 1.0.7 + version: 1.0.12 codeql/rangeanalysis: - version: 1.0.7 + version: 1.0.12 codeql/ssa: - version: 1.0.7 + version: 1.0.12 codeql/tutorial: - version: 1.0.7 + version: 1.0.12 codeql/typeflow: - version: 1.0.7 + version: 1.0.12 codeql/typetracking: - version: 1.0.7 + version: 1.0.12 codeql/util: - version: 1.0.7 + version: 1.0.12 codeql/xml: - version: 1.0.7 + version: 1.0.12 compiled: false diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 0ed5ef8b97..721a052e6b 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -6,4 +6,4 @@ license: MIT default-suite-file: codeql-suites/misra-c-default.qls dependencies: codeql/common-c-coding-standards: '*' - codeql/cpp-all: 1.4.2 + codeql/cpp-all: 2.1.1 diff --git a/c/misra/test/codeql-pack.lock.yml b/c/misra/test/codeql-pack.lock.yml index 910a6e060e..ab9a39f9c1 100644 --- a/c/misra/test/codeql-pack.lock.yml +++ b/c/misra/test/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 1.4.2 + version: 2.1.1 codeql/dataflow: - version: 1.1.1 + version: 1.1.6 codeql/mad: - version: 1.0.7 + version: 1.0.12 codeql/rangeanalysis: - version: 1.0.7 + version: 1.0.12 codeql/ssa: - version: 1.0.7 + version: 1.0.12 codeql/tutorial: - version: 1.0.7 + version: 1.0.12 codeql/typeflow: - version: 1.0.7 + version: 1.0.12 codeql/typetracking: - version: 1.0.7 + version: 1.0.12 codeql/util: - version: 1.0.7 + version: 1.0.12 codeql/xml: - version: 1.0.7 + version: 1.0.12 compiled: false diff --git a/cpp/autosar/src/codeql-pack.lock.yml b/cpp/autosar/src/codeql-pack.lock.yml index 910a6e060e..ab9a39f9c1 100644 --- a/cpp/autosar/src/codeql-pack.lock.yml +++ b/cpp/autosar/src/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 1.4.2 + version: 2.1.1 codeql/dataflow: - version: 1.1.1 + version: 1.1.6 codeql/mad: - version: 1.0.7 + version: 1.0.12 codeql/rangeanalysis: - version: 1.0.7 + version: 1.0.12 codeql/ssa: - version: 1.0.7 + version: 1.0.12 codeql/tutorial: - version: 1.0.7 + version: 1.0.12 codeql/typeflow: - version: 1.0.7 + version: 1.0.12 codeql/typetracking: - version: 1.0.7 + version: 1.0.12 codeql/util: - version: 1.0.7 + version: 1.0.12 codeql/xml: - version: 1.0.7 + version: 1.0.12 compiled: false diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index 80f6d1b0d2..e4d17b7309 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -5,4 +5,4 @@ suites: codeql-suites license: MIT dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 1.4.2 + codeql/cpp-all: 2.1.1 diff --git a/cpp/autosar/test/codeql-pack.lock.yml b/cpp/autosar/test/codeql-pack.lock.yml index 910a6e060e..ab9a39f9c1 100644 --- a/cpp/autosar/test/codeql-pack.lock.yml +++ b/cpp/autosar/test/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 1.4.2 + version: 2.1.1 codeql/dataflow: - version: 1.1.1 + version: 1.1.6 codeql/mad: - version: 1.0.7 + version: 1.0.12 codeql/rangeanalysis: - version: 1.0.7 + version: 1.0.12 codeql/ssa: - version: 1.0.7 + version: 1.0.12 codeql/tutorial: - version: 1.0.7 + version: 1.0.12 codeql/typeflow: - version: 1.0.7 + version: 1.0.12 codeql/typetracking: - version: 1.0.7 + version: 1.0.12 codeql/util: - version: 1.0.7 + version: 1.0.12 codeql/xml: - version: 1.0.7 + version: 1.0.12 compiled: false diff --git a/cpp/cert/src/codeql-pack.lock.yml b/cpp/cert/src/codeql-pack.lock.yml index 910a6e060e..ab9a39f9c1 100644 --- a/cpp/cert/src/codeql-pack.lock.yml +++ b/cpp/cert/src/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 1.4.2 + version: 2.1.1 codeql/dataflow: - version: 1.1.1 + version: 1.1.6 codeql/mad: - version: 1.0.7 + version: 1.0.12 codeql/rangeanalysis: - version: 1.0.7 + version: 1.0.12 codeql/ssa: - version: 1.0.7 + version: 1.0.12 codeql/tutorial: - version: 1.0.7 + version: 1.0.12 codeql/typeflow: - version: 1.0.7 + version: 1.0.12 codeql/typetracking: - version: 1.0.7 + version: 1.0.12 codeql/util: - version: 1.0.7 + version: 1.0.12 codeql/xml: - version: 1.0.7 + version: 1.0.12 compiled: false diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index 3005c15ec3..b0645353f6 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -4,5 +4,5 @@ description: CERT C++ 2016 suites: codeql-suites license: MIT dependencies: - codeql/cpp-all: 1.4.2 + codeql/cpp-all: 2.1.1 codeql/common-cpp-coding-standards: '*' diff --git a/cpp/cert/test/codeql-pack.lock.yml b/cpp/cert/test/codeql-pack.lock.yml index 910a6e060e..ab9a39f9c1 100644 --- a/cpp/cert/test/codeql-pack.lock.yml +++ b/cpp/cert/test/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 1.4.2 + version: 2.1.1 codeql/dataflow: - version: 1.1.1 + version: 1.1.6 codeql/mad: - version: 1.0.7 + version: 1.0.12 codeql/rangeanalysis: - version: 1.0.7 + version: 1.0.12 codeql/ssa: - version: 1.0.7 + version: 1.0.12 codeql/tutorial: - version: 1.0.7 + version: 1.0.12 codeql/typeflow: - version: 1.0.7 + version: 1.0.12 codeql/typetracking: - version: 1.0.7 + version: 1.0.12 codeql/util: - version: 1.0.7 + version: 1.0.12 codeql/xml: - version: 1.0.7 + version: 1.0.12 compiled: false diff --git a/cpp/common/src/codeql-pack.lock.yml b/cpp/common/src/codeql-pack.lock.yml index 910a6e060e..ab9a39f9c1 100644 --- a/cpp/common/src/codeql-pack.lock.yml +++ b/cpp/common/src/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 1.4.2 + version: 2.1.1 codeql/dataflow: - version: 1.1.1 + version: 1.1.6 codeql/mad: - version: 1.0.7 + version: 1.0.12 codeql/rangeanalysis: - version: 1.0.7 + version: 1.0.12 codeql/ssa: - version: 1.0.7 + version: 1.0.12 codeql/tutorial: - version: 1.0.7 + version: 1.0.12 codeql/typeflow: - version: 1.0.7 + version: 1.0.12 codeql/typetracking: - version: 1.0.7 + version: 1.0.12 codeql/util: - version: 1.0.7 + version: 1.0.12 codeql/xml: - version: 1.0.7 + version: 1.0.12 compiled: false diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index d97b322120..4b4619e6b9 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -2,6 +2,6 @@ name: codeql/common-cpp-coding-standards version: 2.42.0-dev license: MIT dependencies: - codeql/cpp-all: 1.4.2 + codeql/cpp-all: 2.1.1 dataExtensions: - ext/*.model.yml diff --git a/cpp/common/test/codeql-pack.lock.yml b/cpp/common/test/codeql-pack.lock.yml index 910a6e060e..ab9a39f9c1 100644 --- a/cpp/common/test/codeql-pack.lock.yml +++ b/cpp/common/test/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 1.4.2 + version: 2.1.1 codeql/dataflow: - version: 1.1.1 + version: 1.1.6 codeql/mad: - version: 1.0.7 + version: 1.0.12 codeql/rangeanalysis: - version: 1.0.7 + version: 1.0.12 codeql/ssa: - version: 1.0.7 + version: 1.0.12 codeql/tutorial: - version: 1.0.7 + version: 1.0.12 codeql/typeflow: - version: 1.0.7 + version: 1.0.12 codeql/typetracking: - version: 1.0.7 + version: 1.0.12 codeql/util: - version: 1.0.7 + version: 1.0.12 codeql/xml: - version: 1.0.7 + version: 1.0.12 compiled: false diff --git a/cpp/misra/src/codeql-pack.lock.yml b/cpp/misra/src/codeql-pack.lock.yml index 910a6e060e..ab9a39f9c1 100644 --- a/cpp/misra/src/codeql-pack.lock.yml +++ b/cpp/misra/src/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 1.4.2 + version: 2.1.1 codeql/dataflow: - version: 1.1.1 + version: 1.1.6 codeql/mad: - version: 1.0.7 + version: 1.0.12 codeql/rangeanalysis: - version: 1.0.7 + version: 1.0.12 codeql/ssa: - version: 1.0.7 + version: 1.0.12 codeql/tutorial: - version: 1.0.7 + version: 1.0.12 codeql/typeflow: - version: 1.0.7 + version: 1.0.12 codeql/typetracking: - version: 1.0.7 + version: 1.0.12 codeql/util: - version: 1.0.7 + version: 1.0.12 codeql/xml: - version: 1.0.7 + version: 1.0.12 compiled: false diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index fc3162ffb4..2c8f21a82f 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -5,4 +5,4 @@ default-suite: codeql-suites/misra-cpp-default.qls license: MIT dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 1.4.2 + codeql/cpp-all: 2.1.1 diff --git a/cpp/misra/test/codeql-pack.lock.yml b/cpp/misra/test/codeql-pack.lock.yml index 910a6e060e..ab9a39f9c1 100644 --- a/cpp/misra/test/codeql-pack.lock.yml +++ b/cpp/misra/test/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 1.4.2 + version: 2.1.1 codeql/dataflow: - version: 1.1.1 + version: 1.1.6 codeql/mad: - version: 1.0.7 + version: 1.0.12 codeql/rangeanalysis: - version: 1.0.7 + version: 1.0.12 codeql/ssa: - version: 1.0.7 + version: 1.0.12 codeql/tutorial: - version: 1.0.7 + version: 1.0.12 codeql/typeflow: - version: 1.0.7 + version: 1.0.12 codeql/typetracking: - version: 1.0.7 + version: 1.0.12 codeql/util: - version: 1.0.7 + version: 1.0.12 codeql/xml: - version: 1.0.7 + version: 1.0.12 compiled: false diff --git a/cpp/report/src/codeql-pack.lock.yml b/cpp/report/src/codeql-pack.lock.yml index 910a6e060e..ab9a39f9c1 100644 --- a/cpp/report/src/codeql-pack.lock.yml +++ b/cpp/report/src/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 1.4.2 + version: 2.1.1 codeql/dataflow: - version: 1.1.1 + version: 1.1.6 codeql/mad: - version: 1.0.7 + version: 1.0.12 codeql/rangeanalysis: - version: 1.0.7 + version: 1.0.12 codeql/ssa: - version: 1.0.7 + version: 1.0.12 codeql/tutorial: - version: 1.0.7 + version: 1.0.12 codeql/typeflow: - version: 1.0.7 + version: 1.0.12 codeql/typetracking: - version: 1.0.7 + version: 1.0.12 codeql/util: - version: 1.0.7 + version: 1.0.12 codeql/xml: - version: 1.0.7 + version: 1.0.12 compiled: false diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index 1a8ea75e77..3203133ffc 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/report-cpp-coding-standards version: 2.42.0-dev license: MIT dependencies: - codeql/cpp-all: 1.4.2 + codeql/cpp-all: 2.1.1 diff --git a/scripts/generate_modules/queries/codeql-pack.lock.yml b/scripts/generate_modules/queries/codeql-pack.lock.yml index 910a6e060e..ab9a39f9c1 100644 --- a/scripts/generate_modules/queries/codeql-pack.lock.yml +++ b/scripts/generate_modules/queries/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 1.4.2 + version: 2.1.1 codeql/dataflow: - version: 1.1.1 + version: 1.1.6 codeql/mad: - version: 1.0.7 + version: 1.0.12 codeql/rangeanalysis: - version: 1.0.7 + version: 1.0.12 codeql/ssa: - version: 1.0.7 + version: 1.0.12 codeql/tutorial: - version: 1.0.7 + version: 1.0.12 codeql/typeflow: - version: 1.0.7 + version: 1.0.12 codeql/typetracking: - version: 1.0.7 + version: 1.0.12 codeql/util: - version: 1.0.7 + version: 1.0.12 codeql/xml: - version: 1.0.7 + version: 1.0.12 compiled: false diff --git a/scripts/generate_modules/queries/qlpack.yml b/scripts/generate_modules/queries/qlpack.yml index 88a48269e7..d2c729dfb9 100644 --- a/scripts/generate_modules/queries/qlpack.yml +++ b/scripts/generate_modules/queries/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/standard-library-extraction-cpp-coding-standards version: 0.0.0 license: MIT dependencies: - codeql/cpp-all: 1.4.2 + codeql/cpp-all: 2.1.1 diff --git a/supported_codeql_configs.json b/supported_codeql_configs.json index b143f67fe9..77534bd53d 100644 --- a/supported_codeql_configs.json +++ b/supported_codeql_configs.json @@ -1,9 +1,9 @@ { "supported_environment": [ { - "codeql_cli": "2.18.4", - "codeql_standard_library": "codeql-cli/v2.18.4", - "codeql_cli_bundle": "codeql-bundle-v2.18.4" + "codeql_cli": "2.19.4", + "codeql_standard_library": "codeql-cli/v2.19.4", + "codeql_cli_bundle": "codeql-bundle-v2.19.4" } ], "supported_language": [ From 59ebba0f3c52d090b1c07c0e732db7d740485870 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Mon, 3 Feb 2025 19:11:59 -0800 Subject: [PATCH 2376/2573] Support guards isinf(), isfinite(), isnan(), etc --- .../PossibleMisuseOfUndetectedInfinity.ql | 12 + .../DIR-4-15/PossibleMisuseOfUndetectedNaN.ql | 41 ++- ...ossibleMisuseOfUndetectedInfinity.expected | 59 +++- .../PossibleMisuseOfUndetectedNaN.expected | 43 ++- c/misra/test/rules/DIR-4-15/test.c | 99 +++++- .../src/codingstandards/cpp/FloatingPoint.qll | 317 +++++++++++++++++- .../cpp/RestrictedRangeAnalysis.qll | 22 +- 7 files changed, 521 insertions(+), 72 deletions(-) diff --git a/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.ql b/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.ql index 84a3fbfd3c..97dd251083 100644 --- a/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.ql +++ b/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.ql @@ -44,6 +44,18 @@ module InvalidInfinityUsage implements DataFlow::ConfigSig { exprMayEqualInfinity(node.asExpr(), _) } + predicate isBarrierOut(DataFlow::Node node) { + guardedNotFPClass(node.asExpr(), TInfinite()) + or + exists(Expr e | + e.getType() instanceof IntegralType and + e = node.asConvertedExpr() + ) + or + // Sinks are places where Infinity produce a finite value + isSink(node) + } + /** * An additional flow step to handle operations which propagate Infinity. * diff --git a/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql b/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql index 6962a1c36d..036d470247 100644 --- a/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql +++ b/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql @@ -89,7 +89,6 @@ class InvalidOperationExpr extends BinaryOperation { } module InvalidNaNUsage implements DataFlow::ConfigSig { - /** * An expression which has non-NaN inputs and may produce a NaN output. */ @@ -108,6 +107,15 @@ module InvalidNaNUsage implements DataFlow::ConfigSig { node.asExpr() instanceof InvalidOperationExpr } + predicate isBarrierOut(DataFlow::Node node) { + guardedNotFPClass(node.asExpr(), TNaN()) + or + exists(Expr e | + e.getType() instanceof IntegralType and + e = node.asConvertedExpr() + ) + } + /** * Add an additional flow step to handle NaN propagation through floating point operations. */ @@ -120,21 +128,24 @@ module InvalidNaNUsage implements DataFlow::ConfigSig { } predicate isSink(DataFlow::Node node) { - // Case 1: NaNs shall not be compared, except to themselves - exists(ComparisonOperation cmp | - node.asExpr() = cmp.getAnOperand() and - not hashCons(cmp.getLeftOperand()) = hashCons(cmp.getRightOperand()) - ) - or - // Case 2: NaNs and infinities shall not be cast to integers - exists(Conversion c | - node.asExpr() = c.getUnconverted() and - c.getExpr().getType() instanceof FloatingPointType and - c.getType() instanceof IntegralType + not guardedNotFPClass(node.asExpr(), TNaN()) and + ( + // Case 1: NaNs shall not be compared, except to themselves + exists(ComparisonOperation cmp | + node.asExpr() = cmp.getAnOperand() and + not hashCons(cmp.getLeftOperand()) = hashCons(cmp.getRightOperand()) + ) + or + // Case 2: NaNs and infinities shall not be cast to integers + exists(Conversion c | + node.asExpr() = c.getUnconverted() and + c.getExpr().getType() instanceof FloatingPointType and + c.getType() instanceof IntegralType + ) + //or + //// Case 4: Functions shall not return NaNs or infinities + //exists(ReturnStmt ret | node.asExpr() = ret.getExpr()) ) - //or - //// Case 4: Functions shall not return NaNs or infinities - //exists(ReturnStmt ret | node.asExpr() = ret.getExpr()) } } diff --git a/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.expected b/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.expected index 78f4c6baec..75534df6a0 100644 --- a/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.expected +++ b/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.expected @@ -1,5 +1,6 @@ edges | test.c:8:14:8:20 | ... / ... | test.c:8:14:8:20 | ... / ... | provenance | | +| test.c:8:14:8:20 | ... / ... | test.c:9:14:9:16 | - ... | provenance | Config | | test.c:8:14:8:20 | ... / ... | test.c:12:8:12:9 | l2 | provenance | | | test.c:8:14:8:20 | ... / ... | test.c:18:3:18:9 | l2 | provenance | | | test.c:8:14:8:20 | ... / ... | test.c:27:19:27:20 | l2 | provenance | | @@ -9,8 +10,17 @@ edges | test.c:9:14:9:16 | - ... | test.c:28:19:28:20 | l3 | provenance | | | test.c:31:14:32:15 | ... / ... | test.c:31:14:32:15 | ... / ... | provenance | | | test.c:31:14:32:15 | ... / ... | test.c:38:3:38:9 | l7 | provenance | | -| test.c:33:14:33:22 | ... / ... | test.c:33:14:33:22 | ... / ... | provenance | | -| test.c:33:14:33:22 | ... / ... | test.c:39:3:39:9 | l8 | provenance | | +| test.c:77:15:77:21 | ... / ... | test.c:77:15:77:21 | ... / ... | provenance | | +| test.c:77:15:77:21 | ... / ... | test.c:79:5:79:12 | l12 | provenance | | +| test.c:77:15:77:21 | ... / ... | test.c:87:5:87:12 | l12 | provenance | | +| test.c:77:15:77:21 | ... / ... | test.c:91:5:91:12 | l12 | provenance | | +| test.c:77:15:77:21 | ... / ... | test.c:93:5:93:12 | l12 | provenance | | +| test.c:77:15:77:21 | ... / ... | test.c:99:5:99:12 | l12 | provenance | | +| test.c:77:15:77:21 | ... / ... | test.c:105:5:105:12 | l12 | provenance | | +| test.c:77:15:77:21 | ... / ... | test.c:111:5:111:12 | l12 | provenance | | +| test.c:77:15:77:21 | ... / ... | test.c:114:16:114:23 | l12 | provenance | | +| test.c:77:15:77:21 | ... / ... | test.c:117:23:117:30 | l12 | provenance | | +| test.c:77:15:77:21 | ... / ... | test.c:120:20:120:27 | l12 | provenance | | nodes | test.c:8:14:8:20 | ... / ... | semmle.label | ... / ... | | test.c:8:14:8:20 | ... / ... | semmle.label | ... / ... | @@ -24,25 +34,46 @@ nodes | test.c:28:19:28:20 | l3 | semmle.label | l3 | | test.c:31:14:32:15 | ... / ... | semmle.label | ... / ... | | test.c:31:14:32:15 | ... / ... | semmle.label | ... / ... | -| test.c:33:14:33:22 | ... / ... | semmle.label | ... / ... | -| test.c:33:14:33:22 | ... / ... | semmle.label | ... / ... | | test.c:38:3:38:9 | l7 | semmle.label | l7 | -| test.c:39:3:39:9 | l8 | semmle.label | l8 | -| test.c:61:5:61:19 | ... / ... | semmle.label | ... / ... | -| test.c:66:5:66:21 | ... / ... | semmle.label | ... / ... | -| test.c:72:14:72:30 | ... / ... | semmle.label | ... / ... | -| test.c:75:18:75:34 | ... / ... | semmle.label | ... / ... | +| test.c:61:5:61:18 | ... / ... | semmle.label | ... / ... | +| test.c:66:5:66:20 | ... / ... | semmle.label | ... / ... | +| test.c:72:14:72:29 | ... / ... | semmle.label | ... / ... | +| test.c:75:18:75:33 | ... / ... | semmle.label | ... / ... | +| test.c:77:15:77:21 | ... / ... | semmle.label | ... / ... | +| test.c:77:15:77:21 | ... / ... | semmle.label | ... / ... | +| test.c:79:5:79:12 | l12 | semmle.label | l12 | +| test.c:87:5:87:12 | l12 | semmle.label | l12 | +| test.c:91:5:91:12 | l12 | semmle.label | l12 | +| test.c:93:5:93:12 | l12 | semmle.label | l12 | +| test.c:99:5:99:12 | l12 | semmle.label | l12 | +| test.c:105:5:105:12 | l12 | semmle.label | l12 | +| test.c:111:5:111:12 | l12 | semmle.label | l12 | +| test.c:114:16:114:23 | l12 | semmle.label | l12 | +| test.c:117:23:117:30 | l12 | semmle.label | l12 | +| test.c:120:20:120:27 | l12 | semmle.label | l12 | subpaths #select | test.c:12:8:12:9 | l2 | test.c:8:14:8:20 | ... / ... | test.c:12:8:12:9 | l2 | Invalid usage of possible $@. | test.c:8:14:8:20 | ... / ... | infinity | +| test.c:13:8:13:9 | l3 | test.c:8:14:8:20 | ... / ... | test.c:13:8:13:9 | l3 | Invalid usage of possible $@. | test.c:8:14:8:20 | ... / ... | infinity | | test.c:13:8:13:9 | l3 | test.c:9:14:9:16 | - ... | test.c:13:8:13:9 | l3 | Invalid usage of possible $@. | test.c:9:14:9:16 | - ... | infinity | | test.c:18:8:18:9 | l2 | test.c:8:14:8:20 | ... / ... | test.c:18:3:18:9 | l2 | Invalid usage of possible $@. | test.c:8:14:8:20 | ... / ... | infinity | +| test.c:19:8:19:9 | l3 | test.c:8:14:8:20 | ... / ... | test.c:19:3:19:9 | l3 | Invalid usage of possible $@. | test.c:8:14:8:20 | ... / ... | infinity | | test.c:19:8:19:9 | l3 | test.c:9:14:9:16 | - ... | test.c:19:3:19:9 | l3 | Invalid usage of possible $@. | test.c:9:14:9:16 | - ... | infinity | | test.c:27:19:27:20 | l2 | test.c:8:14:8:20 | ... / ... | test.c:27:19:27:20 | l2 | Invalid usage of possible $@. | test.c:8:14:8:20 | ... / ... | infinity | +| test.c:28:19:28:20 | l3 | test.c:8:14:8:20 | ... / ... | test.c:28:19:28:20 | l3 | Invalid usage of possible $@. | test.c:8:14:8:20 | ... / ... | infinity | | test.c:28:19:28:20 | l3 | test.c:9:14:9:16 | - ... | test.c:28:19:28:20 | l3 | Invalid usage of possible $@. | test.c:9:14:9:16 | - ... | infinity | | test.c:38:8:38:9 | l7 | test.c:31:14:32:15 | ... / ... | test.c:38:3:38:9 | l7 | Invalid usage of possible $@. | test.c:31:14:32:15 | ... / ... | infinity | -| test.c:39:8:39:9 | l8 | test.c:33:14:33:22 | ... / ... | test.c:39:3:39:9 | l8 | Invalid usage of possible $@. | test.c:33:14:33:22 | ... / ... | infinity | -| test.c:61:12:61:18 | ... / ... | test.c:61:5:61:19 | ... / ... | test.c:61:5:61:19 | ... / ... | Invalid usage of possible $@. | test.c:61:5:61:19 | ... / ... | infinity | -| test.c:66:12:66:20 | ... / ... | test.c:66:5:66:21 | ... / ... | test.c:66:5:66:21 | ... / ... | Invalid usage of possible $@. | test.c:66:5:66:21 | ... / ... | infinity | -| test.c:72:21:72:29 | ... / ... | test.c:72:14:72:30 | ... / ... | test.c:72:14:72:30 | ... / ... | Invalid usage of possible $@. | test.c:72:14:72:30 | ... / ... | infinity | -| test.c:75:25:75:33 | ... / ... | test.c:75:18:75:34 | ... / ... | test.c:75:18:75:34 | ... / ... | Invalid usage of possible $@. | test.c:75:18:75:34 | ... / ... | infinity | +| test.c:61:11:61:17 | ... / ... | test.c:61:5:61:18 | ... / ... | test.c:61:5:61:18 | ... / ... | Invalid usage of possible $@. | test.c:61:5:61:18 | ... / ... | infinity | +| test.c:66:11:66:19 | ... / ... | test.c:66:5:66:20 | ... / ... | test.c:66:5:66:20 | ... / ... | Invalid usage of possible $@. | test.c:66:5:66:20 | ... / ... | infinity | +| test.c:72:20:72:28 | ... / ... | test.c:72:14:72:29 | ... / ... | test.c:72:14:72:29 | ... / ... | Invalid usage of possible $@. | test.c:72:14:72:29 | ... / ... | infinity | +| test.c:75:24:75:32 | ... / ... | test.c:75:18:75:33 | ... / ... | test.c:75:18:75:33 | ... / ... | Invalid usage of possible $@. | test.c:75:18:75:33 | ... / ... | infinity | +| test.c:79:10:79:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:79:5:79:12 | l12 | Invalid usage of possible $@. | test.c:77:15:77:21 | ... / ... | infinity | +| test.c:87:10:87:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:87:5:87:12 | l12 | Invalid usage of possible $@. | test.c:77:15:77:21 | ... / ... | infinity | +| test.c:91:10:91:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:91:5:91:12 | l12 | Invalid usage of possible $@. | test.c:77:15:77:21 | ... / ... | infinity | +| test.c:93:10:93:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:93:5:93:12 | l12 | Invalid usage of possible $@. | test.c:77:15:77:21 | ... / ... | infinity | +| test.c:99:10:99:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:99:5:99:12 | l12 | Invalid usage of possible $@. | test.c:77:15:77:21 | ... / ... | infinity | +| test.c:105:10:105:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:105:5:105:12 | l12 | Invalid usage of possible $@. | test.c:77:15:77:21 | ... / ... | infinity | +| test.c:111:10:111:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:111:5:111:12 | l12 | Invalid usage of possible $@. | test.c:77:15:77:21 | ... / ... | infinity | +| test.c:114:21:114:23 | l12 | test.c:77:15:77:21 | ... / ... | test.c:114:16:114:23 | l12 | Invalid usage of possible $@. | test.c:77:15:77:21 | ... / ... | infinity | +| test.c:117:28:117:30 | l12 | test.c:77:15:77:21 | ... / ... | test.c:117:23:117:30 | l12 | Invalid usage of possible $@. | test.c:77:15:77:21 | ... / ... | infinity | +| test.c:120:25:120:27 | l12 | test.c:77:15:77:21 | ... / ... | test.c:120:20:120:27 | l12 | Invalid usage of possible $@. | test.c:77:15:77:21 | ... / ... | infinity | diff --git a/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.expected b/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.expected index f317f236ef..e59d43d867 100644 --- a/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.expected +++ b/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.expected @@ -16,6 +16,15 @@ edges | test.c:33:14:33:22 | ... / ... | test.c:33:14:33:22 | ... / ... | provenance | | | test.c:33:14:33:22 | ... / ... | test.c:39:3:39:9 | l8 | provenance | | | test.c:33:14:33:22 | ... / ... | test.c:54:3:54:4 | l8 | provenance | | +| test.c:122:15:122:21 | ... / ... | test.c:122:15:122:21 | ... / ... | provenance | | +| test.c:122:15:122:21 | ... / ... | test.c:126:5:126:12 | l13 | provenance | | +| test.c:122:15:122:21 | ... / ... | test.c:132:5:132:12 | l13 | provenance | | +| test.c:122:15:122:21 | ... / ... | test.c:138:5:138:12 | l13 | provenance | | +| test.c:122:15:122:21 | ... / ... | test.c:144:5:144:12 | l13 | provenance | | +| test.c:122:15:122:21 | ... / ... | test.c:148:5:148:12 | l13 | provenance | | +| test.c:122:15:122:21 | ... / ... | test.c:154:20:154:27 | l13 | provenance | | +| test.c:122:15:122:21 | ... / ... | test.c:156:23:156:30 | l13 | provenance | | +| test.c:122:15:122:21 | ... / ... | test.c:157:16:157:23 | l13 | provenance | | nodes | test.c:27:14:27:20 | ... / ... | semmle.label | ... / ... | | test.c:27:14:27:20 | ... / ... | semmle.label | ... / ... | @@ -38,10 +47,20 @@ nodes | test.c:52:3:52:4 | l6 | semmle.label | l6 | | test.c:53:3:53:4 | l7 | semmle.label | l7 | | test.c:54:3:54:4 | l8 | semmle.label | l8 | -| test.c:61:5:61:19 | ... / ... | semmle.label | ... / ... | -| test.c:66:5:66:21 | ... / ... | semmle.label | ... / ... | -| test.c:72:14:72:30 | ... / ... | semmle.label | ... / ... | -| test.c:75:18:75:34 | ... / ... | semmle.label | ... / ... | +| test.c:61:5:61:18 | ... / ... | semmle.label | ... / ... | +| test.c:66:5:66:20 | ... / ... | semmle.label | ... / ... | +| test.c:72:14:72:29 | ... / ... | semmle.label | ... / ... | +| test.c:75:18:75:33 | ... / ... | semmle.label | ... / ... | +| test.c:122:15:122:21 | ... / ... | semmle.label | ... / ... | +| test.c:122:15:122:21 | ... / ... | semmle.label | ... / ... | +| test.c:126:5:126:12 | l13 | semmle.label | l13 | +| test.c:132:5:132:12 | l13 | semmle.label | l13 | +| test.c:138:5:138:12 | l13 | semmle.label | l13 | +| test.c:144:5:144:12 | l13 | semmle.label | l13 | +| test.c:148:5:148:12 | l13 | semmle.label | l13 | +| test.c:154:20:154:27 | l13 | semmle.label | l13 | +| test.c:156:23:156:30 | l13 | semmle.label | l13 | +| test.c:157:16:157:23 | l13 | semmle.label | l13 | subpaths #select | test.c:36:8:36:9 | l5 | test.c:27:14:27:20 | ... / ... | test.c:36:3:36:9 | l5 | Invalid usage of possible $@. | test.c:27:14:27:20 | ... / ... | NaN resulting from possible division of infinity by infinity | @@ -57,7 +76,15 @@ subpaths | test.c:52:3:52:4 | l6 | test.c:28:14:28:20 | ... / ... | test.c:52:3:52:4 | l6 | Invalid usage of possible $@. | test.c:28:14:28:20 | ... / ... | NaN resulting from possible division of infinity by infinity | | test.c:53:3:53:4 | l7 | test.c:31:14:32:15 | ... / ... | test.c:53:3:53:4 | l7 | Invalid usage of possible $@. | test.c:31:14:32:15 | ... / ... | NaN resulting from possible division of zero by zero | | test.c:54:3:54:4 | l8 | test.c:33:14:33:22 | ... / ... | test.c:54:3:54:4 | l8 | Invalid usage of possible $@. | test.c:33:14:33:22 | ... / ... | NaN resulting from possible division of zero by zero | -| test.c:61:12:61:18 | ... / ... | test.c:61:5:61:19 | ... / ... | test.c:61:5:61:19 | ... / ... | Invalid usage of possible $@. | test.c:61:5:61:19 | ... / ... | NaN resulting from possible division of zero by zero | -| test.c:66:12:66:20 | ... / ... | test.c:66:5:66:21 | ... / ... | test.c:66:5:66:21 | ... / ... | Invalid usage of possible $@. | test.c:66:5:66:21 | ... / ... | NaN resulting from possible division of zero by zero | -| test.c:72:21:72:29 | ... / ... | test.c:72:14:72:30 | ... / ... | test.c:72:14:72:30 | ... / ... | Invalid usage of possible $@. | test.c:72:14:72:30 | ... / ... | NaN resulting from possible division of zero by zero | -| test.c:75:25:75:33 | ... / ... | test.c:75:18:75:34 | ... / ... | test.c:75:18:75:34 | ... / ... | Invalid usage of possible $@. | test.c:75:18:75:34 | ... / ... | NaN resulting from possible division of zero by zero | +| test.c:61:11:61:17 | ... / ... | test.c:61:5:61:18 | ... / ... | test.c:61:5:61:18 | ... / ... | Invalid usage of possible $@. | test.c:61:5:61:18 | ... / ... | NaN resulting from possible division of zero by zero | +| test.c:66:11:66:19 | ... / ... | test.c:66:5:66:20 | ... / ... | test.c:66:5:66:20 | ... / ... | Invalid usage of possible $@. | test.c:66:5:66:20 | ... / ... | NaN resulting from possible division of zero by zero | +| test.c:72:20:72:28 | ... / ... | test.c:72:14:72:29 | ... / ... | test.c:72:14:72:29 | ... / ... | Invalid usage of possible $@. | test.c:72:14:72:29 | ... / ... | NaN resulting from possible division of zero by zero | +| test.c:75:24:75:32 | ... / ... | test.c:75:18:75:33 | ... / ... | test.c:75:18:75:33 | ... / ... | Invalid usage of possible $@. | test.c:75:18:75:33 | ... / ... | NaN resulting from possible division of zero by zero | +| test.c:126:10:126:12 | l13 | test.c:122:15:122:21 | ... / ... | test.c:126:5:126:12 | l13 | Invalid usage of possible $@. | test.c:122:15:122:21 | ... / ... | NaN resulting from possible division of zero by zero | +| test.c:132:10:132:12 | l13 | test.c:122:15:122:21 | ... / ... | test.c:132:5:132:12 | l13 | Invalid usage of possible $@. | test.c:122:15:122:21 | ... / ... | NaN resulting from possible division of zero by zero | +| test.c:138:10:138:12 | l13 | test.c:122:15:122:21 | ... / ... | test.c:138:5:138:12 | l13 | Invalid usage of possible $@. | test.c:122:15:122:21 | ... / ... | NaN resulting from possible division of zero by zero | +| test.c:144:10:144:12 | l13 | test.c:122:15:122:21 | ... / ... | test.c:144:5:144:12 | l13 | Invalid usage of possible $@. | test.c:122:15:122:21 | ... / ... | NaN resulting from possible division of zero by zero | +| test.c:148:10:148:12 | l13 | test.c:122:15:122:21 | ... / ... | test.c:148:5:148:12 | l13 | Invalid usage of possible $@. | test.c:122:15:122:21 | ... / ... | NaN resulting from possible division of zero by zero | +| test.c:154:25:154:27 | l13 | test.c:122:15:122:21 | ... / ... | test.c:154:20:154:27 | l13 | Invalid usage of possible $@. | test.c:122:15:122:21 | ... / ... | NaN resulting from possible division of zero by zero | +| test.c:156:28:156:30 | l13 | test.c:122:15:122:21 | ... / ... | test.c:156:23:156:30 | l13 | Invalid usage of possible $@. | test.c:122:15:122:21 | ... / ... | NaN resulting from possible division of zero by zero | +| test.c:157:21:157:23 | l13 | test.c:122:15:122:21 | ... / ... | test.c:157:16:157:23 | l13 | Invalid usage of possible $@. | test.c:122:15:122:21 | ... / ... | NaN resulting from possible division of zero by zero | diff --git a/c/misra/test/rules/DIR-4-15/test.c b/c/misra/test/rules/DIR-4-15/test.c index d634a6e594..d0f9ab5418 100644 --- a/c/misra/test/rules/DIR-4-15/test.c +++ b/c/misra/test/rules/DIR-4-15/test.c @@ -56,21 +56,104 @@ void f1(float p1) { // Guards float l9 = 0; if (l9 != 0) { - (int) (l9 / l9); // COMPLIANT: l9 is not zero + (int)(l9 / l9); // COMPLIANT: l9 is not zero } else { - (int) (l9 / l9); // NON_COMPLIANT: Casting NaN to integer + (int)(l9 / l9); // NON_COMPLIANT: Guarded to not be NaN } float l10 = 0; if (l10 == 0) { - (int) (l10 / l10); // NON_COMPLIANT: Casting NaN to integer + (int)(l10 / l10); // NON_COMPLIANT: Casting NaN to integer } else { - (int) (l10 / l10); // COMPLIANT: l10 is not zero + (int)(l10 / l10); // COMPLIANT: Guarded to not be NaN } float l11 = 0; - l11 == 0 ? (int) (l11 / l11) : 0; // NON_COMPLIANT - l11 == 0 ? 0 : (int) (l11 / l11); // COMPLIANT - l11 != 0 ? (int) (l11 / l11) : 0; // COMPLIANT - l11 != 0 ? 0 : (int) (l11 / l11); // NON_COMPLIANT + l11 == 0 ? (int)(l11 / l11) : 0; // NON_COMPLIANT + l11 == 0 ? 0 : (int)(l11 / l11); // COMPLIANT + l11 != 0 ? (int)(l11 / l11) : 0; // COMPLIANT + l11 != 0 ? 0 : (int)(l11 / l11); // NON_COMPLIANT + + float l12 = 1.0 / 0; + if (isinf(l12)) { + (int)l12; // NON_COMPLIANT: Casting Infinity to integer + } else { + (int)l12; // COMPLIANT: Guarded not to be Infinity + } + + if (!isinf(l12)) { + (int)l12; // COMPLIANT: Guarded not to be Infinity + } else { + (int)l12; // NON_COMPLIANT: Casting Infinity to integer + } + + if (isinf(l12) == 1) { + (int)l12; // NON_COMPLIANT: Must be +Infinity + } else { + (int)l12; // NON_COMPLIANT: May be -Infinity + } + + if (isfinite(l12)) { + (int)l12; // COMPLIANT: Guarded not to be Infinity + } else { + (int)l12; // NON_COMPLIANT: Casting Infinity to integer + } + + if (isnormal(l12)) { + (int)l12; // COMPLIANT: Guarded not to be Infinity + } else { + (int)l12; // NON_COMPLIANT: Casting Infinity to integer + } + + if (isnan(l12)) { + (int)l12; // COMPLIANT: Guarded not to be Infinity + } else { + (int)l12; // NON_COMPLIANT: Casting Infinity to integer + } + + isinf(l12) ? (int)l12 : 0; // NON_COMPLIANT: Check on wrong branch + isinf(l12) ? 0 : (int)l12; // COMPLIANT: Checked not infinite before use + isfinite(l12) ? (int)l12 : 0; // COMPLIANT: Checked finite before use + isfinite(l12) ? 0 : (int)l12; // NON_COMPLIANT: Checked on wrong branch + isnan(l12) ? (int)l12 + : 0; // COMPLIANT: Checked NaN, therefore not infinite, before use + isnan(l12) ? 0 : (int)l12; // NON_COMPLIANT: Check on wrong branch + + float l13 = 0.0 / 0; + if (isinf(l13)) { + (int)l13; // COMPLIANT: Guarded not to be NaN + } else { + (int)l13; // NON_COMPLIANT: Casting NaN to integer + } + + if (isinf(l13) == 1) { + (int)l13; // COMPLIANT: Guarded not to be NaN (must be +Infinity) + } else { + (int)l13; // NON_COMPLIANT: Casting NaN to integer + } + + if (isfinite(l13)) { + (int)l13; // COMPLIANT: Guarded not to be NaN + } else { + (int)l13; // NON_COMPLIANT: Casting NaN to integer + } + + if (isnormal(l13)) { + (int)l13; // COMPLIANT: Guarded not to be NaN + } else { + (int)l13; // NON_COMPLIANT: Casting NaN to integer + } + + if (isnan(l13)) { + (int)l13; // NON_COMPLIANT: Casting NaN to integer + } else { + (int)l13; // COMPLIANT: Guarded not to be NaN + } + + isinf(l13) ? (int)l13 : 0; // COMPLIANT: Checked infinite, therefore not NaN, before use + isinf(l13) ? 0 : (int)l13; // COMPLIANT: Check on wrong branch + isfinite(l13) ? (int)l13 : 0; // COMPLIANT: Checked finite before use + isfinite(l13) ? 0 : (int)l13; // NON_COMPLIANT: Checked on wrong branch + isnan(l13) ? (int)l13 : 0; // NON_COMPLIANT: Check on wrong branch + isnan(l13) ? 0 : (int)l13; // COMPLIANT: Checked not NaN before use } \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/FloatingPoint.qll b/cpp/common/src/codingstandards/cpp/FloatingPoint.qll index d143f81418..f3ba8dba18 100644 --- a/cpp/common/src/codingstandards/cpp/FloatingPoint.qll +++ b/cpp/common/src/codingstandards/cpp/FloatingPoint.qll @@ -7,6 +7,294 @@ predicate exprMayEqualZero(Expr e) { not guardedNotEqualZero(e) } +newtype TFPClassification = + TFinite() or + TNaN() or + TInfinite() + +class FPClassification extends TFPClassification { + string toString() { + this = TFinite() and + result = "finite" + or + this = TNaN() and + result = "NaN" + or + this = TInfinite() and + result = "infinite" + } +} + +newtype TFPClassificationConstraint = + /* The value may be infinite, NaN, or finite. */ + TUnclassified() or + /** + * The value must be one of: infinite, NaN, or finite. + * + * If strict is `true` then this inverts naively. For example, `!isfinite(x)` means `x` must not + * be finite. However, `!iszero(x)` is true for some finite values, and inverts to + * `TUnclassified`. + */ + TExactFPClassification(TFPClassification cls, Boolean strict) or + /* The value must not be one of: infinite, NaN, or finite. */ + TExcludeFPClassification(TFPClassification cls1) + +class FPClassificationConstraint extends TFPClassificationConstraint { + string toString() { + this = TUnclassified() and + result = "unclassified" + or + exists(FPClassification cls, Boolean strict | + this = TExactFPClassification(cls, strict) and + result = "must be " + cls.toString() + ", strict: " + strict.toString() + or + this = TExcludeFPClassification(cls) and + result = "must NOT be " + cls.toString() + ) + } + + /** + * Invert the constraint, for instance, "must be finite" becomes "must not be finite". + * + * Non-strict exact constraints are inverted to the unclassified constraint. For example, + * `iszero(x)` guarantees `x` to be finite, however, `!iszero(x)` can be true for all three + * classes of floating point values. + * + * The unclassified constraint inverts to itself. + */ + FPClassificationConstraint invert() { + // Unclassified inverts to itself. + this = TUnclassified() and result = this + or + exists(FPClassification cls | + // `!isfinite()` implies is infinite or NaN. + this = TExactFPClassification(cls, true) and + result = TExcludeFPClassification(cls) + or + // `!iszero()` implies nothing. + this = TExactFPClassification(cls, false) and + result = TUnclassified() + or + // For completeness: `!isfinite(x) ? ... : x` would imply `isfinite(x)`. + this = TExcludeFPClassification(cls) and + result = TExactFPClassification(cls, true) + ) + } + + /** + * Naively invert the constraint, for instance, "must be finite" becomes "must not be finite". + * + * Word of caution: inverting a guard condition does not necessarily invert the constraint. For + * example, `iszero(x)` guarantees `x` to be finite, however, `isnotzero(x)` does not guarantee + * `x` not to be finite. + * + * The unclassified constraint is not inverted. + */ + FPClassificationConstraint naiveInversion() { + this = TUnclassified() and result = this + or + exists(FPClassification cls | + this = TExactFPClassification(cls, _) and + result = TExcludeFPClassification(cls) + or + this = TExcludeFPClassification(cls) and + result = TExactFPClassification(cls, true) + ) + } + + predicate mustBe(FPClassification cls) { this = TExactFPClassification(cls, _) } + + predicate mustNotBe(FPClassification cls) { + this = TExcludeFPClassification(cls) + or + this = TExactFPClassification(_, _) and + not this = TExactFPClassification(cls, _) + } + + predicate mayBe(FPClassification cls) { not mustNotBe(cls) } +} + +/** + * The names of the functions or macros that classify floating point values. + * + * These names reflect a check that a value is finite, or infinite, or NaN. Finite and NaN checks + * are either strict (return true for all values in the class) or not (return true for some + * values). + * + * The infinite check is always strict, and specially, returns 1 or -1 for positive or negative + * infinity. + */ +newtype TFPClassifierName = + TClassifiesFinite(string name, boolean strict) { + strict = true and + name = ["finite" + ["", "l", "f"], "isfinite"] + or + strict = false and + name = ["isnormal", "issubnormal", "iszero"] + } or + TClassifiesNaN(string name, boolean strict) { + strict = true and + name = "isnan" + ["", "f", "l"] + or + strict = false and + name = "issignaling" + } or + TClassifiesInfinite(string name) { name = "isinf" + ["", "f", "l"] } + +class FPClassifierName extends TFPClassifierName { + string name; + boolean strict; + + FPClassifierName() { + this = TClassifiesFinite(name, strict) + or + this = TClassifiesInfinite(name) and + strict = true + or + this = TClassifiesNaN(name, strict) + } + + string toString() { result = name } + + /** The classification name, for instance, "isfinite". */ + string getName() { result = name } + + /** + * Whether the check holds for all values in the class, or only some. + * + * For instance, "isfinite" is strict because it returns true for all finite values, but + * "isnormal" is not as it returns false for some finite values. + */ + predicate isStrict() { strict = true } + + FPClassificationConstraint getConstraint() { + this = TClassifiesFinite(_, strict) and + result = TExactFPClassification(any(TFinite t), strict) + or + this = TClassifiesNaN(_, strict) and + result = TExactFPClassification(any(TNaN t), strict) + or + this = TClassifiesInfinite(_) and + // TODO: isinf() is special + result = TExactFPClassification(any(TInfinite t), false) + } +} + +/** + * An invocation of a classification function, for instance, "isfinite(x)", implemented as a macro. + */ +class FPClassifierMacroInvocation extends MacroInvocation { + FPClassifierName classifier; + + FPClassifierMacroInvocation() { getMacroName() = classifier.getName() } + + Expr getCheckedExpr() { + // Getting the checked expr in a cross-platform way is extroardinarily difficult, as glibc has + // multiple conditional implementations of the same macro. Assume the checked expr is a + // variable access so we can search optimistically like so: + exists(VariableAccess va | + va.getTarget().getName() = getExpandedArgument(0) and + va = getAnExpandedElement() and + result = va + ) + } + + /** + * The classification name, for instance, "isfinite". + */ + FPClassifierName getFPClassifierName() { result = classifier } +} + +/** + * A classification function, for instance, "isfinite", when implemented as a function. + */ +class FPClassifierFunction extends Function { + FPClassifierName classifier; + + FPClassifierFunction() { getName() = classifier.getName() } + + FPClassifierName getFPClassifierName() { result = classifier } +} + +class FPClassificationGuard instanceof GuardCondition { + Expr floatExpr; + Expr checkResultExpr; + FPClassifierName classifier; + + FPClassificationGuard() { + super.comparesEq(checkResultExpr, _, _, _) and + ( + exists(FPClassifierMacroInvocation m | + floatExpr = m.getCheckedExpr() and + checkResultExpr = m.getExpr() and + classifier = m.getFPClassifierName() + ) + or + exists(FunctionCall fc, FPClassifierFunction f | + fc.getTarget() = f and + floatExpr = fc.getArgument(0) and + checkResultExpr = fc and + classifier = f.getFPClassifierName() + ) + ) + } + + string toString() { + result = + classifier.toString() + " guard on " + floatExpr.toString() + " via " + + checkResultExpr.toString() + } + + predicate constrainsFPClass(Expr e, FPClassificationConstraint constraint, Boolean testIsTrue) { + floatExpr = e and + exists(BooleanValue value, boolean areEqual, int testResult, FPClassificationConstraint base | + super.comparesEq(checkResultExpr, testResult, areEqual, value) and + base = getBaseConstraint(areEqual, testResult) and + if value.getValue() = testIsTrue then constraint = base else constraint = base.invert() + ) + } + + // Helper function, gets base constraint assuming `classifier() == value` or `classifier != value`. + private FPClassificationConstraint getBaseConstraint(Boolean areEqual, int testResult) { + exists(FPClassificationConstraint base | + testResult = 0 and + exists(Boolean strict | + // Handle isfinite() != 0: + classifier = TClassifiesFinite(_, strict) and + base = TExactFPClassification(TFinite(), strict) + or + // Handle isNaN() != 0: + classifier = TClassifiesNaN(_, strict) and + base = TExactFPClassification(TNaN(), strict) + or + // Handle isinf() != 0, which matches for +/- infinity: + classifier = TClassifiesInfinite(_) and + base = TExactFPClassification(TInfinite(), true) + ) and + // Invert the base constraint in the case of `classifier() == 0` + if areEqual = false then result = base else result = base.invert() + or + // Handle isinf() == 1 or isInf() == -1, which matches for one of +/- infinity: + testResult = 1 and + classifier = TClassifiesInfinite(_) and + base = TExactFPClassification(TInfinite(), false) and + // Invert the base constraint in the case of `classifier() != 1` + if areEqual = true then result = base else result = base.invert() + // TODO: handle fpclassify() == FP_INFINITE, FP_NAN, FP_NORMAL, FP_ZERO, etc. + ) + } + + predicate controls(Expr e, boolean testIsTrue) { + exists(IRGuardCondition irg, IRBlock irb, Instruction eir, BooleanValue bval | + irg.getUnconvertedResultExpression() = this and + bval.getValue() = testIsTrue and + irg.valueControls(irb, bval) and + eir.getAst().(ControlFlowNode).getBasicBlock() = e.getBasicBlock() and + eir.getBlock() = irb + ) + } +} + predicate guardedNotEqualZero(Expr e) { /* Note Boolean cmpEq, false means cmpNeq */ exists(Expr checked, GuardCondition guard, boolean cmpEq, BooleanValue value | @@ -28,24 +316,15 @@ predicate guardedNotEqualZero(Expr e) { ) } -predicate guardedNotInfinite(Expr e) { +predicate guardedNotFPClass(Expr e, FPClassification cls) { /* Note Boolean cmpEq, false means cmpNeq */ - exists(Expr c, GuardCondition guard, boolean cmpEq | - hashCons(c) = hashCons(e) and + exists( + Expr checked, FPClassificationGuard guard, FPClassificationConstraint constraint, boolean cmpEq + | + hashCons(checked) = hashCons(e) and guard.controls(e, cmpEq) and - guard.comparesEq(c, 0, cmpEq.booleanNot(), _) - ) -} - -predicate test(Expr e, Expr v, int k, boolean areEqual, Boolean value, Expr gce, BasicBlock bb) { - exists(GuardCondition gc | gce = gc | - gc.controls(bb, _) and - gc.comparesEq(e, v, k, areEqual, value) and - ( - //gc.getAChild+().toString().matches("%dfYRes%") or - e.getAChild*().toString().matches("%dfPseudoPanchro%") or - v.getAChild*().toString().matches("%dfPseudoPanchro%") - ) + guard.constrainsFPClass(checked, constraint, cmpEq) and + constraint.mustNotBe(cls) ) } @@ -57,5 +336,7 @@ predicate exprMayEqualInfinity(Expr e, Boolean positive) { | RestrictedRangeAnalysis::upperBound(e.getUnconverted()) = target or RestrictedRangeAnalysis::lowerBound(e.getUnconverted()) = target - ) -} \ No newline at end of file + ) and + not guardedNotFPClass(e, TInfinite()) and + not e.getType() instanceof IntegralType +} diff --git a/cpp/common/src/codingstandards/cpp/RestrictedRangeAnalysis.qll b/cpp/common/src/codingstandards/cpp/RestrictedRangeAnalysis.qll index 79ae2f367a..9b4bba8980 100644 --- a/cpp/common/src/codingstandards/cpp/RestrictedRangeAnalysis.qll +++ b/cpp/common/src/codingstandards/cpp/RestrictedRangeAnalysis.qll @@ -297,17 +297,21 @@ module RestrictedRangeAnalysis { } /** - * Holds if `expr` may divide by zero. + * Holds if `expr` may divide by zero. Excludes dividing a constant zero divided by zero, + * which produces NaN instead of an infinite value. */ - predicate dividesByZero(Expr expr) { - exists(Expr divisor | + predicate dividesNonzeroByZero(Expr expr) { + exists(Expr divisor, Expr numerator | divisor = expr.(DivExpr).getRightOperand() and + numerator = expr.(DivExpr).getLeftOperand() and getTruncatedLowerBounds(divisor) <= 0.0 and getTruncatedUpperBounds(divisor) >= 0.0 and - not isCheckedNotZero(divisor) + not isCheckedNotZero(divisor) and + not getValue(numerator).toFloat() = 0.0 ) } + /** * Holds if `expr` is checked with a guard to not be zero. * @@ -362,7 +366,7 @@ module RestrictedRangeAnalysis { // Introduces non-monotonic recursion. However, analysis mostly works with this // commented out. // or - // dividesByZero(e) + // dividesNonzeroByZero(e) or e instanceof DivExpr // TODO: confirm this is OK or @@ -681,7 +685,7 @@ module RestrictedRangeAnalysis { } private predicate lowerBoundableExpr(Expr expr) { - (analyzableExpr(expr) or dividesByZero(expr)) and + (analyzableExpr(expr) or dividesNonzeroByZero(expr)) and getUpperBoundsImpl(expr) <= Util::exprMaxVal(expr) and not exists(getValue(expr).toFloat()) } @@ -760,7 +764,7 @@ module RestrictedRangeAnalysis { * this predicate. */ private float getTruncatedUpperBounds(Expr expr) { - (analyzableExpr(expr) or dividesByZero(expr)) + (analyzableExpr(expr) or dividesNonzeroByZero(expr)) and ( // If the expression evaluates to a constant, then there is no // need to call getUpperBoundsImpl. @@ -827,7 +831,7 @@ module RestrictedRangeAnalysis { ) or exists(DivExpr div | expr = div | - dividesByZero(expr) and + dividesNonzeroByZero(expr) and result = getFullyConvertedLowerBounds(div.getLeftOperand()) / 0 ) or @@ -1032,7 +1036,7 @@ module RestrictedRangeAnalysis { ) or exists(DivExpr div | expr = div | - dividesByZero(expr) and + dividesNonzeroByZero(expr) and result = getFullyConvertedUpperBounds(div.getLeftOperand()) / 0 ) or From 1af6957b71ed825ab1d76c92588e082e05a17ec7 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 6 Feb 2025 10:17:27 +0000 Subject: [PATCH 2377/2573] M5-3-1: Exclude unknown types This ensures we consistently exclude unknown results for unevaluated contexts in uninstantiated templates. --- .../2025-02-06-m5-3-1-exclude-unknown-type.md | 2 ++ ...ogicalAndOrTheLogicalOperatorsShallHaveTypeBool.ql | 5 +++++ cpp/autosar/test/rules/M5-3-1/test.cpp | 11 ++++++++++- 3 files changed, 17 insertions(+), 1 deletion(-) create mode 100644 change_notes/2025-02-06-m5-3-1-exclude-unknown-type.md diff --git a/change_notes/2025-02-06-m5-3-1-exclude-unknown-type.md b/change_notes/2025-02-06-m5-3-1-exclude-unknown-type.md new file mode 100644 index 0000000000..ba7f50af45 --- /dev/null +++ b/change_notes/2025-02-06-m5-3-1-exclude-unknown-type.md @@ -0,0 +1,2 @@ + - `M5-3-1` - `EachOperandOfTheOperatorOfTheLogicalAndOrTheLogicalOperatorsShallHaveTypeBool.ql`: + - Consistently exclude results in unevaluated contexts associated with uninstantiated templates, for example `noexcept` specifiers and `static_assert`s. \ No newline at end of file diff --git a/cpp/autosar/src/rules/M5-3-1/EachOperandOfTheOperatorTheLogicalAndOrTheLogicalOperatorsShallHaveTypeBool.ql b/cpp/autosar/src/rules/M5-3-1/EachOperandOfTheOperatorTheLogicalAndOrTheLogicalOperatorsShallHaveTypeBool.ql index 03b4ae7f1c..e4589a364a 100644 --- a/cpp/autosar/src/rules/M5-3-1/EachOperandOfTheOperatorTheLogicalAndOrTheLogicalOperatorsShallHaveTypeBool.ql +++ b/cpp/autosar/src/rules/M5-3-1/EachOperandOfTheOperatorTheLogicalAndOrTheLogicalOperatorsShallHaveTypeBool.ql @@ -25,6 +25,11 @@ where ) and t = operand.getType() and not t.getUnderlyingType().getUnspecifiedType() instanceof BoolType and + // Ignore cases where the type is unknown - this will typically be in unevaluated contexts + // within uninstantiated templates. It's necessary to check for this explicitly because + // not all unevaluated contexts are considered to be `isFromUninstantiatedTemplate(_)`, + // e.g. `noexcept` specifiers + not t instanceof UnknownType and not exists(ReferenceType rt | rt = t.getUnderlyingType().getUnspecifiedType() and rt.getBaseType() instanceof BoolType ) and diff --git a/cpp/autosar/test/rules/M5-3-1/test.cpp b/cpp/autosar/test/rules/M5-3-1/test.cpp index 9098e4e40e..4bda4c6682 100644 --- a/cpp/autosar/test/rules/M5-3-1/test.cpp +++ b/cpp/autosar/test/rules/M5-3-1/test.cpp @@ -25,4 +25,13 @@ template class A { void f() { A a; a.test1(); -} \ No newline at end of file +} + +template constexpr bool some_variable_template_v = false; +template <> constexpr bool some_variable_template_v = true; + +template +void template_with_no_except() noexcept(some_variable_template_v && + true) { // COMPLIANT +} +void test_template() { template_with_no_except(); } \ No newline at end of file From 879a6f27c9d29906e9b58e973574aba0360eccb3 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 6 Feb 2025 16:35:16 +0000 Subject: [PATCH 2378/2573] A3-1-5: Downgrade to an "audit" query This rule talks about developer intention in a way that is not possible to determine fully automatically with any confidence. We therefore downgrade this rule to an "audit" query. --- ...nTrivialNonTemplateFunctionDefinedInsideClassDefinition.ql | 1 + rule_packages/cpp/Classes.json | 4 +++- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/cpp/autosar/src/rules/A3-1-5/NonTrivialNonTemplateFunctionDefinedInsideClassDefinition.ql b/cpp/autosar/src/rules/A3-1-5/NonTrivialNonTemplateFunctionDefinedInsideClassDefinition.ql index 251f94d6eb..2edf73b6ee 100644 --- a/cpp/autosar/src/rules/A3-1-5/NonTrivialNonTemplateFunctionDefinedInsideClassDefinition.ql +++ b/cpp/autosar/src/rules/A3-1-5/NonTrivialNonTemplateFunctionDefinedInsideClassDefinition.ql @@ -7,6 +7,7 @@ * @precision very-high * @problem.severity recommendation * @tags external/autosar/id/a3-1-5 + * external/autosar/audit * external/autosar/allocated-target/design * external/autosar/enforcement/partially-automated * external/autosar/obligation/required diff --git a/rule_packages/cpp/Classes.json b/rule_packages/cpp/Classes.json index 6dd130a55b..d76a9b3bc5 100644 --- a/rule_packages/cpp/Classes.json +++ b/rule_packages/cpp/Classes.json @@ -185,7 +185,9 @@ "precision": "very-high", "severity": "recommendation", "short_name": "NonTrivialNonTemplateFunctionDefinedInsideClassDefinition", - "tags": [] + "tags": [ + "external/autosar/audit" + ] } ], "title": "A function definition shall only be placed in a class definition if (1) the function is intended to be inlined (2) it is a member function template (3) it is a member function of a class template." From 3f6235892f85ffbf1ff9e266fac003fcfeab1728 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 6 Feb 2025 16:39:14 +0000 Subject: [PATCH 2379/2573] Add change note --- change_notes/2025-02-06-a3-1-5-audit.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 change_notes/2025-02-06-a3-1-5-audit.md diff --git a/change_notes/2025-02-06-a3-1-5-audit.md b/change_notes/2025-02-06-a3-1-5-audit.md new file mode 100644 index 0000000000..3aa0e6671b --- /dev/null +++ b/change_notes/2025-02-06-a3-1-5-audit.md @@ -0,0 +1,2 @@ + - `A3-1-5` - `NonTrivalNonTemplateFunctionDefinedInsideClassDefinition.ql`: + - Mark this as an `audit` query. As a consequence, it will no longer be run as part of the default query suite for AUTOSAR. It can still be run as part of the `autosar-audit.qls` query suite. The query has been downgraded because the rule allows for functions to be declared in the class body if they were "intended" to be inlined, and that developer intention cannot be determined automatically from the code. \ No newline at end of file From 4ee762909b228630ae6f7da1bcab8ba7922b2df5 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 6 Feb 2025 12:00:56 -0800 Subject: [PATCH 2380/2573] Deduplicate and filter results, improve messages, handle performance issue --- .../PossibleMisuseOfUndetectedInfinity.ql | 69 ++++-- .../DIR-4-15/PossibleMisuseOfUndetectedNaN.ql | 68 ++++-- .../PossibleUndetectedNaNorInfinity.ql | 223 ------------------ .../PossibleUndetectedNaNorInfinity.expected | 1 - .../PossibleUndetectedNaNorInfinity.qlref | 1 - .../cpp/RestrictedRangeAnalysis.qll | 126 ++++++++-- 6 files changed, 207 insertions(+), 281 deletions(-) delete mode 100644 c/misra/src/rules/DIR-4-15/PossibleUndetectedNaNorInfinity.ql delete mode 100644 c/misra/test/rules/DIR-4-15/PossibleUndetectedNaNorInfinity.expected delete mode 100644 c/misra/test/rules/DIR-4-15/PossibleUndetectedNaNorInfinity.qlref diff --git a/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.ql b/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.ql index 97dd251083..10c370690b 100644 --- a/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.ql +++ b/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.ql @@ -73,44 +73,73 @@ module InvalidInfinityUsage implements DataFlow::ConfigSig { } predicate isSink(DataFlow::Node node) { + node instanceof InvalidInfinityUsage and ( // Require that range analysis finds this value potentially infinite, to avoid false positives // in the presence of guards. This may induce false negatives. - exprMayEqualInfinity(node.asExpr(), _) or + exprMayEqualInfinity(node.asExpr(), _) + or // Unanalyzable expressions are not checked against range analysis, which assumes a finite // range. not RestrictedRangeAnalysis::analyzableExpr(node.asExpr()) - ) and - ( - // Case 2: NaNs and infinities shall not be cast to integers - exists(Conversion c | - node.asExpr() = c.getUnconverted() and - c.getExpr().getType() instanceof FloatingPointType and - c.getType() instanceof IntegralType - ) - or - // Case 3: Infinities shall not underflow or otherwise produce finite values - exists(BinaryOperation op | - node.asExpr() = op.getRightOperand() and - op.getOperator() = ["/", "%"] - ) ) } } +class InvalidInfinityUsage extends DataFlow::Node { + string description; + string infinityDescription; + + InvalidInfinityUsage() { + // Case 2: NaNs and infinities shall not be cast to integers + exists(Conversion c | + asExpr() = c.getUnconverted() and + c.getExpr().getType() instanceof FloatingPointType and + c.getType() instanceof IntegralType and + description = "$@ casted to integer." and + infinityDescription = "Possibly infinite float value" + ) + or + // Case 3: Infinities shall not underflow or otherwise produce finite values + exists(BinaryOperation op | + asExpr() = op.getRightOperand() and + op.getOperator() = "/" and + description = "Division operation may silently underflow and produce zero, as the divisor $@." and + infinityDescription = "may be an infinite float value" + ) + } + + string getDescription() { result = description } + + string getInfinityDescription() { result = infinityDescription } +} + module InvalidInfinityFlow = DataFlow::Global; import InvalidInfinityFlow::PathGraph from Element elem, InvalidInfinityFlow::PathNode source, InvalidInfinityFlow::PathNode sink, - string msg, string sourceString + InvalidInfinityUsage usage, Expr sourceExpr, Element extra, string extraString where elem = MacroUnwrapper::unwrapElement(sink.getNode().asExpr()) and + not InvalidInfinityFlow::PathGraph::edges(_, source, _, _) and not isExcluded(elem, FloatingTypes2Package::possibleMisuseOfUndetectedInfinityQuery()) and + not sourceExpr.isFromTemplateInstantiation(_) and + not usage.asExpr().isFromTemplateInstantiation(_) and + usage = sink.getNode() and + sourceExpr = source.getNode().asExpr() and + InvalidInfinityFlow::flow(source.getNode(), usage) and ( - InvalidInfinityFlow::flow(source.getNode(), sink.getNode()) and - msg = "Invalid usage of possible $@." and - sourceString = "infinity" + if not sourceExpr.getEnclosingFunction() = usage.asExpr().getEnclosingFunction() + then + extraString = usage.getInfinityDescription() + " computed in function " + sourceExpr.getEnclosingFunction().getName() + and extra = sourceExpr.getEnclosingFunction() + else ( + extra = sourceExpr and + if sourceExpr instanceof DivExpr + then extraString = usage.getInfinityDescription() + " from division by zero" + else extraString = usage.getInfinityDescription() + ) ) -select elem, source, sink, msg, source, sourceString +select elem, source, sink, usage.getDescription(), extra, extraString \ No newline at end of file diff --git a/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql b/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql index 036d470247..942715fe2f 100644 --- a/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql +++ b/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql @@ -40,7 +40,7 @@ class InvalidOperationExpr extends BinaryOperation { exprMayEqualInfinity(getLeftOperand(), sign) and exprMayEqualInfinity(getRightOperand(), sign.booleanNot()) ) and - reason = "possible addition of infinity and negative infinity" + reason = "from addition of infinity and negative infinity" or // 7.1.2 continued getOperator() = "-" and @@ -48,35 +48,35 @@ class InvalidOperationExpr extends BinaryOperation { exprMayEqualInfinity(getLeftOperand(), sign) and exprMayEqualInfinity(getRightOperand(), sign) ) and - reason = "possible subtraction of an infinity from itself" + reason = "from subtraction of an infinity from itself" or // 7.1.3: multiplication of zero by infinity getOperator() = "*" and exprMayEqualZero(getAnOperand()) and exprMayEqualInfinity(getAnOperand(), _) and - reason = "possible multiplication of zero by infinity" + reason = "from multiplication of zero by infinity" or // 7.1.4: Division of zero by zero, or infinity by infinity getOperator() = "/" and exprMayEqualZero(getLeftOperand()) and exprMayEqualZero(getRightOperand()) and - reason = "possible division of zero by zero" + reason = "from division of zero by zero" or // 7.1.4 continued getOperator() = "/" and exprMayEqualInfinity(getLeftOperand(), _) and exprMayEqualInfinity(getRightOperand(), _) and - reason = "possible division of infinity by infinity" + reason = "from division of infinity by infinity" or // 7.1.5: x % y where y is zero or x is infinite getOperator() = "%" and exprMayEqualInfinity(getLeftOperand(), _) and - reason = "possible modulus of infinity" + reason = "from modulus of infinity" or // 7.1.5 continued getOperator() = "%" and exprMayEqualZero(getRightOperand()) and - reason = "possible modulus by zero" + reason = "from modulus by zero" // 7.1.6 handles the sqrt function, not covered here. // 7.1.7 declares exceptions during invalid conversions, which we catch as sinks in our flow // analysis. @@ -129,24 +129,39 @@ module InvalidNaNUsage implements DataFlow::ConfigSig { predicate isSink(DataFlow::Node node) { not guardedNotFPClass(node.asExpr(), TNaN()) and - ( + node instanceof InvalidNaNUsage + } +} + +class InvalidNaNUsage extends DataFlow::Node { + string description; + string nanDescription; + + InvalidNaNUsage() { // Case 1: NaNs shall not be compared, except to themselves exists(ComparisonOperation cmp | - node.asExpr() = cmp.getAnOperand() and - not hashCons(cmp.getLeftOperand()) = hashCons(cmp.getRightOperand()) + this.asExpr() = cmp.getAnOperand() and + not hashCons(cmp.getLeftOperand()) = hashCons(cmp.getRightOperand()) and + description = "Comparison involving a $@, which always evaluates to false." and + nanDescription = "possibly NaN float value" ) or // Case 2: NaNs and infinities shall not be cast to integers exists(Conversion c | - node.asExpr() = c.getUnconverted() and + this.asExpr() = c.getUnconverted() and c.getExpr().getType() instanceof FloatingPointType and - c.getType() instanceof IntegralType + c.getType() instanceof IntegralType and + description = "$@ casted to integer." and + nanDescription = "Possibly NaN float value" ) //or //// Case 4: Functions shall not return NaNs or infinities //exists(ReturnStmt ret | node.asExpr() = ret.getExpr()) - ) } + + string getDescription() { result = description } + + string getNaNDescription() { result = nanDescription } } module InvalidNaNFlow = DataFlow::Global; @@ -154,15 +169,26 @@ module InvalidNaNFlow = DataFlow::Global; import InvalidNaNFlow::PathGraph from - Element elem, InvalidNaNFlow::PathNode source, InvalidNaNFlow::PathNode sink, string msg, - string sourceString + Element elem, InvalidNaNFlow::PathNode source, InvalidNaNFlow::PathNode sink, + InvalidNaNUsage usage, Expr sourceExpr, string sourceString, Element extra, string extraString where + not InvalidNaNFlow::PathGraph::edges(_, source, _, _) and + not sourceExpr.isFromTemplateInstantiation(_) and + not usage.asExpr().isFromTemplateInstantiation(_) and elem = MacroUnwrapper::unwrapElement(sink.getNode().asExpr()) and - not isExcluded(elem, FloatingTypes2Package::possibleMisuseOfUndetectedNaNQuery()) and - ( - InvalidNaNFlow::flow(source.getNode(), sink.getNode()) and - msg = "Invalid usage of possible $@." and + usage = sink.getNode() and + sourceExpr = source.getNode().asExpr() and sourceString = - "NaN resulting from " + source.getNode().asExpr().(InvalidOperationExpr).getReason() + " (" + source.getNode().asExpr().(InvalidOperationExpr).getReason() + ")" and + InvalidNaNFlow::flow(source.getNode(), usage) and + ( + if not sourceExpr.getEnclosingFunction() = usage.asExpr().getEnclosingFunction() + then + extraString = usage.getNaNDescription() + sourceString + " computed in function " + sourceExpr.getEnclosingFunction().getName() + and extra = sourceExpr.getEnclosingFunction() + else ( + extra = sourceExpr and + extraString = usage.getNaNDescription() + sourceString + ) ) -select elem, source, sink, msg, source, sourceString +select elem, source, sink, usage.getDescription(), extra, extraString \ No newline at end of file diff --git a/c/misra/src/rules/DIR-4-15/PossibleUndetectedNaNorInfinity.ql b/c/misra/src/rules/DIR-4-15/PossibleUndetectedNaNorInfinity.ql deleted file mode 100644 index 94888a95e6..0000000000 --- a/c/misra/src/rules/DIR-4-15/PossibleUndetectedNaNorInfinity.ql +++ /dev/null @@ -1,223 +0,0 @@ -/** - * @id c/misra/possible-undetected-na-nor-infinity - * @name DIR-4-15: Evaluation of floating-point expressions shall not lead to the undetected generation of infinities - * @description Evaluation of floating-point expressions shall not lead to the undetected generation - * of infinities and NaNs. - * @kind path-problem - * @precision high - * @problem.severity error - * @tags external/misra/id/dir-4-15 - * correctness - * external/misra/c/2012/amendment3 - * external/misra/obligation/required - */ - -import cpp -import codeql.util.Boolean -import codingstandards.c.misra -import codingstandards.cpp.RestrictedRangeAnalysis -import codingstandards.cpp.FloatingPoint -import codingstandards.cpp.AlertReporting -import semmle.code.cpp.controlflow.Guards -import semmle.code.cpp.dataflow.new.DataFlow -import semmle.code.cpp.dataflow.new.TaintTracking -import semmle.code.cpp.controlflow.Dominance - -class CantHandleInfinityFunction extends Function { - CantHandleInfinityFunction() { not hasDefinition() and not getName() = "__fpclassifyl" } -} - -class InfinityCheckedExpr extends Expr { - InfinityCheckedExpr() { - exists(MacroInvocation mi | - mi.getMacroName() = ["isfinite", "isinf"] and - mi.getExpr() = this - ) - } - - Expr getCheckedExpr() { - result = - this.(ConditionalExpr) - .getThen() - .(LTExpr) - .getLesserOperand() - .(BitwiseAndExpr) - .getLeftOperand() - .(FunctionCall) - .getArgument(0) - } -} - -/* -signature module ResourceLeakConfigSig { - predicate isResource(DataFlow::Node node); - - predicate isFree(DataFlow::Node node, DataFlow::Node resource); - - default ControlFlowNode outOfScope(DataFlow::Node resource) { - result = resource.asExpr().getEnclosingFunction().getBlock().getLastStmt() - } - - default predicate isAlias(DataFlow::Node alias, DataFlow::Node resource) { - isResource(resource) and - DataFlow::localFlow(resource, alias) - } -} - -module ResourceLeak { - predicate isLeaked(DataFlow::Node resource, ControlFlowNode cfgNode) { - resource.asExpr() = cfgNode - or - isLeaked(resource, cfgNode.getAPredecessor()) and - not exists(DataFlow::Node free, DataFlow::Node freed | - free.asExpr() = cfgNode and - Config::isFree(free, freed) and - Config::isAlias(freed, resource) - ) - } - - private ControlFlowNode getARawLeak(DataFlow::Node resource) { - Config::isResource(resource) and - result = Config::outOfScope(resource) and - isLeaked(resource, result) - } - - ControlFlowNode getALeak(DataFlow::Node resource) { - result = getARawLeak(resource) and - not exists(DataFlow::Node dealiased | - Config::isResource(dealiased) and - Config::isAlias(resource, dealiased) and - not resource = dealiased and - result = getARawLeak(dealiased) - ) and - not exists(ControlFlowNode dominator | - dominator = getARawLeak(resource) and - strictlyDominates(dominator, result) - ) - } -} - -module MissedInfinityConfig implements ResourceLeakConfigSig { - predicate isResource(DataFlow::Node node) { - //exists(BinaryOperation expr | - // expr = node.asExpr() and - // expr.getOperator() = "/" and - // RestrictedRangeAnalysis::upperBound(expr.getRightOperand()) <= 0 and - // RestrictedRangeAnalysis::lowerBound(expr.getRightOperand()) >= 0 - //) - [ - RestrictedRangeAnalysis::upperBound(node.asExpr()), - RestrictedRangeAnalysis::lowerBound(node.asExpr()) - ].toString() = "Infinity" - //and not node.asExpr() instanceof VariableAccess - //and not node.asExpr() instanceof ArrayExpr - } - - predicate test(Expr expr, string lowerBound, string upperBound) { - //expr.getType() instanceof FloatingPointType - //and - lowerBound = RestrictedRangeAnalysis::lowerBound(expr).toString() and - upperBound = RestrictedRangeAnalysis::upperBound(expr).toString() and - [lowerBound, upperBound] = "Infinity" - } - - additional predicate testDiv( - DivExpr div, string lbDiv, string ubDiv, string lbNum, string ubNum, string lbDenom, - string ubDenom - ) { - lbDiv = RestrictedRangeAnalysis::lowerBound(div).toString() and - ubDiv = RestrictedRangeAnalysis::upperBound(div).toString() and - lbNum = RestrictedRangeAnalysis::lowerBound(div.getLeftOperand()).toString() and - ubNum = RestrictedRangeAnalysis::upperBound(div.getLeftOperand()).toString() and - lbDenom = RestrictedRangeAnalysis::lowerBound(div.getRightOperand()).toString() and - ubDenom = RestrictedRangeAnalysis::upperBound(div.getRightOperand()).toString() and - not lbDiv = ubDiv and - InvalidNaNUsage::isSource(DataFlow::exprNode(div)) - } - - predicate isFree(DataFlow::Node node, DataFlow::Node resource) { - isResource(resource) and - ( - node.asExpr().(InfinityCheckedExpr).getCheckedExpr() = resource.asExpr() - or - not [ - RestrictedRangeAnalysis::lowerBound(node.asExpr()), - RestrictedRangeAnalysis::upperBound(node.asExpr()) - ].toString() = "Infinity" and - isMove(node, resource) - ) - } - - predicate isMove(DataFlow::Node node, DataFlow::Node moved) { - isResource(moved) and - isAlias(node, moved) and - not exists(DataFlow::Node laterUse, ControlFlowNode later | - later = laterUse.asExpr() and - later = node.asExpr().getASuccessor+() and - hashCons(laterUse.asExpr()) = hashCons(moved.asExpr()) - ) - } - - ControlFlowNode outOfScope(DataFlow::Node resource) { - result = resource.asExpr().getEnclosingFunction().getBlock().getLastStmt() - or - exists(AssignExpr assign, DataFlow::Node alias | - assign.getRValue() = alias.asExpr() and - isAlias(alias, resource) and - not assign.getRValue().(VariableAccess).getTarget() instanceof StackVariable and - result = assign - ) - or - exists(FunctionCall fc | - fc.getArgument(_) = resource.asExpr() and - result = fc - ) - } - - predicate isAlias(DataFlow::Node alias, DataFlow::Node resource) { - TaintTracking::localTaint(resource, alias) - } -} - -import ResourceLeak as MissedInfinity -*/ - -//from Expr value, FunctionCall fc -//where -// not isExcluded(value, FloatingTypes2Package::possibleUndetectedNaNorInfinityQuery()) and -// [RestrictedRangeAnalysis::lowerBound(value), RestrictedRangeAnalysis::upperBound(value)].toString() = "Infinity" and -// value = fc.getAnArgument() and -// fc.getTarget() instanceof CantHandleInfinityFunction and -// not value instanceof InfinityCheckedExpr and -// not exists (GuardCondition g | -// g.controls(fc.getBasicBlock(), true) and -// g instanceof InfinityCheckedExpr -// // TODO check we check the right expr -// ) -//select -// value, "possible use of unchecked infinity as arg to " + fc.getTarget().getName() -//from DataFlow::Node node, ControlFlowNode leakPoint -//where -// not isExcluded(node.asExpr(), FloatingTypes2Package::possibleUndetectedNaNorInfinityQuery()) and -// leakPoint = MissedInfinity::getALeak(node) -// select node, "Expression generates an infinity which is not checked before $@.", leakPoint, "external leak point" - - -//import InvalidNaNFlow::PathGraph -//from Element elem, DataFlow::Node source, DataFlow::Node sink, string msg, string sourceString -from - Element elem, InvalidInfinityFlow::PathNode source, InvalidInfinityFlow::PathNode sink, - string msg, string sourceString -where - elem = MacroUnwrapper::unwrapElement(sink.getNode().asExpr()) and - not isExcluded(elem, FloatingTypes2Package::possibleUndetectedNaNorInfinityQuery()) and - ( - InvalidInfinityFlow::flow(source.getNode(), sink.getNode()) and - msg = "Invalid usage of possible $@." and - sourceString = "infinity" - //or - //InvalidNaNFlow::flow(source, sink) and - //msg = "Invalid usage of possible $@." and - //sourceString = "NaN resulting from " + source.asExpr().(InvalidOperationExpr).getReason() - ) -select elem, source, sink, msg, source, sourceString diff --git a/c/misra/test/rules/DIR-4-15/PossibleUndetectedNaNorInfinity.expected b/c/misra/test/rules/DIR-4-15/PossibleUndetectedNaNorInfinity.expected deleted file mode 100644 index 2ec1a0ac6c..0000000000 --- a/c/misra/test/rules/DIR-4-15/PossibleUndetectedNaNorInfinity.expected +++ /dev/null @@ -1 +0,0 @@ -No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/DIR-4-15/PossibleUndetectedNaNorInfinity.qlref b/c/misra/test/rules/DIR-4-15/PossibleUndetectedNaNorInfinity.qlref deleted file mode 100644 index 1ffb7ad071..0000000000 --- a/c/misra/test/rules/DIR-4-15/PossibleUndetectedNaNorInfinity.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/DIR-4-15/PossibleUndetectedNaNorInfinity.ql \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/RestrictedRangeAnalysis.qll b/cpp/common/src/codingstandards/cpp/RestrictedRangeAnalysis.qll index 9b4bba8980..8ae3c9c38b 100644 --- a/cpp/common/src/codingstandards/cpp/RestrictedRangeAnalysis.qll +++ b/cpp/common/src/codingstandards/cpp/RestrictedRangeAnalysis.qll @@ -1,5 +1,6 @@ import semmle.code.cpp.controlflow.Guards import semmle.code.cpp.valuenumbering.HashCons + /** * A fork of SimpleRangeAnalysis.qll, which is intended to only give * results with a conservative basis. @@ -311,7 +312,6 @@ module RestrictedRangeAnalysis { ) } - /** * Holds if `expr` is checked with a guard to not be zero. * @@ -332,7 +332,8 @@ module RestrictedRangeAnalysis { expr = def.getAUse(v) and isNEPhi(v, def, guardVa, 0) ) - or guardedHashConsNotEqualZero(expr) + or + guardedHashConsNotEqualZero(expr) } predicate guardedHashConsNotEqualZero(Expr e) { @@ -342,8 +343,8 @@ module RestrictedRangeAnalysis { valVal = getValue(val).toFloat() and guard.controls(e.getBasicBlock(), cmpEq) and ( - guard.comparesEq(check, val, -valVal, false, cmpEq) or - guard.comparesEq(val, check, -valVal, false, cmpEq) + guard.comparesEq(check, val, -valVal, false, cmpEq) or + guard.comparesEq(val, check, -valVal, false, cmpEq) ) ) } @@ -363,11 +364,11 @@ module RestrictedRangeAnalysis { dividesByPositive(e, _, _) or dividesByNegative(e, _, _) + or // Introduces non-monotonic recursion. However, analysis mostly works with this // commented out. // or // dividesNonzeroByZero(e) - or e instanceof DivExpr // TODO: confirm this is OK or e instanceof MinExpr @@ -469,6 +470,8 @@ module RestrictedRangeAnalysis { exprDependsOnDef(operand, srcDef, srcVar) ) or + exists(DivExpr div | div = e | exprDependsOnDef(div.getAnOperand(), srcDef, srcVar)) + or exists(MinExpr minExpr | e = minExpr | exprDependsOnDef(minExpr.getAnOperand(), srcDef, srcVar)) or exists(MaxExpr maxExpr | e = maxExpr | exprDependsOnDef(maxExpr.getAnOperand(), srcDef, srcVar)) @@ -595,6 +598,98 @@ module RestrictedRangeAnalysis { isRecursiveExpr(binop.getRightOperand()) } + private predicate applyWideningToBinary(BinaryOperation op) { + // Original behavior: + isRecursiveBinary(op) + or + // As we added support for DivExpr, we found cases of combinatorial explosion that are not + // caused by recursion. Given expr `x` that depends on a phi node that has evaluated y unique + // values, `x + x` will in the worst case evaluate to y^2 unique values, even if `x` is not + // recursive. By adding support for division, we have revealed certain pathological cases in + // open source code, for instance `posix_time_from_utc` from boringssl. We can reduce this + // greatly by widening, and targeting division effectively reduces the chains of evaluations + // that cause this issue while preserving the original behavior. + // + // There is also a set of functions intended to estimate the combinations of phi nodes each + // expression depends on, which could be used to accurately widen only expensive nodes. However, + // that estimation is more involved than it may seem, and hasn't yet resulted in a net + // improvement. See `estimatedPhiCombinationsExpr` and `estimatedPhiCombinationsDef`. + // + // This approach currently has the best performance. + op instanceof DivExpr + } + + /** + * Recursively scan this expr to see how many phi nodes it depends on. Binary expressions + * induce a combination effect, so `a + b` where `a` depends on 3 phi nodes and `b` depends on 4 + * will induce 3*4 = 12 phi node combinations. + * + * This currently requires additional optimization to be useful in practice. + */ + int estimatedPhiCombinationsExpr(Expr expr) { + if isRecursiveExpr(expr) + // Assume 10 values were computed to analyze recursive expressions. + then result = 10 + else ( + exists(RangeSsaDefinition def, StackVariable v | expr = def.getAUse(v) | + def.isPhiNode(v) and + result = estimatedPhiCombinationsDef(def, v) + ) + or + exists(BinaryOperation binop | + binop = expr and + result = + estimatedPhiCombinationsExpr(binop.getLeftOperand()) * + estimatedPhiCombinationsExpr(binop.getRightOperand()) + ) + or + not expr instanceof BinaryOperation and + exists(RangeSsaDefinition def, StackVariable v | exprDependsOnDef(expr, def, v) | + result = estimatedPhiCombinationsDef(def, v) + ) + or + not expr instanceof BinaryOperation and + not exprDependsOnDef(expr, _, _) and result = 1 + ) + } + + /** + * Recursively scan this def to see how many phi nodes it depends on. + * + * If this def is a phi node, it sums its downstream cost and adds one to account for itself, + * which is not exactly correct. + * + * This def may also be a crement expression (not currently supported), or an assign expr + * (currently not supported), or an unanalyzable expression which is the root of the recursion + * and given a value of 1. + */ + language[monotonicAggregates] + int estimatedPhiCombinationsDef(RangeSsaDefinition def, StackVariable v) { + if isRecursiveDef(def, v) + // Assume 10 values were computed to analyze recursive expressions. + then result = 10 + else ( + if def.isPhiNode(v) + then + exists(Expr e | e = def.getAUse(v) | + result = + 1 + + sum(RangeSsaDefinition srcDef | + srcDef = def.getAPhiInput(v) + | + estimatedPhiCombinationsDef(srcDef, v) + ) + ) + else ( + exists(Expr expr | assignmentDef(def, v, expr) | result = estimatedPhiCombinationsExpr(expr)) + or + v = def.getAVariable() and + not assignmentDef(def, v, _) and + result = 1 + ) + ) + } + /** * We distinguish 3 kinds of RangeSsaDefinition: * @@ -719,7 +814,7 @@ module RestrictedRangeAnalysis { if Util::exprMinVal(expr) <= newLB and newLB <= Util::exprMaxVal(expr) then // Apply widening where we might get a combinatorial explosion. - if isRecursiveBinary(expr) + if applyWideningToBinary(expr) then result = max(float widenLB | @@ -764,8 +859,8 @@ module RestrictedRangeAnalysis { * this predicate. */ private float getTruncatedUpperBounds(Expr expr) { - (analyzableExpr(expr) or dividesNonzeroByZero(expr)) - and ( + (analyzableExpr(expr) or dividesNonzeroByZero(expr)) and + ( // If the expression evaluates to a constant, then there is no // need to call getUpperBoundsImpl. if exists(getValue(expr).toFloat()) @@ -778,7 +873,7 @@ module RestrictedRangeAnalysis { if Util::exprMinVal(expr) <= newUB and newUB <= Util::exprMaxVal(expr) then // Apply widening where we might get a combinatorial explosion. - if isRecursiveBinary(expr) + if applyWideningToBinary(expr) then result = min(float widenUB | @@ -794,13 +889,14 @@ module RestrictedRangeAnalysis { exprMightOverflowNegatively(expr) and result = Util::exprMaxVal(expr) ) - ) or + ) + or not analyzableExpr(expr) and - // The expression is not analyzable, so its upper bound is - // unknown. Note that the call to exprMaxVal restricts the - // expressions to just those with arithmetic types. There is no - // need to return results for non-arithmetic expressions. - result = exprMaxVal(expr) + // The expression is not analyzable, so its upper bound is + // unknown. Note that the call to exprMaxVal restricts the + // expressions to just those with arithmetic types. There is no + // need to return results for non-arithmetic expressions. + result = exprMaxVal(expr) } /** Only to be called by `getTruncatedLowerBounds`. */ From dee226188f61262f5f5a02173c1545c7ad8783ca Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 7 Feb 2025 04:28:13 -0800 Subject: [PATCH 2381/2573] Widening/dedupe fixes, plus math lib support --- .../PossibleMisuseOfUndetectedInfinity.ql | 8 +- .../DIR-4-15/PossibleMisuseOfUndetectedNaN.ql | 74 +++++- ...ossibleMisuseOfUndetectedInfinity.expected | 82 ++++-- .../PossibleMisuseOfUndetectedNaN.expected | 108 +++++--- c/misra/test/rules/DIR-4-15/test.c | 59 ++++- .../cpp/RestrictedRangeAnalysis.qll | 242 +++++++++++++++++- 6 files changed, 496 insertions(+), 77 deletions(-) diff --git a/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.ql b/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.ql index 10c370690b..357a8fce71 100644 --- a/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.ql +++ b/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.ql @@ -51,9 +51,6 @@ module InvalidInfinityUsage implements DataFlow::ConfigSig { e.getType() instanceof IntegralType and e = node.asConvertedExpr() ) - or - // Sinks are places where Infinity produce a finite value - isSink(node) } /** @@ -81,7 +78,9 @@ module InvalidInfinityUsage implements DataFlow::ConfigSig { or // Unanalyzable expressions are not checked against range analysis, which assumes a finite // range. - not RestrictedRangeAnalysis::analyzableExpr(node.asExpr()) + not RestrictedRangeAnalysis::canBoundExpr(node.asExpr()) + or + node.asExpr().(VariableAccess).getTarget() instanceof Parameter ) } } @@ -124,6 +123,7 @@ from where elem = MacroUnwrapper::unwrapElement(sink.getNode().asExpr()) and not InvalidInfinityFlow::PathGraph::edges(_, source, _, _) and + not InvalidInfinityFlow::PathGraph::edges(sink, _, _, _) and not isExcluded(elem, FloatingTypes2Package::possibleMisuseOfUndetectedInfinityQuery()) and not sourceExpr.isFromTemplateInstantiation(_) and not usage.asExpr().isFromTemplateInstantiation(_) and diff --git a/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql b/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql index 942715fe2f..f850cc3e55 100644 --- a/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql +++ b/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql @@ -23,8 +23,73 @@ import semmle.code.cpp.dataflow.new.DataFlow import semmle.code.cpp.dataflow.new.TaintTracking import semmle.code.cpp.controlflow.Dominance +bindingset[name] +Function getMathVariants(string name) { result.hasGlobalOrStdName([name, name + "f", name + "l"]) } + +predicate hasDomainError(FunctionCall fc, string description) { + exists(Function functionWithDomainError | fc.getTarget() = functionWithDomainError | + functionWithDomainError = [getMathVariants(["acos", "asin", "atanh"])] and + not ( + RestrictedRangeAnalysis::upperBound(fc.getArgument(0)) <= 1.0 and + RestrictedRangeAnalysis::lowerBound(fc.getArgument(0)) >= -1.0 + ) and + description = + "the argument has a range " + RestrictedRangeAnalysis::lowerBound(fc.getArgument(0)) + "..." + + RestrictedRangeAnalysis::upperBound(fc.getArgument(0)) + " which is outside the domain of this function (-1.0...1.0)" + or + functionWithDomainError = getMathVariants(["atan2", "pow"]) and + ( + exprMayEqualZero(fc.getArgument(0)) and + exprMayEqualZero(fc.getArgument(1)) and + description = "both arguments are equal to zero" + ) + or + functionWithDomainError = getMathVariants("pow") and + ( + RestrictedRangeAnalysis::upperBound(fc.getArgument(0)) < 0.0 and + RestrictedRangeAnalysis::upperBound(fc.getArgument(1)) < 0.0 and + description = "both arguments are less than zero" + ) + or + functionWithDomainError = getMathVariants("acosh") and + RestrictedRangeAnalysis::upperBound(fc.getArgument(0)) < 1.0 and + description = "argument is less than 1" + or + //pole error is the same as domain for logb and tgamma (but not ilogb - no pole error exists) + functionWithDomainError = getMathVariants(["ilogb", "logb", "tgamma"]) and + exprMayEqualZero(fc.getArgument(0)) and + description = "argument is equal to zero" + or + functionWithDomainError = getMathVariants(["log", "log10", "log2", "sqrt"]) and + RestrictedRangeAnalysis::upperBound(fc.getArgument(0)) < 0.0 and + description = "argument is negative" + or + functionWithDomainError = getMathVariants("log1p") and + RestrictedRangeAnalysis::upperBound(fc.getArgument(0)) < -1.0 and + description = "argument is less than 1" + or + functionWithDomainError = getMathVariants("fmod") and + exprMayEqualZero(fc.getArgument(1)) and + description = "y is 0" + ) +} + +abstract class PotentiallyNaNExpr extends Expr { + abstract string getReason(); +} + +class DomainErrorFunctionCall extends FunctionCall, PotentiallyNaNExpr { + string reason; + + DomainErrorFunctionCall() { + hasDomainError(this, reason) + } + + override string getReason() { result = reason } +} + // IEEE 754-1985 Section 7.1 invalid operations -class InvalidOperationExpr extends BinaryOperation { +class InvalidOperationExpr extends BinaryOperation, PotentiallyNaNExpr { string reason; InvalidOperationExpr() { @@ -85,7 +150,7 @@ class InvalidOperationExpr extends BinaryOperation { ) } - string getReason() { result = reason } + override string getReason() { result = reason } } module InvalidNaNUsage implements DataFlow::ConfigSig { @@ -104,7 +169,7 @@ module InvalidNaNUsage implements DataFlow::ConfigSig { * An expression which may produce a NaN output. */ additional predicate potentialSource(DataFlow::Node node) { - node.asExpr() instanceof InvalidOperationExpr + node.asExpr() instanceof PotentiallyNaNExpr } predicate isBarrierOut(DataFlow::Node node) { @@ -173,13 +238,14 @@ from InvalidNaNUsage usage, Expr sourceExpr, string sourceString, Element extra, string extraString where not InvalidNaNFlow::PathGraph::edges(_, source, _, _) and + not InvalidNaNFlow::PathGraph::edges(sink, _, _, _) and not sourceExpr.isFromTemplateInstantiation(_) and not usage.asExpr().isFromTemplateInstantiation(_) and elem = MacroUnwrapper::unwrapElement(sink.getNode().asExpr()) and usage = sink.getNode() and sourceExpr = source.getNode().asExpr() and sourceString = - " (" + source.getNode().asExpr().(InvalidOperationExpr).getReason() + ")" and + " (" + source.getNode().asExpr().(PotentiallyNaNExpr).getReason() + ")" and InvalidNaNFlow::flow(source.getNode(), usage) and ( if not sourceExpr.getEnclosingFunction() = usage.asExpr().getEnclosingFunction() diff --git a/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.expected b/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.expected index 75534df6a0..f1f08b5a51 100644 --- a/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.expected +++ b/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.expected @@ -21,6 +21,21 @@ edges | test.c:77:15:77:21 | ... / ... | test.c:114:16:114:23 | l12 | provenance | | | test.c:77:15:77:21 | ... / ... | test.c:117:23:117:30 | l12 | provenance | | | test.c:77:15:77:21 | ... / ... | test.c:120:20:120:27 | l12 | provenance | | +| test.c:175:22:175:22 | p | test.c:175:27:175:32 | p | provenance | | +| test.c:183:34:183:34 | p | test.c:185:13:185:18 | p | provenance | | +| test.c:189:32:189:32 | p | test.c:189:47:189:59 | ... + ... | provenance | Config | +| test.c:189:47:189:59 | ... + ... | test.c:175:22:175:22 | p | provenance | | +| test.c:189:47:189:59 | ... + ... | test.c:175:22:175:22 | p | provenance | | +| test.c:189:51:189:59 | ... / ... | test.c:189:47:189:59 | ... + ... | provenance | Config | +| test.c:193:13:194:15 | ... / ... | test.c:175:22:175:22 | p | provenance | | +| test.c:200:25:200:33 | ... / ... | test.c:183:34:183:34 | p | provenance | | +| test.c:204:19:204:27 | ... / ... | test.c:204:19:204:27 | ... / ... | provenance | | +| test.c:204:19:204:27 | ... / ... | test.c:206:21:206:31 | ... + ... | provenance | Config | +| test.c:206:21:206:31 | ... + ... | test.c:206:21:206:31 | ... + ... | provenance | | +| test.c:206:21:206:31 | ... + ... | test.c:208:13:208:21 | middleInf | provenance | | +| test.c:206:21:206:31 | ... + ... | test.c:210:23:210:31 | middleInf | provenance | | +| test.c:208:13:208:21 | middleInf | test.c:175:22:175:22 | p | provenance | | +| test.c:210:23:210:31 | middleInf | test.c:189:32:189:32 | p | provenance | | nodes | test.c:8:14:8:20 | ... / ... | semmle.label | ... / ... | | test.c:8:14:8:20 | ... / ... | semmle.label | ... / ... | @@ -51,29 +66,48 @@ nodes | test.c:114:16:114:23 | l12 | semmle.label | l12 | | test.c:117:23:117:30 | l12 | semmle.label | l12 | | test.c:120:20:120:27 | l12 | semmle.label | l12 | +| test.c:163:3:164:16 | ... / ... | semmle.label | ... / ... | +| test.c:175:22:175:22 | p | semmle.label | p | +| test.c:175:27:175:32 | p | semmle.label | p | +| test.c:183:34:183:34 | p | semmle.label | p | +| test.c:185:13:185:18 | p | semmle.label | p | +| test.c:189:32:189:32 | p | semmle.label | p | +| test.c:189:47:189:59 | ... + ... | semmle.label | ... + ... | +| test.c:189:47:189:59 | ... + ... | semmle.label | ... + ... | +| test.c:189:51:189:59 | ... / ... | semmle.label | ... / ... | +| test.c:193:13:194:15 | ... / ... | semmle.label | ... / ... | +| test.c:200:25:200:33 | ... / ... | semmle.label | ... / ... | +| test.c:204:19:204:27 | ... / ... | semmle.label | ... / ... | +| test.c:204:19:204:27 | ... / ... | semmle.label | ... / ... | +| test.c:206:21:206:31 | ... + ... | semmle.label | ... + ... | +| test.c:206:21:206:31 | ... + ... | semmle.label | ... + ... | +| test.c:208:13:208:21 | middleInf | semmle.label | middleInf | +| test.c:210:23:210:31 | middleInf | semmle.label | middleInf | subpaths #select -| test.c:12:8:12:9 | l2 | test.c:8:14:8:20 | ... / ... | test.c:12:8:12:9 | l2 | Invalid usage of possible $@. | test.c:8:14:8:20 | ... / ... | infinity | -| test.c:13:8:13:9 | l3 | test.c:8:14:8:20 | ... / ... | test.c:13:8:13:9 | l3 | Invalid usage of possible $@. | test.c:8:14:8:20 | ... / ... | infinity | -| test.c:13:8:13:9 | l3 | test.c:9:14:9:16 | - ... | test.c:13:8:13:9 | l3 | Invalid usage of possible $@. | test.c:9:14:9:16 | - ... | infinity | -| test.c:18:8:18:9 | l2 | test.c:8:14:8:20 | ... / ... | test.c:18:3:18:9 | l2 | Invalid usage of possible $@. | test.c:8:14:8:20 | ... / ... | infinity | -| test.c:19:8:19:9 | l3 | test.c:8:14:8:20 | ... / ... | test.c:19:3:19:9 | l3 | Invalid usage of possible $@. | test.c:8:14:8:20 | ... / ... | infinity | -| test.c:19:8:19:9 | l3 | test.c:9:14:9:16 | - ... | test.c:19:3:19:9 | l3 | Invalid usage of possible $@. | test.c:9:14:9:16 | - ... | infinity | -| test.c:27:19:27:20 | l2 | test.c:8:14:8:20 | ... / ... | test.c:27:19:27:20 | l2 | Invalid usage of possible $@. | test.c:8:14:8:20 | ... / ... | infinity | -| test.c:28:19:28:20 | l3 | test.c:8:14:8:20 | ... / ... | test.c:28:19:28:20 | l3 | Invalid usage of possible $@. | test.c:8:14:8:20 | ... / ... | infinity | -| test.c:28:19:28:20 | l3 | test.c:9:14:9:16 | - ... | test.c:28:19:28:20 | l3 | Invalid usage of possible $@. | test.c:9:14:9:16 | - ... | infinity | -| test.c:38:8:38:9 | l7 | test.c:31:14:32:15 | ... / ... | test.c:38:3:38:9 | l7 | Invalid usage of possible $@. | test.c:31:14:32:15 | ... / ... | infinity | -| test.c:61:11:61:17 | ... / ... | test.c:61:5:61:18 | ... / ... | test.c:61:5:61:18 | ... / ... | Invalid usage of possible $@. | test.c:61:5:61:18 | ... / ... | infinity | -| test.c:66:11:66:19 | ... / ... | test.c:66:5:66:20 | ... / ... | test.c:66:5:66:20 | ... / ... | Invalid usage of possible $@. | test.c:66:5:66:20 | ... / ... | infinity | -| test.c:72:20:72:28 | ... / ... | test.c:72:14:72:29 | ... / ... | test.c:72:14:72:29 | ... / ... | Invalid usage of possible $@. | test.c:72:14:72:29 | ... / ... | infinity | -| test.c:75:24:75:32 | ... / ... | test.c:75:18:75:33 | ... / ... | test.c:75:18:75:33 | ... / ... | Invalid usage of possible $@. | test.c:75:18:75:33 | ... / ... | infinity | -| test.c:79:10:79:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:79:5:79:12 | l12 | Invalid usage of possible $@. | test.c:77:15:77:21 | ... / ... | infinity | -| test.c:87:10:87:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:87:5:87:12 | l12 | Invalid usage of possible $@. | test.c:77:15:77:21 | ... / ... | infinity | -| test.c:91:10:91:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:91:5:91:12 | l12 | Invalid usage of possible $@. | test.c:77:15:77:21 | ... / ... | infinity | -| test.c:93:10:93:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:93:5:93:12 | l12 | Invalid usage of possible $@. | test.c:77:15:77:21 | ... / ... | infinity | -| test.c:99:10:99:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:99:5:99:12 | l12 | Invalid usage of possible $@. | test.c:77:15:77:21 | ... / ... | infinity | -| test.c:105:10:105:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:105:5:105:12 | l12 | Invalid usage of possible $@. | test.c:77:15:77:21 | ... / ... | infinity | -| test.c:111:10:111:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:111:5:111:12 | l12 | Invalid usage of possible $@. | test.c:77:15:77:21 | ... / ... | infinity | -| test.c:114:21:114:23 | l12 | test.c:77:15:77:21 | ... / ... | test.c:114:16:114:23 | l12 | Invalid usage of possible $@. | test.c:77:15:77:21 | ... / ... | infinity | -| test.c:117:28:117:30 | l12 | test.c:77:15:77:21 | ... / ... | test.c:117:23:117:30 | l12 | Invalid usage of possible $@. | test.c:77:15:77:21 | ... / ... | infinity | -| test.c:120:25:120:27 | l12 | test.c:77:15:77:21 | ... / ... | test.c:120:20:120:27 | l12 | Invalid usage of possible $@. | test.c:77:15:77:21 | ... / ... | infinity | +| test.c:12:8:12:9 | l2 | test.c:8:14:8:20 | ... / ... | test.c:12:8:12:9 | l2 | Division operation may silently underflow and produce zero, as the divisor $@. | test.c:8:14:8:20 | ... / ... | may be an infinite float value from division by zero | +| test.c:13:8:13:9 | l3 | test.c:8:14:8:20 | ... / ... | test.c:13:8:13:9 | l3 | Division operation may silently underflow and produce zero, as the divisor $@. | test.c:8:14:8:20 | ... / ... | may be an infinite float value from division by zero | +| test.c:18:8:18:9 | l2 | test.c:8:14:8:20 | ... / ... | test.c:18:3:18:9 | l2 | $@ casted to integer. | test.c:8:14:8:20 | ... / ... | Possibly infinite float value from division by zero | +| test.c:19:8:19:9 | l3 | test.c:8:14:8:20 | ... / ... | test.c:19:3:19:9 | l3 | $@ casted to integer. | test.c:8:14:8:20 | ... / ... | Possibly infinite float value from division by zero | +| test.c:27:19:27:20 | l2 | test.c:8:14:8:20 | ... / ... | test.c:27:19:27:20 | l2 | Division operation may silently underflow and produce zero, as the divisor $@. | test.c:8:14:8:20 | ... / ... | may be an infinite float value from division by zero | +| test.c:28:19:28:20 | l3 | test.c:8:14:8:20 | ... / ... | test.c:28:19:28:20 | l3 | Division operation may silently underflow and produce zero, as the divisor $@. | test.c:8:14:8:20 | ... / ... | may be an infinite float value from division by zero | +| test.c:38:8:38:9 | l7 | test.c:31:14:32:15 | ... / ... | test.c:38:3:38:9 | l7 | $@ casted to integer. | test.c:31:14:32:15 | ... / ... | Possibly infinite float value from division by zero | +| test.c:61:11:61:17 | ... / ... | test.c:61:5:61:18 | ... / ... | test.c:61:5:61:18 | ... / ... | $@ casted to integer. | test.c:61:11:61:17 | ... / ... | Possibly infinite float value from division by zero | +| test.c:66:11:66:19 | ... / ... | test.c:66:5:66:20 | ... / ... | test.c:66:5:66:20 | ... / ... | $@ casted to integer. | test.c:66:11:66:19 | ... / ... | Possibly infinite float value from division by zero | +| test.c:72:20:72:28 | ... / ... | test.c:72:14:72:29 | ... / ... | test.c:72:14:72:29 | ... / ... | $@ casted to integer. | test.c:72:20:72:28 | ... / ... | Possibly infinite float value from division by zero | +| test.c:75:24:75:32 | ... / ... | test.c:75:18:75:33 | ... / ... | test.c:75:18:75:33 | ... / ... | $@ casted to integer. | test.c:75:24:75:32 | ... / ... | Possibly infinite float value from division by zero | +| test.c:79:10:79:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:79:5:79:12 | l12 | $@ casted to integer. | test.c:77:15:77:21 | ... / ... | Possibly infinite float value from division by zero | +| test.c:87:10:87:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:87:5:87:12 | l12 | $@ casted to integer. | test.c:77:15:77:21 | ... / ... | Possibly infinite float value from division by zero | +| test.c:91:10:91:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:91:5:91:12 | l12 | $@ casted to integer. | test.c:77:15:77:21 | ... / ... | Possibly infinite float value from division by zero | +| test.c:93:10:93:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:93:5:93:12 | l12 | $@ casted to integer. | test.c:77:15:77:21 | ... / ... | Possibly infinite float value from division by zero | +| test.c:99:10:99:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:99:5:99:12 | l12 | $@ casted to integer. | test.c:77:15:77:21 | ... / ... | Possibly infinite float value from division by zero | +| test.c:105:10:105:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:105:5:105:12 | l12 | $@ casted to integer. | test.c:77:15:77:21 | ... / ... | Possibly infinite float value from division by zero | +| test.c:111:10:111:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:111:5:111:12 | l12 | $@ casted to integer. | test.c:77:15:77:21 | ... / ... | Possibly infinite float value from division by zero | +| test.c:114:21:114:23 | l12 | test.c:77:15:77:21 | ... / ... | test.c:114:16:114:23 | l12 | $@ casted to integer. | test.c:77:15:77:21 | ... / ... | Possibly infinite float value from division by zero | +| test.c:117:28:117:30 | l12 | test.c:77:15:77:21 | ... / ... | test.c:117:23:117:30 | l12 | $@ casted to integer. | test.c:77:15:77:21 | ... / ... | Possibly infinite float value from division by zero | +| test.c:120:25:120:27 | l12 | test.c:77:15:77:21 | ... / ... | test.c:120:20:120:27 | l12 | $@ casted to integer. | test.c:77:15:77:21 | ... / ... | Possibly infinite float value from division by zero | +| test.c:163:9:164:15 | ... / ... | test.c:163:3:164:16 | ... / ... | test.c:163:3:164:16 | ... / ... | $@ casted to integer. | test.c:163:9:164:15 | ... / ... | Possibly infinite float value from division by zero | +| test.c:175:32:175:32 | p | test.c:189:51:189:59 | ... / ... | test.c:175:27:175:32 | p | $@ casted to integer. | test.c:189:6:189:24 | addInfThenCastToInt | Possibly infinite float value computed in function addInfThenCastToInt | +| test.c:175:32:175:32 | p | test.c:193:13:194:15 | ... / ... | test.c:175:27:175:32 | p | $@ casted to integer. | test.c:192:6:192:7 | f2 | Possibly infinite float value computed in function f2 | +| test.c:175:32:175:32 | p | test.c:204:19:204:27 | ... / ... | test.c:175:27:175:32 | p | $@ casted to integer. | test.c:192:6:192:7 | f2 | Possibly infinite float value computed in function f2 | +| test.c:185:18:185:18 | p | test.c:200:25:200:33 | ... / ... | test.c:185:13:185:18 | p | $@ casted to integer. | test.c:192:6:192:7 | f2 | Possibly infinite float value computed in function f2 | diff --git a/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.expected b/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.expected index e59d43d867..e0047d9ef7 100644 --- a/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.expected +++ b/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.expected @@ -22,9 +22,27 @@ edges | test.c:122:15:122:21 | ... / ... | test.c:138:5:138:12 | l13 | provenance | | | test.c:122:15:122:21 | ... / ... | test.c:144:5:144:12 | l13 | provenance | | | test.c:122:15:122:21 | ... / ... | test.c:148:5:148:12 | l13 | provenance | | -| test.c:122:15:122:21 | ... / ... | test.c:154:20:154:27 | l13 | provenance | | -| test.c:122:15:122:21 | ... / ... | test.c:156:23:156:30 | l13 | provenance | | -| test.c:122:15:122:21 | ... / ... | test.c:157:16:157:23 | l13 | provenance | | +| test.c:122:15:122:21 | ... / ... | test.c:155:20:155:27 | l13 | provenance | | +| test.c:122:15:122:21 | ... / ... | test.c:157:23:157:30 | l13 | provenance | | +| test.c:122:15:122:21 | ... / ... | test.c:158:16:158:23 | l13 | provenance | | +| test.c:175:22:175:22 | p | test.c:175:27:175:32 | p | provenance | | +| test.c:183:34:183:34 | p | test.c:185:13:185:18 | p | provenance | | +| test.c:188:32:188:32 | p | test.c:188:47:188:51 | ... + ... | provenance | Config | +| test.c:188:47:188:51 | ... + ... | test.c:175:22:175:22 | p | provenance | | +| test.c:190:32:190:32 | p | test.c:190:47:190:59 | ... + ... | provenance | Config | +| test.c:190:47:190:59 | ... + ... | test.c:175:22:175:22 | p | provenance | | +| test.c:190:47:190:59 | ... + ... | test.c:175:22:175:22 | p | provenance | | +| test.c:190:51:190:59 | ... / ... | test.c:190:47:190:59 | ... + ... | provenance | Config | +| test.c:195:13:195:21 | ... / ... | test.c:175:22:175:22 | p | provenance | | +| test.c:199:23:199:31 | ... / ... | test.c:188:32:188:32 | p | provenance | | +| test.c:201:25:201:33 | ... / ... | test.c:183:34:183:34 | p | provenance | | +| test.c:205:19:205:27 | ... / ... | test.c:205:19:205:27 | ... / ... | provenance | | +| test.c:205:19:205:27 | ... / ... | test.c:207:21:207:31 | ... + ... | provenance | Config | +| test.c:207:21:207:31 | ... + ... | test.c:207:21:207:31 | ... + ... | provenance | | +| test.c:207:21:207:31 | ... + ... | test.c:209:13:209:21 | middleNaN | provenance | | +| test.c:207:21:207:31 | ... + ... | test.c:211:23:211:31 | middleNaN | provenance | | +| test.c:209:13:209:21 | middleNaN | test.c:175:22:175:22 | p | provenance | | +| test.c:211:23:211:31 | middleNaN | test.c:190:32:190:32 | p | provenance | | nodes | test.c:27:14:27:20 | ... / ... | semmle.label | ... / ... | | test.c:27:14:27:20 | ... / ... | semmle.label | ... / ... | @@ -58,33 +76,61 @@ nodes | test.c:138:5:138:12 | l13 | semmle.label | l13 | | test.c:144:5:144:12 | l13 | semmle.label | l13 | | test.c:148:5:148:12 | l13 | semmle.label | l13 | -| test.c:154:20:154:27 | l13 | semmle.label | l13 | -| test.c:156:23:156:30 | l13 | semmle.label | l13 | -| test.c:157:16:157:23 | l13 | semmle.label | l13 | +| test.c:155:20:155:27 | l13 | semmle.label | l13 | +| test.c:157:23:157:30 | l13 | semmle.label | l13 | +| test.c:158:16:158:23 | l13 | semmle.label | l13 | +| test.c:166:3:166:18 | call to pow | semmle.label | call to pow | +| test.c:171:3:171:15 | call to acos | semmle.label | call to acos | +| test.c:175:22:175:22 | p | semmle.label | p | +| test.c:175:27:175:32 | p | semmle.label | p | +| test.c:183:34:183:34 | p | semmle.label | p | +| test.c:185:13:185:18 | p | semmle.label | p | +| test.c:188:32:188:32 | p | semmle.label | p | +| test.c:188:47:188:51 | ... + ... | semmle.label | ... + ... | +| test.c:190:32:190:32 | p | semmle.label | p | +| test.c:190:47:190:59 | ... + ... | semmle.label | ... + ... | +| test.c:190:47:190:59 | ... + ... | semmle.label | ... + ... | +| test.c:190:51:190:59 | ... / ... | semmle.label | ... / ... | +| test.c:195:13:195:21 | ... / ... | semmle.label | ... / ... | +| test.c:199:23:199:31 | ... / ... | semmle.label | ... / ... | +| test.c:201:25:201:33 | ... / ... | semmle.label | ... / ... | +| test.c:205:19:205:27 | ... / ... | semmle.label | ... / ... | +| test.c:205:19:205:27 | ... / ... | semmle.label | ... / ... | +| test.c:207:21:207:31 | ... + ... | semmle.label | ... + ... | +| test.c:207:21:207:31 | ... + ... | semmle.label | ... + ... | +| test.c:209:13:209:21 | middleNaN | semmle.label | middleNaN | +| test.c:211:23:211:31 | middleNaN | semmle.label | middleNaN | subpaths #select -| test.c:36:8:36:9 | l5 | test.c:27:14:27:20 | ... / ... | test.c:36:3:36:9 | l5 | Invalid usage of possible $@. | test.c:27:14:27:20 | ... / ... | NaN resulting from possible division of infinity by infinity | -| test.c:37:8:37:9 | l6 | test.c:28:14:28:20 | ... / ... | test.c:37:3:37:9 | l6 | Invalid usage of possible $@. | test.c:28:14:28:20 | ... / ... | NaN resulting from possible division of infinity by infinity | -| test.c:38:8:38:9 | l7 | test.c:31:14:32:15 | ... / ... | test.c:38:3:38:9 | l7 | Invalid usage of possible $@. | test.c:31:14:32:15 | ... / ... | NaN resulting from possible division of zero by zero | -| test.c:39:8:39:9 | l8 | test.c:33:14:33:22 | ... / ... | test.c:39:3:39:9 | l8 | Invalid usage of possible $@. | test.c:33:14:33:22 | ... / ... | NaN resulting from possible division of zero by zero | -| test.c:46:3:46:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:46:3:46:4 | l5 | Invalid usage of possible $@. | test.c:27:14:27:20 | ... / ... | NaN resulting from possible division of infinity by infinity | -| test.c:47:3:47:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:47:3:47:4 | l5 | Invalid usage of possible $@. | test.c:27:14:27:20 | ... / ... | NaN resulting from possible division of infinity by infinity | -| test.c:48:3:48:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:48:3:48:4 | l5 | Invalid usage of possible $@. | test.c:27:14:27:20 | ... / ... | NaN resulting from possible division of infinity by infinity | -| test.c:49:3:49:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:49:3:49:4 | l5 | Invalid usage of possible $@. | test.c:27:14:27:20 | ... / ... | NaN resulting from possible division of infinity by infinity | -| test.c:50:3:50:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:50:3:50:4 | l5 | Invalid usage of possible $@. | test.c:27:14:27:20 | ... / ... | NaN resulting from possible division of infinity by infinity | -| test.c:51:3:51:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:51:3:51:4 | l5 | Invalid usage of possible $@. | test.c:27:14:27:20 | ... / ... | NaN resulting from possible division of infinity by infinity | -| test.c:52:3:52:4 | l6 | test.c:28:14:28:20 | ... / ... | test.c:52:3:52:4 | l6 | Invalid usage of possible $@. | test.c:28:14:28:20 | ... / ... | NaN resulting from possible division of infinity by infinity | -| test.c:53:3:53:4 | l7 | test.c:31:14:32:15 | ... / ... | test.c:53:3:53:4 | l7 | Invalid usage of possible $@. | test.c:31:14:32:15 | ... / ... | NaN resulting from possible division of zero by zero | -| test.c:54:3:54:4 | l8 | test.c:33:14:33:22 | ... / ... | test.c:54:3:54:4 | l8 | Invalid usage of possible $@. | test.c:33:14:33:22 | ... / ... | NaN resulting from possible division of zero by zero | -| test.c:61:11:61:17 | ... / ... | test.c:61:5:61:18 | ... / ... | test.c:61:5:61:18 | ... / ... | Invalid usage of possible $@. | test.c:61:5:61:18 | ... / ... | NaN resulting from possible division of zero by zero | -| test.c:66:11:66:19 | ... / ... | test.c:66:5:66:20 | ... / ... | test.c:66:5:66:20 | ... / ... | Invalid usage of possible $@. | test.c:66:5:66:20 | ... / ... | NaN resulting from possible division of zero by zero | -| test.c:72:20:72:28 | ... / ... | test.c:72:14:72:29 | ... / ... | test.c:72:14:72:29 | ... / ... | Invalid usage of possible $@. | test.c:72:14:72:29 | ... / ... | NaN resulting from possible division of zero by zero | -| test.c:75:24:75:32 | ... / ... | test.c:75:18:75:33 | ... / ... | test.c:75:18:75:33 | ... / ... | Invalid usage of possible $@. | test.c:75:18:75:33 | ... / ... | NaN resulting from possible division of zero by zero | -| test.c:126:10:126:12 | l13 | test.c:122:15:122:21 | ... / ... | test.c:126:5:126:12 | l13 | Invalid usage of possible $@. | test.c:122:15:122:21 | ... / ... | NaN resulting from possible division of zero by zero | -| test.c:132:10:132:12 | l13 | test.c:122:15:122:21 | ... / ... | test.c:132:5:132:12 | l13 | Invalid usage of possible $@. | test.c:122:15:122:21 | ... / ... | NaN resulting from possible division of zero by zero | -| test.c:138:10:138:12 | l13 | test.c:122:15:122:21 | ... / ... | test.c:138:5:138:12 | l13 | Invalid usage of possible $@. | test.c:122:15:122:21 | ... / ... | NaN resulting from possible division of zero by zero | -| test.c:144:10:144:12 | l13 | test.c:122:15:122:21 | ... / ... | test.c:144:5:144:12 | l13 | Invalid usage of possible $@. | test.c:122:15:122:21 | ... / ... | NaN resulting from possible division of zero by zero | -| test.c:148:10:148:12 | l13 | test.c:122:15:122:21 | ... / ... | test.c:148:5:148:12 | l13 | Invalid usage of possible $@. | test.c:122:15:122:21 | ... / ... | NaN resulting from possible division of zero by zero | -| test.c:154:25:154:27 | l13 | test.c:122:15:122:21 | ... / ... | test.c:154:20:154:27 | l13 | Invalid usage of possible $@. | test.c:122:15:122:21 | ... / ... | NaN resulting from possible division of zero by zero | -| test.c:156:28:156:30 | l13 | test.c:122:15:122:21 | ... / ... | test.c:156:23:156:30 | l13 | Invalid usage of possible $@. | test.c:122:15:122:21 | ... / ... | NaN resulting from possible division of zero by zero | -| test.c:157:21:157:23 | l13 | test.c:122:15:122:21 | ... / ... | test.c:157:16:157:23 | l13 | Invalid usage of possible $@. | test.c:122:15:122:21 | ... / ... | NaN resulting from possible division of zero by zero | +| test.c:36:8:36:9 | l5 | test.c:27:14:27:20 | ... / ... | test.c:36:3:36:9 | l5 | $@ casted to integer. | test.c:27:14:27:20 | ... / ... | Possibly NaN float value (from division of infinity by infinity) | +| test.c:37:8:37:9 | l6 | test.c:28:14:28:20 | ... / ... | test.c:37:3:37:9 | l6 | $@ casted to integer. | test.c:28:14:28:20 | ... / ... | Possibly NaN float value (from division of infinity by infinity) | +| test.c:38:8:38:9 | l7 | test.c:31:14:32:15 | ... / ... | test.c:38:3:38:9 | l7 | $@ casted to integer. | test.c:31:14:32:15 | ... / ... | Possibly NaN float value (from division of zero by zero) | +| test.c:39:8:39:9 | l8 | test.c:33:14:33:22 | ... / ... | test.c:39:3:39:9 | l8 | $@ casted to integer. | test.c:33:14:33:22 | ... / ... | Possibly NaN float value (from division of zero by zero) | +| test.c:46:3:46:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:46:3:46:4 | l5 | Comparison involving a $@, which always evaluates to false. | test.c:27:14:27:20 | ... / ... | possibly NaN float value (from division of infinity by infinity) | +| test.c:47:3:47:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:47:3:47:4 | l5 | Comparison involving a $@, which always evaluates to false. | test.c:27:14:27:20 | ... / ... | possibly NaN float value (from division of infinity by infinity) | +| test.c:48:3:48:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:48:3:48:4 | l5 | Comparison involving a $@, which always evaluates to false. | test.c:27:14:27:20 | ... / ... | possibly NaN float value (from division of infinity by infinity) | +| test.c:49:3:49:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:49:3:49:4 | l5 | Comparison involving a $@, which always evaluates to false. | test.c:27:14:27:20 | ... / ... | possibly NaN float value (from division of infinity by infinity) | +| test.c:50:3:50:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:50:3:50:4 | l5 | Comparison involving a $@, which always evaluates to false. | test.c:27:14:27:20 | ... / ... | possibly NaN float value (from division of infinity by infinity) | +| test.c:51:3:51:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:51:3:51:4 | l5 | Comparison involving a $@, which always evaluates to false. | test.c:27:14:27:20 | ... / ... | possibly NaN float value (from division of infinity by infinity) | +| test.c:52:3:52:4 | l6 | test.c:28:14:28:20 | ... / ... | test.c:52:3:52:4 | l6 | Comparison involving a $@, which always evaluates to false. | test.c:28:14:28:20 | ... / ... | possibly NaN float value (from division of infinity by infinity) | +| test.c:53:3:53:4 | l7 | test.c:31:14:32:15 | ... / ... | test.c:53:3:53:4 | l7 | Comparison involving a $@, which always evaluates to false. | test.c:31:14:32:15 | ... / ... | possibly NaN float value (from division of zero by zero) | +| test.c:54:3:54:4 | l8 | test.c:33:14:33:22 | ... / ... | test.c:54:3:54:4 | l8 | Comparison involving a $@, which always evaluates to false. | test.c:33:14:33:22 | ... / ... | possibly NaN float value (from division of zero by zero) | +| test.c:61:11:61:17 | ... / ... | test.c:61:5:61:18 | ... / ... | test.c:61:5:61:18 | ... / ... | $@ casted to integer. | test.c:61:11:61:17 | ... / ... | Possibly NaN float value (from division of zero by zero) | +| test.c:66:11:66:19 | ... / ... | test.c:66:5:66:20 | ... / ... | test.c:66:5:66:20 | ... / ... | $@ casted to integer. | test.c:66:11:66:19 | ... / ... | Possibly NaN float value (from division of zero by zero) | +| test.c:72:20:72:28 | ... / ... | test.c:72:14:72:29 | ... / ... | test.c:72:14:72:29 | ... / ... | $@ casted to integer. | test.c:72:20:72:28 | ... / ... | Possibly NaN float value (from division of zero by zero) | +| test.c:75:24:75:32 | ... / ... | test.c:75:18:75:33 | ... / ... | test.c:75:18:75:33 | ... / ... | $@ casted to integer. | test.c:75:24:75:32 | ... / ... | Possibly NaN float value (from division of zero by zero) | +| test.c:126:10:126:12 | l13 | test.c:122:15:122:21 | ... / ... | test.c:126:5:126:12 | l13 | $@ casted to integer. | test.c:122:15:122:21 | ... / ... | Possibly NaN float value (from division of zero by zero) | +| test.c:132:10:132:12 | l13 | test.c:122:15:122:21 | ... / ... | test.c:132:5:132:12 | l13 | $@ casted to integer. | test.c:122:15:122:21 | ... / ... | Possibly NaN float value (from division of zero by zero) | +| test.c:138:10:138:12 | l13 | test.c:122:15:122:21 | ... / ... | test.c:138:5:138:12 | l13 | $@ casted to integer. | test.c:122:15:122:21 | ... / ... | Possibly NaN float value (from division of zero by zero) | +| test.c:144:10:144:12 | l13 | test.c:122:15:122:21 | ... / ... | test.c:144:5:144:12 | l13 | $@ casted to integer. | test.c:122:15:122:21 | ... / ... | Possibly NaN float value (from division of zero by zero) | +| test.c:148:10:148:12 | l13 | test.c:122:15:122:21 | ... / ... | test.c:148:5:148:12 | l13 | $@ casted to integer. | test.c:122:15:122:21 | ... / ... | Possibly NaN float value (from division of zero by zero) | +| test.c:155:25:155:27 | l13 | test.c:122:15:122:21 | ... / ... | test.c:155:20:155:27 | l13 | $@ casted to integer. | test.c:122:15:122:21 | ... / ... | Possibly NaN float value (from division of zero by zero) | +| test.c:157:28:157:30 | l13 | test.c:122:15:122:21 | ... / ... | test.c:157:23:157:30 | l13 | $@ casted to integer. | test.c:122:15:122:21 | ... / ... | Possibly NaN float value (from division of zero by zero) | +| test.c:158:21:158:23 | l13 | test.c:122:15:122:21 | ... / ... | test.c:158:16:158:23 | l13 | $@ casted to integer. | test.c:122:15:122:21 | ... / ... | Possibly NaN float value (from division of zero by zero) | +| test.c:166:8:166:10 | call to pow | test.c:166:3:166:18 | call to pow | test.c:166:3:166:18 | call to pow | $@ casted to integer. | test.c:166:8:166:10 | call to pow | Possibly NaN float value (both arguments are equal to zero) | +| test.c:171:8:171:11 | call to acos | test.c:171:3:171:15 | call to acos | test.c:171:3:171:15 | call to acos | $@ casted to integer. | test.c:171:8:171:11 | call to acos | Possibly NaN float value (the argument has a range -1000000000000000...1000000000000000 which is outside the domain of this function (-1.0...1.0)) | +| test.c:175:32:175:32 | p | test.c:190:51:190:59 | ... / ... | test.c:175:27:175:32 | p | $@ casted to integer. | test.c:190:6:190:24 | addNaNThenCastToInt | Possibly NaN float value (from division of zero by zero) computed in function addNaNThenCastToInt | +| test.c:175:32:175:32 | p | test.c:195:13:195:21 | ... / ... | test.c:175:27:175:32 | p | $@ casted to integer. | test.c:192:6:192:7 | f2 | Possibly NaN float value (from division of zero by zero) computed in function f2 | +| test.c:175:32:175:32 | p | test.c:199:23:199:31 | ... / ... | test.c:175:27:175:32 | p | $@ casted to integer. | test.c:192:6:192:7 | f2 | Possibly NaN float value (from division of zero by zero) computed in function f2 | +| test.c:175:32:175:32 | p | test.c:205:19:205:27 | ... / ... | test.c:175:27:175:32 | p | $@ casted to integer. | test.c:192:6:192:7 | f2 | Possibly NaN float value (from division of zero by zero) computed in function f2 | +| test.c:185:18:185:18 | p | test.c:201:25:201:33 | ... / ... | test.c:185:13:185:18 | p | $@ casted to integer. | test.c:192:6:192:7 | f2 | Possibly NaN float value (from division of zero by zero) computed in function f2 | diff --git a/c/misra/test/rules/DIR-4-15/test.c b/c/misra/test/rules/DIR-4-15/test.c index d0f9ab5418..e615d3447a 100644 --- a/c/misra/test/rules/DIR-4-15/test.c +++ b/c/misra/test/rules/DIR-4-15/test.c @@ -150,10 +150,63 @@ void f1(float p1) { (int)l13; // COMPLIANT: Guarded not to be NaN } - isinf(l13) ? (int)l13 : 0; // COMPLIANT: Checked infinite, therefore not NaN, before use + isinf(l13) ? (int)l13 + : 0; // COMPLIANT: Checked infinite, therefore not NaN, before use isinf(l13) ? 0 : (int)l13; // COMPLIANT: Check on wrong branch isfinite(l13) ? (int)l13 : 0; // COMPLIANT: Checked finite before use isfinite(l13) ? 0 : (int)l13; // NON_COMPLIANT: Checked on wrong branch - isnan(l13) ? (int)l13 : 0; // NON_COMPLIANT: Check on wrong branch - isnan(l13) ? 0 : (int)l13; // COMPLIANT: Checked not NaN before use + isnan(l13) ? (int)l13 : 0; // NON_COMPLIANT: Check on wrong branch + isnan(l13) ? 0 : (int)l13; // COMPLIANT: Checked not NaN before use + + (int)pow(2, p1); // NON_COMPLIANT: likely to be Infinity + (int)pow(2, sin(p1)); // COMPLIANT: not likely to be Infinity + (int)(1 / + sin(p1)); // NON_COMPLIANT: possible infinity from zero in denominator + (int)(1 / log(p1)); // COMPLIANT: not possibly zero in denominator + (int)pow(p1, p1); // NON_COMPLIANT: NaN if p1 is zero + if (p1 != 0) { + (int)pow(p1, p1); // COMPLIANT: p1 is not zero + } + + (int)acos(p1); // NON_COMPLIANT: NaN if p1 is not within -1..1 + (int)acos(cos(p1)); // COMPLIANT: cos(p1) is within -1..1 +} + +void castToInt(float p) { (int)p; } + +void checkBeforeCastToInt(float p) { + if (isfinite(p)) { + castToInt(p); + } +} + +void castToIntToFloatToInt(float p) { + // This should be reported as a violation, but not downstream from here. + castToInt((int)p); +} + +void addOneThenCastToInt(float p) { castToInt(p + 1); } +void addInfThenCastToInt(float p) { castToInt(p + 1.0 / 0.0); } +void addNaNThenCastToInt(float p) { castToInt(p + 0.0 / 0.0); } + +void f2() { + castToInt(1.0 / + 0.0); // NON_COMPLIANT: Infinity flows to denominator in division + castToInt(0.0 / 0.0); // NON_COMPLIANT: NaN flows to denominator in division + checkBeforeCastToInt(1.0 / 0.0); // COMPLIANT + checkBeforeCastToInt(0.0 / 0.0); // COMPLIANT + addOneThenCastToInt(1.0 / 0.0); // NON_COMPLIANT[False negative] + addOneThenCastToInt(0.0 / 0.0); // NON_COMPLIANT + castToIntToFloatToInt(1.0 / 0.0); // NON_COMPLIANT + castToIntToFloatToInt(0.0 / 0.0); // NON_COMPLIANT + + // Check that during flow analysis, we only report the true root cause: + float rootInf = 1.0 / 0.0; + float rootNaN = 0.0 / 0.0; + float middleInf = rootInf + 1; + float middleNaN = rootNaN + 1; + castToInt(middleInf); // NON_COMPLIANT + castToInt(middleNaN); // NON_COMPLIANT + addInfThenCastToInt(middleInf); // NON_COMPLIANT + addNaNThenCastToInt(middleNaN); // NON_COMPLIANT } \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/RestrictedRangeAnalysis.qll b/cpp/common/src/codingstandards/cpp/RestrictedRangeAnalysis.qll index 8ae3c9c38b..0c98824dbf 100644 --- a/cpp/common/src/codingstandards/cpp/RestrictedRangeAnalysis.qll +++ b/cpp/common/src/codingstandards/cpp/RestrictedRangeAnalysis.qll @@ -84,7 +84,9 @@ module RestrictedRangeAnalysis { result = -256.0 or result = -32768.0 or result = -65536.0 or - result = max(float v | v = Util::typeLowerBound(t) or v = -largeValue()) + result = -largeValue() or + result = Util::typeLowerBound(t) + //result = max(float v | v = Util::typeLowerBound(t) or v = -largeValue()) } /** See comment for `wideningLowerBounds`, above. */ @@ -100,7 +102,9 @@ module RestrictedRangeAnalysis { result = 255.0 or result = 32767.0 or result = 65535.0 or - result = min(float v | v = Util::typeLowerBound(t) or v = largeValue()) + result = largeValue() or + result = Util::typeUpperBound(t) + //result = min(float v | v = Util::typeLowerBound(t) or v = largeValue()) } /** @@ -312,6 +316,196 @@ module RestrictedRangeAnalysis { ) } + bindingset[name] + Function getMathVariants(string name) { + result.hasGlobalOrStdName([name, name + "f", name + "l"]) + } + + /** + * New support added for mathematical functions that either monotonically increase, or decrease, + * or that have a known lower or upper bound. + * + * For instance, log(x) monotonically increases over x, and acos(x) monotonically decreases, + * while sin(x) has a known output range of -1 to 1. + * + * `pow` is especially common so minimal work is done to support that here as well. `pow(c, x)` + * monotonically increases or decreases over `x` if `c` is a constant, though the reverse is not + * true except in special cases. + */ + newtype TSupportedMathFunctionCall = + /* A monotonically increasing function call. `extra` is a constant for `pow(x, c)`. */ + TMonotonicIncrease(FunctionCall fc, Expr input, float extra) { + // Note: Codeql has no default implementation in codeql for exp2, atanh, acosh, asinh, or + // log1p so we haven't taken the time to support them yet. + fc.getTarget() = + getMathVariants(["log", "log2", "log10", "exp", "asin", "atan", "sinh", "sqrt"]) and + input = fc.getArgument(0) and + extra = 0.0 + or + // Notes: pow is monotonic if the base argument is constant, increasing if the base is greater + // than 1 or between -1 and 0, and decreasing otherwise. A constant power is monotonic over the + // base in the positive or negative domain, but distinguishing those separately can introduce + // non-monotonic recursion errors. + fc.getTarget() = getMathVariants("pow") and + extra = fc.getArgument(0).getValue().toFloat() and + ( + extra > 1.0 + or + extra < 0.0 and extra > -1.0 + ) and + input = fc.getArgument(1) + } or + /* A monotonically decreasing function call. `extra` is a constant for `pow(x, c)`. */ + TMonotonicDecrease(FunctionCall fc, Expr input, float extra) { + fc.getTarget() = getMathVariants(["acos"]) and + input = fc.getArgument(0) and + extra = 0.0 + or + fc.getTarget() = getMathVariants("pow") and + extra = fc.getArgument(0).getValue().toFloat() and + ( + extra < -1.0 + or + extra > 0.0 and extra < 1.0 + ) and + input = fc.getArgument(1) + } or + /* A non-mononotic function call with a known lower bound. */ + TNonMonotonicLowerBound(FunctionCall fc, float lb) { + fc.getTarget() = getMathVariants("cosh") and + lb = 1.0 + or + fc.getTarget() = getMathVariants(["cos", "sin"]) and + lb = -1.0 + } or + /* A non-mononotic function call with a known upper bound. */ + TNonMonotonicUpperBound(FunctionCall fc, float lb) { + fc.getTarget() = getMathVariants(["cos", "sin"]) and + lb = 1.0 + } + + /** + * A function call that is supported by range analysis. + */ + class SupportedFunctionCall extends TSupportedMathFunctionCall { + string toString() { + exists(FunctionCall fc | + this = TMonotonicIncrease(fc, _, _) and + result = "Monotonic increase " + fc.getTarget().getName() + or + this = TMonotonicDecrease(fc, _, _) and + result = "Monotonic decrease " + fc.getTarget().getName() + or + this = TNonMonotonicLowerBound(fc, _) and + result = "Nonmonotonic lower bound " + fc.getTarget().getName() + or + this = TNonMonotonicUpperBound(fc, _) and + result = "Nonmonotonic upper bound " + fc.getTarget().getName() + ) + } + + /** Get the function call node this algebraic type corresponds to. */ + FunctionCall getFunctionCall() { + this = TMonotonicIncrease(result, _, _) + or + this = TMonotonicDecrease(result, _, _) + or + this = TNonMonotonicLowerBound(result, _) + or + this = TNonMonotonicUpperBound(result, _) + } + + /** Get the function name (`sin`, `pow`, etc.) without the `l` or `f` suffix. */ + bindingset[this, result] + string getBaseFunctionName() { getMathVariants(result) = getFunctionCall().getTarget() } + + /** + * Compute a result bound based on an input value and an extra constant value. + * + * The functions `getUpperBound()` and `getLowerBound()` automatically handle the differences + * between monotonically increasing and decreasing functions, and provide the input value. The + * `extra` float exists to support `pow(x, c)` for the constant `c`, otherwise it is `0.0`. + */ + bindingset[value, extra, this] + float compute(float value, float extra) { + exists(string name | name = getBaseFunctionName() | + name = "log" and + result = value.log() + or + name = "log2" and + result = value.log2() + or + name = "log10" and + result = value.log10() + or + name = "exp" and + result = value.exp() + or + name = "asin" and + result = value.asin() + or + name = "atan" and + result = value.atan() + or + name = "acos" and + result = value.acos() + or + name = "sinh" and + result = value.sinh() + or + name = "sqrt" and + result = value.sqrt() + or + name = "pow" and + result = extra.pow(value) + ) + } + + /** + * Get the lower bound of this function, based on its fixed range (if it has one) or based on + * the lower or upper bound of its input, if it is a monotonically increasing or decreasing + * function. + */ + float getLowerBound() { + this = TNonMonotonicLowerBound(_, result) + or + exists(Expr expr, float bound, float extra | + ( + this = TMonotonicIncrease(_, expr, extra) and + bound = getFullyConvertedLowerBounds(expr) + or + this = TMonotonicDecrease(_, expr, extra) and + bound = getFullyConvertedUpperBounds(expr) + ) and + result = compute(bound, extra) + ) + } + + /** + * Get the lower bound of this function, based on its fixed range (if it has one) or based on + * the lower or upper bound of its input, if it is a monotonically increasing or decreasing + * function. + */ + float getUpperBound() { + this = TNonMonotonicUpperBound(_, result) + or + exists(Expr expr, float bound, float extra | + ( + this = TMonotonicIncrease(_, expr, extra) and + bound = getFullyConvertedUpperBounds(expr) + or + this = TMonotonicDecrease(_, expr, extra) and + bound = getFullyConvertedLowerBounds(expr) + ) and + result = compute(bound, extra) + ) + } + } + + predicate supportedMathFunction(FunctionCall fc) { + exists(SupportedFunctionCall sfc | sfc.getFunctionCall() = fc) + } + /** * Holds if `expr` is checked with a guard to not be zero. * @@ -371,6 +565,8 @@ module RestrictedRangeAnalysis { // dividesNonzeroByZero(e) e instanceof DivExpr // TODO: confirm this is OK or + supportedMathFunction(e) + or e instanceof MinExpr or e instanceof MaxExpr @@ -628,8 +824,9 @@ module RestrictedRangeAnalysis { */ int estimatedPhiCombinationsExpr(Expr expr) { if isRecursiveExpr(expr) - // Assume 10 values were computed to analyze recursive expressions. - then result = 10 + then + // Assume 10 values were computed to analyze recursive expressions. + result = 10 else ( exists(RangeSsaDefinition def, StackVariable v | expr = def.getAUse(v) | def.isPhiNode(v) and @@ -649,16 +846,17 @@ module RestrictedRangeAnalysis { ) or not expr instanceof BinaryOperation and - not exprDependsOnDef(expr, _, _) and result = 1 + not exprDependsOnDef(expr, _, _) and + result = 1 ) } /** * Recursively scan this def to see how many phi nodes it depends on. - * + * * If this def is a phi node, it sums its downstream cost and adds one to account for itself, - * which is not exactly correct. - * + * which is not exactly correct. + * * This def may also be a crement expression (not currently supported), or an assign expr * (currently not supported), or an unanalyzable expression which is the root of the recursion * and given a value of 1. @@ -666,8 +864,9 @@ module RestrictedRangeAnalysis { language[monotonicAggregates] int estimatedPhiCombinationsDef(RangeSsaDefinition def, StackVariable v) { if isRecursiveDef(def, v) - // Assume 10 values were computed to analyze recursive expressions. - then result = 10 + then + // Assume 10 values were computed to analyze recursive expressions. + result = 10 else ( if def.isPhiNode(v) then @@ -681,7 +880,9 @@ module RestrictedRangeAnalysis { ) ) else ( - exists(Expr expr | assignmentDef(def, v, expr) | result = estimatedPhiCombinationsExpr(expr)) + exists(Expr expr | assignmentDef(def, v, expr) | + result = estimatedPhiCombinationsExpr(expr) + ) or v = def.getAVariable() and not assignmentDef(def, v, _) and @@ -730,6 +931,17 @@ module RestrictedRangeAnalysis { phiDependsOnDef(def, v, _, _) } + predicate canBoundExpr(Expr e) { + exists(RangeSsaDefinition def, StackVariable v | e = def.getAUse(v) | + analyzableDef(def, v) + ) or + analyzableExpr(e) + or + exists(getGuardedUpperBound(e)) + or + lowerBoundFromGuard(e, _, _, _) + } + /** * Computes a normal form of `x` where -0.0 has changed to +0.0. This can be * needed on the lesser side of a floating-point comparison or on both sides of @@ -931,6 +1143,10 @@ module RestrictedRangeAnalysis { result = getFullyConvertedLowerBounds(div.getLeftOperand()) / 0 ) or + exists(SupportedFunctionCall sfc | sfc.getFunctionCall() = expr | + result = sfc.getLowerBound() + ) + or exists(MinExpr minExpr | expr = minExpr and // Return the union of the lower bounds from both children. @@ -1136,6 +1352,10 @@ module RestrictedRangeAnalysis { result = getFullyConvertedUpperBounds(div.getLeftOperand()) / 0 ) or + exists(SupportedFunctionCall sfc | sfc.getFunctionCall() = expr | + result = sfc.getUpperBound() + ) + or exists(MaxExpr maxExpr | expr = maxExpr and // Return the union of the upper bounds from both children. From 99e92cff45d595f15a033dd7e3559109050e436c Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 7 Feb 2025 04:31:30 -0800 Subject: [PATCH 2382/2573] formatting fixes --- .../PossibleMisuseOfUndetectedInfinity.ql | 14 +++-- .../DIR-4-15/PossibleMisuseOfUndetectedNaN.ql | 55 +++++++++---------- 2 files changed, 34 insertions(+), 35 deletions(-) diff --git a/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.ql b/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.ql index 357a8fce71..61753c98a9 100644 --- a/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.ql +++ b/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.ql @@ -133,13 +133,15 @@ where ( if not sourceExpr.getEnclosingFunction() = usage.asExpr().getEnclosingFunction() then - extraString = usage.getInfinityDescription() + " computed in function " + sourceExpr.getEnclosingFunction().getName() - and extra = sourceExpr.getEnclosingFunction() + extraString = + usage.getInfinityDescription() + " computed in function " + + sourceExpr.getEnclosingFunction().getName() and + extra = sourceExpr.getEnclosingFunction() else ( extra = sourceExpr and - if sourceExpr instanceof DivExpr - then extraString = usage.getInfinityDescription() + " from division by zero" - else extraString = usage.getInfinityDescription() + if sourceExpr instanceof DivExpr + then extraString = usage.getInfinityDescription() + " from division by zero" + else extraString = usage.getInfinityDescription() ) ) -select elem, source, sink, usage.getDescription(), extra, extraString \ No newline at end of file +select elem, source, sink, usage.getDescription(), extra, extraString diff --git a/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql b/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql index f850cc3e55..701834ca3f 100644 --- a/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql +++ b/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql @@ -35,7 +35,8 @@ predicate hasDomainError(FunctionCall fc, string description) { ) and description = "the argument has a range " + RestrictedRangeAnalysis::lowerBound(fc.getArgument(0)) + "..." + - RestrictedRangeAnalysis::upperBound(fc.getArgument(0)) + " which is outside the domain of this function (-1.0...1.0)" + RestrictedRangeAnalysis::upperBound(fc.getArgument(0)) + + " which is outside the domain of this function (-1.0...1.0)" or functionWithDomainError = getMathVariants(["atan2", "pow"]) and ( @@ -81,9 +82,7 @@ abstract class PotentiallyNaNExpr extends Expr { class DomainErrorFunctionCall extends FunctionCall, PotentiallyNaNExpr { string reason; - DomainErrorFunctionCall() { - hasDomainError(this, reason) - } + DomainErrorFunctionCall() { hasDomainError(this, reason) } override string getReason() { result = reason } } @@ -203,25 +202,22 @@ class InvalidNaNUsage extends DataFlow::Node { string nanDescription; InvalidNaNUsage() { - // Case 1: NaNs shall not be compared, except to themselves - exists(ComparisonOperation cmp | - this.asExpr() = cmp.getAnOperand() and - not hashCons(cmp.getLeftOperand()) = hashCons(cmp.getRightOperand()) and - description = "Comparison involving a $@, which always evaluates to false." and - nanDescription = "possibly NaN float value" - ) - or - // Case 2: NaNs and infinities shall not be cast to integers - exists(Conversion c | - this.asExpr() = c.getUnconverted() and - c.getExpr().getType() instanceof FloatingPointType and - c.getType() instanceof IntegralType and - description = "$@ casted to integer." and - nanDescription = "Possibly NaN float value" - ) - //or - //// Case 4: Functions shall not return NaNs or infinities - //exists(ReturnStmt ret | node.asExpr() = ret.getExpr()) + // Case 1: NaNs shall not be compared, except to themselves + exists(ComparisonOperation cmp | + this.asExpr() = cmp.getAnOperand() and + not hashCons(cmp.getLeftOperand()) = hashCons(cmp.getRightOperand()) and + description = "Comparison involving a $@, which always evaluates to false." and + nanDescription = "possibly NaN float value" + ) + or + // Case 2: NaNs and infinities shall not be cast to integers + exists(Conversion c | + this.asExpr() = c.getUnconverted() and + c.getExpr().getType() instanceof FloatingPointType and + c.getType() instanceof IntegralType and + description = "$@ casted to integer." and + nanDescription = "Possibly NaN float value" + ) } string getDescription() { result = description } @@ -244,17 +240,18 @@ where elem = MacroUnwrapper::unwrapElement(sink.getNode().asExpr()) and usage = sink.getNode() and sourceExpr = source.getNode().asExpr() and - sourceString = - " (" + source.getNode().asExpr().(PotentiallyNaNExpr).getReason() + ")" and + sourceString = " (" + source.getNode().asExpr().(PotentiallyNaNExpr).getReason() + ")" and InvalidNaNFlow::flow(source.getNode(), usage) and ( if not sourceExpr.getEnclosingFunction() = usage.asExpr().getEnclosingFunction() then - extraString = usage.getNaNDescription() + sourceString + " computed in function " + sourceExpr.getEnclosingFunction().getName() - and extra = sourceExpr.getEnclosingFunction() + extraString = + usage.getNaNDescription() + sourceString + " computed in function " + + sourceExpr.getEnclosingFunction().getName() and + extra = sourceExpr.getEnclosingFunction() else ( extra = sourceExpr and - extraString = usage.getNaNDescription() + sourceString + extraString = usage.getNaNDescription() + sourceString ) ) -select elem, source, sink, usage.getDescription(), extra, extraString \ No newline at end of file +select elem, source, sink, usage.getDescription(), extra, extraString From c473ea0a98848fad8d40e2b292322decfdd4f755 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 7 Feb 2025 04:33:16 -0800 Subject: [PATCH 2383/2573] C formatting fix --- c/misra/test/rules/DIR-4-15/test.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/c/misra/test/rules/DIR-4-15/test.c b/c/misra/test/rules/DIR-4-15/test.c index e615d3447a..a827a7df97 100644 --- a/c/misra/test/rules/DIR-4-15/test.c +++ b/c/misra/test/rules/DIR-4-15/test.c @@ -162,8 +162,8 @@ void f1(float p1) { (int)pow(2, sin(p1)); // COMPLIANT: not likely to be Infinity (int)(1 / sin(p1)); // NON_COMPLIANT: possible infinity from zero in denominator - (int)(1 / log(p1)); // COMPLIANT: not possibly zero in denominator - (int)pow(p1, p1); // NON_COMPLIANT: NaN if p1 is zero + (int)(1 / log(p1)); // COMPLIANT: not possibly zero in denominator + (int)pow(p1, p1); // NON_COMPLIANT: NaN if p1 is zero if (p1 != 0) { (int)pow(p1, p1); // COMPLIANT: p1 is not zero } @@ -193,10 +193,10 @@ void f2() { castToInt(1.0 / 0.0); // NON_COMPLIANT: Infinity flows to denominator in division castToInt(0.0 / 0.0); // NON_COMPLIANT: NaN flows to denominator in division - checkBeforeCastToInt(1.0 / 0.0); // COMPLIANT - checkBeforeCastToInt(0.0 / 0.0); // COMPLIANT - addOneThenCastToInt(1.0 / 0.0); // NON_COMPLIANT[False negative] - addOneThenCastToInt(0.0 / 0.0); // NON_COMPLIANT + checkBeforeCastToInt(1.0 / 0.0); // COMPLIANT + checkBeforeCastToInt(0.0 / 0.0); // COMPLIANT + addOneThenCastToInt(1.0 / 0.0); // NON_COMPLIANT[False negative] + addOneThenCastToInt(0.0 / 0.0); // NON_COMPLIANT castToIntToFloatToInt(1.0 / 0.0); // NON_COMPLIANT castToIntToFloatToInt(0.0 / 0.0); // NON_COMPLIANT From c0e2020d70840f1f558ec567ef056cedb7687f7d Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 7 Feb 2025 04:34:58 -0800 Subject: [PATCH 2384/2573] Format range analysis qll --- .../src/codingstandards/cpp/RestrictedRangeAnalysis.qll | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/RestrictedRangeAnalysis.qll b/cpp/common/src/codingstandards/cpp/RestrictedRangeAnalysis.qll index 0c98824dbf..b81f113281 100644 --- a/cpp/common/src/codingstandards/cpp/RestrictedRangeAnalysis.qll +++ b/cpp/common/src/codingstandards/cpp/RestrictedRangeAnalysis.qll @@ -932,9 +932,8 @@ module RestrictedRangeAnalysis { } predicate canBoundExpr(Expr e) { - exists(RangeSsaDefinition def, StackVariable v | e = def.getAUse(v) | - analyzableDef(def, v) - ) or + exists(RangeSsaDefinition def, StackVariable v | e = def.getAUse(v) | analyzableDef(def, v)) + or analyzableExpr(e) or exists(getGuardedUpperBound(e)) From 09891b09d71ff26c6ac2a7e65bdc3442c6ec1f6a Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 7 Feb 2025 04:37:25 -0800 Subject: [PATCH 2385/2573] Remove changes to SimpleRangeAnalysisCustomizations.qll --- .../cpp/SimpleRangeAnalysisCustomizations.qll | 39 ------------------- 1 file changed, 39 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/SimpleRangeAnalysisCustomizations.qll b/cpp/common/src/codingstandards/cpp/SimpleRangeAnalysisCustomizations.qll index 2688452d28..5144f63dc2 100644 --- a/cpp/common/src/codingstandards/cpp/SimpleRangeAnalysisCustomizations.qll +++ b/cpp/common/src/codingstandards/cpp/SimpleRangeAnalysisCustomizations.qll @@ -14,45 +14,6 @@ import semmle.code.cpp.rangeanalysis.RangeAnalysisUtils import experimental.semmle.code.cpp.rangeanalysis.extensions.ConstantBitwiseAndExprRange private import experimental.semmle.code.cpp.models.interfaces.SimpleRangeAnalysisExpr -// Disabled, causing performance issues in grpc: -/* -private class DivByConstantExpr extends SimpleRangeAnalysisExpr, DivExpr { - float quotient; - - DivByConstantExpr() { - quotient = evaluateConstantExpr(getRightOperand()) - } - - override predicate dependsOnChild(Expr e) { - e = getLeftOperand() - } - - override float getLowerBounds() { - exists(float numerator | - result = numerator / quotient and - if (quotient > 0) then - // x / y where and y is positive scales the UB/LB. - numerator = getFullyConvertedLowerBounds(getLeftOperand()) - else - // x / -y where and -y is negative will invert and scale the UB/LB. - numerator = getFullyConvertedUpperBounds(getLeftOperand()) - ) - } - - override float getUpperBounds() { - exists(float numerator | - result = numerator / quotient and - if (quotient > 0) then - // x / y where and y is positive scales the UB/LB. - numerator = getFullyConvertedUpperBounds(getLeftOperand()) - else - // x / -y where and -y is negative will invert and scale the UB/LB. - numerator = getFullyConvertedLowerBounds(getLeftOperand()) - ) - } -} - */ - /** * A range analysis extension that support bitwise `|` and `|=` where at least one operand is a * non-negative constant. From 2a0d6cb36c45deef89434d05eb942aabb21e62a4 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 7 Feb 2025 04:41:16 -0800 Subject: [PATCH 2386/2573] Set more accurate query metadata --- .../rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.ql | 4 ++-- .../src/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql | 4 ++-- rule_packages/c/FloatingTypes2.json | 8 ++++---- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.ql b/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.ql index 61753c98a9..3d54b4f829 100644 --- a/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.ql +++ b/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.ql @@ -4,8 +4,8 @@ * @description Evaluation of floating-point expressions shall not lead to the undetected generation * of infinities. * @kind path-problem - * @precision high - * @problem.severity error + * @precision medium + * @problem.severity warning * @tags external/misra/id/dir-4-15 * correctness * external/misra/c/2012/amendment3 diff --git a/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql b/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql index 701834ca3f..2835a454d9 100644 --- a/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql +++ b/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql @@ -4,8 +4,8 @@ * @description Evaluation of floating-point expressions shall not lead to the undetected generation * of NaNs. * @kind path-problem - * @precision high - * @problem.severity error + * @precision low + * @problem.severity warning * @tags external/misra/id/dir-4-15 * correctness * external/misra/c/2012/amendment3 diff --git a/rule_packages/c/FloatingTypes2.json b/rule_packages/c/FloatingTypes2.json index 152ead08d3..3f4771dcc6 100644 --- a/rule_packages/c/FloatingTypes2.json +++ b/rule_packages/c/FloatingTypes2.json @@ -9,8 +9,8 @@ "description": "Evaluation of floating-point expressions shall not lead to the undetected generation of infinities.", "kind": "path-problem", "name": "Evaluation of floating-point expressions shall not lead to the undetected generation of infinities", - "precision": "high", - "severity": "error", + "precision": "medium", + "severity": "warning", "short_name": "PossibleMisuseOfUndetectedInfinity", "tags": [ "correctness", @@ -21,8 +21,8 @@ "description": "Evaluation of floating-point expressions shall not lead to the undetected generation of NaNs.", "kind": "path-problem", "name": "Evaluation of floating-point expressions shall not lead to the undetected generation of NaNs", - "precision": "high", - "severity": "error", + "precision": "low", + "severity": "warning", "short_name": "PossibleMisuseOfUndetectedNaN", "tags": [ "correctness", From 4920e9ce6c8e18f1559715f46a9a812b8a91bea9 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Sat, 8 Feb 2025 23:02:59 +0000 Subject: [PATCH 2387/2573] Update change_notes/2025-02-06-a3-1-5-audit.md Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- change_notes/2025-02-06-a3-1-5-audit.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/change_notes/2025-02-06-a3-1-5-audit.md b/change_notes/2025-02-06-a3-1-5-audit.md index 3aa0e6671b..1f56a25236 100644 --- a/change_notes/2025-02-06-a3-1-5-audit.md +++ b/change_notes/2025-02-06-a3-1-5-audit.md @@ -1,2 +1,2 @@ - - `A3-1-5` - `NonTrivalNonTemplateFunctionDefinedInsideClassDefinition.ql`: + - `A3-1-5` - `NonTrivialNonTemplateFunctionDefinedInsideClassDefinition.ql`: - Mark this as an `audit` query. As a consequence, it will no longer be run as part of the default query suite for AUTOSAR. It can still be run as part of the `autosar-audit.qls` query suite. The query has been downgraded because the rule allows for functions to be declared in the class body if they were "intended" to be inlined, and that developer intention cannot be determined automatically from the code. \ No newline at end of file From 939ab7930b082d15900bfb823493be8923ceb6f5 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sat, 8 Feb 2025 23:07:59 +0000 Subject: [PATCH 2388/2573] A3-1-5: Move precision to low --- ...NonTrivialNonTemplateFunctionDefinedInsideClassDefinition.ql | 2 +- cpp/autosar/test/rules/A3-1-5/test.cpp | 2 +- rule_packages/cpp/Classes.json | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/cpp/autosar/src/rules/A3-1-5/NonTrivialNonTemplateFunctionDefinedInsideClassDefinition.ql b/cpp/autosar/src/rules/A3-1-5/NonTrivialNonTemplateFunctionDefinedInsideClassDefinition.ql index 2edf73b6ee..9b250e487a 100644 --- a/cpp/autosar/src/rules/A3-1-5/NonTrivialNonTemplateFunctionDefinedInsideClassDefinition.ql +++ b/cpp/autosar/src/rules/A3-1-5/NonTrivialNonTemplateFunctionDefinedInsideClassDefinition.ql @@ -4,7 +4,7 @@ * @description A function that is not either trivial, a template function, or a member of a * template class may not be defined within a class body. * @kind problem - * @precision very-high + * @precision low * @problem.severity recommendation * @tags external/autosar/id/a3-1-5 * external/autosar/audit diff --git a/cpp/autosar/test/rules/A3-1-5/test.cpp b/cpp/autosar/test/rules/A3-1-5/test.cpp index 1b2898bf63..e6db0d1190 100644 --- a/cpp/autosar/test/rules/A3-1-5/test.cpp +++ b/cpp/autosar/test/rules/A3-1-5/test.cpp @@ -188,4 +188,4 @@ int FooBar::f1(int a, int b) { // COMPLIANT not a trivial function ; ; } -} +} \ No newline at end of file diff --git a/rule_packages/cpp/Classes.json b/rule_packages/cpp/Classes.json index d76a9b3bc5..59eb9a0418 100644 --- a/rule_packages/cpp/Classes.json +++ b/rule_packages/cpp/Classes.json @@ -182,7 +182,7 @@ "description": "A function that is not either trivial, a template function, or a member of a template class may not be defined within a class body.", "kind": "problem", "name": "A function shall be defined with a class body if and only if it is intended to be inlined", - "precision": "very-high", + "precision": "low", "severity": "recommendation", "short_name": "NonTrivialNonTemplateFunctionDefinedInsideClassDefinition", "tags": [ From 80edc11f6fd64b48849d07a2674e342ffea12f63 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Sun, 9 Feb 2025 00:15:22 -0800 Subject: [PATCH 2389/2573] Address feedback on emergent language features --- amendments.csv | 2 +- ...024-12-12-lessen-emergent-language-feature-restrictions.md | 2 ++ cpp/common/src/codingstandards/cpp/Emergent.qll | 4 ++++ 3 files changed, 7 insertions(+), 1 deletion(-) create mode 100644 change_notes/2024-12-12-lessen-emergent-language-feature-restrictions.md diff --git a/amendments.csv b/amendments.csv index 0f588b0e05..f153e68216 100644 --- a/amendments.csv +++ b/amendments.csv @@ -2,7 +2,7 @@ language,standard,amendment,rule_id,supportable,implementation_category,implemen c,MISRA-C-2012,Amendment3,DIR-4-6,Yes,Expand,Yes,Easy c,MISRA-C-2012,Amendment3,DIR-4-9,Yes,Refine,No,Easy c,MISRA-C-2012,Amendment3,DIR-4-11,Yes,Refine,No,Import -c,MISRA-C-2012,Amendment3,RULE-1-4,Yes,Replace,Yes,Easy +c,MISRA-C-2012,Amendment3,RULE-1-4,Yes,Replace,No,Easy c,MISRA-C-2012,Amendment3,RULE-10-1,Yes,Replace,Yes,Easy c,MISRA-C-2012,Amendment3,RULE-10-3,Yes,Refine,Yes,Easy c,MISRA-C-2012,Amendment3,RULE-10-4,Yes,Refine,Yes,Import diff --git a/change_notes/2024-12-12-lessen-emergent-language-feature-restrictions.md b/change_notes/2024-12-12-lessen-emergent-language-feature-restrictions.md new file mode 100644 index 0000000000..2893ba620b --- /dev/null +++ b/change_notes/2024-12-12-lessen-emergent-language-feature-restrictions.md @@ -0,0 +1,2 @@ + - `RULE-1-4` - `EmergentLanguageFeaturesUsed.ql`: + - Remove restrictions on `stdnoreturn.h`, `stdalign.h`. \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/Emergent.qll b/cpp/common/src/codingstandards/cpp/Emergent.qll index 30f1df58e4..f976da5f62 100644 --- a/cpp/common/src/codingstandards/cpp/Emergent.qll +++ b/cpp/common/src/codingstandards/cpp/Emergent.qll @@ -12,4 +12,8 @@ module C11 { getBody() = "1" } } + + class GenericMacro extends EmergentLanguageFeature, Macro { + GenericMacro() { getBody().indexOf("_Generic") = 0 } + } } From 57b4292b71fb46b76f239363ecc9eb9f35e54f96 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Sun, 9 Feb 2025 00:30:17 -0800 Subject: [PATCH 2390/2573] Revert deletion of stdatomic, threads, as emergent lanugage features --- amendments.csv | 2 +- .../src/codingstandards/cpp/Emergent.qll | 18 ++++++++++++++++++ 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/amendments.csv b/amendments.csv index b64bb98f21..6049525515 100644 --- a/amendments.csv +++ b/amendments.csv @@ -24,7 +24,7 @@ c,MISRA-C-2012,Amendment4,RULE-8-9,Yes,Clarification,Yes,Import c,MISRA-C-2012,Amendment4,RULE-9-4,Yes,Clarification,Yes,Import c,MISRA-C-2012,Amendment4,RULE-10-1,Yes,Clarification,Yes,Import c,MISRA-C-2012,Amendment4,RULE-18-3,Yes,Clarification,Yes,Import -c,MISRA-C-2012,Amendment4,RULE-1-4,Yes,Replace,Yes,Easy +c,MISRA-C-2012,Amendment4,RULE-1-4,Yes,Replace,No,Easy c,MISRA-C-2012,Amendment4,RULE-9-1,Yes,Refine,No,Easy c,MISRA-C-2012,Amendment4,RULE-9-2,Yes,Refine,No,Import c,MISRA-C-2012,Corrigendum2,DIR-4-10,Yes,Clarification,Yes,Import diff --git a/cpp/common/src/codingstandards/cpp/Emergent.qll b/cpp/common/src/codingstandards/cpp/Emergent.qll index f976da5f62..506d024bc9 100644 --- a/cpp/common/src/codingstandards/cpp/Emergent.qll +++ b/cpp/common/src/codingstandards/cpp/Emergent.qll @@ -6,6 +6,24 @@ import cpp module C11 { abstract class EmergentLanguageFeature extends Element { } + class AtomicVariableSpecifier extends EmergentLanguageFeature, Variable { + AtomicVariableSpecifier() { + getType().(DerivedType).getBaseType*().getASpecifier().getName() = "atomic" + } + } + + class AtomicDeclaration extends EmergentLanguageFeature, Declaration { + AtomicDeclaration() { getASpecifier().getName() = "atomic" } + } + + class ThreadLocalDeclaration extends EmergentLanguageFeature, Declaration { + ThreadLocalDeclaration() { getASpecifier().getName() = "is_thread_local" } + } + + class EmergentHeader extends EmergentLanguageFeature, Include { + EmergentHeader() { getIncludedFile().getBaseName() = ["stdatomic.h", "threads.h"] } + } + class LibExt1Macro extends EmergentLanguageFeature, Macro { LibExt1Macro() { getName() = "__STDC_WANT_LIB_EXT1__" and From f473520127921c17de346387f921879ef39eb498 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Sun, 9 Feb 2025 00:36:56 -0800 Subject: [PATCH 2391/2573] Fix tests for rule-1-4 --- .../RULE-1-4/EmergentLanguageFeaturesUsed.expected | 7 +++++++ c/misra/test/rules/RULE-1-4/test.c | 14 +++++++------- 2 files changed, 14 insertions(+), 7 deletions(-) diff --git a/c/misra/test/rules/RULE-1-4/EmergentLanguageFeaturesUsed.expected b/c/misra/test/rules/RULE-1-4/EmergentLanguageFeaturesUsed.expected index 3f63a6c26c..04c0e1bbd6 100644 --- a/c/misra/test/rules/RULE-1-4/EmergentLanguageFeaturesUsed.expected +++ b/c/misra/test/rules/RULE-1-4/EmergentLanguageFeaturesUsed.expected @@ -1 +1,8 @@ +| test.c:2:1:2:22 | #include | Usage of emergent language feature. | +| test.c:4:1:4:20 | #include | Usage of emergent language feature. | +| test.c:6:1:6:49 | #define MACRO(x) _Generic((x), int : 0, long : 1) | Usage of emergent language feature. | | test.c:7:1:7:32 | #define __STDC_WANT_LIB_EXT1__ 1 | Usage of emergent language feature. | +| test.c:12:26:12:40 | atomic_new_type | Usage of emergent language feature. | +| test.c:17:15:17:15 | i | Usage of emergent language feature. | +| test.c:24:27:24:28 | i3 | Usage of emergent language feature. | +| test.c:25:28:25:29 | i4 | Usage of emergent language feature. | diff --git a/c/misra/test/rules/RULE-1-4/test.c b/c/misra/test/rules/RULE-1-4/test.c index 8c1e44e6bd..106b29ef61 100644 --- a/c/misra/test/rules/RULE-1-4/test.c +++ b/c/misra/test/rules/RULE-1-4/test.c @@ -1,26 +1,26 @@ #include //COMPLIANT -#include //COMPLIANT +#include //NON-COMPLIANT #include //COMPLIANT -#include //COMPLIANT +#include //NON-COMPLIANT -#define MACRO(x) _Generic((x), int : 0, long : 1) // COMPLIANT +#define MACRO(x) _Generic((x), int : 0, long : 1) // NON-COMPLIANT #define __STDC_WANT_LIB_EXT1__ 1 // NON-COMPLIANT _Noreturn void f0(); // COMPLIANT typedef int new_type; // COMPLIANT -typedef _Atomic new_type atomic_new_type; // COMPLIANT +typedef _Atomic new_type atomic_new_type; // NON-COMPLIANT void f(int p) { int i0 = _Generic(p, int : 0, long : 1); // COMPLIANT - _Atomic int i; // COMPLIANT + _Atomic int i; // NON-COMPLIANT _Alignas(4) int i1; // COMPLIANT alignas(4) int i2; // COMPLIANT int a = _Alignof(int); // COMPLIANT int a1 = alignof(int); // COMPLIANT - static thread_local int i3; // COMPLIANT - static _Thread_local int i4; // COMPLIANT + static thread_local int i3; // NON-COMPLIANT + static _Thread_local int i4; // NON-COMPLIANT } \ No newline at end of file From 137329219c0e1c200f94f2bfe19e8c851636d24a Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Sun, 9 Feb 2025 00:38:27 -0800 Subject: [PATCH 2392/2573] s/NON-COMPLIANT/NON_COMPLIANT in rule-1-4 test.c --- c/misra/test/rules/RULE-1-4/test.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/c/misra/test/rules/RULE-1-4/test.c b/c/misra/test/rules/RULE-1-4/test.c index 106b29ef61..81d609f052 100644 --- a/c/misra/test/rules/RULE-1-4/test.c +++ b/c/misra/test/rules/RULE-1-4/test.c @@ -1,15 +1,15 @@ #include //COMPLIANT -#include //NON-COMPLIANT +#include //NON_COMPLIANT #include //COMPLIANT -#include //NON-COMPLIANT +#include //NON_COMPLIANT -#define MACRO(x) _Generic((x), int : 0, long : 1) // NON-COMPLIANT -#define __STDC_WANT_LIB_EXT1__ 1 // NON-COMPLIANT +#define MACRO(x) _Generic((x), int : 0, long : 1) // NON_COMPLIANT +#define __STDC_WANT_LIB_EXT1__ 1 // NON_COMPLIANT _Noreturn void f0(); // COMPLIANT typedef int new_type; // COMPLIANT -typedef _Atomic new_type atomic_new_type; // NON-COMPLIANT +typedef _Atomic new_type atomic_new_type; // NON_COMPLIANT void f(int p) { int i0 = _Generic(p, int : 0, long : 1); // COMPLIANT @@ -21,6 +21,6 @@ void f(int p) { int a = _Alignof(int); // COMPLIANT int a1 = alignof(int); // COMPLIANT - static thread_local int i3; // NON-COMPLIANT - static _Thread_local int i4; // NON-COMPLIANT + static thread_local int i3; // NON_COMPLIANT + static _Thread_local int i4; // NON_COMPLIANT } \ No newline at end of file From 42836526bb9953e0fb539f805988823612bc608d Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 10 Feb 2025 16:22:57 +0000 Subject: [PATCH 2393/2573] Deviations: Switch to new deviations format --- .../deviations/CodeIdentifierDeviation.qll | 37 ++++++++++++------ .../TypeLongDoubleUsed.expected | 6 +-- .../UnusedReturnValue.expected | 12 +++--- .../attribute_syntax.cpp | 17 ++++---- .../deviations/deviations_basic_test/main.cpp | 12 +++--- docs/user_manual.md | 39 ++++++++++--------- 6 files changed, 71 insertions(+), 52 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll b/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll index bd7100021a..731a04cfc7 100644 --- a/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll +++ b/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll @@ -1,14 +1,24 @@ /** - * A module for identifying comment markers in code that trigger deviations. + * A module for identifying in code markers in code that trigger deviations. * - * Each comment marker consists of a `code-identifier` with some optional annotations. A deviation will be applied to + * This module supports two different code identifier markers: + * - A C/C++ attribute based syntax + * - A comment-based format + * + * The C/C++ attribute based syntax uses the following format: + * ``` + * [[codeql::_deviation("code-identifier")]] + * ``` + * The deviation will be applied to the selected program element, and any syntactically nested children of that program element. + * + * For the comment format the marker consists of a `code-identifier` with some optional annotations. A deviation will be applied to * some range of lines in the file containing the comment based on the annotation. The supported marker annotation * formats are: * - `` - the deviation applies to results on the current line. - * - `[[codingstandards::deviation()]]` - same as above. - * - `[[codingstandards::deviation_next_line()]]` - this deviation applies to results on the next line. - * - `[[codingstandards::deviation_begin()]]` - marks the beginning of a range of lines where the deviation applies. - * - `[[codingstandards::deviation_end()]]` - marks the end of a range of lines where the deviation applies. + * - `codeql::_deviation()` - same as above. + * - `codeql::_deviation_next_line()` - this deviation applies to results on the next line. + * - `codeql::_deviation_begin()` - marks the beginning of a range of lines where the deviation applies. + * - `codeql::_deviation_end()` - marks the end of a range of lines where the deviation applies. * * The valid `code-identifier`s are specified in deviation records, which also specify the query whose results are * suppressed by the deviation. @@ -23,6 +33,8 @@ import cpp import Deviations +string supportedStandard() { result = ["misra", "autosar", "cert"] } + /** * Holds if the given comment contains the code identifier. */ @@ -67,7 +79,8 @@ abstract class CommentDeviationMarker extends Comment { */ class DeviationEndOfLineMarker extends CommentDeviationMarker { DeviationEndOfLineMarker() { - commentMatches(this, "[[codingstandards::deviation(" + record.getCodeIdentifier() + ")]]") + commentMatches(this, + "codeql::" + supportedStandard() + "_deviation(" + record.getCodeIdentifier() + ")") } } @@ -77,7 +90,7 @@ class DeviationEndOfLineMarker extends CommentDeviationMarker { class DeviationNextLineMarker extends CommentDeviationMarker { DeviationNextLineMarker() { commentMatches(this, - "[[codingstandards::deviation_next_line(" + record.getCodeIdentifier() + ")]]") + "codeql::" + supportedStandard() + "_deviation_next_line(" + record.getCodeIdentifier() + ")") } } @@ -91,7 +104,8 @@ abstract class CommentDeviationRangeMarker extends CommentDeviationMarker { } */ class DeviationBegin extends CommentDeviationRangeMarker { DeviationBegin() { - commentMatches(this, "[[codingstandards::deviation_begin(" + record.getCodeIdentifier() + ")]]") + commentMatches(this, + "codeql::" + supportedStandard() + "_deviation_begin(" + record.getCodeIdentifier() + ")") } } @@ -100,7 +114,8 @@ class DeviationBegin extends CommentDeviationRangeMarker { */ class DeviationEnd extends CommentDeviationRangeMarker { DeviationEnd() { - commentMatches(this, "[[codingstandards::deviation_end(" + record.getCodeIdentifier() + ")]]") + commentMatches(this, + "codeql::" + supportedStandard() + "_deviation_end(" + record.getCodeIdentifier() + ")") } } @@ -184,7 +199,7 @@ class DeviationAttribute extends StdAttribute { DeviationRecord record; DeviationAttribute() { - this.hasQualifiedName("codingstandards", "deviation") and + this.hasQualifiedName("codeql", supportedStandard() + "_deviation") and // Support multiple argument deviations "\"" + record.getCodeIdentifier() + "\"" = this.getAnArgument().getValueText() } diff --git a/cpp/common/test/deviations/deviations_basic_test/TypeLongDoubleUsed.expected b/cpp/common/test/deviations/deviations_basic_test/TypeLongDoubleUsed.expected index 99b3c89bfb..1786c4ce9e 100644 --- a/cpp/common/test/deviations/deviations_basic_test/TypeLongDoubleUsed.expected +++ b/cpp/common/test/deviations/deviations_basic_test/TypeLongDoubleUsed.expected @@ -1,7 +1,7 @@ | attribute_syntax.cpp:6:15:6:17 | dd1 | Use of long double type. | -| attribute_syntax.cpp:22:15:22:17 | d10 | Use of long double type. | -| attribute_syntax.cpp:30:15:30:17 | d14 | Use of long double type. | -| attribute_syntax.cpp:34:20:34:22 | d16 | Use of long double type. | +| attribute_syntax.cpp:21:15:21:17 | d10 | Use of long double type. | +| attribute_syntax.cpp:29:15:29:17 | d14 | Use of long double type. | +| attribute_syntax.cpp:33:20:33:22 | d16 | Use of long double type. | | main.cpp:13:15:13:16 | d1 | Use of long double type. | | main.cpp:18:15:18:16 | d4 | Use of long double type. | | main.cpp:21:15:21:16 | d6 | Use of long double type. | diff --git a/cpp/common/test/deviations/deviations_basic_test/UnusedReturnValue.expected b/cpp/common/test/deviations/deviations_basic_test/UnusedReturnValue.expected index 7538df2195..8b258328ab 100644 --- a/cpp/common/test/deviations/deviations_basic_test/UnusedReturnValue.expected +++ b/cpp/common/test/deviations/deviations_basic_test/UnusedReturnValue.expected @@ -1,10 +1,10 @@ | attribute_syntax.cpp:5:3:5:6 | call to getZ | Return value from call to $@ is unused. | attribute_syntax.cpp:1:5:1:8 | getZ | getZ | -| attribute_syntax.cpp:17:5:17:8 | call to getZ | Return value from call to $@ is unused. | attribute_syntax.cpp:1:5:1:8 | getZ | getZ | -| attribute_syntax.cpp:19:5:19:8 | call to getZ | Return value from call to $@ is unused. | attribute_syntax.cpp:1:5:1:8 | getZ | getZ | -| attribute_syntax.cpp:25:5:25:8 | call to getZ | Return value from call to $@ is unused. | attribute_syntax.cpp:1:5:1:8 | getZ | getZ | -| attribute_syntax.cpp:27:5:27:8 | call to getZ | Return value from call to $@ is unused. | attribute_syntax.cpp:1:5:1:8 | getZ | getZ | -| attribute_syntax.cpp:31:3:31:6 | call to getZ | Return value from call to $@ is unused. | attribute_syntax.cpp:1:5:1:8 | getZ | getZ | -| attribute_syntax.cpp:42:3:42:6 | call to getZ | Return value from call to $@ is unused. | attribute_syntax.cpp:1:5:1:8 | getZ | getZ | +| attribute_syntax.cpp:16:5:16:8 | call to getZ | Return value from call to $@ is unused. | attribute_syntax.cpp:1:5:1:8 | getZ | getZ | +| attribute_syntax.cpp:18:5:18:8 | call to getZ | Return value from call to $@ is unused. | attribute_syntax.cpp:1:5:1:8 | getZ | getZ | +| attribute_syntax.cpp:24:5:24:8 | call to getZ | Return value from call to $@ is unused. | attribute_syntax.cpp:1:5:1:8 | getZ | getZ | +| attribute_syntax.cpp:26:5:26:8 | call to getZ | Return value from call to $@ is unused. | attribute_syntax.cpp:1:5:1:8 | getZ | getZ | +| attribute_syntax.cpp:30:3:30:6 | call to getZ | Return value from call to $@ is unused. | attribute_syntax.cpp:1:5:1:8 | getZ | getZ | +| attribute_syntax.cpp:41:3:41:6 | call to getZ | Return value from call to $@ is unused. | attribute_syntax.cpp:1:5:1:8 | getZ | getZ | | main.cpp:12:3:12:6 | call to getX | Return value from call to $@ is unused. | main.cpp:8:5:8:8 | getX | getX | | main.cpp:25:3:25:6 | call to getX | Return value from call to $@ is unused. | main.cpp:8:5:8:8 | getX | getX | | main.cpp:27:3:27:6 | call to getX | Return value from call to $@ is unused. | main.cpp:8:5:8:8 | getX | getX | diff --git a/cpp/common/test/deviations/deviations_basic_test/attribute_syntax.cpp b/cpp/common/test/deviations/deviations_basic_test/attribute_syntax.cpp index 97b4ba987d..30acac3bfb 100644 --- a/cpp/common/test/deviations/deviations_basic_test/attribute_syntax.cpp +++ b/cpp/common/test/deviations/deviations_basic_test/attribute_syntax.cpp @@ -5,14 +5,13 @@ int alt() { getZ(); // NON_COMPLIANT long double dd1; // NON_COMPLIANT (A0-4-2) - long double [[codingstandards::deviation( - "a-0-4-2-deviation")]] dd3; // COMPLIANT[DEVIATED] - long double [[codingstandards::deviation("a")]] dd3a; // NON_COMPLIAT + long double [[codeql::autosar_deviation( + "a-0-4-2-deviation")]] dd3; // COMPLIANT[DEVIATED] - [[codingstandards::deviation( + [[codeql::autosar_deviation( "a-0-4-2-deviation")]] long double dd4; // COMPLIANT[DEVIATED] - [[codingstandards::deviation("a-0-4-2-deviation")]] { + [[codeql::autosar_deviation("a-0-4-2-deviation")]] { long double d7; // COMPLIANT[DEVIATED] getZ(); // NON_COMPLIANT (A0-1-2) long double d8; // COMPLIANT[DEVIATED] @@ -20,7 +19,7 @@ int alt() { long double d9; // COMPLIANT[DEVIATED] } long double d10; // NON_COMPLIANT (A0-4-2) - [[codingstandards::deviation("a-0-4-2-deviation")]] { + [[codeql::autosar_deviation("a-0-4-2-deviation")]] { long double d11; // COMPLIANT[DEVIATED] getZ(); // NON_COMPLIANT (A0-1-2) long double d12; // COMPLIANT[DEVIATED] @@ -29,16 +28,18 @@ int alt() { } long double d14; // NON_COMPLIANT (A0-4-2) getZ(); // NON_COMPLIANT (A0-1-2) - [[codingstandards::deviation("a-0-4-2-deviation")]] + [[codeql::autosar_deviation("a-0-4-2-deviation")]] for (long double d15 = 0.0; true;) {} // COMPLIANT[DEVIATED] for (long double d16 = 0.0; true;) { // NON_COMPLIANT (A0-4-2) } return 0; } -[[codingstandards::deviation("a-0-4-2-deviation")]] +[[codeql::autosar_deviation("a-0-4-2-deviation")]] int alt2() { int x = 0; // COMPLIANT[DEVIATED] getZ(); // NON_COMPLIANT long double dd1; // COMPLIANT[DEVIATED] + [[codeql::autosar_deviation( + "a-0-4-2-deviation")]] long double dd2; // COMPLIANT[DEVIATED] } \ No newline at end of file diff --git a/cpp/common/test/deviations/deviations_basic_test/main.cpp b/cpp/common/test/deviations/deviations_basic_test/main.cpp index e1faaec68c..aa389ed0ad 100644 --- a/cpp/common/test/deviations/deviations_basic_test/main.cpp +++ b/cpp/common/test/deviations/deviations_basic_test/main.cpp @@ -13,28 +13,28 @@ int main(int argc, char **argv) { long double d1; // NON_COMPLIANT (A0-4-2) long double d2; // a-0-4-2-deviation COMPLIANT[DEVIATED] - long double d3; // [[codingstandards::deviation(a-0-4-2-deviation)]] + long double d3; // codeql::autosar_deviation(a-0-4-2-deviation) // COMPLIANT[DEVIATED] long double d4; // NON_COMPLIANT (A0-4-2) - // [[codingstandards::deviation_next_line(a-0-4-2-deviation)]] + // codeql::autosar_deviation_next_line(a-0-4-2-deviation) long double d5; // COMPLIANT[DEVIATED] long double d6; // NON_COMPLIANT (A0-4-2) - // [[codingstandards::deviation_begin(a-0-4-2-deviation)]] + // codeql::autosar_deviation_begin(a-0-4-2-deviation) long double d7; // COMPLIANT[DEVIATED] getX(); // NON_COMPLIANT (A0-1-2) long double d8; // COMPLIANT[DEVIATED] getX(); // NON_COMPLIANT (A0-1-2) long double d9; // COMPLIANT[DEVIATED] - // [[codingstandards::deviation_end(a-0-4-2-deviation)]] + // codeql::autosar_deviation_end(a-0-4-2-deviation) long double d10; // NON_COMPLIANT (A0-4-2) - // [[codingstandards::deviation_begin(a-0-4-2-deviation)]] + // codeql::autosar_deviation_begin(a-0-4-2-deviation) long double d11; // COMPLIANT[DEVIATED] getX(); // NON_COMPLIANT (A0-1-2) long double d12; // COMPLIANT[DEVIATED] getX(); // NON_COMPLIANT (A0-1-2) long double d13; // COMPLIANT[DEVIATED] - // [[codingstandards::deviation_end(a-0-4-2-deviation)]] + // codeql::autosar_deviation_end(a-0-4-2-deviation) long double d14; // NON_COMPLIANT (A0-4-2) getX(); // NON_COMPLIANT (A0-1-2) return 0; diff --git a/docs/user_manual.md b/docs/user_manual.md index 5d2236ed10..34c675c4bc 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -426,10 +426,13 @@ The `process_coding_standards_config.py` has a dependency on the package `pyyaml A code identifier specified in a deviation record can be applied to certain results in the code by adding a C or C++ attribute of the following format: ``` -[[codingstandards::deviation("code-identifier")]] +[[codeql::_deviation("code-identifier")]] ``` +For example `[[codeql::misra_deviation("a1-2-4")]]` would apply a deviation of a rule in a MISRA standard, using the code identifier `a1-2-4`. The supported standard names are `misra`, `autosar` and `cert`. + This attribute may be added to the following program elements: + * Functions * Statements * Variables @@ -440,7 +443,7 @@ Deviation attributes are inherited from parents in the code structure. For examp Multiple code identifiers may be passed in a single attribute to apply multiple deviations, for example: ``` -[[codingstandards::deviation("code-identifier-1", "code-identifier-2")]] +[[codeql::misra_deviation("code-identifier-1", "code-identifier-2")]] ``` Note - considation should be taken to ensure the use of custom attributes for deviations is compatible with your chosen language version, compiler, compiler configuration and coding standard. @@ -461,10 +464,10 @@ If you cannot satisfy these condition, please use the deviation code identifier As an alternative to attributes, a code identifier specified in a deviation record can be applied to certain results in the code by adding a comment marker consisting of a `code-identifier` with some optional annotations. The supported marker annotation formats are: - `` - the deviation applies to results on the current line. - - `codingstandards::deviation()` - the deviation applies to results on the current line. - - `codingstandards::deviation_next_line()` - this deviation applies to results on the next line. - - `codingstandards::deviation_begin()` - marks the beginning of a range of lines where the deviation applies. - - `codingstandards::deviation_end()` - marks the end of a range of lines where the deviation applies. + - `codeql::_deviation()` - the deviation applies to results on the current line. + - `codeql::_deviation_next_line()` - this deviation applies to results on the next line. + - `codeql::_deviation_begin()` - marks the beginning of a range of lines where the deviation applies. + - `codeql::_deviation_end()` - marks the end of a range of lines where the deviation applies. Here are some examples, using the deviation record with the `a-0-4-2-deviation` code-identifier specified above: ```cpp @@ -473,32 +476,32 @@ Here are some examples, using the deviation record with the `a-0-4-2-deviation` long double x2; // a-0-4-2-deviation - COMPLIANT long double x3; // COMPLIANT - a-0-4-2-deviation - long double x4; // [[codingstandards::deviation(a-0-4-2-deviation)]] - COMPLIANT - long double x5; // COMPLIANT - [[codingstandards::deviation(a-0-4-2-deviation)]] + long double x4; // codeql::_deviation(a-0-4-2-deviation) - COMPLIANT + long double x5; // COMPLIANT - codeql::_deviation(a-0-4-2-deviation) - // [[codingstandards::deviation_next_line(a-0-4-2-deviation)]] + // codeql::_deviation_next_line(a-0-4-2-deviation) long double x6; // COMPLIANT - // [[codingstandards::deviation_begin(a-0-4-2-deviation)]] + // codeql::_deviation_begin(a-0-4-2-deviation) long double x7; // COMPLIANT - // [[codingstandards::deviation_end(a-0-4-2-deviation)]] + // codeql::_deviation_end(a-0-4-2-deviation) ``` -`codingstandards::deviation_end` markers will pair with the closest unmatched `codingstandards::deviation_begin` for the same `code-identifier`. Consider this example: +`codeql::_deviation_end` markers will pair with the closest unmatched `codeql::_deviation_begin` for the same `code-identifier`. Consider this example: ```cpp -1 | // [[codingstandards::deviation_begin(a-0-4-2-deviation)]] +1 | // codeql::_deviation_begin(a-0-4-2-deviation) 2 | -3 | // [[codingstandards::deviation_begin(a-0-4-2-deviation)]] +3 | // codeql::_deviation_begin(a-0-4-2-deviation) 4 | -5 | // [[codingstandards::deviation_end(a-0-4-2-deviation)]] +5 | // codeql::_deviation_end(a-0-4-2-deviation) 6 | -7 | // [[codingstandards::deviation_end(a-0-4-2-deviation)]] +7 | // codeql::_deviation_end(a-0-4-2-deviation) ``` Here, Line 1 will pair with Line 7, and Line 3 will pair with Line 8. -A `codingstandards::deviation_end` without a matching `codingstandards::deviation_begin`, or `codingstandards::deviation_begin` without a matching `codingstandards::deviation_end` is invalid and will be ignored. +A `codeql::_deviation_end` without a matching `codeql::_deviation_begin`, or `codeql::_deviation_begin` without a matching `codeql::_deviation_end` is invalid and will be ignored. -`codingstandards::deviation_begin` and `codingstandards::deviation_end` markers only apply within a single file. Markers cannot be paired across files, and deviations do not apply to included files. +`codeql::_deviation_begin` and `ccodeql::_deviation_end` markers only apply within a single file. Markers cannot be paired across files, and deviations do not apply to included files. Note: deviation markers cannot be applied to the body of a macro. Please apply the deviation to macro expansion, or use the attribute deviation format. From c65f635fc0740f45987f58a02dae5583b6bef2d3 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 10 Feb 2025 18:23:59 +0000 Subject: [PATCH 2394/2573] Remove deviation suppression query tests --- .../DeviationsSuppression.expected | 7 ------- .../deviations_report_deviated/DeviationsSuppression.qlref | 1 - 2 files changed, 8 deletions(-) delete mode 100644 cpp/common/test/deviations/deviations_report_deviated/DeviationsSuppression.expected delete mode 100644 cpp/common/test/deviations/deviations_report_deviated/DeviationsSuppression.qlref diff --git a/cpp/common/test/deviations/deviations_report_deviated/DeviationsSuppression.expected b/cpp/common/test/deviations/deviations_report_deviated/DeviationsSuppression.expected deleted file mode 100644 index 50ceb35b9d..0000000000 --- a/cpp/common/test/deviations/deviations_report_deviated/DeviationsSuppression.expected +++ /dev/null @@ -1,7 +0,0 @@ -| file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/type-long-double-used] | lgtm[cpp/autosar/type-long-double-used] | main.cpp:12:1:12:58 | Deviation of cpp/autosar/type-long-double-used for comment // a-0-4-2-deviation COMPLIANT[DEVIATED]. | -| file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/unused-return-value] | lgtm[cpp/autosar/unused-return-value] | nested/nested2/test2.h:1:1:6:1 | Deviation of cpp/autosar/unused-return-value for nested/nested2/test2.h. | -| file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/useless-assignment] | lgtm[cpp/autosar/useless-assignment] | coding-standards.xml:1:1:17:19 | Deviation of cpp/autosar/useless-assignment for coding-standards.xml. | -| file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/useless-assignment] | lgtm[cpp/autosar/useless-assignment] | main.cpp:1:1:14:1 | Deviation of cpp/autosar/useless-assignment for main.cpp. | -| file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/useless-assignment] | lgtm[cpp/autosar/useless-assignment] | nested/coding-standards.xml:1:1:13:19 | Deviation of cpp/autosar/useless-assignment for nested/coding-standards.xml. | -| file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/useless-assignment] | lgtm[cpp/autosar/useless-assignment] | nested/nested2/test2.h:1:1:6:1 | Deviation of cpp/autosar/useless-assignment for nested/nested2/test2.h. | -| file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/useless-assignment] | lgtm[cpp/autosar/useless-assignment] | nested/test.h:1:1:6:1 | Deviation of cpp/autosar/useless-assignment for nested/test.h. | diff --git a/cpp/common/test/deviations/deviations_report_deviated/DeviationsSuppression.qlref b/cpp/common/test/deviations/deviations_report_deviated/DeviationsSuppression.qlref deleted file mode 100644 index 6268ee7342..0000000000 --- a/cpp/common/test/deviations/deviations_report_deviated/DeviationsSuppression.qlref +++ /dev/null @@ -1 +0,0 @@ -codingstandards/cpp/deviations/DeviationsSuppression.ql \ No newline at end of file From e176bb10607c5321edf5facc6f99056d7164fe40 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 10 Feb 2025 21:19:34 +0000 Subject: [PATCH 2395/2573] Remove redundant import --- c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.ql | 1 - 1 file changed, 1 deletion(-) diff --git a/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.ql b/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.ql index 4ae6619227..7974c4d601 100644 --- a/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.ql +++ b/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.ql @@ -15,7 +15,6 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.Macro import codingstandards.cpp.SideEffect -import codingstandards.cpp.StructuralEquivalence import codingstandards.cpp.sideeffect.DefaultEffects import codingstandards.cpp.sideeffect.Customizations import semmle.code.cpp.valuenumbering.HashCons From 92f5d5b8ea4d37141200dc6b563c197e2bb1c5d4 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 10 Feb 2025 22:32:50 +0000 Subject: [PATCH 2396/2573] A5-1-9: Address param confusion The hash cons value for parameters was incorrectly calculated with parameter uses (e.g accesses to the parameter). The correct approach is to use the variable name and type. This caused performance issues, because the hash cons for a function was made up of all combinations of the accesses to the parameters. For lambdas with many parameters and many accesses, this was problematic. --- .../src/rules/A5-1-9/LambdaEquivalence.qll | 25 ++++++++++--------- 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/cpp/autosar/src/rules/A5-1-9/LambdaEquivalence.qll b/cpp/autosar/src/rules/A5-1-9/LambdaEquivalence.qll index 040777e321..c9ea4a0fd8 100644 --- a/cpp/autosar/src/rules/A5-1-9/LambdaEquivalence.qll +++ b/cpp/autosar/src/rules/A5-1-9/LambdaEquivalence.qll @@ -211,7 +211,7 @@ private module HashCons { private newtype HC_Params = HC_NoParams() or - HC_ParamCons(HashConsExpr hc, int i, HC_Params list) { mk_ParamCons(hc, i, list, _) } + HC_ParamCons(Type t, string name, int i, HC_Params list) { mk_ParamCons(t, name, i, list, _) } /** * HashConsExpr is the hash-cons of an expression. The relationship between `Expr` @@ -1275,13 +1275,14 @@ private module HashCons { mk_DeclConsInner(_, _, s.getNumDeclarations() - 1, hc, s) } - private predicate mk_ParamCons(HashConsExpr hc, int i, HC_Params list, Function f) { - hc = hashConsExpr(f.getParameter(i).getAnAccess()) and - ( - exists(HashConsExpr head, HC_Params tail | - mk_ParamConsInner(head, tail, i - 1, list, f) and - i > 0 - ) + private predicate mk_ParamCons(Type t, string name, int i, HC_Params list, Function f) { + exists(Parameter p | + p = f.getParameter(i) and + t = p.getType() and + name = p.getName() + | + mk_ParamConsInner(_, _, _, i - 1, list, f) and + i > 0 or i = 0 and list = HC_NoParams() @@ -1289,10 +1290,10 @@ private module HashCons { } private predicate mk_ParamConsInner( - HashConsExpr head, HC_Params tail, int i, HC_Params list, Function f + Type t, string name, HC_Params tail, int i, HC_Params list, Function f ) { - list = HC_ParamCons(head, i, tail) and - mk_ParamCons(head, i, tail, f) + list = HC_ParamCons(t, name, i, tail) and + mk_ParamCons(t, name, i, tail, f) } private predicate mk_FunctionCons( @@ -1302,7 +1303,7 @@ private module HashCons { name = f.getName() and body = hashConsStmt(f.getBlock()) and if f.getNumberOfParameters() > 0 - then mk_ParamConsInner(_, _, f.getNumberOfParameters() - 1, params, f) + then mk_ParamConsInner(_, _, _, f.getNumberOfParameters() - 1, params, f) else params = HC_NoParams() } From a568b887fda9945a2f40984a2034a23e9438f829 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 10 Feb 2025 23:09:05 +0000 Subject: [PATCH 2397/2573] A5-1-9: Filter blocks to lambdas in hash cons calc Move the exclusion of non-lambda blocks to the calculation of HC_BlockStmt, to avoid generating newtype instances for non-lambda instances. --- .../src/rules/A5-1-9/LambdaEquivalence.qll | 27 ++++++++++++++----- 1 file changed, 21 insertions(+), 6 deletions(-) diff --git a/cpp/autosar/src/rules/A5-1-9/LambdaEquivalence.qll b/cpp/autosar/src/rules/A5-1-9/LambdaEquivalence.qll index c9ea4a0fd8..cab93608c5 100644 --- a/cpp/autosar/src/rules/A5-1-9/LambdaEquivalence.qll +++ b/cpp/autosar/src/rules/A5-1-9/LambdaEquivalence.qll @@ -624,11 +624,21 @@ private module HashCons { strictcount(access.getTarget()) = 1 } + /** + * Gets the name of a variable. + * + * Extracted for performance reasons, to avoid magic, which was causing performance issues in getParameter(int i). + */ + pragma[nomagic] + private string getVariableName(Variable v) { result = v.getName() } + /* Note: This changed from the original HashCons module to be able to find structural equivalent expression. */ private predicate mk_Variable(Type t, string name, VariableAccess access) { analyzableVariable(access) and exists(Variable v | - v = access.getTarget() and t = v.getUnspecifiedType() and name = v.getName() + v = access.getTarget() and + t = v.getUnspecifiedType() and + name = getVariableName(v) ) } @@ -1104,7 +1114,14 @@ private module HashCons { nee.getExpr().getFullyConverted() = child.getAnExpr() } - private predicate mk_StmtCons(HashConsStmt hc, int i, HC_Stmts list, BlockStmt block) { + private class LambdaBlockStmt extends BlockStmt { + LambdaBlockStmt() { + // Restricting to statements inside a lambda expressions. + this.getParentScope*() = any(LambdaExpression le).getLambdaFunction() + } + } + + private predicate mk_StmtCons(HashConsStmt hc, int i, HC_Stmts list, LambdaBlockStmt block) { hc = hashConsStmt(block.getStmt(i)) and ( exists(HashConsStmt head, HC_Stmts tail | @@ -1118,13 +1135,13 @@ private module HashCons { } private predicate mk_StmtConsInner( - HashConsStmt head, HC_Stmts tail, int i, HC_Stmts list, BlockStmt block + HashConsStmt head, HC_Stmts tail, int i, HC_Stmts list, LambdaBlockStmt block ) { list = HC_StmtCons(head, i, tail) and mk_StmtCons(head, i, tail, block) } - private predicate mk_BlockStmtCons(HC_Stmts hc, BlockStmt s) { + private predicate mk_BlockStmtCons(HC_Stmts hc, LambdaBlockStmt s) { if s.getNumStmt() > 0 then exists(HashConsStmt head, HC_Stmts tail | @@ -1487,8 +1504,6 @@ private module HashCons { cached HashConsStmt hashConsStmt(Stmt s) { - // Restricting to statements inside a lambda expressions. - s.getParentScope*() = any(LambdaExpression le).getLambdaFunction() and exists(HC_Stmts list | mk_BlockStmtCons(list, s) and result = HC_BlockStmt(list) From c1d45c3411d23501c205bea8c6a521426187b4b9 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 10 Feb 2025 23:49:13 +0000 Subject: [PATCH 2398/2573] A5-1-9: Exclude duplication through macros --- .../src/rules/A5-1-9/IdenticalLambdaExpressions.ql | 10 +++++++++- cpp/autosar/test/rules/A5-1-9/test.cpp | 8 +++++++- 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/src/rules/A5-1-9/IdenticalLambdaExpressions.ql b/cpp/autosar/src/rules/A5-1-9/IdenticalLambdaExpressions.ql index 8717fd000e..1520955716 100644 --- a/cpp/autosar/src/rules/A5-1-9/IdenticalLambdaExpressions.ql +++ b/cpp/autosar/src/rules/A5-1-9/IdenticalLambdaExpressions.ql @@ -24,6 +24,14 @@ where not lambdaExpression = otherLambdaExpression and not lambdaExpression.isFromTemplateInstantiation(_) and not otherLambdaExpression.isFromTemplateInstantiation(_) and - getLambdaHashCons(lambdaExpression) = getLambdaHashCons(otherLambdaExpression) + getLambdaHashCons(lambdaExpression) = getLambdaHashCons(otherLambdaExpression) and + // Do not report lambdas produced by the same macro in different invocations + not exists(Macro m, MacroInvocation m1, MacroInvocation m2 | + m1 = m.getAnInvocation() and + m2 = m.getAnInvocation() and + not m1 = m2 and // Lambdas in the same macro can be reported + m1.getAnExpandedElement() = lambdaExpression and + m2.getAnExpandedElement() = otherLambdaExpression + ) select lambdaExpression, "Lambda expression is identical to $@ lambda expression.", otherLambdaExpression, "this" diff --git a/cpp/autosar/test/rules/A5-1-9/test.cpp b/cpp/autosar/test/rules/A5-1-9/test.cpp index 466cf14dfa..511be302a0 100644 --- a/cpp/autosar/test/rules/A5-1-9/test.cpp +++ b/cpp/autosar/test/rules/A5-1-9/test.cpp @@ -104,4 +104,10 @@ class Test_issue468 { LogError("Error"); LogFatal("Fatal"); } -}; \ No newline at end of file +}; + +#define MACRO() [](int i) -> int { return i + 3; } +void test_macros() { + MACRO(); // COMPLIANT + MACRO(); // COMPLIANT - no duplication +} \ No newline at end of file From 2d8beac88da84e404bddf654f53867934088b305 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 10 Feb 2025 23:52:18 +0000 Subject: [PATCH 2399/2573] Add change note --- change_notes/2025-02-10-improve-perf-a5-1-9.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 change_notes/2025-02-10-improve-perf-a5-1-9.md diff --git a/change_notes/2025-02-10-improve-perf-a5-1-9.md b/change_notes/2025-02-10-improve-perf-a5-1-9.md new file mode 100644 index 0000000000..ae7ea6f240 --- /dev/null +++ b/change_notes/2025-02-10-improve-perf-a5-1-9.md @@ -0,0 +1,2 @@ + - `A5-1-9` - `IdenticalLambdaExpressions.ql`: + - Performance has been improved. \ No newline at end of file From 1bd7dab926f5c94f13c3685e240af3e41385d01c Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 10 Feb 2025 23:53:26 +0000 Subject: [PATCH 2400/2573] Include fp update in change note --- change_notes/2025-02-10-improve-perf-a5-1-9.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/change_notes/2025-02-10-improve-perf-a5-1-9.md b/change_notes/2025-02-10-improve-perf-a5-1-9.md index ae7ea6f240..5d355bab49 100644 --- a/change_notes/2025-02-10-improve-perf-a5-1-9.md +++ b/change_notes/2025-02-10-improve-perf-a5-1-9.md @@ -1,2 +1,3 @@ - `A5-1-9` - `IdenticalLambdaExpressions.ql`: - - Performance has been improved. \ No newline at end of file + - Performance has been improved. + - False positives due to repeated invocation of macros containing lambdas have been excluded. \ No newline at end of file From 1ee79ac71f1858b054c65dd037c8cf9732ff1305 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 11 Feb 2025 23:45:03 +0000 Subject: [PATCH 2401/2573] A2-3-1: Address performance issue Address issue introduced in upgrade to 2.19.4. --- .../cpp/HardwareOrProtocolInterface.qll | 14 ++++++----- .../rules/A2-3-1/InvalidCharacterInComment.ql | 24 ++++++++++--------- 2 files changed, 21 insertions(+), 17 deletions(-) diff --git a/cpp/autosar/src/codingstandards/cpp/HardwareOrProtocolInterface.qll b/cpp/autosar/src/codingstandards/cpp/HardwareOrProtocolInterface.qll index d92a28e477..410fa1292f 100644 --- a/cpp/autosar/src/codingstandards/cpp/HardwareOrProtocolInterface.qll +++ b/cpp/autosar/src/codingstandards/cpp/HardwareOrProtocolInterface.qll @@ -3,14 +3,16 @@ import codingstandards.cpp.CommonTypes as CommonTypes abstract class HardwareOrProtocolInterfaceClass extends Class { } +class HardwareOrProtocolInterfaceComment extends Comment { + HardwareOrProtocolInterfaceComment() { + getContents().regexpMatch("(?m)^\\s*(//|\\*)\\s*@HardwareOrProtocolInterface\\s*$") + } +} + class AnnotatedHardwareOrProtocolInterfaceClass extends HardwareOrProtocolInterfaceClass { AnnotatedHardwareOrProtocolInterfaceClass() { - exists(Comment c, string contents | - c.getCommentedElement() = this.getADeclarationEntry() and - contents = - c.getContents() - .splitAt("\n") - .regexpFind("^\\s*(//|\\*)\\s*@HardwareOrProtocolInterface\\s*$", _, _) + exists(HardwareOrProtocolInterfaceComment c | + c.getCommentedElement() = this.getADeclarationEntry() ) } } diff --git a/cpp/autosar/src/rules/A2-3-1/InvalidCharacterInComment.ql b/cpp/autosar/src/rules/A2-3-1/InvalidCharacterInComment.ql index a3090003d3..fdcc74b115 100644 --- a/cpp/autosar/src/rules/A2-3-1/InvalidCharacterInComment.ql +++ b/cpp/autosar/src/rules/A2-3-1/InvalidCharacterInComment.ql @@ -18,21 +18,23 @@ import cpp import codingstandards.cpp.autosar -bindingset[s] -string getCharOutsideBasicSourceCharSet(string s) { - result = s.regexpFind("[\\u0000-\\u007f]", _, _) and - not result.regexpMatch("[\\p{Alnum}\\p{Space}_{}\\[\\]#()<>%:;.?*+-/^&|~!=,\\\\\"'@]") - or - result = s.regexpFind("[\\u00c0-\\u00df][\\u0080-\\u00bf]", _, _) - or - result = s.regexpFind("[\\u00e0-\\u00ef][\\u0080-\\u00bf]{2}", _, _) - or - result = s.regexpFind("[\\u00f0-\\u00f7][\\u0080-\\u00bf]{3}", _, _) +string getCharOutsideBasicSourceCharSet(Comment c) { + exists(string s | s = c.getContents() | + result = + s.regexpFind("(?![\\p{Alnum}\\p{Space}_{}\\[\\]#()<>%:;.?*+-/^&|~!=,\\\\\"'@])[\\u0000-\\u007f]", + _, _) + or + result = s.regexpFind("[\\u00c0-\\u00df][\\u0080-\\u00bf]", _, _) + or + result = s.regexpFind("[\\u00e0-\\u00ef][\\u0080-\\u00bf]{2}", _, _) + or + result = s.regexpFind("[\\u00f0-\\u00f7][\\u0080-\\u00bf]{3}", _, _) + ) } from Comment c, string ch where not isExcluded(c, NamingPackage::invalidCharacterInCommentQuery()) and - ch = getCharOutsideBasicSourceCharSet(c.getContents()) + ch = getCharOutsideBasicSourceCharSet(c) select c, "Comment uses the character '" + ch + "' that is outside the language basic character set." From cb4be0ff7e5b170556c4e0127828421861b9b1f4 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 11 Feb 2025 23:49:27 +0000 Subject: [PATCH 2402/2573] IsStrictlyWeak: Address performance issue --- .../OrderingPredicateMustBeStrictlyWeak.qll | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.qll b/cpp/common/src/codingstandards/cpp/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.qll index aa4b646ec6..66563bb9ff 100644 --- a/cpp/common/src/codingstandards/cpp/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.qll +++ b/cpp/common/src/codingstandards/cpp/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.qll @@ -14,19 +14,19 @@ abstract class OrderingPredicateMustBeStrictlyWeakSharedQuery extends Query { } Query getQuery() { result instanceof OrderingPredicateMustBeStrictlyWeakSharedQuery } +class IsStrictlyWeaklyOrderedComment extends Comment { + IsStrictlyWeaklyOrderedComment() { + getContents().regexpMatch("(?m)^\\s*(//|\\*)\\s*@IsStrictlyWeaklyOrdered\\s*$") + } +} + /** * User annotated class indicating a comparator is axiomatically strictly weakly * ordering. */ class UserDefinedStrictlyWeakOrderingComparator extends Class { UserDefinedStrictlyWeakOrderingComparator() { - exists(Comment c, string contents | - c.getCommentedElement() = this.getADeclarationEntry() and - contents = - c.getContents() - .splitAt("\n") - .regexpFind("^\\s*(//|\\*)\\s*@IsStrictlyWeaklyOrdered\\s*$", _, _) - ) + exists(IsStrictlyWeaklyOrderedComment c | c.getCommentedElement() = this.getADeclarationEntry()) } } From f56fa0f05bac0c78f1816a6cee4948eeea5b2bb5 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 12 Feb 2025 23:48:55 +0000 Subject: [PATCH 2403/2573] Detect invalid deviation markers --- .../deviations/CodeIdentifierDeviation.qll | 29 +++++++++++++-- .../InvalidDeviationCodeIdentifier.md | 19 ++++++++++ .../InvalidDeviationCodeIdentifier.ql | 35 +++++++++++++++++++ .../InvalidDeviationCodeIdentifier.expected | 10 ++++++ .../InvalidDeviationCodeIdentifier.qlref | 1 + .../invalid_deviations/coding-standards.xml | 5 +++ .../invalid_deviations/coding-standards.yml | 3 ++ .../deviations/invalid_deviations/dummy.cpp | 1 - .../invalidcodeidentifiers.cpp | 22 ++++++++++++ 9 files changed, 121 insertions(+), 4 deletions(-) create mode 100644 cpp/common/src/codingstandards/cpp/deviations/InvalidDeviationCodeIdentifier.md create mode 100644 cpp/common/src/codingstandards/cpp/deviations/InvalidDeviationCodeIdentifier.ql create mode 100644 cpp/common/test/deviations/invalid_deviations/InvalidDeviationCodeIdentifier.expected create mode 100644 cpp/common/test/deviations/invalid_deviations/InvalidDeviationCodeIdentifier.qlref delete mode 100644 cpp/common/test/deviations/invalid_deviations/dummy.cpp create mode 100644 cpp/common/test/deviations/invalid_deviations/invalidcodeidentifiers.cpp diff --git a/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll b/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll index 731a04cfc7..8c55cc9428 100644 --- a/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll +++ b/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll @@ -74,6 +74,16 @@ abstract class CommentDeviationMarker extends Comment { DeviationRecord getRecord() { result = record } } +/** + * A deviation marker in a comment that is not a valid deviation marker. + */ +class InvalidCommentDeviationMarker extends Comment { + InvalidCommentDeviationMarker() { + not this instanceof CommentDeviationMarker and + commentMatches(this, "codeql::" + supportedStandard() + "_deviation") + } +} + /** * A deviation marker for a deviation that applies to the current line. */ @@ -182,9 +192,7 @@ private class BeginStack extends TBeginStack { } } -private predicate isDeviationRangePaired( - DeviationRecord record, DeviationBegin begin, DeviationEnd end -) { +predicate isDeviationRangePaired(DeviationRecord record, DeviationBegin begin, DeviationEnd end) { exists(File file, int index | record = end.getRecord() and hasDeviationCommentFileOrdering(record, end, file, index) and @@ -226,6 +234,21 @@ class DeviationAttribute extends StdAttribute { } } +/** + * A deviation attribute that is not associated with any deviation record. + */ +class InvalidDeviationAttribute extends StdAttribute { + string unknownCodeIdentifier; + + InvalidDeviationAttribute() { + this.hasQualifiedName("codeql", supportedStandard() + "_deviation") and + "\"" + unknownCodeIdentifier + "\"" = this.getAnArgument().getValueText() and + not exists(DeviationRecord record | record.getCodeIdentifier() = unknownCodeIdentifier) + } + + string getAnUnknownCodeIdentifier() { result = unknownCodeIdentifier } +} + newtype TCodeIndentifierDeviation = TSingleLineDeviation(DeviationRecord record, Comment comment, string filepath, int suppressedLine) { ( diff --git a/cpp/common/src/codingstandards/cpp/deviations/InvalidDeviationCodeIdentifier.md b/cpp/common/src/codingstandards/cpp/deviations/InvalidDeviationCodeIdentifier.md new file mode 100644 index 0000000000..9c128bab2d --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/deviations/InvalidDeviationCodeIdentifier.md @@ -0,0 +1,19 @@ +# Invalid deviation dode identifier + +## Overview + +Invalid deviation markers in code have no effect on the results but may indicate confusion over which results will be suppressed. + +Deviation code markers are used to suppress CodeQL Coding Standards results, following the process specified in the "MISRA Compliance 2020" document. There are a range of different deviation markers, with specific syntactic requirements. If those syntactic requirements are not met, the marker is invalid and will not be applied, which is likely contrary to developer expectations. + +## Recommendation + +Ensure the following requirements are met: + + * All `codeql::_deviation_begin(..)` markers are paired with a matching `codeql::_deviation_end(..)` marker. + * All instances of `codeql::_deviation` in comments are correctly formatted comment markers, and reference a `code-identifier`s that is specified in a deviation record included in the analysis. + * All deviation attributes reference `code-identifier`s that are specified in a deviation record included in the analysis. + +## References + +* [MISRA Compliance 2020 document - Chapter 4.2 (page 12) - Deviations](https://www.misra.org.uk/app/uploads/2021/06/MISRA-Compliance-2020.pdf) \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/deviations/InvalidDeviationCodeIdentifier.ql b/cpp/common/src/codingstandards/cpp/deviations/InvalidDeviationCodeIdentifier.ql new file mode 100644 index 0000000000..03e1ffc2b0 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/deviations/InvalidDeviationCodeIdentifier.ql @@ -0,0 +1,35 @@ +/** + * @id cpp/coding-standards/invalid-deviation-code-identifiers + * @name Invalid deviation code identifiers + * @description Deviation code identifiers must be valid. + * @kind problem + * @problem.severity error + */ + +import cpp +import CodeIdentifierDeviation + +predicate deviationCodeIdentifierError(Element e, string message) { + exists(DeviationEnd end | + e = end and + not isDeviationRangePaired(_, _, end) and + message = "Deviation end block is unmatched." + ) + or + exists(InvalidDeviationAttribute b | + e = b and + message = + "Deviation attribute references unknown code identifier " + b.getAnUnknownCodeIdentifier() + + "." + ) + or + exists(InvalidCommentDeviationMarker m | + e = m and + message = + "Deviation marker does not match an expected format, or references an unknown code identifier." + ) +} + +from Element e, string message +where deviationCodeIdentifierError(e, message) +select e, message diff --git a/cpp/common/test/deviations/invalid_deviations/InvalidDeviationCodeIdentifier.expected b/cpp/common/test/deviations/invalid_deviations/InvalidDeviationCodeIdentifier.expected new file mode 100644 index 0000000000..eb81658007 --- /dev/null +++ b/cpp/common/test/deviations/invalid_deviations/InvalidDeviationCodeIdentifier.expected @@ -0,0 +1,10 @@ +| invalidcodeidentifiers.cpp:1:1:1:45 | // codeql::misra_deviation(x) - invalid, no x | Deviation marker does not match an expected format, or references an unknown code identifier. | +| invalidcodeidentifiers.cpp:2:1:2:47 | // codeql::autosar_deviation(x) - invalid, no x | Deviation marker does not match an expected format, or references an unknown code identifier. | +| invalidcodeidentifiers.cpp:3:1:3:44 | // codeql::cert_deviation(x) - invalid, no x | Deviation marker does not match an expected format, or references an unknown code identifier. | +| invalidcodeidentifiers.cpp:4:1:4:71 | // codeql::misra_deviation_next(a-0-4-2-deviation) - invalid, next_line | Deviation marker does not match an expected format, or references an unknown code identifier. | +| invalidcodeidentifiers.cpp:5:1:5:73 | // codeql::autosar_deviation_next(a-0-4-2-deviation) - invalid, next_line | Deviation marker does not match an expected format, or references an unknown code identifier. | +| invalidcodeidentifiers.cpp:6:1:6:70 | // codeql::cert_deviation_next(a-0-4-2-deviation) - invalid, next_line | Deviation marker does not match an expected format, or references an unknown code identifier. | +| invalidcodeidentifiers.cpp:14:1:14:74 | // codeql::misra_deviation_end(a-0-4-2-deviation) - invalid, unmatched end | Deviation end block is unmatched. | +| invalidcodeidentifiers.cpp:15:1:15:76 | // codeql::autosar_deviation_end(a-0-4-2-deviation) - invalid, unmatched end | Deviation end block is unmatched. | +| invalidcodeidentifiers.cpp:16:1:16:73 | // codeql::cert_deviation_end(a-0-4-2-deviation) - invalid, unmatched end | Deviation end block is unmatched. | +| invalidcodeidentifiers.cpp:18:3:18:25 | misra_deviation | Deviation attribute references unknown code identifier x. | diff --git a/cpp/common/test/deviations/invalid_deviations/InvalidDeviationCodeIdentifier.qlref b/cpp/common/test/deviations/invalid_deviations/InvalidDeviationCodeIdentifier.qlref new file mode 100644 index 0000000000..c70989966f --- /dev/null +++ b/cpp/common/test/deviations/invalid_deviations/InvalidDeviationCodeIdentifier.qlref @@ -0,0 +1 @@ +codingstandards/cpp/deviations/InvalidDeviationCodeIdentifier.ql \ No newline at end of file diff --git a/cpp/common/test/deviations/invalid_deviations/coding-standards.xml b/cpp/common/test/deviations/invalid_deviations/coding-standards.xml index 179227a13d..2b5d798b35 100644 --- a/cpp/common/test/deviations/invalid_deviations/coding-standards.xml +++ b/cpp/common/test/deviations/invalid_deviations/coding-standards.xml @@ -86,6 +86,11 @@ RULE-13-6 c/misra/sizeof-operand-with-side-effect + + A0-4-2 + long double is required for interaction with third-party libraries. + a-0-4-2-deviation + diff --git a/cpp/common/test/deviations/invalid_deviations/coding-standards.yml b/cpp/common/test/deviations/invalid_deviations/coding-standards.yml index 7b12c7a8c2..679ef8a31e 100644 --- a/cpp/common/test/deviations/invalid_deviations/coding-standards.yml +++ b/cpp/common/test/deviations/invalid_deviations/coding-standards.yml @@ -46,6 +46,9 @@ deviations: - permit-id: DP2 - rule-id: RULE-13-6 query-id: c/misra/sizeof-operand-with-side-effect + - rule-id: A0-4-2 + justification: long double is required for interaction with third-party libraries. + code-identifier: a-0-4-2-deviation deviation-permits: - permit-id: DP1 justification: foo bar baz diff --git a/cpp/common/test/deviations/invalid_deviations/dummy.cpp b/cpp/common/test/deviations/invalid_deviations/dummy.cpp deleted file mode 100644 index 4a3cb36e40..0000000000 --- a/cpp/common/test/deviations/invalid_deviations/dummy.cpp +++ /dev/null @@ -1 +0,0 @@ -// Deliberately blank \ No newline at end of file diff --git a/cpp/common/test/deviations/invalid_deviations/invalidcodeidentifiers.cpp b/cpp/common/test/deviations/invalid_deviations/invalidcodeidentifiers.cpp new file mode 100644 index 0000000000..714c83d264 --- /dev/null +++ b/cpp/common/test/deviations/invalid_deviations/invalidcodeidentifiers.cpp @@ -0,0 +1,22 @@ +// codeql::misra_deviation(x) - invalid, no x +// codeql::autosar_deviation(x) - invalid, no x +// codeql::cert_deviation(x) - invalid, no x +// codeql::misra_deviation_next(a-0-4-2-deviation) - invalid, next_line +// codeql::autosar_deviation_next(a-0-4-2-deviation) - invalid, next_line +// codeql::cert_deviation_next(a-0-4-2-deviation) - invalid, next_line + +// codeql::misra_deviation_begin(a-0-4-2-deviation) +// codeql::autosar_deviation_begin(a-0-4-2-deviation) +// codeql::cert_deviation_begin(a-0-4-2-deviation) +// codeql::misra_deviation_end(a-0-4-2-deviation) +// codeql::autosar_deviation_end(a-0-4-2-deviation) +// codeql::cert_deviation_end(a-0-4-2-deviation) +// codeql::misra_deviation_end(a-0-4-2-deviation) - invalid, unmatched end +// codeql::autosar_deviation_end(a-0-4-2-deviation) - invalid, unmatched end +// codeql::cert_deviation_end(a-0-4-2-deviation) - invalid, unmatched end + +[[codeql::misra_deviation("x")]] // invalid +void test() {} + +[[codeql::autosar_deviation("a-0-4-2-deviation")]] +void test2() {} From ef3104aa1dc91dadf938ffd0c01944df347dec89 Mon Sep 17 00:00:00 2001 From: Fernando Jose Date: Thu, 13 Feb 2025 18:11:51 +0900 Subject: [PATCH 2404/2573] Fix #718. Use % in string::matches to accept any sequence of characters after the group comment ending ///@}. --- change_notes/2025-02-13-fix-issue-718.md | 2 ++ .../src/rules/A2-7-3/UndocumentedUserDefinedType.ql | 2 +- cpp/autosar/test/rules/A2-7-3/test.cpp | 10 ++++++++++ 3 files changed, 13 insertions(+), 1 deletion(-) create mode 100644 change_notes/2025-02-13-fix-issue-718.md diff --git a/change_notes/2025-02-13-fix-issue-718.md b/change_notes/2025-02-13-fix-issue-718.md new file mode 100644 index 0000000000..39e499d583 --- /dev/null +++ b/change_notes/2025-02-13-fix-issue-718.md @@ -0,0 +1,2 @@ +- `A2-7-3` - `UndocumentedUserDefinedType.ql` + - Fixes #718. Include trailing characters after group comment endings with ///@{ ... ///@}. diff --git a/cpp/autosar/src/rules/A2-7-3/UndocumentedUserDefinedType.ql b/cpp/autosar/src/rules/A2-7-3/UndocumentedUserDefinedType.ql index b38cf7d02c..f2dd0dc8bc 100644 --- a/cpp/autosar/src/rules/A2-7-3/UndocumentedUserDefinedType.ql +++ b/cpp/autosar/src/rules/A2-7-3/UndocumentedUserDefinedType.ql @@ -28,7 +28,7 @@ private predicate isInFunctionScope(Declaration d) { private string doxygenCommentGroupStrings(boolean opening) { opening = true and result = ["///@{", "/**@{*/"] or - opening = false and result = ["///@}", "/**@}*/"] + opening = false and result = ["///@}%", "/**@}*/"] } pragma[inline] diff --git a/cpp/autosar/test/rules/A2-7-3/test.cpp b/cpp/autosar/test/rules/A2-7-3/test.cpp index 01f7bad611..c062da4ee9 100644 --- a/cpp/autosar/test/rules/A2-7-3/test.cpp +++ b/cpp/autosar/test/rules/A2-7-3/test.cpp @@ -225,4 +225,14 @@ class ClassG2 { // COMPLIANT class ClassG3 { // COMPLIANT public: friend int foo3() { return 1; } // NON_COMPLIANT +}; + +/// @brief A Doxygen comment. +class ClassH { // COMPLIANT +public: + /// @brief Group with comment at the end. + ///@{ + void m(); // COMPLIANT + void n(); // COMPLIANT + ///@} End of group }; \ No newline at end of file From 5a6d7ca84f2dd1f00be7380d1800c095bc4a7439 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 13 Feb 2025 11:24:29 +0000 Subject: [PATCH 2405/2573] Deviations: Support attribute inheritence Attributes are inherited from their parent. Includes support for features which are not currently enabled, due to lack of support in CodeQL itself. --- .../deviations/CodeIdentifierDeviation.qll | 15 +++++++ .../TypeLongDoubleUsed.expected | 3 ++ .../UnusedReturnValue.expected | 2 + .../attribute_syntax.cpp | 39 +++++++++++++++++-- docs/user_manual.md | 5 +-- 5 files changed, 57 insertions(+), 7 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll b/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll index 8c55cc9428..2a2d0eec15 100644 --- a/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll +++ b/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll @@ -231,6 +231,21 @@ class DeviationAttribute extends StdAttribute { result.(Stmt).getEnclosingFunction() = this.getASuppressedElement() or result.(LocalVariable) = this.getASuppressedElement().(DeclStmt).getADeclaration() + or + result.(Function).getDeclaringType() = this.getASuppressedElement() + or + result.(Variable).getDeclaringType() = this.getASuppressedElement() + or + exists(LambdaExpression expr | + expr = this.getASuppressedElement() and + result = expr.getLambdaFunction() + ) + or + exists(Function f | + f = this.getASuppressedElement() and + // A suppression on the function should apply to the noexcept expression + result = f.getADeclarationEntry().getNoExceptExpr() + ) } } diff --git a/cpp/common/test/deviations/deviations_basic_test/TypeLongDoubleUsed.expected b/cpp/common/test/deviations/deviations_basic_test/TypeLongDoubleUsed.expected index 1786c4ce9e..172b623195 100644 --- a/cpp/common/test/deviations/deviations_basic_test/TypeLongDoubleUsed.expected +++ b/cpp/common/test/deviations/deviations_basic_test/TypeLongDoubleUsed.expected @@ -2,6 +2,9 @@ | attribute_syntax.cpp:21:15:21:17 | d10 | Use of long double type. | | attribute_syntax.cpp:29:15:29:17 | d14 | Use of long double type. | | attribute_syntax.cpp:33:20:33:22 | d16 | Use of long double type. | +| attribute_syntax.cpp:55:15:55:16 | d1 | Use of long double type. | +| attribute_syntax.cpp:57:17:57:18 | d2 | Use of long double type. | +| attribute_syntax.cpp:60:17:60:18 | d3 | Use of long double type. | | main.cpp:13:15:13:16 | d1 | Use of long double type. | | main.cpp:18:15:18:16 | d4 | Use of long double type. | | main.cpp:21:15:21:16 | d6 | Use of long double type. | diff --git a/cpp/common/test/deviations/deviations_basic_test/UnusedReturnValue.expected b/cpp/common/test/deviations/deviations_basic_test/UnusedReturnValue.expected index 8b258328ab..120337ffdc 100644 --- a/cpp/common/test/deviations/deviations_basic_test/UnusedReturnValue.expected +++ b/cpp/common/test/deviations/deviations_basic_test/UnusedReturnValue.expected @@ -5,6 +5,8 @@ | attribute_syntax.cpp:26:5:26:8 | call to getZ | Return value from call to $@ is unused. | attribute_syntax.cpp:1:5:1:8 | getZ | getZ | | attribute_syntax.cpp:30:3:30:6 | call to getZ | Return value from call to $@ is unused. | attribute_syntax.cpp:1:5:1:8 | getZ | getZ | | attribute_syntax.cpp:41:3:41:6 | call to getZ | Return value from call to $@ is unused. | attribute_syntax.cpp:1:5:1:8 | getZ | getZ | +| attribute_syntax.cpp:49:5:49:8 | call to getZ | Return value from call to $@ is unused. | attribute_syntax.cpp:1:5:1:8 | getZ | getZ | +| attribute_syntax.cpp:61:5:61:8 | call to getZ | Return value from call to $@ is unused. | attribute_syntax.cpp:1:5:1:8 | getZ | getZ | | main.cpp:12:3:12:6 | call to getX | Return value from call to $@ is unused. | main.cpp:8:5:8:8 | getX | getX | | main.cpp:25:3:25:6 | call to getX | Return value from call to $@ is unused. | main.cpp:8:5:8:8 | getX | getX | | main.cpp:27:3:27:6 | call to getX | Return value from call to $@ is unused. | main.cpp:8:5:8:8 | getX | getX | diff --git a/cpp/common/test/deviations/deviations_basic_test/attribute_syntax.cpp b/cpp/common/test/deviations/deviations_basic_test/attribute_syntax.cpp index 30acac3bfb..12a21e9673 100644 --- a/cpp/common/test/deviations/deviations_basic_test/attribute_syntax.cpp +++ b/cpp/common/test/deviations/deviations_basic_test/attribute_syntax.cpp @@ -36,10 +36,41 @@ int alt() { } [[codeql::autosar_deviation("a-0-4-2-deviation")]] -int alt2() { +int test_function_deviation() { int x = 0; // COMPLIANT[DEVIATED] getZ(); // NON_COMPLIANT long double dd1; // COMPLIANT[DEVIATED] - [[codeql::autosar_deviation( - "a-0-4-2-deviation")]] long double dd2; // COMPLIANT[DEVIATED] -} \ No newline at end of file +} + +[[codeql::autosar_deviation("a-0-4-2-deviation")]] +void test_lambdas() { + auto l = []() { + long double d4; // COMPLIANT[DEVIATED] + getZ(); // NON_COMPLIANT + }; +} + +// Attributes are not supported on a class level at the moment +[[codeql::autosar_deviation("a-0-4-2-deviation")]] class ClassA { + long double d1; // COMPLIANT[DEVIATED - false positive] + class ClassNested { + long double d2; // COMPLIANT[DEVIATED - false positive] + }; + void test() { + long double d3; // COMPLIANT[DEVIATED - false positive] + getZ(); // NON_COMPLIANT + } +}; + +// static_assert, templates, noexcept, multiple declarations + +// Namespaces not currently supported by attributes +// [[codeql::autosar_deviation("a-0-4-2-deviation")]] namespace NS { +// long double d1; // COMPLIANT[DEVIATED] +// class ClassA { +// long double d1; // COMPLIANT[DEVIATED] +// }; +// void test() { +// long double d1; // COMPLIANT[DEVIATED] +// } +// } \ No newline at end of file diff --git a/docs/user_manual.md b/docs/user_manual.md index 9b58764eb8..a9b119f0da 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -446,9 +446,8 @@ This attribute may be added to the following program elements: * Functions * Statements * Variables - * Type declarations -Deviation attributes are inherited from parents in the code structure. For example, a deviation attribute applied to a function will apply the deviation to all code within the function. Note: deviations are not inherited by lambda expressions. +Deviation attributes are inherited from parents in the code structure. For example, a deviation attribute applied to a function will apply the deviation to all code within the function. Multiple code identifiers may be passed in a single attribute to apply multiple deviations, for example: @@ -507,7 +506,7 @@ Here are some examples, using the deviation record with the `a-0-4-2-deviation` 6 | 7 | // codeql::_deviation_end(a-0-4-2-deviation) ``` -Here, Line 1 will pair with Line 7, and Line 3 will pair with Line 8. +Here, Line 1 will pair with Line 7, and Line 3 will pair with Line 5. A `codeql::_deviation_end` without a matching `codeql::_deviation_begin`, or `codeql::_deviation_begin` without a matching `codeql::_deviation_end` is invalid and will be ignored. From e38e416dc60edcd4093146984c777f58fdfa7ffe Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 13 Feb 2025 11:30:50 +0000 Subject: [PATCH 2406/2573] Reformatting test file --- .../deviations_basic_test/attribute_syntax.cpp | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/cpp/common/test/deviations/deviations_basic_test/attribute_syntax.cpp b/cpp/common/test/deviations/deviations_basic_test/attribute_syntax.cpp index 12a21e9673..e363de55af 100644 --- a/cpp/common/test/deviations/deviations_basic_test/attribute_syntax.cpp +++ b/cpp/common/test/deviations/deviations_basic_test/attribute_syntax.cpp @@ -28,22 +28,22 @@ int alt() { } long double d14; // NON_COMPLIANT (A0-4-2) getZ(); // NON_COMPLIANT (A0-1-2) - [[codeql::autosar_deviation("a-0-4-2-deviation")]] - for (long double d15 = 0.0; true;) {} // COMPLIANT[DEVIATED] - for (long double d16 = 0.0; true;) { // NON_COMPLIANT (A0-4-2) + [[codeql::autosar_deviation("a-0-4-2-deviation")]] for (long double d15 = 0.0; + true;) { + } // COMPLIANT[DEVIATED] + for (long double d16 = 0.0; true;) { // NON_COMPLIANT (A0-4-2) } return 0; } -[[codeql::autosar_deviation("a-0-4-2-deviation")]] -int test_function_deviation() { +[[codeql::autosar_deviation("a-0-4-2-deviation")]] int +test_function_deviation() { int x = 0; // COMPLIANT[DEVIATED] getZ(); // NON_COMPLIANT long double dd1; // COMPLIANT[DEVIATED] } -[[codeql::autosar_deviation("a-0-4-2-deviation")]] -void test_lambdas() { +[[codeql::autosar_deviation("a-0-4-2-deviation")]] void test_lambdas() { auto l = []() { long double d4; // COMPLIANT[DEVIATED] getZ(); // NON_COMPLIANT From 9f35565b83aae672819b16a30b709de7a11de89d Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 13 Feb 2025 11:37:36 +0000 Subject: [PATCH 2407/2573] Add change note, update manual. --- change_notes/2025-02-13-deviations.md | 13 +++++++++++++ docs/user_manual.md | 2 +- 2 files changed, 14 insertions(+), 1 deletion(-) create mode 100644 change_notes/2025-02-13-deviations.md diff --git a/change_notes/2025-02-13-deviations.md b/change_notes/2025-02-13-deviations.md new file mode 100644 index 0000000000..fb01cdf596 --- /dev/null +++ b/change_notes/2025-02-13-deviations.md @@ -0,0 +1,13 @@ + - A new in code deviation format has been introduced, using the C/C++ attribute syntax: + ``` + [[codeql::_deviation("")]] + ``` + This can be applied to functions, statements and variables to apply a deviation from the Coding Standards configuration file. The user manual has been updated to describe the new format. + - For those codebases that cannot use standard attributes, we have also introduced a comment based syntax + ``` + // codeql::_deviation() + // codeql::_deviation_next_line() + // codeql::_deviation_begin() + // codeql::_deviation_end() + ``` + Further information is available in the user manual. \ No newline at end of file diff --git a/docs/user_manual.md b/docs/user_manual.md index a9b119f0da..8bbb900682 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -439,7 +439,7 @@ A code identifier specified in a deviation record can be applied to certain resu [[codeql::_deviation("code-identifier")]] ``` -For example `[[codeql::misra_deviation("a1-2-4")]]` would apply a deviation of a rule in a MISRA standard, using the code identifier `a1-2-4`. The supported standard names are `misra`, `autosar` and `cert`. +For example `[[codeql::autosar_deviation("a1-2-4")]]` would apply a deviation of a rule in the AUTOSAR standard, using the code identifier `a1-2-4`. The supported standard names are `misra`, `autosar` and `cert`. This attribute may be added to the following program elements: From d2f8670f4e2ae6d1e625a19dd867b3f2be876765 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 13 Feb 2025 11:40:56 +0000 Subject: [PATCH 2408/2573] Reformat file --- .../deviations/invalid_deviations/invalidcodeidentifiers.cpp | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/cpp/common/test/deviations/invalid_deviations/invalidcodeidentifiers.cpp b/cpp/common/test/deviations/invalid_deviations/invalidcodeidentifiers.cpp index 714c83d264..07a12eb713 100644 --- a/cpp/common/test/deviations/invalid_deviations/invalidcodeidentifiers.cpp +++ b/cpp/common/test/deviations/invalid_deviations/invalidcodeidentifiers.cpp @@ -18,5 +18,4 @@ [[codeql::misra_deviation("x")]] // invalid void test() {} -[[codeql::autosar_deviation("a-0-4-2-deviation")]] -void test2() {} +[[codeql::autosar_deviation("a-0-4-2-deviation")]] void test2() {} From 0de32d39b093d59e6f3c857cd39cdb5cd91224bd Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 13 Feb 2025 15:15:35 +0000 Subject: [PATCH 2409/2573] Update expected results --- .../invalid_deviations/InvalidDeviationPermits.expected | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cpp/common/test/deviations/invalid_deviations/InvalidDeviationPermits.expected b/cpp/common/test/deviations/invalid_deviations/InvalidDeviationPermits.expected index 609d517c05..4378fdf11d 100644 --- a/cpp/common/test/deviations/invalid_deviations/InvalidDeviationPermits.expected +++ b/cpp/common/test/deviations/invalid_deviations/InvalidDeviationPermits.expected @@ -1,2 +1,2 @@ -| coding-standards.xml:100:7:103:33 | deviation-permits-entry | coding-standards.xml: Deviation permit does not specify a permit identifier. | -| coding-standards.xml:104:7:107:33 | deviation-permits-entry | coding-standards.xml: Deviation permit specifies unknown property `invalid-property`. | +| coding-standards.xml:105:7:108:33 | deviation-permits-entry | coding-standards.xml: Deviation permit does not specify a permit identifier. | +| coding-standards.xml:109:7:112:33 | deviation-permits-entry | coding-standards.xml: Deviation permit specifies unknown property `invalid-property`. | From 3b1ee2edb14d8e8a4eb6dc2ea30a2ec29c8a9b8d Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 14 Feb 2025 18:55:46 -0800 Subject: [PATCH 2410/2573] Fix test expectations --- ...riateThreadObjectStorageDurations.expected | 22 +++++++++---------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/c/cert/test/rules/CON34-C/AppropriateThreadObjectStorageDurations.expected b/c/cert/test/rules/CON34-C/AppropriateThreadObjectStorageDurations.expected index 085083228b..503a01bdad 100644 --- a/c/cert/test/rules/CON34-C/AppropriateThreadObjectStorageDurations.expected +++ b/c/cert/test/rules/CON34-C/AppropriateThreadObjectStorageDurations.expected @@ -1,16 +1,16 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:31,14-22) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:33,22-30) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:35,22-30) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:38,45-53) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:48,33-41) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:48,58-66) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:49,42-50) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:30,14-22) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:32,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:34,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:37,45-53) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:47,33-41) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:47,58-66) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:48,42-50) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:51,9-17) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:51,34-42) WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:52,9-17) WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:52,34-42) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:53,9-17) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:53,34-42) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:38,9-22) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:48,7-20) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:37,9-22) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:47,7-20) | test.c:23:3:23:13 | call to thrd_create | $@ not declared with appropriate storage duration | test.c:23:24:23:29 | & ... | Shared object | | test.c:74:3:74:13 | call to thrd_create | $@ not declared with appropriate storage duration | test.c:74:24:74:24 | p | Shared object | | test.c:85:3:85:13 | call to thrd_create | $@ not declared with appropriate storage duration | test.c:85:24:85:24 | p | Shared object | From 3882e8754fc578874b1c77cd524f580807d1d179 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 14 Feb 2025 21:29:38 -0800 Subject: [PATCH 2411/2573] Address feedback --- .../TimedlockOnInappropriateMutexType.ql | 4 +- .../RULE-9-7/UninitializedAtomicObject.ql | 21 ++-- ...TimedlockOnInappropriateMutexType.expected | 16 +-- .../UninitializedAtomicObject.expected | 7 +- c/misra/test/rules/RULE-9-7/test.c | 12 ++ .../cpp/StdFunctionOrMacro.qll | 111 ++++++++++++++++++ rule_packages/c/Concurrency7.json | 6 +- 7 files changed, 155 insertions(+), 22 deletions(-) create mode 100644 cpp/common/src/codingstandards/cpp/StdFunctionOrMacro.qll diff --git a/c/misra/src/rules/RULE-21-26/TimedlockOnInappropriateMutexType.ql b/c/misra/src/rules/RULE-21-26/TimedlockOnInappropriateMutexType.ql index e6dda61d79..4401d06e2c 100644 --- a/c/misra/src/rules/RULE-21-26/TimedlockOnInappropriateMutexType.ql +++ b/c/misra/src/rules/RULE-21-26/TimedlockOnInappropriateMutexType.ql @@ -71,4 +71,6 @@ where not isExcluded(sink.getNode().asExpr(), Concurrency7Package::timedlockOnInappropriateMutexTypeQuery()) and Flow::flowPath(source, sink) -select sink.getNode(), source, sink, "Call to mtx_timedlock with mutex not of type 'mtx_timed'." +select sink.getNode(), source, sink, + "Call to mtx_timedlock with mutex which is $@ without flag 'mtx_timed'.", + source.getNode(), "initialized" diff --git a/c/misra/src/rules/RULE-9-7/UninitializedAtomicObject.ql b/c/misra/src/rules/RULE-9-7/UninitializedAtomicObject.ql index 006e8e8178..b6e8bc82bc 100644 --- a/c/misra/src/rules/RULE-9-7/UninitializedAtomicObject.ql +++ b/c/misra/src/rules/RULE-9-7/UninitializedAtomicObject.ql @@ -14,6 +14,7 @@ import cpp import codingstandards.c.misra +import codingstandards.cpp.StdFunctionOrMacro import semmle.code.cpp.controlflow.Dominance class ThreadSpawningFunction extends Function { @@ -29,18 +30,14 @@ class ThreadSpawningFunction extends Function { } } -class AtomicInitAddressOfExpr extends FunctionCall { - Expr addressedExpr; +private string atomicInit() { result = "atomic_init" } +class AtomicInitAddressOfExpr extends AddressOfExpr { AtomicInitAddressOfExpr() { - exists(AddressOfExpr addrOf | - getArgument(0) = addrOf and - addrOf.getOperand() = addressedExpr and - getTarget().getName() = "__c11_atomic_init" + exists(StdFunctionOrMacro::Call c | + this = c.getArgument(0) ) } - - Expr getAddressedExpr() { result = addressedExpr } } ControlFlowNode getARequiredInitializationPoint(LocalScopeVariable v) { @@ -66,9 +63,15 @@ where not exists(v.getInitializer()) and exists(ControlFlowNode missingInitPoint | missingInitPoint = getARequiredInitializationPoint(v) and + // Check for `atomic_init(&v)` not exists(AtomicInitAddressOfExpr initialization | - initialization.getAddressedExpr().(VariableAccess).getTarget() = v and + initialization.getOperand().(VariableAccess).getTarget() = v and dominates(initialization, missingInitPoint) + ) and + // Check for `unknown_func(&v)` which may call `atomic_init` on `v`. + not exists(FunctionCall fc | + fc.getAnArgument().(AddressOfExpr).getOperand().(VariableAccess).getTarget() = v and + dominates(fc, missingInitPoint) ) ) select decl, diff --git a/c/misra/test/rules/RULE-21-26/TimedlockOnInappropriateMutexType.expected b/c/misra/test/rules/RULE-21-26/TimedlockOnInappropriateMutexType.expected index 442f20bf73..0a4c0a496a 100644 --- a/c/misra/test/rules/RULE-21-26/TimedlockOnInappropriateMutexType.expected +++ b/c/misra/test/rules/RULE-21-26/TimedlockOnInappropriateMutexType.expected @@ -35,11 +35,11 @@ nodes | test.c:44:15:44:16 | *l3 [m] | semmle.label | *l3 [m] | subpaths #select -| test.c:10:43:10:43 | *m | test.c:13:12:13:14 | mtx_init output argument | test.c:10:43:10:43 | *m | Call to mtx_timedlock with mutex not of type 'mtx_timed'. | -| test.c:10:43:10:43 | *m | test.c:17:12:17:14 | mtx_init output argument | test.c:10:43:10:43 | *m | Call to mtx_timedlock with mutex not of type 'mtx_timed'. | -| test.c:10:43:10:43 | *m | test.c:30:12:30:14 | mtx_init output argument | test.c:10:43:10:43 | *m | Call to mtx_timedlock with mutex not of type 'mtx_timed'. | -| test.c:10:43:10:43 | *m | test.c:42:12:42:16 | mtx_init output argument | test.c:10:43:10:43 | *m | Call to mtx_timedlock with mutex not of type 'mtx_timed'. | -| test.c:14:17:14:19 | *& ... | test.c:13:12:13:14 | mtx_init output argument | test.c:14:17:14:19 | *& ... | Call to mtx_timedlock with mutex not of type 'mtx_timed'. | -| test.c:18:17:18:19 | *& ... | test.c:17:12:17:14 | mtx_init output argument | test.c:18:17:18:19 | *& ... | Call to mtx_timedlock with mutex not of type 'mtx_timed'. | -| test.c:31:17:31:19 | *& ... | test.c:30:12:30:14 | mtx_init output argument | test.c:31:17:31:19 | *& ... | Call to mtx_timedlock with mutex not of type 'mtx_timed'. | -| test.c:43:17:43:21 | *& ... | test.c:42:12:42:16 | mtx_init output argument | test.c:43:17:43:21 | *& ... | Call to mtx_timedlock with mutex not of type 'mtx_timed'. | +| test.c:10:43:10:43 | *m | test.c:13:12:13:14 | mtx_init output argument | test.c:10:43:10:43 | *m | Call to mtx_timedlock with mutex which is $@ without flag 'mtx_timed'. | test.c:13:12:13:14 | mtx_init output argument | initialized | +| test.c:10:43:10:43 | *m | test.c:17:12:17:14 | mtx_init output argument | test.c:10:43:10:43 | *m | Call to mtx_timedlock with mutex which is $@ without flag 'mtx_timed'. | test.c:17:12:17:14 | mtx_init output argument | initialized | +| test.c:10:43:10:43 | *m | test.c:30:12:30:14 | mtx_init output argument | test.c:10:43:10:43 | *m | Call to mtx_timedlock with mutex which is $@ without flag 'mtx_timed'. | test.c:30:12:30:14 | mtx_init output argument | initialized | +| test.c:10:43:10:43 | *m | test.c:42:12:42:16 | mtx_init output argument | test.c:10:43:10:43 | *m | Call to mtx_timedlock with mutex which is $@ without flag 'mtx_timed'. | test.c:42:12:42:16 | mtx_init output argument | initialized | +| test.c:14:17:14:19 | *& ... | test.c:13:12:13:14 | mtx_init output argument | test.c:14:17:14:19 | *& ... | Call to mtx_timedlock with mutex which is $@ without flag 'mtx_timed'. | test.c:13:12:13:14 | mtx_init output argument | initialized | +| test.c:18:17:18:19 | *& ... | test.c:17:12:17:14 | mtx_init output argument | test.c:18:17:18:19 | *& ... | Call to mtx_timedlock with mutex which is $@ without flag 'mtx_timed'. | test.c:17:12:17:14 | mtx_init output argument | initialized | +| test.c:31:17:31:19 | *& ... | test.c:30:12:30:14 | mtx_init output argument | test.c:31:17:31:19 | *& ... | Call to mtx_timedlock with mutex which is $@ without flag 'mtx_timed'. | test.c:30:12:30:14 | mtx_init output argument | initialized | +| test.c:43:17:43:21 | *& ... | test.c:42:12:42:16 | mtx_init output argument | test.c:43:17:43:21 | *& ... | Call to mtx_timedlock with mutex which is $@ without flag 'mtx_timed'. | test.c:42:12:42:16 | mtx_init output argument | initialized | diff --git a/c/misra/test/rules/RULE-9-7/UninitializedAtomicObject.expected b/c/misra/test/rules/RULE-9-7/UninitializedAtomicObject.expected index 89facda9bb..f96fc6aa13 100644 --- a/c/misra/test/rules/RULE-9-7/UninitializedAtomicObject.expected +++ b/c/misra/test/rules/RULE-9-7/UninitializedAtomicObject.expected @@ -1,3 +1,4 @@ -| test.c:22:15:22:16 | definition of l3 | Atomic object 'l3' has no initializer or corresponding use of 'atomic_init()'. | -| test.c:25:15:25:16 | definition of l4 | Atomic object 'l4' has no initializer or corresponding use of 'atomic_init()'. | -| test.c:29:15:29:16 | definition of l5 | Atomic object 'l5' has no initializer or corresponding use of 'atomic_init()'. | +| test.c:24:15:24:16 | definition of l3 | Atomic object 'l3' has no initializer or corresponding use of 'atomic_init()'. | +| test.c:27:15:27:16 | definition of l4 | Atomic object 'l4' has no initializer or corresponding use of 'atomic_init()'. | +| test.c:31:15:31:16 | definition of l5 | Atomic object 'l5' has no initializer or corresponding use of 'atomic_init()'. | +| test.c:41:15:41:16 | definition of l7 | Atomic object 'l7' has no initializer or corresponding use of 'atomic_init()'. | diff --git a/c/misra/test/rules/RULE-9-7/test.c b/c/misra/test/rules/RULE-9-7/test.c index 5b3d8e36ec..da367c0bd1 100644 --- a/c/misra/test/rules/RULE-9-7/test.c +++ b/c/misra/test/rules/RULE-9-7/test.c @@ -11,6 +11,8 @@ void f_starts_thread() { thrd_create(&t, f_thread, 0); } +void f_may_initialize_argument(void *p1) {} + void main() { _Atomic int l1 = 1; // COMPLIANT f_starts_thread(); @@ -31,4 +33,14 @@ void main() { atomic_init(&l5, 0); } f_starts_thread(); + + _Atomic int l6; // COMPLIANT + f_may_initialize_argument(&l6); + f_starts_thread(); + + _Atomic int l7; // NON_COMPLIANT + if (g1 == 0) { + f_may_initialize_argument(&l7); + } + f_starts_thread(); } \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/StdFunctionOrMacro.qll b/cpp/common/src/codingstandards/cpp/StdFunctionOrMacro.qll new file mode 100644 index 0000000000..5ae370183d --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/StdFunctionOrMacro.qll @@ -0,0 +1,111 @@ +/** + * This module intends to reduce the difficulty of handling the pattern where implementations + * implement a function as a macro: the class `StdFunctionOrMacro<...>::Call` matches both std + * function calls as well as std function macro expansions. + * + * For instance, `atomic_init` may be implemented as a function, but is also implemented as + * `#DEFINE atomic_init(x) __c11_atomic_init(x)` on some platforms. This module aids in finding + * calls to any standard function which may be a macro, and has predefined behavior for + * handling `__c11_*` macros. + * + * Since a macro can be defined to expand to any expression, we cannot know generally which + * expanded expressions in `f(x, y)` correspond to arguments `x` or `y`. To handle this, the + * following inference options are available: + * - `NoMacroExpansionInference`: Assume any expression in the macro expansion could correspond to + * any macro argument. + * - `C11FunctionWrapperMacro`: Check if the macro expands to a function call prefixed with + * `__c11_` and if so, return the corresponding argument. Otherwise, fall back to + * `NoMacroExpansionInference`. + * - `InferMacroExpansionArguments`: Implement your own logic for inferring the argument. + * + * To use this module, pick one of the above inference strategies, and then create a predicate for + * the name you wish to match. For instance: + * + * ```codeql + * private string atomicInit() { result = "atomic_init" } + * + * from StdFunctionOrMacro::Call c + * select c.getArgument(0) + * ``` + */ + +import cpp as cpp + +/** Specify the name of your function as a predicate */ +signature string getName(); + +/** Signature module to implement custom argument resolution behavior in expanded macros */ +signature module InferMacroExpansionArguments { + bindingset[mi, argumentIdx] + cpp::Expr inferArgument(cpp::MacroInvocation mi, int argumentIdx); +} + +/** Assume all subexpressions of an expanded macro may be the result of any ith argument */ +module NoMacroExpansionInference implements InferMacroExpansionArguments { + bindingset[mi, argumentIdx] + cpp::Expr inferArgument(cpp::MacroInvocation mi, int argumentIdx) { + result.getParent*() = mi.getExpr() + } +} + +/** Assume macro `f(x, y, ...)` expands to `__c11_f(x, y, ...)`. */ +module C11FunctionWrapperMacro implements InferMacroExpansionArguments { + bindingset[mi, argumentIdx] + cpp::Expr inferArgument(cpp::MacroInvocation mi, int argumentIdx) { + if mi.getExpr().(cpp::FunctionCall).getTarget().hasName("__c11_" + mi.getMacroName()) + then result = mi.getExpr().(cpp::FunctionCall).getArgument(argumentIdx) + else result = NoMacroExpansionInference::inferArgument(mi, argumentIdx) + } +} + +/** + * A module to find calls to standard functions, or expansions of macros with the same name. + * + * To use this module, specify a name predicate and an inference strategy for correlating macro + * expansions to macro arguments. + * + * For example: + * + * ```codeql + * private string atomicInit() { result = "atomic_init" } + * from StdFunctionOrMacro::Call c + * select c.getArgument(0) + * ``` + */ +module StdFunctionOrMacro { + final private class Expr = cpp::Expr; + + final private class FunctionCall = cpp::FunctionCall; + + final private class MacroInvocation = cpp::MacroInvocation; + + private newtype TStdCall = + TStdFunctionCall(FunctionCall fc) { fc.getTarget().hasName(getStdName()) } or + TStdMacroInvocation(MacroInvocation mi) { mi.getMacro().hasName(getStdName()) } + + /** + * A call to a standard function or an expansion of a macro with the same name. + */ + class Call extends TStdCall { + bindingset[this, argumentIdx] + Expr getArgument(int argumentIdx) { + exists(FunctionCall fc | + this = TStdFunctionCall(fc) and + result = fc.getArgument(argumentIdx) + ) + or + exists(MacroInvocation mi | + this = TStdMacroInvocation(mi) and + result = InferExpansion::inferArgument(mi, argumentIdx) + ) + } + + string toString() { + this = TStdFunctionCall(_) and + result = "Standard function call" + or + this = TStdMacroInvocation(_) and + result = "Invocation of a standard function implemented as a macro" + } + } +} diff --git a/rule_packages/c/Concurrency7.json b/rule_packages/c/Concurrency7.json index 6fdc49984b..bda8881934 100644 --- a/rule_packages/c/Concurrency7.json +++ b/rule_packages/c/Concurrency7.json @@ -15,7 +15,11 @@ "tags": [ "concurrency", "external/misra/c/2012/amendment4" - ] + ], + "implementation_scope": { + "description": "This query tracks which functions may start threads, either indirectly or directly (\"thread spawning functions\"), and checks for local atomic variables that are not passed by address into `atomic_init` or other function calls, before such a thread spawning function is called.", + "items": [] + } } ], "title": "Atomic objects shall be appropriately initialized before being accessed" From b294477a2c2b79cf8242e8f12c0bc8e5a7689f3b Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 14 Feb 2025 21:37:26 -0800 Subject: [PATCH 2412/2573] CI/CD fixes: format, rules.csv package -> Concurrency8 for unhandled rules --- .../TimedlockOnInappropriateMutexType.ql | 4 ++-- rules.csv | 20 +++++++++---------- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/c/misra/src/rules/RULE-21-26/TimedlockOnInappropriateMutexType.ql b/c/misra/src/rules/RULE-21-26/TimedlockOnInappropriateMutexType.ql index 4401d06e2c..929eb5bd0a 100644 --- a/c/misra/src/rules/RULE-21-26/TimedlockOnInappropriateMutexType.ql +++ b/c/misra/src/rules/RULE-21-26/TimedlockOnInappropriateMutexType.ql @@ -72,5 +72,5 @@ where Concurrency7Package::timedlockOnInappropriateMutexTypeQuery()) and Flow::flowPath(source, sink) select sink.getNode(), source, sink, - "Call to mtx_timedlock with mutex which is $@ without flag 'mtx_timed'.", - source.getNode(), "initialized" + "Call to mtx_timedlock with mutex which is $@ without flag 'mtx_timed'.", source.getNode(), + "initialized" diff --git a/rules.csv b/rules.csv index 10478a3da8..3f959542a7 100644 --- a/rules.csv +++ b/rules.csv @@ -617,7 +617,7 @@ c,MISRA-C-2012,DIR-4-12,Yes,Required,,,Dynamic memory allocation shall not be us c,MISRA-C-2012,DIR-4-13,No,Advisory,,,Functions which are designed to provide operations on a resource should be called in an appropriate sequence,,,,"Rule 22.1, 22.2 and 22.6 cover aspects of this rule. In other cases this is a design issue and needs to be checked manually." c,MISRA-C-2012,DIR-4-14,Yes,Required,,,The validity of values received from external sources shall be checked,,Contracts8,Hard,This is supported by CodeQLs default C security queries. c,MISRA-C-2012,DIR-4-15,Yes,Required,,,Evaluation of floating-point expressions shall not lead to the undetected generation of infinities and NaNs,FLP32-C and FLP04-C,FloatingTypes2,Medium, -c,MISRA-C-2012,DIR-5-1,Yes,Required,,,There shall be no data races between threads,CON43-C and CON32-C,Concurrency7,Very Hard, +c,MISRA-C-2012,DIR-5-1,Yes,Required,,,There shall be no data races between threads,CON43-C and CON32-C,Concurrency8,Very Hard, c,MISRA-C-2012,DIR-5-2,Yes,Required,,,There shall be no deadlocks between threads,CON35-C,Concurrency6,Import, c,MISRA-C-2012,DIR-5-3,Yes,Required,,,There shall be no dynamic thread creation,,Concurrency6,Easy, c,MISRA-C-2012,RULE-1-1,No,Required,,,"The program shall contain no violations of the standard C syntax and constraints, and shall not exceed the implementation's translation limits",,,Easy,"This should be checked via the compiler output, rather than CodeQL, which adds unnecessary steps." @@ -803,15 +803,15 @@ c,MISRA-C-2012,RULE-22-8,Yes,Required,,,The value of errno shall be set to zero c,MISRA-C-2012,RULE-22-9,Yes,Required,,,The value of errno shall be tested against zero after calling an errno-setting-function,,Contracts3,Medium, c,MISRA-C-2012,RULE-22-10,Yes,Required,,,The value of errno shall only be tested when the last function to be called was an errno-setting-function,,Contracts3,Medium, c,MISRA-C-2012,RULE-22-11,Yes,Required,,,A thread that was previously either joined or detached shall not be subsequently joined nor detached,CON39-C,Concurrency6,Import, -c,MISRA-C-2012,RULE-22-12,Yes,Mandatory,,,"Thread objects, thread synchronization objects, and thread-specific storage pointers shall only be accessed by the appropriate Standard Library functions",,Concurrency7,Medium, -c,MISRA-C-2012,RULE-22-13,Yes,Required,,,"Thread objects, thread synchronization objects, and thread specific storage pointers shall have appropriate storage duration",EXP54-CPP and CON34-C,Concurrency7,Medium, -c,MISRA-C-2012,RULE-22-14,Yes,Mandatory,,,Thread synchronization objects shall be initialized before being accessed,EXP53-CPP,Concurrency7,Hard, -c,MISRA-C-2012,RULE-22-15,Yes,Required,,,Thread synchronization objects and thread-specific storage pointers shall not be destroyed until after all threads accessing them have terminated,,Concurrency7,Hard, -c,MISRA-C-2012,RULE-22-16,Yes,Required,,,All mutex objects locked by a thread shall be explicitly unlocked by the same thread,MEM51-CPP,Concurrency7,Hard, -c,MISRA-C-2012,RULE-22-17,Yes,Required,,,No thread shall unlock a mutex or call cnd_wait() or cnd_timedwait() for a mutex it has not locked before,Rule 22.2,Concurrency7,Medium, -c,MISRA-C-2012,RULE-22-18,Yes,Required,,,Non-recursive mutexes shall not be recursively locked,CON56-CPP,Concurrency7,Medium, -c,MISRA-C-2012,RULE-22-19,Yes,Required,,,A condition variable shall be associated with at most one mutex object,,Concurrency7,Medium, -c,MISRA-C-2012,RULE-22-20,Yes,Mandatory,,,Thread-specific storage pointers shall be created before being accessed,,Concurrency7,Hard, +c,MISRA-C-2012,RULE-22-12,Yes,Mandatory,,,"Thread objects, thread synchronization objects, and thread-specific storage pointers shall only be accessed by the appropriate Standard Library functions",,Concurrency8,Medium, +c,MISRA-C-2012,RULE-22-13,Yes,Required,,,"Thread objects, thread synchronization objects, and thread specific storage pointers shall have appropriate storage duration",EXP54-CPP and CON34-C,Concurrency8,Medium, +c,MISRA-C-2012,RULE-22-14,Yes,Mandatory,,,Thread synchronization objects shall be initialized before being accessed,EXP53-CPP,Concurrency8,Hard, +c,MISRA-C-2012,RULE-22-15,Yes,Required,,,Thread synchronization objects and thread-specific storage pointers shall not be destroyed until after all threads accessing them have terminated,,Concurrency8,Hard, +c,MISRA-C-2012,RULE-22-16,Yes,Required,,,All mutex objects locked by a thread shall be explicitly unlocked by the same thread,MEM51-CPP,Concurrency8,Hard, +c,MISRA-C-2012,RULE-22-17,Yes,Required,,,No thread shall unlock a mutex or call cnd_wait() or cnd_timedwait() for a mutex it has not locked before,Rule 22.2,Concurrency8,Medium, +c,MISRA-C-2012,RULE-22-18,Yes,Required,,,Non-recursive mutexes shall not be recursively locked,CON56-CPP,Concurrency8,Medium, +c,MISRA-C-2012,RULE-22-19,Yes,Required,,,A condition variable shall be associated with at most one mutex object,,Concurrency8,Medium, +c,MISRA-C-2012,RULE-22-20,Yes,Mandatory,,,Thread-specific storage pointers shall be created before being accessed,,Concurrency8,Hard, c,MISRA-C-2012,RULE-23-1,Yes,Advisory,,,A generic selection should only be expanded from a macro,,Generics,Medium, c,MISRA-C-2012,RULE-23-2,Yes,Required,,,A generic selection that is not expanded from a macro shall not contain potential side effects in the controlling expression,,Generics,Hard, c,MISRA-C-2012,RULE-23-3,Yes,Advisory,,,A generic selection should contain at least one non-default association,,Generics,Easy, From 0b59317e33dd4f2512017f74950fa474c87319ff Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 17 Feb 2025 17:51:34 +0000 Subject: [PATCH 2413/2573] A27-0-3: Improve performance oppositeDirection was a performance problem, because it was not restricted to read write calls with the same source. --- change_notes/2025-02-17-iofstream-performance.md | 2 ++ .../IOFstreamMissingPositioning.qll | 4 +++- 2 files changed, 5 insertions(+), 1 deletion(-) create mode 100644 change_notes/2025-02-17-iofstream-performance.md diff --git a/change_notes/2025-02-17-iofstream-performance.md b/change_notes/2025-02-17-iofstream-performance.md new file mode 100644 index 0000000000..8a0be4c3ac --- /dev/null +++ b/change_notes/2025-02-17-iofstream-performance.md @@ -0,0 +1,2 @@ + - `A27-0-3`, `FIO309-C` `FIO50-CPP`, `RULE-30-0-2` - `InterleavedInputOutputWithoutFlush.ql`, `DoNotAlternatelyIOFromStreamWithoutPositioning.ql`,`InterleavedInputOutputWithoutPosition.ql`, `ReadsAndWritesOnStreamNotSeparatedByPositioning.ql`: + - Reduce evaluation time on complex codebases. \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.qll b/cpp/common/src/codingstandards/cpp/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.qll index 89f847c5aa..547c90daf5 100644 --- a/cpp/common/src/codingstandards/cpp/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.qll +++ b/cpp/common/src/codingstandards/cpp/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.qll @@ -57,17 +57,19 @@ predicate sameSource(FunctionCall a, FunctionCall b) { sameFileSource(a, b) } +bindingset[a, b] predicate sameAccessDirection(ReadWriteCall a, ReadWriteCall b) { a.getAccessDirection() = b.getAccessDirection() } +bindingset[a, b] predicate oppositeAccessDirection(ReadWriteCall a, ReadWriteCall b) { not sameAccessDirection(a, b) } /** * A write operation reaching a read and vice versa - * without intervening filepositioning + * without intervening file positioning calls. */ ControlFlowNode reachesInExOperator(ReadWriteCall op) { result = op From 029537df335fc3cd8dda1ec7a1d123a4f036114e Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 18 Feb 2025 13:36:22 +0000 Subject: [PATCH 2414/2573] Fix typos --- .../InvalidDeviationCodeIdentifier.md | 2 +- docs/user_manual.md | 18 +++++++++--------- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/deviations/InvalidDeviationCodeIdentifier.md b/cpp/common/src/codingstandards/cpp/deviations/InvalidDeviationCodeIdentifier.md index 9c128bab2d..364e1ae915 100644 --- a/cpp/common/src/codingstandards/cpp/deviations/InvalidDeviationCodeIdentifier.md +++ b/cpp/common/src/codingstandards/cpp/deviations/InvalidDeviationCodeIdentifier.md @@ -1,4 +1,4 @@ -# Invalid deviation dode identifier +# Invalid deviation code identifier ## Overview diff --git a/docs/user_manual.md b/docs/user_manual.md index 8bbb900682..fb36d30fb7 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -485,26 +485,26 @@ Here are some examples, using the deviation record with the `a-0-4-2-deviation` long double x2; // a-0-4-2-deviation - COMPLIANT long double x3; // COMPLIANT - a-0-4-2-deviation - long double x4; // codeql::_deviation(a-0-4-2-deviation) - COMPLIANT - long double x5; // COMPLIANT - codeql::_deviation(a-0-4-2-deviation) + long double x4; // codeql::autosar_deviation(a-0-4-2-deviation) - COMPLIANT + long double x5; // COMPLIANT - codeql::autosar_deviation(a-0-4-2-deviation) - // codeql::_deviation_next_line(a-0-4-2-deviation) + // codeql::autosar_deviation_next_line(a-0-4-2-deviation) long double x6; // COMPLIANT - // codeql::_deviation_begin(a-0-4-2-deviation) + // codeql::autosar_deviation_begin(a-0-4-2-deviation) long double x7; // COMPLIANT - // codeql::_deviation_end(a-0-4-2-deviation) + // codeql::autosar_deviation_end(a-0-4-2-deviation) ``` `codeql::_deviation_end` markers will pair with the closest unmatched `codeql::_deviation_begin` for the same `code-identifier`. Consider this example: ```cpp -1 | // codeql::_deviation_begin(a-0-4-2-deviation) +1 | // codeql::autosar_deviation_begin(a-0-4-2-deviation) 2 | -3 | // codeql::_deviation_begin(a-0-4-2-deviation) +3 | // codeql::autosar_deviation_begin(a-0-4-2-deviation) 4 | -5 | // codeql::_deviation_end(a-0-4-2-deviation) +5 | // codeql::autosar_deviation_end(a-0-4-2-deviation) 6 | -7 | // codeql::_deviation_end(a-0-4-2-deviation) +7 | // codeql::autosar_deviation_end(a-0-4-2-deviation) ``` Here, Line 1 will pair with Line 7, and Line 3 will pair with Line 5. From 3f1997b6ce3bac8e2c42d0d5f93f8f12430ed5e3 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 18 Feb 2025 13:36:40 +0000 Subject: [PATCH 2415/2573] Deviations: Highlight invalid starts --- .../cpp/deviations/InvalidDeviationCodeIdentifier.ql | 6 ++++++ .../InvalidDeviationCodeIdentifier.expected | 5 ++++- .../invalid_deviations/invalidcodeidentifiers.cpp | 3 +++ 3 files changed, 13 insertions(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/deviations/InvalidDeviationCodeIdentifier.ql b/cpp/common/src/codingstandards/cpp/deviations/InvalidDeviationCodeIdentifier.ql index 03e1ffc2b0..87dafbba13 100644 --- a/cpp/common/src/codingstandards/cpp/deviations/InvalidDeviationCodeIdentifier.ql +++ b/cpp/common/src/codingstandards/cpp/deviations/InvalidDeviationCodeIdentifier.ql @@ -16,6 +16,12 @@ predicate deviationCodeIdentifierError(Element e, string message) { message = "Deviation end block is unmatched." ) or + exists(DeviationBegin begin | + e = begin and + not isDeviationRangePaired(_, begin, _) and + message = "Deviation start block is unmatched." + ) + or exists(InvalidDeviationAttribute b | e = b and message = diff --git a/cpp/common/test/deviations/invalid_deviations/InvalidDeviationCodeIdentifier.expected b/cpp/common/test/deviations/invalid_deviations/InvalidDeviationCodeIdentifier.expected index eb81658007..1d7153bafd 100644 --- a/cpp/common/test/deviations/invalid_deviations/InvalidDeviationCodeIdentifier.expected +++ b/cpp/common/test/deviations/invalid_deviations/InvalidDeviationCodeIdentifier.expected @@ -7,4 +7,7 @@ | invalidcodeidentifiers.cpp:14:1:14:74 | // codeql::misra_deviation_end(a-0-4-2-deviation) - invalid, unmatched end | Deviation end block is unmatched. | | invalidcodeidentifiers.cpp:15:1:15:76 | // codeql::autosar_deviation_end(a-0-4-2-deviation) - invalid, unmatched end | Deviation end block is unmatched. | | invalidcodeidentifiers.cpp:16:1:16:73 | // codeql::cert_deviation_end(a-0-4-2-deviation) - invalid, unmatched end | Deviation end block is unmatched. | -| invalidcodeidentifiers.cpp:18:3:18:25 | misra_deviation | Deviation attribute references unknown code identifier x. | +| invalidcodeidentifiers.cpp:17:1:17:78 | // codeql::misra_deviation_begin(a-0-4-2-deviation) - invalid, unmatched begin | Deviation start block is unmatched. | +| invalidcodeidentifiers.cpp:18:1:18:80 | // codeql::autosar_deviation_begin(a-0-4-2-deviation) - invalid, unmatched begin | Deviation start block is unmatched. | +| invalidcodeidentifiers.cpp:19:1:19:77 | // codeql::cert_deviation_begin(a-0-4-2-deviation) - invalid, unmatched begin | Deviation start block is unmatched. | +| invalidcodeidentifiers.cpp:21:3:21:25 | misra_deviation | Deviation attribute references unknown code identifier x. | diff --git a/cpp/common/test/deviations/invalid_deviations/invalidcodeidentifiers.cpp b/cpp/common/test/deviations/invalid_deviations/invalidcodeidentifiers.cpp index 07a12eb713..a4da098dcb 100644 --- a/cpp/common/test/deviations/invalid_deviations/invalidcodeidentifiers.cpp +++ b/cpp/common/test/deviations/invalid_deviations/invalidcodeidentifiers.cpp @@ -14,6 +14,9 @@ // codeql::misra_deviation_end(a-0-4-2-deviation) - invalid, unmatched end // codeql::autosar_deviation_end(a-0-4-2-deviation) - invalid, unmatched end // codeql::cert_deviation_end(a-0-4-2-deviation) - invalid, unmatched end +// codeql::misra_deviation_begin(a-0-4-2-deviation) - invalid, unmatched begin +// codeql::autosar_deviation_begin(a-0-4-2-deviation) - invalid, unmatched begin +// codeql::cert_deviation_begin(a-0-4-2-deviation) - invalid, unmatched begin [[codeql::misra_deviation("x")]] // invalid void test() {} From 665a7d16c8c0f2339075c3097b40405bb393fc97 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 18 Feb 2025 16:50:33 +0000 Subject: [PATCH 2416/2573] Improve documentation --- .../codingstandards/cpp/deviations/CodeIdentifierDeviation.qll | 2 ++ 1 file changed, 2 insertions(+) diff --git a/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll b/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll index 2a2d0eec15..ab121f6095 100644 --- a/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll +++ b/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll @@ -145,6 +145,8 @@ private predicate mkBeginStack(DeviationRecord record, File file, BeginStack sta // Stack is empty at the start index = 0 and stack = TEmptyBeginStack() and + // Only initialize when there is at least one such comment marker for this file and record + // pairing exists(CommentDeviationRangeMarker marker | marker.getRecord() = record and marker.getLocation().getFile() = file ) From 8437c7cc76d011455580810501ccd7de2ce26190 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 18 Feb 2025 17:34:51 +0000 Subject: [PATCH 2417/2573] Deviation: Refactor begin/end for clarity. --- .../deviations/CodeIdentifierDeviation.qll | 36 ++++++++++++------- 1 file changed, 23 insertions(+), 13 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll b/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll index ab121f6095..9a694ccc8f 100644 --- a/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll +++ b/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll @@ -141,10 +141,14 @@ private predicate hasDeviationCommentFileOrdering( ) } -private predicate mkBeginStack(DeviationRecord record, File file, BeginStack stack, int index) { +/** + * Calculate the stack of deviation begin markers related to the given deviation record, in the given file, + * at the given `markerRecordFileIndex` into the list of deviation markers for that record in that file. + */ +private BeginStack calculateBeginStack(DeviationRecord record, File file, int markerRecordFileIndex) { // Stack is empty at the start - index = 0 and - stack = TEmptyBeginStack() and + markerRecordFileIndex = 0 and + result = TEmptyBeginStack() and // Only initialize when there is at least one such comment marker for this file and record // pairing exists(CommentDeviationRangeMarker marker | @@ -154,23 +158,23 @@ private predicate mkBeginStack(DeviationRecord record, File file, BeginStack sta // Next token is begin, so push it to the stack exists(DeviationBegin begin, BeginStack prev | record = begin.getRecord() and - hasDeviationCommentFileOrdering(record, begin, file, index) and - mkBeginStack(record, file, prev, index - 1) and - stack = TConsBeginStack(begin, prev) + hasDeviationCommentFileOrdering(record, begin, file, markerRecordFileIndex) and + prev = calculateBeginStack(record, file, markerRecordFileIndex - 1) and + result = TConsBeginStack(begin, prev) ) or // Next token is end exists(DeviationEnd end, BeginStack prevStack | record = end.getRecord() and - hasDeviationCommentFileOrdering(record, end, file, index) and - mkBeginStack(record, file, prevStack, index - 1) + hasDeviationCommentFileOrdering(record, end, file, markerRecordFileIndex) and + prevStack = calculateBeginStack(record, file, markerRecordFileIndex - 1) | // There is, so pop the most recent begin off the stack - prevStack = TConsBeginStack(_, stack) + prevStack = TConsBeginStack(_, result) or - // Error, no begin on the stack, ignore and continue + // Error, no begin on the stack, ignore the end and continue prevStack = TEmptyBeginStack() and - stack = TEmptyBeginStack() + result = TEmptyBeginStack() ) } @@ -178,12 +182,18 @@ newtype TBeginStack = TConsBeginStack(DeviationBegin begin, TBeginStack prev) { exists(File file, int index | hasDeviationCommentFileOrdering(begin.getRecord(), begin, file, index) and - mkBeginStack(begin.getRecord(), file, prev, index - 1) + prev = calculateBeginStack(begin.getRecord(), file, index - 1) ) } or TEmptyBeginStack() +/** + * A stack of begin markers that occur in the same file, referring to the same record. + */ private class BeginStack extends TBeginStack { + /** Gets the top begin marker on the stack. */ + DeviationBegin peek() { this = TConsBeginStack(result, _) } + string toString() { exists(DeviationBegin begin, BeginStack prev | this = TConsBeginStack(begin, prev) | result = "(" + begin + ", " + prev.toString() + ")" @@ -198,7 +208,7 @@ predicate isDeviationRangePaired(DeviationRecord record, DeviationBegin begin, D exists(File file, int index | record = end.getRecord() and hasDeviationCommentFileOrdering(record, end, file, index) and - mkBeginStack(record, file, TConsBeginStack(begin, _), index - 1) + begin = calculateBeginStack(record, file, index - 1).peek() ) } From 20669c7cc43e2c5fb2b6ab6cb2e76a6196ad2102 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 18 Feb 2025 17:35:08 +0000 Subject: [PATCH 2418/2573] Deviation: Clarification in user manual. --- docs/user_manual.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/user_manual.md b/docs/user_manual.md index fb36d30fb7..a04ba0814e 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -512,7 +512,7 @@ A `codeql::_deviation_end` without a matching `codeql::_devi `codeql::_deviation_begin` and `ccodeql::_deviation_end` markers only apply within a single file. Markers cannot be paired across files, and deviations do not apply to included files. -Note: deviation markers cannot be applied to the body of a macro. Please apply the deviation to macro expansion, or use the attribute deviation format. +Note: deviation comment markers cannot be applied to the body of a macro. Please apply the deviation to macro expansion, or use the attribute deviation format. ##### Deviation permits From 713c6756671b01ef8fec7acb3f03d940dc859ed4 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Mon, 9 Dec 2024 14:47:29 -0800 Subject: [PATCH 2419/2573] Implement Concurrency9 package on top of Concurrency8 work --- c/common/src/codingstandards/c/SubObjects.qll | 94 ++ .../GlobalInitializationAnalysis.qll | 93 ++ .../test/includes/standard-library/stdlib.h | 1 + .../DIR-5-1/PossibleDataRaceBetweenThreads.ql | 158 +++ .../MutexNotInitializedBeforeUse.ql | 128 +- ...readResourceDisposedBeforeThreadsJoined.ql | 113 ++ .../InvalidOperationOnUnlockedMutex.ql | 68 ++ .../NonRecursiveMutexRecursivelyLocked.ql | 37 + ...NonRecursiveMutexRecursivelyLockedAudit.ql | 60 + ...onditionVariableUsedWithMultipleMutexes.ql | 69 ++ .../ThreadStorageNotInitializedBeforeUse.ql | 44 + ...adStoragePointerInitializedInsideThread.ql | 27 + .../PossibleDataRaceBetweenThreads.expected | 24 + .../PossibleDataRaceBetweenThreads.qlref | 1 + c/misra/test/rules/DIR-5-1/test.c | 132 +++ ...sourceDisposedBeforeThreadsJoined.expected | 12 + ...dResourceDisposedBeforeThreadsJoined.qlref | 1 + c/misra/test/rules/RULE-22-15/test.c | 113 ++ .../InvalidOperationOnUnlockedMutex.expected | 16 + .../InvalidOperationOnUnlockedMutex.qlref | 1 + c/misra/test/rules/RULE-22-17/test.c | 70 ++ ...onRecursiveMutexRecursivelyLocked.expected | 2 + .../NonRecursiveMutexRecursivelyLocked.qlref | 1 + ...ursiveMutexRecursivelyLockedAudit.expected | 6 + ...RecursiveMutexRecursivelyLockedAudit.qlref | 1 + c/misra/test/rules/RULE-22-18/test.c | 122 ++ ...onVariableUsedWithMultipleMutexes.expected | 2 + ...itionVariableUsedWithMultipleMutexes.qlref | 1 + c/misra/test/rules/RULE-22-19/test.c | 46 + ...eadStorageNotInitializedBeforeUse.expected | 5 + ...ThreadStorageNotInitializedBeforeUse.qlref | 1 + ...agePointerInitializedInsideThread.expected | 1 + ...toragePointerInitializedInsideThread.qlref | 1 + c/misra/test/rules/RULE-22-20/test.c | 70 ++ ...2024-12-10-refactor-concurrency-library.md | 2 + .../src/codingstandards/cpp/Concurrency.qll | 1026 +---------------- .../cpp/concurrency/Atomic.qll | 43 + .../cpp/concurrency/CConditionOperation.qll | 31 + .../cpp/concurrency/ConditionalWait.qll | 26 + .../cpp/concurrency/ControlFlow.qll | 101 ++ .../concurrency/LockProtectedControlFlow.qll | 49 + .../cpp/concurrency/LockingOperation.qll | 240 ++++ .../cpp/concurrency/MutexDestroyer.qll | 73 ++ .../cpp/concurrency/ThreadCreation.qll | 62 + .../cpp/concurrency/ThreadDependentMutex.qll | 246 ++++ .../cpp/concurrency/ThreadSpecificStorage.qll | 59 + .../cpp/concurrency/ThreadWaitDetach.qll | 41 + .../cpp/concurrency/ThreadedFunction.qll | 37 + .../codingstandards/cpp/concurrency/Types.qll | 29 + .../cpp/dominance/BehavioralSet.qll | 47 + .../cpp/exclusions/c/Concurrency9.qll | 146 +++ .../cpp/exclusions/c/RuleMetadata.qll | 3 + rule_packages/c/Concurrency9.json | 158 +++ rules.csv | 12 +- 54 files changed, 2843 insertions(+), 1109 deletions(-) create mode 100644 c/common/src/codingstandards/c/SubObjects.qll create mode 100644 c/common/src/codingstandards/c/initialization/GlobalInitializationAnalysis.qll create mode 100644 c/misra/src/rules/DIR-5-1/PossibleDataRaceBetweenThreads.ql create mode 100644 c/misra/src/rules/RULE-22-15/ThreadResourceDisposedBeforeThreadsJoined.ql create mode 100644 c/misra/src/rules/RULE-22-17/InvalidOperationOnUnlockedMutex.ql create mode 100644 c/misra/src/rules/RULE-22-18/NonRecursiveMutexRecursivelyLocked.ql create mode 100644 c/misra/src/rules/RULE-22-18/NonRecursiveMutexRecursivelyLockedAudit.ql create mode 100644 c/misra/src/rules/RULE-22-19/ConditionVariableUsedWithMultipleMutexes.ql create mode 100644 c/misra/src/rules/RULE-22-20/ThreadStorageNotInitializedBeforeUse.ql create mode 100644 c/misra/src/rules/RULE-22-20/ThreadStoragePointerInitializedInsideThread.ql create mode 100644 c/misra/test/rules/DIR-5-1/PossibleDataRaceBetweenThreads.expected create mode 100644 c/misra/test/rules/DIR-5-1/PossibleDataRaceBetweenThreads.qlref create mode 100644 c/misra/test/rules/DIR-5-1/test.c create mode 100644 c/misra/test/rules/RULE-22-15/ThreadResourceDisposedBeforeThreadsJoined.expected create mode 100644 c/misra/test/rules/RULE-22-15/ThreadResourceDisposedBeforeThreadsJoined.qlref create mode 100644 c/misra/test/rules/RULE-22-15/test.c create mode 100644 c/misra/test/rules/RULE-22-17/InvalidOperationOnUnlockedMutex.expected create mode 100644 c/misra/test/rules/RULE-22-17/InvalidOperationOnUnlockedMutex.qlref create mode 100644 c/misra/test/rules/RULE-22-17/test.c create mode 100644 c/misra/test/rules/RULE-22-18/NonRecursiveMutexRecursivelyLocked.expected create mode 100644 c/misra/test/rules/RULE-22-18/NonRecursiveMutexRecursivelyLocked.qlref create mode 100644 c/misra/test/rules/RULE-22-18/NonRecursiveMutexRecursivelyLockedAudit.expected create mode 100644 c/misra/test/rules/RULE-22-18/NonRecursiveMutexRecursivelyLockedAudit.qlref create mode 100644 c/misra/test/rules/RULE-22-18/test.c create mode 100644 c/misra/test/rules/RULE-22-19/ConditionVariableUsedWithMultipleMutexes.expected create mode 100644 c/misra/test/rules/RULE-22-19/ConditionVariableUsedWithMultipleMutexes.qlref create mode 100644 c/misra/test/rules/RULE-22-19/test.c create mode 100644 c/misra/test/rules/RULE-22-20/ThreadStorageNotInitializedBeforeUse.expected create mode 100644 c/misra/test/rules/RULE-22-20/ThreadStorageNotInitializedBeforeUse.qlref create mode 100644 c/misra/test/rules/RULE-22-20/ThreadStoragePointerInitializedInsideThread.expected create mode 100644 c/misra/test/rules/RULE-22-20/ThreadStoragePointerInitializedInsideThread.qlref create mode 100644 c/misra/test/rules/RULE-22-20/test.c create mode 100644 change_notes/2024-12-10-refactor-concurrency-library.md create mode 100644 cpp/common/src/codingstandards/cpp/concurrency/Atomic.qll create mode 100644 cpp/common/src/codingstandards/cpp/concurrency/CConditionOperation.qll create mode 100644 cpp/common/src/codingstandards/cpp/concurrency/ConditionalWait.qll create mode 100644 cpp/common/src/codingstandards/cpp/concurrency/ControlFlow.qll create mode 100644 cpp/common/src/codingstandards/cpp/concurrency/LockProtectedControlFlow.qll create mode 100644 cpp/common/src/codingstandards/cpp/concurrency/LockingOperation.qll create mode 100644 cpp/common/src/codingstandards/cpp/concurrency/MutexDestroyer.qll create mode 100644 cpp/common/src/codingstandards/cpp/concurrency/ThreadCreation.qll create mode 100644 cpp/common/src/codingstandards/cpp/concurrency/ThreadDependentMutex.qll create mode 100644 cpp/common/src/codingstandards/cpp/concurrency/ThreadSpecificStorage.qll create mode 100644 cpp/common/src/codingstandards/cpp/concurrency/ThreadWaitDetach.qll create mode 100644 cpp/common/src/codingstandards/cpp/concurrency/ThreadedFunction.qll create mode 100644 cpp/common/src/codingstandards/cpp/concurrency/Types.qll create mode 100644 cpp/common/src/codingstandards/cpp/dominance/BehavioralSet.qll create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency9.qll create mode 100644 rule_packages/c/Concurrency9.json diff --git a/c/common/src/codingstandards/c/SubObjects.qll b/c/common/src/codingstandards/c/SubObjects.qll new file mode 100644 index 0000000000..d7aa1e976b --- /dev/null +++ b/c/common/src/codingstandards/c/SubObjects.qll @@ -0,0 +1,94 @@ +import codingstandards.c.Objects + +newtype TSubObject = + TObjectRoot(ObjectIdentity i) or + TObjectMember(SubObject struct, MemberVariable m) { + m = struct.getType().(Struct).getAMemberVariable() + } or + TObjectIndex(SubObject array) { array.getType() instanceof ArrayType } + +class SubObject extends TSubObject { + string toString() { + exists(ObjectIdentity i | + this = TObjectRoot(i) and + result = i.toString() + ) + or + exists(SubObject struct, Variable m | + this = TObjectMember(struct, m) and + result = struct.toString() + "." + m.getName() + ) + or + exists(SubObject array | + this = TObjectIndex(array) and + result = array.toString() + ) + } + + Type getType() { + exists(ObjectIdentity i | + this = TObjectRoot(i) and + result = i.getType() + ) + or + exists(Variable m | + this = TObjectMember(_, m) and + result = m.getType() + ) + or + exists(SubObject array | + this = TObjectIndex(array) and + result = array.getType().(ArrayType).getBaseType() + ) + } + + /** + * Holds for object roots and for member accesses on that root, not for array accesses. + * + * This is useful for cases where we do not wish to treat `x[y]` and `x[z]` as the same object. + */ + predicate isPrecise() { + not getParent*() = TObjectIndex(_) + } + + SubObject getParent() { + exists(SubObject struct, MemberVariable m | + this = TObjectMember(struct, m) and + result = struct + ) + or + exists(SubObject array | + this = TObjectIndex(array) and + result = array + ) + } + + Expr getAnAccess() { + exists(ObjectIdentity i | + this = TObjectRoot(i) and + result = i.getAnAccess() + ) + or + exists(MemberVariable m | + this = TObjectMember(_, m) and + result = m.getAnAccess() and + result.(DotFieldAccess).getQualifier() = getParent().getAnAccess() + ) + or + this = TObjectIndex(_) and + result.(ArrayExpr).getArrayBase() = getParent().getAnAccess() + } + + AddressOfExpr getAnAddressOfExpr() { + result.getOperand() = this.getAnAccess() + } + + ObjectIdentity getRootIdentity() { + exists(ObjectIdentity i | + this = TObjectRoot(i) and + result = i + ) + or + result = getParent().getRootIdentity() + } +} diff --git a/c/common/src/codingstandards/c/initialization/GlobalInitializationAnalysis.qll b/c/common/src/codingstandards/c/initialization/GlobalInitializationAnalysis.qll new file mode 100644 index 0000000000..d2974f9924 --- /dev/null +++ b/c/common/src/codingstandards/c/initialization/GlobalInitializationAnalysis.qll @@ -0,0 +1,93 @@ +import cpp +import codingstandards.c.Objects +import codingstandards.cpp.Concurrency +import codingstandards.cpp.Type + +signature module GlobalInitializationAnalysisConfigSig { + /** A function which is not called or started as a thread */ + default predicate isRootFunction(Function f) { + not exists(Function f2 | f2.calls(f)) and + not f instanceof ThreadedFunction + } + + ObjectIdentity getAnInitializedObject(Expr e); + + ObjectIdentity getAUsedObject(Expr e); +} + +module GlobalInitalizationAnalysis { + final class FinalFunction = Function; + + final class FinalExpr = Expr; + + class RootFunction extends FinalFunction { + RootFunction() { Config::isRootFunction(this) } + } + + /** A function call which initializes a mutex or a condition */ + class ObjectInit extends FinalExpr { + ObjectIdentity owningObject; + + ObjectInit() { owningObject = Config::getAnInitializedObject(this) } + + ObjectIdentity getOwningObject() { result = owningObject } + } + + /** + * A function argument where that argument is used as a mutex or condition object. + */ + class ObjectUse extends FinalExpr { + ObjectIdentity owningObject; + + ObjectUse() { owningObject = Config::getAUsedObject(this) } + + ObjectIdentity getOwningObject() { result = owningObject } + } + + predicate requiresInitializedMutexObject( + Function func, ObjectUse mutexUse, ObjectIdentity owningObject + ) { + mutexUse.getEnclosingFunction() = func and + owningObject = mutexUse.getOwningObject() and + not exists(ObjectInit init | + init.getEnclosingFunction() = func and + init.getOwningObject() = owningObject and + mutexUse.getAPredecessor+() = init + ) + or + exists(FunctionCall call | + func = call.getEnclosingFunction() and + requiresInitializedMutexObject(call.getTarget(), mutexUse, owningObject) and + not exists(ObjectInit init | + call.getAPredecessor*() = init and + init.getOwningObject() = owningObject + ) + ) + or + exists(C11ThreadCreateCall call | + func = call.getEnclosingFunction() and + not owningObject.getStorageDuration().isThread() and + requiresInitializedMutexObject(call.getFunction(), mutexUse, owningObject) and + not exists(ObjectInit init | + call.getAPredecessor*() = init and + init.getOwningObject() = owningObject + ) + ) + } + + predicate uninitializedFrom(Expr e, ObjectIdentity obj, Function callRoot) { + exists(ObjectUse use | use = e | + obj = use.getOwningObject() and + requiresInitializedMutexObject(callRoot, use, obj) and + ( + if obj.getStorageDuration().isAutomatic() + then obj.getEnclosingElement+() = callRoot + else ( + obj.getStorageDuration().isThread() and callRoot instanceof ThreadedFunction + or + callRoot instanceof RootFunction + ) + ) + ) + } +} diff --git a/c/common/test/includes/standard-library/stdlib.h b/c/common/test/includes/standard-library/stdlib.h index b54a051fe9..1af95223d1 100644 --- a/c/common/test/includes/standard-library/stdlib.h +++ b/c/common/test/includes/standard-library/stdlib.h @@ -49,6 +49,7 @@ int at_quick_exit (void (*) (void)); _Noreturn void quick_exit (int); char *getenv (const char *); +char *getenv_s (size_t *restrict len, char *restrict value, size_t valuesz, const char *restrict name); int system (const char *); diff --git a/c/misra/src/rules/DIR-5-1/PossibleDataRaceBetweenThreads.ql b/c/misra/src/rules/DIR-5-1/PossibleDataRaceBetweenThreads.ql new file mode 100644 index 0000000000..443dc284fd --- /dev/null +++ b/c/misra/src/rules/DIR-5-1/PossibleDataRaceBetweenThreads.ql @@ -0,0 +1,158 @@ +/** + * @id c/misra/possible-data-race-between-threads + * @name DIR-5-1: There shall be no data races between threads + * @description Threads shall not access the same memory location concurrently without utilization + * of thread synchronization objects. + * @kind problem + * @precision medium + * @problem.severity error + * @tags external/misra/id/dir-5-1 + * correctness + * concurrency + * external/misra/c/2012/amendment4 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.c.Objects +import codingstandards.c.SubObjects +import codingstandards.cpp.Concurrency + +newtype TNonReentrantOperation = + TReadWrite(SubObject object) { + object.getRootIdentity().getStorageDuration().isStatic() + or + object.getRootIdentity().getStorageDuration().isAllocated() + } or + TStdFunctionCall(FunctionCall call) { + call.getTarget() + .hasName([ + "setlocale", "tmpnam", "rand", "srand", "getenv", "getenv_s", "strok", "strerror", + "asctime", "ctime", "gmtime", "localtime", "mbrtoc16", "c16rtomb", "mbrtoc32", + "c32rtomb", "mbrlen", "mbrtowc", "wcrtomb", "mbsrtowcs", "wcsrtombs" + ]) + } + +class NonReentrantOperation extends TNonReentrantOperation { + string toString() { + exists(SubObject object | + this = TReadWrite(object) and + result = object.toString() + ) + or + exists(FunctionCall call | + this = TStdFunctionCall(call) and + result = call.getTarget().getName() + ) + } + + Expr getARead() { + exists(SubObject object | + this = TReadWrite(object) and + result = object.getAnAccess() + ) + or + this = TStdFunctionCall(result) + } + + Expr getAWrite() { + exists(SubObject object, Assignment assignment | + this = TReadWrite(object) and + result = assignment and + assignment.getLValue() = object.getAnAccess() + ) + or + this = TStdFunctionCall(result) + } + + string getReadString() { + this = TReadWrite(_) and + result = "read operation" + or + this = TStdFunctionCall(_) and + result = "call to non-reentrant function" + } + + string getWriteString() { + this = TReadWrite(_) and + result = "write to object" + or + this = TStdFunctionCall(_) and + result = "call to non-reentrant function" + } + + Element getSourceElement() { + exists(SubObject object | + this = TReadWrite(object) and + result = object.getRootIdentity() + ) + or + this = TStdFunctionCall(result) + } +} + +class WritingThread extends ThreadedFunction { + NonReentrantOperation aWriteObject; + Expr aWrite; + + WritingThread() { + aWrite = aWriteObject.getAWrite() and + this.calls*(aWrite.getEnclosingFunction()) and + not aWrite instanceof LockProtectedControlFlowNode and + not aWrite.getEnclosingFunction().getName().matches(["%init%", "%boot%", "%start%"]) + } + + Expr getAWrite() { result = aWrite } +} + +class ReadingThread extends ThreadedFunction { + Expr aReadExpr; + + ReadingThread() { + exists(NonReentrantOperation op | + aReadExpr = op.getARead() and + this.calls*(aReadExpr.getEnclosingFunction()) and + not aReadExpr instanceof LockProtectedControlFlowNode + ) + } + + Expr getARead() { result = aReadExpr } +} + +predicate mayBeDataRace(Expr write, Expr read, NonReentrantOperation operation) { + exists(WritingThread wt | + wt.getAWrite() = write and + write = operation.getAWrite() and + exists(ReadingThread rt | + read = rt.getARead() and + read = operation.getARead() and + ( + wt.isMultiplySpawned() or + not wt = rt + ) + ) + ) +} + +from + WritingThread wt, ReadingThread rt, Expr write, Expr read, NonReentrantOperation operation, + string message, string writeString, string readString +where + not isExcluded(write, Concurrency9Package::possibleDataRaceBetweenThreadsQuery()) and + mayBeDataRace(write, read, operation) and + wt = min(WritingThread f | f.getAWrite() = write | f order by f.getName()) and + rt = min(ReadingThread f | f.getARead() = read | f order by f.getName()) and + writeString = operation.getWriteString() and + readString = operation.getReadString() and + if wt.isMultiplySpawned() + then + message = + "Threaded " + writeString + + " $@ not synchronized, for example from thread function $@ spawned from a loop." + else + message = + "Threaded " + writeString + + " $@, for example from thread function $@, not synchronized with $@, for example from thread function $@." +select write, message, operation.getSourceElement(), operation.toString(), wt, wt.getName(), read, + "concurrent " + readString, rt, rt.getName() diff --git a/c/misra/src/rules/RULE-22-14/MutexNotInitializedBeforeUse.ql b/c/misra/src/rules/RULE-22-14/MutexNotInitializedBeforeUse.ql index f02891d5d0..f78c25f981 100644 --- a/c/misra/src/rules/RULE-22-14/MutexNotInitializedBeforeUse.ql +++ b/c/misra/src/rules/RULE-22-14/MutexNotInitializedBeforeUse.ql @@ -18,113 +18,61 @@ import codingstandards.c.misra import codingstandards.c.Objects import codingstandards.cpp.Concurrency import codingstandards.cpp.Type +import codingstandards.c.initialization.GlobalInitializationAnalysis -/** A function which is not called or started as a thread */ -class RootFunction extends Function { - RootFunction() { - not exists(Function f | f.calls(this)) and - not this instanceof ThreadedFunction +module MutexInitializationConfig implements GlobalInitializationAnalysisConfigSig { + ObjectIdentity getAnInitializedObject(Expr e) { + e.(C11MutexSource).getMutexExpr() = result.getASubobjectAddressExpr() } -} - -/** A function call which initializes a mutex or a condition */ -class ThreadObjectInitialization extends FunctionCall { - ObjectIdentity owningObject; - ThreadObjectInitialization() { - this.(C11MutexSource).getMutexExpr() = owningObject.getASubobjectAddressExpr() - or - exists(CConditionOperation condOp | - this = condOp and - condOp.isInit() and - condOp.getConditionExpr() = owningObject.getASubobjectAddressExpr() + ObjectIdentity getAUsedObject(Expr e) { + result.getASubobjectAddressExpr() = e and + ( + exists(CMutexFunctionCall mutexUse | e = mutexUse.getLockExpr()) + or + exists(CConditionOperation condOp | e = condOp.getMutexExpr()) ) } - - ObjectIdentity getOwningObject() { result = owningObject } } -/** - * A function argument where that argument is used as a mutex or condition object. - */ -class ThreadObjectUse extends Expr { - ObjectIdentity owningObject; - string typeString; - - ThreadObjectUse() { - owningObject.getASubobjectAddressExpr() = this and - ( - exists(CMutexFunctionCall mutexUse | this = mutexUse.getLockExpr()) and - typeString = "Mutex" - or - exists(CConditionOperation condOp | this = condOp.getMutexExpr()) and - typeString = "Mutex" - or - exists(CConditionOperation condOp | - condOp.isUse() and - this = condOp.getConditionExpr() and - typeString = "Condition" - ) +module ConditionInitializationConfig implements GlobalInitializationAnalysisConfigSig { + ObjectIdentity getAnInitializedObject(Expr e) { + exists(CConditionOperation condOp | + e = condOp and + condOp.isInit() and + condOp.getConditionExpr() = result.getASubobjectAddressExpr() ) } - ObjectIdentity getOwningObject() { result = owningObject } - - string getDescription() { - if - getOwningObject().getType() instanceof PossiblySpecified::Type or - getOwningObject().getType() instanceof PossiblySpecified::Type - then result = typeString - else result = typeString + " in object" + ObjectIdentity getAUsedObject(Expr e) { + result.getASubobjectAddressExpr() = e and + exists(CConditionOperation condOp | + condOp.isUse() and + e = condOp.getConditionExpr() + ) } } -predicate requiresInitializedMutexObject( - Function func, ThreadObjectUse mutexUse, ObjectIdentity owningObject -) { - mutexUse.getEnclosingFunction() = func and - owningObject = mutexUse.getOwningObject() and - not exists(ThreadObjectInitialization init | - init.getEnclosingFunction() = func and - init.getOwningObject() = owningObject and - mutexUse.getAPredecessor+() = init - ) - or - exists(FunctionCall call | - func = call.getEnclosingFunction() and - requiresInitializedMutexObject(call.getTarget(), mutexUse, owningObject) and - not exists(ThreadObjectInitialization init | - call.getAPredecessor*() = init and - init.getOwningObject() = owningObject - ) - ) - or - exists(C11ThreadCreateCall call | - func = call.getEnclosingFunction() and - not owningObject.getStorageDuration().isThread() and - requiresInitializedMutexObject(call.getFunction(), mutexUse, owningObject) and - not exists(ThreadObjectInitialization init | - call.getAPredecessor*() = init and - init.getOwningObject() = owningObject - ) - ) -} +import GlobalInitalizationAnalysis as MutexInitAnalysis +import GlobalInitalizationAnalysis as CondInitAnalysis -from ThreadObjectUse objUse, ObjectIdentity obj, Function callRoot +from Expr objUse, ObjectIdentity obj, Function callRoot, string typeString, string description where not isExcluded(objUse, Concurrency8Package::mutexNotInitializedBeforeUseQuery()) and - obj = objUse.getOwningObject() and - requiresInitializedMutexObject(callRoot, objUse, obj) and ( - if obj.getStorageDuration().isAutomatic() - then obj.getEnclosingElement+() = callRoot - else ( - obj.getStorageDuration().isThread() and callRoot instanceof ThreadedFunction - or - callRoot instanceof RootFunction - ) + MutexInitAnalysis::uninitializedFrom(objUse, obj, callRoot) and + typeString = "Mutex" + or + CondInitAnalysis::uninitializedFrom(objUse, obj, callRoot) and + typeString = "Condition" + ) and + ( + if + obj.getType() instanceof PossiblySpecified::Type or + obj.getType() instanceof PossiblySpecified::Type + then description = typeString + else description = typeString + " in object" ) select objUse, - objUse.getDescription() + - " '$@' possibly used before initialization, from entry point function '$@'.", obj, + description + " '$@' possibly used before initialization, from entry point function '$@'.", obj, obj.toString(), callRoot, callRoot.getName() diff --git a/c/misra/src/rules/RULE-22-15/ThreadResourceDisposedBeforeThreadsJoined.ql b/c/misra/src/rules/RULE-22-15/ThreadResourceDisposedBeforeThreadsJoined.ql new file mode 100644 index 0000000000..966b948d81 --- /dev/null +++ b/c/misra/src/rules/RULE-22-15/ThreadResourceDisposedBeforeThreadsJoined.ql @@ -0,0 +1,113 @@ +/** + * @id c/misra/thread-resource-disposed-before-threads-joined + * @name RULE-22-15: Thread synchronization objects and thread-specific storage pointers shall not be disposed unsafely + * @description Thread synchronization objects and thread-specific storage pointers shall not be + * destroyed until after all threads accessing them have terminated + * @kind problem + * @precision medium + * @problem.severity error + * @tags external/misra/id/rule-22-15 + * correctness + * concurrency + * external/misra/c/2012/amendment4 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.c.SubObjects +import codingstandards.cpp.Concurrency + +newtype TThreadKind = + TSpawned(C11ThreadCreateCall tcc) or + TMainThread() + +TThreadKind getThreadKind(FunctionCall operation) { + if + not exists(C11ThreadCreateCall tcc | + getAThreadContextAwareSuccessor(tcc.getFunction().getEntryPoint()) = operation + ) + then result = TMainThread() + else + exists(C11ThreadCreateCall tcc | + getAThreadContextAwareSuccessor(tcc.getFunction().getEntryPoint()) = operation and + result = TSpawned(tcc) + ) +} + +bindingset[tcc, thread] +predicate followsMainThreadTcc(C11ThreadCreateCall tcc, TThreadKind thread) { + thread = TMainThread() + or + exists(C11ThreadCreateCall tcc2 | + getAThreadContextAwareSuccessor(tcc) = tcc2 and + thread = TSpawned(tcc2) + ) +} + +string describeThread(TThreadKind thread) { + thread = TMainThread() and + result = "main thread" + or + exists(C11ThreadCreateCall tcc2 | + thread = TSpawned(tcc2) and + result = tcc2.getFunction().getName() + ) +} + +bindingset[alternative] +Element elementOr(TThreadKind thread, Element alternative) { + thread = TMainThread() and + result = alternative + or + exists(C11ThreadCreateCall tcc2 | + thread = TSpawned(tcc2) and + result = tcc2 + ) +} + +from + FunctionCall dispose, FunctionCall use, C11ThreadCreateCall tcc, TThreadKind disposeThread, + TThreadKind useThread, SubObject usedAndDestroyed +where + not isExcluded(dispose, Concurrency9Package::threadResourceDisposedBeforeThreadsJoinedQuery()) and + // `tcc` may be the thread that uses the resource, or the thread that disposes it. What matters + // for the query is that `tcc` is before the use and the dispose. + dispose = getAThreadContextAwareSuccessor(tcc) and + ( + // Lock and dispose of mtx_t: + exists(CMutexFunctionCall mfc, C11MutexDestroyer md | dispose = md and use = mfc | + mfc = getAThreadContextAwareSuccessor(tcc) and + mfc.getLockExpr() = usedAndDestroyed.getAnAddressOfExpr() and + md.getMutexExpr() = usedAndDestroyed.getAnAddressOfExpr() + ) + or + // Read/store and dispose of tss_t: + exists(ThreadSpecificStorageFunctionCall tssfc, TSSDeleteFunctionCall td | + dispose = td and use = tssfc + | + tssfc = getAThreadContextAwareSuccessor(tcc) and + tssfc.getKey() = usedAndDestroyed.getAnAddressOfExpr() and + td.getKey() = usedAndDestroyed.getAnAddressOfExpr() + ) + or + // Wait and dispose of cnd_t: + exists(CConditionOperation cndop, C11ConditionDestroyer cd | dispose = cd and use = cndop | + cndop = getAThreadContextAwareSuccessor(tcc) and + cndop.getConditionExpr() = usedAndDestroyed.getAnAddressOfExpr() and + cd.getConditionExpr() = usedAndDestroyed.getAnAddressOfExpr() + ) + ) and + // Dispose could be in the main thread or in a spawned thread. + disposeThread = getThreadKind(dispose) and + // Dispose could be in the main thread or in a spawned thread. + useThread = getThreadKind(use) and + // Exclude a thread that does not concurrently share the resource it disposed (unlikely). + not useThread = disposeThread and + followsMainThreadTcc(tcc, useThread) and + followsMainThreadTcc(tcc, disposeThread) and + // If there is a join between the use and the dispose, the code is compliant. + not getAThreadContextAwarePredecessor(elementOr(useThread, use), dispose) instanceof C11ThreadWait +select dispose, "Thread resource $@ disposed before joining thread $@ which uses it.", + usedAndDestroyed.getRootIdentity(), usedAndDestroyed.toString(), elementOr(useThread, use), + describeThread(useThread) diff --git a/c/misra/src/rules/RULE-22-17/InvalidOperationOnUnlockedMutex.ql b/c/misra/src/rules/RULE-22-17/InvalidOperationOnUnlockedMutex.ql new file mode 100644 index 0000000000..7c0b86f145 --- /dev/null +++ b/c/misra/src/rules/RULE-22-17/InvalidOperationOnUnlockedMutex.ql @@ -0,0 +1,68 @@ +/** + * @id c/misra/invalid-operation-on-unlocked-mutex + * @name RULE-22-17: No thread shall unlock a mutex or call cnd_wait() or cnd_timedwait() for a mutex it has not locked + * @description No thread shall unlock a mutex or call cnd_wait() or cnd_timedwait() for a mutex it + * has not locked before. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/misra/id/rule-22-17 + * correctness + * concurrency + * external/misra/c/2012/amendment4 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.c.SubObjects +import codingstandards.cpp.Concurrency +import codingstandards.cpp.dominance.BehavioralSet +import semmle.code.cpp.dataflow.new.DataFlow::DataFlow as NewDF + +/* A call to mtx_unlock() or cnd_wait() or cnd_timedwait(), which require a locked mutex */ +class RequiresLockOperation extends FunctionCall { + SubObject mutex; + + RequiresLockOperation() { + exists(CMutexFunctionCall mutexCall | this = mutexCall | + mutexCall.isUnlock() and + mutex.getAnAddressOfExpr() = mutexCall.getLockExpr() + ) + or + exists(CConditionOperation condOp | this = condOp | + mutex.getAnAddressOfExpr() = condOp.getMutexExpr() + ) + } + + SubObject getMutex() { result = mutex } +} + +/* A config to search for a dominating set that locks the mutex before the operation */ +module LockDominatingSetConfig implements DominatingSetConfigSig { + predicate isTargetBehavior(ControlFlowNode node, RequiresLockOperation op) { + exists(CMutexFunctionCall mutexCall | node = mutexCall | + mutexCall.isLock() and + mutexCall.getLockExpr() = op.getMutex().getAnAddressOfExpr() + ) + } + + predicate isBlockingBehavior(ControlFlowNode node, RequiresLockOperation op) { + // If we find a branch that explicitly unlocks the mutex, we should not look for an earlier + // call to lock that mutex. + exists(CMutexFunctionCall mutexCall | node = mutexCall | + mutexCall.isUnlock() and + mutexCall.getLockExpr() = op.getMutex().getAnAddressOfExpr() + ) + } +} + +import DominatingBehavioralSet as DominatingSet + +from RequiresLockOperation operation, SubObject mutex +where + not isExcluded(operation, Concurrency9Package::invalidOperationOnUnlockedMutexQuery()) and + mutex = operation.getMutex() and + not DominatingSet::isDominatedByBehavior(operation) +select operation, "Invalid operation on mutex '$@' not locked by the current thread", + mutex.getRootIdentity(), mutex.toString() diff --git a/c/misra/src/rules/RULE-22-18/NonRecursiveMutexRecursivelyLocked.ql b/c/misra/src/rules/RULE-22-18/NonRecursiveMutexRecursivelyLocked.ql new file mode 100644 index 0000000000..17762b3eee --- /dev/null +++ b/c/misra/src/rules/RULE-22-18/NonRecursiveMutexRecursivelyLocked.ql @@ -0,0 +1,37 @@ +/** + * @id c/misra/non-recursive-mutex-recursively-locked + * @name RULE-22-18: Non-recursive mutexes shall not be recursively locked + * @description Mutexes initialized with mtx_init() without mtx_recursive shall not be locked by a + * thread that has previously locked it. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-22-18 + * correctness + * concurrency + * external/misra/c/2012/amendment4 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.c.SubObjects +import codingstandards.cpp.Concurrency +import codingstandards.cpp.Type + +from + LockProtectedControlFlowNode n, CMutexFunctionCall lockCall, SubObject mutex, + CMutexFunctionCall coveredByLock +where + not isExcluded(n, Concurrency9Package::nonRecursiveMutexRecursivelyLockedQuery()) and + lockCall = n and + coveredByLock = n.coveredByLock() and + not coveredByLock = lockCall and + mutex.isPrecise() and + coveredByLock.getLockExpr() = mutex.getAnAddressOfExpr() and + lockCall.getLockExpr() = mutex.getAnAddressOfExpr() and + forex(C11MutexSource init | init.getMutexExpr() = mutex.getAnAddressOfExpr() | + not init.isRecursive() + ) +select n, "Non-recursive mutex " + mutex.toString() + " locked after it is $@.", coveredByLock, + "already locked" diff --git a/c/misra/src/rules/RULE-22-18/NonRecursiveMutexRecursivelyLockedAudit.ql b/c/misra/src/rules/RULE-22-18/NonRecursiveMutexRecursivelyLockedAudit.ql new file mode 100644 index 0000000000..5b848f9e1e --- /dev/null +++ b/c/misra/src/rules/RULE-22-18/NonRecursiveMutexRecursivelyLockedAudit.ql @@ -0,0 +1,60 @@ +/** + * @id c/misra/non-recursive-mutex-recursively-locked-audit + * @name RULE-22-18: (Audit) Non-recursive mutexes shall not be recursively locked + * @description Mutex that may be initialized without mtx_recursive shall not be locked by a thread + * that has previous may havec locked it. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/misra/id/rule-22-18 + * correctness + * concurrency + * external/misra/c/2012/amendment4 + * audit + * external/misra/obligation/required + */ + +import cpp +import codeql.util.Boolean +import codingstandards.c.misra +import codingstandards.c.SubObjects +import codingstandards.cpp.Concurrency +import codingstandards.cpp.Type + +predicate isTrackableMutex(CMutexFunctionCall lockCall, Boolean recursive) { + exists(SubObject mutex | + lockCall.getLockExpr() = mutex.getAnAddressOfExpr() and + mutex.isPrecise() and + forex(C11MutexSource init | init.getMutexExpr() = mutex.getAnAddressOfExpr() | + if init.isRecursive() then recursive = true else recursive = false + ) + ) +} + +predicate definitelyDifferentMutexes(CMutexFunctionCall lockCall, CMutexFunctionCall coveredByLock) { + exists(SubObject a, SubObject b | + lockCall.getLockExpr() = a.getAnAddressOfExpr() and + coveredByLock.getLockExpr() = b.getAnAddressOfExpr() and + not a = b + ) +} + +from LockProtectedControlFlowNode n, CMutexFunctionCall lockCall, CMutexFunctionCall coveredByLock +where + not isExcluded(n, Concurrency9Package::nonRecursiveMutexRecursivelyLockedAuditQuery()) and + lockCall = n and + coveredByLock = n.coveredByLock() and + not coveredByLock = lockCall and + // If mutexes are provably different objects, they do not need to be audited + not definitelyDifferentMutexes(lockCall, coveredByLock) and + ( + // If either mutex is not trackable, it should be audited + not isTrackableMutex(lockCall, _) or + not isTrackableMutex(coveredByLock, _) + ) and + not ( + // If either mutex is definitely recursive, it does not need to be audited + isTrackableMutex(lockCall, true) or + isTrackableMutex(coveredByLock, true) + ) +select n, "Mutex locked after previous $@.", coveredByLock, "already locked" diff --git a/c/misra/src/rules/RULE-22-19/ConditionVariableUsedWithMultipleMutexes.ql b/c/misra/src/rules/RULE-22-19/ConditionVariableUsedWithMultipleMutexes.ql new file mode 100644 index 0000000000..afa2556646 --- /dev/null +++ b/c/misra/src/rules/RULE-22-19/ConditionVariableUsedWithMultipleMutexes.ql @@ -0,0 +1,69 @@ +/** + * @id c/misra/condition-variable-used-with-multiple-mutexes + * @name RULE-22-19: A condition variable shall be associated with at most one mutex object + * @description Standard library functions cnd_wait() and cnd_timedwait() shall specify the same + * mutex object for each condition object in all calls. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-22-19 + * correctness + * concurrency + * external/misra/c/2012/amendment4 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.c.SubObjects +import codingstandards.cpp.Concurrency + +bindingset[cond, mutex] +int countMutexesForConditionVariable(SubObject cond, SubObject mutex) { + result = + count(CConditionOperation call | + call.getConditionExpr() = cond.getAnAddressOfExpr() and + call.getMutexExpr() = mutex.getAnAddressOfExpr() + ) +} + +bindingset[cond, mutex] +predicate conditionVariableUsesMutex(SubObject cond, SubObject mutex) { + countMutexesForConditionVariable(cond, mutex) > 0 +} + +bindingset[cond, n] +SubObject nthMutexForConditionVariable(SubObject cond, int n) { + result = + rank[n](SubObject mutex | + conditionVariableUsesMutex(cond, mutex) + | + mutex order by countMutexesForConditionVariable(cond, mutex), mutex.toString() + ) +} + +bindingset[cond, mutex] +CConditionOperation firstCallForConditionMutex(SubObject cond, SubObject mutex) { + result = + rank[1](CConditionOperation call | + call.getConditionExpr() = cond.getAnAddressOfExpr() and + call.getMutexExpr() = mutex.getAnAddressOfExpr() + | + call order by call.getFile().getAbsolutePath(), call.getLocation().getStartLine() + ) +} + +from + SubObject cond, CConditionOperation useOne, SubObject mutexOne, CConditionOperation useTwo, + SubObject mutexTwo +where + not isExcluded(cond.getRootIdentity(), + Concurrency9Package::conditionVariableUsedWithMultipleMutexesQuery()) and + mutexOne = nthMutexForConditionVariable(cond, 1) and + mutexTwo = nthMutexForConditionVariable(cond, 2) and + useOne = firstCallForConditionMutex(cond, mutexOne) and + useTwo = firstCallForConditionMutex(cond, mutexOne) +select useOne, + "Condition variable $@ associated with multiple mutexes, operation uses mutex $@ while $@ uses other mutex $@", + cond.getRootIdentity(), cond.toString(), mutexOne.getRootIdentity(), mutexOne.toString(), useTwo, + "another operation", mutexTwo.getRootIdentity(), mutexTwo.toString() diff --git a/c/misra/src/rules/RULE-22-20/ThreadStorageNotInitializedBeforeUse.ql b/c/misra/src/rules/RULE-22-20/ThreadStorageNotInitializedBeforeUse.ql new file mode 100644 index 0000000000..652b5d1f8c --- /dev/null +++ b/c/misra/src/rules/RULE-22-20/ThreadStorageNotInitializedBeforeUse.ql @@ -0,0 +1,44 @@ +/** + * @id c/misra/thread-storage-not-initialized-before-use + * @name RULE-22-20: Thread-specific storage pointers shall be created before being accessed + * @description Thread specific storage pointers shall be initialized with the standard library + * functions before using them. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/misra/id/rule-22-20 + * correctness + * concurrency + * external/misra/c/2012/amendment4 + * external/misra/obligation/mandatory + */ + +import cpp +import codingstandards.c.misra +import codingstandards.c.Objects +import codingstandards.cpp.Concurrency +import codingstandards.cpp.Type +import codingstandards.c.initialization.GlobalInitializationAnalysis + +module ThreadStoreInitializationConfig implements GlobalInitializationAnalysisConfigSig { + ObjectIdentity getAnInitializedObject(Expr e) { + e.(TSSCreateFunctionCall).getKey() = result.getASubobjectAddressExpr() + } + + ObjectIdentity getAUsedObject(Expr e) { + result.getASubobjectAddressExpr() = e and + exists(ThreadSpecificStorageFunctionCall use | + not use instanceof TSSCreateFunctionCall and e = use.getKey() + ) + } +} + +import GlobalInitalizationAnalysis as InitAnalysis + +from Expr objUse, ObjectIdentity obj, Function callRoot +where + not isExcluded(objUse, Concurrency9Package::threadStorageNotInitializedBeforeUseQuery()) and + InitAnalysis::uninitializedFrom(objUse, obj, callRoot) +select objUse, + "Thread specific storage pointer '$@' possibly used before initialization, from entry point function '$@'.", + obj, obj.toString(), callRoot, callRoot.getName() diff --git a/c/misra/src/rules/RULE-22-20/ThreadStoragePointerInitializedInsideThread.ql b/c/misra/src/rules/RULE-22-20/ThreadStoragePointerInitializedInsideThread.ql new file mode 100644 index 0000000000..3c40ea7116 --- /dev/null +++ b/c/misra/src/rules/RULE-22-20/ThreadStoragePointerInitializedInsideThread.ql @@ -0,0 +1,27 @@ +/** + * @id c/misra/thread-storage-pointer-initialized-inside-thread + * @name RULE-22-20: Thread specific storage pointers shall be initialized deterministically + * @description Thread specific storage pointers initialized inside of threads may result in + * indeterministic state. + * @kind problem + * @precision very-high + * @problem.severity recommendation + * @tags external/misra/id/rule-22-20 + * readability + * maintainability + * concurrency + * external/misra/c/2012/amendment4 + * external/misra/obligation/mandatory + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.Concurrency + +from TSSCreateFunctionCall tssCreate, ThreadedFunction thread +where + not isExcluded(tssCreate, Concurrency8Package::mutexInitializedInsideThreadQuery()) and + thread.calls*(tssCreate.getEnclosingFunction()) +select tssCreate, + "Thread specific storage object initialization reachable from threaded function '$@'.", thread, + thread.getName() diff --git a/c/misra/test/rules/DIR-5-1/PossibleDataRaceBetweenThreads.expected b/c/misra/test/rules/DIR-5-1/PossibleDataRaceBetweenThreads.expected new file mode 100644 index 0000000000..3f32b09d5c --- /dev/null +++ b/c/misra/test/rules/DIR-5-1/PossibleDataRaceBetweenThreads.expected @@ -0,0 +1,24 @@ +| test.c:31:3:31:8 | ... = ... | Threaded write to object $@, for example from thread function $@, not synchronized with $@, for example from thread function $@. | test.c:11:5:11:6 | g2 | g2 | test.c:30:6:30:29 | single_thread4_writes_g2 | single_thread4_writes_g2 | test.c:27:3:27:4 | g2 | concurrent read operation | test.c:26:6:26:28 | single_thread3_reads_g2 | single_thread3_reads_g2 | +| test.c:35:3:35:8 | ... = ... | Threaded write to object $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:12:5:12:6 | g3 | g3 | test.c:34:6:34:27 | many_thread5_writes_g3 | many_thread5_writes_g3 | test.c:35:3:35:4 | g3 | concurrent read operation | test.c:34:6:34:27 | many_thread5_writes_g3 | many_thread5_writes_g3 | +| test.c:71:3:71:11 | ... = ... | Threaded write to object $@, for example from thread function $@, not synchronized with $@, for example from thread function $@. | test.c:68:3:68:4 | g7 | g7.m1 | test.c:70:6:70:33 | single_thread11_writes_g7_m1 | single_thread11_writes_g7_m1 | test.c:75:6:75:7 | m1 | concurrent read operation | test.c:74:6:74:33 | single_thread12_writes_g7_m1 | single_thread12_writes_g7_m1 | +| test.c:75:3:75:11 | ... = ... | Threaded write to object $@, for example from thread function $@, not synchronized with $@, for example from thread function $@. | test.c:68:3:68:4 | g7 | g7.m1 | test.c:74:6:74:33 | single_thread12_writes_g7_m1 | single_thread12_writes_g7_m1 | test.c:71:6:71:7 | m1 | concurrent read operation | test.c:70:6:70:33 | single_thread11_writes_g7_m1 | single_thread11_writes_g7_m1 | +| test.c:79:3:79:11 | call to setlocale | Threaded call to non-reentrant function $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:79:3:79:11 | call to setlocale | setlocale | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:79:3:79:11 | call to setlocale | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | +| test.c:80:3:80:8 | call to tmpnam | Threaded call to non-reentrant function $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:80:3:80:8 | call to tmpnam | tmpnam | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:80:3:80:8 | call to tmpnam | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | +| test.c:81:3:81:6 | call to rand | Threaded call to non-reentrant function $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:81:3:81:6 | call to rand | rand | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:81:3:81:6 | call to rand | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | +| test.c:82:3:82:7 | call to srand | Threaded call to non-reentrant function $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:82:3:82:7 | call to srand | srand | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:82:3:82:7 | call to srand | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | +| test.c:83:3:83:8 | call to getenv | Threaded call to non-reentrant function $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:83:3:83:8 | call to getenv | getenv | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:83:3:83:8 | call to getenv | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | +| test.c:84:3:84:10 | call to getenv_s | Threaded call to non-reentrant function $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:84:3:84:10 | call to getenv_s | getenv_s | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:84:3:84:10 | call to getenv_s | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | +| test.c:86:3:86:10 | call to strerror | Threaded call to non-reentrant function $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:86:3:86:10 | call to strerror | strerror | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:86:3:86:10 | call to strerror | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | +| test.c:87:3:87:9 | call to asctime | Threaded call to non-reentrant function $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:87:3:87:9 | call to asctime | asctime | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:87:3:87:9 | call to asctime | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | +| test.c:88:3:88:7 | call to ctime | Threaded call to non-reentrant function $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:88:3:88:7 | call to ctime | ctime | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:88:3:88:7 | call to ctime | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | +| test.c:89:3:89:8 | call to gmtime | Threaded call to non-reentrant function $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:89:3:89:8 | call to gmtime | gmtime | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:89:3:89:8 | call to gmtime | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | +| test.c:90:3:90:11 | call to localtime | Threaded call to non-reentrant function $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:90:3:90:11 | call to localtime | localtime | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:90:3:90:11 | call to localtime | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | +| test.c:91:3:91:10 | call to mbrtoc16 | Threaded call to non-reentrant function $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:91:3:91:10 | call to mbrtoc16 | mbrtoc16 | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:91:3:91:10 | call to mbrtoc16 | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | +| test.c:92:3:92:10 | call to mbrtoc32 | Threaded call to non-reentrant function $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:92:3:92:10 | call to mbrtoc32 | mbrtoc32 | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:92:3:92:10 | call to mbrtoc32 | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | +| test.c:93:3:93:10 | call to c16rtomb | Threaded call to non-reentrant function $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:93:3:93:10 | call to c16rtomb | c16rtomb | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:93:3:93:10 | call to c16rtomb | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | +| test.c:94:3:94:10 | call to c32rtomb | Threaded call to non-reentrant function $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:94:3:94:10 | call to c32rtomb | c32rtomb | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:94:3:94:10 | call to c32rtomb | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | +| test.c:95:3:95:8 | call to mbrlen | Threaded call to non-reentrant function $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:95:3:95:8 | call to mbrlen | mbrlen | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:95:3:95:8 | call to mbrlen | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | +| test.c:96:3:96:9 | call to mbrtowc | Threaded call to non-reentrant function $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:96:3:96:9 | call to mbrtowc | mbrtowc | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:96:3:96:9 | call to mbrtowc | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | +| test.c:97:3:97:9 | call to wcrtomb | Threaded call to non-reentrant function $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:97:3:97:9 | call to wcrtomb | wcrtomb | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:97:3:97:9 | call to wcrtomb | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | +| test.c:98:3:98:11 | call to mbsrtowcs | Threaded call to non-reentrant function $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:98:3:98:11 | call to mbsrtowcs | mbsrtowcs | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:98:3:98:11 | call to mbsrtowcs | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | +| test.c:99:3:99:11 | call to wcsrtombs | Threaded call to non-reentrant function $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:99:3:99:11 | call to wcsrtombs | wcsrtombs | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:99:3:99:11 | call to wcsrtombs | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | diff --git a/c/misra/test/rules/DIR-5-1/PossibleDataRaceBetweenThreads.qlref b/c/misra/test/rules/DIR-5-1/PossibleDataRaceBetweenThreads.qlref new file mode 100644 index 0000000000..737cf79505 --- /dev/null +++ b/c/misra/test/rules/DIR-5-1/PossibleDataRaceBetweenThreads.qlref @@ -0,0 +1 @@ +rules/DIR-5-1/PossibleDataRaceBetweenThreads.ql \ No newline at end of file diff --git a/c/misra/test/rules/DIR-5-1/test.c b/c/misra/test/rules/DIR-5-1/test.c new file mode 100644 index 0000000000..5e568cc95c --- /dev/null +++ b/c/misra/test/rules/DIR-5-1/test.c @@ -0,0 +1,132 @@ +#include "locale.h" +#include "stdio.h" +#include "stdlib.h" +#include "string.h" +#include "threads.h" +#include "time.h" +#include "uchar.h" +#include "wchar.h" + +int g1; +int g2; +int g3; +int g4; +mtx_t g4_lock; +int g5; +mtx_t g5_lock; + +void single_thread1_reads_g1(void *p) { + g1; // COMPLIANT +} + +void many_thread2_reads_g1(void *p) { + g1; // COMPLIANT +} + +void single_thread3_reads_g2(void *p) { + g2; // COMPLIANT +} + +void single_thread4_writes_g2(void *p) { + g2 = 1; // NON-COMPLIANT +} + +void many_thread5_writes_g3(void *p) { + g3 = 1; // NON-COMPLIANT +} + +void single_thread6_reads_g4_locked(void *p) { + mtx_lock(&g4_lock); + g4; // COMPLIANT +} + +void single_thread7_writes_g4_locked(void *p) { + mtx_lock(&g4_lock); + g4 = 1; // COMPLIANT +} + +void many_thread8_writes_g5_locked(void *p) { + mtx_lock(&g5_lock); + g5 = 1; // COMPLIANT +} + +struct { + int m1; + int m2; +} g6; + +void single_thread9_writes_g6_m1(void *p) { + g6.m1 = 1; // COMPLIANT +} + +void single_thread10_writes_g6_m2(void *p) { + g6.m2 = 1; // COMPLIANT +} + +struct { + int m1; +} g7; + +void single_thread11_writes_g7_m1(void *p) { + g7.m1 = 1; // NON-COMPLIANT +} + +void single_thread12_writes_g7_m1(void *p) { + g7.m1 = 1; // NON-COMPLIANT +} + +void many_thread13_calls_nonreentrant_funcs(void *p) { + setlocale(LC_ALL, "C"); // NON-COMPLIANT + tmpnam(""); // NON-COMPLIANT + rand(); // NON-COMPLIANT + srand(0); // NON-COMPLIANT + getenv("PATH"); // NON-COMPLIANT + getenv_s(NULL, NULL, 0, NULL); // NON-COMPLIANT + strtok("a", "b"); // NON-COMPLIANT + strerror(0); // NON-COMPLIANT + asctime(NULL); // NON-COMPLIANT + ctime(NULL); // NON-COMPLIANT + gmtime(NULL); // NON-COMPLIANT + localtime(NULL); // NON-COMPLIANT + mbrtoc16(NULL, NULL, 0, NULL); // NON-COMPLIANT + mbrtoc32(NULL, NULL, 0, NULL); // NON-COMPLIANT + c16rtomb(NULL, 0, NULL); // NON-COMPLIANT + c32rtomb(NULL, 0, NULL); // NON-COMPLIANT + mbrlen(NULL, 0, NULL); // NON-COMPLIANT + mbrtowc(NULL, NULL, 0, NULL); // NON-COMPLIANT + wcrtomb(NULL, 0, NULL); // NON-COMPLIANT + mbsrtowcs(NULL, NULL, 0, NULL); // NON-COMPLIANT + wcsrtombs(NULL, NULL, 0, NULL); // NON-COMPLIANT +} + +void main() { + thrd_t single_thread1; + thrd_t many_thread2; + thrd_t single_thread3; + thrd_t single_thread4; + thrd_t many_thread5; + thrd_t single_thread6; + thrd_t single_thread7; + thrd_t many_thread8; + thrd_t single_thread9; + thrd_t single_thread10; + thrd_t single_thread11; + thrd_t single_thread12; + thrd_t many_thread13; + + thrd_create(&single_thread1, single_thread1_reads_g1, NULL); + thrd_create(&single_thread3, single_thread3_reads_g2, NULL); + thrd_create(&single_thread4, single_thread4_writes_g2, NULL); + thrd_create(&single_thread6, single_thread6_reads_g4_locked, NULL); + thrd_create(&single_thread7, single_thread7_writes_g4_locked, NULL); + thrd_create(&single_thread9, single_thread9_writes_g6_m1, NULL); + thrd_create(&single_thread10, single_thread10_writes_g6_m2, NULL); + thrd_create(&single_thread11, single_thread11_writes_g7_m1, NULL); + thrd_create(&single_thread12, single_thread12_writes_g7_m1, NULL); + for (;;) { + thrd_create(&many_thread2, many_thread2_reads_g1, NULL); + thrd_create(&many_thread5, many_thread5_writes_g3, NULL); + thrd_create(&many_thread8, many_thread8_writes_g5_locked, NULL); + thrd_create(&many_thread13, many_thread13_calls_nonreentrant_funcs, NULL); + } +} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-22-15/ThreadResourceDisposedBeforeThreadsJoined.expected b/c/misra/test/rules/RULE-22-15/ThreadResourceDisposedBeforeThreadsJoined.expected new file mode 100644 index 0000000000..49f1b74c15 --- /dev/null +++ b/c/misra/test/rules/RULE-22-15/ThreadResourceDisposedBeforeThreadsJoined.expected @@ -0,0 +1,12 @@ +| test.c:16:3:16:13 | call to mtx_destroy | Thread resource $@ disposed before joining thread $@ which uses it. | test.c:3:7:3:8 | g1 | g1 | test.c:64:3:64:13 | call to thrd_create | t2_use_all | +| test.c:16:3:16:13 | call to mtx_destroy | Thread resource $@ disposed before joining thread $@ which uses it. | test.c:3:7:3:8 | g1 | g1 | test.c:72:3:72:13 | call to thrd_create | t2_use_all | +| test.c:16:3:16:13 | call to mtx_destroy | Thread resource $@ disposed before joining thread $@ which uses it. | test.c:3:7:3:8 | g1 | g1 | test.c:91:3:91:10 | call to mtx_lock | main thread | +| test.c:17:3:17:12 | call to tss_delete | Thread resource $@ disposed before joining thread $@ which uses it. | test.c:4:7:4:8 | g2 | g2 | test.c:64:3:64:13 | call to thrd_create | t2_use_all | +| test.c:17:3:17:12 | call to tss_delete | Thread resource $@ disposed before joining thread $@ which uses it. | test.c:4:7:4:8 | g2 | g2 | test.c:72:3:72:13 | call to thrd_create | t2_use_all | +| test.c:17:3:17:12 | call to tss_delete | Thread resource $@ disposed before joining thread $@ which uses it. | test.c:4:7:4:8 | g2 | g2 | test.c:92:3:92:9 | call to tss_get | main thread | +| test.c:18:3:18:13 | call to cnd_destroy | Thread resource $@ disposed before joining thread $@ which uses it. | test.c:5:7:5:8 | g3 | g3 | test.c:64:3:64:13 | call to thrd_create | t2_use_all | +| test.c:18:3:18:13 | call to cnd_destroy | Thread resource $@ disposed before joining thread $@ which uses it. | test.c:5:7:5:8 | g3 | g3 | test.c:72:3:72:13 | call to thrd_create | t2_use_all | +| test.c:18:3:18:13 | call to cnd_destroy | Thread resource $@ disposed before joining thread $@ which uses it. | test.c:5:7:5:8 | g3 | g3 | test.c:93:3:93:10 | call to cnd_wait | main thread | +| test.c:42:3:42:13 | call to mtx_destroy | Thread resource $@ disposed before joining thread $@ which uses it. | test.c:3:7:3:8 | g1 | g1 | test.c:41:3:41:13 | call to thrd_create | t2_use_all | +| test.c:43:3:43:12 | call to tss_delete | Thread resource $@ disposed before joining thread $@ which uses it. | test.c:4:7:4:8 | g2 | g2 | test.c:41:3:41:13 | call to thrd_create | t2_use_all | +| test.c:44:3:44:13 | call to cnd_destroy | Thread resource $@ disposed before joining thread $@ which uses it. | test.c:5:7:5:8 | g3 | g3 | test.c:41:3:41:13 | call to thrd_create | t2_use_all | diff --git a/c/misra/test/rules/RULE-22-15/ThreadResourceDisposedBeforeThreadsJoined.qlref b/c/misra/test/rules/RULE-22-15/ThreadResourceDisposedBeforeThreadsJoined.qlref new file mode 100644 index 0000000000..809eae6faf --- /dev/null +++ b/c/misra/test/rules/RULE-22-15/ThreadResourceDisposedBeforeThreadsJoined.qlref @@ -0,0 +1 @@ +rules/RULE-22-15/ThreadResourceDisposedBeforeThreadsJoined.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-22-15/test.c b/c/misra/test/rules/RULE-22-15/test.c new file mode 100644 index 0000000000..7679730fc9 --- /dev/null +++ b/c/misra/test/rules/RULE-22-15/test.c @@ -0,0 +1,113 @@ +#include "threads.h" + +mtx_t g1; +tss_t g2; +cnd_t g3; + +int t1_use_none(void *p) { return 0; } + +int t2_use_all(void *p) { + mtx_lock(&g1); + tss_get(&g2); + cnd_wait(&g3, &g1); +} + +int t3_dispose_all(void *p) { + mtx_destroy(&g1); + tss_delete(&g2); + cnd_destroy(&g3); +} + +int t4_use_then_dispose(void *p) { + mtx_lock(&g1); + tss_get(&g2); + cnd_wait(&g3, &g1); + + mtx_destroy(&g1); + tss_delete(&g2); + cnd_destroy(&g3); +} + +void f1() { + thrd_t t; + thrd_create(&t, t1_use_none, NULL); + mtx_destroy(&g1); + tss_delete(&g2); + cnd_destroy(&g3); +} + +void f2() { + thrd_t t; + thrd_create(&t, t2_use_all, NULL); + mtx_destroy(&g1); // NON-COMPLIANT + tss_delete(&g2); // NON-COMPLIANT + cnd_destroy(&g3); // NON-COMPLIANT +} + +void f3() { + thrd_t t; + thrd_create(&t, t2_use_all, NULL); // COMPLIANT +} + +void f4() { + thrd_t t; + thrd_create(&t, t2_use_all, NULL); // COMPLIANT + thrd_join(&t, NULL); + mtx_destroy(&g1); // COMPLIANT + tss_delete(&g2); // COMPLIANT + cnd_destroy(&g3); // COMPLIANT +} + +void f5() { + thrd_t t1; + thrd_t t2; + thrd_create(&t1, t2_use_all, NULL); // COMPLIANT + thrd_create(&t2, t3_dispose_all, NULL); // NON-COMPLIANT +} + +void f6() { + thrd_t t1; + thrd_t t2; + thrd_create(&t1, t3_dispose_all, NULL); // NON-COMPLIANT + thrd_create(&t2, t2_use_all, NULL); // COMPLIANT +} + +void f7() { + thrd_t t1; + thrd_t t2; + thrd_create(&t1, t2_use_all, NULL); // COMPLIANT + thrd_join(&t1, NULL); + thrd_create(&t2, t3_dispose_all, NULL); // COMPLIANT +} + +void f8() { + thrd_t t; + thrd_create(&t, t4_use_then_dispose, NULL); // COMPLIANT +} + +void f9() { + thrd_t t; + thrd_create(&t, t3_dispose_all, NULL); // NON-COMPLIANT + mtx_lock(&g1); + tss_get(&g2); + cnd_wait(&g3, &g1); +} + +void f10() { + thrd_t t; + mtx_lock(&g1); + tss_get(&g2); + cnd_wait(&g3, &g1); + thrd_create(&t, t3_dispose_all, NULL); // COMPLIANT +} + +void f11() { + thrd_t t; + thrd_create(&t, t1_use_none, NULL); + mtx_lock(&g1); + tss_get(&g2); + cnd_wait(&g3, &g1); + mtx_destroy(&g1); // COMPLIANT + tss_delete(&g2); // COMPLIANT + cnd_destroy(&g3); // COMPLIANT +} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-22-17/InvalidOperationOnUnlockedMutex.expected b/c/misra/test/rules/RULE-22-17/InvalidOperationOnUnlockedMutex.expected new file mode 100644 index 0000000000..76d3ac1ba1 --- /dev/null +++ b/c/misra/test/rules/RULE-22-17/InvalidOperationOnUnlockedMutex.expected @@ -0,0 +1,16 @@ +| test.c:19:3:19:10 | call to cnd_wait | Invalid operation on mutex '$@' not locked by the current thread | test.c:11:9:11:10 | l1 | l1 | +| test.c:20:3:20:12 | call to mtx_unlock | Invalid operation on mutex '$@' not locked by the current thread | test.c:11:9:11:10 | l1 | l1 | +| test.c:25:3:25:10 | call to cnd_wait | Invalid operation on mutex '$@' not locked by the current thread | test.c:14:5:14:6 | l2 | l2.m1 | +| test.c:26:3:26:12 | call to mtx_unlock | Invalid operation on mutex '$@' not locked by the current thread | test.c:14:5:14:6 | l2 | l2.m1 | +| test.c:31:3:31:10 | call to cnd_wait | Invalid operation on mutex '$@' not locked by the current thread | test.c:3:7:3:8 | g1 | g1 | +| test.c:32:3:32:12 | call to mtx_unlock | Invalid operation on mutex '$@' not locked by the current thread | test.c:3:7:3:8 | g1 | g1 | +| test.c:37:3:37:10 | call to cnd_wait | Invalid operation on mutex '$@' not locked by the current thread | test.c:6:3:6:4 | g2 | g2.m1 | +| test.c:38:3:38:12 | call to mtx_unlock | Invalid operation on mutex '$@' not locked by the current thread | test.c:6:3:6:4 | g2 | g2.m1 | +| test.c:47:3:47:10 | call to cnd_wait | Invalid operation on mutex '$@' not locked by the current thread | test.c:11:9:11:10 | l1 | l1 | +| test.c:48:3:48:10 | call to cnd_wait | Invalid operation on mutex '$@' not locked by the current thread | test.c:14:5:14:6 | l2 | l2.m1 | +| test.c:49:3:49:10 | call to cnd_wait | Invalid operation on mutex '$@' not locked by the current thread | test.c:3:7:3:8 | g1 | g1 | +| test.c:50:3:50:10 | call to cnd_wait | Invalid operation on mutex '$@' not locked by the current thread | test.c:6:3:6:4 | g2 | g2.m1 | +| test.c:51:3:51:12 | call to mtx_unlock | Invalid operation on mutex '$@' not locked by the current thread | test.c:11:9:11:10 | l1 | l1 | +| test.c:52:3:52:12 | call to mtx_unlock | Invalid operation on mutex '$@' not locked by the current thread | test.c:14:5:14:6 | l2 | l2.m1 | +| test.c:53:3:53:12 | call to mtx_unlock | Invalid operation on mutex '$@' not locked by the current thread | test.c:3:7:3:8 | g1 | g1 | +| test.c:54:3:54:12 | call to mtx_unlock | Invalid operation on mutex '$@' not locked by the current thread | test.c:6:3:6:4 | g2 | g2.m1 | diff --git a/c/misra/test/rules/RULE-22-17/InvalidOperationOnUnlockedMutex.qlref b/c/misra/test/rules/RULE-22-17/InvalidOperationOnUnlockedMutex.qlref new file mode 100644 index 0000000000..4ac06f10ed --- /dev/null +++ b/c/misra/test/rules/RULE-22-17/InvalidOperationOnUnlockedMutex.qlref @@ -0,0 +1 @@ +rules/RULE-22-17/InvalidOperationOnUnlockedMutex.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-22-17/test.c b/c/misra/test/rules/RULE-22-17/test.c new file mode 100644 index 0000000000..fc841bb3e1 --- /dev/null +++ b/c/misra/test/rules/RULE-22-17/test.c @@ -0,0 +1,70 @@ +#include "threads.h" + +mtx_t g1; +struct { + mtx_t m1; +} g2; + +cnd_t cnd; + +void f1(int p) { + mtx_t l1; + struct { + mtx_t m1; + } l2; + + mtx_lock(&l1); + cnd_wait(&cnd, &l1); // COMPLIANT + mtx_unlock(&l1); // COMPLIANT + cnd_wait(&cnd, &l1); // NON-COMPLIANT + mtx_unlock(&l1); // NON-COMPLIANT + + mtx_lock(&l2.m1); + cnd_wait(&cnd, &l2.m1); // COMPLIANT + mtx_unlock(&l2.m1); // COMPLIANT + cnd_wait(&cnd, &l2.m1); // NON-COMPLIANT + mtx_unlock(&l2.m1); // NON-COMPLIANT + + mtx_lock(&g1); + cnd_wait(&cnd, &g1); // COMPLIANT + mtx_unlock(&g1); // COMPLIANT + cnd_wait(&cnd, &g1); // NON-COMPLIANT + mtx_unlock(&g1); // NON-COMPLIANT + + mtx_lock(&g2.m1); + cnd_wait(&cnd, &g2.m1); // COMPLIANT + mtx_unlock(&g2.m1); // COMPLIANT + cnd_wait(&cnd, &g2.m1); // NON-COMPLIANT + mtx_unlock(&g2.m1); // NON-COMPLIANT + + // We should report when a mutex is unlocked in the wrong block: + if (p) { + mtx_lock(&l1); + mtx_lock(&l2.m1); + mtx_lock(&g1); + mtx_lock(&g2.m1); + } + cnd_wait(&cnd, &l1); // NON-COMPLIANT + cnd_wait(&cnd, &l2.m1); // NON-COMPLIANT + cnd_wait(&cnd, &g1); // NON-COMPLIANT + cnd_wait(&cnd, &g2.m1); // NON-COMPLIANT + mtx_unlock(&l1); // NON-COMPLIANT + mtx_unlock(&l2.m1); // NON-COMPLIANT + mtx_unlock(&g1); // NON-COMPLIANT + mtx_unlock(&g2.m1); // NON-COMPLIANT + + // The above requires dominance analysis. Check dominator sets don't cause + // false positives: + if (p) { + mtx_lock(&l1); + } else { + mtx_lock(&l1); + } + mtx_unlock(&l1); // COMPLIANT + + // Invalid but satisfies the rule: + mtx_lock(&l1); + if (p) { + mtx_unlock(&l1); // COMPLIANT + } +} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-22-18/NonRecursiveMutexRecursivelyLocked.expected b/c/misra/test/rules/RULE-22-18/NonRecursiveMutexRecursivelyLocked.expected new file mode 100644 index 0000000000..fd947dee51 --- /dev/null +++ b/c/misra/test/rules/RULE-22-18/NonRecursiveMutexRecursivelyLocked.expected @@ -0,0 +1,2 @@ +| test.c:19:3:19:10 | call to mtx_lock | Non-recursive mutex nonrec locked after it is $@. | test.c:18:3:18:10 | call to mtx_lock | already locked | +| test.c:22:3:22:10 | call to mtx_lock | Non-recursive mutex s.m locked after it is $@. | test.c:21:3:21:10 | call to mtx_lock | already locked | diff --git a/c/misra/test/rules/RULE-22-18/NonRecursiveMutexRecursivelyLocked.qlref b/c/misra/test/rules/RULE-22-18/NonRecursiveMutexRecursivelyLocked.qlref new file mode 100644 index 0000000000..131e0476bf --- /dev/null +++ b/c/misra/test/rules/RULE-22-18/NonRecursiveMutexRecursivelyLocked.qlref @@ -0,0 +1 @@ +rules/RULE-22-18/NonRecursiveMutexRecursivelyLocked.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-22-18/NonRecursiveMutexRecursivelyLockedAudit.expected b/c/misra/test/rules/RULE-22-18/NonRecursiveMutexRecursivelyLockedAudit.expected new file mode 100644 index 0000000000..8f359c90f8 --- /dev/null +++ b/c/misra/test/rules/RULE-22-18/NonRecursiveMutexRecursivelyLockedAudit.expected @@ -0,0 +1,6 @@ +| test.c:44:3:44:10 | call to mtx_lock | Mutex locked after previous $@. | test.c:43:3:43:10 | call to mtx_lock | already locked | +| test.c:49:3:49:10 | call to mtx_lock | Mutex locked after previous $@. | test.c:48:3:48:10 | call to mtx_lock | already locked | +| test.c:54:3:54:10 | call to mtx_lock | Mutex locked after previous $@. | test.c:53:3:53:10 | call to mtx_lock | already locked | +| test.c:59:3:59:10 | call to mtx_lock | Mutex locked after previous $@. | test.c:58:3:58:10 | call to mtx_lock | already locked | +| test.c:76:3:76:10 | call to mtx_lock | Mutex locked after previous $@. | test.c:75:3:75:10 | call to mtx_lock | already locked | +| test.c:81:3:81:10 | call to mtx_lock | Mutex locked after previous $@. | test.c:80:3:80:10 | call to mtx_lock | already locked | diff --git a/c/misra/test/rules/RULE-22-18/NonRecursiveMutexRecursivelyLockedAudit.qlref b/c/misra/test/rules/RULE-22-18/NonRecursiveMutexRecursivelyLockedAudit.qlref new file mode 100644 index 0000000000..77a81deb69 --- /dev/null +++ b/c/misra/test/rules/RULE-22-18/NonRecursiveMutexRecursivelyLockedAudit.qlref @@ -0,0 +1 @@ +rules/RULE-22-18/NonRecursiveMutexRecursivelyLockedAudit.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-22-18/test.c b/c/misra/test/rules/RULE-22-18/test.c new file mode 100644 index 0000000000..f71066b1bc --- /dev/null +++ b/c/misra/test/rules/RULE-22-18/test.c @@ -0,0 +1,122 @@ +#include "threads.h" + +mtx_t rec; +mtx_t nonrec; +mtx_t both; +mtx_t unknown; + +struct { + mtx_t m; +} s; + +mtx_t arr[2]; + +int t1(void *arg) { + mtx_lock(&rec); // COMPLIANT + mtx_lock(&rec); // COMPLIANT + + mtx_lock(&nonrec); // COMPLIANT + mtx_lock(&nonrec); // NON-COMPLIANT + + mtx_lock(&s.m); // COMPLIANT + mtx_lock(&s.m); // NON-COMPLIANT +} + +void f1() { + mtx_init(&rec, mtx_plain | mtx_recursive); + mtx_init(&nonrec, mtx_plain); + mtx_init(&both, mtx_plain); + mtx_init(&both, mtx_plain | mtx_recursive); + // Do not initialize `unknown`. + mtx_init(&s.m, mtx_plain); + mtx_init(&arr[0], mtx_plain); + mtx_init(&arr[1], mtx_plain); + + thrd_t t; + thrd_create(t, t1, NULL); +} + +mtx_t *p; + +// Results for the audit query: +void t2(void *arg) { + mtx_lock(&arr[0]); + mtx_lock(&arr[(int)arg]); // NON-COMPLIANT +} + +void t3(void *arg) { + mtx_lock(arg); + mtx_lock(p); // NON-COMPLIANT +} + +void t4() { + mtx_lock(&both); + mtx_lock(&both); // NON-COMPLIANT +} + +void t5() { + mtx_lock(&unknown); + mtx_lock(&unknown); // NON-COMPLIANT +} + +void t6() { + // Cannot be locks of the same mutex: + mtx_lock(&nonrec); + mtx_lock(&unknown); // COMPLIANT +} + +void t7() { + mtx_lock(p); + // Definitely a recursive mutex: + mtx_lock(&rec); // COMPLIANT +} + +void t8() { + mtx_lock(p); + mtx_lock(&nonrec); // NON-COMPLIANT +} + +void t9() { + mtx_lock(&nonrec); + mtx_lock(p); // NON-COMPLIANT +} + +void f2() { + thrd_t t; + thrd_create(t, t2, NULL); +} + +void f3() { + thrd_t t; + thrd_create(t, t3, &rec); +} + +void f4() { + thrd_t t; + thrd_create(t, t4, NULL); +} + +void f5() { + thrd_t t; + thrd_create(t, t5, NULL); +} + +void f6() { + thrd_t t; + thrd_create(t, t6, NULL); +} + +void f7() { + thrd_t t; + thrd_create(t, t7, NULL); +} + +void f8() { + thrd_t t; + thrd_create(t, t8, NULL); +} + +void f9() { + thrd_t t; + thrd_create(t, t9, NULL); +} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-22-19/ConditionVariableUsedWithMultipleMutexes.expected b/c/misra/test/rules/RULE-22-19/ConditionVariableUsedWithMultipleMutexes.expected new file mode 100644 index 0000000000..ee9dff0be2 --- /dev/null +++ b/c/misra/test/rules/RULE-22-19/ConditionVariableUsedWithMultipleMutexes.expected @@ -0,0 +1,2 @@ +| test.c:19:3:19:10 | call to cnd_wait | Condition variable $@ associated with multiple mutexes, operation uses mutex $@ while $@ uses other mutex $@ | test.c:16:9:16:12 | cnd1 | cnd1 | test.c:17:9:17:12 | mtx1 | mtx1 | test.c:19:3:19:10 | call to cnd_wait | another operation | test.c:18:9:18:12 | mtx2 | mtx2 | +| test.c:41:3:41:10 | call to cnd_wait | Condition variable $@ associated with multiple mutexes, operation uses mutex $@ while $@ uses other mutex $@ | test.c:37:7:37:11 | gcnd1 | gcnd1 | test.c:38:7:38:11 | gmtx1 | gmtx1 | test.c:41:3:41:10 | call to cnd_wait | another operation | test.c:39:7:39:11 | gmtx2 | gmtx2 | diff --git a/c/misra/test/rules/RULE-22-19/ConditionVariableUsedWithMultipleMutexes.qlref b/c/misra/test/rules/RULE-22-19/ConditionVariableUsedWithMultipleMutexes.qlref new file mode 100644 index 0000000000..d43a824ec8 --- /dev/null +++ b/c/misra/test/rules/RULE-22-19/ConditionVariableUsedWithMultipleMutexes.qlref @@ -0,0 +1 @@ +rules/RULE-22-19/ConditionVariableUsedWithMultipleMutexes.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-22-19/test.c b/c/misra/test/rules/RULE-22-19/test.c new file mode 100644 index 0000000000..f4b46d4077 --- /dev/null +++ b/c/misra/test/rules/RULE-22-19/test.c @@ -0,0 +1,46 @@ +#include "threads.h" + +void f1(void) { + cnd_t cnd1; + mtx_t mtx1; + cnd_wait(&cnd1, &mtx1); // COMPLIANT + cnd_wait(&cnd1, &mtx1); // COMPLIANT + + cnd_t cnd2; + mtx_t mtx2; + cnd_wait(&cnd2, &mtx2); // COMPLIANT + cnd_wait(&cnd2, &mtx2); // COMPLIANT +} + +void f2(void) { + cnd_t cnd1; + mtx_t mtx1; + mtx_t mtx2; + cnd_wait(&cnd1, &mtx1); // NON-COMPLIANT + cnd_wait(&cnd1, &mtx2); // NON-COMPLIANT +} + +void f3(void) { + cnd_t cnd1; + cnd_t cnd2; + mtx_t mtx1; + cnd_wait(&cnd1, &mtx1); // COMPLIANT + cnd_wait(&cnd2, &mtx1); // COMPLIANT +} + +void f4(cnd_t *cnd1, mtx_t *mtx1, mtx_t *mtx2) { + cnd_wait(cnd1, mtx1); // COMPLIANT + // Compliant, mtx1 and mtx2 may point to the same object + cnd_wait(cnd1, mtx2); // COMPLIANT +} + +cnd_t gcnd1; +mtx_t gmtx1; +mtx_t gmtx2; +void f5(void) { + cnd_wait(&gcnd1, &gmtx1); // NON-COMPLIANT +} + +void f6(void) { + cnd_wait(&gcnd1, &gmtx2); // NON-COMPLIANT +} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-22-20/ThreadStorageNotInitializedBeforeUse.expected b/c/misra/test/rules/RULE-22-20/ThreadStorageNotInitializedBeforeUse.expected new file mode 100644 index 0000000000..9a9b86dfa2 --- /dev/null +++ b/c/misra/test/rules/RULE-22-20/ThreadStorageNotInitializedBeforeUse.expected @@ -0,0 +1,5 @@ +| test.c:6:11:6:13 | & ... | Thread specific storage pointer '$@' possibly used before initialization, from entry point function '$@'. | test.c:5:9:5:10 | l1 | l1 | test.c:4:6:4:19 | use_local_mtxs | use_local_mtxs | +| test.c:11:11:11:12 | l4 | Thread specific storage pointer '$@' possibly used before initialization, from entry point function '$@'. | test.c:10:15:10:20 | call to malloc | call to malloc | test.c:16:6:16:31 | root1_calls_use_local_mtxs | root1_calls_use_local_mtxs | +| test.c:25:11:25:13 | & ... | Thread specific storage pointer '$@' possibly used before initialization, from entry point function '$@'. | test.c:22:7:22:8 | g1 | g1 | test.c:24:6:24:28 | root2_uses_global_tss_t | root2_uses_global_tss_t | +| test.c:38:11:38:13 | & ... | Thread specific storage pointer '$@' possibly used before initialization, from entry point function '$@'. | test.c:22:7:22:8 | g1 | g1 | test.c:41:6:41:45 | root4_call_thread_without_initialization | root4_call_thread_without_initialization | +| test.c:58:11:58:13 | & ... | Thread specific storage pointer '$@' possibly used before initialization, from entry point function '$@'. | test.c:56:7:56:8 | g5 | g5 | test.c:67:6:67:50 | root6_spawn_thread_uninitialized_thread_local | root6_spawn_thread_uninitialized_thread_local | diff --git a/c/misra/test/rules/RULE-22-20/ThreadStorageNotInitializedBeforeUse.qlref b/c/misra/test/rules/RULE-22-20/ThreadStorageNotInitializedBeforeUse.qlref new file mode 100644 index 0000000000..10d9aadf1b --- /dev/null +++ b/c/misra/test/rules/RULE-22-20/ThreadStorageNotInitializedBeforeUse.qlref @@ -0,0 +1 @@ +rules/RULE-22-20/ThreadStorageNotInitializedBeforeUse.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-22-20/ThreadStoragePointerInitializedInsideThread.expected b/c/misra/test/rules/RULE-22-20/ThreadStoragePointerInitializedInsideThread.expected new file mode 100644 index 0000000000..75e9825074 --- /dev/null +++ b/c/misra/test/rules/RULE-22-20/ThreadStoragePointerInitializedInsideThread.expected @@ -0,0 +1 @@ +| test.c:61:3:61:12 | call to tss_create | Thread specific storage object initialization reachable from threaded function '$@'. | test.c:57:6:57:41 | from_root6_init_and_use_thread_local | from_root6_init_and_use_thread_local | diff --git a/c/misra/test/rules/RULE-22-20/ThreadStoragePointerInitializedInsideThread.qlref b/c/misra/test/rules/RULE-22-20/ThreadStoragePointerInitializedInsideThread.qlref new file mode 100644 index 0000000000..d299808814 --- /dev/null +++ b/c/misra/test/rules/RULE-22-20/ThreadStoragePointerInitializedInsideThread.qlref @@ -0,0 +1 @@ +rules/RULE-22-20/ThreadStoragePointerInitializedInsideThread.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-22-20/test.c b/c/misra/test/rules/RULE-22-20/test.c new file mode 100644 index 0000000000..0fe58abdcd --- /dev/null +++ b/c/misra/test/rules/RULE-22-20/test.c @@ -0,0 +1,70 @@ +#include "stdlib.h" +#include "threads.h" + +void use_local_mtxs(int x, int y) { + tss_t l1; + tss_get(&l1); // NON-COMPLIANT + tss_create(&l1, NULL); + tss_get(&l1); // COMPLIANT + + tss_t *l4 = malloc(sizeof(tss_t)); + tss_get(l4); // NON-COMPLIANT + tss_create(l4, NULL); + tss_get(l4); // COMPLIANT +} + +void root1_calls_use_local_mtxs() { + // Since a function exists which calls use_local_mtxs(), that function is not + // a root function. The query should still report unused locals in this case. + use_local_mtxs(1, 2); +} + +tss_t g1; + +void root2_uses_global_tss_t() { + tss_get(&g1); // NON-COMPLIANT +} + +void from_root3_use_global_tss_t() { + tss_get(&g1); // COMPLIANT +} + +void root3_initializes_and_uses_global_tss_t() { + tss_create(&g1, NULL); + from_root3_use_global_tss_t(); +} + +void from_root4_use_global_tss_t(void *arg) { + tss_get(&g1); // NON-COMPLIANT +} + +void root4_call_thread_without_initialization() { + thrd_t t; + thrd_create(&t, &from_root4_use_global_tss_t, NULL); +} + +void from_root5_use_global_tss_t(void *arg) { + tss_get(&g1); // COMPLIANT +} + +void root5_thread_with_initialization() { + tss_create(&g1, NULL); + thrd_t t; + thrd_create(&t, &from_root5_use_global_tss_t, NULL); +} + +mtx_t g5; +void from_root6_init_and_use_thread_local() { + tss_get(&g5); // NON-COMPLIANT + + // Violates recommendation, tss_t initialized within a thread. + tss_create(&g5, NULL); // NON-COMPLIANT + + // Valid if we except the above initialization. + tss_get(&g5); // COMPLIANT +} + +void root6_spawn_thread_uninitialized_thread_local() { + thrd_t t; + thrd_create(&t, &from_root6_init_and_use_thread_local, NULL); +} \ No newline at end of file diff --git a/change_notes/2024-12-10-refactor-concurrency-library.md b/change_notes/2024-12-10-refactor-concurrency-library.md new file mode 100644 index 0000000000..ccefe85f19 --- /dev/null +++ b/change_notes/2024-12-10-refactor-concurrency-library.md @@ -0,0 +1,2 @@ + - `Concurrency.qll` - for all queries using this library + - This has been refactored into a set of smaller utility files. No impact on query results or performance expected. \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/Concurrency.qll b/cpp/common/src/codingstandards/cpp/Concurrency.qll index cfb0f03f72..0e2afb8ece 100644 --- a/cpp/common/src/codingstandards/cpp/Concurrency.qll +++ b/cpp/common/src/codingstandards/cpp/Concurrency.qll @@ -1,1015 +1,15 @@ import cpp import semmle.code.cpp.dataflow.TaintTracking - -/** - * Models CFG nodes which should be added to a thread context. - */ -abstract class ThreadedCFGPathExtension extends ControlFlowNode { - /** - * Returns the next `ControlFlowNode` in this thread context. - */ - abstract ControlFlowNode getNext(); -} - -/** - * Models a `FunctionCall` invoked from a threaded context. - */ -class ThreadContextFunctionCall extends FunctionCall, ThreadedCFGPathExtension { - override ControlFlowNode getNext() { getTarget().getEntryPoint() = result } -} - -/** - * Models a specialized `FunctionCall` that may create a thread. - */ -abstract class ThreadCreationFunction extends FunctionCall, ThreadedCFGPathExtension { - /** - * Returns the function that will be invoked. - */ - abstract Function getFunction(); -} - -/** - * Models a call to a thread constructor via `std::thread`. - */ -class ThreadConstructorCall extends ConstructorCall, ThreadCreationFunction { - Function f; - - ThreadConstructorCall() { - getTarget().getDeclaringType().hasQualifiedName("std", "thread") and - f = getArgument(0).(FunctionAccess).getTarget() - } - - /** - * Returns the function that will be invoked by this `std::thread`. - */ - override Function getFunction() { result = f } - - override ControlFlowNode getNext() { result = getFunction().getEntryPoint() } -} - -/** - * Models a call to a thread creation via `thrd_create` or `pthread_create`. - */ -class CThreadCreateCall extends FunctionCall { - Function f; - int fArgIdx; - - CThreadCreateCall() { - ( - getTarget().getName() = "thrd_create" and - fArgIdx = 1 - or - getTarget().getName() = "pthread_create" and - fArgIdx = 2 - ) and - ( - f = getArgument(fArgIdx).(FunctionAccess).getTarget() or - f = getArgument(fArgIdx).(AddressOfExpr).getOperand().(FunctionAccess).getTarget() - ) - } - - /** - * Returns the function that will be invoked by this thread. - */ - Function getFunction() { result = f } -} - -/** - * Models a call to a thread constructor via `thrd_create`. - */ -class C11ThreadCreateCall extends ThreadCreationFunction, CThreadCreateCall { - C11ThreadCreateCall() { getTarget().getName() = "thrd_create" } - - /** - * Returns the function that will be invoked by this thread. - */ - override Function getFunction() { result = f } - - override ControlFlowNode getNext() { result = getFunction().getEntryPoint() } -} - -class C11MutexType extends TypedefType { - C11MutexType() { this.hasName("mtx_t") } -} - -class C11ThreadType extends TypedefType { - C11ThreadType() { this.hasName("thrd_t") } -} - -class C11ConditionType extends TypedefType { - C11ConditionType() { this.hasName("cnd_t") } -} - -class C11ThreadStorageType extends TypedefType { - C11ThreadStorageType() { this.hasName("tss_t") } -} - -class C11ThreadingObjectType extends TypedefType { - C11ThreadingObjectType() { - this instanceof C11MutexType - or - this instanceof C11ThreadType - or - this instanceof C11ConditionType - or - this instanceof C11ThreadStorageType - } -} - -/** - * Common base class providing an interface into function call - * based mutex locks. - */ -abstract class MutexFunctionCall extends LockingOperation { - abstract predicate isRecursive(); - - abstract predicate isSpeculativeLock(); - - abstract predicate unlocks(MutexFunctionCall fc); -} - -/** - * Models calls to various mutex types found in CPP. - */ -class CPPMutexFunctionCall extends MutexFunctionCall { - VariableAccess var; - - CPPMutexFunctionCall() { - ( - // the non recursive kinds - getTarget().(MemberFunction).getDeclaringType().hasQualifiedName("std", "mutex") or - getTarget().(MemberFunction).getDeclaringType().hasQualifiedName("std", "timed_mutex") or - getTarget().(MemberFunction).getDeclaringType().hasQualifiedName("std", "shared_timed_mutex") or - // the recursive ones - getTarget().(MemberFunction).getDeclaringType().hasQualifiedName("std", "recursive_mutex") or - getTarget() - .(MemberFunction) - .getDeclaringType() - .hasQualifiedName("std", "recursive_timed_mutex") - ) and - var = getQualifier() - } - - /** - * Holds if this mutex is a recursive mutex. - */ - override predicate isRecursive() { - getTarget().(MemberFunction).getDeclaringType().hasQualifiedName("std", "recursive_mutex") or - getTarget().(MemberFunction).getDeclaringType().hasQualifiedName("std", "recursive_timed_mutex") - } - - /** - * Holds if this `CPPMutexFunctionCall` is a lock. - */ - override predicate isLock() { - not isLockingOperationWithinLockingOperation(this) and - getTarget().getName() = "lock" - } - - /** - * Holds if this `CPPMutexFunctionCall` is a speculative lock, defined as calling - * one of the speculative locking functions such as `try_lock`. - */ - override predicate isSpeculativeLock() { - getTarget().getName() in [ - "try_lock", "try_lock_for", "try_lock_until", "try_lock_shared_for", "try_lock_shared_until" - ] - } - - /** - * Returns the lock to which this `CPPMutexFunctionCall` refers to. - */ - override Variable getLock() { result = getQualifier().(VariableAccess).getTarget() } - - /** - * Returns the qualifier for this `CPPMutexFunctionCall`. - */ - override Expr getLockExpr() { result = var } - - /** - * Holds if this is a `unlock` and *may* unlock the previously locked `MutexFunctionCall`. - * This predicate does not check that the mutex is currently locked. - */ - override predicate unlocks(MutexFunctionCall fc) { - isUnlock() and - fc.getQualifier().(VariableAccess).getTarget() = getQualifier().(VariableAccess).getTarget() - } - - /** - * Holds if this is an unlock call. - */ - override predicate isUnlock() { getTarget().getName() = "unlock" } -} - -/** - * Models calls to various mutex types specialized to C code. - */ -class CMutexFunctionCall extends MutexFunctionCall { - Expr arg; - - CMutexFunctionCall() { - // the non recursive kinds - getTarget().getName() = ["mtx_lock", "mtx_unlock", "mtx_timedlock", "mtx_trylock"] and - arg = getArgument(0) - } - - /** - * Holds if this mutex is a recursive mutex. - */ - override predicate isRecursive() { none() } - - /** - * Holds if this `CMutexFunctionCall` is a lock. - */ - override predicate isLock() { - not isLockingOperationWithinLockingOperation(this) and - getTarget().getName() = ["mtx_lock", "mtx_timedlock", "mtx_trylock"] - } - - /** - * Holds if this `CMutexFunctionCall` is a speculative lock, defined as calling - * one of the speculative locking functions such as `try_lock`. - */ - override predicate isSpeculativeLock() { - getTarget().getName() in ["mtx_timedlock", "mtx_trylock"] - } - - /** - * Returns the `Variable` to which this `CMutexFunctionCall` refers to. For this - * style of lock it can reference a number of different variables. - */ - override Variable getLock() { - exists(VariableAccess va | - TaintTracking::localTaint(DataFlow::exprNode(va), DataFlow::exprNode(getLockExpr())) and - result = va.getTarget() - ) - } - - /** - * Returns the expression for this `CMutexFunctionCall`. - */ - override Expr getLockExpr() { result = arg } - - /** - * Holds if this is a `unlock` and *may* unlock the previously locked `CMutexFunctionCall`. - * This predicate does not check that the mutex is currently locked. - */ - override predicate unlocks(MutexFunctionCall fc) { - isUnlock() and - fc.getLock() = getLock() - } - - /** - * Holds if this is an unlock call. - */ - override predicate isUnlock() { getTarget().getName() = "mtx_unlock" } -} - -/** - * The thread-aware predecessor function is defined in terms of the thread aware - * successor function. This is because it is simpler to construct the forward - * paths of a thread's execution than the backwards paths. For this reason we - * require a `start` and `end` node. - * - * The logic of this function is that a thread aware predecessor is one that - * follows a `start` node, is not equal to the ending node, and does not follow - * the `end` node. Such nodes can only be predecessors of `end`. - * - * For this reason this function requires a `start` node from which to start - * considering something a predecessor of `end`. - */ -pragma[inline] -ControlFlowNode getAThreadContextAwarePredecessor(ControlFlowNode start, ControlFlowNode end) { - result = getAThreadContextAwareSuccessor(start) and - not result = getAThreadContextAwareSuccessor(end) and - not result = end -} - -/** - * A predicate for finding successors of `ControlFlowNode`s that are aware of - * the objects that my flow into a thread's context. This is achieved by adding - * additional edges to thread entry points and function calls. - */ -ControlFlowNode getAThreadContextAwareSuccessorR(ControlFlowNode cfn) { - result = cfn.getASuccessor() - or - result = cfn.(ThreadedCFGPathExtension).getNext() -} - -ControlFlowNode getAThreadContextAwareSuccessor(ControlFlowNode m) { - result = getAThreadContextAwareSuccessorR*(m) and - // for performance reasons we handle back edges by enforcing a lexical - // ordering restriction on these nodes if they are both in - // the same loop. One way of doing this is as follows: - // - // ````and ( - // exists(Loop loop | - // loop.getAChild*() = m and - // loop.getAChild*() = result - // ) - // implies - // not result.getLocation().isBefore(m.getLocation()) - // )``` - // In this implementation we opt for the more generic form below - // which seems to have reasonable performance. - ( - m.getEnclosingStmt().getParentStmt*() = result.getEnclosingStmt().getParentStmt*() - implies - not exists(Location l1, Location l2 | - l1 = result.getLocation() and - l2 = m.getLocation() - | - l1.getEndLine() < l2.getStartLine() - or - l1.getStartLine() = l2.getEndLine() and - l1.getEndColumn() < l2.getStartColumn() - ) - ) -} - -abstract class LockingOperation extends FunctionCall { - /** - * Returns the target of the lock underlying this RAII-style lock. - */ - abstract Variable getLock(); - - /** - * Returns the lock underlying this RAII-style lock. - */ - abstract Expr getLockExpr(); - - /** - * Holds if this is a lock operation - */ - abstract predicate isLock(); - - /** - * Holds if this is an unlock operation - */ - abstract predicate isUnlock(); - - /** - * Holds if this locking operation is really a locking operation within a - * designated locking operation. This library assumes the underlying locking - * operations are implemented correctly in that calling a `LockingOperation` - * results in the creation of a singular lock. - */ - predicate isLockingOperationWithinLockingOperation(LockingOperation inner) { - exists(LockingOperation outer | outer.getTarget() = inner.getEnclosingFunction()) - } -} - -/** - * Models a RAII-Style lock. - */ -class RAIIStyleLock extends LockingOperation { - VariableAccess lock; - - RAIIStyleLock() { - ( - getTarget().getDeclaringType().hasQualifiedName("std", "lock_guard") or - getTarget().getDeclaringType().hasQualifiedName("std", "unique_lock") or - getTarget().getDeclaringType().hasQualifiedName("std", "scoped_lock") - ) and - ( - lock = getArgument(0).getAChild*() - or - this instanceof DestructorCall and - exists(RAIIStyleLock constructor | - constructor = getQualifier().(VariableAccess).getTarget().getInitializer().getExpr() and - lock = constructor.getArgument(0).getAChild*() - ) - ) - } - - /** - * Holds if this is a lock operation - */ - override predicate isLock() { - not isLockingOperationWithinLockingOperation(this) and - this instanceof ConstructorCall and - lock = getArgument(0).getAChild*() and - // defer_locks don't cause a lock - not exists(Expr exp | - exp = getArgument(1) and - exp.(VariableAccess) - .getTarget() - .getUnderlyingType() - .(Class) - .hasQualifiedName("std", "defer_lock_t") - ) - } - - /** - * Holds if this is an unlock operation - */ - override predicate isUnlock() { this instanceof DestructorCall } - - /** - * Returns the target of the lock underlying this RAII-style lock. - */ - override Variable getLock() { result = lock.getTarget() } - - /** - * Returns the lock underlying this RAII-style lock. - */ - override Expr getLockExpr() { result = lock } -} - -/** - * Models a function that may be executed by some thread. - */ -abstract class ThreadedFunction extends Function { } - -/** - * Models a function that may be executed by some thread via - * C++ standard classes. - */ -class CPPThreadedFunction extends ThreadedFunction { - CPPThreadedFunction() { exists(ThreadConstructorCall tcc | tcc.getFunction() = this) } -} - -/** - * Models a function that may be executed by some thread via - * C11 standard functions. - */ -class C11ThreadedFunction extends ThreadedFunction { - C11ThreadedFunction() { exists(C11ThreadCreateCall cc | cc.getFunction() = this) } -} - -/** - * Models a control flow node within a function that may be executed by some - * thread. - */ -class ThreadedCFN extends ControlFlowNode { - ThreadedCFN() { - exists(ThreadedFunction tf | this = getAThreadContextAwareSuccessor(tf.getEntryPoint())) - } -} - -/** - * Models a `ControlFlowNode` that is protected by some sort of lock. - */ -class LockProtectedControlFlowNode extends ThreadedCFN { - FunctionCall lockingFunction; - - LockProtectedControlFlowNode() { - exists(LockingOperation lock | - // there is a node that is a lock - lockingFunction = lock and - lock.isLock() and - // this node should be a successor of this lock - this = getAThreadContextAwareSuccessor(lock) and - // and there should not exist a predecessor of this - // node that is an unlock. Since we are doing thread context - // aware tracking it is easier to go forwards than backwards - // in constructing the call graph. Thus we can define predecessor - // in terms of a node that is a successor of the lock but NOT a - // successor of the current node. - not exists(ControlFlowNode unlock | - // it's an unlock - unlock = getAThreadContextAwarePredecessor(lock, this) and - unlock.(MutexFunctionCall).isUnlock() and - // note that we don't check that it's the same lock -- this is left - // to the caller to enforce this condition. - // Because of the way that `getAThreadContextAwarePredecessor` works, it is possible - // for operations PAST it to be technically part of the predecessors. - // Thus, we need to make sure that this node is a - // successor of the unlock in the CFG - getAThreadContextAwareSuccessor(unlock) = this - ) and - (lock instanceof MutexFunctionCall implies not this.(MutexFunctionCall).isUnlock()) - ) - } - - /** - * The `MutexFunctionCall` holding the lock that locks this node. - */ - FunctionCall coveredByLock() { result = lockingFunction } - - /** - * The lock underlying this `LockProtectedControlFlowNode`. - */ - Variable getAProtectingLock() { result = lockingFunction.(LockingOperation).getLock() } -} - -/** - * Models a function that conditionally waits. - */ -abstract class ConditionalWait extends FunctionCall { } - -/** - * Models a function in CPP that will conditionally wait. - */ -class CPPConditionalWait extends ConditionalWait { - CPPConditionalWait() { - exists(MemberFunction mf | - mf = getTarget() and - mf.getDeclaringType().hasQualifiedName("std", "condition_variable") and - mf.getName() in ["wait", "wait_for", "wait_until"] - ) - } -} - -/** - * Models a function in C that will conditionally wait. - */ -class CConditionalWait extends ConditionalWait { - CConditionalWait() { getTarget().getName() in ["cnd_wait"] } -} - -/** - * Models a function which uses a c condition variable. Not integrated into the thread aware CFG. - */ -class CConditionOperation extends FunctionCall { - CConditionOperation() { - getTarget().hasName(["cnd_broadcast", "cnd_signal", "cnd_timedwait", "cnd_wait", "cnd_init"]) - } - - predicate isInit() { getTarget().hasName("cnd_init") } - - predicate isUse() { not isInit() } - - Expr getConditionExpr() { result = getArgument(0) } - - /* Note: only holds for `cnd_wait()` and `cnd_timedwait()` */ - Expr getMutexExpr() { result = getArgument(1) } -} - -/** - * Models a call to a `std::thread` constructor that depends on a mutex. - */ -class MutexDependentThreadConstructor extends ThreadConstructorCall { - Expr mutexExpr; - - MutexDependentThreadConstructor() { - mutexExpr = getAnArgument() and - mutexExpr.getUnderlyingType().stripType() instanceof MutexType - } - - Expr dependentMutex() { result = mutexExpr } -} - -/** - * Models thread waiting functions. - */ -abstract class ThreadWait extends FunctionCall { } - -/** - * Models a call to a `std::thread` join. - */ -class CPPThreadWait extends ThreadWait { - VariableAccess var; - - CPPThreadWait() { - getTarget().(MemberFunction).getDeclaringType().hasQualifiedName("std", "thread") and - getTarget().getName() = "join" - } -} - -/** - * Models a call to `thrd_join` in C11. - */ -class C11ThreadWait extends ThreadWait { - VariableAccess var; - - C11ThreadWait() { getTarget().getName() = "thrd_join" } -} - -/** - * Models thread detach functions. - */ -abstract class ThreadDetach extends FunctionCall { } - -/** - * Models a call to `thrd_detach` in C11. - */ -class C11ThreadDetach extends ThreadWait { - VariableAccess var; - - C11ThreadDetach() { getTarget().getName() = "thrd_detach" } -} - -abstract class MutexSource extends FunctionCall { } - -/** - * Models a C++ style mutex. - */ -class CPPMutexSource extends MutexSource, ConstructorCall { - CPPMutexSource() { getTarget().getDeclaringType().hasQualifiedName("std", "mutex") } -} - -/** - * Models a C11 style mutex. - */ -class C11MutexSource extends MutexSource, FunctionCall { - C11MutexSource() { getTarget().hasName("mtx_init") } - - Expr getMutexExpr() { result = getArgument(0) } - - Expr getMutexTypeExpr() { result = getArgument(1) } -} - -/** - * Models a thread dependent mutex. A thread dependent mutex is a mutex - * that is used by a thread. This dependency is established either by directly - * passing in a mutex or by referencing a mutex that is in the local scope. The utility - * of this class is it captures the `DataFlow::Node` source at which the mutex - * came from. For example, if it is passed in from a local function to a thread. - * This functionality is critical, since it allows one to inspect how the thread - * behaves with respect to the owner of a resource. - * - * To model the myriad ways this can happen, the subclasses of this class are - * responsible for implementing the various usage patterns. - */ -abstract class ThreadDependentMutex extends DataFlow::Node { - DataFlow::Node sink; - - DataFlow::Node getASource() { - // the source is either the thing that declared - // the mutex - result = this - or - // or the thread we are using it in - result = getAThreadSource() - } - - /** - * Gets the dataflow nodes corresponding to thread local usages of the - * dependent mutex. - */ - DataFlow::Node getAThreadSource() { - // here we line up the actual parameter at the thread creation - // site with the formal parameter in the target thread. - // Note that there are differences between the C and C++ versions - // of the argument ordering in the thread creation function. However, - // since the C version only takes one parameter (as opposed to multiple) - // we can simplify this search by considering only the first argument. - exists(FunctionCall fc, Function f, int n | - // Get the argument to which the mutex flowed. - fc.getArgument(n) = sink.asExpr() and - // Get the thread function we are calling. - f = fc.getArgument(0).(FunctionAccess).getTarget() and - // in C++, there is an extra argument to the `std::thread` call - // so we must subtract 1 since this is not passed to the thread. - ( - result = DataFlow::exprNode(f.getParameter(n - 1).getAnAccess()) - or - // In C, only one argument is allowed. Thus IF the flow predicate holds, - // it will be to the first argument - result = DataFlow::exprNode(f.getParameter(0).getAnAccess()) - ) - ) - } - - /** - * Produces the set of dataflow nodes to thread creation for threads - * that are dependent on this mutex. - */ - DataFlow::Node getADependentThreadCreationExpr() { - exists(FunctionCall fc | - fc.getAnArgument() = sink.asExpr() and - result = DataFlow::exprNode(fc) - ) - } - - /** - * Gets a set of usages of this mutex in both the local and thread scope. - * In the case of scoped usage, this also captures typical accesses of variables. - */ - DataFlow::Node getAUsage() { TaintTracking::localTaint(getASource(), result) } -} - -/** - * This class models the type of thread/mutex dependency that is established - * through the typical parameter passing mechanisms found in C++. - */ -class FlowBasedThreadDependentMutex extends ThreadDependentMutex { - FlowBasedThreadDependentMutex() { - // some sort of dataflow, likely through parameter passing. - ThreadDependentMutexFlow::flow(this, sink) - } -} - -/** - * This class models the type of thread/mutex dependency that is established by - * either scope based accesses (e.g., global variables) or block scope differences. - */ -class AccessBasedThreadDependentMutex extends ThreadDependentMutex { - Variable variableSource; - - AccessBasedThreadDependentMutex() { - // encapsulates usages from outside scopes not directly expressed - // in dataflow. - exists(MutexSource mutexSrc, ThreadedFunction f | - DataFlow::exprNode(mutexSrc) = this and - // find a variable that was assigned the mutex - TaintTracking::localTaint(DataFlow::exprNode(mutexSrc), - DataFlow::exprNode(variableSource.getAnAssignedValue())) and - // find all subsequent accesses of that variable that are within a - // function and set those to the sink - exists(VariableAccess va | - va = variableSource.getAnAccess() and - va.getEnclosingFunction() = f and - sink = DataFlow::exprNode(va) - ) - ) - } - - override DataFlow::Node getAUsage() { DataFlow::exprNode(variableSource.getAnAccess()) = result } -} - -/** - * In the typical C thread model, a mutex is a created by a function that is not responsible - * for creating the variable. Thus this class encodes a slightly different semantics - * wherein the usage pattern is that of variables that have been both initialized - * and then subsequently passed into a thread directly. - */ -class DeclarationInitBasedThreadDependentMutex extends ThreadDependentMutex { - Variable variableSource; - - DeclarationInitBasedThreadDependentMutex() { - exists(MutexSource ms, ThreadCreationFunction tcf | - this = DataFlow::exprNode(ms) and - // accessed as a mutex source - TaintTracking::localTaint(DataFlow::exprNode(variableSource.getAnAccess()), - DataFlow::exprNode(ms.getAnArgument())) and - // subsequently passed to a thread creation function (order not strictly - // enforced for performance reasons) - sink = DataFlow::exprNode(tcf.getAnArgument()) and - TaintTracking::localTaint(DataFlow::exprNode(variableSource.getAnAccess()), sink) - ) - } - - override DataFlow::Node getAUsage() { - TaintTracking::localTaint(getASource(), result) or - DataFlow::exprNode(variableSource.getAnAccess()) = result - } - - override DataFlow::Node getASource() { - // the source is either the thing that declared - // the mutex - result = this - or - // or the thread we are using it in - result = getAThreadSource() - } - - DataFlow::Node getSink() { result = sink } - - /** - * Gets the dataflow nodes corresponding to thread local usages of the - * dependent mutex. - */ - override DataFlow::Node getAThreadSource() { - // here we line up the actual parameter at the thread creation - // site with the formal parameter in the target thread. - // Note that there are differences between the C and C++ versions - // of the argument ordering in the thread creation function. However, - // since the C version only takes one parameter (as opposed to multiple) - // we can simplify this search by considering only the first argument. - exists( - FunctionCall fc, Function f, int n // CPP Version - | - fc.getArgument(n) = sink.asExpr() and - f = fc.getArgument(0).(FunctionAccess).getTarget() and - // in C++, there is an extra argument to the `std::thread` call - // so we must subtract 1 since this is not passed to the thread. - result = DataFlow::exprNode(f.getParameter(n - 1).getAnAccess()) - ) - or - exists( - FunctionCall fc, Function f // C Version - | - fc.getAnArgument() = sink.asExpr() and - // in C, the second argument is the function - f = fc.getArgument(1).(FunctionAccess).getTarget() and - // in C, the passed argument is always the zeroth argument - result = DataFlow::exprNode(f.getParameter(0).getAnAccess()) - ) - } -} - -/** - * In the typical C model, another way to use mutexes is to work with global variables - * that can be initialized at various points -- one of which must be inside a thread. - * This class encapsulates this pattern. - */ -class DeclarationInitAccessBasedThreadDependentMutex extends ThreadDependentMutex { - Variable variableSource; - - DeclarationInitAccessBasedThreadDependentMutex() { - exists(MutexSource ms, ThreadedFunction tf, VariableAccess va | - this = DataFlow::exprNode(ms) and - // accessed as a mutex source - TaintTracking::localTaint(DataFlow::exprNode(variableSource.getAnAccess()), - DataFlow::exprNode(ms.getAnArgument())) and - // is accessed somewhere else - va = variableSource.getAnAccess() and - sink = DataFlow::exprNode(va) and - // one of which must be a thread - va.getEnclosingFunction() = tf - ) - } - - override DataFlow::Node getAUsage() { result = DataFlow::exprNode(variableSource.getAnAccess()) } -} - -module ThreadDependentMutexConfig implements DataFlow::ConfigSig { - predicate isSource(DataFlow::Node node) { node.asExpr() instanceof MutexSource } - - predicate isSink(DataFlow::Node node) { - exists(ThreadCreationFunction f | f.getAnArgument() = node.asExpr()) - } -} - -module ThreadDependentMutexFlow = TaintTracking::Global; - -/** - * Models expressions that destroy mutexes. - */ -abstract class MutexDestroyer extends StmtParent { - /** - * Gets the expression that references the mutex being destroyed. - */ - abstract Expr getMutexExpr(); -} - -/** - * Models C style mutex destruction via `mtx_destroy`. - */ -class C11MutexDestroyer extends MutexDestroyer, FunctionCall { - C11MutexDestroyer() { getTarget().getName() = "mtx_destroy" } - - /** - * Returns the `Expr` being destroyed. - */ - override Expr getMutexExpr() { result = getArgument(0) } -} - -/** - * Models a delete expression -- note it is necessary to add this in - * addition to destructors to handle certain implementations of the - * standard library which obscure the destructors of mutexes. - */ -class DeleteMutexDestroyer extends MutexDestroyer { - DeleteMutexDestroyer() { this instanceof DeleteExpr } - - override Expr getMutexExpr() { this.(DeleteExpr).getExpr() = result } -} - -/** - * Models a possible mutex variable that if it goes - * out of scope would destroy an underlying mutex. - */ -class LocalMutexDestroyer extends MutexDestroyer { - Expr assignedValue; - - LocalMutexDestroyer() { - exists(LocalVariable lv | - // static types aren't destroyers - not lv.isStatic() and - // neither are pointers - not lv.getType() instanceof PointerType and - lv.getAnAssignedValue() = assignedValue and - // map the location to the return statements of the - // enclosing function - exists(ReturnStmt rs | - rs.getEnclosingFunction() = assignedValue.getEnclosingFunction() and - rs = this - ) - ) - } - - override Expr getMutexExpr() { result = assignedValue } -} - -/** - * Models implicit or explicit calls to the destructor of a mutex, either via - * a `delete` statement or a variable going out of scope. - */ -class DestructorMutexDestroyer extends MutexDestroyer, DestructorCall { - DestructorMutexDestroyer() { getTarget().getDeclaringType().hasQualifiedName("std", "mutex") } - - /** - * Returns the `Expr` being deleted. - */ - override Expr getMutexExpr() { getQualifier() = result } -} - -/** - * Models a conditional variable denoted by `std::condition_variable`. - */ -class ConditionalVariable extends Variable { - ConditionalVariable() { - getUnderlyingType().(Class).hasQualifiedName("std", "condition_variable") - } -} - -/** - * Models a conditional function, which is a function that depends on the value - * of a conditional variable. - */ -class ConditionalFunction extends Function { - ConditionalFunction() { - exists(ConditionalVariable cv | cv.getAnAccess().getEnclosingFunction() = this) - } -} - -/** - * Models calls to thread specific storage function calls. - */ -abstract class ThreadSpecificStorageFunctionCall extends FunctionCall { - /** - * Gets the key to which this call references. - */ - Expr getKey() { getArgument(0) = result } -} - -/** - * Models calls to `tss_get`. - */ -class TSSGetFunctionCall extends ThreadSpecificStorageFunctionCall { - TSSGetFunctionCall() { getTarget().getName() = "tss_get" } -} - -/** - * Models calls to `tss_set`. - */ -class TSSSetFunctionCall extends ThreadSpecificStorageFunctionCall { - TSSSetFunctionCall() { getTarget().getName() = "tss_set" } -} - -/** - * Models calls to `tss_create` - */ -class TSSCreateFunctionCall extends ThreadSpecificStorageFunctionCall { - TSSCreateFunctionCall() { getTarget().getName() = "tss_create" } - - predicate hasDeallocator() { - not exists(MacroInvocation mi, NullMacro nm | - getArgument(1) = mi.getExpr() and - mi = nm.getAnInvocation() - ) - } -} - -/** - * Models calls to `tss_delete` - */ -class TSSDeleteFunctionCall extends ThreadSpecificStorageFunctionCall { - TSSDeleteFunctionCall() { getTarget().getName() = "tss_delete" } -} - -/** - * Gets a call to `DeallocationExpr` that deallocates memory owned by thread specific - * storage. - */ -predicate getAThreadSpecificStorageDeallocationCall(C11ThreadCreateCall tcc, DeallocationExpr dexp) { - exists(TSSGetFunctionCall tsg | - tcc.getFunction().getEntryPoint().getASuccessor*() = tsg and - DataFlow::localFlow(DataFlow::exprNode(tsg), DataFlow::exprNode(dexp.getFreedExpr())) - ) -} - -/** - * Models calls to routines `atomic_compare_exchange_weak` and - * `atomic_compare_exchange_weak_explicit` in the `stdatomic` library. - * Note that these are typically implemented as macros within Clang and - * GCC's standard libraries. - */ -class AtomicCompareExchange extends MacroInvocation { - AtomicCompareExchange() { - getMacroName() = "atomic_compare_exchange_weak" - or - // some compilers model `atomic_compare_exchange_weak` as a macro that - // expands to `atomic_compare_exchange_weak_explicit` so this defeats that - // and other similar modeling. - getMacroName() = "atomic_compare_exchange_weak_explicit" and - not exists(MacroInvocation m | - m.getMacroName() = "atomic_compare_exchange_weak" and - m.getAnExpandedElement() = getAnExpandedElement() - ) - } -} - -/** - * Models calls to routines `atomic_store` and - * `atomic_store_explicit` in the `stdatomic` library. - * Note that these are typically implemented as macros within Clang and - * GCC's standard libraries. - */ -class AtomicStore extends MacroInvocation { - AtomicStore() { - getMacroName() = "atomic_store" - or - // some compilers model `atomic_compare_exchange_weak` as a macro that - // expands to `atomic_compare_exchange_weak_explicit` so this defeats that - // and other similar modeling. - getMacroName() = "atomic_store_explicit" and - not exists(MacroInvocation m | - m.getMacroName() = "atomic_store" and - m.getAnExpandedElement() = getAnExpandedElement() - ) - } -} +import codingstandards.cpp.concurrency.Atomic +import codingstandards.cpp.concurrency.CConditionOperation +import codingstandards.cpp.concurrency.ControlFlow +import codingstandards.cpp.concurrency.ConditionalWait +import codingstandards.cpp.concurrency.LockingOperation +import codingstandards.cpp.concurrency.LockProtectedControlFlow +import codingstandards.cpp.concurrency.MutexDestroyer +import codingstandards.cpp.concurrency.ThreadCreation +import codingstandards.cpp.concurrency.ThreadedFunction +import codingstandards.cpp.concurrency.ThreadDependentMutex +import codingstandards.cpp.concurrency.ThreadSpecificStorage +import codingstandards.cpp.concurrency.ThreadWaitDetach +import codingstandards.cpp.concurrency.Types diff --git a/cpp/common/src/codingstandards/cpp/concurrency/Atomic.qll b/cpp/common/src/codingstandards/cpp/concurrency/Atomic.qll new file mode 100644 index 0000000000..44101f08bb --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/concurrency/Atomic.qll @@ -0,0 +1,43 @@ +import cpp + +/** + * Models calls to routines `atomic_compare_exchange_weak` and + * `atomic_compare_exchange_weak_explicit` in the `stdatomic` library. + * Note that these are typically implemented as macros within Clang and + * GCC's standard libraries. + */ +class AtomicCompareExchange extends MacroInvocation { + AtomicCompareExchange() { + getMacroName() = "atomic_compare_exchange_weak" + or + // some compilers model `atomic_compare_exchange_weak` as a macro that + // expands to `atomic_compare_exchange_weak_explicit` so this defeats that + // and other similar modeling. + getMacroName() = "atomic_compare_exchange_weak_explicit" and + not exists(MacroInvocation m | + m.getMacroName() = "atomic_compare_exchange_weak" and + m.getAnExpandedElement() = getAnExpandedElement() + ) + } +} + +/** + * Models calls to routines `atomic_store` and + * `atomic_store_explicit` in the `stdatomic` library. + * Note that these are typically implemented as macros within Clang and + * GCC's standard libraries. + */ +class AtomicStore extends MacroInvocation { + AtomicStore() { + getMacroName() = "atomic_store" + or + // some compilers model `atomic_compare_exchange_weak` as a macro that + // expands to `atomic_compare_exchange_weak_explicit` so this defeats that + // and other similar modeling. + getMacroName() = "atomic_store_explicit" and + not exists(MacroInvocation m | + m.getMacroName() = "atomic_store" and + m.getAnExpandedElement() = getAnExpandedElement() + ) + } +} diff --git a/cpp/common/src/codingstandards/cpp/concurrency/CConditionOperation.qll b/cpp/common/src/codingstandards/cpp/concurrency/CConditionOperation.qll new file mode 100644 index 0000000000..adf230f08d --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/concurrency/CConditionOperation.qll @@ -0,0 +1,31 @@ +import cpp + +/** + * Models a function which uses a c condition variable. Not integrated into the thread aware CFG. + */ +class CConditionOperation extends FunctionCall { + CConditionOperation() { + getTarget().hasName(["cnd_broadcast", "cnd_signal", "cnd_timedwait", "cnd_wait", "cnd_init"]) + } + + predicate isInit() { getTarget().hasName("cnd_init") } + + predicate isUse() { not isInit() } + + Expr getConditionExpr() { result = getArgument(0) } + + /* Note: only holds for `cnd_wait()` and `cnd_timedwait()` */ + Expr getMutexExpr() { result = getArgument(1) } +} + +/** + * Models C style condition destruction via `cnd_destroy`. + */ +class C11ConditionDestroyer extends FunctionCall { + C11ConditionDestroyer() { getTarget().getName() = "cnd_destroy" } + + /** + * Returns the `Expr` being destroyed. + */ + Expr getConditionExpr() { result = getArgument(0) } +} diff --git a/cpp/common/src/codingstandards/cpp/concurrency/ConditionalWait.qll b/cpp/common/src/codingstandards/cpp/concurrency/ConditionalWait.qll new file mode 100644 index 0000000000..e69ea2fee5 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/concurrency/ConditionalWait.qll @@ -0,0 +1,26 @@ +import cpp + +/** + * Models a function that conditionally waits. + */ +abstract class ConditionalWait extends FunctionCall { } + +/** + * Models a function in CPP that will conditionally wait. + */ +class CPPConditionalWait extends ConditionalWait { + CPPConditionalWait() { + exists(MemberFunction mf | + mf = getTarget() and + mf.getDeclaringType().hasQualifiedName("std", "condition_variable") and + mf.getName() in ["wait", "wait_for", "wait_until"] + ) + } +} + +/** + * Models a function in C that will conditionally wait. + */ +class CConditionalWait extends ConditionalWait { + CConditionalWait() { getTarget().getName() in ["cnd_wait"] } +} diff --git a/cpp/common/src/codingstandards/cpp/concurrency/ControlFlow.qll b/cpp/common/src/codingstandards/cpp/concurrency/ControlFlow.qll new file mode 100644 index 0000000000..15f8ab5a61 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/concurrency/ControlFlow.qll @@ -0,0 +1,101 @@ +import cpp +private import codingstandards.cpp.concurrency.ThreadedFunction + +/** + * Models a control flow node within a function that may be executed by some + * thread. + */ +class ThreadedCFN extends ControlFlowNode { + ThreadedCFN() { + exists(ThreadedFunction tf | this = getAThreadContextAwareSuccessor(tf.getEntryPoint())) + } +} + +/** + * Models CFG nodes which should be added to a thread context. + */ +abstract class ThreadedCFGPathExtension extends ControlFlowNode { + /** + * Returns the next `ControlFlowNode` in this thread context. + */ + abstract ControlFlowNode getNext(); +} + +/** + * Models a `FunctionCall` invoked from a threaded context. + */ +class ThreadContextFunctionCall extends FunctionCall, ThreadedCFGPathExtension { + override ControlFlowNode getNext() { getTarget().getEntryPoint() = result } +} + +/** + * Models a specialized `FunctionCall` that may create a thread. + */ +abstract class ThreadCreationFunction extends FunctionCall, ThreadedCFGPathExtension { + /** + * Returns the function that will be invoked. + */ + abstract Function getFunction(); +} + +/** + * The thread-aware predecessor function is defined in terms of the thread aware + * successor function. This is because it is simpler to construct the forward + * paths of a thread's execution than the backwards paths. For this reason we + * require a `start` and `end` node. + * + * The logic of this function is that a thread aware predecessor is one that + * follows a `start` node, is not equal to the ending node, and does not follow + * the `end` node. Such nodes can only be predecessors of `end`. + * + * For this reason this function requires a `start` node from which to start + * considering something a predecessor of `end`. + */ +pragma[inline] +ControlFlowNode getAThreadContextAwarePredecessor(ControlFlowNode start, ControlFlowNode end) { + result = getAThreadContextAwareSuccessor(start) and + not result = getAThreadContextAwareSuccessor(end) and + not result = end +} + +/** + * A predicate for finding successors of `ControlFlowNode`s that are aware of + * the objects that my flow into a thread's context. This is achieved by adding + * additional edges to thread entry points and function calls. + */ +ControlFlowNode getAThreadContextAwareSuccessorR(ControlFlowNode cfn) { + result = cfn.getASuccessor() + or + result = cfn.(ThreadedCFGPathExtension).getNext() +} + +ControlFlowNode getAThreadContextAwareSuccessor(ControlFlowNode m) { + result = getAThreadContextAwareSuccessorR*(m) and + // for performance reasons we handle back edges by enforcing a lexical + // ordering restriction on these nodes if they are both in + // the same loop. One way of doing this is as follows: + // + // ````and ( + // exists(Loop loop | + // loop.getAChild*() = m and + // loop.getAChild*() = result + // ) + // implies + // not result.getLocation().isBefore(m.getLocation()) + // )``` + // In this implementation we opt for the more generic form below + // which seems to have reasonable performance. + ( + m.getEnclosingStmt().getParentStmt*() = result.getEnclosingStmt().getParentStmt*() + implies + not exists(Location l1, Location l2 | + l1 = result.getLocation() and + l2 = m.getLocation() + | + l1.getEndLine() < l2.getStartLine() + or + l1.getStartLine() = l2.getEndLine() and + l1.getEndColumn() < l2.getStartColumn() + ) + ) +} diff --git a/cpp/common/src/codingstandards/cpp/concurrency/LockProtectedControlFlow.qll b/cpp/common/src/codingstandards/cpp/concurrency/LockProtectedControlFlow.qll new file mode 100644 index 0000000000..a828ec8768 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/concurrency/LockProtectedControlFlow.qll @@ -0,0 +1,49 @@ +import cpp +private import codingstandards.cpp.concurrency.ControlFlow +private import codingstandards.cpp.concurrency.LockingOperation + +/** + * Models a `ControlFlowNode` that is protected by some sort of lock. + */ +class LockProtectedControlFlowNode extends ThreadedCFN { + FunctionCall lockingFunction; + + LockProtectedControlFlowNode() { + exists(LockingOperation lock | + // there is a node that is a lock + lockingFunction = lock and + lock.isLock() and + // this node should be a successor of this lock + this = getAThreadContextAwareSuccessor(lock) and + // and there should not exist a predecessor of this + // node that is an unlock. Since we are doing thread context + // aware tracking it is easier to go forwards than backwards + // in constructing the call graph. Thus we can define predecessor + // in terms of a node that is a successor of the lock but NOT a + // successor of the current node. + not exists(ControlFlowNode unlock | + // it's an unlock + unlock = getAThreadContextAwarePredecessor(lock, this) and + unlock.(MutexFunctionCall).isUnlock() and + // note that we don't check that it's the same lock -- this is left + // to the caller to enforce this condition. + // Because of the way that `getAThreadContextAwarePredecessor` works, it is possible + // for operations PAST it to be technically part of the predecessors. + // Thus, we need to make sure that this node is a + // successor of the unlock in the CFG + getAThreadContextAwareSuccessor(unlock) = this + ) and + (lock instanceof MutexFunctionCall implies not this.(MutexFunctionCall).isUnlock()) + ) + } + + /** + * The `MutexFunctionCall` holding the lock that locks this node. + */ + FunctionCall coveredByLock() { result = lockingFunction } + + /** + * The lock underlying this `LockProtectedControlFlowNode`. + */ + Variable getAProtectingLock() { result = lockingFunction.(LockingOperation).getLock() } +} diff --git a/cpp/common/src/codingstandards/cpp/concurrency/LockingOperation.qll b/cpp/common/src/codingstandards/cpp/concurrency/LockingOperation.qll new file mode 100644 index 0000000000..1dd753d122 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/concurrency/LockingOperation.qll @@ -0,0 +1,240 @@ +import cpp +import semmle.code.cpp.dataflow.TaintTracking + +abstract class LockingOperation extends FunctionCall { + /** + * Returns the target of the lock underlying this RAII-style lock. + */ + abstract Variable getLock(); + + /** + * Returns the lock underlying this RAII-style lock. + */ + abstract Expr getLockExpr(); + + /** + * Holds if this is a lock operation + */ + abstract predicate isLock(); + + /** + * Holds if this is an unlock operation + */ + abstract predicate isUnlock(); + + /** + * Holds if this locking operation is really a locking operation within a + * designated locking operation. This library assumes the underlying locking + * operations are implemented correctly in that calling a `LockingOperation` + * results in the creation of a singular lock. + */ + predicate isLockingOperationWithinLockingOperation(LockingOperation inner) { + exists(LockingOperation outer | outer.getTarget() = inner.getEnclosingFunction()) + } +} + +/** + * Common base class providing an interface into function call + * based mutex locks. + */ +abstract class MutexFunctionCall extends LockingOperation { + abstract predicate isRecursive(); + + abstract predicate isSpeculativeLock(); + + abstract predicate unlocks(MutexFunctionCall fc); +} + +/** + * Models calls to various mutex types found in CPP. + */ +class CPPMutexFunctionCall extends MutexFunctionCall { + VariableAccess var; + + CPPMutexFunctionCall() { + ( + // the non recursive kinds + getTarget().(MemberFunction).getDeclaringType().hasQualifiedName("std", "mutex") or + getTarget().(MemberFunction).getDeclaringType().hasQualifiedName("std", "timed_mutex") or + getTarget().(MemberFunction).getDeclaringType().hasQualifiedName("std", "shared_timed_mutex") or + // the recursive ones + getTarget().(MemberFunction).getDeclaringType().hasQualifiedName("std", "recursive_mutex") or + getTarget() + .(MemberFunction) + .getDeclaringType() + .hasQualifiedName("std", "recursive_timed_mutex") + ) and + var = getQualifier() + } + + /** + * Holds if this mutex is a recursive mutex. + */ + override predicate isRecursive() { + getTarget().(MemberFunction).getDeclaringType().hasQualifiedName("std", "recursive_mutex") or + getTarget().(MemberFunction).getDeclaringType().hasQualifiedName("std", "recursive_timed_mutex") + } + + /** + * Holds if this `CPPMutexFunctionCall` is a lock. + */ + override predicate isLock() { + not isLockingOperationWithinLockingOperation(this) and + getTarget().getName() = "lock" + } + + /** + * Holds if this `CPPMutexFunctionCall` is a speculative lock, defined as calling + * one of the speculative locking functions such as `try_lock`. + */ + override predicate isSpeculativeLock() { + getTarget().getName() in [ + "try_lock", "try_lock_for", "try_lock_until", "try_lock_shared_for", "try_lock_shared_until" + ] + } + + /** + * Returns the lock to which this `CPPMutexFunctionCall` refers to. + */ + override Variable getLock() { result = getQualifier().(VariableAccess).getTarget() } + + /** + * Returns the qualifier for this `CPPMutexFunctionCall`. + */ + override Expr getLockExpr() { result = var } + + /** + * Holds if this is a `unlock` and *may* unlock the previously locked `MutexFunctionCall`. + * This predicate does not check that the mutex is currently locked. + */ + override predicate unlocks(MutexFunctionCall fc) { + isUnlock() and + fc.getQualifier().(VariableAccess).getTarget() = getQualifier().(VariableAccess).getTarget() + } + + /** + * Holds if this is an unlock call. + */ + override predicate isUnlock() { getTarget().getName() = "unlock" } +} + +/** + * Models calls to various mutex types specialized to C code. + */ +class CMutexFunctionCall extends MutexFunctionCall { + Expr arg; + + CMutexFunctionCall() { + // the non recursive kinds + getTarget().getName() = ["mtx_lock", "mtx_unlock", "mtx_timedlock", "mtx_trylock"] and + arg = getArgument(0) + } + + /** + * Holds if this mutex is a recursive mutex. + */ + override predicate isRecursive() { none() } + + /** + * Holds if this `CMutexFunctionCall` is a lock. + */ + override predicate isLock() { + not isLockingOperationWithinLockingOperation(this) and + getTarget().getName() = ["mtx_lock", "mtx_timedlock", "mtx_trylock"] + } + + /** + * Holds if this `CMutexFunctionCall` is a speculative lock, defined as calling + * one of the speculative locking functions such as `try_lock`. + */ + override predicate isSpeculativeLock() { + getTarget().getName() in ["mtx_timedlock", "mtx_trylock"] + } + + /** + * Returns the `Variable` to which this `CMutexFunctionCall` refers to. For this + * style of lock it can reference a number of different variables. + */ + override Variable getLock() { + exists(VariableAccess va | + TaintTracking::localTaint(DataFlow::exprNode(va), DataFlow::exprNode(getLockExpr())) and + result = va.getTarget() + ) + } + + /** + * Returns the expression for this `CMutexFunctionCall`. + */ + override Expr getLockExpr() { result = arg } + + /** + * Holds if this is a `unlock` and *may* unlock the previously locked `CMutexFunctionCall`. + * This predicate does not check that the mutex is currently locked. + */ + override predicate unlocks(MutexFunctionCall fc) { + isUnlock() and + fc.getLock() = getLock() + } + + /** + * Holds if this is an unlock call. + */ + override predicate isUnlock() { getTarget().getName() = "mtx_unlock" } +} + +/** + * Models a RAII-Style lock. + */ +class RAIIStyleLock extends LockingOperation { + VariableAccess lock; + + RAIIStyleLock() { + ( + getTarget().getDeclaringType().hasQualifiedName("std", "lock_guard") or + getTarget().getDeclaringType().hasQualifiedName("std", "unique_lock") or + getTarget().getDeclaringType().hasQualifiedName("std", "scoped_lock") + ) and + ( + lock = getArgument(0).getAChild*() + or + this instanceof DestructorCall and + exists(RAIIStyleLock constructor | + constructor = getQualifier().(VariableAccess).getTarget().getInitializer().getExpr() and + lock = constructor.getArgument(0).getAChild*() + ) + ) + } + + /** + * Holds if this is a lock operation + */ + override predicate isLock() { + not isLockingOperationWithinLockingOperation(this) and + this instanceof ConstructorCall and + lock = getArgument(0).getAChild*() and + // defer_locks don't cause a lock + not exists(Expr exp | + exp = getArgument(1) and + exp.(VariableAccess) + .getTarget() + .getUnderlyingType() + .(Class) + .hasQualifiedName("std", "defer_lock_t") + ) + } + + /** + * Holds if this is an unlock operation + */ + override predicate isUnlock() { this instanceof DestructorCall } + + /** + * Returns the target of the lock underlying this RAII-style lock. + */ + override Variable getLock() { result = lock.getTarget() } + + /** + * Returns the lock underlying this RAII-style lock. + */ + override Expr getLockExpr() { result = lock } +} diff --git a/cpp/common/src/codingstandards/cpp/concurrency/MutexDestroyer.qll b/cpp/common/src/codingstandards/cpp/concurrency/MutexDestroyer.qll new file mode 100644 index 0000000000..915efc6077 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/concurrency/MutexDestroyer.qll @@ -0,0 +1,73 @@ +import cpp + +/** + * Models expressions that destroy mutexes. + */ +abstract class MutexDestroyer extends StmtParent { + /** + * Gets the expression that references the mutex being destroyed. + */ + abstract Expr getMutexExpr(); +} + +/** + * Models C style mutex destruction via `mtx_destroy`. + */ +class C11MutexDestroyer extends MutexDestroyer, FunctionCall { + C11MutexDestroyer() { getTarget().getName() = "mtx_destroy" } + + /** + * Returns the `Expr` being destroyed. + */ + override Expr getMutexExpr() { result = getArgument(0) } +} + +/** + * Models a delete expression -- note it is necessary to add this in + * addition to destructors to handle certain implementations of the + * standard library which obscure the destructors of mutexes. + */ +class DeleteMutexDestroyer extends MutexDestroyer { + DeleteMutexDestroyer() { this instanceof DeleteExpr } + + override Expr getMutexExpr() { this.(DeleteExpr).getExpr() = result } +} + +/** + * Models a possible mutex variable that if it goes + * out of scope would destroy an underlying mutex. + */ +class LocalMutexDestroyer extends MutexDestroyer { + Expr assignedValue; + + LocalMutexDestroyer() { + exists(LocalVariable lv | + // static types aren't destroyers + not lv.isStatic() and + // neither are pointers + not lv.getType() instanceof PointerType and + lv.getAnAssignedValue() = assignedValue and + // map the location to the return statements of the + // enclosing function + exists(ReturnStmt rs | + rs.getEnclosingFunction() = assignedValue.getEnclosingFunction() and + rs = this + ) + ) + } + + override Expr getMutexExpr() { result = assignedValue } +} + +/** + * Models implicit or explicit calls to the destructor of a mutex, either via + * a `delete` statement or a variable going out of scope. + */ +class DestructorMutexDestroyer extends MutexDestroyer, DestructorCall { + DestructorMutexDestroyer() { getTarget().getDeclaringType().hasQualifiedName("std", "mutex") } + + /** + * Returns the `Expr` being deleted. + */ + override Expr getMutexExpr() { getQualifier() = result } +} diff --git a/cpp/common/src/codingstandards/cpp/concurrency/ThreadCreation.qll b/cpp/common/src/codingstandards/cpp/concurrency/ThreadCreation.qll new file mode 100644 index 0000000000..4499b993ad --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/concurrency/ThreadCreation.qll @@ -0,0 +1,62 @@ +import cpp +private import codingstandards.cpp.concurrency.ControlFlow + +/** + * Models a call to a thread constructor via `std::thread`. + */ +class ThreadConstructorCall extends ConstructorCall, ThreadCreationFunction { + Function f; + + ThreadConstructorCall() { + getTarget().getDeclaringType().hasQualifiedName("std", "thread") and + f = getArgument(0).(FunctionAccess).getTarget() + } + + /** + * Returns the function that will be invoked by this `std::thread`. + */ + override Function getFunction() { result = f } + + override ControlFlowNode getNext() { result = getFunction().getEntryPoint() } +} + +/** + * Models a call to a thread creation via `thrd_create` or `pthread_create`. + */ +class CThreadCreateCall extends FunctionCall { + Function f; + int fArgIdx; + + CThreadCreateCall() { + ( + getTarget().getName() = "thrd_create" and + fArgIdx = 1 + or + getTarget().getName() = "pthread_create" and + fArgIdx = 2 + ) and + ( + f = getArgument(fArgIdx).(FunctionAccess).getTarget() or + f = getArgument(fArgIdx).(AddressOfExpr).getOperand().(FunctionAccess).getTarget() + ) + } + + /** + * Returns the function that will be invoked by this thread. + */ + Function getFunction() { result = f } +} + +/** + * Models a call to a thread constructor via `thrd_create`. + */ +class C11ThreadCreateCall extends ThreadCreationFunction, CThreadCreateCall { + C11ThreadCreateCall() { getTarget().getName() = "thrd_create" } + + /** + * Returns the function that will be invoked by this thread. + */ + override Function getFunction() { result = f } + + override ControlFlowNode getNext() { result = getFunction().getEntryPoint() } +} diff --git a/cpp/common/src/codingstandards/cpp/concurrency/ThreadDependentMutex.qll b/cpp/common/src/codingstandards/cpp/concurrency/ThreadDependentMutex.qll new file mode 100644 index 0000000000..f86e94566f --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/concurrency/ThreadDependentMutex.qll @@ -0,0 +1,246 @@ +import cpp +import semmle.code.cpp.dataflow.TaintTracking +private import codingstandards.cpp.concurrency.ControlFlow +private import codingstandards.cpp.concurrency.ThreadedFunction + +abstract class MutexSource extends FunctionCall { } + +/** + * Models a C++ style mutex. + */ +class CPPMutexSource extends MutexSource, ConstructorCall { + CPPMutexSource() { getTarget().getDeclaringType().hasQualifiedName("std", "mutex") } +} + +/** + * Models a C11 style mutex. + */ +class C11MutexSource extends MutexSource, FunctionCall { + C11MutexSource() { getTarget().hasName("mtx_init") } + + Expr getMutexExpr() { result = getArgument(0) } + + Expr getMutexTypeExpr() { result = getArgument(1) } + + predicate isRecursive() { + exists(EnumConstantAccess recursive | + recursive = getMutexTypeExpr().getAChild*() and + recursive.getTarget().hasName("mtx_recursive") + ) + } +} + +/** + * Models a thread dependent mutex. A thread dependent mutex is a mutex + * that is used by a thread. This dependency is established either by directly + * passing in a mutex or by referencing a mutex that is in the local scope. The utility + * of this class is it captures the `DataFlow::Node` source at which the mutex + * came from. For example, if it is passed in from a local function to a thread. + * This functionality is critical, since it allows one to inspect how the thread + * behaves with respect to the owner of a resource. + * + * To model the myriad ways this can happen, the subclasses of this class are + * responsible for implementing the various usage patterns. + */ +abstract class ThreadDependentMutex extends DataFlow::Node { + DataFlow::Node sink; + + DataFlow::Node getASource() { + // the source is either the thing that declared + // the mutex + result = this + or + // or the thread we are using it in + result = getAThreadSource() + } + + /** + * Gets the dataflow nodes corresponding to thread local usages of the + * dependent mutex. + */ + DataFlow::Node getAThreadSource() { + // here we line up the actual parameter at the thread creation + // site with the formal parameter in the target thread. + // Note that there are differences between the C and C++ versions + // of the argument ordering in the thread creation function. However, + // since the C version only takes one parameter (as opposed to multiple) + // we can simplify this search by considering only the first argument. + exists(FunctionCall fc, Function f, int n | + // Get the argument to which the mutex flowed. + fc.getArgument(n) = sink.asExpr() and + // Get the thread function we are calling. + f = fc.getArgument(0).(FunctionAccess).getTarget() and + // in C++, there is an extra argument to the `std::thread` call + // so we must subtract 1 since this is not passed to the thread. + ( + result = DataFlow::exprNode(f.getParameter(n - 1).getAnAccess()) + or + // In C, only one argument is allowed. Thus IF the flow predicate holds, + // it will be to the first argument + result = DataFlow::exprNode(f.getParameter(0).getAnAccess()) + ) + ) + } + + /** + * Produces the set of dataflow nodes to thread creation for threads + * that are dependent on this mutex. + */ + DataFlow::Node getADependentThreadCreationExpr() { + exists(FunctionCall fc | + fc.getAnArgument() = sink.asExpr() and + result = DataFlow::exprNode(fc) + ) + } + + /** + * Gets a set of usages of this mutex in both the local and thread scope. + * In the case of scoped usage, this also captures typical accesses of variables. + */ + DataFlow::Node getAUsage() { TaintTracking::localTaint(getASource(), result) } +} + +/** + * This class models the type of thread/mutex dependency that is established + * through the typical parameter passing mechanisms found in C++. + */ +class FlowBasedThreadDependentMutex extends ThreadDependentMutex { + FlowBasedThreadDependentMutex() { + // some sort of dataflow, likely through parameter passing. + ThreadDependentMutexFlow::flow(this, sink) + } +} + +/** + * This class models the type of thread/mutex dependency that is established by + * either scope based accesses (e.g., global variables) or block scope differences. + */ +class AccessBasedThreadDependentMutex extends ThreadDependentMutex { + Variable variableSource; + + AccessBasedThreadDependentMutex() { + // encapsulates usages from outside scopes not directly expressed + // in dataflow. + exists(MutexSource mutexSrc, ThreadedFunction f | + DataFlow::exprNode(mutexSrc) = this and + // find a variable that was assigned the mutex + TaintTracking::localTaint(DataFlow::exprNode(mutexSrc), + DataFlow::exprNode(variableSource.getAnAssignedValue())) and + // find all subsequent accesses of that variable that are within a + // function and set those to the sink + exists(VariableAccess va | + va = variableSource.getAnAccess() and + va.getEnclosingFunction() = f and + sink = DataFlow::exprNode(va) + ) + ) + } + + override DataFlow::Node getAUsage() { DataFlow::exprNode(variableSource.getAnAccess()) = result } +} + +/** + * In the typical C thread model, a mutex is a created by a function that is not responsible + * for creating the variable. Thus this class encodes a slightly different semantics + * wherein the usage pattern is that of variables that have been both initialized + * and then subsequently passed into a thread directly. + */ +class DeclarationInitBasedThreadDependentMutex extends ThreadDependentMutex { + Variable variableSource; + + DeclarationInitBasedThreadDependentMutex() { + exists(MutexSource ms, ThreadCreationFunction tcf | + this = DataFlow::exprNode(ms) and + // accessed as a mutex source + TaintTracking::localTaint(DataFlow::exprNode(variableSource.getAnAccess()), + DataFlow::exprNode(ms.getAnArgument())) and + // subsequently passed to a thread creation function (order not strictly + // enforced for performance reasons) + sink = DataFlow::exprNode(tcf.getAnArgument()) and + TaintTracking::localTaint(DataFlow::exprNode(variableSource.getAnAccess()), sink) + ) + } + + override DataFlow::Node getAUsage() { + TaintTracking::localTaint(getASource(), result) or + DataFlow::exprNode(variableSource.getAnAccess()) = result + } + + override DataFlow::Node getASource() { + // the source is either the thing that declared + // the mutex + result = this + or + // or the thread we are using it in + result = getAThreadSource() + } + + DataFlow::Node getSink() { result = sink } + + /** + * Gets the dataflow nodes corresponding to thread local usages of the + * dependent mutex. + */ + override DataFlow::Node getAThreadSource() { + // here we line up the actual parameter at the thread creation + // site with the formal parameter in the target thread. + // Note that there are differences between the C and C++ versions + // of the argument ordering in the thread creation function. However, + // since the C version only takes one parameter (as opposed to multiple) + // we can simplify this search by considering only the first argument. + exists( + FunctionCall fc, Function f, int n // CPP Version + | + fc.getArgument(n) = sink.asExpr() and + f = fc.getArgument(0).(FunctionAccess).getTarget() and + // in C++, there is an extra argument to the `std::thread` call + // so we must subtract 1 since this is not passed to the thread. + result = DataFlow::exprNode(f.getParameter(n - 1).getAnAccess()) + ) + or + exists( + FunctionCall fc, Function f // C Version + | + fc.getAnArgument() = sink.asExpr() and + // in C, the second argument is the function + f = fc.getArgument(1).(FunctionAccess).getTarget() and + // in C, the passed argument is always the zeroth argument + result = DataFlow::exprNode(f.getParameter(0).getAnAccess()) + ) + } +} + +/** + * In the typical C model, another way to use mutexes is to work with global variables + * that can be initialized at various points -- one of which must be inside a thread. + * This class encapsulates this pattern. + */ +class DeclarationInitAccessBasedThreadDependentMutex extends ThreadDependentMutex { + Variable variableSource; + + DeclarationInitAccessBasedThreadDependentMutex() { + exists(MutexSource ms, ThreadedFunction tf, VariableAccess va | + this = DataFlow::exprNode(ms) and + // accessed as a mutex source + TaintTracking::localTaint(DataFlow::exprNode(variableSource.getAnAccess()), + DataFlow::exprNode(ms.getAnArgument())) and + // is accessed somewhere else + va = variableSource.getAnAccess() and + sink = DataFlow::exprNode(va) and + // one of which must be a thread + va.getEnclosingFunction() = tf + ) + } + + override DataFlow::Node getAUsage() { result = DataFlow::exprNode(variableSource.getAnAccess()) } +} + +module ThreadDependentMutexConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node node) { node.asExpr() instanceof MutexSource } + + predicate isSink(DataFlow::Node node) { + exists(ThreadCreationFunction f | f.getAnArgument() = node.asExpr()) + } +} + +module ThreadDependentMutexFlow = TaintTracking::Global; diff --git a/cpp/common/src/codingstandards/cpp/concurrency/ThreadSpecificStorage.qll b/cpp/common/src/codingstandards/cpp/concurrency/ThreadSpecificStorage.qll new file mode 100644 index 0000000000..aa7daf972c --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/concurrency/ThreadSpecificStorage.qll @@ -0,0 +1,59 @@ +import cpp +private import semmle.code.cpp.dataflow.DataFlow +private import codingstandards.cpp.concurrency.ThreadCreation + +/** + * Models calls to thread specific storage function calls. + */ +abstract class ThreadSpecificStorageFunctionCall extends FunctionCall { + /** + * Gets the key to which this call references. + */ + Expr getKey() { getArgument(0) = result } +} + +/** + * Models calls to `tss_get`. + */ +class TSSGetFunctionCall extends ThreadSpecificStorageFunctionCall { + TSSGetFunctionCall() { getTarget().getName() = "tss_get" } +} + +/** + * Models calls to `tss_set`. + */ +class TSSSetFunctionCall extends ThreadSpecificStorageFunctionCall { + TSSSetFunctionCall() { getTarget().getName() = "tss_set" } +} + +/** + * Models calls to `tss_create` + */ +class TSSCreateFunctionCall extends ThreadSpecificStorageFunctionCall { + TSSCreateFunctionCall() { getTarget().getName() = "tss_create" } + + predicate hasDeallocator() { + not exists(MacroInvocation mi, NullMacro nm | + getArgument(1) = mi.getExpr() and + mi = nm.getAnInvocation() + ) + } +} + +/** + * Models calls to `tss_delete` + */ +class TSSDeleteFunctionCall extends ThreadSpecificStorageFunctionCall { + TSSDeleteFunctionCall() { getTarget().getName() = "tss_delete" } +} + +/** + * Gets a call to `DeallocationExpr` that deallocates memory owned by thread specific + * storage. + */ +predicate getAThreadSpecificStorageDeallocationCall(C11ThreadCreateCall tcc, DeallocationExpr dexp) { + exists(TSSGetFunctionCall tsg | + tcc.getFunction().getEntryPoint().getASuccessor*() = tsg and + DataFlow::localFlow(DataFlow::exprNode(tsg), DataFlow::exprNode(dexp.getFreedExpr())) + ) +} diff --git a/cpp/common/src/codingstandards/cpp/concurrency/ThreadWaitDetach.qll b/cpp/common/src/codingstandards/cpp/concurrency/ThreadWaitDetach.qll new file mode 100644 index 0000000000..6898dc54df --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/concurrency/ThreadWaitDetach.qll @@ -0,0 +1,41 @@ +import cpp + +/** + * Models thread waiting functions. + */ +abstract class ThreadWait extends FunctionCall { } + +/** + * Models a call to a `std::thread` join. + */ +class CPPThreadWait extends ThreadWait { + VariableAccess var; + + CPPThreadWait() { + getTarget().(MemberFunction).getDeclaringType().hasQualifiedName("std", "thread") and + getTarget().getName() = "join" + } +} + +/** + * Models a call to `thrd_join` in C11. + */ +class C11ThreadWait extends ThreadWait { + VariableAccess var; + + C11ThreadWait() { getTarget().getName() = "thrd_join" } +} + +/** + * Models thread detach functions. + */ +abstract class ThreadDetach extends FunctionCall { } + +/** + * Models a call to `thrd_detach` in C11. + */ +class C11ThreadDetach extends ThreadWait { + VariableAccess var; + + C11ThreadDetach() { getTarget().getName() = "thrd_detach" } +} diff --git a/cpp/common/src/codingstandards/cpp/concurrency/ThreadedFunction.qll b/cpp/common/src/codingstandards/cpp/concurrency/ThreadedFunction.qll new file mode 100644 index 0000000000..a8d2c609c5 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/concurrency/ThreadedFunction.qll @@ -0,0 +1,37 @@ +import cpp +private import codingstandards.cpp.concurrency.ThreadCreation + +/** + * Models a function that may be executed by some thread. + */ +abstract class ThreadedFunctionBase extends Function { + abstract Expr getSpawnExpr(); + + predicate isMultiplySpawned() { getSpawnExpr().getBasicBlock().inLoop() } +} + +final class ThreadedFunction = ThreadedFunctionBase; + +/** + * Models a function that may be executed by some thread via + * C++ standard classes. + */ +class CPPThreadedFunction extends ThreadedFunctionBase { + ThreadConstructorCall tcc; + + CPPThreadedFunction() { tcc.getFunction() = this } + + override Expr getSpawnExpr() { result = tcc } +} + +/** + * Models a function that may be executed by some thread via + * C11 standard functions. + */ +class C11ThreadedFunction extends ThreadedFunctionBase { + C11ThreadCreateCall cc; + + C11ThreadedFunction() { cc.getFunction() = this } + + override Expr getSpawnExpr() { result = cc } +} diff --git a/cpp/common/src/codingstandards/cpp/concurrency/Types.qll b/cpp/common/src/codingstandards/cpp/concurrency/Types.qll new file mode 100644 index 0000000000..3b865d5171 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/concurrency/Types.qll @@ -0,0 +1,29 @@ +import cpp + +class C11MutexType extends TypedefType { + C11MutexType() { this.hasName("mtx_t") } +} + +class C11ThreadType extends TypedefType { + C11ThreadType() { this.hasName("thrd_t") } +} + +class C11ConditionType extends TypedefType { + C11ConditionType() { this.hasName("cnd_t") } +} + +class C11ThreadStorageType extends TypedefType { + C11ThreadStorageType() { this.hasName("tss_t") } +} + +class C11ThreadingObjectType extends TypedefType { + C11ThreadingObjectType() { + this instanceof C11MutexType + or + this instanceof C11ThreadType + or + this instanceof C11ConditionType + or + this instanceof C11ThreadStorageType + } +} diff --git a/cpp/common/src/codingstandards/cpp/dominance/BehavioralSet.qll b/cpp/common/src/codingstandards/cpp/dominance/BehavioralSet.qll new file mode 100644 index 0000000000..ba42246e73 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/dominance/BehavioralSet.qll @@ -0,0 +1,47 @@ +import cpp +import semmle.code.cpp.controlflow.ControlFlowGraph + +signature class TargetNode extends ControlFlowNode; + +signature module DominatingSetConfigSig { + predicate isTargetBehavior(ControlFlowNode behavior, Target target); + + default predicate isBlockingBehavior(ControlFlowNode behavior, Target target) { + none() + } +} + +/** + * A module to find whether there exists a dominator set for a node which performs a relevant + * behavior. + * + * For instance, we may wish to see that all paths leading to an `abort()` statement include a + * logging call. In this case, the `abort()` statement is the `Target` node, and the config module + * predicate `isTargetBehavior` logging statements. + * + * Additionally, the config may specify `isBlockingBehavior` to prevent searching too far for the + * relevant behavior. For instance, if analyzing that all paths to an `fflush()` call are preceded + * by a write, we should ignore paths from write operations that have already been flushed through + * an intermediary `fflush()` call. + */ +module DominatingBehavioralSet Config> { + + /** + * Holds if this search step can reach the entry or a blocking node, without passing through a + * target behavior, indicating that the target is has no relevant dominator set. + */ + private predicate searchStep(ControlFlowNode node, Target target) { + Config::isBlockingBehavior(node, target) + or + not Config::isTargetBehavior(node, target) and + exists (ControlFlowNode prev | prev = node.getAPredecessor() | + searchStep(prev, target) + ) + } + + predicate isDominatedByBehavior(Target target) { + forex(ControlFlowNode prev | prev = target.getAPredecessor() | + not searchStep(prev, target) + ) + } +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency9.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency9.qll new file mode 100644 index 0000000000..b013bbdabb --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Concurrency9.qll @@ -0,0 +1,146 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype Concurrency9Query = + TPossibleDataRaceBetweenThreadsQuery() or + TThreadResourceDisposedBeforeThreadsJoinedQuery() or + TInvalidOperationOnUnlockedMutexQuery() or + TNonRecursiveMutexRecursivelyLockedQuery() or + TNonRecursiveMutexRecursivelyLockedAuditQuery() or + TConditionVariableUsedWithMultipleMutexesQuery() or + TThreadStorageNotInitializedBeforeUseQuery() or + TThreadStoragePointerInitializedInsideThreadQuery() + +predicate isConcurrency9QueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `possibleDataRaceBetweenThreads` query + Concurrency9Package::possibleDataRaceBetweenThreadsQuery() and + queryId = + // `@id` for the `possibleDataRaceBetweenThreads` query + "c/misra/possible-data-race-between-threads" and + ruleId = "DIR-5-1" and + category = "required" + or + query = + // `Query` instance for the `threadResourceDisposedBeforeThreadsJoined` query + Concurrency9Package::threadResourceDisposedBeforeThreadsJoinedQuery() and + queryId = + // `@id` for the `threadResourceDisposedBeforeThreadsJoined` query + "c/misra/thread-resource-disposed-before-threads-joined" and + ruleId = "RULE-22-15" and + category = "required" + or + query = + // `Query` instance for the `invalidOperationOnUnlockedMutex` query + Concurrency9Package::invalidOperationOnUnlockedMutexQuery() and + queryId = + // `@id` for the `invalidOperationOnUnlockedMutex` query + "c/misra/invalid-operation-on-unlocked-mutex" and + ruleId = "RULE-22-17" and + category = "required" + or + query = + // `Query` instance for the `nonRecursiveMutexRecursivelyLocked` query + Concurrency9Package::nonRecursiveMutexRecursivelyLockedQuery() and + queryId = + // `@id` for the `nonRecursiveMutexRecursivelyLocked` query + "c/misra/non-recursive-mutex-recursively-locked" and + ruleId = "RULE-22-18" and + category = "required" + or + query = + // `Query` instance for the `nonRecursiveMutexRecursivelyLockedAudit` query + Concurrency9Package::nonRecursiveMutexRecursivelyLockedAuditQuery() and + queryId = + // `@id` for the `nonRecursiveMutexRecursivelyLockedAudit` query + "c/misra/non-recursive-mutex-recursively-locked-audit" and + ruleId = "RULE-22-18" and + category = "required" + or + query = + // `Query` instance for the `conditionVariableUsedWithMultipleMutexes` query + Concurrency9Package::conditionVariableUsedWithMultipleMutexesQuery() and + queryId = + // `@id` for the `conditionVariableUsedWithMultipleMutexes` query + "c/misra/condition-variable-used-with-multiple-mutexes" and + ruleId = "RULE-22-19" and + category = "required" + or + query = + // `Query` instance for the `threadStorageNotInitializedBeforeUse` query + Concurrency9Package::threadStorageNotInitializedBeforeUseQuery() and + queryId = + // `@id` for the `threadStorageNotInitializedBeforeUse` query + "c/misra/thread-storage-not-initialized-before-use" and + ruleId = "RULE-22-20" and + category = "mandatory" + or + query = + // `Query` instance for the `threadStoragePointerInitializedInsideThread` query + Concurrency9Package::threadStoragePointerInitializedInsideThreadQuery() and + queryId = + // `@id` for the `threadStoragePointerInitializedInsideThread` query + "c/misra/thread-storage-pointer-initialized-inside-thread" and + ruleId = "RULE-22-20" and + category = "mandatory" +} + +module Concurrency9Package { + Query possibleDataRaceBetweenThreadsQuery() { + //autogenerate `Query` type + result = + // `Query` type for `possibleDataRaceBetweenThreads` query + TQueryC(TConcurrency9PackageQuery(TPossibleDataRaceBetweenThreadsQuery())) + } + + Query threadResourceDisposedBeforeThreadsJoinedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `threadResourceDisposedBeforeThreadsJoined` query + TQueryC(TConcurrency9PackageQuery(TThreadResourceDisposedBeforeThreadsJoinedQuery())) + } + + Query invalidOperationOnUnlockedMutexQuery() { + //autogenerate `Query` type + result = + // `Query` type for `invalidOperationOnUnlockedMutex` query + TQueryC(TConcurrency9PackageQuery(TInvalidOperationOnUnlockedMutexQuery())) + } + + Query nonRecursiveMutexRecursivelyLockedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `nonRecursiveMutexRecursivelyLocked` query + TQueryC(TConcurrency9PackageQuery(TNonRecursiveMutexRecursivelyLockedQuery())) + } + + Query nonRecursiveMutexRecursivelyLockedAuditQuery() { + //autogenerate `Query` type + result = + // `Query` type for `nonRecursiveMutexRecursivelyLockedAudit` query + TQueryC(TConcurrency9PackageQuery(TNonRecursiveMutexRecursivelyLockedAuditQuery())) + } + + Query conditionVariableUsedWithMultipleMutexesQuery() { + //autogenerate `Query` type + result = + // `Query` type for `conditionVariableUsedWithMultipleMutexes` query + TQueryC(TConcurrency9PackageQuery(TConditionVariableUsedWithMultipleMutexesQuery())) + } + + Query threadStorageNotInitializedBeforeUseQuery() { + //autogenerate `Query` type + result = + // `Query` type for `threadStorageNotInitializedBeforeUse` query + TQueryC(TConcurrency9PackageQuery(TThreadStorageNotInitializedBeforeUseQuery())) + } + + Query threadStoragePointerInitializedInsideThreadQuery() { + //autogenerate `Query` type + result = + // `Query` type for `threadStoragePointerInitializedInsideThread` query + TQueryC(TConcurrency9PackageQuery(TThreadStoragePointerInitializedInsideThreadQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index bb0e324fd5..6923c1af31 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -14,6 +14,7 @@ import Concurrency4 import Concurrency5 import Concurrency6 import Concurrency8 +import Concurrency9 import Contracts import Contracts1 import Contracts2 @@ -97,6 +98,7 @@ newtype TCQuery = TConcurrency5PackageQuery(Concurrency5Query q) or TConcurrency6PackageQuery(Concurrency6Query q) or TConcurrency8PackageQuery(Concurrency8Query q) or + TConcurrency9PackageQuery(Concurrency9Query q) or TContractsPackageQuery(ContractsQuery q) or TContracts1PackageQuery(Contracts1Query q) or TContracts2PackageQuery(Contracts2Query q) or @@ -180,6 +182,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isConcurrency5QueryMetadata(query, queryId, ruleId, category) or isConcurrency6QueryMetadata(query, queryId, ruleId, category) or isConcurrency8QueryMetadata(query, queryId, ruleId, category) or + isConcurrency9QueryMetadata(query, queryId, ruleId, category) or isContractsQueryMetadata(query, queryId, ruleId, category) or isContracts1QueryMetadata(query, queryId, ruleId, category) or isContracts2QueryMetadata(query, queryId, ruleId, category) or diff --git a/rule_packages/c/Concurrency9.json b/rule_packages/c/Concurrency9.json new file mode 100644 index 0000000000..4bdd6d9a96 --- /dev/null +++ b/rule_packages/c/Concurrency9.json @@ -0,0 +1,158 @@ +{ + "MISRA-C-2012": { + "DIR-5-1": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Threads shall not access the same memory location concurrently without utilization of thread synchronization objects.", + "kind": "problem", + "name": "There shall be no data races between threads", + "precision": "medium", + "severity": "error", + "short_name": "PossibleDataRaceBetweenThreads", + "tags": [ + "correctness", + "concurrency", + "external/misra/c/2012/amendment4" + ] + } + ], + "title": "There shall be no data races between threads" + }, + "RULE-22-15": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Thread synchronization objects and thread-specific storage pointers shall not be destroyed until after all threads accessing them have terminated", + "kind": "problem", + "name": "Thread synchronization objects and thread-specific storage pointers shall not be disposed unsafely", + "precision": "medium", + "severity": "error", + "short_name": "ThreadResourceDisposedBeforeThreadsJoined", + "tags": [ + "correctness", + "concurrency", + "external/misra/c/2012/amendment4" + ] + } + ], + "title": "Thread synchronization objects and thread-specific storage pointers shall not be destroyed until after all threads accessing them have terminated" + }, + "RULE-22-17": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "No thread shall unlock a mutex or call cnd_wait() or cnd_timedwait() for a mutex it has not locked before.", + "kind": "problem", + "name": "No thread shall unlock a mutex or call cnd_wait() or cnd_timedwait() for a mutex it has not locked", + "precision": "high", + "severity": "error", + "short_name": "InvalidOperationOnUnlockedMutex", + "tags": [ + "correctness", + "concurrency", + "external/misra/c/2012/amendment4" + ] + } + ], + "title": "No thread shall unlock a mutex or call cnd_wait() or cnd_timedwait() for a mutex it has not locked before" + }, + "RULE-22-18": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Mutexes initialized with mtx_init() without mtx_recursive shall not be locked by a thread that has previously locked it.", + "kind": "problem", + "name": "Non-recursive mutexes shall not be recursively locked", + "precision": "very-high", + "severity": "error", + "short_name": "NonRecursiveMutexRecursivelyLocked", + "tags": [ + "correctness", + "concurrency", + "external/misra/c/2012/amendment4" + ] + }, + { + "description": "Mutex that may be initialized without mtx_recursive shall not be locked by a thread that has previous may havec locked it.", + "kind": "problem", + "name": "(Audit) Non-recursive mutexes shall not be recursively locked", + "precision": "high", + "severity": "error", + "short_name": "NonRecursiveMutexRecursivelyLockedAudit", + "tags": [ + "correctness", + "concurrency", + "external/misra/c/2012/amendment4", + "audit" + ] + } + ], + "title": "Non-recursive mutexes shall not be recursively locked" + }, + "RULE-22-19": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Standard library functions cnd_wait() and cnd_timedwait() shall specify the same mutex object for each condition object in all calls.", + "kind": "problem", + "name": "A condition variable shall be associated with at most one mutex object", + "precision": "very-high", + "severity": "error", + "short_name": "ConditionVariableUsedWithMultipleMutexes", + "tags": [ + "correctness", + "concurrency", + "external/misra/c/2012/amendment4" + ] + } + ], + "title": "A condition variable shall be associated with at most one mutex object" + }, + "RULE-22-20": { + "properties": { + "obligation": "mandatory" + }, + "queries": [ + { + "description": "Thread specific storage pointers shall be initialized with the standard library functions before using them.", + "kind": "problem", + "name": "Thread-specific storage pointers shall be created before being accessed", + "precision": "high", + "severity": "error", + "short_name": "ThreadStorageNotInitializedBeforeUse", + "tags": [ + "correctness", + "concurrency", + "external/misra/c/2012/amendment4" + ] + }, + { + "description": "Thread specific storage pointers initialized inside of threads may result in indeterministic state.", + "kind": "problem", + "name": "Thread specific storage pointers shall be initialized deterministically", + "precision": "very-high", + "severity": "recommendation", + "short_name": "ThreadStoragePointerInitializedInsideThread", + "tags": [ + "readability", + "maintainability", + "concurrency", + "external/misra/c/2012/amendment4" + ] + } + ], + "title": "Thread-specific storage pointers shall be created before being accessed" + } + } +} \ No newline at end of file diff --git a/rules.csv b/rules.csv index cb0551b586..44c2f00357 100644 --- a/rules.csv +++ b/rules.csv @@ -617,7 +617,7 @@ c,MISRA-C-2012,DIR-4-12,Yes,Required,,,Dynamic memory allocation shall not be us c,MISRA-C-2012,DIR-4-13,No,Advisory,,,Functions which are designed to provide operations on a resource should be called in an appropriate sequence,,,,"Rule 22.1, 22.2 and 22.6 cover aspects of this rule. In other cases this is a design issue and needs to be checked manually." c,MISRA-C-2012,DIR-4-14,Yes,Required,,,The validity of values received from external sources shall be checked,,Contracts8,Hard,This is supported by CodeQLs default C security queries. c,MISRA-C-2012,DIR-4-15,Yes,Required,,,Evaluation of floating-point expressions shall not lead to the undetected generation of infinities and NaNs,FLP32-C and FLP04-C,FloatingTypes2,Medium, -c,MISRA-C-2012,DIR-5-1,Yes,Required,,,There shall be no data races between threads,CON43-C and CON32-C,Concurrency7,Very Hard, +c,MISRA-C-2012,DIR-5-1,Yes,Required,,,There shall be no data races between threads,CON43-C and CON32-C,Concurrency9,Very Hard, c,MISRA-C-2012,DIR-5-2,Yes,Required,,,There shall be no deadlocks between threads,CON35-C,Concurrency6,Import, c,MISRA-C-2012,DIR-5-3,Yes,Required,,,There shall be no dynamic thread creation,,Concurrency6,Easy, c,MISRA-C-2012,RULE-1-1,No,Required,,,"The program shall contain no violations of the standard C syntax and constraints, and shall not exceed the implementation's translation limits",,,Easy,"This should be checked via the compiler output, rather than CodeQL, which adds unnecessary steps." @@ -806,12 +806,12 @@ c,MISRA-C-2012,RULE-22-11,Yes,Required,,,A thread that was previously either joi c,MISRA-C-2012,RULE-22-12,Yes,Mandatory,,,"Thread objects, thread synchronization objects, and thread-specific storage pointers shall only be accessed by the appropriate Standard Library functions",,Concurrency8,Medium, c,MISRA-C-2012,RULE-22-13,Yes,Required,,,"Thread objects, thread synchronization objects, and thread specific storage pointers shall have appropriate storage duration",EXP54-CPP and CON34-C,Concurrency8,Medium, c,MISRA-C-2012,RULE-22-14,Yes,Mandatory,,,Thread synchronization objects shall be initialized before being accessed,EXP53-CPP,Concurrency8,Hard, -c,MISRA-C-2012,RULE-22-15,Yes,Required,,,Thread synchronization objects and thread-specific storage pointers shall not be destroyed until after all threads accessing them have terminated,,Concurrency7,Hard, +c,MISRA-C-2012,RULE-22-15,Yes,Required,,,Thread synchronization objects and thread-specific storage pointers shall not be destroyed until after all threads accessing them have terminated,,Concurrency9,Hard, c,MISRA-C-2012,RULE-22-16,Yes,Required,,,All mutex objects locked by a thread shall be explicitly unlocked by the same thread,MEM51-CPP,Concurrency8,Hard, -c,MISRA-C-2012,RULE-22-17,Yes,Required,,,No thread shall unlock a mutex or call cnd_wait() or cnd_timedwait() for a mutex it has not locked before,Rule 22.2,Concurrency7,Medium, -c,MISRA-C-2012,RULE-22-18,Yes,Required,,,Non-recursive mutexes shall not be recursively locked,CON56-CPP,Concurrency7,Medium, -c,MISRA-C-2012,RULE-22-19,Yes,Required,,,A condition variable shall be associated with at most one mutex object,,Concurrency7,Medium, -c,MISRA-C-2012,RULE-22-20,Yes,Mandatory,,,Thread-specific storage pointers shall be created before being accessed,,Concurrency7,Hard, +c,MISRA-C-2012,RULE-22-17,Yes,Required,,,No thread shall unlock a mutex or call cnd_wait() or cnd_timedwait() for a mutex it has not locked before,Rule 22.2,Concurrency9,Medium, +c,MISRA-C-2012,RULE-22-18,Yes,Required,,,Non-recursive mutexes shall not be recursively locked,CON56-CPP,Concurrency9,Medium, +c,MISRA-C-2012,RULE-22-19,Yes,Required,,,A condition variable shall be associated with at most one mutex object,,Concurrency9,Medium, +c,MISRA-C-2012,RULE-22-20,Yes,Mandatory,,,Thread-specific storage pointers shall be created before being accessed,,Concurrency9,Hard, c,MISRA-C-2012,RULE-23-1,Yes,Advisory,,,A generic selection should only be expanded from a macro,,Generics,Medium, c,MISRA-C-2012,RULE-23-2,Yes,Required,,,A generic selection that is not expanded from a macro shall not contain potential side effects in the controlling expression,,Generics,Hard, c,MISRA-C-2012,RULE-23-3,Yes,Advisory,,,A generic selection should contain at least one non-default association,,Generics,Easy, From 9e35e593bd116a22ae8a9f1e2de2fc41a75c9072 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 18 Feb 2025 23:07:52 +0000 Subject: [PATCH 2420/2573] Deviations: use getADeviationRecord Deviation code identifier markers can have multiple records. --- .../cpp/deviations/CodeIdentifierDeviation.qll | 12 ++++++------ .../codingstandards/cpp/deviations/Deviations.qll | 2 +- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll b/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll index 9a694ccc8f..310a2b678b 100644 --- a/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll +++ b/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll @@ -224,7 +224,7 @@ class DeviationAttribute extends StdAttribute { "\"" + record.getCodeIdentifier() + "\"" = this.getAnArgument().getValueText() } - DeviationRecord getDeviationRecord() { result = record } + DeviationRecord getADeviationRecord() { result = record } pragma[nomagic] Element getASuppressedElement() { @@ -296,12 +296,12 @@ newtype TCodeIndentifierDeviation = endComment.getLocation().hasLocationInfo(filepath, suppressedEndLine, _, _, _) } or TCodeIdentifierDeviation(DeviationRecord record, DeviationAttribute attribute) { - attribute.getDeviationRecord() = record + attribute.getADeviationRecord() = record } class CodeIdentifierDeviation extends TCodeIndentifierDeviation { /** The deviation record associated with the deviation comment. */ - DeviationRecord getDeviationRecord() { + DeviationRecord getADeviationRecord() { this = TSingleLineDeviation(result, _, _, _) or this = TMultiLineDeviation(result, _, _, _, _, _) @@ -341,21 +341,21 @@ class CodeIdentifierDeviation extends TCodeIndentifierDeviation { exists(int suppressedLine | this = TSingleLineDeviation(_, _, filepath, suppressedLine) and result = - "Deviation record " + getDeviationRecord() + " applied to " + filepath + " Line " + + "Deviation record " + getADeviationRecord() + " applied to " + filepath + " Line " + suppressedLine ) or exists(int suppressedStartLine, int suppressedEndLine | this = TMultiLineDeviation(_, _, _, filepath, suppressedStartLine, suppressedEndLine) and result = - "Deviation record " + getDeviationRecord() + " applied to " + filepath + " Line" + + "Deviation record " + getADeviationRecord() + " applied to " + filepath + " Line" + suppressedStartLine + ":" + suppressedEndLine ) ) or exists(DeviationAttribute attribute | this = TCodeIdentifierDeviation(_, attribute) and - result = "Deviation record " + getDeviationRecord() + " applied to " + attribute + result = "Deviation record " + getADeviationRecord() + " applied to " + attribute ) } } diff --git a/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll b/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll index 434d6988e9..e8c030cdd4 100644 --- a/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll +++ b/cpp/common/src/codingstandards/cpp/deviations/Deviations.qll @@ -221,7 +221,7 @@ class DeviationRecord extends XmlElement { } /** Gets a code identifier deviation in code which starts or ends with the code identifier comment. */ - CodeIdentifierDeviation getACodeIdentifierDeviation() { this = result.getDeviationRecord() } + CodeIdentifierDeviation getACodeIdentifierDeviation() { this = result.getADeviationRecord() } /** Gets the `rule-id` specified for this record, if any. */ private string getRawRuleId() { result = getAChild("rule-id").getTextValue() } From b273d0f66fbf252dcc5ab8bb865285fd79bdd3ed Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 18 Feb 2025 23:12:11 +0000 Subject: [PATCH 2421/2573] Deviations: Update expected tests --- .../deviations_basic_test/TypeLongDoubleUsed.expected | 2 +- .../deviations/deviations_basic_test/UnusedReturnValue.expected | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/cpp/common/test/deviations/deviations_basic_test/TypeLongDoubleUsed.expected b/cpp/common/test/deviations/deviations_basic_test/TypeLongDoubleUsed.expected index 172b623195..f2cfd03dc6 100644 --- a/cpp/common/test/deviations/deviations_basic_test/TypeLongDoubleUsed.expected +++ b/cpp/common/test/deviations/deviations_basic_test/TypeLongDoubleUsed.expected @@ -1,7 +1,7 @@ | attribute_syntax.cpp:6:15:6:17 | dd1 | Use of long double type. | | attribute_syntax.cpp:21:15:21:17 | d10 | Use of long double type. | | attribute_syntax.cpp:29:15:29:17 | d14 | Use of long double type. | -| attribute_syntax.cpp:33:20:33:22 | d16 | Use of long double type. | +| attribute_syntax.cpp:34:20:34:22 | d16 | Use of long double type. | | attribute_syntax.cpp:55:15:55:16 | d1 | Use of long double type. | | attribute_syntax.cpp:57:17:57:18 | d2 | Use of long double type. | | attribute_syntax.cpp:60:17:60:18 | d3 | Use of long double type. | diff --git a/cpp/common/test/deviations/deviations_basic_test/UnusedReturnValue.expected b/cpp/common/test/deviations/deviations_basic_test/UnusedReturnValue.expected index 120337ffdc..fc7af4b197 100644 --- a/cpp/common/test/deviations/deviations_basic_test/UnusedReturnValue.expected +++ b/cpp/common/test/deviations/deviations_basic_test/UnusedReturnValue.expected @@ -4,7 +4,7 @@ | attribute_syntax.cpp:24:5:24:8 | call to getZ | Return value from call to $@ is unused. | attribute_syntax.cpp:1:5:1:8 | getZ | getZ | | attribute_syntax.cpp:26:5:26:8 | call to getZ | Return value from call to $@ is unused. | attribute_syntax.cpp:1:5:1:8 | getZ | getZ | | attribute_syntax.cpp:30:3:30:6 | call to getZ | Return value from call to $@ is unused. | attribute_syntax.cpp:1:5:1:8 | getZ | getZ | -| attribute_syntax.cpp:41:3:41:6 | call to getZ | Return value from call to $@ is unused. | attribute_syntax.cpp:1:5:1:8 | getZ | getZ | +| attribute_syntax.cpp:42:3:42:6 | call to getZ | Return value from call to $@ is unused. | attribute_syntax.cpp:1:5:1:8 | getZ | getZ | | attribute_syntax.cpp:49:5:49:8 | call to getZ | Return value from call to $@ is unused. | attribute_syntax.cpp:1:5:1:8 | getZ | getZ | | attribute_syntax.cpp:61:5:61:8 | call to getZ | Return value from call to $@ is unused. | attribute_syntax.cpp:1:5:1:8 | getZ | getZ | | main.cpp:12:3:12:6 | call to getX | Return value from call to $@ is unused. | main.cpp:8:5:8:8 | getX | getX | From 3eecfa05ec5bea6900fbf149f4a3e070b4517afe Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Tue, 18 Feb 2025 20:55:16 -0800 Subject: [PATCH 2422/2573] Update StdFunctionOrMacro with feedback --- .../RULE-9-7/UninitializedAtomicObject.ql | 8 +---- .../cpp/StdFunctionOrMacro.qll | 29 +++++++++---------- 2 files changed, 15 insertions(+), 22 deletions(-) diff --git a/c/misra/src/rules/RULE-9-7/UninitializedAtomicObject.ql b/c/misra/src/rules/RULE-9-7/UninitializedAtomicObject.ql index b6e8bc82bc..dfb096189f 100644 --- a/c/misra/src/rules/RULE-9-7/UninitializedAtomicObject.ql +++ b/c/misra/src/rules/RULE-9-7/UninitializedAtomicObject.ql @@ -30,14 +30,8 @@ class ThreadSpawningFunction extends Function { } } -private string atomicInit() { result = "atomic_init" } - class AtomicInitAddressOfExpr extends AddressOfExpr { - AtomicInitAddressOfExpr() { - exists(StdFunctionOrMacro::Call c | - this = c.getArgument(0) - ) - } + AtomicInitAddressOfExpr() { exists(AtomicInitCall c | this = c.getArgument(0)) } } ControlFlowNode getARequiredInitializationPoint(LocalScopeVariable v) { diff --git a/cpp/common/src/codingstandards/cpp/StdFunctionOrMacro.qll b/cpp/common/src/codingstandards/cpp/StdFunctionOrMacro.qll index 5ae370183d..1067b7ad09 100644 --- a/cpp/common/src/codingstandards/cpp/StdFunctionOrMacro.qll +++ b/cpp/common/src/codingstandards/cpp/StdFunctionOrMacro.qll @@ -31,30 +31,28 @@ import cpp as cpp +private string atomicInit() { result = "atomic_init" } + +class AtomicInitCall = StdFunctionOrMacro::Call; + /** Specify the name of your function as a predicate */ -signature string getName(); +private signature string getName(); /** Signature module to implement custom argument resolution behavior in expanded macros */ -signature module InferMacroExpansionArguments { +private signature module InferMacroExpansionArguments { bindingset[mi, argumentIdx] cpp::Expr inferArgument(cpp::MacroInvocation mi, int argumentIdx); } -/** Assume all subexpressions of an expanded macro may be the result of any ith argument */ -module NoMacroExpansionInference implements InferMacroExpansionArguments { - bindingset[mi, argumentIdx] - cpp::Expr inferArgument(cpp::MacroInvocation mi, int argumentIdx) { - result.getParent*() = mi.getExpr() - } -} - /** Assume macro `f(x, y, ...)` expands to `__c11_f(x, y, ...)`. */ -module C11FunctionWrapperMacro implements InferMacroExpansionArguments { +private module C11FunctionWrapperMacro implements InferMacroExpansionArguments { bindingset[mi, argumentIdx] cpp::Expr inferArgument(cpp::MacroInvocation mi, int argumentIdx) { - if mi.getExpr().(cpp::FunctionCall).getTarget().hasName("__c11_" + mi.getMacroName()) - then result = mi.getExpr().(cpp::FunctionCall).getArgument(argumentIdx) - else result = NoMacroExpansionInference::inferArgument(mi, argumentIdx) + exists(cpp::FunctionCall fc | + fc = mi.getExpr() and + fc.getTarget().hasName("__c11_" + mi.getMacroName()) and + result = mi.getExpr().(cpp::FunctionCall).getArgument(argumentIdx) + ) } } @@ -72,7 +70,8 @@ module C11FunctionWrapperMacro implements InferMacroExpansionArguments { * select c.getArgument(0) * ``` */ -module StdFunctionOrMacro { +private module StdFunctionOrMacro +{ final private class Expr = cpp::Expr; final private class FunctionCall = cpp::FunctionCall; From 42adff5fe8890f07a4f736a2f4a6d9be671bba11 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Tue, 18 Feb 2025 21:14:25 -0800 Subject: [PATCH 2423/2573] Formatting & json validation --- c/common/src/codingstandards/c/SubObjects.qll | 10 +++------- .../c/initialization/GlobalInitializationAnalysis.qll | 2 +- rule_packages/c/Concurrency9.json | 4 ++-- schemas/rule-package.schema.json | 1 + 4 files changed, 7 insertions(+), 10 deletions(-) diff --git a/c/common/src/codingstandards/c/SubObjects.qll b/c/common/src/codingstandards/c/SubObjects.qll index d7aa1e976b..282b0fb5eb 100644 --- a/c/common/src/codingstandards/c/SubObjects.qll +++ b/c/common/src/codingstandards/c/SubObjects.qll @@ -44,12 +44,10 @@ class SubObject extends TSubObject { /** * Holds for object roots and for member accesses on that root, not for array accesses. - * + * * This is useful for cases where we do not wish to treat `x[y]` and `x[z]` as the same object. */ - predicate isPrecise() { - not getParent*() = TObjectIndex(_) - } + predicate isPrecise() { not getParent*() = TObjectIndex(_) } SubObject getParent() { exists(SubObject struct, MemberVariable m | @@ -79,9 +77,7 @@ class SubObject extends TSubObject { result.(ArrayExpr).getArrayBase() = getParent().getAnAccess() } - AddressOfExpr getAnAddressOfExpr() { - result.getOperand() = this.getAnAccess() - } + AddressOfExpr getAnAddressOfExpr() { result.getOperand() = this.getAnAccess() } ObjectIdentity getRootIdentity() { exists(ObjectIdentity i | diff --git a/c/common/src/codingstandards/c/initialization/GlobalInitializationAnalysis.qll b/c/common/src/codingstandards/c/initialization/GlobalInitializationAnalysis.qll index d2974f9924..90d0a4630a 100644 --- a/c/common/src/codingstandards/c/initialization/GlobalInitializationAnalysis.qll +++ b/c/common/src/codingstandards/c/initialization/GlobalInitializationAnalysis.qll @@ -4,7 +4,7 @@ import codingstandards.cpp.Concurrency import codingstandards.cpp.Type signature module GlobalInitializationAnalysisConfigSig { - /** A function which is not called or started as a thread */ + /** A function which is not called or started as a thread */ default predicate isRootFunction(Function f) { not exists(Function f2 | f2.calls(f)) and not f instanceof ThreadedFunction diff --git a/rule_packages/c/Concurrency9.json b/rule_packages/c/Concurrency9.json index 4bdd6d9a96..39c5cc58a8 100644 --- a/rule_packages/c/Concurrency9.json +++ b/rule_packages/c/Concurrency9.json @@ -27,7 +27,7 @@ }, "queries": [ { - "description": "Thread synchronization objects and thread-specific storage pointers shall not be destroyed until after all threads accessing them have terminated", + "description": "Thread synchronization objects and thread-specific storage pointers shall not be destroyed until after all threads accessing them have terminated.", "kind": "problem", "name": "Thread synchronization objects and thread-specific storage pointers shall not be disposed unsafely", "precision": "medium", @@ -92,7 +92,7 @@ "correctness", "concurrency", "external/misra/c/2012/amendment4", - "audit" + "external/misra/audit" ] } ], diff --git a/schemas/rule-package.schema.json b/schemas/rule-package.schema.json index 64fac6f396..b4f729afe2 100644 --- a/schemas/rule-package.schema.json +++ b/schemas/rule-package.schema.json @@ -342,6 +342,7 @@ "external/autosar/strict", "scope/single-translation-unit", "scope/system", + "external/misra/audit", "external/misra/c/2012/third-edition-first-revision", "external/misra/c/2012/amendment2", "external/misra/c/2012/amendment3", From 96171eeea1df7f033c7fc03c75804d7113aa1d7f Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Tue, 18 Feb 2025 21:16:16 -0800 Subject: [PATCH 2424/2573] cpp format --- .../cpp/dominance/BehavioralSet.qll | 43 ++++++++----------- 1 file changed, 18 insertions(+), 25 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/dominance/BehavioralSet.qll b/cpp/common/src/codingstandards/cpp/dominance/BehavioralSet.qll index ba42246e73..8609e3213b 100644 --- a/cpp/common/src/codingstandards/cpp/dominance/BehavioralSet.qll +++ b/cpp/common/src/codingstandards/cpp/dominance/BehavioralSet.qll @@ -4,44 +4,37 @@ import semmle.code.cpp.controlflow.ControlFlowGraph signature class TargetNode extends ControlFlowNode; signature module DominatingSetConfigSig { - predicate isTargetBehavior(ControlFlowNode behavior, Target target); + predicate isTargetBehavior(ControlFlowNode behavior, Target target); - default predicate isBlockingBehavior(ControlFlowNode behavior, Target target) { - none() - } + default predicate isBlockingBehavior(ControlFlowNode behavior, Target target) { none() } } /** * A module to find whether there exists a dominator set for a node which performs a relevant * behavior. - * + * * For instance, we may wish to see that all paths leading to an `abort()` statement include a * logging call. In this case, the `abort()` statement is the `Target` node, and the config module * predicate `isTargetBehavior` logging statements. - * + * * Additionally, the config may specify `isBlockingBehavior` to prevent searching too far for the * relevant behavior. For instance, if analyzing that all paths to an `fflush()` call are preceded * by a write, we should ignore paths from write operations that have already been flushed through * an intermediary `fflush()` call. */ module DominatingBehavioralSet Config> { + /** + * Holds if this search step can reach the entry or a blocking node, without passing through a + * target behavior, indicating that the target is has no relevant dominator set. + */ + private predicate searchStep(ControlFlowNode node, Target target) { + Config::isBlockingBehavior(node, target) + or + not Config::isTargetBehavior(node, target) and + exists(ControlFlowNode prev | prev = node.getAPredecessor() | searchStep(prev, target)) + } - /** - * Holds if this search step can reach the entry or a blocking node, without passing through a - * target behavior, indicating that the target is has no relevant dominator set. - */ - private predicate searchStep(ControlFlowNode node, Target target) { - Config::isBlockingBehavior(node, target) - or - not Config::isTargetBehavior(node, target) and - exists (ControlFlowNode prev | prev = node.getAPredecessor() | - searchStep(prev, target) - ) - } - - predicate isDominatedByBehavior(Target target) { - forex(ControlFlowNode prev | prev = target.getAPredecessor() | - not searchStep(prev, target) - ) - } -} \ No newline at end of file + predicate isDominatedByBehavior(Target target) { + forex(ControlFlowNode prev | prev = target.getAPredecessor() | not searchStep(prev, target)) + } +} From 2f619a4a82e025154b03fdbf86a77931041a1445 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 20 Feb 2025 00:26:53 -0800 Subject: [PATCH 2425/2573] Fix performance issue in ResourceLeakAnalysis.qll --- .../codingstandards/cpp/resources/ResourceLeakAnalysis.qll | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/resources/ResourceLeakAnalysis.qll b/cpp/common/src/codingstandards/cpp/resources/ResourceLeakAnalysis.qll index 7d767b5cb4..d1c1a369ef 100644 --- a/cpp/common/src/codingstandards/cpp/resources/ResourceLeakAnalysis.qll +++ b/cpp/common/src/codingstandards/cpp/resources/ResourceLeakAnalysis.qll @@ -1,6 +1,6 @@ import cpp import semmle.code.cpp.dataflow.DataFlow -import semmle.code.cpp.valuenumbering.GlobalValueNumbering +import semmle.code.cpp.valuenumbering.HashCons import semmle.code.cpp.controlflow.Dominance import codeql.util.Boolean @@ -40,13 +40,14 @@ signature module ResourceLeakConfigSig { predicate isFree(ControlFlowNode node, DataFlow::Node resource); + bindingset[node] default DataFlow::Node getAnAlias(DataFlow::Node node) { DataFlow::localFlow(node, result) or exists(Expr current, Expr after | current in [node.asExpr(), node.asDefiningArgument()] and after in [result.asExpr(), result.asDefiningArgument()] and - globalValueNumber(current) = globalValueNumber(after) and + hashCons(current) = hashCons(after) and strictlyDominates(current, after) ) } From 1c86573cb785615a5e050b4556dc98b1209df743 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 20 Feb 2025 17:48:08 -0800 Subject: [PATCH 2426/2573] Remove getAnAliasRecursive() --- c/misra/test/rules/RULE-22-16/test.c | 8 ++++++++ .../cpp/resources/ResourceLeakAnalysis.qll | 15 +-------------- 2 files changed, 9 insertions(+), 14 deletions(-) diff --git a/c/misra/test/rules/RULE-22-16/test.c b/c/misra/test/rules/RULE-22-16/test.c index 00764645a4..d0d4f6ddcd 100644 --- a/c/misra/test/rules/RULE-22-16/test.c +++ b/c/misra/test/rules/RULE-22-16/test.c @@ -104,4 +104,12 @@ void f15(int p) { } mtx_unlock(&m); } +} + +void f16(int p) { + mtx_t* ptr; + mtx_t *ptr_m1 = ptr; + mtx_t *ptr_m2 = ptr; + mtx_lock(ptr_m1); // COMPLIANT[FALSE_POSITIVE] + mtx_unlock(ptr_m2); } \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/resources/ResourceLeakAnalysis.qll b/cpp/common/src/codingstandards/cpp/resources/ResourceLeakAnalysis.qll index d1c1a369ef..3dd61e934d 100644 --- a/cpp/common/src/codingstandards/cpp/resources/ResourceLeakAnalysis.qll +++ b/cpp/common/src/codingstandards/cpp/resources/ResourceLeakAnalysis.qll @@ -64,19 +64,6 @@ module ResourceLeak { Config::isAllocate(cfgNode, resource) } - /** - * Get an alias of a resource, and aliases of nodes that are aliased by a resource. - */ - private DataFlow::Node getAnAliasRecursive(DataFlow::Node node) { - result = Config::getAnAlias(node) and - Config::isAllocate(_, node) - or - exists(DataFlow::Node parent | - node = getAnAliasRecursive(parent) and - result = Config::getAnAlias(parent) - ) - } - private predicate isLeakedAtControlPoint(TResource resource, ControlFlowNode cfgNode) { // Holds if this control point is where the resource was allocated (and therefore not freed). resource = TJustResource(_, cfgNode) @@ -86,7 +73,7 @@ module ResourceLeak { isLeakedAtControlPoint(resource, cfgNode.getAPredecessor()) and not exists(DataFlow::Node freed, DataFlow::Node resourceNode | Config::isFree(cfgNode, freed) and - freed = getAnAliasRecursive(resourceNode) and + freed = Config::getAnAlias(resourceNode) and resource = TJustResource(resourceNode, _) ) } From 56f2996bb0758fe693c87cf87d645d975ae0ec1a Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 20 Feb 2025 18:21:12 -0800 Subject: [PATCH 2427/2573] Add change note --- .../2025-02-20-rule-22-16-update-aliasing-for-performance.md | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 change_notes/2025-02-20-rule-22-16-update-aliasing-for-performance.md diff --git a/change_notes/2025-02-20-rule-22-16-update-aliasing-for-performance.md b/change_notes/2025-02-20-rule-22-16-update-aliasing-for-performance.md new file mode 100644 index 0000000000..80ff92748f --- /dev/null +++ b/change_notes/2025-02-20-rule-22-16-update-aliasing-for-performance.md @@ -0,0 +1,3 @@ + - `RULE-22-16`, `ERR57-CPP`, `A15-1-4` - `MutexObjectsNotAlwaysUnlocked.ql`, `DoNotLeakResourcesWhenHandlingExceptions.ql`, `ValidResourcesStateBeforeThrow.ql`: + - Shared module `ResourceLeakAnalysis.qll` changed to not get aliases recursively for simplicity and improved performance. The recent update to these queries had logic intending to handle the case where an allocation node is an alias of a parent node, and the free operation releases that parent node. However, the behavior was incorrectly defined and not working, and in the presence of performance issues this behavior has been removed. + - (`RULE-22-16` only) The alias behavior has been updated to compare expressions with `HashCons` instead of `GlobalValueNumbering` for higher performance. GVN is more expensive generally, seemed to introduce low performance joins secondarily, and is stricter than `HashCons` in a contravening position, meaning a stricter analysis introduces a higher likelihood of false positives. \ No newline at end of file From 81663048818818eee39004e9d85f25a43ecad6ae Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 20 Feb 2025 18:48:40 -0800 Subject: [PATCH 2428/2573] format new test case --- c/misra/test/rules/RULE-22-16/test.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/misra/test/rules/RULE-22-16/test.c b/c/misra/test/rules/RULE-22-16/test.c index d0d4f6ddcd..c97fb3d588 100644 --- a/c/misra/test/rules/RULE-22-16/test.c +++ b/c/misra/test/rules/RULE-22-16/test.c @@ -107,7 +107,7 @@ void f15(int p) { } void f16(int p) { - mtx_t* ptr; + mtx_t *ptr; mtx_t *ptr_m1 = ptr; mtx_t *ptr_m2 = ptr; mtx_lock(ptr_m1); // COMPLIANT[FALSE_POSITIVE] From 5a5f8b78901ff01ac12714b4c36576b5a23edce9 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 20 Feb 2025 22:55:24 -0800 Subject: [PATCH 2429/2573] Commit changed test expectations --- .../test/rules/RULE-22-16/MutexObjectsNotAlwaysUnlocked.expected | 1 + 1 file changed, 1 insertion(+) diff --git a/c/misra/test/rules/RULE-22-16/MutexObjectsNotAlwaysUnlocked.expected b/c/misra/test/rules/RULE-22-16/MutexObjectsNotAlwaysUnlocked.expected index dbee52ed58..46a295d75f 100644 --- a/c/misra/test/rules/RULE-22-16/MutexObjectsNotAlwaysUnlocked.expected +++ b/c/misra/test/rules/RULE-22-16/MutexObjectsNotAlwaysUnlocked.expected @@ -7,3 +7,4 @@ WARNING: module 'DataFlow' has been deprecated and may be removed in future (Mut | test.c:72:3:72:10 | call to mtx_lock | Mutex 'g1' is locked here and may not always be subsequently unlocked. | | test.c:79:3:79:10 | call to mtx_lock | Mutex 'm' is locked here and may not always be subsequently unlocked. | | test.c:101:5:101:12 | call to mtx_lock | Mutex 'm' is locked here and may not always be subsequently unlocked. | +| test.c:113:3:113:10 | call to mtx_lock | Mutex 'ptr_m1' is locked here and may not always be subsequently unlocked. | From 614c7ab925faab73b9cf1aeb51a43c8cdf62b679 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Wed, 5 Mar 2025 09:31:29 +0000 Subject: [PATCH 2430/2573] Update change_notes/2025-02-17-iofstream-performance.md Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- change_notes/2025-02-17-iofstream-performance.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/change_notes/2025-02-17-iofstream-performance.md b/change_notes/2025-02-17-iofstream-performance.md index 8a0be4c3ac..8e566d3778 100644 --- a/change_notes/2025-02-17-iofstream-performance.md +++ b/change_notes/2025-02-17-iofstream-performance.md @@ -1,2 +1,2 @@ - - `A27-0-3`, `FIO309-C` `FIO50-CPP`, `RULE-30-0-2` - `InterleavedInputOutputWithoutFlush.ql`, `DoNotAlternatelyIOFromStreamWithoutPositioning.ql`,`InterleavedInputOutputWithoutPosition.ql`, `ReadsAndWritesOnStreamNotSeparatedByPositioning.ql`: + - `A27-0-3`, `FIO309-C`, `FIO50-CPP`, `RULE-30-0-2` - `InterleavedInputOutputWithoutFlush.ql`, `DoNotAlternatelyIOFromStreamWithoutPositioning.ql`, `InterleavedInputOutputWithoutPosition.ql`, `ReadsAndWritesOnStreamNotSeparatedByPositioning.ql`: - Reduce evaluation time on complex codebases. \ No newline at end of file From 70c776ae2148b7b4a66134ba9c9c47846d8345d0 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 9 Mar 2025 11:24:54 +0000 Subject: [PATCH 2431/2573] RULE-8-7: Restructure test Move single translation unit items into the translation unit, not the shared header. --- .../RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.expected | 6 +++--- c/misra/test/rules/RULE-8-7/test.c | 3 +++ c/misra/test/rules/RULE-8-7/test.h | 5 +---- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/c/misra/test/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.expected b/c/misra/test/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.expected index b6a53071d9..fb0b975e88 100644 --- a/c/misra/test/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.expected +++ b/c/misra/test/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.expected @@ -1,3 +1,3 @@ -| test.h:2:12:2:13 | i1 | Declaration with external linkage is accessed in only one translation unit $@. | test.c:4:3:4:4 | i1 | i1 | -| test.h:3:5:3:6 | i2 | Declaration with external linkage is accessed in only one translation unit $@. | test.c:5:3:5:4 | i2 | i2 | -| test.h:5:13:5:14 | f2 | Declaration with external linkage is accessed in only one translation unit $@. | test.c:7:3:7:4 | call to f2 | call to f2 | +| test.c:2:5:2:6 | i2 | Declaration with external linkage is accessed in only one translation unit $@. | test.c:8:3:8:4 | i2 | i2 | +| test.h:2:12:2:13 | i1 | Declaration with external linkage is accessed in only one translation unit $@. | test.c:7:3:7:4 | i1 | i1 | +| test.h:4:13:4:14 | f2 | Declaration with external linkage is accessed in only one translation unit $@. | test.c:10:3:10:4 | call to f2 | call to f2 | diff --git a/c/misra/test/rules/RULE-8-7/test.c b/c/misra/test/rules/RULE-8-7/test.c index b2cc2a0684..5b83445944 100644 --- a/c/misra/test/rules/RULE-8-7/test.c +++ b/c/misra/test/rules/RULE-8-7/test.c @@ -1,4 +1,7 @@ #include "test.h" +int i2; // NON_COMPLIANT - accessed one translation unit +static void f3(); // COMPLIANT - internal linkage +extern void f3(); // COMPLIANT - internal linkage void f() { i = 0; i1 = 0; diff --git a/c/misra/test/rules/RULE-8-7/test.h b/c/misra/test/rules/RULE-8-7/test.h index 692bb8e3db..218ec18c23 100644 --- a/c/misra/test/rules/RULE-8-7/test.h +++ b/c/misra/test/rules/RULE-8-7/test.h @@ -1,7 +1,4 @@ extern int i; // COMPLIANT - accessed multiple translation units extern int i1; // NON_COMPLIANT - accessed one translation unit -int i2; // NON_COMPLIANT - accessed one translation unit extern void f1(); // COMPLIANT - accessed multiple translation units -extern void f2(); // NON_COMPLIANT - accessed one translation unit -static void f3(); // COMPLIANT - internal linkage -extern void f3(); // COMPLIANT - internal linkage \ No newline at end of file +extern void f2(); // NON_COMPLIANT - accessed one translation unit \ No newline at end of file From 32fd091717729020734010580bf4b5775851b765 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 9 Mar 2025 11:28:46 +0000 Subject: [PATCH 2432/2573] RULE-8-7: Add appropriate definitions to test Ensure definitions occur in one translation unit only. --- .../ShouldNotBeDefinedWithExternalLinkage.expected | 6 +++--- c/misra/test/rules/RULE-8-7/test.c | 9 ++++++--- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/c/misra/test/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.expected b/c/misra/test/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.expected index fb0b975e88..5f04b41ac0 100644 --- a/c/misra/test/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.expected +++ b/c/misra/test/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.expected @@ -1,3 +1,3 @@ -| test.c:2:5:2:6 | i2 | Declaration with external linkage is accessed in only one translation unit $@. | test.c:8:3:8:4 | i2 | i2 | -| test.h:2:12:2:13 | i1 | Declaration with external linkage is accessed in only one translation unit $@. | test.c:7:3:7:4 | i1 | i1 | -| test.h:4:13:4:14 | f2 | Declaration with external linkage is accessed in only one translation unit $@. | test.c:10:3:10:4 | call to f2 | call to f2 | +| test.c:3:5:3:6 | i1 | Declaration with external linkage is accessed in only one translation unit $@. | test.c:10:3:10:4 | i1 | i1 | +| test.c:4:5:4:6 | i2 | Declaration with external linkage is accessed in only one translation unit $@. | test.c:11:3:11:4 | i2 | i2 | +| test.c:6:6:6:7 | f2 | Declaration with external linkage is accessed in only one translation unit $@. | test.c:13:3:13:4 | call to f2 | call to f2 | diff --git a/c/misra/test/rules/RULE-8-7/test.c b/c/misra/test/rules/RULE-8-7/test.c index 5b83445944..dc59be7394 100644 --- a/c/misra/test/rules/RULE-8-7/test.c +++ b/c/misra/test/rules/RULE-8-7/test.c @@ -1,7 +1,10 @@ #include "test.h" -int i2; // NON_COMPLIANT - accessed one translation unit -static void f3(); // COMPLIANT - internal linkage -extern void f3(); // COMPLIANT - internal linkage +int i = 0; +int i1 = 0; +int i2; // NON_COMPLIANT - accessed one translation unit +void f1() {} // Definition +void f2() {} // Definition +static void f3() {}; // COMPLIANT - internal linkage void f() { i = 0; i1 = 0; From 39f7c94a661c90c6903e092885e3c0d2b095330e Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 9 Mar 2025 11:34:36 +0000 Subject: [PATCH 2433/2573] RULE-8-7: Require the reference to exist in the same TU The translation unit of the definition needs to be the same as the translation unit of the reference, otherwise it is not eligible for internal linkage. --- .../rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.ql | 4 +++- .../RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.expected | 6 +++--- c/misra/test/rules/RULE-8-7/test.c | 1 + c/misra/test/rules/RULE-8-7/test.h | 3 ++- c/misra/test/rules/RULE-8-7/test1.c | 1 + 5 files changed, 10 insertions(+), 5 deletions(-) diff --git a/c/misra/src/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.ql b/c/misra/src/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.ql index faa915fdd5..7b882821b8 100644 --- a/c/misra/src/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.ql +++ b/c/misra/src/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.ql @@ -51,6 +51,8 @@ where not exists(TranslationUnit t2 | isReferencedInTranslationUnit(e, _, t2) and not t1 = t2 - ) + ) and + // Definition is also in the same translation unit + e.getDefinition().getFile() = t1.getAUserFile() select e, "Declaration with external linkage is accessed in only one translation unit $@.", a1, a1.toString() diff --git a/c/misra/test/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.expected b/c/misra/test/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.expected index 5f04b41ac0..d2a6b0e53f 100644 --- a/c/misra/test/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.expected +++ b/c/misra/test/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.expected @@ -1,3 +1,3 @@ -| test.c:3:5:3:6 | i1 | Declaration with external linkage is accessed in only one translation unit $@. | test.c:10:3:10:4 | i1 | i1 | -| test.c:4:5:4:6 | i2 | Declaration with external linkage is accessed in only one translation unit $@. | test.c:11:3:11:4 | i2 | i2 | -| test.c:6:6:6:7 | f2 | Declaration with external linkage is accessed in only one translation unit $@. | test.c:13:3:13:4 | call to f2 | call to f2 | +| test.c:3:5:3:6 | i1 | Declaration with external linkage is accessed in only one translation unit $@. | test.c:11:3:11:4 | i1 | i1 | +| test.c:4:5:4:6 | i2 | Declaration with external linkage is accessed in only one translation unit $@. | test.c:12:3:12:4 | i2 | i2 | +| test.c:6:6:6:7 | f2 | Declaration with external linkage is accessed in only one translation unit $@. | test.c:14:3:14:4 | call to f2 | call to f2 | diff --git a/c/misra/test/rules/RULE-8-7/test.c b/c/misra/test/rules/RULE-8-7/test.c index dc59be7394..591f15a2c4 100644 --- a/c/misra/test/rules/RULE-8-7/test.c +++ b/c/misra/test/rules/RULE-8-7/test.c @@ -5,6 +5,7 @@ int i2; // NON_COMPLIANT - accessed one translation unit void f1() {} // Definition void f2() {} // Definition static void f3() {}; // COMPLIANT - internal linkage +void f4() {} // Definition void f() { i = 0; i1 = 0; diff --git a/c/misra/test/rules/RULE-8-7/test.h b/c/misra/test/rules/RULE-8-7/test.h index 218ec18c23..2b997928bd 100644 --- a/c/misra/test/rules/RULE-8-7/test.h +++ b/c/misra/test/rules/RULE-8-7/test.h @@ -1,4 +1,5 @@ extern int i; // COMPLIANT - accessed multiple translation units extern int i1; // NON_COMPLIANT - accessed one translation unit extern void f1(); // COMPLIANT - accessed multiple translation units -extern void f2(); // NON_COMPLIANT - accessed one translation unit \ No newline at end of file +extern void f2(); // NON_COMPLIANT - accessed one translation unit +extern void f4(); // COMPLIANT - accessed across translation units \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-7/test1.c b/c/misra/test/rules/RULE-8-7/test1.c index 77377e78df..c0ed69c7d0 100644 --- a/c/misra/test/rules/RULE-8-7/test1.c +++ b/c/misra/test/rules/RULE-8-7/test1.c @@ -2,4 +2,5 @@ void f() { i = 0; f1(); + f4(); } \ No newline at end of file From d6710e0c64acb7ac72dc2bef72d48d17a0711e65 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 9 Mar 2025 11:37:42 +0000 Subject: [PATCH 2434/2573] RULE-8-7: Only report external identifiers with definitions --- .../rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.ql | 2 ++ c/misra/test/rules/RULE-8-7/test.h | 3 ++- c/misra/test/rules/RULE-8-7/test1.c | 1 + 3 files changed, 5 insertions(+), 1 deletion(-) diff --git a/c/misra/src/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.ql b/c/misra/src/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.ql index 7b882821b8..db8623d9f2 100644 --- a/c/misra/src/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.ql +++ b/c/misra/src/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.ql @@ -46,6 +46,8 @@ predicate isReferencedInTranslationUnit( from ExternalIdentifiers e, ExternalIdentifierReference a1, TranslationUnit t1 where not isExcluded(e, Declarations6Package::shouldNotBeDefinedWithExternalLinkageQuery()) and + // Only report external identifiers where we see the definition + e.hasDefinition() and isReferencedInTranslationUnit(e, a1, t1) and // Not referenced in any other translation unit not exists(TranslationUnit t2 | diff --git a/c/misra/test/rules/RULE-8-7/test.h b/c/misra/test/rules/RULE-8-7/test.h index 2b997928bd..782099de02 100644 --- a/c/misra/test/rules/RULE-8-7/test.h +++ b/c/misra/test/rules/RULE-8-7/test.h @@ -2,4 +2,5 @@ extern int i; // COMPLIANT - accessed multiple translation units extern int i1; // NON_COMPLIANT - accessed one translation unit extern void f1(); // COMPLIANT - accessed multiple translation units extern void f2(); // NON_COMPLIANT - accessed one translation unit -extern void f4(); // COMPLIANT - accessed across translation units \ No newline at end of file +extern void f4(); // COMPLIANT - accessed across translation units +extern void f5(); // COMPLIANT - no definition \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-7/test1.c b/c/misra/test/rules/RULE-8-7/test1.c index c0ed69c7d0..6d1eab16d0 100644 --- a/c/misra/test/rules/RULE-8-7/test1.c +++ b/c/misra/test/rules/RULE-8-7/test1.c @@ -3,4 +3,5 @@ void f() { i = 0; f1(); f4(); + f5(); } \ No newline at end of file From 569fa76250457eb2a6e05081c4365e15c96181b4 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 9 Mar 2025 18:39:50 +0000 Subject: [PATCH 2435/2573] RULE-8-7: Support use in headers. --- .../rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.ql | 3 ++- .../RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.expected | 1 + c/misra/test/rules/RULE-8-7/test1.c | 2 +- c/misra/test/rules/RULE-8-7/test2.h | 3 +++ 4 files changed, 7 insertions(+), 2 deletions(-) create mode 100644 c/misra/test/rules/RULE-8-7/test2.h diff --git a/c/misra/src/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.ql b/c/misra/src/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.ql index db8623d9f2..9cdd6532a9 100644 --- a/c/misra/src/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.ql +++ b/c/misra/src/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.ql @@ -40,7 +40,8 @@ predicate isReferencedInTranslationUnit( ExternalIdentifiers e, ExternalIdentifierReference r, TranslationUnit t ) { r.getExternalIdentifierTarget() = e and - r.getFile() = t + // Used within the translation unit or an included header + r.getFile() = t.getAUserFile() } from ExternalIdentifiers e, ExternalIdentifierReference a1, TranslationUnit t1 diff --git a/c/misra/test/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.expected b/c/misra/test/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.expected index d2a6b0e53f..6610bf236e 100644 --- a/c/misra/test/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.expected +++ b/c/misra/test/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.expected @@ -1,3 +1,4 @@ +| test2.h:2:13:2:14 | f6 | Declaration with external linkage is accessed in only one translation unit $@. | test2.h:3:22:3:23 | call to f6 | call to f6 | | test.c:3:5:3:6 | i1 | Declaration with external linkage is accessed in only one translation unit $@. | test.c:11:3:11:4 | i1 | i1 | | test.c:4:5:4:6 | i2 | Declaration with external linkage is accessed in only one translation unit $@. | test.c:12:3:12:4 | i2 | i2 | | test.c:6:6:6:7 | f2 | Declaration with external linkage is accessed in only one translation unit $@. | test.c:14:3:14:4 | call to f2 | call to f2 | diff --git a/c/misra/test/rules/RULE-8-7/test1.c b/c/misra/test/rules/RULE-8-7/test1.c index 6d1eab16d0..5c3b3759c9 100644 --- a/c/misra/test/rules/RULE-8-7/test1.c +++ b/c/misra/test/rules/RULE-8-7/test1.c @@ -1,4 +1,4 @@ -#include "test.h" +#include "test2.h" void f() { i = 0; f1(); diff --git a/c/misra/test/rules/RULE-8-7/test2.h b/c/misra/test/rules/RULE-8-7/test2.h new file mode 100644 index 0000000000..d203c3259a --- /dev/null +++ b/c/misra/test/rules/RULE-8-7/test2.h @@ -0,0 +1,3 @@ +#include "test.h" +extern void f6() {} // NON_COMPLIANT +static void test() { f6(); } \ No newline at end of file From 8e3109342d122a58ce32805fbca423df451dc0ce Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 9 Mar 2025 18:42:43 +0000 Subject: [PATCH 2436/2573] Add change note. --- change_notes/2025-03-09-rule-8-7.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 change_notes/2025-03-09-rule-8-7.md diff --git a/change_notes/2025-03-09-rule-8-7.md b/change_notes/2025-03-09-rule-8-7.md new file mode 100644 index 0000000000..5308c97ce3 --- /dev/null +++ b/change_notes/2025-03-09-rule-8-7.md @@ -0,0 +1,4 @@ + - `RULE-8-7` - `ShouldNotBeDefinedWithExternalLinkage.ql`: + - Remove false positives where the declation is not defined in the database. + - Remove false positives where the definition and reference are in different translation units. + - Remove false positives where the reference occurs in a header file. \ No newline at end of file From 190f1ae536c7ac14fc27268bdd14509b04dd650b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 10 Mar 2025 05:03:57 +0000 Subject: [PATCH 2437/2573] Bump peter-evans/create-pull-request from 7.0.6 to 7.0.8 Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 7.0.6 to 7.0.8. - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](https://github.com/peter-evans/create-pull-request/compare/67ccf781d68cd99b580ae25a5c18a1cc84ffff1f...271a8d0340265f705b14b6d32b9829c1cb33d45e) --- updated-dependencies: - dependency-name: peter-evans/create-pull-request dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/upgrade_codeql_dependencies.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/upgrade_codeql_dependencies.yml b/.github/workflows/upgrade_codeql_dependencies.yml index ca6779871e..1ffc874bb4 100644 --- a/.github/workflows/upgrade_codeql_dependencies.yml +++ b/.github/workflows/upgrade_codeql_dependencies.yml @@ -53,7 +53,7 @@ jobs: find c \( -name '*.ql' -or -name '*.qll' \) -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql query format --in-place - name: Create Pull Request - uses: peter-evans/create-pull-request@67ccf781d68cd99b580ae25a5c18a1cc84ffff1f # v7.0.6 + uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8 with: title: "Upgrade `github/codeql` dependency to ${{ github.event.inputs.codeql_cli_version }}" body: | From 64b7684697b055b17df9a054e9f8141ab625b58f Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Sun, 9 Mar 2025 22:42:15 -0700 Subject: [PATCH 2438/2573] Implement generics package --- ...otAddOrSubtractAScaledIntegerToAPointer.ql | 2 +- .../IncompatibleFunctionDeclarations.ql | 8 +- c/common/src/codingstandards/c/Generic.qll | 155 +++++++ .../src/codingstandards/c/OutOfBounds.qll | 2 +- .../codingstandards/c/UndefinedBehavior.qll | 2 +- .../c/misra/EssentialTypes.qll | 18 +- ...rsionBetweenFunctionPointerAndOtherType.ql | 2 +- ...etweenIncompleteTypePointerAndOtherType.ql | 2 +- ...weenObjectPointerAndDifferentObjectType.ql | 2 +- ...ionBetweenPointerToObjectAndIntegerType.ql | 2 +- ...ionFromPointerToVoidIntoPointerToObject.ql | 2 +- ...stBetweenPointerToVoidAndArithmeticType.ql | 2 +- ...nPointerToObjectAndNonIntArithmeticType.ql | 2 +- ...NullNotUsedAsIntegerNullPointerConstant.ql | 2 +- ...ointersToVariablyModifiedArrayTypesUsed.ql | 2 +- .../rules/RULE-2-4/UnusedTagDeclaration.ql | 2 +- .../rules/RULE-2-8/UnusedObjectDefinition.ql | 2 +- .../RULE-2-8/UnusedObjectDefinitionStrict.ql | 2 +- ...veMemcmpArgNotPointersToCompatibleTypes.ql | 2 +- ...ricSelectionDoesntDependOnMacroArgument.ql | 26 ++ .../GenericSelectionNotExpandedFromAMacro.ql | 25 ++ ...ricSelectionNotFromMacroWithSideEffects.ql | 87 ++++ .../GenericWithoutNonDefaultAssociation.ql | 35 ++ .../GenericAssociationWithUnselectableType.ql | 111 +++++ ...rousDefaultSelectionForPointerInGeneric.ql | 78 ++++ ...ricExpressionWithIncorrectEssentialType.ql | 62 +++ .../InvalidGenericMacroArgumentEvaluation.ql | 60 +++ .../DefaultGenericSelectionNotFirstOrLast.ql | 93 ++++ ...interShouldPointToConstTypeWhenPossible.ql | 2 +- .../DeclarationsOfAFunctionSameNameAndType.ql | 18 +- .../DeclarationsOfAnObjectSameNameAndType.ql | 30 +- .../CompatibleDeclarationFunctionDefined.ql | 10 +- .../CompatibleDeclarationObjectDefined.ql | 14 +- .../RULE-2-8/UnusedObjectDefinition.expected | 24 +- .../UnusedObjectDefinitionStrict.expected | 8 +- ...ectionDoesntDependOnMacroArgument.expected | 3 + ...SelectionDoesntDependOnMacroArgument.qlref | 1 + ...ricSelectionNotExpandedFromAMacro.expected | 1 + ...enericSelectionNotExpandedFromAMacro.qlref | 1 + c/misra/test/rules/RULE-23-1/test.c | 25 ++ ...ectionNotFromMacroWithSideEffects.expected | 3 + ...SelectionNotFromMacroWithSideEffects.qlref | 1 + c/misra/test/rules/RULE-23-2/test.c | 49 ++ ...nericWithoutNonDefaultAssociation.expected | 2 + .../GenericWithoutNonDefaultAssociation.qlref | 1 + c/misra/test/rules/RULE-23-3/test.c | 23 + ...icAssociationWithUnselectableType.expected | 13 + ...nericAssociationWithUnselectableType.qlref | 1 + c/misra/test/rules/RULE-23-4/test.c | 73 +++ ...faultSelectionForPointerInGeneric.expected | 84 ++++ ...sDefaultSelectionForPointerInGeneric.qlref | 1 + c/misra/test/rules/RULE-23-5/test.c | 236 ++++++++++ ...ressionWithIncorrectEssentialType.expected | 4 + ...ExpressionWithIncorrectEssentialType.qlref | 1 + c/misra/test/rules/RULE-23-6/test.c | 33 ++ ...lidGenericMacroArgumentEvaluation.expected | 12 + ...nvalidGenericMacroArgumentEvaluation.qlref | 1 + c/misra/test/rules/RULE-23-7/test.c | 71 +++ ...ultGenericSelectionNotFirstOrLast.expected | 4 + ...efaultGenericSelectionNotFirstOrLast.qlref | 1 + c/misra/test/rules/RULE-23-8/test.c | 49 ++ ...rationsOfAFunctionSameNameAndType.expected | 26 +- ...arationsOfAnObjectSameNameAndType.expected | 44 +- c/misra/test/rules/RULE-8-3/function1.c | 2 +- c/misra/test/rules/RULE-8-3/function2.c | 2 +- .../2025-02-25-move-type-related-libraries.md | 2 + ...2-25-update-macro-deduplication-library.md | 4 + ...sential-types-with-explicit-conversions.md | 2 + ...25-03-04-more-accurate-type-comparisons.md | 6 + ...plementationShallComplyWithIeeeStandard.ql | 2 +- .../MoveConstructorUsesCopySemantics.ql | 2 +- .../NonTemplateMemberDefinedInTemplate.ql | 2 +- .../rules/A7-1-2/VariableMissingConstexpr.ql | 2 +- .../A8-4-7/TriviallyCopyableSmallType.qll | 2 +- .../src/rules/M0-1-4/SingleUsePODVariable.qll | 2 +- .../MEM53-CPP/ManuallyManagedLifetime.qll | 2 +- ...ConstructorCallForManuallyManagedObject.ql | 2 +- .../src/codingstandards/cpp/Compatible.qll | 30 -- .../cpp/MatchingParenthesis.qll | 264 +++++++++++ cpp/common/src/codingstandards/cpp/Type.qll | 98 +--- .../DeduplicateMacroResults.qll | 28 +- .../cpp/deadcode/UnusedObjects.qll | 6 +- .../cpp/exclusions/c/Generics.qll | 163 +++++++ .../cpp/exclusions/c/RuleMetadata.qll | 3 + .../CatchExceptionsByLvalueReference.qll | 2 +- ...dPointerToRestrictQualifiedParamShared.qll | 2 +- .../UnusedTypeDeclarations.qll | 2 +- .../codingstandards/cpp/types/Compatible.qll | 421 ++++++++++++++++++ .../src/codingstandards/cpp/types/Graph.qll | 15 + .../cpp/types/LvalueConversion.qll | 38 ++ .../cpp/{ => types}/Pointers.qll | 0 .../cpp/types/SimpleAssignment.qll | 45 ++ .../cpp/{ => types}/TrivialType.qll | 0 .../src/codingstandards/cpp/types/Type.qll | 96 ++++ .../cpp/{TypeUses.qll => types/Uses.qll} | 0 .../cpp/{ => types}/VariablyModifiedTypes.qll | 0 .../DisappliedQuery.ql | 2 +- .../cpp/trivialtypes/LiteralType.ql | 2 +- .../cpp/trivialtypes/TrivialType.ql | 2 +- .../cpp/trivialtypes/TriviallyCopyableType.ql | 2 +- rule_packages/c/Generics.json | 194 ++++++++ 101 files changed, 2846 insertions(+), 263 deletions(-) create mode 100644 c/common/src/codingstandards/c/Generic.qll create mode 100644 c/misra/src/rules/RULE-23-1/GenericSelectionDoesntDependOnMacroArgument.ql create mode 100644 c/misra/src/rules/RULE-23-1/GenericSelectionNotExpandedFromAMacro.ql create mode 100644 c/misra/src/rules/RULE-23-2/GenericSelectionNotFromMacroWithSideEffects.ql create mode 100644 c/misra/src/rules/RULE-23-3/GenericWithoutNonDefaultAssociation.ql create mode 100644 c/misra/src/rules/RULE-23-4/GenericAssociationWithUnselectableType.ql create mode 100644 c/misra/src/rules/RULE-23-5/DangerousDefaultSelectionForPointerInGeneric.ql create mode 100644 c/misra/src/rules/RULE-23-6/GenericExpressionWithIncorrectEssentialType.ql create mode 100644 c/misra/src/rules/RULE-23-7/InvalidGenericMacroArgumentEvaluation.ql create mode 100644 c/misra/src/rules/RULE-23-8/DefaultGenericSelectionNotFirstOrLast.ql create mode 100644 c/misra/test/rules/RULE-23-1/GenericSelectionDoesntDependOnMacroArgument.expected create mode 100644 c/misra/test/rules/RULE-23-1/GenericSelectionDoesntDependOnMacroArgument.qlref create mode 100644 c/misra/test/rules/RULE-23-1/GenericSelectionNotExpandedFromAMacro.expected create mode 100644 c/misra/test/rules/RULE-23-1/GenericSelectionNotExpandedFromAMacro.qlref create mode 100644 c/misra/test/rules/RULE-23-1/test.c create mode 100644 c/misra/test/rules/RULE-23-2/GenericSelectionNotFromMacroWithSideEffects.expected create mode 100644 c/misra/test/rules/RULE-23-2/GenericSelectionNotFromMacroWithSideEffects.qlref create mode 100644 c/misra/test/rules/RULE-23-2/test.c create mode 100644 c/misra/test/rules/RULE-23-3/GenericWithoutNonDefaultAssociation.expected create mode 100644 c/misra/test/rules/RULE-23-3/GenericWithoutNonDefaultAssociation.qlref create mode 100644 c/misra/test/rules/RULE-23-3/test.c create mode 100644 c/misra/test/rules/RULE-23-4/GenericAssociationWithUnselectableType.expected create mode 100644 c/misra/test/rules/RULE-23-4/GenericAssociationWithUnselectableType.qlref create mode 100644 c/misra/test/rules/RULE-23-4/test.c create mode 100644 c/misra/test/rules/RULE-23-5/DangerousDefaultSelectionForPointerInGeneric.expected create mode 100644 c/misra/test/rules/RULE-23-5/DangerousDefaultSelectionForPointerInGeneric.qlref create mode 100644 c/misra/test/rules/RULE-23-5/test.c create mode 100644 c/misra/test/rules/RULE-23-6/GenericExpressionWithIncorrectEssentialType.expected create mode 100644 c/misra/test/rules/RULE-23-6/GenericExpressionWithIncorrectEssentialType.qlref create mode 100644 c/misra/test/rules/RULE-23-6/test.c create mode 100644 c/misra/test/rules/RULE-23-7/InvalidGenericMacroArgumentEvaluation.expected create mode 100644 c/misra/test/rules/RULE-23-7/InvalidGenericMacroArgumentEvaluation.qlref create mode 100644 c/misra/test/rules/RULE-23-7/test.c create mode 100644 c/misra/test/rules/RULE-23-8/DefaultGenericSelectionNotFirstOrLast.expected create mode 100644 c/misra/test/rules/RULE-23-8/DefaultGenericSelectionNotFirstOrLast.qlref create mode 100644 c/misra/test/rules/RULE-23-8/test.c create mode 100644 change_notes/2025-02-25-move-type-related-libraries.md create mode 100644 change_notes/2025-02-25-update-macro-deduplication-library.md create mode 100644 change_notes/2025-03-04-essential-types-with-explicit-conversions.md create mode 100644 change_notes/2025-03-04-more-accurate-type-comparisons.md delete mode 100644 cpp/common/src/codingstandards/cpp/Compatible.qll create mode 100644 cpp/common/src/codingstandards/cpp/MatchingParenthesis.qll create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/Generics.qll create mode 100644 cpp/common/src/codingstandards/cpp/types/Compatible.qll create mode 100644 cpp/common/src/codingstandards/cpp/types/Graph.qll create mode 100644 cpp/common/src/codingstandards/cpp/types/LvalueConversion.qll rename cpp/common/src/codingstandards/cpp/{ => types}/Pointers.qll (100%) create mode 100644 cpp/common/src/codingstandards/cpp/types/SimpleAssignment.qll rename cpp/common/src/codingstandards/cpp/{ => types}/TrivialType.qll (100%) create mode 100644 cpp/common/src/codingstandards/cpp/types/Type.qll rename cpp/common/src/codingstandards/cpp/{TypeUses.qll => types/Uses.qll} (100%) rename cpp/common/src/codingstandards/cpp/{ => types}/VariablyModifiedTypes.qll (100%) create mode 100644 rule_packages/c/Generics.json diff --git a/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql b/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql index fd57bd6f75..61dd77f6f4 100644 --- a/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql +++ b/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.cert -import codingstandards.cpp.Pointers +import codingstandards.cpp.types.Pointers import semmle.code.cpp.dataflow.TaintTracking import ScaledIntegerPointerArithmeticFlow::PathGraph diff --git a/c/cert/src/rules/DCL40-C/IncompatibleFunctionDeclarations.ql b/c/cert/src/rules/DCL40-C/IncompatibleFunctionDeclarations.ql index 20b6e5e59e..95ef0fd682 100644 --- a/c/cert/src/rules/DCL40-C/IncompatibleFunctionDeclarations.ql +++ b/c/cert/src/rules/DCL40-C/IncompatibleFunctionDeclarations.ql @@ -16,7 +16,7 @@ import cpp import codingstandards.c.cert -import codingstandards.cpp.Compatible +import codingstandards.cpp.types.Compatible import ExternalIdentifiers from ExternalIdentifiers d, FunctionDeclarationEntry f1, FunctionDeclarationEntry f2 @@ -29,12 +29,10 @@ where f1.getName() = f2.getName() and ( //return type check - not typesCompatible(f1.getType(), f2.getType()) + not FunctionDeclarationTypeEquivalence::equalReturnTypes(f1, f2) or //parameter type check - parameterTypesIncompatible(f1, f2) - or - not f1.getNumberOfParameters() = f2.getNumberOfParameters() + not FunctionDeclarationTypeEquivalence::equalParameterTypes(f1, f2) ) and // Apply ordering on start line, trying to avoid the optimiser applying this join too early // in the pipeline diff --git a/c/common/src/codingstandards/c/Generic.qll b/c/common/src/codingstandards/c/Generic.qll new file mode 100644 index 0000000000..1bf4282017 --- /dev/null +++ b/c/common/src/codingstandards/c/Generic.qll @@ -0,0 +1,155 @@ +import cpp +import codingstandards.cpp.Macro +import codingstandards.cpp.MatchingParenthesis + +string genericRegexp() { result = ".*_Generic\\s*\\(\\s*(.+),.*" } + +bindingset[input] +string deparenthesize(string input) { + input = "(" + result + ")" and + result = input.substring(1, input.length() - 1) +} + + +class GenericMacro extends Macro { + string ctrlExpr; + + GenericMacro() { ctrlExpr = getBody().regexpCapture(genericRegexp(), 1).trim() } + + string getAParameter() { result = this.(FunctionLikeMacro).getAParameter() } + + string getControllingExprString() { + if exists(string s | s = deparenthesize(ctrlExpr)) + then result = deparenthesize(ctrlExpr).trim() + else result = ctrlExpr + } + + /** + * Whether the controlling expression of the `_Generic` expr in this macro's controlling + * expression refers to one of this macro's parameters. + */ + predicate hasControllingExprFromMacroParameter() { + getControllingExprString().matches(getAParameter()) + } +} + +class GenericMacroString extends string { + GenericMacroString() { this = any(Macro m).getBody() and this.matches("%_Generic%") } +} + +import MatchingParenthesis + +class ParsedGenericMacro extends Macro { + ParsedRoot macroBody; + Parsed genericBody; + string beforeGenericBody; + string afterGenericBody; + + ParsedGenericMacro() { + macroBody.getInputString() = this.getBody() and + exists(ParsedText genericText | + genericText.getText().matches("%_Generic%") and + genericBody = genericText.getParent().getChild(genericText.getChildIdx() + 1) and + genericBody.getRoot() = macroBody + ) and + beforeGenericBody = + textFrom(macroBody.getStartToken(), genericBody.getStartToken().getPrevious()) and + ( + if exists(genericBody.getEndToken().getNext()) + then afterGenericBody = textFrom(genericBody.getEndToken().getNext(), macroBody.getEndToken()) + else afterGenericBody = "" + ) + } + + string getAParameter() { + result = this.(FunctionLikeMacro).getAParameter() + } + + int getAParsedGenericCommaSeparatorOffset() { + exists(ParsedText text | + text.getParent() = genericBody and + result = text.getStartToken().getStartPos() + text.getText().indexOf(",") + ) + } + + int getAParsedGenericColonSeparatorOffset() { + exists(ParsedText text | + text.getParent() = genericBody and + result = text.getStartToken().getStartPos() + text.getText().indexOf(":") + ) + } + + int getParsedGenericCommaSeparatorOffset(int i) { + result = rank[i](int index | index = getAParsedGenericCommaSeparatorOffset()) + } + + bindingset[start, end] + int getParsedGenericColon(int start, int end) { + result = + min(int offset | + offset = getAParsedGenericColonSeparatorOffset() and + offset >= start and + offset <= end + ) + } + + predicate hasParsedFullSelectionRange(int idx, int start, int end) { + idx = 1 and + start = genericBody.getStartToken().getEndPos() and + end = getParsedGenericCommaSeparatorOffset(idx) + or + not exists(getParsedGenericCommaSeparatorOffset(idx)) and + start = getParsedGenericCommaSeparatorOffset(idx - 1) and + end = genericBody.getEndToken().getStartPos() + or + start = getParsedGenericCommaSeparatorOffset(idx - 1) and + end = getParsedGenericCommaSeparatorOffset(idx) + } + + string getSelectionString(int idx) { + exists(int start, int rawStart, int end | + hasParsedFullSelectionRange(idx, rawStart, end) and + ( + if exists(getParsedGenericColon(rawStart, end)) + then start = getParsedGenericColon(rawStart, end) + else start = rawStart + ) and + result = genericBody.getInputString().substring(start, end) + ) + } + + string getControllingExprString() { + result = getSelectionString(1) + } + + bindingset[str, word] + private int countWordInString(string word, string str) { + result = + max(int occurrence | + exists(str.regexpFind("\\b" + word + "\\b", occurrence, _)) or occurrence = -1 + | + occurrence + 1 + ) + } + + int expansionsOutsideExpr(string parameter) { + parameter = getAParameter() and + result = + countWordInString(parameter, beforeGenericBody) + + countWordInString(parameter, afterGenericBody) + } + + int expansionsInsideSelection(string parameter, int idx) { + parameter = getAParameter() and + result = countWordInString(parameter, getSelectionString(idx)) + } + + int expansionsInsideControllingExpr(string parameter) { + result = expansionsInsideSelection(parameter, 1) + } + + int expansionsInsideAssociation(string parameter, int idx) { + not idx = 0 and + result = expansionsInsideSelection(parameter, idx + 1) + } +} \ No newline at end of file diff --git a/c/common/src/codingstandards/c/OutOfBounds.qll b/c/common/src/codingstandards/c/OutOfBounds.qll index 220cf5a0a0..bb7d1bd124 100644 --- a/c/common/src/codingstandards/c/OutOfBounds.qll +++ b/c/common/src/codingstandards/c/OutOfBounds.qll @@ -5,7 +5,7 @@ */ import cpp -import codingstandards.cpp.Pointers +import codingstandards.cpp.types.Pointers import codingstandards.c.Variable import codingstandards.cpp.Allocations import codingstandards.cpp.Overflow diff --git a/c/common/src/codingstandards/c/UndefinedBehavior.qll b/c/common/src/codingstandards/c/UndefinedBehavior.qll index 6a72cb6eb7..47461aa613 100644 --- a/c/common/src/codingstandards/c/UndefinedBehavior.qll +++ b/c/common/src/codingstandards/c/UndefinedBehavior.qll @@ -1,5 +1,5 @@ import cpp -import codingstandards.cpp.Pointers +import codingstandards.cpp.types.Pointers import codingstandards.cpp.UndefinedBehavior /** diff --git a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll index 02b8498ecb..afdbefdb7d 100644 --- a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll +++ b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll @@ -164,14 +164,14 @@ EssentialTypeCategory getEssentialTypeCategory(Type type) { */ pragma[nomagic] Type getEssentialType(Expr e) { - if e.hasExplicitConversion() - then - if e.getConversion() instanceof ParenthesisExpr - then - if e.getConversion().(ParenthesisExpr).hasExplicitConversion() - then result = e.getConversion().(ParenthesisExpr).getConversion().getType() - else result = e.getConversion().(ParenthesisExpr).getExpr().(EssentialExpr).getEssentialType() - else result = e.getConversion().getType() + if e.hasConversion() + then result = getEssentialTypeOfConversion(e.getFullyConverted()) + else result = e.(EssentialExpr).getEssentialType() +} + +Type getEssentialTypeOfConversion(Expr e) { + if e.(Conversion).isImplicit() or e instanceof ParenthesisExpr or e instanceof C11GenericExpr + then result = getEssentialTypeOfConversion(e.(Conversion).getExpr()) else result = e.(EssentialExpr).getEssentialType() } @@ -446,7 +446,7 @@ class EssentialLiteral extends EssentialExpr, Literal { if underlyingStandardType.(IntType).isSigned() then result = stlr(this) else result = utlr(this) - else result = underlyingStandardType + else result = getStandardType() ) ) } diff --git a/c/misra/src/rules/RULE-11-1/ConversionBetweenFunctionPointerAndOtherType.ql b/c/misra/src/rules/RULE-11-1/ConversionBetweenFunctionPointerAndOtherType.ql index 36157e130e..7678fc1d23 100644 --- a/c/misra/src/rules/RULE-11-1/ConversionBetweenFunctionPointerAndOtherType.ql +++ b/c/misra/src/rules/RULE-11-1/ConversionBetweenFunctionPointerAndOtherType.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.Pointers +import codingstandards.cpp.types.Pointers from CStyleCast cast, Type type, Type newType where diff --git a/c/misra/src/rules/RULE-11-2/ConversionBetweenIncompleteTypePointerAndOtherType.ql b/c/misra/src/rules/RULE-11-2/ConversionBetweenIncompleteTypePointerAndOtherType.ql index 6c552b0f39..5c16dc1afb 100644 --- a/c/misra/src/rules/RULE-11-2/ConversionBetweenIncompleteTypePointerAndOtherType.ql +++ b/c/misra/src/rules/RULE-11-2/ConversionBetweenIncompleteTypePointerAndOtherType.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.Pointers +import codingstandards.cpp.types.Pointers import codingstandards.cpp.Type from Cast cast, Type type, Type newType diff --git a/c/misra/src/rules/RULE-11-3/CastBetweenObjectPointerAndDifferentObjectType.ql b/c/misra/src/rules/RULE-11-3/CastBetweenObjectPointerAndDifferentObjectType.ql index 8292bd3b6f..3a6fb28c2a 100644 --- a/c/misra/src/rules/RULE-11-3/CastBetweenObjectPointerAndDifferentObjectType.ql +++ b/c/misra/src/rules/RULE-11-3/CastBetweenObjectPointerAndDifferentObjectType.ql @@ -15,7 +15,7 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.Pointers +import codingstandards.cpp.types.Pointers from CStyleCast cast, Type baseTypeFrom, Type baseTypeTo where diff --git a/c/misra/src/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.ql b/c/misra/src/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.ql index 8877d04323..336f5d4643 100644 --- a/c/misra/src/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.ql +++ b/c/misra/src/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.ql @@ -15,7 +15,7 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.Macro -import codingstandards.cpp.Pointers +import codingstandards.cpp.types.Pointers MacroInvocation getAMacroInvocation(CStyleCast cast) { result.getAnExpandedElement() = cast } diff --git a/c/misra/src/rules/RULE-11-5/ConversionFromPointerToVoidIntoPointerToObject.ql b/c/misra/src/rules/RULE-11-5/ConversionFromPointerToVoidIntoPointerToObject.ql index 0363c28c19..b316b39a56 100644 --- a/c/misra/src/rules/RULE-11-5/ConversionFromPointerToVoidIntoPointerToObject.ql +++ b/c/misra/src/rules/RULE-11-5/ConversionFromPointerToVoidIntoPointerToObject.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.Pointers +import codingstandards.cpp.types.Pointers from Cast cast, VoidPointerType type, PointerToObjectType newType where diff --git a/c/misra/src/rules/RULE-11-6/CastBetweenPointerToVoidAndArithmeticType.ql b/c/misra/src/rules/RULE-11-6/CastBetweenPointerToVoidAndArithmeticType.ql index cc0adf0517..2293ede61e 100644 --- a/c/misra/src/rules/RULE-11-6/CastBetweenPointerToVoidAndArithmeticType.ql +++ b/c/misra/src/rules/RULE-11-6/CastBetweenPointerToVoidAndArithmeticType.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.Pointers +import codingstandards.cpp.types.Pointers from CStyleCast cast, Type typeFrom, Type typeTo where diff --git a/c/misra/src/rules/RULE-11-7/CastBetweenPointerToObjectAndNonIntArithmeticType.ql b/c/misra/src/rules/RULE-11-7/CastBetweenPointerToObjectAndNonIntArithmeticType.ql index e499ea6485..82ac620aa7 100644 --- a/c/misra/src/rules/RULE-11-7/CastBetweenPointerToObjectAndNonIntArithmeticType.ql +++ b/c/misra/src/rules/RULE-11-7/CastBetweenPointerToObjectAndNonIntArithmeticType.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.Pointers +import codingstandards.cpp.types.Pointers class MisraNonIntegerArithmeticType extends Type { MisraNonIntegerArithmeticType() { diff --git a/c/misra/src/rules/RULE-11-9/MacroNullNotUsedAsIntegerNullPointerConstant.ql b/c/misra/src/rules/RULE-11-9/MacroNullNotUsedAsIntegerNullPointerConstant.ql index cb18ed0d1d..28b256e85c 100644 --- a/c/misra/src/rules/RULE-11-9/MacroNullNotUsedAsIntegerNullPointerConstant.ql +++ b/c/misra/src/rules/RULE-11-9/MacroNullNotUsedAsIntegerNullPointerConstant.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.Pointers +import codingstandards.cpp.types.Pointers import codingstandards.cpp.Type from Zero zero, Expr e, string type diff --git a/c/misra/src/rules/RULE-18-10/PointersToVariablyModifiedArrayTypesUsed.ql b/c/misra/src/rules/RULE-18-10/PointersToVariablyModifiedArrayTypesUsed.ql index 3a99ebd842..dc1433d5e4 100644 --- a/c/misra/src/rules/RULE-18-10/PointersToVariablyModifiedArrayTypesUsed.ql +++ b/c/misra/src/rules/RULE-18-10/PointersToVariablyModifiedArrayTypesUsed.ql @@ -16,7 +16,7 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.VariablyModifiedTypes +import codingstandards.cpp.types.VariablyModifiedTypes from VmtDeclarationEntry v, string declstr, string adjuststr, string relationstr where diff --git a/c/misra/src/rules/RULE-2-4/UnusedTagDeclaration.ql b/c/misra/src/rules/RULE-2-4/UnusedTagDeclaration.ql index 08fe2568e9..88b0a5b05a 100644 --- a/c/misra/src/rules/RULE-2-4/UnusedTagDeclaration.ql +++ b/c/misra/src/rules/RULE-2-4/UnusedTagDeclaration.ql @@ -15,7 +15,7 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.TypeUses +import codingstandards.cpp.types.Uses from UserType s where diff --git a/c/misra/src/rules/RULE-2-8/UnusedObjectDefinition.ql b/c/misra/src/rules/RULE-2-8/UnusedObjectDefinition.ql index 2230a74592..13355b7f74 100644 --- a/c/misra/src/rules/RULE-2-8/UnusedObjectDefinition.ql +++ b/c/misra/src/rules/RULE-2-8/UnusedObjectDefinition.ql @@ -20,5 +20,5 @@ from ReportDeadObject report where not isExcluded(report.getPrimaryElement(), DeadCode2Package::unusedObjectDefinitionQuery()) and not report.hasAttrUnused() -select report.getPrimaryElement(), report.getMessage(), report.getOptionalPlaceholderLocation(), +select report.getPrimaryElement(), report.getMessage(), report.getOptionalPlaceholderLocatable(), report.getOptionalPlaceholderMessage() diff --git a/c/misra/src/rules/RULE-2-8/UnusedObjectDefinitionStrict.ql b/c/misra/src/rules/RULE-2-8/UnusedObjectDefinitionStrict.ql index cc117763ee..4eb1ad9773 100644 --- a/c/misra/src/rules/RULE-2-8/UnusedObjectDefinitionStrict.ql +++ b/c/misra/src/rules/RULE-2-8/UnusedObjectDefinitionStrict.ql @@ -22,5 +22,5 @@ from ReportDeadObject report where not isExcluded(report.getPrimaryElement(), DeadCode2Package::unusedObjectDefinitionStrictQuery()) and report.hasAttrUnused() -select report.getPrimaryElement(), report.getMessage(), report.getOptionalPlaceholderLocation(), +select report.getPrimaryElement(), report.getMessage(), report.getOptionalPlaceholderLocatable(), report.getOptionalPlaceholderMessage() diff --git a/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql b/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql index f5d8057b3a..28dce7b638 100644 --- a/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql +++ b/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.Pointers +import codingstandards.cpp.types.Pointers class MemCmpMoveCpy extends Function { // Couldn't extend BuiltInFunction because it misses `memcmp` diff --git a/c/misra/src/rules/RULE-23-1/GenericSelectionDoesntDependOnMacroArgument.ql b/c/misra/src/rules/RULE-23-1/GenericSelectionDoesntDependOnMacroArgument.ql new file mode 100644 index 0000000000..0dc0e5273a --- /dev/null +++ b/c/misra/src/rules/RULE-23-1/GenericSelectionDoesntDependOnMacroArgument.ql @@ -0,0 +1,26 @@ +/** + * @id c/misra/generic-selection-doesnt-depend-on-macro-argument + * @name RULE-23-1: A generic selection should depend on the type of a macro argument + * @description A generic selection should depend on the type of a macro argument. + * @kind problem + * @precision high + * @problem.severity warning + * @tags external/misra/id/rule-23-1 + * correctness + * maintainability + * external/misra/c/2012/amendment3 + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.c.misra +import codingstandards.c.Generic + +from ParsedGenericMacro macro, string ctrlExpr +where + not isExcluded(macro, GenericsPackage::genericSelectionDoesntDependOnMacroArgumentQuery()) and + ctrlExpr = macro.getControllingExprString().trim() and + not macro.expansionsInsideControllingExpr(_) > 0 +select macro, + "Generic macro " + macro.getName() + " uses controlling expr " + ctrlExpr + + ", which doesn't match any macro parameter." diff --git a/c/misra/src/rules/RULE-23-1/GenericSelectionNotExpandedFromAMacro.ql b/c/misra/src/rules/RULE-23-1/GenericSelectionNotExpandedFromAMacro.ql new file mode 100644 index 0000000000..ef2a2e75c5 --- /dev/null +++ b/c/misra/src/rules/RULE-23-1/GenericSelectionNotExpandedFromAMacro.ql @@ -0,0 +1,25 @@ +/** + * @id c/misra/generic-selection-not-expanded-from-a-macro + * @name RULE-23-1: A generic selection should only be expanded from a macro + * @description A generic selection should only be expanded from a macro. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/misra/id/rule-23-1 + * maintainability + * external/misra/c/2012/amendment3 + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.c.misra + +from C11GenericExpr generic, Expr ctrlExpr +where + not isExcluded(generic, GenericsPackage::genericSelectionNotExpandedFromAMacroQuery()) and + ctrlExpr = generic.getControllingExpr() and + not exists(MacroInvocation mi | + mi.getAGeneratedElement() = generic.getExpr() + ) +select generic, "Generic expression with controlling expression $@ is not expanded froma macro", +ctrlExpr, ctrlExpr.toString() diff --git a/c/misra/src/rules/RULE-23-2/GenericSelectionNotFromMacroWithSideEffects.ql b/c/misra/src/rules/RULE-23-2/GenericSelectionNotFromMacroWithSideEffects.ql new file mode 100644 index 0000000000..3ec53a08bf --- /dev/null +++ b/c/misra/src/rules/RULE-23-2/GenericSelectionNotFromMacroWithSideEffects.ql @@ -0,0 +1,87 @@ +/** + * @id c/misra/generic-selection-not-from-macro-with-side-effects + * @name RULE-23-2: A generic selection shall not contain side-effects if it is not expanded from a macro + * @description A generic selection that is not expanded from a macro shall not contain potential + * side effects in the controlling expression. + * @kind problem + * @precision high + * @problem.severity warning + * @tags external/misra/id/rule-23-2 + * maintainability + * external/misra/c/2012/amendment3 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.c.Generic +import codingstandards.cpp.SideEffect +import codingstandards.cpp.sideeffect.DefaultEffects +import codingstandards.cpp.alertreporting.DeduplicateMacroResults + +class GenericWithNonMacroSideEffect extends C11GenericExpr { + SideEffect sideEffect; + + GenericWithNonMacroSideEffect() { + not exists(MacroInvocation mi | + mi.getAGeneratedElement() = getExpr() and + mi.getMacro().(GenericMacro).hasControllingExprFromMacroParameter() + ) and + sideEffect = getASideEffect(getControllingExpr()) + } + + SideEffect getASideEffect() { result = sideEffect } +} + +module GenericSideEffectConfig implements DeduplicateMacroConfigSig { + string describe(GenericWithNonMacroSideEffect e) { + result = "side effect '" + e.getASideEffect() + "'" + } +} + +module GenericSideEffectReportConfig implements MacroReportConfigSig { + /* Create a message to describe this macro, with a string describing its `ResultElement`. */ + bindingset[description] + string getMessageSameResultInAllExpansions(Macro m, string description) { + result = + "Generic selection macro " + m.getName() + " contains a " + description + + ", which is not from macro invocation arguments." + } + + /* Create a message to describe this macro, using '$@' to describe an example `ResultElement`. */ + string getMessageVariedResultInAllExpansions(Macro m) { + result = + "Generic selection in macro " + m.getName() + + " contains an invocation-dependent side effect which is not from macro invocation arguments, for example $@." + } + + /** + * Create a message to describe this macro expansion which produces a `ResultElement`, using '$@' + * to describe the relevant macro. + */ + string getMessageResultInIsolatedExpansion(GenericWithNonMacroSideEffect element) { + // A result in an isolated expansion indicates that the side effect is not always present when + // macro is expanded, and therefore the side-effect is not in the macro definition but rather + // originates in one of the macro arguments. + none() + } + + /** + * Create a message to describe a `ResultElement` which is not generated by a macro expansion. + */ + string getMessageNotInMacro( + GenericWithNonMacroSideEffect element, Locatable optLoc1, string optStr1 + ) { + none() + } +} + +import DeduplicateMacroResults as Deduplicate +import Deduplicate::Report as Report + +from Report::ReportResult res +where + not isExcluded(res.getPrimaryElement(), + GenericsPackage::genericSelectionNotFromMacroWithSideEffectsQuery()) +select res.getPrimaryElement(), res.getMessage(), res.getOptionalPlaceholderLocatable(), + res.getOptionalPlaceholderMessage() \ No newline at end of file diff --git a/c/misra/src/rules/RULE-23-3/GenericWithoutNonDefaultAssociation.ql b/c/misra/src/rules/RULE-23-3/GenericWithoutNonDefaultAssociation.ql new file mode 100644 index 0000000000..f3a0227022 --- /dev/null +++ b/c/misra/src/rules/RULE-23-3/GenericWithoutNonDefaultAssociation.ql @@ -0,0 +1,35 @@ +/** + * @id c/misra/generic-without-non-default-association + * @name RULE-23-3: A generic selection should contain at least one non-default association + * @description A generic selection should contain at least one non-default association. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/misra/id/rule-23-3 + * correctness + * maintainability + * external/misra/c/2012/amendment3 + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.AlertReporting + +class InvalidGeneric extends C11GenericExpr { + InvalidGeneric() { + not exists(Type t | + t = getAnAssociationType() and + not t instanceof VoidType + ) + } +} + +from C11GenericExpr generic, Element primaryElement +where + not isExcluded(primaryElement, GenericsPackage::genericWithoutNonDefaultAssociationQuery()) and + not exists(Type t | + t = generic.getAnAssociationType() and + not t instanceof VoidType + ) and primaryElement = MacroUnwrapper::unwrapElement(generic) +select primaryElement, "Generic selection contains no non-default association." diff --git a/c/misra/src/rules/RULE-23-4/GenericAssociationWithUnselectableType.ql b/c/misra/src/rules/RULE-23-4/GenericAssociationWithUnselectableType.ql new file mode 100644 index 0000000000..e8ed88f757 --- /dev/null +++ b/c/misra/src/rules/RULE-23-4/GenericAssociationWithUnselectableType.ql @@ -0,0 +1,111 @@ +/** + * @id c/misra/generic-association-with-unselectable-type + * @name RULE-23-4: A generic association shall list an appropriate type + * @description Generic selections undergo lvalue conversion before type comparison, leading to + * certain types being impossible to select. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-23-4 + * correctness + * external/misra/c/2012/amendment3 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.types.LvalueConversion +import codingstandards.cpp.types.Graph +import codingstandards.cpp.alertreporting.DeduplicateMacroResults + +/** + * Check if a type contains an unmatchable anonymous struct or union. + * + * Anonymous structs and unions are only equal to themselves. So any anonymous struct, or compound + * type containing an anonymous struct, is unmatchable. + * + * However, there is an exception if the anonymous struct is behind a typedef. All uses of that + * typedef will resolve to the same anonymous struct, and so the typedef is matchable. + */ +predicate containsAnonymousType(Type t) { + t.(Struct).isAnonymous() + or + not t instanceof TypedefType and + exists(Type next | typeGraph(t, next) | containsAnonymousType(next)) +} + +predicate invalidType(Type t, string reason) { + containsAnonymousType(t) and + reason = "containing an anonymous struct or union type" + or + exists(performLvalueConversion(t, reason)) +} + +class InvalidSelection extends Expr { + Type selectionType; + int idx; + C11GenericExpr generic; + string reason; + + InvalidSelection() { + this = generic.getAssociationExpr(idx) and + selectionType = generic.getAssociationType(idx) and + invalidType(selectionType, reason) + } + + Type getSelectionType() { result = selectionType } + + string getReason() { result = reason } +} + +module InvalidSelectionConfig implements DeduplicateMacroConfigSig { + string describe(InvalidSelection e) { + result = "'" + e.getSelectionType().toString() + "', due to " + e.getReason() + } +} + +import InvalidSelectionConfig + +module InvalidSelectionReportConfig implements MacroReportConfigSig { + /* Create a message to describe this macro, with a string describing its `ResultElement`. */ + bindingset[description] + string getMessageSameResultInAllExpansions(Macro m, string description) { + result = "Generic in macro " + m.getName() + " has unselectable type " + description + "." + } + + /* Create a message to describe this macro, using '$@' to describe an example `ResultElement`. */ + string getMessageVariedResultInAllExpansions(Macro m) { + result = + "Generic in macro " + m.getName() + + " has an invocation-dependent unselectable type, for example $@." + } + + /** + * Create a message to describe this macro expansion which produces a `ResultElement`, using '$@' + * to describe the relevant macro. + */ + string getMessageResultInIsolatedExpansion(InvalidSelection element) { + result = + "Generic resulting from invocation of macro $@ contains an unselectable type " + + describe(element) + "." + } + + /** + * Create a message to describe a `ResultElement` which is not generated by a macro expansion. + */ + string getMessageNotInMacro(InvalidSelection element, Locatable optLoc1, string optStr1) { + result = "Generic selection uses unselectable type " + describe(element) + "'." and + optLoc1 = element and + optStr1 = "side effect" + } +} + +import DeduplicateMacroResults as Deduplicate +import Deduplicate::Report as Report + +from Report::ReportResult res +where + not isExcluded(res.getPrimaryElement(), + GenericsPackage::genericSelectionNotFromMacroWithSideEffectsQuery()) +select res.getPrimaryElement(), res.getMessage(), res.getOptionalPlaceholderLocatable(), + res.getOptionalPlaceholderMessage() diff --git a/c/misra/src/rules/RULE-23-5/DangerousDefaultSelectionForPointerInGeneric.ql b/c/misra/src/rules/RULE-23-5/DangerousDefaultSelectionForPointerInGeneric.ql new file mode 100644 index 0000000000..a009ba1b2a --- /dev/null +++ b/c/misra/src/rules/RULE-23-5/DangerousDefaultSelectionForPointerInGeneric.ql @@ -0,0 +1,78 @@ +/** + * @id c/misra/dangerous-default-selection-for-pointer-in-generic + * @name RULE-23-5: A generic selection should not depend on implicit pointer type conversion + * @description Pointer types in a generic selection do not undergo pointer conversions and should + * not counterintuitively fall through to the default association. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/misra/id/rule-23-5 + * correctness + * external/misra/c/2012/amendment3 + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.AlertReporting +import codingstandards.cpp.types.Compatible +import codingstandards.cpp.types.LvalueConversion +import codingstandards.cpp.types.SimpleAssignment + +predicate typesCompatible(Type t1, Type t2) { + TypeEquivalence::equalTypes(t1, t2) +} + +class TypeFromGeneric extends Type { + TypeFromGeneric() { + exists(C11GenericExpr g | + ( + this = g.getAssociationType(_) or + this = g.getControllingExpr().getFullyConverted().getType() + ) + ) + } +} + +predicate missesOnPointerConversion(Type provided, Type expected) { + // The provided type is not compatible with the expected type: + not typesCompatible(provided, expected) and + // But 6.5.16.1 simple assignment constraints would have been satisfied: + ( + // Check as if the controlling expr is assigned to the expected type: + SimpleAssignment::satisfiesSimplePointerAssignment(expected, provided) + or + // Since developers typically rely on the compiler to catch const/non-const assignment + // errors, don't assume a const-to-non-const generic selection miss was intentional. + SimpleAssignment::satisfiesSimplePointerAssignment(provided, expected) + ) +} + +from + C11GenericExpr generic, Expr controllingExpr, Type providedType, Type missedType, + Type lvalueConverted, Element extraElement, string extraString, string extraElementName +where + not isExcluded(generic, GenericsPackage::dangerousDefaultSelectionForPointerInGenericQuery()) and + controllingExpr = generic.getControllingExpr() and + providedType = generic.getControllingExpr().getFullyConverted().getType() and + // The controlling expression undergoes lvalue conversion: + lvalueConverted = getLvalueConverted(providedType) and + // There is no perfect match + not typesCompatible(lvalueConverted, generic.getAnAssociationType()) and + // There is a default selector. + exists(VoidType default | default = generic.getAnAssociationType()) and + missedType = generic.getAnAssociationType() and + missesOnPointerConversion(lvalueConverted, missedType) and + extraElement = MacroUnwrapper::unwrapElement(generic) and + ( + if extraElement instanceof Macro + then ( + extraString = " in generic macro $@" and extraElementName = extraElement.(Macro).getName() + ) else ( + extraString = "" and extraElementName = "" + ) + ) +select generic, + "Generic matched default selection, as controlling argument type " + lvalueConverted.toString() + + " does not undergo pointer conversion to " + missedType.toString() + extraString + ".", + extraElement, extraElementName diff --git a/c/misra/src/rules/RULE-23-6/GenericExpressionWithIncorrectEssentialType.ql b/c/misra/src/rules/RULE-23-6/GenericExpressionWithIncorrectEssentialType.ql new file mode 100644 index 0000000000..c27ce3dc55 --- /dev/null +++ b/c/misra/src/rules/RULE-23-6/GenericExpressionWithIncorrectEssentialType.ql @@ -0,0 +1,62 @@ +/** + * @id c/misra/generic-expression-with-incorrect-essential-type + * @name RULE-23-6: The controlling expression of a generic selection shall have an essential type that matches its standard type + * @description The controlling expression of a generic selection shall have an essential type that + * matches its standard type. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-23-6 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.c.misra.EssentialTypes +import codingstandards.cpp.Cpp14Literal +import codingstandards.cpp.AlertReporting + +predicate allowedByException(Expr expr, Type essentialType) { + // Constant expressions + exists(expr.getValue()) and + ( + // with essentially signed or unsigned type + getEssentialTypeCategory(essentialType) = EssentiallySignedType() + or + getEssentialTypeCategory(essentialType) = EssentiallyUnsignedType() + ) and + // with lower rank than `int` + essentialType.getSize() < any(IntType t).getSize() and + // and not a character constant + not expr instanceof Cpp14Literal::CharLiteral +} + +from + C11GenericExpr generic, Expr ctrlExpr, Type ctrlType, Type ctrlEssentialType, + Element extraElement, string extraString, string extraMessage +where + not isExcluded(ctrlExpr, GenericsPackage::genericExpressionWithIncorrectEssentialTypeQuery()) and + ctrlExpr = generic.getControllingExpr() and + ctrlType = ctrlExpr.getFullyConverted().getType() and + ctrlEssentialType = getEssentialType(ctrlExpr) and + // Exclude lvalue conversion on const structs + exists(getEssentialTypeCategory(ctrlEssentialType)) and + ( + not ctrlEssentialType = ctrlType + or + getEssentialTypeCategory(ctrlEssentialType) = EssentiallyEnumType() + ) and + not allowedByException(ctrlExpr, ctrlEssentialType) and + extraElement = MacroUnwrapper::unwrapElement(generic) and + ( + if extraElement instanceof Macro + then ( + extraMessage = "macro $@ " and extraString = extraElement.(Macro).getName() + ) else ( + extraMessage = "" and extraString = "" + ) + ) +select generic, + "Controlling expression in generic " + extraMessage + + "has standard type " + ctrlType.toString() + ", which doesn't match its essential type " + + ctrlEssentialType.toString() + ".", extraElement, extraString \ No newline at end of file diff --git a/c/misra/src/rules/RULE-23-7/InvalidGenericMacroArgumentEvaluation.ql b/c/misra/src/rules/RULE-23-7/InvalidGenericMacroArgumentEvaluation.ql new file mode 100644 index 0000000000..04952ae960 --- /dev/null +++ b/c/misra/src/rules/RULE-23-7/InvalidGenericMacroArgumentEvaluation.ql @@ -0,0 +1,60 @@ +/** + * @id c/misra/invalid-generic-macro-argument-evaluation + * @name RULE-23-7: A generic selection that is expanded from a macro should evaluate its argument only once + * @description A generic selection that is expanded from a macro should evaluate its argument only + * once. + * @kind problem + * @precision medium + * @problem.severity warning + * @tags external/misra/id/rule-23-7 + * correctness + * maintainability + * external/misra/c/2012/amendment3 + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.c.misra +import codingstandards.c.Generic + +predicate allowedByException(string parameter, ParsedGenericMacro genericMacro) { + genericMacro.expansionsOutsideExpr(parameter) = 0 and + not genericMacro.expansionsInsideAssociation(parameter, _) > 0 and + forall(MacroInvocation mi, C11GenericExpr expr | + mi.getMacro() = genericMacro and + mi.getAGeneratedElement() = expr + | + forall(Expr assoc | assoc = expr.getAnAssociationExpr() | exists(assoc.getValue())) + ) +} + +from ParsedGenericMacro genericMacro, string parameter, string reason +where + not isExcluded(genericMacro, GenericsPackage::invalidGenericMacroArgumentEvaluationQuery()) and + parameter = genericMacro.getAParameter() and + genericMacro.expansionsInsideControllingExpr(parameter) > 0 and + ( + genericMacro.expansionsOutsideExpr(parameter) > 1 and + reason = "expanded multiple times outside the generic selection" + or + genericMacro.expansionsOutsideExpr(parameter) = 1 and + genericMacro.expansionsInsideAssociation(parameter, _) > 0 and + reason = "expanded outside the generic selection and inside the generic selection" + or + genericMacro.expansionsOutsideExpr(parameter) = 0 and + exists(int i | + genericMacro.expansionsInsideAssociation(parameter, i) > 1 and + reason = "expanded in generic selection " + i.toString() + " more than once" + ) + or + genericMacro.expansionsOutsideExpr(parameter) = 0 and + exists(int i | + genericMacro.expansionsInsideAssociation(parameter, i) = 0 and + reason = "not expanded in generic selection " + i.toString() + ) and + not allowedByException(parameter, genericMacro) + ) and + not genericMacro.getBody().matches(["%sizeof%", "%__alignof%", "%typeof%", "%offsetof%"]) +select genericMacro, + "Generic macro " + genericMacro.getName() + " may have unexpected behavior from side effects " + + "in parameter " + parameter + ", as it is " + reason + "." diff --git a/c/misra/src/rules/RULE-23-8/DefaultGenericSelectionNotFirstOrLast.ql b/c/misra/src/rules/RULE-23-8/DefaultGenericSelectionNotFirstOrLast.ql new file mode 100644 index 0000000000..04b12ac436 --- /dev/null +++ b/c/misra/src/rules/RULE-23-8/DefaultGenericSelectionNotFirstOrLast.ql @@ -0,0 +1,93 @@ +/** + * @id c/misra/default-generic-selection-not-first-or-last + * @name RULE-23-8: A default association shall appear as either the first or the last association of a generic + * @description A default association shall appear as either the first or the last association of a + * generic selection + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/misra/id/rule-23-8 + * maintainability + * external/misra/c/2012/amendment3 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.alertreporting.DeduplicateMacroResults + +class GenericWithMisplacedDefault extends C11GenericExpr { + int defaultIdx; + + GenericWithMisplacedDefault() { + getAssociationType(defaultIdx) instanceof VoidType and + not defaultIdx = 0 and + not defaultIdx = max(int i | exists(getAssociationType(i))) + } + + int getDefaultIdx() { result = defaultIdx } +} + +module GenericWithMisplacedDefaultConfig implements + DeduplicateMacroConfigSig +{ + string describe(GenericWithMisplacedDefault e) { + exists(int i | i = e.getDefaultIdx() + 1 | + i = 1 and result = "1st" + or + i = 2 and result = "2nd" + or + i = 3 and result = "3rd" + or + i > 3 and result = i.toString() + "th" + ) + } +} + +import GenericWithMisplacedDefaultConfig + +module GenericMisplacedDefaultReportConfig implements + MacroReportConfigSig +{ + /* Create a message to describe this macro, with a string describing its `ResultElement`. */ + bindingset[description] + string getMessageSameResultInAllExpansions(Macro m, string description) { + result = + "Generic macro " + m.getName() + " has default as " + description + " association, which is not first or last." + } + + /* Create a message to describe this macro, using '$@' to describe an example `ResultElement`. */ + string getMessageVariedResultInAllExpansions(Macro m) { + result = + "Generic macro " + m.getName() + " has a default association which is not first or last, for example $@." + } + + /** + * Create a message to describe this macro expansion which produces a `ResultElement`, using '$@' + * to describe the relevant macro. + */ + string getMessageResultInIsolatedExpansion(GenericWithMisplacedDefault element) { + result = + "Generic macro $@, in this expansion, has default as " + describe(element) + " association, which is not first or last." + } + + /** + * Create a message to describe a `ResultElement` which is not generated by a macro expansion. + */ + string getMessageNotInMacro(GenericWithMisplacedDefault element, Locatable optLoc1, string optStr1) { + result = + "Generic has default as " + describe(element) + " association, which is not first or last." and + optLoc1 = element and + optStr1 = "" + } +} + +import DeduplicateMacroResults as Deduplicate +import Deduplicate::Report as Report + +from Report::ReportResult res +where + not isExcluded(res.getPrimaryElement(), + GenericsPackage::defaultGenericSelectionNotFirstOrLastQuery()) +select res.getPrimaryElement(), res.getMessage(), res.getOptionalPlaceholderLocatable(), + res.getOptionalPlaceholderMessage() diff --git a/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql b/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql index ddb8cbcdcc..6a2c123907 100644 --- a/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql +++ b/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql @@ -16,7 +16,7 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.Pointers +import codingstandards.cpp.types.Pointers import codingstandards.cpp.SideEffect import codingstandards.cpp.alertreporting.HoldsForAllCopies diff --git a/c/misra/src/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.ql b/c/misra/src/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.ql index 8c80c64a40..a0d7c0c9ab 100644 --- a/c/misra/src/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.ql +++ b/c/misra/src/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.ql @@ -14,9 +14,9 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.Compatible +import codingstandards.cpp.types.Compatible -from FunctionDeclarationEntry f1, FunctionDeclarationEntry f2, string case +from FunctionDeclarationEntry f1, FunctionDeclarationEntry f2, string case, string pluralDo where not isExcluded(f1, Declarations4Package::declarationsOfAFunctionSameNameAndTypeQuery()) and not isExcluded(f2, Declarations4Package::declarationsOfAFunctionSameNameAndTypeQuery()) and @@ -24,16 +24,16 @@ where f1.getDeclaration() = f2.getDeclaration() and //return type check ( - not typesCompatible(f1.getType(), f2.getType()) and - case = "return type" + not FunctionDeclarationTypeEquivalence::equalReturnTypes(f1, f2) and + case = "return type" and pluralDo = "does" or //parameter type check - parameterTypesIncompatible(f1, f2) and - case = "parameter types" + not FunctionDeclarationTypeEquivalence::equalParameterTypes(f1, f2) and + case = "parameter types" and pluralDo = "do" or //parameter name check - parameterNamesIncompatible(f1, f2) and - case = "parameter names" + parameterNamesUnmatched(f1, f2) and + case = "parameter names" and pluralDo = "do" ) -select f1, "The " + case + " of re-declaration of $@ is not compatible with declaration $@", f1, +select f1, "The " + case + " of re-declaration of $@ " + pluralDo + " not use the same type names as declaration $@", f1, f1.getName(), f2, f2.getName() diff --git a/c/misra/src/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.ql b/c/misra/src/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.ql index 421998c582..83c67e2efa 100644 --- a/c/misra/src/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.ql +++ b/c/misra/src/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.ql @@ -14,12 +14,18 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.Compatible +import codingstandards.cpp.types.Compatible -from VariableDeclarationEntry decl1, VariableDeclarationEntry decl2 -where - not isExcluded(decl1, Declarations4Package::declarationsOfAnObjectSameNameAndTypeQuery()) and - not isExcluded(decl2, Declarations4Package::declarationsOfAnObjectSameNameAndTypeQuery()) and +class RelevantType extends Type { + RelevantType() { + exists(VariableDeclarationEntry decl | + (relevantPair(decl, _) or relevantPair(_, decl)) and + decl.getType() = this + ) + } +} + +predicate relevantPair(VariableDeclarationEntry decl1, VariableDeclarationEntry decl2) { not decl1 = decl2 and not decl1.getVariable().getDeclaringType().isAnonymous() and // Declarations are for the same qualified name @@ -34,9 +40,17 @@ where or decl1.getVariable().(Field).getDeclaringType().(Class).getALinkTarget() = decl2.getVariable().(Field).getDeclaringType().(Class).getALinkTarget() - ) and - not typesCompatible(decl1.getType(), decl2.getType()) + ) +} + +from VariableDeclarationEntry decl1, VariableDeclarationEntry decl2 +where + not isExcluded(decl1, Declarations4Package::declarationsOfAnObjectSameNameAndTypeQuery()) and + not isExcluded(decl2, Declarations4Package::declarationsOfAnObjectSameNameAndTypeQuery()) and + relevantPair(decl1, decl2) and + not TypeEquivalence::equalTypes(decl1.getType(), + decl2.getType()) select decl1, "The object $@ of type " + decl1.getType().toString() + - " is not compatible with re-declaration $@ of type " + decl2.getType().toString(), decl1, + " does not use the same type names as re-declaration $@ of type " + decl2.getType().toString(), decl1, decl1.getName(), decl2, decl2.getName() diff --git a/c/misra/src/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.ql b/c/misra/src/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.ql index 63f70d3541..98876ad1bd 100644 --- a/c/misra/src/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.ql +++ b/c/misra/src/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.ql @@ -17,7 +17,7 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.Identifiers -import codingstandards.cpp.Compatible +import codingstandards.cpp.types.Compatible from FunctionDeclarationEntry f1 where @@ -36,15 +36,15 @@ where f1.getName() = f2.getName() and not f2.isDefinition() and f2.getDeclaration() = f1.getDeclaration() and - //return types differ ( - not typesCompatible(f1.getType(), f2.getType()) + //return types differ + not FunctionDeclarationTypeEquivalence::equalReturnTypes(f1, f2) or //parameter types differ - parameterTypesIncompatible(f1, f2) + not FunctionDeclarationTypeEquivalence::equalParameterTypes(f1, f2) or //parameter names differ - parameterNamesIncompatible(f1, f2) + parameterNamesUnmatched(f1, f2) ) ) ) diff --git a/c/misra/src/rules/RULE-8-4/CompatibleDeclarationObjectDefined.ql b/c/misra/src/rules/RULE-8-4/CompatibleDeclarationObjectDefined.ql index 7e5baacd9a..613ce56806 100644 --- a/c/misra/src/rules/RULE-8-4/CompatibleDeclarationObjectDefined.ql +++ b/c/misra/src/rules/RULE-8-4/CompatibleDeclarationObjectDefined.ql @@ -17,7 +17,16 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.Identifiers -import codingstandards.cpp.Compatible +import codingstandards.cpp.types.Compatible + +class RelevantType extends Type { + RelevantType() { + exists(VariableDeclarationEntry decl | + count(VariableDeclarationEntry others | others.getDeclaration() = decl.getDeclaration()) > 1 and + decl.getType() = this + ) + } +} from VariableDeclarationEntry decl1 where @@ -28,6 +37,7 @@ where not exists(VariableDeclarationEntry decl2 | not decl2.isDefinition() and decl1.getDeclaration() = decl2.getDeclaration() and - typesCompatible(decl1.getType(), decl2.getType()) + TypeEquivalence::equalTypes(decl1.getType(), + decl2.getType()) ) select decl1, "No separate compatible declaration found for this definition." diff --git a/c/misra/test/rules/RULE-2-8/UnusedObjectDefinition.expected b/c/misra/test/rules/RULE-2-8/UnusedObjectDefinition.expected index 731aebb1be..9a373a644c 100644 --- a/c/misra/test/rules/RULE-2-8/UnusedObjectDefinition.expected +++ b/c/misra/test/rules/RULE-2-8/UnusedObjectDefinition.expected @@ -1,12 +1,12 @@ -| test.c:6:5:6:6 | definition of g2 | Unused object 'g2'. | test.c:6:5:6:6 | test.c:6:5:6:6 | (ignored) | -| test.c:9:5:9:6 | definition of g3 | Unused object 'g3'. | test.c:9:5:9:6 | test.c:9:5:9:6 | (ignored) | -| test.c:20:7:20:8 | definition of l2 | Unused object 'l2'. | test.c:20:7:20:8 | test.c:20:7:20:8 | (ignored) | -| test.c:27:7:27:8 | definition of l5 | Unused object 'l5'. | test.c:27:7:27:8 | test.c:27:7:27:8 | (ignored) | -| test.c:37:10:37:11 | definition of g5 | Unused object 'g5'. | test.c:37:10:37:11 | test.c:37:10:37:11 | (ignored) | -| test.c:45:9:45:10 | definition of g6 | Unused object 'g6'. | test.c:45:9:45:10 | test.c:45:9:45:10 | (ignored) | -| test.c:51:5:51:6 | definition of g7 | Unused object 'g7'. | test.c:51:5:51:6 | test.c:51:5:51:6 | (ignored) | -| test.c:64:3:64:18 | ONLY_DEF_VAR(x) | Invocation of macro '$@' defines unused object 'l2'. | test.c:60:1:60:34 | test.c:60:1:60:34 | ONLY_DEF_VAR | -| test.c:68:1:71:5 | #define ALSO_DEF_VAR(x) int x = 0; while (1) ; | Macro 'ALSO_DEF_VAR' defines unused object with an invocation-dependent name, for example, '$@'. | test.c:73:16:73:17 | test.c:73:16:73:17 | l1 | -| test.c:77:1:82:3 | #define DEF_UNUSED_INNER_VAR() { int _v = 0; while (1) ; } | Macro 'DEF_UNUSED_INNER_VAR' defines unused object '_v'. | test.c:77:1:82:3 | test.c:77:1:82:3 | (ignored) | -| test.c:119:11:119:13 | definition of g10 | Unused object 'g10'. | test.c:119:11:119:13 | test.c:119:11:119:13 | (ignored) | -| test.c:124:13:124:14 | definition of l2 | Unused object 'l2'. | test.c:124:13:124:14 | test.c:124:13:124:14 | (ignored) | +| test.c:6:5:6:6 | definition of g2 | Unused object 'g2'. | test.c:6:5:6:6 | definition of g2 | (ignored) | +| test.c:9:5:9:6 | definition of g3 | Unused object 'g3'. | test.c:9:5:9:6 | definition of g3 | (ignored) | +| test.c:20:7:20:8 | definition of l2 | Unused object 'l2'. | test.c:20:7:20:8 | definition of l2 | (ignored) | +| test.c:27:7:27:8 | definition of l5 | Unused object 'l5'. | test.c:27:7:27:8 | definition of l5 | (ignored) | +| test.c:37:10:37:11 | definition of g5 | Unused object 'g5'. | test.c:37:10:37:11 | definition of g5 | (ignored) | +| test.c:45:9:45:10 | definition of g6 | Unused object 'g6'. | test.c:45:9:45:10 | definition of g6 | (ignored) | +| test.c:51:5:51:6 | definition of g7 | Unused object 'g7'. | test.c:51:5:51:6 | definition of g7 | (ignored) | +| test.c:64:3:64:18 | ONLY_DEF_VAR(x) | Invocation of macro '$@' defines unused object 'l2'. | test.c:60:1:60:34 | #define ONLY_DEF_VAR(x) int x = 0; | ONLY_DEF_VAR | +| test.c:68:1:71:5 | #define ALSO_DEF_VAR(x) int x = 0; while (1) ; | Macro 'ALSO_DEF_VAR' defines unused object with an invocation-dependent name, for example, '$@'. | test.c:73:16:73:17 | definition of l1 | l1 | +| test.c:77:1:82:3 | #define DEF_UNUSED_INNER_VAR() { int _v = 0; while (1) ; } | Macro 'DEF_UNUSED_INNER_VAR' defines unused object '_v'. | test.c:77:1:82:3 | #define DEF_UNUSED_INNER_VAR() { int _v = 0; while (1) ; } | (ignored) | +| test.c:119:11:119:13 | definition of g10 | Unused object 'g10'. | test.c:119:11:119:13 | definition of g10 | (ignored) | +| test.c:124:13:124:14 | definition of l2 | Unused object 'l2'. | test.c:124:13:124:14 | definition of l2 | (ignored) | diff --git a/c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionStrict.expected b/c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionStrict.expected index cf3c0b64e1..fa191e5d68 100644 --- a/c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionStrict.expected +++ b/c/misra/test/rules/RULE-2-8/UnusedObjectDefinitionStrict.expected @@ -1,4 +1,4 @@ -| test.c:87:29:87:30 | definition of g8 | Unused object 'g8'. | test.c:87:29:87:30 | test.c:87:29:87:30 | (ignored) | -| test.c:92:3:92:30 | ONLY_DEF_ATTR_UNUSED_VAR(x) | Invocation of macro '$@' defines unused object 'l2'. | test.c:88:1:88:70 | test.c:88:1:88:70 | ONLY_DEF_ATTR_UNUSED_VAR | -| test.c:96:1:99:5 | #define ALSO_DEF_ATTR_UNUSED_VAR(x) __attribute__((unused)) int x = 0; while (1) ; | Macro 'ALSO_DEF_ATTR_UNUSED_VAR' defines unused object with an invocation-dependent name, for example, '$@'. | test.c:101:28:101:29 | test.c:101:28:101:29 | l1 | -| test.c:106:1:111:3 | #define DEF_ATTR_UNUSED_INNER_VAR() { __attribute__((unused)) int _v = 0; while (1) ; } | Macro 'DEF_ATTR_UNUSED_INNER_VAR' defines unused object '_v'. | test.c:106:1:111:3 | test.c:106:1:111:3 | (ignored) | +| test.c:87:29:87:30 | definition of g8 | Unused object 'g8'. | test.c:87:29:87:30 | definition of g8 | (ignored) | +| test.c:92:3:92:30 | ONLY_DEF_ATTR_UNUSED_VAR(x) | Invocation of macro '$@' defines unused object 'l2'. | test.c:88:1:88:70 | #define ONLY_DEF_ATTR_UNUSED_VAR(x) __attribute__((unused)) int x = 0; | ONLY_DEF_ATTR_UNUSED_VAR | +| test.c:96:1:99:5 | #define ALSO_DEF_ATTR_UNUSED_VAR(x) __attribute__((unused)) int x = 0; while (1) ; | Macro 'ALSO_DEF_ATTR_UNUSED_VAR' defines unused object with an invocation-dependent name, for example, '$@'. | test.c:101:28:101:29 | definition of l1 | l1 | +| test.c:106:1:111:3 | #define DEF_ATTR_UNUSED_INNER_VAR() { __attribute__((unused)) int _v = 0; while (1) ; } | Macro 'DEF_ATTR_UNUSED_INNER_VAR' defines unused object '_v'. | test.c:106:1:111:3 | #define DEF_ATTR_UNUSED_INNER_VAR() { __attribute__((unused)) int _v = 0; while (1) ; } | (ignored) | diff --git a/c/misra/test/rules/RULE-23-1/GenericSelectionDoesntDependOnMacroArgument.expected b/c/misra/test/rules/RULE-23-1/GenericSelectionDoesntDependOnMacroArgument.expected new file mode 100644 index 0000000000..2534e47012 --- /dev/null +++ b/c/misra/test/rules/RULE-23-1/GenericSelectionDoesntDependOnMacroArgument.expected @@ -0,0 +1,3 @@ +| test.c:2:1:2:30 | #define M1 _Generic(1, int: 1) | Generic macro M1 uses controlling expr 1, which doesn't match any macro parameter. | +| test.c:4:1:4:33 | #define M2(X) _Generic(1, int: X) | Generic macro M2 uses controlling expr 1, which doesn't match any macro parameter. | +| test.c:18:1:18:38 | #define M9(X) g(_Generic((Y), int: 1)) | Generic macro M9 uses controlling expr (Y), which doesn't match any macro parameter. | diff --git a/c/misra/test/rules/RULE-23-1/GenericSelectionDoesntDependOnMacroArgument.qlref b/c/misra/test/rules/RULE-23-1/GenericSelectionDoesntDependOnMacroArgument.qlref new file mode 100644 index 0000000000..1ca5f792fa --- /dev/null +++ b/c/misra/test/rules/RULE-23-1/GenericSelectionDoesntDependOnMacroArgument.qlref @@ -0,0 +1 @@ +rules/RULE-23-1/GenericSelectionDoesntDependOnMacroArgument.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-23-1/GenericSelectionNotExpandedFromAMacro.expected b/c/misra/test/rules/RULE-23-1/GenericSelectionNotExpandedFromAMacro.expected new file mode 100644 index 0000000000..476a9320b8 --- /dev/null +++ b/c/misra/test/rules/RULE-23-1/GenericSelectionNotExpandedFromAMacro.expected @@ -0,0 +1 @@ +| test.c:21:3:21:21 | _Generic | Generic expression with controlling expression $@ is not expanded froma macro | test.c:21:12:21:12 | 1 | 1 | diff --git a/c/misra/test/rules/RULE-23-1/GenericSelectionNotExpandedFromAMacro.qlref b/c/misra/test/rules/RULE-23-1/GenericSelectionNotExpandedFromAMacro.qlref new file mode 100644 index 0000000000..59fae02b7f --- /dev/null +++ b/c/misra/test/rules/RULE-23-1/GenericSelectionNotExpandedFromAMacro.qlref @@ -0,0 +1 @@ +rules/RULE-23-1/GenericSelectionNotExpandedFromAMacro.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-23-1/test.c b/c/misra/test/rules/RULE-23-1/test.c new file mode 100644 index 0000000000..f27541dd38 --- /dev/null +++ b/c/misra/test/rules/RULE-23-1/test.c @@ -0,0 +1,25 @@ +// NON_COMPLIANT: +#define M1 _Generic(1, int: 1) +// NON_COMPLIANT: +#define M2(X) _Generic(1, int: X) +// COMPLIANT: +#define M3(X) _Generic((X), int: 1) +// COMPLIANT: +#define M4(X) _Generic((X), int: 1) +// COMPLIANT: +#define M5(X) _Generic((X + X), int: 1) +int f1(int a, int b); +// COMPLIANT: +#define M6(X) _Generic(f(1, (X)), int: 1) +#define M7(X) 1 + _Generic((X), int: 1) +// COMPLIANT: +#define M8(X) g(_Generic((X), int: 1)) +// NON_COMPLIANT: +#define M9(X) g(_Generic((Y), int: 1)) + +void f2() { + _Generic(1, int: 1); // NON_COMPLIANT + M1; // NON_COMPLIANT + M2(1); // NON_COMPLIANT + M3(1); // COMPLIANT +} diff --git a/c/misra/test/rules/RULE-23-2/GenericSelectionNotFromMacroWithSideEffects.expected b/c/misra/test/rules/RULE-23-2/GenericSelectionNotFromMacroWithSideEffects.expected new file mode 100644 index 0000000000..1abcb4f2bb --- /dev/null +++ b/c/misra/test/rules/RULE-23-2/GenericSelectionNotFromMacroWithSideEffects.expected @@ -0,0 +1,3 @@ +| test.c:4:1:4:37 | #define M2(X) _Generic((X)++, int: 1) | Generic selection macro M2 contains a side effect '... ++', which is not from macro invocation arguments. | test.c:4:1:4:37 | #define M2(X) _Generic((X)++, int: 1) | (ignored) | +| test.c:7:1:7:38 | #define M3(X) _Generic(l1++, int: (X)) | Generic selection macro M3 contains a side effect '... ++', which is not from macro invocation arguments. | test.c:7:1:7:38 | #define M3(X) _Generic(l1++, int: (X)) | (ignored) | +| test.c:42:1:44:24 | #define M5(X) static volatile l ## X; _Generic(l ## X, int: 1) | Generic selection in macro M5 contains an invocation-dependent side effect which is not from macro invocation arguments, for example $@. | test.c:47:3:47:7 | _Generic | side effect 'la' | diff --git a/c/misra/test/rules/RULE-23-2/GenericSelectionNotFromMacroWithSideEffects.qlref b/c/misra/test/rules/RULE-23-2/GenericSelectionNotFromMacroWithSideEffects.qlref new file mode 100644 index 0000000000..bb3e39a58c --- /dev/null +++ b/c/misra/test/rules/RULE-23-2/GenericSelectionNotFromMacroWithSideEffects.qlref @@ -0,0 +1 @@ +rules/RULE-23-2/GenericSelectionNotFromMacroWithSideEffects.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-23-2/test.c b/c/misra/test/rules/RULE-23-2/test.c new file mode 100644 index 0000000000..6a25e15189 --- /dev/null +++ b/c/misra/test/rules/RULE-23-2/test.c @@ -0,0 +1,49 @@ +#define M1(X) _Generic((X), int: 1) + +// NON_COMPLIANT: +#define M2(X) _Generic((X)++, int: 1) + +// NON_COMPLIANT: +#define M3(X) _Generic(l1++, int: (X)) + +// COMPLIANT: +#define M3_WRAPPER(X) M3(X) + +#define M4(X) _Generic((X)(), int: 1) + +void f1() { + int l1; + + _Generic(1, int: 1); // COMPLIANT + M1(1); // COMPLIANT + _Generic(l1, int: 1); // COMPLIANT + M1(l1); // COMPLIANT + + _Generic(l1++, + int: 1); // COMPLIANT: side effect is not from a macro argument. + M1(l1++); // COMPLIANT + M2(l1); // NON-COMPLIANT: at macro definition + M3(1); // NON-COMPLIANT: at macro definition + M3_WRAPPER(1); // NON-COMPLIANT: at definition of M3 +} + +int g1; +int pure() { return g1; } + +int impure() { return g1++; } + +void f2() { + M1(pure()); // COMPLIANT + M1(impure()); // COMPLIANT + M4(pure); // COMPLIANT + M4(impure); // NON_COMPLIANT[False negative] +} + +#define M5(X) \ + static volatile l##X; \ + _Generic(l##X, int: 1) + +void f3() { + M5(a); // NON-COMPLIANT + M5(b); // NON-COMPLIANT +} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-23-3/GenericWithoutNonDefaultAssociation.expected b/c/misra/test/rules/RULE-23-3/GenericWithoutNonDefaultAssociation.expected new file mode 100644 index 0000000000..50d6277e84 --- /dev/null +++ b/c/misra/test/rules/RULE-23-3/GenericWithoutNonDefaultAssociation.expected @@ -0,0 +1,2 @@ +| test.c:2:1:2:35 | #define M1 _Generic(1, default: 1); | Generic selection contains no non-default association. | +| test.c:14:3:14:25 | _Generic | Generic selection contains no non-default association. | diff --git a/c/misra/test/rules/RULE-23-3/GenericWithoutNonDefaultAssociation.qlref b/c/misra/test/rules/RULE-23-3/GenericWithoutNonDefaultAssociation.qlref new file mode 100644 index 0000000000..b44de9083e --- /dev/null +++ b/c/misra/test/rules/RULE-23-3/GenericWithoutNonDefaultAssociation.qlref @@ -0,0 +1 @@ +rules/RULE-23-3/GenericWithoutNonDefaultAssociation.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-23-3/test.c b/c/misra/test/rules/RULE-23-3/test.c new file mode 100644 index 0000000000..d3f093f242 --- /dev/null +++ b/c/misra/test/rules/RULE-23-3/test.c @@ -0,0 +1,23 @@ +// NON-COMPLIANT +#define M1 _Generic(1, default: 1); +// COMPLIANT +#define M2 _Generic(1, int: 1); +// COMPLIANT +#define M3 _Generic(1, int: 1, default: 1); +// COMPLIANT +#define M4 _Generic(1, int: 1, long: 1); + +void f() { + // Invalid generics: + // _Generic(1); + // _Generic(1, void: 1); + _Generic(1, default: 1); // NON-COMPLIANT + _Generic(1, int: 1); // COMPLIANT + _Generic(1, int: 1, default: 1); // COMPLIANT + _Generic(1, int: 1, long: 1); // COMPLIANT + + M1; + M2; + M3; + M4; +} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-23-4/GenericAssociationWithUnselectableType.expected b/c/misra/test/rules/RULE-23-4/GenericAssociationWithUnselectableType.expected new file mode 100644 index 0000000000..27030fc768 --- /dev/null +++ b/c/misra/test/rules/RULE-23-4/GenericAssociationWithUnselectableType.expected @@ -0,0 +1,13 @@ +| test.c:11:18:11:18 | 1 | Generic selection uses unselectable type 'const int', due to qualifiers removed'. | test.c:11:18:11:18 | 1 | side effect | +| test.c:12:21:12:21 | 1 | Generic selection uses unselectable type 'volatile int', due to qualifiers removed'. | test.c:12:21:12:21 | 1 | side effect | +| test.c:13:20:13:20 | 1 | Generic selection uses unselectable type '_Atomic(int)', due to qualifiers removed'. | test.c:13:20:13:20 | 1 | side effect | +| test.c:16:27:16:27 | 1 | Generic selection uses unselectable type 'const volatile int', due to qualifiers removed'. | test.c:16:27:16:27 | 1 | side effect | +| test.c:18:18:18:18 | 1 | Generic selection uses unselectable type '(unnamed class/struct/union)', due to containing an anonymous struct or union type'. | test.c:18:18:18:18 | 1 | side effect | +| test.c:19:20:19:20 | 1 | Generic selection uses unselectable type 'struct *', due to containing an anonymous struct or union type'. | test.c:19:20:19:20 | 1 | side effect | +| test.c:24:17:24:17 | 1 | Generic selection uses unselectable type '(unnamed class/struct/union)', due to containing an anonymous struct or union type'. | test.c:24:17:24:17 | 1 | side effect | +| test.c:25:19:25:19 | 1 | Generic selection uses unselectable type 'union *', due to containing an anonymous struct or union type'. | test.c:25:19:25:19 | 1 | side effect | +| test.c:31:15:31:15 | 1 | Generic selection uses unselectable type 'int[3]', due to array-to-pointer decay'. | test.c:31:15:31:15 | 1 | side effect | +| test.c:40:1:40:53 | #define M1(X) _Generic((X), const int: 1, default: 0) | Generic in macro M1 has unselectable type 'const int', due to qualifiers removed. | test.c:40:1:40:53 | #define M1(X) _Generic((X), const int: 1, default: 0) | (ignored) | +| test.c:42:1:42:46 | #define M2(X) _Generic(1, X[3]: 1, default: 0) | Generic in macro M2 has an invocation-dependent unselectable type, for example $@. | test.c:49:3:49:10 | 1 | 'char[3]', due to array-to-pointer decay | +| test.c:52:3:52:15 | M3(X) | Generic resulting from invocation of macro $@ contains an unselectable type 'const int', due to qualifiers removed. | test.c:44:1:44:43 | #define M3(X) _Generic(1, X: 1, default: 0) | M3 | +| test.c:64:18:64:18 | 1 | Generic selection uses unselectable type 'const_int', due to qualifiers removed'. | test.c:64:18:64:18 | 1 | side effect | diff --git a/c/misra/test/rules/RULE-23-4/GenericAssociationWithUnselectableType.qlref b/c/misra/test/rules/RULE-23-4/GenericAssociationWithUnselectableType.qlref new file mode 100644 index 0000000000..1214be7ce2 --- /dev/null +++ b/c/misra/test/rules/RULE-23-4/GenericAssociationWithUnselectableType.qlref @@ -0,0 +1 @@ +rules/RULE-23-4/GenericAssociationWithUnselectableType.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-23-4/test.c b/c/misra/test/rules/RULE-23-4/test.c new file mode 100644 index 0000000000..135ab4d0f7 --- /dev/null +++ b/c/misra/test/rules/RULE-23-4/test.c @@ -0,0 +1,73 @@ +typedef struct { +} empty_struct_t; +struct empty_struct {}; +typedef union { +} empty_union_t; +union empty_union {}; + +void f() { + _Generic(1, + int: 1, // COMPLIANT + const int: 1, // NON-COMPLIANT + volatile int: 1, // NON-COMPLIANT + _Atomic int: 1, // NON-COMPLIANT + int *: 1, // COMPLIANT + int const *: 1, // COMPLIANT + const volatile int: 1, // NON-COMPLIANT + int volatile const *: 1, // COMPLIANT + struct {}: 1, // NON-COMPLIANT + struct {} *: 1, // NON-COMPLIANT + empty_struct_t: 1, // COMPLIANT + struct empty_struct: 1, // COMPLIANT + empty_struct_t *: 1, // COMPLIANT + struct empty_struct *: 1, // COMPLIANT + union {}: 1, // NON-COMPLIANT + union {} *: 1, // NON-COMPLIANT + empty_union_t: 1, // COMPLIANT + union empty_union: 1, // COMPLIANT + empty_union_t *: 1, // COMPLIANT + union empty_union *: 1, // COMPLIANT + // int[]: 1, // compile error + int[3]: 1, // NON-COMPLIANT + int(*)[3]: 1, // COMPLIANT: pointer to array OK + // int (int*): 1, // compile error + int (*)(int *): 1, // COMPLIANT: function pointers OK + default: 1 // COMPLIANT + ); +} + +// NON-COMPLIANT +#define M1(X) _Generic((X), const int: 1, default: 0) +// NON-COMPLIANT +#define M2(X) _Generic(1, X[3]: 1, default: 0) +// COMPLIANT +#define M3(X) _Generic(1, X: 1, default: 0) + +void f2() { + M1(1); + M2(int); + M2(char); + + M3(int); // COMPLIANT + M3(const int); // NON-COMPLIANT +} + +typedef int int_t; +typedef int *int_ptr; +const typedef int const_int; +const typedef int *const_int_ptr; +typedef long const *long_const_ptr; + +void f3() { + _Generic(1, + int_t: 1, // COMPLIANT + const_int: 1, // NON-COMPLIANT + const_int_ptr: 1, // COMPLIANT + long_const_ptr: 1, // COMPLIANT + const int_ptr: 1, // COMPLIANT + default: 1 // COMPLIANT + ); +} + +// Type written here so it gets added to the database, see LvalueConversion.qll. +char *g; \ No newline at end of file diff --git a/c/misra/test/rules/RULE-23-5/DangerousDefaultSelectionForPointerInGeneric.expected b/c/misra/test/rules/RULE-23-5/DangerousDefaultSelectionForPointerInGeneric.expected new file mode 100644 index 0000000000..994d55968c --- /dev/null +++ b/c/misra/test/rules/RULE-23-5/DangerousDefaultSelectionForPointerInGeneric.expected @@ -0,0 +1,84 @@ +| test.c:41:3:41:44 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const int *. | test.c:41:3:41:44 | _Generic | | +| test.c:42:3:42:47 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to volatile int *. | test.c:42:3:42:47 | _Generic | | +| test.c:43:3:43:53 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const volatile int *. | test.c:43:3:43:53 | _Generic | | +| test.c:44:3:44:39 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to void *. | test.c:44:3:44:39 | _Generic | | +| test.c:45:3:45:45 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const void *. | test.c:45:3:45:45 | _Generic | | +| test.c:46:3:46:54 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const volatile void *. | test.c:46:3:46:54 | _Generic | | +| test.c:48:3:48:38 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to int *. | test.c:48:3:48:38 | _Generic | | +| test.c:50:3:50:39 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to void *. | test.c:50:3:50:39 | _Generic | | +| test.c:51:3:51:45 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to const void *. | test.c:51:3:51:45 | _Generic | | +| test.c:52:3:52:54 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to const volatile void *. | test.c:52:3:52:54 | _Generic | | +| test.c:57:3:57:53 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to const volatile int *. | test.c:57:3:57:53 | _Generic | | +| test.c:59:3:59:38 | _Generic | Generic matched default selection, as controlling argument type volatile int * does not undergo pointer conversion to int *. | test.c:59:3:59:38 | _Generic | | +| test.c:61:3:61:53 | _Generic | Generic matched default selection, as controlling argument type volatile int * does not undergo pointer conversion to const volatile int *. | test.c:61:3:61:53 | _Generic | | +| test.c:62:3:62:39 | _Generic | Generic matched default selection, as controlling argument type volatile int * does not undergo pointer conversion to void *. | test.c:62:3:62:39 | _Generic | | +| test.c:63:3:63:54 | _Generic | Generic matched default selection, as controlling argument type volatile int * does not undergo pointer conversion to const volatile void *. | test.c:63:3:63:54 | _Generic | | +| test.c:69:3:69:38 | _Generic | Generic matched default selection, as controlling argument type const volatile int * does not undergo pointer conversion to int *. | test.c:69:3:69:38 | _Generic | | +| test.c:70:3:70:44 | _Generic | Generic matched default selection, as controlling argument type const volatile int * does not undergo pointer conversion to const int *. | test.c:70:3:70:44 | _Generic | | +| test.c:71:3:71:47 | _Generic | Generic matched default selection, as controlling argument type const volatile int * does not undergo pointer conversion to volatile int *. | test.c:71:3:71:47 | _Generic | | +| test.c:73:3:73:39 | _Generic | Generic matched default selection, as controlling argument type const volatile int * does not undergo pointer conversion to void *. | test.c:73:3:73:39 | _Generic | | +| test.c:74:3:74:45 | _Generic | Generic matched default selection, as controlling argument type const volatile int * does not undergo pointer conversion to const void *. | test.c:74:3:74:45 | _Generic | | +| test.c:75:3:75:54 | _Generic | Generic matched default selection, as controlling argument type const volatile int * does not undergo pointer conversion to const volatile void *. | test.c:75:3:75:54 | _Generic | | +| test.c:77:3:77:38 | _Generic | Generic matched default selection, as controlling argument type void * does not undergo pointer conversion to int *. | test.c:77:3:77:38 | _Generic | | +| test.c:78:3:78:44 | _Generic | Generic matched default selection, as controlling argument type void * does not undergo pointer conversion to const int *. | test.c:78:3:78:44 | _Generic | | +| test.c:79:3:79:47 | _Generic | Generic matched default selection, as controlling argument type void * does not undergo pointer conversion to volatile int *. | test.c:79:3:79:47 | _Generic | | +| test.c:80:3:80:53 | _Generic | Generic matched default selection, as controlling argument type void * does not undergo pointer conversion to const volatile int *. | test.c:80:3:80:53 | _Generic | | +| test.c:82:3:82:45 | _Generic | Generic matched default selection, as controlling argument type void * does not undergo pointer conversion to const void *. | test.c:82:3:82:45 | _Generic | | +| test.c:83:3:83:54 | _Generic | Generic matched default selection, as controlling argument type void * does not undergo pointer conversion to const volatile void *. | test.c:83:3:83:54 | _Generic | | +| test.c:85:3:85:38 | _Generic | Generic matched default selection, as controlling argument type const void * does not undergo pointer conversion to int *. | test.c:85:3:85:38 | _Generic | | +| test.c:86:3:86:44 | _Generic | Generic matched default selection, as controlling argument type const void * does not undergo pointer conversion to const int *. | test.c:86:3:86:44 | _Generic | | +| test.c:87:3:87:53 | _Generic | Generic matched default selection, as controlling argument type const void * does not undergo pointer conversion to const volatile int *. | test.c:87:3:87:53 | _Generic | | +| test.c:88:3:88:39 | _Generic | Generic matched default selection, as controlling argument type const void * does not undergo pointer conversion to void *. | test.c:88:3:88:39 | _Generic | | +| test.c:90:3:90:54 | _Generic | Generic matched default selection, as controlling argument type const void * does not undergo pointer conversion to const volatile void *. | test.c:90:3:90:54 | _Generic | | +| test.c:94:3:94:38 | _Generic | Generic matched default selection, as controlling argument type const volatile void * does not undergo pointer conversion to int *. | test.c:94:3:94:38 | _Generic | | +| test.c:95:3:95:44 | _Generic | Generic matched default selection, as controlling argument type const volatile void * does not undergo pointer conversion to const int *. | test.c:95:3:95:44 | _Generic | | +| test.c:96:3:96:47 | _Generic | Generic matched default selection, as controlling argument type const volatile void * does not undergo pointer conversion to volatile int *. | test.c:96:3:96:47 | _Generic | | +| test.c:97:3:97:53 | _Generic | Generic matched default selection, as controlling argument type const volatile void * does not undergo pointer conversion to const volatile int *. | test.c:97:3:97:53 | _Generic | | +| test.c:98:3:98:39 | _Generic | Generic matched default selection, as controlling argument type const volatile void * does not undergo pointer conversion to void *. | test.c:98:3:98:39 | _Generic | | +| test.c:99:3:99:45 | _Generic | Generic matched default selection, as controlling argument type const volatile void * does not undergo pointer conversion to const void *. | test.c:99:3:99:45 | _Generic | | +| test.c:119:3:119:45 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const int *. | test.c:119:3:119:45 | _Generic | | +| test.c:120:3:120:48 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to volatile int *. | test.c:120:3:120:48 | _Generic | | +| test.c:121:3:121:54 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const volatile int *. | test.c:121:3:121:54 | _Generic | | +| test.c:122:3:122:40 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to void *. | test.c:122:3:122:40 | _Generic | | +| test.c:123:3:123:46 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const void *. | test.c:123:3:123:46 | _Generic | | +| test.c:124:3:124:55 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const volatile void *. | test.c:124:3:124:55 | _Generic | | +| test.c:126:3:126:39 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to int *. | test.c:126:3:126:39 | _Generic | | +| test.c:128:3:128:40 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to void *. | test.c:128:3:128:40 | _Generic | | +| test.c:129:3:129:46 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to const void *. | test.c:129:3:129:46 | _Generic | | +| test.c:130:3:130:55 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to const volatile void *. | test.c:130:3:130:55 | _Generic | | +| test.c:135:3:135:54 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to const volatile int *. | test.c:135:3:135:54 | _Generic | | +| test.c:137:3:137:39 | _Generic | Generic matched default selection, as controlling argument type volatile int * does not undergo pointer conversion to int *. | test.c:137:3:137:39 | _Generic | | +| test.c:139:3:139:54 | _Generic | Generic matched default selection, as controlling argument type volatile int * does not undergo pointer conversion to const volatile int *. | test.c:139:3:139:54 | _Generic | | +| test.c:140:3:140:40 | _Generic | Generic matched default selection, as controlling argument type volatile int * does not undergo pointer conversion to void *. | test.c:140:3:140:40 | _Generic | | +| test.c:141:3:141:55 | _Generic | Generic matched default selection, as controlling argument type volatile int * does not undergo pointer conversion to const volatile void *. | test.c:141:3:141:55 | _Generic | | +| test.c:147:3:147:39 | _Generic | Generic matched default selection, as controlling argument type const volatile int * does not undergo pointer conversion to int *. | test.c:147:3:147:39 | _Generic | | +| test.c:148:3:148:45 | _Generic | Generic matched default selection, as controlling argument type const volatile int * does not undergo pointer conversion to const int *. | test.c:148:3:148:45 | _Generic | | +| test.c:149:3:149:48 | _Generic | Generic matched default selection, as controlling argument type const volatile int * does not undergo pointer conversion to volatile int *. | test.c:149:3:149:48 | _Generic | | +| test.c:151:3:151:40 | _Generic | Generic matched default selection, as controlling argument type const volatile int * does not undergo pointer conversion to void *. | test.c:151:3:151:40 | _Generic | | +| test.c:152:3:152:46 | _Generic | Generic matched default selection, as controlling argument type const volatile int * does not undergo pointer conversion to const void *. | test.c:152:3:152:46 | _Generic | | +| test.c:153:3:153:55 | _Generic | Generic matched default selection, as controlling argument type const volatile int * does not undergo pointer conversion to const volatile void *. | test.c:153:3:153:55 | _Generic | | +| test.c:156:3:156:45 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const int *. | test.c:156:3:156:45 | _Generic | | +| test.c:157:3:157:48 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to volatile int *. | test.c:157:3:157:48 | _Generic | | +| test.c:158:3:158:54 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const volatile int *. | test.c:158:3:158:54 | _Generic | | +| test.c:159:3:159:40 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to void *. | test.c:159:3:159:40 | _Generic | | +| test.c:160:3:160:46 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const void *. | test.c:160:3:160:46 | _Generic | | +| test.c:161:3:161:55 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const volatile void *. | test.c:161:3:161:55 | _Generic | | +| test.c:163:3:163:39 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to int *. | test.c:163:3:163:39 | _Generic | | +| test.c:165:3:165:40 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to void *. | test.c:165:3:165:40 | _Generic | | +| test.c:166:3:166:46 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to const void *. | test.c:166:3:166:46 | _Generic | | +| test.c:167:3:167:55 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to const volatile void *. | test.c:167:3:167:55 | _Generic | | +| test.c:172:3:172:54 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to const volatile int *. | test.c:172:3:172:54 | _Generic | | +| test.c:180:3:180:48 | _Generic | Generic matched default selection, as controlling argument type int(*)[3] does not undergo pointer conversion to int(*const)[3]. | test.c:180:3:180:48 | _Generic | | +| test.c:188:3:191:18 | _Generic | Generic matched default selection, as controlling argument type int(*)[3] does not undergo pointer conversion to int(*const)[3]. | test.c:188:3:191:18 | _Generic | | +| test.c:200:3:200:47 | _Generic | Generic matched default selection, as controlling argument type void * does not undergo pointer conversion to int *. | test.c:200:3:200:47 | _Generic | | +| test.c:201:3:201:47 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to void *. | test.c:201:3:201:47 | _Generic | | +| test.c:215:3:215:44 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const int *. | test.c:215:3:215:44 | _Generic | | +| test.c:216:3:216:46 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const int_t *. | test.c:216:3:216:46 | _Generic | | +| test.c:217:3:217:42 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to c_int_t *. | test.c:217:3:217:42 | _Generic | | +| test.c:221:3:221:45 | _Generic | Generic matched default selection, as controlling argument type int_t * does not undergo pointer conversion to const int *. | test.c:221:3:221:45 | _Generic | | +| test.c:222:3:222:47 | _Generic | Generic matched default selection, as controlling argument type int_t * does not undergo pointer conversion to const int_t *. | test.c:222:3:222:47 | _Generic | | +| test.c:223:3:223:43 | _Generic | Generic matched default selection, as controlling argument type int_t * does not undergo pointer conversion to c_int_t *. | test.c:223:3:223:43 | _Generic | | +| test.c:225:3:225:38 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to int *. | test.c:225:3:225:38 | _Generic | | +| test.c:226:3:226:40 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to int_t *. | test.c:226:3:226:40 | _Generic | | +| test.c:231:3:231:39 | _Generic | Generic matched default selection, as controlling argument type c_int_t * does not undergo pointer conversion to int *. | test.c:231:3:231:39 | _Generic | | +| test.c:232:3:232:41 | _Generic | Generic matched default selection, as controlling argument type c_int_t * does not undergo pointer conversion to int_t *. | test.c:232:3:232:41 | _Generic | | diff --git a/c/misra/test/rules/RULE-23-5/DangerousDefaultSelectionForPointerInGeneric.qlref b/c/misra/test/rules/RULE-23-5/DangerousDefaultSelectionForPointerInGeneric.qlref new file mode 100644 index 0000000000..c6b02b6273 --- /dev/null +++ b/c/misra/test/rules/RULE-23-5/DangerousDefaultSelectionForPointerInGeneric.qlref @@ -0,0 +1 @@ +rules/RULE-23-5/DangerousDefaultSelectionForPointerInGeneric.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-23-5/test.c b/c/misra/test/rules/RULE-23-5/test.c new file mode 100644 index 0000000000..d9e140f0af --- /dev/null +++ b/c/misra/test/rules/RULE-23-5/test.c @@ -0,0 +1,236 @@ +void f1(); + +void f2() { + int l1; + int *l2; + const int *l3; + volatile int *l4; + volatile const int *l5; + void *l6; + const void *l7; + volatile void *l8; + const volatile void *l9; + + // No violation for missing pointer/integral conversions: + _Generic(l1, // COMPLIANT + int *: f1, + const int *: f1, + volatile int *: f1, + void *: f1, + const void *: f1, + default: f1); // COMPLIANT + _Generic(l2, int: f1, default: f1); // COMPLIANT + _Generic(l3, int: f1, default: f1); // COMPLIANT + _Generic(l4, int: f1, default: f1); // COMPLIANT + _Generic(l5, int: f1, default: f1); // COMPLIANT + + // Compliant, default case is not matched + _Generic(l1, int: f1); // COMPLIANT + _Generic(l2, int *: f1); // COMPLIANT + _Generic(l3, const int *: f1); // COMPLIANT + _Generic(l4, volatile int *: f1); // COMPLIANT + _Generic(l5, volatile const int *: f1); // COMPLIANT + _Generic(l6, void *: f1); // COMPLIANT + _Generic(l7, const void *: f1); // COMPLIANT + _Generic(l8, volatile void *: f1); // COMPLIANT + _Generic(l9, const volatile void *: f1); // COMPLIANT + + // Violation, match default case due to lack of pointer to pointer + // conversions: + _Generic(l2, int *: f1, default: f1); // COMPLIANT + _Generic(l2, const int *: f1, default: f1); // NON-COMPLIANT + _Generic(l2, volatile int *: f1, default: f1); // NON-COMPLIANT + _Generic(l2, const volatile int *: f1, default: f1); // NON-COMPLIANT + _Generic(l2, void *: f1, default: f1); // NON-COMPLIANT + _Generic(l2, const void *: f1, default: f1); // NON-COMPLIANT + _Generic(l2, const volatile void *: f1, default: f1); // NON-COMPLIANT + + _Generic(l3, int *: f1, default: f1); // NON-COMPLIANT + _Generic(l3, const int *: f1, default: f1); // COMPLIANT + _Generic(l3, void *: f1, default: f1); // NON-COMPLIANT + _Generic(l3, const void *: f1, default: f1); // NON-COMPLIANT + _Generic(l3, const volatile void *: f1, default: f1); // NON-COMPLIANT + // Obviously not volatile: + _Generic(l3, volatile int *: f1, default: f1); // COMPLIANT + // Debatable, but volatile const int* is assignable to const int* so its + // considered risky + _Generic(l3, const volatile int *: f1, default: f1); // NON-COMPLIANT + + _Generic(l4, int *: f1, default: f1); // NON-COMPLIANT + _Generic(l4, volatile int *: f1, default: f1); // COMPLIANT + _Generic(l4, const volatile int *: f1, default: f1); // NON-COMPLIANT + _Generic(l4, void *: f1, default: f1); // NON-COMPLIANT + _Generic(l4, const volatile void *: f1, default: f1); // NON-COMPLIANT + // Debatable, but volatile int* isn't assignable to const int* or vice versa. + _Generic(l4, const int *: f1, default: f1); // COMPLIANT + // Debatable, but volatile int* isn't assignable to const void* or vice versa. + _Generic(l4, const void *: f1, default: f1); // COMPLIANT + + _Generic(l5, int *: f1, default: f1); // NON-COMPLIANT + _Generic(l5, const int *: f1, default: f1); // NON-COMPLIANT + _Generic(l5, volatile int *: f1, default: f1); // NON-COMPLIANT + _Generic(l5, const volatile int *: f1, default: f1); // COMPLIANT + _Generic(l5, void *: f1, default: f1); // NON-COMPLIANT + _Generic(l5, const void *: f1, default: f1); // NON-COMPLIANT + _Generic(l5, const volatile void *: f1, default: f1); // NON-COMPLIANT + + _Generic(l6, int *: f1, default: f1); // NON-COMPLIANT + _Generic(l6, const int *: f1, default: f1); // NON-COMPLIANT + _Generic(l6, volatile int *: f1, default: f1); // NON-COMPLIANT + _Generic(l6, const volatile int *: f1, default: f1); // NON-COMPLIANT + _Generic(l6, void *: f1, default: f1); // COMPLIANT + _Generic(l6, const void *: f1, default: f1); // NON-COMPLIANT + _Generic(l6, const volatile void *: f1, default: f1); // NON-COMPLIANT + + _Generic(l7, int *: f1, default: f1); // NON-COMPLIANT + _Generic(l7, const int *: f1, default: f1); // NON-COMPLIANT + _Generic(l7, const volatile int *: f1, default: f1); // NON-COMPLIANT + _Generic(l7, void *: f1, default: f1); // NON-COMPLIANT + _Generic(l7, const void *: f1, default: f1); // COMPLIANT + _Generic(l7, const volatile void *: f1, default: f1); // NON-COMPLIANT + // Debatable, but const void* isn't assignable to volatile int* or vice versa. + _Generic(l7, volatile int *: f1, default: f1); // COMPLIANT + + _Generic(l9, int *: f1, default: f1); // NON-COMPLIANT + _Generic(l9, const int *: f1, default: f1); // NON-COMPLIANT + _Generic(l9, volatile int *: f1, default: f1); // NON-COMPLIANT + _Generic(l9, const volatile int *: f1, default: f1); // NON-COMPLIANT + _Generic(l9, void *: f1, default: f1); // NON-COMPLIANT + _Generic(l9, const void *: f1, default: f1); // NON-COMPLIANT + _Generic(l9, const volatile void *: f1, default: f1); // COMPLIANT + + /** + * Edge case 1: The controlling expression undergoes lvalue conversion, so + * arrays become pointers and qualifiers on pointers are stripped. + */ + int l10[3]; + const int l11[3]; + volatile int l12[3]; + const volatile int l13[3]; + int *const l14; + const int *const l15; + + _Generic(l10, int *: f1, default: f1); // COMPLIANT + _Generic(l11, const int *: f1, default: f1); // COMPLIANT + _Generic(l12, volatile int *: f1, default: f1); // COMPLIANT + _Generic(l13, const volatile int *: f1, default: f1); // COMPLIANT + + _Generic(l10, int *: f1, default: f1); // COMPLIANT + _Generic(l10, const int *: f1, default: f1); // NON-COMPLIANT + _Generic(l10, volatile int *: f1, default: f1); // NON-COMPLIANT + _Generic(l10, const volatile int *: f1, default: f1); // NON-COMPLIANT + _Generic(l10, void *: f1, default: f1); // NON-COMPLIANT + _Generic(l10, const void *: f1, default: f1); // NON-COMPLIANT + _Generic(l10, const volatile void *: f1, default: f1); // NON-COMPLIANT + + _Generic(l11, int *: f1, default: f1); // NON-COMPLIANT + _Generic(l11, const int *: f1, default: f1); // COMPLIANT + _Generic(l11, void *: f1, default: f1); // NON-COMPLIANT + _Generic(l11, const void *: f1, default: f1); // NON-COMPLIANT + _Generic(l11, const volatile void *: f1, default: f1); // NON-COMPLIANT + // Obviously not volatile: + _Generic(l11, volatile int *: f1, default: f1); // COMPLIANT + // Debatable, but volatile const int* is assignable to const int* so its + // considered risky + _Generic(l11, const volatile int *: f1, default: f1); // NON-COMPLIANT + + _Generic(l12, int *: f1, default: f1); // NON-COMPLIANT + _Generic(l12, volatile int *: f1, default: f1); // COMPLIANT + _Generic(l12, const volatile int *: f1, default: f1); // NON-COMPLIANT + _Generic(l12, void *: f1, default: f1); // NON-COMPLIANT + _Generic(l12, const volatile void *: f1, default: f1); // NON-COMPLIANT + // Debatab12e, but volatile int* isn't assignable to const int* or vice versa. + _Generic(l12, const int *: f1, default: f1); // COMPLIANT + // Debatable, but volatile int* isn't assignable to const void* or vice versa. + _Generic(l12, const void *: f1, default: f1); // COMPLIANT + + _Generic(l13, int *: f1, default: f1); // NON-COMPLIANT + _Generic(l13, const int *: f1, default: f1); // NON-COMPLIANT + _Generic(l13, volatile int *: f1, default: f1); // NON-COMPLIANT + _Generic(l13, const volatile int *: f1, default: f1); // COMPLIANT + _Generic(l13, void *: f1, default: f1); // NON-COMPLIANT + _Generic(l13, const void *: f1, default: f1); // NON-COMPLIANT + _Generic(l13, const volatile void *: f1, default: f1); // NON-COMPLIANT + + _Generic(l14, int *: f1, default: f1); // COMPLIANT + _Generic(l14, const int *: f1, default: f1); // NON-COMPLIANT + _Generic(l14, volatile int *: f1, default: f1); // NON-COMPLIANT + _Generic(l14, const volatile int *: f1, default: f1); // NON-COMPLIANT + _Generic(l14, void *: f1, default: f1); // NON-COMPLIANT + _Generic(l14, const void *: f1, default: f1); // NON-COMPLIANT + _Generic(l14, const volatile void *: f1, default: f1); // NON-COMPLIANT + + _Generic(l15, int *: f1, default: f1); // NON-COMPLIANT + _Generic(l15, const int *: f1, default: f1); // COMPLIANT + _Generic(l15, void *: f1, default: f1); // NON-COMPLIANT + _Generic(l15, const void *: f1, default: f1); // NON-COMPLIANT + _Generic(l15, const volatile void *: f1, default: f1); // NON-COMPLIANT + // Obviously not volatile: + _Generic(l15, volatile int *: f1, default: f1); // COMPLIANT + // Debatable, but volatile const int* is assignable to const int* so its + // considered risky + _Generic(l15, const volatile int *: f1, default: f1); // NON-COMPLIANT + + /** + * Edge case 2: Types don't have to be identical to be compatible. + */ + int(*l16)[3]; + + // This is a risky conversion that should be reported: + _Generic(l16, int(*const)[3]: f1, default: f1); // NON-COMPLIANT + // However, in this one, there is a match on the second selector, because it + // it is an array type with a compatible element type, and sizes only have to + // match if both arrays have a constant size. Therefore, the default selector + // is not chosen and this is not a violation. + _Generic(l16, int(*const)[3]: f1, int(*)[]: f1, default: f1); // COMPLIANT + // In this case, the second selector is not a compatible type because the + // array has a constant size that doesn't match, and this should be reported. + _Generic(l16, + int(*const)[3]: f1, + int(*)[4]: f1, + default: f1); // NON-COMPLIANT + + /** + * Edge case 3: Conversion on _Generic, make sure we use the fully converted + * type when considering compliance. + */ + int *l17; + void *l18; + _Generic((void *)l17, void *: f1, default: f1); // COMPLIANT + _Generic((void *)l17, int *: f1, default: f1); // NON-COMPLIANT + _Generic((int *)l18, void *: f1, default: f1); // NON-COMPLIANT + _Generic((int *)l18, int *: f1, default: f1); // COMPLIANT + + /** + * Edge case 4: Typedefs must be resolved properly. + */ + typedef int int_t; + const typedef int c_int_t; + int_t *l19; + c_int_t *l20; + volatile c_int_t *l21; + + _Generic(l2, int *: f1, default: f1); // COMPLIANT + _Generic(l2, int_t *: f1, default: f1); // COMPLIANT + _Generic(l2, const int *: f1, default: f1); // NON-COMPLIANT + _Generic(l2, const int_t *: f1, default: f1); // NON-COMPLIANT + _Generic(l2, c_int_t *: f1, default: f1); // NON-COMPLIANT + + _Generic(l19, int *: f1, default: f1); // COMPLIANT + _Generic(l19, int_t *: f1, default: f1); // COMPLIANT + _Generic(l19, const int *: f1, default: f1); // NON-COMPLIANT + _Generic(l19, const int_t *: f1, default: f1); // NON-COMPLIANT + _Generic(l19, c_int_t *: f1, default: f1); // NON-COMPLIANT + + _Generic(l3, int *: f1, default: f1); // NON-COMPLIANT + _Generic(l3, int_t *: f1, default: f1); // NON-COMPLIANT + _Generic(l3, const int *: f1, default: f1); // COMPLIANT + _Generic(l3, const int_t *: f1, default: f1); // COMPLIANT + _Generic(l3, c_int_t *: f1, default: f1); // COMPLIANT + + _Generic(l20, int *: f1, default: f1); // NON-COMPLIANT + _Generic(l20, int_t *: f1, default: f1); // NON-COMPLIANT + _Generic(l20, const int *: f1, default: f1); // COMPLIANT + _Generic(l20, const int_t *: f1, default: f1); // COMPLIANT + _Generic(l20, c_int_t *: f1, default: f1); // COMPLIANT +} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-23-6/GenericExpressionWithIncorrectEssentialType.expected b/c/misra/test/rules/RULE-23-6/GenericExpressionWithIncorrectEssentialType.expected new file mode 100644 index 0000000000..1cdcc82698 --- /dev/null +++ b/c/misra/test/rules/RULE-23-6/GenericExpressionWithIncorrectEssentialType.expected @@ -0,0 +1,4 @@ +| test.c:11:3:11:8 | _Generic | Controlling expression in generic macro $@ has standard type (unnamed enum), which doesn't match its essential type (unnamed enum). | test.c:6:1:6:71 | #define M1(X) _Generic((X), int: 1, unsigned int: 1, short: 2, long: 3) | M1 | +| test.c:15:3:15:13 | _Generic | Controlling expression in generic macro $@ has standard type int, which doesn't match its essential type short. | test.c:6:1:6:71 | #define M1(X) _Generic((X), int: 1, unsigned int: 1, short: 2, long: 3) | M1 | +| test.c:18:3:18:23 | _Generic | Controlling expression in generic has standard type int, which doesn't match its essential type char. | test.c:18:3:18:23 | _Generic | | +| test.c:19:3:19:53 | _Generic | Controlling expression in generic has standard type int, which doesn't match its essential type short. | test.c:19:3:19:53 | _Generic | | diff --git a/c/misra/test/rules/RULE-23-6/GenericExpressionWithIncorrectEssentialType.qlref b/c/misra/test/rules/RULE-23-6/GenericExpressionWithIncorrectEssentialType.qlref new file mode 100644 index 0000000000..b91bbefec6 --- /dev/null +++ b/c/misra/test/rules/RULE-23-6/GenericExpressionWithIncorrectEssentialType.qlref @@ -0,0 +1 @@ +rules/RULE-23-6/GenericExpressionWithIncorrectEssentialType.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-23-6/test.c b/c/misra/test/rules/RULE-23-6/test.c new file mode 100644 index 0000000000..7d59c1e199 --- /dev/null +++ b/c/misra/test/rules/RULE-23-6/test.c @@ -0,0 +1,33 @@ +short l1; +int l2; +long l3; +enum { E1 } l4; + +#define M1(X) _Generic((X), int: 1, unsigned int: 1, short: 2, long: 3) +void f1() { + M1(l1); // COMPLIANT + M1(l2); // COMPLIANT + M1(l3); // COMPLIANT + M1(l4); // NON-COMPLIANT + + M1(1); // COMPLIANT + M1(1u); // COMPLIANT + M1(l1 + l1); // NON-COMPLIANT + M1((int)(l1 + l1)); // COMPLIANT + M1('c'); // NON-COMPLIANT[false negative] + _Generic('c', int: 1); // NON-COMPLIANT + _Generic(_Generic(0, default: l1 + l1), default: 1); // NON-COMPLIANT + _Generic(((short)_Generic(0, default: (l1 + l1))), default: 1); // COMPLIANT +} + +void f2() { + // Edge case: lvalue conversion of a const struct yields an implicit + // conversion to a non-const struct which is ignored by EssentialTypes.qll, + // meaning the essential type does not match the static type. However, we + // shouldn't report an issue here as the static/essential types are not one + // of the essential type categories. + struct S1 { + int m1; + }; + _Generic((const struct S1){.m1 = 0}, default: 1); +} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-23-7/InvalidGenericMacroArgumentEvaluation.expected b/c/misra/test/rules/RULE-23-7/InvalidGenericMacroArgumentEvaluation.expected new file mode 100644 index 0000000000..57eecd6be8 --- /dev/null +++ b/c/misra/test/rules/RULE-23-7/InvalidGenericMacroArgumentEvaluation.expected @@ -0,0 +1,12 @@ +| test.c:9:1:9:51 | #define M3(X) _Generic((X), int: f1(X), default: 0) | Generic macro M3 may have unexpected behavior from side effects in parameter X, as it is not expanded in generic selection 2. | +| test.c:10:1:10:61 | #define M4(X) (X) + _Generic((X), int: f1(X), default: f1(X)) | Generic macro M4 may have unexpected behavior from side effects in parameter X, as it is expanded outside the generic selection and inside the generic selection. | +| test.c:11:1:11:61 | #define M5(X) _Generic((X), int: f1(X), default: f1(X)) + (X) | Generic macro M5 may have unexpected behavior from side effects in parameter X, as it is expanded outside the generic selection and inside the generic selection. | +| test.c:12:1:12:63 | #define M6(X) _Generic((X), int: f1((X) + (X)), default: f1(X)) | Generic macro M6 may have unexpected behavior from side effects in parameter X, as it is expanded in generic selection 1 more than once. | +| test.c:21:1:21:36 | #define M9(X) _Generic((X), int: f1) | Generic macro M9 may have unexpected behavior from side effects in parameter X, as it is not expanded in generic selection 1. | +| test.c:23:1:23:40 | #define M10(X) _Generic((X), int: f1(1)) | Generic macro M10 may have unexpected behavior from side effects in parameter X, as it is not expanded in generic selection 1. | +| test.c:32:1:32:58 | #define M12(X) _Generic((X) + (X), int: f1(X), default: 1) | Generic macro M12 may have unexpected behavior from side effects in parameter X, as it is not expanded in generic selection 2. | +| test.c:33:1:33:68 | #define M13(X) _Generic((X) + (X), int: f1(X), default: f1(X)) + (X) | Generic macro M13 may have unexpected behavior from side effects in parameter X, as it is expanded outside the generic selection and inside the generic selection. | +| test.c:43:1:43:77 | #define M17(X,Y) _Generic((X) + (Y), int: f2((X), (Y)), default: f2((X), 1)) | Generic macro M17 may have unexpected behavior from side effects in parameter Y, as it is not expanded in generic selection 2. | +| test.c:67:1:67:78 | #define M26(X) _Generic((X), int: IGNORE_2ND(X, X), default: IGNORE_2ND(X, X)) | Generic macro M26 may have unexpected behavior from side effects in parameter X, as it is expanded in generic selection 1 more than once. | +| test.c:67:1:67:78 | #define M26(X) _Generic((X), int: IGNORE_2ND(X, X), default: IGNORE_2ND(X, X)) | Generic macro M26 may have unexpected behavior from side effects in parameter X, as it is expanded in generic selection 2 more than once. | +| test.c:68:1:68:75 | #define M27(X) _Generic((X), int: f1(IGNORE(X)), default: f1(IGNORE(X)))(X) | Generic macro M27 may have unexpected behavior from side effects in parameter X, as it is expanded outside the generic selection and inside the generic selection. | diff --git a/c/misra/test/rules/RULE-23-7/InvalidGenericMacroArgumentEvaluation.qlref b/c/misra/test/rules/RULE-23-7/InvalidGenericMacroArgumentEvaluation.qlref new file mode 100644 index 0000000000..3156bdce91 --- /dev/null +++ b/c/misra/test/rules/RULE-23-7/InvalidGenericMacroArgumentEvaluation.qlref @@ -0,0 +1 @@ +rules/RULE-23-7/InvalidGenericMacroArgumentEvaluation.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-23-7/test.c b/c/misra/test/rules/RULE-23-7/test.c new file mode 100644 index 0000000000..41a5d6ab6c --- /dev/null +++ b/c/misra/test/rules/RULE-23-7/test.c @@ -0,0 +1,71 @@ +int f1(int p1); +int f2(int p1, int p2); + +// COMPLIANT -- standard correct cases: +#define M1(X) _Generic((X), int: f1, default: f1)(X) +#define M2(X) _Generic((X), int: f1(X), default: f1(X)) + +// NON-COMPLIANT -- standard incorrect cases: +#define M3(X) _Generic((X), int: f1(X), default: 0) +#define M4(X) (X) + _Generic((X), int: f1(X), default: f1(X)) +#define M5(X) _Generic((X), int: f1(X), default: f1(X)) + (X) +#define M6(X) _Generic((X), int: f1((X) + (X)), default: f1(X)) + +// Compliant by exception +// COMPLIANT +#define M7(X) _Generic((X), int: 1, default: 0) +// NON-COMPLIANT[FALSE NEGATIVE] -- Without an expansion, we can't tell if this +// macro has only constant expressions or not. +#define M8(X) _Generic((X), int: f1(1)) +// NON-COMPLIANT -- If the macro is expanded we can detect constant expressions +#define M9(X) _Generic((X), int: f1) +// NON-COMPLIANT -- If the macro is expanded we can detect constant expressions +#define M10(X) _Generic((X), int: f1(1)) +void f3() { + M9(1); + M10(1); +} + +// COMPLIANT -- multiple uses in the controlling expression is OK: +#define M11(X) _Generic((X) + (X), int: f1(X), default: f1(X)) +// NON-COMPLIANT -- the rule should still be enforced otherwise: +#define M12(X) _Generic((X) + (X), int: f1(X), default: 1) +#define M13(X) _Generic((X) + (X), int: f1(X), default: f1(X)) + (X) + +// COMPLIANT -- the argument is not used in the controlling expression: +#define M14(X) _Generic(1, int: f1((X) + (X)), default: f1(X)) +#define M15(X) _Generic(1, int: f1(X), default: f1(X)) + (X) + +// Test cases with more than one argument: +// COMPLIANT -- Y is not used in the controlling expression: +#define M16(X, Y) _Generic((X), int: f2((X), (Y)), default: f2((X), 1)) +// NON-COMPLIANT -- Y is used in the controlling expression +#define M17(X, Y) _Generic((X) + (Y), int: f2((X), (Y)), default: f2((X), 1)) +// COMPLIANT -- Y is used in the controlling expression correctly +#define M18(X, Y) _Generic((X) + (Y), int: f2((X), (Y)), default: f2((X), (Y))) + +// Test unevaluated contexts: +// COMPLIANT -- sizeof is not evaluated: +#define M19(X) _Generic((X), int[sizeof(X)]: f1, default: f1)(X) +#define M20(X) _Generic((X), int: f1(sizeof(X)), default: f1)(X) +#define M21(X) _Generic((X), int: f1(X), default: f1(X)) + sizeof(X) +// NON-COMPLIANT[FALSE NEGATIVE] -- sizeof plus evaluated context +#define M22(X) _Generic((X), int: f1(sizeof(X) + X), default: f1(X))(X) +// NON-COMPLIANT[FALSE NEGATIVE] -- array type sizes may be evaluated +#define M23(X) _Generic((X), int[X]: f1, default: f1)(X) +// COMPLIANT -- alignof, typeof are not evaluated: +#define M24(X) _Generic((X), int[X]: f1, default: f1)(X) + +// Nested macros: +#define ONCE(X) (X) +#define TWICE(X) (X) + (X) +#define IGNORE(X) (1) +#define IGNORE_2ND(X, Y) (X) +// COMPLIANT +#define M25(X) _Generic((X), int: ONCE(f1(X)), default: ONCE(f1(X)) +// COMPLIANT[FALSE POSITIVE] +#define M26(X) _Generic((X), int: IGNORE_2ND(X, X), default: IGNORE_2ND(X, X)) +#define M27(X) _Generic((X), int: f1(IGNORE(X)), default: f1(IGNORE(X)))(X) +// NON-COMPLIANT[FASE NEGATIVE] +#define M28(X) _Generic((X), int: f1(IGNORE(X)), default: f1(IGNORE(X))) +#define M29(X) _Generic((X), int: TWICE(f1(X)), default: TWICE(f1(X))) \ No newline at end of file diff --git a/c/misra/test/rules/RULE-23-8/DefaultGenericSelectionNotFirstOrLast.expected b/c/misra/test/rules/RULE-23-8/DefaultGenericSelectionNotFirstOrLast.expected new file mode 100644 index 0000000000..5951834d00 --- /dev/null +++ b/c/misra/test/rules/RULE-23-8/DefaultGenericSelectionNotFirstOrLast.expected @@ -0,0 +1,4 @@ +| test.c:11:1:11:64 | #define M4(X) _Generic((X), int: 1, default: 0, unsigned int: 2) | Generic macro M4 has default as 2nd association, which is not first or last. | test.c:11:1:11:64 | #define M4(X) _Generic((X), int: 1, default: 0, unsigned int: 2) | (ignored) | +| test.c:17:1:17:60 | #define M5(__VA_ARGS__...) _Generic(0, __VA_ARGS__, default: 0, int: 1) | Generic macro M5 has a default association which is not first or last, for example $@. | test.c:28:5:28:23 | _Generic | 2nd | +| test.c:34:5:34:27 | M6(__VA_ARGS__...) | Generic macro $@, in this expansion, has default as 2nd association, which is not first or last. | test.c:19:1:19:48 | #define M6(__VA_ARGS__...) _Generic(0, __VA_ARGS__, int: 1) | M6 | +| test.c:44:5:44:52 | _Generic | Generic has default as 2nd association, which is not first or last. | test.c:44:5:44:52 | _Generic | | diff --git a/c/misra/test/rules/RULE-23-8/DefaultGenericSelectionNotFirstOrLast.qlref b/c/misra/test/rules/RULE-23-8/DefaultGenericSelectionNotFirstOrLast.qlref new file mode 100644 index 0000000000..06fe786e7d --- /dev/null +++ b/c/misra/test/rules/RULE-23-8/DefaultGenericSelectionNotFirstOrLast.qlref @@ -0,0 +1 @@ +rules/RULE-23-8/DefaultGenericSelectionNotFirstOrLast.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-23-8/test.c b/c/misra/test/rules/RULE-23-8/test.c new file mode 100644 index 0000000000..fdd6e66044 --- /dev/null +++ b/c/misra/test/rules/RULE-23-8/test.c @@ -0,0 +1,49 @@ +/** + * Cases where the macro itself is always compliant or non compliant: + */ +// COMPLIANT +#define M1(X) _Generic((X), int: 1, unsigned int: 2) +// COMPLIANT +#define M2(X) _Generic((X), int: 1, unsigned int: 2, default: 0) +// COMPLIANT +#define M3(X) _Generic((X), default: 0, int: 1, unsigned int: 2) +// NON-COMPLIANT +#define M4(X) _Generic((X), int: 1, default: 0, unsigned int: 2) + +/** + * Macros that are compliant or not based on use: + */ +// NON-COMPLIANT: because every use is non compliant +#define M5(...) _Generic(0, __VA_ARGS__, default: 0, int: 1) +// COMPLIANT: because some uses are compliant +#define M6(...) _Generic(0, __VA_ARGS__, int: 1) + +void f1() { + M1(0); // COMPLIANT + M2(0); // COMPLIANT + M3(0); // COMPLIANT + M4(0); // COMPLIANT: the macro invocation is compliant, the macro definition + // is not. + + // COMPLIANT: all invocations of M5 are non compliant so the macro is reported + // instead. + M5(unsigned int : 1); + M5(unsigned int : 1, long : 2); + + // Some invocations of M6() will be compliant, so we'll report the issue at + // each invocation. + M6(default : 0); // COMPLIANT + M6(default : 0, long : 1); // COMPLIANT + M6(long : 1, default : 0); // NON-COMPLIANT +} + +/** + * For completeness, non macro cases, though these are not likely and violate + * RULE-23-1. + */ +void f2() { + _Generic(0, int: 1, unsigned int: 2); // COMPLIANT + _Generic(0, int: 1, unsigned int: 2, default: 0); // COMPLIANT + _Generic(0, default: 0, int: 1, unsigned int: 2); // COMPLIANT + _Generic(0, int: 1, default: 0, unsigned int: 2); // NON-COMPLIANT +} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.expected b/c/misra/test/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.expected index 08e419ef4f..f2b438aaf1 100644 --- a/c/misra/test/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.expected +++ b/c/misra/test/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.expected @@ -1,12 +1,14 @@ -| function1.c:6:6:6:7 | declaration of f3 | The return type of re-declaration of $@ is not compatible with declaration $@ | function1.c:6:6:6:7 | declaration of f3 | f3 | function1.c:8:4:8:5 | declaration of f3 | f3 | -| function1.c:8:4:8:5 | declaration of f3 | The return type of re-declaration of $@ is not compatible with declaration $@ | function1.c:8:4:8:5 | declaration of f3 | f3 | function1.c:6:6:6:7 | declaration of f3 | f3 | -| function1.c:8:4:8:5 | declaration of f3 | The return type of re-declaration of $@ is not compatible with declaration $@ | function1.c:8:4:8:5 | declaration of f3 | f3 | function2.c:4:6:4:7 | declaration of f3 | f3 | -| function1.c:9:6:9:7 | declaration of f4 | The return type of re-declaration of $@ is not compatible with declaration $@ | function1.c:9:6:9:7 | declaration of f4 | f4 | function2.c:5:5:5:6 | declaration of f4 | f4 | -| function1.c:13:5:13:6 | definition of f6 | The return type of re-declaration of $@ is not compatible with declaration $@ | function1.c:13:5:13:6 | definition of f6 | f6 | function2.c:9:6:9:7 | definition of f6 | f6 | -| function1.c:21:3:21:5 | definition of f21 | The parameter types of re-declaration of $@ is not compatible with declaration $@ | function1.c:21:3:21:5 | definition of f21 | f21 | function2.c:17:10:17:12 | declaration of f21 | f21 | -| function1.c:25:6:25:8 | definition of f22 | The parameter names of re-declaration of $@ is not compatible with declaration $@ | function1.c:25:6:25:8 | definition of f22 | f22 | function2.c:19:13:19:15 | declaration of f22 | f22 | -| function2.c:4:6:4:7 | declaration of f3 | The return type of re-declaration of $@ is not compatible with declaration $@ | function2.c:4:6:4:7 | declaration of f3 | f3 | function1.c:8:4:8:5 | declaration of f3 | f3 | -| function2.c:5:5:5:6 | declaration of f4 | The return type of re-declaration of $@ is not compatible with declaration $@ | function2.c:5:5:5:6 | declaration of f4 | f4 | function1.c:9:6:9:7 | declaration of f4 | f4 | -| function2.c:9:6:9:7 | definition of f6 | The return type of re-declaration of $@ is not compatible with declaration $@ | function2.c:9:6:9:7 | definition of f6 | f6 | function1.c:13:5:13:6 | definition of f6 | f6 | -| function2.c:17:10:17:12 | declaration of f21 | The parameter types of re-declaration of $@ is not compatible with declaration $@ | function2.c:17:10:17:12 | declaration of f21 | f21 | function1.c:21:3:21:5 | definition of f21 | f21 | -| function2.c:19:13:19:15 | declaration of f22 | The parameter names of re-declaration of $@ is not compatible with declaration $@ | function2.c:19:13:19:15 | declaration of f22 | f22 | function1.c:25:6:25:8 | definition of f22 | f22 | +| function1.c:6:6:6:7 | declaration of f3 | The return type of re-declaration of $@ does not use the same type names as declaration $@ | function1.c:6:6:6:7 | declaration of f3 | f3 | function1.c:8:4:8:5 | declaration of f3 | f3 | +| function1.c:8:4:8:5 | declaration of f3 | The return type of re-declaration of $@ does not use the same type names as declaration $@ | function1.c:8:4:8:5 | declaration of f3 | f3 | function1.c:6:6:6:7 | declaration of f3 | f3 | +| function1.c:8:4:8:5 | declaration of f3 | The return type of re-declaration of $@ does not use the same type names as declaration $@ | function1.c:8:4:8:5 | declaration of f3 | f3 | function2.c:4:6:4:7 | declaration of f3 | f3 | +| function1.c:9:6:9:7 | declaration of f4 | The return type of re-declaration of $@ does not use the same type names as declaration $@ | function1.c:9:6:9:7 | declaration of f4 | f4 | function2.c:5:5:5:6 | declaration of f4 | f4 | +| function1.c:13:5:13:6 | definition of f6 | The return type of re-declaration of $@ does not use the same type names as declaration $@ | function1.c:13:5:13:6 | definition of f6 | f6 | function2.c:9:6:9:7 | definition of f6 | f6 | +| function1.c:15:5:15:7 | declaration of f20 | The parameter types of re-declaration of $@ do not use the same type names as declaration $@ | function1.c:15:5:15:7 | declaration of f20 | f20 | function2.c:11:5:11:7 | declaration of f20 | f20 | +| function1.c:21:3:21:5 | definition of f21 | The parameter types of re-declaration of $@ do not use the same type names as declaration $@ | function1.c:21:3:21:5 | definition of f21 | f21 | function2.c:17:10:17:12 | declaration of f21 | f21 | +| function1.c:25:6:25:8 | definition of f22 | The parameter names of re-declaration of $@ do not use the same type names as declaration $@ | function1.c:25:6:25:8 | definition of f22 | f22 | function2.c:19:13:19:15 | declaration of f22 | f22 | +| function2.c:4:6:4:7 | declaration of f3 | The return type of re-declaration of $@ does not use the same type names as declaration $@ | function2.c:4:6:4:7 | declaration of f3 | f3 | function1.c:8:4:8:5 | declaration of f3 | f3 | +| function2.c:5:5:5:6 | declaration of f4 | The return type of re-declaration of $@ does not use the same type names as declaration $@ | function2.c:5:5:5:6 | declaration of f4 | f4 | function1.c:9:6:9:7 | declaration of f4 | f4 | +| function2.c:9:6:9:7 | definition of f6 | The return type of re-declaration of $@ does not use the same type names as declaration $@ | function2.c:9:6:9:7 | definition of f6 | f6 | function1.c:13:5:13:6 | definition of f6 | f6 | +| function2.c:11:5:11:7 | declaration of f20 | The parameter types of re-declaration of $@ do not use the same type names as declaration $@ | function2.c:11:5:11:7 | declaration of f20 | f20 | function1.c:15:5:15:7 | declaration of f20 | f20 | +| function2.c:17:10:17:12 | declaration of f21 | The parameter types of re-declaration of $@ do not use the same type names as declaration $@ | function2.c:17:10:17:12 | declaration of f21 | f21 | function1.c:21:3:21:5 | definition of f21 | f21 | +| function2.c:19:13:19:15 | declaration of f22 | The parameter names of re-declaration of $@ do not use the same type names as declaration $@ | function2.c:19:13:19:15 | declaration of f22 | f22 | function1.c:25:6:25:8 | definition of f22 | f22 | diff --git a/c/misra/test/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.expected b/c/misra/test/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.expected index c63681c7be..8b8e7f8a48 100644 --- a/c/misra/test/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.expected +++ b/c/misra/test/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.expected @@ -1,22 +1,22 @@ -| object1.c:5:6:5:7 | definition of a3 | The object $@ of type long is not compatible with re-declaration $@ of type LL | object1.c:5:6:5:7 | definition of a3 | a3 | object2.c:11:11:11:12 | declaration of a3 | a3 | -| object1.c:6:6:6:7 | definition of a4 | The object $@ of type long is not compatible with re-declaration $@ of type int | object1.c:6:6:6:7 | definition of a4 | a4 | object2.c:13:12:13:13 | declaration of a4 | a4 | -| object1.c:7:5:7:6 | definition of a5 | The object $@ of type int is not compatible with re-declaration $@ of type long | object1.c:7:5:7:6 | definition of a5 | a5 | object2.c:15:13:15:14 | declaration of a5 | a5 | -| object1.c:8:6:8:7 | definition of a6 | The object $@ of type long is not compatible with re-declaration $@ of type int | object1.c:8:6:8:7 | definition of a6 | a6 | object2.c:19:1:19:3 | declaration of a6 | a6 | -| object1.c:9:5:9:6 | definition of a7 | The object $@ of type int is not compatible with re-declaration $@ of type LL | object1.c:9:5:9:6 | definition of a7 | a7 | object2.c:21:11:21:12 | declaration of a7 | a7 | -| object1.c:15:5:15:7 | definition of a10 | The object $@ of type int[100] is not compatible with re-declaration $@ of type LI[100] | object1.c:15:5:15:7 | definition of a10 | a10 | object2.c:24:4:24:6 | definition of a10 | a10 | -| object1.c:16:5:16:7 | definition of a11 | The object $@ of type int[100] is not compatible with re-declaration $@ of type int[101] | object1.c:16:5:16:7 | definition of a11 | a11 | object2.c:25:12:25:14 | declaration of a11 | a11 | -| object1.c:19:12:19:14 | definition of a13 | The object $@ of type int *const is not compatible with re-declaration $@ of type int * | object1.c:19:12:19:14 | definition of a13 | a13 | object2.c:28:13:28:15 | declaration of a13 | a13 | -| object1.c:23:10:23:13 | definition of size | The object $@ of type size_t is not compatible with re-declaration $@ of type unsigned char | object1.c:23:10:23:13 | definition of size | size | object2.c:32:17:32:20 | definition of size | size | -| object1.c:24:3:24:4 | definition of s0 | The object $@ of type NamedStruct0 is not compatible with re-declaration $@ of type NamedStruct0 | object1.c:24:3:24:4 | definition of s0 | s0 | object2.c:33:3:33:4 | definition of s0 | s0 | -| object1.c:29:3:29:4 | definition of s1 | The object $@ of type NamedStruct1 is not compatible with re-declaration $@ of type NamedStruct1 | object1.c:29:3:29:4 | definition of s1 | s1 | object2.c:38:3:38:4 | definition of s1 | s1 | -| object2.c:11:11:11:12 | declaration of a3 | The object $@ of type LL is not compatible with re-declaration $@ of type long | object2.c:11:11:11:12 | declaration of a3 | a3 | object1.c:5:6:5:7 | definition of a3 | a3 | -| object2.c:13:12:13:13 | declaration of a4 | The object $@ of type int is not compatible with re-declaration $@ of type long | object2.c:13:12:13:13 | declaration of a4 | a4 | object1.c:6:6:6:7 | definition of a4 | a4 | -| object2.c:15:13:15:14 | declaration of a5 | The object $@ of type long is not compatible with re-declaration $@ of type int | object2.c:15:13:15:14 | declaration of a5 | a5 | object1.c:7:5:7:6 | definition of a5 | a5 | -| object2.c:19:1:19:3 | declaration of a6 | The object $@ of type int is not compatible with re-declaration $@ of type long | object2.c:19:1:19:3 | declaration of a6 | a6 | object1.c:8:6:8:7 | definition of a6 | a6 | -| object2.c:21:11:21:12 | declaration of a7 | The object $@ of type LL is not compatible with re-declaration $@ of type int | object2.c:21:11:21:12 | declaration of a7 | a7 | object1.c:9:5:9:6 | definition of a7 | a7 | -| object2.c:24:4:24:6 | definition of a10 | The object $@ of type LI[100] is not compatible with re-declaration $@ of type int[100] | object2.c:24:4:24:6 | definition of a10 | a10 | object1.c:15:5:15:7 | definition of a10 | a10 | -| object2.c:25:12:25:14 | declaration of a11 | The object $@ of type int[101] is not compatible with re-declaration $@ of type int[100] | object2.c:25:12:25:14 | declaration of a11 | a11 | object1.c:16:5:16:7 | definition of a11 | a11 | -| object2.c:28:13:28:15 | declaration of a13 | The object $@ of type int * is not compatible with re-declaration $@ of type int *const | object2.c:28:13:28:15 | declaration of a13 | a13 | object1.c:19:12:19:14 | definition of a13 | a13 | -| object2.c:32:17:32:20 | definition of size | The object $@ of type unsigned char is not compatible with re-declaration $@ of type size_t | object2.c:32:17:32:20 | definition of size | size | object1.c:23:10:23:13 | definition of size | size | -| object2.c:33:3:33:4 | definition of s0 | The object $@ of type NamedStruct0 is not compatible with re-declaration $@ of type NamedStruct0 | object2.c:33:3:33:4 | definition of s0 | s0 | object1.c:24:3:24:4 | definition of s0 | s0 | -| object2.c:38:3:38:4 | definition of s1 | The object $@ of type NamedStruct1 is not compatible with re-declaration $@ of type NamedStruct1 | object2.c:38:3:38:4 | definition of s1 | s1 | object1.c:29:3:29:4 | definition of s1 | s1 | +| object1.c:5:6:5:7 | definition of a3 | The object $@ of type long does not use the same type names as re-declaration $@ of type LL | object1.c:5:6:5:7 | definition of a3 | a3 | object2.c:11:11:11:12 | declaration of a3 | a3 | +| object1.c:6:6:6:7 | definition of a4 | The object $@ of type long does not use the same type names as re-declaration $@ of type int | object1.c:6:6:6:7 | definition of a4 | a4 | object2.c:13:12:13:13 | declaration of a4 | a4 | +| object1.c:7:5:7:6 | definition of a5 | The object $@ of type int does not use the same type names as re-declaration $@ of type long | object1.c:7:5:7:6 | definition of a5 | a5 | object2.c:15:13:15:14 | declaration of a5 | a5 | +| object1.c:8:6:8:7 | definition of a6 | The object $@ of type long does not use the same type names as re-declaration $@ of type int | object1.c:8:6:8:7 | definition of a6 | a6 | object2.c:19:1:19:3 | declaration of a6 | a6 | +| object1.c:9:5:9:6 | definition of a7 | The object $@ of type int does not use the same type names as re-declaration $@ of type LL | object1.c:9:5:9:6 | definition of a7 | a7 | object2.c:21:11:21:12 | declaration of a7 | a7 | +| object1.c:15:5:15:7 | definition of a10 | The object $@ of type int[100] does not use the same type names as re-declaration $@ of type LI[100] | object1.c:15:5:15:7 | definition of a10 | a10 | object2.c:24:4:24:6 | definition of a10 | a10 | +| object1.c:16:5:16:7 | definition of a11 | The object $@ of type int[100] does not use the same type names as re-declaration $@ of type int[101] | object1.c:16:5:16:7 | definition of a11 | a11 | object2.c:25:12:25:14 | declaration of a11 | a11 | +| object1.c:19:12:19:14 | definition of a13 | The object $@ of type int *const does not use the same type names as re-declaration $@ of type int * | object1.c:19:12:19:14 | definition of a13 | a13 | object2.c:28:13:28:15 | declaration of a13 | a13 | +| object1.c:23:10:23:13 | definition of size | The object $@ of type size_t does not use the same type names as re-declaration $@ of type unsigned char | object1.c:23:10:23:13 | definition of size | size | object2.c:32:17:32:20 | definition of size | size | +| object1.c:24:3:24:4 | definition of s0 | The object $@ of type NamedStruct0 does not use the same type names as re-declaration $@ of type NamedStruct0 | object1.c:24:3:24:4 | definition of s0 | s0 | object2.c:33:3:33:4 | definition of s0 | s0 | +| object1.c:29:3:29:4 | definition of s1 | The object $@ of type NamedStruct1 does not use the same type names as re-declaration $@ of type NamedStruct1 | object1.c:29:3:29:4 | definition of s1 | s1 | object2.c:38:3:38:4 | definition of s1 | s1 | +| object2.c:11:11:11:12 | declaration of a3 | The object $@ of type LL does not use the same type names as re-declaration $@ of type long | object2.c:11:11:11:12 | declaration of a3 | a3 | object1.c:5:6:5:7 | definition of a3 | a3 | +| object2.c:13:12:13:13 | declaration of a4 | The object $@ of type int does not use the same type names as re-declaration $@ of type long | object2.c:13:12:13:13 | declaration of a4 | a4 | object1.c:6:6:6:7 | definition of a4 | a4 | +| object2.c:15:13:15:14 | declaration of a5 | The object $@ of type long does not use the same type names as re-declaration $@ of type int | object2.c:15:13:15:14 | declaration of a5 | a5 | object1.c:7:5:7:6 | definition of a5 | a5 | +| object2.c:19:1:19:3 | declaration of a6 | The object $@ of type int does not use the same type names as re-declaration $@ of type long | object2.c:19:1:19:3 | declaration of a6 | a6 | object1.c:8:6:8:7 | definition of a6 | a6 | +| object2.c:21:11:21:12 | declaration of a7 | The object $@ of type LL does not use the same type names as re-declaration $@ of type int | object2.c:21:11:21:12 | declaration of a7 | a7 | object1.c:9:5:9:6 | definition of a7 | a7 | +| object2.c:24:4:24:6 | definition of a10 | The object $@ of type LI[100] does not use the same type names as re-declaration $@ of type int[100] | object2.c:24:4:24:6 | definition of a10 | a10 | object1.c:15:5:15:7 | definition of a10 | a10 | +| object2.c:25:12:25:14 | declaration of a11 | The object $@ of type int[101] does not use the same type names as re-declaration $@ of type int[100] | object2.c:25:12:25:14 | declaration of a11 | a11 | object1.c:16:5:16:7 | definition of a11 | a11 | +| object2.c:28:13:28:15 | declaration of a13 | The object $@ of type int * does not use the same type names as re-declaration $@ of type int *const | object2.c:28:13:28:15 | declaration of a13 | a13 | object1.c:19:12:19:14 | definition of a13 | a13 | +| object2.c:32:17:32:20 | definition of size | The object $@ of type unsigned char does not use the same type names as re-declaration $@ of type size_t | object2.c:32:17:32:20 | definition of size | size | object1.c:23:10:23:13 | definition of size | size | +| object2.c:33:3:33:4 | definition of s0 | The object $@ of type NamedStruct0 does not use the same type names as re-declaration $@ of type NamedStruct0 | object2.c:33:3:33:4 | definition of s0 | s0 | object1.c:24:3:24:4 | definition of s0 | s0 | +| object2.c:38:3:38:4 | definition of s1 | The object $@ of type NamedStruct1 does not use the same type names as re-declaration $@ of type NamedStruct1 | object2.c:38:3:38:4 | definition of s1 | s1 | object1.c:29:3:29:4 | definition of s1 | s1 | diff --git a/c/misra/test/rules/RULE-8-3/function1.c b/c/misra/test/rules/RULE-8-3/function1.c index 2072748047..7fcf775167 100644 --- a/c/misra/test/rules/RULE-8-3/function1.c +++ b/c/misra/test/rules/RULE-8-3/function1.c @@ -12,7 +12,7 @@ long f5(int f5a) { return 0; } // COMPLIANT int f6(int f6a) { return 0; } // NON_COMPLIANT -int f20(int f20a); // COMPLIANT - overloaded function +int f20(int f20a); // NON_COMPLIANT typedef int wi; typedef int hi; diff --git a/c/misra/test/rules/RULE-8-3/function2.c b/c/misra/test/rules/RULE-8-3/function2.c index 979e002466..b33dc73c1c 100644 --- a/c/misra/test/rules/RULE-8-3/function2.c +++ b/c/misra/test/rules/RULE-8-3/function2.c @@ -8,7 +8,7 @@ long f5(int f5a) { return 0; } // COMPLIANT long f6(int f6a) { return 0; } // NON_COMPLIANT -int f20(int f20a, int f20b); // COMPLIANT -- overloaded function +int f20(int f20a, int f20b); // NON_COMPLIANT typedef int wi; typedef int hi; diff --git a/change_notes/2025-02-25-move-type-related-libraries.md b/change_notes/2025-02-25-move-type-related-libraries.md new file mode 100644 index 0000000000..9f4fbd0bf2 --- /dev/null +++ b/change_notes/2025-02-25-move-type-related-libraries.md @@ -0,0 +1,2 @@ + - All rules using `Type.qll`, `TypeUses.qll`, `Pointers.qll`, `TrivialType.qll`, `VariablyModifiedTypes.qll`: + - Files moved into `cpp/common/types` directory. No external changes in behavior expected. \ No newline at end of file diff --git a/change_notes/2025-02-25-update-macro-deduplication-library.md b/change_notes/2025-02-25-update-macro-deduplication-library.md new file mode 100644 index 0000000000..90b3ef51af --- /dev/null +++ b/change_notes/2025-02-25-update-macro-deduplication-library.md @@ -0,0 +1,4 @@ +- `RULE-2-8` - `UnusedObjectDefinition.ql`, `UnusedObjectDefinitionStrict.ql`: + - Refactor to allow additional parameters in non-macro results for library `DeduplicateMacroResults.qll`. + - Refactor to replace `Location` with `Locatable` in API of library `DeduplicationMacroResults.qll`. + - No observable difference in behavior expected. diff --git a/change_notes/2025-03-04-essential-types-with-explicit-conversions.md b/change_notes/2025-03-04-essential-types-with-explicit-conversions.md new file mode 100644 index 0000000000..aa32044087 --- /dev/null +++ b/change_notes/2025-03-04-essential-types-with-explicit-conversions.md @@ -0,0 +1,2 @@ + - `EssentialType` - for all queries related to essential types: + - Updated the way essential types of expressions with "conversions" (including explicit casts, parenthesis, and implicit conversions such as array-to-pointer conversions) are handled, to get proper essential types when parenthesis, casts, and generics interact. \ No newline at end of file diff --git a/change_notes/2025-03-04-more-accurate-type-comparisons.md b/change_notes/2025-03-04-more-accurate-type-comparisons.md new file mode 100644 index 0000000000..942d76f7af --- /dev/null +++ b/change_notes/2025-03-04-more-accurate-type-comparisons.md @@ -0,0 +1,6 @@ + - `RULE-8-3` - `DeclarationsOfAFunctionSameNameAndType.ql`, `DeclarationsOfAnObjectSameNameAndType.ql`: + - New shared module used to fix false positives for compound types referring to the same basic integer types under a different name, e.g., query will not report for `signed[4]` used in place of `int[4]` as per MISRA spec. + - Now query will report incompatibilities for two functions of the same name with a different number of parameters. + - Query result string updated to not use the word "Compatible," which is confusing, as it may falsely appear that the query is testing for compatibility as defined by C17. + - `RULE-8-4`, `DCL-40C` - `CompatibleDeclarationFunctionDefined.ql`, `CompatibleDeclarationObjectDefined.ql`, `IncomptatibleFunctionDeclarations.ql`: + - New shared module used to fix false positives by updating "compatible" type checks to more closely match the C17 standard. For instance, `int[3]` and `int[]` are compatible declarations (while `int[3]` and `int[4]` are not), and typedefs are now resolved as well. Some false positives may still occur regarding structs from different compilation units. \ No newline at end of file diff --git a/cpp/autosar/src/rules/A0-4-1/FloatingPointImplementationShallComplyWithIeeeStandard.ql b/cpp/autosar/src/rules/A0-4-1/FloatingPointImplementationShallComplyWithIeeeStandard.ql index 9123e7de2f..0a59b423d0 100644 --- a/cpp/autosar/src/rules/A0-4-1/FloatingPointImplementationShallComplyWithIeeeStandard.ql +++ b/cpp/autosar/src/rules/A0-4-1/FloatingPointImplementationShallComplyWithIeeeStandard.ql @@ -18,7 +18,7 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.TypeUses +import codingstandards.cpp.types.Uses class NumericLimits extends Class { NumericLimits() { this.hasQualifiedName("std", ["numeric_limits", "__libcpp_numeric_limits"]) } diff --git a/cpp/autosar/src/rules/A12-8-4/MoveConstructorUsesCopySemantics.ql b/cpp/autosar/src/rules/A12-8-4/MoveConstructorUsesCopySemantics.ql index 4996afd34e..a71d49d844 100644 --- a/cpp/autosar/src/rules/A12-8-4/MoveConstructorUsesCopySemantics.ql +++ b/cpp/autosar/src/rules/A12-8-4/MoveConstructorUsesCopySemantics.ql @@ -16,7 +16,7 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.TrivialType +import codingstandards.cpp.types.TrivialType /** * A literal with no values. diff --git a/cpp/autosar/src/rules/A14-5-2/NonTemplateMemberDefinedInTemplate.ql b/cpp/autosar/src/rules/A14-5-2/NonTemplateMemberDefinedInTemplate.ql index 7f9ced9909..61b00ba852 100644 --- a/cpp/autosar/src/rules/A14-5-2/NonTemplateMemberDefinedInTemplate.ql +++ b/cpp/autosar/src/rules/A14-5-2/NonTemplateMemberDefinedInTemplate.ql @@ -15,7 +15,7 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.TypeUses +import codingstandards.cpp.types.Uses import codingstandards.cpp.Operator predicate templateDefinitionMentionsTypeParameter(Declaration d, TemplateParameter tp) { diff --git a/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql b/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql index a07dbd43f7..af3a00fadb 100644 --- a/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql +++ b/cpp/autosar/src/rules/A7-1-2/VariableMissingConstexpr.ql @@ -15,7 +15,7 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.TrivialType +import codingstandards.cpp.types.TrivialType import codingstandards.cpp.SideEffect import semmle.code.cpp.controlflow.SSA import codingstandards.cpp.Expr diff --git a/cpp/autosar/src/rules/A8-4-7/TriviallyCopyableSmallType.qll b/cpp/autosar/src/rules/A8-4-7/TriviallyCopyableSmallType.qll index be7cd76bd2..09c6cdae69 100644 --- a/cpp/autosar/src/rules/A8-4-7/TriviallyCopyableSmallType.qll +++ b/cpp/autosar/src/rules/A8-4-7/TriviallyCopyableSmallType.qll @@ -1,6 +1,6 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.TrivialType +import codingstandards.cpp.types.TrivialType /** * Get the largest word size, in bytes. Some projects may have multiple different diff --git a/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll b/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll index c0a32baba9..8985f7254e 100644 --- a/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll +++ b/cpp/autosar/src/rules/M0-1-4/SingleUsePODVariable.qll @@ -1,7 +1,7 @@ /** A module providing predicates that support identifying single use non volatile POD variables. */ import cpp -import codingstandards.cpp.TrivialType +import codingstandards.cpp.types.TrivialType import codingstandards.cpp.deadcode.UnusedVariables /** diff --git a/cpp/cert/src/rules/MEM53-CPP/ManuallyManagedLifetime.qll b/cpp/cert/src/rules/MEM53-CPP/ManuallyManagedLifetime.qll index 4392b598f7..0eaf9f8dfa 100644 --- a/cpp/cert/src/rules/MEM53-CPP/ManuallyManagedLifetime.qll +++ b/cpp/cert/src/rules/MEM53-CPP/ManuallyManagedLifetime.qll @@ -1,6 +1,6 @@ import codingstandards.cpp.cert import codingstandards.cpp.Conversion -import codingstandards.cpp.TrivialType +import codingstandards.cpp.types.TrivialType import ManuallyManagedLifetime import semmle.code.cpp.controlflow.Dominance import semmle.code.cpp.dataflow.TaintTracking diff --git a/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.ql b/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.ql index 6e3121e46d..5398aa04e1 100644 --- a/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.ql +++ b/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.ql @@ -12,7 +12,7 @@ import cpp import codingstandards.cpp.cert -import codingstandards.cpp.TrivialType +import codingstandards.cpp.types.TrivialType import ManuallyManagedLifetime import semmle.code.cpp.dataflow.TaintTracking import AllocToStaticCastFlow::PathGraph diff --git a/cpp/common/src/codingstandards/cpp/Compatible.qll b/cpp/common/src/codingstandards/cpp/Compatible.qll deleted file mode 100644 index 0f6e2108ff..0000000000 --- a/cpp/common/src/codingstandards/cpp/Compatible.qll +++ /dev/null @@ -1,30 +0,0 @@ -import cpp - -pragma[noinline] -pragma[nomagic] -predicate typesCompatible(Type t1, Type t2) { - t1 = t2 - or - //signed int is same as int ect - t1.(IntegralType).getCanonicalArithmeticType() = t2.(IntegralType).getCanonicalArithmeticType() -} - -predicate parameterTypesIncompatible(FunctionDeclarationEntry f1, FunctionDeclarationEntry f2) { - f1.getDeclaration() = f2.getDeclaration() and - exists(ParameterDeclarationEntry p1, ParameterDeclarationEntry p2, int i | - p1 = f1.getParameterDeclarationEntry(i) and - p2 = f2.getParameterDeclarationEntry(i) - | - not typesCompatible(p1.getType(), p2.getType()) - ) -} - -predicate parameterNamesIncompatible(FunctionDeclarationEntry f1, FunctionDeclarationEntry f2) { - f1.getDeclaration() = f2.getDeclaration() and - exists(ParameterDeclarationEntry p1, ParameterDeclarationEntry p2, int i | - p1 = f1.getParameterDeclarationEntry(i) and - p2 = f2.getParameterDeclarationEntry(i) - | - not p1.getName() = p2.getName() - ) -} diff --git a/cpp/common/src/codingstandards/cpp/MatchingParenthesis.qll b/cpp/common/src/codingstandards/cpp/MatchingParenthesis.qll new file mode 100644 index 0000000000..8a28bd0517 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/MatchingParenthesis.qll @@ -0,0 +1,264 @@ +/** + * A library for parsing a string of parentheses and non-parentheses characters. + * + * Simply implement the signature class `InputString` for the set of strings that you wish to parse, + * and then use the `MatchingParenthesis` module which exposes the following classes/predicates: + * - `ParsedRoot`: The root of the parse tree. + * - `ParsedGroup`: Parenthesis groups. The root is also a group, even if not parenthesized. + * - `ParsedText`: All text that is not '(' or ')'. + * - `Tokenized`: A linked list of the tokens in the input string. + * - `textFrom(start, end)`: A function to get the text between two tokens. + * + * The parenthesis AST has functions `getChild(int i)` and `getParent()` to navigate the tree, as + * well as `getRoot()` and `getText()` for `ParsedText` nodes. They also have methods + * `getStartToken()`, `getEndToken()` which are especially useful with the method `textFrom(...)`. + * + * This module can allow for slightly more intelligent interpretation of macro strings, but it has + * limitations. + * - It _only_ handles the parenthesis. + * - It assumes parentheses are matched. + * - It does not handle the case where a parenthesis is inside a string literal. + * - It does not handle the case where a parenthesis is inside a comment. + * + * This module has been moderately optimized, but still it is best to be selective with the set of + * strings you attempt to parse with it. + */ + +import codeql.util.Option + +signature class InputString extends string; + +module MatchingParenthesis { + newtype TTokenType = + TOpenParen() or + TCloseParen() or + TNotParen() + + bindingset[char] + private TTokenType tokenTypeOfChar(string char) { + result = TOpenParen() and char = "(" + or + result = TCloseParen() and char = ")" + } + + private int inputId(Input i) { rank[result](Input inp) = i } + + private newtype TTokenized = + TTokenizerStart(int iid) { iid = inputId(_) } or + TToken(int iid, TTokenized prev, TTokenType token, int occurrence, int endPos) { + exists(string inputStr, int prevEndPos, int prevOccurrence, string char | + iid = inputId(inputStr) and + ( + prev = TTokenizerStart(iid) and prevOccurrence = -1 and prevEndPos = 0 + or + prev = TToken(iid, _, _, prevOccurrence, prevEndPos) + ) and + inputStr.charAt(prevEndPos) = char and + if char = ["(", ")"] + then ( + endPos = prevEndPos + 1 and + token = tokenTypeOfChar(char) and + occurrence = prevOccurrence + 1 + ) else ( + token = TNotParen() and + exists(inputStr.regexpFind("\\(|\\)", prevOccurrence + 1, endPos)) and + occurrence = prevOccurrence + ) + ) + } + + class Tokenized extends TTokenized { + string toString() { + getTokenType() = TOpenParen() and result = "(" + or + getTokenType() = TCloseParen() and result = ")" + or + getTokenType() = TNotParen() and result = "non-parenthesis" + } + + int getInputId() { this = TToken(result, _, _, _, _) } + + TTokenType getTokenType() { this = TToken(_, _, result, _, _) } + + Tokenized getPrevious() { this = TToken(_, result, _, _, _) } + + string getInputString() { + this = TToken(inputId(result), _, _, _, _) or this = TTokenizerStart(inputId(result)) + } + + int getStartPos() { + if exists(getPrevious()) then result = getPrevious().getEndPos() else result = 0 + } + + int getEndPos() { + this = TToken(_, _, _, _, result) + or + this = TTokenizerStart(_) and result = 0 + } + + string getText() { result = textFrom(this, this) } + + Tokenized getNext() { result.getPrevious() = this } + + Tokenized getLast() { + if exists(getNext()) then result = getNext().getLast() else result = this + } + } + + /** + * The root of the parse tree. + */ + class ParsedRoot extends ParsedGroup { + ParsedRoot() { not exists(getParent()) } + + override ParsedRoot getRoot() { result = this } + + override string getDebugText() { result = this.(Tokenized).getInputString() } + } + + /** + * A group of tokens that may be parenthesized. + * + * The `ParseRoot` is the only group that isn't parenthesized. + */ + class ParsedGroup extends Parsed { + ParsedGroup() { isGroup() } + + Parsed getChild(int i) { + result.getParent() = this and + result.getChildIdx() = i + } + } + + /** + * Get the text from the `start` token to the `end` token (inclusive on both ends). + */ + pragma[inline] + string textFrom(Tokenized start, Tokenized end) { + result = start.getInputString().substring(start.getStartPos(), end.getEndPos()) + } + + /** + * All text that is not '(' or ')'. + */ + class ParsedText extends Parsed { + ParsedText() { not isGroup() } + + string getText() { result = textFrom(getStartToken(), getEndToken()) } + } + + /** + * The AST for the input string parsed with matching parenthesis. + */ + class Parsed extends TTokenized { + Option::Option parent; + int childIdx; + boolean isGroup; + + Parsed() { + this.(Tokenized).getTokenType() = TNotParen() and + parseStepAppend(this, parent.asSome(), childIdx) and + isGroup = false + or + this.(Tokenized).getTokenType() = TOpenParen() and + parseStepOpen(this, parent.asSome(), childIdx) and + isGroup = true + or + this = TTokenizerStart(_) and + parent.isNone() and + childIdx = 0 and + isGroup = true + } + + ParsedRoot getRoot() { result = getParent().getRoot() } + + string getInputString() { result = this.(Tokenized).getInputString() } + + /** + * The token that starts this group. + * + * For `ParsedText`, this is the same as the end token. + */ + Tokenized getStartToken() { result = this } + + /** + * The token that endns this group. + * + * For `ParsedText`, this is the same as the start token. If parentheses are not matched, this + * may not have a result. + */ + Tokenized getEndToken() { + this.(Tokenized).getTokenType() = TNotParen() and + result = this + or + this.(Tokenized).getTokenType() = TOpenParen() and + parseStepClose(result, this) + or + this = TTokenizerStart(_) and + result = getStartToken().(Tokenized).getLast() + } + + /** + * The index of this child in the parent group. + */ + int getChildIdx() { result = childIdx } + + ParsedGroup getParent() { result = parent.asSome() } + + predicate isGroup() { isGroup = true } + + string getDebugText() { result = textFrom(getStartToken(), getEndToken()) } + + string toString() { result = this.(Tokenized).toString() } + } + + /** + * Parse open parenthesis and add it to the open group or parse root. Parsing algorithm may not + * behave reliably for mismatched parenthesis. + */ + private predicate parseStepOpen(Tokenized consumeToken, ParsedGroup parent, int childIdx) { + consumeToken.getTokenType() = TOpenParen() and + ( + consumeToken.getPrevious() = parent.getStartToken() and + childIdx = 0 + or + exists(Parsed prevSibling | + prevSibling.getEndToken() = consumeToken.getPrevious() and + childIdx = prevSibling.getChildIdx() + 1 and + parent = prevSibling.getParent() + ) + ) + } + + /** + * Parse raw text that isn't '(' or ')' and add it to the open group or parse root. + */ + private predicate parseStepAppend(Tokenized consumeToken, ParsedGroup parent, int childIdx) { + consumeToken.getTokenType() = TNotParen() and + ( + consumeToken.getPrevious() = parent.getStartToken() and childIdx = 0 + or + exists(Parsed prevSibling | + prevSibling.getEndToken() = consumeToken.getPrevious() and + childIdx = prevSibling.getChildIdx() + 1 and + parent = prevSibling.getParent() + ) + ) + } + + /** + * Parse a close parenthesis to close the currently open group. Parsing algorithm may not behave + * properly for mismatched parenthesis. + */ + private predicate parseStepClose(Tokenized consumeToken, ParsedGroup closed) { + consumeToken.getTokenType() = TCloseParen() and + ( + closed.getStartToken() = consumeToken.getPrevious() + or + exists(Parsed finalChild | + consumeToken.getPrevious() = finalChild.getEndToken() and + finalChild.getParent() = closed + ) + ) + } +} diff --git a/cpp/common/src/codingstandards/cpp/Type.qll b/cpp/common/src/codingstandards/cpp/Type.qll index 42d77b8055..32c139fd89 100644 --- a/cpp/common/src/codingstandards/cpp/Type.qll +++ b/cpp/common/src/codingstandards/cpp/Type.qll @@ -1,96 +1,2 @@ -/** - * A module for representing different `Type`s. - */ - -import cpp - -/** - * A fundamental type, as defined by `[basic.fundamental]`. - */ -class FundamentalType extends BuiltInType { - FundamentalType() { - // A fundamental type is any `BuiltInType` except types indicating errors during extraction, or - // "unknown" types inserted into uninstantiated templates - not this instanceof ErroneousType and - not this instanceof UnknownType - } -} - -/** - * A type that is incomplete. - */ -class IncompleteType extends Class { - IncompleteType() { not hasDefinition() } -} - -/** - * A type that implements the BitmaskType trait. - * https://en.cppreference.com/w/cpp/named_req/BitmaskType - */ -abstract class BitmaskType extends Type { } - -/** - * Holds if `enum` implements required overload `overload` to implement - * the BitmaskType trait. - */ -private predicate isRequiredEnumOverload(Enum enum, Function overload) { - overload.getName().regexpMatch("operator([&|^~]|&=|\\|=)") and - forex(Parameter p | p = overload.getAParameter() | - ( - p.getType() = enum - or - p.getType().(ReferenceType).getBaseType() = enum - ) - ) -} - -private class EnumBitmaskType extends BitmaskType, Enum { - EnumBitmaskType() { - // Implements all the required overload - count(Function overload | isRequiredEnumOverload(this, overload)) = 6 - } -} - -/** - * A type without `const` and `volatile` specifiers. - */ -Type stripSpecifiers(Type type) { - if type instanceof SpecifiedType - then result = stripSpecifiers(type.(SpecifiedType).getBaseType()) - else result = type -} - -signature class PossiblySpecifiedBaseType extends Type; - -/** - * This module defines a class `Type` which holds for types `T` and `const/volatile T` etc. - * - * Similar to `getUnspecifiedType()`, but does not resolve typedefs. Useful for matching - * potentially qualified versions of standard typedef types, such as `const mtx_t`. - * - * Example usage: `someType.(PossiblySpecified::Type).strip()` - */ -module PossiblySpecified { - import cpp as cpp - - final class CppType = cpp::Type; - - class Type extends CppType { - BaseType baseType; - - Type() { baseType = stripSpecifiers(this) } - - BaseType strip() { result = baseType } - } -} - -/** - * Get the precision of an integral type, where precision is defined as the number of bits - * that can be used to represent the numeric value. - * https://wiki.sei.cmu.edu/confluence/display/c/INT35-C.+Use+correct+integer+precisions - */ -int getPrecision(IntegralType type) { - type.isExplicitlyUnsigned() and result = type.getSize() * 8 - or - type.isExplicitlySigned() and result = type.getSize() * 8 - 1 -} +import codingstandards.cpp.types.Type +import codingstandards.cpp.types.Uses \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/alertreporting/DeduplicateMacroResults.qll b/cpp/common/src/codingstandards/cpp/alertreporting/DeduplicateMacroResults.qll index b3c3d44ff4..b41de3ef9a 100644 --- a/cpp/common/src/codingstandards/cpp/alertreporting/DeduplicateMacroResults.qll +++ b/cpp/common/src/codingstandards/cpp/alertreporting/DeduplicateMacroResults.qll @@ -38,7 +38,7 @@ signature module MacroReportConfigSig { /** * Create a message to describe a `ResultElement` which is not generated by a macro expansion. */ - string getMessageNotInMacro(ResultElement element); + string getMessageNotInMacro(ResultElement element, Locatable optExtraLoc1, string optExtraStr1); } /** @@ -120,7 +120,7 @@ signature module MacroReportConfigSig { * * from Report::ReportResult report * where not excluded(report.getPrimaryElement(), ...) - * select report.getPrimaryElement(), report.getMessage(), report.getOptionalPlaceholderLocation(), + * select report.getPrimaryElement(), report.getMessage(), report.getOptionalPlaceholderLocatable(), * report.getOptionalPlaceholderMessage() * ``` * @@ -295,7 +295,7 @@ module DeduplicateMacroResults< * To show a report, use the following methods: * - `report.getPrimaryElement()` * - `report.getMessage()` - * - `report.getOptionalPlaceholderLocation()` + * - `report.getOptionalPlaceholderLocatable()` * - `report.getOptionalPlaceholderMessage()` * * The values returned by these methods are configured by the `MacroReportConfigSig` @@ -337,7 +337,7 @@ module DeduplicateMacroResults< or exists(ResultElement def | this = TReportNotInMacro(def) and - result = ReportConfig::getMessageNotInMacro(def) + result = ReportConfig::getMessageNotInMacro(def, _, _) ) } @@ -351,25 +351,25 @@ module DeduplicateMacroResults< this = TReportNotInMacro(result) } - Location getOptionalPlaceholderLocation() { + Locatable getOptionalPlaceholderLocatable() { exists(PrimaryMacroDifferentResultElementInAllInvocations def | this = TReportMacroResultWithVariedName(def) and - result = def.getExampleResultElement().getLocation() + result = def.getExampleResultElement() ) or exists(PrimaryMacroSameResultElementInAllInvocations def | this = TReportMacroResultWithSameName(def) and - result = def.getLocation() + result = def ) or exists(IsolatedMacroExpansionWithResultElement def | this = TReportIsolatedMacroResult(def) and - result = def.getMacro().getLocation() + result = def.getMacro() ) or exists(ResultElement def | this = TReportNotInMacro(def) and - result = def.getLocation() + exists(ReportConfig::getMessageNotInMacro(def, result, _)) ) } @@ -379,14 +379,16 @@ module DeduplicateMacroResults< result = Config::describe(def.getExampleResultElement()) ) or - ( - this = TReportMacroResultWithSameName(_) or - this = TReportNotInMacro(_) - ) and + this = TReportMacroResultWithSameName(_) and result = "(ignored)" or this = TReportIsolatedMacroResult(_) and result = getMacro().getName() + or + exists(ResultElement def | + this = TReportNotInMacro(def) and + exists(ReportConfig::getMessageNotInMacro(def, _, result)) + ) } Macro getMacro() { diff --git a/cpp/common/src/codingstandards/cpp/deadcode/UnusedObjects.qll b/cpp/common/src/codingstandards/cpp/deadcode/UnusedObjects.qll index 60e732873a..94ae16ec4f 100644 --- a/cpp/common/src/codingstandards/cpp/deadcode/UnusedObjects.qll +++ b/cpp/common/src/codingstandards/cpp/deadcode/UnusedObjects.qll @@ -57,8 +57,10 @@ module ReportDeadObjectConfig implements MacroReportConfigSig; + +/** + * Signature module for handling various kinds of potentially recursive type equivalence using the + * module `TypeEquivalence`. + * + * The various kinds of types to be compared all have an overridable predicate with default + * behavior here, and a boolean flag that indicates whether the base types are equal. This pattern + * is used because we can't make a default implementation of a predicate such as + * `equalPointerTypes` that recurses into the `TypeEquivalence` module. Instead, the + * `TypeEquivalence` module drives all of the recursion, and these predicates take the result of + * that recursion and use it to determine whether the types are equivalent. + */ +signature module TypeEquivalenceSig { + /** + * Whether two leaf types are equivalent, such as `int`s and structs. By default, we assume only + * that types are equal to themselves and that equivalent arithmetic types are equal. + */ + bindingset[t1, t2] + default predicate equalLeafTypes(Type t1, Type t2) { + t1 = t2 + or + t1.(IntegralType).getCanonicalArithmeticType() = t2.(IntegralType).getCanonicalArithmeticType() + } + + /** + * A predicate to arbitrarily override the default behavior of the `TypeEquivalence` module, + * including preventing recursion. If this predicate holds for a pair of types, then + * `TypeEquivalence::equalTypes()` holds only if `areEqual` is true. + */ + bindingset[t1, t2] + default predicate overrideTypeComparison(Type t1, Type t2, Boolean areEqual) { none() } + + /** + * Whether two specified types are equivalent. By default, we assume that the specifier sets are + * exactly the same, and the inner types also match. + */ + bindingset[t1, t2] + default predicate equalSpecifiedTypes( + SpecifiedType t1, SpecifiedType t2, Boolean unspecifiedTypesEqual + ) { + specifiersMatchExactly(t1, t2) and + unspecifiedTypesEqual = true + } + + /** + * Whether two specified types are equivalent. By default, we only require that the base (pointed + * to) types match. + */ + bindingset[t1, t2] + default predicate equalPointerTypes(PointerType t1, PointerType t2, Boolean baseTypesEqual) { + baseTypesEqual = true + } + + /** + * Whether two array types are equivalent. By default, we only require that the element types and + * array sizes match. + */ + bindingset[t1, t2] + default predicate equalArrayTypes(ArrayType t1, ArrayType t2, Boolean baseTypesEqual) { + t1.getSize() = t2.getSize() and + baseTypesEqual = true + } + + /** + * Whether two reference types are equivalent. By default, we only require that the base types match. + */ + bindingset[t1, t2] + default predicate equalReferenceTypes(ReferenceType t1, ReferenceType t2, Boolean baseTypesEqual) { + baseTypesEqual = true + } + + /** + * Whether typedefs should be resolved before comparison. By default, we assume `TypeEquivalence` + * should resolve typedefs before comparison. + */ + default predicate resolveTypedefs() { any() } + + /** + * Whether two typedef types are equivalent. + * + * This predicate is only used if `resolveTypedefs()` is false. If so, then we assume two + * typedefs are the same if they have the same name and their base types are equal. + */ + bindingset[t1, t2] + default predicate equalTypedefTypes(TypedefType t1, TypedefType t2, Boolean baseTypesEqual) { + t1.getName() = t2.getName() and + baseTypesEqual = true + } + + /** + * Whether two routine types are equivalent. By default, we only require that the return types and + * parameter types match. + */ + bindingset[t1, t2] + default predicate equalRoutineTypes( + RoutineType t1, RoutineType t2, Boolean returnTypeEqual, Boolean parameterTypesEqual + ) { + returnTypeEqual = true and parameterTypesEqual = true + } + + /** + * Whether two function pointer/reference types are equivalent. By default, we only require that + * the return types and parameter types match. + */ + bindingset[t1, t2] + default predicate equalFunctionPointerIshTypes( + FunctionPointerIshType t1, FunctionPointerIshType t2, Boolean returnTypeEqual, + Boolean parameterTypesEqual + ) { + returnTypeEqual = true and parameterTypesEqual = true + } +} + +/** + * The default equivalence behavior for the `TypeEquivalence` module. + */ +module DefaultEquivalence implements TypeEquivalenceSig { } + +/** + * A signature class used to restrict the set of types considered by `TypeEquivalence`, for + * performance reasons. + */ +signature class TypeSubset extends Type; + +/** + * A module to check the equivalence of two types, as defined by the provided `TypeEquivalenceSig`. + * + * For performance reasons, this module is designed to be used with a `TypeSubset` that restricts + * the set of considered types. All types reachable (in the type graph) from a type in the subset + * will be considered. (See `RelevantType`.) + * + * To use this module, define a `TypeEquivalenceSig` module and implement a subset of `Type` that + * selects the relevant root types to be considered. Then use the predicate `equalTypes(a, b)`. + */ +module TypeEquivalence { + /** + * Check whether two types are equivalent, as defined by the `TypeEquivalenceSig` module. + */ + predicate equalTypes(RelevantType t1, RelevantType t2) { + if Config::overrideTypeComparison(t1, t2, _) + then Config::overrideTypeComparison(t1, t2, true) + else + if t1 instanceof TypedefType and Config::resolveTypedefs() + then equalTypes(t1.(TypedefType).getBaseType(), t2) + else + if t2 instanceof TypedefType and Config::resolveTypedefs() + then equalTypes(t1, t2.(TypedefType).getBaseType()) + else ( + not t1 instanceof DerivedType and + not t2 instanceof DerivedType and + not t1 instanceof TypedefType and + not t2 instanceof TypedefType and + LeafEquiv::getEquivalenceClass(t1) = LeafEquiv::getEquivalenceClass(t2) + or + equalDerivedTypes(t1, t2) + or + equalTypedefTypes(t1, t2) + or + equalFunctionTypes(t1, t2) + ) + } + + /** + * A type that is either part of the type subset, or that is reachable from a type in the subset. + */ + private class RelevantType instanceof Type { + RelevantType() { exists(T t | typeGraph*(t, this)) } + + string toString() { result = this.(Type).toString() } + } + + private class RelevantDerivedType extends RelevantType instanceof DerivedType { + RelevantType getBaseType() { result = this.(DerivedType).getBaseType() } + } + + private class RelevantFunctionType extends RelevantType instanceof FunctionType { + RelevantType getReturnType() { result = this.(FunctionType).getReturnType() } + + RelevantType getParameterType(int i) { result = this.(FunctionType).getParameterType(i) } + } + + private class RelevantTypedefType extends RelevantType instanceof TypedefType { + RelevantType getBaseType() { result = this.(TypedefType).getBaseType() } + } + + private module LeafEquiv = QlBuiltins::EquivalenceRelation; + + private predicate equalLeafRelation(RelevantType t1, RelevantType t2) { + Config::equalLeafTypes(t1, t2) + } + + private RelevantType unspecify(SpecifiedType t) { + // This subtly and importantly handles the complicated cases of typedefs. Under most scenarios, + // if we see a typedef in `equalTypes()` we can simply get the base type and continue. However, + // there is an exception if we have a specified type that points to a typedef that points to + // another specified type. In this case, `SpecifiedType::getASpecifier()` will return all of + // specifiers, not just those above the TypedefType, and `stripTopLevelSpecifiers` will return + // the innermost type that is not a TypedefType or a SpecifiedType, which is what we want, as + // all specifiers have already been accounted for when we visit the outermost `SpecifiedType`. + if Config::resolveTypedefs() + then result = t.(SpecifiedType).stripTopLevelSpecifiers() + else result = t.(SpecifiedType).getBaseType() + } + + bindingset[t1, t2] + private predicate equalDerivedTypes(RelevantDerivedType t1, RelevantDerivedType t2) { + exists(Boolean baseTypesEqual | + (baseTypesEqual = true implies equalTypes(t1.getBaseType(), t2.getBaseType())) and + ( + Config::equalPointerTypes(t1, t2, baseTypesEqual) + or + Config::equalArrayTypes(t1, t2, baseTypesEqual) + or + Config::equalReferenceTypes(t1, t2, baseTypesEqual) + ) + ) + or + exists(Boolean unspecifiedTypesEqual | + // Note that this case is different from the above, in that we don't merely get the base + // type (as that could be a TypedefType that points to another SpecifiedType). We need to + // unspecify the type to see if the base types are equal. + (unspecifiedTypesEqual = true implies equalTypes(unspecify(t1), unspecify(t2))) and + Config::equalSpecifiedTypes(t1, t2, unspecifiedTypesEqual) + ) + } + + bindingset[t1, t2] + private predicate equalFunctionTypes(RelevantFunctionType t1, RelevantFunctionType t2) { + exists(Boolean returnTypeEqual, Boolean parameterTypesEqual | + (returnTypeEqual = true implies equalTypes(t1.getReturnType(), t2.getReturnType())) and + ( + parameterTypesEqual = true + implies + forall(int i | exists([t1, t2].getParameterType(i)) | + equalTypes(t1.getParameterType(i), t2.getParameterType(i)) + ) + ) and + ( + Config::equalRoutineTypes(t1, t2, returnTypeEqual, parameterTypesEqual) + or + Config::equalFunctionPointerIshTypes(t1, t2, returnTypeEqual, parameterTypesEqual) + ) + ) + } + + bindingset[t1, t2] + private predicate equalTypedefTypes(RelevantTypedefType t1, RelevantTypedefType t2) { + exists(Boolean baseTypesEqual | + (baseTypesEqual = true implies equalTypes(t1.getBaseType(), t2.getBaseType())) and + Config::equalTypedefTypes(t1, t2, baseTypesEqual) + ) + } +} + +module FunctionDeclarationTypeEquivalence { + predicate equalReturnTypes(FunctionDeclarationEntry f1, FunctionDeclarationEntry f2) { + TypeEquivalence::equalTypes(f1.getType(), f2.getType()) + } + + predicate equalParameterTypes(FunctionDeclarationEntry f1, FunctionDeclarationEntry f2) { + f1.getDeclaration() = f2.getDeclaration() and + forall(int i | exists([f1, f2].getParameterDeclarationEntry(i)) | + TypeEquivalence::equalTypes(f1.getParameterDeclarationEntry(i) + .getType(), f2.getParameterDeclarationEntry(i).getType()) + ) + } +} + +/** + * Convenience class to reduce the awkwardness of how `RoutineType` and `FunctionPointerIshType` + * don't have a common ancestor. + */ +private class FunctionType extends Type { + FunctionType() { this instanceof RoutineType or this instanceof FunctionPointerIshType } + + Type getReturnType() { + result = this.(RoutineType).getReturnType() or + result = this.(FunctionPointerIshType).getReturnType() + } + + Type getParameterType(int i) { + result = this.(RoutineType).getParameterType(i) or + result = this.(FunctionPointerIshType).getParameterType(i) + } +} +/* + * predicate typesCompatibleImpl(Type t1, Type t2) { + * // A type is compatible with itself + * t1 = t2 + * or + * // All specifiers must match, but the order does not matter: + * ( + * t1 instanceof SpecifiedType and + * t2 instanceof SpecifiedType + * ) and + * specifiersMatchExactly(t1, t2) and + * typesCompatibleImpl(t1.stripTopLevelSpecifiers(), t2.stripTopLevelSpecifiers()) + * or + * // Identically qualified pointers are compatible if they point to compatible types. + * typesCompatibleImpl(t1.(PointerType).getBaseType(), t2.(PointerType).getBaseType()) + * or + * // Array objects are compatible if they have a compatible element type. If both have a constant + * // size then that size must match. + * typesCompatibleImpl(t1.(ArrayType).getBaseType(), t2.(ArrayType).getBaseType()) and + * count(int i | i = [t1, t2].(ArrayType).getSize()) < 2 + * or + * // Enum types are compatible with one of char, int, or signed int, but the implementation + * // decides. + * [t1, t2] instanceof Enum and + * ([t1, t2] instanceof CharType or [t1, t2] instanceof IntType) + * or + * // `int` is the same as `signed`, `signed int`, while `unsigned` is the same as `unsigned int`. + * t1.(IntegralType).getCanonicalArithmeticType() = t2.(IntegralType).getCanonicalArithmeticType() + * or + * // Function types are compatible if they have the same return type and compatible parameters. + * // Technically, variadic functions are have special behavior not covered here. + * exists(RoutineType f1, RoutineType f2 | f1 = t1 and f2 = t2 | + * typesCompatibleImpl(f1.getReturnType(), f2.getReturnType()) and + * forall(int i | exists([f1, f2].getParameterType(i)) | + * typesCompatibleImpl(f1.getParameterType(i), f2.getParameterType(i)) + * ) + * ) + * or + * // Function pointer types should be covered by `PointerType` and `RoutineType` above, but that is + * // not how they are implemented in CodeQL. + * exists(FunctionPointerIshType f1, FunctionPointerIshType f2 | f1 = t1 and f2 = t2 | + * typesCompatibleImpl(f1.getReturnType(), f2.getReturnType()) and + * forall(int i | exists([f1, f2].getParameterType(i)) | + * typesCompatibleImpl(f1.getParameterType(i), f2.getParameterType(i)) + * ) + * ) + * } + */ + diff --git a/cpp/common/src/codingstandards/cpp/types/Graph.qll b/cpp/common/src/codingstandards/cpp/types/Graph.qll new file mode 100644 index 0000000000..70c51a40ba --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/types/Graph.qll @@ -0,0 +1,15 @@ +import cpp + +predicate typeGraph(Type t, Type refersTo) { + refersTo = t.(DerivedType).getBaseType() + or + refersTo = t.(RoutineType).getReturnType() + or + refersTo = t.(RoutineType).getAParameterType() + or + refersTo = t.(FunctionPointerIshType).getReturnType() + or + refersTo = t.(FunctionPointerIshType).getAParameterType() + or + refersTo = t.(TypedefType).getBaseType() +} diff --git a/cpp/common/src/codingstandards/cpp/types/LvalueConversion.qll b/cpp/common/src/codingstandards/cpp/types/LvalueConversion.qll new file mode 100644 index 0000000000..252e783438 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/types/LvalueConversion.qll @@ -0,0 +1,38 @@ +import cpp + +/** + * Get the type of an lvalue after lvalue conversion. + * + * This will return the type itself if no conversion is performed. + */ +Type getLvalueConverted(Type t) { + if exists(performLvalueConversion(t, _)) + then result = performLvalueConversion(t, _) + else result = t +} + +/** + * Perform lvalue conversion on a type, allowing for a description of why the type was converted + * if it was. + * + * Does not return a value if no lvalue conversion was performed. + * + * Warning: This predicate may not return a result if the resulting type is not in the database. + * For convenience, this is accepted here, otherwise we would have to create a new type to return + * that wouldn't implement the type APIs and likely wouldn't be very useful. + */ +Type performLvalueConversion(Type t, string reason) { + result.(PointerType).getBaseType() = t.(ArrayType).getBaseType() and + reason = "array-to-pointer decay" + or + t instanceof RoutineType and + result.(PointerType).getBaseType() = t and + reason = "function-to-function-pointer decay" + or + isObjectType(t) and + exists(t.getASpecifier()) and + result = t.stripTopLevelSpecifiers() and + reason = "qualifiers removed" +} + +private predicate isObjectType(Type t) { not t.stripTopLevelSpecifiers() instanceof PointerType } diff --git a/cpp/common/src/codingstandards/cpp/Pointers.qll b/cpp/common/src/codingstandards/cpp/types/Pointers.qll similarity index 100% rename from cpp/common/src/codingstandards/cpp/Pointers.qll rename to cpp/common/src/codingstandards/cpp/types/Pointers.qll diff --git a/cpp/common/src/codingstandards/cpp/types/SimpleAssignment.qll b/cpp/common/src/codingstandards/cpp/types/SimpleAssignment.qll new file mode 100644 index 0000000000..e9804c29c4 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/types/SimpleAssignment.qll @@ -0,0 +1,45 @@ +import codingstandards.cpp.types.LvalueConversion +import codingstandards.cpp.types.Compatible + +module SimpleAssignment { + final private class FinalType = Type; + + private class RelevantType extends FinalType { + RelevantType() { exists(T t | typeGraph*(t, this) or typeGraph(getLvalueConverted(t), this)) } + + string toString() { result = "relevant type" } + } + + /** + * Whether a pair of qualified or unqualified pointer types satisfy the simple assignment + * constraints from 6.5.16.1. + * + * There are additional constraints not implemented here involving one or more arithmetic types. + */ + predicate satisfiesSimplePointerAssignment(RelevantType left, RelevantType right) { + simplePointerAssignmentImpl(getLvalueConverted(left), right) + } + + /** + * Implementation of 6.5.16.1 for a pair of pointer types, that assumes lvalue conversion has been + * performed on the left operand. + */ + private predicate simplePointerAssignmentImpl(RelevantType left, RelevantType right) { + exists(RelevantType leftBase, RelevantType rightBase | + // The left operand has atomic, qualified, or unqualified pointer type: + leftBase = left.stripTopLevelSpecifiers().(PointerType).getBaseType() and + rightBase = right.stripTopLevelSpecifiers().(PointerType).getBaseType() and + ( + // and both operands are pointers to qualified or unqualified versions of compatible types: + TypeEquivalence::equalTypes(leftBase + .stripTopLevelSpecifiers(), rightBase.stripTopLevelSpecifiers()) + or + // or one operand is a pointer to a qualified or unqualified version of void + [leftBase, rightBase].stripTopLevelSpecifiers() instanceof VoidType + ) and + // and the type pointed to by the left has all the qualifiers of the type pointed to by the + // right: + forall(Specifier s | s = rightBase.getASpecifier() | s = leftBase.getASpecifier()) + ) + } +} diff --git a/cpp/common/src/codingstandards/cpp/TrivialType.qll b/cpp/common/src/codingstandards/cpp/types/TrivialType.qll similarity index 100% rename from cpp/common/src/codingstandards/cpp/TrivialType.qll rename to cpp/common/src/codingstandards/cpp/types/TrivialType.qll diff --git a/cpp/common/src/codingstandards/cpp/types/Type.qll b/cpp/common/src/codingstandards/cpp/types/Type.qll new file mode 100644 index 0000000000..42d77b8055 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/types/Type.qll @@ -0,0 +1,96 @@ +/** + * A module for representing different `Type`s. + */ + +import cpp + +/** + * A fundamental type, as defined by `[basic.fundamental]`. + */ +class FundamentalType extends BuiltInType { + FundamentalType() { + // A fundamental type is any `BuiltInType` except types indicating errors during extraction, or + // "unknown" types inserted into uninstantiated templates + not this instanceof ErroneousType and + not this instanceof UnknownType + } +} + +/** + * A type that is incomplete. + */ +class IncompleteType extends Class { + IncompleteType() { not hasDefinition() } +} + +/** + * A type that implements the BitmaskType trait. + * https://en.cppreference.com/w/cpp/named_req/BitmaskType + */ +abstract class BitmaskType extends Type { } + +/** + * Holds if `enum` implements required overload `overload` to implement + * the BitmaskType trait. + */ +private predicate isRequiredEnumOverload(Enum enum, Function overload) { + overload.getName().regexpMatch("operator([&|^~]|&=|\\|=)") and + forex(Parameter p | p = overload.getAParameter() | + ( + p.getType() = enum + or + p.getType().(ReferenceType).getBaseType() = enum + ) + ) +} + +private class EnumBitmaskType extends BitmaskType, Enum { + EnumBitmaskType() { + // Implements all the required overload + count(Function overload | isRequiredEnumOverload(this, overload)) = 6 + } +} + +/** + * A type without `const` and `volatile` specifiers. + */ +Type stripSpecifiers(Type type) { + if type instanceof SpecifiedType + then result = stripSpecifiers(type.(SpecifiedType).getBaseType()) + else result = type +} + +signature class PossiblySpecifiedBaseType extends Type; + +/** + * This module defines a class `Type` which holds for types `T` and `const/volatile T` etc. + * + * Similar to `getUnspecifiedType()`, but does not resolve typedefs. Useful for matching + * potentially qualified versions of standard typedef types, such as `const mtx_t`. + * + * Example usage: `someType.(PossiblySpecified::Type).strip()` + */ +module PossiblySpecified { + import cpp as cpp + + final class CppType = cpp::Type; + + class Type extends CppType { + BaseType baseType; + + Type() { baseType = stripSpecifiers(this) } + + BaseType strip() { result = baseType } + } +} + +/** + * Get the precision of an integral type, where precision is defined as the number of bits + * that can be used to represent the numeric value. + * https://wiki.sei.cmu.edu/confluence/display/c/INT35-C.+Use+correct+integer+precisions + */ +int getPrecision(IntegralType type) { + type.isExplicitlyUnsigned() and result = type.getSize() * 8 + or + type.isExplicitlySigned() and result = type.getSize() * 8 - 1 +} diff --git a/cpp/common/src/codingstandards/cpp/TypeUses.qll b/cpp/common/src/codingstandards/cpp/types/Uses.qll similarity index 100% rename from cpp/common/src/codingstandards/cpp/TypeUses.qll rename to cpp/common/src/codingstandards/cpp/types/Uses.qll diff --git a/cpp/common/src/codingstandards/cpp/VariablyModifiedTypes.qll b/cpp/common/src/codingstandards/cpp/types/VariablyModifiedTypes.qll similarity index 100% rename from cpp/common/src/codingstandards/cpp/VariablyModifiedTypes.qll rename to cpp/common/src/codingstandards/cpp/types/VariablyModifiedTypes.qll diff --git a/cpp/common/test/guideline_recategorizations/DisappliedQuery.ql b/cpp/common/test/guideline_recategorizations/DisappliedQuery.ql index 0254eca9bd..58ba3239e0 100644 --- a/cpp/common/test/guideline_recategorizations/DisappliedQuery.ql +++ b/cpp/common/test/guideline_recategorizations/DisappliedQuery.ql @@ -10,7 +10,7 @@ import cpp import codingstandards.cpp.CodingStandards -import codingstandards.cpp.TypeUses +import codingstandards.cpp.types.Uses import codingstandards.cpp.exclusions.cpp.RuleMetadata from UserType ut, string reason diff --git a/cpp/common/test/library/codingstandards/cpp/trivialtypes/LiteralType.ql b/cpp/common/test/library/codingstandards/cpp/trivialtypes/LiteralType.ql index 4d0f8567d0..e7a1d5ebd3 100644 --- a/cpp/common/test/library/codingstandards/cpp/trivialtypes/LiteralType.ql +++ b/cpp/common/test/library/codingstandards/cpp/trivialtypes/LiteralType.ql @@ -1,5 +1,5 @@ import cpp -import codingstandards.cpp.TrivialType +import codingstandards.cpp.types.TrivialType from Type t where diff --git a/cpp/common/test/library/codingstandards/cpp/trivialtypes/TrivialType.ql b/cpp/common/test/library/codingstandards/cpp/trivialtypes/TrivialType.ql index a85fcf5676..edbfbe5303 100644 --- a/cpp/common/test/library/codingstandards/cpp/trivialtypes/TrivialType.ql +++ b/cpp/common/test/library/codingstandards/cpp/trivialtypes/TrivialType.ql @@ -1,5 +1,5 @@ import cpp -import codingstandards.cpp.TrivialType +import codingstandards.cpp.types.TrivialType from Type t where diff --git a/cpp/common/test/library/codingstandards/cpp/trivialtypes/TriviallyCopyableType.ql b/cpp/common/test/library/codingstandards/cpp/trivialtypes/TriviallyCopyableType.ql index 3b3f498796..1667372f4b 100644 --- a/cpp/common/test/library/codingstandards/cpp/trivialtypes/TriviallyCopyableType.ql +++ b/cpp/common/test/library/codingstandards/cpp/trivialtypes/TriviallyCopyableType.ql @@ -1,5 +1,5 @@ import cpp -import codingstandards.cpp.TrivialType +import codingstandards.cpp.types.TrivialType from TriviallyCopyableClass t select t diff --git a/rule_packages/c/Generics.json b/rule_packages/c/Generics.json new file mode 100644 index 0000000000..1183bdc709 --- /dev/null +++ b/rule_packages/c/Generics.json @@ -0,0 +1,194 @@ +{ + "MISRA-C-2012": { + "RULE-23-1": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "A generic selection should only be expanded from a macro.", + "kind": "problem", + "name": "A generic selection should only be expanded from a macro", + "precision": "very-high", + "severity": "warning", + "short_name": "GenericSelectionNotExpandedFromAMacro", + "tags": [ + "maintainability", + "external/misra/c/2012/amendment3" + ] + }, + { + "description": "A generic selection should depend on the type of a macro argument.", + "kind": "problem", + "name": "A generic selection should depend on the type of a macro argument", + "precision": "high", + "severity": "warning", + "short_name": "GenericSelectionDoesntDependOnMacroArgument", + "tags": [ + "correctness", + "maintainability", + "external/misra/c/2012/amendment3" + ] + } + ], + "title": "A generic selection should only be expanded from a macro" + }, + "RULE-23-2": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "A generic selection that is not expanded from a macro shall not contain potential side effects in the controlling expression.", + "kind": "problem", + "name": "A generic selection shall not contain side-effects if it is not expanded from a macro", + "precision": "high", + "severity": "warning", + "short_name": "GenericSelectionNotFromMacroWithSideEffects", + "tags": [ + "maintainability", + "external/misra/c/2012/amendment3" + ] + } + ], + "implementation_scope": { + "items": [ + "Due to limited information in the CodeQL database for macro argument expansions, this implementation reports generics not of the form `_Generic((X)` where all invocations of that generic contain a side effect in the controlling expression." + ] + }, + "title": "A generic selection that is not expanded from a macro shall not contain potential side effects in the controlling expression" + }, + "RULE-23-3": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "A generic selection should contain at least one non-default association.", + "kind": "problem", + "name": "A generic selection should contain at least one non-default association", + "precision": "very-high", + "severity": "warning", + "short_name": "GenericWithoutNonDefaultAssociation", + "tags": [ + "correctness", + "maintainability", + "external/misra/c/2012/amendment3" + ] + } + ], + "title": "A generic selection should contain at least one non-default association" + }, + "RULE-23-4": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Generic selections undergo lvalue conversion before type comparison, leading to certain types being impossible to select.", + "kind": "problem", + "name": "A generic association shall list an appropriate type", + "precision": "very-high", + "severity": "error", + "short_name": "GenericAssociationWithUnselectableType", + "tags": [ + "correctness", + "external/misra/c/2012/amendment3" + ] + } + ], + "title": "A generic association shall list an appropriate type" + }, + "RULE-23-5": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "Pointer types in a generic selection do not undergo pointer conversions and should not counterintuitively fall through to the default association.", + "kind": "problem", + "name": "A generic selection should not depend on implicit pointer type conversion", + "precision": "very-high", + "severity": "warning", + "short_name": "DangerousDefaultSelectionForPointerInGeneric", + "tags": [ + "correctness", + "external/misra/c/2012/amendment3" + ] + } + ], + "title": "A generic selection should not depend on implicit pointer type conversion" + }, + "RULE-23-6": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "The controlling expression of a generic selection shall have an essential type that matches its standard type.", + "kind": "problem", + "name": "The controlling expression of a generic selection shall have an essential type that matches its standard type", + "precision": "high", + "severity": "error", + "short_name": "GenericExpressionWithIncorrectEssentialType", + "tags": [ + "correctness", + "external/misra/c/2012/amendment3" + ] + } + ], + "implementation_scope": { + "items": [ + "The CodeQL extractor will expand character literals passed into macros into integer literals, and therefore the essential type system for character literals will not necessarily be analyzed correctly." + ] + }, + "title": "The controlling expression of a generic selection shall have an essential type that matches its standard type" + }, + "RULE-23-7": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "A generic selection that is expanded from a macro should evaluate its argument only once.", + "kind": "problem", + "name": "A generic selection that is expanded from a macro should evaluate its argument only once", + "precision": "medium", + "severity": "warning", + "short_name": "InvalidGenericMacroArgumentEvaluation", + "tags": [ + "correctness", + "maintainability", + "external/misra/c/2012/amendment3" + ] + } + ], + "implementation_scope": { + "items": [ + "Due to limited information in the CodeQL database for macro argument expansions, this implementation performs string matching on the macro parameters against the macro body to determine where parameters are expanded. If text indicating a nonevaluated context such as sizeof() or _Alignof() appear, there will be no positive result." + ] + }, + "title": "A generic selection that is expanded from a macro should evaluate its argument only once" + }, + "RULE-23-8": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "A default association shall appear as either the first or the last association of a generic selection", + "kind": "problem", + "name": "A default association shall appear as either the first or the last association of a generic", + "precision": "very-high", + "severity": "warning", + "short_name": "DefaultGenericSelectionNotFirstOrLast", + "tags": [ + "maintainability", + "external/misra/c/2012/amendment3" + ] + } + ], + "title": "A default association shall appear as either the first or the last association of a generic selection" + } + } +} \ No newline at end of file From cec1948777ab22388c622f460e1dfde9577f66d9 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Sun, 9 Mar 2025 23:05:52 -0700 Subject: [PATCH 2439/2573] Use clang-format v11, which is closer to v14 installed on ci/cd --- c/misra/test/rules/RULE-23-1/test.c | 26 +-- c/misra/test/rules/RULE-23-2/test.c | 28 +-- c/misra/test/rules/RULE-23-3/test.c | 16 +- c/misra/test/rules/RULE-23-4/test.c | 70 +++---- c/misra/test/rules/RULE-23-5/test.c | 301 ++++++++++++++-------------- c/misra/test/rules/RULE-23-6/test.c | 20 +- c/misra/test/rules/RULE-23-7/test.c | 57 +++--- c/misra/test/rules/RULE-23-8/test.c | 20 +- 8 files changed, 270 insertions(+), 268 deletions(-) diff --git a/c/misra/test/rules/RULE-23-1/test.c b/c/misra/test/rules/RULE-23-1/test.c index f27541dd38..c7d33b1a70 100644 --- a/c/misra/test/rules/RULE-23-1/test.c +++ b/c/misra/test/rules/RULE-23-1/test.c @@ -1,25 +1,25 @@ // NON_COMPLIANT: -#define M1 _Generic(1, int: 1) +#define M1 _Generic(1, int : 1) // NON_COMPLIANT: -#define M2(X) _Generic(1, int: X) +#define M2(X) _Generic(1, int : X) // COMPLIANT: -#define M3(X) _Generic((X), int: 1) +#define M3(X) _Generic((X), int : 1) // COMPLIANT: -#define M4(X) _Generic((X), int: 1) +#define M4(X) _Generic((X), int : 1) // COMPLIANT: -#define M5(X) _Generic((X + X), int: 1) +#define M5(X) _Generic((X + X), int : 1) int f1(int a, int b); // COMPLIANT: -#define M6(X) _Generic(f(1, (X)), int: 1) -#define M7(X) 1 + _Generic((X), int: 1) +#define M6(X) _Generic(f(1, (X)), int : 1) +#define M7(X) 1 + _Generic((X), int : 1) // COMPLIANT: -#define M8(X) g(_Generic((X), int: 1)) +#define M8(X) g(_Generic((X), int : 1)) // NON_COMPLIANT: -#define M9(X) g(_Generic((Y), int: 1)) +#define M9(X) g(_Generic((Y), int : 1)) void f2() { - _Generic(1, int: 1); // NON_COMPLIANT - M1; // NON_COMPLIANT - M2(1); // NON_COMPLIANT - M3(1); // COMPLIANT + _Generic(1, int : 1); // NON_COMPLIANT + M1; // NON_COMPLIANT + M2(1); // NON_COMPLIANT + M3(1); // COMPLIANT } diff --git a/c/misra/test/rules/RULE-23-2/test.c b/c/misra/test/rules/RULE-23-2/test.c index 6a25e15189..9e4c6ca6b2 100644 --- a/c/misra/test/rules/RULE-23-2/test.c +++ b/c/misra/test/rules/RULE-23-2/test.c @@ -1,30 +1,30 @@ -#define M1(X) _Generic((X), int: 1) +#define M1(X) _Generic((X), int : 1) // NON_COMPLIANT: -#define M2(X) _Generic((X)++, int: 1) +#define M2(X) _Generic((X)++, int : 1) // NON_COMPLIANT: -#define M3(X) _Generic(l1++, int: (X)) +#define M3(X) _Generic(l1++, int : (X)) // COMPLIANT: #define M3_WRAPPER(X) M3(X) -#define M4(X) _Generic((X)(), int: 1) +#define M4(X) _Generic((X)(), int : 1) void f1() { int l1; - _Generic(1, int: 1); // COMPLIANT - M1(1); // COMPLIANT - _Generic(l1, int: 1); // COMPLIANT - M1(l1); // COMPLIANT + _Generic(1, int : 1); // COMPLIANT + M1(1); // COMPLIANT + _Generic(l1, int : 1); // COMPLIANT + M1(l1); // COMPLIANT _Generic(l1++, - int: 1); // COMPLIANT: side effect is not from a macro argument. - M1(l1++); // COMPLIANT - M2(l1); // NON-COMPLIANT: at macro definition - M3(1); // NON-COMPLIANT: at macro definition - M3_WRAPPER(1); // NON-COMPLIANT: at definition of M3 + int : 1); // COMPLIANT: side effect is not from a macro argument. + M1(l1++); // COMPLIANT + M2(l1); // NON-COMPLIANT: at macro definition + M3(1); // NON-COMPLIANT: at macro definition + M3_WRAPPER(1); // NON-COMPLIANT: at definition of M3 } int g1; @@ -41,7 +41,7 @@ void f2() { #define M5(X) \ static volatile l##X; \ - _Generic(l##X, int: 1) + _Generic(l##X, int : 1) void f3() { M5(a); // NON-COMPLIANT diff --git a/c/misra/test/rules/RULE-23-3/test.c b/c/misra/test/rules/RULE-23-3/test.c index d3f093f242..616c14bc80 100644 --- a/c/misra/test/rules/RULE-23-3/test.c +++ b/c/misra/test/rules/RULE-23-3/test.c @@ -1,20 +1,20 @@ // NON-COMPLIANT -#define M1 _Generic(1, default: 1); +#define M1 _Generic(1, default : 1); // COMPLIANT -#define M2 _Generic(1, int: 1); +#define M2 _Generic(1, int : 1); // COMPLIANT -#define M3 _Generic(1, int: 1, default: 1); +#define M3 _Generic(1, int : 1, default : 1); // COMPLIANT -#define M4 _Generic(1, int: 1, long: 1); +#define M4 _Generic(1, int : 1, long : 1); void f() { // Invalid generics: // _Generic(1); // _Generic(1, void: 1); - _Generic(1, default: 1); // NON-COMPLIANT - _Generic(1, int: 1); // COMPLIANT - _Generic(1, int: 1, default: 1); // COMPLIANT - _Generic(1, int: 1, long: 1); // COMPLIANT + _Generic(1, default : 1); // NON-COMPLIANT + _Generic(1, int : 1); // COMPLIANT + _Generic(1, int : 1, default : 1); // COMPLIANT + _Generic(1, int : 1, long : 1); // COMPLIANT M1; M2; diff --git a/c/misra/test/rules/RULE-23-4/test.c b/c/misra/test/rules/RULE-23-4/test.c index 135ab4d0f7..cfef26318c 100644 --- a/c/misra/test/rules/RULE-23-4/test.c +++ b/c/misra/test/rules/RULE-23-4/test.c @@ -7,41 +7,41 @@ union empty_union {}; void f() { _Generic(1, - int: 1, // COMPLIANT - const int: 1, // NON-COMPLIANT - volatile int: 1, // NON-COMPLIANT - _Atomic int: 1, // NON-COMPLIANT - int *: 1, // COMPLIANT - int const *: 1, // COMPLIANT - const volatile int: 1, // NON-COMPLIANT - int volatile const *: 1, // COMPLIANT - struct {}: 1, // NON-COMPLIANT - struct {} *: 1, // NON-COMPLIANT - empty_struct_t: 1, // COMPLIANT - struct empty_struct: 1, // COMPLIANT - empty_struct_t *: 1, // COMPLIANT - struct empty_struct *: 1, // COMPLIANT - union {}: 1, // NON-COMPLIANT - union {} *: 1, // NON-COMPLIANT - empty_union_t: 1, // COMPLIANT - union empty_union: 1, // COMPLIANT - empty_union_t *: 1, // COMPLIANT - union empty_union *: 1, // COMPLIANT - // int[]: 1, // compile error - int[3]: 1, // NON-COMPLIANT - int(*)[3]: 1, // COMPLIANT: pointer to array OK - // int (int*): 1, // compile error - int (*)(int *): 1, // COMPLIANT: function pointers OK - default: 1 // COMPLIANT + int : 1, // COMPLIANT + const int : 1, // NON-COMPLIANT + volatile int : 1, // NON-COMPLIANT + _Atomic int : 1, // NON-COMPLIANT + int * : 1, // COMPLIANT + int const * : 1, // COMPLIANT + const volatile int : 1, // NON-COMPLIANT + int volatile const * : 1, // COMPLIANT + struct {} : 1, // NON-COMPLIANT + struct {} * : 1, // NON-COMPLIANT + empty_struct_t : 1, // COMPLIANT + struct empty_struct : 1, // COMPLIANT + empty_struct_t * : 1, // COMPLIANT + struct empty_struct * : 1, // COMPLIANT + union {} : 1, // NON-COMPLIANT + union {} * : 1, // NON-COMPLIANT + empty_union_t : 1, // COMPLIANT + union empty_union : 1, // COMPLIANT + empty_union_t * : 1, // COMPLIANT + union empty_union * : 1, // COMPLIANT + // int[]: 1, // compile error + int[3] : 1, // NON-COMPLIANT + int(*)[3] : 1, // COMPLIANT: pointer to array OK + // int (int*): 1, // compile error + int (*)(int *) : 1, // COMPLIANT: function pointers OK + default : 1 // COMPLIANT ); } // NON-COMPLIANT -#define M1(X) _Generic((X), const int: 1, default: 0) +#define M1(X) _Generic((X), const int : 1, default : 0) // NON-COMPLIANT -#define M2(X) _Generic(1, X[3]: 1, default: 0) +#define M2(X) _Generic(1, X[3] : 1, default : 0) // COMPLIANT -#define M3(X) _Generic(1, X: 1, default: 0) +#define M3(X) _Generic(1, X : 1, default : 0) void f2() { M1(1); @@ -60,12 +60,12 @@ typedef long const *long_const_ptr; void f3() { _Generic(1, - int_t: 1, // COMPLIANT - const_int: 1, // NON-COMPLIANT - const_int_ptr: 1, // COMPLIANT - long_const_ptr: 1, // COMPLIANT - const int_ptr: 1, // COMPLIANT - default: 1 // COMPLIANT + int_t : 1, // COMPLIANT + const_int : 1, // NON-COMPLIANT + const_int_ptr : 1, // COMPLIANT + long_const_ptr : 1, // COMPLIANT + const int_ptr : 1, // COMPLIANT + default : 1 // COMPLIANT ); } diff --git a/c/misra/test/rules/RULE-23-5/test.c b/c/misra/test/rules/RULE-23-5/test.c index d9e140f0af..5d48cc58bd 100644 --- a/c/misra/test/rules/RULE-23-5/test.c +++ b/c/misra/test/rules/RULE-23-5/test.c @@ -19,85 +19,85 @@ void f2() { void *: f1, const void *: f1, default: f1); // COMPLIANT - _Generic(l2, int: f1, default: f1); // COMPLIANT - _Generic(l3, int: f1, default: f1); // COMPLIANT - _Generic(l4, int: f1, default: f1); // COMPLIANT - _Generic(l5, int: f1, default: f1); // COMPLIANT + _Generic(l2, int : f1, default : f1); // COMPLIANT + _Generic(l3, int : f1, default : f1); // COMPLIANT + _Generic(l4, int : f1, default : f1); // COMPLIANT + _Generic(l5, int : f1, default : f1); // COMPLIANT // Compliant, default case is not matched - _Generic(l1, int: f1); // COMPLIANT - _Generic(l2, int *: f1); // COMPLIANT - _Generic(l3, const int *: f1); // COMPLIANT - _Generic(l4, volatile int *: f1); // COMPLIANT - _Generic(l5, volatile const int *: f1); // COMPLIANT - _Generic(l6, void *: f1); // COMPLIANT - _Generic(l7, const void *: f1); // COMPLIANT - _Generic(l8, volatile void *: f1); // COMPLIANT - _Generic(l9, const volatile void *: f1); // COMPLIANT + _Generic(l1, int : f1); // COMPLIANT + _Generic(l2, int * : f1); // COMPLIANT + _Generic(l3, const int * : f1); // COMPLIANT + _Generic(l4, volatile int * : f1); // COMPLIANT + _Generic(l5, volatile const int * : f1); // COMPLIANT + _Generic(l6, void * : f1); // COMPLIANT + _Generic(l7, const void * : f1); // COMPLIANT + _Generic(l8, volatile void * : f1); // COMPLIANT + _Generic(l9, const volatile void * : f1); // COMPLIANT // Violation, match default case due to lack of pointer to pointer // conversions: - _Generic(l2, int *: f1, default: f1); // COMPLIANT - _Generic(l2, const int *: f1, default: f1); // NON-COMPLIANT - _Generic(l2, volatile int *: f1, default: f1); // NON-COMPLIANT - _Generic(l2, const volatile int *: f1, default: f1); // NON-COMPLIANT - _Generic(l2, void *: f1, default: f1); // NON-COMPLIANT - _Generic(l2, const void *: f1, default: f1); // NON-COMPLIANT - _Generic(l2, const volatile void *: f1, default: f1); // NON-COMPLIANT - - _Generic(l3, int *: f1, default: f1); // NON-COMPLIANT - _Generic(l3, const int *: f1, default: f1); // COMPLIANT - _Generic(l3, void *: f1, default: f1); // NON-COMPLIANT - _Generic(l3, const void *: f1, default: f1); // NON-COMPLIANT - _Generic(l3, const volatile void *: f1, default: f1); // NON-COMPLIANT + _Generic(l2, int * : f1, default : f1); // COMPLIANT + _Generic(l2, const int * : f1, default : f1); // NON-COMPLIANT + _Generic(l2, volatile int * : f1, default : f1); // NON-COMPLIANT + _Generic(l2, const volatile int * : f1, default : f1); // NON-COMPLIANT + _Generic(l2, void * : f1, default : f1); // NON-COMPLIANT + _Generic(l2, const void * : f1, default : f1); // NON-COMPLIANT + _Generic(l2, const volatile void * : f1, default : f1); // NON-COMPLIANT + + _Generic(l3, int * : f1, default : f1); // NON-COMPLIANT + _Generic(l3, const int * : f1, default : f1); // COMPLIANT + _Generic(l3, void * : f1, default : f1); // NON-COMPLIANT + _Generic(l3, const void * : f1, default : f1); // NON-COMPLIANT + _Generic(l3, const volatile void * : f1, default : f1); // NON-COMPLIANT // Obviously not volatile: - _Generic(l3, volatile int *: f1, default: f1); // COMPLIANT + _Generic(l3, volatile int * : f1, default : f1); // COMPLIANT // Debatable, but volatile const int* is assignable to const int* so its // considered risky - _Generic(l3, const volatile int *: f1, default: f1); // NON-COMPLIANT + _Generic(l3, const volatile int * : f1, default : f1); // NON-COMPLIANT - _Generic(l4, int *: f1, default: f1); // NON-COMPLIANT - _Generic(l4, volatile int *: f1, default: f1); // COMPLIANT - _Generic(l4, const volatile int *: f1, default: f1); // NON-COMPLIANT - _Generic(l4, void *: f1, default: f1); // NON-COMPLIANT - _Generic(l4, const volatile void *: f1, default: f1); // NON-COMPLIANT + _Generic(l4, int * : f1, default : f1); // NON-COMPLIANT + _Generic(l4, volatile int * : f1, default : f1); // COMPLIANT + _Generic(l4, const volatile int * : f1, default : f1); // NON-COMPLIANT + _Generic(l4, void * : f1, default : f1); // NON-COMPLIANT + _Generic(l4, const volatile void * : f1, default : f1); // NON-COMPLIANT // Debatable, but volatile int* isn't assignable to const int* or vice versa. - _Generic(l4, const int *: f1, default: f1); // COMPLIANT + _Generic(l4, const int * : f1, default : f1); // COMPLIANT // Debatable, but volatile int* isn't assignable to const void* or vice versa. - _Generic(l4, const void *: f1, default: f1); // COMPLIANT - - _Generic(l5, int *: f1, default: f1); // NON-COMPLIANT - _Generic(l5, const int *: f1, default: f1); // NON-COMPLIANT - _Generic(l5, volatile int *: f1, default: f1); // NON-COMPLIANT - _Generic(l5, const volatile int *: f1, default: f1); // COMPLIANT - _Generic(l5, void *: f1, default: f1); // NON-COMPLIANT - _Generic(l5, const void *: f1, default: f1); // NON-COMPLIANT - _Generic(l5, const volatile void *: f1, default: f1); // NON-COMPLIANT - - _Generic(l6, int *: f1, default: f1); // NON-COMPLIANT - _Generic(l6, const int *: f1, default: f1); // NON-COMPLIANT - _Generic(l6, volatile int *: f1, default: f1); // NON-COMPLIANT - _Generic(l6, const volatile int *: f1, default: f1); // NON-COMPLIANT - _Generic(l6, void *: f1, default: f1); // COMPLIANT - _Generic(l6, const void *: f1, default: f1); // NON-COMPLIANT - _Generic(l6, const volatile void *: f1, default: f1); // NON-COMPLIANT - - _Generic(l7, int *: f1, default: f1); // NON-COMPLIANT - _Generic(l7, const int *: f1, default: f1); // NON-COMPLIANT - _Generic(l7, const volatile int *: f1, default: f1); // NON-COMPLIANT - _Generic(l7, void *: f1, default: f1); // NON-COMPLIANT - _Generic(l7, const void *: f1, default: f1); // COMPLIANT - _Generic(l7, const volatile void *: f1, default: f1); // NON-COMPLIANT + _Generic(l4, const void * : f1, default : f1); // COMPLIANT + + _Generic(l5, int * : f1, default : f1); // NON-COMPLIANT + _Generic(l5, const int * : f1, default : f1); // NON-COMPLIANT + _Generic(l5, volatile int * : f1, default : f1); // NON-COMPLIANT + _Generic(l5, const volatile int * : f1, default : f1); // COMPLIANT + _Generic(l5, void * : f1, default : f1); // NON-COMPLIANT + _Generic(l5, const void * : f1, default : f1); // NON-COMPLIANT + _Generic(l5, const volatile void * : f1, default : f1); // NON-COMPLIANT + + _Generic(l6, int * : f1, default : f1); // NON-COMPLIANT + _Generic(l6, const int * : f1, default : f1); // NON-COMPLIANT + _Generic(l6, volatile int * : f1, default : f1); // NON-COMPLIANT + _Generic(l6, const volatile int * : f1, default : f1); // NON-COMPLIANT + _Generic(l6, void * : f1, default : f1); // COMPLIANT + _Generic(l6, const void * : f1, default : f1); // NON-COMPLIANT + _Generic(l6, const volatile void * : f1, default : f1); // NON-COMPLIANT + + _Generic(l7, int * : f1, default : f1); // NON-COMPLIANT + _Generic(l7, const int * : f1, default : f1); // NON-COMPLIANT + _Generic(l7, const volatile int * : f1, default : f1); // NON-COMPLIANT + _Generic(l7, void * : f1, default : f1); // NON-COMPLIANT + _Generic(l7, const void * : f1, default : f1); // COMPLIANT + _Generic(l7, const volatile void * : f1, default : f1); // NON-COMPLIANT // Debatable, but const void* isn't assignable to volatile int* or vice versa. - _Generic(l7, volatile int *: f1, default: f1); // COMPLIANT + _Generic(l7, volatile int * : f1, default : f1); // COMPLIANT - _Generic(l9, int *: f1, default: f1); // NON-COMPLIANT - _Generic(l9, const int *: f1, default: f1); // NON-COMPLIANT - _Generic(l9, volatile int *: f1, default: f1); // NON-COMPLIANT - _Generic(l9, const volatile int *: f1, default: f1); // NON-COMPLIANT - _Generic(l9, void *: f1, default: f1); // NON-COMPLIANT - _Generic(l9, const void *: f1, default: f1); // NON-COMPLIANT - _Generic(l9, const volatile void *: f1, default: f1); // COMPLIANT + _Generic(l9, int * : f1, default : f1); // NON-COMPLIANT + _Generic(l9, const int * : f1, default : f1); // NON-COMPLIANT + _Generic(l9, volatile int * : f1, default : f1); // NON-COMPLIANT + _Generic(l9, const volatile int * : f1, default : f1); // NON-COMPLIANT + _Generic(l9, void * : f1, default : f1); // NON-COMPLIANT + _Generic(l9, const void * : f1, default : f1); // NON-COMPLIANT + _Generic(l9, const volatile void * : f1, default : f1); // COMPLIANT /** * Edge case 1: The controlling expression undergoes lvalue conversion, so @@ -110,66 +110,66 @@ void f2() { int *const l14; const int *const l15; - _Generic(l10, int *: f1, default: f1); // COMPLIANT - _Generic(l11, const int *: f1, default: f1); // COMPLIANT - _Generic(l12, volatile int *: f1, default: f1); // COMPLIANT - _Generic(l13, const volatile int *: f1, default: f1); // COMPLIANT - - _Generic(l10, int *: f1, default: f1); // COMPLIANT - _Generic(l10, const int *: f1, default: f1); // NON-COMPLIANT - _Generic(l10, volatile int *: f1, default: f1); // NON-COMPLIANT - _Generic(l10, const volatile int *: f1, default: f1); // NON-COMPLIANT - _Generic(l10, void *: f1, default: f1); // NON-COMPLIANT - _Generic(l10, const void *: f1, default: f1); // NON-COMPLIANT - _Generic(l10, const volatile void *: f1, default: f1); // NON-COMPLIANT - - _Generic(l11, int *: f1, default: f1); // NON-COMPLIANT - _Generic(l11, const int *: f1, default: f1); // COMPLIANT - _Generic(l11, void *: f1, default: f1); // NON-COMPLIANT - _Generic(l11, const void *: f1, default: f1); // NON-COMPLIANT - _Generic(l11, const volatile void *: f1, default: f1); // NON-COMPLIANT + _Generic(l10, int * : f1, default : f1); // COMPLIANT + _Generic(l11, const int * : f1, default : f1); // COMPLIANT + _Generic(l12, volatile int * : f1, default : f1); // COMPLIANT + _Generic(l13, const volatile int * : f1, default : f1); // COMPLIANT + + _Generic(l10, int * : f1, default : f1); // COMPLIANT + _Generic(l10, const int * : f1, default : f1); // NON-COMPLIANT + _Generic(l10, volatile int * : f1, default : f1); // NON-COMPLIANT + _Generic(l10, const volatile int * : f1, default : f1); // NON-COMPLIANT + _Generic(l10, void * : f1, default : f1); // NON-COMPLIANT + _Generic(l10, const void * : f1, default : f1); // NON-COMPLIANT + _Generic(l10, const volatile void * : f1, default : f1); // NON-COMPLIANT + + _Generic(l11, int * : f1, default : f1); // NON-COMPLIANT + _Generic(l11, const int * : f1, default : f1); // COMPLIANT + _Generic(l11, void * : f1, default : f1); // NON-COMPLIANT + _Generic(l11, const void * : f1, default : f1); // NON-COMPLIANT + _Generic(l11, const volatile void * : f1, default : f1); // NON-COMPLIANT // Obviously not volatile: - _Generic(l11, volatile int *: f1, default: f1); // COMPLIANT + _Generic(l11, volatile int * : f1, default : f1); // COMPLIANT // Debatable, but volatile const int* is assignable to const int* so its // considered risky - _Generic(l11, const volatile int *: f1, default: f1); // NON-COMPLIANT + _Generic(l11, const volatile int * : f1, default : f1); // NON-COMPLIANT - _Generic(l12, int *: f1, default: f1); // NON-COMPLIANT - _Generic(l12, volatile int *: f1, default: f1); // COMPLIANT - _Generic(l12, const volatile int *: f1, default: f1); // NON-COMPLIANT - _Generic(l12, void *: f1, default: f1); // NON-COMPLIANT - _Generic(l12, const volatile void *: f1, default: f1); // NON-COMPLIANT + _Generic(l12, int * : f1, default : f1); // NON-COMPLIANT + _Generic(l12, volatile int * : f1, default : f1); // COMPLIANT + _Generic(l12, const volatile int * : f1, default : f1); // NON-COMPLIANT + _Generic(l12, void * : f1, default : f1); // NON-COMPLIANT + _Generic(l12, const volatile void * : f1, default : f1); // NON-COMPLIANT // Debatab12e, but volatile int* isn't assignable to const int* or vice versa. - _Generic(l12, const int *: f1, default: f1); // COMPLIANT + _Generic(l12, const int * : f1, default : f1); // COMPLIANT // Debatable, but volatile int* isn't assignable to const void* or vice versa. - _Generic(l12, const void *: f1, default: f1); // COMPLIANT - - _Generic(l13, int *: f1, default: f1); // NON-COMPLIANT - _Generic(l13, const int *: f1, default: f1); // NON-COMPLIANT - _Generic(l13, volatile int *: f1, default: f1); // NON-COMPLIANT - _Generic(l13, const volatile int *: f1, default: f1); // COMPLIANT - _Generic(l13, void *: f1, default: f1); // NON-COMPLIANT - _Generic(l13, const void *: f1, default: f1); // NON-COMPLIANT - _Generic(l13, const volatile void *: f1, default: f1); // NON-COMPLIANT - - _Generic(l14, int *: f1, default: f1); // COMPLIANT - _Generic(l14, const int *: f1, default: f1); // NON-COMPLIANT - _Generic(l14, volatile int *: f1, default: f1); // NON-COMPLIANT - _Generic(l14, const volatile int *: f1, default: f1); // NON-COMPLIANT - _Generic(l14, void *: f1, default: f1); // NON-COMPLIANT - _Generic(l14, const void *: f1, default: f1); // NON-COMPLIANT - _Generic(l14, const volatile void *: f1, default: f1); // NON-COMPLIANT - - _Generic(l15, int *: f1, default: f1); // NON-COMPLIANT - _Generic(l15, const int *: f1, default: f1); // COMPLIANT - _Generic(l15, void *: f1, default: f1); // NON-COMPLIANT - _Generic(l15, const void *: f1, default: f1); // NON-COMPLIANT - _Generic(l15, const volatile void *: f1, default: f1); // NON-COMPLIANT + _Generic(l12, const void * : f1, default : f1); // COMPLIANT + + _Generic(l13, int * : f1, default : f1); // NON-COMPLIANT + _Generic(l13, const int * : f1, default : f1); // NON-COMPLIANT + _Generic(l13, volatile int * : f1, default : f1); // NON-COMPLIANT + _Generic(l13, const volatile int * : f1, default : f1); // COMPLIANT + _Generic(l13, void * : f1, default : f1); // NON-COMPLIANT + _Generic(l13, const void * : f1, default : f1); // NON-COMPLIANT + _Generic(l13, const volatile void * : f1, default : f1); // NON-COMPLIANT + + _Generic(l14, int * : f1, default : f1); // COMPLIANT + _Generic(l14, const int * : f1, default : f1); // NON-COMPLIANT + _Generic(l14, volatile int * : f1, default : f1); // NON-COMPLIANT + _Generic(l14, const volatile int * : f1, default : f1); // NON-COMPLIANT + _Generic(l14, void * : f1, default : f1); // NON-COMPLIANT + _Generic(l14, const void * : f1, default : f1); // NON-COMPLIANT + _Generic(l14, const volatile void * : f1, default : f1); // NON-COMPLIANT + + _Generic(l15, int * : f1, default : f1); // NON-COMPLIANT + _Generic(l15, const int * : f1, default : f1); // COMPLIANT + _Generic(l15, void * : f1, default : f1); // NON-COMPLIANT + _Generic(l15, const void * : f1, default : f1); // NON-COMPLIANT + _Generic(l15, const volatile void * : f1, default : f1); // NON-COMPLIANT // Obviously not volatile: - _Generic(l15, volatile int *: f1, default: f1); // COMPLIANT + _Generic(l15, volatile int * : f1, default : f1); // COMPLIANT // Debatable, but volatile const int* is assignable to const int* so its // considered risky - _Generic(l15, const volatile int *: f1, default: f1); // NON-COMPLIANT + _Generic(l15, const volatile int * : f1, default : f1); // NON-COMPLIANT /** * Edge case 2: Types don't have to be identical to be compatible. @@ -177,18 +177,19 @@ void f2() { int(*l16)[3]; // This is a risky conversion that should be reported: - _Generic(l16, int(*const)[3]: f1, default: f1); // NON-COMPLIANT + _Generic(l16, int(*const)[3] : f1, default : f1); // NON-COMPLIANT // However, in this one, there is a match on the second selector, because it // it is an array type with a compatible element type, and sizes only have to // match if both arrays have a constant size. Therefore, the default selector // is not chosen and this is not a violation. - _Generic(l16, int(*const)[3]: f1, int(*)[]: f1, default: f1); // COMPLIANT + _Generic(l16, int(*const)[3] : f1, int(*)[] : f1, default : f1); // COMPLIANT // In this case, the second selector is not a compatible type because the // array has a constant size that doesn't match, and this should be reported. - _Generic(l16, - int(*const)[3]: f1, - int(*)[4]: f1, - default: f1); // NON-COMPLIANT + _Generic(l16, int(*const)[3] + : f1, int(*)[4] + : f1, + default + : f1); // NON-COMPLIANT /** * Edge case 3: Conversion on _Generic, make sure we use the fully converted @@ -196,10 +197,10 @@ void f2() { */ int *l17; void *l18; - _Generic((void *)l17, void *: f1, default: f1); // COMPLIANT - _Generic((void *)l17, int *: f1, default: f1); // NON-COMPLIANT - _Generic((int *)l18, void *: f1, default: f1); // NON-COMPLIANT - _Generic((int *)l18, int *: f1, default: f1); // COMPLIANT + _Generic((void *)l17, void * : f1, default : f1); // COMPLIANT + _Generic((void *)l17, int * : f1, default : f1); // NON-COMPLIANT + _Generic((int *)l18, void * : f1, default : f1); // NON-COMPLIANT + _Generic((int *)l18, int * : f1, default : f1); // COMPLIANT /** * Edge case 4: Typedefs must be resolved properly. @@ -210,27 +211,27 @@ void f2() { c_int_t *l20; volatile c_int_t *l21; - _Generic(l2, int *: f1, default: f1); // COMPLIANT - _Generic(l2, int_t *: f1, default: f1); // COMPLIANT - _Generic(l2, const int *: f1, default: f1); // NON-COMPLIANT - _Generic(l2, const int_t *: f1, default: f1); // NON-COMPLIANT - _Generic(l2, c_int_t *: f1, default: f1); // NON-COMPLIANT - - _Generic(l19, int *: f1, default: f1); // COMPLIANT - _Generic(l19, int_t *: f1, default: f1); // COMPLIANT - _Generic(l19, const int *: f1, default: f1); // NON-COMPLIANT - _Generic(l19, const int_t *: f1, default: f1); // NON-COMPLIANT - _Generic(l19, c_int_t *: f1, default: f1); // NON-COMPLIANT - - _Generic(l3, int *: f1, default: f1); // NON-COMPLIANT - _Generic(l3, int_t *: f1, default: f1); // NON-COMPLIANT - _Generic(l3, const int *: f1, default: f1); // COMPLIANT - _Generic(l3, const int_t *: f1, default: f1); // COMPLIANT - _Generic(l3, c_int_t *: f1, default: f1); // COMPLIANT - - _Generic(l20, int *: f1, default: f1); // NON-COMPLIANT - _Generic(l20, int_t *: f1, default: f1); // NON-COMPLIANT - _Generic(l20, const int *: f1, default: f1); // COMPLIANT - _Generic(l20, const int_t *: f1, default: f1); // COMPLIANT - _Generic(l20, c_int_t *: f1, default: f1); // COMPLIANT + _Generic(l2, int * : f1, default : f1); // COMPLIANT + _Generic(l2, int_t * : f1, default : f1); // COMPLIANT + _Generic(l2, const int * : f1, default : f1); // NON-COMPLIANT + _Generic(l2, const int_t * : f1, default : f1); // NON-COMPLIANT + _Generic(l2, c_int_t * : f1, default : f1); // NON-COMPLIANT + + _Generic(l19, int * : f1, default : f1); // COMPLIANT + _Generic(l19, int_t * : f1, default : f1); // COMPLIANT + _Generic(l19, const int * : f1, default : f1); // NON-COMPLIANT + _Generic(l19, const int_t * : f1, default : f1); // NON-COMPLIANT + _Generic(l19, c_int_t * : f1, default : f1); // NON-COMPLIANT + + _Generic(l3, int * : f1, default : f1); // NON-COMPLIANT + _Generic(l3, int_t * : f1, default : f1); // NON-COMPLIANT + _Generic(l3, const int * : f1, default : f1); // COMPLIANT + _Generic(l3, const int_t * : f1, default : f1); // COMPLIANT + _Generic(l3, c_int_t * : f1, default : f1); // COMPLIANT + + _Generic(l20, int * : f1, default : f1); // NON-COMPLIANT + _Generic(l20, int_t * : f1, default : f1); // NON-COMPLIANT + _Generic(l20, const int * : f1, default : f1); // COMPLIANT + _Generic(l20, const int_t * : f1, default : f1); // COMPLIANT + _Generic(l20, c_int_t * : f1, default : f1); // COMPLIANT } \ No newline at end of file diff --git a/c/misra/test/rules/RULE-23-6/test.c b/c/misra/test/rules/RULE-23-6/test.c index 7d59c1e199..2b18f4cd2c 100644 --- a/c/misra/test/rules/RULE-23-6/test.c +++ b/c/misra/test/rules/RULE-23-6/test.c @@ -3,21 +3,21 @@ int l2; long l3; enum { E1 } l4; -#define M1(X) _Generic((X), int: 1, unsigned int: 1, short: 2, long: 3) +#define M1(X) _Generic((X), int : 1, unsigned int : 1, short : 2, long : 3) void f1() { M1(l1); // COMPLIANT M1(l2); // COMPLIANT M1(l3); // COMPLIANT M1(l4); // NON-COMPLIANT - M1(1); // COMPLIANT - M1(1u); // COMPLIANT - M1(l1 + l1); // NON-COMPLIANT - M1((int)(l1 + l1)); // COMPLIANT - M1('c'); // NON-COMPLIANT[false negative] - _Generic('c', int: 1); // NON-COMPLIANT - _Generic(_Generic(0, default: l1 + l1), default: 1); // NON-COMPLIANT - _Generic(((short)_Generic(0, default: (l1 + l1))), default: 1); // COMPLIANT + M1(1); // COMPLIANT + M1(1u); // COMPLIANT + M1(l1 + l1); // NON-COMPLIANT + M1((int)(l1 + l1)); // COMPLIANT + M1('c'); // NON-COMPLIANT[false negative] + _Generic('c', int : 1); // NON-COMPLIANT + _Generic(_Generic(0, default : l1 + l1), default : 1); // NON-COMPLIANT + _Generic(((short)_Generic(0, default : (l1 + l1))), default : 1); // COMPLIANT } void f2() { @@ -29,5 +29,5 @@ void f2() { struct S1 { int m1; }; - _Generic((const struct S1){.m1 = 0}, default: 1); + _Generic((const struct S1){.m1 = 0}, default : 1); } \ No newline at end of file diff --git a/c/misra/test/rules/RULE-23-7/test.c b/c/misra/test/rules/RULE-23-7/test.c index 41a5d6ab6c..e2f5e98ee5 100644 --- a/c/misra/test/rules/RULE-23-7/test.c +++ b/c/misra/test/rules/RULE-23-7/test.c @@ -2,59 +2,60 @@ int f1(int p1); int f2(int p1, int p2); // COMPLIANT -- standard correct cases: -#define M1(X) _Generic((X), int: f1, default: f1)(X) -#define M2(X) _Generic((X), int: f1(X), default: f1(X)) +#define M1(X) _Generic((X), int : f1, default : f1)(X) +#define M2(X) _Generic((X), int : f1(X), default : f1(X)) // NON-COMPLIANT -- standard incorrect cases: -#define M3(X) _Generic((X), int: f1(X), default: 0) -#define M4(X) (X) + _Generic((X), int: f1(X), default: f1(X)) -#define M5(X) _Generic((X), int: f1(X), default: f1(X)) + (X) -#define M6(X) _Generic((X), int: f1((X) + (X)), default: f1(X)) +#define M3(X) _Generic((X), int : f1(X), default : 0) +#define M4(X) (X) + _Generic((X), int : f1(X), default : f1(X)) +#define M5(X) _Generic((X), int : f1(X), default : f1(X)) + (X) +#define M6(X) _Generic((X), int : f1((X) + (X)), default : f1(X)) // Compliant by exception // COMPLIANT -#define M7(X) _Generic((X), int: 1, default: 0) +#define M7(X) _Generic((X), int : 1, default : 0) // NON-COMPLIANT[FALSE NEGATIVE] -- Without an expansion, we can't tell if this // macro has only constant expressions or not. -#define M8(X) _Generic((X), int: f1(1)) +#define M8(X) _Generic((X), int : f1(1)) // NON-COMPLIANT -- If the macro is expanded we can detect constant expressions -#define M9(X) _Generic((X), int: f1) +#define M9(X) _Generic((X), int : f1) // NON-COMPLIANT -- If the macro is expanded we can detect constant expressions -#define M10(X) _Generic((X), int: f1(1)) +#define M10(X) _Generic((X), int : f1(1)) void f3() { M9(1); M10(1); } // COMPLIANT -- multiple uses in the controlling expression is OK: -#define M11(X) _Generic((X) + (X), int: f1(X), default: f1(X)) +#define M11(X) _Generic((X) + (X), int : f1(X), default : f1(X)) // NON-COMPLIANT -- the rule should still be enforced otherwise: -#define M12(X) _Generic((X) + (X), int: f1(X), default: 1) -#define M13(X) _Generic((X) + (X), int: f1(X), default: f1(X)) + (X) +#define M12(X) _Generic((X) + (X), int : f1(X), default : 1) +#define M13(X) _Generic((X) + (X), int : f1(X), default : f1(X)) + (X) // COMPLIANT -- the argument is not used in the controlling expression: -#define M14(X) _Generic(1, int: f1((X) + (X)), default: f1(X)) -#define M15(X) _Generic(1, int: f1(X), default: f1(X)) + (X) +#define M14(X) _Generic(1, int : f1((X) + (X)), default : f1(X)) +#define M15(X) _Generic(1, int : f1(X), default : f1(X)) + (X) // Test cases with more than one argument: // COMPLIANT -- Y is not used in the controlling expression: -#define M16(X, Y) _Generic((X), int: f2((X), (Y)), default: f2((X), 1)) +#define M16(X, Y) _Generic((X), int : f2((X), (Y)), default : f2((X), 1)) // NON-COMPLIANT -- Y is used in the controlling expression -#define M17(X, Y) _Generic((X) + (Y), int: f2((X), (Y)), default: f2((X), 1)) +#define M17(X, Y) _Generic((X) + (Y), int : f2((X), (Y)), default : f2((X), 1)) // COMPLIANT -- Y is used in the controlling expression correctly -#define M18(X, Y) _Generic((X) + (Y), int: f2((X), (Y)), default: f2((X), (Y))) +#define M18(X, Y) \ + _Generic((X) + (Y), int : f2((X), (Y)), default : f2((X), (Y))) // Test unevaluated contexts: // COMPLIANT -- sizeof is not evaluated: -#define M19(X) _Generic((X), int[sizeof(X)]: f1, default: f1)(X) -#define M20(X) _Generic((X), int: f1(sizeof(X)), default: f1)(X) -#define M21(X) _Generic((X), int: f1(X), default: f1(X)) + sizeof(X) +#define M19(X) _Generic((X), int[sizeof(X)] : f1, default : f1)(X) +#define M20(X) _Generic((X), int : f1(sizeof(X)), default : f1)(X) +#define M21(X) _Generic((X), int : f1(X), default : f1(X)) + sizeof(X) // NON-COMPLIANT[FALSE NEGATIVE] -- sizeof plus evaluated context -#define M22(X) _Generic((X), int: f1(sizeof(X) + X), default: f1(X))(X) +#define M22(X) _Generic((X), int : f1(sizeof(X) + X), default : f1(X))(X) // NON-COMPLIANT[FALSE NEGATIVE] -- array type sizes may be evaluated -#define M23(X) _Generic((X), int[X]: f1, default: f1)(X) +#define M23(X) _Generic((X), int[X] : f1, default : f1)(X) // COMPLIANT -- alignof, typeof are not evaluated: -#define M24(X) _Generic((X), int[X]: f1, default: f1)(X) +#define M24(X) _Generic((X), int[X] : f1, default : f1)(X) // Nested macros: #define ONCE(X) (X) @@ -64,8 +65,8 @@ void f3() { // COMPLIANT #define M25(X) _Generic((X), int: ONCE(f1(X)), default: ONCE(f1(X)) // COMPLIANT[FALSE POSITIVE] -#define M26(X) _Generic((X), int: IGNORE_2ND(X, X), default: IGNORE_2ND(X, X)) -#define M27(X) _Generic((X), int: f1(IGNORE(X)), default: f1(IGNORE(X)))(X) +#define M26(X) _Generic((X), int : IGNORE_2ND(X, X), default : IGNORE_2ND(X, X)) +#define M27(X) _Generic((X), int : f1(IGNORE(X)), default : f1(IGNORE(X)))(X) // NON-COMPLIANT[FASE NEGATIVE] -#define M28(X) _Generic((X), int: f1(IGNORE(X)), default: f1(IGNORE(X))) -#define M29(X) _Generic((X), int: TWICE(f1(X)), default: TWICE(f1(X))) \ No newline at end of file +#define M28(X) _Generic((X), int : f1(IGNORE(X)), default : f1(IGNORE(X))) +#define M29(X) _Generic((X), int : TWICE(f1(X)), default : TWICE(f1(X))) \ No newline at end of file diff --git a/c/misra/test/rules/RULE-23-8/test.c b/c/misra/test/rules/RULE-23-8/test.c index fdd6e66044..340ddb16db 100644 --- a/c/misra/test/rules/RULE-23-8/test.c +++ b/c/misra/test/rules/RULE-23-8/test.c @@ -2,21 +2,21 @@ * Cases where the macro itself is always compliant or non compliant: */ // COMPLIANT -#define M1(X) _Generic((X), int: 1, unsigned int: 2) +#define M1(X) _Generic((X), int : 1, unsigned int : 2) // COMPLIANT -#define M2(X) _Generic((X), int: 1, unsigned int: 2, default: 0) +#define M2(X) _Generic((X), int : 1, unsigned int : 2, default : 0) // COMPLIANT -#define M3(X) _Generic((X), default: 0, int: 1, unsigned int: 2) +#define M3(X) _Generic((X), default : 0, int : 1, unsigned int : 2) // NON-COMPLIANT -#define M4(X) _Generic((X), int: 1, default: 0, unsigned int: 2) +#define M4(X) _Generic((X), int : 1, default : 0, unsigned int : 2) /** * Macros that are compliant or not based on use: */ // NON-COMPLIANT: because every use is non compliant -#define M5(...) _Generic(0, __VA_ARGS__, default: 0, int: 1) +#define M5(...) _Generic(0, __VA_ARGS__, default : 0, int : 1) // COMPLIANT: because some uses are compliant -#define M6(...) _Generic(0, __VA_ARGS__, int: 1) +#define M6(...) _Generic(0, __VA_ARGS__, int : 1) void f1() { M1(0); // COMPLIANT @@ -42,8 +42,8 @@ void f1() { * RULE-23-1. */ void f2() { - _Generic(0, int: 1, unsigned int: 2); // COMPLIANT - _Generic(0, int: 1, unsigned int: 2, default: 0); // COMPLIANT - _Generic(0, default: 0, int: 1, unsigned int: 2); // COMPLIANT - _Generic(0, int: 1, default: 0, unsigned int: 2); // NON-COMPLIANT + _Generic(0, int : 1, unsigned int : 2); // COMPLIANT + _Generic(0, int : 1, unsigned int : 2, default : 0); // COMPLIANT + _Generic(0, default : 0, int : 1, unsigned int : 2); // COMPLIANT + _Generic(0, int : 1, default : 0, unsigned int : 2); // NON-COMPLIANT } \ No newline at end of file From b2aef27eb8227aabb772ff1da27c597a4678c169 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Sun, 9 Mar 2025 23:10:33 -0700 Subject: [PATCH 2440/2573] Format Type.qll --- cpp/common/src/codingstandards/cpp/Type.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/Type.qll b/cpp/common/src/codingstandards/cpp/Type.qll index 32c139fd89..052096559a 100644 --- a/cpp/common/src/codingstandards/cpp/Type.qll +++ b/cpp/common/src/codingstandards/cpp/Type.qll @@ -1,2 +1,2 @@ import codingstandards.cpp.types.Type -import codingstandards.cpp.types.Uses \ No newline at end of file +import codingstandards.cpp.types.Uses From 183100e621e5eb5c72ba36552d7111d14bdef32c Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Sun, 9 Mar 2025 23:10:44 -0700 Subject: [PATCH 2441/2573] Fix Generics.json package --- rule_packages/c/Generics.json | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/rule_packages/c/Generics.json b/rule_packages/c/Generics.json index 1183bdc709..02c7cb2364 100644 --- a/rule_packages/c/Generics.json +++ b/rule_packages/c/Generics.json @@ -52,9 +52,8 @@ } ], "implementation_scope": { - "items": [ + "description": "Due to limited information in the CodeQL database for macro argument expansions, this implementation reports generics not of the form `_Generic((X)` where all invocations of that generic contain a side effect in the controlling expression." - ] }, "title": "A generic selection that is not expanded from a macro shall not contain potential side effects in the controlling expression" }, @@ -138,9 +137,8 @@ } ], "implementation_scope": { - "items": [ + "description": "The CodeQL extractor will expand character literals passed into macros into integer literals, and therefore the essential type system for character literals will not necessarily be analyzed correctly." - ] }, "title": "The controlling expression of a generic selection shall have an essential type that matches its standard type" }, @@ -164,9 +162,8 @@ } ], "implementation_scope": { - "items": [ + "description": "Due to limited information in the CodeQL database for macro argument expansions, this implementation performs string matching on the macro parameters against the macro body to determine where parameters are expanded. If text indicating a nonevaluated context such as sizeof() or _Alignof() appear, there will be no positive result." - ] }, "title": "A generic selection that is expanded from a macro should evaluate its argument only once" }, @@ -176,7 +173,7 @@ }, "queries": [ { - "description": "A default association shall appear as either the first or the last association of a generic selection", + "description": "A default association shall appear as either the first or the last association of a generic selection.", "kind": "problem", "name": "A default association shall appear as either the first or the last association of a generic", "precision": "very-high", From 61b2852f614e0143f4af11abb99c8126ce43d033 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Sun, 9 Mar 2025 23:10:59 -0700 Subject: [PATCH 2442/2573] Fix DeduplicateMacroResults test --- .../DeduplicateMacroResults.expected | 14 +++++++------- .../cpp/alertreporting/DeduplicateMacroResults.ql | 6 ++++-- 2 files changed, 11 insertions(+), 9 deletions(-) diff --git a/cpp/common/test/library/codingstandards/cpp/alertreporting/DeduplicateMacroResults.expected b/cpp/common/test/library/codingstandards/cpp/alertreporting/DeduplicateMacroResults.expected index d9a7fe6a07..c273346e3b 100644 --- a/cpp/common/test/library/codingstandards/cpp/alertreporting/DeduplicateMacroResults.expected +++ b/cpp/common/test/library/codingstandards/cpp/alertreporting/DeduplicateMacroResults.expected @@ -1,7 +1,7 @@ -| deduplicatemacroresults.cpp:4:8:4:9 | definition of g1 | Findme var 'g1'. | deduplicatemacroresults.cpp:4:8:4:9 | deduplicatemacroresults.cpp:4:8:4:9 | (ignored) | -| deduplicatemacroresults.cpp:10:1:10:34 | SOMETIMES_HAS_RESULTS1(type,name) | Invocation of macro $@ has findme var 'g3'. | deduplicatemacroresults.cpp:6:1:6:52 | deduplicatemacroresults.cpp:6:1:6:52 | SOMETIMES_HAS_RESULTS1 | -| deduplicatemacroresults.cpp:13:1:13:34 | SOMETIMES_HAS_RESULTS2(type,name) | Invocation of macro $@ has findme var 'g5'. | deduplicatemacroresults.cpp:7:1:7:53 | deduplicatemacroresults.cpp:7:1:7:53 | SOMETIMES_HAS_RESULTS2 | -| deduplicatemacroresults.cpp:15:1:15:50 | #define ALWAYS_HAS_SAME_RESULT() extern findme g6; | Macro ALWAYS_HAS_SAME_RESULT always has findme var named g6 | deduplicatemacroresults.cpp:15:1:15:50 | deduplicatemacroresults.cpp:15:1:15:50 | (ignored) | -| deduplicatemacroresults.cpp:21:1:21:70 | #define ALWAYS_HAS_RESULT_VARIED_DESCRIPTION(name) extern findme name; | Macro ALWAYS_HAS_RESULT_VARIED_DESCRIPTION always has findme var, for example '$@'. | deduplicatemacroresults.cpp:23:38:23:39 | deduplicatemacroresults.cpp:23:38:23:39 | g7 | -| deduplicatemacroresults.cpp:30:1:31:50 | #define OUTER_ALWAYS_HAS_SAME_RESULT() extern INNER_SOMETIMES_HAS_RESULTS(findme, g10); | Macro OUTER_ALWAYS_HAS_SAME_RESULT always has findme var named g10 | deduplicatemacroresults.cpp:30:1:31:50 | deduplicatemacroresults.cpp:30:1:31:50 | (ignored) | -| deduplicatemacroresults.cpp:37:1:38:52 | #define OUTER_ALWAYS_HAS_RESULT_VARIED_DESCRIPTION(name) INNER_SOMETIMES_HAS_RESULTS(findme, name ## suffix); | Macro OUTER_ALWAYS_HAS_RESULT_VARIED_DESCRIPTION always has findme var, for example '$@'. | deduplicatemacroresults.cpp:40:44:40:47 | deduplicatemacroresults.cpp:40:44:40:47 | g11suffix | +| deduplicatemacroresults.cpp:4:8:4:9 | definition of g1 | Findme var 'g1'. | deduplicatemacroresults.cpp:4:8:4:9 | definition of g1 | | +| deduplicatemacroresults.cpp:10:1:10:34 | SOMETIMES_HAS_RESULTS1(type,name) | Invocation of macro $@ has findme var 'g3'. | deduplicatemacroresults.cpp:6:1:6:52 | #define SOMETIMES_HAS_RESULTS1(type,name) type name | SOMETIMES_HAS_RESULTS1 | +| deduplicatemacroresults.cpp:13:1:13:34 | SOMETIMES_HAS_RESULTS2(type,name) | Invocation of macro $@ has findme var 'g5'. | deduplicatemacroresults.cpp:7:1:7:53 | #define SOMETIMES_HAS_RESULTS2(type,name) type name; | SOMETIMES_HAS_RESULTS2 | +| deduplicatemacroresults.cpp:15:1:15:50 | #define ALWAYS_HAS_SAME_RESULT() extern findme g6; | Macro ALWAYS_HAS_SAME_RESULT always has findme var named g6 | deduplicatemacroresults.cpp:15:1:15:50 | #define ALWAYS_HAS_SAME_RESULT() extern findme g6; | (ignored) | +| deduplicatemacroresults.cpp:21:1:21:70 | #define ALWAYS_HAS_RESULT_VARIED_DESCRIPTION(name) extern findme name; | Macro ALWAYS_HAS_RESULT_VARIED_DESCRIPTION always has findme var, for example '$@'. | deduplicatemacroresults.cpp:23:38:23:39 | declaration of g7 | g7 | +| deduplicatemacroresults.cpp:30:1:31:50 | #define OUTER_ALWAYS_HAS_SAME_RESULT() extern INNER_SOMETIMES_HAS_RESULTS(findme, g10); | Macro OUTER_ALWAYS_HAS_SAME_RESULT always has findme var named g10 | deduplicatemacroresults.cpp:30:1:31:50 | #define OUTER_ALWAYS_HAS_SAME_RESULT() extern INNER_SOMETIMES_HAS_RESULTS(findme, g10); | (ignored) | +| deduplicatemacroresults.cpp:37:1:38:52 | #define OUTER_ALWAYS_HAS_RESULT_VARIED_DESCRIPTION(name) INNER_SOMETIMES_HAS_RESULTS(findme, name ## suffix); | Macro OUTER_ALWAYS_HAS_RESULT_VARIED_DESCRIPTION always has findme var, for example '$@'. | deduplicatemacroresults.cpp:40:44:40:47 | definition of g11suffix | g11suffix | diff --git a/cpp/common/test/library/codingstandards/cpp/alertreporting/DeduplicateMacroResults.ql b/cpp/common/test/library/codingstandards/cpp/alertreporting/DeduplicateMacroResults.ql index 3c9f2fc345..68cfc9a78f 100644 --- a/cpp/common/test/library/codingstandards/cpp/alertreporting/DeduplicateMacroResults.ql +++ b/cpp/common/test/library/codingstandards/cpp/alertreporting/DeduplicateMacroResults.ql @@ -23,12 +23,14 @@ module FindMeReportConfig implements MacroReportConfigSig { result = "Invocation of macro $@ has findme var '" + f.getName() + "'." } - string getMessageNotInMacro(FindMe f) { result = "Findme var '" + f.getName() + "'." } + string getMessageNotInMacro(FindMe f, Locatable extra, string extraString) { + result = "Findme var '" + f.getName() + "'." and extra = f and extraString = "" + } } import DeduplicateMacroResults import DeduplicateMacroResults::Report from ReportResult report -select report.getPrimaryElement(), report.getMessage(), report.getOptionalPlaceholderLocation(), +select report.getPrimaryElement(), report.getMessage(), report.getOptionalPlaceholderLocatable(), report.getOptionalPlaceholderMessage() From 30748787907f4ac2ccf2042f2adec6417bb87f92 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Sun, 9 Mar 2025 23:17:48 -0700 Subject: [PATCH 2443/2573] Fix query formats --- c/common/src/codingstandards/c/Generic.qll | 11 +++-------- .../GenericSelectionNotExpandedFromAMacro.ql | 6 ++---- .../GenericSelectionNotFromMacroWithSideEffects.ql | 2 +- .../GenericWithoutNonDefaultAssociation.ql | 3 ++- .../GenericAssociationWithUnselectableType.ql | 4 ++-- .../GenericExpressionWithIncorrectEssentialType.ql | 6 +++--- .../DefaultGenericSelectionNotFirstOrLast.ql | 9 ++++++--- .../DeclarationsOfAFunctionSameNameAndType.ql | 14 +++++++++----- .../DeclarationsOfAnObjectSameNameAndType.ql | 4 ++-- 9 files changed, 30 insertions(+), 29 deletions(-) diff --git a/c/common/src/codingstandards/c/Generic.qll b/c/common/src/codingstandards/c/Generic.qll index 1bf4282017..784c16778e 100644 --- a/c/common/src/codingstandards/c/Generic.qll +++ b/c/common/src/codingstandards/c/Generic.qll @@ -10,7 +10,6 @@ string deparenthesize(string input) { result = input.substring(1, input.length() - 1) } - class GenericMacro extends Macro { string ctrlExpr; @@ -61,9 +60,7 @@ class ParsedGenericMacro extends Macro { ) } - string getAParameter() { - result = this.(FunctionLikeMacro).getAParameter() - } + string getAParameter() { result = this.(FunctionLikeMacro).getAParameter() } int getAParsedGenericCommaSeparatorOffset() { exists(ParsedText text | @@ -118,9 +115,7 @@ class ParsedGenericMacro extends Macro { ) } - string getControllingExprString() { - result = getSelectionString(1) - } + string getControllingExprString() { result = getSelectionString(1) } bindingset[str, word] private int countWordInString(string word, string str) { @@ -152,4 +147,4 @@ class ParsedGenericMacro extends Macro { not idx = 0 and result = expansionsInsideSelection(parameter, idx + 1) } -} \ No newline at end of file +} diff --git a/c/misra/src/rules/RULE-23-1/GenericSelectionNotExpandedFromAMacro.ql b/c/misra/src/rules/RULE-23-1/GenericSelectionNotExpandedFromAMacro.ql index ef2a2e75c5..540804ffc4 100644 --- a/c/misra/src/rules/RULE-23-1/GenericSelectionNotExpandedFromAMacro.ql +++ b/c/misra/src/rules/RULE-23-1/GenericSelectionNotExpandedFromAMacro.ql @@ -18,8 +18,6 @@ from C11GenericExpr generic, Expr ctrlExpr where not isExcluded(generic, GenericsPackage::genericSelectionNotExpandedFromAMacroQuery()) and ctrlExpr = generic.getControllingExpr() and - not exists(MacroInvocation mi | - mi.getAGeneratedElement() = generic.getExpr() - ) + not exists(MacroInvocation mi | mi.getAGeneratedElement() = generic.getExpr()) select generic, "Generic expression with controlling expression $@ is not expanded froma macro", -ctrlExpr, ctrlExpr.toString() + ctrlExpr, ctrlExpr.toString() diff --git a/c/misra/src/rules/RULE-23-2/GenericSelectionNotFromMacroWithSideEffects.ql b/c/misra/src/rules/RULE-23-2/GenericSelectionNotFromMacroWithSideEffects.ql index 3ec53a08bf..4b1a2d26c3 100644 --- a/c/misra/src/rules/RULE-23-2/GenericSelectionNotFromMacroWithSideEffects.ql +++ b/c/misra/src/rules/RULE-23-2/GenericSelectionNotFromMacroWithSideEffects.ql @@ -84,4 +84,4 @@ where not isExcluded(res.getPrimaryElement(), GenericsPackage::genericSelectionNotFromMacroWithSideEffectsQuery()) select res.getPrimaryElement(), res.getMessage(), res.getOptionalPlaceholderLocatable(), - res.getOptionalPlaceholderMessage() \ No newline at end of file + res.getOptionalPlaceholderMessage() diff --git a/c/misra/src/rules/RULE-23-3/GenericWithoutNonDefaultAssociation.ql b/c/misra/src/rules/RULE-23-3/GenericWithoutNonDefaultAssociation.ql index f3a0227022..bb2d57a714 100644 --- a/c/misra/src/rules/RULE-23-3/GenericWithoutNonDefaultAssociation.ql +++ b/c/misra/src/rules/RULE-23-3/GenericWithoutNonDefaultAssociation.ql @@ -31,5 +31,6 @@ where not exists(Type t | t = generic.getAnAssociationType() and not t instanceof VoidType - ) and primaryElement = MacroUnwrapper::unwrapElement(generic) + ) and + primaryElement = MacroUnwrapper::unwrapElement(generic) select primaryElement, "Generic selection contains no non-default association." diff --git a/c/misra/src/rules/RULE-23-4/GenericAssociationWithUnselectableType.ql b/c/misra/src/rules/RULE-23-4/GenericAssociationWithUnselectableType.ql index e8ed88f757..2d707548fa 100644 --- a/c/misra/src/rules/RULE-23-4/GenericAssociationWithUnselectableType.ql +++ b/c/misra/src/rules/RULE-23-4/GenericAssociationWithUnselectableType.ql @@ -20,10 +20,10 @@ import codingstandards.cpp.alertreporting.DeduplicateMacroResults /** * Check if a type contains an unmatchable anonymous struct or union. - * + * * Anonymous structs and unions are only equal to themselves. So any anonymous struct, or compound * type containing an anonymous struct, is unmatchable. - * + * * However, there is an exception if the anonymous struct is behind a typedef. All uses of that * typedef will resolve to the same anonymous struct, and so the typedef is matchable. */ diff --git a/c/misra/src/rules/RULE-23-6/GenericExpressionWithIncorrectEssentialType.ql b/c/misra/src/rules/RULE-23-6/GenericExpressionWithIncorrectEssentialType.ql index c27ce3dc55..6bf93947d8 100644 --- a/c/misra/src/rules/RULE-23-6/GenericExpressionWithIncorrectEssentialType.ql +++ b/c/misra/src/rules/RULE-23-6/GenericExpressionWithIncorrectEssentialType.ql @@ -57,6 +57,6 @@ where ) ) select generic, - "Controlling expression in generic " + extraMessage + - "has standard type " + ctrlType.toString() + ", which doesn't match its essential type " + - ctrlEssentialType.toString() + ".", extraElement, extraString \ No newline at end of file + "Controlling expression in generic " + extraMessage + "has standard type " + ctrlType.toString() + + ", which doesn't match its essential type " + ctrlEssentialType.toString() + ".", extraElement, + extraString diff --git a/c/misra/src/rules/RULE-23-8/DefaultGenericSelectionNotFirstOrLast.ql b/c/misra/src/rules/RULE-23-8/DefaultGenericSelectionNotFirstOrLast.ql index 04b12ac436..164ffffb1e 100644 --- a/c/misra/src/rules/RULE-23-8/DefaultGenericSelectionNotFirstOrLast.ql +++ b/c/misra/src/rules/RULE-23-8/DefaultGenericSelectionNotFirstOrLast.ql @@ -53,13 +53,15 @@ module GenericMisplacedDefaultReportConfig implements bindingset[description] string getMessageSameResultInAllExpansions(Macro m, string description) { result = - "Generic macro " + m.getName() + " has default as " + description + " association, which is not first or last." + "Generic macro " + m.getName() + " has default as " + description + + " association, which is not first or last." } /* Create a message to describe this macro, using '$@' to describe an example `ResultElement`. */ string getMessageVariedResultInAllExpansions(Macro m) { result = - "Generic macro " + m.getName() + " has a default association which is not first or last, for example $@." + "Generic macro " + m.getName() + + " has a default association which is not first or last, for example $@." } /** @@ -68,7 +70,8 @@ module GenericMisplacedDefaultReportConfig implements */ string getMessageResultInIsolatedExpansion(GenericWithMisplacedDefault element) { result = - "Generic macro $@, in this expansion, has default as " + describe(element) + " association, which is not first or last." + "Generic macro $@, in this expansion, has default as " + describe(element) + + " association, which is not first or last." } /** diff --git a/c/misra/src/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.ql b/c/misra/src/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.ql index a0d7c0c9ab..2de2e4fd0a 100644 --- a/c/misra/src/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.ql +++ b/c/misra/src/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.ql @@ -25,15 +25,19 @@ where //return type check ( not FunctionDeclarationTypeEquivalence::equalReturnTypes(f1, f2) and - case = "return type" and pluralDo = "does" + case = "return type" and + pluralDo = "does" or //parameter type check not FunctionDeclarationTypeEquivalence::equalParameterTypes(f1, f2) and - case = "parameter types" and pluralDo = "do" + case = "parameter types" and + pluralDo = "do" or //parameter name check parameterNamesUnmatched(f1, f2) and - case = "parameter names" and pluralDo = "do" + case = "parameter names" and + pluralDo = "do" ) -select f1, "The " + case + " of re-declaration of $@ " + pluralDo + " not use the same type names as declaration $@", f1, - f1.getName(), f2, f2.getName() +select f1, + "The " + case + " of re-declaration of $@ " + pluralDo + + " not use the same type names as declaration $@", f1, f1.getName(), f2, f2.getName() diff --git a/c/misra/src/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.ql b/c/misra/src/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.ql index 83c67e2efa..12ff583b6b 100644 --- a/c/misra/src/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.ql +++ b/c/misra/src/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.ql @@ -52,5 +52,5 @@ where decl2.getType()) select decl1, "The object $@ of type " + decl1.getType().toString() + - " does not use the same type names as re-declaration $@ of type " + decl2.getType().toString(), decl1, - decl1.getName(), decl2, decl2.getName() + " does not use the same type names as re-declaration $@ of type " + decl2.getType().toString(), + decl1, decl1.getName(), decl2, decl2.getName() From f1ec355fc7d08bcf8f1cc05c1dc61d0d1a15f47a Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Sun, 9 Mar 2025 23:19:09 -0700 Subject: [PATCH 2444/2573] Fix query metadata --- .../RULE-23-6/GenericExpressionWithIncorrectEssentialType.ql | 4 +++- .../rules/RULE-23-8/DefaultGenericSelectionNotFirstOrLast.ql | 2 +- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/c/misra/src/rules/RULE-23-6/GenericExpressionWithIncorrectEssentialType.ql b/c/misra/src/rules/RULE-23-6/GenericExpressionWithIncorrectEssentialType.ql index 6bf93947d8..f02f92b45a 100644 --- a/c/misra/src/rules/RULE-23-6/GenericExpressionWithIncorrectEssentialType.ql +++ b/c/misra/src/rules/RULE-23-6/GenericExpressionWithIncorrectEssentialType.ql @@ -4,9 +4,11 @@ * @description The controlling expression of a generic selection shall have an essential type that * matches its standard type. * @kind problem - * @precision very-high + * @precision high * @problem.severity error * @tags external/misra/id/rule-23-6 + * correctness + * external/misra/c/2012/amendment3 * external/misra/obligation/required */ diff --git a/c/misra/src/rules/RULE-23-8/DefaultGenericSelectionNotFirstOrLast.ql b/c/misra/src/rules/RULE-23-8/DefaultGenericSelectionNotFirstOrLast.ql index 164ffffb1e..6e443bd162 100644 --- a/c/misra/src/rules/RULE-23-8/DefaultGenericSelectionNotFirstOrLast.ql +++ b/c/misra/src/rules/RULE-23-8/DefaultGenericSelectionNotFirstOrLast.ql @@ -2,7 +2,7 @@ * @id c/misra/default-generic-selection-not-first-or-last * @name RULE-23-8: A default association shall appear as either the first or the last association of a generic * @description A default association shall appear as either the first or the last association of a - * generic selection + * generic selection. * @kind problem * @precision very-high * @problem.severity warning From c8433d72c106e85a1a740942123a83791aeb439e Mon Sep 17 00:00:00 2001 From: knewbury01 Date: Tue, 11 Mar 2025 17:54:55 +0000 Subject: [PATCH 2445/2573] Bump version to 2.43.0-dev --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- docs/user_manual.md | 12 ++++++------ 16 files changed, 21 insertions(+), 21 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index 6e023bc238..8498e9447d 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards -version: 2.42.0-dev +version: 2.43.0-dev description: CERT C 2016 suites: codeql-suites license: MIT diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index 98d9895612..2b44a05fdf 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards-tests -version: 2.42.0-dev +version: 2.43.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 9188ad8bda..685a3a0144 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards -version: 2.42.0-dev +version: 2.43.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index f76badccfc..8f8486949b 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards-tests -version: 2.42.0-dev +version: 2.43.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 721a052e6b..5b8b1fc0b2 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards -version: 2.42.0-dev +version: 2.43.0-dev description: MISRA C 2012 suites: codeql-suites license: MIT diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index bf45171e18..aa5c5d86ae 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards-tests -version: 2.42.0-dev +version: 2.43.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index e4d17b7309..1116e9534d 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards -version: 2.42.0-dev +version: 2.43.0-dev description: AUTOSAR C++14 Guidelines R22-11, R21-11, R20-11, R19-11 and R19-03 suites: codeql-suites license: MIT diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index a1c802fec5..d540b01a32 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards-tests -version: 2.42.0-dev +version: 2.43.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index b0645353f6..89b5196f23 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards -version: 2.42.0-dev +version: 2.43.0-dev description: CERT C++ 2016 suites: codeql-suites license: MIT diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index 9c49caac9f..ceedca4647 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards-tests -version: 2.42.0-dev +version: 2.43.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index 4b4619e6b9..ce7e896ced 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards -version: 2.42.0-dev +version: 2.43.0-dev license: MIT dependencies: codeql/cpp-all: 2.1.1 diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index a207965a5e..e2201b887e 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards-tests -version: 2.42.0-dev +version: 2.43.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index 2c8f21a82f..7c104631d1 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards -version: 2.42.0-dev +version: 2.43.0-dev description: MISRA C++ 2023 default-suite: codeql-suites/misra-cpp-default.qls license: MIT diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index d0bd3a8b5a..08bdda24eb 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards-tests -version: 2.42.0-dev +version: 2.43.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index 3203133ffc..73a6e189a3 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/report-cpp-coding-standards -version: 2.42.0-dev +version: 2.43.0-dev license: MIT dependencies: codeql/cpp-all: 2.1.1 diff --git a/docs/user_manual.md b/docs/user_manual.md index df3ce9a6b8..d7924a9fcd 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -34,14 +34,14 @@ ## Release information -This user manual documents release `2.42.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). +This user manual documents release `2.43.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). The release page documents the release notes and contains the following artifacts part of the release: - `coding-standards-codeql-packs-2.37.0-dev.zip`: CodeQL packs that can be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `code-scanning-cpp-query-pack-2.42.0-dev.zip`: Legacy packaging for the queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `supported_rules_list_2.42.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. -- `supported_rules_list_2.42.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. -- `user_manual_2.42.0-dev.md`: This user manual. +- `code-scanning-cpp-query-pack-2.43.0-dev.zip`: Legacy packaging for the queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. +- `supported_rules_list_2.43.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. +- `supported_rules_list_2.43.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. +- `user_manual_2.43.0-dev.md`: This user manual. - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards - `checksums.txt`: A text file containing sha256 checksums for the aforementioned artifacts. @@ -583,7 +583,7 @@ This section describes known failure modes for "CodeQL Coding Standards" and des | | Out of space | Less output. Some files may be only be partially analyzed, or not analyzed at all. | Error reported on the command line. | Increase space. If it remains an issue report space consumption issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False positives | More output. Results are reported which are not violations of the guidelines. | All reported results must be reviewed. | Report false positive issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False negatives | Less output. Violations of the guidelines are not reported. | Other validation and verification processes during software development should be used to complement the analysis performed by CodeQL Coding Standards. | Report false negative issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | -| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.42.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | +| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.43.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | | | Incorrect deviation record specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation records with a reason. Ensure that all deviation records are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Incorrect deviation permit specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation permits with a reason. Ensure that all deviation permits are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Unapproved use of a deviation record | Less output. Results for guideline violations are not reported. | Validate that the deviation record use is approved by verifying the approved-by attribute of the deviation record specification. | Ensure that each raised deviation record is approved by an independent approver through an auditable process. | From 63b8e77d7aa9954a503abc9708d0dc8e45314c71 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 11 Mar 2025 17:30:51 -0700 Subject: [PATCH 2446/2573] Use regexpFind instead of regexpMatch Otherwise we need to match the entire receiver. --- .../src/codingstandards/cpp/HardwareOrProtocolInterface.qll | 2 +- .../OrderingPredicateMustBeStrictlyWeak.qll | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/src/codingstandards/cpp/HardwareOrProtocolInterface.qll b/cpp/autosar/src/codingstandards/cpp/HardwareOrProtocolInterface.qll index 410fa1292f..b0b20b82d9 100644 --- a/cpp/autosar/src/codingstandards/cpp/HardwareOrProtocolInterface.qll +++ b/cpp/autosar/src/codingstandards/cpp/HardwareOrProtocolInterface.qll @@ -5,7 +5,7 @@ abstract class HardwareOrProtocolInterfaceClass extends Class { } class HardwareOrProtocolInterfaceComment extends Comment { HardwareOrProtocolInterfaceComment() { - getContents().regexpMatch("(?m)^\\s*(//|\\*)\\s*@HardwareOrProtocolInterface\\s*$") + exists(getContents().regexpFind("(?m)^\\s*(//|\\*)\\s*@HardwareOrProtocolInterface\\s*$", _, _)) } } diff --git a/cpp/common/src/codingstandards/cpp/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.qll b/cpp/common/src/codingstandards/cpp/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.qll index 66563bb9ff..1e9c025e4d 100644 --- a/cpp/common/src/codingstandards/cpp/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.qll +++ b/cpp/common/src/codingstandards/cpp/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.qll @@ -16,7 +16,7 @@ Query getQuery() { result instanceof OrderingPredicateMustBeStrictlyWeakSharedQu class IsStrictlyWeaklyOrderedComment extends Comment { IsStrictlyWeaklyOrderedComment() { - getContents().regexpMatch("(?m)^\\s*(//|\\*)\\s*@IsStrictlyWeaklyOrdered\\s*$") + exists(getContents().regexpFind("(?m)^\\s*(//|\\*)\\s*@IsStrictlyWeaklyOrdered\\s*$", _, _)) } } From c73badfcc7697b291b05ffa1da41c6afe902d826 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Wed, 12 Mar 2025 00:36:26 +0000 Subject: [PATCH 2447/2573] Update change_notes/2025-03-09-rule-8-7.md Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- change_notes/2025-03-09-rule-8-7.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/change_notes/2025-03-09-rule-8-7.md b/change_notes/2025-03-09-rule-8-7.md index 5308c97ce3..3c3678ca6d 100644 --- a/change_notes/2025-03-09-rule-8-7.md +++ b/change_notes/2025-03-09-rule-8-7.md @@ -1,4 +1,4 @@ - `RULE-8-7` - `ShouldNotBeDefinedWithExternalLinkage.ql`: - - Remove false positives where the declation is not defined in the database. + - Remove false positives where the declaration is not defined in the database. - Remove false positives where the definition and reference are in different translation units. - Remove false positives where the reference occurs in a header file. \ No newline at end of file From ce45538a5a72d80440a2c36d2210790309c54995 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 11 Mar 2025 17:42:41 -0700 Subject: [PATCH 2448/2573] Reformat C test case --- c/misra/test/rules/RULE-8-7/test.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/c/misra/test/rules/RULE-8-7/test.c b/c/misra/test/rules/RULE-8-7/test.c index 591f15a2c4..3789a1d269 100644 --- a/c/misra/test/rules/RULE-8-7/test.c +++ b/c/misra/test/rules/RULE-8-7/test.c @@ -1,11 +1,11 @@ #include "test.h" int i = 0; int i1 = 0; -int i2; // NON_COMPLIANT - accessed one translation unit -void f1() {} // Definition -void f2() {} // Definition -static void f3() {}; // COMPLIANT - internal linkage -void f4() {} // Definition +int i2; // NON_COMPLIANT - accessed one translation unit +void f1() {} // Definition +void f2() {} // Definition +static void f3(){}; // COMPLIANT - internal linkage +void f4() {} // Definition void f() { i = 0; i1 = 0; From 076b1c4faa72573c0a5f1488049332e47ecfa29a Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Tue, 11 Mar 2025 18:15:17 -0700 Subject: [PATCH 2449/2573] Implement EssentialTypes2 package --- c/common/src/codingstandards/c/TgMath.qll | 68 ++++ .../TgMathArgumentWithInvalidEssentialType.ql | 47 +++ ...gMathArgumentsWithDifferingStandardType.ql | 65 ++++ ...hArgumentWithInvalidEssentialType.expected | 132 +++++++ ...MathArgumentWithInvalidEssentialType.qlref | 1 + c/misra/test/rules/RULE-21-22/test.c | 323 ++++++++++++++++++ ...rgumentsWithDifferingStandardType.expected | 139 ++++++++ ...thArgumentsWithDifferingStandardType.qlref | 1 + c/misra/test/rules/RULE-21-23/test.c | 288 ++++++++++++++++ .../cpp/exclusions/c/EssentialTypes2.qll | 44 +++ .../cpp/exclusions/c/RuleMetadata.qll | 3 + rule_packages/c/EssentialTypes2.json | 47 +++ 12 files changed, 1158 insertions(+) create mode 100644 c/common/src/codingstandards/c/TgMath.qll create mode 100644 c/misra/src/rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.ql create mode 100644 c/misra/src/rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.ql create mode 100644 c/misra/test/rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.expected create mode 100644 c/misra/test/rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.qlref create mode 100644 c/misra/test/rules/RULE-21-22/test.c create mode 100644 c/misra/test/rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.expected create mode 100644 c/misra/test/rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.qlref create mode 100644 c/misra/test/rules/RULE-21-23/test.c create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/EssentialTypes2.qll create mode 100644 rule_packages/c/EssentialTypes2.json diff --git a/c/common/src/codingstandards/c/TgMath.qll b/c/common/src/codingstandards/c/TgMath.qll new file mode 100644 index 0000000000..f5488194c6 --- /dev/null +++ b/c/common/src/codingstandards/c/TgMath.qll @@ -0,0 +1,68 @@ + +import cpp + +private string getATgMathMacroName(boolean allowComplex) { + allowComplex = true and + result = + [ + "acos", "acosh", "asin", "asinh", "atan", "atanh", "carg", "cimag", "conj", "cos", "cosh", + "cproj", "creal", "exp", "fabs", "log", "pow", "sin", "sinh", "sqrt", "tan", "tanh" + ] + or + allowComplex = false and + result = + [ + "atan2", "cbrt", "ceil", "copysign", "erf", "erfc", "exp2", "expm1", "fdim", "floor", "fma", + "fmax", "fmin", "fmod", "frexp", "hypot", "ilogb", "ldexp", "lgamma", "llrint", "llround", + "log10", "log1p", "log2", "logb", "lrint", "lround", "nearbyint", "nextafter", "nexttoward", + "remainder", "remquo", "rint", "round", "scalbn", "scalbln", "tgamma", "trunc", + ] +} + +private predicate hasOutputArgument(string macroName, int index) { + macroName = "frexp" and index = 1 + or + macroName = "remquo" and index = 2 +} + +class TgMathInvocation extends MacroInvocation { + Call call; + boolean allowComplex; + + TgMathInvocation() { + this.getMacro().getName() = getATgMathMacroName(allowComplex) and + call = getBestCallInExpansion(this) + } + + Expr getOperandArgument(int i) { + result = call.getArgument(i) + and not hasOutputArgument(call.getTarget().getName(), i) + } + + int getNumberOfOperandArguments() { + result = call.getNumberOfArguments() - count(int i | hasOutputArgument(getMacroName(), i)) + } + + Expr getAnOperandArgument() { + result = getOperandArgument(_) + } + + predicate allowsComplex() { + allowComplex = true + } +} + +private Call getACallInExpansion(MacroInvocation mi) { result = mi.getAnExpandedElement() } + +private Call getNameMatchedCallInExpansion(MacroInvocation mi) { + result = getACallInExpansion(mi) and result.getTarget().getName() = mi.getMacroName() +} + +private Call getBestCallInExpansion(MacroInvocation mi) { + count(getACallInExpansion(mi)) = 1 and result = getACallInExpansion(mi) + or + count(getNameMatchedCallInExpansion(mi)) = 1 and result = getNameMatchedCallInExpansion(mi) + or + count(getNameMatchedCallInExpansion(mi)) > 1 and + result = rank[1](Call c | c = getACallInExpansion(mi) | c order by c.getTarget().getName()) +} \ No newline at end of file diff --git a/c/misra/src/rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.ql b/c/misra/src/rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.ql new file mode 100644 index 0000000000..f06ca54979 --- /dev/null +++ b/c/misra/src/rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.ql @@ -0,0 +1,47 @@ +/** + * @id c/misra/tg-math-argument-with-invalid-essential-type + * @name RULE-21-22: All operand arguments to any type-generic macros in shall have an appropriate essential + * @description All operand arguments to any type-generic macros in shall have an + * appropriate essential type + * @kind problem + * @precision high + * @problem.severity error + * @tags external/misra/id/rule-21-22 + * correctness + * external/misra/c/2012/amendment3 + * external/misra/obligation/mandatory + */ + +import cpp +import codingstandards.c.misra +import codingstandards.c.TgMath +import codingstandards.c.misra.EssentialTypes + +EssentialTypeCategory getAnAllowedEssentialTypeCategory(TgMathInvocation call) { + result = EssentiallySignedType() + or + result = EssentiallyUnsignedType() + or + result = EssentiallyFloatingType(Real()) + or + call.allowsComplex() and + result = EssentiallyFloatingType(Complex()) +} + +string getAllowedTypesString(TgMathInvocation call) { + if call.allowsComplex() + then result = "essentially signed, unsigned, or floating type" + else result = "essentially signed, unsigned, or real floating type" +} + +from TgMathInvocation call, Expr arg, int argIndex, Type type, EssentialTypeCategory category +where + not isExcluded(call, EssentialTypes2Package::tgMathArgumentWithInvalidEssentialTypeQuery()) and + arg = call.getOperandArgument(argIndex) and + type = getEssentialType(arg) and + category = getEssentialTypeCategory(type) and + not category = getAnAllowedEssentialTypeCategory(call) +select arg, + "Argument " + (argIndex + 1) + " provided to type-generic macro '" + call.getMacroName() + + "' has " + category.toString().toLowerCase() + ", which is not " + getAllowedTypesString(call) + + "." diff --git a/c/misra/src/rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.ql b/c/misra/src/rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.ql new file mode 100644 index 0000000000..b6daf7bb6a --- /dev/null +++ b/c/misra/src/rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.ql @@ -0,0 +1,65 @@ +/** + * @id c/misra/tg-math-arguments-with-differing-standard-type + * @name RULE-21-23: All operand arguments to any multi-argument type-generic macros in shall have the same + * @description All operand arguments to any multi-argument type-generic macros in shall + * have the same standard type + * @kind problem + * @precision high + * @problem.severity error + * @tags external/misra/id/rule-21-23 + * correctness + * external/misra/c/2012/amendment3 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.c.TgMath + +Expr getFullyExplicitlyConverted(Expr e) { + if e.hasExplicitConversion() + then result = getFullyExplicitlyConverted(e.getExplicitlyConverted()) + else result = e +} + +string argTypesString(TgMathInvocation call, int i) { + exists(string typeStr | + typeStr = getEffectiveStandardType(call.getOperandArgument(i)).toString() and + ( + i = 0 and result = typeStr + or + i > 0 and result = argTypesString(call, i - 1) + ", " + typeStr + ) + ) +} + +predicate promotes(Type type) { type.(IntegralType).getSize() < any(IntType t).getSize() } + +Type integerPromote(Type type) { + promotes(type) and result.(IntType).isSigned() + or + not promotes(type) and result = type +} + +Type canonicalize(Type type) { + if type instanceof IntegralType + then result = type.(IntegralType).getCanonicalArithmeticType() + else result = type +} + +Type getEffectiveStandardType(Expr e) { + result = + canonicalize(integerPromote(getFullyExplicitlyConverted(e).getType().stripTopLevelSpecifiers())) +} + +from TgMathInvocation call, Type firstType +where + not isExcluded(call, EssentialTypes2Package::tgMathArgumentsWithDifferingStandardTypeQuery()) and + firstType = getEffectiveStandardType(call.getAnOperandArgument()) and + not forall(Expr arg | arg = call.getAnOperandArgument() | + firstType = getEffectiveStandardType(arg) + ) +select call, + "Call to type-generic macro '" + call.getMacroName() + + "' has arguments with differing standard types (" + + argTypesString(call, call.getNumberOfOperandArguments() - 1) + ")." diff --git a/c/misra/test/rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.expected b/c/misra/test/rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.expected new file mode 100644 index 0000000000..7c30f68204 --- /dev/null +++ b/c/misra/test/rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.expected @@ -0,0 +1,132 @@ +| test.c:29:7:29:7 | c | Argument 1 provided to type-generic macro 'cos' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:40:7:40:7 | e | Argument 1 provided to type-generic macro 'cos' has essentially enum type, which is not essentially signed, unsigned, or floating type. | +| test.c:41:7:41:7 | b | Argument 1 provided to type-generic macro 'cos' has essentially boolean type, which is not essentially signed, unsigned, or floating type. | +| test.c:156:8:156:8 | c | Argument 1 provided to type-generic macro 'acos' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:157:9:157:9 | c | Argument 1 provided to type-generic macro 'acosh' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:158:8:158:8 | c | Argument 1 provided to type-generic macro 'asin' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:159:9:159:9 | c | Argument 1 provided to type-generic macro 'asinh' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:160:9:160:9 | c | Argument 1 provided to type-generic macro 'atan2' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:161:12:161:12 | c | Argument 2 provided to type-generic macro 'atan2' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:162:9:162:9 | c | Argument 1 provided to type-generic macro 'atanh' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:163:8:163:8 | c | Argument 1 provided to type-generic macro 'carg' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:164:8:164:8 | c | Argument 1 provided to type-generic macro 'ceil' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:165:9:165:9 | c | Argument 1 provided to type-generic macro 'cimag' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:166:8:166:8 | c | Argument 1 provided to type-generic macro 'conj' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:167:15:167:15 | c | Argument 2 provided to type-generic macro 'copysign' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:168:12:168:12 | c | Argument 1 provided to type-generic macro 'copysign' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:169:8:169:8 | c | Argument 1 provided to type-generic macro 'cosh' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:170:9:170:9 | c | Argument 1 provided to type-generic macro 'cproj' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:171:9:171:9 | c | Argument 1 provided to type-generic macro 'creal' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:172:7:172:7 | c | Argument 1 provided to type-generic macro 'erf' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:173:8:173:8 | c | Argument 1 provided to type-generic macro 'erfc' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:174:7:174:7 | c | Argument 1 provided to type-generic macro 'exp' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:175:8:175:8 | c | Argument 1 provided to type-generic macro 'exp2' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:176:9:176:9 | c | Argument 1 provided to type-generic macro 'expm1' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:177:8:177:8 | c | Argument 1 provided to type-generic macro 'fabs' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:178:8:178:8 | c | Argument 1 provided to type-generic macro 'fdim' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:179:11:179:11 | c | Argument 2 provided to type-generic macro 'fdim' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:180:9:180:9 | c | Argument 1 provided to type-generic macro 'floor' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:181:7:181:7 | c | Argument 1 provided to type-generic macro 'fma' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:182:10:182:10 | c | Argument 2 provided to type-generic macro 'fma' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:183:13:183:13 | c | Argument 3 provided to type-generic macro 'fma' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:184:8:184:8 | c | Argument 1 provided to type-generic macro 'fmax' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:185:11:185:11 | c | Argument 2 provided to type-generic macro 'fmax' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:186:8:186:8 | c | Argument 1 provided to type-generic macro 'fmin' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:187:11:187:11 | c | Argument 2 provided to type-generic macro 'fmin' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:188:8:188:8 | c | Argument 1 provided to type-generic macro 'fmod' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:189:11:189:11 | c | Argument 2 provided to type-generic macro 'fmod' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:190:9:190:9 | c | Argument 1 provided to type-generic macro 'frexp' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:191:9:191:9 | c | Argument 1 provided to type-generic macro 'hypot' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:192:12:192:12 | c | Argument 2 provided to type-generic macro 'hypot' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:193:9:193:9 | c | Argument 1 provided to type-generic macro 'ilogb' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:194:9:194:9 | c | Argument 1 provided to type-generic macro 'ldexp' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:195:12:195:12 | c | Argument 2 provided to type-generic macro 'ldexp' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:196:10:196:10 | c | Argument 1 provided to type-generic macro 'lgamma' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:197:10:197:10 | c | Argument 1 provided to type-generic macro 'llrint' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:198:11:198:11 | c | Argument 1 provided to type-generic macro 'llround' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:199:7:199:7 | c | Argument 1 provided to type-generic macro 'log' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:200:9:200:9 | c | Argument 1 provided to type-generic macro 'log10' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:201:9:201:9 | c | Argument 1 provided to type-generic macro 'log1p' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:202:8:202:8 | c | Argument 1 provided to type-generic macro 'log2' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:203:8:203:8 | c | Argument 1 provided to type-generic macro 'logb' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:204:9:204:9 | c | Argument 1 provided to type-generic macro 'lrint' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:205:10:205:10 | c | Argument 1 provided to type-generic macro 'lround' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:206:13:206:13 | c | Argument 1 provided to type-generic macro 'nearbyint' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:207:13:207:13 | c | Argument 1 provided to type-generic macro 'nextafter' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:208:16:208:16 | c | Argument 2 provided to type-generic macro 'nextafter' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:209:14:209:14 | c | Argument 1 provided to type-generic macro 'nexttoward' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:210:17:210:17 | c | Argument 2 provided to type-generic macro 'nexttoward' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:211:7:211:7 | c | Argument 1 provided to type-generic macro 'pow' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:212:10:212:10 | c | Argument 2 provided to type-generic macro 'pow' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:213:13:213:13 | c | Argument 1 provided to type-generic macro 'remainder' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:214:16:214:16 | c | Argument 2 provided to type-generic macro 'remainder' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:215:10:215:10 | c | Argument 1 provided to type-generic macro 'remquo' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:216:13:216:13 | c | Argument 2 provided to type-generic macro 'remquo' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:217:8:217:8 | c | Argument 1 provided to type-generic macro 'rint' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:218:9:218:9 | c | Argument 1 provided to type-generic macro 'round' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:219:10:219:10 | c | Argument 1 provided to type-generic macro 'scalbn' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:220:13:220:13 | c | Argument 2 provided to type-generic macro 'scalbn' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:221:11:221:11 | c | Argument 1 provided to type-generic macro 'scalbln' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:222:14:222:14 | c | Argument 2 provided to type-generic macro 'scalbln' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:223:7:223:7 | c | Argument 1 provided to type-generic macro 'sin' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:224:8:224:8 | c | Argument 1 provided to type-generic macro 'sinh' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:225:8:225:8 | c | Argument 1 provided to type-generic macro 'sqrt' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:226:7:226:7 | c | Argument 1 provided to type-generic macro 'tan' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:227:8:227:8 | c | Argument 1 provided to type-generic macro 'tanh' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:228:10:228:10 | c | Argument 1 provided to type-generic macro 'tgamma' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:229:9:229:9 | c | Argument 1 provided to type-generic macro 'trunc' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:239:9:239:10 | cf | Argument 1 provided to type-generic macro 'atan2' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:240:12:240:13 | cf | Argument 2 provided to type-generic macro 'atan2' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:243:8:243:9 | cf | Argument 1 provided to type-generic macro 'cbrt' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:244:8:244:9 | cf | Argument 1 provided to type-generic macro 'ceil' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:247:15:247:16 | cf | Argument 2 provided to type-generic macro 'copysign' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:248:12:248:13 | cf | Argument 1 provided to type-generic macro 'copysign' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:249:15:249:16 | cf | Argument 2 provided to type-generic macro 'copysign' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:254:7:254:8 | cf | Argument 1 provided to type-generic macro 'erf' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:255:8:255:9 | cf | Argument 1 provided to type-generic macro 'erfc' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:257:8:257:9 | cf | Argument 1 provided to type-generic macro 'exp2' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:258:9:258:10 | cf | Argument 1 provided to type-generic macro 'expm1' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:260:8:260:9 | cf | Argument 1 provided to type-generic macro 'fdim' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:261:11:261:12 | cf | Argument 2 provided to type-generic macro 'fdim' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:262:9:262:10 | cf | Argument 1 provided to type-generic macro 'floor' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:263:7:263:8 | cf | Argument 1 provided to type-generic macro 'fma' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:264:10:264:11 | cf | Argument 2 provided to type-generic macro 'fma' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:265:13:265:14 | cf | Argument 3 provided to type-generic macro 'fma' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:266:8:266:9 | cf | Argument 1 provided to type-generic macro 'fmax' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:267:11:267:12 | cf | Argument 2 provided to type-generic macro 'fmax' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:268:8:268:9 | cf | Argument 1 provided to type-generic macro 'fmin' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:269:11:269:12 | cf | Argument 2 provided to type-generic macro 'fmin' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:270:8:270:9 | cf | Argument 1 provided to type-generic macro 'fmod' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:271:11:271:12 | cf | Argument 2 provided to type-generic macro 'fmod' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:272:9:272:10 | cf | Argument 1 provided to type-generic macro 'frexp' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:273:9:273:10 | cf | Argument 1 provided to type-generic macro 'hypot' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:274:12:274:13 | cf | Argument 2 provided to type-generic macro 'hypot' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:275:9:275:10 | cf | Argument 1 provided to type-generic macro 'ilogb' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:276:9:276:10 | cf | Argument 1 provided to type-generic macro 'ldexp' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:277:12:277:13 | cf | Argument 2 provided to type-generic macro 'ldexp' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:278:10:278:11 | cf | Argument 1 provided to type-generic macro 'lgamma' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:279:10:279:11 | cf | Argument 1 provided to type-generic macro 'llrint' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:280:11:280:12 | cf | Argument 1 provided to type-generic macro 'llround' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:282:9:282:10 | cf | Argument 1 provided to type-generic macro 'log10' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:283:9:283:10 | cf | Argument 1 provided to type-generic macro 'log1p' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:284:8:284:9 | cf | Argument 1 provided to type-generic macro 'log2' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:285:8:285:9 | cf | Argument 1 provided to type-generic macro 'logb' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:286:9:286:10 | cf | Argument 1 provided to type-generic macro 'lrint' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:287:10:287:11 | cf | Argument 1 provided to type-generic macro 'lround' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:288:13:288:14 | cf | Argument 1 provided to type-generic macro 'nearbyint' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:289:13:289:14 | cf | Argument 1 provided to type-generic macro 'nextafter' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:290:16:290:17 | cf | Argument 2 provided to type-generic macro 'nextafter' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:291:14:291:15 | cf | Argument 1 provided to type-generic macro 'nexttoward' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:292:17:292:18 | cf | Argument 2 provided to type-generic macro 'nexttoward' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:294:13:294:14 | cf | Argument 1 provided to type-generic macro 'remainder' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:295:16:295:17 | cf | Argument 2 provided to type-generic macro 'remainder' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:296:10:296:11 | cf | Argument 1 provided to type-generic macro 'remquo' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:297:13:297:14 | cf | Argument 2 provided to type-generic macro 'remquo' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:298:8:298:9 | cf | Argument 1 provided to type-generic macro 'rint' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:299:9:299:10 | cf | Argument 1 provided to type-generic macro 'round' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:300:10:300:11 | cf | Argument 1 provided to type-generic macro 'scalbn' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:301:13:301:14 | cf | Argument 2 provided to type-generic macro 'scalbn' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:302:11:302:12 | cf | Argument 1 provided to type-generic macro 'scalbln' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:303:14:303:15 | cf | Argument 2 provided to type-generic macro 'scalbln' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:309:10:309:11 | cf | Argument 1 provided to type-generic macro 'tgamma' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:310:9:310:10 | cf | Argument 1 provided to type-generic macro 'trunc' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | diff --git a/c/misra/test/rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.qlref b/c/misra/test/rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.qlref new file mode 100644 index 0000000000..cb7206db11 --- /dev/null +++ b/c/misra/test/rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.qlref @@ -0,0 +1 @@ +rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-22/test.c b/c/misra/test/rules/RULE-21-22/test.c new file mode 100644 index 0000000000..cc456c17fb --- /dev/null +++ b/c/misra/test/rules/RULE-21-22/test.c @@ -0,0 +1,323 @@ +#include +#include +#include +#include + +void f1() { + int i = 0; + unsigned int ui = 0; + short s = 0; + unsigned short us = 0; + char c = 0; + unsigned char uc = 0; + signed char sc = 0; + long l = 0; + unsigned long ul = 0; + float f = 0.0f; + float _Complex cf = 0.0f + 0.0f * I; + double d = 0.0; + char *p = 0; + void *vp = 0; + uintptr_t uip = p; + enum { e1 } e = e1; + bool b = true; + + cos(i); // COMPLIANT + cos(ui); // COMPLIANT + cos(s); // COMPLIANT + cos(us); // COMPLIANT + cos(c); // NON-COMPLIANT + cos(uc); // COMPLIANT + cos(sc); // COMPLIANT + cos(l); // COMPLIANT + cos(ul); // COMPLIANT + cos(f); // COMPLIANT + cos(cf); // COMPLIANT + cos(d); // COMPLIANT + // cos(p); // Doesn't compile + // cos(vp); // Doesn't compile + cos(uip); // COMPLIANT + cos(e); // NON-COMPLIANT + cos(b); // NON-COMPLIANT + cos(1); // COMPLIANT + cos(1.1f); // COMPLIANT + cos('a'); // NON-COMPLIANT[false negative] + + /** + * Int, float, and complex allowed: + */ + acos(i); // COMPLIANT + acos(f); // COMPLIANT + acosh(i); // COMPLIANT + acosh(f); // COMPLIANT + asin(i); // COMPLIANT + asin(f); // COMPLIANT + asinh(i); // COMPLIANT + asinh(f); // COMPLIANT + atan(i); // COMPLIANT + atan(f); // COMPLIANT + atan2(i, i); // COMPLIANT + atan2(f, f); // COMPLIANT + atanh(i); // COMPLIANT + atanh(f); // COMPLIANT + carg(i); // COMPLIANT + carg(f); // COMPLIANT + cbrt(i); // COMPLIANT + cbrt(f); // COMPLIANT + ceil(i); // COMPLIANT + ceil(f); // COMPLIANT + cimag(i); // COMPLIANT + cimag(f); // COMPLIANT + conj(i); // COMPLIANT + conj(f); // COMPLIANT + copysign(i, i); // COMPLIANT + copysign(f, f); // COMPLIANT + cos(i); // COMPLIANT + cos(f); // COMPLIANT + cosh(i); // COMPLIANT + cosh(f); // COMPLIANT + cproj(i); // COMPLIANT + cproj(f); // COMPLIANT + creal(i); // COMPLIANT + creal(f); // COMPLIANT + erf(i); // COMPLIANT + erf(f); // COMPLIANT + erfc(i); // COMPLIANT + erfc(f); // COMPLIANT + exp(i); // COMPLIANT + exp(f); // COMPLIANT + exp2(i); // COMPLIANT + exp2(f); // COMPLIANT + expm1(i); // COMPLIANT + expm1(f); // COMPLIANT + fabs(i); // COMPLIANT + fabs(f); // COMPLIANT + fdim(i, i); // COMPLIANT + fdim(f, f); // COMPLIANT + floor(i); // COMPLIANT + floor(f); // COMPLIANT + fma(i, i, i); // COMPLIANT + fma(f, f, f); // COMPLIANT + fmax(i, i); // COMPLIANT + fmax(f, f); // COMPLIANT + fmin(i, i); // COMPLIANT + fmin(f, f); // COMPLIANT + fmod(i, i); // COMPLIANT + fmod(f, f); // COMPLIANT + frexp(i, &i); // COMPLIANT + frexp(f, &p); // COMPLIANT + hypot(i, i); // COMPLIANT + hypot(f, f); // COMPLIANT + ilogb(i); // COMPLIANT + ilogb(f); // COMPLIANT + llrint(i); // COMPLIANT + llrint(f); // COMPLIANT + ldexp(i, i); // COMPLIANT + ldexp(f, f); // COMPLIANT + lgamma(i); // COMPLIANT + lgamma(f); // COMPLIANT + llround(i); // COMPLIANT + llround(f); // COMPLIANT + log(i); // COMPLIANT + log(f); // COMPLIANT + pow(i, i); // COMPLIANT + pow(f, f); // COMPLIANT + remainder(i, i); // COMPLIANT + remainder(f, f); // COMPLIANT + remquo(i, i, &i); // COMPLIANT + remquo(f, f, &f); // COMPLIANT + rint(i); // COMPLIANT + rint(f); // COMPLIANT + round(i); // COMPLIANT + round(f); // COMPLIANT + scalbn(i, i); // COMPLIANT + scalbn(f, f); // COMPLIANT + scalbln(i, i); // COMPLIANT + scalbln(f, f); // COMPLIANT + sin(i); // COMPLIANT + sin(f); // COMPLIANT + sin(cf); // COMPLIANT + sinh(i); // COMPLIANT + sinh(f); // COMPLIANT + sqrt(i); // COMPLIANT + sqrt(f); // COMPLIANT + tan(i); // COMPLIANT + tan(f); // COMPLIANT + tanh(i); // COMPLIANT + tanh(f); // COMPLIANT + tgamma(i); // COMPLIANT + tgamma(f); // COMPLIANT + trunc(i); // COMPLIANT + trunc(f); // COMPLIANT + + /** + * Char not allowed: + */ + acos(c); // NON-COMPLIANT + acosh(c); // NON-COMPLIANT + asin(c); // NON-COMPLIANT + asinh(c); // NON-COMPLIANT + atan2(c, i); // NON-COMPLIANT + atan2(i, c); // NON-COMPLIANT + atanh(c); // NON-COMPLIANT + carg(c); // NON-COMPLIANT + ceil(c); // NON-COMPLIANT + cimag(c); // NON-COMPLIANT + conj(c); // NON-COMPLIANT + copysign(i, c); // NON-COMPLIANT + copysign(c, i); // NON-COMPLIANT + cosh(c); // NON-COMPLIANT + cproj(c); // NON-COMPLIANT + creal(c); // NON-COMPLIANT + erf(c); // NON-COMPLIANT + erfc(c); // NON-COMPLIANT + exp(c); // NON-COMPLIANT + exp2(c); // NON-COMPLIANT + expm1(c); // NON-COMPLIANT + fabs(c); // NON-COMPLIANT + fdim(c, i); // NON-COMPLIANT + fdim(i, c); // NON-COMPLIANT + floor(c); // NON-COMPLIANT + fma(c, i, i); // NON-COMPLIANT + fma(i, c, i); // NON-COMPLIANT + fma(i, i, c); // NON-COMPLIANT + fmax(c, i); // NON-COMPLIANT + fmax(i, c); // NON-COMPLIANT + fmin(c, i); // NON-COMPLIANT + fmin(i, c); // NON-COMPLIANT + fmod(c, i); // NON-COMPLIANT + fmod(i, c); // NON-COMPLIANT + frexp(c, i); // NON-COMPLIANT + hypot(c, i); // NON-COMPLIANT + hypot(i, c); // NON-COMPLIANT + ilogb(c); // NON-COMPLIANT + ldexp(c, i); // NON-COMPLIANT + ldexp(i, c); // NON-COMPLIANT + lgamma(c); // NON-COMPLIANT + llrint(c); // NON-COMPLIANT + llround(c); // NON-COMPLIANT + log(c); // NON-COMPLIANT + log10(c); // NON-COMPLIANT + log1p(c); // NON-COMPLIANT + log2(c); // NON-COMPLIANT + logb(c); // NON-COMPLIANT + lrint(c); // NON-COMPLIANT + lround(c); // NON-COMPLIANT + nearbyint(c); // NON-COMPLIANT + nextafter(c, i); // NON-COMPLIANT + nextafter(i, c); // NON-COMPLIANT + nexttoward(c, i); // NON-COMPLIANT + nexttoward(i, c); // NON-COMPLIANT + pow(c, i); // NON-COMPLIANT + pow(i, c); // NON-COMPLIANT + remainder(c, i); // NON-COMPLIANT + remainder(i, c); // NON-COMPLIANT + remquo(c, i, i); // NON-COMPLIANT + remquo(i, c, i); // NON-COMPLIANT + rint(c); // NON-COMPLIANT + round(c); // NON-COMPLIANT + scalbn(c, i); // NON-COMPLIANT + scalbn(i, c); // NON-COMPLIANT + scalbln(c, i); // NON-COMPLIANT + scalbln(i, c); // NON-COMPLIANT + sin(c); // NON-COMPLIANT + sinh(c); // NON-COMPLIANT + sqrt(c); // NON-COMPLIANT + tan(c); // NON-COMPLIANT + tanh(c); // NON-COMPLIANT + tgamma(c); // NON-COMPLIANT + trunc(c); // NON-COMPLIANT + + /** + * Complex types allowed in some calls, not others: + */ + acos(cf); // COMPLIANT + acosh(cf); // COMPLIANT + asin(cf); // COMPLIANT + asinh(cf); // COMPLIANT + atan(cf); // COMPLIANT + atan2(cf, i); // NON-COMPLIANT + atan2(i, cf); // NON-COMPLIANT + atanh(cf); // COMPLIANT + carg(cf); // COMPLIANT + cbrt(cf); // NON-COMPLIANT + ceil(cf); // NON-COMPLIANT + cimag(cf); // COMPLIANT + conj(cf); // COMPLIANT + copysign(i, cf); // NON-COMPLIANT + copysign(cf, i); // NON-COMPLIANT + copysign(i, cf); // NON-COMPLIANT + cos(cf); // COMPLIANT + cosh(cf); // COMPLIANT + cproj(cf); // COMPLIANT + creal(cf); // COMPLIANT + erf(cf); // NON-COMPLIANT + erfc(cf); // NON-COMPLIANT + exp(cf); // COMPLIANT + exp2(cf); // NON-COMPLIANT + expm1(cf); // NON-COMPLIANT + fabs(cf); // COMPLIANT + fdim(cf, i); // NON-COMPLIANT + fdim(i, cf); // NON-COMPLIANT + floor(cf); // NON-COMPLIANT + fma(cf, i, i); // NON-COMPLIANT + fma(i, cf, i); // NON-COMPLIANT + fma(i, i, cf); // NON-COMPLIANT + fmax(cf, i); // NON-COMPLIANT + fmax(i, cf); // NON-COMPLIANT + fmin(cf, i); // NON-COMPLIANT + fmin(i, cf); // NON-COMPLIANT + fmod(cf, i); // NON-COMPLIANT + fmod(i, cf); // NON-COMPLIANT + frexp(cf, i); // NON-COMPLIANT + hypot(cf, i); // NON-COMPLIANT + hypot(i, cf); // NON-COMPLIANT + ilogb(cf); // NON-COMPLIANT + ldexp(cf, i); // NON-COMPLIANT + ldexp(i, cf); // NON-COMPLIANT + lgamma(cf); // NON-COMPLIANT + llrint(cf); // NON-COMPLIANT + llround(cf); // NON-COMPLIANT + log(cf); // COMPLIANT + log10(cf); // NON-COMPLIANT + log1p(cf); // NON-COMPLIANT + log2(cf); // NON-COMPLIANT + logb(cf); // NON-COMPLIANT + lrint(cf); // NON-COMPLIANT + lround(cf); // NON-COMPLIANT + nearbyint(cf); // NON-COMPLIANT + nextafter(cf, i); // NON-COMPLIANT + nextafter(i, cf); // NON-COMPLIANT + nexttoward(cf, i); // NON-COMPLIANT + nexttoward(i, cf); // NON-COMPLIANT + pow(cf, cf); // COMPLIANT + remainder(cf, i); // NON-COMPLIANT + remainder(i, cf); // NON-COMPLIANT + remquo(cf, i, i); // NON-COMPLIANT + remquo(i, cf, i); // NON-COMPLIANT + rint(cf); // NON-COMPLIANT + round(cf); // NON-COMPLIANT + scalbn(cf, i); // NON-COMPLIANT + scalbn(i, cf); // NON-COMPLIANT + scalbln(cf, i); // NON-COMPLIANT + scalbln(i, cf); // NON-COMPLIANT + sin(cf); // COMPLIANT + sinh(cf); // COMPLIANT + sqrt(cf); // COMPLIANT + tan(cf); // COMPLIANT + tanh(cf); // COMPLIANT + tgamma(cf); // NON-COMPLIANT + trunc(cf); // NON-COMPLIANT + + /* Test output arguments thoroughly */ + frexp(i, &i); // COMPLIANT + frexp(i, vp); // COMPLIANT + frexp(i, 0); // COMPLIANT + frexp(i, 'c' - 'c'); // COMPLIANT + frexp(i, c); // COMPLIANT + remquo(i, i, &i); // COMPLIANT + remquo(i, i, vp); // COMPLIANT + remquo(i, i, 0); // COMPLIANT + remquo(i, i, 'c' - 'c'); // COMPLIANT + remquo(i, i, c); // COMPLIANT +} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.expected b/c/misra/test/rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.expected new file mode 100644 index 0000000000..6136aa4314 --- /dev/null +++ b/c/misra/test/rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.expected @@ -0,0 +1,139 @@ +| test.c:95:3:95:14 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:96:3:96:15 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:97:3:97:15 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:98:3:98:16 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:99:3:99:15 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:100:3:100:16 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:101:3:101:15 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:102:3:102:16 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:103:3:103:14 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:104:3:104:15 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:105:3:105:16 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:106:3:106:17 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:107:3:107:15 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:108:3:108:16 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:109:3:109:16 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:110:3:110:17 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:111:3:111:14 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:112:3:112:15 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:113:3:113:16 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:114:3:114:17 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:121:3:121:13 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long). | +| test.c:122:3:122:14 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long). | +| test.c:123:3:123:14 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long). | +| test.c:124:3:124:14 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long). | +| test.c:125:3:125:13 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long). | +| test.c:126:3:126:15 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long). | +| test.c:127:3:127:14 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long). | +| test.c:128:3:128:15 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long). | +| test.c:131:3:131:13 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long). | +| test.c:132:3:132:15 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long). | +| test.c:133:3:133:14 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, long). | +| test.c:134:3:134:15 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, long). | +| test.c:135:3:135:13 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, int). | +| test.c:136:3:136:14 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, unsigned int). | +| test.c:137:3:137:15 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, int). | +| test.c:138:3:138:15 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, unsigned int). | +| test.c:139:3:139:14 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned long). | +| test.c:140:3:140:16 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned long). | +| test.c:141:3:141:15 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, unsigned long). | +| test.c:142:3:142:16 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, unsigned long). | +| test.c:143:3:143:14 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, int). | +| test.c:144:3:144:15 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, unsigned int). | +| test.c:145:3:145:16 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, int). | +| test.c:146:3:146:16 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, unsigned int). | +| test.c:147:3:147:15 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long). | +| test.c:148:3:148:17 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long). | +| test.c:149:3:149:16 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, long). | +| test.c:150:3:150:17 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, long). | +| test.c:151:3:151:15 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, int). | +| test.c:152:3:152:16 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, unsigned int). | +| test.c:153:3:153:17 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, int). | +| test.c:154:3:154:17 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, unsigned int). | +| test.c:155:3:155:15 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned long). | +| test.c:156:3:156:17 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned long). | +| test.c:157:3:157:16 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, unsigned long). | +| test.c:158:3:158:17 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, unsigned long). | +| test.c:159:3:159:15 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, int). | +| test.c:160:3:160:16 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, unsigned int). | +| test.c:161:3:161:17 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, int). | +| test.c:162:3:162:17 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, unsigned int). | +| test.c:165:3:165:14 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, unsigned long). | +| test.c:166:3:166:15 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, unsigned long). | +| test.c:167:3:167:16 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, unsigned long). | +| test.c:168:3:168:17 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, unsigned long). | +| test.c:169:3:169:14 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, long). | +| test.c:170:3:170:16 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, long). | +| test.c:171:3:171:15 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, long). | +| test.c:172:3:172:17 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, long). | +| test.c:175:3:175:13 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (float, double). | +| test.c:176:3:176:14 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (float, long double). | +| test.c:177:3:177:13 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (double, float). | +| test.c:178:3:178:14 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (double, long double). | +| test.c:179:3:179:14 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (long double, float). | +| test.c:180:3:180:14 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (long double, double). | +| test.c:183:3:183:13 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, float). | +| test.c:184:3:184:13 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, double). | +| test.c:185:3:185:14 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long double). | +| test.c:186:3:186:14 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, float). | +| test.c:187:3:187:14 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, double). | +| test.c:188:3:188:15 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long double). | +| test.c:189:3:189:14 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, float). | +| test.c:190:3:190:14 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, double). | +| test.c:191:3:191:15 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long double). | +| test.c:192:3:192:14 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, float). | +| test.c:193:3:193:14 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, double). | +| test.c:194:3:194:15 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long double). | +| test.c:195:3:195:13 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, float). | +| test.c:196:3:196:13 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, double). | +| test.c:197:3:197:14 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long double). | +| test.c:198:3:198:15 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, float). | +| test.c:199:3:199:15 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, double). | +| test.c:200:3:200:16 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long double). | +| test.c:201:3:201:14 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, float). | +| test.c:202:3:202:14 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, double). | +| test.c:203:3:203:15 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long double). | +| test.c:204:3:204:15 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, float). | +| test.c:205:3:205:15 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, double). | +| test.c:206:3:206:16 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long double). | +| test.c:207:3:207:13 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, float). | +| test.c:208:3:208:13 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, double). | +| test.c:209:3:209:14 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long double). | +| test.c:210:3:210:15 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, float). | +| test.c:211:3:211:15 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, double). | +| test.c:212:3:212:16 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long double). | +| test.c:213:3:213:14 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, float). | +| test.c:214:3:214:14 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, double). | +| test.c:215:3:215:15 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, long double). | +| test.c:216:3:216:15 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, float). | +| test.c:217:3:217:15 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, double). | +| test.c:218:3:218:16 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, long double). | +| test.c:219:3:219:13 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, float). | +| test.c:220:3:220:13 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, double). | +| test.c:221:3:221:14 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, long double). | +| test.c:222:3:222:15 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, float). | +| test.c:223:3:223:15 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, double). | +| test.c:224:3:224:16 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, long double). | +| test.c:225:3:225:14 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, float). | +| test.c:226:3:226:14 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, double). | +| test.c:227:3:227:15 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, long double). | +| test.c:228:3:228:15 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, float). | +| test.c:229:3:229:15 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, double). | +| test.c:230:3:230:16 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, long double). | +| test.c:235:3:235:15 | atan2(x,y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, float). | +| test.c:242:3:242:16 | copysign(x,y) | Call to type-generic macro 'copysign' has arguments with differing standard types (int, float). | +| test.c:245:3:245:12 | fdim(x,y) | Call to type-generic macro 'fdim' has arguments with differing standard types (int, float). | +| test.c:248:3:248:14 | fma(x,y,z) | Call to type-generic macro 'fma' has arguments with differing standard types (float, int, int). | +| test.c:249:3:249:14 | fma(x,y,z) | Call to type-generic macro 'fma' has arguments with differing standard types (int, float, int). | +| test.c:250:3:250:14 | fma(x,y,z) | Call to type-generic macro 'fma' has arguments with differing standard types (int, int, float). | +| test.c:253:3:253:12 | fmax(x,y) | Call to type-generic macro 'fmax' has arguments with differing standard types (int, float). | +| test.c:256:3:256:12 | fmin(x,y) | Call to type-generic macro 'fmin' has arguments with differing standard types (int, float). | +| test.c:259:3:259:12 | fmod(x,y) | Call to type-generic macro 'fmod' has arguments with differing standard types (int, float). | +| test.c:262:3:262:13 | hypot(x,y) | Call to type-generic macro 'hypot' has arguments with differing standard types (int, float). | +| test.c:265:3:265:13 | ldexp(x,y) | Call to type-generic macro 'ldexp' has arguments with differing standard types (int, float). | +| test.c:268:3:268:17 | nextafter(x,y) | Call to type-generic macro 'nextafter' has arguments with differing standard types (int, float). | +| test.c:271:3:271:18 | nexttoward(x,y) | Call to type-generic macro 'nexttoward' has arguments with differing standard types (int, float). | +| test.c:274:3:274:17 | remainder(x,y) | Call to type-generic macro 'remainder' has arguments with differing standard types (int, float). | +| test.c:277:3:277:17 | remquo(x,y,z) | Call to type-generic macro 'remquo' has arguments with differing standard types (int, float). | +| test.c:280:3:280:15 | scalbln(x,y) | Call to type-generic macro 'scalbln' has arguments with differing standard types (int, float). | +| test.c:283:3:283:14 | scalbn(x,y) | Call to type-generic macro 'scalbn' has arguments with differing standard types (int, float). | diff --git a/c/misra/test/rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.qlref b/c/misra/test/rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.qlref new file mode 100644 index 0000000000..550893822f --- /dev/null +++ b/c/misra/test/rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.qlref @@ -0,0 +1 @@ +rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-23/test.c b/c/misra/test/rules/RULE-21-23/test.c new file mode 100644 index 0000000000..08df1184a7 --- /dev/null +++ b/c/misra/test/rules/RULE-21-23/test.c @@ -0,0 +1,288 @@ +#include +#include + +void f1() { + signed char c = 0; + unsigned char uc = 0; + short s = 0; + unsigned short us = 0; + int i = 0; + unsigned int ui = 0; + long l = 0; + unsigned long ul = 0; + float f = 0.0f; + double d = 0.0; + long double ld = 0.0; + uint8_t u8 = 0; + int8_t i8 = 0; + uint16_t u16 = 0; + int16_t i16 = 0; + uint32_t u32 = 0; + int32_t i32 = 0; + uint64_t u64 = 0; + int64_t i64 = 0; + + /** + * Test exact types + */ + atan2(c, c); // COMPLIANT + atan2(uc, uc); // COMPLIANT + atan2(s, s); // COMPLIANT + atan2(us, us); // COMPLIANT + atan2(i, i); // COMPLIANT + atan2(ui, ui); // COMPLIANT + atan2(ui, ui); // COMPLIANT + atan2(l, l); // COMPLIANT + atan2(ul, ul); // COMPLIANT + atan2(f, f); // COMPLIANT + atan2(d, d); // COMPLIANT + atan2(ld, ld); // COMPLIANT + atan2(u8, u8); // COMPLIANT + atan2(i8, i8); // COMPLIANT + atan2(u16, u16); // COMPLIANT + atan2(i16, i16); // COMPLIANT + atan2(u32, u32); // COMPLIANT + atan2(i32, i32); // COMPLIANT + atan2(u64, u64); // COMPLIANT + atan2(i64, i64); // COMPLIANT + + /** Test equivalent types */ + atan2(c, i8); // COMPLIANT + atan2(i8, c); // COMPLIANT + atan2(uc, u8); // COMPLIANT + atan2(u8, uc); // COMPLIANT + atan2(s, i16); // COMPLIANT + atan2(i16, s); // COMPLIANT + atan2(us, u16); // COMPLIANT + atan2(u16, us); // COMPLIANT + atan2(i, i32); // COMPLIANT + atan2(i32, i); // COMPLIANT + atan2(ui, u32); // COMPLIANT + atan2(u32, ui); // COMPLIANT + atan2(l, i64); // COMPLIANT + atan2(i64, l); // COMPLIANT + atan2(ul, u64); // COMPLIANT + atan2(u64, ul); // COMPLIANT + + /** Types are the same after integer promotion */ + atan2(c, i8); // COMPLIANT + atan2(c, u8); // COMPLIANT + atan2(c, i16); // COMPLIANT + atan2(c, u16); // COMPLIANT + atan2(c, i32); // COMPLIANT + atan2(uc, i8); // COMPLIANT + atan2(uc, u8); // COMPLIANT + atan2(uc, i16); // COMPLIANT + atan2(uc, u16); // COMPLIANT + atan2(uc, i32); // COMPLIANT + atan2(s, i8); // COMPLIANT + atan2(s, u8); // COMPLIANT + atan2(s, i16); // COMPLIANT + atan2(s, u16); // COMPLIANT + atan2(s, i32); // COMPLIANT + atan2(us, i8); // COMPLIANT + atan2(us, u8); // COMPLIANT + atan2(us, i16); // COMPLIANT + atan2(us, u16); // COMPLIANT + atan2(us, i32); // COMPLIANT + atan2(i, i8); // COMPLIANT + atan2(i, u8); // COMPLIANT + atan2(i, i16); // COMPLIANT + atan2(i, u16); // COMPLIANT + atan2(i, i32); // COMPLIANT + + /** Integer promotion makes a signed int, not an unsigned int */ + atan2(c, ui); // NON-COMPLIANT + atan2(c, u32); // NON-COMPLIANT + atan2(i8, ui); // NON-COMPLIANT + atan2(i8, u32); // NON-COMPLIANT + atan2(uc, ui); // NON-COMPLIANT + atan2(uc, u32); // NON-COMPLIANT + atan2(u8, ui); // NON-COMPLIANT + atan2(u8, u32); // NON-COMPLIANT + atan2(s, ui); // NON-COMPLIANT + atan2(s, u32); // NON-COMPLIANT + atan2(i16, ui); // NON-COMPLIANT + atan2(i16, u32); // NON-COMPLIANT + atan2(us, ui); // NON-COMPLIANT + atan2(us, u32); // NON-COMPLIANT + atan2(u16, ui); // NON-COMPLIANT + atan2(u16, u32); // NON-COMPLIANT + atan2(i, ui); // NON-COMPLIANT + atan2(i, u32); // NON-COMPLIANT + atan2(i32, ui); // NON-COMPLIANT + atan2(i32, u32); // NON-COMPLIANT + atan2(ui, ui); // COMPLIANT + atan2(ui, u32); // COMPLIANT + atan2(u32, ui); // COMPLIANT + atan2(u32, u32); // COMPLIANT + + /** Integer promotion makes int, not long */ + atan2(c, l); // NON-COMPLIANT + atan2(i8, l); // NON-COMPLIANT + atan2(uc, l); // NON-COMPLIANT + atan2(u8, l); // NON-COMPLIANT + atan2(s, l); // NON-COMPLIANT + atan2(i16, l); // NON-COMPLIANT + atan2(us, l); // NON-COMPLIANT + atan2(u16, l); // NON-COMPLIANT + + /** Integer vs long */ + atan2(i, l); // NON-COMPLIANT + atan2(i32, l); // NON-COMPLIANT + atan2(ui, l); // NON-COMPLIANT + atan2(u32, l); // NON-COMPLIANT + atan2(l, i); // NON-COMPLIANT + atan2(l, ui); // NON-COMPLIANT + atan2(l, i32); // NON-COMPLIANT + atan2(l, u32); // NON-COMPLIANT + atan2(i, ul); // NON-COMPLIANT + atan2(i32, ul); // NON-COMPLIANT + atan2(ui, ul); // NON-COMPLIANT + atan2(u32, ul); // NON-COMPLIANT + atan2(ul, i); // NON-COMPLIANT + atan2(ul, ui); // NON-COMPLIANT + atan2(ul, i32); // NON-COMPLIANT + atan2(ul, u32); // NON-COMPLIANT + atan2(i, i64); // NON-COMPLIANT + atan2(i32, i64); // NON-COMPLIANT + atan2(ui, i64); // NON-COMPLIANT + atan2(u32, i64); // NON-COMPLIANT + atan2(i64, i); // NON-COMPLIANT + atan2(i64, ui); // NON-COMPLIANT + atan2(i64, i32); // NON-COMPLIANT + atan2(i64, u32); // NON-COMPLIANT + atan2(i, u64); // NON-COMPLIANT + atan2(i32, u64); // NON-COMPLIANT + atan2(ui, u64); // NON-COMPLIANT + atan2(u32, u64); // NON-COMPLIANT + atan2(u64, i); // NON-COMPLIANT + atan2(u64, ui); // NON-COMPLIANT + atan2(u64, i32); // NON-COMPLIANT + atan2(u64, u32); // NON-COMPLIANT + + /** Signed vs unsigned long, since those don't promote */ + atan2(l, ul); // NON-COMPLIANT + atan2(l, u64); // NON-COMPLIANT + atan2(i64, ul); // NON-COMPLIANT + atan2(i64, u64); // NON-COMPLIANT + atan2(ul, l); // NON-COMPLIANT + atan2(ul, i64); // NON-COMPLIANT + atan2(u64, l); // NON-COMPLIANT + atan2(u64, i64); // NON-COMPLIANT + + /** Mismatched float sizes */ + atan2(f, d); // NON-COMPLIANT + atan2(f, ld); // NON-COMPLIANT + atan2(d, f); // NON-COMPLIANT + atan2(d, ld); // NON-COMPLIANT + atan2(ld, f); // NON-COMPLIANT + atan2(ld, d); // NON-COMPLIANT + + /** Float vs int */ + atan2(c, f); // NON-COMPLIANT + atan2(c, d); // NON-COMPLIANT + atan2(c, ld); // NON-COMPLIANT + atan2(i8, f); // NON-COMPLIANT + atan2(i8, d); // NON-COMPLIANT + atan2(i8, ld); // NON-COMPLIANT + atan2(uc, f); // NON-COMPLIANT + atan2(uc, d); // NON-COMPLIANT + atan2(uc, ld); // NON-COMPLIANT + atan2(u8, f); // NON-COMPLIANT + atan2(u8, d); // NON-COMPLIANT + atan2(u8, ld); // NON-COMPLIANT + atan2(s, f); // NON-COMPLIANT + atan2(s, d); // NON-COMPLIANT + atan2(s, ld); // NON-COMPLIANT + atan2(i16, f); // NON-COMPLIANT + atan2(i16, d); // NON-COMPLIANT + atan2(i16, ld); // NON-COMPLIANT + atan2(us, f); // NON-COMPLIANT + atan2(us, d); // NON-COMPLIANT + atan2(us, ld); // NON-COMPLIANT + atan2(u16, f); // NON-COMPLIANT + atan2(u16, d); // NON-COMPLIANT + atan2(u16, ld); // NON-COMPLIANT + atan2(i, f); // NON-COMPLIANT + atan2(i, d); // NON-COMPLIANT + atan2(i, ld); // NON-COMPLIANT + atan2(i32, f); // NON-COMPLIANT + atan2(i32, d); // NON-COMPLIANT + atan2(i32, ld); // NON-COMPLIANT + atan2(ui, f); // NON-COMPLIANT + atan2(ui, d); // NON-COMPLIANT + atan2(ui, ld); // NON-COMPLIANT + atan2(u32, f); // NON-COMPLIANT + atan2(u32, d); // NON-COMPLIANT + atan2(u32, ld); // NON-COMPLIANT + atan2(l, f); // NON-COMPLIANT + atan2(l, d); // NON-COMPLIANT + atan2(l, ld); // NON-COMPLIANT + atan2(i64, f); // NON-COMPLIANT + atan2(i64, d); // NON-COMPLIANT + atan2(i64, ld); // NON-COMPLIANT + atan2(ul, f); // NON-COMPLIANT + atan2(ul, d); // NON-COMPLIANT + atan2(ul, ld); // NON-COMPLIANT + atan2(u64, f); // NON-COMPLIANT + atan2(u64, d); // NON-COMPLIANT + atan2(u64, ld); // NON-COMPLIANT + + /** Casts and conversions */ + atan2((float)i, f); // COMPLIANT + atan2(i, (int)f); // COMPLIANT + atan2((i), f); // NON-COMPLIANT + atan2(((float)i), f); // COMPLIANT + atan2((float)((int)l), f); // COMPLIANT + + /** Other functions */ + copysign(f, f); // COMPLIANT + copysign(i, i); // COMPLIANT + copysign(i, f); // NON-COMPLIANT + fdim(f, f); // COMPLIANT + fdim(i, i); // COMPLIANT + fdim(i, f); // NON-COMPLIANT + fma(f, f, f); // COMPLIANT + fma(i, i, i); // COMPLIANT + fma(f, i, i); // NON-COMPLIANT + fma(i, f, i); // NON-COMPLIANT + fma(i, i, f); // NON-COMPLIANT + fmax(f, f); // COMPLIANT + fmax(i, i); // COMPLIANT + fmax(i, f); // NON-COMPLIANT + fmin(f, f); // COMPLIANT + fmin(i, i); // COMPLIANT + fmin(i, f); // NON-COMPLIANT + fmod(f, f); // COMPLIANT + fmod(i, i); // COMPLIANT + fmod(i, f); // NON-COMPLIANT + hypot(f, f); // COMPLIANT + hypot(i, i); // COMPLIANT + hypot(i, f); // NON-COMPLIANT + ldexp(f, f); // COMPLIANT + ldexp(i, i); // COMPLIANT + ldexp(i, f); // NON-COMPLIANT + nextafter(f, f); // COMPLIANT + nextafter(i, i); // COMPLIANT + nextafter(i, f); // NON-COMPLIANT + nexttoward(f, f); // COMPLIANT + nexttoward(i, i); // COMPLIANT + nexttoward(i, f); // NON-COMPLIANT + remainder(f, f); // COMPLIANT + remainder(i, i); // COMPLIANT + remainder(i, f); // NON-COMPLIANT + remquo(f, f, 0); // COMPLIANT + remquo(i, i, 0); // COMPLIANT + remquo(i, f, 0); // NON-COMPLIANT + scalbln(f, f); // COMPLIANT + scalbln(i, i); // COMPLIANT + scalbln(i, f); // NON-COMPLIANT + scalbn(f, f); // COMPLIANT + scalbn(i, i); // COMPLIANT + scalbn(i, f); // NON-COMPLIANT + + // `frexp` has two parameters, but the second is an output parameter, and + // should not be covered by this rule. + frexp(f, 0); // COMPLIANT +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/EssentialTypes2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/EssentialTypes2.qll new file mode 100644 index 0000000000..e1dd8d5636 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/EssentialTypes2.qll @@ -0,0 +1,44 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype EssentialTypes2Query = + TTgMathArgumentWithInvalidEssentialTypeQuery() or + TTgMathArgumentsWithDifferingStandardTypeQuery() + +predicate isEssentialTypes2QueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `tgMathArgumentWithInvalidEssentialType` query + EssentialTypes2Package::tgMathArgumentWithInvalidEssentialTypeQuery() and + queryId = + // `@id` for the `tgMathArgumentWithInvalidEssentialType` query + "c/misra/tg-math-argument-with-invalid-essential-type" and + ruleId = "RULE-21-22" and + category = "mandatory" + or + query = + // `Query` instance for the `tgMathArgumentsWithDifferingStandardType` query + EssentialTypes2Package::tgMathArgumentsWithDifferingStandardTypeQuery() and + queryId = + // `@id` for the `tgMathArgumentsWithDifferingStandardType` query + "c/misra/tg-math-arguments-with-differing-standard-type" and + ruleId = "RULE-21-23" and + category = "required" +} + +module EssentialTypes2Package { + Query tgMathArgumentWithInvalidEssentialTypeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `tgMathArgumentWithInvalidEssentialType` query + TQueryC(TEssentialTypes2PackageQuery(TTgMathArgumentWithInvalidEssentialTypeQuery())) + } + + Query tgMathArgumentsWithDifferingStandardTypeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `tgMathArgumentsWithDifferingStandardType` query + TQueryC(TEssentialTypes2PackageQuery(TTgMathArgumentsWithDifferingStandardTypeQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index 2c3969861c..9b3e3efdd9 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -34,6 +34,7 @@ import Declarations6 import Declarations7 import Declarations8 import EssentialTypes +import EssentialTypes2 import Expressions import FloatingTypes import FunctionTypes @@ -118,6 +119,7 @@ newtype TCQuery = TDeclarations7PackageQuery(Declarations7Query q) or TDeclarations8PackageQuery(Declarations8Query q) or TEssentialTypesPackageQuery(EssentialTypesQuery q) or + TEssentialTypes2PackageQuery(EssentialTypes2Query q) or TExpressionsPackageQuery(ExpressionsQuery q) or TFloatingTypesPackageQuery(FloatingTypesQuery q) or TFunctionTypesPackageQuery(FunctionTypesQuery q) or @@ -202,6 +204,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isDeclarations7QueryMetadata(query, queryId, ruleId, category) or isDeclarations8QueryMetadata(query, queryId, ruleId, category) or isEssentialTypesQueryMetadata(query, queryId, ruleId, category) or + isEssentialTypes2QueryMetadata(query, queryId, ruleId, category) or isExpressionsQueryMetadata(query, queryId, ruleId, category) or isFloatingTypesQueryMetadata(query, queryId, ruleId, category) or isFunctionTypesQueryMetadata(query, queryId, ruleId, category) or diff --git a/rule_packages/c/EssentialTypes2.json b/rule_packages/c/EssentialTypes2.json new file mode 100644 index 0000000000..aded94817f --- /dev/null +++ b/rule_packages/c/EssentialTypes2.json @@ -0,0 +1,47 @@ +{ + "MISRA-C-2012": { + "RULE-21-22": { + "properties": { + "obligation": "mandatory" + }, + "queries": [ + { + "description": "All operand arguments to any type-generic macros in shall have an appropriate essential type", + "kind": "problem", + "name": "All operand arguments to any type-generic macros in shall have an appropriate essential", + "precision": "high", + "severity": "error", + "short_name": "TgMathArgumentWithInvalidEssentialType", + "tags": [ + "correctness", + "external/misra/c/2012/amendment3" + ] + } + ], + "implementation_scope": { + "description": "The CodeQL database may not contain the necessary information to determine the essential type of literal macro arguments such as character literals." + }, + "title": "All operand arguments to any type-generic macros in shall have an appropriate essential type" + }, + "RULE-21-23": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "All operand arguments to any multi-argument type-generic macros in shall have the same standard type", + "kind": "problem", + "name": "All operand arguments to any multi-argument type-generic macros in shall have the same", + "precision": "high", + "severity": "error", + "short_name": "TgMathArgumentsWithDifferingStandardType", + "tags": [ + "correctness", + "external/misra/c/2012/amendment3" + ] + } + ], + "title": "All operand arguments to any multi-argument type-generic macros in shall have the same standard type" + } + } +} \ No newline at end of file From 6148518eb42b967f04bacb0cf18d7631f3478a28 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Tue, 11 Mar 2025 18:32:51 -0700 Subject: [PATCH 2450/2573] Format qll, update package metadata --- c/common/src/codingstandards/c/TgMath.qll | 15 +++++---------- .../TgMathArgumentWithInvalidEssentialType.ql | 4 ++-- .../TgMathArgumentsWithDifferingStandardType.ql | 4 ++-- rule_packages/c/EssentialTypes2.json | 8 ++++---- 4 files changed, 13 insertions(+), 18 deletions(-) diff --git a/c/common/src/codingstandards/c/TgMath.qll b/c/common/src/codingstandards/c/TgMath.qll index f5488194c6..36c47fb5a2 100644 --- a/c/common/src/codingstandards/c/TgMath.qll +++ b/c/common/src/codingstandards/c/TgMath.qll @@ -1,4 +1,3 @@ - import cpp private string getATgMathMacroName(boolean allowComplex) { @@ -35,21 +34,17 @@ class TgMathInvocation extends MacroInvocation { } Expr getOperandArgument(int i) { - result = call.getArgument(i) - and not hasOutputArgument(call.getTarget().getName(), i) + result = call.getArgument(i) and + not hasOutputArgument(call.getTarget().getName(), i) } int getNumberOfOperandArguments() { result = call.getNumberOfArguments() - count(int i | hasOutputArgument(getMacroName(), i)) } - Expr getAnOperandArgument() { - result = getOperandArgument(_) - } + Expr getAnOperandArgument() { result = getOperandArgument(_) } - predicate allowsComplex() { - allowComplex = true - } + predicate allowsComplex() { allowComplex = true } } private Call getACallInExpansion(MacroInvocation mi) { result = mi.getAnExpandedElement() } @@ -65,4 +60,4 @@ private Call getBestCallInExpansion(MacroInvocation mi) { or count(getNameMatchedCallInExpansion(mi)) > 1 and result = rank[1](Call c | c = getACallInExpansion(mi) | c order by c.getTarget().getName()) -} \ No newline at end of file +} diff --git a/c/misra/src/rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.ql b/c/misra/src/rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.ql index f06ca54979..2105567d04 100644 --- a/c/misra/src/rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.ql +++ b/c/misra/src/rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.ql @@ -1,8 +1,8 @@ /** * @id c/misra/tg-math-argument-with-invalid-essential-type - * @name RULE-21-22: All operand arguments to any type-generic macros in shall have an appropriate essential + * @name RULE-21-22: All operand arguments to type-generic macros in shall have an appropriate essential type * @description All operand arguments to any type-generic macros in shall have an - * appropriate essential type + * appropriate essential type. * @kind problem * @precision high * @problem.severity error diff --git a/c/misra/src/rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.ql b/c/misra/src/rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.ql index b6daf7bb6a..5156d81cef 100644 --- a/c/misra/src/rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.ql +++ b/c/misra/src/rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.ql @@ -1,8 +1,8 @@ /** * @id c/misra/tg-math-arguments-with-differing-standard-type - * @name RULE-21-23: All operand arguments to any multi-argument type-generic macros in shall have the same + * @name RULE-21-23: Operand arguments for an invocation of a type-generic macro shall have the same standard type * @description All operand arguments to any multi-argument type-generic macros in shall - * have the same standard type + * have the same standard type. * @kind problem * @precision high * @problem.severity error diff --git a/rule_packages/c/EssentialTypes2.json b/rule_packages/c/EssentialTypes2.json index aded94817f..5292eccdb8 100644 --- a/rule_packages/c/EssentialTypes2.json +++ b/rule_packages/c/EssentialTypes2.json @@ -6,9 +6,9 @@ }, "queries": [ { - "description": "All operand arguments to any type-generic macros in shall have an appropriate essential type", + "description": "All operand arguments to any type-generic macros in shall have an appropriate essential type.", "kind": "problem", - "name": "All operand arguments to any type-generic macros in shall have an appropriate essential", + "name": "All operand arguments to type-generic macros in shall have an appropriate essential type", "precision": "high", "severity": "error", "short_name": "TgMathArgumentWithInvalidEssentialType", @@ -29,9 +29,9 @@ }, "queries": [ { - "description": "All operand arguments to any multi-argument type-generic macros in shall have the same standard type", + "description": "All operand arguments to any multi-argument type-generic macros in shall have the same standard type.", "kind": "problem", - "name": "All operand arguments to any multi-argument type-generic macros in shall have the same", + "name": "Operand arguments for an invocation of a type-generic macro shall have the same standard type", "precision": "high", "severity": "error", "short_name": "TgMathArgumentsWithDifferingStandardType", From e30b3c34dcd9defdba2adc5dea814be68e2c585e Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Tue, 11 Mar 2025 22:12:53 -0700 Subject: [PATCH 2451/2573] Implement final MISRA 2023 rule amendments --- amendments.csv | 9 +- ...dLocalObjectAddressCopiedToGlobalObject.ql | 39 ++++ .../ExceptionHandlingFeaturesOfFenvhUsed.ql | 26 ++- c/misra/test/rules/DIR-4-9/test.c | 1 + .../EmergentLanguageFeaturesUsed.expected | 1 - ...ObjectAddressCopiedToGlobalObject.expected | 4 + ...calObjectAddressCopiedToGlobalObject.qlref | 1 + c/misra/test/rules/RULE-18-6/test.c | 169 ++++++++++++++++++ ...eptionHandlingFeaturesOfFenvhUsed.expected | 28 +-- c/misra/test/rules/RULE-21-12/test.c | 9 +- .../2025-03-11-various-misra-amendments.md | 8 + .../src/codingstandards/cpp/Emergent.qll | 4 - .../cpp/IrreplaceableFunctionLikeMacro.qll | 6 + .../cpp/exclusions/c/Pointers1.qll | 17 ++ ...ddressOfAutoStorageObjectToOtherObject.qll | 2 +- rule_packages/c/Pointers1.json | 12 ++ 16 files changed, 303 insertions(+), 33 deletions(-) create mode 100644 c/misra/src/rules/RULE-18-6/ThreadLocalObjectAddressCopiedToGlobalObject.ql create mode 100644 c/misra/test/rules/RULE-18-6/ThreadLocalObjectAddressCopiedToGlobalObject.expected create mode 100644 c/misra/test/rules/RULE-18-6/ThreadLocalObjectAddressCopiedToGlobalObject.qlref create mode 100644 c/misra/test/rules/RULE-18-6/test.c create mode 100644 change_notes/2025-03-11-various-misra-amendments.md diff --git a/amendments.csv b/amendments.csv index 6049525515..b496790f07 100644 --- a/amendments.csv +++ b/amendments.csv @@ -1,8 +1,8 @@ language,standard,amendment,rule_id,supportable,implementation_category,implemented,difficulty c,MISRA-C-2012,Amendment3,DIR-4-6,Yes,Expand,Yes,Easy -c,MISRA-C-2012,Amendment3,DIR-4-9,Yes,Refine,No,Easy +c,MISRA-C-2012,Amendment3,DIR-4-9,Yes,Refine,Yes,Easy c,MISRA-C-2012,Amendment3,DIR-4-11,Yes,Refine,No,Import -c,MISRA-C-2012,Amendment3,RULE-1-4,Yes,Replace,No,Easy +c,MISRA-C-2012,Amendment3,RULE-1-4,Yes,Replace,Yes,Easy c,MISRA-C-2012,Amendment3,RULE-10-1,Yes,Replace,Yes,Easy c,MISRA-C-2012,Amendment3,RULE-10-3,Yes,Refine,Yes,Easy c,MISRA-C-2012,Amendment3,RULE-10-4,Yes,Refine,Yes,Import @@ -10,11 +10,11 @@ c,MISRA-C-2012,Amendment3,RULE-10-5,Yes,Expand,Yes,Easy c,MISRA-C-2012,Amendment3,RULE-10-7,Yes,Refine,Yes,Import c,MISRA-C-2012,Amendment3,RULE-10-8,Yes,Refine,Yes,Import c,MISRA-C-2012,Amendment3,RULE-21-11,Yes,Clarification,Yes,Import -c,MISRA-C-2012,Amendment3,RULE-21-12,Yes,Replace,No,Easy +c,MISRA-C-2012,Amendment3,RULE-21-12,Yes,Replace,Yes,Easy c,MISRA-C-2012,Amendment4,RULE-11-3,Yes,Expand,No,Easy c,MISRA-C-2012,Amendment4,RULE-11-8,Yes,Expand,No,Easy c,MISRA-C-2012,Amendment4,RULE-13-2,Yes,Expand,No,Very Hard -c,MISRA-C-2012,Amendment4,RULE-18-6,Yes,Expand,No,Medium +c,MISRA-C-2012,Amendment4,RULE-18-6,Yes,Expand,Yes,Medium c,MISRA-C-2012,Amendment4,RULE-18-8,Yes,Split,Yes,Easy c,MISRA-C-2012,Amendment4,RULE-2-2,Yes,Clarification,Yes,Import c,MISRA-C-2012,Amendment4,RULE-2-7,Yes,Clarification,Yes,Import @@ -26,7 +26,6 @@ c,MISRA-C-2012,Amendment4,RULE-10-1,Yes,Clarification,Yes,Import c,MISRA-C-2012,Amendment4,RULE-18-3,Yes,Clarification,Yes,Import c,MISRA-C-2012,Amendment4,RULE-1-4,Yes,Replace,No,Easy c,MISRA-C-2012,Amendment4,RULE-9-1,Yes,Refine,No,Easy -c,MISRA-C-2012,Amendment4,RULE-9-2,Yes,Refine,No,Import c,MISRA-C-2012,Corrigendum2,DIR-4-10,Yes,Clarification,Yes,Import c,MISRA-C-2012,Corrigendum2,RULE-7-4,Yes,Refine,No,Easy c,MISRA-C-2012,Corrigendum2,RULE-8-2,Yes,Clarification,Yes,Import diff --git a/c/misra/src/rules/RULE-18-6/ThreadLocalObjectAddressCopiedToGlobalObject.ql b/c/misra/src/rules/RULE-18-6/ThreadLocalObjectAddressCopiedToGlobalObject.ql new file mode 100644 index 0000000000..6a520447d1 --- /dev/null +++ b/c/misra/src/rules/RULE-18-6/ThreadLocalObjectAddressCopiedToGlobalObject.ql @@ -0,0 +1,39 @@ +/** + * @id c/misra/thread-local-object-address-copied-to-global-object + * @name RULE-18-6: The address of an object with thread-local storage shall not be copied to a global object + * @description Storing the address of a thread-local object in a global object will result in + * undefined behavior if the address is accessed after the relevant thread is + * terminated. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-18-6 + * correctness + * external/misra/c/2012/amendment3 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.c.Objects +import codingstandards.cpp.Concurrency + +from AssignExpr assignment, Element threadLocal, ObjectIdentity static +where + not isExcluded(assignment, Pointers1Package::threadLocalObjectAddressCopiedToGlobalObjectQuery()) and + assignment.getLValue() = static.getASubobjectAccess() and + static.getStorageDuration().isStatic() and + ( + exists(ObjectIdentity threadLocalObj | + threadLocal = threadLocalObj and + assignment.getRValue() = threadLocalObj.getASubobjectAddressExpr() and + threadLocalObj.getStorageDuration().isThread() + ) + or + exists(TSSGetFunctionCall getCall | + threadLocal = getCall.getKey() and + assignment.getRValue() = getCall + ) + ) +select assignment, "Thread local object $@ address copied to static object $@.", + threadLocal.getLocation(), threadLocal.toString(), static.getLocation(), static.toString() diff --git a/c/misra/src/rules/RULE-21-12/ExceptionHandlingFeaturesOfFenvhUsed.ql b/c/misra/src/rules/RULE-21-12/ExceptionHandlingFeaturesOfFenvhUsed.ql index 33da2f5d03..c70e71ea1a 100644 --- a/c/misra/src/rules/RULE-21-12/ExceptionHandlingFeaturesOfFenvhUsed.ql +++ b/c/misra/src/rules/RULE-21-12/ExceptionHandlingFeaturesOfFenvhUsed.ql @@ -18,7 +18,8 @@ import codingstandards.c.misra class FPExceptionHandlingFunction extends Function { FPExceptionHandlingFunction() { this.hasName([ - "feclearexcept", "fegetexceptflag", "feraiseexcept", "fesetexceptflag", "fetestexcept" + "feclearexcept", "fegetexceptflag", "feraiseexcept", "fesetexceptflag", "fetestexcept", + "fesetenv", "feupdateenv", "fesetround" ]) and this.getFile().getBaseName() = "fenv.h" } @@ -33,22 +34,29 @@ class FPExceptionHandlingMacro extends Macro { } } -from Locatable call, string name, string kind +from Locatable element, string name, string message where - not isExcluded(call, BannedPackage::exceptionHandlingFeaturesOfFenvhUsedQuery()) and + not isExcluded(element, BannedPackage::exceptionHandlingFeaturesOfFenvhUsedQuery()) and ( + exists(Include include | + include.getIncludedFile().getBaseName() = "fenv.h" and + message = "Include of banned header" and + name = "fenv.h" and + element = include + ) + or exists(FPExceptionHandlingFunction f | - call = f.getACallToThisFunction() and + element = f.getACallToThisFunction() and name = f.getName() and - kind = "function" + message = "Call to banned function" ) or exists(FPExceptionHandlingMacro m | - call = m.getAnInvocation() and + element = m.getAnInvocation() and name = m.getName() and - kind = "macro" and + message = "Expansion of banned macro" and // Exclude macro invocations expanded from other macro invocations from macros in fenv.h. - not call.(MacroInvocation).getParentInvocation().getMacro().getFile().getBaseName() = "fenv.h" + not element.(MacroInvocation).getParentInvocation().getMacro().getFile().getBaseName() = "fenv.h" ) ) -select call, "Call to banned " + kind + " " + name + "." +select element, message + " '" + name + "'." diff --git a/c/misra/test/rules/DIR-4-9/test.c b/c/misra/test/rules/DIR-4-9/test.c index 50e6bdb042..c91e1a15a2 100644 --- a/c/misra/test/rules/DIR-4-9/test.c +++ b/c/misra/test/rules/DIR-4-9/test.c @@ -10,6 +10,7 @@ #define MACRO8(x) "NOP" // COMPLIANT #define MACRO9() printf_custom("output = %d", 7) // NON_COMPLIANT #define MACRO10(x) // COMPLIANT +#define MACRO11(x) _Generic((x), int: 1, default: 0) // COMPLIANT #define MY_ASSERT(X) assert(X) // NON_COMPLIANT[FALSE_NEGATIVE] const char a1[MACRO2(1, 1) + 6]; diff --git a/c/misra/test/rules/RULE-1-4/EmergentLanguageFeaturesUsed.expected b/c/misra/test/rules/RULE-1-4/EmergentLanguageFeaturesUsed.expected index 04c0e1bbd6..b0bbc467aa 100644 --- a/c/misra/test/rules/RULE-1-4/EmergentLanguageFeaturesUsed.expected +++ b/c/misra/test/rules/RULE-1-4/EmergentLanguageFeaturesUsed.expected @@ -1,6 +1,5 @@ | test.c:2:1:2:22 | #include | Usage of emergent language feature. | | test.c:4:1:4:20 | #include | Usage of emergent language feature. | -| test.c:6:1:6:49 | #define MACRO(x) _Generic((x), int : 0, long : 1) | Usage of emergent language feature. | | test.c:7:1:7:32 | #define __STDC_WANT_LIB_EXT1__ 1 | Usage of emergent language feature. | | test.c:12:26:12:40 | atomic_new_type | Usage of emergent language feature. | | test.c:17:15:17:15 | i | Usage of emergent language feature. | diff --git a/c/misra/test/rules/RULE-18-6/ThreadLocalObjectAddressCopiedToGlobalObject.expected b/c/misra/test/rules/RULE-18-6/ThreadLocalObjectAddressCopiedToGlobalObject.expected new file mode 100644 index 0000000000..99c5a91645 --- /dev/null +++ b/c/misra/test/rules/RULE-18-6/ThreadLocalObjectAddressCopiedToGlobalObject.expected @@ -0,0 +1,4 @@ +| test.c:29:3:29:10 | ... = ... | Thread local object $@ address copied to static object $@. | test.c:8:19:8:20 | test.c:8:19:8:20 | t1 | test.c:12:6:12:7 | test.c:12:6:12:7 | g2 | +| test.c:55:3:55:14 | ... = ... | Thread local object $@ address copied to static object $@. | test.c:10:17:10:18 | test.c:10:17:10:18 | t3 | test.c:13:3:13:4 | test.c:13:3:13:4 | g3 | +| test.c:152:3:152:21 | ... = ... | Thread local object $@ address copied to static object $@. | test.c:152:16:152:20 | test.c:152:16:152:20 | & ... | test.c:12:6:12:7 | test.c:12:6:12:7 | g2 | +| test.c:155:3:155:23 | ... = ... | Thread local object $@ address copied to static object $@. | test.c:155:18:155:22 | test.c:155:18:155:22 | & ... | test.c:13:3:13:4 | test.c:13:3:13:4 | g3 | diff --git a/c/misra/test/rules/RULE-18-6/ThreadLocalObjectAddressCopiedToGlobalObject.qlref b/c/misra/test/rules/RULE-18-6/ThreadLocalObjectAddressCopiedToGlobalObject.qlref new file mode 100644 index 0000000000..90cdd7a43f --- /dev/null +++ b/c/misra/test/rules/RULE-18-6/ThreadLocalObjectAddressCopiedToGlobalObject.qlref @@ -0,0 +1 @@ +rules/RULE-18-6/ThreadLocalObjectAddressCopiedToGlobalObject.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-18-6/test.c b/c/misra/test/rules/RULE-18-6/test.c new file mode 100644 index 0000000000..13b1070397 --- /dev/null +++ b/c/misra/test/rules/RULE-18-6/test.c @@ -0,0 +1,169 @@ +#include + +typedef struct { + int *p; + int m +} s; + +_Thread_local int t1; +_Thread_local int *t2; +_Thread_local s t3; +int g1; +int *g2; +s g3; + +void f1() { + // Regular object accesses + t1 = t1; // COMPLIANT + t1 = *t2; // COMPLIANT + t1 = g1; // COMPLIANT + t1 = *g2; // COMPLIANT + g1 = t1; // COMPLIANT + g1 = *t2; // COMPLIANT + g1 = g1; // COMPLIANT + g1 = *g2; // COMPLIANT + t2 = &t1; // COMPLIANT + t2 = t2; // COMPLIANT + t2 = &g1; // COMPLIANT + t2 = g2; // COMPLIANT + g2 = &t1; // NON-COMPLIANT + g2 = t2; // COMPLIANT + g2 = &g1; // COMPLIANT + g2 = g2; // COMPLIANT + *t2 = t1; // COMPLIANT + *t2 = *t2; // COMPLIANT + *t2 = g1; // COMPLIANT + *t2 = *g2; // COMPLIANT + *g2 = t1; // COMPLIANT + *g2 = *t2; // COMPLIANT + *g2 = g1; // COMPLIANT + *g2 = *g2; // COMPLIANT + + // Subobject accesses + t3.m = t3.m; // COMPLIANT + t3.m = *t3.p; // COMPLIANT + t3.m = g3.m; // COMPLIANT + t3.m = *g3.p; // COMPLIANT + g3.m = t3.m; // COMPLIANT + g3.m = *t3.p; // COMPLIANT + g3.m = g3.m; // COMPLIANT + g3.m = *g3.p; // COMPLIANT + t3.p = &t3.m; // COMPLIANT + t3.p = t3.p; // COMPLIANT + t3.p = &g3.m; // COMPLIANT + t3.p = g3.p; // COMPLIANT + g3.p = &t3.m; // NON-COMPLIANT + g3.p = t3.p; // COMPLIANT + g3.p = &g3.m; // COMPLIANT + g3.p = g3.p; // COMPLIANT + *t3.p = t3.m; // COMPLIANT + *t3.p = *t3.p; // COMPLIANT + *t3.p = g3.m; // COMPLIANT + *t3.p = *g3.p; // COMPLIANT + *g3.p = t3.m; // COMPLIANT + *g3.p = *t3.p; // COMPLIANT + *g3.p = g3.m; // COMPLIANT + *g3.p = *g3.p; // COMPLIANT + + // Storing values in locals (automatic storage duration) + int l1; + int *l2; + s l3; + + l1 = l1; // COMPLIANT + l1 = *l2; // COMPLIANT + l1 = l3.m; // COMPLIANT + l1 = *l3.p; // COMPLIANT + l1 = t1; // COMPLIANT + l1 = *t2; // COMPLIANT + l1 = t3.m; // COMPLIANT + l1 = *t3.p; // COMPLIANT + l1 = g1; // COMPLIANT + l1 = *g2; // COMPLIANT + l1 = g3.m; // COMPLIANT + l1 = *g3.p; // COMPLIANT + l2 = &l1; // COMPLIANT + l2 = l2; // COMPLIANT + l2 = &l3.m; // COMPLIANT + l2 = l3.p; // COMPLIANT + l2 = &t1; // COMPLIANT + l2 = t2; // COMPLIANT + l2 = &t3.m; // COMPLIANT + l2 = t3.p; // COMPLIANT + l2 = &g1; // COMPLIANT + l2 = g2; // COMPLIANT + l2 = &g3.m; // COMPLIANT + l2 = g3.p; // COMPLIANT + *l2 = l1; // COMPLIANT + *l2 = *l2; // COMPLIANT + *l2 = l3.m; // COMPLIANT + *l2 = *l3.p; // COMPLIANT + *l2 = t1; // COMPLIANT + *l2 = *t2; // COMPLIANT + *l2 = t3.m; // COMPLIANT + *l2 = *t3.p; // COMPLIANT + *l2 = g1; // COMPLIANT + *l2 = *g2; // COMPLIANT + *l2 = g3.m; // COMPLIANT + *l2 = *g3.p; // COMPLIANT + l3.m = l1; // COMPLIANT + l3.m = *l2; // COMPLIANT + l3.m = l3.m; // COMPLIANT + l3.m = *l3.p; // COMPLIANT + l3.m = t1; // COMPLIANT + l3.m = *t2; // COMPLIANT + l3.m = t3.m; // COMPLIANT + l3.m = *t3.p; // COMPLIANT + l3.m = g1; // COMPLIANT + l3.m = *g2; // COMPLIANT + l3.m = g3.m; // COMPLIANT + l3.m = *g3.p; // COMPLIANT + l3.p = &l1; // COMPLIANT + l3.p = l2; // COMPLIANT + l3.p = &l3.m; // COMPLIANT + l3.p = l3.p; // COMPLIANT + l3.p = &t1; // COMPLIANT + l3.p = t2; // COMPLIANT + l3.p = &t3.m; // COMPLIANT + l3.p = t3.p; // COMPLIANT + l3.p = &g1; // COMPLIANT + l3.p = g2; // COMPLIANT + l3.p = &g3.m; // COMPLIANT + l3.p = g3.p; // COMPLIANT + *l3.p = l1; // COMPLIANT + *l3.p = *l2; // COMPLIANT + *l3.p = l3.m; // COMPLIANT + *l3.p = *l3.p; // COMPLIANT + *l3.p = t1; // COMPLIANT + *l3.p = *t2; // COMPLIANT + *l3.p = t3.m; // COMPLIANT + *l3.p = *t3.p; // COMPLIANT + *l3.p = g1; // COMPLIANT + *l3.p = *g2; // COMPLIANT + *l3.p = g3.m; // COMPLIANT + *l3.p = *g3.p; // COMPLIANT + + // Storing local values in globals is covered by the shared query. +} + +tss_t tss1; +void f2() { + g1 = *(int *)tss_get(&tss1); // COMPLIANT + g2 = tss_get(&tss1); // NON-COMPLIANT + *g2 = *(int *)tss_get(&tss1); // COMPLIANT + g3.m = *(int *)tss_get(&tss1); // COMPLIANT + g3.p = tss_get(&tss1); // NON-COMPLIANT + *g3.p = *(int *)tss_get(&tss1); // COMPLIANT + g1 = ((s *)tss_get(&tss1))->m; // COMPLIANT + g1 = *((s *)tss_get(&tss1))->p; // COMPLIANT + g2 = &((s *)tss_get(&tss1))->m; // NON-COMPLIANT[false negative] + g2 = *((s *)tss_get(&tss1))->p; // COMPLIANT + *g2 = ((s *)tss_get(&tss1))->m; // COMPLIANT + *g2 = *((s *)tss_get(&tss1))->p; // COMPLIANT + g3.m = ((s *)tss_get(&tss1))->m; // COMPLIANT + g3.m = *((s *)tss_get(&tss1))->p; // COMPLIANT + g3.p = &((s *)tss_get(&tss1))->m; // NON-COMPLIANT[false negative] + g3.p = *((s *)tss_get(&tss1))->p; // COMPLIANT + *g3.p = ((s *)tss_get(&tss1))->m; // COMPLIANT + *g3.p = *((s *)tss_get(&tss1))->p; // COMPLIANT +} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-12/ExceptionHandlingFeaturesOfFenvhUsed.expected b/c/misra/test/rules/RULE-21-12/ExceptionHandlingFeaturesOfFenvhUsed.expected index 747b25a2c1..8032bf38cc 100644 --- a/c/misra/test/rules/RULE-21-12/ExceptionHandlingFeaturesOfFenvhUsed.expected +++ b/c/misra/test/rules/RULE-21-12/ExceptionHandlingFeaturesOfFenvhUsed.expected @@ -1,12 +1,16 @@ -| test.c:4:11:4:23 | call to feclearexcept | Call to banned function feclearexcept. | -| test.c:4:25:4:34 | FE_INVALID | Call to banned macro FE_INVALID. | -| test.c:6:3:6:17 | call to fegetexceptflag | Call to banned function fegetexceptflag. | -| test.c:6:24:6:36 | FE_ALL_EXCEPT | Call to banned macro FE_ALL_EXCEPT. | -| test.c:7:3:7:15 | call to feraiseexcept | Call to banned function feraiseexcept. | -| test.c:7:17:7:28 | FE_DIVBYZERO | Call to banned macro FE_DIVBYZERO. | -| test.c:8:3:8:15 | call to feraiseexcept | Call to banned function feraiseexcept. | -| test.c:8:17:8:27 | FE_OVERFLOW | Call to banned macro FE_OVERFLOW. | -| test.c:9:3:9:17 | call to fesetexceptflag | Call to banned function fesetexceptflag. | -| test.c:9:24:9:36 | FE_ALL_EXCEPT | Call to banned macro FE_ALL_EXCEPT. | -| test.c:10:3:10:14 | call to fetestexcept | Call to banned function fetestexcept. | -| test.c:10:16:10:27 | FE_UNDERFLOW | Call to banned macro FE_UNDERFLOW. | +| test.c:2:1:2:17 | #include | Include of banned header 'fenv.h'. | +| test.c:6:11:6:23 | call to feclearexcept | Call to banned function 'feclearexcept'. | +| test.c:6:25:6:34 | FE_INVALID | Expansion of banned macro 'FE_INVALID'. | +| test.c:8:3:8:17 | call to fegetexceptflag | Call to banned function 'fegetexceptflag'. | +| test.c:8:24:8:36 | FE_ALL_EXCEPT | Expansion of banned macro 'FE_ALL_EXCEPT'. | +| test.c:9:3:9:15 | call to feraiseexcept | Call to banned function 'feraiseexcept'. | +| test.c:9:17:9:28 | FE_DIVBYZERO | Expansion of banned macro 'FE_DIVBYZERO'. | +| test.c:10:3:10:15 | call to feraiseexcept | Call to banned function 'feraiseexcept'. | +| test.c:10:17:10:27 | FE_OVERFLOW | Expansion of banned macro 'FE_OVERFLOW'. | +| test.c:11:3:11:17 | call to fesetexceptflag | Call to banned function 'fesetexceptflag'. | +| test.c:11:24:11:36 | FE_ALL_EXCEPT | Expansion of banned macro 'FE_ALL_EXCEPT'. | +| test.c:12:3:12:14 | call to fetestexcept | Call to banned function 'fetestexcept'. | +| test.c:12:16:12:27 | FE_UNDERFLOW | Expansion of banned macro 'FE_UNDERFLOW'. | +| test.c:15:3:15:10 | call to fesetenv | Call to banned function 'fesetenv'. | +| test.c:16:3:16:13 | call to feupdateenv | Call to banned function 'feupdateenv'. | +| test.c:17:3:17:12 | call to fesetround | Call to banned function 'fesetround'. | diff --git a/c/misra/test/rules/RULE-21-12/test.c b/c/misra/test/rules/RULE-21-12/test.c index ae4d90a402..9a049c9ed8 100644 --- a/c/misra/test/rules/RULE-21-12/test.c +++ b/c/misra/test/rules/RULE-21-12/test.c @@ -1,4 +1,6 @@ +// NON_COMPLIANT: Cannot #include fenv.h. #include + void f2(); void f1() { int i = feclearexcept(FE_INVALID); // NON_COMPLIANT @@ -8,5 +10,10 @@ void f1() { feraiseexcept(FE_OVERFLOW); // NON_COMPLIANT fesetexceptflag(&i2, FE_ALL_EXCEPT); // NON_COMPLIANT fetestexcept(FE_UNDERFLOW); // NON_COMPLIANT - f2(); // COMPLIANT + fenv_t env; + fegetenv(&env); + fesetenv(&env); // NON_COMPLIANT + feupdateenv(&env); // NON_COMPLIANT + fesetround(0); // NON_COMPLIANT + f2(); // COMPLIANT } diff --git a/change_notes/2025-03-11-various-misra-amendments.md b/change_notes/2025-03-11-various-misra-amendments.md new file mode 100644 index 0000000000..99acdcc63a --- /dev/null +++ b/change_notes/2025-03-11-various-misra-amendments.md @@ -0,0 +1,8 @@ + - `DIR-4-9` - `FunctionOverFunctionLikeMacro.ql`: + - Macros with `_Generic` now no longer reported. + - `RULE-1-4` - `EmergentLanguageFeaturesUsed.ql`: + - Ban on usage of `_Generics` removed. + - `RULE-18-6` - `ThreadLocalObjectAddressCopiedToGlobalObject.ql`: + - New query added to detect thread local objects assigned to static storage duration objects. + - `RULE-21-12` - `ExceptionHandlingFeaturesOfFenvhUsed.ql`: + - Added reports for `#include`ing "fenv.h", and for using `fesetenv`, `feupdatenv`, and `fesetround`. \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/Emergent.qll b/cpp/common/src/codingstandards/cpp/Emergent.qll index 506d024bc9..3b3fbbaebd 100644 --- a/cpp/common/src/codingstandards/cpp/Emergent.qll +++ b/cpp/common/src/codingstandards/cpp/Emergent.qll @@ -30,8 +30,4 @@ module C11 { getBody() = "1" } } - - class GenericMacro extends EmergentLanguageFeature, Macro { - GenericMacro() { getBody().indexOf("_Generic") = 0 } - } } diff --git a/cpp/common/src/codingstandards/cpp/IrreplaceableFunctionLikeMacro.qll b/cpp/common/src/codingstandards/cpp/IrreplaceableFunctionLikeMacro.qll index af62cacfd3..e3d6df7e50 100644 --- a/cpp/common/src/codingstandards/cpp/IrreplaceableFunctionLikeMacro.qll +++ b/cpp/common/src/codingstandards/cpp/IrreplaceableFunctionLikeMacro.qll @@ -56,3 +56,9 @@ private class FunctionLikeMacroWithOperatorArgument extends IrreplaceableFunctio ) } } + +private class GenericMacro extends IrreplaceableFunctionLikeMacro { + GenericMacro() { + getBody().matches("%_Generic%") + } +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers1.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers1.qll index e35f0f3a88..725fe46904 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers1.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Pointers1.qll @@ -19,6 +19,7 @@ newtype Pointers1Query = TDoNotUseAdditionOrSubtractionOperatorsOnPointersQuery() or TNoMoreThanTwoLevelsOfPointerNestingInDeclarationsQuery() or TAutomaticStorageObjectAddressCopiedToOtherObjectQuery() or + TThreadLocalObjectAddressCopiedToGlobalObjectQuery() or TObjectWithNoPointerDereferenceShouldBeOpaqueQuery() or TPointerShouldPointToConstTypeWhenPossibleQuery() @@ -158,6 +159,15 @@ predicate isPointers1QueryMetadata(Query query, string queryId, string ruleId, s ruleId = "RULE-18-6" and category = "required" or + query = + // `Query` instance for the `threadLocalObjectAddressCopiedToGlobalObject` query + Pointers1Package::threadLocalObjectAddressCopiedToGlobalObjectQuery() and + queryId = + // `@id` for the `threadLocalObjectAddressCopiedToGlobalObject` query + "c/misra/thread-local-object-address-copied-to-global-object" and + ruleId = "RULE-18-6" and + category = "required" + or query = // `Query` instance for the `objectWithNoPointerDereferenceShouldBeOpaque` query Pointers1Package::objectWithNoPointerDereferenceShouldBeOpaqueQuery() and @@ -283,6 +293,13 @@ module Pointers1Package { TQueryC(TPointers1PackageQuery(TAutomaticStorageObjectAddressCopiedToOtherObjectQuery())) } + Query threadLocalObjectAddressCopiedToGlobalObjectQuery() { + //autogenerate `Query` type + result = + // `Query` type for `threadLocalObjectAddressCopiedToGlobalObject` query + TQueryC(TPointers1PackageQuery(TThreadLocalObjectAddressCopiedToGlobalObjectQuery())) + } + Query objectWithNoPointerDereferenceShouldBeOpaqueQuery() { //autogenerate `Query` type result = diff --git a/cpp/common/src/codingstandards/cpp/rules/donotcopyaddressofautostorageobjecttootherobject/DoNotCopyAddressOfAutoStorageObjectToOtherObject.qll b/cpp/common/src/codingstandards/cpp/rules/donotcopyaddressofautostorageobjecttootherobject/DoNotCopyAddressOfAutoStorageObjectToOtherObject.qll index 1b22fd5c3b..214f8e9aba 100644 --- a/cpp/common/src/codingstandards/cpp/rules/donotcopyaddressofautostorageobjecttootherobject/DoNotCopyAddressOfAutoStorageObjectToOtherObject.qll +++ b/cpp/common/src/codingstandards/cpp/rules/donotcopyaddressofautostorageobjecttootherobject/DoNotCopyAddressOfAutoStorageObjectToOtherObject.qll @@ -54,4 +54,4 @@ query predicate problems(Expr use, string message, Expr source, string srcStr) { srcStr = "parameter" ) ) -} +} \ No newline at end of file diff --git a/rule_packages/c/Pointers1.json b/rule_packages/c/Pointers1.json index 5f53d15702..1b54fc1fb6 100644 --- a/rule_packages/c/Pointers1.json +++ b/rule_packages/c/Pointers1.json @@ -305,6 +305,18 @@ "correctness", "external/misra/c/2012/third-edition-first-revision" ] + }, + { + "description": "Storing the address of a thread-local object in a global object will result in undefined behavior if the address is accessed after the relevant thread is terminated.", + "kind": "problem", + "name": "The address of an object with thread-local storage shall not be copied to a global object", + "precision": "very-high", + "severity": "error", + "short_name": "ThreadLocalObjectAddressCopiedToGlobalObject", + "tags": [ + "correctness", + "external/misra/c/2012/amendment3" + ] } ], "title": "The address of an object with automatic storage shall not be copied to another object that persists after the first object has ceased to exist" From f363371916d4e8aecf6540597c07985648d01dc0 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Tue, 11 Mar 2025 22:22:30 -0700 Subject: [PATCH 2452/2573] Update generic test expectation offsets post formatting --- ...ectionDoesntDependOnMacroArgument.expected | 6 +- ...ricSelectionNotExpandedFromAMacro.expected | 2 +- ...ectionNotFromMacroWithSideEffects.expected | 6 +- ...nericWithoutNonDefaultAssociation.expected | 4 +- ...icAssociationWithUnselectableType.expected | 26 +-- ...faultSelectionForPointerInGeneric.expected | 168 +++++++++--------- ...ressionWithIncorrectEssentialType.expected | 8 +- ...lidGenericMacroArgumentEvaluation.expected | 24 +-- ...ultGenericSelectionNotFirstOrLast.expected | 8 +- 9 files changed, 126 insertions(+), 126 deletions(-) diff --git a/c/misra/test/rules/RULE-23-1/GenericSelectionDoesntDependOnMacroArgument.expected b/c/misra/test/rules/RULE-23-1/GenericSelectionDoesntDependOnMacroArgument.expected index 2534e47012..a903827391 100644 --- a/c/misra/test/rules/RULE-23-1/GenericSelectionDoesntDependOnMacroArgument.expected +++ b/c/misra/test/rules/RULE-23-1/GenericSelectionDoesntDependOnMacroArgument.expected @@ -1,3 +1,3 @@ -| test.c:2:1:2:30 | #define M1 _Generic(1, int: 1) | Generic macro M1 uses controlling expr 1, which doesn't match any macro parameter. | -| test.c:4:1:4:33 | #define M2(X) _Generic(1, int: X) | Generic macro M2 uses controlling expr 1, which doesn't match any macro parameter. | -| test.c:18:1:18:38 | #define M9(X) g(_Generic((Y), int: 1)) | Generic macro M9 uses controlling expr (Y), which doesn't match any macro parameter. | +| test.c:2:1:2:31 | #define M1 _Generic(1, int : 1) | Generic macro M1 uses controlling expr 1, which doesn't match any macro parameter. | +| test.c:4:1:4:34 | #define M2(X) _Generic(1, int : X) | Generic macro M2 uses controlling expr 1, which doesn't match any macro parameter. | +| test.c:18:1:18:39 | #define M9(X) g(_Generic((Y), int : 1)) | Generic macro M9 uses controlling expr (Y), which doesn't match any macro parameter. | diff --git a/c/misra/test/rules/RULE-23-1/GenericSelectionNotExpandedFromAMacro.expected b/c/misra/test/rules/RULE-23-1/GenericSelectionNotExpandedFromAMacro.expected index 476a9320b8..aa3516354e 100644 --- a/c/misra/test/rules/RULE-23-1/GenericSelectionNotExpandedFromAMacro.expected +++ b/c/misra/test/rules/RULE-23-1/GenericSelectionNotExpandedFromAMacro.expected @@ -1 +1 @@ -| test.c:21:3:21:21 | _Generic | Generic expression with controlling expression $@ is not expanded froma macro | test.c:21:12:21:12 | 1 | 1 | +| test.c:21:3:21:22 | _Generic | Generic expression with controlling expression $@ is not expanded froma macro | test.c:21:12:21:12 | 1 | 1 | diff --git a/c/misra/test/rules/RULE-23-2/GenericSelectionNotFromMacroWithSideEffects.expected b/c/misra/test/rules/RULE-23-2/GenericSelectionNotFromMacroWithSideEffects.expected index 1abcb4f2bb..b0a970bbcf 100644 --- a/c/misra/test/rules/RULE-23-2/GenericSelectionNotFromMacroWithSideEffects.expected +++ b/c/misra/test/rules/RULE-23-2/GenericSelectionNotFromMacroWithSideEffects.expected @@ -1,3 +1,3 @@ -| test.c:4:1:4:37 | #define M2(X) _Generic((X)++, int: 1) | Generic selection macro M2 contains a side effect '... ++', which is not from macro invocation arguments. | test.c:4:1:4:37 | #define M2(X) _Generic((X)++, int: 1) | (ignored) | -| test.c:7:1:7:38 | #define M3(X) _Generic(l1++, int: (X)) | Generic selection macro M3 contains a side effect '... ++', which is not from macro invocation arguments. | test.c:7:1:7:38 | #define M3(X) _Generic(l1++, int: (X)) | (ignored) | -| test.c:42:1:44:24 | #define M5(X) static volatile l ## X; _Generic(l ## X, int: 1) | Generic selection in macro M5 contains an invocation-dependent side effect which is not from macro invocation arguments, for example $@. | test.c:47:3:47:7 | _Generic | side effect 'la' | +| test.c:4:1:4:38 | #define M2(X) _Generic((X)++, int : 1) | Generic selection macro M2 contains a side effect '... ++', which is not from macro invocation arguments. | test.c:4:1:4:38 | #define M2(X) _Generic((X)++, int : 1) | (ignored) | +| test.c:7:1:7:39 | #define M3(X) _Generic(l1++, int : (X)) | Generic selection macro M3 contains a side effect '... ++', which is not from macro invocation arguments. | test.c:7:1:7:39 | #define M3(X) _Generic(l1++, int : (X)) | (ignored) | +| test.c:42:1:44:25 | #define M5(X) static volatile l ## X; _Generic(l ## X, int : 1) | Generic selection in macro M5 contains an invocation-dependent side effect which is not from macro invocation arguments, for example $@. | test.c:47:3:47:7 | _Generic | side effect 'la' | diff --git a/c/misra/test/rules/RULE-23-3/GenericWithoutNonDefaultAssociation.expected b/c/misra/test/rules/RULE-23-3/GenericWithoutNonDefaultAssociation.expected index 50d6277e84..6a56026947 100644 --- a/c/misra/test/rules/RULE-23-3/GenericWithoutNonDefaultAssociation.expected +++ b/c/misra/test/rules/RULE-23-3/GenericWithoutNonDefaultAssociation.expected @@ -1,2 +1,2 @@ -| test.c:2:1:2:35 | #define M1 _Generic(1, default: 1); | Generic selection contains no non-default association. | -| test.c:14:3:14:25 | _Generic | Generic selection contains no non-default association. | +| test.c:2:1:2:36 | #define M1 _Generic(1, default : 1); | Generic selection contains no non-default association. | +| test.c:14:3:14:26 | _Generic | Generic selection contains no non-default association. | diff --git a/c/misra/test/rules/RULE-23-4/GenericAssociationWithUnselectableType.expected b/c/misra/test/rules/RULE-23-4/GenericAssociationWithUnselectableType.expected index 27030fc768..132bb82979 100644 --- a/c/misra/test/rules/RULE-23-4/GenericAssociationWithUnselectableType.expected +++ b/c/misra/test/rules/RULE-23-4/GenericAssociationWithUnselectableType.expected @@ -1,13 +1,13 @@ -| test.c:11:18:11:18 | 1 | Generic selection uses unselectable type 'const int', due to qualifiers removed'. | test.c:11:18:11:18 | 1 | side effect | -| test.c:12:21:12:21 | 1 | Generic selection uses unselectable type 'volatile int', due to qualifiers removed'. | test.c:12:21:12:21 | 1 | side effect | -| test.c:13:20:13:20 | 1 | Generic selection uses unselectable type '_Atomic(int)', due to qualifiers removed'. | test.c:13:20:13:20 | 1 | side effect | -| test.c:16:27:16:27 | 1 | Generic selection uses unselectable type 'const volatile int', due to qualifiers removed'. | test.c:16:27:16:27 | 1 | side effect | -| test.c:18:18:18:18 | 1 | Generic selection uses unselectable type '(unnamed class/struct/union)', due to containing an anonymous struct or union type'. | test.c:18:18:18:18 | 1 | side effect | -| test.c:19:20:19:20 | 1 | Generic selection uses unselectable type 'struct *', due to containing an anonymous struct or union type'. | test.c:19:20:19:20 | 1 | side effect | -| test.c:24:17:24:17 | 1 | Generic selection uses unselectable type '(unnamed class/struct/union)', due to containing an anonymous struct or union type'. | test.c:24:17:24:17 | 1 | side effect | -| test.c:25:19:25:19 | 1 | Generic selection uses unselectable type 'union *', due to containing an anonymous struct or union type'. | test.c:25:19:25:19 | 1 | side effect | -| test.c:31:15:31:15 | 1 | Generic selection uses unselectable type 'int[3]', due to array-to-pointer decay'. | test.c:31:15:31:15 | 1 | side effect | -| test.c:40:1:40:53 | #define M1(X) _Generic((X), const int: 1, default: 0) | Generic in macro M1 has unselectable type 'const int', due to qualifiers removed. | test.c:40:1:40:53 | #define M1(X) _Generic((X), const int: 1, default: 0) | (ignored) | -| test.c:42:1:42:46 | #define M2(X) _Generic(1, X[3]: 1, default: 0) | Generic in macro M2 has an invocation-dependent unselectable type, for example $@. | test.c:49:3:49:10 | 1 | 'char[3]', due to array-to-pointer decay | -| test.c:52:3:52:15 | M3(X) | Generic resulting from invocation of macro $@ contains an unselectable type 'const int', due to qualifiers removed. | test.c:44:1:44:43 | #define M3(X) _Generic(1, X: 1, default: 0) | M3 | -| test.c:64:18:64:18 | 1 | Generic selection uses unselectable type 'const_int', due to qualifiers removed'. | test.c:64:18:64:18 | 1 | side effect | +| test.c:11:24:11:24 | 1 | Generic selection uses unselectable type 'const int', due to qualifiers removed'. | test.c:11:24:11:24 | 1 | side effect | +| test.c:12:27:12:27 | 1 | Generic selection uses unselectable type 'volatile int', due to qualifiers removed'. | test.c:12:27:12:27 | 1 | side effect | +| test.c:13:26:13:26 | 1 | Generic selection uses unselectable type '_Atomic(int)', due to qualifiers removed'. | test.c:13:26:13:26 | 1 | side effect | +| test.c:16:33:16:33 | 1 | Generic selection uses unselectable type 'const volatile int', due to qualifiers removed'. | test.c:16:33:16:33 | 1 | side effect | +| test.c:18:24:18:24 | 1 | Generic selection uses unselectable type '(unnamed class/struct/union)', due to containing an anonymous struct or union type'. | test.c:18:24:18:24 | 1 | side effect | +| test.c:19:26:19:26 | 1 | Generic selection uses unselectable type 'struct *', due to containing an anonymous struct or union type'. | test.c:19:26:19:26 | 1 | side effect | +| test.c:24:23:24:23 | 1 | Generic selection uses unselectable type '(unnamed class/struct/union)', due to containing an anonymous struct or union type'. | test.c:24:23:24:23 | 1 | side effect | +| test.c:25:25:25:25 | 1 | Generic selection uses unselectable type 'union *', due to containing an anonymous struct or union type'. | test.c:25:25:25:25 | 1 | side effect | +| test.c:31:21:31:21 | 1 | Generic selection uses unselectable type 'int[3]', due to array-to-pointer decay'. | test.c:31:21:31:21 | 1 | side effect | +| test.c:40:1:40:55 | #define M1(X) _Generic((X), const int : 1, default : 0) | Generic in macro M1 has unselectable type 'const int', due to qualifiers removed. | test.c:40:1:40:55 | #define M1(X) _Generic((X), const int : 1, default : 0) | (ignored) | +| test.c:42:1:42:48 | #define M2(X) _Generic(1, X[3] : 1, default : 0) | Generic in macro M2 has an invocation-dependent unselectable type, for example $@. | test.c:49:3:49:10 | 1 | 'char[3]', due to array-to-pointer decay | +| test.c:52:3:52:15 | M3(X) | Generic resulting from invocation of macro $@ contains an unselectable type 'const int', due to qualifiers removed. | test.c:44:1:44:45 | #define M3(X) _Generic(1, X : 1, default : 0) | M3 | +| test.c:64:24:64:24 | 1 | Generic selection uses unselectable type 'const_int', due to qualifiers removed'. | test.c:64:24:64:24 | 1 | side effect | diff --git a/c/misra/test/rules/RULE-23-5/DangerousDefaultSelectionForPointerInGeneric.expected b/c/misra/test/rules/RULE-23-5/DangerousDefaultSelectionForPointerInGeneric.expected index 994d55968c..3ed6b3f26b 100644 --- a/c/misra/test/rules/RULE-23-5/DangerousDefaultSelectionForPointerInGeneric.expected +++ b/c/misra/test/rules/RULE-23-5/DangerousDefaultSelectionForPointerInGeneric.expected @@ -1,84 +1,84 @@ -| test.c:41:3:41:44 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const int *. | test.c:41:3:41:44 | _Generic | | -| test.c:42:3:42:47 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to volatile int *. | test.c:42:3:42:47 | _Generic | | -| test.c:43:3:43:53 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const volatile int *. | test.c:43:3:43:53 | _Generic | | -| test.c:44:3:44:39 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to void *. | test.c:44:3:44:39 | _Generic | | -| test.c:45:3:45:45 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const void *. | test.c:45:3:45:45 | _Generic | | -| test.c:46:3:46:54 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const volatile void *. | test.c:46:3:46:54 | _Generic | | -| test.c:48:3:48:38 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to int *. | test.c:48:3:48:38 | _Generic | | -| test.c:50:3:50:39 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to void *. | test.c:50:3:50:39 | _Generic | | -| test.c:51:3:51:45 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to const void *. | test.c:51:3:51:45 | _Generic | | -| test.c:52:3:52:54 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to const volatile void *. | test.c:52:3:52:54 | _Generic | | -| test.c:57:3:57:53 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to const volatile int *. | test.c:57:3:57:53 | _Generic | | -| test.c:59:3:59:38 | _Generic | Generic matched default selection, as controlling argument type volatile int * does not undergo pointer conversion to int *. | test.c:59:3:59:38 | _Generic | | -| test.c:61:3:61:53 | _Generic | Generic matched default selection, as controlling argument type volatile int * does not undergo pointer conversion to const volatile int *. | test.c:61:3:61:53 | _Generic | | -| test.c:62:3:62:39 | _Generic | Generic matched default selection, as controlling argument type volatile int * does not undergo pointer conversion to void *. | test.c:62:3:62:39 | _Generic | | -| test.c:63:3:63:54 | _Generic | Generic matched default selection, as controlling argument type volatile int * does not undergo pointer conversion to const volatile void *. | test.c:63:3:63:54 | _Generic | | -| test.c:69:3:69:38 | _Generic | Generic matched default selection, as controlling argument type const volatile int * does not undergo pointer conversion to int *. | test.c:69:3:69:38 | _Generic | | -| test.c:70:3:70:44 | _Generic | Generic matched default selection, as controlling argument type const volatile int * does not undergo pointer conversion to const int *. | test.c:70:3:70:44 | _Generic | | -| test.c:71:3:71:47 | _Generic | Generic matched default selection, as controlling argument type const volatile int * does not undergo pointer conversion to volatile int *. | test.c:71:3:71:47 | _Generic | | -| test.c:73:3:73:39 | _Generic | Generic matched default selection, as controlling argument type const volatile int * does not undergo pointer conversion to void *. | test.c:73:3:73:39 | _Generic | | -| test.c:74:3:74:45 | _Generic | Generic matched default selection, as controlling argument type const volatile int * does not undergo pointer conversion to const void *. | test.c:74:3:74:45 | _Generic | | -| test.c:75:3:75:54 | _Generic | Generic matched default selection, as controlling argument type const volatile int * does not undergo pointer conversion to const volatile void *. | test.c:75:3:75:54 | _Generic | | -| test.c:77:3:77:38 | _Generic | Generic matched default selection, as controlling argument type void * does not undergo pointer conversion to int *. | test.c:77:3:77:38 | _Generic | | -| test.c:78:3:78:44 | _Generic | Generic matched default selection, as controlling argument type void * does not undergo pointer conversion to const int *. | test.c:78:3:78:44 | _Generic | | -| test.c:79:3:79:47 | _Generic | Generic matched default selection, as controlling argument type void * does not undergo pointer conversion to volatile int *. | test.c:79:3:79:47 | _Generic | | -| test.c:80:3:80:53 | _Generic | Generic matched default selection, as controlling argument type void * does not undergo pointer conversion to const volatile int *. | test.c:80:3:80:53 | _Generic | | -| test.c:82:3:82:45 | _Generic | Generic matched default selection, as controlling argument type void * does not undergo pointer conversion to const void *. | test.c:82:3:82:45 | _Generic | | -| test.c:83:3:83:54 | _Generic | Generic matched default selection, as controlling argument type void * does not undergo pointer conversion to const volatile void *. | test.c:83:3:83:54 | _Generic | | -| test.c:85:3:85:38 | _Generic | Generic matched default selection, as controlling argument type const void * does not undergo pointer conversion to int *. | test.c:85:3:85:38 | _Generic | | -| test.c:86:3:86:44 | _Generic | Generic matched default selection, as controlling argument type const void * does not undergo pointer conversion to const int *. | test.c:86:3:86:44 | _Generic | | -| test.c:87:3:87:53 | _Generic | Generic matched default selection, as controlling argument type const void * does not undergo pointer conversion to const volatile int *. | test.c:87:3:87:53 | _Generic | | -| test.c:88:3:88:39 | _Generic | Generic matched default selection, as controlling argument type const void * does not undergo pointer conversion to void *. | test.c:88:3:88:39 | _Generic | | -| test.c:90:3:90:54 | _Generic | Generic matched default selection, as controlling argument type const void * does not undergo pointer conversion to const volatile void *. | test.c:90:3:90:54 | _Generic | | -| test.c:94:3:94:38 | _Generic | Generic matched default selection, as controlling argument type const volatile void * does not undergo pointer conversion to int *. | test.c:94:3:94:38 | _Generic | | -| test.c:95:3:95:44 | _Generic | Generic matched default selection, as controlling argument type const volatile void * does not undergo pointer conversion to const int *. | test.c:95:3:95:44 | _Generic | | -| test.c:96:3:96:47 | _Generic | Generic matched default selection, as controlling argument type const volatile void * does not undergo pointer conversion to volatile int *. | test.c:96:3:96:47 | _Generic | | -| test.c:97:3:97:53 | _Generic | Generic matched default selection, as controlling argument type const volatile void * does not undergo pointer conversion to const volatile int *. | test.c:97:3:97:53 | _Generic | | -| test.c:98:3:98:39 | _Generic | Generic matched default selection, as controlling argument type const volatile void * does not undergo pointer conversion to void *. | test.c:98:3:98:39 | _Generic | | -| test.c:99:3:99:45 | _Generic | Generic matched default selection, as controlling argument type const volatile void * does not undergo pointer conversion to const void *. | test.c:99:3:99:45 | _Generic | | -| test.c:119:3:119:45 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const int *. | test.c:119:3:119:45 | _Generic | | -| test.c:120:3:120:48 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to volatile int *. | test.c:120:3:120:48 | _Generic | | -| test.c:121:3:121:54 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const volatile int *. | test.c:121:3:121:54 | _Generic | | -| test.c:122:3:122:40 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to void *. | test.c:122:3:122:40 | _Generic | | -| test.c:123:3:123:46 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const void *. | test.c:123:3:123:46 | _Generic | | -| test.c:124:3:124:55 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const volatile void *. | test.c:124:3:124:55 | _Generic | | -| test.c:126:3:126:39 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to int *. | test.c:126:3:126:39 | _Generic | | -| test.c:128:3:128:40 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to void *. | test.c:128:3:128:40 | _Generic | | -| test.c:129:3:129:46 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to const void *. | test.c:129:3:129:46 | _Generic | | -| test.c:130:3:130:55 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to const volatile void *. | test.c:130:3:130:55 | _Generic | | -| test.c:135:3:135:54 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to const volatile int *. | test.c:135:3:135:54 | _Generic | | -| test.c:137:3:137:39 | _Generic | Generic matched default selection, as controlling argument type volatile int * does not undergo pointer conversion to int *. | test.c:137:3:137:39 | _Generic | | -| test.c:139:3:139:54 | _Generic | Generic matched default selection, as controlling argument type volatile int * does not undergo pointer conversion to const volatile int *. | test.c:139:3:139:54 | _Generic | | -| test.c:140:3:140:40 | _Generic | Generic matched default selection, as controlling argument type volatile int * does not undergo pointer conversion to void *. | test.c:140:3:140:40 | _Generic | | -| test.c:141:3:141:55 | _Generic | Generic matched default selection, as controlling argument type volatile int * does not undergo pointer conversion to const volatile void *. | test.c:141:3:141:55 | _Generic | | -| test.c:147:3:147:39 | _Generic | Generic matched default selection, as controlling argument type const volatile int * does not undergo pointer conversion to int *. | test.c:147:3:147:39 | _Generic | | -| test.c:148:3:148:45 | _Generic | Generic matched default selection, as controlling argument type const volatile int * does not undergo pointer conversion to const int *. | test.c:148:3:148:45 | _Generic | | -| test.c:149:3:149:48 | _Generic | Generic matched default selection, as controlling argument type const volatile int * does not undergo pointer conversion to volatile int *. | test.c:149:3:149:48 | _Generic | | -| test.c:151:3:151:40 | _Generic | Generic matched default selection, as controlling argument type const volatile int * does not undergo pointer conversion to void *. | test.c:151:3:151:40 | _Generic | | -| test.c:152:3:152:46 | _Generic | Generic matched default selection, as controlling argument type const volatile int * does not undergo pointer conversion to const void *. | test.c:152:3:152:46 | _Generic | | -| test.c:153:3:153:55 | _Generic | Generic matched default selection, as controlling argument type const volatile int * does not undergo pointer conversion to const volatile void *. | test.c:153:3:153:55 | _Generic | | -| test.c:156:3:156:45 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const int *. | test.c:156:3:156:45 | _Generic | | -| test.c:157:3:157:48 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to volatile int *. | test.c:157:3:157:48 | _Generic | | -| test.c:158:3:158:54 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const volatile int *. | test.c:158:3:158:54 | _Generic | | -| test.c:159:3:159:40 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to void *. | test.c:159:3:159:40 | _Generic | | -| test.c:160:3:160:46 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const void *. | test.c:160:3:160:46 | _Generic | | -| test.c:161:3:161:55 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const volatile void *. | test.c:161:3:161:55 | _Generic | | -| test.c:163:3:163:39 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to int *. | test.c:163:3:163:39 | _Generic | | -| test.c:165:3:165:40 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to void *. | test.c:165:3:165:40 | _Generic | | -| test.c:166:3:166:46 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to const void *. | test.c:166:3:166:46 | _Generic | | -| test.c:167:3:167:55 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to const volatile void *. | test.c:167:3:167:55 | _Generic | | -| test.c:172:3:172:54 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to const volatile int *. | test.c:172:3:172:54 | _Generic | | -| test.c:180:3:180:48 | _Generic | Generic matched default selection, as controlling argument type int(*)[3] does not undergo pointer conversion to int(*const)[3]. | test.c:180:3:180:48 | _Generic | | -| test.c:188:3:191:18 | _Generic | Generic matched default selection, as controlling argument type int(*)[3] does not undergo pointer conversion to int(*const)[3]. | test.c:188:3:191:18 | _Generic | | -| test.c:200:3:200:47 | _Generic | Generic matched default selection, as controlling argument type void * does not undergo pointer conversion to int *. | test.c:200:3:200:47 | _Generic | | -| test.c:201:3:201:47 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to void *. | test.c:201:3:201:47 | _Generic | | -| test.c:215:3:215:44 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const int *. | test.c:215:3:215:44 | _Generic | | -| test.c:216:3:216:46 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const int_t *. | test.c:216:3:216:46 | _Generic | | -| test.c:217:3:217:42 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to c_int_t *. | test.c:217:3:217:42 | _Generic | | -| test.c:221:3:221:45 | _Generic | Generic matched default selection, as controlling argument type int_t * does not undergo pointer conversion to const int *. | test.c:221:3:221:45 | _Generic | | -| test.c:222:3:222:47 | _Generic | Generic matched default selection, as controlling argument type int_t * does not undergo pointer conversion to const int_t *. | test.c:222:3:222:47 | _Generic | | -| test.c:223:3:223:43 | _Generic | Generic matched default selection, as controlling argument type int_t * does not undergo pointer conversion to c_int_t *. | test.c:223:3:223:43 | _Generic | | -| test.c:225:3:225:38 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to int *. | test.c:225:3:225:38 | _Generic | | -| test.c:226:3:226:40 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to int_t *. | test.c:226:3:226:40 | _Generic | | -| test.c:231:3:231:39 | _Generic | Generic matched default selection, as controlling argument type c_int_t * does not undergo pointer conversion to int *. | test.c:231:3:231:39 | _Generic | | -| test.c:232:3:232:41 | _Generic | Generic matched default selection, as controlling argument type c_int_t * does not undergo pointer conversion to int_t *. | test.c:232:3:232:41 | _Generic | | +| test.c:41:3:41:46 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const int *. | test.c:41:3:41:46 | _Generic | | +| test.c:42:3:42:49 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to volatile int *. | test.c:42:3:42:49 | _Generic | | +| test.c:43:3:43:55 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const volatile int *. | test.c:43:3:43:55 | _Generic | | +| test.c:44:3:44:41 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to void *. | test.c:44:3:44:41 | _Generic | | +| test.c:45:3:45:47 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const void *. | test.c:45:3:45:47 | _Generic | | +| test.c:46:3:46:56 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const volatile void *. | test.c:46:3:46:56 | _Generic | | +| test.c:48:3:48:40 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to int *. | test.c:48:3:48:40 | _Generic | | +| test.c:50:3:50:41 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to void *. | test.c:50:3:50:41 | _Generic | | +| test.c:51:3:51:47 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to const void *. | test.c:51:3:51:47 | _Generic | | +| test.c:52:3:52:56 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to const volatile void *. | test.c:52:3:52:56 | _Generic | | +| test.c:57:3:57:55 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to const volatile int *. | test.c:57:3:57:55 | _Generic | | +| test.c:59:3:59:40 | _Generic | Generic matched default selection, as controlling argument type volatile int * does not undergo pointer conversion to int *. | test.c:59:3:59:40 | _Generic | | +| test.c:61:3:61:55 | _Generic | Generic matched default selection, as controlling argument type volatile int * does not undergo pointer conversion to const volatile int *. | test.c:61:3:61:55 | _Generic | | +| test.c:62:3:62:41 | _Generic | Generic matched default selection, as controlling argument type volatile int * does not undergo pointer conversion to void *. | test.c:62:3:62:41 | _Generic | | +| test.c:63:3:63:56 | _Generic | Generic matched default selection, as controlling argument type volatile int * does not undergo pointer conversion to const volatile void *. | test.c:63:3:63:56 | _Generic | | +| test.c:69:3:69:40 | _Generic | Generic matched default selection, as controlling argument type const volatile int * does not undergo pointer conversion to int *. | test.c:69:3:69:40 | _Generic | | +| test.c:70:3:70:46 | _Generic | Generic matched default selection, as controlling argument type const volatile int * does not undergo pointer conversion to const int *. | test.c:70:3:70:46 | _Generic | | +| test.c:71:3:71:49 | _Generic | Generic matched default selection, as controlling argument type const volatile int * does not undergo pointer conversion to volatile int *. | test.c:71:3:71:49 | _Generic | | +| test.c:73:3:73:41 | _Generic | Generic matched default selection, as controlling argument type const volatile int * does not undergo pointer conversion to void *. | test.c:73:3:73:41 | _Generic | | +| test.c:74:3:74:47 | _Generic | Generic matched default selection, as controlling argument type const volatile int * does not undergo pointer conversion to const void *. | test.c:74:3:74:47 | _Generic | | +| test.c:75:3:75:56 | _Generic | Generic matched default selection, as controlling argument type const volatile int * does not undergo pointer conversion to const volatile void *. | test.c:75:3:75:56 | _Generic | | +| test.c:77:3:77:40 | _Generic | Generic matched default selection, as controlling argument type void * does not undergo pointer conversion to int *. | test.c:77:3:77:40 | _Generic | | +| test.c:78:3:78:46 | _Generic | Generic matched default selection, as controlling argument type void * does not undergo pointer conversion to const int *. | test.c:78:3:78:46 | _Generic | | +| test.c:79:3:79:49 | _Generic | Generic matched default selection, as controlling argument type void * does not undergo pointer conversion to volatile int *. | test.c:79:3:79:49 | _Generic | | +| test.c:80:3:80:55 | _Generic | Generic matched default selection, as controlling argument type void * does not undergo pointer conversion to const volatile int *. | test.c:80:3:80:55 | _Generic | | +| test.c:82:3:82:47 | _Generic | Generic matched default selection, as controlling argument type void * does not undergo pointer conversion to const void *. | test.c:82:3:82:47 | _Generic | | +| test.c:83:3:83:56 | _Generic | Generic matched default selection, as controlling argument type void * does not undergo pointer conversion to const volatile void *. | test.c:83:3:83:56 | _Generic | | +| test.c:85:3:85:40 | _Generic | Generic matched default selection, as controlling argument type const void * does not undergo pointer conversion to int *. | test.c:85:3:85:40 | _Generic | | +| test.c:86:3:86:46 | _Generic | Generic matched default selection, as controlling argument type const void * does not undergo pointer conversion to const int *. | test.c:86:3:86:46 | _Generic | | +| test.c:87:3:87:55 | _Generic | Generic matched default selection, as controlling argument type const void * does not undergo pointer conversion to const volatile int *. | test.c:87:3:87:55 | _Generic | | +| test.c:88:3:88:41 | _Generic | Generic matched default selection, as controlling argument type const void * does not undergo pointer conversion to void *. | test.c:88:3:88:41 | _Generic | | +| test.c:90:3:90:56 | _Generic | Generic matched default selection, as controlling argument type const void * does not undergo pointer conversion to const volatile void *. | test.c:90:3:90:56 | _Generic | | +| test.c:94:3:94:40 | _Generic | Generic matched default selection, as controlling argument type const volatile void * does not undergo pointer conversion to int *. | test.c:94:3:94:40 | _Generic | | +| test.c:95:3:95:46 | _Generic | Generic matched default selection, as controlling argument type const volatile void * does not undergo pointer conversion to const int *. | test.c:95:3:95:46 | _Generic | | +| test.c:96:3:96:49 | _Generic | Generic matched default selection, as controlling argument type const volatile void * does not undergo pointer conversion to volatile int *. | test.c:96:3:96:49 | _Generic | | +| test.c:97:3:97:55 | _Generic | Generic matched default selection, as controlling argument type const volatile void * does not undergo pointer conversion to const volatile int *. | test.c:97:3:97:55 | _Generic | | +| test.c:98:3:98:41 | _Generic | Generic matched default selection, as controlling argument type const volatile void * does not undergo pointer conversion to void *. | test.c:98:3:98:41 | _Generic | | +| test.c:99:3:99:47 | _Generic | Generic matched default selection, as controlling argument type const volatile void * does not undergo pointer conversion to const void *. | test.c:99:3:99:47 | _Generic | | +| test.c:119:3:119:47 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const int *. | test.c:119:3:119:47 | _Generic | | +| test.c:120:3:120:50 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to volatile int *. | test.c:120:3:120:50 | _Generic | | +| test.c:121:3:121:56 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const volatile int *. | test.c:121:3:121:56 | _Generic | | +| test.c:122:3:122:42 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to void *. | test.c:122:3:122:42 | _Generic | | +| test.c:123:3:123:48 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const void *. | test.c:123:3:123:48 | _Generic | | +| test.c:124:3:124:57 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const volatile void *. | test.c:124:3:124:57 | _Generic | | +| test.c:126:3:126:41 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to int *. | test.c:126:3:126:41 | _Generic | | +| test.c:128:3:128:42 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to void *. | test.c:128:3:128:42 | _Generic | | +| test.c:129:3:129:48 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to const void *. | test.c:129:3:129:48 | _Generic | | +| test.c:130:3:130:57 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to const volatile void *. | test.c:130:3:130:57 | _Generic | | +| test.c:135:3:135:56 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to const volatile int *. | test.c:135:3:135:56 | _Generic | | +| test.c:137:3:137:41 | _Generic | Generic matched default selection, as controlling argument type volatile int * does not undergo pointer conversion to int *. | test.c:137:3:137:41 | _Generic | | +| test.c:139:3:139:56 | _Generic | Generic matched default selection, as controlling argument type volatile int * does not undergo pointer conversion to const volatile int *. | test.c:139:3:139:56 | _Generic | | +| test.c:140:3:140:42 | _Generic | Generic matched default selection, as controlling argument type volatile int * does not undergo pointer conversion to void *. | test.c:140:3:140:42 | _Generic | | +| test.c:141:3:141:57 | _Generic | Generic matched default selection, as controlling argument type volatile int * does not undergo pointer conversion to const volatile void *. | test.c:141:3:141:57 | _Generic | | +| test.c:147:3:147:41 | _Generic | Generic matched default selection, as controlling argument type const volatile int * does not undergo pointer conversion to int *. | test.c:147:3:147:41 | _Generic | | +| test.c:148:3:148:47 | _Generic | Generic matched default selection, as controlling argument type const volatile int * does not undergo pointer conversion to const int *. | test.c:148:3:148:47 | _Generic | | +| test.c:149:3:149:50 | _Generic | Generic matched default selection, as controlling argument type const volatile int * does not undergo pointer conversion to volatile int *. | test.c:149:3:149:50 | _Generic | | +| test.c:151:3:151:42 | _Generic | Generic matched default selection, as controlling argument type const volatile int * does not undergo pointer conversion to void *. | test.c:151:3:151:42 | _Generic | | +| test.c:152:3:152:48 | _Generic | Generic matched default selection, as controlling argument type const volatile int * does not undergo pointer conversion to const void *. | test.c:152:3:152:48 | _Generic | | +| test.c:153:3:153:57 | _Generic | Generic matched default selection, as controlling argument type const volatile int * does not undergo pointer conversion to const volatile void *. | test.c:153:3:153:57 | _Generic | | +| test.c:156:3:156:47 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const int *. | test.c:156:3:156:47 | _Generic | | +| test.c:157:3:157:50 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to volatile int *. | test.c:157:3:157:50 | _Generic | | +| test.c:158:3:158:56 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const volatile int *. | test.c:158:3:158:56 | _Generic | | +| test.c:159:3:159:42 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to void *. | test.c:159:3:159:42 | _Generic | | +| test.c:160:3:160:48 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const void *. | test.c:160:3:160:48 | _Generic | | +| test.c:161:3:161:57 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const volatile void *. | test.c:161:3:161:57 | _Generic | | +| test.c:163:3:163:41 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to int *. | test.c:163:3:163:41 | _Generic | | +| test.c:165:3:165:42 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to void *. | test.c:165:3:165:42 | _Generic | | +| test.c:166:3:166:48 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to const void *. | test.c:166:3:166:48 | _Generic | | +| test.c:167:3:167:57 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to const volatile void *. | test.c:167:3:167:57 | _Generic | | +| test.c:172:3:172:56 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to const volatile int *. | test.c:172:3:172:56 | _Generic | | +| test.c:180:3:180:50 | _Generic | Generic matched default selection, as controlling argument type int(*)[3] does not undergo pointer conversion to int(*const)[3]. | test.c:180:3:180:50 | _Generic | | +| test.c:188:3:192:16 | _Generic | Generic matched default selection, as controlling argument type int(*)[3] does not undergo pointer conversion to int(*const)[3]. | test.c:188:3:192:16 | _Generic | | +| test.c:201:3:201:49 | _Generic | Generic matched default selection, as controlling argument type void * does not undergo pointer conversion to int *. | test.c:201:3:201:49 | _Generic | | +| test.c:202:3:202:49 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to void *. | test.c:202:3:202:49 | _Generic | | +| test.c:216:3:216:46 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const int *. | test.c:216:3:216:46 | _Generic | | +| test.c:217:3:217:48 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to const int_t *. | test.c:217:3:217:48 | _Generic | | +| test.c:218:3:218:44 | _Generic | Generic matched default selection, as controlling argument type int * does not undergo pointer conversion to c_int_t *. | test.c:218:3:218:44 | _Generic | | +| test.c:222:3:222:47 | _Generic | Generic matched default selection, as controlling argument type int_t * does not undergo pointer conversion to const int *. | test.c:222:3:222:47 | _Generic | | +| test.c:223:3:223:49 | _Generic | Generic matched default selection, as controlling argument type int_t * does not undergo pointer conversion to const int_t *. | test.c:223:3:223:49 | _Generic | | +| test.c:224:3:224:45 | _Generic | Generic matched default selection, as controlling argument type int_t * does not undergo pointer conversion to c_int_t *. | test.c:224:3:224:45 | _Generic | | +| test.c:226:3:226:40 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to int *. | test.c:226:3:226:40 | _Generic | | +| test.c:227:3:227:42 | _Generic | Generic matched default selection, as controlling argument type const int * does not undergo pointer conversion to int_t *. | test.c:227:3:227:42 | _Generic | | +| test.c:232:3:232:41 | _Generic | Generic matched default selection, as controlling argument type c_int_t * does not undergo pointer conversion to int *. | test.c:232:3:232:41 | _Generic | | +| test.c:233:3:233:43 | _Generic | Generic matched default selection, as controlling argument type c_int_t * does not undergo pointer conversion to int_t *. | test.c:233:3:233:43 | _Generic | | diff --git a/c/misra/test/rules/RULE-23-6/GenericExpressionWithIncorrectEssentialType.expected b/c/misra/test/rules/RULE-23-6/GenericExpressionWithIncorrectEssentialType.expected index 1cdcc82698..4f02d039ce 100644 --- a/c/misra/test/rules/RULE-23-6/GenericExpressionWithIncorrectEssentialType.expected +++ b/c/misra/test/rules/RULE-23-6/GenericExpressionWithIncorrectEssentialType.expected @@ -1,4 +1,4 @@ -| test.c:11:3:11:8 | _Generic | Controlling expression in generic macro $@ has standard type (unnamed enum), which doesn't match its essential type (unnamed enum). | test.c:6:1:6:71 | #define M1(X) _Generic((X), int: 1, unsigned int: 1, short: 2, long: 3) | M1 | -| test.c:15:3:15:13 | _Generic | Controlling expression in generic macro $@ has standard type int, which doesn't match its essential type short. | test.c:6:1:6:71 | #define M1(X) _Generic((X), int: 1, unsigned int: 1, short: 2, long: 3) | M1 | -| test.c:18:3:18:23 | _Generic | Controlling expression in generic has standard type int, which doesn't match its essential type char. | test.c:18:3:18:23 | _Generic | | -| test.c:19:3:19:53 | _Generic | Controlling expression in generic has standard type int, which doesn't match its essential type short. | test.c:19:3:19:53 | _Generic | | +| test.c:11:3:11:8 | _Generic | Controlling expression in generic macro $@ has standard type (unnamed enum), which doesn't match its essential type (unnamed enum). | test.c:6:1:6:75 | #define M1(X) _Generic((X), int : 1, unsigned int : 1, short : 2, long : 3) | M1 | +| test.c:15:3:15:13 | _Generic | Controlling expression in generic macro $@ has standard type int, which doesn't match its essential type short. | test.c:6:1:6:75 | #define M1(X) _Generic((X), int : 1, unsigned int : 1, short : 2, long : 3) | M1 | +| test.c:18:3:18:24 | _Generic | Controlling expression in generic has standard type int, which doesn't match its essential type char. | test.c:18:3:18:24 | _Generic | | +| test.c:19:3:19:55 | _Generic | Controlling expression in generic has standard type int, which doesn't match its essential type short. | test.c:19:3:19:55 | _Generic | | diff --git a/c/misra/test/rules/RULE-23-7/InvalidGenericMacroArgumentEvaluation.expected b/c/misra/test/rules/RULE-23-7/InvalidGenericMacroArgumentEvaluation.expected index 57eecd6be8..47a8acce92 100644 --- a/c/misra/test/rules/RULE-23-7/InvalidGenericMacroArgumentEvaluation.expected +++ b/c/misra/test/rules/RULE-23-7/InvalidGenericMacroArgumentEvaluation.expected @@ -1,12 +1,12 @@ -| test.c:9:1:9:51 | #define M3(X) _Generic((X), int: f1(X), default: 0) | Generic macro M3 may have unexpected behavior from side effects in parameter X, as it is not expanded in generic selection 2. | -| test.c:10:1:10:61 | #define M4(X) (X) + _Generic((X), int: f1(X), default: f1(X)) | Generic macro M4 may have unexpected behavior from side effects in parameter X, as it is expanded outside the generic selection and inside the generic selection. | -| test.c:11:1:11:61 | #define M5(X) _Generic((X), int: f1(X), default: f1(X)) + (X) | Generic macro M5 may have unexpected behavior from side effects in parameter X, as it is expanded outside the generic selection and inside the generic selection. | -| test.c:12:1:12:63 | #define M6(X) _Generic((X), int: f1((X) + (X)), default: f1(X)) | Generic macro M6 may have unexpected behavior from side effects in parameter X, as it is expanded in generic selection 1 more than once. | -| test.c:21:1:21:36 | #define M9(X) _Generic((X), int: f1) | Generic macro M9 may have unexpected behavior from side effects in parameter X, as it is not expanded in generic selection 1. | -| test.c:23:1:23:40 | #define M10(X) _Generic((X), int: f1(1)) | Generic macro M10 may have unexpected behavior from side effects in parameter X, as it is not expanded in generic selection 1. | -| test.c:32:1:32:58 | #define M12(X) _Generic((X) + (X), int: f1(X), default: 1) | Generic macro M12 may have unexpected behavior from side effects in parameter X, as it is not expanded in generic selection 2. | -| test.c:33:1:33:68 | #define M13(X) _Generic((X) + (X), int: f1(X), default: f1(X)) + (X) | Generic macro M13 may have unexpected behavior from side effects in parameter X, as it is expanded outside the generic selection and inside the generic selection. | -| test.c:43:1:43:77 | #define M17(X,Y) _Generic((X) + (Y), int: f2((X), (Y)), default: f2((X), 1)) | Generic macro M17 may have unexpected behavior from side effects in parameter Y, as it is not expanded in generic selection 2. | -| test.c:67:1:67:78 | #define M26(X) _Generic((X), int: IGNORE_2ND(X, X), default: IGNORE_2ND(X, X)) | Generic macro M26 may have unexpected behavior from side effects in parameter X, as it is expanded in generic selection 1 more than once. | -| test.c:67:1:67:78 | #define M26(X) _Generic((X), int: IGNORE_2ND(X, X), default: IGNORE_2ND(X, X)) | Generic macro M26 may have unexpected behavior from side effects in parameter X, as it is expanded in generic selection 2 more than once. | -| test.c:68:1:68:75 | #define M27(X) _Generic((X), int: f1(IGNORE(X)), default: f1(IGNORE(X)))(X) | Generic macro M27 may have unexpected behavior from side effects in parameter X, as it is expanded outside the generic selection and inside the generic selection. | +| test.c:9:1:9:53 | #define M3(X) _Generic((X), int : f1(X), default : 0) | Generic macro M3 may have unexpected behavior from side effects in parameter X, as it is not expanded in generic selection 2. | +| test.c:10:1:10:63 | #define M4(X) (X) + _Generic((X), int : f1(X), default : f1(X)) | Generic macro M4 may have unexpected behavior from side effects in parameter X, as it is expanded outside the generic selection and inside the generic selection. | +| test.c:11:1:11:63 | #define M5(X) _Generic((X), int : f1(X), default : f1(X)) + (X) | Generic macro M5 may have unexpected behavior from side effects in parameter X, as it is expanded outside the generic selection and inside the generic selection. | +| test.c:12:1:12:65 | #define M6(X) _Generic((X), int : f1((X) + (X)), default : f1(X)) | Generic macro M6 may have unexpected behavior from side effects in parameter X, as it is expanded in generic selection 1 more than once. | +| test.c:21:1:21:37 | #define M9(X) _Generic((X), int : f1) | Generic macro M9 may have unexpected behavior from side effects in parameter X, as it is not expanded in generic selection 1. | +| test.c:23:1:23:41 | #define M10(X) _Generic((X), int : f1(1)) | Generic macro M10 may have unexpected behavior from side effects in parameter X, as it is not expanded in generic selection 1. | +| test.c:32:1:32:60 | #define M12(X) _Generic((X) + (X), int : f1(X), default : 1) | Generic macro M12 may have unexpected behavior from side effects in parameter X, as it is not expanded in generic selection 2. | +| test.c:33:1:33:70 | #define M13(X) _Generic((X) + (X), int : f1(X), default : f1(X)) + (X) | Generic macro M13 may have unexpected behavior from side effects in parameter X, as it is expanded outside the generic selection and inside the generic selection. | +| test.c:43:1:43:79 | #define M17(X,Y) _Generic((X) + (Y), int : f2((X), (Y)), default : f2((X), 1)) | Generic macro M17 may have unexpected behavior from side effects in parameter Y, as it is not expanded in generic selection 2. | +| test.c:68:1:68:80 | #define M26(X) _Generic((X), int : IGNORE_2ND(X, X), default : IGNORE_2ND(X, X)) | Generic macro M26 may have unexpected behavior from side effects in parameter X, as it is expanded in generic selection 1 more than once. | +| test.c:68:1:68:80 | #define M26(X) _Generic((X), int : IGNORE_2ND(X, X), default : IGNORE_2ND(X, X)) | Generic macro M26 may have unexpected behavior from side effects in parameter X, as it is expanded in generic selection 2 more than once. | +| test.c:69:1:69:77 | #define M27(X) _Generic((X), int : f1(IGNORE(X)), default : f1(IGNORE(X)))(X) | Generic macro M27 may have unexpected behavior from side effects in parameter X, as it is expanded outside the generic selection and inside the generic selection. | diff --git a/c/misra/test/rules/RULE-23-8/DefaultGenericSelectionNotFirstOrLast.expected b/c/misra/test/rules/RULE-23-8/DefaultGenericSelectionNotFirstOrLast.expected index 5951834d00..fb407e2ff1 100644 --- a/c/misra/test/rules/RULE-23-8/DefaultGenericSelectionNotFirstOrLast.expected +++ b/c/misra/test/rules/RULE-23-8/DefaultGenericSelectionNotFirstOrLast.expected @@ -1,4 +1,4 @@ -| test.c:11:1:11:64 | #define M4(X) _Generic((X), int: 1, default: 0, unsigned int: 2) | Generic macro M4 has default as 2nd association, which is not first or last. | test.c:11:1:11:64 | #define M4(X) _Generic((X), int: 1, default: 0, unsigned int: 2) | (ignored) | -| test.c:17:1:17:60 | #define M5(__VA_ARGS__...) _Generic(0, __VA_ARGS__, default: 0, int: 1) | Generic macro M5 has a default association which is not first or last, for example $@. | test.c:28:5:28:23 | _Generic | 2nd | -| test.c:34:5:34:27 | M6(__VA_ARGS__...) | Generic macro $@, in this expansion, has default as 2nd association, which is not first or last. | test.c:19:1:19:48 | #define M6(__VA_ARGS__...) _Generic(0, __VA_ARGS__, int: 1) | M6 | -| test.c:44:5:44:52 | _Generic | Generic has default as 2nd association, which is not first or last. | test.c:44:5:44:52 | _Generic | | +| test.c:11:1:11:67 | #define M4(X) _Generic((X), int : 1, default : 0, unsigned int : 2) | Generic macro M4 has default as 2nd association, which is not first or last. | test.c:11:1:11:67 | #define M4(X) _Generic((X), int : 1, default : 0, unsigned int : 2) | (ignored) | +| test.c:17:1:17:62 | #define M5(__VA_ARGS__...) _Generic(0, __VA_ARGS__, default : 0, int : 1) | Generic macro M5 has a default association which is not first or last, for example $@. | test.c:30:3:30:22 | _Generic | 2nd | +| test.c:37:3:37:27 | M6(__VA_ARGS__...) | Generic macro $@, in this expansion, has default as 2nd association, which is not first or last. | test.c:19:1:19:49 | #define M6(__VA_ARGS__...) _Generic(0, __VA_ARGS__, int : 1) | M6 | +| test.c:48:3:48:53 | _Generic | Generic has default as 2nd association, which is not first or last. | test.c:48:3:48:53 | _Generic | | From a1142f3b4ef9e4768f5ffa5ea13025c92dcf2bf2 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Wed, 12 Mar 2025 11:38:15 -0700 Subject: [PATCH 2453/2573] reformat (and reformat generic with clang-format 11) --- .../rules/RULE-21-12/ExceptionHandlingFeaturesOfFenvhUsed.ql | 3 ++- c/misra/test/rules/DIR-4-9/test.c | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/c/misra/src/rules/RULE-21-12/ExceptionHandlingFeaturesOfFenvhUsed.ql b/c/misra/src/rules/RULE-21-12/ExceptionHandlingFeaturesOfFenvhUsed.ql index c70e71ea1a..b8d17de8aa 100644 --- a/c/misra/src/rules/RULE-21-12/ExceptionHandlingFeaturesOfFenvhUsed.ql +++ b/c/misra/src/rules/RULE-21-12/ExceptionHandlingFeaturesOfFenvhUsed.ql @@ -56,7 +56,8 @@ where name = m.getName() and message = "Expansion of banned macro" and // Exclude macro invocations expanded from other macro invocations from macros in fenv.h. - not element.(MacroInvocation).getParentInvocation().getMacro().getFile().getBaseName() = "fenv.h" + not element.(MacroInvocation).getParentInvocation().getMacro().getFile().getBaseName() = + "fenv.h" ) ) select element, message + " '" + name + "'." diff --git a/c/misra/test/rules/DIR-4-9/test.c b/c/misra/test/rules/DIR-4-9/test.c index c91e1a15a2..304c4bd004 100644 --- a/c/misra/test/rules/DIR-4-9/test.c +++ b/c/misra/test/rules/DIR-4-9/test.c @@ -10,7 +10,7 @@ #define MACRO8(x) "NOP" // COMPLIANT #define MACRO9() printf_custom("output = %d", 7) // NON_COMPLIANT #define MACRO10(x) // COMPLIANT -#define MACRO11(x) _Generic((x), int: 1, default: 0) // COMPLIANT +#define MACRO11(x) _Generic((x), int : 1, default : 0) // COMPLIANT #define MY_ASSERT(X) assert(X) // NON_COMPLIANT[FALSE_NEGATIVE] const char a1[MACRO2(1, 1) + 6]; From fd9fc0daf28ef5d8ecae6e065f25729ce2bbb2b5 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Wed, 12 Mar 2025 11:41:17 -0700 Subject: [PATCH 2454/2573] format IrreplaceableFunctionLikeMacro.qll --- .../codingstandards/cpp/IrreplaceableFunctionLikeMacro.qll | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/IrreplaceableFunctionLikeMacro.qll b/cpp/common/src/codingstandards/cpp/IrreplaceableFunctionLikeMacro.qll index e3d6df7e50..8daf129622 100644 --- a/cpp/common/src/codingstandards/cpp/IrreplaceableFunctionLikeMacro.qll +++ b/cpp/common/src/codingstandards/cpp/IrreplaceableFunctionLikeMacro.qll @@ -58,7 +58,5 @@ private class FunctionLikeMacroWithOperatorArgument extends IrreplaceableFunctio } private class GenericMacro extends IrreplaceableFunctionLikeMacro { - GenericMacro() { - getBody().matches("%_Generic%") - } -} \ No newline at end of file + GenericMacro() { getBody().matches("%_Generic%") } +} From fbbb19d74d534f680989888ac887f13b295b46f4 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Wed, 12 Mar 2025 11:44:17 -0700 Subject: [PATCH 2455/2573] Readd removed newline --- .../DoNotCopyAddressOfAutoStorageObjectToOtherObject.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/donotcopyaddressofautostorageobjecttootherobject/DoNotCopyAddressOfAutoStorageObjectToOtherObject.qll b/cpp/common/src/codingstandards/cpp/rules/donotcopyaddressofautostorageobjecttootherobject/DoNotCopyAddressOfAutoStorageObjectToOtherObject.qll index 214f8e9aba..1b22fd5c3b 100644 --- a/cpp/common/src/codingstandards/cpp/rules/donotcopyaddressofautostorageobjecttootherobject/DoNotCopyAddressOfAutoStorageObjectToOtherObject.qll +++ b/cpp/common/src/codingstandards/cpp/rules/donotcopyaddressofautostorageobjecttootherobject/DoNotCopyAddressOfAutoStorageObjectToOtherObject.qll @@ -54,4 +54,4 @@ query predicate problems(Expr use, string message, Expr source, string srcStr) { srcStr = "parameter" ) ) -} \ No newline at end of file +} From 855310353f8f206cf0134c16d1b2b0a7852fad1c Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Wed, 12 Mar 2025 12:47:47 -0700 Subject: [PATCH 2456/2573] regenerate query metadata --- .../RULE-22-15/ThreadResourceDisposedBeforeThreadsJoined.ql | 2 +- .../rules/RULE-22-18/NonRecursiveMutexRecursivelyLockedAudit.ql | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/c/misra/src/rules/RULE-22-15/ThreadResourceDisposedBeforeThreadsJoined.ql b/c/misra/src/rules/RULE-22-15/ThreadResourceDisposedBeforeThreadsJoined.ql index 966b948d81..ec4631ef1b 100644 --- a/c/misra/src/rules/RULE-22-15/ThreadResourceDisposedBeforeThreadsJoined.ql +++ b/c/misra/src/rules/RULE-22-15/ThreadResourceDisposedBeforeThreadsJoined.ql @@ -2,7 +2,7 @@ * @id c/misra/thread-resource-disposed-before-threads-joined * @name RULE-22-15: Thread synchronization objects and thread-specific storage pointers shall not be disposed unsafely * @description Thread synchronization objects and thread-specific storage pointers shall not be - * destroyed until after all threads accessing them have terminated + * destroyed until after all threads accessing them have terminated. * @kind problem * @precision medium * @problem.severity error diff --git a/c/misra/src/rules/RULE-22-18/NonRecursiveMutexRecursivelyLockedAudit.ql b/c/misra/src/rules/RULE-22-18/NonRecursiveMutexRecursivelyLockedAudit.ql index 5b848f9e1e..4b70a21527 100644 --- a/c/misra/src/rules/RULE-22-18/NonRecursiveMutexRecursivelyLockedAudit.ql +++ b/c/misra/src/rules/RULE-22-18/NonRecursiveMutexRecursivelyLockedAudit.ql @@ -10,7 +10,7 @@ * correctness * concurrency * external/misra/c/2012/amendment4 - * audit + * external/misra/audit * external/misra/obligation/required */ From 433b887be461f785761ad1de2510d0f1f25363eb Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Wed, 12 Mar 2025 16:15:38 -0700 Subject: [PATCH 2457/2573] Address feedback --- c/misra/src/rules/RULE-13-2/UnsequencedAtomicReads.ql | 1 - rule_packages/c/SideEffects3.json | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/c/misra/src/rules/RULE-13-2/UnsequencedAtomicReads.ql b/c/misra/src/rules/RULE-13-2/UnsequencedAtomicReads.ql index 68f00be15f..c7fdde4539 100644 --- a/c/misra/src/rules/RULE-13-2/UnsequencedAtomicReads.ql +++ b/c/misra/src/rules/RULE-13-2/UnsequencedAtomicReads.ql @@ -37,7 +37,6 @@ class AtomicAccessInFullExpressionOrdering extends Ordering::Configuration { * Note, it may be accessed directly, or by passing its address into the std atomic functions. */ class AtomicVariableAccess extends VariableAccess { - pragma[noinline] AtomicVariableAccess() { getTarget().getType().hasSpecifier("atomic") } /* Get the `atomic_()` call this VarAccess occurs in. */ diff --git a/rule_packages/c/SideEffects3.json b/rule_packages/c/SideEffects3.json index 369f5db9ee..1ff29ec166 100644 --- a/rule_packages/c/SideEffects3.json +++ b/rule_packages/c/SideEffects3.json @@ -20,7 +20,7 @@ { "description": "The value of an atomic variable shall not depend on evaluation order and interleaving of threads.", "kind": "problem", - "name": "The value of an atomic variable depend on its evaluation order and interleave of threads", + "name": "The value of an atomic variable shall not depend on the evaluation order of interleaved threads", "precision": "very-high", "severity": "error", "short_name": "UnsequencedAtomicReads", From 79a1ca36b2295694857f3dacfc66297da6e8e943 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Wed, 12 Mar 2025 16:22:33 -0700 Subject: [PATCH 2458/2573] Regenerate query metadata --- c/misra/src/rules/RULE-13-2/UnsequencedAtomicReads.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/misra/src/rules/RULE-13-2/UnsequencedAtomicReads.ql b/c/misra/src/rules/RULE-13-2/UnsequencedAtomicReads.ql index c7fdde4539..b5e17fc934 100644 --- a/c/misra/src/rules/RULE-13-2/UnsequencedAtomicReads.ql +++ b/c/misra/src/rules/RULE-13-2/UnsequencedAtomicReads.ql @@ -1,6 +1,6 @@ /** * @id c/misra/unsequenced-atomic-reads - * @name RULE-13-2: The value of an atomic variable depend on its evaluation order and interleave of threads + * @name RULE-13-2: The value of an atomic variable shall not depend on the evaluation order of interleaved threads * @description The value of an atomic variable shall not depend on evaluation order and * interleaving of threads. * @kind problem From d70ea29a5e31cca97e6a2600fa994e4b5cc13bd0 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Wed, 12 Mar 2025 17:35:21 -0700 Subject: [PATCH 2459/2573] Address feedback --- .../AtomicQualifierAppliedToVoid.ql | 31 +++++++++++++++---- .../AtomicQualifierAppliedToVoid.expected | 5 +++ c/misra/test/rules/RULE-11-10/test.c | 12 ++++++- 3 files changed, 41 insertions(+), 7 deletions(-) diff --git a/c/misra/src/rules/RULE-11-10/AtomicQualifierAppliedToVoid.ql b/c/misra/src/rules/RULE-11-10/AtomicQualifierAppliedToVoid.ql index d867241518..6440e84070 100644 --- a/c/misra/src/rules/RULE-11-10/AtomicQualifierAppliedToVoid.ql +++ b/c/misra/src/rules/RULE-11-10/AtomicQualifierAppliedToVoid.ql @@ -23,14 +23,33 @@ class AtomicVoidType extends Type { } } -Type getNestedType(Type root) { - result = root +predicate usesAtomicVoid(Type root) { + root instanceof AtomicVoidType or - exists(DerivedType derived | derived = root | result = getNestedType(derived.getBaseType())) + usesAtomicVoid(root.(DerivedType).getBaseType()) + or + usesAtomicVoid(root.(RoutineType).getReturnType()) + or + usesAtomicVoid(root.(RoutineType).getAParameterType()) + or + usesAtomicVoid(root.(FunctionPointerType).getReturnType()) + or + usesAtomicVoid(root.(FunctionPointerType).getAParameterType()) + or + usesAtomicVoid(root.(TypedefType).getBaseType()) +} + +class ExplicitType extends Type { + Element getDeclaration(string description) { + result.(DeclarationEntry).getType() = this and description = result.(DeclarationEntry).getName() + or + result.(CStyleCast).getType() = this and description = "Cast" + } } -from DeclarationEntry decl, AtomicVoidType atomicVoid +from Element decl, ExplicitType explicitType, string elementDescription where not isExcluded(decl, Declarations9Package::atomicQualifierAppliedToVoidQuery()) and - atomicVoid = getNestedType(decl.getType()) -select decl, decl.getName() + " declared with an atomic void type." + decl = explicitType.getDeclaration(elementDescription) and + usesAtomicVoid(explicitType) +select decl, elementDescription + " declared with an atomic void type." diff --git a/c/misra/test/rules/RULE-11-10/AtomicQualifierAppliedToVoid.expected b/c/misra/test/rules/RULE-11-10/AtomicQualifierAppliedToVoid.expected index e3a6746ae7..d38aac6455 100644 --- a/c/misra/test/rules/RULE-11-10/AtomicQualifierAppliedToVoid.expected +++ b/c/misra/test/rules/RULE-11-10/AtomicQualifierAppliedToVoid.expected @@ -1,3 +1,8 @@ | test.c:3:15:3:16 | definition of g3 | g3 declared with an atomic void type. | | test.c:10:17:10:18 | definition of m3 | m3 declared with an atomic void type. | | test.c:15:22:15:23 | definition of p2 | p2 declared with an atomic void type. | +| test.c:20:23:20:24 | declaration of f2 | f2 declared with an atomic void type. | +| test.c:21:25:21:26 | declaration of f3 | f3 declared with an atomic void type. | +| test.c:22:14:22:15 | declaration of f4 | f4 declared with an atomic void type. | +| test.c:23:16:23:17 | declaration of f5 | f5 declared with an atomic void type. | +| test.c:27:3:27:19 | (_Atomic(void) *)... | Cast declared with an atomic void type. | diff --git a/c/misra/test/rules/RULE-11-10/test.c b/c/misra/test/rules/RULE-11-10/test.c index e030345dde..cd95891865 100644 --- a/c/misra/test/rules/RULE-11-10/test.c +++ b/c/misra/test/rules/RULE-11-10/test.c @@ -15,4 +15,14 @@ void f(_Atomic int p1, // COMPLIANT _Atomic void *p2 // NON_COMPLIANT // _Atomic void p3[] // doesn't compile, even though it perhaps should as // it is adjusted to void*. -) {} \ No newline at end of file +) {} + +typedef _Atomic void *f2(void); // NON_COMPLIANT +typedef _Atomic void *(*f3)(void); // NON_COMPLIANT +typedef void f4(_Atomic void *); // NON_COMPLIANT +typedef void (*f5)(_Atomic void *); // NON_COMPLIANT + +void f6() { + (void *)0; // COMPLIANT + (_Atomic void *)0; // NON_COMPLIANT +} \ No newline at end of file From db1061ecdaf9c55c5c324c50a4a4c47b92050332 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 13 Mar 2025 10:06:12 -0700 Subject: [PATCH 2460/2573] Update codeql warning source location expectations --- .../test/rules/RULE-13-2/UnsequencedAtomicReads.expected | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/c/misra/test/rules/RULE-13-2/UnsequencedAtomicReads.expected b/c/misra/test/rules/RULE-13-2/UnsequencedAtomicReads.expected index 2231a83735..897dd68f30 100644 --- a/c/misra/test/rules/RULE-13-2/UnsequencedAtomicReads.expected +++ b/c/misra/test/rules/RULE-13-2/UnsequencedAtomicReads.expected @@ -1,5 +1,5 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (UnsequencedAtomicReads.ql:87,31-39) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (UnsequencedAtomicReads.ql:87,67-75) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (UnsequencedAtomicReads.ql:87,5-18) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (UnsequencedAtomicReads.ql:86,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (UnsequencedAtomicReads.ql:86,67-75) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (UnsequencedAtomicReads.ql:86,5-18) | test.c:44:12:44:18 | ... + ... | Atomic variable $@ has a $@ that is unsequenced with $@. | test.c:42:15:42:16 | a1 | a1 | test.c:44:12:44:13 | a1 | previous read | test.c:44:17:44:18 | a1 | another read | | test.c:46:3:46:37 | ... + ... | Atomic variable $@ has a $@ that is unsequenced with $@. | test.c:42:15:42:16 | a1 | a1 | test.c:46:16:46:17 | a1 | previous read | test.c:46:35:46:36 | a1 | another read | From 7e8ba849c90c960e9a5c38620d130ed5400679e2 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 13 Mar 2025 10:14:22 -0700 Subject: [PATCH 2461/2573] Fix merge --- rules.csv | 5 ----- 1 file changed, 5 deletions(-) diff --git a/rules.csv b/rules.csv index 0ea6db3c53..3f7961b630 100644 --- a/rules.csv +++ b/rules.csv @@ -677,13 +677,8 @@ c,MISRA-C-2012,RULE-9-2,Yes,Required,,,The initializer for an aggregate or union c,MISRA-C-2012,RULE-9-3,Yes,Required,,,Arrays shall not be partially initialized,,Memory1,Medium, c,MISRA-C-2012,RULE-9-4,Yes,Required,,,An element of an object shall not be initialized more than once,,Memory1,Medium, c,MISRA-C-2012,RULE-9-5,No,Required,,,Where designated initializers are used to initialize an array object the size of the array shall be specified explicitly,,,Medium, -<<<<<<< HEAD c,MISRA-C-2012,RULE-9-6,Yes,Required,,,An initializer using chained designators shall not contain initializers without designators,,Declarations10,Hard, -c,MISRA-C-2012,RULE-9-7,Yes,Mandatory,,,Atomic objects shall be appropriately initialized before being accessed,,Concurrency6,Hard, -======= -c,MISRA-C-2012,RULE-9-6,Yes,Required,,,An initializer using chained designators shall not contain initializers without designators,,Declarations9,Hard, c,MISRA-C-2012,RULE-9-7,Yes,Mandatory,,,Atomic objects shall be appropriately initialized before being accessed,,Concurrency7,Hard, ->>>>>>> origin/main c,MISRA-C-2012,RULE-10-1,Yes,Required,,,Operands shall not be of an inappropriate essential type,,EssentialTypes,Hard, c,MISRA-C-2012,RULE-10-2,Yes,Required,,,Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations,,EssentialTypes,Medium, c,MISRA-C-2012,RULE-10-3,Yes,Required,,,The value of an expression shall not be assigned to an object with a narrower essential type or of a different essential type category,,EssentialTypes,Hard, From f1944dbc9cefc94550e4e1b390e14f3fa91a2833 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 13 Mar 2025 10:16:31 -0700 Subject: [PATCH 2462/2573] Format cast test cases --- c/misra/test/rules/RULE-11-10/test.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/misra/test/rules/RULE-11-10/test.c b/c/misra/test/rules/RULE-11-10/test.c index cd95891865..8f8e837b66 100644 --- a/c/misra/test/rules/RULE-11-10/test.c +++ b/c/misra/test/rules/RULE-11-10/test.c @@ -23,6 +23,6 @@ typedef void f4(_Atomic void *); // NON_COMPLIANT typedef void (*f5)(_Atomic void *); // NON_COMPLIANT void f6() { - (void *)0; // COMPLIANT + (void *)0; // COMPLIANT (_Atomic void *)0; // NON_COMPLIANT } \ No newline at end of file From 66d7f2bb1230a731fd339b65c5e2044bc13eeb34 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 14 Mar 2025 14:38:56 -0700 Subject: [PATCH 2463/2573] Don't report '//*comment' in RULE-3-1 --- .../RULE-3-1/CharacterSequencesAndUsedWithinAComment.ql | 2 +- .../CharacterSequencesAndUsedWithinAComment.expected | 1 + c/misra/test/rules/RULE-3-1/test.c | 6 ++++++ ...24-12-13-implement-misra-c-amendment4-rule-amendments.md | 3 ++- 4 files changed, 10 insertions(+), 2 deletions(-) diff --git a/c/misra/src/rules/RULE-3-1/CharacterSequencesAndUsedWithinAComment.ql b/c/misra/src/rules/RULE-3-1/CharacterSequencesAndUsedWithinAComment.ql index 58d449a59b..af05bfe4bc 100644 --- a/c/misra/src/rules/RULE-3-1/CharacterSequencesAndUsedWithinAComment.ql +++ b/c/misra/src/rules/RULE-3-1/CharacterSequencesAndUsedWithinAComment.ql @@ -43,7 +43,7 @@ where not isExcluded(comment, SyntaxPackage::characterSequencesAndUsedWithinACommentQuery()) and ( exists(IllegalCommentSequence c | illegalSequence = c | - comment.getContents().indexOf(illegalSequence) > 0 + comment.getContents().indexOf(illegalSequence) > 1 ) or exists(IllegalCCommentRegexp c | illegalSequence = c.getDescription() | diff --git a/c/misra/test/rules/RULE-3-1/CharacterSequencesAndUsedWithinAComment.expected b/c/misra/test/rules/RULE-3-1/CharacterSequencesAndUsedWithinAComment.expected index 5008fb100d..3c4cab00b1 100644 --- a/c/misra/test/rules/RULE-3-1/CharacterSequencesAndUsedWithinAComment.expected +++ b/c/misra/test/rules/RULE-3-1/CharacterSequencesAndUsedWithinAComment.expected @@ -3,3 +3,4 @@ | test.c:21:1:21:7 | // /* | Comment contains an illegal sequence '/*' | | test.c:30:1:30:27 | /* https://github.com // */ | Comment contains an illegal sequence '//' | | test.c:33:1:33:60 | /* a://b, a://b., ://a.b, a://b., a://.b, ://, a://, ://b */ | Comment contains an illegal sequence '//' | +| test.c:42:1:42:8 | ///* foo | Comment contains an illegal sequence '/*' | diff --git a/c/misra/test/rules/RULE-3-1/test.c b/c/misra/test/rules/RULE-3-1/test.c index ad61fd0f91..fd7a6574dd 100644 --- a/c/misra/test/rules/RULE-3-1/test.c +++ b/c/misra/test/rules/RULE-3-1/test.c @@ -35,4 +35,10 @@ // COMPLIANT // https://github.com +// COMPLIANT +//* foo + +// NON_COMPLIANT +///* foo + void f(){} \ No newline at end of file diff --git a/change_notes/2024-12-13-implement-misra-c-amendment4-rule-amendments.md b/change_notes/2024-12-13-implement-misra-c-amendment4-rule-amendments.md index a8fbd282d8..b168ccaf78 100644 --- a/change_notes/2024-12-13-implement-misra-c-amendment4-rule-amendments.md +++ b/change_notes/2024-12-13-implement-misra-c-amendment4-rule-amendments.md @@ -7,4 +7,5 @@ - `RULE-13-2` - `UnsequencedAtomicReads.ql` - New query to find expressions which read an atomic variable more than once between sequence points, to address new case from MISRA-C 2012 Amendment 4. - `RULE-3-1` - `CharacterSequencesAndUsedWithinAComment.ql` - - Add exception allowing URLs inside of cpp-style `/* ... */` comments, in compliance with MISRA-C 2012 Amendment 4 \ No newline at end of file + - Add exception allowing URLs inside of cpp-style `/* ... */` comments, in compliance with MISRA-C 2012 Amendment 4. + - No longer report cases of `//*some comment` in this rule. \ No newline at end of file From c55a173fae2d1d2fd1d4b15616d9cdd61acff3cc Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 14 Mar 2025 17:36:13 -0700 Subject: [PATCH 2464/2573] First round of feedback --- ...025-1-04-misra-c-technical-corrigenda-2.md | 2 +- ...nterArithmeticToAddressDifferentArrays.qll | 23 +++++++++++++------ .../test.cpp | 12 +++++++--- rule_packages/c/Statements5.json | 3 +++ 4 files changed, 29 insertions(+), 11 deletions(-) diff --git a/change_notes/2025-1-04-misra-c-technical-corrigenda-2.md b/change_notes/2025-1-04-misra-c-technical-corrigenda-2.md index be037074f6..6849951810 100644 --- a/change_notes/2025-1-04-misra-c-technical-corrigenda-2.md +++ b/change_notes/2025-1-04-misra-c-technical-corrigenda-2.md @@ -1,6 +1,6 @@ - `RULE-8-3` - `DeclarationsOfAFunctionSameNameAndType.ql`: - Implement new exception, unnamed parameters are not covered by this rule. - - `RULE-10-2` - `AdditionSubtractionOnEssentiallCharType.ql`: + - `RULE-10-2` - `AdditionSubtractionOnEssentiallyCharType.ql`: - Disallow `+` and `-` operations with an essentially char type and other types larger than int type. - Note, this change affects the essential type of such expressions, which may affect other essential types rules. - `RULE-18-1`, `M5-0-16` - `PointerAndDerivedPointerMustAddressSameArray.ql`, `PointerAndDerivedPointerAccessDifferentArray.ql`: diff --git a/cpp/common/src/codingstandards/cpp/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.qll b/cpp/common/src/codingstandards/cpp/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.qll index 5a45ff703e..2b11291293 100644 --- a/cpp/common/src/codingstandards/cpp/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.qll +++ b/cpp/common/src/codingstandards/cpp/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.qll @@ -104,6 +104,16 @@ class CastedToBytePointer extends ArrayLikeAccess, Conversion { } } + predicate pointerRecastBarrier(DataFlow::Node barrier) { + // Casting to a differently sized pointer + exists(CStyleCast cast, Expr casted | + cast.getExpr() = casted and casted = barrier.asConvertedExpr() + | + not casted.getType().(PointerType).getBaseType().getSize() = + cast.getType().(PointerType).getBaseType().getSize() + ) + } + /** * A data-flow configuration that tracks access to an array to type to an array index expression. * This is used to determine possible pointer to array creations. @@ -111,7 +121,11 @@ class CastedToBytePointer extends ArrayLikeAccess, Conversion { module ByteArrayToArrayExprConfig implements DataFlow::ConfigSig { predicate isSource(DataFlow::Node source) { exists(CastedToBytePointer a | a.getNode() = source) } - // TODO: casting to different size pointed-to-type invalidates + predicate isBarrier(DataFlow::Node barrier) { + // Casting to a differently sized pointer invalidates this analysis. + pointerRecastBarrier(barrier) + } + predicate isSink(DataFlow::Node sink) { exists(ArrayExpr c | c.getArrayBase() = sink.asExpr()) } } @@ -126,12 +140,7 @@ module ArrayToArrayExprConfig implements DataFlow::ConfigSig { predicate isBarrier(DataFlow::Node barrier) { // Casting to a differently sized pointer invalidates this analysis. - exists(CStyleCast cast, Expr casted | - cast.getExpr() = casted and casted = barrier.asConvertedExpr() - | - not casted.getType().(PointerType).getBaseType().getSize() = - cast.getType().(PointerType).getBaseType().getSize() - ) + pointerRecastBarrier(barrier) } predicate isSink(DataFlow::Node sink) { exists(ArrayExpr c | c.getArrayBase() = sink.asExpr()) } diff --git a/cpp/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/test.cpp b/cpp/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/test.cpp index 3a86d7963e..d9874bfb29 100644 --- a/cpp/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/test.cpp +++ b/cpp/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/test.cpp @@ -40,8 +40,14 @@ void f1() { void *p22 = &p21[0]; // COMPLIANT void *p23 = &p21[100]; // NON_COMPLIANT[FALSE_NEGATIVE] + // Casting a byte pointer to a differently sized type that isn't char + // invalidates analysis + long *p24 = (long *)p15; + void *p25 = &p24[0]; // COMPLIANT + void *p26 = &p24[100]; // NON_COMPLIANT[FALSE_NEGATIVE] + // Void pointers have size zero and can't be analyzed. - void *p24 = 0; - unsigned char *p25 = (unsigned char *)p24; - void *p26 = &p25[100]; // COMPLIANT + void *p27 = 0; + unsigned char *p28 = (unsigned char *)p27; + void *p29 = &p28[100]; // COMPLIANT } \ No newline at end of file diff --git a/rule_packages/c/Statements5.json b/rule_packages/c/Statements5.json index 329819b61f..03380f4897 100644 --- a/rule_packages/c/Statements5.json +++ b/rule_packages/c/Statements5.json @@ -20,6 +20,9 @@ ] } ], + "implementation_scope": { + "description": "Not all invariant logical expressions which contain dynamic values are detected to be invariant, for instance, `x < 3 && x > 5` where x does not have a statically known value." + }, "title": "Controlling expressions shall not be invariant" }, "RULE-15-5": { From fb6eaaa9eed6d8d377849af6ef47aa17eec7d524 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 14 Mar 2025 17:56:28 -0700 Subject: [PATCH 2465/2573] Format --- ...interArithmeticToAddressDifferentArrays.qll | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.qll b/cpp/common/src/codingstandards/cpp/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.qll index 2b11291293..2b788ea6fb 100644 --- a/cpp/common/src/codingstandards/cpp/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.qll +++ b/cpp/common/src/codingstandards/cpp/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.qll @@ -104,15 +104,15 @@ class CastedToBytePointer extends ArrayLikeAccess, Conversion { } } - predicate pointerRecastBarrier(DataFlow::Node barrier) { - // Casting to a differently sized pointer - exists(CStyleCast cast, Expr casted | - cast.getExpr() = casted and casted = barrier.asConvertedExpr() - | - not casted.getType().(PointerType).getBaseType().getSize() = - cast.getType().(PointerType).getBaseType().getSize() - ) - } +predicate pointerRecastBarrier(DataFlow::Node barrier) { + // Casting to a differently sized pointer + exists(CStyleCast cast, Expr casted | + cast.getExpr() = casted and casted = barrier.asConvertedExpr() + | + not casted.getType().(PointerType).getBaseType().getSize() = + cast.getType().(PointerType).getBaseType().getSize() + ) +} /** * A data-flow configuration that tracks access to an array to type to an array index expression. From 6acd87740d00f8130b944a08674ec7b5525c19c3 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 14 Mar 2025 18:02:51 -0700 Subject: [PATCH 2466/2573] Format essentialTypes --- .../src/codingstandards/c/misra/EssentialTypes.qll | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll index 05bfef87fa..de6d43e2c5 100644 --- a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll +++ b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll @@ -357,8 +357,9 @@ class EssentialBinaryOperationSubjectToUsualConversions extends EssentialExpr, B */ class EssentialAddExpr extends EssentialBinaryOperationSubjectToUsualConversions, AddExpr { override Type getEssentialType() { - exists(Type otherOperandType, - EssentialTypeCategory operandTypeCategory, EssentialTypeCategory otherOperandTypeCategory, int intTypeSize + exists( + Type otherOperandType, EssentialTypeCategory operandTypeCategory, + EssentialTypeCategory otherOperandTypeCategory, int intTypeSize | operandTypeCategory = getEssentialTypeCategory(getEssentialType(getAnOperand())) and otherOperandType = getEssentialType(getAnOperand()) and @@ -381,10 +382,8 @@ class EssentialAddExpr extends EssentialBinaryOperationSubjectToUsualConversions class EssentialSubExpr extends EssentialBinaryOperationSubjectToUsualConversions, SubExpr { override Type getEssentialType() { exists( - EssentialTypeCategory leftEssentialTypeCategory, - Type rightEssentialType, - EssentialTypeCategory rightEssentialTypeCategory, - int intTypeSize + EssentialTypeCategory leftEssentialTypeCategory, Type rightEssentialType, + EssentialTypeCategory rightEssentialTypeCategory, int intTypeSize | leftEssentialTypeCategory = getEssentialTypeCategory(getEssentialType(getLeftOperand())) and rightEssentialType = getEssentialType(getRightOperand()) and From 3e6cf77c8f653d50776c9f0afc54c5abcc818ef5 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Mon, 17 Mar 2025 17:24:37 -0700 Subject: [PATCH 2467/2573] Update cast to byte pointer getName() --- ...DoNotUsePointerArithmeticToAddressDifferentArrays.qll | 9 +-------- ...UsePointerArithmeticToAddressDifferentArrays.expected | 4 ++-- 2 files changed, 3 insertions(+), 10 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.qll b/cpp/common/src/codingstandards/cpp/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.qll index 2b788ea6fb..5d3a7e1cda 100644 --- a/cpp/common/src/codingstandards/cpp/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.qll +++ b/cpp/common/src/codingstandards/cpp/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.qll @@ -80,14 +80,7 @@ class CastedToBytePointer extends ArrayLikeAccess, Conversion { override Element getElement() { result = this } - override string getName() { - result = "cast to btye pointer " + this.toString() - or - exists(Cast cast | - cast.getExpr() = this and - result = cast.getType().(PointerType).getBaseType().toString() - ) - } + override string getName() { result = "cast to byte pointer" } override int getSize() { result = size } diff --git a/cpp/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.expected b/cpp/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.expected index 5bb4881b81..31ff47e55c 100644 --- a/cpp/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.expected +++ b/cpp/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.expected @@ -4,5 +4,5 @@ | test.cpp:11:8:11:11 | ... -- | Array pointer p7 points 1 element past the end of $@. | test.cpp:2:7:2:8 | l1 | l1 | | test.cpp:12:8:12:9 | p3 | Array pointer p8 points 1 element past the end of $@. | test.cpp:2:7:2:8 | l1 | l1 | | test.cpp:25:15:25:21 | & ... | Array pointer p14 points 1 element past the end of $@. | test.cpp:2:7:2:8 | l1 | l1 | -| test.cpp:30:15:30:21 | & ... | Array pointer p17 points 1 element past the end of $@. | test.cpp:28:24:28:42 | (unsigned char *)... | cast to btye pointer (unsigned char *)... | -| test.cpp:35:15:35:21 | & ... | Array pointer p20 points 1 element past the end of $@. | test.cpp:33:24:33:43 | (unsigned char *)... | cast to btye pointer (unsigned char *)... | +| test.cpp:30:15:30:21 | & ... | Array pointer p17 points 1 element past the end of $@. | test.cpp:28:24:28:42 | (unsigned char *)... | cast to byte pointer | +| test.cpp:35:15:35:21 | & ... | Array pointer p20 points 1 element past the end of $@. | test.cpp:33:24:33:43 | (unsigned char *)... | cast to byte pointer | From ded47aa1e71b16ac85be2acdaddfe5777fd2c508 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 20 Mar 2025 15:32:02 -0700 Subject: [PATCH 2468/2573] Address feedback --- .../PossibleMisuseOfUndetectedInfinity.ql | 35 +++--- .../DIR-4-15/PossibleMisuseOfUndetectedNaN.ql | 95 ++++------------ ...ossibleMisuseOfUndetectedInfinity.expected | 52 ++++----- .../PossibleMisuseOfUndetectedNaN.expected | 64 +++++------ .../src/codingstandards/cpp/FloatingPoint.qll | 72 ++++++++++++- .../cpp/RestrictedRangeAnalysis.qll | 101 +++++++++++------- .../cpp/exclusions/c/FloatingTypes2.qll | 2 +- .../UncheckedRangeDomainPoleErrors.qll | 53 +-------- .../generate_rules/coding_standards_utils.py | 4 +- 9 files changed, 230 insertions(+), 248 deletions(-) diff --git a/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.ql b/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.ql index 3d54b4f829..812e9fe1e2 100644 --- a/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.ql +++ b/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.ql @@ -87,7 +87,6 @@ module InvalidInfinityUsage implements DataFlow::ConfigSig { class InvalidInfinityUsage extends DataFlow::Node { string description; - string infinityDescription; InvalidInfinityUsage() { // Case 2: NaNs and infinities shall not be cast to integers @@ -95,22 +94,18 @@ class InvalidInfinityUsage extends DataFlow::Node { asExpr() = c.getUnconverted() and c.getExpr().getType() instanceof FloatingPointType and c.getType() instanceof IntegralType and - description = "$@ casted to integer." and - infinityDescription = "Possibly infinite float value" + description = "cast to integer." ) or // Case 3: Infinities shall not underflow or otherwise produce finite values exists(BinaryOperation op | asExpr() = op.getRightOperand() and op.getOperator() = "/" and - description = "Division operation may silently underflow and produce zero, as the divisor $@." and - infinityDescription = "may be an infinite float value" + description = "divisor, which would silently underflow and produce zero." ) } string getDescription() { result = description } - - string getInfinityDescription() { result = infinityDescription } } module InvalidInfinityFlow = DataFlow::Global; @@ -119,7 +114,8 @@ import InvalidInfinityFlow::PathGraph from Element elem, InvalidInfinityFlow::PathNode source, InvalidInfinityFlow::PathNode sink, - InvalidInfinityUsage usage, Expr sourceExpr, Element extra, string extraString + InvalidInfinityUsage usage, Expr sourceExpr, string sourceString, Function function, + string computedInFunction where elem = MacroUnwrapper::unwrapElement(sink.getNode().asExpr()) and not InvalidInfinityFlow::PathGraph::edges(_, source, _, _) and @@ -129,19 +125,18 @@ where not usage.asExpr().isFromTemplateInstantiation(_) and usage = sink.getNode() and sourceExpr = source.getNode().asExpr() and + function = sourceExpr.getEnclosingFunction() and InvalidInfinityFlow::flow(source.getNode(), usage) and ( if not sourceExpr.getEnclosingFunction() = usage.asExpr().getEnclosingFunction() - then - extraString = - usage.getInfinityDescription() + " computed in function " + - sourceExpr.getEnclosingFunction().getName() and - extra = sourceExpr.getEnclosingFunction() - else ( - extra = sourceExpr and - if sourceExpr instanceof DivExpr - then extraString = usage.getInfinityDescription() + " from division by zero" - else extraString = usage.getInfinityDescription() - ) + then computedInFunction = "computed in function $@ " + else computedInFunction = "" + ) and + ( + if sourceExpr instanceof DivExpr + then sourceString = "from division by zero" + else sourceString = sourceExpr.toString() ) -select elem, source, sink, usage.getDescription(), extra, extraString +select elem, source, sink, + "Possibly infinite float value $@ " + computedInFunction + "flows to " + usage.getDescription(), + sourceExpr, sourceString, function, function.getName() diff --git a/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql b/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql index 2835a454d9..e1b6762ada 100644 --- a/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql +++ b/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql @@ -1,5 +1,5 @@ /** - * @id c/misra/possible-misuse-of-undetected-na-n + * @id c/misra/possible-misuse-of-undetected-nan * @name DIR-4-15: Evaluation of floating-point expressions shall not lead to the undetected generation of NaNs * @description Evaluation of floating-point expressions shall not lead to the undetected generation * of NaNs. @@ -23,58 +23,6 @@ import semmle.code.cpp.dataflow.new.DataFlow import semmle.code.cpp.dataflow.new.TaintTracking import semmle.code.cpp.controlflow.Dominance -bindingset[name] -Function getMathVariants(string name) { result.hasGlobalOrStdName([name, name + "f", name + "l"]) } - -predicate hasDomainError(FunctionCall fc, string description) { - exists(Function functionWithDomainError | fc.getTarget() = functionWithDomainError | - functionWithDomainError = [getMathVariants(["acos", "asin", "atanh"])] and - not ( - RestrictedRangeAnalysis::upperBound(fc.getArgument(0)) <= 1.0 and - RestrictedRangeAnalysis::lowerBound(fc.getArgument(0)) >= -1.0 - ) and - description = - "the argument has a range " + RestrictedRangeAnalysis::lowerBound(fc.getArgument(0)) + "..." + - RestrictedRangeAnalysis::upperBound(fc.getArgument(0)) + - " which is outside the domain of this function (-1.0...1.0)" - or - functionWithDomainError = getMathVariants(["atan2", "pow"]) and - ( - exprMayEqualZero(fc.getArgument(0)) and - exprMayEqualZero(fc.getArgument(1)) and - description = "both arguments are equal to zero" - ) - or - functionWithDomainError = getMathVariants("pow") and - ( - RestrictedRangeAnalysis::upperBound(fc.getArgument(0)) < 0.0 and - RestrictedRangeAnalysis::upperBound(fc.getArgument(1)) < 0.0 and - description = "both arguments are less than zero" - ) - or - functionWithDomainError = getMathVariants("acosh") and - RestrictedRangeAnalysis::upperBound(fc.getArgument(0)) < 1.0 and - description = "argument is less than 1" - or - //pole error is the same as domain for logb and tgamma (but not ilogb - no pole error exists) - functionWithDomainError = getMathVariants(["ilogb", "logb", "tgamma"]) and - exprMayEqualZero(fc.getArgument(0)) and - description = "argument is equal to zero" - or - functionWithDomainError = getMathVariants(["log", "log10", "log2", "sqrt"]) and - RestrictedRangeAnalysis::upperBound(fc.getArgument(0)) < 0.0 and - description = "argument is negative" - or - functionWithDomainError = getMathVariants("log1p") and - RestrictedRangeAnalysis::upperBound(fc.getArgument(0)) < -1.0 and - description = "argument is less than 1" - or - functionWithDomainError = getMathVariants("fmod") and - exprMayEqualZero(fc.getArgument(1)) and - description = "y is 0" - ) -} - abstract class PotentiallyNaNExpr extends Expr { abstract string getReason(); } @@ -82,7 +30,7 @@ abstract class PotentiallyNaNExpr extends Expr { class DomainErrorFunctionCall extends FunctionCall, PotentiallyNaNExpr { string reason; - DomainErrorFunctionCall() { hasDomainError(this, reason) } + DomainErrorFunctionCall() { RestrictedDomainError::hasDomainError(this, reason) } override string getReason() { result = reason } } @@ -116,8 +64,13 @@ class InvalidOperationExpr extends BinaryOperation, PotentiallyNaNExpr { or // 7.1.3: multiplication of zero by infinity getOperator() = "*" and - exprMayEqualZero(getAnOperand()) and - exprMayEqualInfinity(getAnOperand(), _) and + exists(Expr zeroOp, Expr infinityOp | + zeroOp = getAnOperand() and + infinityOp = getAnOperand() and + not zeroOp = infinityOp and + exprMayEqualZero(zeroOp) and + exprMayEqualInfinity(infinityOp, _) + ) and reason = "from multiplication of zero by infinity" or // 7.1.4: Division of zero by zero, or infinity by infinity @@ -199,15 +152,13 @@ module InvalidNaNUsage implements DataFlow::ConfigSig { class InvalidNaNUsage extends DataFlow::Node { string description; - string nanDescription; InvalidNaNUsage() { // Case 1: NaNs shall not be compared, except to themselves exists(ComparisonOperation cmp | this.asExpr() = cmp.getAnOperand() and not hashCons(cmp.getLeftOperand()) = hashCons(cmp.getRightOperand()) and - description = "Comparison involving a $@, which always evaluates to false." and - nanDescription = "possibly NaN float value" + description = "comparison, which would always evaluate to false." ) or // Case 2: NaNs and infinities shall not be cast to integers @@ -215,14 +166,11 @@ class InvalidNaNUsage extends DataFlow::Node { this.asExpr() = c.getUnconverted() and c.getExpr().getType() instanceof FloatingPointType and c.getType() instanceof IntegralType and - description = "$@ casted to integer." and - nanDescription = "Possibly NaN float value" + description = "a cast to integer." ) } string getDescription() { result = description } - - string getNaNDescription() { result = nanDescription } } module InvalidNaNFlow = DataFlow::Global; @@ -231,7 +179,8 @@ import InvalidNaNFlow::PathGraph from Element elem, InvalidNaNFlow::PathNode source, InvalidNaNFlow::PathNode sink, - InvalidNaNUsage usage, Expr sourceExpr, string sourceString, Element extra, string extraString + InvalidNaNUsage usage, Expr sourceExpr, string sourceString, Function function, + string computedInFunction where not InvalidNaNFlow::PathGraph::edges(_, source, _, _) and not InvalidNaNFlow::PathGraph::edges(sink, _, _, _) and @@ -240,18 +189,14 @@ where elem = MacroUnwrapper::unwrapElement(sink.getNode().asExpr()) and usage = sink.getNode() and sourceExpr = source.getNode().asExpr() and - sourceString = " (" + source.getNode().asExpr().(PotentiallyNaNExpr).getReason() + ")" and + sourceString = source.getNode().asExpr().(PotentiallyNaNExpr).getReason() and + function = sourceExpr.getEnclosingFunction() and InvalidNaNFlow::flow(source.getNode(), usage) and ( if not sourceExpr.getEnclosingFunction() = usage.asExpr().getEnclosingFunction() - then - extraString = - usage.getNaNDescription() + sourceString + " computed in function " + - sourceExpr.getEnclosingFunction().getName() and - extra = sourceExpr.getEnclosingFunction() - else ( - extra = sourceExpr and - extraString = usage.getNaNDescription() + sourceString - ) + then computedInFunction = "computed in function $@ " + else computedInFunction = "" ) -select elem, source, sink, usage.getDescription(), extra, extraString +select elem, source, sink, + "Possible NaN value $@ " + computedInFunction + "flows to " + usage.getDescription(), sourceExpr, + sourceString, function, function.getName() diff --git a/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.expected b/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.expected index f1f08b5a51..8dd5ac15b8 100644 --- a/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.expected +++ b/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.expected @@ -85,29 +85,29 @@ nodes | test.c:210:23:210:31 | middleInf | semmle.label | middleInf | subpaths #select -| test.c:12:8:12:9 | l2 | test.c:8:14:8:20 | ... / ... | test.c:12:8:12:9 | l2 | Division operation may silently underflow and produce zero, as the divisor $@. | test.c:8:14:8:20 | ... / ... | may be an infinite float value from division by zero | -| test.c:13:8:13:9 | l3 | test.c:8:14:8:20 | ... / ... | test.c:13:8:13:9 | l3 | Division operation may silently underflow and produce zero, as the divisor $@. | test.c:8:14:8:20 | ... / ... | may be an infinite float value from division by zero | -| test.c:18:8:18:9 | l2 | test.c:8:14:8:20 | ... / ... | test.c:18:3:18:9 | l2 | $@ casted to integer. | test.c:8:14:8:20 | ... / ... | Possibly infinite float value from division by zero | -| test.c:19:8:19:9 | l3 | test.c:8:14:8:20 | ... / ... | test.c:19:3:19:9 | l3 | $@ casted to integer. | test.c:8:14:8:20 | ... / ... | Possibly infinite float value from division by zero | -| test.c:27:19:27:20 | l2 | test.c:8:14:8:20 | ... / ... | test.c:27:19:27:20 | l2 | Division operation may silently underflow and produce zero, as the divisor $@. | test.c:8:14:8:20 | ... / ... | may be an infinite float value from division by zero | -| test.c:28:19:28:20 | l3 | test.c:8:14:8:20 | ... / ... | test.c:28:19:28:20 | l3 | Division operation may silently underflow and produce zero, as the divisor $@. | test.c:8:14:8:20 | ... / ... | may be an infinite float value from division by zero | -| test.c:38:8:38:9 | l7 | test.c:31:14:32:15 | ... / ... | test.c:38:3:38:9 | l7 | $@ casted to integer. | test.c:31:14:32:15 | ... / ... | Possibly infinite float value from division by zero | -| test.c:61:11:61:17 | ... / ... | test.c:61:5:61:18 | ... / ... | test.c:61:5:61:18 | ... / ... | $@ casted to integer. | test.c:61:11:61:17 | ... / ... | Possibly infinite float value from division by zero | -| test.c:66:11:66:19 | ... / ... | test.c:66:5:66:20 | ... / ... | test.c:66:5:66:20 | ... / ... | $@ casted to integer. | test.c:66:11:66:19 | ... / ... | Possibly infinite float value from division by zero | -| test.c:72:20:72:28 | ... / ... | test.c:72:14:72:29 | ... / ... | test.c:72:14:72:29 | ... / ... | $@ casted to integer. | test.c:72:20:72:28 | ... / ... | Possibly infinite float value from division by zero | -| test.c:75:24:75:32 | ... / ... | test.c:75:18:75:33 | ... / ... | test.c:75:18:75:33 | ... / ... | $@ casted to integer. | test.c:75:24:75:32 | ... / ... | Possibly infinite float value from division by zero | -| test.c:79:10:79:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:79:5:79:12 | l12 | $@ casted to integer. | test.c:77:15:77:21 | ... / ... | Possibly infinite float value from division by zero | -| test.c:87:10:87:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:87:5:87:12 | l12 | $@ casted to integer. | test.c:77:15:77:21 | ... / ... | Possibly infinite float value from division by zero | -| test.c:91:10:91:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:91:5:91:12 | l12 | $@ casted to integer. | test.c:77:15:77:21 | ... / ... | Possibly infinite float value from division by zero | -| test.c:93:10:93:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:93:5:93:12 | l12 | $@ casted to integer. | test.c:77:15:77:21 | ... / ... | Possibly infinite float value from division by zero | -| test.c:99:10:99:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:99:5:99:12 | l12 | $@ casted to integer. | test.c:77:15:77:21 | ... / ... | Possibly infinite float value from division by zero | -| test.c:105:10:105:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:105:5:105:12 | l12 | $@ casted to integer. | test.c:77:15:77:21 | ... / ... | Possibly infinite float value from division by zero | -| test.c:111:10:111:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:111:5:111:12 | l12 | $@ casted to integer. | test.c:77:15:77:21 | ... / ... | Possibly infinite float value from division by zero | -| test.c:114:21:114:23 | l12 | test.c:77:15:77:21 | ... / ... | test.c:114:16:114:23 | l12 | $@ casted to integer. | test.c:77:15:77:21 | ... / ... | Possibly infinite float value from division by zero | -| test.c:117:28:117:30 | l12 | test.c:77:15:77:21 | ... / ... | test.c:117:23:117:30 | l12 | $@ casted to integer. | test.c:77:15:77:21 | ... / ... | Possibly infinite float value from division by zero | -| test.c:120:25:120:27 | l12 | test.c:77:15:77:21 | ... / ... | test.c:120:20:120:27 | l12 | $@ casted to integer. | test.c:77:15:77:21 | ... / ... | Possibly infinite float value from division by zero | -| test.c:163:9:164:15 | ... / ... | test.c:163:3:164:16 | ... / ... | test.c:163:3:164:16 | ... / ... | $@ casted to integer. | test.c:163:9:164:15 | ... / ... | Possibly infinite float value from division by zero | -| test.c:175:32:175:32 | p | test.c:189:51:189:59 | ... / ... | test.c:175:27:175:32 | p | $@ casted to integer. | test.c:189:6:189:24 | addInfThenCastToInt | Possibly infinite float value computed in function addInfThenCastToInt | -| test.c:175:32:175:32 | p | test.c:193:13:194:15 | ... / ... | test.c:175:27:175:32 | p | $@ casted to integer. | test.c:192:6:192:7 | f2 | Possibly infinite float value computed in function f2 | -| test.c:175:32:175:32 | p | test.c:204:19:204:27 | ... / ... | test.c:175:27:175:32 | p | $@ casted to integer. | test.c:192:6:192:7 | f2 | Possibly infinite float value computed in function f2 | -| test.c:185:18:185:18 | p | test.c:200:25:200:33 | ... / ... | test.c:185:13:185:18 | p | $@ casted to integer. | test.c:192:6:192:7 | f2 | Possibly infinite float value computed in function f2 | +| test.c:12:8:12:9 | l2 | test.c:8:14:8:20 | ... / ... | test.c:12:8:12:9 | l2 | Possibly infinite float value $@ flows to divisor, which would silently underflow and produce zero. | test.c:8:14:8:20 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:13:8:13:9 | l3 | test.c:8:14:8:20 | ... / ... | test.c:13:8:13:9 | l3 | Possibly infinite float value $@ flows to divisor, which would silently underflow and produce zero. | test.c:8:14:8:20 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:18:8:18:9 | l2 | test.c:8:14:8:20 | ... / ... | test.c:18:3:18:9 | l2 | Possibly infinite float value $@ flows to cast to integer. | test.c:8:14:8:20 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:19:8:19:9 | l3 | test.c:8:14:8:20 | ... / ... | test.c:19:3:19:9 | l3 | Possibly infinite float value $@ flows to cast to integer. | test.c:8:14:8:20 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:27:19:27:20 | l2 | test.c:8:14:8:20 | ... / ... | test.c:27:19:27:20 | l2 | Possibly infinite float value $@ flows to divisor, which would silently underflow and produce zero. | test.c:8:14:8:20 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:28:19:28:20 | l3 | test.c:8:14:8:20 | ... / ... | test.c:28:19:28:20 | l3 | Possibly infinite float value $@ flows to divisor, which would silently underflow and produce zero. | test.c:8:14:8:20 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:38:8:38:9 | l7 | test.c:31:14:32:15 | ... / ... | test.c:38:3:38:9 | l7 | Possibly infinite float value $@ flows to cast to integer. | test.c:31:14:32:15 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:61:11:61:17 | ... / ... | test.c:61:5:61:18 | ... / ... | test.c:61:5:61:18 | ... / ... | Possibly infinite float value $@ flows to cast to integer. | test.c:61:11:61:17 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:66:11:66:19 | ... / ... | test.c:66:5:66:20 | ... / ... | test.c:66:5:66:20 | ... / ... | Possibly infinite float value $@ flows to cast to integer. | test.c:66:11:66:19 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:72:20:72:28 | ... / ... | test.c:72:14:72:29 | ... / ... | test.c:72:14:72:29 | ... / ... | Possibly infinite float value $@ flows to cast to integer. | test.c:72:20:72:28 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:75:24:75:32 | ... / ... | test.c:75:18:75:33 | ... / ... | test.c:75:18:75:33 | ... / ... | Possibly infinite float value $@ flows to cast to integer. | test.c:75:24:75:32 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:79:10:79:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:79:5:79:12 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.c:77:15:77:21 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:87:10:87:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:87:5:87:12 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.c:77:15:77:21 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:91:10:91:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:91:5:91:12 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.c:77:15:77:21 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:93:10:93:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:93:5:93:12 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.c:77:15:77:21 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:99:10:99:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:99:5:99:12 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.c:77:15:77:21 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:105:10:105:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:105:5:105:12 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.c:77:15:77:21 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:111:10:111:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:111:5:111:12 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.c:77:15:77:21 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:114:21:114:23 | l12 | test.c:77:15:77:21 | ... / ... | test.c:114:16:114:23 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.c:77:15:77:21 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:117:28:117:30 | l12 | test.c:77:15:77:21 | ... / ... | test.c:117:23:117:30 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.c:77:15:77:21 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:120:25:120:27 | l12 | test.c:77:15:77:21 | ... / ... | test.c:120:20:120:27 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.c:77:15:77:21 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:163:9:164:15 | ... / ... | test.c:163:3:164:16 | ... / ... | test.c:163:3:164:16 | ... / ... | Possibly infinite float value $@ flows to cast to integer. | test.c:163:9:164:15 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:175:32:175:32 | p | test.c:189:51:189:59 | ... / ... | test.c:175:27:175:32 | p | Possibly infinite float value $@ computed in function $@ flows to cast to integer. | test.c:189:51:189:59 | ... / ... | from division by zero | test.c:189:6:189:24 | addInfThenCastToInt | addInfThenCastToInt | +| test.c:175:32:175:32 | p | test.c:193:13:194:15 | ... / ... | test.c:175:27:175:32 | p | Possibly infinite float value $@ computed in function $@ flows to cast to integer. | test.c:193:13:194:15 | ... / ... | from division by zero | test.c:192:6:192:7 | f2 | f2 | +| test.c:175:32:175:32 | p | test.c:204:19:204:27 | ... / ... | test.c:175:27:175:32 | p | Possibly infinite float value $@ computed in function $@ flows to cast to integer. | test.c:204:19:204:27 | ... / ... | from division by zero | test.c:192:6:192:7 | f2 | f2 | +| test.c:185:18:185:18 | p | test.c:200:25:200:33 | ... / ... | test.c:185:13:185:18 | p | Possibly infinite float value $@ computed in function $@ flows to cast to integer. | test.c:200:25:200:33 | ... / ... | from division by zero | test.c:192:6:192:7 | f2 | f2 | diff --git a/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.expected b/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.expected index e0047d9ef7..aeec3c943f 100644 --- a/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.expected +++ b/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.expected @@ -102,35 +102,35 @@ nodes | test.c:211:23:211:31 | middleNaN | semmle.label | middleNaN | subpaths #select -| test.c:36:8:36:9 | l5 | test.c:27:14:27:20 | ... / ... | test.c:36:3:36:9 | l5 | $@ casted to integer. | test.c:27:14:27:20 | ... / ... | Possibly NaN float value (from division of infinity by infinity) | -| test.c:37:8:37:9 | l6 | test.c:28:14:28:20 | ... / ... | test.c:37:3:37:9 | l6 | $@ casted to integer. | test.c:28:14:28:20 | ... / ... | Possibly NaN float value (from division of infinity by infinity) | -| test.c:38:8:38:9 | l7 | test.c:31:14:32:15 | ... / ... | test.c:38:3:38:9 | l7 | $@ casted to integer. | test.c:31:14:32:15 | ... / ... | Possibly NaN float value (from division of zero by zero) | -| test.c:39:8:39:9 | l8 | test.c:33:14:33:22 | ... / ... | test.c:39:3:39:9 | l8 | $@ casted to integer. | test.c:33:14:33:22 | ... / ... | Possibly NaN float value (from division of zero by zero) | -| test.c:46:3:46:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:46:3:46:4 | l5 | Comparison involving a $@, which always evaluates to false. | test.c:27:14:27:20 | ... / ... | possibly NaN float value (from division of infinity by infinity) | -| test.c:47:3:47:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:47:3:47:4 | l5 | Comparison involving a $@, which always evaluates to false. | test.c:27:14:27:20 | ... / ... | possibly NaN float value (from division of infinity by infinity) | -| test.c:48:3:48:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:48:3:48:4 | l5 | Comparison involving a $@, which always evaluates to false. | test.c:27:14:27:20 | ... / ... | possibly NaN float value (from division of infinity by infinity) | -| test.c:49:3:49:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:49:3:49:4 | l5 | Comparison involving a $@, which always evaluates to false. | test.c:27:14:27:20 | ... / ... | possibly NaN float value (from division of infinity by infinity) | -| test.c:50:3:50:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:50:3:50:4 | l5 | Comparison involving a $@, which always evaluates to false. | test.c:27:14:27:20 | ... / ... | possibly NaN float value (from division of infinity by infinity) | -| test.c:51:3:51:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:51:3:51:4 | l5 | Comparison involving a $@, which always evaluates to false. | test.c:27:14:27:20 | ... / ... | possibly NaN float value (from division of infinity by infinity) | -| test.c:52:3:52:4 | l6 | test.c:28:14:28:20 | ... / ... | test.c:52:3:52:4 | l6 | Comparison involving a $@, which always evaluates to false. | test.c:28:14:28:20 | ... / ... | possibly NaN float value (from division of infinity by infinity) | -| test.c:53:3:53:4 | l7 | test.c:31:14:32:15 | ... / ... | test.c:53:3:53:4 | l7 | Comparison involving a $@, which always evaluates to false. | test.c:31:14:32:15 | ... / ... | possibly NaN float value (from division of zero by zero) | -| test.c:54:3:54:4 | l8 | test.c:33:14:33:22 | ... / ... | test.c:54:3:54:4 | l8 | Comparison involving a $@, which always evaluates to false. | test.c:33:14:33:22 | ... / ... | possibly NaN float value (from division of zero by zero) | -| test.c:61:11:61:17 | ... / ... | test.c:61:5:61:18 | ... / ... | test.c:61:5:61:18 | ... / ... | $@ casted to integer. | test.c:61:11:61:17 | ... / ... | Possibly NaN float value (from division of zero by zero) | -| test.c:66:11:66:19 | ... / ... | test.c:66:5:66:20 | ... / ... | test.c:66:5:66:20 | ... / ... | $@ casted to integer. | test.c:66:11:66:19 | ... / ... | Possibly NaN float value (from division of zero by zero) | -| test.c:72:20:72:28 | ... / ... | test.c:72:14:72:29 | ... / ... | test.c:72:14:72:29 | ... / ... | $@ casted to integer. | test.c:72:20:72:28 | ... / ... | Possibly NaN float value (from division of zero by zero) | -| test.c:75:24:75:32 | ... / ... | test.c:75:18:75:33 | ... / ... | test.c:75:18:75:33 | ... / ... | $@ casted to integer. | test.c:75:24:75:32 | ... / ... | Possibly NaN float value (from division of zero by zero) | -| test.c:126:10:126:12 | l13 | test.c:122:15:122:21 | ... / ... | test.c:126:5:126:12 | l13 | $@ casted to integer. | test.c:122:15:122:21 | ... / ... | Possibly NaN float value (from division of zero by zero) | -| test.c:132:10:132:12 | l13 | test.c:122:15:122:21 | ... / ... | test.c:132:5:132:12 | l13 | $@ casted to integer. | test.c:122:15:122:21 | ... / ... | Possibly NaN float value (from division of zero by zero) | -| test.c:138:10:138:12 | l13 | test.c:122:15:122:21 | ... / ... | test.c:138:5:138:12 | l13 | $@ casted to integer. | test.c:122:15:122:21 | ... / ... | Possibly NaN float value (from division of zero by zero) | -| test.c:144:10:144:12 | l13 | test.c:122:15:122:21 | ... / ... | test.c:144:5:144:12 | l13 | $@ casted to integer. | test.c:122:15:122:21 | ... / ... | Possibly NaN float value (from division of zero by zero) | -| test.c:148:10:148:12 | l13 | test.c:122:15:122:21 | ... / ... | test.c:148:5:148:12 | l13 | $@ casted to integer. | test.c:122:15:122:21 | ... / ... | Possibly NaN float value (from division of zero by zero) | -| test.c:155:25:155:27 | l13 | test.c:122:15:122:21 | ... / ... | test.c:155:20:155:27 | l13 | $@ casted to integer. | test.c:122:15:122:21 | ... / ... | Possibly NaN float value (from division of zero by zero) | -| test.c:157:28:157:30 | l13 | test.c:122:15:122:21 | ... / ... | test.c:157:23:157:30 | l13 | $@ casted to integer. | test.c:122:15:122:21 | ... / ... | Possibly NaN float value (from division of zero by zero) | -| test.c:158:21:158:23 | l13 | test.c:122:15:122:21 | ... / ... | test.c:158:16:158:23 | l13 | $@ casted to integer. | test.c:122:15:122:21 | ... / ... | Possibly NaN float value (from division of zero by zero) | -| test.c:166:8:166:10 | call to pow | test.c:166:3:166:18 | call to pow | test.c:166:3:166:18 | call to pow | $@ casted to integer. | test.c:166:8:166:10 | call to pow | Possibly NaN float value (both arguments are equal to zero) | -| test.c:171:8:171:11 | call to acos | test.c:171:3:171:15 | call to acos | test.c:171:3:171:15 | call to acos | $@ casted to integer. | test.c:171:8:171:11 | call to acos | Possibly NaN float value (the argument has a range -1000000000000000...1000000000000000 which is outside the domain of this function (-1.0...1.0)) | -| test.c:175:32:175:32 | p | test.c:190:51:190:59 | ... / ... | test.c:175:27:175:32 | p | $@ casted to integer. | test.c:190:6:190:24 | addNaNThenCastToInt | Possibly NaN float value (from division of zero by zero) computed in function addNaNThenCastToInt | -| test.c:175:32:175:32 | p | test.c:195:13:195:21 | ... / ... | test.c:175:27:175:32 | p | $@ casted to integer. | test.c:192:6:192:7 | f2 | Possibly NaN float value (from division of zero by zero) computed in function f2 | -| test.c:175:32:175:32 | p | test.c:199:23:199:31 | ... / ... | test.c:175:27:175:32 | p | $@ casted to integer. | test.c:192:6:192:7 | f2 | Possibly NaN float value (from division of zero by zero) computed in function f2 | -| test.c:175:32:175:32 | p | test.c:205:19:205:27 | ... / ... | test.c:175:27:175:32 | p | $@ casted to integer. | test.c:192:6:192:7 | f2 | Possibly NaN float value (from division of zero by zero) computed in function f2 | -| test.c:185:18:185:18 | p | test.c:201:25:201:33 | ... / ... | test.c:185:13:185:18 | p | $@ casted to integer. | test.c:192:6:192:7 | f2 | Possibly NaN float value (from division of zero by zero) computed in function f2 | +| test.c:36:8:36:9 | l5 | test.c:27:14:27:20 | ... / ... | test.c:36:3:36:9 | l5 | Possible NaN value $@ flows to a cast to integer. | test.c:27:14:27:20 | ... / ... | from division of infinity by infinity | test.c:6:6:6:7 | f1 | f1 | +| test.c:37:8:37:9 | l6 | test.c:28:14:28:20 | ... / ... | test.c:37:3:37:9 | l6 | Possible NaN value $@ flows to a cast to integer. | test.c:28:14:28:20 | ... / ... | from division of infinity by infinity | test.c:6:6:6:7 | f1 | f1 | +| test.c:38:8:38:9 | l7 | test.c:31:14:32:15 | ... / ... | test.c:38:3:38:9 | l7 | Possible NaN value $@ flows to a cast to integer. | test.c:31:14:32:15 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:39:8:39:9 | l8 | test.c:33:14:33:22 | ... / ... | test.c:39:3:39:9 | l8 | Possible NaN value $@ flows to a cast to integer. | test.c:33:14:33:22 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:46:3:46:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:46:3:46:4 | l5 | Possible NaN value $@ flows to comparison, which would always evaluate to false. | test.c:27:14:27:20 | ... / ... | from division of infinity by infinity | test.c:6:6:6:7 | f1 | f1 | +| test.c:47:3:47:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:47:3:47:4 | l5 | Possible NaN value $@ flows to comparison, which would always evaluate to false. | test.c:27:14:27:20 | ... / ... | from division of infinity by infinity | test.c:6:6:6:7 | f1 | f1 | +| test.c:48:3:48:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:48:3:48:4 | l5 | Possible NaN value $@ flows to comparison, which would always evaluate to false. | test.c:27:14:27:20 | ... / ... | from division of infinity by infinity | test.c:6:6:6:7 | f1 | f1 | +| test.c:49:3:49:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:49:3:49:4 | l5 | Possible NaN value $@ flows to comparison, which would always evaluate to false. | test.c:27:14:27:20 | ... / ... | from division of infinity by infinity | test.c:6:6:6:7 | f1 | f1 | +| test.c:50:3:50:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:50:3:50:4 | l5 | Possible NaN value $@ flows to comparison, which would always evaluate to false. | test.c:27:14:27:20 | ... / ... | from division of infinity by infinity | test.c:6:6:6:7 | f1 | f1 | +| test.c:51:3:51:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:51:3:51:4 | l5 | Possible NaN value $@ flows to comparison, which would always evaluate to false. | test.c:27:14:27:20 | ... / ... | from division of infinity by infinity | test.c:6:6:6:7 | f1 | f1 | +| test.c:52:3:52:4 | l6 | test.c:28:14:28:20 | ... / ... | test.c:52:3:52:4 | l6 | Possible NaN value $@ flows to comparison, which would always evaluate to false. | test.c:28:14:28:20 | ... / ... | from division of infinity by infinity | test.c:6:6:6:7 | f1 | f1 | +| test.c:53:3:53:4 | l7 | test.c:31:14:32:15 | ... / ... | test.c:53:3:53:4 | l7 | Possible NaN value $@ flows to comparison, which would always evaluate to false. | test.c:31:14:32:15 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:54:3:54:4 | l8 | test.c:33:14:33:22 | ... / ... | test.c:54:3:54:4 | l8 | Possible NaN value $@ flows to comparison, which would always evaluate to false. | test.c:33:14:33:22 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:61:11:61:17 | ... / ... | test.c:61:5:61:18 | ... / ... | test.c:61:5:61:18 | ... / ... | Possible NaN value $@ flows to a cast to integer. | test.c:61:11:61:17 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:66:11:66:19 | ... / ... | test.c:66:5:66:20 | ... / ... | test.c:66:5:66:20 | ... / ... | Possible NaN value $@ flows to a cast to integer. | test.c:66:11:66:19 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:72:20:72:28 | ... / ... | test.c:72:14:72:29 | ... / ... | test.c:72:14:72:29 | ... / ... | Possible NaN value $@ flows to a cast to integer. | test.c:72:20:72:28 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:75:24:75:32 | ... / ... | test.c:75:18:75:33 | ... / ... | test.c:75:18:75:33 | ... / ... | Possible NaN value $@ flows to a cast to integer. | test.c:75:24:75:32 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:126:10:126:12 | l13 | test.c:122:15:122:21 | ... / ... | test.c:126:5:126:12 | l13 | Possible NaN value $@ flows to a cast to integer. | test.c:122:15:122:21 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:132:10:132:12 | l13 | test.c:122:15:122:21 | ... / ... | test.c:132:5:132:12 | l13 | Possible NaN value $@ flows to a cast to integer. | test.c:122:15:122:21 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:138:10:138:12 | l13 | test.c:122:15:122:21 | ... / ... | test.c:138:5:138:12 | l13 | Possible NaN value $@ flows to a cast to integer. | test.c:122:15:122:21 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:144:10:144:12 | l13 | test.c:122:15:122:21 | ... / ... | test.c:144:5:144:12 | l13 | Possible NaN value $@ flows to a cast to integer. | test.c:122:15:122:21 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:148:10:148:12 | l13 | test.c:122:15:122:21 | ... / ... | test.c:148:5:148:12 | l13 | Possible NaN value $@ flows to a cast to integer. | test.c:122:15:122:21 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:155:25:155:27 | l13 | test.c:122:15:122:21 | ... / ... | test.c:155:20:155:27 | l13 | Possible NaN value $@ flows to a cast to integer. | test.c:122:15:122:21 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:157:28:157:30 | l13 | test.c:122:15:122:21 | ... / ... | test.c:157:23:157:30 | l13 | Possible NaN value $@ flows to a cast to integer. | test.c:122:15:122:21 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:158:21:158:23 | l13 | test.c:122:15:122:21 | ... / ... | test.c:158:16:158:23 | l13 | Possible NaN value $@ flows to a cast to integer. | test.c:122:15:122:21 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:166:8:166:10 | call to pow | test.c:166:3:166:18 | call to pow | test.c:166:3:166:18 | call to pow | Possible NaN value $@ flows to a cast to integer. | test.c:166:8:166:10 | call to pow | both arguments are equal to zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:171:8:171:11 | call to acos | test.c:171:3:171:15 | call to acos | test.c:171:3:171:15 | call to acos | Possible NaN value $@ flows to a cast to integer. | test.c:171:8:171:11 | call to acos | the argument has a range -1000000000000000...1000000000000000 which is outside the domain of this function (-1.0...1.0) | test.c:6:6:6:7 | f1 | f1 | +| test.c:175:32:175:32 | p | test.c:190:51:190:59 | ... / ... | test.c:175:27:175:32 | p | Possible NaN value $@ computed in function $@ flows to a cast to integer. | test.c:190:51:190:59 | ... / ... | from division of zero by zero | test.c:190:6:190:24 | addNaNThenCastToInt | addNaNThenCastToInt | +| test.c:175:32:175:32 | p | test.c:195:13:195:21 | ... / ... | test.c:175:27:175:32 | p | Possible NaN value $@ computed in function $@ flows to a cast to integer. | test.c:195:13:195:21 | ... / ... | from division of zero by zero | test.c:192:6:192:7 | f2 | f2 | +| test.c:175:32:175:32 | p | test.c:199:23:199:31 | ... / ... | test.c:175:27:175:32 | p | Possible NaN value $@ computed in function $@ flows to a cast to integer. | test.c:199:23:199:31 | ... / ... | from division of zero by zero | test.c:192:6:192:7 | f2 | f2 | +| test.c:175:32:175:32 | p | test.c:205:19:205:27 | ... / ... | test.c:175:27:175:32 | p | Possible NaN value $@ computed in function $@ flows to a cast to integer. | test.c:205:19:205:27 | ... / ... | from division of zero by zero | test.c:192:6:192:7 | f2 | f2 | +| test.c:185:18:185:18 | p | test.c:201:25:201:33 | ... / ... | test.c:185:13:185:18 | p | Possible NaN value $@ computed in function $@ flows to a cast to integer. | test.c:201:25:201:33 | ... / ... | from division of zero by zero | test.c:192:6:192:7 | f2 | f2 | diff --git a/cpp/common/src/codingstandards/cpp/FloatingPoint.qll b/cpp/common/src/codingstandards/cpp/FloatingPoint.qll index f3ba8dba18..f141214c82 100644 --- a/cpp/common/src/codingstandards/cpp/FloatingPoint.qll +++ b/cpp/common/src/codingstandards/cpp/FloatingPoint.qll @@ -1,5 +1,6 @@ import codeql.util.Boolean import codingstandards.cpp.RestrictedRangeAnalysis +import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis as SimpleRangeAnalysis predicate exprMayEqualZero(Expr e) { RestrictedRangeAnalysis::upperBound(e) >= 0 and @@ -254,7 +255,7 @@ class FPClassificationGuard instanceof GuardCondition { ) } - // Helper function, gets base constraint assuming `classifier() == value` or `classifier != value`. + // Helper predicate, gets base constraint assuming `classifier() == value` or `classifier != value`. private FPClassificationConstraint getBaseConstraint(Boolean areEqual, int testResult) { exists(FPClassificationConstraint base | testResult = 0 and @@ -340,3 +341,72 @@ predicate exprMayEqualInfinity(Expr e, Boolean positive) { not guardedNotFPClass(e, TInfinite()) and not e.getType() instanceof IntegralType } + +signature float upperBoundPredicate(Expr e); + +signature float lowerBoundPredicate(Expr e); + +signature predicate exprMayEqualZeroPredicate(Expr e); + +predicate exprMayEqualZeroNaive(Expr e) { + e.getValue().toFloat() = 0 +} + +/** + * Get the math function name variants for the given name, e.g., "acos" has variants "acos", + * "acosf", and "acosl". + */ +Function getMathVariants(string name) { result.hasGlobalOrStdName([name, name + "f", name + "l"]) } + +module DomainError { + predicate hasDomainError(FunctionCall fc, string description) { + exists(Function functionWithDomainError | fc.getTarget() = functionWithDomainError | + functionWithDomainError = [getMathVariants(["acos", "asin", "atanh"])] and + not ( + ub(fc.getArgument(0)) <= 1.0 and + lb(fc.getArgument(0)) >= -1.0 + ) and + description = + "the argument has a range " + lb(fc.getArgument(0)) + "..." + ub(fc.getArgument(0)) + + " which is outside the domain of this function (-1.0...1.0)" + or + functionWithDomainError = getMathVariants(["atan2", "pow"]) and + ( + mayEqualZero(fc.getArgument(0)) and + mayEqualZero(fc.getArgument(1)) and + description = "both arguments are equal to zero" + ) + or + functionWithDomainError = getMathVariants("pow") and + ( + ub(fc.getArgument(0)) < 0.0 and + ub(fc.getArgument(1)) < 0.0 and + description = "both arguments are less than zero" + ) + or + functionWithDomainError = getMathVariants("acosh") and + ub(fc.getArgument(0)) < 1.0 and + description = "argument is less than 1" + or + //pole error is the same as domain for logb and tgamma (but not ilogb - no pole error exists) + functionWithDomainError = getMathVariants(["ilogb", "logb", "tgamma"]) and + fc.getArgument(0).getValue().toFloat() = 0 and + description = "argument is equal to zero" + or + functionWithDomainError = getMathVariants(["log", "log10", "log2", "sqrt"]) and + ub(fc.getArgument(0)) < 0.0 and + description = "argument is negative" + or + functionWithDomainError = getMathVariants("log1p") and + ub(fc.getArgument(0)) < -1.0 and + description = "argument is less than 1" + or + functionWithDomainError = getMathVariants("fmod") and + fc.getArgument(1).getValue().toFloat() = 0 and + description = "y is 0" + ) + } +} + +import DomainError as RestrictedDomainError +import DomainError as SimpleDomainError diff --git a/cpp/common/src/codingstandards/cpp/RestrictedRangeAnalysis.qll b/cpp/common/src/codingstandards/cpp/RestrictedRangeAnalysis.qll index b81f113281..05290b3aaf 100644 --- a/cpp/common/src/codingstandards/cpp/RestrictedRangeAnalysis.qll +++ b/cpp/common/src/codingstandards/cpp/RestrictedRangeAnalysis.qll @@ -2,56 +2,75 @@ import semmle.code.cpp.controlflow.Guards import semmle.code.cpp.valuenumbering.HashCons /** - * A fork of SimpleRangeAnalysis.qll, which is intended to only give - * results with a conservative basis. + * A fork of SimpleRangeAnalysis.qll, which is intended to only give results + * with a conservative basis. Forked from codeql/cpp-all@1.4.2. * - * For instance, since range analysis is local, a function call (e.g. - * `f()`) is given the widest possible range in the original library. In - * this fork, we do not provide any result. + * For instance, since range analysis is local, a function call (e.g. `f()`) is + * given the widest possible range in the original library. In this fork, we do + * not provide any result. * * Original library level doc comment from SimpleRangeAnalysis.qll: * - * Simple range analysis library. Range analysis is usually done as an - * abstract interpretation over the lattice of range values. (A range is a - * pair, containing a lower and upper bound for the value.) The problem - * with this approach is that the lattice is very tall, which means it can - * take an extremely large number of iterations to find the least fixed - * point. This example illustrates the problem: + * > Simple range analysis library. Range analysis is usually done as an + * > abstract interpretation over the lattice of range values. (A range is a + * > pair, containing a lower and upper bound for the value.) The problem + * > with this approach is that the lattice is very tall, which means it can + * > take an extremely large number of iterations to find the least fixed + * > point. This example illustrates the problem: * - * int count = 0; - * for (; p; p = p->next) { - * count = count+1; - * } + * > int count = 0; + * > for (; p; p = p->next) { + * > count = count+1; + * > } * - * The range of 'count' is initially (0,0), then (0,1) on the second - * iteration, (0,2) on the third iteration, and so on until we eventually - * reach maxInt. + * > The range of 'count' is initially (0,0), then (0,1) on the second + * > iteration, (0,2) on the third iteration, and so on until we eventually + * > reach maxInt. * - * This library uses a crude solution to the problem described above: if - * the upper (or lower) bound of an expression might depend recursively on - * itself then we round it up (down for lower bounds) to one of a fixed set - * of values, such as 0, 1, 2, 256, and +Inf. This limits the height of the - * lattice which ensures that the analysis will terminate in a reasonable - * amount of time. This solution is similar to the abstract interpretation - * technique known as 'widening', but it is less precise because we are - * unable to inspect the bounds from the previous iteration of the fixed - * point computation. For example, widening might be able to deduce that - * the lower bound is -11 but we would approximate it to -16. + * > This library uses a crude solution to the problem described above: if + * > the upper (or lower) bound of an expression might depend recursively on + * > itself then we round it up (down for lower bounds) to one of a fixed set + * > of values, such as 0, 1, 2, 256, and +Inf. This limits the height of the + * > lattice which ensures that the analysis will terminate in a reasonable + * > amount of time. This solution is similar to the abstract interpretation + * > technique known as 'widening', but it is less precise because we are + * > unable to inspect the bounds from the previous iteration of the fixed + * > point computation. For example, widening might be able to deduce that + * > the lower bound is -11 but we would approximate it to -16. * - * QL does not allow us to compute an aggregate over a recursive - * sub-expression, so we cannot compute the minimum lower bound and maximum - * upper bound during the recursive phase of the query. Instead, the - * recursive phase computes a set of lower bounds and a set of upper bounds - * for each expression. We compute the minimum lower bound and maximum - * upper bound after the recursion is finished. This is another reason why - * we need to limit the number of bounds per expression, because they will - * all be stored until the recursive phase is finished. + * > QL does not allow us to compute an aggregate over a recursive + * > sub-expression, so we cannot compute the minimum lower bound and maximum + * > upper bound during the recursive phase of the query. Instead, the + * > recursive phase computes a set of lower bounds and a set of upper bounds + * > for each expression. We compute the minimum lower bound and maximum + * > upper bound after the recursion is finished. This is another reason why + * > we need to limit the number of bounds per expression, because they will + * > all be stored until the recursive phase is finished. * - * The ranges are represented using a pair of floating point numbers. This - * is simpler than using integers because floating point numbers cannot - * overflow and wrap. It is also convenient because we can detect overflow - * and negative overflow by looking for bounds that are outside the range - * of the type. + * > The ranges are represented using a pair of floating point numbers. This + * > is simpler than using integers because floating point numbers cannot + * > overflow and wrap. It is also convenient because we can detect overflow + * > and negative overflow by looking for bounds that are outside the range + * > of the type. + * + * The differences between this library and the original are: + * - The `largeValue()` predicate, with a value of 1e15, used in place of + * `exprMaxVal()` and `exprMinVal()` in most places. + * - Support for range analysis extensions removed for simplicity. + * - Additional predicates have been added to check for non-zero values, and guards + * against values equalling zero. + * - Division by a constant value has been added as a supported operations. Division + * is always widened, as support for division introduces examples of significantly + * longer chains of dependent expressions than merely addition and multiplication. + * These long chains can introduce exponential growth in the number of candidate + * bounds, even without recursive binary operations, so widening is always applied. + * - Division operations where the range of the denominator includes zero (and its + * not guarded to be non-zero) and produce infinite upper and/or lower bounds. + * - Support for monotonically increasing and decreasing math functions has been + * added, including `log`, `exp`, `asin`, `atan`, `sinh`, and `sqrt`. If a math + * function increases or decreases monotonically, then the lower or upper bound of + * its input can be used to compute the lower or upper bound of the function call. + * Not all math functions increase or decrease monotonically. */ module RestrictedRangeAnalysis { import cpp diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/FloatingTypes2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/FloatingTypes2.qll index 7cdc6430a3..0dbc6cc22d 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/FloatingTypes2.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/FloatingTypes2.qll @@ -22,7 +22,7 @@ predicate isFloatingTypes2QueryMetadata(Query query, string queryId, string rule FloatingTypes2Package::possibleMisuseOfUndetectedNaNQuery() and queryId = // `@id` for the `possibleMisuseOfUndetectedNaN` query - "c/misra/possible-misuse-of-undetected-na-n" and + "c/misra/possible-misuse-of-undetected-nan" and ruleId = "DIR-4-15" and category = "required" } diff --git a/cpp/common/src/codingstandards/cpp/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.qll b/cpp/common/src/codingstandards/cpp/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.qll index ad93f70bd4..acc7888d2c 100644 --- a/cpp/common/src/codingstandards/cpp/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.qll +++ b/cpp/common/src/codingstandards/cpp/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.qll @@ -4,63 +4,14 @@ import cpp import codingstandards.cpp.CodingStandards +import codingstandards.cpp.FloatingPoint +import codingstandards.cpp.FloatingPoint::SimpleDomainError import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis abstract class UncheckedRangeDomainPoleErrorsSharedQuery extends Query { } Query getQuery() { result instanceof UncheckedRangeDomainPoleErrorsSharedQuery } -bindingset[name] -Function getMathVariants(string name) { result.hasGlobalOrStdName([name, name + "f", name + "l"]) } - -predicate hasDomainError(FunctionCall fc, string description) { - exists(Function functionWithDomainError | fc.getTarget() = functionWithDomainError | - functionWithDomainError = [getMathVariants(["acos", "asin", "atanh"])] and - not ( - upperBound(fc.getArgument(0)) <= 1.0 and - lowerBound(fc.getArgument(0)) >= -1.0 - ) and - description = - "the argument has a range " + lowerBound(fc.getArgument(0)) + "..." + - upperBound(fc.getArgument(0)) + " which is outside the domain of this function (-1.0...1.0)" - or - functionWithDomainError = getMathVariants(["atan2", "pow"]) and - ( - fc.getArgument(0).getValue().toFloat() = 0 and - fc.getArgument(1).getValue().toFloat() = 0 and - description = "both arguments are equal to zero" - ) - or - functionWithDomainError = getMathVariants("pow") and - ( - upperBound(fc.getArgument(0)) < 0.0 and - upperBound(fc.getArgument(1)) < 0.0 and - description = "both arguments are less than zero" - ) - or - functionWithDomainError = getMathVariants("acosh") and - upperBound(fc.getArgument(0)) < 1.0 and - description = "argument is less than 1" - or - //pole error is the same as domain for logb and tgamma (but not ilogb - no pole error exists) - functionWithDomainError = getMathVariants(["ilogb", "logb", "tgamma"]) and - fc.getArgument(0).getValue().toFloat() = 0 and - description = "argument is equal to zero" - or - functionWithDomainError = getMathVariants(["log", "log10", "log2", "sqrt"]) and - upperBound(fc.getArgument(0)) < 0.0 and - description = "argument is negative" - or - functionWithDomainError = getMathVariants("log1p") and - upperBound(fc.getArgument(0)) < -1.0 and - description = "argument is less than 1" - or - functionWithDomainError = getMathVariants("fmod") and - fc.getArgument(1).getValue().toFloat() = 0 and - description = "y is 0" - ) -} - predicate hasRangeError(FunctionCall fc, string description) { exists(Function functionWithRangeError | fc.getTarget() = functionWithRangeError | functionWithRangeError.hasGlobalOrStdName(["abs", "labs", "llabs", "imaxabs"]) and diff --git a/scripts/generate_rules/coding_standards_utils.py b/scripts/generate_rules/coding_standards_utils.py index 6f96460ef7..b0bcd48443 100644 --- a/scripts/generate_rules/coding_standards_utils.py +++ b/scripts/generate_rules/coding_standards_utils.py @@ -19,8 +19,10 @@ def split_camel_case(short_name : str) -> List[str]: """Split a camel case string to a list.""" + # Edge case, turn FooNaNBar into foo-nan-bar instead of foo-na-n-bar by a preprocessing step. + nan_fixed = short_name.replace("NaN", "Nan") matches = re.finditer( - ".+?(?:(?<=[a-z])(?=[A-Z])|(?<=[A-Z])(?=[A-Z][a-z])|$)", short_name) + ".+?(?:(?<=[a-z])(?=[A-Z])|(?<=[A-Z])(?=[A-Z][a-z])|$)", nan_fixed) return [m.group(0) for m in matches] From d10783cccb68348dbb43910ed6647867aa9bfdaf Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 20 Mar 2025 17:24:44 -0700 Subject: [PATCH 2469/2573] Format FloatingPoint.qll --- cpp/common/src/codingstandards/cpp/FloatingPoint.qll | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/FloatingPoint.qll b/cpp/common/src/codingstandards/cpp/FloatingPoint.qll index f141214c82..f5ff2fefca 100644 --- a/cpp/common/src/codingstandards/cpp/FloatingPoint.qll +++ b/cpp/common/src/codingstandards/cpp/FloatingPoint.qll @@ -348,9 +348,7 @@ signature float lowerBoundPredicate(Expr e); signature predicate exprMayEqualZeroPredicate(Expr e); -predicate exprMayEqualZeroNaive(Expr e) { - e.getValue().toFloat() = 0 -} +predicate exprMayEqualZeroNaive(Expr e) { e.getValue().toFloat() = 0 } /** * Get the math function name variants for the given name, e.g., "acos" has variants "acos", @@ -358,7 +356,9 @@ predicate exprMayEqualZeroNaive(Expr e) { */ Function getMathVariants(string name) { result.hasGlobalOrStdName([name, name + "f", name + "l"]) } -module DomainError { +module DomainError< + upperBoundPredicate/1 ub, lowerBoundPredicate/1 lb, exprMayEqualZeroPredicate/1 mayEqualZero> +{ predicate hasDomainError(FunctionCall fc, string description) { exists(Function functionWithDomainError | fc.getTarget() = functionWithDomainError | functionWithDomainError = [getMathVariants(["acos", "asin", "atanh"])] and From 2265ed48d7b8739a4061e12ac601c5d2277e7ef9 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 21 Mar 2025 00:50:52 -0700 Subject: [PATCH 2470/2573] Address feedback --- c/common/src/codingstandards/c/Generic.qll | 2 +- ...ricSelectionDoesntDependOnMacroArgument.ql | 9 ++-- .../GenericSelectionNotExpandedFromAMacro.ql | 4 +- ...ricSelectionNotFromMacroWithSideEffects.ql | 1 + .../GenericWithoutNonDefaultAssociation.ql | 2 +- ...ectionDoesntDependOnMacroArgument.expected | 6 +-- ...ricSelectionNotExpandedFromAMacro.expected | 2 +- .../codingstandards/cpp/types/Compatible.qll | 51 +------------------ .../cpp/types/SimpleAssignment.qll | 6 +++ 9 files changed, 21 insertions(+), 62 deletions(-) diff --git a/c/common/src/codingstandards/c/Generic.qll b/c/common/src/codingstandards/c/Generic.qll index 784c16778e..1281be5f71 100644 --- a/c/common/src/codingstandards/c/Generic.qll +++ b/c/common/src/codingstandards/c/Generic.qll @@ -115,7 +115,7 @@ class ParsedGenericMacro extends Macro { ) } - string getControllingExprString() { result = getSelectionString(1) } + string getControllingExprString() { result = getSelectionString(1).trim() } bindingset[str, word] private int countWordInString(string word, string str) { diff --git a/c/misra/src/rules/RULE-23-1/GenericSelectionDoesntDependOnMacroArgument.ql b/c/misra/src/rules/RULE-23-1/GenericSelectionDoesntDependOnMacroArgument.ql index 0dc0e5273a..1a76339f50 100644 --- a/c/misra/src/rules/RULE-23-1/GenericSelectionDoesntDependOnMacroArgument.ql +++ b/c/misra/src/rules/RULE-23-1/GenericSelectionDoesntDependOnMacroArgument.ql @@ -19,8 +19,9 @@ import codingstandards.c.Generic from ParsedGenericMacro macro, string ctrlExpr where not isExcluded(macro, GenericsPackage::genericSelectionDoesntDependOnMacroArgumentQuery()) and - ctrlExpr = macro.getControllingExprString().trim() and - not macro.expansionsInsideControllingExpr(_) > 0 + ctrlExpr = macro.getControllingExprString() and + // No parameter exists that is expanded in the controlling expression one or more times + not exists(string parameter | macro.expansionsInsideControllingExpr(parameter) > 0) select macro, - "Generic macro " + macro.getName() + " uses controlling expr " + ctrlExpr + - ", which doesn't match any macro parameter." + "Generic macro " + macro.getName() + " doesn't refer to a macro parameter in controlling expr '" + + ctrlExpr + "'." diff --git a/c/misra/src/rules/RULE-23-1/GenericSelectionNotExpandedFromAMacro.ql b/c/misra/src/rules/RULE-23-1/GenericSelectionNotExpandedFromAMacro.ql index 540804ffc4..603c44e8e1 100644 --- a/c/misra/src/rules/RULE-23-1/GenericSelectionNotExpandedFromAMacro.ql +++ b/c/misra/src/rules/RULE-23-1/GenericSelectionNotExpandedFromAMacro.ql @@ -19,5 +19,5 @@ where not isExcluded(generic, GenericsPackage::genericSelectionNotExpandedFromAMacroQuery()) and ctrlExpr = generic.getControllingExpr() and not exists(MacroInvocation mi | mi.getAGeneratedElement() = generic.getExpr()) -select generic, "Generic expression with controlling expression $@ is not expanded froma macro", - ctrlExpr, ctrlExpr.toString() +select generic, "$@ in generic expression does not expand a macro parameter.", ctrlExpr, + "Controlling expression" diff --git a/c/misra/src/rules/RULE-23-2/GenericSelectionNotFromMacroWithSideEffects.ql b/c/misra/src/rules/RULE-23-2/GenericSelectionNotFromMacroWithSideEffects.ql index 4b1a2d26c3..d7fcb13d76 100644 --- a/c/misra/src/rules/RULE-23-2/GenericSelectionNotFromMacroWithSideEffects.ql +++ b/c/misra/src/rules/RULE-23-2/GenericSelectionNotFromMacroWithSideEffects.ql @@ -72,6 +72,7 @@ module GenericSideEffectReportConfig implements MacroReportConfigSig Date: Mon, 24 Mar 2025 18:30:08 +0000 Subject: [PATCH 2471/2573] Bump version to 2.44.0-dev --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- docs/user_manual.md | 12 ++++++------ 16 files changed, 21 insertions(+), 21 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index 8498e9447d..631639301e 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards -version: 2.43.0-dev +version: 2.44.0-dev description: CERT C 2016 suites: codeql-suites license: MIT diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index 2b44a05fdf..6eaaba1e91 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards-tests -version: 2.43.0-dev +version: 2.44.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 685a3a0144..4c21dc9b18 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards -version: 2.43.0-dev +version: 2.44.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index 8f8486949b..1dbb59b4fd 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards-tests -version: 2.43.0-dev +version: 2.44.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 5b8b1fc0b2..54cda2c1cc 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards -version: 2.43.0-dev +version: 2.44.0-dev description: MISRA C 2012 suites: codeql-suites license: MIT diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index aa5c5d86ae..9148e26b59 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards-tests -version: 2.43.0-dev +version: 2.44.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index 1116e9534d..6d31398b2c 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards -version: 2.43.0-dev +version: 2.44.0-dev description: AUTOSAR C++14 Guidelines R22-11, R21-11, R20-11, R19-11 and R19-03 suites: codeql-suites license: MIT diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index d540b01a32..ff7621c9d1 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards-tests -version: 2.43.0-dev +version: 2.44.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index 89b5196f23..f44646cdbe 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards -version: 2.43.0-dev +version: 2.44.0-dev description: CERT C++ 2016 suites: codeql-suites license: MIT diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index ceedca4647..c6d57b0d33 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards-tests -version: 2.43.0-dev +version: 2.44.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index ce7e896ced..302955fc78 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards -version: 2.43.0-dev +version: 2.44.0-dev license: MIT dependencies: codeql/cpp-all: 2.1.1 diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index e2201b887e..1f0b830de8 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards-tests -version: 2.43.0-dev +version: 2.44.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index 7c104631d1..27e0893ed6 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards -version: 2.43.0-dev +version: 2.44.0-dev description: MISRA C++ 2023 default-suite: codeql-suites/misra-cpp-default.qls license: MIT diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index 08bdda24eb..cdf6cbcdea 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards-tests -version: 2.43.0-dev +version: 2.44.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index 73a6e189a3..83188c2748 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/report-cpp-coding-standards -version: 2.43.0-dev +version: 2.44.0-dev license: MIT dependencies: codeql/cpp-all: 2.1.1 diff --git a/docs/user_manual.md b/docs/user_manual.md index a771aa1cc6..1e14744f80 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -35,14 +35,14 @@ ## Release information -This user manual documents release `2.43.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). +This user manual documents release `2.44.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). The release page documents the release notes and contains the following artifacts part of the release: - `coding-standards-codeql-packs-2.37.0-dev.zip`: CodeQL packs that can be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `code-scanning-cpp-query-pack-2.43.0-dev.zip`: Legacy packaging for the queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `supported_rules_list_2.43.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. -- `supported_rules_list_2.43.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. -- `user_manual_2.43.0-dev.md`: This user manual. +- `code-scanning-cpp-query-pack-2.44.0-dev.zip`: Legacy packaging for the queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. +- `supported_rules_list_2.44.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. +- `supported_rules_list_2.44.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. +- `user_manual_2.44.0-dev.md`: This user manual. - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards - `checksums.txt`: A text file containing sha256 checksums for the aforementioned artifacts. @@ -667,7 +667,7 @@ This section describes known failure modes for "CodeQL Coding Standards" and des | | Out of space | Less output. Some files may be only be partially analyzed, or not analyzed at all. | Error reported on the command line. | Increase space. If it remains an issue report space consumption issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False positives | More output. Results are reported which are not violations of the guidelines. | All reported results must be reviewed. | Report false positive issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False negatives | Less output. Violations of the guidelines are not reported. | Other validation and verification processes during software development should be used to complement the analysis performed by CodeQL Coding Standards. | Report false negative issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | -| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.43.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | +| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.44.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | | | Incorrect deviation record specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation records with a reason. Ensure that all deviation records are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Incorrect deviation permit specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation permits with a reason. Ensure that all deviation permits are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Unapproved use of a deviation record | Less output. Results for guideline violations are not reported. | Validate that the deviation record use is approved by verifying the approved-by attribute of the deviation record specification. | Ensure that each raised deviation record is approved by an independent approver through an auditable process. | From 642c7373d271bcb46daec0b6baf16d7278df5857 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Tue, 25 Mar 2025 00:28:00 -0700 Subject: [PATCH 2472/2573] Handle bit fields --- ...gMathArgumentsWithDifferingStandardType.ql | 37 ++++++++++++------- 1 file changed, 23 insertions(+), 14 deletions(-) diff --git a/c/misra/src/rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.ql b/c/misra/src/rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.ql index 5156d81cef..5267ff98f9 100644 --- a/c/misra/src/rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.ql +++ b/c/misra/src/rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.ql @@ -16,12 +16,6 @@ import cpp import codingstandards.c.misra import codingstandards.c.TgMath -Expr getFullyExplicitlyConverted(Expr e) { - if e.hasExplicitConversion() - then result = getFullyExplicitlyConverted(e.getExplicitlyConverted()) - else result = e -} - string argTypesString(TgMathInvocation call, int i) { exists(string typeStr | typeStr = getEffectiveStandardType(call.getOperandArgument(i)).toString() and @@ -33,12 +27,28 @@ string argTypesString(TgMathInvocation call, int i) { ) } -predicate promotes(Type type) { type.(IntegralType).getSize() < any(IntType t).getSize() } - -Type integerPromote(Type type) { - promotes(type) and result.(IntType).isSigned() - or - not promotes(type) and result = type +/** + * If the range of values can be represented as a signed int, it is promoted to signed int. + * + * A value may also promote to unsigned int but only if `int` cannot represent the range of + * values. Which basically means only an `unsigned int` promotes to `unsigned int`, so we don't + * need to do anything in this case. + * + * An unsigned int bitfield with fewer than 32 bits is promoted to `int`. + */ +predicate promotesToSignedInt(Expr e) { + exists(int intBits, int intBytes | + intBytes = any(IntType t).getSize() and + intBits = intBytes * 8 and + ( + e.(FieldAccess).getTarget().(BitField).getNumBits() < intBits + or + e.getUnderlyingType().(IntegralType).getSize() < intBytes + ) + ) +} +Type getPromotedType(Expr e) { + if promotesToSignedInt(e) then result.(IntType).isSigned() else result = e.getUnderlyingType() } Type canonicalize(Type type) { @@ -48,8 +58,7 @@ Type canonicalize(Type type) { } Type getEffectiveStandardType(Expr e) { - result = - canonicalize(integerPromote(getFullyExplicitlyConverted(e).getType().stripTopLevelSpecifiers())) + result = canonicalize(getPromotedType(e.getExplicitlyConverted())) } from TgMathInvocation call, Type firstType From 952253de73853bb7a291672a7909698d81f76817 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Tue, 25 Mar 2025 00:30:09 -0700 Subject: [PATCH 2473/2573] Format SimpleAssignment.qll --- cpp/common/src/codingstandards/cpp/types/SimpleAssignment.qll | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/types/SimpleAssignment.qll b/cpp/common/src/codingstandards/cpp/types/SimpleAssignment.qll index a38939c9ea..4f7a85c80a 100644 --- a/cpp/common/src/codingstandards/cpp/types/SimpleAssignment.qll +++ b/cpp/common/src/codingstandards/cpp/types/SimpleAssignment.qll @@ -1,9 +1,10 @@ /** * Helper predicates related to C11/C17 constraints on simple assignment between two types. - * + * * Currently only a subset of the constraints are implemented, specifically those * related to pointer types. */ + import codingstandards.cpp.types.LvalueConversion import codingstandards.cpp.types.Compatible From f268604d7d3920dad7c3546c60d56e90152ef6f5 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Tue, 25 Mar 2025 00:31:41 -0700 Subject: [PATCH 2474/2573] Update regex --- c/common/src/codingstandards/c/Generic.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/common/src/codingstandards/c/Generic.qll b/c/common/src/codingstandards/c/Generic.qll index 1281be5f71..19d5aad443 100644 --- a/c/common/src/codingstandards/c/Generic.qll +++ b/c/common/src/codingstandards/c/Generic.qll @@ -2,7 +2,7 @@ import cpp import codingstandards.cpp.Macro import codingstandards.cpp.MatchingParenthesis -string genericRegexp() { result = ".*_Generic\\s*\\(\\s*(.+),.*" } +string genericRegexp() { result = "\\b_Generic\\s*\\(\\s*(.+),.*" } bindingset[input] string deparenthesize(string input) { From 94bad29caacbeb653fe3adc34ea62d2008a316b4 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Tue, 25 Mar 2025 00:32:46 -0700 Subject: [PATCH 2475/2573] Format --- .../RULE-21-23/TgMathArgumentsWithDifferingStandardType.ql | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/c/misra/src/rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.ql b/c/misra/src/rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.ql index 5267ff98f9..81209c8565 100644 --- a/c/misra/src/rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.ql +++ b/c/misra/src/rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.ql @@ -29,11 +29,11 @@ string argTypesString(TgMathInvocation call, int i) { /** * If the range of values can be represented as a signed int, it is promoted to signed int. - * + * * A value may also promote to unsigned int but only if `int` cannot represent the range of * values. Which basically means only an `unsigned int` promotes to `unsigned int`, so we don't * need to do anything in this case. - * + * * An unsigned int bitfield with fewer than 32 bits is promoted to `int`. */ predicate promotesToSignedInt(Expr e) { @@ -47,6 +47,7 @@ predicate promotesToSignedInt(Expr e) { ) ) } + Type getPromotedType(Expr e) { if promotesToSignedInt(e) then result.(IntType).isSigned() else result = e.getUnderlyingType() } From 6245f7210e709e205b21e092e2cd907689cdd638 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Tue, 25 Mar 2025 00:34:09 -0700 Subject: [PATCH 2476/2573] Format --- cpp/common/src/codingstandards/cpp/types/Compatible.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/types/Compatible.qll b/cpp/common/src/codingstandards/cpp/types/Compatible.qll index fb8bf46aad..d6f65126e8 100644 --- a/cpp/common/src/codingstandards/cpp/types/Compatible.qll +++ b/cpp/common/src/codingstandards/cpp/types/Compatible.qll @@ -369,4 +369,4 @@ private class FunctionType extends Type { result = this.(RoutineType).getParameterType(i) or result = this.(FunctionPointerIshType).getParameterType(i) } -} \ No newline at end of file +} From 2045a44bd4aef7968ddc589004ee3d3ccd6d2bc7 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 26 Mar 2025 11:43:00 +0000 Subject: [PATCH 2477/2573] Restore deleted deviations suppression query --- .../deviations/DeviationsSuppression.qhelp | 12 ++ .../cpp/deviations/DeviationsSuppression.ql | 120 ++++++++++++++++++ .../DeviationsSuppression.expected | 7 + .../DeviationsSuppression.qlref | 1 + 4 files changed, 140 insertions(+) create mode 100644 cpp/common/src/codingstandards/cpp/deviations/DeviationsSuppression.qhelp create mode 100644 cpp/common/src/codingstandards/cpp/deviations/DeviationsSuppression.ql create mode 100644 cpp/common/test/deviations/deviations_report_deviated/DeviationsSuppression.expected create mode 100644 cpp/common/test/deviations/deviations_report_deviated/DeviationsSuppression.qlref diff --git a/cpp/common/src/codingstandards/cpp/deviations/DeviationsSuppression.qhelp b/cpp/common/src/codingstandards/cpp/deviations/DeviationsSuppression.qhelp new file mode 100644 index 0000000000..0bf3a3a71b --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/deviations/DeviationsSuppression.qhelp @@ -0,0 +1,12 @@ + + + +

This query generates suppression information for rules that have an associated deviation record.

+ + +
  • + MISRA Compliance 2020 document: + Chapter 4.2 (page 12) - Deviations. +
    • +     +     \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/deviations/DeviationsSuppression.ql b/cpp/common/src/codingstandards/cpp/deviations/DeviationsSuppression.ql new file mode 100644 index 0000000000..9035b7d288 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/deviations/DeviationsSuppression.ql @@ -0,0 +1,120 @@ +/** + * @name Deviation suppression + * @description Generates information about files and locations where certain alerts should be considered suppressed by deviations. + * @kind alert-suppression + * @id cpp/coding-standards/deviation-suppression + */ + +import cpp +import Deviations + +/** Holds if `lineNumber` is an indexed line number in file `f`. */ +private predicate isLineNumber(File f, int lineNumber) { + exists(Location l | l.getFile() = f | + l.getStartLine() = lineNumber + or + l.getEndLine() = lineNumber + ) +} + +/** Gets the last line number in `f`. */ +private int getLastLineNumber(File f) { result = max(int lineNumber | isLineNumber(f, lineNumber)) } + +/** Gets the last column number on the last line of `f`. */ +int getLastColumnNumber(File f) { + result = + max(Location l | + l.getFile() = f and + l.getEndLine() = getLastLineNumber(f) + | + l.getEndColumn() + ) +} + +newtype TDeviationScope = + TDeviationRecordFileScope(DeviationRecord dr, File file) { + exists(string deviationPath | + dr.isDeviated(_, deviationPath) and + file.getRelativePath().prefix(deviationPath.length()) = deviationPath + ) + } or + TDeviationRecordCommentScope(DeviationRecord dr, Comment c) { c = dr.getACodeIdentifierComment() } + +/** A deviation scope. */ +class DeviationScope extends TDeviationScope { + /** Gets the location at which this deviation was defined. */ + abstract Locatable getDeviationDefinitionLocation(); + + /** Gets the Query being deviated. */ + abstract Query getQuery(); + + abstract string toString(); + + abstract predicate hasLocationInfo( + string filepath, int startline, int startcolumn, int endline, int endcolumn + ); +} + +/** A deviation scope derived from a "path" entry in a `DeviationRecord`. */ +class DeviationRecordFileScope extends DeviationScope, TDeviationRecordFileScope { + private DeviationRecord getDeviationRecord() { this = TDeviationRecordFileScope(result, _) } + + override Locatable getDeviationDefinitionLocation() { result = getDeviationRecord() } + + private File getFile() { this = TDeviationRecordFileScope(_, result) } + + override Query getQuery() { result = getDeviationRecord().getQuery() } + + override predicate hasLocationInfo( + string filepath, int startline, int startcolumn, int endline, int endcolumn + ) { + // In an ideal world, we would produce a URL here that informed the AlertSuppression code that + // the whole file was suppressed. However, experimentation suggestions the alert suppression + // code only works with locations with lines and columns, so we generate a location that covers + // the whole "indexed" file, by finding the location indexed in the database with the latest + // line and column number. + exists(File f | f = getFile() | + f.getLocation().hasLocationInfo(filepath, _, _, _, _) and + startline = 1 and + startcolumn = 1 and + endline = getLastLineNumber(f) and + endcolumn = getLastColumnNumber(f) + ) + } + + override string toString() { + result = "Deviation of " + getDeviationRecord().getQuery() + " for " + getFile() + "." + } +} + +/** + * A deviation scope derived from a comment corresponding to a "code-identifier" entry for a + * `DeviationRecord`. + */ +class DeviationRecordCommentScope extends DeviationScope, TDeviationRecordCommentScope { + private DeviationRecord getDeviationRecord() { this = TDeviationRecordCommentScope(result, _) } + + private Comment getComment() { this = TDeviationRecordCommentScope(_, result) } + + override Locatable getDeviationDefinitionLocation() { result = getDeviationRecord() } + + override Query getQuery() { result = getDeviationRecord().getQuery() } + + override predicate hasLocationInfo( + string filepath, int startline, int startcolumn, int endline, int endcolumn + ) { + getComment().getLocation().hasLocationInfo(filepath, startline, _, endline, endcolumn) and + startcolumn = 1 + } + + override string toString() { + result = + "Deviation of " + getDeviationRecord().getQuery() + " for comment " + getComment() + "." + } +} + +from DeviationScope deviationScope +select deviationScope.getDeviationDefinitionLocation(), // suppression comment + "// lgtm[" + deviationScope.getQuery().getQueryId() + "]", // text of suppression comment (excluding delimiters) + "lgtm[" + deviationScope.getQuery().getQueryId() + "]", // text of suppression annotation + deviationScope // scope of suppression diff --git a/cpp/common/test/deviations/deviations_report_deviated/DeviationsSuppression.expected b/cpp/common/test/deviations/deviations_report_deviated/DeviationsSuppression.expected new file mode 100644 index 0000000000..50ceb35b9d --- /dev/null +++ b/cpp/common/test/deviations/deviations_report_deviated/DeviationsSuppression.expected @@ -0,0 +1,7 @@ +| file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/type-long-double-used] | lgtm[cpp/autosar/type-long-double-used] | main.cpp:12:1:12:58 | Deviation of cpp/autosar/type-long-double-used for comment // a-0-4-2-deviation COMPLIANT[DEVIATED]. | +| file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/unused-return-value] | lgtm[cpp/autosar/unused-return-value] | nested/nested2/test2.h:1:1:6:1 | Deviation of cpp/autosar/unused-return-value for nested/nested2/test2.h. | +| file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/useless-assignment] | lgtm[cpp/autosar/useless-assignment] | coding-standards.xml:1:1:17:19 | Deviation of cpp/autosar/useless-assignment for coding-standards.xml. | +| file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/useless-assignment] | lgtm[cpp/autosar/useless-assignment] | main.cpp:1:1:14:1 | Deviation of cpp/autosar/useless-assignment for main.cpp. | +| file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/useless-assignment] | lgtm[cpp/autosar/useless-assignment] | nested/coding-standards.xml:1:1:13:19 | Deviation of cpp/autosar/useless-assignment for nested/coding-standards.xml. | +| file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/useless-assignment] | lgtm[cpp/autosar/useless-assignment] | nested/nested2/test2.h:1:1:6:1 | Deviation of cpp/autosar/useless-assignment for nested/nested2/test2.h. | +| file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/useless-assignment] | lgtm[cpp/autosar/useless-assignment] | nested/test.h:1:1:6:1 | Deviation of cpp/autosar/useless-assignment for nested/test.h. | diff --git a/cpp/common/test/deviations/deviations_report_deviated/DeviationsSuppression.qlref b/cpp/common/test/deviations/deviations_report_deviated/DeviationsSuppression.qlref new file mode 100644 index 0000000000..6268ee7342 --- /dev/null +++ b/cpp/common/test/deviations/deviations_report_deviated/DeviationsSuppression.qlref @@ -0,0 +1 @@ +codingstandards/cpp/deviations/DeviationsSuppression.ql \ No newline at end of file From 1e4011f73443b8b080385dcea3a3abce7f2b7858 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 26 Mar 2025 11:46:30 +0000 Subject: [PATCH 2478/2573] Add change note. --- change_notes/2025-03-26-deviations-suppression.md | 1 + 1 file changed, 1 insertion(+) create mode 100644 change_notes/2025-03-26-deviations-suppression.md diff --git a/change_notes/2025-03-26-deviations-suppression.md b/change_notes/2025-03-26-deviations-suppression.md new file mode 100644 index 0000000000..5dcb5e8dba --- /dev/null +++ b/change_notes/2025-03-26-deviations-suppression.md @@ -0,0 +1 @@ + - The `DeviationsSuppression.ql` query has been restored after being incorrectly deleted in a previous release. \ No newline at end of file From 6b9dc41a53e8840cd0c8aaa07dfe6b0cb9600d08 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Wed, 26 Mar 2025 23:40:27 -0700 Subject: [PATCH 2479/2573] Feedback --- change_notes/2025-03-11-various-misra-amendments.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/change_notes/2025-03-11-various-misra-amendments.md b/change_notes/2025-03-11-various-misra-amendments.md index 99acdcc63a..19783fe803 100644 --- a/change_notes/2025-03-11-various-misra-amendments.md +++ b/change_notes/2025-03-11-various-misra-amendments.md @@ -5,4 +5,5 @@ - `RULE-18-6` - `ThreadLocalObjectAddressCopiedToGlobalObject.ql`: - New query added to detect thread local objects assigned to static storage duration objects. - `RULE-21-12` - `ExceptionHandlingFeaturesOfFenvhUsed.ql`: - - Added reports for `#include`ing "fenv.h", and for using `fesetenv`, `feupdatenv`, and `fesetround`. \ No newline at end of file + - Added reports for `#include`ing "fenv.h", and for using `fesetenv`, `feupdatenv`, and `fesetround`. + - Report message altered to handle new cases. \ No newline at end of file From dae8162b31cc8914a8662513854b1370492e8a0c Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 27 Mar 2025 00:48:07 -0700 Subject: [PATCH 2480/2573] Address feedback --- c/common/src/codingstandards/c/SubObjects.qll | 35 ++++++++++++++ .../GlobalInitializationAnalysis.qll | 4 +- .../DIR-5-1/PossibleDataRaceBetweenThreads.ql | 40 +++++++++------- .../InvalidOperationOnUnlockedMutex.ql | 2 +- ...NonRecursiveMutexRecursivelyLockedAudit.ql | 4 +- ...onditionVariableUsedWithMultipleMutexes.ql | 2 +- .../ThreadStorageNotInitializedBeforeUse.ql | 2 +- .../PossibleDataRaceBetweenThreads.expected | 48 +++++++++---------- c/misra/test/rules/RULE-22-14/test.c | 12 +++++ .../InvalidOperationOnUnlockedMutex.expected | 32 ++++++------- ...ursiveMutexRecursivelyLockedAudit.expected | 12 ++--- ...onVariableUsedWithMultipleMutexes.expected | 4 +- ...eadStorageNotInitializedBeforeUse.expected | 10 ++-- .../cpp/concurrency/LockingOperation.qll | 23 ++++----- rule_packages/c/Concurrency9.json | 2 +- 15 files changed, 140 insertions(+), 92 deletions(-) diff --git a/c/common/src/codingstandards/c/SubObjects.qll b/c/common/src/codingstandards/c/SubObjects.qll index 282b0fb5eb..66f15cd18c 100644 --- a/c/common/src/codingstandards/c/SubObjects.qll +++ b/c/common/src/codingstandards/c/SubObjects.qll @@ -1,3 +1,31 @@ +/** + * A library that expands upon the `Objects.qll` library, to support nested "Objects" such as + * `x.y.z` or `x[i][j]` within an object `x`. + * + * Objects in C are values in memory, that have a type and a storage duration. In the case of + * array objects and struct objects, the object will contain other objects. The these subobjects + * will share properties of the root object such as storage duration. This library can be used to, + * for instance, find all usages of a struct member to ensure that member is initialized before it + * is used. + * + * To use this library, select `SubObject` and find its usages in the AST via `getAnAccess()` (to + * find usages of the subobject by value) or `getAnAddressOfExpr()` (to find usages of the object + * by address). + * + * Note that a struct or array object may contain a pointer. In this case, the pointer itself is + * a subobject of the struct or array object, but the object that the pointer points to is not. + * This is because the pointed-to object does not necessarily have the same storage duration, + * lifetime, or linkage as the pointer and the object containing the pointer. + * + * Note as well that `getAnAccess()` on an array subobject will return all accesses to the array, + * not just accesses to a particular index. For this reason, `SubObject` exposes the predicate + * `isPrecise()`. If a subobject is precise, that means all results of `getAnAccess()` will + * definitely refer to the same object in memory. If it is not precise, the different accesses + * may refer to the same or different objects in memory. For instance, `x[i].y` and `x[j].y` are + * the same object if `i` and `j` are the same, but they are different objects if `i` and `j` are + * different. + */ + import codingstandards.c.Objects newtype TSubObject = @@ -70,6 +98,8 @@ class SubObject extends TSubObject { exists(MemberVariable m | this = TObjectMember(_, m) and result = m.getAnAccess() and + // Only consider `DotFieldAccess`es, not `PointerFieldAccess`es, as the latter + // are not subobjects of the root object: result.(DotFieldAccess).getQualifier() = getParent().getAnAccess() ) or @@ -79,6 +109,11 @@ class SubObject extends TSubObject { AddressOfExpr getAnAddressOfExpr() { result.getOperand() = this.getAnAccess() } + /** + * Get the "root" object identity to which this subobject belongs. For instance, in the + * expression `x.y.z`, the root object is `x`. This subobject will share properties with the root + * object such as storage duration, lifetime, and linkage. + */ ObjectIdentity getRootIdentity() { exists(ObjectIdentity i | this = TObjectRoot(i) and diff --git a/c/common/src/codingstandards/c/initialization/GlobalInitializationAnalysis.qll b/c/common/src/codingstandards/c/initialization/GlobalInitializationAnalysis.qll index 90d0a4630a..2906883ae9 100644 --- a/c/common/src/codingstandards/c/initialization/GlobalInitializationAnalysis.qll +++ b/c/common/src/codingstandards/c/initialization/GlobalInitializationAnalysis.qll @@ -7,7 +7,9 @@ signature module GlobalInitializationAnalysisConfigSig { /** A function which is not called or started as a thread */ default predicate isRootFunction(Function f) { not exists(Function f2 | f2.calls(f)) and - not f instanceof ThreadedFunction + not f instanceof ThreadedFunction and + // Exclude functions which are used as function pointers. + not exists(FunctionAccess access | f = access.getTarget()) } ObjectIdentity getAnInitializedObject(Expr e); diff --git a/c/misra/src/rules/DIR-5-1/PossibleDataRaceBetweenThreads.ql b/c/misra/src/rules/DIR-5-1/PossibleDataRaceBetweenThreads.ql index 443dc284fd..edf3705a9b 100644 --- a/c/misra/src/rules/DIR-5-1/PossibleDataRaceBetweenThreads.ql +++ b/c/misra/src/rules/DIR-5-1/PossibleDataRaceBetweenThreads.ql @@ -47,7 +47,7 @@ class NonReentrantOperation extends TNonReentrantOperation { ) } - Expr getARead() { + Expr getAReadExpr() { exists(SubObject object | this = TReadWrite(object) and result = object.getAnAccess() @@ -56,7 +56,7 @@ class NonReentrantOperation extends TNonReentrantOperation { this = TStdFunctionCall(result) } - Expr getAWrite() { + Expr getAWriteExpr() { exists(SubObject object, Assignment assignment | this = TReadWrite(object) and result = assignment and @@ -94,16 +94,20 @@ class NonReentrantOperation extends TNonReentrantOperation { class WritingThread extends ThreadedFunction { NonReentrantOperation aWriteObject; - Expr aWrite; + Expr aWriteExpr; WritingThread() { - aWrite = aWriteObject.getAWrite() and - this.calls*(aWrite.getEnclosingFunction()) and - not aWrite instanceof LockProtectedControlFlowNode and - not aWrite.getEnclosingFunction().getName().matches(["%init%", "%boot%", "%start%"]) + aWriteExpr = aWriteObject.getAWriteExpr() and + // This function directly contains the write expression, or transitively calls the function + // that contains the write expression. + this.calls*(aWriteExpr.getEnclosingFunction()) and + // The write isn't synchronized with a mutex or condition object. + not aWriteExpr instanceof LockProtectedControlFlowNode and + // The write doesn't seem to be during a special initialization phase of the program. + not aWriteExpr.getEnclosingFunction().getName().matches(["%init%", "%boot%", "%start%"]) } - Expr getAWrite() { result = aWrite } + Expr getAWriteExpr() { result = aWriteExpr } } class ReadingThread extends ThreadedFunction { @@ -111,22 +115,22 @@ class ReadingThread extends ThreadedFunction { ReadingThread() { exists(NonReentrantOperation op | - aReadExpr = op.getARead() and + aReadExpr = op.getAReadExpr() and this.calls*(aReadExpr.getEnclosingFunction()) and not aReadExpr instanceof LockProtectedControlFlowNode ) } - Expr getARead() { result = aReadExpr } + Expr getAReadExpr() { result = aReadExpr } } predicate mayBeDataRace(Expr write, Expr read, NonReentrantOperation operation) { exists(WritingThread wt | - wt.getAWrite() = write and - write = operation.getAWrite() and + wt.getAWriteExpr() = write and + write = operation.getAWriteExpr() and exists(ReadingThread rt | - read = rt.getARead() and - read = operation.getARead() and + read = rt.getAReadExpr() and + read = operation.getAReadExpr() and ( wt.isMultiplySpawned() or not wt = rt @@ -141,18 +145,18 @@ from where not isExcluded(write, Concurrency9Package::possibleDataRaceBetweenThreadsQuery()) and mayBeDataRace(write, read, operation) and - wt = min(WritingThread f | f.getAWrite() = write | f order by f.getName()) and - rt = min(ReadingThread f | f.getARead() = read | f order by f.getName()) and + wt = min(WritingThread f | f.getAWriteExpr() = write | f order by f.getName()) and + rt = min(ReadingThread f | f.getAReadExpr() = read | f order by f.getName()) and writeString = operation.getWriteString() and readString = operation.getReadString() and if wt.isMultiplySpawned() then message = "Threaded " + writeString + - " $@ not synchronized, for example from thread function $@ spawned from a loop." + " $@ not synchronized from thread function $@ spawned from a loop." else message = "Threaded " + writeString + - " $@, for example from thread function $@, not synchronized with $@, for example from thread function $@." + " $@ from thread function $@ is not synchronized with $@ from thread function $@." select write, message, operation.getSourceElement(), operation.toString(), wt, wt.getName(), read, "concurrent " + readString, rt, rt.getName() diff --git a/c/misra/src/rules/RULE-22-17/InvalidOperationOnUnlockedMutex.ql b/c/misra/src/rules/RULE-22-17/InvalidOperationOnUnlockedMutex.ql index 7c0b86f145..252b4a7d9f 100644 --- a/c/misra/src/rules/RULE-22-17/InvalidOperationOnUnlockedMutex.ql +++ b/c/misra/src/rules/RULE-22-17/InvalidOperationOnUnlockedMutex.ql @@ -64,5 +64,5 @@ where not isExcluded(operation, Concurrency9Package::invalidOperationOnUnlockedMutexQuery()) and mutex = operation.getMutex() and not DominatingSet::isDominatedByBehavior(operation) -select operation, "Invalid operation on mutex '$@' not locked by the current thread", +select operation, "Invalid operation on mutex '$@' not locked by the current thread.", mutex.getRootIdentity(), mutex.toString() diff --git a/c/misra/src/rules/RULE-22-18/NonRecursiveMutexRecursivelyLockedAudit.ql b/c/misra/src/rules/RULE-22-18/NonRecursiveMutexRecursivelyLockedAudit.ql index 4b70a21527..d242f75f57 100644 --- a/c/misra/src/rules/RULE-22-18/NonRecursiveMutexRecursivelyLockedAudit.ql +++ b/c/misra/src/rules/RULE-22-18/NonRecursiveMutexRecursivelyLockedAudit.ql @@ -2,7 +2,7 @@ * @id c/misra/non-recursive-mutex-recursively-locked-audit * @name RULE-22-18: (Audit) Non-recursive mutexes shall not be recursively locked * @description Mutex that may be initialized without mtx_recursive shall not be locked by a thread - * that has previous may havec locked it. + * that may have previously locked it. * @kind problem * @precision high * @problem.severity error @@ -57,4 +57,4 @@ where isTrackableMutex(lockCall, true) or isTrackableMutex(coveredByLock, true) ) -select n, "Mutex locked after previous $@.", coveredByLock, "already locked" +select n, "Mutex locked after it was already $@.", coveredByLock, "previously locked" diff --git a/c/misra/src/rules/RULE-22-19/ConditionVariableUsedWithMultipleMutexes.ql b/c/misra/src/rules/RULE-22-19/ConditionVariableUsedWithMultipleMutexes.ql index afa2556646..0d5aa5399f 100644 --- a/c/misra/src/rules/RULE-22-19/ConditionVariableUsedWithMultipleMutexes.ql +++ b/c/misra/src/rules/RULE-22-19/ConditionVariableUsedWithMultipleMutexes.ql @@ -64,6 +64,6 @@ where useOne = firstCallForConditionMutex(cond, mutexOne) and useTwo = firstCallForConditionMutex(cond, mutexOne) select useOne, - "Condition variable $@ associated with multiple mutexes, operation uses mutex $@ while $@ uses other mutex $@", + "Condition variable $@ associated with multiple mutexes, operation uses mutex $@ while $@ uses other mutex $@.", cond.getRootIdentity(), cond.toString(), mutexOne.getRootIdentity(), mutexOne.toString(), useTwo, "another operation", mutexTwo.getRootIdentity(), mutexTwo.toString() diff --git a/c/misra/src/rules/RULE-22-20/ThreadStorageNotInitializedBeforeUse.ql b/c/misra/src/rules/RULE-22-20/ThreadStorageNotInitializedBeforeUse.ql index 652b5d1f8c..1edf4aa9c3 100644 --- a/c/misra/src/rules/RULE-22-20/ThreadStorageNotInitializedBeforeUse.ql +++ b/c/misra/src/rules/RULE-22-20/ThreadStorageNotInitializedBeforeUse.ql @@ -40,5 +40,5 @@ where not isExcluded(objUse, Concurrency9Package::threadStorageNotInitializedBeforeUseQuery()) and InitAnalysis::uninitializedFrom(objUse, obj, callRoot) select objUse, - "Thread specific storage pointer '$@' possibly used before initialization, from entry point function '$@'.", + "Thread specific storage pointer '$@' used before initialization from entry point function '$@'.", obj, obj.toString(), callRoot, callRoot.getName() diff --git a/c/misra/test/rules/DIR-5-1/PossibleDataRaceBetweenThreads.expected b/c/misra/test/rules/DIR-5-1/PossibleDataRaceBetweenThreads.expected index 3f32b09d5c..e1c0e9389d 100644 --- a/c/misra/test/rules/DIR-5-1/PossibleDataRaceBetweenThreads.expected +++ b/c/misra/test/rules/DIR-5-1/PossibleDataRaceBetweenThreads.expected @@ -1,24 +1,24 @@ -| test.c:31:3:31:8 | ... = ... | Threaded write to object $@, for example from thread function $@, not synchronized with $@, for example from thread function $@. | test.c:11:5:11:6 | g2 | g2 | test.c:30:6:30:29 | single_thread4_writes_g2 | single_thread4_writes_g2 | test.c:27:3:27:4 | g2 | concurrent read operation | test.c:26:6:26:28 | single_thread3_reads_g2 | single_thread3_reads_g2 | -| test.c:35:3:35:8 | ... = ... | Threaded write to object $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:12:5:12:6 | g3 | g3 | test.c:34:6:34:27 | many_thread5_writes_g3 | many_thread5_writes_g3 | test.c:35:3:35:4 | g3 | concurrent read operation | test.c:34:6:34:27 | many_thread5_writes_g3 | many_thread5_writes_g3 | -| test.c:71:3:71:11 | ... = ... | Threaded write to object $@, for example from thread function $@, not synchronized with $@, for example from thread function $@. | test.c:68:3:68:4 | g7 | g7.m1 | test.c:70:6:70:33 | single_thread11_writes_g7_m1 | single_thread11_writes_g7_m1 | test.c:75:6:75:7 | m1 | concurrent read operation | test.c:74:6:74:33 | single_thread12_writes_g7_m1 | single_thread12_writes_g7_m1 | -| test.c:75:3:75:11 | ... = ... | Threaded write to object $@, for example from thread function $@, not synchronized with $@, for example from thread function $@. | test.c:68:3:68:4 | g7 | g7.m1 | test.c:74:6:74:33 | single_thread12_writes_g7_m1 | single_thread12_writes_g7_m1 | test.c:71:6:71:7 | m1 | concurrent read operation | test.c:70:6:70:33 | single_thread11_writes_g7_m1 | single_thread11_writes_g7_m1 | -| test.c:79:3:79:11 | call to setlocale | Threaded call to non-reentrant function $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:79:3:79:11 | call to setlocale | setlocale | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:79:3:79:11 | call to setlocale | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | -| test.c:80:3:80:8 | call to tmpnam | Threaded call to non-reentrant function $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:80:3:80:8 | call to tmpnam | tmpnam | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:80:3:80:8 | call to tmpnam | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | -| test.c:81:3:81:6 | call to rand | Threaded call to non-reentrant function $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:81:3:81:6 | call to rand | rand | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:81:3:81:6 | call to rand | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | -| test.c:82:3:82:7 | call to srand | Threaded call to non-reentrant function $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:82:3:82:7 | call to srand | srand | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:82:3:82:7 | call to srand | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | -| test.c:83:3:83:8 | call to getenv | Threaded call to non-reentrant function $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:83:3:83:8 | call to getenv | getenv | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:83:3:83:8 | call to getenv | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | -| test.c:84:3:84:10 | call to getenv_s | Threaded call to non-reentrant function $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:84:3:84:10 | call to getenv_s | getenv_s | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:84:3:84:10 | call to getenv_s | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | -| test.c:86:3:86:10 | call to strerror | Threaded call to non-reentrant function $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:86:3:86:10 | call to strerror | strerror | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:86:3:86:10 | call to strerror | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | -| test.c:87:3:87:9 | call to asctime | Threaded call to non-reentrant function $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:87:3:87:9 | call to asctime | asctime | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:87:3:87:9 | call to asctime | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | -| test.c:88:3:88:7 | call to ctime | Threaded call to non-reentrant function $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:88:3:88:7 | call to ctime | ctime | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:88:3:88:7 | call to ctime | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | -| test.c:89:3:89:8 | call to gmtime | Threaded call to non-reentrant function $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:89:3:89:8 | call to gmtime | gmtime | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:89:3:89:8 | call to gmtime | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | -| test.c:90:3:90:11 | call to localtime | Threaded call to non-reentrant function $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:90:3:90:11 | call to localtime | localtime | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:90:3:90:11 | call to localtime | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | -| test.c:91:3:91:10 | call to mbrtoc16 | Threaded call to non-reentrant function $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:91:3:91:10 | call to mbrtoc16 | mbrtoc16 | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:91:3:91:10 | call to mbrtoc16 | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | -| test.c:92:3:92:10 | call to mbrtoc32 | Threaded call to non-reentrant function $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:92:3:92:10 | call to mbrtoc32 | mbrtoc32 | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:92:3:92:10 | call to mbrtoc32 | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | -| test.c:93:3:93:10 | call to c16rtomb | Threaded call to non-reentrant function $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:93:3:93:10 | call to c16rtomb | c16rtomb | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:93:3:93:10 | call to c16rtomb | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | -| test.c:94:3:94:10 | call to c32rtomb | Threaded call to non-reentrant function $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:94:3:94:10 | call to c32rtomb | c32rtomb | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:94:3:94:10 | call to c32rtomb | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | -| test.c:95:3:95:8 | call to mbrlen | Threaded call to non-reentrant function $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:95:3:95:8 | call to mbrlen | mbrlen | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:95:3:95:8 | call to mbrlen | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | -| test.c:96:3:96:9 | call to mbrtowc | Threaded call to non-reentrant function $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:96:3:96:9 | call to mbrtowc | mbrtowc | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:96:3:96:9 | call to mbrtowc | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | -| test.c:97:3:97:9 | call to wcrtomb | Threaded call to non-reentrant function $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:97:3:97:9 | call to wcrtomb | wcrtomb | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:97:3:97:9 | call to wcrtomb | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | -| test.c:98:3:98:11 | call to mbsrtowcs | Threaded call to non-reentrant function $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:98:3:98:11 | call to mbsrtowcs | mbsrtowcs | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:98:3:98:11 | call to mbsrtowcs | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | -| test.c:99:3:99:11 | call to wcsrtombs | Threaded call to non-reentrant function $@ not synchronized, for example from thread function $@ spawned from a loop. | test.c:99:3:99:11 | call to wcsrtombs | wcsrtombs | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:99:3:99:11 | call to wcsrtombs | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | +| test.c:31:3:31:8 | ... = ... | Threaded write to object $@ from thread function $@ is not synchronized with $@ from thread function $@. | test.c:11:5:11:6 | g2 | g2 | test.c:30:6:30:29 | single_thread4_writes_g2 | single_thread4_writes_g2 | test.c:27:3:27:4 | g2 | concurrent read operation | test.c:26:6:26:28 | single_thread3_reads_g2 | single_thread3_reads_g2 | +| test.c:35:3:35:8 | ... = ... | Threaded write to object $@ not synchronized from thread function $@ spawned from a loop. | test.c:12:5:12:6 | g3 | g3 | test.c:34:6:34:27 | many_thread5_writes_g3 | many_thread5_writes_g3 | test.c:35:3:35:4 | g3 | concurrent read operation | test.c:34:6:34:27 | many_thread5_writes_g3 | many_thread5_writes_g3 | +| test.c:71:3:71:11 | ... = ... | Threaded write to object $@ from thread function $@ is not synchronized with $@ from thread function $@. | test.c:68:3:68:4 | g7 | g7.m1 | test.c:70:6:70:33 | single_thread11_writes_g7_m1 | single_thread11_writes_g7_m1 | test.c:75:6:75:7 | m1 | concurrent read operation | test.c:74:6:74:33 | single_thread12_writes_g7_m1 | single_thread12_writes_g7_m1 | +| test.c:75:3:75:11 | ... = ... | Threaded write to object $@ from thread function $@ is not synchronized with $@ from thread function $@. | test.c:68:3:68:4 | g7 | g7.m1 | test.c:74:6:74:33 | single_thread12_writes_g7_m1 | single_thread12_writes_g7_m1 | test.c:71:6:71:7 | m1 | concurrent read operation | test.c:70:6:70:33 | single_thread11_writes_g7_m1 | single_thread11_writes_g7_m1 | +| test.c:79:3:79:11 | call to setlocale | Threaded call to non-reentrant function $@ not synchronized from thread function $@ spawned from a loop. | test.c:79:3:79:11 | call to setlocale | setlocale | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:79:3:79:11 | call to setlocale | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | +| test.c:80:3:80:8 | call to tmpnam | Threaded call to non-reentrant function $@ not synchronized from thread function $@ spawned from a loop. | test.c:80:3:80:8 | call to tmpnam | tmpnam | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:80:3:80:8 | call to tmpnam | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | +| test.c:81:3:81:6 | call to rand | Threaded call to non-reentrant function $@ not synchronized from thread function $@ spawned from a loop. | test.c:81:3:81:6 | call to rand | rand | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:81:3:81:6 | call to rand | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | +| test.c:82:3:82:7 | call to srand | Threaded call to non-reentrant function $@ not synchronized from thread function $@ spawned from a loop. | test.c:82:3:82:7 | call to srand | srand | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:82:3:82:7 | call to srand | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | +| test.c:83:3:83:8 | call to getenv | Threaded call to non-reentrant function $@ not synchronized from thread function $@ spawned from a loop. | test.c:83:3:83:8 | call to getenv | getenv | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:83:3:83:8 | call to getenv | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | +| test.c:84:3:84:10 | call to getenv_s | Threaded call to non-reentrant function $@ not synchronized from thread function $@ spawned from a loop. | test.c:84:3:84:10 | call to getenv_s | getenv_s | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:84:3:84:10 | call to getenv_s | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | +| test.c:86:3:86:10 | call to strerror | Threaded call to non-reentrant function $@ not synchronized from thread function $@ spawned from a loop. | test.c:86:3:86:10 | call to strerror | strerror | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:86:3:86:10 | call to strerror | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | +| test.c:87:3:87:9 | call to asctime | Threaded call to non-reentrant function $@ not synchronized from thread function $@ spawned from a loop. | test.c:87:3:87:9 | call to asctime | asctime | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:87:3:87:9 | call to asctime | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | +| test.c:88:3:88:7 | call to ctime | Threaded call to non-reentrant function $@ not synchronized from thread function $@ spawned from a loop. | test.c:88:3:88:7 | call to ctime | ctime | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:88:3:88:7 | call to ctime | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | +| test.c:89:3:89:8 | call to gmtime | Threaded call to non-reentrant function $@ not synchronized from thread function $@ spawned from a loop. | test.c:89:3:89:8 | call to gmtime | gmtime | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:89:3:89:8 | call to gmtime | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | +| test.c:90:3:90:11 | call to localtime | Threaded call to non-reentrant function $@ not synchronized from thread function $@ spawned from a loop. | test.c:90:3:90:11 | call to localtime | localtime | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:90:3:90:11 | call to localtime | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | +| test.c:91:3:91:10 | call to mbrtoc16 | Threaded call to non-reentrant function $@ not synchronized from thread function $@ spawned from a loop. | test.c:91:3:91:10 | call to mbrtoc16 | mbrtoc16 | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:91:3:91:10 | call to mbrtoc16 | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | +| test.c:92:3:92:10 | call to mbrtoc32 | Threaded call to non-reentrant function $@ not synchronized from thread function $@ spawned from a loop. | test.c:92:3:92:10 | call to mbrtoc32 | mbrtoc32 | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:92:3:92:10 | call to mbrtoc32 | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | +| test.c:93:3:93:10 | call to c16rtomb | Threaded call to non-reentrant function $@ not synchronized from thread function $@ spawned from a loop. | test.c:93:3:93:10 | call to c16rtomb | c16rtomb | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:93:3:93:10 | call to c16rtomb | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | +| test.c:94:3:94:10 | call to c32rtomb | Threaded call to non-reentrant function $@ not synchronized from thread function $@ spawned from a loop. | test.c:94:3:94:10 | call to c32rtomb | c32rtomb | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:94:3:94:10 | call to c32rtomb | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | +| test.c:95:3:95:8 | call to mbrlen | Threaded call to non-reentrant function $@ not synchronized from thread function $@ spawned from a loop. | test.c:95:3:95:8 | call to mbrlen | mbrlen | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:95:3:95:8 | call to mbrlen | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | +| test.c:96:3:96:9 | call to mbrtowc | Threaded call to non-reentrant function $@ not synchronized from thread function $@ spawned from a loop. | test.c:96:3:96:9 | call to mbrtowc | mbrtowc | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:96:3:96:9 | call to mbrtowc | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | +| test.c:97:3:97:9 | call to wcrtomb | Threaded call to non-reentrant function $@ not synchronized from thread function $@ spawned from a loop. | test.c:97:3:97:9 | call to wcrtomb | wcrtomb | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:97:3:97:9 | call to wcrtomb | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | +| test.c:98:3:98:11 | call to mbsrtowcs | Threaded call to non-reentrant function $@ not synchronized from thread function $@ spawned from a loop. | test.c:98:3:98:11 | call to mbsrtowcs | mbsrtowcs | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:98:3:98:11 | call to mbsrtowcs | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | +| test.c:99:3:99:11 | call to wcsrtombs | Threaded call to non-reentrant function $@ not synchronized from thread function $@ spawned from a loop. | test.c:99:3:99:11 | call to wcsrtombs | wcsrtombs | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:99:3:99:11 | call to wcsrtombs | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | diff --git a/c/misra/test/rules/RULE-22-14/test.c b/c/misra/test/rules/RULE-22-14/test.c index d8f1770ad8..c664a08dc3 100644 --- a/c/misra/test/rules/RULE-22-14/test.c +++ b/c/misra/test/rules/RULE-22-14/test.c @@ -143,4 +143,16 @@ void invalid_mtx_init_types() { mtx_init(&m, mtx_plain & mtx_recursive); // NON-COMPLIANT mtx_init(&m, mtx_plain * mtx_recursive); // NON-COMPLIANT mtx_init(&m, -1); // NON-COMPLIANT +} + +void function_pointer_uses_global_mutexes() { + // If the function has been used as a function pointer, we don't attempt to + // analyze this. + mtx_lock(&g1); // COMPLIANT + mtx_lock(&g2.m1); // COMPLIANT + mtx_lock(g3); // COMPLIANT +} + +void take_function_pointer() { + void (*f)(void) = function_pointer_uses_global_mutexes; } \ No newline at end of file diff --git a/c/misra/test/rules/RULE-22-17/InvalidOperationOnUnlockedMutex.expected b/c/misra/test/rules/RULE-22-17/InvalidOperationOnUnlockedMutex.expected index 76d3ac1ba1..254d55adc2 100644 --- a/c/misra/test/rules/RULE-22-17/InvalidOperationOnUnlockedMutex.expected +++ b/c/misra/test/rules/RULE-22-17/InvalidOperationOnUnlockedMutex.expected @@ -1,16 +1,16 @@ -| test.c:19:3:19:10 | call to cnd_wait | Invalid operation on mutex '$@' not locked by the current thread | test.c:11:9:11:10 | l1 | l1 | -| test.c:20:3:20:12 | call to mtx_unlock | Invalid operation on mutex '$@' not locked by the current thread | test.c:11:9:11:10 | l1 | l1 | -| test.c:25:3:25:10 | call to cnd_wait | Invalid operation on mutex '$@' not locked by the current thread | test.c:14:5:14:6 | l2 | l2.m1 | -| test.c:26:3:26:12 | call to mtx_unlock | Invalid operation on mutex '$@' not locked by the current thread | test.c:14:5:14:6 | l2 | l2.m1 | -| test.c:31:3:31:10 | call to cnd_wait | Invalid operation on mutex '$@' not locked by the current thread | test.c:3:7:3:8 | g1 | g1 | -| test.c:32:3:32:12 | call to mtx_unlock | Invalid operation on mutex '$@' not locked by the current thread | test.c:3:7:3:8 | g1 | g1 | -| test.c:37:3:37:10 | call to cnd_wait | Invalid operation on mutex '$@' not locked by the current thread | test.c:6:3:6:4 | g2 | g2.m1 | -| test.c:38:3:38:12 | call to mtx_unlock | Invalid operation on mutex '$@' not locked by the current thread | test.c:6:3:6:4 | g2 | g2.m1 | -| test.c:47:3:47:10 | call to cnd_wait | Invalid operation on mutex '$@' not locked by the current thread | test.c:11:9:11:10 | l1 | l1 | -| test.c:48:3:48:10 | call to cnd_wait | Invalid operation on mutex '$@' not locked by the current thread | test.c:14:5:14:6 | l2 | l2.m1 | -| test.c:49:3:49:10 | call to cnd_wait | Invalid operation on mutex '$@' not locked by the current thread | test.c:3:7:3:8 | g1 | g1 | -| test.c:50:3:50:10 | call to cnd_wait | Invalid operation on mutex '$@' not locked by the current thread | test.c:6:3:6:4 | g2 | g2.m1 | -| test.c:51:3:51:12 | call to mtx_unlock | Invalid operation on mutex '$@' not locked by the current thread | test.c:11:9:11:10 | l1 | l1 | -| test.c:52:3:52:12 | call to mtx_unlock | Invalid operation on mutex '$@' not locked by the current thread | test.c:14:5:14:6 | l2 | l2.m1 | -| test.c:53:3:53:12 | call to mtx_unlock | Invalid operation on mutex '$@' not locked by the current thread | test.c:3:7:3:8 | g1 | g1 | -| test.c:54:3:54:12 | call to mtx_unlock | Invalid operation on mutex '$@' not locked by the current thread | test.c:6:3:6:4 | g2 | g2.m1 | +| test.c:19:3:19:10 | call to cnd_wait | Invalid operation on mutex '$@' not locked by the current thread. | test.c:11:9:11:10 | l1 | l1 | +| test.c:20:3:20:12 | call to mtx_unlock | Invalid operation on mutex '$@' not locked by the current thread. | test.c:11:9:11:10 | l1 | l1 | +| test.c:25:3:25:10 | call to cnd_wait | Invalid operation on mutex '$@' not locked by the current thread. | test.c:14:5:14:6 | l2 | l2.m1 | +| test.c:26:3:26:12 | call to mtx_unlock | Invalid operation on mutex '$@' not locked by the current thread. | test.c:14:5:14:6 | l2 | l2.m1 | +| test.c:31:3:31:10 | call to cnd_wait | Invalid operation on mutex '$@' not locked by the current thread. | test.c:3:7:3:8 | g1 | g1 | +| test.c:32:3:32:12 | call to mtx_unlock | Invalid operation on mutex '$@' not locked by the current thread. | test.c:3:7:3:8 | g1 | g1 | +| test.c:37:3:37:10 | call to cnd_wait | Invalid operation on mutex '$@' not locked by the current thread. | test.c:6:3:6:4 | g2 | g2.m1 | +| test.c:38:3:38:12 | call to mtx_unlock | Invalid operation on mutex '$@' not locked by the current thread. | test.c:6:3:6:4 | g2 | g2.m1 | +| test.c:47:3:47:10 | call to cnd_wait | Invalid operation on mutex '$@' not locked by the current thread. | test.c:11:9:11:10 | l1 | l1 | +| test.c:48:3:48:10 | call to cnd_wait | Invalid operation on mutex '$@' not locked by the current thread. | test.c:14:5:14:6 | l2 | l2.m1 | +| test.c:49:3:49:10 | call to cnd_wait | Invalid operation on mutex '$@' not locked by the current thread. | test.c:3:7:3:8 | g1 | g1 | +| test.c:50:3:50:10 | call to cnd_wait | Invalid operation on mutex '$@' not locked by the current thread. | test.c:6:3:6:4 | g2 | g2.m1 | +| test.c:51:3:51:12 | call to mtx_unlock | Invalid operation on mutex '$@' not locked by the current thread. | test.c:11:9:11:10 | l1 | l1 | +| test.c:52:3:52:12 | call to mtx_unlock | Invalid operation on mutex '$@' not locked by the current thread. | test.c:14:5:14:6 | l2 | l2.m1 | +| test.c:53:3:53:12 | call to mtx_unlock | Invalid operation on mutex '$@' not locked by the current thread. | test.c:3:7:3:8 | g1 | g1 | +| test.c:54:3:54:12 | call to mtx_unlock | Invalid operation on mutex '$@' not locked by the current thread. | test.c:6:3:6:4 | g2 | g2.m1 | diff --git a/c/misra/test/rules/RULE-22-18/NonRecursiveMutexRecursivelyLockedAudit.expected b/c/misra/test/rules/RULE-22-18/NonRecursiveMutexRecursivelyLockedAudit.expected index 8f359c90f8..e268f5367e 100644 --- a/c/misra/test/rules/RULE-22-18/NonRecursiveMutexRecursivelyLockedAudit.expected +++ b/c/misra/test/rules/RULE-22-18/NonRecursiveMutexRecursivelyLockedAudit.expected @@ -1,6 +1,6 @@ -| test.c:44:3:44:10 | call to mtx_lock | Mutex locked after previous $@. | test.c:43:3:43:10 | call to mtx_lock | already locked | -| test.c:49:3:49:10 | call to mtx_lock | Mutex locked after previous $@. | test.c:48:3:48:10 | call to mtx_lock | already locked | -| test.c:54:3:54:10 | call to mtx_lock | Mutex locked after previous $@. | test.c:53:3:53:10 | call to mtx_lock | already locked | -| test.c:59:3:59:10 | call to mtx_lock | Mutex locked after previous $@. | test.c:58:3:58:10 | call to mtx_lock | already locked | -| test.c:76:3:76:10 | call to mtx_lock | Mutex locked after previous $@. | test.c:75:3:75:10 | call to mtx_lock | already locked | -| test.c:81:3:81:10 | call to mtx_lock | Mutex locked after previous $@. | test.c:80:3:80:10 | call to mtx_lock | already locked | +| test.c:44:3:44:10 | call to mtx_lock | Mutex locked after it was already $@. | test.c:43:3:43:10 | call to mtx_lock | previously locked | +| test.c:49:3:49:10 | call to mtx_lock | Mutex locked after it was already $@. | test.c:48:3:48:10 | call to mtx_lock | previously locked | +| test.c:54:3:54:10 | call to mtx_lock | Mutex locked after it was already $@. | test.c:53:3:53:10 | call to mtx_lock | previously locked | +| test.c:59:3:59:10 | call to mtx_lock | Mutex locked after it was already $@. | test.c:58:3:58:10 | call to mtx_lock | previously locked | +| test.c:76:3:76:10 | call to mtx_lock | Mutex locked after it was already $@. | test.c:75:3:75:10 | call to mtx_lock | previously locked | +| test.c:81:3:81:10 | call to mtx_lock | Mutex locked after it was already $@. | test.c:80:3:80:10 | call to mtx_lock | previously locked | diff --git a/c/misra/test/rules/RULE-22-19/ConditionVariableUsedWithMultipleMutexes.expected b/c/misra/test/rules/RULE-22-19/ConditionVariableUsedWithMultipleMutexes.expected index ee9dff0be2..c9785067c6 100644 --- a/c/misra/test/rules/RULE-22-19/ConditionVariableUsedWithMultipleMutexes.expected +++ b/c/misra/test/rules/RULE-22-19/ConditionVariableUsedWithMultipleMutexes.expected @@ -1,2 +1,2 @@ -| test.c:19:3:19:10 | call to cnd_wait | Condition variable $@ associated with multiple mutexes, operation uses mutex $@ while $@ uses other mutex $@ | test.c:16:9:16:12 | cnd1 | cnd1 | test.c:17:9:17:12 | mtx1 | mtx1 | test.c:19:3:19:10 | call to cnd_wait | another operation | test.c:18:9:18:12 | mtx2 | mtx2 | -| test.c:41:3:41:10 | call to cnd_wait | Condition variable $@ associated with multiple mutexes, operation uses mutex $@ while $@ uses other mutex $@ | test.c:37:7:37:11 | gcnd1 | gcnd1 | test.c:38:7:38:11 | gmtx1 | gmtx1 | test.c:41:3:41:10 | call to cnd_wait | another operation | test.c:39:7:39:11 | gmtx2 | gmtx2 | +| test.c:19:3:19:10 | call to cnd_wait | Condition variable $@ associated with multiple mutexes, operation uses mutex $@ while $@ uses other mutex $@. | test.c:16:9:16:12 | cnd1 | cnd1 | test.c:17:9:17:12 | mtx1 | mtx1 | test.c:19:3:19:10 | call to cnd_wait | another operation | test.c:18:9:18:12 | mtx2 | mtx2 | +| test.c:41:3:41:10 | call to cnd_wait | Condition variable $@ associated with multiple mutexes, operation uses mutex $@ while $@ uses other mutex $@. | test.c:37:7:37:11 | gcnd1 | gcnd1 | test.c:38:7:38:11 | gmtx1 | gmtx1 | test.c:41:3:41:10 | call to cnd_wait | another operation | test.c:39:7:39:11 | gmtx2 | gmtx2 | diff --git a/c/misra/test/rules/RULE-22-20/ThreadStorageNotInitializedBeforeUse.expected b/c/misra/test/rules/RULE-22-20/ThreadStorageNotInitializedBeforeUse.expected index 9a9b86dfa2..301debd7e8 100644 --- a/c/misra/test/rules/RULE-22-20/ThreadStorageNotInitializedBeforeUse.expected +++ b/c/misra/test/rules/RULE-22-20/ThreadStorageNotInitializedBeforeUse.expected @@ -1,5 +1,5 @@ -| test.c:6:11:6:13 | & ... | Thread specific storage pointer '$@' possibly used before initialization, from entry point function '$@'. | test.c:5:9:5:10 | l1 | l1 | test.c:4:6:4:19 | use_local_mtxs | use_local_mtxs | -| test.c:11:11:11:12 | l4 | Thread specific storage pointer '$@' possibly used before initialization, from entry point function '$@'. | test.c:10:15:10:20 | call to malloc | call to malloc | test.c:16:6:16:31 | root1_calls_use_local_mtxs | root1_calls_use_local_mtxs | -| test.c:25:11:25:13 | & ... | Thread specific storage pointer '$@' possibly used before initialization, from entry point function '$@'. | test.c:22:7:22:8 | g1 | g1 | test.c:24:6:24:28 | root2_uses_global_tss_t | root2_uses_global_tss_t | -| test.c:38:11:38:13 | & ... | Thread specific storage pointer '$@' possibly used before initialization, from entry point function '$@'. | test.c:22:7:22:8 | g1 | g1 | test.c:41:6:41:45 | root4_call_thread_without_initialization | root4_call_thread_without_initialization | -| test.c:58:11:58:13 | & ... | Thread specific storage pointer '$@' possibly used before initialization, from entry point function '$@'. | test.c:56:7:56:8 | g5 | g5 | test.c:67:6:67:50 | root6_spawn_thread_uninitialized_thread_local | root6_spawn_thread_uninitialized_thread_local | +| test.c:6:11:6:13 | & ... | Thread specific storage pointer '$@' used before initialization from entry point function '$@'. | test.c:5:9:5:10 | l1 | l1 | test.c:4:6:4:19 | use_local_mtxs | use_local_mtxs | +| test.c:11:11:11:12 | l4 | Thread specific storage pointer '$@' used before initialization from entry point function '$@'. | test.c:10:15:10:20 | call to malloc | call to malloc | test.c:16:6:16:31 | root1_calls_use_local_mtxs | root1_calls_use_local_mtxs | +| test.c:25:11:25:13 | & ... | Thread specific storage pointer '$@' used before initialization from entry point function '$@'. | test.c:22:7:22:8 | g1 | g1 | test.c:24:6:24:28 | root2_uses_global_tss_t | root2_uses_global_tss_t | +| test.c:38:11:38:13 | & ... | Thread specific storage pointer '$@' used before initialization from entry point function '$@'. | test.c:22:7:22:8 | g1 | g1 | test.c:41:6:41:45 | root4_call_thread_without_initialization | root4_call_thread_without_initialization | +| test.c:58:11:58:13 | & ... | Thread specific storage pointer '$@' used before initialization from entry point function '$@'. | test.c:56:7:56:8 | g5 | g5 | test.c:67:6:67:50 | root6_spawn_thread_uninitialized_thread_local | root6_spawn_thread_uninitialized_thread_local | diff --git a/cpp/common/src/codingstandards/cpp/concurrency/LockingOperation.qll b/cpp/common/src/codingstandards/cpp/concurrency/LockingOperation.qll index 1dd753d122..95404b114a 100644 --- a/cpp/common/src/codingstandards/cpp/concurrency/LockingOperation.qll +++ b/cpp/common/src/codingstandards/cpp/concurrency/LockingOperation.qll @@ -52,18 +52,11 @@ class CPPMutexFunctionCall extends MutexFunctionCall { VariableAccess var; CPPMutexFunctionCall() { - ( - // the non recursive kinds - getTarget().(MemberFunction).getDeclaringType().hasQualifiedName("std", "mutex") or - getTarget().(MemberFunction).getDeclaringType().hasQualifiedName("std", "timed_mutex") or - getTarget().(MemberFunction).getDeclaringType().hasQualifiedName("std", "shared_timed_mutex") or - // the recursive ones - getTarget().(MemberFunction).getDeclaringType().hasQualifiedName("std", "recursive_mutex") or - getTarget() - .(MemberFunction) - .getDeclaringType() - .hasQualifiedName("std", "recursive_timed_mutex") - ) and + getTarget() + .(MemberFunction) + .getDeclaringType() + .hasQualifiedName("std", + ["mutex", "timed_mutex", "shared_timed_mutex", "recursive_mutex", "recursive_timed_mutex"]) and var = getQualifier() } @@ -71,8 +64,10 @@ class CPPMutexFunctionCall extends MutexFunctionCall { * Holds if this mutex is a recursive mutex. */ override predicate isRecursive() { - getTarget().(MemberFunction).getDeclaringType().hasQualifiedName("std", "recursive_mutex") or - getTarget().(MemberFunction).getDeclaringType().hasQualifiedName("std", "recursive_timed_mutex") + getTarget() + .(MemberFunction) + .getDeclaringType() + .hasQualifiedName("std", ["recursive_mutex", "recursive_timed_mutex"]) } /** diff --git a/rule_packages/c/Concurrency9.json b/rule_packages/c/Concurrency9.json index 39c5cc58a8..7a88f4e2ab 100644 --- a/rule_packages/c/Concurrency9.json +++ b/rule_packages/c/Concurrency9.json @@ -82,7 +82,7 @@ ] }, { - "description": "Mutex that may be initialized without mtx_recursive shall not be locked by a thread that has previous may havec locked it.", + "description": "Mutex that may be initialized without mtx_recursive shall not be locked by a thread that may have previously locked it.", "kind": "problem", "name": "(Audit) Non-recursive mutexes shall not be recursively locked", "precision": "high", From 0a6460986a1994659f43927f2bbdcca0b306e020 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 27 Mar 2025 01:40:53 -0700 Subject: [PATCH 2481/2573] Implement missing amendment for directive 4-11 from misra C 2012 amendment 3 --- amendments.csv | 2 +- ...cisionPeriodicTrigonometricFunctionCall.ql | 43 +++++++++++++ ...PeriodicTrigonometricFunctionCall.expected | 18 ++++++ ...ionPeriodicTrigonometricFunctionCall.qlref | 1 + c/misra/test/rules/DIR-4-11/test.c | 62 +++++++++++++++++++ ...etect-precision-limit-in-trig-functions.md | 2 + .../cpp/exclusions/c/Contracts.qll | 17 +++++ rule_packages/c/Contracts.json | 13 ++++ 8 files changed, 157 insertions(+), 1 deletion(-) create mode 100644 c/misra/src/rules/DIR-4-11/LowPrecisionPeriodicTrigonometricFunctionCall.ql create mode 100644 c/misra/test/rules/DIR-4-11/LowPrecisionPeriodicTrigonometricFunctionCall.expected create mode 100644 c/misra/test/rules/DIR-4-11/LowPrecisionPeriodicTrigonometricFunctionCall.qlref create mode 100644 c/misra/test/rules/DIR-4-11/test.c create mode 100644 change_notes/2025-03-27-detect-precision-limit-in-trig-functions.md diff --git a/amendments.csv b/amendments.csv index 64d2e2e858..9b10149027 100644 --- a/amendments.csv +++ b/amendments.csv @@ -1,7 +1,7 @@ language,standard,amendment,rule_id,supportable,implementation_category,implemented,difficulty c,MISRA-C-2012,Amendment3,DIR-4-6,Yes,Expand,Yes,Easy c,MISRA-C-2012,Amendment3,DIR-4-9,Yes,Refine,No,Easy -c,MISRA-C-2012,Amendment3,DIR-4-11,Yes,Refine,No,Import +c,MISRA-C-2012,Amendment3,DIR-4-11,Yes,Refine,Yes,Import c,MISRA-C-2012,Amendment3,RULE-1-4,Yes,Replace,No,Easy c,MISRA-C-2012,Amendment3,RULE-10-1,Yes,Replace,Yes,Easy c,MISRA-C-2012,Amendment3,RULE-10-3,Yes,Refine,Yes,Easy diff --git a/c/misra/src/rules/DIR-4-11/LowPrecisionPeriodicTrigonometricFunctionCall.ql b/c/misra/src/rules/DIR-4-11/LowPrecisionPeriodicTrigonometricFunctionCall.ql new file mode 100644 index 0000000000..6a910a1a71 --- /dev/null +++ b/c/misra/src/rules/DIR-4-11/LowPrecisionPeriodicTrigonometricFunctionCall.ql @@ -0,0 +1,43 @@ +/** + * @id c/misra/low-precision-periodic-trigonometric-function-call + * @name DIR-4-11: The validity of values passed to trigonometric functions shall be checked + * @description Trigonometric periodic functions have significantly less precision when called with + * large floating-point values. + * @kind problem + * @precision high + * @problem.severity warning + * @tags external/misra/id/dir-4-11 + * correctness + * external/misra/c/2012/third-edition-first-revision + * external/misra/c/2012/amendment3 + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis + +float getMaxAllowedAbsoluteValue(FloatingPointType t, string description) { + if t.getSize() <= 4 + then ( + // Per MISRA, assume k=1 for float types. + result = 3.15 and description = "pi" + ) else ( + // Allow k=10 for doubles, as the standard allows for a larger range depending on the + // implementation, application, and precision goals. + result = 10 * 3.15 and description = "10 * pi" + ) +} + +from FunctionCall fc, Expr argument, float maxValue, float maxAllowedValue, string maxAllowedStr +where + not isExcluded(fc, ContractsPackage::lowPrecisionPeriodicTrigonometricFunctionCallQuery()) and + fc.getTarget().getName() = ["sin", "cos", "tan"] and + argument = fc.getArgument(0) and + maxValue = rank[1](float bound | bound = [lowerBound(argument), upperBound(argument)].abs()) and + maxAllowedValue = getMaxAllowedAbsoluteValue(argument.getType(), maxAllowedStr) and + maxValue > maxAllowedValue +select fc, + "Call to periodic trigonometric function " + fc.getTarget().getName() + + " with maximum argument absolute value of " + maxValue.toString() + + ", which exceeds the recommended " + "maximum of " + maxAllowedStr + "." diff --git a/c/misra/test/rules/DIR-4-11/LowPrecisionPeriodicTrigonometricFunctionCall.expected b/c/misra/test/rules/DIR-4-11/LowPrecisionPeriodicTrigonometricFunctionCall.expected new file mode 100644 index 0000000000..d5d5892975 --- /dev/null +++ b/c/misra/test/rules/DIR-4-11/LowPrecisionPeriodicTrigonometricFunctionCall.expected @@ -0,0 +1,18 @@ +| test.c:32:5:32:7 | call to sin | Call to periodic trigonometric function sin with maximum argument absolute value of 31.4, which exceeds the recommended maximum of pi. | +| test.c:33:5:33:7 | call to cos | Call to periodic trigonometric function cos with maximum argument absolute value of 31.4, which exceeds the recommended maximum of pi. | +| test.c:34:5:34:7 | call to tan | Call to periodic trigonometric function tan with maximum argument absolute value of 31.4, which exceeds the recommended maximum of pi. | +| test.c:38:5:38:7 | call to sin | Call to periodic trigonometric function sin with maximum argument absolute value of 31.4, which exceeds the recommended maximum of pi. | +| test.c:39:5:39:7 | call to cos | Call to periodic trigonometric function cos with maximum argument absolute value of 31.4, which exceeds the recommended maximum of pi. | +| test.c:40:5:40:7 | call to tan | Call to periodic trigonometric function tan with maximum argument absolute value of 31.4, which exceeds the recommended maximum of pi. | +| test.c:49:5:49:7 | call to sin | Call to periodic trigonometric function sin with maximum argument absolute value of 314, which exceeds the recommended maximum of pi. | +| test.c:50:5:50:7 | call to cos | Call to periodic trigonometric function cos with maximum argument absolute value of 314, which exceeds the recommended maximum of pi. | +| test.c:51:5:51:7 | call to tan | Call to periodic trigonometric function tan with maximum argument absolute value of 314, which exceeds the recommended maximum of pi. | +| test.c:52:5:52:7 | call to sin | Call to periodic trigonometric function sin with maximum argument absolute value of 314, which exceeds the recommended maximum of 10 * pi. | +| test.c:53:5:53:7 | call to cos | Call to periodic trigonometric function cos with maximum argument absolute value of 314, which exceeds the recommended maximum of 10 * pi. | +| test.c:54:5:54:7 | call to tan | Call to periodic trigonometric function tan with maximum argument absolute value of 314, which exceeds the recommended maximum of 10 * pi. | +| test.c:55:5:55:7 | call to sin | Call to periodic trigonometric function sin with maximum argument absolute value of 314, which exceeds the recommended maximum of pi. | +| test.c:56:5:56:7 | call to cos | Call to periodic trigonometric function cos with maximum argument absolute value of 314, which exceeds the recommended maximum of pi. | +| test.c:57:5:57:7 | call to tan | Call to periodic trigonometric function tan with maximum argument absolute value of 314, which exceeds the recommended maximum of pi. | +| test.c:58:5:58:7 | call to sin | Call to periodic trigonometric function sin with maximum argument absolute value of 314, which exceeds the recommended maximum of 10 * pi. | +| test.c:59:5:59:7 | call to cos | Call to periodic trigonometric function cos with maximum argument absolute value of 314, which exceeds the recommended maximum of 10 * pi. | +| test.c:60:5:60:7 | call to tan | Call to periodic trigonometric function tan with maximum argument absolute value of 314, which exceeds the recommended maximum of 10 * pi. | diff --git a/c/misra/test/rules/DIR-4-11/LowPrecisionPeriodicTrigonometricFunctionCall.qlref b/c/misra/test/rules/DIR-4-11/LowPrecisionPeriodicTrigonometricFunctionCall.qlref new file mode 100644 index 0000000000..f7bd11b44d --- /dev/null +++ b/c/misra/test/rules/DIR-4-11/LowPrecisionPeriodicTrigonometricFunctionCall.qlref @@ -0,0 +1 @@ +rules/DIR-4-11/LowPrecisionPeriodicTrigonometricFunctionCall.ql \ No newline at end of file diff --git a/c/misra/test/rules/DIR-4-11/test.c b/c/misra/test/rules/DIR-4-11/test.c new file mode 100644 index 0000000000..dac34860ff --- /dev/null +++ b/c/misra/test/rules/DIR-4-11/test.c @@ -0,0 +1,62 @@ +#include +void f(int x) { + float f1 = 0.0f; + double d1 = 0.0f; + sin(f1); // COMPLIANT + cos(f1); // COMPLIANT + tan(f1); // COMPLIANT + sin(d1); // COMPLIANT + cos(d1); // COMPLIANT + tan(d1); // COMPLIANT + + if (x < 10) { + f1 += 3.14; + d1 += 3.14; + sin(f1); // COMPLIANT + cos(f1); // COMPLIANT + tan(f1); // COMPLIANT + sin(d1); // COMPLIANT + cos(d1); // COMPLIANT + tan(d1); // COMPLIANT + sin(-f1); // COMPLIANT + cos(-f1); // COMPLIANT + tan(-f1); // COMPLIANT + sin(-d1); // COMPLIANT + cos(-d1); // COMPLIANT + tan(-d1); // COMPLIANT + } + + if (x < 20) { + f1 = 3.14 * 10; + d1 = 3.14 * 10; + sin(f1); // NON-COMPLIANT + cos(f1); // NON-COMPLIANT + tan(f1); // NON-COMPLIANT + sin(d1); // COMPLIANT + cos(d1); // COMPLIANT + tan(d1); // COMPLIANT + sin(-f1); // NON-COMPLIANT + cos(-f1); // NON-COMPLIANT + tan(-f1); // NON-COMPLIANT + sin(-d1); // COMPLIANT + cos(-d1); // COMPLIANT + tan(-d1); // COMPLIANT + } + + if (x < 30) { + f1 = 3.14 * 100; + d1 = 3.14 * 100; + sin(f1); // NON-COMPLIANT + cos(f1); // NON-COMPLIANT + tan(f1); // NON-COMPLIANT + sin(d1); // NON-COMPLIANT + cos(d1); // NON-COMPLIANT + tan(d1); // NON-COMPLIANT + sin(-f1); // NON-COMPLIANT + cos(-f1); // NON-COMPLIANT + tan(-f1); // NON-COMPLIANT + sin(-d1); // NON-COMPLIANT + cos(-d1); // NON-COMPLIANT + tan(-d1); // NON-COMPLIANT + } +} \ No newline at end of file diff --git a/change_notes/2025-03-27-detect-precision-limit-in-trig-functions.md b/change_notes/2025-03-27-detect-precision-limit-in-trig-functions.md new file mode 100644 index 0000000000..914b25a2a2 --- /dev/null +++ b/change_notes/2025-03-27-detect-precision-limit-in-trig-functions.md @@ -0,0 +1,2 @@ + - `DIR-4-11` - `LowPrecisionPeriodicTrigonometricFunctionCall.ql`: + - New query within rule added to detect calls to periodic trigonometric functions with values outside of pi*k for k that depends on implementation and application precision goals, assuming k=1 for 32 bit floating types and k=10 for 64 bit floating types. diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts.qll index 32a44a4355..174e7769b7 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts.qll @@ -6,6 +6,7 @@ import codingstandards.cpp.exclusions.RuleMetadata newtype ContractsQuery = TDoNotViolateInLineLinkageConstraintsQuery() or TCheckMathLibraryFunctionParametersQuery() or + TLowPrecisionPeriodicTrigonometricFunctionCallQuery() or TFunctionErrorInformationUntestedQuery() predicate isContractsQueryMetadata(Query query, string queryId, string ruleId, string category) { @@ -27,6 +28,15 @@ predicate isContractsQueryMetadata(Query query, string queryId, string ruleId, s ruleId = "DIR-4-11" and category = "required" or + query = + // `Query` instance for the `lowPrecisionPeriodicTrigonometricFunctionCall` query + ContractsPackage::lowPrecisionPeriodicTrigonometricFunctionCallQuery() and + queryId = + // `@id` for the `lowPrecisionPeriodicTrigonometricFunctionCall` query + "c/misra/low-precision-periodic-trigonometric-function-call" and + ruleId = "DIR-4-11" and + category = "required" + or query = // `Query` instance for the `functionErrorInformationUntested` query ContractsPackage::functionErrorInformationUntestedQuery() and @@ -52,6 +62,13 @@ module ContractsPackage { TQueryC(TContractsPackageQuery(TCheckMathLibraryFunctionParametersQuery())) } + Query lowPrecisionPeriodicTrigonometricFunctionCallQuery() { + //autogenerate `Query` type + result = + // `Query` type for `lowPrecisionPeriodicTrigonometricFunctionCall` query + TQueryC(TContractsPackageQuery(TLowPrecisionPeriodicTrigonometricFunctionCallQuery())) + } + Query functionErrorInformationUntestedQuery() { //autogenerate `Query` type result = diff --git a/rule_packages/c/Contracts.json b/rule_packages/c/Contracts.json index 40bf3d8b0b..e7db6fff86 100644 --- a/rule_packages/c/Contracts.json +++ b/rule_packages/c/Contracts.json @@ -44,6 +44,19 @@ "implementation_scope": { "description": "This query identifies possible domain, pole and range errors on a selection of C standard library fuctions from math.h." } + }, + { + "description": "Trigonometric periodic functions have significantly less precision when called with large floating-point values.", + "kind": "problem", + "name": "The validity of values passed to trigonometric functions shall be checked", + "precision": "high", + "severity": "warning", + "short_name": "LowPrecisionPeriodicTrigonometricFunctionCall", + "tags": [ + "correctness", + "external/misra/c/2012/third-edition-first-revision", + "external/misra/c/2012/amendment3" + ] } ], "title": "The validity of values passed to library functions shall be checked" From 00defddfa6abde09164a9b7860026fe4f497b076 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 27 Mar 2025 10:05:09 -0700 Subject: [PATCH 2482/2573] Fix typo --- .../RULE-22-18/NonRecursiveMutexRecursivelyLockedAudit.ql | 4 ++-- rule_packages/c/Concurrency9.json | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/c/misra/src/rules/RULE-22-18/NonRecursiveMutexRecursivelyLockedAudit.ql b/c/misra/src/rules/RULE-22-18/NonRecursiveMutexRecursivelyLockedAudit.ql index d242f75f57..7e002585b6 100644 --- a/c/misra/src/rules/RULE-22-18/NonRecursiveMutexRecursivelyLockedAudit.ql +++ b/c/misra/src/rules/RULE-22-18/NonRecursiveMutexRecursivelyLockedAudit.ql @@ -1,8 +1,8 @@ /** * @id c/misra/non-recursive-mutex-recursively-locked-audit * @name RULE-22-18: (Audit) Non-recursive mutexes shall not be recursively locked - * @description Mutex that may be initialized without mtx_recursive shall not be locked by a thread - * that may have previously locked it. + * @description Mutexes that may be initialized without mtx_recursive shall not be locked by a + * thread that may have previously locked it. * @kind problem * @precision high * @problem.severity error diff --git a/rule_packages/c/Concurrency9.json b/rule_packages/c/Concurrency9.json index 7a88f4e2ab..6ae1df8173 100644 --- a/rule_packages/c/Concurrency9.json +++ b/rule_packages/c/Concurrency9.json @@ -82,7 +82,7 @@ ] }, { - "description": "Mutex that may be initialized without mtx_recursive shall not be locked by a thread that may have previously locked it.", + "description": "Mutexes that may be initialized without mtx_recursive shall not be locked by a thread that may have previously locked it.", "kind": "problem", "name": "(Audit) Non-recursive mutexes shall not be recursively locked", "precision": "high", From 35cfb0f1e1e57a71a3a1d9537903a7c16aab304e Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Sat, 29 Mar 2025 15:54:57 -0700 Subject: [PATCH 2483/2573] Add additional CERT-C rules to rules.csv --- rules.csv | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/rules.csv b/rules.csv index 3f7961b630..2db1d7a66d 100644 --- a/rules.csv +++ b/rules.csv @@ -515,6 +515,7 @@ c,CERT-C,ERR30-C,Yes,Rule,,,Take care when reading errno,M19-3-1,Contracts4,Hard c,CERT-C,ERR32-C,Yes,Rule,,,Do not rely on indeterminate values of errno,,Contracts5,Hard, c,CERT-C,ERR33-C,Yes,Rule,,,Detect and handle standard library errors,MEM52-CPP,Contracts5,Hard, c,CERT-C,ERR34-C,OutOfScope,Rule,,,Detect errors when converting a string to a number,,,, +c,CERT-C,EXP16-C,Yes,Rule,,,Do not compare function pointers to constant values,,Expressions2,Medium, c,CERT-C,EXP30-C,Yes,Rule,,,Do not depend on the order of evaluation for side effects,EXP50-CPP,SideEffects1,Easy, c,CERT-C,EXP32-C,Yes,Rule,,,Do not access a volatile object through a nonvolatile reference,,Pointers3,Easy, c,CERT-C,EXP33-C,Yes,Rule,,,Do not read uninitialized memory,EXP53-CPP,InvalidMemory1,Import, @@ -530,6 +531,8 @@ c,CERT-C,EXP44-C,Yes,Rule,,,"Do not rely on side effects in operands to sizeof, c,CERT-C,EXP45-C,Yes,Rule,,,Do not perform assignments in selection statements,M6-2-1,SideEffects1,Medium, c,CERT-C,EXP46-C,Yes,Rule,,,Do not use a bitwise operator with a Boolean-like operand,,Expressions,Easy, c,CERT-C,EXP47-C,OutOfScope,Rule,,,Do not call va_arg with an argument of the incorrect type,,,, +c,CERT-C,FIO03-C,Yes,Rule,,,Do not make assumptions about fopen() and file creation,,IO5,Hard, +c,CERT-C,FIO21-C,Yes,Rule,,,Do not create temporary files in shared directories,,IO5,Easy, c,CERT-C,FIO30-C,Yes,Rule,,,Exclude user input from format strings,A27-0-1,IO1,Import, c,CERT-C,FIO32-C,Yes,Rule,,,Do not perform operations on devices that are only appropriate for files,,IO3,Medium, c,CERT-C,FIO34-C,Yes,Rule,,,Distinguish between characters read from a file and EOF or WEOF,,IO1,Hard, @@ -569,7 +572,7 @@ c,CERT-C,MSC38-C,Yes,Rule,,,Do not treat a predefined identifier as an object if c,CERT-C,MSC39-C,Yes,Rule,,,Do not call va_arg() on a va_list that has an indeterminate value,,Contracts7,Hard, c,CERT-C,MSC40-C,Yes,Rule,,,Do not violate constraints,,Contracts,Very Hard, c,CERT-C,MSC41-C,OutOfScope,Rule,,,Never hard code sensitive information,,,, -c,CERT-C,POS30-C,OutOfScope,Rule,,,Use the readlink() function properly,,,, +c,CERT-C,POS30-C,Yes,Rule,,,Use the readlink() function properly,,IO5,Hard, c,CERT-C,POS34-C,OutOfScope,Rule,,,Do not call putenv() with a pointer to an automatic variable as the argument,,,, c,CERT-C,POS35-C,OutOfScope,Rule,,,Avoid race conditions while checking for the existence of a symbolic link,,,, c,CERT-C,POS36-C,OutOfScope,Rule,,,Observe correct revocation order while relinquishing privileges,,,, From c25018fce4f419e5e770b8804fbd483b9705ccd3 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 31 Mar 2025 20:42:42 +0100 Subject: [PATCH 2484/2573] Re-add DeviationsSuppression.ql This is required for our reporting scripts. Changes implemented to support reporting of locations and messages for new deviation formats. --- .../deviations/CodeIdentifierDeviation.qll | 49 +++++++++++++++++-- .../cpp/deviations/DeviationsSuppression.ql | 25 ++++++---- .../DeviationsSuppression.expected | 2 +- 3 files changed, 60 insertions(+), 16 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll b/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll index 310a2b678b..4b2f03cf98 100644 --- a/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll +++ b/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll @@ -226,8 +226,8 @@ class DeviationAttribute extends StdAttribute { DeviationRecord getADeviationRecord() { result = record } - pragma[nomagic] - Element getASuppressedElement() { + /** Gets the element to which this attribute was applied. */ + Element getPrimarySuppressedElement() { result.(Type).getAnAttribute() = this or result.(Stmt).getAnAttribute() = this @@ -235,6 +235,11 @@ class DeviationAttribute extends StdAttribute { result.(Variable).getAnAttribute() = this or result.(Function).getAnAttribute() = this + } + + pragma[nomagic] + Element getASuppressedElement() { + result = this.getPrimarySuppressedElement() or result.(Expr).getEnclosingStmt() = this.getASuppressedElement() or @@ -336,26 +341,60 @@ class CodeIdentifierDeviation extends TCodeIndentifierDeviation { ) } + predicate hasLocationInfo( + string filepath, int suppressedLine, int suppressedColumn, int endline, int endcolumn + ) { + exists(Comment commentMarker | + this = TSingleLineDeviation(_, commentMarker, filepath, suppressedLine) and + suppressedColumn = 1 and + endline = suppressedLine + | + if commentMarker instanceof DeviationEndOfLineMarker + then endcolumn = commentMarker.(DeviationEndOfLineMarker).getLocation().getEndColumn() + else + // Find the last column for a location on the next line + endcolumn = + max(Location l | + l.hasLocationInfo(filepath, _, _, _, _) and + l.getEndLine() = suppressedLine + | + l.getEndColumn() + ) + ) + or + this = TMultiLineDeviation(_, _, _, filepath, suppressedLine, endline) and + suppressedColumn = 1 and + endcolumn = 1 + or + exists(DeviationAttribute attribute | + this = TCodeIdentifierDeviation(_, attribute) and + attribute + .getPrimarySuppressedElement() + .getLocation() + .hasLocationInfo(filepath, suppressedLine, suppressedColumn, endline, endcolumn) + ) + } + string toString() { exists(string filepath | exists(int suppressedLine | this = TSingleLineDeviation(_, _, filepath, suppressedLine) and result = - "Deviation record " + getADeviationRecord() + " applied to " + filepath + " Line " + + "Deviation of " + getADeviationRecord().getQuery() + " applied to " + filepath + " Line " + suppressedLine ) or exists(int suppressedStartLine, int suppressedEndLine | this = TMultiLineDeviation(_, _, _, filepath, suppressedStartLine, suppressedEndLine) and result = - "Deviation record " + getADeviationRecord() + " applied to " + filepath + " Line" + + "Deviation of " + getADeviationRecord().getQuery() + " applied to " + filepath + " Line " + suppressedStartLine + ":" + suppressedEndLine ) ) or exists(DeviationAttribute attribute | this = TCodeIdentifierDeviation(_, attribute) and - result = "Deviation record " + getADeviationRecord() + " applied to " + attribute + result = "Deviation of " + getADeviationRecord().getQuery() + " applied to " + attribute ) } } diff --git a/cpp/common/src/codingstandards/cpp/deviations/DeviationsSuppression.ql b/cpp/common/src/codingstandards/cpp/deviations/DeviationsSuppression.ql index 9035b7d288..f29c068983 100644 --- a/cpp/common/src/codingstandards/cpp/deviations/DeviationsSuppression.ql +++ b/cpp/common/src/codingstandards/cpp/deviations/DeviationsSuppression.ql @@ -38,7 +38,9 @@ newtype TDeviationScope = file.getRelativePath().prefix(deviationPath.length()) = deviationPath ) } or - TDeviationRecordCommentScope(DeviationRecord dr, Comment c) { c = dr.getACodeIdentifierComment() } + TDeviationRecordCodeIdentiferDeviationScope(DeviationRecord dr, CodeIdentifierDeviation c) { + c = dr.getACodeIdentifierDeviation() + } /** A deviation scope. */ class DeviationScope extends TDeviationScope { @@ -91,10 +93,16 @@ class DeviationRecordFileScope extends DeviationScope, TDeviationRecordFileScope * A deviation scope derived from a comment corresponding to a "code-identifier" entry for a * `DeviationRecord`. */ -class DeviationRecordCommentScope extends DeviationScope, TDeviationRecordCommentScope { - private DeviationRecord getDeviationRecord() { this = TDeviationRecordCommentScope(result, _) } +class DeviationRecordCommentScope extends DeviationScope, + TDeviationRecordCodeIdentiferDeviationScope +{ + private DeviationRecord getDeviationRecord() { + this = TDeviationRecordCodeIdentiferDeviationScope(result, _) + } - private Comment getComment() { this = TDeviationRecordCommentScope(_, result) } + private CodeIdentifierDeviation getCodeIdentifierDeviation() { + this = TDeviationRecordCodeIdentiferDeviationScope(_, result) + } override Locatable getDeviationDefinitionLocation() { result = getDeviationRecord() } @@ -103,14 +111,11 @@ class DeviationRecordCommentScope extends DeviationScope, TDeviationRecordCommen override predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn ) { - getComment().getLocation().hasLocationInfo(filepath, startline, _, endline, endcolumn) and - startcolumn = 1 + getCodeIdentifierDeviation() + .hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) } - override string toString() { - result = - "Deviation of " + getDeviationRecord().getQuery() + " for comment " + getComment() + "." - } + override string toString() { result = getCodeIdentifierDeviation().toString() } } from DeviationScope deviationScope diff --git a/cpp/common/test/deviations/deviations_report_deviated/DeviationsSuppression.expected b/cpp/common/test/deviations/deviations_report_deviated/DeviationsSuppression.expected index 50ceb35b9d..1d8a87d359 100644 --- a/cpp/common/test/deviations/deviations_report_deviated/DeviationsSuppression.expected +++ b/cpp/common/test/deviations/deviations_report_deviated/DeviationsSuppression.expected @@ -1,4 +1,4 @@ -| file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/type-long-double-used] | lgtm[cpp/autosar/type-long-double-used] | main.cpp:12:1:12:58 | Deviation of cpp/autosar/type-long-double-used for comment // a-0-4-2-deviation COMPLIANT[DEVIATED]. | +| file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/type-long-double-used] | lgtm[cpp/autosar/type-long-double-used] | main.cpp:12:1:12:58 | Deviation of cpp/autosar/type-long-double-used applied to main.cpp Line 12 | | file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/unused-return-value] | lgtm[cpp/autosar/unused-return-value] | nested/nested2/test2.h:1:1:6:1 | Deviation of cpp/autosar/unused-return-value for nested/nested2/test2.h. | | file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/useless-assignment] | lgtm[cpp/autosar/useless-assignment] | coding-standards.xml:1:1:17:19 | Deviation of cpp/autosar/useless-assignment for coding-standards.xml. | | file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/useless-assignment] | lgtm[cpp/autosar/useless-assignment] | main.cpp:1:1:14:1 | Deviation of cpp/autosar/useless-assignment for main.cpp. | From ddd28e6dc4274c3c1ce1ee313ed3692c28ce7744 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 31 Mar 2025 20:47:06 +0100 Subject: [PATCH 2485/2573] Test new deviation formats for DeviationSuppressions.ql --- .../DeviationsSuppression.expected | 6 ++++- .../deviations_report_deviated/main.cpp | 25 +++++++++++++++++++ 2 files changed, 30 insertions(+), 1 deletion(-) diff --git a/cpp/common/test/deviations/deviations_report_deviated/DeviationsSuppression.expected b/cpp/common/test/deviations/deviations_report_deviated/DeviationsSuppression.expected index 1d8a87d359..73f564c13c 100644 --- a/cpp/common/test/deviations/deviations_report_deviated/DeviationsSuppression.expected +++ b/cpp/common/test/deviations/deviations_report_deviated/DeviationsSuppression.expected @@ -1,7 +1,11 @@ | file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/type-long-double-used] | lgtm[cpp/autosar/type-long-double-used] | main.cpp:12:1:12:58 | Deviation of cpp/autosar/type-long-double-used applied to main.cpp Line 12 | +| file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/type-long-double-used] | lgtm[cpp/autosar/type-long-double-used] | main.cpp:14:1:14:65 | Deviation of cpp/autosar/type-long-double-used applied to main.cpp Line 14 | +| file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/type-long-double-used] | lgtm[cpp/autosar/type-long-double-used] | main.cpp:18:1:18:40 | Deviation of cpp/autosar/type-long-double-used applied to main.cpp Line 18 | +| file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/type-long-double-used] | lgtm[cpp/autosar/type-long-double-used] | main.cpp:21:1:27:1 | Deviation of cpp/autosar/type-long-double-used applied to main.cpp Line 21:27 | +| file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/type-long-double-used] | lgtm[cpp/autosar/type-long-double-used] | main.cpp:29:1:35:1 | Deviation of cpp/autosar/type-long-double-used applied to main.cpp Line 29:35 | | file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/unused-return-value] | lgtm[cpp/autosar/unused-return-value] | nested/nested2/test2.h:1:1:6:1 | Deviation of cpp/autosar/unused-return-value for nested/nested2/test2.h. | | file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/useless-assignment] | lgtm[cpp/autosar/useless-assignment] | coding-standards.xml:1:1:17:19 | Deviation of cpp/autosar/useless-assignment for coding-standards.xml. | -| file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/useless-assignment] | lgtm[cpp/autosar/useless-assignment] | main.cpp:1:1:14:1 | Deviation of cpp/autosar/useless-assignment for main.cpp. | +| file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/useless-assignment] | lgtm[cpp/autosar/useless-assignment] | main.cpp:1:1:39:1 | Deviation of cpp/autosar/useless-assignment for main.cpp. | | file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/useless-assignment] | lgtm[cpp/autosar/useless-assignment] | nested/coding-standards.xml:1:1:13:19 | Deviation of cpp/autosar/useless-assignment for nested/coding-standards.xml. | | file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/useless-assignment] | lgtm[cpp/autosar/useless-assignment] | nested/nested2/test2.h:1:1:6:1 | Deviation of cpp/autosar/useless-assignment for nested/nested2/test2.h. | | file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/useless-assignment] | lgtm[cpp/autosar/useless-assignment] | nested/test.h:1:1:6:1 | Deviation of cpp/autosar/useless-assignment for nested/test.h. | diff --git a/cpp/common/test/deviations/deviations_report_deviated/main.cpp b/cpp/common/test/deviations/deviations_report_deviated/main.cpp index c59dea5609..7891faea18 100644 --- a/cpp/common/test/deviations/deviations_report_deviated/main.cpp +++ b/cpp/common/test/deviations/deviations_report_deviated/main.cpp @@ -10,5 +10,30 @@ int main(int argc, char **argv) { getX(); // NON_COMPLIANT long double d1; // NON_COMPLIANT (A0-4-2) long double d2; // a-0-4-2-deviation COMPLIANT[DEVIATED] + + long double d3; // codeql::autosar_deviation(a-0-4-2-deviation) + // COMPLIANT[DEVIATED] + long double d4; // NON_COMPLIANT (A0-4-2) + // codeql::autosar_deviation_next_line(a-0-4-2-deviation) + long double d5; // COMPLIANT[DEVIATED] + long double d6; // NON_COMPLIANT (A0-4-2) + + // codeql::autosar_deviation_begin(a-0-4-2-deviation) + long double d7; // COMPLIANT[DEVIATED] + getX(); // NON_COMPLIANT (A0-1-2) + long double d8; // COMPLIANT[DEVIATED] + getX(); // NON_COMPLIANT (A0-1-2) + long double d9; // COMPLIANT[DEVIATED] + // codeql::autosar_deviation_end(a-0-4-2-deviation) + long double d10; // NON_COMPLIANT (A0-4-2) + // codeql::autosar_deviation_begin(a-0-4-2-deviation) + long double d11; // COMPLIANT[DEVIATED] + getX(); // NON_COMPLIANT (A0-1-2) + long double d12; // COMPLIANT[DEVIATED] + getX(); // NON_COMPLIANT (A0-1-2) + long double d13; // COMPLIANT[DEVIATED] + // codeql::autosar_deviation_end(a-0-4-2-deviation) + long double d14; // NON_COMPLIANT (A0-4-2) + getX(); // NON_COMPLIANT (A0-1-2) return 0; } \ No newline at end of file From e7b53b27d540dac4213f6dfeef26f3a8174988ea Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Mon, 31 Mar 2025 20:39:32 -0700 Subject: [PATCH 2486/2573] Implement Rule-1-4's rule amendment from Amendment4 (also amended in Amdt3) --- amendments.csv | 2 +- .../EmergentLanguageFeaturesUsed.expected | 6 ------ c/misra/test/rules/RULE-1-4/test.c | 12 ++++++------ ...mics-threads-and-threadlocals-in-misra-c.md | 2 ++ .../src/codingstandards/cpp/Emergent.qll | 18 ------------------ 5 files changed, 9 insertions(+), 31 deletions(-) create mode 100644 change_notes/2025-03-31-allow-atomics-threads-and-threadlocals-in-misra-c.md diff --git a/amendments.csv b/amendments.csv index 1e774bc0c3..7bcc65327c 100644 --- a/amendments.csv +++ b/amendments.csv @@ -24,7 +24,7 @@ c,MISRA-C-2012,Amendment4,RULE-8-9,Yes,Clarification,Yes,Import c,MISRA-C-2012,Amendment4,RULE-9-4,Yes,Clarification,Yes,Import c,MISRA-C-2012,Amendment4,RULE-10-1,Yes,Clarification,Yes,Import c,MISRA-C-2012,Amendment4,RULE-18-3,Yes,Clarification,Yes,Import -c,MISRA-C-2012,Amendment4,RULE-1-4,Yes,Replace,No,Easy +c,MISRA-C-2012,Amendment4,RULE-1-4,Yes,Replace,Yes,Easy c,MISRA-C-2012,Amendment4,RULE-9-1,Yes,Refine,Yes,Easy c,MISRA-C-2012,Corrigendum2,DIR-4-10,Yes,Clarification,Yes,Import c,MISRA-C-2012,Corrigendum2,RULE-7-4,Yes,Refine,Yes,Easy diff --git a/c/misra/test/rules/RULE-1-4/EmergentLanguageFeaturesUsed.expected b/c/misra/test/rules/RULE-1-4/EmergentLanguageFeaturesUsed.expected index b0bbc467aa..3f63a6c26c 100644 --- a/c/misra/test/rules/RULE-1-4/EmergentLanguageFeaturesUsed.expected +++ b/c/misra/test/rules/RULE-1-4/EmergentLanguageFeaturesUsed.expected @@ -1,7 +1 @@ -| test.c:2:1:2:22 | #include | Usage of emergent language feature. | -| test.c:4:1:4:20 | #include | Usage of emergent language feature. | | test.c:7:1:7:32 | #define __STDC_WANT_LIB_EXT1__ 1 | Usage of emergent language feature. | -| test.c:12:26:12:40 | atomic_new_type | Usage of emergent language feature. | -| test.c:17:15:17:15 | i | Usage of emergent language feature. | -| test.c:24:27:24:28 | i3 | Usage of emergent language feature. | -| test.c:25:28:25:29 | i4 | Usage of emergent language feature. | diff --git a/c/misra/test/rules/RULE-1-4/test.c b/c/misra/test/rules/RULE-1-4/test.c index 81d609f052..5bea219b54 100644 --- a/c/misra/test/rules/RULE-1-4/test.c +++ b/c/misra/test/rules/RULE-1-4/test.c @@ -1,15 +1,15 @@ #include //COMPLIANT -#include //NON_COMPLIANT +#include //COMPLIANT #include //COMPLIANT -#include //NON_COMPLIANT +#include //COMPLIANT -#define MACRO(x) _Generic((x), int : 0, long : 1) // NON_COMPLIANT +#define MACRO(x) _Generic((x), int : 0, long : 1) // COMPLIANT #define __STDC_WANT_LIB_EXT1__ 1 // NON_COMPLIANT _Noreturn void f0(); // COMPLIANT typedef int new_type; // COMPLIANT -typedef _Atomic new_type atomic_new_type; // NON_COMPLIANT +typedef _Atomic new_type atomic_new_type; // COMPLIANT void f(int p) { int i0 = _Generic(p, int : 0, long : 1); // COMPLIANT @@ -21,6 +21,6 @@ void f(int p) { int a = _Alignof(int); // COMPLIANT int a1 = alignof(int); // COMPLIANT - static thread_local int i3; // NON_COMPLIANT - static _Thread_local int i4; // NON_COMPLIANT + static thread_local int i3; // COMPLIANT + static _Thread_local int i4; // COMPLIANT } \ No newline at end of file diff --git a/change_notes/2025-03-31-allow-atomics-threads-and-threadlocals-in-misra-c.md b/change_notes/2025-03-31-allow-atomics-threads-and-threadlocals-in-misra-c.md new file mode 100644 index 0000000000..b59e04610f --- /dev/null +++ b/change_notes/2025-03-31-allow-atomics-threads-and-threadlocals-in-misra-c.md @@ -0,0 +1,2 @@ + - `RULE-1-4` - `EmergentLanguageFeaturesUsed.ql`: + - Allow usage of atomics, `thread.h`, and `_Thread_local` as per Misra C 2012 Amendment 4. \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/Emergent.qll b/cpp/common/src/codingstandards/cpp/Emergent.qll index 3b3fbbaebd..30f1df58e4 100644 --- a/cpp/common/src/codingstandards/cpp/Emergent.qll +++ b/cpp/common/src/codingstandards/cpp/Emergent.qll @@ -6,24 +6,6 @@ import cpp module C11 { abstract class EmergentLanguageFeature extends Element { } - class AtomicVariableSpecifier extends EmergentLanguageFeature, Variable { - AtomicVariableSpecifier() { - getType().(DerivedType).getBaseType*().getASpecifier().getName() = "atomic" - } - } - - class AtomicDeclaration extends EmergentLanguageFeature, Declaration { - AtomicDeclaration() { getASpecifier().getName() = "atomic" } - } - - class ThreadLocalDeclaration extends EmergentLanguageFeature, Declaration { - ThreadLocalDeclaration() { getASpecifier().getName() = "is_thread_local" } - } - - class EmergentHeader extends EmergentLanguageFeature, Include { - EmergentHeader() { getIncludedFile().getBaseName() = ["stdatomic.h", "threads.h"] } - } - class LibExt1Macro extends EmergentLanguageFeature, Macro { LibExt1Macro() { getName() = "__STDC_WANT_LIB_EXT1__" and From 24d743593ee429a50b81dd8f526f0d1ee603529a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 7 Apr 2025 04:34:06 +0000 Subject: [PATCH 2487/2573] Bump actions/create-github-app-token from 1 to 2 Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 1 to 2. - [Release notes](https://github.com/actions/create-github-app-token/releases) - [Commits](https://github.com/actions/create-github-app-token/compare/v1...v2) --- updated-dependencies: - dependency-name: actions/create-github-app-token dependency-version: '2' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/dispatch-matrix-test-on-comment.yml | 2 +- .github/workflows/dispatch-release-performance-check.yml | 2 +- .github/workflows/finalize-release.yml | 2 +- .github/workflows/prepare-release.yml | 2 +- .github/workflows/update-release.yml | 2 +- .github/workflows/validate-release.yml | 4 ++-- 6 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/dispatch-matrix-test-on-comment.yml b/.github/workflows/dispatch-matrix-test-on-comment.yml index 964fb7e9f3..972cabdb89 100644 --- a/.github/workflows/dispatch-matrix-test-on-comment.yml +++ b/.github/workflows/dispatch-matrix-test-on-comment.yml @@ -19,7 +19,7 @@ jobs: - name: Generate token id: generate-token - uses: actions/create-github-app-token@v1 + uses: actions/create-github-app-token@v2 with: app-id: ${{ vars.AUTOMATION_APP_ID }} private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} diff --git a/.github/workflows/dispatch-release-performance-check.yml b/.github/workflows/dispatch-release-performance-check.yml index a8df297f7d..5886bb2ea8 100644 --- a/.github/workflows/dispatch-release-performance-check.yml +++ b/.github/workflows/dispatch-release-performance-check.yml @@ -19,7 +19,7 @@ jobs: - name: Generate token id: generate-token - uses: actions/create-github-app-token@v1 + uses: actions/create-github-app-token@v2 with: app-id: ${{ vars.AUTOMATION_APP_ID }} private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index a7ccc0375e..b3a96f32d3 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -103,7 +103,7 @@ jobs: - name: Generate token if: env.HOTFIX_RELEASE == 'false' id: generate-token - uses: actions/create-github-app-token@v1 + uses: actions/create-github-app-token@v2 with: app-id: ${{ vars.AUTOMATION_APP_ID }} private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 19dbe1adbd..75e297d42e 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -143,7 +143,7 @@ jobs: - name: Generate token id: generate-token - uses: actions/create-github-app-token@v1 + uses: actions/create-github-app-token@v2 with: app-id: ${{ vars.AUTOMATION_APP_ID }} private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} diff --git a/.github/workflows/update-release.yml b/.github/workflows/update-release.yml index 4f779d0841..e3b8045514 100644 --- a/.github/workflows/update-release.yml +++ b/.github/workflows/update-release.yml @@ -43,7 +43,7 @@ jobs: - name: Generate token id: generate-token - uses: actions/create-github-app-token@v1 + uses: actions/create-github-app-token@v2 with: app-id: ${{ vars.AUTOMATION_APP_ID }} private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 63aa9e90e3..cd7d27f6fa 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -40,7 +40,7 @@ jobs: steps: - name: Generate token id: generate-token - uses: actions/create-github-app-token@v1 + uses: actions/create-github-app-token@v2 with: app-id: ${{ vars.AUTOMATION_APP_ID }} private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} @@ -108,7 +108,7 @@ jobs: steps: - name: Generate token id: generate-token - uses: actions/create-github-app-token@v1 + uses: actions/create-github-app-token@v2 with: app-id: ${{ vars.AUTOMATION_APP_ID }} private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} From 4623f33542c09fbc1d2fa38833a2d0a337489602 Mon Sep 17 00:00:00 2001 From: Michael R Fairhurst Date: Tue, 8 Apr 2025 22:15:40 +0000 Subject: [PATCH 2488/2573] First pass at addressing cross-compiler compatibility in MISRA 2023. Handles clang findings and gcc findings. Many issues were merely updates to the test cases, however, additional work has been done to properly handle tgmath.h and stdatomic.h macros across gcc and clang results. --- c/common/src/codingstandards/c/TgMath.qll | 59 +++- .../functionnoreturnattributecondition/test.c | 2 +- .../rules/RULE-13-2/UnsequencedAtomicReads.ql | 50 ++- .../TgMathArgumentWithInvalidEssentialType.ql | 11 +- ...gMathArgumentsWithDifferingStandardType.ql | 6 +- .../RULE-21-25/InvalidMemoryOrderArgument.ql | 76 +--- .../RULE-9-7/UninitializedAtomicObject.ql | 6 +- c/misra/test/rules/DIR-5-1/test.c | 2 +- c/misra/test/rules/DIR-5-3/test.c | 2 +- ...eOfObsoleteMacroAtomicVarInit.expected.gcc | 1 + ...tomicQualifierAppliedToVoid.expected.clang | 0 c/misra/test/rules/RULE-11-10/test.c.clang | 28 ++ ...egateObjectDirectlyAccessed.expected.clang | 0 c/misra/test/rules/RULE-12-6/test.c | 6 +- c/misra/test/rules/RULE-12-6/test.c.clang | 89 +++++ .../RULE-13-2/UnsequencedAtomicReads.expected | 6 +- .../UnsequencedAtomicReads.expected.gcc | 5 + c/misra/test/rules/RULE-17-11/test.c | 2 +- c/misra/test/rules/RULE-18-10/test.c | 6 +- c/misra/test/rules/RULE-18-8/test.c | 2 +- ...ointerConversionOfTemporaryObject.expected | 6 +- ...eSubscriptedWithTemporaryLifetime.expected | 14 +- c/misra/test/rules/RULE-18-9/test.c | 5 +- ...hArgumentWithInvalidEssentialType.expected | 2 + ...entWithInvalidEssentialType.expected.clang | 76 ++++ ...umentWithInvalidEssentialType.expected.gcc | 79 +++++ c/misra/test/rules/RULE-21-22/test.c | 6 + c/misra/test/rules/RULE-21-22/test.c.clang | 329 ++++++++++++++++++ c/misra/test/rules/RULE-21-22/test.c.gcc | 329 ++++++++++++++++++ ...tsWithDifferingStandardType.expected.clang | 139 ++++++++ ...entsWithDifferingStandardType.expected.gcc | 139 ++++++++ .../InvalidMemoryOrderArgument.expected | 142 ++++---- .../InvalidMemoryOrderArgument.expected.gcc | 106 ++++++ c/misra/test/rules/RULE-21-25/test.c | 19 +- c/misra/test/rules/RULE-21-26/test.c | 2 +- c/misra/test/rules/RULE-22-16/test.c | 2 +- ...fObjectWithUnmatchedAlignment.expected.gcc | 20 +- c/misra/test/rules/RULE-9-7/test.c | 4 +- ...ss-compiler-compatibility-in-misra-2023.md | 12 + .../src/codingstandards/cpp/FloatingPoint.qll | 3 +- .../cpp/StdFunctionOrMacro.qll | 138 ++++++-- 41 files changed, 1698 insertions(+), 233 deletions(-) create mode 100644 c/misra/test/rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.expected.gcc create mode 100644 c/misra/test/rules/RULE-11-10/AtomicQualifierAppliedToVoid.expected.clang create mode 100644 c/misra/test/rules/RULE-11-10/test.c.clang create mode 100644 c/misra/test/rules/RULE-12-6/AtomicAggregateObjectDirectlyAccessed.expected.clang create mode 100644 c/misra/test/rules/RULE-12-6/test.c.clang create mode 100644 c/misra/test/rules/RULE-13-2/UnsequencedAtomicReads.expected.gcc create mode 100644 c/misra/test/rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.expected.clang create mode 100644 c/misra/test/rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.expected.gcc create mode 100644 c/misra/test/rules/RULE-21-22/test.c.clang create mode 100644 c/misra/test/rules/RULE-21-22/test.c.gcc create mode 100644 c/misra/test/rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.expected.clang create mode 100644 c/misra/test/rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.expected.gcc create mode 100644 c/misra/test/rules/RULE-21-25/InvalidMemoryOrderArgument.expected.gcc create mode 100644 change_notes/2025-04-08-address-cross-compiler-compatibility-in-misra-2023.md diff --git a/c/common/src/codingstandards/c/TgMath.qll b/c/common/src/codingstandards/c/TgMath.qll index 36c47fb5a2..8d68cd2574 100644 --- a/c/common/src/codingstandards/c/TgMath.qll +++ b/c/common/src/codingstandards/c/TgMath.qll @@ -1,21 +1,38 @@ import cpp -private string getATgMathMacroName(boolean allowComplex) { +private string getATgMathMacroName(boolean allowComplex, int numberOfParameters) { allowComplex = true and + numberOfParameters = 1 and result = [ "acos", "acosh", "asin", "asinh", "atan", "atanh", "carg", "cimag", "conj", "cos", "cosh", - "cproj", "creal", "exp", "fabs", "log", "pow", "sin", "sinh", "sqrt", "tan", "tanh" + "cproj", "creal", "exp", "fabs", "log", "sin", "sinh", "sqrt", "tan", "tanh" + ] + or + allowComplex = true and + numberOfParameters = 2 and + result = "pow" + or + allowComplex = false and + numberOfParameters = 1 and + result = + [ + "cbrt", "ceil", "erf", "erfc", "exp2", "expm1", "floor", "ilogb", "lgamma", "llrint", + "llround", "log10", "log1p", "log2", "logb", "lrint", "lround", "nearbyint", "rint", "round", + "tgamma", "trunc", ] or allowComplex = false and + numberOfParameters = 2 and result = [ - "atan2", "cbrt", "ceil", "copysign", "erf", "erfc", "exp2", "expm1", "fdim", "floor", "fma", - "fmax", "fmin", "fmod", "frexp", "hypot", "ilogb", "ldexp", "lgamma", "llrint", "llround", - "log10", "log1p", "log2", "logb", "lrint", "lround", "nearbyint", "nextafter", "nexttoward", - "remainder", "remquo", "rint", "round", "scalbn", "scalbln", "tgamma", "trunc", + "atan2", "copysign", "fdim", "fmax", "fmin", "fmod", "frexp", "hypot", "ldexp", "nextafter", + "nexttoward", "remainder", "scalbn", "scalbln" ] + or + allowComplex = false and + numberOfParameters = 3 and + result = ["fma", "remquo"] } private predicate hasOutputArgument(string macroName, int index) { @@ -27,19 +44,41 @@ private predicate hasOutputArgument(string macroName, int index) { class TgMathInvocation extends MacroInvocation { Call call; boolean allowComplex; + int numberOfParameters; TgMathInvocation() { - this.getMacro().getName() = getATgMathMacroName(allowComplex) and + this.getMacro().getName() = getATgMathMacroName(allowComplex, numberOfParameters) and call = getBestCallInExpansion(this) } + /** Account for extra parameters added by gcc */ + private int getParameterOffset() { + // Gcc calls look something like: `__builtin_tgmath(cosf, cosd, cosl, arg)`, in this example + // there is a parameter offset of 3, so `getOperandArgument(0)` is equivalent to + // `call.getArgument(3)`. + result = call.getNumberOfArguments() - numberOfParameters + } + Expr getOperandArgument(int i) { - result = call.getArgument(i) and - not hasOutputArgument(call.getTarget().getName(), i) + i >= 0 and + result = call.getArgument(i + getParameterOffset()) and + //i in [0..numberOfParameters - 1] and + not hasOutputArgument(getMacro().getName(), i) + } + + /** Get all explicit conversions, except those added by clang in the macro body */ + Expr getExplicitlyConvertedOperandArgument(int i) { + exists(Expr explicitConv | + explicitConv = getOperandArgument(i).getExplicitlyConverted() and + // clang explicitly casts most arguments, but not some integer arguments such as in `scalbn`. + if call.getTarget().getName().matches("__tg_%") and explicitConv instanceof Conversion + then result = explicitConv.(Conversion).getExpr() + else result = explicitConv + ) } int getNumberOfOperandArguments() { - result = call.getNumberOfArguments() - count(int i | hasOutputArgument(getMacroName(), i)) + result = numberOfParameters - count(int i | hasOutputArgument(getMacroName(), i)) } Expr getAnOperandArgument() { result = getOperandArgument(_) } diff --git a/c/common/test/rules/functionnoreturnattributecondition/test.c b/c/common/test/rules/functionnoreturnattributecondition/test.c index 1b0ba759e1..c13654a8e0 100644 --- a/c/common/test/rules/functionnoreturnattributecondition/test.c +++ b/c/common/test/rules/functionnoreturnattributecondition/test.c @@ -77,7 +77,7 @@ _Noreturn void test_noreturn_f10(int i) { // COMPLIANT case 4: thrd_exit(0); break; - default: + default:; jmp_buf jb; longjmp(jb, 0); } diff --git a/c/misra/src/rules/RULE-13-2/UnsequencedAtomicReads.ql b/c/misra/src/rules/RULE-13-2/UnsequencedAtomicReads.ql index b5e17fc934..86756668a8 100644 --- a/c/misra/src/rules/RULE-13-2/UnsequencedAtomicReads.ql +++ b/c/misra/src/rules/RULE-13-2/UnsequencedAtomicReads.ql @@ -17,6 +17,7 @@ import semmle.code.cpp.dataflow.TaintTracking import codingstandards.c.misra import codingstandards.c.Ordering import codingstandards.c.orderofevaluation.VariableAccessOrdering +import codingstandards.cpp.StdFunctionOrMacro class AtomicAccessInFullExpressionOrdering extends Ordering::Configuration { AtomicAccessInFullExpressionOrdering() { this = "AtomicAccessInFullExpressionOrdering" } @@ -24,8 +25,8 @@ class AtomicAccessInFullExpressionOrdering extends Ordering::Configuration { override predicate isCandidate(Expr e1, Expr e2) { exists(AtomicVariableAccess a, AtomicVariableAccess b, FullExpr e | a = e1 and b = e2 | a.getTarget() = b.getTarget() and - a.(ConstituentExpr).getFullExpr() = e and - b.(ConstituentExpr).getFullExpr() = e and + a.getARead().(ConstituentExpr).getFullExpr() = e and + b.getARead().(ConstituentExpr).getFullExpr() = e and not a = b ) } @@ -39,13 +40,32 @@ class AtomicAccessInFullExpressionOrdering extends Ordering::Configuration { class AtomicVariableAccess extends VariableAccess { AtomicVariableAccess() { getTarget().getType().hasSpecifier("atomic") } - /* Get the `atomic_()` call this VarAccess occurs in. */ - FunctionCall getAtomicFunctionCall() { - exists(AddressOfExpr addrParent, FunctionCall fc | - fc.getTarget().getName().matches("__c11_atomic%") and + /* Get the `atomic_load()` call this VarAccess occurs in. */ + Expr getAtomicFunctionRead() { + exists(AddressOfExpr addrParent, AtomicReadOrWriteCall fc | + fc.getName().matches("atomic_load%") and + // StdFunctionOrMacro arguments are not necessarily reliable, so we look for any AddressOfExpr + // that is an argument to a call to `atomic_load`. addrParent = fc.getArgument(0) and addrParent.getAnOperand() = this and - result = fc + result = fc.getExpr() + ) + } + + /* Get the `atomic_store()` call this VarAccess occurs in. */ + Expr getAtomicFunctionWrite(Expr storedValue) { + exists(AddressOfExpr addrParent, AtomicReadOrWriteCall fc | + addrParent = fc.getArgument(0) and + addrParent.getAnOperand() = this and + result = fc.getExpr() and + ( + fc.getName().matches(["%store%", "%exchange%", "%fetch_%"]) and + not fc.getName().matches("%compare%") and + storedValue = fc.getArgument(1) + or + fc.getName().matches(["%compare%"]) and + storedValue = fc.getArgument(2) + ) ) } @@ -53,7 +73,7 @@ class AtomicVariableAccess extends VariableAccess { * Gets an assigned expr, either in the form `x = ` or `atomic_store(&x, )`. */ Expr getAnAssignedExpr() { - result = getAtomicFunctionCall().getArgument(1) + exists(getAtomicFunctionWrite(result)) or exists(AssignExpr assign | assign.getLValue() = this and @@ -65,7 +85,7 @@ class AtomicVariableAccess extends VariableAccess { * Gets the expression holding this variable access, either in the form `x` or `atomic_read(&x)`. */ Expr getARead() { - result = getAtomicFunctionCall() + result = getAtomicFunctionRead() or result = this } @@ -73,11 +93,17 @@ class AtomicVariableAccess extends VariableAccess { from AtomicAccessInFullExpressionOrdering config, FullExpr e, Variable v, AtomicVariableAccess va1, - AtomicVariableAccess va2 + AtomicVariableAccess va2, Expr va1Read, Expr va2Read where not isExcluded(e, SideEffects3Package::unsequencedAtomicReadsQuery()) and - e = va1.(ConstituentExpr).getFullExpr() and - config.isUnsequenced(va1, va2) and + va1Read = va1.getARead() and + va2Read = va2.getARead() and + e = va1Read.(ConstituentExpr).getFullExpr() and + // Careful here. The `VariableAccess` in a pair of atomic function calls may not be unsequenced, + // for instance in gcc where atomic functions expand to StmtExprs, which have clear sequences. + // In this case, the result of `getARead()` for a pair of atomic function calls may be + // unsequenced even though the `VariableAccess`es within those calls are not. + config.isUnsequenced(va1Read, va2Read) and v = va1.getTarget() and v = va2.getTarget() and // Exclude cases where the variable is assigned a value tainted by the other variable access. diff --git a/c/misra/src/rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.ql b/c/misra/src/rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.ql index 2105567d04..3c918c10d3 100644 --- a/c/misra/src/rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.ql +++ b/c/misra/src/rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.ql @@ -34,14 +34,17 @@ string getAllowedTypesString(TgMathInvocation call) { else result = "essentially signed, unsigned, or real floating type" } -from TgMathInvocation call, Expr arg, int argIndex, Type type, EssentialTypeCategory category +from TgMathInvocation call, Expr convertedArg, Expr unconverted, int argIndex, Type type, EssentialTypeCategory category where not isExcluded(call, EssentialTypes2Package::tgMathArgumentWithInvalidEssentialTypeQuery()) and - arg = call.getOperandArgument(argIndex) and - type = getEssentialType(arg) and + // We must handle conversions specially, as clang inserts casts in the macro body we want to ignore. + convertedArg = call.getExplicitlyConvertedOperandArgument(argIndex) and + unconverted = convertedArg.getUnconverted() and + // Do not use `convertedArg.getEssentialType()`, as that is affected by clang's casts in the macro body. + type = getEssentialTypeBeforeConversions(convertedArg) and category = getEssentialTypeCategory(type) and not category = getAnAllowedEssentialTypeCategory(call) -select arg, +select unconverted, "Argument " + (argIndex + 1) + " provided to type-generic macro '" + call.getMacroName() + "' has " + category.toString().toLowerCase() + ", which is not " + getAllowedTypesString(call) + "." diff --git a/c/misra/src/rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.ql b/c/misra/src/rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.ql index 81209c8565..1a19249982 100644 --- a/c/misra/src/rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.ql +++ b/c/misra/src/rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.ql @@ -59,14 +59,14 @@ Type canonicalize(Type type) { } Type getEffectiveStandardType(Expr e) { - result = canonicalize(getPromotedType(e.getExplicitlyConverted())) + result = canonicalize(getPromotedType(e)) } from TgMathInvocation call, Type firstType where not isExcluded(call, EssentialTypes2Package::tgMathArgumentsWithDifferingStandardTypeQuery()) and - firstType = getEffectiveStandardType(call.getAnOperandArgument()) and - not forall(Expr arg | arg = call.getAnOperandArgument() | + firstType = getEffectiveStandardType(call.getExplicitlyConvertedOperandArgument(0)) and + not forall(Expr arg | arg = call.getExplicitlyConvertedOperandArgument(_) | firstType = getEffectiveStandardType(arg) ) select call, diff --git a/c/misra/src/rules/RULE-21-25/InvalidMemoryOrderArgument.ql b/c/misra/src/rules/RULE-21-25/InvalidMemoryOrderArgument.ql index 92ec2694b3..a7b599316a 100644 --- a/c/misra/src/rules/RULE-21-25/InvalidMemoryOrderArgument.ql +++ b/c/misra/src/rules/RULE-21-25/InvalidMemoryOrderArgument.ql @@ -14,11 +14,23 @@ import cpp import codingstandards.c.misra +import codingstandards.cpp.StdFunctionOrMacro import semmle.code.cpp.dataflow.new.DataFlow +class MemoryOrderEnum extends Enum { + MemoryOrderEnum() { + this.hasGlobalOrStdName("memory_order") + or + exists(TypedefType t | + t.getName() = "memory_order" and + t.getBaseType() = this + ) + } +} + /* A member of the set of memory orders defined in the `memory_order` enum */ class MemoryOrder extends EnumConstant { - MemoryOrder() { getDeclaringEnum().getName() = "memory_order" } + MemoryOrder() { getDeclaringEnum() instanceof MemoryOrderEnum } int getIntValue() { result = getValue().toInt() } } @@ -49,59 +61,6 @@ class MemoryOrderConstantExpr extends Expr { string getMemoryOrderString() { result = ord.getName() } } -/** - * A `stdatomic.h` function which accepts a `memory_order` value as a parameter. - */ -class MemoryOrderedStdAtomicFunction extends Function { - int orderParamIdx; - - MemoryOrderedStdAtomicFunction() { - exists(int baseParamIdx, int baseParams, string prefix, string regex, string basename | - regex = "__(c11_)?atomic_([a-z_]+)" and - prefix = getName().regexpCapture(regex, 1) and - basename = "atomic_" + getName().regexpCapture(regex, 2) + ["", "_explicit"] and - ( - basename in ["atomic_thread_fence", "atomic_signal_fence"] and - baseParamIdx = 0 and - baseParams = 1 - or - basename in ["atomic_load", "atomic_flag_clear", "atomic_flag_test_and_set"] and - baseParamIdx = 1 and - baseParams = 2 - or - basename in [ - "atomic_store", "atomic_fetch_" + ["add", "sub", "or", "xor", "and"], "atomic_exchange" - ] and - baseParamIdx = 2 and - baseParams = 3 - or - basename in ["atomic_compare_exchange_" + ["strong", "weak"]] and - baseParamIdx = [3, 4] and - baseParams = 5 - ) and - ( - // GCC case, may have one or two inserted parameters, e.g.: - // __atomic_load(8, &repr->a, &desired, order) - // or - // __atomic_load_8(&repr->a, &desired, order) - prefix = "" and - exists(int extraParams | - extraParams = getNumberOfParameters() - baseParams and - extraParams >= 0 and - orderParamIdx = baseParamIdx + extraParams - ) - or - // Clang case, no inserted parameters: - // __c11_atomic_load(object, order) - prefix = "c11_" and - orderParamIdx = baseParamIdx - ) - ) - } - - int getOrderParameterIdx() { result = orderParamIdx } -} - module MemoryOrderFlowConfig implements DataFlow::ConfigSig { predicate isSource(DataFlow::Node node) { // Direct usage of memory order constant @@ -118,9 +77,8 @@ module MemoryOrderFlowConfig implements DataFlow::ConfigSig { } predicate isSink(DataFlow::Node node) { - exists(FunctionCall fc | - node.asExpr() = - fc.getArgument(fc.getTarget().(MemoryOrderedStdAtomicFunction).getOrderParameterIdx()) + exists(AtomicallySequencedCall call | + call.getAMemoryOrderArgument() = node.asExpr() ) } } @@ -140,7 +98,7 @@ string describeMemoryOrderNode(DataFlow::Node node) { } from - Expr argument, Function function, string value, MemoryOrderFlow::PathNode source, + Expr argument, AtomicallySequencedCall function, string value, MemoryOrderFlow::PathNode source, MemoryOrderFlow::PathNode sink where not isExcluded(argument, Concurrency6Package::invalidMemoryOrderArgumentQuery()) and @@ -149,6 +107,6 @@ where value = describeMemoryOrderNode(source.getNode()) and // Double check that we didn't find flow from something equivalent to the allowed value. not value = any(AllowedMemoryOrder e).getName() and - function.getACallToThisFunction().getAnArgument() = argument + function.getAMemoryOrderArgument() = argument select argument, source, sink, "Invalid memory order '$@' in call to function '$@'.", value, value, function, function.getName() diff --git a/c/misra/src/rules/RULE-9-7/UninitializedAtomicObject.ql b/c/misra/src/rules/RULE-9-7/UninitializedAtomicObject.ql index dfb096189f..5f7fb803d6 100644 --- a/c/misra/src/rules/RULE-9-7/UninitializedAtomicObject.ql +++ b/c/misra/src/rules/RULE-9-7/UninitializedAtomicObject.ql @@ -31,7 +31,11 @@ class ThreadSpawningFunction extends Function { } class AtomicInitAddressOfExpr extends AddressOfExpr { - AtomicInitAddressOfExpr() { exists(AtomicInitCall c | this = c.getArgument(0)) } + AtomicInitAddressOfExpr() { + // StdFunctionOrMacro arguments are not necessarily reliable, so we look for any AddressOfExpr + // that is an argument to a call to `atomic_init`. + exists(AtomicInitCall c | this = c.getAnArgument()) + } } ControlFlowNode getARequiredInitializationPoint(LocalScopeVariable v) { diff --git a/c/misra/test/rules/DIR-5-1/test.c b/c/misra/test/rules/DIR-5-1/test.c index 5e568cc95c..5f392105e6 100644 --- a/c/misra/test/rules/DIR-5-1/test.c +++ b/c/misra/test/rules/DIR-5-1/test.c @@ -99,7 +99,7 @@ void many_thread13_calls_nonreentrant_funcs(void *p) { wcsrtombs(NULL, NULL, 0, NULL); // NON-COMPLIANT } -void main() { +int main(int argc, char *argv[]) { thrd_t single_thread1; thrd_t many_thread2; thrd_t single_thread3; diff --git a/c/misra/test/rules/DIR-5-3/test.c b/c/misra/test/rules/DIR-5-3/test.c index ebdf53cfb4..16eb580276 100644 --- a/c/misra/test/rules/DIR-5-3/test.c +++ b/c/misra/test/rules/DIR-5-3/test.c @@ -14,7 +14,7 @@ void func_called_from_main(void); void make_threads_called_from_func_called_from_main(void); void make_threads_called_from_main_pthread_thrd(void); -void main() { +int main(int argc, char *argv[]) { thrd_create(&g1, &thrd_func, NULL); // COMPLIANT pthread_create(&g2, NULL, &pthread_func, NULL); // COMPLIANT diff --git a/c/misra/test/rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.expected.gcc b/c/misra/test/rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.expected.gcc new file mode 100644 index 0000000000..cb8e72ff0f --- /dev/null +++ b/c/misra/test/rules/RULE-1-5/UseOfObsoleteMacroAtomicVarInit.expected.gcc @@ -0,0 +1 @@ +| test.c:29:18:29:36 | ATOMIC_VAR_INIT(VALUE) | Usage of macro ATOMIC_VAR_INIT() is declared obscelescent in C18, and discouraged in earlier C versions. | diff --git a/c/misra/test/rules/RULE-11-10/AtomicQualifierAppliedToVoid.expected.clang b/c/misra/test/rules/RULE-11-10/AtomicQualifierAppliedToVoid.expected.clang new file mode 100644 index 0000000000..e69de29bb2 diff --git a/c/misra/test/rules/RULE-11-10/test.c.clang b/c/misra/test/rules/RULE-11-10/test.c.clang new file mode 100644 index 0000000000..c30368a48d --- /dev/null +++ b/c/misra/test/rules/RULE-11-10/test.c.clang @@ -0,0 +1,28 @@ +// _Atomic void g1; // doesn't compile +_Atomic int g2; // COMPLIANT +// _Atomic void *g3; // NON_COMPLIANT +// _Atomic void g4[]; // doesn't compile +void *_Atomic g5; // COMPLIANT + +struct { + _Atomic int m1; // COMPLIANT + // _Atomic void m2; // doesn't compile + // _Atomic void *m3; // NON_COMPLIANT + void *_Atomic m4; // COMPLIANT +} s1; + +void f(_Atomic int p1 // COMPLIANT + // _Atomic void *p2 // NON_COMPLIANT + // _Atomic void p3[] // doesn't compile, even though it perhaps should as + // it is adjusted to void*. +) {} + +// typedef _Atomic void *f2(void); // NON_COMPLIANT +// typedef _Atomic void *(*f3)(void); // NON_COMPLIANT +// typedef void f4(_Atomic void *); // NON_COMPLIANT +// typedef void (*f5)(_Atomic void *); // NON_COMPLIANT + +void f6() { + (void *)0; // COMPLIANT + // (_Atomic void *)0; // NON_COMPLIANT +} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-12-6/AtomicAggregateObjectDirectlyAccessed.expected.clang b/c/misra/test/rules/RULE-12-6/AtomicAggregateObjectDirectlyAccessed.expected.clang new file mode 100644 index 0000000000..e69de29bb2 diff --git a/c/misra/test/rules/RULE-12-6/test.c b/c/misra/test/rules/RULE-12-6/test.c index 0281e6b0d8..74d9de2fca 100644 --- a/c/misra/test/rules/RULE-12-6/test.c +++ b/c/misra/test/rules/RULE-12-6/test.c @@ -28,8 +28,8 @@ void f1() { atomic_store(&s1_atomic_ptr, l2); // COMPLIANT // Undefined behavior, but not banned by this rule. - memset(&atomic_s1, sizeof(atomic_s1), 0); // COMPLIANT - memset(ptr_atomic_s1, sizeof(*ptr_atomic_s1), 0); // COMPLIANT + memset(&atomic_s1, 0, sizeof(atomic_s1)); // COMPLIANT + memset(ptr_atomic_s1, 0, sizeof(*ptr_atomic_s1)); // COMPLIANT // OK: whole loads and stores are protected from data-races. takeCopy(atomic_s1); // COMPLIANT @@ -53,7 +53,7 @@ void f1() { // All OK: not an atomic struct, but rather an atomic pointer to non-atomic // struct. - memset(s1_atomic_ptr, sizeof(*s1_atomic_ptr), 0); // COMPLIANT + memset(s1_atomic_ptr, 0, sizeof(*s1_atomic_ptr)); // COMPLIANT takeCopy(*s1_atomic_ptr); // COMPLIANT *s1_atomic_ptr = (s1){0}; // COMPLIANT s1_atomic_ptr = l2; // COMPLIANT diff --git a/c/misra/test/rules/RULE-12-6/test.c.clang b/c/misra/test/rules/RULE-12-6/test.c.clang new file mode 100644 index 0000000000..83ad24cdb5 --- /dev/null +++ b/c/misra/test/rules/RULE-12-6/test.c.clang @@ -0,0 +1,89 @@ +#include "stdatomic.h" +#include "string.h" + +typedef struct s1 { + int x; +} s1; + +_Atomic s1 atomic_s1; +// A non-atomic pointer to an atomic s1 +_Atomic s1 *ptr_atomic_s1; +// An atomic pointer to a non-atomic s1 +s1 *_Atomic s1_atomic_ptr; + +_Atomic int g3; + +void takeCopy(s1 p1); + +void f1() { + s1 l1; + s1 *l2; + l1 = atomic_load(&atomic_s1); // COMPLIANT + l1 = atomic_load(ptr_atomic_s1); // COMPLIANT + l2 = atomic_load(&s1_atomic_ptr); // COMPLIANT + l1.x = 4; // COMPLIANT + l2->x = 4; // COMPLIANT + atomic_store(&atomic_s1, l1); // COMPLIANT + atomic_store(ptr_atomic_s1, l1); // COMPLIANT + atomic_store(&s1_atomic_ptr, l2); // COMPLIANT + + // Undefined behavior, but not banned by this rule. + memset(&atomic_s1, 0, sizeof(atomic_s1)); // COMPLIANT + memset(ptr_atomic_s1, 0, sizeof(*ptr_atomic_s1)); // COMPLIANT + + // OK: whole loads and stores are protected from data-races. + takeCopy(atomic_s1); // COMPLIANT + takeCopy(*ptr_atomic_s1); // COMPLIANT + atomic_s1 = (s1){0}; // COMPLIANT + *ptr_atomic_s1 = (s1){0}; // COMPLIANT + atomic_s1 = *l2; // COMPLIANT + ptr_atomic_s1 = l2; // COMPLIANT + + // Banned: circumvents data-race protection, results in UB. + // atomic_s1.x; // NON-COMPLIANT + // ptr_atomic_s1->x; // NON-COMPLIANT + // atomic_s1.x = 0; // NON-COMPLIANT + // ptr_atomic_s1->x = 0; // NON-COMPLIANT + + // OK: not evaluated. + sizeof(atomic_s1); // COMPLIANT + sizeof(ptr_atomic_s1); // COMPLIANT + // sizeof(atomic_s1.x); // COMPLIANT + // sizeof(ptr_atomic_s1->x); // COMPLIANT + + // All OK: not an atomic struct, but rather an atomic pointer to non-atomic + // struct. + memset(s1_atomic_ptr, 0, sizeof(*s1_atomic_ptr)); // COMPLIANT + takeCopy(*s1_atomic_ptr); // COMPLIANT + *s1_atomic_ptr = (s1){0}; // COMPLIANT + s1_atomic_ptr = l2; // COMPLIANT + s1_atomic_ptr->x; // COMPLIANT + + // Atomic specifier hidden behind a typedef, still atomic: + typedef _Atomic s1 atomic_s1; + atomic_s1 l3; + // l3.x; // NON_COMPLIANT + + // Worst case scenario: a typedef of a volatile const pointer to an atomic + // typedef type. + typedef atomic_s1 *volatile const atomic_s1_specified_ptr; + atomic_s1_specified_ptr l4; + // (l4)->x; // NON_COMPLIANT +} + +#define NOOP(x) (x) +#define DOT_FIELD_ACCESS_X(v) (v).x +#define POINTER_FIELD_ACCESS_X(v) (v)->x +#define GET_X_ATOMIC_S1() atomic_s1.x +#define GET_X_PTR_ATOMIC_S1() atomic_s1.x + +void f2() { + // Banned UB with user macros: + // NOOP(atomic_s1.x); // NON-COMPLIANT + // DOT_FIELD_ACCESS_X(atomic_s1); // NON-COMPLIANT + // POINTER_FIELD_ACCESS_X(ptr_atomic_s1); // NON-COMPLIANT + // GET_X_ATOMIC_S1(); // NON-COMPLIANT + // GET_X_PTR_ATOMIC_S1(); // NON-COMPLIANT + // GET_X_ATOMIC_S1() = 0; // NON-COMPLIANT + // GET_X_PTR_ATOMIC_S1() = 0; // NON-COMPLIANT +} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-13-2/UnsequencedAtomicReads.expected b/c/misra/test/rules/RULE-13-2/UnsequencedAtomicReads.expected index 897dd68f30..4fa06eb069 100644 --- a/c/misra/test/rules/RULE-13-2/UnsequencedAtomicReads.expected +++ b/c/misra/test/rules/RULE-13-2/UnsequencedAtomicReads.expected @@ -1,5 +1,5 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (UnsequencedAtomicReads.ql:86,31-39) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (UnsequencedAtomicReads.ql:86,67-75) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (UnsequencedAtomicReads.ql:86,5-18) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (UnsequencedAtomicReads.ql:112,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (UnsequencedAtomicReads.ql:112,67-75) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (UnsequencedAtomicReads.ql:112,5-18) | test.c:44:12:44:18 | ... + ... | Atomic variable $@ has a $@ that is unsequenced with $@. | test.c:42:15:42:16 | a1 | a1 | test.c:44:12:44:13 | a1 | previous read | test.c:44:17:44:18 | a1 | another read | | test.c:46:3:46:37 | ... + ... | Atomic variable $@ has a $@ that is unsequenced with $@. | test.c:42:15:42:16 | a1 | a1 | test.c:46:16:46:17 | a1 | previous read | test.c:46:35:46:36 | a1 | another read | diff --git a/c/misra/test/rules/RULE-13-2/UnsequencedAtomicReads.expected.gcc b/c/misra/test/rules/RULE-13-2/UnsequencedAtomicReads.expected.gcc new file mode 100644 index 0000000000..ccfb4e6a7b --- /dev/null +++ b/c/misra/test/rules/RULE-13-2/UnsequencedAtomicReads.expected.gcc @@ -0,0 +1,5 @@ +WARNING: module 'DataFlow' has been deprecated and may be removed in future (UnsequencedAtomicReads.ql:112,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (UnsequencedAtomicReads.ql:112,67-75) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (UnsequencedAtomicReads.ql:112,5-18) +| test.c:44:12:44:18 | ... + ... | Atomic variable $@ has a $@ that is unsequenced with $@. | test.c:42:15:42:16 | a1 | a1 | test.c:44:12:44:13 | a1 | previous read | test.c:44:17:44:18 | a1 | another read | +| test.c:46:15:46:17 | & ... | Atomic variable $@ has a $@ that is unsequenced with $@. | test.c:42:15:42:16 | a1 | a1 | test.c:46:16:46:17 | a1 | previous read | test.c:46:35:46:36 | a1 | another read | diff --git a/c/misra/test/rules/RULE-17-11/test.c b/c/misra/test/rules/RULE-17-11/test.c index 7baaea5821..73227accb9 100644 --- a/c/misra/test/rules/RULE-17-11/test.c +++ b/c/misra/test/rules/RULE-17-11/test.c @@ -86,7 +86,7 @@ __attribute__((noreturn)) void test_noreturn_f13(int i) { // COMPLIANT // Allowed by exception. It is undefined behavior for main() to be declared with // noreturn. -int main(char **argv, int argc) { // COMPLIANT +int main(int argc, char *argv[]) { // COMPLIANT abort(); } diff --git a/c/misra/test/rules/RULE-18-10/test.c b/c/misra/test/rules/RULE-18-10/test.c index 645943733d..b5906a3039 100644 --- a/c/misra/test/rules/RULE-18-10/test.c +++ b/c/misra/test/rules/RULE-18-10/test.c @@ -58,9 +58,9 @@ void f1( // Unknown array length types: int p21[], // COMPLIANT - int p22[][], // COMPLIANT + int p22[][2], // COMPLIANT int (*p23)[], // COMPLIANT - int (*p24)[2][], // COMPLIANT + // int (*p24)[2][], // doesn't compile int (*p25)[][2], // COMPLIANT // VLA types that are rewritten as pointers: @@ -73,7 +73,7 @@ void f1( int(*l2)[3]; // COMPLIANT int(*l3)[p0]; // NON-COMPLIANT - int l6[10] = p23; + int l6[10]; // A pointer to a VMT may be declared `static`. static int(*l4)[p0]; // NON-COMPLIANT diff --git a/c/misra/test/rules/RULE-18-8/test.c b/c/misra/test/rules/RULE-18-8/test.c index e6e038049c..7d6a1400d6 100644 --- a/c/misra/test/rules/RULE-18-8/test.c +++ b/c/misra/test/rules/RULE-18-8/test.c @@ -29,7 +29,7 @@ void f1(int n, // Pointers to variably-modified types are not VLAs. int p2[n][n], int p3[], // array of unknown length is converted to pointer - int p4[][] // array of unknown length are not VLAs. + int p4[][n] // array of unknown length are not VLAs. ) {} struct s { diff --git a/c/misra/test/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.expected b/c/misra/test/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.expected index 34bec03490..cf741ed16c 100644 --- a/c/misra/test/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.expected +++ b/c/misra/test/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.expected @@ -25,6 +25,6 @@ | test.c:90:3:90:36 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:90:3:90:8 | call to get_s2 | call to get_s2 | | test.c:91:15:91:42 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:91:15:91:20 | call to get_s2 | call to get_s2 | | test.c:92:15:92:48 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:92:15:92:20 | call to get_s2 | call to get_s2 | -| test.c:111:15:111:33 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:111:16:111:22 | ... = ... | ... = ... | -| test.c:113:15:113:37 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:113:16:113:26 | ... ? ... : ... | ... ? ... : ... | -| test.c:114:15:114:31 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:114:16:114:20 | ... , ... | ... , ... | +| test.c:114:15:114:27 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:112:9:112:11 | arr | arr | test.c:114:16:114:22 | ... = ... | ... = ... | +| test.c:116:15:116:37 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:116:16:116:26 | ... ? ... : ... | ... ? ... : ... | +| test.c:117:15:117:31 | array to pointer conversion | Array to pointer conversion of array $@ from temporary object $@. | test.c:3:13:3:21 | const_arr | const_arr | test.c:117:16:117:20 | ... , ... | ... , ... | diff --git a/c/misra/test/rules/RULE-18-9/ModifiableLValueSubscriptedWithTemporaryLifetime.expected b/c/misra/test/rules/RULE-18-9/ModifiableLValueSubscriptedWithTemporaryLifetime.expected index 19604e2092..4c961ee994 100644 --- a/c/misra/test/rules/RULE-18-9/ModifiableLValueSubscriptedWithTemporaryLifetime.expected +++ b/c/misra/test/rules/RULE-18-9/ModifiableLValueSubscriptedWithTemporaryLifetime.expected @@ -5,11 +5,11 @@ | test.c:84:5:84:19 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:84:14:84:16 | arr | arr | test.c:84:5:84:10 | call to get_s1 | call to get_s1 | | test.c:93:3:93:27 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:93:22:93:24 | arr | arr | test.c:93:3:93:8 | call to get_s2 | call to get_s2 | | test.c:94:3:94:27 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:94:22:94:24 | arr | arr | test.c:94:3:94:8 | call to get_s2 | call to get_s2 | -| test.c:137:3:137:23 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:137:12:137:20 | arr_union | arr_union | test.c:137:3:137:8 | call to get_s3 | call to get_s3 | -| test.c:138:3:138:24 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:138:12:138:21 | arr_struct | arr_struct | test.c:138:3:138:8 | call to get_s3 | call to get_s3 | -| test.c:139:3:139:24 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:139:12:139:21 | arr_struct | arr_struct | test.c:139:3:139:8 | call to get_s3 | call to get_s3 | -| test.c:140:3:140:24 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:140:12:140:21 | arr_struct | arr_struct | test.c:140:3:140:8 | call to get_s3 | call to get_s3 | +| test.c:140:3:140:23 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:140:12:140:20 | arr_union | arr_union | test.c:140:3:140:8 | call to get_s3 | call to get_s3 | | test.c:141:3:141:24 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:141:12:141:21 | arr_struct | arr_struct | test.c:141:3:141:8 | call to get_s3 | call to get_s3 | -| test.c:142:4:142:25 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:142:13:142:22 | arr_struct | arr_struct | test.c:142:4:142:9 | call to get_s3 | call to get_s3 | -| test.c:146:3:146:19 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:146:12:146:16 | arr2d | arr2d | test.c:146:3:146:8 | call to get_s3 | call to get_s3 | -| test.c:147:4:147:20 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:147:13:147:17 | arr2d | arr2d | test.c:147:4:147:9 | call to get_s3 | call to get_s3 | +| test.c:142:3:142:24 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:142:12:142:21 | arr_struct | arr_struct | test.c:142:3:142:8 | call to get_s3 | call to get_s3 | +| test.c:143:3:143:24 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:143:12:143:21 | arr_struct | arr_struct | test.c:143:3:143:8 | call to get_s3 | call to get_s3 | +| test.c:144:3:144:24 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:144:12:144:21 | arr_struct | arr_struct | test.c:144:3:144:8 | call to get_s3 | call to get_s3 | +| test.c:145:4:145:25 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:145:13:145:22 | arr_struct | arr_struct | test.c:145:4:145:9 | call to get_s3 | call to get_s3 | +| test.c:149:3:149:19 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:149:12:149:16 | arr2d | arr2d | test.c:149:3:149:8 | call to get_s3 | call to get_s3 | +| test.c:150:4:150:20 | access to array | Modifiable lvalue produced by subscripting array member $@ of temporary lifetime object $@ | test.c:150:13:150:17 | arr2d | arr2d | test.c:150:4:150:9 | call to get_s3 | call to get_s3 | diff --git a/c/misra/test/rules/RULE-18-9/test.c b/c/misra/test/rules/RULE-18-9/test.c index f2fb44fdc9..d5eb5ec35e 100644 --- a/c/misra/test/rules/RULE-18-9/test.c +++ b/c/misra/test/rules/RULE-18-9/test.c @@ -108,7 +108,10 @@ void f(void) { get_s2_ptr()->member_s1.arr[0] = 1; // COMPLIANT // Other types of non-lvalue types - use_int_ptr((l1 = l1).const_arr); // NON-COMPLIANT + struct { + int arr[10]; + } l3; + use_int_ptr((l3 = l3).arr); // NON-COMPLIANT use_int_ptr(((struct s1)l1).const_arr); // NON-COMPLIANT[FALSE_NEGATIVE] use_int_ptr((1 ? l1 : l1).const_arr); // NON-COMPLIANT use_int_ptr((0, l1).const_arr); // NON-COMPLIANT diff --git a/c/misra/test/rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.expected b/c/misra/test/rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.expected index 7c30f68204..46e4e8f5c8 100644 --- a/c/misra/test/rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.expected +++ b/c/misra/test/rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.expected @@ -130,3 +130,5 @@ | test.c:303:14:303:15 | cf | Argument 2 provided to type-generic macro 'scalbln' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | | test.c:309:10:309:11 | cf | Argument 1 provided to type-generic macro 'tgamma' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | | test.c:310:9:310:10 | cf | Argument 1 provided to type-generic macro 'trunc' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | +| test.c:325:14:325:14 | i | Argument 1 provided to type-generic macro 'cos' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:328:20:328:20 | c | Argument 1 provided to type-generic macro 'cos' has essentially character type, which is not essentially signed, unsigned, or floating type. | diff --git a/c/misra/test/rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.expected.clang b/c/misra/test/rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.expected.clang new file mode 100644 index 0000000000..313438ea6c --- /dev/null +++ b/c/misra/test/rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.expected.clang @@ -0,0 +1,76 @@ +| test.c:29:7:29:7 | c | Argument 1 provided to type-generic macro 'cos' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:40:7:40:7 | e | Argument 1 provided to type-generic macro 'cos' has essentially enum type, which is not essentially signed, unsigned, or floating type. | +| test.c:41:7:41:7 | b | Argument 1 provided to type-generic macro 'cos' has essentially boolean type, which is not essentially signed, unsigned, or floating type. | +| test.c:156:8:156:8 | c | Argument 1 provided to type-generic macro 'acos' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:157:9:157:9 | c | Argument 1 provided to type-generic macro 'acosh' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:158:8:158:8 | c | Argument 1 provided to type-generic macro 'asin' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:159:9:159:9 | c | Argument 1 provided to type-generic macro 'asinh' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:160:9:160:9 | c | Argument 1 provided to type-generic macro 'atan2' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:161:12:161:12 | c | Argument 2 provided to type-generic macro 'atan2' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:162:9:162:9 | c | Argument 1 provided to type-generic macro 'atanh' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:163:8:163:8 | c | Argument 1 provided to type-generic macro 'carg' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:164:8:164:8 | c | Argument 1 provided to type-generic macro 'ceil' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:165:9:165:9 | c | Argument 1 provided to type-generic macro 'cimag' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:166:8:166:8 | c | Argument 1 provided to type-generic macro 'conj' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:167:15:167:15 | c | Argument 2 provided to type-generic macro 'copysign' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:168:12:168:12 | c | Argument 1 provided to type-generic macro 'copysign' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:169:8:169:8 | c | Argument 1 provided to type-generic macro 'cosh' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:170:9:170:9 | c | Argument 1 provided to type-generic macro 'cproj' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:171:9:171:9 | c | Argument 1 provided to type-generic macro 'creal' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:172:7:172:7 | c | Argument 1 provided to type-generic macro 'erf' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:173:8:173:8 | c | Argument 1 provided to type-generic macro 'erfc' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:174:7:174:7 | c | Argument 1 provided to type-generic macro 'exp' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:175:8:175:8 | c | Argument 1 provided to type-generic macro 'exp2' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:176:9:176:9 | c | Argument 1 provided to type-generic macro 'expm1' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:177:8:177:8 | c | Argument 1 provided to type-generic macro 'fabs' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:178:8:178:8 | c | Argument 1 provided to type-generic macro 'fdim' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:179:11:179:11 | c | Argument 2 provided to type-generic macro 'fdim' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:180:9:180:9 | c | Argument 1 provided to type-generic macro 'floor' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:181:7:181:7 | c | Argument 1 provided to type-generic macro 'fma' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:182:10:182:10 | c | Argument 2 provided to type-generic macro 'fma' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:183:13:183:13 | c | Argument 3 provided to type-generic macro 'fma' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:184:8:184:8 | c | Argument 1 provided to type-generic macro 'fmax' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:185:11:185:11 | c | Argument 2 provided to type-generic macro 'fmax' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:186:8:186:8 | c | Argument 1 provided to type-generic macro 'fmin' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:187:11:187:11 | c | Argument 2 provided to type-generic macro 'fmin' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:188:8:188:8 | c | Argument 1 provided to type-generic macro 'fmod' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:189:11:189:11 | c | Argument 2 provided to type-generic macro 'fmod' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:191:9:191:9 | c | Argument 1 provided to type-generic macro 'hypot' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:192:12:192:12 | c | Argument 2 provided to type-generic macro 'hypot' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:193:9:193:9 | c | Argument 1 provided to type-generic macro 'ilogb' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:194:9:194:9 | c | Argument 1 provided to type-generic macro 'ldexp' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:195:12:195:12 | c | Argument 2 provided to type-generic macro 'ldexp' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:196:10:196:10 | c | Argument 1 provided to type-generic macro 'lgamma' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:197:10:197:10 | c | Argument 1 provided to type-generic macro 'llrint' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:198:11:198:11 | c | Argument 1 provided to type-generic macro 'llround' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:199:7:199:7 | c | Argument 1 provided to type-generic macro 'log' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:200:9:200:9 | c | Argument 1 provided to type-generic macro 'log10' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:201:9:201:9 | c | Argument 1 provided to type-generic macro 'log1p' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:202:8:202:8 | c | Argument 1 provided to type-generic macro 'log2' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:203:8:203:8 | c | Argument 1 provided to type-generic macro 'logb' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:204:9:204:9 | c | Argument 1 provided to type-generic macro 'lrint' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:205:10:205:10 | c | Argument 1 provided to type-generic macro 'lround' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:206:13:206:13 | c | Argument 1 provided to type-generic macro 'nearbyint' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:207:13:207:13 | c | Argument 1 provided to type-generic macro 'nextafter' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:208:16:208:16 | c | Argument 2 provided to type-generic macro 'nextafter' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:209:14:209:14 | c | Argument 1 provided to type-generic macro 'nexttoward' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:210:17:210:17 | c | Argument 2 provided to type-generic macro 'nexttoward' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:211:7:211:7 | c | Argument 1 provided to type-generic macro 'pow' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:212:10:212:10 | c | Argument 2 provided to type-generic macro 'pow' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:213:13:213:13 | c | Argument 1 provided to type-generic macro 'remainder' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:214:16:214:16 | c | Argument 2 provided to type-generic macro 'remainder' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:217:8:217:8 | c | Argument 1 provided to type-generic macro 'rint' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:218:9:218:9 | c | Argument 1 provided to type-generic macro 'round' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:219:10:219:10 | c | Argument 1 provided to type-generic macro 'scalbn' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:220:13:220:13 | c | Argument 2 provided to type-generic macro 'scalbn' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:221:11:221:11 | c | Argument 1 provided to type-generic macro 'scalbln' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:222:14:222:14 | c | Argument 2 provided to type-generic macro 'scalbln' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:223:7:223:7 | c | Argument 1 provided to type-generic macro 'sin' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:224:8:224:8 | c | Argument 1 provided to type-generic macro 'sinh' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:225:8:225:8 | c | Argument 1 provided to type-generic macro 'sqrt' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:226:7:226:7 | c | Argument 1 provided to type-generic macro 'tan' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:227:8:227:8 | c | Argument 1 provided to type-generic macro 'tanh' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:228:10:228:10 | c | Argument 1 provided to type-generic macro 'tgamma' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:229:9:229:9 | c | Argument 1 provided to type-generic macro 'trunc' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:325:14:325:14 | i | Argument 1 provided to type-generic macro 'cos' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:328:20:328:20 | c | Argument 1 provided to type-generic macro 'cos' has essentially character type, which is not essentially signed, unsigned, or floating type. | diff --git a/c/misra/test/rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.expected.gcc b/c/misra/test/rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.expected.gcc new file mode 100644 index 0000000000..79b070ae84 --- /dev/null +++ b/c/misra/test/rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.expected.gcc @@ -0,0 +1,79 @@ +| test.c:29:7:29:7 | c | Argument 1 provided to type-generic macro 'cos' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:40:7:40:7 | e | Argument 1 provided to type-generic macro 'cos' has essentially enum type, which is not essentially signed, unsigned, or floating type. | +| test.c:41:7:41:7 | b | Argument 1 provided to type-generic macro 'cos' has essentially boolean type, which is not essentially signed, unsigned, or floating type. | +| test.c:156:8:156:8 | c | Argument 1 provided to type-generic macro 'acos' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:157:9:157:9 | c | Argument 1 provided to type-generic macro 'acosh' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:158:8:158:8 | c | Argument 1 provided to type-generic macro 'asin' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:159:9:159:9 | c | Argument 1 provided to type-generic macro 'asinh' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:160:9:160:9 | c | Argument 1 provided to type-generic macro 'atan2' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:161:12:161:12 | c | Argument 2 provided to type-generic macro 'atan2' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:162:9:162:9 | c | Argument 1 provided to type-generic macro 'atanh' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:163:8:163:8 | c | Argument 1 provided to type-generic macro 'carg' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:164:8:164:8 | c | Argument 1 provided to type-generic macro 'ceil' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:165:9:165:9 | c | Argument 1 provided to type-generic macro 'cimag' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:166:8:166:8 | c | Argument 1 provided to type-generic macro 'conj' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:167:15:167:15 | c | Argument 2 provided to type-generic macro 'copysign' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:168:12:168:12 | c | Argument 1 provided to type-generic macro 'copysign' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:169:8:169:8 | c | Argument 1 provided to type-generic macro 'cosh' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:170:9:170:9 | c | Argument 1 provided to type-generic macro 'cproj' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:171:9:171:9 | c | Argument 1 provided to type-generic macro 'creal' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:172:7:172:7 | c | Argument 1 provided to type-generic macro 'erf' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:173:8:173:8 | c | Argument 1 provided to type-generic macro 'erfc' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:174:7:174:7 | c | Argument 1 provided to type-generic macro 'exp' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:175:8:175:8 | c | Argument 1 provided to type-generic macro 'exp2' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:176:9:176:9 | c | Argument 1 provided to type-generic macro 'expm1' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:177:8:177:8 | c | Argument 1 provided to type-generic macro 'fabs' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:178:8:178:8 | c | Argument 1 provided to type-generic macro 'fdim' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:179:11:179:11 | c | Argument 2 provided to type-generic macro 'fdim' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:180:9:180:9 | c | Argument 1 provided to type-generic macro 'floor' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:181:7:181:7 | c | Argument 1 provided to type-generic macro 'fma' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:182:10:182:10 | c | Argument 2 provided to type-generic macro 'fma' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:183:13:183:13 | c | Argument 3 provided to type-generic macro 'fma' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:184:8:184:8 | c | Argument 1 provided to type-generic macro 'fmax' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:185:11:185:11 | c | Argument 2 provided to type-generic macro 'fmax' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:186:8:186:8 | c | Argument 1 provided to type-generic macro 'fmin' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:187:11:187:11 | c | Argument 2 provided to type-generic macro 'fmin' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:188:8:188:8 | c | Argument 1 provided to type-generic macro 'fmod' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:189:11:189:11 | c | Argument 2 provided to type-generic macro 'fmod' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:190:9:190:9 | c | Argument 1 provided to type-generic macro 'frexp' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:191:9:191:9 | c | Argument 1 provided to type-generic macro 'hypot' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:192:12:192:12 | c | Argument 2 provided to type-generic macro 'hypot' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:193:9:193:9 | c | Argument 1 provided to type-generic macro 'ilogb' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:194:9:194:9 | c | Argument 1 provided to type-generic macro 'ldexp' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:195:12:195:12 | c | Argument 2 provided to type-generic macro 'ldexp' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:196:10:196:10 | c | Argument 1 provided to type-generic macro 'lgamma' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:197:10:197:10 | c | Argument 1 provided to type-generic macro 'llrint' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:198:11:198:11 | c | Argument 1 provided to type-generic macro 'llround' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:199:7:199:7 | c | Argument 1 provided to type-generic macro 'log' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:200:9:200:9 | c | Argument 1 provided to type-generic macro 'log10' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:201:9:201:9 | c | Argument 1 provided to type-generic macro 'log1p' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:202:8:202:8 | c | Argument 1 provided to type-generic macro 'log2' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:203:8:203:8 | c | Argument 1 provided to type-generic macro 'logb' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:204:9:204:9 | c | Argument 1 provided to type-generic macro 'lrint' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:205:10:205:10 | c | Argument 1 provided to type-generic macro 'lround' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:206:13:206:13 | c | Argument 1 provided to type-generic macro 'nearbyint' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:207:13:207:13 | c | Argument 1 provided to type-generic macro 'nextafter' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:208:16:208:16 | c | Argument 2 provided to type-generic macro 'nextafter' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:209:14:209:14 | c | Argument 1 provided to type-generic macro 'nexttoward' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:210:17:210:17 | c | Argument 2 provided to type-generic macro 'nexttoward' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:211:7:211:7 | c | Argument 1 provided to type-generic macro 'pow' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:212:10:212:10 | c | Argument 2 provided to type-generic macro 'pow' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:213:13:213:13 | c | Argument 1 provided to type-generic macro 'remainder' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:214:16:214:16 | c | Argument 2 provided to type-generic macro 'remainder' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:215:10:215:10 | c | Argument 1 provided to type-generic macro 'remquo' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:216:13:216:13 | c | Argument 2 provided to type-generic macro 'remquo' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:217:8:217:8 | c | Argument 1 provided to type-generic macro 'rint' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:218:9:218:9 | c | Argument 1 provided to type-generic macro 'round' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:219:10:219:10 | c | Argument 1 provided to type-generic macro 'scalbn' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:220:13:220:13 | c | Argument 2 provided to type-generic macro 'scalbn' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:221:11:221:11 | c | Argument 1 provided to type-generic macro 'scalbln' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:222:14:222:14 | c | Argument 2 provided to type-generic macro 'scalbln' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:223:7:223:7 | c | Argument 1 provided to type-generic macro 'sin' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:224:8:224:8 | c | Argument 1 provided to type-generic macro 'sinh' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:225:8:225:8 | c | Argument 1 provided to type-generic macro 'sqrt' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:226:7:226:7 | c | Argument 1 provided to type-generic macro 'tan' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:227:8:227:8 | c | Argument 1 provided to type-generic macro 'tanh' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:228:10:228:10 | c | Argument 1 provided to type-generic macro 'tgamma' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:229:9:229:9 | c | Argument 1 provided to type-generic macro 'trunc' has essentially character type, which is not essentially signed, unsigned, or real floating type. | +| test.c:325:14:325:14 | i | Argument 1 provided to type-generic macro 'cos' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:328:20:328:20 | c | Argument 1 provided to type-generic macro 'cos' has essentially character type, which is not essentially signed, unsigned, or floating type. | diff --git a/c/misra/test/rules/RULE-21-22/test.c b/c/misra/test/rules/RULE-21-22/test.c index cc456c17fb..66c889d168 100644 --- a/c/misra/test/rules/RULE-21-22/test.c +++ b/c/misra/test/rules/RULE-21-22/test.c @@ -320,4 +320,10 @@ void f1() { remquo(i, i, 0); // COMPLIANT remquo(i, i, 'c' - 'c'); // COMPLIANT remquo(i, i, c); // COMPLIANT + + /* Test casts */ + cos((char) i); // NON-COMPLIANT + cos((int) c); // COMPLIANT + cos((int) (char) i); // COMPLIANT + cos((char) (int) c); // NON-COMPLIANT } \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-22/test.c.clang b/c/misra/test/rules/RULE-21-22/test.c.clang new file mode 100644 index 0000000000..d28576e058 --- /dev/null +++ b/c/misra/test/rules/RULE-21-22/test.c.clang @@ -0,0 +1,329 @@ +#include +#include +#include +#include + +void f1() { + int i = 0; + unsigned int ui = 0; + short s = 0; + unsigned short us = 0; + char c = 0; + unsigned char uc = 0; + signed char sc = 0; + long l = 0; + unsigned long ul = 0; + float f = 0.0f; + float _Complex cf = 0.0f + 0.0f * I; + double d = 0.0; + char *p = 0; + void *vp = 0; + uintptr_t uip = p; + enum { e1 } e = e1; + bool b = true; + + cos(i); // COMPLIANT + cos(ui); // COMPLIANT + cos(s); // COMPLIANT + cos(us); // COMPLIANT + cos(c); // NON-COMPLIANT + cos(uc); // COMPLIANT + cos(sc); // COMPLIANT + cos(l); // COMPLIANT + cos(ul); // COMPLIANT + cos(f); // COMPLIANT + cos(cf); // COMPLIANT + cos(d); // COMPLIANT + // cos(p); // Doesn't compile + // cos(vp); // Doesn't compile + cos(uip); // COMPLIANT + cos(e); // NON-COMPLIANT + cos(b); // NON-COMPLIANT + cos(1); // COMPLIANT + cos(1.1f); // COMPLIANT + cos('a'); // NON-COMPLIANT[false negative] + + /** + * Int, float, and complex allowed: + */ + acos(i); // COMPLIANT + acos(f); // COMPLIANT + acosh(i); // COMPLIANT + acosh(f); // COMPLIANT + asin(i); // COMPLIANT + asin(f); // COMPLIANT + asinh(i); // COMPLIANT + asinh(f); // COMPLIANT + atan(i); // COMPLIANT + atan(f); // COMPLIANT + atan2(i, i); // COMPLIANT + atan2(f, f); // COMPLIANT + atanh(i); // COMPLIANT + atanh(f); // COMPLIANT + carg(i); // COMPLIANT + carg(f); // COMPLIANT + cbrt(i); // COMPLIANT + cbrt(f); // COMPLIANT + ceil(i); // COMPLIANT + ceil(f); // COMPLIANT + cimag(i); // COMPLIANT + cimag(f); // COMPLIANT + conj(i); // COMPLIANT + conj(f); // COMPLIANT + copysign(i, i); // COMPLIANT + copysign(f, f); // COMPLIANT + cos(i); // COMPLIANT + cos(f); // COMPLIANT + cosh(i); // COMPLIANT + cosh(f); // COMPLIANT + cproj(i); // COMPLIANT + cproj(f); // COMPLIANT + creal(i); // COMPLIANT + creal(f); // COMPLIANT + erf(i); // COMPLIANT + erf(f); // COMPLIANT + erfc(i); // COMPLIANT + erfc(f); // COMPLIANT + exp(i); // COMPLIANT + exp(f); // COMPLIANT + exp2(i); // COMPLIANT + exp2(f); // COMPLIANT + expm1(i); // COMPLIANT + expm1(f); // COMPLIANT + fabs(i); // COMPLIANT + fabs(f); // COMPLIANT + fdim(i, i); // COMPLIANT + fdim(f, f); // COMPLIANT + floor(i); // COMPLIANT + floor(f); // COMPLIANT + fma(i, i, i); // COMPLIANT + fma(f, f, f); // COMPLIANT + fmax(i, i); // COMPLIANT + fmax(f, f); // COMPLIANT + fmin(i, i); // COMPLIANT + fmin(f, f); // COMPLIANT + fmod(i, i); // COMPLIANT + fmod(f, f); // COMPLIANT + frexp(i, &i); // COMPLIANT + frexp(f, &p); // COMPLIANT + hypot(i, i); // COMPLIANT + hypot(f, f); // COMPLIANT + ilogb(i); // COMPLIANT + ilogb(f); // COMPLIANT + llrint(i); // COMPLIANT + llrint(f); // COMPLIANT + ldexp(i, i); // COMPLIANT + ldexp(f, f); // COMPLIANT + lgamma(i); // COMPLIANT + lgamma(f); // COMPLIANT + llround(i); // COMPLIANT + llround(f); // COMPLIANT + log(i); // COMPLIANT + log(f); // COMPLIANT + pow(i, i); // COMPLIANT + pow(f, f); // COMPLIANT + remainder(i, i); // COMPLIANT + remainder(f, f); // COMPLIANT + remquo(i, i, &i); // COMPLIANT + remquo(f, f, &f); // COMPLIANT + rint(i); // COMPLIANT + rint(f); // COMPLIANT + round(i); // COMPLIANT + round(f); // COMPLIANT + scalbn(i, i); // COMPLIANT + scalbn(f, f); // COMPLIANT + scalbln(i, i); // COMPLIANT + scalbln(f, f); // COMPLIANT + sin(i); // COMPLIANT + sin(f); // COMPLIANT + sin(cf); // COMPLIANT + sinh(i); // COMPLIANT + sinh(f); // COMPLIANT + sqrt(i); // COMPLIANT + sqrt(f); // COMPLIANT + tan(i); // COMPLIANT + tan(f); // COMPLIANT + tanh(i); // COMPLIANT + tanh(f); // COMPLIANT + tgamma(i); // COMPLIANT + tgamma(f); // COMPLIANT + trunc(i); // COMPLIANT + trunc(f); // COMPLIANT + + /** + * Char not allowed: + */ + acos(c); // NON-COMPLIANT + acosh(c); // NON-COMPLIANT + asin(c); // NON-COMPLIANT + asinh(c); // NON-COMPLIANT + atan2(c, i); // NON-COMPLIANT + atan2(i, c); // NON-COMPLIANT + atanh(c); // NON-COMPLIANT + carg(c); // NON-COMPLIANT + ceil(c); // NON-COMPLIANT + cimag(c); // NON-COMPLIANT + conj(c); // NON-COMPLIANT + copysign(i, c); // NON-COMPLIANT + copysign(c, i); // NON-COMPLIANT + cosh(c); // NON-COMPLIANT + cproj(c); // NON-COMPLIANT + creal(c); // NON-COMPLIANT + erf(c); // NON-COMPLIANT + erfc(c); // NON-COMPLIANT + exp(c); // NON-COMPLIANT + exp2(c); // NON-COMPLIANT + expm1(c); // NON-COMPLIANT + fabs(c); // NON-COMPLIANT + fdim(c, i); // NON-COMPLIANT + fdim(i, c); // NON-COMPLIANT + floor(c); // NON-COMPLIANT + fma(c, i, i); // NON-COMPLIANT + fma(i, c, i); // NON-COMPLIANT + fma(i, i, c); // NON-COMPLIANT + fmax(c, i); // NON-COMPLIANT + fmax(i, c); // NON-COMPLIANT + fmin(c, i); // NON-COMPLIANT + fmin(i, c); // NON-COMPLIANT + fmod(c, i); // NON-COMPLIANT + fmod(i, c); // NON-COMPLIANT + //frexp(c, i); // NON-COMPLIANT + hypot(c, i); // NON-COMPLIANT + hypot(i, c); // NON-COMPLIANT + ilogb(c); // NON-COMPLIANT + ldexp(c, i); // NON-COMPLIANT + ldexp(i, c); // NON-COMPLIANT + lgamma(c); // NON-COMPLIANT + llrint(c); // NON-COMPLIANT + llround(c); // NON-COMPLIANT + log(c); // NON-COMPLIANT + log10(c); // NON-COMPLIANT + log1p(c); // NON-COMPLIANT + log2(c); // NON-COMPLIANT + logb(c); // NON-COMPLIANT + lrint(c); // NON-COMPLIANT + lround(c); // NON-COMPLIANT + nearbyint(c); // NON-COMPLIANT + nextafter(c, i); // NON-COMPLIANT + nextafter(i, c); // NON-COMPLIANT + nexttoward(c, i); // NON-COMPLIANT + nexttoward(i, c); // NON-COMPLIANT + pow(c, i); // NON-COMPLIANT + pow(i, c); // NON-COMPLIANT + remainder(c, i); // NON-COMPLIANT + remainder(i, c); // NON-COMPLIANT + //remquo(c, i, i); // NON-COMPLIANT + //remquo(i, c, i); // NON-COMPLIANT + rint(c); // NON-COMPLIANT + round(c); // NON-COMPLIANT + scalbn(c, i); // NON-COMPLIANT + scalbn(i, c); // NON-COMPLIANT + scalbln(c, i); // NON-COMPLIANT + scalbln(i, c); // NON-COMPLIANT + sin(c); // NON-COMPLIANT + sinh(c); // NON-COMPLIANT + sqrt(c); // NON-COMPLIANT + tan(c); // NON-COMPLIANT + tanh(c); // NON-COMPLIANT + tgamma(c); // NON-COMPLIANT + trunc(c); // NON-COMPLIANT + + /** + * Complex types allowed in some calls, not others: + */ + acos(cf); // COMPLIANT + acosh(cf); // COMPLIANT + asin(cf); // COMPLIANT + asinh(cf); // COMPLIANT + atan(cf); // COMPLIANT + //atan2(cf, i); // NON-COMPLIANT + //atan2(i, cf); // NON-COMPLIANT + atanh(cf); // COMPLIANT + carg(cf); // COMPLIANT + //cbrt(cf); // NON-COMPLIANT + //ceil(cf); // NON-COMPLIANT + cimag(cf); // COMPLIANT + conj(cf); // COMPLIANT + //copysign(i, cf); // NON-COMPLIANT + //copysign(cf, i); // NON-COMPLIANT + //copysign(i, cf); // NON-COMPLIANT + cos(cf); // COMPLIANT + cosh(cf); // COMPLIANT + cproj(cf); // COMPLIANT + creal(cf); // COMPLIANT + //erf(cf); // NON-COMPLIANT + //erfc(cf); // NON-COMPLIANT + exp(cf); // COMPLIANT + //exp2(cf); // NON-COMPLIANT + //expm1(cf); // NON-COMPLIANT + fabs(cf); // COMPLIANT + //fdim(cf, i); // NON-COMPLIANT + //fdim(i, cf); // NON-COMPLIANT + //floor(cf); // NON-COMPLIANT + //fma(cf, i, i); // NON-COMPLIANT + //fma(i, cf, i); // NON-COMPLIANT + //fma(i, i, cf); // NON-COMPLIANT + //fmax(cf, i); // NON-COMPLIANT + //fmax(i, cf); // NON-COMPLIANT + //fmin(cf, i); // NON-COMPLIANT + //fmin(i, cf); // NON-COMPLIANT + //fmod(cf, i); // NON-COMPLIANT + //fmod(i, cf); // NON-COMPLIANT + //frexp(cf, i); // NON-COMPLIANT + //hypot(cf, i); // NON-COMPLIANT + //hypot(i, cf); // NON-COMPLIANT + //ilogb(cf); // NON-COMPLIANT + //ldexp(cf, i); // NON-COMPLIANT + //ldexp(i, cf); // NON-COMPLIANT + //lgamma(cf); // NON-COMPLIANT + //llrint(cf); // NON-COMPLIANT + //llround(cf); // NON-COMPLIANT + log(cf); // COMPLIANT + //log10(cf); // NON-COMPLIANT + //log1p(cf); // NON-COMPLIANT + //log2(cf); // NON-COMPLIANT + //logb(cf); // NON-COMPLIANT + //lrint(cf); // NON-COMPLIANT + //lround(cf); // NON-COMPLIANT + //nearbyint(cf); // NON-COMPLIANT + //nextafter(cf, i); // NON-COMPLIANT + //nextafter(i, cf); // NON-COMPLIANT + //nexttoward(cf, i); // NON-COMPLIANT + //nexttoward(i, cf); // NON-COMPLIANT + pow(cf, cf); // COMPLIANT + //remainder(cf, i); // NON-COMPLIANT + //remainder(i, cf); // NON-COMPLIANT + //remquo(cf, i, i); // NON-COMPLIANT + //remquo(i, cf, i); // NON-COMPLIANT + //rint(cf); // NON-COMPLIANT + //round(cf); // NON-COMPLIANT + //scalbn(cf, i); // NON-COMPLIANT + //scalbn(i, cf); // NON-COMPLIANT + //scalbln(cf, i); // NON-COMPLIANT + //scalbln(i, cf); // NON-COMPLIANT + sin(cf); // COMPLIANT + sinh(cf); // COMPLIANT + sqrt(cf); // COMPLIANT + tan(cf); // COMPLIANT + tanh(cf); // COMPLIANT + //tgamma(cf); // NON-COMPLIANT + //trunc(cf); // NON-COMPLIANT + + /* Test output arguments thoroughly */ + frexp(i, &i); // COMPLIANT + frexp(i, vp); // COMPLIANT + frexp(i, 0); // COMPLIANT + frexp(i, 'c' - 'c'); // COMPLIANT + //frexp(i, c); // COMPLIANT + remquo(i, i, &i); // COMPLIANT + remquo(i, i, vp); // COMPLIANT + remquo(i, i, 0); // COMPLIANT + remquo(i, i, 'c' - 'c'); // COMPLIANT + //remquo(i, i, c); // COMPLIANT + + /* Test casts */ + cos((char) i); // NON-COMPLIANT + cos((int) c); // COMPLIANT + cos((int) (char) i); // COMPLIANT + cos((char) (int) c); // NON-COMPLIANT +} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-22/test.c.gcc b/c/misra/test/rules/RULE-21-22/test.c.gcc new file mode 100644 index 0000000000..4661a0b4f7 --- /dev/null +++ b/c/misra/test/rules/RULE-21-22/test.c.gcc @@ -0,0 +1,329 @@ +#include +#include +#include +#include + +void f1() { + int i = 0; + unsigned int ui = 0; + short s = 0; + unsigned short us = 0; + char c = 0; + unsigned char uc = 0; + signed char sc = 0; + long l = 0; + unsigned long ul = 0; + float f = 0.0f; + float _Complex cf = 0.0f + 0.0f * I; + double d = 0.0; + char *p = 0; + void *vp = 0; + uintptr_t uip = p; + enum { e1 } e = e1; + bool b = true; + + cos(i); // COMPLIANT + cos(ui); // COMPLIANT + cos(s); // COMPLIANT + cos(us); // COMPLIANT + cos(c); // NON-COMPLIANT + cos(uc); // COMPLIANT + cos(sc); // COMPLIANT + cos(l); // COMPLIANT + cos(ul); // COMPLIANT + cos(f); // COMPLIANT + cos(cf); // COMPLIANT + cos(d); // COMPLIANT + // cos(p); // Doesn't compile + // cos(vp); // Doesn't compile + cos(uip); // COMPLIANT + cos(e); // NON-COMPLIANT + cos(b); // NON-COMPLIANT + cos(1); // COMPLIANT + cos(1.1f); // COMPLIANT + cos('a'); // NON-COMPLIANT[false negative] + + /** + * Int, float, and complex allowed: + */ + acos(i); // COMPLIANT + acos(f); // COMPLIANT + acosh(i); // COMPLIANT + acosh(f); // COMPLIANT + asin(i); // COMPLIANT + asin(f); // COMPLIANT + asinh(i); // COMPLIANT + asinh(f); // COMPLIANT + atan(i); // COMPLIANT + atan(f); // COMPLIANT + atan2(i, i); // COMPLIANT + atan2(f, f); // COMPLIANT + atanh(i); // COMPLIANT + atanh(f); // COMPLIANT + carg(i); // COMPLIANT + carg(f); // COMPLIANT + cbrt(i); // COMPLIANT + cbrt(f); // COMPLIANT + ceil(i); // COMPLIANT + ceil(f); // COMPLIANT + cimag(i); // COMPLIANT + cimag(f); // COMPLIANT + conj(i); // COMPLIANT + conj(f); // COMPLIANT + copysign(i, i); // COMPLIANT + copysign(f, f); // COMPLIANT + cos(i); // COMPLIANT + cos(f); // COMPLIANT + cosh(i); // COMPLIANT + cosh(f); // COMPLIANT + cproj(i); // COMPLIANT + cproj(f); // COMPLIANT + creal(i); // COMPLIANT + creal(f); // COMPLIANT + erf(i); // COMPLIANT + erf(f); // COMPLIANT + erfc(i); // COMPLIANT + erfc(f); // COMPLIANT + exp(i); // COMPLIANT + exp(f); // COMPLIANT + exp2(i); // COMPLIANT + exp2(f); // COMPLIANT + expm1(i); // COMPLIANT + expm1(f); // COMPLIANT + fabs(i); // COMPLIANT + fabs(f); // COMPLIANT + fdim(i, i); // COMPLIANT + fdim(f, f); // COMPLIANT + floor(i); // COMPLIANT + floor(f); // COMPLIANT + fma(i, i, i); // COMPLIANT + fma(f, f, f); // COMPLIANT + fmax(i, i); // COMPLIANT + fmax(f, f); // COMPLIANT + fmin(i, i); // COMPLIANT + fmin(f, f); // COMPLIANT + fmod(i, i); // COMPLIANT + fmod(f, f); // COMPLIANT + frexp(i, &i); // COMPLIANT + frexp(f, &p); // COMPLIANT + hypot(i, i); // COMPLIANT + hypot(f, f); // COMPLIANT + ilogb(i); // COMPLIANT + ilogb(f); // COMPLIANT + llrint(i); // COMPLIANT + llrint(f); // COMPLIANT + ldexp(i, i); // COMPLIANT + ldexp(f, f); // COMPLIANT + lgamma(i); // COMPLIANT + lgamma(f); // COMPLIANT + llround(i); // COMPLIANT + llround(f); // COMPLIANT + log(i); // COMPLIANT + log(f); // COMPLIANT + pow(i, i); // COMPLIANT + pow(f, f); // COMPLIANT + remainder(i, i); // COMPLIANT + remainder(f, f); // COMPLIANT + remquo(i, i, &i); // COMPLIANT + remquo(f, f, &f); // COMPLIANT + rint(i); // COMPLIANT + rint(f); // COMPLIANT + round(i); // COMPLIANT + round(f); // COMPLIANT + scalbn(i, i); // COMPLIANT + scalbn(f, f); // COMPLIANT + scalbln(i, i); // COMPLIANT + scalbln(f, f); // COMPLIANT + sin(i); // COMPLIANT + sin(f); // COMPLIANT + sin(cf); // COMPLIANT + sinh(i); // COMPLIANT + sinh(f); // COMPLIANT + sqrt(i); // COMPLIANT + sqrt(f); // COMPLIANT + tan(i); // COMPLIANT + tan(f); // COMPLIANT + tanh(i); // COMPLIANT + tanh(f); // COMPLIANT + tgamma(i); // COMPLIANT + tgamma(f); // COMPLIANT + trunc(i); // COMPLIANT + trunc(f); // COMPLIANT + + /** + * Char not allowed: + */ + acos(c); // NON-COMPLIANT + acosh(c); // NON-COMPLIANT + asin(c); // NON-COMPLIANT + asinh(c); // NON-COMPLIANT + atan2(c, i); // NON-COMPLIANT + atan2(i, c); // NON-COMPLIANT + atanh(c); // NON-COMPLIANT + carg(c); // NON-COMPLIANT + ceil(c); // NON-COMPLIANT + cimag(c); // NON-COMPLIANT + conj(c); // NON-COMPLIANT + copysign(i, c); // NON-COMPLIANT + copysign(c, i); // NON-COMPLIANT + cosh(c); // NON-COMPLIANT + cproj(c); // NON-COMPLIANT + creal(c); // NON-COMPLIANT + erf(c); // NON-COMPLIANT + erfc(c); // NON-COMPLIANT + exp(c); // NON-COMPLIANT + exp2(c); // NON-COMPLIANT + expm1(c); // NON-COMPLIANT + fabs(c); // NON-COMPLIANT + fdim(c, i); // NON-COMPLIANT + fdim(i, c); // NON-COMPLIANT + floor(c); // NON-COMPLIANT + fma(c, i, i); // NON-COMPLIANT + fma(i, c, i); // NON-COMPLIANT + fma(i, i, c); // NON-COMPLIANT + fmax(c, i); // NON-COMPLIANT + fmax(i, c); // NON-COMPLIANT + fmin(c, i); // NON-COMPLIANT + fmin(i, c); // NON-COMPLIANT + fmod(c, i); // NON-COMPLIANT + fmod(i, c); // NON-COMPLIANT + frexp(c, i); // NON-COMPLIANT + hypot(c, i); // NON-COMPLIANT + hypot(i, c); // NON-COMPLIANT + ilogb(c); // NON-COMPLIANT + ldexp(c, i); // NON-COMPLIANT + ldexp(i, c); // NON-COMPLIANT + lgamma(c); // NON-COMPLIANT + llrint(c); // NON-COMPLIANT + llround(c); // NON-COMPLIANT + log(c); // NON-COMPLIANT + log10(c); // NON-COMPLIANT + log1p(c); // NON-COMPLIANT + log2(c); // NON-COMPLIANT + logb(c); // NON-COMPLIANT + lrint(c); // NON-COMPLIANT + lround(c); // NON-COMPLIANT + nearbyint(c); // NON-COMPLIANT + nextafter(c, i); // NON-COMPLIANT + nextafter(i, c); // NON-COMPLIANT + nexttoward(c, i); // NON-COMPLIANT + nexttoward(i, c); // NON-COMPLIANT + pow(c, i); // NON-COMPLIANT + pow(i, c); // NON-COMPLIANT + remainder(c, i); // NON-COMPLIANT + remainder(i, c); // NON-COMPLIANT + remquo(c, i, i); // NON-COMPLIANT + remquo(i, c, i); // NON-COMPLIANT + rint(c); // NON-COMPLIANT + round(c); // NON-COMPLIANT + scalbn(c, i); // NON-COMPLIANT + scalbn(i, c); // NON-COMPLIANT + scalbln(c, i); // NON-COMPLIANT + scalbln(i, c); // NON-COMPLIANT + sin(c); // NON-COMPLIANT + sinh(c); // NON-COMPLIANT + sqrt(c); // NON-COMPLIANT + tan(c); // NON-COMPLIANT + tanh(c); // NON-COMPLIANT + tgamma(c); // NON-COMPLIANT + trunc(c); // NON-COMPLIANT + + /** + * Complex types allowed in some calls, not others: + */ + acos(cf); // COMPLIANT + acosh(cf); // COMPLIANT + asin(cf); // COMPLIANT + asinh(cf); // COMPLIANT + atan(cf); // COMPLIANT + //atan2(cf, i); // NON-COMPLIANT + //atan2(i, cf); // NON-COMPLIANT + atanh(cf); // COMPLIANT + carg(cf); // COMPLIANT + //cbrt(cf); // NON-COMPLIANT + //ceil(cf); // NON-COMPLIANT + cimag(cf); // COMPLIANT + conj(cf); // COMPLIANT + //copysign(i, cf); // NON-COMPLIANT + //copysign(cf, i); // NON-COMPLIANT + //copysign(i, cf); // NON-COMPLIANT + cos(cf); // COMPLIANT + cosh(cf); // COMPLIANT + cproj(cf); // COMPLIANT + creal(cf); // COMPLIANT + //erf(cf); // NON-COMPLIANT + //erfc(cf); // NON-COMPLIANT + exp(cf); // COMPLIANT + //exp2(cf); // NON-COMPLIANT + //expm1(cf); // NON-COMPLIANT + fabs(cf); // COMPLIANT + //fdim(cf, i); // NON-COMPLIANT + //fdim(i, cf); // NON-COMPLIANT + //floor(cf); // NON-COMPLIANT + //fma(cf, i, i); // NON-COMPLIANT + //fma(i, cf, i); // NON-COMPLIANT + //fma(i, i, cf); // NON-COMPLIANT + //fmax(cf, i); // NON-COMPLIANT + //fmax(i, cf); // NON-COMPLIANT + //fmin(cf, i); // NON-COMPLIANT + //fmin(i, cf); // NON-COMPLIANT + //fmod(cf, i); // NON-COMPLIANT + //fmod(i, cf); // NON-COMPLIANT + //frexp(cf, i); // NON-COMPLIANT + //hypot(cf, i); // NON-COMPLIANT + //hypot(i, cf); // NON-COMPLIANT + //ilogb(cf); // NON-COMPLIANT + //ldexp(cf, i); // NON-COMPLIANT + //ldexp(i, cf); // NON-COMPLIANT + //lgamma(cf); // NON-COMPLIANT + //llrint(cf); // NON-COMPLIANT + //llround(cf); // NON-COMPLIANT + log(cf); // COMPLIANT + //log10(cf); // NON-COMPLIANT + //log1p(cf); // NON-COMPLIANT + //log2(cf); // NON-COMPLIANT + //logb(cf); // NON-COMPLIANT + //lrint(cf); // NON-COMPLIANT + //lround(cf); // NON-COMPLIANT + //nearbyint(cf); // NON-COMPLIANT + //nextafter(cf, i); // NON-COMPLIANT + //nextafter(i, cf); // NON-COMPLIANT + //nexttoward(cf, i); // NON-COMPLIANT + //nexttoward(i, cf); // NON-COMPLIANT + pow(cf, cf); // COMPLIANT + //remainder(cf, i); // NON-COMPLIANT + //remainder(i, cf); // NON-COMPLIANT + //remquo(cf, i, i); // NON-COMPLIANT + //remquo(i, cf, i); // NON-COMPLIANT + //rint(cf); // NON-COMPLIANT + //round(cf); // NON-COMPLIANT + //scalbn(cf, i); // NON-COMPLIANT + //scalbn(i, cf); // NON-COMPLIANT + //scalbln(cf, i); // NON-COMPLIANT + //scalbln(i, cf); // NON-COMPLIANT + sin(cf); // COMPLIANT + sinh(cf); // COMPLIANT + sqrt(cf); // COMPLIANT + tan(cf); // COMPLIANT + tanh(cf); // COMPLIANT + //tgamma(cf); // NON-COMPLIANT + //trunc(cf); // NON-COMPLIANT + + /* Test output arguments thoroughly */ + frexp(i, &i); // COMPLIANT + frexp(i, vp); // COMPLIANT + frexp(i, 0); // COMPLIANT + frexp(i, 'c' - 'c'); // COMPLIANT + frexp(i, c); // COMPLIANT + remquo(i, i, &i); // COMPLIANT + remquo(i, i, vp); // COMPLIANT + remquo(i, i, 0); // COMPLIANT + remquo(i, i, 'c' - 'c'); // COMPLIANT + remquo(i, i, c); // COMPLIANT + + /* Test casts */ + cos((char) i); // NON-COMPLIANT + cos((int) c); // COMPLIANT + cos((int) (char) i); // COMPLIANT + cos((char) (int) c); // NON-COMPLIANT +} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.expected.clang b/c/misra/test/rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.expected.clang new file mode 100644 index 0000000000..e6ad5c62e4 --- /dev/null +++ b/c/misra/test/rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.expected.clang @@ -0,0 +1,139 @@ +| test.c:95:3:95:14 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:96:3:96:15 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:97:3:97:15 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:98:3:98:16 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:99:3:99:15 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:100:3:100:16 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:101:3:101:15 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:102:3:102:16 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:103:3:103:14 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:104:3:104:15 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:105:3:105:16 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:106:3:106:17 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:107:3:107:15 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:108:3:108:16 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:109:3:109:16 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:110:3:110:17 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:111:3:111:14 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:112:3:112:15 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:113:3:113:16 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:114:3:114:17 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:121:3:121:13 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long). | +| test.c:122:3:122:14 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long). | +| test.c:123:3:123:14 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long). | +| test.c:124:3:124:14 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long). | +| test.c:125:3:125:13 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long). | +| test.c:126:3:126:15 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long). | +| test.c:127:3:127:14 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long). | +| test.c:128:3:128:15 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long). | +| test.c:131:3:131:13 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long). | +| test.c:132:3:132:15 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long). | +| test.c:133:3:133:14 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, long). | +| test.c:134:3:134:15 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, long). | +| test.c:135:3:135:13 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, int). | +| test.c:136:3:136:14 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, unsigned int). | +| test.c:137:3:137:15 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, int). | +| test.c:138:3:138:15 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, unsigned int). | +| test.c:139:3:139:14 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned long). | +| test.c:140:3:140:16 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned long). | +| test.c:141:3:141:15 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, unsigned long). | +| test.c:142:3:142:16 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, unsigned long). | +| test.c:143:3:143:14 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, int). | +| test.c:144:3:144:15 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, unsigned int). | +| test.c:145:3:145:16 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, int). | +| test.c:146:3:146:16 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, unsigned int). | +| test.c:147:3:147:15 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long). | +| test.c:148:3:148:17 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long). | +| test.c:149:3:149:16 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, long). | +| test.c:150:3:150:17 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, long). | +| test.c:151:3:151:15 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, int). | +| test.c:152:3:152:16 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, unsigned int). | +| test.c:153:3:153:17 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, int). | +| test.c:154:3:154:17 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, unsigned int). | +| test.c:155:3:155:15 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned long). | +| test.c:156:3:156:17 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned long). | +| test.c:157:3:157:16 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, unsigned long). | +| test.c:158:3:158:17 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, unsigned long). | +| test.c:159:3:159:15 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, int). | +| test.c:160:3:160:16 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, unsigned int). | +| test.c:161:3:161:17 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, int). | +| test.c:162:3:162:17 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, unsigned int). | +| test.c:165:3:165:14 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, unsigned long). | +| test.c:166:3:166:15 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, unsigned long). | +| test.c:167:3:167:16 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, unsigned long). | +| test.c:168:3:168:17 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, unsigned long). | +| test.c:169:3:169:14 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, long). | +| test.c:170:3:170:16 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, long). | +| test.c:171:3:171:15 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, long). | +| test.c:172:3:172:17 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, long). | +| test.c:175:3:175:13 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (float, double). | +| test.c:176:3:176:14 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (float, long double). | +| test.c:177:3:177:13 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (double, float). | +| test.c:178:3:178:14 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (double, long double). | +| test.c:179:3:179:14 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (long double, float). | +| test.c:180:3:180:14 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (long double, double). | +| test.c:183:3:183:13 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, float). | +| test.c:184:3:184:13 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, double). | +| test.c:185:3:185:14 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long double). | +| test.c:186:3:186:14 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, float). | +| test.c:187:3:187:14 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, double). | +| test.c:188:3:188:15 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long double). | +| test.c:189:3:189:14 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, float). | +| test.c:190:3:190:14 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, double). | +| test.c:191:3:191:15 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long double). | +| test.c:192:3:192:14 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, float). | +| test.c:193:3:193:14 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, double). | +| test.c:194:3:194:15 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long double). | +| test.c:195:3:195:13 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, float). | +| test.c:196:3:196:13 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, double). | +| test.c:197:3:197:14 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long double). | +| test.c:198:3:198:15 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, float). | +| test.c:199:3:199:15 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, double). | +| test.c:200:3:200:16 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long double). | +| test.c:201:3:201:14 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, float). | +| test.c:202:3:202:14 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, double). | +| test.c:203:3:203:15 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long double). | +| test.c:204:3:204:15 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, float). | +| test.c:205:3:205:15 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, double). | +| test.c:206:3:206:16 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long double). | +| test.c:207:3:207:13 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, float). | +| test.c:208:3:208:13 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, double). | +| test.c:209:3:209:14 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long double). | +| test.c:210:3:210:15 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, float). | +| test.c:211:3:211:15 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, double). | +| test.c:212:3:212:16 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long double). | +| test.c:213:3:213:14 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, float). | +| test.c:214:3:214:14 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, double). | +| test.c:215:3:215:15 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, long double). | +| test.c:216:3:216:15 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, float). | +| test.c:217:3:217:15 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, double). | +| test.c:218:3:218:16 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, long double). | +| test.c:219:3:219:13 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, float). | +| test.c:220:3:220:13 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, double). | +| test.c:221:3:221:14 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, long double). | +| test.c:222:3:222:15 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, float). | +| test.c:223:3:223:15 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, double). | +| test.c:224:3:224:16 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, long double). | +| test.c:225:3:225:14 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, float). | +| test.c:226:3:226:14 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, double). | +| test.c:227:3:227:15 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, long double). | +| test.c:228:3:228:15 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, float). | +| test.c:229:3:229:15 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, double). | +| test.c:230:3:230:16 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, long double). | +| test.c:235:3:235:15 | atan2(__x,__y) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, float). | +| test.c:242:3:242:16 | copysign(__x,__y) | Call to type-generic macro 'copysign' has arguments with differing standard types (int, float). | +| test.c:245:3:245:12 | fdim(__x,__y) | Call to type-generic macro 'fdim' has arguments with differing standard types (int, float). | +| test.c:248:3:248:14 | fma(__x,__y,__z) | Call to type-generic macro 'fma' has arguments with differing standard types (float, int, int). | +| test.c:249:3:249:14 | fma(__x,__y,__z) | Call to type-generic macro 'fma' has arguments with differing standard types (int, float, int). | +| test.c:250:3:250:14 | fma(__x,__y,__z) | Call to type-generic macro 'fma' has arguments with differing standard types (int, int, float). | +| test.c:253:3:253:12 | fmax(__x,__y) | Call to type-generic macro 'fmax' has arguments with differing standard types (int, float). | +| test.c:256:3:256:12 | fmin(__x,__y) | Call to type-generic macro 'fmin' has arguments with differing standard types (int, float). | +| test.c:259:3:259:12 | fmod(__x,__y) | Call to type-generic macro 'fmod' has arguments with differing standard types (int, float). | +| test.c:262:3:262:13 | hypot(__x,__y) | Call to type-generic macro 'hypot' has arguments with differing standard types (int, float). | +| test.c:265:3:265:13 | ldexp(__x,__y) | Call to type-generic macro 'ldexp' has arguments with differing standard types (int, float). | +| test.c:268:3:268:17 | nextafter(__x,__y) | Call to type-generic macro 'nextafter' has arguments with differing standard types (int, float). | +| test.c:271:3:271:18 | nexttoward(__x,__y) | Call to type-generic macro 'nexttoward' has arguments with differing standard types (int, float). | +| test.c:274:3:274:17 | remainder(__x,__y) | Call to type-generic macro 'remainder' has arguments with differing standard types (int, float). | +| test.c:277:3:277:17 | remquo(__x,__y,__z) | Call to type-generic macro 'remquo' has arguments with differing standard types (int, float). | +| test.c:280:3:280:15 | scalbln(__x,__y) | Call to type-generic macro 'scalbln' has arguments with differing standard types (int, float). | +| test.c:283:3:283:14 | scalbn(__x,__y) | Call to type-generic macro 'scalbn' has arguments with differing standard types (int, float). | diff --git a/c/misra/test/rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.expected.gcc b/c/misra/test/rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.expected.gcc new file mode 100644 index 0000000000..f8c610f8c2 --- /dev/null +++ b/c/misra/test/rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.expected.gcc @@ -0,0 +1,139 @@ +| test.c:95:3:95:14 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:96:3:96:15 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:97:3:97:15 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:98:3:98:16 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:99:3:99:15 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:100:3:100:16 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:101:3:101:15 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:102:3:102:16 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:103:3:103:14 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:104:3:104:15 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:105:3:105:16 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:106:3:106:17 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:107:3:107:15 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:108:3:108:16 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:109:3:109:16 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:110:3:110:17 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:111:3:111:14 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:112:3:112:15 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:113:3:113:16 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:114:3:114:17 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned int). | +| test.c:121:3:121:13 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long). | +| test.c:122:3:122:14 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long). | +| test.c:123:3:123:14 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long). | +| test.c:124:3:124:14 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long). | +| test.c:125:3:125:13 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long). | +| test.c:126:3:126:15 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long). | +| test.c:127:3:127:14 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long). | +| test.c:128:3:128:15 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long). | +| test.c:131:3:131:13 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long). | +| test.c:132:3:132:15 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long). | +| test.c:133:3:133:14 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, long). | +| test.c:134:3:134:15 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, long). | +| test.c:135:3:135:13 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, int). | +| test.c:136:3:136:14 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, unsigned int). | +| test.c:137:3:137:15 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, int). | +| test.c:138:3:138:15 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, unsigned int). | +| test.c:139:3:139:14 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned long). | +| test.c:140:3:140:16 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned long). | +| test.c:141:3:141:15 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, unsigned long). | +| test.c:142:3:142:16 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, unsigned long). | +| test.c:143:3:143:14 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, int). | +| test.c:144:3:144:15 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, unsigned int). | +| test.c:145:3:145:16 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, int). | +| test.c:146:3:146:16 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, unsigned int). | +| test.c:147:3:147:15 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long). | +| test.c:148:3:148:17 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long). | +| test.c:149:3:149:16 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, long). | +| test.c:150:3:150:17 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, long). | +| test.c:151:3:151:15 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, int). | +| test.c:152:3:152:16 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, unsigned int). | +| test.c:153:3:153:17 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, int). | +| test.c:154:3:154:17 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, unsigned int). | +| test.c:155:3:155:15 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned long). | +| test.c:156:3:156:17 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, unsigned long). | +| test.c:157:3:157:16 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, unsigned long). | +| test.c:158:3:158:17 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, unsigned long). | +| test.c:159:3:159:15 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, int). | +| test.c:160:3:160:16 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, unsigned int). | +| test.c:161:3:161:17 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, int). | +| test.c:162:3:162:17 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, unsigned int). | +| test.c:165:3:165:14 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, unsigned long). | +| test.c:166:3:166:15 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, unsigned long). | +| test.c:167:3:167:16 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, unsigned long). | +| test.c:168:3:168:17 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, unsigned long). | +| test.c:169:3:169:14 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, long). | +| test.c:170:3:170:16 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, long). | +| test.c:171:3:171:15 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, long). | +| test.c:172:3:172:17 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, long). | +| test.c:175:3:175:13 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (float, double). | +| test.c:176:3:176:14 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (float, long double). | +| test.c:177:3:177:13 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (double, float). | +| test.c:178:3:178:14 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (double, long double). | +| test.c:179:3:179:14 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (long double, float). | +| test.c:180:3:180:14 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (long double, double). | +| test.c:183:3:183:13 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, float). | +| test.c:184:3:184:13 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, double). | +| test.c:185:3:185:14 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long double). | +| test.c:186:3:186:14 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, float). | +| test.c:187:3:187:14 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, double). | +| test.c:188:3:188:15 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long double). | +| test.c:189:3:189:14 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, float). | +| test.c:190:3:190:14 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, double). | +| test.c:191:3:191:15 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long double). | +| test.c:192:3:192:14 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, float). | +| test.c:193:3:193:14 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, double). | +| test.c:194:3:194:15 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long double). | +| test.c:195:3:195:13 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, float). | +| test.c:196:3:196:13 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, double). | +| test.c:197:3:197:14 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long double). | +| test.c:198:3:198:15 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, float). | +| test.c:199:3:199:15 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, double). | +| test.c:200:3:200:16 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long double). | +| test.c:201:3:201:14 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, float). | +| test.c:202:3:202:14 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, double). | +| test.c:203:3:203:15 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long double). | +| test.c:204:3:204:15 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, float). | +| test.c:205:3:205:15 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, double). | +| test.c:206:3:206:16 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long double). | +| test.c:207:3:207:13 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, float). | +| test.c:208:3:208:13 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, double). | +| test.c:209:3:209:14 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long double). | +| test.c:210:3:210:15 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, float). | +| test.c:211:3:211:15 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, double). | +| test.c:212:3:212:16 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, long double). | +| test.c:213:3:213:14 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, float). | +| test.c:214:3:214:14 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, double). | +| test.c:215:3:215:15 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, long double). | +| test.c:216:3:216:15 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, float). | +| test.c:217:3:217:15 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, double). | +| test.c:218:3:218:16 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned int, long double). | +| test.c:219:3:219:13 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, float). | +| test.c:220:3:220:13 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, double). | +| test.c:221:3:221:14 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, long double). | +| test.c:222:3:222:15 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, float). | +| test.c:223:3:223:15 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, double). | +| test.c:224:3:224:16 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (long, long double). | +| test.c:225:3:225:14 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, float). | +| test.c:226:3:226:14 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, double). | +| test.c:227:3:227:15 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, long double). | +| test.c:228:3:228:15 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, float). | +| test.c:229:3:229:15 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, double). | +| test.c:230:3:230:16 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (unsigned long, long double). | +| test.c:235:3:235:15 | atan2(Val1,Val2) | Call to type-generic macro 'atan2' has arguments with differing standard types (int, float). | +| test.c:242:3:242:16 | copysign(Val1,Val2) | Call to type-generic macro 'copysign' has arguments with differing standard types (int, float). | +| test.c:245:3:245:12 | fdim(Val1,Val2) | Call to type-generic macro 'fdim' has arguments with differing standard types (int, float). | +| test.c:248:3:248:14 | fma(Val1,Val2,Val3) | Call to type-generic macro 'fma' has arguments with differing standard types (float, int, int). | +| test.c:249:3:249:14 | fma(Val1,Val2,Val3) | Call to type-generic macro 'fma' has arguments with differing standard types (int, float, int). | +| test.c:250:3:250:14 | fma(Val1,Val2,Val3) | Call to type-generic macro 'fma' has arguments with differing standard types (int, int, float). | +| test.c:253:3:253:12 | fmax(Val1,Val2) | Call to type-generic macro 'fmax' has arguments with differing standard types (int, float). | +| test.c:256:3:256:12 | fmin(Val1,Val2) | Call to type-generic macro 'fmin' has arguments with differing standard types (int, float). | +| test.c:259:3:259:12 | fmod(Val1,Val2) | Call to type-generic macro 'fmod' has arguments with differing standard types (int, float). | +| test.c:262:3:262:13 | hypot(Val1,Val2) | Call to type-generic macro 'hypot' has arguments with differing standard types (int, float). | +| test.c:265:3:265:13 | ldexp(Val1,Val2) | Call to type-generic macro 'ldexp' has arguments with differing standard types (int, float). | +| test.c:268:3:268:17 | nextafter(Val1,Val2) | Call to type-generic macro 'nextafter' has arguments with differing standard types (int, float). | +| test.c:271:3:271:18 | nexttoward(Val1,Val2) | Call to type-generic macro 'nexttoward' has arguments with differing standard types (int, float). | +| test.c:274:3:274:17 | remainder(Val1,Val2) | Call to type-generic macro 'remainder' has arguments with differing standard types (int, float). | +| test.c:277:3:277:17 | remquo(Val1,Val2,Val3) | Call to type-generic macro 'remquo' has arguments with differing standard types (int, float). | +| test.c:280:3:280:15 | scalbln(Val1,Val2) | Call to type-generic macro 'scalbln' has arguments with differing standard types (int, float). | +| test.c:283:3:283:14 | scalbn(Val1,Val2) | Call to type-generic macro 'scalbn' has arguments with differing standard types (int, float). | diff --git a/c/misra/test/rules/RULE-21-25/InvalidMemoryOrderArgument.expected b/c/misra/test/rules/RULE-21-25/InvalidMemoryOrderArgument.expected index 967621d71f..0b17405a0e 100644 --- a/c/misra/test/rules/RULE-21-25/InvalidMemoryOrderArgument.expected +++ b/c/misra/test/rules/RULE-21-25/InvalidMemoryOrderArgument.expected @@ -1,33 +1,33 @@ edges -| test.c:4:5:4:6 | *g2 | test.c:53:33:53:34 | g2 | provenance | | -| test.c:4:5:4:6 | *g2 | test.c:54:29:54:30 | g2 | provenance | | -| test.c:4:5:4:6 | *g2 | test.c:55:42:55:43 | g2 | provenance | | -| test.c:4:5:4:6 | *g2 | test.c:56:35:56:36 | g2 | provenance | | -| test.c:4:5:4:6 | *g2 | test.c:57:36:57:37 | g2 | provenance | | -| test.c:4:5:4:6 | *g2 | test.c:58:54:58:55 | g2 | provenance | | -| test.c:4:5:4:6 | *g2 | test.c:59:58:59:59 | g2 | provenance | | -| test.c:4:5:4:6 | *g2 | test.c:60:52:60:53 | g2 | provenance | | -| test.c:4:5:4:6 | *g2 | test.c:61:56:61:57 | g2 | provenance | | -| test.c:4:5:4:6 | *g2 | test.c:62:37:62:38 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:54:33:54:34 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:55:29:55:30 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:56:42:56:43 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:57:35:57:36 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:58:36:58:37 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:59:56:59:57 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:60:60:60:61 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:61:54:61:55 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:62:58:62:59 | g2 | provenance | | | test.c:4:5:4:6 | *g2 | test.c:63:37:63:38 | g2 | provenance | | -| test.c:4:5:4:6 | *g2 | test.c:64:36:64:37 | g2 | provenance | | -| test.c:4:5:4:6 | *g2 | test.c:65:37:65:38 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:64:37:64:38 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:65:36:65:37 | g2 | provenance | | | test.c:4:5:4:6 | *g2 | test.c:66:37:66:38 | g2 | provenance | | -| test.c:4:5:4:6 | *g2 | test.c:67:23:67:24 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:67:37:67:38 | g2 | provenance | | | test.c:4:5:4:6 | *g2 | test.c:68:23:68:24 | g2 | provenance | | -| test.c:4:5:4:6 | *g2 | test.c:71:23:71:24 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:69:23:69:24 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:72:23:72:24 | g2 | provenance | | | test.c:4:10:4:29 | memory_order_relaxed | test.c:4:5:4:6 | *g2 | provenance | | | test.c:4:10:4:29 | memory_order_relaxed | test.c:4:10:4:29 | memory_order_relaxed | provenance | | -| test.c:5:5:5:6 | *g3 | test.c:72:23:72:24 | g3 | provenance | | +| test.c:5:5:5:6 | *g3 | test.c:73:23:73:24 | g3 | provenance | | | test.c:5:10:5:29 | memory_order_acquire | test.c:5:5:5:6 | *g3 | provenance | | | test.c:5:10:5:29 | memory_order_acquire | test.c:5:10:5:29 | memory_order_acquire | provenance | | -| test.c:6:5:6:6 | *g4 | test.c:73:23:73:24 | g4 | provenance | | +| test.c:6:5:6:6 | *g4 | test.c:74:23:74:24 | g4 | provenance | | | test.c:6:10:6:29 | memory_order_consume | test.c:6:5:6:6 | *g4 | provenance | | | test.c:6:10:6:29 | memory_order_consume | test.c:6:10:6:29 | memory_order_consume | provenance | | -| test.c:7:5:7:6 | *g5 | test.c:74:23:74:24 | g5 | provenance | | +| test.c:7:5:7:6 | *g5 | test.c:75:23:75:24 | g5 | provenance | | | test.c:7:10:7:29 | memory_order_acq_rel | test.c:7:5:7:6 | *g5 | provenance | | | test.c:7:10:7:29 | memory_order_acq_rel | test.c:7:10:7:29 | memory_order_acq_rel | provenance | | -| test.c:8:5:8:6 | *g6 | test.c:75:23:75:24 | g6 | provenance | | +| test.c:8:5:8:6 | *g6 | test.c:76:23:76:24 | g6 | provenance | | | test.c:8:10:8:29 | memory_order_release | test.c:8:5:8:6 | *g6 | provenance | | | test.c:8:10:8:29 | memory_order_release | test.c:8:10:8:29 | memory_order_release | provenance | | nodes @@ -46,61 +46,61 @@ nodes | test.c:8:5:8:6 | *g6 | semmle.label | *g6 | | test.c:8:10:8:29 | memory_order_release | semmle.label | memory_order_release | | test.c:8:10:8:29 | memory_order_release | semmle.label | memory_order_release | -| test.c:16:29:16:48 | memory_order_relaxed | semmle.label | memory_order_relaxed | -| test.c:17:29:17:48 | memory_order_acquire | semmle.label | memory_order_acquire | -| test.c:18:29:18:48 | memory_order_consume | semmle.label | memory_order_consume | -| test.c:19:29:19:48 | memory_order_acq_rel | semmle.label | memory_order_acq_rel | -| test.c:20:29:20:48 | memory_order_release | semmle.label | memory_order_release | -| test.c:53:33:53:34 | g2 | semmle.label | g2 | -| test.c:54:29:54:30 | g2 | semmle.label | g2 | -| test.c:55:42:55:43 | g2 | semmle.label | g2 | -| test.c:56:35:56:36 | g2 | semmle.label | g2 | -| test.c:57:36:57:37 | g2 | semmle.label | g2 | -| test.c:58:54:58:55 | g2 | semmle.label | g2 | -| test.c:59:58:59:59 | g2 | semmle.label | g2 | -| test.c:60:52:60:53 | g2 | semmle.label | g2 | -| test.c:61:56:61:57 | g2 | semmle.label | g2 | -| test.c:62:37:62:38 | g2 | semmle.label | g2 | +| test.c:17:29:17:48 | memory_order_relaxed | semmle.label | memory_order_relaxed | +| test.c:18:29:18:48 | memory_order_acquire | semmle.label | memory_order_acquire | +| test.c:19:29:19:48 | memory_order_consume | semmle.label | memory_order_consume | +| test.c:20:29:20:48 | memory_order_acq_rel | semmle.label | memory_order_acq_rel | +| test.c:21:29:21:48 | memory_order_release | semmle.label | memory_order_release | +| test.c:54:33:54:34 | g2 | semmle.label | g2 | +| test.c:55:29:55:30 | g2 | semmle.label | g2 | +| test.c:56:42:56:43 | g2 | semmle.label | g2 | +| test.c:57:35:57:36 | g2 | semmle.label | g2 | +| test.c:58:36:58:37 | g2 | semmle.label | g2 | +| test.c:59:56:59:57 | g2 | semmle.label | g2 | +| test.c:60:60:60:61 | g2 | semmle.label | g2 | +| test.c:61:54:61:55 | g2 | semmle.label | g2 | +| test.c:62:58:62:59 | g2 | semmle.label | g2 | | test.c:63:37:63:38 | g2 | semmle.label | g2 | -| test.c:64:36:64:37 | g2 | semmle.label | g2 | -| test.c:65:37:65:38 | g2 | semmle.label | g2 | +| test.c:64:37:64:38 | g2 | semmle.label | g2 | +| test.c:65:36:65:37 | g2 | semmle.label | g2 | | test.c:66:37:66:38 | g2 | semmle.label | g2 | -| test.c:67:23:67:24 | g2 | semmle.label | g2 | +| test.c:67:37:67:38 | g2 | semmle.label | g2 | | test.c:68:23:68:24 | g2 | semmle.label | g2 | -| test.c:71:23:71:24 | g2 | semmle.label | g2 | -| test.c:72:23:72:24 | g3 | semmle.label | g3 | -| test.c:73:23:73:24 | g4 | semmle.label | g4 | -| test.c:74:23:74:24 | g5 | semmle.label | g5 | -| test.c:75:23:75:24 | g6 | semmle.label | g6 | -| test.c:79:23:79:23 | 1 | semmle.label | 1 | -| test.c:80:23:80:25 | 100 | semmle.label | 100 | +| test.c:69:23:69:24 | g2 | semmle.label | g2 | +| test.c:72:23:72:24 | g2 | semmle.label | g2 | +| test.c:73:23:73:24 | g3 | semmle.label | g3 | +| test.c:74:23:74:24 | g4 | semmle.label | g4 | +| test.c:75:23:75:24 | g5 | semmle.label | g5 | +| test.c:76:23:76:24 | g6 | semmle.label | g6 | +| test.c:80:23:80:23 | 1 | semmle.label | 1 | +| test.c:81:23:81:25 | 100 | semmle.label | 100 | subpaths #select -| test.c:16:29:16:48 | memory_order_relaxed | test.c:16:29:16:48 | memory_order_relaxed | test.c:16:29:16:48 | memory_order_relaxed | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | file://:0:0:0:0 | __c11_atomic_load | __c11_atomic_load | -| test.c:17:29:17:48 | memory_order_acquire | test.c:17:29:17:48 | memory_order_acquire | test.c:17:29:17:48 | memory_order_acquire | Invalid memory order '$@' in call to function '$@'. | memory_order_acquire | memory_order_acquire | file://:0:0:0:0 | __c11_atomic_load | __c11_atomic_load | -| test.c:18:29:18:48 | memory_order_consume | test.c:18:29:18:48 | memory_order_consume | test.c:18:29:18:48 | memory_order_consume | Invalid memory order '$@' in call to function '$@'. | memory_order_consume | memory_order_consume | file://:0:0:0:0 | __c11_atomic_load | __c11_atomic_load | -| test.c:19:29:19:48 | memory_order_acq_rel | test.c:19:29:19:48 | memory_order_acq_rel | test.c:19:29:19:48 | memory_order_acq_rel | Invalid memory order '$@' in call to function '$@'. | memory_order_acq_rel | memory_order_acq_rel | file://:0:0:0:0 | __c11_atomic_load | __c11_atomic_load | -| test.c:20:29:20:48 | memory_order_release | test.c:20:29:20:48 | memory_order_release | test.c:20:29:20:48 | memory_order_release | Invalid memory order '$@' in call to function '$@'. | memory_order_release | memory_order_release | file://:0:0:0:0 | __c11_atomic_load | __c11_atomic_load | -| test.c:53:33:53:34 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:53:33:53:34 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | file://:0:0:0:0 | __c11_atomic_store | __c11_atomic_store | -| test.c:54:29:54:30 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:54:29:54:30 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | file://:0:0:0:0 | __c11_atomic_load | __c11_atomic_load | -| test.c:55:42:55:43 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:55:42:55:43 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | file://:0:0:0:0 | __c11_atomic_exchange | __c11_atomic_exchange | -| test.c:56:35:56:36 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:56:35:56:36 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | file://:0:0:0:0 | __c11_atomic_store | __c11_atomic_store | -| test.c:57:36:57:37 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:57:36:57:37 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | file://:0:0:0:0 | __c11_atomic_exchange | __c11_atomic_exchange | -| test.c:58:54:58:55 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:58:54:58:55 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | file://:0:0:0:0 | __c11_atomic_compare_exchange_strong | __c11_atomic_compare_exchange_strong | -| test.c:59:58:59:59 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:59:58:59:59 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | file://:0:0:0:0 | __c11_atomic_compare_exchange_strong | __c11_atomic_compare_exchange_strong | -| test.c:60:52:60:53 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:60:52:60:53 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | file://:0:0:0:0 | __c11_atomic_compare_exchange_weak | __c11_atomic_compare_exchange_weak | -| test.c:61:56:61:57 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:61:56:61:57 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | file://:0:0:0:0 | __c11_atomic_compare_exchange_weak | __c11_atomic_compare_exchange_weak | -| test.c:62:37:62:38 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:62:37:62:38 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | file://:0:0:0:0 | __c11_atomic_fetch_add | __c11_atomic_fetch_add | -| test.c:63:37:63:38 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:63:37:63:38 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | file://:0:0:0:0 | __c11_atomic_fetch_sub | __c11_atomic_fetch_sub | -| test.c:64:36:64:37 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:64:36:64:37 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | file://:0:0:0:0 | __c11_atomic_fetch_or | __c11_atomic_fetch_or | -| test.c:65:37:65:38 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:65:37:65:38 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | file://:0:0:0:0 | __c11_atomic_fetch_xor | __c11_atomic_fetch_xor | -| test.c:66:37:66:38 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:66:37:66:38 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | file://:0:0:0:0 | __c11_atomic_fetch_and | __c11_atomic_fetch_and | -| test.c:67:23:67:24 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:67:23:67:24 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | file://:0:0:0:0 | __c11_atomic_thread_fence | __c11_atomic_thread_fence | -| test.c:68:23:68:24 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:68:23:68:24 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | file://:0:0:0:0 | __c11_atomic_signal_fence | __c11_atomic_signal_fence | -| test.c:71:23:71:24 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:71:23:71:24 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | file://:0:0:0:0 | __c11_atomic_thread_fence | __c11_atomic_thread_fence | -| test.c:72:23:72:24 | g3 | test.c:5:10:5:29 | memory_order_acquire | test.c:72:23:72:24 | g3 | Invalid memory order '$@' in call to function '$@'. | memory_order_acquire | memory_order_acquire | file://:0:0:0:0 | __c11_atomic_thread_fence | __c11_atomic_thread_fence | -| test.c:73:23:73:24 | g4 | test.c:6:10:6:29 | memory_order_consume | test.c:73:23:73:24 | g4 | Invalid memory order '$@' in call to function '$@'. | memory_order_consume | memory_order_consume | file://:0:0:0:0 | __c11_atomic_thread_fence | __c11_atomic_thread_fence | -| test.c:74:23:74:24 | g5 | test.c:7:10:7:29 | memory_order_acq_rel | test.c:74:23:74:24 | g5 | Invalid memory order '$@' in call to function '$@'. | memory_order_acq_rel | memory_order_acq_rel | file://:0:0:0:0 | __c11_atomic_thread_fence | __c11_atomic_thread_fence | -| test.c:75:23:75:24 | g6 | test.c:8:10:8:29 | memory_order_release | test.c:75:23:75:24 | g6 | Invalid memory order '$@' in call to function '$@'. | memory_order_release | memory_order_release | file://:0:0:0:0 | __c11_atomic_thread_fence | __c11_atomic_thread_fence | -| test.c:79:23:79:23 | 1 | test.c:79:23:79:23 | 1 | test.c:79:23:79:23 | 1 | Invalid memory order '$@' in call to function '$@'. | memory_order_consume | memory_order_consume | file://:0:0:0:0 | __c11_atomic_thread_fence | __c11_atomic_thread_fence | -| test.c:80:23:80:25 | 100 | test.c:80:23:80:25 | 100 | test.c:80:23:80:25 | 100 | Invalid memory order '$@' in call to function '$@'. | 100 | 100 | file://:0:0:0:0 | __c11_atomic_thread_fence | __c11_atomic_thread_fence | +| test.c:17:29:17:48 | memory_order_relaxed | test.c:17:29:17:48 | memory_order_relaxed | test.c:17:29:17:48 | memory_order_relaxed | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | Invocation of a standard function implemented as a macro | atomic_load_explicit | +| test.c:18:29:18:48 | memory_order_acquire | test.c:18:29:18:48 | memory_order_acquire | test.c:18:29:18:48 | memory_order_acquire | Invalid memory order '$@' in call to function '$@'. | memory_order_acquire | memory_order_acquire | Invocation of a standard function implemented as a macro | atomic_load_explicit | +| test.c:19:29:19:48 | memory_order_consume | test.c:19:29:19:48 | memory_order_consume | test.c:19:29:19:48 | memory_order_consume | Invalid memory order '$@' in call to function '$@'. | memory_order_consume | memory_order_consume | Invocation of a standard function implemented as a macro | atomic_load_explicit | +| test.c:20:29:20:48 | memory_order_acq_rel | test.c:20:29:20:48 | memory_order_acq_rel | test.c:20:29:20:48 | memory_order_acq_rel | Invalid memory order '$@' in call to function '$@'. | memory_order_acq_rel | memory_order_acq_rel | Invocation of a standard function implemented as a macro | atomic_load_explicit | +| test.c:21:29:21:48 | memory_order_release | test.c:21:29:21:48 | memory_order_release | test.c:21:29:21:48 | memory_order_release | Invalid memory order '$@' in call to function '$@'. | memory_order_release | memory_order_release | Invocation of a standard function implemented as a macro | atomic_load_explicit | +| test.c:54:33:54:34 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:54:33:54:34 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | Invocation of a standard function implemented as a macro | atomic_store_explicit | +| test.c:55:29:55:30 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:55:29:55:30 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | Invocation of a standard function implemented as a macro | atomic_load_explicit | +| test.c:56:42:56:43 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:56:42:56:43 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | Invocation of a standard function implemented as a macro | atomic_flag_test_and_set_explicit | +| test.c:57:35:57:36 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:57:35:57:36 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | Invocation of a standard function implemented as a macro | atomic_flag_clear_explicit | +| test.c:58:36:58:37 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:58:36:58:37 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | Invocation of a standard function implemented as a macro | atomic_exchange_explicit | +| test.c:59:56:59:57 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:59:56:59:57 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | Invocation of a standard function implemented as a macro | atomic_compare_exchange_strong_explicit | +| test.c:60:60:60:61 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:60:60:60:61 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | Invocation of a standard function implemented as a macro | atomic_compare_exchange_strong_explicit | +| test.c:61:54:61:55 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:61:54:61:55 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | Invocation of a standard function implemented as a macro | atomic_compare_exchange_weak_explicit | +| test.c:62:58:62:59 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:62:58:62:59 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | Invocation of a standard function implemented as a macro | atomic_compare_exchange_weak_explicit | +| test.c:63:37:63:38 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:63:37:63:38 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | Invocation of a standard function implemented as a macro | atomic_fetch_add_explicit | +| test.c:64:37:64:38 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:64:37:64:38 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | Invocation of a standard function implemented as a macro | atomic_fetch_sub_explicit | +| test.c:65:36:65:37 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:65:36:65:37 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | Invocation of a standard function implemented as a macro | atomic_fetch_or_explicit | +| test.c:66:37:66:38 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:66:37:66:38 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | Invocation of a standard function implemented as a macro | atomic_fetch_xor_explicit | +| test.c:67:37:67:38 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:67:37:67:38 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | Invocation of a standard function implemented as a macro | atomic_fetch_and_explicit | +| test.c:68:23:68:24 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:68:23:68:24 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | Invocation of a standard function implemented as a macro | atomic_thread_fence | +| test.c:69:23:69:24 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:69:23:69:24 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | Invocation of a standard function implemented as a macro | atomic_signal_fence | +| test.c:72:23:72:24 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:72:23:72:24 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | Invocation of a standard function implemented as a macro | atomic_thread_fence | +| test.c:73:23:73:24 | g3 | test.c:5:10:5:29 | memory_order_acquire | test.c:73:23:73:24 | g3 | Invalid memory order '$@' in call to function '$@'. | memory_order_acquire | memory_order_acquire | Invocation of a standard function implemented as a macro | atomic_thread_fence | +| test.c:74:23:74:24 | g4 | test.c:6:10:6:29 | memory_order_consume | test.c:74:23:74:24 | g4 | Invalid memory order '$@' in call to function '$@'. | memory_order_consume | memory_order_consume | Invocation of a standard function implemented as a macro | atomic_thread_fence | +| test.c:75:23:75:24 | g5 | test.c:7:10:7:29 | memory_order_acq_rel | test.c:75:23:75:24 | g5 | Invalid memory order '$@' in call to function '$@'. | memory_order_acq_rel | memory_order_acq_rel | Invocation of a standard function implemented as a macro | atomic_thread_fence | +| test.c:76:23:76:24 | g6 | test.c:8:10:8:29 | memory_order_release | test.c:76:23:76:24 | g6 | Invalid memory order '$@' in call to function '$@'. | memory_order_release | memory_order_release | Invocation of a standard function implemented as a macro | atomic_thread_fence | +| test.c:80:23:80:23 | 1 | test.c:80:23:80:23 | 1 | test.c:80:23:80:23 | 1 | Invalid memory order '$@' in call to function '$@'. | memory_order_consume | memory_order_consume | Invocation of a standard function implemented as a macro | atomic_thread_fence | +| test.c:81:23:81:25 | 100 | test.c:81:23:81:25 | 100 | test.c:81:23:81:25 | 100 | Invalid memory order '$@' in call to function '$@'. | 100 | 100 | Invocation of a standard function implemented as a macro | atomic_thread_fence | diff --git a/c/misra/test/rules/RULE-21-25/InvalidMemoryOrderArgument.expected.gcc b/c/misra/test/rules/RULE-21-25/InvalidMemoryOrderArgument.expected.gcc new file mode 100644 index 0000000000..db07e0aa33 --- /dev/null +++ b/c/misra/test/rules/RULE-21-25/InvalidMemoryOrderArgument.expected.gcc @@ -0,0 +1,106 @@ +edges +| test.c:4:5:4:6 | *g2 | test.c:54:33:54:34 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:55:29:55:30 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:56:42:56:43 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:57:35:57:36 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:58:36:58:37 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:59:56:59:57 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:60:60:60:61 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:61:54:61:55 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:62:58:62:59 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:63:37:63:38 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:64:37:64:38 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:65:36:65:37 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:66:37:66:38 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:67:37:67:38 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:68:23:68:24 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:69:23:69:24 | g2 | provenance | | +| test.c:4:5:4:6 | *g2 | test.c:72:23:72:24 | g2 | provenance | | +| test.c:4:10:4:29 | memory_order_relaxed | test.c:4:5:4:6 | *g2 | provenance | | +| test.c:4:10:4:29 | memory_order_relaxed | test.c:4:10:4:29 | memory_order_relaxed | provenance | | +| test.c:5:5:5:6 | *g3 | test.c:73:23:73:24 | g3 | provenance | | +| test.c:5:10:5:29 | memory_order_acquire | test.c:5:5:5:6 | *g3 | provenance | | +| test.c:5:10:5:29 | memory_order_acquire | test.c:5:10:5:29 | memory_order_acquire | provenance | | +| test.c:6:5:6:6 | *g4 | test.c:74:23:74:24 | g4 | provenance | | +| test.c:6:10:6:29 | memory_order_consume | test.c:6:5:6:6 | *g4 | provenance | | +| test.c:6:10:6:29 | memory_order_consume | test.c:6:10:6:29 | memory_order_consume | provenance | | +| test.c:7:5:7:6 | *g5 | test.c:75:23:75:24 | g5 | provenance | | +| test.c:7:10:7:29 | memory_order_acq_rel | test.c:7:5:7:6 | *g5 | provenance | | +| test.c:7:10:7:29 | memory_order_acq_rel | test.c:7:10:7:29 | memory_order_acq_rel | provenance | | +| test.c:8:5:8:6 | *g6 | test.c:76:23:76:24 | g6 | provenance | | +| test.c:8:10:8:29 | memory_order_release | test.c:8:5:8:6 | *g6 | provenance | | +| test.c:8:10:8:29 | memory_order_release | test.c:8:10:8:29 | memory_order_release | provenance | | +nodes +| test.c:4:5:4:6 | *g2 | semmle.label | *g2 | +| test.c:4:10:4:29 | memory_order_relaxed | semmle.label | memory_order_relaxed | +| test.c:4:10:4:29 | memory_order_relaxed | semmle.label | memory_order_relaxed | +| test.c:5:5:5:6 | *g3 | semmle.label | *g3 | +| test.c:5:10:5:29 | memory_order_acquire | semmle.label | memory_order_acquire | +| test.c:5:10:5:29 | memory_order_acquire | semmle.label | memory_order_acquire | +| test.c:6:5:6:6 | *g4 | semmle.label | *g4 | +| test.c:6:10:6:29 | memory_order_consume | semmle.label | memory_order_consume | +| test.c:6:10:6:29 | memory_order_consume | semmle.label | memory_order_consume | +| test.c:7:5:7:6 | *g5 | semmle.label | *g5 | +| test.c:7:10:7:29 | memory_order_acq_rel | semmle.label | memory_order_acq_rel | +| test.c:7:10:7:29 | memory_order_acq_rel | semmle.label | memory_order_acq_rel | +| test.c:8:5:8:6 | *g6 | semmle.label | *g6 | +| test.c:8:10:8:29 | memory_order_release | semmle.label | memory_order_release | +| test.c:8:10:8:29 | memory_order_release | semmle.label | memory_order_release | +| test.c:17:3:17:49 | memory_order_relaxed | semmle.label | memory_order_relaxed | +| test.c:18:3:18:49 | memory_order_acquire | semmle.label | memory_order_acquire | +| test.c:19:3:19:49 | memory_order_consume | semmle.label | memory_order_consume | +| test.c:20:3:20:49 | memory_order_acq_rel | semmle.label | memory_order_acq_rel | +| test.c:21:3:21:49 | memory_order_release | semmle.label | memory_order_release | +| test.c:54:33:54:34 | g2 | semmle.label | g2 | +| test.c:55:29:55:30 | g2 | semmle.label | g2 | +| test.c:56:42:56:43 | g2 | semmle.label | g2 | +| test.c:57:35:57:36 | g2 | semmle.label | g2 | +| test.c:58:36:58:37 | g2 | semmle.label | g2 | +| test.c:59:56:59:57 | g2 | semmle.label | g2 | +| test.c:60:60:60:61 | g2 | semmle.label | g2 | +| test.c:61:54:61:55 | g2 | semmle.label | g2 | +| test.c:62:58:62:59 | g2 | semmle.label | g2 | +| test.c:63:37:63:38 | g2 | semmle.label | g2 | +| test.c:64:37:64:38 | g2 | semmle.label | g2 | +| test.c:65:36:65:37 | g2 | semmle.label | g2 | +| test.c:66:37:66:38 | g2 | semmle.label | g2 | +| test.c:67:37:67:38 | g2 | semmle.label | g2 | +| test.c:68:23:68:24 | g2 | semmle.label | g2 | +| test.c:69:23:69:24 | g2 | semmle.label | g2 | +| test.c:72:23:72:24 | g2 | semmle.label | g2 | +| test.c:73:23:73:24 | g3 | semmle.label | g3 | +| test.c:74:23:74:24 | g4 | semmle.label | g4 | +| test.c:75:23:75:24 | g5 | semmle.label | g5 | +| test.c:76:23:76:24 | g6 | semmle.label | g6 | +| test.c:80:23:80:23 | 1 | semmle.label | 1 | +| test.c:81:23:81:25 | 100 | semmle.label | 100 | +subpaths +#select +| test.c:17:3:17:49 | memory_order_relaxed | test.c:17:3:17:49 | memory_order_relaxed | test.c:17:3:17:49 | memory_order_relaxed | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | Invocation of a standard function implemented as a macro | atomic_load_explicit | +| test.c:18:3:18:49 | memory_order_acquire | test.c:18:3:18:49 | memory_order_acquire | test.c:18:3:18:49 | memory_order_acquire | Invalid memory order '$@' in call to function '$@'. | memory_order_acquire | memory_order_acquire | Invocation of a standard function implemented as a macro | atomic_load_explicit | +| test.c:19:3:19:49 | memory_order_consume | test.c:19:3:19:49 | memory_order_consume | test.c:19:3:19:49 | memory_order_consume | Invalid memory order '$@' in call to function '$@'. | memory_order_consume | memory_order_consume | Invocation of a standard function implemented as a macro | atomic_load_explicit | +| test.c:20:3:20:49 | memory_order_acq_rel | test.c:20:3:20:49 | memory_order_acq_rel | test.c:20:3:20:49 | memory_order_acq_rel | Invalid memory order '$@' in call to function '$@'. | memory_order_acq_rel | memory_order_acq_rel | Invocation of a standard function implemented as a macro | atomic_load_explicit | +| test.c:21:3:21:49 | memory_order_release | test.c:21:3:21:49 | memory_order_release | test.c:21:3:21:49 | memory_order_release | Invalid memory order '$@' in call to function '$@'. | memory_order_release | memory_order_release | Invocation of a standard function implemented as a macro | atomic_load_explicit | +| test.c:54:33:54:34 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:54:33:54:34 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | Invocation of a standard function implemented as a macro | atomic_store_explicit | +| test.c:55:29:55:30 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:55:29:55:30 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | Invocation of a standard function implemented as a macro | atomic_load_explicit | +| test.c:56:42:56:43 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:56:42:56:43 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | Invocation of a standard function implemented as a macro | atomic_flag_test_and_set_explicit | +| test.c:57:35:57:36 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:57:35:57:36 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | Invocation of a standard function implemented as a macro | atomic_flag_clear_explicit | +| test.c:58:36:58:37 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:58:36:58:37 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | Invocation of a standard function implemented as a macro | atomic_exchange_explicit | +| test.c:59:56:59:57 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:59:56:59:57 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | Invocation of a standard function implemented as a macro | atomic_compare_exchange_strong_explicit | +| test.c:60:60:60:61 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:60:60:60:61 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | Invocation of a standard function implemented as a macro | atomic_compare_exchange_strong_explicit | +| test.c:61:54:61:55 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:61:54:61:55 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | Invocation of a standard function implemented as a macro | atomic_compare_exchange_weak_explicit | +| test.c:62:58:62:59 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:62:58:62:59 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | Invocation of a standard function implemented as a macro | atomic_compare_exchange_weak_explicit | +| test.c:63:37:63:38 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:63:37:63:38 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | Invocation of a standard function implemented as a macro | atomic_fetch_add_explicit | +| test.c:64:37:64:38 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:64:37:64:38 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | Invocation of a standard function implemented as a macro | atomic_fetch_sub_explicit | +| test.c:65:36:65:37 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:65:36:65:37 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | Invocation of a standard function implemented as a macro | atomic_fetch_or_explicit | +| test.c:66:37:66:38 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:66:37:66:38 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | Invocation of a standard function implemented as a macro | atomic_fetch_xor_explicit | +| test.c:67:37:67:38 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:67:37:67:38 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | Invocation of a standard function implemented as a macro | atomic_fetch_and_explicit | +| test.c:68:23:68:24 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:68:23:68:24 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | Invocation of a standard function implemented as a macro | atomic_thread_fence | +| test.c:69:23:69:24 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:69:23:69:24 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | Invocation of a standard function implemented as a macro | atomic_signal_fence | +| test.c:72:23:72:24 | g2 | test.c:4:10:4:29 | memory_order_relaxed | test.c:72:23:72:24 | g2 | Invalid memory order '$@' in call to function '$@'. | memory_order_relaxed | memory_order_relaxed | Invocation of a standard function implemented as a macro | atomic_thread_fence | +| test.c:73:23:73:24 | g3 | test.c:5:10:5:29 | memory_order_acquire | test.c:73:23:73:24 | g3 | Invalid memory order '$@' in call to function '$@'. | memory_order_acquire | memory_order_acquire | Invocation of a standard function implemented as a macro | atomic_thread_fence | +| test.c:74:23:74:24 | g4 | test.c:6:10:6:29 | memory_order_consume | test.c:74:23:74:24 | g4 | Invalid memory order '$@' in call to function '$@'. | memory_order_consume | memory_order_consume | Invocation of a standard function implemented as a macro | atomic_thread_fence | +| test.c:75:23:75:24 | g5 | test.c:7:10:7:29 | memory_order_acq_rel | test.c:75:23:75:24 | g5 | Invalid memory order '$@' in call to function '$@'. | memory_order_acq_rel | memory_order_acq_rel | Invocation of a standard function implemented as a macro | atomic_thread_fence | +| test.c:76:23:76:24 | g6 | test.c:8:10:8:29 | memory_order_release | test.c:76:23:76:24 | g6 | Invalid memory order '$@' in call to function '$@'. | memory_order_release | memory_order_release | Invocation of a standard function implemented as a macro | atomic_thread_fence | +| test.c:80:23:80:23 | 1 | test.c:80:23:80:23 | 1 | test.c:80:23:80:23 | 1 | Invalid memory order '$@' in call to function '$@'. | memory_order_consume | memory_order_consume | Invocation of a standard function implemented as a macro | atomic_thread_fence | +| test.c:81:23:81:25 | 100 | test.c:81:23:81:25 | 100 | test.c:81:23:81:25 | 100 | Invalid memory order '$@' in call to function '$@'. | 100 | 100 | Invocation of a standard function implemented as a macro | atomic_thread_fence | diff --git a/c/misra/test/rules/RULE-21-25/test.c b/c/misra/test/rules/RULE-21-25/test.c index d1831785ba..fc9fc67e95 100644 --- a/c/misra/test/rules/RULE-21-25/test.c +++ b/c/misra/test/rules/RULE-21-25/test.c @@ -1,4 +1,4 @@ -#include "stdatomic.h" +#include int g1 = memory_order_seq_cst; int g2 = memory_order_relaxed; @@ -6,6 +6,7 @@ int g3 = memory_order_acquire; int g4 = memory_order_consume; int g5 = memory_order_acq_rel; int g6 = memory_order_release; +int *ptr; void f(int p) { _Atomic int l1; @@ -25,8 +26,8 @@ void f(int p) { atomic_flag_test_and_set(&l2); // COMPLIANT atomic_flag_clear(&l2); // COMPLIANT atomic_exchange(&l1, 0); // COMPLIANT - atomic_compare_exchange_strong(&l1, 0, 1); // COMPLIANT - atomic_compare_exchange_weak(&l1, 0, 1); // COMPLIANT + atomic_compare_exchange_strong(&l1, ptr, 1); // COMPLIANT + atomic_compare_exchange_weak(&l1, ptr, 1); // COMPLIANT atomic_fetch_add(&l1, 0); // COMPLIANT atomic_fetch_sub(&l1, 0); // COMPLIANT atomic_fetch_or(&l1, 0); // COMPLIANT @@ -39,8 +40,8 @@ void f(int p) { atomic_flag_test_and_set_explicit(&l2, g1); // COMPLIANT atomic_flag_clear_explicit(&l2, g1); // COMPLIANT atomic_exchange_explicit(&l1, 0, g1); // COMPLIANT - atomic_compare_exchange_strong_explicit(&l1, 0, 1, g1, g1); // COMPLIANT - atomic_compare_exchange_weak_explicit(&l1, 0, 1, g1, g1); // COMPLIANT + atomic_compare_exchange_strong_explicit(&l1, ptr, 1, g1, g1); // COMPLIANT + atomic_compare_exchange_weak_explicit(&l1, ptr, 1, g1, g1); // COMPLIANT atomic_fetch_add_explicit(&l1, 0, g1); // COMPLIANT atomic_fetch_sub_explicit(&l1, 0, g1); // COMPLIANT atomic_fetch_or_explicit(&l1, 0, g1); // COMPLIANT @@ -55,10 +56,10 @@ void f(int p) { atomic_flag_test_and_set_explicit(&l2, g2); // NON-COMPLIANT atomic_flag_clear_explicit(&l2, g2); // NON-COMPLIANT atomic_exchange_explicit(&l1, 0, g2); // NON-COMPLIANT - atomic_compare_exchange_strong_explicit(&l1, 0, 1, g2, g1); // NON-COMPLIANT - atomic_compare_exchange_strong_explicit(&l1, 0, 1, g1, g2); // NON-COMPLIANT - atomic_compare_exchange_weak_explicit(&l1, 0, 1, g2, g1); // NON-COMPLIANT - atomic_compare_exchange_weak_explicit(&l1, 0, 1, g1, g2); // NON-COMPLIANT + atomic_compare_exchange_strong_explicit(&l1, ptr, 1, g2, g1); // NON-COMPLIANT + atomic_compare_exchange_strong_explicit(&l1, ptr, 1, g1, g2); // NON-COMPLIANT + atomic_compare_exchange_weak_explicit(&l1, ptr, 1, g2, g1); // NON-COMPLIANT + atomic_compare_exchange_weak_explicit(&l1, ptr, 1, g1, g2); // NON-COMPLIANT atomic_fetch_add_explicit(&l1, 0, g2); // NON-COMPLIANT atomic_fetch_sub_explicit(&l1, 0, g2); // NON-COMPLIANT atomic_fetch_or_explicit(&l1, 0, g2); // NON-COMPLIANT diff --git a/c/misra/test/rules/RULE-21-26/test.c b/c/misra/test/rules/RULE-21-26/test.c index d26f9c1f2f..b08f7e54a1 100644 --- a/c/misra/test/rules/RULE-21-26/test.c +++ b/c/misra/test/rules/RULE-21-26/test.c @@ -9,7 +9,7 @@ struct timespec ts = {0, 0}; void doTimeLock(mtx_t *m) { mtx_timedlock(m, &ts); } -void main(void) { +int main(int argc, char *argv[]) { mtx_init(&g1, mtx_plain); mtx_timedlock(&g1, &ts); // NON-COMPLIANT doTimeLock(&g1); // NON-COMPLIANT diff --git a/c/misra/test/rules/RULE-22-16/test.c b/c/misra/test/rules/RULE-22-16/test.c index c97fb3d588..723516509f 100644 --- a/c/misra/test/rules/RULE-22-16/test.c +++ b/c/misra/test/rules/RULE-22-16/test.c @@ -41,7 +41,7 @@ void f6(int p) { goto skipped; } mtx_unlock(&m); -skipped: +skipped:; } void f7(int p) { diff --git a/c/misra/test/rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.expected.gcc b/c/misra/test/rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.expected.gcc index f1054946a7..6f3d414214 100644 --- a/c/misra/test/rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.expected.gcc +++ b/c/misra/test/rules/RULE-8-15/RedeclarationOfObjectWithUnmatchedAlignment.expected.gcc @@ -1,10 +1,10 @@ -| test.c:11:8:11:15 | alignas(...) | Variable g4 declared with lexically different _Alignof() values '$@' and '$@' | test.c:11:8:11:15 | alignas(...) | 16 | test.c:12:8:12:15 | alignas(...) | 32 | -| test.c:12:8:12:15 | alignas(...) | Variable g4 declared with lexically different _Alignof() values '$@' and '$@' | test.c:12:8:12:15 | alignas(...) | 32 | test.c:11:8:11:15 | alignas(...) | 16 | -| test.c:18:8:18:15 | alignas(...) | Variable g6 declared with lexically different _Alignof() values '$@' and '$@' | test.c:18:8:18:15 | alignas(...) | int | test.c:19:8:19:15 | alignas(...) | 4 | -| test.c:19:8:19:15 | alignas(...) | Variable g6 declared with lexically different _Alignof() values '$@' and '$@' | test.c:19:8:19:15 | alignas(...) | 4 | test.c:18:8:18:15 | alignas(...) | int | -| test.c:22:8:22:15 | alignas(...) | Variable g7 declared with lexically different _Alignof() values '$@' and '$@' | test.c:22:8:22:15 | alignas(...) | ... * ... | test.c:23:8:23:15 | alignas(...) | 32 | -| test.c:23:8:23:15 | alignas(...) | Variable g7 declared with lexically different _Alignof() values '$@' and '$@' | test.c:23:8:23:15 | alignas(...) | 32 | test.c:22:8:22:15 | alignas(...) | ... * ... | -| test.c:28:8:28:15 | alignas(...) | Variable g9 declared with lexically different _Alignof() values '$@' and '$@' | test.c:28:8:28:15 | alignas(...) | ... * ... | test.c:29:8:29:15 | alignas(...) | ... * ... | -| test.c:29:8:29:15 | alignas(...) | Variable g9 declared with lexically different _Alignof() values '$@' and '$@' | test.c:29:8:29:15 | alignas(...) | ... * ... | test.c:28:8:28:15 | alignas(...) | ... * ... | -| test.c:34:8:34:15 | alignas(...) | Variable g11 declared with lexically different _Alignof() values '$@' and '$@' | test.c:34:8:34:15 | alignas(...) | signed int | test.c:35:8:35:15 | alignas(...) | unsigned int | -| test.c:35:8:35:15 | alignas(...) | Variable g11 declared with lexically different _Alignof() values '$@' and '$@' | test.c:35:8:35:15 | alignas(...) | unsigned int | test.c:34:8:34:15 | alignas(...) | signed int | +| test.c:11:8:11:15 | alignas(...) | Variable g4 declared with lexically different _Alignof() values '$@' and '$@'. | test.c:11:8:11:15 | alignas(...) | 16 | test.c:12:8:12:15 | alignas(...) | 32 | +| test.c:12:8:12:15 | alignas(...) | Variable g4 declared with lexically different _Alignof() values '$@' and '$@'. | test.c:12:8:12:15 | alignas(...) | 32 | test.c:11:8:11:15 | alignas(...) | 16 | +| test.c:18:8:18:15 | alignas(...) | Variable g6 declared with lexically different _Alignof() values '$@' and '$@'. | test.c:18:8:18:15 | alignas(...) | int | test.c:19:8:19:15 | alignas(...) | 4 | +| test.c:19:8:19:15 | alignas(...) | Variable g6 declared with lexically different _Alignof() values '$@' and '$@'. | test.c:19:8:19:15 | alignas(...) | 4 | test.c:18:8:18:15 | alignas(...) | int | +| test.c:22:8:22:15 | alignas(...) | Variable g7 declared with lexically different _Alignof() values '$@' and '$@'. | test.c:22:8:22:15 | alignas(...) | ... * ... | test.c:23:8:23:15 | alignas(...) | 32 | +| test.c:23:8:23:15 | alignas(...) | Variable g7 declared with lexically different _Alignof() values '$@' and '$@'. | test.c:23:8:23:15 | alignas(...) | 32 | test.c:22:8:22:15 | alignas(...) | ... * ... | +| test.c:28:8:28:15 | alignas(...) | Variable g9 declared with lexically different _Alignof() values '$@' and '$@'. | test.c:28:8:28:15 | alignas(...) | ... * ... | test.c:29:8:29:15 | alignas(...) | ... * ... | +| test.c:29:8:29:15 | alignas(...) | Variable g9 declared with lexically different _Alignof() values '$@' and '$@'. | test.c:29:8:29:15 | alignas(...) | ... * ... | test.c:28:8:28:15 | alignas(...) | ... * ... | +| test.c:34:8:34:15 | alignas(...) | Variable g11 declared with lexically different _Alignof() values '$@' and '$@'. | test.c:34:8:34:15 | alignas(...) | signed int | test.c:35:8:35:15 | alignas(...) | unsigned int | +| test.c:35:8:35:15 | alignas(...) | Variable g11 declared with lexically different _Alignof() values '$@' and '$@'. | test.c:35:8:35:15 | alignas(...) | unsigned int | test.c:34:8:34:15 | alignas(...) | signed int | diff --git a/c/misra/test/rules/RULE-9-7/test.c b/c/misra/test/rules/RULE-9-7/test.c index da367c0bd1..90645f6372 100644 --- a/c/misra/test/rules/RULE-9-7/test.c +++ b/c/misra/test/rules/RULE-9-7/test.c @@ -4,7 +4,7 @@ _Atomic int g1; // COMPLIANT _Atomic int g2 = 0; // COMPLIANT -void f_thread(void *x); +int f_thread(void *x); void f_starts_thread() { thrd_t t; @@ -13,7 +13,7 @@ void f_starts_thread() { void f_may_initialize_argument(void *p1) {} -void main() { +int main(int argc, char *argv[]) { _Atomic int l1 = 1; // COMPLIANT f_starts_thread(); diff --git a/change_notes/2025-04-08-address-cross-compiler-compatibility-in-misra-2023.md b/change_notes/2025-04-08-address-cross-compiler-compatibility-in-misra-2023.md new file mode 100644 index 0000000000..abe4c2bba8 --- /dev/null +++ b/change_notes/2025-04-08-address-cross-compiler-compatibility-in-misra-2023.md @@ -0,0 +1,12 @@ + - `RULE-21-22`, `RULE-21-23` - `TgMathArgumentWithInvalidEssentialType.ql`, `TgMathArgumentsWithDifferingStandardType.ql` + - Change type-generic macro analysis for finding macro parameters to be compatible with gcc, by ignoring early arguments inserted by gcc. + - Change explicit conversion logic to ignore the explicit casts inserted in macro bodies by clang, which previously overruled the argument essential type. + - `RULE-13-2` - `UnsequencedAtomicReads.ql`: + - Handle statement expression implementation of atomic operations in gcc. + - `RULE-21-25` - `InvalidMemoryOrderArgument.ql`: + - Handle case of where the enum `memory_order` is declared via a typedef as an anonymous enum. + - Rewrite how atomically sequenced operations are found; no longer look for builtins or internal functions, instead look for macros with the exact expected name and analyze the macro bodies for the memory sequence parameter. + - `RULE-9-7` - `UninitializedAtomicArgument.ql`: + - Handle gcc case where `atomic_init` is defined is a call to `atomic_store`, and take a more flexible approach to finding the initialized atomic variable. + - `DIR-4-15` - `PossibleMisuseOfUndetectedInfinity.ql`, `PossibleMisuseOfUndetectedNaN.ql`: + - Fix issue when analyzing clang/gcc implementations of floating point classification macros, where analysis incorrectly determined that `x` in `isinf(x)` was guaranteed to be infinite at the call site itself, affecting later analysis involving `x`. \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/FloatingPoint.qll b/cpp/common/src/codingstandards/cpp/FloatingPoint.qll index f5ff2fefca..e2a13bd62e 100644 --- a/cpp/common/src/codingstandards/cpp/FloatingPoint.qll +++ b/cpp/common/src/codingstandards/cpp/FloatingPoint.qll @@ -325,7 +325,8 @@ predicate guardedNotFPClass(Expr e, FPClassification cls) { hashCons(checked) = hashCons(e) and guard.controls(e, cmpEq) and guard.constrainsFPClass(checked, constraint, cmpEq) and - constraint.mustNotBe(cls) + constraint.mustNotBe(cls) and + not checked = e ) } diff --git a/cpp/common/src/codingstandards/cpp/StdFunctionOrMacro.qll b/cpp/common/src/codingstandards/cpp/StdFunctionOrMacro.qll index 1067b7ad09..ec4873d20e 100644 --- a/cpp/common/src/codingstandards/cpp/StdFunctionOrMacro.qll +++ b/cpp/common/src/codingstandards/cpp/StdFunctionOrMacro.qll @@ -3,28 +3,21 @@ * implement a function as a macro: the class `StdFunctionOrMacro<...>::Call` matches both std * function calls as well as std function macro expansions. * - * For instance, `atomic_init` may be implemented as a function, but is also implemented as - * `#DEFINE atomic_init(x) __c11_atomic_init(x)` on some platforms. This module aids in finding - * calls to any standard function which may be a macro, and has predefined behavior for - * handling `__c11_*` macros. + * For instance, `atomic_init` may be implemented as a function, but is also implemented as a + * complicated macro on some platforms. This module aids in finding calls to any standard function + * which may be a macro. * * Since a macro can be defined to expand to any expression, we cannot know generally which - * expanded expressions in `f(x, y)` correspond to arguments `x` or `y`. To handle this, the - * following inference options are available: - * - `NoMacroExpansionInference`: Assume any expression in the macro expansion could correspond to - * any macro argument. - * - `C11FunctionWrapperMacro`: Check if the macro expands to a function call prefixed with - * `__c11_` and if so, return the corresponding argument. Otherwise, fall back to - * `NoMacroExpansionInference`. - * - `InferMacroExpansionArguments`: Implement your own logic for inferring the argument. + * expanded expressions in `f(x, y)` correspond to arguments `x` or `y`. To handle this, implement + * the module `InferMacroExpansionArguments`. * - * To use this module, pick one of the above inference strategies, and then create a predicate for - * the name you wish to match. For instance: + * To match a function of a particular name create a predicate for the name you wish to match. For + * instance: * * ```codeql * private string atomicInit() { result = "atomic_init" } * - * from StdFunctionOrMacro::Call c + * from StdFunctionOrMacro::Call c * select c.getArgument(0) * ``` */ @@ -33,7 +26,7 @@ import cpp as cpp private string atomicInit() { result = "atomic_init" } -class AtomicInitCall = StdFunctionOrMacro::Call; +class AtomicInitCall = StdFunctionOrMacro::Call; /** Specify the name of your function as a predicate */ private signature string getName(); @@ -44,15 +37,72 @@ private signature module InferMacroExpansionArguments { cpp::Expr inferArgument(cpp::MacroInvocation mi, int argumentIdx); } -/** Assume macro `f(x, y, ...)` expands to `__c11_f(x, y, ...)`. */ -private module C11FunctionWrapperMacro implements InferMacroExpansionArguments { +private module InferAtomicMacroArgs implements InferMacroExpansionArguments { + bindingset[pattern] + private cpp::Expr getMacroVarInitializer(cpp::MacroInvocation mi, string pattern) { + exists(cpp::VariableDeclarationEntry decl | + mi.getAGeneratedElement() = decl and + decl.getName().matches(pattern) and + result = decl.getDeclaration().getInitializer().getExpr() + ) + } + bindingset[mi, argumentIdx] cpp::Expr inferArgument(cpp::MacroInvocation mi, int argumentIdx) { - exists(cpp::FunctionCall fc | - fc = mi.getExpr() and - fc.getTarget().hasName("__c11_" + mi.getMacroName()) and - result = mi.getExpr().(cpp::FunctionCall).getArgument(argumentIdx) - ) + result = mi.getExpr().(cpp::FunctionCall).getArgument(argumentIdx) + or + if + argumentIdx = 0 and + exists(getMacroVarInitializer(mi, "__atomic_%_ptr")) + then result = getMacroVarInitializer(mi, "__atomic_%_ptr") + else + if + argumentIdx = [1, 2] and + exists(getMacroVarInitializer(mi, "__atomic_%_tmp")) + then result = getMacroVarInitializer(mi, "__atomic_%_tmp") + else + exists(cpp::FunctionCall fc | + fc = mi.getAnExpandedElement() and + fc.getTarget().getName().matches("%atomic_%") and + result = fc.getArgument(argumentIdx) + ) + } +} + +private string atomicReadOrWriteName() { + result = + [ + "atomic_load", + "atomic_store", + "atomic_fetch_" + ["add", "sub", "or", "xor", "and"], + "atomic_exchange", + "atomic_compare_exchange_" + ["strong", "weak"] + ] + ["", "_explicit"] +} + +class AtomicReadOrWriteCall = + StdFunctionOrMacro::Call; + +private string atomicallySequencedName() { + result = + [ + "atomic_thread_fence", + "atomic_signal_fence", + "atomic_flag_clear_explicit", + "atomic_flag_test_and_set_explicit", + ] + or + result = atomicReadOrWriteName() and + result.matches("%_explicit") +} + +/** A `stdatomic.h` function which accepts a `memory_order` value as a parameter. */ +class AtomicallySequencedCall extends StdFunctionOrMacro::Call +{ + cpp::Expr getAMemoryOrderArgument() { + if getName() = "atomic_compare_exchange_" + ["strong", "weak"] + "_explicit" + then result = getArgument(getNumberOfArguments() - [1, 2]) + else result = getArgument(getNumberOfArguments() - 1) } } @@ -66,7 +116,7 @@ private module C11FunctionWrapperMacro implements InferMacroExpansionArguments { * * ```codeql * private string atomicInit() { result = "atomic_init" } - * from StdFunctionOrMacro::Call c + * from StdFunctionOrMacro::Call c * select c.getArgument(0) * ``` */ @@ -99,6 +149,25 @@ private module StdFunctionOrMacro Date: Tue, 8 Apr 2025 22:22:59 +0000 Subject: [PATCH 2489/2573] Format c tests, c ql files --- .../TgMathArgumentWithInvalidEssentialType.ql | 4 +- ...gMathArgumentsWithDifferingStandardType.ql | 4 +- .../RULE-21-25/InvalidMemoryOrderArgument.ql | 4 +- c/misra/test/rules/RULE-18-10/test.c | 6 +- c/misra/test/rules/RULE-18-8/test.c | 2 +- c/misra/test/rules/RULE-21-22/test.c | 8 +-- c/misra/test/rules/RULE-21-25/test.c | 68 +++++++++---------- 7 files changed, 47 insertions(+), 49 deletions(-) diff --git a/c/misra/src/rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.ql b/c/misra/src/rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.ql index 3c918c10d3..fc8565ade5 100644 --- a/c/misra/src/rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.ql +++ b/c/misra/src/rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.ql @@ -34,7 +34,9 @@ string getAllowedTypesString(TgMathInvocation call) { else result = "essentially signed, unsigned, or real floating type" } -from TgMathInvocation call, Expr convertedArg, Expr unconverted, int argIndex, Type type, EssentialTypeCategory category +from + TgMathInvocation call, Expr convertedArg, Expr unconverted, int argIndex, Type type, + EssentialTypeCategory category where not isExcluded(call, EssentialTypes2Package::tgMathArgumentWithInvalidEssentialTypeQuery()) and // We must handle conversions specially, as clang inserts casts in the macro body we want to ignore. diff --git a/c/misra/src/rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.ql b/c/misra/src/rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.ql index 1a19249982..34d3b62b2c 100644 --- a/c/misra/src/rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.ql +++ b/c/misra/src/rules/RULE-21-23/TgMathArgumentsWithDifferingStandardType.ql @@ -58,9 +58,7 @@ Type canonicalize(Type type) { else result = type } -Type getEffectiveStandardType(Expr e) { - result = canonicalize(getPromotedType(e)) -} +Type getEffectiveStandardType(Expr e) { result = canonicalize(getPromotedType(e)) } from TgMathInvocation call, Type firstType where diff --git a/c/misra/src/rules/RULE-21-25/InvalidMemoryOrderArgument.ql b/c/misra/src/rules/RULE-21-25/InvalidMemoryOrderArgument.ql index a7b599316a..684b4e50cb 100644 --- a/c/misra/src/rules/RULE-21-25/InvalidMemoryOrderArgument.ql +++ b/c/misra/src/rules/RULE-21-25/InvalidMemoryOrderArgument.ql @@ -77,9 +77,7 @@ module MemoryOrderFlowConfig implements DataFlow::ConfigSig { } predicate isSink(DataFlow::Node node) { - exists(AtomicallySequencedCall call | - call.getAMemoryOrderArgument() = node.asExpr() - ) + exists(AtomicallySequencedCall call | call.getAMemoryOrderArgument() = node.asExpr()) } } diff --git a/c/misra/test/rules/RULE-18-10/test.c b/c/misra/test/rules/RULE-18-10/test.c index b5906a3039..565b51e8de 100644 --- a/c/misra/test/rules/RULE-18-10/test.c +++ b/c/misra/test/rules/RULE-18-10/test.c @@ -57,9 +57,9 @@ void f1( } p20, // Unknown array length types: - int p21[], // COMPLIANT - int p22[][2], // COMPLIANT - int (*p23)[], // COMPLIANT + int p21[], // COMPLIANT + int p22[][2], // COMPLIANT + int (*p23)[], // COMPLIANT // int (*p24)[2][], // doesn't compile int (*p25)[][2], // COMPLIANT diff --git a/c/misra/test/rules/RULE-18-8/test.c b/c/misra/test/rules/RULE-18-8/test.c index 7d6a1400d6..ea639de271 100644 --- a/c/misra/test/rules/RULE-18-8/test.c +++ b/c/misra/test/rules/RULE-18-8/test.c @@ -28,7 +28,7 @@ void f1(int n, int p1[n], // COMPLIANT // Pointers to variably-modified types are not VLAs. int p2[n][n], - int p3[], // array of unknown length is converted to pointer + int p3[], // array of unknown length is converted to pointer int p4[][n] // array of unknown length are not VLAs. ) {} diff --git a/c/misra/test/rules/RULE-21-22/test.c b/c/misra/test/rules/RULE-21-22/test.c index 66c889d168..970df4fd56 100644 --- a/c/misra/test/rules/RULE-21-22/test.c +++ b/c/misra/test/rules/RULE-21-22/test.c @@ -322,8 +322,8 @@ void f1() { remquo(i, i, c); // COMPLIANT /* Test casts */ - cos((char) i); // NON-COMPLIANT - cos((int) c); // COMPLIANT - cos((int) (char) i); // COMPLIANT - cos((char) (int) c); // NON-COMPLIANT + cos((char)i); // NON-COMPLIANT + cos((int)c); // COMPLIANT + cos((int)(char)i); // COMPLIANT + cos((char)(int)c); // NON-COMPLIANT } \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-25/test.c b/c/misra/test/rules/RULE-21-25/test.c index fc9fc67e95..d096634d30 100644 --- a/c/misra/test/rules/RULE-21-25/test.c +++ b/c/misra/test/rules/RULE-21-25/test.c @@ -21,52 +21,52 @@ void f(int p) { atomic_load_explicit(&l1, memory_order_release); // NON-COMPLIANT // Implicit values: - atomic_store(&l1, 0); // COMPLIANT - atomic_load(&l1); // COMPLIANT - atomic_flag_test_and_set(&l2); // COMPLIANT - atomic_flag_clear(&l2); // COMPLIANT - atomic_exchange(&l1, 0); // COMPLIANT + atomic_store(&l1, 0); // COMPLIANT + atomic_load(&l1); // COMPLIANT + atomic_flag_test_and_set(&l2); // COMPLIANT + atomic_flag_clear(&l2); // COMPLIANT + atomic_exchange(&l1, 0); // COMPLIANT atomic_compare_exchange_strong(&l1, ptr, 1); // COMPLIANT atomic_compare_exchange_weak(&l1, ptr, 1); // COMPLIANT - atomic_fetch_add(&l1, 0); // COMPLIANT - atomic_fetch_sub(&l1, 0); // COMPLIANT - atomic_fetch_or(&l1, 0); // COMPLIANT - atomic_fetch_xor(&l1, 0); // COMPLIANT - atomic_fetch_and(&l1, 0); // COMPLIANT + atomic_fetch_add(&l1, 0); // COMPLIANT + atomic_fetch_sub(&l1, 0); // COMPLIANT + atomic_fetch_or(&l1, 0); // COMPLIANT + atomic_fetch_xor(&l1, 0); // COMPLIANT + atomic_fetch_and(&l1, 0); // COMPLIANT // Compliant flowed values (one test per sink): - atomic_store_explicit(&l1, 0, g1); // COMPLIANT - atomic_load_explicit(&l1, g1); // COMPLIANT - atomic_flag_test_and_set_explicit(&l2, g1); // COMPLIANT - atomic_flag_clear_explicit(&l2, g1); // COMPLIANT - atomic_exchange_explicit(&l1, 0, g1); // COMPLIANT + atomic_store_explicit(&l1, 0, g1); // COMPLIANT + atomic_load_explicit(&l1, g1); // COMPLIANT + atomic_flag_test_and_set_explicit(&l2, g1); // COMPLIANT + atomic_flag_clear_explicit(&l2, g1); // COMPLIANT + atomic_exchange_explicit(&l1, 0, g1); // COMPLIANT atomic_compare_exchange_strong_explicit(&l1, ptr, 1, g1, g1); // COMPLIANT atomic_compare_exchange_weak_explicit(&l1, ptr, 1, g1, g1); // COMPLIANT - atomic_fetch_add_explicit(&l1, 0, g1); // COMPLIANT - atomic_fetch_sub_explicit(&l1, 0, g1); // COMPLIANT - atomic_fetch_or_explicit(&l1, 0, g1); // COMPLIANT - atomic_fetch_xor_explicit(&l1, 0, g1); // COMPLIANT - atomic_fetch_and_explicit(&l1, 0, g1); // COMPLIANT - atomic_thread_fence(g1); // COMPLIANT - atomic_signal_fence(g1); // COMPLIANT + atomic_fetch_add_explicit(&l1, 0, g1); // COMPLIANT + atomic_fetch_sub_explicit(&l1, 0, g1); // COMPLIANT + atomic_fetch_or_explicit(&l1, 0, g1); // COMPLIANT + atomic_fetch_xor_explicit(&l1, 0, g1); // COMPLIANT + atomic_fetch_and_explicit(&l1, 0, g1); // COMPLIANT + atomic_thread_fence(g1); // COMPLIANT + atomic_signal_fence(g1); // COMPLIANT // Non-compliant flowed values (one test per sink): - atomic_store_explicit(&l1, 0, g2); // NON-COMPLIANT - atomic_load_explicit(&l1, g2); // NON-COMPLIANT - atomic_flag_test_and_set_explicit(&l2, g2); // NON-COMPLIANT - atomic_flag_clear_explicit(&l2, g2); // NON-COMPLIANT - atomic_exchange_explicit(&l1, 0, g2); // NON-COMPLIANT + atomic_store_explicit(&l1, 0, g2); // NON-COMPLIANT + atomic_load_explicit(&l1, g2); // NON-COMPLIANT + atomic_flag_test_and_set_explicit(&l2, g2); // NON-COMPLIANT + atomic_flag_clear_explicit(&l2, g2); // NON-COMPLIANT + atomic_exchange_explicit(&l1, 0, g2); // NON-COMPLIANT atomic_compare_exchange_strong_explicit(&l1, ptr, 1, g2, g1); // NON-COMPLIANT atomic_compare_exchange_strong_explicit(&l1, ptr, 1, g1, g2); // NON-COMPLIANT atomic_compare_exchange_weak_explicit(&l1, ptr, 1, g2, g1); // NON-COMPLIANT atomic_compare_exchange_weak_explicit(&l1, ptr, 1, g1, g2); // NON-COMPLIANT - atomic_fetch_add_explicit(&l1, 0, g2); // NON-COMPLIANT - atomic_fetch_sub_explicit(&l1, 0, g2); // NON-COMPLIANT - atomic_fetch_or_explicit(&l1, 0, g2); // NON-COMPLIANT - atomic_fetch_xor_explicit(&l1, 0, g2); // NON-COMPLIANT - atomic_fetch_and_explicit(&l1, 0, g2); // NON-COMPLIANT - atomic_thread_fence(g2); // NON-COMPLIANT - atomic_signal_fence(g2); // NON-COMPLIANT + atomic_fetch_add_explicit(&l1, 0, g2); // NON-COMPLIANT + atomic_fetch_sub_explicit(&l1, 0, g2); // NON-COMPLIANT + atomic_fetch_or_explicit(&l1, 0, g2); // NON-COMPLIANT + atomic_fetch_xor_explicit(&l1, 0, g2); // NON-COMPLIANT + atomic_fetch_and_explicit(&l1, 0, g2); // NON-COMPLIANT + atomic_thread_fence(g2); // NON-COMPLIANT + atomic_signal_fence(g2); // NON-COMPLIANT // Non-compliant flowed values (one test per source): atomic_thread_fence(g2); // NON-COMPLIANT From b9e1c0b26f1b0cbcb7d9efe38b29a9ea1e520a9a Mon Sep 17 00:00:00 2001 From: Michael R Fairhurst Date: Wed, 9 Apr 2025 03:01:38 +0000 Subject: [PATCH 2490/2573] Fix 21-22 test expectations --- .../TgMathArgumentWithInvalidEssentialType.expected | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/c/misra/test/rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.expected b/c/misra/test/rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.expected index 46e4e8f5c8..03dddb8dfe 100644 --- a/c/misra/test/rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.expected +++ b/c/misra/test/rules/RULE-21-22/TgMathArgumentWithInvalidEssentialType.expected @@ -130,5 +130,5 @@ | test.c:303:14:303:15 | cf | Argument 2 provided to type-generic macro 'scalbln' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | | test.c:309:10:309:11 | cf | Argument 1 provided to type-generic macro 'tgamma' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | | test.c:310:9:310:10 | cf | Argument 1 provided to type-generic macro 'trunc' has essentially complex floating type, which is not essentially signed, unsigned, or real floating type. | -| test.c:325:14:325:14 | i | Argument 1 provided to type-generic macro 'cos' has essentially character type, which is not essentially signed, unsigned, or floating type. | -| test.c:328:20:328:20 | c | Argument 1 provided to type-generic macro 'cos' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:325:13:325:13 | i | Argument 1 provided to type-generic macro 'cos' has essentially character type, which is not essentially signed, unsigned, or floating type. | +| test.c:328:18:328:18 | c | Argument 1 provided to type-generic macro 'cos' has essentially character type, which is not essentially signed, unsigned, or floating type. | From 315276902e53b55bfbb6ecd458f04d6a8b4abc27 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Wed, 9 Apr 2025 19:25:48 -0700 Subject: [PATCH 2491/2573] Update obligation level of new CERT-C rules --- rules.csv | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/rules.csv b/rules.csv index 2db1d7a66d..68049625e6 100644 --- a/rules.csv +++ b/rules.csv @@ -515,7 +515,7 @@ c,CERT-C,ERR30-C,Yes,Rule,,,Take care when reading errno,M19-3-1,Contracts4,Hard c,CERT-C,ERR32-C,Yes,Rule,,,Do not rely on indeterminate values of errno,,Contracts5,Hard, c,CERT-C,ERR33-C,Yes,Rule,,,Detect and handle standard library errors,MEM52-CPP,Contracts5,Hard, c,CERT-C,ERR34-C,OutOfScope,Rule,,,Detect errors when converting a string to a number,,,, -c,CERT-C,EXP16-C,Yes,Rule,,,Do not compare function pointers to constant values,,Expressions2,Medium, +c,CERT-C,EXP16-C,Yes,Recommendation,,,Do not compare function pointers to constant values,,Expressions2,Medium, c,CERT-C,EXP30-C,Yes,Rule,,,Do not depend on the order of evaluation for side effects,EXP50-CPP,SideEffects1,Easy, c,CERT-C,EXP32-C,Yes,Rule,,,Do not access a volatile object through a nonvolatile reference,,Pointers3,Easy, c,CERT-C,EXP33-C,Yes,Rule,,,Do not read uninitialized memory,EXP53-CPP,InvalidMemory1,Import, @@ -531,8 +531,8 @@ c,CERT-C,EXP44-C,Yes,Rule,,,"Do not rely on side effects in operands to sizeof, c,CERT-C,EXP45-C,Yes,Rule,,,Do not perform assignments in selection statements,M6-2-1,SideEffects1,Medium, c,CERT-C,EXP46-C,Yes,Rule,,,Do not use a bitwise operator with a Boolean-like operand,,Expressions,Easy, c,CERT-C,EXP47-C,OutOfScope,Rule,,,Do not call va_arg with an argument of the incorrect type,,,, -c,CERT-C,FIO03-C,Yes,Rule,,,Do not make assumptions about fopen() and file creation,,IO5,Hard, -c,CERT-C,FIO21-C,Yes,Rule,,,Do not create temporary files in shared directories,,IO5,Easy, +c,CERT-C,FIO03-C,Yes,Recommendation,,,Do not make assumptions about fopen() and file creation,,IO5,Hard, +c,CERT-C,FIO21-C,Yes,Recommendation,,,Do not create temporary files in shared directories,,IO5,Easy, c,CERT-C,FIO30-C,Yes,Rule,,,Exclude user input from format strings,A27-0-1,IO1,Import, c,CERT-C,FIO32-C,Yes,Rule,,,Do not perform operations on devices that are only appropriate for files,,IO3,Medium, c,CERT-C,FIO34-C,Yes,Rule,,,Distinguish between characters read from a file and EOF or WEOF,,IO1,Hard, From 64ad8fb8955f3e749ce61c8aca33c0272657b30d Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Wed, 9 Apr 2025 23:30:12 -0700 Subject: [PATCH 2492/2573] Add new query suites for CERT-C recommendations --- c/cert/src/codeql-suites/cert-c-default.qls | 10 ++++++++++ c/cert/src/codeql-suites/cert-c-recommendation.qls | 10 ++++++++++ c/cert/src/codeql-suites/cert-default.qls | 11 ++--------- c/cert/src/qlpack.yml | 1 + ...5-04-09-new-cert-c-recommendation-query-suite.md | 9 +++++++++ cpp/cert/src/codeql-suites/cert-cpp-default.qls | 9 +++++++++ .../cert-cpp-single-translation-unit.qls | 11 +++++++++++ cpp/cert/src/codeql-suites/cert-default.qls | 11 ++--------- .../codeql-suites/cert-single-translation-unit.qls | 13 ++----------- cpp/cert/src/qlpack.yml | 1 + 10 files changed, 57 insertions(+), 29 deletions(-) create mode 100644 c/cert/src/codeql-suites/cert-c-default.qls create mode 100644 c/cert/src/codeql-suites/cert-c-recommendation.qls create mode 100644 change_notes/2025-04-09-new-cert-c-recommendation-query-suite.md create mode 100644 cpp/cert/src/codeql-suites/cert-cpp-default.qls create mode 100644 cpp/cert/src/codeql-suites/cert-cpp-single-translation-unit.qls diff --git a/c/cert/src/codeql-suites/cert-c-default.qls b/c/cert/src/codeql-suites/cert-c-default.qls new file mode 100644 index 0000000000..348d2f37ae --- /dev/null +++ b/c/cert/src/codeql-suites/cert-c-default.qls @@ -0,0 +1,10 @@ +- description: CERT C 2016 (Default) +- qlpack: codeql/cert-c-coding-standards +- include: + kind: + - problem + - path-problem + - external/cert/obligation/rule +- exclude: + tags contain: + - external/cert/default-disabled diff --git a/c/cert/src/codeql-suites/cert-c-recommendation.qls b/c/cert/src/codeql-suites/cert-c-recommendation.qls new file mode 100644 index 0000000000..59ac5e9c2d --- /dev/null +++ b/c/cert/src/codeql-suites/cert-c-recommendation.qls @@ -0,0 +1,10 @@ +- description: CERT C 2016 (Recommendations) +- qlpack: codeql/cert-c-coding-standards +- include: + kind: + - problem + - path-problem + - external/cert/obligation/recommendation +- exclude: + tags contain: + - external/cert/default-disabled diff --git a/c/cert/src/codeql-suites/cert-default.qls b/c/cert/src/codeql-suites/cert-default.qls index 1e11a0afca..c093b31fa7 100644 --- a/c/cert/src/codeql-suites/cert-default.qls +++ b/c/cert/src/codeql-suites/cert-default.qls @@ -1,9 +1,2 @@ -- description: CERT C 2016 (Default) -- qlpack: codeql/cert-c-coding-standards -- include: - kind: - - problem - - path-problem -- exclude: - tags contain: - - external/cert/default-disabled +- description: "DEPRECATED - CERT C 2016 - use cert-c-default.qls instead" +- import: codeql-suites/cert-c-default.qls diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index 631639301e..e3664d75b5 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -3,6 +3,7 @@ version: 2.44.0-dev description: CERT C 2016 suites: codeql-suites license: MIT +default-suite-file: codeql-suites/cert-c-default.qls dependencies: codeql/common-c-coding-standards: '*' codeql/cpp-all: 2.1.1 diff --git a/change_notes/2025-04-09-new-cert-c-recommendation-query-suite.md b/change_notes/2025-04-09-new-cert-c-recommendation-query-suite.md new file mode 100644 index 0000000000..910433e351 --- /dev/null +++ b/change_notes/2025-04-09-new-cert-c-recommendation-query-suite.md @@ -0,0 +1,9 @@ + - The following query suites have been added or modified for CERT C: + - A new query suite has been created `cert-c-default.qls` to avoid confusion with the CERT C++ query suites. The `cert-default.qls` suite has been deprecated, and will be removed in a future releases, and is replaced by the `cert-c-default.qls` suite. + - The `cert-c-default.qls` suite has been specified as the default for the pack, and will include our most up-to-date coverage for CERT C. + - One new query suite, `cert-c-recommended.qls` has been added to enable running CERT recommendations (as opposed to rules) that will be added in the future. + - The default query suite, `cert-c-default.qls` has been set to exclude CERT recommendations (as opposed to rules) that will be added in the future. + - The following query suites have been added or modified for CERT C++: + - A new query suite has been created `cert-cpp-default.qls` to avoid confusion with the CERT C query suites. The `cert-default.qls` suite has been deprecated, and will be removed in a future releases, and is replaced by the `cert-cpp-default.qls` suite. + - The `cert-cpp-default.qls` suite has been specified as the default for the pack, and will include our most up-to-date coverage for CERT C. + - A new query suite has been created `cert-cpp-single-translation-unit.qls` to avoid confusion with the CERT C query suites. The `cert-single-translation-unit.qls` suite has been deprecated, and will be removed in a future releases, and is replaced by the `cert-cpp-single-translation-unit.qls` suite. \ No newline at end of file diff --git a/cpp/cert/src/codeql-suites/cert-cpp-default.qls b/cpp/cert/src/codeql-suites/cert-cpp-default.qls new file mode 100644 index 0000000000..e9211246b1 --- /dev/null +++ b/cpp/cert/src/codeql-suites/cert-cpp-default.qls @@ -0,0 +1,9 @@ +- description: CERT C++ 2016 (Default) +- qlpack: codeql/cert-cpp-coding-standards +- include: + kind: + - problem + - path-problem +- exclude: + tags contain: + - external/cert/default-disabled diff --git a/cpp/cert/src/codeql-suites/cert-cpp-single-translation-unit.qls b/cpp/cert/src/codeql-suites/cert-cpp-single-translation-unit.qls new file mode 100644 index 0000000000..2f09815e0d --- /dev/null +++ b/cpp/cert/src/codeql-suites/cert-cpp-single-translation-unit.qls @@ -0,0 +1,11 @@ +- description: CERT C++ 2016 (Single Translation Unit) +- qlpack: codeql/cert-cpp-coding-standards +- include: + kind: + - problem + - path-problem + tags contain: + - scope/single-translation-unit +- exclude: + tags contain: + - external/cert/default-disabled diff --git a/cpp/cert/src/codeql-suites/cert-default.qls b/cpp/cert/src/codeql-suites/cert-default.qls index e9211246b1..66599b60fb 100644 --- a/cpp/cert/src/codeql-suites/cert-default.qls +++ b/cpp/cert/src/codeql-suites/cert-default.qls @@ -1,9 +1,2 @@ -- description: CERT C++ 2016 (Default) -- qlpack: codeql/cert-cpp-coding-standards -- include: - kind: - - problem - - path-problem -- exclude: - tags contain: - - external/cert/default-disabled +- description: "DEPRECATED - CERT C++ 2016 - use cert-cpp-default.qls instead" +- import: codeql-suites/cert-cpp-default.qls \ No newline at end of file diff --git a/cpp/cert/src/codeql-suites/cert-single-translation-unit.qls b/cpp/cert/src/codeql-suites/cert-single-translation-unit.qls index 2f09815e0d..4966648394 100644 --- a/cpp/cert/src/codeql-suites/cert-single-translation-unit.qls +++ b/cpp/cert/src/codeql-suites/cert-single-translation-unit.qls @@ -1,11 +1,2 @@ -- description: CERT C++ 2016 (Single Translation Unit) -- qlpack: codeql/cert-cpp-coding-standards -- include: - kind: - - problem - - path-problem - tags contain: - - scope/single-translation-unit -- exclude: - tags contain: - - external/cert/default-disabled +- description: "DEPRECATED - CERT C++ 2016 (Single Translation Unit) - use cert-cpp-single-translation-unit.qls instead" +- import: codeql-suites/cert-cpp-single-translation-unit.qls \ No newline at end of file diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index f44646cdbe..97976d30cd 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -3,6 +3,7 @@ version: 2.44.0-dev description: CERT C++ 2016 suites: codeql-suites license: MIT +default-suite-file: codeql-suites/cert-cpp-default.qls dependencies: codeql/cpp-all: 2.1.1 codeql/common-cpp-coding-standards: '*' From 8843822ec1b46b0a913edfc5a5f7372d1e4752a8 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 10 Apr 2025 08:45:07 -0700 Subject: [PATCH 2493/2573] Add 'recommendation' to CERT schema --- schemas/rule-package.schema.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/schemas/rule-package.schema.json b/schemas/rule-package.schema.json index b4f729afe2..f9f65d679c 100644 --- a/schemas/rule-package.schema.json +++ b/schemas/rule-package.schema.json @@ -94,7 +94,8 @@ "obligation": { "type": "string", "enum": [ - "rule" + "rule", + "recommendation" ] } }, From d39ec8d75696f4d5ee0493f97b55102f47d5da52 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 10 Apr 2025 09:25:26 -0700 Subject: [PATCH 2494/2573] Fix, move 'recommendation' from CERT-C++ to CERT-C in schema --- schemas/rule-package.schema.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/schemas/rule-package.schema.json b/schemas/rule-package.schema.json index f9f65d679c..f8c3f028e3 100644 --- a/schemas/rule-package.schema.json +++ b/schemas/rule-package.schema.json @@ -94,8 +94,7 @@ "obligation": { "type": "string", "enum": [ - "rule", - "recommendation" + "rule" ] } }, @@ -142,7 +141,8 @@ "obligation": { "type": "string", "enum": [ - "rule" + "rule", + "recommendation" ] } }, From 14bd93788a59b7265a730626fe44178b0f56d8a1 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Sun, 30 Mar 2025 18:30:36 -0700 Subject: [PATCH 2495/2573] Update cert-help-extraction.py to support CERT-C optional (recommendation) rules --- scripts/help/cert-help-extraction.py | 24 +++++++++++++++++------- 1 file changed, 17 insertions(+), 7 deletions(-) diff --git a/scripts/help/cert-help-extraction.py b/scripts/help/cert-help-extraction.py index 6bd1abccd5..f785b0955f 100755 --- a/scripts/help/cert-help-extraction.py +++ b/scripts/help/cert-help-extraction.py @@ -1,5 +1,6 @@ #!/usr/bin/env python3 from argparse import ArgumentParser +from typing import Generator import tempfile import re import urllib.request @@ -23,6 +24,7 @@ CERT_WIKI = "https://wiki.sei.cmu.edu" RULES_LIST_C = "/confluence/display/c/2+Rules" +RECOMMENDED_LIST_C = "/confluence/display/c/3+Recommendations" RULES_LIST_CPP = "/confluence/display/cplusplus/2+Rules" cache_path = script_path.parent / '.cache' @@ -47,16 +49,22 @@ def soupify(url: str) -> BeautifulSoup: return BeautifulSoup(content, 'html.parser') - -def get_rules(): - rules = [] - for soup in [soupify(f"{CERT_WIKI}{RULES_LIST_C}"), soupify(f"{CERT_WIKI}{RULES_LIST_CPP}")]: +def get_rule_listings() -> Generator[Tag, None, None]: + for rule_list_id in [RULES_LIST_C, RULES_LIST_CPP]: + soup = soupify(f"{CERT_WIKI}{rule_list_id}") if soup == None: - return None - - rule_listing_start = soup.find( + continue + + yield soup.find( "h1", string="Rule Listing") + soup = soupify(f"{CERT_WIKI}{RECOMMENDED_LIST_C}") + if soup != None: + yield soup.find("h1", string="Recommendation Listing") + +def get_rules(): + rules = [] + for rule_listing_start in get_rule_listings(): for link in rule_listing_start.next_element.next_element.find_all('a'): if '-C' in link.string: rule, title = map(str.strip, link.string.split('.', 1)) @@ -214,6 +222,8 @@ def helper(node): # Fix a broken url present in many CERT-C pages if node.name == 'a' and 'href' in node.attrs and node['href'] == "http://BB. Definitions#vulnerability": node['href'] = "https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability" + elif node.name == 'a' and 'href' in node.attrs and node['href'] == "http://BB. Definitions#unexpected behavior": + node['href'] = "https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-unexpectedbehavior" # Turn relative URLs into absolute URLS elif node.name == 'a' and 'href' in node.attrs and node['href'].startswith("/confluence"): node['href'] = f"{CERT_WIKI}{node['href']}" From d2e638eedab86f076b1cbd04cd81383e09cb5611 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Sun, 30 Mar 2025 18:27:49 -0700 Subject: [PATCH 2496/2573] Implement expressions2 package --- ...CompareFunctionPointersToConstantValues.md | 129 ++++++++++++++++++ ...CompareFunctionPointersToConstantValues.ql | 101 ++++++++++++++ ...eFunctionPointersToConstantValues.expected | 16 +++ ...pareFunctionPointersToConstantValues.qlref | 1 + c/cert/test/rules/EXP16-C/test.c | 113 +++++++++++++++ .../cpp/exclusions/c/Expressions2.qll | 26 ++++ .../cpp/exclusions/c/RuleMetadata.qll | 3 + .../codingstandards/cpp/types/Compatible.qll | 19 +-- .../cpp/types/FunctionType.qll | 19 +++ rule_packages/c/Expressions2.json | 23 ++++ 10 files changed, 432 insertions(+), 18 deletions(-) create mode 100644 c/cert/src/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.md create mode 100644 c/cert/src/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql create mode 100644 c/cert/test/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.expected create mode 100644 c/cert/test/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.qlref create mode 100644 c/cert/test/rules/EXP16-C/test.c create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/Expressions2.qll create mode 100644 cpp/common/src/codingstandards/cpp/types/FunctionType.qll create mode 100644 rule_packages/c/Expressions2.json diff --git a/c/cert/src/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.md b/c/cert/src/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.md new file mode 100644 index 0000000000..b5a7c98bd6 --- /dev/null +++ b/c/cert/src/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.md @@ -0,0 +1,129 @@ +# EXP16-C: Do not compare function pointers to constant values + +This query implements the CERT-C rule EXP16-C: + +> Do not compare function pointers to constant values + + +## Description + +Comparing a function pointer to a value that is not a null function pointer of the same type will be diagnosed because it typically indicates programmer error and can result in [unexpected behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-unexpectedbehavior). Implicit comparisons will be diagnosed, as well. + +## Noncompliant Code Example + +In this noncompliant code example, the addresses of the POSIX functions `getuid` and `geteuid` are compared for equality to 0. Because no function address shall be null, the first subexpression will always evaluate to false (0), and the second subexpression always to true (nonzero). Consequently, the entire expression will always evaluate to true, leading to a potential security vulnerability. + +```cpp +/* First the options that are allowed only for root */ +if (getuid == 0 || geteuid != 0) { + /* ... */ +} + +``` + +## Noncompliant Code Example + +In this noncompliant code example, the function pointers `getuid` and `geteuid` are compared to 0. This example is from an actual [vulnerability](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) ([VU\#837857](http://www.kb.cert.org/vuls/id/837857)) discovered in some versions of the X Window System server. The vulnerability exists because the programmer neglected to provide the open and close parentheses following the `geteuid()` function identifier. As a result, the `geteuid` token returns the address of the function, which is never equal to 0. Consequently, the `or` condition of this `if` statement is always true, and access is provided to the protected block for all users. Many compilers issue a warning noting such pointless expressions. Therefore, this coding error is normally detected by adherence to [MSC00-C. Compile cleanly at high warning levels](https://wiki.sei.cmu.edu/confluence/display/c/MSC00-C.+Compile+cleanly+at+high+warning+levels). + +```cpp +/* First the options that are allowed only for root */ +if (getuid() == 0 || geteuid != 0) { + /* ... */ +} + +``` + +## Compliant Solution + +The solution is to provide the open and close parentheses following the `geteuid` token so that the function is properly invoked: + +```cpp +/* First the options that are allowed only for root */ +if (getuid() == 0 || geteuid() != 0) { + /* ... */ +} + +``` + +## Compliant Solution + +A function pointer can be compared to a null function pointer of the same type: + +```cpp +/* First the options that are allowed only for root */ +if (getuid == (uid_t(*)(void))0 || geteuid != (uid_t(*)(void))0) { + /* ... */ +} + +``` +This code should not be diagnosed by an analyzer. + +## Noncompliant Code Example + +In this noncompliant code example, the function pointer `do_xyz` is implicitly compared unequal to 0: + +```cpp +int do_xyz(void); + +int f(void) { +/* ... */ + if (do_xyz) { + return -1; /* Indicate failure */ + } +/* ... */ + return 0; +} + +``` + +## Compliant Solution + +In this compliant solution, the function `do_xyz()` is invoked and the return value is compared to 0: + +```cpp +int do_xyz(void); + +int f(void) { +/* ... */ + if (do_xyz()) { + return -1; /* Indicate failure */ + } +/* ... */ + return 0; +} + +``` + +## Risk Assessment + +Errors of omission can result in unintended program flow. + +
    Recommendation Severity Likelihood Remediation Cost Priority Level
    EXP16-C Low Likely Medium P6 L2
    + + +## Automated Detection + +
    Tool Version Checker Description
    Astrée 24.04 function-name-constant-comparison Partially checked
    Coverity 2017.07 BAD_COMPARE Can detect the specific instance where the address of a function is compared against 0, such as in the case of geteuid versus getuid() in the implementation-specific details
    GCC 4.3.5 Can detect violations of this recommendation when the -Wall flag is used
    Helix QAC 2024.4 C0428, C3004, C3344
    Klocwork 2024.4 CWARN.NULLCHECK.FUNCNAMECWARN.FUNCADDR
    LDRA tool suite 9.7.1 99 S Partially implemented
    Parasoft C/C++test 2024.2 CERT_C-EXP16-a Function address should not be compared to zero
    PC-lint Plus 1.4 2440, 2441 Partially supported: reports address of function, array, or variable directly or indirectly compared to null
    PVS-Studio 7.35 V516, V1058
    RuleChecker 24.04 function-name-constant-comparison Partially checked
    + + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+EXP16-C). + +## Related Guidelines + +
    SEI CERT C++ Coding Standard VOID EXP16-CPP. Avoid conversions using void pointers
    ISO/IEC TR 24772:2013 Likely incorrect expressions \[KOA\]
    ISO/IEC TS 17961 Comparing function addresses to zero \[funcaddr\]
    MITRE CWE CWE-480 , Use of incorrect operator CWE-482 , Comparing instead of assigning
    + + +## Bibliography + +
    \[ Hatton 1995 \] Section 2.7.2, "Errors of Omission and Addition"
    + + +## Implementation notes + +None + +## References + +* CERT-C: [EXP16-C: Do not compare function pointers to constant values](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql b/c/cert/src/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql new file mode 100644 index 0000000000..561374d66b --- /dev/null +++ b/c/cert/src/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql @@ -0,0 +1,101 @@ +/** + * @id c/cert/do-not-compare-function-pointers-to-constant-values + * @name EXP16-C: Do not compare function pointers to constant values + * @description Comparing function pointers to a constant value is not reliable and likely indicates + * a programmer error. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/cert/id/exp16-c + * correctness + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import codingstandards.cpp.types.FunctionType +import semmle.code.cpp.controlflow.IRGuards + +class FunctionExpr extends Expr { + Element function; + string funcName; + + FunctionExpr() { + function = this.(FunctionAccess).getTarget() and + funcName = "Function " + function.(Function).getName() + or + this.(VariableAccess).getUnderlyingType() instanceof FunctionType and + function = this and + funcName = "Function pointer variable " + this.(VariableAccess).getTarget().getName() + or + this.getUnderlyingType() instanceof FunctionType and + not this instanceof FunctionAccess and + not this instanceof VariableAccess and + function = this and + funcName = "Expression with function pointer type" + } + + Element getFunction() { result = function } + + string getFuncName() { result = funcName } +} + +abstract class EffectivelyComparison extends Element { + abstract string getExplanation(); + + abstract FunctionExpr getFunctionExpr(); +} + +class ExplicitComparison extends EffectivelyComparison, ComparisonOperation { + Expr constantExpr; + FunctionExpr funcExpr; + + ExplicitComparison() { + funcExpr = getAnOperand() and + constantExpr = getAnOperand() and + exists(constantExpr.getValue()) and + not funcExpr = constantExpr and + not constantExpr.getExplicitlyConverted().getUnderlyingType() = + funcExpr.getExplicitlyConverted().getUnderlyingType() + } + + override string getExplanation() { result = "$@ compared to constant value." } + + override FunctionExpr getFunctionExpr() { result = funcExpr } +} + +class ImplicitComparison extends EffectivelyComparison, GuardCondition { + ImplicitComparison() { + this instanceof FunctionExpr and + not getParent() instanceof ComparisonOperation + } + + override string getExplanation() { result = "$@ undergoes implicit constant comparison." } + + override FunctionExpr getFunctionExpr() { result = this } +} + +from EffectivelyComparison comparison, FunctionExpr funcExpr, Element function, string funcName +where + not isExcluded(comparison, + Expressions2Package::doNotCompareFunctionPointersToConstantValuesQuery()) and + funcExpr = comparison.getFunctionExpr() and + function = funcExpr.getFunction() and + funcName = funcExpr.getFuncName() +select comparison, comparison.getExplanation(), function, funcName +//from +// EqualityOperation equality, FunctionExpr funcExpr, Element function, string funcName, +// Expr constantExpr +//where +// not isExcluded(equality, Expressions2Package::doNotCompareFunctionPointersToConstantValuesQuery()) and +// funcExpr = equality.getAnOperand() and +// constantExpr = equality.getAnOperand() and +// exists(constantExpr.getValue()) and +// function = funcExpr.getFunction() and +// funcName = funcExpr.getFuncName() and +// constantExpr.getFullyConverted().getUnderlyingType() = +// funcExpr.getFullyConverted().getUnderlyingType() +//select equality, +// "Pointer to function $@ compared to constant value." + +// constantExpr.getFullyConverted().getUnderlyingType().explain() + " / " + +// funcExpr.getFullyConverted().getUnderlyingType().explain(), function, funcName diff --git a/c/cert/test/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.expected b/c/cert/test/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.expected new file mode 100644 index 0000000000..a18f0d32f6 --- /dev/null +++ b/c/cert/test/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.expected @@ -0,0 +1,16 @@ +| test.c:17:7:17:13 | ... == ... | $@ compared to constant value. | test.c:3:5:3:6 | f1 | Function f1 | +| test.c:20:7:20:12 | ... > ... | $@ compared to constant value. | test.c:3:5:3:6 | f1 | Function f1 | +| test.c:29:7:29:13 | ... == ... | $@ compared to constant value. | test.c:29:7:29:8 | g1 | Function pointer variable g1 | +| test.c:32:7:32:16 | ... == ... | $@ compared to constant value. | test.c:32:7:32:8 | g2 | Function pointer variable g2 | +| test.c:35:7:35:15 | ... != ... | $@ compared to constant value. | test.c:35:7:35:8 | g1 | Function pointer variable g1 | +| test.c:38:7:38:8 | f1 | $@ undergoes implicit constant comparison. | test.c:3:5:3:6 | f1 | Function f1 | +| test.c:41:7:41:8 | g1 | $@ undergoes implicit constant comparison. | test.c:41:7:41:8 | g1 | Function pointer variable g1 | +| test.c:68:7:68:27 | ... == ... | $@ compared to constant value. | test.c:3:5:3:6 | f1 | Function f1 | +| test.c:71:7:71:18 | ... == ... | $@ compared to constant value. | test.c:3:5:3:6 | f1 | Function f1 | +| test.c:74:7:76:14 | ... == ... | $@ compared to constant value. | test.c:3:5:3:6 | f1 | Function f1 | +| test.c:83:3:83:9 | ... == ... | $@ compared to constant value. | test.c:83:3:83:4 | l1 | Function pointer variable l1 | +| test.c:84:3:84:12 | ... == ... | $@ compared to constant value. | test.c:84:3:84:4 | l1 | Function pointer variable l1 | +| test.c:91:3:91:4 | g1 | $@ undergoes implicit constant comparison. | test.c:91:3:91:4 | g1 | Function pointer variable g1 | +| test.c:96:7:96:18 | ... == ... | $@ compared to constant value. | test.c:96:9:96:10 | fp | Function pointer variable fp | +| test.c:102:7:102:22 | ... == ... | $@ compared to constant value. | test.c:14:11:14:21 | get_handler | Function get_handler | +| test.c:105:7:105:24 | ... == ... | $@ compared to constant value. | test.c:105:7:105:17 | call to get_handler | Expression with function pointer type | diff --git a/c/cert/test/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.qlref b/c/cert/test/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.qlref new file mode 100644 index 0000000000..7d99fa9879 --- /dev/null +++ b/c/cert/test/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.qlref @@ -0,0 +1 @@ +rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql \ No newline at end of file diff --git a/c/cert/test/rules/EXP16-C/test.c b/c/cert/test/rules/EXP16-C/test.c new file mode 100644 index 0000000000..afc1b1b53e --- /dev/null +++ b/c/cert/test/rules/EXP16-C/test.c @@ -0,0 +1,113 @@ +#include + +int f1(); +void (*g1)(void); +int (*g2)(int); +void *g3 = NULL; + +struct S { + int (*fp)(void); + int x; +}; + +typedef int (*handler_t)(void); +handler_t get_handler(void); + +void f2(void) { + if (f1 == 0) // NON-COMPLIANT + return; + + if (f1 > 0) // NON-COMPLIANT + return; + + if (f1() == 0) // COMPLIANT + return; + + if (f1() > 0) // COMPLIANT + return; + + if (g1 == 0) // NON-COMPLIANT + return; + + if (g2 == NULL) // NON-COMPLIANT + return; + + if (g1 != 0x0) // NON-COMPLIANT + return; + + if (f1) // NON-COMPLIANT - implicit comparison + return; + + if (g1) // NON-COMPLIANT - implicit comparison + return; +} + +void f3(void *p1) { + if (g1 == p1) // COMPLIANT - comparing to variable + return; + + if (g2 == g3) // COMPLIANT - comparing to variable + return; +} + +void f4(void) { + int (*l1)(void) = 0; + + if (f1 == f1) // COMPLIANT - comparing to constant value of same type + return; + + if (f1 == l1) // COMPLIANT - comparing to constant value of same type + return; + + if (f1 == (int (*)(void))0) // COMPLIANT - explicit cast + return; + + if (f1 == (int (*)(void))0) // COMPLIANT - explicit cast + return; + + if (f1 == (int (*)(int))0) // NON-COMPLIANT - explicit cast to wrong type + return; + + if (f1 == (int)0) // NON-COMPLIANT - cast to non-function pointer type + return; + + if (f1 == + (int)(int (*)(void)) + NULL) // NON-COMPLIANT - compliant cast subsumed by non-compliant cast + return; +} + +typedef void (*func_t)(void); +void f5(void) { + func_t l1 = g1; + l1 == 0; // NON-COMPLIANT + l1 == NULL; // NON-COMPLIANT + l1 == (func_t)0; // COMPLIANT - cast to function pointer type +} + +void f6(void) { + g1 + 0; // COMPLIANT - not a comparison + g1 == g2; // COMPLIANT - not comparing to constant + g1 ? 1 : 0; // NON-COMPLIANT - implicit comparison +} + +void f7(void) { + struct S s; + if (s.fp == NULL) // NON-COMPLIANT + return; + + if (s.fp() == NULL) // COMPLIANT + return; + + if (get_handler == 0) // NON-COMPLIANT - missing parentheses + return; + + if (get_handler() == 0) // NON-COMPLIANT + return; + + if (get_handler() == (handler_t)0) // COMPLIANT + return; + + if (get_handler()() == 0) // COMPLIANT + return; +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Expressions2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Expressions2.qll new file mode 100644 index 0000000000..cc22a5ce02 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Expressions2.qll @@ -0,0 +1,26 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype Expressions2Query = TDoNotCompareFunctionPointersToConstantValuesQuery() + +predicate isExpressions2QueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `doNotCompareFunctionPointersToConstantValues` query + Expressions2Package::doNotCompareFunctionPointersToConstantValuesQuery() and + queryId = + // `@id` for the `doNotCompareFunctionPointersToConstantValues` query + "c/cert/do-not-compare-function-pointers-to-constant-values" and + ruleId = "EXP16-C" and + category = "rule" +} + +module Expressions2Package { + Query doNotCompareFunctionPointersToConstantValuesQuery() { + //autogenerate `Query` type + result = + // `Query` type for `doNotCompareFunctionPointersToConstantValues` query + TQueryC(TExpressions2PackageQuery(TDoNotCompareFunctionPointersToConstantValuesQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index ae035b9c5d..b574f7551c 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -38,6 +38,7 @@ import Declarations9 import EssentialTypes import EssentialTypes2 import Expressions +import Expressions2 import FloatingTypes import FloatingTypes2 import FunctionTypes @@ -127,6 +128,7 @@ newtype TCQuery = TEssentialTypesPackageQuery(EssentialTypesQuery q) or TEssentialTypes2PackageQuery(EssentialTypes2Query q) or TExpressionsPackageQuery(ExpressionsQuery q) or + TExpressions2PackageQuery(Expressions2Query q) or TFloatingTypesPackageQuery(FloatingTypesQuery q) or TFloatingTypes2PackageQuery(FloatingTypes2Query q) or TFunctionTypesPackageQuery(FunctionTypesQuery q) or @@ -216,6 +218,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isEssentialTypesQueryMetadata(query, queryId, ruleId, category) or isEssentialTypes2QueryMetadata(query, queryId, ruleId, category) or isExpressionsQueryMetadata(query, queryId, ruleId, category) or + isExpressions2QueryMetadata(query, queryId, ruleId, category) or isFloatingTypesQueryMetadata(query, queryId, ruleId, category) or isFloatingTypes2QueryMetadata(query, queryId, ruleId, category) or isFunctionTypesQueryMetadata(query, queryId, ruleId, category) or diff --git a/cpp/common/src/codingstandards/cpp/types/Compatible.qll b/cpp/common/src/codingstandards/cpp/types/Compatible.qll index d6f65126e8..56966b5772 100644 --- a/cpp/common/src/codingstandards/cpp/types/Compatible.qll +++ b/cpp/common/src/codingstandards/cpp/types/Compatible.qll @@ -1,6 +1,7 @@ import cpp import codeql.util.Boolean import codingstandards.cpp.types.Graph +import codingstandards.cpp.types.FunctionType module TypeNamesMatchConfig implements TypeEquivalenceSig { predicate resolveTypedefs() { @@ -352,21 +353,3 @@ module FunctionDeclarationTypeEquivalence { ) } } - -/** - * Convenience class to reduce the awkwardness of how `RoutineType` and `FunctionPointerIshType` - * don't have a common ancestor. - */ -private class FunctionType extends Type { - FunctionType() { this instanceof RoutineType or this instanceof FunctionPointerIshType } - - Type getReturnType() { - result = this.(RoutineType).getReturnType() or - result = this.(FunctionPointerIshType).getReturnType() - } - - Type getParameterType(int i) { - result = this.(RoutineType).getParameterType(i) or - result = this.(FunctionPointerIshType).getParameterType(i) - } -} diff --git a/cpp/common/src/codingstandards/cpp/types/FunctionType.qll b/cpp/common/src/codingstandards/cpp/types/FunctionType.qll new file mode 100644 index 0000000000..e43d1067f1 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/types/FunctionType.qll @@ -0,0 +1,19 @@ +import cpp + +/** + * Convenience class to reduce the awkwardness of how `RoutineType` and `FunctionPointerIshType` + * don't have a common ancestor. + */ +class FunctionType extends Type { + FunctionType() { this instanceof RoutineType or this instanceof FunctionPointerIshType } + + Type getReturnType() { + result = this.(RoutineType).getReturnType() or + result = this.(FunctionPointerIshType).getReturnType() + } + + Type getParameterType(int i) { + result = this.(RoutineType).getParameterType(i) or + result = this.(FunctionPointerIshType).getParameterType(i) + } +} \ No newline at end of file diff --git a/rule_packages/c/Expressions2.json b/rule_packages/c/Expressions2.json new file mode 100644 index 0000000000..88b5dff988 --- /dev/null +++ b/rule_packages/c/Expressions2.json @@ -0,0 +1,23 @@ +{ + "CERT-C": { + "EXP16-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Comparing function pointers to a constant value is not reliable and likely indicates a programmer error.", + "kind": "problem", + "name": "Do not compare function pointers to constant values", + "precision": "very-high", + "severity": "error", + "short_name": "DoNotCompareFunctionPointersToConstantValues", + "tags": [ + "correctness" + ] + } + ], + "title": "Do not compare function pointers to constant values" + } + } +} \ No newline at end of file From f6d62ecf55ec81dec636c3ce3d9fa2ead440aa3e Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Mon, 31 Mar 2025 13:09:44 -0700 Subject: [PATCH 2497/2573] Format --- cpp/common/src/codingstandards/cpp/types/FunctionType.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/types/FunctionType.qll b/cpp/common/src/codingstandards/cpp/types/FunctionType.qll index e43d1067f1..20166322f1 100644 --- a/cpp/common/src/codingstandards/cpp/types/FunctionType.qll +++ b/cpp/common/src/codingstandards/cpp/types/FunctionType.qll @@ -16,4 +16,4 @@ class FunctionType extends Type { result = this.(RoutineType).getParameterType(i) or result = this.(FunctionPointerIshType).getParameterType(i) } -} \ No newline at end of file +} From 067e1724a04df9eaaad348c4886a72e3276c9bd1 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Wed, 9 Apr 2025 20:39:32 -0700 Subject: [PATCH 2498/2573] Change obligation --- .../EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql | 2 +- .../src/codingstandards/cpp/exclusions/c/Expressions2.qll | 2 +- rule_packages/c/Expressions2.json | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/c/cert/src/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql b/c/cert/src/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql index 561374d66b..88beae6bc0 100644 --- a/c/cert/src/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql +++ b/c/cert/src/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql @@ -8,7 +8,7 @@ * @problem.severity error * @tags external/cert/id/exp16-c * correctness - * external/cert/obligation/rule + * external/cert/obligation/recommendation */ import cpp diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Expressions2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Expressions2.qll index cc22a5ce02..e7dffc30bb 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Expressions2.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Expressions2.qll @@ -13,7 +13,7 @@ predicate isExpressions2QueryMetadata(Query query, string queryId, string ruleId // `@id` for the `doNotCompareFunctionPointersToConstantValues` query "c/cert/do-not-compare-function-pointers-to-constant-values" and ruleId = "EXP16-C" and - category = "rule" + category = "recommendation" } module Expressions2Package { diff --git a/rule_packages/c/Expressions2.json b/rule_packages/c/Expressions2.json index 88b5dff988..7eaa2ff2ec 100644 --- a/rule_packages/c/Expressions2.json +++ b/rule_packages/c/Expressions2.json @@ -2,7 +2,7 @@ "CERT-C": { "EXP16-C": { "properties": { - "obligation": "rule" + "obligation": "recommendation" }, "queries": [ { From 010b7c7d2b626dad88511d6292afc837eecd534d Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Wed, 9 Apr 2025 20:40:20 -0700 Subject: [PATCH 2499/2573] Remove commented out code --- ...NotCompareFunctionPointersToConstantValues.ql | 16 ---------------- 1 file changed, 16 deletions(-) diff --git a/c/cert/src/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql b/c/cert/src/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql index 88beae6bc0..d9622b03b9 100644 --- a/c/cert/src/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql +++ b/c/cert/src/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql @@ -83,19 +83,3 @@ where function = funcExpr.getFunction() and funcName = funcExpr.getFuncName() select comparison, comparison.getExplanation(), function, funcName -//from -// EqualityOperation equality, FunctionExpr funcExpr, Element function, string funcName, -// Expr constantExpr -//where -// not isExcluded(equality, Expressions2Package::doNotCompareFunctionPointersToConstantValuesQuery()) and -// funcExpr = equality.getAnOperand() and -// constantExpr = equality.getAnOperand() and -// exists(constantExpr.getValue()) and -// function = funcExpr.getFunction() and -// funcName = funcExpr.getFuncName() and -// constantExpr.getFullyConverted().getUnderlyingType() = -// funcExpr.getFullyConverted().getUnderlyingType() -//select equality, -// "Pointer to function $@ compared to constant value." + -// constantExpr.getFullyConverted().getUnderlyingType().explain() + " / " + -// funcExpr.getFullyConverted().getUnderlyingType().explain(), function, funcName From 65045370e3665cf3b15edcc044ddf5d81364bbce Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Tue, 15 Apr 2025 06:42:44 -0700 Subject: [PATCH 2500/2573] Implement package FloatingPoint --- ...suseOfInfiniteFloatingPointValue.expected} | 56 ++--- .../MisuseOfInfiniteFloatingPointValue.ql | 4 + .../test.c | 44 ++-- .../MisuseOfNaNFloatingPointValue.expected} | 68 +++--- .../MisuseOfNaNFloatingPointValue.ql | 4 + .../misuseofnanfloatingpointvalue/test.c | 212 ++++++++++++++++++ .../PossibleMisuseOfUndetectedInfinity.ql | 127 +---------- .../DIR-4-15/PossibleMisuseOfUndetectedNaN.ql | 189 +--------------- ...PossibleMisuseOfUndetectedInfinity.testref | 1 + .../PossibleMisuseOfUndetectedNaN.testref | 1 + ...025-04-14-update-infinity-nan-detection.md | 4 + .../src/codingstandards/cpp/FloatingPoint.qll | 3 +- .../cpp/RestrictedRangeAnalysis.qll | 3 +- .../cpp/exclusions/cpp/FloatingPoint.qll | 44 ++++ .../cpp/exclusions/cpp/RuleMetadata.qll | 3 + .../MisuseOfInfiniteFloatingPointValue.qll | 141 ++++++++++++ .../MisuseOfNaNFloatingPointValue.qll | 201 +++++++++++++++++ .../test/includes/standard-library/cmath | 19 ++ .../test/includes/standard-library/math.h | 6 + ...isuseOfInfiniteFloatingPointValue.expected | 113 ++++++++++ .../MisuseOfInfiniteFloatingPointValue.ql | 4 + .../test.cpp | 212 ++++++++++++++++++ .../MisuseOfNaNFloatingPointValue.expected | 136 +++++++++++ .../MisuseOfNaNFloatingPointValue.ql | 4 + .../misuseofnanfloatingpointvalue/test.cpp | 212 ++++++++++++++++++ ...sibleMisuseOfInfiniteFloatingPointValue.ql | 22 ++ .../PossibleMisuseOfNaNFloatingPointValue.ql | 23 ++ ...MisuseOfInfiniteFloatingPointValue.testref | 1 + ...sibleMisuseOfNaNFloatingPointValue.testref | 1 + rule_packages/c/FloatingTypes2.json | 2 + rule_packages/cpp/FloatingPoint.json | 38 ++++ 31 files changed, 1505 insertions(+), 393 deletions(-) rename c/{misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.expected => common/test/rules/misuseofinfinitefloatingpointvalue/MisuseOfInfiniteFloatingPointValue.expected} (99%) create mode 100644 c/common/test/rules/misuseofinfinitefloatingpointvalue/MisuseOfInfiniteFloatingPointValue.ql rename c/{misra/test/rules/DIR-4-15 => common/test/rules/misuseofinfinitefloatingpointvalue}/test.c (82%) rename c/{misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.expected => common/test/rules/misuseofnanfloatingpointvalue/MisuseOfNaNFloatingPointValue.expected} (99%) create mode 100644 c/common/test/rules/misuseofnanfloatingpointvalue/MisuseOfNaNFloatingPointValue.ql create mode 100644 c/common/test/rules/misuseofnanfloatingpointvalue/test.c create mode 100644 c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.testref create mode 100644 c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.testref create mode 100644 change_notes/2025-04-14-update-infinity-nan-detection.md create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/cpp/FloatingPoint.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/misuseofinfinitefloatingpointvalue/MisuseOfInfiniteFloatingPointValue.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/misuseofnanfloatingpointvalue/MisuseOfNaNFloatingPointValue.qll create mode 100644 cpp/common/test/rules/misuseofinfinitefloatingpointvalue/MisuseOfInfiniteFloatingPointValue.expected create mode 100644 cpp/common/test/rules/misuseofinfinitefloatingpointvalue/MisuseOfInfiniteFloatingPointValue.ql create mode 100644 cpp/common/test/rules/misuseofinfinitefloatingpointvalue/test.cpp create mode 100644 cpp/common/test/rules/misuseofnanfloatingpointvalue/MisuseOfNaNFloatingPointValue.expected create mode 100644 cpp/common/test/rules/misuseofnanfloatingpointvalue/MisuseOfNaNFloatingPointValue.ql create mode 100644 cpp/common/test/rules/misuseofnanfloatingpointvalue/test.cpp create mode 100644 cpp/misra/src/rules/DIR-0-3-1/PossibleMisuseOfInfiniteFloatingPointValue.ql create mode 100644 cpp/misra/src/rules/DIR-0-3-1/PossibleMisuseOfNaNFloatingPointValue.ql create mode 100644 cpp/misra/test/rules/DIR-0-3-1/PossibleMisuseOfInfiniteFloatingPointValue.testref create mode 100644 cpp/misra/test/rules/DIR-0-3-1/PossibleMisuseOfNaNFloatingPointValue.testref create mode 100644 rule_packages/cpp/FloatingPoint.json diff --git a/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.expected b/c/common/test/rules/misuseofinfinitefloatingpointvalue/MisuseOfInfiniteFloatingPointValue.expected similarity index 99% rename from c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.expected rename to c/common/test/rules/misuseofinfinitefloatingpointvalue/MisuseOfInfiniteFloatingPointValue.expected index 8dd5ac15b8..f3b94b6095 100644 --- a/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.expected +++ b/c/common/test/rules/misuseofinfinitefloatingpointvalue/MisuseOfInfiniteFloatingPointValue.expected @@ -1,3 +1,30 @@ +problems +| test.c:12:8:12:9 | l2 | test.c:8:14:8:20 | ... / ... | test.c:12:8:12:9 | l2 | Possibly infinite float value $@ flows to divisor, which would silently underflow and produce zero. | test.c:8:14:8:20 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:13:8:13:9 | l3 | test.c:8:14:8:20 | ... / ... | test.c:13:8:13:9 | l3 | Possibly infinite float value $@ flows to divisor, which would silently underflow and produce zero. | test.c:8:14:8:20 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:18:8:18:9 | l2 | test.c:8:14:8:20 | ... / ... | test.c:18:3:18:9 | l2 | Possibly infinite float value $@ flows to cast to integer. | test.c:8:14:8:20 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:19:8:19:9 | l3 | test.c:8:14:8:20 | ... / ... | test.c:19:3:19:9 | l3 | Possibly infinite float value $@ flows to cast to integer. | test.c:8:14:8:20 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:27:19:27:20 | l2 | test.c:8:14:8:20 | ... / ... | test.c:27:19:27:20 | l2 | Possibly infinite float value $@ flows to divisor, which would silently underflow and produce zero. | test.c:8:14:8:20 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:28:19:28:20 | l3 | test.c:8:14:8:20 | ... / ... | test.c:28:19:28:20 | l3 | Possibly infinite float value $@ flows to divisor, which would silently underflow and produce zero. | test.c:8:14:8:20 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:38:8:38:9 | l7 | test.c:31:14:32:15 | ... / ... | test.c:38:3:38:9 | l7 | Possibly infinite float value $@ flows to cast to integer. | test.c:31:14:32:15 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:61:11:61:17 | ... / ... | test.c:61:5:61:18 | ... / ... | test.c:61:5:61:18 | ... / ... | Possibly infinite float value $@ flows to cast to integer. | test.c:61:11:61:17 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:66:11:66:19 | ... / ... | test.c:66:5:66:20 | ... / ... | test.c:66:5:66:20 | ... / ... | Possibly infinite float value $@ flows to cast to integer. | test.c:66:11:66:19 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:72:20:72:28 | ... / ... | test.c:72:14:72:29 | ... / ... | test.c:72:14:72:29 | ... / ... | Possibly infinite float value $@ flows to cast to integer. | test.c:72:20:72:28 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:75:24:75:32 | ... / ... | test.c:75:18:75:33 | ... / ... | test.c:75:18:75:33 | ... / ... | Possibly infinite float value $@ flows to cast to integer. | test.c:75:24:75:32 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:79:10:79:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:79:5:79:12 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.c:77:15:77:21 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:87:10:87:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:87:5:87:12 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.c:77:15:77:21 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:91:10:91:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:91:5:91:12 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.c:77:15:77:21 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:93:10:93:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:93:5:93:12 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.c:77:15:77:21 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:99:10:99:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:99:5:99:12 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.c:77:15:77:21 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:105:10:105:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:105:5:105:12 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.c:77:15:77:21 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:111:10:111:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:111:5:111:12 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.c:77:15:77:21 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:114:21:114:23 | l12 | test.c:77:15:77:21 | ... / ... | test.c:114:16:114:23 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.c:77:15:77:21 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:117:28:117:30 | l12 | test.c:77:15:77:21 | ... / ... | test.c:117:23:117:30 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.c:77:15:77:21 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:120:25:120:27 | l12 | test.c:77:15:77:21 | ... / ... | test.c:120:20:120:27 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.c:77:15:77:21 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:163:9:164:15 | ... / ... | test.c:163:3:164:16 | ... / ... | test.c:163:3:164:16 | ... / ... | Possibly infinite float value $@ flows to cast to integer. | test.c:163:9:164:15 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:175:32:175:32 | p | test.c:189:51:189:59 | ... / ... | test.c:175:27:175:32 | p | Possibly infinite float value $@ computed in function $@ flows to cast to integer. | test.c:189:51:189:59 | ... / ... | from division by zero | test.c:189:6:189:24 | addInfThenCastToInt | addInfThenCastToInt | +| test.c:175:32:175:32 | p | test.c:193:13:194:15 | ... / ... | test.c:175:27:175:32 | p | Possibly infinite float value $@ computed in function $@ flows to cast to integer. | test.c:193:13:194:15 | ... / ... | from division by zero | test.c:192:6:192:7 | f2 | f2 | +| test.c:175:32:175:32 | p | test.c:204:19:204:27 | ... / ... | test.c:175:27:175:32 | p | Possibly infinite float value $@ computed in function $@ flows to cast to integer. | test.c:204:19:204:27 | ... / ... | from division by zero | test.c:192:6:192:7 | f2 | f2 | +| test.c:185:18:185:18 | p | test.c:200:25:200:33 | ... / ... | test.c:185:13:185:18 | p | Possibly infinite float value $@ computed in function $@ flows to cast to integer. | test.c:200:25:200:33 | ... / ... | from division by zero | test.c:192:6:192:7 | f2 | f2 | edges | test.c:8:14:8:20 | ... / ... | test.c:8:14:8:20 | ... / ... | provenance | | | test.c:8:14:8:20 | ... / ... | test.c:9:14:9:16 | - ... | provenance | Config | @@ -83,31 +110,4 @@ nodes | test.c:206:21:206:31 | ... + ... | semmle.label | ... + ... | | test.c:208:13:208:21 | middleInf | semmle.label | middleInf | | test.c:210:23:210:31 | middleInf | semmle.label | middleInf | -subpaths -#select -| test.c:12:8:12:9 | l2 | test.c:8:14:8:20 | ... / ... | test.c:12:8:12:9 | l2 | Possibly infinite float value $@ flows to divisor, which would silently underflow and produce zero. | test.c:8:14:8:20 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:13:8:13:9 | l3 | test.c:8:14:8:20 | ... / ... | test.c:13:8:13:9 | l3 | Possibly infinite float value $@ flows to divisor, which would silently underflow and produce zero. | test.c:8:14:8:20 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:18:8:18:9 | l2 | test.c:8:14:8:20 | ... / ... | test.c:18:3:18:9 | l2 | Possibly infinite float value $@ flows to cast to integer. | test.c:8:14:8:20 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:19:8:19:9 | l3 | test.c:8:14:8:20 | ... / ... | test.c:19:3:19:9 | l3 | Possibly infinite float value $@ flows to cast to integer. | test.c:8:14:8:20 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:27:19:27:20 | l2 | test.c:8:14:8:20 | ... / ... | test.c:27:19:27:20 | l2 | Possibly infinite float value $@ flows to divisor, which would silently underflow and produce zero. | test.c:8:14:8:20 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:28:19:28:20 | l3 | test.c:8:14:8:20 | ... / ... | test.c:28:19:28:20 | l3 | Possibly infinite float value $@ flows to divisor, which would silently underflow and produce zero. | test.c:8:14:8:20 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:38:8:38:9 | l7 | test.c:31:14:32:15 | ... / ... | test.c:38:3:38:9 | l7 | Possibly infinite float value $@ flows to cast to integer. | test.c:31:14:32:15 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:61:11:61:17 | ... / ... | test.c:61:5:61:18 | ... / ... | test.c:61:5:61:18 | ... / ... | Possibly infinite float value $@ flows to cast to integer. | test.c:61:11:61:17 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:66:11:66:19 | ... / ... | test.c:66:5:66:20 | ... / ... | test.c:66:5:66:20 | ... / ... | Possibly infinite float value $@ flows to cast to integer. | test.c:66:11:66:19 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:72:20:72:28 | ... / ... | test.c:72:14:72:29 | ... / ... | test.c:72:14:72:29 | ... / ... | Possibly infinite float value $@ flows to cast to integer. | test.c:72:20:72:28 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:75:24:75:32 | ... / ... | test.c:75:18:75:33 | ... / ... | test.c:75:18:75:33 | ... / ... | Possibly infinite float value $@ flows to cast to integer. | test.c:75:24:75:32 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:79:10:79:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:79:5:79:12 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.c:77:15:77:21 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:87:10:87:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:87:5:87:12 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.c:77:15:77:21 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:91:10:91:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:91:5:91:12 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.c:77:15:77:21 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:93:10:93:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:93:5:93:12 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.c:77:15:77:21 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:99:10:99:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:99:5:99:12 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.c:77:15:77:21 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:105:10:105:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:105:5:105:12 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.c:77:15:77:21 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:111:10:111:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:111:5:111:12 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.c:77:15:77:21 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:114:21:114:23 | l12 | test.c:77:15:77:21 | ... / ... | test.c:114:16:114:23 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.c:77:15:77:21 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:117:28:117:30 | l12 | test.c:77:15:77:21 | ... / ... | test.c:117:23:117:30 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.c:77:15:77:21 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:120:25:120:27 | l12 | test.c:77:15:77:21 | ... / ... | test.c:120:20:120:27 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.c:77:15:77:21 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:163:9:164:15 | ... / ... | test.c:163:3:164:16 | ... / ... | test.c:163:3:164:16 | ... / ... | Possibly infinite float value $@ flows to cast to integer. | test.c:163:9:164:15 | ... / ... | from division by zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:175:32:175:32 | p | test.c:189:51:189:59 | ... / ... | test.c:175:27:175:32 | p | Possibly infinite float value $@ computed in function $@ flows to cast to integer. | test.c:189:51:189:59 | ... / ... | from division by zero | test.c:189:6:189:24 | addInfThenCastToInt | addInfThenCastToInt | -| test.c:175:32:175:32 | p | test.c:193:13:194:15 | ... / ... | test.c:175:27:175:32 | p | Possibly infinite float value $@ computed in function $@ flows to cast to integer. | test.c:193:13:194:15 | ... / ... | from division by zero | test.c:192:6:192:7 | f2 | f2 | -| test.c:175:32:175:32 | p | test.c:204:19:204:27 | ... / ... | test.c:175:27:175:32 | p | Possibly infinite float value $@ computed in function $@ flows to cast to integer. | test.c:204:19:204:27 | ... / ... | from division by zero | test.c:192:6:192:7 | f2 | f2 | -| test.c:185:18:185:18 | p | test.c:200:25:200:33 | ... / ... | test.c:185:13:185:18 | p | Possibly infinite float value $@ computed in function $@ flows to cast to integer. | test.c:200:25:200:33 | ... / ... | from division by zero | test.c:192:6:192:7 | f2 | f2 | +subpaths \ No newline at end of file diff --git a/c/common/test/rules/misuseofinfinitefloatingpointvalue/MisuseOfInfiniteFloatingPointValue.ql b/c/common/test/rules/misuseofinfinitefloatingpointvalue/MisuseOfInfiniteFloatingPointValue.ql new file mode 100644 index 0000000000..f0d160a650 --- /dev/null +++ b/c/common/test/rules/misuseofinfinitefloatingpointvalue/MisuseOfInfiniteFloatingPointValue.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.misuseofinfinitefloatingpointvalue.MisuseOfInfiniteFloatingPointValue + +class TestFileQuery extends MisuseOfInfiniteFloatingPointValueSharedQuery, TestQuery { } diff --git a/c/misra/test/rules/DIR-4-15/test.c b/c/common/test/rules/misuseofinfinitefloatingpointvalue/test.c similarity index 82% rename from c/misra/test/rules/DIR-4-15/test.c rename to c/common/test/rules/misuseofinfinitefloatingpointvalue/test.c index a827a7df97..85097d828b 100644 --- a/c/misra/test/rules/DIR-4-15/test.c +++ b/c/common/test/rules/misuseofinfinitefloatingpointvalue/test.c @@ -33,10 +33,10 @@ void f1(float p1) { float l8 = 0.0 / 0.0; (int)l4; // COMPLIANT - (int)l5; // NON_COMPLIANT: Casting NaN to int - (int)l6; // NON_COMPLIANT: Casting NaN to int - (int)l7; // NON_COMPLIANT: Casting NaN to int - (int)l8; // NON_COMPLIANT: Casting NaN to int + (int)l5; // COMPLIANT: Casting NaN to int + (int)l6; // COMPLIANT: Casting NaN to int + (int)l7; // NON_COMPLIANT: Casting Infinity to int + (int)l8; // COMPLIANT: Casting NaN to int l4 == 0; // COMPLIANT l4 != 0; // COMPLIANT @@ -58,21 +58,21 @@ void f1(float p1) { if (l9 != 0) { (int)(l9 / l9); // COMPLIANT: l9 is not zero } else { - (int)(l9 / l9); // NON_COMPLIANT: Guarded to not be NaN + (int)(l9 / l9); // NON_COMPLIANT[False positive]: Guarded to not be NaN } float l10 = 0; if (l10 == 0) { - (int)(l10 / l10); // NON_COMPLIANT: Casting NaN to integer + (int)(l10 / l10); // NON_COMPLIANT[False positive]: Casting NaN to integer } else { (int)(l10 / l10); // COMPLIANT: Guarded to not be NaN } float l11 = 0; - l11 == 0 ? (int)(l11 / l11) : 0; // NON_COMPLIANT + l11 == 0 ? (int)(l11 / l11) : 0; // NON_COMPLIANT[False positive] l11 == 0 ? 0 : (int)(l11 / l11); // COMPLIANT l11 != 0 ? (int)(l11 / l11) : 0; // COMPLIANT - l11 != 0 ? 0 : (int)(l11 / l11); // NON_COMPLIANT + l11 != 0 ? 0 : (int)(l11 / l11); // NON_COMPLIANT[False positive] float l12 = 1.0 / 0; if (isinf(l12)) { @@ -123,29 +123,29 @@ void f1(float p1) { if (isinf(l13)) { (int)l13; // COMPLIANT: Guarded not to be NaN } else { - (int)l13; // NON_COMPLIANT: Casting NaN to integer + (int)l13; // COMPLIANT: Casting NaN to integer } if (isinf(l13) == 1) { (int)l13; // COMPLIANT: Guarded not to be NaN (must be +Infinity) } else { - (int)l13; // NON_COMPLIANT: Casting NaN to integer + (int)l13; // COMPLIANT: Casting NaN to integer } if (isfinite(l13)) { (int)l13; // COMPLIANT: Guarded not to be NaN } else { - (int)l13; // NON_COMPLIANT: Casting NaN to integer + (int)l13; // COMPLIANT: Casting NaN to integer } if (isnormal(l13)) { (int)l13; // COMPLIANT: Guarded not to be NaN } else { - (int)l13; // NON_COMPLIANT: Casting NaN to integer + (int)l13; // COMPLIANT: Casting NaN to integer } if (isnan(l13)) { - (int)l13; // NON_COMPLIANT: Casting NaN to integer + (int)l13; // COMPLIANT: Casting NaN to integer } else { (int)l13; // COMPLIANT: Guarded not to be NaN } @@ -154,21 +154,21 @@ void f1(float p1) { : 0; // COMPLIANT: Checked infinite, therefore not NaN, before use isinf(l13) ? 0 : (int)l13; // COMPLIANT: Check on wrong branch isfinite(l13) ? (int)l13 : 0; // COMPLIANT: Checked finite before use - isfinite(l13) ? 0 : (int)l13; // NON_COMPLIANT: Checked on wrong branch - isnan(l13) ? (int)l13 : 0; // NON_COMPLIANT: Check on wrong branch + isfinite(l13) ? 0 : (int)l13; // COMPLIANT: Checked on wrong branch + isnan(l13) ? (int)l13 : 0; // COMPLIANT: Check on wrong branch isnan(l13) ? 0 : (int)l13; // COMPLIANT: Checked not NaN before use - (int)pow(2, p1); // NON_COMPLIANT: likely to be Infinity + (int)pow(2, p1); // NON_COMPLIANT[False negative]: likely to be Infinity (int)pow(2, sin(p1)); // COMPLIANT: not likely to be Infinity (int)(1 / sin(p1)); // NON_COMPLIANT: possible infinity from zero in denominator (int)(1 / log(p1)); // COMPLIANT: not possibly zero in denominator - (int)pow(p1, p1); // NON_COMPLIANT: NaN if p1 is zero + (int)pow(p1, p1); // COMPLIANT: NaN if p1 is zero if (p1 != 0) { (int)pow(p1, p1); // COMPLIANT: p1 is not zero } - (int)acos(p1); // NON_COMPLIANT: NaN if p1 is not within -1..1 + (int)acos(p1); // COMPLIANT: NaN if p1 is not within -1..1 (int)acos(cos(p1)); // COMPLIANT: cos(p1) is within -1..1 } @@ -192,13 +192,13 @@ void addNaNThenCastToInt(float p) { castToInt(p + 0.0 / 0.0); } void f2() { castToInt(1.0 / 0.0); // NON_COMPLIANT: Infinity flows to denominator in division - castToInt(0.0 / 0.0); // NON_COMPLIANT: NaN flows to denominator in division + castToInt(0.0 / 0.0); // COMPLIANT checkBeforeCastToInt(1.0 / 0.0); // COMPLIANT checkBeforeCastToInt(0.0 / 0.0); // COMPLIANT addOneThenCastToInt(1.0 / 0.0); // NON_COMPLIANT[False negative] addOneThenCastToInt(0.0 / 0.0); // NON_COMPLIANT castToIntToFloatToInt(1.0 / 0.0); // NON_COMPLIANT - castToIntToFloatToInt(0.0 / 0.0); // NON_COMPLIANT + castToIntToFloatToInt(0.0 / 0.0); // COMPLIANT // Check that during flow analysis, we only report the true root cause: float rootInf = 1.0 / 0.0; @@ -206,7 +206,7 @@ void f2() { float middleInf = rootInf + 1; float middleNaN = rootNaN + 1; castToInt(middleInf); // NON_COMPLIANT - castToInt(middleNaN); // NON_COMPLIANT + castToInt(middleNaN); // COMPLIANT addInfThenCastToInt(middleInf); // NON_COMPLIANT - addNaNThenCastToInt(middleNaN); // NON_COMPLIANT + addNaNThenCastToInt(middleNaN); // COMPLIANT } \ No newline at end of file diff --git a/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.expected b/c/common/test/rules/misuseofnanfloatingpointvalue/MisuseOfNaNFloatingPointValue.expected similarity index 99% rename from c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.expected rename to c/common/test/rules/misuseofnanfloatingpointvalue/MisuseOfNaNFloatingPointValue.expected index aeec3c943f..1555fd5bd8 100644 --- a/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.expected +++ b/c/common/test/rules/misuseofnanfloatingpointvalue/MisuseOfNaNFloatingPointValue.expected @@ -1,3 +1,36 @@ +problems +| test.c:36:8:36:9 | l5 | test.c:27:14:27:20 | ... / ... | test.c:36:3:36:9 | l5 | Possible NaN value $@ flows to a cast to integer. | test.c:27:14:27:20 | ... / ... | from division of infinity by infinity | test.c:6:6:6:7 | f1 | f1 | +| test.c:37:8:37:9 | l6 | test.c:28:14:28:20 | ... / ... | test.c:37:3:37:9 | l6 | Possible NaN value $@ flows to a cast to integer. | test.c:28:14:28:20 | ... / ... | from division of infinity by infinity | test.c:6:6:6:7 | f1 | f1 | +| test.c:38:8:38:9 | l7 | test.c:31:14:32:15 | ... / ... | test.c:38:3:38:9 | l7 | Possible NaN value $@ flows to a cast to integer. | test.c:31:14:32:15 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:39:8:39:9 | l8 | test.c:33:14:33:22 | ... / ... | test.c:39:3:39:9 | l8 | Possible NaN value $@ flows to a cast to integer. | test.c:33:14:33:22 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:46:3:46:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:46:3:46:4 | l5 | Possible NaN value $@ flows to comparison, which would always evaluate to false. | test.c:27:14:27:20 | ... / ... | from division of infinity by infinity | test.c:6:6:6:7 | f1 | f1 | +| test.c:47:3:47:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:47:3:47:4 | l5 | Possible NaN value $@ flows to comparison, which would always evaluate to false. | test.c:27:14:27:20 | ... / ... | from division of infinity by infinity | test.c:6:6:6:7 | f1 | f1 | +| test.c:48:3:48:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:48:3:48:4 | l5 | Possible NaN value $@ flows to comparison, which would always evaluate to false. | test.c:27:14:27:20 | ... / ... | from division of infinity by infinity | test.c:6:6:6:7 | f1 | f1 | +| test.c:49:3:49:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:49:3:49:4 | l5 | Possible NaN value $@ flows to comparison, which would always evaluate to false. | test.c:27:14:27:20 | ... / ... | from division of infinity by infinity | test.c:6:6:6:7 | f1 | f1 | +| test.c:50:3:50:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:50:3:50:4 | l5 | Possible NaN value $@ flows to comparison, which would always evaluate to false. | test.c:27:14:27:20 | ... / ... | from division of infinity by infinity | test.c:6:6:6:7 | f1 | f1 | +| test.c:51:3:51:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:51:3:51:4 | l5 | Possible NaN value $@ flows to comparison, which would always evaluate to false. | test.c:27:14:27:20 | ... / ... | from division of infinity by infinity | test.c:6:6:6:7 | f1 | f1 | +| test.c:52:3:52:4 | l6 | test.c:28:14:28:20 | ... / ... | test.c:52:3:52:4 | l6 | Possible NaN value $@ flows to comparison, which would always evaluate to false. | test.c:28:14:28:20 | ... / ... | from division of infinity by infinity | test.c:6:6:6:7 | f1 | f1 | +| test.c:53:3:53:4 | l7 | test.c:31:14:32:15 | ... / ... | test.c:53:3:53:4 | l7 | Possible NaN value $@ flows to comparison, which would always evaluate to false. | test.c:31:14:32:15 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:54:3:54:4 | l8 | test.c:33:14:33:22 | ... / ... | test.c:54:3:54:4 | l8 | Possible NaN value $@ flows to comparison, which would always evaluate to false. | test.c:33:14:33:22 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:61:11:61:17 | ... / ... | test.c:61:5:61:18 | ... / ... | test.c:61:5:61:18 | ... / ... | Possible NaN value $@ flows to a cast to integer. | test.c:61:11:61:17 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:66:11:66:19 | ... / ... | test.c:66:5:66:20 | ... / ... | test.c:66:5:66:20 | ... / ... | Possible NaN value $@ flows to a cast to integer. | test.c:66:11:66:19 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:72:20:72:28 | ... / ... | test.c:72:14:72:29 | ... / ... | test.c:72:14:72:29 | ... / ... | Possible NaN value $@ flows to a cast to integer. | test.c:72:20:72:28 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:75:24:75:32 | ... / ... | test.c:75:18:75:33 | ... / ... | test.c:75:18:75:33 | ... / ... | Possible NaN value $@ flows to a cast to integer. | test.c:75:24:75:32 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:126:10:126:12 | l13 | test.c:122:15:122:21 | ... / ... | test.c:126:5:126:12 | l13 | Possible NaN value $@ flows to a cast to integer. | test.c:122:15:122:21 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:132:10:132:12 | l13 | test.c:122:15:122:21 | ... / ... | test.c:132:5:132:12 | l13 | Possible NaN value $@ flows to a cast to integer. | test.c:122:15:122:21 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:138:10:138:12 | l13 | test.c:122:15:122:21 | ... / ... | test.c:138:5:138:12 | l13 | Possible NaN value $@ flows to a cast to integer. | test.c:122:15:122:21 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:144:10:144:12 | l13 | test.c:122:15:122:21 | ... / ... | test.c:144:5:144:12 | l13 | Possible NaN value $@ flows to a cast to integer. | test.c:122:15:122:21 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:148:10:148:12 | l13 | test.c:122:15:122:21 | ... / ... | test.c:148:5:148:12 | l13 | Possible NaN value $@ flows to a cast to integer. | test.c:122:15:122:21 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:155:25:155:27 | l13 | test.c:122:15:122:21 | ... / ... | test.c:155:20:155:27 | l13 | Possible NaN value $@ flows to a cast to integer. | test.c:122:15:122:21 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:157:28:157:30 | l13 | test.c:122:15:122:21 | ... / ... | test.c:157:23:157:30 | l13 | Possible NaN value $@ flows to a cast to integer. | test.c:122:15:122:21 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:158:21:158:23 | l13 | test.c:122:15:122:21 | ... / ... | test.c:158:16:158:23 | l13 | Possible NaN value $@ flows to a cast to integer. | test.c:122:15:122:21 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:166:8:166:10 | call to pow | test.c:166:3:166:18 | call to pow | test.c:166:3:166:18 | call to pow | Possible NaN value $@ flows to a cast to integer. | test.c:166:8:166:10 | call to pow | both arguments are equal to zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:171:8:171:11 | call to acos | test.c:171:3:171:15 | call to acos | test.c:171:3:171:15 | call to acos | Possible NaN value $@ flows to a cast to integer. | test.c:171:8:171:11 | call to acos | the argument has a range -1000000000000000...1000000000000000 which is outside the domain of this function (-1.0...1.0) | test.c:6:6:6:7 | f1 | f1 | +| test.c:175:32:175:32 | p | test.c:190:51:190:59 | ... / ... | test.c:175:27:175:32 | p | Possible NaN value $@ computed in function $@ flows to a cast to integer. | test.c:190:51:190:59 | ... / ... | from division of zero by zero | test.c:190:6:190:24 | addNaNThenCastToInt | addNaNThenCastToInt | +| test.c:175:32:175:32 | p | test.c:195:13:195:21 | ... / ... | test.c:175:27:175:32 | p | Possible NaN value $@ computed in function $@ flows to a cast to integer. | test.c:195:13:195:21 | ... / ... | from division of zero by zero | test.c:192:6:192:7 | f2 | f2 | +| test.c:175:32:175:32 | p | test.c:199:23:199:31 | ... / ... | test.c:175:27:175:32 | p | Possible NaN value $@ computed in function $@ flows to a cast to integer. | test.c:199:23:199:31 | ... / ... | from division of zero by zero | test.c:192:6:192:7 | f2 | f2 | +| test.c:175:32:175:32 | p | test.c:205:19:205:27 | ... / ... | test.c:175:27:175:32 | p | Possible NaN value $@ computed in function $@ flows to a cast to integer. | test.c:205:19:205:27 | ... / ... | from division of zero by zero | test.c:192:6:192:7 | f2 | f2 | +| test.c:185:18:185:18 | p | test.c:201:25:201:33 | ... / ... | test.c:185:13:185:18 | p | Possible NaN value $@ computed in function $@ flows to a cast to integer. | test.c:201:25:201:33 | ... / ... | from division of zero by zero | test.c:192:6:192:7 | f2 | f2 | edges | test.c:27:14:27:20 | ... / ... | test.c:27:14:27:20 | ... / ... | provenance | | | test.c:27:14:27:20 | ... / ... | test.c:36:3:36:9 | l5 | provenance | | @@ -100,37 +133,4 @@ nodes | test.c:207:21:207:31 | ... + ... | semmle.label | ... + ... | | test.c:209:13:209:21 | middleNaN | semmle.label | middleNaN | | test.c:211:23:211:31 | middleNaN | semmle.label | middleNaN | -subpaths -#select -| test.c:36:8:36:9 | l5 | test.c:27:14:27:20 | ... / ... | test.c:36:3:36:9 | l5 | Possible NaN value $@ flows to a cast to integer. | test.c:27:14:27:20 | ... / ... | from division of infinity by infinity | test.c:6:6:6:7 | f1 | f1 | -| test.c:37:8:37:9 | l6 | test.c:28:14:28:20 | ... / ... | test.c:37:3:37:9 | l6 | Possible NaN value $@ flows to a cast to integer. | test.c:28:14:28:20 | ... / ... | from division of infinity by infinity | test.c:6:6:6:7 | f1 | f1 | -| test.c:38:8:38:9 | l7 | test.c:31:14:32:15 | ... / ... | test.c:38:3:38:9 | l7 | Possible NaN value $@ flows to a cast to integer. | test.c:31:14:32:15 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:39:8:39:9 | l8 | test.c:33:14:33:22 | ... / ... | test.c:39:3:39:9 | l8 | Possible NaN value $@ flows to a cast to integer. | test.c:33:14:33:22 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:46:3:46:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:46:3:46:4 | l5 | Possible NaN value $@ flows to comparison, which would always evaluate to false. | test.c:27:14:27:20 | ... / ... | from division of infinity by infinity | test.c:6:6:6:7 | f1 | f1 | -| test.c:47:3:47:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:47:3:47:4 | l5 | Possible NaN value $@ flows to comparison, which would always evaluate to false. | test.c:27:14:27:20 | ... / ... | from division of infinity by infinity | test.c:6:6:6:7 | f1 | f1 | -| test.c:48:3:48:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:48:3:48:4 | l5 | Possible NaN value $@ flows to comparison, which would always evaluate to false. | test.c:27:14:27:20 | ... / ... | from division of infinity by infinity | test.c:6:6:6:7 | f1 | f1 | -| test.c:49:3:49:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:49:3:49:4 | l5 | Possible NaN value $@ flows to comparison, which would always evaluate to false. | test.c:27:14:27:20 | ... / ... | from division of infinity by infinity | test.c:6:6:6:7 | f1 | f1 | -| test.c:50:3:50:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:50:3:50:4 | l5 | Possible NaN value $@ flows to comparison, which would always evaluate to false. | test.c:27:14:27:20 | ... / ... | from division of infinity by infinity | test.c:6:6:6:7 | f1 | f1 | -| test.c:51:3:51:4 | l5 | test.c:27:14:27:20 | ... / ... | test.c:51:3:51:4 | l5 | Possible NaN value $@ flows to comparison, which would always evaluate to false. | test.c:27:14:27:20 | ... / ... | from division of infinity by infinity | test.c:6:6:6:7 | f1 | f1 | -| test.c:52:3:52:4 | l6 | test.c:28:14:28:20 | ... / ... | test.c:52:3:52:4 | l6 | Possible NaN value $@ flows to comparison, which would always evaluate to false. | test.c:28:14:28:20 | ... / ... | from division of infinity by infinity | test.c:6:6:6:7 | f1 | f1 | -| test.c:53:3:53:4 | l7 | test.c:31:14:32:15 | ... / ... | test.c:53:3:53:4 | l7 | Possible NaN value $@ flows to comparison, which would always evaluate to false. | test.c:31:14:32:15 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:54:3:54:4 | l8 | test.c:33:14:33:22 | ... / ... | test.c:54:3:54:4 | l8 | Possible NaN value $@ flows to comparison, which would always evaluate to false. | test.c:33:14:33:22 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:61:11:61:17 | ... / ... | test.c:61:5:61:18 | ... / ... | test.c:61:5:61:18 | ... / ... | Possible NaN value $@ flows to a cast to integer. | test.c:61:11:61:17 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:66:11:66:19 | ... / ... | test.c:66:5:66:20 | ... / ... | test.c:66:5:66:20 | ... / ... | Possible NaN value $@ flows to a cast to integer. | test.c:66:11:66:19 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:72:20:72:28 | ... / ... | test.c:72:14:72:29 | ... / ... | test.c:72:14:72:29 | ... / ... | Possible NaN value $@ flows to a cast to integer. | test.c:72:20:72:28 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:75:24:75:32 | ... / ... | test.c:75:18:75:33 | ... / ... | test.c:75:18:75:33 | ... / ... | Possible NaN value $@ flows to a cast to integer. | test.c:75:24:75:32 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:126:10:126:12 | l13 | test.c:122:15:122:21 | ... / ... | test.c:126:5:126:12 | l13 | Possible NaN value $@ flows to a cast to integer. | test.c:122:15:122:21 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:132:10:132:12 | l13 | test.c:122:15:122:21 | ... / ... | test.c:132:5:132:12 | l13 | Possible NaN value $@ flows to a cast to integer. | test.c:122:15:122:21 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:138:10:138:12 | l13 | test.c:122:15:122:21 | ... / ... | test.c:138:5:138:12 | l13 | Possible NaN value $@ flows to a cast to integer. | test.c:122:15:122:21 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:144:10:144:12 | l13 | test.c:122:15:122:21 | ... / ... | test.c:144:5:144:12 | l13 | Possible NaN value $@ flows to a cast to integer. | test.c:122:15:122:21 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:148:10:148:12 | l13 | test.c:122:15:122:21 | ... / ... | test.c:148:5:148:12 | l13 | Possible NaN value $@ flows to a cast to integer. | test.c:122:15:122:21 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:155:25:155:27 | l13 | test.c:122:15:122:21 | ... / ... | test.c:155:20:155:27 | l13 | Possible NaN value $@ flows to a cast to integer. | test.c:122:15:122:21 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:157:28:157:30 | l13 | test.c:122:15:122:21 | ... / ... | test.c:157:23:157:30 | l13 | Possible NaN value $@ flows to a cast to integer. | test.c:122:15:122:21 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:158:21:158:23 | l13 | test.c:122:15:122:21 | ... / ... | test.c:158:16:158:23 | l13 | Possible NaN value $@ flows to a cast to integer. | test.c:122:15:122:21 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:166:8:166:10 | call to pow | test.c:166:3:166:18 | call to pow | test.c:166:3:166:18 | call to pow | Possible NaN value $@ flows to a cast to integer. | test.c:166:8:166:10 | call to pow | both arguments are equal to zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:171:8:171:11 | call to acos | test.c:171:3:171:15 | call to acos | test.c:171:3:171:15 | call to acos | Possible NaN value $@ flows to a cast to integer. | test.c:171:8:171:11 | call to acos | the argument has a range -1000000000000000...1000000000000000 which is outside the domain of this function (-1.0...1.0) | test.c:6:6:6:7 | f1 | f1 | -| test.c:175:32:175:32 | p | test.c:190:51:190:59 | ... / ... | test.c:175:27:175:32 | p | Possible NaN value $@ computed in function $@ flows to a cast to integer. | test.c:190:51:190:59 | ... / ... | from division of zero by zero | test.c:190:6:190:24 | addNaNThenCastToInt | addNaNThenCastToInt | -| test.c:175:32:175:32 | p | test.c:195:13:195:21 | ... / ... | test.c:175:27:175:32 | p | Possible NaN value $@ computed in function $@ flows to a cast to integer. | test.c:195:13:195:21 | ... / ... | from division of zero by zero | test.c:192:6:192:7 | f2 | f2 | -| test.c:175:32:175:32 | p | test.c:199:23:199:31 | ... / ... | test.c:175:27:175:32 | p | Possible NaN value $@ computed in function $@ flows to a cast to integer. | test.c:199:23:199:31 | ... / ... | from division of zero by zero | test.c:192:6:192:7 | f2 | f2 | -| test.c:175:32:175:32 | p | test.c:205:19:205:27 | ... / ... | test.c:175:27:175:32 | p | Possible NaN value $@ computed in function $@ flows to a cast to integer. | test.c:205:19:205:27 | ... / ... | from division of zero by zero | test.c:192:6:192:7 | f2 | f2 | -| test.c:185:18:185:18 | p | test.c:201:25:201:33 | ... / ... | test.c:185:13:185:18 | p | Possible NaN value $@ computed in function $@ flows to a cast to integer. | test.c:201:25:201:33 | ... / ... | from division of zero by zero | test.c:192:6:192:7 | f2 | f2 | +subpaths \ No newline at end of file diff --git a/c/common/test/rules/misuseofnanfloatingpointvalue/MisuseOfNaNFloatingPointValue.ql b/c/common/test/rules/misuseofnanfloatingpointvalue/MisuseOfNaNFloatingPointValue.ql new file mode 100644 index 0000000000..a1f729ed02 --- /dev/null +++ b/c/common/test/rules/misuseofnanfloatingpointvalue/MisuseOfNaNFloatingPointValue.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.misuseofnanfloatingpointvalue.MisuseOfNaNFloatingPointValue + +class TestFileQuery extends MisuseOfNaNFloatingPointValueSharedQuery, TestQuery { } diff --git a/c/common/test/rules/misuseofnanfloatingpointvalue/test.c b/c/common/test/rules/misuseofnanfloatingpointvalue/test.c new file mode 100644 index 0000000000..5115727115 --- /dev/null +++ b/c/common/test/rules/misuseofnanfloatingpointvalue/test.c @@ -0,0 +1,212 @@ +#include "math.h" + +float getFloat() { return 1.0; } + +// Parameter could be infinity +void f1(float p1) { + float l1 = 1; + float l2 = 1.0 / 0; + float l3 = -l2; + + 10 / l1; // COMPLIANT + 10 / l2; // COMPLIANT: Underflows to zero + 10 / l3; // COMPLIANT: Underflow to negative zero + 10 / p1; // COMPLIANT: Reduce false positives by assuming not infinity + 10 / getFloat(); // COMPLIANT: Reduce false positives by assuming not infinity + + (int)l1; // COMPLIANT + (int)l2; // COMPLIANT + (int)l3; // COMPLIANT + (int)p1; // COMPLIANT: Reduce false positives by assuming not infinity + (int)getFloat(); // COMPLIANT: Reduce false positives by assuming not infinity + + // Not NaN: + float l4 = l1 / l1; // COMPLIANT + + // NaN because of infinity divided by itself: + float l5 = l2 / l2; // COMPLIANT: Division by infinity not allowed. + float l6 = l3 / l3; // COMPLIANT: Division by infinity not allowed. + + // NaN because of zero divided by itself: + float l7 = getFloat() / + p1; // COMPLIANT: Reduce false positives by assuming not infinity + float l8 = 0.0 / 0.0; + + (int)l4; // COMPLIANT + (int)l5; // NON_COMPLIANT: Casting NaN to int + (int)l6; // NON_COMPLIANT: Casting NaN to int + (int)l7; // NON_COMPLIANT: Casting NaN to int + (int)l8; // NON_COMPLIANT: Casting NaN to int + + l4 == 0; // COMPLIANT + l4 != 0; // COMPLIANT + l4 <= 0; // COMPLIANT + l4 < 0; // COMPLIANT + l4 >= 0; // COMPLIANT + l5 == 0; // NON_COMPLIANT: Comparison with NaN always false + l5 != 0; // NON_COMPLIANT: Comparison with NaN always false + l5 < 0; // NON_COMPLIANT: Comparison with NaN always false + l5 <= 0; // NON_COMPLIANT: Comparison with NaN always false + l5 > 0; // NON_COMPLIANT: Comparison with NaN always false + l5 >= 0; // NON_COMPLIANT: Comparison with NaN always false + l6 == 0; // NON_COMPLIANT: Comparison with NaN always false + l7 == 0; // NON_COMPLIANT: Comparison with NaN always false + l8 == 0; // NON_COMPLIANT: Comparison with NaN always false + + // Guards + float l9 = 0; + if (l9 != 0) { + (int)(l9 / l9); // COMPLIANT: l9 is not zero + } else { + (int)(l9 / l9); // NON_COMPLIANT: Casting NaN to integer + } + + float l10 = 0; + if (l10 == 0) { + (int)(l10 / l10); // NON_COMPLIANT: Casting NaN to integer + } else { + (int)(l10 / l10); // COMPLIANT: Guarded to not be NaN + } + + float l11 = 0; + l11 == 0 ? (int)(l11 / l11) : 0; // NON_COMPLIANT + l11 == 0 ? 0 : (int)(l11 / l11); // COMPLIANT + l11 != 0 ? (int)(l11 / l11) : 0; // COMPLIANT + l11 != 0 ? 0 : (int)(l11 / l11); // NON_COMPLIANT + + float l12 = 1.0 / 0; + if (isinf(l12)) { + (int)l12; // COMPLIANT: Casting Infinity to integer + } else { + (int)l12; // COMPLIANT: Guarded not to be Infinity + } + + if (!isinf(l12)) { + (int)l12; // COMPLIANT: Guarded not to be Infinity + } else { + (int)l12; // COMPLIANT: Casting Infinity to integer + } + + if (isinf(l12) == 1) { + (int)l12; // COMPLIANT: Must be +Infinity + } else { + (int)l12; // COMPLIANT: May be -Infinity + } + + if (isfinite(l12)) { + (int)l12; // COMPLIANT: Guarded not to be Infinity + } else { + (int)l12; // COMPLIANT: Casting Infinity to integer + } + + if (isnormal(l12)) { + (int)l12; // COMPLIANT: Guarded not to be Infinity + } else { + (int)l12; // COMPLIANT: Casting Infinity to integer + } + + if (isnan(l12)) { + (int)l12; // COMPLIANT: Guarded not to be Infinity + } else { + (int)l12; // COMPLIANT: Casting Infinity to integer + } + + isinf(l12) ? (int)l12 : 0; // COMPLIANT: Check on wrong branch + isinf(l12) ? 0 : (int)l12; // COMPLIANT: Checked not infinite before use + isfinite(l12) ? (int)l12 : 0; // COMPLIANT: Checked finite before use + isfinite(l12) ? 0 : (int)l12; // COMPLIANT: Checked on wrong branch + isnan(l12) ? (int)l12 + : 0; // COMPLIANT: Checked NaN, therefore not infinite, before use + isnan(l12) ? 0 : (int)l12; // COMPLIANT: Check on wrong branch + + float l13 = 0.0 / 0; + if (isinf(l13)) { + (int)l13; // COMPLIANT: Guarded not to be NaN + } else { + (int)l13; // NON_COMPLIANT: Casting NaN to integer + } + + if (isinf(l13) == 1) { + (int)l13; // COMPLIANT: Guarded not to be NaN (must be +Infinity) + } else { + (int)l13; // NON_COMPLIANT: Casting NaN to integer + } + + if (isfinite(l13)) { + (int)l13; // COMPLIANT: Guarded not to be NaN + } else { + (int)l13; // NON_COMPLIANT: Casting NaN to integer + } + + if (isnormal(l13)) { + (int)l13; // COMPLIANT: Guarded not to be NaN + } else { + (int)l13; // NON_COMPLIANT: Casting NaN to integer + } + + if (isnan(l13)) { + (int)l13; // NON_COMPLIANT: Casting NaN to integer + } else { + (int)l13; // COMPLIANT: Guarded not to be NaN + } + + isinf(l13) ? (int)l13 + : 0; // COMPLIANT: Checked infinite, therefore not NaN, before use + isinf(l13) ? 0 : (int)l13; // NON_COMPLIANT: Check on wrong branch + isfinite(l13) ? (int)l13 : 0; // COMPLIANT: Checked finite before use + isfinite(l13) ? 0 : (int)l13; // NON_COMPLIANT: Checked on wrong branch + isnan(l13) ? (int)l13 : 0; // NON_COMPLIANT: Check on wrong branch + isnan(l13) ? 0 : (int)l13; // COMPLIANT: Checked not NaN before use + + (int)pow(2, p1); // COMPLIANT: likely to be Infinity + (int)pow(2, sin(p1)); // COMPLIANT: not likely to be Infinity + (int)(1 / + sin(p1)); // COMPLIANT: possible infinity from zero in denominator + (int)(1 / log(p1)); // COMPLIANT: not possibly zero in denominator + (int)pow(p1, p1); // NON_COMPLIANT: NaN if p1 is zero + if (p1 != 0) { + (int)pow(p1, p1); // COMPLIANT: p1 is not zero + } + + (int)acos(p1); // NON_COMPLIANT: NaN if p1 is not within -1..1 + (int)acos(cos(p1)); // COMPLIANT: cos(p1) is within -1..1 +} + +void castToInt(float p) { (int)p; } + +void checkBeforeCastToInt(float p) { + if (isfinite(p)) { + castToInt(p); + } +} + +void castToIntToFloatToInt(float p) { + // This should be reported as a violation, but not downstream from here. + castToInt((int)p); +} + +void addOneThenCastToInt(float p) { castToInt(p + 1); } +void addInfThenCastToInt(float p) { castToInt(p + 1.0 / 0.0); } +void addNaNThenCastToInt(float p) { castToInt(p + 0.0 / 0.0); } + +void f2() { + castToInt(1.0 / + 0.0); // COMPLIANT: Infinity flows to denominator in division + castToInt(0.0 / 0.0); // COMPLIANT: NaN flows to denominator in division + checkBeforeCastToInt(1.0 / 0.0); // COMPLIANT + checkBeforeCastToInt(0.0 / 0.0); // COMPLIANT + addOneThenCastToInt(1.0 / 0.0); // COMPLIANT + addOneThenCastToInt(0.0 / 0.0); // NON_COMPLIANT + castToIntToFloatToInt(1.0 / 0.0); // COMPLIANT + castToIntToFloatToInt(0.0 / 0.0); // NON_COMPLIANT + + // Check that during flow analysis, we only report the true root cause: + float rootInf = 1.0 / 0.0; + float rootNaN = 0.0 / 0.0; + float middleInf = rootInf + 1; + float middleNaN = rootNaN + 1; + castToInt(middleInf); // COMPLIANT + castToInt(middleNaN); // NON_COMPLIANT + addInfThenCastToInt(middleInf); // NON_COMPLIANT + addNaNThenCastToInt(middleNaN); // NON_COMPLIANT +} \ No newline at end of file diff --git a/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.ql b/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.ql index 812e9fe1e2..0294fc6919 100644 --- a/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.ql +++ b/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.ql @@ -13,130 +13,11 @@ */ import cpp -import codeql.util.Boolean import codingstandards.c.misra -import codingstandards.cpp.RestrictedRangeAnalysis -import codingstandards.cpp.FloatingPoint -import codingstandards.cpp.AlertReporting -import semmle.code.cpp.controlflow.Guards -import semmle.code.cpp.dataflow.new.DataFlow -import semmle.code.cpp.dataflow.new.TaintTracking -import semmle.code.cpp.controlflow.Dominance +import codingstandards.cpp.rules.misuseofinfinitefloatingpointvalue.MisuseOfInfiniteFloatingPointValue -module InvalidInfinityUsage implements DataFlow::ConfigSig { - /** - * An operation which does not have Infinity as an input, but may produce Infinity, according - * to the `RestrictedRangeAnalysis` module. - */ - predicate isSource(DataFlow::Node node) { - potentialSource(node) and - not exists(DataFlow::Node prior | - isAdditionalFlowStep(prior, node) and - potentialSource(prior) - ) - } - - /** - * An operation which may produce Infinity acconding to the `RestrictedRangeAnalysis` module. - */ - additional predicate potentialSource(DataFlow::Node node) { - node.asExpr() instanceof Operation and - exprMayEqualInfinity(node.asExpr(), _) - } - - predicate isBarrierOut(DataFlow::Node node) { - guardedNotFPClass(node.asExpr(), TInfinite()) - or - exists(Expr e | - e.getType() instanceof IntegralType and - e = node.asConvertedExpr() - ) - } - - /** - * An additional flow step to handle operations which propagate Infinity. - * - * This double checks that an Infinity may propagate by checking the `RestrictedRangeAnalysis` - * value estimate. This is conservative, since `RestrictedRangeAnalysis` is performed locally - * in scope with unanalyzable values in a finite range. However, this conservative approach - * leverages analysis of guards and other local conditions to avoid false positives. - */ - predicate isAdditionalFlowStep(DataFlow::Node source, DataFlow::Node sink) { - exists(Operation o | - o.getAnOperand() = source.asExpr() and - o = sink.asExpr() and - potentialSource(sink) - ) - } - - predicate isSink(DataFlow::Node node) { - node instanceof InvalidInfinityUsage and - ( - // Require that range analysis finds this value potentially infinite, to avoid false positives - // in the presence of guards. This may induce false negatives. - exprMayEqualInfinity(node.asExpr(), _) - or - // Unanalyzable expressions are not checked against range analysis, which assumes a finite - // range. - not RestrictedRangeAnalysis::canBoundExpr(node.asExpr()) - or - node.asExpr().(VariableAccess).getTarget() instanceof Parameter - ) +class PossibleMisuseOfUndetectedInfinityQuery extends MisuseOfInfiniteFloatingPointValueSharedQuery { + PossibleMisuseOfUndetectedInfinityQuery() { + this = FloatingTypes2Package::possibleMisuseOfUndetectedInfinityQuery() } } - -class InvalidInfinityUsage extends DataFlow::Node { - string description; - - InvalidInfinityUsage() { - // Case 2: NaNs and infinities shall not be cast to integers - exists(Conversion c | - asExpr() = c.getUnconverted() and - c.getExpr().getType() instanceof FloatingPointType and - c.getType() instanceof IntegralType and - description = "cast to integer." - ) - or - // Case 3: Infinities shall not underflow or otherwise produce finite values - exists(BinaryOperation op | - asExpr() = op.getRightOperand() and - op.getOperator() = "/" and - description = "divisor, which would silently underflow and produce zero." - ) - } - - string getDescription() { result = description } -} - -module InvalidInfinityFlow = DataFlow::Global; - -import InvalidInfinityFlow::PathGraph - -from - Element elem, InvalidInfinityFlow::PathNode source, InvalidInfinityFlow::PathNode sink, - InvalidInfinityUsage usage, Expr sourceExpr, string sourceString, Function function, - string computedInFunction -where - elem = MacroUnwrapper::unwrapElement(sink.getNode().asExpr()) and - not InvalidInfinityFlow::PathGraph::edges(_, source, _, _) and - not InvalidInfinityFlow::PathGraph::edges(sink, _, _, _) and - not isExcluded(elem, FloatingTypes2Package::possibleMisuseOfUndetectedInfinityQuery()) and - not sourceExpr.isFromTemplateInstantiation(_) and - not usage.asExpr().isFromTemplateInstantiation(_) and - usage = sink.getNode() and - sourceExpr = source.getNode().asExpr() and - function = sourceExpr.getEnclosingFunction() and - InvalidInfinityFlow::flow(source.getNode(), usage) and - ( - if not sourceExpr.getEnclosingFunction() = usage.asExpr().getEnclosingFunction() - then computedInFunction = "computed in function $@ " - else computedInFunction = "" - ) and - ( - if sourceExpr instanceof DivExpr - then sourceString = "from division by zero" - else sourceString = sourceExpr.toString() - ) -select elem, source, sink, - "Possibly infinite float value $@ " + computedInFunction + "flows to " + usage.getDescription(), - sourceExpr, sourceString, function, function.getName() diff --git a/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql b/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql index e1b6762ada..10bfcafeba 100644 --- a/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql +++ b/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql @@ -13,190 +13,11 @@ */ import cpp -import codeql.util.Boolean import codingstandards.c.misra -import codingstandards.cpp.RestrictedRangeAnalysis -import codingstandards.cpp.FloatingPoint -import codingstandards.cpp.AlertReporting -import semmle.code.cpp.controlflow.Guards -import semmle.code.cpp.dataflow.new.DataFlow -import semmle.code.cpp.dataflow.new.TaintTracking -import semmle.code.cpp.controlflow.Dominance +import codingstandards.cpp.rules.misuseofnanfloatingpointvalue.MisuseOfNaNFloatingPointValue -abstract class PotentiallyNaNExpr extends Expr { - abstract string getReason(); -} - -class DomainErrorFunctionCall extends FunctionCall, PotentiallyNaNExpr { - string reason; - - DomainErrorFunctionCall() { RestrictedDomainError::hasDomainError(this, reason) } - - override string getReason() { result = reason } -} - -// IEEE 754-1985 Section 7.1 invalid operations -class InvalidOperationExpr extends BinaryOperation, PotentiallyNaNExpr { - string reason; - - InvalidOperationExpr() { - // Usual arithmetic conversions in both languages mean that if either operand is a floating - // type, the other one is converted to a floating type as well. - getAnOperand().getFullyConverted().getType() instanceof FloatingPointType and - ( - // 7.1.1 propagates signaling NaNs, we rely on flow analysis and/or assume quiet NaNs, so we - // intentionally do not cover this case. - // 7.1.2: magnitude subtraction of infinities, such as +Inf + -Inf - getOperator() = "+" and - exists(Boolean sign | - exprMayEqualInfinity(getLeftOperand(), sign) and - exprMayEqualInfinity(getRightOperand(), sign.booleanNot()) - ) and - reason = "from addition of infinity and negative infinity" - or - // 7.1.2 continued - getOperator() = "-" and - exists(Boolean sign | - exprMayEqualInfinity(getLeftOperand(), sign) and - exprMayEqualInfinity(getRightOperand(), sign) - ) and - reason = "from subtraction of an infinity from itself" - or - // 7.1.3: multiplication of zero by infinity - getOperator() = "*" and - exists(Expr zeroOp, Expr infinityOp | - zeroOp = getAnOperand() and - infinityOp = getAnOperand() and - not zeroOp = infinityOp and - exprMayEqualZero(zeroOp) and - exprMayEqualInfinity(infinityOp, _) - ) and - reason = "from multiplication of zero by infinity" - or - // 7.1.4: Division of zero by zero, or infinity by infinity - getOperator() = "/" and - exprMayEqualZero(getLeftOperand()) and - exprMayEqualZero(getRightOperand()) and - reason = "from division of zero by zero" - or - // 7.1.4 continued - getOperator() = "/" and - exprMayEqualInfinity(getLeftOperand(), _) and - exprMayEqualInfinity(getRightOperand(), _) and - reason = "from division of infinity by infinity" - or - // 7.1.5: x % y where y is zero or x is infinite - getOperator() = "%" and - exprMayEqualInfinity(getLeftOperand(), _) and - reason = "from modulus of infinity" - or - // 7.1.5 continued - getOperator() = "%" and - exprMayEqualZero(getRightOperand()) and - reason = "from modulus by zero" - // 7.1.6 handles the sqrt function, not covered here. - // 7.1.7 declares exceptions during invalid conversions, which we catch as sinks in our flow - // analysis. - // 7.1.8 declares exceptions for unordered comparisons, which we catch as sinks in our flow - // analysis. - ) - } - - override string getReason() { result = reason } -} - -module InvalidNaNUsage implements DataFlow::ConfigSig { - /** - * An expression which has non-NaN inputs and may produce a NaN output. - */ - predicate isSource(DataFlow::Node node) { - potentialSource(node) and - not exists(DataFlow::Node prior | - isAdditionalFlowStep(prior, node) and - potentialSource(prior) - ) - } - - /** - * An expression which may produce a NaN output. - */ - additional predicate potentialSource(DataFlow::Node node) { - node.asExpr() instanceof PotentiallyNaNExpr - } - - predicate isBarrierOut(DataFlow::Node node) { - guardedNotFPClass(node.asExpr(), TNaN()) - or - exists(Expr e | - e.getType() instanceof IntegralType and - e = node.asConvertedExpr() - ) +class PossibleMisuseOfUndetectedNaNQuery extends MisuseOfNaNFloatingPointValueSharedQuery { + PossibleMisuseOfUndetectedNaNQuery() { + this = FloatingTypes2Package::possibleMisuseOfUndetectedNaNQuery() } - - /** - * Add an additional flow step to handle NaN propagation through floating point operations. - */ - predicate isAdditionalFlowStep(DataFlow::Node source, DataFlow::Node sink) { - exists(Operation o | - o.getAnOperand() = source.asExpr() and - o = sink.asExpr() and - o.getType() instanceof FloatingPointType - ) - } - - predicate isSink(DataFlow::Node node) { - not guardedNotFPClass(node.asExpr(), TNaN()) and - node instanceof InvalidNaNUsage - } -} - -class InvalidNaNUsage extends DataFlow::Node { - string description; - - InvalidNaNUsage() { - // Case 1: NaNs shall not be compared, except to themselves - exists(ComparisonOperation cmp | - this.asExpr() = cmp.getAnOperand() and - not hashCons(cmp.getLeftOperand()) = hashCons(cmp.getRightOperand()) and - description = "comparison, which would always evaluate to false." - ) - or - // Case 2: NaNs and infinities shall not be cast to integers - exists(Conversion c | - this.asExpr() = c.getUnconverted() and - c.getExpr().getType() instanceof FloatingPointType and - c.getType() instanceof IntegralType and - description = "a cast to integer." - ) - } - - string getDescription() { result = description } -} - -module InvalidNaNFlow = DataFlow::Global; - -import InvalidNaNFlow::PathGraph - -from - Element elem, InvalidNaNFlow::PathNode source, InvalidNaNFlow::PathNode sink, - InvalidNaNUsage usage, Expr sourceExpr, string sourceString, Function function, - string computedInFunction -where - not InvalidNaNFlow::PathGraph::edges(_, source, _, _) and - not InvalidNaNFlow::PathGraph::edges(sink, _, _, _) and - not sourceExpr.isFromTemplateInstantiation(_) and - not usage.asExpr().isFromTemplateInstantiation(_) and - elem = MacroUnwrapper::unwrapElement(sink.getNode().asExpr()) and - usage = sink.getNode() and - sourceExpr = source.getNode().asExpr() and - sourceString = source.getNode().asExpr().(PotentiallyNaNExpr).getReason() and - function = sourceExpr.getEnclosingFunction() and - InvalidNaNFlow::flow(source.getNode(), usage) and - ( - if not sourceExpr.getEnclosingFunction() = usage.asExpr().getEnclosingFunction() - then computedInFunction = "computed in function $@ " - else computedInFunction = "" - ) -select elem, source, sink, - "Possible NaN value $@ " + computedInFunction + "flows to " + usage.getDescription(), sourceExpr, - sourceString, function, function.getName() +} \ No newline at end of file diff --git a/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.testref b/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.testref new file mode 100644 index 0000000000..176855a83d --- /dev/null +++ b/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.testref @@ -0,0 +1 @@ +c/common/test/rules/misuseofinfinitefloatingpointvalue/MisuseOfInfiniteFloatingPointValue.ql \ No newline at end of file diff --git a/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.testref b/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.testref new file mode 100644 index 0000000000..7cd2a4d431 --- /dev/null +++ b/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.testref @@ -0,0 +1 @@ +c/common/test/rules/misuseofnanfloatingpointvalue/MisuseOfNaNFloatingPointValue.ql \ No newline at end of file diff --git a/change_notes/2025-04-14-update-infinity-nan-detection.md b/change_notes/2025-04-14-update-infinity-nan-detection.md new file mode 100644 index 0000000000..fe484a37fe --- /dev/null +++ b/change_notes/2025-04-14-update-infinity-nan-detection.md @@ -0,0 +1,4 @@ + - `DIR-4-15` - `PossibleMisuseOfUndetectedInfinity.ql`, `PossibleMisuseOfUndetectedNaN.ql`: + - Add logic to suppress NaNs from the CodeQL extractor in the new restricted range analysis, which can have unexpected downstream effects. + - Alter the behavior of floating point class guards (such as `isinf`, `isfinite`, `isnan`) to more correctly reflect the branches that have been guarded. + - Query files have been moved/refactored to share logic across MISRA-C and MISRA-C++; no observable change in behavior from this is expected. \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/FloatingPoint.qll b/cpp/common/src/codingstandards/cpp/FloatingPoint.qll index f5ff2fefca..cebb9dd29f 100644 --- a/cpp/common/src/codingstandards/cpp/FloatingPoint.qll +++ b/cpp/common/src/codingstandards/cpp/FloatingPoint.qll @@ -325,7 +325,8 @@ predicate guardedNotFPClass(Expr e, FPClassification cls) { hashCons(checked) = hashCons(e) and guard.controls(e, cmpEq) and guard.constrainsFPClass(checked, constraint, cmpEq) and - constraint.mustNotBe(cls) + constraint.mustNotBe(cls) and + not e = checked ) } diff --git a/cpp/common/src/codingstandards/cpp/RestrictedRangeAnalysis.qll b/cpp/common/src/codingstandards/cpp/RestrictedRangeAnalysis.qll index 05290b3aaf..5d955cc117 100644 --- a/cpp/common/src/codingstandards/cpp/RestrictedRangeAnalysis.qll +++ b/cpp/common/src/codingstandards/cpp/RestrictedRangeAnalysis.qll @@ -1093,7 +1093,8 @@ module RestrictedRangeAnalysis { ( // If the expression evaluates to a constant, then there is no // need to call getUpperBoundsImpl. - if exists(getValue(expr).toFloat()) + if exists(getValue(expr).toFloat()) and + not getValue(expr) = "NaN" then result = getValue(expr).toFloat() else ( // Some of the bounds computed by `getUpperBoundsImpl` diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/FloatingPoint.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/FloatingPoint.qll new file mode 100644 index 0000000000..0ff7a07214 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/FloatingPoint.qll @@ -0,0 +1,44 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype FloatingPointQuery = + TPossibleMisuseOfInfiniteFloatingPointValueQuery() or + TPossibleMisuseOfNaNFloatingPointValueQuery() + +predicate isFloatingPointQueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `possibleMisuseOfInfiniteFloatingPointValue` query + FloatingPointPackage::possibleMisuseOfInfiniteFloatingPointValueQuery() and + queryId = + // `@id` for the `possibleMisuseOfInfiniteFloatingPointValue` query + "cpp/misra/possible-misuse-of-infinite-floating-point-value" and + ruleId = "DIR-0-3-1" and + category = "advisory" + or + query = + // `Query` instance for the `possibleMisuseOfNaNFloatingPointValue` query + FloatingPointPackage::possibleMisuseOfNaNFloatingPointValueQuery() and + queryId = + // `@id` for the `possibleMisuseOfNaNFloatingPointValue` query + "cpp/misra/possible-misuse-of-nan-floating-point-value" and + ruleId = "DIR-0-3-1" and + category = "advisory" +} + +module FloatingPointPackage { + Query possibleMisuseOfInfiniteFloatingPointValueQuery() { + //autogenerate `Query` type + result = + // `Query` type for `possibleMisuseOfInfiniteFloatingPointValue` query + TQueryCPP(TFloatingPointPackageQuery(TPossibleMisuseOfInfiniteFloatingPointValueQuery())) + } + + Query possibleMisuseOfNaNFloatingPointValueQuery() { + //autogenerate `Query` type + result = + // `Query` type for `possibleMisuseOfNaNFloatingPointValue` query + TQueryCPP(TFloatingPointPackageQuery(TPossibleMisuseOfNaNFloatingPointValueQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/RuleMetadata.qll index 4a6cbe936b..abd6aeff96 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/RuleMetadata.qll @@ -18,6 +18,7 @@ import ExceptionSafety import Exceptions1 import Exceptions2 import Expressions +import FloatingPoint import Freed import Functions import IO @@ -72,6 +73,7 @@ newtype TCPPQuery = TExceptions1PackageQuery(Exceptions1Query q) or TExceptions2PackageQuery(Exceptions2Query q) or TExpressionsPackageQuery(ExpressionsQuery q) or + TFloatingPointPackageQuery(FloatingPointQuery q) or TFreedPackageQuery(FreedQuery q) or TFunctionsPackageQuery(FunctionsQuery q) or TIOPackageQuery(IOQuery q) or @@ -126,6 +128,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isExceptions1QueryMetadata(query, queryId, ruleId, category) or isExceptions2QueryMetadata(query, queryId, ruleId, category) or isExpressionsQueryMetadata(query, queryId, ruleId, category) or + isFloatingPointQueryMetadata(query, queryId, ruleId, category) or isFreedQueryMetadata(query, queryId, ruleId, category) or isFunctionsQueryMetadata(query, queryId, ruleId, category) or isIOQueryMetadata(query, queryId, ruleId, category) or diff --git a/cpp/common/src/codingstandards/cpp/rules/misuseofinfinitefloatingpointvalue/MisuseOfInfiniteFloatingPointValue.qll b/cpp/common/src/codingstandards/cpp/rules/misuseofinfinitefloatingpointvalue/MisuseOfInfiniteFloatingPointValue.qll new file mode 100644 index 0000000000..eecd349ad7 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/misuseofinfinitefloatingpointvalue/MisuseOfInfiniteFloatingPointValue.qll @@ -0,0 +1,141 @@ +/** + * Provides a library with a `problems` predicate for the following issue: + * Possible misuse of a generate infinite floating point value. + */ + +import cpp +import codeql.util.Boolean +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import codingstandards.cpp.RestrictedRangeAnalysis +import codingstandards.cpp.FloatingPoint +import codingstandards.cpp.AlertReporting +import semmle.code.cpp.controlflow.Guards +import semmle.code.cpp.dataflow.new.DataFlow +import semmle.code.cpp.dataflow.new.TaintTracking +import semmle.code.cpp.controlflow.Dominance + +module InvalidInfinityUsage implements DataFlow::ConfigSig { + /** + * An operation which does not have Infinity as an input, but may produce Infinity, according + * to the `RestrictedRangeAnalysis` module. + */ + predicate isSource(DataFlow::Node node) { + potentialSource(node) and + not exists(DataFlow::Node prior | + isAdditionalFlowStep(prior, node) and + potentialSource(prior) + ) + } + + /** + * An operation which may produce Infinity acconding to the `RestrictedRangeAnalysis` module. + */ + additional predicate potentialSource(DataFlow::Node node) { + node.asExpr() instanceof Operation and + exprMayEqualInfinity(node.asExpr(), _) + } + + predicate isBarrierOut(DataFlow::Node node) { + guardedNotFPClass(node.asExpr(), TInfinite()) + or + exists(Expr e | + e.getType() instanceof IntegralType and + e = node.asConvertedExpr() + ) + } + + /** + * An additional flow step to handle operations which propagate Infinity. + * + * This double checks that an Infinity may propagate by checking the `RestrictedRangeAnalysis` + * value estimate. This is conservative, since `RestrictedRangeAnalysis` is performed locally + * in scope with unanalyzable values in a finite range. However, this conservative approach + * leverages analysis of guards and other local conditions to avoid false positives. + */ + predicate isAdditionalFlowStep(DataFlow::Node source, DataFlow::Node sink) { + exists(Operation o | + o.getAnOperand() = source.asExpr() and + o = sink.asExpr() and + potentialSource(sink) + ) + } + + predicate isSink(DataFlow::Node node) { + node instanceof InvalidInfinityUsage and + ( + // Require that range analysis finds this value potentially infinite, to avoid false positives + // in the presence of guards. This may induce false negatives. + exprMayEqualInfinity(node.asExpr(), _) + or + // Unanalyzable expressions are not checked against range analysis, which assumes a finite + // range. + not RestrictedRangeAnalysis::canBoundExpr(node.asExpr()) + or + node.asExpr().(VariableAccess).getTarget() instanceof Parameter + ) + } +} + +class InvalidInfinityUsage extends DataFlow::Node { + string description; + + InvalidInfinityUsage() { + // Case 2: NaNs and infinities shall not be cast to integers + exists(Conversion c | + asExpr() = c.getUnconverted() and + c.getExpr().getType() instanceof FloatingPointType and + c.getType() instanceof IntegralType and + description = "cast to integer." + ) + or + // Case 3: Infinities shall not underflow or otherwise produce finite values + exists(BinaryOperation op | + asExpr() = op.getRightOperand() and + op.getOperator() = "/" and + description = "divisor, which would silently underflow and produce zero." + ) + } + + string getDescription() { result = description } +} + +module InvalidInfinityFlow = DataFlow::Global; + +import InvalidInfinityFlow::PathGraph + +abstract class MisuseOfInfiniteFloatingPointValueSharedQuery extends Query { } + +Query getQuery() { result instanceof MisuseOfInfiniteFloatingPointValueSharedQuery } + +query predicate problems( + Element elem, InvalidInfinityFlow::PathNode source, InvalidInfinityFlow::PathNode sink, + string message, Expr sourceExpr, string sourceString, Function function, string functionName +) { + not isExcluded(elem, getQuery()) and + exists(InvalidInfinityUsage usage, string computedInFunction | + elem = MacroUnwrapper::unwrapElement(sink.getNode().asExpr()) and + not InvalidInfinityFlow::PathGraph::edges(_, source, _, _) and + not InvalidInfinityFlow::PathGraph::edges(sink, _, _, _) and + not sourceExpr.isFromTemplateInstantiation(_) and + not usage.asExpr().isFromTemplateInstantiation(_) and + usage = sink.getNode() and + sourceExpr = source.getNode().asExpr() and + function = sourceExpr.getEnclosingFunction() and + InvalidInfinityFlow::flow(source.getNode(), usage) and + ( + if not sourceExpr.getEnclosingFunction() = usage.asExpr().getEnclosingFunction() + then computedInFunction = "computed in function $@ " + else computedInFunction = "" + ) and + ( + if sourceExpr instanceof DivExpr + then sourceString = "from division by zero" + else sourceString = sourceExpr.toString() + ) and + message = + "Possibly infinite float value $@ " + computedInFunction + "flows to " + + usage.getDescription() and + functionName = function.getName() + ) +} diff --git a/cpp/common/src/codingstandards/cpp/rules/misuseofnanfloatingpointvalue/MisuseOfNaNFloatingPointValue.qll b/cpp/common/src/codingstandards/cpp/rules/misuseofnanfloatingpointvalue/MisuseOfNaNFloatingPointValue.qll new file mode 100644 index 0000000000..19ec4e1986 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/misuseofnanfloatingpointvalue/MisuseOfNaNFloatingPointValue.qll @@ -0,0 +1,201 @@ +/** + * Provides a library with a `problems` predicate for the following issue: + * Possible mishandling of an undetected NaN value produced by a floating point + * operation. + */ + +import cpp +import codeql.util.Boolean +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import codingstandards.cpp.RestrictedRangeAnalysis +import codingstandards.cpp.FloatingPoint +import codingstandards.cpp.AlertReporting +import semmle.code.cpp.controlflow.Guards +import semmle.code.cpp.dataflow.new.DataFlow +import semmle.code.cpp.dataflow.new.TaintTracking +import semmle.code.cpp.controlflow.Dominance + +abstract class PotentiallyNaNExpr extends Expr { + abstract string getReason(); +} + +class DomainErrorFunctionCall extends FunctionCall, PotentiallyNaNExpr { + string reason; + + DomainErrorFunctionCall() { RestrictedDomainError::hasDomainError(this, reason) } + + override string getReason() { result = reason } +} + +// IEEE 754-1985 Section 7.1 invalid operations +class InvalidOperationExpr extends BinaryOperation, PotentiallyNaNExpr { + string reason; + + InvalidOperationExpr() { + // Usual arithmetic conversions in both languages mean that if either operand is a floating + // type, the other one is converted to a floating type as well. + getAnOperand().getFullyConverted().getType() instanceof FloatingPointType and + ( + // 7.1.1 propagates signaling NaNs, we rely on flow analysis and/or assume quiet NaNs, so we + // intentionally do not cover this case. + // 7.1.2: magnitude subtraction of infinities, such as +Inf + -Inf + getOperator() = "+" and + exists(Boolean sign | + exprMayEqualInfinity(getLeftOperand(), sign) and + exprMayEqualInfinity(getRightOperand(), sign.booleanNot()) + ) and + reason = "from addition of infinity and negative infinity" + or + // 7.1.2 continued + getOperator() = "-" and + exists(Boolean sign | + exprMayEqualInfinity(getLeftOperand(), sign) and + exprMayEqualInfinity(getRightOperand(), sign) + ) and + reason = "from subtraction of an infinity from itself" + or + // 7.1.3: multiplication of zero by infinity + getOperator() = "*" and + exists(Expr zeroOp, Expr infinityOp | + zeroOp = getAnOperand() and + infinityOp = getAnOperand() and + not zeroOp = infinityOp and + exprMayEqualZero(zeroOp) and + exprMayEqualInfinity(infinityOp, _) + ) and + reason = "from multiplication of zero by infinity" + or + // 7.1.4: Division of zero by zero, or infinity by infinity + getOperator() = "/" and + exprMayEqualZero(getLeftOperand()) and + exprMayEqualZero(getRightOperand()) and + reason = "from division of zero by zero" + or + // 7.1.4 continued + getOperator() = "/" and + exprMayEqualInfinity(getLeftOperand(), _) and + exprMayEqualInfinity(getRightOperand(), _) and + reason = "from division of infinity by infinity" + or + // 7.1.5: x % y where y is zero or x is infinite + getOperator() = "%" and + exprMayEqualInfinity(getLeftOperand(), _) and + reason = "from modulus of infinity" + or + // 7.1.5 continued + getOperator() = "%" and + exprMayEqualZero(getRightOperand()) and + reason = "from modulus by zero" + // 7.1.6 handles the sqrt function, not covered here. + // 7.1.7 declares exceptions during invalid conversions, which we catch as sinks in our flow + // analysis. + // 7.1.8 declares exceptions for unordered comparisons, which we catch as sinks in our flow + // analysis. + ) + } + + override string getReason() { result = reason } +} + +module InvalidNaNUsage implements DataFlow::ConfigSig { + /** + * An expression which has non-NaN inputs and may produce a NaN output. + */ + predicate isSource(DataFlow::Node node) { + potentialSource(node) and + not exists(DataFlow::Node prior | + isAdditionalFlowStep(prior, node) and + potentialSource(prior) + ) + } + + /** + * An expression which may produce a NaN output. + */ + additional predicate potentialSource(DataFlow::Node node) { + node.asExpr() instanceof PotentiallyNaNExpr + } + + predicate isBarrierOut(DataFlow::Node node) { + guardedNotFPClass(node.asExpr(), TNaN()) + or + exists(Expr e | + e.getType() instanceof IntegralType and + e = node.asConvertedExpr() + ) + } + + /** + * Add an additional flow step to handle NaN propagation through floating point operations. + */ + predicate isAdditionalFlowStep(DataFlow::Node source, DataFlow::Node sink) { + exists(Operation o | + o.getAnOperand() = source.asExpr() and + o = sink.asExpr() and + o.getType() instanceof FloatingPointType + ) + } + + predicate isSink(DataFlow::Node node) { + not guardedNotFPClass(node.asExpr(), TNaN()) and + node instanceof InvalidNaNUsage + } +} + +class InvalidNaNUsage extends DataFlow::Node { + string description; + + InvalidNaNUsage() { + // Case 1: NaNs shall not be compared, except to themselves + exists(ComparisonOperation cmp | + this.asExpr() = cmp.getAnOperand() and + not hashCons(cmp.getLeftOperand()) = hashCons(cmp.getRightOperand()) and + description = "comparison, which would always evaluate to false." + ) + or + // Case 2: NaNs and infinities shall not be cast to integers + exists(Conversion c | + this.asExpr() = c.getUnconverted() and + c.getExpr().getType() instanceof FloatingPointType and + c.getType() instanceof IntegralType and + description = "a cast to integer." + ) + } + + string getDescription() { result = description } +} + +module InvalidNaNFlow = DataFlow::Global; + +import InvalidNaNFlow::PathGraph + +abstract class MisuseOfNaNFloatingPointValueSharedQuery extends Query { } + +Query getQuery() { result instanceof MisuseOfNaNFloatingPointValueSharedQuery } + +query predicate problems( + Element elem, InvalidNaNFlow::PathNode source, InvalidNaNFlow::PathNode sink, string message, + Expr sourceExpr, string sourceString, Function function, string functionName +) { + not isExcluded(elem, getQuery()) and + exists(InvalidNaNUsage usage, string computedInFunction | + not InvalidNaNFlow::PathGraph::edges(_, source, _, _) and + not InvalidNaNFlow::PathGraph::edges(sink, _, _, _) and + not sourceExpr.isFromTemplateInstantiation(_) and + not usage.asExpr().isFromTemplateInstantiation(_) and + elem = MacroUnwrapper::unwrapElement(sink.getNode().asExpr()) and + usage = sink.getNode() and + sourceExpr = source.getNode().asExpr() and + sourceString = source.getNode().asExpr().(PotentiallyNaNExpr).getReason() and + function = sourceExpr.getEnclosingFunction() and + InvalidNaNFlow::flow(source.getNode(), usage) and + ( + if not sourceExpr.getEnclosingFunction() = usage.asExpr().getEnclosingFunction() + then computedInFunction = "computed in function $@ " + else computedInFunction = "" + ) and + message = "Possible NaN value $@ " + computedInFunction + "flows to " + usage.getDescription() and + functionName = function.getName() + ) +} diff --git a/cpp/common/test/includes/standard-library/cmath b/cpp/common/test/includes/standard-library/cmath index e69de29bb2..9f3fffda8d 100644 --- a/cpp/common/test/includes/standard-library/cmath +++ b/cpp/common/test/includes/standard-library/cmath @@ -0,0 +1,19 @@ +namespace std { +#include + +int isinf(float x); +int isinf(double x); +int isinf(long double x); +bool isfinite(float x); +bool isfinite(double x); +bool isfinite(long double x); +bool isnan(float x); +bool isnan(double x); +bool isnan(long double x); +bool isnormal(float x); +bool isnormal(double x); +bool isnormal(long double x); +int fpclassify(float x); +int fpclassify(double x); +int fpclassify(long double x); +} \ No newline at end of file diff --git a/cpp/common/test/includes/standard-library/math.h b/cpp/common/test/includes/standard-library/math.h index 460c0a9c2f..7ff0ef8357 100644 --- a/cpp/common/test/includes/standard-library/math.h +++ b/cpp/common/test/includes/standard-library/math.h @@ -17,6 +17,9 @@ long double acoshl(long double x); double atanh(double x); float atanhf(float x); long double atanhl(long double x); +float cos(float x); +double cos(double x); +long double cos(long double x); double fmod(double x, double y); float fmodf(float x, float y); long double fmodl(long double x, long double y); @@ -47,6 +50,9 @@ long double logbl(long double x); double pow(double x, double y); float powf(float x, float y); long double powl(long double x, long double y); +float sin(float x); +double sin(double x); +long double sin(long double x); double sqrt(double x); float sqrtf(float x); long double sqrtl(long double x); diff --git a/cpp/common/test/rules/misuseofinfinitefloatingpointvalue/MisuseOfInfiniteFloatingPointValue.expected b/cpp/common/test/rules/misuseofinfinitefloatingpointvalue/MisuseOfInfiniteFloatingPointValue.expected new file mode 100644 index 0000000000..6624187d42 --- /dev/null +++ b/cpp/common/test/rules/misuseofinfinitefloatingpointvalue/MisuseOfInfiniteFloatingPointValue.expected @@ -0,0 +1,113 @@ +problems +| test.cpp:12:8:12:9 | l2 | test.cpp:8:14:8:20 | ... / ... | test.cpp:12:8:12:9 | l2 | Possibly infinite float value $@ flows to divisor, which would silently underflow and produce zero. | test.cpp:8:14:8:20 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:13:8:13:9 | l3 | test.cpp:8:14:8:20 | ... / ... | test.cpp:13:8:13:9 | l3 | Possibly infinite float value $@ flows to divisor, which would silently underflow and produce zero. | test.cpp:8:14:8:20 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:18:20:18:21 | l2 | test.cpp:8:14:8:20 | ... / ... | test.cpp:18:3:18:22 | l2 | Possibly infinite float value $@ flows to cast to integer. | test.cpp:8:14:8:20 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:19:20:19:21 | l3 | test.cpp:8:14:8:20 | ... / ... | test.cpp:19:3:19:22 | l3 | Possibly infinite float value $@ flows to cast to integer. | test.cpp:8:14:8:20 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:27:19:27:20 | l2 | test.cpp:8:14:8:20 | ... / ... | test.cpp:27:19:27:20 | l2 | Possibly infinite float value $@ flows to divisor, which would silently underflow and produce zero. | test.cpp:8:14:8:20 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:28:19:28:20 | l3 | test.cpp:8:14:8:20 | ... / ... | test.cpp:28:19:28:20 | l3 | Possibly infinite float value $@ flows to divisor, which would silently underflow and produce zero. | test.cpp:8:14:8:20 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:38:20:38:21 | l7 | test.cpp:31:14:32:15 | ... / ... | test.cpp:38:3:38:22 | l7 | Possibly infinite float value $@ flows to cast to integer. | test.cpp:31:14:32:15 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:61:22:61:28 | ... / ... | test.cpp:61:5:61:29 | ... / ... | test.cpp:61:5:61:29 | ... / ... | Possibly infinite float value $@ flows to cast to integer. | test.cpp:61:22:61:28 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:66:22:66:30 | ... / ... | test.cpp:66:5:66:31 | ... / ... | test.cpp:66:5:66:31 | ... / ... | Possibly infinite float value $@ flows to cast to integer. | test.cpp:66:22:66:30 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:72:31:72:39 | ... / ... | test.cpp:72:14:72:40 | ... / ... | test.cpp:72:14:72:40 | ... / ... | Possibly infinite float value $@ flows to cast to integer. | test.cpp:72:31:72:39 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:75:35:75:43 | ... / ... | test.cpp:75:18:75:44 | ... / ... | test.cpp:75:18:75:44 | ... / ... | Possibly infinite float value $@ flows to cast to integer. | test.cpp:75:35:75:43 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:79:22:79:24 | l12 | test.cpp:77:15:77:21 | ... / ... | test.cpp:79:5:79:25 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.cpp:77:15:77:21 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:87:22:87:24 | l12 | test.cpp:77:15:77:21 | ... / ... | test.cpp:87:5:87:25 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.cpp:77:15:77:21 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:91:22:91:24 | l12 | test.cpp:77:15:77:21 | ... / ... | test.cpp:91:5:91:25 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.cpp:77:15:77:21 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:93:22:93:24 | l12 | test.cpp:77:15:77:21 | ... / ... | test.cpp:93:5:93:25 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.cpp:77:15:77:21 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:99:22:99:24 | l12 | test.cpp:77:15:77:21 | ... / ... | test.cpp:99:5:99:25 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.cpp:77:15:77:21 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:105:22:105:24 | l12 | test.cpp:77:15:77:21 | ... / ... | test.cpp:105:5:105:25 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.cpp:77:15:77:21 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:111:22:111:24 | l12 | test.cpp:77:15:77:21 | ... / ... | test.cpp:111:5:111:25 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.cpp:77:15:77:21 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:114:38:114:40 | l12 | test.cpp:77:15:77:21 | ... / ... | test.cpp:114:21:114:41 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.cpp:77:15:77:21 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:117:45:117:47 | l12 | test.cpp:77:15:77:21 | ... / ... | test.cpp:117:28:117:48 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.cpp:77:15:77:21 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:120:42:120:44 | l12 | test.cpp:77:15:77:21 | ... / ... | test.cpp:120:25:120:45 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.cpp:77:15:77:21 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:163:20:164:20 | ... / ... | test.cpp:163:3:164:21 | ... / ... | test.cpp:163:3:164:21 | ... / ... | Possibly infinite float value $@ flows to cast to integer. | test.cpp:163:20:164:20 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:175:44:175:44 | p | test.cpp:189:51:189:59 | ... / ... | test.cpp:175:27:175:45 | p | Possibly infinite float value $@ computed in function $@ flows to cast to integer. | test.cpp:189:51:189:59 | ... / ... | from division by zero | test.cpp:189:6:189:24 | addInfThenCastToInt | addInfThenCastToInt | +| test.cpp:175:44:175:44 | p | test.cpp:193:13:194:15 | ... / ... | test.cpp:175:27:175:45 | p | Possibly infinite float value $@ computed in function $@ flows to cast to integer. | test.cpp:193:13:194:15 | ... / ... | from division by zero | test.cpp:192:6:192:7 | f2 | f2 | +| test.cpp:175:44:175:44 | p | test.cpp:204:19:204:27 | ... / ... | test.cpp:175:27:175:45 | p | Possibly infinite float value $@ computed in function $@ flows to cast to integer. | test.cpp:204:19:204:27 | ... / ... | from division by zero | test.cpp:192:6:192:7 | f2 | f2 | +| test.cpp:185:30:185:30 | p | test.cpp:200:25:200:33 | ... / ... | test.cpp:185:13:185:31 | p | Possibly infinite float value $@ computed in function $@ flows to cast to integer. | test.cpp:200:25:200:33 | ... / ... | from division by zero | test.cpp:192:6:192:7 | f2 | f2 | +edges +| test.cpp:8:14:8:20 | ... / ... | test.cpp:8:14:8:20 | ... / ... | provenance | | +| test.cpp:8:14:8:20 | ... / ... | test.cpp:9:14:9:16 | - ... | provenance | Config | +| test.cpp:8:14:8:20 | ... / ... | test.cpp:12:8:12:9 | l2 | provenance | | +| test.cpp:8:14:8:20 | ... / ... | test.cpp:18:3:18:22 | l2 | provenance | | +| test.cpp:8:14:8:20 | ... / ... | test.cpp:27:19:27:20 | l2 | provenance | | +| test.cpp:9:14:9:16 | - ... | test.cpp:9:14:9:16 | - ... | provenance | | +| test.cpp:9:14:9:16 | - ... | test.cpp:13:8:13:9 | l3 | provenance | | +| test.cpp:9:14:9:16 | - ... | test.cpp:19:3:19:22 | l3 | provenance | | +| test.cpp:9:14:9:16 | - ... | test.cpp:28:19:28:20 | l3 | provenance | | +| test.cpp:31:14:32:15 | ... / ... | test.cpp:31:14:32:15 | ... / ... | provenance | | +| test.cpp:31:14:32:15 | ... / ... | test.cpp:38:3:38:22 | l7 | provenance | | +| test.cpp:77:15:77:21 | ... / ... | test.cpp:77:15:77:21 | ... / ... | provenance | | +| test.cpp:77:15:77:21 | ... / ... | test.cpp:79:5:79:25 | l12 | provenance | | +| test.cpp:77:15:77:21 | ... / ... | test.cpp:87:5:87:25 | l12 | provenance | | +| test.cpp:77:15:77:21 | ... / ... | test.cpp:91:5:91:25 | l12 | provenance | | +| test.cpp:77:15:77:21 | ... / ... | test.cpp:93:5:93:25 | l12 | provenance | | +| test.cpp:77:15:77:21 | ... / ... | test.cpp:99:5:99:25 | l12 | provenance | | +| test.cpp:77:15:77:21 | ... / ... | test.cpp:105:5:105:25 | l12 | provenance | | +| test.cpp:77:15:77:21 | ... / ... | test.cpp:111:5:111:25 | l12 | provenance | | +| test.cpp:77:15:77:21 | ... / ... | test.cpp:114:21:114:41 | l12 | provenance | | +| test.cpp:77:15:77:21 | ... / ... | test.cpp:117:28:117:48 | l12 | provenance | | +| test.cpp:77:15:77:21 | ... / ... | test.cpp:120:25:120:45 | l12 | provenance | | +| test.cpp:175:22:175:22 | p | test.cpp:175:27:175:45 | p | provenance | | +| test.cpp:183:34:183:34 | p | test.cpp:185:13:185:31 | p | provenance | | +| test.cpp:189:32:189:32 | p | test.cpp:189:47:189:59 | ... + ... | provenance | Config | +| test.cpp:189:47:189:59 | ... + ... | test.cpp:175:22:175:22 | p | provenance | | +| test.cpp:189:47:189:59 | ... + ... | test.cpp:175:22:175:22 | p | provenance | | +| test.cpp:189:51:189:59 | ... / ... | test.cpp:189:47:189:59 | ... + ... | provenance | Config | +| test.cpp:193:13:194:15 | ... / ... | test.cpp:175:22:175:22 | p | provenance | | +| test.cpp:200:25:200:33 | ... / ... | test.cpp:183:34:183:34 | p | provenance | | +| test.cpp:204:19:204:27 | ... / ... | test.cpp:204:19:204:27 | ... / ... | provenance | | +| test.cpp:204:19:204:27 | ... / ... | test.cpp:206:21:206:31 | ... + ... | provenance | Config | +| test.cpp:206:21:206:31 | ... + ... | test.cpp:206:21:206:31 | ... + ... | provenance | | +| test.cpp:206:21:206:31 | ... + ... | test.cpp:208:13:208:21 | middleInf | provenance | | +| test.cpp:206:21:206:31 | ... + ... | test.cpp:210:23:210:31 | middleInf | provenance | | +| test.cpp:208:13:208:21 | middleInf | test.cpp:175:22:175:22 | p | provenance | | +| test.cpp:210:23:210:31 | middleInf | test.cpp:189:32:189:32 | p | provenance | | +nodes +| test.cpp:8:14:8:20 | ... / ... | semmle.label | ... / ... | +| test.cpp:8:14:8:20 | ... / ... | semmle.label | ... / ... | +| test.cpp:9:14:9:16 | - ... | semmle.label | - ... | +| test.cpp:9:14:9:16 | - ... | semmle.label | - ... | +| test.cpp:12:8:12:9 | l2 | semmle.label | l2 | +| test.cpp:13:8:13:9 | l3 | semmle.label | l3 | +| test.cpp:18:3:18:22 | l2 | semmle.label | l2 | +| test.cpp:19:3:19:22 | l3 | semmle.label | l3 | +| test.cpp:27:19:27:20 | l2 | semmle.label | l2 | +| test.cpp:28:19:28:20 | l3 | semmle.label | l3 | +| test.cpp:31:14:32:15 | ... / ... | semmle.label | ... / ... | +| test.cpp:31:14:32:15 | ... / ... | semmle.label | ... / ... | +| test.cpp:38:3:38:22 | l7 | semmle.label | l7 | +| test.cpp:61:5:61:29 | ... / ... | semmle.label | ... / ... | +| test.cpp:66:5:66:31 | ... / ... | semmle.label | ... / ... | +| test.cpp:72:14:72:40 | ... / ... | semmle.label | ... / ... | +| test.cpp:75:18:75:44 | ... / ... | semmle.label | ... / ... | +| test.cpp:77:15:77:21 | ... / ... | semmle.label | ... / ... | +| test.cpp:77:15:77:21 | ... / ... | semmle.label | ... / ... | +| test.cpp:79:5:79:25 | l12 | semmle.label | l12 | +| test.cpp:87:5:87:25 | l12 | semmle.label | l12 | +| test.cpp:91:5:91:25 | l12 | semmle.label | l12 | +| test.cpp:93:5:93:25 | l12 | semmle.label | l12 | +| test.cpp:99:5:99:25 | l12 | semmle.label | l12 | +| test.cpp:105:5:105:25 | l12 | semmle.label | l12 | +| test.cpp:111:5:111:25 | l12 | semmle.label | l12 | +| test.cpp:114:21:114:41 | l12 | semmle.label | l12 | +| test.cpp:117:28:117:48 | l12 | semmle.label | l12 | +| test.cpp:120:25:120:45 | l12 | semmle.label | l12 | +| test.cpp:163:3:164:21 | ... / ... | semmle.label | ... / ... | +| test.cpp:175:22:175:22 | p | semmle.label | p | +| test.cpp:175:27:175:45 | p | semmle.label | p | +| test.cpp:183:34:183:34 | p | semmle.label | p | +| test.cpp:185:13:185:31 | p | semmle.label | p | +| test.cpp:189:32:189:32 | p | semmle.label | p | +| test.cpp:189:47:189:59 | ... + ... | semmle.label | ... + ... | +| test.cpp:189:47:189:59 | ... + ... | semmle.label | ... + ... | +| test.cpp:189:51:189:59 | ... / ... | semmle.label | ... / ... | +| test.cpp:193:13:194:15 | ... / ... | semmle.label | ... / ... | +| test.cpp:200:25:200:33 | ... / ... | semmle.label | ... / ... | +| test.cpp:204:19:204:27 | ... / ... | semmle.label | ... / ... | +| test.cpp:204:19:204:27 | ... / ... | semmle.label | ... / ... | +| test.cpp:206:21:206:31 | ... + ... | semmle.label | ... + ... | +| test.cpp:206:21:206:31 | ... + ... | semmle.label | ... + ... | +| test.cpp:208:13:208:21 | middleInf | semmle.label | middleInf | +| test.cpp:210:23:210:31 | middleInf | semmle.label | middleInf | +subpaths diff --git a/cpp/common/test/rules/misuseofinfinitefloatingpointvalue/MisuseOfInfiniteFloatingPointValue.ql b/cpp/common/test/rules/misuseofinfinitefloatingpointvalue/MisuseOfInfiniteFloatingPointValue.ql new file mode 100644 index 0000000000..f0d160a650 --- /dev/null +++ b/cpp/common/test/rules/misuseofinfinitefloatingpointvalue/MisuseOfInfiniteFloatingPointValue.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.misuseofinfinitefloatingpointvalue.MisuseOfInfiniteFloatingPointValue + +class TestFileQuery extends MisuseOfInfiniteFloatingPointValueSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/misuseofinfinitefloatingpointvalue/test.cpp b/cpp/common/test/rules/misuseofinfinitefloatingpointvalue/test.cpp new file mode 100644 index 0000000000..e9067d8ce7 --- /dev/null +++ b/cpp/common/test/rules/misuseofinfinitefloatingpointvalue/test.cpp @@ -0,0 +1,212 @@ +#include + +float getFloat() { return 1.0; } + +// Parameter could be infinity +void f1(float p1) { + float l1 = 1; + float l2 = 1.0 / 0; + float l3 = -l2; + + 10 / l1; // COMPLIANT + 10 / l2; // NON_COMPLIANT: Underflows to zero + 10 / l3; // NON_COMPLIANT: Underflow to negative zero + 10 / p1; // COMPLIANT: Reduce false positives by assuming not infinity + 10 / getFloat(); // COMPLIANT: Reduce false positives by assuming not infinity + + static_cast(l1); // COMPLIANT + static_cast(l2); // NON_COMPLIANT + static_cast(l3); // NON_COMPLIANT + static_cast(p1); // COMPLIANT: Reduce false positives by assuming not infinity + static_cast(getFloat()); // COMPLIANT: Reduce false positives by assuming not infinity + + // Not NaN: + float l4 = l1 / l1; // COMPLIANT + + // NaN because of infinity divided by itself: + float l5 = l2 / l2; // NON_COMPLIANT: Division by infinity not allowed. + float l6 = l3 / l3; // NON_COMPLIANT: Division by infinity not allowed. + + // NaN because of zero divided by itself: + float l7 = getFloat() / + p1; // COMPLIANT: Reduce false positives by assuming not infinity + float l8 = 0.0 / 0.0; + + static_cast(l4); // COMPLIANT + static_cast(l5); // COMPLIANT: Casting NaN to int + static_cast(l6); // COMPLIANT: Casting NaN to int + static_cast(l7); // NON_COMPLIANT: Casting Infinity to int + static_cast(l8); // COMPLIANT: Casting NaN to int + + l4 == 0; // COMPLIANT + l4 != 0; // COMPLIANT + l4 <= 0; // COMPLIANT + l4 < 0; // COMPLIANT + l4 >= 0; // COMPLIANT + l5 == 0; // NON_COMPLIANT: Comparison with NaN always false + l5 != 0; // NON_COMPLIANT: Comparison with NaN always false + l5 < 0; // NON_COMPLIANT: Comparison with NaN always false + l5 <= 0; // NON_COMPLIANT: Comparison with NaN always false + l5 > 0; // NON_COMPLIANT: Comparison with NaN always false + l5 >= 0; // NON_COMPLIANT: Comparison with NaN always false + l6 == 0; // NON_COMPLIANT: Comparison with NaN always false + l7 == 0; // NON_COMPLIANT: Comparison with NaN always false + l8 == 0; // NON_COMPLIANT: Comparison with NaN always false + + // Guards + float l9 = 0; + if (l9 != 0) { + static_cast(l9 / l9); // COMPLIANT: l9 is not zero + } else { + static_cast(l9 / l9); // NON_COMPLIANT[False positive]: Guarded to not be NaN + } + + float l10 = 0; + if (l10 == 0) { + static_cast(l10 / l10); // NON_COMPLIANT[False positive]: Casting NaN to integer + } else { + static_cast(l10 / l10); // COMPLIANT: Guarded to not be NaN + } + + float l11 = 0; + l11 == 0 ? static_cast(l11 / l11) : 0; // NON_COMPLIANT[False positive] + l11 == 0 ? 0 : static_cast(l11 / l11); // COMPLIANT + l11 != 0 ? static_cast(l11 / l11) : 0; // COMPLIANT + l11 != 0 ? 0 : static_cast(l11 / l11); // NON_COMPLIANT[False positive] + + float l12 = 1.0 / 0; + if (std::isinf(l12)) { + static_cast(l12); // NON_COMPLIANT: Casting Infinity to integer + } else { + static_cast(l12); // COMPLIANT: Guarded not to be Infinity + } + + if (!std::isinf(l12)) { + static_cast(l12); // COMPLIANT: Guarded not to be Infinity + } else { + static_cast(l12); // NON_COMPLIANT: Casting Infinity to integer + } + + if (std::isinf(l12) == 1) { + static_cast(l12); // NON_COMPLIANT: Must be +Infinity + } else { + static_cast(l12); // NON_COMPLIANT: May be -Infinity + } + + if (std::isfinite(l12)) { + static_cast(l12); // COMPLIANT: Guarded not to be Infinity + } else { + static_cast(l12); // NON_COMPLIANT: Casting Infinity to integer + } + + if (std::isnormal(l12)) { + static_cast(l12); // COMPLIANT: Guarded not to be Infinity + } else { + static_cast(l12); // NON_COMPLIANT: Casting Infinity to integer + } + + if (std::isnan(l12)) { + static_cast(l12); // COMPLIANT: Guarded not to be Infinity + } else { + static_cast(l12); // NON_COMPLIANT: Casting Infinity to integer + } + + std::isinf(l12) ? static_cast(l12) : 0; // NON_COMPLIANT: Check on wrong branch + std::isinf(l12) ? 0 : static_cast(l12); // COMPLIANT: Checked not infinite before use + std::isfinite(l12) ? static_cast(l12) : 0; // COMPLIANT: Checked finite before use + std::isfinite(l12) ? 0 : static_cast(l12); // NON_COMPLIANT: Checked on wrong branch + std::isnan(l12) ? static_cast(l12) + : 0; // COMPLIANT: Checked NaN, therefore not infinite, before use + std::isnan(l12) ? 0 : static_cast(l12); // NON_COMPLIANT: Check on wrong branch + + float l13 = 0.0 / 0; + if (std::isinf(l13)) { + static_cast(l13); // COMPLIANT: Guarded not to be NaN + } else { + static_cast(l13); // COMPLIANT: Casting NaN to integer + } + + if (std::isinf(l13) == 1) { + static_cast(l13); // COMPLIANT: Guarded not to be NaN (must be +Infinity) + } else { + static_cast(l13); // COMPLIANT: Casting NaN to integer + } + + if (std::isfinite(l13)) { + static_cast(l13); // COMPLIANT: Guarded not to be NaN + } else { + static_cast(l13); // COMPLIANT: Casting NaN to integer + } + + if (std::isnormal(l13)) { + static_cast(l13); // COMPLIANT: Guarded not to be NaN + } else { + static_cast(l13); // COMPLIANT: Casting NaN to integer + } + + if (std::isnan(l13)) { + static_cast(l13); // COMPLIANT: Casting NaN to integer + } else { + static_cast(l13); // COMPLIANT: Guarded not to be NaN + } + + std::isinf(l13) ? static_cast(l13) + : 0; // COMPLIANT: Checked infinite, therefore not NaN, before use + std::isinf(l13) ? 0 : static_cast(l13); // COMPLIANT: Check on wrong branch + std::isfinite(l13) ? static_cast(l13) : 0; // COMPLIANT: Checked finite before use + std::isfinite(l13) ? 0 : static_cast(l13); // COMPLIANT: Checked on wrong branch + std::isnan(l13) ? static_cast(l13) : 0; // COMPLIANT: Check on wrong branch + std::isnan(l13) ? 0 : static_cast(l13); // COMPLIANT: Checked not NaN before use + + static_cast(std::pow(2, p1)); // NON_COMPLIANT[False negative]: likely to be Infinity + static_cast(std::pow(2, std::sin(p1))); // COMPLIANT: not likely to be Infinity + static_cast(1 / + std::sin(p1)); // NON_COMPLIANT: possible infinity from zero in denominator + static_cast(1 / std::log(p1)); // COMPLIANT: not possibly zero in denominator + static_cast(std::pow(p1, p1)); // COMPLIANT: NaN if p1 is zero + if (p1 != 0) { + static_cast(std::pow(p1, p1)); // COMPLIANT: p1 is not zero + } + + static_cast(std::acos(p1)); // COMPLIANT: NaN if p1 is not within -1..1 + static_cast(std::acos(std::cos(p1))); // COMPLIANT: cos(p1) is within -1..1 +} + +void castToInt(float p) { static_cast(p); } + +void checkBeforeCastToInt(float p) { + if (std::isfinite(p)) { + castToInt(p); + } +} + +void castToIntToFloatToInt(float p) { + // This should be reported as a violation, but not downstream from here. + castToInt(static_cast(p)); +} + +void addOneThenCastToInt(float p) { castToInt(p + 1); } +void addInfThenCastToInt(float p) { castToInt(p + 1.0 / 0.0); } +void addNaNThenCastToInt(float p) { castToInt(p + 0.0 / 0.0); } + +void f2() { + castToInt(1.0 / + 0.0); // NON_COMPLIANT: Infinity flows to denominator in division + castToInt(0.0 / 0.0); // COMPLIANT + checkBeforeCastToInt(1.0 / 0.0); // COMPLIANT + checkBeforeCastToInt(0.0 / 0.0); // COMPLIANT + addOneThenCastToInt(1.0 / 0.0); // NON_COMPLIANT[False negative] + addOneThenCastToInt(0.0 / 0.0); // NON_COMPLIANT + castToIntToFloatToInt(1.0 / 0.0); // NON_COMPLIANT + castToIntToFloatToInt(0.0 / 0.0); // COMPLIANT + + // Check that during flow analysis, we only report the true root cause: + float rootInf = 1.0 / 0.0; + float rootNaN = 0.0 / 0.0; + float middleInf = rootInf + 1; + float middleNaN = rootNaN + 1; + castToInt(middleInf); // NON_COMPLIANT + castToInt(middleNaN); // COMPLIANT + addInfThenCastToInt(middleInf); // NON_COMPLIANT + addNaNThenCastToInt(middleNaN); // COMPLIANT +} \ No newline at end of file diff --git a/cpp/common/test/rules/misuseofnanfloatingpointvalue/MisuseOfNaNFloatingPointValue.expected b/cpp/common/test/rules/misuseofnanfloatingpointvalue/MisuseOfNaNFloatingPointValue.expected new file mode 100644 index 0000000000..576327fb21 --- /dev/null +++ b/cpp/common/test/rules/misuseofnanfloatingpointvalue/MisuseOfNaNFloatingPointValue.expected @@ -0,0 +1,136 @@ +problems +| test.cpp:36:8:36:9 | l5 | test.cpp:27:14:27:20 | ... / ... | test.cpp:36:3:36:9 | l5 | Possible NaN value $@ flows to a cast to integer. | test.cpp:27:14:27:20 | ... / ... | from division of infinity by infinity | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:37:8:37:9 | l6 | test.cpp:28:14:28:20 | ... / ... | test.cpp:37:3:37:9 | l6 | Possible NaN value $@ flows to a cast to integer. | test.cpp:28:14:28:20 | ... / ... | from division of infinity by infinity | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:38:8:38:9 | l7 | test.cpp:31:14:32:15 | ... / ... | test.cpp:38:3:38:9 | l7 | Possible NaN value $@ flows to a cast to integer. | test.cpp:31:14:32:15 | ... / ... | from division of zero by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:39:8:39:9 | l8 | test.cpp:33:14:33:22 | ... / ... | test.cpp:39:3:39:9 | l8 | Possible NaN value $@ flows to a cast to integer. | test.cpp:33:14:33:22 | ... / ... | from division of zero by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:46:3:46:4 | l5 | test.cpp:27:14:27:20 | ... / ... | test.cpp:46:3:46:4 | l5 | Possible NaN value $@ flows to comparison, which would always evaluate to false. | test.cpp:27:14:27:20 | ... / ... | from division of infinity by infinity | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:47:3:47:4 | l5 | test.cpp:27:14:27:20 | ... / ... | test.cpp:47:3:47:4 | l5 | Possible NaN value $@ flows to comparison, which would always evaluate to false. | test.cpp:27:14:27:20 | ... / ... | from division of infinity by infinity | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:48:3:48:4 | l5 | test.cpp:27:14:27:20 | ... / ... | test.cpp:48:3:48:4 | l5 | Possible NaN value $@ flows to comparison, which would always evaluate to false. | test.cpp:27:14:27:20 | ... / ... | from division of infinity by infinity | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:49:3:49:4 | l5 | test.cpp:27:14:27:20 | ... / ... | test.cpp:49:3:49:4 | l5 | Possible NaN value $@ flows to comparison, which would always evaluate to false. | test.cpp:27:14:27:20 | ... / ... | from division of infinity by infinity | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:50:3:50:4 | l5 | test.cpp:27:14:27:20 | ... / ... | test.cpp:50:3:50:4 | l5 | Possible NaN value $@ flows to comparison, which would always evaluate to false. | test.cpp:27:14:27:20 | ... / ... | from division of infinity by infinity | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:51:3:51:4 | l5 | test.cpp:27:14:27:20 | ... / ... | test.cpp:51:3:51:4 | l5 | Possible NaN value $@ flows to comparison, which would always evaluate to false. | test.cpp:27:14:27:20 | ... / ... | from division of infinity by infinity | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:52:3:52:4 | l6 | test.cpp:28:14:28:20 | ... / ... | test.cpp:52:3:52:4 | l6 | Possible NaN value $@ flows to comparison, which would always evaluate to false. | test.cpp:28:14:28:20 | ... / ... | from division of infinity by infinity | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:53:3:53:4 | l7 | test.cpp:31:14:32:15 | ... / ... | test.cpp:53:3:53:4 | l7 | Possible NaN value $@ flows to comparison, which would always evaluate to false. | test.cpp:31:14:32:15 | ... / ... | from division of zero by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:54:3:54:4 | l8 | test.cpp:33:14:33:22 | ... / ... | test.cpp:54:3:54:4 | l8 | Possible NaN value $@ flows to comparison, which would always evaluate to false. | test.cpp:33:14:33:22 | ... / ... | from division of zero by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:61:11:61:17 | ... / ... | test.cpp:61:5:61:18 | ... / ... | test.cpp:61:5:61:18 | ... / ... | Possible NaN value $@ flows to a cast to integer. | test.cpp:61:11:61:17 | ... / ... | from division of zero by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:66:11:66:19 | ... / ... | test.cpp:66:5:66:20 | ... / ... | test.cpp:66:5:66:20 | ... / ... | Possible NaN value $@ flows to a cast to integer. | test.cpp:66:11:66:19 | ... / ... | from division of zero by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:72:20:72:28 | ... / ... | test.cpp:72:14:72:29 | ... / ... | test.cpp:72:14:72:29 | ... / ... | Possible NaN value $@ flows to a cast to integer. | test.cpp:72:20:72:28 | ... / ... | from division of zero by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:75:24:75:32 | ... / ... | test.cpp:75:18:75:33 | ... / ... | test.cpp:75:18:75:33 | ... / ... | Possible NaN value $@ flows to a cast to integer. | test.cpp:75:24:75:32 | ... / ... | from division of zero by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:126:10:126:12 | l13 | test.cpp:122:15:122:21 | ... / ... | test.cpp:126:5:126:12 | l13 | Possible NaN value $@ flows to a cast to integer. | test.cpp:122:15:122:21 | ... / ... | from division of zero by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:132:10:132:12 | l13 | test.cpp:122:15:122:21 | ... / ... | test.cpp:132:5:132:12 | l13 | Possible NaN value $@ flows to a cast to integer. | test.cpp:122:15:122:21 | ... / ... | from division of zero by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:138:10:138:12 | l13 | test.cpp:122:15:122:21 | ... / ... | test.cpp:138:5:138:12 | l13 | Possible NaN value $@ flows to a cast to integer. | test.cpp:122:15:122:21 | ... / ... | from division of zero by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:144:10:144:12 | l13 | test.cpp:122:15:122:21 | ... / ... | test.cpp:144:5:144:12 | l13 | Possible NaN value $@ flows to a cast to integer. | test.cpp:122:15:122:21 | ... / ... | from division of zero by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:148:10:148:12 | l13 | test.cpp:122:15:122:21 | ... / ... | test.cpp:148:5:148:12 | l13 | Possible NaN value $@ flows to a cast to integer. | test.cpp:122:15:122:21 | ... / ... | from division of zero by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:155:30:155:32 | l13 | test.cpp:122:15:122:21 | ... / ... | test.cpp:155:25:155:32 | l13 | Possible NaN value $@ flows to a cast to integer. | test.cpp:122:15:122:21 | ... / ... | from division of zero by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:157:33:157:35 | l13 | test.cpp:122:15:122:21 | ... / ... | test.cpp:157:28:157:35 | l13 | Possible NaN value $@ flows to a cast to integer. | test.cpp:122:15:122:21 | ... / ... | from division of zero by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:158:26:158:28 | l13 | test.cpp:122:15:122:21 | ... / ... | test.cpp:158:21:158:28 | l13 | Possible NaN value $@ flows to a cast to integer. | test.cpp:122:15:122:21 | ... / ... | from division of zero by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:166:8:166:15 | call to pow | test.cpp:166:3:166:23 | call to pow | test.cpp:166:3:166:23 | call to pow | Possible NaN value $@ flows to a cast to integer. | test.cpp:166:8:166:15 | call to pow | both arguments are equal to zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:171:8:171:16 | call to acos | test.cpp:171:3:171:20 | call to acos | test.cpp:171:3:171:20 | call to acos | Possible NaN value $@ flows to a cast to integer. | test.cpp:171:8:171:16 | call to acos | the argument has a range -1000000000000000...1000000000000000 which is outside the domain of this function (-1.0...1.0) | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:175:32:175:32 | p | test.cpp:190:51:190:59 | ... / ... | test.cpp:175:27:175:32 | p | Possible NaN value $@ computed in function $@ flows to a cast to integer. | test.cpp:190:51:190:59 | ... / ... | from division of zero by zero | test.cpp:190:6:190:24 | addNaNThenCastToInt | addNaNThenCastToInt | +| test.cpp:175:32:175:32 | p | test.cpp:195:13:195:21 | ... / ... | test.cpp:175:27:175:32 | p | Possible NaN value $@ computed in function $@ flows to a cast to integer. | test.cpp:195:13:195:21 | ... / ... | from division of zero by zero | test.cpp:192:6:192:7 | f2 | f2 | +| test.cpp:175:32:175:32 | p | test.cpp:199:23:199:31 | ... / ... | test.cpp:175:27:175:32 | p | Possible NaN value $@ computed in function $@ flows to a cast to integer. | test.cpp:199:23:199:31 | ... / ... | from division of zero by zero | test.cpp:192:6:192:7 | f2 | f2 | +| test.cpp:175:32:175:32 | p | test.cpp:205:19:205:27 | ... / ... | test.cpp:175:27:175:32 | p | Possible NaN value $@ computed in function $@ flows to a cast to integer. | test.cpp:205:19:205:27 | ... / ... | from division of zero by zero | test.cpp:192:6:192:7 | f2 | f2 | +| test.cpp:185:18:185:18 | p | test.cpp:201:25:201:33 | ... / ... | test.cpp:185:13:185:18 | p | Possible NaN value $@ computed in function $@ flows to a cast to integer. | test.cpp:201:25:201:33 | ... / ... | from division of zero by zero | test.cpp:192:6:192:7 | f2 | f2 | +edges +| test.cpp:27:14:27:20 | ... / ... | test.cpp:27:14:27:20 | ... / ... | provenance | | +| test.cpp:27:14:27:20 | ... / ... | test.cpp:36:3:36:9 | l5 | provenance | | +| test.cpp:27:14:27:20 | ... / ... | test.cpp:46:3:46:4 | l5 | provenance | | +| test.cpp:27:14:27:20 | ... / ... | test.cpp:47:3:47:4 | l5 | provenance | | +| test.cpp:27:14:27:20 | ... / ... | test.cpp:48:3:48:4 | l5 | provenance | | +| test.cpp:27:14:27:20 | ... / ... | test.cpp:49:3:49:4 | l5 | provenance | | +| test.cpp:27:14:27:20 | ... / ... | test.cpp:50:3:50:4 | l5 | provenance | | +| test.cpp:27:14:27:20 | ... / ... | test.cpp:51:3:51:4 | l5 | provenance | | +| test.cpp:28:14:28:20 | ... / ... | test.cpp:28:14:28:20 | ... / ... | provenance | | +| test.cpp:28:14:28:20 | ... / ... | test.cpp:37:3:37:9 | l6 | provenance | | +| test.cpp:28:14:28:20 | ... / ... | test.cpp:52:3:52:4 | l6 | provenance | | +| test.cpp:31:14:32:15 | ... / ... | test.cpp:31:14:32:15 | ... / ... | provenance | | +| test.cpp:31:14:32:15 | ... / ... | test.cpp:38:3:38:9 | l7 | provenance | | +| test.cpp:31:14:32:15 | ... / ... | test.cpp:53:3:53:4 | l7 | provenance | | +| test.cpp:33:14:33:22 | ... / ... | test.cpp:33:14:33:22 | ... / ... | provenance | | +| test.cpp:33:14:33:22 | ... / ... | test.cpp:39:3:39:9 | l8 | provenance | | +| test.cpp:33:14:33:22 | ... / ... | test.cpp:54:3:54:4 | l8 | provenance | | +| test.cpp:122:15:122:21 | ... / ... | test.cpp:122:15:122:21 | ... / ... | provenance | | +| test.cpp:122:15:122:21 | ... / ... | test.cpp:126:5:126:12 | l13 | provenance | | +| test.cpp:122:15:122:21 | ... / ... | test.cpp:132:5:132:12 | l13 | provenance | | +| test.cpp:122:15:122:21 | ... / ... | test.cpp:138:5:138:12 | l13 | provenance | | +| test.cpp:122:15:122:21 | ... / ... | test.cpp:144:5:144:12 | l13 | provenance | | +| test.cpp:122:15:122:21 | ... / ... | test.cpp:148:5:148:12 | l13 | provenance | | +| test.cpp:122:15:122:21 | ... / ... | test.cpp:155:25:155:32 | l13 | provenance | | +| test.cpp:122:15:122:21 | ... / ... | test.cpp:157:28:157:35 | l13 | provenance | | +| test.cpp:122:15:122:21 | ... / ... | test.cpp:158:21:158:28 | l13 | provenance | | +| test.cpp:175:22:175:22 | p | test.cpp:175:27:175:32 | p | provenance | | +| test.cpp:183:34:183:34 | p | test.cpp:185:13:185:18 | p | provenance | | +| test.cpp:188:32:188:32 | p | test.cpp:188:47:188:51 | ... + ... | provenance | Config | +| test.cpp:188:47:188:51 | ... + ... | test.cpp:175:22:175:22 | p | provenance | | +| test.cpp:190:32:190:32 | p | test.cpp:190:47:190:59 | ... + ... | provenance | Config | +| test.cpp:190:47:190:59 | ... + ... | test.cpp:175:22:175:22 | p | provenance | | +| test.cpp:190:47:190:59 | ... + ... | test.cpp:175:22:175:22 | p | provenance | | +| test.cpp:190:51:190:59 | ... / ... | test.cpp:190:47:190:59 | ... + ... | provenance | Config | +| test.cpp:195:13:195:21 | ... / ... | test.cpp:175:22:175:22 | p | provenance | | +| test.cpp:199:23:199:31 | ... / ... | test.cpp:188:32:188:32 | p | provenance | | +| test.cpp:201:25:201:33 | ... / ... | test.cpp:183:34:183:34 | p | provenance | | +| test.cpp:205:19:205:27 | ... / ... | test.cpp:205:19:205:27 | ... / ... | provenance | | +| test.cpp:205:19:205:27 | ... / ... | test.cpp:207:21:207:31 | ... + ... | provenance | Config | +| test.cpp:207:21:207:31 | ... + ... | test.cpp:207:21:207:31 | ... + ... | provenance | | +| test.cpp:207:21:207:31 | ... + ... | test.cpp:209:13:209:21 | middleNaN | provenance | | +| test.cpp:207:21:207:31 | ... + ... | test.cpp:211:23:211:31 | middleNaN | provenance | | +| test.cpp:209:13:209:21 | middleNaN | test.cpp:175:22:175:22 | p | provenance | | +| test.cpp:211:23:211:31 | middleNaN | test.cpp:190:32:190:32 | p | provenance | | +nodes +| test.cpp:27:14:27:20 | ... / ... | semmle.label | ... / ... | +| test.cpp:27:14:27:20 | ... / ... | semmle.label | ... / ... | +| test.cpp:28:14:28:20 | ... / ... | semmle.label | ... / ... | +| test.cpp:28:14:28:20 | ... / ... | semmle.label | ... / ... | +| test.cpp:31:14:32:15 | ... / ... | semmle.label | ... / ... | +| test.cpp:31:14:32:15 | ... / ... | semmle.label | ... / ... | +| test.cpp:33:14:33:22 | ... / ... | semmle.label | ... / ... | +| test.cpp:33:14:33:22 | ... / ... | semmle.label | ... / ... | +| test.cpp:36:3:36:9 | l5 | semmle.label | l5 | +| test.cpp:37:3:37:9 | l6 | semmle.label | l6 | +| test.cpp:38:3:38:9 | l7 | semmle.label | l7 | +| test.cpp:39:3:39:9 | l8 | semmle.label | l8 | +| test.cpp:46:3:46:4 | l5 | semmle.label | l5 | +| test.cpp:47:3:47:4 | l5 | semmle.label | l5 | +| test.cpp:48:3:48:4 | l5 | semmle.label | l5 | +| test.cpp:49:3:49:4 | l5 | semmle.label | l5 | +| test.cpp:50:3:50:4 | l5 | semmle.label | l5 | +| test.cpp:51:3:51:4 | l5 | semmle.label | l5 | +| test.cpp:52:3:52:4 | l6 | semmle.label | l6 | +| test.cpp:53:3:53:4 | l7 | semmle.label | l7 | +| test.cpp:54:3:54:4 | l8 | semmle.label | l8 | +| test.cpp:61:5:61:18 | ... / ... | semmle.label | ... / ... | +| test.cpp:66:5:66:20 | ... / ... | semmle.label | ... / ... | +| test.cpp:72:14:72:29 | ... / ... | semmle.label | ... / ... | +| test.cpp:75:18:75:33 | ... / ... | semmle.label | ... / ... | +| test.cpp:122:15:122:21 | ... / ... | semmle.label | ... / ... | +| test.cpp:122:15:122:21 | ... / ... | semmle.label | ... / ... | +| test.cpp:126:5:126:12 | l13 | semmle.label | l13 | +| test.cpp:132:5:132:12 | l13 | semmle.label | l13 | +| test.cpp:138:5:138:12 | l13 | semmle.label | l13 | +| test.cpp:144:5:144:12 | l13 | semmle.label | l13 | +| test.cpp:148:5:148:12 | l13 | semmle.label | l13 | +| test.cpp:155:25:155:32 | l13 | semmle.label | l13 | +| test.cpp:157:28:157:35 | l13 | semmle.label | l13 | +| test.cpp:158:21:158:28 | l13 | semmle.label | l13 | +| test.cpp:166:3:166:23 | call to pow | semmle.label | call to pow | +| test.cpp:171:3:171:20 | call to acos | semmle.label | call to acos | +| test.cpp:175:22:175:22 | p | semmle.label | p | +| test.cpp:175:27:175:32 | p | semmle.label | p | +| test.cpp:183:34:183:34 | p | semmle.label | p | +| test.cpp:185:13:185:18 | p | semmle.label | p | +| test.cpp:188:32:188:32 | p | semmle.label | p | +| test.cpp:188:47:188:51 | ... + ... | semmle.label | ... + ... | +| test.cpp:190:32:190:32 | p | semmle.label | p | +| test.cpp:190:47:190:59 | ... + ... | semmle.label | ... + ... | +| test.cpp:190:47:190:59 | ... + ... | semmle.label | ... + ... | +| test.cpp:190:51:190:59 | ... / ... | semmle.label | ... / ... | +| test.cpp:195:13:195:21 | ... / ... | semmle.label | ... / ... | +| test.cpp:199:23:199:31 | ... / ... | semmle.label | ... / ... | +| test.cpp:201:25:201:33 | ... / ... | semmle.label | ... / ... | +| test.cpp:205:19:205:27 | ... / ... | semmle.label | ... / ... | +| test.cpp:205:19:205:27 | ... / ... | semmle.label | ... / ... | +| test.cpp:207:21:207:31 | ... + ... | semmle.label | ... + ... | +| test.cpp:207:21:207:31 | ... + ... | semmle.label | ... + ... | +| test.cpp:209:13:209:21 | middleNaN | semmle.label | middleNaN | +| test.cpp:211:23:211:31 | middleNaN | semmle.label | middleNaN | +subpaths diff --git a/cpp/common/test/rules/misuseofnanfloatingpointvalue/MisuseOfNaNFloatingPointValue.ql b/cpp/common/test/rules/misuseofnanfloatingpointvalue/MisuseOfNaNFloatingPointValue.ql new file mode 100644 index 0000000000..a1f729ed02 --- /dev/null +++ b/cpp/common/test/rules/misuseofnanfloatingpointvalue/MisuseOfNaNFloatingPointValue.ql @@ -0,0 +1,4 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.misuseofnanfloatingpointvalue.MisuseOfNaNFloatingPointValue + +class TestFileQuery extends MisuseOfNaNFloatingPointValueSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/misuseofnanfloatingpointvalue/test.cpp b/cpp/common/test/rules/misuseofnanfloatingpointvalue/test.cpp new file mode 100644 index 0000000000..51540bc3a1 --- /dev/null +++ b/cpp/common/test/rules/misuseofnanfloatingpointvalue/test.cpp @@ -0,0 +1,212 @@ +#include + +float getFloat() { return 1.0; } + +// Parameter could be infinity +void f1(float p1) { + float l1 = 1; + float l2 = 1.0 / 0; + float l3 = -l2; + + 10 / l1; // COMPLIANT + 10 / l2; // COMPLIANT: Underflows to zero + 10 / l3; // COMPLIANT: Underflow to negative zero + 10 / p1; // COMPLIANT: Reduce false positives by assuming not infinity + 10 / getFloat(); // COMPLIANT: Reduce false positives by assuming not infinity + + (int)l1; // COMPLIANT + (int)l2; // COMPLIANT + (int)l3; // COMPLIANT + (int)p1; // COMPLIANT: Reduce false positives by assuming not infinity + (int)getFloat(); // COMPLIANT: Reduce false positives by assuming not infinity + + // Not NaN: + float l4 = l1 / l1; // COMPLIANT + + // NaN because of infinity divided by itself: + float l5 = l2 / l2; // COMPLIANT: Division by infinity not allowed. + float l6 = l3 / l3; // COMPLIANT: Division by infinity not allowed. + + // NaN because of zero divided by itself: + float l7 = getFloat() / + p1; // COMPLIANT: Reduce false positives by assuming not infinity + float l8 = 0.0 / 0.0; + + (int)l4; // COMPLIANT + (int)l5; // NON_COMPLIANT: Casting NaN to int + (int)l6; // NON_COMPLIANT: Casting NaN to int + (int)l7; // NON_COMPLIANT: Casting NaN to int + (int)l8; // NON_COMPLIANT: Casting NaN to int + + l4 == 0; // COMPLIANT + l4 != 0; // COMPLIANT + l4 <= 0; // COMPLIANT + l4 < 0; // COMPLIANT + l4 >= 0; // COMPLIANT + l5 == 0; // NON_COMPLIANT: Comparison with NaN always false + l5 != 0; // NON_COMPLIANT: Comparison with NaN always false + l5 < 0; // NON_COMPLIANT: Comparison with NaN always false + l5 <= 0; // NON_COMPLIANT: Comparison with NaN always false + l5 > 0; // NON_COMPLIANT: Comparison with NaN always false + l5 >= 0; // NON_COMPLIANT: Comparison with NaN always false + l6 == 0; // NON_COMPLIANT: Comparison with NaN always false + l7 == 0; // NON_COMPLIANT: Comparison with NaN always false + l8 == 0; // NON_COMPLIANT: Comparison with NaN always false + + // Guards + float l9 = 0; + if (l9 != 0) { + (int)(l9 / l9); // COMPLIANT: l9 is not zero + } else { + (int)(l9 / l9); // NON_COMPLIANT: Casting NaN to integer + } + + float l10 = 0; + if (l10 == 0) { + (int)(l10 / l10); // NON_COMPLIANT: Casting NaN to integer + } else { + (int)(l10 / l10); // COMPLIANT: Guarded to not be NaN + } + + float l11 = 0; + l11 == 0 ? (int)(l11 / l11) : 0; // NON_COMPLIANT + l11 == 0 ? 0 : (int)(l11 / l11); // COMPLIANT + l11 != 0 ? (int)(l11 / l11) : 0; // COMPLIANT + l11 != 0 ? 0 : (int)(l11 / l11); // NON_COMPLIANT + + float l12 = 1.0 / 0; + if (std::isinf(l12)) { + (int)l12; // COMPLIANT: Casting Infinity to integer + } else { + (int)l12; // COMPLIANT: Guarded not to be Infinity + } + + if (!std::isinf(l12)) { + (int)l12; // COMPLIANT: Guarded not to be Infinity + } else { + (int)l12; // COMPLIANT: Casting Infinity to integer + } + + if (std::isinf(l12) == 1) { + (int)l12; // COMPLIANT: Must be +Infinity + } else { + (int)l12; // COMPLIANT: May be -Infinity + } + + if (std::isfinite(l12)) { + (int)l12; // COMPLIANT: Guarded not to be Infinity + } else { + (int)l12; // COMPLIANT: Casting Infinity to integer + } + + if (std::isnormal(l12)) { + (int)l12; // COMPLIANT: Guarded not to be Infinity + } else { + (int)l12; // COMPLIANT: Casting Infinity to integer + } + + if (std::isnan(l12)) { + (int)l12; // COMPLIANT: Guarded not to be Infinity + } else { + (int)l12; // COMPLIANT: Casting Infinity to integer + } + + std::isinf(l12) ? (int)l12 : 0; // COMPLIANT: Check on wrong branch + std::isinf(l12) ? 0 : (int)l12; // COMPLIANT: Checked not infinite before use + std::isfinite(l12) ? (int)l12 : 0; // COMPLIANT: Checked finite before use + std::isfinite(l12) ? 0 : (int)l12; // COMPLIANT: Checked on wrong branch + std::isnan(l12) ? (int)l12 + : 0; // COMPLIANT: Checked NaN, therefore not infinite, before use + std::isnan(l12) ? 0 : (int)l12; // COMPLIANT: Check on wrong branch + + float l13 = 0.0 / 0; + if (std::isinf(l13)) { + (int)l13; // COMPLIANT: Guarded not to be NaN + } else { + (int)l13; // NON_COMPLIANT: Casting NaN to integer + } + + if (std::isinf(l13) == 1) { + (int)l13; // COMPLIANT: Guarded not to be NaN (must be +Infinity) + } else { + (int)l13; // NON_COMPLIANT: Casting NaN to integer + } + + if (std::isfinite(l13)) { + (int)l13; // COMPLIANT: Guarded not to be NaN + } else { + (int)l13; // NON_COMPLIANT: Casting NaN to integer + } + + if (std::isnormal(l13)) { + (int)l13; // COMPLIANT: Guarded not to be NaN + } else { + (int)l13; // NON_COMPLIANT: Casting NaN to integer + } + + if (std::isnan(l13)) { + (int)l13; // NON_COMPLIANT: Casting NaN to integer + } else { + (int)l13; // COMPLIANT: Guarded not to be NaN + } + + std::isinf(l13) ? (int)l13 + : 0; // COMPLIANT: Checked infinite, therefore not NaN, before use + std::isinf(l13) ? 0 : (int)l13; // NON_COMPLIANT: Check on wrong branch + std::isfinite(l13) ? (int)l13 : 0; // COMPLIANT: Checked finite before use + std::isfinite(l13) ? 0 : (int)l13; // NON_COMPLIANT: Checked on wrong branch + std::isnan(l13) ? (int)l13 : 0; // NON_COMPLIANT: Check on wrong branch + std::isnan(l13) ? 0 : (int)l13; // COMPLIANT: Checked not NaN before use + + (int)std::pow(2, p1); // COMPLIANT: likely to be Infinity + (int)std::pow(2, std::sin(p1)); // COMPLIANT: not likely to be Infinity + (int)(1 / + std::sin(p1)); // COMPLIANT: possible infinity from zero in denominator + (int)(1 / std::log(p1)); // COMPLIANT: not possibly zero in denominator + (int)std::pow(p1, p1); // NON_COMPLIANT: NaN if p1 is zero + if (p1 != 0) { + (int)std::pow(p1, p1); // COMPLIANT: p1 is not zero + } + + (int)std::acos(p1); // NON_COMPLIANT: NaN if p1 is not within -1..1 + (int)std::acos(std::cos(p1)); // COMPLIANT: cos(p1) is within -1..1 +} + +void castToInt(float p) { (int)p; } + +void checkBeforeCastToInt(float p) { + if (std::isfinite(p)) { + castToInt(p); + } +} + +void castToIntToFloatToInt(float p) { + // This should be reported as a violation, but not downstream from here. + castToInt((int)p); +} + +void addOneThenCastToInt(float p) { castToInt(p + 1); } +void addInfThenCastToInt(float p) { castToInt(p + 1.0 / 0.0); } +void addNaNThenCastToInt(float p) { castToInt(p + 0.0 / 0.0); } + +void f2() { + castToInt(1.0 / + 0.0); // COMPLIANT: Infinity flows to denominator in division + castToInt(0.0 / 0.0); // COMPLIANT: NaN flows to denominator in division + checkBeforeCastToInt(1.0 / 0.0); // COMPLIANT + checkBeforeCastToInt(0.0 / 0.0); // COMPLIANT + addOneThenCastToInt(1.0 / 0.0); // COMPLIANT + addOneThenCastToInt(0.0 / 0.0); // NON_COMPLIANT + castToIntToFloatToInt(1.0 / 0.0); // COMPLIANT + castToIntToFloatToInt(0.0 / 0.0); // NON_COMPLIANT + + // Check that during flow analysis, we only report the true root cause: + float rootInf = 1.0 / 0.0; + float rootNaN = 0.0 / 0.0; + float middleInf = rootInf + 1; + float middleNaN = rootNaN + 1; + castToInt(middleInf); // COMPLIANT + castToInt(middleNaN); // NON_COMPLIANT + addInfThenCastToInt(middleInf); // COMPLIANT + addNaNThenCastToInt(middleNaN); // NON_COMPLIANT +} \ No newline at end of file diff --git a/cpp/misra/src/rules/DIR-0-3-1/PossibleMisuseOfInfiniteFloatingPointValue.ql b/cpp/misra/src/rules/DIR-0-3-1/PossibleMisuseOfInfiniteFloatingPointValue.ql new file mode 100644 index 0000000000..d9810c1135 --- /dev/null +++ b/cpp/misra/src/rules/DIR-0-3-1/PossibleMisuseOfInfiniteFloatingPointValue.ql @@ -0,0 +1,22 @@ +/** + * @id cpp/misra/possible-misuse-of-infinite-floating-point-value + * @name DIR-0-3-1: Possible misuse of a generate infinite floating point value + * @description Possible misuse of a generate infinite floating point value. + * @kind path-problem + * @precision medium + * @problem.severity warning + * @tags external/misra/id/dir-0-3-1 + * correctness + * external/misra/c/2012/amendment3 + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.misuseofinfinitefloatingpointvalue.MisuseOfInfiniteFloatingPointValue + +class PossibleMisuseOfInfiniteFloatingPointValueQuery extends MisuseOfInfiniteFloatingPointValueSharedQuery { + PossibleMisuseOfInfiniteFloatingPointValueQuery() { + this = FloatingPointPackage::possibleMisuseOfInfiniteFloatingPointValueQuery() + } +} diff --git a/cpp/misra/src/rules/DIR-0-3-1/PossibleMisuseOfNaNFloatingPointValue.ql b/cpp/misra/src/rules/DIR-0-3-1/PossibleMisuseOfNaNFloatingPointValue.ql new file mode 100644 index 0000000000..934ee6d998 --- /dev/null +++ b/cpp/misra/src/rules/DIR-0-3-1/PossibleMisuseOfNaNFloatingPointValue.ql @@ -0,0 +1,23 @@ +/** + * @id cpp/misra/possible-misuse-of-nan-floating-point-value + * @name DIR-0-3-1: Possible mishandling of an undetected NaN value produced by a floating point operation + * @description Possible mishandling of an undetected NaN value produced by a floating point + * operation. + * @kind path-problem + * @precision low + * @problem.severity warning + * @tags external/misra/id/dir-0-3-1 + * correctness + * external/misra/c/2012/amendment3 + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.misuseofnanfloatingpointvalue.MisuseOfNaNFloatingPointValue + +class PossibleMisuseOfNaNFloatingPointValueQuery extends MisuseOfNaNFloatingPointValueSharedQuery { + PossibleMisuseOfNaNFloatingPointValueQuery() { + this = FloatingPointPackage::possibleMisuseOfNaNFloatingPointValueQuery() + } +} diff --git a/cpp/misra/test/rules/DIR-0-3-1/PossibleMisuseOfInfiniteFloatingPointValue.testref b/cpp/misra/test/rules/DIR-0-3-1/PossibleMisuseOfInfiniteFloatingPointValue.testref new file mode 100644 index 0000000000..952d461d00 --- /dev/null +++ b/cpp/misra/test/rules/DIR-0-3-1/PossibleMisuseOfInfiniteFloatingPointValue.testref @@ -0,0 +1 @@ +cpp/common/test/rules/misuseofinfinitefloatingpointvalue/MisuseOfInfiniteFloatingPointValue.ql \ No newline at end of file diff --git a/cpp/misra/test/rules/DIR-0-3-1/PossibleMisuseOfNaNFloatingPointValue.testref b/cpp/misra/test/rules/DIR-0-3-1/PossibleMisuseOfNaNFloatingPointValue.testref new file mode 100644 index 0000000000..2cd2de067d --- /dev/null +++ b/cpp/misra/test/rules/DIR-0-3-1/PossibleMisuseOfNaNFloatingPointValue.testref @@ -0,0 +1 @@ +cpp/common/test/rules/misuseofnanfloatingpointvalue/MisuseOfNaNFloatingPointValue.ql \ No newline at end of file diff --git a/rule_packages/c/FloatingTypes2.json b/rule_packages/c/FloatingTypes2.json index 3f4771dcc6..a1c02daaf5 100644 --- a/rule_packages/c/FloatingTypes2.json +++ b/rule_packages/c/FloatingTypes2.json @@ -12,6 +12,7 @@ "precision": "medium", "severity": "warning", "short_name": "PossibleMisuseOfUndetectedInfinity", + "shared_implementation_short_name": "MisuseOfInfiniteFloatingPointValue", "tags": [ "correctness", "external/misra/c/2012/amendment3" @@ -24,6 +25,7 @@ "precision": "low", "severity": "warning", "short_name": "PossibleMisuseOfUndetectedNaN", + "shared_implementation_short_name": "MisuseOfNaNFloatingPointValue", "tags": [ "correctness", "external/misra/c/2012/amendment3" diff --git a/rule_packages/cpp/FloatingPoint.json b/rule_packages/cpp/FloatingPoint.json new file mode 100644 index 0000000000..b085e5b289 --- /dev/null +++ b/rule_packages/cpp/FloatingPoint.json @@ -0,0 +1,38 @@ +{ + "MISRA-C++-2023": { + "DIR-0-3-1": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "Possible misuse of a generate infinite floating point value.", + "kind": "path-problem", + "name": "Possible misuse of a generate infinite floating point value", + "precision": "medium", + "severity": "warning", + "short_name": "PossibleMisuseOfInfiniteFloatingPointValue", + "shared_implementation_short_name": "MisuseOfInfiniteFloatingPointValue", + "tags": [ + "correctness", + "external/misra/c/2012/amendment3" + ] + }, + { + "description": "Possible mishandling of an undetected NaN value produced by a floating point operation.", + "kind": "path-problem", + "name": "Possible mishandling of an undetected NaN value produced by a floating point operation", + "precision": "low", + "severity": "warning", + "short_name": "PossibleMisuseOfNaNFloatingPointValue", + "shared_implementation_short_name": "MisuseOfNaNFloatingPointValue", + "tags": [ + "correctness", + "external/misra/c/2012/amendment3" + ] + } + ], + "title": "Floating-point arithmetic should be used appropriately" + } + } +} \ No newline at end of file From 5fa421b286c997a3b792b5c2996f5deeb8bebee6 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Tue, 15 Apr 2025 07:40:56 -0700 Subject: [PATCH 2501/2573] Format --- .../misuseofinfinitefloatingpointvalue/test.c | 2 +- .../MisuseOfNaNFloatingPointValue.expected | 94 ++++----- .../misuseofnanfloatingpointvalue/test.c | 10 +- .../cpp/RestrictedRangeAnalysis.qll | 5 +- ...isuseOfInfiniteFloatingPointValue.expected | 178 +++++++++--------- .../test.cpp | 89 ++++++--- .../MisuseOfNaNFloatingPointValue.expected | 144 +++++++------- .../misuseofnanfloatingpointvalue/test.cpp | 21 ++- ...sibleMisuseOfInfiniteFloatingPointValue.ql | 3 +- rule_packages/cpp/FloatingPoint.json | 6 +- 10 files changed, 289 insertions(+), 263 deletions(-) diff --git a/c/common/test/rules/misuseofinfinitefloatingpointvalue/test.c b/c/common/test/rules/misuseofinfinitefloatingpointvalue/test.c index 85097d828b..6a4ebd94b9 100644 --- a/c/common/test/rules/misuseofinfinitefloatingpointvalue/test.c +++ b/c/common/test/rules/misuseofinfinitefloatingpointvalue/test.c @@ -192,7 +192,7 @@ void addNaNThenCastToInt(float p) { castToInt(p + 0.0 / 0.0); } void f2() { castToInt(1.0 / 0.0); // NON_COMPLIANT: Infinity flows to denominator in division - castToInt(0.0 / 0.0); // COMPLIANT + castToInt(0.0 / 0.0); // COMPLIANT checkBeforeCastToInt(1.0 / 0.0); // COMPLIANT checkBeforeCastToInt(0.0 / 0.0); // COMPLIANT addOneThenCastToInt(1.0 / 0.0); // NON_COMPLIANT[False negative] diff --git a/c/common/test/rules/misuseofnanfloatingpointvalue/MisuseOfNaNFloatingPointValue.expected b/c/common/test/rules/misuseofnanfloatingpointvalue/MisuseOfNaNFloatingPointValue.expected index 1555fd5bd8..b567e06bc2 100644 --- a/c/common/test/rules/misuseofnanfloatingpointvalue/MisuseOfNaNFloatingPointValue.expected +++ b/c/common/test/rules/misuseofnanfloatingpointvalue/MisuseOfNaNFloatingPointValue.expected @@ -24,13 +24,13 @@ problems | test.c:155:25:155:27 | l13 | test.c:122:15:122:21 | ... / ... | test.c:155:20:155:27 | l13 | Possible NaN value $@ flows to a cast to integer. | test.c:122:15:122:21 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | | test.c:157:28:157:30 | l13 | test.c:122:15:122:21 | ... / ... | test.c:157:23:157:30 | l13 | Possible NaN value $@ flows to a cast to integer. | test.c:122:15:122:21 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | | test.c:158:21:158:23 | l13 | test.c:122:15:122:21 | ... / ... | test.c:158:16:158:23 | l13 | Possible NaN value $@ flows to a cast to integer. | test.c:122:15:122:21 | ... / ... | from division of zero by zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:166:8:166:10 | call to pow | test.c:166:3:166:18 | call to pow | test.c:166:3:166:18 | call to pow | Possible NaN value $@ flows to a cast to integer. | test.c:166:8:166:10 | call to pow | both arguments are equal to zero | test.c:6:6:6:7 | f1 | f1 | -| test.c:171:8:171:11 | call to acos | test.c:171:3:171:15 | call to acos | test.c:171:3:171:15 | call to acos | Possible NaN value $@ flows to a cast to integer. | test.c:171:8:171:11 | call to acos | the argument has a range -1000000000000000...1000000000000000 which is outside the domain of this function (-1.0...1.0) | test.c:6:6:6:7 | f1 | f1 | -| test.c:175:32:175:32 | p | test.c:190:51:190:59 | ... / ... | test.c:175:27:175:32 | p | Possible NaN value $@ computed in function $@ flows to a cast to integer. | test.c:190:51:190:59 | ... / ... | from division of zero by zero | test.c:190:6:190:24 | addNaNThenCastToInt | addNaNThenCastToInt | -| test.c:175:32:175:32 | p | test.c:195:13:195:21 | ... / ... | test.c:175:27:175:32 | p | Possible NaN value $@ computed in function $@ flows to a cast to integer. | test.c:195:13:195:21 | ... / ... | from division of zero by zero | test.c:192:6:192:7 | f2 | f2 | -| test.c:175:32:175:32 | p | test.c:199:23:199:31 | ... / ... | test.c:175:27:175:32 | p | Possible NaN value $@ computed in function $@ flows to a cast to integer. | test.c:199:23:199:31 | ... / ... | from division of zero by zero | test.c:192:6:192:7 | f2 | f2 | -| test.c:175:32:175:32 | p | test.c:205:19:205:27 | ... / ... | test.c:175:27:175:32 | p | Possible NaN value $@ computed in function $@ flows to a cast to integer. | test.c:205:19:205:27 | ... / ... | from division of zero by zero | test.c:192:6:192:7 | f2 | f2 | -| test.c:185:18:185:18 | p | test.c:201:25:201:33 | ... / ... | test.c:185:13:185:18 | p | Possible NaN value $@ computed in function $@ flows to a cast to integer. | test.c:201:25:201:33 | ... / ... | from division of zero by zero | test.c:192:6:192:7 | f2 | f2 | +| test.c:165:8:165:10 | call to pow | test.c:165:3:165:18 | call to pow | test.c:165:3:165:18 | call to pow | Possible NaN value $@ flows to a cast to integer. | test.c:165:8:165:10 | call to pow | both arguments are equal to zero | test.c:6:6:6:7 | f1 | f1 | +| test.c:170:8:170:11 | call to acos | test.c:170:3:170:15 | call to acos | test.c:170:3:170:15 | call to acos | Possible NaN value $@ flows to a cast to integer. | test.c:170:8:170:11 | call to acos | the argument has a range -1000000000000000...1000000000000000 which is outside the domain of this function (-1.0...1.0) | test.c:6:6:6:7 | f1 | f1 | +| test.c:174:32:174:32 | p | test.c:189:51:189:59 | ... / ... | test.c:174:27:174:32 | p | Possible NaN value $@ computed in function $@ flows to a cast to integer. | test.c:189:51:189:59 | ... / ... | from division of zero by zero | test.c:189:6:189:24 | addNaNThenCastToInt | addNaNThenCastToInt | +| test.c:174:32:174:32 | p | test.c:193:13:193:21 | ... / ... | test.c:174:27:174:32 | p | Possible NaN value $@ computed in function $@ flows to a cast to integer. | test.c:193:13:193:21 | ... / ... | from division of zero by zero | test.c:191:6:191:7 | f2 | f2 | +| test.c:174:32:174:32 | p | test.c:197:23:197:31 | ... / ... | test.c:174:27:174:32 | p | Possible NaN value $@ computed in function $@ flows to a cast to integer. | test.c:197:23:197:31 | ... / ... | from division of zero by zero | test.c:191:6:191:7 | f2 | f2 | +| test.c:174:32:174:32 | p | test.c:203:19:203:27 | ... / ... | test.c:174:27:174:32 | p | Possible NaN value $@ computed in function $@ flows to a cast to integer. | test.c:203:19:203:27 | ... / ... | from division of zero by zero | test.c:191:6:191:7 | f2 | f2 | +| test.c:184:18:184:18 | p | test.c:199:25:199:33 | ... / ... | test.c:184:13:184:18 | p | Possible NaN value $@ computed in function $@ flows to a cast to integer. | test.c:199:25:199:33 | ... / ... | from division of zero by zero | test.c:191:6:191:7 | f2 | f2 | edges | test.c:27:14:27:20 | ... / ... | test.c:27:14:27:20 | ... / ... | provenance | | | test.c:27:14:27:20 | ... / ... | test.c:36:3:36:9 | l5 | provenance | | @@ -58,24 +58,24 @@ edges | test.c:122:15:122:21 | ... / ... | test.c:155:20:155:27 | l13 | provenance | | | test.c:122:15:122:21 | ... / ... | test.c:157:23:157:30 | l13 | provenance | | | test.c:122:15:122:21 | ... / ... | test.c:158:16:158:23 | l13 | provenance | | -| test.c:175:22:175:22 | p | test.c:175:27:175:32 | p | provenance | | -| test.c:183:34:183:34 | p | test.c:185:13:185:18 | p | provenance | | -| test.c:188:32:188:32 | p | test.c:188:47:188:51 | ... + ... | provenance | Config | -| test.c:188:47:188:51 | ... + ... | test.c:175:22:175:22 | p | provenance | | -| test.c:190:32:190:32 | p | test.c:190:47:190:59 | ... + ... | provenance | Config | -| test.c:190:47:190:59 | ... + ... | test.c:175:22:175:22 | p | provenance | | -| test.c:190:47:190:59 | ... + ... | test.c:175:22:175:22 | p | provenance | | -| test.c:190:51:190:59 | ... / ... | test.c:190:47:190:59 | ... + ... | provenance | Config | -| test.c:195:13:195:21 | ... / ... | test.c:175:22:175:22 | p | provenance | | -| test.c:199:23:199:31 | ... / ... | test.c:188:32:188:32 | p | provenance | | -| test.c:201:25:201:33 | ... / ... | test.c:183:34:183:34 | p | provenance | | -| test.c:205:19:205:27 | ... / ... | test.c:205:19:205:27 | ... / ... | provenance | | -| test.c:205:19:205:27 | ... / ... | test.c:207:21:207:31 | ... + ... | provenance | Config | -| test.c:207:21:207:31 | ... + ... | test.c:207:21:207:31 | ... + ... | provenance | | -| test.c:207:21:207:31 | ... + ... | test.c:209:13:209:21 | middleNaN | provenance | | -| test.c:207:21:207:31 | ... + ... | test.c:211:23:211:31 | middleNaN | provenance | | -| test.c:209:13:209:21 | middleNaN | test.c:175:22:175:22 | p | provenance | | -| test.c:211:23:211:31 | middleNaN | test.c:190:32:190:32 | p | provenance | | +| test.c:174:22:174:22 | p | test.c:174:27:174:32 | p | provenance | | +| test.c:182:34:182:34 | p | test.c:184:13:184:18 | p | provenance | | +| test.c:187:32:187:32 | p | test.c:187:47:187:51 | ... + ... | provenance | Config | +| test.c:187:47:187:51 | ... + ... | test.c:174:22:174:22 | p | provenance | | +| test.c:189:32:189:32 | p | test.c:189:47:189:59 | ... + ... | provenance | Config | +| test.c:189:47:189:59 | ... + ... | test.c:174:22:174:22 | p | provenance | | +| test.c:189:47:189:59 | ... + ... | test.c:174:22:174:22 | p | provenance | | +| test.c:189:51:189:59 | ... / ... | test.c:189:47:189:59 | ... + ... | provenance | Config | +| test.c:193:13:193:21 | ... / ... | test.c:174:22:174:22 | p | provenance | | +| test.c:197:23:197:31 | ... / ... | test.c:187:32:187:32 | p | provenance | | +| test.c:199:25:199:33 | ... / ... | test.c:182:34:182:34 | p | provenance | | +| test.c:203:19:203:27 | ... / ... | test.c:203:19:203:27 | ... / ... | provenance | | +| test.c:203:19:203:27 | ... / ... | test.c:205:21:205:31 | ... + ... | provenance | Config | +| test.c:205:21:205:31 | ... + ... | test.c:205:21:205:31 | ... + ... | provenance | | +| test.c:205:21:205:31 | ... + ... | test.c:207:13:207:21 | middleNaN | provenance | | +| test.c:205:21:205:31 | ... + ... | test.c:209:23:209:31 | middleNaN | provenance | | +| test.c:207:13:207:21 | middleNaN | test.c:174:22:174:22 | p | provenance | | +| test.c:209:23:209:31 | middleNaN | test.c:189:32:189:32 | p | provenance | | nodes | test.c:27:14:27:20 | ... / ... | semmle.label | ... / ... | | test.c:27:14:27:20 | ... / ... | semmle.label | ... / ... | @@ -112,25 +112,25 @@ nodes | test.c:155:20:155:27 | l13 | semmle.label | l13 | | test.c:157:23:157:30 | l13 | semmle.label | l13 | | test.c:158:16:158:23 | l13 | semmle.label | l13 | -| test.c:166:3:166:18 | call to pow | semmle.label | call to pow | -| test.c:171:3:171:15 | call to acos | semmle.label | call to acos | -| test.c:175:22:175:22 | p | semmle.label | p | -| test.c:175:27:175:32 | p | semmle.label | p | -| test.c:183:34:183:34 | p | semmle.label | p | -| test.c:185:13:185:18 | p | semmle.label | p | -| test.c:188:32:188:32 | p | semmle.label | p | -| test.c:188:47:188:51 | ... + ... | semmle.label | ... + ... | -| test.c:190:32:190:32 | p | semmle.label | p | -| test.c:190:47:190:59 | ... + ... | semmle.label | ... + ... | -| test.c:190:47:190:59 | ... + ... | semmle.label | ... + ... | -| test.c:190:51:190:59 | ... / ... | semmle.label | ... / ... | -| test.c:195:13:195:21 | ... / ... | semmle.label | ... / ... | -| test.c:199:23:199:31 | ... / ... | semmle.label | ... / ... | -| test.c:201:25:201:33 | ... / ... | semmle.label | ... / ... | -| test.c:205:19:205:27 | ... / ... | semmle.label | ... / ... | -| test.c:205:19:205:27 | ... / ... | semmle.label | ... / ... | -| test.c:207:21:207:31 | ... + ... | semmle.label | ... + ... | -| test.c:207:21:207:31 | ... + ... | semmle.label | ... + ... | -| test.c:209:13:209:21 | middleNaN | semmle.label | middleNaN | -| test.c:211:23:211:31 | middleNaN | semmle.label | middleNaN | -subpaths \ No newline at end of file +| test.c:165:3:165:18 | call to pow | semmle.label | call to pow | +| test.c:170:3:170:15 | call to acos | semmle.label | call to acos | +| test.c:174:22:174:22 | p | semmle.label | p | +| test.c:174:27:174:32 | p | semmle.label | p | +| test.c:182:34:182:34 | p | semmle.label | p | +| test.c:184:13:184:18 | p | semmle.label | p | +| test.c:187:32:187:32 | p | semmle.label | p | +| test.c:187:47:187:51 | ... + ... | semmle.label | ... + ... | +| test.c:189:32:189:32 | p | semmle.label | p | +| test.c:189:47:189:59 | ... + ... | semmle.label | ... + ... | +| test.c:189:47:189:59 | ... + ... | semmle.label | ... + ... | +| test.c:189:51:189:59 | ... / ... | semmle.label | ... / ... | +| test.c:193:13:193:21 | ... / ... | semmle.label | ... / ... | +| test.c:197:23:197:31 | ... / ... | semmle.label | ... / ... | +| test.c:199:25:199:33 | ... / ... | semmle.label | ... / ... | +| test.c:203:19:203:27 | ... / ... | semmle.label | ... / ... | +| test.c:203:19:203:27 | ... / ... | semmle.label | ... / ... | +| test.c:205:21:205:31 | ... + ... | semmle.label | ... + ... | +| test.c:205:21:205:31 | ... + ... | semmle.label | ... + ... | +| test.c:207:13:207:21 | middleNaN | semmle.label | middleNaN | +| test.c:209:23:209:31 | middleNaN | semmle.label | middleNaN | +subpaths diff --git a/c/common/test/rules/misuseofnanfloatingpointvalue/test.c b/c/common/test/rules/misuseofnanfloatingpointvalue/test.c index 5115727115..bd997282f0 100644 --- a/c/common/test/rules/misuseofnanfloatingpointvalue/test.c +++ b/c/common/test/rules/misuseofnanfloatingpointvalue/test.c @@ -160,10 +160,9 @@ void f1(float p1) { (int)pow(2, p1); // COMPLIANT: likely to be Infinity (int)pow(2, sin(p1)); // COMPLIANT: not likely to be Infinity - (int)(1 / - sin(p1)); // COMPLIANT: possible infinity from zero in denominator - (int)(1 / log(p1)); // COMPLIANT: not possibly zero in denominator - (int)pow(p1, p1); // NON_COMPLIANT: NaN if p1 is zero + (int)(1 / sin(p1)); // COMPLIANT: possible infinity from zero in denominator + (int)(1 / log(p1)); // COMPLIANT: not possibly zero in denominator + (int)pow(p1, p1); // NON_COMPLIANT: NaN if p1 is zero if (p1 != 0) { (int)pow(p1, p1); // COMPLIANT: p1 is not zero } @@ -190,8 +189,7 @@ void addInfThenCastToInt(float p) { castToInt(p + 1.0 / 0.0); } void addNaNThenCastToInt(float p) { castToInt(p + 0.0 / 0.0); } void f2() { - castToInt(1.0 / - 0.0); // COMPLIANT: Infinity flows to denominator in division + castToInt(1.0 / 0.0); // COMPLIANT: Infinity flows to denominator in division castToInt(0.0 / 0.0); // COMPLIANT: NaN flows to denominator in division checkBeforeCastToInt(1.0 / 0.0); // COMPLIANT checkBeforeCastToInt(0.0 / 0.0); // COMPLIANT diff --git a/cpp/common/src/codingstandards/cpp/RestrictedRangeAnalysis.qll b/cpp/common/src/codingstandards/cpp/RestrictedRangeAnalysis.qll index 5d955cc117..d92b46335d 100644 --- a/cpp/common/src/codingstandards/cpp/RestrictedRangeAnalysis.qll +++ b/cpp/common/src/codingstandards/cpp/RestrictedRangeAnalysis.qll @@ -1093,8 +1093,9 @@ module RestrictedRangeAnalysis { ( // If the expression evaluates to a constant, then there is no // need to call getUpperBoundsImpl. - if exists(getValue(expr).toFloat()) and - not getValue(expr) = "NaN" + if + exists(getValue(expr).toFloat()) and + not getValue(expr) = "NaN" then result = getValue(expr).toFloat() else ( // Some of the bounds computed by `getUpperBoundsImpl` diff --git a/cpp/common/test/rules/misuseofinfinitefloatingpointvalue/MisuseOfInfiniteFloatingPointValue.expected b/cpp/common/test/rules/misuseofinfinitefloatingpointvalue/MisuseOfInfiniteFloatingPointValue.expected index 6624187d42..45bc2466b6 100644 --- a/cpp/common/test/rules/misuseofinfinitefloatingpointvalue/MisuseOfInfiniteFloatingPointValue.expected +++ b/cpp/common/test/rules/misuseofinfinitefloatingpointvalue/MisuseOfInfiniteFloatingPointValue.expected @@ -3,66 +3,66 @@ problems | test.cpp:13:8:13:9 | l3 | test.cpp:8:14:8:20 | ... / ... | test.cpp:13:8:13:9 | l3 | Possibly infinite float value $@ flows to divisor, which would silently underflow and produce zero. | test.cpp:8:14:8:20 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | | test.cpp:18:20:18:21 | l2 | test.cpp:8:14:8:20 | ... / ... | test.cpp:18:3:18:22 | l2 | Possibly infinite float value $@ flows to cast to integer. | test.cpp:8:14:8:20 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | | test.cpp:19:20:19:21 | l3 | test.cpp:8:14:8:20 | ... / ... | test.cpp:19:3:19:22 | l3 | Possibly infinite float value $@ flows to cast to integer. | test.cpp:8:14:8:20 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | -| test.cpp:27:19:27:20 | l2 | test.cpp:8:14:8:20 | ... / ... | test.cpp:27:19:27:20 | l2 | Possibly infinite float value $@ flows to divisor, which would silently underflow and produce zero. | test.cpp:8:14:8:20 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | -| test.cpp:28:19:28:20 | l3 | test.cpp:8:14:8:20 | ... / ... | test.cpp:28:19:28:20 | l3 | Possibly infinite float value $@ flows to divisor, which would silently underflow and produce zero. | test.cpp:8:14:8:20 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | -| test.cpp:38:20:38:21 | l7 | test.cpp:31:14:32:15 | ... / ... | test.cpp:38:3:38:22 | l7 | Possibly infinite float value $@ flows to cast to integer. | test.cpp:31:14:32:15 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | -| test.cpp:61:22:61:28 | ... / ... | test.cpp:61:5:61:29 | ... / ... | test.cpp:61:5:61:29 | ... / ... | Possibly infinite float value $@ flows to cast to integer. | test.cpp:61:22:61:28 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | -| test.cpp:66:22:66:30 | ... / ... | test.cpp:66:5:66:31 | ... / ... | test.cpp:66:5:66:31 | ... / ... | Possibly infinite float value $@ flows to cast to integer. | test.cpp:66:22:66:30 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | -| test.cpp:72:31:72:39 | ... / ... | test.cpp:72:14:72:40 | ... / ... | test.cpp:72:14:72:40 | ... / ... | Possibly infinite float value $@ flows to cast to integer. | test.cpp:72:31:72:39 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | -| test.cpp:75:35:75:43 | ... / ... | test.cpp:75:18:75:44 | ... / ... | test.cpp:75:18:75:44 | ... / ... | Possibly infinite float value $@ flows to cast to integer. | test.cpp:75:35:75:43 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | -| test.cpp:79:22:79:24 | l12 | test.cpp:77:15:77:21 | ... / ... | test.cpp:79:5:79:25 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.cpp:77:15:77:21 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | -| test.cpp:87:22:87:24 | l12 | test.cpp:77:15:77:21 | ... / ... | test.cpp:87:5:87:25 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.cpp:77:15:77:21 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | -| test.cpp:91:22:91:24 | l12 | test.cpp:77:15:77:21 | ... / ... | test.cpp:91:5:91:25 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.cpp:77:15:77:21 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | -| test.cpp:93:22:93:24 | l12 | test.cpp:77:15:77:21 | ... / ... | test.cpp:93:5:93:25 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.cpp:77:15:77:21 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | -| test.cpp:99:22:99:24 | l12 | test.cpp:77:15:77:21 | ... / ... | test.cpp:99:5:99:25 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.cpp:77:15:77:21 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | -| test.cpp:105:22:105:24 | l12 | test.cpp:77:15:77:21 | ... / ... | test.cpp:105:5:105:25 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.cpp:77:15:77:21 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | -| test.cpp:111:22:111:24 | l12 | test.cpp:77:15:77:21 | ... / ... | test.cpp:111:5:111:25 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.cpp:77:15:77:21 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | -| test.cpp:114:38:114:40 | l12 | test.cpp:77:15:77:21 | ... / ... | test.cpp:114:21:114:41 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.cpp:77:15:77:21 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | -| test.cpp:117:45:117:47 | l12 | test.cpp:77:15:77:21 | ... / ... | test.cpp:117:28:117:48 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.cpp:77:15:77:21 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | -| test.cpp:120:42:120:44 | l12 | test.cpp:77:15:77:21 | ... / ... | test.cpp:120:25:120:45 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.cpp:77:15:77:21 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | -| test.cpp:163:20:164:20 | ... / ... | test.cpp:163:3:164:21 | ... / ... | test.cpp:163:3:164:21 | ... / ... | Possibly infinite float value $@ flows to cast to integer. | test.cpp:163:20:164:20 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | -| test.cpp:175:44:175:44 | p | test.cpp:189:51:189:59 | ... / ... | test.cpp:175:27:175:45 | p | Possibly infinite float value $@ computed in function $@ flows to cast to integer. | test.cpp:189:51:189:59 | ... / ... | from division by zero | test.cpp:189:6:189:24 | addInfThenCastToInt | addInfThenCastToInt | -| test.cpp:175:44:175:44 | p | test.cpp:193:13:194:15 | ... / ... | test.cpp:175:27:175:45 | p | Possibly infinite float value $@ computed in function $@ flows to cast to integer. | test.cpp:193:13:194:15 | ... / ... | from division by zero | test.cpp:192:6:192:7 | f2 | f2 | -| test.cpp:175:44:175:44 | p | test.cpp:204:19:204:27 | ... / ... | test.cpp:175:27:175:45 | p | Possibly infinite float value $@ computed in function $@ flows to cast to integer. | test.cpp:204:19:204:27 | ... / ... | from division by zero | test.cpp:192:6:192:7 | f2 | f2 | -| test.cpp:185:30:185:30 | p | test.cpp:200:25:200:33 | ... / ... | test.cpp:185:13:185:31 | p | Possibly infinite float value $@ computed in function $@ flows to cast to integer. | test.cpp:200:25:200:33 | ... / ... | from division by zero | test.cpp:192:6:192:7 | f2 | f2 | +| test.cpp:29:19:29:20 | l2 | test.cpp:8:14:8:20 | ... / ... | test.cpp:29:19:29:20 | l2 | Possibly infinite float value $@ flows to divisor, which would silently underflow and produce zero. | test.cpp:8:14:8:20 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:30:19:30:20 | l3 | test.cpp:8:14:8:20 | ... / ... | test.cpp:30:19:30:20 | l3 | Possibly infinite float value $@ flows to divisor, which would silently underflow and produce zero. | test.cpp:8:14:8:20 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:40:20:40:21 | l7 | test.cpp:33:14:34:15 | ... / ... | test.cpp:40:3:40:22 | l7 | Possibly infinite float value $@ flows to cast to integer. | test.cpp:33:14:34:15 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:64:9:64:15 | ... / ... | test.cpp:63:5:64:16 | ... / ... | test.cpp:63:5:64:16 | ... / ... | Possibly infinite float value $@ flows to cast to integer. | test.cpp:64:9:64:15 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:70:9:70:17 | ... / ... | test.cpp:69:5:70:18 | ... / ... | test.cpp:69:5:70:18 | ... / ... | Possibly infinite float value $@ flows to cast to integer. | test.cpp:70:9:70:17 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:76:31:76:39 | ... / ... | test.cpp:76:14:76:40 | ... / ... | test.cpp:76:14:76:40 | ... / ... | Possibly infinite float value $@ flows to cast to integer. | test.cpp:76:31:76:39 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:79:35:79:43 | ... / ... | test.cpp:79:18:79:44 | ... / ... | test.cpp:79:18:79:44 | ... / ... | Possibly infinite float value $@ flows to cast to integer. | test.cpp:79:35:79:43 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:83:22:83:24 | l12 | test.cpp:81:15:81:21 | ... / ... | test.cpp:83:5:83:25 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.cpp:81:15:81:21 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:91:22:91:24 | l12 | test.cpp:81:15:81:21 | ... / ... | test.cpp:91:5:91:25 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.cpp:81:15:81:21 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:95:22:95:24 | l12 | test.cpp:81:15:81:21 | ... / ... | test.cpp:95:5:95:25 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.cpp:81:15:81:21 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:97:22:97:24 | l12 | test.cpp:81:15:81:21 | ... / ... | test.cpp:97:5:97:25 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.cpp:81:15:81:21 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:103:22:103:24 | l12 | test.cpp:81:15:81:21 | ... / ... | test.cpp:103:5:103:25 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.cpp:81:15:81:21 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:109:22:109:24 | l12 | test.cpp:81:15:81:21 | ... / ... | test.cpp:109:5:109:25 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.cpp:81:15:81:21 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:115:22:115:24 | l12 | test.cpp:81:15:81:21 | ... / ... | test.cpp:115:5:115:25 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.cpp:81:15:81:21 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:118:38:118:40 | l12 | test.cpp:81:15:81:21 | ... / ... | test.cpp:118:21:118:41 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.cpp:81:15:81:21 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:127:26:127:28 | l12 | test.cpp:81:15:81:21 | ... / ... | test.cpp:127:9:127:29 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.cpp:81:15:81:21 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:133:26:133:28 | l12 | test.cpp:81:15:81:21 | ... / ... | test.cpp:133:9:133:29 | l12 | Possibly infinite float value $@ flows to cast to integer. | test.cpp:81:15:81:21 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:188:7:189:17 | ... / ... | test.cpp:187:3:189:18 | ... / ... | test.cpp:187:3:189:18 | ... / ... | Possibly infinite float value $@ flows to cast to integer. | test.cpp:188:7:189:17 | ... / ... | from division by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:202:44:202:44 | p | test.cpp:216:51:216:59 | ... / ... | test.cpp:202:27:202:45 | p | Possibly infinite float value $@ computed in function $@ flows to cast to integer. | test.cpp:216:51:216:59 | ... / ... | from division by zero | test.cpp:216:6:216:24 | addInfThenCastToInt | addInfThenCastToInt | +| test.cpp:202:44:202:44 | p | test.cpp:220:13:221:15 | ... / ... | test.cpp:202:27:202:45 | p | Possibly infinite float value $@ computed in function $@ flows to cast to integer. | test.cpp:220:13:221:15 | ... / ... | from division by zero | test.cpp:219:6:219:7 | f2 | f2 | +| test.cpp:202:44:202:44 | p | test.cpp:231:19:231:27 | ... / ... | test.cpp:202:27:202:45 | p | Possibly infinite float value $@ computed in function $@ flows to cast to integer. | test.cpp:231:19:231:27 | ... / ... | from division by zero | test.cpp:219:6:219:7 | f2 | f2 | +| test.cpp:212:30:212:30 | p | test.cpp:227:25:227:33 | ... / ... | test.cpp:212:13:212:31 | p | Possibly infinite float value $@ computed in function $@ flows to cast to integer. | test.cpp:227:25:227:33 | ... / ... | from division by zero | test.cpp:219:6:219:7 | f2 | f2 | edges | test.cpp:8:14:8:20 | ... / ... | test.cpp:8:14:8:20 | ... / ... | provenance | | | test.cpp:8:14:8:20 | ... / ... | test.cpp:9:14:9:16 | - ... | provenance | Config | | test.cpp:8:14:8:20 | ... / ... | test.cpp:12:8:12:9 | l2 | provenance | | | test.cpp:8:14:8:20 | ... / ... | test.cpp:18:3:18:22 | l2 | provenance | | -| test.cpp:8:14:8:20 | ... / ... | test.cpp:27:19:27:20 | l2 | provenance | | +| test.cpp:8:14:8:20 | ... / ... | test.cpp:29:19:29:20 | l2 | provenance | | | test.cpp:9:14:9:16 | - ... | test.cpp:9:14:9:16 | - ... | provenance | | | test.cpp:9:14:9:16 | - ... | test.cpp:13:8:13:9 | l3 | provenance | | | test.cpp:9:14:9:16 | - ... | test.cpp:19:3:19:22 | l3 | provenance | | -| test.cpp:9:14:9:16 | - ... | test.cpp:28:19:28:20 | l3 | provenance | | -| test.cpp:31:14:32:15 | ... / ... | test.cpp:31:14:32:15 | ... / ... | provenance | | -| test.cpp:31:14:32:15 | ... / ... | test.cpp:38:3:38:22 | l7 | provenance | | -| test.cpp:77:15:77:21 | ... / ... | test.cpp:77:15:77:21 | ... / ... | provenance | | -| test.cpp:77:15:77:21 | ... / ... | test.cpp:79:5:79:25 | l12 | provenance | | -| test.cpp:77:15:77:21 | ... / ... | test.cpp:87:5:87:25 | l12 | provenance | | -| test.cpp:77:15:77:21 | ... / ... | test.cpp:91:5:91:25 | l12 | provenance | | -| test.cpp:77:15:77:21 | ... / ... | test.cpp:93:5:93:25 | l12 | provenance | | -| test.cpp:77:15:77:21 | ... / ... | test.cpp:99:5:99:25 | l12 | provenance | | -| test.cpp:77:15:77:21 | ... / ... | test.cpp:105:5:105:25 | l12 | provenance | | -| test.cpp:77:15:77:21 | ... / ... | test.cpp:111:5:111:25 | l12 | provenance | | -| test.cpp:77:15:77:21 | ... / ... | test.cpp:114:21:114:41 | l12 | provenance | | -| test.cpp:77:15:77:21 | ... / ... | test.cpp:117:28:117:48 | l12 | provenance | | -| test.cpp:77:15:77:21 | ... / ... | test.cpp:120:25:120:45 | l12 | provenance | | -| test.cpp:175:22:175:22 | p | test.cpp:175:27:175:45 | p | provenance | | -| test.cpp:183:34:183:34 | p | test.cpp:185:13:185:31 | p | provenance | | -| test.cpp:189:32:189:32 | p | test.cpp:189:47:189:59 | ... + ... | provenance | Config | -| test.cpp:189:47:189:59 | ... + ... | test.cpp:175:22:175:22 | p | provenance | | -| test.cpp:189:47:189:59 | ... + ... | test.cpp:175:22:175:22 | p | provenance | | -| test.cpp:189:51:189:59 | ... / ... | test.cpp:189:47:189:59 | ... + ... | provenance | Config | -| test.cpp:193:13:194:15 | ... / ... | test.cpp:175:22:175:22 | p | provenance | | -| test.cpp:200:25:200:33 | ... / ... | test.cpp:183:34:183:34 | p | provenance | | -| test.cpp:204:19:204:27 | ... / ... | test.cpp:204:19:204:27 | ... / ... | provenance | | -| test.cpp:204:19:204:27 | ... / ... | test.cpp:206:21:206:31 | ... + ... | provenance | Config | -| test.cpp:206:21:206:31 | ... + ... | test.cpp:206:21:206:31 | ... + ... | provenance | | -| test.cpp:206:21:206:31 | ... + ... | test.cpp:208:13:208:21 | middleInf | provenance | | -| test.cpp:206:21:206:31 | ... + ... | test.cpp:210:23:210:31 | middleInf | provenance | | -| test.cpp:208:13:208:21 | middleInf | test.cpp:175:22:175:22 | p | provenance | | -| test.cpp:210:23:210:31 | middleInf | test.cpp:189:32:189:32 | p | provenance | | +| test.cpp:9:14:9:16 | - ... | test.cpp:30:19:30:20 | l3 | provenance | | +| test.cpp:33:14:34:15 | ... / ... | test.cpp:33:14:34:15 | ... / ... | provenance | | +| test.cpp:33:14:34:15 | ... / ... | test.cpp:40:3:40:22 | l7 | provenance | | +| test.cpp:81:15:81:21 | ... / ... | test.cpp:81:15:81:21 | ... / ... | provenance | | +| test.cpp:81:15:81:21 | ... / ... | test.cpp:83:5:83:25 | l12 | provenance | | +| test.cpp:81:15:81:21 | ... / ... | test.cpp:91:5:91:25 | l12 | provenance | | +| test.cpp:81:15:81:21 | ... / ... | test.cpp:95:5:95:25 | l12 | provenance | | +| test.cpp:81:15:81:21 | ... / ... | test.cpp:97:5:97:25 | l12 | provenance | | +| test.cpp:81:15:81:21 | ... / ... | test.cpp:103:5:103:25 | l12 | provenance | | +| test.cpp:81:15:81:21 | ... / ... | test.cpp:109:5:109:25 | l12 | provenance | | +| test.cpp:81:15:81:21 | ... / ... | test.cpp:115:5:115:25 | l12 | provenance | | +| test.cpp:81:15:81:21 | ... / ... | test.cpp:118:21:118:41 | l12 | provenance | | +| test.cpp:81:15:81:21 | ... / ... | test.cpp:127:9:127:29 | l12 | provenance | | +| test.cpp:81:15:81:21 | ... / ... | test.cpp:133:9:133:29 | l12 | provenance | | +| test.cpp:202:22:202:22 | p | test.cpp:202:27:202:45 | p | provenance | | +| test.cpp:210:34:210:34 | p | test.cpp:212:13:212:31 | p | provenance | | +| test.cpp:216:32:216:32 | p | test.cpp:216:47:216:59 | ... + ... | provenance | Config | +| test.cpp:216:47:216:59 | ... + ... | test.cpp:202:22:202:22 | p | provenance | | +| test.cpp:216:47:216:59 | ... + ... | test.cpp:202:22:202:22 | p | provenance | | +| test.cpp:216:51:216:59 | ... / ... | test.cpp:216:47:216:59 | ... + ... | provenance | Config | +| test.cpp:220:13:221:15 | ... / ... | test.cpp:202:22:202:22 | p | provenance | | +| test.cpp:227:25:227:33 | ... / ... | test.cpp:210:34:210:34 | p | provenance | | +| test.cpp:231:19:231:27 | ... / ... | test.cpp:231:19:231:27 | ... / ... | provenance | | +| test.cpp:231:19:231:27 | ... / ... | test.cpp:233:21:233:31 | ... + ... | provenance | Config | +| test.cpp:233:21:233:31 | ... + ... | test.cpp:233:21:233:31 | ... + ... | provenance | | +| test.cpp:233:21:233:31 | ... + ... | test.cpp:235:13:235:21 | middleInf | provenance | | +| test.cpp:233:21:233:31 | ... + ... | test.cpp:237:23:237:31 | middleInf | provenance | | +| test.cpp:235:13:235:21 | middleInf | test.cpp:202:22:202:22 | p | provenance | | +| test.cpp:237:23:237:31 | middleInf | test.cpp:216:32:216:32 | p | provenance | | nodes | test.cpp:8:14:8:20 | ... / ... | semmle.label | ... / ... | | test.cpp:8:14:8:20 | ... / ... | semmle.label | ... / ... | @@ -72,42 +72,42 @@ nodes | test.cpp:13:8:13:9 | l3 | semmle.label | l3 | | test.cpp:18:3:18:22 | l2 | semmle.label | l2 | | test.cpp:19:3:19:22 | l3 | semmle.label | l3 | -| test.cpp:27:19:27:20 | l2 | semmle.label | l2 | -| test.cpp:28:19:28:20 | l3 | semmle.label | l3 | -| test.cpp:31:14:32:15 | ... / ... | semmle.label | ... / ... | -| test.cpp:31:14:32:15 | ... / ... | semmle.label | ... / ... | -| test.cpp:38:3:38:22 | l7 | semmle.label | l7 | -| test.cpp:61:5:61:29 | ... / ... | semmle.label | ... / ... | -| test.cpp:66:5:66:31 | ... / ... | semmle.label | ... / ... | -| test.cpp:72:14:72:40 | ... / ... | semmle.label | ... / ... | -| test.cpp:75:18:75:44 | ... / ... | semmle.label | ... / ... | -| test.cpp:77:15:77:21 | ... / ... | semmle.label | ... / ... | -| test.cpp:77:15:77:21 | ... / ... | semmle.label | ... / ... | -| test.cpp:79:5:79:25 | l12 | semmle.label | l12 | -| test.cpp:87:5:87:25 | l12 | semmle.label | l12 | +| test.cpp:29:19:29:20 | l2 | semmle.label | l2 | +| test.cpp:30:19:30:20 | l3 | semmle.label | l3 | +| test.cpp:33:14:34:15 | ... / ... | semmle.label | ... / ... | +| test.cpp:33:14:34:15 | ... / ... | semmle.label | ... / ... | +| test.cpp:40:3:40:22 | l7 | semmle.label | l7 | +| test.cpp:63:5:64:16 | ... / ... | semmle.label | ... / ... | +| test.cpp:69:5:70:18 | ... / ... | semmle.label | ... / ... | +| test.cpp:76:14:76:40 | ... / ... | semmle.label | ... / ... | +| test.cpp:79:18:79:44 | ... / ... | semmle.label | ... / ... | +| test.cpp:81:15:81:21 | ... / ... | semmle.label | ... / ... | +| test.cpp:81:15:81:21 | ... / ... | semmle.label | ... / ... | +| test.cpp:83:5:83:25 | l12 | semmle.label | l12 | | test.cpp:91:5:91:25 | l12 | semmle.label | l12 | -| test.cpp:93:5:93:25 | l12 | semmle.label | l12 | -| test.cpp:99:5:99:25 | l12 | semmle.label | l12 | -| test.cpp:105:5:105:25 | l12 | semmle.label | l12 | -| test.cpp:111:5:111:25 | l12 | semmle.label | l12 | -| test.cpp:114:21:114:41 | l12 | semmle.label | l12 | -| test.cpp:117:28:117:48 | l12 | semmle.label | l12 | -| test.cpp:120:25:120:45 | l12 | semmle.label | l12 | -| test.cpp:163:3:164:21 | ... / ... | semmle.label | ... / ... | -| test.cpp:175:22:175:22 | p | semmle.label | p | -| test.cpp:175:27:175:45 | p | semmle.label | p | -| test.cpp:183:34:183:34 | p | semmle.label | p | -| test.cpp:185:13:185:31 | p | semmle.label | p | -| test.cpp:189:32:189:32 | p | semmle.label | p | -| test.cpp:189:47:189:59 | ... + ... | semmle.label | ... + ... | -| test.cpp:189:47:189:59 | ... + ... | semmle.label | ... + ... | -| test.cpp:189:51:189:59 | ... / ... | semmle.label | ... / ... | -| test.cpp:193:13:194:15 | ... / ... | semmle.label | ... / ... | -| test.cpp:200:25:200:33 | ... / ... | semmle.label | ... / ... | -| test.cpp:204:19:204:27 | ... / ... | semmle.label | ... / ... | -| test.cpp:204:19:204:27 | ... / ... | semmle.label | ... / ... | -| test.cpp:206:21:206:31 | ... + ... | semmle.label | ... + ... | -| test.cpp:206:21:206:31 | ... + ... | semmle.label | ... + ... | -| test.cpp:208:13:208:21 | middleInf | semmle.label | middleInf | -| test.cpp:210:23:210:31 | middleInf | semmle.label | middleInf | +| test.cpp:95:5:95:25 | l12 | semmle.label | l12 | +| test.cpp:97:5:97:25 | l12 | semmle.label | l12 | +| test.cpp:103:5:103:25 | l12 | semmle.label | l12 | +| test.cpp:109:5:109:25 | l12 | semmle.label | l12 | +| test.cpp:115:5:115:25 | l12 | semmle.label | l12 | +| test.cpp:118:21:118:41 | l12 | semmle.label | l12 | +| test.cpp:127:9:127:29 | l12 | semmle.label | l12 | +| test.cpp:133:9:133:29 | l12 | semmle.label | l12 | +| test.cpp:187:3:189:18 | ... / ... | semmle.label | ... / ... | +| test.cpp:202:22:202:22 | p | semmle.label | p | +| test.cpp:202:27:202:45 | p | semmle.label | p | +| test.cpp:210:34:210:34 | p | semmle.label | p | +| test.cpp:212:13:212:31 | p | semmle.label | p | +| test.cpp:216:32:216:32 | p | semmle.label | p | +| test.cpp:216:47:216:59 | ... + ... | semmle.label | ... + ... | +| test.cpp:216:47:216:59 | ... + ... | semmle.label | ... + ... | +| test.cpp:216:51:216:59 | ... / ... | semmle.label | ... / ... | +| test.cpp:220:13:221:15 | ... / ... | semmle.label | ... / ... | +| test.cpp:227:25:227:33 | ... / ... | semmle.label | ... / ... | +| test.cpp:231:19:231:27 | ... / ... | semmle.label | ... / ... | +| test.cpp:231:19:231:27 | ... / ... | semmle.label | ... / ... | +| test.cpp:233:21:233:31 | ... + ... | semmle.label | ... + ... | +| test.cpp:233:21:233:31 | ... + ... | semmle.label | ... + ... | +| test.cpp:235:13:235:21 | middleInf | semmle.label | middleInf | +| test.cpp:237:23:237:31 | middleInf | semmle.label | middleInf | subpaths diff --git a/cpp/common/test/rules/misuseofinfinitefloatingpointvalue/test.cpp b/cpp/common/test/rules/misuseofinfinitefloatingpointvalue/test.cpp index e9067d8ce7..a0624ccbf3 100644 --- a/cpp/common/test/rules/misuseofinfinitefloatingpointvalue/test.cpp +++ b/cpp/common/test/rules/misuseofinfinitefloatingpointvalue/test.cpp @@ -14,11 +14,13 @@ void f1(float p1) { 10 / p1; // COMPLIANT: Reduce false positives by assuming not infinity 10 / getFloat(); // COMPLIANT: Reduce false positives by assuming not infinity - static_cast(l1); // COMPLIANT - static_cast(l2); // NON_COMPLIANT - static_cast(l3); // NON_COMPLIANT - static_cast(p1); // COMPLIANT: Reduce false positives by assuming not infinity - static_cast(getFloat()); // COMPLIANT: Reduce false positives by assuming not infinity + static_cast(l1); // COMPLIANT + static_cast(l2); // NON_COMPLIANT + static_cast(l3); // NON_COMPLIANT + static_cast( + p1); // COMPLIANT: Reduce false positives by assuming not infinity + static_cast( + getFloat()); // COMPLIANT: Reduce false positives by assuming not infinity // Not NaN: float l4 = l1 / l1; // COMPLIANT @@ -58,12 +60,14 @@ void f1(float p1) { if (l9 != 0) { static_cast(l9 / l9); // COMPLIANT: l9 is not zero } else { - static_cast(l9 / l9); // NON_COMPLIANT[False positive]: Guarded to not be NaN + static_cast( + l9 / l9); // NON_COMPLIANT[False positive]: Guarded to not be NaN } float l10 = 0; if (l10 == 0) { - static_cast(l10 / l10); // NON_COMPLIANT[False positive]: Casting NaN to integer + static_cast( + l10 / l10); // NON_COMPLIANT[False positive]: Casting NaN to integer } else { static_cast(l10 / l10); // COMPLIANT: Guarded to not be NaN } @@ -111,13 +115,22 @@ void f1(float p1) { static_cast(l12); // NON_COMPLIANT: Casting Infinity to integer } - std::isinf(l12) ? static_cast(l12) : 0; // NON_COMPLIANT: Check on wrong branch - std::isinf(l12) ? 0 : static_cast(l12); // COMPLIANT: Checked not infinite before use - std::isfinite(l12) ? static_cast(l12) : 0; // COMPLIANT: Checked finite before use - std::isfinite(l12) ? 0 : static_cast(l12); // NON_COMPLIANT: Checked on wrong branch - std::isnan(l12) ? static_cast(l12) - : 0; // COMPLIANT: Checked NaN, therefore not infinite, before use - std::isnan(l12) ? 0 : static_cast(l12); // NON_COMPLIANT: Check on wrong branch + std::isinf(l12) ? static_cast(l12) + : 0; // NON_COMPLIANT: Check on wrong branch + std::isinf(l12) + ? 0 + : static_cast(l12); // COMPLIANT: Checked not infinite before use + std::isfinite(l12) ? static_cast(l12) + : 0; // COMPLIANT: Checked finite before use + std::isfinite(l12) + ? 0 + : static_cast(l12); // NON_COMPLIANT: Checked on wrong branch + std::isnan(l12) + ? static_cast(l12) + : 0; // COMPLIANT: Checked NaN, therefore not infinite, before use + std::isnan(l12) + ? 0 + : static_cast(l12); // NON_COMPLIANT: Check on wrong branch float l13 = 0.0 / 0; if (std::isinf(l13)) { @@ -127,7 +140,8 @@ void f1(float p1) { } if (std::isinf(l13) == 1) { - static_cast(l13); // COMPLIANT: Guarded not to be NaN (must be +Infinity) + static_cast( + l13); // COMPLIANT: Guarded not to be NaN (must be +Infinity) } else { static_cast(l13); // COMPLIANT: Casting NaN to integer } @@ -150,26 +164,39 @@ void f1(float p1) { static_cast(l13); // COMPLIANT: Guarded not to be NaN } - std::isinf(l13) ? static_cast(l13) - : 0; // COMPLIANT: Checked infinite, therefore not NaN, before use - std::isinf(l13) ? 0 : static_cast(l13); // COMPLIANT: Check on wrong branch - std::isfinite(l13) ? static_cast(l13) : 0; // COMPLIANT: Checked finite before use - std::isfinite(l13) ? 0 : static_cast(l13); // COMPLIANT: Checked on wrong branch - std::isnan(l13) ? static_cast(l13) : 0; // COMPLIANT: Check on wrong branch - std::isnan(l13) ? 0 : static_cast(l13); // COMPLIANT: Checked not NaN before use - - static_cast(std::pow(2, p1)); // NON_COMPLIANT[False negative]: likely to be Infinity - static_cast(std::pow(2, std::sin(p1))); // COMPLIANT: not likely to be Infinity + std::isinf(l13) + ? static_cast(l13) + : 0; // COMPLIANT: Checked infinite, therefore not NaN, before use + std::isinf(l13) ? 0 + : static_cast(l13); // COMPLIANT: Check on wrong branch + std::isfinite(l13) ? static_cast(l13) + : 0; // COMPLIANT: Checked finite before use + std::isfinite(l13) + ? 0 + : static_cast(l13); // COMPLIANT: Checked on wrong branch + std::isnan(l13) ? static_cast(l13) + : 0; // COMPLIANT: Check on wrong branch + std::isnan(l13) + ? 0 + : static_cast(l13); // COMPLIANT: Checked not NaN before use + + static_cast( + std::pow(2, p1)); // NON_COMPLIANT[False negative]: likely to be Infinity + static_cast( + std::pow(2, std::sin(p1))); // COMPLIANT: not likely to be Infinity + static_cast( + 1 / std::sin( + p1)); // NON_COMPLIANT: possible infinity from zero in denominator static_cast(1 / - std::sin(p1)); // NON_COMPLIANT: possible infinity from zero in denominator - static_cast(1 / std::log(p1)); // COMPLIANT: not possibly zero in denominator - static_cast(std::pow(p1, p1)); // COMPLIANT: NaN if p1 is zero + std::log(p1)); // COMPLIANT: not possibly zero in denominator + static_cast(std::pow(p1, p1)); // COMPLIANT: NaN if p1 is zero if (p1 != 0) { static_cast(std::pow(p1, p1)); // COMPLIANT: p1 is not zero } - static_cast(std::acos(p1)); // COMPLIANT: NaN if p1 is not within -1..1 - static_cast(std::acos(std::cos(p1))); // COMPLIANT: cos(p1) is within -1..1 + static_cast(std::acos(p1)); // COMPLIANT: NaN if p1 is not within -1..1 + static_cast( + std::acos(std::cos(p1))); // COMPLIANT: cos(p1) is within -1..1 } void castToInt(float p) { static_cast(p); } @@ -192,7 +219,7 @@ void addNaNThenCastToInt(float p) { castToInt(p + 0.0 / 0.0); } void f2() { castToInt(1.0 / 0.0); // NON_COMPLIANT: Infinity flows to denominator in division - castToInt(0.0 / 0.0); // COMPLIANT + castToInt(0.0 / 0.0); // COMPLIANT checkBeforeCastToInt(1.0 / 0.0); // COMPLIANT checkBeforeCastToInt(0.0 / 0.0); // COMPLIANT addOneThenCastToInt(1.0 / 0.0); // NON_COMPLIANT[False negative] diff --git a/cpp/common/test/rules/misuseofnanfloatingpointvalue/MisuseOfNaNFloatingPointValue.expected b/cpp/common/test/rules/misuseofnanfloatingpointvalue/MisuseOfNaNFloatingPointValue.expected index 576327fb21..5e4d3cacd7 100644 --- a/cpp/common/test/rules/misuseofnanfloatingpointvalue/MisuseOfNaNFloatingPointValue.expected +++ b/cpp/common/test/rules/misuseofnanfloatingpointvalue/MisuseOfNaNFloatingPointValue.expected @@ -16,21 +16,21 @@ problems | test.cpp:66:11:66:19 | ... / ... | test.cpp:66:5:66:20 | ... / ... | test.cpp:66:5:66:20 | ... / ... | Possible NaN value $@ flows to a cast to integer. | test.cpp:66:11:66:19 | ... / ... | from division of zero by zero | test.cpp:6:6:6:7 | f1 | f1 | | test.cpp:72:20:72:28 | ... / ... | test.cpp:72:14:72:29 | ... / ... | test.cpp:72:14:72:29 | ... / ... | Possible NaN value $@ flows to a cast to integer. | test.cpp:72:20:72:28 | ... / ... | from division of zero by zero | test.cpp:6:6:6:7 | f1 | f1 | | test.cpp:75:24:75:32 | ... / ... | test.cpp:75:18:75:33 | ... / ... | test.cpp:75:18:75:33 | ... / ... | Possible NaN value $@ flows to a cast to integer. | test.cpp:75:24:75:32 | ... / ... | from division of zero by zero | test.cpp:6:6:6:7 | f1 | f1 | -| test.cpp:126:10:126:12 | l13 | test.cpp:122:15:122:21 | ... / ... | test.cpp:126:5:126:12 | l13 | Possible NaN value $@ flows to a cast to integer. | test.cpp:122:15:122:21 | ... / ... | from division of zero by zero | test.cpp:6:6:6:7 | f1 | f1 | -| test.cpp:132:10:132:12 | l13 | test.cpp:122:15:122:21 | ... / ... | test.cpp:132:5:132:12 | l13 | Possible NaN value $@ flows to a cast to integer. | test.cpp:122:15:122:21 | ... / ... | from division of zero by zero | test.cpp:6:6:6:7 | f1 | f1 | -| test.cpp:138:10:138:12 | l13 | test.cpp:122:15:122:21 | ... / ... | test.cpp:138:5:138:12 | l13 | Possible NaN value $@ flows to a cast to integer. | test.cpp:122:15:122:21 | ... / ... | from division of zero by zero | test.cpp:6:6:6:7 | f1 | f1 | -| test.cpp:144:10:144:12 | l13 | test.cpp:122:15:122:21 | ... / ... | test.cpp:144:5:144:12 | l13 | Possible NaN value $@ flows to a cast to integer. | test.cpp:122:15:122:21 | ... / ... | from division of zero by zero | test.cpp:6:6:6:7 | f1 | f1 | -| test.cpp:148:10:148:12 | l13 | test.cpp:122:15:122:21 | ... / ... | test.cpp:148:5:148:12 | l13 | Possible NaN value $@ flows to a cast to integer. | test.cpp:122:15:122:21 | ... / ... | from division of zero by zero | test.cpp:6:6:6:7 | f1 | f1 | -| test.cpp:155:30:155:32 | l13 | test.cpp:122:15:122:21 | ... / ... | test.cpp:155:25:155:32 | l13 | Possible NaN value $@ flows to a cast to integer. | test.cpp:122:15:122:21 | ... / ... | from division of zero by zero | test.cpp:6:6:6:7 | f1 | f1 | -| test.cpp:157:33:157:35 | l13 | test.cpp:122:15:122:21 | ... / ... | test.cpp:157:28:157:35 | l13 | Possible NaN value $@ flows to a cast to integer. | test.cpp:122:15:122:21 | ... / ... | from division of zero by zero | test.cpp:6:6:6:7 | f1 | f1 | -| test.cpp:158:26:158:28 | l13 | test.cpp:122:15:122:21 | ... / ... | test.cpp:158:21:158:28 | l13 | Possible NaN value $@ flows to a cast to integer. | test.cpp:122:15:122:21 | ... / ... | from division of zero by zero | test.cpp:6:6:6:7 | f1 | f1 | -| test.cpp:166:8:166:15 | call to pow | test.cpp:166:3:166:23 | call to pow | test.cpp:166:3:166:23 | call to pow | Possible NaN value $@ flows to a cast to integer. | test.cpp:166:8:166:15 | call to pow | both arguments are equal to zero | test.cpp:6:6:6:7 | f1 | f1 | -| test.cpp:171:8:171:16 | call to acos | test.cpp:171:3:171:20 | call to acos | test.cpp:171:3:171:20 | call to acos | Possible NaN value $@ flows to a cast to integer. | test.cpp:171:8:171:16 | call to acos | the argument has a range -1000000000000000...1000000000000000 which is outside the domain of this function (-1.0...1.0) | test.cpp:6:6:6:7 | f1 | f1 | -| test.cpp:175:32:175:32 | p | test.cpp:190:51:190:59 | ... / ... | test.cpp:175:27:175:32 | p | Possible NaN value $@ computed in function $@ flows to a cast to integer. | test.cpp:190:51:190:59 | ... / ... | from division of zero by zero | test.cpp:190:6:190:24 | addNaNThenCastToInt | addNaNThenCastToInt | -| test.cpp:175:32:175:32 | p | test.cpp:195:13:195:21 | ... / ... | test.cpp:175:27:175:32 | p | Possible NaN value $@ computed in function $@ flows to a cast to integer. | test.cpp:195:13:195:21 | ... / ... | from division of zero by zero | test.cpp:192:6:192:7 | f2 | f2 | -| test.cpp:175:32:175:32 | p | test.cpp:199:23:199:31 | ... / ... | test.cpp:175:27:175:32 | p | Possible NaN value $@ computed in function $@ flows to a cast to integer. | test.cpp:199:23:199:31 | ... / ... | from division of zero by zero | test.cpp:192:6:192:7 | f2 | f2 | -| test.cpp:175:32:175:32 | p | test.cpp:205:19:205:27 | ... / ... | test.cpp:175:27:175:32 | p | Possible NaN value $@ computed in function $@ flows to a cast to integer. | test.cpp:205:19:205:27 | ... / ... | from division of zero by zero | test.cpp:192:6:192:7 | f2 | f2 | -| test.cpp:185:18:185:18 | p | test.cpp:201:25:201:33 | ... / ... | test.cpp:185:13:185:18 | p | Possible NaN value $@ computed in function $@ flows to a cast to integer. | test.cpp:201:25:201:33 | ... / ... | from division of zero by zero | test.cpp:192:6:192:7 | f2 | f2 | +| test.cpp:127:10:127:12 | l13 | test.cpp:123:15:123:21 | ... / ... | test.cpp:127:5:127:12 | l13 | Possible NaN value $@ flows to a cast to integer. | test.cpp:123:15:123:21 | ... / ... | from division of zero by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:133:10:133:12 | l13 | test.cpp:123:15:123:21 | ... / ... | test.cpp:133:5:133:12 | l13 | Possible NaN value $@ flows to a cast to integer. | test.cpp:123:15:123:21 | ... / ... | from division of zero by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:139:10:139:12 | l13 | test.cpp:123:15:123:21 | ... / ... | test.cpp:139:5:139:12 | l13 | Possible NaN value $@ flows to a cast to integer. | test.cpp:123:15:123:21 | ... / ... | from division of zero by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:145:10:145:12 | l13 | test.cpp:123:15:123:21 | ... / ... | test.cpp:145:5:145:12 | l13 | Possible NaN value $@ flows to a cast to integer. | test.cpp:123:15:123:21 | ... / ... | from division of zero by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:149:10:149:12 | l13 | test.cpp:123:15:123:21 | ... / ... | test.cpp:149:5:149:12 | l13 | Possible NaN value $@ flows to a cast to integer. | test.cpp:123:15:123:21 | ... / ... | from division of zero by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:157:30:157:32 | l13 | test.cpp:123:15:123:21 | ... / ... | test.cpp:157:25:157:32 | l13 | Possible NaN value $@ flows to a cast to integer. | test.cpp:123:15:123:21 | ... / ... | from division of zero by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:159:33:159:35 | l13 | test.cpp:123:15:123:21 | ... / ... | test.cpp:159:28:159:35 | l13 | Possible NaN value $@ flows to a cast to integer. | test.cpp:123:15:123:21 | ... / ... | from division of zero by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:160:26:160:28 | l13 | test.cpp:123:15:123:21 | ... / ... | test.cpp:160:21:160:28 | l13 | Possible NaN value $@ flows to a cast to integer. | test.cpp:123:15:123:21 | ... / ... | from division of zero by zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:168:8:168:15 | call to pow | test.cpp:168:3:168:23 | call to pow | test.cpp:168:3:168:23 | call to pow | Possible NaN value $@ flows to a cast to integer. | test.cpp:168:8:168:15 | call to pow | both arguments are equal to zero | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:173:8:173:16 | call to acos | test.cpp:173:3:173:20 | call to acos | test.cpp:173:3:173:20 | call to acos | Possible NaN value $@ flows to a cast to integer. | test.cpp:173:8:173:16 | call to acos | the argument has a range -1000000000000000...1000000000000000 which is outside the domain of this function (-1.0...1.0) | test.cpp:6:6:6:7 | f1 | f1 | +| test.cpp:177:32:177:32 | p | test.cpp:192:51:192:59 | ... / ... | test.cpp:177:27:177:32 | p | Possible NaN value $@ computed in function $@ flows to a cast to integer. | test.cpp:192:51:192:59 | ... / ... | from division of zero by zero | test.cpp:192:6:192:24 | addNaNThenCastToInt | addNaNThenCastToInt | +| test.cpp:177:32:177:32 | p | test.cpp:196:13:196:21 | ... / ... | test.cpp:177:27:177:32 | p | Possible NaN value $@ computed in function $@ flows to a cast to integer. | test.cpp:196:13:196:21 | ... / ... | from division of zero by zero | test.cpp:194:6:194:7 | f2 | f2 | +| test.cpp:177:32:177:32 | p | test.cpp:200:23:200:31 | ... / ... | test.cpp:177:27:177:32 | p | Possible NaN value $@ computed in function $@ flows to a cast to integer. | test.cpp:200:23:200:31 | ... / ... | from division of zero by zero | test.cpp:194:6:194:7 | f2 | f2 | +| test.cpp:177:32:177:32 | p | test.cpp:206:19:206:27 | ... / ... | test.cpp:177:27:177:32 | p | Possible NaN value $@ computed in function $@ flows to a cast to integer. | test.cpp:206:19:206:27 | ... / ... | from division of zero by zero | test.cpp:194:6:194:7 | f2 | f2 | +| test.cpp:187:18:187:18 | p | test.cpp:202:25:202:33 | ... / ... | test.cpp:187:13:187:18 | p | Possible NaN value $@ computed in function $@ flows to a cast to integer. | test.cpp:202:25:202:33 | ... / ... | from division of zero by zero | test.cpp:194:6:194:7 | f2 | f2 | edges | test.cpp:27:14:27:20 | ... / ... | test.cpp:27:14:27:20 | ... / ... | provenance | | | test.cpp:27:14:27:20 | ... / ... | test.cpp:36:3:36:9 | l5 | provenance | | @@ -49,33 +49,33 @@ edges | test.cpp:33:14:33:22 | ... / ... | test.cpp:33:14:33:22 | ... / ... | provenance | | | test.cpp:33:14:33:22 | ... / ... | test.cpp:39:3:39:9 | l8 | provenance | | | test.cpp:33:14:33:22 | ... / ... | test.cpp:54:3:54:4 | l8 | provenance | | -| test.cpp:122:15:122:21 | ... / ... | test.cpp:122:15:122:21 | ... / ... | provenance | | -| test.cpp:122:15:122:21 | ... / ... | test.cpp:126:5:126:12 | l13 | provenance | | -| test.cpp:122:15:122:21 | ... / ... | test.cpp:132:5:132:12 | l13 | provenance | | -| test.cpp:122:15:122:21 | ... / ... | test.cpp:138:5:138:12 | l13 | provenance | | -| test.cpp:122:15:122:21 | ... / ... | test.cpp:144:5:144:12 | l13 | provenance | | -| test.cpp:122:15:122:21 | ... / ... | test.cpp:148:5:148:12 | l13 | provenance | | -| test.cpp:122:15:122:21 | ... / ... | test.cpp:155:25:155:32 | l13 | provenance | | -| test.cpp:122:15:122:21 | ... / ... | test.cpp:157:28:157:35 | l13 | provenance | | -| test.cpp:122:15:122:21 | ... / ... | test.cpp:158:21:158:28 | l13 | provenance | | -| test.cpp:175:22:175:22 | p | test.cpp:175:27:175:32 | p | provenance | | -| test.cpp:183:34:183:34 | p | test.cpp:185:13:185:18 | p | provenance | | -| test.cpp:188:32:188:32 | p | test.cpp:188:47:188:51 | ... + ... | provenance | Config | -| test.cpp:188:47:188:51 | ... + ... | test.cpp:175:22:175:22 | p | provenance | | -| test.cpp:190:32:190:32 | p | test.cpp:190:47:190:59 | ... + ... | provenance | Config | -| test.cpp:190:47:190:59 | ... + ... | test.cpp:175:22:175:22 | p | provenance | | -| test.cpp:190:47:190:59 | ... + ... | test.cpp:175:22:175:22 | p | provenance | | -| test.cpp:190:51:190:59 | ... / ... | test.cpp:190:47:190:59 | ... + ... | provenance | Config | -| test.cpp:195:13:195:21 | ... / ... | test.cpp:175:22:175:22 | p | provenance | | -| test.cpp:199:23:199:31 | ... / ... | test.cpp:188:32:188:32 | p | provenance | | -| test.cpp:201:25:201:33 | ... / ... | test.cpp:183:34:183:34 | p | provenance | | -| test.cpp:205:19:205:27 | ... / ... | test.cpp:205:19:205:27 | ... / ... | provenance | | -| test.cpp:205:19:205:27 | ... / ... | test.cpp:207:21:207:31 | ... + ... | provenance | Config | -| test.cpp:207:21:207:31 | ... + ... | test.cpp:207:21:207:31 | ... + ... | provenance | | -| test.cpp:207:21:207:31 | ... + ... | test.cpp:209:13:209:21 | middleNaN | provenance | | -| test.cpp:207:21:207:31 | ... + ... | test.cpp:211:23:211:31 | middleNaN | provenance | | -| test.cpp:209:13:209:21 | middleNaN | test.cpp:175:22:175:22 | p | provenance | | -| test.cpp:211:23:211:31 | middleNaN | test.cpp:190:32:190:32 | p | provenance | | +| test.cpp:123:15:123:21 | ... / ... | test.cpp:123:15:123:21 | ... / ... | provenance | | +| test.cpp:123:15:123:21 | ... / ... | test.cpp:127:5:127:12 | l13 | provenance | | +| test.cpp:123:15:123:21 | ... / ... | test.cpp:133:5:133:12 | l13 | provenance | | +| test.cpp:123:15:123:21 | ... / ... | test.cpp:139:5:139:12 | l13 | provenance | | +| test.cpp:123:15:123:21 | ... / ... | test.cpp:145:5:145:12 | l13 | provenance | | +| test.cpp:123:15:123:21 | ... / ... | test.cpp:149:5:149:12 | l13 | provenance | | +| test.cpp:123:15:123:21 | ... / ... | test.cpp:157:25:157:32 | l13 | provenance | | +| test.cpp:123:15:123:21 | ... / ... | test.cpp:159:28:159:35 | l13 | provenance | | +| test.cpp:123:15:123:21 | ... / ... | test.cpp:160:21:160:28 | l13 | provenance | | +| test.cpp:177:22:177:22 | p | test.cpp:177:27:177:32 | p | provenance | | +| test.cpp:185:34:185:34 | p | test.cpp:187:13:187:18 | p | provenance | | +| test.cpp:190:32:190:32 | p | test.cpp:190:47:190:51 | ... + ... | provenance | Config | +| test.cpp:190:47:190:51 | ... + ... | test.cpp:177:22:177:22 | p | provenance | | +| test.cpp:192:32:192:32 | p | test.cpp:192:47:192:59 | ... + ... | provenance | Config | +| test.cpp:192:47:192:59 | ... + ... | test.cpp:177:22:177:22 | p | provenance | | +| test.cpp:192:47:192:59 | ... + ... | test.cpp:177:22:177:22 | p | provenance | | +| test.cpp:192:51:192:59 | ... / ... | test.cpp:192:47:192:59 | ... + ... | provenance | Config | +| test.cpp:196:13:196:21 | ... / ... | test.cpp:177:22:177:22 | p | provenance | | +| test.cpp:200:23:200:31 | ... / ... | test.cpp:190:32:190:32 | p | provenance | | +| test.cpp:202:25:202:33 | ... / ... | test.cpp:185:34:185:34 | p | provenance | | +| test.cpp:206:19:206:27 | ... / ... | test.cpp:206:19:206:27 | ... / ... | provenance | | +| test.cpp:206:19:206:27 | ... / ... | test.cpp:208:21:208:31 | ... + ... | provenance | Config | +| test.cpp:208:21:208:31 | ... + ... | test.cpp:208:21:208:31 | ... + ... | provenance | | +| test.cpp:208:21:208:31 | ... + ... | test.cpp:210:13:210:21 | middleNaN | provenance | | +| test.cpp:208:21:208:31 | ... + ... | test.cpp:212:23:212:31 | middleNaN | provenance | | +| test.cpp:210:13:210:21 | middleNaN | test.cpp:177:22:177:22 | p | provenance | | +| test.cpp:212:23:212:31 | middleNaN | test.cpp:192:32:192:32 | p | provenance | | nodes | test.cpp:27:14:27:20 | ... / ... | semmle.label | ... / ... | | test.cpp:27:14:27:20 | ... / ... | semmle.label | ... / ... | @@ -102,35 +102,35 @@ nodes | test.cpp:66:5:66:20 | ... / ... | semmle.label | ... / ... | | test.cpp:72:14:72:29 | ... / ... | semmle.label | ... / ... | | test.cpp:75:18:75:33 | ... / ... | semmle.label | ... / ... | -| test.cpp:122:15:122:21 | ... / ... | semmle.label | ... / ... | -| test.cpp:122:15:122:21 | ... / ... | semmle.label | ... / ... | -| test.cpp:126:5:126:12 | l13 | semmle.label | l13 | -| test.cpp:132:5:132:12 | l13 | semmle.label | l13 | -| test.cpp:138:5:138:12 | l13 | semmle.label | l13 | -| test.cpp:144:5:144:12 | l13 | semmle.label | l13 | -| test.cpp:148:5:148:12 | l13 | semmle.label | l13 | -| test.cpp:155:25:155:32 | l13 | semmle.label | l13 | -| test.cpp:157:28:157:35 | l13 | semmle.label | l13 | -| test.cpp:158:21:158:28 | l13 | semmle.label | l13 | -| test.cpp:166:3:166:23 | call to pow | semmle.label | call to pow | -| test.cpp:171:3:171:20 | call to acos | semmle.label | call to acos | -| test.cpp:175:22:175:22 | p | semmle.label | p | -| test.cpp:175:27:175:32 | p | semmle.label | p | -| test.cpp:183:34:183:34 | p | semmle.label | p | -| test.cpp:185:13:185:18 | p | semmle.label | p | -| test.cpp:188:32:188:32 | p | semmle.label | p | -| test.cpp:188:47:188:51 | ... + ... | semmle.label | ... + ... | +| test.cpp:123:15:123:21 | ... / ... | semmle.label | ... / ... | +| test.cpp:123:15:123:21 | ... / ... | semmle.label | ... / ... | +| test.cpp:127:5:127:12 | l13 | semmle.label | l13 | +| test.cpp:133:5:133:12 | l13 | semmle.label | l13 | +| test.cpp:139:5:139:12 | l13 | semmle.label | l13 | +| test.cpp:145:5:145:12 | l13 | semmle.label | l13 | +| test.cpp:149:5:149:12 | l13 | semmle.label | l13 | +| test.cpp:157:25:157:32 | l13 | semmle.label | l13 | +| test.cpp:159:28:159:35 | l13 | semmle.label | l13 | +| test.cpp:160:21:160:28 | l13 | semmle.label | l13 | +| test.cpp:168:3:168:23 | call to pow | semmle.label | call to pow | +| test.cpp:173:3:173:20 | call to acos | semmle.label | call to acos | +| test.cpp:177:22:177:22 | p | semmle.label | p | +| test.cpp:177:27:177:32 | p | semmle.label | p | +| test.cpp:185:34:185:34 | p | semmle.label | p | +| test.cpp:187:13:187:18 | p | semmle.label | p | | test.cpp:190:32:190:32 | p | semmle.label | p | -| test.cpp:190:47:190:59 | ... + ... | semmle.label | ... + ... | -| test.cpp:190:47:190:59 | ... + ... | semmle.label | ... + ... | -| test.cpp:190:51:190:59 | ... / ... | semmle.label | ... / ... | -| test.cpp:195:13:195:21 | ... / ... | semmle.label | ... / ... | -| test.cpp:199:23:199:31 | ... / ... | semmle.label | ... / ... | -| test.cpp:201:25:201:33 | ... / ... | semmle.label | ... / ... | -| test.cpp:205:19:205:27 | ... / ... | semmle.label | ... / ... | -| test.cpp:205:19:205:27 | ... / ... | semmle.label | ... / ... | -| test.cpp:207:21:207:31 | ... + ... | semmle.label | ... + ... | -| test.cpp:207:21:207:31 | ... + ... | semmle.label | ... + ... | -| test.cpp:209:13:209:21 | middleNaN | semmle.label | middleNaN | -| test.cpp:211:23:211:31 | middleNaN | semmle.label | middleNaN | +| test.cpp:190:47:190:51 | ... + ... | semmle.label | ... + ... | +| test.cpp:192:32:192:32 | p | semmle.label | p | +| test.cpp:192:47:192:59 | ... + ... | semmle.label | ... + ... | +| test.cpp:192:47:192:59 | ... + ... | semmle.label | ... + ... | +| test.cpp:192:51:192:59 | ... / ... | semmle.label | ... / ... | +| test.cpp:196:13:196:21 | ... / ... | semmle.label | ... / ... | +| test.cpp:200:23:200:31 | ... / ... | semmle.label | ... / ... | +| test.cpp:202:25:202:33 | ... / ... | semmle.label | ... / ... | +| test.cpp:206:19:206:27 | ... / ... | semmle.label | ... / ... | +| test.cpp:206:19:206:27 | ... / ... | semmle.label | ... / ... | +| test.cpp:208:21:208:31 | ... + ... | semmle.label | ... + ... | +| test.cpp:208:21:208:31 | ... + ... | semmle.label | ... + ... | +| test.cpp:210:13:210:21 | middleNaN | semmle.label | middleNaN | +| test.cpp:212:23:212:31 | middleNaN | semmle.label | middleNaN | subpaths diff --git a/cpp/common/test/rules/misuseofnanfloatingpointvalue/test.cpp b/cpp/common/test/rules/misuseofnanfloatingpointvalue/test.cpp index 51540bc3a1..a68a47daf7 100644 --- a/cpp/common/test/rules/misuseofnanfloatingpointvalue/test.cpp +++ b/cpp/common/test/rules/misuseofnanfloatingpointvalue/test.cpp @@ -111,12 +111,13 @@ void f1(float p1) { (int)l12; // COMPLIANT: Casting Infinity to integer } - std::isinf(l12) ? (int)l12 : 0; // COMPLIANT: Check on wrong branch - std::isinf(l12) ? 0 : (int)l12; // COMPLIANT: Checked not infinite before use + std::isinf(l12) ? (int)l12 : 0; // COMPLIANT: Check on wrong branch + std::isinf(l12) ? 0 : (int)l12; // COMPLIANT: Checked not infinite before use std::isfinite(l12) ? (int)l12 : 0; // COMPLIANT: Checked finite before use std::isfinite(l12) ? 0 : (int)l12; // COMPLIANT: Checked on wrong branch - std::isnan(l12) ? (int)l12 - : 0; // COMPLIANT: Checked NaN, therefore not infinite, before use + std::isnan(l12) + ? (int)l12 + : 0; // COMPLIANT: Checked NaN, therefore not infinite, before use std::isnan(l12) ? 0 : (int)l12; // COMPLIANT: Check on wrong branch float l13 = 0.0 / 0; @@ -150,15 +151,16 @@ void f1(float p1) { (int)l13; // COMPLIANT: Guarded not to be NaN } - std::isinf(l13) ? (int)l13 - : 0; // COMPLIANT: Checked infinite, therefore not NaN, before use + std::isinf(l13) + ? (int)l13 + : 0; // COMPLIANT: Checked infinite, therefore not NaN, before use std::isinf(l13) ? 0 : (int)l13; // NON_COMPLIANT: Check on wrong branch std::isfinite(l13) ? (int)l13 : 0; // COMPLIANT: Checked finite before use std::isfinite(l13) ? 0 : (int)l13; // NON_COMPLIANT: Checked on wrong branch std::isnan(l13) ? (int)l13 : 0; // NON_COMPLIANT: Check on wrong branch std::isnan(l13) ? 0 : (int)l13; // COMPLIANT: Checked not NaN before use - (int)std::pow(2, p1); // COMPLIANT: likely to be Infinity + (int)std::pow(2, p1); // COMPLIANT: likely to be Infinity (int)std::pow(2, std::sin(p1)); // COMPLIANT: not likely to be Infinity (int)(1 / std::sin(p1)); // COMPLIANT: possible infinity from zero in denominator @@ -168,7 +170,7 @@ void f1(float p1) { (int)std::pow(p1, p1); // COMPLIANT: p1 is not zero } - (int)std::acos(p1); // NON_COMPLIANT: NaN if p1 is not within -1..1 + (int)std::acos(p1); // NON_COMPLIANT: NaN if p1 is not within -1..1 (int)std::acos(std::cos(p1)); // COMPLIANT: cos(p1) is within -1..1 } @@ -190,8 +192,7 @@ void addInfThenCastToInt(float p) { castToInt(p + 1.0 / 0.0); } void addNaNThenCastToInt(float p) { castToInt(p + 0.0 / 0.0); } void f2() { - castToInt(1.0 / - 0.0); // COMPLIANT: Infinity flows to denominator in division + castToInt(1.0 / 0.0); // COMPLIANT: Infinity flows to denominator in division castToInt(0.0 / 0.0); // COMPLIANT: NaN flows to denominator in division checkBeforeCastToInt(1.0 / 0.0); // COMPLIANT checkBeforeCastToInt(0.0 / 0.0); // COMPLIANT diff --git a/cpp/misra/src/rules/DIR-0-3-1/PossibleMisuseOfInfiniteFloatingPointValue.ql b/cpp/misra/src/rules/DIR-0-3-1/PossibleMisuseOfInfiniteFloatingPointValue.ql index d9810c1135..ee7139543d 100644 --- a/cpp/misra/src/rules/DIR-0-3-1/PossibleMisuseOfInfiniteFloatingPointValue.ql +++ b/cpp/misra/src/rules/DIR-0-3-1/PossibleMisuseOfInfiniteFloatingPointValue.ql @@ -15,7 +15,8 @@ import cpp import codingstandards.cpp.misra import codingstandards.cpp.rules.misuseofinfinitefloatingpointvalue.MisuseOfInfiniteFloatingPointValue -class PossibleMisuseOfInfiniteFloatingPointValueQuery extends MisuseOfInfiniteFloatingPointValueSharedQuery { +class PossibleMisuseOfInfiniteFloatingPointValueQuery extends MisuseOfInfiniteFloatingPointValueSharedQuery +{ PossibleMisuseOfInfiniteFloatingPointValueQuery() { this = FloatingPointPackage::possibleMisuseOfInfiniteFloatingPointValueQuery() } diff --git a/rule_packages/cpp/FloatingPoint.json b/rule_packages/cpp/FloatingPoint.json index b085e5b289..672e57acff 100644 --- a/rule_packages/cpp/FloatingPoint.json +++ b/rule_packages/cpp/FloatingPoint.json @@ -14,8 +14,7 @@ "short_name": "PossibleMisuseOfInfiniteFloatingPointValue", "shared_implementation_short_name": "MisuseOfInfiniteFloatingPointValue", "tags": [ - "correctness", - "external/misra/c/2012/amendment3" + "correctness" ] }, { @@ -27,8 +26,7 @@ "short_name": "PossibleMisuseOfNaNFloatingPointValue", "shared_implementation_short_name": "MisuseOfNaNFloatingPointValue", "tags": [ - "correctness", - "external/misra/c/2012/amendment3" + "correctness" ] } ], From 551c2343036c4a7eafa3397d134a91bc4158dff9 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Tue, 15 Apr 2025 08:03:15 -0700 Subject: [PATCH 2502/2573] Missing format, regenerate query metadata --- c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql | 2 +- .../DIR-0-3-1/PossibleMisuseOfInfiniteFloatingPointValue.ql | 1 - .../rules/DIR-0-3-1/PossibleMisuseOfNaNFloatingPointValue.ql | 1 - 3 files changed, 1 insertion(+), 3 deletions(-) diff --git a/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql b/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql index 10bfcafeba..9315a4ed4c 100644 --- a/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql +++ b/c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql @@ -20,4 +20,4 @@ class PossibleMisuseOfUndetectedNaNQuery extends MisuseOfNaNFloatingPointValueSh PossibleMisuseOfUndetectedNaNQuery() { this = FloatingTypes2Package::possibleMisuseOfUndetectedNaNQuery() } -} \ No newline at end of file +} diff --git a/cpp/misra/src/rules/DIR-0-3-1/PossibleMisuseOfInfiniteFloatingPointValue.ql b/cpp/misra/src/rules/DIR-0-3-1/PossibleMisuseOfInfiniteFloatingPointValue.ql index ee7139543d..0e3363137e 100644 --- a/cpp/misra/src/rules/DIR-0-3-1/PossibleMisuseOfInfiniteFloatingPointValue.ql +++ b/cpp/misra/src/rules/DIR-0-3-1/PossibleMisuseOfInfiniteFloatingPointValue.ql @@ -7,7 +7,6 @@ * @problem.severity warning * @tags external/misra/id/dir-0-3-1 * correctness - * external/misra/c/2012/amendment3 * external/misra/obligation/advisory */ diff --git a/cpp/misra/src/rules/DIR-0-3-1/PossibleMisuseOfNaNFloatingPointValue.ql b/cpp/misra/src/rules/DIR-0-3-1/PossibleMisuseOfNaNFloatingPointValue.ql index 934ee6d998..035edd85b8 100644 --- a/cpp/misra/src/rules/DIR-0-3-1/PossibleMisuseOfNaNFloatingPointValue.ql +++ b/cpp/misra/src/rules/DIR-0-3-1/PossibleMisuseOfNaNFloatingPointValue.ql @@ -8,7 +8,6 @@ * @problem.severity warning * @tags external/misra/id/dir-0-3-1 * correctness - * external/misra/c/2012/amendment3 * external/misra/obligation/advisory */ From 160db8381893017f0a31290b8501d53d4bcdb1cd Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Tue, 15 Apr 2025 10:18:43 -0700 Subject: [PATCH 2503/2573] Remove deleted test qlrefs --- .../test/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.qlref | 1 - c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.qlref | 1 - 2 files changed, 2 deletions(-) delete mode 100644 c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.qlref delete mode 100644 c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.qlref diff --git a/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.qlref b/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.qlref deleted file mode 100644 index dccac37c5f..0000000000 --- a/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.ql \ No newline at end of file diff --git a/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.qlref b/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.qlref deleted file mode 100644 index d88c172bd5..0000000000 --- a/c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql \ No newline at end of file From d8ac07f96918e85310d5baa0dcbe34f25b57e163 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 21 Apr 2025 23:07:01 +0100 Subject: [PATCH 2504/2573] Add missing results --- .../deviations_report_deviated/UnusedReturnValue.expected | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/cpp/common/test/deviations/deviations_report_deviated/UnusedReturnValue.expected b/cpp/common/test/deviations/deviations_report_deviated/UnusedReturnValue.expected index 7b8860d5a3..ab75d81f6f 100644 --- a/cpp/common/test/deviations/deviations_report_deviated/UnusedReturnValue.expected +++ b/cpp/common/test/deviations/deviations_report_deviated/UnusedReturnValue.expected @@ -1,3 +1,8 @@ | main.cpp:10:3:10:6 | call to getX | Return value from call to $@ is unused. | main.cpp:6:5:6:8 | getX | getX | +| main.cpp:23:3:23:6 | call to getX | Return value from call to $@ is unused. | main.cpp:6:5:6:8 | getX | getX | +| main.cpp:25:3:25:6 | call to getX | Return value from call to $@ is unused. | main.cpp:6:5:6:8 | getX | getX | +| main.cpp:31:3:31:6 | call to getX | Return value from call to $@ is unused. | main.cpp:6:5:6:8 | getX | getX | +| main.cpp:33:3:33:6 | call to getX | Return value from call to $@ is unused. | main.cpp:6:5:6:8 | getX | getX | +| main.cpp:37:3:37:6 | call to getX | Return value from call to $@ is unused. | main.cpp:6:5:6:8 | getX | getX | | nested/nested2/test2.h:5:3:5:6 | call to getZ | Return value from call to $@ is unused. | nested/nested2/test2.h:1:5:1:8 | getZ | getZ | | nested/test.h:5:3:5:6 | call to getY | Return value from call to $@ is unused. | nested/test.h:1:5:1:8 | getY | getY | From 52e64673fee3cf653027a2924b5d3095bf81b457 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 21 Apr 2025 23:17:15 +0100 Subject: [PATCH 2505/2573] Add comment --- .../cpp/deviations/CodeIdentifierDeviation.qll | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll b/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll index 4b2f03cf98..b7a144f429 100644 --- a/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll +++ b/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll @@ -341,6 +341,11 @@ class CodeIdentifierDeviation extends TCodeIndentifierDeviation { ) } + /** + * Holds for the region matched by this code identifier deviation. + * + * Note: this is not the location of the marker itself. + */ predicate hasLocationInfo( string filepath, int suppressedLine, int suppressedColumn, int endline, int endcolumn ) { From 184e5d3ed5bde1cd8ae5895cff70254a0ae36104 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 21 Apr 2025 23:22:27 +0100 Subject: [PATCH 2506/2573] Extract common library for location handling --- .../src/codingstandards/cpp/Locations.qll | 24 ++++++++++++++ .../cpp/deviations/DeviationsSuppression.ql | 31 +++---------------- 2 files changed, 28 insertions(+), 27 deletions(-) create mode 100644 cpp/common/src/codingstandards/cpp/Locations.qll diff --git a/cpp/common/src/codingstandards/cpp/Locations.qll b/cpp/common/src/codingstandards/cpp/Locations.qll new file mode 100644 index 0000000000..83dd0448af --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/Locations.qll @@ -0,0 +1,24 @@ +import cpp + +/** Holds if `lineNumber` is an indexed line number in file `f`. */ +predicate isLineNumber(File f, int lineNumber) { + exists(Location l | l.getFile() = f | + l.getStartLine() = lineNumber + or + l.getEndLine() = lineNumber + ) +} + +/** Gets the last line number in `f`. */ +int getLastLineNumber(File f) { result = max(int lineNumber | isLineNumber(f, lineNumber)) } + +/** Gets the last column number on the last line of `f`. */ +int getLastColumnNumber(File f) { + result = + max(Location l | + l.getFile() = f and + l.getEndLine() = getLastLineNumber(f) + | + l.getEndColumn() + ) +} diff --git a/cpp/common/src/codingstandards/cpp/deviations/DeviationsSuppression.ql b/cpp/common/src/codingstandards/cpp/deviations/DeviationsSuppression.ql index f29c068983..94f45c74b3 100644 --- a/cpp/common/src/codingstandards/cpp/deviations/DeviationsSuppression.ql +++ b/cpp/common/src/codingstandards/cpp/deviations/DeviationsSuppression.ql @@ -7,29 +7,7 @@ import cpp import Deviations - -/** Holds if `lineNumber` is an indexed line number in file `f`. */ -private predicate isLineNumber(File f, int lineNumber) { - exists(Location l | l.getFile() = f | - l.getStartLine() = lineNumber - or - l.getEndLine() = lineNumber - ) -} - -/** Gets the last line number in `f`. */ -private int getLastLineNumber(File f) { result = max(int lineNumber | isLineNumber(f, lineNumber)) } - -/** Gets the last column number on the last line of `f`. */ -int getLastColumnNumber(File f) { - result = - max(Location l | - l.getFile() = f and - l.getEndLine() = getLastLineNumber(f) - | - l.getEndColumn() - ) -} +import codingstandards.cpp.Locations newtype TDeviationScope = TDeviationRecordFileScope(DeviationRecord dr, File file) { @@ -71,10 +49,9 @@ class DeviationRecordFileScope extends DeviationScope, TDeviationRecordFileScope string filepath, int startline, int startcolumn, int endline, int endcolumn ) { // In an ideal world, we would produce a URL here that informed the AlertSuppression code that - // the whole file was suppressed. However, experimentation suggestions the alert suppression - // code only works with locations with lines and columns, so we generate a location that covers - // the whole "indexed" file, by finding the location indexed in the database with the latest - // line and column number. + // the whole file was suppressed. However, the alert suppression code only works with locations + // with lines and columns, so we generate a location that covers the whole "indexed" file, by + // finding the location indexed in the database with the latest line and column number. exists(File f | f = getFile() | f.getLocation().hasLocationInfo(filepath, _, _, _, _) and startline = 1 and From 126ed553e5026853250e3c62e59768eb3abd540b Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 21 Apr 2025 23:30:54 +0100 Subject: [PATCH 2507/2573] Add getLastColumnNumber to shared library --- cpp/common/src/codingstandards/cpp/Locations.qll | 6 ++++++ .../cpp/deviations/CodeIdentifierDeviation.qll | 9 ++------- 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Locations.qll b/cpp/common/src/codingstandards/cpp/Locations.qll index 83dd0448af..800f44d18a 100644 --- a/cpp/common/src/codingstandards/cpp/Locations.qll +++ b/cpp/common/src/codingstandards/cpp/Locations.qll @@ -22,3 +22,9 @@ int getLastColumnNumber(File f) { l.getEndColumn() ) } + +/** Gets the last column number on the given line of `filepath`. */ +bindingset[filepath, lineNumber] +int getLastColumnNumber(string filepath, int lineNumber) { + result = max(Location l | l.hasLocationInfo(filepath, _, _, lineNumber, _) | l.getEndColumn()) +} diff --git a/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll b/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll index b7a144f429..137a2a72d7 100644 --- a/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll +++ b/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll @@ -32,6 +32,7 @@ import cpp import Deviations +import codingstandards.cpp.Locations string supportedStandard() { result = ["misra", "autosar", "cert"] } @@ -358,13 +359,7 @@ class CodeIdentifierDeviation extends TCodeIndentifierDeviation { then endcolumn = commentMarker.(DeviationEndOfLineMarker).getLocation().getEndColumn() else // Find the last column for a location on the next line - endcolumn = - max(Location l | - l.hasLocationInfo(filepath, _, _, _, _) and - l.getEndLine() = suppressedLine - | - l.getEndColumn() - ) + endcolumn = getLastColumnNumber(filepath, suppressedLine) ) or this = TMultiLineDeviation(_, _, _, filepath, suppressedLine, endline) and From 5ad61ee4e441007828e966df4c61d3ad658a62e8 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 21 Apr 2025 23:42:01 +0100 Subject: [PATCH 2508/2573] Deviations: Include the final line in ranges The deviated locations now include the line with the _end marker, for any element before the marker. --- .../deviations/CodeIdentifierDeviation.qll | 38 ++++++++++++------- .../DeviationsSuppression.expected | 4 +- 2 files changed, 26 insertions(+), 16 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll b/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll index 137a2a72d7..e177b84046 100644 --- a/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll +++ b/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll @@ -295,11 +295,11 @@ newtype TCodeIndentifierDeviation = } or TMultiLineDeviation( DeviationRecord record, DeviationBegin beginComment, DeviationEnd endComment, string filepath, - int suppressedStartLine, int suppressedEndLine + int suppressedStartLine, int suppressedEndLine, int suppressedEndColumn ) { isDeviationRangePaired(record, beginComment, endComment) and beginComment.getLocation().hasLocationInfo(filepath, suppressedStartLine, _, _, _) and - endComment.getLocation().hasLocationInfo(filepath, suppressedEndLine, _, _, _) + endComment.getLocation().hasLocationInfo(filepath, _, _, suppressedEndLine, suppressedEndColumn) } or TCodeIdentifierDeviation(DeviationRecord record, DeviationAttribute attribute) { attribute.getADeviationRecord() = record @@ -310,7 +310,7 @@ class CodeIdentifierDeviation extends TCodeIndentifierDeviation { DeviationRecord getADeviationRecord() { this = TSingleLineDeviation(result, _, _, _) or - this = TMultiLineDeviation(result, _, _, _, _, _) + this = TMultiLineDeviation(result, _, _, _, _, _, _) or this = TCodeIdentifierDeviation(result, _) } @@ -321,18 +321,27 @@ class CodeIdentifierDeviation extends TCodeIndentifierDeviation { bindingset[e] pragma[inline_late] predicate isElementMatching(Element e) { - exists(string filepath, int elementLocationStart | - e.getLocation().hasLocationInfo(filepath, elementLocationStart, _, _, _) + exists(string filepath, int elementLocationStart, int elementLocationColumnStart | + e.getLocation() + .hasLocationInfo(filepath, elementLocationStart, elementLocationColumnStart, _, _) | exists(int suppressedLine | this = TSingleLineDeviation(_, _, filepath, suppressedLine) and suppressedLine = elementLocationStart ) or - exists(int suppressedStartLine, int suppressedEndLine | - this = TMultiLineDeviation(_, _, _, filepath, suppressedStartLine, suppressedEndLine) and - suppressedStartLine < elementLocationStart and + exists(int suppressedStartLine, int suppressedEndLine, int suppressedEndColumn | + this = + TMultiLineDeviation(_, _, _, filepath, suppressedStartLine, suppressedEndLine, + suppressedEndColumn) and + suppressedStartLine < elementLocationStart + | + // Element starts before the end line of the suppression suppressedEndLine > elementLocationStart + or + // Element exists on the same line as the suppression, and occurs before it + suppressedEndLine = elementLocationStart and + elementLocationColumnStart < suppressedEndColumn ) ) or @@ -362,9 +371,8 @@ class CodeIdentifierDeviation extends TCodeIndentifierDeviation { endcolumn = getLastColumnNumber(filepath, suppressedLine) ) or - this = TMultiLineDeviation(_, _, _, filepath, suppressedLine, endline) and - suppressedColumn = 1 and - endcolumn = 1 + this = TMultiLineDeviation(_, _, _, filepath, suppressedLine, endline, endcolumn) and + suppressedColumn = 1 or exists(DeviationAttribute attribute | this = TCodeIdentifierDeviation(_, attribute) and @@ -384,11 +392,13 @@ class CodeIdentifierDeviation extends TCodeIndentifierDeviation { suppressedLine ) or - exists(int suppressedStartLine, int suppressedEndLine | - this = TMultiLineDeviation(_, _, _, filepath, suppressedStartLine, suppressedEndLine) and + exists(int suppressedStartLine, int suppressedEndLine, int suppressedEndColumn | + this = + TMultiLineDeviation(_, _, _, filepath, suppressedStartLine, suppressedEndLine, + suppressedEndColumn) and result = "Deviation of " + getADeviationRecord().getQuery() + " applied to " + filepath + " Line " + - suppressedStartLine + ":" + suppressedEndLine + suppressedStartLine + ":" + suppressedEndLine + " (Column " + suppressedEndColumn + ")" ) ) or diff --git a/cpp/common/test/deviations/deviations_report_deviated/DeviationsSuppression.expected b/cpp/common/test/deviations/deviations_report_deviated/DeviationsSuppression.expected index 73f564c13c..2192b36279 100644 --- a/cpp/common/test/deviations/deviations_report_deviated/DeviationsSuppression.expected +++ b/cpp/common/test/deviations/deviations_report_deviated/DeviationsSuppression.expected @@ -1,8 +1,8 @@ | file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/type-long-double-used] | lgtm[cpp/autosar/type-long-double-used] | main.cpp:12:1:12:58 | Deviation of cpp/autosar/type-long-double-used applied to main.cpp Line 12 | | file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/type-long-double-used] | lgtm[cpp/autosar/type-long-double-used] | main.cpp:14:1:14:65 | Deviation of cpp/autosar/type-long-double-used applied to main.cpp Line 14 | | file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/type-long-double-used] | lgtm[cpp/autosar/type-long-double-used] | main.cpp:18:1:18:40 | Deviation of cpp/autosar/type-long-double-used applied to main.cpp Line 18 | -| file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/type-long-double-used] | lgtm[cpp/autosar/type-long-double-used] | main.cpp:21:1:27:1 | Deviation of cpp/autosar/type-long-double-used applied to main.cpp Line 21:27 | -| file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/type-long-double-used] | lgtm[cpp/autosar/type-long-double-used] | main.cpp:29:1:35:1 | Deviation of cpp/autosar/type-long-double-used applied to main.cpp Line 29:35 | +| file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/type-long-double-used] | lgtm[cpp/autosar/type-long-double-used] | main.cpp:21:1:27:53 | Deviation of cpp/autosar/type-long-double-used applied to main.cpp Line 21:27 (Column 53) | +| file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/type-long-double-used] | lgtm[cpp/autosar/type-long-double-used] | main.cpp:29:1:35:53 | Deviation of cpp/autosar/type-long-double-used applied to main.cpp Line 29:35 (Column 53) | | file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/unused-return-value] | lgtm[cpp/autosar/unused-return-value] | nested/nested2/test2.h:1:1:6:1 | Deviation of cpp/autosar/unused-return-value for nested/nested2/test2.h. | | file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/useless-assignment] | lgtm[cpp/autosar/useless-assignment] | coding-standards.xml:1:1:17:19 | Deviation of cpp/autosar/useless-assignment for coding-standards.xml. | | file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/useless-assignment] | lgtm[cpp/autosar/useless-assignment] | main.cpp:1:1:39:1 | Deviation of cpp/autosar/useless-assignment for main.cpp. | From 6a5f0950ec571b46088b0f96e57fa0dbff346cac Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 21 Apr 2025 23:56:29 +0100 Subject: [PATCH 2509/2573] Deviations: Store start columns for comment ranges --- .../deviations/CodeIdentifierDeviation.qll | 58 ++++++++++++------- .../DeviationsSuppression.expected | 7 ++- .../deviations_report_deviated/main.cpp | 5 ++ 3 files changed, 47 insertions(+), 23 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll b/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll index e177b84046..00e02d5712 100644 --- a/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll +++ b/cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll @@ -295,10 +295,13 @@ newtype TCodeIndentifierDeviation = } or TMultiLineDeviation( DeviationRecord record, DeviationBegin beginComment, DeviationEnd endComment, string filepath, - int suppressedStartLine, int suppressedEndLine, int suppressedEndColumn + int suppressedStartLine, int suppressedStartColumn, int suppressedEndLine, + int suppressedEndColumn ) { isDeviationRangePaired(record, beginComment, endComment) and - beginComment.getLocation().hasLocationInfo(filepath, suppressedStartLine, _, _, _) and + beginComment + .getLocation() + .hasLocationInfo(filepath, suppressedStartLine, suppressedStartColumn, _, _) and endComment.getLocation().hasLocationInfo(filepath, _, _, suppressedEndLine, suppressedEndColumn) } or TCodeIdentifierDeviation(DeviationRecord record, DeviationAttribute attribute) { @@ -310,7 +313,7 @@ class CodeIdentifierDeviation extends TCodeIndentifierDeviation { DeviationRecord getADeviationRecord() { this = TSingleLineDeviation(result, _, _, _) or - this = TMultiLineDeviation(result, _, _, _, _, _, _) + this = TMultiLineDeviation(result, _, _, _, _, _, _, _) or this = TCodeIdentifierDeviation(result, _) } @@ -330,18 +333,29 @@ class CodeIdentifierDeviation extends TCodeIndentifierDeviation { suppressedLine = elementLocationStart ) or - exists(int suppressedStartLine, int suppressedEndLine, int suppressedEndColumn | - this = - TMultiLineDeviation(_, _, _, filepath, suppressedStartLine, suppressedEndLine, - suppressedEndColumn) and - suppressedStartLine < elementLocationStart + exists( + int suppressedStartLine, int suppressedStartColumn, int suppressedEndLine, + int suppressedEndColumn | - // Element starts before the end line of the suppression - suppressedEndLine > elementLocationStart - or - // Element exists on the same line as the suppression, and occurs before it - suppressedEndLine = elementLocationStart and - elementLocationColumnStart < suppressedEndColumn + this = + TMultiLineDeviation(_, _, _, filepath, suppressedStartLine, suppressedStartColumn, + suppressedEndLine, suppressedEndColumn) and + ( + // Element starts on a line after the begin marker of the suppression + suppressedStartLine < elementLocationStart + or + // Element exists on the same line as the begin marker, and occurs after it + suppressedStartLine = elementLocationStart and + suppressedStartColumn < elementLocationColumnStart + ) and + ( + // Element starts on a line before the end marker of the suppression + suppressedEndLine > elementLocationStart + or + // Element exists on the same line as the end marker of the suppression, and occurs before it + suppressedEndLine = elementLocationStart and + elementLocationColumnStart < suppressedEndColumn + ) ) ) or @@ -371,8 +385,8 @@ class CodeIdentifierDeviation extends TCodeIndentifierDeviation { endcolumn = getLastColumnNumber(filepath, suppressedLine) ) or - this = TMultiLineDeviation(_, _, _, filepath, suppressedLine, endline, endcolumn) and - suppressedColumn = 1 + this = + TMultiLineDeviation(_, _, _, filepath, suppressedLine, suppressedColumn, endline, endcolumn) or exists(DeviationAttribute attribute | this = TCodeIdentifierDeviation(_, attribute) and @@ -392,13 +406,17 @@ class CodeIdentifierDeviation extends TCodeIndentifierDeviation { suppressedLine ) or - exists(int suppressedStartLine, int suppressedEndLine, int suppressedEndColumn | + exists( + int suppressedStartLine, int suppressedStartColumn, int suppressedEndLine, + int suppressedEndColumn + | this = - TMultiLineDeviation(_, _, _, filepath, suppressedStartLine, suppressedEndLine, - suppressedEndColumn) and + TMultiLineDeviation(_, _, _, filepath, suppressedStartLine, suppressedStartColumn, + suppressedEndLine, suppressedEndColumn) and result = "Deviation of " + getADeviationRecord().getQuery() + " applied to " + filepath + " Line " + - suppressedStartLine + ":" + suppressedEndLine + " (Column " + suppressedEndColumn + ")" + suppressedStartLine + ":" + suppressedStartColumn + ":" + suppressedEndLine + ":" + + suppressedEndColumn ) ) or diff --git a/cpp/common/test/deviations/deviations_report_deviated/DeviationsSuppression.expected b/cpp/common/test/deviations/deviations_report_deviated/DeviationsSuppression.expected index 2192b36279..35fca84928 100644 --- a/cpp/common/test/deviations/deviations_report_deviated/DeviationsSuppression.expected +++ b/cpp/common/test/deviations/deviations_report_deviated/DeviationsSuppression.expected @@ -1,11 +1,12 @@ | file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/type-long-double-used] | lgtm[cpp/autosar/type-long-double-used] | main.cpp:12:1:12:58 | Deviation of cpp/autosar/type-long-double-used applied to main.cpp Line 12 | | file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/type-long-double-used] | lgtm[cpp/autosar/type-long-double-used] | main.cpp:14:1:14:65 | Deviation of cpp/autosar/type-long-double-used applied to main.cpp Line 14 | | file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/type-long-double-used] | lgtm[cpp/autosar/type-long-double-used] | main.cpp:18:1:18:40 | Deviation of cpp/autosar/type-long-double-used applied to main.cpp Line 18 | -| file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/type-long-double-used] | lgtm[cpp/autosar/type-long-double-used] | main.cpp:21:1:27:53 | Deviation of cpp/autosar/type-long-double-used applied to main.cpp Line 21:27 (Column 53) | -| file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/type-long-double-used] | lgtm[cpp/autosar/type-long-double-used] | main.cpp:29:1:35:53 | Deviation of cpp/autosar/type-long-double-used applied to main.cpp Line 29:35 (Column 53) | +| file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/type-long-double-used] | lgtm[cpp/autosar/type-long-double-used] | main.cpp:21:3:27:53 | Deviation of cpp/autosar/type-long-double-used applied to main.cpp Line 21:3:27:53 | +| file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/type-long-double-used] | lgtm[cpp/autosar/type-long-double-used] | main.cpp:29:3:35:53 | Deviation of cpp/autosar/type-long-double-used applied to main.cpp Line 29:3:35:53 | +| file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/type-long-double-used] | lgtm[cpp/autosar/type-long-double-used] | main.cpp:40:39:41:99 | Deviation of cpp/autosar/type-long-double-used applied to main.cpp Line 40:39:41:99 | | file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/unused-return-value] | lgtm[cpp/autosar/unused-return-value] | nested/nested2/test2.h:1:1:6:1 | Deviation of cpp/autosar/unused-return-value for nested/nested2/test2.h. | | file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/useless-assignment] | lgtm[cpp/autosar/useless-assignment] | coding-standards.xml:1:1:17:19 | Deviation of cpp/autosar/useless-assignment for coding-standards.xml. | -| file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/useless-assignment] | lgtm[cpp/autosar/useless-assignment] | main.cpp:1:1:39:1 | Deviation of cpp/autosar/useless-assignment for main.cpp. | +| file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/useless-assignment] | lgtm[cpp/autosar/useless-assignment] | main.cpp:1:1:44:1 | Deviation of cpp/autosar/useless-assignment for main.cpp. | | file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/useless-assignment] | lgtm[cpp/autosar/useless-assignment] | nested/coding-standards.xml:1:1:13:19 | Deviation of cpp/autosar/useless-assignment for nested/coding-standards.xml. | | file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/useless-assignment] | lgtm[cpp/autosar/useless-assignment] | nested/nested2/test2.h:1:1:6:1 | Deviation of cpp/autosar/useless-assignment for nested/nested2/test2.h. | | file://:0:0:0:0 | (no string representation) | // lgtm[cpp/autosar/useless-assignment] | lgtm[cpp/autosar/useless-assignment] | nested/test.h:1:1:6:1 | Deviation of cpp/autosar/useless-assignment for nested/test.h. | diff --git a/cpp/common/test/deviations/deviations_report_deviated/main.cpp b/cpp/common/test/deviations/deviations_report_deviated/main.cpp index 7891faea18..d2f58d9db1 100644 --- a/cpp/common/test/deviations/deviations_report_deviated/main.cpp +++ b/cpp/common/test/deviations/deviations_report_deviated/main.cpp @@ -35,5 +35,10 @@ int main(int argc, char **argv) { // codeql::autosar_deviation_end(a-0-4-2-deviation) long double d14; // NON_COMPLIANT (A0-4-2) getX(); // NON_COMPLIANT (A0-1-2) + + // clang-format off + long double d15; /* NON_COMPLIANT*/ /* codeql::autosar_deviation_begin(a-0-4-2-deviation) */ long double d16; // COMPLIANT[DEVIATED] + long double d17; /* COMPLIANT[DEVIATED] */ /* codeql::autosar_deviation_end(a-0-4-2-deviation) */ long double d18; // NON_COMPLIANT + // clang-format on return 0; } \ No newline at end of file From 8c2da1cd439f6f5df31f1756842b64832da6feae Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 22 Apr 2025 00:01:48 +0100 Subject: [PATCH 2510/2573] Deviations: Expand testing for ranges Ensure begin/end column code works as expected --- .../TypeLongDoubleUsed.expected | 2 + .../deviations/deviations_basic_test/main.cpp | 5 +++ .../TypeLongDoubleUsed.expected | 18 +++++++++ .../TypeLongDoubleUsed.ql | 38 +++++++++++++++++++ 4 files changed, 63 insertions(+) create mode 100644 cpp/common/test/deviations/deviations_report_deviated/TypeLongDoubleUsed.expected create mode 100644 cpp/common/test/deviations/deviations_report_deviated/TypeLongDoubleUsed.ql diff --git a/cpp/common/test/deviations/deviations_basic_test/TypeLongDoubleUsed.expected b/cpp/common/test/deviations/deviations_basic_test/TypeLongDoubleUsed.expected index f2cfd03dc6..afc613642a 100644 --- a/cpp/common/test/deviations/deviations_basic_test/TypeLongDoubleUsed.expected +++ b/cpp/common/test/deviations/deviations_basic_test/TypeLongDoubleUsed.expected @@ -10,3 +10,5 @@ | main.cpp:21:15:21:16 | d6 | Use of long double type. | | main.cpp:30:15:30:17 | d10 | Use of long double type. | | main.cpp:38:15:38:17 | d14 | Use of long double type. | +| main.cpp:42:15:42:17 | d15 | Use of long double type. | +| main.cpp:43:113:43:115 | d18 | Use of long double type. | diff --git a/cpp/common/test/deviations/deviations_basic_test/main.cpp b/cpp/common/test/deviations/deviations_basic_test/main.cpp index aa389ed0ad..17126364f4 100644 --- a/cpp/common/test/deviations/deviations_basic_test/main.cpp +++ b/cpp/common/test/deviations/deviations_basic_test/main.cpp @@ -37,5 +37,10 @@ int main(int argc, char **argv) { // codeql::autosar_deviation_end(a-0-4-2-deviation) long double d14; // NON_COMPLIANT (A0-4-2) getX(); // NON_COMPLIANT (A0-1-2) + + // clang-format off + long double d15; /* NON_COMPLIANT*/ /* codeql::autosar_deviation_begin(a-0-4-2-deviation) */ long double d16; // COMPLIANT[DEVIATED] + long double d17; /* COMPLIANT[DEVIATED] */ /* codeql::autosar_deviation_end(a-0-4-2-deviation) */ long double d18; // NON_COMPLIANT + // clang-format on return 0; } \ No newline at end of file diff --git a/cpp/common/test/deviations/deviations_report_deviated/TypeLongDoubleUsed.expected b/cpp/common/test/deviations/deviations_report_deviated/TypeLongDoubleUsed.expected new file mode 100644 index 0000000000..e9099fa64a --- /dev/null +++ b/cpp/common/test/deviations/deviations_report_deviated/TypeLongDoubleUsed.expected @@ -0,0 +1,18 @@ +| main.cpp:11:15:11:16 | d1 | Use of long double type. | +| main.cpp:12:15:12:16 | d2 | Use of long double type. | +| main.cpp:14:15:14:16 | d3 | Use of long double type. | +| main.cpp:16:15:16:16 | d4 | Use of long double type. | +| main.cpp:18:15:18:16 | d5 | Use of long double type. | +| main.cpp:19:15:19:16 | d6 | Use of long double type. | +| main.cpp:22:15:22:16 | d7 | Use of long double type. | +| main.cpp:24:15:24:16 | d8 | Use of long double type. | +| main.cpp:26:15:26:16 | d9 | Use of long double type. | +| main.cpp:28:15:28:17 | d10 | Use of long double type. | +| main.cpp:30:15:30:17 | d11 | Use of long double type. | +| main.cpp:32:15:32:17 | d12 | Use of long double type. | +| main.cpp:34:15:34:17 | d13 | Use of long double type. | +| main.cpp:36:15:36:17 | d14 | Use of long double type. | +| main.cpp:40:15:40:17 | d15 | Use of long double type. | +| main.cpp:40:108:40:110 | d16 | Use of long double type. | +| main.cpp:41:15:41:17 | d17 | Use of long double type. | +| main.cpp:41:113:41:115 | d18 | Use of long double type. | diff --git a/cpp/common/test/deviations/deviations_report_deviated/TypeLongDoubleUsed.ql b/cpp/common/test/deviations/deviations_report_deviated/TypeLongDoubleUsed.ql new file mode 100644 index 0000000000..0ff7b93251 --- /dev/null +++ b/cpp/common/test/deviations/deviations_report_deviated/TypeLongDoubleUsed.ql @@ -0,0 +1,38 @@ +/** + * @id cpp/autosar/type-long-double-used + * @name A0-4-2: Type long double shall not be used + * @description The type long double has an implementation-defined width and therefore shall not be + * used. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/autosar/id/a0-4-2 + * correctness + * readability + * external/autosar/allocated-target/implementation + * external/autosar/enforcement/automated + * external/autosar/obligation/required + */ + +import cpp +import codingstandards.cpp.CodingStandards +import codingstandards.cpp.exclusions.cpp.RuleMetadata + +predicate isUsingLongDouble(ClassTemplateInstantiation c) { + c.getATemplateArgument() instanceof LongDoubleType or + isUsingLongDouble(c.getATemplateArgument()) +} + +from Variable v +where + not isExcluded(v, BannedTypesPackage::typeLongDoubleUsedQuery()) and + ( + v.getUnderlyingType() instanceof LongDoubleType and + not v.isFromTemplateInstantiation(_) + or + exists(ClassTemplateInstantiation c | + c = v.getType() and + isUsingLongDouble(c) + ) + ) +select v, "Use of long double type." From ed088be3717f0722f83e37f52e68c69300b5e2a9 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 25 Apr 2025 08:12:40 -0700 Subject: [PATCH 2511/2573] Fix performance regression from Compatible.qll --- cpp/common/src/codingstandards/cpp/types/Compatible.qll | 1 + 1 file changed, 1 insertion(+) diff --git a/cpp/common/src/codingstandards/cpp/types/Compatible.qll b/cpp/common/src/codingstandards/cpp/types/Compatible.qll index d6f65126e8..7ea58d766d 100644 --- a/cpp/common/src/codingstandards/cpp/types/Compatible.qll +++ b/cpp/common/src/codingstandards/cpp/types/Compatible.qll @@ -69,6 +69,7 @@ module TypesCompatibleConfig implements TypeEquivalenceSig { /** * Utilize QlBuiltins::InternSets to efficiently compare the sets of specifiers on two types. */ +bindingset[t1, t2] private predicate specifiersMatchExactly(Type t1, Type t2) { t1 = t2 or From 472c93a89b47f0b7c8492c6ea12edd7fe70e616a Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 25 Apr 2025 16:29:32 -0700 Subject: [PATCH 2512/2573] Add changes to join order and prevent cartesian product through rewrite --- .../codingstandards/cpp/types/Compatible.qll | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/types/Compatible.qll b/cpp/common/src/codingstandards/cpp/types/Compatible.qll index 7ea58d766d..33b2830827 100644 --- a/cpp/common/src/codingstandards/cpp/types/Compatible.qll +++ b/cpp/common/src/codingstandards/cpp/types/Compatible.qll @@ -53,8 +53,11 @@ module TypesCompatibleConfig implements TypeEquivalenceSig { or // Enum types are compatible with one of char, int, or signed int, but the implementation // decides. - [t1, t2] instanceof Enum and - ([t1, t2] instanceof CharType or [t1, t2] instanceof IntType) + t1 instanceof Enum and + (t2 instanceof CharType or t2 instanceof IntType) + or + t2 instanceof Enum and + (t1 instanceof CharType or t1 instanceof IntType) } bindingset[t1, t2] @@ -348,8 +351,15 @@ module FunctionDeclarationTypeEquivalence { predicate equalParameterTypes(FunctionDeclarationEntry f1, FunctionDeclarationEntry f2) { f1.getDeclaration() = f2.getDeclaration() and forall(int i | exists([f1, f2].getParameterDeclarationEntry(i)) | - TypeEquivalence::equalTypes(f1.getParameterDeclarationEntry(i) - .getType(), f2.getParameterDeclarationEntry(i).getType()) + equalParameterTypesAt(f1, f2, pragma[only_bind_into](i)) + ) + } + + predicate equalParameterTypesAt(FunctionDeclarationEntry f1, FunctionDeclarationEntry f2, int i) { + pragma[only_bind_out](f1.getDeclaration()) = pragma[only_bind_out](f2.getDeclaration()) and + TypeEquivalence::equalTypes( + f1.getParameterDeclarationEntry(i).getType(), + f2.getParameterDeclarationEntry(i).getType() ) } } From 7f6b32d4c14035cc9eaf1bbb18fd12a3ff3c816c Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Sun, 27 Apr 2025 00:44:21 -0700 Subject: [PATCH 2513/2573] Try new approach to reduce search set in type equivalence, some new join orders. More pragmas added to encourage the join ordering pipeline to make function comparisons more efficient. New approach in type equivalence assumes that all types are trivially equivalent to themselves. Therefore, only type comparisons between non-identical types need to be considered as interesting roots. The types that are reachable in the type graph from these roots are the ones considered by the recursive type equivalence predicate. --- ...rousDefaultSelectionForPointerInGeneric.ql | 20 ++- .../DeclarationsOfAFunctionSameNameAndType.ql | 10 +- .../DeclarationsOfAnObjectSameNameAndType.ql | 19 ++- .../CompatibleDeclarationFunctionDefined.ql | 16 ++- .../CompatibleDeclarationObjectDefined.ql | 16 +-- ...-25-improve-type-comparison-performance.md | 6 + .../codingstandards/cpp/types/Compatible.qll | 127 ++++++++++++++---- .../cpp/types/SimpleAssignment.qll | 65 ++++++--- 8 files changed, 199 insertions(+), 80 deletions(-) create mode 100644 change_notes/2025-04-25-improve-type-comparison-performance.md diff --git a/c/misra/src/rules/RULE-23-5/DangerousDefaultSelectionForPointerInGeneric.ql b/c/misra/src/rules/RULE-23-5/DangerousDefaultSelectionForPointerInGeneric.ql index a009ba1b2a..f2961e2638 100644 --- a/c/misra/src/rules/RULE-23-5/DangerousDefaultSelectionForPointerInGeneric.ql +++ b/c/misra/src/rules/RULE-23-5/DangerousDefaultSelectionForPointerInGeneric.ql @@ -20,18 +20,14 @@ import codingstandards.cpp.types.LvalueConversion import codingstandards.cpp.types.SimpleAssignment predicate typesCompatible(Type t1, Type t2) { - TypeEquivalence::equalTypes(t1, t2) + TypeEquivalence::equalTypes(t1, t2) } -class TypeFromGeneric extends Type { - TypeFromGeneric() { - exists(C11GenericExpr g | - ( - this = g.getAssociationType(_) or - this = g.getControllingExpr().getFullyConverted().getType() - ) - ) - } +predicate relevantTypes(Type a, Type b) { + exists(C11GenericExpr g | + a = g.getAnAssociationType() and + b = getLvalueConverted(g.getControllingExpr().getFullyConverted().getType()) + ) } predicate missesOnPointerConversion(Type provided, Type expected) { @@ -40,11 +36,11 @@ predicate missesOnPointerConversion(Type provided, Type expected) { // But 6.5.16.1 simple assignment constraints would have been satisfied: ( // Check as if the controlling expr is assigned to the expected type: - SimpleAssignment::satisfiesSimplePointerAssignment(expected, provided) + SimpleAssignment::satisfiesSimplePointerAssignment(expected, provided) or // Since developers typically rely on the compiler to catch const/non-const assignment // errors, don't assume a const-to-non-const generic selection miss was intentional. - SimpleAssignment::satisfiesSimplePointerAssignment(provided, expected) + SimpleAssignment::satisfiesSimplePointerAssignment(provided, expected) ) } diff --git a/c/misra/src/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.ql b/c/misra/src/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.ql index 2de2e4fd0a..0be6347840 100644 --- a/c/misra/src/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.ql +++ b/c/misra/src/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.ql @@ -16,6 +16,12 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.types.Compatible +predicate interestedInFunctions(FunctionDeclarationEntry f1, FunctionDeclarationEntry f2) { + f1.getDeclaration() = f2.getDeclaration() and + not f1 = f2 and + f1.getDeclaration() = f2.getDeclaration() +} + from FunctionDeclarationEntry f1, FunctionDeclarationEntry f2, string case, string pluralDo where not isExcluded(f1, Declarations4Package::declarationsOfAFunctionSameNameAndTypeQuery()) and @@ -24,12 +30,12 @@ where f1.getDeclaration() = f2.getDeclaration() and //return type check ( - not FunctionDeclarationTypeEquivalence::equalReturnTypes(f1, f2) and + not FunctionDeclarationTypeEquivalence::equalReturnTypes(f1, f2) and case = "return type" and pluralDo = "does" or //parameter type check - not FunctionDeclarationTypeEquivalence::equalParameterTypes(f1, f2) and + not FunctionDeclarationTypeEquivalence::equalParameterTypes(f1, f2) and case = "parameter types" and pluralDo = "do" or diff --git a/c/misra/src/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.ql b/c/misra/src/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.ql index 12ff583b6b..36a84b3b9c 100644 --- a/c/misra/src/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.ql +++ b/c/misra/src/rules/RULE-8-3/DeclarationsOfAnObjectSameNameAndType.ql @@ -16,15 +16,6 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.types.Compatible -class RelevantType extends Type { - RelevantType() { - exists(VariableDeclarationEntry decl | - (relevantPair(decl, _) or relevantPair(_, decl)) and - decl.getType() = this - ) - } -} - predicate relevantPair(VariableDeclarationEntry decl1, VariableDeclarationEntry decl2) { not decl1 = decl2 and not decl1.getVariable().getDeclaringType().isAnonymous() and @@ -43,12 +34,20 @@ predicate relevantPair(VariableDeclarationEntry decl1, VariableDeclarationEntry ) } +predicate relevantTypes(Type a, Type b) { + exists(VariableDeclarationEntry varA, VariableDeclarationEntry varB | + a = varA.getType() and + b = varB.getType() and + relevantPair(varA, varB) + ) +} + from VariableDeclarationEntry decl1, VariableDeclarationEntry decl2 where not isExcluded(decl1, Declarations4Package::declarationsOfAnObjectSameNameAndTypeQuery()) and not isExcluded(decl2, Declarations4Package::declarationsOfAnObjectSameNameAndTypeQuery()) and relevantPair(decl1, decl2) and - not TypeEquivalence::equalTypes(decl1.getType(), + not TypeEquivalence::equalTypes(decl1.getType(), decl2.getType()) select decl1, "The object $@ of type " + decl1.getType().toString() + diff --git a/c/misra/src/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.ql b/c/misra/src/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.ql index 98876ad1bd..2f17dd5086 100644 --- a/c/misra/src/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.ql +++ b/c/misra/src/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.ql @@ -19,6 +19,16 @@ import codingstandards.c.misra import codingstandards.cpp.Identifiers import codingstandards.cpp.types.Compatible +predicate interestedInFunctions(FunctionDeclarationEntry f1, FunctionDeclarationEntry f2) { + f1.getDeclaration() instanceof ExternalIdentifiers and + f1.isDefinition() and + f1.getName() = f2.getName() and + f1.getDeclaration() = f2.getDeclaration() and + not f2.isDefinition() and + not f1.isFromTemplateInstantiation(_) and + not f2.isFromTemplateInstantiation(_) +} + from FunctionDeclarationEntry f1 where not isExcluded(f1, Declarations4Package::compatibleDeclarationFunctionDefinedQuery()) and @@ -38,10 +48,12 @@ where f2.getDeclaration() = f1.getDeclaration() and ( //return types differ - not FunctionDeclarationTypeEquivalence::equalReturnTypes(f1, f2) + not FunctionDeclarationTypeEquivalence::equalReturnTypes(f1, + f2) or //parameter types differ - not FunctionDeclarationTypeEquivalence::equalParameterTypes(f1, f2) + not FunctionDeclarationTypeEquivalence::equalParameterTypes(f1, + f2) or //parameter names differ parameterNamesUnmatched(f1, f2) diff --git a/c/misra/src/rules/RULE-8-4/CompatibleDeclarationObjectDefined.ql b/c/misra/src/rules/RULE-8-4/CompatibleDeclarationObjectDefined.ql index 613ce56806..bed30d673c 100644 --- a/c/misra/src/rules/RULE-8-4/CompatibleDeclarationObjectDefined.ql +++ b/c/misra/src/rules/RULE-8-4/CompatibleDeclarationObjectDefined.ql @@ -19,13 +19,13 @@ import codingstandards.c.misra import codingstandards.cpp.Identifiers import codingstandards.cpp.types.Compatible -class RelevantType extends Type { - RelevantType() { - exists(VariableDeclarationEntry decl | - count(VariableDeclarationEntry others | others.getDeclaration() = decl.getDeclaration()) > 1 and - decl.getType() = this - ) - } +predicate relevantTypes(Type a, Type b) { + exists(VariableDeclarationEntry varA, VariableDeclarationEntry varB | + not varA = varB and + varA.getDeclaration() = varB.getDeclaration() and + a = varA.getType() and + b = varB.getType() + ) } from VariableDeclarationEntry decl1 @@ -37,7 +37,7 @@ where not exists(VariableDeclarationEntry decl2 | not decl2.isDefinition() and decl1.getDeclaration() = decl2.getDeclaration() and - TypeEquivalence::equalTypes(decl1.getType(), + TypeEquivalence::equalTypes(decl1.getType(), decl2.getType()) ) select decl1, "No separate compatible declaration found for this definition." diff --git a/change_notes/2025-04-25-improve-type-comparison-performance.md b/change_notes/2025-04-25-improve-type-comparison-performance.md new file mode 100644 index 0000000000..91a019bdf2 --- /dev/null +++ b/change_notes/2025-04-25-improve-type-comparison-performance.md @@ -0,0 +1,6 @@ + - `RULE-8-3`, `RULE-8-4`, `DCL40-C`, `RULE-23-5`: `DeclarationsOfAFunctionSameNameAndType.ql`, `DeclarationsOfAnObjectSameNameAndType.ql`, `CompatibleDeclarationOfFunctionDefined.ql`, `CompatibleDeclarationObjectDefined.ql`, `IncompatibleFunctionDeclarations.ql`, `DangerousDefaultSelectionForPointerInGeneric.ql`: + - Added pragmas to alter join order on function parameter equivalence (names and types). + - Refactored expression which the optimizer was confused by, and compiled into a cartesian product. + - Altered the module `Compatible.qll` to only perform expensive equality checks on types that are compared to a non identical other type, and those reachable from those types in the type graph. Types that are identical will trivially be considered equivalent. + - `RULE-23-5`: `DangerousDefaultSelectionForPointerInGeneric.ql`: + - Altered the module `SimpleAssignment.qll` in accordance with the changes to `Compatible.qll`. \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/types/Compatible.qll b/cpp/common/src/codingstandards/cpp/types/Compatible.qll index 33b2830827..db77765b5a 100644 --- a/cpp/common/src/codingstandards/cpp/types/Compatible.qll +++ b/cpp/common/src/codingstandards/cpp/types/Compatible.qll @@ -25,7 +25,7 @@ class VariableType extends Type { } predicate parameterNamesUnmatched(FunctionDeclarationEntry f1, FunctionDeclarationEntry f2) { - f1.getDeclaration() = f2.getDeclaration() and + pragma[only_bind_into](f1).getDeclaration() = pragma[only_bind_into](f2).getDeclaration() and exists(string p1Name, string p2Name, int i | p1Name = f1.getParameterDeclarationEntry(i).getName() and p2Name = f2.getParameterDeclarationEntry(i).getName() @@ -208,34 +208,64 @@ signature module TypeEquivalenceSig { module DefaultEquivalence implements TypeEquivalenceSig { } /** - * A signature class used to restrict the set of types considered by `TypeEquivalence`, for + * A signature predicate used to restrict the set of types considered by `TypeEquivalence`, for * performance reasons. */ -signature class TypeSubset extends Type; +signature predicate interestedInEquality(Type a, Type b); /** * A module to check the equivalence of two types, as defined by the provided `TypeEquivalenceSig`. * - * For performance reasons, this module is designed to be used with a `TypeSubset` that restricts - * the set of considered types. All types reachable (in the type graph) from a type in the subset - * will be considered. (See `RelevantType`.) + * For performance reasons, this module is designed to be used with a predicate + * `interestedInEquality` that restricts the set of considered types. * * To use this module, define a `TypeEquivalenceSig` module and implement a subset of `Type` that * selects the relevant root types to be considered. Then use the predicate `equalTypes(a, b)`. + * Note that `equalTypes(a, b)` only holds if `interestedIn(a, b)` holds. A type is always + * considered to be equal to itself, and this module does not support configurations that declare + * otherwise. + * + * Further, `interestedInEquality(a, a)` is treated differently from `interestedInEquality(a, b)`, + * assuming that `a` and `b` are not identical. This is so that we can construct a set of types + * that are not identical, but still may be equivalent by the specified configuration. We also must + * consider all types that are reachable from these types, as the equivalence relation is + * recursive. Therefore, this module is more performant when most comparisons are identical, and + * only a few are not. */ -module TypeEquivalence { +module TypeEquivalence { /** * Check whether two types are equivalent, as defined by the `TypeEquivalenceSig` module. + * + * This only holds if the specified predicate `interestedIn` holds for the types, and always + * holds if `t1` and `t2` are identical. */ - predicate equalTypes(RelevantType t1, RelevantType t2) { + predicate equalTypes(Type t1, Type t2) { + interestedInUnordered(t1, t2) and + ( + // If the types are identical, they are trivially equal. + t1 = t2 + or + not t1 = t2 and + equalTypesImpl(t1, t2) + ) + } + + /** + * This implementation handles only the slow and complex cases of type equivalence, where the + * types are not identical. + * + * Assuming that types a, b must be compared where `a` and `b` are not identical, we wish to + * search only the smallest set of possible relevant types. See `RelevantType` for more. + */ + private predicate equalTypesImpl(RelevantType t1, RelevantType t2) { if Config::overrideTypeComparison(t1, t2, _) then Config::overrideTypeComparison(t1, t2, true) else if t1 instanceof TypedefType and Config::resolveTypedefs() - then equalTypes(t1.(TypedefType).getBaseType(), t2) + then equalTypesImpl(t1.(TypedefType).getBaseType(), t2) else if t2 instanceof TypedefType and Config::resolveTypedefs() - then equalTypes(t1, t2.(TypedefType).getBaseType()) + then equalTypesImpl(t1, t2.(TypedefType).getBaseType()) else ( not t1 instanceof DerivedType and not t2 instanceof DerivedType and @@ -251,13 +281,36 @@ module TypeEquivalence { ) } + /** Whether two types will be compared, regardless of order (a, b) or (b, a). */ + private predicate interestedInUnordered(Type t1, Type t2) { + interestedIn(t1, t2) or + interestedIn(t2, t1) } + + final private class FinalType = Type; + /** - * A type that is either part of the type subset, or that is reachable from a type in the subset. + * A type that is compared to another type that is not identical. This is the set of types that + * form the roots of our more expensive type equivalence analysis. */ - private class RelevantType instanceof Type { - RelevantType() { exists(T t | typeGraph*(t, this)) } + private class InterestingType extends FinalType { + InterestingType() { + exists(Type inexactCompare | + interestedInUnordered(this, _) and + not inexactCompare = this + ) + } + } - string toString() { result = this.(Type).toString() } + /** + * A type that is reachable from an `InterestingType` (a type that is compared to a non-identical + * type). + * + * Since type equivalence is recursive, CodeQL will consider the equality of these types in a + * bottom-up evaluation, with leaf nodes first. Therefore, this set must be as small as possible + * in order to be efficient. + */ + private class RelevantType extends FinalType { + RelevantType() { exists(InterestingType t | typeGraph*(t, this)) } } private class RelevantDerivedType extends RelevantType instanceof DerivedType { @@ -296,7 +349,7 @@ module TypeEquivalence { bindingset[t1, t2] private predicate equalDerivedTypes(RelevantDerivedType t1, RelevantDerivedType t2) { exists(Boolean baseTypesEqual | - (baseTypesEqual = true implies equalTypes(t1.getBaseType(), t2.getBaseType())) and + (baseTypesEqual = true implies equalTypesImpl(t1.getBaseType(), t2.getBaseType())) and ( Config::equalPointerTypes(t1, t2, baseTypesEqual) or @@ -310,7 +363,7 @@ module TypeEquivalence { // Note that this case is different from the above, in that we don't merely get the base // type (as that could be a TypedefType that points to another SpecifiedType). We need to // unspecify the type to see if the base types are equal. - (unspecifiedTypesEqual = true implies equalTypes(unspecify(t1), unspecify(t2))) and + (unspecifiedTypesEqual = true implies equalTypesImpl(unspecify(t1), unspecify(t2))) and Config::equalSpecifiedTypes(t1, t2, unspecifiedTypesEqual) ) } @@ -318,12 +371,12 @@ module TypeEquivalence { bindingset[t1, t2] private predicate equalFunctionTypes(RelevantFunctionType t1, RelevantFunctionType t2) { exists(Boolean returnTypeEqual, Boolean parameterTypesEqual | - (returnTypeEqual = true implies equalTypes(t1.getReturnType(), t2.getReturnType())) and + (returnTypeEqual = true implies equalTypesImpl(t1.getReturnType(), t2.getReturnType())) and ( parameterTypesEqual = true implies forall(int i | exists([t1, t2].getParameterType(i)) | - equalTypes(t1.getParameterType(i), t2.getParameterType(i)) + equalTypesImpl(t1.getParameterType(i), t2.getParameterType(i)) ) ) and ( @@ -337,18 +390,41 @@ module TypeEquivalence { bindingset[t1, t2] private predicate equalTypedefTypes(RelevantTypedefType t1, RelevantTypedefType t2) { exists(Boolean baseTypesEqual | - (baseTypesEqual = true implies equalTypes(t1.getBaseType(), t2.getBaseType())) and + (baseTypesEqual = true implies equalTypesImpl(t1.getBaseType(), t2.getBaseType())) and Config::equalTypedefTypes(t1, t2, baseTypesEqual) ) } } -module FunctionDeclarationTypeEquivalence { +signature predicate interestedInFunctionDeclarations( + FunctionDeclarationEntry f1, FunctionDeclarationEntry f2 +); + +module FunctionDeclarationTypeEquivalence< + TypeEquivalenceSig Config, interestedInFunctionDeclarations/2 interestedInFunctions> +{ + private predicate interestedInReturnTypes(Type a, Type b) { + exists(FunctionDeclarationEntry aFun, FunctionDeclarationEntry bFun | + interestedInFunctions(aFun, bFun) and + a = aFun.getType() and + b = bFun.getType() + ) + } + + private predicate interestedInParameterTypes(Type a, Type b) { + exists(FunctionDeclarationEntry aFun, FunctionDeclarationEntry bFun, int i | + interestedInFunctions(pragma[only_bind_into](aFun), pragma[only_bind_into](bFun)) and + a = aFun.getParameterDeclarationEntry(i).getType() and + b = bFun.getParameterDeclarationEntry(i).getType() + ) + } + predicate equalReturnTypes(FunctionDeclarationEntry f1, FunctionDeclarationEntry f2) { - TypeEquivalence::equalTypes(f1.getType(), f2.getType()) + TypeEquivalence::equalTypes(f1.getType(), f2.getType()) } predicate equalParameterTypes(FunctionDeclarationEntry f1, FunctionDeclarationEntry f2) { + interestedInFunctions(f1, f2) and f1.getDeclaration() = f2.getDeclaration() and forall(int i | exists([f1, f2].getParameterDeclarationEntry(i)) | equalParameterTypesAt(f1, f2, pragma[only_bind_into](i)) @@ -356,11 +432,10 @@ module FunctionDeclarationTypeEquivalence { } predicate equalParameterTypesAt(FunctionDeclarationEntry f1, FunctionDeclarationEntry f2, int i) { - pragma[only_bind_out](f1.getDeclaration()) = pragma[only_bind_out](f2.getDeclaration()) and - TypeEquivalence::equalTypes( - f1.getParameterDeclarationEntry(i).getType(), - f2.getParameterDeclarationEntry(i).getType() - ) + interestedInFunctions(f1, f2) and + f1.getDeclaration() = f2.getDeclaration() and + TypeEquivalence::equalTypes(f1.getParameterDeclarationEntry(pragma[only_bind_into](i)) + .getType(), f2.getParameterDeclarationEntry(pragma[only_bind_into](i)).getType()) } } diff --git a/cpp/common/src/codingstandards/cpp/types/SimpleAssignment.qll b/cpp/common/src/codingstandards/cpp/types/SimpleAssignment.qll index 4f7a85c80a..a31400a340 100644 --- a/cpp/common/src/codingstandards/cpp/types/SimpleAssignment.qll +++ b/cpp/common/src/codingstandards/cpp/types/SimpleAssignment.qll @@ -8,42 +8,67 @@ import codingstandards.cpp.types.LvalueConversion import codingstandards.cpp.types.Compatible -module SimpleAssignment { - final private class FinalType = Type; - - private class RelevantType extends FinalType { - RelevantType() { exists(T t | typeGraph*(t, this) or typeGraph(getLvalueConverted(t), this)) } - - string toString() { result = "relevant type" } - } - +module SimpleAssignment { /** * Whether a pair of qualified or unqualified pointer types satisfy the simple assignment * constraints from 6.5.16.1. * * There are additional constraints not implemented here involving one or more arithmetic types. */ - predicate satisfiesSimplePointerAssignment(RelevantType left, RelevantType right) { + predicate satisfiesSimplePointerAssignment(Type left, Type right) { + checksAssignment(left, right) and simplePointerAssignmentImpl(getLvalueConverted(left), right) } + private predicate satisfiedWhenTypesCompatible(Type left, Type right, Type checkA, Type checkB) { + interestedInTypes(left, right) and + exists(Type leftBase, Type rightBase | + // The left operand has atomic, qualified, or unqualified pointer type: + leftBase = left.stripTopLevelSpecifiers().(PointerType).getBaseType() and + rightBase = right.stripTopLevelSpecifiers().(PointerType).getBaseType() and + ( + // and both operands are pointers to qualified or unqualified versions of compatible types: + checkA = leftBase.stripTopLevelSpecifiers() and + checkB = rightBase.stripTopLevelSpecifiers() + ) and + // and the type pointed to by the left has all the qualifiers of the type pointed to by the + // right: + forall(Specifier s | s = rightBase.getASpecifier() | s = leftBase.getASpecifier()) + ) + } + + predicate interestedInTypes(Type left, Type right) { + exists(Type unconverted | + left = getLvalueConverted(unconverted) and + checksAssignment(unconverted, right) + ) + } + + predicate checksCompatibility(Type left, Type right) { + // Check if the types are compatible + exists(Type assignA, Type assignB | + checksAssignment(assignA, assignB) and + satisfiedWhenTypesCompatible(assignA, assignB, left, right) + ) + } + /** * Implementation of 6.5.16.1 for a pair of pointer types, that assumes lvalue conversion has been * performed on the left operand. */ - private predicate simplePointerAssignmentImpl(RelevantType left, RelevantType right) { - exists(RelevantType leftBase, RelevantType rightBase | + bindingset[left, right] + private predicate simplePointerAssignmentImpl(Type left, Type right) { + exists(Type checkA, Type checkB | + satisfiedWhenTypesCompatible(left, right, checkA, checkB) and + TypeEquivalence::equalTypes(checkA, checkB) + ) + or + exists(Type leftBase, Type rightBase | // The left operand has atomic, qualified, or unqualified pointer type: leftBase = left.stripTopLevelSpecifiers().(PointerType).getBaseType() and rightBase = right.stripTopLevelSpecifiers().(PointerType).getBaseType() and - ( - // and both operands are pointers to qualified or unqualified versions of compatible types: - TypeEquivalence::equalTypes(leftBase - .stripTopLevelSpecifiers(), rightBase.stripTopLevelSpecifiers()) - or - // or one operand is a pointer to a qualified or unqualified version of void - [leftBase, rightBase].stripTopLevelSpecifiers() instanceof VoidType - ) and + // or one operand is a pointer to a qualified or unqualified version of void + [leftBase, rightBase].stripTopLevelSpecifiers() instanceof VoidType and // and the type pointed to by the left has all the qualifiers of the type pointed to by the // right: forall(Specifier s | s = rightBase.getASpecifier() | s = leftBase.getASpecifier()) From 48257745c8e553c125aa876e9755f959888bfc4a Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Sun, 27 Apr 2025 01:49:42 -0700 Subject: [PATCH 2514/2573] Add missing file changed --- .../DCL40-C/IncompatibleFunctionDeclarations.ql | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/c/cert/src/rules/DCL40-C/IncompatibleFunctionDeclarations.ql b/c/cert/src/rules/DCL40-C/IncompatibleFunctionDeclarations.ql index 95ef0fd682..8cab442e54 100644 --- a/c/cert/src/rules/DCL40-C/IncompatibleFunctionDeclarations.ql +++ b/c/cert/src/rules/DCL40-C/IncompatibleFunctionDeclarations.ql @@ -19,6 +19,12 @@ import codingstandards.c.cert import codingstandards.cpp.types.Compatible import ExternalIdentifiers +predicate interestedInFunctions(FunctionDeclarationEntry f1, FunctionDeclarationEntry f2) { + not f1 = f2 and + f1.getDeclaration() = f2.getDeclaration() and + f1.getName() = f2.getName() +} + from ExternalIdentifiers d, FunctionDeclarationEntry f1, FunctionDeclarationEntry f2 where not isExcluded(f1, Declarations2Package::incompatibleFunctionDeclarationsQuery()) and @@ -29,10 +35,12 @@ where f1.getName() = f2.getName() and ( //return type check - not FunctionDeclarationTypeEquivalence::equalReturnTypes(f1, f2) + not FunctionDeclarationTypeEquivalence::equalReturnTypes(f1, + f2) or //parameter type check - not FunctionDeclarationTypeEquivalence::equalParameterTypes(f1, f2) + not FunctionDeclarationTypeEquivalence::equalParameterTypes(f1, + f2) ) and // Apply ordering on start line, trying to avoid the optimiser applying this join too early // in the pipeline From 06351f52f176b55a5e3396dd8f5aa3a445d70a01 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Sun, 27 Apr 2025 01:48:55 -0700 Subject: [PATCH 2515/2573] Try forcing top-down pairwise comparison --- .../codingstandards/cpp/types/Compatible.qll | 138 ++++++++---------- 1 file changed, 63 insertions(+), 75 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/types/Compatible.qll b/cpp/common/src/codingstandards/cpp/types/Compatible.qll index db77765b5a..53b0076c7c 100644 --- a/cpp/common/src/codingstandards/cpp/types/Compatible.qll +++ b/cpp/common/src/codingstandards/cpp/types/Compatible.qll @@ -224,7 +224,7 @@ signature predicate interestedInEquality(Type a, Type b); * Note that `equalTypes(a, b)` only holds if `interestedIn(a, b)` holds. A type is always * considered to be equal to itself, and this module does not support configurations that declare * otherwise. - * + * * Further, `interestedInEquality(a, a)` is treated differently from `interestedInEquality(a, b)`, * assuming that `a` and `b` are not identical. This is so that we can construct a set of types * that are not identical, but still may be equivalent by the specified configuration. We also must @@ -233,45 +233,75 @@ signature predicate interestedInEquality(Type a, Type b); * only a few are not. */ module TypeEquivalence { + /** - * Check whether two types are equivalent, as defined by the `TypeEquivalenceSig` module. - * - * This only holds if the specified predicate `interestedIn` holds for the types, and always - * holds if `t1` and `t2` are identical. + * Performance related predicate to force top down rather than bottom up evaluation of type + * equivalence. */ - predicate equalTypes(Type t1, Type t2) { - interestedInUnordered(t1, t2) and - ( - // If the types are identical, they are trivially equal. - t1 = t2 + predicate compares(Type t1, Type t2) { + interestedIn(t1, t2) + or + exists(DerivedType t1Derived, DerivedType t2Derived | + not t1Derived instanceof SpecifiedType and + not t2Derived instanceof SpecifiedType and + compares(pragma[only_bind_into](t1Derived), pragma[only_bind_into](t2Derived)) and + t1 = t1Derived.getBaseType() and + t2 = t2Derived.getBaseType() + ) + or + exists(SpecifiedType t1Spec, SpecifiedType t2Spec | + compares(pragma[only_bind_into](t1Spec), pragma[only_bind_into](t2Spec)) and + ( + t1 = unspecify(t1Spec) and + t2 = unspecify(t2Spec) + ) + ) + or + exists(FunctionType t1Func, FunctionType t2Func | + compares(pragma[only_bind_into](t1Func), pragma[only_bind_into](t2Func)) and + ( + t1 = t1Func.getReturnType() and + t2 = t2Func.getReturnType() + or + exists(int i | + t1 = t1Func.getParameterType(pragma[only_bind_out](i)) and + t2 = t2Func.getParameterType(i) + ) + ) + ) + or + Config::resolveTypedefs() and + exists(TypedefType tdtype | + tdtype.getBaseType() = t1 and + compares(pragma[only_bind_into](tdtype), t2) or - not t1 = t2 and - equalTypesImpl(t1, t2) + tdtype.getBaseType() = t2 and + compares(t1, pragma[only_bind_into](tdtype)) ) } /** - * This implementation handles only the slow and complex cases of type equivalence, where the - * types are not identical. + * Check whether two types are equivalent, as defined by the `TypeEquivalenceSig` module. * - * Assuming that types a, b must be compared where `a` and `b` are not identical, we wish to - * search only the smallest set of possible relevant types. See `RelevantType` for more. + * This only holds if the specified predicate `interestedIn` holds for the types, and always + * holds if `t1` and `t2` are identical. */ - private predicate equalTypesImpl(RelevantType t1, RelevantType t2) { + private predicate equalTypes(Type t1, Type t2) { + compares(pragma[only_bind_into](t1), pragma[only_bind_into](t2)) and if Config::overrideTypeComparison(t1, t2, _) then Config::overrideTypeComparison(t1, t2, true) else if t1 instanceof TypedefType and Config::resolveTypedefs() - then equalTypesImpl(t1.(TypedefType).getBaseType(), t2) + then equalTypes(t1.(TypedefType).getBaseType(), t2) else if t2 instanceof TypedefType and Config::resolveTypedefs() - then equalTypesImpl(t1, t2.(TypedefType).getBaseType()) + then equalTypes(t1, t2.(TypedefType).getBaseType()) else ( not t1 instanceof DerivedType and not t2 instanceof DerivedType and not t1 instanceof TypedefType and not t2 instanceof TypedefType and - LeafEquiv::getEquivalenceClass(t1) = LeafEquiv::getEquivalenceClass(t2) + equalLeafRelation(t1, t2) or equalDerivedTypes(t1, t2) or @@ -284,56 +314,14 @@ module TypeEquivalence; - - private predicate equalLeafRelation(RelevantType t1, RelevantType t2) { - Config::equalLeafTypes(t1, t2) - } + bindingset[t1, t2] + private predicate equalLeafRelation(Type t1, Type t2) { Config::equalLeafTypes(t1, t2) } - private RelevantType unspecify(SpecifiedType t) { + bindingset[t] + private Type unspecify(SpecifiedType t) { // This subtly and importantly handles the complicated cases of typedefs. Under most scenarios, // if we see a typedef in `equalTypes()` we can simply get the base type and continue. However, // there is an exception if we have a specified type that points to a typedef that points to @@ -347,9 +335,9 @@ module TypeEquivalence Date: Sun, 27 Apr 2025 12:22:21 -0700 Subject: [PATCH 2516/2573] Fix private predicate --- cpp/common/src/codingstandards/cpp/types/Compatible.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/types/Compatible.qll b/cpp/common/src/codingstandards/cpp/types/Compatible.qll index 53b0076c7c..da2b175a0d 100644 --- a/cpp/common/src/codingstandards/cpp/types/Compatible.qll +++ b/cpp/common/src/codingstandards/cpp/types/Compatible.qll @@ -286,7 +286,7 @@ module TypeEquivalence Date: Mon, 28 Apr 2025 10:51:11 -0700 Subject: [PATCH 2517/2573] Address feedback, separate `compares` from `recurses`, format. --- .../DeclarationsOfAFunctionSameNameAndType.ql | 6 +- ...-25-improve-type-comparison-performance.md | 2 +- .../codingstandards/cpp/types/Compatible.qll | 155 ++++++++++++++---- 3 files changed, 125 insertions(+), 38 deletions(-) diff --git a/c/misra/src/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.ql b/c/misra/src/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.ql index 0be6347840..9ae62a7be0 100644 --- a/c/misra/src/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.ql +++ b/c/misra/src/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.ql @@ -30,12 +30,14 @@ where f1.getDeclaration() = f2.getDeclaration() and //return type check ( - not FunctionDeclarationTypeEquivalence::equalReturnTypes(f1, f2) and + not FunctionDeclarationTypeEquivalence::equalReturnTypes(f1, + f2) and case = "return type" and pluralDo = "does" or //parameter type check - not FunctionDeclarationTypeEquivalence::equalParameterTypes(f1, f2) and + not FunctionDeclarationTypeEquivalence::equalParameterTypes(f1, + f2) and case = "parameter types" and pluralDo = "do" or diff --git a/change_notes/2025-04-25-improve-type-comparison-performance.md b/change_notes/2025-04-25-improve-type-comparison-performance.md index 91a019bdf2..39c462fbf2 100644 --- a/change_notes/2025-04-25-improve-type-comparison-performance.md +++ b/change_notes/2025-04-25-improve-type-comparison-performance.md @@ -1,6 +1,6 @@ - `RULE-8-3`, `RULE-8-4`, `DCL40-C`, `RULE-23-5`: `DeclarationsOfAFunctionSameNameAndType.ql`, `DeclarationsOfAnObjectSameNameAndType.ql`, `CompatibleDeclarationOfFunctionDefined.ql`, `CompatibleDeclarationObjectDefined.ql`, `IncompatibleFunctionDeclarations.ql`, `DangerousDefaultSelectionForPointerInGeneric.ql`: - Added pragmas to alter join order on function parameter equivalence (names and types). - Refactored expression which the optimizer was confused by, and compiled into a cartesian product. - - Altered the module `Compatible.qll` to only perform expensive equality checks on types that are compared to a non identical other type, and those reachable from those types in the type graph. Types that are identical will trivially be considered equivalent. + - Altered the module `Compatible.qll` to compute equality in two stages. Firstly, all pairs of possible type comparisons (including recursive comparisons) are found, then those pairwise comparisons are evaluated in a second stage. This greatly reduces the number of comparisons and greatly improves performance. - `RULE-23-5`: `DangerousDefaultSelectionForPointerInGeneric.ql`: - Altered the module `SimpleAssignment.qll` in accordance with the changes to `Compatible.qll`. \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/types/Compatible.qll b/cpp/common/src/codingstandards/cpp/types/Compatible.qll index da2b175a0d..c222cd77ba 100644 --- a/cpp/common/src/codingstandards/cpp/types/Compatible.qll +++ b/cpp/common/src/codingstandards/cpp/types/Compatible.qll @@ -217,48 +217,61 @@ signature predicate interestedInEquality(Type a, Type b); * A module to check the equivalence of two types, as defined by the provided `TypeEquivalenceSig`. * * For performance reasons, this module is designed to be used with a predicate - * `interestedInEquality` that restricts the set of considered types. + * `interestedInEquality` that restricts the set of considered pairwise comparisons. * * To use this module, define a `TypeEquivalenceSig` module and implement a subset of `Type` that * selects the relevant root types to be considered. Then use the predicate `equalTypes(a, b)`. * Note that `equalTypes(a, b)` only holds if `interestedIn(a, b)` holds. A type is always * considered to be equal to itself, and this module does not support configurations that declare - * otherwise. + * otherwise. Additionally, `interestedIn(a, b)` implies `interestedIn(b, a)`. * - * Further, `interestedInEquality(a, a)` is treated differently from `interestedInEquality(a, b)`, - * assuming that `a` and `b` are not identical. This is so that we can construct a set of types - * that are not identical, but still may be equivalent by the specified configuration. We also must - * consider all types that are reachable from these types, as the equivalence relation is - * recursive. Therefore, this module is more performant when most comparisons are identical, and - * only a few are not. + * This module will recursively select pairs of types to be compared. For instance, if + * `interestedInEquality(a, b)` holds, then types `a` and `b` will be compared. If + * `Config::equalPointerTypes(a, b, true)` holds, then the pointed-to types of `a` and `b` will be + * compared. However, if `Config::equalPointerTypes(a, b, false)` holds, then `a` and `b` will be + * compared, but their pointed-to types will not. Similarly, inner types will not be compared if + * `Config::overrideTypeComparison(a, b, _)` holds. For detail, see the module predicates + * `recurses` and `compares`. */ module TypeEquivalence { - /** * Performance related predicate to force top down rather than bottom up evaluation of type * equivalence. + * + * This interoperates with the predicate `recurses` to find types that will be compared, along + * with the inner types of those types that will be compared. See `recurses` for cases where this + * algorithm will or will not recurse. We still need to know which types are compared, even if + * we do not recurse on them, in order to properly constrain `equalTypes(x, y)` to hold for types + * such as leaf types, where we do not recurse during comparison. + * + * At each stage of recursion, we specify `pragma[only_bind_into]` to ensure that the + * prior `recurses` results are considered first in the pipeline. */ predicate compares(Type t1, Type t2) { - interestedIn(t1, t2) + // Base case: config specifies that these root types will be compared. + interestedInUnordered(t1, t2) or + // If derived types are compared, their base types must be compared. exists(DerivedType t1Derived, DerivedType t2Derived | not t1Derived instanceof SpecifiedType and not t2Derived instanceof SpecifiedType and - compares(pragma[only_bind_into](t1Derived), pragma[only_bind_into](t2Derived)) and + recurses(pragma[only_bind_into](t1Derived), pragma[only_bind_into](t2Derived)) and t1 = t1Derived.getBaseType() and t2 = t2Derived.getBaseType() ) or + // If specified types are compared, their unspecified types must be compared. exists(SpecifiedType t1Spec, SpecifiedType t2Spec | - compares(pragma[only_bind_into](t1Spec), pragma[only_bind_into](t2Spec)) and + recurses(pragma[only_bind_into](t1Spec), pragma[only_bind_into](t2Spec)) and ( t1 = unspecify(t1Spec) and t2 = unspecify(t2Spec) ) ) or + // If function types are compared, their return types and parameter types must be compared. exists(FunctionType t1Func, FunctionType t2Func | - compares(pragma[only_bind_into](t1Func), pragma[only_bind_into](t2Func)) and + recurses(pragma[only_bind_into](t1Func), pragma[only_bind_into](t2Func)) and ( t1 = t1Func.getReturnType() and t2 = t2Func.getReturnType() @@ -270,13 +283,79 @@ module TypeEquivalence::equalTypes(f1.getType(), f2.getType()) } From 6c14eebefbe9c9b3a23f6d234417c82adbe7a7e5 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Mon, 28 Apr 2025 10:53:10 -0700 Subject: [PATCH 2518/2573] Remove redundant condition --- .../src/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.ql | 1 - 1 file changed, 1 deletion(-) diff --git a/c/misra/src/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.ql b/c/misra/src/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.ql index 9ae62a7be0..fe0ae81ab1 100644 --- a/c/misra/src/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.ql +++ b/c/misra/src/rules/RULE-8-3/DeclarationsOfAFunctionSameNameAndType.ql @@ -17,7 +17,6 @@ import codingstandards.c.misra import codingstandards.cpp.types.Compatible predicate interestedInFunctions(FunctionDeclarationEntry f1, FunctionDeclarationEntry f2) { - f1.getDeclaration() = f2.getDeclaration() and not f1 = f2 and f1.getDeclaration() = f2.getDeclaration() } From 4b8cdd339caa9329eac90143f8534406f1935a20 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Mon, 28 Apr 2025 18:47:07 -0700 Subject: [PATCH 2519/2573] Address next round of feedback --- .../CompatibleDeclarationFunctionDefined.ql | 5 +- .../codingstandards/cpp/types/Compatible.qll | 109 ++++++++++-------- 2 files changed, 67 insertions(+), 47 deletions(-) diff --git a/c/misra/src/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.ql b/c/misra/src/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.ql index 2f17dd5086..9631b02839 100644 --- a/c/misra/src/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.ql +++ b/c/misra/src/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.ql @@ -22,8 +22,9 @@ import codingstandards.cpp.types.Compatible predicate interestedInFunctions(FunctionDeclarationEntry f1, FunctionDeclarationEntry f2) { f1.getDeclaration() instanceof ExternalIdentifiers and f1.isDefinition() and - f1.getName() = f2.getName() and f1.getDeclaration() = f2.getDeclaration() and + // This condition should always hold, but removing it affects join order performance. + f1.getName() = f2.getName() and not f2.isDefinition() and not f1.isFromTemplateInstantiation(_) and not f2.isFromTemplateInstantiation(_) @@ -51,10 +52,12 @@ where not FunctionDeclarationTypeEquivalence::equalReturnTypes(f1, f2) or + //not compatibleReturns(f1, f2) //parameter types differ not FunctionDeclarationTypeEquivalence::equalParameterTypes(f1, f2) or + //not compatibleParams(f1, f2) //parameter names differ parameterNamesUnmatched(f1, f2) ) diff --git a/cpp/common/src/codingstandards/cpp/types/Compatible.qll b/cpp/common/src/codingstandards/cpp/types/Compatible.qll index c222cd77ba..ded3794658 100644 --- a/cpp/common/src/codingstandards/cpp/types/Compatible.qll +++ b/cpp/common/src/codingstandards/cpp/types/Compatible.qll @@ -231,23 +231,31 @@ signature predicate interestedInEquality(Type a, Type b); * compared. However, if `Config::equalPointerTypes(a, b, false)` holds, then `a` and `b` will be * compared, but their pointed-to types will not. Similarly, inner types will not be compared if * `Config::overrideTypeComparison(a, b, _)` holds. For detail, see the module predicates - * `recurses` and `compares`. + * `shouldRecurseOn` and `interestedInNestedTypes`. */ module TypeEquivalence { /** - * Performance related predicate to force top down rather than bottom up evaluation of type - * equivalence. + * Performance-related predicate that holds for a pair of types `(a, b)` such that + * `interestedIn(a, b)` holds, or there exists a pair of types `(c, d)` such that + * `interestedIn(c, d)` holds, and computing `equalTypes(a, b)` requires computing + * `equalTypes(c, d)`. + * + * The goal of this predicate is to force top down rather than bottom up evaluation of type + * equivalence. That is to say, if we compare array types `int[]` and `int[]`, we to compare that + * both types are arrays first, and then compare that their base types are equal. Naively, CodeQL + * is liable to compute this kind of recursive equality in a bottom up fashion, where the cross + * product of all types is considered in computing `equalTypes(a, b)`. * - * This interoperates with the predicate `recurses` to find types that will be compared, along - * with the inner types of those types that will be compared. See `recurses` for cases where this - * algorithm will or will not recurse. We still need to know which types are compared, even if - * we do not recurse on them, in order to properly constrain `equalTypes(x, y)` to hold for types - * such as leaf types, where we do not recurse during comparison. + * This interoperates with the predicate `shouldRecurseOn` to find types that will be compared, + * along with the inner types of those types that will be compared. See `shouldRecurseOn` for + * cases where this algorithm will or will not recurse. We still need to know which types are + * compared, even if we do not recurse on them, in order to properly constrain `equalTypes(x, y)` + * to hold for types such as leaf types, where we do not recurse during comparison. * * At each stage of recursion, we specify `pragma[only_bind_into]` to ensure that the - * prior `recurses` results are considered first in the pipeline. + * prior `shouldRecurseOn` results are considered first in the pipeline. */ - predicate compares(Type t1, Type t2) { + private predicate interestedInNestedTypes(Type t1, Type t2) { // Base case: config specifies that these root types will be compared. interestedInUnordered(t1, t2) or @@ -255,14 +263,14 @@ module TypeEquivalence Date: Tue, 29 Apr 2025 09:09:58 -0700 Subject: [PATCH 2520/2573] Ensure Config::resolvesTypedefs() enforced, remove comments --- .../rules/RULE-8-4/CompatibleDeclarationFunctionDefined.ql | 2 -- cpp/common/src/codingstandards/cpp/types/Compatible.qll | 5 +++-- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/c/misra/src/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.ql b/c/misra/src/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.ql index 9631b02839..73abc1e048 100644 --- a/c/misra/src/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.ql +++ b/c/misra/src/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.ql @@ -52,12 +52,10 @@ where not FunctionDeclarationTypeEquivalence::equalReturnTypes(f1, f2) or - //not compatibleReturns(f1, f2) //parameter types differ not FunctionDeclarationTypeEquivalence::equalParameterTypes(f1, f2) or - //not compatibleParams(f1, f2) //parameter names differ parameterNamesUnmatched(f1, f2) ) diff --git a/cpp/common/src/codingstandards/cpp/types/Compatible.qll b/cpp/common/src/codingstandards/cpp/types/Compatible.qll index ded3794658..c4ee9a22e3 100644 --- a/cpp/common/src/codingstandards/cpp/types/Compatible.qll +++ b/cpp/common/src/codingstandards/cpp/types/Compatible.qll @@ -390,8 +390,6 @@ module TypeEquivalence Date: Wed, 30 Apr 2025 15:05:55 +0000 Subject: [PATCH 2521/2573] Bump version to 2.45.0-dev --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- docs/user_manual.md | 12 ++++++------ 16 files changed, 21 insertions(+), 21 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index 631639301e..b79fbf3cbb 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards -version: 2.44.0-dev +version: 2.45.0-dev description: CERT C 2016 suites: codeql-suites license: MIT diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index 6eaaba1e91..f7fe527dab 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards-tests -version: 2.44.0-dev +version: 2.45.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 4c21dc9b18..ad3f825a4b 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards -version: 2.44.0-dev +version: 2.45.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index 1dbb59b4fd..cbadd7f238 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards-tests -version: 2.44.0-dev +version: 2.45.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 54cda2c1cc..b5d16e9974 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards -version: 2.44.0-dev +version: 2.45.0-dev description: MISRA C 2012 suites: codeql-suites license: MIT diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index 9148e26b59..e6932cc894 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards-tests -version: 2.44.0-dev +version: 2.45.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index 6d31398b2c..b9cd9b72a8 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards -version: 2.44.0-dev +version: 2.45.0-dev description: AUTOSAR C++14 Guidelines R22-11, R21-11, R20-11, R19-11 and R19-03 suites: codeql-suites license: MIT diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index ff7621c9d1..0b92541fdf 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards-tests -version: 2.44.0-dev +version: 2.45.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index f44646cdbe..a3b60a7e07 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards -version: 2.44.0-dev +version: 2.45.0-dev description: CERT C++ 2016 suites: codeql-suites license: MIT diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index c6d57b0d33..1baf2b3fc3 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards-tests -version: 2.44.0-dev +version: 2.45.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index 302955fc78..47a116582c 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards -version: 2.44.0-dev +version: 2.45.0-dev license: MIT dependencies: codeql/cpp-all: 2.1.1 diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index 1f0b830de8..a636b824dc 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards-tests -version: 2.44.0-dev +version: 2.45.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index 27e0893ed6..a98ccfa757 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards -version: 2.44.0-dev +version: 2.45.0-dev description: MISRA C++ 2023 default-suite: codeql-suites/misra-cpp-default.qls license: MIT diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index cdf6cbcdea..aad59493fe 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards-tests -version: 2.44.0-dev +version: 2.45.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index 83188c2748..731d68dd29 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/report-cpp-coding-standards -version: 2.44.0-dev +version: 2.45.0-dev license: MIT dependencies: codeql/cpp-all: 2.1.1 diff --git a/docs/user_manual.md b/docs/user_manual.md index 1e14744f80..2920e024a6 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -35,14 +35,14 @@ ## Release information -This user manual documents release `2.44.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). +This user manual documents release `2.45.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). The release page documents the release notes and contains the following artifacts part of the release: - `coding-standards-codeql-packs-2.37.0-dev.zip`: CodeQL packs that can be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `code-scanning-cpp-query-pack-2.44.0-dev.zip`: Legacy packaging for the queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `supported_rules_list_2.44.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. -- `supported_rules_list_2.44.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. -- `user_manual_2.44.0-dev.md`: This user manual. +- `code-scanning-cpp-query-pack-2.45.0-dev.zip`: Legacy packaging for the queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. +- `supported_rules_list_2.45.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. +- `supported_rules_list_2.45.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. +- `user_manual_2.45.0-dev.md`: This user manual. - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards - `checksums.txt`: A text file containing sha256 checksums for the aforementioned artifacts. @@ -667,7 +667,7 @@ This section describes known failure modes for "CodeQL Coding Standards" and des | | Out of space | Less output. Some files may be only be partially analyzed, or not analyzed at all. | Error reported on the command line. | Increase space. If it remains an issue report space consumption issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False positives | More output. Results are reported which are not violations of the guidelines. | All reported results must be reviewed. | Report false positive issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False negatives | Less output. Violations of the guidelines are not reported. | Other validation and verification processes during software development should be used to complement the analysis performed by CodeQL Coding Standards. | Report false negative issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | -| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.44.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | +| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.45.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | | | Incorrect deviation record specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation records with a reason. Ensure that all deviation records are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Incorrect deviation permit specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation permits with a reason. Ensure that all deviation permits are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Unapproved use of a deviation record | Less output. Results for guideline violations are not reported. | Validate that the deviation record use is approved by verifying the approved-by attribute of the deviation record specification. | Ensure that each raised deviation record is approved by an independent approver through an auditable process. | From a1f45ff00ee89988bd1ad0121a2ad7ceed2ece1f Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 1 May 2025 23:39:39 +0100 Subject: [PATCH 2522/2573] Add a script to lift CERT risk assessment tags from help files --- scripts/add_risk_assessment_tags.py | 160 ++++++++++++++++++++++++++++ 1 file changed, 160 insertions(+) create mode 100644 scripts/add_risk_assessment_tags.py diff --git a/scripts/add_risk_assessment_tags.py b/scripts/add_risk_assessment_tags.py new file mode 100644 index 0000000000..f2ed9a5a73 --- /dev/null +++ b/scripts/add_risk_assessment_tags.py @@ -0,0 +1,160 @@ +#!/usr/bin/env python3 +""" +Add risk assessment tags to rule package JSON files. + +This script: +1. Iterates through each JSON file in rule_packages directory +2. Looks for CERT-C or CERT-CPP sections +3. For each rule, finds the corresponding markdown file +4. Extracts risk assessment data from the markdown file +5. Adds risk assessment data as tags to each query in the JSON file +""" + +import os +import json +import re +import glob +from bs4 import BeautifulSoup +import logging + +logging.basicConfig(level=logging.INFO, format='%(asctime)s - %(levelname)s - %(message)s') +logger = logging.getLogger(__name__) + +def find_rule_packages(): + """Find all JSON rule package files in the rule_packages directory.""" + repo_root = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) + rule_packages_dir = os.path.join(repo_root, "rule_packages") + return glob.glob(os.path.join(rule_packages_dir, "**", "*.json"), recursive=True) + +def extract_risk_assessment_from_md(md_file_path): + """Extract risk assessment data from the markdown file.""" + risk_data = {} + + try: + with open(md_file_path, 'r', encoding='utf-8') as f: + content = f.read() + + # Find the Risk Assessment section + risk_section_match = re.search(r'## Risk Assessment(.*?)##', content, re.DOTALL) + if not risk_section_match: + # Try to find it as the last section + risk_section_match = re.search(r'## Risk Assessment(.*?)$', content, re.DOTALL) + if not risk_section_match: + logger.warning(f"No Risk Assessment section found in {md_file_path}") + return risk_data + + risk_section = risk_section_match.group(1) + + # Look for the table with risk assessment data + table_match = re.search(r'(.*?)
    ', risk_section, re.DOTALL) + if not table_match: + logger.warning(f"No risk assessment table found in {md_file_path}") + return risk_data + + table_html = table_match.group(0) + soup = BeautifulSoup(table_html, 'html.parser') + + # Find all rows in the table + rows = soup.find_all('tr') + if len(rows) < 2: # Need at least header and data row + logger.warning(f"Incomplete risk assessment table in {md_file_path}") + return risk_data + + # Extract headers and values + headers = [th.get_text().strip() for th in rows[0].find_all('th')] + values = [td.get_text().strip() for td in rows[1].find_all('td')] + + # Create a dictionary of headers and values + if len(headers) == len(values): + for i, header in enumerate(headers): + risk_data[header] = values[i] + else: + logger.warning(f"Header and value count mismatch in {md_file_path}") + + except Exception as e: + logger.error(f"Error extracting risk assessment from {md_file_path}: {e}") + + return risk_data + +def find_md_file(rule_id, short_name, language): + """Find the markdown file for the given rule ID and short name.""" + repo_root = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) + md_path = os.path.join(repo_root, language, "cert", "src", "rules", rule_id, f"{short_name}.md") + + if os.path.exists(md_path): + return md_path + else: + # Try without short name (sometimes the file is named after the rule ID) + md_path = os.path.join(repo_root, language, "cert", "src", "rules", rule_id, f"{rule_id}.md") + if os.path.exists(md_path): + return md_path + else: + logger.warning(f"Could not find markdown file for {language} rule {rule_id} ({short_name})") + return None + +def process_rule_package(rule_package_file): + """Process a single rule package JSON file.""" + try: + with open(rule_package_file, 'r', encoding='utf-8') as f: + data = json.load(f) + + modified = False + + # Look for CERT-C and CERT-CPP sections + for cert_key in ["CERT-C", "CERT-C++"]: + if cert_key in data: + language = "c" if cert_key == "CERT-C" else "cpp" + + # Process each rule in the CERT section + for rule_id, rule_data in data[cert_key].items(): + if "queries" in rule_data: + for query in rule_data["queries"]: + if "short_name" in query: + md_file = find_md_file(rule_id, query["short_name"], language) + + if md_file: + risk_data = extract_risk_assessment_from_md(md_file) + + if risk_data: + # Add risk assessment data as tags + if "tags" not in query: + query["tags"] = [] + + # Add each risk assessment property as a tag + for key, value in risk_data.items(): + key_sanitized = key.lower().replace(" ", "-") + if key_sanitized == "rule": + # skip rule, as that is already in the rule ID + continue + tag = f"external/cert/{key_sanitized}/{value.lower()}" + if tag not in query["tags"]: + query["tags"].append(tag) + modified = True + logger.info(f"Added tag {tag} to {rule_id} ({query['short_name']})") + + # Save the modified data back to the file if any changes were made + if modified: + with open(rule_package_file, 'w', encoding='utf-8') as f: + json.dump(data, f, indent=2) + logger.info(f"Updated {rule_package_file}") + else: + logger.info(f"No changes made to {rule_package_file}") + + except Exception as e: + logger.error(f"Error processing {rule_package_file}: {e}") + +def main(): + """Main function to process all rule packages.""" + logger.info("Starting risk assessment tag addition process") + + rule_packages = find_rule_packages() + logger.info(f"Found {len(rule_packages)} rule package files") + + for rule_package in rule_packages: + logger.info(f"Processing {rule_package}") + process_rule_package(rule_package) + + logger.info("Completed risk assessment tag addition process") + +if __name__ == "__main__": + main() \ No newline at end of file From 242744c7e2f68f5af63feab8af20a6a2d1d14140 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 1 May 2025 23:41:37 +0100 Subject: [PATCH 2523/2573] Add additional CERT risk assessment tags --- rule_packages/c/Banned.json | 7 ++- rule_packages/c/Concurrency1.json | 21 ++++++- rule_packages/c/Concurrency2.json | 14 ++++- rule_packages/c/Concurrency3.json | 28 +++++++-- rule_packages/c/Concurrency4.json | 23 ++++++- rule_packages/c/Concurrency5.json | 14 ++++- rule_packages/c/Contracts.json | 7 ++- rule_packages/c/Contracts1.json | 14 ++++- rule_packages/c/Contracts2.json | 21 ++++++- rule_packages/c/Contracts4.json | 28 +++++++-- rule_packages/c/Contracts5.json | 14 ++++- rule_packages/c/Contracts6.json | 7 ++- rule_packages/c/Contracts7.json | 14 ++++- rule_packages/c/Declarations1.json | 14 ++++- rule_packages/c/Declarations2.json | 35 +++++++++-- rule_packages/c/Declarations7.json | 7 ++- rule_packages/c/Declarations8.json | 14 ++++- rule_packages/c/Expressions.json | 28 +++++++-- rule_packages/c/FloatingTypes.json | 28 +++++++-- rule_packages/c/IO1.json | 42 +++++++++++-- rule_packages/c/IO2.json | 28 +++++++-- rule_packages/c/IO3.json | 14 ++++- rule_packages/c/IO4.json | 28 +++++++-- rule_packages/c/IntegerOverflow.json | 35 +++++++++-- rule_packages/c/InvalidMemory1.json | 21 ++++++- rule_packages/c/InvalidMemory2.json | 21 ++++++- rule_packages/c/Memory2.json | 57 ++++++++++++++--- rule_packages/c/Memory3.json | 7 ++- rule_packages/c/Misc.json | 21 ++++++- rule_packages/c/OutOfBounds.json | 14 ++++- rule_packages/c/Pointers2.json | 7 ++- rule_packages/c/Pointers3.json | 36 +++++++++-- rule_packages/c/Preprocessor5.json | 14 ++++- rule_packages/c/SideEffects1.json | 29 +++++++-- rule_packages/c/SideEffects4.json | 7 ++- rule_packages/c/SignalHandlers.json | 28 +++++++-- rule_packages/c/Statements4.json | 7 ++- rule_packages/c/Strings1.json | 21 ++++++- rule_packages/c/Strings2.json | 7 ++- rule_packages/c/Strings3.json | 14 ++++- rule_packages/c/Types1.json | 16 ++++- rule_packages/cpp/Allocations.json | 77 +++++++++++++++++++---- rule_packages/cpp/BannedFunctions.json | 21 ++++++- rule_packages/cpp/BannedSyntax.json | 7 ++- rule_packages/cpp/Classes.json | 7 ++- rule_packages/cpp/Concurrency.json | 63 ++++++++++++++++--- rule_packages/cpp/Const.json | 7 ++- rule_packages/cpp/ExceptionSafety.json | 14 ++++- rule_packages/cpp/Exceptions1.json | 77 +++++++++++++++++++---- rule_packages/cpp/Exceptions2.json | 14 ++++- rule_packages/cpp/Expressions.json | 23 +++++-- rule_packages/cpp/Freed.json | 28 +++++++-- rule_packages/cpp/Functions.json | 21 ++++++- rule_packages/cpp/IO.json | 14 ++++- rule_packages/cpp/Inheritance.json | 24 ++++++- rule_packages/cpp/Initialization.json | 21 ++++++- rule_packages/cpp/Invariants.json | 28 +++++++-- rule_packages/cpp/Iterators.json | 35 +++++++++-- rule_packages/cpp/Lambdas.json | 14 ++++- rule_packages/cpp/MoveForward.json | 7 ++- rule_packages/cpp/Naming.json | 56 ++++++++++++++--- rule_packages/cpp/Null.json | 7 ++- rule_packages/cpp/OperatorInvariants.json | 14 ++++- rule_packages/cpp/OutOfBounds.json | 21 ++++++- rule_packages/cpp/Pointers.json | 42 +++++++++++-- rule_packages/cpp/Representation.json | 21 ++++++- rule_packages/cpp/Scope.json | 42 +++++++++++-- rule_packages/cpp/SideEffects1.json | 49 ++++++++++++--- rule_packages/cpp/SideEffects2.json | 7 ++- rule_packages/cpp/SmartPointers2.json | 15 ++++- rule_packages/cpp/Strings.json | 16 ++++- rule_packages/cpp/TrustBoundaries.json | 14 ++++- rule_packages/cpp/TypeRanges.json | 14 ++++- rule_packages/cpp/Uninitialized.json | 14 ++++- 74 files changed, 1411 insertions(+), 235 deletions(-) diff --git a/rule_packages/c/Banned.json b/rule_packages/c/Banned.json index 4decbae6f2..265a41de51 100644 --- a/rule_packages/c/Banned.json +++ b/rule_packages/c/Banned.json @@ -13,7 +13,12 @@ "severity": "error", "short_name": "DoNotCallSystem", "tags": [ - "security" + "security", + "external/cert/severity/high", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p12", + "external/cert/level/l1" ] } ], diff --git a/rule_packages/c/Concurrency1.json b/rule_packages/c/Concurrency1.json index 15e38e941d..9daa2a83be 100644 --- a/rule_packages/c/Concurrency1.json +++ b/rule_packages/c/Concurrency1.json @@ -15,7 +15,12 @@ "shared_implementation_short_name": "GuardAccessToBitFields", "tags": [ "correctness", - "concurrency" + "concurrency", + "external/cert/severity/medium", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p8", + "external/cert/level/l2" ] } ], @@ -35,7 +40,12 @@ "short_name": "RaceConditionsWhenUsingLibraryFunctions", "tags": [ "correctness", - "concurrency" + "concurrency", + "external/cert/severity/medium", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p4", + "external/cert/level/l3" ] } ], @@ -55,7 +65,12 @@ "short_name": "DoNotCallSignalInMultithreadedProgram", "tags": [ "correctness", - "concurrency" + "concurrency", + "external/cert/severity/low", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/low", + "external/cert/priority/p6", + "external/cert/level/l2" ], "implementation_scope": { "description": "This implementation does not consider threads created function pointers." diff --git a/rule_packages/c/Concurrency2.json b/rule_packages/c/Concurrency2.json index d9102a07df..d9e364d046 100644 --- a/rule_packages/c/Concurrency2.json +++ b/rule_packages/c/Concurrency2.json @@ -15,7 +15,12 @@ "shared_implementation_short_name": "PreventDeadlockByLockingInPredefinedOrder", "tags": [ "correctness", - "concurrency" + "concurrency", + "external/cert/severity/low", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p4", + "external/cert/level/l3" ] } ], @@ -36,7 +41,12 @@ "shared_implementation_short_name": "WrapSpuriousFunctionInLoop", "tags": [ "correctness", - "concurrency" + "concurrency", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p2", + "external/cert/level/l3" ] } ], diff --git a/rule_packages/c/Concurrency3.json b/rule_packages/c/Concurrency3.json index a57b73f034..6328f6b43c 100644 --- a/rule_packages/c/Concurrency3.json +++ b/rule_packages/c/Concurrency3.json @@ -15,7 +15,12 @@ "shared_implementation_short_name": "DoNotAllowAMutexToGoOutOfScopeWhileLocked", "tags": [ "correctness", - "concurrency" + "concurrency", + "external/cert/severity/medium", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p4", + "external/cert/level/l3" ], "implementation_scope": { "description": "This implementation does not allow for thread synchronization to be performed in subroutines. All synchronization must be performed within the context of the other thread management functions." @@ -31,7 +36,12 @@ "shared_implementation_short_name": "DoNotDestroyAMutexWhileItIsLocked", "tags": [ "correctness", - "concurrency" + "concurrency", + "external/cert/severity/medium", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p4", + "external/cert/level/l3" ] } ], @@ -52,7 +62,12 @@ "shared_implementation_short_name": "PreserveSafetyWhenUsingConditionVariables", "tags": [ "correctness", - "concurrency" + "concurrency", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p2", + "external/cert/level/l3" ], "implementation_scope": { "description": "This implementation does not attempt to identify unique condition variables and instead advocates for the usage of `cnd_broadcast`." @@ -75,7 +90,12 @@ "short_name": "WrapFunctionsThatCanFailSpuriouslyInLoop", "tags": [ "correctness", - "concurrency" + "concurrency", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p2", + "external/cert/level/l3" ], "implementation_scope": { "description": "This implementation does not attempt to identify a relationship between the condition variable and the atomic operation." diff --git a/rule_packages/c/Concurrency4.json b/rule_packages/c/Concurrency4.json index d537ee713e..45f4b495fc 100644 --- a/rule_packages/c/Concurrency4.json +++ b/rule_packages/c/Concurrency4.json @@ -14,7 +14,12 @@ "short_name": "CleanUpThreadSpecificStorage", "tags": [ "correctness", - "concurrency" + "concurrency", + "external/cert/severity/medium", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p4", + "external/cert/level/l3" ], "implementation_scope": { "description": "This query does not attempt to ensure that the deallocation function in fact deallocates memory and instead assumes the contract is valid. Additionally, this query requires that all `tss_create` calls are bookended by calls to `tss_delete`, even if a thread is not created." @@ -37,7 +42,13 @@ "short_name": "AppropriateThreadObjectStorageDurations", "tags": [ "correctness", - "concurrency" + "concurrency", + "external/cert/recommendation/con34-c", + "external/cert/severity/medium", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p4", + "external/cert/level/l3" ], "implementation_scope": { "description": "This query does not consider Windows implementations or OpenMP implementations. This query is primarily about excluding cases wherein the storage duration of a variable is appropriate. As such, this query is not concerned if the appropriate synchronization mechanisms are used, such as sequencing calls to `thrd_join` and `free`. An audit query is supplied to handle some of those cases." @@ -53,7 +64,13 @@ "tags": [ "external/cert/audit", "correctness", - "concurrency" + "concurrency", + "external/cert/recommendation/con34-c", + "external/cert/severity/medium", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p4", + "external/cert/level/l3" ] } ], diff --git a/rule_packages/c/Concurrency5.json b/rule_packages/c/Concurrency5.json index 0cef2d8b3a..d1a685dd34 100644 --- a/rule_packages/c/Concurrency5.json +++ b/rule_packages/c/Concurrency5.json @@ -15,7 +15,12 @@ "shared_implementation_short_name": "JoinOrDetachThreadOnlyOnce", "tags": [ "correctness", - "concurrency" + "concurrency", + "external/cert/severity/low", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p6", + "external/cert/level/l2" ], "implementation_scope": { "description": "This query considers problematic usages of join and detach irrespective of the execution of the program and other synchronization and interprocess communication mechanisms that may be used." @@ -38,7 +43,12 @@ "short_name": "AtomicVariableTwiceInExpression", "tags": [ "correctness", - "concurrency" + "concurrency", + "external/cert/severity/medium", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p8", + "external/cert/level/l2" ] } ], diff --git a/rule_packages/c/Contracts.json b/rule_packages/c/Contracts.json index e7db6fff86..0d2e0a97bd 100644 --- a/rule_packages/c/Contracts.json +++ b/rule_packages/c/Contracts.json @@ -13,7 +13,12 @@ "severity": "error", "short_name": "DoNotViolateInLineLinkageConstraints", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p2", + "external/cert/level/l3" ], "implementation_scope": { "description": "This query only considers the constraints related to inline extern functions." diff --git a/rule_packages/c/Contracts1.json b/rule_packages/c/Contracts1.json index 21641922af..65ffdc5e71 100644 --- a/rule_packages/c/Contracts1.json +++ b/rule_packages/c/Contracts1.json @@ -14,7 +14,12 @@ "short_name": "DoNotModifyTheReturnValueOfCertainFunctions", "shared_implementation_short_name": "ConstLikeReturnValue", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p4", + "external/cert/level/l3" ] } ], @@ -33,7 +38,12 @@ "severity": "error", "short_name": "EnvPointerIsInvalidAfterCertainOperations", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p4", + "external/cert/level/l3" ], "implementation_scope": { "description": "The rule is enforced in the context of a single function." diff --git a/rule_packages/c/Contracts2.json b/rule_packages/c/Contracts2.json index b07f8f0503..6c1bf77de2 100644 --- a/rule_packages/c/Contracts2.json +++ b/rule_packages/c/Contracts2.json @@ -13,7 +13,12 @@ "severity": "error", "short_name": "ExitHandlersMustReturnNormally", "tags": [ - "correctness" + "correctness", + "external/cert/severity/medium", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p12", + "external/cert/level/l1" ] } ], @@ -33,7 +38,12 @@ "short_name": "DoNotStorePointersReturnedByEnvFunctions", "shared_implementation_short_name": "InvalidatedEnvStringPointers", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p4", + "external/cert/level/l3" ] }, { @@ -45,7 +55,12 @@ "short_name": "DoNotStorePointersReturnedByEnvironmentFunWarn", "shared_implementation_short_name": "InvalidatedEnvStringPointersWarn", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p4", + "external/cert/level/l3" ] } ], diff --git a/rule_packages/c/Contracts4.json b/rule_packages/c/Contracts4.json index 8ba25ab32b..a62e9d1762 100644 --- a/rule_packages/c/Contracts4.json +++ b/rule_packages/c/Contracts4.json @@ -13,7 +13,12 @@ "severity": "error", "short_name": "SetlocaleMightSetErrno", "tags": [ - "correctness" + "correctness", + "external/cert/severity/medium", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p8", + "external/cert/level/l2" ] }, { @@ -24,7 +29,12 @@ "severity": "error", "short_name": "ErrnoReadBeforeReturn", "tags": [ - "correctness" + "correctness", + "external/cert/severity/medium", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p8", + "external/cert/level/l2" ] }, { @@ -35,7 +45,12 @@ "severity": "error", "short_name": "FunctionCallBeforeErrnoCheck", "tags": [ - "correctness" + "correctness", + "external/cert/severity/medium", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p8", + "external/cert/level/l2" ] }, { @@ -46,7 +61,12 @@ "severity": "error", "short_name": "ErrnoNotSetToZero", "tags": [ - "correctness" + "correctness", + "external/cert/severity/medium", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p8", + "external/cert/level/l2" ] } ], diff --git a/rule_packages/c/Contracts5.json b/rule_packages/c/Contracts5.json index 9f62ce9255..d4b38b5756 100644 --- a/rule_packages/c/Contracts5.json +++ b/rule_packages/c/Contracts5.json @@ -13,7 +13,12 @@ "severity": "error", "short_name": "DoNotRelyOnIndeterminateValuesOfErrno", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/low", + "external/cert/priority/p3", + "external/cert/level/l3" ], "implementation_scope": { "description": "The rule is enforced in the context of a single function." @@ -35,7 +40,12 @@ "severity": "error", "short_name": "DetectAndHandleStandardLibraryErrors", "tags": [ - "correctness" + "correctness", + "external/cert/severity/high", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p18", + "external/cert/level/l1" ], "implementation_scope": { "description": "The rule is enforced in the context of a single function." diff --git a/rule_packages/c/Contracts6.json b/rule_packages/c/Contracts6.json index c46ef2f710..d89617d6dc 100644 --- a/rule_packages/c/Contracts6.json +++ b/rule_packages/c/Contracts6.json @@ -13,7 +13,12 @@ "severity": "error", "short_name": "DoNotModifyConstantObjects", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p2", + "external/cert/level/l3" ], "implementation_scope": { "description": "The implementation does not consider pointer aliasing via multiple indirection." diff --git a/rule_packages/c/Contracts7.json b/rule_packages/c/Contracts7.json index f76b737db1..95df01ca32 100644 --- a/rule_packages/c/Contracts7.json +++ b/rule_packages/c/Contracts7.json @@ -14,7 +14,12 @@ "short_name": "DoNotPassInvalidDataToTheAsctimeFunction", "tags": [ "security", - "correctness" + "correctness", + "external/cert/severity/high", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/low", + "external/cert/priority/p27", + "external/cert/level/l1" ] } ], @@ -33,7 +38,12 @@ "severity": "error", "short_name": "DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/low", + "external/cert/priority/p3", + "external/cert/level/l3" ] } ], diff --git a/rule_packages/c/Declarations1.json b/rule_packages/c/Declarations1.json index 90202a5b52..dba6a07eeb 100644 --- a/rule_packages/c/Declarations1.json +++ b/rule_packages/c/Declarations1.json @@ -15,7 +15,12 @@ "shared_implementation_short_name": "TypeOmitted", "tags": [ "correctness", - "readability" + "readability", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/low", + "external/cert/priority/p3", + "external/cert/level/l3" ], "implementation_scope": { "description": "This query does not check for implicitly typed parameters, typedefs or member declarations as this is partially compiler checked.", @@ -41,7 +46,12 @@ "tags": [ "correctness", "maintainability", - "readability" + "readability", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/low", + "external/cert/priority/p3", + "external/cert/level/l3" ], "implementation_scope": { "description": "This query does not consider identifiers described in the future library directions section of the standard. This query also checks for any reserved identifier as declared regardless of whether its header file is included or not.", diff --git a/rule_packages/c/Declarations2.json b/rule_packages/c/Declarations2.json index 9acb117d1e..c5b827e682 100644 --- a/rule_packages/c/Declarations2.json +++ b/rule_packages/c/Declarations2.json @@ -15,7 +15,12 @@ "tags": [ "correctness", "maintainability", - "readability" + "readability", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/low", + "external/cert/priority/p3", + "external/cert/level/l3" ] } ], @@ -37,7 +42,12 @@ "tags": [ "correctness", "maintainability", - "readability" + "readability", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p2", + "external/cert/level/l3" ], "implementation_scope": { "description": "This query considers the first 31 characters of identifiers as significant, as per C99 and reports the case when names are longer than 31 characters and differ in those characters past the 31 first only. This query does not consider universal or extended source characters.", @@ -54,7 +64,12 @@ "tags": [ "correctness", "maintainability", - "readability" + "readability", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p2", + "external/cert/level/l3" ] }, { @@ -67,7 +82,12 @@ "tags": [ "correctness", "maintainability", - "readability" + "readability", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p2", + "external/cert/level/l3" ] } ], @@ -88,7 +108,12 @@ "tags": [ "correctness", "maintainability", - "readability" + "readability", + "external/cert/severity/medium", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p4", + "external/cert/level/l3" ] } ], diff --git a/rule_packages/c/Declarations7.json b/rule_packages/c/Declarations7.json index cdb74123b1..86818cdcb5 100644 --- a/rule_packages/c/Declarations7.json +++ b/rule_packages/c/Declarations7.json @@ -14,7 +14,12 @@ "short_name": "InformationLeakageAcrossTrustBoundariesC", "shared_implementation_short_name": "InformationLeakageAcrossBoundaries", "tags": [ - "security" + "security", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/high", + "external/cert/priority/p1", + "external/cert/level/l3" ], "implementation_scope": { "description": "The rule does not detect cases where fields may have uninitialized padding but are initialized via an initializer." diff --git a/rule_packages/c/Declarations8.json b/rule_packages/c/Declarations8.json index a70523b72f..6275e32595 100644 --- a/rule_packages/c/Declarations8.json +++ b/rule_packages/c/Declarations8.json @@ -14,7 +14,12 @@ "short_name": "AppropriateStorageDurationsStackAdressEscape", "shared_implementation_short_name": "DoNotCopyAddressOfAutoStorageObjectToOtherObject", "tags": [ - "correctness" + "correctness", + "external/cert/severity/high", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p6", + "external/cert/level/l2" ], "implementation_scope": { "description": "The rule checks specifically for pointers to objects with automatic storage duration that are assigned to static storage duration variables." @@ -28,7 +33,12 @@ "severity": "error", "short_name": "AppropriateStorageDurationsFunctionReturn", "tags": [ - "correctness" + "correctness", + "external/cert/severity/high", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p6", + "external/cert/level/l2" ], "implementation_scope": { "description": "The rule checks specifically for pointers to objects with automatic storage duration that are returned by functions or assigned to function output parameters." diff --git a/rule_packages/c/Expressions.json b/rule_packages/c/Expressions.json index 9d1f8b16a7..9be722b761 100644 --- a/rule_packages/c/Expressions.json +++ b/rule_packages/c/Expressions.json @@ -13,7 +13,12 @@ "severity": "error", "short_name": "DoNotCallFunctionPointerWithIncompatibleType", "tags": [ - "correctness" + "correctness", + "external/cert/severity/medium", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p4", + "external/cert/level/l3" ], "implementation_scope": { "description": "This query raises a result for a function assigned to a function pointer of an incompatible type even if the function pointer is never eventually called." @@ -27,7 +32,12 @@ "severity": "error", "short_name": "DoNotCallFunctionsWithIncompatibleArguments", "tags": [ - "correctness" + "correctness", + "external/cert/severity/medium", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p4", + "external/cert/level/l3" ] }, { @@ -39,7 +49,12 @@ "short_name": "CallPOSIXOpenWithCorrectArgumentCount", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/medium", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p4", + "external/cert/level/l3" ], "implementation_scope": { "description": "The analysis of invalid parameter count passed to POSIX open calls only applies when the value of the flags argument is computed locally." @@ -62,7 +77,12 @@ "short_name": "DoNotUseABitwiseOperatorWithABooleanLikeOperand", "tags": [ "maintainability", - "readability" + "readability", + "external/cert/severity/low", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/low", + "external/cert/priority/p9", + "external/cert/level/l2" ] } ], diff --git a/rule_packages/c/FloatingTypes.json b/rule_packages/c/FloatingTypes.json index 7df2298ad1..17690574e5 100644 --- a/rule_packages/c/FloatingTypes.json +++ b/rule_packages/c/FloatingTypes.json @@ -14,7 +14,12 @@ "short_name": "UncheckedRangeDomainPoleErrors", "shared_implementation_short_name": "UncheckedRangeDomainPoleErrors", "tags": [ - "correctness" + "correctness", + "external/cert/severity/medium", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p8", + "external/cert/level/l2" ], "implementation_scope": { "description": "This query identifies possible domain, pole and range errors on a selection of C standard library fuctions from math.h." @@ -36,7 +41,12 @@ "severity": "error", "short_name": "UncheckedFloatingPointConversion", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/low", + "external/cert/priority/p3", + "external/cert/level/l3" ] } ], @@ -55,7 +65,12 @@ "severity": "error", "short_name": "IntToFloatPreservePrecision", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p2", + "external/cert/level/l3" ] } ], @@ -74,7 +89,12 @@ "severity": "error", "short_name": "MemcmpUsedToCompareFloats", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p2", + "external/cert/level/l3" ] } ], diff --git a/rule_packages/c/IO1.json b/rule_packages/c/IO1.json index f5b9ec8b0e..8a42c4e52a 100644 --- a/rule_packages/c/IO1.json +++ b/rule_packages/c/IO1.json @@ -15,7 +15,12 @@ "shared_implementation_short_name": "NonConstantFormat", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/high", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p18", + "external/cert/level/l1" ] } ], @@ -35,7 +40,12 @@ "short_name": "DistinguishBetweenCharReadFromAFileAndEofOrWeof", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/high", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p12", + "external/cert/level/l1" ], "implementation_scope": { "description": "The rule is enforced in the context of a single function. The query does not validate if the FILE status is handled correctly after being read." @@ -50,7 +60,12 @@ "short_name": "EndOfFileCheckPortability", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/high", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p12", + "external/cert/level/l1" ], "implementation_scope": { "description": "The rule is enforced in the context of a single function. The query does not validate if the FILE status is handled correctly after being read." @@ -73,7 +88,12 @@ "short_name": "DoNotAlternatelyIOFromAStreamWithoutPositioning", "shared_implementation_short_name": "IOFstreamMissingPositioning", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p6", + "external/cert/level/l2" ], "implementation_scope": { "description": "The rule is enforced in the context of a single function." @@ -97,7 +117,12 @@ "shared_implementation_short_name": "CloseFileHandleWhenNoLongerNeededShared", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/medium", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p4", + "external/cert/level/l3" ], "implementation_scope": { "description": "The rule is enforced in the context of a single function." @@ -120,7 +145,12 @@ "short_name": "UndefinedBehaviorAccessingAClosedFile", "shared_implementation_short_name": "DoNotAccessAClosedFile", "tags": [ - "correctness" + "correctness", + "external/cert/severity/medium", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p4", + "external/cert/level/l3" ], "implementation_scope": { "description": "The rule is enforced in the context of a single function." diff --git a/rule_packages/c/IO2.json b/rule_packages/c/IO2.json index 41c14a0d0e..69c12d7723 100644 --- a/rule_packages/c/IO2.json +++ b/rule_packages/c/IO2.json @@ -14,7 +14,12 @@ "short_name": "DoNotCopyAFileObject", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/low", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p4", + "external/cert/level/l3" ] } ], @@ -34,7 +39,12 @@ "short_name": "ResetStringsOnFgetsOrFgetwsFailure", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/low", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p4", + "external/cert/level/l3" ] } ], @@ -53,7 +63,12 @@ "severity": "error", "short_name": "DoNotCallGetcAndPutcWithSideEffects", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p2", + "external/cert/level/l3" ] } ], @@ -72,7 +87,12 @@ "severity": "error", "short_name": "OnlyUseValuesForFsetposThatAreReturnedFromFgetpos", "tags": [ - "correctness" + "correctness", + "external/cert/severity/medium", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p4", + "external/cert/level/l3" ] } ], diff --git a/rule_packages/c/IO3.json b/rule_packages/c/IO3.json index 52276eb05c..af6e9da732 100644 --- a/rule_packages/c/IO3.json +++ b/rule_packages/c/IO3.json @@ -14,7 +14,12 @@ "short_name": "DoNotPerformFileOperationsOnDevices", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/medium", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p4", + "external/cert/level/l3" ], "implementation_scope": { "description": "The rule checks that filenames are not tainted. It does not verify that appropriate OS-specific checks are in place to exclude that the opened file is a device." @@ -36,7 +41,12 @@ "severity": "error", "short_name": "SuccessfulFgetsOrFgetwsMayReturnAnEmptyString", "tags": [ - "correctness" + "correctness", + "external/cert/severity/high", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p12", + "external/cert/level/l1" ], "implementation_scope": { "description": "The rule checks that access to a string returned by fgets() or fgetws() if protected by a guard condition. The rule is enforced in the context of a single function." diff --git a/rule_packages/c/IO4.json b/rule_packages/c/IO4.json index 1303f9b50f..8d9c150335 100644 --- a/rule_packages/c/IO4.json +++ b/rule_packages/c/IO4.json @@ -14,7 +14,12 @@ "short_name": "ToctouRaceConditionsWhileAccessingFiles", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/high", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p6", + "external/cert/level/l2" ], "implementation_scope": { "description": "The query is limited to the specific class of TOCTOU race conditions that derives from the incorrectuse of `fopen` to check the existence of a file." @@ -37,7 +42,12 @@ "short_name": "UseValidSpecifiers", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/high", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p6", + "external/cert/level/l2" ] }, { @@ -49,7 +59,12 @@ "short_name": "WrongNumberOfFormatArguments", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/high", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p6", + "external/cert/level/l2" ] }, { @@ -61,7 +76,12 @@ "short_name": "WrongTypeFormatArguments", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/high", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p6", + "external/cert/level/l2" ] } ], diff --git a/rule_packages/c/IntegerOverflow.json b/rule_packages/c/IntegerOverflow.json index a7897fad9e..f528d3d542 100644 --- a/rule_packages/c/IntegerOverflow.json +++ b/rule_packages/c/IntegerOverflow.json @@ -15,7 +15,12 @@ "shared_implementation_short_name": "UnsignedOperationWithConstantOperandsWraps", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/high", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/high", + "external/cert/priority/p9", + "external/cert/level/l2" ] } ], @@ -34,7 +39,12 @@ "severity": "error", "short_name": "IntegerConversionCausesDataLoss", "tags": [ - "correctness" + "correctness", + "external/cert/severity/high", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p6", + "external/cert/level/l2" ] } ], @@ -54,7 +64,12 @@ "short_name": "SignedIntegerOverflow", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/high", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/high", + "external/cert/priority/p9", + "external/cert/level/l2" ] } ], @@ -73,7 +88,12 @@ "severity": "error", "short_name": "DivOrRemByZero", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p6", + "external/cert/level/l2" ] } ], @@ -92,7 +112,12 @@ "severity": "error", "short_name": "UseCorrectIntegerPrecisions", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p2", + "external/cert/level/l3" ] } ], diff --git a/rule_packages/c/InvalidMemory1.json b/rule_packages/c/InvalidMemory1.json index 227ec37558..3b0a6bb40c 100644 --- a/rule_packages/c/InvalidMemory1.json +++ b/rule_packages/c/InvalidMemory1.json @@ -15,7 +15,12 @@ "short_name": "DoNotReadUninitializedMemory", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/high", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p12", + "external/cert/level/l1" ] } ], @@ -35,7 +40,12 @@ "shared_implementation_short_name": "DereferenceOfNullPointer", "short_name": "DoNotDereferenceNullPointers", "tags": [ - "correctness" + "correctness", + "external/cert/severity/high", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p18", + "external/cert/level/l1" ] } ], @@ -55,7 +65,12 @@ "short_name": "DoNotAccessFreedMemory", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/high", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p18", + "external/cert/level/l1" ] } ], diff --git a/rule_packages/c/InvalidMemory2.json b/rule_packages/c/InvalidMemory2.json index cb7d380159..025a5d246c 100644 --- a/rule_packages/c/InvalidMemory2.json +++ b/rule_packages/c/InvalidMemory2.json @@ -14,7 +14,12 @@ "short_name": "VariableLengthArraySizeNotInValidRange", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/high", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p6", + "external/cert/level/l2" ] } ], @@ -33,7 +38,12 @@ "severity": "error", "short_name": "DoNotUsePointerArithmeticOnNonArrayObjectPointers", "tags": [ - "correctness" + "correctness", + "external/cert/severity/medium", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p8", + "external/cert/level/l2" ] } ], @@ -52,7 +62,12 @@ "severity": "error", "short_name": "DoNotModifyObjectsWithTemporaryLifetime", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p4", + "external/cert/level/l3" ], "implementation_scope": { "description": "This implementation also always reports non-modifying accesses of objects with temporary lifetime, which are only compliant in C11." diff --git a/rule_packages/c/Memory2.json b/rule_packages/c/Memory2.json index 358d482194..9f475e4df8 100644 --- a/rule_packages/c/Memory2.json +++ b/rule_packages/c/Memory2.json @@ -14,7 +14,12 @@ "short_name": "DoNotSubtractPointersThatDoNotReferToTheSameArray", "shared_implementation_short_name": "DoNotSubtractPointersAddressingDifferentArrays", "tags": [ - "correctness" + "correctness", + "external/cert/severity/medium", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p8", + "external/cert/level/l2" ] }, { @@ -26,7 +31,12 @@ "short_name": "DoNotRelatePointersThatDoNotReferToTheSameArray", "shared_implementation_short_name": "DoNotUseRelationalOperatorsWithDifferingArrays", "tags": [ - "correctness" + "correctness", + "external/cert/severity/medium", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p8", + "external/cert/level/l2" ] } ], @@ -46,7 +56,12 @@ "short_name": "DoNotComparePaddingData", "shared_implementation_short_name": "MemcmpUsedToComparePaddingData", "tags": [ - "correctness" + "correctness", + "external/cert/severity/medium", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p8", + "external/cert/level/l2" ] } ], @@ -67,7 +82,12 @@ "shared_implementation_short_name": "FreeMemoryWhenNoLongerNeededShared", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/medium", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p8", + "external/cert/level/l2" ], "implementation_scope": { "description": "The rule is enforced in the context of a single function." @@ -89,7 +109,12 @@ "severity": "error", "short_name": "AllocStructsWithAFlexibleArrayMemberDynamically", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/low", + "external/cert/priority/p3", + "external/cert/level/l3" ] }, { @@ -100,7 +125,12 @@ "severity": "error", "short_name": "CopyStructsWithAFlexibleArrayMemberDynamically", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/low", + "external/cert/priority/p3", + "external/cert/level/l3" ] } ], @@ -121,7 +151,12 @@ "shared_implementation_short_name": "OnlyFreeMemoryAllocatedDynamicallyShared", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/high", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p18", + "external/cert/level/l1" ] } ], @@ -141,7 +176,13 @@ "short_name": "DoNotModifyAlignmentOfMemoryWithRealloc", "tags": [ "correctness", - "security" + "security", + "external/cert/recommendation/mem36-c", + "external/cert/severity/low", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p2", + "external/cert/level/l3" ] } ], diff --git a/rule_packages/c/Memory3.json b/rule_packages/c/Memory3.json index 6eafcc6509..e1ed7382e0 100644 --- a/rule_packages/c/Memory3.json +++ b/rule_packages/c/Memory3.json @@ -14,7 +14,12 @@ "short_name": "InsufficientMemoryAllocatedForObject", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/high", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p6", + "external/cert/level/l2" ] } ], diff --git a/rule_packages/c/Misc.json b/rule_packages/c/Misc.json index bba96db85c..183c05988b 100644 --- a/rule_packages/c/Misc.json +++ b/rule_packages/c/Misc.json @@ -14,7 +14,12 @@ "short_name": "RandUsedForGeneratingPseudorandomNumbers", "shared_implementation_short_name": "DoNotUseRandForGeneratingPseudorandomNumbers", "tags": [ - "security" + "security", + "external/cert/severity/medium", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/low", + "external/cert/priority/p6", + "external/cert/level/l2" ] } ], @@ -33,7 +38,12 @@ "severity": "error", "short_name": "ProperlySeedPseudorandomNumberGenerators", "tags": [ - "security" + "security", + "external/cert/severity/medium", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/low", + "external/cert/priority/p18", + "external/cert/level/l1" ], "implementation_scope": { "description": "This rule will be checked by looking for calls to random that are no preceded by a call to srandom(). We perform a simple check for the argument to srandom() and verify it is not a literal (or a value easily deduced to be a literal)." @@ -56,7 +66,12 @@ "short_name": "ControlFlowReachesTheEndOfANonVoidFunction", "shared_implementation_short_name": "NonVoidFunctionDoesNotReturn", "tags": [ - "correctness" + "correctness", + "external/cert/severity/high", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/low", + "external/cert/priority/p9", + "external/cert/level/l2" ] } ], diff --git a/rule_packages/c/OutOfBounds.json b/rule_packages/c/OutOfBounds.json index 759b68e294..3354348230 100644 --- a/rule_packages/c/OutOfBounds.json +++ b/rule_packages/c/OutOfBounds.json @@ -14,7 +14,12 @@ "short_name": "DoNotFormOutOfBoundsPointersOrArraySubscripts", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/high", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/high", + "external/cert/priority/p9", + "external/cert/level/l2" ] } ], @@ -34,7 +39,12 @@ "short_name": "LibraryFunctionArgumentOutOfBounds", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/high", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p18", + "external/cert/level/l1" ] } ], diff --git a/rule_packages/c/Pointers2.json b/rule_packages/c/Pointers2.json index 9abf4c98ce..fcfd9356e6 100644 --- a/rule_packages/c/Pointers2.json +++ b/rule_packages/c/Pointers2.json @@ -13,7 +13,12 @@ "severity": "error", "short_name": "DoNotAddOrSubtractAScaledIntegerToAPointer", "tags": [ - "correctness" + "correctness", + "external/cert/severity/high", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p6", + "external/cert/level/l2" ] } ], diff --git a/rule_packages/c/Pointers3.json b/rule_packages/c/Pointers3.json index f35f5b7bd1..f00018b1ad 100644 --- a/rule_packages/c/Pointers3.json +++ b/rule_packages/c/Pointers3.json @@ -13,7 +13,12 @@ "severity": "error", "short_name": "DoNotAccessVolatileObjectWithNonVolatileReference", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p6", + "external/cert/level/l2" ], "implementation_scope": { "description": "In limited cases, this query can raise false-positives for assignment of volatile objects and subsequent accesses of those objects via non-volatile pointers." @@ -35,7 +40,12 @@ "severity": "error", "short_name": "DoNotCastPointerToMoreStrictlyAlignedPointerType", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p4", + "external/cert/level/l3" ] } ], @@ -54,7 +64,13 @@ "severity": "error", "short_name": "DoNotAccessVariableViaPointerOfIncompatibleType", "tags": [ - "correctness" + "correctness", + "external/cert/recommendation/exp39-c", + "external/cert/severity/medium", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/high", + "external/cert/priority/p2", + "external/cert/level/l3" ] } ], @@ -74,7 +90,12 @@ "short_name": "DoNotPassAliasedPointerToRestrictQualifiedParam", "shared_implementation_short_name": "DoNotPassAliasedPointerToRestrictQualifiedParamShared", "tags": [ - "correctness" + "correctness", + "external/cert/severity/medium", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p4", + "external/cert/level/l3" ] }, { @@ -85,7 +106,12 @@ "severity": "error", "short_name": "RestrictPointerReferencesOverlappingObject", "tags": [ - "correctness" + "correctness", + "external/cert/severity/medium", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p4", + "external/cert/level/l3" ] } ], diff --git a/rule_packages/c/Preprocessor5.json b/rule_packages/c/Preprocessor5.json index ef17b83c00..60a1752e73 100644 --- a/rule_packages/c/Preprocessor5.json +++ b/rule_packages/c/Preprocessor5.json @@ -14,7 +14,12 @@ "short_name": "DoNotTreatAPredefinedIdentifierAsObject", "tags": [ "correctness", - "readability" + "readability", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p2", + "external/cert/level/l3" ], "implementation_scope": { "description": "This query reports locations corresponding to both redefinitions of those standard library macros as well as locations where the identifiers used for accesses.", @@ -38,7 +43,12 @@ "short_name": "MacroOrFunctionArgsContainHashToken", "tags": [ "correctness", - "readability" + "readability", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p2", + "external/cert/level/l3" ], "implementation_scope": { "description": "This query defines end of function call as the next node in the control flow graph.", diff --git a/rule_packages/c/SideEffects1.json b/rule_packages/c/SideEffects1.json index 9d91fce671..7e0ab9c90b 100644 --- a/rule_packages/c/SideEffects1.json +++ b/rule_packages/c/SideEffects1.json @@ -13,7 +13,12 @@ "severity": "warning", "short_name": "DependenceOnOrderOfScalarEvaluationForSideEffects", "tags": [ - "correctness" + "correctness", + "external/cert/severity/medium", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p8", + "external/cert/level/l2" ] }, { @@ -24,7 +29,12 @@ "severity": "warning", "short_name": "DependenceOnOrderOfFunctionArgumentsForSideEffects", "tags": [ - "correctness" + "correctness", + "external/cert/severity/medium", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p8", + "external/cert/level/l2" ] } ], @@ -43,7 +53,12 @@ "severity": "error", "short_name": "UnevaluatedOperandWithSideEffect", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/low", + "external/cert/priority/p3", + "external/cert/level/l3" ] } ], @@ -62,7 +77,13 @@ "severity": "error", "short_name": "AssignmentsInSelectionStatements", "tags": [ - "correctness" + "correctness", + "external/cert/recommendation/exp45-c", + "external/cert/severity/low", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p6", + "external/cert/level/l2" ] } ], diff --git a/rule_packages/c/SideEffects4.json b/rule_packages/c/SideEffects4.json index 77121019de..5b0c6da3f5 100644 --- a/rule_packages/c/SideEffects4.json +++ b/rule_packages/c/SideEffects4.json @@ -13,7 +13,12 @@ "severity": "error", "short_name": "SideEffectsInArgumentsToUnsafeMacros", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/low", + "external/cert/priority/p3", + "external/cert/level/l3" ], "implementation_scope": { "description": "This implementation only considers ++ and function call side effects. Due to the textual nature of macro expansion it is not always possible to determine accurately whether a side-effect was produced by a particular argument, and this may cause both false positives and false negatives. The query does not consider the case where a macro argument including a side-effect is never evaluated." diff --git a/rule_packages/c/SignalHandlers.json b/rule_packages/c/SignalHandlers.json index 0ceaa5914d..ae9045a64d 100644 --- a/rule_packages/c/SignalHandlers.json +++ b/rule_packages/c/SignalHandlers.json @@ -14,7 +14,12 @@ "short_name": "CallOnlyAsyncSafeFunctionsWithinSignalHandlers", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/high", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p18", + "external/cert/level/l1" ] } ], @@ -34,7 +39,12 @@ "short_name": "DoNotAccessSharedObjectsInSignalHandlers", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/high", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/high", + "external/cert/priority/p9", + "external/cert/level/l2" ], "implementation_scope": { "description": "The implementation does not verify the correct usage of `atomic_is_lock_free`." @@ -57,7 +67,12 @@ "short_name": "DoNotCallSignalFromInterruptibleSignalHandlers", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/low", + "external/cert/priority/p3", + "external/cert/level/l3" ] } ], @@ -77,7 +92,12 @@ "short_name": "DoNotReturnFromAComputationalExceptionHandler", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/high", + "external/cert/priority/p1", + "external/cert/level/l3" ] } ], diff --git a/rule_packages/c/Statements4.json b/rule_packages/c/Statements4.json index 5b0cc9be26..e770fe032a 100644 --- a/rule_packages/c/Statements4.json +++ b/rule_packages/c/Statements4.json @@ -15,7 +15,12 @@ "tags": [ "maintainability", "readability", - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/low", + "external/cert/priority/p6", + "external/cert/level/l2" ] } ], diff --git a/rule_packages/c/Strings1.json b/rule_packages/c/Strings1.json index 39529df3cc..c4565fc898 100644 --- a/rule_packages/c/Strings1.json +++ b/rule_packages/c/Strings1.json @@ -14,7 +14,12 @@ "short_name": "DoNotAttemptToModifyStringLiterals", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/low", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/low", + "external/cert/priority/p9", + "external/cert/level/l2" ] } ], @@ -34,7 +39,12 @@ "short_name": "StringsHasSufficientSpaceForTheNullTerminator", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/high", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p18", + "external/cert/level/l1" ], "implementation_scope": { "description": "The enforcement of this rule does not try to approximate the effects of loops and as such may not find cases where a loop operation on a string fails to null terminate a string (or causes an overflow)." @@ -57,7 +67,12 @@ "short_name": "NonNullTerminatedToFunctionThatExpectsAString", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/high", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p12", + "external/cert/level/l1" ], "implementation_scope": { "description": "Wide character types are not handled correctly on the `aarch64le` architecture. This can lead to false negative alerts." diff --git a/rule_packages/c/Strings2.json b/rule_packages/c/Strings2.json index 99f5e240d7..a32b1b4c28 100644 --- a/rule_packages/c/Strings2.json +++ b/rule_packages/c/Strings2.json @@ -14,7 +14,12 @@ "short_name": "ToCharacterHandlingFunctionsRepresentableAsUChar", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/low", + "external/cert/priority/p3", + "external/cert/level/l3" ] } ], diff --git a/rule_packages/c/Strings3.json b/rule_packages/c/Strings3.json index 1cecf390ec..c9003f2ff8 100644 --- a/rule_packages/c/Strings3.json +++ b/rule_packages/c/Strings3.json @@ -15,7 +15,12 @@ "shared_implementation_short_name": "CastCharBeforeConvertingToLargerSizes", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/medium", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p8", + "external/cert/level/l2" ] } ], @@ -35,7 +40,12 @@ "short_name": "DoNotConfuseNarrowAndWideFunctions", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/high", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/low", + "external/cert/priority/p27", + "external/cert/level/l1" ], "implementation_scope": { "description": "Wide character types are not handled correctly on the `aarch64le` architecture. This can lead to false negative alerts." diff --git a/rule_packages/c/Types1.json b/rule_packages/c/Types1.json index cbf7f0b632..bb451eba70 100644 --- a/rule_packages/c/Types1.json +++ b/rule_packages/c/Types1.json @@ -12,7 +12,13 @@ "precision": "very-high", "severity": "error", "short_name": "ExprShiftedbyNegativeOrGreaterPrecisionOperand", - "tags": [] + "tags": [ + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p2", + "external/cert/level/l3" + ] } ], "title": "Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand" @@ -29,7 +35,13 @@ "precision": "very-high", "severity": "error", "short_name": "ConvertingAPointerToIntegerOrIntegerToPointer", - "tags": [] + "tags": [ + "external/cert/severity/low", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p2", + "external/cert/level/l3" + ] } ], "title": "Converting a pointer to integer or integer to pointer" diff --git a/rule_packages/cpp/Allocations.json b/rule_packages/cpp/Allocations.json index 6b40523e16..416cd3b567 100644 --- a/rule_packages/cpp/Allocations.json +++ b/rule_packages/cpp/Allocations.json @@ -197,7 +197,12 @@ "short_name": "ProperlyDeallocateDynamicallyAllocatedResources", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/high", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p18", + "external/cert/level/l1" ] } ], @@ -216,7 +221,12 @@ "severity": "error", "short_name": "DetectAndHandleMemoryAllocationErrors", "tags": [ - "correctness" + "correctness", + "external/cert/severity/high", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p18", + "external/cert/level/l1" ] } ], @@ -235,7 +245,12 @@ "severity": "error", "short_name": "MissingConstructorCallForManuallyManagedObject", "tags": [ - "correctness" + "correctness", + "external/cert/severity/high", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p18", + "external/cert/level/l1" ] }, { @@ -246,7 +261,12 @@ "severity": "error", "short_name": "MissingDestructorCallForManuallyManagedObject", "tags": [ - "correctness" + "correctness", + "external/cert/severity/high", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p18", + "external/cert/level/l1" ] } ], @@ -267,7 +287,12 @@ "shared_implementation_short_name": "PlacementNewNotProperlyAligned", "tags": [ "security", - "correctness" + "correctness", + "external/cert/severity/high", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p18", + "external/cert/level/l1" ] }, { @@ -280,7 +305,12 @@ "shared_implementation_short_name": "PlacementNewInsufficientStorage", "tags": [ "security", - "correctness" + "correctness", + "external/cert/severity/high", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p18", + "external/cert/level/l1" ] } ], @@ -300,7 +330,12 @@ "short_name": "ThrowingOperatorNewReturnsNullCert", "shared_implementation_short_name": "ThrowingOperatorNewReturnsNull", "tags": [ - "correctness" + "correctness", + "external/cert/severity/high", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p18", + "external/cert/level/l1" ] }, { @@ -312,7 +347,12 @@ "short_name": "ThrowingOperatorNewThrowsInvalidExceptionCert", "shared_implementation_short_name": "ThrowingOperatorNewThrowsInvalidException", "tags": [ - "correctness" + "correctness", + "external/cert/severity/high", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p18", + "external/cert/level/l1" ] }, { @@ -324,7 +364,12 @@ "short_name": "ThrowingNoThrowOperatorNewDeleteCert", "shared_implementation_short_name": "ThrowingNoThrowOperatorNewDelete", "tags": [ - "correctness" + "correctness", + "external/cert/severity/high", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p18", + "external/cert/level/l1" ] }, { @@ -336,7 +381,12 @@ "short_name": "OperatorDeleteMissingPartnerCert", "shared_implementation_short_name": "OperatorDeleteMissingPartner", "tags": [ - "correctness" + "correctness", + "external/cert/severity/high", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p18", + "external/cert/level/l1" ] } ], @@ -356,7 +406,12 @@ "short_name": "UsingDefaultOperatorNewForOverAlignedTypes", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/medium", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/low", + "external/cert/priority/p6", + "external/cert/level/l2" ] } ], diff --git a/rule_packages/cpp/BannedFunctions.json b/rule_packages/cpp/BannedFunctions.json index 8ef93db1a0..6cdb019ace 100644 --- a/rule_packages/cpp/BannedFunctions.json +++ b/rule_packages/cpp/BannedFunctions.json @@ -215,7 +215,12 @@ "shared_implementation_short_name": "DoNotUseSetjmpOrLongjmpShared", "tags": [ "correctness", - "scope/single-translation-unit" + "scope/single-translation-unit", + "external/cert/severity/low", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p4", + "external/cert/level/l3" ] } ], @@ -236,7 +241,12 @@ "shared_implementation_short_name": "DoNotUseRandForGeneratingPseudorandomNumbers", "tags": [ "security", - "scope/single-translation-unit" + "scope/single-translation-unit", + "external/cert/severity/medium", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/low", + "external/cert/priority/p6", + "external/cert/level/l2" ] } ], @@ -256,7 +266,12 @@ "short_name": "PreferSpecialMemberFunctionsAndOverloadedOperatorsToCStandardLibraryFunctions", "tags": [ "correctness", - "scope/single-translation-unit" + "scope/single-translation-unit", + "external/cert/severity/high", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p6", + "external/cert/level/l2" ] } ], diff --git a/rule_packages/cpp/BannedSyntax.json b/rule_packages/cpp/BannedSyntax.json index 8e307c02db..8f739145f7 100644 --- a/rule_packages/cpp/BannedSyntax.json +++ b/rule_packages/cpp/BannedSyntax.json @@ -417,7 +417,12 @@ "tags": [ "correctness", "security", - "scope/single-translation-unit" + "scope/single-translation-unit", + "external/cert/severity/high", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p12", + "external/cert/level/l1" ] } ], diff --git a/rule_packages/cpp/Classes.json b/rule_packages/cpp/Classes.json index 59eb9a0418..e7c8a10d92 100644 --- a/rule_packages/cpp/Classes.json +++ b/rule_packages/cpp/Classes.json @@ -315,7 +315,12 @@ "severity": "recommendation", "short_name": "OffsetUsedOnInvalidTypeOrMember", "tags": [ - "correctness" + "correctness", + "external/cert/severity/medium", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p4", + "external/cert/level/l3" ] } ], diff --git a/rule_packages/cpp/Concurrency.json b/rule_packages/cpp/Concurrency.json index 6e5898ecd8..3bba2f409f 100644 --- a/rule_packages/cpp/Concurrency.json +++ b/rule_packages/cpp/Concurrency.json @@ -15,7 +15,12 @@ "shared_implementation_short_name": "DoNotAllowAMutexToGoOutOfScopeWhileLocked", "tags": [ "correctness", - "concurrency" + "concurrency", + "external/cert/severity/medium", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p4", + "external/cert/level/l3" ] }, { @@ -28,7 +33,12 @@ "shared_implementation_short_name": "DoNotDestroyAMutexWhileItIsLocked", "tags": [ "correctness", - "concurrency" + "concurrency", + "external/cert/severity/medium", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p4", + "external/cert/level/l3" ] } ], @@ -48,7 +58,12 @@ "short_name": "EnsureActivelyHeldLocksAreReleasedOnExceptionalConditions", "tags": [ "correctness", - "concurrency" + "concurrency", + "external/cert/severity/low", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/low", + "external/cert/priority/p6", + "external/cert/level/l2" ] } ], @@ -69,7 +84,12 @@ "shared_implementation_short_name": "GuardAccessToBitFields", "tags": [ "correctness", - "concurrency" + "concurrency", + "external/cert/severity/medium", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p8", + "external/cert/level/l2" ] } ], @@ -90,7 +110,12 @@ "shared_implementation_short_name": "PreventDeadlockByLockingInPredefinedOrder", "tags": [ "correctness", - "concurrency" + "concurrency", + "external/cert/severity/low", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p4", + "external/cert/level/l3" ] } ], @@ -111,7 +136,12 @@ "shared_implementation_short_name": "WrapSpuriousFunctionInLoop", "tags": [ "correctness", - "concurrency" + "concurrency", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p2", + "external/cert/level/l3" ] } ], @@ -132,7 +162,12 @@ "shared_implementation_short_name": "PreserveSafetyWhenUsingConditionVariables", "tags": [ "correctness", - "concurrency" + "concurrency", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p2", + "external/cert/level/l3" ] } ], @@ -152,7 +187,12 @@ "short_name": "DoNotSpeculativelyLockALockedNonRecursiveMutex", "tags": [ "correctness", - "concurrency" + "concurrency", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/high", + "external/cert/priority/p1", + "external/cert/level/l3" ] }, { @@ -164,7 +204,12 @@ "short_name": "LockedALockedNonRecursiveMutexAudit", "tags": [ "correctness", - "concurrency" + "concurrency", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/high", + "external/cert/priority/p1", + "external/cert/level/l3" ] } ], diff --git a/rule_packages/cpp/Const.json b/rule_packages/cpp/Const.json index 55c5ed6f90..6f76b7f5b8 100644 --- a/rule_packages/cpp/Const.json +++ b/rule_packages/cpp/Const.json @@ -251,7 +251,12 @@ "shared_implementation_short_name": "RemoveConstOrVolatileQualification", "short_name": "RemoveConstOrVolatileQualificationCert", "tags": [ - "correctness" + "correctness", + "external/cert/severity/medium", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p8", + "external/cert/level/l2" ] } ], diff --git a/rule_packages/cpp/ExceptionSafety.json b/rule_packages/cpp/ExceptionSafety.json index 07e97ae328..73b84edde4 100644 --- a/rule_packages/cpp/ExceptionSafety.json +++ b/rule_packages/cpp/ExceptionSafety.json @@ -90,7 +90,12 @@ "short_name": "GuaranteeExceptionSafety", "shared_implementation_short_name": "ExceptionSafetyGuarantees", "tags": [ - "correctness" + "correctness", + "external/cert/severity/high", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/high", + "external/cert/priority/p9", + "external/cert/level/l2" ] } ], @@ -111,7 +116,12 @@ "shared_implementation_short_name": "ExceptionSafetyValidState", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/low", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p2", + "external/cert/level/l3" ] } ], diff --git a/rule_packages/cpp/Exceptions1.json b/rule_packages/cpp/Exceptions1.json index 23b37778db..7c3a2a708a 100644 --- a/rule_packages/cpp/Exceptions1.json +++ b/rule_packages/cpp/Exceptions1.json @@ -502,7 +502,12 @@ "shared_implementation_short_name": "ConditionVariablePostConditionFailed", "tags": [ "correctness", - "external/cert/audit" + "external/cert/audit", + "external/cert/severity/low", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p4", + "external/cert/level/l3" ] }, { @@ -513,7 +518,12 @@ "short_name": "JoinableThreadCopiedOrDestroyedCert", "shared_implementation_short_name": "JoinableThreadCopiedOrDestroyed", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p4", + "external/cert/level/l3" ] }, { @@ -525,7 +535,12 @@ "short_name": "RethrowNestedWithoutCaptureCert", "shared_implementation_short_name": "RethrowNestedWithoutCapture", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p4", + "external/cert/level/l3" ] }, { @@ -537,7 +552,12 @@ "short_name": "ExplicitAbruptTerminationCert", "shared_implementation_short_name": "ExplicitAbruptTermination", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p4", + "external/cert/level/l3" ] }, { @@ -549,7 +569,12 @@ "short_name": "ExitHandlerThrowsExceptionCert", "shared_implementation_short_name": "ExitHandlerThrowsException", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p4", + "external/cert/level/l3" ] } ], @@ -568,7 +593,12 @@ "kind": "path-problem", "short_name": "HandleAllExceptions", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p4", + "external/cert/level/l3" ] } ], @@ -587,7 +617,12 @@ "shared_implementation_short_name": "DestroyedValueReferencedInDestructorCatchBlock", "short_name": "DestroyedValueReferencedInConstructorDestructorCatchBlock", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p2", + "external/cert/level/l3" ] } ], @@ -606,7 +641,12 @@ "kind": "path-problem", "short_name": "HonorExceptionSpecifications", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/low", + "external/cert/priority/p9", + "external/cert/level/l2" ] } ], @@ -626,7 +666,12 @@ "shared_implementation_short_name": "HandleAllExceptionsDuringStartup", "short_name": "HandleAllExceptionsThrownBeforeMainBeginsExecuting", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/low", + "external/cert/priority/p9", + "external/cert/level/l2" ] } ], @@ -644,7 +689,12 @@ "severity": "error", "short_name": "ExceptionObjectsMustBeNothrowCopyConstructible", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p4", + "external/cert/level/l3" ] } ], @@ -663,7 +713,12 @@ "shared_implementation_short_name": "CatchExceptionsByLvalueReference", "short_name": "CatchExceptionsByLvalueReference", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/low", + "external/cert/priority/p3", + "external/cert/level/l3" ] } ], diff --git a/rule_packages/cpp/Exceptions2.json b/rule_packages/cpp/Exceptions2.json index ece305a04a..2e2f2dfba6 100644 --- a/rule_packages/cpp/Exceptions2.json +++ b/rule_packages/cpp/Exceptions2.json @@ -295,7 +295,12 @@ "severity": "error", "short_name": "DoNotLetExceptionsEscapeFromDestructorsOrDeallocationFunctions", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p6", + "external/cert/level/l2" ] } ], @@ -315,7 +320,12 @@ "shared_implementation_short_name": "CatchBlockShadowing", "short_name": "CatchBlockShadowingCert", "tags": [ - "correctness" + "correctness", + "external/cert/severity/medium", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/low", + "external/cert/priority/p18", + "external/cert/level/l1" ] } ], diff --git a/rule_packages/cpp/Expressions.json b/rule_packages/cpp/Expressions.json index 935c3fa6f1..10f85237de 100644 --- a/rule_packages/cpp/Expressions.json +++ b/rule_packages/cpp/Expressions.json @@ -130,7 +130,7 @@ }, "queries": [ { - "description": "Expressions with type (plain) char and wchar_t shall not be used as operands to built-in operators other than the assignment operator =, the equality operators == and ! =, and the unary & operator. Manipulation of character data may generate results that are contrary to developer expectations. For example, ISO/IEC 14882:2003 [1] §2.2(3) only requires that the digits \"0\" to \"9\" have consecutive numerical values.", + "description": "Expressions with type (plain) char and wchar_t shall not be used as operands to built-in operators other than the assignment operator =, the equality operators == and ! =, and the unary & operator. Manipulation of character data may generate results that are contrary to developer expectations. For example, ISO/IEC 14882:2003 [1] \u00a72.2(3) only requires that the digits \"0\" to \"9\" have consecutive numerical values.", "kind": "problem", "name": "Expressions with type (plain) char and wchar_t shall only be used as operands to =, ==, !=, &", "precision": "very-high", @@ -323,7 +323,12 @@ "severity": "error", "short_name": "PassPromotablePrimitiveTypeToVaStart", "tags": [ - "correctness" + "correctness", + "external/cert/severity/medium", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p4", + "external/cert/level/l3" ] }, { @@ -334,7 +339,12 @@ "severity": "error", "short_name": "PassReferenceTypeToVaStart", "tags": [ - "correctness" + "correctness", + "external/cert/severity/medium", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p4", + "external/cert/level/l3" ] }, { @@ -345,7 +355,12 @@ "severity": "warning", "short_name": "PassNonTrivialObjectToVaStart", "tags": [ - "correctness" + "correctness", + "external/cert/severity/medium", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p4", + "external/cert/level/l3" ] } ], diff --git a/rule_packages/cpp/Freed.json b/rule_packages/cpp/Freed.json index 36b9b31c3d..30ab6982b2 100644 --- a/rule_packages/cpp/Freed.json +++ b/rule_packages/cpp/Freed.json @@ -111,7 +111,12 @@ "severity": "error", "short_name": "DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p2", + "external/cert/level/l3" ] } ], @@ -132,7 +137,12 @@ "short_name": "ObjectAccessedBeforeLifetimeCert", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/high", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p6", + "external/cert/level/l2" ] }, { @@ -145,7 +155,12 @@ "short_name": "ObjectAccessedAfterLifetimeCert", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/high", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p6", + "external/cert/level/l2" ] } ], @@ -166,7 +181,12 @@ "short_name": "UseAfterFree", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/high", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p18", + "external/cert/level/l1" ] } ], diff --git a/rule_packages/cpp/Functions.json b/rule_packages/cpp/Functions.json index 367ab67437..b650b0937c 100644 --- a/rule_packages/cpp/Functions.json +++ b/rule_packages/cpp/Functions.json @@ -281,7 +281,12 @@ "severity": "error", "short_name": "FunctionWithMismatchedLanguageLinkage", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p2", + "external/cert/level/l3" ] } ], @@ -301,7 +306,12 @@ "short_name": "NonVoidFunctionDoesNotReturnCert", "shared_implementation_short_name": "NonVoidFunctionDoesNotReturn", "tags": [ - "correctness" + "correctness", + "external/cert/severity/medium", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p8", + "external/cert/level/l2" ] } ], @@ -321,7 +331,12 @@ "short_name": "FunctionNoReturnAttributeConditionCert", "shared_implementation_short_name": "FunctionNoReturnAttributeCondition", "tags": [ - "correctness" + "correctness", + "external/cert/severity/medium", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/low", + "external/cert/priority/p2", + "external/cert/level/l3" ] } ], diff --git a/rule_packages/cpp/IO.json b/rule_packages/cpp/IO.json index 9ad0650e62..3d1012232c 100644 --- a/rule_packages/cpp/IO.json +++ b/rule_packages/cpp/IO.json @@ -43,7 +43,12 @@ "short_name": "InterleavedInputOutputWithoutPosition", "shared_implementation_short_name": "IOFstreamMissingPositioning", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p6", + "external/cert/level/l2" ] } ], @@ -63,7 +68,12 @@ "short_name": "CloseFilesWhenTheyAreNoLongerNeeded", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/medium", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p4", + "external/cert/level/l3" ] } ], diff --git a/rule_packages/cpp/Inheritance.json b/rule_packages/cpp/Inheritance.json index efc241a8e6..fc4805fc21 100644 --- a/rule_packages/cpp/Inheritance.json +++ b/rule_packages/cpp/Inheritance.json @@ -229,7 +229,13 @@ "precision": "very-high", "severity": "error", "short_name": "DoNotInvokeVirtualFunctionsFromConstructorsOrDestructors", - "tags": [] + "tags": [ + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p2", + "external/cert/level/l3" + ] } ], "title": "Do not invoke virtual functions from constructors or destructors" @@ -246,7 +252,13 @@ "precision": "very-high", "severity": "error", "short_name": "DoNotSliceDerivedObjects", - "tags": [] + "tags": [ + "external/cert/severity/low", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p4", + "external/cert/level/l3" + ] } ], "title": "Do not slice derived objects" @@ -263,7 +275,13 @@ "precision": "very-high", "severity": "warning", "short_name": "DoNotDeleteAPolymorphicObjectWithoutAVirtualDestructor", - "tags": [] + "tags": [ + "external/cert/severity/low", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/low", + "external/cert/priority/p9", + "external/cert/level/l2" + ] } ], "title": "Do not delete a polymorphic object without a virtual destructor" diff --git a/rule_packages/cpp/Initialization.json b/rule_packages/cpp/Initialization.json index 3ca901a865..e81160a273 100644 --- a/rule_packages/cpp/Initialization.json +++ b/rule_packages/cpp/Initialization.json @@ -417,7 +417,12 @@ "short_name": "CyclesDuringStaticObjectInit", "tags": [ "correctness", - "maintainability" + "maintainability", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p2", + "external/cert/level/l3" ] } ], @@ -437,7 +442,12 @@ "short_name": "BadlySeededRandomNumberGenerator", "tags": [ "security", - "correctness" + "correctness", + "external/cert/severity/medium", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/low", + "external/cert/priority/p18", + "external/cert/level/l1" ] } ], @@ -460,7 +470,12 @@ "correctness", "security", "maintainability", - "readability" + "readability", + "external/cert/severity/medium", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p4", + "external/cert/level/l3" ] } ], diff --git a/rule_packages/cpp/Invariants.json b/rule_packages/cpp/Invariants.json index b473fb499d..215e4edff4 100644 --- a/rule_packages/cpp/Invariants.json +++ b/rule_packages/cpp/Invariants.json @@ -63,7 +63,12 @@ "shared_implementation_short_name": "OrderingPredicateMustBeStrictlyWeak", "short_name": "ProvideAValidOrderingPredicate", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p2", + "external/cert/level/l3" ] } ], @@ -82,7 +87,12 @@ "severity": "error", "short_name": "SignalHandlerMustBeAPlainOldFunction", "tags": [ - "correctness" + "correctness", + "external/cert/severity/high", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p6", + "external/cert/level/l2" ] } ], @@ -101,7 +111,12 @@ "severity": "error", "short_name": "HonorTerminationReplacementHandlerRequirements", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p2", + "external/cert/level/l3" ] }, { @@ -112,7 +127,12 @@ "severity": "error", "short_name": "HonorNewReplacementHandlerRequirements", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p2", + "external/cert/level/l3" ] } ], diff --git a/rule_packages/cpp/Iterators.json b/rule_packages/cpp/Iterators.json index a43740f7e7..c345adb371 100644 --- a/rule_packages/cpp/Iterators.json +++ b/rule_packages/cpp/Iterators.json @@ -61,7 +61,12 @@ "severity": "error", "short_name": "UsesValidContainerElementAccess", "tags": [ - "correctness" + "correctness", + "external/cert/severity/high", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p6", + "external/cert/level/l2" ] } ], @@ -80,7 +85,12 @@ "severity": "error", "short_name": "UseValidIteratorRanges", "tags": [ - "correctness" + "correctness", + "external/cert/severity/high", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p6", + "external/cert/level/l2" ] } ], @@ -99,7 +109,12 @@ "severity": "error", "short_name": "DoNotSubtractIteratorsForDifferentContainers", "tags": [ - "correctness" + "correctness", + "external/cert/severity/medium", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p8", + "external/cert/level/l2" ] } ], @@ -118,7 +133,12 @@ "severity": "error", "short_name": "DoNotUseAnAdditiveOperatorOnAnIterator", "tags": [ - "correctness" + "correctness", + "external/cert/severity/high", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p18", + "external/cert/level/l1" ] } ], @@ -138,7 +158,12 @@ "severity": "error", "short_name": "UseValidReferencesForElementsOfString", "tags": [ - "correctness" + "correctness", + "external/cert/severity/high", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p6", + "external/cert/level/l2" ] } ], diff --git a/rule_packages/cpp/Lambdas.json b/rule_packages/cpp/Lambdas.json index ea43fa0231..8f973c361f 100644 --- a/rule_packages/cpp/Lambdas.json +++ b/rule_packages/cpp/Lambdas.json @@ -205,7 +205,12 @@ "shared_implementation_short_name": "DanglingCaptureWhenReturningLambdaObject", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/high", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p6", + "external/cert/level/l2" ] }, { @@ -218,7 +223,12 @@ "shared_implementation_short_name": "DanglingCaptureWhenMovingLambdaObject", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/high", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p6", + "external/cert/level/l2" ] } ], diff --git a/rule_packages/cpp/MoveForward.json b/rule_packages/cpp/MoveForward.json index b7e47116f1..6f071a6f53 100644 --- a/rule_packages/cpp/MoveForward.json +++ b/rule_packages/cpp/MoveForward.json @@ -154,7 +154,12 @@ "short_name": "DoNotRelyOnTheValueOfAMovedFromObject", "shared_implementation_short_name": "MovedFromObjectsUnspecifiedState", "tags": [ - "correctness" + "correctness", + "external/cert/severity/medium", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p8", + "external/cert/level/l2" ] } ], diff --git a/rule_packages/cpp/Naming.json b/rule_packages/cpp/Naming.json index 441979c3c9..34a9f2c66e 100644 --- a/rule_packages/cpp/Naming.json +++ b/rule_packages/cpp/Naming.json @@ -382,7 +382,12 @@ "severity": "error", "short_name": "RedefiningOfStandardLibraryName", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/low", + "external/cert/priority/p3", + "external/cert/level/l3" ] }, { @@ -392,7 +397,12 @@ "severity": "error", "short_name": "ReuseOfReservedIdentifier", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/low", + "external/cert/priority/p3", + "external/cert/level/l3" ] }, { @@ -403,7 +413,12 @@ "short_name": "UseOfSingleUnderscoreReservedPrefix", "tags": [ "maintainability", - "readability" + "readability", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/low", + "external/cert/priority/p3", + "external/cert/level/l3" ] }, { @@ -414,7 +429,12 @@ "short_name": "UseOfDoubleUnderscoreReservedPrefix", "tags": [ "maintainability", - "readability" + "readability", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/low", + "external/cert/priority/p3", + "external/cert/level/l3" ] }, { @@ -426,7 +446,12 @@ "tags": [ "maintainability", "readability", - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/low", + "external/cert/priority/p3", + "external/cert/level/l3" ] }, { @@ -438,7 +463,12 @@ "tags": [ "maintainability", "readability", - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/low", + "external/cert/priority/p3", + "external/cert/level/l3" ] }, { @@ -450,7 +480,12 @@ "tags": [ "maintainability", "readability", - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/low", + "external/cert/priority/p3", + "external/cert/level/l3" ] }, { @@ -462,7 +497,12 @@ "tags": [ "maintainability", "readability", - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/low", + "external/cert/priority/p3", + "external/cert/level/l3" ] } ], diff --git a/rule_packages/cpp/Null.json b/rule_packages/cpp/Null.json index a5410840ce..543552660c 100644 --- a/rule_packages/cpp/Null.json +++ b/rule_packages/cpp/Null.json @@ -63,7 +63,12 @@ "severity": "error", "short_name": "DoNotAttemptToCreateAStringFromANullPointer", "tags": [ - "correctness" + "correctness", + "external/cert/severity/high", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p18", + "external/cert/level/l1" ] } ], diff --git a/rule_packages/cpp/OperatorInvariants.json b/rule_packages/cpp/OperatorInvariants.json index 8ba76cd0f7..5eaefd68c8 100644 --- a/rule_packages/cpp/OperatorInvariants.json +++ b/rule_packages/cpp/OperatorInvariants.json @@ -177,7 +177,12 @@ "severity": "error", "short_name": "GracefullyHandleSelfCopyAssignment", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p2", + "external/cert/level/l3" ] } ], @@ -196,7 +201,12 @@ "severity": "error", "short_name": "CopyOperationsMustNotMutateTheSourceObject", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/low", + "external/cert/priority/p9", + "external/cert/level/l2" ] } ], diff --git a/rule_packages/cpp/OutOfBounds.json b/rule_packages/cpp/OutOfBounds.json index a3cb8fbf91..2a657df95c 100644 --- a/rule_packages/cpp/OutOfBounds.json +++ b/rule_packages/cpp/OutOfBounds.json @@ -42,7 +42,12 @@ "shared_implementation_short_name": "ContainerAccessWithoutRangeCheck", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/high", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/high", + "external/cert/priority/p9", + "external/cert/level/l2" ] } ], @@ -62,7 +67,12 @@ "short_name": "GuaranteeGenericCppLibraryFunctionsDoNotOverflow", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/high", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p18", + "external/cert/level/l1" ] } ], @@ -82,7 +92,12 @@ "short_name": "RangeCheckStringElementAccess", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/high", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p6", + "external/cert/level/l2" ] } ], diff --git a/rule_packages/cpp/Pointers.json b/rule_packages/cpp/Pointers.json index b6a0aaef09..fb1fbe2918 100644 --- a/rule_packages/cpp/Pointers.json +++ b/rule_packages/cpp/Pointers.json @@ -396,7 +396,12 @@ "severity": "warning", "short_name": "DoNotUsePointerArithmeticOnPolymorphicObjects", "tags": [ - "correctness" + "correctness", + "external/cert/severity/high", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/high", + "external/cert/priority/p9", + "external/cert/level/l2" ] } ], @@ -416,7 +421,12 @@ "short_name": "DeletingPointerToIncompleteClass", "shared_implementation_short_name": "DeleteOfPointerToIncompleteClass", "tags": [ - "correctness" + "correctness", + "external/cert/severity/medium", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p4", + "external/cert/level/l3" ] }, { @@ -427,7 +437,12 @@ "severity": "error", "short_name": "CastOfPointerToIncompleteClass", "tags": [ - "correctness" + "correctness", + "external/cert/severity/medium", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p4", + "external/cert/level/l3" ] } ], @@ -447,7 +462,12 @@ "short_name": "UseOfPointerToMemberToAccessUndefinedMember", "shared_implementation_short_name": "AccessOfUndefinedMemberThroughNullPointer", "tags": [ - "correctness" + "correctness", + "external/cert/severity/high", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p6", + "external/cert/level/l2" ] }, { @@ -459,7 +479,12 @@ "short_name": "MemberAccessWithUninitializedStaticPointerToMember", "shared_implementation_short_name": "AccessOfUndefinedMemberThroughUninitializedStaticPointer", "tags": [ - "correctness" + "correctness", + "external/cert/severity/high", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p6", + "external/cert/level/l2" ] }, { @@ -471,7 +496,12 @@ "short_name": "UseOfPointerToMemberToAccessNonexistentMember", "shared_implementation_short_name": "AccessOfNonExistingMemberThroughPointerToMember", "tags": [ - "correctness" + "correctness", + "external/cert/severity/high", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p6", + "external/cert/level/l2" ] } ], diff --git a/rule_packages/cpp/Representation.json b/rule_packages/cpp/Representation.json index 0284d8098f..813373afb4 100644 --- a/rule_packages/cpp/Representation.json +++ b/rule_packages/cpp/Representation.json @@ -131,7 +131,12 @@ "severity": "error", "short_name": "MemsetUsedToAccessObjectRepresentation", "tags": [ - "correctness" + "correctness", + "external/cert/severity/high", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p6", + "external/cert/level/l2" ] }, { @@ -143,7 +148,12 @@ "short_name": "MemcmpUsedToAccessObjectRepresentation", "shared_implementation_short_name": "MemcmpUsedToComparePaddingData", "tags": [ - "correctness" + "correctness", + "external/cert/severity/high", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p6", + "external/cert/level/l2" ] }, { @@ -154,7 +164,12 @@ "severity": "error", "short_name": "MemcpyUsedToAccessObjectRepresentation", "tags": [ - "correctness" + "correctness", + "external/cert/severity/high", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/high", + "external/cert/priority/p6", + "external/cert/level/l2" ] } ], diff --git a/rule_packages/cpp/Scope.json b/rule_packages/cpp/Scope.json index 6677b8b81a..6fc3aa8487 100644 --- a/rule_packages/cpp/Scope.json +++ b/rule_packages/cpp/Scope.json @@ -254,7 +254,12 @@ "severity": "warning", "short_name": "LocalFunctionDeclaration", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p2", + "external/cert/level/l3" ] }, { @@ -265,7 +270,12 @@ "severity": "warning", "short_name": "LocalConstructorInitializedObjectHidesIdentifier", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p2", + "external/cert/level/l3" ] } ], @@ -284,7 +294,12 @@ "severity": "error", "short_name": "SingularOverloadOfMemoryFunction", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/low", + "external/cert/priority/p6", + "external/cert/level/l2" ] } ], @@ -304,7 +319,12 @@ "short_name": "ModificationOfTheStandardNamespaces", "shared_implementation_short_name": "NonStandardEntitiesInStandardNamespaces", "tags": [ - "correctness" + "correctness", + "external/cert/severity/high", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p6", + "external/cert/level/l2" ] } ], @@ -323,7 +343,12 @@ "severity": "error", "short_name": "UnnamedNamespaceInHeaderFile", "tags": [ - "correctness" + "correctness", + "external/cert/severity/medium", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p4", + "external/cert/level/l3" ] } ], @@ -343,7 +368,12 @@ "short_name": "OneDefinitionRuleNotObeyed", "shared_implementation_short_name": "OneDefinitionRuleViolation", "tags": [ - "correctness" + "correctness", + "external/cert/severity/high", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/high", + "external/cert/priority/p3", + "external/cert/level/l3" ] } ], diff --git a/rule_packages/cpp/SideEffects1.json b/rule_packages/cpp/SideEffects1.json index adddbc3b36..587a6ceb66 100644 --- a/rule_packages/cpp/SideEffects1.json +++ b/rule_packages/cpp/SideEffects1.json @@ -84,7 +84,12 @@ "severity": "warning", "short_name": "DoNotDependOnTheOrderOfScalarObjectEvaluationForSideEffects", "tags": [ - "correctness" + "correctness", + "external/cert/severity/medium", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p8", + "external/cert/level/l2" ] }, { @@ -95,7 +100,12 @@ "severity": "warning", "short_name": "DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments", "tags": [ - "correctness" + "correctness", + "external/cert/severity/medium", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p8", + "external/cert/level/l2" ] } ], @@ -114,7 +124,12 @@ "severity": "warning", "short_name": "DoNotRelyOnSideEffectsInSizeOfOperand", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/low", + "external/cert/priority/p3", + "external/cert/level/l3" ] }, { @@ -125,7 +140,12 @@ "severity": "warning", "short_name": "DoNotRelyOnSideEffectsInTypeIdOperand", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/low", + "external/cert/priority/p3", + "external/cert/level/l3" ] }, { @@ -136,7 +156,12 @@ "severity": "warning", "short_name": "DoNotRelyOnSideEffectsInNoExceptOperand", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/low", + "external/cert/priority/p3", + "external/cert/level/l3" ] }, { @@ -147,7 +172,12 @@ "severity": "warning", "short_name": "DoNotRelyOnSideEffectsInDeclTypeOperand", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/low", + "external/cert/priority/p3", + "external/cert/level/l3" ] }, { @@ -158,7 +188,12 @@ "severity": "warning", "short_name": "DoNotRelyOnSideEffectsInDeclValExpression", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/low", + "external/cert/priority/p3", + "external/cert/level/l3" ] } ], diff --git a/rule_packages/cpp/SideEffects2.json b/rule_packages/cpp/SideEffects2.json index 6e5e4812fb..0338b88895 100644 --- a/rule_packages/cpp/SideEffects2.json +++ b/rule_packages/cpp/SideEffects2.json @@ -165,7 +165,12 @@ "shared_implementation_short_name": "PredicateFunctionObjectsShouldNotBeMutable", "short_name": "PredicateFunctionObjectsShouldNotBeMutable", "tags": [ - "correctness" + "correctness", + "external/cert/severity/low", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/high", + "external/cert/priority/p3", + "external/cert/level/l3" ] } ], diff --git a/rule_packages/cpp/SmartPointers2.json b/rule_packages/cpp/SmartPointers2.json index 2f89c4868a..db641b4c7e 100644 --- a/rule_packages/cpp/SmartPointers2.json +++ b/rule_packages/cpp/SmartPointers2.json @@ -16,7 +16,10 @@ "precision": "medium", "severity": "warning", "short_name": "WeakPtrNotUsedToRepresentTemporarySharedOwnership", - "tags": ["correctness", "external/autosar/audit"] + "tags": [ + "correctness", + "external/autosar/audit" + ] } ], "title": "A std::weak_ptr shall be used to represent temporary shared ownership." @@ -36,8 +39,14 @@ "severity": "error", "short_name": "OwnedPointerValueStoredInUnrelatedSmartPointerCert", "shared_implementation_short_name": "OwnedPointerValueStoredInUnrelatedSmartPointer", - - "tags": ["correctness"] + "tags": [ + "correctness", + "external/cert/severity/high", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p18", + "external/cert/level/l1" + ] } ], "title": "Do not store an already-owned pointer value in an unrelated smart pointer" diff --git a/rule_packages/cpp/Strings.json b/rule_packages/cpp/Strings.json index 2152684792..acccdc7753 100644 --- a/rule_packages/cpp/Strings.json +++ b/rule_packages/cpp/Strings.json @@ -133,7 +133,13 @@ "severity": "recommendation", "shared_implementation_short_name": "BasicStringMayNotBeNullTerminated", "short_name": "BasicStringMayNotBeNullTerminatedCert", - "tags": [] + "tags": [ + "external/cert/severity/high", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p18", + "external/cert/level/l1" + ] }, { "description": "Certain operations may not null terminate CStyle strings which may cause unpredictable behavior.", @@ -143,7 +149,13 @@ "severity": "recommendation", "shared_implementation_short_name": "OperationMayNotNullTerminateCStyleString", "short_name": "OperationMayNotNullTerminateCStyleStringCert", - "tags": [] + "tags": [ + "external/cert/severity/high", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p18", + "external/cert/level/l1" + ] } ], "title": "Guarantee that storage for strings has sufficient space for character data and the null terminator" diff --git a/rule_packages/cpp/TrustBoundaries.json b/rule_packages/cpp/TrustBoundaries.json index 7387fffc1f..0b697cd49c 100644 --- a/rule_packages/cpp/TrustBoundaries.json +++ b/rule_packages/cpp/TrustBoundaries.json @@ -38,7 +38,12 @@ "severity": "error", "short_name": "DoNotThrowAnExceptionAcrossExecutionBoundaries", "tags": [ - "correctness" + "correctness", + "external/cert/severity/high", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p12", + "external/cert/level/l1" ] } ], @@ -57,7 +62,12 @@ "severity": "error", "short_name": "DoNotPassANonstandardObjectAcrossBoundaries", "tags": [ - "correctness" + "correctness", + "external/cert/severity/high", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p12", + "external/cert/level/l1" ] } ], diff --git a/rule_packages/cpp/TypeRanges.json b/rule_packages/cpp/TypeRanges.json index 1b27e0ed91..1e8ef914bf 100644 --- a/rule_packages/cpp/TypeRanges.json +++ b/rule_packages/cpp/TypeRanges.json @@ -184,7 +184,12 @@ "short_name": "DetectErrorsWhenConvertingAStringToANumber", "shared_implementation_short_name": "StringNumberConversionMissingErrorCheck", "tags": [ - "correctness" + "correctness", + "external/cert/severity/medium", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p4", + "external/cert/level/l3" ] } ], @@ -203,7 +208,12 @@ "severity": "error", "short_name": "DoNotCastToAnOutOfRangeEnumerationValue", "tags": [ - "correctness" + "correctness", + "external/cert/severity/medium", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/medium", + "external/cert/priority/p4", + "external/cert/level/l3" ] } ], diff --git a/rule_packages/cpp/Uninitialized.json b/rule_packages/cpp/Uninitialized.json index 019987eef4..1432e11603 100644 --- a/rule_packages/cpp/Uninitialized.json +++ b/rule_packages/cpp/Uninitialized.json @@ -41,7 +41,12 @@ "short_name": "InformationLeakageAcrossTrustBoundaries", "shared_implementation_short_name": "InformationLeakageAcrossBoundaries", "tags": [ - "security" + "security", + "external/cert/severity/low", + "external/cert/likelihood/unlikely", + "external/cert/remediation-cost/high", + "external/cert/priority/p1", + "external/cert/level/l3" ], "implementation_scope": { "description": "The rule does not detect cases where fields may have uninitialized padding but are initialized via an initializer." @@ -65,7 +70,12 @@ "shared_implementation_short_name": "ReadOfUninitializedMemory", "tags": [ "correctness", - "security" + "security", + "external/cert/severity/high", + "external/cert/likelihood/probable", + "external/cert/remediation-cost/medium", + "external/cert/priority/p12", + "external/cert/level/l1" ] } ], From cb66b8c842930e97a5f1fefc69c42707f9976acf Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 1 May 2025 23:42:11 +0100 Subject: [PATCH 2524/2573] Update script to check for CERT risk assessment tags --- scripts/verify_rule_package_consistency.py | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/scripts/verify_rule_package_consistency.py b/scripts/verify_rule_package_consistency.py index 034e367db2..b9eaa5b934 100644 --- a/scripts/verify_rule_package_consistency.py +++ b/scripts/verify_rule_package_consistency.py @@ -109,6 +109,24 @@ print( f' - ERROR: {standard_name} query {query["short_name"]}.ql for Rule {rule_id} in {package_name}.json has a spurious `external/misra/c/2012/...` tag.') failed = True + if standard_name == "CERT-C" or standard_name == "CERT-C++": + expected_properties = [ + "severity", + "likelihood", + "remediation-cost", + "priority", + "level" + ] + for expected_property in expected_properties: + if not any(tag for tag in query["tags"] if tag.startswith(f"external/cert/{expected_property}/")): + print( + f' - ERROR: {standard_name} query {query["short_name"]}.ql for Rule {rule_id} in {package_name}.json is missing a `external/cert/{expected_property}/...` tag.') + failed = True + if not standard_name == "CERT-C" and not standard_name == "CERT-C++": + if any(tag for tag in query["tags"] if tag.startswith("external/cert/")): + print( + f' - ERROR: {standard_name} query {query["short_name"]}.ql for Rule {rule_id} in {package_name}.json has a spurious `external/cert/...` tag.') + failed = True rules_csv_rule_ids = package_rules_from_csv[package_name] json_missing_rules = rules_csv_rule_ids.difference(package_json_rule_ids) From 0b279397def7164aa132fecf6c57701437a47c8e Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 1 May 2025 23:44:27 +0100 Subject: [PATCH 2525/2573] Add missing header markers to markdown files --- .../rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.md | 2 +- c/cert/src/rules/INT32-C/SignedIntegerOverflow.md | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/c/cert/src/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.md b/c/cert/src/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.md index cdc62493a1..4dd3bcbe3c 100644 --- a/c/cert/src/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.md +++ b/c/cert/src/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.md @@ -249,7 +249,7 @@ In addition, this solution assumes that there are no integer padding bits in an From this situation, it can be seen that special care must be taken because no solution to the bit-field padding issue will be 100% portable. -Risk Assessment +## Risk Assessment Padding units might contain sensitive data because the C Standard allows any padding to take [unspecified values](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-unspecifiedvalue). A pointer to such a structure could be passed to other functions, causing information leakage. diff --git a/c/cert/src/rules/INT32-C/SignedIntegerOverflow.md b/c/cert/src/rules/INT32-C/SignedIntegerOverflow.md index dbe36775bf..50a9d01dcd 100644 --- a/c/cert/src/rules/INT32-C/SignedIntegerOverflow.md +++ b/c/cert/src/rules/INT32-C/SignedIntegerOverflow.md @@ -398,7 +398,8 @@ void func(signed long s_a) { } ``` -Risk Assessment + +## Risk Assessment Integer overflow can lead to buffer overflows and the execution of arbitrary code by an attacker. From be2985722a7585fdf23f9dc5c4addbae555d2e63 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 1 May 2025 23:45:16 +0100 Subject: [PATCH 2526/2573] Add risk assessment tags to CERT queries --- .../DoNotFormOutOfBoundsPointersOrArraySubscripts.ql | 5 +++++ .../rules/ARR32-C/VariableLengthArraySizeNotInValidRange.ql | 5 +++++ .../DoNotRelatePointersThatDoNotReferToTheSameArray.ql | 5 +++++ .../DoNotSubtractPointersThatDoNotReferToTheSameArray.ql | 5 +++++ .../DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql | 5 +++++ .../src/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.ql | 5 +++++ .../ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql | 5 +++++ c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql | 5 +++++ .../CON31-C/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql | 5 +++++ .../src/rules/CON31-C/DoNotDestroyAMutexWhileItIsLocked.ql | 5 +++++ .../rules/CON32-C/PreventDataRacesWithMultipleThreads.ql | 5 +++++ .../CON33-C/RaceConditionsWhenUsingLibraryFunctions.ql | 5 +++++ .../CON34-C/AppropriateThreadObjectStorageDurations.ql | 6 ++++++ .../CON34-C/ThreadObjectStorageDurationsNotInitialized.ql | 6 ++++++ .../src/rules/CON35-C/DeadlockByLockingInPredefinedOrder.ql | 5 +++++ .../CON36-C/WrapFunctionsThatCanSpuriouslyWakeUpInLoop.ql | 5 +++++ .../rules/CON37-C/DoNotCallSignalInMultithreadedProgram.ql | 5 +++++ .../CON38-C/PreserveSafetyWhenUsingConditionVariables.ql | 5 +++++ .../rules/CON39-C/ThreadWasPreviouslyJoinedOrDetached.ql | 5 +++++ c/cert/src/rules/CON40-C/AtomicVariableTwiceInExpression.ql | 5 +++++ .../CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.ql | 5 +++++ .../DCL30-C/AppropriateStorageDurationsFunctionReturn.ql | 5 +++++ .../DCL30-C/AppropriateStorageDurationsStackAdressEscape.ql | 5 +++++ .../src/rules/DCL31-C/DeclareIdentifiersBeforeUsingThem.ql | 5 +++++ .../DCL37-C/DoNotDeclareOrDefineAReservedIdentifier.ql | 5 +++++ c/cert/src/rules/DCL38-C/DeclaringAFlexibleArrayMember.ql | 5 +++++ .../DCL39-C/InformationLeakageAcrossTrustBoundariesC.ql | 5 +++++ .../DCL40-C/ExcessLengthNamesIdentifiersNotDistinct.ql | 5 +++++ .../src/rules/DCL40-C/IncompatibleFunctionDeclarations.ql | 5 +++++ c/cert/src/rules/DCL40-C/IncompatibleObjectDeclarations.ql | 5 +++++ c/cert/src/rules/DCL41-C/VariablesInsideSwitchStatement.ql | 5 +++++ .../ENV30-C/DoNotModifyTheReturnValueOfCertainFunctions.ql | 5 +++++ .../ENV31-C/EnvPointerIsInvalidAfterCertainOperations.ql | 5 +++++ c/cert/src/rules/ENV32-C/ExitHandlersMustReturnNormally.ql | 5 +++++ c/cert/src/rules/ENV33-C/DoNotCallSystem.ql | 5 +++++ .../ENV34-C/DoNotStorePointersReturnedByEnvFunctions.ql | 5 +++++ .../DoNotStorePointersReturnedByEnvironmentFunWarn.ql | 5 +++++ c/cert/src/rules/ERR30-C/ErrnoNotSetToZero.ql | 5 +++++ c/cert/src/rules/ERR30-C/ErrnoReadBeforeReturn.ql | 5 +++++ c/cert/src/rules/ERR30-C/FunctionCallBeforeErrnoCheck.ql | 5 +++++ c/cert/src/rules/ERR30-C/SetlocaleMightSetErrno.ql | 5 +++++ .../rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql | 5 +++++ .../rules/ERR33-C/DetectAndHandleStandardLibraryErrors.ql | 5 +++++ .../DependenceOnOrderOfFunctionArgumentsForSideEffects.ql | 5 +++++ .../DependenceOnOrderOfScalarEvaluationForSideEffects.ql | 5 +++++ .../DoNotAccessVolatileObjectWithNonVolatileReference.ql | 5 +++++ c/cert/src/rules/EXP33-C/DoNotReadUninitializedMemory.ql | 5 +++++ c/cert/src/rules/EXP34-C/DoNotDereferenceNullPointers.ql | 5 +++++ .../EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.ql | 5 +++++ .../DoNotCastPointerToMoreStrictlyAlignedPointerType.ql | 5 +++++ .../rules/EXP37-C/CallPOSIXOpenWithCorrectArgumentCount.ql | 5 +++++ .../EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql | 5 +++++ .../EXP37-C/DoNotCallFunctionsWithIncompatibleArguments.ql | 5 +++++ .../DoNotAccessVariableViaPointerOfIncompatibleType.ql | 6 ++++++ c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql | 5 +++++ c/cert/src/rules/EXP42-C/DoNotComparePaddingData.ql | 5 +++++ .../DoNotPassAliasedPointerToRestrictQualifiedParam.ql | 5 +++++ .../EXP43-C/RestrictPointerReferencesOverlappingObject.ql | 5 +++++ .../src/rules/EXP44-C/UnevaluatedOperandWithSideEffect.ql | 5 +++++ .../src/rules/EXP45-C/AssignmentsInSelectionStatements.ql | 6 ++++++ .../DoNotUseABitwiseOperatorWithABooleanLikeOperand.ql | 5 +++++ .../src/rules/FIO30-C/ExcludeUserInputFromFormatStrings.ql | 5 +++++ .../rules/FIO32-C/DoNotPerformFileOperationsOnDevices.ql | 5 +++++ .../DistinguishBetweenCharReadFromAFileAndEofOrWeof.ql | 5 +++++ c/cert/src/rules/FIO34-C/EndOfFileCheckPortability.ql | 5 +++++ .../SuccessfulFgetsOrFgetwsMayReturnAnEmptyString.ql | 5 +++++ c/cert/src/rules/FIO38-C/DoNotCopyAFileObject.ql | 5 +++++ .../DoNotAlternatelyIOFromAStreamWithoutPositioning.ql | 5 +++++ .../src/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.ql | 5 +++++ .../rules/FIO41-C/DoNotCallGetcAndPutcWithSideEffects.ql | 5 +++++ .../rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.ql | 5 +++++ .../OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql | 5 +++++ .../FIO45-C/ToctouRaceConditionsWhileAccessingFiles.ql | 5 +++++ .../rules/FIO46-C/UndefinedBehaviorAccessingAClosedFile.ql | 5 +++++ c/cert/src/rules/FIO47-C/UseValidSpecifiers.ql | 5 +++++ c/cert/src/rules/FIO47-C/WrongNumberOfFormatArguments.ql | 5 +++++ c/cert/src/rules/FIO47-C/WrongTypeFormatArguments.ql | 5 +++++ c/cert/src/rules/FLP30-C/FloatingPointLoopCounters.ql | 5 +++++ c/cert/src/rules/FLP32-C/UncheckedRangeDomainPoleErrors.ql | 5 +++++ .../src/rules/FLP34-C/UncheckedFloatingPointConversion.ql | 5 +++++ c/cert/src/rules/FLP36-C/IntToFloatPreservePrecision.ql | 5 +++++ c/cert/src/rules/FLP37-C/MemcmpUsedToCompareFloats.ql | 5 +++++ .../rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql | 5 +++++ c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.ql | 5 +++++ c/cert/src/rules/INT32-C/SignedIntegerOverflow.ql | 5 +++++ c/cert/src/rules/INT33-C/DivOrRemByZero.ql | 5 +++++ .../ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql | 5 +++++ c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.ql | 5 +++++ .../ConvertingAPointerToIntegerOrIntegerToPointer.ql | 5 +++++ c/cert/src/rules/MEM30-C/DoNotAccessFreedMemory.ql | 5 +++++ .../src/rules/MEM31-C/FreeMemoryWhenNoLongerNeededCert.ql | 5 +++++ .../AllocStructsWithAFlexibleArrayMemberDynamically.ql | 5 +++++ .../CopyStructsWithAFlexibleArrayMemberDynamically.ql | 5 +++++ .../rules/MEM34-C/OnlyFreeMemoryAllocatedDynamicallyCert.ql | 5 +++++ .../rules/MEM35-C/InsufficientMemoryAllocatedForObject.ql | 5 +++++ .../MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql | 6 ++++++ .../MSC30-C/RandUsedForGeneratingPseudorandomNumbers.ql | 5 +++++ .../MSC32-C/ProperlySeedPseudorandomNumberGenerators.ql | 5 +++++ .../MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.ql | 5 +++++ .../MSC37-C/ControlFlowReachesTheEndOfANonVoidFunction.ql | 5 +++++ .../MSC38-C/DoNotTreatAPredefinedIdentifierAsObject.ql | 5 +++++ .../DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql | 5 +++++ .../rules/MSC40-C/DoNotViolateInLineLinkageConstraints.ql | 5 +++++ .../rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.ql | 5 +++++ .../rules/PRE32-C/MacroOrFunctionArgsContainHashToken.ql | 5 +++++ .../CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql | 5 +++++ .../SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.ql | 5 +++++ .../DoNotCallSignalFromInterruptibleSignalHandlers.ql | 5 +++++ .../DoNotReturnFromAComputationalExceptionHandler.ql | 5 +++++ .../src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql | 5 +++++ .../StringsHasSufficientSpaceForTheNullTerminator.ql | 5 +++++ .../NonNullTerminatedToFunctionThatExpectsAString.ql | 5 +++++ .../rules/STR34-C/CastCharBeforeConvertingToLargerSizes.ql | 5 +++++ .../ToCharacterHandlingFunctionsRepresentableAsUChar.ql | 5 +++++ .../src/rules/STR38-C/DoNotConfuseNarrowAndWideFunctions.ql | 5 +++++ .../CON50-CPP/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql | 5 +++++ .../rules/CON50-CPP/DoNotDestroyAMutexWhileItIsLocked.ql | 5 +++++ ...reActivelyHeldLocksAreReleasedOnExceptionalConditions.ql | 5 +++++ .../CON52-CPP/PreventBitFieldAccessFromMultipleThreads.ql | 5 +++++ .../rules/CON53-CPP/DeadlockByLockingInPredefinedOrder.ql | 5 +++++ .../CON54-CPP/WrapFunctionsThatCanSpuriouslyWakeUpInLoop.ql | 5 +++++ .../CON55-CPP/PreserveSafetyWhenUsingConditionVariables.ql | 5 +++++ .../DoNotSpeculativelyLockALockedNonRecursiveMutex.ql | 5 +++++ .../rules/CON56-CPP/LockedALockedNonRecursiveMutexAudit.ql | 5 +++++ .../rules/CTR50-CPP/ContainerAccessWithoutRangeCheckCert.ql | 5 +++++ .../src/rules/CTR51-CPP/UsesValidContainerElementAccess.ql | 5 +++++ .../GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql | 5 +++++ cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.ql | 5 +++++ .../DoNotSubtractIteratorsForDifferentContainers.ql | 5 +++++ .../CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql | 5 +++++ .../DoNotUsePointerArithmeticOnPolymorphicObjects.ql | 5 +++++ .../src/rules/CTR57-CPP/ProvideAValidOrderingPredicate.ql | 5 +++++ .../CTR58-CPP/PredicateFunctionObjectsShouldNotBeMutable.ql | 5 +++++ .../rules/DCL50-CPP/DoNotDefineACStyleVariadicFunction.ql | 5 +++++ .../src/rules/DCL51-CPP/EnumeratorReusesReservedName.ql | 5 +++++ cpp/cert/src/rules/DCL51-CPP/FunctionReusesReservedName.ql | 5 +++++ cpp/cert/src/rules/DCL51-CPP/ObjectReusesReservedName.ql | 5 +++++ .../src/rules/DCL51-CPP/RedefiningOfStandardLibraryName.ql | 5 +++++ cpp/cert/src/rules/DCL51-CPP/ReuseOfReservedIdentifier.ql | 5 +++++ .../rules/DCL51-CPP/UseOfDoubleUnderscoreReservedPrefix.ql | 5 +++++ .../rules/DCL51-CPP/UseOfReservedLiteralSuffixIdentifier.ql | 5 +++++ .../rules/DCL51-CPP/UseOfSingleUnderscoreReservedPrefix.ql | 5 +++++ .../LocalConstructorInitializedObjectHidesIdentifier.ql | 5 +++++ cpp/cert/src/rules/DCL53-CPP/LocalFunctionDeclaration.ql | 5 +++++ .../src/rules/DCL54-CPP/SingularOverloadOfMemoryFunction.ql | 5 +++++ .../DCL55-CPP/InformationLeakageAcrossTrustBoundaries.ql | 5 +++++ .../src/rules/DCL56-CPP/CyclesDuringStaticObjectInit.ql | 5 +++++ ...xceptionsEscapeFromDestructorsOrDeallocationFunctions.ql | 5 +++++ .../rules/DCL58-CPP/ModificationOfTheStandardNamespaces.ql | 5 +++++ .../src/rules/DCL59-CPP/UnnamedNamespaceInHeaderFile.ql | 5 +++++ cpp/cert/src/rules/DCL60-CPP/OneDefinitionRuleNotObeyed.ql | 5 +++++ .../ERR50-CPP/ConditionVariablePostConditionFailedCert.ql | 5 +++++ .../src/rules/ERR50-CPP/ExitHandlerThrowsExceptionCert.ql | 5 +++++ .../src/rules/ERR50-CPP/ExplicitAbruptTerminationCert.ql | 5 +++++ .../rules/ERR50-CPP/JoinableThreadCopiedOrDestroyedCert.ql | 5 +++++ .../src/rules/ERR50-CPP/RethrowNestedWithoutCaptureCert.ql | 5 +++++ cpp/cert/src/rules/ERR51-CPP/HandleAllExceptions.ql | 5 +++++ cpp/cert/src/rules/ERR52-CPP/DoNotUseSetjmpOrLongjmp.ql | 5 +++++ ...royedValueReferencedInConstructorDestructorCatchBlock.ql | 5 +++++ cpp/cert/src/rules/ERR54-CPP/CatchBlockShadowingCert.ql | 5 +++++ .../src/rules/ERR55-CPP/HonorExceptionSpecifications.ql | 5 +++++ cpp/cert/src/rules/ERR56-CPP/GuaranteeExceptionSafety.ql | 5 +++++ .../ERR57-CPP/DoNotLeakResourcesWhenHandlingExceptions.ql | 5 +++++ .../HandleAllExceptionsThrownBeforeMainBeginsExecuting.ql | 5 +++++ .../DoNotThrowAnExceptionAcrossExecutionBoundaries.ql | 5 +++++ .../ExceptionObjectsMustBeNothrowCopyConstructible.ql | 5 +++++ .../src/rules/ERR61-CPP/CatchExceptionsByLvalueReference.ql | 5 +++++ .../ERR62-CPP/DetectErrorsWhenConvertingAStringToANumber.ql | 5 +++++ ...ationForSideEffectsInFunctionCallsAsFunctionArguments.ql | 5 +++++ ...ependOnTheOrderOfScalarObjectEvaluationForSideEffects.ql | 5 +++++ .../DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql | 5 +++++ .../EXP52-CPP/DoNotRelyOnSideEffectsInDeclTypeOperand.ql | 5 +++++ .../EXP52-CPP/DoNotRelyOnSideEffectsInDeclValExpression.ql | 5 +++++ .../EXP52-CPP/DoNotRelyOnSideEffectsInNoExceptOperand.ql | 5 +++++ .../EXP52-CPP/DoNotRelyOnSideEffectsInSizeOfOperand.ql | 5 +++++ .../EXP52-CPP/DoNotRelyOnSideEffectsInTypeIdOperand.ql | 5 +++++ .../src/rules/EXP53-CPP/DoNotReadUninitializedMemory.ql | 5 +++++ .../src/rules/EXP54-CPP/ObjectAccessedAfterLifetimeCert.ql | 5 +++++ .../src/rules/EXP54-CPP/ObjectAccessedBeforeLifetimeCert.ql | 5 +++++ .../EXP55-CPP/RemoveConstOrVolatileQualificationCert.ql | 5 +++++ .../EXP56-CPP/FunctionWithMismatchedLanguageLinkage.ql | 5 +++++ .../src/rules/EXP57-CPP/CastOfPointerToIncompleteClass.ql | 5 +++++ .../src/rules/EXP57-CPP/DeletingPointerToIncompleteClass.ql | 5 +++++ .../src/rules/EXP58-CPP/PassNonTrivialObjectToVaStart.ql | 5 +++++ .../rules/EXP58-CPP/PassPromotablePrimitiveTypeToVaStart.ql | 5 +++++ cpp/cert/src/rules/EXP58-CPP/PassReferenceTypeToVaStart.ql | 5 +++++ .../src/rules/EXP59-CPP/OffsetUsedOnInvalidTypeOrMember.ql | 5 +++++ .../DoNotPassANonstandardObjectAcrossBoundaries.ql | 5 +++++ .../EXP61-CPP/EscapingLambdaObjectWithCaptureByReference.ql | 5 +++++ .../ReturningLambdaObjectWithCaptureByReference.ql | 5 +++++ .../EXP62-CPP/MemcmpUsedToAccessObjectRepresentation.ql | 5 +++++ .../EXP62-CPP/MemcpyUsedToAccessObjectRepresentation.ql | 5 +++++ .../EXP62-CPP/MemsetUsedToAccessObjectRepresentation.ql | 5 +++++ .../EXP63-CPP/DoNotRelyOnTheValueOfAMovedFromObject.ql | 5 +++++ .../FIO50-CPP/InterleavedInputOutputWithoutPosition.ql | 5 +++++ .../rules/FIO51-CPP/CloseFilesWhenTheyAreNoLongerNeeded.ql | 5 +++++ .../INT50-CPP/DoNotCastToAnOutOfRangeEnumerationValue.ql | 5 +++++ cpp/cert/src/rules/MEM50-CPP/UseAfterFree.ql | 5 +++++ .../ProperlyDeallocateDynamicallyAllocatedResources.ql | 5 +++++ .../MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql | 5 +++++ .../MissingConstructorCallForManuallyManagedObject.ql | 5 +++++ .../MissingDestructorCallForManuallyManagedObject.ql | 5 +++++ .../rules/MEM54-CPP/PlacementNewInsufficientStorageCert.ql | 5 +++++ .../rules/MEM54-CPP/PlacementNewNotProperlyAlignedCert.ql | 5 +++++ .../src/rules/MEM55-CPP/OperatorDeleteMissingPartnerCert.ql | 5 +++++ .../rules/MEM55-CPP/ThrowingNoThrowOperatorNewDeleteCert.ql | 5 +++++ .../rules/MEM55-CPP/ThrowingOperatorNewReturnsNullCert.ql | 5 +++++ .../ThrowingOperatorNewThrowsInvalidExceptionCert.ql | 5 +++++ .../OwnedPointerValueStoredInUnrelatedSmartPointerCert.ql | 5 +++++ .../MEM57-CPP/UsingDefaultOperatorNewForOverAlignedTypes.ql | 5 +++++ .../DoNotUseRandForGeneratingPseudorandomNumbers.ql | 5 +++++ .../src/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.ql | 5 +++++ .../src/rules/MSC52-CPP/NonVoidFunctionDoesNotReturnCert.ql | 5 +++++ .../MSC53-CPP/FunctionNoReturnAttributeConditionCert.ql | 5 +++++ .../rules/MSC54-CPP/SignalHandlerMustBeAPlainOldFunction.ql | 5 +++++ ...otInvokeVirtualFunctionsFromConstructorsOrDestructors.ql | 5 +++++ cpp/cert/src/rules/OOP51-CPP/DoNotSliceDerivedObjects.ql | 5 +++++ ...oNotDeleteAPolymorphicObjectWithoutAVirtualDestructor.ql | 5 +++++ .../src/rules/OOP53-CPP/UseCanonicalOrderForMemberInit.ql | 5 +++++ .../rules/OOP54-CPP/GracefullyHandleSelfCopyAssignment.ql | 5 +++++ .../MemberAccessWithUninitializedStaticPointerToMember.ql | 5 +++++ .../UseOfPointerToMemberToAccessNonexistentMember.ql | 5 +++++ .../UseOfPointerToMemberToAccessUndefinedMember.ql | 5 +++++ .../OOP56-CPP/HonorNewReplacementHandlerRequirements.ql | 5 +++++ .../HonorTerminationReplacementHandlerRequirements.ql | 5 +++++ ...ionsAndOverloadedOperatorsToCStandardLibraryFunctions.ql | 5 +++++ .../OOP58-CPP/CopyOperationsMustNotMutateTheSourceObject.ql | 5 +++++ .../STR50-CPP/BasicStringMayNotBeNullTerminatedCert.ql | 5 +++++ .../OperationMayNotNullTerminateCStyleStringCert.ql | 5 +++++ .../DoNotAttemptToCreateAStringFromANullPointer.ql | 5 +++++ .../STR52-CPP/UseValidReferencesForElementsOfString.ql | 5 +++++ .../src/rules/STR53-CPP/RangeCheckStringElementAccess.ql | 5 +++++ 232 files changed, 1165 insertions(+) diff --git a/c/cert/src/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.ql b/c/cert/src/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.ql index cc4c99c002..fed579bf34 100644 --- a/c/cert/src/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.ql +++ b/c/cert/src/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/arr30-c * correctness * security + * external/cert/severity/high + * external/cert/likelihood/likely + * external/cert/remediation-cost/high + * external/cert/priority/p9 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.ql b/c/cert/src/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.ql index 40a800aa69..85fc7b9022 100644 --- a/c/cert/src/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.ql +++ b/c/cert/src/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/arr32-c * correctness * security + * external/cert/severity/high + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/ARR36-C/DoNotRelatePointersThatDoNotReferToTheSameArray.ql b/c/cert/src/rules/ARR36-C/DoNotRelatePointersThatDoNotReferToTheSameArray.ql index 93244bd483..e42437042f 100644 --- a/c/cert/src/rules/ARR36-C/DoNotRelatePointersThatDoNotReferToTheSameArray.ql +++ b/c/cert/src/rules/ARR36-C/DoNotRelatePointersThatDoNotReferToTheSameArray.ql @@ -8,6 +8,11 @@ * @problem.severity warning * @tags external/cert/id/arr36-c * correctness + * external/cert/severity/medium + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p8 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/ARR36-C/DoNotSubtractPointersThatDoNotReferToTheSameArray.ql b/c/cert/src/rules/ARR36-C/DoNotSubtractPointersThatDoNotReferToTheSameArray.ql index b3ed62d5d7..a9e53e68b7 100644 --- a/c/cert/src/rules/ARR36-C/DoNotSubtractPointersThatDoNotReferToTheSameArray.ql +++ b/c/cert/src/rules/ARR36-C/DoNotSubtractPointersThatDoNotReferToTheSameArray.ql @@ -8,6 +8,11 @@ * @problem.severity warning * @tags external/cert/id/arr36-c * correctness + * external/cert/severity/medium + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p8 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql b/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql index 0ddf56150c..635d9d5c03 100644 --- a/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql +++ b/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/arr37-c * correctness + * external/cert/severity/medium + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p8 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.ql b/c/cert/src/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.ql index 5082743193..04e1c8a505 100644 --- a/c/cert/src/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.ql +++ b/c/cert/src/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/arr38-c * correctness * security + * external/cert/severity/high + * external/cert/likelihood/likely + * external/cert/remediation-cost/medium + * external/cert/priority/p18 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql b/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql index 61dd77f6f4..c3ebd6ede6 100644 --- a/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql +++ b/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/arr39-c * correctness + * external/cert/severity/high + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql b/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql index 69b1b333be..1e03c089e8 100644 --- a/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql +++ b/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/con30-c * correctness * concurrency + * external/cert/severity/medium + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/CON31-C/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql b/c/cert/src/rules/CON31-C/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql index 0bde0b0de7..345623fe0d 100644 --- a/c/cert/src/rules/CON31-C/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql +++ b/c/cert/src/rules/CON31-C/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/con31-c * correctness * concurrency + * external/cert/severity/medium + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/CON31-C/DoNotDestroyAMutexWhileItIsLocked.ql b/c/cert/src/rules/CON31-C/DoNotDestroyAMutexWhileItIsLocked.ql index b37dccab3a..40c4e936dd 100644 --- a/c/cert/src/rules/CON31-C/DoNotDestroyAMutexWhileItIsLocked.ql +++ b/c/cert/src/rules/CON31-C/DoNotDestroyAMutexWhileItIsLocked.ql @@ -8,6 +8,11 @@ * @tags external/cert/id/con31-c * correctness * concurrency + * external/cert/severity/medium + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/CON32-C/PreventDataRacesWithMultipleThreads.ql b/c/cert/src/rules/CON32-C/PreventDataRacesWithMultipleThreads.ql index d4f3cbbe10..3ea9e1e1fd 100644 --- a/c/cert/src/rules/CON32-C/PreventDataRacesWithMultipleThreads.ql +++ b/c/cert/src/rules/CON32-C/PreventDataRacesWithMultipleThreads.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/con32-c * correctness * concurrency + * external/cert/severity/medium + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p8 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/CON33-C/RaceConditionsWhenUsingLibraryFunctions.ql b/c/cert/src/rules/CON33-C/RaceConditionsWhenUsingLibraryFunctions.ql index 4efafd8ebf..c9bcaa6bd2 100644 --- a/c/cert/src/rules/CON33-C/RaceConditionsWhenUsingLibraryFunctions.ql +++ b/c/cert/src/rules/CON33-C/RaceConditionsWhenUsingLibraryFunctions.ql @@ -8,6 +8,11 @@ * @tags external/cert/id/con33-c * correctness * concurrency + * external/cert/severity/medium + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql b/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql index 3d0cc3f481..eef196a9ec 100644 --- a/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql +++ b/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql @@ -9,6 +9,12 @@ * @tags external/cert/id/con34-c * correctness * concurrency + * external/cert/recommendation/con34-c + * external/cert/severity/medium + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql b/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql index fc75cb94ff..fa0587bce0 100644 --- a/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql +++ b/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql @@ -10,6 +10,12 @@ * external/cert/audit * correctness * concurrency + * external/cert/recommendation/con34-c + * external/cert/severity/medium + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/CON35-C/DeadlockByLockingInPredefinedOrder.ql b/c/cert/src/rules/CON35-C/DeadlockByLockingInPredefinedOrder.ql index 143e0a58be..764b0f263f 100644 --- a/c/cert/src/rules/CON35-C/DeadlockByLockingInPredefinedOrder.ql +++ b/c/cert/src/rules/CON35-C/DeadlockByLockingInPredefinedOrder.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/con35-c * correctness * concurrency + * external/cert/severity/low + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/CON36-C/WrapFunctionsThatCanSpuriouslyWakeUpInLoop.ql b/c/cert/src/rules/CON36-C/WrapFunctionsThatCanSpuriouslyWakeUpInLoop.ql index 430a0e7c19..d0d948d9b2 100644 --- a/c/cert/src/rules/CON36-C/WrapFunctionsThatCanSpuriouslyWakeUpInLoop.ql +++ b/c/cert/src/rules/CON36-C/WrapFunctionsThatCanSpuriouslyWakeUpInLoop.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/con36-c * correctness * concurrency + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p2 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/CON37-C/DoNotCallSignalInMultithreadedProgram.ql b/c/cert/src/rules/CON37-C/DoNotCallSignalInMultithreadedProgram.ql index 00cf456948..17691f24dd 100644 --- a/c/cert/src/rules/CON37-C/DoNotCallSignalInMultithreadedProgram.ql +++ b/c/cert/src/rules/CON37-C/DoNotCallSignalInMultithreadedProgram.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/con37-c * correctness * concurrency + * external/cert/severity/low + * external/cert/likelihood/probable + * external/cert/remediation-cost/low + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/CON38-C/PreserveSafetyWhenUsingConditionVariables.ql b/c/cert/src/rules/CON38-C/PreserveSafetyWhenUsingConditionVariables.ql index 470480ae62..3b2ae558d8 100644 --- a/c/cert/src/rules/CON38-C/PreserveSafetyWhenUsingConditionVariables.ql +++ b/c/cert/src/rules/CON38-C/PreserveSafetyWhenUsingConditionVariables.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/con38-c * correctness * concurrency + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p2 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/CON39-C/ThreadWasPreviouslyJoinedOrDetached.ql b/c/cert/src/rules/CON39-C/ThreadWasPreviouslyJoinedOrDetached.ql index 0604d2d483..6ef617ca72 100644 --- a/c/cert/src/rules/CON39-C/ThreadWasPreviouslyJoinedOrDetached.ql +++ b/c/cert/src/rules/CON39-C/ThreadWasPreviouslyJoinedOrDetached.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/con39-c * correctness * concurrency + * external/cert/severity/low + * external/cert/likelihood/likely + * external/cert/remediation-cost/medium + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/CON40-C/AtomicVariableTwiceInExpression.ql b/c/cert/src/rules/CON40-C/AtomicVariableTwiceInExpression.ql index 8a44013277..0ec195868f 100644 --- a/c/cert/src/rules/CON40-C/AtomicVariableTwiceInExpression.ql +++ b/c/cert/src/rules/CON40-C/AtomicVariableTwiceInExpression.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/con40-c * correctness * concurrency + * external/cert/severity/medium + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p8 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.ql b/c/cert/src/rules/CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.ql index dd8aed6a55..57be1bc488 100644 --- a/c/cert/src/rules/CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.ql +++ b/c/cert/src/rules/CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/con41-c * correctness * concurrency + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p2 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql b/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql index e4f5341014..2e1064ee9d 100644 --- a/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql +++ b/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/dcl30-c * correctness + * external/cert/severity/high + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsStackAdressEscape.ql b/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsStackAdressEscape.ql index fb9b13b39c..a5749aa8bc 100644 --- a/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsStackAdressEscape.ql +++ b/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsStackAdressEscape.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/dcl30-c * correctness + * external/cert/severity/high + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/DCL31-C/DeclareIdentifiersBeforeUsingThem.ql b/c/cert/src/rules/DCL31-C/DeclareIdentifiersBeforeUsingThem.ql index 369baa4a63..35e6cd057a 100644 --- a/c/cert/src/rules/DCL31-C/DeclareIdentifiersBeforeUsingThem.ql +++ b/c/cert/src/rules/DCL31-C/DeclareIdentifiersBeforeUsingThem.ql @@ -8,6 +8,11 @@ * @tags external/cert/id/dcl31-c * correctness * readability + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/low + * external/cert/priority/p3 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/DCL37-C/DoNotDeclareOrDefineAReservedIdentifier.ql b/c/cert/src/rules/DCL37-C/DoNotDeclareOrDefineAReservedIdentifier.ql index 99c5a9708b..04a3030cc1 100644 --- a/c/cert/src/rules/DCL37-C/DoNotDeclareOrDefineAReservedIdentifier.ql +++ b/c/cert/src/rules/DCL37-C/DoNotDeclareOrDefineAReservedIdentifier.ql @@ -9,6 +9,11 @@ * correctness * maintainability * readability + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/low + * external/cert/priority/p3 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/DCL38-C/DeclaringAFlexibleArrayMember.ql b/c/cert/src/rules/DCL38-C/DeclaringAFlexibleArrayMember.ql index e9fa3f1017..d6000852c6 100644 --- a/c/cert/src/rules/DCL38-C/DeclaringAFlexibleArrayMember.ql +++ b/c/cert/src/rules/DCL38-C/DeclaringAFlexibleArrayMember.ql @@ -10,6 +10,11 @@ * correctness * maintainability * readability + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/low + * external/cert/priority/p3 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.ql b/c/cert/src/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.ql index 1199fbeb9b..dd2c1217cf 100644 --- a/c/cert/src/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.ql +++ b/c/cert/src/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/dcl39-c * security + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/high + * external/cert/priority/p1 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/DCL40-C/ExcessLengthNamesIdentifiersNotDistinct.ql b/c/cert/src/rules/DCL40-C/ExcessLengthNamesIdentifiersNotDistinct.ql index ba2cc5c23f..d002326fae 100644 --- a/c/cert/src/rules/DCL40-C/ExcessLengthNamesIdentifiersNotDistinct.ql +++ b/c/cert/src/rules/DCL40-C/ExcessLengthNamesIdentifiersNotDistinct.ql @@ -9,6 +9,11 @@ * correctness * maintainability * readability + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p2 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/DCL40-C/IncompatibleFunctionDeclarations.ql b/c/cert/src/rules/DCL40-C/IncompatibleFunctionDeclarations.ql index 8cab442e54..8c25fe3350 100644 --- a/c/cert/src/rules/DCL40-C/IncompatibleFunctionDeclarations.ql +++ b/c/cert/src/rules/DCL40-C/IncompatibleFunctionDeclarations.ql @@ -11,6 +11,11 @@ * correctness * maintainability * readability + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p2 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/DCL40-C/IncompatibleObjectDeclarations.ql b/c/cert/src/rules/DCL40-C/IncompatibleObjectDeclarations.ql index 151d33db5c..8e220062d4 100644 --- a/c/cert/src/rules/DCL40-C/IncompatibleObjectDeclarations.ql +++ b/c/cert/src/rules/DCL40-C/IncompatibleObjectDeclarations.ql @@ -10,6 +10,11 @@ * correctness * maintainability * readability + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p2 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/DCL41-C/VariablesInsideSwitchStatement.ql b/c/cert/src/rules/DCL41-C/VariablesInsideSwitchStatement.ql index db42f7102c..6f06174b99 100644 --- a/c/cert/src/rules/DCL41-C/VariablesInsideSwitchStatement.ql +++ b/c/cert/src/rules/DCL41-C/VariablesInsideSwitchStatement.ql @@ -10,6 +10,11 @@ * correctness * maintainability * readability + * external/cert/severity/medium + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/ENV30-C/DoNotModifyTheReturnValueOfCertainFunctions.ql b/c/cert/src/rules/ENV30-C/DoNotModifyTheReturnValueOfCertainFunctions.ql index 42f13f6244..f69a78ba2c 100644 --- a/c/cert/src/rules/ENV30-C/DoNotModifyTheReturnValueOfCertainFunctions.ql +++ b/c/cert/src/rules/ENV30-C/DoNotModifyTheReturnValueOfCertainFunctions.ql @@ -8,6 +8,11 @@ * @problem.severity warning * @tags external/cert/id/env30-c * correctness + * external/cert/severity/low + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/ENV31-C/EnvPointerIsInvalidAfterCertainOperations.ql b/c/cert/src/rules/ENV31-C/EnvPointerIsInvalidAfterCertainOperations.ql index a925b80e74..b4d4a74d57 100644 --- a/c/cert/src/rules/ENV31-C/EnvPointerIsInvalidAfterCertainOperations.ql +++ b/c/cert/src/rules/ENV31-C/EnvPointerIsInvalidAfterCertainOperations.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/env31-c * correctness + * external/cert/severity/low + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/ENV32-C/ExitHandlersMustReturnNormally.ql b/c/cert/src/rules/ENV32-C/ExitHandlersMustReturnNormally.ql index 1b360ca0d8..19cf28b3e9 100644 --- a/c/cert/src/rules/ENV32-C/ExitHandlersMustReturnNormally.ql +++ b/c/cert/src/rules/ENV32-C/ExitHandlersMustReturnNormally.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/env32-c * correctness + * external/cert/severity/medium + * external/cert/likelihood/likely + * external/cert/remediation-cost/medium + * external/cert/priority/p12 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/ENV33-C/DoNotCallSystem.ql b/c/cert/src/rules/ENV33-C/DoNotCallSystem.ql index 58a9c8db79..3b21cd7544 100644 --- a/c/cert/src/rules/ENV33-C/DoNotCallSystem.ql +++ b/c/cert/src/rules/ENV33-C/DoNotCallSystem.ql @@ -7,6 +7,11 @@ * @problem.severity error * @tags external/cert/id/env33-c * security + * external/cert/severity/high + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p12 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/ENV34-C/DoNotStorePointersReturnedByEnvFunctions.ql b/c/cert/src/rules/ENV34-C/DoNotStorePointersReturnedByEnvFunctions.ql index 505f26046a..af54dfa823 100644 --- a/c/cert/src/rules/ENV34-C/DoNotStorePointersReturnedByEnvFunctions.ql +++ b/c/cert/src/rules/ENV34-C/DoNotStorePointersReturnedByEnvFunctions.ql @@ -9,6 +9,11 @@ * @problem.severity error * @tags external/cert/id/env34-c * correctness + * external/cert/severity/low + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/ENV34-C/DoNotStorePointersReturnedByEnvironmentFunWarn.ql b/c/cert/src/rules/ENV34-C/DoNotStorePointersReturnedByEnvironmentFunWarn.ql index b5dd9f4d80..784b7898d6 100644 --- a/c/cert/src/rules/ENV34-C/DoNotStorePointersReturnedByEnvironmentFunWarn.ql +++ b/c/cert/src/rules/ENV34-C/DoNotStorePointersReturnedByEnvironmentFunWarn.ql @@ -9,6 +9,11 @@ * @problem.severity warning * @tags external/cert/id/env34-c * correctness + * external/cert/severity/low + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/ERR30-C/ErrnoNotSetToZero.ql b/c/cert/src/rules/ERR30-C/ErrnoNotSetToZero.ql index cc1dd82bbb..06ac9d1198 100644 --- a/c/cert/src/rules/ERR30-C/ErrnoNotSetToZero.ql +++ b/c/cert/src/rules/ERR30-C/ErrnoNotSetToZero.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/err30-c * correctness + * external/cert/severity/medium + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p8 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/ERR30-C/ErrnoReadBeforeReturn.ql b/c/cert/src/rules/ERR30-C/ErrnoReadBeforeReturn.ql index 527529cc30..13f7e40303 100644 --- a/c/cert/src/rules/ERR30-C/ErrnoReadBeforeReturn.ql +++ b/c/cert/src/rules/ERR30-C/ErrnoReadBeforeReturn.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/err30-c * correctness + * external/cert/severity/medium + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p8 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/ERR30-C/FunctionCallBeforeErrnoCheck.ql b/c/cert/src/rules/ERR30-C/FunctionCallBeforeErrnoCheck.ql index 17714c646f..8bf583faff 100644 --- a/c/cert/src/rules/ERR30-C/FunctionCallBeforeErrnoCheck.ql +++ b/c/cert/src/rules/ERR30-C/FunctionCallBeforeErrnoCheck.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/err30-c * correctness + * external/cert/severity/medium + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p8 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/ERR30-C/SetlocaleMightSetErrno.ql b/c/cert/src/rules/ERR30-C/SetlocaleMightSetErrno.ql index 9c94284841..a7ccf8c041 100644 --- a/c/cert/src/rules/ERR30-C/SetlocaleMightSetErrno.ql +++ b/c/cert/src/rules/ERR30-C/SetlocaleMightSetErrno.ql @@ -7,6 +7,11 @@ * @problem.severity error * @tags external/cert/id/err30-c * correctness + * external/cert/severity/medium + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p8 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql b/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql index 0e3bf26124..c7dfd58c6b 100644 --- a/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql +++ b/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql @@ -7,6 +7,11 @@ * @problem.severity error * @tags external/cert/id/err32-c * correctness + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/low + * external/cert/priority/p3 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.ql b/c/cert/src/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.ql index 6641fe8a52..01e7b83d13 100644 --- a/c/cert/src/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.ql +++ b/c/cert/src/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/err33-c * correctness + * external/cert/severity/high + * external/cert/likelihood/likely + * external/cert/remediation-cost/medium + * external/cert/priority/p18 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql b/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql index a761ec7f48..48b9487728 100644 --- a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql +++ b/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql @@ -8,6 +8,11 @@ * @problem.severity warning * @tags external/cert/id/exp30-c * correctness + * external/cert/severity/medium + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p8 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects.ql b/c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects.ql index c478a3d51e..51b505ec63 100644 --- a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects.ql +++ b/c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects.ql @@ -8,6 +8,11 @@ * @problem.severity warning * @tags external/cert/id/exp30-c * correctness + * external/cert/severity/medium + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p8 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.ql b/c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.ql index 47b94c5288..891b93bcda 100644 --- a/c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.ql +++ b/c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/exp32-c * correctness + * external/cert/severity/low + * external/cert/likelihood/likely + * external/cert/remediation-cost/medium + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/EXP33-C/DoNotReadUninitializedMemory.ql b/c/cert/src/rules/EXP33-C/DoNotReadUninitializedMemory.ql index ef59be1c10..94deea912e 100644 --- a/c/cert/src/rules/EXP33-C/DoNotReadUninitializedMemory.ql +++ b/c/cert/src/rules/EXP33-C/DoNotReadUninitializedMemory.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/exp33-c * correctness * security + * external/cert/severity/high + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p12 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/EXP34-C/DoNotDereferenceNullPointers.ql b/c/cert/src/rules/EXP34-C/DoNotDereferenceNullPointers.ql index 042e55dbfd..51b93c8000 100644 --- a/c/cert/src/rules/EXP34-C/DoNotDereferenceNullPointers.ql +++ b/c/cert/src/rules/EXP34-C/DoNotDereferenceNullPointers.ql @@ -7,6 +7,11 @@ * @problem.severity error * @tags external/cert/id/exp34-c * correctness + * external/cert/severity/high + * external/cert/likelihood/likely + * external/cert/remediation-cost/medium + * external/cert/priority/p18 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.ql b/c/cert/src/rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.ql index 3689aa4397..3f7d9ae142 100644 --- a/c/cert/src/rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.ql +++ b/c/cert/src/rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/exp35-c * correctness + * external/cert/severity/low + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql b/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql index f3b3aa364d..0d294e48b1 100644 --- a/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql +++ b/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/exp36-c * correctness + * external/cert/severity/low + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/EXP37-C/CallPOSIXOpenWithCorrectArgumentCount.ql b/c/cert/src/rules/EXP37-C/CallPOSIXOpenWithCorrectArgumentCount.ql index ad8520e321..a6e633d7f6 100644 --- a/c/cert/src/rules/EXP37-C/CallPOSIXOpenWithCorrectArgumentCount.ql +++ b/c/cert/src/rules/EXP37-C/CallPOSIXOpenWithCorrectArgumentCount.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/exp37-c * correctness * security + * external/cert/severity/medium + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql b/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql index 9bbe27aa31..6d223dab72 100644 --- a/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql +++ b/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/exp37-c * correctness + * external/cert/severity/medium + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/EXP37-C/DoNotCallFunctionsWithIncompatibleArguments.ql b/c/cert/src/rules/EXP37-C/DoNotCallFunctionsWithIncompatibleArguments.ql index e76c62ee2d..4c5ba57504 100644 --- a/c/cert/src/rules/EXP37-C/DoNotCallFunctionsWithIncompatibleArguments.ql +++ b/c/cert/src/rules/EXP37-C/DoNotCallFunctionsWithIncompatibleArguments.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/exp37-c * correctness + * external/cert/severity/medium + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql b/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql index fde564665c..c5772340ef 100644 --- a/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql +++ b/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql @@ -8,6 +8,12 @@ * @problem.severity error * @tags external/cert/id/exp39-c * correctness + * external/cert/recommendation/exp39-c + * external/cert/severity/medium + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/high + * external/cert/priority/p2 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql b/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql index 20c9f1bcc8..9d8e4b16d4 100644 --- a/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql +++ b/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql @@ -7,6 +7,11 @@ * @problem.severity error * @tags external/cert/id/exp40-c * correctness + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p2 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/EXP42-C/DoNotComparePaddingData.ql b/c/cert/src/rules/EXP42-C/DoNotComparePaddingData.ql index 9592ebfd30..4fb80352a3 100644 --- a/c/cert/src/rules/EXP42-C/DoNotComparePaddingData.ql +++ b/c/cert/src/rules/EXP42-C/DoNotComparePaddingData.ql @@ -7,6 +7,11 @@ * @problem.severity error * @tags external/cert/id/exp42-c * correctness + * external/cert/severity/medium + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p8 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql b/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql index 08121f8c2b..4aced57136 100644 --- a/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql +++ b/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql @@ -7,6 +7,11 @@ * @problem.severity error * @tags external/cert/id/exp43-c * correctness + * external/cert/severity/medium + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql b/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql index 1d740ec4f3..31618785d2 100644 --- a/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql +++ b/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql @@ -7,6 +7,11 @@ * @problem.severity error * @tags external/cert/id/exp43-c * correctness + * external/cert/severity/medium + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/EXP44-C/UnevaluatedOperandWithSideEffect.ql b/c/cert/src/rules/EXP44-C/UnevaluatedOperandWithSideEffect.ql index 32d30a09ad..02d71b3497 100644 --- a/c/cert/src/rules/EXP44-C/UnevaluatedOperandWithSideEffect.ql +++ b/c/cert/src/rules/EXP44-C/UnevaluatedOperandWithSideEffect.ql @@ -9,6 +9,11 @@ * @problem.severity error * @tags external/cert/id/exp44-c * correctness + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/low + * external/cert/priority/p3 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/EXP45-C/AssignmentsInSelectionStatements.ql b/c/cert/src/rules/EXP45-C/AssignmentsInSelectionStatements.ql index f6e29eb28c..5478bb03f7 100644 --- a/c/cert/src/rules/EXP45-C/AssignmentsInSelectionStatements.ql +++ b/c/cert/src/rules/EXP45-C/AssignmentsInSelectionStatements.ql @@ -8,6 +8,12 @@ * @problem.severity error * @tags external/cert/id/exp45-c * correctness + * external/cert/recommendation/exp45-c + * external/cert/severity/low + * external/cert/likelihood/likely + * external/cert/remediation-cost/medium + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/EXP46-C/DoNotUseABitwiseOperatorWithABooleanLikeOperand.ql b/c/cert/src/rules/EXP46-C/DoNotUseABitwiseOperatorWithABooleanLikeOperand.ql index 040a8bb6ee..549e57236a 100644 --- a/c/cert/src/rules/EXP46-C/DoNotUseABitwiseOperatorWithABooleanLikeOperand.ql +++ b/c/cert/src/rules/EXP46-C/DoNotUseABitwiseOperatorWithABooleanLikeOperand.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/exp46-c * maintainability * readability + * external/cert/severity/low + * external/cert/likelihood/likely + * external/cert/remediation-cost/low + * external/cert/priority/p9 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/FIO30-C/ExcludeUserInputFromFormatStrings.ql b/c/cert/src/rules/FIO30-C/ExcludeUserInputFromFormatStrings.ql index b9df838b06..81ecf56ccf 100644 --- a/c/cert/src/rules/FIO30-C/ExcludeUserInputFromFormatStrings.ql +++ b/c/cert/src/rules/FIO30-C/ExcludeUserInputFromFormatStrings.ql @@ -8,6 +8,11 @@ * @tags external/cert/id/fio30-c * correctness * security + * external/cert/severity/high + * external/cert/likelihood/likely + * external/cert/remediation-cost/medium + * external/cert/priority/p18 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.ql b/c/cert/src/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.ql index 5784e820d9..78817d31e9 100644 --- a/c/cert/src/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.ql +++ b/c/cert/src/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.ql @@ -8,6 +8,11 @@ * @tags external/cert/id/fio32-c * correctness * security + * external/cert/severity/medium + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/FIO34-C/DistinguishBetweenCharReadFromAFileAndEofOrWeof.ql b/c/cert/src/rules/FIO34-C/DistinguishBetweenCharReadFromAFileAndEofOrWeof.ql index a55c2dbf29..01c13e642b 100644 --- a/c/cert/src/rules/FIO34-C/DistinguishBetweenCharReadFromAFileAndEofOrWeof.ql +++ b/c/cert/src/rules/FIO34-C/DistinguishBetweenCharReadFromAFileAndEofOrWeof.ql @@ -8,6 +8,11 @@ * @tags external/cert/id/fio34-c * correctness * security + * external/cert/severity/high + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p12 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/FIO34-C/EndOfFileCheckPortability.ql b/c/cert/src/rules/FIO34-C/EndOfFileCheckPortability.ql index 274514e598..3336a059cd 100644 --- a/c/cert/src/rules/FIO34-C/EndOfFileCheckPortability.ql +++ b/c/cert/src/rules/FIO34-C/EndOfFileCheckPortability.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/fio34-c * correctness * security + * external/cert/severity/high + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p12 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/FIO37-C/SuccessfulFgetsOrFgetwsMayReturnAnEmptyString.ql b/c/cert/src/rules/FIO37-C/SuccessfulFgetsOrFgetwsMayReturnAnEmptyString.ql index 5945da57f4..ad3a2c8192 100644 --- a/c/cert/src/rules/FIO37-C/SuccessfulFgetsOrFgetwsMayReturnAnEmptyString.ql +++ b/c/cert/src/rules/FIO37-C/SuccessfulFgetsOrFgetwsMayReturnAnEmptyString.ql @@ -7,6 +7,11 @@ * @problem.severity error * @tags external/cert/id/fio37-c * correctness + * external/cert/severity/high + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p12 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/FIO38-C/DoNotCopyAFileObject.ql b/c/cert/src/rules/FIO38-C/DoNotCopyAFileObject.ql index e8e897009e..5b5a043395 100644 --- a/c/cert/src/rules/FIO38-C/DoNotCopyAFileObject.ql +++ b/c/cert/src/rules/FIO38-C/DoNotCopyAFileObject.ql @@ -8,6 +8,11 @@ * @tags external/cert/id/fio38-c * correctness * security + * external/cert/severity/low + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/FIO39-C/DoNotAlternatelyIOFromAStreamWithoutPositioning.ql b/c/cert/src/rules/FIO39-C/DoNotAlternatelyIOFromAStreamWithoutPositioning.ql index 668a7d982e..09289d1f79 100644 --- a/c/cert/src/rules/FIO39-C/DoNotAlternatelyIOFromAStreamWithoutPositioning.ql +++ b/c/cert/src/rules/FIO39-C/DoNotAlternatelyIOFromAStreamWithoutPositioning.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/fio39-c * correctness + * external/cert/severity/low + * external/cert/likelihood/likely + * external/cert/remediation-cost/medium + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.ql b/c/cert/src/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.ql index 69fb92a15c..b54436c835 100644 --- a/c/cert/src/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.ql +++ b/c/cert/src/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/fio40-c * correctness * security + * external/cert/severity/low + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/FIO41-C/DoNotCallGetcAndPutcWithSideEffects.ql b/c/cert/src/rules/FIO41-C/DoNotCallGetcAndPutcWithSideEffects.ql index 7fc1c11d26..5c7d759606 100644 --- a/c/cert/src/rules/FIO41-C/DoNotCallGetcAndPutcWithSideEffects.ql +++ b/c/cert/src/rules/FIO41-C/DoNotCallGetcAndPutcWithSideEffects.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/fio41-c * correctness + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p2 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.ql b/c/cert/src/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.ql index 3650fad82f..26f8aa239d 100644 --- a/c/cert/src/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.ql +++ b/c/cert/src/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/fio42-c * correctness * security + * external/cert/severity/medium + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql b/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql index 7ed5887e42..bc0a417bd0 100644 --- a/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql +++ b/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql @@ -7,6 +7,11 @@ * @problem.severity error * @tags external/cert/id/fio44-c * correctness + * external/cert/severity/medium + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.ql b/c/cert/src/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.ql index b02ce2f58d..85369b502e 100644 --- a/c/cert/src/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.ql +++ b/c/cert/src/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.ql @@ -8,6 +8,11 @@ * @tags external/cert/id/fio45-c * correctness * security + * external/cert/severity/high + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/FIO46-C/UndefinedBehaviorAccessingAClosedFile.ql b/c/cert/src/rules/FIO46-C/UndefinedBehaviorAccessingAClosedFile.ql index 6bc284c2c7..dc52dca487 100644 --- a/c/cert/src/rules/FIO46-C/UndefinedBehaviorAccessingAClosedFile.ql +++ b/c/cert/src/rules/FIO46-C/UndefinedBehaviorAccessingAClosedFile.ql @@ -7,6 +7,11 @@ * @problem.severity error * @tags external/cert/id/fio46-c * correctness + * external/cert/severity/medium + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/FIO47-C/UseValidSpecifiers.ql b/c/cert/src/rules/FIO47-C/UseValidSpecifiers.ql index 2062cba2c4..8ed99d4541 100644 --- a/c/cert/src/rules/FIO47-C/UseValidSpecifiers.ql +++ b/c/cert/src/rules/FIO47-C/UseValidSpecifiers.ql @@ -8,6 +8,11 @@ * @tags external/cert/id/fio47-c * correctness * security + * external/cert/severity/high + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/FIO47-C/WrongNumberOfFormatArguments.ql b/c/cert/src/rules/FIO47-C/WrongNumberOfFormatArguments.ql index a8b9e9fbac..7266f1fc7c 100644 --- a/c/cert/src/rules/FIO47-C/WrongNumberOfFormatArguments.ql +++ b/c/cert/src/rules/FIO47-C/WrongNumberOfFormatArguments.ql @@ -8,6 +8,11 @@ * @tags external/cert/id/fio47-c * correctness * security + * external/cert/severity/high + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/FIO47-C/WrongTypeFormatArguments.ql b/c/cert/src/rules/FIO47-C/WrongTypeFormatArguments.ql index 66cbe409f6..00853abfbc 100644 --- a/c/cert/src/rules/FIO47-C/WrongTypeFormatArguments.ql +++ b/c/cert/src/rules/FIO47-C/WrongTypeFormatArguments.ql @@ -8,6 +8,11 @@ * @tags external/cert/id/fio47-c * correctness * security + * external/cert/severity/high + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/FLP30-C/FloatingPointLoopCounters.ql b/c/cert/src/rules/FLP30-C/FloatingPointLoopCounters.ql index a26736707c..a042d80ba5 100644 --- a/c/cert/src/rules/FLP30-C/FloatingPointLoopCounters.ql +++ b/c/cert/src/rules/FLP30-C/FloatingPointLoopCounters.ql @@ -9,6 +9,11 @@ * maintainability * readability * correctness + * external/cert/severity/low + * external/cert/likelihood/probable + * external/cert/remediation-cost/low + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/FLP32-C/UncheckedRangeDomainPoleErrors.ql b/c/cert/src/rules/FLP32-C/UncheckedRangeDomainPoleErrors.ql index fc054d7289..1e87aa3fae 100644 --- a/c/cert/src/rules/FLP32-C/UncheckedRangeDomainPoleErrors.ql +++ b/c/cert/src/rules/FLP32-C/UncheckedRangeDomainPoleErrors.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/flp32-c * correctness + * external/cert/severity/medium + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p8 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/FLP34-C/UncheckedFloatingPointConversion.ql b/c/cert/src/rules/FLP34-C/UncheckedFloatingPointConversion.ql index 4637985076..eebc16afe3 100644 --- a/c/cert/src/rules/FLP34-C/UncheckedFloatingPointConversion.ql +++ b/c/cert/src/rules/FLP34-C/UncheckedFloatingPointConversion.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/flp34-c * correctness + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/low + * external/cert/priority/p3 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/FLP36-C/IntToFloatPreservePrecision.ql b/c/cert/src/rules/FLP36-C/IntToFloatPreservePrecision.ql index e3b98c61c5..81e5670b11 100644 --- a/c/cert/src/rules/FLP36-C/IntToFloatPreservePrecision.ql +++ b/c/cert/src/rules/FLP36-C/IntToFloatPreservePrecision.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/flp36-c * correctness + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p2 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/FLP37-C/MemcmpUsedToCompareFloats.ql b/c/cert/src/rules/FLP37-C/MemcmpUsedToCompareFloats.ql index 0e3031262e..8735a804fa 100644 --- a/c/cert/src/rules/FLP37-C/MemcmpUsedToCompareFloats.ql +++ b/c/cert/src/rules/FLP37-C/MemcmpUsedToCompareFloats.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/flp37-c * correctness + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p2 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql b/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql index 1c7ae3e31b..c893584a1e 100644 --- a/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql +++ b/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql @@ -10,6 +10,11 @@ * @tags external/cert/id/int30-c * correctness * security + * external/cert/severity/high + * external/cert/likelihood/likely + * external/cert/remediation-cost/high + * external/cert/priority/p9 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.ql b/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.ql index 51ae704461..203e60a9e3 100644 --- a/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.ql +++ b/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/int31-c * correctness + * external/cert/severity/high + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/INT32-C/SignedIntegerOverflow.ql b/c/cert/src/rules/INT32-C/SignedIntegerOverflow.ql index 4c781c4e50..2edee2e5c6 100644 --- a/c/cert/src/rules/INT32-C/SignedIntegerOverflow.ql +++ b/c/cert/src/rules/INT32-C/SignedIntegerOverflow.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/int32-c * correctness * security + * external/cert/severity/high + * external/cert/likelihood/likely + * external/cert/remediation-cost/high + * external/cert/priority/p9 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/INT33-C/DivOrRemByZero.ql b/c/cert/src/rules/INT33-C/DivOrRemByZero.ql index a5e34f13c4..6090e8842a 100644 --- a/c/cert/src/rules/INT33-C/DivOrRemByZero.ql +++ b/c/cert/src/rules/INT33-C/DivOrRemByZero.ql @@ -7,6 +7,11 @@ * @problem.severity error * @tags external/cert/id/int33-c * correctness + * external/cert/severity/low + * external/cert/likelihood/likely + * external/cert/remediation-cost/medium + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql b/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql index d6445d4937..4260a5e677 100644 --- a/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql +++ b/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql @@ -7,6 +7,11 @@ * @precision very-high * @problem.severity error * @tags external/cert/id/int34-c + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p2 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.ql b/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.ql index cf510bf999..1bc372506d 100644 --- a/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.ql +++ b/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/int35-c * correctness + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p2 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql b/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql index 3052f0aadd..1cbdcc4e12 100644 --- a/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql +++ b/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql @@ -7,6 +7,11 @@ * @precision very-high * @problem.severity error * @tags external/cert/id/int36-c + * external/cert/severity/low + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p2 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/MEM30-C/DoNotAccessFreedMemory.ql b/c/cert/src/rules/MEM30-C/DoNotAccessFreedMemory.ql index 800ec103ff..59ab0df670 100644 --- a/c/cert/src/rules/MEM30-C/DoNotAccessFreedMemory.ql +++ b/c/cert/src/rules/MEM30-C/DoNotAccessFreedMemory.ql @@ -8,6 +8,11 @@ * @tags external/cert/id/mem30-c * correctness * security + * external/cert/severity/high + * external/cert/likelihood/likely + * external/cert/remediation-cost/medium + * external/cert/priority/p18 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/MEM31-C/FreeMemoryWhenNoLongerNeededCert.ql b/c/cert/src/rules/MEM31-C/FreeMemoryWhenNoLongerNeededCert.ql index d4c81748a2..18e9478aee 100644 --- a/c/cert/src/rules/MEM31-C/FreeMemoryWhenNoLongerNeededCert.ql +++ b/c/cert/src/rules/MEM31-C/FreeMemoryWhenNoLongerNeededCert.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/mem31-c * correctness * security + * external/cert/severity/medium + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p8 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/MEM33-C/AllocStructsWithAFlexibleArrayMemberDynamically.ql b/c/cert/src/rules/MEM33-C/AllocStructsWithAFlexibleArrayMemberDynamically.ql index f4483bd9fe..2ed5035ff0 100644 --- a/c/cert/src/rules/MEM33-C/AllocStructsWithAFlexibleArrayMemberDynamically.ql +++ b/c/cert/src/rules/MEM33-C/AllocStructsWithAFlexibleArrayMemberDynamically.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/mem33-c * correctness + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/low + * external/cert/priority/p3 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/MEM33-C/CopyStructsWithAFlexibleArrayMemberDynamically.ql b/c/cert/src/rules/MEM33-C/CopyStructsWithAFlexibleArrayMemberDynamically.ql index b4993e2cae..b4d2a9127b 100644 --- a/c/cert/src/rules/MEM33-C/CopyStructsWithAFlexibleArrayMemberDynamically.ql +++ b/c/cert/src/rules/MEM33-C/CopyStructsWithAFlexibleArrayMemberDynamically.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/mem33-c * correctness + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/low + * external/cert/priority/p3 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/MEM34-C/OnlyFreeMemoryAllocatedDynamicallyCert.ql b/c/cert/src/rules/MEM34-C/OnlyFreeMemoryAllocatedDynamicallyCert.ql index 95da1cc86a..78081944be 100644 --- a/c/cert/src/rules/MEM34-C/OnlyFreeMemoryAllocatedDynamicallyCert.ql +++ b/c/cert/src/rules/MEM34-C/OnlyFreeMemoryAllocatedDynamicallyCert.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/mem34-c * correctness * security + * external/cert/severity/high + * external/cert/likelihood/likely + * external/cert/remediation-cost/medium + * external/cert/priority/p18 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/MEM35-C/InsufficientMemoryAllocatedForObject.ql b/c/cert/src/rules/MEM35-C/InsufficientMemoryAllocatedForObject.ql index 5ff1725269..06fd267560 100644 --- a/c/cert/src/rules/MEM35-C/InsufficientMemoryAllocatedForObject.ql +++ b/c/cert/src/rules/MEM35-C/InsufficientMemoryAllocatedForObject.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/mem35-c * correctness * security + * external/cert/severity/high + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql b/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql index df0eb3b1e3..5515bfc80d 100644 --- a/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql +++ b/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql @@ -9,6 +9,12 @@ * @tags external/cert/id/mem36-c * correctness * security + * external/cert/recommendation/mem36-c + * external/cert/severity/low + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p2 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/MSC30-C/RandUsedForGeneratingPseudorandomNumbers.ql b/c/cert/src/rules/MSC30-C/RandUsedForGeneratingPseudorandomNumbers.ql index ed553b9814..722e6fff80 100644 --- a/c/cert/src/rules/MSC30-C/RandUsedForGeneratingPseudorandomNumbers.ql +++ b/c/cert/src/rules/MSC30-C/RandUsedForGeneratingPseudorandomNumbers.ql @@ -7,6 +7,11 @@ * @problem.severity error * @tags external/cert/id/msc30-c * security + * external/cert/severity/medium + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/low + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators.ql b/c/cert/src/rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators.ql index 2c3db87ee8..85623d9390 100644 --- a/c/cert/src/rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators.ql +++ b/c/cert/src/rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators.ql @@ -7,6 +7,11 @@ * @problem.severity error * @tags external/cert/id/msc32-c * security + * external/cert/severity/medium + * external/cert/likelihood/likely + * external/cert/remediation-cost/low + * external/cert/priority/p18 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.ql b/c/cert/src/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.ql index fa4a29cb3d..67fa83e852 100644 --- a/c/cert/src/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.ql +++ b/c/cert/src/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/msc33-c * security * correctness + * external/cert/severity/high + * external/cert/likelihood/likely + * external/cert/remediation-cost/low + * external/cert/priority/p27 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/MSC37-C/ControlFlowReachesTheEndOfANonVoidFunction.ql b/c/cert/src/rules/MSC37-C/ControlFlowReachesTheEndOfANonVoidFunction.ql index c56f3e48c1..265fc0af55 100644 --- a/c/cert/src/rules/MSC37-C/ControlFlowReachesTheEndOfANonVoidFunction.ql +++ b/c/cert/src/rules/MSC37-C/ControlFlowReachesTheEndOfANonVoidFunction.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/msc37-c * correctness + * external/cert/severity/high + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/low + * external/cert/priority/p9 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/MSC38-C/DoNotTreatAPredefinedIdentifierAsObject.ql b/c/cert/src/rules/MSC38-C/DoNotTreatAPredefinedIdentifierAsObject.ql index 76e9c4539f..828f86dd95 100644 --- a/c/cert/src/rules/MSC38-C/DoNotTreatAPredefinedIdentifierAsObject.ql +++ b/c/cert/src/rules/MSC38-C/DoNotTreatAPredefinedIdentifierAsObject.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/msc38-c * correctness * readability + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p2 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql b/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql index 1c706a8e3f..56613c1943 100644 --- a/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql +++ b/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql @@ -7,6 +7,11 @@ * @problem.severity error * @tags external/cert/id/msc39-c * correctness + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/low + * external/cert/priority/p3 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/MSC40-C/DoNotViolateInLineLinkageConstraints.ql b/c/cert/src/rules/MSC40-C/DoNotViolateInLineLinkageConstraints.ql index 63dec179c6..746cea2e9f 100644 --- a/c/cert/src/rules/MSC40-C/DoNotViolateInLineLinkageConstraints.ql +++ b/c/cert/src/rules/MSC40-C/DoNotViolateInLineLinkageConstraints.ql @@ -9,6 +9,11 @@ * @problem.severity error * @tags external/cert/id/msc40-c * correctness + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p2 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.ql b/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.ql index 7974c4d601..322048f6de 100644 --- a/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.ql +++ b/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/pre31-c * correctness + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/low + * external/cert/priority/p3 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/PRE32-C/MacroOrFunctionArgsContainHashToken.ql b/c/cert/src/rules/PRE32-C/MacroOrFunctionArgsContainHashToken.ql index 9680bea813..0a777dc25d 100644 --- a/c/cert/src/rules/PRE32-C/MacroOrFunctionArgsContainHashToken.ql +++ b/c/cert/src/rules/PRE32-C/MacroOrFunctionArgsContainHashToken.ql @@ -10,6 +10,11 @@ * @tags external/cert/id/pre32-c * correctness * readability + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p2 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql b/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql index 0da48daa70..4cc0f9e32c 100644 --- a/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql +++ b/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql @@ -8,6 +8,11 @@ * @tags external/cert/id/sig30-c * correctness * security + * external/cert/severity/high + * external/cert/likelihood/likely + * external/cert/remediation-cost/medium + * external/cert/priority/p18 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.ql b/c/cert/src/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.ql index 2a7a6a77f2..eaa0a446b5 100644 --- a/c/cert/src/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.ql +++ b/c/cert/src/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.ql @@ -8,6 +8,11 @@ * @tags external/cert/id/sig31-c * correctness * security + * external/cert/severity/high + * external/cert/likelihood/likely + * external/cert/remediation-cost/high + * external/cert/priority/p9 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.ql b/c/cert/src/rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.ql index d1eb773acb..0586c40c36 100644 --- a/c/cert/src/rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.ql +++ b/c/cert/src/rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.ql @@ -8,6 +8,11 @@ * @tags external/cert/id/sig34-c * correctness * security + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/low + * external/cert/priority/p3 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.ql b/c/cert/src/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.ql index fa3cc3bf14..bd65019f98 100644 --- a/c/cert/src/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.ql +++ b/c/cert/src/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.ql @@ -8,6 +8,11 @@ * @tags external/cert/id/sig35-c * correctness * security + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/high + * external/cert/priority/p1 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql b/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql index 244fe6d8e5..397e1bfc9e 100644 --- a/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql +++ b/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql @@ -8,6 +8,11 @@ * @tags external/cert/id/str30-c * correctness * security + * external/cert/severity/low + * external/cert/likelihood/likely + * external/cert/remediation-cost/low + * external/cert/priority/p9 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql b/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql index 3742207720..437b13f7f9 100644 --- a/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql +++ b/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql @@ -10,6 +10,11 @@ * @tags external/cert/id/str31-c * correctness * security + * external/cert/severity/high + * external/cert/likelihood/likely + * external/cert/remediation-cost/medium + * external/cert/priority/p18 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql b/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql index 8b9b23cd4c..723c8ee0ea 100644 --- a/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql +++ b/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/str32-c * correctness * security + * external/cert/severity/high + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p12 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.ql b/c/cert/src/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.ql index 394df49d99..d814951b37 100644 --- a/c/cert/src/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.ql +++ b/c/cert/src/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/str34-c * correctness * security + * external/cert/severity/medium + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p8 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/STR37-C/ToCharacterHandlingFunctionsRepresentableAsUChar.ql b/c/cert/src/rules/STR37-C/ToCharacterHandlingFunctionsRepresentableAsUChar.ql index 8dda9012d2..a29dbd34b9 100644 --- a/c/cert/src/rules/STR37-C/ToCharacterHandlingFunctionsRepresentableAsUChar.ql +++ b/c/cert/src/rules/STR37-C/ToCharacterHandlingFunctionsRepresentableAsUChar.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/str37-c * correctness * security + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/low + * external/cert/priority/p3 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/c/cert/src/rules/STR38-C/DoNotConfuseNarrowAndWideFunctions.ql b/c/cert/src/rules/STR38-C/DoNotConfuseNarrowAndWideFunctions.ql index a45f7ec7e1..58b2b1c7dd 100644 --- a/c/cert/src/rules/STR38-C/DoNotConfuseNarrowAndWideFunctions.ql +++ b/c/cert/src/rules/STR38-C/DoNotConfuseNarrowAndWideFunctions.ql @@ -8,6 +8,11 @@ * @tags external/cert/id/str38-c * correctness * security + * external/cert/severity/high + * external/cert/likelihood/likely + * external/cert/remediation-cost/low + * external/cert/priority/p27 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/CON50-CPP/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql b/cpp/cert/src/rules/CON50-CPP/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql index 88232118bb..53f362e275 100644 --- a/cpp/cert/src/rules/CON50-CPP/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql +++ b/cpp/cert/src/rules/CON50-CPP/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/con50-cpp * correctness * concurrency + * external/cert/severity/medium + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/CON50-CPP/DoNotDestroyAMutexWhileItIsLocked.ql b/cpp/cert/src/rules/CON50-CPP/DoNotDestroyAMutexWhileItIsLocked.ql index 2f2f5a6cdb..c15dfca5fc 100644 --- a/cpp/cert/src/rules/CON50-CPP/DoNotDestroyAMutexWhileItIsLocked.ql +++ b/cpp/cert/src/rules/CON50-CPP/DoNotDestroyAMutexWhileItIsLocked.ql @@ -8,6 +8,11 @@ * @tags external/cert/id/con50-cpp * correctness * concurrency + * external/cert/severity/medium + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/CON51-CPP/EnsureActivelyHeldLocksAreReleasedOnExceptionalConditions.ql b/cpp/cert/src/rules/CON51-CPP/EnsureActivelyHeldLocksAreReleasedOnExceptionalConditions.ql index df17ec9a27..ac09d41c42 100644 --- a/cpp/cert/src/rules/CON51-CPP/EnsureActivelyHeldLocksAreReleasedOnExceptionalConditions.ql +++ b/cpp/cert/src/rules/CON51-CPP/EnsureActivelyHeldLocksAreReleasedOnExceptionalConditions.ql @@ -10,6 +10,11 @@ * @tags external/cert/id/con51-cpp * correctness * concurrency + * external/cert/severity/low + * external/cert/likelihood/probable + * external/cert/remediation-cost/low + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/CON52-CPP/PreventBitFieldAccessFromMultipleThreads.ql b/cpp/cert/src/rules/CON52-CPP/PreventBitFieldAccessFromMultipleThreads.ql index 49d5309113..9ca1a89525 100644 --- a/cpp/cert/src/rules/CON52-CPP/PreventBitFieldAccessFromMultipleThreads.ql +++ b/cpp/cert/src/rules/CON52-CPP/PreventBitFieldAccessFromMultipleThreads.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/con52-cpp * correctness * concurrency + * external/cert/severity/medium + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p8 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/CON53-CPP/DeadlockByLockingInPredefinedOrder.ql b/cpp/cert/src/rules/CON53-CPP/DeadlockByLockingInPredefinedOrder.ql index bbd075b930..d83b3d520b 100644 --- a/cpp/cert/src/rules/CON53-CPP/DeadlockByLockingInPredefinedOrder.ql +++ b/cpp/cert/src/rules/CON53-CPP/DeadlockByLockingInPredefinedOrder.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/con53-cpp * correctness * concurrency + * external/cert/severity/low + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/CON54-CPP/WrapFunctionsThatCanSpuriouslyWakeUpInLoop.ql b/cpp/cert/src/rules/CON54-CPP/WrapFunctionsThatCanSpuriouslyWakeUpInLoop.ql index 5584b7bec2..84255dbfc7 100644 --- a/cpp/cert/src/rules/CON54-CPP/WrapFunctionsThatCanSpuriouslyWakeUpInLoop.ql +++ b/cpp/cert/src/rules/CON54-CPP/WrapFunctionsThatCanSpuriouslyWakeUpInLoop.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/con54-cpp * correctness * concurrency + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p2 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/CON55-CPP/PreserveSafetyWhenUsingConditionVariables.ql b/cpp/cert/src/rules/CON55-CPP/PreserveSafetyWhenUsingConditionVariables.ql index 05d73a4d9f..d4f43c7d09 100644 --- a/cpp/cert/src/rules/CON55-CPP/PreserveSafetyWhenUsingConditionVariables.ql +++ b/cpp/cert/src/rules/CON55-CPP/PreserveSafetyWhenUsingConditionVariables.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/con55-cpp * correctness * concurrency + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p2 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/CON56-CPP/DoNotSpeculativelyLockALockedNonRecursiveMutex.ql b/cpp/cert/src/rules/CON56-CPP/DoNotSpeculativelyLockALockedNonRecursiveMutex.ql index 94d23c8664..67edf2fc22 100644 --- a/cpp/cert/src/rules/CON56-CPP/DoNotSpeculativelyLockALockedNonRecursiveMutex.ql +++ b/cpp/cert/src/rules/CON56-CPP/DoNotSpeculativelyLockALockedNonRecursiveMutex.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/con56-cpp * correctness * concurrency + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/high + * external/cert/priority/p1 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/CON56-CPP/LockedALockedNonRecursiveMutexAudit.ql b/cpp/cert/src/rules/CON56-CPP/LockedALockedNonRecursiveMutexAudit.ql index 478a37af65..09ec2fa3d5 100644 --- a/cpp/cert/src/rules/CON56-CPP/LockedALockedNonRecursiveMutexAudit.ql +++ b/cpp/cert/src/rules/CON56-CPP/LockedALockedNonRecursiveMutexAudit.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/con56-cpp * correctness * concurrency + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/high + * external/cert/priority/p1 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/CTR50-CPP/ContainerAccessWithoutRangeCheckCert.ql b/cpp/cert/src/rules/CTR50-CPP/ContainerAccessWithoutRangeCheckCert.ql index a64e8fca2c..e5565ccbbb 100644 --- a/cpp/cert/src/rules/CTR50-CPP/ContainerAccessWithoutRangeCheckCert.ql +++ b/cpp/cert/src/rules/CTR50-CPP/ContainerAccessWithoutRangeCheckCert.ql @@ -10,6 +10,11 @@ * @tags external/cert/id/ctr50-cpp * correctness * security + * external/cert/severity/high + * external/cert/likelihood/likely + * external/cert/remediation-cost/high + * external/cert/priority/p9 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/CTR51-CPP/UsesValidContainerElementAccess.ql b/cpp/cert/src/rules/CTR51-CPP/UsesValidContainerElementAccess.ql index 2163412435..0652f065cb 100644 --- a/cpp/cert/src/rules/CTR51-CPP/UsesValidContainerElementAccess.ql +++ b/cpp/cert/src/rules/CTR51-CPP/UsesValidContainerElementAccess.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/ctr51-cpp * correctness + * external/cert/severity/high + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql b/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql index 9f49b43786..b022869136 100644 --- a/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql +++ b/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql @@ -8,6 +8,11 @@ * @tags external/cert/id/ctr52-cpp * correctness * security + * external/cert/severity/high + * external/cert/likelihood/likely + * external/cert/remediation-cost/medium + * external/cert/priority/p18 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.ql b/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.ql index d0afb7754c..3702cbcd6e 100644 --- a/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.ql +++ b/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/ctr53-cpp * correctness + * external/cert/severity/high + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/CTR54-CPP/DoNotSubtractIteratorsForDifferentContainers.ql b/cpp/cert/src/rules/CTR54-CPP/DoNotSubtractIteratorsForDifferentContainers.ql index f47f9db201..2401bcbf54 100644 --- a/cpp/cert/src/rules/CTR54-CPP/DoNotSubtractIteratorsForDifferentContainers.ql +++ b/cpp/cert/src/rules/CTR54-CPP/DoNotSubtractIteratorsForDifferentContainers.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/ctr54-cpp * correctness + * external/cert/severity/medium + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p8 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql b/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql index ce1fb52667..3f2de63246 100644 --- a/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql +++ b/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/ctr55-cpp * correctness + * external/cert/severity/high + * external/cert/likelihood/likely + * external/cert/remediation-cost/medium + * external/cert/priority/p18 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.ql b/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.ql index 0f5c50164c..b4ac267225 100644 --- a/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.ql +++ b/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.ql @@ -8,6 +8,11 @@ * @problem.severity warning * @tags external/cert/id/ctr56-cpp * correctness + * external/cert/severity/high + * external/cert/likelihood/likely + * external/cert/remediation-cost/high + * external/cert/priority/p9 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/CTR57-CPP/ProvideAValidOrderingPredicate.ql b/cpp/cert/src/rules/CTR57-CPP/ProvideAValidOrderingPredicate.ql index f28409bfc9..950ecd0c46 100644 --- a/cpp/cert/src/rules/CTR57-CPP/ProvideAValidOrderingPredicate.ql +++ b/cpp/cert/src/rules/CTR57-CPP/ProvideAValidOrderingPredicate.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/ctr57-cpp * correctness + * external/cert/severity/low + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p2 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/CTR58-CPP/PredicateFunctionObjectsShouldNotBeMutable.ql b/cpp/cert/src/rules/CTR58-CPP/PredicateFunctionObjectsShouldNotBeMutable.ql index be26725105..304b532b79 100644 --- a/cpp/cert/src/rules/CTR58-CPP/PredicateFunctionObjectsShouldNotBeMutable.ql +++ b/cpp/cert/src/rules/CTR58-CPP/PredicateFunctionObjectsShouldNotBeMutable.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/ctr58-cpp * correctness + * external/cert/severity/low + * external/cert/likelihood/likely + * external/cert/remediation-cost/high + * external/cert/priority/p3 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/DCL50-CPP/DoNotDefineACStyleVariadicFunction.ql b/cpp/cert/src/rules/DCL50-CPP/DoNotDefineACStyleVariadicFunction.ql index 368f154e22..b24988823c 100644 --- a/cpp/cert/src/rules/DCL50-CPP/DoNotDefineACStyleVariadicFunction.ql +++ b/cpp/cert/src/rules/DCL50-CPP/DoNotDefineACStyleVariadicFunction.ql @@ -9,6 +9,11 @@ * correctness * security * scope/single-translation-unit + * external/cert/severity/high + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p12 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/DCL51-CPP/EnumeratorReusesReservedName.ql b/cpp/cert/src/rules/DCL51-CPP/EnumeratorReusesReservedName.ql index 074ae6ebfc..3f8ea668dd 100644 --- a/cpp/cert/src/rules/DCL51-CPP/EnumeratorReusesReservedName.ql +++ b/cpp/cert/src/rules/DCL51-CPP/EnumeratorReusesReservedName.ql @@ -10,6 +10,11 @@ * maintainability * readability * correctness + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/low + * external/cert/priority/p3 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/DCL51-CPP/FunctionReusesReservedName.ql b/cpp/cert/src/rules/DCL51-CPP/FunctionReusesReservedName.ql index 8cae916a9a..74d683a0cb 100644 --- a/cpp/cert/src/rules/DCL51-CPP/FunctionReusesReservedName.ql +++ b/cpp/cert/src/rules/DCL51-CPP/FunctionReusesReservedName.ql @@ -10,6 +10,11 @@ * maintainability * readability * correctness + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/low + * external/cert/priority/p3 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/DCL51-CPP/ObjectReusesReservedName.ql b/cpp/cert/src/rules/DCL51-CPP/ObjectReusesReservedName.ql index 03e1ef7264..fabf036198 100644 --- a/cpp/cert/src/rules/DCL51-CPP/ObjectReusesReservedName.ql +++ b/cpp/cert/src/rules/DCL51-CPP/ObjectReusesReservedName.ql @@ -10,6 +10,11 @@ * maintainability * readability * correctness + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/low + * external/cert/priority/p3 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/DCL51-CPP/RedefiningOfStandardLibraryName.ql b/cpp/cert/src/rules/DCL51-CPP/RedefiningOfStandardLibraryName.ql index 974b231c26..3aaf5d37cb 100644 --- a/cpp/cert/src/rules/DCL51-CPP/RedefiningOfStandardLibraryName.ql +++ b/cpp/cert/src/rules/DCL51-CPP/RedefiningOfStandardLibraryName.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/dcl51-cpp * correctness + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/low + * external/cert/priority/p3 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/DCL51-CPP/ReuseOfReservedIdentifier.ql b/cpp/cert/src/rules/DCL51-CPP/ReuseOfReservedIdentifier.ql index b32bdf70ba..583a768d22 100644 --- a/cpp/cert/src/rules/DCL51-CPP/ReuseOfReservedIdentifier.ql +++ b/cpp/cert/src/rules/DCL51-CPP/ReuseOfReservedIdentifier.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/dcl51-cpp * correctness + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/low + * external/cert/priority/p3 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/DCL51-CPP/UseOfDoubleUnderscoreReservedPrefix.ql b/cpp/cert/src/rules/DCL51-CPP/UseOfDoubleUnderscoreReservedPrefix.ql index 472f0444ad..c85a7536e9 100644 --- a/cpp/cert/src/rules/DCL51-CPP/UseOfDoubleUnderscoreReservedPrefix.ql +++ b/cpp/cert/src/rules/DCL51-CPP/UseOfDoubleUnderscoreReservedPrefix.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/dcl51-cpp * maintainability * readability + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/low + * external/cert/priority/p3 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/DCL51-CPP/UseOfReservedLiteralSuffixIdentifier.ql b/cpp/cert/src/rules/DCL51-CPP/UseOfReservedLiteralSuffixIdentifier.ql index eb2163f667..81036f6f57 100644 --- a/cpp/cert/src/rules/DCL51-CPP/UseOfReservedLiteralSuffixIdentifier.ql +++ b/cpp/cert/src/rules/DCL51-CPP/UseOfReservedLiteralSuffixIdentifier.ql @@ -10,6 +10,11 @@ * maintainability * readability * correctness + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/low + * external/cert/priority/p3 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/DCL51-CPP/UseOfSingleUnderscoreReservedPrefix.ql b/cpp/cert/src/rules/DCL51-CPP/UseOfSingleUnderscoreReservedPrefix.ql index e2f7270f9c..ed57351d6a 100644 --- a/cpp/cert/src/rules/DCL51-CPP/UseOfSingleUnderscoreReservedPrefix.ql +++ b/cpp/cert/src/rules/DCL51-CPP/UseOfSingleUnderscoreReservedPrefix.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/dcl51-cpp * maintainability * readability + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/low + * external/cert/priority/p3 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/DCL53-CPP/LocalConstructorInitializedObjectHidesIdentifier.ql b/cpp/cert/src/rules/DCL53-CPP/LocalConstructorInitializedObjectHidesIdentifier.ql index f6fe18a3db..f576144c46 100644 --- a/cpp/cert/src/rules/DCL53-CPP/LocalConstructorInitializedObjectHidesIdentifier.ql +++ b/cpp/cert/src/rules/DCL53-CPP/LocalConstructorInitializedObjectHidesIdentifier.ql @@ -9,6 +9,11 @@ * @problem.severity warning * @tags external/cert/id/dcl53-cpp * correctness + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p2 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/DCL53-CPP/LocalFunctionDeclaration.ql b/cpp/cert/src/rules/DCL53-CPP/LocalFunctionDeclaration.ql index 368c0a05e4..45aa70dc31 100644 --- a/cpp/cert/src/rules/DCL53-CPP/LocalFunctionDeclaration.ql +++ b/cpp/cert/src/rules/DCL53-CPP/LocalFunctionDeclaration.ql @@ -8,6 +8,11 @@ * @problem.severity warning * @tags external/cert/id/dcl53-cpp * correctness + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p2 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/DCL54-CPP/SingularOverloadOfMemoryFunction.ql b/cpp/cert/src/rules/DCL54-CPP/SingularOverloadOfMemoryFunction.ql index 7f419397ee..8f168e90c8 100644 --- a/cpp/cert/src/rules/DCL54-CPP/SingularOverloadOfMemoryFunction.ql +++ b/cpp/cert/src/rules/DCL54-CPP/SingularOverloadOfMemoryFunction.ql @@ -9,6 +9,11 @@ * @problem.severity error * @tags external/cert/id/dcl54-cpp * correctness + * external/cert/severity/low + * external/cert/likelihood/probable + * external/cert/remediation-cost/low + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries.ql b/cpp/cert/src/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries.ql index cf301dfb5f..85b72afaeb 100644 --- a/cpp/cert/src/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries.ql +++ b/cpp/cert/src/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/dcl55-cpp * security + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/high + * external/cert/priority/p1 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/DCL56-CPP/CyclesDuringStaticObjectInit.ql b/cpp/cert/src/rules/DCL56-CPP/CyclesDuringStaticObjectInit.ql index 1ad411427f..4eb94f3d1d 100644 --- a/cpp/cert/src/rules/DCL56-CPP/CyclesDuringStaticObjectInit.ql +++ b/cpp/cert/src/rules/DCL56-CPP/CyclesDuringStaticObjectInit.ql @@ -8,6 +8,11 @@ * @tags external/cert/id/dcl56-cpp * correctness * maintainability + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p2 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/DCL57-CPP/DoNotLetExceptionsEscapeFromDestructorsOrDeallocationFunctions.ql b/cpp/cert/src/rules/DCL57-CPP/DoNotLetExceptionsEscapeFromDestructorsOrDeallocationFunctions.ql index 951169abe5..6f625fd308 100644 --- a/cpp/cert/src/rules/DCL57-CPP/DoNotLetExceptionsEscapeFromDestructorsOrDeallocationFunctions.ql +++ b/cpp/cert/src/rules/DCL57-CPP/DoNotLetExceptionsEscapeFromDestructorsOrDeallocationFunctions.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/dcl57-cpp * correctness + * external/cert/severity/low + * external/cert/likelihood/likely + * external/cert/remediation-cost/medium + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/DCL58-CPP/ModificationOfTheStandardNamespaces.ql b/cpp/cert/src/rules/DCL58-CPP/ModificationOfTheStandardNamespaces.ql index a0e94d083c..81242bc0f4 100644 --- a/cpp/cert/src/rules/DCL58-CPP/ModificationOfTheStandardNamespaces.ql +++ b/cpp/cert/src/rules/DCL58-CPP/ModificationOfTheStandardNamespaces.ql @@ -9,6 +9,11 @@ * @problem.severity error * @tags external/cert/id/dcl58-cpp * correctness + * external/cert/severity/high + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/DCL59-CPP/UnnamedNamespaceInHeaderFile.ql b/cpp/cert/src/rules/DCL59-CPP/UnnamedNamespaceInHeaderFile.ql index 57dae96f09..2b8b364c7d 100644 --- a/cpp/cert/src/rules/DCL59-CPP/UnnamedNamespaceInHeaderFile.ql +++ b/cpp/cert/src/rules/DCL59-CPP/UnnamedNamespaceInHeaderFile.ql @@ -10,6 +10,11 @@ * @problem.severity error * @tags external/cert/id/dcl59-cpp * correctness + * external/cert/severity/medium + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/DCL60-CPP/OneDefinitionRuleNotObeyed.ql b/cpp/cert/src/rules/DCL60-CPP/OneDefinitionRuleNotObeyed.ql index 7908609cc6..84e63a9569 100644 --- a/cpp/cert/src/rules/DCL60-CPP/OneDefinitionRuleNotObeyed.ql +++ b/cpp/cert/src/rules/DCL60-CPP/OneDefinitionRuleNotObeyed.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/dcl60-cpp * correctness + * external/cert/severity/high + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/high + * external/cert/priority/p3 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/ERR50-CPP/ConditionVariablePostConditionFailedCert.ql b/cpp/cert/src/rules/ERR50-CPP/ConditionVariablePostConditionFailedCert.ql index 6c22010ef7..40a884fc5a 100644 --- a/cpp/cert/src/rules/ERR50-CPP/ConditionVariablePostConditionFailedCert.ql +++ b/cpp/cert/src/rules/ERR50-CPP/ConditionVariablePostConditionFailedCert.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/err50-cpp * correctness * external/cert/audit + * external/cert/severity/low + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/ERR50-CPP/ExitHandlerThrowsExceptionCert.ql b/cpp/cert/src/rules/ERR50-CPP/ExitHandlerThrowsExceptionCert.ql index 9c312672e7..548b7b4b94 100644 --- a/cpp/cert/src/rules/ERR50-CPP/ExitHandlerThrowsExceptionCert.ql +++ b/cpp/cert/src/rules/ERR50-CPP/ExitHandlerThrowsExceptionCert.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/err50-cpp * correctness + * external/cert/severity/low + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/ERR50-CPP/ExplicitAbruptTerminationCert.ql b/cpp/cert/src/rules/ERR50-CPP/ExplicitAbruptTerminationCert.ql index ddee05aecf..4fe89c634d 100644 --- a/cpp/cert/src/rules/ERR50-CPP/ExplicitAbruptTerminationCert.ql +++ b/cpp/cert/src/rules/ERR50-CPP/ExplicitAbruptTerminationCert.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/err50-cpp * correctness + * external/cert/severity/low + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/ERR50-CPP/JoinableThreadCopiedOrDestroyedCert.ql b/cpp/cert/src/rules/ERR50-CPP/JoinableThreadCopiedOrDestroyedCert.ql index 015a5ffede..2036ff2f46 100644 --- a/cpp/cert/src/rules/ERR50-CPP/JoinableThreadCopiedOrDestroyedCert.ql +++ b/cpp/cert/src/rules/ERR50-CPP/JoinableThreadCopiedOrDestroyedCert.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/err50-cpp * correctness + * external/cert/severity/low + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/ERR50-CPP/RethrowNestedWithoutCaptureCert.ql b/cpp/cert/src/rules/ERR50-CPP/RethrowNestedWithoutCaptureCert.ql index 088cfe93b0..05d04de99e 100644 --- a/cpp/cert/src/rules/ERR50-CPP/RethrowNestedWithoutCaptureCert.ql +++ b/cpp/cert/src/rules/ERR50-CPP/RethrowNestedWithoutCaptureCert.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/err50-cpp * correctness + * external/cert/severity/low + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/ERR51-CPP/HandleAllExceptions.ql b/cpp/cert/src/rules/ERR51-CPP/HandleAllExceptions.ql index 2811815821..f8447d4af5 100644 --- a/cpp/cert/src/rules/ERR51-CPP/HandleAllExceptions.ql +++ b/cpp/cert/src/rules/ERR51-CPP/HandleAllExceptions.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/err51-cpp * correctness + * external/cert/severity/low + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/ERR52-CPP/DoNotUseSetjmpOrLongjmp.ql b/cpp/cert/src/rules/ERR52-CPP/DoNotUseSetjmpOrLongjmp.ql index 45e29d02ff..6c9cb2e436 100644 --- a/cpp/cert/src/rules/ERR52-CPP/DoNotUseSetjmpOrLongjmp.ql +++ b/cpp/cert/src/rules/ERR52-CPP/DoNotUseSetjmpOrLongjmp.ql @@ -8,6 +8,11 @@ * @tags external/cert/id/err52-cpp * correctness * scope/single-translation-unit + * external/cert/severity/low + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/ERR53-CPP/DestroyedValueReferencedInConstructorDestructorCatchBlock.ql b/cpp/cert/src/rules/ERR53-CPP/DestroyedValueReferencedInConstructorDestructorCatchBlock.ql index c45c3785e6..8587a73c33 100644 --- a/cpp/cert/src/rules/ERR53-CPP/DestroyedValueReferencedInConstructorDestructorCatchBlock.ql +++ b/cpp/cert/src/rules/ERR53-CPP/DestroyedValueReferencedInConstructorDestructorCatchBlock.ql @@ -9,6 +9,11 @@ * @problem.severity error * @tags external/cert/id/err53-cpp * correctness + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p2 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/ERR54-CPP/CatchBlockShadowingCert.ql b/cpp/cert/src/rules/ERR54-CPP/CatchBlockShadowingCert.ql index 8c4c5b5f06..c3e0aeb2f5 100644 --- a/cpp/cert/src/rules/ERR54-CPP/CatchBlockShadowingCert.ql +++ b/cpp/cert/src/rules/ERR54-CPP/CatchBlockShadowingCert.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/err54-cpp * correctness + * external/cert/severity/medium + * external/cert/likelihood/likely + * external/cert/remediation-cost/low + * external/cert/priority/p18 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/ERR55-CPP/HonorExceptionSpecifications.ql b/cpp/cert/src/rules/ERR55-CPP/HonorExceptionSpecifications.ql index 7d433e2480..4f35d3cd93 100644 --- a/cpp/cert/src/rules/ERR55-CPP/HonorExceptionSpecifications.ql +++ b/cpp/cert/src/rules/ERR55-CPP/HonorExceptionSpecifications.ql @@ -9,6 +9,11 @@ * @problem.severity error * @tags external/cert/id/err55-cpp * correctness + * external/cert/severity/low + * external/cert/likelihood/likely + * external/cert/remediation-cost/low + * external/cert/priority/p9 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/ERR56-CPP/GuaranteeExceptionSafety.ql b/cpp/cert/src/rules/ERR56-CPP/GuaranteeExceptionSafety.ql index b027d02e3f..5831a7f404 100644 --- a/cpp/cert/src/rules/ERR56-CPP/GuaranteeExceptionSafety.ql +++ b/cpp/cert/src/rules/ERR56-CPP/GuaranteeExceptionSafety.ql @@ -7,6 +7,11 @@ * @problem.severity error * @tags external/cert/id/err56-cpp * correctness + * external/cert/severity/high + * external/cert/likelihood/likely + * external/cert/remediation-cost/high + * external/cert/priority/p9 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/ERR57-CPP/DoNotLeakResourcesWhenHandlingExceptions.ql b/cpp/cert/src/rules/ERR57-CPP/DoNotLeakResourcesWhenHandlingExceptions.ql index e283ca8e95..6180bf2f83 100644 --- a/cpp/cert/src/rules/ERR57-CPP/DoNotLeakResourcesWhenHandlingExceptions.ql +++ b/cpp/cert/src/rules/ERR57-CPP/DoNotLeakResourcesWhenHandlingExceptions.ql @@ -8,6 +8,11 @@ * @tags external/cert/id/err57-cpp * correctness * security + * external/cert/severity/low + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p2 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/ERR58-CPP/HandleAllExceptionsThrownBeforeMainBeginsExecuting.ql b/cpp/cert/src/rules/ERR58-CPP/HandleAllExceptionsThrownBeforeMainBeginsExecuting.ql index 843b1f0964..ca6b6ae83f 100644 --- a/cpp/cert/src/rules/ERR58-CPP/HandleAllExceptionsThrownBeforeMainBeginsExecuting.ql +++ b/cpp/cert/src/rules/ERR58-CPP/HandleAllExceptionsThrownBeforeMainBeginsExecuting.ql @@ -7,6 +7,11 @@ * @problem.severity error * @tags external/cert/id/err58-cpp * correctness + * external/cert/severity/low + * external/cert/likelihood/likely + * external/cert/remediation-cost/low + * external/cert/priority/p9 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/ERR59-CPP/DoNotThrowAnExceptionAcrossExecutionBoundaries.ql b/cpp/cert/src/rules/ERR59-CPP/DoNotThrowAnExceptionAcrossExecutionBoundaries.ql index 902d392c5f..e1c7af4030 100644 --- a/cpp/cert/src/rules/ERR59-CPP/DoNotThrowAnExceptionAcrossExecutionBoundaries.ql +++ b/cpp/cert/src/rules/ERR59-CPP/DoNotThrowAnExceptionAcrossExecutionBoundaries.ql @@ -11,6 +11,11 @@ * @problem.severity error * @tags external/cert/id/err59-cpp * correctness + * external/cert/severity/high + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p12 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/ERR60-CPP/ExceptionObjectsMustBeNothrowCopyConstructible.ql b/cpp/cert/src/rules/ERR60-CPP/ExceptionObjectsMustBeNothrowCopyConstructible.ql index 37a5fedd14..61a145c7a1 100644 --- a/cpp/cert/src/rules/ERR60-CPP/ExceptionObjectsMustBeNothrowCopyConstructible.ql +++ b/cpp/cert/src/rules/ERR60-CPP/ExceptionObjectsMustBeNothrowCopyConstructible.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/err60-cpp * correctness + * external/cert/severity/low + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/ERR61-CPP/CatchExceptionsByLvalueReference.ql b/cpp/cert/src/rules/ERR61-CPP/CatchExceptionsByLvalueReference.ql index 29b879b5ea..8cc9c47854 100644 --- a/cpp/cert/src/rules/ERR61-CPP/CatchExceptionsByLvalueReference.ql +++ b/cpp/cert/src/rules/ERR61-CPP/CatchExceptionsByLvalueReference.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/err61-cpp * correctness + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/low + * external/cert/priority/p3 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/ERR62-CPP/DetectErrorsWhenConvertingAStringToANumber.ql b/cpp/cert/src/rules/ERR62-CPP/DetectErrorsWhenConvertingAStringToANumber.ql index 9c6f8120c5..e5451a0fc4 100644 --- a/cpp/cert/src/rules/ERR62-CPP/DetectErrorsWhenConvertingAStringToANumber.ql +++ b/cpp/cert/src/rules/ERR62-CPP/DetectErrorsWhenConvertingAStringToANumber.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/err62-cpp * correctness + * external/cert/severity/medium + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql b/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql index 7bfb298d3d..960d04449e 100644 --- a/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql +++ b/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql @@ -8,6 +8,11 @@ * @problem.severity warning * @tags external/cert/id/exp50-cpp * correctness + * external/cert/severity/medium + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p8 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfScalarObjectEvaluationForSideEffects.ql b/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfScalarObjectEvaluationForSideEffects.ql index 1ddb315506..4c268e9c7e 100644 --- a/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfScalarObjectEvaluationForSideEffects.ql +++ b/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfScalarObjectEvaluationForSideEffects.ql @@ -8,6 +8,11 @@ * @problem.severity warning * @tags external/cert/id/exp50-cpp * correctness + * external/cert/severity/medium + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p8 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql b/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql index e900d1b259..d0935cc798 100644 --- a/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql +++ b/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/exp51-cpp * correctness + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p2 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclTypeOperand.ql b/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclTypeOperand.ql index 217be3db6a..59745c2cd0 100644 --- a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclTypeOperand.ql +++ b/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclTypeOperand.ql @@ -8,6 +8,11 @@ * @problem.severity warning * @tags external/cert/id/exp52-cpp * correctness + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/low + * external/cert/priority/p3 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclValExpression.ql b/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclValExpression.ql index 93bb653c11..c9ced6825c 100644 --- a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclValExpression.ql +++ b/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclValExpression.ql @@ -8,6 +8,11 @@ * @problem.severity warning * @tags external/cert/id/exp52-cpp * correctness + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/low + * external/cert/priority/p3 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInNoExceptOperand.ql b/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInNoExceptOperand.ql index a32aa1eb14..d8ed036a06 100644 --- a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInNoExceptOperand.ql +++ b/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInNoExceptOperand.ql @@ -8,6 +8,11 @@ * @problem.severity warning * @tags external/cert/id/exp52-cpp * correctness + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/low + * external/cert/priority/p3 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInSizeOfOperand.ql b/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInSizeOfOperand.ql index 4cc602362e..aa0b8ff23a 100644 --- a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInSizeOfOperand.ql +++ b/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInSizeOfOperand.ql @@ -8,6 +8,11 @@ * @problem.severity warning * @tags external/cert/id/exp52-cpp * correctness + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/low + * external/cert/priority/p3 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInTypeIdOperand.ql b/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInTypeIdOperand.ql index cc43a008d9..dc65dddcd1 100644 --- a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInTypeIdOperand.ql +++ b/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInTypeIdOperand.ql @@ -8,6 +8,11 @@ * @problem.severity warning * @tags external/cert/id/exp52-cpp * correctness + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/low + * external/cert/priority/p3 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/EXP53-CPP/DoNotReadUninitializedMemory.ql b/cpp/cert/src/rules/EXP53-CPP/DoNotReadUninitializedMemory.ql index 47ee746038..9839fae0fd 100644 --- a/cpp/cert/src/rules/EXP53-CPP/DoNotReadUninitializedMemory.ql +++ b/cpp/cert/src/rules/EXP53-CPP/DoNotReadUninitializedMemory.ql @@ -8,6 +8,11 @@ * @tags external/cert/id/exp53-cpp * correctness * security + * external/cert/severity/high + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p12 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/EXP54-CPP/ObjectAccessedAfterLifetimeCert.ql b/cpp/cert/src/rules/EXP54-CPP/ObjectAccessedAfterLifetimeCert.ql index 4f72fc725a..534bb83796 100644 --- a/cpp/cert/src/rules/EXP54-CPP/ObjectAccessedAfterLifetimeCert.ql +++ b/cpp/cert/src/rules/EXP54-CPP/ObjectAccessedAfterLifetimeCert.ql @@ -8,6 +8,11 @@ * @tags external/cert/id/exp54-cpp * correctness * security + * external/cert/severity/high + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/EXP54-CPP/ObjectAccessedBeforeLifetimeCert.ql b/cpp/cert/src/rules/EXP54-CPP/ObjectAccessedBeforeLifetimeCert.ql index d97c002dbd..ea2349194b 100644 --- a/cpp/cert/src/rules/EXP54-CPP/ObjectAccessedBeforeLifetimeCert.ql +++ b/cpp/cert/src/rules/EXP54-CPP/ObjectAccessedBeforeLifetimeCert.ql @@ -8,6 +8,11 @@ * @tags external/cert/id/exp54-cpp * correctness * security + * external/cert/severity/high + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/EXP55-CPP/RemoveConstOrVolatileQualificationCert.ql b/cpp/cert/src/rules/EXP55-CPP/RemoveConstOrVolatileQualificationCert.ql index 3c915191d4..68216f2e43 100644 --- a/cpp/cert/src/rules/EXP55-CPP/RemoveConstOrVolatileQualificationCert.ql +++ b/cpp/cert/src/rules/EXP55-CPP/RemoveConstOrVolatileQualificationCert.ql @@ -8,6 +8,11 @@ * @problem.severity warning * @tags external/cert/id/exp55-cpp * correctness + * external/cert/severity/medium + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p8 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/EXP56-CPP/FunctionWithMismatchedLanguageLinkage.ql b/cpp/cert/src/rules/EXP56-CPP/FunctionWithMismatchedLanguageLinkage.ql index 23efb87e0b..d8460c58fa 100644 --- a/cpp/cert/src/rules/EXP56-CPP/FunctionWithMismatchedLanguageLinkage.ql +++ b/cpp/cert/src/rules/EXP56-CPP/FunctionWithMismatchedLanguageLinkage.ql @@ -7,6 +7,11 @@ * @problem.severity error * @tags external/cert/id/exp56-cpp * correctness + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p2 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/EXP57-CPP/CastOfPointerToIncompleteClass.ql b/cpp/cert/src/rules/EXP57-CPP/CastOfPointerToIncompleteClass.ql index 4358f11b34..2a8345c05d 100644 --- a/cpp/cert/src/rules/EXP57-CPP/CastOfPointerToIncompleteClass.ql +++ b/cpp/cert/src/rules/EXP57-CPP/CastOfPointerToIncompleteClass.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/exp57-cpp * correctness + * external/cert/severity/medium + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/EXP57-CPP/DeletingPointerToIncompleteClass.ql b/cpp/cert/src/rules/EXP57-CPP/DeletingPointerToIncompleteClass.ql index 8534885c9e..935218f78e 100644 --- a/cpp/cert/src/rules/EXP57-CPP/DeletingPointerToIncompleteClass.ql +++ b/cpp/cert/src/rules/EXP57-CPP/DeletingPointerToIncompleteClass.ql @@ -7,6 +7,11 @@ * @problem.severity error * @tags external/cert/id/exp57-cpp * correctness + * external/cert/severity/medium + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/EXP58-CPP/PassNonTrivialObjectToVaStart.ql b/cpp/cert/src/rules/EXP58-CPP/PassNonTrivialObjectToVaStart.ql index 5c7ef31a6f..b537fa34c5 100644 --- a/cpp/cert/src/rules/EXP58-CPP/PassNonTrivialObjectToVaStart.ql +++ b/cpp/cert/src/rules/EXP58-CPP/PassNonTrivialObjectToVaStart.ql @@ -9,6 +9,11 @@ * @problem.severity warning * @tags external/cert/id/exp58-cpp * correctness + * external/cert/severity/medium + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/EXP58-CPP/PassPromotablePrimitiveTypeToVaStart.ql b/cpp/cert/src/rules/EXP58-CPP/PassPromotablePrimitiveTypeToVaStart.ql index dab95c8303..1d34680261 100644 --- a/cpp/cert/src/rules/EXP58-CPP/PassPromotablePrimitiveTypeToVaStart.ql +++ b/cpp/cert/src/rules/EXP58-CPP/PassPromotablePrimitiveTypeToVaStart.ql @@ -9,6 +9,11 @@ * @problem.severity error * @tags external/cert/id/exp58-cpp * correctness + * external/cert/severity/medium + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/EXP58-CPP/PassReferenceTypeToVaStart.ql b/cpp/cert/src/rules/EXP58-CPP/PassReferenceTypeToVaStart.ql index 0b9e0a9f99..ce340d63c8 100644 --- a/cpp/cert/src/rules/EXP58-CPP/PassReferenceTypeToVaStart.ql +++ b/cpp/cert/src/rules/EXP58-CPP/PassReferenceTypeToVaStart.ql @@ -9,6 +9,11 @@ * @problem.severity error * @tags external/cert/id/exp58-cpp * correctness + * external/cert/severity/medium + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/EXP59-CPP/OffsetUsedOnInvalidTypeOrMember.ql b/cpp/cert/src/rules/EXP59-CPP/OffsetUsedOnInvalidTypeOrMember.ql index 8cda1c0851..7ece8faef6 100644 --- a/cpp/cert/src/rules/EXP59-CPP/OffsetUsedOnInvalidTypeOrMember.ql +++ b/cpp/cert/src/rules/EXP59-CPP/OffsetUsedOnInvalidTypeOrMember.ql @@ -7,6 +7,11 @@ * @problem.severity recommendation * @tags external/cert/id/exp59-cpp * correctness + * external/cert/severity/medium + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/EXP60-CPP/DoNotPassANonstandardObjectAcrossBoundaries.ql b/cpp/cert/src/rules/EXP60-CPP/DoNotPassANonstandardObjectAcrossBoundaries.ql index 8442e5eda1..ddd6fa0efc 100644 --- a/cpp/cert/src/rules/EXP60-CPP/DoNotPassANonstandardObjectAcrossBoundaries.ql +++ b/cpp/cert/src/rules/EXP60-CPP/DoNotPassANonstandardObjectAcrossBoundaries.ql @@ -9,6 +9,11 @@ * @problem.severity error * @tags external/cert/id/exp60-cpp * correctness + * external/cert/severity/high + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p12 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/EXP61-CPP/EscapingLambdaObjectWithCaptureByReference.ql b/cpp/cert/src/rules/EXP61-CPP/EscapingLambdaObjectWithCaptureByReference.ql index c57de9b2d1..1268d1c82b 100644 --- a/cpp/cert/src/rules/EXP61-CPP/EscapingLambdaObjectWithCaptureByReference.ql +++ b/cpp/cert/src/rules/EXP61-CPP/EscapingLambdaObjectWithCaptureByReference.ql @@ -10,6 +10,11 @@ * @tags external/cert/id/exp61-cpp * correctness * security + * external/cert/severity/high + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/EXP61-CPP/ReturningLambdaObjectWithCaptureByReference.ql b/cpp/cert/src/rules/EXP61-CPP/ReturningLambdaObjectWithCaptureByReference.ql index 8487c78039..eb76ba6187 100644 --- a/cpp/cert/src/rules/EXP61-CPP/ReturningLambdaObjectWithCaptureByReference.ql +++ b/cpp/cert/src/rules/EXP61-CPP/ReturningLambdaObjectWithCaptureByReference.ql @@ -10,6 +10,11 @@ * @tags external/cert/id/exp61-cpp * correctness * security + * external/cert/severity/high + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation.ql b/cpp/cert/src/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation.ql index 4b8b67368f..64bfb4673b 100644 --- a/cpp/cert/src/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation.ql +++ b/cpp/cert/src/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/exp62-cpp * correctness + * external/cert/severity/high + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/EXP62-CPP/MemcpyUsedToAccessObjectRepresentation.ql b/cpp/cert/src/rules/EXP62-CPP/MemcpyUsedToAccessObjectRepresentation.ql index 87f797bf25..0e8847257c 100644 --- a/cpp/cert/src/rules/EXP62-CPP/MemcpyUsedToAccessObjectRepresentation.ql +++ b/cpp/cert/src/rules/EXP62-CPP/MemcpyUsedToAccessObjectRepresentation.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/exp62-cpp * correctness + * external/cert/severity/high + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/EXP62-CPP/MemsetUsedToAccessObjectRepresentation.ql b/cpp/cert/src/rules/EXP62-CPP/MemsetUsedToAccessObjectRepresentation.ql index 302410def1..a4ae635289 100644 --- a/cpp/cert/src/rules/EXP62-CPP/MemsetUsedToAccessObjectRepresentation.ql +++ b/cpp/cert/src/rules/EXP62-CPP/MemsetUsedToAccessObjectRepresentation.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/exp62-cpp * correctness + * external/cert/severity/high + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/EXP63-CPP/DoNotRelyOnTheValueOfAMovedFromObject.ql b/cpp/cert/src/rules/EXP63-CPP/DoNotRelyOnTheValueOfAMovedFromObject.ql index 785d4b8b2b..48e534bfbb 100644 --- a/cpp/cert/src/rules/EXP63-CPP/DoNotRelyOnTheValueOfAMovedFromObject.ql +++ b/cpp/cert/src/rules/EXP63-CPP/DoNotRelyOnTheValueOfAMovedFromObject.ql @@ -7,6 +7,11 @@ * @problem.severity error * @tags external/cert/id/exp63-cpp * correctness + * external/cert/severity/medium + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p8 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/FIO50-CPP/InterleavedInputOutputWithoutPosition.ql b/cpp/cert/src/rules/FIO50-CPP/InterleavedInputOutputWithoutPosition.ql index e30168dc23..0333955f72 100644 --- a/cpp/cert/src/rules/FIO50-CPP/InterleavedInputOutputWithoutPosition.ql +++ b/cpp/cert/src/rules/FIO50-CPP/InterleavedInputOutputWithoutPosition.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/fio50-cpp * correctness + * external/cert/severity/low + * external/cert/likelihood/likely + * external/cert/remediation-cost/medium + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/FIO51-CPP/CloseFilesWhenTheyAreNoLongerNeeded.ql b/cpp/cert/src/rules/FIO51-CPP/CloseFilesWhenTheyAreNoLongerNeeded.ql index 383fb9db1f..a444692594 100644 --- a/cpp/cert/src/rules/FIO51-CPP/CloseFilesWhenTheyAreNoLongerNeeded.ql +++ b/cpp/cert/src/rules/FIO51-CPP/CloseFilesWhenTheyAreNoLongerNeeded.ql @@ -8,6 +8,11 @@ * @tags external/cert/id/fio51-cpp * correctness * security + * external/cert/severity/medium + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/INT50-CPP/DoNotCastToAnOutOfRangeEnumerationValue.ql b/cpp/cert/src/rules/INT50-CPP/DoNotCastToAnOutOfRangeEnumerationValue.ql index f90d3a42ef..c7437073e9 100644 --- a/cpp/cert/src/rules/INT50-CPP/DoNotCastToAnOutOfRangeEnumerationValue.ql +++ b/cpp/cert/src/rules/INT50-CPP/DoNotCastToAnOutOfRangeEnumerationValue.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/int50-cpp * correctness + * external/cert/severity/medium + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/MEM50-CPP/UseAfterFree.ql b/cpp/cert/src/rules/MEM50-CPP/UseAfterFree.ql index 59bf3e5bc7..8c31fc104c 100644 --- a/cpp/cert/src/rules/MEM50-CPP/UseAfterFree.ql +++ b/cpp/cert/src/rules/MEM50-CPP/UseAfterFree.ql @@ -8,6 +8,11 @@ * @tags external/cert/id/mem50-cpp * correctness * security + * external/cert/severity/high + * external/cert/likelihood/likely + * external/cert/remediation-cost/medium + * external/cert/priority/p18 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/MEM51-CPP/ProperlyDeallocateDynamicallyAllocatedResources.ql b/cpp/cert/src/rules/MEM51-CPP/ProperlyDeallocateDynamicallyAllocatedResources.ql index 5854b169f2..70fd363c64 100644 --- a/cpp/cert/src/rules/MEM51-CPP/ProperlyDeallocateDynamicallyAllocatedResources.ql +++ b/cpp/cert/src/rules/MEM51-CPP/ProperlyDeallocateDynamicallyAllocatedResources.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/mem51-cpp * correctness * security + * external/cert/severity/high + * external/cert/likelihood/likely + * external/cert/remediation-cost/medium + * external/cert/priority/p18 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql b/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql index 083aad1e3c..90685f1c96 100644 --- a/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql +++ b/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql @@ -7,6 +7,11 @@ * @problem.severity error * @tags external/cert/id/mem52-cpp * correctness + * external/cert/severity/high + * external/cert/likelihood/likely + * external/cert/remediation-cost/medium + * external/cert/priority/p18 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.ql b/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.ql index 5398aa04e1..a56fa18da8 100644 --- a/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.ql +++ b/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.ql @@ -7,6 +7,11 @@ * @problem.severity error * @tags external/cert/id/mem53-cpp * correctness + * external/cert/severity/high + * external/cert/likelihood/likely + * external/cert/remediation-cost/medium + * external/cert/priority/p18 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.ql b/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.ql index 22e2ac336f..fe6fff2d4f 100644 --- a/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.ql +++ b/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.ql @@ -7,6 +7,11 @@ * @problem.severity error * @tags external/cert/id/mem53-cpp * correctness + * external/cert/severity/high + * external/cert/likelihood/likely + * external/cert/remediation-cost/medium + * external/cert/priority/p18 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/MEM54-CPP/PlacementNewInsufficientStorageCert.ql b/cpp/cert/src/rules/MEM54-CPP/PlacementNewInsufficientStorageCert.ql index 695d39de69..fca9190552 100644 --- a/cpp/cert/src/rules/MEM54-CPP/PlacementNewInsufficientStorageCert.ql +++ b/cpp/cert/src/rules/MEM54-CPP/PlacementNewInsufficientStorageCert.ql @@ -10,6 +10,11 @@ * @tags external/cert/id/mem54-cpp * security * correctness + * external/cert/severity/high + * external/cert/likelihood/likely + * external/cert/remediation-cost/medium + * external/cert/priority/p18 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/MEM54-CPP/PlacementNewNotProperlyAlignedCert.ql b/cpp/cert/src/rules/MEM54-CPP/PlacementNewNotProperlyAlignedCert.ql index 4993de85ed..d623e85a50 100644 --- a/cpp/cert/src/rules/MEM54-CPP/PlacementNewNotProperlyAlignedCert.ql +++ b/cpp/cert/src/rules/MEM54-CPP/PlacementNewNotProperlyAlignedCert.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/mem54-cpp * security * correctness + * external/cert/severity/high + * external/cert/likelihood/likely + * external/cert/remediation-cost/medium + * external/cert/priority/p18 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/MEM55-CPP/OperatorDeleteMissingPartnerCert.ql b/cpp/cert/src/rules/MEM55-CPP/OperatorDeleteMissingPartnerCert.ql index d3366f15fc..fd8f4f3a04 100644 --- a/cpp/cert/src/rules/MEM55-CPP/OperatorDeleteMissingPartnerCert.ql +++ b/cpp/cert/src/rules/MEM55-CPP/OperatorDeleteMissingPartnerCert.ql @@ -9,6 +9,11 @@ * @problem.severity error * @tags external/cert/id/mem55-cpp * correctness + * external/cert/severity/high + * external/cert/likelihood/likely + * external/cert/remediation-cost/medium + * external/cert/priority/p18 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/MEM55-CPP/ThrowingNoThrowOperatorNewDeleteCert.ql b/cpp/cert/src/rules/MEM55-CPP/ThrowingNoThrowOperatorNewDeleteCert.ql index 564d74c333..2740498eef 100644 --- a/cpp/cert/src/rules/MEM55-CPP/ThrowingNoThrowOperatorNewDeleteCert.ql +++ b/cpp/cert/src/rules/MEM55-CPP/ThrowingNoThrowOperatorNewDeleteCert.ql @@ -9,6 +9,11 @@ * @problem.severity error * @tags external/cert/id/mem55-cpp * correctness + * external/cert/severity/high + * external/cert/likelihood/likely + * external/cert/remediation-cost/medium + * external/cert/priority/p18 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/MEM55-CPP/ThrowingOperatorNewReturnsNullCert.ql b/cpp/cert/src/rules/MEM55-CPP/ThrowingOperatorNewReturnsNullCert.ql index c07dbff76c..072c69201f 100644 --- a/cpp/cert/src/rules/MEM55-CPP/ThrowingOperatorNewReturnsNullCert.ql +++ b/cpp/cert/src/rules/MEM55-CPP/ThrowingOperatorNewReturnsNullCert.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/mem55-cpp * correctness + * external/cert/severity/high + * external/cert/likelihood/likely + * external/cert/remediation-cost/medium + * external/cert/priority/p18 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/MEM55-CPP/ThrowingOperatorNewThrowsInvalidExceptionCert.ql b/cpp/cert/src/rules/MEM55-CPP/ThrowingOperatorNewThrowsInvalidExceptionCert.ql index 0b02be8b3f..da4b63200b 100644 --- a/cpp/cert/src/rules/MEM55-CPP/ThrowingOperatorNewThrowsInvalidExceptionCert.ql +++ b/cpp/cert/src/rules/MEM55-CPP/ThrowingOperatorNewThrowsInvalidExceptionCert.ql @@ -9,6 +9,11 @@ * @problem.severity error * @tags external/cert/id/mem55-cpp * correctness + * external/cert/severity/high + * external/cert/likelihood/likely + * external/cert/remediation-cost/medium + * external/cert/priority/p18 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/MEM56-CPP/OwnedPointerValueStoredInUnrelatedSmartPointerCert.ql b/cpp/cert/src/rules/MEM56-CPP/OwnedPointerValueStoredInUnrelatedSmartPointerCert.ql index 7fa3209151..ba7a39272a 100644 --- a/cpp/cert/src/rules/MEM56-CPP/OwnedPointerValueStoredInUnrelatedSmartPointerCert.ql +++ b/cpp/cert/src/rules/MEM56-CPP/OwnedPointerValueStoredInUnrelatedSmartPointerCert.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/mem56-cpp * correctness + * external/cert/severity/high + * external/cert/likelihood/likely + * external/cert/remediation-cost/medium + * external/cert/priority/p18 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/MEM57-CPP/UsingDefaultOperatorNewForOverAlignedTypes.ql b/cpp/cert/src/rules/MEM57-CPP/UsingDefaultOperatorNewForOverAlignedTypes.ql index f8a5247ff1..6c3d18c27f 100644 --- a/cpp/cert/src/rules/MEM57-CPP/UsingDefaultOperatorNewForOverAlignedTypes.ql +++ b/cpp/cert/src/rules/MEM57-CPP/UsingDefaultOperatorNewForOverAlignedTypes.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/mem57-cpp * correctness * security + * external/cert/severity/medium + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/low + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.ql b/cpp/cert/src/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.ql index 8ab68974cb..b67cec99f3 100644 --- a/cpp/cert/src/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.ql +++ b/cpp/cert/src/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.ql @@ -8,6 +8,11 @@ * @tags external/cert/id/msc50-cpp * security * scope/single-translation-unit + * external/cert/severity/medium + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/low + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.ql b/cpp/cert/src/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.ql index 76f8500362..5322fbbde3 100644 --- a/cpp/cert/src/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.ql +++ b/cpp/cert/src/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/msc51-cpp * security * correctness + * external/cert/severity/medium + * external/cert/likelihood/likely + * external/cert/remediation-cost/low + * external/cert/priority/p18 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/MSC52-CPP/NonVoidFunctionDoesNotReturnCert.ql b/cpp/cert/src/rules/MSC52-CPP/NonVoidFunctionDoesNotReturnCert.ql index 9634592715..dcf42a78f4 100644 --- a/cpp/cert/src/rules/MSC52-CPP/NonVoidFunctionDoesNotReturnCert.ql +++ b/cpp/cert/src/rules/MSC52-CPP/NonVoidFunctionDoesNotReturnCert.ql @@ -9,6 +9,11 @@ * @problem.severity error * @tags external/cert/id/msc52-cpp * correctness + * external/cert/severity/medium + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p8 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/MSC53-CPP/FunctionNoReturnAttributeConditionCert.ql b/cpp/cert/src/rules/MSC53-CPP/FunctionNoReturnAttributeConditionCert.ql index 511369e46c..5044b3b421 100644 --- a/cpp/cert/src/rules/MSC53-CPP/FunctionNoReturnAttributeConditionCert.ql +++ b/cpp/cert/src/rules/MSC53-CPP/FunctionNoReturnAttributeConditionCert.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/msc53-cpp * correctness + * external/cert/severity/medium + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/low + * external/cert/priority/p2 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/MSC54-CPP/SignalHandlerMustBeAPlainOldFunction.ql b/cpp/cert/src/rules/MSC54-CPP/SignalHandlerMustBeAPlainOldFunction.ql index a537346630..885d8caa0a 100644 --- a/cpp/cert/src/rules/MSC54-CPP/SignalHandlerMustBeAPlainOldFunction.ql +++ b/cpp/cert/src/rules/MSC54-CPP/SignalHandlerMustBeAPlainOldFunction.ql @@ -7,6 +7,11 @@ * @problem.severity error * @tags external/cert/id/msc54-cpp * correctness + * external/cert/severity/high + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/OOP50-CPP/DoNotInvokeVirtualFunctionsFromConstructorsOrDestructors.ql b/cpp/cert/src/rules/OOP50-CPP/DoNotInvokeVirtualFunctionsFromConstructorsOrDestructors.ql index 5cbcee6be9..1c3df97cfa 100644 --- a/cpp/cert/src/rules/OOP50-CPP/DoNotInvokeVirtualFunctionsFromConstructorsOrDestructors.ql +++ b/cpp/cert/src/rules/OOP50-CPP/DoNotInvokeVirtualFunctionsFromConstructorsOrDestructors.ql @@ -7,6 +7,11 @@ * @precision very-high * @problem.severity error * @tags external/cert/id/oop50-cpp + * external/cert/severity/low + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p2 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/OOP51-CPP/DoNotSliceDerivedObjects.ql b/cpp/cert/src/rules/OOP51-CPP/DoNotSliceDerivedObjects.ql index f0af256fb9..4cb654730b 100644 --- a/cpp/cert/src/rules/OOP51-CPP/DoNotSliceDerivedObjects.ql +++ b/cpp/cert/src/rules/OOP51-CPP/DoNotSliceDerivedObjects.ql @@ -7,6 +7,11 @@ * @precision very-high * @problem.severity error * @tags external/cert/id/oop51-cpp + * external/cert/severity/low + * external/cert/likelihood/probable + * external/cert/remediation-cost/medium + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/OOP52-CPP/DoNotDeleteAPolymorphicObjectWithoutAVirtualDestructor.ql b/cpp/cert/src/rules/OOP52-CPP/DoNotDeleteAPolymorphicObjectWithoutAVirtualDestructor.ql index 13bfdd5c0c..190c4d720d 100644 --- a/cpp/cert/src/rules/OOP52-CPP/DoNotDeleteAPolymorphicObjectWithoutAVirtualDestructor.ql +++ b/cpp/cert/src/rules/OOP52-CPP/DoNotDeleteAPolymorphicObjectWithoutAVirtualDestructor.ql @@ -7,6 +7,11 @@ * @precision very-high * @problem.severity warning * @tags external/cert/id/oop52-cpp + * external/cert/severity/low + * external/cert/likelihood/likely + * external/cert/remediation-cost/low + * external/cert/priority/p9 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/OOP53-CPP/UseCanonicalOrderForMemberInit.ql b/cpp/cert/src/rules/OOP53-CPP/UseCanonicalOrderForMemberInit.ql index 96fd7812d7..b42b54ef6c 100644 --- a/cpp/cert/src/rules/OOP53-CPP/UseCanonicalOrderForMemberInit.ql +++ b/cpp/cert/src/rules/OOP53-CPP/UseCanonicalOrderForMemberInit.ql @@ -12,6 +12,11 @@ * security * maintainability * readability + * external/cert/severity/medium + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p4 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/OOP54-CPP/GracefullyHandleSelfCopyAssignment.ql b/cpp/cert/src/rules/OOP54-CPP/GracefullyHandleSelfCopyAssignment.ql index 85940bf862..844d0f54bb 100644 --- a/cpp/cert/src/rules/OOP54-CPP/GracefullyHandleSelfCopyAssignment.ql +++ b/cpp/cert/src/rules/OOP54-CPP/GracefullyHandleSelfCopyAssignment.ql @@ -9,6 +9,11 @@ * @problem.severity error * @tags external/cert/id/oop54-cpp * correctness + * external/cert/severity/low + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p2 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/OOP55-CPP/MemberAccessWithUninitializedStaticPointerToMember.ql b/cpp/cert/src/rules/OOP55-CPP/MemberAccessWithUninitializedStaticPointerToMember.ql index ead970ca71..27c63c2c16 100644 --- a/cpp/cert/src/rules/OOP55-CPP/MemberAccessWithUninitializedStaticPointerToMember.ql +++ b/cpp/cert/src/rules/OOP55-CPP/MemberAccessWithUninitializedStaticPointerToMember.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/oop55-cpp * correctness + * external/cert/severity/high + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessNonexistentMember.ql b/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessNonexistentMember.ql index 614d3fbaca..72d640f29b 100644 --- a/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessNonexistentMember.ql +++ b/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessNonexistentMember.ql @@ -9,6 +9,11 @@ * @problem.severity error * @tags external/cert/id/oop55-cpp * correctness + * external/cert/severity/high + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessUndefinedMember.ql b/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessUndefinedMember.ql index e6b8f10d9c..202123c11c 100644 --- a/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessUndefinedMember.ql +++ b/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessUndefinedMember.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/oop55-cpp * correctness + * external/cert/severity/high + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/OOP56-CPP/HonorNewReplacementHandlerRequirements.ql b/cpp/cert/src/rules/OOP56-CPP/HonorNewReplacementHandlerRequirements.ql index 18b259ef86..981bd1ce5b 100644 --- a/cpp/cert/src/rules/OOP56-CPP/HonorNewReplacementHandlerRequirements.ql +++ b/cpp/cert/src/rules/OOP56-CPP/HonorNewReplacementHandlerRequirements.ql @@ -7,6 +7,11 @@ * @problem.severity error * @tags external/cert/id/oop56-cpp * correctness + * external/cert/severity/low + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p2 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/OOP56-CPP/HonorTerminationReplacementHandlerRequirements.ql b/cpp/cert/src/rules/OOP56-CPP/HonorTerminationReplacementHandlerRequirements.ql index ea499791ff..4d59b36b52 100644 --- a/cpp/cert/src/rules/OOP56-CPP/HonorTerminationReplacementHandlerRequirements.ql +++ b/cpp/cert/src/rules/OOP56-CPP/HonorTerminationReplacementHandlerRequirements.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/oop56-cpp * correctness + * external/cert/severity/low + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p2 + * external/cert/level/l3 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/OOP57-CPP/PreferSpecialMemberFunctionsAndOverloadedOperatorsToCStandardLibraryFunctions.ql b/cpp/cert/src/rules/OOP57-CPP/PreferSpecialMemberFunctionsAndOverloadedOperatorsToCStandardLibraryFunctions.ql index 19b14730bb..9ac17e84a0 100644 --- a/cpp/cert/src/rules/OOP57-CPP/PreferSpecialMemberFunctionsAndOverloadedOperatorsToCStandardLibraryFunctions.ql +++ b/cpp/cert/src/rules/OOP57-CPP/PreferSpecialMemberFunctionsAndOverloadedOperatorsToCStandardLibraryFunctions.ql @@ -8,6 +8,11 @@ * @tags external/cert/id/oop57-cpp * correctness * scope/single-translation-unit + * external/cert/severity/high + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/OOP58-CPP/CopyOperationsMustNotMutateTheSourceObject.ql b/cpp/cert/src/rules/OOP58-CPP/CopyOperationsMustNotMutateTheSourceObject.ql index 97cfe0fa3c..9ad0593702 100644 --- a/cpp/cert/src/rules/OOP58-CPP/CopyOperationsMustNotMutateTheSourceObject.ql +++ b/cpp/cert/src/rules/OOP58-CPP/CopyOperationsMustNotMutateTheSourceObject.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/oop58-cpp * correctness + * external/cert/severity/low + * external/cert/likelihood/likely + * external/cert/remediation-cost/low + * external/cert/priority/p9 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/STR50-CPP/BasicStringMayNotBeNullTerminatedCert.ql b/cpp/cert/src/rules/STR50-CPP/BasicStringMayNotBeNullTerminatedCert.ql index 9ff12eca5c..2cd08be70a 100644 --- a/cpp/cert/src/rules/STR50-CPP/BasicStringMayNotBeNullTerminatedCert.ql +++ b/cpp/cert/src/rules/STR50-CPP/BasicStringMayNotBeNullTerminatedCert.ql @@ -7,6 +7,11 @@ * @precision very-high * @problem.severity recommendation * @tags external/cert/id/str50-cpp + * external/cert/severity/high + * external/cert/likelihood/likely + * external/cert/remediation-cost/medium + * external/cert/priority/p18 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/STR50-CPP/OperationMayNotNullTerminateCStyleStringCert.ql b/cpp/cert/src/rules/STR50-CPP/OperationMayNotNullTerminateCStyleStringCert.ql index d79297a63b..59f56207cd 100644 --- a/cpp/cert/src/rules/STR50-CPP/OperationMayNotNullTerminateCStyleStringCert.ql +++ b/cpp/cert/src/rules/STR50-CPP/OperationMayNotNullTerminateCStyleStringCert.ql @@ -7,6 +7,11 @@ * @precision very-high * @problem.severity recommendation * @tags external/cert/id/str50-cpp + * external/cert/severity/high + * external/cert/likelihood/likely + * external/cert/remediation-cost/medium + * external/cert/priority/p18 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/STR51-CPP/DoNotAttemptToCreateAStringFromANullPointer.ql b/cpp/cert/src/rules/STR51-CPP/DoNotAttemptToCreateAStringFromANullPointer.ql index e775dc205f..a6337e2fcf 100644 --- a/cpp/cert/src/rules/STR51-CPP/DoNotAttemptToCreateAStringFromANullPointer.ql +++ b/cpp/cert/src/rules/STR51-CPP/DoNotAttemptToCreateAStringFromANullPointer.ql @@ -7,6 +7,11 @@ * @problem.severity error * @tags external/cert/id/str51-cpp * correctness + * external/cert/severity/high + * external/cert/likelihood/likely + * external/cert/remediation-cost/medium + * external/cert/priority/p18 + * external/cert/level/l1 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/STR52-CPP/UseValidReferencesForElementsOfString.ql b/cpp/cert/src/rules/STR52-CPP/UseValidReferencesForElementsOfString.ql index 211e490b33..21c29f54ef 100644 --- a/cpp/cert/src/rules/STR52-CPP/UseValidReferencesForElementsOfString.ql +++ b/cpp/cert/src/rules/STR52-CPP/UseValidReferencesForElementsOfString.ql @@ -8,6 +8,11 @@ * @problem.severity error * @tags external/cert/id/str52-cpp * correctness + * external/cert/severity/high + * external/cert/likelihood/probable + * external/cert/remediation-cost/high + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ diff --git a/cpp/cert/src/rules/STR53-CPP/RangeCheckStringElementAccess.ql b/cpp/cert/src/rules/STR53-CPP/RangeCheckStringElementAccess.ql index 3300b77e18..c92f2b2316 100644 --- a/cpp/cert/src/rules/STR53-CPP/RangeCheckStringElementAccess.ql +++ b/cpp/cert/src/rules/STR53-CPP/RangeCheckStringElementAccess.ql @@ -9,6 +9,11 @@ * @tags external/cert/id/str53-cpp * correctness * security + * external/cert/severity/high + * external/cert/likelihood/unlikely + * external/cert/remediation-cost/medium + * external/cert/priority/p6 + * external/cert/level/l2 * external/cert/obligation/rule */ From 54416547ef052258c37bb7db49f26fb84e6f0802 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 2 May 2025 11:04:59 +0100 Subject: [PATCH 2527/2573] Add query suites for levels 1 to 3. --- c/cert/src/codeql-suites/cert-c-l1.qls | 12 ++++++++++++ c/cert/src/codeql-suites/cert-c-l2.qls | 12 ++++++++++++ c/cert/src/codeql-suites/cert-c-l3.qls | 12 ++++++++++++ cpp/cert/src/codeql-suites/cert-cpp-l1.qls | 12 ++++++++++++ cpp/cert/src/codeql-suites/cert-cpp-l2.qls | 12 ++++++++++++ cpp/cert/src/codeql-suites/cert-cpp-l3.qls | 12 ++++++++++++ 6 files changed, 72 insertions(+) create mode 100644 c/cert/src/codeql-suites/cert-c-l1.qls create mode 100644 c/cert/src/codeql-suites/cert-c-l2.qls create mode 100644 c/cert/src/codeql-suites/cert-c-l3.qls create mode 100644 cpp/cert/src/codeql-suites/cert-cpp-l1.qls create mode 100644 cpp/cert/src/codeql-suites/cert-cpp-l2.qls create mode 100644 cpp/cert/src/codeql-suites/cert-cpp-l3.qls diff --git a/c/cert/src/codeql-suites/cert-c-l1.qls b/c/cert/src/codeql-suites/cert-c-l1.qls new file mode 100644 index 0000000000..b2056fbec8 --- /dev/null +++ b/c/cert/src/codeql-suites/cert-c-l1.qls @@ -0,0 +1,12 @@ +- description: CERT C 2016 Level 1 Rules (Priority 12 - Priority 27) +- qlpack: codeql/cert-c-coding-standards +- include: + kind: + - problem + - path-problem + - external/cert/obligation/rule + tags contain: + - external/cert/level/l1 +- exclude: + tags contain: + - external/cert/default-disabled \ No newline at end of file diff --git a/c/cert/src/codeql-suites/cert-c-l2.qls b/c/cert/src/codeql-suites/cert-c-l2.qls new file mode 100644 index 0000000000..9c0a4b1ef9 --- /dev/null +++ b/c/cert/src/codeql-suites/cert-c-l2.qls @@ -0,0 +1,12 @@ +- description: CERT C 2016 Level 2 Rules (Priority 6 - Priority 9) +- qlpack: codeql/cert-c-coding-standards +- include: + kind: + - problem + - path-problem + - external/cert/obligation/rule + tags contain: + - external/cert/level/l2 +- exclude: + tags contain: + - external/cert/default-disabled \ No newline at end of file diff --git a/c/cert/src/codeql-suites/cert-c-l3.qls b/c/cert/src/codeql-suites/cert-c-l3.qls new file mode 100644 index 0000000000..462a6d816f --- /dev/null +++ b/c/cert/src/codeql-suites/cert-c-l3.qls @@ -0,0 +1,12 @@ +- description: CERT C 2016 Level 3 Rules (Priority 1 - Priority 4) +- qlpack: codeql/cert-c-coding-standards +- include: + kind: + - problem + - path-problem + - external/cert/obligation/rule + tags contain: + - external/cert/level/l3 +- exclude: + tags contain: + - external/cert/default-disabled \ No newline at end of file diff --git a/cpp/cert/src/codeql-suites/cert-cpp-l1.qls b/cpp/cert/src/codeql-suites/cert-cpp-l1.qls new file mode 100644 index 0000000000..d96def2456 --- /dev/null +++ b/cpp/cert/src/codeql-suites/cert-cpp-l1.qls @@ -0,0 +1,12 @@ +- description: CERT C++ 2016 Level 1 Rules (Priority 12 - Priority 27) +- qlpack: codeql/cert-cpp-coding-standards +- include: + kind: + - problem + - path-problem + - external/cert/obligation/rule + tags contain: + - external/cert/level/l1 +- exclude: + tags contain: + - external/cert/default-disabled \ No newline at end of file diff --git a/cpp/cert/src/codeql-suites/cert-cpp-l2.qls b/cpp/cert/src/codeql-suites/cert-cpp-l2.qls new file mode 100644 index 0000000000..b08cb07536 --- /dev/null +++ b/cpp/cert/src/codeql-suites/cert-cpp-l2.qls @@ -0,0 +1,12 @@ +- description: CERT C++ 2016 Level 2 Rules (Priority 6 - Priority 9) +- qlpack: codeql/cert-cpp-coding-standards +- include: + kind: + - problem + - path-problem + - external/cert/obligation/rule + tags contain: + - external/cert/level/l2 +- exclude: + tags contain: + - external/cert/default-disabled \ No newline at end of file diff --git a/cpp/cert/src/codeql-suites/cert-cpp-l3.qls b/cpp/cert/src/codeql-suites/cert-cpp-l3.qls new file mode 100644 index 0000000000..ca621c96ab --- /dev/null +++ b/cpp/cert/src/codeql-suites/cert-cpp-l3.qls @@ -0,0 +1,12 @@ +- description: CERT C++ 2016 Level 3 Rules (Priority 1 - Priority 4) +- qlpack: codeql/cert-cpp-coding-standards +- include: + kind: + - problem + - path-problem + - external/cert/obligation/rule + tags contain: + - external/cert/level/l3 +- exclude: + tags contain: + - external/cert/default-disabled \ No newline at end of file From df44da0bf059d33abdedd6d4997631c13f617e31 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 2 May 2025 11:32:50 +0100 Subject: [PATCH 2528/2573] Add change note --- change_notes/2025-05-01-cert-extra-props.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 change_notes/2025-05-01-cert-extra-props.md diff --git a/change_notes/2025-05-01-cert-extra-props.md b/change_notes/2025-05-01-cert-extra-props.md new file mode 100644 index 0000000000..3244360703 --- /dev/null +++ b/change_notes/2025-05-01-cert-extra-props.md @@ -0,0 +1,2 @@ + - All CERT rules now include additional tags to represent the [Risk Assessment](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RiskAssessment) properties specified on CERT rules. + - In addition, new query suites are included which allow the selection of queries that represent CERT Rules (not Recommendations) for each of the Levels (1-3). These are called `cert--.qls` and can be used either directly in the CodeQL CLI, or via the CodeQL Action. \ No newline at end of file From 9e24b41e85cbecee58cc3e333fbc3cd695134dfc Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 5 May 2025 15:47:32 +0100 Subject: [PATCH 2529/2573] Remove spurious recommendation tag In some of the CERT help files they use "Recommendation" rather than "Rule" as a header in the Risk Assessment table, creating spurious query tags. --- .../rules/CON34-C/AppropriateThreadObjectStorageDurations.ql | 1 - .../CON34-C/ThreadObjectStorageDurationsNotInitialized.ql | 1 - .../DoNotAccessVariableViaPointerOfIncompatibleType.ql | 1 - c/cert/src/rules/EXP45-C/AssignmentsInSelectionStatements.ql | 1 - .../rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql | 1 - rule_packages/c/Concurrency4.json | 2 -- rule_packages/c/Memory2.json | 1 - rule_packages/c/Pointers3.json | 1 - rule_packages/c/SideEffects1.json | 1 - scripts/add_risk_assessment_tags.py | 4 ++-- 10 files changed, 2 insertions(+), 12 deletions(-) diff --git a/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql b/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql index eef196a9ec..4fb034406b 100644 --- a/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql +++ b/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql @@ -9,7 +9,6 @@ * @tags external/cert/id/con34-c * correctness * concurrency - * external/cert/recommendation/con34-c * external/cert/severity/medium * external/cert/likelihood/probable * external/cert/remediation-cost/high diff --git a/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql b/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql index fa0587bce0..07b114d6ca 100644 --- a/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql +++ b/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql @@ -10,7 +10,6 @@ * external/cert/audit * correctness * concurrency - * external/cert/recommendation/con34-c * external/cert/severity/medium * external/cert/likelihood/probable * external/cert/remediation-cost/high diff --git a/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql b/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql index c5772340ef..856cad1d58 100644 --- a/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql +++ b/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql @@ -8,7 +8,6 @@ * @problem.severity error * @tags external/cert/id/exp39-c * correctness - * external/cert/recommendation/exp39-c * external/cert/severity/medium * external/cert/likelihood/unlikely * external/cert/remediation-cost/high diff --git a/c/cert/src/rules/EXP45-C/AssignmentsInSelectionStatements.ql b/c/cert/src/rules/EXP45-C/AssignmentsInSelectionStatements.ql index 5478bb03f7..c831713486 100644 --- a/c/cert/src/rules/EXP45-C/AssignmentsInSelectionStatements.ql +++ b/c/cert/src/rules/EXP45-C/AssignmentsInSelectionStatements.ql @@ -8,7 +8,6 @@ * @problem.severity error * @tags external/cert/id/exp45-c * correctness - * external/cert/recommendation/exp45-c * external/cert/severity/low * external/cert/likelihood/likely * external/cert/remediation-cost/medium diff --git a/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql b/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql index 5515bfc80d..90c34a44a2 100644 --- a/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql +++ b/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql @@ -9,7 +9,6 @@ * @tags external/cert/id/mem36-c * correctness * security - * external/cert/recommendation/mem36-c * external/cert/severity/low * external/cert/likelihood/probable * external/cert/remediation-cost/high diff --git a/rule_packages/c/Concurrency4.json b/rule_packages/c/Concurrency4.json index 45f4b495fc..b981ebaa8b 100644 --- a/rule_packages/c/Concurrency4.json +++ b/rule_packages/c/Concurrency4.json @@ -43,7 +43,6 @@ "tags": [ "correctness", "concurrency", - "external/cert/recommendation/con34-c", "external/cert/severity/medium", "external/cert/likelihood/probable", "external/cert/remediation-cost/high", @@ -65,7 +64,6 @@ "external/cert/audit", "correctness", "concurrency", - "external/cert/recommendation/con34-c", "external/cert/severity/medium", "external/cert/likelihood/probable", "external/cert/remediation-cost/high", diff --git a/rule_packages/c/Memory2.json b/rule_packages/c/Memory2.json index 9f475e4df8..55a7dd2a35 100644 --- a/rule_packages/c/Memory2.json +++ b/rule_packages/c/Memory2.json @@ -177,7 +177,6 @@ "tags": [ "correctness", "security", - "external/cert/recommendation/mem36-c", "external/cert/severity/low", "external/cert/likelihood/probable", "external/cert/remediation-cost/high", diff --git a/rule_packages/c/Pointers3.json b/rule_packages/c/Pointers3.json index f00018b1ad..8a169b71a8 100644 --- a/rule_packages/c/Pointers3.json +++ b/rule_packages/c/Pointers3.json @@ -65,7 +65,6 @@ "short_name": "DoNotAccessVariableViaPointerOfIncompatibleType", "tags": [ "correctness", - "external/cert/recommendation/exp39-c", "external/cert/severity/medium", "external/cert/likelihood/unlikely", "external/cert/remediation-cost/high", diff --git a/rule_packages/c/SideEffects1.json b/rule_packages/c/SideEffects1.json index 7e0ab9c90b..4dec3d8bbf 100644 --- a/rule_packages/c/SideEffects1.json +++ b/rule_packages/c/SideEffects1.json @@ -78,7 +78,6 @@ "short_name": "AssignmentsInSelectionStatements", "tags": [ "correctness", - "external/cert/recommendation/exp45-c", "external/cert/severity/low", "external/cert/likelihood/likely", "external/cert/remediation-cost/medium", diff --git a/scripts/add_risk_assessment_tags.py b/scripts/add_risk_assessment_tags.py index f2ed9a5a73..6560d82a44 100644 --- a/scripts/add_risk_assessment_tags.py +++ b/scripts/add_risk_assessment_tags.py @@ -123,8 +123,8 @@ def process_rule_package(rule_package_file): # Add each risk assessment property as a tag for key, value in risk_data.items(): key_sanitized = key.lower().replace(" ", "-") - if key_sanitized == "rule": - # skip rule, as that is already in the rule ID + if key_sanitized == "rule" or key_sanitized == "recommendation": + # skip rule/recommendation as they just repeat the rule ID continue tag = f"external/cert/{key_sanitized}/{value.lower()}" if tag not in query["tags"]: From 44617e8d78b44bf7dd8ae0258751eb4fc33753db Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 5 May 2025 22:16:18 +0100 Subject: [PATCH 2530/2573] Update expected results for query file changes Deprecation warning lists location in query file, which has changed due to addition of new tags. --- ...bleLengthArraySizeNotInValidRange.expected | 4 +- ...rithmeticOnNonArrayObjectPointers.expected | 10 ++-- ...rSubtractAScaledIntegerToAPointer.expected | 8 ++-- .../CleanUpThreadSpecificStorage.expected | 12 ++--- ...riateThreadObjectStorageDurations.expected | 26 +++++----- ...ectStorageDurationsNotInitialized.expected | 10 ++-- ...ateStorageDurationsFunctionReturn.expected | 10 ++-- .../ERR30-C/ErrnoReadBeforeReturn.expected | 2 +- .../ERR30-C/SetlocaleMightSetErrno.expected | 2 +- ...tRelyOnIndeterminateValuesOfErrno.expected | 8 ++-- ...ectAndHandleStandardLibraryErrors.expected | 2 +- ...OfFunctionArgumentsForSideEffects.expected | 48 +++++++++---------- ...rToMoreStrictlyAlignedPointerType.expected | 20 ++++---- ...nctionPointerWithIncompatibleType.expected | 8 ++-- ...iableViaPointerOfIncompatibleType.expected | 14 +++--- .../DoNotModifyConstantObjects.expected | 8 ++-- ...ointerReferencesOverlappingObject.expected | 14 +++--- ...esetStringsOnFgetsOrFgetwsFailure.expected | 6 +-- ...FsetposThatAreReturnedFromFgetpos.expected | 10 ++-- ...RaceConditionsWhileAccessingFiles.expected | 2 +- ...ufficientMemoryAllocatedForObject.expected | 4 +- ...odifyAlignmentOfMemoryWithRealloc.expected | 10 ++-- ...ssInvalidDataToTheAsctimeFunction.expected | 8 ++-- ...VaListThatHasAnIndeterminateValue.expected | 14 +++--- ...SafeFunctionsWithinSignalHandlers.expected | 6 +-- ...romAComputationalExceptionHandler.expected | 2 +- ...oNotAttemptToModifyStringLiterals.expected | 26 +++++----- ...fficientSpaceForTheNullTerminator.expected | 12 ++--- ...natedToFunctionThatExpectsAString.expected | 20 ++++---- ...cCppLibraryFunctionsDoNotOverflow.expected | 18 +++---- .../CTR53-CPP/UseValidIteratorRanges.expected | 12 ++--- ...UseAnAdditiveOperatorOnAnIterator.expected | 18 +++---- ...terArithmeticOnPolymorphicObjects.expected | 8 ++-- ...nFunctionCallsAsFunctionArguments.expected | 48 +++++++++---------- ...ThroughAPointerOfTheIncorrectType.expected | 8 ++-- ...ctAndHandleMemoryAllocationErrors.expected | 14 +++--- .../BadlySeededRandomNumberGenerator.expected | 2 +- 37 files changed, 227 insertions(+), 227 deletions(-) diff --git a/c/cert/test/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.expected b/c/cert/test/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.expected index 083e7dfb87..0b400c5256 100644 --- a/c/cert/test/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.expected +++ b/c/cert/test/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.expected @@ -1,5 +1,5 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (VariableLengthArraySizeNotInValidRange.ql:104,11-19) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (VariableLengthArraySizeNotInValidRange.ql:87,5-18) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (VariableLengthArraySizeNotInValidRange.ql:109,11-19) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (VariableLengthArraySizeNotInValidRange.ql:92,5-18) | test.c:14:8:14:8 | VLA declaration | Variable-length array dimension size may be in an invalid range. | | test.c:15:8:15:8 | VLA declaration | Variable-length array dimension size may be in an invalid range. | | test.c:16:8:16:8 | VLA declaration | Variable-length array dimension size may be in an invalid range. | diff --git a/c/cert/test/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.expected b/c/cert/test/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.expected index ca4ef2a7a0..fb0074e0e6 100644 --- a/c/cert/test/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.expected +++ b/c/cert/test/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.expected @@ -1,8 +1,8 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:23,60-68) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:24,22-30) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:36,20-28) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:44,26-34) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:65,3-11) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:28,60-68) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:29,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:41,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:49,26-34) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:70,3-11) edges | test.c:14:38:14:39 | p1 | test.c:18:10:18:11 | v1 | provenance | | | test.c:14:38:14:39 | p1 | test.c:19:10:19:11 | v2 | provenance | | diff --git a/c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected b/c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected index d343811aaf..0a6471deac 100644 --- a/c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected +++ b/c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected @@ -1,7 +1,7 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAddOrSubtractAScaledIntegerToAPointer.ql:72,56-64) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAddOrSubtractAScaledIntegerToAPointer.ql:73,22-30) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAddOrSubtractAScaledIntegerToAPointer.ql:75,20-28) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAddOrSubtractAScaledIntegerToAPointer.ql:84,45-53) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAddOrSubtractAScaledIntegerToAPointer.ql:77,56-64) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAddOrSubtractAScaledIntegerToAPointer.ql:78,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAddOrSubtractAScaledIntegerToAPointer.ql:80,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAddOrSubtractAScaledIntegerToAPointer.ql:89,45-53) edges | test.c:7:13:7:14 | p1 | test.c:9:9:9:10 | p1 | provenance | | | test.c:16:19:16:41 | ... - ... | test.c:18:26:18:31 | offset | provenance | | diff --git a/c/cert/test/rules/CON30-C/CleanUpThreadSpecificStorage.expected b/c/cert/test/rules/CON30-C/CleanUpThreadSpecificStorage.expected index 047ed12e8e..f3ea87136a 100644 --- a/c/cert/test/rules/CON30-C/CleanUpThreadSpecificStorage.expected +++ b/c/cert/test/rules/CON30-C/CleanUpThreadSpecificStorage.expected @@ -1,9 +1,9 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:20,46-54) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:21,22-30) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:30,20-28) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:40,35-43) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:48,36-44) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:50,36-44) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:25,46-54) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:26,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:35,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:45,35-43) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:53,36-44) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:55,36-44) | test.c:27:3:27:12 | call to tss_create | Resources used by thread specific storage may not be cleaned up. | | test.c:49:3:49:12 | call to tss_create | Resources used by thread specific storage may not be cleaned up. | | test.c:71:3:71:12 | call to tss_create | Resources used by thread specific storage may not be cleaned up. | diff --git a/c/cert/test/rules/CON34-C/AppropriateThreadObjectStorageDurations.expected b/c/cert/test/rules/CON34-C/AppropriateThreadObjectStorageDurations.expected index 503a01bdad..2cd844f81b 100644 --- a/c/cert/test/rules/CON34-C/AppropriateThreadObjectStorageDurations.expected +++ b/c/cert/test/rules/CON34-C/AppropriateThreadObjectStorageDurations.expected @@ -1,16 +1,16 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:30,14-22) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:32,22-30) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:34,22-30) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:37,45-53) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:47,33-41) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:47,58-66) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:48,42-50) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:51,9-17) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:51,34-42) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:52,9-17) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:52,34-42) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:37,9-22) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:47,7-20) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:35,14-22) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:37,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:39,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:42,45-53) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:52,33-41) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:52,58-66) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:53,42-50) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:56,9-17) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:56,34-42) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:57,9-17) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:57,34-42) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:42,9-22) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:52,7-20) | test.c:23:3:23:13 | call to thrd_create | $@ not declared with appropriate storage duration | test.c:23:24:23:29 | & ... | Shared object | | test.c:74:3:74:13 | call to thrd_create | $@ not declared with appropriate storage duration | test.c:74:24:74:24 | p | Shared object | | test.c:85:3:85:13 | call to thrd_create | $@ not declared with appropriate storage duration | test.c:85:24:85:24 | p | Shared object | diff --git a/c/cert/test/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.expected b/c/cert/test/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.expected index f8e86fbb51..b2ac853fbf 100644 --- a/c/cert/test/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.expected +++ b/c/cert/test/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.expected @@ -1,6 +1,6 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (ThreadObjectStorageDurationsNotInitialized.ql:27,38-46) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (ThreadObjectStorageDurationsNotInitialized.ql:30,5-13) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (ThreadObjectStorageDurationsNotInitialized.ql:30,30-38) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (ThreadObjectStorageDurationsNotInitialized.ql:31,5-13) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (ThreadObjectStorageDurationsNotInitialized.ql:31,30-38) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ThreadObjectStorageDurationsNotInitialized.ql:32,38-46) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ThreadObjectStorageDurationsNotInitialized.ql:35,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ThreadObjectStorageDurationsNotInitialized.ql:35,30-38) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ThreadObjectStorageDurationsNotInitialized.ql:36,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ThreadObjectStorageDurationsNotInitialized.ql:36,30-38) | test.c:14:7:14:13 | call to tss_get | Call to a thread specific storage function from within a threaded context on an object that may not be owned by this thread. | diff --git a/c/cert/test/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.expected b/c/cert/test/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.expected index f60689dbb1..a4359d7000 100644 --- a/c/cert/test/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.expected +++ b/c/cert/test/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.expected @@ -1,7 +1,7 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateStorageDurationsFunctionReturn.ql:28,20-28) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateStorageDurationsFunctionReturn.ql:32,31-39) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateStorageDurationsFunctionReturn.ql:45,6-14) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateStorageDurationsFunctionReturn.ql:45,26-34) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateStorageDurationsFunctionReturn.ql:51,3-11) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateStorageDurationsFunctionReturn.ql:33,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateStorageDurationsFunctionReturn.ql:37,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateStorageDurationsFunctionReturn.ql:50,6-14) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateStorageDurationsFunctionReturn.ql:50,26-34) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateStorageDurationsFunctionReturn.ql:56,3-11) | test.c:3:10:3:10 | a | $@ with automatic storage may be accessible outside of its lifetime. | test.c:3:10:3:10 | a | a | | test.c:15:4:15:8 | param [inner post update] | $@ with automatic storage may be accessible outside of its lifetime. | test.c:15:12:15:13 | a2 | a2 | diff --git a/c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.expected b/c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.expected index e925901b47..125f55118b 100644 --- a/c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.expected +++ b/c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.expected @@ -1,4 +1,4 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (ErrnoReadBeforeReturn.ql:41,7-15) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ErrnoReadBeforeReturn.ql:46,7-15) | test.c:69:7:69:11 | * ... | Do not read `errno` before checking the return value of function $@. | test.c:68:3:68:7 | call to ftell | call to ftell | | test.c:69:7:69:11 | call to __errno_location | Do not read `errno` before checking the return value of function $@. | test.c:68:3:68:7 | call to ftell | call to ftell | | test.c:70:5:70:10 | call to perror | Do not read `errno` before checking the return value of function $@. | test.c:68:3:68:7 | call to ftell | call to ftell | diff --git a/c/cert/test/rules/ERR30-C/SetlocaleMightSetErrno.expected b/c/cert/test/rules/ERR30-C/SetlocaleMightSetErrno.expected index 489bfc6bb0..20a7ff60b1 100644 --- a/c/cert/test/rules/ERR30-C/SetlocaleMightSetErrno.expected +++ b/c/cert/test/rules/ERR30-C/SetlocaleMightSetErrno.expected @@ -1,3 +1,3 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (SetlocaleMightSetErrno.ql:65,7-15) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (SetlocaleMightSetErrno.ql:70,7-15) | test.c:98:3:98:11 | call to setlocale | Do not read `errno` before checking the return value of a call to `setlocale`. | | test.c:104:7:104:15 | call to setlocale | The value of `errno` may be different than `0` when `setlocale` is called. The following `errno` check might be invalid. | diff --git a/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected b/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected index a90dd6b7f5..1f313cb90d 100644 --- a/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected +++ b/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected @@ -1,7 +1,7 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotRelyOnIndeterminateValuesOfErrno.ql:50,7-15) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotRelyOnIndeterminateValuesOfErrno.ql:50,27-35) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotRelyOnIndeterminateValuesOfErrno.ql:51,9-17) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotRelyOnIndeterminateValuesOfErrno.ql:54,9-17) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotRelyOnIndeterminateValuesOfErrno.ql:55,7-15) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotRelyOnIndeterminateValuesOfErrno.ql:55,27-35) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotRelyOnIndeterminateValuesOfErrno.ql:56,9-17) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotRelyOnIndeterminateValuesOfErrno.ql:59,9-17) | test.c:12:5:12:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:10:21:10:26 | call to signal | call to signal | | test.c:30:5:30:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:26:21:26:26 | call to signal | call to signal | | test.c:49:5:49:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:45:21:45:26 | call to signal | call to signal | diff --git a/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected b/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected index 030596976e..b13f34522c 100644 --- a/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected +++ b/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected @@ -1,4 +1,4 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DetectAndHandleStandardLibraryErrors.ql:453,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DetectAndHandleStandardLibraryErrors.ql:458,5-13) | test.c:18:3:18:11 | call to setlocale | Missing error detection for the call to function `setlocale`. | | test.c:24:23:24:31 | call to setlocale | Missing error detection for the call to function `setlocale`. | | test.c:29:22:29:27 | call to calloc | Missing error detection for the call to function `calloc`. | diff --git a/c/cert/test/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.expected b/c/cert/test/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.expected index ec791fe3e4..034f7e9366 100644 --- a/c/cert/test/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.expected +++ b/c/cert/test/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.expected @@ -1,25 +1,25 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:23,31-39) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:23,59-67) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:26,33-41) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:26,57-65) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:30,33-41) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:30,59-67) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:39,5-13) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:39,25-33) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:39,53-61) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:42,31-39) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:42,57-65) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:51,31-39) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:51,55-63) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:58,31-39) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:58,57-65) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:70,31-39) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:70,55-63) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:23,5-18) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:26,7-20) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:30,7-20) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:42,5-18) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:51,5-18) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:58,5-18) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:70,5-18) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:28,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:28,59-67) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:31,33-41) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:31,57-65) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:35,33-41) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:35,59-67) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:44,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:44,25-33) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:44,53-61) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:47,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:47,57-65) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:56,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:56,55-63) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:63,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:63,57-65) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:75,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:75,55-63) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:28,5-18) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:31,7-20) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:35,7-20) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:47,5-18) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:56,5-18) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:63,5-18) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:75,5-18) | test.c:20:3:20:4 | call to f1 | Depending on the order of evaluation for the arguments $@ and $@ for side effects on shared state is unspecified and can result in unexpected behavior. | test.c:20:6:20:7 | call to f2 | call to f2 | test.c:20:12:20:13 | call to f3 | call to f3 | diff --git a/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected b/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected index eed9fb4585..eb7642ae28 100644 --- a/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected +++ b/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected @@ -1,13 +1,13 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:98,86-94) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:120,3-11) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:122,22-30) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:127,20-28) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:133,3-11) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:139,55-63) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:140,22-30) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:142,20-28) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:149,26-34) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:164,44-52) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:103,86-94) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:125,3-11) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:127,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:132,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:138,3-11) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:144,55-63) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:145,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:147,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:154,26-34) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:169,44-52) edges | test.c:75:14:75:16 | & ... | test.c:76:11:76:12 | v1 | provenance | | | test.c:75:14:75:16 | & ... | test.c:77:12:77:13 | v1 | provenance | | diff --git a/c/cert/test/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.expected b/c/cert/test/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.expected index 229bd74165..8daaf8361a 100644 --- a/c/cert/test/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.expected +++ b/c/cert/test/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.expected @@ -1,7 +1,7 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallFunctionPointerWithIncompatibleType.ql:40,54-62) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallFunctionPointerWithIncompatibleType.ql:41,22-30) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallFunctionPointerWithIncompatibleType.ql:45,20-28) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallFunctionPointerWithIncompatibleType.ql:50,43-51) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallFunctionPointerWithIncompatibleType.ql:45,54-62) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallFunctionPointerWithIncompatibleType.ql:46,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallFunctionPointerWithIncompatibleType.ql:50,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallFunctionPointerWithIncompatibleType.ql:55,43-51) edges | test.c:48:68:48:70 | fns [f1] | test.c:49:3:49:5 | fns [f1] | provenance | | | test.c:49:3:49:5 | fns [f1] | test.c:49:8:49:9 | f1 | provenance | | diff --git a/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected b/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected index 9f0880455f..381e409d2a 100644 --- a/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected +++ b/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected @@ -1,10 +1,10 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:61,38-46) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:64,22-30) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:69,20-28) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:102,23-31) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:111,5-13) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:111,45-53) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:133,27-35) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:66,38-46) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:69,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:74,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:107,23-31) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:116,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:116,45-53) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:138,27-35) edges | test.c:49:8:49:9 | s3 | test.c:50:8:50:9 | s1 | provenance | | | test.c:60:16:60:18 | E1A | test.c:61:16:61:17 | e1 | provenance | | diff --git a/c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.expected b/c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.expected index 6dd4ec261a..2ac874e770 100644 --- a/c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.expected +++ b/c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.expected @@ -1,7 +1,7 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotModifyConstantObjects.ql:35,30-38) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotModifyConstantObjects.ql:36,22-30) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotModifyConstantObjects.ql:42,20-28) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotModifyConstantObjects.ql:47,19-27) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotModifyConstantObjects.ql:40,30-38) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotModifyConstantObjects.ql:41,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotModifyConstantObjects.ql:47,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotModifyConstantObjects.ql:52,19-27) edges | test.c:5:8:5:9 | & ... | test.c:6:4:6:5 | aa | provenance | | | test.c:26:15:26:15 | a | test.c:27:4:27:4 | a | provenance | | diff --git a/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected b/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected index b9765e77fb..40009edc03 100644 --- a/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected +++ b/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected @@ -1,10 +1,10 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:42,57-65) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:43,22-30) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:47,20-28) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:53,3-11) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:56,58-66) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:72,64-72) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:73,64-72) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:47,57-65) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:48,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:52,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:58,3-11) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:61,58-66) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:77,64-72) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:78,64-72) | test.c:18:22:18:23 | i2 | Assignment to restrict-qualified pointer $@ results in pointers aliasing $@. | test.c:18:17:18:18 | i3 | i3 | test.c:18:22:18:23 | i2 | the object pointed to by i2 | | test.c:19:8:19:9 | g2 | Assignment to restrict-qualified pointer $@ results in pointers aliasing $@. | test.c:5:15:5:16 | g1 | g1 | test.c:19:8:19:9 | g2 | the object pointed to by g2 | | test.c:20:8:20:9 | i2 | Assignment to restrict-qualified pointer $@ results in pointers aliasing $@. | test.c:16:17:16:18 | i1 | i1 | test.c:20:8:20:9 | i2 | the object pointed to by i2 | diff --git a/c/cert/test/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.expected b/c/cert/test/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.expected index 669dd829c8..7d3cbe355b 100644 --- a/c/cert/test/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.expected +++ b/c/cert/test/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.expected @@ -1,6 +1,6 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (ResetStringsOnFgetsOrFgetwsFailure.ql:42,11-19) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (ResetStringsOnFgetsOrFgetwsFailure.ql:42,31-39) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (ResetStringsOnFgetsOrFgetwsFailure.ql:43,13-21) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ResetStringsOnFgetsOrFgetwsFailure.ql:47,11-19) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ResetStringsOnFgetsOrFgetwsFailure.ql:47,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ResetStringsOnFgetsOrFgetwsFailure.ql:48,13-21) | test.c:20:10:20:12 | buf | The buffer is not reset before being referenced following a failed $@. | test.c:15:7:15:11 | call to fgets | call to fgets | | test.c:57:10:57:12 | buf | The buffer is not reset before being referenced following a failed $@. | test.c:52:7:52:11 | call to fgets | call to fgets | | test.c:66:18:66:20 | buf | The buffer is not reset before being referenced following a failed $@. | test.c:61:7:61:11 | call to fgets | call to fgets | diff --git a/c/cert/test/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.expected b/c/cert/test/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.expected index 5bff6016e4..ec05727161 100644 --- a/c/cert/test/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.expected +++ b/c/cert/test/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.expected @@ -1,7 +1,7 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:25,32-40) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:26,22-30) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:28,14-22) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:31,20-28) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:37,21-29) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:30,32-40) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:31,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:33,14-22) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:36,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:42,21-29) | test.c:7:24:7:30 | & ... | The position argument of a call to `fsetpos()` should be obtained from a call to `fgetpos()`. | | test.c:33:24:33:30 | & ... | The position argument of a call to `fsetpos()` should be obtained from a call to `fgetpos()`. | diff --git a/c/cert/test/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.expected b/c/cert/test/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.expected index 71df14e907..a211aa4002 100644 --- a/c/cert/test/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.expected +++ b/c/cert/test/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.expected @@ -1,3 +1,3 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (ToctouRaceConditionsWhileAccessingFiles.ql:27,35-43) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ToctouRaceConditionsWhileAccessingFiles.ql:32,35-43) | test.c:4:13:4:17 | call to fopen | This call is trying to prevent an existing file from being overwritten by $@. An attacker might be able to exploit the race window between the two calls. | test.c:11:9:11:13 | call to fopen | another call | | test.c:88:13:88:17 | call to fopen | This call is trying to prevent an existing file from being overwritten by $@. An attacker might be able to exploit the race window between the two calls. | test.c:95:9:95:13 | call to fopen | another call | diff --git a/c/cert/test/rules/MEM35-C/InsufficientMemoryAllocatedForObject.expected b/c/cert/test/rules/MEM35-C/InsufficientMemoryAllocatedForObject.expected index 6bfbbefc14..86bdeedf5f 100644 --- a/c/cert/test/rules/MEM35-C/InsufficientMemoryAllocatedForObject.expected +++ b/c/cert/test/rules/MEM35-C/InsufficientMemoryAllocatedForObject.expected @@ -1,5 +1,5 @@ -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (InsufficientMemoryAllocatedForObject.ql:85,5-18) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (InsufficientMemoryAllocatedForObject.ql:143,5-18) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (InsufficientMemoryAllocatedForObject.ql:90,5-18) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (InsufficientMemoryAllocatedForObject.ql:148,5-18) | test.c:12:19:12:24 | call to malloc | Allocation size (32 bytes) is not a multiple of the size of 'S1' (36 bytes). | test.c:12:26:12:32 | 32 | | | test.c:15:19:15:24 | call to malloc | Allocation size calculated from the size of a different type ($@). | test.c:15:26:15:35 | sizeof() | sizeof(S1 *) | | test.c:20:19:20:24 | call to malloc | Allocation size (128 bytes) is not a multiple of the size of 'S1' (36 bytes). | test.c:20:26:20:36 | ... * ... | | diff --git a/c/cert/test/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.expected b/c/cert/test/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.expected index 2f5889c4c6..587ae786d1 100644 --- a/c/cert/test/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.expected +++ b/c/cert/test/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.expected @@ -1,8 +1,8 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotModifyAlignmentOfMemoryWithRealloc.ql:26,36-44) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotModifyAlignmentOfMemoryWithRealloc.ql:40,47-55) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotModifyAlignmentOfMemoryWithRealloc.ql:41,22-30) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotModifyAlignmentOfMemoryWithRealloc.ql:45,20-28) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotModifyAlignmentOfMemoryWithRealloc.ql:50,36-44) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotModifyAlignmentOfMemoryWithRealloc.ql:31,36-44) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotModifyAlignmentOfMemoryWithRealloc.ql:45,47-55) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotModifyAlignmentOfMemoryWithRealloc.ql:46,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotModifyAlignmentOfMemoryWithRealloc.ql:50,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotModifyAlignmentOfMemoryWithRealloc.ql:55,36-44) edges | test.c:5:10:5:22 | call to aligned_alloc | test.c:15:8:15:28 | call to aligned_alloc_wrapper | provenance | | | test.c:8:29:8:31 | ptr | test.c:8:64:8:66 | ptr | provenance | | diff --git a/c/cert/test/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.expected b/c/cert/test/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.expected index 853d999d4e..7ebeb7a8c1 100644 --- a/c/cert/test/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.expected +++ b/c/cert/test/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.expected @@ -1,5 +1,5 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotPassInvalidDataToTheAsctimeFunction.ql:33,38-46) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotPassInvalidDataToTheAsctimeFunction.ql:34,22-30) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotPassInvalidDataToTheAsctimeFunction.ql:41,20-28) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotPassInvalidDataToTheAsctimeFunction.ql:44,27-35) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotPassInvalidDataToTheAsctimeFunction.ql:38,38-46) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotPassInvalidDataToTheAsctimeFunction.ql:39,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotPassInvalidDataToTheAsctimeFunction.ql:46,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotPassInvalidDataToTheAsctimeFunction.ql:49,27-35) | test.c:6:24:6:30 | time_tm | The function `asctime` and `asctime_r` should be discouraged. Unsanitized input can overflow the output buffer. | diff --git a/c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.expected b/c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.expected index 4eaa05b179..4e14eb2873 100644 --- a/c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.expected +++ b/c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.expected @@ -1,10 +1,10 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:38,31-39) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:39,22-30) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:44,20-28) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:47,20-28) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:68,10-18) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:69,29-37) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:70,29-37) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:43,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:44,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:49,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:52,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:73,10-18) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:74,29-37) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:75,29-37) | test.c:23:32:23:33 | ap | The value of ap is indeterminate after the $@. | test.c:17:7:17:19 | call to contains_zero | call to contains_zero | | test.c:26:10:26:11 | ap | The value of ap is indeterminate after the $@. | test.c:17:7:17:19 | call to contains_zero | call to contains_zero | | test.c:39:12:39:13 | ap | The value of ap is indeterminate after the $@. | test.c:35:7:35:19 | call to contains_zero | call to contains_zero | diff --git a/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected b/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected index 6190259408..4898448814 100644 --- a/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected +++ b/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected @@ -1,6 +1,6 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql:105,11-19) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql:105,31-39) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql:106,9-17) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql:110,11-19) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql:110,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql:111,9-17) | test.c:10:3:10:18 | call to log_local_unsafe | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:16:7:16:12 | call to signal | signal handler | | test.c:11:3:11:6 | call to free | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:16:7:16:12 | call to signal | signal handler | | test.c:46:3:46:9 | call to longjmp | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:50:7:50:12 | call to signal | signal handler | diff --git a/c/cert/test/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.expected b/c/cert/test/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.expected index e861e90e9e..fb78049d25 100644 --- a/c/cert/test/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.expected +++ b/c/cert/test/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.expected @@ -1,2 +1,2 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotReturnFromAComputationalExceptionHandler.ql:39,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotReturnFromAComputationalExceptionHandler.ql:44,5-13) | test.c:10:1:10:1 | return ... | Do not return from a $@ signal handler. | test.c:13:10:13:15 | SIGFPE | computational exception | diff --git a/c/cert/test/rules/STR30-C/DoNotAttemptToModifyStringLiterals.expected b/c/cert/test/rules/STR30-C/DoNotAttemptToModifyStringLiterals.expected index 2a45193a17..d95b48e1c3 100644 --- a/c/cert/test/rules/STR30-C/DoNotAttemptToModifyStringLiterals.expected +++ b/c/cert/test/rules/STR30-C/DoNotAttemptToModifyStringLiterals.expected @@ -1,18 +1,18 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:42,65-73) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:43,22-30) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:64,20-28) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:77,3-11) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:101,11-19) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:101,31-39) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:101,55-63) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:47,65-73) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:48,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:69,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:82,3-11) WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:106,11-19) WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:106,31-39) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:106,57-65) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:139,11-19) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:139,31-39) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:139,55-63) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:150,53-61) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:151,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:106,55-63) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:111,11-19) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:111,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:111,57-65) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:144,11-19) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:144,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:144,55-63) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:155,53-61) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:156,5-13) | test.c:7:3:7:3 | a | This operation may write to a string that may be a string literal that was $@. | test.c:6:13:6:20 | codeql | created here | | test.c:30:3:30:3 | a | This operation may write to a string that may be a string literal that was $@. | test.c:29:13:29:18 | call to strchr | created here | | test.c:36:3:36:3 | b | This operation may write to a string that may be a string literal that was $@. | test.c:35:13:35:18 | call to strchr | created here | diff --git a/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.expected b/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.expected index 9012a2d78a..9a87a6775b 100644 --- a/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.expected +++ b/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.expected @@ -1,9 +1,9 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (StringsHasSufficientSpaceForTheNullTerminator.ql:57,31-39) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (StringsHasSufficientSpaceForTheNullTerminator.ql:57,55-63) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (StringsHasSufficientSpaceForTheNullTerminator.ql:63,31-39) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (StringsHasSufficientSpaceForTheNullTerminator.ql:63,54-62) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (StringsHasSufficientSpaceForTheNullTerminator.ql:57,5-18) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (StringsHasSufficientSpaceForTheNullTerminator.ql:63,5-18) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (StringsHasSufficientSpaceForTheNullTerminator.ql:62,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (StringsHasSufficientSpaceForTheNullTerminator.ql:62,55-63) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (StringsHasSufficientSpaceForTheNullTerminator.ql:68,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (StringsHasSufficientSpaceForTheNullTerminator.ql:68,54-62) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (StringsHasSufficientSpaceForTheNullTerminator.ql:62,5-18) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (StringsHasSufficientSpaceForTheNullTerminator.ql:68,5-18) | test.c:10:20:10:24 | Cod | Expression produces or consumes a string that may not have sufficient space for a null-terminator. | | test.c:16:3:16:9 | call to strncpy | Expression produces or consumes a string that may not have sufficient space for a null-terminator. | | test.c:26:3:26:10 | call to snprintf | Expression produces or consumes a string that may not have sufficient space for a null-terminator. | diff --git a/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected b/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected index da86e69b88..f537cc72ac 100644 --- a/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected +++ b/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected @@ -1,13 +1,13 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:64,31-39) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:66,20-28) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:74,39-47) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:75,20-28) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:81,22-30) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:83,34-42) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:83,57-65) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:123,3-11) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:123,26-34) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:120,17-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:69,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:71,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:79,39-47) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:80,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:86,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:88,34-42) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:88,57-65) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:128,3-11) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:128,26-34) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:125,17-30) | test.c:20:3:20:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:8:20:8:24 | Cod | this expression | | test.c:21:3:21:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:8:20:8:24 | Cod | this expression | | test.c:23:3:23:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:14:3:14:9 | call to strncpy | this expression | diff --git a/cpp/cert/test/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.expected b/cpp/cert/test/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.expected index 209d81ba8b..6be9fd55cc 100644 --- a/cpp/cert/test/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.expected +++ b/cpp/cert/test/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.expected @@ -1,12 +1,12 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:88,7-15) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:88,27-35) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:89,9-17) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:93,9-17) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:93,29-37) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:94,11-19) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:104,35-43) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:105,11-19) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:104,9-22) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:93,7-15) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:93,27-35) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:94,9-17) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:98,9-17) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:98,29-37) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:99,11-19) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:109,35-43) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:110,11-19) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:109,9-22) | test.cpp:8:42:8:46 | call to begin | Output iterator for $@ is not guaranteed to be large enough for the input iterator. | test.cpp:8:3:8:11 | call to copy | call to copy | | test.cpp:17:42:17:46 | call to begin | Output iterator for $@ is not guaranteed to be large enough for the input iterator. | test.cpp:17:3:17:11 | call to copy | call to copy | | test.cpp:55:42:55:46 | call to begin | Output iterator for $@ is not guaranteed to be large enough for the input iterator. | test.cpp:55:3:55:11 | call to copy | call to copy | diff --git a/cpp/cert/test/rules/CTR53-CPP/UseValidIteratorRanges.expected b/cpp/cert/test/rules/CTR53-CPP/UseValidIteratorRanges.expected index b5c36727f5..1953314c2f 100644 --- a/cpp/cert/test/rules/CTR53-CPP/UseValidIteratorRanges.expected +++ b/cpp/cert/test/rules/CTR53-CPP/UseValidIteratorRanges.expected @@ -1,9 +1,9 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (UseValidIteratorRanges.ql:23,5-13) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (UseValidIteratorRanges.ql:23,25-33) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (UseValidIteratorRanges.ql:24,7-15) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (UseValidIteratorRanges.ql:30,5-13) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (UseValidIteratorRanges.ql:30,25-33) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (UseValidIteratorRanges.ql:31,7-15) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (UseValidIteratorRanges.ql:28,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (UseValidIteratorRanges.ql:28,25-33) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (UseValidIteratorRanges.ql:29,7-15) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (UseValidIteratorRanges.ql:35,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (UseValidIteratorRanges.ql:35,25-33) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (UseValidIteratorRanges.ql:36,7-15) | test.cpp:7:3:7:15 | call to for_each | The $@ of iterator range function does not point to the end of an iterator. | test.cpp:7:28:7:32 | call to begin | argument | | test.cpp:7:3:7:15 | call to for_each | The $@ of iterator range function does not point to the start of an iterator. | test.cpp:7:19:7:21 | call to end | argument | | test.cpp:8:3:8:15 | call to for_each | The $@ of iterator range function does not point to the end of an iterator. | test.cpp:8:30:8:34 | call to begin | argument | diff --git a/cpp/cert/test/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.expected b/cpp/cert/test/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.expected index 0ba2fad433..48da16d208 100644 --- a/cpp/cert/test/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.expected +++ b/cpp/cert/test/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.expected @@ -1,12 +1,12 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:38,5-13) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:38,25-33) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:38,51-59) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:39,5-13) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:39,25-33) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:39,52-60) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:74,5-13) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:74,25-33) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:75,7-15) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:43,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:43,25-33) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:43,51-59) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:44,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:44,25-33) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:44,52-60) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:79,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:79,25-33) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:80,7-15) | test.cpp:8:7:8:7 | i | Increment of iterator may overflow since its bounds are not checked. | | test.cpp:9:9:9:9 | i | Increment of iterator may overflow since its bounds are not checked. | | test.cpp:10:9:10:9 | i | Increment of iterator may overflow since its bounds are not checked. | diff --git a/cpp/cert/test/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.expected b/cpp/cert/test/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.expected index 59caaa22d8..51ef13412c 100644 --- a/cpp/cert/test/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.expected +++ b/cpp/cert/test/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.expected @@ -1,7 +1,7 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnPolymorphicObjects.ql:41,62-70) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnPolymorphicObjects.ql:42,22-30) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnPolymorphicObjects.ql:51,20-28) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnPolymorphicObjects.ql:57,3-11) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnPolymorphicObjects.ql:46,62-70) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnPolymorphicObjects.ql:47,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnPolymorphicObjects.ql:56,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnPolymorphicObjects.ql:62,3-11) edges | test.cpp:15:19:15:21 | foo | test.cpp:16:24:16:26 | foo | provenance | | | test.cpp:15:19:15:21 | foo | test.cpp:16:51:16:53 | foo | provenance | | diff --git a/cpp/cert/test/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.expected b/cpp/cert/test/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.expected index 00f1a6ba03..08d46a7bbd 100644 --- a/cpp/cert/test/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.expected +++ b/cpp/cert/test/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.expected @@ -1,27 +1,27 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:24,31-39) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:24,59-67) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:27,33-41) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:27,57-65) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:31,33-41) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:31,59-67) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:40,5-13) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:40,25-33) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:40,53-61) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:43,31-39) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:43,57-65) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:52,31-39) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:52,55-63) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:59,31-39) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:59,57-65) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:71,31-39) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:71,55-63) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:24,5-18) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:27,7-20) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:31,7-20) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:43,5-18) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:52,5-18) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:59,5-18) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:71,5-18) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:29,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:29,59-67) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:32,33-41) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:32,57-65) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:36,33-41) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:36,59-67) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:45,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:45,25-33) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:45,53-61) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:48,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:48,57-65) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:57,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:57,55-63) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:64,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:64,57-65) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:76,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:76,55-63) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:29,5-18) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:32,7-20) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:36,7-20) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:48,5-18) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:57,5-18) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:64,5-18) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:76,5-18) | test.cpp:82:3:82:4 | call to f2 | Depending on the order of evaluation for the arguments $@ and $@ for side effects on shared state is unspecified and can result in unexpected behavior. | test.cpp:82:6:82:7 | call to f5 | call to f5 | test.cpp:82:12:82:13 | call to f6 | call to f6 | | test.cpp:84:3:84:4 | call to f2 | Depending on the order of evaluation for the arguments $@ and $@ for side effects on shared state is unspecified and can result in unexpected behavior. | test.cpp:84:6:84:7 | call to f5 | call to f5 | test.cpp:84:12:84:13 | call to f7 | call to f7 | | test.cpp:87:3:87:4 | call to f2 | Depending on the order of evaluation for the arguments $@ and $@ for side effects on shared state is unspecified and can result in unexpected behavior. | test.cpp:87:9:87:10 | call to m1 | call to m1 | test.cpp:87:18:87:19 | call to m1 | call to m1 | diff --git a/cpp/cert/test/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.expected b/cpp/cert/test/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.expected index c271269ab8..8b7a4902cc 100644 --- a/cpp/cert/test/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.expected +++ b/cpp/cert/test/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.expected @@ -1,7 +1,7 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:19,44-52) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:20,22-30) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:22,20-28) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:27,33-41) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:24,44-52) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:25,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:27,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:32,33-41) edges | test.cpp:6:19:6:37 | new[] | test.cpp:9:12:9:13 | l1 | provenance | | | test.cpp:7:22:7:40 | new[] | test.cpp:10:12:10:13 | l2 | provenance | | diff --git a/cpp/cert/test/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.expected b/cpp/cert/test/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.expected index b7b4891776..41fa58045f 100644 --- a/cpp/cert/test/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.expected +++ b/cpp/cert/test/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.expected @@ -1,9 +1,9 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DetectAndHandleMemoryAllocationErrors.ql:59,5-13) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DetectAndHandleMemoryAllocationErrors.ql:61,36-44) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DetectAndHandleMemoryAllocationErrors.ql:77,46-54) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DetectAndHandleMemoryAllocationErrors.ql:78,22-30) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DetectAndHandleMemoryAllocationErrors.ql:82,20-28) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DetectAndHandleMemoryAllocationErrors.ql:85,35-43) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DetectAndHandleMemoryAllocationErrors.ql:90,38-46) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DetectAndHandleMemoryAllocationErrors.ql:64,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DetectAndHandleMemoryAllocationErrors.ql:66,36-44) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DetectAndHandleMemoryAllocationErrors.ql:82,46-54) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DetectAndHandleMemoryAllocationErrors.ql:83,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DetectAndHandleMemoryAllocationErrors.ql:87,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DetectAndHandleMemoryAllocationErrors.ql:90,35-43) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DetectAndHandleMemoryAllocationErrors.ql:95,38-46) | test.cpp:24:7:24:34 | new | nothrow new allocation of $@ returns here without a subsequent check to see whether the pointer is valid. | test.cpp:24:7:24:34 | new | StructA * | | test.cpp:40:17:40:38 | call to allocate_without_check | nothrow new allocation of $@ returns here without a subsequent check to see whether the pointer is valid. | test.cpp:35:17:35:44 | new | StructA * | diff --git a/cpp/cert/test/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.expected b/cpp/cert/test/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.expected index 3743c3d414..606ccbff2b 100644 --- a/cpp/cert/test/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.expected +++ b/cpp/cert/test/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.expected @@ -1,4 +1,4 @@ -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (BadlySeededRandomNumberGenerator.ql:37,7-20) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (BadlySeededRandomNumberGenerator.ql:42,7-20) | test.cpp:9:33:9:33 | call to linear_congruential_engine | Random number generator linear_congruential_engine is default-initialized and is therefore not properly seeded. | | test.cpp:10:30:10:31 | call to linear_congruential_engine | Random number generator linear_congruential_engine is default-initialized and is therefore not properly seeded. | | test.cpp:11:21:11:22 | call to linear_congruential_engine | Random number generator linear_congruential_engine is default-initialized and is therefore not properly seeded. | From f7c77cb9749547ee38201774d1bacb935621e72d Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 6 May 2025 06:52:46 -0400 Subject: [PATCH 2531/2573] Update rule package schema for new allowed tags --- schemas/rule-package.schema.json | 24 +++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) diff --git a/schemas/rule-package.schema.json b/schemas/rule-package.schema.json index f8c3f028e3..fff79fede0 100644 --- a/schemas/rule-package.schema.json +++ b/schemas/rule-package.schema.json @@ -348,7 +348,29 @@ "external/misra/c/2012/amendment2", "external/misra/c/2012/amendment3", "external/misra/c/2012/amendment4", - "external/misra/c/strict" + "external/misra/c/strict", + "external/cert/severity/low", + "external/cert/severity/medium", + "external/cert/severity/high", + "external/cert/likelihood/unlikely", + "external/cert/likelihood/probable", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/low", + "external/cert/remediation-cost/medium", + "external/cert/remediation-cost/high", + "external/cert/priority/p1", + "external/cert/priority/p2", + "external/cert/priority/p3", + "external/cert/priority/p4", + "external/cert/priority/p6", + "external/cert/priority/p8", + "external/cert/priority/p9", + "external/cert/priority/p12", + "external/cert/priority/p18", + "external/cert/priority/p27", + "external/cert/level/l1", + "external/cert/level/l2", + "external/cert/level/l3" ] }, "minLength": 1 From 9169ec6831ed6382bd764d3a7e4fbd64607c9954 Mon Sep 17 00:00:00 2001 From: Max Base Date: Tue, 13 May 2025 18:35:12 +0000 Subject: [PATCH 2532/2573] fix: occured -> occurred --- cpp/report/src/Diagnostics/ExtractionErrors.qll | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cpp/report/src/Diagnostics/ExtractionErrors.qll b/cpp/report/src/Diagnostics/ExtractionErrors.qll index 55e1c96461..58757ca544 100644 --- a/cpp/report/src/Diagnostics/ExtractionErrors.qll +++ b/cpp/report/src/Diagnostics/ExtractionErrors.qll @@ -60,10 +60,10 @@ class ExtractionError extends TExtractionError { /** Gets the error message for this error. */ string getErrorMessage() { none() } - /** Gets the file this error occured in. */ + /** Gets the file this error occurred in. */ File getFile() { none() } - /** Gets the location this error occured in. */ + /** Gets the location this error occurred in. */ Location getLocation() { none() } /** Gets the SARIF severity of this error. */ From af488d1ba039526901d6a94a1922a2535a17fcd9 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 15 May 2025 21:25:26 +0100 Subject: [PATCH 2533/2573] Update README.md to list MISRA C 2023 as completed, and update date for MISRA C++ 2023. --- README.md | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 0f24587afe..02c226f84a 100644 --- a/README.md +++ b/README.md @@ -15,14 +15,15 @@ The following coding standards are supported: - [MISRA C 2012, 3rd Edition, 1st revision](https://www.misra.org.uk/product/misra-c2012-third-edition-first-revision/) (incoporating Amendment 1 & Technical Corrigendum 1). In addition, we support the following additional amendments and technical corrigendums: - [MISRA C 2012 Amendment 2](https://misra.org.uk/app/uploads/2021/06/MISRA-C-2012-AMD2.pdf) - [MISRA C 2012 Technical Corrigendum 2](https://misra.org.uk/app/uploads/2022/04/MISRA-C-2012-TC2.pdf) + - [MISRA C 2012 Amendment 3](https://misra.org.uk/app/uploads/2021/06/MISRA-C-2012-AMD3.pdf) + - [MISRA C 2012 Amendment 4](https://misra.org.uk/app/uploads/2021/06/MISRA-C-2012-AMD4.pdf) +- [MISRA C 2023](https://misra.org.uk/product/misra-c2023/) ## :construction: Standards under development :construction: -The following standards are under active development: +The following standards are under active development for [C++17](https://www.iso.org/standard/68564.html): -- [MISRA C++ 2023](https://misra.org.uk/product/misra-cpp2023/) - under development - _scheduled for release 2025 Q1_ -- [MISRA C 2023](https://misra.org.uk/product/misra-c2023/) - under development - _scheduled for release 2025 Q1_ - - This includes the development of [MISRA C 2012 Amendment 3](https://misra.org.uk/app/uploads/2021/06/MISRA-C-2012-AMD3.pdf) and [MISRA C 2012 Amendment 4](https://misra.org.uk/app/uploads/2021/06/MISRA-C-2012-AMD4.pdf), which are incorporated into MISRA C 2023. +- [MISRA C++ 2023](https://misra.org.uk/product/misra-cpp2023/) - under development - _scheduled for release 2025 Q2/Q3_ ## How do I use the CodeQL Coding Standards Queries? From 80529f072f721fb14e782d1e4041423246dba381 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 15 May 2025 21:26:15 +0100 Subject: [PATCH 2534/2573] Update user manual with MISRA C 2023 coverage. --- docs/user_manual.md | 29 ++++++++++++++++------------- 1 file changed, 16 insertions(+), 13 deletions(-) diff --git a/docs/user_manual.md b/docs/user_manual.md index 2920e024a6..4ab3de39c0 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -31,7 +31,8 @@ | 0.23.0 | 2024-10-21 | Luke Cartey | Add assembly as a hazard. | | 0.24.0 | 2024-10-22 | Luke Cartey | Add CodeQL packs as a usable output, update release artifacts list. | | 0.25.0 | 2025-01-15 | Mike Fairhurst | Add guidance for the usage of 'strict' queries. | -| 0.26.0 | 2025-02-12 | Luke Cartey | Describe support for new deviation code identifier formats | +| 0.26.0 | 2025-02-12 | Luke Cartey | Describe support for new deviation code identifier formats | +| 0.27.0 | 2025-05-15 | Luke Cartey | Documented completed support for MISRA C 2023. | ## Release information @@ -59,16 +60,16 @@ A _coding standard_ is a set of rules or guidelines which restrict or prohibit t The _CodeQL Coding Standards_ product is a set of CodeQL queries for identifying contraventions of rules in the following coding standards: -| Standard | Version | Rules | Supportable rules | Implemented rules | Status | -| -------------------------------------------------------------------------------------------------------------------- | ------- | ----------- | ----------------------- | ----------------- | ------- | -| AUTOSAR C++ | [^1] [R22-11](https://www.autosar.org/fileadmin/standards/R22-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf), R21-11, R20-11, R19-11, R19-03 | 397 | 372 | 370[^2] | Implemented | -| CERT-C++ | [2016](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-cpp-coding-standard-2016-v01.pdf) | 83 | 82 | 82 | Implemented | -| CERT C | [2016](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-c-coding-standard-2016-v01.pdf) | 99 | 97 | 97 | Implemented | -| MISRA C | [2012 Third Edition, First Revision](https://www.misra.org.uk/product/misra-c2012-third-edition-first-revision/), [Amendment 2](https://misra.org.uk/app/uploads/2021/06/MISRA-C-2012-AMD2.pdf) and TC2 | 175 | 164 | 162[^3] | Implemented | -| | [MISRA C 2012 Amendment 3](https://misra.org.uk/app/uploads/2021/06/MISRA-C-2012-AMD3.pdf) | 24 | 24 | - | Under development | -| | [MISRA C 2012 Amendment 4](https://misra.org.uk/app/uploads/2021/06/MISRA-C-2012-AMD4.pdf) | 22 | 22 | - | Under development | -| | [2023 Third Edition, Second Revision](https://misra.org.uk/product/misra-c2023/) | 221 | 210 | - | Under development | -| MISRA C++ | [2023](https://misra.org.uk/product/misra-cpp2023/) | 179 | 176[^4] | - | Under development | +| Standard | Version | Rules | Supportable rules | Implemented rules | Status | +| ----------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----- | ----------------- | ----------------- | ----------------- | +| AUTOSAR C++ | [^1] [R22-11](https://www.autosar.org/fileadmin/standards/R22-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf), R21-11, R20-11, R19-11, R19-03 | 397 | 372 | 370[^2] | Implemented | +| CERT-C++ | [2016](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-cpp-coding-standard-2016-v01.pdf) | 83 | 82 | 82 | Implemented | +| CERT C | [2016](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-c-coding-standard-2016-v01.pdf) | 99 | 97 | 97 | Implemented | +| MISRA C | [2012 Third Edition, First Revision](https://www.misra.org.uk/product/misra-c2012-third-edition-first-revision/), [Amendment 2](https://misra.org.uk/app/uploads/2021/06/MISRA-C-2012-AMD2.pdf) and TC2 | 175 | 164 | 162[^3] | Implemented | +| | [2012 Amendment 3](https://misra.org.uk/app/uploads/2021/06/MISRA-C-2012-AMD3.pdf) | 24 | 24 | 24 | Implemented | +| | [2012 Amendment 4](https://misra.org.uk/app/uploads/2021/06/MISRA-C-2012-AMD4.pdf) | 22 | 22 | 21[^4] | Implemented | +| | [2023 Third Edition, Second Revision](https://misra.org.uk/product/misra-c2023/) | 221 | 210 | 207[^5] | Implemented | +| MISRA C++ | [2023](https://misra.org.uk/product/misra-cpp2023/) | 179 | 176[^6] | - | Under development | Not all rules in these standards are amenable to static analysis by CodeQL - some rules require external or domain specific knowledge to validate, or refer to properties which are not present in our representation of the codebase under analysis. In addition, some rules are natively enforced by the supported compilers. As CodeQL requires that the program under analysis compiles, we are unable to implement queries for these rules, and doing so would be redundant. @@ -84,8 +85,10 @@ The datasheet _"CodeQL Coding Standards: supported rules"_, provided with each r [^1]: AUTOSAR C++ versions R22-11, R21-11, R20-11, R19-11 and R19-03 are all identical as indicated in the document change history. [^2]: The unimplemented supportable AUTOSAR rules are `A7-1-8` and `A8-2-1`. These rules require additional support in the CodeQL CLI to ensure the required information is available in the CodeQL database to identify violations of these rules. -[^3]: The unimplemented supportable MISRA C 2012 rules are `Rule 9.5`, `Rule 17.13`, and `Dir 4.14`. `Rule 9.5` and `Rule 17.13` require additional support in the CodeQL CLI to ensure the required information is available in the CodeQL database to identify violations of these rules. `Dir 4.14` is covered by the default CodeQL queries, which identify potential security vulnerabilities caused by not validating external input. -[^4]: The rules 5.13.7, 19.0.1 and 19.1.2 are not planned to be implemented by CodeQL as they are compiler checked in all supported compilers. +[^3]: The unimplemented supportable MISRA C 2012 rules are `Rule 9.5`, `Rule 17.13`. `Rule 9.5` and `Rule 17.13` require additional support in the CodeQL CLI to ensure the required information is available in the CodeQL database to identify violations of these rules. Note: `Dir 4.14` is covered by the default CodeQL queries, which identify potential security vulnerabilities caused by not validating external input. +[^4]: The unimplemented supportable MISRA C 2012 Amendment 4 rule is `Rule 9.6`. `Rule 9.6` requires additional support in the CodeQL CLI to ensure the required information is available in the CodeQL database to identify violations of this rule. +[^5]: The unimplemented supportable MISRA C 2023 rules are `Rule 9.5`, `Rule 9.6`, `Rule 17.13`. `Rule 9.5`, `Rule 9.6` and `Rule 17.13` require additional support in the CodeQL CLI to ensure the required information is available in the CodeQL database to identify violations of these rules. Note: `Dir 4.14` is covered by the default CodeQL queries, which identify potential security vulnerabilities caused by not validating external input. +[^6]: The rules `5.13.7`, `19.0.1` and `19.1.2` are not planned to be implemented by CodeQL as they are compiler checked in all supported compilers. ## Supported environment From b8b66ae31e67393246afcaf1dce260c5ba8d9c89 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 15 May 2025 21:26:49 +0100 Subject: [PATCH 2535/2573] Update query suites to reference MISRA C 2023. --- c/misra/src/codeql-suites/misra-c-advisory.qls | 2 +- c/misra/src/codeql-suites/misra-c-audit.qls | 2 +- c/misra/src/codeql-suites/misra-c-default.qls | 2 +- c/misra/src/codeql-suites/misra-c-mandatory.qls | 2 +- c/misra/src/codeql-suites/misra-c-required.qls | 2 +- c/misra/src/codeql-suites/misra-c-strict.qls | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/c/misra/src/codeql-suites/misra-c-advisory.qls b/c/misra/src/codeql-suites/misra-c-advisory.qls index 517f449b13..39df0d6583 100644 --- a/c/misra/src/codeql-suites/misra-c-advisory.qls +++ b/c/misra/src/codeql-suites/misra-c-advisory.qls @@ -1,4 +1,4 @@ -- description: MISRA C 2012 (Advisory) +- description: MISRA C 2023 (Advisory) - qlpack: codeql/misra-c-coding-standards - include: kind: diff --git a/c/misra/src/codeql-suites/misra-c-audit.qls b/c/misra/src/codeql-suites/misra-c-audit.qls index ce1b9fed68..cac9df04ae 100644 --- a/c/misra/src/codeql-suites/misra-c-audit.qls +++ b/c/misra/src/codeql-suites/misra-c-audit.qls @@ -1,4 +1,4 @@ -- description: MISRA C 2012 (Audit) +- description: MISRA C 2023 (Audit) - qlpack: codeql/misra-c-coding-standards - include: kind: diff --git a/c/misra/src/codeql-suites/misra-c-default.qls b/c/misra/src/codeql-suites/misra-c-default.qls index f72a63ba49..cdc6eb65ad 100644 --- a/c/misra/src/codeql-suites/misra-c-default.qls +++ b/c/misra/src/codeql-suites/misra-c-default.qls @@ -1,4 +1,4 @@ -- description: MISRA C 2012 (Default) +- description: MISRA C 2023 (Default) - qlpack: codeql/misra-c-coding-standards - include: kind: diff --git a/c/misra/src/codeql-suites/misra-c-mandatory.qls b/c/misra/src/codeql-suites/misra-c-mandatory.qls index 454b8487ab..09eccdc50c 100644 --- a/c/misra/src/codeql-suites/misra-c-mandatory.qls +++ b/c/misra/src/codeql-suites/misra-c-mandatory.qls @@ -1,4 +1,4 @@ -- description: MISRA C 2012 (Advisory) +- description: MISRA C 2023 (Advisory) - qlpack: codeql/misra-c-coding-standards - include: kind: diff --git a/c/misra/src/codeql-suites/misra-c-required.qls b/c/misra/src/codeql-suites/misra-c-required.qls index ca32b9ca97..f7c77e937a 100644 --- a/c/misra/src/codeql-suites/misra-c-required.qls +++ b/c/misra/src/codeql-suites/misra-c-required.qls @@ -1,4 +1,4 @@ -- description: MISRA C 2012 (Required) +- description: MISRA C 2023 (Required) - qlpack: codeql/misra-c-coding-standards - include: kind: diff --git a/c/misra/src/codeql-suites/misra-c-strict.qls b/c/misra/src/codeql-suites/misra-c-strict.qls index 6fb642424c..b8f4885189 100644 --- a/c/misra/src/codeql-suites/misra-c-strict.qls +++ b/c/misra/src/codeql-suites/misra-c-strict.qls @@ -1,4 +1,4 @@ -- description: MISRA C 2012 (Strict) +- description: MISRA C 2023 (Strict) - qlpack: codeql/misra-c-coding-standards - include: kind: From 837af1f46780fd6c62452c2260ccbc6757c5a183 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 15 May 2025 21:27:43 +0100 Subject: [PATCH 2536/2573] Add changelog for MISRA C 2023. --- change_notes/2025-05-15-misra-c-2023.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 change_notes/2025-05-15-misra-c-2023.md diff --git a/change_notes/2025-05-15-misra-c-2023.md b/change_notes/2025-05-15-misra-c-2023.md new file mode 100644 index 0000000000..defd2ff823 --- /dev/null +++ b/change_notes/2025-05-15-misra-c-2023.md @@ -0,0 +1,4 @@ + - Support for MISRA C 2023 is now completed. + - The default query suites for MISRA C now target MISRA C 2023. + - The user manual has been updated to list MISRA C 2023 as completed. + - The `misra-c-2012-third-edition-with-amendment-2.qls` query suite can be used to run the queries present in MISRA C 2012 (3rd Edition) and Amendment 2. \ No newline at end of file From e1d028cd93b671a3e775d4dd1fe111b51b1862ce Mon Sep 17 00:00:00 2001 From: knewbury01 Date: Wed, 21 May 2025 18:06:18 +0000 Subject: [PATCH 2537/2573] Bump version to 2.46.0-dev --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- docs/user_manual.md | 12 ++++++------ 16 files changed, 21 insertions(+), 21 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index 46124fd7c4..128ac606f8 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards -version: 2.45.0-dev +version: 2.46.0-dev description: CERT C 2016 suites: codeql-suites license: MIT diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index f7fe527dab..6920ec1771 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards-tests -version: 2.45.0-dev +version: 2.46.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index ad3f825a4b..13a994e0a3 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards -version: 2.45.0-dev +version: 2.46.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index cbadd7f238..09640c31c9 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards-tests -version: 2.45.0-dev +version: 2.46.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index b5d16e9974..d37d64c88a 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards -version: 2.45.0-dev +version: 2.46.0-dev description: MISRA C 2012 suites: codeql-suites license: MIT diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index e6932cc894..a22391774f 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards-tests -version: 2.45.0-dev +version: 2.46.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index b9cd9b72a8..dd095ff354 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards -version: 2.45.0-dev +version: 2.46.0-dev description: AUTOSAR C++14 Guidelines R22-11, R21-11, R20-11, R19-11 and R19-03 suites: codeql-suites license: MIT diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index 0b92541fdf..7182f771d5 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards-tests -version: 2.45.0-dev +version: 2.46.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index d23ea8fc34..792575ad6e 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards -version: 2.45.0-dev +version: 2.46.0-dev description: CERT C++ 2016 suites: codeql-suites license: MIT diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index 1baf2b3fc3..7463027aaf 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards-tests -version: 2.45.0-dev +version: 2.46.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index 47a116582c..1813fb7fe3 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards -version: 2.45.0-dev +version: 2.46.0-dev license: MIT dependencies: codeql/cpp-all: 2.1.1 diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index a636b824dc..8912a9c683 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards-tests -version: 2.45.0-dev +version: 2.46.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index a98ccfa757..5cb9d79b87 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards -version: 2.45.0-dev +version: 2.46.0-dev description: MISRA C++ 2023 default-suite: codeql-suites/misra-cpp-default.qls license: MIT diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index aad59493fe..69cd110473 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards-tests -version: 2.45.0-dev +version: 2.46.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index 731d68dd29..c6f5f7052f 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/report-cpp-coding-standards -version: 2.45.0-dev +version: 2.46.0-dev license: MIT dependencies: codeql/cpp-all: 2.1.1 diff --git a/docs/user_manual.md b/docs/user_manual.md index 4ab3de39c0..a758d3678c 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -36,14 +36,14 @@ ## Release information -This user manual documents release `2.45.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). +This user manual documents release `2.46.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). The release page documents the release notes and contains the following artifacts part of the release: - `coding-standards-codeql-packs-2.37.0-dev.zip`: CodeQL packs that can be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `code-scanning-cpp-query-pack-2.45.0-dev.zip`: Legacy packaging for the queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `supported_rules_list_2.45.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. -- `supported_rules_list_2.45.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. -- `user_manual_2.45.0-dev.md`: This user manual. +- `code-scanning-cpp-query-pack-2.46.0-dev.zip`: Legacy packaging for the queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. +- `supported_rules_list_2.46.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. +- `supported_rules_list_2.46.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. +- `user_manual_2.46.0-dev.md`: This user manual. - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards - `checksums.txt`: A text file containing sha256 checksums for the aforementioned artifacts. @@ -670,7 +670,7 @@ This section describes known failure modes for "CodeQL Coding Standards" and des | | Out of space | Less output. Some files may be only be partially analyzed, or not analyzed at all. | Error reported on the command line. | Increase space. If it remains an issue report space consumption issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False positives | More output. Results are reported which are not violations of the guidelines. | All reported results must be reviewed. | Report false positive issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False negatives | Less output. Violations of the guidelines are not reported. | Other validation and verification processes during software development should be used to complement the analysis performed by CodeQL Coding Standards. | Report false negative issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | -| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.45.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | +| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.46.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | | | Incorrect deviation record specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation records with a reason. Ensure that all deviation records are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Incorrect deviation permit specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation permits with a reason. Ensure that all deviation permits are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Unapproved use of a deviation record | Less output. Results for guideline violations are not reported. | Validate that the deviation record use is approved by verifying the approved-by attribute of the deviation record specification. | Ensure that each raised deviation record is approved by an independent approver through an auditable process. | From 985a2d1ed43a32e2446317182627793050f74b36 Mon Sep 17 00:00:00 2001 From: Chris Smowton Date: Wed, 4 Jun 2025 12:22:02 +0100 Subject: [PATCH 2538/2573] Fix poor performance of sameSource predicate --- .../IOFstreamMissingPositioning.qll | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.qll b/cpp/common/src/codingstandards/cpp/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.qll index 547c90daf5..b26421c72c 100644 --- a/cpp/common/src/codingstandards/cpp/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.qll +++ b/cpp/common/src/codingstandards/cpp/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.qll @@ -51,7 +51,8 @@ class WriteFunctionCall extends ReadWriteCall { } } -pragma[inline] +bindingset[a, b] +pragma[inline_late] predicate sameSource(FunctionCall a, FunctionCall b) { sameStreamSource(a, b) or sameFileSource(a, b) From e9e7cfa26931911e205f65a47245af6c550ef2e1 Mon Sep 17 00:00:00 2001 From: knewbury01 Date: Wed, 4 Jun 2025 14:12:21 +0000 Subject: [PATCH 2539/2573] Bump version to 2.47.0-dev --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- docs/user_manual.md | 12 ++++++------ 16 files changed, 21 insertions(+), 21 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index 128ac606f8..26311dda18 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards -version: 2.46.0-dev +version: 2.47.0-dev description: CERT C 2016 suites: codeql-suites license: MIT diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index 6920ec1771..91c2ea4a52 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards-tests -version: 2.46.0-dev +version: 2.47.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 13a994e0a3..d088be5639 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards -version: 2.46.0-dev +version: 2.47.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index 09640c31c9..4688b3b1a9 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards-tests -version: 2.46.0-dev +version: 2.47.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index d37d64c88a..0607e7456f 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards -version: 2.46.0-dev +version: 2.47.0-dev description: MISRA C 2012 suites: codeql-suites license: MIT diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index a22391774f..823d705e51 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards-tests -version: 2.46.0-dev +version: 2.47.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index dd095ff354..061fcf8df8 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards -version: 2.46.0-dev +version: 2.47.0-dev description: AUTOSAR C++14 Guidelines R22-11, R21-11, R20-11, R19-11 and R19-03 suites: codeql-suites license: MIT diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index 7182f771d5..735f300df4 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards-tests -version: 2.46.0-dev +version: 2.47.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index 792575ad6e..74fe860570 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards -version: 2.46.0-dev +version: 2.47.0-dev description: CERT C++ 2016 suites: codeql-suites license: MIT diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index 7463027aaf..58d0db64f0 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards-tests -version: 2.46.0-dev +version: 2.47.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index 1813fb7fe3..2454592ce7 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards -version: 2.46.0-dev +version: 2.47.0-dev license: MIT dependencies: codeql/cpp-all: 2.1.1 diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index 8912a9c683..86ad39d46a 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards-tests -version: 2.46.0-dev +version: 2.47.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index 5cb9d79b87..999116b3e0 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards -version: 2.46.0-dev +version: 2.47.0-dev description: MISRA C++ 2023 default-suite: codeql-suites/misra-cpp-default.qls license: MIT diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index 69cd110473..94cad70436 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards-tests -version: 2.46.0-dev +version: 2.47.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index c6f5f7052f..4814c3e99b 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/report-cpp-coding-standards -version: 2.46.0-dev +version: 2.47.0-dev license: MIT dependencies: codeql/cpp-all: 2.1.1 diff --git a/docs/user_manual.md b/docs/user_manual.md index a758d3678c..7482942dc5 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -36,14 +36,14 @@ ## Release information -This user manual documents release `2.46.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). +This user manual documents release `2.47.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). The release page documents the release notes and contains the following artifacts part of the release: - `coding-standards-codeql-packs-2.37.0-dev.zip`: CodeQL packs that can be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `code-scanning-cpp-query-pack-2.46.0-dev.zip`: Legacy packaging for the queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `supported_rules_list_2.46.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. -- `supported_rules_list_2.46.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. -- `user_manual_2.46.0-dev.md`: This user manual. +- `code-scanning-cpp-query-pack-2.47.0-dev.zip`: Legacy packaging for the queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. +- `supported_rules_list_2.47.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. +- `supported_rules_list_2.47.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. +- `user_manual_2.47.0-dev.md`: This user manual. - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards - `checksums.txt`: A text file containing sha256 checksums for the aforementioned artifacts. @@ -670,7 +670,7 @@ This section describes known failure modes for "CodeQL Coding Standards" and des | | Out of space | Less output. Some files may be only be partially analyzed, or not analyzed at all. | Error reported on the command line. | Increase space. If it remains an issue report space consumption issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False positives | More output. Results are reported which are not violations of the guidelines. | All reported results must be reviewed. | Report false positive issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False negatives | Less output. Violations of the guidelines are not reported. | Other validation and verification processes during software development should be used to complement the analysis performed by CodeQL Coding Standards. | Report false negative issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | -| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.46.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | +| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.47.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | | | Incorrect deviation record specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation records with a reason. Ensure that all deviation records are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Incorrect deviation permit specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation permits with a reason. Ensure that all deviation permits are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Unapproved use of a deviation record | Less output. Results for guideline violations are not reported. | Validate that the deviation record use is approved by verifying the approved-by attribute of the deviation record specification. | Ensure that each raised deviation record is approved by an independent approver through an auditable process. | From 7049558f18fabd7a6f515e9ada1cef4aa43b02b3 Mon Sep 17 00:00:00 2001 From: Chris Smowton Date: Fri, 6 Jun 2025 09:52:33 +0100 Subject: [PATCH 2540/2573] Change note --- change_notes/2025-06-06-same-source-performance.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 change_notes/2025-06-06-same-source-performance.md diff --git a/change_notes/2025-06-06-same-source-performance.md b/change_notes/2025-06-06-same-source-performance.md new file mode 100644 index 0000000000..e0dfc36dea --- /dev/null +++ b/change_notes/2025-06-06-same-source-performance.md @@ -0,0 +1,2 @@ + - `FIO39-C`, `FIO50-CPP`, `A27-0-3`, `RULE-30-0-2`: `IOFstreamMissingPositioning.ql`, `InterleavedInputOutputWithoutPosition.ql`, `InterleavedInputOutputWithoutFlush.ql`, `ReadsAndWritesOnStreamNotSeparatedByPositioning.ql`. + - Improved performance for codebases with large numbers of stream or file accesses. \ No newline at end of file From 6a5aa1f09699c6f1259adf4cc7c2b57bc087e007 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 13 Jun 2025 08:30:34 -0700 Subject: [PATCH 2541/2573] Fix compilation error --- .../codingstandards/cpp/types/Compatible.qll | 26 ------------------- 1 file changed, 26 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/types/Compatible.qll b/cpp/common/src/codingstandards/cpp/types/Compatible.qll index 3b77d5caf3..eb0e13101a 100644 --- a/cpp/common/src/codingstandards/cpp/types/Compatible.qll +++ b/cpp/common/src/codingstandards/cpp/types/Compatible.qll @@ -522,29 +522,3 @@ module FunctionDeclarationTypeEquivalence< .getType(), f2.getParameterDeclarationEntry(pragma[only_bind_into](i)).getType()) } } - -/** - * Convenience class to reduce the awkwardness of how `RoutineType` and `FunctionPointerIshType` - * don't have a common ancestor. - */ -private class FunctionType extends Type { - FunctionType() { this instanceof RoutineType or this instanceof FunctionPointerIshType } - - Type getReturnType() { - result = this.(RoutineType).getReturnType() or - result = this.(FunctionPointerIshType).getReturnType() - } - - Type getParameterType(int i) { - result = this.(RoutineType).getParameterType(i) or - result = this.(FunctionPointerIshType).getParameterType(i) - } -} - -private class LeafType extends Type { - LeafType() { - not this instanceof DerivedType and - not this instanceof FunctionType and - not this instanceof FunctionType - } -} From df1bd3a084718b0b554d613dd9f4a7614a95e4d9 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Sun, 15 Jun 2025 21:16:11 -0700 Subject: [PATCH 2542/2573] Add missing CERT-C query tags --- .../DoNotCompareFunctionPointersToConstantValues.ql | 6 ++++++ rule_packages/c/Expressions2.json | 8 +++++++- 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/c/cert/src/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql b/c/cert/src/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql index d9622b03b9..fecd5450d0 100644 --- a/c/cert/src/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql +++ b/c/cert/src/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql @@ -9,6 +9,12 @@ * @tags external/cert/id/exp16-c * correctness * external/cert/obligation/recommendation + * external/cert/severity/low + * external/cert/likelihood/likely + * external/cert/remediation-cost/ + * external/cert/priority/p6 + * external/cert/level/l2 + * external/cert/obligation/recommendation */ import cpp diff --git a/rule_packages/c/Expressions2.json b/rule_packages/c/Expressions2.json index 7eaa2ff2ec..c9e2434f80 100644 --- a/rule_packages/c/Expressions2.json +++ b/rule_packages/c/Expressions2.json @@ -13,7 +13,13 @@ "severity": "error", "short_name": "DoNotCompareFunctionPointersToConstantValues", "tags": [ - "correctness" + "correctness", + "external/cert/obligation/recommendation", + "external/cert/severity/low", + "external/cert/likelihood/likely", + "external/cert/remediation-cost/", + "external/cert/priority/p6", + "external/cert/level/l2" ] } ], From bb7c913eea8391f110f6289db379fea0d96cbd4d Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Sun, 15 Jun 2025 21:36:45 -0700 Subject: [PATCH 2543/2573] Fix remediation cost --- .../EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql | 2 +- rule_packages/c/Expressions2.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/c/cert/src/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql b/c/cert/src/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql index fecd5450d0..bd2167c925 100644 --- a/c/cert/src/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql +++ b/c/cert/src/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql @@ -11,7 +11,7 @@ * external/cert/obligation/recommendation * external/cert/severity/low * external/cert/likelihood/likely - * external/cert/remediation-cost/ + * external/cert/remediation-cost/medium * external/cert/priority/p6 * external/cert/level/l2 * external/cert/obligation/recommendation diff --git a/rule_packages/c/Expressions2.json b/rule_packages/c/Expressions2.json index c9e2434f80..7c78e02fd9 100644 --- a/rule_packages/c/Expressions2.json +++ b/rule_packages/c/Expressions2.json @@ -17,7 +17,7 @@ "external/cert/obligation/recommendation", "external/cert/severity/low", "external/cert/likelihood/likely", - "external/cert/remediation-cost/", + "external/cert/remediation-cost/medium", "external/cert/priority/p6", "external/cert/level/l2" ] From fbf21bd3ae4b630f39b15e2c86866ac0db0772e2 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Sun, 15 Jun 2025 21:37:32 -0700 Subject: [PATCH 2544/2573] Undo accidental deletion of LeafType --- cpp/common/src/codingstandards/cpp/types/Compatible.qll | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/cpp/common/src/codingstandards/cpp/types/Compatible.qll b/cpp/common/src/codingstandards/cpp/types/Compatible.qll index eb0e13101a..83983e1df4 100644 --- a/cpp/common/src/codingstandards/cpp/types/Compatible.qll +++ b/cpp/common/src/codingstandards/cpp/types/Compatible.qll @@ -522,3 +522,11 @@ module FunctionDeclarationTypeEquivalence< .getType(), f2.getParameterDeclarationEntry(pragma[only_bind_into](i)).getType()) } } + +private class LeafType extends Type { + LeafType() { + not this instanceof DerivedType and + not this instanceof FunctionType and + not this instanceof FunctionType + } +} From e4121eeb044129a2205162b2dc20326b72491ffe Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Sun, 15 Jun 2025 21:41:35 -0700 Subject: [PATCH 2545/2573] Remove cert c obligation tag --- .../EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql | 1 - rule_packages/c/Expressions2.json | 1 - 2 files changed, 2 deletions(-) diff --git a/c/cert/src/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql b/c/cert/src/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql index bd2167c925..bdd4f1b375 100644 --- a/c/cert/src/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql +++ b/c/cert/src/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql @@ -8,7 +8,6 @@ * @problem.severity error * @tags external/cert/id/exp16-c * correctness - * external/cert/obligation/recommendation * external/cert/severity/low * external/cert/likelihood/likely * external/cert/remediation-cost/medium diff --git a/rule_packages/c/Expressions2.json b/rule_packages/c/Expressions2.json index 7c78e02fd9..d639ae2c34 100644 --- a/rule_packages/c/Expressions2.json +++ b/rule_packages/c/Expressions2.json @@ -14,7 +14,6 @@ "short_name": "DoNotCompareFunctionPointersToConstantValues", "tags": [ "correctness", - "external/cert/obligation/recommendation", "external/cert/severity/low", "external/cert/likelihood/likely", "external/cert/remediation-cost/medium", From 0fd3a88fa6ed3317d05243fdf6044fda7cb461ab Mon Sep 17 00:00:00 2001 From: knewbury01 Date: Mon, 16 Jun 2025 19:38:57 +0000 Subject: [PATCH 2546/2573] Bump version to 2.48.0-dev --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- docs/user_manual.md | 12 ++++++------ 16 files changed, 21 insertions(+), 21 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index 26311dda18..d2ba0816a3 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards -version: 2.47.0-dev +version: 2.48.0-dev description: CERT C 2016 suites: codeql-suites license: MIT diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index 91c2ea4a52..98268c5636 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards-tests -version: 2.47.0-dev +version: 2.48.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index d088be5639..4bbcb5c730 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards -version: 2.47.0-dev +version: 2.48.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index 4688b3b1a9..ce8d7b3ce7 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards-tests -version: 2.47.0-dev +version: 2.48.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 0607e7456f..02f9dceb48 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards -version: 2.47.0-dev +version: 2.48.0-dev description: MISRA C 2012 suites: codeql-suites license: MIT diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index 823d705e51..a720d41779 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards-tests -version: 2.47.0-dev +version: 2.48.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index 061fcf8df8..65ec603f59 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards -version: 2.47.0-dev +version: 2.48.0-dev description: AUTOSAR C++14 Guidelines R22-11, R21-11, R20-11, R19-11 and R19-03 suites: codeql-suites license: MIT diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index 735f300df4..f7b3f9ef3f 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards-tests -version: 2.47.0-dev +version: 2.48.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index 74fe860570..999faded05 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards -version: 2.47.0-dev +version: 2.48.0-dev description: CERT C++ 2016 suites: codeql-suites license: MIT diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index 58d0db64f0..b1c634258a 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards-tests -version: 2.47.0-dev +version: 2.48.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index 2454592ce7..f7938fef71 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards -version: 2.47.0-dev +version: 2.48.0-dev license: MIT dependencies: codeql/cpp-all: 2.1.1 diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index 86ad39d46a..84a581eda1 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards-tests -version: 2.47.0-dev +version: 2.48.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index 999116b3e0..f6a4e21428 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards -version: 2.47.0-dev +version: 2.48.0-dev description: MISRA C++ 2023 default-suite: codeql-suites/misra-cpp-default.qls license: MIT diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index 94cad70436..565c630696 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards-tests -version: 2.47.0-dev +version: 2.48.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index 4814c3e99b..c8a6dd08f8 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/report-cpp-coding-standards -version: 2.47.0-dev +version: 2.48.0-dev license: MIT dependencies: codeql/cpp-all: 2.1.1 diff --git a/docs/user_manual.md b/docs/user_manual.md index 7482942dc5..fae4623443 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -36,14 +36,14 @@ ## Release information -This user manual documents release `2.47.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). +This user manual documents release `2.48.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). The release page documents the release notes and contains the following artifacts part of the release: - `coding-standards-codeql-packs-2.37.0-dev.zip`: CodeQL packs that can be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `code-scanning-cpp-query-pack-2.47.0-dev.zip`: Legacy packaging for the queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `supported_rules_list_2.47.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. -- `supported_rules_list_2.47.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. -- `user_manual_2.47.0-dev.md`: This user manual. +- `code-scanning-cpp-query-pack-2.48.0-dev.zip`: Legacy packaging for the queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. +- `supported_rules_list_2.48.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. +- `supported_rules_list_2.48.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. +- `user_manual_2.48.0-dev.md`: This user manual. - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards - `checksums.txt`: A text file containing sha256 checksums for the aforementioned artifacts. @@ -670,7 +670,7 @@ This section describes known failure modes for "CodeQL Coding Standards" and des | | Out of space | Less output. Some files may be only be partially analyzed, or not analyzed at all. | Error reported on the command line. | Increase space. If it remains an issue report space consumption issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False positives | More output. Results are reported which are not violations of the guidelines. | All reported results must be reviewed. | Report false positive issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False negatives | Less output. Violations of the guidelines are not reported. | Other validation and verification processes during software development should be used to complement the analysis performed by CodeQL Coding Standards. | Report false negative issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | -| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.47.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | +| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.48.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | | | Incorrect deviation record specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation records with a reason. Ensure that all deviation records are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Incorrect deviation permit specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation permits with a reason. Ensure that all deviation permits are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Unapproved use of a deviation record | Less output. Results for guideline violations are not reported. | Validate that the deviation record use is approved by verifying the approved-by attribute of the deviation record specification. | Ensure that each raised deviation record is approved by an independent approver through an auditable process. | From 4006b7c5bd4e581865c8134dd4bfa40b210f83d0 Mon Sep 17 00:00:00 2001 From: lcartey <5377966+lcartey@users.noreply.github.com> Date: Thu, 19 Jun 2025 10:05:13 +0000 Subject: [PATCH 2547/2573] Upgrading `github/codeql` dependency to 2.20.7 --- c/cert/src/codeql-pack.lock.yml | 20 +++++++++---------- c/cert/src/qlpack.yml | 2 +- c/cert/test/codeql-pack.lock.yml | 20 +++++++++---------- c/common/src/codeql-pack.lock.yml | 20 +++++++++---------- c/common/src/qlpack.yml | 2 +- c/common/test/codeql-pack.lock.yml | 20 +++++++++---------- c/misra/src/codeql-pack.lock.yml | 20 +++++++++---------- c/misra/src/qlpack.yml | 2 +- c/misra/test/codeql-pack.lock.yml | 20 +++++++++---------- cpp/autosar/src/codeql-pack.lock.yml | 20 +++++++++---------- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/codeql-pack.lock.yml | 20 +++++++++---------- cpp/cert/src/codeql-pack.lock.yml | 20 +++++++++---------- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/codeql-pack.lock.yml | 20 +++++++++---------- cpp/common/src/codeql-pack.lock.yml | 20 +++++++++---------- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/codeql-pack.lock.yml | 20 +++++++++---------- cpp/misra/src/codeql-pack.lock.yml | 20 +++++++++---------- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/codeql-pack.lock.yml | 20 +++++++++---------- cpp/report/src/codeql-pack.lock.yml | 20 +++++++++---------- cpp/report/src/qlpack.yml | 2 +- .../queries/codeql-pack.lock.yml | 20 +++++++++---------- scripts/generate_modules/queries/qlpack.yml | 2 +- supported_codeql_configs.json | 6 +++--- 26 files changed, 172 insertions(+), 172 deletions(-) diff --git a/c/cert/src/codeql-pack.lock.yml b/c/cert/src/codeql-pack.lock.yml index ab9a39f9c1..a45ea8f438 100644 --- a/c/cert/src/codeql-pack.lock.yml +++ b/c/cert/src/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 2.1.1 + version: 4.0.3 codeql/dataflow: - version: 1.1.6 + version: 2.0.3 codeql/mad: - version: 1.0.12 + version: 1.0.19 codeql/rangeanalysis: - version: 1.0.12 + version: 1.0.19 codeql/ssa: - version: 1.0.12 + version: 1.0.19 codeql/tutorial: - version: 1.0.12 + version: 1.0.19 codeql/typeflow: - version: 1.0.12 + version: 1.0.19 codeql/typetracking: - version: 1.0.12 + version: 2.0.3 codeql/util: - version: 1.0.12 + version: 2.0.6 codeql/xml: - version: 1.0.12 + version: 1.0.19 compiled: false diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index d2ba0816a3..732a855928 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -6,4 +6,4 @@ license: MIT default-suite-file: codeql-suites/cert-c-default.qls dependencies: codeql/common-c-coding-standards: '*' - codeql/cpp-all: 2.1.1 + codeql/cpp-all: 4.0.3 diff --git a/c/cert/test/codeql-pack.lock.yml b/c/cert/test/codeql-pack.lock.yml index ab9a39f9c1..a45ea8f438 100644 --- a/c/cert/test/codeql-pack.lock.yml +++ b/c/cert/test/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 2.1.1 + version: 4.0.3 codeql/dataflow: - version: 1.1.6 + version: 2.0.3 codeql/mad: - version: 1.0.12 + version: 1.0.19 codeql/rangeanalysis: - version: 1.0.12 + version: 1.0.19 codeql/ssa: - version: 1.0.12 + version: 1.0.19 codeql/tutorial: - version: 1.0.12 + version: 1.0.19 codeql/typeflow: - version: 1.0.12 + version: 1.0.19 codeql/typetracking: - version: 1.0.12 + version: 2.0.3 codeql/util: - version: 1.0.12 + version: 2.0.6 codeql/xml: - version: 1.0.12 + version: 1.0.19 compiled: false diff --git a/c/common/src/codeql-pack.lock.yml b/c/common/src/codeql-pack.lock.yml index ab9a39f9c1..a45ea8f438 100644 --- a/c/common/src/codeql-pack.lock.yml +++ b/c/common/src/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 2.1.1 + version: 4.0.3 codeql/dataflow: - version: 1.1.6 + version: 2.0.3 codeql/mad: - version: 1.0.12 + version: 1.0.19 codeql/rangeanalysis: - version: 1.0.12 + version: 1.0.19 codeql/ssa: - version: 1.0.12 + version: 1.0.19 codeql/tutorial: - version: 1.0.12 + version: 1.0.19 codeql/typeflow: - version: 1.0.12 + version: 1.0.19 codeql/typetracking: - version: 1.0.12 + version: 2.0.3 codeql/util: - version: 1.0.12 + version: 2.0.6 codeql/xml: - version: 1.0.12 + version: 1.0.19 compiled: false diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 4bbcb5c730..f59d784995 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -3,4 +3,4 @@ version: 2.48.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 2.1.1 + codeql/cpp-all: 4.0.3 diff --git a/c/common/test/codeql-pack.lock.yml b/c/common/test/codeql-pack.lock.yml index ab9a39f9c1..a45ea8f438 100644 --- a/c/common/test/codeql-pack.lock.yml +++ b/c/common/test/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 2.1.1 + version: 4.0.3 codeql/dataflow: - version: 1.1.6 + version: 2.0.3 codeql/mad: - version: 1.0.12 + version: 1.0.19 codeql/rangeanalysis: - version: 1.0.12 + version: 1.0.19 codeql/ssa: - version: 1.0.12 + version: 1.0.19 codeql/tutorial: - version: 1.0.12 + version: 1.0.19 codeql/typeflow: - version: 1.0.12 + version: 1.0.19 codeql/typetracking: - version: 1.0.12 + version: 2.0.3 codeql/util: - version: 1.0.12 + version: 2.0.6 codeql/xml: - version: 1.0.12 + version: 1.0.19 compiled: false diff --git a/c/misra/src/codeql-pack.lock.yml b/c/misra/src/codeql-pack.lock.yml index ab9a39f9c1..a45ea8f438 100644 --- a/c/misra/src/codeql-pack.lock.yml +++ b/c/misra/src/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 2.1.1 + version: 4.0.3 codeql/dataflow: - version: 1.1.6 + version: 2.0.3 codeql/mad: - version: 1.0.12 + version: 1.0.19 codeql/rangeanalysis: - version: 1.0.12 + version: 1.0.19 codeql/ssa: - version: 1.0.12 + version: 1.0.19 codeql/tutorial: - version: 1.0.12 + version: 1.0.19 codeql/typeflow: - version: 1.0.12 + version: 1.0.19 codeql/typetracking: - version: 1.0.12 + version: 2.0.3 codeql/util: - version: 1.0.12 + version: 2.0.6 codeql/xml: - version: 1.0.12 + version: 1.0.19 compiled: false diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 02f9dceb48..a10b00fb51 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -6,4 +6,4 @@ license: MIT default-suite-file: codeql-suites/misra-c-default.qls dependencies: codeql/common-c-coding-standards: '*' - codeql/cpp-all: 2.1.1 + codeql/cpp-all: 4.0.3 diff --git a/c/misra/test/codeql-pack.lock.yml b/c/misra/test/codeql-pack.lock.yml index ab9a39f9c1..a45ea8f438 100644 --- a/c/misra/test/codeql-pack.lock.yml +++ b/c/misra/test/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 2.1.1 + version: 4.0.3 codeql/dataflow: - version: 1.1.6 + version: 2.0.3 codeql/mad: - version: 1.0.12 + version: 1.0.19 codeql/rangeanalysis: - version: 1.0.12 + version: 1.0.19 codeql/ssa: - version: 1.0.12 + version: 1.0.19 codeql/tutorial: - version: 1.0.12 + version: 1.0.19 codeql/typeflow: - version: 1.0.12 + version: 1.0.19 codeql/typetracking: - version: 1.0.12 + version: 2.0.3 codeql/util: - version: 1.0.12 + version: 2.0.6 codeql/xml: - version: 1.0.12 + version: 1.0.19 compiled: false diff --git a/cpp/autosar/src/codeql-pack.lock.yml b/cpp/autosar/src/codeql-pack.lock.yml index ab9a39f9c1..a45ea8f438 100644 --- a/cpp/autosar/src/codeql-pack.lock.yml +++ b/cpp/autosar/src/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 2.1.1 + version: 4.0.3 codeql/dataflow: - version: 1.1.6 + version: 2.0.3 codeql/mad: - version: 1.0.12 + version: 1.0.19 codeql/rangeanalysis: - version: 1.0.12 + version: 1.0.19 codeql/ssa: - version: 1.0.12 + version: 1.0.19 codeql/tutorial: - version: 1.0.12 + version: 1.0.19 codeql/typeflow: - version: 1.0.12 + version: 1.0.19 codeql/typetracking: - version: 1.0.12 + version: 2.0.3 codeql/util: - version: 1.0.12 + version: 2.0.6 codeql/xml: - version: 1.0.12 + version: 1.0.19 compiled: false diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index 65ec603f59..2352408016 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -5,4 +5,4 @@ suites: codeql-suites license: MIT dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 2.1.1 + codeql/cpp-all: 4.0.3 diff --git a/cpp/autosar/test/codeql-pack.lock.yml b/cpp/autosar/test/codeql-pack.lock.yml index ab9a39f9c1..a45ea8f438 100644 --- a/cpp/autosar/test/codeql-pack.lock.yml +++ b/cpp/autosar/test/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 2.1.1 + version: 4.0.3 codeql/dataflow: - version: 1.1.6 + version: 2.0.3 codeql/mad: - version: 1.0.12 + version: 1.0.19 codeql/rangeanalysis: - version: 1.0.12 + version: 1.0.19 codeql/ssa: - version: 1.0.12 + version: 1.0.19 codeql/tutorial: - version: 1.0.12 + version: 1.0.19 codeql/typeflow: - version: 1.0.12 + version: 1.0.19 codeql/typetracking: - version: 1.0.12 + version: 2.0.3 codeql/util: - version: 1.0.12 + version: 2.0.6 codeql/xml: - version: 1.0.12 + version: 1.0.19 compiled: false diff --git a/cpp/cert/src/codeql-pack.lock.yml b/cpp/cert/src/codeql-pack.lock.yml index ab9a39f9c1..a45ea8f438 100644 --- a/cpp/cert/src/codeql-pack.lock.yml +++ b/cpp/cert/src/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 2.1.1 + version: 4.0.3 codeql/dataflow: - version: 1.1.6 + version: 2.0.3 codeql/mad: - version: 1.0.12 + version: 1.0.19 codeql/rangeanalysis: - version: 1.0.12 + version: 1.0.19 codeql/ssa: - version: 1.0.12 + version: 1.0.19 codeql/tutorial: - version: 1.0.12 + version: 1.0.19 codeql/typeflow: - version: 1.0.12 + version: 1.0.19 codeql/typetracking: - version: 1.0.12 + version: 2.0.3 codeql/util: - version: 1.0.12 + version: 2.0.6 codeql/xml: - version: 1.0.12 + version: 1.0.19 compiled: false diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index 999faded05..4c74256dc9 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -5,5 +5,5 @@ suites: codeql-suites license: MIT default-suite-file: codeql-suites/cert-cpp-default.qls dependencies: - codeql/cpp-all: 2.1.1 + codeql/cpp-all: 4.0.3 codeql/common-cpp-coding-standards: '*' diff --git a/cpp/cert/test/codeql-pack.lock.yml b/cpp/cert/test/codeql-pack.lock.yml index ab9a39f9c1..a45ea8f438 100644 --- a/cpp/cert/test/codeql-pack.lock.yml +++ b/cpp/cert/test/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 2.1.1 + version: 4.0.3 codeql/dataflow: - version: 1.1.6 + version: 2.0.3 codeql/mad: - version: 1.0.12 + version: 1.0.19 codeql/rangeanalysis: - version: 1.0.12 + version: 1.0.19 codeql/ssa: - version: 1.0.12 + version: 1.0.19 codeql/tutorial: - version: 1.0.12 + version: 1.0.19 codeql/typeflow: - version: 1.0.12 + version: 1.0.19 codeql/typetracking: - version: 1.0.12 + version: 2.0.3 codeql/util: - version: 1.0.12 + version: 2.0.6 codeql/xml: - version: 1.0.12 + version: 1.0.19 compiled: false diff --git a/cpp/common/src/codeql-pack.lock.yml b/cpp/common/src/codeql-pack.lock.yml index ab9a39f9c1..a45ea8f438 100644 --- a/cpp/common/src/codeql-pack.lock.yml +++ b/cpp/common/src/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 2.1.1 + version: 4.0.3 codeql/dataflow: - version: 1.1.6 + version: 2.0.3 codeql/mad: - version: 1.0.12 + version: 1.0.19 codeql/rangeanalysis: - version: 1.0.12 + version: 1.0.19 codeql/ssa: - version: 1.0.12 + version: 1.0.19 codeql/tutorial: - version: 1.0.12 + version: 1.0.19 codeql/typeflow: - version: 1.0.12 + version: 1.0.19 codeql/typetracking: - version: 1.0.12 + version: 2.0.3 codeql/util: - version: 1.0.12 + version: 2.0.6 codeql/xml: - version: 1.0.12 + version: 1.0.19 compiled: false diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index f7938fef71..c62e045962 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -2,6 +2,6 @@ name: codeql/common-cpp-coding-standards version: 2.48.0-dev license: MIT dependencies: - codeql/cpp-all: 2.1.1 + codeql/cpp-all: 4.0.3 dataExtensions: - ext/*.model.yml diff --git a/cpp/common/test/codeql-pack.lock.yml b/cpp/common/test/codeql-pack.lock.yml index ab9a39f9c1..a45ea8f438 100644 --- a/cpp/common/test/codeql-pack.lock.yml +++ b/cpp/common/test/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 2.1.1 + version: 4.0.3 codeql/dataflow: - version: 1.1.6 + version: 2.0.3 codeql/mad: - version: 1.0.12 + version: 1.0.19 codeql/rangeanalysis: - version: 1.0.12 + version: 1.0.19 codeql/ssa: - version: 1.0.12 + version: 1.0.19 codeql/tutorial: - version: 1.0.12 + version: 1.0.19 codeql/typeflow: - version: 1.0.12 + version: 1.0.19 codeql/typetracking: - version: 1.0.12 + version: 2.0.3 codeql/util: - version: 1.0.12 + version: 2.0.6 codeql/xml: - version: 1.0.12 + version: 1.0.19 compiled: false diff --git a/cpp/misra/src/codeql-pack.lock.yml b/cpp/misra/src/codeql-pack.lock.yml index ab9a39f9c1..a45ea8f438 100644 --- a/cpp/misra/src/codeql-pack.lock.yml +++ b/cpp/misra/src/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 2.1.1 + version: 4.0.3 codeql/dataflow: - version: 1.1.6 + version: 2.0.3 codeql/mad: - version: 1.0.12 + version: 1.0.19 codeql/rangeanalysis: - version: 1.0.12 + version: 1.0.19 codeql/ssa: - version: 1.0.12 + version: 1.0.19 codeql/tutorial: - version: 1.0.12 + version: 1.0.19 codeql/typeflow: - version: 1.0.12 + version: 1.0.19 codeql/typetracking: - version: 1.0.12 + version: 2.0.3 codeql/util: - version: 1.0.12 + version: 2.0.6 codeql/xml: - version: 1.0.12 + version: 1.0.19 compiled: false diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index f6a4e21428..2c9262fd10 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -5,4 +5,4 @@ default-suite: codeql-suites/misra-cpp-default.qls license: MIT dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 2.1.1 + codeql/cpp-all: 4.0.3 diff --git a/cpp/misra/test/codeql-pack.lock.yml b/cpp/misra/test/codeql-pack.lock.yml index ab9a39f9c1..a45ea8f438 100644 --- a/cpp/misra/test/codeql-pack.lock.yml +++ b/cpp/misra/test/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 2.1.1 + version: 4.0.3 codeql/dataflow: - version: 1.1.6 + version: 2.0.3 codeql/mad: - version: 1.0.12 + version: 1.0.19 codeql/rangeanalysis: - version: 1.0.12 + version: 1.0.19 codeql/ssa: - version: 1.0.12 + version: 1.0.19 codeql/tutorial: - version: 1.0.12 + version: 1.0.19 codeql/typeflow: - version: 1.0.12 + version: 1.0.19 codeql/typetracking: - version: 1.0.12 + version: 2.0.3 codeql/util: - version: 1.0.12 + version: 2.0.6 codeql/xml: - version: 1.0.12 + version: 1.0.19 compiled: false diff --git a/cpp/report/src/codeql-pack.lock.yml b/cpp/report/src/codeql-pack.lock.yml index ab9a39f9c1..a45ea8f438 100644 --- a/cpp/report/src/codeql-pack.lock.yml +++ b/cpp/report/src/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 2.1.1 + version: 4.0.3 codeql/dataflow: - version: 1.1.6 + version: 2.0.3 codeql/mad: - version: 1.0.12 + version: 1.0.19 codeql/rangeanalysis: - version: 1.0.12 + version: 1.0.19 codeql/ssa: - version: 1.0.12 + version: 1.0.19 codeql/tutorial: - version: 1.0.12 + version: 1.0.19 codeql/typeflow: - version: 1.0.12 + version: 1.0.19 codeql/typetracking: - version: 1.0.12 + version: 2.0.3 codeql/util: - version: 1.0.12 + version: 2.0.6 codeql/xml: - version: 1.0.12 + version: 1.0.19 compiled: false diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index c8a6dd08f8..268820cc33 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/report-cpp-coding-standards version: 2.48.0-dev license: MIT dependencies: - codeql/cpp-all: 2.1.1 + codeql/cpp-all: 4.0.3 diff --git a/scripts/generate_modules/queries/codeql-pack.lock.yml b/scripts/generate_modules/queries/codeql-pack.lock.yml index ab9a39f9c1..a45ea8f438 100644 --- a/scripts/generate_modules/queries/codeql-pack.lock.yml +++ b/scripts/generate_modules/queries/codeql-pack.lock.yml @@ -2,23 +2,23 @@ lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 2.1.1 + version: 4.0.3 codeql/dataflow: - version: 1.1.6 + version: 2.0.3 codeql/mad: - version: 1.0.12 + version: 1.0.19 codeql/rangeanalysis: - version: 1.0.12 + version: 1.0.19 codeql/ssa: - version: 1.0.12 + version: 1.0.19 codeql/tutorial: - version: 1.0.12 + version: 1.0.19 codeql/typeflow: - version: 1.0.12 + version: 1.0.19 codeql/typetracking: - version: 1.0.12 + version: 2.0.3 codeql/util: - version: 1.0.12 + version: 2.0.6 codeql/xml: - version: 1.0.12 + version: 1.0.19 compiled: false diff --git a/scripts/generate_modules/queries/qlpack.yml b/scripts/generate_modules/queries/qlpack.yml index d2c729dfb9..9aabee2562 100644 --- a/scripts/generate_modules/queries/qlpack.yml +++ b/scripts/generate_modules/queries/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/standard-library-extraction-cpp-coding-standards version: 0.0.0 license: MIT dependencies: - codeql/cpp-all: 2.1.1 + codeql/cpp-all: 4.0.3 diff --git a/supported_codeql_configs.json b/supported_codeql_configs.json index 77534bd53d..9b89dd849e 100644 --- a/supported_codeql_configs.json +++ b/supported_codeql_configs.json @@ -1,9 +1,9 @@ { "supported_environment": [ { - "codeql_cli": "2.19.4", - "codeql_standard_library": "codeql-cli/v2.19.4", - "codeql_cli_bundle": "codeql-bundle-v2.19.4" + "codeql_cli": "2.20.7", + "codeql_standard_library": "codeql-cli/v2.20.7", + "codeql_cli_bundle": "codeql-bundle-v2.20.7" } ], "supported_language": [ From e655ed85787c8e301370c9a941f4d7d4f1279cad Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Thu, 19 Jun 2025 14:56:50 -0700 Subject: [PATCH 2548/2573] Exclude if (f) f() from EXP-16-C --- ...CompareFunctionPointersToConstantValues.ql | 31 ++-------- ...eFunctionPointersToConstantValues.expected | 34 ++++++----- c/cert/test/rules/EXP16-C/test.c | 42 ++++++++++++- .../cpp/exprs/FunctionExprs.qll | 59 +++++++++++++++++++ .../src/codingstandards/cpp/exprs/Guards.qll | 34 +++++++++++ 5 files changed, 158 insertions(+), 42 deletions(-) create mode 100644 cpp/common/src/codingstandards/cpp/exprs/FunctionExprs.qll create mode 100644 cpp/common/src/codingstandards/cpp/exprs/Guards.qll diff --git a/c/cert/src/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql b/c/cert/src/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql index bdd4f1b375..e65d58a652 100644 --- a/c/cert/src/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql +++ b/c/cert/src/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql @@ -17,33 +17,11 @@ */ import cpp +import semmle.code.cpp.controlflow.IRGuards import codingstandards.c.cert import codingstandards.cpp.types.FunctionType -import semmle.code.cpp.controlflow.IRGuards - -class FunctionExpr extends Expr { - Element function; - string funcName; - - FunctionExpr() { - function = this.(FunctionAccess).getTarget() and - funcName = "Function " + function.(Function).getName() - or - this.(VariableAccess).getUnderlyingType() instanceof FunctionType and - function = this and - funcName = "Function pointer variable " + this.(VariableAccess).getTarget().getName() - or - this.getUnderlyingType() instanceof FunctionType and - not this instanceof FunctionAccess and - not this instanceof VariableAccess and - function = this and - funcName = "Expression with function pointer type" - } - - Element getFunction() { result = function } - - string getFuncName() { result = funcName } -} +import codingstandards.cpp.exprs.FunctionExprs +import codingstandards.cpp.exprs.Guards abstract class EffectivelyComparison extends Element { abstract string getExplanation(); @@ -85,6 +63,7 @@ where not isExcluded(comparison, Expressions2Package::doNotCompareFunctionPointersToConstantValuesQuery()) and funcExpr = comparison.getFunctionExpr() and + not exists(NullFunctionCallGuard nullGuard | nullGuard.getFunctionExpr() = funcExpr) and function = funcExpr.getFunction() and - funcName = funcExpr.getFuncName() + funcName = funcExpr.describe() select comparison, comparison.getExplanation(), function, funcName diff --git a/c/cert/test/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.expected b/c/cert/test/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.expected index a18f0d32f6..403d211651 100644 --- a/c/cert/test/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.expected +++ b/c/cert/test/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.expected @@ -1,16 +1,20 @@ -| test.c:17:7:17:13 | ... == ... | $@ compared to constant value. | test.c:3:5:3:6 | f1 | Function f1 | -| test.c:20:7:20:12 | ... > ... | $@ compared to constant value. | test.c:3:5:3:6 | f1 | Function f1 | -| test.c:29:7:29:13 | ... == ... | $@ compared to constant value. | test.c:29:7:29:8 | g1 | Function pointer variable g1 | -| test.c:32:7:32:16 | ... == ... | $@ compared to constant value. | test.c:32:7:32:8 | g2 | Function pointer variable g2 | -| test.c:35:7:35:15 | ... != ... | $@ compared to constant value. | test.c:35:7:35:8 | g1 | Function pointer variable g1 | -| test.c:38:7:38:8 | f1 | $@ undergoes implicit constant comparison. | test.c:3:5:3:6 | f1 | Function f1 | -| test.c:41:7:41:8 | g1 | $@ undergoes implicit constant comparison. | test.c:41:7:41:8 | g1 | Function pointer variable g1 | -| test.c:68:7:68:27 | ... == ... | $@ compared to constant value. | test.c:3:5:3:6 | f1 | Function f1 | -| test.c:71:7:71:18 | ... == ... | $@ compared to constant value. | test.c:3:5:3:6 | f1 | Function f1 | -| test.c:74:7:76:14 | ... == ... | $@ compared to constant value. | test.c:3:5:3:6 | f1 | Function f1 | -| test.c:83:3:83:9 | ... == ... | $@ compared to constant value. | test.c:83:3:83:4 | l1 | Function pointer variable l1 | -| test.c:84:3:84:12 | ... == ... | $@ compared to constant value. | test.c:84:3:84:4 | l1 | Function pointer variable l1 | -| test.c:91:3:91:4 | g1 | $@ undergoes implicit constant comparison. | test.c:91:3:91:4 | g1 | Function pointer variable g1 | -| test.c:96:7:96:18 | ... == ... | $@ compared to constant value. | test.c:96:9:96:10 | fp | Function pointer variable fp | -| test.c:102:7:102:22 | ... == ... | $@ compared to constant value. | test.c:14:11:14:21 | get_handler | Function get_handler | +| test.c:17:7:17:13 | ... == ... | $@ compared to constant value. | test.c:3:5:3:6 | f1 | Address of function f1 | +| test.c:20:7:20:12 | ... > ... | $@ compared to constant value. | test.c:3:5:3:6 | f1 | Address of function f1 | +| test.c:29:7:29:13 | ... == ... | $@ compared to constant value. | test.c:4:8:4:9 | g1 | Function pointer variable g1 | +| test.c:32:7:32:16 | ... == ... | $@ compared to constant value. | test.c:5:7:5:8 | g2 | Function pointer variable g2 | +| test.c:35:7:35:15 | ... != ... | $@ compared to constant value. | test.c:4:8:4:9 | g1 | Function pointer variable g1 | +| test.c:38:7:38:8 | f1 | $@ undergoes implicit constant comparison. | test.c:3:5:3:6 | f1 | Address of function f1 | +| test.c:41:7:41:8 | g1 | $@ undergoes implicit constant comparison. | test.c:4:8:4:9 | g1 | Function pointer variable g1 | +| test.c:68:7:68:27 | ... == ... | $@ compared to constant value. | test.c:3:5:3:6 | f1 | Address of function f1 | +| test.c:71:7:71:18 | ... == ... | $@ compared to constant value. | test.c:3:5:3:6 | f1 | Address of function f1 | +| test.c:74:7:76:14 | ... == ... | $@ compared to constant value. | test.c:3:5:3:6 | f1 | Address of function f1 | +| test.c:83:3:83:9 | ... == ... | $@ compared to constant value. | test.c:82:10:82:11 | l1 | Function pointer variable l1 | +| test.c:84:3:84:12 | ... == ... | $@ compared to constant value. | test.c:82:10:82:11 | l1 | Function pointer variable l1 | +| test.c:91:3:91:4 | g1 | $@ undergoes implicit constant comparison. | test.c:4:8:4:9 | g1 | Function pointer variable g1 | +| test.c:96:7:96:18 | ... == ... | $@ compared to constant value. | test.c:9:9:9:10 | fp | Function pointer variable fp | +| test.c:102:7:102:22 | ... == ... | $@ compared to constant value. | test.c:14:11:14:21 | get_handler | Address of function get_handler | | test.c:105:7:105:24 | ... == ... | $@ compared to constant value. | test.c:105:7:105:17 | call to get_handler | Expression with function pointer type | +| test.c:121:7:121:13 | ... != ... | $@ compared to constant value. | test.c:3:5:3:6 | f1 | Address of function f1 | +| test.c:133:7:133:13 | ... != ... | $@ compared to constant value. | test.c:4:8:4:9 | g1 | Function pointer variable g1 | +| test.c:139:7:139:13 | ... == ... | $@ compared to constant value. | test.c:4:8:4:9 | g1 | Function pointer variable g1 | +| test.c:149:8:149:9 | g1 | $@ undergoes implicit constant comparison. | test.c:4:8:4:9 | g1 | Function pointer variable g1 | diff --git a/c/cert/test/rules/EXP16-C/test.c b/c/cert/test/rules/EXP16-C/test.c index afc1b1b53e..16dfea9bc2 100644 --- a/c/cert/test/rules/EXP16-C/test.c +++ b/c/cert/test/rules/EXP16-C/test.c @@ -94,7 +94,7 @@ void f6(void) { void f7(void) { struct S s; if (s.fp == NULL) // NON-COMPLIANT - return; + f1(); if (s.fp() == NULL) // COMPLIANT return; @@ -110,4 +110,44 @@ void f7(void) { if (get_handler()() == 0) // COMPLIANT return; +} + +void f8(void) { + // Test instances of where the function pointer check is used to guard calls + // to that function. + + // Technically, this function may perhaps be set to NULL by the linker. But + // it is not a variable that should need to be null-checked at runtime. + if (f1 != 0) // NON-COMPLIANT + { + f1(); + } + + // Check guards a call, so it is compliant. + if (g1 != 0) // COMPLIANT + { + g1(); + } + + // Incorrect check, not compliant. + if (g1 != 0) // NON-COMPLIANT + { + f1(); + } + + // Incorrect check, not compliant. + if (g1 == 0) // NON-COMPLIANT + { + g1(); + } + + if (g1) // COMPLIANT + { + g1(); + } + + if (!g1) // NON-COMPLIANT + { + g1(); + } } \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exprs/FunctionExprs.qll b/cpp/common/src/codingstandards/cpp/exprs/FunctionExprs.qll new file mode 100644 index 0000000000..5c46fce075 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exprs/FunctionExprs.qll @@ -0,0 +1,59 @@ +import cpp +import codingstandards.cpp.types.FunctionType + +/** + * A class representing an expression that has a function pointer type. This can be a function + * access, a variable access, or any expression that has a function pointer type. + */ +abstract class FunctionExpr extends Expr { + /** Any element that could represent the function, for example, a variable or an expression. */ + abstract Element getFunction(); + + /** A name or string that describes the function. */ + abstract string describe(); + + /** Get calls of this function */ + abstract Call getACall(); +} + +/** + * A function access is an an expression of function type where we know the function. + */ +class SimpleFunctionAccess extends FunctionExpr, FunctionAccess { + override Element getFunction() { result = this.getTarget() } + + override string describe() { result = "Address of function " + this.getTarget().getName() } + + override FunctionCall getACall() { result.getTarget() = this.getTarget() } +} + +/** + * An access of a variable that has a function pointer type is also a function expression, for which + * we can track certain properties of the function. + */ +class FunctionVariableAccess extends FunctionExpr, VariableAccess { + FunctionVariableAccess() { this.getUnderlyingType() instanceof FunctionType } + + override Element getFunction() { result = this.getTarget() } + + override string describe() { result = "Function pointer variable " + this.getTarget().getName() } + + override ExprCall getACall() { result.getExpr().(VariableAccess).getTarget() = this.getTarget() } +} + +/** + * A function typed expression that is not a function access or a variable access. + */ +class FunctionTypedExpr extends FunctionExpr { + FunctionTypedExpr() { + this.getUnderlyingType() instanceof FunctionType and + not this instanceof FunctionAccess and + not this instanceof VariableAccess + } + + override Element getFunction() { result = this } + + override string describe() { result = "Expression with function pointer type" } + + override ExprCall getACall() { result.getExpr() = this } +} diff --git a/cpp/common/src/codingstandards/cpp/exprs/Guards.qll b/cpp/common/src/codingstandards/cpp/exprs/Guards.qll new file mode 100644 index 0000000000..73a35ccc6b --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exprs/Guards.qll @@ -0,0 +1,34 @@ +import cpp +import codeql.util.Boolean +import semmle.code.cpp.controlflow.Guards +import codingstandards.cpp.exprs.FunctionExprs + +/** + * A guard of the form: `if (funcPtr) funcPtr();`, e.g., a null check on a function before calling + * that function. + * + * Note this does not consider the above to be a null function call guard if `funcPtr` is a + * function name, as that could only be null via unusual linkage steps, and is not expected to be + * an intentional null check. + */ +class NullFunctionCallGuard extends GuardCondition { + FunctionExpr expr; + + NullFunctionCallGuard() { + exists(BasicBlock block, Call guardedCall | + ( + // Handles 'if (funcPtr != NULL)`: + this.ensuresEq(expr, 0, block, false) + or + // Handles `if (funcPtr)` in C where no implicit conversion to bool exists: + expr = this and + expr.getFunction() instanceof Variable and + this.controls(block, true) + ) and + guardedCall = expr.getACall() and + block.contains(guardedCall) + ) + } + + FunctionExpr getFunctionExpr() { result = expr } +} From 68355b0106b8349db717c0bd2a7c7b1963424b6f Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Tue, 8 Jul 2025 22:02:53 +0200 Subject: [PATCH 2549/2573] Make dataflow imports private in libraries and remove unused imports --- .../VariableLengthArraySizeNotInValidRange.ql | 1 + .../DoNotRelyOnIndeterminateValuesOfErrno.ql | 1 + .../DetectAndHandleStandardLibraryErrors.ql | 1 + .../ResetStringsOnFgetsOrFgetwsFailure.ql | 1 + ...riableLengthArraySizeNotInValidRange.expected | 4 ++-- ...oNotRelyOnIndeterminateValuesOfErrno.expected | 8 ++++---- ...DetectAndHandleStandardLibraryErrors.expected | 2 +- .../ResetStringsOnFgetsOrFgetwsFailure.expected | 6 +++--- c/common/src/codingstandards/c/OutOfBounds.qll | 2 +- c/common/src/codingstandards/c/Signal.qll | 2 +- .../InvalidOperationOnUnlockedMutex.ql | 1 - ...fShallBeComparedWithUnmodifiedReturnValues.ql | 1 + ...BeComparedWithUnmodifiedReturnValues.expected | 16 ++++++++-------- .../InOutParametersDeclaredAsTNotModified.ql | 1 + ...nOutParametersDeclaredAsTNotModified.expected | 4 ++-- .../rules/CTR53-CPP/UseValidIteratorRanges.ql | 1 + .../DoNotUseAnAdditiveOperatorOnAnIterator.ql | 1 + .../CTR53-CPP/UseValidIteratorRanges.expected | 12 ++++++------ ...NotUseAnAdditiveOperatorOnAnIterator.expected | 14 +++++++------- .../src/codingstandards/cpp/AccessPath.qll | 2 +- .../src/codingstandards/cpp/Allocations.qll | 2 +- .../src/codingstandards/cpp/Concurrency.qll | 1 - .../src/codingstandards/cpp/ConstHelpers.qll | 2 +- cpp/common/src/codingstandards/cpp/Expr.qll | 1 + .../codingstandards/cpp/FgetsErrorManagement.qll | 2 +- cpp/common/src/codingstandards/cpp/Iterators.qll | 8 +++++--- cpp/common/src/codingstandards/cpp/Overflow.qll | 2 +- .../src/codingstandards/cpp/ReadErrorsAndEOF.qll | 2 +- .../src/codingstandards/cpp/SideEffect.qll | 2 +- .../src/codingstandards/cpp/SmartPointers.qll | 2 +- .../cpp/concurrency/LockingOperation.qll | 2 +- .../InvalidatedEnvStringPointersWarn.qll | 1 - ...redicateFunctionObjectsShouldNotBeMutable.qll | 1 + .../cpp/standardlibrary/FileStreams.qll | 4 ++-- 34 files changed, 61 insertions(+), 52 deletions(-) diff --git a/c/cert/src/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.ql b/c/cert/src/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.ql index 85fc7b9022..1356777e5f 100644 --- a/c/cert/src/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.ql +++ b/c/cert/src/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.ql @@ -20,6 +20,7 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.Overflow +import semmle.code.cpp.dataflow.TaintTracking /** * Gets the maximum size (in bytes) a variable-length array diff --git a/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql b/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql index c7dfd58c6b..146d0cb30f 100644 --- a/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql +++ b/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql @@ -20,6 +20,7 @@ import codingstandards.c.cert import codingstandards.c.Errno import codingstandards.c.Signal import semmle.code.cpp.controlflow.Guards +import semmle.code.cpp.dataflow.DataFlow /** * A check on `signal` call return value diff --git a/c/cert/src/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.ql b/c/cert/src/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.ql index 01e7b83d13..5e473b226e 100644 --- a/c/cert/src/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.ql +++ b/c/cert/src/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.ql @@ -20,6 +20,7 @@ import cpp import codingstandards.c.cert import semmle.code.cpp.commons.NULL import codingstandards.cpp.ReadErrorsAndEOF +import semmle.code.cpp.dataflow.DataFlow ComparisonOperation getAValidComparison(string spec) { spec = "=0" and result.(EqualityOperation).getAnOperand().getValue() = "0" diff --git a/c/cert/src/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.ql b/c/cert/src/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.ql index b54436c835..9b0882ac66 100644 --- a/c/cert/src/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.ql +++ b/c/cert/src/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.ql @@ -21,6 +21,7 @@ import cpp import codingstandards.cpp.FgetsErrorManagement import codingstandards.cpp.Dereferenced import codingstandards.c.cert +import semmle.code.cpp.dataflow.DataFlow /* * Models calls to `memcpy` `strcpy` `strncpy` and their wrappers diff --git a/c/cert/test/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.expected b/c/cert/test/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.expected index 0b400c5256..1617571bbe 100644 --- a/c/cert/test/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.expected +++ b/c/cert/test/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.expected @@ -1,5 +1,5 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (VariableLengthArraySizeNotInValidRange.ql:109,11-19) -WARNING: module 'TaintTracking' has been deprecated and may be removed in future (VariableLengthArraySizeNotInValidRange.ql:92,5-18) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (VariableLengthArraySizeNotInValidRange.ql:110,11-19) +WARNING: module 'TaintTracking' has been deprecated and may be removed in future (VariableLengthArraySizeNotInValidRange.ql:93,5-18) | test.c:14:8:14:8 | VLA declaration | Variable-length array dimension size may be in an invalid range. | | test.c:15:8:15:8 | VLA declaration | Variable-length array dimension size may be in an invalid range. | | test.c:16:8:16:8 | VLA declaration | Variable-length array dimension size may be in an invalid range. | diff --git a/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected b/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected index 1f313cb90d..b79a17ca35 100644 --- a/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected +++ b/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected @@ -1,7 +1,7 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotRelyOnIndeterminateValuesOfErrno.ql:55,7-15) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotRelyOnIndeterminateValuesOfErrno.ql:55,27-35) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotRelyOnIndeterminateValuesOfErrno.ql:56,9-17) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotRelyOnIndeterminateValuesOfErrno.ql:59,9-17) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotRelyOnIndeterminateValuesOfErrno.ql:56,7-15) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotRelyOnIndeterminateValuesOfErrno.ql:56,27-35) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotRelyOnIndeterminateValuesOfErrno.ql:57,9-17) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotRelyOnIndeterminateValuesOfErrno.ql:60,9-17) | test.c:12:5:12:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:10:21:10:26 | call to signal | call to signal | | test.c:30:5:30:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:26:21:26:26 | call to signal | call to signal | | test.c:49:5:49:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:45:21:45:26 | call to signal | call to signal | diff --git a/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected b/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected index b13f34522c..f4006c013e 100644 --- a/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected +++ b/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected @@ -1,4 +1,4 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DetectAndHandleStandardLibraryErrors.ql:458,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DetectAndHandleStandardLibraryErrors.ql:459,5-13) | test.c:18:3:18:11 | call to setlocale | Missing error detection for the call to function `setlocale`. | | test.c:24:23:24:31 | call to setlocale | Missing error detection for the call to function `setlocale`. | | test.c:29:22:29:27 | call to calloc | Missing error detection for the call to function `calloc`. | diff --git a/c/cert/test/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.expected b/c/cert/test/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.expected index 7d3cbe355b..52cb85e5c4 100644 --- a/c/cert/test/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.expected +++ b/c/cert/test/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.expected @@ -1,6 +1,6 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (ResetStringsOnFgetsOrFgetwsFailure.ql:47,11-19) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (ResetStringsOnFgetsOrFgetwsFailure.ql:47,31-39) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (ResetStringsOnFgetsOrFgetwsFailure.ql:48,13-21) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ResetStringsOnFgetsOrFgetwsFailure.ql:48,11-19) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ResetStringsOnFgetsOrFgetwsFailure.ql:48,31-39) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (ResetStringsOnFgetsOrFgetwsFailure.ql:49,13-21) | test.c:20:10:20:12 | buf | The buffer is not reset before being referenced following a failed $@. | test.c:15:7:15:11 | call to fgets | call to fgets | | test.c:57:10:57:12 | buf | The buffer is not reset before being referenced following a failed $@. | test.c:52:7:52:11 | call to fgets | call to fgets | | test.c:66:18:66:20 | buf | The buffer is not reset before being referenced following a failed $@. | test.c:61:7:61:11 | call to fgets | call to fgets | diff --git a/c/common/src/codingstandards/c/OutOfBounds.qll b/c/common/src/codingstandards/c/OutOfBounds.qll index bb7d1bd124..1f1680f56c 100644 --- a/c/common/src/codingstandards/c/OutOfBounds.qll +++ b/c/common/src/codingstandards/c/OutOfBounds.qll @@ -11,7 +11,7 @@ import codingstandards.cpp.Allocations import codingstandards.cpp.Overflow import codingstandards.cpp.PossiblyUnsafeStringOperation import codingstandards.cpp.SimpleRangeAnalysisCustomizations -import semmle.code.cpp.dataflow.DataFlow +private import semmle.code.cpp.dataflow.DataFlow import semmle.code.cpp.valuenumbering.GlobalValueNumbering module OOB { diff --git a/c/common/src/codingstandards/c/Signal.qll b/c/common/src/codingstandards/c/Signal.qll index 95b27e2898..2a570b654f 100644 --- a/c/common/src/codingstandards/c/Signal.qll +++ b/c/common/src/codingstandards/c/Signal.qll @@ -1,5 +1,5 @@ import cpp -import semmle.code.cpp.dataflow.DataFlow +private import semmle.code.cpp.dataflow.DataFlow /** * A signal corresponding to a computational exception diff --git a/c/misra/src/rules/RULE-22-17/InvalidOperationOnUnlockedMutex.ql b/c/misra/src/rules/RULE-22-17/InvalidOperationOnUnlockedMutex.ql index 252b4a7d9f..d85183a831 100644 --- a/c/misra/src/rules/RULE-22-17/InvalidOperationOnUnlockedMutex.ql +++ b/c/misra/src/rules/RULE-22-17/InvalidOperationOnUnlockedMutex.ql @@ -18,7 +18,6 @@ import codingstandards.c.misra import codingstandards.c.SubObjects import codingstandards.cpp.Concurrency import codingstandards.cpp.dominance.BehavioralSet -import semmle.code.cpp.dataflow.new.DataFlow::DataFlow as NewDF /* A call to mtx_unlock() or cnd_wait() or cnd_timedwait(), which require a locked mutex */ class RequiresLockOperation extends FunctionCall { diff --git a/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql b/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql index a29ee7c898..1da495ca28 100644 --- a/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql +++ b/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql @@ -15,6 +15,7 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.ReadErrorsAndEOF +import semmle.code.cpp.dataflow.DataFlow /** * The getchar() return value propagates directly to a check against EOF macro diff --git a/c/misra/test/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.expected b/c/misra/test/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.expected index 83a10a46fb..210a3a9218 100644 --- a/c/misra/test/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.expected +++ b/c/misra/test/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.expected @@ -1,10 +1,10 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:23,28-36) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:24,22-30) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:28,20-28) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:37,23-31) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:42,17-25) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:51,5-13) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:59,20-28) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:59,46-54) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:24,28-36) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:25,22-30) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:29,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:38,23-31) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:43,17-25) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:52,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:60,20-28) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (EofShallBeComparedWithUnmodifiedReturnValues.ql:60,46-54) | test.c:6:7:6:20 | ... != ... | The check is not reliable as the type of the return value of $@ is converted. | test.c:5:14:5:20 | call to getchar | call to getchar | | test.c:13:7:13:15 | ... != ... | The check is not reliable as the type of the return value of $@ is converted. | test.c:12:14:12:20 | call to getchar | call to getchar | diff --git a/cpp/autosar/src/rules/A8-4-9/InOutParametersDeclaredAsTNotModified.ql b/cpp/autosar/src/rules/A8-4-9/InOutParametersDeclaredAsTNotModified.ql index 1509ee968a..3b30eb676a 100644 --- a/cpp/autosar/src/rules/A8-4-9/InOutParametersDeclaredAsTNotModified.ql +++ b/cpp/autosar/src/rules/A8-4-9/InOutParametersDeclaredAsTNotModified.ql @@ -21,6 +21,7 @@ import codingstandards.cpp.autosar import codingstandards.cpp.FunctionParameter import codingstandards.cpp.ConstHelpers import codingstandards.cpp.Operator +import semmle.code.cpp.dataflow.DataFlow /** * Non-const T& `Parameter`s to `Function`s diff --git a/cpp/autosar/test/rules/A8-4-9/InOutParametersDeclaredAsTNotModified.expected b/cpp/autosar/test/rules/A8-4-9/InOutParametersDeclaredAsTNotModified.expected index bafa98112f..25fe77d9a5 100644 --- a/cpp/autosar/test/rules/A8-4-9/InOutParametersDeclaredAsTNotModified.expected +++ b/cpp/autosar/test/rules/A8-4-9/InOutParametersDeclaredAsTNotModified.expected @@ -1,5 +1,5 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (InOutParametersDeclaredAsTNotModified.ql:49,7-15) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (InOutParametersDeclaredAsTNotModified.ql:63,7-15) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (InOutParametersDeclaredAsTNotModified.ql:50,7-15) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (InOutParametersDeclaredAsTNotModified.ql:64,7-15) | test.cpp:4:13:4:13 | i | In-out parameter i that is not written to. | | test.cpp:7:22:7:24 | str | In-out parameter str that is not read from. | | test.cpp:18:14:18:14 | i | In-out parameter i that is not read from. | diff --git a/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.ql b/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.ql index 3702cbcd6e..1512a7fd99 100644 --- a/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.ql +++ b/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.ql @@ -19,6 +19,7 @@ import cpp import codingstandards.cpp.cert import codingstandards.cpp.Iterators +import semmle.code.cpp.dataflow.DataFlow predicate startEndArgumentsDoNotPointToTheSameContainer( IteratorRangeFunctionCall fc, Expr arg, string reason diff --git a/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql b/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql index 3f2de63246..c6ea2c4518 100644 --- a/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql +++ b/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.ql @@ -20,6 +20,7 @@ import cpp import codingstandards.cpp.cert import codingstandards.cpp.Iterators import semmle.code.cpp.controlflow.Dominance +import semmle.code.cpp.dataflow.DataFlow /** * Models a call to an iterator's `operator+` diff --git a/cpp/cert/test/rules/CTR53-CPP/UseValidIteratorRanges.expected b/cpp/cert/test/rules/CTR53-CPP/UseValidIteratorRanges.expected index 1953314c2f..d25d23185a 100644 --- a/cpp/cert/test/rules/CTR53-CPP/UseValidIteratorRanges.expected +++ b/cpp/cert/test/rules/CTR53-CPP/UseValidIteratorRanges.expected @@ -1,9 +1,9 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (UseValidIteratorRanges.ql:28,5-13) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (UseValidIteratorRanges.ql:28,25-33) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (UseValidIteratorRanges.ql:29,7-15) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (UseValidIteratorRanges.ql:35,5-13) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (UseValidIteratorRanges.ql:35,25-33) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (UseValidIteratorRanges.ql:36,7-15) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (UseValidIteratorRanges.ql:29,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (UseValidIteratorRanges.ql:29,25-33) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (UseValidIteratorRanges.ql:30,7-15) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (UseValidIteratorRanges.ql:36,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (UseValidIteratorRanges.ql:36,25-33) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (UseValidIteratorRanges.ql:37,7-15) | test.cpp:7:3:7:15 | call to for_each | The $@ of iterator range function does not point to the end of an iterator. | test.cpp:7:28:7:32 | call to begin | argument | | test.cpp:7:3:7:15 | call to for_each | The $@ of iterator range function does not point to the start of an iterator. | test.cpp:7:19:7:21 | call to end | argument | | test.cpp:8:3:8:15 | call to for_each | The $@ of iterator range function does not point to the end of an iterator. | test.cpp:8:30:8:34 | call to begin | argument | diff --git a/cpp/cert/test/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.expected b/cpp/cert/test/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.expected index 48da16d208..db3b7358d8 100644 --- a/cpp/cert/test/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.expected +++ b/cpp/cert/test/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.expected @@ -1,12 +1,12 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:43,5-13) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:43,25-33) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:43,51-59) WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:44,5-13) WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:44,25-33) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:44,52-60) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:79,5-13) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:79,25-33) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:80,7-15) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:44,51-59) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:45,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:45,25-33) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:45,52-60) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:80,5-13) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:80,25-33) +WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUseAnAdditiveOperatorOnAnIterator.ql:81,7-15) | test.cpp:8:7:8:7 | i | Increment of iterator may overflow since its bounds are not checked. | | test.cpp:9:9:9:9 | i | Increment of iterator may overflow since its bounds are not checked. | | test.cpp:10:9:10:9 | i | Increment of iterator may overflow since its bounds are not checked. | diff --git a/cpp/common/src/codingstandards/cpp/AccessPath.qll b/cpp/common/src/codingstandards/cpp/AccessPath.qll index ff7601ed4b..3af462e1ec 100644 --- a/cpp/common/src/codingstandards/cpp/AccessPath.qll +++ b/cpp/common/src/codingstandards/cpp/AccessPath.qll @@ -1,5 +1,5 @@ import cpp -import semmle.code.cpp.dataflow.DataFlow +private import semmle.code.cpp.dataflow.DataFlow newtype TFieldQualifier = ExplicitQualifier(VariableAccess v) or diff --git a/cpp/common/src/codingstandards/cpp/Allocations.qll b/cpp/common/src/codingstandards/cpp/Allocations.qll index db47b0b028..decdfe9fc4 100644 --- a/cpp/common/src/codingstandards/cpp/Allocations.qll +++ b/cpp/common/src/codingstandards/cpp/Allocations.qll @@ -7,7 +7,7 @@ import cpp import semmle.code.cpp.controlflow.SSA -import semmle.code.cpp.dataflow.DataFlow +private import semmle.code.cpp.dataflow.DataFlow /** * Holds if `alloc` is a use of `malloc` or `new`. `kind` is diff --git a/cpp/common/src/codingstandards/cpp/Concurrency.qll b/cpp/common/src/codingstandards/cpp/Concurrency.qll index 0e2afb8ece..3f7e5c1af9 100644 --- a/cpp/common/src/codingstandards/cpp/Concurrency.qll +++ b/cpp/common/src/codingstandards/cpp/Concurrency.qll @@ -1,5 +1,4 @@ import cpp -import semmle.code.cpp.dataflow.TaintTracking import codingstandards.cpp.concurrency.Atomic import codingstandards.cpp.concurrency.CConditionOperation import codingstandards.cpp.concurrency.ControlFlow diff --git a/cpp/common/src/codingstandards/cpp/ConstHelpers.qll b/cpp/common/src/codingstandards/cpp/ConstHelpers.qll index a7457dc845..a3d12fd127 100644 --- a/cpp/common/src/codingstandards/cpp/ConstHelpers.qll +++ b/cpp/common/src/codingstandards/cpp/ConstHelpers.qll @@ -4,7 +4,7 @@ import cpp import codingstandards.cpp.SideEffect -import semmle.code.cpp.dataflow.DataFlow +private import semmle.code.cpp.dataflow.DataFlow import codingstandards.cpp.FunctionParameter /** A variable that can be modified (both the pointer and object pointed to if pointer type) */ diff --git a/cpp/common/src/codingstandards/cpp/Expr.qll b/cpp/common/src/codingstandards/cpp/Expr.qll index 0b650ae41b..54ba86c5b7 100644 --- a/cpp/common/src/codingstandards/cpp/Expr.qll +++ b/cpp/common/src/codingstandards/cpp/Expr.qll @@ -1,4 +1,5 @@ import cpp +private import semmle.code.cpp.dataflow.DataFlow private import semmle.code.cpp.valuenumbering.GlobalValueNumbering import codingstandards.cpp.AccessPath diff --git a/cpp/common/src/codingstandards/cpp/FgetsErrorManagement.qll b/cpp/common/src/codingstandards/cpp/FgetsErrorManagement.qll index 4f99b02e2e..026fd93045 100644 --- a/cpp/common/src/codingstandards/cpp/FgetsErrorManagement.qll +++ b/cpp/common/src/codingstandards/cpp/FgetsErrorManagement.qll @@ -4,7 +4,7 @@ */ import cpp -import semmle.code.cpp.dataflow.DataFlow +private import semmle.code.cpp.dataflow.DataFlow import semmle.code.cpp.controlflow.Guards /* diff --git a/cpp/common/src/codingstandards/cpp/Iterators.qll b/cpp/common/src/codingstandards/cpp/Iterators.qll index 76751aa87b..c8c217aea4 100644 --- a/cpp/common/src/codingstandards/cpp/Iterators.qll +++ b/cpp/common/src/codingstandards/cpp/Iterators.qll @@ -3,8 +3,8 @@ */ import cpp -import semmle.code.cpp.dataflow.DataFlow -import semmle.code.cpp.dataflow.TaintTracking +private import semmle.code.cpp.dataflow.DataFlow +private import semmle.code.cpp.dataflow.TaintTracking import codingstandards.cpp.StdNamespace import codingstandards.cpp.rules.containeraccesswithoutrangecheck.ContainerAccessWithoutRangeCheck as ContainerAccessWithoutRangeCheck import semmle.code.cpp.controlflow.Guards @@ -16,7 +16,9 @@ abstract class ContainerAccess extends VariableAccess { } pragma[noinline, nomagic] -predicate localTaint(DataFlow::Node n1, DataFlow::Node n2) { TaintTracking::localTaint(n1, n2) } +private predicate localTaint(DataFlow::Node n1, DataFlow::Node n2) { + TaintTracking::localTaint(n1, n2) +} // define this as anything with dataflow FROM the vector class ContainerPointerOrReferenceAccess extends ContainerAccess { diff --git a/cpp/common/src/codingstandards/cpp/Overflow.qll b/cpp/common/src/codingstandards/cpp/Overflow.qll index 28a5c0d9db..b81147d6bf 100644 --- a/cpp/common/src/codingstandards/cpp/Overflow.qll +++ b/cpp/common/src/codingstandards/cpp/Overflow.qll @@ -6,7 +6,7 @@ import cpp import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis import SimpleRangeAnalysisCustomizations import semmle.code.cpp.controlflow.Guards -import semmle.code.cpp.dataflow.TaintTracking +private import semmle.code.cpp.dataflow.TaintTracking import semmle.code.cpp.valuenumbering.GlobalValueNumbering import codingstandards.cpp.Expr import codingstandards.cpp.UndefinedBehavior diff --git a/cpp/common/src/codingstandards/cpp/ReadErrorsAndEOF.qll b/cpp/common/src/codingstandards/cpp/ReadErrorsAndEOF.qll index c3c433d20d..94e7f89796 100644 --- a/cpp/common/src/codingstandards/cpp/ReadErrorsAndEOF.qll +++ b/cpp/common/src/codingstandards/cpp/ReadErrorsAndEOF.qll @@ -1,5 +1,5 @@ import cpp -import semmle.code.cpp.dataflow.DataFlow +private import semmle.code.cpp.dataflow.DataFlow import codingstandards.cpp.standardlibrary.FileAccess /** diff --git a/cpp/common/src/codingstandards/cpp/SideEffect.qll b/cpp/common/src/codingstandards/cpp/SideEffect.qll index d83647ce76..883004e513 100644 --- a/cpp/common/src/codingstandards/cpp/SideEffect.qll +++ b/cpp/common/src/codingstandards/cpp/SideEffect.qll @@ -1,7 +1,7 @@ /** A module to reason about side effects. */ import cpp -import semmle.code.cpp.dataflow.DataFlow +private import semmle.code.cpp.dataflow.DataFlow private import exceptions.ExceptionFlow private import codingstandards.cpp.Expr private import codingstandards.cpp.Variable diff --git a/cpp/common/src/codingstandards/cpp/SmartPointers.qll b/cpp/common/src/codingstandards/cpp/SmartPointers.qll index 0f01d886be..a643b0bc2b 100644 --- a/cpp/common/src/codingstandards/cpp/SmartPointers.qll +++ b/cpp/common/src/codingstandards/cpp/SmartPointers.qll @@ -1,5 +1,5 @@ import cpp -import semmle.code.cpp.dataflow.DataFlow +private import semmle.code.cpp.dataflow.DataFlow // Local cached version of localExprFlow to avoid bad magic cached diff --git a/cpp/common/src/codingstandards/cpp/concurrency/LockingOperation.qll b/cpp/common/src/codingstandards/cpp/concurrency/LockingOperation.qll index 95404b114a..0aab11a269 100644 --- a/cpp/common/src/codingstandards/cpp/concurrency/LockingOperation.qll +++ b/cpp/common/src/codingstandards/cpp/concurrency/LockingOperation.qll @@ -1,5 +1,5 @@ import cpp -import semmle.code.cpp.dataflow.TaintTracking +private import semmle.code.cpp.dataflow.TaintTracking abstract class LockingOperation extends FunctionCall { /** diff --git a/cpp/common/src/codingstandards/cpp/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.qll b/cpp/common/src/codingstandards/cpp/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.qll index 8bc1b0c920..759bc08deb 100644 --- a/cpp/common/src/codingstandards/cpp/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.qll +++ b/cpp/common/src/codingstandards/cpp/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.qll @@ -6,7 +6,6 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -import semmle.code.cpp.dataflow.DataFlow import codingstandards.cpp.rules.invalidatedenvstringpointers.InvalidatedEnvStringPointers as EnvString abstract class InvalidatedEnvStringPointersWarnSharedQuery extends Query { } diff --git a/cpp/common/src/codingstandards/cpp/rules/predicatefunctionobjectsshouldnotbemutable/PredicateFunctionObjectsShouldNotBeMutable.qll b/cpp/common/src/codingstandards/cpp/rules/predicatefunctionobjectsshouldnotbemutable/PredicateFunctionObjectsShouldNotBeMutable.qll index bf47c1f649..ba2f6ed82a 100644 --- a/cpp/common/src/codingstandards/cpp/rules/predicatefunctionobjectsshouldnotbemutable/PredicateFunctionObjectsShouldNotBeMutable.qll +++ b/cpp/common/src/codingstandards/cpp/rules/predicatefunctionobjectsshouldnotbemutable/PredicateFunctionObjectsShouldNotBeMutable.qll @@ -9,6 +9,7 @@ import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions import codingstandards.cpp.SideEffect import codingstandards.cpp.sideeffect.DefaultEffects +import semmle.code.cpp.dataflow.DataFlow abstract class PredicateFunctionObjectsShouldNotBeMutableSharedQuery extends Query { } diff --git a/cpp/common/src/codingstandards/cpp/standardlibrary/FileStreams.qll b/cpp/common/src/codingstandards/cpp/standardlibrary/FileStreams.qll index 709e80dc1a..99eec1f5e0 100644 --- a/cpp/common/src/codingstandards/cpp/standardlibrary/FileStreams.qll +++ b/cpp/common/src/codingstandards/cpp/standardlibrary/FileStreams.qll @@ -10,8 +10,8 @@ */ import cpp -import semmle.code.cpp.dataflow.DataFlow -import semmle.code.cpp.dataflow.TaintTracking +private import semmle.code.cpp.dataflow.DataFlow +private import semmle.code.cpp.dataflow.TaintTracking private import codingstandards.cpp.Operator /** From 9fa5cb207fd9a5c21fc45727402dc7d1b41ddc2c Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Thu, 10 Jul 2025 14:25:31 -0700 Subject: [PATCH 2550/2573] Add more test cases - 1. Assigning a char to another char - 1-1. Assigning a char to a char variable - 1-2. Assigning a char to a char member - 1-3. Assigning a char to a char through a pointer - 2. Passing a char argument to a char parameter - 2-1. Passing char argument to a char parameter of a regular function - 2-2. Passing char argument to a char parameter through a template - 2-3. Passing a char argument to a char parameter through a template --- cpp/autosar/test/rules/M5-0-12/test.cpp | 363 +++++++++++++++++++++++- 1 file changed, 353 insertions(+), 10 deletions(-) diff --git a/cpp/autosar/test/rules/M5-0-12/test.cpp b/cpp/autosar/test/rules/M5-0-12/test.cpp index 453c37bf1e..355c9cbc4f 100644 --- a/cpp/autosar/test/rules/M5-0-12/test.cpp +++ b/cpp/autosar/test/rules/M5-0-12/test.cpp @@ -1,16 +1,359 @@ #include -void f1() { - unsigned char a1 = 'c'; // NON_COMPLIANT - unsigned char a2 = 10; - signed char a3 = 'c'; // NON_COMPLIANT - signed char a4 = 10; +template class C1 { +public: + C1() : x(y) {} - std::int8_t a5 = 'c'; // NON_COMPLIANT - std::int8_t a6 = 10; +private: + unsigned char x; +}; - std::uint8_t a7 = 'c'; // NON_COMPLIANT - std::uint8_t a8 = 10; +template class C2 { +public: + C2() : x(y) {} - char a9 = 'c'; +private: + signed char x; +}; + +template class C3 { +public: + C3() : x(y) {} + +private: + unsigned char x; +}; + +template class C4 { +public: + C4() : x(y) {} + +private: + signed char x; +}; + +/* Twin templates for std::uint8_t and std::int8_t */ +template class C9 { +public: + C9() : x(y) {} + +private: + std::uint8_t x; +}; + +template class C10 { +public: + C10() : x(y) {} + +private: + std::int8_t x; +}; + +template class C11 { +public: + C11() : x(y) {} + +private: + std::uint8_t x; +}; + +template class C12 { +public: + C12() : x(y) {} + +private: + std::int8_t x; +}; + +void f1(unsigned char x) {} +void f2(signed char x) {} +void f3(unsigned char x) {} +void f4(signed char x) {} + +/* Twin functions for std::uint8_t and std::int8_t */ +void f9(std::uint8_t x) {} +void f10(std::int8_t x) {} +void f11(std::uint8_t x) {} +void f12(std::int8_t x) {} + +template void f5(T x) { unsigned char y = x; } +template void f6(T x) { signed char y = x; } +template void f7(T x) { signed char y = x; } +template void f8(T x) { signed char y = x; } + +/* Twin template functions for std::uint8_t and std::int8_t */ +template void f13(T x) { std::uint8_t y = x; } +template void f14(T x) { std::int8_t y = x; } +template void f15(T x) { std::int8_t y = x; } +template void f16(T x) { std::int8_t y = x; } + +template class C5 { +public: + C5(T y) : x(y) {} + +private: + unsigned char x; +}; + +template class C6 { +public: + C6(T y) : x(y) {} + +private: + signed char x; +}; + +template class C7 { +public: + C7(T y) : x(y) {} + +private: + signed char x; +}; + +template class C8 { +public: + C8(T y) : x(y) {} + +private: + signed char x; +}; + +/* Twin template classes for std::uint8_t and std::int8_t */ +template class C13 { +public: + C13(T y) : x(y) {} + +private: + std::uint8_t x; +}; + +template class C14 { +public: + C14(T y) : x(y) {} + +private: + std::int8_t x; +}; + +template class C15 { +public: + C15(T y) : x(y) {} + +private: + std::int8_t x; +}; + +template class C16 { +public: + C16(T y) : x(y) {} + +private: + std::int8_t x; +}; + +int main() { + + /* ========== 1. Assigning a char to another char ========== */ + + /* ===== 1-1. Assigning a char to a char variable ===== */ + + unsigned char x1 = 1; + unsigned char y1 = + x1; // COMPLIANT: unsigned char assigned to an unsigned char + + signed char x2 = 1; + signed char y2 = x2; // COMPLIANT: signed char assigned to a signed char + + char x3 = 'x'; + unsigned char y3 = x3; // NON-COMPLIANT: plain char assigned to a unsigned char + + char x4 = 'x'; + signed char y4 = x4; // NON-COMPLIANT: plain char assigned to a signed char + + /* Twin cases with std::uint8_t and std::int8_t */ + std::uint8_t x5 = 1; + std::uint8_t y5 = + x5; // COMPLIANT: std::uint8_t assigned to a std::uint8_t + + std::int8_t x6 = 1; + std::int8_t y6 = x6; // COMPLIANT: std::int8_t assigned to a std::int8_t + + char x7 = 'x'; + std::uint8_t y7 = x7; // NON-COMPLIANT: plain char assigned to a std::uint8_t + + char x8 = 'x'; + std::int8_t y8 = x8; // NON-COMPLIANT: plain char assigned to a std::int8_t + + /* ===== 1-2. Assigning a char to a char member ===== */ + + C1 c1; // COMPLIANT: unsigned char arg passed to an unsigned + // char member through a template + + C2 c2; // COMPLIANT: signed char arg passed to a signed char + // member through a template + + C3 c3; // NON-COMPLIANT: plain char arg passed to a unsigned char + // member through a template + + C4 c4; // NON-COMPLIANT: plain char arg passed to a signed char + // member through a template + + /* Twin cases with std::uint8_t and std::int8_t */ + C9 c9; // COMPLIANT: std::uint8_t arg passed to a std::uint8_t + // member through a template + + C10 c10; // COMPLIANT: std::int8_t arg passed to a std::int8_t + // member through a template + + C11 c11; // NON-COMPLIANT: plain char arg passed to a std::uint8_t + // member through a template + + C12 c12; // NON-COMPLIANT: plain char arg passed to a std::int8_t + // member through a template + + /* ========== 1-3. Assigning a char to a char through a pointer ========== */ + + unsigned char x9 = 1; + unsigned char *y9 = &x9; + signed char z1 = + *y9; // COMPLIANT: unsigned char assigned to a *&unsigned char + + unsigned char x10 = 1; + unsigned char *y10 = &x10; + signed char z2 = *y10; // COMPLIANT: signed char assigned to an *&signed char + + char x11 = 1; + char *y11 = &x11; + unsigned char z3 = + *y11; // NON-COMPLIANT: plain char assigned to an *&unsigned char + + char x12 = 1; + char *y12 = &x12; + signed char z4 = + *y12; // NON-COMPLIANT: plain char assigned to an *&signed char + + /* Twin cases with std::uint8_t and std::int8_t */ + std::uint8_t x13 = 1; + std::uint8_t *y13 = &x13; + std::int8_t z5 = + *y13; // COMPLIANT: std::uint8_t assigned to a *&std::uint8_t + + std::uint8_t x14 = 1; + std::uint8_t *y14 = &x14; + std::int8_t z6 = *y14; // COMPLIANT: std::int8_t assigned to an *&std::int8_t + + char x15 = 1; + char *y15 = &x15; + std::uint8_t z7 = + *y15; // NON-COMPLIANT: plain char assigned to an *&std::uint8_t + + char x16 = 1; + char *y16 = &x16; + std::int8_t z8 = + *y16; // NON-COMPLIANT: plain char assigned to an *&std::int8_t + + /* ========== 2. Passing a char argument to a char parameter ========== */ + + /* ===== 2-1. Passing char argument to a char parameter of a regular function + * ===== */ + + unsigned char a1 = 1; + f1(a1); // COMPLIANT: unsigned char arg passed to an unsigned char parameter + + signed char a2 = 1; + f2(a2); // COMPLIANT: signed char arg passed to a signed char parameter + + char a3 = 'a'; + f3(a3); // NON-COMPLIANT: plain char arg passed to a unsigned char parameter + + char a4 = 'a'; + f4(a4); // NON-COMPLIANT: plain char arg passed to a signed char parameter + + /* Twin cases with std::uint8_t and std::int8_t */ + std::uint8_t a5 = 1; + f9(a5); // COMPLIANT: std::uint8_t arg passed to a std::uint8_t parameter + + std::int8_t a6 = 1; + f10(a6); // COMPLIANT: std::int8_t arg passed to a std::int8_t parameter + + char a7 = 'a'; + f11(a7); // NON-COMPLIANT: plain char arg passed to a std::uint8_t parameter + + char a8 = 'a'; + f12(a8); // NON-COMPLIANT: plain char arg passed to a std::int8_t parameter + + /* ===== 2-2. Passing char argument to a char parameter through a template + * ===== */ + + unsigned char a9 = 'a'; + f5(a9); // COMPLIANT: unsigned char arg passed to an unsigned char parameter + // through a template + + signed char a10 = 'a'; + f6(a10); // COMPLIANT: signed char arg passed to a signed char parameter + // through a template + + char a11 = 'a'; + f7(a11); // NON-COMPLIANT: plain char arg passed to a unsigned char parameter + // through a template + + char a12 = 'a'; + f8(a12); // COMPLIANT: plain char arg passed to a signed char parameter through + // a template + + /* Twin cases with std::uint8_t and std::int8_t */ + std::uint8_t a13 = 'a'; + f13(a13); // COMPLIANT: std::uint8_t arg passed to a std::uint8_t parameter + // through a template + + std::int8_t a14 = 'a'; + f14(a14); // COMPLIANT: std::int8_t arg passed to a std::int8_t parameter + // through a template + + char a15 = 'a'; + f15(a15); // NON-COMPLIANT: plain char arg passed to a std::uint8_t parameter + // through a template + + char a16 = 'a'; + f16(a16); // COMPLIANT: plain char arg passed to a std::int8_t parameter through + // a template + + /* ========== 2-3. Passing a char argument to a char parameter through a + * template ========== */ + + unsigned char a17 = 1; + C5 c5( + a17); // COMPLIANT: unsigned char arg passed to an unsigned char parameter + // of a constructor through a template + + signed char a18 = 1; + C6 c6(a18); // COMPLIANT: signed char arg passed to an signed + // char parameter of a constructor through a template + + char a19 = 'a'; + C7 c7(a19); // NON-COMPLIANT: plain char arg passed to an unsigned char + // parameter of a constructor through a template + + char a20 = 'a'; + C8 c8(a20); // NON-COMPLIANT: plain char arg passed to an signed char + // parameter of a constructor through a template + + /* Twin cases with std::uint8_t and std::int8_t */ + std::uint8_t a21 = 1; + C13 c13( + a21); // COMPLIANT: std::uint8_t arg passed to a std::uint8_t parameter + // of a constructor through a template + + std::int8_t a22 = 1; + C14 c14(a22); // COMPLIANT: std::int8_t arg passed to a std::int8_t + // parameter of a constructor through a template + + char a23 = 'a'; + C15 c15(a23); // NON-COMPLIANT: plain char arg passed to a std::uint8_t + // parameter of a constructor through a template + + char a24 = 'a'; + C16 c16(a24); // NON-COMPLIANT: plain char arg passed to a std::int8_t + // parameter of a constructor through a template } \ No newline at end of file From fb544876bb2ce448934362c7ce5ce495803a807c Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Thu, 10 Jul 2025 14:39:44 -0700 Subject: [PATCH 2551/2573] Renumber definitions and objects, and fix wrong labels --- cpp/autosar/test/rules/M5-0-12/test.cpp | 70 ++++++++++++------------- 1 file changed, 35 insertions(+), 35 deletions(-) diff --git a/cpp/autosar/test/rules/M5-0-12/test.cpp b/cpp/autosar/test/rules/M5-0-12/test.cpp index 355c9cbc4f..57530dae16 100644 --- a/cpp/autosar/test/rules/M5-0-12/test.cpp +++ b/cpp/autosar/test/rules/M5-0-12/test.cpp @@ -33,33 +33,33 @@ template class C4 { }; /* Twin templates for std::uint8_t and std::int8_t */ -template class C9 { +template class C5 { public: - C9() : x(y) {} + C5() : x(y) {} private: std::uint8_t x; }; -template class C10 { +template class C6 { public: - C10() : x(y) {} + C6() : x(y) {} private: std::int8_t x; }; -template class C11 { +template class C7 { public: - C11() : x(y) {} + C7() : x(y) {} private: std::uint8_t x; }; -template class C12 { +template class C8 { public: - C12() : x(y) {} + C8() : x(y) {} private: std::int8_t x; @@ -87,33 +87,33 @@ template void f14(T x) { std::int8_t y = x; } template void f15(T x) { std::int8_t y = x; } template void f16(T x) { std::int8_t y = x; } -template class C5 { +template class C9 { public: - C5(T y) : x(y) {} + C9(T y) : x(y) {} private: unsigned char x; }; -template class C6 { +template class C10 { public: - C6(T y) : x(y) {} + C10(T y) : x(y) {} private: signed char x; }; -template class C7 { +template class C11 { public: - C7(T y) : x(y) {} + C11(T y) : x(y) {} private: signed char x; }; -template class C8 { +template class C12 { public: - C8(T y) : x(y) {} + C12(T y) : x(y) {} private: signed char x; @@ -200,27 +200,27 @@ int main() { // member through a template /* Twin cases with std::uint8_t and std::int8_t */ - C9 c9; // COMPLIANT: std::uint8_t arg passed to a std::uint8_t + C5 c5; // COMPLIANT: std::uint8_t arg passed to a std::uint8_t // member through a template - C10 c10; // COMPLIANT: std::int8_t arg passed to a std::int8_t + C6 c6; // COMPLIANT: std::int8_t arg passed to a std::int8_t // member through a template - C11 c11; // NON-COMPLIANT: plain char arg passed to a std::uint8_t + C7 c7; // NON-COMPLIANT: plain char arg passed to a std::uint8_t // member through a template - C12 c12; // NON-COMPLIANT: plain char arg passed to a std::int8_t + C8 c8; // NON-COMPLIANT: plain char arg passed to a std::int8_t // member through a template /* ========== 1-3. Assigning a char to a char through a pointer ========== */ unsigned char x9 = 1; unsigned char *y9 = &x9; - signed char z1 = + unsigned char z1 = *y9; // COMPLIANT: unsigned char assigned to a *&unsigned char - unsigned char x10 = 1; - unsigned char *y10 = &x10; + signed char x10 = 1; + signed char *y10 = &x10; signed char z2 = *y10; // COMPLIANT: signed char assigned to an *&signed char char x11 = 1; @@ -236,11 +236,11 @@ int main() { /* Twin cases with std::uint8_t and std::int8_t */ std::uint8_t x13 = 1; std::uint8_t *y13 = &x13; - std::int8_t z5 = + std::uint8_t z5 = *y13; // COMPLIANT: std::uint8_t assigned to a *&std::uint8_t - std::uint8_t x14 = 1; - std::uint8_t *y14 = &x14; + std::int8_t x14 = 1; + std::int8_t *y14 = &x14; std::int8_t z6 = *y14; // COMPLIANT: std::int8_t assigned to an *&std::int8_t char x15 = 1; @@ -295,11 +295,11 @@ int main() { // through a template char a11 = 'a'; - f7(a11); // NON-COMPLIANT: plain char arg passed to a unsigned char parameter + f7(a11); // NON-COMPLIANT: plain char arg passed to a signed char parameter // through a template char a12 = 'a'; - f8(a12); // COMPLIANT: plain char arg passed to a signed char parameter through + f8(a12); // NON-COMPLIANT: plain char arg passed to a signed char parameter through // a template /* Twin cases with std::uint8_t and std::int8_t */ @@ -312,31 +312,31 @@ int main() { // through a template char a15 = 'a'; - f15(a15); // NON-COMPLIANT: plain char arg passed to a std::uint8_t parameter + f15(a15); // NON-COMPLIANT: plain char arg passed to a std::int8_t parameter // through a template char a16 = 'a'; - f16(a16); // COMPLIANT: plain char arg passed to a std::int8_t parameter through + f16(a16); // NON-COMPLIANT: plain char arg passed to a std::int8_t parameter through // a template /* ========== 2-3. Passing a char argument to a char parameter through a * template ========== */ unsigned char a17 = 1; - C5 c5( + C9 c9( a17); // COMPLIANT: unsigned char arg passed to an unsigned char parameter // of a constructor through a template signed char a18 = 1; - C6 c6(a18); // COMPLIANT: signed char arg passed to an signed + C10 c10(a18); // COMPLIANT: signed char arg passed to an signed // char parameter of a constructor through a template char a19 = 'a'; - C7 c7(a19); // NON-COMPLIANT: plain char arg passed to an unsigned char + C11 c11(a19); // NON-COMPLIANT: plain char arg passed to a signed char // parameter of a constructor through a template char a20 = 'a'; - C8 c8(a20); // NON-COMPLIANT: plain char arg passed to an signed char + C12 c12(a20); // NON-COMPLIANT: plain char arg passed to an signed char // parameter of a constructor through a template /* Twin cases with std::uint8_t and std::int8_t */ @@ -350,7 +350,7 @@ int main() { // parameter of a constructor through a template char a23 = 'a'; - C15 c15(a23); // NON-COMPLIANT: plain char arg passed to a std::uint8_t + C15 c15(a23); // NON-COMPLIANT: plain char arg passed to a std::int8_t // parameter of a constructor through a template char a24 = 'a'; From 808b5fd13a620c6401af427b676d871861f9b6a5 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Thu, 10 Jul 2025 14:56:37 -0700 Subject: [PATCH 2552/2573] Fix cases 1. Change signed char / int8_t case to their opposites. 2. Assign a numeral to the unsigned char / signed char than a character. --- cpp/autosar/test/rules/M5-0-12/test.cpp | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/cpp/autosar/test/rules/M5-0-12/test.cpp b/cpp/autosar/test/rules/M5-0-12/test.cpp index 57530dae16..99cb995854 100644 --- a/cpp/autosar/test/rules/M5-0-12/test.cpp +++ b/cpp/autosar/test/rules/M5-0-12/test.cpp @@ -78,13 +78,13 @@ void f12(std::int8_t x) {} template void f5(T x) { unsigned char y = x; } template void f6(T x) { signed char y = x; } -template void f7(T x) { signed char y = x; } +template void f7(T x) { unsigned char y = x; } template void f8(T x) { signed char y = x; } /* Twin template functions for std::uint8_t and std::int8_t */ template void f13(T x) { std::uint8_t y = x; } template void f14(T x) { std::int8_t y = x; } -template void f15(T x) { std::int8_t y = x; } +template void f15(T x) { std::uint8_t y = x; } template void f16(T x) { std::int8_t y = x; } template class C9 { @@ -286,16 +286,16 @@ int main() { /* ===== 2-2. Passing char argument to a char parameter through a template * ===== */ - unsigned char a9 = 'a'; + unsigned char a9 = 1; f5(a9); // COMPLIANT: unsigned char arg passed to an unsigned char parameter // through a template - signed char a10 = 'a'; + signed char a10 = 1; f6(a10); // COMPLIANT: signed char arg passed to a signed char parameter // through a template char a11 = 'a'; - f7(a11); // NON-COMPLIANT: plain char arg passed to a signed char parameter + f7(a11); // NON-COMPLIANT: plain char arg passed to an unsigned char parameter // through a template char a12 = 'a'; @@ -303,16 +303,16 @@ int main() { // a template /* Twin cases with std::uint8_t and std::int8_t */ - std::uint8_t a13 = 'a'; + std::uint8_t a13 = 1; f13(a13); // COMPLIANT: std::uint8_t arg passed to a std::uint8_t parameter // through a template - std::int8_t a14 = 'a'; + std::int8_t a14 = 1; f14(a14); // COMPLIANT: std::int8_t arg passed to a std::int8_t parameter // through a template char a15 = 'a'; - f15(a15); // NON-COMPLIANT: plain char arg passed to a std::int8_t parameter + f15(a15); // NON-COMPLIANT: plain char arg passed to a std::uint8_t parameter // through a template char a16 = 'a'; From da92563a2f0d915e6523d79d08ba44a5cd546d40 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Fri, 11 Jul 2025 00:19:47 +0200 Subject: [PATCH 2553/2573] Fix misspelling of asynchronous in SIG30-C --- .../CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql | 8 ++++---- ...allOnlyAsyncSafeFunctionsWithinSignalHandlers.expected | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql b/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql index 4cc0f9e32c..e5dc33f817 100644 --- a/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql +++ b/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql @@ -37,7 +37,7 @@ class AsyncSafeVariableAccess extends VariableAccess { abstract class AsyncSafeFunction extends Function { } /** - * C standard library ayncronous-safe functions + * C standard library asynchronous-safe functions */ class CAsyncSafeFunction extends AsyncSafeFunction { //tion, or the signal function with the first argument equal to the signal number corresponding to the signal that caused the invocation of the handler @@ -45,7 +45,7 @@ class CAsyncSafeFunction extends AsyncSafeFunction { } /** - * POSIX defined ayncronous-safe functions + * POSIX defined asynchronous-safe functions */ class PosixAsyncSafeFunction extends AsyncSafeFunction { PosixAsyncSafeFunction() { @@ -73,7 +73,7 @@ class PosixAsyncSafeFunction extends AsyncSafeFunction { } /** - * Application defined ayncronous-safe functions + * Application defined asynchronous-safe functions */ class ApplicationAsyncSafeFunction extends AsyncSafeFunction { pragma[nomagic] @@ -122,5 +122,5 @@ where or fc instanceof AsyncUnsafeRaiseCall ) -select fc, "Asyncronous-unsafe function calls within a $@ can lead to undefined behavior.", +select fc, "Asynchronous-unsafe function calls within a $@ can lead to undefined behavior.", handler.getRegistration(), "signal handler" diff --git a/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected b/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected index 4898448814..ce13ee69a7 100644 --- a/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected +++ b/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected @@ -1,7 +1,7 @@ WARNING: module 'DataFlow' has been deprecated and may be removed in future (CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql:110,11-19) WARNING: module 'DataFlow' has been deprecated and may be removed in future (CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql:110,31-39) WARNING: module 'DataFlow' has been deprecated and may be removed in future (CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql:111,9-17) -| test.c:10:3:10:18 | call to log_local_unsafe | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:16:7:16:12 | call to signal | signal handler | -| test.c:11:3:11:6 | call to free | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:16:7:16:12 | call to signal | signal handler | -| test.c:46:3:46:9 | call to longjmp | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:50:7:50:12 | call to signal | signal handler | -| test.c:76:7:76:11 | call to raise | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:91:7:91:12 | call to signal | signal handler | +| test.c:10:3:10:18 | call to log_local_unsafe | Asynchronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:16:7:16:12 | call to signal | signal handler | +| test.c:11:3:11:6 | call to free | Asynchronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:16:7:16:12 | call to signal | signal handler | +| test.c:46:3:46:9 | call to longjmp | Asynchronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:50:7:50:12 | call to signal | signal handler | +| test.c:76:7:76:11 | call to raise | Asynchronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:91:7:91:12 | call to signal | signal handler | From 56258d17d63e8017e58bf5d93626297416677756 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Fri, 11 Jul 2025 15:31:16 +0200 Subject: [PATCH 2554/2573] Add change note --- change_notes/2025-07-11-typo-in-alert-message..md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 change_notes/2025-07-11-typo-in-alert-message..md diff --git a/change_notes/2025-07-11-typo-in-alert-message..md b/change_notes/2025-07-11-typo-in-alert-message..md new file mode 100644 index 0000000000..077f2efb66 --- /dev/null +++ b/change_notes/2025-07-11-typo-in-alert-message..md @@ -0,0 +1,2 @@ +- `SIG30-C`: `CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql` + - Fixed a misspelling of "asynchronous" in the alert message. From 80029970d8bf7f242cb4de49e8b0a3c3bbbf9c6e Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Fri, 11 Jul 2025 16:43:26 -0700 Subject: [PATCH 2555/2573] Add a working draft of the query --- ...eUsedForTheStorageAndUseOfNumericValues.ql | 207 ++++++++++++++++-- 1 file changed, 189 insertions(+), 18 deletions(-) diff --git a/cpp/autosar/src/rules/M5-0-12/SignedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues.ql b/cpp/autosar/src/rules/M5-0-12/SignedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues.ql index 3b6e436c56..7ffc47e50f 100644 --- a/cpp/autosar/src/rules/M5-0-12/SignedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues.ql +++ b/cpp/autosar/src/rules/M5-0-12/SignedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues.ql @@ -16,23 +16,194 @@ import cpp import codingstandards.cpp.autosar -from Variable v, Expr aexp +newtype TTemplatedElement = + TClassTemplate(TemplateClass c) or + TFunctionTemplate(TemplateFunction f) or + TVariableTemplate(TemplateVariable v) + +class TemplatedElement extends TTemplatedElement { + TemplateClass asTemplateClass() { this = TClassTemplate(result) } + + TemplateFunction asTemplateFunction() { this = TFunctionTemplate(result) } + + TemplateVariable asTemplateVariable() { this = TVariableTemplate(result) } + + string toString() { + result = this.asTemplateClass().toString() or + result = this.asTemplateFunction().toString() or + result = this.asTemplateVariable().toString() + } + + Location getLocation() { + result = this.asTemplateClass().getLocation() or + result = this.asTemplateFunction().getLocation() or + result = this.asTemplateVariable().getLocation() + } + + string getName() { + result = this.asTemplateClass().getName() or + result = this.asTemplateFunction().getName() or + result = this.asTemplateVariable().getName() + } +} + +newtype TTemplateInstantiation = + TClassTemplateInstantiation(ClassTemplateInstantiation c) or + TFunctionTemplateInstantiation(FunctionTemplateInstantiation f) or + TVariableTemplateInstantiation(VariableTemplateInstantiation v) + +class TemplateInstantiation extends TTemplateInstantiation { + ClassTemplateInstantiation asClassTemplateInstantiation() { + this = TClassTemplateInstantiation(result) + } + + FunctionTemplateInstantiation asFunctionTemplateInstantiation() { + this = TFunctionTemplateInstantiation(result) + } + + VariableTemplateInstantiation asVariableTemplateInstantiation() { + this = TVariableTemplateInstantiation(result) + } + + string toString() { + result = this.asClassTemplateInstantiation().toString() or + result = this.asFunctionTemplateInstantiation().toString() or + result = this.asVariableTemplateInstantiation().toString() + } + + Location getLocation() { + result = this.asClassTemplateInstantiation().getLocation() or + result = this.asFunctionTemplateInstantiation().getLocation() or + result = this.asVariableTemplateInstantiation().getLocation() + } + + Element asElement() { + result = this.asClassTemplateInstantiation() or + result = this.asFunctionTemplateInstantiation() or + result = this.asVariableTemplateInstantiation() + } + + TemplatedElement getTemplate() { + result.asTemplateClass() = this.asClassTemplateInstantiation().getTemplate() or + result.asTemplateFunction() = this.asFunctionTemplateInstantiation().getTemplate() or + result.asTemplateVariable() = this.asVariableTemplateInstantiation().getTemplate() + } + + /** + * Gets a use of an instantiation of this template. i.e. + * 1. For a class template, it's where the instantiated type is used by the name. + * 2. For a function template, it's where the instantiated function is called. + * 3. For a variable template, it's where the instantiated variable is initialized. + */ + Element getAUse() { + result = this.asClassTemplateInstantiation().getATypeNameUse() or + result = this.asFunctionTemplateInstantiation().getACallToThisFunction() or + result = this.asVariableTemplateInstantiation() + } +} + +class ImplicitConversionFromPlainCharType extends Conversion { + ImplicitConversionFromPlainCharType() { + this.isImplicit() and + this.getExpr().getUnspecifiedType() instanceof PlainCharType and + ( + this.getUnspecifiedType() instanceof SignedCharType or + this.getUnspecifiedType() instanceof UnsignedCharType + ) + } +} + +newtype TImplicitConversionElement = + TImplicitConversionOutsideTemplate(ImplicitConversionFromPlainCharType implicitConversion) { + not exists(TemplateInstantiation instantiation | + implicitConversion.isFromTemplateInstantiation(instantiation.asElement()) + ) + } or + TInstantiationOfImplicitConversionTemplate( + TemplateInstantiation templateInstantiation, + ImplicitConversionFromPlainCharType implicitConversion + ) { + implicitConversion.getEnclosingElement+() = templateInstantiation.asElement() + } + +class ImplicitConversionLocation extends TImplicitConversionElement { + ImplicitConversionFromPlainCharType asImplicitConversionOutsideTemplate() { + this = TImplicitConversionOutsideTemplate(result) + } + + TemplateInstantiation asInstantiationOfImplicitConversionTemplate( + ImplicitConversionFromPlainCharType implicitConversion + ) { + this = TInstantiationOfImplicitConversionTemplate(result, implicitConversion) + } + + predicate isImplicitConversionOutsideTemplate() { + exists(this.asImplicitConversionOutsideTemplate()) + } + + predicate isInstantiationOfImplicitConversionTemplate() { + exists( + TemplateInstantiation templateInstantiation, + ImplicitConversionFromPlainCharType implicitConversion + | + templateInstantiation = this.asInstantiationOfImplicitConversionTemplate(implicitConversion) + ) + } + + ImplicitConversionFromPlainCharType getImplicitConversion() { + result = this.asImplicitConversionOutsideTemplate() or + exists(TemplateInstantiation templateInstantiation | + this = TInstantiationOfImplicitConversionTemplate(templateInstantiation, result) + ) + } + + string toString() { + result = this.asImplicitConversionOutsideTemplate().toString() or + exists(ImplicitConversionFromPlainCharType implicitConversion | + result = this.asInstantiationOfImplicitConversionTemplate(implicitConversion).toString() + ) + } + + Location getLocation() { + result = this.asImplicitConversionOutsideTemplate().getLocation() or + exists(ImplicitConversionFromPlainCharType implicitConversion | + result = this.asInstantiationOfImplicitConversionTemplate(implicitConversion).getLocation() + ) + } + + Element asElement() { + result = this.asImplicitConversionOutsideTemplate() or + exists(ImplicitConversionFromPlainCharType implicitConversion | + result = this.asInstantiationOfImplicitConversionTemplate(implicitConversion).getAUse() + ) + } +} + +string getMessageTemplate(ImplicitConversionLocation implicitConversionLocation) { + exists(ImplicitConversionFromPlainCharType implicitConversion | + implicitConversion = implicitConversionLocation.getImplicitConversion() + | + implicitConversionLocation.isImplicitConversionOutsideTemplate() and + result = + "Implicit conversion of plain char $@ to " + implicitConversion.getType().getName() + "." + or + implicitConversionLocation.isInstantiationOfImplicitConversionTemplate() and + result = + "Implicit conversion of plain char $@ to " + implicitConversion.getType().getName() + + " from instantiating template '" + + implicitConversionLocation + .asInstantiationOfImplicitConversionTemplate(implicitConversion) + .getTemplate() + .getName() + "'." + ) +} + +from + ImplicitConversionLocation implicitConversionLocation, + ImplicitConversionFromPlainCharType implicitConversion where - not isExcluded(v, + not isExcluded(implicitConversionLocation.asElement(), StringsPackage::signedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValuesQuery()) and - // We find cases where it is an explicitly signed char type with an assignment - // to a non-numeric type. NOTE: This rule addresses cases where the char type - // is used character data only, the rule does not explicitly cover this. - // Please see M5-0-11 for explicit handling of this case. Get types that are - // char, except for ones that are 'plain', meaning the sign is explicit. - ( - v.getUnspecifiedType() instanceof SignedCharType or - v.getUnspecifiedType() instanceof UnsignedCharType - ) and - // Identify places where these explicitly signed types are being assigned to a - // non-numeric type. - aexp = v.getAnAssignedValue() and - aexp.getUnspecifiedType() instanceof CharType -select aexp, - "Assignment of an non-integer type to variable $@ which is a variable with an explicitly signed char type", - v, v.getName() + implicitConversion = implicitConversionLocation.getImplicitConversion() +select implicitConversionLocation.asElement(), getMessageTemplate(implicitConversionLocation), + implicitConversion.getExpr(), "expression" From 2ed4443c02d8e1b31cf2058d8321e61d99573a92 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Mon, 14 Jul 2025 10:01:00 -0400 Subject: [PATCH 2556/2573] Deduplicate the test cases and update the expected results. --- ...orTheStorageAndUseOfNumericValues.expected | 28 +++- cpp/autosar/test/rules/M5-0-12/test.cpp | 121 +++++------------- 2 files changed, 54 insertions(+), 95 deletions(-) diff --git a/cpp/autosar/test/rules/M5-0-12/SignedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues.expected b/cpp/autosar/test/rules/M5-0-12/SignedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues.expected index 1be5b7b9fc..cafd6c64b2 100644 --- a/cpp/autosar/test/rules/M5-0-12/SignedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues.expected +++ b/cpp/autosar/test/rules/M5-0-12/SignedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues.expected @@ -1,4 +1,24 @@ -| test.cpp:4:22:4:24 | 99 | Assignment of an non-integer type to variable $@ which is a variable with an explicitly signed char type | test.cpp:4:17:4:18 | a1 | a1 | -| test.cpp:6:20:6:22 | 99 | Assignment of an non-integer type to variable $@ which is a variable with an explicitly signed char type | test.cpp:6:15:6:16 | a3 | a3 | -| test.cpp:9:20:9:22 | 99 | Assignment of an non-integer type to variable $@ which is a variable with an explicitly signed char type | test.cpp:9:15:9:16 | a5 | a5 | -| test.cpp:12:21:12:23 | 99 | Assignment of an non-integer type to variable $@ which is a variable with an explicitly signed char type | test.cpp:12:16:12:17 | a7 | a7 | +| test.cpp:106:7:106:8 | (unsigned char)... | Implicit conversion of plain char $@ to unsigned char. | test.cpp:106:7:106:8 | x3 | expression | +| test.cpp:109:20:109:21 | (signed char)... | Implicit conversion of plain char $@ to signed char. | test.cpp:109:20:109:21 | x4 | expression | +| test.cpp:119:21:119:22 | (uint8_t)... | Implicit conversion of plain char $@ to uint8_t. | test.cpp:119:21:119:22 | x7 | expression | +| test.cpp:122:20:122:21 | (int8_t)... | Implicit conversion of plain char $@ to int8_t. | test.cpp:122:20:122:21 | x8 | expression | +| test.cpp:132:17:132:18 | definition of c3 | Implicit conversion of plain char $@ to unsigned char from instantiating template 'C1'. | test.cpp:5:12:5:12 | 120 | expression | +| test.cpp:135:17:135:18 | definition of c4 | Implicit conversion of plain char $@ to signed char from instantiating template 'C2'. | test.cpp:13:12:13:12 | 120 | expression | +| test.cpp:145:15:145:16 | definition of c7 | Implicit conversion of plain char $@ to uint8_t from instantiating template 'C5'. | test.cpp:22:12:22:12 | 1 | expression | +| test.cpp:148:15:148:16 | definition of c8 | Implicit conversion of plain char $@ to int8_t from instantiating template 'C6'. | test.cpp:30:12:30:12 | 1 | expression | +| test.cpp:165:7:165:10 | (unsigned char)... | Implicit conversion of plain char $@ to unsigned char. | test.cpp:165:7:165:10 | * ... | expression | +| test.cpp:170:7:170:10 | (signed char)... | Implicit conversion of plain char $@ to signed char. | test.cpp:170:7:170:10 | * ... | expression | +| test.cpp:185:7:185:10 | (uint8_t)... | Implicit conversion of plain char $@ to uint8_t. | test.cpp:185:7:185:10 | * ... | expression | +| test.cpp:190:7:190:10 | (int8_t)... | Implicit conversion of plain char $@ to int8_t. | test.cpp:190:7:190:10 | * ... | expression | +| test.cpp:204:6:204:7 | (unsigned char)... | Implicit conversion of plain char $@ to unsigned char. | test.cpp:204:6:204:7 | a3 | expression | +| test.cpp:207:6:207:7 | (signed char)... | Implicit conversion of plain char $@ to signed char. | test.cpp:207:6:207:7 | a4 | expression | +| test.cpp:217:7:217:8 | (uint8_t)... | Implicit conversion of plain char $@ to uint8_t. | test.cpp:217:7:217:8 | a7 | expression | +| test.cpp:220:7:220:8 | (int8_t)... | Implicit conversion of plain char $@ to int8_t. | test.cpp:220:7:220:8 | a8 | expression | +| test.cpp:234:3:234:4 | call to f7 | Implicit conversion of plain char $@ to unsigned char from instantiating template 'f7'. | test.cpp:49:56:49:56 | x | expression | +| test.cpp:238:3:238:4 | call to f8 | Implicit conversion of plain char $@ to signed char from instantiating template 'f8'. | test.cpp:50:54:50:54 | x | expression | +| test.cpp:251:3:251:5 | call to f15 | Implicit conversion of plain char $@ to uint8_t from instantiating template 'f15'. | test.cpp:55:56:55:56 | x | expression | +| test.cpp:255:3:255:5 | call to f16 | Implicit conversion of plain char $@ to int8_t from instantiating template 'f16'. | test.cpp:56:55:56:55 | x | expression | +| test.cpp:272:12:272:14 | definition of c11 | Implicit conversion of plain char $@ to unsigned char from instantiating template 'C9'. | test.cpp:60:15:60:15 | y | expression | +| test.cpp:277:13:277:15 | definition of c12 | Implicit conversion of plain char $@ to signed char from instantiating template 'C10'. | test.cpp:68:16:68:16 | y | expression | +| test.cpp:292:13:292:15 | definition of c15 | Implicit conversion of plain char $@ to uint8_t from instantiating template 'C13'. | test.cpp:77:16:77:16 | y | expression | +| test.cpp:296:13:296:15 | definition of c16 | Implicit conversion of plain char $@ to int8_t from instantiating template 'C14'. | test.cpp:85:16:85:16 | y | expression | diff --git a/cpp/autosar/test/rules/M5-0-12/test.cpp b/cpp/autosar/test/rules/M5-0-12/test.cpp index 99cb995854..91106b8211 100644 --- a/cpp/autosar/test/rules/M5-0-12/test.cpp +++ b/cpp/autosar/test/rules/M5-0-12/test.cpp @@ -16,22 +16,6 @@ template class C2 { signed char x; }; -template class C3 { -public: - C3() : x(y) {} - -private: - unsigned char x; -}; - -template class C4 { -public: - C4() : x(y) {} - -private: - signed char x; -}; - /* Twin templates for std::uint8_t and std::int8_t */ template class C5 { public: @@ -49,22 +33,6 @@ template class C6 { std::int8_t x; }; -template class C7 { -public: - C7() : x(y) {} - -private: - std::uint8_t x; -}; - -template class C8 { -public: - C8() : x(y) {} - -private: - std::int8_t x; -}; - void f1(unsigned char x) {} void f2(signed char x) {} void f3(unsigned char x) {} @@ -103,22 +71,6 @@ template class C10 { signed char x; }; -template class C11 { -public: - C11(T y) : x(y) {} - -private: - signed char x; -}; - -template class C12 { -public: - C12(T y) : x(y) {} - -private: - signed char x; -}; - /* Twin template classes for std::uint8_t and std::int8_t */ template class C13 { public: @@ -136,22 +88,6 @@ template class C14 { std::int8_t x; }; -template class C15 { -public: - C15(T y) : x(y) {} - -private: - std::int8_t x; -}; - -template class C16 { -public: - C16(T y) : x(y) {} - -private: - std::int8_t x; -}; - int main() { /* ========== 1. Assigning a char to another char ========== */ @@ -166,15 +102,15 @@ int main() { signed char y2 = x2; // COMPLIANT: signed char assigned to a signed char char x3 = 'x'; - unsigned char y3 = x3; // NON-COMPLIANT: plain char assigned to a unsigned char + unsigned char y3 = + x3; // NON-COMPLIANT: plain char assigned to a unsigned char char x4 = 'x'; signed char y4 = x4; // NON-COMPLIANT: plain char assigned to a signed char /* Twin cases with std::uint8_t and std::int8_t */ std::uint8_t x5 = 1; - std::uint8_t y5 = - x5; // COMPLIANT: std::uint8_t assigned to a std::uint8_t + std::uint8_t y5 = x5; // COMPLIANT: std::uint8_t assigned to a std::uint8_t std::int8_t x6 = 1; std::int8_t y6 = x6; // COMPLIANT: std::int8_t assigned to a std::int8_t @@ -193,24 +129,24 @@ int main() { C2 c2; // COMPLIANT: signed char arg passed to a signed char // member through a template - C3 c3; // NON-COMPLIANT: plain char arg passed to a unsigned char + C1 c3; // NON-COMPLIANT: plain char arg passed to a unsigned char // member through a template - C4 c4; // NON-COMPLIANT: plain char arg passed to a signed char + C2 c4; // NON-COMPLIANT: plain char arg passed to a signed char // member through a template /* Twin cases with std::uint8_t and std::int8_t */ - C5 c5; // COMPLIANT: std::uint8_t arg passed to a std::uint8_t - // member through a template + C5 c5; // COMPLIANT: std::uint8_t arg passed to a + // std::uint8_t member through a template C6 c6; // COMPLIANT: std::int8_t arg passed to a std::int8_t - // member through a template + // member through a template - C7 c7; // NON-COMPLIANT: plain char arg passed to a std::uint8_t - // member through a template + C5 c7; // NON-COMPLIANT: plain char arg passed to a + // std::uint8_t member through a template - C8 c8; // NON-COMPLIANT: plain char arg passed to a std::int8_t - // member through a template + C6 c8; // NON-COMPLIANT: plain char arg passed to a std::int8_t + // member through a template /* ========== 1-3. Assigning a char to a char through a pointer ========== */ @@ -299,8 +235,8 @@ int main() { // through a template char a12 = 'a'; - f8(a12); // NON-COMPLIANT: plain char arg passed to a signed char parameter through - // a template + f8(a12); // NON-COMPLIANT: plain char arg passed to a signed char parameter + // through a template /* Twin cases with std::uint8_t and std::int8_t */ std::uint8_t a13 = 1; @@ -316,8 +252,8 @@ int main() { // through a template char a16 = 'a'; - f16(a16); // NON-COMPLIANT: plain char arg passed to a std::int8_t parameter through - // a template + f16(a16); // NON-COMPLIANT: plain char arg passed to a std::int8_t parameter + // through a template /* ========== 2-3. Passing a char argument to a char parameter through a * template ========== */ @@ -328,16 +264,18 @@ int main() { // of a constructor through a template signed char a18 = 1; - C10 c10(a18); // COMPLIANT: signed char arg passed to an signed - // char parameter of a constructor through a template + C10 c10( + a18); // COMPLIANT: signed char arg passed to an signed + // char parameter of a constructor through a template char a19 = 'a'; - C11 c11(a19); // NON-COMPLIANT: plain char arg passed to a signed char - // parameter of a constructor through a template + C9 c11( + a19); // NON-COMPLIANT: plain char arg passed to a unsigned signed char + // parameter of a constructor through a template char a20 = 'a'; - C12 c12(a20); // NON-COMPLIANT: plain char arg passed to an signed char - // parameter of a constructor through a template + C10 c12(a20); // NON-COMPLIANT: plain char arg passed to an signed char + // parameter of a constructor through a template /* Twin cases with std::uint8_t and std::int8_t */ std::uint8_t a21 = 1; @@ -346,14 +284,15 @@ int main() { // of a constructor through a template std::int8_t a22 = 1; - C14 c14(a22); // COMPLIANT: std::int8_t arg passed to a std::int8_t - // parameter of a constructor through a template + C14 c14( + a22); // COMPLIANT: std::int8_t arg passed to a std::int8_t + // parameter of a constructor through a template char a23 = 'a'; - C15 c15(a23); // NON-COMPLIANT: plain char arg passed to a std::int8_t + C13 c15(a23); // NON-COMPLIANT: plain char arg passed to a std::uint8_t // parameter of a constructor through a template char a24 = 'a'; - C16 c16(a24); // NON-COMPLIANT: plain char arg passed to a std::int8_t + C14 c16(a24); // NON-COMPLIANT: plain char arg passed to a std::int8_t // parameter of a constructor through a template -} \ No newline at end of file +} From 11a277f4289d3be792c3c74c34966f703873b2f8 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Mon, 14 Jul 2025 10:23:11 -0400 Subject: [PATCH 2557/2573] Deduplicate more test cases and fix expected results --- ...orTheStorageAndUseOfNumericValues.expected | 48 +++++++++---------- cpp/autosar/test/rules/M5-0-12/test.cpp | 24 ++++------ 2 files changed, 32 insertions(+), 40 deletions(-) diff --git a/cpp/autosar/test/rules/M5-0-12/SignedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues.expected b/cpp/autosar/test/rules/M5-0-12/SignedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues.expected index cafd6c64b2..d5dc9af7e8 100644 --- a/cpp/autosar/test/rules/M5-0-12/SignedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues.expected +++ b/cpp/autosar/test/rules/M5-0-12/SignedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues.expected @@ -1,24 +1,24 @@ -| test.cpp:106:7:106:8 | (unsigned char)... | Implicit conversion of plain char $@ to unsigned char. | test.cpp:106:7:106:8 | x3 | expression | -| test.cpp:109:20:109:21 | (signed char)... | Implicit conversion of plain char $@ to signed char. | test.cpp:109:20:109:21 | x4 | expression | -| test.cpp:119:21:119:22 | (uint8_t)... | Implicit conversion of plain char $@ to uint8_t. | test.cpp:119:21:119:22 | x7 | expression | -| test.cpp:122:20:122:21 | (int8_t)... | Implicit conversion of plain char $@ to int8_t. | test.cpp:122:20:122:21 | x8 | expression | -| test.cpp:132:17:132:18 | definition of c3 | Implicit conversion of plain char $@ to unsigned char from instantiating template 'C1'. | test.cpp:5:12:5:12 | 120 | expression | -| test.cpp:135:17:135:18 | definition of c4 | Implicit conversion of plain char $@ to signed char from instantiating template 'C2'. | test.cpp:13:12:13:12 | 120 | expression | -| test.cpp:145:15:145:16 | definition of c7 | Implicit conversion of plain char $@ to uint8_t from instantiating template 'C5'. | test.cpp:22:12:22:12 | 1 | expression | -| test.cpp:148:15:148:16 | definition of c8 | Implicit conversion of plain char $@ to int8_t from instantiating template 'C6'. | test.cpp:30:12:30:12 | 1 | expression | -| test.cpp:165:7:165:10 | (unsigned char)... | Implicit conversion of plain char $@ to unsigned char. | test.cpp:165:7:165:10 | * ... | expression | -| test.cpp:170:7:170:10 | (signed char)... | Implicit conversion of plain char $@ to signed char. | test.cpp:170:7:170:10 | * ... | expression | -| test.cpp:185:7:185:10 | (uint8_t)... | Implicit conversion of plain char $@ to uint8_t. | test.cpp:185:7:185:10 | * ... | expression | -| test.cpp:190:7:190:10 | (int8_t)... | Implicit conversion of plain char $@ to int8_t. | test.cpp:190:7:190:10 | * ... | expression | -| test.cpp:204:6:204:7 | (unsigned char)... | Implicit conversion of plain char $@ to unsigned char. | test.cpp:204:6:204:7 | a3 | expression | -| test.cpp:207:6:207:7 | (signed char)... | Implicit conversion of plain char $@ to signed char. | test.cpp:207:6:207:7 | a4 | expression | -| test.cpp:217:7:217:8 | (uint8_t)... | Implicit conversion of plain char $@ to uint8_t. | test.cpp:217:7:217:8 | a7 | expression | -| test.cpp:220:7:220:8 | (int8_t)... | Implicit conversion of plain char $@ to int8_t. | test.cpp:220:7:220:8 | a8 | expression | -| test.cpp:234:3:234:4 | call to f7 | Implicit conversion of plain char $@ to unsigned char from instantiating template 'f7'. | test.cpp:49:56:49:56 | x | expression | -| test.cpp:238:3:238:4 | call to f8 | Implicit conversion of plain char $@ to signed char from instantiating template 'f8'. | test.cpp:50:54:50:54 | x | expression | -| test.cpp:251:3:251:5 | call to f15 | Implicit conversion of plain char $@ to uint8_t from instantiating template 'f15'. | test.cpp:55:56:55:56 | x | expression | -| test.cpp:255:3:255:5 | call to f16 | Implicit conversion of plain char $@ to int8_t from instantiating template 'f16'. | test.cpp:56:55:56:55 | x | expression | -| test.cpp:272:12:272:14 | definition of c11 | Implicit conversion of plain char $@ to unsigned char from instantiating template 'C9'. | test.cpp:60:15:60:15 | y | expression | -| test.cpp:277:13:277:15 | definition of c12 | Implicit conversion of plain char $@ to signed char from instantiating template 'C10'. | test.cpp:68:16:68:16 | y | expression | -| test.cpp:292:13:292:15 | definition of c15 | Implicit conversion of plain char $@ to uint8_t from instantiating template 'C13'. | test.cpp:77:16:77:16 | y | expression | -| test.cpp:296:13:296:15 | definition of c16 | Implicit conversion of plain char $@ to int8_t from instantiating template 'C14'. | test.cpp:85:16:85:16 | y | expression | +| test.cpp:98:7:98:8 | (unsigned char)... | Implicit conversion of plain char $@ to unsigned char. | test.cpp:98:7:98:8 | x3 | expression | +| test.cpp:101:20:101:21 | (signed char)... | Implicit conversion of plain char $@ to signed char. | test.cpp:101:20:101:21 | x4 | expression | +| test.cpp:111:21:111:22 | (uint8_t)... | Implicit conversion of plain char $@ to uint8_t. | test.cpp:111:21:111:22 | x7 | expression | +| test.cpp:114:20:114:21 | (int8_t)... | Implicit conversion of plain char $@ to int8_t. | test.cpp:114:20:114:21 | x8 | expression | +| test.cpp:124:17:124:18 | definition of c3 | Implicit conversion of plain char $@ to unsigned char from instantiating template 'C1'. | test.cpp:5:12:5:12 | 120 | expression | +| test.cpp:127:17:127:18 | definition of c4 | Implicit conversion of plain char $@ to signed char from instantiating template 'C2'. | test.cpp:13:12:13:12 | 120 | expression | +| test.cpp:137:15:137:16 | definition of c7 | Implicit conversion of plain char $@ to uint8_t from instantiating template 'C5'. | test.cpp:22:12:22:12 | 1 | expression | +| test.cpp:140:15:140:16 | definition of c8 | Implicit conversion of plain char $@ to int8_t from instantiating template 'C6'. | test.cpp:30:12:30:12 | 1 | expression | +| test.cpp:157:7:157:10 | (unsigned char)... | Implicit conversion of plain char $@ to unsigned char. | test.cpp:157:7:157:10 | * ... | expression | +| test.cpp:162:7:162:10 | (signed char)... | Implicit conversion of plain char $@ to signed char. | test.cpp:162:7:162:10 | * ... | expression | +| test.cpp:177:7:177:10 | (uint8_t)... | Implicit conversion of plain char $@ to uint8_t. | test.cpp:177:7:177:10 | * ... | expression | +| test.cpp:182:7:182:10 | (int8_t)... | Implicit conversion of plain char $@ to int8_t. | test.cpp:182:7:182:10 | * ... | expression | +| test.cpp:196:6:196:7 | (unsigned char)... | Implicit conversion of plain char $@ to unsigned char. | test.cpp:196:6:196:7 | a3 | expression | +| test.cpp:199:6:199:7 | (signed char)... | Implicit conversion of plain char $@ to signed char. | test.cpp:199:6:199:7 | a4 | expression | +| test.cpp:209:6:209:7 | (uint8_t)... | Implicit conversion of plain char $@ to uint8_t. | test.cpp:209:6:209:7 | a7 | expression | +| test.cpp:212:7:212:8 | (int8_t)... | Implicit conversion of plain char $@ to int8_t. | test.cpp:212:7:212:8 | a8 | expression | +| test.cpp:226:3:226:4 | call to f5 | Implicit conversion of plain char $@ to unsigned char from instantiating template 'f5'. | test.cpp:43:56:43:56 | x | expression | +| test.cpp:230:3:230:4 | call to f6 | Implicit conversion of plain char $@ to signed char from instantiating template 'f6'. | test.cpp:44:54:44:54 | x | expression | +| test.cpp:243:3:243:5 | call to f13 | Implicit conversion of plain char $@ to uint8_t from instantiating template 'f13'. | test.cpp:47:56:47:56 | x | expression | +| test.cpp:247:3:247:5 | call to f14 | Implicit conversion of plain char $@ to int8_t from instantiating template 'f14'. | test.cpp:48:55:48:55 | x | expression | +| test.cpp:264:12:264:14 | definition of c11 | Implicit conversion of plain char $@ to unsigned char from instantiating template 'C9'. | test.cpp:52:15:52:15 | y | expression | +| test.cpp:269:13:269:15 | definition of c12 | Implicit conversion of plain char $@ to signed char from instantiating template 'C10'. | test.cpp:60:16:60:16 | y | expression | +| test.cpp:284:13:284:15 | definition of c15 | Implicit conversion of plain char $@ to uint8_t from instantiating template 'C13'. | test.cpp:69:16:69:16 | y | expression | +| test.cpp:288:13:288:15 | definition of c16 | Implicit conversion of plain char $@ to int8_t from instantiating template 'C14'. | test.cpp:77:16:77:16 | y | expression | diff --git a/cpp/autosar/test/rules/M5-0-12/test.cpp b/cpp/autosar/test/rules/M5-0-12/test.cpp index 91106b8211..9687743402 100644 --- a/cpp/autosar/test/rules/M5-0-12/test.cpp +++ b/cpp/autosar/test/rules/M5-0-12/test.cpp @@ -35,25 +35,17 @@ template class C6 { void f1(unsigned char x) {} void f2(signed char x) {} -void f3(unsigned char x) {} -void f4(signed char x) {} /* Twin functions for std::uint8_t and std::int8_t */ void f9(std::uint8_t x) {} void f10(std::int8_t x) {} -void f11(std::uint8_t x) {} -void f12(std::int8_t x) {} template void f5(T x) { unsigned char y = x; } template void f6(T x) { signed char y = x; } -template void f7(T x) { unsigned char y = x; } -template void f8(T x) { signed char y = x; } /* Twin template functions for std::uint8_t and std::int8_t */ template void f13(T x) { std::uint8_t y = x; } template void f14(T x) { std::int8_t y = x; } -template void f15(T x) { std::uint8_t y = x; } -template void f16(T x) { std::int8_t y = x; } template class C9 { public: @@ -201,10 +193,10 @@ int main() { f2(a2); // COMPLIANT: signed char arg passed to a signed char parameter char a3 = 'a'; - f3(a3); // NON-COMPLIANT: plain char arg passed to a unsigned char parameter + f1(a3); // NON-COMPLIANT: plain char arg passed to a unsigned char parameter char a4 = 'a'; - f4(a4); // NON-COMPLIANT: plain char arg passed to a signed char parameter + f2(a4); // NON-COMPLIANT: plain char arg passed to a signed char parameter /* Twin cases with std::uint8_t and std::int8_t */ std::uint8_t a5 = 1; @@ -214,10 +206,10 @@ int main() { f10(a6); // COMPLIANT: std::int8_t arg passed to a std::int8_t parameter char a7 = 'a'; - f11(a7); // NON-COMPLIANT: plain char arg passed to a std::uint8_t parameter + f9(a7); // NON-COMPLIANT: plain char arg passed to a std::uint8_t parameter char a8 = 'a'; - f12(a8); // NON-COMPLIANT: plain char arg passed to a std::int8_t parameter + f10(a8); // NON-COMPLIANT: plain char arg passed to a std::int8_t parameter /* ===== 2-2. Passing char argument to a char parameter through a template * ===== */ @@ -231,11 +223,11 @@ int main() { // through a template char a11 = 'a'; - f7(a11); // NON-COMPLIANT: plain char arg passed to an unsigned char parameter + f5(a11); // NON-COMPLIANT: plain char arg passed to an unsigned char parameter // through a template char a12 = 'a'; - f8(a12); // NON-COMPLIANT: plain char arg passed to a signed char parameter + f6(a12); // NON-COMPLIANT: plain char arg passed to a signed char parameter // through a template /* Twin cases with std::uint8_t and std::int8_t */ @@ -248,11 +240,11 @@ int main() { // through a template char a15 = 'a'; - f15(a15); // NON-COMPLIANT: plain char arg passed to a std::uint8_t parameter + f13(a15); // NON-COMPLIANT: plain char arg passed to a std::uint8_t parameter // through a template char a16 = 'a'; - f16(a16); // NON-COMPLIANT: plain char arg passed to a std::int8_t parameter + f14(a16); // NON-COMPLIANT: plain char arg passed to a std::int8_t parameter // through a template /* ========== 2-3. Passing a char argument to a char parameter through a From 10c3a2c08ab66c1a5749195367b7426b9ba7e44d Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Mon, 14 Jul 2025 10:59:06 -0400 Subject: [PATCH 2558/2573] Minor label editing --- cpp/autosar/test/rules/M5-0-12/test.cpp | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/cpp/autosar/test/rules/M5-0-12/test.cpp b/cpp/autosar/test/rules/M5-0-12/test.cpp index 9687743402..0fe008436c 100644 --- a/cpp/autosar/test/rules/M5-0-12/test.cpp +++ b/cpp/autosar/test/rules/M5-0-12/test.cpp @@ -121,7 +121,7 @@ int main() { C2 c2; // COMPLIANT: signed char arg passed to a signed char // member through a template - C1 c3; // NON-COMPLIANT: plain char arg passed to a unsigned char + C1 c3; // NON-COMPLIANT: plain char arg passed to an unsigned char // member through a template C2 c4; // NON-COMPLIANT: plain char arg passed to a signed char @@ -145,7 +145,7 @@ int main() { unsigned char x9 = 1; unsigned char *y9 = &x9; unsigned char z1 = - *y9; // COMPLIANT: unsigned char assigned to a *&unsigned char + *y9; // COMPLIANT: unsigned char assigned to an *&unsigned char signed char x10 = 1; signed char *y10 = &x10; @@ -193,7 +193,7 @@ int main() { f2(a2); // COMPLIANT: signed char arg passed to a signed char parameter char a3 = 'a'; - f1(a3); // NON-COMPLIANT: plain char arg passed to a unsigned char parameter + f1(a3); // NON-COMPLIANT: plain char arg passed to an unsigned char parameter char a4 = 'a'; f2(a4); // NON-COMPLIANT: plain char arg passed to a signed char parameter @@ -262,7 +262,7 @@ int main() { char a19 = 'a'; C9 c11( - a19); // NON-COMPLIANT: plain char arg passed to a unsigned signed char + a19); // NON-COMPLIANT: plain char arg passed to an unsigned signed char // parameter of a constructor through a template char a20 = 'a'; From 20a30ccc108c6a781b28b917e9edb729ef94b892 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Mon, 14 Jul 2025 10:59:21 -0400 Subject: [PATCH 2559/2573] Attach docstrings to query elements --- ...eUsedForTheStorageAndUseOfNumericValues.ql | 61 ++++++++++++++++--- 1 file changed, 52 insertions(+), 9 deletions(-) diff --git a/cpp/autosar/src/rules/M5-0-12/SignedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues.ql b/cpp/autosar/src/rules/M5-0-12/SignedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues.ql index 7ffc47e50f..b81cf2dc64 100644 --- a/cpp/autosar/src/rules/M5-0-12/SignedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues.ql +++ b/cpp/autosar/src/rules/M5-0-12/SignedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues.ql @@ -16,17 +16,21 @@ import cpp import codingstandards.cpp.autosar -newtype TTemplatedElement = - TClassTemplate(TemplateClass c) or - TFunctionTemplate(TemplateFunction f) or - TVariableTemplate(TemplateVariable v) +newtype TTemplateElement = + TTemplateClass(TemplateClass c) or + TTemplateFunction(TemplateFunction f) or + TTemplateVariable(TemplateVariable v) -class TemplatedElement extends TTemplatedElement { - TemplateClass asTemplateClass() { this = TClassTemplate(result) } +/** + * A templated element. These are either templated classes, templated functions, + * or templated variables. + */ +class TemplateElement extends TTemplateElement { + TemplateClass asTemplateClass() { this = TTemplateClass(result) } - TemplateFunction asTemplateFunction() { this = TFunctionTemplate(result) } + TemplateFunction asTemplateFunction() { this = TTemplateFunction(result) } - TemplateVariable asTemplateVariable() { this = TVariableTemplate(result) } + TemplateVariable asTemplateVariable() { this = TTemplateVariable(result) } string toString() { result = this.asTemplateClass().toString() or @@ -52,6 +56,10 @@ newtype TTemplateInstantiation = TFunctionTemplateInstantiation(FunctionTemplateInstantiation f) or TVariableTemplateInstantiation(VariableTemplateInstantiation v) +/** + * An instantiation of a templated element, either a templated class, templated + * function, or templated variable. + */ class TemplateInstantiation extends TTemplateInstantiation { ClassTemplateInstantiation asClassTemplateInstantiation() { this = TClassTemplateInstantiation(result) @@ -83,7 +91,11 @@ class TemplateInstantiation extends TTemplateInstantiation { result = this.asVariableTemplateInstantiation() } - TemplatedElement getTemplate() { + /** + * Gets the template this instantiation is from, depending on the kind of the element + * this instantiation is for. + */ + TemplateElement getTemplate() { result.asTemplateClass() = this.asClassTemplateInstantiation().getTemplate() or result.asTemplateFunction() = this.asFunctionTemplateInstantiation().getTemplate() or result.asTemplateVariable() = this.asVariableTemplateInstantiation().getTemplate() @@ -102,6 +114,13 @@ class TemplateInstantiation extends TTemplateInstantiation { } } +/** + * An implicit conversion from a plain char type to an explicitly signed or unsigned char + * type. `std::uint8_t` and `std::int8_t` are also considered as these char types. + * + * Note that this class only includes implicit conversions and does not include explicit + * type conversions, i.e. casts. + */ class ImplicitConversionFromPlainCharType extends Conversion { ImplicitConversionFromPlainCharType() { this.isImplicit() and @@ -126,6 +145,16 @@ newtype TImplicitConversionElement = implicitConversion.getEnclosingElement+() = templateInstantiation.asElement() } +/** + * The locations where the implicit conversion from a plain char to an explicitly signed / unsigned + * char is taking place on a high level. It splits case on whether the conversion is caused by + * instantiating a template: + * + * - For conversions not due to template usage (i.e. outside a templated element), this refers to + * the same element as the one associated with the conversion. + * - For conversions due to template usage, this refers to the element that uses the instantiation + * of a template where an implicit char conversion happens. + */ class ImplicitConversionLocation extends TImplicitConversionElement { ImplicitConversionFromPlainCharType asImplicitConversionOutsideTemplate() { this = TImplicitConversionOutsideTemplate(result) @@ -137,10 +166,17 @@ class ImplicitConversionLocation extends TImplicitConversionElement { this = TInstantiationOfImplicitConversionTemplate(result, implicitConversion) } + /** + * Holds if this is a location of a conversion happening outside of a template. + */ predicate isImplicitConversionOutsideTemplate() { exists(this.asImplicitConversionOutsideTemplate()) } + /** + * Holds if this is a location of a conversion happening due to instantiating a + * template. + */ predicate isInstantiationOfImplicitConversionTemplate() { exists( TemplateInstantiation templateInstantiation, @@ -150,6 +186,13 @@ class ImplicitConversionLocation extends TImplicitConversionElement { ) } + /** + * Gets the implicit conversion that this location is associated with. + * - In cases of conversions not involving a template, this is the same as the + * location associated with the conversion. + * - In cases of conversions due to using a template, this is the conversion that + * happens in the instantiated template. + */ ImplicitConversionFromPlainCharType getImplicitConversion() { result = this.asImplicitConversionOutsideTemplate() or exists(TemplateInstantiation templateInstantiation | From f3cee16926b6b78f14da4680e8c5b10a052f0fed Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Mon, 14 Jul 2025 11:13:11 -0400 Subject: [PATCH 2560/2573] Add cases of template variable instantiation --- ...orTheStorageAndUseOfNumericValues.expected | 52 ++++++++++--------- cpp/autosar/test/rules/M5-0-12/test.cpp | 23 ++++++++ 2 files changed, 51 insertions(+), 24 deletions(-) diff --git a/cpp/autosar/test/rules/M5-0-12/SignedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues.expected b/cpp/autosar/test/rules/M5-0-12/SignedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues.expected index d5dc9af7e8..d0aeaebd41 100644 --- a/cpp/autosar/test/rules/M5-0-12/SignedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues.expected +++ b/cpp/autosar/test/rules/M5-0-12/SignedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues.expected @@ -1,24 +1,28 @@ -| test.cpp:98:7:98:8 | (unsigned char)... | Implicit conversion of plain char $@ to unsigned char. | test.cpp:98:7:98:8 | x3 | expression | -| test.cpp:101:20:101:21 | (signed char)... | Implicit conversion of plain char $@ to signed char. | test.cpp:101:20:101:21 | x4 | expression | -| test.cpp:111:21:111:22 | (uint8_t)... | Implicit conversion of plain char $@ to uint8_t. | test.cpp:111:21:111:22 | x7 | expression | -| test.cpp:114:20:114:21 | (int8_t)... | Implicit conversion of plain char $@ to int8_t. | test.cpp:114:20:114:21 | x8 | expression | -| test.cpp:124:17:124:18 | definition of c3 | Implicit conversion of plain char $@ to unsigned char from instantiating template 'C1'. | test.cpp:5:12:5:12 | 120 | expression | -| test.cpp:127:17:127:18 | definition of c4 | Implicit conversion of plain char $@ to signed char from instantiating template 'C2'. | test.cpp:13:12:13:12 | 120 | expression | -| test.cpp:137:15:137:16 | definition of c7 | Implicit conversion of plain char $@ to uint8_t from instantiating template 'C5'. | test.cpp:22:12:22:12 | 1 | expression | -| test.cpp:140:15:140:16 | definition of c8 | Implicit conversion of plain char $@ to int8_t from instantiating template 'C6'. | test.cpp:30:12:30:12 | 1 | expression | -| test.cpp:157:7:157:10 | (unsigned char)... | Implicit conversion of plain char $@ to unsigned char. | test.cpp:157:7:157:10 | * ... | expression | -| test.cpp:162:7:162:10 | (signed char)... | Implicit conversion of plain char $@ to signed char. | test.cpp:162:7:162:10 | * ... | expression | -| test.cpp:177:7:177:10 | (uint8_t)... | Implicit conversion of plain char $@ to uint8_t. | test.cpp:177:7:177:10 | * ... | expression | -| test.cpp:182:7:182:10 | (int8_t)... | Implicit conversion of plain char $@ to int8_t. | test.cpp:182:7:182:10 | * ... | expression | -| test.cpp:196:6:196:7 | (unsigned char)... | Implicit conversion of plain char $@ to unsigned char. | test.cpp:196:6:196:7 | a3 | expression | -| test.cpp:199:6:199:7 | (signed char)... | Implicit conversion of plain char $@ to signed char. | test.cpp:199:6:199:7 | a4 | expression | -| test.cpp:209:6:209:7 | (uint8_t)... | Implicit conversion of plain char $@ to uint8_t. | test.cpp:209:6:209:7 | a7 | expression | -| test.cpp:212:7:212:8 | (int8_t)... | Implicit conversion of plain char $@ to int8_t. | test.cpp:212:7:212:8 | a8 | expression | -| test.cpp:226:3:226:4 | call to f5 | Implicit conversion of plain char $@ to unsigned char from instantiating template 'f5'. | test.cpp:43:56:43:56 | x | expression | -| test.cpp:230:3:230:4 | call to f6 | Implicit conversion of plain char $@ to signed char from instantiating template 'f6'. | test.cpp:44:54:44:54 | x | expression | -| test.cpp:243:3:243:5 | call to f13 | Implicit conversion of plain char $@ to uint8_t from instantiating template 'f13'. | test.cpp:47:56:47:56 | x | expression | -| test.cpp:247:3:247:5 | call to f14 | Implicit conversion of plain char $@ to int8_t from instantiating template 'f14'. | test.cpp:48:55:48:55 | x | expression | -| test.cpp:264:12:264:14 | definition of c11 | Implicit conversion of plain char $@ to unsigned char from instantiating template 'C9'. | test.cpp:52:15:52:15 | y | expression | -| test.cpp:269:13:269:15 | definition of c12 | Implicit conversion of plain char $@ to signed char from instantiating template 'C10'. | test.cpp:60:16:60:16 | y | expression | -| test.cpp:284:13:284:15 | definition of c15 | Implicit conversion of plain char $@ to uint8_t from instantiating template 'C13'. | test.cpp:69:16:69:16 | y | expression | -| test.cpp:288:13:288:15 | definition of c16 | Implicit conversion of plain char $@ to int8_t from instantiating template 'C14'. | test.cpp:77:16:77:16 | y | expression | +| test.cpp:93:7:93:9 | (unsigned char)... | Implicit conversion of plain char $@ to unsigned char. | test.cpp:93:7:93:9 | 118 | expression | +| test.cpp:94:21:94:23 | (signed char)... | Implicit conversion of plain char $@ to signed char. | test.cpp:94:21:94:23 | 118 | expression | +| test.cpp:102:7:102:9 | (unsigned char)... | Implicit conversion of plain char $@ to unsigned char. | test.cpp:102:7:102:9 | 118 | expression | +| test.cpp:103:21:103:23 | (signed char)... | Implicit conversion of plain char $@ to signed char. | test.cpp:103:21:103:23 | 118 | expression | +| test.cpp:121:7:121:8 | (unsigned char)... | Implicit conversion of plain char $@ to unsigned char. | test.cpp:121:7:121:8 | x3 | expression | +| test.cpp:124:20:124:21 | (signed char)... | Implicit conversion of plain char $@ to signed char. | test.cpp:124:20:124:21 | x4 | expression | +| test.cpp:134:21:134:22 | (uint8_t)... | Implicit conversion of plain char $@ to uint8_t. | test.cpp:134:21:134:22 | x7 | expression | +| test.cpp:137:20:137:21 | (int8_t)... | Implicit conversion of plain char $@ to int8_t. | test.cpp:137:20:137:21 | x8 | expression | +| test.cpp:147:17:147:18 | definition of c3 | Implicit conversion of plain char $@ to unsigned char from instantiating template 'C1'. | test.cpp:5:12:5:12 | 120 | expression | +| test.cpp:150:17:150:18 | definition of c4 | Implicit conversion of plain char $@ to signed char from instantiating template 'C2'. | test.cpp:13:12:13:12 | 120 | expression | +| test.cpp:160:15:160:16 | definition of c7 | Implicit conversion of plain char $@ to uint8_t from instantiating template 'C5'. | test.cpp:22:12:22:12 | 1 | expression | +| test.cpp:163:15:163:16 | definition of c8 | Implicit conversion of plain char $@ to int8_t from instantiating template 'C6'. | test.cpp:30:12:30:12 | 1 | expression | +| test.cpp:180:7:180:10 | (unsigned char)... | Implicit conversion of plain char $@ to unsigned char. | test.cpp:180:7:180:10 | * ... | expression | +| test.cpp:185:7:185:10 | (signed char)... | Implicit conversion of plain char $@ to signed char. | test.cpp:185:7:185:10 | * ... | expression | +| test.cpp:200:7:200:10 | (uint8_t)... | Implicit conversion of plain char $@ to uint8_t. | test.cpp:200:7:200:10 | * ... | expression | +| test.cpp:205:7:205:10 | (int8_t)... | Implicit conversion of plain char $@ to int8_t. | test.cpp:205:7:205:10 | * ... | expression | +| test.cpp:219:6:219:7 | (unsigned char)... | Implicit conversion of plain char $@ to unsigned char. | test.cpp:219:6:219:7 | a3 | expression | +| test.cpp:222:6:222:7 | (signed char)... | Implicit conversion of plain char $@ to signed char. | test.cpp:222:6:222:7 | a4 | expression | +| test.cpp:232:6:232:7 | (uint8_t)... | Implicit conversion of plain char $@ to uint8_t. | test.cpp:232:6:232:7 | a7 | expression | +| test.cpp:235:7:235:8 | (int8_t)... | Implicit conversion of plain char $@ to int8_t. | test.cpp:235:7:235:8 | a8 | expression | +| test.cpp:249:3:249:4 | call to f5 | Implicit conversion of plain char $@ to unsigned char from instantiating template 'f5'. | test.cpp:43:56:43:56 | x | expression | +| test.cpp:253:3:253:4 | call to f6 | Implicit conversion of plain char $@ to signed char from instantiating template 'f6'. | test.cpp:44:54:44:54 | x | expression | +| test.cpp:266:3:266:5 | call to f13 | Implicit conversion of plain char $@ to uint8_t from instantiating template 'f13'. | test.cpp:47:56:47:56 | x | expression | +| test.cpp:270:3:270:5 | call to f14 | Implicit conversion of plain char $@ to int8_t from instantiating template 'f14'. | test.cpp:48:55:48:55 | x | expression | +| test.cpp:287:12:287:14 | definition of c11 | Implicit conversion of plain char $@ to unsigned char from instantiating template 'C9'. | test.cpp:52:15:52:15 | y | expression | +| test.cpp:292:13:292:15 | definition of c12 | Implicit conversion of plain char $@ to signed char from instantiating template 'C10'. | test.cpp:60:16:60:16 | y | expression | +| test.cpp:307:13:307:15 | definition of c15 | Implicit conversion of plain char $@ to uint8_t from instantiating template 'C13'. | test.cpp:69:16:69:16 | y | expression | +| test.cpp:311:13:311:15 | definition of c16 | Implicit conversion of plain char $@ to int8_t from instantiating template 'C14'. | test.cpp:77:16:77:16 | y | expression | diff --git a/cpp/autosar/test/rules/M5-0-12/test.cpp b/cpp/autosar/test/rules/M5-0-12/test.cpp index 0fe008436c..037c57da13 100644 --- a/cpp/autosar/test/rules/M5-0-12/test.cpp +++ b/cpp/autosar/test/rules/M5-0-12/test.cpp @@ -80,6 +80,29 @@ template class C14 { std::int8_t x; }; +template T v1; +template T v2; + +void instantiateTemplateVariables() { + v1 = + 1; // COMPLIANT: unsigned char assigned to an unsigned char + v2 = 1; // COMPLIANT: signed char assigned to a signed char + v2 = 'v'; // COMPLIANT: signed char assigned to a signed char + + v1 = + 'v'; // NON-COMPLIANT: plain char assigned to an unsigned char + v2 = 'v'; // NON-COMPLIANT: plain char assigned to a signed char + + /* Twin cases with std::uint8_t and std::int8_t */ + v1 = 1; // COMPLIANT: std::uint8_t assigned to a std::uint8_t + v2 = 1; // COMPLIANT: std::int8_t assigned to a std::int8_t + v2 = 'v'; // COMPLIANT: signed char assigned to a signed char + + v1 = + 'v'; // NON-COMPLIANT: plain char assigned to a std::uint8_t + v2 = 'v'; // NON-COMPLIANT: plain char assigned to a std::int8_t +} + int main() { /* ========== 1. Assigning a char to another char ========== */ From bb2ad888ad067ff3b75dad57a5516d92ca04830b Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Mon, 14 Jul 2025 11:18:29 -0400 Subject: [PATCH 2561/2573] Surround type name with single quotes in alert message --- ...eUsedForTheStorageAndUseOfNumericValues.ql | 6 +- ...orTheStorageAndUseOfNumericValues.expected | 56 +++++++++---------- 2 files changed, 31 insertions(+), 31 deletions(-) diff --git a/cpp/autosar/src/rules/M5-0-12/SignedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues.ql b/cpp/autosar/src/rules/M5-0-12/SignedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues.ql index b81cf2dc64..e6852d7d39 100644 --- a/cpp/autosar/src/rules/M5-0-12/SignedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues.ql +++ b/cpp/autosar/src/rules/M5-0-12/SignedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues.ql @@ -228,12 +228,12 @@ string getMessageTemplate(ImplicitConversionLocation implicitConversionLocation) | implicitConversionLocation.isImplicitConversionOutsideTemplate() and result = - "Implicit conversion of plain char $@ to " + implicitConversion.getType().getName() + "." + "Implicit conversion of plain char $@ to '" + implicitConversion.getType().getName() + "'." or implicitConversionLocation.isInstantiationOfImplicitConversionTemplate() and result = - "Implicit conversion of plain char $@ to " + implicitConversion.getType().getName() + - " from instantiating template '" + + "Implicit conversion of plain char $@ to '" + implicitConversion.getType().getName() + + "' from instantiating template '" + implicitConversionLocation .asInstantiationOfImplicitConversionTemplate(implicitConversion) .getTemplate() diff --git a/cpp/autosar/test/rules/M5-0-12/SignedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues.expected b/cpp/autosar/test/rules/M5-0-12/SignedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues.expected index d0aeaebd41..ad1f57935e 100644 --- a/cpp/autosar/test/rules/M5-0-12/SignedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues.expected +++ b/cpp/autosar/test/rules/M5-0-12/SignedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues.expected @@ -1,28 +1,28 @@ -| test.cpp:93:7:93:9 | (unsigned char)... | Implicit conversion of plain char $@ to unsigned char. | test.cpp:93:7:93:9 | 118 | expression | -| test.cpp:94:21:94:23 | (signed char)... | Implicit conversion of plain char $@ to signed char. | test.cpp:94:21:94:23 | 118 | expression | -| test.cpp:102:7:102:9 | (unsigned char)... | Implicit conversion of plain char $@ to unsigned char. | test.cpp:102:7:102:9 | 118 | expression | -| test.cpp:103:21:103:23 | (signed char)... | Implicit conversion of plain char $@ to signed char. | test.cpp:103:21:103:23 | 118 | expression | -| test.cpp:121:7:121:8 | (unsigned char)... | Implicit conversion of plain char $@ to unsigned char. | test.cpp:121:7:121:8 | x3 | expression | -| test.cpp:124:20:124:21 | (signed char)... | Implicit conversion of plain char $@ to signed char. | test.cpp:124:20:124:21 | x4 | expression | -| test.cpp:134:21:134:22 | (uint8_t)... | Implicit conversion of plain char $@ to uint8_t. | test.cpp:134:21:134:22 | x7 | expression | -| test.cpp:137:20:137:21 | (int8_t)... | Implicit conversion of plain char $@ to int8_t. | test.cpp:137:20:137:21 | x8 | expression | -| test.cpp:147:17:147:18 | definition of c3 | Implicit conversion of plain char $@ to unsigned char from instantiating template 'C1'. | test.cpp:5:12:5:12 | 120 | expression | -| test.cpp:150:17:150:18 | definition of c4 | Implicit conversion of plain char $@ to signed char from instantiating template 'C2'. | test.cpp:13:12:13:12 | 120 | expression | -| test.cpp:160:15:160:16 | definition of c7 | Implicit conversion of plain char $@ to uint8_t from instantiating template 'C5'. | test.cpp:22:12:22:12 | 1 | expression | -| test.cpp:163:15:163:16 | definition of c8 | Implicit conversion of plain char $@ to int8_t from instantiating template 'C6'. | test.cpp:30:12:30:12 | 1 | expression | -| test.cpp:180:7:180:10 | (unsigned char)... | Implicit conversion of plain char $@ to unsigned char. | test.cpp:180:7:180:10 | * ... | expression | -| test.cpp:185:7:185:10 | (signed char)... | Implicit conversion of plain char $@ to signed char. | test.cpp:185:7:185:10 | * ... | expression | -| test.cpp:200:7:200:10 | (uint8_t)... | Implicit conversion of plain char $@ to uint8_t. | test.cpp:200:7:200:10 | * ... | expression | -| test.cpp:205:7:205:10 | (int8_t)... | Implicit conversion of plain char $@ to int8_t. | test.cpp:205:7:205:10 | * ... | expression | -| test.cpp:219:6:219:7 | (unsigned char)... | Implicit conversion of plain char $@ to unsigned char. | test.cpp:219:6:219:7 | a3 | expression | -| test.cpp:222:6:222:7 | (signed char)... | Implicit conversion of plain char $@ to signed char. | test.cpp:222:6:222:7 | a4 | expression | -| test.cpp:232:6:232:7 | (uint8_t)... | Implicit conversion of plain char $@ to uint8_t. | test.cpp:232:6:232:7 | a7 | expression | -| test.cpp:235:7:235:8 | (int8_t)... | Implicit conversion of plain char $@ to int8_t. | test.cpp:235:7:235:8 | a8 | expression | -| test.cpp:249:3:249:4 | call to f5 | Implicit conversion of plain char $@ to unsigned char from instantiating template 'f5'. | test.cpp:43:56:43:56 | x | expression | -| test.cpp:253:3:253:4 | call to f6 | Implicit conversion of plain char $@ to signed char from instantiating template 'f6'. | test.cpp:44:54:44:54 | x | expression | -| test.cpp:266:3:266:5 | call to f13 | Implicit conversion of plain char $@ to uint8_t from instantiating template 'f13'. | test.cpp:47:56:47:56 | x | expression | -| test.cpp:270:3:270:5 | call to f14 | Implicit conversion of plain char $@ to int8_t from instantiating template 'f14'. | test.cpp:48:55:48:55 | x | expression | -| test.cpp:287:12:287:14 | definition of c11 | Implicit conversion of plain char $@ to unsigned char from instantiating template 'C9'. | test.cpp:52:15:52:15 | y | expression | -| test.cpp:292:13:292:15 | definition of c12 | Implicit conversion of plain char $@ to signed char from instantiating template 'C10'. | test.cpp:60:16:60:16 | y | expression | -| test.cpp:307:13:307:15 | definition of c15 | Implicit conversion of plain char $@ to uint8_t from instantiating template 'C13'. | test.cpp:69:16:69:16 | y | expression | -| test.cpp:311:13:311:15 | definition of c16 | Implicit conversion of plain char $@ to int8_t from instantiating template 'C14'. | test.cpp:77:16:77:16 | y | expression | +| test.cpp:93:7:93:9 | (unsigned char)... | Implicit conversion of plain char $@ to 'unsigned char'. | test.cpp:93:7:93:9 | 118 | expression | +| test.cpp:94:21:94:23 | (signed char)... | Implicit conversion of plain char $@ to 'signed char'. | test.cpp:94:21:94:23 | 118 | expression | +| test.cpp:102:7:102:9 | (unsigned char)... | Implicit conversion of plain char $@ to 'unsigned char'. | test.cpp:102:7:102:9 | 118 | expression | +| test.cpp:103:21:103:23 | (signed char)... | Implicit conversion of plain char $@ to 'signed char'. | test.cpp:103:21:103:23 | 118 | expression | +| test.cpp:121:7:121:8 | (unsigned char)... | Implicit conversion of plain char $@ to 'unsigned char'. | test.cpp:121:7:121:8 | x3 | expression | +| test.cpp:124:20:124:21 | (signed char)... | Implicit conversion of plain char $@ to 'signed char'. | test.cpp:124:20:124:21 | x4 | expression | +| test.cpp:134:21:134:22 | (uint8_t)... | Implicit conversion of plain char $@ to 'uint8_t'. | test.cpp:134:21:134:22 | x7 | expression | +| test.cpp:137:20:137:21 | (int8_t)... | Implicit conversion of plain char $@ to 'int8_t'. | test.cpp:137:20:137:21 | x8 | expression | +| test.cpp:147:17:147:18 | definition of c3 | Implicit conversion of plain char $@ to 'unsigned char' from instantiating template 'C1'. | test.cpp:5:12:5:12 | 120 | expression | +| test.cpp:150:17:150:18 | definition of c4 | Implicit conversion of plain char $@ to 'signed char' from instantiating template 'C2'. | test.cpp:13:12:13:12 | 120 | expression | +| test.cpp:160:15:160:16 | definition of c7 | Implicit conversion of plain char $@ to 'uint8_t' from instantiating template 'C5'. | test.cpp:22:12:22:12 | 1 | expression | +| test.cpp:163:15:163:16 | definition of c8 | Implicit conversion of plain char $@ to 'int8_t' from instantiating template 'C6'. | test.cpp:30:12:30:12 | 1 | expression | +| test.cpp:180:7:180:10 | (unsigned char)... | Implicit conversion of plain char $@ to 'unsigned char'. | test.cpp:180:7:180:10 | * ... | expression | +| test.cpp:185:7:185:10 | (signed char)... | Implicit conversion of plain char $@ to 'signed char'. | test.cpp:185:7:185:10 | * ... | expression | +| test.cpp:200:7:200:10 | (uint8_t)... | Implicit conversion of plain char $@ to 'uint8_t'. | test.cpp:200:7:200:10 | * ... | expression | +| test.cpp:205:7:205:10 | (int8_t)... | Implicit conversion of plain char $@ to 'int8_t'. | test.cpp:205:7:205:10 | * ... | expression | +| test.cpp:219:6:219:7 | (unsigned char)... | Implicit conversion of plain char $@ to 'unsigned char'. | test.cpp:219:6:219:7 | a3 | expression | +| test.cpp:222:6:222:7 | (signed char)... | Implicit conversion of plain char $@ to 'signed char'. | test.cpp:222:6:222:7 | a4 | expression | +| test.cpp:232:6:232:7 | (uint8_t)... | Implicit conversion of plain char $@ to 'uint8_t'. | test.cpp:232:6:232:7 | a7 | expression | +| test.cpp:235:7:235:8 | (int8_t)... | Implicit conversion of plain char $@ to 'int8_t'. | test.cpp:235:7:235:8 | a8 | expression | +| test.cpp:249:3:249:4 | call to f5 | Implicit conversion of plain char $@ to 'unsigned char' from instantiating template 'f5'. | test.cpp:43:56:43:56 | x | expression | +| test.cpp:253:3:253:4 | call to f6 | Implicit conversion of plain char $@ to 'signed char' from instantiating template 'f6'. | test.cpp:44:54:44:54 | x | expression | +| test.cpp:266:3:266:5 | call to f13 | Implicit conversion of plain char $@ to 'uint8_t' from instantiating template 'f13'. | test.cpp:47:56:47:56 | x | expression | +| test.cpp:270:3:270:5 | call to f14 | Implicit conversion of plain char $@ to 'int8_t' from instantiating template 'f14'. | test.cpp:48:55:48:55 | x | expression | +| test.cpp:287:12:287:14 | definition of c11 | Implicit conversion of plain char $@ to 'unsigned char' from instantiating template 'C9'. | test.cpp:52:15:52:15 | y | expression | +| test.cpp:292:13:292:15 | definition of c12 | Implicit conversion of plain char $@ to 'signed char' from instantiating template 'C10'. | test.cpp:60:16:60:16 | y | expression | +| test.cpp:307:13:307:15 | definition of c15 | Implicit conversion of plain char $@ to 'uint8_t' from instantiating template 'C13'. | test.cpp:69:16:69:16 | y | expression | +| test.cpp:311:13:311:15 | definition of c16 | Implicit conversion of plain char $@ to 'int8_t' from instantiating template 'C14'. | test.cpp:77:16:77:16 | y | expression | From a474ded139a11efb51548d2fd45ef8310f7f050e Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Mon, 14 Jul 2025 12:12:13 -0400 Subject: [PATCH 2562/2573] Minor editing of label --- cpp/autosar/test/rules/M5-0-12/test.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/test/rules/M5-0-12/test.cpp b/cpp/autosar/test/rules/M5-0-12/test.cpp index 037c57da13..3e9a21ae17 100644 --- a/cpp/autosar/test/rules/M5-0-12/test.cpp +++ b/cpp/autosar/test/rules/M5-0-12/test.cpp @@ -87,7 +87,7 @@ void instantiateTemplateVariables() { v1 = 1; // COMPLIANT: unsigned char assigned to an unsigned char v2 = 1; // COMPLIANT: signed char assigned to a signed char - v2 = 'v'; // COMPLIANT: signed char assigned to a signed char + v2 = 'v'; // COMPLIANT: plain char assigned to a plain char v1 = 'v'; // NON-COMPLIANT: plain char assigned to an unsigned char @@ -96,7 +96,7 @@ void instantiateTemplateVariables() { /* Twin cases with std::uint8_t and std::int8_t */ v1 = 1; // COMPLIANT: std::uint8_t assigned to a std::uint8_t v2 = 1; // COMPLIANT: std::int8_t assigned to a std::int8_t - v2 = 'v'; // COMPLIANT: signed char assigned to a signed char + v2 = 'v'; // COMPLIANT: plain char assigned to a plain char v1 = 'v'; // NON-COMPLIANT: plain char assigned to a std::uint8_t From 2991f6f8ab337f63127f5d5a60e4812068d86315 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Tue, 15 Jul 2025 12:21:30 -0400 Subject: [PATCH 2563/2573] Remove handling of template cases --- ...eUsedForTheStorageAndUseOfNumericValues.ql | 245 +----------------- 1 file changed, 13 insertions(+), 232 deletions(-) diff --git a/cpp/autosar/src/rules/M5-0-12/SignedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues.ql b/cpp/autosar/src/rules/M5-0-12/SignedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues.ql index e6852d7d39..bc3563559b 100644 --- a/cpp/autosar/src/rules/M5-0-12/SignedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues.ql +++ b/cpp/autosar/src/rules/M5-0-12/SignedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues.ql @@ -16,237 +16,18 @@ import cpp import codingstandards.cpp.autosar -newtype TTemplateElement = - TTemplateClass(TemplateClass c) or - TTemplateFunction(TemplateFunction f) or - TTemplateVariable(TemplateVariable v) - -/** - * A templated element. These are either templated classes, templated functions, - * or templated variables. - */ -class TemplateElement extends TTemplateElement { - TemplateClass asTemplateClass() { this = TTemplateClass(result) } - - TemplateFunction asTemplateFunction() { this = TTemplateFunction(result) } - - TemplateVariable asTemplateVariable() { this = TTemplateVariable(result) } - - string toString() { - result = this.asTemplateClass().toString() or - result = this.asTemplateFunction().toString() or - result = this.asTemplateVariable().toString() - } - - Location getLocation() { - result = this.asTemplateClass().getLocation() or - result = this.asTemplateFunction().getLocation() or - result = this.asTemplateVariable().getLocation() - } - - string getName() { - result = this.asTemplateClass().getName() or - result = this.asTemplateFunction().getName() or - result = this.asTemplateVariable().getName() - } -} - -newtype TTemplateInstantiation = - TClassTemplateInstantiation(ClassTemplateInstantiation c) or - TFunctionTemplateInstantiation(FunctionTemplateInstantiation f) or - TVariableTemplateInstantiation(VariableTemplateInstantiation v) - -/** - * An instantiation of a templated element, either a templated class, templated - * function, or templated variable. - */ -class TemplateInstantiation extends TTemplateInstantiation { - ClassTemplateInstantiation asClassTemplateInstantiation() { - this = TClassTemplateInstantiation(result) - } - - FunctionTemplateInstantiation asFunctionTemplateInstantiation() { - this = TFunctionTemplateInstantiation(result) - } - - VariableTemplateInstantiation asVariableTemplateInstantiation() { - this = TVariableTemplateInstantiation(result) - } - - string toString() { - result = this.asClassTemplateInstantiation().toString() or - result = this.asFunctionTemplateInstantiation().toString() or - result = this.asVariableTemplateInstantiation().toString() - } - - Location getLocation() { - result = this.asClassTemplateInstantiation().getLocation() or - result = this.asFunctionTemplateInstantiation().getLocation() or - result = this.asVariableTemplateInstantiation().getLocation() - } - - Element asElement() { - result = this.asClassTemplateInstantiation() or - result = this.asFunctionTemplateInstantiation() or - result = this.asVariableTemplateInstantiation() - } - - /** - * Gets the template this instantiation is from, depending on the kind of the element - * this instantiation is for. - */ - TemplateElement getTemplate() { - result.asTemplateClass() = this.asClassTemplateInstantiation().getTemplate() or - result.asTemplateFunction() = this.asFunctionTemplateInstantiation().getTemplate() or - result.asTemplateVariable() = this.asVariableTemplateInstantiation().getTemplate() - } - - /** - * Gets a use of an instantiation of this template. i.e. - * 1. For a class template, it's where the instantiated type is used by the name. - * 2. For a function template, it's where the instantiated function is called. - * 3. For a variable template, it's where the instantiated variable is initialized. - */ - Element getAUse() { - result = this.asClassTemplateInstantiation().getATypeNameUse() or - result = this.asFunctionTemplateInstantiation().getACallToThisFunction() or - result = this.asVariableTemplateInstantiation() - } -} - -/** - * An implicit conversion from a plain char type to an explicitly signed or unsigned char - * type. `std::uint8_t` and `std::int8_t` are also considered as these char types. - * - * Note that this class only includes implicit conversions and does not include explicit - * type conversions, i.e. casts. - */ -class ImplicitConversionFromPlainCharType extends Conversion { - ImplicitConversionFromPlainCharType() { - this.isImplicit() and - this.getExpr().getUnspecifiedType() instanceof PlainCharType and - ( - this.getUnspecifiedType() instanceof SignedCharType or - this.getUnspecifiedType() instanceof UnsignedCharType - ) - } -} - -newtype TImplicitConversionElement = - TImplicitConversionOutsideTemplate(ImplicitConversionFromPlainCharType implicitConversion) { - not exists(TemplateInstantiation instantiation | - implicitConversion.isFromTemplateInstantiation(instantiation.asElement()) - ) - } or - TInstantiationOfImplicitConversionTemplate( - TemplateInstantiation templateInstantiation, - ImplicitConversionFromPlainCharType implicitConversion - ) { - implicitConversion.getEnclosingElement+() = templateInstantiation.asElement() - } - -/** - * The locations where the implicit conversion from a plain char to an explicitly signed / unsigned - * char is taking place on a high level. It splits case on whether the conversion is caused by - * instantiating a template: - * - * - For conversions not due to template usage (i.e. outside a templated element), this refers to - * the same element as the one associated with the conversion. - * - For conversions due to template usage, this refers to the element that uses the instantiation - * of a template where an implicit char conversion happens. - */ -class ImplicitConversionLocation extends TImplicitConversionElement { - ImplicitConversionFromPlainCharType asImplicitConversionOutsideTemplate() { - this = TImplicitConversionOutsideTemplate(result) - } - - TemplateInstantiation asInstantiationOfImplicitConversionTemplate( - ImplicitConversionFromPlainCharType implicitConversion - ) { - this = TInstantiationOfImplicitConversionTemplate(result, implicitConversion) - } - - /** - * Holds if this is a location of a conversion happening outside of a template. - */ - predicate isImplicitConversionOutsideTemplate() { - exists(this.asImplicitConversionOutsideTemplate()) - } - - /** - * Holds if this is a location of a conversion happening due to instantiating a - * template. - */ - predicate isInstantiationOfImplicitConversionTemplate() { - exists( - TemplateInstantiation templateInstantiation, - ImplicitConversionFromPlainCharType implicitConversion - | - templateInstantiation = this.asInstantiationOfImplicitConversionTemplate(implicitConversion) - ) - } - - /** - * Gets the implicit conversion that this location is associated with. - * - In cases of conversions not involving a template, this is the same as the - * location associated with the conversion. - * - In cases of conversions due to using a template, this is the conversion that - * happens in the instantiated template. - */ - ImplicitConversionFromPlainCharType getImplicitConversion() { - result = this.asImplicitConversionOutsideTemplate() or - exists(TemplateInstantiation templateInstantiation | - this = TInstantiationOfImplicitConversionTemplate(templateInstantiation, result) - ) - } - - string toString() { - result = this.asImplicitConversionOutsideTemplate().toString() or - exists(ImplicitConversionFromPlainCharType implicitConversion | - result = this.asInstantiationOfImplicitConversionTemplate(implicitConversion).toString() - ) - } - - Location getLocation() { - result = this.asImplicitConversionOutsideTemplate().getLocation() or - exists(ImplicitConversionFromPlainCharType implicitConversion | - result = this.asInstantiationOfImplicitConversionTemplate(implicitConversion).getLocation() - ) - } - - Element asElement() { - result = this.asImplicitConversionOutsideTemplate() or - exists(ImplicitConversionFromPlainCharType implicitConversion | - result = this.asInstantiationOfImplicitConversionTemplate(implicitConversion).getAUse() - ) - } -} - -string getMessageTemplate(ImplicitConversionLocation implicitConversionLocation) { - exists(ImplicitConversionFromPlainCharType implicitConversion | - implicitConversion = implicitConversionLocation.getImplicitConversion() - | - implicitConversionLocation.isImplicitConversionOutsideTemplate() and - result = - "Implicit conversion of plain char $@ to '" + implicitConversion.getType().getName() + "'." - or - implicitConversionLocation.isInstantiationOfImplicitConversionTemplate() and - result = - "Implicit conversion of plain char $@ to '" + implicitConversion.getType().getName() + - "' from instantiating template '" + - implicitConversionLocation - .asInstantiationOfImplicitConversionTemplate(implicitConversion) - .getTemplate() - .getName() + "'." - ) -} - -from - ImplicitConversionLocation implicitConversionLocation, - ImplicitConversionFromPlainCharType implicitConversion +from Conversion c where - not isExcluded(implicitConversionLocation.asElement(), + not isExcluded(c, StringsPackage::signedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValuesQuery()) and - implicitConversion = implicitConversionLocation.getImplicitConversion() -select implicitConversionLocation.asElement(), getMessageTemplate(implicitConversionLocation), - implicitConversion.getExpr(), "expression" + /* 1. Focus on implicit conversions only (explicit conversions are acceptable). */ + c.isImplicit() and + /* 2. The target type is explicitly signed or unsigned char. */ + ( + c.getUnspecifiedType() instanceof SignedCharType or + c.getUnspecifiedType() instanceof UnsignedCharType + ) and + /* 3. Check if the source expression is a plain char type, i.e. not explicitly signed / unsigned. */ + c.getExpr().getUnspecifiedType() instanceof PlainCharType +select c, "Implicit conversion of plain char type to $@ with an explicitly signed char type", c, + c.getUnspecifiedType().getName() From 8dbaa1baa2735f1c2724cd58f743df50cfcbbc43 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Tue, 15 Jul 2025 12:50:14 -0400 Subject: [PATCH 2564/2573] Remove templates from the coverage of the query Templates are tricky issue; we'd like to address this in a different PR. --- ...eUsedForTheStorageAndUseOfNumericValues.ql | 5 +- ...orTheStorageAndUseOfNumericValues.expected | 44 ++-- cpp/autosar/test/rules/M5-0-12/test.cpp | 193 +++--------------- 3 files changed, 44 insertions(+), 198 deletions(-) diff --git a/cpp/autosar/src/rules/M5-0-12/SignedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues.ql b/cpp/autosar/src/rules/M5-0-12/SignedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues.ql index bc3563559b..8e48c05ada 100644 --- a/cpp/autosar/src/rules/M5-0-12/SignedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues.ql +++ b/cpp/autosar/src/rules/M5-0-12/SignedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues.ql @@ -29,5 +29,6 @@ where ) and /* 3. Check if the source expression is a plain char type, i.e. not explicitly signed / unsigned. */ c.getExpr().getUnspecifiedType() instanceof PlainCharType -select c, "Implicit conversion of plain char type to $@ with an explicitly signed char type", c, - c.getUnspecifiedType().getName() +select c, + "This expression of plain char type is implicitly converted to '" + + c.getUnspecifiedType().getName() + "'." diff --git a/cpp/autosar/test/rules/M5-0-12/SignedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues.expected b/cpp/autosar/test/rules/M5-0-12/SignedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues.expected index ad1f57935e..b23be388c6 100644 --- a/cpp/autosar/test/rules/M5-0-12/SignedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues.expected +++ b/cpp/autosar/test/rules/M5-0-12/SignedCharAndUnsignedCharTypeShallOnlyBeUsedForTheStorageAndUseOfNumericValues.expected @@ -1,28 +1,16 @@ -| test.cpp:93:7:93:9 | (unsigned char)... | Implicit conversion of plain char $@ to 'unsigned char'. | test.cpp:93:7:93:9 | 118 | expression | -| test.cpp:94:21:94:23 | (signed char)... | Implicit conversion of plain char $@ to 'signed char'. | test.cpp:94:21:94:23 | 118 | expression | -| test.cpp:102:7:102:9 | (unsigned char)... | Implicit conversion of plain char $@ to 'unsigned char'. | test.cpp:102:7:102:9 | 118 | expression | -| test.cpp:103:21:103:23 | (signed char)... | Implicit conversion of plain char $@ to 'signed char'. | test.cpp:103:21:103:23 | 118 | expression | -| test.cpp:121:7:121:8 | (unsigned char)... | Implicit conversion of plain char $@ to 'unsigned char'. | test.cpp:121:7:121:8 | x3 | expression | -| test.cpp:124:20:124:21 | (signed char)... | Implicit conversion of plain char $@ to 'signed char'. | test.cpp:124:20:124:21 | x4 | expression | -| test.cpp:134:21:134:22 | (uint8_t)... | Implicit conversion of plain char $@ to 'uint8_t'. | test.cpp:134:21:134:22 | x7 | expression | -| test.cpp:137:20:137:21 | (int8_t)... | Implicit conversion of plain char $@ to 'int8_t'. | test.cpp:137:20:137:21 | x8 | expression | -| test.cpp:147:17:147:18 | definition of c3 | Implicit conversion of plain char $@ to 'unsigned char' from instantiating template 'C1'. | test.cpp:5:12:5:12 | 120 | expression | -| test.cpp:150:17:150:18 | definition of c4 | Implicit conversion of plain char $@ to 'signed char' from instantiating template 'C2'. | test.cpp:13:12:13:12 | 120 | expression | -| test.cpp:160:15:160:16 | definition of c7 | Implicit conversion of plain char $@ to 'uint8_t' from instantiating template 'C5'. | test.cpp:22:12:22:12 | 1 | expression | -| test.cpp:163:15:163:16 | definition of c8 | Implicit conversion of plain char $@ to 'int8_t' from instantiating template 'C6'. | test.cpp:30:12:30:12 | 1 | expression | -| test.cpp:180:7:180:10 | (unsigned char)... | Implicit conversion of plain char $@ to 'unsigned char'. | test.cpp:180:7:180:10 | * ... | expression | -| test.cpp:185:7:185:10 | (signed char)... | Implicit conversion of plain char $@ to 'signed char'. | test.cpp:185:7:185:10 | * ... | expression | -| test.cpp:200:7:200:10 | (uint8_t)... | Implicit conversion of plain char $@ to 'uint8_t'. | test.cpp:200:7:200:10 | * ... | expression | -| test.cpp:205:7:205:10 | (int8_t)... | Implicit conversion of plain char $@ to 'int8_t'. | test.cpp:205:7:205:10 | * ... | expression | -| test.cpp:219:6:219:7 | (unsigned char)... | Implicit conversion of plain char $@ to 'unsigned char'. | test.cpp:219:6:219:7 | a3 | expression | -| test.cpp:222:6:222:7 | (signed char)... | Implicit conversion of plain char $@ to 'signed char'. | test.cpp:222:6:222:7 | a4 | expression | -| test.cpp:232:6:232:7 | (uint8_t)... | Implicit conversion of plain char $@ to 'uint8_t'. | test.cpp:232:6:232:7 | a7 | expression | -| test.cpp:235:7:235:8 | (int8_t)... | Implicit conversion of plain char $@ to 'int8_t'. | test.cpp:235:7:235:8 | a8 | expression | -| test.cpp:249:3:249:4 | call to f5 | Implicit conversion of plain char $@ to 'unsigned char' from instantiating template 'f5'. | test.cpp:43:56:43:56 | x | expression | -| test.cpp:253:3:253:4 | call to f6 | Implicit conversion of plain char $@ to 'signed char' from instantiating template 'f6'. | test.cpp:44:54:44:54 | x | expression | -| test.cpp:266:3:266:5 | call to f13 | Implicit conversion of plain char $@ to 'uint8_t' from instantiating template 'f13'. | test.cpp:47:56:47:56 | x | expression | -| test.cpp:270:3:270:5 | call to f14 | Implicit conversion of plain char $@ to 'int8_t' from instantiating template 'f14'. | test.cpp:48:55:48:55 | x | expression | -| test.cpp:287:12:287:14 | definition of c11 | Implicit conversion of plain char $@ to 'unsigned char' from instantiating template 'C9'. | test.cpp:52:15:52:15 | y | expression | -| test.cpp:292:13:292:15 | definition of c12 | Implicit conversion of plain char $@ to 'signed char' from instantiating template 'C10'. | test.cpp:60:16:60:16 | y | expression | -| test.cpp:307:13:307:15 | definition of c15 | Implicit conversion of plain char $@ to 'uint8_t' from instantiating template 'C13'. | test.cpp:69:16:69:16 | y | expression | -| test.cpp:311:13:311:15 | definition of c16 | Implicit conversion of plain char $@ to 'int8_t' from instantiating template 'C14'. | test.cpp:77:16:77:16 | y | expression | +| test.cpp:58:7:58:8 | (unsigned char)... | This expression of plain char type is implicitly converted to 'unsigned char'. | +| test.cpp:61:20:61:21 | (signed char)... | This expression of plain char type is implicitly converted to 'signed char'. | +| test.cpp:71:21:71:22 | (uint8_t)... | This expression of plain char type is implicitly converted to 'unsigned char'. | +| test.cpp:74:20:74:21 | (int8_t)... | This expression of plain char type is implicitly converted to 'signed char'. | +| test.cpp:84:9:84:11 | (unsigned char)... | This expression of plain char type is implicitly converted to 'unsigned char'. | +| test.cpp:87:9:87:11 | (signed char)... | This expression of plain char type is implicitly converted to 'signed char'. | +| test.cpp:97:9:97:11 | (unsigned char)... | This expression of plain char type is implicitly converted to 'unsigned char'. | +| test.cpp:100:9:100:11 | (signed char)... | This expression of plain char type is implicitly converted to 'signed char'. | +| test.cpp:117:7:117:10 | (unsigned char)... | This expression of plain char type is implicitly converted to 'unsigned char'. | +| test.cpp:122:7:122:10 | (signed char)... | This expression of plain char type is implicitly converted to 'signed char'. | +| test.cpp:137:7:137:10 | (uint8_t)... | This expression of plain char type is implicitly converted to 'unsigned char'. | +| test.cpp:142:7:142:10 | (int8_t)... | This expression of plain char type is implicitly converted to 'signed char'. | +| test.cpp:153:6:153:7 | (unsigned char)... | This expression of plain char type is implicitly converted to 'unsigned char'. | +| test.cpp:156:6:156:7 | (signed char)... | This expression of plain char type is implicitly converted to 'signed char'. | +| test.cpp:166:6:166:7 | (uint8_t)... | This expression of plain char type is implicitly converted to 'unsigned char'. | +| test.cpp:169:7:169:8 | (int8_t)... | This expression of plain char type is implicitly converted to 'signed char'. | diff --git a/cpp/autosar/test/rules/M5-0-12/test.cpp b/cpp/autosar/test/rules/M5-0-12/test.cpp index 3e9a21ae17..036db12b04 100644 --- a/cpp/autosar/test/rules/M5-0-12/test.cpp +++ b/cpp/autosar/test/rules/M5-0-12/test.cpp @@ -1,33 +1,33 @@ #include -template class C1 { +class C1 { public: - C1() : x(y) {} + C1(unsigned char y) : x(y) {} private: unsigned char x; }; -template class C2 { +class C2 { public: - C2() : x(y) {} + C2(signed char y) : x(y) {} private: signed char x; }; -/* Twin templates for std::uint8_t and std::int8_t */ -template class C5 { +/* Twin classes for std::uint8_t and std::int8_t */ +class C5 { public: - C5() : x(y) {} + C5(unsigned char y) : x(y) {} private: std::uint8_t x; }; -template class C6 { +class C6 { public: - C6() : x(y) {} + C6(signed char y) : x(y) {} private: std::int8_t x; @@ -40,69 +40,6 @@ void f2(signed char x) {} void f9(std::uint8_t x) {} void f10(std::int8_t x) {} -template void f5(T x) { unsigned char y = x; } -template void f6(T x) { signed char y = x; } - -/* Twin template functions for std::uint8_t and std::int8_t */ -template void f13(T x) { std::uint8_t y = x; } -template void f14(T x) { std::int8_t y = x; } - -template class C9 { -public: - C9(T y) : x(y) {} - -private: - unsigned char x; -}; - -template class C10 { -public: - C10(T y) : x(y) {} - -private: - signed char x; -}; - -/* Twin template classes for std::uint8_t and std::int8_t */ -template class C13 { -public: - C13(T y) : x(y) {} - -private: - std::uint8_t x; -}; - -template class C14 { -public: - C14(T y) : x(y) {} - -private: - std::int8_t x; -}; - -template T v1; -template T v2; - -void instantiateTemplateVariables() { - v1 = - 1; // COMPLIANT: unsigned char assigned to an unsigned char - v2 = 1; // COMPLIANT: signed char assigned to a signed char - v2 = 'v'; // COMPLIANT: plain char assigned to a plain char - - v1 = - 'v'; // NON-COMPLIANT: plain char assigned to an unsigned char - v2 = 'v'; // NON-COMPLIANT: plain char assigned to a signed char - - /* Twin cases with std::uint8_t and std::int8_t */ - v1 = 1; // COMPLIANT: std::uint8_t assigned to a std::uint8_t - v2 = 1; // COMPLIANT: std::int8_t assigned to a std::int8_t - v2 = 'v'; // COMPLIANT: plain char assigned to a plain char - - v1 = - 'v'; // NON-COMPLIANT: plain char assigned to a std::uint8_t - v2 = 'v'; // NON-COMPLIANT: plain char assigned to a std::int8_t -} - int main() { /* ========== 1. Assigning a char to another char ========== */ @@ -138,30 +75,30 @@ int main() { /* ===== 1-2. Assigning a char to a char member ===== */ - C1 c1; // COMPLIANT: unsigned char arg passed to an unsigned - // char member through a template + C1 c1(1); // COMPLIANT: unsigned char arg passed to an unsigned + // char member - C2 c2; // COMPLIANT: signed char arg passed to a signed char - // member through a template + C2 c2(1); // COMPLIANT: signed char arg passed to a signed char + // member - C1 c3; // NON-COMPLIANT: plain char arg passed to an unsigned char - // member through a template + C1 c3('x'); // NON-COMPLIANT: plain char arg passed to an unsigned char + // member - C2 c4; // NON-COMPLIANT: plain char arg passed to a signed char - // member through a template + C2 c4('x'); // NON-COMPLIANT: plain char arg passed to a signed char + // member /* Twin cases with std::uint8_t and std::int8_t */ - C5 c5; // COMPLIANT: std::uint8_t arg passed to a - // std::uint8_t member through a template + C5 c5(1); // COMPLIANT: std::uint8_t arg passed to a + // std::uint8_t member - C6 c6; // COMPLIANT: std::int8_t arg passed to a std::int8_t - // member through a template + C6 c6(1); // COMPLIANT: std::int8_t arg passed to a std::int8_t + // member - C5 c7; // NON-COMPLIANT: plain char arg passed to a - // std::uint8_t member through a template + C5 c7('x'); // NON-COMPLIANT: plain char arg passed to a + // std::uint8_t member - C6 c8; // NON-COMPLIANT: plain char arg passed to a std::int8_t - // member through a template + C6 c8('x'); // NON-COMPLIANT: plain char arg passed to a std::int8_t + // member /* ========== 1-3. Assigning a char to a char through a pointer ========== */ @@ -206,9 +143,6 @@ int main() { /* ========== 2. Passing a char argument to a char parameter ========== */ - /* ===== 2-1. Passing char argument to a char parameter of a regular function - * ===== */ - unsigned char a1 = 1; f1(a1); // COMPLIANT: unsigned char arg passed to an unsigned char parameter @@ -233,81 +167,4 @@ int main() { char a8 = 'a'; f10(a8); // NON-COMPLIANT: plain char arg passed to a std::int8_t parameter - - /* ===== 2-2. Passing char argument to a char parameter through a template - * ===== */ - - unsigned char a9 = 1; - f5(a9); // COMPLIANT: unsigned char arg passed to an unsigned char parameter - // through a template - - signed char a10 = 1; - f6(a10); // COMPLIANT: signed char arg passed to a signed char parameter - // through a template - - char a11 = 'a'; - f5(a11); // NON-COMPLIANT: plain char arg passed to an unsigned char parameter - // through a template - - char a12 = 'a'; - f6(a12); // NON-COMPLIANT: plain char arg passed to a signed char parameter - // through a template - - /* Twin cases with std::uint8_t and std::int8_t */ - std::uint8_t a13 = 1; - f13(a13); // COMPLIANT: std::uint8_t arg passed to a std::uint8_t parameter - // through a template - - std::int8_t a14 = 1; - f14(a14); // COMPLIANT: std::int8_t arg passed to a std::int8_t parameter - // through a template - - char a15 = 'a'; - f13(a15); // NON-COMPLIANT: plain char arg passed to a std::uint8_t parameter - // through a template - - char a16 = 'a'; - f14(a16); // NON-COMPLIANT: plain char arg passed to a std::int8_t parameter - // through a template - - /* ========== 2-3. Passing a char argument to a char parameter through a - * template ========== */ - - unsigned char a17 = 1; - C9 c9( - a17); // COMPLIANT: unsigned char arg passed to an unsigned char parameter - // of a constructor through a template - - signed char a18 = 1; - C10 c10( - a18); // COMPLIANT: signed char arg passed to an signed - // char parameter of a constructor through a template - - char a19 = 'a'; - C9 c11( - a19); // NON-COMPLIANT: plain char arg passed to an unsigned signed char - // parameter of a constructor through a template - - char a20 = 'a'; - C10 c12(a20); // NON-COMPLIANT: plain char arg passed to an signed char - // parameter of a constructor through a template - - /* Twin cases with std::uint8_t and std::int8_t */ - std::uint8_t a21 = 1; - C13 c13( - a21); // COMPLIANT: std::uint8_t arg passed to a std::uint8_t parameter - // of a constructor through a template - - std::int8_t a22 = 1; - C14 c14( - a22); // COMPLIANT: std::int8_t arg passed to a std::int8_t - // parameter of a constructor through a template - - char a23 = 'a'; - C13 c15(a23); // NON-COMPLIANT: plain char arg passed to a std::uint8_t - // parameter of a constructor through a template - - char a24 = 'a'; - C14 c16(a24); // NON-COMPLIANT: plain char arg passed to a std::int8_t - // parameter of a constructor through a template } From 7d1b27cc0f1914ed8979ca8b5b125fc73c42280c Mon Sep 17 00:00:00 2001 From: knewbury01 Date: Tue, 15 Jul 2025 19:02:45 +0000 Subject: [PATCH 2565/2573] Bump version to 2.49.0-dev --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- docs/user_manual.md | 12 ++++++------ 16 files changed, 21 insertions(+), 21 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index d2ba0816a3..cff1e79631 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards -version: 2.48.0-dev +version: 2.49.0-dev description: CERT C 2016 suites: codeql-suites license: MIT diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index 98268c5636..9f5f21ba1b 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards-tests -version: 2.48.0-dev +version: 2.49.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 4bbcb5c730..39adc407b9 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards -version: 2.48.0-dev +version: 2.49.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index ce8d7b3ce7..da30625ddb 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards-tests -version: 2.48.0-dev +version: 2.49.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 02f9dceb48..613cb22b26 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards -version: 2.48.0-dev +version: 2.49.0-dev description: MISRA C 2012 suites: codeql-suites license: MIT diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index a720d41779..08e5f579a3 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards-tests -version: 2.48.0-dev +version: 2.49.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index 65ec603f59..4130f08079 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards -version: 2.48.0-dev +version: 2.49.0-dev description: AUTOSAR C++14 Guidelines R22-11, R21-11, R20-11, R19-11 and R19-03 suites: codeql-suites license: MIT diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index f7b3f9ef3f..46f06bed50 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards-tests -version: 2.48.0-dev +version: 2.49.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index 999faded05..a89ed8a905 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards -version: 2.48.0-dev +version: 2.49.0-dev description: CERT C++ 2016 suites: codeql-suites license: MIT diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index b1c634258a..8634569355 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards-tests -version: 2.48.0-dev +version: 2.49.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index f7938fef71..07a8dc4136 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards -version: 2.48.0-dev +version: 2.49.0-dev license: MIT dependencies: codeql/cpp-all: 2.1.1 diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index 84a581eda1..cb54217f76 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards-tests -version: 2.48.0-dev +version: 2.49.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index f6a4e21428..44baf3efbe 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards -version: 2.48.0-dev +version: 2.49.0-dev description: MISRA C++ 2023 default-suite: codeql-suites/misra-cpp-default.qls license: MIT diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index 565c630696..fb0cc1201c 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards-tests -version: 2.48.0-dev +version: 2.49.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index c8a6dd08f8..e563299482 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/report-cpp-coding-standards -version: 2.48.0-dev +version: 2.49.0-dev license: MIT dependencies: codeql/cpp-all: 2.1.1 diff --git a/docs/user_manual.md b/docs/user_manual.md index fae4623443..f4449082c7 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -36,14 +36,14 @@ ## Release information -This user manual documents release `2.48.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). +This user manual documents release `2.49.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). The release page documents the release notes and contains the following artifacts part of the release: - `coding-standards-codeql-packs-2.37.0-dev.zip`: CodeQL packs that can be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `code-scanning-cpp-query-pack-2.48.0-dev.zip`: Legacy packaging for the queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `supported_rules_list_2.48.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. -- `supported_rules_list_2.48.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. -- `user_manual_2.48.0-dev.md`: This user manual. +- `code-scanning-cpp-query-pack-2.49.0-dev.zip`: Legacy packaging for the queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. +- `supported_rules_list_2.49.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. +- `supported_rules_list_2.49.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. +- `user_manual_2.49.0-dev.md`: This user manual. - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards - `checksums.txt`: A text file containing sha256 checksums for the aforementioned artifacts. @@ -670,7 +670,7 @@ This section describes known failure modes for "CodeQL Coding Standards" and des | | Out of space | Less output. Some files may be only be partially analyzed, or not analyzed at all. | Error reported on the command line. | Increase space. If it remains an issue report space consumption issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False positives | More output. Results are reported which are not violations of the guidelines. | All reported results must be reviewed. | Report false positive issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False negatives | Less output. Violations of the guidelines are not reported. | Other validation and verification processes during software development should be used to complement the analysis performed by CodeQL Coding Standards. | Report false negative issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | -| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.48.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | +| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.49.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | | | Incorrect deviation record specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation records with a reason. Ensure that all deviation records are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Incorrect deviation permit specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation permits with a reason. Ensure that all deviation permits are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Unapproved use of a deviation record | Less output. Results for guideline violations are not reported. | Validate that the deviation record use is approved by verifying the approved-by attribute of the deviation record specification. | Ensure that each raised deviation record is approved by an independent approver through an auditable process. | From a9c412d9fc2c4034393a4cf8b982d2f7b2f7d6cf Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Tue, 15 Jul 2025 20:57:29 -0700 Subject: [PATCH 2566/2573] Fix bad joins on function names and unnecessarily large relation on integer constant macros --- .../IncompatibleFunctionDeclarations.ql | 26 +++++++++++-------- ...rectlySizedIntegerConstantMacroArgument.ql | 1 + .../CompatibleDeclarationFunctionDefined.ql | 15 +++++------ ...5-7-15-fix-performance-issues-in-2.20.7.md | 4 +++ 4 files changed, 26 insertions(+), 20 deletions(-) create mode 100644 change_notes/2025-7-15-fix-performance-issues-in-2.20.7.md diff --git a/c/cert/src/rules/DCL40-C/IncompatibleFunctionDeclarations.ql b/c/cert/src/rules/DCL40-C/IncompatibleFunctionDeclarations.ql index 8c25fe3350..3811d4e417 100644 --- a/c/cert/src/rules/DCL40-C/IncompatibleFunctionDeclarations.ql +++ b/c/cert/src/rules/DCL40-C/IncompatibleFunctionDeclarations.ql @@ -24,28 +24,32 @@ import codingstandards.c.cert import codingstandards.cpp.types.Compatible import ExternalIdentifiers -predicate interestedInFunctions(FunctionDeclarationEntry f1, FunctionDeclarationEntry f2) { +predicate interestedInFunctions( + FunctionDeclarationEntry f1, FunctionDeclarationEntry f2, ExternalIdentifiers d +) { not f1 = f2 and - f1.getDeclaration() = f2.getDeclaration() and - f1.getName() = f2.getName() + d = f1.getDeclaration() and + d = f2.getDeclaration() +} + +predicate interestedInFunctions(FunctionDeclarationEntry f1, FunctionDeclarationEntry f2) { + interestedInFunctions(f1, f2, _) } +module FuncDeclEquiv = + FunctionDeclarationTypeEquivalence; + from ExternalIdentifiers d, FunctionDeclarationEntry f1, FunctionDeclarationEntry f2 where not isExcluded(f1, Declarations2Package::incompatibleFunctionDeclarationsQuery()) and not isExcluded(f2, Declarations2Package::incompatibleFunctionDeclarationsQuery()) and - not f1 = f2 and - f1.getDeclaration() = d and - f2.getDeclaration() = d and - f1.getName() = f2.getName() and + interestedInFunctions(f1, f2, d) and ( //return type check - not FunctionDeclarationTypeEquivalence::equalReturnTypes(f1, - f2) + not FuncDeclEquiv::equalReturnTypes(f1, f2) or //parameter type check - not FunctionDeclarationTypeEquivalence::equalParameterTypes(f1, - f2) + not FuncDeclEquiv::equalParameterTypes(f1, f2) ) and // Apply ordering on start line, trying to avoid the optimiser applying this join too early // in the pipeline diff --git a/c/misra/src/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.ql b/c/misra/src/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.ql index 87c945d6b6..1fe052aaae 100644 --- a/c/misra/src/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.ql +++ b/c/misra/src/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.ql @@ -20,6 +20,7 @@ predicate matchesSign(IntegerConstantMacro macro, PossiblyNegativeLiteral litera literal.isNegative() implies macro.isSigned() } +bindingset[literal] predicate matchesSize(IntegerConstantMacro macro, PossiblyNegativeLiteral literal) { literal.getRawValue() <= macro.maxValue() and literal.getRawValue() >= macro.minValue() diff --git a/c/misra/src/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.ql b/c/misra/src/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.ql index 73abc1e048..e7eba7e42a 100644 --- a/c/misra/src/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.ql +++ b/c/misra/src/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.ql @@ -23,13 +23,14 @@ predicate interestedInFunctions(FunctionDeclarationEntry f1, FunctionDeclaration f1.getDeclaration() instanceof ExternalIdentifiers and f1.isDefinition() and f1.getDeclaration() = f2.getDeclaration() and - // This condition should always hold, but removing it affects join order performance. - f1.getName() = f2.getName() and not f2.isDefinition() and not f1.isFromTemplateInstantiation(_) and not f2.isFromTemplateInstantiation(_) } +module FunDeclEquiv = + FunctionDeclarationTypeEquivalence; + from FunctionDeclarationEntry f1 where not isExcluded(f1, Declarations4Package::compatibleDeclarationFunctionDefinedQuery()) and @@ -44,17 +45,13 @@ where or //or one exists that is close but incompatible in some way exists(FunctionDeclarationEntry f2 | - f1.getName() = f2.getName() and - not f2.isDefinition() and - f2.getDeclaration() = f1.getDeclaration() and + interestedInFunctions(f1, f2) and ( //return types differ - not FunctionDeclarationTypeEquivalence::equalReturnTypes(f1, - f2) + not FunDeclEquiv::equalReturnTypes(f1, f2) or //parameter types differ - not FunctionDeclarationTypeEquivalence::equalParameterTypes(f1, - f2) + not FunDeclEquiv::equalParameterTypes(f1, f2) or //parameter names differ parameterNamesUnmatched(f1, f2) diff --git a/change_notes/2025-7-15-fix-performance-issues-in-2.20.7.md b/change_notes/2025-7-15-fix-performance-issues-in-2.20.7.md new file mode 100644 index 0000000000..a936579a97 --- /dev/null +++ b/change_notes/2025-7-15-fix-performance-issues-in-2.20.7.md @@ -0,0 +1,4 @@ + - `DCL40-C`, `RULE-8-4`: `IncompatibleFunctionDeclarations.ql`, `CompatibleDeclarationFunctionDefined.ql`. + - Fixed performance issues introduced when upgrading to CodeQL `2.20.7` by removing unnecessary check that matching function declarations have matching names. + - `RULE-7-5`: `IncorrectlySizedIntegerConstantMacroArgument.ql`. + - Added a `bindingset` to improve performance when checking if a literal matches the size of an integer constant macro. \ No newline at end of file From cfdc0d15f5e517ec6e28ebb8a14e214735203904 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 17 Jul 2025 17:03:56 +0100 Subject: [PATCH 2567/2573] A7-1-7: Address performance issue on 2.20.7 Poor join ordering on locations. --- ...erDeclarationAndInitializationNotOnSeparateLines.ql | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/cpp/autosar/src/rules/A7-1-7/IdentifierDeclarationAndInitializationNotOnSeparateLines.ql b/cpp/autosar/src/rules/A7-1-7/IdentifierDeclarationAndInitializationNotOnSeparateLines.ql index ac98fe699d..addd8af697 100644 --- a/cpp/autosar/src/rules/A7-1-7/IdentifierDeclarationAndInitializationNotOnSeparateLines.ql +++ b/cpp/autosar/src/rules/A7-1-7/IdentifierDeclarationAndInitializationNotOnSeparateLines.ql @@ -55,11 +55,9 @@ where //omit the cases where there is one struct identifier on a struct var line used with typedef not exists(Struct s | s.getADeclarationEntry() = e1 and e1 instanceof TypeDeclarationEntry) and not exists(Struct s | s.getATypeNameUse() = e1 and e1 instanceof TypeDeclarationEntry) and - exists(Location l1, Location l2 | - e1.getLocation() = l1 and - e2.getLocation() = l2 and - not l1 = l2 and - l1.getFile() = l2.getFile() and - l1.getStartLine() = l2.getStartLine() + exists(string file, int startline | + e1.getLocation().hasLocationInfo(file, startline, _, _, _) and + e2.getLocation().hasLocationInfo(file, startline, _, _, _) and + not e1.getLocation() = e2.getLocation() ) select e1, "Expression statement and identifier are on the same line." From df2247ef350ed5fb7e4fa46a3e8d679a12afd89d Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 17 Jul 2025 17:46:54 +0100 Subject: [PATCH 2568/2573] A2-7-3: Address performance issues on upgrade to 2.20.7 - Only consider declarations within user code - as results in system headers will be thrown away, and significantly bloat the interemediate relation sizes. - Inline the function scope exclusion to documentable declaration. - Extract utility predicates for determining if there's a documented definition, or whether there are only definitions. --- .../A2-7-3/UndocumentedUserDefinedType.ql | 81 +++++++++++-------- 1 file changed, 46 insertions(+), 35 deletions(-) diff --git a/cpp/autosar/src/rules/A2-7-3/UndocumentedUserDefinedType.ql b/cpp/autosar/src/rules/A2-7-3/UndocumentedUserDefinedType.ql index f2dd0dc8bc..020d1d4ee1 100644 --- a/cpp/autosar/src/rules/A2-7-3/UndocumentedUserDefinedType.ql +++ b/cpp/autosar/src/rules/A2-7-3/UndocumentedUserDefinedType.ql @@ -65,30 +65,46 @@ class DocumentableDeclaration extends Declaration { string declarationType; DocumentableDeclaration() { - this instanceof UserType and - declarationType = "user-defined type" and - // Exclude template parameter types. - not this.(UserType).involvesTemplateParameter() - or - this instanceof Function and - declarationType = "function" and - // Exclude compiler generated functions, which cannot reasonably be documented. - not this.(Function).isCompilerGenerated() and - // Exclude instantiated template functions, which cannot reasonably be documented. - not this.(Function).isFromTemplateInstantiation(_) and - // Exclude anonymous lambda functions. - not exists(LambdaExpression lc | lc.getLambdaFunction() = this) and - //Exclude friend functions (because they have 2 entries in the database), and only one shows documented truly - not exists(FriendDecl d | - d.getFriend().(Function).getDefinition() = this.getADeclarationEntry() + // Within the users codebase, not a system header + exists(this.getFile().getRelativePath()) and + // Not required to be documented, as used within same scope + not isInFunctionScope(this) and + ( + this instanceof UserType and + declarationType = "user-defined type" and + // Exclude template parameter types. + not this.(UserType).involvesTemplateParameter() + or + this instanceof Function and + declarationType = "function" and + // Exclude compiler generated functions, which cannot reasonably be documented. + not this.(Function).isCompilerGenerated() and + // Exclude instantiated template functions, which cannot reasonably be documented. + not this.(Function).isFromTemplateInstantiation(_) and + // Exclude anonymous lambda functions. + not exists(LambdaExpression lc | lc.getLambdaFunction() = this) and + //Exclude friend functions (because they have 2 entries in the database), and only one shows documented truly + not exists(FriendDecl d | + d.getFriend().(Function).getDefinition() = this.getADeclarationEntry() + ) + or + this instanceof MemberVariable and + declarationType = "member variable" and + // Exclude memeber variables in instantiated templates, which cannot reasonably be documented. + not this.(MemberVariable).isFromTemplateInstantiation(_) and + // Exclude compiler generated variables, such as those for anonymous lambda functions + not this.(MemberVariable).isCompilerGenerated() ) - or - this instanceof MemberVariable and - declarationType = "member variable" and - // Exclude memeber variables in instantiated templates, which cannot reasonably be documented. - not this.(MemberVariable).isFromTemplateInstantiation(_) and - // Exclude compiler generated variables, such as those for anonymous lambda functions - not this.(MemberVariable).isCompilerGenerated() + } + + private predicate hasDocumentedDefinition() { + // Check if the declaration has a documented definition + exists(DeclarationEntry de | de = getADeclarationEntry() and isDocumented(de)) + } + + private predicate hasOnlyDefinitions() { + // Check if the declaration has only definitions, i.e., no non-definition entries + not exists(DeclarationEntry de | de = getADeclarationEntry() and not de.isDefinition()) } /** Gets a `DeclarationEntry` for this declaration that should be documented. */ @@ -96,20 +112,16 @@ class DocumentableDeclaration extends Declaration { // Find a declaration entry that is not documented result = getADeclarationEntry() and not isDocumented(result) and - ( - // Report any non definition DeclarationEntry that is not documented - // as long as there is no corresponding documented definition (which must be for a forward declaration) - not result.isDefinition() and - not exists(DeclarationEntry de | - de = getADeclarationEntry() and de.isDefinition() and isDocumented(de) - ) - or + if result.isDefinition() + then // Report the definition DeclarationEntry, only if there are no non-definition `DeclarationEntry`'s // The rationale here is that documenting both the non-definition and definition declaration entries // is redundant - result.isDefinition() and - not exists(DeclarationEntry de | de = getADeclarationEntry() and not de.isDefinition()) - ) + hasOnlyDefinitions() + else + // Report any non definition DeclarationEntry that is not documented + // as long as there is no corresponding documented definition (which must be for a forward declaration) + not hasDocumentedDefinition() } /** Gets a string describing the type of declaration. */ @@ -144,7 +156,6 @@ from DocumentableDeclaration d, DeclarationEntry de where not isExcluded(de, CommentsPackage::undocumentedUserDefinedTypeQuery()) and not isExcluded(d, CommentsPackage::undocumentedUserDefinedTypeQuery()) and - not isInFunctionScope(d) and d.getAnUndocumentedDeclarationEntry() = de select de, "Declaration entry for " + d.getDeclarationType() + " " + d.getName() + From 1f4654ec5cd027934b0052e3c2f1e3e6a60028b7 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 17 Jul 2025 23:04:08 +0100 Subject: [PATCH 2569/2573] RecursiveFunctions: Address performance issues with 2.20.7 Avoid cross-product on function. --- ...llThemselvesEitherDirectlyOrIndirectly.qll | 26 +++++++++---------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/functionscallthemselveseitherdirectlyorindirectly/FunctionsCallThemselvesEitherDirectlyOrIndirectly.qll b/cpp/common/src/codingstandards/cpp/rules/functionscallthemselveseitherdirectlyorindirectly/FunctionsCallThemselvesEitherDirectlyOrIndirectly.qll index 87f27c134f..e54e4378e9 100644 --- a/cpp/common/src/codingstandards/cpp/rules/functionscallthemselveseitherdirectlyorindirectly/FunctionsCallThemselvesEitherDirectlyOrIndirectly.qll +++ b/cpp/common/src/codingstandards/cpp/rules/functionscallthemselveseitherdirectlyorindirectly/FunctionsCallThemselvesEitherDirectlyOrIndirectly.qll @@ -19,17 +19,17 @@ class RecursiveCall extends FunctionCall { } } -query predicate problems(FunctionCall fc, string message, Function f, string f_name) { - exists(RecursiveCall call | - not isExcluded(call, getQuery()) and - f = fc.getTarget() and - f_name = fc.getTarget().getName() and - fc.getTarget() = call.getTarget() and - if fc.getTarget() = fc.getEnclosingFunction() - then message = "This call directly invokes its containing function $@." - else - message = - "The function " + fc.getEnclosingFunction() + - " is indirectly recursive via this call to $@." - ) +class RecursiveFunction extends Function { + RecursiveFunction() { exists(RecursiveCall fc | fc.getEnclosingFunction() = this) } +} + +query predicate problems(FunctionCall fc, string message, RecursiveFunction f, string functionName) { + not isExcluded(fc, getQuery()) and + f = fc.getTarget() and + functionName = f.getName() and + if f = fc.getEnclosingFunction() + then message = "This call directly invokes its containing function $@." + else + message = + "The function " + fc.getEnclosingFunction() + " is indirectly recursive via this call to $@." } From fe9a48da4d8ed2fc43794726a3bb5f560624f355 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 18 Jul 2025 08:05:34 +0100 Subject: [PATCH 2570/2573] EXP16-C: Address compilation error --- .../DoNotCompareFunctionPointersToConstantValues.ql | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/c/cert/src/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql b/c/cert/src/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql index e65d58a652..5f347d817a 100644 --- a/c/cert/src/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql +++ b/c/cert/src/rules/EXP16-C/DoNotCompareFunctionPointersToConstantValues.ql @@ -23,13 +23,17 @@ import codingstandards.cpp.types.FunctionType import codingstandards.cpp.exprs.FunctionExprs import codingstandards.cpp.exprs.Guards -abstract class EffectivelyComparison extends Element { +final class FinalElement = Element; + +abstract class EffectivelyComparison extends FinalElement { abstract string getExplanation(); abstract FunctionExpr getFunctionExpr(); } -class ExplicitComparison extends EffectivelyComparison, ComparisonOperation { +final class FinalComparisonOperation = ComparisonOperation; + +class ExplicitComparison extends EffectivelyComparison, FinalComparisonOperation { Expr constantExpr; FunctionExpr funcExpr; From d078e04d54876f51559d029b1b9eb691c9ece086 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Tue, 29 Jul 2025 09:15:15 +0100 Subject: [PATCH 2571/2573] Create misra-c++-2023-help.md.template --- .../templates/misra-c++-2023-help.md.template | 49 +++++++++++++++++++ 1 file changed, 49 insertions(+) create mode 100644 scripts/generate_rules/templates/misra-c++-2023-help.md.template diff --git a/scripts/generate_rules/templates/misra-c++-2023-help.md.template b/scripts/generate_rules/templates/misra-c++-2023-help.md.template new file mode 100644 index 0000000000..4fb7b17ee8 --- /dev/null +++ b/scripts/generate_rules/templates/misra-c++-2023-help.md.template @@ -0,0 +1,49 @@ +# {{ rule_id }}: {{ name }} + +This query implements the {{ standard_name | escape }} rule {{ rule_id | escape }}: + +> {{ rule_title }} + +## Classification + +** REPLACE THIS WITH THE CORRECT CLASSIFICATION ** +* required +* implementation +* automated + +## Rationale + +**REPLACE THIS WITH RATIONAL, IF ANY** + +## Exception + +**REPLACE THIS WITH EXCEPTION, IF ANY** + +## Example + +```cpp +// REPLACE THIS WITH C++ EXAMPLE, IF ANY +``` + +## See more + +** REPLACE THIS WITH THE ANY SEE MORE REFERENCES ** + +## Implementation notes + +{% if implementation_scope is defined %} +{{ implementation_scope["description"] }} +{% if implementation_scope["items"] is iterable %} +{% for implementation_scope_entry in implementation_scope["items"] %} +* {{ implementation_scope_entry }} +{% endfor %} +{% endif %} +{% else %} +None +{% endif %} + +## References + +{% if standard_title | length %} +* {{ standard_title | escape }}: [{{ rule_id }}: {{ rule_title }}]({{ standard_url }}) +{% endif %} From 9ea891af74447a22b2540ab95f7e3fff9fd2531a Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Fri, 1 Aug 2025 17:09:31 -0400 Subject: [PATCH 2572/2573] Change occurrence of `std::iterator<...>` to `__iterator` Also prefix the member type with `const` depending on the iterator. --- cpp/common/test/includes/standard-library/array | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cpp/common/test/includes/standard-library/array b/cpp/common/test/includes/standard-library/array index ca4d3291ad..9465ccba97 100644 --- a/cpp/common/test/includes/standard-library/array +++ b/cpp/common/test/includes/standard-library/array @@ -8,8 +8,8 @@ namespace std { template struct array { typedef T &reference; typedef const T &const_reference; - typedef std::iterator iterator; - typedef std::iterator const_iterator; + typedef __iterator iterator; + typedef __iterator const_iterator; typedef size_t size_type; typedef ptrdiff_t difference_type; From 4fdd046e4549d38fcd7949a2d217dd263f995097 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Fri, 15 Aug 2025 17:01:05 +0200 Subject: [PATCH 2573/2573] Fix typo in the alert message of `InvalidatedEnvStringPointers.qll` --- .../InvalidatedEnvStringPointers.expected | 12 +++++----- .../2025-08-15-typo-in-alert-message.md | 2 ++ .../InvalidatedEnvStringPointers.qll | 4 ++-- .../InvalidatedEnvStringPointers.expected | 22 +++++++++---------- 4 files changed, 21 insertions(+), 19 deletions(-) create mode 100644 change_notes/2025-08-15-typo-in-alert-message.md diff --git a/c/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.expected b/c/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.expected index 9270a5ac15..26a84ecd8a 100644 --- a/c/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.expected +++ b/c/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.expected @@ -1,6 +1,6 @@ -| test.c:21:14:21:19 | tmpvar | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.c:13:12:13:17 | call to getenv | call to getenv | test.c:17:13:17:18 | call to getenv | call to getenv | -| test.c:134:14:134:17 | temp | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.c:130:12:130:17 | call to getenv | call to getenv | test.c:131:11:131:16 | call to getenv | call to getenv | -| test.c:134:20:134:22 | tmp | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.c:131:11:131:16 | call to getenv | call to getenv | test.c:130:12:130:17 | call to getenv | call to getenv | -| test.c:165:14:165:26 | tmpvar_global | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.c:157:19:157:24 | call to getenv | call to getenv | test.c:161:20:161:25 | call to getenv | call to getenv | -| test.c:188:18:188:18 | r | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.c:185:7:185:15 | call to setlocale | call to setlocale | test.c:187:8:187:17 | call to localeconv | call to localeconv | -| test.c:208:10:208:15 | tmpvar | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.c:202:12:202:17 | call to getenv | call to getenv | test.c:206:3:206:8 | call to f11fun | call to f11fun | +| test.c:21:14:21:19 | tmpvar | This pointer was returned by a $@ and may have been overwritten by the subsequent $@. | test.c:13:12:13:17 | call to getenv | call to getenv | test.c:17:13:17:18 | call to getenv | call to getenv | +| test.c:134:14:134:17 | temp | This pointer was returned by a $@ and may have been overwritten by the subsequent $@. | test.c:130:12:130:17 | call to getenv | call to getenv | test.c:131:11:131:16 | call to getenv | call to getenv | +| test.c:134:20:134:22 | tmp | This pointer was returned by a $@ and may have been overwritten by the subsequent $@. | test.c:131:11:131:16 | call to getenv | call to getenv | test.c:130:12:130:17 | call to getenv | call to getenv | +| test.c:165:14:165:26 | tmpvar_global | This pointer was returned by a $@ and may have been overwritten by the subsequent $@. | test.c:157:19:157:24 | call to getenv | call to getenv | test.c:161:20:161:25 | call to getenv | call to getenv | +| test.c:188:18:188:18 | r | This pointer was returned by a $@ and may have been overwritten by the subsequent $@. | test.c:185:7:185:15 | call to setlocale | call to setlocale | test.c:187:8:187:17 | call to localeconv | call to localeconv | +| test.c:208:10:208:15 | tmpvar | This pointer was returned by a $@ and may have been overwritten by the subsequent $@. | test.c:202:12:202:17 | call to getenv | call to getenv | test.c:206:3:206:8 | call to f11fun | call to f11fun | diff --git a/change_notes/2025-08-15-typo-in-alert-message.md b/change_notes/2025-08-15-typo-in-alert-message.md new file mode 100644 index 0000000000..a953f3e86d --- /dev/null +++ b/change_notes/2025-08-15-typo-in-alert-message.md @@ -0,0 +1,2 @@ +- `ENV34-C`, `RULE-21-20`, `RULE-25-5-3`: `DoNotStorePointersReturnedByEnvFunctions.ql`, `CallToSetlocaleInvalidatesOldPointers.ql`, `CallToSetlocaleInvalidatesOldPointersMisra.ql` + - Fixed a misspelling of "subsequent" in the alert message. diff --git a/cpp/common/src/codingstandards/cpp/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.qll b/cpp/common/src/codingstandards/cpp/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.qll index 0f4a98cf6f..50b27d819d 100644 --- a/cpp/common/src/codingstandards/cpp/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.qll +++ b/cpp/common/src/codingstandards/cpp/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.qll @@ -69,10 +69,10 @@ query predicate problems( // The two calls are incompatible fc1 != fc2 and incompatibleFunctions(fc1.getTarget(), fc2.getFunction()) and - // The pointer returned by fc1 accessed in `e` afer the second `GetenvFunctionCall` + // The pointer returned by fc1 accessed in `e` after the second `GetenvFunctionCall` DataFlow::localExprFlow(fc1, e) and e = fc2.getASuccessor+() and - message = "This pointer was returned by a $@ and may have been overwritten by the susequent $@." and + message = "This pointer was returned by a $@ and may have been overwritten by the subsequent $@." and fc1text = fc1.toString() and fc2text = fc2.toString() } diff --git a/cpp/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.expected b/cpp/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.expected index 36c66a94fe..b183ca7c42 100644 --- a/cpp/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.expected +++ b/cpp/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.expected @@ -1,11 +1,11 @@ -| test.cpp:21:14:21:19 | tmpvar | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.cpp:13:12:13:17 | call to getenv | call to getenv | test.cpp:17:13:17:18 | call to getenv | call to getenv | -| test.cpp:134:14:134:17 | temp | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.cpp:130:12:130:17 | call to getenv | call to getenv | test.cpp:131:11:131:16 | call to getenv | call to getenv | -| test.cpp:134:20:134:22 | tmp | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.cpp:131:11:131:16 | call to getenv | call to getenv | test.cpp:130:12:130:17 | call to getenv | call to getenv | -| test.cpp:165:14:165:26 | tmpvar_global | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.cpp:157:19:157:24 | call to getenv | call to getenv | test.cpp:161:20:161:25 | call to getenv | call to getenv | -| test.cpp:188:18:188:18 | r | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.cpp:185:7:185:15 | call to setlocale | call to setlocale | test.cpp:187:8:187:17 | call to localeconv | call to localeconv | -| test.cpp:208:10:208:15 | tmpvar | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.cpp:202:12:202:17 | call to getenv | call to getenv | test.cpp:206:3:206:8 | call to f11fun | call to f11fun | -| test.cpp:216:16:216:17 | r1 | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.cpp:214:14:214:18 | call to ctime | call to ctime | test.cpp:215:3:215:9 | call to asctime | call to asctime | -| test.cpp:226:16:226:17 | r1 | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.cpp:222:14:222:18 | call to ctime | call to ctime | test.cpp:225:14:225:20 | call to asctime | call to asctime | -| test.cpp:231:16:231:17 | r2 | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.cpp:225:14:225:20 | call to asctime | call to asctime | test.cpp:229:8:229:12 | call to ctime | call to ctime | -| test.cpp:240:16:240:17 | r1 | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.cpp:236:19:236:27 | call to localtime | call to localtime | test.cpp:239:19:239:24 | call to gmtime | call to gmtime | -| test.cpp:245:16:245:17 | r2 | This pointer was returned by a $@ and may have been overwritten by the susequent $@. | test.cpp:239:19:239:24 | call to gmtime | call to gmtime | test.cpp:243:8:243:16 | call to localtime | call to localtime | +| test.cpp:21:14:21:19 | tmpvar | This pointer was returned by a $@ and may have been overwritten by the subsequent $@. | test.cpp:13:12:13:17 | call to getenv | call to getenv | test.cpp:17:13:17:18 | call to getenv | call to getenv | +| test.cpp:134:14:134:17 | temp | This pointer was returned by a $@ and may have been overwritten by the subsequent $@. | test.cpp:130:12:130:17 | call to getenv | call to getenv | test.cpp:131:11:131:16 | call to getenv | call to getenv | +| test.cpp:134:20:134:22 | tmp | This pointer was returned by a $@ and may have been overwritten by the subsequent $@. | test.cpp:131:11:131:16 | call to getenv | call to getenv | test.cpp:130:12:130:17 | call to getenv | call to getenv | +| test.cpp:165:14:165:26 | tmpvar_global | This pointer was returned by a $@ and may have been overwritten by the subsequent $@. | test.cpp:157:19:157:24 | call to getenv | call to getenv | test.cpp:161:20:161:25 | call to getenv | call to getenv | +| test.cpp:188:18:188:18 | r | This pointer was returned by a $@ and may have been overwritten by the subsequent $@. | test.cpp:185:7:185:15 | call to setlocale | call to setlocale | test.cpp:187:8:187:17 | call to localeconv | call to localeconv | +| test.cpp:208:10:208:15 | tmpvar | This pointer was returned by a $@ and may have been overwritten by the subsequent $@. | test.cpp:202:12:202:17 | call to getenv | call to getenv | test.cpp:206:3:206:8 | call to f11fun | call to f11fun | +| test.cpp:216:16:216:17 | r1 | This pointer was returned by a $@ and may have been overwritten by the subsequent $@. | test.cpp:214:14:214:18 | call to ctime | call to ctime | test.cpp:215:3:215:9 | call to asctime | call to asctime | +| test.cpp:226:16:226:17 | r1 | This pointer was returned by a $@ and may have been overwritten by the subsequent $@. | test.cpp:222:14:222:18 | call to ctime | call to ctime | test.cpp:225:14:225:20 | call to asctime | call to asctime | +| test.cpp:231:16:231:17 | r2 | This pointer was returned by a $@ and may have been overwritten by the subsequent $@. | test.cpp:225:14:225:20 | call to asctime | call to asctime | test.cpp:229:8:229:12 | call to ctime | call to ctime | +| test.cpp:240:16:240:17 | r1 | This pointer was returned by a $@ and may have been overwritten by the subsequent $@. | test.cpp:236:19:236:27 | call to localtime | call to localtime | test.cpp:239:19:239:24 | call to gmtime | call to gmtime | +| test.cpp:245:16:245:17 | r2 | This pointer was returned by a $@ and may have been overwritten by the subsequent $@. | test.cpp:239:19:239:24 | call to gmtime | call to gmtime | test.cpp:243:8:243:16 | call to localtime | call to localtime |
  • - MISRA Compliance 2020 document: - Chapter 4.2 (page 12) - Deviations. -

    • Vm}eIm$7lI~&@dSkJr8(}`=S$fqO&_uSkP?C;Eq6Apq8k# zH;E|s9e2n~9jt-Fd4pM9sYMNYdZS)fjnu|&0osc5a!VzY@r4MTn{#ep%0T-elKE;rl)190;l|F)+O0`b+zOC8fw9cSXv)z*_9WmT33TnBb26TbeK@ugOS0Pk)eZmF3zG7cuCt+aVjJ(3+?CA z`CPcm{4x_X($r=yJ#cZN+Odh8XXrYm)gpk3WQz0am3NFGluHh!7%|dJxm+x%c9xbY zaZ1r(TcrrMjCXH9+QBNhy#gb>o>;8CmEO)TxW$Ul7ZWu0c2n5o{^4r#b3H9wCGwTM z6i2{=L0Nl9?Fw4>hv6;5h_b?9y)SmO&YBo=f<0Vw!NFlQG*PK{+wI4aPyBgz!ZVc-6*ur z+@V`9gDe`#ZzTxb(VX1V^AV)M6o`wSEz7(D( zwx!82$qLO^FBjN-FykfNR&m)0$Wq2X-Fj#%ObH zuLdkqPd|6Pw$+q!N@9qoI|5YLbZ zW?P?AfI**nP99S@3mz5U>QH@Z%mW$Ijo9a;lt(lirrw$kxX)U1`v%Xc_^phK>mv54 zY1|95E7|M8#1a{osa#3{o}>|B{h=o1DPp44b9Pf$v(dv0M^ro(eTboLi*)f+T&#r6 z1wlLWo!q|8EyBoSHRP8Xx2Y` z>VR$Xg>sC=(ck8Zr-mD``#!7Iiz&pofDr6U(^RYsM~%<<(by09zRlf!j|hyli;QgmPw{=`fo(`XJW1kNgzJzuB z6nCL|06vzj*6|FNd&lQZy>X7uf1+>;7Nss!zh|7~zSorbDlOAgVJO0=u3vi4Ayz?7M442- z8_0`4Hwo;K`|njpGkC-AQ&(UvhHwR6q*1fu&Jm+CF$MB#)AKSq`$lOqLB5)jCP$pA zgOB&Ij;%|m&AZPl~g+nQpF z;=ZS?_U3?vo)FZg_qdL==z9=d*Al}NDZ+EsKeFsd?2@4=ndJBq)q6j9D9aMc?l0Dj z*Q{P$X!fS{9ao&&k=<4?=>hzlPgsELU4+lAcUBZ*5o}Z345ywR!lFKO__*kyBmeWy z`18lPpS^e{oGUN7w%VsgGvt83e~Skr84)40*yJWR+-VpHe4nmNV^gCE@pqy3-k@1) z2MZc)7KZuav{rw=mdt$N!YmiLr_OAy+LO2iECY*_bMe>R@Cw6ulU*LIq)w$ z?IMzlVA6OT%UaN%{efST&}7_X#c0A4?MdXmx4T_q$&7TziFLoq77;B|ST%6C+c!K{ zZAd7tPtRX~<4U?5sUa^0d@FBFww$y< z)_(}~@W`~vQwj31;-#kFRk>jMB$gx7kq|FW2Bne+M=PYtOC)NRBqM=46Z?oXP{3R&8lqjxT8i4YDk@;Xc9MyvbN#Rej-A z37l7b6PO%25!_At%Te)kRN$;KPtLN+Am7Ta;PSEaYA#LZ-ktwX41$!PUK9 zzH-mYK8m|ygws1X@={Rt#Vd6ayFjanPPan?wJs0ui1b(>6Ed!=dKT=RUM_Oe;`EG< zQa^xBUzh-BO-JlK6O&vMb#9kCw(QFG-F89npTzz^ZEUMCutYjZ=f`jOI7_G{Ex&LIj8IdMc)H-MMF{F3EF<=8{D8iWEEhN>#O zJ{r0v@;!5f@!O6#9xG9fKMW;`0j}Djpl|K>SJC`4gWaZwGY_2#epoMKKc;cFsjOLG zL6D&-HI?yN-77aK-G;blwwA)c`T9by6fDIl8OkgqPR~U5-IzZ&byJUJ^}3~C5`Cb< z%H+40tePq}ssFqd9f~@Utc2P)xfDwKhcu^DJ^S ztcFWUyg<9Le-xPhaa~-K%POSK)(y+$OktE4WgHv%9-xEr-nXTXmjg{|OAu@i9C+=1 z49|j#LH(tB!2>oYg6W^U?x$KaMNZwf61qyqq1BJv9oxu z>{QUvgE~iNp{^SxJ@vX+CwNfyv@T%TZ`V&hY(kYiRjs`HmdPLMxgJyuelqgLHWlpe z_$zA~F6io&*KNNDIHc5t&_+){!(W@xz5$i+s%SQX(!1lZx?M z2fe0juFVvwXT3QC=d#Ki<1VeJQucYZ(fWsb28v(&60`QMZ7*4u+1E%gl6*63ym_@D z{QUcSbKuh3^TsFkG}9prwFm)9^RWvMK;GWxwE6%WvAH1PPCckLc`}c4;tX5J&uj(+ z$>93Ed065hGaW>mdf;)owQ=f}HgJB`Q7Rt0o+F6abnb9qyJ^L5T5U3+nBH-l;CIh3 zm-?yYYwV!$vWNLOWgpaz441Y@O(@H9+|*mcB%CTRxTI#0-m!IajP7aY{E=(^_yjSb z3P%*Kc{Sps&-0NlMMUf~S;$0pvWiUt(Kx&gWk~l8BJ!HsT&^EC8}`c(QZ4Yrrt3I2 zj(`T7T&>ErA7xwZz7?XWa*1<~3^nvuY0{#o^3=5I$?`C2SApfFO+|d~p=m;1`Zei7D`WoS!M?wg$rAGA7VnF6s$Hb~^J!Xcc1jq6> z%W7BKxkP4|$hX*a^&ci`7ir$8AG+LZJ^7@p28^k>npk}`aeGRw799HG1%DIEMtNNq zxgF06p5i~{3Y4a%KK+8wuY(-#B1$ai@1e8P+4qlyVqHtVW3MhZZ&LMju)^^~IA?s& z2ZY~n0_Vu#<$7z4RH1+bMN)t`f3(yUk zt?Fu^yQZEsq-LXwQ6sl4SLE4k4ohF@C(>y`pT4^JAfOpb$SRUOiHPyN_-L4w(WXg2 z+;dAYr?Bf2Fk1GL2>YfZOGe?F98K=MY^KdV>&>tez6e2KqyD%cPo`iyR zqQg8z-?>wnmtq5QjTxtVAi)7SXu-gAvb#WCb_y&qZdaOh3E{JRH0 za5w~Sw5d!l@zhgMoQu@Dtw3^JXlMvsD2g_Ss(4Dki(8EMYqI>Gv+oM;8O8^e0=#}9 z9Afa%F4G$Ymsu-6no9`3760@j zIHyNP7kD6+MW@D&|MqqcxuO|bQU{)h;`}TQKAwe+he*G`Lg^@svqIT|?*Ely5lD*$ zz{Pw99F8iA>gc21U-CWsOCj-hT<}318Pz5JVx5qS^YePFCy?nTrf{m6L?-NJEVxTQ#Ykk0}C_g~LtPJeyMPY=6@V!6E4 z=nt#$^H=_#zgWD+Wca%8gMYnbuP;1e^mT>Lzuz~1ed_8b4cn)t)NF<9U)RDEGU{A% z2eKEx+k*eSfVC_v1^>8HLf3yk`QHmc4cq7<1e1Xl%$46hoc~-PUi%C@BaQ{~vVXl~ zE;+30+>6*3H2)}Ae|Z=b!LSs5_Cu3A|9Z)Rd@I~1|Lu8ChQm@=H*8B}{_7>@ zBw$@jUMD~L*XLbx36|pj<`%P_4j)MB8auuNR9{n=31te7C8prSiVVy$g;Iq*EN13k zA9LD?c#RaY`^)F-Ajl3t`Z9G6_b1Q>;}K@R!&C?_OPV(7Bmc72zDU+_ny9bH@4R04 zC*UhIHgaQR=OKVti|p^@EZhc3Pe13^%b2FJ1p9wkXVSjoK4JGs`;PIj`6q+$(X=*z zhEfbB4-WuZAi_5KaQ0tr-)SjfTX6AEw3%OH`F~DJ%9JQ{^$9K zK0D!q9;<|g#VpvK-?1tH$F94{{4Xm(#inXq^gXiv-R|YDBQ~Mia14*y(***L_OlZ_ z`HUc5mekBP!O$hRo$crg{4BBpbGaG%&9R}p-K2Qc_c?y#!2K*iLKHm2xujSJ!-6&$mUEqSH$NgHDaK*o5+9gqZ?DmrBXH2bxw{(Q zR5fkxbd}gHRAx_ALvOzxazND#^#W4_JF)`eQ`v%dh7ee6qB>uEG5Qu3c|#52ZvVz; zfs@h9H(+j2l_2;c*q9ibMxv4|5Cfw7$G|GLaC>`be_jMc4qA`O;l^=ss&D@J5onxF>1%foyRKORE1ViAnmXu(^4dng?I0m>Bj*ZRzCkrGKE?xEWWT=gfQ z`_cqoo}XdbeG@FH-faVb)(?jH13&k)&rLKv{zCdWUOXbSU676lH+KAFE}3p;B2 zy^>lA71%24tL0|crSDt{4_hApaQ%i;Kj5J1bGL+|<6QRak!gq}u%86;X~ulfXd-tC z+x}KfD7S@CfbXLbS&+9e#cFIG>2Z=jzc4;{Scw`2H?9JOmrI?M{pQX5N?aBl#B)SC zkN*8SN``Ojy0qHWtd8}Fxl=zjWsk>1eBi&N%MN2ME@$$u6aiyJ+rd)#yBFqu-)gI@1HX~r2=Px7TsNh_Sm;B*cmMpO7dtKL=)yu0JFJulMU>sDgr_LO z_uW-Xln5sRFG}h`ySxeDkwBZdUY>j-0aDz)9Y7+Gfz52=04nGVaKNo6_fE^)BlKwu<rDUTg-L*}}nY3=h_l#<+{#E)BYw5)mUN=?rqyZ|Zz$5#hA29&jYt_ynN#~Q%f6h`!!;ZJ7YkUZu zZ0!$lynvuxgCUBzt*Rw87=S+oaW_6!10V?eumN7ky+c z%oJx)(Ok|ty`wZ%sb-XZC!c-Q^3~>B5UD>2RwmmACE@8l=81jrdY@B?=Gg-T-?%BG zreaM1@1K8ql)(HaqW{Q)qEySP`!?;LPb=!-6YXy`0zQud-*49CT*UB$rdMML)KuSx zM4j<;lC|D_!ce>Bp@j`<+$xd2%q~u%JyDq32%HfYyQ&9b>VR2)2rMsXQ=MR~aIJV^W`%lkID>R%EYQ7mI! zm&Q+Mnj7j{dThx_4m!`Y23quCX}<2kfkxbE1#E#T$NH%CsZ+Q@fML>YLc^uB;R2t> z_sRq&{KpZ1;uhYdR94a%|8RBu8ccZOJlk1Ndw0%V;s=*xU6z&}FEbam^dmm9#``BL zow)Sd+~*?gUx!QDkIlShdc$Ug|Hqv5<5ju%@fbXRp|yK;FYS9$ zGI?uHwlO6~pYf)EDc`1UC+IyVP*oTBYm_(Tq@4Jxu)J&UR)QFth`ndPW_Nqt7P@r4 zU2V0<>?p)`*-pBIkw`^e&n36_LDGv5Gax-$-_^7U6##=qjp--ffH1dKe*U{{e4am( z)MEkP;pBRNPZ5JYE?pVpi#H^2^fz0N!+3ExeZW8PIxz#)d3!2Snk=FD`vw9o?HQpk zBeJ;>k{M?{?*`S=e?IU;<3mJ~+c5RbO`xj{zwfr!p{mXrdzY*T_DGEE878pDs}`_k zW8Q`|=|%;C47>gVhLF6Doq5E<23R8H6)V7^v~&Lquf{mU!0CWSD)!>ZHwHn{B#7x- z0mQ0807_b%Aa)4*H!#)_AW>zglJFU)6!k9H)Nhrh??%Asu5Ed7LmCwjxyV%Wwl%tX z44h_swV5p21d-ST+LLO*F-M)}C$+a?-Ox5 z!$Pb3%#rkcc0KcayRw2!X6e$)C(!=t2Q!QZDfa?6#pCiTWw{!^1Kaj|4v$;h^ai9X zPBFcUr=#!GNbJ4jj$DRb7D*H$o$^M%4VMmOsMkn*>KS@ZM|LnLS99cFUU@|!*GM#5 z?WQFRXsO>be731-jx_i#=R=}VZAWGg?a+arJw7>(YN8C=g~7#AjjA2KLg0^fN9CWe z*LgJwQzKY8%D6#@7ch%ZhHb&8scKnBnN^y`BrvJ#Oal<4=;x`qBfT+j@%8mF^c^@fYubfw^<5(PmyEmPYzk_^tpUG| zLG1W=3*QYE;WUDX)f11P2ZrAoGzw{gW{`paE`6lIn;=1$d3)nq{RRkc>$la9M*!{5 zr37$O-smj{Wh;qI2kkGsw88THsljatdHze!TaG)YvD{$`>1%A2YI?no^fNpiT!-QHe0S~#ta3h{+f+bG44!4@`=9oV z>|Z6_qH$cHFr!fyln3Xi3{bc&I)c}{uSEn?TiVts3BLGlja*}Evd zO2~~Tl z8JhFE*dSq`$Hh&jbtBqF|-^r!3r)=^}{f=75cRBNHRug`L|2FrmI zSGZZjsxdTz&@D)C{NuG(cSXLy_~Tis{S8Syg7_Rr{8@9(t@S`b5ZK5+^ImuermuzX zf|oO$O}nKMdj-;lc8*%Q#I=7W;#yS`u-N;8=DA;5rL?0Ns?a7~lJw5Vv0st@=@_|A zQbVmUv=GB3WgCmodbptt7hIm~H99m~S9CO6KZtVizhdq8FQ>^564%I3y!>0#GazsD zqVC+m)e(BK)?jS=l%(yJlmKL^`bdPs8$Kf*g&7K3N>yA3M*pgtp}N-)Z8NY;<9g(= zwUX!TJg1aSBC~b5hHxKvn&{bO0|R}-`oy3~htngG_KDoNH-*oe&IIu>w|{NE@UUPq zXYN!jV#N`}#tV100>`LHYlfXy&YaR>k8zi{HgV}1{| z{dL;!+>EEsk)oGHLz61O*6;H24Vv(WeUQ;u4Gxw!oUXgk3>4xK)q9WJ1L!E_P7fR3 zb>sSGQkqm7ZPheoT0BM1u)SNajq4e-0?gwsM6lO{KC>~y8F*<~V%lRa$b2d53P@3& zOw{MU8QeDhaBdkXYX=+Tq;=76c)usa18T8($%XB#6k=4CLve^s{v{sQU5l&-&P=w~ z-VDNDEqkWlH*ov^qwKxov2Oc6;BryMRmo1I$PRImJxlhUSt*<{GDAj0M3lWwdyhED z&W_6Jv{z(guTVy^pU?NYfA{aXuiw*kzh2Ml)qfeMj7)tAlJI-;O-JEtM%MK% zqPg2K!da0b$Q)8jmiRHKq`nn@S#~a#51+Y*N}YwIsQHx`ybSDjaOOV#805wCfDZ8f zVunEctxVKFvzpP>9%?~$qbzkRu7OX&Si{irxkRbpE91pb3Gu1?bQDgkq~|nQ%G^(Q zj&88@pyOxAE;q2sjyXtD+E=CfZ`;-;$mwMGe|dAExp^sye|tUhz%h`CDd3;4eE2#P z0BSE$RSCW_f5Sok&rhel34ofJkS580gYZm~t~_V)+C8lGBem3?oz+kHA**RFBOIycZ=lO4myKJwe+u zBYgg!KF0~Xhv(m2(=_y#XW%4MhLRj96Or4TdFBpO7K&Y*!kBx{FBrij)iI8O!fB)! z)6asCD?5xu?2Cm?Dh%j7#zDNiJP#E^WDyn=M$8LI|NIs_2st52J<51%Pha*cf~|tA zN{+4{7@;w6tx8Gno0uaJ5`A48s4oc{^pF zCX;l!NG^6hU7hwLf0PpzvbCm|5*{5t>!C}%2et%1x_zYx3F8niaA z#=o)Ea@`Mn@sF#jBAuqCwdJQOW%?&64Zx0`@OjOYUTJd=80vi+co2#xi`D>4+s3{G zq?8_A_3=RqpRUgFs7-M-BIY@Sp2XV-j2iJ@AON=IHE(EW6A}xt1~s_Lo!H&w{hjr7 zNH!1_ z7bkA4h%|Pg2!OH*yXe#|5Tmz$?_)8U&KksE@U#yPwL|SSg-lq!TZyf!$jWUvHOnCF zO(vu6W5Ji#hv+kfg&*n0LtSbN1A{ramN$`XqB9pQ1$HELxL;ZY$d}>Be-PISZU}M} z{_MWHF27Lwtu$mGiS&Yg(@+qUOs-i)RW^4K4SM%C=)J6ly?caycW^GUA;JG`^wTy!BgzIcg~l@hEb^@Z*V*ABvpV zfzmg|5sY79@Pq>lJZemYkh>@QWTk+b|6B{^EOIC)s(HNvT>HI|tqk2e_Wyw{Z*ndT zQXAW3g{uXJ0?^8Lg9~+A)0_@=ryYWi0?zo8?t|7a0=u--$wp|)H@48)2w`Zfxq@~8 ze4DTSYc@9Y6fp~xZHysrVQbeFzNs}zt{C&deA)%X;(m-KxBQhX&!4bb_21-j?pvSf z*J}0ceKp z+diDWt9#ok3-BJ&^WY?5vy8(UOrJV;=^K2NU?a&C9Ln%#8d&EyivYNeV!b#Ai1mgd z5j#0@6copYJISPjRy)ALMZ8$H6Z&{lyznn#bT!ST)a>MG*7lRwy&? zRHi7Bf8Z)qJZD4&nHxKRKt^l-0MMWYNvH!M(KwN;bn^l~7E6BufdGrO6dBk}%S(+| z^q_f~M%w@b8>%eq8tG@^bOh{GEi)V5oWV^mm#*t#;$vk*6?G4?9`6t$6qG^^)f zlro=!ZR4ms3Pj)4%1s4yX9W&HgfqdASNRX35{Zv`~Jw zu;W!aVS1zqlYj%jV2fg^dTj$Jb=#ClP5PY4hxYli6F1VYawWw-6)vO4lSsvW?zY|b zmhUj}`tecU#AVT}UuTOxj;<8R|=KI0n0I3*-!UyBXd>^L(`A_uj+n$0Px}$_}Xy!OG0L4ywCY zOnyRS-Dx@pDdnn|EoQ6TD3A5VdF90_>;O;x5xf>{IOS+HJ&7*@nvo`-6kw4$8ML16 zI%1qB$c}QpwJS%EVuDnvg$+ObN=$#b8rhCpkO?V@&)`D!D{vK6Ed+q1D0}v3V3ZoA zH=n97sHgO1+|XMU!H+5^a{v6@T0)W5c8xf_ok(7v<(>oSpI;Przk$I;O`#Zx505YM zLM*TfHL7-Rr%v%`>+OLT41>u}qjJYJ*%!(w5)!p-HtG7dioHgiseCP2M!7CAt~;Nr zAmI(kSszQuJg5fkb7JpbB05|-Gi`Y`$t;=n7|7L0nebhRlDswdY6Br(0#q14v0B27 zV$g|~n=wFREbcdem#fI3Q1b?Udc&v}$kGf3hJ*I)C3rK!jaTEJ?0yc#D0Sc{bZ+$C zBDa7u3teYopH;um4xlpiuF?w~{>kj`=fl32B=c>bt~;yedEfivWUkb6RvLM)NYH-lL-~#hSJXeK56VxS z$M2j!o$&^}sdauco+!InY_#|M^7;M)?x^zcmJ1u!tg;gP(??1e($OC4LkIiv_p-s% zPjE)M4NEm$Uz}6MfC_P}(~MLwHKG_Yb{mgZ^ZQxCg+JHa7Qs}803~6A(A1-k*!#Pf zQNr`Z3Zyj_6p^0z0VH;@+>fiztMzE_wj%;?VcG+-NEOq&!Z1AU)4EDTcJY>2Q9B--zGUV zDf@qPmGMM}aw8ML`lnq!?r$w=^*x`+{_QE=Q;4(@E6KYBclnyg@gI_%SgvDxU{SQo z^__FWVuJ0=e3FnM2zD}imH~87i!w7J4!X?W{{x`RS5{UKYI~NwJ$JCjDm>$+%t!tQ zF7`E^UqJ{cAN9mYrk+1cSl2EhHOAYJ zfExcWF85a5>Cq;2ZhYU`HLZycdewaNOEu9X^A6*iJ!1VuiI1v$Tkdx?%{W&fND+OC z>-h(9PbKc@bs!@O1Cno#(r1h-dQ9fMg5N0~l_4!^ws9rip&#W6TBW%tRDB4-zWJPs zS%BieI)c?GT&Byb(|kUuHo)oDd}{eKnH|00_lh#YbIkzR&#Xi!2yCiN3qL4)MLc>Z zvO$nySd8U&b)+wv8Jey;>$tmzecb++9T4)(W_cBQeY%yN6e-tcrJvuqOQ+?mr|H_3>hGUrt<^l&dw$d= zMZTSCEgdHg7`a=(`%h(pr>6sUMK)yFsqsjhw@h5wM%&H1KGaVaw(;vVn105PQf{JqxTbPBCU2uQQKz98(F3;Mk% z8Zmq)6XDOe)0WVm`!R69B1C@lag+Z(=hI{i-HSL|8IiKaHDqdNarSxgqFThvZh}mG zePT3+i+BSf?k@j5)m>bBDXOUor6twndf@{f+Pe+&72AohJr`tg_bST934SDu_=o+- zXoHDB6g-KMms@Urz|Xw0j8lGzx?&}!_u*TY=$8wS=1|BI{&HbgK0(h4eTfBa_2E#@ zqK2oELuAMXZDa&webW4MzcuMcR;Ke|a^xr8-diL0NIG zOyC=Ei99>22uWoJKghLmCF7op*7@Jvq!0LgRbLf_@6pOh`Bji!U4$Ecs(d7xc@~Q5W?T>V zD+a{*sJe*aDdq&H27jfFYIpdqlp{K)Q{n5R?wj#bcCGYok1A2kOXK%Nc{`|h$yJVa z4`HZV9iNJ`QLs2W5vRM`EN5l1VUb?3NtY|1kh9+^LhLVSOWbAZMrL8*?#eS2WO4tt z*BeF9rH2nzia#H4eo(}zdWYz2@Rq~`?dk>PBT(hY;K%v6G;@nL_^+@8>>TAA`ps2o zLcc)4`Ioc+36qP=Kwrw8HNtyL)Z2Nd0JVTM`8t`9rqMz8WR!TmxJf}M?z#4xiP#f& zWZaw|tb`=Kx3cWA=zpEG){1~D#a26k_@TSsp|NaHBDwbFX@9QK_1Z1(ipTPC*ZGab zCt-nW`p2m>AIIOhS_Lj75$Ctx5@Y>t&U6%iFAnsi>5orh)nqhw{79K@RRt1`Xv$MI zmM?eNU$}=*$nusvlY4Y-9@4ghZ>KM4Y)UJ>ugfUP!xMi$h)=Yf{h4=RN~f{gFI;jm z#gzo({D5^%hUunA94__NNcBM5jeL^dp;nKs0`irxWv5`8nsBlgA?t8Y<%6hYgq<&; zJtx}B6$nA#9)R>_LR_Bw$7j}ncmFvrD#L| zEiCv%{vpla-WzTnQ#N$Y%u5Lcb9huoVCgKKw%HEEzaA;8$oBQ98 z&i~;J-w8Uwp~fBx#_lSZ_fC!ctTe_$RMdOZ$V^Grq@KN!+N z3|=H645c@I^d=2d$UB~iD&H22|2 zy0C@LM**IgdHTd@K57?`t5peK6+ZNam&9ne$he-gz7tQtyl0a+dkC&g%?+_Z^_a<% z%qTP*cSd(U%5ZHz=bNg}Hm34uu`pOhR1)ZqGAXw&b&ITATmN7ZeEUiH%+>K1{cV+b zzulz#egKHyR;N4TBA-U7Je#+NaBGEcj0+;?7{0<`lK$McK}oaZsPB{K#ITg)bX++hdSi?_#oh=xITarC(h=tT0F;H)m}BxGXd z>Z}lN^q0Wc4A0XwM>3Q?qs}R_o%31528!r3m@)66_aZVa@JB8qP zh(FC}D4|&CWY&(;FZqZFJ-#6$VS?YaSnn1uoBI7J6Ge7C>LzA<^A~Tr=T9J_TP6~| zi(G`{Yjn)MUGrH=L!O(c9=tsqDgE*l)-?LKwUHXO4=-93}`>?}vSVY`B7H@WylkF$7&sC!YXFm@cn zuEe*w|Ft-gj2lI86NefxkFr36!)nTf?Z+P><|ZcHc!1t+L3Ksaxw* z^-9f~Sod@{Rl_TFg4;#7KwuI%Nt8Q%6eOzWogD|f&N%CB3LIa;Ryz^@4ubdXy(Lv} zl?aMsS0ZzC3kz}5)yI5gqIUpIMSY?F8n9J^F0e*9w|%)!K}ME96dAc8{WyCDM!hW) zyr_%>rPd~O_NXLYZ`IoKAQ~mWry~Ffk%`plBMudEZ3VR}KaeT?dNhdL+p3G!GMWFv=4PjwX_l<{`~ltXJMeEv z2fj-m`KB93F547^Z!m=dXdA8h=K}$+>g$gddvIPSKk#wbG@K{}6oj1$nF6fT*I8o! zFT4hU6^oB_B(J_9;q!9QZt{lCzBBeHHsj`D|C2%DpNhIg)H*|dZr<9wQLG+ix(7$YOXIVg z-2&)UYnm^9!g^udc`a;nett!P6+%UWy~Cb}2nlsPOQAJQI|d4$2_mD4f|a~GAT!1bT9 z!XGyMTJ1?8t2{6H@?ibt-!|Q$Ql?@qeg3rmEUcz7=p8s?YtBjhdWRumw44uwbiHv- zr#kCqXGrI5gho7c^EZSHta^Lmj|FG8$BrvU`|2X!k0QRf5#sgA z(l{0SSoiz23Q4QVKfcZR>owe*rPGsk?v7S*{L>@FT&+?38PVaPbKD-wh2+DCuyANs z2QZ8+qIyG{xt1mMekokL`#ohD)p-rqz`1Y~wU=y#^>GR<+Snjr^5Jr##afOjpQ+F- zWbd=xiHw@0t=HSOqXhz1@`mifBK~i?!2r0#b-#w=1KDqkj~fd`l}UN4lg%gkM7YwY z`A<77axn+4-m)HU=y|+P8m`&prS_|(^Y|4?5+Ym98~m0r*CC^+|Maoo+n*!IJ@!%+ z4}DQm*S>PwtWKP9{^mO@pzz)S62SpK-~Q3rI}dpMl<58Wf-ywNNSB;J{kv){4G$Uu zj;FVPd{3Jpzn*$Y74MMrwFdVCOW%>Do!}FgH@tGqYrxB$(-C$yUpp)G^@QcwjAY?e zS7a(B;M!m6*m>E{BK!nmL)bgu!&ZP7+ykXOU;YKN>3COFuKBIpyQJ5(2&d8=r>Okt zm8U-q?{Ai@Q!!1e%=M)=;v0N$)fb{J-y?)zgW_(zJ~SH~uaDptxB>)QBWTPN(1cXI zH%83KEkpeg&)i(BiHDWo`#({?j0r819G^#>J6XZ}u?ard0&c3N7KGn*sZmJy!v3z% z+S{2rO=$@!WYFe1!#lcSy#WTkSH}1(@uqlH(C~*DKfBNWo7H+rj{m*-y6PDE6p^oE z;yYm1mY-Z~YxVUzple%lHk1}6EB_>Qb|A(Fd=i_oS=V~({9!0>i?RD$%u#}?AP$f) zi3W%Wtp=j4Nt8lYm?*5`nKbd~03^svlp7faH4do?I@6}(mS4~PW{Hr`l#p}+9g%Qw zs#hEy*$q74)Dk_RL>)(D;t+|u>UUqdq8?CgJ5ZB(??_dTTC~WEQkknR0rM6VOfZKq zLQhISiFlpr96FK(V@{S!PYg$8x>|p=OsvIGo+OMp`cccK?USo&dpX23=yxZ^Ny0}o zc=8n@IBZ5HST+Ul5y%CkhWnIMyPym-Mnrsw*8;|b#x#p@NW!R}D!^&q!bsG@t6|Yp z#DF3i*Lg$fy8jCqybFkb?Bgfkwvw30lnZ;zH5+r&@}JzIB8hjX1Z@P)eU#zlX9>_O+`+s zTv@0`s@uBT|0KDje*t?q^ikC!C;nx1USEW^6ICmEE5$tnGQpMNYvnyM%9?_ujo1&Uhb0Wp3~twT(r|WPH^FWtM8|gd%8`f8hLm z&)zzbN;JAVpCSG>=dR1^Jlx${^?+^hgGElY(+$f&?w-GV_3MAr3oeM~NtnLGhzj)&x z_nL`VAHhho1VALJfKKeLbI$@2eKIxoFa^dg9V{W!8GxC3PSussU-wTMen9eD$_C%w zDRT||*WqH1m+H0g0#PR*j*c}@d{k163xh6i9K<6_XTgM11qry-_6@r&TyNgtO;kIF z;9REw@^Ry7JSa5;3Ne|2?6)Ng@^{{X6IEo|II|lzMn9>(WwJ{Wj;?ue3t^K6b@JZ$g}w8KAq=dX|xXOl6+$p2bj zzPu?1S=NR7fC-NQ)VYYb{b{Y!|H%^#9$nXeIXhP_e}|G(Sa^XRlpFhi`-~yz2poxi z3D(h4?%;-OD7yFldA0Z9UNtB~8*^$}%&%Ze!4fx|yocC*YGE?q%l3IuFGD9C2=%{P ztS^7s8FFZCB*X9_G^)sH8XBLFg}ff2IrI4Ka$`EvzxtbTJnSVn&QqZJ$+ zxs`;#(R0aUg;CJp=BQIV|J5t>K zg9fQnMQS}FM%SQyeKrB%`=K+K%j&rbzZXov-H-l1PG_?O5I?o>JC54u;pOk9!uTs; z_S4p9KuDeIxs)Au|3_%)AD34*5sCdkEf=E^D2SxA$ltaD9yyEQcObI7nwbaGR~cwg@w}&vHtisJWke z+xeDXBcz=UR`G$@#4UcDD)R!#V3o{Q@HD!Bamf}}0ymkNB4^)aGQzg%LpTFhC8uax zL#3ryj<$@#Xazb}L77FL*}vsfPW}~hX*I~|Z|YGq0%R+Fd}vM@Ln`k^i-QMf2fDlB zEd6^a#SMEMXXr)vb6le7Pq06Oc=NYVPDzCNwtZGY-q)WjbyR?wzdntOx`|_>23aye zG>MK@7E~NjQn40x$gB`Js*Bf6Q$<&%4kF5M7q`Tx~G zk!kv;Iq^kkr~m>lIR-MYRSv7N1dp2&1H(@bnA+522(7hPo^hOkq9C>3S}g#2sUaPk zkY9le-VZ(t6;vPRJKa;}yhSUZ_MtANn$hIm&hur(_fR^eq=X9mfR%1UFU+ZlZ%6M# z!8;C8z82a`^!F}r*Tt>44=uBE77aEu3REq-uWfM?u1_C4IRu%@Mx22-&+xf=R7Z9I zaZK)LNnokS(1vP(+c!0d-K?m|WQfqjxmh4CRtT?uG>YvdD@GSSJY-1Ua@vtxts5O+ zWzcTGdM5H{g?b7&r_r8DKQu_~H24(YYJ(ZxJ_yqaE#A{wMbWpsJO4L4p5_U1+DlYs zR-lPGAY<{SV7J)jTlSpzW|Fty+c9y2Dd=wjpe*l%^8N>C(OnP~C6dx*j2OV-@R>0e zSwy%gyi>xWCZJy?Ug-;KLD_&_3IZ{OvLVX26ViUsq~#)7!7q^!pIESf6@k|z<=NxqQ6HG68(#4} zo_J|k-|P%4`AsarkJuA(Mt@~q$>fY8dxad zl6Ta7wQ-HUalUebz@wY=Hjl5z#HVdBn~Lbc+FR?-5!Gt37f4^`4tJhTIAR0fjrqL2 zGR))MDxW6ael_at2s*J-GSI$$TX$sI!xEuJk80)CxmFwcHoc|-s9X5RvX(v7Cj%3z zNVv+wcm6n!I-uNz#T`dxUmz-t$s*V7#aiW@85v|)X}zZEq{8TGj+?v$63ma-MH?94 zu5wnmyWzgMFj&`5E9{C9HnfP*Nm|3~G5AptwXOR#oHGIAl0)^CR>hV*khQ-BbapZk z-FKFKTynL@6R-)xE%-1d-;Wy?YdyhM^J-@m@+g0J2b9k&gHKN9Xm$iUM? z)QY&)^38k4mxpkCWuwWRSxHWtSu>;AthH zIrIwmDq&xkBdLo>Toumy*8U2MROdH2#}SQ@b7MIFMTz1=hi+w3&_}V9F>GMi@k`+k zgZSDrW$DKH-N*pg%}0=nUgZgjDKtykt2yl>L1l)1j;q!CK8GuJT?TJX-N)N*Kn@{mb{j>_V|t2|WQQ@BL`8D? z7aT!oXcip3hPJ$UW$h5#4;mfIT9#}sp|XBOt0C6QHunx<@A_Dpj&$0u`NtI-F8TBUNW>Fr?zX}n zoZwU|>RGg>mt!?Hj90#%S|pqc#;Zb>NO&bo>nA~(#YS<$W~qmu8jEwBUW-d6%6 z>64@_u29WU-pD<;61En&dzTHzdM^lz_sU(*@L>f``Dyg53W0uQWW!Z1AIZQwz@v+O1-VLHf^b($w#e?7i;-!#JvBzxpfSvdGb zVn`r7+J_GX5OroJ-*lRRXe(Tr8xIjQ+lo``uO_{&*})JsS4`Ao->s&Cyi z4Hl0nlWnfF016Q`qWS{o+8bS71_I(hj=D&N$(c$H$uBU%{Jumdih#W=EAQMx|IF2( z7cK)GQj`OGwnGL*36=(j1v@@Ty#mF9f`4!Qug@b)zjL9Doq}J~BfY2i0q#v0Z?-^& zN|9wbXNdz3y?+NFvOY&)*}KUsRj|RMS^uDtOpoAhOJ+>G!;~si=4Z%RO{9 zPy61TvnivB`)M%)WM2a=XXogab;Be|Z`K$J8=y0;QeWC`=tXh*zDZ$!rT1hM0w&6k zFwQqGx##yYyele2kzvzZOSKzHU+>sF_~2QcVu^)d(K1X^NO$=Bog?ubsK7j!ogR0U zi--~OYN5&60>wnEcj8?iFPY_h>MO*!(gf5cI46X8v@kE8gS+ku)dm~Z2*T$G?n|IN zXDPclEOU12WZo<1etcv++(l3?NvX$>ZGkO=i~tnc4RQMEr+5lvJW@ zVHC2mR}LAJi3y*$*{sP|r@6`hnpCWnY(}Z`Jo{Ir7EIS9K&@KXkU5M$MBzbnl|F95-1;Kx8M6i$8V?ZzVx`F+n?9KW5ea~n$q=N zYcsSraZjKQ=Gu@CdgwYh6Xv+t)WaCY9UtZ!-|9sjeW0%Ap})=U>q?7@b)lFjI7db? z`yTEsvX$63wQOn)%7zPknDh7~B8rHjavKzt8;Wl6Sp%-o6NEeu$=?DN#9AAQJ|5(fkdms$LI6n^B*>F}32I0nL z_p@TYd06HZg|k@Xu7z}E^RsCh$v?*GbV)1ZQm&9`=byn^>)qMb@|$6Fc9eY*akhwd~mbljc=!xy*zI;C<8PsJ4-4DCouw3#b@&C0~Rp(MaOP}-yiGrH`^L9HR$ zUdCiIuSJ;4&+W8&**vxgrI0ru?9nCV z?0lhaBF9b@EVK9L;(p1Zc!b0bq-GfABtPG?J6C(FVo_?xWS*Xqw(0V!p1`rqpaJ(A zs}+oH!|kK6{zZ5CmR@DK%_R*!>TMssza`C?kszKMZ&nLG)xV=r znWMV;4PenL;)-hcSyLKF_{J~$zH&`y`%^aaCfDYzCwXo~d0y79WkhK@0-z%0DeX@D z#i5szX*A5uh&>vV!+XSjr`f%?1nWou8j#m1nLbCGsm$}?=Fe{(8AeYeIGC);J6zl& z)g3{`2jBTzkrgu!gpyla%6aUY*bM1f+YM<&^@{w`4a4wr8&zbk=9p*0UZv}w;0>Ez z37@`oXw8LRS=~H?t<(4Dxa#%!YR!($t2+oU8{Aa*E6{TVAU!da|!(PH$k;6?*J4$_pph z=Uk&72tH`zlr>ks7T{X$%#x*aFMT&_^NkYAEJ^Ea-n{LR!iuE5R3F#ilqGl~CPHeHwA*J6YD3?1oQ z^q;Vm=ltG=>)}-*V$@^J{dU=TYV#rXiuNavL)D(j--$u(Y69J7oiz@GhcCbB)r z>n$+#W;OV+?pOQ~DJp)AEQ^#(z0;`+qy3KHa3)kZ`W&>+bMFCZ(d#qpqO)p@@s4?| zSxO3)&a4$UavhCzBZUB8zMU-)=+1fkZ0r}?M@EQWpZx4l5+OmoRfjZ079|gcpXySd z?!Rn-I*K9HeRqmEam~jN??~NJf8?64ef79}2PeThy2=?T#R$fJv*iN+;N6%VvfIn! z&?KD;V42atL$CJb3Gn~V^BvaG?HJrTWF~NtXsc3bV{*PR=cn5h=p|xJZK&}X3PUrA zk%l;hi|na=;p=+B&X!AE%oX{&6u}a_v;*D@&gB6)_91?yIkq-LVmVC3^gAHg)Ot@xPxe>iNKjxOolXvc%5MZhOGU z{cnQ6& zfavT)nsd9%+FCtf+9PGE1bfRi5lj}CzVOS%ST&RObV@U_YyOoMU1=4UKgzXno|Klz z^0UF5Z3}!vkh0AFnu#mQE$_l-HZ??%Vrjf{OK%;=}Q-DEr;NEKtD~Hy) zQEw3i(Q)%HgD;1S(JHV5@=TV=&}ADEGoVq=|=Q*n^*lunz#;g}i-Na{k+?4gAU#|lHC{o!AlF&c5D1~Dfp(uBPU%bm(QV# zqt({C2WHjVqV}$-H!u>EZ7fgt|7_N%T;05~swYfP9K8)*gYC7rs0sco)$|xSV$u@D zn>8{G^6r}JqFm*JZ6zzUs-iBjV#V;hB&}hhORmPYp>-h+uonEq_+rb#9rP!zZ;XftCRftrr(!xyO@YW zvt7aPYTwEvlsC9^nZ1enYWm(D2+UGmFZH3{C})<6mExR@dB0SbakIHEoO|QB|N8wLVI*amOQxm>}FrC^5J8xEn2{o)Rm1<{yP$R{g-OJ?qOLi4bhoewFO?zs%P-6BXOQo!)qV$9c zR=1LQKyfv&sj9SMJ^T5YlkyB%LEU7y!Q|m9S{s_GhG(0Kp&6Efv*%i)V|0V7(2DGo zu{J65l*&`}r1Me{@5IXs%rY5yQ($%X6VX@esY@;4mpC!39e2Bp+C`7A zS*|ItJThVBNYPBj*z4cAlhfS~w-dz8YJM*Ph5W6)LGr^k0Siq0vq@?;HpG7Y3>;tu9+ zim#WK7u^nh0vLPnA$OHCHrCB2vxT+=YsqtXL^e~|(5iF8<&AOq*DC|XyHVcfUe|l| zFa|k<2`pqiw&LPXkbY2*V2O(EElF^CDBf>C8nN+u!6&Jw^>){aI_uvFSyLPt&7?Q~ z`GoMNM2gwJUWlWvD8JOB)u3l-3myUFd4fibX+HkV)zrh!&Oez%I;X$MRiQjfn1>&g zLg-fY(cvHT-g5uW0@!a|soeXFc{uX8=qF6ed;d74SdgXsJa2Atm%lsKJDT;(avL%J-3W=ENHwogl1$;{fNO%J?=cX_2F?)Jl4XpIoDxX`6<Yu@DG(Wg*2dT`k^vItLv$B5;nbMR-9SMSSMHX#)k!7i$ci+ zagQocCH#7eK{-{9PGH`QA#kp0w{}Ik#`>H`N`*(q^B+0uH=XlVZQbPLtsVKN>QNt+ z4~nj**P)tMu?2oks>1iGC?%;I6(bPeP5ea|mk5q#!}#v8Qm7`JW*x z#k@F?itb9NcgVXsbC>mBAye}56n>-10jdak_~ISQtWp@+G9uzumGSdv24f&)h*C*k z!ihV6OuW%g+jZBg>-gjj`W*>wlX;6l`Po2^`ZTLa5V)Haw7S5A6d97lFMg7}b*nDnMI75@TWr5aoWcv1sWjnG9vsKioB4XIfm%Z$0pUzfdi>1B_+?Yejzh4e(c@MpWZa<-#G~2=bmIL(GsmnV`*`GQPLr{%ef=0Vna>37?^PVLOh>tD1@ZEJrj z`VXfUAv20@9eQf5hkB`}%Jl4OufGA{yM1Jh$fp|VgleG^I;a@jNnd{ZK&0zg}iWTGm7y&*Y86QF1*LEtUd+ya_M+ zT$V)T`(X@w2l^Yw6TkoDv>)QPe7j9#Q1D#JI@iFpQ6)`B-)NrAmNHlHVRQna#u!@m z0I_VB)Y%$;I{mCq#er&b(J1GV^7mC0#Wvw|KcbmBcRwIQuMI`qMhHoLxrzKz9Cy|s zo8^$yJm;+ZsQ02}rGe1soa&c+7Q5!w&qeGS9aQ2ANzV5rFcKWZP8&2W*H_E?J;-UD zqzY`{N_D)(xJi3u60Erwi*wJ9RH=6QwtdiyaE}2WB{t*Q59!NyNvzsL`RO6eL`?#u zxCb=mHZ`N_-C`Ps+c-*cn%h5XP9sAOzct{55uuHQ@!5~7r@e7D&291awy)Z}0&sU` zRRVQTCggOU=!d&Pd4uWB6%y0~J72fNTq=$1l$*+X5o(NE$rYk`fAMxi2haB)5aDKm z!^mBdvw0Rb@?(4QcAUh!4a6-3=8@3dGQ#y5ux4_h((Tb5gUU&LX*=p~`cw9>@|)UZ zYVM8fKG8;abpH-h^Uve|E#_Nuz=X%X2ZIiR(l~>T#)i5!V9~OsXYgFCC zo41`V}5mqHK85O>0++;*66u*lQiE%TOI z#JVAWvXZkY@e3%*ie-AQ3G8MaKMeLe;K*vAn|+qc)^;rSK(8T$gQ$Yfbzn|)Qp#Eg@`5U_-M0aqXYN9%ZvwMVvLmY`^ zD@xvZg;w8ola&Rfrr942HIb98vb2PEdAr|9o}5qf!jm{Bb9%=CFPTcFNx0?40na;C z@5P&^XT+0su3NJHK`}cdLD$=0-ZQvSBBU-QRgEWo|MNK|Ousrh_Mx124&BY#N0x!k zdj%}MjN{|fl$l>|rcec2aZ(U`*GemxW*R40+B>yOQ@(3P8$Z;mykvO){I;)JVpjI~(LK)%`u;mlTH9;x20qNs zc7B=PlY5~d#DDW9*I;(zU6{@eX+nx(rh**^Bi|&zF!=9(5a9_Dwnb1i zyB1zoJ{9dN61bb2Tu>b;-$}q6MeXv6;R~EG6+Buhthbh*HC0gK`4FDJLU>dBYdj_1 zLW>Nv@lQ;2cc2%_C2k!!2n-8}N&8CZJM`9ZhS5RR!@-{{yMzIg-QY88?-KBind@oD z#}cM!T9$9}N>M8&`G@$sv7>rvVsBiphLK)pI#$;xhs$%;TD7d^T)-84N78bc_?(;` zMuCMnT^BPqGCGRH$cF$!1y#^HmXLgCiAwmx>1^ma$Qbp-w&lLAC2sr~D$*Ml>32s! zfb5>-2|Cu9bBaQBoZpI`_FUhkE)oi({M8sjM9%UnSxP;@1WKTYgfBq@*AmFJM_;?Y z6t9>`i4ABBbR@o=caGxxy?1rzIW*o|1|(&kixuIC;~P>`uvz7|P!VeB;Yn*#I8_&T z-Q@AvA?u<}cGsybVLf$n#S*cBMn&rZhwSQ@XALCtRL%5;>bGChyL--t>9^Z0UD-O@ zZBhwJ3SdvNxZ=oOWn6X9(>PqmrC?T zh>GRhw0>KB*R-hW(4mN}5?At!bMM}by=$&P*TYW`{lEXDoSCHNWL`CD6eb0PcX=oI z%N2eOxPPKx%9()B_A(t&e?HIC&tXpSjYO&M&GD6Y^q+n|FBz4YOZz`0%Hs6MmpTnw*#ORL?vS&~hf*p^V!Q=4K_!Hed5-)o|Gin}zP?CQ^9s0L2e>uFBa z%Y08_kylbmtc#PClupUsqTKqD^_8kQ3u^6O%QE5U^*?H9siL1IpQhO#`uUyEg4%z{ z`eKcAV++UTb?&ZSy*K-8f1=S`FG;4DH~xGkqVX{NZaj;aoG_`x4azsqnv|~wEIEc& zHc{wm>SH+7P&Q-<5oK@D+(g9TnlkyDPV8pb=<*@-w@4DKHrm?inDFp@4KrHzKK& zNGM212@-;Ulp>8t!~gBMckVd9T7&%X_U_9L^rDbR?_OX3j2qd4IB;l}WzR7mFP~&_z$&wbe%N0QNM-LB8=(47aGd zTZaC;@5$@QS0}lf=d7k)XudEa*ek1$!m$=R^V>~F!xd6O;b&_eyi3aNz%7a~1Px3P ziOhqYvZ8$^&CjoL+8(psB?=36w2EM%vnd%E7kyR}+~9nJRW+HBU0(krqMW8iX|0GW zTG4MMviy$QXv1Au9g)T5+yYJoHG(>CU6OOxlibh?8ygxlhJ^y|V$<>D(sObvM?M>u ztT73}6>weF(cIQ(?&I`-UrN9qn5!|L+fB6;^P)J|tbmI(RpDy<9Xq1&FT__T4KS8!vI0#svyCTmudXvmdw=@gCp-==zzWBoglOIjhb4<| zj*ml{#Gnbj+HL)n^iNhDG}$pP=c-BiB6MT;_6T^D*z=z6d4HtWav&Nu2^1|2df1*V zC{;S-@nem1^i>R!9?RBnMsfHkv55MT=DX%1=aC(KZ|ouk_F(j7?Uga^%O+1{wJpV{ zrF+&zx|&uSVtnmwyFIz*w~gEjx`A~6jV?O3|N9fJ-Q()?9m_8lWKe(o(;!6Y@ahDK z^;|$dTZD&Ro5o`&_AY_Yyg3!WL`AYp!&Qchq*tyhTRe8g;?K5r<|@%92f#!R>LJB3y|=gO)yG;m8r0O8>yhG>o=s;K~hi>}Ty& z`)3FfT+qNlU-9ODhjKHQt$!zjG9+bR+tIFxmaf*YA@?(}BZDAhqBimc$4y?`!h zjGfm5I%lQW-~(5DE78myT==(dug+HTqiVN2UqclxT5Y_?8zWSyZxDGd4MW-guYY!F zXbJeW$G!&QaJ*4C5`coBGSA>_c%h4b-^UnZ4bwuG)5gI?JiV5x^Pp-((T?D7J+FEC zIV4LxZUN#83bV?9SA7j66B##xfPAFRTR(r6ipp0C912iNerK*A+6qw+zA4bZXk0o{ zLhY!^(Ayj?w=W(cB+3`G;sJg%>|aPgNjYGkBgFzI;mW_Vc)PJ4Jov{rqVdlK7#%c$ zL0CvW_%%2reM0@B88iO9!oiG!bHE?Nw{f{`PTwH8?x_MvM)uaK|z4F&g$~u z;e`SJ7U*j6d{d$vqKo=0cs`8}-S^g&Y4@JQ*xy#u;mZMvc8w3q=#jaWTnP>3o2=wd z;s+kMD4QtC0@V~|5@mas!m75qxjwIsk=~AaIqmDkRzoBCu!b9AQcmhqCX+>73f|b< zehOR7OVqIc)4w%CgC3}jKi3)U-pC$v${guPbD3A-lXL(ik=JF2gNmsM;coR=jREhD z%Q1^c@ET%gCuq10q~gz91JVaS=U49U{%v56w?b0U*qah*|L zwb&83%0UcPb{;ZjAEkI&2CP*U3jw#4(4O>c+Mr9_n5m;v5iMuG!YM&1Zw5TX$0>3u zJwf7TLq$UUUT`g+ttUKZ{!a-Hb1N~-v%{TU7Cdk*@h+fscI|OpHp>@A_0|W^LfYop zWL>#08%h2f;NFDmCXb|GR)OVGC z0#LXc+YK^ipg;U;A(KH-pUpDNBQO`>LMCzf8Q60_g~%U+C*aj>GjV5m7*HI69vpA> zWX3bkGo*YPJ_n$Y(ZBZEO+-ld;|XD&d5DLsNtjOWry~%rtkF%fW+;X^dH&~929Q&{ z(ie6EuH9c}nU#(~IW$tIDT;6Q$I`0Nk8%4$Dwr|!I==k+83Y|!9De&frt>h85}}o> zji`GND^RN`*HPEL3|fUxw2pR%K*xO#|EZ?U+WLD$|NGBJFv2}#&boyA+rUP{jaP;R z>MXi|C~izkpqd##=5A6{GsE>Tx8h$Wc=_z#zibzeCjH{>&vz9@zh5L*HTdNQU!O7w z+!z^QTyNmI_Z17OGJnVr9~FIAe%r_3@}D0jBaci9?}Od{I#)PvMtszRZ|Rtdi?XN- z6)mLx`?JOEn?M*Pj}{W@}CEhfgHp!VWscy2eG5-FHW_*zgoEl@9Hw4 z=?f#_9}yuHD9|b;-h*6|S)ONce@?VI;qW&~F`m79`sX_^n7H{dihvGwOPE&WZ-e0X zkNMZ@aS|97_e2D!{v1BPJ(a(&{03$?8ub+|O?H>#f4jTC-|0VJS24jB>M~sl{-0Os zx8s6C`_I2WkI{99M$BPSL=>D%IgJAB;tdC}J}H~e8?*2Qj{JTEe|sH(M`n=MwoqAz z8Px)+Bu<$7vJhbq#a&O~?lOZpyCO#C^6aG6lK*_%|9>G9g5U<`Glo>Vurk2jVUih9 zogqFqe^}O;C=Bi&gXf8W$A(#oxO+J;$@9K><6Sd&EP!8Z>Jomv@56#xL=({BonfeU z0Ri81v}pQx&E0ueQ%N`zD>3`x_Tq;)!1iQ76e6B<2owvxBxC1m)G8&9xd)XH1Nm`S zxAVbUX($KtisYw`G;`=o|JT*cYQUh35Yl;t$Nky>1+Epr{yv;fbPCUB*i0ka{G6$Og@wD^zU#-X)7Bh_C0ww zOl7OeZnr?&!$6-sobZtRm2g-@1z&t|rNOSVrfxC|m@%yHMTX6rqWqX#J}<^1to^ z+?OnMWW*Hm5sd(ICn?{$C$TT@+UJ+{g7&x=RqbKKNksHw@4p zLRaoxw}KC3GTi(Q;D8xb2xhWkAj%44Oi555PQeyg?!7ONUf+WaEHhN*H8pl4-6^yF z8h61fTwS&jqNi05aA`uTN8u_Nn|eHSdTxlht$fp)D+e>=@_UnrD9qbXB!Ifa?`V!; zYf1Xl5Q~V8ouBE96jDM&Lp`*Mn4&Ii-T7GX*ceRJPEs=bZ-7w6SlqlDk1J@KFl3l2 z;wb`azrNno*q0&RDA2yeC?XB0z13>%DCNeKSrDPcs_g5knMs|)i0>}-Tin5#M&~uy zXI{%by65ARWa1VJG&}V#e!wq4JfwXLLGzOOE@H0>P3$0^ClPSewqV@qog=&@@B+{|k$G-!g>VeeF@AVo>%&{zmwQ0}kQ z&y5c_C!=-7=!^L!v}QBz&LL)5+Y&(H=P}e#Nr_`si$H=9woE`q%A)J5ppPUf8PRGk z!4PTO>WHGA`(f7aWDMmxi*A+zCtb8Ugw0_&Z5aDl?1^PU`-Sjp&E3&H>3&zOJ3c^; zAIDlScx?(X*!sPYU_??ZkS#0Wh%3*L-tJ8!&R5WXahoe%Q$Vtu0Zd@;Ac95J2N(Sw zz#Y8`aZj$hjts~BA|*LoJdq8rUqPX)WJg)-@Wb?R1QZ!xVmYl#G#}`8D==`3E~)F% zyp{Xg+WY5R62Z!-SZLK&LdKrtJPXCzM%zbl<758R2ib53HgM|BRr?#<_X%}mnR@|U}ttT&#~_2BQz?xhigB;qQfljFU=pn88k zdys7UDM8mSG=RQ+;Gq2kGNjWv@lGnjGvSNKNHZGy8mOo3)vJw5tnd!v?LvPbl!VI*2cH% zYpcT9UUEZ!GEEah`=k>Cpq0Vt;vYpnO}hi6m60=muxLw<~k4jNyH zL5w1m$?#PB8!)=#3k$|pzpc!8WLXq53G^(%8+^rkc9Tc8X zqjAs2yj;;;;XNK#*^H`?;g^cE6Hwkot|>dc{H4j4OgaH`0Z#-%Qa+K8;0Sg}E-&8J zIyA0~YI`_4)q=Z^l$gCt#bb0F*d8eo~e)P zAU$hNqXmuquQJ1G47USfaGp5Db}^^aN#^sg;m^f#xqB{}|H>zW7OwzNfxOmqf8WQK z!adKd6Iya+q6wN=c0Nf!Jgig9+6}JyCg0@OpOsqHSMmSOJ z(kC9Gv%zHZU_(a4u$lf(6SF@?_l>Om@7F2QDHHB41>%t%ci*E>Xw+R}(!H5YtSw{9 zWIWh25{uL0*WUpj+Cz(xOV6Wo+iv+uOLQf;&Rv_80t(@8Gl>f{F z*r+Ou(Z^8^yf7o`J-G6O6T@BeQnT3s!LFGc;calFNt>>_yHo!((F8;A*2_aI@h8Kw z-g#1*%scjHi%rRrD7P^>G9Ckm?Pme!f%j{EtbvyR(ulO}g?I`KU#9>hLaSV&?GO$? z$8)v^huSR4nqs*AVHpAc5zyPKx}|KSChKF!2pRr=Wd&1r3krF5miH2puGc$)1nh0F z9@6NII;+ak`tyd7zs6U2boPm=vv96-{~r47jI_ySBQw5Eb#f+lJHFnFnI{d zUf2o@&$N=cWu6Yw1wQI`BdyCAOc#O^HgM6auTlP*bh%-AABP+`3)k7|2q-9CKit`J zdNAsLai_Cv8NXUv&lHCdhP1Q0Pru~uUKL}EqFCs#3NNll0~U zj3PZ^bBS3x&vu1#s%lI{?HkJUSmGhF$=H2`rTt`6lJn%G5YKhzCsbP*oZWtwkJ%n*r1wRTRl~9o7u;YdPkYs? zO761<2S;O;9qDcB=|zc`*s`0N4&PKOd;4sT*|d-F?4ncdm{byGt_JCFiEimPsOhdf z-vnj_l_f%M&hIE)O4Hyqc%w^ZEt(c+a@GFxOV?wXC+)QO8ea^aiR2Ks1$arJZwHE+ z=nJYmW)0ZFcTw+2who-401lMAwjueBv0C@L zy1>8T%4mvS z{!^=kEC)ZRfwX$smgo2x@~)MC39T5}s>+?nj9#D;yBhix9W};prE5ALZo;ZZOviLC z*qM_6ih&)c;d0--_nAxW`v8Nuat&1Cy{>#CWUZU+!;62FUmx?NgU!A$0^OgQF%nx) z`&uaFi)YaV#{MZ;1%V(%w+rzrGWIvDKuW^mvSXK>_L=0|`}1VIbfod>`4}rzEscGJ z<=M{Y3zohznQd#2oUwXyzr8ruKXx(pWoaqhLTM&x=T)Dl@ho18*Zyf&siA~Hsfms! zPfwaG;aOEQ(<{mpDyU6?O3eQS5od8os_&O;C3qtlETf2F+~WLYZsQNA@Cl>cSI(l1 zA(r|k`zv3+t2iwUjI-gX$4rBP`to|-Lel*dM5vkZ@lKEGhs5`gf~&Z?6PbG3>6I=H zA6v$Qrv&FE40KW~G%b}xG(xs*@g1?eK=b%HU%ZXf@!SkI( zx|<>0gv%kc-%cAE-%1CuI8rbl{#bN#hP+Fm@e3kY>j2=Tv86_pk-|QM6^T-IX-mK1 z{T31Ho9GD3Cg`6P3Dd8Z%n=Vyje60orMd95XqDBJSqO1)ptkf4j-W7IYMN0Z9(*o)%vD9>~bCTeV^kj{Aj^xQ4^*`(t{V^yd5F~9} z+z<3c85ZaxdS0hFrFuO>D4b&?qnV9F$h@KaYXZETV={e_zasZ*Q#GZ?5!D4!$CJE(AW!A^~*;ou4-+p3%z z+dGG#kW`ECDSQfSkF3TE7!vIyi)WZj1gvzYHEjI_kj#t;xz9TuD*f0 zS&jNzc9s1ZXFEQJriYtL6eK3bC%w6?8FOldgwmiL7nhm zT=sjOxKLGh!{Sz}myXhI&f>FqunHpC35S5*53eukJ^F{5f>R!Vpl-*$vUmVOl^Y&> zXNIVcs+*Ex7H@H08C|YM1x5|)`%gNy6AD1GsGq*tx$x9!k{!XB_3>-$@2}EVT1Zn5 zhc=i#jbhTVp{jx}R2M!pt`*$iT=V7)@B9TFynEm) z;tW`Q$5TrsEH`h17S3;Hh(ua=r$|fl+ov#WRpQE)OZ(h?#z}BWrZN2N*$hGmX4z40 z_he?D66`zbiEjsHT!2md4c2Ir-1VaI$sJ12tPL zwoiEfnu{Lqg#_!$P&VFsVbKSy$`W0RL-C~NSjG%v?#nQ=8|V6xSzOCfZR@+RqSxvj z=(1v+D{79@i3Ci{ASn{2HoJ>g# zZUP!1@GjL631+gh1pi4 zaqe-{2vc#Unb4Wz{D?}}f`yilq0!Ao z(-h}mBr~|5_O{UwMnLvg#-#epioSaAE!MIbY;G!0SNZN@*z{3DG@zk?gG!?h@q6lJ zHuTEkZ!>iv@Z&bDq1$RGvTTN)iGzESyR9I`$SaC*69nNSNB zCb;-Mhx5}=OVN^^|il1Rz>1S?Hcn^Z3jMNbb-k~I0c>@I$;n&w-vx0)k$?c1$ zjk}odk;ki#t!tJezUQ8DMQ##AV6qFfnW5~*%#aX}sa)?K1?uc9a=CU5bdp5NC5^KW z*1wpvQH*E%)1yYf*{Ub!(DKe%+(qk(hAY%9Z&7+;xxR=8NfDW?yLjnAPP#^{3j}!F ztUP%{kAJ5WbIu#8WHD>9wWXf%t@pbIDw#cjnnS^4dJSRdJ{ark--EC5Sdw?xt1o>c z1K%!_Y%)1Ap5b^FBorTb&c<4!Wn})G%@Szv>@wcPc@*T(S zF_m$73tc#7mtn`Jou{n$!J=a~BNZIzh-YsO269PGa~)lPByu?>K914#X*Xf7Kqn4s z=t5&S4<;ZxuLi-Zp!xH2@+(TC`_8{o<~_BLt2+oOE_9`~MOFdpBxTNEM)x_Rifhtm zXfgrcKal>4!S`u{7K0FHLA8KS1`Tr0S|5FaIBca6Qpu3&cxciH`5XjTb{nV`5@$8UL$9YuAbpVt;WUJaw#`h zvsjr+&)8%#bnBWs<+ar*>r*IkDnEHZ;Una|x1ntRqS2!;-B~5C8)doT zVjdnA19sE^Rq9=hkjVR79l2{lb^|)KuNc0sF;m@8d#G5#f0u-Al8klcMo$f#tSu|UXGs}kFf3jC*mX=@k_IG?SDgv%VqofiIAU$GOV=h@`zk}_y8ib=3C4;Lf1*GYoR95j z=vn1CyH4`x)O}3DSLuX#h8Weui0GN8OlGTlUa4M?d4_QGf+XS=e&Ee~gWlza^;r0t z@`ml8l*x#F^pWO=r+Xsy6E)W;0+$_744vJdG8kjUp6=|=3G zxhc6)MAT&I$`@R{@Ok)Bq?A4<%P?v8nY->=MO@qT*d{6KbAX}pstG?|dnR95px((c zB}pb5Tj+Zw2P`Mv)>7jM|BQu}=GBHAX|1ps&CVzEQ-bV7NWd4?YKX;k{WYcK(zfGl z>44{J{?67}=^HnEk~~7pgL+Tg&&*+ck0oA=<|?ma)-q)pgmQ)9F^w>%7zDqvOvTPT zVB?elW8Nv8`TFe%(-{~rUzW$I1 zgaOwhyJ{_7V}LQ$sk2za()~Z^t;r4CL6w2Gl!Dz$HZ~sNn_uUc34=ZCTqJ}~pfY2| zndZ4q2L?iqaXby`5U+s#(~U4`1+WyWmvrlt>sCOmwD^+W_K7Or%=AB;!}C>rQ4rTK;M60_^UbgJ42fc ziqDk+4?>*#boD%>Bc;NQRLp~ae$&2Yos`-b0U-tfoxH)N`>nP0A%nR}oq9jy>;3%? zU&eJFJfhDQK|8GR&rnQG<95(iTDjFNjMa9;G(b#Y(&b%QiV^6>j&i|VQPB8kTI?FM z_46&+ji_PLhruS4iPDSm!ekUZXT>Yp_DNO7tu$OLW5w?6?i=`yVJ7OZvVOemMyQy* z5F(bh%4^H*Q`}!<%$~sb@jtD$-}Z#tOcf-lIe~bgVi&UH&TG0b<&=h9FOj^r+`e{l z-fLxcD}dfr7wtVfe{4VzH zD5Hnw7^CklPs_Cz7~?XY_OVj2Y7p39EWfHkadrKl&a`F5=>^J8=+U$eU8gx z7c>GP67V!oa3x{>&JOv{#T;fu=cKaRem$?tC2}P+#z>7y*wH^-A1g`$*iGyKaI~t! z+%b`73TH^{^aYFFpbeU!=QInH7!oF$D59Xce$aiMU2%{>zHob?{1bR2@+>DQ4PS^a z>W_1#>OA^KMBFZ2CX(g_L+L0Ex@*buvl0#xO>G7NpM#%QEw)La^_z{6Rac$$qz|rr=x2dz z@#GM#cdTgJT=VAX7GNb^095~|6D||O9i~K2p41F$ZPwc7q#7QqnS{K%K8fT5Zjv1~ z=H)Scq*Tcqg^oM#GP}|6m2koRd@1ZnqHw}1lLIN=G)>P*tpVeKn}0O#O4l~mKAl~uz55(xEGPKkb+a}ZwiYE%!yw!s{@9=D7|9Qf{4!E7&uaOE1`1Z&J zM<4=)i=nye`rjwp6Tj2VDou{R{J`M+!*5K~K#^I2dPKl&#lW3dr3K29`lBp@;P8}7 zmL19v1dGuf0?_mHzJ@4RWnk{h7~+sA|4}MUAsz$I&xcu{t3=uz_!cdCnUDYD!N8lf zvd{~+o0F`dgfD~@W&p-|3T&)>n$}G>?FdYfPT;Lnn2olAB!V5;xeDH_21boa+GYEB z0I)U-ddw_3w$enLa-z;l8o_Rz4#ASsU0m3yvf^b7pfk7t4F|_1SPl!duWD4zIBqcf zQ-uwXrVItr{ZriIhW$&H8_p4cxu|VEFghqA+qm&eVqD*$JDx+`b_0;U1Fx<)@Or-P z0ET7(^;LlNzdg_Qa?Ap>sl6#DQoWxU>3n_;_DMXItfMLmvq@yWja6C(&5w}=@ZT9=%zVQ^HIu|dz@qfzK@ueS z+6L7Lg_A%13T%-7bQFJoAybPxuq0PIjn;$wVJ{Q}b2QzRFV%Z)Vebk1@Oj8sbZMmK zZTQB#y8@P{iGX4cricMsCN4VKBlqg#r?8kJkkpjVo=Gyld0-21JLDv=K#p*;HxTEf z2ygszO^lSqM!?Z1qV!BeSe*B8ey&a3OayvBK-?m9z~9wEn$;I)l|bml_S8AerB7o@ z$fWOYFI|Ts3PU}Q^p?+#?)T|8Z?xr*#$DBb9De=b80jWV1@FOpkOhvj5|PkbL=aE~ zoc`})P(hC2tOq4>4Bj{`vsKMdosI;jP3 z*JTiBDEytd|F@g^oCIcEy)PI)fQ2)#f~%S;bPa)UpgZt%bFTBs;jgNI|25J+B%ys^ z7XCMtarhkKt2aGz2lihtDpM=P{?~6^&^Q;Mh!@#6_OBlZIlBk34GTydtQ471Eg+AS zQ8)exGX3L`7gj``?q$~s0r>3?u`Mv3t$%(StSo3{YX`BU<*o;u#{ZZccH{u3dg!TL z#`Zr3_@CEh7zh2pxG0vY)$ZR9LQA0B3{1qa(4J6U?8|7(5=vPG3f~R?xrXsK7MElG zhSJcGWc7z&DSHI{`EHgm#xuVY&+p^ag}s^5rV!%nv=7N)d4SO`a6Z`wE|QKvTBj=} zV>Qm-=8z&;)MULz5MPMyzdNo#D4qd7Q1=MTnsp$8#2`DC`pXHc%mJ98Xq`K#?UHeg zzx{x(2K98P~0^p zq)_M+{wZKUakhvB1*0L;8~(R7A9tf09s!Q22G`QuiRzN{!*T2(97p3q%~{F69rT?O zwJ*irPEF9D5_Q|kqgpkhNu44CGPE&1}UmTW`1 zcNcVuzpGAVslZMn2cd8XYl-XS>fs#ydi5p&(zrhzkEmoAL?7WeuJuQM3_KS(*B~{0 z09#p39;2EV01;&-YHYPLADcb@{jn@T*xV&w`JQjUQ>6^yN!GyoUJGk=Xk673><(d% zn1@D80vJ~J3ReL)I$!v5^zaC~V6>fZBm4a1$}QUSsJXhYFU&mcgT}!|OpK!4z=7+EV|fd79zw4U{cLC@}*sKq)Edo{K5Y?Sxm}gB9#h&gS{Q z4dD3;GMV_IgTp6hj!671&~JxTSa^WxD981DKR|q59ijzd;v>{%!Mo<8vzx$dj)DI0 zEhO*Q-RnJg zMQd<@;HoQuu3B{(6%rag4(4R|>irn+NZB7Wt0ro7dvIN}zvRMjpvN&+9>32wpIAzi zki4rIEw@yw_1UDjUfRl7RovX6w9SqmE(@Q|Ls^*!6MHw*oNVyueyC~Qs|+1cr5Ae;gM=w3n)-U~ zVhbvP=YQg@*AKh&ZrW3Dk?o8Fmk8mi3jlt2dT(vAULCy()|wtzAlKH}Zfpeo1X)Fl z+U0QtB=o^{q$EMcU?1SAZfLTk2U?6PKZokHnQslCf-TtFcEQZQ{smzG@_`&cs|1acr~hHYE|j$RClR>k8owz; za<@HpdbiPYMeWkIb+S9h-1C7Nz>+FIzq@>IjQ>?GVJ7LGYU`4+ws~7HZl5tW`S3S= z4Ly0BPvs`!SN?z((haSIPe@F+*Pnrc7a1YFOmUr z{SfpC?`5&+=bLF6B^O25O(AgVJl7If*T%wb?)qBup#!zpgQB17)6+hoGvcV=SCkc8 z1k+(F;;5m#5N}a~3AxVv{PxP^n*6A{y`~2Kfud$e*!#3~D{f{zl5D1q?w;r)e(yBU zyZKvAWP@kD=^Njzb-&Y_6=z}t{#-F&od;?+b5`jf;7R^?msuz_lJb86W-0!XLxGbq z>Sw2$kj2|a$|2v^&achg@Dl;Z=lO8#iAWTs(Vc7q2?~t*LyrQv9Rr%i0fs@%!(Xc= zViZIQoGVXs&Ydsj@2Yizx#Xv3$#aM6lnGjk0B7Vt`O@gE8$~0s!}HHh(=~6-#&V8Z`XTb(_>m+1RZj*Dyp+)@yH~HHRCZ|XrE%|S zIR|P%ix*KmoM3+;RiY!kyA6@l$JGD!70DB@tKOAf8G&oc z_0e16i1EhBOxVU1YCIk?6bn0f%&YSF$OqOIzmwCZUNXqeU|P4++%22UOk?~K+(%O6 z_T$qBX(ehfiVg0O*PpNd7cotJE9`+mwgtc?XLC{nZLXSnZz|@!-1hNdB+;lQDW_*u zfVPbv!*ihJOFa?0O%S=e6yp2~H%)}2wx8+H;@rj35O=~5nlIR2vQy1AHE;JnTP45d zaoexH!~cd(A=`ouubFr5>4=twHrpWL{AX06)z@Hk$uv>mOT@KOu38f>WbY{L#vcla zC7Z);7SBQk20Oqe+n(}6+7&)Zsz7V6XA%~?eRe0Mi%rp3RAMlFtev~}ntgQg{sQ@g z`t`8fRM+q)KwB~Jlkvrgme_ivO$2(gc#UsdBBN7bYxT$4+DfF&eg>w2L#Sy#$H$nI zh-qJ*_(f*dhd<_K#zEO|+prE3OT+G4${EP zJ|D37NGVp{di8_H!7qrS68}XVc@T^*^x##N?jU{7$Scbb?iMPIgRC1`^%ZFDsLL6D z%?J?}U?GZ~v12lPX7$1&AZVo!iIBhNizJ8 z65gH*D(Kyg)l%p8Gq;wA48~9L!gq#JS2&6YBGY;f@d(=Pl}3 zxOSfF7XH*;W4mPdAt^uVmDW(nHA!jTfzF{tXW^dNMOIoHk3!bB1SvAqcby#HHbso| z?`eOuHXmj$-GA|PTZ%?wxhYY%Q8UT;!?9rvnP-t_E>7vx^BZOtPk_xgX&j`xWp`_k zLpYo9eeDdB4zGa}(kxM>#=DruqbftkeO4KNR{cgVwT4da>5LccqWa;Npp1;mL@J)s z`B6PuLpiJaQFm)9!Jgsd*i19DR(u{?eRfSB)Xw;ZzgBCGN_}pqxhf)YoWWBjc9%<; zN3xx>nUf81{;C0mt|L5#&AU8F&M*?)Hl)!Y4W8`KoY45C97BQskX&8KY0XFV>ycmA z%qbY+G4}$Rp&O^LoZcX7T;_Pot~lS@XBb;PNTe?Ieu|xqXdvTsckl)i_1c?LU(@q? z8*FoCy3cXXJ2uUR(oWjB;|ShUg#Pp|Cq}wM;7@S3xjl4PF> zvC(Nksvyl7;#9E4MfhB2IP=w$ItXq8dQXk6Hzd>}yAc za)wtWaXvkdo_AUK{OW$LeTXyq@c|OuYf04mYs%fU(4c~zxr^d$m+GJr(;o2;tHlTW zdTRSP0pzOQDFf=quP#(OkCNQ7OsK}K&``oDF;l^Ae5gUxAsHWPCoh>8CRS^&K^4W5 zEPoB(PFq6n{`~V_6WU7+H9u!xb1(I1b=>5zZP%UNyLSzrb*5_92aKi*6eEY(l%rMw zt$Ieo_wP}m^~b0nw5wk{(fVw=(@rYq_2bGp8x0ZJfD>S8gbr%;x8i4pC!SYgryP6A7ks?tu6IZ6DhgfS zvBjgCg8y{FtEKI+)%%9~Y}+q>2}{|O9gBPwUuX7`-W=u2)_C{4 zjjkS$66}?@aApf{uBF3WAd5(kEqSfQ?%K*givt>d_Np1q>d3ei#v8os92D0p9tIra zIHuBrwy21NAckTnlIk0Y+^u9d0#B?qhcK%5oz-8mWd5)~*g-K$V{R*E?a0qNy55;c~vtHN0E)%)> z%wRCQGTa4c*UW+7b}0$tx3C-x@pD5c@_6O2scRc1F$7~2=6Lw78>!xO*}Uf(H8{OaE;?!qHuNNxL1z-sZPv3@$ew(jkWrBJ^9A( zVVM|iihgjOj7aF_xQLZW+bGJx5-N6=bvyqcRUyS1>d@}Yr>24TlZ-=2VPMf`E zKtfQ4;4eBneD7ypC){w2B*bsGX46>G?DX3h&ozc_wp`lJ7!sLzv@f8;n#L>|6=yw7 zwEa9`8)&^^9r(Q!X8Dr=-676ow@?1MlLOv=XeibxOD}Kcx&pfVp$QYo`CSPk)Z1$V zdmr@Dm{p|cbm;{ick>jnid@exiax*Y9Wt9 zsG`(9YUMTb!}i@u2U&t0XT@dw)U`?GyWi?vmLCrrc~Os2<#}Gt6keuGOY5t;54O65iPpMn3)I#cE^&PflDlBb-oEv6^X3gDA(46kxWsCCq zY)-OhzckBB)JxW7){QZYUJ#R26k>5n|9zl*<=k0U&WrZib2Qyy8XUxwwzvDD)V5qG z*Dq36t$glkx;uLS+p}LjgNt>>1qW4SFMQNn(f^-E0y%;-$=w;zF#Z=0Qdco~uaZGn zL@ss{=^lB-6y+z>d^(n)S9nPf%w4ozs;a->9M&)eky7QK7& zq7t|4XywF8!flOd<)HM&*yDZJ; zzSrwx)mLoaCA z2>CUww!L__Bj4k1`|hO#WQ2E-9GsDPwzn226;D|;uhCmqBSw+-ve?PqCBHI+Ilq#` z_lg|NVL4?%SJnNn{ZHMZi{9Q;t?so*2%KxDgXpqd1as7GNBsH%dz$C(n!w>J&}Um- zIc{wVO`#2#GBQqLX~~qU6C;-1ns{lS=7K4(jD}s8{d}@!WbctXEY5ojnA^W_s+R5`|%#IkHQLkgd=g2JNd!!IskRChTJ0ov8CacghZT!Jc zVo9;(D)Rgy922Zk(Rg4+^|UrHO>ckcB4Ci&wq3(;y6+sSc5LNoI|^gA^!mRztS>Bg zf@VB{-=&u^M(V>Xl!0;c%Lh@beB+j6J5Dq2mdb}xt?~E(w?(Ef^|0}{QOuakWh~K} zo!}I_eY&VQpwDDRKv4v-r`hY*d2YUp`oJ>wI=H?pIcC9|I??o-2bZwDNN3*jt1pk_ zm#SvYrKVMjWWS+l`e@ueQ?~d<<-_3}Q_5{4z16Ee-NL&zgX+V4)H7V~79X&mby&r$vU{@kOHFXk<~=-X_Tn`UiX`tP60=XVNC3=h{4`G}hLz3mI`KvA-v zyFv$S0@}!D-ujQUd)-qF3Yr`-vWEFx^7onrflB!FcR@L0Koe*zW2g!y!pX&O-r;Qv zwO-e&4Jpo?xBD=UcT`a}Kq}CS*HWWwG-g-&{3yCpNcLrZ!0YV|rA6tJO=9rX*-ykZ zcTA?5z)b4~^x{o**kt?%cdiX^J%6+y2pNy?BN~*!){oCiPDoeBIWEx0lXd}@NPe53 zNE?L2PZjHTt<=j&+0-hY65Et96Wd=5BWQEkt5KdPdZ|J&w4`E<;X<9g&zUUQMbS0_ zuJX?B9+p4YdHCj20=}(VU77_Uy3m&?Xk1L_=$z6O492jkg-4FO&(>Z?h!*eO`Q!zx zV__uAwAZzC&sfMMZd+F!$syIrQg6y!#={`B2|CMt%ku$R=$jkv(0&mUU-5Y2$s$CG zX@1e|)dHU32fu{W-N7eXOTzQ9x{a~=P^oZFgdc>UgVTMWxcy3~t>gKvz~b5tRgRE0 z=bstfbC)c@8pJv>i+Vc*6g!TOWe0Jo)f?M{w{3$YHt^w&)ySu z6S1IzlOKN-=gIeN^w$)*_`}&?@lp3<%nY*6zjsjvVr1}-QT-Y=7{k<+#x5U(%Rkw% z2**wQh_=!cZztSB%y+FIW%Z;v^)acd#qx`GGFPi*K3$RT{q1BF-y-mOkDkNnf6feJ zTZXjN8-5xQCmO`Lb=z=-0kF9 zsu}4N#moz*v!4w0`>q3aZrNX5@&a#9k%CIo9jj%qW4 zUHf(%NcBTXb0V^?o|0f^$0PCwp#M&fw4Z!erxf2&iqE~=q^Rb;?^VKo_UO_u6?(17 zDreb~OWWmj2lI|jx^+{Gk5i)^cZcW08J~&yySfyu8K2b^dJn#t%;$nGo3eI#1`%jG zKvf7>g37hX+aWGdVjn3@V$+8vP8;(hZfX{8om4A@+{y_w>D)zJ3brd!>(5S&Z2EFVX``)}VT6CjI7k8J>h@KuwWFzeA_gnd1*L3KS-lBDT{(+y~H@ z;Ak*tF?o4+R2{UC7rf@5cu;P&xwB2-l17rH|uRUjUe9hyQa@^%;qgx^+ z%XYWoFS z$f_~!-%U@Jp$(J}mY;bBEWvJ^5W_um3QjZ&%;R;GN+4i{_!z{La@hfEC693Vx%;5E za=S3+PDyhkK+A8Rm z#ly_D0IuHMZI43)6FG|(3ToZBUrURr3Y#>m{hcAQ?meKxv{!FP_Wx@`aMkMnZ3xWP z^cYl7)~{39Tr#JAtw6WxmG-U=ZbaCIIDtp;b5ANIA9h?yfjrEqi!2R?U6O4%DB$Q2&Wlmi2KEU zaJQz@hjJgfCEw@C2r4}gcZ}4^GHab4$d>2QQrvm*wR6tX?ARnV>ulGj@OwZ`{>nvag@^EMJao`SE{8eDDrf@{&|8UHnl zO~<2;nJ4p^t#3)Z`DdC_e5&fk%Ac#C+dRV}A|Zvs#>u<@jKnS_6=Ni01kT+_*7L8{ z6RE34OFK#o!)sc3DZL!sb_b;2yG}#*cr4RA?<}3d^>q2wsr#NJ1ET+=UT`ndid`LH z_%5}+fuZ_bO(alIRX6+iwp0O0pZOQHjHC%zLi6O>4L(C?%S@-*B>5!^Z{Do(ivGvGM1?QZLcqLz^qnLyU9@v8nk>27 z(F@ih9+@?K@c3@$o}@>i8C&l7#7v+VDR>N#&eQ7KaI)hubg$$c?SL18O!?i7SOz*w z%LjyCmw8`f^>4q91?0HPlfjGRMGW6_Wt4Pc<1~m)nQ*Y+G*B}*{T|sO>CGc zPh;|Prq><`-boa?{R?+mdK8Qe^#GnPjAVgIy3KsP0shRw4&e%GYCj{73dM9g|! z=)SV0Gstn+($>poGx4Wwcy0kVNK0)CCU|Wwtut55SwD)*jDh7%)qx&<+R^BnlaYjD z2viJt^_R8CAI)#Ivn_ZIp<)+f5}eWTFb^-~e$J*H@b|gLPC#M-C(CHLl(1+K?jBEb0es{JHPlo(#ml)r_+h!pW6)I`PPV#^vQ(I&P`28{i#OA@6!jWXH^;!9Ez89pe#7fJ3x9E2o zrdS6h{kMoN13Gp_vqJjInevA(^FL9!V)K;}r)L#}Xn0_-jc&a8KkD8(D$8yA9#=}F z3`CR?L>fWq4v`L#loCad?vfS(5tMEurKDR*0YSP!LQ=XLq~W(7?>*<9bM<___utl5lOq8BanZJ1Q1EqDwN! zK-yVMu{rEE{_jUgtBAIQ`z?JI49dGiJn2oZVw8o_(fNAe`1RsP|tR;bt@{dO@2=r2TE?g`6B@ z$b*a?w)nv1YvP#Ni8wDhaq*ls&m!SJZl~*m!q4#k2ExC_Xx#_=G4$_gLaKG*<(b{v zxLf#K#~)7Bp&p8;3BGuDzLIk7Dgq9vv)LDQIDf$v++pm7KK_-@Ro>GnybR0tJtm>! z_I)zZY|m4NJCubUs2MYt36eRTiLHh(wbg=K>22(y>Mj+7wdfx z@$QNtqXnCn8dZkAOHi|yROi#He*qGZTv@(hm6c)oPU#Ecns_kRZlgmZf2PPP7<9Jt ztL}4+3z08zUa%hsdlGa!*sDae^XF5&PYdqn`;Jaf2kcq~aDBLV+Zit{4r$tTFpaSU zopQJ{aCIiaF6T!OScXQWO9%dgc?ydEI@cCNbr}ORUUdh9)??8Kl+52LndN7vnPW2m>yz;@g zW#}-{WgEJdkXL(<nZA5`So5w=(>uOI$P5v_Iea?+J^~WB(V*xlT$?9zQ|oDCcO4}-a01`!pFSB zwPiXzBz)8tlUP?xYnkxY-qt@tshPKM6~2lPI4!7e%MNbO; zeX`K4$dK-uBEudX2MQN~#0PjkQDpVESXcXvCRz(W%c(dAcubfLms*;|p=&$ucs}Bn z9e>RN8>P=*oj0S2vjYojKnjDNkY4hw-hW7@LYvniWhbrb$O^?ie|f^YWRS>?7uUl7 zn$y7T=ak2eTXW-J3|$kZX^M3^kmtLMA70{l&(&~Ff1}r&KWa~)-S&px+Yrkn_M8ZX z-gQz>HKPdb@Z8?h6^!jLM-S1fo_)PGOZf0v;=MDUjntnvp|_k9{Mb_i9m5$FSq;9w z(VwdWdNqYj>kgg`2q)V46Jy@PnvTiLT64YZg0~k|gE`-o7F?r|l|gn}2aT-a6jf9{ zT0c6~ds$~rrtIbM3oppC7OJ4TsFT^zJD#dY?`di2ul!|UvL;DU8^x?aj)g4LX$i{db#(SlTCyQ3nS*B%0o;2)(58a(;Q()8SGT7 z>Bxhdt2#qxMIQ~&IPR=0hlV|_AS69;o#?zU(+V ziORGalcfs~aB$II6;N!NeJr`i^E+TT2&uoO3-c@Shh^e2>Rl}XO?{Cr0cr)nu7NOST zrNPw9*Va5DHy>)yRDL%nZ(FDJ){aDcnLkZYRn1;ZeQcUQS_V$-{3HEoM} zCwbPh1<((W1O>9lxZh}t{jo7y2;a5K zJgbyLa1YdHC`(in#vSx5C>!vu$BNr4`b1L%1AQY^Z+<0l#bWLw%>PPt?Sp=0UyeCN z!Ai81zjg0ncxw!|qEab?h0q&r;jnP-mc|WX3KFTS5nvlS^tPiEZ*p=IJHF83lK*PX zm02VDrdaQFDQ@Ou^9Thw0YmJgkA1N$?MV9)hV3+ z+yjsrfPWo5;Rcnm$GT0LJN{w%{Pp|dp6m}qRD94D-aa2}yUb2HO>|l~96URXJZy?T z%}Kf5*S@NpeFmGxo$>4=P2o=L$1%}lA;4R11Zp-Z!yWrD?rHW=EhD+Qv$TJA?7ZL= zt%}cHI|=F2jr*)@fA#DP70wH&=y4I?>+WkTzkSn3gsjs5!X!YFcW6x;~) znYY2~8FE6VZ!37dpRt5N@^?wIR6faNffF1Jiu|yey!f=8`g&3{@kRDxDx=gde%rpP z&(VX0uAY5g#)Ht!&#@OHj-Kzp(KFr_sIKYwABDkukJtE$M8bKLfxSn*=yRHAhTI;DzivgouFnJI`CN-t{?;wVXJ|(Ao9d*EydlXz?97;Z zEq@}Fa{}1kIE&HO_rBq6HGi!jqt77d=OI5RnERt%?LwUti+jRjj+c241u8)>|G&IT zBJ|wFV7JkLUPwM446C^7J|p5zX97(a{_sWy-T)U;v~%(;Adq6i{29)ZoC5Ml)Sw3_6MK+DG2yb(M_GE7tqoJN|nlY!4E z6YyS6Ls7TIW}woY^dLdbXnC_7RHy~eXHYsM{my&FPWDj)TBY~jd9EN$098upl}S*g zusNZe7r-UvXf46_FBxAe$v-6?Y$5Sl>kQ}Uvm`j%0&SbL^Js#rU7ho;``fHV+%z8dP;jK^CY%?pEe=i zljlWqJ>Jvb1FNtpL<|X-e)CjQh|4s1f=+~D3|QttvUYGVe%6j~7_7=rto540zP`Ts zA@Vhk^^A=E&=ta4?$0eiSjxL8v2y1Gx>a&Ft4&U$$Rykj6tceF`A!u3GgBfco*zP2 zL%;!K!Mf0CBH)tuj!Fh5%JW*qH@(1s8>O2HGz${lRZivJ_OU8L$I{q} z2mbVZ7%U$8;KD6*k7Lg=7aywdSNxNrn>WC7aAxn}H~PQuJKYz~KafCwa6==Dfy(?{dmM1t2*?jq5<5V7(_*HUv(FD8gJuoaw4HQAn631W?bisiGhr4hT=iOeP_>R_3B- z&07BR_1;90Gdtdvr9j2&@f5dS#?&()yrgQOGW6j2S)QdEPYg!Ub{$4OjxlTeX-kPb z3=-R5ur8R{H&r?>mTCVdvj5%-p;NAs zbK1JX&w8fKDfff-%IMq-856@1W6ba|yhX9UzEA+#TxS{C7}25(EQTW5qg>)dfI{YF8NRBicDl()*tQ6G>pO(d*mFGh|xGtxB zwgeTp84Rkp@SkiT1s`5z9w+MW?(WY)47qgX=cb}S0e`n(CarRb+=riZ!9J0IKCJFf zfC*Zh@%>(%I)67`jsiiz%|`QhQ)DO7{uBg+m4J|1wMg^wpBpJq5X?_!JA7~dm0f+= z1m!j3K%4#|^38-pG}ohTRR=I5{M6y8lC2(AB_IBu?S3A9p3w7k&|iOE0(1cbXOLSg zVHgc!Gz0K({RvRxalmXaU}O^gkIPzU8xuCRwbp8So8|6iX2`D20+vN}YL zmmx6y<#m4jdRy{Qkdczp@!{SEBr?qa8!sLsJ~S|6Q?@Q+1Ck7w$|%T)c!vV77;!RB zfp|^8P!;$B@lS979}?0u`%wpRJTP&a2LP5rEtI50-4+4~vo2_za+X2y7zFu*2BPl@ z9#WLS=+y}{*E0U(y7$3j{Wov@kBzY4QGF-qrIZpu%{X!$laqT}T&t1ChI})d#PZ7p zJGBp#p1p{A>cF?rD(kGHQJD(mh0U1=mh?#c7nhFJd%b z!3JB=k6=eJ!qj4yr9ujx0Mv+$iXy!;0JN1ZnOOzCtNp#w8rl8KV|KUx zE;9J@1pJJ@M;G2lswE?Actk*jI3I%%4BZP6<;9_9x|SM%>4%j+V_`$iP857_!3sMXNZaOgtpMn-uq| z6o4C2Lv#sPz<`%-x-itj{||92C-28 zmaqcPT|Zsza!e(WEn>EgME1%Ya0x8gTI}!8R^3k~!of0plHH#h_~G~dSpPbwLd*E? zeLKA5UumysVOJe)yj}u46EX)dm2LzQFIW-fV$>`mwikPD)n+f%u?OzomsBxa&Q&1= zYssa|!p7^bF+FE{v5=kR^grw@Z=t#{Yy`Oj+txb#L2%MNa^RK&={QAh<$gxXK0wG} z1ge_1Ra!w)qtjn(vkuL!pG}Gkw5sz6X*#KwnA0rg`zm1g#%vEM&S7VZP&ja2-T`x< zwSdQ1MxayJ?hg}4zwF^Wq_()-QbPJ)gBbpH66FQa=yNom0dU7hiutC(c5x=RP#}ua zJPuLdGYtXP`~l(tk@cF^*cGHFV=l*_XNjt=cg;a0qs`!eKx>?pFP1|qI>MZcCrS`V z*@a|N@mupf4e_dzKXkM_ z_XShLSboI#d9{q~-#>e3X%up>hMAKVpsgVy4X{>n4)-e_5vQM&WWRE$J4QWMo5J+* zUoXY~3aIY;(12{+=IaAtOh4R_I0%5 zDyWDz3_~suF%a`&RzkY08~iQ@wvwf=D<&cUHL2X2!QF5e_aa2A5JWUZJ0}0u6ulGv zsAE2*=v}|T6h4WJS}*j9Kf6VM{XHJMZ4MODak56eNV?2T8)OydrLwheuhO=-nk|d) zcRrzGfIof%kb!(KH@oSaPHa#(A5{+INpWnjE!_@ zG1r#|i}5jcnL!78!szfbD|Sp^qKUD%vyoqgr@ER1so&vPrX$2&Jt(!pKo$GN?u8H+ zb``c?aSvf&gX9z2#;}i<{2TFWbZKQ7g-)Y;b;FURxn)`m5u$Xb2P`h^bI-e5P`ETT zGrx3CxjBXD)eIk%+Mr)S`sVZ{DMY;!W8Kcp;`C!FMvXwRN@whT-w}z_^YL15L=>yr zL=|CU`tmw1btQO+-9)sW;9O6yKU90B?xTiu0I8hCmVcE+NeKTeR62iLQ2+e}xz}^7 zQC8$~aV|oJQqNl!HPdI_rPmEmnj=f^Wa{pnT@i>Izvorw7Y?J(eo9PAVS_(QM%k1= zcUv)VcrU~f4fgph;`R(*HcGgfCZVz=4$XYgB;i%g#J`Y%G9rN<6GV@Hoxn^CiQXLt zNEwyl29lcV>?6QY=OYNLpYSAHP#SDde(V5#f0@;M3RGSJX}(uaaA-2_`gH!d(erO# zV|GCTX~j8FMO%rM+)Mu9V?Zrm9Lkm}O#-*#ESCOG|4GJwJ;8qX)fvY!C}=Qy zp!_|4_q@@jglfWp^BBxtVgATEp0~od))7MUr2dUhg1nF>rb>_iPWii`S$hyZ?TeRR zl91<${PY$moBJi^JbW%o*Y8D^TvkCwGtA6uGCbY0ND z?yTAEP-&ZYM{3-_;rp{r;WKrEXzskB*tIWlU(2U~T|fg}&XUXb-IA)Ko2}RF9-3(1 zq4r{VMG({A#X}OX=GyfVWLqrJpx$BZg*ts!ZO;Gg0ITLDb!6Le?{m*!J9&$fSl-Pt z1*Q5{2NTHS2MX8Th1whMA@0PtMdMZ;_*(p55hB47C5o1i{8W+hmQfCk!ofVQlvnkL zr_Y1=T)QFSFQ5I8AwLa>)jMUe;23#a^!;^9auYcW_Tq{7C+u!ak115@M4tIMnwHO} z-u8Mm?GuZmVopnuC18-mLuBW+pn6@QM^u2Uy$3}lUE?9wvEYvt{?Rmgx5M2bDms#g zJ9PKo(JEbktfY{h-sP1mNjFa|OGu^l^=qUL)00lU(B|Y!CE5|i@<64FL5;ch@7%HJ zx|{E|_~~h%(Q3z@vw%Q+$G2JM80&|N>s&uf0itnTIa+T}cgik_vZ7P_@Tf76LLlBJ zF_0}_h2++w=N)ND3==X@eZskFml`Z$w__zp(BEmV=4w|7#N3R8Th=^OwE-MT*{z06 zFKufz*H>$?hNO(@?_#^)XH|6eZ@`S(cWxgX172UgNv~wXvE8zLm7w2=jO=rgEjG``6!LZUGb|vapfpTuuaqA?GB^pMrynth@U!*c3$Ye|L1-QrAl_nT>X}{B+u*t z+@q$Ns6DqBVJ2UsQn~__>3yC6S1yU%mO}`(Extw7gD ztAEjEu9Lz_le35rNXYnhuV{(iCoOPv8;*oyr=2&k7 z+jGR;LU&`T>4$4usQmF)UCXOm-=WX%5(md$qt)O{73stKiV@xDpYUdTcF$X;T6~*d zkXM3bV<)ReMiSW@S}XwB^;La2W*QWtK6~9`tNXyAI4alhnbd0j3TxMsay9=t@Sg+Q za@H|gmE?8A7VgS%CZQjGnE!IIXJDmdL@ITgp_!FFXGe3Avov{~V5?*%xSp^}XgXRZ zEq-V@!jexzJ5mjqzHF+A?PqHF8J*DcT)zJ)6io8xzx76uIXo2DoVH8k z8@#gLr(wRw*F?0>9)KahVVybTj8I`xK)iZPQt}S>qu}vw(om?yr{dcKGEF!9h&ex; ze#L1vJhy2`KKLbh+JLe^dc0s*Kr16Gs;_BPD(v1(Ch1#owMz(WB9eb)d7lc7N2U+v)2L-#7l~2dGw{^!B-0 zMgejo1|=(4wgqI__=XJ=NS&VgzHj8`Fdb9^Q}k}B%r}=hCkVp0nhLqiO zWY+_ZcWO){-Y05809Qu6UM;~*WR!41!(nYX#g6wib|`^6sJSW8o&M>5E!ISp|h z6$qGN*N&~|p=^N(8`ZNtbWsYj*R~;yj?DH{_YieZEKWz$^6~+z$6b$64L9*i%?Y0d*mMZyykcqZh|gXpJjVb6`Q*r(y=_Y!7pB* zlo&>UrAP>PJRG?2WC(?n(eTng8pwNWH+X#{jgnHPwj2?im#fiwrQPk$&4KYVgiT33 zFzwn_0ZwhnRki5n?XDVWDP6#j~lt>pZ6N7Phvg zu?bQqWW>LdV9j}ue@CWT1Hr|YH0R3irAd?l-kt)YU4a$%m3uPd?Oss9UiLj%gP8DI zF8iHin&v#rHPyLbH-u*RV{>BBUw0ekXx=*jLA`Bns&4){Fv?wMERr7|z+K_fGJ3Lx zjFPucDNpUYNis>HED&oo3wia{bc%XcdaP!15iCq46!)%DjDA6n#VAYZ3Dg&kj7d&M zuyJ@uTYi*|BGO%S0+6`OXwW~yW@nC-TCJ(b)lwjdYs}hS`stRJK@2YErwBRo6jD4S zZ%^bRc9bLO=+k;j_4^}pNtQgV9o_F5GO%i&!FbZH;8fcnW(Mx!cxcx8h)mGMb{*mi z+t@RJ3^oE>VnQ6v{%Z9@@I&U|xj4qr8X)*O-$sr@2!>N1V#Qp%eok{nN!YLW{xB6O z|96zGa+g8ji)KoFM@=|3C#_Me(}45$EAvKQ&u4V1K1|Xx8~ymrY~kZk(?TjK+kQ!Q zvT$i_5-&@($guzTGwglk3jY;}usDaAtKW(YL-?~k!{0JZJd0qt-B_pEVk;@WcH^L} zbaFmC>g&CZfX%CQdvO&`J?;FsojJn&T8H?!Th2g%Y6MooWWk;utOQ{_)_<);afhJH zA6@|e{;Nxp$g1E{XDJ?)el5_GE+JAwCds`M4$|s2^or&*U*R~iTA!$Mg*oK+eki8w z#$L^tE8-ciZuZfBi8zF^822%1s~5DN;opTCR_d9q*!Dti3NTcTKdwoYb}17}${wP+ z4SWgDJDuCccklz-)SkRo!edQ|bD!N6&g?K2Uoq~@7*8UTyuFFNn-_bPrf}`F{=_715B)<(?$<2C41cP--j4^Hh15$m>j>= zab1*K-ki(ja`r5`je(8Fx_t^3UUkcnX&HXG z8GFIUt!`<`JsUL93`f~`fsy#PTrWVwdHP)vUyUO3{3Qjj1>BhRRITx=_tEp(jQZZ^ z${Ll<`~Egf(UTh^@iS-BWZ99^_U6A592Iq|B$>4 zqgyR#A^_iYRUEgyoHJ1J5+n0z49-uH+6{c3we_n9Nnb)dt9IJO43+HYjwIpGTEDzw zAp_B>cYV*W1}(11jl<@#%2LGeQhXNYIug%_SzyQLIZ0+9plVLKo#%SwIHDI~S1|Xf z{8C)~9B{bkEwq z7sWd?7g@bO`5M7qf@-7snA`O)^*bFOAFRH{cyTWr>dFriXCCgBB$od}5?R`t z70Erch91rZ$%-uo^7=;^Rlqt7dUlowhl6kWegX3dej28gcJ*R$k%)*m(VUW84r+C; zusGA41di6r*%$Gw`u;7~2cKoFQ?Sj4O6`aJ0N;yc8|Lxc%3d*E0yc|fu80K{?ak&DcMJ4W) z<1@HKHxL1h?rS8~BexpI;jke}fy*;q@k#g%JO45dp5lo5pl9HphE>4Ig8Cm_=eGg0UR?^uQP}_^=aD&5K{JoZ5 zzSMQDTiSDHs4XlXRX)QL^CKcy0)H-!G3ec8!`>wb2akZrlf3O8O8-@E-JpnK!mXv&F%(Fpb=WF zWqUT{@{~Tgnr#i^X{a~+7PiwSs6Cw|kONsF%CdYy%jnNmRGA56?X1iINyK;e-bf<4=97pz7N8ZAzYCl_48Ov{d(R zGwh_CUU5~t>F-w+QZZH>zcI=_v734*d*(r&)wGnhXA}{AB$uVmqlw#S)R)E9AP(<8 zF{A3)uiJYw@vKAk<5{;=m?`E{L0ZK|deeQLvCu)rB)rkQR*!z6&~_TJnX6>lUhFS9 zX()Zdc;S~C2B~YvSx+D72ref3%}}?$Fi+?ad%U9x&Su|12U(=|5M&juRlIRokMFmD zoLejL;|fX1S1||En0w)fKZ#o&nOBPqV-w^{4y@@X)V(dR`A?yZ1k-RF(z7RoyR zE4Qy3sx^>U%RH(SC~*Muk%zSRpbLi;ruRacuvuS>8;#n+ZYp{l!^re`9|q*EWBj*z z8t-mQ7X(3SY4cS~pY>hcSjAQM3z2(2mSOVi(iv9$_AOElYP-9SQlq7uj741{SlA^r zd@h}7BRmiWsOsp`f|LFP$AJBqbGkWiug%y)r)7dj=7o^(eL)>&H3Nb50nFl-iv#Kz&@0tj)9oAnxqBh)nI7v1gNhp8;NvSW>F!@Z;;; zjB{K_58VS~*h5JCzGsU$kQ}FCpgOzjAOCE^$31E#T|R2?R!$O|rW*B}^`ja80B7Y~ z+~%j1&*IbIrgdMDmf?AEUDMxRzVkk@kK}6Gbk8(^oo3?VH)dM&czbvZzFG1ZIY66M zv$NdR*v)*fF)Pk7pxCGv%ciIX+C*%N9E$fxQ%rC^s0H1)8qTP8F>=26(B)-(imPZY zsRnh9crfcp1;g9@x@~07+3JSadCq@Yq$TFW5*5ebMkQ_A1oO7EkM{iXq56wheR6m0 z+muLyn3(?|4oEP`3){ba`5`74gOfw?#+Arh^8?+Jj>r@Wd zdn+)tv2k;ddDK7bj6@;&UIL?~yk4++V|O|lJY-c4o*Q0P7vl=F;mXZ%O964nVJ8Iin5Iqci9)IOrSrk{R*CCnF_2Lo2Ejks>D*#;Ksu|rxgvqbq?S|mpkui zYT;+Sre{$t6`|R}^mEKYE!By#j4RISSG6SsfUYw@UH57v1XEn(CPhdM68f_S4^W}xKa)wfnJL;Kc1ZYNF(7@|b z63IFr|HEniiA%`8K_Ng1@y$OR@O@Zh5VS1c>F)^;fCPlZse5kwAxD{D=x5TONdC`@ zabAL1-iU{A*fdMK>LI;K7A@o@HWd%9|B8G3@z{jUVuhBsdtEFVSNP*wzhER#1m8{g z`bASh!QPJI|M*p8Xmgs4s5}vO{~NIS^NA<0VRx3vN5_-d{_`@DpF^=>nmQdT{m<`O zJ{o;aleX<%Ksn_2^|4pNZ&@`WBh;;b#YQST3 z=etujpffR0g-l$$FHWkAqI$ea1)=LYK-Xblf{d_mQ(#7k0x(oAR=9Eyg85wt6tETDBYGUnGuB(#pHgegNG_l~YO8NJAI7tm!wQ}X_L7t_1ehF~{^P<2Yw zOr%Y-5Qi+??qo@Yd>v84p%2-uar_$eO7F=ba#d(r))Ca%Et_CH1eD_tK=luP3xj8q z{92jXB5#WzBOf_ln?~jGKrW*I2f>7w0Ib9oS966uFbZ_)u&T5!GVI;@ZXdiC($=uq z^wBPAmXTp6Xpb}m|IbJN=boT-J)J5_?>c$0;*PMeI~yQS<#x;Ty_u>3nmdSI*o3g* zCC7KTC8Xk9_YDykPj9+8j0JE@r*ts5Y6f^)fh3|Wy%qe0C1LfFr6ZVN*$A}7;Qmd4 zMw@E|m+FSHH&`l2&bG& z|N8vhCkP*@Cr@xPBr}Ex=Os#OgO^qK;W;_Rc!- z>@*fKjiLYM%6;sr8$I_npa-h91VXBWJgWiQ6W3Pow-j~_+1_1j6*O3Y%j zgX_KK0OA^40QA86of{7eWlpFm=|uSoQfs{KPEUYGI9(#``0ur7{w5GVu^X%VaOf*{ z;irJFRF-JJ?k=I{?OrUqct}ZnoKy6<6d)5<-jy)msy0H>Z;}s{bTAN2Iaj1F89N~6 zaI3cfmwXj$ldN|}hcDCxm&%!eL#QIQA^e=(^3(-3%ojpz4?T_F_!m+L^ziIT)fZhf(;Wdr-l+r+Jm2)GrPu#@@p#4m z>BTW2$e-_{^;#U1*oVf}ZgfX9yEJsWohq_#qZOE9juq&=MlN{{^UVk=HJ4Sw?UQSqR`kkbC4wOb77igdt@pC)_D;ewL;6Hk)p)HnyT`H)+{Tt$ zbff0Y*+L2$J$|_(r|-eWQ`l`SPTT_2l>oO!BS{RGj+Qp?@=bL_B0W)+(?4VcfK%f4 z<|eZpnEMz6A9RQX8HeK}2a#*J5^{4+D=FYeO#@I-=%5AS!US9`4-DL3WIQ=IQrCyt+U+1qAR9+kM7!jaaeoX2F3o!nCOW$_0ea#9PN)wZFhn29lj*fB@d%9&(O3 z7Yc@#ZUB#I$k9LxM2L~k2F$&yM*E#I9;}zd*8=jB0ztGJ80C!;=S{!%lw!}X^k|cN zgxT0i*gD=PDV8zy{96Agq6k%rH}rTTqG}*L+o&(gFdiwVmIPeJSY*F_l+J0@#2GG| z4?mP^ZeP7|7*qUY3981+E`ph=xn{gbeWhIno>#gM&BwEXwlzl!HQkIYPux;sPa%HR z;I=FYQGbcw*!#U)?+^Hd&EP(JGnUuhf7m?3Pt!Fiy;(=_mnal!eY%HMhF%mIP>l&6 zQSeBY-2hlhkBGjZ_RNue&DP+&r5!(X4`cYDVF~o z2v}Qs;PsOdv^fSsvuc@<$$-UenOgN5_ny_Fh5c}lC3&?*QDsIHhuR}Kz8U3z)lEiK zhDIu3C(Z!zWvSd>LpmU*t9_;ZN^l;B0MeZ@U zfDIf${)n>`DiE>0QR4eff##jKNfl!);~}Vl^u&w zdgZzQvb!-o(Y9V&E6`o&d|50kQH+ zAjOKlM?AH4Xu+b5a_%5x~7S0J(iY_#6I~8N-0ChP` z&1(btbsWn?57&oH! zH#ODy%L&#LS^1>7#m4J*u5&m!&;P~uJh(I2TY;j_J{;QU<|RNjC5$h zo@VVa-{l(|h>2{yM0#B6+I9jXUud4@5A7>|7-Ov#kJ!UtEH{mPeB zot(n`9`UaGbQ@TR``0mN#_Ga5(bv}-Y$@OVYnhJR2*`X=ke+wz$iI8ulFDDl40au} zev`#NhU~qDXlTAX>d7!?oMG)6w2xzpQUUlq;^9|wgbtE(QoieWt|BQ_YEuZ!!J;zs z&$B% z_xDr*)_34M9tQS|9kbuyFxPrtUo>+hxVeb5)=03;+02FqBJ9Cb-}@Ya1Ah%J?L`k_YeD0uO6Yz8y8dJGe2&3phtq>X~*vjRd!=TKaEM2KGx*r3;C2ep1V`b z%A(f1#m~@eo?Uueg=L?y@T&NW+>=-_Ikz-wGMPk;fJsjE_wshX>9d{SCs;q`bt5RE zOoWbdWsoXF>Tnry#dvYz=wLsN&Vm~4?8Q()AIYk%bF-3{ON3{c`yZUm8F!fLO!TQ6 zaOi*>&mvwQ3IeZ*=`-pxnttuY$H9V5-NV4L`)+46}a`a#y)los!;WKa?(G zY6fZ64AD|EL`TxSVf8J_kn}5$oVbh1N}Nq}RENL;quw?v$X}p+;0!inkGK!?#I>bX}sR#)&#QNvHknY z2*2f)!K~E8sv_%`bz(owSGd2{x#Yrd%c2D?n{FnD$Zg$aYbS*ET@GUiXkf}Lv;5Wx^ka0Q)fO$mhr4mDTSKHK`Qol;<${v9(QQ!-3C576yly= zS_sJ*<>?J%hThNO$p{oqWCpd4kR~0v#;S{?QCXc1 ztDW`kueE+oYomflRGGJ_Mm3I773- zS<4<2QICLRQ7Pxc;CK?J|Ytq<*5%5|bNA)qT~=zdu!A1o;)-6 z{#1XdQ?IfrRdx_Z9MTRHh@a_yaN1`cq4rI6F&}7rFu6MSai3D`4JHKfh-XsWrk@^i z;luK|t!GC)ayzrd`vUi|=9vxX{7C_9|KHI}R(4VV)t%(zIaS0ss zn~U)$hx#`Hh9ZGw$eal^_h+cp0Cp(Ct{_7#TT;2>D;&8hA$ib$~-)r%x#JaTfQ<}ue6#|iLT z6~mdd7VM*Po$F*eCQC+|C+c30WW+dcH0cm^9NBR&Q19kPGLIh7J)L@?-A{mjNg0{@ zu|o=SG*|wQ8wf>ut}E#%XQ4Oqwc+>8q46+a`F=CEo9h&oIYg~8)sb#QJl>zW+C>4` zdCaZmEY0rrny*jocg}OXOSd4Y_8-H`_1pxBs)~%s%eBW9m4FMpG912)es_ieI+CLzk;E}7iZZih*;59HBoU zqKQ>bMF~kr_Ydu!Q4J47K2YI`KWnzk84^|Q@zlo0ph2Qsunk`>>MMm=12~nuj#95v zg`s(EFzI9X=`xmv_u> z`p<%k3FoV*!R$^`@P^jd|FOKdV?K~4yj4OfXL%%6t5@(FM%WFwW+|eY?ebQk=zsO~ z`r&j1*{z-}i2ySGFKEKyfApuH`aAD|%5}+=H7qbP{f%=R+^)B}pUs~0RM}b_0t(CE z%Y#m{v-V7p1K2vLI9S(y^xN=m5Bf;*UT(c45i|l(c;T}Qc;XpO=8tAdKP^93LXT8w ze1HmBK~wJ)$E%9u?QXy@n0?^y2R|2BjNd7tTZyI?vYo1IEmF`)<=fcPq>PVpZE~er zIyaRUY)Cp>XdOYDF$qcGs_(_+HN(N8^f5Wju68ui`GnONA9jlI`jMZ!sEdnXCT}4k zDI*aH_Ii*w>B<#9lHIYFm6=ET+ad7LxvaQ)b{N~o)HORkqZx;zV_&|z(qK9ad2NvY zz}ksnG>!k*`-p`MzpE6L$U`{y8Xi{mkaRfXSs8JmN2z0H*{-BZkCT5%?dob^>fARbJ%dML zuw(e$;HLOVYk%|S7;bA5HBhkGi=zL$(Gh$1flX@JXx*Ktc`;`JT%+aY?q{g#=6+8S z`vsSadYmgY|JBESI!NnwFV&hxuNO2MO!3UhF#+!?fh?4qr8{@3D&#~bw0KOCYpxuF zsc(R&DfrketxEE!>Yf|xc<8*-^RKS8;rB!5t(T;J3?M~edWjuvWUdV=?u6r9qBjN*KR5KEyUtef;oivJ z>4K`dqC>{(QegIMi^r>T5^rRk5P@qAZ1FO|}p^}j`7V3)$1+>A$gjgzMltD)l z1L%Wx_FCs&3ZbUMq>4_Ac8;FFyBkj{e)d~6^L4!bXi{tNDi_s?ZAKcZVez}!E8HIg zKHu~C=(2sBz#$c?-gjoY~v4|)y|8}WQKK`CyJ2b1!zlPOb{1r!(paE2sCzg+_ zN6Z>u|1&2`Sv|E@-~0QN&tSZ{>2eO(7u<0OW|uH@0PKb#lv6V&$2jRDM>~x)A~6%x zCLRf)`Xsl@u=iynw_=57h$1j+6d*V3aAs{XI=e5gE*wXX7x;6}L<)(k831kHF_BL; znvG5={4A3eZTwjY(z#b}EU-9DqJ`2wd`5Vc=UTTY$4$7i_0_$(NQ?6~UQzn5?U<$Z zV72ls|KN_?`{n^y*ghUHKJWEgin1x6O8&J$v%j3+8ENgtq6w=V#5w~bUHBPW@bM4X zrHcn{4*>BrnSH-91W5J^khU_+X9oXkyZX;Qnuy&U%dne(X2^2^CoYbw zgSRs%i-J?$9gBs8HT{OYLVh1|w!1;g2195jAN-ES#cYoX1cwv0U{J{JOIlORe!Nqr z52V7kUiS;Q?C&0qTWz--LV9_77s`>~Sfib?pfipSpEaj^!T-n3v`=>61EmDqNo4d* zhw%%6A-Z=pN%Tb&-L0%En;=@|?sV~y6qhgMG34gCBP?!uBXvzlG5Tb!_FPF4<;BhE zf>=Y+q9s_xkF#-3Oqlo5-uZ1}U+qdbos|p+#Ls_qys#kB&S_2%g z!lN90c5B70aHS+uI+jC%msZv}JTzB=V^vMFs+jAzs@rhf1}$i`!Y5!t9Dg2@SwA7E zK;U?HGIS^B3?Kor8n@2;rq6J4R;e?^Fpu0c4TWfUK<4N=kR1p%>vAGrnh_iHE300M z#~|wao-!k?bz6I>LWC~jX*3D(DF7@4OopuF{vLY>)b?K>W?-_Q#eT5P;tuB@t z_vBg!+YvSeVBsUPm+^bPo1^-bJFEL&wIokHeP1TcD^d>M{(YxHuBi^?tNFaV>Bt~r zuMGov#ZC0WNDOYLPj{}i;{B#OjgQM@D#r03KJ;oKU!W{$(Hs}4mU6Morz+9cmwlo> zz@Q+5$89qD9xcJ^ED`o}8XhwAwX1hc$hY8@J}YQ_BzOmv%6QG}NU%``{l@-@a`}nd z)}hH*VX3RJ=+VgnOjA71x*QS%)P(TQZ`9BC>^;V9{c3rC>FBM8Gdd`ILpV=8JrLXLbXIFLcPskp)#Mm~XJ*8|o^)Do6oQs(2>&uL6*LjoL&}C{5Q9Sk$JK;KCy- zgX3u$CxU_2{1z^TjUQjiw0|vQ6P&S?n8r#vM!eBwg!HcR+GQa_9qnw8h8RDe^R5NL z#q_hc*q=}HzW12a-HHa@#xTE?*_GeC4RRl-2PEa27nx#L3_w`^;|DQ^2`%Cc^@f;J z4!BBG&@~GOj3h#pXodJRe4;Okd0_YO%Nol2qeos&ClNgSqS1c=n+X6FQNW665%-%S zgRVQNvTvzv7rt70t6i5jLkDnUNW8=EH^>cOh4g6DULVwMHlQHQO;W7Epgg^n%Z6Xy z2OZAeb1QHIlY^TLEW@yC0?{2xD4 zyH{2d*RROIAMeV2<0i7AuE)dt|NObt;0*_|U#0mC1oiLtCtry){l+@tD}Gb2|NFJb zjo~2_P*0-$^Wrs^z^*t6dG=g+N+yx~6Gm_HZdmv<$!2hSkUSBm-f4yoT0>J$LYSXwk@0B7AfJTsOPQ$>(d^b{< zt_H6C8DBCA03MCvvCV)6qm23o6S|QK`v_=1Mht8hmUY5O*9G!*pW%3oS9jXIYlgs6 z;1IpUZC<&M_q2^j4ag~PlAjLA`4O8HzX!N}{iTEN`i6b>JT8i-x=TiQX`$gii z^EtZE8`OgcZ`Y4#wh{TkuEo;g{@9UbDNAc&Agf^+U7NV!q~qH?WBR^50k-@Vhg z{ZA_;gT8Umnqv5s_Hfc=#D-vgq@rZ`!F#pB)M4N}eRv}5UbMasi<6&OsqRw`8DY}i(568?H7f1cxka3LRira#C9i`#&`j^+|J zAb<>FG*cpaj*RcYLSHsMen*N5H zde*mwcytx*%0EKq%vUf=Q5fcKw3tV1Nx>7?7bqk9hbIu2j=T?qR8VO)_-GjHj;cs^ zn!)-(7c@Q}2BgC1n}82YyhG(%{1I;6&k1vvXYWy3YMkJ=p#@ZuYmxthP>%KTh}#=8k$P$hfK0tN&;-2eo#K|2%pRZRudBPGD@ zb2HOq)1;+JF7mb)4q;sJD`@U$DWQ5)n#=%!1LGS;%9IRRdyfXB`mtX{ZD;< z)mHEnzKoR8udHS_9__OHev9_;b)I5nC|Z{{ z5h>V6ge;{i$7*oJ|Hs~UhhyFUeHWpK3MHhJgvcIonkjozvSsgV*-4Tal9kiQibO{C zN*UREZy`H-^Sr40@f^=_|9M@XE8I9C^VQYD6vC3ecQs_+2mh4GIfDMsf?*4v~8~PoIr_Wz(;CYR}Qty9qxNT74}9I=;INv_f9Pjo){;J z17UR4w}xMP#PMn5#p80a#Z8-9wm637zaVD}CzYeQ_kOR#l~b5@mO0k$eNU!Yka(SO z9I_D~{A5pQA*Srt~M|9eC_sJ8w^q{m|*(icB{B`UCc z^rJr1t7jJUkoi=qOU^%$3?L%1b84*{S{-+Cxwaw1od$i!Xk9vCPXa@gC#*)YZJ9;Y zDfQNzJ?MvH%r&&WPTG7lyP-e2r1ni(=e5~z5oXhn5iqJ2HP^2~w#{o8EcvyT|MtX7 zns0%pKXqR6;qXa2*SLI%ttcB%%-z8$PhEc=2?{~6MI{c^MdzIi6*e)XTgDK zY~h9-DV`?LF>9&WVH%w;7h}JBg^(ER%dU-(cVY+>k8MAGcP~|&8(+;U>2xf0-?WML z*(4d?=P24-qBCO~=sf z6G0)us~M=n(omZ0W1yd~BRdl_1OYmm&a)hy4#VPq5RLu5avNfVL*bA)?g+z~xwE_+ zDG+EF7?(Hsas#@Th&txkLE|@X3pDtEtYvI>ZoVCLZ2qL)_b^(=NNsV-Sd!NflVO+T zd#d*OjpO}xq_mq%um&$?682EgT#L=m8N~4c8|6&phgY~KdWeWE`+8iW7!vo>zfZ9L z6tR5nB#EL0H#b;PUr>JTzIh*iM!H)ubZ*FU@k}H-i|C%i>0Z&vM+lna5s8}?2h-&C=R;(YF2FJzFRn zcicr^oMs3Yr#u*SnZFfJrzToC-CkA4rzg^hj3`c5&5jeQ`xs^V>IYoA_HT)^3Zn}o zo5E!_qk<*+ifocvonTY#!8=SvJ;Ac#P>L8eebCh)GylWMCwtZ@=KSY}1s2hxZ*Io7 zhSb2LfBBV7^CL2h@9|vy2|}!_mhVbWt_McD(1+3f<;OlMe3WV{Rq)mw)7pNJYP*KgaiE~>QC`=(5-yn zq*E|&;s=9=1;fO7*5|iC-ne}LRzWsXx_X$SxPUl^14hJilMQ{8Gg!7iTQQr``S^Vq z1CKvsY6NsKc1vJWi6qk80JE3O_l6Gr@$9*c#zO;|+nhSg44ptjU96y6WMa$VQhMMC z)zo1hC|4(Y9sc>%`u|gx_1BTt;3wQdLw14bA@z-fPsSy1K+&v??O_|;qfFF-Jg?WJ zq@+c%rCl#3{^gYB&V8Fu!VY7Lg~%#{1Gk~VV+I#XYU>s4Q}TYvI^~7tz07WXa^A@^ zrS>peQxf*Tkdc8Y7T?|?RDh$ks=rWo7{NGfHC%E&W>qrn0Y0V4!V3fRWp#rhF99{R zrQC5hpj2X2vNX39M*t8CO^+HX_LFvZ1jX)Z=~u(F3~xEQ^Jz)7@7lI0m{aC{+0=cd zc?1C(bB@x#osWm_GBI^EQ!)wG0roGBK|J0jFL2by5FI11eKIkek|Q2_mSBEf7eEks zWm41H^NbJb0a>SoGbRRIs=YPaJB#GcB57B30&NF=3`50jIr?>XR<0nz=XO&&&h9L& zL0o$|CecFA?QuM3z~T23!2s>eR|$!0Ywi^WG{pbre?GjM_l|HAiJ%&NGZ&*?XdURQ zvSV+S4w9*k$Vjsko5|Wkh2MNE98jCedZvMaNH`cDZPw2N^Gv*db3hlF=VDUuH@p>= zLlaO4je#<6uuOV@2NcF{?qmk+Mc2YmXe(dQhx9q?oK8eR+y*OZt76&^@gO<;|N+|_e`8yJZdxEONdB;mY+Qd zq(>dacE$oK^gbvu&Lyu}A?sP7=<|+epW*vSO-WF_D9_bF&42!tN01JPSDmB`$Xj}$ z>7{&oHSCK862$Mg?t`l(7nx5&GsH&9jJgksgD$=oRLVO=dr*nc{evJ54Q2WVJ&gZH zSPwx@!bQDe`N;BD1Y$Xl+39uY*27Whw;O#Tyf91hkTWb;IUqs4;L9HjZ4$nq9b^gNkuSTgcsA=?FzU??*G^=*v*{Uzo1G92Pk`-6=C_rjb~L~Or_PlNGK zrdjKkaTm)v-1?T(q>#%$(3nteu;8DL3(a?>_S^r_=y-JktTJIqvs) z9^IoLbC)Q44s8uD`~S%JI|5CyRUw21)MfW(s&&@-wo&n=bbzOu8lslMq0kboPNM7r z|1Sg*lfr~<)%~3T-mwmFh3hqT%q9W}MzI4($ne!ub);=G)-YS}rJQmKnsohvkZ|Fn;Q^RRN<~O%=QP0`5%Rs+W9t?%{;jQ z6RQcPZL#~7q>i3kW?d&oK(42ex-&Pj>{Q1B>Zm)tovVoEo<18@ck8pFHs#Fg6yObe z;MTW!J3_JSHZ!o+w@PmGh8avt=PfW z4H#uqC`sr6-}zwjl<_Uowi$#j;=J*E@Uhs{yLzbiL8h!MDiLz}XoThLU(Z@G=Itq6#DSpc(X5sln=Vlej ze@{ocBe2{^$q)cncPaP3{$-U#ymLk+*W2Y@t4L-Gn08zre3bZ`jLbDlFhal5q0HKF zf%T<~qJ`EcS`jE~gZ_mIFm?5B6H`=*xKBv+cZp<^rzMr*-BMnbpOi3JIJL;B$iZ^-$q!(LFw-I zco={zxL^(CsMAbC3wUtQ9TKnQBsre^8e9D6(uIcs2oOHz#ZId*hav+P9V2LGGu`Pa zmaA&`=#}OD-u}tX^N(^{7e)NOjH;W~@;;K8@gHf!W}$!5hHpQ8)U7mSsS?3VzMQR> zNa(U>{%J1`QLKeL-Jc$b7Q@0Y1P3@wFrYUbF8Pe~tx1$ONHBlrlccfZgF zd4hBB4Y-0M3>^IJKLUi;09=*<^e3UVFnI9>@J{{<`q&sA89fWaIfl|5fRm^m0D#%$ zX|O!CNY7M*8;_;^k{uTZkQ3l9 z?n?_fXAnr{V6ezWKb@l3dZ~Cusx?l)5W>zbXTl+j$U#B*@g3%Tn4*}v{4s*&V!#MX zO)5((&ETKEDFL6=Lf<3oD{byPkVI!c`pWr{UXE^iub4z!45rBBgam3O`x^gZ-<$0% z=Vh(P8KVAR2Ka4zOb9>uV?;__$|}SxBDM;;;;E$}hui`}11=Bs3%ckae zz*ZE`XO;c{%TgF*K33NrZ`(O?AUcA%o{bR18M(RtOJq@^t>`45Pdgw`OzNBP)#;IR z08t{|yGXE)DV)FC;dkbNu?R=xy9E~gdaphL-@=(H3}brmr@E=2tu-3pW7aNvh$JK+ zHH8VaVNiF1T34U)&`{<4xlv>@d5w)U z3tVHoKNGyK?Mw_kEV537c(J39=C?eJl}87UHP(ScWajIjQA1AkAs`iy;Zn4y*tH78 z{(RZ(m&gv36o}Ef#~2dI8;bem{(PPOL&Cw}ygAV30TV#`UW@}m_#H4}<^k3+@O%~n z=xPX#6a@SkG%5S2u?q?bW*|@f4{4J{fi2)kk_VK8!t`5@;z=ZC9vRM9 zkSBt=mG6D^en`s3?OO1C)eE9%Of=Y<}J0{Z#`<*B2J3~_Yr>dJIr!X z;+;)?Z86gT1^A*#ki?54%b)g&112NDW)?#*qaidgKDotw@=>fJpq6GFV6Xv*;X*^C z8OYTat|Al!6;9|)`3Vm+yBX|%#62tlZH$F@h-3J5X<)-6fCr^Tg|7)xMTePWC_iLd zRB1_$efg&gNx1j|_4FNvC;NQoLxS1cvYQ;j?-c2ad;n{(^l#g^cc~*&vebZ00{Sd+ zRv}h6cE^Q2iMnTTX+Z;sy29al8a^4}-O84=db?2`^~n8Ods#`AERvMdJ+mp+|nJf=K30pxrbA3fvpS7~ICB)%eXC^Ctfs6MTTm?V7 zln2^5VK7I%4L7ETEQ4sSRBp=eaLPRk=4?w3MdovZKv^y^=4bCuKvrkCDH|Cfpax0$ zHHn7VWFcU@R0SoC`g{K2#61WETkkDYtW0qcpf-Sakn<6FEqu~M0_zG8{}TkxWN{$sFBFf% z;e{Nq=9F2V*AnF81v|=|?NGF#+(j(lTuPNgn?<@zAWYDANVPr3Aj%^ae2D=-@QTrF zo!WWT74T5!kIp>cY|9VMY@2;W+=(>*p4(rqBm-G)3tq7P_VYpq>#xh;dWFb(3uiE{ z-lMGJy5a435gEBxFFSW#rt8$L0R~)Q-x}O{;`jrU_TE{k#hPXb$sph zw%VU?xrmu15pE$w&OxpYwvf}$wl7y6gDSx!$w5!O)bXPx7_(QQT%f(2JBaAQ2@~AF z<5v%;(`(LGa(U~J3_vFkQKU>ciG;onCd56FDg1m@2PGC3#MvhHgep3b>gvGp@i0e& zpPUNF{D{G+NWPoG;x01rg2Mm-A$$gqGXuc^2>-m4rI_?$v8gQ-huPG)7UCHuxeJRk z6%wBzT`)`n3FTgfYe18pZn9zKdTebrMi=QLwk1&AhsSXl?)=RR2<_Ds(+0NRB-<7-( zB$_~T%6|R%NLny`TlOXdlWM+JpFNl*+vEEjb_k3Ts&_(9Kt7GWBlHxAZ1QLr?AIkg zr@J8W;vvg=Wwm`sn9I*_2_#A)-*T|vHnS*(GgW~IEo<|Ac2@ktePTqRjrL zAJ;~z3<4C{y+4G!`~%cTSjUHE#wDJL>u&_PNVECF2OWTkcsNO|;DYFS%UgqE{zd~! z23_20b;~`>+G_f8q|Y2N7H`J!Q+|Fvu|FRlNZ z%jV`x(j3@~Lm@+^0p`5u9r4-!q!y=gQ1QEO2!a%LhdC8BkWS=V^edG(EhC|zEIISW zc8P$Vdb_c53qfZ1Oe)qh&V37FxRO2THyDJ?I07wHp2mnmI3v*Q7_Drc$f~f zF!#MFuE!8QS9ZU#@Yg3+6E!jX^@RLW;ZJ6&A<)$jG!G-QFaV%j zhb8z8Y&)9v_UiJL+8-_oZPej}=a8_kViieHzByUii>?3Jnf@ z8=ZF#8(m>cliLn>DeYtR<6Vpuy*g=?{BFSPY{ z(+?FVu${Q6%3N_sNZ66NLd8kt(4`3Rf$pk7N;#)_8bIg0!Z4rNNdz0Gb;KM|_2v?r z5*fH$G4&rii|Nl-IbK(I2U3lrDjd28-v2Z4U-S8ry{E#7Z7u6bm8DjYc{oOs8ktWjk+>D*IL#NA60dwPE>0Rcct^VIRU9Ojy zr9Gv0F)Hi|@P5m9k0WtiZ$O_f4Jqk>I|?JS0AKO1zC0??eq06x&{2Fj>eZmxz>!eJ zHPa3g34eOU)Q+be!b&ehCt_nwszlg5CCT~tVo!&@n~Y+=OzUTT+a!d6T*^c^MU;Wu z|Jr%8qaN3T3Ul|ZilzCIQs4QdiY1qib(00YpJ9gzZM_ld88CNWJ)tUxha_~pg#qU! zd^c6I7P7$al#1E{PUSlD>|kLwIQ{|{=e=)#c*^%2$$hc|HDe5T`m&Whn=BD*Ftqg zfW4oe3w5b3lDLBda^H^1Gmwl6B*l3e(#vF;PAJY4PB8!2iXF%G8FB_0q%7<#8OUsr z1(Ig?sW>?Ln_v)4Gwf52o`_L9gAz!ey*9Wk;(ZKU#hj4e#toUMHm#Xnmv4z|z@Ll) zDRwmc?8YvE-*&3^gGtB+u$!wCscjExj3<*LCjaDgLrS1NJ*VgEsPt0Azi&LkB^Ew(pQ!+84p2B28~jH??aG zRoAY&=T1huav4!yY`JkWzjW<^)`nva%sNk4TzUmu)+M$sj%z;htQ)UB8iomII@eIb zWJ~GpXc|nMSqei!_HJHS*Lc}vFsejOp>#;mATr?8M$20s7W?4c77tV&^^deAxC3u= zJbl)XF{$2L_xeCju!{$B149feIbW@B0fPI&ts5C?SiIICExXycTi^21daAqsaikXh zJcQeGx%S$gj;vQ>^B|Rd4ky zRdf`t)(PvY03*tHUrUxm{#66gM|FqP!>dxjHrd)-A(c_jAz9B9WO$l?5H@;+f;TPo znV@eL<6J3y`qtSq{8o5q;#WP837ZGQ2TSdChm)micBty+^ROLjiB^k7pL*a8^zvdN zP84FWYA$Ok;H^UL{nP}7Nt^CMUrs8NR6ByNv3MC1?95yMY-sLQ)mfDLKy%+A#ZldS zOb?LstiUB8THbb<1 zBH%$70^;p7q%--zXUQ4g}<`ymR;McE3O|22QP_aasCR|grIev!o;X3sG z#U1`UtdFWs=o^P!&nn2nskX^8YQAIadfU`#VzF_V*ME&!YEFRO!&}}zJ7M&hJjHt@ zYReRRZ-V|^s=YnrUT4no(bI^9isg_~14D_B&~?I}tLPU%8$}Rfv!`wrs*s`{opn?Qjh%8RorE1MyX zUKgyHU!BQ+^G2(OA+|w9?t%{J(~TN^uyBSH#~u~mOefJ=zUrVW;>_LilowFIprBIS z%Pv2!qNS3b35wf{-jgi%-A?erjpNj(j@twz4Zxwji#UhDX%+{;lMZI1wWZdc=`*}y z7+Oy$(S(QI1iSBcq3m>6?CB6kSo;pauW&|@w0wBo<+(v6H$X)>)}Q$>ryAWsEJPRg zM2~;ag#2>pk|%vqKQYKWwcZ61Eesq@10i;LMmaKH@dd7kQB%}-12RrRtTmK5J?lxs z`bPP{^lMxOi_^HC7YmT=-FI5iMilR920dxBX`?&3Q=}&Iuq?)A^Eqx;HxuO8L19Kg z`LbWDz1(#xa3jN#f~j3eNnP+J*ZFnc+#TlJoy$Onggv=VSi}!m5#vMm$g~UuA!yio z!6|nGwYialsoS1J~ya{mn)AzCh35x3fT_=UKIm4 z9cOH3CKjzjuK9y1S)O5oF13%z(dUr7W!|+Wj$xZQ&k5;kvmZ8*Sy=uiC)4Hc@f#1u@~g3!6Snk`7PbySMbbO=GzB_ zMdT|A&)9=?!UNw1FFZbLm@nJm7X$|BFP4N`iB-cS5|YL{HTpc;^ZECU_h9nK*L0aJ zmB9(N%j|DD!^DsPm<_{$_6|8IB(!bl!BM+#10pvICdgB6o2j2Jt)F)N)w&DxdPy{^ z$4)v_K&8ihp-s5hd_hvSf1fI?rrwfqbSLKHGrjFGdV0(rp1P7EAwnNq8&3sU$6+&>A4o=h7e}7TZCu0r1gQh8gR&CP@1jRY|3M%%iX+^zQzC0gijHMMZ!`1>TVbg`3hb8yuXi6<*Sx z&Oqo*!-cX@Q_ZbWIjL|Jg#k+u4#p=nwHEpE{BzeUc|0onkWpC+@gNFAQqq1pcfwIH zlESt_K=r<5SgH^GZ^SZMy4EEtM?-oz+#@-O*NCKia6&6=R z!|Mt3z})j-&vqo?oa|Q#SooI+o_N}%M&queJO>3Yt1^TEcuML~vh;$tHfb9#-4uFH z)|l~xr{8yIZ=FgJIpGk;crs5uhC!)|^s!FrO#LSEJYNbG>e zR6eqKw;lyxfJJ^}2!~?veOMESBYn!t#c(nA*;uV|iJU_-_e+*x<-|Ka+q6CduUP!@ zfpn#GD64xNQP_UqW(Lk!_&pE_IbB#BrpW}+H?kSVg_HPS!@IBC-dzbo*U%X)S9{0#ssFyoi zZX%9>fWk2WQr3MCdTjVwy@jp#PLBvf_vLkol)huE8YBwQPr|#V>=0SC9pLcfI3gpD ze5vlJjh;J1%4<-gl&s<3)dahQf|yA7Bzov7O+iw2*Lisns;w2$E1C)+`nSkQ|zk0%>{4>7mTS>y>`QUASHS1>&nx1 z3SDHvboR}mHJE$IwK5YUvueLyHsh%;xM>#INlD^Vr4#c-F1|p zkG&cHW!e+tGCt?em)e0De+-;$2`jd+_i3acQ#U@!%xl4?TB3+*>)jVLC8u?$Pm@+J z5f?#k-1h{v7|9ATsRd8P55*FeBjw1G{;kK_p1v@mFkzq*IyN?#5KR!{muTts@ceQ7ab-n;^G-bt$-d5enZBIbRT|K~ zGnfBPWycxOhEOEWu20<^$}6a-(=jcZ@KXj#!gRv z6RokD}QbSGt>8&^Vh?ZM>pk5ndp3%bFK`ue`tN6;+c zL8CcypcPRzX@mh@(}#rHuAeZL2qMDLXV3GccMjF6ouo>bd%5X}TFh5o2QIsm4@O{- zw(RZOQx#@p1Gnkiuxq~m0KGaFD<6p%d92I%hC6A8>u^K#v0J5_oxTk zl|`_7g=(eJDQ3~*Z3Y~?2WHRDu`lZM(r_Qk#&E)`OlUM(>pc|XH!u9P@XGK|0kr&u zxM`66@)Osb^O!;8C;xT1jRlHdIUKYdg09>ibr}!6wGVmHE$5b*7n^x8DGn_}ysi;4 zzjt?xrryHwC?iqP*{nlp$3vOjCYcdzO?d1*Hn&zsBr-Vxe`<1Lu5lkRw5gZ7IFv{a z^9rpA_sT}GUezxK+E^^+-nr~b5H$Fi16mYWF9c09P3e$w9N)(0QX|vt5(~KJvzp_h z?k5ttmR|OxhpFCs5;ID#jTFAkx1Yvo9*~fA;ntBGMC5$U!4kJryC#uPJI9^0Zvy)V z>*vdHwJnDH0=vo9c~wLTM&Nk%HX1QW5Npj+qaNtBGoSYN^l0Wr2<%#8RWTdSx(rco z&BM58+y<3kjGDIyVcy|BM}rFt3`IFw*S^=Nwo$AXBn_G@I>)Pg?io`J(b>CKnxnI@ zml-$+Ra5bk)BfcNQCI~@y^yzaP2PI?367a>!$3+{U{9?o)rxS(O74J8v2BWZVF5tc z@i|n7%+%Q|X)X(a*!rk}AgX*;$F^_AQ~h%zt^8|&IoKDnE~D&d=$)@iiZoR+{{V7o#~S}7t(8@j%LAD%fjocme&c=1+9{D%R>s2PPF zi}HYp3cQ-!PmO}npk@1@R?Ez0xG?6+@kv@Q8k)KiC$b~=(r4s{%Hg9nWjAX)6(~v5 zk`uN9by@{6oJ$H}STz)y^xt2cPqm`NtHQb1!{zwGo1EQ1;t_Ki6NZ0;_?SrV=$76I zZ|;BRm`>fxP5G-|)1mu5@1PvT3k-KY_0y^zYK3V$GGzR~8hBMoogPh6U8KZ*Wd4MO z9~<*q@iHn18f!#!uu>}YBO{uP;LfmeyaNZfrXQ#^`z`uDeW^ihLkdZ(?Rj4ecNOxX zLM*-5If@ddf-k$TD{k#0=o`33D-bhZQ++5+^HtwVdN<@^qbw=sL@_j4Pzrc)Vi_8# zU2lH)D;?VHX%KDjchRcAgFZX#?-PRf0kav%QjS&_MvA_#vv%)hMqpd zCFZsoG64*d#SYxF#g!1TV6-Txf@w7)OzjRqc=Q*Xql<{{rXNm18BoCX7flgpQkm1CXZ$uvm@8Q$_Zh@PT z7249Z-pa#nLVC!+t+yB|VtZ)6IPm6+Pr?@r6@mo;)@f!7g2&OuOa)bl=naT0Gq~vV z!Ihy0wf@W;aB``a2?S&XjIzg(G2MHa~pl^?XSfnpa@j|2g zuso&#&gKBy7%Pm{kkN?5#RAciDGbuF$WTe2Sjr~a0&Hmz5!a={oGhd@G|di*cY|9@ z7S!ajaEi&oRFGz%ekKOq*)7AsqB4^QTLBYfI>hNP3c{##k^2b7-n8hrZ@eLA)qM)H zb1Kq7{YefihL|@*=XN6FwU?F=F`GtKW@TRfnHtGIZ#w$(UbdU&Ye#!SWhyaMvII1& z&Z`C-)?>mPpq0u4oqbV@8{x49s4ugWj{uuGT$?#`nE@m+_k!xL@<*rT~HWPQ1E8Luuro1?#SRv+S4WLS& zT%_cO=SfhvLiGk5w$jZY%aw(0tqID~IU_7Yy)_L%Ax`(WOcEWDX`vpbIhz4X(GbhcC7+YK z+p@}klJ3v@Dq$Umvq<tEMSudQ?16uAJJat<}O0_aV`5cUd>9LH+7<{3m*63oeEio;5D!Wy+i192rvtb z;WQ;)GB;*TE}sFR^M%E-wU)#ops6C#G}YXVoi9Hp`SaxxLW1>Hr?+O4^|h30)u9qd zx!jvTr8X3E6vL3PaRfi{avLk^WJuH_1!zt}W}J}WUUGsv25Z2FMTwpf=;DX;C@Wr? z_-xv+e5O!&_0;#!4K_Rb$h`E(PNG7}r8r`y5ab8yCrEylzz}-VVgQ z_4rLp!vIR!Qm78Y*V2HK<44b)#302Ut;<6z2{s~7k&ZSa3wPP_OafuN3tLv0jkRDd6s`bN?dw;^40MvMzwFRWTYK<(P;V`|$ zn=<1$|FN*ToV}*9P4|U7g>`No)&8Tth|f+JC|WRFK|hk=0^{9LKg?Fdf8qv!S_#Qq zk?JSI8hQy?|HlbMIO=IfV5yKY`0!Po;|iy~$SfEh?N_jgeHOfM>0#dEjI}z)^^Oz- z$!1uv74_3YlCd>82d7FZ!R2v%7xrpr&l(h9FKlndQ*?gOSqCp3IjC#kO83xrplKx+LUSXmTZlxGX zMJ+iPXn|_1s^p=R;ahY^!sHah4A0MB)w(IY%%ru)>-*=TxR|!831^Vz?T1-NTa|$E z@}R~&Uy`nlI}60znO-dzylVs}^BFjqDBE~1-L$&HpDGF*mj4^;28Oif%A0hSh&9%N~nLTTG>EtN+fZjX*QXz$%rHdf5U6GT6@ zjPWF@-E+s&8UX%wSRCl?`x0(_rc#->#Xo6Wxn$4m)CXWywy%k?u`B88ZZ~y2F+Loz z`11{>J5NGixgpTevvwE3eyhK}PdbXy4?b0gGmPZ)1w~v}%76-n;Aia805YBCn}dQ! z>XgI&=S_1D?c4X&_XHA9<_v~)(AefC?fVWSMpHgAU3AECCj z$ZsXtgRC?P_5@1)67Kmnb}2xgZ4B4;OMnNV{x$qOGxr>A#Skip~^9B{Db256nDD;zod5-#E*f?;xy2kd|! zya{>_E0`4>@2D%{eQtM9GXsPb;P-T(k02E4&Vh7C)ifiwZQbti8%L$DEoUI0gm&m1 z*tngSK6piMkNM%JQ9eESrVo8bv;Q*-07(rTSAi->c5id>t4%5uW#t$CUsc%53VAF^hJH%` zV|?q71`Im7l^ZEjNa*BF*WvW{>%S5RGXnkL>^>oTmB{;CnbyeX(~jbjqY!|ftnc=F#6j4&(%WT?un@4kfddmMnZ-g zUh>=t*`v39J#a8lyAqFtUO15qN;4NjNUE*H@+%?m0SD&I}oXex!?tT0e|WH1UAg_v@SbEDn&(q!LGJ8ALzTkAS; zew~CTCC6mrP<0$Hs(f>RQM)O86D7_00vp2z&46;XzP%URdK-5eC#cr_0*?gRR1f@B zt$_`Du>g4R3-?76XLMJxm(LTK<5PPqV_fq9^?F!GmH`)R1mgPi$kIswi~zdi;tLE09_2N@>xgs(MfaU1fROl3@>_28mXLVLvOR)JvrD&M{Z+ z+ZK}EcXRZ9=5DSq9?g-pgl&-oW>hgqe|~AP;2YuzDjm9|MC{VL@(80*$_|W;lY#!(>kWO!TE<;I z>qAas09XMV>T#b2LxyK>y~m>~K`{m52rhC3Opmrs6AAACHEod045=zzd5;8>_6~t1xiyRH`RIX8O z5AH;EJ53Yz{aJr3Y(-$=N1+sq-=~J92<#ULx}G~rxC=yl^({o!==HgWNK#1>1TWCE zD!(Tgz&()F%w9cQjxo=&q3Yh0-nVX<;evq2T#oaaXvbR7`rfK4U=3*~HNH6L4H`aq z*Mdfsx;c~$W-oOXh+1ws7!PFFX`+AhOVw=T9sjhJ-`{ffCA7PdCVB<2?kNDWw%X}L zfA4QmvZ-0f^!W|3KAawn=F!E#EfwFY%9SYSB}7F({w(dI=+`( zW#u9T_?37d<%eZ$nTekh178@@i8aN!8QOU(*+xzm#2w6S*;+((eY7tFwLIzpxvWOC zO>fVuLt7pV5yS0{5J1l{_cGW?W)NP}v)n7NU@KY6>>K`m4QMkC$5S_uHpywEMco?v z6h6O2q&z!FgB>=^j_KK%0#RV4dpCz{{Sx$}wylXoyJ0f-R$d42txu&MCnJ3SBhr8V zQnrRye!TNEIS*^{)@Nu>Yx0IGp2-f9Gg`HYFLT8eyl}eUd3p2C6$Eu5a&Ug!5;6aC zUxa`;_0C{p(Bz+iEdD<);NOLo@FS#~&b&DF=Ql$BP+u*)q_5WV7(XUx6woK1^8iqN z(hJ9gnVc2Yr6kj}enfe6{MYuMkC@+B=>vdCs{Iu)Ax8izT52Ll%06DzBxcRO!b3Qd z@fpRO|9oU49)toLcuB#^m1D2|Cg%LVew_dMasE@a`2XC>p|1=Q@@x?}L=Zf|ogX9! z6pPr{qCl6`VgU!)J+m2b@ijqvIXxEx4EQXJDMEbvp>qRaWPrjqG=U2KeKXh(*dRk| zD6DWs8{-yzdyby0KR=os7`7_7*P9@IdpMyQxa=!S4*<){gESOt%@8VwhNF#aPX}y# zaA~naw$SOw@{JyiRL~}m-;Q*IPh*6n(czL-Kq6>cKGZC4!5&F{DepfIDgNt|DC}Y} z1*q&USAoF4Cjas12q(nuw8ub^c0HKD_7i;77~pkcfEpTrp8u+*64-_9Ko;OTsX2(m zXwE{ABhp|K%c8)vN>X+$aVl{L%NRURUd}Vu8XsR)ihvE{w88FhX zAu`^vs4TPT*vrCVsFZjG2Ct3fV)`vC5D@l98$mp$sgg-h1ZxINp@I+A0yKbzzcb948ig&HkeFOApUKjHU%X@;=-X5j`gYp9 z!x6oIwX;?s08y}j(V+g0K~fw^f5hRWvwW7}?|C{wLofGCz9cQ;^i2~Na7G4V@i8K4 zm-!G0mk?QE3vwytp13^LWg)>Lh1lbvqn<~@KQTsfQ!B7z(XtmM1h2wBkA@u)192@S zL`&c;kN)C~_ZF7N<4wt~Xu&^0*e0_H&;|7&?gHjMo4R1C&Yl#nr=c|BF+erHy?H;Q zXz#=81CXzABeno!?VCal|A6@<9e~1?oq5LcouGqIF19t?qAmXydY!Y$)yC$&yRP6H z!PX&M3u<&8I|PXZNE3zUJU2AW*D{G-2UjVZx*mPy^<|I+*B389o0|$ol9ok??Po{i zkqQeK=matqx!c5A1pAJQF_HvQTM0TKUd<#lNM9Pu>6%^I1ToPW!qj_M zQxt)M4{uCMP>@X(;I!H09o`&Cu_lPB=cc-dm zYfr;iIVbctAVE36GzxO{wLsqOG4Elf=a7$4Vh-vkVmpXIm`+cFY<43U#gz(}ff%}r zLIz=IoWW^yr~k5mOB95V`b=&IH)zA;?5wYqkZ3#&1K}KWjw=6vcZY5QWMhh`n~Ke+ zApPNClJVa3+s7R}PVo0An&l)SIX}G{YxXF3Ip7Lf>}1Bd76HHvi~wnZ!VjAj;aL%; z0Ev@UEDh%@dbbCbu~sVMU3r_4BXAIy;Sy5($at`)n)z_tC=)UG@FHCABkmXYi-74) zLoy57uKTvgjpnenFeQ%%{4h;of`)=;1xYm#<=u zn%9b3T^ze}t@TPD%MuMrwCYWs&Vu;nynFn4cj!&WUAhy6_PSl_w@^r29KA6r?!dH= z3epMd^Uyth{GP0!i>-GQE46i`zK+~Ht+pB{Y?>}M5a!?2Ry+g1My5hqTq9A_T{sCe zIQ720tZy-S83&V;-ovi&V?WyMt?U?)n<{@b;u};MQV_fN^40G8EJ?#f)d!oYgz{sr>9w_?#A>y}KU{_?;nOevUy;~vl5DZEx(6B1JLK_le zR@DnrmtyT?N9wz}@Y&Zhp3S6fs!K>eTBIV~`_1^GO6EhhA3JF9uDykH z)qZFmS*9UQkqbbtSdEtY8FRnnCr@>5DR)6uNjz1-?!*Y)Ee29~7$@hXQ#Kz9(EIwE zvWnGSvR@e*9Ou`&J@{)PFLv18tC3xGg%g;#+e9rHft(PRI9zSqRu8-zzAb-@CZARM z2P_{AN&UR?Y=h%V5gIPgscC5s7FaeTc{qh#DrKJ{?ylxs2|t3xSDQEN!97w*)x{c< zGoj2s^32G$&x??UM65Cq+S9MM0;U>k3uCV8OU$|Ra+(*CY(?%yH!wI1b`OYWXj}i2pMoY zS4jFgYfTcprmiHx;9xxt>U%EWdpZEXN%-wgsk_{H+=DUBFCC zy^aWwlI?$Tgp8QCxt`Ay?kNsARf)4h#d(y}PvABiR#Hsgk{1vJ;$)au-ha^s(B%{( zyTCtV(V&mO@zNt?rXO2@;$S`|G1wJHL$0u*e1ekR>Wd^D`Ue(X-QdTI$76O9$O)v7 z=*0l?vn)yOgbK*Wta1DO`AzGNrEhqIoDzxIy_2S(L*v?8$a_UVyx7WE;AO;QGVK!< z_mx@nN8a!ztSvSqhWvKgjNB~}c7mLwu{y!;3T(t3PMlQiql^^Z@#x(1-p4S#xh?^A-N zrVKdNE#VeJf#1fS;Zja8P%i6W^O+UOv$q`!C_q9b5FEK5!U+CGY~pq4EdA=(v!04q zp0qmQv?g6@?!YGC;X1gPtHs)X$F(O)gA(^BP-l?w0V1CyZpaWVe>_@YG~E6632B=~LPK^TQi4moN3)ym3kYTu`bC7=BYC>$K0$LvSy_cYRG4fz0o` z5@Db;{vR~+dk%7WC$fqr@auZ6SU|mxA zsx(lt@3;}F&~N8P9IQxs#ev50$C9^1{Cqij0_MPp_OFZE5Y6RTS;A&o=5rE z1Qda7qti-A6$(*OBsCLM^D#E(9zTAUAfS-82Nm3qDNgKzO94+h_8#UL1)d2+NtnI(R`s?nqiW z4#StMy<*(Y-IBJ4{296k?OiAi-3n%VKE924y&3KoDy_(S+Tu&%r zr~M5l4?bLLR*&W~e^9gm1==H!NU+Z^u#nHnOS7ibemO~&gQ>Nl{#1kG&uJ&pNVrq= z#cT!CJ?cMSdbWFx8@Gm(#{dw5T+KbO{m$B_JUk(kcDWASxiO zq(}=&gGe_@H`0xCgMf7H>vqk#_FQY?JoeA;$M?_oJrthjjxok{=H%H_uJ=EuG?(+c zWj=$j`WW@xH{I&5>g5;0X_(+kNQ8(ZU+)Hid3=%+mjoG$IwmBUT4@yZiMzF`dck!gxNhq7C*mPe<-SenqZT<^g z3{V~>@*PE_&hF9J^o)VYM1R>_Sx2kxq9cf)9v}Me?<)UJuknb=akKx$RR0YU5~U+q zH0>B~wQ0zGF|+`HS<69-4G(;0rcX0ft~T$*YN7_~V4$z1`T(mA?{Y@oF(e{hYCymP zM8nS;v}Vk3{k(l2M-Q|_>AAky<=R_m5a>J75iZ?Ot8Z%XDh5r_V-OH+5=29%FRyYL z$^y~-6qSeSN;7Mf56qZsivTkqR(;<;u!S?wZ6p|+ji?b#e7%1zaFV|FfR=R9p0cR zo0ij$CO$S#amk0tLN0QpJm{ZPiRK0^9CA}c<50_ya}#R4dIEJISLgex{pk?^GB!?N z0tYZyxJSQw zP=rRCc)K(nJ7y&VH4LJK2dJkK^tKyKbdNxNVo!;L$g9lD=E(1}R?=+R~Sy!y} z^lbyR;;UHi?iQaC5J-$W7=@87BQQlhZKk6GRQ9{Tte+RI_L$`0*z~5fqsZ>^S_t&a z?pAcK4Cid!EYpySTk^LNMY{n`j7vLrp-B4%*{g4YIsAtZJxU2&70Y^iPX37uPir663E%owcYgY+519f?$WYL+=6qm;SI<1zn^?23djzw?v zCky%ich}cx@c>Tdd%Tztbe5M>On<26aMDeU3rii?^C_7MDzMh@u}f z*Injb(i|5jdHMscj2mh~q*qmd_Aj$SpT&Z8+V5P)YRDksv|3TW)RC_pvjafGfz=7z zA)b}nkPJq8A&v7@P5nC6mZ68*} ztjAF+-X53<)rdLUo3V=#Erlw%fo#rXby}Ua^qpVh#MUt+*%t;^z6w9gJx{h!!j%oBqnp>?)CyMk>P8gm^&pJhn&ucQ#N32)N0zHv`i=gs@y9NqsnuZ*P1Pb6&vBH+pq)6wN|-@ih#Ay?_O*?Z-g&Rt5zcLdf~8UV;P z03QEHL0_K7lmC>cg2TX@x56@3Sl=)m^}jFJ ze`SX0Fd+mYlgGEaTF);7=F0ygp=ato?ZrI|@aJKE1~tT91cPsDSE;4MT`87+Ut5+c zilI|H7T0RNiXUR&4!k@k=(5d;kRBlK0(nByyG=PRx$6rX% zWYoc5NFQeeYmVIUGUq9E#RCDr8E~WB=RP+`0LRmpV7!!Sg(c7kB86hx(u<->kzSv6 zp#yVb+=Jbz;Bnm!O|_j--7D{J@_greq=nx0U*GY6JTlxjLH=#{qVeGw&ylNdJ~qaH z1QGf;v2kV#Z1J|($SsXjenGf&Gq*V&T5@b8>WwIQMh$C6WR9D}kjq^hzFzL{FW ztf^|;VaUeT*00%+)r_j1+y{qH?A0X)d*l7&1B>=Y z2L85L*{rR$Y2{sjODQHV*;&x)&46E0Em~f}%Q{BLt&|V;!Zy&LP7kSpMHWf@BTOGH zjdxdGkpJuu5_mwgU6i(Mu+NjcZPdKkp)}wjaLiwIThhhtIi41W_MjQxyYyb!RJQsz2V?u6)3 zZS0r!A+xH;oaWF~fIgEp1hwR8CDi(bBwRVd=O$f6^ENkv>vjPRk zqsrURLt>>pLWPuPx|ep$hVYm5zRUg!wJT+aYu_xd6-Fd}p6YkmIM|#O`->T?d|Miz zKDJw%0$3iiuD40Z@t00F?BP4nypZtu{Q$>H(m3Ty5D+NYeEaiBfy-cfzytWcmyy^( zq$(V;d3-k01Z>CwGdZwWa!B)_gCXlBG7vZcn>KpJ>sS+7i`lGAtk=}vkI%wU!wi@_ zbENCINTUx<4wGXAy0*K&VGJ$vP%y1J)&y^BkC9iFEBum~F$XxrJwA-}5hX!kbdQ-I z*ZVESOjz>j-JDxx;o}dSzRUe>6HTxvk%hBr3q4td(am-bj;|v55Fqmqg?sZ|jx!vX zD?p(7NMQMkSlr#2;hdHvh+HdnHmB2t*0qv+1N$qV;3?<)ibm#JibQ}#5}!b={b4~$ zjE!H0dWY#niH}II&DY#3csqHoC@URx)x*qI5`>55Dwe;t;Mu284t$GfMB$X72EPT* zBS+Ka>reDw3HuZdd46id(YnRr2Hj(#?uTw><2aNhUjglWv#cW;XS1(q;j5_90H>(Z z@qBlIb)$5Z+>Zh|<7F#~vcq=6&nUUf2Rb#4F8;hBkbpOMHnI_i_C5-ifge}|u~=@R zhaZDJjum~WYD3Kb+_mwR@MZ@upOMtRsP~a6yZDAI$&3dCo+P$```aRp9lTvv_M%W2 z!(-+r^?r*n3r@VJasFQn&|4!)upOGbU+`0NB_!a8A8a}68)4o`FVIf(X|Ds{4BZBV zwE54!#ALa&moB!&PyzpyjiwP>w7ul0{P19#Y4JVZ_wSNk$&qc!0Gj3ACevVTfQ-qmsV@?s~t~m_z;$YbpK;eR>TN zHM{tB0bgy>zMOZq;n2Vx)1 z%aiu5c+-H1n{TVd-a%ZkVounGd*hMgL%cZD_bL_M9}vwHnM9WP z5wU75k3B}fyRt)_;0uC1^$@v6XA0wJV}FT6C~e8-p(y6n@(XH{CscA#J!eyQ^9Vmx z&}@-01=t>voO)8Gr+_n>WJ5)#1465drRe(LP~hd^xEi3+;^lzQirYx3>0_}ZSTJ)K zk4k54jJ&NrTRGXMyn%|k)_*qZ>`Q5iqV;d*wL73cVZ{FUA)w|`*U+Dk*rPsw-Zejq zEtHDp2EqYAL`bi#b5Q@bcXsuDU`^i6Hy8738OCD$j}oN2U!(*}4(+tR5zncOHnNlu ztY)44xXZEUJwE~xP0HppTRu%b)w-(5{>bTt5Y1V-o=-Vjy}nr@4EDkYbNvCAPAJ2b zyV7`rP$oH@PuqAKSr_&WE$4wk2{b1Uyj#Z=`t4qs;Y@N~--GiNme%gkmDc+_KZo@r z1^t$7)K&*rJc-g2PC(~?wa1teg$d)2?VR~t44%~A-!WNVvkzMo#g?`AQ;i!YRSX^m z687*NV=bR1848O7G5;qc?Vkd}_Wd{Q@zOc0ffYodol7Hz$YeG<`bA7TY|><@#p0dV zNYv4uI7P^!`7!8{y9i}tx)VJ45018mOm(O=7h%b!Pnl6SFZa5ii^yN6?*XCkuCh7@ zmOlOdc88h#TK~%Q{t#Iq!hY(p&#)M=uwDP?vddaqK=9acnf%pLQ^sgts4gp2CiW_HSgk|FR`@th%SvBE3ynOFAVxG5J2VDP8{F(W1#{kjO+5t(G<*B{8jfH4`fs>*wsHeZha9J*a$g=0yKc|&S$ zY-K%)rPPq|OxC%A`p}o$!!*I)8HU+lAn(X;S>DyutJ3E|sS*-j+lF8hoH>paXx(W$ z@36gx!Hn#xqg1qoC}C=HSP_F>>kaRjEw^5BFc&Cm17l5qCSKiLpl|C@A*GuzAQpZA zWO{(YsOFpdH_9QMNGo>41jO6d4jZ4@au)~7Ps`?r_t&8Nw>9RK{=-=$<35+;hQ<@H zR=B$P-AlR`xnglh>E(2BKXCX{g{W;1M815X8h_`n`LuZ;$kJgSj2@h*v@FM~MLFXm zaF`}g~6IPi-2w zMh1)H`LZb5fN|_$^8%jes@#{nJ{NUPYh}95gDz<#{i=*e@j4|P^{D(EKih;CRong3 z$KbwTBtFAkweR*qT{DR_uHcrONEbB0Tw6_wB5;ooDK(qYrZ$TZy^BpHbhjtTK<9V3 zlj)sNM<-Ace?xhDA1n?QmC#@LunY&aAUEqBpYG#B%HqZ_wliWjyIm@puvjA54usaJKc|-JdtXw_L z`&)*Ycj3T7-La;h@#lrE9W08!eTo@c`1z$T%<|96ee$#9&Zt$D`|}I;TBj$s8)sEy z&)B+GM*`Hg)^EI(&OTy{P=+Tj@Gx2{a>$01?AHKHKmq!4=UO2cq+`}m=}=}+~OvNzgE z2enIzcX28r9sP=!?9b3^u?!zPutq+9&8D$aik*b#_pP<+dqu%a@3J!^ls0C5AGCyV zJB*tjac><2pQtMjFK5Qy&m&N;DH^ndhv@Kr)UKr%+7$?&7oRrDs7U98=c0{|j`HPc z%6iWjTzX4^G;uygEBLTJGnzg3$sT=ZmBg%FIZ~k3vWvtUJ#0xb_Dy`5ylW$% zM)XLksWy^LQrYK7Z47x8u~oT+ga>3tbItb6IvHaM*9pEKL)wRN7?rHrVpILaH}R6o zM%^M(tb-)P&wMF{)6C3`iXdwsC|A3dZZ+Cj4mRSSBB_j{A>z(L@%e{spCYvuuXH~* zYLAKHwKV#8D`+b_KUwkaC`?K9D6IzBD91AP+n8a+*QG9c+4pQ{u8&K9E*vVxdnk2G z-wQ>LF`&{mQP14Z?|Ca5waC=ymbW#Wk9N`5V`+Z}`bBtlX-ikY0T;ttcs8vKc7+&T zVpaqK*1M>Vw>M~N$?c(c-dg4^`o(`Alg^yuqXuKNOu6^(z|Ie|>&ZbP_P2&}Tm$)W z2=66c&&8XxPvtm54%8_+GZe(zG}}!@9Mn9uD1Z;br?ORhjQ~S6yMCdbF7OZ?B7Sty^4-q z`@sR$%%lt5zegnfM&CVu@z7~~d=!wgIO}T3*lkF*Enu-`P;i6AztBB;-4W9?Y|=6r z2UT|wN3p(Lr3s(vmX>VkxLV;5#Q3O)#B7zH#{YYg<2U;5;d9=|dJ&PHdyjZ0vNT_A z2ouA~2I{_jY5WyWAQ^zi<FO!2#+bhI7i9)?D zaQ2vHz}MD&xYHvb@mNi?rASIj>=R2=m|7($02du0p3u9H5`;k}(I2m2aa-BbN1907 zBID(Kk`2C$cVi-@if<1Lmx|IpMI9c1V8Kg$pLvWHgz5%Ct|WEy;(_5GRVcw}csn-Y z!`EJ9G=WWTpPc;EBSU31su15V?A5u#ydF>q-pX%9;rSeWTs3A0g(lG60h~VyATLvM zI{g9JB0YiH$K?TmMQ^j;3pfCtUThFyCkI-TBK=U-%$dkZ?Wa2{!~MoY_ubQqaZpw@ z$!3<|Fb-T@3ym;yhJ)!*;xN&in)Z`J%r(&FkhF2Wp)0%K{;SK0jEp)i)@U3D-OG00 zZ~Q_pcEivQ>9E~0esE#5!6Y0-pY+PH4Dx{A8Z{-~B_^1AeD%thz zq3RANLv#aJhmQm6hGQ3w>f=u}BYBSCif_xzJd8H>BBa-@bp3d9ANU<{JC@I4@)z|% ztrB%ozKA;v|9l7lm~J$ zZB!S@m6*?ucBGJS7`_J}U|-A@f<%3eqy_5izkK`928QPDr}q#GZ-dQYl)Z>`cJCIc zbQGsa2ugFKWi3^2ob|C1lou;Ng|K!l;!|EuSvBUPJHl}-g=~q(pfNm59A4C{6Btyu zNTt|#0o|cRVGq;IXLbHZ68_e~;pB7wDPB<7CK+V7ZlFDIZij(l*dV~dI9R8s6YnHm5rUx5 z0EKQi$z78%`6)6ZAF69!yOuQGw!1#n1{*)|IjFiwV}t4 z>n^5oF45Xw2#C`bNpwSKo516WqrDCf)VF4PA@!BES>y zaevP;H%j*B(D4Xj=|G7-R67_!sXZ**%@uXAp z{A&v4%LYB!FF$|eA4sT}a3|JwwT>HRIQCrmf--=T@3s4_UXvP2mUb<-i(VfrjSdF& zG@^ha?0lZQGuI6-+qLGwZ$XXicYmoqH>*kwUe=MO?*{o}WBVD2upgc)uY-`Lt>(cO zRmd+pn!Fd52B8$myO@4$Z&yb@XC>g$`7aFsDA0t4**KjbCq7t_}~4pF|k51mznQB6FQE{O>{w-+tDc}6a%IGoHL zR*4-E$%j(B!LWGBcN8Qa8fza4Xdkts%IlG9^dxX8+|dOCUbry!_T#n)rfG##jpQ1`Vw64D1qE zKXP49DDAP%VqH;CI9zhE|BkdvKPk#qq5yS#BgYiARzEB%HTFm;kHDF$tnsDV1U}Kv zOPlN;4%1kUM6NErf9kSTS6a9)06`n0!V-%|ezsXTOGwVy&W{TAHeNX=H!jP_Y`^8w zU0*X-mz9tQKY(Iz?KLTa;aavBF=|PvKcoW|Gcl&}c~LGI#*q;F)3}f)8jrA1dk&vg zu0A5a>ITaqgTvm54{DH=N1aY-n974=C zccn;@V>TXs^|}MiSxJ1HHqpG!`Xm{Xa4OXiXSYFS(DuKGNPZ8w{{3SOF;ca z%QgEVdjS>=m6jt2K;YVDGTj6f=LZ_8h-Q4hFi}!=iyB8skOW9>56E{h?2z9-o z?vtFxr4=J46YLYnJ|!*Fe}_nd09#foOmA0^r$oyVp7wN zea`^5t~}YiT+-ibz_w27dhC|>SUg+JFvHv&mab6d4%#Z~%VSV+DfMVc+o5mTCYt4W zsxsFz_w%$UnglywDd;J7*sYcA>zU?rHN6`Ols%0s%3rYmK#~3}sqMO)&AEkpF03U7 zPiz4rzUyRjP323=T(K&aLFyhS;lJ5-{y{1wyheT*^*~ml8kscjUGIoTU1$E9rvs$S z1>#-oWWq0Jz1v_=A>M!tUcBwWzcoPN4iq9@xx#Ue`V^{r?&V-?wr{iqpl`tFv;qDP z+oLl~L|0g%=JvM~tWT^k+bmSQiZS^HGe~qU{w{1AT>Ao``)P#~~|nLW;SfCgs}2e`W#P9{LZR zNjS)=ipJ_md-~5qevw=R@>oh)`WOD)toau0+>C7kHo`wjO6UOIY53#g14C#SS&bM=UNUr53l=#;C6zx0} zY=UQ%{W5$F3GdBI=AX`il8)m~W(ff2NXi60B&&e@?&*Hd-M_SE=_?@54L4IV3w#)X zb4ZLch$~aget|U67*r_=C{kIe)Ao8?VTdokG_PU$d*qsD7x8 z5_oC#L3$Uhrt~g&%RHS!^G_UR_j&%5 zZ|H*YvQW@>hg|{ML1G5+Vz-XR!0T^SrEJf5kUajvGWgzH5l}NcA5_-?_%Bg_a{{{$ z1?qjr*z(hzZb*b_{yogJDrnDI(SoGz%2lmNpJ+)=j?1S%dNKqPl^J)8Lj0@K6fd5) z5&AsBx_w_$3;bu@kl@-4t+VhOloSwkAaJ6Pe4&#E%DlEQ+1T{O%oW5U2+#9l_z=?J zj7o@(M<3x=laS#PmP$mj%#B2$FN~HI@lC%K8?guJ0CpYX_<=*Ukpg%Q;eSwY*v)rB zFw^f|SGb|AG6F05aL6`;qnuFuOd;g9@Bj&4>IAxXB&pT}X_-Wt4WfZJjzZja*{x6< z*{W(3YXHsfw` zL|VOE>gV_MT3=nU;e*=h=0%KaY-e6xee#VE>wTlHsKG&&WyRB@^tBO82SaCXfmU0g z_{5Ad8D+;(7LOPO`*u(~C|E$M4n11I4%i0YBV3$$`Fj1s`c+rk-$&5N(nk)_T&rvF ztZoO#PV6C3V>}~PuP}GIfuH5^dGA&EsxqxIYvYD_UK=;9Aq8oR!do#B3)sQh3o5I7pK*RXE`pUIum8I5ZZwbOYM*~!#xcR{JYW{qOI84R$YMVO&*f(@k9`JN zbD9DXhJSK7rtUrjH-8#i=h-g=I*lEU{wUjiwVs6l28GY>kr|wit~L+uz%ijimUO)7 zPsFPKh}`=1)JTE|T7#0?(qOUml)Rf#za>MjN&91`dZtGbPnQb5#@K%Tb{qZrnX{LK z&z!@3apwR2vHI(E9fvD7x!zPGJ>O<`dL!2KKZQS)gut!oY1o`)C?PMUmh|VS?b3De z%x5J(Gl2=;t|k2)o6Yr$7O_dNL%#hqupOw5oO2^23B5u7&K)vJqrU?K_P=@mWtZkajR7} zTb4!Kvx+VyJcI@bsGchO56Sg3L0;2vbA0!L}%NEEC&11uw7EFAD?`=aC? z=71p6s}!R{+i4~|8H&(XHQmgX4#hJ$Zsp3nu8mU^FW8H$I;1IAR`P;QuFfr!P5xqg zXCSL-`}o31A3-UX{OHa?H(f4H4*Qg*LAcV0ZLcbw(jvvE$}1<`*yq_6ZT;#t~Kd(yr)`<>(8?g?^xJPpLEnWLXC6x=}1hPheai}0z{g;prFxDDk9vhr;) z_I;|~j7=TvQWov>#4>K78XP(o0NaO}?(#6LW%2>g?kU)FX9g`PT%F(%BEM}RbiDL3VwXocW|kby7azSk`Ce>_}uf>5DQXkg%+N8~Cz@jHx0q2wHsIyDqD z+#_<0I(#OzxsfE>+%+0e3-;6y1s?tlmLol3w3D$iZn1&X-N_z27@OdWf>T)2no0M@3(;Xu|qs z5cxUh2qqiuT7lsLJ-+x|&Gkj8vdN2AD3^x{C$#ZMZdlMKbVl0Q**u%?Ok9l$j9&{_ zM6~$)HXr6IT=4{m56KHKwKdA$`0)Iad~{({BaIm?5URAFuFBR=K)|ohdPa=wwBov6 zU$6HJLz1D`COXB+7v*7g`IfVrAbaI?i)C3~NzH!SD7;n`kIfJknMO`sd7IBnH^^%! zt95gC+B-hjQZ_}?yqJk6&NT%$*#Rz}_xfUw2=$X;{ z=n^VFC3iMU!0xbk6DPNQzAR%532Hg+%LGd;%gGCDx2eg!;n=NNz~L~rnk94si|a|F z0_#7o504%`57{uh976A}K`fZ$qJSvsCK-ay%2U7a1si~G$EnWPZ$PG(+>aTqf_Jt)Hn7P^egqEy*CgD3g3H!SHipQQ1gICR!B2*`^ z!?Oi1J1N;%^MbM4Fuq{+@=03zxIEERn@xqE2wRLGQ}*eX{?mgqbD}10!R$#-zAHs1 zRSQN^KW#EL5bq!)%NZMpxy-Vji^tV)Ll1F~l2Q(8{%Y@}puB&c#7Hlx99smx_xR)^ zR*_a%SbvB&vZ4jA=Zi@CRL=i43nL}RI1O6cYxoaUzjmb4y?>w_9(vuI);?35&A z?u;XIWD2RRskp()W)0puk_F}9@g*gbY@sHC0;e95xcm5 z+kk569%LSty**GbivEo}I&}(NhjQSOS$<$)ohQJbjL2Lvr+>@0ukr zpMzpPtkT6D7-pH0%D~C}$u6vOZ>4A)$GMp!p&Z?Pq?sW>PH=nrerN8(vA4v+&fvbb zO!dcH94|`hl-RS8a6IC@@>=ln1XbCWd#W5?=+M6xFE<62Cwf7vTGe@qwr{IlIC>ji zh^AP*+<)zHl=(ewhhpUH7cSkn`$ zf4OX?`Gz7VhhmIhL{6MQipgW|yykwQyY!jzLO-&%cEcWkjqR0MA6Czoq2FKOYWm=l9Y=j{ znE(BPc&UdCqb8JT{SXopP0WSRlkTYG*79Re6|`{=*Y?))lLb5uAd7?FV34LjmiV1$ zlFfd3;0M%Y(r0Ifd~JK6L%`nRe`MK-h-i^ctb2@(fpghh^3cE+mMt@+a?{@NvjX4x zigwsOHu-{IyRi<2s%6Vd;5Zu_rQHjL3T|5LW&BUPz}E#R~TTQ%1AL7-2% z>VJC#{K+Cp4-cX4oM~i^X`0j(-lEO059E|WhXIUFwVVuWAv7`BPPe9v(Hu|H7T!zv4q~BVHVgx!v2qoy{vx`qcI}8T1nNX+4Blu%j(y8C-W$Ez42l_> zMlPH=e&T$5ZSQfFNmTykz4+RP_GIj-2_h>E*GOm_t6 z(2V7%(!<#Swq&0@a@_U9ruVh3Gz4>%!{ift|-svi;Ut-U^9)NaefRjEq0 zx-Hd+t)uV}mCJz@&$N8w4j>$|`6Av9Ly%f1-b_cQ$qNnNsspH&nT^pb;V+Fulis5( zpEi@Sult==j+Wc#$VwMe8B1q{=1qCjE`6MJiY;!B7&sH~+86X#u3s2>{n!j~(O4~PuQyXPaR zsCQ;QrNlH#D=;!v*(-Z#`8g~Tv;VHImnMs@lvW`bpGS^>7?{c3Bx4g#2(fhMUIxrm zvIahyNC<*HTjENF*|$psZ?i+xT_DCri?KY|BfHYIOK0UphrJLzL$>H0rzhW+Tx}rm zhm3}E`(x-GAfOAXvLZ4>jYc8=o8{`)H90d#2zcH^)=YnV480zq0%xbjyL)G!-of}b z^9jbK%J-$F4Q{TbNq_=9l&Ifq>e}xSpn~Xs$AU+}l(PVkU)q^r_{W2jt0fo@502*F z)-MSiuP$<;qz`O*4;fp7ACqc4r-y)aZf;+5M@y4-FS6&w)bpk(#gE5GSC!=6+#oTn zK$IN@sHT={lsw9eL3=0VtuC*le@$! zihFvxc>bfme8(oAfILQcIU>{Fi0k7;ERdDw#}5zpHWB6#wrJ9vP}iwm%lmZf<>t9{ zL~w7OSjV{6fgIWVt(>Mv*IQuMB;<6RU+ zS!7WGtGTro+ICA=TYRlXtQ(>r{jKdDJ1EhSqlfjOHTLW|Oar*dNZ($_8P- zWXj49fz~CXk=INO)b9u|9{IZ18o>5F@dHNYg^=GkR6-*(m0N^e>(tg^{nQQ(mHkMF zL;z|=iU0>;k+|8)GD#ZWpTLH?zp6m}4v~m$0^||}WDEnLUlUyh5m|@Ira$&nNf5bx z0zT$C!(~eygt-+HSZ^Yz2qnXl(Cc-OKd0x$!CILGRs_26U&H;%+lb<=_A z-!NvoKBqiSQUm2-gue@<1i5R|MP+blzHWVVJ&)AD0;yLlwYn7FAh1oiN?Sy+VA5ZP zx3K?3gfuUPFjv1#rz=?^(TR_ZKu`PQ7lENH4=}*P0c3sQLT<=awaWp5@w~MGF}%8Q zOfXsn`Bp{ANFbptG0>b!ZT$<9lw+N5b0@dtCRDXD#=EH| z0f$53>C`S09L?~#YAH6iW~Zc3dMyG|$@XN|k0W^e50chC<8#@BIQcfHg;#ybtdH(> z?mhIMSmv|#`tK3tUr*2U&(8H-@(H6qYZfEB+;!QbPdv&MAkk;}eZOK<^lWuE*=~Wn zTz3P6vEKaJ#W3N1Kj=${9vI!IY}Q<9UrC1SFOd}WqUTL9e75rZr3iS0Z}#(wvnh`< zV2Z?xT+hw!w<<|2vuuS037Whc=qB{F$GFAq?cQk#m$r;b z&1lxh(@pSRS$N%<;y9pR>HAoGC2mko+?UIdZkto2^Xf$x##_1VA8To6P`3H)Z}mYX zhQ-f4VIRe|Zs= zTMUF=@U?$>t4}z7p!1QhJtH4i8Jf_%@hak&H=mrJwNy6g0H zD#yMGYIMd8AopFqk4M?#Se6{%+>zS2eDP(I=-Rj;aq~C1wK)^;Ub6n+*^wWu`qUi6 z)3U{Qq0VNzy!bE2AlkEDzl9~kUW{(V4s@UW_J%?4GuApB5^Z%ITm+`R#0{z(`3hpo zSrKj92^-hcZ_7flr0pE@7rG00(LUdLn}iu}8k_$NCJXZ%B2$=Y{8BbCWvYxAhhGI@ z4Y23W`Hh~Xuyb|!Ahq22MPNaJAC*$U@e)Z#YHxIfr}iQXdtnPN6`7^&L5~{|R!=*` zJp)$OwVSTtxAw=V&<9ephMN-D%v;p|6RFc)4A>%QDBcap+CM zV#_Ms&UpgALb16As`*k5F+Y?EZe88q82_$4^ZK1kWr^A7k^?ThAd=b^i#+oO40hpS z5<#Cd{(F!#y<2C~K2tCFe=)&-c|C+pu2z@Gsf{PK8iUpK!@#fGPS{c4h>PQhS^WJi zk-2wNgl`4J92A7;78Q}0=g zM|IGriN9#@;yE}Pig(tU(saZ`Xt?d<#@ubF48I9mz?GLltDXA7hc4fa-Nt5E0oVbZ z^X!8ZjKhQ5YWcr{TQuw$>z10*^fz^q_t#k)cbUWr`+JqjHuP$aAhJ)iB47&%lxdcj z7;c_S55>2+U_82*?Ac5j+V_DfNyfTSRZ-j=CnzDqVW`M*P3HCVBBFzTceAA^Bctth z$h;dX0Emx!*8mCk#U`1_s3{l_+IlIY{d;v(pf{W9m5j;&u4WUE^rFMoiToZ?mE+9; z2%JaR?tb{U<7Tih1$Gl@-CI05oxqcaO|QeNmD%Pkcu9a6iB=35`}A03{UA%EpGL9Z zf=lGIa_*W^w#<*aT8_SeJGSZ6&21D}}>+|;8W{S1emG;;Ei zH8bfhCHM1e1@*g%HbzIS;bF>H;Wgjmk{c~<0YElt;S!>3{2z7eEmxsN?)B~j0><*F2Amg}}p z42swVo2T?UFWn2>W(Ydy{e{A_E`a zCBFtr1;H?e{|&SM>npW@3$GOa_{Y9reRu;5A*|Q423Q!YSlixSIi;U=I`fYSbvR2*%T;jGh*kJo+roZD|R;siC>mkDKhFi|>5Pg7- zqo*pKsb*1UKT-eX4uxGi8-q!+EpiR#Z{GnK^%8n6e<>*LsluIl^)FZb-~Raj{KH@# z+G4HU{SWu%%sHBefVcU&;d-O}?Q$Rw1id}-bRA)`3H{{@{&{MIeUT+sm+JMze|U(_ zpi9QW04skY8gS**LGB+flbkO4V#I*sH5u&dUtr(e1o$=z;gSGp9f##?7#ySJ7Xo6a z|HGRkOa#xkzDO=nJ{y$s*utTk-{(6}&gNkIA~ysG)@4fL5-0uNKdj2}Wn3bYy_5Q= zRx5D0ae;l46UkVFo-#}egxo+9xF;%Ui4o22pLUAYSb-v1*;l!zFA2zRO0_v>kH@4m zhDpJ!j1JF~Aw(ih%>t3Yig1&p_o|>Hp$_qz#x_EXd?gZj4Y?;0f$_xn|LYb07j!_5 z5S_O~j!-djiu(l6lqkf6)M^F&2A5|(XgC7)E1C**$ooxLR6^ynvOfRm3KWhx3NHW4Qbpz{VYc$f5z#%f$OrK=R0eGxXzg4lWbA0CJ(h0?&&sgq zKlmDvk1s%c{LANF*kLAN{Q|HBwh|vA3BF56q$3m&hi>g9TL9@J56dO(U({{1+Z?uh z>|k!tRv3C|`*=@20RObdRPhSD(Y-ZJCG!Rl;*UgBK4Xz$@4NWPKt(Ql1N@IakXkV7 zq}0ppZw=mLbZN3;j=_(We3kBrU0rg)ozolZv==V@J-i!?7c>alSfO)mr8e?g2LM-x zli&Au4|H=N`jH!%*quF0Hh}0QUD1l*d_FP|#=|P&w9m*%M57)j;P5s3OjdTc93M-0# zyWd^ZM(0&2VQ`?RO{f|Q5jGa-gS=*^>?7>58XcL+>c9RhPv(1a@w6{; zU5*3rm{jWV#}~c>u<#8rcxOWMOnWgaT9xQAlKy1~$7fEUhFzZIA!JQ}4OYJSU>EEG z)!^#pH-xrQyAIeHl)nV>-jd&09c{y4Vs_h8%+GPeMVy|0IvhZJ_Z$jK=VvSHh}7Rh zc}6WV`Q)aPfW!+5Qv4SNa+5%cE}a@GCh9~S#J@<76bwg!ac3mf_}X2^F9M_2-PQ>j zKKTaJ*r%;ED0g~R_cZql78-4$DJ+7s$^#PflH)NU-1xZx5Q|NkuN~?0yl_ODlj7pkj^m6tPyf8Nd00%v=KXGY92>hZA!|TGa28N z%&ej4$!2o|j5P}5cj*b~!;H#RvvZqmSng0zp1$lbv!XArIwW7fr&N3f=u`Euk^2ZrEK@biv>0iUj~Gj0S#Y^#gIUxNJgK~G~agrNR- zWe4|u?|@h!?1wLv;%CX2fP4!0)g*I2z~+}f8AZ)~mw|2otd z2h8@D^}@#(GcqURGTKR<@s|k1dp^e(RUI$LdTczNsTc$7*Ov>YY$ucBMhT3Sq10mD zx419c8Mp9T;4PJlSDZkWC&cSTR>^$eY+8Wp$d%jvn%#Ndu$P)pRS(`?iYl)6bbYGR zv!=1?zV@lN`X)kDj6`)~^_w6XlZW_Vu^s zVr*qdD0-2yi)XFGns!e}VxiTDw}+T9%%NO0C)dx0g_A1oFPB*xy>){tcE*;QJ=JB( z5Ee>>(DHxMz6$p1fmokx=u;_3rXil-sF*)jU`9*;(s_*1Wq7zbB~y#&i14C45(9!f zljcA<^OE!TjF3|zxWYU@2^jX0|sqV2s|3H^xgI*z>4xWo{eOr$0T)Xe61ywqr@ojf3t7a|Q z1LUZPo4bu3^d)0E%=E>^SRe+~sf~6@K0(fU;3Jp^?fW&wD&m^hXmjaQM{M~DCdc2~ z*-*%>k1(>2rK{=9OpteYvY)zFRBt@iS+KUqB*aoJM4$X6)ORhK6lt?FEgUjs+A#-w zMY?y7Y{~8p1T-Z3U#@DPba@XJ(&D$`m0JD0wLc)tlv26Gh8#~~LbDI>Y<7NUxUkC| zZC0F)pOz`CcIyj@w-MtCgc;_hW9^&p${d0HHV+Bx2U8 z`L#E^BlZCp2`nB5lj?&&BUVB^RqslHQ7M*S;=OI08YnSb;t6wKDZlYlU4Z zR!R0F;LfhOkk+*#&4!?(W-;#oZOW>WGz6%LmZW2ZYwAf&tuzQiw4yE2&GRQHuOjFg z+jp;|jV+9K$#*oh2nwalxZ??ijUMzTi&~kCsy4h-g-NvrH=ma9V{6>Lbz-g1?oTvZ zgz{7#ImOYT=>0sVZ;ZJ#yom|+Ub6Cc;*=ck_vBaorRw3@Dv z`ssK2aBYzbj;!qRjMllg;%y=4m9_ZiIb~L#YKRfhw+UPaw|R0dwNp$GRv3!7kg4IM zw*5Rw?WP2gnMUTZA?|Qzb0w|1CDcDL3TP(2)cl8C3uuWqIb3G)>&^^FT2)l zcNiq?Ao(j(woe*=y24XB*Q?-uhRl?~&Y*_E>nkgL;u-+3tCpHUo=8U|;!Eaxf+P4_ zPC2COH`wL1~mTl|6_;X1*XBN;W71+qsek`D%Lq#aijq@-Rb};uP z3zp~zf!XtpG~fAlfwjAOHR2>>l&$kTo1nb)a^}nC^nqn-%-GEo+pKasU#`<+C_l}G z_3m!P+d9WQExkI|;SndRE2r*wUk>r%_={F)z0CPmq|X~mGSC^UADrBr{!;X0%J9zc ztk%99kIlJNB1uc;kJ5~{X=a#s7kEYc;T#h014tsO^GExNM$<=Dnrx*LJif=AV;T)F z7tNnv*0Uuq9zB-KjA8l^it=-5;?e4DdYh$iRcnLqvHrD62pXvH%jF}IPoWp}y4`4; zo!qEpPEV_i)ek!u+b!3Ko8P@%Yy?JTzI6It@~x*K(wbabi#Ko!JfQC&?dJ8HxXmJ& znuU)UQgytQM0_QvX^aa>qsBt)6f($jUB~$9PhD6SY(gE<3wl|=Bmth&W6Una+zhV zQx?WK+cNrnP+8?%S)mvC!nHr=*6;0u;jEkRx;fW4uFo3ZE{v{v&h*We>)s#!+H?*0 z>rJHzXDD*JNHL=#M~Ou?#MqPZRv^16lrCj4WAgJyGif~r?;^o>c(YkC_||x7T+$V3t$gEE zN!$6i1DgAZNSXv|uD~2-p@HmW^wF^jm&hM2A9IlEs^5w0`>%@)_?ad}fT0sr-wqS| z#)HHyC!{2om+01fd+i)3Q9n*2@qALfA9xaUMOLu#kKPT0!ZD>*5Q zam_Y-QLvboOz;A0x}h`OQgM!rPqz*y*`{!2T)TgC0kAsw&)YL3eh9rEciL&S*0Hn zxg8y?d0cU$_k9j}*BUn`3~>B$BHl2LCpjM@+Y`}I zl(;Wy%la8vPwI6jE~bsY!xPX3+jcs}NA#&&dTL;#wJGkg=LUs5RX37K7s^f6>!;jfE4PL9)J&bagYl~MW!M6#oXV;djVKPFl8 zmmoNV&Furyw7_KmcX#@S^|0#iPwwSN{7>!IoesZ>W+z>TW&!&di^e%lxfvu1NY|(u zmN?DN{?J9jbJq-9wm-C~pTy^K==Lfpb0L+Xl7cAG)JX`bw;sRw6hy>NO*Oo*me&PT z!&}Pgdo0nAUBGHWPZ~(V7qy3;!|f4(|=ust8?m|6&se*{F}NBo_1kj8q9jW z!%anf|9l75$r(;RH1)6`8&2m=VeSZk%p(&aoCnW_aXDsz6=h>TY}kOY-)k6&`iCB? z8zYe^xMWO72U}z^_s&uCHjR;lxniHMpP%I2F(d=ZnAl0^oyY)PX*SX;0%lXm$L%k9 zsq?V4!_qq{emK0DyMEIde5&%MlB-J(+=d*tkGVC%b%uhaQY5Ca(q$N6IV_H-9|i&z zguu@4MIj7Wl#j)@;RsHF*Z#!&(6iYHff&L$<*QlO4w=AtFpf`!$RF@)+TReP^DCz> zDaEFkwH&pF|DT4>v=>7Q)O8EjQ>?k3`z4ijqJ&jnPCD)*xZ{K=u0$`VSAZLBcJ!8hob~&RINRE$VLq zzex>kQFWNXv5|w{1lK>%(-J{DC~vowAXa>I&Di%}BW4o5 zUcp*BH3ScO^K0o1XH^ZRyn5FYsi`c>46aE7|J#MX>Uy@|VDx`zd+V^O)~;{VmJn1@ zN<>6bKoFEJLFw*prKKB@l2lq!Kgq(i#SnC!jZ>pAbk+UIGhwAQOVf{pj z|6565bBxcmxaULF>^LmGdnfgF9oC739)B*y>yIybVxLAIJ~S^fVg<%ebG zh5EPLmzr62$sLBDAtIdhSHpH7SQbf6sdStHa8`f#H&7UshrBxv*}bL0bdR7puxW=5 z%uOD^jifFJY>{cZL!%LS&7~Y*X$fG9@8?#STq+FZ>D#$Mm7vn$urlt17+_>>y15zV zN2==2Rb2ZySVA7yE1uU_cx7fors{2l6i-XseWpr)j8t<(?XHpZDXTrDf{c%LW^C=3 zLN{sguP_%nw0ua9`VtU^XZ&6{ZgQCdL&V37>>mgT&teuAX zh>=y$XBVNf)~yc@ql@uYLiz2z3zW}(q=y^hWu&}Q7Zy>qNte>cyPpi z*`X5x&gE-RguN*vcMAu8LkxJl(cT(sb4zF0LhfhjwV$iMFIVA`ER;+fL97QG(11R4 z-hU}fO^9dlSb2(L<*)m?LHJ6ML(F=erjZDbE7LZMX6szgbpHDeE#UJqv4Wo)5;jy} zu;85dcV)6^Gme4@AdaqbmRwHnoY{i=S2Sx6tSX3vyoD>cjoC&;4g!|JSlx=DEuOV=Z5V5Z#?&E zADF8%&klIk7~1~%Jl%%IiA8+x@j@Hm85hJD!J@HpH`3|NS6FhTBd5uy-!GdaDELbb z$6vb6{h*NJuEq##!hlW^3A9hgK3>QqYmjgSSvy{u8X%#03$gnMTs%*MrvF2&5r6(A z#zt&huWVj_I3F#U%OLc9dN?jGC^jl`7mf>P>$U`@EflAq-}Bn38&o2nm)=0rMO1@C z331IgHdSZyHc*SaJa=B#gqrG9-H0#dUd;#=5@D6@2rQ6d`Z{` zS~cwf++^x|@t%Cw-vt%Kdhx`J#ZzW|aKgZ;z~%0#sqrVnv*zz78~c8N#O!tBXOh5? zJK9EC?AY!%(`s;z z_m{LrITCA{paC_wS*A|{EwRXKYlA?iUx!I zFVZ|ZpHCTIE2YpK&T}F9Zuq7<#KJOZ0Xon%IOp#?`@<3iGc&HriP0WKu3hu(L<4|p z&JT59+Z=`1cbMM)AjLBo-n5y@4o6(aXq_*E^#o&==pP-3$Qc^}2HHcm-zic?+t0oi z>e<|n;E)V+e>d)+np3Ffbc|E3jrNg8l`KV0C#`zo>N6wmmyb-&$P)C>rn;vl(WoxQR z(m2O1@fxfUf(yBpqPIWkHPL@57%?=@DeTKB{6;L^t!yZ~7eMk+>cV~H`D<1aCCP7x z9U~PSo~Bfu7dw-4Z70^40+~D(rt@lyPr2?~wjS-;Drh5(t}lcA%_uwfqqP&0LYr9q z9&8+}?4alcb3VGu!b)!2_C;ziz3L_YF>Kp2I08~9O+9_S>#Yap;|PUDfBK5Eu#<-6 z)7jklD1D?yVEUs}F*Mt~G&T+=ZD#t>_dYGfkWy~boJzPUKB#UA6AY}ImrD(ePQGb> z{i!D%MZsk5yy6e4;C}&D5X>zc8Sj4Ae)TU{0^k)r=T^TLCu0Uo#q-8Yd+xwFA2>tDY>2G|`M zU)(fDjcUQW{Qtf#1V0O9KY3R4_n(%$gx*E%Phkw*iPhcTCGQPPxcZ``$0YxH@oEpD zu(`9_FL5%*^KWSI^?A6fsxt4f{`IEbxd{Zc3+@X{)!ViE^V&x&u&LyFzGF(Ds4KLs zK2LdaF^=3E0?$uure#5!AOXA!ks>Sz>;h(-_koYe1|FuTB{ zSAR_ko_lv2kKB2dVn(Gy#bft3HLL6PN-Xn27zrh*_)<9Y4OCa3bOC`;y?CR1KLM90 zT_oP+ZPxyQ(PU$28sysSWJNU_e{H!Rt-f?%jh+^8Tk+Cz)~vJYhC03t?G*c%Mw7N* zp}^mF>Yqmkxlm8TN6!l$H;1_SIP)R`b0m`z7>XP=kQNq)4D9?DU7>LW5H92{jB(Xd zey+)>F1R)~KXV!j-{20Is;c}Gx4|t|Rb{y0CZ2$a0;Fd44aa0N!$*`+@xaS8s(*QP z8i;3F zw0!v`Z^QENb*}=#bn350z#kPq09W8xf%WxZ?i^LuWy# z5sr!Kj>m}G)e{jn!fx=KKAwoiAZ0lKki&oGdYa9kr!+!_1<-c5bi^SBE%N3$fDSGt z$i&FMrf~Ti@G>gtQL;GzVrws6@(RGYR^HE}1(Pk;8;){Aeq9|ga$ zEckLE4N@{K@?zIPN@Hd~(@t&O#to@~)4n7YR%4liAI;~dVV^HOZ&&5=ohtgxosa#s zPuxKZ7~GtG6)&sc24(TLUT~AUPo7JEKpW8uoVIOs{x0-yl{S>hIM0ki4sW4CRAE z`@yHwTUDT_6~gscPf|#dNknEkbj{_TZ5>ZUa&Ht=;uLU2hT`1T2_E<^MxXnBaWb<8 zF}yJp8G+!6dgASHaE^O#tE_5>zolWk_T%A@%| z6TrdSrH`0GlYHmf27sQN2~fu{Bg6m`Qjfi%(WXDS7kl5tnpN*iOZ9Qy!!b3J&hg|b z{04g0(r~bMWG~iVm-J?DVjW$xxwVC1WRTkrEL=G$J0iz`57Q!c$F9i%cT1tJaA4l>OBs6Ykz;c)oJi ze~zV&V&WfsbFNA`h;q>61Il-1`QCELcmVzFUV&&8V+m`}JVbQL9>8e&YMN`OFkxip zfa654kXy2#Q$ySaaW>72;QAQHiH8YbLj1Ziui>6L9948e(dI_$H3iZ}b*pX!5EI)% zm^vBsURk6VEbj*sw!iOzrtn7z*PM_#v}Ebo;h{agE}{!kep}k9J(j~cZz?9$wd1$-^#L41T;Bw72%8re0D8~ui?A{Z+yMBl1QEPkRCfb3+ z;vicLBquKa(9{=Nhe^fTtPj*UVePzo3`oF|oulP^f*1o1}4MR;N~Gq;ocG~he)J1Um5~8dPS}mT3S2t7>-g95cT?eLXr~;q~}CH%&*o`k}pV3I;&23s)1;Xp`pZLj?J|8S&PFI+3UjU z*Zm3O$zm6dTvIeo0o~IxJM8p6XfWxzrXf-A=>qM!bV{MLkzCEROk}#xEw2q?=ok*0 zv_fk77O=>&Y~wp}H7}XT;u1=sf&PVRCms_p_B9eyhOd9(zJ5xCZD|Ki_wH2O|H0E@ zE?#&1%+VcTQy)mGyxXR>48~(Db$*u}q^Mjl8nfR3Z8VMaS@q4pRii2xiZ3*@pIq!E zZ6asf+3KoGH7pNZI+wNtQ#5-9*%pN>@@%Hyfq6zvu>TZ|N=vng+pT=pcv<%%%&?2AM%a8i%fK$i2Hj->Znl@-10b>*Ir+mQ*wbj zoBjdy~JwzkTVsZXdjWsf4Nfj2}mHdhIH0w9)e- zB{Zoy%$^ik$x+$M{l*Io(`o*`vg~oh_29c%#{193Kr2gL!2D}+ys))l^9#kiDiB?z z4nfk)%2E_u9j5Nl+(Jf}9g2bmrl*+RnIv2gc=SCC5H)37DyENom|Mou5#Po~fxE)~4Xe9CY~JdB@`Mq+*;?h$(1 zbbic+ZJT{OJ50$%XD0nAmMKxZmR4=;cr*ruxx>hjpa(dt-TiK z$LAEdQOI|89Uk+t?KMs!3It7S2N}BS&V#KNE?*Acai7(~6A>vV!#jK;nlf_O`apw`DOS|pp1q7va%%Xy`i(x+SvipMe!;Mui6Y^edLIipt=z$Y4wS}7u0C`a$R zNu>#^k^BG~L8;>GzissB@9(siL<@idFM?7FHA2yK2jEgm$G_uD&xkaqYnimr>!kVfNr%M+6qS!P?iz%NR9;1{zxk z_JwaN(wMXd@Samor46l7b+xD70|0C)v_|@wrI(nv8);wKECi{5{PNi3^+!O$g{%i) zM?*TJ@)UT2nak=4ZRa^0B8t`hKe-)ZQaLY;)_Bk@dy`uhR({z3HdpZmSqsmq&u`@J zlaz-<^*_5omhkXuGw3$g4vaqhjVPl=(=4FN7Te!ze*GJlsSjE(2t_IX^-^DG0N-ygFciluo9)OrtPMK)${5Rjy|B{GxMA!q*yM<0k~5{{4F)4A7{10> zB*0FJjiX1t;}7>jtO@GTV-RB)?N%2>x#|8LibtXdqV@?v)PlyXWDd*Y?;Y;VMZApX z?xDrlvO!#R&y7}Vw=M#vM~j=6b?qmt`ryptPg*FS1alM$vp2@?&}@YFe_Qvy$MUt+l<@pYZpJAybQBI}FKl^OPt zQmm5E%R$%xi08ML#0z)Li^fyg+4R3%B78MUZ}FFWaPWNxEf3M~dNA8{q3WG)!HmHZ z3j-g5r>6}65=DN={^W|so@r60EI?rdF>@q|WPpz_QVTn-xKLb=Ub`{rE78=G-*P|| zt)aIGMJbCU65`7^`XXPZF&jdt_lB(Q_&W5Csw6Pw!V$0m%IjcKbuBQeF?hG4QrJlJ zejiT@kCXmBxhS_*+;(}3eZ~0It>;}bQSc2~1LR5hW#RmWLq2&kVoRi4)Dg@a>=C;T6WKwT&}A?mpL#i67sVdW zPa(cRU#YZgaBs}qj_YkcmIHG3gxt5y8g*KqF8`!AJx@aGI|0>#F>vi9B9wOhuU zkr-5X)N$2+BV?{66#*4Njat?Tm!0!)F~{e>w!;8pS)yclp56snOf8e&!`Ip0Jsd7P zI|Bq0>EFPVY_`lfjn`$VG|$PNmk<2GG~@O}+6$lj5p*n!)U-Usa#=XJ=w9_$onOV| z?Eg20bLuoQJ*l17fnxQ`n><~6@L#M1Syw*eYIf6}`K@VUAZPThXrm(d@VOU6?&#O_e2)q7Qa13GZMa25%lD zdC$s-Ij+BtM&yT5S>%P+!Nh|DTxtZZ7l$3_Y>vQtJPu*1B0??0SXs1O@VwyUZf~uS zWmsmYDZC&rQKOnW@5n>9^%!)L9A0|HZ>3!8+c<-j*Old-Fd_Wk&gCfxFm>=R+Ti}1 zgs?DEe{#Kb>P*OUwz->BV!r@llHJGOG7cW~XFGMf_g75+xkCTetFMXe0F?5|8#(<} zMaWt&;fy~PPeecSeSyB)6xhxt>WeTYv6|1rD%qJHV4G&`_d z>p5A%zzM0GF(4s7B5=wPDit61++?0Y>dSInh3U74ukGK5Ze3kZ+UmWnEu|K5e%}Xl zkLKA~&sNhb|Dz*Z`0a@_x-Hq-pbg}E_>VS_CniiKJ)&y>5K`PYE{at7zizCISxuy7 zADH{w=#icG4DA)nQ}NTv=qv46zN@_8|0*Ix(l)Ul_pU$Bm)Ck~1IKmjR6LjV(#e8- z6QW=F3KNU$T#5pTV1?dU94QcLYZcVrwDnv_xw=#f{q-g#lcI2Pv?5mxVxk(qL z);mgD!+-5Yj14UDO5eK>tc*>>p=ph^;%>DWA^b#Wm)$8pUrZCQwdfz=OGtBf?L8iA zSz*PRkT!A6Zd8}3O+m6d4u@Fx5mZa@60!F(C0_ki^Iw_zUCJ^)2q2d0pS?nk2Tjan z$3jD_cad9M16}6?9&v9NOM6B<6I9%Ec(XxFA7w*C!+r8lJEH{AAFZT&0P|knw@Hv| zitRi}7fDGES?&l)tNLJ59hk3EF_umb<_x?gUE}-9wlnWOiRTp7 z6(XR5X|7~2)t1pe*wv(xp9{$u+S#WL6|EyO7KzD)sdyJIUHe5U#a&oP>n&J59b2FKs(?+p=!7GcVYRE4*vrc(-+;iU{YQ%6Yhscafy15lKr! z>_W2Bnv37P*^TW2v%Sf=h0OE%38$uEXmO9-JG}XRvSqUCDWCV;l^=Ei8FSi=JSY=WfEZ53;GMZh zQqugBX+-~^9bjhz%j)NS-G~4BUjHt%x(+x)>XziSt0)SO()X({Bo)BG?kRj=E8sxkcMJ{twEg; zQz9&c>J#uU-j<;*l&iSP?1C0?+Y^rGn4R?*WA-xWtYh(&Zs4dH@jpd7afzKeQ-TOg z)b>|nIREuC-8|R-P2;Lb<-e-JGQPsi?jC>D-hJ}M_xIc#p8{_7&2GnwC@$&vbIJrF zc;Z*`x0(O?1=9&a%_E$#`tLeA0;K8>~d%Xp>lwiXjFp6yU(OY(WOrN|4ur(W(Pz!1TLUyw>Jbz)DJUSpJy?-wVD; zHm7zhmqQ*RAn$xrv$w?61%~Z&3yIYyVG@7AN#_uK*jUJ!b7C()!@<~!RO;~o&B$znr(o;&*T6bcU^@mN-qdAGskLA<*9wUU2|{B)EyfTs z9r;w^1O((dp7W?bY>z15Lp`E#)lI@W$e157Hbw|V^2>Ih47Jm4X$78%soF=gr(m_L z2bTJTT8PmNLiDP2%fyep_f&5ae7`?H)0^u15o+)EODGs`$dMqEfJoL7ihpMdp5xtH zVC{lY*2+?WZe7c9#&NUyEVS<+-3fBZ1#=Z6FrS+;PZ`{R=)if>JJl0%yyjyKji@S_ zD=O~jR@S;Z2OpbTTgF%TK!(F+jjf;nvZ24kag|!~Qm5+mwM=tM#CD5?pNpSHwK!EQ zkcFB2*8Xq&jm`GY6v-wiUTQHhbc??cn|kl95!{xHH2@mHgjTkEddL7A56wgMES(78 zMYcO)nqNg1-@-hG^ zE+=b*)*`AoEmI&U$TIrMMMEOfm&!js#C6}WO%)4YV@CPq>XcJ{{_aD(DT?1a1KcfE zC`Z{!zBFUQS4EIhZyu&lZ zAOt&D6vh6UeZnn&4)COF1)EgzEfdMRA<+(rh3;U71I6oo7y$-kH!CKxnMT3?-8rIFnZAZSxH5l7%T z&c)aCdPsTd|UTn0ey+Njb~jyATWeYB?VU&0g0jY)b_1IBN$ z7>Ms%nA!hyn$gp?bB=Z3HJUP+bTC})`yH-#%bu|t&+qZwbwQMyRz^8;(rlNK{4b^1 zwcJZxO%+z)P>-lEoA;rJN8J8cA+VJd*k0woAy8!iw9PG9*?A_2Bk4+F7}0zJ$bGtI zZ+!+A(IA}L+P0m-MsSR-x>Xoj?XtBbLg5>A%lcMh%)4@nzY({P^fGYY z{Ys(G88-NGev$^bD1IcCaGAlRr0QmcK8OPkMp5_u1F$_8Vzp+RJr^jb|C@_ocRgLb zHt=5*-v*DLd$$qQ<^-f!0MTP261+JoN_<*2KYg z(118aAkcQ+&-ShwQm%&)u4=lWwsX1wn>-_(d=Ma=hF}gx;Frv-MvjK^sP)Xc33Qtw z#UA=a0?A+SeX>JOUbWL#a~SFTDC7)J-&_0M=GlFaq^3n?9L&;$ZIboSiK%R=vQF*(a$OXCq_Nx$WtejhGnosK>kw1b>5pguI* z-CQ*Fy-a?clunG@4NN$vO>c8|(O&Vf3DXy#7Wy+X$^7F!l6Be&sO6lkouGh6IS%WJ zZZf!V{~{$HA0v}8aTzXqhA>B&!KcEmEpYf_8R{b%^t(Xw2+bL{M+}}iyhu+EmR}FN zG(DJ`m#|uRRtE&aY(T}i4;WvKJYt7b=YQ_E>7yzs@+S^%m8OSKss_b582U(jf+IQD zzC(P{EQ2nzlRNRluB^(f;CX3}-Ec&oCJ9=S1S!&=kJHiDL|xD5fWDFi){8w68wUZN z#c!zg?d*_o2_TFSsv!21`-I^?X~UP{4rIGb=aDD-80tMW9v%)w{M1yo*0o%?@85L@ z-~Z|OEw-?6n8990-qH?M@gNqFiPTCnWN-O=#@i4I#U-RXQz z?cm@E>uU_6TF$>yW$uhXl`#mq>@K2G7*#mh0R5MXatqFTp>5JB?S2^G*SYZ8%E4@E z3_PT;L{sh5QnDU$9RN;0-%%;Z_4JW@Ub41+Z=M^|PW;WRz@6`+q0)%_s&r4=uF3z# zBeA?M+IGZ3q%09)2vYsG;R9VAHnH6{ES?<;Ro zKC#(5PLS0h3COU93YFVDK#8pG!6$3`j`=8b)cl}zh6foNZw^txCnq~zbaC8v(FMKv zG#qqx4lF^<&vQpMnj&wU{rK?i;YKvQSP;XzY6H>lv60~dzH1FjF!JS|aCfv9p-=RSKTL4-2JyQ`}G1HuVt=*MQH(qM>dHd7P({y!*5w=ygSR zZs}=O0k59*D684+%G)p*z1e_9Fr01$s(o#?*yG&rn?FNWVdUV=iNci^=@YWz_;u;+ z>|S{vuHmSZSta{pecut>-6o7IelI_sP?1ZOD|E7lt8Qp;=h@*^FC$m0OlNz@NnMF+_`>ok9#cgxDF^) z#`QM*r748_3D`!Ui}vasCKYAWi=Z{$(*;X*O-TUz(GgI=1832(2X%vxs*kd^TMy8% z`=2NuK^ViEtmfU@>^aMT!-(hxVE6|ufr`|+2R5sZve&&-?kypbAfABmn+=?Z)n%Fa zUn-x@(w7NWS+_@$qZtT|Y;OapzCh-kvpjnJ1}Kv5#KrTJ$F@Sm)= zzuLGADdfV#?a%KvNzSQfpcBREkMO$fmJOr%{8{IDCC!-e^R3qFPIuUakbL<2z|>W% zR%Ufc8$M%g=BOHGBS4M4AJ4YwIu@iiBUmj@-n4v$+E^>rW(-J5D?+TCqSl})1RQLn)lKYKF?&Y|ito`aV?a8p%fn2OpFj}w5HZ$4Ru z^F5E-sO6dss7SqM=#WDMEMGas2B3H)Yx+uHODA~2hG|eB{|Y~xrfe{RN`>~%D?h8q zloaPFh<2EFaPIB3O-a1g=hyWDUd2zAZwMsPQVHjw)`;Vyub|~Hb!|ICRhS3nh8_Ol ztbTqqgo&g$i)mVw~qh*?>vpThi-` z(92GP76o&Q&I~-=DISI`L2ECt4zNVFib%v8)g6jsm%{5{G-dVyWMUPK15AYAaEB>STQW_)us<4h5FtNXrN8crXiZ6VZMC$zgeEjd2)i zk4$X6nOYcW#%9sCOOiItAfZw~F@2VP#+EZFYYH)~1%AB!Y}#v^F{BXY0NrK$PXuVP z#i4i`M8?I=-CJ3|fXw)HeWf0ZdCMHTqpv~j6E7B!8vui$3i->t5(;oCw*VCee~sKb z+FTdf4$M+cyA;c-GrDhp!sG-~*jCtaENyWRH*m44citV4dXHv4$ean}~6Q z@GX6|n$%y0bJA;cK=B0rkaAfI z)~9&)JX=D`J?~>2)`iG#{1s7X8IQL}7G$TnWIjd0JDcPsNEy&R3K@K?06i&OBd48> zAtb7@!TM31_a>XK{MY(5g|u9~-9WpDBmU$NTMQxJZGgGB-nqgUF`iX`gZ!Ryg3>nV zSrP3J1T|a?>Kn5!thLHEHmX!*v1LLJ1NWXwc zi?Wt1{1@p3N~ZI>&Nam(4Woe%9y5qM)^JAGBRN--aLG*`NxeYWq00D`;Jnv2bw@^T z(ie;5(=a|_mrGCRn#upQJ5xSENHF9|f=WL?HBg6{w*aG3;aBiDd2?s-`)*GELI{|^ zKe`!RX@i0;)XhF~3a8Ggz$2nIln*Pck4FTp~& zhopBnk%1m(>Ukr~P5Jh~a)>>AUB38nC_wg(nDOW5rx6ra_;(6Qk2QEynnO-e6GoBk znJkxsD})i!by-%f`l`BZ^t2*2AB@1W>Vg6mBiQio(Kx>I{ZVnyb+>H2K_PPaYm}^q zOcwRX-*fu1+DuCjVm$T1r;E1M|J$@J2CEztK50ezO=irfNAqxj=iz&&dFhLRdSZ&a z-P+ZR;oc3`J8LI{I{y&yJ*Q$}jy1Kr&cg9;KaYPC**DuG2>x}V-pmG_ar4HEp*8B| z4ut;&WZ@>#-Z_~!_4n}{WeOWs)O>sMBaTg^)x7`vY=@7y?XfswT!tt7 zb8A)Zio(OwX9H+N&f%RqOGlIOm|6eRGezbZ(r0()&1+9xQ?mR(Pp9{pE%}`6Y04x6 z870|s56|IKUfa#oUR2^4v2kvTVP&o%Bo6HoOLJG=li#ph_k=(|x~xe)50i$nmejYiO!z*-)p)706*SmleqIX<1;O9P9@l-E$mXBjYM> z^6;c;5Qld?1azQ6z^ zxo}l7^D62Kj#PX8#V2xi)!GL2_kgFJWVD+7{+r-AnA1LivcLifEFoY}(Lvg9dD!eK zvot>0W+Lp@Y*UyEAp1%hJibmnB{!wjDjf?EET)rE@hv}~LShe3dH?NbQa zdne1_D+fB(KjFs+n4wbi0KwP`)Yo_wxyDHWX|Ne;N#x-=19c%gbAWjN0?yIGCF-M9-_N84V=235t}WAWywJK{qL{pssH?s&qw zHErre2BQ6KRO{ex`3BbXx5*zyj2nhg{td)3uIIjru85kOd{5HoLI&Y@9jZ?eJ4?V{ zS~nDwm*6|38FW*c-f6ft7Qk^%lxk+RM{Afk`I0kPyFQ~UP#EK#3^P4EDG z{ua*poC(s&OgDVH>kVAL0fjIru9tBV{dt+^&ubgR3#|q0#21GVq!V$`$w?R)m}{BY zkxt|u0PvMsA@j?5EVSP-WT56(J*tBCcr3ojC}1NoV?^*LJ{HaKEdJ-A8y_+XhguCm zY$YL@4SDc2hc9W`e6&S4kq!#1yb;u>j0M~iwMbVI|M9h7WsqCW*mFj&8f`|xH>geheU}7PWw07Gd}`Hzrcm({KZfim+PBM zK#HAc?hIn@VhB(0??G_ZDv4OdY@$x?n> z4U>6vr*WdwZ4Gs>NK66V8=VQ*0Qb)f{qd-<{T)`~JirbHzVTdEzdq*} z+99Tgfy8VklTAaX-()~n&=<>+?uYe*ezpv0odz{c{1EuW24{#)B;G&=-l@z>w6Acen9mMY2iB(l4=HQ&cn z#7dlk2#zkD+IDdPk&RrOypy&_d)+tf$9IftqFzDLNWY9dIJx=*ooVRd047rV(C+LiggX=HPL^A#1k$vY=P4Db+?^N0zVv1Bd z+P30@EnFE$ebE%rDRE(RAWHzv?zM3m&=&4S$R?~BL`OW+uFMXB zlc)Z2d1W>6)`kPv6qUGFbj#7alR6R%-#0roBa=SZ$MC8pzD1qc_wX3-E>whx;*(I##6i?(&q!ix)Gf)-ua zI@=>lh|itHA&fgJD)Yub*-9gS1ZS)z@8Pz-@;7^XlD!hAln__;1qSSOprHH6<4f1t z=T*GH(M@kHHtA{V&)=-e1ImQAD>v?|(xiT@r@sNay?mDv54W!E1&vKUXFH>?;lgw2 z3_Un;DVABkIv(0{q+WSc>z+%V2%w;w0jI-~nMq%sIb>T(>PMrkwGu#t+15iW!reTY z+dkv3XlSGS$j;HPSI?{LAN+(~ycLXdvPV?AV5qjB7fX}(9fUYxC8QVstAhBeZ1og8 zk3p;_4MZ#*n`^_zU7TsE)ec8T3PL<;3xGmw(BqKu2_^Fqzs+U z3yzl6I*Z2#x1m4xdCgN=-X}={7!?}QDgCer%mFyTB)m09u2P`m$pPMe!3P+li$C1@ zADlZZ*fTX&e*;(&&q9}*aTNMR`cTb>7ydw7x5ioaZOFa~XmxY$6-$Qcyh zbCt{ui5it)&qb`P?1D!5SFgW={2^3WZnj;s41>xUjqDpFg>- z>MN}M4bfPA9Npy;)$TM^jW0Gh%jq|wrbIi`x5=*b0?F_dR1GwNsN@I8^sIm>u`pqN z8Wt&5#l1j5(U}4MS`qCaQzweZ4+2pmID+<7Ztqkt@M^;NAPxA!_=jC<_g4+hD#d|e zIN!pLBKE0N2($C9i}ehR8D~9(IBzd}7E5`F^?WfZX^qP+A3SkZ;tUT>%Cj5?AtSfe z=x$;SU6)OvK)O&BGUNpp`gHZ1;#?b-ic(!i6txXUaTDZcD^dpTBlDyz>)$ZjWksNv zQHlMMv%U|jioI?O+)!*tzdi| z?>q+-hb!Zp8T`WH^%?p~g_n%l6Bp;Ya0H313ch$Y*RvD|Sk;9|&~ZB~Y3QF-hy%d! z)5d&>bTf@6V4fBnaoe2RoN4b3Bfz6P@W?D;ebjNLG5`qhrnKR(w1S~P!O{>TWs(X4zbDp>=$9f3@ksf&ne4k9%;r{UcCkrrtA zi-q>+d*6t%V$9aV8NA)RMhPz^F@)En*;7@%GNzV31GY_=ldcKdsyN9>5`@8;(`K2fi$yUMbIK%$cbi~;xS zIN3bD-Hq%nH*ktxay=ifL>lP$V_l`lz<&t;asVk4D-hTV%E3qL+Cg(v)E)I{hW%%D z+YL2|OyAa(M^*<2h*!!G2W9Oo)8}K@yxQjOHlRK52bc|UP+CyOe*}=j*OgnpFY!KD zouE}fZGDGu_WnX+Sm7#33t$$@XV~^`szo7jQc?_6c$Z^`s$3jc4H~a#bEnrp5^Z5; z&I`w16UDeaW8~UtkEhsdzN80mzMc@Ldy1abLWH*}<=kr0sIm0e>-_5T78tN@NTweu zx~v-Kd?By#mWJ=1SkY<%v@Cv`2p;h+^~EGD6VdOtQ94DdG=dz4Yj)BKdiSl}q;0h* zmII=Si&pUk*TF9T(vIUa=uhc!y(?23DBXFTP<(V9VYEp$8-Zr5oheP*P-uz;Qu7t< zp3suNMcjVhO78Oj{D3oc?_H8ou9`oKvc@x?0Z_Bz?iD`+rd7Ek=HX|=&!RZ3M%sk0 zI$qYOs#-(XqfbR2>z%->wZlva?%$l?gE#mGYxmSCo>9?<0t%$|k$s*yL>JjJis|X+ zi>HFdy)d7$a^a0q@Sc+E{3Qt8M_mbRbv>kg<9`fX-B*lR`d;&hSYlJhW9G@4pb*lhC^Kz%-VGhxJCds@4d{RtHFJ0KWly{u@$RedY$f>P5wf3MDq zOKj@`rmM!-(~W%Y+CLvR&m+*{(x+kudDrKZtcODT<0bDExSwxA5LeXf0W;$^CuMz>Cd;`XW)EKVS_ghO3NF2Fsep4MWOc;Kr zL@}vTyz{#6*Ndq4tKyTh7m%>-oP=Xq>+xBZjIZM?8;KieywbLfH;1CG;WPG z1lTeJImc;loVV-cF)R9hTXjOHzMYndd|8Dl|Ey~BgB|P{i1uzoh7S@YfbFC0^@1c8 zX;e!q!}TOw0p4ADV?BIR*4(5O+>)1@L`cjd%9^&H`$y#<{SKnZ z)4i9JW;`YDwCrmn6z@3hZ{Zsf6><|*lSnV|*?w{+av@A8w5oBX-Tu=fXfZME2HNJI zK!jCjaKn`WD$C>c0=f`)r|WHsJRjw`i#+2f_Y|FrfiYE~4-~Ng1n87$`$qI~;gSy! zTSYoSEQmL7sv$HO^GXP`9s~aD#k$7V9AZ4!H%lJFI zM04+}OGZ2P`-kkk4;7#fZ)9YR$k>8oPa@(&^UAG|p_m)ce)hrO>JgMDViBt(KD-`W zIyia4ivynrs!g`Gppf=o$O)5~hDRaUX|+G#<-gjWV)F!H3hCMZbzKJzdCtfC}Q|AKWhqf3iyGD|vPk=@a1&Tck# z!aRLyv2Qn2lQE-ZXJ zTyX=I@YpsKn!l=z`t17q&yR_Fv|6w96~Q#`Q8=|U_Kbniy^3U*{w7!QNqa2fJPy?) z0Q={?Wmai=M|HB@!)&{f)YDf;6b3aP!J59=s?^ACbK_^3k?Xc;?~c8HLXLK!=|{i0 zlDp?>ISw^q62N?Wsr=h~dlb{;j>BvRMX?9?Y^1a6p5^cpplkhAAbz17d%L?9e}Unf zOUi9zA^kMM&UpIV0?@6oxy3cnFTx*)o5YEqueY}`zE#kY4MFvk3gfE?mkeMxy$D-0 zU@-dfO+FS~ei%%1~7!(CG^c|&^ z+WOHO))(=f41Xh}Re#BYszpLa%TYVi_nGR(^XK>lcLiT~X-?BjqMYZZ-Ug&1ljmyQ z3=^%6zB5?Ae)D!QwxW=EeR5syiGv4o+jHa?(SQ1mnJTSN@Jw51JY#~$wWB_vUm+(S z=1GHS0MM9U$0z($gnCmrBFUIIXVcU#r&X^;)bVTb5smMTDe5V z*$rVpUnJfzQ+x&m-gkro1_=Uu3zVqF#1Ubi=|Uw_Z3Q$i&v=~oJUrM#^4)8O)q5`a z!b~Mf-Pa4%{ZvFQ9DlBOCz`NB?(wd&R+j8L-%OClISD`TMKP6D@IU2+saPxZ4#f|J zf2N>)T8~j-)VLuMRRMr@Lxu`4HU)I9VASB4j2qx*8P)9}^p8+&%lt`V=ioIs_Qb-d zU$TnY2c0ixY(SzAhYUsSgkgVX10|oW9n80T5C+secuoE%rAbjl(jcEE zare_Sm3Y(}Ai3r@PCvyw`TerWk?*}{|9YA0IXb*q;K>t#&jN|UHZZsZcYvl4Q*JZk zyQsl37f}P`^^xbt6e!rBuS$`CxaKJ+dixnuCE$Op5YzyF4MDqgsU=Ulz9EYbb@NJx zqoevh!23b992$@_8j#fr5kK6|_<+MGX*N?-_~io08*l`D1GKZD?kq+6csXR)58OuI zMY(3grVPorLIQmK#bJhjfHP!<3gE#<2UzPSMM%EF8Ew~9AH?*kEd7hu#W>242RF@> z*}KYZjFAv02Q|dl06-`@^{*IAe9nKK-0v7CVVoKuI3(T)Jozh4r2<&%hx2ufR%?Qn zOh@t`j3nQE@pSEiE&3@hgxFX)+r^x|QZo&3S;QZ+z~|x@PW~Fi!~lZ|b0*bjStGc{ zZl>}?Q2bgCWO~8nfqA#%2PhjI1|jxF59SU^19VyM_YunC;Np)|@t;QFNFz z=m@qoe%I3=XTjQ^_`S61`$$EiBBK_@Q>`iJmU z;@4{Ii*(Dvv*++(DoQ;T^v2D0R+gaYm3mBKLdphn{#HP-jHUPvZ0}?0f>Yqq zFkgv39#0z{%?OBQGTQMK3En&$@G)V)^xEk2LzJOJWg|mGd!vj=GKSc@ZOlx`oJ`p$LuTTzH)YC@ z2pKYauAg(?=Y7vf_gc?C?^^G(p8h$1)Y+TgaDA`qGhJ2`+ZW8ekM~3put8G+M=rhf z_Asx-T;ymz-X^=ba`Bp336!$Y!J)#t&7e1}#*n&4eW@6vsJPs75zkjM&`krDGUJ-} z5(?EW%2(!K1tvhzu6S@`BItfXVT!JN+?`ss??En8`W*NV^fJ#7!;Hs?oKi`BWzEAi z`tAWdB8CRm5&fVRVCu3qP65W`8C<^BLfh_^gPu!+*;?iH&Brt}XW7W2iFuGw6eX|- z#7yZ3_K?TCo=X-$E~8*lyQ_JjW{>T;BV4P>bwHqUDo*}D_!QlD*0q5;01ifT-k_4| z(>m~06(TpWSN1pJM#O%@Fog*~1x(Y}eY@YOQDih>b1l70yhg?qK=@!RV_-TkpnlB| zap6zzNtlC(xD$)tJl>oPlYQ4k%r@FHo1#7GYHme$Foo_SvixrFWQ}2)n?j~@1#}p< zC7c}x0eO^091NdMn7#vyK`(6svi3eB3z@RDKyq@mj*uhQPcTt|r6LtH=|b`E;S6oK zJOAcSN=fw;okB|L(!c{sfsPKi{#-ZI`Hww{+od;p4GnjE;c9wCj%wo>RN4*sO^6Hi zlVLR3-=GK=eWf1KhlnCCk-W-i2$kY1a4XurcP8@@hdwZpN8lBw$?7JkvYlB|L+{r} z)E_izQ?8NL?R$W%^W8-s+V6K`r}e0>r7%AdSgUUP-Rc;f?i%>huDh&#Tg?4vIpj;p zo|4*Gd3W_SgsOI1=6qKXt6MWTsMStxHF; zS*$+w-;npZ#LTsq2tw(;f_7TwU7!9S^M7E4r1A$85tV+^lIHI|UL1BIO>Hp&%x!}~ zbE*udPkzI#nY3uck!VJjg#mDOJph`l_Qefd_SD)2enR6c$F3%UEgBaC359ol#ErScYGXZu~vYFT#h? zX#OXF568ik8iVAzI7ASB)A}pUK%zCIwf9go&CI1x|hOMB=vM$z0OyvH|qbf8j;E%i;Pj_TewnQ>4 z(MhU4|BA{uJWf)xOH>HuAJqJOiFRZ?h`}j?jw6>;gVwz!&|BHy70M2s^}z(R#PRA{ zFNs;7KscZMTz6N*Ql2Z^8KqO&4gK6wv$)qV3hfA~KYLJt2)-L1L?_ER;Q?fi7FYs5 zW$m8ol;Hl|R38ORKE68AG>;sfL_=%cs+gbP%gBwh9fki$nnY-1LR}So?o29KdGM(Y z-8Ne|;yE;S8uC!pB{&fd2V=XNhfYQ-UcN+2*cV_9G2ss>)rc`0-YIe3v!N%U$#5RC z#a2S8Zs@9f!WqW(2Vtilo1xT;g`d~Jkzi6mBo0B25gsJ+vZhIWr!JCu+<{$2J- z-cK)eXgb|tf$B_pQRUW^f-A^cSBUQ8vuCfV{tv&V`KSu2 z@UkNj={@!X$o^B@?1R7Why{FdyyHCVfWPZ=|6QojC}?IR1NjE@i;jk`-Jvt!U&_a> z&z|#%M`8*HY#SB8lJG=x%VUL&hcGq1hwB<)G#0SC4L4AIGd~rE z=Tm#Uu5xaGT2U!F?!(drBU?^m49`FRHs~S3-v+`_j!7 z4zr8rG<9ErzkT*yz(0wY3$Y0$iHk$6M!t$j6DM>T?qJ|aTNE@!iCm&!{DsEl4FrlEif$FNwJp9 z$h6k}8AA82F9NswUcnw|Nku8GS8VpfsHIbw$G{fKhkx-GffOOQ#Y zG_)p&)!%f4PSm>AhvA;^7O5gZ)?ta^uTXU-OG&EogDx0+*Y3M_RWD}39YWVo=-M8y zsw>O5@+SKhXv!U0MD$ps>VG>5A_Mvk-AkO;pzbkVsFNFKqS`1+)V8k?l7XCrcZ05L zWK-brnN(w;6MjEToe?|za4SO*nwFQQTgGD;tnVy0ZO%{iN}o7z0vK9dHG7*9t_0?j zvI^EiKkGJaij-mVMKhRd5A>UUb$35^gf7bt@*<7Dwf#w*RHaK$Ie+0Ih&iNGepImZ z!J+~g9PRe+X^AD~Vj}~o+7Q_aW86A)12z)>(g_rEY?usb9|Dn^YF%u|KkUq^}!7focLj2uo3vKYTuz`mQ%8K zfRik{z>I>%q|A(h5efF@|0coSH?so=Zdd1mkJ@s}s^6zUg!8QDa@_*-dy_5g`R8c( zvz{@~cxF8#n;1X<<7UWOz{=!^b0Ec9IeGmQk&<;|_KDXsBy^YMV~0+3Kp0jXxK3np`KaDecY7*_~+HVyEcb3qm5Ia)kKUSiw8W^P#es z$pa*07ceh}Z`G$9&bG&Pb@wf-_=|_7LRBrOEF0`=Dc{kfm%kO6ZJb5+4&vt^T86RV z5Qqd@W+BQp1o6CUWXqa`V!UhEu$cn{IT}#k^qbj&GFm?-JV!fgZ#5U2Vm|Ao&2GOlJ)M|*9Y0p(#OrMj$6FlBPYcDH(sJ;ir7v zm*Y88OGl!Lz5g%L!5AiyU@R92-gjpc*?LSoM{j`LyrCuoQF~0y(P}lSlugnmQjY_; zR%bjag!zfmECsS?H9aNOqcAc&I~}HZ(H8HCOYVMw5m+5a{E5(;-1W(yT;!VqbB?*& zu}`bu=nnZC*U;Rcq5S016Rc1^1rtj=pM>1N5IJuzabFsAf1*-;KcX)9$!`XdI-Cu3 zZA6}S=A#+|1D$^dt{$fqonidl;Q)7EDRn1ydTc1Fl$mCG*lG*%Q9|zp5LZ_IX!d`w zFEBE~zj=6w68B(xmy%FF{fyRt=jWv}viB=tt#t9qWfONvQhhx%3b~dmKNZZg7 z+MUey(f@L!D*;^vwiEL1s-xVwS9d{rh81jE7@}kWj3cJ)GUDe0DC`|Zlnvcr2BwAE zO4lJMcofU2=`))qSSE7;*KB9>3frI|taYfvf-SfX3kOB!92~nO1E#J@N%fdhY^moF-4rNi{q!N= z)d2$rfm~A?Jd9&8p!LGT){Vn=Zb80>*^L;woi9|p`!i0gslOa*PQLI<4XQWv#_w5f zxO43_Gic7lv>-{R`t^U;iPBF9B_rtFTngDhe|GuK{0|h#XF?c&`-!#r;>GiO-s3hi zjSJG+2b3zl!c2Y=VzI8vye(}adu-+mPTKSLiq2FXox|;eyTrI@HYmMgO6CwKI+ot6VL;_v}3t+aRbt(=%+AW zJC079|B=WjPR*?M=T!+>Qqg1i1?mx&hOQ3FA;N-7szi(`s3|b`^Caku!kVGo=~JLk zQO`SY{`5M)aHC)}rNtSWT3&g$=U73Cz6ump<-)eyR|{!wG%x{URl}|CyA1 zH2(B`48KuRm7mHt8rIjb63840FcA7x7U)yDEQ@NKEE884kt+euE2A4*3GF{G!`=*C z=(A`7_;d5A-&?WU6%Rg21B0P=AQmJn%CI?_K&tfWZYJ=BGYwKUO zKJ+^rou8xS*$e4LHb>5a;3=syLb)UjyyMOM&kH)X zy3iu~m~WZceV~-oEnLlNntS5%IeUCZ_>H%G_d#Y9}`vmJDrE+0JpYxMsmau8V$(@^Ej7d+g<@9xb(Hc=jD{LNEY=(o47iAeK9y+ znqUVi3Svt*$GCN-R^h8viG^C_6uI!4t83Cm;l8Xx9?&UVh!m+l3*?_IuV7#vg($IB z5;5*oi+lVggfqk3>Z}sQeznazES?B4bWa!hVR~S1$+Sx|0?n_;7gN2l4d_!HzD)K1 zL>9q7=GImi5waf$_`klI<~B)I-jTWBp($*GgF&~!V~@4?hQ>J#$uvRFc* zXnI=CT$E%)h%*bSohQ$5o7lhZN`klo$$QXaCj*5dDhqDYu^pAYjLz8N zcsuXH)u}>FnloVPa~T1VU`RdY_E{tnZ1tt{LMy$A8i<~Z|Bw}Q9>810@9sv5^f*{= z0@M?p)+hS|XSqzCQNx-+3{J@YMn}Cz$E+7VK5CCSB z@s2)Qt!S9gckga)*q9eE27ZfnGhgdl${$bKg^WWETp*zMh4u7d4~LzsL4k4q5q#l` znbLd~esFQT1!W<|@dyc=)}P*f#Uq*e?V$djTD(R0d}p(7%G{*r$_FJ5w4XDYkbDr*Jg71EPvkeAO~r=yW|w_uZ@7h3k50|5a+!G9jHF&@c>v%bbxeKS z!cY#`?=jVrYIL}a`H}%hP&6cT1EXl%bneo@!-VYmnCa%eOj^y}!R5B(1&GLpZ;L^* z!JUo*YwBoDKhn$4h9jQIdIl_n_6B+0hF^LLGIBgrMT@}50Ze(a4(BwUVo&LprC=Z6 zC~ze~(7MPp85zN>kpz*=kpju|3LFHUyM?3!w5SGa|Bw@V8$jT7+bzyjna~t0+cuw$vYVO+p|&wJ0i@m z=SK?5wM{yL>CK*KNm$|Ex3+t%`5C$>qkM9*XE~zS^QvE`h3d0 zpGneWyzB?);rv#+xbY!JBkqYI_6YtrU(;gJupdxXC*t*x%aG$ofPT)iO6B9d!0x>utZD2 zVN{}pcgI|XK=;9Ws3o8SEMBSSag{5No*q9UlFF2DYX*dHxJ=Cg5qHj&n6FHVRg_Z~ zgqxiq>!gOEY|IpJ1ix9l81x%uwl|@P45zz2X&H^UTib7+kow`K(|J2_I7Cr_0()!=`J;9G;Xc09fLuh}o9AbI@(Bw9xA0TLM?(vDr zeHBdSZ9m!cI9KN<3Fy7tID7!ED-XO4!ps258KUlqN{!#m_=zNy!Xnj^_oO4||L$`U zhXrJFz`JJ(;wH8B765v&+Wg*3PM5g|8Vq}wESQU&o0*5%qM)q)yprKjF-=2gul7tX zsd%~F!xAVO)=0e*^+J8%F>fff+3ViW4d4~VoGyX>%_2k9?9L_xxMrpc^h|+Dnz`Yc zW7V$Aku~jCLWG?@>4@>jLTY*Fs+Y-19US4nUel}=?hMCXKfmW*mTcjn z3PnOW0f|Zv^gju%RLA%!rBI+e(jA2*cqyW07Zkx>5^&h0x*lWTKb+sJ1qc^Ion*4A zSsf0CD7tm8O_4%pb;}Vl!4!tG0I5zGhS1d&cFLLP+ZEqs4Ku~30~){`7YhgHUAyxrd@fk(I0sv01oV&LIBQ(hQ)f83-tM?UES+Ipu|KWJ2CS_Y)~JVhedF#r#oKw)A*7M zO}NP9$G7i$7rKoem*uE>IfJsjD9q(dqv9>4s#V;Zomlcat4=Gu5RWNo_SGQR$^bf) zPp&+RpfO%kpW6(%yy7>q^VcKy`D1cP`#Sc_ox40YmaQbbHr5}~s4-+F1)ppVTp&#ofJxiRIV)-YG{{IGS`c^Km1vm8u*(TnvEebw9vXjI~?Ey zj)^y!0RAUUZbR;v;}TDpeC+3Yy$M)1aH9*4C|E51_?v-dGGG3>p_}g>nCHc}Tr;+1 z<=Qf>R$!b7+!u~7#FWcwdc3f9tnw6@4k}$@1dir%k0?@IO8GVq-TF7rljrkT^*(}R zF1x1Xe_yWHvP&NQd@6gTgOatg7Fl;S`NLdrDB^}~N=^4nUBS9Yt%RUof5!J5-TPg7 zM6g!QaEPo)3!dF3i~zt8nAiO7(c6Hb3d6FCr5b1Y0#Z%19VFf+d9S zg|&H=s1Gw#P?u`kKi&aD^exl_oRP@V(f}vVWB^<4u2iu!OB zeqCYnC&(zIXURxNf^|{>0ji6A4V4^vUYI-|Q4QUX~ge)%O^mJu(o zi~v-`gv&JE@h^`J;sSjziP}Ys4*0VHv2r2g*K$4SGc!xWPaf_m+R9w zD!7;7P?q@zj6h7M(CfIFc5n;q-^v*PlKDUbze9h(OsnWFrcePXpBu-=UBN`I%4U!F z+ry`pLILL%t$(SFL;$2LtW1e3B!;@yih3|j)YHDm@~)cwR$o-{_JN2{SRn~nbDl!h z;CEyd4%)Rhrz06E7LoHC2twy8DHt9)vFqkaFdyFa;u5zxy1_=Nih(}%PnS(%72PhS z%SfY8u61@97I?6>7_y-!1-%O&RN9bLc}{&NpRgf2Q`c3M!1k;}E16|7*DQ~ZgzRnB zZ_Sbbx)yZ>Ym2!j-bwkCuyv+ zvQ0LkUD(ak!X&R`7MT9G zLFJ?N0W>6TB2+vHiVhYc%1-5MhU|r@(osDS0wjao&o3tjs^iCc$}b|$Xbe7qe*={} zeRsiYb^a?;W)t{7qpelz?18GHtVg433Dm#XYGlv;WvlThBW{qM=Wc7O>2`7X35GM! zIj94~=Uiuhkg9v|>NPp31DK3PvrSl1z?A8$Ab|$JFS09`@ze{7Rrqozgq>nnI~S8T z@J(ob`K71VEB4}ZnohH*H8b?HF^OV*Fd}{XxN1~imQ+RI#fA53l^Lcr^m2bb4$p$t z%@1y7e?EaVxvgwdgk8%a>fbkaY@9aT2g8>FZ^JfMYy_l3y7Ah(4}N4kBUR~S%{nODP1XWCJGHbp)4yOqJbnD0d3sS@*&;q?oLd2C#Zhqf&{VO(YOzm%xy{CMM z>DJ4+c3S$%b%^a@kxFLc+K5JPKr|y3O+41T*d|O}7V05Wmmnk|(waOLttt37kB!xq z$42CA>PT|uV4RL17;G?m{%)|rN|CIS2a=5G{L)n7!%3o1{TbP*d+*03=nP4(B;Zwr z0NH4r8$9@H>%bjTDJW|$r*Q75sJYzn=3q97CYaW5Pco|2iYi)6u58qbu3sDkou%_l zx$uw;L_JcAku4+3-cb9C|H70UxrtN#;ooPrtMawxaXe_VI_(k54d!tvV!1&Ox#D{) zv?WO?&&!b05aZ$HvSqr-HTz+B*G9PxJ&iHuMuh)2asD*jc2pcrFAUXb?q%JZ90AhLzKSN@xDhn zZ>D_yJFzOwkzwUD5wCc?EKG~1H6zk9S-ifxVy~iSGI1erfus2|`Pprn%myS(%uS*N z%nCMw|90LO5+J~jox?08`txqwHlr>OUR^Z8{jD`G7e8Bb0>rC9-E)BF`h6r!)a^H{ zz3wRhy#>e4+}gP}BaK`t%^&78t>Sx>tmM14*Qg6Z_?SxS2bmo^cD_iigmcImSxM^h zHSm5rs9PsoIj&0lie`bq^e7Mff9K>WMag&U#HLq5+j;?X7Aj1jZ)^}aa8Jf(8xRcf zr5-_sR>xc)GIF7yN+2J%;yWJEbJ{?_kU2uI+_ne5fhE`}k%WlrT-*QDd+SZjqw3T8 zg7g{Tx?~(8Utj$x4Ue5?3F}KXS|&bi;WxBY+iM@6X90qby3hm09w8rZtV##r$3>W9 zkhHJ{q3RRAKH!L+Py=cv&n`dHUpvCT5Q;EU?`M06_A6;G2rKh1O`}H~diw58>gJ1Ih(GN4TNj7TXIWzS7&=oTHbMB0`TDFS$ GgZ~10AO02q literal 0 HcmV?d00001 diff --git a/c/misra/src/rules/RULE-16-1/6-4-3_grammar_2.png b/c/misra/src/rules/RULE-16-1/6-4-3_grammar_2.png new file mode 100644 index 0000000000000000000000000000000000000000..4a7ae673e8c771fb9b84964abd03d0550fa85000 GIT binary patch literal 26933 zcmeFZcU%)&*ES3&N)b_M3Q`oMNK>kG5CIYCy^Bciy@McvAVsA~Z-$=GdlNxWdJ#hJ zy(CftguuJwIp?|0dq4R8{r&Obk1(0c&dlstd#!6-*II@uE6S1(Q4`_d;E>2Yd8~?q zgFgwjKM`C2uU9Wfgy7&@vbL0xQkIjFVo-LnH?y=c#ld+J8mo0tTkQvBs@})<@B8pF zo)9(=4iv;((LIlw7Z~yW{I#dygp%Kab8~0Lq{-Q8?`5v&;^?Ti8d83nq9VS>w*Ep= zMSUvhyvw9kqkE%0;uzJHa2g}*jHJck^{%-l$C-~Wk^0bxn*Qq7n@NdncU*Dq^}SKJ zc;Mv8O~}T{NiA_>;@;Tcjc z^dDR*dH0Fy+PQSWn{yJW?>j@ZucCj|*Z&~W$1R~PkC(VKk1KX#+R+RXA#UY3_TR-4ETnqkuW3~sZ|QdtcA!4LJ5X~>`h<}bs(3SMa$3REOpbiQ_r z|CPrF3Cg(i($U)~H;cC444Xb3Wsg0%sUu>oO+~OARJkGO`p(Gl8@S0!Mv;MXp+uM2kxwlvDifg`SC5h4+jbHk4Vdq;V zfpqe93bFTG&%)J*FA9H~zuZdd+zcaVE&MD=7hq$v`<&B9(&7`h`^FoI9*r8r9O&Sp`WTL-g;hNQ_R|S z+Tf>*R%i)Kw1|}vTltVDXd!orG58u|=&fZFS?yBmqZzqKoW01#Pv>3wvQ|CjZkKuK3|#Wd!duUtmIOOaI~Wd2BVPv`uGjWO z;JmT^K{lJ;MG2fH@Uxo4NsZW(BA(gz-&ZjAzSPLHi~CTkEn1#9Mo8cB)|aXvrU}d7 zFXY;I!k?mOe&L-kTn`FRVW7MdsDA&drVatThWr^mPqV%@%az+v^_~c|LePxlwveC(1@T|AWzc#_xm+A_Kt_l61FHzSAs_g=MI#Q}IdK_Fc^- z?Rb>c_t*t5@r|M+asT0pYB?VC5h~qvg>d(_*Ew5RqfF83Uw%HgU=}H8EOwpd-M4|_ zXV1dA+n$y<6%rMEqn>qc46ZOS7?DkWJLt%SIIrb!CpBp27wdtI4`CzS^c(nW&M)f& z#(J95r|DP22_w&ovT-NZtN$NiOm;jw*Yod&JZ$XFv8o-0`ZC zd64AniJW>3Ev+hLlm>kkrz)3fk@9qrpCabNk!=3up@5F;$efNm`8?sg?w`Uxt9Yrq zgDIcMXDtrK4dh!gTasEfP`i+rlSE!HGKrLd$fUGsL}(?xRIpZvTYB96sN1Rgbz(eU zUHNxieq9?5*su-sDU?ySs@$u5bqqFEGUhoZU+!+52KUR58Yt-}9GqS6f{$i9t1c7L zX6X%#y3qO3`3hrr8>HfMtqVH)yN5XjCkw{&$Duh{%Ng;70t!W{$Xr9=b0#DAABO9< zakt^NDYP;BlKI9pO8A%fK~FR=q!(H)1(KY<0J(s^WOv<%`z3Yojiu|b`-K8N&x2?L zuSYycv?~9xQmz8OKWTi@;?eRng!Z}{{5qf8{YZgSFMVn>X{nzxRpVjI%7zGi=n>&W6sCQ()R^%4*8o*!sgu z6`PXYxq!Rh2HLp?ohnSgLw^j54L@417&eEBkBp3c9$_!ftMW9q ze%@KaQ4TF>u$L_(E=_u&W$HeeYJoIKGimBS2|Kqov&!I->r%b(R>(^*?52QFB?VNv*-+@B`i%Pg?)QY*o16L@`p9FeprN*D)^&<%(ZW?= z-(V3i`-z(q9(J*I@JUO=EW&w$X2Qt(p%;M&zvsmMXYa^;{gu(V!*8AA@@pFFL#wun zDTszlj5C%^vg0Ub~%jTkG-E+$RT*WGh7!3sR*_ zCM7IW=I&!?l-JG8D;yDaHzOkH_`HTz&<}FX8W?tHSUs)>gwD#mWY(5@3R+N1895Ul+Cb87fMWutQQ&1}OM)IqZar|2j zT`sQ_+Jpu{w3MPvPfzm6M9hS*r`fNl>1Q7>F&=DQb9YX(9Qi8VWB!KfqlOH=33^rurI4 zDika9P!INFH!q?W(WeJ@G4V+kGcT9l+!fUJ{(jUK+_KvOaeXqmTZ`~A_Vt#sk{bV@ zBCAV{p&>n8J6`W$+R5(7@{*0G&AOT7UwG;WLA+C*!&X9ca>@U58*L&mmM zez0waT`&-J5s5M+pWu|6;5 zlfDDvA>@7&(i&wYe#Eld4{0ZiLW<6cdLF9p?>e_1o0pp}_I9UgH92_q|GY8fxftc> z?@}LAzp;MrPz~KnQnX=6d&G87BtL0VCu}Hhglf{+9{#o2<4%Xv^_ugdYwY!&MrD-4 zi{0U}X;J3l5Ff88fjyp8=WkSKt_Y*7#wld)Ix^k?G7(^edx@WyhwPPrFm5^oPabE;x z+|`^^X64@YjZdErpT|*U#4-Ae!T8dk(M>iX%~QDPo?+XU@~_+$;jtmqNEa?(A`hT{ z>?wxfY^V25fBWU!@yIDL>r&K#oJnUi$UfpswdKqd6maf=Z2}y8+-o@Jz!om}hl5Lv zga3OQ2j?j+&Hrqx;w%!4AlH3vE^clPa0G|5r=5$j2Zx zw`0J5ukj0eR~OOSx3MSspP#?3)6~QAKWDOY{`W;d;P%pX;n)E|zA07>51i zuVKIM>#x&^V82XA+0w(*M*Fd)EtqO>X<`o^^7D!OKF|O9=s#Eb*H8^-Qzt2VTQJf^ z>^~3d@4^56@V^KCKBvyV&dJC9?^FKklYfoG-h+^;sk6O}D|QYw>?~cxz_7D+|Mw`J z{|pm*z{~shpnvcE?-AN(j`;W9{~n>_WC`ZM7<*}A5B@&GzxVxpya*Te+5gKH{xY=R zdx52i5s7g9kJXA1(a~xd;^0W&$UT-+_rTqpbf2L3HhQ`xsgiZOMEYA;W^V3>xA@J^ zrJwPZoPT|nrS);BXw)@t-V&Niad-9&10QFJy|5XfVHsh$cl7uh?Co>h{!bW#=|fYd zvgHkuWe4QsFPBqKf>0mCaCyfa^T6BdZNm% z{^?@>|I7HlX7~Ry4`p*+mkipKz|-DvyxnQHz3{_s;Io|F%$ER|H5{hkQgO ziT#g;c*2NXHSjx(lUmxw_;9G6K-IugwwgS(oZ8VcbF@5XSr<3Vyf;;0A16-VNe-T) zL_d9!6(vSpG+1QRR6V87ws-xfT9x3@bcu;vG-l=&Qz^wJ>Ugl|}zu~O7&;YrnUs(0Jw zlHp%B>PY|k0*Mn`-#Mb`XE2T33e&SseK+G5|9lp*z9%TAlqY-Brzch3`=jQJ&zvJZ z`Yk1x&+&~{*(1rn+vTZ7Ns78At^4WD9rD2&9BKdHK+)%J;(vwuQt&p2a1>G{MvIo>N1;wM{C#cN)>E3+|m^@1G+?voT;JFn@F z8DLedPem{6{j`nru0bQ}=1q5JGqs8g9qagD_29kTDF)@9BJ6HgiKuAhOWIu0?SJE7 zCr$bqc9!?+(nyz+t<8~KSR(RMN);JxI5}G1%1&CZ-3p}m>nYE1E0iW&0IuFqHb-3) zTEW8C+v|VgEZ}?O0@t?;*PTm*4mGi&-#DwS4e*~~>=L7R3Y0FVzgkEqs~zWG_$RSl zNxT5l(zUz`Z}3Kqg#70TpB}-R=FV5w8d@uIM4Kj{7rFdbzsd$K9rO)cgWE(dPmRF> zoUOfY?_T`B{K#MK_PHVUG)=&0l4Wx9*{dd;>~^{Z(zJ}6+LyZ$=FNIjQ^u+I8^H=M z)~x`~M0j3o@x2!3p|Z==a+*IK|FZSr9^9x7th1V$y<5EcSlf_7ua>6zL6+aR;*W}B zb_a`BQ+>AOP(PT{4s37m%QEOu4LZXuT=Dg!KDe&Pk5I)$iJw#tvK+G&)ej(b-9}9( zDfMiwUWS(!q72yP6W2zLMaqgAkMe(|?p6)-l{f^h{oI}kK8o!;TrKJ$Jf+XIv0v&+ zh^=!PHx*o_Ha&O7ZQ=wlQCgIydkf9g8#VdaWxQGPWyL?=D~i%bH6VR^IVygt+9jCA zZ7~+caxdi60u{zNb{qdqY}vn^n_O zd#i)Y?xQ6p?X|#9_SjYoY1UjlBpP8WLihUZ^Po1$dY5|S1eTT!tT*^vF1M3>A>>)g^)bIA!$!&g+N!xt(4ONd_?P|8oHwvwA^dtYT12RvjD#_e*y^;&v z0q8mYMr9;YCSm8+j8Ao7YS9wdI%-|iK&cqo>2+x>uYj00+bH98l<2;8C8Boy$h%C! z#;keFW~DD9VZ-*NcTbm?ZqQ)jORQf&uj}+2Y_yA?IJ%u2E}K)n?AbH^@(Q=cnv|NC zCEC~2sA&&se~1w>YhIcVG&b>@u4vOQn=*H6ArV+Wh}YYD6>YXWGNZp&niVOOpC1|7 zv^T6bt64^-_%I{C$EpBI86{AzYVS|)x$q%>JxC1eAC1g9VptRKM+??g?b$gZ92Lin zY0tFbCCcJwYzYG%F@`qfo|g(o2~b_zvAuiL{2jt&R~Jrh(tJoAeLJdsnqZz9YWs#E zbrBKSJ{a5l`r`5$XX*FbVk=@k2fv>A9*s|*#Ib(4Io7{jyAG32db>{Kb*~R5L}Od7 z!f!e7+2a`-zp6l`^WkFra-?Mz-D|Hk{z{{@aUmjJCH!YsIi$zCi3R0+oY?O02U_yU`nbU zw{M!vp(12v844e$3Ci5%)U$7J9SN6rc6JAcO$>((bk^?<$RoZpM!8Uaa>1ZcDAxgX zfvPDlYs5`k?N{*4I%K0*PCabzr<&4XIh*CTauNtMj~yTa-Kuau3<&?f@|Nfe)@b2syvAWpYaT#%Wsxy!!8&z$vAEufXlu0gODR?mRdeUnhy6nC>$#QR%r^-mG zdPvKtAvbYaYq(Ccmv0%B;JVV+tn++K=gZ{i#g86JiSM=ZJT|DPP6Qhd=H4NIpNMR) z$TYWT+IGlEaZBuVKRsG6LOVaY+fc_=So~nRLt;gTkH&wU z^uQz-8Lv9L(SVxD2rDzvZ{2f&&@JzZ44;XbEaU>1NNd?vhLt@RW3`ea6j5Xn_q1~u zlC~9dq?>nL9%lx0ALWf~ph8)5cLPv!P~Y#E1NA}GO}hdhf|}>VUmVO# z{@G6Jo;(c^oAj8E(15F@kExm-2odq$OE=OPkT{yScBr5B94FuOI?qfSEsxfssh>&c~QQ=NOQ~bHh55Kq~rzUke?w!}M>`DEofBL0L-cZeo{{F2q{i7-#a1y%B)Ps8RE@Z%ouy$R1&2xGQ;~hQz=? zORMkdQ=yOOcU+BcL#F&seZ{{{4j3Q!Ce~|^DP>DDzVqKJF#2W?$5WTD2)$tSIj+`p zSKfBzoGeS6Q@c(hy7)%?S`>sXbezPqohU+I?)B=?iqo);`J%4Ad5UW?MEOTV>Sc;u zcHS`InBXJbr8>=ZzD^Ib+9H?oDyH}$=fRaz;B5K*F3B<99ttW;Y*lY|$0!6vX~#J+ z-9HR{vrek%}(tvJp|pBNy1EBk3pYER&NVZCmI)W9h6(DY@x@;v&su<+QtJ zE>x(@7rf_?I5t@I?Io+>&&eIj`s(c6a)miJ`x2j(=UQ;9w}hR>EZ64lZjAB_kDA6C zgypyT@_PvnPa22N&iN5%w__5kD@wI-c+0++7n)?XVS?gf_pJE(JS%>3WEqJc^+&yE z;=nvHZW>B!I>jJMQk~{{lLgi4k_xro^BXGl>X2oPagkfqP8A!s%+(}1pbCl_?}-$3 zxkHDok7c)a2VQAT8tFSI;R^O=!5mPAC=7y@j>i`I5ZO|gfgrp)zzyH?V zaHf><{`J|Ie8`x(->Py9+F)@&o+~2Ht{ek$!8-8L%j()LjI7Tx5bOS-B1^kC=uQs2 zREjQ%6;w~AsYm?O$Dk*kgn#7AX3cV{F;7*w3Zh5seycBbncRhrSor58AK%glS3O}d zuW^bUC)od5up%h7KVq__E#=FxV^FY{Xez=p`3e80GxGD)Cf1W}rB*nB>tC+qTm1#1 zbi#Q2aDQuStmT`IwW1|iWub&}eV2Y|#c2ARyWK;EyAxKfisLWO1_Q&lm96?PTkZ7j zX+GPbO#!gqjLb*X71U6u4yyr?TfU4~cyz#6k4fZFS(==v%!U2?*XHiNe9BRIP%5o;--12^!*aATZ$|wUHT^EKQcR zW)gtOXBZyrm|$Y+*05O!7OS^#(p7ju<8*8tIAjtfI&9#x_3aIG-Q;b=3siedOH+n> z*6$UxJIVtKKS{-Zl)X(7fyNw z5Rmk=eKU}jMCqoOF#f?T!p=V>0ZEuZ1OxnKWb8MmsygO0A8y1H!0mHhwV5hqs|1^u zX@wptT+`9vmCKf?4N)a;C2lV-|9Q`G=gT=#7vt6=uzGHykd@C`Jzlmo6n**Mg)++=l;f!0AI>Cud!k(n}i7Z1cTk z@zc@ObBd;NoBZQ8JULgVVj;hmNIq$Vui32Fz;n+iI??0Smf25nM-^}VZe0muN~wrZ zG#=#ID~NR2_3UpCEj>!|JJtn8kg{mnyC+SvTBN#LrFA0)*ky`F{FywOgf*FVZr5c< zb7|&GDhxt?n_7dmW6ZjUR@1q&g;ZQbOQ~59fBRnNNQueh?&{z?q6UA`$YU0t3NHZ! z`#|Bjw~WW0YrOzOnb1hXLoY6usJ@f5c=6j6h#7wVwmq7YQo=U@4p9TBMa) zUqrh}io7yJBR-xU%tuvp#=E#c@eZgr$CXu-RT<}F4HpxwVU9%g1-Yak>v}1&3D)Kh ze4hD$m(sYsQw`q25PL$1=DDFFh}{j0*L;M)Bh+yzcSRRAyE;N4kv1Q7tG?fU*IL_* zUMnc-S^N@3L0z)FJE&9_O2$lC>Chv%ydVbqj8uPU40tldRr5!LmJZldOSUZpW7=q4 zVThfplbir^Q7X}_j*r=KDq*R+ucdR@qLnMB{k%_M(>^=hAa#N5)OD^E!J_@13Genv zwV2MU?r@T0?k#S2a=9NRspSm`@^=uO9YCL@m#2GEPw0WH&xg(hVxeM);B9ylIAtmK z`Wg7GPpWD_I7K4H|dn*^hC3cBd zwTXdl>mT@2@^-U}yPJ`HHbWzu{9(Q{Kd9I98u3?nlJ4`-i1~P!)zn~0Ky2YE>n|!v zUG(d*dFfKQ-N9y_WLIm+Z{BlrdI_WwwClMXG>1ubnj^)pyv>@Wjo_+DFDZ*Jh0F~w zDRx(wS_*L!_n7l%3Y8HG^U$QEqyUm|6wnfD>m;;7<@q2)x%BI^Myd#7HT^Z64w=Ykl>5+V4FnM&W1gz&)$jy%&AiYS4@aV1KuWUN<9+);eKv(_HH=!S( zz|aN@c_D4eea-TcOXs7+#WV}r1yfu9V62a4c6!BoV`LyPFUT_6Ug;8mWOuTQX{)Qk zKFgkmhEPvKAUO*sd2NK?Fkc9eCEYebE;dTI`ZOPC*GHc$cR9U6?{ExB?}OD2rg4(K zDpb3S#=ibRs$NZ|HI`B+f%c_!EZ!?9{5a`0ZX26}-qa;guNkh5*o^O~5<$E{0Y*sP zlvMn<80r1NT}639%dXYm=DhpHyTGINo6g~+F>KYaC?;R@{$BfDv)S>%)*G!-mB|v4 zq?bef%GiW7o55Mv1!>v<7PlJQeuHOF_WiG^)su~Qf>qnYJvBwayTkpm*9^)^M^<*U znaj7f+n6-`TCmmXpJ+N5ry_OMw#&Mw9^0^bIXTZi^^e(<7ONOxs-`7 zzRl3ZiaLND(W!vWkhjIJmRz1;X-s-0*`s{n#ONFWqibsl_ft4 ze-*Prb54e(S{JH?79qI%w`xi3E{rI(i4w8)57JCQ-0Tl5%DvdN49GY-g)QbIB& zUJv{R<_s7}(rZl3YSxL@Do&4ykU3;5t~JRd{3ZT5A+}Dr- zv&JoxiN7zGiC>k1|2+l2Zh0(wO=pcP2ZFz*pC;z(6rG>naFIhC6~n5Q3`udMypw9} zEtFdsBcOZO5UbUwS7p~|OZ>HWXQDh10^RcLiXAr)Y~ho%24OupqD!$r0}3}$R+@Ck zI0SYCUntwwJaJo;tCFbbU8WrywoVt>Nt_vynXThAs11^WaK@H-AMLK%0b=UcrmoO+ z^8iN_z^H=qD%a8yoFaOmD}vUl28+V*odiABb%TQC#0>EWPqU1OHulB*CPsxLy%_qY z(#`CRqAAaY*Zag2RpWMbHIcN!nub&My;07_QX7xYnvV1Yd|qY?OG%U&LO5RPtRsH! zOV=P|SrJ2Jj6?J5TrQl&Nd4XyFw7y**WfBn?-lYVm9H-thzG@M#W66<{K@ZiM0S?OzARHFxYwN<2 zU_Falr8Kb@p8jEM-yB|qNxkC-eSe-dd`SsO_h4!+0;P}MXM!8-L$II#8m!(o zlXS8_Tqh15aUhsE{8?5f(mx&oeFSvc0*^~Bcz?Q_=aN?#RvH;Zq!GA(IwW0#;EIbq zMO1*|nMoR!)nF$8S4$O?^Ii0hhm;fH1|pzy5BdntP;q{rIsjktRXRHG7kSOaKOUla zt8YOP)hmYXn)F3YBA``MRulrynEzk^*m=Acu&*#wJeDHnTf060d50ykuv+9K2(7C} zd+YF+_|IqQN`Fs=?lY|3GwsyLAvOc6Lj$sG5-@I)F9bT?{L!MXSXf~dF#Gzgwwe<_ zQj1n~%dAse=d+5T;ePp~%&qt?Y_w2dRAor z8S@x0{Fj>fS#Z*|;3Azz`YGJYE-AH3VFoMxp$~ig5j$J-KEIls3v|ay;;PLoQ|zTk zW+#H_C=H~~a2Xb5cnXPz+1>d*Qo=BL(c|s-CKvZ<-zutuW>UYtg=^r7n40o5J#drt zW~DOZ&oWiw&k|+lC!2uQR5NFJ9s%?vF}Tnk-7$dFL`n&w-j&uX+7BgNmxh*=wd579 z75K+4Mk|RWELYs?WwrM1Nfz`g_evCfg8B>!zuW2kCpH1~i~vH$Zb-a=n@-g?N1ZXyDF%%G)&hidauYor2y4@k-i!T54|Kb{9Qof@lzzL=B!!xh&VwbqxOF0H2R`z zP2+Uhpa9Ojfm4fmm5ifw?;szd1gMht*{hFHmpa>ELt zzgc2RBOgapeADqacnYuOM;Z~2Vswvt<2+K&cD1&sVP6*p%^p#9_(yiyLp4n}bqZqC zYCi#jYs|I@vky~B6RVMrq7@#tt(tVR11R6A_Eb4rDGjkd?eCAo05&;zQbQhp@PG8Q zx*zV#Dei93%t~%r2ClKB6I>0u19nNam7&Z0`-xU7q0Ffc=#8?d^nxskIiLiUDY*cX{*xxZI*+`6m#=U=+DhLLPd7Ect&5mU-hRif>iP^*8bve;sO)&_q74%C_t~OJ@Bq8S2wnnn_A{fu<%GF$|G5OB z6zK9D8|S2lVFq>j4fek4dVWojI`_rg6-SCCoXqGojy?B3+$xiBFbkOL!fQ^zNAV=BMIn|FWkc%Q0XnY#R#s4o~YY>^2xk88YB zrZQBMo{l$WSrJcYEey@jG%OC>`hZC`_Md6*^ zV#trW2r`nbaU!>ASGd6_Ahth|+cyVcRdt2SQ;wp-ihjUiLk_g=vy>c%E4 zvLd+A8j=6A>f&@9{zM9lJ`9$p&c;tP zmUFX&p;{QMo)+V#pL;+QWpW?0%sKQ~Dr!2Z6=zo0wa9ogLBv*gg@1lP=3~1nbcDdo zeGAmCstbbEn=}sSHlMK@kn<{Q3Cc12pYxt3Qnv-p)O6kizP?d>tOlrE3z2U~(8^ad zQzDdmMdLkY#Mu~SBVFncwFOCh)^YYofcH_BHjhLhi7H+x$}uOVz|UPya@6VN+cXIn z2VUQ|$D_iuiTzie=?jy}%w>u&RqDL*R&>UCkCH!!10u%ihuHl?-X~VF(qv;+J?9`i zi69*No5#Y;010q%O0m(j4y&`%FVfFzui4hGJUhguiv^s@u&xW+!zz$~p!KMCdZf5W zi|o$|sRNp8N?8sh>heWZ)9NQos;@v+BhL3C}Oyj1_?Fxu6`L9`mAy61%>}?4+BbRPg<7s6jtBbTr~-S7;d@l8jcoGJHf4cP+27y zs87?bh~L&bqlcsG_Ul+}sYzh5n{=^m8e^vo)g4~bcfBoqHV8_$3t%DyWND)x=18zJ zjZQdQq8xJKK%H;`a^z(u?V-nMv5RHBVmr87#p1Ml^!t_xkxN4h87(2CsH{2=C&sQ5 zC^2hl+}9`5xOd#4vK}Ee_=3=S;XL~{MZ5E^x#>o@7BT)TBsbPy2QX<35xBB5;Tk`w?Z= z1Q@bph{86Il%%kdQkwrrjw!TfRj`opEY0ne1mk(Dr;pWS?=BYh-$@?6d)kZlh9ngO zwBWS>pYQKTJ2B>=k8NB|tVp_tcF9QEc*1c=>ZL8+o!aO-kZy z^TbyIyYk2wrd}v}_nu!&|8F^ID$1#vEvf-R&@uUu2|%d;TzaZLqm3S&+w0{PcLIhl$@+&!$9rBIoLcaZt%orpl4@UD_W-KI2c7)YN%z zPcYqy2#Hy*&kNg5Mgk(E#M7Gt%Nc_RHb2)GtT}-07u8xSgnK?^Ho=`3X$6u-8X8|p zp=4!(5bnr1;9(IqyCn;lVpyII9! zcRGQh`E@iG{pp?zy*T+>ElzKmWSu#CSS;9R}&8+OzXK>grWyx|qcYgI{0ksY-)6u16tJdSR zlii%+)p+RuPueFtuGZ+ecU&+c?i`@!^nW+Tj~e_~IoL;l;T^He6F;_CFOP6BXdX}& za@$w|vRG8{=pFgVC?@iuJDInTwM^QgU}u9|zx3iU(A$rssBghO%uC;GhzHK5(|?2| zKPQS77>u2W`cFeBT-|P`oF#V>6kUNZHZJH(J_>~0i3z4FB+J>o8tB9|3`?*|FknuddHs!)3#T`Z27i=V5 zGtIAk$0#EvE<-Z*2hy#u(#^}X*_#}EkA!Vyqr)x(L;{^N1eFaF1oN5COBA2H&WvNO zzZWZK;j;EK4*}2!K@#FEW90Wq6A|U@Fx54EfX)53`}@ilwcY(scG8Fkn?IwnjF?ua zaIoqXdRN5w6bMITn$GeO17cul%{Ts*ue9}atZK4*JOMZj?`fTv$S#rJ!b<$*WcQsYXr^5G^5(GMKzEca^lZ0$f6`Xo*q&xMe3PLS|-c(Vk zXvaJ;QNUX|)@6J^5kI{c-Do6!_(N#|Wny4$o zs?FPMVR}Q<%VnYh@cZZ=kL?=|&BO)GAEpc4qIkF6Ccyg@fOC2`DnpM9aRstcL)Re< z#en0|&Os&dO(w-;?U4<^<>Y8$P>jQymp`@eBRXZEH|QGPL9J3mIH`0K-V^!$#|1>y z(*QqNR($eW22jI=-v78n9F$wQM%<0p=dR2#PxX5kdhsKLum0*}UDfGxGB*J@T1Ccx z5jNw?5<=%?p&cO~;h^My_nKIYzTe?uP18G|pSGN>pT3e{#e?8aQmFgRg)+a$d366i z;)!Nk6g_nqyu8JLiar@ElgE6ZFCJ^mB8`(YHeEn$O;9Ytk(3YxQX=3eg z?iF1gJgf)brqRu&&;=M3dKA^7n3D5*fX%k;q80cZxf%~LPaQstgF2WaKLa& z(%<+R@fWK+ra@h9lAk#=-{o{2Q3mhPaq^3-Ele5Z>Li zR%--cK>%Yh)Zp!&mLxtQtBqY-c7S;`9-Q9!{(*5a;3D11*M(9c?E+_;w-jf`N*38K zf!UB4P@VL0nDMk%24hAUWM6DR(@nRoI|GCoZXTK&NYo}ErW5cz%dk1fuu2`jq=gw- zyqTVDg@&16oA0=h&z5xdPK#?%^;}rKb>s~mCOR!qVj0b$5|x=6p^%$SPbxuumN_MR z6nsFg09I>N=zhG_u2o?YFk1-7=aR^X6Ij05@a3dJUc=?$mdgcJ!>Y3{DW9NRhxMJi zCwzlC{!(&eKVp>}d?=4Ree`JiYh{iymBEtKOYwko?_zq^9ZX7}szc}D-zCQTl7CES zxJ-XOA>wN<;1d>Y1{DOlK{@UGI4EDpFGSrI(c|E_tLz49xXt;6#LJ9szT_Ve2QhJH z&iRIri-j4z@QbD-G{)kY|B$`T8+1je-@NZ9=mv94j1G7B$(hgJ!-Ez6_ z*=1r9&rk5NkK`Gv@KaX)2bPyE_?@Ds)2x#K%(5$_2@KcW-y9cE%Tc%a?5dFhxbv6% zD%LjRGR5seApdjVw;d}7Wi`o89jqliPuZXg=Z0$%&n+G?7_Yk2 zLlEC&e9iYe1HTrG<(`fNAKR3>4TGxxXY{uQGNTyyw}pmDWQ_A(6|LR$-YC&qZQu4zH< zuFli>A3K_7b(bNF?FjtUw@mZcwLNL zA(S+^)5b8se~|$GIH$wi&eC*gOoQeSiD)|Y%YlpyJIjlQugt%@l=CcMj(sz{tepGJ z=8$uD-xr_}Z!!;S*tsu)QhbV6uuJ?QN2XlMdw%MMMR`YTCZgx$xfTFrB>)F^)FI!# zdFU9)Ty|!42o9brvBk*`)j&iOX48H$FDG?PIGs>^knq+zLW50264zGYnN^;i50Y0f zMM8@AXbF9?vUNST=%op+}{LhEMCOr zS~mY0C#wRMZyoj9HCk@z95zwZeD~bcaNY5zSkIMqJR@n85ZeE(nvyyBLj*WMZhTu1T@ z2K+A#hk+tja7E1bXxC$EW3+7Ys_f0#6TpR6L*jHhSQ-358AJQLt?%M`QIp##%Kvm3 z+ZrL@veGxPsSf}HD9(s;P7!i-l4mb@jL_zw0Ui)mxA0NkDoG}>$^YN&KlwkO6?}V{cL)n5Sxm?8&s|37Yq+PPRh#)HD0FpJ_Wez zNzlNcf)b?#%_@k(vYvc&eXwFRC|Z~V2$)8w%kS)f2%7uMt|=$(C%#5xDAD^JWPl{_ zn?4XGT44Bghk(lxj95z3vz%_k_(Zs1>ux5)Z}2P)yBM?&YnzZ%^*xG6C9Q&4tKK*} z6}uvluKT<(5HZwUd{*PiKT|;NV*ZvFiF@|K$Er|w39qoLmnHv~+QzWbBYY-5 z@S9VXkOP{QeBkFBf0_kcpl$A4{-fZW|dH{Y9mvVqEOW0uT;2;A3a7vB;v{34;UDB0x(O)Dt0n5Xp2|Y66&;zxJEg4xt;K9$%rht0=IQ`pe1jq=oy+QB8 zTsMG6*!DGO_&@D$df4{2j^z^twk(+lY@=bqx-B?-sb)TQyymqH=qIB@*6`m?yQsHT zyE8h;?@irfyWijM_`fedT{3_&=?UNN3TW%OTwn(}=-jZR`Z&~fk^b~Rc0(0gi{RAY zAKigf2C)haPzIN4ruMNJ7^vhRa|fMnb!o>7%+RBRo;?}egXhpGQ};3mOmE+}e1G4; zZd2*)$r+Dlhq-T#adI#n4HDaxu`2s5Bo4{bY)KUT@ytb%VZAG)EEPT27B}$+YxSx) zmZhVh_Hbg-54~vz$O*kGf{DkeYg?RUJRGi*+{g@$@;A7z!jfc$FL@=3Xr;J`Y`k{{^AvKuS6#738J+u^#* zP_Y~!d-VT;~rRLO&!)@nsWLfNg#;&xo8j(2CVmAFUv zUjfm(%GIz@+F8p{Ig(jQ^JctapG{N;*?ydy!%xjUPy)0?tNz>42(NZ>8xm<$F1bi7 z^VF~zzkszq?s$?s@<#JwL0T`#H}P2(G^~i z=DV-se^(*6K;;*fm}Z=FjTC!k1MEvqDNJif9Di4%N-an61k=~BmZ~JO_4qU+edU?2 zjVBi4dM>9d4^G*DF0v_Yq%I4Q*m}a+Xon}@1%G)iwQObU-+Nfl=(;&JBrfc^lBT+= z@4Gj2;s?+)S)Fo}y9ld}W#n?QJ|}D#JfnYWwmGz8fUs|fa5@bEv9zih=zVRdBT)QF z8Zzg!yV8GhN_BMl1KUt{dU}mCm^`Wy2j}_}_WuItF@dC>#2rTR?H~5cS3V3sL&NM# zJa4mW8yyQ^JG&leHR7umD4WqX!!7^ayoL|wp&3P>)<2zK5bjM$*5d3H^22rR_C{F2 zr4HSjlri=P{b{`_Bvoi5^dU~Ln#HQ_SZXpTeog6}khA4?SfKRTi*-u^{n7AO;fAogRY3UR^#cfHW$=ucvB$T7^g2&Y1p7ar}pn2*3*E z;sjR<)Av|ANVlE?`X?r?wY%{W-a_%5KcL~AuG7I@qa#oCw0~i9JxZ7(EzMjFq}^?$ zJp=oUp1w4*1EeCYh@v$NLFzt_Dy|vr<_SzX3 z{Kly#`5BFi2ScX7-u>2#3m{N4i8V9~&C6s0f|EiaO_r3BI&RB;42J*2arR~ z-gX|hNK{~@4vH)zfu$+X9tfBoNWHOvztM!dayJwC1XKl(ZJNwGXyiSnr-wByKiW_) z^Wd3;$)lJ5hXK3~51O~J4Qglar|25u((v%N8*S4>S9beD;_0s<1roL=Jc1urRh)Z< zc{4Fol;*3l+_IhFtq{}AxY}3p?YI=bl=W?~x@44w$qmCOY?|d%#$G=xR;PM@FT%_t z>7Lb=vgU%Wl7q(sr|o0PD=Si;fTqxlYZ! zZ4WZYDBxDS`O;SeMi%@YttaOdyxNLtQqh9I(^H&lz><20MT(#`7xahgZ+sCo-jh)| z1~q3Sthkw5MeDc|#(TXeUF<-Z@A5c^b5pT>Q{QTLTV_jgIf~{(Md5^Hx6*u9+tbVf zjOfe6XftQos{mrsv_)DnezOaAQSg(#pK&t@(YZZLE|?SXV$1f|+*=0m!5m^U1pB2W zdW*(ibnl-Sk?g3Y;nM1wK6CfzORe+YbW2{9u!ONTyyrph17Xh#WFsBJpP%?Z+1At5G*TZ;twWfZ6MxEMxlwiG zqXMKcd&en)=Np2xaXU|rVjSyk8urP4-n=WTSvI(A7Z(x;S%?_!@Nr3Rg{>M%9)VHD z%JmY{#gh=q_<8}d~?Q?S0BF`PS)r52h+6DUfG0Ag@*i8>#@4Usl zdZC#>judH7Nd@i}_)DqsXJ>64FLtrI@a&m5o4|c4$<}5M$c|Zi&IMkO?sSC7ij!vx ze5CaFdLNs)@(YED7*4RxM?ScnizY@`val{He|LJb4j)qy#V6>v3qT#~Xek~Vv_T`> zcnd#B9;58nen{|)QkcwMUIMnW&9O`mmlqn?<>|yYJNpjp5Z;}W?IMY#cnc~qW;8$6 zKK2U9c}J5bX9ILJZjRZE6*b4cqm{G(uV>F1N#HbEWU!!=@*fLS=lzT~o~4||h*;+C zk>=krRtmJiVUOGEC}AI28Ws<}uBSZ&hly^EY^Lv0b!&84KN}WyV>9pcI{bT_q)0ns zWZj@a>Q+*DP@~c7SRM)P(@uTgLtPz{Ki=-$rRbEjF3F0uB zwbC8u8GH`8poNd+@4Y*kX>jzBNhr9y*pw01cGQ08!CdhA`%U4jT*TXh;LViBOy$#3 zL4rz3>5hIxs_+IVo|S~wJ3b)wq}NE-I!$3D(=3;Nzdv;wplEf-pD3XUm7X4T=`Mqr z0J{BMWB0x_-q|O`jRErjYQ0YZQ&w}{)m53y@O^%<%3v&9V$<;=Lj& zXr&+Zq8<@LGYm+@0cW4^cTu#euel`Q?QCnG!Bhg}1N&S?AUi#u6Z^5RVl6M`TRzp| z{fX*=O5Oa>E~UB1*X0~#C7o&q?eR-jws)fAZt})%-oCRI~H@Y+8Pu-TWIj%ZLR71g*pTd5miZ_1cb#1olvdfv-Hjq%c*(|u)szTj0`ZrcB zb{a8=we#*V(CB4$ZWk*}bn;g)`G|4tIw}4}hy+D^BH6cE0It0-}0N9ebbf_ALdcVw-j0Qtkz(=8x&xQRJvLl*WIAK{l*T)@N(Td2;jDSk> z>%jBF&ozty&9lp>!CKf^HTlK>yj!>W{b9+rklsw#%(u{T zDT;WtP~GGOMHUxuKDV|x_a;~mPo=rb{!$J4DKhrwH0JW%p?@`{13$p)60 z6N}XR0&d}HKFGJa-G1eHg2D)8EB`HVMNu7iN*5^JZTljbO_`wB-nPW)Q{DDp48v8A zo}o3>fmYb5*+OsXzqa%`bITnW^RK~&!@2! zshf#xxUj{JItEByLYHR-?avca;7Q!+BJ_-l)miJYoty?l7W8dIheC#xHXU6GOJ8B6YpEeA&Ktlmdo|4)5 zZ17Tnjl$(_hvaBWeRiWjKVi-4CQBc)7!DCkrzSHY5>akvQrngfY9z;j#TL+1Io)g7F-w|!B7?l&*ZBChTfkC~~o|C_rl-z7gm4m@2Dr9*0 zEA77D^f`yUugz*^3UDtMDqYt3e<+xDGdxHKy1&?3axO_xoY#dOl|f2?v`%1-Ibs-_ z3sL>+F@FRbtmUTqI7?-e_@>7`!fgoJ4{t>$t5ujiwGc7z0>7M%qN@{dP;$kF3_uuF zYvie??Pgz20VQ#pz|gbOcPuSsU)!!EqJ`r#VCMoojk~k~-6)!Uba4rEZKEXgJ{t`y z@a3Y4H!@7NtY~OGO-)?Zun+)9A+;!A4RmCZ-a`$d3CtN)-<9vgVTqmbj)uuDqUoCb z&;Flz|ZJvgTP zeBucus)g)0W#u2~AF$A9kRgdCSbe3r!wBdZiDiRq8x^78+Pz|Nq?ZFp)H@8*k&CjC z{To{sH*S7M8ZELGFPapS{S}fNel5Xijm6OE@6y-jD)=6sbe*|h#8=*I*2>8X5lfeh z1ocuDN;ELeZA&!kJTrg|42<8mS?<2lGj)+wEDt)(V%m(|<;*|I@|EP;K$gD~jbFL`MC;H{Tg+2f@gnVdhC_}XO~sv1zz1WE&eSd*0IBp8xQViO1IJS7@0t> zy|=X^um4-G%_VQ<_Zq?Wl)nfkCRGVY_CY~)y^WBzC*J>*pY-@%29i9-_1yqzT@aRT{HuV z=3Q+Ga0mVU3zo21p8Cscz13l3t%z@IPQaNCx6piob)}n=sjgZWri{4KfiU*Rw;$03 zHA*qAmS0hu!cHoB;6kF4rmsTGiM1=^+yT99SuDSfKA;^*1k}Y1dFY^N6`JZY;~D$X zBsAu02#-gJ%|48sZvhlv2nOpUwIZIftzhrRD!}fW8^&6%NZIVvTK*aNS9D>oddg9_ zkS1Mkt~Sn9BGmnU390Af%sx4X7#SREbG15Wb*T&0B&jBc%A4%sZG~2kI*lz z2-BuzVLFyz=71!f!4VuvUQFOQ+SNN{^89Xg){RqCfbMBlq!ezO~Uz*Dg-ISD~d z3=WE~M395hvG)74LOlzOE)-KqEcFgGW@MRx&+FU6^U&>q-m5!b;~Wb3AXig{O!59_ zxnxh8y|Y4Z8UNvE3pB;ZZB&q?D%h}IH$L$AeWwVzum5&zcDM%p>HAt#iv5>hCkp_JI-A|mXF`q%6CdMu$uDfp>C;^pHp7E0O*ZoFa^*q zJPJFizLW#|vT_B~$KUwVAnHdXZ4y& zUD&4MYbxco2#>rksh8QSMhY;tv(%jUQmqGoRkTETKREQQ` zi{UlTQoenZ>5YVh2)y75ft?^K^A-(NC41tjL9ZNQzQViBz0Qo3SH@N6-gf-^fqUGr zI`E6f?ZzFJB6;ra#|MC(YO-C}t3n3Ira~RxC(u7dFEzBL9l}hYYe|S+ziCh zL#*e#6hVgNLe+Dr?N|S4_Q=lJ&itDl9@HGR`!VuckB(Okj2e(zsb@|w%7Wvg(&-*6 zmB4ZR>IH8eaSI=2pzxwiY&ugnKW0Ka1M}2_qfO=k#Q?u#*Alxf$K{zx9dY^8cuWTj z^z-P@b?*40UMI2nLWyr_JL4YI`7C4@{%rHA8kC3R#enq;RycZ2uoSpSK=R*O?7FZ8 z0Of?1PSyS}o4k&fJ}@pCw$v3rdA@xJyAP=bn zn&DApOYY^yeH0*WNL8jk0wLkT0Q+oXBd9Rt;~_&DE5HQTsL0qL2*AWJLG(?{|C`Z3 z|D9hOMJrp%VlMIsu#HC17*K!;1$S!F$ObTs#%0`ZBdtl-yLWDy_=eb>?=N#p&ASGR z36K17u)GAo*7nZf{uR%uU7LOmuz8GNyTQ^S6!wp7wq^WN|6(CHbL?ck>1MXj_wR+A z1>_|R8y@+?2avY}0_reqN4)$dncF`p7+%APCl$A|i@X zA|gbJPWEP&Hoz&#$P^7|O_gD+T%DwZgh{XhN!WJS>GEV0Z3xg$L9q!CXwosTLj7T7 zWgAOk7&Kqs6&`4VXsPz;VfC-QfqzGHWF(}dx)uWAvZ~SH-eG_Gcr%vqlFZ|L_7;TI zy9G^({xhUtE~h>&A!-kPR^|YiE6BUaP&w#ZCr@Tr8hUzML7d|k`ZIel(J6grWrru{ z$Id7ueWGp9fS7R3V215op%ny>jzG%9J#azQ1G>^Z8H{EaqxaMZC|h%I*&q8_F*rpc zv!HCywii+KK?P$+cBShWb@X`<*PmL-z zMq>xr+Jnd3DH%+K_!P~&ukW1|qGNSLbp;Oyl^9jLtnyOP051;SJTfDZ+orQf5fOVB zr*1YLdgZjaNmLIPO7C2dJo>IP8Zmo-N1`BBYJS}!Ne+JXuh4l@=|$REZ>9Opr!!ed>^fJJ=CyL~g0OWTKyJ#IfKOnS$AsJ=;k9Xd<>D zw<1u;1=JI$5#u!$)Aoj;F8aT~h-G7A@+UCJ#;DFi^Ym{c^&vZVSHbjE6blgq+Sptg z(EA8kq%*r8hYDsV=WiXR?1cBx>~CR6*=3IqG@Q(a=Acn`s$sXCwU_%w5-JbILn z3D7IyQ0k?Rzr`$#f!0SV1jP#hqe$pY1*HhKA+kF8d=}(BlIYL{shj`_(Ixc}Cp(du zktA#ZLJ{UUL=wbAKBPld*FekETpsoi4VLCa%uT+Fw z;n)MhwU(N5gSM6$>VcPbKg9>R-k?m26mkB8#7|rnQV67BXrz&wqTVYo$bC=e79NOU zZ%-}Dj)&+?k}DLDD3+f%ReFVbog>7Qj?RvX zV%Ut!){YAj37_ga%lQefl?1enqHBV`YaK(l5m@*907d7CV>3vrDT3o|_?nAUQ6*%5 z4t~BPNH8Vv=%~hznUdTx+wAhyM?G#AzGRn%oxr=! zyDAW>4z`hn1)YH|4hTct+Y%Z-XhD!p;O8)l9{2Q01b*Y%|60!68=-^Z5|mS8;DZc& zGPkZHaaU6a#foKE7ltMnPkKDwPq1eq?2teuA}q2XRYp{GEtrKC3|UB)Ze2yNkuIki zs0!$;ZuT1ZV@PO0J_|6)E*u9`T~LlLzGg4(E}2QhwP1b-AxRj-0@APu9HUrH61xaw zw1^PmDM{X>sA5vB2<${smPAiUoH{hEcpI_LiTVkoL$Eu%(_t$@1jIQ*csuA(1*)oV z*o15+QOl4=go`FcUBEI!<%QsZ6)*z`LMfYnV`(#xD5HR z@uK^uYh-1k#s{QpohsnU`*Am&JHi@`-+!0Lj+k+zIEBz~Aj=K8_(^?h;{)44upYXw zS^CrZmb4A;MLHif1~v{t04$s_H9;(0nu<6X-3(tv3=KzAr;uYM`ct3H z7QzIrlI>PMtjw(JtTwGI zt&AFt8l4(ftp;bSKJ#fDkyTT)sgTejo6Aetk_LFpUEiGLK&8BmMW$TX3&mP_3e9Ty&V8V}A) zV{2^~(q`ATp{ts=sg$lH)oyC=YB*e~TB=?0T#{*Ux6WJeD-fBkor0a&JQ`bAEOA!e zhkaY5Grj0S;7j1k^TgUNl2&G2J~}l%PdBq#zWjN)vb1QwAgzK!u3Gu5OpgcL_&XzK zjP3yQ0O)|+0HrUwZ)%62f308Tv)U6fR4+mhA_UY&s0Rc)Y#(M5+%TLy>?+0z4j+RM zJTB~5rcA4b;e!UH1;$mw=U$Iq>F~GMZVT9KZj5mpxrS}yw@Hrik)NbOBKu5ohNV8x ztAttBSbjOQnlUcPF>|RGWJz4Ks^2#AXS_*a{@?pB`kMacVS;Hf>7Dn6oI)P-jzjuN__{134O92kT#GZ~Jmb!(=P2+W8;3+LWiHLf5!_x}QTQC(Ul1t~ zZr;)p=&?PfqR&O{s&1%mUk+t#;-Baq>z+MYh0H}XpwftEzdfJppCMl`Z5`#)c)Orf z)n64`Wxs;I;$fF!x3Fq?x_Rong14gY&FKZh%kH^yUF;oqt$VPzb=N<-Eb~L{XztK< zH|Mmy`yn;HN+Ej!Ezh|FVjX3jt3$4X@Tu+b*Avq1)9%?$-gf8mOTXlDVo>6;1V3yI z%m$PVq6M-ER0*^ltPL_V@)ndDBp=cjggxjp7{70I=BD-6HF}}VA(A3U;XVcrwdS>1 zBDIqdlhc#)j5#&MHCKkny>vbGJ=Q&~q`ahNqO1~VBt;||qH9~}4j$Q7@;6jxO7-G7 zQHA2 zo#6_wJllZr87lXjhTKFFM~Ci| z-e$COJ&4HLeEXLDypp`)>uKeA=qb_1y@h}NX}IJ=shr&hPHAbf6P3r3ii~Nx*rd}0 z;yT#6FrW9gD*jS-l=?*eswkR@T9Z6%o&8ofaGtUbceuDGYHu6OMTYd;*Cr|bXu_LINm-t@ew z-Y7dACH)(Q&K44j{;HHE8h8zUEjBN;Rja)p({pF@vf9oaD@8sR+9TR`OV?2cQDLs? zN2%2hZF6sL24WNoq?u~EKJ z=Z5JzR-h|rQ#7vda9!_QsTj*Q=EiaR zp32^4d@$ECkI#eWTyR-CdrXAqfAfRE>wQJ*j_2V|``pgAc2`!Ft;fDCn^9*e178wt z2dkjo^EuL8E@d2LAHA{fTd`=(aJjgyJa1aEzp(FY{@}fTwHnmwdlPkvewxNV>81EQ zd22X#cHMbqePbnXPjxxoSIaofHThzLT8w<#TVLf%wN;e3V-zIu6=#NwWSyhrz z7k3pWrA?`b$>sHzc?b|?QV{*(rzc;$hlfs^@a{Fxe9x#~2%k|%cv);<)$)1DDKG*F zMLqeS=m!bC^CP;zAHToAQ}4y!N*RxS0HTjnQ%xx|IXRGbz%dL6Bq$mPIB*0C{DOeu zfaA<4lVo2m+Yh&lk?ZHR##~s|j z@#|>@5~4qDak1tj(Uemp60vtOC1R&%q-P}Iha(~);&n1H<5m_G|7UaHKRyx*7Z(R^ z1_pO`cY1dgdV42x1|}{pE(S(s24-eD;0`)xPdgVw4>~(%(tkYUU(XRWbvAagba1h> zwM zAI<)l*FU=BeSH|WqNRtaji#ujEwI$U(D<1+IT(5W=;uE!{W;QqG*xppbrP|+1zNiB z|M{~1+4!#)e{c9lpIU$Ilj*Nr{^iPFTE5PKTiMjv-p2KH4b|){UHF-K8UEYp-&<+@ z*^HlwmGz&E{(AQJ7MlOH#b3|<-a^625?BYr*P-zPv-x9Ke?9ll`*|5&-~C@?;U9wb z$5}wq_~CdN{w=lqaDE`T1Rx-SAX1`2sve-nInZsG{a1s7dWuRhi14`ZsMZ)fXsm@4 zN=ikj-e*ePSl;%LkTSI2QH;+D#ib-;5WU~P!+pmyK&~}=-skY2FmXFOZEw9fZTDXH z?!5C^TW06kZLN1UpU7}F38TqTQio;W< z3K6^i=RhUNfZj>4a>@SpbU@K8+<^%-JfIuh{U4(YfItI!PmBnql=|P(34mD20VZ_v z9HPnpf3DL1C(GFt6KU>Q=K?lUBF9qQ_A3g9!!FzNq;X-a8=BB&FUNf?HTfvZzQfV8 zSNtA5L4dI(#44vnkMt0!d(!=N1}N z@^r9*NpkgBW^Omb3CHm4+YEoUMszkV=(Q$1Gg@a1#uM6~em$bU*vqod#8lVpM!;nq zqOIuy)3Ud>Y;&^^F-Pm;Uy)m&*v@;<4QW-1klVaxPKYqo&TCuWZS(S2jHc;2MYjC-T#hgj@9=cBkkuUwy)PB!D3z}WW_rbT zGP|GJpFat`7}A%&L&$6rk!1iv4jwXqOW$#8R6oK0a9}v|1tt5e^{iv>%d#EIjDkSB zmTlwQ*mk^t9U~Uk#Td(Kade4kF6rig9UgP_#BXh6I1En9v;fzJ@XKSaRa@m|yX{K{(8n&N|LI8ItS7O2vY*vK{q~WTch(n1&7b8K?5ty z(kTyOgiKLge@5QdP77hg=Tz%gu60$**t86TEta+g@xnxybe#Un{eo7K1r-v+JUBEG zE1}6_``9pL-toO+@_y&bQ#IFi49k-E@D!45SqyW-jCag{I#h5NE|)#U-<82Z zGQ`)0BycP^a3}-^b@=*m_N?xTVKFSN;s)sUIdvVJ$L^pa@0-)TQHD+zQ_D~TaKcZe z*-lZTXIBgQ9L57Njt_Wt&4x28;z9vIARncx_1ahXpM^Nzi&F&);apX4Osqd&H$nMZ zQWja%1mAKv?mS%D7XS49`UZWB&sZn9rx1Eb$oDUMVUMzKNbJ%=6EcsR_HDO;j zOz}0#I{FKIbnIqtIM0Gci=CMXngvN<-F>Fp59d*%$-Y5t$!YB9Y?o;%`bq`^#I|>~^cevLeH zk3@i2lienn69u}F{#!zpD(T2lN>e)f*Zp7G7wuY4vV*`s(9$<=fbHkP?e>s`Tucb8 zS0dN#=Xz6MHqJW#d#)BBz|a~unVf&uBP5KzIw>Xnp^@+k+k@v@E50|Ybm!r3zaC}S zcid$Q9D8VGx;|dcC_FU66OFBTY{zD$q$u3j`#)r@hg(;)?B^~Mrq!xI1vCFxl*|Qo za%(;NNEQ_BNBXv(!tOd{L(!$di+zgPCR*@&9S^6@sS=j-4I>TTq86eD$xzU!%Bw9) z`I~5=Hk~a7pWN3x2it(x)M267Tb8lecJYk`c+173U?UbWd_6Vmeh(SW-?#>8TaW8D z55Ih$SPsi%N*&b+Bk5`cB>o=Qg)nil!GE`?`OYW@)2aCBjko=8^qU(&H^R&Tt03?D zS@YI=KgXRtnxVtPD!Y(AL>j3=Auv=x2lM%Uq4U0?1`B2dg_S4dif&X*O>>YLJLJwi z*|)jm9#{+KH*d~xmeknDCFVt$oK@eq7O%1#Rn(Wf-||GGN)goZmE*Z;F=e8<>NX$3 zAJIWneAK|pvuN{b%JaR>a2ASqFi$sxdNmpgS*p}GyOtv3xTCw&B1#EMhkW8WBL<2X zG9@B^QE7mBn>>egu_PZHW0|l);{7Rjqj91nobYwot`+BYaKL8342qUH3NnMOq33<_ zUa0MD;u2hFFR+De)_gAH^h4Bl4q0RtE!l#TjT)XTHScHfo^J;QGTG)ei`JH(d|%C; z=W*@eqvJGEh#LagWE{lEf%Q`51YNKY&zDe-3}JHUmGkZt<9aYG^ub#w!}hEB@8 zt=%$?)e76P4C9sx)3TAaqGoj2+fd);3C^V8*T@D;5=6iJ7(27?e46(GY?@hB z%bqkDr|l9e%P4Idp?bz~hD)!N8NawGRv|AmKbLfaW>;G)p%EULNP+v6Cn< z21}W}5sJv?by;S8&4tA_NO)R}*@LW6p^)f;tZVbJwmikJ@u)~5-VI)YC_p0ys_teH!Is8y6*{>#2wIXHgMdI=Eny=nM2z`+NE^S9&&|SvX2nSMn5Ql zd8B#_0Ji^wwfw{(E|4b_4i@8|iSj}PuHm^-d$B||!$>?1-*NzOasa1f=YIXw z!wGG@Ynf;Ow#>e$^MuMIm0fjKlO9nzmAQB|`r^vL zrt}8e)gl>m+TizKATSJO==e)duusjhVQ<(X;886_u?3}oX)8H>fA79J7l+N%bA7Zh zQPnUl&98qq`GsT6qX=_B$t^`q-SK9{aq#W4*L2+2hTCD3LG9MBSI10@(_%l}80n!@ z;AvRj|KX&m@|N*Sokz*4aXeoIt(A>f2O?gXDx|~%VE*+=KA%rz5O|*@c7Tv zC||Ab(@`~D&zGeFjm#fbKGyCe$!I%P8!N3hOt!k)=jFjT`Lf=@d?|ErlvT>jdpb5( zU(voh5<8ACnBS*6N->c}+vNt-)$s^TwT*eEB?V27Aq^Ih+e)*eddQ4Agv=Mf{;P+S zV;*iUZW8Q9vlG>WzUPBRz&0?YgQNi?7({V>v*{*=Ye^|uW~fA{MK%{@)VoU@ZQANg zA}HND{(j+?iD^QnCS~Vjxdy|_ao2G#vOtCQ_8Wblss2HB>IkQqE99+#cS)z{3cRS1 z^wJSSuD*KbbW0#XFb|~X)t%2?H2epZ6}{+O)i=>eJrq|ohQua;dabj{GURLVE?Ald zps%Vstf~2$rbmOO%3QZ~{?V>w7mEgrW?lY@cgcRuVac*o3pM%P>1l^jptjKEa!~T2 ztSD|I%ckV^>e@5YgVa}QZ5@A{#Zt$9Juz9m(Yf-}UMbb>$oa@HVc-&w{YKx1>nq#0 z#>kI;2M-~YRPYs4Z8S+;_A>SB;~phLDi|$TPjCH>6!{A@j45%gmc|! zj-p%qBr#r4`G@M~u}c$gRIyZ=0C%zMWU;>V=uDn#H+lB6A%3YT4zr1*RhyMb^ace^vDck0N&Fen7ShqQw7U`DE&JKhQB!=l{QPHTD8_phEfe|CR( z!>UdF__61Hj=4K9`Jur}_GO#xY3{8EQj-0vUca;U8~JgW6&g*L3e+1Q3Mr3hdU<|$ zU?u)3B8CdMngtPx?=PbK1*2)+(y$=VK#-w`Zty<$rHG1ka1z(|oJ{yXJEsXi+?GLy zd~RBG%Q6n+HC1m6Riq~{f%?S2vBmdrTu(m&1W2dJ!rFSP!l){$f}Z(5ry8nT_A)c2 zMq{+#`w>qAl@Grg$2ZowMW%=;+rB(MRgPs|9SQ|vBBPvI`JqS(4TEmhQ<5yvt zuy?BHZR)|eyMH%?rm5mwQJ?9(_<(bYDK*!dPm)OQLQgx!#5;D(mjik=2o4n#lrFnky{BYJoO%KpMkrFx-PL~2^u8Twydc4 zyou~za}fVCoL5cr)1i>VXT$UUH}T0D+u0slksSgv&fkR%( zIYRBhX$@+eWIkZyl1mAon&Sii?i2+;;1W-|kV8Y<-%qsx(U<6mS2yIFTWc#rP*DDm zy9GV($|mKmCq;~6NK6Z20<(wy;EFuM0)r_hL6AsB*B`1)?e{;*pV<0PS-jo(pU(ha zIjV2QW$XM>6YK0!9S`t%t3szq5TM_>Bq%6gVsBmnv!8h8h9HDN8DOXzA~}7uDz7x_ zzY2>77gJCItrtvr6Vg;uR)*DAnfhi-7=)PK$;Smof|YJ{E29sb*87tC3ktr-FsLEZ zi1WobM=MUAA^whBhzs4oS<9{hL*=<{B7&qUY5j2>@A9&p3iwd z)>GJ8ydS-Fz&!2U0A4BL^Y9uL-9XzCc1B8d&R|o9s0Y_Lz|nDM-q{U|Mqk50QjEZlqB#m2 z7Hx3ItQ)TOSkcnWF5C6zr1a-CL&ogf03qmT&S0a5MKNOGdWaY$t*t?2p{ouc_1lZh z#+oe~IF@Z5{v{lywj!Q`PMLnGw)4yu+OZC^tgpUj#xLecF9(^wyPkqzu_zW_lSs3D z!!zy-yTVykXg7P=hS5kKQ9@Ca=S^Vj-5+iRXOZ=7`aAu_@Utfy80)#8yW=u8GND4Y ztPW8XV1l$_q02)WKnyJ`K7qN*Ikclg!FaLJ*$^YdL9diLcA@ql@4yGbV6ebQ5c)R6 zgEw)Dg)+Wxo+!imsjFrHVQ5KJJoP}-F!xpPCx$tK*|}Cu%{?rnf+T#z1SLaDk1r?MyQM2&3vXab;l&KFSxN z3^e2dNbFy}fIw|4wFQBtN?QtH!Cs#r9A^7oFD90ukcGuCI^&HXBbG6k{h+w=$EEBD zh5y1hPUh}kz=H~df(I*hAj4dK`Z1ej5zVK;c=OEpk9iz9gea=E2OIpog(VkJX!gm}kWn}=cWwgjOjR%h*iPit9mzBaog%RH+QL9!k-PP@d- zJ6@@Z7omY*CFwUXRImslvuX!Mz<^1H={c~9-g+aKfrwtQ|h*CU=iQml7VAMV6$D40w6&moh zdpwpF=Epo`ppk@#ML(GToEW5QZD?EVvzT^Qg@-F9ln^!NAb2j34hGc=b*q*gZThu(9bfS3iSR@?j>WQtQPPavQ0OL=~}F&>X&q+d(B^`4G#SGfrPm~joSs8?KRi1ChVGL0g% zaEXor%OYb^fihHlnaFQpYETZXT$PGfIGUxRG8Lo7EHl+Qk~~#1YU>-Y@w5h=KH;df zBs3z#I?a+aEPKZQ$)bGMjnvy*JHy z5F8kSFW?#4Y9_#0hLVEdHVuSOpv#3k|Uit&P{SPPgR>5V}h zcfoGBr9cTUaG{r9dm~wrqRiRZ4!~PU{Rml6UU1mIj07P@jIQ~!4?Nctn{s&2QyuEO zq4gKA?Gh;(z)73!dh2_gD?aXEvsoqkuSMj|6CAl}K)N$Y5xcYm`Y>g2B3PU)Azj#P zrz)LyK&s=3LC`)TLY}%Vyw^y?r{xniCB9Gh0_S8~+Q(c>n|;VqQC&|=GoJ4#krbyg z2BHNmoLQsjM%o^CCOM_5LjXyoLL*eqF|?R(jr@WY$1{CTn)=Uyw5 za7ls}V-32G`lmYWo@HC~j!Ohc`%GC|`vQ#z4E{N+PFsJsdUtJ)pc zzauB0XhSmjhthFm?#LV~4kCL_Vf9WDarlR4!3yThDglK=x)t~=&s(7NnM_5U`kj8~ zGKq`dZ->GJ`KhyA=e3@V@d;OcqUK;2q!bXI0O6^ca0Dv{VWK_d0l5YLh}!D?A@Pc zL9FrQ?1K^6Bl?!z*L|NF$QmWcBk|uFtjGD?w61eSQ)=?f-HR;4^#Z=s-VA7bVKTlU!FLG( zk2TMIF`tbi@5zXyq6q%#p^oCU_3Xm?IL;gGL9K^Ol7IL=LR8)sa$)YO3m33QYO1aM+JsAl26#=nBDrEsLOhaYJxEVY6-yuz01NRwWc=g1ET<%eqlH^*UQgos9E;P)I!U&_^0bmaVG(h%9Q-X!-du8LathN0S1FPX8`YXzYx0dlMxq(jX9j zJu|j@-_=B9OVZPt7|qxN>dq8ovrYz<(QyEsJ&EtlVa%n{iy6~JVrcc%8k-&J$$5U% z^FG&kx%(!tT|r$}8(T|vnb24wq*8pIDl%J!8zmZ>6b{3mddwT} zE!d6bHmeWgs61m};4dffU1ycd!f?!f4sOP2e!dl{9b?+E>j4^LQFD+qU+-V9I4gAK zHIULvJs$q_EbxsW8Pi_|{Qgz`rR*_w4kIy>LxYTk_-a2PT%X0oD?gJpYZXyBn5RF50P1__w{*R2VcY*bmSB(-nlG91PxVm-2ZsS z<`L^GmAn8jl-_~R;@Yt06BlFNSW>&IF|VV_((pt8yulcd!5ei=c5hh)G9w8I_R}n} zysZBjB%#BqN}s|H$(p%k05I)*8Hg}ey-O5wMz?L>yFx1@BdLw*?O*~>ICPluezwp+ z2Yp@SJI*?ako7?%{uKrQ*dTr0j~(NT)9n?y6{5fb!(4C#3lcg%IjJ5F+VB%tNrX&# zB8Ip#GTn&3I2QDHm-;SICtndpYr{zMx|lf@00i0qE0*Yzgw!X{D1az5u>SJw?w_4Z zPd|c7EUqPD@y<@*k#7^}`!LDjv#PS!EB4bvC5qO0pw>d%uGmal9*k&NVa>otK$JEo#>H@^3+>>7$S zod3JSruqoCa-0z9I6$!t4r!}-4ckWhDV%4~&X@8dYn6|l9mQ4nn)OH_Dmsuo*_r=g z0pISvw*xSj3ECs)$^B8f-;=kj9|TpB@lk@-0sO=a0Bo;?4*+ep0PI<30M$~hRG|9) z0wA%m>AC5|B4M1-(IUuvv#WS;Ou{lqeW7Xr&C1Mm`KDt0C;_}zvntQLW;x`LFvFcs z*E;U7Ec7$U#5Gux0a|H|A;q{H9ctF#d;$htAm&engWr3YcL68-rgRGo4CeM+gC^iT zr!l(g?N&6yifzpp$_-(pl!1CPl$OB~HRUDeif{s)3~m!@fR~~lr$l6 zEE?Ceen_o8FtL?cQM+Ie7%Y*xfX|7cj5)td`Y|o8gYp!v|VTcQ{i z)7G?9R^S67!XWf>Pdrb}0X#T`94m_tkW$!NvaY_;5_C*tl@F-F276}g^WS!?oN_Ba zB<*w{fgZp=SG@Fw18s-W92gkH#dZ&sR_&8B3b+6~%hXz339mH3_ZW1efzN!vIszvqL1x2ksJYJt%F+dt{F&=-f!O` zQOJi7yZB@0GFTCw)=W-VMzp5SUN}_ZXoq(*y8!t1+^FBOMeAJ120hvbVb;D%#jNw( zu+E2c5OnP;VWrS@FwONII8BkITOw;bxb2UzyWAtKD*$Gct2D%6`&c%Sr1QJ0V!-H1uhc+mkIZodV#=x5Mz( zFCo5yJB9dy1#skaYlCLc@4;d33|0fx)U`fZr8WWq6vvyXeayKu)?Zn{9Tk9jBfV_$ zhuRr5CBBR$K&9dcvj&4ponz;gWsEItEM3; z7d1$DDJqa2#aVCM63>^Xn}^<8P4FYU?jPhX!I9>8`XXZJLrY;Uj{y%!=~iBEH{aVe z-C!Tr@k8&9{Wr}b<21VJeT$4stMKyb3Dc zk9=c0vH+q+D#h*>!HYJYj$I9W+`w51nLFpi?C6 zypseU$({Vc?xGgjIRBddbp}>QV*XgL1;yZFSckgEJbSV$ZRz3OqS?PfgYpW5Uk;|a z|FPd90${%4B5mz2jSRM8-pEB-M&hBS^EM0Aev^zTqBQ-I86WK}&wDP~j4RFQjf$Y1(QWR&X!?dw4Fj4#cg&%I1fk(qt&LchxhWqgAu^Bi zI9pmgO-FYn3=iqTm0(EqsUE7)_tw*|G77DgV+NO&Lu36zY8*1VOUjF$mq1+HeHjel-KAV*)8BT+q@aI(~T9ra!N4`2mn}XW}0t0QPJc&R}8fe?8cA_k|AdoHJ!4H0l}9rH~4 zcRx;?Wm;EF?L2)sV2|Lv#4)4|bp!|Vt7me<=XNRMdGlN{1c4FVfw3K46F;^T_A6%B zr=R82t~QNe?nUUJb46wJ7p9?-J(aWmu*B0AX##)G`OLnUN8}ZRdv<2$L|Y z5WZU=L09;W00!rLOf@0Y9W1EBgA>Spkyw^eljo}p^JJ+?oPj*K(^@W5#^D5*0)U#m#8dG@CBR*Xzw z+#BH1)Wg#?B#7x}vc1aJRN4@Nk$#?+|7)~V$2{Y)$zmnuAMLaJ3NHy}m@XC~!}?21 zb*OcJx+z*u3vKspMTJKJGy>L>-N;uyeg$8Ksp<`m_q6DA1N26QxOXQQ?%C=U)O3Cm z!kheX+M=zP<*ND=JD{fKycp-XTO9hqn%1|xOkqNNjMrf3j!L`9%8Jca>merq+0C$k z>~x`8-()4d5pfr1)RL>-u0FMZD(>W(AXr5mDk8ep{?_I^tM9K&sy~in(WrEXiTUH7 z2I2YBi6sNDAV&~jZlRFy52{2w;7)hTj-nGx28_*m|R0tq^UfRRSPJmX~zwLzPf1ri^A= zer1keVuEccZoISOrloaH;5WPH`!z(W_Y*YGbz1hm=36szMI*kY4vaJrqZFJL4%zDR z+_!ELP+Ke(&i-*t68Ev>)KGs?|MW_PP;xV>@Cg`OIs`@eNEs%0a&2s6>35fqHOUds zTD=r#8fU#WcABXx4!wx#^V1Q1fk|R3U7F{iXUTdfRYJsI(FpB?I#lLN(Ov)xEYYT) zE(={T%yIkSfMZMDqQ*wJLot0|TLhHS`a-qMJ29plKi@y<0`UTy*P}+|HgvzH6UgUs z3wfjzlcwRGTtpqnMBR>47oJ4~3_Bz=R#OKhVwJAmuT&s3JZd#5y7X1z6XA!urqTX5 zp&+tY4o4Gc*b^Zb_u@FGHGLZwb@SFVunyylS9sdqJPE8i!p$3CB;5ZpAdyg}szW4s z0vJ2X`=2I2bz+d2sKlD}X{~##ze~InZ$rP4dVWn33^--F%>zjSjQ(06=muaG5XW;J zYVTIIlh0;_@ltb{iH(Leag_x;az^6NX`W#X@M~)43sC z5|)XQAt7=U*_aChNf)ljMVhM$ZTdi{KqfKh>=ZKn9P3UCW_4_ zAY^Ppe4j1^8usXTw&FZ-Qo)gw8>>L{Jut}%K(}Ld%1uFLUNb(gX`t@6Q>(lPh3;g}fMM*7-?bubyl#ZnX{cKGXu-swK;r60SFnUi`N3)-+UG(^cEN z7^&wV(UlE11S6n&s)pN1RxHi>AQuE(-2 zN2O9=v2cT=v-3v&zWL%C&y%ZcRR9SX*stPAi&nKGnPk$(r?`DJ6TFZF0(F`Zkj@*2 zRZMMl;lOv+{wJmZ;*i)Z>?6BH_vKNYczm0YUexs8PkuHa8L@k5cRZhLO;%= z|3-x9OTnKZX1n`Y!4t7eNg5xjcT~7??LC@Ym|2viuvd zFaoPa?d@Jy(y{OApJT^n*@3LAh*kD2WGyZui6)~_ia||;gLaqEnkKD|S>}Rny6Ox{ zcV0OQ7A_`nDe4W5xLJb)7W!PXXOoAh5$qNgQGd`O3FB~2kv7u;p z0=9wzNpABxqfs~M& z=R>AA_Q#aUV<5#B+~B3k6VFbcDtF4EOUsKefLb`jYSfb9iLXre;j zL@<9Q(dXreaTN_b9>B&#-4V@YSDnzLr=GZN;Wh1Q7jv4u}ZPzKQS6o z#;H#5;rCn-Js9)iRD?N^JF>|zA`O?*?zf@85~S!TiK_Uls{RV%G@uHVrgfcAhP6(Ai)V#!SR zr*Cb+0_KpyW;IKt@lFf5cL*29R$Uk?{J(VkgObtssp*&epG^T0C2@dj&>y5FfXK>Y z9Sg7$MlnwS2nl${7qL3X#>=)%wrN{+_d>e0C6Y&B8;oasR!gr4Uv zX6g3;;cZ|aGXlGh86XIst*%$pe_Im!RI~J-6U>S2YOtIc1GMG-XEp%)z<$TYy^L<= z`|s&~Werpic$$?Jc)BbBqVM;a;4})qCyB`>xnKePp!=c7ncsXq>R+!VKN>CFJlFH9 z#kiL3pQHRI$tti)GQir&rN8tW_wQo(yHrvV0mTiJ9uXB_|7Au0N|SLB1Bx5|fAvU4 zW6Cn{a>dXtKva!^3|C(Ra)17D@sV!$(PUOxra9Oy_}NB z3Voy3+_2OEP=EG5msc_8`TUA}CD)I;%*bhIYo#;2F0PCCzpE(lkd16SfK)~nkY8vb zSEDoLZgx9JBNS@+-NKVgx9u-3_k4z2k$JKP1$+|Ep7u9*_!f z2Iz2H{R6MX5Pr9t(DBM=A;IntI{@fg2DM7bPRmEL6`*8e@m1iUY_F1J z=pBPjfog=W4^;p=jK$;UMy4gBFh3YNg)C!lI5G#Rc+Ag$||< zSt~0{VBdT{HdD@hyxm+UJ}zSv&VZmJHq*ucS5 zQTxx2Lzfxq$zAzE!3ZIG?+&8$Y*(iMa<}~}7F4=o^}cE>@^y=4Dr~H}ud_|?Uc?+O zROcN|6-ivMR3w2{KzrSso|($Rru z+mN_!zblV}psgjaC-%2ZeIg8~U^h=R$W(Ab)z=~bnR7sQy0d(Atl131b8>SD%x*PO z2H@6|YIZaKo|IX@!?HEY^)z!QV8H?;ON!7OfVx>xiireU;nGkUI&KRW8n$?+MVCYR zp(@}Bd@q%<%`DIYfrqZYRsp;!P}-C$VR$-|FYA8Z!HbRI_)Zbl&~l%dKac}u41uYr z0sY4Tpy1hl?S8SFrvH_y^ZBZJTM1r(-kA3* zKxb<4GDuPYY88BP{I1IN|6Q_StoQfVNDooAW06KV72@;=u=CjfW>kej3npO$Kg+3$ zG}t@*MWEZ)^p)`*kd2h&1Fj!OB!Tz1s5M)Pj=kgiQC2htR61TzK@0!*CRafVG$;>Up0nHZ1>nJPEohmhkW=f!Kot1&-V@POw>c?e5_trL_FWu`c6c(^GMn`sk4&4J(W<=Z)V}w+?+q6XCvC(xK`>Kv18>>~ zSd$5Vz^{!LjU$wxfA(+y%51U#<_zVbvf=(IuwC-z0gT;TUB{Nqf8{ubd7#MuVR_xB zapNl}(QH!D5_}8C**s|kxFkef*WZy8h`n)Y#ODH`2@amERv{th zfvOHO{<|IYdZ6B6E=uplRaQA*T1ZXWz`}Q6<&YJEarrq#Lyx+FA4N2zAcaMy*Qa&MkEhnI zw5}`f`LHx^4KoYkXeA8dJHhhL0t{6$S^Vz+9|=)6k(gBl<=+R6*y9pR4U zmt#2y@L$$+)qY*+_SN@)YRmv?pFXeRwp;^@;q+IJV^xJ_Vkj1oz+{)h>(XKnc5xhd zT@=v@2Q?N~P6PEqIIXTnSQHDBeiHs>h-$eU-e3S9za}u=)+S98KnnnUnu*B%z02VL zVeBoVs$ARkZ$U~LX^@ug?k*_-mG15q3F+ZQ2W#kZ&3WHfoN@e)Gdflq=D-J9A@88&!K1prJ0FMUDkBk$6_yRFA9Su_X5^`c zU4Nrsh+OBqWs?}Z1}I#beyeBNTIGN6`~2DA{7&ePc?cjAu2`Y7u-lIS7#IZ?m(|VXVa7+SIdyha7^QTsL0z!ac0pa! zrFc`ryTcF09Q-+q{KBI>dQRQy&p@BQTQ~hWvLJNtOFM2;6~OD#z(vpR#uXnXO6qsa zG0bEF71w8ZoedVy9lh}BR>4O*Zo94csP0*&Q+JwXo-T*6%A?#$$%}v(UEu$L%j?>4 zz6c8A)DAI}HYH77R<_+(bArTf%-t?;yOWLhC^)sm$1V;7_6Fjq^p-5~uSpDy zf^k>QJ2+v^t#ji!B*jqmtzeF^=lCZ4*roYw^vB29`(K!YM0U2jWV!4R3t8gsh$dLQ zPI_DCop18HQ0u+37_=g#j9nkr60MkAj8HY{YoTtAjx)@08Y@(yzHXm-cKVxb=uvpj zLc!A4V^da*@PRY5Y)kwl0rLH1EKPLhrZM9D&3 zcmJRd43j%7UncLM|8r-W!BWE6c*eow9)ioW3`w}mD^6$AZf9#b0tJClq9gs!u;F?Z z=v1ql8*5=*YGPSyS1VRgTGnXjdlce!W*@G#e#aG;HP${;wT1=(pY%Pg7|9x0d{vz_ zu>_W|sALv=?r#>8)wStQ*G>w&lC-hHw4JI=q^mcl(!lAr`VDC4xT3Uw_z2&rymsu% zz78FGmnFm34pQ|?K)lq0VB)>)Ulq8JG^RP=3_o7+nhwPExRczcQLC4rWcGY4IYeIu zJgR_3xilZqx5t}<%D?CkZu@Thd3q=veHk57$u32J`Tv&0t1D3rOFKmy&4W{M#;fOf z-zlcQskJkB6Je@ICS1j}%6p)6jP4oMsT>#;C7nqOK|(kjpF!m^q%^9Q7=fQ(B7R3OaQf_Z3k2VC zgm**)>%4Rjs)Yu!5Yi~Mnvk-?YVF1JRlLYwl{LoP>w}E9yM*n zlxX=AW;sk9Blof7-Bsn4)%>XCf=V>h=X|U7GF@Vz;KjMI+I7jrt5 zd3NN=B>3T!`uQ5R2ZR`uSgLimLegmm)4ff~NzC?MQ5<0k@{Gs=zO7-O!NGj`>!dvA zn10Dm^G%aygz+Mz5wpGYnnrw8dNcl8`h^dosZm_9odpXU)jzLiS{m|1vd<%!&XQ?x z=1QCg47C-1)%I7p{unVJuUwX}^Z@sl*6G3VnB+vDzqfWAVZdvOfLL5FUDA)gs@3oC zm!TZqt3SsE74=zLf(*?< zNj_8otzg^oPuZjqq*{*eT-?!~EHlFxLZ|-aX5T@8YHhxbv`3re-W4JEB%ACkc!QQ% zOzf*!cfZe@A793qzOv};>rTqYM6xswJS(nieQ5`k-M{OBvcT9M#J=5xir#g$fk)|1 z;&b+IFMuNqd1WMluHQY*l-!@S@&CrymeQV>MdD$oozH^QeiV0kk-w8eegyQbH&Km# z_yMiiWz$#XsrK)im^W_;Q7Vp;Wm3kq`mo7~}iCyn1qT%&l6g74WZi~>7aAn( z&_sXT1$299M9yFN2L^&uG*NiSGE(|dL%iPR$ee`u1t@T5c`wMYp(~+Wd#e;q0tucv z7TUPZbU+?S6%fBDy_CKsdPNFZ)IShh~t;=G?B2*=kyRr^)zc~qP-9S z!&7fJ&%{Lazr%|O4(fhDyl$5B^auyu4j>bfy`K<&2$U3U>N;4!Klgm>43A|&O5qZ7 zCwNrBYVY%0bjW=-=??giSkYLL5u7=j&9WA@Dew{wETSYRp887=bP+-@rSNcxHbc|Q zwONte*aOS8ErZTMp128Do9c~@f`O)3y5g9`7)FAU0#y?7>8-@=tUjoWG$X&H ziBjt;0$8JIE9|{K%D$i@>0u7j|F9e@`mn%AN^Tlh#Z1Z;$%j+0DJ);}!%qy}8~3bh z9alpaOL>Ui05XRpCm*BE9>vJ7Voz7Y&PWtsLq|&fYDQpRT~|wOrhJk^5+--wgwbA^ z;cNmMGB5I+S0tb8lxpJ%vWa@#mSrapQlE{I5Fo#`nbZRX@2 zwT$)}CvAAR z+We%m9NqFd*;ozNt5Tvc)Z9Z)Be@)rw(fvVW^$RaA^N{gI}MyT+W%CMpg(|e5MT+O zcJ)oj!`c^a@KB?&9bkyEB*00gdKAJ6Be6gv#0&7pWcp;abeqEXa%Z1Rp$1-0yB7VS zQt$S<}Mm2(T;s1j!l@|>!6jm567SG zkgkGQi^YxJAXhsnxWrl7*I25@s0{?=m1Ui({_L5mksolfPh*IA*1cTj=M3fI@gNez zpeG{8Z2i+?6mjR3%ST+~MNEtoQX^=8#+Q|iQINSOnAZ^tA48>q65~#M(cg!KzJv1h zmQhB*_Czyxh7r)K^P1L>$`vfsm`ew%VZdqp_}DdJnO2LO98bH_9E3V6tfEQ!OOl+p zFEAs!;E5S2#0bw*h)bKbKtqbi5lCX;+gs(@y;VGePCK|A{D=qGqF-uA<`NUoJtRn| zn#qV_Yx{|RO~Yebka!F}lg!a`7+Ctxi~s6oi^+hKa~(ol>)v4+TUAbd5!xg>Eg=|o zRbJIL$z^zv!9_Fcb+zmuN`{X&D3=>{N|A!wh+ zMW|#4zP8DXovCRH8}>v$IFWk8o|PWwlq4=#ywy(d>xhu-KN2{-U?@Agi3o%9#0mI4 zhT`F1#`QnFJCk$_h~+?H-teR*J)y|2Eylv=8Y;jXvkzkZxPp(+G}&?Q)V_yF@BOW!BEOB5u%w@5@!~($Oz3~lo*{*7h$7Sm&nM7 zx_OQJd&-2E%aP}dlhVp~<=d}nV*-W+?PM2>5j+SsB$O&8{bH^}_AxlCxk(!wsS{{} z0;Dxv3*moz-1ry*2PGX#KkBecZaT??H?mt2e58HBaSWL-QEnW%DC9~ip}#k>7|T8i z*_RUJF*yP3;0^Jq2q+ghXce1b!2gm?;xAPp+!4=^5G^wE7riYw0cX)IU)aY1iqLmb zlG>mK>wLx#|uxMu1~;HRfq+1z~0w1 zaN15<(85Q_I(dU~0PZJfR-cW~moW>g``p^cu`m@Uf&e4We)ER=#}!CoY#K$L;Rq5* zFyfV=y?JLj>;7)|78JxkR&1d3%1^l=K}^mPM4mRSM26Cm!--}5pxV1Kb;D;@+LNAz>A1`67W`RTjEM4 zQCDn-aZ0>EtI~fqOv3OklFmgvw|52*s{zqb&u1u17UB4nHg^Q-1el}-py79_fR{qLQTV6hhLavg%bf1QH8arb z_Tu1EQeiL(xo&?tWpt3xVKuH@^}quI>nG1XgmgrlxTV)@`p*KjRf3U?N7|H;OWggW zoe6SGyF3Nc5$Eg_PzXe=g>1>(H~b^MNJk;YTUzo*Ur7#=RTu=;gaY16rzxV#Oh^^v z>0XE@B+oSnLZvm_oZS&dZ_o#Za^f3E=E86PSpZ8$0wsLTp^dgGatRx%F8WVdsXiIt zrWRzkbK*2JHR|ZGfpE@;ZFK4BK${#{ACJ-ql)ac`$A-(k4OEj3{Gy|hU=!v#+qB*` z=^K#PI?8OCVY@~NL}H1i6Ih{V-{%FI8aemHfe|GtGFh2Bw(sW<{l0;ylUJFZ=n)&V zWOXt`b;G2YX5~>mc{rnlid+MsKE`d7e%zElW-VpP9PWIYrsK1;H0_TXWBi(s!%b;w z)u{R@7f$-yZ�_My7uE&wemvPP6{RSP@<|l$}U;?;~m@t20Xa znj?f*IL*#sQ-e^sdYj?`7WM0G&ACq;5YNFJJ8J@VnM#f>o@>m#rdOd-)& zjR7)q?T+(3#@+psBz3~7PY6_P)1rCTG=UzBNzu*}HdYkB{fKoSMpNZlGVMB^Po2eB zC`^%!W`=x7ZC=CZ?mH-y?pp<3mYC>g!tGH?fNF7EdDA|Ju~C{fE=e~PY#R!YK)Q*k zBShC7R;{ei{-fH%qLf32hGCxf?A0TFw$^8AvTHeXe5~loT&yCPbDvSxQR%QgjL{P( z3@`eAZ-|X9lYK=+4W@=golz07E~EqAe>bv*hFLvK%U?6-``kJj?@G>MbDCE=OT)#9 zq;XZ;ugFIZbn0vr@9 z-=@-&A!w>u>L}EnA#crpCu2E5)3Ch=a?~Rm!K~a_GT$DEZ?pemVkyo6q~E@1oGzvC zOcLc$fUa|{i=Y@v?N4~h64mAGP}PahmJW{i@ez+vf(n~DMbIya?G0EU+VDZ0KM}-z zXb9Q~Nyg9}GDHh~sgOnaQ%#EK%XE{|mY1GtC6@wvS$&~mRdjp)5bXh8`>1B6`56D+ z`~84(s4-Rd;(}Gm3+YdUoTrkJgG~pNSmfV1x|mh+DI7l9e$Zj6X)g&?%BmJmZBtA= zJv;?f=hIJYMcp6&06&1gtYClqAhSr!5w!m}rk6tp|2t_tB5!(~xDojz-e*P2_x{3L zSCy}a6`zMxs>?B-pe+<6gq6YEt^|g51x{?QBSSs=>R#o~ZcPp*(#o#z7hNc6i(#B*==mn;4Na!-w>8g$G~m}99cfpZt(D4qwVW-+%m`OcC#lqx_8>ja zlzGo!Z~IeT|5j)v$~m;wKk>P)ZFMhY@#&fkQn`R3H?^pvC;e4}8tOS7DjsZZ@)IU? zt|T>ctscEdLsNepDi-wnYHg=XP=k{RT6<`@{>Tg3EbsgCPI#(h5~S;}nLQ%DXkb}g zcQv{rda+RvGZ|q8q+L-a@c>B72aQD|MijTTG9ElwgKqtW|@n<%Bcs;D+NqIk2|5Xg|B7oX_>CY8YP1ggz_iWgt@42x<4N3P8~!*9Tb2*$ih9w0#H4s1B;MHh zl`r?GQL8km^te5FJ~XuP=rYQCH2bj$+HLtC|6G&#cO|`mh%OW(zkSe_ctys)fR(-Z zV0p69i9kj#C+>Abq~$kfP;x0A{z@gagF9?w?)<6+NOO0?sA5j~o6iB2tl+kaMp2f*W4*JKU3n=TR^)HT2wp1dl^_|6R#=@?GBPeYKz0(`<~5ilwIVyixRYaH;jIa* zFUX9=@nm9~3XtI!Rdz#Q2M3h+G13RwEL1Zg2(HuQkdS5k@)pJ6quD4@B9{*{IIe4g zDoPxgQhdxm>3!&|z<~B|<6VR9oV;x322vZqHvV|@t$$u}?q_(^pZj1kw~aHb_Fg2% ztwI)Cr2$c*05gVa3LA9rBjO9SrfGcf_u%|NU@2a_Bq8-?j z!VcuiHoYVL1&aZmvGzI_BV3~Pf*3GPUm=W7eg9xG%_7$fcm!u(XkUqm6~Q3GYs$?c zV@`CrwIMi}6nwYWQFwv|qesxiAy!2c;#g$uE@CCxW-d`mK$Bd!#P6t1K>-o}T9I4E z(anISPC!&8gEbVcHC3|5APG@u7Qr!TDvxmu%*WT^P2r?t+>wdGC?t%V7&BM>D zr%*fi_|AOSfZ49hjk+S&3x}?jO}#^#0tvD-U|_TJ8oc2JAJs~kn^MnjrX<8c`;i$m zzG2mbOr?fsL8se*sQXnBEFUwGhkno?zVE+|6n%i5NK*IqP}GSerNoNjMe!iyH?BIa zbTneTZz}#xHmIw8$y?TpK){qkYC4 zNqmn!@xGRAqN%yO*zTb9p9r{^1}*f>+Gj{K(rLO2IEWGDE+^OZ!eR)Wbi5Msit7~> zU_a*+Ax7KjG|t^*;u%3jv#6r*_4;icR$RJgV^{6Smc%;y(A66pxe>|{O!iK$_9<5J ztFc!Yo4{D(@sZ>Y**HEPYw9dfGbxZ{@1Wwrph+%{GcloD35xhPRgpymSH(umW5O~Z zwVsWkW8k8`!ai~-2?j~XFe)(7poHtb#YCuwMH&yj-9$CX3_TD=bAmBl36S5Swv%MU z)OEn^E~t4Yh~I4BpGOd(hGv$+{~jAIMa5AU$l&c$*l=2jBy7+W(K`bAk!JC}u;l4W z7v#EH&f*;fac%IL04tu!?jAd@DGB2OSY@bqRD}CCYldAz+FR|-E8!P5*RPnDtjwYJ z?NC7eTD7>4oz`$~wkOcxM3oJ1_EB%9QonOHOcBKyQb83Xd}j8l#dj92yBdEb9oR7` zv8vfh9z?tp_fp*wr&H*XhL|al?wK>|=T!Yl)lGVL*6BcLxoR$R%?ZDNuofY~3veZylRhAPybb~3Pi0vpYBQ5MPcT_z!XfJAv_s^fb zY%;A{ll*8N=ibg=vTQOxEXPN1(;pd-df<0*AvKiFPiY~@k=N{S>(=zawi9DHs2!+l z1y3jt=O&)vBFLRW_8_(TlQEM1as*^HEVlKt>h^PG$PG>;U569g>kHK;RBc_|TvZq_ z(Fh}PXt-TY6eplVkhz3!P1KC0C$_0uN?`q<)hO_m^wi90BP`>Kc@m-g5)+I%L2e-# zKm?N@ZY=MtO`>VF$d_sPjk@5j?#y89d|BGwO0`D3qS9x1(ZAkWz~=!8z6!O$?o;%crMxX=;`>QL z+%t`y{DJ_{sD&0KS~ky!39qdb>Vo5973?GU?sW*Skr0Xv5*ouqs2?%%A)Ddo%O?5R zoJ6O-D8j8dkM2K|eSxnK6P3F}?&BoUJNI98e2g=__v79(G*WkFTqTNf-6mYo;8~0=+V^udF zyy5C1VMn~O8i;B;Nx;p`Z4YrCkagT{CJpQ8jX-(+DfarT9wH*mI$Lj-l+Dz)Kg?`T z$do#W*epnE-|UqJR*sZeQO&r9$e3OmABMd<0e=$6Ec+ zW3h`o=8FXjDP9w`Xc2|<3puyW`6HcBT}3{jJjK(ZrG2i9cT*ll%aTj!q(Yh&ZqsYg zmP}Z1^jTUkss6dHkkhbHZ>YPpK>h2moDxd18J(nAWz?Uf?zgc@X%?#93L6q)U0~2zp!iQjo#2-w}M}#&kn_ zue7B2RaEgZF*gg6FG6%zg7LHmA_D3`2gnRhA^w$CjNlPpHewd`&3&Dp55~xaGF(x( z8BXrk*uW;pPX=Z=-?m9lid@R6xM%S3HIXRv27QjQG(=L6&DLS!9_n{5qk)^MbVA2* zRs*7$2oy*eLSQ_i@m?`c;eW`8aPH~HZ6kO6HM2~b0m`^PD{D3^O>HrYSUK;h?Dj!B z1C{mm-u;pOfJG}!Y^$>0O^TjG?h16A>+&*d-LHDnX`kyQA&OL#J>Be+$-Ay15Dacd ziH<>x|Ef88({e%_ha(lgxs|h;S8ntox;jHqLav#5`WujC)DW~(qAXcxV;;!-C3_U2 z)O*~-@DQZy?9yHt_pYYs0sokCx*Fyi0fc`9hCdkK$TRR+m5wmZ*hV~=UWPH!J#PBN zQm2iY1A|KM?1t2M9VAK9R&?5=IKsXMq7Nsz#S+N26kk5U_Z?Olb(dW;f0#E#C`%63 z_7pR%G+z5*NTXM5Q9VNrmXXZAJ7F)s2w}sGKuaSz3eq-OjDVC`Mbw9kYm^x> zT@U7EfTF|~=KyV_%sShJA<7dxShG{*<7>AWiz3vfdoq~n?QkKRmhT=Cx`qS{g5B@Q zf1xfXG4OTsS!!^6 zrpEZ}V)$MMDl3@33!S~Vtzij^&EFTNAU{C zf;VR!=_$_Jnu;Js-WxM53+k3%SH#SmIKOi@bahj;(%|jtV-eQtp1^$9MD}a|9TjEc zcXiy}JPSjLM?LPFgE9xfbrG+g9?~%h`s61{+>!J;NUvc&R8T0lC}X~XDC6P9BuNgx zWXWe*x`pyTwKnEyr}`1_v8*UT<AFhc?_{jJek;^i*7p{mM+HI>4JODeb*mfdRpuo5m{Sn#RVw~i8ss~j#}vn- z_ceMx0;NE{oNNQ|f2)oSJSD#IU7+8Bdss1N6DHwy*I!}5Ho|}$o(rMa;)UhPqB|hesy*7nAenpVEgqGzgSV- z?lL|tq^1B~bLLRa>aO=yv08m$E`Sq}Lih~|b@M_$Rdvo*s&GzO9FNJ!a53O5qN89bw-jEQ8E zfq6#%ALeh{2_z3`^nn#^!O2g|Ylk3ZxZ{N5BweJMcVe$T7h(3)1H0VLp=OwPE^?;l zzCQqkpY3`jae_v{$;8pc1K+#D+_+-gd!fAT)Da+|t11NvxiTV?h^^CVjqfRWA?A-_ z_fWX1NeU5LRi=J`p|0zVgdx>YZ>LAm*y~HtGx5lcvgDqAGrqSZ9wzD^=<2!=Kk`kt z`aVA3?Qy-|wkUG_G4!{S-zaPsD5ujBXl3^%*h%hcpC4&05$@cRL}%nn45DUI;e~=q zOoz8N7EAy`6a2H`{96^39%k%>vmkhQrnxC56>>iG)p6>=+&%JvKtrwJ937;2(|Ff; zg9CoYxZcIjIoihefEZ#KC~t$L6;>SzMt-cDl~Ws_Z=>Ox zT5l$#f7SKtAOj{Yb=Km+Z-0D050d#=_-7_jrrZq&8_^W)$uf|*jx&4tG{-)J^$1`R zIbsq7!3TR*6EKO><4`dTvXjB{xjfb`9YRG>PC_}hOD`Q0a*gRP2MgjmbV2kUL~T)m zk~d3|qq~d>L> zePi7hGY@E%_UTowE=9!SloH-HVWamn+WWbQ$f7Cse5Hz@(rZGESvfzmyQg|X5bp;L zeDX*AP1tNAWw;I*CU;ak>pmAWNeg##Bk!j5EI27b>nwN3Gb$E|mD{q&^9b^S30P$y zFEc!K{7syf#IA`dw6<$wM#m|KwnlhbX=mD37q9im!kk9&LQADpT|n~-A<6(H$^M;Q zcDN7rFKR%paUJxzoQ(KIAMxfmMJ=~rR8U-8jioEqbOW6ng% z*riG}#K;NAi9$0h{#XlI`Ir4TSB3DZTm;o`*g3FQ25gV&EWhp%fBi(GEk%^B&e>>L zYT2Ln&MoqLKRzykOBAsq=~lFQC{*4O7D-HH6PgB1cC8lo>|)EUBc(4ioE)WN(4;Kw zdRD(K0_Rs=;Z12>Zp`sS!3@2$> za*@8QL8KEQo-w|33l@BVzO|*!t~(BV|21A_Z(eU$VH(-h{JD<7v6~n(f^>u3ZU-9y7}db_q$0bl!i^2x5b9rjXC^&uS}h2#$HB2UVR((uDt8bH??#16*xJZ2qtj z1a!OVnnuAzdxNO|IAs1cJRzqPJB*P(-6mmT)~fd5Ked<7DNo9rayB|peHi!z4o%E^ z|L=dglnI6_*gg1Z3jI6$@;`e9w6(klzC;@|GIKf3p-_X-tlj@(AqM@sa(bb%W_CyO z|Fmi+s*zrR`^26(`)Kw1_xj?h2ZXuCP9j4f!VA$k$TgV_EBs$2K^ApTL9L=Sv$Vb}jdSDKauJtzWtxxWX|L6?=*Y}-x2@4PrIm0xje?LL7 zJu0?&T^D|8*%tHKF@aL31Kih*u)xi~Fv5TSPyhO%E)}pd^#pvi|8aWy!3Sp!hIzOE zr?+$w@0%tG$#2!blraP7_6AX3@KtTS3!?sieVNzten%w&`+;Wl|9RdK)F+^vkpWWP zb*QGgmu6(nQA~GG+)d3)1nqxmo&U1{ z{`&_NUH}^Xl<6n_N1^>+tLLA;4nb#qr2S6g{r6M+U%bqJ{#9%hy!Xex|NVLX4-NdU-*UyyNyxW<-xB|C$mgG*?Y|#Yjv_2)CVB1%Ecr2*TF}|@aC5Mm z8%oLnO`Qexjl-$6)yqz|`ZJ)Ot-7FBu?uAxBAIH!(oACbwNrevqCjz$_%H5qd)&Uh z0*p8-%0L6dA?xK5rM<;hS)Gnwroq=hAG!M79ryyJ!sF{s{Qk9An>btLT@rY80_w~y?__^_dAW#g63sEh z2GX;0&<)Q3vp?nm*dPoQyK+w}8?3byaS)g~P>+Ud^&Q)2>_5#o?>Q^f?mHjV=z8oW z75q^44G3vQKv)O42_6@HT-gx(2;97`4GLf{7aoxP7Q_>wV`x0UdIfZs$q2AP+is&b z2iEZD+QfJne;;WM71lKvQ!@g@Kn5Dy(D4F_7Su_q{;?uA1E_=?JyFEGV`77Top~X^ zzJ39yyF@$}>X=1ffdJp2ShKT#9qO)1>U-xzt1AeqKBJ)3v{Kh{{_+kum!(0S7U+RV z^%hz&+|(_2FGgV39sDrTaS&7xULtZ%Lj0`tX?G@vk6O%Vo?4$xS|B`}zqH zCpHifgM~|!#(X5`8TQD@X7^|q7S-K(kL=)_j>GC3q3b`Lh*(*-UsUr)pyKzl{)Qj1 z$0_PjY4u5B8b1X2%!k$rmW;|&We7unxE8AZI|tauwGYV*o9YI*4u;XIa#F#pf-gVN zsNX^#@QIQtCc?%;x$1t0dX68m zm2m>TsOwp{Tp|r2F1=C06j0t70^ex=F;&&MfPX#W@@Ha`=+cN?Un z9F#p_3*>$0d9vW1gM?@d*pq!q)`t7nqyWPWi z_9LGNv^}T=%90slC0|el6oexnlUURI07n08Tr*JP@NFmMbv!$0!-$HpaCjHtQnOi3 zkn`p%i^}9_=(zm`kz)ohd>PuPz^?M^W z6LeGx?RVf|^rmyu%JE;^WzH;|{9ES{pz7ZR;t1!9`|U*Kl@1g{V5HNc1$t`fLogEc ze--%V+fZcG9Lr>`6EIpk=1JYSJzXfQD>EG1axcgtpm@=D_`o+KUNQ>+tQVZI-5Yy@ zf!H4TaQm~g(rc7mve;q0%^avDd7$b)L5!VE;4ihmRn`QFKnT=>v((tMhKlchr>kem zrdtkIE%>>10tt1*G^!G16*zakV=M!{rsmz83LUTlzO+v{r3ifiSrShy88H=P_pg|8 za~w%(#cJ%<%#Y$Q>_Ug7>Hht5cKB%^W=)g|bi4)O?tkrf$uYCTPp4i7Um453fx?;_ z@0`en-_sGmPaGxq*R$L_Z4#34n`P3~H1+Q4Xmu2-REwC37%VZHP5bjNW$^nauxH)xJTb-Tbj`oD1A$D-*BvbJQryOO zEUbUT8_2-Me%TJ3I42^kDshc$x4i^kgq`&c-4JIbj|^Ca8t<@3g0t}`!YzQkpomrK;(*2)Rf| z`~{!wH8CX~Sz3+x?Qqc7ukk&-4ZaoEGSBgYl}1@@AfQ8MUZ5K*e5pC7qk~tee#=}# zUOrMf;OsV2H}E}Qgg+$%E`sXh*!OYS2Yjp}=f z6SXb`n_BpEI0__t-B8ZU)eKJ5<8MpXECf#CAdbW0<*Zs7y4TykNX-wbRsd#X&c0Zo z=SWfpPsy^MX9m^!1*chYx?9;~6#LsX4%13K&yn`~Lx%@S-Sn=dni1$qJBVz_m?W#l zV7mSK!1`z|wEkGQwvgqu{V~$FpzcRrq|Ec614(zdjz*Tb6X*yS%K2&Zg@>tux}!U= zRY(V!d|rIJ-V*2ZnTPy=POf^u*=Eq(s#}#Pztl1H&`HyX-#PkX74IhN?aajcj4M{m z>Zqhn{zod;hNLZ!M$dJ3H49^zd?vq6f@2FA_M{d0(_0R|tb@<~T17YeLBDD$>c0cb(2lyYV9a^iK_@>iw~ z+S-5?!QLo7!t!vq8ll(^Hj<-V;M)CA8mKYdXzHY`9!TlIl?xZPbKm=31Z6Q;58&ug;5|+5W7~Y3c0BL2dBfw?~8x z`!YqE;RfuS6QEdUOIT6l9L3?U*z-HAB(?5c54^wt?L0B6BmU9Xf`{+81I-^Qf(cDv zUnH>*EvX*G72aF_Azp3ZsFWFAB0Qo!9y`I&LVQk_C3en*OgMzRS;UeT{bLk(UrG0Z zsKv{GfhlP=zH56harCXS@J?hVPnaLMCzxNv#eifLilJ*@xj3jD3(O}Q5n)DjyNyGn z5s*x~ChTi{yJ}n;?*B4_-vGXNNBQ~lVVYadjj1>3;Y>(+ZyLDCOlxDf)A`MZv_pQ? zmymG2qho5?2rvg`?G@f{u}#3Nm+;xa%=hv4ShpP`3p#k!1A98}b5F;t#Q2Gs8JDxC ze(^1XZ`VsN1Q=EsuiWp`Di56r`JW}`E_I~RzzWCOIs9Q2=O*hLz$6M?;R?wwuEjnD zi?y&m0yt+TO)t;W(Kk_poHde=NK0k1qn*y2w;=dx?c=yD7;VGiFlsZABW^XxIA)Rp zYc2)7-f-vJKw2`>;)L;Yxm>3);`S_y0L<`We0r4F+pm;BHU@-^J(-SO&-9&MMoMLX z$vRXH>fg5VW3DBA>LpS<-zns0S*UKiOw{DQAeey;BU^LDUJ76;Ib6!`8wRq@nA(Eb zw5<*}vbMfzJrEg>r0CdNnHpIJa*J5Qm)*hyGk67xg3v++PoK;C<~MuIb>8BKWxG{D zHO6SB`BNq`uM_d&xS%)By`h||;_+H*G*gA%CNV$rXthayI=FLZ6;s(d>%Rhqa-{X# z{TSRke@4j4uO~dfv;(vogu7O7OPYfqnhQ+6;0A-n6o*Aly-Eo}(x7#P|ADO;`1})F zTM_&_R;DnQCSs4E8K^JI>qmh4>CWL(-!$_z3mCFzK9of7b5GlfXMg%JpxF{Sj%~Ge z%49V!y5GWh_v@!3>~)?5gr!LkP3mPd1EJ_BLunZ#L3X(v6p%)*Pq#*ueQ)0KI>Fe; z&er-UXYHxljQYn+xb^7qmU|HI3S znO}Puzef&8ZadF#*1M55O<%S=<}y;~_8(usqA>ZbmgJV!iw3KXU#$Y?gq6lu+$dzf zGft{74N%^l_Z|zU(hd@F#n_h)l15zX4WH|gG0d^cC?~*o^x~OvMe&--2Ub*$KF>5`|^IU?Tc>k(OW*JNz*llxA7TAAzr4+?AiKzSWu>L3m z-_8sKk(`Jx9R0LF1njhkct--R{065p~!#g;gV@U_d`~QX0b!uU;X<-#;S7%jG zuKdO67#%=_Q|_g?&+Nk}D)4Xmt&VPszBm(7+3O}nw>``O*tcsl-zWi_#a`NCK!^~o zXgjs34BZ0X5yafF-? z3spwy2+!0JG%CjOwyP*x8h|H2)&0#yEn|7z8*OgNz4N-QfoMA)KQ|g%UvLP#uXrBm z$mRS9;ByDF4YS@W+wGQJ3VCEkxK*&$!fn^{eb`TqvkJI_gK)TqO}Ix6+CTv z8x~O?!O)&R&Ur%a^U#@Xj7KO`d-Y{CSqZqo#?t)V*dD`7fww&^T*|AERoq-}>lH8u zaTRw95NxIHAJP#T&W!Nz<|E+srPIH(d*R4JcFHxjcgZk*%1MeO{rZ1!bwmBhp9Nfh zKGwUjI9{olkQx}{ycw#`;7}s+{j_2o!E&8srAS}&4ktI`Rqz|M2%^FIS4l?+l*w#V zdCw`nNk7*MbCz??2(d~R9(TLn)5>aHYaL$%fzQ}u=DEoD-g(={>{jTokag{kdRaDa z***1%3xo$OQ~J?Sf-2K?Ek?NpFVMZij^i#$e0+g5iaoXVYBF8>J4%&k8^>MjIXm6_ zO4mZ8d8Tf|iFY*N#TvwJWM^@q@48SGT?@y4(K{2(H>o-Mj1HHz<4+Ut*||);T+&!h z+xlW7dP#P(dLlRsPTV;@gUk6{ANXd@)FGb36B z&rv^`|71RjVRW)dKEiOOl=!qH64%<;Bver@?GcKk`=%lA(tz~Ehb+Qfy%vX5C*>eB zT)TQGW~UG5ir<^hR}A$bs4Rcl)K6yf6zlovQWDF$K>~Ufx=^$}m*O{tvEFXTYUyjA zaV$qTb7B}(uLvQ@>yQybqs&>X!$EmkQGy3WA23BlC3E21|6iz_(guure4xxC&MH6Y@M%`8=y$%!bSaS|YCtS8%&ck%G@7clg5ma|(vIGg0fdlzEv0lQar+A>4wPnJ%_AK4?{^aN(=%`LZ3baO5F~DWrsLTQqcN+d zl(p)rPp}(ZPce*=k@dL8D~Q{R-1I=39#=y7%(%N778Bw57K%woTOd{B1I-NtzdiNL z@N|rqI-Nr`$LVa4c7BLaTOrw!gWC+d^8TkrdqjZQnyhbOn=Ripf(OP{Iy3g3okWbB zVJZrLD#qE_PCFJ`Bl~^`{W(bANS*RT7u}$A;Hdz?nHyj()$;b$NW4xu>)#6jIaMBB_c@kjXXVKb^B@0_N<S#*;fIsOF4WgFV-vjsT(Oss}U-uK`tNg7gGYy&AuzjI`f&%2xHv!B(` z<5*-rPmjU$x2R(yyCofi}(N$L5(Z6_Z@p~ z1hFHtn4+Mhg zOahvBoUhMV9-!9X%<=*pDLZpWN?;)yfrU)Ri}Idp-cXyu-LSUUbt=E9M&5NQQFS=# ziNyKdmvrUycHxNQO>ONU9RA#J3ua5qfcp40Vt=i+PJ(*<7MCQU4u284>RM~SAHw~r z^qehaxDmJ~J3#*|`)%AKL#zZ1rL`i}GNZ0umSvm#zAlzTTQ;W6JiU^8x?oPQ0mDeG zWc``!E=te~Bnx_s6wMJA9yIk?JFcJUW-6%ZL;f;&5dzw~UZ10Kx{;mFPV0X|k94~d zhv|9`(x=6CuhZY(rs&>Utz$KE?|(FE8DfGavXwel_$1T zxOs6guJ2x-JZGxax_V*_&uB09HX|Xl$#$srRXgG)d{lF#=)?8a+i$5lfT&3k+E%RaNaC7BxUE+}VzweV;PPkZlg9VM2AwXo zJ=vH_k5L=rhn7&+>cjjMS(P3vaYPp`JiL?Uv-*25k3|lTo2YQ5aL*WduF%c~_k;|( zdK-}xr3PTSkJaRo(`z2EnS6caN1*eH$e{1iV5neHflSw7!AL!Glqk1$j$Dpzj(yw=!X4TG4tPe&m?#UoCdv*-#>(pAlDxSOBYBBMen@wpM{{shj5)r@Dn zLAVfGVxy}OscpI&mgmCz4FObFyI62gqL_q2Hf@UjXmd_hBx)X8K5h;OFgH@llyc$+ zoeOJG!w`@ty)z!=KtfP5+aR*HJmj0&e%{yIBXPYhRoGXaaBlOKKciyw{BPV)u-v%4 zq1|szgu+Fq>%mUQFNfGXS{L?s>WH4 zFl24KEy&wJg{hE!EJkIf&n|g~WuZ^!F!+<{+`fKGt#R!YtPFkp0QbWGk0d$1GZXDo zebt0#G)Rf)yqe-Xx|^V&Z;v)o&PubiEAAm7Is!bziIE+rrp?q zn9eLHQ73i9!qL-2@v+aZGGKAB;levQ^6ZG*@%@+148P9E;o+sLVJgJt?8L*%xevX~ zdTtsJzJu9kD{m1vToma{iSqe(qS%n}eZ0>yHk;Z{+|1P??A>w^jx$xRJ!3X44$7ua zO;Vbe1WEuY+6lt+xUPNB97UJaaxSj|Jzw0 zbWN`-nZtc&ll$ zv8NsI3(;3r)xpsErHv~%@`}|w9{-w<2)qOjQ3v6hbTlYR<=Gzwm{9ZSV?hQZ5>$iuy$SdR>QV}^QNb_^M4t`C37W7RTpJ<>LnKsQs6eS(v8 z6~~f}EqK&Wey;HA;OlbX^D1pQI8vuW`3W0$3S%ow2dtO6ayXU0-+#&1Bt2!KLd=iT1Esuc*YL;!ZP<;|*~4Yzti9VFdOa>8zg6foF#%IxJk% z8AxR_3`NYWSx-@zMP(HU6)=mUtR*5Z$=WlJ5^Vw`ss1=bxJ=cPQZMJ33Wimchp;}_ zG3QE4u#IQRUu+4jTixp|CFI+oR@<}vIM$Tbf)F>XOU|F`r@Z0u6>hAif|~xcuDJKS zNGIU@?WEAdP_r{!USO*|)(B=QYkP9FBsmV7oez~$aFNI=9@#DFez$!?@Fry?fvP`@ zOJ1{b;s0aot;4EZx9(v{326nSL%NlaZjcrbq`MK2Zlok7q#Gnf8tLxtF6l-(7R~Qo zo_*dE`+V2+{e`ZL&t7Xi^O z5hMs0aqa09OR!zv7BAcxCZA&qvs$Ijk8L;(esZ>o@bF5zDDwmUkmlx=@hJuM#T;Fg zCYci2{cr6W4ZF#wEWR9CiOKTbah^KLBRzR35*^O;GbCQG>Lw zEcyGNAhM!2oUe2x{#PxXZ8GfkHQp(hiUi6J^XP4*pb_*%j0 zX2A*XYA}ZK_b$~9(soXYmDUznfZrYgGcJS(ZjT>fn8-?u)xOgWxKDkjVo*82wlBji zL|sgpih$O~C8YH@BAH1HBQXYHu%%*(Y2rM9lK(pDoEm#mvW^jF4K_@{8s(JLJSTX^ zaH2~dqZfIuzFZNN-n`3g9nHqYPY!!{)EZ~gpe}sVN`AHEHK>?6al-s>Bd94@WUQu; zRDa?JS9WZdMs(V!aAdN+GrH})$^ltBwgPR9c#*~ zQyCn(eF2{(2_1_hd#h+?(O2ylkzR4ADB$KRj%&e&bz80`Q60rA=X<4W)z5s|(vY2M zL-|mOsANE7z_%+>j`=%^G3P6qI8Qaf-A*PqmhviD+dF&XoqVJh;~Z?FCF=Cqgq!f8 zZ2I_l3{_8@zFVP1(~ab0Ox-C^uHzjBi+{6266hJUh_& zQa|h)fvd(FtkrFEK7&bbgveA%1>XG%7nbVPWrJY1*dD*~?^6_8jc-;XC#)F+Dnt91 zyDPpBzxy>UE5j?)TU)oMVW?$EZ81^#gld|%O2BNwKz&A{&U(|!n(e*C;Mg<2s+V(n zg%SG%>I)X|UFwBBBLoK`RDTL*{L2W2!HRzzEb2UEitoB6-*N%Y6 za3V2VLx@?J-m5?MZskefKL&D^Iq`UE_`c^E{wfssGAU7)v{P;a%9&;aFUVXM+Es{Myz7A_s(whqUF=PB7?o(vQ zyEuJ7Eefnm;tTmK(ue9SYb7gJuW!m0r9jJS#Dpj-AlHVcV}i#h=W6crfd>~$j*thJ zY>FvdAeq#h7neShA4_aC&3gW`Ox?^eD3L`ZIe&6fu3lt|?I?Ua{Wu<2T!eVa?0QMa|-5jqt?E`sH<_>}qiK3lF%79IM|i$U{A4;(87H z{g&Cfdj+Ns7nseugY}#3)*+|1@3{oBHF1sOGD2V==Br$&SQ^Q z+*y%MwyjDY2;YDKgnqn)FsIh9^Zyh&gwrcV)w&hkX$Q23@N=bmImUvr_G#HqR+~}w zj`5XoQG0{&X`Fdouy4pDvFXgY7#^PTscveam@JJ?)4;eq_Bpgv}gus z#Hv8bkW5&W67C4-%+DCL8dze29AMy`Sgt*g15nJ z(&k_$8*1q~8{EWyaHb`m?FFw zU0046oSXvv1(lT$A}*Dhlghqt1Maj$6hv(tEG}D~4BdJChl-%GUBweX-1c$mV+=>w zbNYT+hF2QzCJhO!ZGo(`j6@6D=}!d2z*9D#libX72LMe~w!11C*|Yarw&HdEUFz~Q zsSZj8@V18_oY4$)@Q$SDsE^pVaqcX2Z|2Ba?cJ|)D@4#eZeFQtTzAk2e7!X+*T;U( zdf~)lDoQ0>F?N`1XCHl{4HyA*sgnZZp_h}@$+Cp=qT?U^SMtBS@~Uo(E}z9GvjPoq z)%{KH&tNd4O?9~f5)um4`ix+kDsBftMx(u_Sk5F}ZMFyd9xOis$PHaN_iS^<$iM~K|4g6WP^#zAl?6CU_g{dRVHJJ_UOI-XAN5@Sxk6f zCHhhN)o-A(8j>`DB!THgIUC_= z_!Z(ACFGUuyohUADUDc}441RJ=8E6S{Ygf3Q?>+SaxxD;)t=Nf{~XSIo1HC!ZlKh% zj2Cb8wbo|(tm>C5x&VS9iz+fFweP0+XCf<-7jNc`br>p3OwoHGsvmR;`IfR_5&xpx#RE2aW%LS}ezbX7G-K2N)C zyny^U&J9l)rVY_dvLOCiQvbqaNJ@owj7kDs8!@vbXInQ=VpuQjQ_SwPqAD&gk}(=2 z&7oOPq0@gpBcZ*?(PfgOcyT@@;&;1Tviz$BJB|)Ji&@)Z%`qF^Qyy6J-qB);cuyD& zwrLOw43$d3JMu?#0Iwj&WUgInbi?Yxr@^JLF8sYEULaUQF>8 z@-qfl?MX3_?meT@iqsJQrUWfCX3wvQpUXr5CBT>`@da6hlFAaIDKRO!fi8C)B#9mP zZ;U}y6t{rnu&?3$GQ9j^4;YZXsV=*vexOIM2rI|&tJNu92LX7SLMGel5UFDQbQr@A>Vtzp^RIvJ$*MVL>w|1cv~%J%%- zs|ghR9vqpUI%2m$I0}4aRf_sgO0!iTT_o{WYv^fp8z(6>nGY3pv1^ZyTCmxDQo`qq z&6(z4pp_&GWmPvicNTUd$cYlIdz^Yo)u`k!oI=DKvvDd zs4VEv04k7P<@X=>IO$T@sfkt%daoRVrWJmFmHOiI&P3^O2W8<;A}FyWHYNY{;<}Ue zrk<$%vA~hf4mNY_;@yFBw`bF@YEAOTaSpT$NdpA?%{OajWIX?>()u4S6BS zn?6c6ZvIqY9_~ut1*mfK-%Bm}!?Ddv%JT*Y94S4> zIqG)>jHW+fj9YEjeCDc^(9Zm_q5mN!R@2sCw| z)-@HoI3fDhnq00xJ=K^1WB=66+VDPu?!)Jw+;H1#qz^8Zq*J$NX4*owR!aE0H}xcf zm#rAN*+2zYZcuLGbzjOb!_LMmvMT;mA13+ZWc4nwXC$Xc$2q_Gg7(DcJ^?}aLA%?% zVQBW~)|EM%{&_opvzL0UKJ9RxhkL&}M}nHJ|f|+I*#rD9;MIl?=$B;9{s6F2rS1?`c$Q^3z)YP@CeuI`( zs`sgS;}?}&nse_}Ws#P4@o+o-8~$#NDfIEG7}GxxjpSAAZ>~1Tkgilx;5}F0J#+UM z3OD{d$WZ(jGa4^1CY*?aI$@ZLW^mLx@oq5pO`c!SvkSX;m&fEVpK9cL@`oThH4E{5 zNx4K!W_(iCB*e-_yHYp5nKuk{T6agoDk^i!_^{+mBjoO!wN7Qn>!riowY#}BoreNF zi{I4-GAYE{ajm2_4}anXK}R7hgc$Z!$^$j)B>mnWCgtR5JaKGI$&VLrKR5#1Hix}! zJ>Q7+hgdYZ&RSX&>wyx_No=R@;tyiucI9BgNNLUwv6s(^#ro0@P({nIyA=B**)7KT z`LQ0tb_5Px=jRu5tLbNHRj`-o7x9F}m{JquRNL5#ItH5E_B5B0(pHE={1~YXNEWhh zV-$TuIxSakUgbo0N>fqyv9TO?C!R!+nbC#GE*^8MKL!7hnJy<9K~$QCpq(w1(TRSM z<;z5jbpp>g#4A%i|9mx(Cv3G>`jS*Cv+$S2XUZ^){W%{1rfbL`oys*wg#GQr*C8uTol)Gv*mXR4F=kPimu;&8%doL1@Ph?mKP}D+0 zX5uatL9uYh!ln6Y(59+-+_i}_KEW%NRyz0QDwvjU^5kw2()1qrRg-}>-7$+rZ~c%Z z)y27i@YlZ1`^;dm$gg7~k9S0mWR^b%DVdH_7EQkhe>Wgg$gKfE%=AcFq_NeqbamWm zhGLP2nIEaT_^~##dHl-M;3s#jJ_W&wNi*2W{4ScSrM=E^$YfQl?~cIUU}nR!Y^_^m zLWz&9*(!VyU`*AP6!P*lH+V2S$i20M8umH_r|jQ2NKzj=rz46ZY6KHw(Y)e3$)r=2 z!t9W)z@kSkPZ|r}F`-gLj#YdAF0NKVKOv(>^5G3-Ydt-pLxM-94;I2>)3|?*|nf;pT3)6$!MEfE^E#ChH$1*G?T`jA_ z?M-BMdqG30X*-m~*VHYIA@|s>DO>n$Y}Y zRo0CCjP`|fqS9iFc*UC^0Fq=frensY$JbgV<+gq)Zprs+Ji7Rtb{3av4yH9=wHdHj z%^k8L)R+ei*PYsFQf!tQ3)MnPz@ZuDZs%>;Rm=9s#fsVIu%vL#r)UKl zJU6ml0^4nxOO&`|v1ZmBO@U>R#|lfG36mWOlK8TMV-7_2COn1I) zIuNAH*#+TYvBzn>n!o5~j@FZ*t&zSCQB|kf+-4j8Gm*r{c+S8?o`9WRTDCBNJisf* zZjp$!sgavl!&)GwTr_r!=`kPVD#6%*UG-&HPE2>aYNf|xGD4yV?<&5>&&#NP$YWOQ zimR`N4>}7{C*buMtf-)gNhqjPaMZT^Vm}B#t(+-dsD|Ob=7;2VJ?~bn)%s^#OsG@+ zA^Ly9|19+`oKvuGI3=VdKoGfHr=U4p2HMRrY&HN*wAaSE77O&;&ADyo+=<<6ZwvSU zx8zSRfg!6-V_n`$T?uUJ@#z*siMNU#MzZbW~smF5mkYX z|7uRI>7YAs?Ny5Z^ma7t6%u=yj1s=DX?%fO2V1RCd%j1KW)3dl=56-Xx^1^k>$=d!@NX z$4P40d3@$v{qYpS!FKUUp>zuG8&(v|)3Sa86WQf90%k9M zrr#CD6~%X>F1AYzEO-uWUMa!%_rj>nkx+ZUmWh)|u=`G>d; z!?L$v2jr91+npQkOkt6Ep!-Feu}UyUi@i|G2Kg&cedK(mk~^sejQu5KFIln8ln;Jp zSZIEa+wKm_ke?MVgdcew^~eqRRcAOQsvWzNzS36Pn<5klP)kdZ_VAiI(GzAl_)Q*ItZ{E{Kd}eCA+z^_Ycp zyo`G8a7xgN1evG#+0j`e|EosZs& z$klqH()s<9-|p_IKjS*3)w+{!gH$c7g(V55CXsx)*sNnybloR^Ehbm9jZ9h1ZDvbV z+XPpV;=%wc7!|7HW?T=3!lEMr?@Ybus4%P0s#Dk9PgEDqxHPu)39Q3RgCBSp`|*=! z>?_n;=FX-JM7sImsc2_6CLDDL9d#p=;^RL5L3Qz{?yFGLlbYmq^4Q?)M^U(YP!W`4 zG)7iUZF&WQ_m<~O*cJ*N%I`@W)7UzTt{Y{>(RmL>18C9P0~J4TQ^aKGmSF_Ew*}~% z*u9uFx4eeGGLjS~c1!wdgVa@+mt%h6jZ_}{huUs7Jmp+wm!I9$YGn})cF@78h#sQ| zI+-tW@JK5p8&%`2-$x5Y(gUzR4M6iz|Ffn3LyiH1@7EOoto zH6u7*ikpL2lHJ7)ZJX~<*lR6GW)*#6@!Mhh0^X(}i~W4@d4_DxT&5WBcXcL5Q@@tg zU^m0wtaDTS&sQH=2r5Y-eeN0u{M*79(h0Pja+0N%yX_OA&)emOcR275<-WK!4u2Kb zl~*IJJlFT9{BSRg8EPb3ZRL7K1S1}Qh>eO;*gePiR*y*2*|D*2&;+%sJWe>`OCz>X zt{ShHLeJ5c#_|O3cKYguf#*Z$%T3clEnYfp?6>EiSP{iC7x3JRJHiSs0Tc&4eO>>50w4ve~>qd+vUNE_^S#=~7 z?WhULe5tF-_AJ>;nyb5>YB&#C)np0H(Ybq%%Gw8}`yYRwFv|%J)J$(^O1A!xdXww2 zgO$@7;dPdkUv%c?C6-`ho?sVY$$a3;w6@~v?Q^-Q>z$uQHmdlILZK9Q+TfuYw`-5?fPz?oacUotJ8OoMnuN&5VD?XnZUtER(dG#lMOhtvr;e#yU2H^RC{GUD_9n$n^ZpPIRXY09Q-} zC%nzWofCKU3Y+{&-S}&?XcLla-JQEsqyWE~HFWG@vf|14kI(w+YO259G}b4=>u*DUth8h>}-? zJL3p%+E94KgfImCCFOTLWxormE8q=^@m^rM-jd^zu7KUXgt$ysZXy`T7SIa(`H?^X z?=i^EA-95H`;Qm?di}2-+d)Fi>tU_5rl3VgADtB7t%|l zT(-ry^gSP8u3kBiGY;w}8eSM}kKA$$~K_cedW0e=Q8P@vQsuz^eD z8YTXE;opBSO2A+9vZg4#JA!io#!U#w4g^IUsv71wYGY6f6sV$n@G&beT8O7(YQ*dR z=cfbjz^9iCytCfr-!}jA1FCT%4HQPgalJE5v6T?BDyp19fs$5V1O1S8;IBx?Iiu$X z6@X$S6uT?>_je?V1q|QsV#n0$Z@uDv$s&G0NHae&OHV{$Ib~Bkt4ENdHZ}a0kQ{9s(f} zJAi7_N-yRt1K&69svO&Vex{nxN$;BY?^mP^2j6Ij=j}N8M;n(lJ{{@*@NMJ2rtXI8g*)m?(Tm*Os`?#D4}s0_;9!M5H|d4O8|ll!45Fs_{euCl3OAUeADai{$g*_x$VpxGidF^P%Ygj0w90ly%2-Sec6HWv%VNsg& zvgL6b@Bz#c>~?}$3bixn9EZ@Vse`#~8&Ds>ZvtdqNuMiTKsr83nr<-pa7glE&GpJ_ zD~H6dA~o-CvFo!V^au_Ho_GX!e3Bl#BJR|1$`NWm)Lgn&{llpMuAOziQ7CKz$e~-! z-H5<9FF7rWtHGw0*jp{?y4+Sl&mk5B&b*&yS;L#g>6p z3~FAglSa*P7h$_q^)F64s-~mQEdHkad+Mksts(8$&4E~Ux8s6$$~Bj(q0yxyn>$cZ$|XqH&%xJI0=2d5 zI!-^y_;p%U-DqXuPjq^6HzdQ~wa9&k@V6ww>I9El840)NYs$Cwd~|ggun+; zOD4%yXAT*Zcj%#EU?{@o0sJC~x78JXBgyhYx2sp+IF+^t`85u4#2I0B;{5WDxI4Lc8zdTF92Ofxnj8;a$tVm+{g2X~kq52@bgfr6-&x%~Hz~T! zU-lXcdh{g=4ug-ij#_!i`Gv=hjPBg@>h`i9209X3(`oAA#C44)mPi=%u^dG)1bkl% zsPAWE<1!IB3M}yV!>pGGekr1c4Z^|6Z8jpjMT;EVZ7q(ig?A=VmfjCn=?};(9xJF> z-f#$CA&rNgqx{eGih+aT3iz{)5K=kV?U5&L`p1XLE%tNq`DbSQztorU3bx--o;wiP ze$)J(x8wwRbO^qTsXA~YxgH6WNFQ@m&%J_h0c`Q^v_=^J%#QkGPo? z`*xO^bR$S}5fSRbI%yaLwMa~L9ky4$O$7;y0_L>Lm}K?}8+7jHv1r4*BdT+-&Tl2e zmrVt4)N6o|l@e!%E&&aocG#{EE?r7^Aow~=$;DlO9haj6=Vo3ovyCW=&s+5vIdoRq z8xd}OUP0mq`oaH^`?mvIGON~wP7gr>5+&n&WbKl6QIS`9(Dene6 zv%6gryf<{Hd`o{QwSIc|aDTYN(Sg&N>N9>z?rr%42+`Ruha9Jl(zqdW*O`P|e6N!< zcQ*mW-mHFOn%E~%vZZ@I(Wb4o;E}Is&SP+L$UguXpYtjL`Uf&JI80YQ8@ftNQDdGK_9O*@O;>~KqLCW%?E+<+?d5(y``I-z-R3R ztRsbkVv_iK1*e}fN2YmKVviV7^>@I03Hjj&S4_At?n4;~M&n?7`o+8fbl-PMTDKe;gd zTVS+cZTq%dI;CkZ3c#5kK_Y;Dd__dE`6qyZ`9l--m!6iC&M3pUZGc;2yw~+~q(5Oq zF;`l-Gx~t^yXoeDa!XE@*f$kI={v;34SN~{ZvN@akDuB!tA<*3y;S+wYYr;nZ*5nt zX!il7*Nq3KyLjm^d-|K7FCfbMZSMWAn~V?dQ-;c2D(h{oaHKnVdk?*PM_Ymq+=Ufm z(qYDpK;WefnxC~X*r_8!p(Sx*vEP%$(v5QtaJ-yrmhKMn;x!^-9v6hC0Q9NEpECS4 zh1Cqyhxc2>FtWuE=`e({0IeFNU@if_&?3&?*BgQZcfx(2z%K4%cJyzL!I;d`Ph$RL zdJza?$(RNr~KII8-}DeYQG5^ zcO~^spe3J8=qf)ijUbLuJt``CxcP3rnF^1}4Q?eVoK0)qC|VA-SjlblPqC~W_GJF( zF_A^`EDhMMJzn);y+6wW52%9ehZel6>ZbFeqno7%fw)s-1s9PSz>sm9ItDx-6eu&Q z=JurDkbgwzz7@j@b1m{C#tL=YWYuxe`&qBkioaBJ zI0vAh*ZX4a;cQelpW+XzCwMAwXsJiDyS|y5JuY&}ugwAzO33x--x_liaxwygPASgD zNzf&vS%AIpf)0XjQJJa~>)&;*$Kq9?MYIxBUsb{nrNV9{A5;r~N>DZSwBlrR`tADV z0B|TwIN(YRLUbN@j~|L^{RyPyAO75GMWAt-1cl?m;Q@5x`7aj5sbFXe!0a$9Dx)hF ziNwHFiGmvo!WGL(YmGnOEI%%Ba&tY6T5I703ys>f@AjAOt*DaL*&@K1p&A>) z^X%Lz3v99qHY(uP(j|UqqQ|NclcgJ80$tVn)hYU4ES@hvTz#%h?qgw7xW)~2YXn81 zFzvE~M)lJv*C%CU`&#V1h+R;$i~MV~k#X`hTsLAF^oN*xWPFoVOWc3${QxA+M(h<~ zAe}AA^d<{$8)wc5x`3=xO#FDix-#%5X_T209O}1mZk(T>MIyf_ ze~AS+KBhgp0uv&>>y;erfs=$UY#j-w( z{e)J_bC7+g&vBR@-&~rA!g|CmutX9qcR%9}WVc32I-SWG5WPVrqe39M0Gyh5dy+$Ew{b z(o3^{;TF@Xcf%saAHMINxw+)pPyq@mNVXP~uafbCX+NyB;ui3_m# zCJ+4KX~p=rGyIg2qr89xLC7>#>7UI_aXowTZe*Gi%+L83#8=#|)mQ`kO;-N#z=>jy zp^Ng~CGX`eyP!XTG;p7nFKS5Igfis_hR+Bj;l2DYMFc$4%EAw2D#97cl0s*;`NM$; z<|>&wM3%QN;oEZ%GLhYdUiDdeT-z?F^6je)_}%kRCcI+H5TvcTpNM%%^RIQ(Cdaby zA061JK{$hZ5N1`ISbD<@J@1!@YgG0w%#RE{?1}pg#nT4O*cR?LNcFINSjxLy+kUuf zT2h?)*2rp8$JJ|VHaDj~QENCNu;AaUYyaP8U7r<9{Q5|^fF^4`2w2wFpj!e>aE`l$ zJ`5bG$-Sh&$ycMCmQy5@xi?%?*`lI?G{NbL@^^jh4vzeslM`%DD%{LCFe zSWMoV$rR>6TemYSc4Y3BRVd2@0S;|n*NP#$Hd55~26S|qGJzaoI2$79CmknSU<42$ zqU4`Zk*c9(OR7%{>zlIe&L@+E;khk(wXY#afwokp@mX({oXz87~hz2`AYrHNwU*A^4RHV3f`K_ z4H%X3ctv}#4E&U{7qrCiPra67>sAX5cfDP_n!;>SGG$cjaHQ5|z&=ei_$JA?IA=C< zrKAO;avLnuK6k@h|GV5J)tx)+W!IOi2jwQvs$}eqG#uP{DcBJuRXO219^hADKrC^Z z|K8*Mf(Amn#lV_xA9k|B0%IABb-90OGB8r2jPEGm#`!-_!5KCu_~`G`;;v6mmf&-L zuKU1|(^@2tOt0dl$+@6bfpsU6D9WnIlqHt#vs0kfVl>9tHV9K(ba?}AjGEMM-S3~>n>ojzMOTB#y z)bN_+iY4L$9Q&le!&IJc37K&O!){YQGv|Lc6w?yWlBj8nO@n0{4_9Cak?UMGBpNv{ z)_&o6Lh$~9=CF9lX4;X~6E`fNpbu7CV*P+E%!d>8Y2sjMmc-HBXr zU12M~ocz-v4ZSy!!y4H5zjhbjaE+-2vX7Q{ofp)=ECLZf+=WGOCL7yKcvzg*2jRJELGxHLAXmuk3*5QBYtsXE}5;@J_oZGSUg>qU$as)^IP!1+=iHZkUBdK_$p40)-gYZ%5c z#yb*VN%5;iUsxYGcfB3pNN0S<*hxrMpMDA1H-IiUIZ8Ypjy}O>)(6#>y6q0ZCww-6 z>ngM=jzo>y?5gO{qtANn?K-o0(&GFf!3L9}*DC4vI2soYw%lW3xkmsjgYe091gMRF z^Z@h9r5MHwjO5~-R5f?ZHPP{JMN1&!G!yu%cS4woVID!Yk)+UlKa=DeC=L)HD{HY?`9Nx0{##K7^C3(A9rSvhSrlY5lm`UF=W17 z6fOK&Fd7OEm3K zcg=f{WJqe2J%8+vn3%?qKodVaB4Iq5hWgJu&p00O%zO5)@sw8P((I~#ItdSx{;D~mJz4Hy89 zgxvvx)<{hDI7j72au#32tgGVISq?uNa5&k~1_jaK9lgrEvOG6cEZTczBqKW!+AK9I zVEGo-I_-*BjR>}zN#?~)JHvu<{gB7O#evNr9h!NO%9qV{+ZnH$koOG~8%yhBPgb76 zj8>+^a66})^s~uq`5|$C#}n9X{gxg{=`1zfAxqUfCK7&oli3ibbDA`r?c~vls)Jb+ zTdKAT>8{q_0TQMPSKg9zw+e;OwRb#N{vwY0q1vIgWiXO(1H+>+mgrf*Kc9#dbd z35m!I?D%Jaf{m;L()**pwL8}%oFhi8YnQ0+#vqi{7Z%r87>I2~%D5(N9nV-o7xiunO#)-T8s&gzaAfo`Uy>na0YwG``lk{NL9 zkshw9Wv0O7w8c3ip33allp1&X#`*JO358lLBqFdX>SSLm2JpZR?~40XCyN(MN|D1(PW;rE4LGJ(R{XqeoOe-$4o5VnUw2@R zmwnDcxn;tn+LEz6t_Q&Q+;qojlxO-AnTrSJJ*vf7V`83de6c2~u8$`>N)hJPk9QxT z{kbDDO9u~sJD%x1h2D}3@1?6DXA6yk4<5<*r>@4}ga*kTJOO}|CcsTT{g~+~0`xQ~ z&Ecd3%}~U#ws&1m1*dlYNsr#(87vCl)PG{hbWWC~;P93ROn={2@Z-c|Vy; z*Q>O$_R2jYhiBu<4}4gx}pS88>$D-V})jKKJXX?!cE9 z(B5Sm+!rE_se_j8(xz$X7V&=$V_6Acad7P34n%mYQ<_uu1w2JF^u@f$1nPRP`2CiJ zwDD%uPy}yRFqD%v;&la#tAQnWsH3(X15*P!9Y z6{=E*#8M;rOa^5Q$r*R^<9rF$`9vUAX>_IUMcWQz8J!Yj>bqH!YhGTr{CsXOR})lj z!p|z%ou3mnyCvqZ<6x1Rq37rv_H1a|Y7kwS=Dc4W*9$fr=c_llO1M7UwN}4hKBj)M z9a=#tu*W1<5NY^u2PrwHfj7SkB3t%YitB1U8(^bsdLy6p&m{DLpXO>`e$NG!B*#`q zcCE;TOKy^*s5&OmP0zZ@vM*2j%! z8xVv0vA|kIJz25Am}8m5n=OMfEU{3*pg6DBcW2{%YU1$0Ymo=@I9M^+>8pY~L7aNm zRto<530?wQ+{02^7h?FE!bud`Q7zLu9+5b+*@(wqQ%JBrEeac0WG}fH^fSkigc;)% z^^^Jfqc)Mm6)3PeB2Y`#8l$ZS zWXdh6qH6Fe*)p7zy@ER5y#~_GYmkH`hC9s)FXgziQyRgm-W})h;Ev~Jbql8&!E9L* zYOH8W2NmJf>;`lxm78L~EHJbI*0{529-N%O5OZBwT6Cw9C-TcKD z$)wm2#vsknx$|5O<=(3k0QeZVEs2txM3OPfjN8adLp)CyM<040?^f$*B+>gbgSyg1 zc7l+My{CGz`#!?lDo}qbJjxUQHsx=idj=nLH3|D2AGFo9VN5mSn8Kd~N^Vw$JdI|b zi3IPDfu$7%3bvV+O?TGiKrx#Hm5F4e3z9y7&X86`>*7>DwM;~}EMLDumYew=oNH3Y ztol@V;ZgPyeFIj}K3UnbF~>f=-j@ygj{IA9Ebg=Yz8x^5GRHle>Z{7xmeA?~&2*eU(EotUr6kCQWifj5>I36C=yPr>{cWcg#xcyJGhVOu;k z+L23OSrw7}glJ11IYebGgSmfo1o9!*8?qe-?TVeXD=_t$Ju0&CWJrq`v&r{+7WFmH zm?Rr78E5VYq-M9LEeZXv+>>7Q-Apd2zFXCW??ODnEFg5Z+_s0;%zCSHe_O3ahfuaC zU6L`VZx*uguFgcEMsooJtrGA_MH#KY4>wF#1b zf0n1Q?owe$ikIN0ZvX8a1#SXe(a=0?s+k}ox9)D8FW$?N&~r;SE}Cok#@9@HXno`7 zH~V$ylRQrR@&Fr{a>92ypq&k@uZqw6J4ghBg()%Ja|TdTzB+3Q)REd&M8X#k*jh`U z+YN)AuVd0G2BiypXw9cBn;rW-YcFTE{1p}ZbP`KVp!v}9R-Ui3%ebM!~ zp`9gCttl%t^0UHGBj!?+^S7i+>wKn6^4PzI@>;;dhwCfSOC^FaXhZT02Gcg4O7OHN8*L1Jl6a3RgLL&u(EX|s0)A+=Lb!++i+fEhY(q!{?|aYa-ID&;s}F#+0+SA*%4hc*-gc}N-Z z?kg9t>8qzgxVpQa0K?Y##}sIcaSgYQ29CQ)o0p&O3x@1NH!Km%Yg(K$%wIR{$k|Bm zh?(KCZTYg2Tkd?+oEE#>sJdFQpwEMj^(xu3@u+nj25FKC%B*%wp@USzI;hAiVr1nN zYuXIN>{Ep~BLAmd<#dhyR}r)A&e9D;H;X_Nz7bo(gd=D#L9zRb66oRqXlNjrzWs7B zs`%;9dL=mGc46EUeE@=Eu}C!DSrT71IJV(5{r@Ng*NgYBJWR5CKo< zLXShCt=b{x1Ilep-aCV)j$3@^)H%+x!4zqLM=(!5^cL(vczbwaJix&h0L^pgSp&pW z*Q{1ls^pVEY~k6jAFHb>PhAnsMgGU+`5{8+pcut!@hehmfc0w#c>4&hWh>%pLIfTh zkkDTJ=hyI9rpohTgff}d#Pe}T?}&Q*DQgX2P5TIGxq(cl-v zT3TPp!Ehy~+0?6M-XaB6+^(7wh?K(Mz?zgQ4Xq2~pTt!+L-sLtO-5QO0u_l z+&C|2{4^G=M3DVM;%pV3;FbCRsL=hiijy9s4l$^jai+vC-S2gd!?}|v9JJW^{p!j! z8WYRHas+r(s57GYm-{#7Gly9}b%Hv}B zj?s7o>mz-{Cr!Y-fS!3%-vfdp_LkT->?`g=EoXTV^IZ1_^pSAM$dQP`PJe4=y#sRp zG9xZ;*0;T+5*al{<-M!iK5?=71+E6q%SR;$RTNy>a8@PK_tX;E&9iXKG}G5y03V6P z&h#4K$R(f9kJ{wpSruJX6Jr&V86`Six0Bvu`n6|; z)d3rEjw!;T%{;yhx=KNIFD$jWj1xU^!7~4kZ?xQ0kXjkzkb?11OJjPZ3}zIqpFqvZdE}5B^5J>9J7@|G<_@RBd**!czDV#G;9lS6FoSsyoPFo zGi+qksE>8vb6wrw^{|rxwmoBdlln?v<8sdVH#qGnE}N9t4sqE6&do)?z%NqA0a`ZP zf!%6edM9>~KM>7FYEmJ z5+nUC2pog+a&6t%ryIbFC8^I3TN)?!_szO)=7S}7y;rkep(w{;aW^!3%%EotL9@qx z$DB|%Sa?E9{aYuY_Ypn>m3zV}3jY7Cv+s=cjB1@*7mr+bwdrBJ<6OFMcHS;cJN1nQ zRchhB=C6OPxX!%unF!BEVBaSBpz^h^Oi%9vr=b^lPiN))|DUOc=heE>t?p+YB{FQ; zd9mr?%9k6(GL<=vW?fSBaJsx#q&KMURD)~VHOHp>@Gaiw-YCj4$!xJP)pd{Qi!2v2 zSn{@3;_9RCvyW%Dn8{tUo;B_JBd^0zo*O2L%b(Ib3trCeyE0_Is|Tnpy7YU-Op8m) z+U4siz5-{q{=McH=gu3D?Tzzvj>>K9scj?QVCArf+3_JH1yfD_Veh3_0l~{-?|-*yj^eDzr9B}LULPVzM@0u_MWck za?c-Dy9@M8h&#^HcjdI!nwn3O=lgsQWG~UtaHdp`Zr^!V(wmSb?7gRgH#`{aX zZai?A#f8!p!0w#IO3;ka!XtMKv*efc2F%$IwgPzjNx}7HpGz?MPYD7iT4laJnwKNd zu2%S4q$N<|2z%`rXW&BdoSdW$K^I@~fmXF1;#k4@=IvLbn+`0Ab;lC+X0P8{mVF6y zYN(^h*2C*|zq>U{ZNK72yQZ9T%@Lw3O&r?=5ANYC)1CFKwz(rqZc}DYsanKx1Iy+e zyEqnIjN?ABGLzl*l1mb&5OY>n^$Z1{cE`;xX4l>L)SaNn<|^J8D6r6_;zG0Bm0x<7 zI=FidOte#MYL|$JlULB+cz|Py>kLW98Jbnu2LoB$8yh|=S#-P0uKW7LiELhFq(R^epCur{H_?Ky|H-&1x z1DDis37uEoW_^DThig`2x450@K5e4|?8o#I&m1l4IO_X0^-xXEeTD0ii`^C`9_P7d zc`Cwy|NgrTH+YTi^>uB2E8ShY=jrZ5yTn)pF}cRAogD7X5zS?BwN|$zI!Db@toBL8#|>(4Y~#+J20Re`^2h2*;C8Lp-^+5W?178K z;Y+Q+%UT=DSX>MZJnWnI0X|3=2pyVJ&=be1GcKTfp6y=pFS396UY1 z1+{E#XXH`W(9U3C+Hqqroww%t~v*}Y@GKH@S-V$pnv~1pbbcXhbIpF zQF`!h)wAund()5u;tUH@M1jU#;PfmnyIe)W4dCI^hbF0dA5xtjBNPVQmbLe-JI3HE zIItG9ffk7068--Wt^V~9XaufA(&I7{$N=3?l?XbO3v_<#qx)RiYYYxf`mq`>NsVPuAzGeH2>7YZXVHz4;n+_na7uTO8Rc(qf6b4FZY_7l~ zEGvBa90k98LH4c%Q?g?M@Zxnz?|t)D;tD21ON?MbUkwQ}^FWO9hx(b7Zj-}=CUi3Z Nfv2mV%Q~loCIGUx= Date: Tue, 7 Mar 2023 11:00:41 +1100 Subject: [PATCH 0646/2573] Added tests for RULE-16-1 --- c/misra/test/rules/RULE-16-1/SwitchCaseStartCondition.testref | 1 + c/misra/test/rules/RULE-16-1/SwitchStmtNotWellFormed.testref | 1 + 2 files changed, 2 insertions(+) create mode 100644 c/misra/test/rules/RULE-16-1/SwitchCaseStartCondition.testref create mode 100644 c/misra/test/rules/RULE-16-1/SwitchStmtNotWellFormed.testref diff --git a/c/misra/test/rules/RULE-16-1/SwitchCaseStartCondition.testref b/c/misra/test/rules/RULE-16-1/SwitchCaseStartCondition.testref new file mode 100644 index 0000000000..5d2b2ff0d1 --- /dev/null +++ b/c/misra/test/rules/RULE-16-1/SwitchCaseStartCondition.testref @@ -0,0 +1 @@ +c/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-16-1/SwitchStmtNotWellFormed.testref b/c/misra/test/rules/RULE-16-1/SwitchStmtNotWellFormed.testref new file mode 100644 index 0000000000..e37234ee4b --- /dev/null +++ b/c/misra/test/rules/RULE-16-1/SwitchStmtNotWellFormed.testref @@ -0,0 +1 @@ +c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql \ No newline at end of file From 2b76aad5ea13a71b9c4a99c703b66e39eae14ba4 Mon Sep 17 00:00:00 2001 From: Shadi Samadi Date: Tue, 7 Mar 2023 12:02:59 +1100 Subject: [PATCH 0647/2573] Added RULE-17-2 --- .../RULE-17-2/RecursiveFunctionCondition.ql | 27 +++++++++++++++++++ .../RecursiveFunctionCondition.expected | 4 +++ .../RecursiveFunctionCondition.qlref | 1 + c/misra/test/rules/RULE-17-2/test.c | 19 +++++++++++++ 4 files changed, 51 insertions(+) create mode 100644 c/misra/src/rules/RULE-17-2/RecursiveFunctionCondition.ql create mode 100644 c/misra/test/rules/RULE-17-2/RecursiveFunctionCondition.expected create mode 100644 c/misra/test/rules/RULE-17-2/RecursiveFunctionCondition.qlref create mode 100644 c/misra/test/rules/RULE-17-2/test.c diff --git a/c/misra/src/rules/RULE-17-2/RecursiveFunctionCondition.ql b/c/misra/src/rules/RULE-17-2/RecursiveFunctionCondition.ql new file mode 100644 index 0000000000..e1f8180aee --- /dev/null +++ b/c/misra/src/rules/RULE-17-2/RecursiveFunctionCondition.ql @@ -0,0 +1,27 @@ +/** + * @id c/misra/recursive-function-condition + * @name RULE-17-2: Functions shall not call themselves, either directly or indirectly + * @description Recursive function may cause memory and system failure issues. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-17-2 + * maintainability + * correctness + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +from FunctionCall call, string msg, FunctionCall fc +where + not isExcluded(fc, Statements3Package::recursiveFunctionConditionQuery()) and + fc.getTarget() = call.getTarget() and + call.getTarget().calls*(call.getEnclosingFunction()) and + if fc.getTarget() = fc.getEnclosingFunction() + then msg = "This call directly invokes its containing function $@." + else + msg = + "The function " + fc.getEnclosingFunction() + " is indirectly recursive via this call to $@." +select fc, msg, fc.getTarget(), fc.getTarget().getName() diff --git a/c/misra/test/rules/RULE-17-2/RecursiveFunctionCondition.expected b/c/misra/test/rules/RULE-17-2/RecursiveFunctionCondition.expected new file mode 100644 index 0000000000..5c40b93b1c --- /dev/null +++ b/c/misra/test/rules/RULE-17-2/RecursiveFunctionCondition.expected @@ -0,0 +1,4 @@ +| test.c:8:3:8:4 | call to f3 | This call directly invokes its containing function $@. | test.c:7:6:7:7 | f3 | f3 | +| test.c:11:3:11:4 | call to f3 | The function f6 is indirectly recursive via this call to $@. | test.c:7:6:7:7 | f3 | f3 | +| test.c:15:3:15:4 | call to f2 | The function f5 is indirectly recursive via this call to $@. | test.c:17:6:17:7 | f2 | f2 | +| test.c:18:3:18:4 | call to f5 | The function f2 is indirectly recursive via this call to $@. | test.c:14:6:14:7 | f5 | f5 | diff --git a/c/misra/test/rules/RULE-17-2/RecursiveFunctionCondition.qlref b/c/misra/test/rules/RULE-17-2/RecursiveFunctionCondition.qlref new file mode 100644 index 0000000000..da361b35f4 --- /dev/null +++ b/c/misra/test/rules/RULE-17-2/RecursiveFunctionCondition.qlref @@ -0,0 +1 @@ +rules/RULE-17-2/RecursiveFunctionCondition.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-17-2/test.c b/c/misra/test/rules/RULE-17-2/test.c new file mode 100644 index 0000000000..800921c1e2 --- /dev/null +++ b/c/misra/test/rules/RULE-17-2/test.c @@ -0,0 +1,19 @@ +void f1(); +void f2(); +void f4(int p1) { // COMPLIANT + f1(); +} + +void f3() { + f3(); // NON_COMPLIANT +} +void f6() { + f3(); // NON_COMPLIANT +} + +void f5() { + f2(); // NON_COMPLIANT +} +void f2() { + f5(); // NON_COMPLIANT +} \ No newline at end of file From 34fb54a9a15691b11fcd0b3bdf54e5f88a93272b Mon Sep 17 00:00:00 2001 From: Shadi Samadi Date: Tue, 7 Mar 2023 12:56:57 +1100 Subject: [PATCH 0648/2573] Added Tests for RULE-15-7 --- c/misra/test/rules/RULE-15-7/IfElseEndCondition.testref | 1 + 1 file changed, 1 insertion(+) create mode 100644 c/misra/test/rules/RULE-15-7/IfElseEndCondition.testref diff --git a/c/misra/test/rules/RULE-15-7/IfElseEndCondition.testref b/c/misra/test/rules/RULE-15-7/IfElseEndCondition.testref new file mode 100644 index 0000000000..89caf8f257 --- /dev/null +++ b/c/misra/test/rules/RULE-15-7/IfElseEndCondition.testref @@ -0,0 +1 @@ +c/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql \ No newline at end of file From 755fc4692c300852ca3b123cb0c6ea448cfeb4ec Mon Sep 17 00:00:00 2001 From: Shadi Samadi Date: Tue, 7 Mar 2023 14:21:38 +1100 Subject: [PATCH 0649/2573] added FLP30-C --- .../FLP30-C/FloatingPointLoopCounters.md | 106 ++++++++++++++++++ .../FLP30-C/FloatingPointLoopCounters.ql | 30 +++++ .../FloatingPointLoopCounters.expected | 2 + .../FLP30-C/FloatingPointLoopCounters.qlref | 1 + c/cert/test/rules/FLP30-C/test.c | 15 +++ .../cpp/exclusions/c/RuleMetadata.qll | 3 + .../cpp/exclusions/c/Statements4.qll | 78 +++++++++++++ rule_packages/c/Statements4.json | 81 +++++++++++++ rules.csv | 6 +- 9 files changed, 319 insertions(+), 3 deletions(-) create mode 100644 c/cert/src/rules/FLP30-C/FloatingPointLoopCounters.md create mode 100644 c/cert/src/rules/FLP30-C/FloatingPointLoopCounters.ql create mode 100644 c/cert/test/rules/FLP30-C/FloatingPointLoopCounters.expected create mode 100644 c/cert/test/rules/FLP30-C/FloatingPointLoopCounters.qlref create mode 100644 c/cert/test/rules/FLP30-C/test.c create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/Statements4.qll create mode 100644 rule_packages/c/Statements4.json diff --git a/c/cert/src/rules/FLP30-C/FloatingPointLoopCounters.md b/c/cert/src/rules/FLP30-C/FloatingPointLoopCounters.md new file mode 100644 index 0000000000..52e2c70fce --- /dev/null +++ b/c/cert/src/rules/FLP30-C/FloatingPointLoopCounters.md @@ -0,0 +1,106 @@ +# FLP30-C: Do not use floating-point variables as loop counters + +This query implements the CERT-C rule FLP30-C: + +> Do not use floating-point variables as loop counters + + +## Description + +Because floating-point numbers represent real numbers, it is often mistakenly assumed that they can represent any simple fraction exactly. Floating-point numbers are subject to representational limitations just as integers are, and binary floating-point numbers cannot represent all real numbers exactly, even if they can be represented in a small number of decimal digits. + +In addition, because floating-point numbers can represent large values, it is often mistakenly assumed that they can represent all significant digits of those values. To gain a large dynamic range, floating-point numbers maintain a fixed number of precision bits (also called the significand) and an exponent, which limit the number of significant digits they can represent. + +Different implementations have different precision limitations, and to keep code portable, floating-point variables must not be used as the loop induction variable. See Goldberg's work for an introduction to this topic \[[Goldberg 1991](https://www.securecoding.cert.org/confluence/display/java/Rule+AA.+References#RuleAA.References-Goldberg91)\]. + +For the purpose of this rule, a *loop counter* is an induction variable that is used as an operand of a comparison expression that is used as the controlling expression of a `do`, `while`, or `for` loop. An *induction variable* is a variable that gets increased or decreased by a fixed amount on every iteration of a loop \[[Aho 1986](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-Aho1986)\]. Furthermore, the change to the variable must occur directly in the loop body (rather than inside a function executed within the loop). + +## Noncompliant Code Example + +In this noncompliant code example, a floating-point variable is used as a loop counter. The decimal number `0.1` is a repeating fraction in binary and cannot be exactly represented as a binary floating-point number. Depending on the implementation, the loop may iterate 9 or 10 times. + +```cpp +void func(void) { + for (float x = 0.1f; x <= 1.0f; x += 0.1f) { + /* Loop may iterate 9 or 10 times */ + } +} +``` +For example, when compiled with GCC or Microsoft Visual Studio 2013 and executed on an x86 processor, the loop is evaluated only nine times. + +## Compliant Solution + +In this compliant solution, the loop counter is an integer from which the floating-point value is derived: + +```cpp +#include + +void func(void) { + for (size_t count = 1; count <= 10; ++count) { + float x = count / 10.0f; + /* Loop iterates exactly 10 times */ + } +} +``` + +## Noncompliant Code Example + +In this noncompliant code example, a floating-point loop counter is incremented by an amount that is too small to change its value given its precision: + +```cpp +void func(void) { + for (float x = 100000001.0f; x <= 100000010.0f; x += 1.0f) { + /* Loop may not terminate */ + } +} +``` +On many implementations, this produces an infinite loop. + +## Compliant Solution + +In this compliant solution, the loop counter is an integer from which the floating-point value is derived. The variable `x` is assigned a computed value to reduce compounded rounding errors that are present in the noncompliant code example. + +```cpp +void func(void) { + for (size_t count = 1; count <= 10; ++count) { + float x = 100000000.0f + (count * 1.0f); + /* Loop iterates exactly 10 times */ + } +} +``` + +## Risk Assessment + +The use of floating-point variables as loop counters can result in [unexpected behavior ](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-unexpectedbehavior). + +
    Rule Severity Likelihood Remediation Cost Priority Level
    FLP30-C Low Probable Low P6 L2
    + + +## Automated Detection + +
    Tool Version Checker Description
    Astrée 22.04 for-loop-float Fully checked
    Axivion Bauhaus Suite 7.2.0 CertC-FLP30 Fully implemented
    Clang 3.9 cert-flp30-c Checked by clang-tidy
    CodeSonar 7.2p0 LANG.STRUCT.LOOP.FPC Float-typed loop counter
    Compass/ROSE
    Coverity 2017.07 MISRA C 2004 Rule 13.4 MISRA C 2012 Rule 14.1 Implemented
    ECLAIR 1.2 CC2.FLP30 Fully implemented
    Helix QAC 2022.4 C3339, C3340, C3342 C++4234
    Klocwork 2022.4 MISRA.FOR.COUNTER.FLT
    LDRA tool suite 9.7.1 39 S Fully implemented
    Parasoft C/C++test 2022.2 CERT_C-FLP30-a Do not use floating point variables as loop counters
    PC-lint Plus 1.4 9009 Fully supported
    Polyspace Bug Finder R2022b CERT C: Rule FLP30-C Checks for use of float variable as loop counter (rule fully covered)
    PRQA QA-C 9.7 3339, 3340, 3342 Partially implemented
    PRQA QA-C++ 4.4 4234
    PVS-Studio 7.23 V1034
    RuleChecker 22.04 for-loop-float Fully checked
    SonarQube C/C++ Plugin 3.11 S2193 Fully implemented
    TrustInSoft Analyzer 1.38 non-terminating Exhaustively detects non-terminating statements (see one compliant and one non-compliant example ).
    + + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+FLP30-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
    Taxonomy Taxonomy item Relationship
    CERT C FLP30-CPP. Do not use floating-point variables as loop counters Prior to 2018-01-12: CERT: Unspecified Relationship
    CERT Oracle Secure Coding Standard for Java NUM09-J. Do not use floating-point variables as loop counters Prior to 2018-01-12: CERT: Unspecified Relationship
    ISO/IEC TR 24772:2013 Floating-Point Arithmetic \[PLF\] Prior to 2018-01-12: CERT: Unspecified Relationship
    MISRA C:2012 Directive 1.1 (required) Prior to 2018-01-12: CERT: Unspecified Relationship
    MISRA C:2012 Rule 14.1 (required) Prior to 2018-01-12: CERT: Unspecified Relationship
    + + +## Bibliography + +
    \[ Aho 1986 \]
    \[ Goldberg 1991 \]
    \[ Lockheed Martin 05 \] AV Rule 197
    + + +## Implementation notes + +None + +## References + +* CERT-C: [FLP30-C: Do not use floating-point variables as loop counters](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/FLP30-C/FloatingPointLoopCounters.ql b/c/cert/src/rules/FLP30-C/FloatingPointLoopCounters.ql new file mode 100644 index 0000000000..1f99006866 --- /dev/null +++ b/c/cert/src/rules/FLP30-C/FloatingPointLoopCounters.ql @@ -0,0 +1,30 @@ +/** + * @id c/cert/floating-point-loop-counters + * @name FLP30-C: Do not use floating-point variables as loop counters + * @description Loop counters should not use floating-point variables to keep code portable. + * @kind problem + * @precision very-high + * @problem.severity recommendation + * @tags external/cert/id/flp30-c + * maintainability + * readability + * correctness + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import codingstandards.cpp.Loops + +from Loop loop +where + not isExcluded(loop, Statements4Package::floatingPointLoopCountersQuery()) and + exists(WhileStmt while | + while.getCondition().getType() instanceof FloatType and + loop = while + ) + or + exists(ForStmt for, Variable counter | + isForLoopWithFloatingPointCounters(for, counter) and for = loop + ) +select loop, "Loop $@ has a floating-point type.", loop.getControllingExpr(), "counter" diff --git a/c/cert/test/rules/FLP30-C/FloatingPointLoopCounters.expected b/c/cert/test/rules/FLP30-C/FloatingPointLoopCounters.expected new file mode 100644 index 0000000000..964df7c2b7 --- /dev/null +++ b/c/cert/test/rules/FLP30-C/FloatingPointLoopCounters.expected @@ -0,0 +1,2 @@ +| test.c:3:3:4:3 | for(...;...;...) ... | Loop $@ has a floating-point type. | test.c:3:18:3:26 | ... < ... | counter | +| test.c:5:3:6:3 | while (...) ... | Loop $@ has a floating-point type. | test.c:5:10:5:17 | ... - ... | counter | diff --git a/c/cert/test/rules/FLP30-C/FloatingPointLoopCounters.qlref b/c/cert/test/rules/FLP30-C/FloatingPointLoopCounters.qlref new file mode 100644 index 0000000000..1ada999730 --- /dev/null +++ b/c/cert/test/rules/FLP30-C/FloatingPointLoopCounters.qlref @@ -0,0 +1 @@ +rules/FLP30-C/FloatingPointLoopCounters.ql \ No newline at end of file diff --git a/c/cert/test/rules/FLP30-C/test.c b/c/cert/test/rules/FLP30-C/test.c new file mode 100644 index 0000000000..9ec460953b --- /dev/null +++ b/c/cert/test/rules/FLP30-C/test.c @@ -0,0 +1,15 @@ +void f1() { + float f = 0.0F; + for (f = 0.0F; f < 10.0F; f += 0.2F) { // NON_COMPLIANT + } + while (f - 0.0F) { // NON_COMPLIANT + } +} + +void f2() { + + for (int i = 0; i < 10; i++) { // COMPLIANT + } + while (4 - 4) { // COMPLIANT + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index 5d5e2b7189..80c09f4c5f 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -45,6 +45,7 @@ import SideEffects2 import Statements1 import Statements2 import Statements3 +import Statements4 import Strings1 import Strings2 import Strings3 @@ -95,6 +96,7 @@ newtype TCQuery = TStatements1PackageQuery(Statements1Query q) or TStatements2PackageQuery(Statements2Query q) or TStatements3PackageQuery(Statements3Query q) or + TStatements4PackageQuery(Statements4Query q) or TStrings1PackageQuery(Strings1Query q) or TStrings2PackageQuery(Strings2Query q) or TStrings3PackageQuery(Strings3Query q) or @@ -145,6 +147,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isStatements1QueryMetadata(query, queryId, ruleId, category) or isStatements2QueryMetadata(query, queryId, ruleId, category) or isStatements3QueryMetadata(query, queryId, ruleId, category) or + isStatements4QueryMetadata(query, queryId, ruleId, category) or isStrings1QueryMetadata(query, queryId, ruleId, category) or isStrings2QueryMetadata(query, queryId, ruleId, category) or isStrings3QueryMetadata(query, queryId, ruleId, category) or diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Statements4.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Statements4.qll new file mode 100644 index 0000000000..b46cd2207b --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Statements4.qll @@ -0,0 +1,78 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype Statements4Query = + TFloatingPointLoopCountersQuery() or + TForLoopNotWellFormedQuery() or + TNonBooleanIfConditionQuery() or + TNonBooleanIterationConditionQuery() + +predicate isStatements4QueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `floatingPointLoopCounters` query + Statements4Package::floatingPointLoopCountersQuery() and + queryId = + // `@id` for the `floatingPointLoopCounters` query + "c/cert/floating-point-loop-counters" and + ruleId = "FLP30-C" and + category = "rule" + or + query = + // `Query` instance for the `forLoopNotWellFormed` query + Statements4Package::forLoopNotWellFormedQuery() and + queryId = + // `@id` for the `forLoopNotWellFormed` query + "c/misra/for-loop-not-well-formed" and + ruleId = "RULE-14-2" and + category = "required" + or + query = + // `Query` instance for the `nonBooleanIfCondition` query + Statements4Package::nonBooleanIfConditionQuery() and + queryId = + // `@id` for the `nonBooleanIfCondition` query + "c/misra/non-boolean-if-condition" and + ruleId = "RULE-14-4" and + category = "required" + or + query = + // `Query` instance for the `nonBooleanIterationCondition` query + Statements4Package::nonBooleanIterationConditionQuery() and + queryId = + // `@id` for the `nonBooleanIterationCondition` query + "c/misra/non-boolean-iteration-condition" and + ruleId = "RULE-14-4" and + category = "required" +} + +module Statements4Package { + Query floatingPointLoopCountersQuery() { + //autogenerate `Query` type + result = + // `Query` type for `floatingPointLoopCounters` query + TQueryC(TStatements4PackageQuery(TFloatingPointLoopCountersQuery())) + } + + Query forLoopNotWellFormedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `forLoopNotWellFormed` query + TQueryC(TStatements4PackageQuery(TForLoopNotWellFormedQuery())) + } + + Query nonBooleanIfConditionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `nonBooleanIfCondition` query + TQueryC(TStatements4PackageQuery(TNonBooleanIfConditionQuery())) + } + + Query nonBooleanIterationConditionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `nonBooleanIterationCondition` query + TQueryC(TStatements4PackageQuery(TNonBooleanIterationConditionQuery())) + } +} diff --git a/rule_packages/c/Statements4.json b/rule_packages/c/Statements4.json new file mode 100644 index 0000000000..e76c984f76 --- /dev/null +++ b/rule_packages/c/Statements4.json @@ -0,0 +1,81 @@ +{ + "CERT-C": { + "FLP30-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Loop counters should not use floating-point variables to keep code portable.", + "kind": "problem", + "name": "Do not use floating-point variables as loop counters", + "precision": "very-high", + "severity": "recommendation", + "short_name": "FloatingPointLoopCounters", + "tags": [ + "maintainability", + "readability", + "correctness" + ] + } + ], + "title": "Do not use floating-point variables as loop counters" + } + }, + "MISRA-C-2012": { + "RULE-14-2": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "A well-formed for loop makes code easier to review.", + "kind": "problem", + "name": "A for loop shall be well-formed", + "precision": "very-high", + "severity": "recommendation", + "short_name": "ForLoopNotWellFormed", + "tags": [ + "readability", + "maintainability" + ] + } + ], + "title": "A for loop shall be well-formed" + }, + "RULE-14-4": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Non boolean conditions can be confusing for developers.", + "kind": "problem", + "name": "The condition of an if-statement shall have type bool", + "precision": "very-high", + "severity": "recommendation", + "short_name": "NonBooleanIfCondition", + "shared_implementation_short_name": "NonBooleanIfStmt", + "tags": [ + "maintainability", + "readability" + ] + }, + { + "description": "Non boolean conditions can be confusing for developers.", + "kind": "problem", + "name": "The condition of an iteration statement shall have type bool", + "precision": "very-high", + "severity": "recommendation", + "short_name": "NonBooleanIterationCondition", + "shared_implementation_short_name": "NonBooleanIterationStmt", + "tags": [ + "maintainability", + "readability" + ] + } + ], + "title": "The controlling expression of an if statement and the controlling expression of an iteration-statement shall have essentially Boolean type" + } + } +} \ No newline at end of file diff --git a/rules.csv b/rules.csv index 96da89354d..81ef255764 100644 --- a/rules.csv +++ b/rules.csv @@ -543,7 +543,7 @@ c,CERT-C,FIO44-C,Yes,Rule,,,Only use values for fsetpos() that are returned from c,CERT-C,FIO45-C,Yes,Rule,,,Avoid TOCTOU race conditions while accessing files,,IO4,Medium, c,CERT-C,FIO46-C,Yes,Rule,,,Do not access a closed file,FIO51-CPP,IO1,Hard, c,CERT-C,FIO47-C,Yes,Rule,,,Use valid format strings,,IO4,Hard, -c,CERT-C,FLP30-C,Yes,Rule,,,Do not use floating-point variables as loop counters,,Statements,Easy, +c,CERT-C,FLP30-C,Yes,Rule,,,Do not use floating-point variables as loop counters,,Statements4,Easy, c,CERT-C,FLP32-C,Yes,Rule,,,Prevent or detect domain and range errors in math functions,A0-4-4,Types,Medium, c,CERT-C,FLP34-C,Yes,Rule,,,Ensure that floating-point conversions are within range of the new type,,Types,Medium, c,CERT-C,FLP36-C,Yes,Rule,,,Preserve precision when converting integral values to floating-point type,,Types,Medium, @@ -694,9 +694,9 @@ c,MISRA-C-2012,RULE-13-4,Yes,Advisory,,,The result of an assignment operator sho c,MISRA-C-2012,RULE-13-5,Yes,Required,,,The right hand operand of a logical && or || operator shall not contain persistent side effects,M5-14-1,SideEffects1,Import, c,MISRA-C-2012,RULE-13-6,Yes,Mandatory,,,The operand of the sizeof operator shall not contain any expressiosn which has potential side effects,M5-3-4,SideEffects1,Import, c,MISRA-C-2012,RULE-14-1,Yes,Required,,,A loop counter shall not have essentially floating type,FLP30-C A6-5-2,Types,Hard, -c,MISRA-C-2012,RULE-14-2,Yes,Required,,,A for loop shall be well-formed,M6-5-1...M6-5-6,Statements,Medium, +c,MISRA-C-2012,RULE-14-2,Yes,Required,,,A for loop shall be well-formed,M6-5-1...M6-5-6,Statements4,Medium, c,MISRA-C-2012,RULE-14-3,Yes,Required,,,Controlling expressions shall not be invariant,,Statements,Medium, -c,MISRA-C-2012,RULE-14-4,Yes,Required,,,The controlling expression of an if statement and the controlling expression of an iteration-statement shall have essentially Boolean type,A5-0-2,Statements,Medium, +c,MISRA-C-2012,RULE-14-4,Yes,Required,,,The controlling expression of an if statement and the controlling expression of an iteration-statement shall have essentially Boolean type,A5-0-2,Statements4,Medium, c,MISRA-C-2012,RULE-15-1,No,Advisory,,,The goto statement should not be used,A6-6-1,,Import, c,MISRA-C-2012,RULE-15-2,Yes,Required,,,The goto statement shall jump to a label declared later in the same function,M6-6-2,Statements2,Import, c,MISRA-C-2012,RULE-15-3,Yes,Required,,,"Any label referenced by a goto statement shall be declared in the same block, or in any block enclosing the goto statement",M6-6-1,Statements2,Import, From d89c8cb91f55cb6c5f11671b293453286df2812d Mon Sep 17 00:00:00 2001 From: Shadi Samadi Date: Tue, 7 Mar 2023 15:08:17 +1100 Subject: [PATCH 0650/2573] added RULE-14-2 --- .../rules/RULE-14-2/ForLoopNotWellFormed.ql | 22 ++++++ .../RULE-14-2/ForLoopNotWellFormed.expected | 1 + .../RULE-14-2/ForLoopNotWellFormed.qlref | 1 + c/misra/test/rules/RULE-14-2/test.c | 68 +++++++++++++++++++ 4 files changed, 92 insertions(+) create mode 100644 c/misra/src/rules/RULE-14-2/ForLoopNotWellFormed.ql create mode 100644 c/misra/test/rules/RULE-14-2/ForLoopNotWellFormed.expected create mode 100644 c/misra/test/rules/RULE-14-2/ForLoopNotWellFormed.qlref create mode 100644 c/misra/test/rules/RULE-14-2/test.c diff --git a/c/misra/src/rules/RULE-14-2/ForLoopNotWellFormed.ql b/c/misra/src/rules/RULE-14-2/ForLoopNotWellFormed.ql new file mode 100644 index 0000000000..a454d90505 --- /dev/null +++ b/c/misra/src/rules/RULE-14-2/ForLoopNotWellFormed.ql @@ -0,0 +1,22 @@ +/** + * @id c/misra/for-loop-not-well-formed + * @name RULE-14-2: A for loop shall be well-formed + * @description A well-formed for loop makes code easier to review. + * @kind problem + * @precision very-high + * @problem.severity recommendation + * @tags external/misra/id/rule-14-2 + * readability + * maintainability + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.Loops + +from ForStmt for +where + not isExcluded(for, Statements4Package::forLoopNotWellFormedQuery()) and + isInvalidLoop(for) +select for, "For loop is not well formed." diff --git a/c/misra/test/rules/RULE-14-2/ForLoopNotWellFormed.expected b/c/misra/test/rules/RULE-14-2/ForLoopNotWellFormed.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/RULE-14-2/ForLoopNotWellFormed.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-14-2/ForLoopNotWellFormed.qlref b/c/misra/test/rules/RULE-14-2/ForLoopNotWellFormed.qlref new file mode 100644 index 0000000000..f65068dfb2 --- /dev/null +++ b/c/misra/test/rules/RULE-14-2/ForLoopNotWellFormed.qlref @@ -0,0 +1 @@ +rules/RULE-14-2/ForLoopNotWellFormed.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-14-2/test.c b/c/misra/test/rules/RULE-14-2/test.c new file mode 100644 index 0000000000..c1ce23dd11 --- /dev/null +++ b/c/misra/test/rules/RULE-14-2/test.c @@ -0,0 +1,68 @@ + +#include "stdbool.h" +int g1 = 10; +int f1() { return g1++; } + +void f2() { + for (float f = 0.0F; f < 10.0F; f += 0.2F) { // NON_COMPLIANT + } + for (int i = 0; i < 10; i++) { // COMPLIANT + } +} + +void f3() { + for (int i = 0, j = 0; i < j; i++, j++) { // NON_COMPLIANT + } +} + +void f4() { + int i, j; + for (i = 0, j = 0; i < j; i++, j++) { // NON_COMPLIANT + } +} + +void f5() { + for (int i = 0; i != 10; i += 3) { // NON_COMPLIANT + } + + for (int i = 0; i != 10; i++) { // COMPLIANT + } +} + +void f7() { + for (int i = 0; i < 100; i += g1) { // COMPLIANT + } +} + +void f8() { + for (int x = 0; x < 5; x += f1()) { // NON_COMPLIANT + } +} + +void f9() { + bool l1 = true; + for (int x = 0; (x < 5) && l1; ++x) { // COMPLIANT + l1 = false; + } +} + +bool f10(int p1) { return false; } +void f11() { + bool p1 = true; + for (int x = 0; (x < 5); p1 = f10(++x)) { // NON_COMPLIANT + } +} + +void f12() { + bool l1 = true; + for (int x = 0; (x < 5) && l1; ++x) { // COMPLIANT + } +} + +void f13() { + int l1 = 1; + for (int x = 0; x < 5 && l1 == 9; ++x) { // NON_COMPLIANT + x = x + 2; + g1--; + } +} From df09cc189ffbe13ac907c98863f0ce19b9377428 Mon Sep 17 00:00:00 2001 From: Shadi Samadi Date: Tue, 7 Mar 2023 15:09:23 +1100 Subject: [PATCH 0651/2573] test results for RULE-14-2 --- .../test/rules/RULE-14-2/ForLoopNotWellFormed.expected | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/c/misra/test/rules/RULE-14-2/ForLoopNotWellFormed.expected b/c/misra/test/rules/RULE-14-2/ForLoopNotWellFormed.expected index 2ec1a0ac6c..c084d2d0ad 100644 --- a/c/misra/test/rules/RULE-14-2/ForLoopNotWellFormed.expected +++ b/c/misra/test/rules/RULE-14-2/ForLoopNotWellFormed.expected @@ -1 +1,7 @@ -No expected results have yet been specified \ No newline at end of file +| test.c:7:3:8:3 | for(...;...;...) ... | For loop is not well formed. | +| test.c:14:3:15:3 | for(...;...;...) ... | For loop is not well formed. | +| test.c:20:3:21:3 | for(...;...;...) ... | For loop is not well formed. | +| test.c:25:3:26:3 | for(...;...;...) ... | For loop is not well formed. | +| test.c:38:3:39:3 | for(...;...;...) ... | For loop is not well formed. | +| test.c:52:3:53:3 | for(...;...;...) ... | For loop is not well formed. | +| test.c:64:3:67:3 | for(...;...;...) ... | For loop is not well formed. | From 9748585e5560a12dc3b0e684a620821a4059bace Mon Sep 17 00:00:00 2001 From: Shadi Samadi Date: Tue, 7 Mar 2023 16:22:55 +1100 Subject: [PATCH 0652/2573] added RULE-14-4 and moved A5-0-2 to shared folder --- .../NonBooleanIfStmt.expected | 3 ++ .../nonbooleanifstmt/NonBooleanIfStmt.ql | 2 + c/common/test/rules/nonbooleanifstmt/test.c | 24 +++++++++ .../NonBooleanIterationStmt.expected | 3 ++ .../NonBooleanIterationStmt.ql | 2 + .../test/rules/nonbooleaniterationstmt/test.c | 15 ++++++ .../rules/RULE-14-4/NonBooleanIfCondition.ql | 22 ++++++++ .../RULE-14-4/NonBooleanIterationCondition.ql | 22 ++++++++ .../RULE-14-4/NonBooleanIfCondition.testref | 1 + .../NonBooleanIterationCondition.testref | 1 + .../src/rules/A5-0-2/NonBooleanIfCondition.ql | 14 +++-- .../A5-0-2/NonBooleanIterationCondition.ql | 13 +++-- .../A5-0-2/NonBooleanIfCondition.expected | 3 -- .../rules/A5-0-2/NonBooleanIfCondition.qlref | 1 - .../A5-0-2/NonBooleanIfCondition.testref | 1 + .../NonBooleanIterationCondition.expected | 2 - .../A5-0-2/NonBooleanIterationCondition.qlref | 1 - .../NonBooleanIterationCondition.testref | 1 + .../nonbooleanifstmt/NonBooleanIfStmt.qll | 22 ++++++++ .../NonBooleanIterationStmt.qll | 21 ++++++++ .../NonBooleanIfStmt.expected | 3 ++ .../nonbooleanifstmt/NonBooleanIfStmt.ql | 2 + .../test/rules/nonbooleanifstmt}/test.cpp | 54 +------------------ .../NonBooleanIterationStmt.expected | 2 + .../NonBooleanIterationStmt.ql | 2 + .../rules/nonbooleaniterationstmt/test.cpp | 44 +++++++++++++++ rule_packages/cpp/Conditionals.json | 2 + 27 files changed, 208 insertions(+), 75 deletions(-) create mode 100644 c/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.expected create mode 100644 c/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql create mode 100644 c/common/test/rules/nonbooleanifstmt/test.c create mode 100644 c/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.expected create mode 100644 c/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql create mode 100644 c/common/test/rules/nonbooleaniterationstmt/test.c create mode 100644 c/misra/src/rules/RULE-14-4/NonBooleanIfCondition.ql create mode 100644 c/misra/src/rules/RULE-14-4/NonBooleanIterationCondition.ql create mode 100644 c/misra/test/rules/RULE-14-4/NonBooleanIfCondition.testref create mode 100644 c/misra/test/rules/RULE-14-4/NonBooleanIterationCondition.testref delete mode 100644 cpp/autosar/test/rules/A5-0-2/NonBooleanIfCondition.expected delete mode 100644 cpp/autosar/test/rules/A5-0-2/NonBooleanIfCondition.qlref create mode 100644 cpp/autosar/test/rules/A5-0-2/NonBooleanIfCondition.testref delete mode 100644 cpp/autosar/test/rules/A5-0-2/NonBooleanIterationCondition.expected delete mode 100644 cpp/autosar/test/rules/A5-0-2/NonBooleanIterationCondition.qlref create mode 100644 cpp/autosar/test/rules/A5-0-2/NonBooleanIterationCondition.testref create mode 100644 cpp/common/src/codingstandards/cpp/rules/nonbooleanifstmt/NonBooleanIfStmt.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.qll create mode 100644 cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.expected create mode 100644 cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql rename cpp/{autosar/test/rules/A5-0-2 => common/test/rules/nonbooleanifstmt}/test.cpp (52%) create mode 100644 cpp/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.expected create mode 100644 cpp/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql create mode 100644 cpp/common/test/rules/nonbooleaniterationstmt/test.cpp diff --git a/c/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.expected b/c/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.expected new file mode 100644 index 0000000000..490b14b9bf --- /dev/null +++ b/c/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.expected @@ -0,0 +1,3 @@ +| test.c:7:7:7:8 | l1 | If condition has non boolean type int. | +| test.c:9:7:9:8 | call to f1 | If condition has non boolean type int. | +| test.c:12:7:12:8 | l2 | If condition has non boolean type void *. | diff --git a/c/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql b/c/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql new file mode 100644 index 0000000000..da907fcf9e --- /dev/null +++ b/c/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.nonbooleanifstmt.NonBooleanIfStmt diff --git a/c/common/test/rules/nonbooleanifstmt/test.c b/c/common/test/rules/nonbooleanifstmt/test.c new file mode 100644 index 0000000000..ca71348a5b --- /dev/null +++ b/c/common/test/rules/nonbooleanifstmt/test.c @@ -0,0 +1,24 @@ +#include "stdbool.h" +int f1(); +void *f2(); + +void f3() { + int l1 = 1; + if (l1) { // NON_COMPLIANT + } + if (f1()) { // NON_COMPLIANT + } + void *l2 = f2(); + if (l2) { // NON_COMPLIANT + } +} + +void f4() { + int l1 = 1; + if ((bool)l1) { // COMPLIANT + } + + int l2 = 1; + if ((const bool)l2) { // COMPLIANT + } +} \ No newline at end of file diff --git a/c/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.expected b/c/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.expected new file mode 100644 index 0000000000..3d3aa974dd --- /dev/null +++ b/c/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.expected @@ -0,0 +1,3 @@ +| test.c:5:3:6:3 | for(...;...;...) ... | Iteration condition has non boolean type int. | +| test.c:7:3:8:3 | while (...) ... | Iteration condition has non boolean type int. | +| test.c:13:3:14:3 | for(...;...;...) ... | Iteration condition has non boolean type int. | diff --git a/c/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql b/c/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql new file mode 100644 index 0000000000..ffe3f351c6 --- /dev/null +++ b/c/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.nonbooleaniterationstmt.NonBooleanIterationStmt diff --git a/c/common/test/rules/nonbooleaniterationstmt/test.c b/c/common/test/rules/nonbooleaniterationstmt/test.c new file mode 100644 index 0000000000..8ecbb1c1fd --- /dev/null +++ b/c/common/test/rules/nonbooleaniterationstmt/test.c @@ -0,0 +1,15 @@ + + +void f1() { + int l1; + for (int i = 10; i; i++) { // NON_COMPLIANT + } + while (l1) { // NON_COMPLIANT + } +} + +void f2() { + int j = 0; + for (int i = 0; i < 10; i++) { // COMPLIANT + } +} \ No newline at end of file diff --git a/c/misra/src/rules/RULE-14-4/NonBooleanIfCondition.ql b/c/misra/src/rules/RULE-14-4/NonBooleanIfCondition.ql new file mode 100644 index 0000000000..ab5144fbc2 --- /dev/null +++ b/c/misra/src/rules/RULE-14-4/NonBooleanIfCondition.ql @@ -0,0 +1,22 @@ +/** + * @id c/misra/non-boolean-if-condition + * @name RULE-14-4: The condition of an if-statement shall have type bool + * @description Non boolean conditions can be confusing for developers. + * @kind problem + * @precision very-high + * @problem.severity recommendation + * @tags external/misra/id/rule-14-4 + * maintainability + * readability + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.rules.nonbooleanifstmt.NonBooleanIfStmt + +class NonBooleanIfConditionQuery extends NonBooleanIfStmtSharedQuery { + NonBooleanIfConditionQuery() { + this = Statements4Package::nonBooleanIfConditionQuery() + } +} diff --git a/c/misra/src/rules/RULE-14-4/NonBooleanIterationCondition.ql b/c/misra/src/rules/RULE-14-4/NonBooleanIterationCondition.ql new file mode 100644 index 0000000000..01482c5e0e --- /dev/null +++ b/c/misra/src/rules/RULE-14-4/NonBooleanIterationCondition.ql @@ -0,0 +1,22 @@ +/** + * @id c/misra/non-boolean-iteration-condition + * @name RULE-14-4: The condition of an iteration statement shall have type bool + * @description Non boolean conditions can be confusing for developers. + * @kind problem + * @precision very-high + * @problem.severity recommendation + * @tags external/misra/id/rule-14-4 + * maintainability + * readability + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.rules.nonbooleaniterationstmt.NonBooleanIterationStmt + +class NonBooleanIterationConditionQuery extends NonBooleanIterationStmtSharedQuery { + NonBooleanIterationConditionQuery() { + this = Statements4Package::nonBooleanIterationConditionQuery() + } +} diff --git a/c/misra/test/rules/RULE-14-4/NonBooleanIfCondition.testref b/c/misra/test/rules/RULE-14-4/NonBooleanIfCondition.testref new file mode 100644 index 0000000000..e586a8d8ec --- /dev/null +++ b/c/misra/test/rules/RULE-14-4/NonBooleanIfCondition.testref @@ -0,0 +1 @@ +c/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-14-4/NonBooleanIterationCondition.testref b/c/misra/test/rules/RULE-14-4/NonBooleanIterationCondition.testref new file mode 100644 index 0000000000..15f5d0713f --- /dev/null +++ b/c/misra/test/rules/RULE-14-4/NonBooleanIterationCondition.testref @@ -0,0 +1 @@ +c/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql \ No newline at end of file diff --git a/cpp/autosar/src/rules/A5-0-2/NonBooleanIfCondition.ql b/cpp/autosar/src/rules/A5-0-2/NonBooleanIfCondition.ql index 45b130e184..134ded1651 100644 --- a/cpp/autosar/src/rules/A5-0-2/NonBooleanIfCondition.ql +++ b/cpp/autosar/src/rules/A5-0-2/NonBooleanIfCondition.ql @@ -15,12 +15,10 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.rules.nonbooleanifstmt.NonBooleanIfStmt -from IfStmt ifStmt, Expr condition, Type explicitConversionType -where - not isExcluded(ifStmt, ConditionalsPackage::nonBooleanIfConditionQuery()) and - condition = ifStmt.getCondition() and - not ifStmt.isFromUninstantiatedTemplate(_) and - explicitConversionType = condition.getExplicitlyConverted().getType().getUnspecifiedType() and - not explicitConversionType instanceof BoolType -select condition, "If condition has non boolean type " + explicitConversionType + "." +class NonBooleanIfConditionQuery extends NonBooleanIfStmtSharedQuery { + NonBooleanIfConditionQuery() { + this = ConditionalsPackage::nonBooleanIfConditionQuery() + } +} diff --git a/cpp/autosar/src/rules/A5-0-2/NonBooleanIterationCondition.ql b/cpp/autosar/src/rules/A5-0-2/NonBooleanIterationCondition.ql index 07f8f4de3c..c52c100df8 100644 --- a/cpp/autosar/src/rules/A5-0-2/NonBooleanIterationCondition.ql +++ b/cpp/autosar/src/rules/A5-0-2/NonBooleanIterationCondition.ql @@ -15,11 +15,10 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.rules.nonbooleaniterationstmt.NonBooleanIterationStmt -from Loop loopStmt, Expr condition, Type explicitConversionType -where - not isExcluded(loopStmt, ConditionalsPackage::nonBooleanIterationConditionQuery()) and - condition = loopStmt.getCondition() and - explicitConversionType = condition.getExplicitlyConverted().getType().getUnspecifiedType() and - not explicitConversionType instanceof BoolType -select condition, "Iteration condition has non boolean type " + explicitConversionType + "." +class NonBooleanIterationConditionQuery extends NonBooleanIterationStmtSharedQuery { + NonBooleanIterationConditionQuery() { + this = ConditionalsPackage::nonBooleanIterationConditionQuery() + } +} diff --git a/cpp/autosar/test/rules/A5-0-2/NonBooleanIfCondition.expected b/cpp/autosar/test/rules/A5-0-2/NonBooleanIfCondition.expected deleted file mode 100644 index 655e5571e1..0000000000 --- a/cpp/autosar/test/rules/A5-0-2/NonBooleanIfCondition.expected +++ /dev/null @@ -1,3 +0,0 @@ -| test.cpp:8:7:8:7 | i | If condition has non boolean type int. | -| test.cpp:10:7:10:7 | call to f | If condition has non boolean type int. | -| test.cpp:13:7:13:7 | a | If condition has non boolean type void *. | diff --git a/cpp/autosar/test/rules/A5-0-2/NonBooleanIfCondition.qlref b/cpp/autosar/test/rules/A5-0-2/NonBooleanIfCondition.qlref deleted file mode 100644 index a2280d92c6..0000000000 --- a/cpp/autosar/test/rules/A5-0-2/NonBooleanIfCondition.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/A5-0-2/NonBooleanIfCondition.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A5-0-2/NonBooleanIfCondition.testref b/cpp/autosar/test/rules/A5-0-2/NonBooleanIfCondition.testref new file mode 100644 index 0000000000..5f106ce750 --- /dev/null +++ b/cpp/autosar/test/rules/A5-0-2/NonBooleanIfCondition.testref @@ -0,0 +1 @@ +cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A5-0-2/NonBooleanIterationCondition.expected b/cpp/autosar/test/rules/A5-0-2/NonBooleanIterationCondition.expected deleted file mode 100644 index 091087b3a1..0000000000 --- a/cpp/autosar/test/rules/A5-0-2/NonBooleanIterationCondition.expected +++ /dev/null @@ -1,2 +0,0 @@ -| test.cpp:51:20:51:20 | i | Iteration condition has non boolean type int. | -| test.cpp:55:10:55:10 | j | Iteration condition has non boolean type int. | diff --git a/cpp/autosar/test/rules/A5-0-2/NonBooleanIterationCondition.qlref b/cpp/autosar/test/rules/A5-0-2/NonBooleanIterationCondition.qlref deleted file mode 100644 index 535235d198..0000000000 --- a/cpp/autosar/test/rules/A5-0-2/NonBooleanIterationCondition.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/A5-0-2/NonBooleanIterationCondition.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A5-0-2/NonBooleanIterationCondition.testref b/cpp/autosar/test/rules/A5-0-2/NonBooleanIterationCondition.testref new file mode 100644 index 0000000000..36a500fcf8 --- /dev/null +++ b/cpp/autosar/test/rules/A5-0-2/NonBooleanIterationCondition.testref @@ -0,0 +1 @@ +cpp/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/rules/nonbooleanifstmt/NonBooleanIfStmt.qll b/cpp/common/src/codingstandards/cpp/rules/nonbooleanifstmt/NonBooleanIfStmt.qll new file mode 100644 index 0000000000..f2933f755a --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/nonbooleanifstmt/NonBooleanIfStmt.qll @@ -0,0 +1,22 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class NonBooleanIfStmtSharedQuery extends Query { } + +Query getQuery() { result instanceof NonBooleanIfStmtSharedQuery } + +query predicate problems(Expr condition, string message) { + not isExcluded(condition, getQuery()) and + exists(IfStmt ifStmt, Type explicitConversionType | + condition = ifStmt.getCondition() and + not ifStmt.isFromUninstantiatedTemplate(_) and + explicitConversionType = condition.getExplicitlyConverted().getUnderlyingType() and + not explicitConversionType instanceof BoolType and + message = "If condition has non boolean type " + explicitConversionType + "." + ) +} diff --git a/cpp/common/src/codingstandards/cpp/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.qll b/cpp/common/src/codingstandards/cpp/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.qll new file mode 100644 index 0000000000..f1ee555406 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.qll @@ -0,0 +1,21 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class NonBooleanIterationStmtSharedQuery extends Query { } + +Query getQuery() { result instanceof NonBooleanIterationStmtSharedQuery } + +query predicate problems(Loop loopStmt, string message) { + not isExcluded(loopStmt, getQuery()) and + exists(Expr condition, Type explicitConversionType | + condition = loopStmt.getCondition() and + explicitConversionType = condition.getExplicitlyConverted().getType().getUnspecifiedType() and + not explicitConversionType instanceof BoolType and + message = "Iteration condition has non boolean type " + explicitConversionType + "." + ) +} diff --git a/cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.expected b/cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.expected new file mode 100644 index 0000000000..f3899bf81c --- /dev/null +++ b/cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.expected @@ -0,0 +1,3 @@ +| test.cpp:9:7:9:7 | i | If condition has non boolean type int. | +| test.cpp:11:7:11:7 | call to f | If condition has non boolean type int. | +| test.cpp:14:7:14:7 | a | If condition has non boolean type void *. | diff --git a/cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql b/cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql new file mode 100644 index 0000000000..da907fcf9e --- /dev/null +++ b/cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.nonbooleanifstmt.NonBooleanIfStmt diff --git a/cpp/autosar/test/rules/A5-0-2/test.cpp b/cpp/common/test/rules/nonbooleanifstmt/test.cpp similarity index 52% rename from cpp/autosar/test/rules/A5-0-2/test.cpp rename to cpp/common/test/rules/nonbooleanifstmt/test.cpp index 00fc281605..b10cd7034e 100644 --- a/cpp/autosar/test/rules/A5-0-2/test.cpp +++ b/cpp/common/test/rules/nonbooleanifstmt/test.cpp @@ -1,3 +1,4 @@ + #include int f(); @@ -45,56 +46,3 @@ void test_boolean_conditions() { if (a) { // COMPLIANT - a has an explicit operator bool() } } - -void test_non_boolean_iterations() { - int j; - for (int i = 10; i; i++) { // NON_COMPLIANT - j = 3; - } - - while (j) { // NON_COMPLIANT - int k = 3; - } -} - -void test_boolean_iterations() { - int j = 0; - for (int i = 0; i < 10; i++) { // COMPLIANT - j = i + j; - } - - int boolean = 0; - while (bool(boolean)) { // COMPLIANT - j = 5; - } - - while (int i = 0) { // COMPLIANT - due to exception - } - - ClassA a; - while (a) { // COMPLIANT - a has an explicit operator bool() - } -} - -template class ClassB { -public: - std::deque d; - void f() { - if (d.empty()) { // COMPLIANT - } - } -}; - -void class_b_test() { - ClassB b; - - b.f(); -} - -class ClassC { - void run() { - std::deque d; - if (!d.empty()) { // COMPLIANT - } - } -}; \ No newline at end of file diff --git a/cpp/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.expected b/cpp/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.expected new file mode 100644 index 0000000000..05dfadc1f7 --- /dev/null +++ b/cpp/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.expected @@ -0,0 +1,2 @@ +| test.cpp:7:3:9:3 | for(...;...;...) ... | Iteration condition has non boolean type int. | +| test.cpp:11:3:13:3 | while (...) ... | Iteration condition has non boolean type int. | diff --git a/cpp/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql b/cpp/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql new file mode 100644 index 0000000000..ffe3f351c6 --- /dev/null +++ b/cpp/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.nonbooleaniterationstmt.NonBooleanIterationStmt diff --git a/cpp/common/test/rules/nonbooleaniterationstmt/test.cpp b/cpp/common/test/rules/nonbooleaniterationstmt/test.cpp new file mode 100644 index 0000000000..ed25cad311 --- /dev/null +++ b/cpp/common/test/rules/nonbooleaniterationstmt/test.cpp @@ -0,0 +1,44 @@ +#include + +int f(); +void *g(); +void test_non_boolean_iterations() { + int j; + for (int i = 10; i; i++) { // NON_COMPLIANT + j = 3; + } + + while (j) { // NON_COMPLIANT + int k = 3; + } +} + +void test_boolean_iterations() { + int j = 0; + for (int i = 0; i < 10; i++) { // COMPLIANT + j = i + j; + } +} + +template class ClassB { +public: + std::deque d; + void f() { + if (d.empty()) { // COMPLIANT + } + } +}; + +void class_b_test() { + ClassB b; + + b.f(); +} + +class ClassC { + void run() { + std::deque d; + if (!d.empty()) { // COMPLIANT + } + } +}; \ No newline at end of file diff --git a/rule_packages/cpp/Conditionals.json b/rule_packages/cpp/Conditionals.json index dba9341493..c2afb626e4 100644 --- a/rule_packages/cpp/Conditionals.json +++ b/rule_packages/cpp/Conditionals.json @@ -16,6 +16,7 @@ "precision": "very-high", "severity": "recommendation", "short_name": "NonBooleanIfCondition", + "shared_implementation_short_name": "NonBooleanIfStmt", "tags": [ "maintainability", "readability" @@ -28,6 +29,7 @@ "precision": "very-high", "severity": "recommendation", "short_name": "NonBooleanIterationCondition", + "shared_implementation_short_name": "NonBooleanIterationStmt", "tags": [ "maintainability", "readability" From 88febcb317869b563b936f7b1543aa8abdfc46a8 Mon Sep 17 00:00:00 2001 From: Shadi Samadi Date: Tue, 7 Mar 2023 17:56:50 +1100 Subject: [PATCH 0653/2573] added RULE-15-5 --- .../RULE-15-5/FunctionReturnCondition.ql | 26 +++++++ .../FunctionReturnCondition.expected | 4 ++ .../RULE-15-5/FunctionReturnCondition.qlref | 1 + c/misra/test/rules/RULE-15-5/test.c | 27 ++++++++ .../cpp/exclusions/c/RuleMetadata.qll | 3 + .../cpp/exclusions/c/Statements5.qll | 61 +++++++++++++++++ rule_packages/c/Statements5.json | 67 +++++++++++++++++++ rules.csv | 6 +- 8 files changed, 192 insertions(+), 3 deletions(-) create mode 100644 c/misra/src/rules/RULE-15-5/FunctionReturnCondition.ql create mode 100644 c/misra/test/rules/RULE-15-5/FunctionReturnCondition.expected create mode 100644 c/misra/test/rules/RULE-15-5/FunctionReturnCondition.qlref create mode 100644 c/misra/test/rules/RULE-15-5/test.c create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/Statements5.qll create mode 100644 rule_packages/c/Statements5.json diff --git a/c/misra/src/rules/RULE-15-5/FunctionReturnCondition.ql b/c/misra/src/rules/RULE-15-5/FunctionReturnCondition.ql new file mode 100644 index 0000000000..b26de24322 --- /dev/null +++ b/c/misra/src/rules/RULE-15-5/FunctionReturnCondition.ql @@ -0,0 +1,26 @@ +/** + * @id c/misra/function-return-condition + * @name RULE-15-5: A function should have a single point of exit at the end + * @description Not having a single point of exit in a function can lead to unintentional behaviour. + * @kind problem + * @precision very-high + * @problem.severity recommendation + * @tags external/misra/id/rule-15-5 + * maintainability + * readability + * correctness + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.c.misra + +from Function func, string message +where + not isExcluded(func, Statements5Package::functionReturnConditionQuery()) and + count(ReturnStmt return | return.getEnclosingFunction() = func) > 1 and + message = "Function has more than on return statement." + or + not func.getBlock().getLastStmt() instanceof ReturnStmt and + message = "The last statement of the function is not a return statement." +select func, message diff --git a/c/misra/test/rules/RULE-15-5/FunctionReturnCondition.expected b/c/misra/test/rules/RULE-15-5/FunctionReturnCondition.expected new file mode 100644 index 0000000000..48ee45bfdd --- /dev/null +++ b/c/misra/test/rules/RULE-15-5/FunctionReturnCondition.expected @@ -0,0 +1,4 @@ +| test.c:1:6:1:7 | f1 | Function has more than on return statement. | +| test.c:14:6:14:7 | f3 | The last statement of the function is not a return statement. | +| test.c:21:6:21:7 | f4 | Function has more than on return statement. | +| test.c:21:6:21:7 | f4 | The last statement of the function is not a return statement. | diff --git a/c/misra/test/rules/RULE-15-5/FunctionReturnCondition.qlref b/c/misra/test/rules/RULE-15-5/FunctionReturnCondition.qlref new file mode 100644 index 0000000000..fef14a8d42 --- /dev/null +++ b/c/misra/test/rules/RULE-15-5/FunctionReturnCondition.qlref @@ -0,0 +1 @@ +rules/RULE-15-5/FunctionReturnCondition.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-15-5/test.c b/c/misra/test/rules/RULE-15-5/test.c new file mode 100644 index 0000000000..80667338a2 --- /dev/null +++ b/c/misra/test/rules/RULE-15-5/test.c @@ -0,0 +1,27 @@ +void f1(int p1) { // NON_COMPLIANT + if (p1) { + return; + } + return; +} + +void f2(int p1) { // COMPLIANT + if (p1) { + } + return; +} + +void f3(int p1) { // NON_COMPLIANT + if (p1) { + } + return; + p1++; +} + +void f4(int p1) { // NON_COMPLIANT + if (p1) { + return; + } + return; + p1++; +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index 80c09f4c5f..b7c763c9d8 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -46,6 +46,7 @@ import Statements1 import Statements2 import Statements3 import Statements4 +import Statements5 import Strings1 import Strings2 import Strings3 @@ -97,6 +98,7 @@ newtype TCQuery = TStatements2PackageQuery(Statements2Query q) or TStatements3PackageQuery(Statements3Query q) or TStatements4PackageQuery(Statements4Query q) or + TStatements5PackageQuery(Statements5Query q) or TStrings1PackageQuery(Strings1Query q) or TStrings2PackageQuery(Strings2Query q) or TStrings3PackageQuery(Strings3Query q) or @@ -148,6 +150,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isStatements2QueryMetadata(query, queryId, ruleId, category) or isStatements3QueryMetadata(query, queryId, ruleId, category) or isStatements4QueryMetadata(query, queryId, ruleId, category) or + isStatements5QueryMetadata(query, queryId, ruleId, category) or isStrings1QueryMetadata(query, queryId, ruleId, category) or isStrings2QueryMetadata(query, queryId, ruleId, category) or isStrings3QueryMetadata(query, queryId, ruleId, category) or diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Statements5.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Statements5.qll new file mode 100644 index 0000000000..cb0eeeff90 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Statements5.qll @@ -0,0 +1,61 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype Statements5Query = + TControllingExpInvariantConditionQuery() or + TFunctionReturnConditionQuery() or + TNonVoidFunctionReturnConditionQuery() + +predicate isStatements5QueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `controllingExpInvariantCondition` query + Statements5Package::controllingExpInvariantConditionQuery() and + queryId = + // `@id` for the `controllingExpInvariantCondition` query + "c/misra/controlling-exp-invariant-condition" and + ruleId = "RULE-14-3" and + category = "required" + or + query = + // `Query` instance for the `functionReturnCondition` query + Statements5Package::functionReturnConditionQuery() and + queryId = + // `@id` for the `functionReturnCondition` query + "c/misra/function-return-condition" and + ruleId = "RULE-15-5" and + category = "advisory" + or + query = + // `Query` instance for the `nonVoidFunctionReturnCondition` query + Statements5Package::nonVoidFunctionReturnConditionQuery() and + queryId = + // `@id` for the `nonVoidFunctionReturnCondition` query + "c/misra/non-void-function-return-condition" and + ruleId = "RULE-17-4" and + category = "mandatory" +} + +module Statements5Package { + Query controllingExpInvariantConditionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `controllingExpInvariantCondition` query + TQueryC(TStatements5PackageQuery(TControllingExpInvariantConditionQuery())) + } + + Query functionReturnConditionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `functionReturnCondition` query + TQueryC(TStatements5PackageQuery(TFunctionReturnConditionQuery())) + } + + Query nonVoidFunctionReturnConditionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `nonVoidFunctionReturnCondition` query + TQueryC(TStatements5PackageQuery(TNonVoidFunctionReturnConditionQuery())) + } +} diff --git a/rule_packages/c/Statements5.json b/rule_packages/c/Statements5.json new file mode 100644 index 0000000000..c32f0f4968 --- /dev/null +++ b/rule_packages/c/Statements5.json @@ -0,0 +1,67 @@ +{ + "MISRA-C-2012": { + "RULE-14-3": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "If a controlling expression has an invariant value then it is possible that there is a programming error.", + "kind": "problem", + "name": "Controlling expressions shall not be invariant", + "precision": "very-high", + "severity": "error", + "short_name": "ControllingExpInvariantCondition", + "tags": [ + "correctness", + "maintainability", + "readability" + ] + } + ], + "title": "Controlling expressions shall not be invariant" + }, + "RULE-15-5": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "Not having a single point of exit in a function can lead to unintentional behaviour.", + "kind": "problem", + "name": "A function should have a single point of exit at the end", + "precision": "very-high", + "severity": "recommendation", + "short_name": "FunctionReturnCondition", + "tags": [ + "maintainability", + "readability", + "correctness" + ] + } + ], + "title": "A function should have a single point of exit at the end" + }, + "RULE-17-4": { + "properties": { + "obligation": "mandatory" + }, + "queries": [ + { + "description": "Not returning with an expression from a non-void function can lead to undefined behaviour.", + "kind": "problem", + "name": "All exit paths from a function with non-void return type shall have an explicit return statement", + "precision": "very-high", + "severity": "error", + "short_name": "NonVoidFunctionReturnCondition", + "tags": [ + "correctness", + "maintainability", + "readability" + ] + } + ], + "title": "All exit paths from a function with non-void return type shall have an explicit return statement with an expression" + } + } +} \ No newline at end of file diff --git a/rules.csv b/rules.csv index 81ef255764..33f5df22b1 100644 --- a/rules.csv +++ b/rules.csv @@ -695,13 +695,13 @@ c,MISRA-C-2012,RULE-13-5,Yes,Required,,,The right hand operand of a logical && o c,MISRA-C-2012,RULE-13-6,Yes,Mandatory,,,The operand of the sizeof operator shall not contain any expressiosn which has potential side effects,M5-3-4,SideEffects1,Import, c,MISRA-C-2012,RULE-14-1,Yes,Required,,,A loop counter shall not have essentially floating type,FLP30-C A6-5-2,Types,Hard, c,MISRA-C-2012,RULE-14-2,Yes,Required,,,A for loop shall be well-formed,M6-5-1...M6-5-6,Statements4,Medium, -c,MISRA-C-2012,RULE-14-3,Yes,Required,,,Controlling expressions shall not be invariant,,Statements,Medium, +c,MISRA-C-2012,RULE-14-3,Yes,Required,,,Controlling expressions shall not be invariant,,Statements5,Medium, c,MISRA-C-2012,RULE-14-4,Yes,Required,,,The controlling expression of an if statement and the controlling expression of an iteration-statement shall have essentially Boolean type,A5-0-2,Statements4,Medium, c,MISRA-C-2012,RULE-15-1,No,Advisory,,,The goto statement should not be used,A6-6-1,,Import, c,MISRA-C-2012,RULE-15-2,Yes,Required,,,The goto statement shall jump to a label declared later in the same function,M6-6-2,Statements2,Import, c,MISRA-C-2012,RULE-15-3,Yes,Required,,,"Any label referenced by a goto statement shall be declared in the same block, or in any block enclosing the goto statement",M6-6-1,Statements2,Import, c,MISRA-C-2012,RULE-15-4,Yes,Advisory,,,There should be no more than one break or goto statement used to terminate any iteration statement,,Statements2,Medium, -c,MISRA-C-2012,RULE-15-5,Yes,Advisory,,,A function should have a single point of exit at the end,,Statements,Medium, +c,MISRA-C-2012,RULE-15-5,Yes,Advisory,,,A function should have a single point of exit at the end,,Statements5,Medium, c,MISRA-C-2012,RULE-15-6,Yes,Required,,,The body of an iteration-statement or a selection-statement shall be a compund-statement,M6-3-1,Statements3,Import, c,MISRA-C-2012,RULE-15-7,Yes,Required,,,All if / else if constructs shall be terminated with an else statement,M6-4-2,Statements3,Import, c,MISRA-C-2012,RULE-16-1,Yes,Required,,,All switch statements shall be well-formed,M6-4-3,Statements3,Import, @@ -714,7 +714,7 @@ c,MISRA-C-2012,RULE-16-7,Yes,Required,,,A switch-expression shall not have essen c,MISRA-C-2012,RULE-17-1,Yes,Required,,,The features of shall not be used,,Banned,Easy, c,MISRA-C-2012,RULE-17-2,Yes,Required,,,"Functions shall not call themselves, either directly or indirectly",A7-5-2,Statements3,Import, c,MISRA-C-2012,RULE-17-3,Yes,Mandatory,,,A function shall not be declared implicitly,,Declarations6,Medium, -c,MISRA-C-2012,RULE-17-4,Yes,Mandatory,,,All exit paths from a function with non-void return type shall have an explicit return statement with an expression,MSC52-CPP,Statements,Medium, +c,MISRA-C-2012,RULE-17-4,Yes,Mandatory,,,All exit paths from a function with non-void return type shall have an explicit return statement with an expression,MSC52-CPP,Statements5,Medium, c,MISRA-C-2012,RULE-17-5,Yes,Advisory,,,The function argument corresponding to a parameter declared to have an array type shall have an appropriate number of elements,,Contracts,Hard, c,MISRA-C-2012,RULE-17-6,No,Mandatory,,,The declaration of an array parameter shall not contain the static keyword between the [ ],,,, c,MISRA-C-2012,RULE-17-7,Yes,Required,,,The value returned by a function having non-void return type shall be used,A0-1-2,Contracts,Import, From 307173253815c1c596e128e0a4de872f7abb4aa3 Mon Sep 17 00:00:00 2001 From: Shadi Samadi Date: Tue, 7 Mar 2023 18:34:16 +1100 Subject: [PATCH 0654/2573] added RULE-17-4 --- .../NonVoidFunctionReturnCondition.ql | 24 +++++++++++++++++++ .../NonVoidFunctionReturnCondition.testref | 1 + rule_packages/c/Statements5.json | 1 + 3 files changed, 26 insertions(+) create mode 100644 c/misra/src/rules/RULE-17-4/NonVoidFunctionReturnCondition.ql create mode 100644 c/misra/test/rules/RULE-17-4/NonVoidFunctionReturnCondition.testref diff --git a/c/misra/src/rules/RULE-17-4/NonVoidFunctionReturnCondition.ql b/c/misra/src/rules/RULE-17-4/NonVoidFunctionReturnCondition.ql new file mode 100644 index 0000000000..24329e5ab5 --- /dev/null +++ b/c/misra/src/rules/RULE-17-4/NonVoidFunctionReturnCondition.ql @@ -0,0 +1,24 @@ +/** + * @id c/misra/non-void-function-return-condition + * @name RULE-17-4: All exit paths from a function with non-void return type shall have an explicit return statement + * @description Not returning with an expression from a non-void function can lead to undefined + * behaviour. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-17-4 + * correctness + * maintainability + * readability + * external/misra/obligation/mandatory + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.rules.nonvoidfunctiondoesnotreturn.NonVoidFunctionDoesNotReturn + +class NonVoidFunctionReturnConditionQuery extends NonVoidFunctionDoesNotReturnSharedQuery { + NonVoidFunctionReturnConditionQuery() { + this = Statements5Package::nonVoidFunctionReturnConditionQuery() + } +} diff --git a/c/misra/test/rules/RULE-17-4/NonVoidFunctionReturnCondition.testref b/c/misra/test/rules/RULE-17-4/NonVoidFunctionReturnCondition.testref new file mode 100644 index 0000000000..6ddd134ce3 --- /dev/null +++ b/c/misra/test/rules/RULE-17-4/NonVoidFunctionReturnCondition.testref @@ -0,0 +1 @@ +c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql \ No newline at end of file diff --git a/rule_packages/c/Statements5.json b/rule_packages/c/Statements5.json index c32f0f4968..96c0f9a0f5 100644 --- a/rule_packages/c/Statements5.json +++ b/rule_packages/c/Statements5.json @@ -54,6 +54,7 @@ "precision": "very-high", "severity": "error", "short_name": "NonVoidFunctionReturnCondition", + "shared_implementation_short_name": "NonVoidFunctionDoesNotReturn", "tags": [ "correctness", "maintainability", From 20db94f8d412b4cbb0510d1bbf604a9efd4da2ab Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Tue, 7 Mar 2023 10:00:12 +0100 Subject: [PATCH 0655/2573] Fix RULE-9-4 bug, update test and metadata --- .../RepeatedInitializationOfAggregateObjectElement.ql | 7 ++++--- ...RepeatedInitializationOfAggregateObjectElement.expected | 2 +- c/misra/test/rules/RULE-9-4/test.c | 2 +- rule_packages/c/Memory1.json | 2 +- 4 files changed, 7 insertions(+), 6 deletions(-) diff --git a/c/misra/src/rules/RULE-9-4/RepeatedInitializationOfAggregateObjectElement.ql b/c/misra/src/rules/RULE-9-4/RepeatedInitializationOfAggregateObjectElement.ql index 9816f83e75..de0890777f 100644 --- a/c/misra/src/rules/RULE-9-4/RepeatedInitializationOfAggregateObjectElement.ql +++ b/c/misra/src/rules/RULE-9-4/RepeatedInitializationOfAggregateObjectElement.ql @@ -43,6 +43,8 @@ string getNestedArrayIndexString(Expr e) { | elementIndex ).toString() + "]" + order by + depth desc ) } @@ -95,8 +97,7 @@ predicate hasMultipleInitializerExprsForSameIndex(ArrayAggregateLiteral root, Ex * that initialize the same Field and are part of the same `ClassAggregateLiteral`. * This predicate is therefore unable to distinguish the individual duplicate expressions. */ -predicate hasMultipleInitializerExprsForSameField(ClassAggregateLiteral root, Expr expr, Field f) { - expr = root.getFieldExpr(f) and +predicate hasMultipleInitializerExprsForSameField(ClassAggregateLiteral root, Field f) { count(root.getFieldExpr(f)) > 1 } @@ -116,7 +117,7 @@ where // we cannot distinguish between different aggregate field init expressions. // therefore, we only report the root aggregate rather than any child init expr. // see `hasMultipleInitializerExprsForSameField` documentation. - hasMultipleInitializerExprsForSameField(root, _, f) and + hasMultipleInitializerExprsForSameField(root, f) and e1 = root and e2 = root and elementDescription = f.getQualifiedName() and diff --git a/c/misra/test/rules/RULE-9-4/RepeatedInitializationOfAggregateObjectElement.expected b/c/misra/test/rules/RULE-9-4/RepeatedInitializationOfAggregateObjectElement.expected index 725b5daab7..e50cb4d2c7 100644 --- a/c/misra/test/rules/RULE-9-4/RepeatedInitializationOfAggregateObjectElement.expected +++ b/c/misra/test/rules/RULE-9-4/RepeatedInitializationOfAggregateObjectElement.expected @@ -1,4 +1,4 @@ | test.c:10:16:10:16 | 1 | $@ repeats initialization of element [0], which is already initialized $@. | test.c:9:14:10:26 | {...} | Array aggregate literal | test.c:10:7:10:7 | 0 | here | | test.c:12:28:12:28 | 1 | $@ repeats initialization of element [0][0], which is already initialized $@. | test.c:12:17:16:29 | {...} | Array aggregate literal | test.c:16:28:16:28 | 1 | here | -| test.c:24:34:24:34 | 1 | $@ repeats initialization of element [0][0][0], which is already initialized $@. | test.c:24:20:26:35 | {...} | Array aggregate literal | test.c:26:34:26:34 | 1 | here | +| test.c:25:64:25:64 | 7 | $@ repeats initialization of element [1][1][0], which is already initialized $@. | test.c:24:20:26:35 | {...} | Array aggregate literal | test.c:26:34:26:34 | 1 | here | | test.c:36:17:37:25 | {...} | $@ repeats initialization of element s1::a. | test.c:36:17:37:25 | {...} | Structure aggregate literal | test.c:36:17:37:25 | {...} | here | diff --git a/c/misra/test/rules/RULE-9-4/test.c b/c/misra/test/rules/RULE-9-4/test.c index aae73afb67..7510155577 100644 --- a/c/misra/test/rules/RULE-9-4/test.c +++ b/c/misra/test/rules/RULE-9-4/test.c @@ -23,7 +23,7 @@ void test_arrays(void) { int a7[2][2][2] = {[0][0][0] = 1, [0][0][1] = 2, [0][1][0] = 3, [0][1][1] = 4, [1][0][0] = 5, [1][0][1] = 6, [1][1][0] = 7, [1][1][1] = 8, - [0][0][0] = 1}; // NON_COMPLIANT + [1][1][0] = 1}; // NON_COMPLIANT // - repeated // initialiation // of [0][0][0] diff --git a/rule_packages/c/Memory1.json b/rule_packages/c/Memory1.json index 15a9b389a1..7232b18751 100644 --- a/rule_packages/c/Memory1.json +++ b/rule_packages/c/Memory1.json @@ -10,7 +10,7 @@ "kind": "problem", "name": "The initializer for an aggregate or union shall be enclosed in braces", "precision": "high", - "severity": "warning", + "severity": "recommendation", "short_name": "InitializerForAggregateOrUnionNotEnclosedInBraces", "shared_implementation_short_name": "UseInitializerBracesToMatchAggregateTypeStructure", "tags": [ From 56e6ebdd1cadd67b13686268098e31fa5766dcc3 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Tue, 7 Mar 2023 10:03:32 +0100 Subject: [PATCH 0656/2573] InitializerForAggregateOrUnionNotEnclosedInBrances.ql: update severity --- .../InitializerForAggregateOrUnionNotEnclosedInBraces.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/misra/src/rules/RULE-9-2/InitializerForAggregateOrUnionNotEnclosedInBraces.ql b/c/misra/src/rules/RULE-9-2/InitializerForAggregateOrUnionNotEnclosedInBraces.ql index 4999527fc0..5d7b7981aa 100644 --- a/c/misra/src/rules/RULE-9-2/InitializerForAggregateOrUnionNotEnclosedInBraces.ql +++ b/c/misra/src/rules/RULE-9-2/InitializerForAggregateOrUnionNotEnclosedInBraces.ql @@ -5,7 +5,7 @@ * clarifies intent. * @kind problem * @precision high - * @problem.severity warning + * @problem.severity recommendation * @tags external/misra/id/rule-9-2 * maintainability * readability From 88be9693acb80df3eeae1d0045e8db6b48cb2947 Mon Sep 17 00:00:00 2001 From: Shadi Samadi Date: Tue, 7 Mar 2023 21:23:14 +1100 Subject: [PATCH 0657/2573] Added RULE-14-3 --- .../ControllingExpInvariantCondition.ql | 54 +++++++++++++++++++ .../ControllingExpInvariantCondition.expected | 3 ++ .../ControllingExpInvariantCondition.qlref | 1 + c/misra/test/rules/RULE-14-3/test.c | 17 ++++++ 4 files changed, 75 insertions(+) create mode 100644 c/misra/src/rules/RULE-14-3/ControllingExpInvariantCondition.ql create mode 100644 c/misra/test/rules/RULE-14-3/ControllingExpInvariantCondition.expected create mode 100644 c/misra/test/rules/RULE-14-3/ControllingExpInvariantCondition.qlref create mode 100644 c/misra/test/rules/RULE-14-3/test.c diff --git a/c/misra/src/rules/RULE-14-3/ControllingExpInvariantCondition.ql b/c/misra/src/rules/RULE-14-3/ControllingExpInvariantCondition.ql new file mode 100644 index 0000000000..ba74a7b9e9 --- /dev/null +++ b/c/misra/src/rules/RULE-14-3/ControllingExpInvariantCondition.ql @@ -0,0 +1,54 @@ +/** + * @id c/misra/controlling-exp-invariant-condition + * @name RULE-14-3: Controlling expressions shall not be invariant + * @description If a controlling expression has an invariant value then it is possible that there is + * a programming error. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-14-3 + * correctness + * maintainability + * readability + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +from ControlFlowNode expr, string message +where + not isExcluded(expr, Statements5Package::controllingExpInvariantConditionQuery()) and + ( + exists(IfStmt ifStmt | + ( + ifStmt.getControllingExpr() = expr and + ( + conditionAlwaysFalse(expr) + or + conditionAlwaysTrue(expr) + ) + ) + ) and + message = "Controlling expression in if statement has invariant value." + ) + or + exists(Loop loop | + loop.getControllingExpr() = expr and + ( + conditionAlwaysFalse(expr) + or + conditionAlwaysTrue(expr) + ) + ) and + message = "Controlling expression in loop statement has invariant value." + or + exists(SwitchStmt switch | + switch.getControllingExpr() = expr and + ( + conditionAlwaysFalse(expr) and + conditionAlwaysTrue(expr) + ) + ) and + message = "Controlling expression in switch statement has invariant value." +select expr, message diff --git a/c/misra/test/rules/RULE-14-3/ControllingExpInvariantCondition.expected b/c/misra/test/rules/RULE-14-3/ControllingExpInvariantCondition.expected new file mode 100644 index 0000000000..b328b45d37 --- /dev/null +++ b/c/misra/test/rules/RULE-14-3/ControllingExpInvariantCondition.expected @@ -0,0 +1,3 @@ +| test.c:2:7:2:11 | ... > ... | Controlling expression in if statement has invariant value. | +| test.c:13:10:13:16 | ... > ... | Controlling expression in loop statement has invariant value. | +| test.c:14:9:14:13 | ... > ... | Controlling expression in if statement has invariant value. | diff --git a/c/misra/test/rules/RULE-14-3/ControllingExpInvariantCondition.qlref b/c/misra/test/rules/RULE-14-3/ControllingExpInvariantCondition.qlref new file mode 100644 index 0000000000..807b93cb30 --- /dev/null +++ b/c/misra/test/rules/RULE-14-3/ControllingExpInvariantCondition.qlref @@ -0,0 +1 @@ +rules/RULE-14-3/ControllingExpInvariantCondition.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-14-3/test.c b/c/misra/test/rules/RULE-14-3/test.c new file mode 100644 index 0000000000..9d3ea0088f --- /dev/null +++ b/c/misra/test/rules/RULE-14-3/test.c @@ -0,0 +1,17 @@ +void f1(int p1) { + if (2 > 3) { // NON_COMPLIANT + } + + if (p1 > 0) { // COMPLIANT + } + + if (p1 < 10 && p1 > 20) { // NON_COMPLIANT[FALSE_NEGATIVE] + } +} + +void f2(int p1) { + while (20 > 10) { // NON_COMPLIANT + if (1 > 2) { + } // NON_COMPLIANT + } +} \ No newline at end of file From 7a7ff31ebd005d3b769b2453aa713b5f7407799f Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Tue, 7 Mar 2023 09:29:49 -0500 Subject: [PATCH 0658/2573] file missing --- .../CON40-C/AtomicVariableTwiceInExpression.expected | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/c/cert/test/rules/CON40-C/AtomicVariableTwiceInExpression.expected b/c/cert/test/rules/CON40-C/AtomicVariableTwiceInExpression.expected index 42d3ea924d..ddff311b59 100644 --- a/c/cert/test/rules/CON40-C/AtomicVariableTwiceInExpression.expected +++ b/c/cert/test/rules/CON40-C/AtomicVariableTwiceInExpression.expected @@ -1,6 +1,6 @@ | test.c:7:18:7:39 | ATOMIC_VAR_INIT(value) | Atomic variable possibly referred to twice in an $@. | test.c:33:3:33:10 | ... += ... | expression | | test.c:7:18:7:39 | ATOMIC_VAR_INIT(value) | Atomic variable possibly referred to twice in an $@. | test.c:34:3:34:13 | ... = ... | expression | -| test.c:11:3:11:23 | atomic_store(object,desired) | Atomic variable possibly referred to twice in an $@. | test.c:11:3:11:23 | atomic_store(object,desired) | expression | -| test.c:12:3:12:23 | atomic_store_explicit | Atomic variable possibly referred to twice in an $@. | test.c:12:3:12:23 | atomic_store_explicit | expression | -| test.c:25:3:25:49 | atomic_compare_exchange_weak(object,expected,desired) | Atomic variable possibly referred to twice in an $@. | test.c:25:3:25:49 | atomic_compare_exchange_weak(object,expected,desired) | expression | -| test.c:26:3:26:39 | atomic_compare_exchange_weak_explicit | Atomic variable possibly referred to twice in an $@. | test.c:26:3:26:39 | atomic_compare_exchange_weak_explicit | expression | +| test.c:11:3:11:23 | atomic_store(a,b) | Atomic variable possibly referred to twice in an $@. | test.c:11:3:11:23 | atomic_store(a,b) | expression | +| test.c:12:3:12:35 | atomic_store_explicit(a,b,c) | Atomic variable possibly referred to twice in an $@. | test.c:12:3:12:35 | atomic_store_explicit(a,b,c) | expression | +| test.c:25:3:25:49 | atomic_compare_exchange_weak(a,b,c) | Atomic variable possibly referred to twice in an $@. | test.c:25:3:25:49 | atomic_compare_exchange_weak(a,b,c) | expression | +| test.c:26:3:27:42 | atomic_compare_exchange_weak_explicit(a,b,c,d,e) | Atomic variable possibly referred to twice in an $@. | test.c:26:3:27:42 | atomic_compare_exchange_weak_explicit(a,b,c,d,e) | expression | From b35d032e8d95ac1a41ff14ea6500b7bf62210053 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Tue, 7 Mar 2023 13:58:32 -0500 Subject: [PATCH 0659/2573] updated to use settings --- scripts/matrix_testing/Config.ps1 | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/scripts/matrix_testing/Config.ps1 b/scripts/matrix_testing/Config.ps1 index 27b03b29f6..9ae4bb9600 100644 --- a/scripts/matrix_testing/Config.ps1 +++ b/scripts/matrix_testing/Config.ps1 @@ -1,3 +1,5 @@ +Import-Module -Name "$PSScriptRoot/../PSCodingStandards/CodingStandards" + $COMPILER_MAPPINGS = @{ "cpp" = @{ "clang" = "clang++"; @@ -27,7 +29,7 @@ $COMPILER_ARGS = @{ } -$REQUIRED_CODEQL_VERSION = "2.9.4" +$REQUIRED_CODEQL_VERSION = (Get-Content (Join-Path (Get-RepositoryRoot) "supported_codeql_configs.json") | ConvertFrom-Json).supported_environment.codeql_cli $REPORT_QUERY = @" From 8f29669b57b0d2514ef53d28b7181dcb07afdc9e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jeongsoo=20Lee=20=28=EC=9D=B4=EC=A0=95=EC=88=98=29?= Date: Tue, 7 Mar 2023 11:02:59 -0800 Subject: [PATCH 0660/2573] Update change_notes/2022-02-23-a13-5-2-fix-reported-fp-for-a13-5-2.md Co-authored-by: Luke Cartey <5377966+lcartey@users.noreply.github.com> --- change_notes/2022-02-23-a13-5-2-fix-reported-fp-for-a13-5-2.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/change_notes/2022-02-23-a13-5-2-fix-reported-fp-for-a13-5-2.md b/change_notes/2022-02-23-a13-5-2-fix-reported-fp-for-a13-5-2.md index 736d559ce3..5719e30b1d 100644 --- a/change_notes/2022-02-23-a13-5-2-fix-reported-fp-for-a13-5-2.md +++ b/change_notes/2022-02-23-a13-5-2-fix-reported-fp-for-a13-5-2.md @@ -1 +1 @@ -- Address a false positive on `a13-5-2` where lambda expressions with empty captures were being flagged as having a non-compliant conversion operator. \ No newline at end of file +- `A13-5-2` - address a false positive where lambda expressions with empty captures were being flagged as having a non-compliant conversion operator. \ No newline at end of file From 0aad1c638b0177f5d0ed6dfe71e0719267885bc6 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Tue, 7 Mar 2023 11:50:35 -0800 Subject: [PATCH 0661/2573] Model getchar, Finalize query --- .../CtypeFunctionArgNotUnsignedCharOrEof.ql | 35 +++++++------------ c/misra/test/rules/RULE-21-13/test.c | 16 +++++---- .../cpp/SimpleRangeAnalysisCustomizations.qll | 2 +- 3 files changed, 22 insertions(+), 31 deletions(-) diff --git a/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql b/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql index 01b8334431..a87910063b 100644 --- a/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql +++ b/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql @@ -15,33 +15,22 @@ import codingstandards.c.misra import codingstandards.cpp.ReadErrorsAndEOF import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis -//import semmle.code.cpp.rangeanalysis.RangeAnalysisUtils class CtypeFunction extends Function { CtypeFunction() { this.getADeclaration().getAFile().(HeaderFile).getBaseName() = "ctype.h" } } -/* TODO Under construction */ from FunctionCall ctypeCall where not isExcluded(ctypeCall, - StandardLibraryFunctionTypesPackage::ctypeFunctionArgNotUnsignedCharOrEofQuery()) -// and -// not exists(CtypeFunction ctype, Expr ctypeCallArgument | -// ctype = ctypeCall.getTarget() and -// ctypeCallArgument = ctypeCall.getAnArgument().getExplicitlyConverted() -// | -// /* Case 1: The argument's value should be in the `unsigned char` range. */ -// // Use `.getExplicitlyConverted` to consider inline argument casts. -// -1 <= lowerBound(ctypeCallArgument) and -// upperBound(ctypeCallArgument) <= 255 -// or -// /* Case 2: EOF flows to this argument without modifications. */ -// exists(EOFInvocation eof | -// DataFlow::localFlow(DataFlow::exprNode(eof.getExpr()), DataFlow::exprNode(ctypeCallArgument)) -// ) -// ) -select ctypeCall.getAnArgument(), lowerBound(ctypeCall.getAnArgument()), - upperBound(ctypeCall.getAnArgument()) -// select ctypeCall, -// "The function " + ctypeCall + " accepts an argument " + -// ctypeCall.getAnArgument().toString() + " that is not an unsigned char nor an EOF." + StandardLibraryFunctionTypesPackage::ctypeFunctionArgNotUnsignedCharOrEofQuery()) and + not exists(CtypeFunction ctype, Expr ctypeCallArgument | + ctype = ctypeCall.getTarget() and + ctypeCallArgument = ctypeCall.getAnArgument().getExplicitlyConverted() + | + /* The argument's value should be in the EOF + `unsigned char` range. */ + -1 <= lowerBound(ctypeCallArgument) and upperBound(ctypeCallArgument) <= 255 + ) and + ctypeCall.getBasicBlock().isReachable() +select ctypeCall, + "The function " + ctypeCall + " accepts an argument " + + ctypeCall.getAnArgument().toString() + " that is not an unsigned char nor an EOF." diff --git a/c/misra/test/rules/RULE-21-13/test.c b/c/misra/test/rules/RULE-21-13/test.c index ed6dd66fd6..ab391afc28 100644 --- a/c/misra/test/rules/RULE-21-13/test.c +++ b/c/misra/test/rules/RULE-21-13/test.c @@ -5,33 +5,35 @@ void sample() { unsigned char c1 = 'c'; int r1 = isalnum( c1); // COMPLIANT: ASCII 99 is within unsigned char range of [0, 255] - int r2 = isdigit(EOF); // COMPLIANT: EOF (-1) + int r2 = isalnum(EOF); // COMPLIANT: EOF (-1) int x3 = 256; int x4 = x3; int c3 = x4; int r3 = - islower(c3); // NON_COMPLIANT: is outside unsigned char range of [0, 255] + isalnum(c3); // NON_COMPLIANT: is outside unsigned char range of [0, 255] unsigned char x5 = EOF; unsigned char x6 = x5; int c4 = x6 + 10000; int r4 = - isdigit(c4); // NON_COMPLIANT: is outside unsigned char range of [0, 255] + isalnum(c4); // NON_COMPLIANT: is outside unsigned char range of [0, 255] int c5 = getchar(); - int r5 = isdigit(c5); // COMPLIANT[FALSE_POSITIVE]: library functions like + int r5 = isalnum(c5); // COMPLIANT[FALSE_POSITIVE]: library functions like // getchar needs to be modelled - unsigned char x7 = 1; - char c6; + unsigned char x7; + int c6; if (x7 == 1) { c6 = EOF; } else { c6 = 'c'; } int r6 = - isdigit(c6); // COMPLIANT: either control branch make this call compliant. + isalnum(c6); // COMPLIANT: either control branch make this call compliant + + int r7 = isalnum(EOF); // COMPLIANT: EOF (-1) } int main() { return 0; } \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/SimpleRangeAnalysisCustomizations.qll b/cpp/common/src/codingstandards/cpp/SimpleRangeAnalysisCustomizations.qll index ab6a34584e..469fe9a738 100644 --- a/cpp/common/src/codingstandards/cpp/SimpleRangeAnalysisCustomizations.qll +++ b/cpp/common/src/codingstandards/cpp/SimpleRangeAnalysisCustomizations.qll @@ -159,7 +159,7 @@ private class CastEnumToIntegerSimpleRange extends SimpleRangeAnalysisExpr, Cast */ private class CtypeGetcharFunctionsRange extends SimpleRangeAnalysisExpr, FunctionCall { CtypeGetcharFunctionsRange() { - this.getFile().(HeaderFile).getBaseName() = "stdio.h" and + this.getTarget().getFile().(HeaderFile).getBaseName() = "stdio.h" and this.getTarget().getName().regexpMatch("(fgetc|getc|getchar|)") } From 958c9a4815778c704f82381e3979214145cf3aad Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 7 Mar 2023 23:17:03 +0000 Subject: [PATCH 0662/2573] Rule 20.12: Improve performance This commit optimizes the from-where-select clause of this query, which was highlighted as one of the slowest predicates for our C query suites. This commit makes the following changes: * Avoid repetition of `m.getParameter(i)`, which caused a cross product * Change the way we identify "further expanded macro" * Modify the isExcluded predicate to reference the macro invocation not the macro. --- .../rules/RULE-20-12/MacroParameterUsedAsHashOperand.ql | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/c/misra/src/rules/RULE-20-12/MacroParameterUsedAsHashOperand.ql b/c/misra/src/rules/RULE-20-12/MacroParameterUsedAsHashOperand.ql index 779c14176c..6a66afb74b 100644 --- a/c/misra/src/rules/RULE-20-12/MacroParameterUsedAsHashOperand.ql +++ b/c/misra/src/rules/RULE-20-12/MacroParameterUsedAsHashOperand.ql @@ -19,7 +19,7 @@ import codingstandards.cpp.Macro from FunctionLikeMacro m, MacroInvocation mi, int i, string expanded, string param where - not isExcluded(m, Preprocessor2Package::macroParameterUsedAsHashOperandQuery()) and + not isExcluded(mi, Preprocessor2Package::macroParameterUsedAsHashOperandQuery()) and mi = m.getAnInvocation() and param = m.getParameter(i) and ( @@ -31,9 +31,6 @@ where // This check ensure there is an expansion that is used. expanded = mi.getExpandedArgument(i) and not expanded = "" and - exists(Macro furtherExpandedMacro | - mi.getUnexpandedArgument(i).matches(furtherExpandedMacro.getName() + "%") - ) + not mi.getUnexpandedArgument(i) = mi.getExpandedArgument(i) select m, - "Macro " + m.getName() + " contains use of parameter " + m.getParameter(i) + - " used in multiple contexts." + "Macro " + m.getName() + " contains use of parameter " + param + " used in multiple contexts." From d9188c79dbebc7e98a98974aa83777cc7ad273f9 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 7 Mar 2023 23:25:06 +0000 Subject: [PATCH 0663/2573] Rule 20.12: Add a perf change note. --- change_notes/2023-03-07-20-12-perf.md | 1 + 1 file changed, 1 insertion(+) create mode 100644 change_notes/2023-03-07-20-12-perf.md diff --git a/change_notes/2023-03-07-20-12-perf.md b/change_notes/2023-03-07-20-12-perf.md new file mode 100644 index 0000000000..b42c81ebce --- /dev/null +++ b/change_notes/2023-03-07-20-12-perf.md @@ -0,0 +1 @@ + * `Rule 20.12` - the performance of this rule has been improved. \ No newline at end of file From 2750f695c3348dba83ae3646f55fc5c91bdce1ed Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 8 Mar 2023 10:34:16 +0000 Subject: [PATCH 0664/2573] EssentialTypes: Fix metadata consistency issue --- .../rules/RULE-21-16/MemcmpOnInappropriateEssentialTypeArgs.ql | 2 +- rule_packages/c/EssentialTypes.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/c/misra/src/rules/RULE-21-16/MemcmpOnInappropriateEssentialTypeArgs.ql b/c/misra/src/rules/RULE-21-16/MemcmpOnInappropriateEssentialTypeArgs.ql index cebc30d6be..1a939e920c 100644 --- a/c/misra/src/rules/RULE-21-16/MemcmpOnInappropriateEssentialTypeArgs.ql +++ b/c/misra/src/rules/RULE-21-16/MemcmpOnInappropriateEssentialTypeArgs.ql @@ -1,6 +1,6 @@ /** * @id c/misra/memcmp-on-inappropriate-essential-type-args - * @name RULE-21-16: Do not use memcmp on pointers to characters or composite types such as structs and unions. + * @name RULE-21-16: Do not use memcmp on pointers to characters or composite types such as structs and unions * @description The pointer arguments to the Standard Library function memcmp shall point to either * a pointer type, an essentially signed type, an essentially unsigned type, an * essentially Boolean type or an essentially enum type. diff --git a/rule_packages/c/EssentialTypes.json b/rule_packages/c/EssentialTypes.json index 9bdf0a5fe7..57c7ace1ba 100644 --- a/rule_packages/c/EssentialTypes.json +++ b/rule_packages/c/EssentialTypes.json @@ -218,7 +218,7 @@ { "description": "The pointer arguments to the Standard Library function memcmp shall point to either a pointer type, an essentially signed type, an essentially unsigned type, an essentially Boolean type or an essentially enum type.", "kind": "problem", - "name": "Do not use memcmp on pointers to characters or composite types such as structs and unions.", + "name": "Do not use memcmp on pointers to characters or composite types such as structs and unions", "precision": "very-high", "severity": "error", "short_name": "MemcmpOnInappropriateEssentialTypeArgs", From 1a1dbba84428440b687f4bf23504d9ed5ef7371c Mon Sep 17 00:00:00 2001 From: Shadi Samadi Date: Wed, 8 Mar 2023 21:47:37 +1100 Subject: [PATCH 0665/2573] WIP 15-3 --- .../RULE-15-3/GotoLabelBlockCondition.ql | 66 ++++++++++++++----- c/misra/test/rules/RULE-15-3/test.c | 15 ++++- 2 files changed, 64 insertions(+), 17 deletions(-) diff --git a/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql b/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql index c5980557ba..646d0fb439 100644 --- a/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql +++ b/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql @@ -1,6 +1,6 @@ /** * @id c/misra/goto-label-block-condition - * @name RULE-15-3: The goto statement and any of its label shall be declared or enclosed in the same block. + * @name RULE-15-3: The goto statement and any of its label shall be declared or enclosed in the same block. * @description Any label referenced by a goto statement shall be declared in the same block, or in * any block enclosing the goto statement * @kind problem @@ -15,6 +15,37 @@ import cpp import codingstandards.c.misra +predicate isPartOfSwitch(Stmt goto) { + exists(SwitchStmt switch | switch.getStmt() = goto.getParent()) +} + +Stmt getNextStmt(ControlFlowNode node) { + node.getASuccessor() = result + or + exists(ControlFlowNode other | + node.getASuccessor() = other and other != result and result = getNextStmt(other) + ) +} + +Stmt getPreviousStmt(Stmt s) { s = getNextStmt(result) } + +SwitchCase getSwitchCase(Stmt stmt) { + exists(int index, SwitchStmt switch | + getStmtInSwitch(switch, stmt, index) and getStmtInSwitch(switch, result, index - 1) + ) + or + exists(int index, SwitchStmt switch, Stmt other | + getStmtInSwitch(switch, stmt, index) and + getStmtInSwitch(switch, other, index - 1) and + not other instanceof SwitchCase and + result = getSwitchCase(other) + ) +} + +predicate getStmtInSwitch(SwitchStmt switch, Stmt s, int index) { + switch.getStmt().(BlockStmt).getStmt(index) = s +} + int statementDepth(Stmt statement) { statement.getParent() = statement.getEnclosingFunction().getBlock() and result = 1 or @@ -22,26 +53,29 @@ int statementDepth(Stmt statement) { } predicate test(GotoStmt goto, Stmt target, int m, int n) { - statementDepth(goto) = m and target = goto.getTarget() and statementDepth(target) = n + statementDepth(goto) = m and + target = goto.getTarget() and + statementDepth(target) = n and + isPartOfSwitch(goto) and + getSwitchCase(goto) = getSwitchCase(target) and + m = n } -from GotoStmt goto +from GotoStmt goto, Stmt target, int gotoDepth, int targetDepth where not isExcluded(goto, Statements2Package::gotoLabelBlockConditionQuery()) and - not goto.getEnclosingBlock+() = goto.getTarget().getEnclosingBlock() - or - exists(SwitchStmt switch, int caseLocation, int nextCaseLocation | - switch.getAChild*() = goto and - switch.getASwitchCase().getLocation().getStartLine() = caseLocation and - switch.getASwitchCase().getNextSwitchCase().getLocation().getStartLine() = nextCaseLocation and - goto.getLocation().getStartLine() > caseLocation and - goto.getLocation().getStartLine() < nextCaseLocation and + goto.getTarget() = target and + gotoDepth = statementDepth(goto) and + targetDepth = statementDepth(target) and + targetDepth >= gotoDepth and + ( + targetDepth = gotoDepth + implies ( - goto.getTarget().getLocation().getStartLine() < caseLocation + not isPartOfSwitch(goto) and not goto.getParent() = target.getParent() or - goto.getTarget().getLocation().getStartLine() > nextCaseLocation - ) and - goto.getTarget().getLocation().getStartLine() > switch.getLocation().getStartLine() + isPartOfSwitch(goto) and not getSwitchCase(goto) = getSwitchCase(target) + ) ) select goto, "The $@ statement and its $@ are not declared or enclosed in the same block. test", - goto, "goto", goto.getTarget(), "label" + goto, "goto", target, "label" diff --git a/c/misra/test/rules/RULE-15-3/test.c b/c/misra/test/rules/RULE-15-3/test.c index 666a45cb2c..82b149b326 100644 --- a/c/misra/test/rules/RULE-15-3/test.c +++ b/c/misra/test/rules/RULE-15-3/test.c @@ -66,4 +66,17 @@ void f7(int p) { default: break; } -} \ No newline at end of file +} + +void f8(int p) { + + switch (p) { + case 0: + goto L1; + ; + L1:; // COMPLIANT + break; + default: + break; + } +} From 917c62e1b70d9f4de6a32bb3c9fcdc134cf2bdcd Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 8 Mar 2023 11:24:25 +0000 Subject: [PATCH 0666/2573] Rule 5.8: Improve performance This rule was highlighted as performing poorly as it created an effective cross product on declarations with the same name, which is expensive on some databases. The performance fix is to: (a) Create a predicate which represents all the conflicting identifiers by simply counting the number of declarations and confirming at least on such declaration is external. (b) Use this to create a result table of Declarations that conflict with those identifiers. (c) Implement a "non unique" external identifier class that provides a member predicate to get all the conflicting declarations. The key point here is to prevent the optimiser from doing a join between Declaration.getName() and Declaration.getName(). Instead, the join is between the names of the non-unique external identifiers and the much smaller table of declarations that conflict with at least one such entry. --- ...IdentifiersWithExternalLinkageNotUnique.ql | 35 +++++++++++++++++-- 1 file changed, 32 insertions(+), 3 deletions(-) diff --git a/c/misra/src/rules/RULE-5-8/IdentifiersWithExternalLinkageNotUnique.ql b/c/misra/src/rules/RULE-5-8/IdentifiersWithExternalLinkageNotUnique.ql index ff20ceed18..7406f05f14 100644 --- a/c/misra/src/rules/RULE-5-8/IdentifiersWithExternalLinkageNotUnique.ql +++ b/c/misra/src/rules/RULE-5-8/IdentifiersWithExternalLinkageNotUnique.ql @@ -15,10 +15,39 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.Identifiers -from Declaration de, ExternalIdentifiers e +/** + * Holds if the `identifierName` has conflicting declarations. + */ +predicate isExternalIdentifierNotUnique(string identifierName) { + // More than one declaration with this name + count(Declaration d | d.getName() = identifierName) > 1 and + // At least one declaration is an external identifier + exists(ExternalIdentifiers e | e.getName() = identifierName) +} + +/** + * Holds if the `Declaration` `d` is conflicting with an external identifier. + */ +predicate isConflictingDeclaration(Declaration d, string name) { + isExternalIdentifierNotUnique(name) and + d.getName() = name +} + +/** + * An external identifier which is not uniquely defined in the source code. + */ +class NotUniqueExternalIdentifier extends ExternalIdentifiers { + NotUniqueExternalIdentifier() { isExternalIdentifierNotUnique(getName()) } + + Declaration getAConflictingDeclaration() { + not result = this and + isConflictingDeclaration(result, getName()) + } +} + +from NotUniqueExternalIdentifier e, Declaration de where not isExcluded(de, Declarations6Package::identifiersWithExternalLinkageNotUniqueQuery()) and not isExcluded(e, Declarations6Package::identifiersWithExternalLinkageNotUniqueQuery()) and - not de = e and - de.getName() = e.getName() + de = e.getAConflictingDeclaration() select de, "Identifier conflicts with external identifier $@", e, e.getName() From 6dc320552cc24cbf6f98e1519addb222e9d898ff Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 8 Mar 2023 11:43:30 +0000 Subject: [PATCH 0667/2573] Rule 8.7: Improve performance This rule was identified as containing one of the slowest predicates in our C Coding Standards query suites, and this commit improves the performance. Performance is improved with the following changes: (a) Factoring out a predicate for the repeated calls to getTarget(), to avoid duplication and to create a semantically meaningful predicate which gets the target for a reference to an external identifier. (b) Use the factored out predicate to refine the reference class to only be references to external identifiers. This reduces the size of the class. (c) Create a predicate for computing a table of external identifiers, references to those identifiers and the translation units those exist in. We can then compute this table once, and use it in both the "find me a reference to this external identifier" case and in the "where the external identifier is not referenced in any other translation unit" case. Part (c) is the critical change. Without that, the optimizer was creating an expensive join order in the negation case, where it was effectively creating a cross product of all references to each external identifier, before later excluding on the negation. The use of our predicate in the negation case means we can first create a table of external identifiers and translation units, then apply that in the negation case without cross producting the references. --- .../ShouldNotBeDefinedWithExternalLinkage.ql | 39 ++++++++++++------- 1 file changed, 24 insertions(+), 15 deletions(-) diff --git a/c/misra/src/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.ql b/c/misra/src/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.ql index e5649400c8..824a4cf1cf 100644 --- a/c/misra/src/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.ql +++ b/c/misra/src/rules/RULE-8-7/ShouldNotBeDefinedWithExternalLinkage.ql @@ -20,27 +20,36 @@ import codingstandards.c.misra import codingstandards.cpp.Identifiers import codingstandards.cpp.Scope +ExternalIdentifiers getExternalIdentifierTarget(NameQualifiableElement nqe) { + result = nqe.(Access).getTarget() + or + result = nqe.(FunctionCall).getTarget() +} + /** - * Re-introduce function calls into access description as - * "any reference" + * A reference to an external identifier, either as an `Access` or a `FunctionCall`. */ -class Reference extends NameQualifiableElement { - Reference() { - this instanceof Access or - this instanceof FunctionCall - } +class ExternalIdentifierReference extends NameQualifiableElement { + ExternalIdentifierReference() { exists(getExternalIdentifierTarget(this)) } + + ExternalIdentifiers getExternalIdentifierTarget() { result = getExternalIdentifierTarget(this) } +} + +predicate isReferencedInTranslationUnit( + ExternalIdentifiers e, ExternalIdentifierReference r, TranslationUnit t +) { + r.getExternalIdentifierTarget() = e and + r.getFile() = t } -from ExternalIdentifiers e, Reference a1, TranslationUnit t1 +from ExternalIdentifiers e, ExternalIdentifierReference a1, TranslationUnit t1 where not isExcluded(e, Declarations6Package::shouldNotBeDefinedWithExternalLinkageQuery()) and - (a1.(Access).getTarget() = e or a1.(FunctionCall).getTarget() = e) and - a1.getFile() = t1 and - //not accessed in any other translation unit - not exists(TranslationUnit t2, Reference a2 | - not t1 = t2 and - (a2.(Access).getTarget() = e or a2.(FunctionCall).getTarget() = e) and - a2.getFile() = t2 + isReferencedInTranslationUnit(e, a1, t1) and + // Not referenced in any other translation unit + not exists(TranslationUnit t2 | + isReferencedInTranslationUnit(e, _, t2) and + not t1 = t2 ) select e, "Declaration with external linkage is accessed in only one translation unit $@.", a1, a1.toString() From 51aa4d03d7c13e0d1e88496b4bf88040fb5cdfff Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 8 Mar 2023 12:00:51 +0000 Subject: [PATCH 0668/2573] Add change note. --- change_notes/2023-03-08-identifier-performance.md | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 change_notes/2023-03-08-identifier-performance.md diff --git a/change_notes/2023-03-08-identifier-performance.md b/change_notes/2023-03-08-identifier-performance.md new file mode 100644 index 0000000000..39c2d26bbf --- /dev/null +++ b/change_notes/2023-03-08-identifier-performance.md @@ -0,0 +1,3 @@ + * The performance of the following identifier related rules has been improved: + * MISRA C 2012 `Rule 5.8` + * MISRA C 2012 `Rule 8.7` \ No newline at end of file From c271a9b812baa5a6bf5d0166edde251874b717fc Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 8 Mar 2023 09:18:30 -0500 Subject: [PATCH 0669/2573] merge queues --- .github/workflows/code-scanning-pack-gen.yml | 1 + .github/workflows/codeql_unit_tests.yml | 1 + .github/workflows/extra-rule-validation.yml | 1 + .github/workflows/generate-html-docs.yml | 1 + .github/workflows/standard_library_upgrade_tests.yml | 1 + .github/workflows/tooling-unit-tests.yml | 1 + .github/workflows/validate-coding-standards.yml | 1 + .github/workflows/verify-standard-library-dependencies.yml | 1 + 8 files changed, 8 insertions(+) diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index ca03cb01a5..9cf2b3ebe8 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -1,6 +1,7 @@ name: Code Scanning Query Pack Generation on: + merge_group: pull_request: branches: - main diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index 4d33e933ce..053bea4985 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -1,6 +1,7 @@ name: CodeQL Unit Testing on: + merge_group: push: branches: - main diff --git a/.github/workflows/extra-rule-validation.yml b/.github/workflows/extra-rule-validation.yml index 218d0d171a..1b2c1a3aef 100644 --- a/.github/workflows/extra-rule-validation.yml +++ b/.github/workflows/extra-rule-validation.yml @@ -1,6 +1,7 @@ name: ⚙️ Extra Rule Validation on: + merge_group: push: branches: - main diff --git a/.github/workflows/generate-html-docs.yml b/.github/workflows/generate-html-docs.yml index 1093715ad4..bb12ba8a2b 100644 --- a/.github/workflows/generate-html-docs.yml +++ b/.github/workflows/generate-html-docs.yml @@ -1,6 +1,7 @@ name: Generate HTML documentation on: + merge_group: push: branches: - main diff --git a/.github/workflows/standard_library_upgrade_tests.yml b/.github/workflows/standard_library_upgrade_tests.yml index aac2fd1e0e..df88861b03 100644 --- a/.github/workflows/standard_library_upgrade_tests.yml +++ b/.github/workflows/standard_library_upgrade_tests.yml @@ -2,6 +2,7 @@ name: CodeQL Standard Library Upgrade tests # Run this workflow every time the "supported_codeql_configs.json" file is changed on: + merge_group: pull_request: branches: - main diff --git a/.github/workflows/tooling-unit-tests.yml b/.github/workflows/tooling-unit-tests.yml index d2ed099a2e..840e7c5b97 100644 --- a/.github/workflows/tooling-unit-tests.yml +++ b/.github/workflows/tooling-unit-tests.yml @@ -1,6 +1,7 @@ name: 🧰 Tooling unit tests on: + merge_group: push: branches: - main diff --git a/.github/workflows/validate-coding-standards.yml b/.github/workflows/validate-coding-standards.yml index a57634dfc0..aad7a435b1 100644 --- a/.github/workflows/validate-coding-standards.yml +++ b/.github/workflows/validate-coding-standards.yml @@ -1,6 +1,7 @@ name: Validating Coding Standards on: + merge_group: push: branches: - main diff --git a/.github/workflows/verify-standard-library-dependencies.yml b/.github/workflows/verify-standard-library-dependencies.yml index 91f4a5075b..ab78744e4e 100644 --- a/.github/workflows/verify-standard-library-dependencies.yml +++ b/.github/workflows/verify-standard-library-dependencies.yml @@ -2,6 +2,7 @@ name: Verify Standard Library Dependencies # Run this workflow every time the "supported_codeql_configs.json" file or a "qlpack.yml" file is changed on: + merge_group: pull_request: branches: - main From 0e9bcdde2cc6ab41881a87c7b03746aab66587c9 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 8 Mar 2023 15:41:30 +0100 Subject: [PATCH 0670/2573] FIO38-C FIO47-C FIO42-C tests (#213) * Fix compilation error for FIO38 test * Fix FIO47 expected files * Fix compilation for FIO42-C --- .../FIO38-C/DoNotCopyAFileObject.expected | 10 +-- .../DoNotCopyAFileObject.expected.clang | 5 ++ .../FIO38-C/DoNotCopyAFileObject.expected.gcc | 5 ++ c/cert/test/rules/FIO38-C/test.c | 1 + c/cert/test/rules/FIO38-C/test.c.clang | 43 +++++++++ c/cert/test/rules/FIO38-C/test.c.gcc | 43 +++++++++ c/cert/test/rules/FIO42-C/test.c | 2 +- .../WrongTypeFormatArguments.expected.clang | 90 +++++++++++++++++++ .../WrongTypeFormatArguments.expected.gcc | 90 +++++++++++++++++++ c/cert/test/rules/FIO47-C/test.c | 12 +-- 10 files changed, 289 insertions(+), 12 deletions(-) create mode 100644 c/cert/test/rules/FIO38-C/DoNotCopyAFileObject.expected.clang create mode 100644 c/cert/test/rules/FIO38-C/DoNotCopyAFileObject.expected.gcc create mode 100644 c/cert/test/rules/FIO38-C/test.c.clang create mode 100644 c/cert/test/rules/FIO38-C/test.c.gcc create mode 100644 c/cert/test/rules/FIO47-C/WrongTypeFormatArguments.expected.clang create mode 100644 c/cert/test/rules/FIO47-C/WrongTypeFormatArguments.expected.gcc diff --git a/c/cert/test/rules/FIO38-C/DoNotCopyAFileObject.expected b/c/cert/test/rules/FIO38-C/DoNotCopyAFileObject.expected index f131146842..21bd3a894a 100644 --- a/c/cert/test/rules/FIO38-C/DoNotCopyAFileObject.expected +++ b/c/cert/test/rules/FIO38-C/DoNotCopyAFileObject.expected @@ -1,5 +1,5 @@ -| test.c:10:20:10:26 | * ... | A FILE object is being copied. | -| test.c:17:21:17:30 | * ... | A FILE object is being copied. | -| test.c:23:21:23:31 | * ... | A FILE object is being copied. | -| test.c:29:15:29:21 | * ... | A FILE object is being copied. | -| test.c:42:19:42:28 | * ... | A FILE object is being copied. | \ No newline at end of file +| test.c:11:20:11:26 | * ... | A FILE object is being copied. | +| test.c:18:21:18:30 | * ... | A FILE object is being copied. | +| test.c:24:21:24:31 | * ... | A FILE object is being copied. | +| test.c:30:15:30:21 | * ... | A FILE object is being copied. | +| test.c:43:19:43:28 | * ... | A FILE object is being copied. | diff --git a/c/cert/test/rules/FIO38-C/DoNotCopyAFileObject.expected.clang b/c/cert/test/rules/FIO38-C/DoNotCopyAFileObject.expected.clang new file mode 100644 index 0000000000..50449f4a2f --- /dev/null +++ b/c/cert/test/rules/FIO38-C/DoNotCopyAFileObject.expected.clang @@ -0,0 +1,5 @@ +| test.c:4:20:4:26 | * ... | A FILE object is being copied. | +| test.c:11:21:11:30 | * ... | A FILE object is being copied. | +| test.c:17:21:17:31 | * ... | A FILE object is being copied. | +| test.c:23:15:23:21 | * ... | A FILE object is being copied. | +| test.c:36:19:36:28 | * ... | A FILE object is being copied. | diff --git a/c/cert/test/rules/FIO38-C/DoNotCopyAFileObject.expected.gcc b/c/cert/test/rules/FIO38-C/DoNotCopyAFileObject.expected.gcc new file mode 100644 index 0000000000..50449f4a2f --- /dev/null +++ b/c/cert/test/rules/FIO38-C/DoNotCopyAFileObject.expected.gcc @@ -0,0 +1,5 @@ +| test.c:4:20:4:26 | * ... | A FILE object is being copied. | +| test.c:11:21:11:30 | * ... | A FILE object is being copied. | +| test.c:17:21:17:31 | * ... | A FILE object is being copied. | +| test.c:23:15:23:21 | * ... | A FILE object is being copied. | +| test.c:36:19:36:28 | * ... | A FILE object is being copied. | diff --git a/c/cert/test/rules/FIO38-C/test.c b/c/cert/test/rules/FIO38-C/test.c index 0f0eb111ac..0d77a30dbf 100644 --- a/c/cert/test/rules/FIO38-C/test.c +++ b/c/cert/test/rules/FIO38-C/test.c @@ -1,4 +1,5 @@ #include +// Workaround for the Musl implementing FILE as an incomplete type. #if !defined(__DEFINED_struct__IO_FILE) struct _IO_FILE { char __x; diff --git a/c/cert/test/rules/FIO38-C/test.c.clang b/c/cert/test/rules/FIO38-C/test.c.clang new file mode 100644 index 0000000000..f1b3f616ca --- /dev/null +++ b/c/cert/test/rules/FIO38-C/test.c.clang @@ -0,0 +1,43 @@ +#include + +int f1(void) { + FILE my_stdout = *stdout; // NON_COMPLIANT + return fputs("Hello, World!\n", &my_stdout); +} + +int f2(void) { + FILE *my_stdout; + my_stdout = stdout; // COMPLIANT + FILE my_stdout2 = *my_stdout; // NON_COMPLIANT + return fputs("Hello, World!\n", my_stdout); +} +int f2b(void) { + FILE *const *my_stdout; + my_stdout = &stdout; // COMPLIANT + FILE my_stdout2 = **my_stdout; // NON_COMPLIANT + return fputs("Hello, World!\n", *my_stdout); +} + +int f3(void) { + FILE my_stdout; + my_stdout = *stdout; // NON_COMPLIANT + return fputs("Hello, World!\n", &my_stdout); +} + +int f4(void) { + FILE *my_stdout; + my_stdout = fopen("file.txt", "w"); // COMPLIANT + return fputs("Hello, World!\n", my_stdout); +} + +int f5helper(FILE my_stdout) { return fputs("Hello, World!\n", &my_stdout); } +int f5(void) { + FILE *my_stdout = fopen("file.txt", "w"); // COMPLIANT + return f5helper(*my_stdout); // NON_COMPLIANT +} + +int f6helper(FILE *my_stdout) { return fputs("Hello, World!\n", my_stdout); } +int f6(void) { + FILE *my_stdout = fopen("file.txt", "w"); // COMPLIANT + return f6helper(my_stdout); // COMPLIANT +} diff --git a/c/cert/test/rules/FIO38-C/test.c.gcc b/c/cert/test/rules/FIO38-C/test.c.gcc new file mode 100644 index 0000000000..f1b3f616ca --- /dev/null +++ b/c/cert/test/rules/FIO38-C/test.c.gcc @@ -0,0 +1,43 @@ +#include + +int f1(void) { + FILE my_stdout = *stdout; // NON_COMPLIANT + return fputs("Hello, World!\n", &my_stdout); +} + +int f2(void) { + FILE *my_stdout; + my_stdout = stdout; // COMPLIANT + FILE my_stdout2 = *my_stdout; // NON_COMPLIANT + return fputs("Hello, World!\n", my_stdout); +} +int f2b(void) { + FILE *const *my_stdout; + my_stdout = &stdout; // COMPLIANT + FILE my_stdout2 = **my_stdout; // NON_COMPLIANT + return fputs("Hello, World!\n", *my_stdout); +} + +int f3(void) { + FILE my_stdout; + my_stdout = *stdout; // NON_COMPLIANT + return fputs("Hello, World!\n", &my_stdout); +} + +int f4(void) { + FILE *my_stdout; + my_stdout = fopen("file.txt", "w"); // COMPLIANT + return fputs("Hello, World!\n", my_stdout); +} + +int f5helper(FILE my_stdout) { return fputs("Hello, World!\n", &my_stdout); } +int f5(void) { + FILE *my_stdout = fopen("file.txt", "w"); // COMPLIANT + return f5helper(*my_stdout); // NON_COMPLIANT +} + +int f6helper(FILE *my_stdout) { return fputs("Hello, World!\n", my_stdout); } +int f6(void) { + FILE *my_stdout = fopen("file.txt", "w"); // COMPLIANT + return f6helper(my_stdout); // COMPLIANT +} diff --git a/c/cert/test/rules/FIO42-C/test.c b/c/cert/test/rules/FIO42-C/test.c index daa67792f7..9efafb68a8 100644 --- a/c/cert/test/rules/FIO42-C/test.c +++ b/c/cert/test/rules/FIO42-C/test.c @@ -1,8 +1,8 @@ #include #include #include +#include #include - int f1a(const char *filename) { FILE *f = fopen(filename, "r"); // NON_COMPLIANT if (NULL == f) { diff --git a/c/cert/test/rules/FIO47-C/WrongTypeFormatArguments.expected.clang b/c/cert/test/rules/FIO47-C/WrongTypeFormatArguments.expected.clang new file mode 100644 index 0000000000..f6a8f57da8 --- /dev/null +++ b/c/cert/test/rules/FIO47-C/WrongTypeFormatArguments.expected.clang @@ -0,0 +1,90 @@ +| test.c:376:17:376:30 | v_intmax_t_ptr | This argument should be of type 'int *' but is of type 'long *' | +| test.c:378:17:378:28 | v_size_t_ptr | This argument should be of type 'int *' but is of type 'unsigned long *' | +| test.c:380:17:380:31 | v_ptrdiff_t_ptr | This argument should be of type 'int *' but is of type 'long *' | +| test.c:417:17:417:26 | v_char_ptr | This argument should be of type 'int' but is of type 'char *' | +| test.c:421:18:421:27 | v_char_ptr | This argument should be of type 'int' but is of type 'char *' | +| test.c:425:16:425:25 | v_char_ptr | This argument should be of type 'int' but is of type 'char *' | +| test.c:426:17:426:26 | v_char_ptr | This argument should be of type 'int' but is of type 'char *' | +| test.c:427:18:427:27 | v_char_ptr | This argument should be of type 'int' but is of type 'char *' | +| test.c:428:17:428:26 | v_char_ptr | This argument should be of type 'long' but is of type 'char *' | +| test.c:429:18:429:27 | v_char_ptr | This argument should be of type 'long long' but is of type 'char *' | +| test.c:430:17:430:26 | v_char_ptr | This argument should be of type 'intmax_t' but is of type 'char *' | +| test.c:432:17:432:26 | v_char_ptr | This argument should be of type 'ptrdiff_t' but is of type 'char *' | +| test.c:434:16:434:25 | v_char_ptr | This argument should be of type 'int' but is of type 'char *' | +| test.c:435:17:435:26 | v_char_ptr | This argument should be of type 'int' but is of type 'char *' | +| test.c:436:18:436:27 | v_char_ptr | This argument should be of type 'int' but is of type 'char *' | +| test.c:437:17:437:26 | v_char_ptr | This argument should be of type 'long' but is of type 'char *' | +| test.c:438:18:438:27 | v_char_ptr | This argument should be of type 'long long' but is of type 'char *' | +| test.c:439:17:439:26 | v_char_ptr | This argument should be of type 'intmax_t' but is of type 'char *' | +| test.c:441:17:441:26 | v_char_ptr | This argument should be of type 'ptrdiff_t' but is of type 'char *' | +| test.c:443:16:443:25 | v_char_ptr | This argument should be of type 'unsigned int' but is of type 'char *' | +| test.c:444:17:444:26 | v_char_ptr | This argument should be of type 'unsigned int' but is of type 'char *' | +| test.c:445:18:445:27 | v_char_ptr | This argument should be of type 'unsigned int' but is of type 'char *' | +| test.c:446:17:446:26 | v_char_ptr | This argument should be of type 'unsigned long' but is of type 'char *' | +| test.c:447:18:447:27 | v_char_ptr | This argument should be of type 'unsigned long long' but is of type 'char *' | +| test.c:450:17:450:26 | v_char_ptr | This argument should be of type 'size_t' but is of type 'char *' | +| test.c:454:16:454:25 | v_char_ptr | This argument should be of type 'unsigned int' but is of type 'char *' | +| test.c:455:17:455:26 | v_char_ptr | This argument should be of type 'unsigned int' but is of type 'char *' | +| test.c:456:18:456:27 | v_char_ptr | This argument should be of type 'unsigned int' but is of type 'char *' | +| test.c:457:17:457:26 | v_char_ptr | This argument should be of type 'unsigned long' but is of type 'char *' | +| test.c:458:18:458:27 | v_char_ptr | This argument should be of type 'unsigned long long' but is of type 'char *' | +| test.c:461:17:461:26 | v_char_ptr | This argument should be of type 'size_t' but is of type 'char *' | +| test.c:465:16:465:25 | v_char_ptr | This argument should be of type 'unsigned int' but is of type 'char *' | +| test.c:466:17:466:26 | v_char_ptr | This argument should be of type 'unsigned int' but is of type 'char *' | +| test.c:467:18:467:27 | v_char_ptr | This argument should be of type 'unsigned int' but is of type 'char *' | +| test.c:468:17:468:26 | v_char_ptr | This argument should be of type 'unsigned long' but is of type 'char *' | +| test.c:469:18:469:27 | v_char_ptr | This argument should be of type 'unsigned long long' but is of type 'char *' | +| test.c:472:17:472:26 | v_char_ptr | This argument should be of type 'size_t' but is of type 'char *' | +| test.c:476:16:476:25 | v_char_ptr | This argument should be of type 'unsigned int' but is of type 'char *' | +| test.c:477:17:477:26 | v_char_ptr | This argument should be of type 'unsigned int' but is of type 'char *' | +| test.c:478:18:478:27 | v_char_ptr | This argument should be of type 'unsigned int' but is of type 'char *' | +| test.c:479:17:479:26 | v_char_ptr | This argument should be of type 'unsigned long' but is of type 'char *' | +| test.c:480:18:480:27 | v_char_ptr | This argument should be of type 'unsigned long long' but is of type 'char *' | +| test.c:483:17:483:26 | v_char_ptr | This argument should be of type 'size_t' but is of type 'char *' | +| test.c:487:16:487:25 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:488:17:488:26 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:489:18:489:27 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:490:17:490:26 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:492:16:492:25 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:493:17:493:26 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:494:18:494:27 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:495:17:495:26 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:497:16:497:25 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:498:17:498:26 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:499:18:499:27 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:500:17:500:26 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:502:16:502:25 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:503:17:503:26 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:504:18:504:27 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:505:17:505:26 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:507:16:507:25 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:508:17:508:26 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:509:18:509:27 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:510:17:510:26 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:512:16:512:25 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:513:17:513:26 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:514:18:514:27 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:515:17:515:26 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:517:16:517:25 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:518:17:518:26 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:519:18:519:27 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:520:17:520:26 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:522:16:522:25 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:523:17:523:26 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:524:18:524:27 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:525:17:525:26 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:527:16:527:25 | v_char_ptr | This argument should be of type 'char' but is of type 'char *' | +| test.c:528:17:528:26 | v_char_ptr | This argument should be of type 'wchar_t' but is of type 'char *' | +| test.c:530:16:530:20 | v_int | This argument should be of type 'char *' but is of type 'int' | +| test.c:531:17:531:21 | v_int | This argument should be of type 'wchar_t *' but is of type 'int' | +| test.c:533:16:533:20 | v_int | This argument should be of type 'void *' but is of type 'int' | +| test.c:535:16:535:20 | v_int | This argument should be of type 'int *' but is of type 'int' | +| test.c:536:17:536:21 | v_int | This argument should be of type 'short *' but is of type 'int' | +| test.c:537:18:537:22 | v_int | This argument should be of type 'char *' but is of type 'int' | +| test.c:538:17:538:21 | v_int | This argument should be of type 'long *' but is of type 'int' | +| test.c:539:18:539:22 | v_int | This argument should be of type 'long long *' but is of type 'int' | +| test.c:540:17:540:21 | v_int | This argument should be of type 'int *' but is of type 'int' | +| test.c:541:17:541:21 | v_int | This argument should be of type 'int *' but is of type 'int' | +| test.c:542:17:542:21 | v_int | This argument should be of type 'int *' but is of type 'int' | +| test.c:544:16:544:25 | v_char_ptr | This argument should be of type 'wchar_t' but is of type 'char *' | +| test.c:546:16:546:20 | v_int | This argument should be of type 'wchar_t *' but is of type 'int' | diff --git a/c/cert/test/rules/FIO47-C/WrongTypeFormatArguments.expected.gcc b/c/cert/test/rules/FIO47-C/WrongTypeFormatArguments.expected.gcc new file mode 100644 index 0000000000..f6a8f57da8 --- /dev/null +++ b/c/cert/test/rules/FIO47-C/WrongTypeFormatArguments.expected.gcc @@ -0,0 +1,90 @@ +| test.c:376:17:376:30 | v_intmax_t_ptr | This argument should be of type 'int *' but is of type 'long *' | +| test.c:378:17:378:28 | v_size_t_ptr | This argument should be of type 'int *' but is of type 'unsigned long *' | +| test.c:380:17:380:31 | v_ptrdiff_t_ptr | This argument should be of type 'int *' but is of type 'long *' | +| test.c:417:17:417:26 | v_char_ptr | This argument should be of type 'int' but is of type 'char *' | +| test.c:421:18:421:27 | v_char_ptr | This argument should be of type 'int' but is of type 'char *' | +| test.c:425:16:425:25 | v_char_ptr | This argument should be of type 'int' but is of type 'char *' | +| test.c:426:17:426:26 | v_char_ptr | This argument should be of type 'int' but is of type 'char *' | +| test.c:427:18:427:27 | v_char_ptr | This argument should be of type 'int' but is of type 'char *' | +| test.c:428:17:428:26 | v_char_ptr | This argument should be of type 'long' but is of type 'char *' | +| test.c:429:18:429:27 | v_char_ptr | This argument should be of type 'long long' but is of type 'char *' | +| test.c:430:17:430:26 | v_char_ptr | This argument should be of type 'intmax_t' but is of type 'char *' | +| test.c:432:17:432:26 | v_char_ptr | This argument should be of type 'ptrdiff_t' but is of type 'char *' | +| test.c:434:16:434:25 | v_char_ptr | This argument should be of type 'int' but is of type 'char *' | +| test.c:435:17:435:26 | v_char_ptr | This argument should be of type 'int' but is of type 'char *' | +| test.c:436:18:436:27 | v_char_ptr | This argument should be of type 'int' but is of type 'char *' | +| test.c:437:17:437:26 | v_char_ptr | This argument should be of type 'long' but is of type 'char *' | +| test.c:438:18:438:27 | v_char_ptr | This argument should be of type 'long long' but is of type 'char *' | +| test.c:439:17:439:26 | v_char_ptr | This argument should be of type 'intmax_t' but is of type 'char *' | +| test.c:441:17:441:26 | v_char_ptr | This argument should be of type 'ptrdiff_t' but is of type 'char *' | +| test.c:443:16:443:25 | v_char_ptr | This argument should be of type 'unsigned int' but is of type 'char *' | +| test.c:444:17:444:26 | v_char_ptr | This argument should be of type 'unsigned int' but is of type 'char *' | +| test.c:445:18:445:27 | v_char_ptr | This argument should be of type 'unsigned int' but is of type 'char *' | +| test.c:446:17:446:26 | v_char_ptr | This argument should be of type 'unsigned long' but is of type 'char *' | +| test.c:447:18:447:27 | v_char_ptr | This argument should be of type 'unsigned long long' but is of type 'char *' | +| test.c:450:17:450:26 | v_char_ptr | This argument should be of type 'size_t' but is of type 'char *' | +| test.c:454:16:454:25 | v_char_ptr | This argument should be of type 'unsigned int' but is of type 'char *' | +| test.c:455:17:455:26 | v_char_ptr | This argument should be of type 'unsigned int' but is of type 'char *' | +| test.c:456:18:456:27 | v_char_ptr | This argument should be of type 'unsigned int' but is of type 'char *' | +| test.c:457:17:457:26 | v_char_ptr | This argument should be of type 'unsigned long' but is of type 'char *' | +| test.c:458:18:458:27 | v_char_ptr | This argument should be of type 'unsigned long long' but is of type 'char *' | +| test.c:461:17:461:26 | v_char_ptr | This argument should be of type 'size_t' but is of type 'char *' | +| test.c:465:16:465:25 | v_char_ptr | This argument should be of type 'unsigned int' but is of type 'char *' | +| test.c:466:17:466:26 | v_char_ptr | This argument should be of type 'unsigned int' but is of type 'char *' | +| test.c:467:18:467:27 | v_char_ptr | This argument should be of type 'unsigned int' but is of type 'char *' | +| test.c:468:17:468:26 | v_char_ptr | This argument should be of type 'unsigned long' but is of type 'char *' | +| test.c:469:18:469:27 | v_char_ptr | This argument should be of type 'unsigned long long' but is of type 'char *' | +| test.c:472:17:472:26 | v_char_ptr | This argument should be of type 'size_t' but is of type 'char *' | +| test.c:476:16:476:25 | v_char_ptr | This argument should be of type 'unsigned int' but is of type 'char *' | +| test.c:477:17:477:26 | v_char_ptr | This argument should be of type 'unsigned int' but is of type 'char *' | +| test.c:478:18:478:27 | v_char_ptr | This argument should be of type 'unsigned int' but is of type 'char *' | +| test.c:479:17:479:26 | v_char_ptr | This argument should be of type 'unsigned long' but is of type 'char *' | +| test.c:480:18:480:27 | v_char_ptr | This argument should be of type 'unsigned long long' but is of type 'char *' | +| test.c:483:17:483:26 | v_char_ptr | This argument should be of type 'size_t' but is of type 'char *' | +| test.c:487:16:487:25 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:488:17:488:26 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:489:18:489:27 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:490:17:490:26 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:492:16:492:25 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:493:17:493:26 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:494:18:494:27 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:495:17:495:26 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:497:16:497:25 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:498:17:498:26 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:499:18:499:27 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:500:17:500:26 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:502:16:502:25 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:503:17:503:26 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:504:18:504:27 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:505:17:505:26 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:507:16:507:25 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:508:17:508:26 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:509:18:509:27 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:510:17:510:26 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:512:16:512:25 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:513:17:513:26 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:514:18:514:27 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:515:17:515:26 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:517:16:517:25 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:518:17:518:26 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:519:18:519:27 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:520:17:520:26 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:522:16:522:25 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:523:17:523:26 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:524:18:524:27 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:525:17:525:26 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:527:16:527:25 | v_char_ptr | This argument should be of type 'char' but is of type 'char *' | +| test.c:528:17:528:26 | v_char_ptr | This argument should be of type 'wchar_t' but is of type 'char *' | +| test.c:530:16:530:20 | v_int | This argument should be of type 'char *' but is of type 'int' | +| test.c:531:17:531:21 | v_int | This argument should be of type 'wchar_t *' but is of type 'int' | +| test.c:533:16:533:20 | v_int | This argument should be of type 'void *' but is of type 'int' | +| test.c:535:16:535:20 | v_int | This argument should be of type 'int *' but is of type 'int' | +| test.c:536:17:536:21 | v_int | This argument should be of type 'short *' but is of type 'int' | +| test.c:537:18:537:22 | v_int | This argument should be of type 'char *' but is of type 'int' | +| test.c:538:17:538:21 | v_int | This argument should be of type 'long *' but is of type 'int' | +| test.c:539:18:539:22 | v_int | This argument should be of type 'long long *' but is of type 'int' | +| test.c:540:17:540:21 | v_int | This argument should be of type 'int *' but is of type 'int' | +| test.c:541:17:541:21 | v_int | This argument should be of type 'int *' but is of type 'int' | +| test.c:542:17:542:21 | v_int | This argument should be of type 'int *' but is of type 'int' | +| test.c:544:16:544:25 | v_char_ptr | This argument should be of type 'wchar_t' but is of type 'char *' | +| test.c:546:16:546:20 | v_int | This argument should be of type 'wchar_t *' but is of type 'int' | diff --git a/c/cert/test/rules/FIO47-C/test.c b/c/cert/test/rules/FIO47-C/test.c index 2ae9e02b2f..407191528b 100644 --- a/c/cert/test/rules/FIO47-C/test.c +++ b/c/cert/test/rules/FIO47-C/test.c @@ -17,8 +17,8 @@ unsigned char v_unsigned_char = 42; unsigned long v_unsigned_long = 42; unsigned long long v_unsigned_long_long = 42; uintmax_t v_uintmax_t = 42; -double v_double = 42; -long double v_long_double = 42; +double v_double = 42.0; +long double v_long_double = 42.0; int v_int = 42; wint_t v_wint_t = 42; char *v_char_ptr = "42"; @@ -427,8 +427,8 @@ void test_wrong_arg_type() { printf("%hhd", v_char_ptr); // NON_COMPLIANT printf("%ld", v_char_ptr); // NON_COMPLIANT printf("%lld", v_char_ptr); // NON_COMPLIANT - printf("%jd", v_char_ptr); // NON_COMPLIANT - printf("%zd", v_char_ptr); // NON_COMPLIANT + printf("%jd", v_char_ptr); // NON_COMPLIANT[FALSE_NEGATIVE] + printf("%zd", v_char_ptr); // NON_COMPLIANT[FALSE_NEGATIVE] printf("%td", v_char_ptr); // NON_COMPLIANT printf("%i", v_char_ptr); // NON_COMPLIANT @@ -436,8 +436,8 @@ void test_wrong_arg_type() { printf("%hhi", v_char_ptr); // NON_COMPLIANT printf("%li", v_char_ptr); // NON_COMPLIANT printf("%lli", v_char_ptr); // NON_COMPLIANT - printf("%ji", v_char_ptr); // NON_COMPLIANT - printf("%zi", v_char_ptr); // NON_COMPLIANT + printf("%ji", v_char_ptr); // NON_COMPLIANT[FALSE_NEGATIVE] + printf("%zi", v_char_ptr); // NON_COMPLIANT[FALSE_NEGATIVE] printf("%ti", v_char_ptr); // NON_COMPLIANT printf("%o", v_char_ptr); // NON_COMPLIANT From cc44bd742677c72a25aac795ec3020645126efeb Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 8 Mar 2023 11:16:47 -0500 Subject: [PATCH 0671/2573] this shouldn't run --- .github/workflows/standard_library_upgrade_tests.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/standard_library_upgrade_tests.yml b/.github/workflows/standard_library_upgrade_tests.yml index df88861b03..aac2fd1e0e 100644 --- a/.github/workflows/standard_library_upgrade_tests.yml +++ b/.github/workflows/standard_library_upgrade_tests.yml @@ -2,7 +2,6 @@ name: CodeQL Standard Library Upgrade tests # Run this workflow every time the "supported_codeql_configs.json" file is changed on: - merge_group: pull_request: branches: - main From bf1ee22e9abf7817f401117212dc06433959eb75 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Wed, 8 Mar 2023 23:27:01 +0000 Subject: [PATCH 0672/2573] EssentialTypes: Handle boolean type defs The computation of essential type category was incorrect when the type was a typedef of a boolean. --- c/misra/src/codingstandards/c/misra/EssentialTypes.qll | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll index 3acb041139..697a24513f 100644 --- a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll +++ b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll @@ -78,8 +78,11 @@ private IntegralType stlr(Expr const) { */ EssentialTypeCategory getEssentialTypeCategory(Type type) { exists(Type essentialType | - // Resolve typedefs to ensure - essentialType = type.getUnspecifiedType() + if type instanceof MisraBoolType + then essentialType = type + else + // If not a bool type, resolve the typedefs to determine the actual type + essentialType = type.getUnspecifiedType() | result = EssentiallyBooleanType() and essentialType instanceof MisraBoolType or From 4e477e90f0008f47a6a2c12dec62759885c65c59 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Wed, 8 Mar 2023 23:31:04 +0000 Subject: [PATCH 0673/2573] EssentialTypes: Make switch cases valid Compiler testing showed that the switch cases were not valid as they required a statement. Added breaks to satisfy this condition. --- c/misra/test/rules/RULE-10-3/test.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/c/misra/test/rules/RULE-10-3/test.c b/c/misra/test/rules/RULE-10-3/test.c index 1eb065e58b..30ab2985ae 100644 --- a/c/misra/test/rules/RULE-10-3/test.c +++ b/c/misra/test/rules/RULE-10-3/test.c @@ -131,7 +131,7 @@ void testSwitchCase() { case A: // NON_COMPLIANT case 100: // NON_COMPLIANT case ((unsigned int)200): // NON_COMPLIANT - // case 1.0f: // NON_COMPILABLE + break; // case 1.0f: // NON_COMPILABLE } switch (e1) { @@ -139,7 +139,7 @@ void testSwitchCase() { case A: // COMPLIANT case 100: // NON_COMPLIANT case ((unsigned int)200): // NON_COMPLIANT - // case 1.0f: // NON_COMPILABLE + break; // case 1.0f: // NON_COMPILABLE } switch (s) { @@ -147,7 +147,7 @@ void testSwitchCase() { case A: // NON_COMPLIANT case 100: // COMPLIANT case ((unsigned int)200): // NON_COMPLIANT - // case 1.0f: // NON_COMPILABLE + break; // case 1.0f: // NON_COMPILABLE } switch (u) { @@ -155,7 +155,7 @@ void testSwitchCase() { case A: // NON_COMPLIANT case 100: // COMPLIANT - by exception 1 case ((unsigned int)200): // COMPLIANT - by exception 1 - // case 1.0f: // NON_COMPILABLE + break; // case 1.0f: // NON_COMPILABLE } } From 5e8e2ffd072619c554a161d34dd2bd4faf17ef52 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 9 Mar 2023 01:05:03 +0100 Subject: [PATCH 0674/2573] Fix RULE-8-4 --- .../CompatibleDeclarationObjectDefined.ql | 16 +++++----------- ...CompatibleDeclarationFunctionDefined.expected | 5 +++-- c/misra/test/rules/RULE-8-4/object1.c | 7 +++---- c/misra/test/rules/RULE-8-4/object2.c | 3 +-- c/misra/test/rules/RULE-8-4/test.c | 0 5 files changed, 12 insertions(+), 19 deletions(-) delete mode 100644 c/misra/test/rules/RULE-8-4/test.c diff --git a/c/misra/src/rules/RULE-8-4/CompatibleDeclarationObjectDefined.ql b/c/misra/src/rules/RULE-8-4/CompatibleDeclarationObjectDefined.ql index 7b0e194afb..817539c51c 100644 --- a/c/misra/src/rules/RULE-8-4/CompatibleDeclarationObjectDefined.ql +++ b/c/misra/src/rules/RULE-8-4/CompatibleDeclarationObjectDefined.ql @@ -23,16 +23,10 @@ where not isExcluded(decl1, Declarations4Package::compatibleDeclarationObjectDefinedQuery()) and decl1.isDefinition() and decl1.getDeclaration() instanceof ExternalIdentifiers and - ( - //no declaration matches exactly - not exists(VariableDeclarationEntry decl2 | - not decl2.isDefinition() and decl2.getDeclaration() = decl1.getDeclaration() - ) and - //and none is close enough - not exists(VariableDeclarationEntry decl2 | - not decl2.isDefinition() and - decl1.getVariable().getQualifiedName() = decl2.getVariable().getQualifiedName() and - typesCompatible(decl1.getType(), decl2.getType()) - ) + // no declaration matches + not exists(VariableDeclarationEntry decl2 | + not decl2.isDefinition() and + decl1.getVariable().getQualifiedName() = decl2.getVariable().getQualifiedName() and + typesCompatible(decl1.getType(), decl2.getType()) ) select decl1, "No separate compatible declaration found for this definition." diff --git a/c/misra/test/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.expected b/c/misra/test/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.expected index 9153fafa97..6655c5d6f7 100644 --- a/c/misra/test/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.expected +++ b/c/misra/test/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.expected @@ -1,2 +1,3 @@ -| function2.c:5:6:5:7 | definition of f3 | No separate compatible declaration found for this definition. | -| function2.c:7:6:7:7 | definition of f4 | No separate compatible declaration found for this definition. | +| object1.c:4:12:4:13 | definition of i1 | No separate compatible declaration found for this definition. | +| object1.c:6:5:6:6 | definition of i2 | No separate compatible declaration found for this definition. | +| object2.c:1:7:1:8 | definition of i3 | No separate compatible declaration found for this definition. | diff --git a/c/misra/test/rules/RULE-8-4/object1.c b/c/misra/test/rules/RULE-8-4/object1.c index c37301e56f..7504bb9327 100644 --- a/c/misra/test/rules/RULE-8-4/object1.c +++ b/c/misra/test/rules/RULE-8-4/object1.c @@ -1,11 +1,10 @@ extern int i; -i = 0; // COMPLIANT +int i = 0; // COMPLIANT extern int i1 = 0; // NON_COMPLIANT int i2 = 0; // NON_COMPLIANT -// not detected as `short i3` exists -extern int i3; // NON_COMPLIANT[FALSE_NEGATIVE] +extern int i3; -extern int i4; // COMPLIANT +extern int i4; diff --git a/c/misra/test/rules/RULE-8-4/object2.c b/c/misra/test/rules/RULE-8-4/object2.c index a308f7123b..e432fcb29b 100644 --- a/c/misra/test/rules/RULE-8-4/object2.c +++ b/c/misra/test/rules/RULE-8-4/object2.c @@ -1,4 +1,3 @@ -// not detected as `extern int i3` exists -short i3 = 0; // NON_COMPLIANT[FALSE_NEGATIVE] +short i3 = 0; // NON_COMPLIANT signed int i4 = 0; // COMPLIANT diff --git a/c/misra/test/rules/RULE-8-4/test.c b/c/misra/test/rules/RULE-8-4/test.c deleted file mode 100644 index e69de29bb2..0000000000 From 49b19197e55454eed07c2ebfed82f7a5db424687 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 9 Mar 2023 01:10:50 +0100 Subject: [PATCH 0675/2573] Fix RULE-8-4 expected files --- .../RULE-8-4/CompatibleDeclarationFunctionDefined.expected | 5 ++--- .../RULE-8-4/CompatibleDeclarationObjectDefined.expected | 1 + 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/c/misra/test/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.expected b/c/misra/test/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.expected index 6655c5d6f7..9153fafa97 100644 --- a/c/misra/test/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.expected +++ b/c/misra/test/rules/RULE-8-4/CompatibleDeclarationFunctionDefined.expected @@ -1,3 +1,2 @@ -| object1.c:4:12:4:13 | definition of i1 | No separate compatible declaration found for this definition. | -| object1.c:6:5:6:6 | definition of i2 | No separate compatible declaration found for this definition. | -| object2.c:1:7:1:8 | definition of i3 | No separate compatible declaration found for this definition. | +| function2.c:5:6:5:7 | definition of f3 | No separate compatible declaration found for this definition. | +| function2.c:7:6:7:7 | definition of f4 | No separate compatible declaration found for this definition. | diff --git a/c/misra/test/rules/RULE-8-4/CompatibleDeclarationObjectDefined.expected b/c/misra/test/rules/RULE-8-4/CompatibleDeclarationObjectDefined.expected index f8472b21e0..6655c5d6f7 100644 --- a/c/misra/test/rules/RULE-8-4/CompatibleDeclarationObjectDefined.expected +++ b/c/misra/test/rules/RULE-8-4/CompatibleDeclarationObjectDefined.expected @@ -1,2 +1,3 @@ | object1.c:4:12:4:13 | definition of i1 | No separate compatible declaration found for this definition. | | object1.c:6:5:6:6 | definition of i2 | No separate compatible declaration found for this definition. | +| object2.c:1:7:1:8 | definition of i3 | No separate compatible declaration found for this definition. | From 8a61a0d9967ad08e31a8440e8602a2ae9ca7ce0a Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 9 Mar 2023 01:27:12 +0100 Subject: [PATCH 0676/2573] Rule-8-4 --- .../src/rules/RULE-8-4/CompatibleDeclarationObjectDefined.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/misra/src/rules/RULE-8-4/CompatibleDeclarationObjectDefined.ql b/c/misra/src/rules/RULE-8-4/CompatibleDeclarationObjectDefined.ql index 817539c51c..433597cf4a 100644 --- a/c/misra/src/rules/RULE-8-4/CompatibleDeclarationObjectDefined.ql +++ b/c/misra/src/rules/RULE-8-4/CompatibleDeclarationObjectDefined.ql @@ -26,7 +26,7 @@ where // no declaration matches not exists(VariableDeclarationEntry decl2 | not decl2.isDefinition() and - decl1.getVariable().getQualifiedName() = decl2.getVariable().getQualifiedName() and + decl1.getDeclaration() = decl2.getDeclaration() and typesCompatible(decl1.getType(), decl2.getType()) ) select decl1, "No separate compatible declaration found for this definition." From 0844615534899f2e0dfb0ee7d6ae268a9561c8fb Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 9 Mar 2023 01:53:33 +0100 Subject: [PATCH 0677/2573] Add change notes --- change_notes/2022-03-08-update-to-CodeQL-2.10.5.md | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 change_notes/2022-03-08-update-to-CodeQL-2.10.5.md diff --git a/change_notes/2022-03-08-update-to-CodeQL-2.10.5.md b/change_notes/2022-03-08-update-to-CodeQL-2.10.5.md new file mode 100644 index 0000000000..7b08c18c41 --- /dev/null +++ b/change_notes/2022-03-08-update-to-CodeQL-2.10.5.md @@ -0,0 +1,3 @@ +- `RULE-8-4` - `CompatibleDeclarationObjectDefined.ql` + - Update rule implementation based on changes in the CodeQL libraries. +- Updated the CodeQL version to `2.10.5`. \ No newline at end of file From ddc2892280037c7bf5a889018b0cdc80dda66462 Mon Sep 17 00:00:00 2001 From: s-samadi Date: Thu, 9 Mar 2023 14:03:20 +1100 Subject: [PATCH 0678/2573] WIP 16-7 --- .../SwitchExpressionBoolCondition.ql | 12 ++++--- .../SwitchExpressionBoolCondition.expected | 1 - c/misra/test/rules/RULE-16-7/test.c | 36 +++++++++++++++++++ rule_packages/c/Statements2.json | 11 +++--- 4 files changed, 50 insertions(+), 10 deletions(-) create mode 100644 c/misra/test/rules/RULE-16-7/test.c diff --git a/c/misra/src/rules/RULE-16-7/SwitchExpressionBoolCondition.ql b/c/misra/src/rules/RULE-16-7/SwitchExpressionBoolCondition.ql index 54b143c464..0bc891fe6e 100644 --- a/c/misra/src/rules/RULE-16-7/SwitchExpressionBoolCondition.ql +++ b/c/misra/src/rules/RULE-16-7/SwitchExpressionBoolCondition.ql @@ -1,18 +1,20 @@ /** * @id c/misra/switch-expression-bool-condition * @name RULE-16-7: A switch-expression shall not have essentially Boolean type - * @description + * @description An `if-else` construct is more appropriate for boolean controlled expression. * @kind problem * @precision very-high * @problem.severity error * @tags external/misra/id/rule-16-7 + * readability + * maintainability * external/misra/obligation/required */ import cpp import codingstandards.c.misra +import codingstandards.cpp.SwitchStatement -from -where - not isExcluded(x, Statements2Package::switchExpressionBoolConditionQuery()) and -select +from BooleanSwitchStmt boolSwitch +where not isExcluded(boolSwitch, Statements2Package::switchExpressionBoolConditionQuery()) +select boolSwitch, "Boolean expression used in switch." diff --git a/c/misra/test/rules/RULE-16-7/SwitchExpressionBoolCondition.expected b/c/misra/test/rules/RULE-16-7/SwitchExpressionBoolCondition.expected index 2ec1a0ac6c..e69de29bb2 100644 --- a/c/misra/test/rules/RULE-16-7/SwitchExpressionBoolCondition.expected +++ b/c/misra/test/rules/RULE-16-7/SwitchExpressionBoolCondition.expected @@ -1 +0,0 @@ -No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-16-7/test.c b/c/misra/test/rules/RULE-16-7/test.c new file mode 100644 index 0000000000..31e0a27821 --- /dev/null +++ b/c/misra/test/rules/RULE-16-7/test.c @@ -0,0 +1,36 @@ +void f1(int p1) { + + switch (p1) // COMPLIANT + { + case 1:; + break; + case 2:; + break; + default: + break; + } +} + +void f2(int p1) { + switch (p1 == 1) // NON_COMPLIANT + { + case 0: + break; + case 1: + break; + default: + break; + } +} + +void f3(char *p1) { + switch (p1 == "CODEQL") // NON_COMPLIANT + { + case 0: + break; + case 1: + break; + default: + break; + } +} diff --git a/rule_packages/c/Statements2.json b/rule_packages/c/Statements2.json index 4bb37e2743..8aa44c5091 100644 --- a/rule_packages/c/Statements2.json +++ b/rule_packages/c/Statements2.json @@ -27,9 +27,9 @@ }, "queries": [ { - "description": "Any label referenced by a goto statement shall be declared in the same block, or in any block enclosing the goto statement", + "description": "Any label referenced by a goto statement shall be declared in the same block, or in any block enclosing the goto statement.", "kind": "problem", - "name": "The goto statement and any of its label shall be declared or enclosed in the same block. ", + "name": "The goto statement and any of its label shall be declared or enclosed in the same block", "precision": "high", "severity": "recommendation", "short_name": "GotoLabelBlockCondition", @@ -87,13 +87,16 @@ }, "queries": [ { - "description": "", + "description": "An `if-else` construct is more appropriate for boolean controlled expression.", "kind": "problem", "name": "A switch-expression shall not have essentially Boolean type", "precision": "very-high", "severity": "error", "short_name": "SwitchExpressionBoolCondition", - "tags": [] + "tags": [ + "readability", + "maintainability" + ] } ], "title": "A switch-expression shall not have essentially Boolean type" From 5afb8a0db4773c56231fe1c97bbf64693bfac82b Mon Sep 17 00:00:00 2001 From: s-samadi Date: Thu, 9 Mar 2023 14:09:32 +1100 Subject: [PATCH 0679/2573] formatted 15-3 --- c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql b/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql index 646d0fb439..30b72b441e 100644 --- a/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql +++ b/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql @@ -1,8 +1,8 @@ /** * @id c/misra/goto-label-block-condition - * @name RULE-15-3: The goto statement and any of its label shall be declared or enclosed in the same block. + * @name RULE-15-3: The goto statement and any of its label shall be declared or enclosed in the same block * @description Any label referenced by a goto statement shall be declared in the same block, or in - * any block enclosing the goto statement + * any block enclosing the goto statement. * @kind problem * @precision high * @problem.severity recommendation From d50b84d80bec55bb02d7af1ebd40c2c777911bd1 Mon Sep 17 00:00:00 2001 From: s-samadi Date: Thu, 9 Mar 2023 14:16:41 +1100 Subject: [PATCH 0680/2573] formatted 16-7 --- c/misra/test/rules/RULE-16-3/test.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/c/misra/test/rules/RULE-16-3/test.c b/c/misra/test/rules/RULE-16-3/test.c index c7cae7216c..ade65474f2 100644 --- a/c/misra/test/rules/RULE-16-3/test.c +++ b/c/misra/test/rules/RULE-16-3/test.c @@ -43,8 +43,8 @@ void f2(int p1) { void f3(int p1) { switch (p1) { default: // NON_COMPLIANT - p1++; - case 1: // COMPLIANT + p1++; + case 1: // COMPLIANT break; } -} \ No newline at end of file +} From 8a83f84e01ab6ede611a583283f1de1a9861ab90 Mon Sep 17 00:00:00 2001 From: s-samadi Date: Thu, 9 Mar 2023 15:35:51 +1100 Subject: [PATCH 0681/2573] Renamed query RULE-14-3 --- ...tCondition.ql => ControllingExprInvariant.ql} | 6 ++++-- .../ControllingExpInvariantCondition.qlref | 1 - ...xpected => ControllingExprInvariant.expected} | 1 + .../RULE-14-3/ControllingExprInvariant.qlref | 1 + c/misra/test/rules/RULE-14-3/test.c | 7 +++++-- .../cpp/exclusions/c/Statements5.qll | 16 ++++++++-------- rule_packages/c/Statements5.json | 4 ++-- 7 files changed, 21 insertions(+), 15 deletions(-) rename c/misra/src/rules/RULE-14-3/{ControllingExpInvariantCondition.ql => ControllingExprInvariant.ql} (88%) delete mode 100644 c/misra/test/rules/RULE-14-3/ControllingExpInvariantCondition.qlref rename c/misra/test/rules/RULE-14-3/{ControllingExpInvariantCondition.expected => ControllingExprInvariant.expected} (74%) create mode 100644 c/misra/test/rules/RULE-14-3/ControllingExprInvariant.qlref diff --git a/c/misra/src/rules/RULE-14-3/ControllingExpInvariantCondition.ql b/c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql similarity index 88% rename from c/misra/src/rules/RULE-14-3/ControllingExpInvariantCondition.ql rename to c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql index ba74a7b9e9..436cde3f1c 100644 --- a/c/misra/src/rules/RULE-14-3/ControllingExpInvariantCondition.ql +++ b/c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql @@ -1,5 +1,5 @@ /** - * @id c/misra/controlling-exp-invariant-condition + * @id c/misra/controlling-expr-invariant * @name RULE-14-3: Controlling expressions shall not be invariant * @description If a controlling expression has an invariant value then it is possible that there is * a programming error. @@ -15,10 +15,12 @@ import cpp import codingstandards.c.misra +import cpp +import codingstandards.c.misra from ControlFlowNode expr, string message where - not isExcluded(expr, Statements5Package::controllingExpInvariantConditionQuery()) and + not isExcluded(expr, Statements5Package::controllingExprInvariantQuery()) and ( exists(IfStmt ifStmt | ( diff --git a/c/misra/test/rules/RULE-14-3/ControllingExpInvariantCondition.qlref b/c/misra/test/rules/RULE-14-3/ControllingExpInvariantCondition.qlref deleted file mode 100644 index 807b93cb30..0000000000 --- a/c/misra/test/rules/RULE-14-3/ControllingExpInvariantCondition.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/RULE-14-3/ControllingExpInvariantCondition.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-14-3/ControllingExpInvariantCondition.expected b/c/misra/test/rules/RULE-14-3/ControllingExprInvariant.expected similarity index 74% rename from c/misra/test/rules/RULE-14-3/ControllingExpInvariantCondition.expected rename to c/misra/test/rules/RULE-14-3/ControllingExprInvariant.expected index b328b45d37..7543929f91 100644 --- a/c/misra/test/rules/RULE-14-3/ControllingExpInvariantCondition.expected +++ b/c/misra/test/rules/RULE-14-3/ControllingExprInvariant.expected @@ -1,3 +1,4 @@ | test.c:2:7:2:11 | ... > ... | Controlling expression in if statement has invariant value. | | test.c:13:10:13:16 | ... > ... | Controlling expression in loop statement has invariant value. | | test.c:14:9:14:13 | ... > ... | Controlling expression in if statement has invariant value. | +| test.c:18:20:18:24 | ... < ... | Controlling expression in loop statement has invariant value. | diff --git a/c/misra/test/rules/RULE-14-3/ControllingExprInvariant.qlref b/c/misra/test/rules/RULE-14-3/ControllingExprInvariant.qlref new file mode 100644 index 0000000000..dcee0a35ac --- /dev/null +++ b/c/misra/test/rules/RULE-14-3/ControllingExprInvariant.qlref @@ -0,0 +1 @@ +rules/RULE-14-3/ControllingExprInvariant.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-14-3/test.c b/c/misra/test/rules/RULE-14-3/test.c index 9d3ea0088f..56383beb4e 100644 --- a/c/misra/test/rules/RULE-14-3/test.c +++ b/c/misra/test/rules/RULE-14-3/test.c @@ -9,9 +9,12 @@ void f1(int p1) { } } -void f2(int p1) { +void f2() { while (20 > 10) { // NON_COMPLIANT if (1 > 2) { } // NON_COMPLIANT } -} \ No newline at end of file + + for (int i = 10; i < 5; i++) { // NON_COMPLIANT + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Statements5.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Statements5.qll index cb0eeeff90..d8312d11d7 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Statements5.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Statements5.qll @@ -4,17 +4,17 @@ import RuleMetadata import codingstandards.cpp.exclusions.RuleMetadata newtype Statements5Query = - TControllingExpInvariantConditionQuery() or + TControllingExprInvariantQuery() or TFunctionReturnConditionQuery() or TNonVoidFunctionReturnConditionQuery() predicate isStatements5QueryMetadata(Query query, string queryId, string ruleId, string category) { query = - // `Query` instance for the `controllingExpInvariantCondition` query - Statements5Package::controllingExpInvariantConditionQuery() and + // `Query` instance for the `controllingExprInvariant` query + Statements5Package::controllingExprInvariantQuery() and queryId = - // `@id` for the `controllingExpInvariantCondition` query - "c/misra/controlling-exp-invariant-condition" and + // `@id` for the `controllingExprInvariant` query + "c/misra/controlling-expr-invariant" and ruleId = "RULE-14-3" and category = "required" or @@ -38,11 +38,11 @@ predicate isStatements5QueryMetadata(Query query, string queryId, string ruleId, } module Statements5Package { - Query controllingExpInvariantConditionQuery() { + Query controllingExprInvariantQuery() { //autogenerate `Query` type result = - // `Query` type for `controllingExpInvariantCondition` query - TQueryC(TStatements5PackageQuery(TControllingExpInvariantConditionQuery())) + // `Query` type for `controllingExprInvariant` query + TQueryC(TStatements5PackageQuery(TControllingExprInvariantQuery())) } Query functionReturnConditionQuery() { diff --git a/rule_packages/c/Statements5.json b/rule_packages/c/Statements5.json index 96c0f9a0f5..93a533939b 100644 --- a/rule_packages/c/Statements5.json +++ b/rule_packages/c/Statements5.json @@ -11,7 +11,7 @@ "name": "Controlling expressions shall not be invariant", "precision": "very-high", "severity": "error", - "short_name": "ControllingExpInvariantCondition", + "short_name": "ControllingExprInvariant", "tags": [ "correctness", "maintainability", @@ -65,4 +65,4 @@ "title": "All exit paths from a function with non-void return type shall have an explicit return statement with an expression" } } -} \ No newline at end of file +} From 94a33f6b57d980c3eb559008ad38c19a7f52cb87 Mon Sep 17 00:00:00 2001 From: s-samadi Date: Thu, 9 Mar 2023 15:37:06 +1100 Subject: [PATCH 0682/2573] fixed logical error in RULE-14-3 --- c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql b/c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql index 436cde3f1c..d372d587a4 100644 --- a/c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql +++ b/c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql @@ -48,7 +48,7 @@ where exists(SwitchStmt switch | switch.getControllingExpr() = expr and ( - conditionAlwaysFalse(expr) and + conditionAlwaysFalse(expr) or conditionAlwaysTrue(expr) ) ) and From 8dc56be78a28bc44c23afe5e5911307660c62e8c Mon Sep 17 00:00:00 2001 From: s-samadi Date: Thu, 9 Mar 2023 15:55:30 +1100 Subject: [PATCH 0683/2573] added change notes for alert message formatting --- change_notes/2023-03-09-changed-alert-messages.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 change_notes/2023-03-09-changed-alert-messages.md diff --git a/change_notes/2023-03-09-changed-alert-messages.md b/change_notes/2023-03-09-changed-alert-messages.md new file mode 100644 index 0000000000..4756d7822f --- /dev/null +++ b/change_notes/2023-03-09-changed-alert-messages.md @@ -0,0 +1,2 @@ + - `M6-6-2`: Changed formatting of the alert message. + - `M6-4-2`: Changed formatting of alert message. From 1c9286be889e2461017e54c8a8dcbb1590a898e7 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Thu, 9 Mar 2023 18:24:04 -0500 Subject: [PATCH 0684/2573] Fix FP for issue 215 --- .../rules/DCL51-CPP/UseOfDoubleUnderscoreReservedPrefix.ql | 4 +++- .../DCL51-CPP/UseOfDoubleUnderscoreReservedPrefix.expected | 4 ++-- cpp/cert/test/rules/DCL51-CPP/test.cpp | 7 ++++++- 3 files changed, 11 insertions(+), 4 deletions(-) diff --git a/cpp/cert/src/rules/DCL51-CPP/UseOfDoubleUnderscoreReservedPrefix.ql b/cpp/cert/src/rules/DCL51-CPP/UseOfDoubleUnderscoreReservedPrefix.ql index 4b37f3ec96..4e676e4d70 100644 --- a/cpp/cert/src/rules/DCL51-CPP/UseOfDoubleUnderscoreReservedPrefix.ql +++ b/cpp/cert/src/rules/DCL51-CPP/UseOfDoubleUnderscoreReservedPrefix.ql @@ -33,6 +33,8 @@ predicate isGeneratedByUserMacro(Declaration d) { from Locatable l, string s where not isExcluded(l, NamingPackage::useOfDoubleUnderscoreReservedPrefixQuery()) and + //exclude uses of __func__, which are modelled as LocalVariable declarations + not(l.(LocalVariable).getName() = "__func__") and ( exists(Macro m | l = m and isReservedMacroPrefix(m) and s = m.getName()) or @@ -47,4 +49,4 @@ where ) ) ) -select l, "Name $@ uses the reserved prefix '__'.", l, s +select l, "Name $@ uses the reserved prefix '__'.", l, s \ No newline at end of file diff --git a/cpp/cert/test/rules/DCL51-CPP/UseOfDoubleUnderscoreReservedPrefix.expected b/cpp/cert/test/rules/DCL51-CPP/UseOfDoubleUnderscoreReservedPrefix.expected index 44beebe0d6..3b0a94429a 100644 --- a/cpp/cert/test/rules/DCL51-CPP/UseOfDoubleUnderscoreReservedPrefix.expected +++ b/cpp/cert/test/rules/DCL51-CPP/UseOfDoubleUnderscoreReservedPrefix.expected @@ -1,2 +1,2 @@ -| test.cpp:24:5:24:7 | __x | Name $@ uses the reserved prefix '__'. | test.cpp:24:5:24:7 | __x | __x | -| test.cpp:29:5:29:7 | __x | Name $@ uses the reserved prefix '__'. | test.cpp:29:5:29:7 | __x | __x | +| test.cpp:25:5:25:7 | __x | Name $@ uses the reserved prefix '__'. | test.cpp:25:5:25:7 | __x | __x | +| test.cpp:30:5:30:7 | __x | Name $@ uses the reserved prefix '__'. | test.cpp:30:5:30:7 | __x | __x | diff --git a/cpp/cert/test/rules/DCL51-CPP/test.cpp b/cpp/cert/test/rules/DCL51-CPP/test.cpp index 2bfe811593..028867b88f 100644 --- a/cpp/cert/test/rules/DCL51-CPP/test.cpp +++ b/cpp/cert/test/rules/DCL51-CPP/test.cpp @@ -1,4 +1,5 @@ #include +#include #include "test.h" @@ -35,4 +36,8 @@ F(i); // NON_COMPLIANT - user macro #define FD_SET(X) \ int _##X // NON_COMPLIANT - redefinition of standard library macro -FD_SET(j); // COMPLIANT - standard library macro \ No newline at end of file +FD_SET(j); // COMPLIANT - standard library macro + +void f() { + std::string x = __func__; // COMPLIANT +} \ No newline at end of file From 1161be02bb9a9a1799d966a647240ff097033fb0 Mon Sep 17 00:00:00 2001 From: Shadi Samadi Date: Fri, 10 Mar 2023 11:17:44 +1100 Subject: [PATCH 0685/2573] fixed formatting issues --- ...opriateThreadObjectStorageDurations.md.tmp | 364 ++++++++++++++++++ .../RULE-15-3/GotoLabelBlockCondition.ql | 11 - .../SwitchExpressionBoolCondition.ql | 10 +- .../GotoLabelBlockCondition.expected | 6 +- .../SwitchExpressionBoolCondition.expected | 1 - c/misra/test/rules/RULE-16-7/test.c | 37 ++ .../GotoStatementJumpCondition.expected | 4 - .../M6-6-2/GotoStatementJumpCondition.qlref | 1 - cpp/autosar/test/rules/M6-6-2/test.cpp | 32 -- .../GotoStatementCondition.expected | 5 +- .../rules/gotostatementcondition/test.cpp | 27 ++ .../IfElseTerminationConstruct.expected | 6 +- .../rules/ifelseterminationconstruct/test.cpp | 93 +++-- 13 files changed, 489 insertions(+), 108 deletions(-) create mode 100644 c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.md.tmp create mode 100644 c/misra/test/rules/RULE-16-7/test.c delete mode 100644 cpp/autosar/test/rules/M6-6-2/GotoStatementJumpCondition.expected delete mode 100644 cpp/autosar/test/rules/M6-6-2/GotoStatementJumpCondition.qlref delete mode 100644 cpp/autosar/test/rules/M6-6-2/test.cpp diff --git a/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.md.tmp b/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.md.tmp new file mode 100644 index 0000000000..5ade8c902a --- /dev/null +++ b/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.md.tmp @@ -0,0 +1,364 @@ + +## Description +Accessing the automatic or thread-local variables of one thread from another thread is [implementation-defined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation-definedbehavior) and can cause invalid memory accesses because the execution of threads can be interwoven within the constraints of the synchronization model. As a result, the referenced stack frame or thread-local variable may no longer be valid when another thread tries to access it. Shared static variables can be protected by thread synchronization mechanisms. + +However, automatic (local) variables cannot be shared in the same manner because the referenced stack frame's thread would need to stop executing, or some other mechanism must be employed to ensure that the referenced stack frame is still valid. Do not access automatic or thread-local objects from a thread other than the one with which the object is associated. See [DCL30-C. Declare objects with appropriate storage durations](https://wiki.sei.cmu.edu/confluence/display/c/DCL30-C.+Declare+objects+with+appropriate+storage+durations) for information on how to declare objects with appropriate storage durations when data is not being shared between threads. + +Noncompliant Code Example (Automatic Storage Duration) + +This noncompliant code example passes the address of a variable to a child thread, which prints it out. The variable has automatic storage duration. Depending on the execution order, the child thread might reference the variable after the variable's lifetime in the parent thread. This would cause the child thread to access an invalid memory location. + +```cpp +#include +#include + +int child_thread(void *val) { + int *res = (int *)val; + printf("Result: %d\n", *res); + return 0; +} + +void create_thread(thrd_t *tid) { + int val = 1; + if (thrd_success != thrd_create(tid, child_thread, &val)) { + /* Handle error */ + } +} + +int main(void) { + thrd_t tid; + create_thread(&tid); + + if (thrd_success != thrd_join(tid, NULL)) { + /* Handle error */ + } + return 0; +} + +``` + +## Noncompliant Code Example (Automatic Storage Duration) +One practice is to ensure that all objects with automatic storage duration shared between threads are declared such that their lifetime extends past the lifetime of the threads. This can be accomplished using a thread synchronization mechanism, such as `thrd_join()`. In this code example, `val` is declared in `main()`, where `thrd_join()` is called. Because the parent thread waits until the child thread completes before continuing its execution, the shared objects have a lifetime at least as great as the thread. + +```cpp +#include +#include + +int child_thread(void *val) { + int *result = (int *)val; + printf("Result: %d\n", *result); /* Correctly prints 1 */ + return 0; +} + +void create_thread(thrd_t *tid, int *val) { + if (thrd_success != thrd_create(tid, child_thread, val)) { + /* Handle error */ + } +} + +int main(void) { + int val = 1; + thrd_t tid; + create_thread(&tid, &val); + if (thrd_success != thrd_join(tid, NULL)) { + /* Handle error */ + } + return 0; +} +``` + +## +However, the C Standard, 6.2.4 paragraphs 4 and 5 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography)\], states: + +> The result of attempting to indirectly access an object with thread storage duration from a thread other than the one with which the object is associated is implementation-defined. . . . + + +The result of attempting to indirectly access an object with automatic storage duration from a thread other than the one with which the object is associated is implementation-defined. + +Therefore this example relies on [implementation-defined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation-definedbehavior) and is nonportable. + +## Compliant Solution (Static Storage Duration) +This compliant solution stores the value in an object having static storage duration. The lifetime of this object is the entire execution of the program; consequently, it can be safely accessed by any thread. + +```cpp +#include +#include + +int child_thread(void *v) { + int *result = (int *)v; + printf("Result: %d\n", *result); /* Correctly prints 1 */ + return 0; +} + +void create_thread(thrd_t *tid) { + static int val = 1; + if (thrd_success != thrd_create(tid, child_thread, &val)) { + /* Handle error */ + } +} + +int main(void) { + thrd_t tid; + create_thread(&tid); + if (thrd_success != thrd_join(tid, NULL)) { + /* Handle error */ + } + return 0; +} + +``` + +## Compliant Solution (Allocated Storage Duration) +This compliant solution stores the value passed to the child thread in a dynamically allocated object. Because this object will persist until explicitly freed, the child thread can safely access its value. + +```cpp +#include +#include +#include + +int child_thread(void *val) { + int *result = (int *)val; + printf("Result: %d\n", *result); /* Correctly prints 1 */ + return 0; +} + +void create_thread(thrd_t *tid, int *value) { + *value = 1; + if (thrd_success != thrd_create(tid, child_thread, + value)) { + /* Handle error */ + } +} + +int main(void) { + thrd_t tid; + int *value = (int *)malloc(sizeof(int)); + if (!value) { + /* Handle error */ + } + create_thread(&tid, value); + if (thrd_success != thrd_join(tid, NULL)) { + /* Handle error */ + } + free(value); + return 0; +} + +``` + +## Noncompliant Code Example (Thread-Specific Storage) +In this noncompliant code example, the value is stored in thread-specific storage of the parent thread. However, because thread-specific data is available only to the thread that stores it, the `child_thread()` function will set `result` to a null value. + +```cpp +#include +#include +#include + +static tss_t key; + +int child_thread(void *v) { + void *result = tss_get(*(tss_t *)v); + printf("Result: %d\n", *(int *)result); + return 0; +} + +int create_thread(void *thrd) { + int *val = (int *)malloc(sizeof(int)); + if (val == NULL) { + /* Handle error */ + } + *val = 1; + if (thrd_success != tss_set(key, val)) { + /* Handle error */ + } + if (thrd_success != thrd_create((thrd_t *)thrd, + child_thread, &key)) { + /* Handle error */ + } + return 0; +} + +int main(void) { + thrd_t parent_tid, child_tid; + + if (thrd_success != tss_create(&key, free)) { + /* Handle error */ + } + if (thrd_success != thrd_create(&parent_tid, create_thread, + &child_tid)) { + /* Handle error */ + } + if (thrd_success != thrd_join(parent_tid, NULL)) { + /* Handle error */ + } + if (thrd_success != thrd_join(child_tid, NULL)) { + /* Handle error */ + } + tss_delete(key); + return 0; +} +``` + +## Compliant Solution (Thread-Specific Storage) +This compliant solution illustrates how thread-specific storage can be combined with a call to a thread synchronization mechanism, such as `thrd_join()`. Because the parent thread waits until the child thread completes before continuing its execution, the child thread is guaranteed to access a valid live object. + +```cpp +#include +#include +#include + +static tss_t key; + +int child_thread(void *v) { + int *result = v; + printf("Result: %d\n", *result); /* Correctly prints 1 */ + return 0; +} + +int create_thread(void *thrd) { + int *val = (int *)malloc(sizeof(int)); + if (val == NULL) { + /* Handle error */ + } + *val = 1; + if (thrd_success != tss_set(key, val)) { + /* Handle error */ + } + /* ... */ + void *v = tss_get(key); + if (thrd_success != thrd_create((thrd_t *)thrd, + child_thread, v)) { + /* Handle error */ + } + return 0; +} + +int main(void) { + thrd_t parent_tid, child_tid; + + if (thrd_success != tss_create(&key, free)) { + /* Handle error */ + } + if (thrd_success != thrd_create(&parent_tid, create_thread, + &child_tid)) { + /* Handle error */ + } + if (thrd_success != thrd_join(parent_tid, NULL)) { + /* Handle error */ + } + if (thrd_success != thrd_join(child_tid, NULL)) { + /* Handle error */ + } + tss_delete(key); +return 0; +} +``` +This compliant solution uses pointer-to-integer and integer-to-pointer conversions, which have implementation-defined behavior. (See [INT36-C. Converting a pointer to integer or integer to pointer](https://wiki.sei.cmu.edu/confluence/display/c/INT36-C.+Converting+a+pointer+to+integer+or+integer+to+pointer).) + +## Compliant Solution (Thread-Local Storage, Windows, Visual Studio) +Similar to the preceding compliant solution, this compliant solution uses thread-local storage combined with thread synchronization to ensure the child thread is accessing a valid live object. It uses the Visual Studio–specific [__declspec(thread)](http://msdn.microsoft.com/en-us/library/9w1sdazb.aspx) language extension to provide the thread-local storage and the `[WaitForSingleObject()](http://msdn.microsoft.com/en-us/library/windows/desktop/ms687032(v=vs.85).aspx)` API to provide the synchronization. + +```cpp +#include +#include + +DWORD WINAPI child_thread(LPVOID v) { + int *result = (int *)v; + printf("Result: %d\n", *result); /* Correctly prints 1 */ + return NULL; +} + +int create_thread(HANDLE *tid) { + /* Declare val as a thread-local value */ + __declspec(thread) int val = 1; + *tid = create_thread(NULL, 0, child_thread, &val, 0, NULL); + return *tid == NULL; +} + +int main(void) { + HANDLE tid; + + if (create_thread(&tid)) { + /* Handle error */ + } + + if (WAIT_OBJECT_0 != WaitForSingleObject(tid, INFINITE)) { + /* Handle error */ + } + CloseHandle(tid); + + return 0; +} + +``` + +## Noncompliant Code Example (OpenMP, parallel) +It is important to note that local data can be used securely with threads when using other thread interfaces, so the programmer need not always copy data into nonlocal memory when sharing data with threads. For example, the `shared` keyword in *®    The OpenMP API Specification for Parallel Programming* \[[OpenMP](http://openmp.org/wp/)\] can be used in combination with OpenMP's threading interface to share local memory without having to worry about whether local automatic variables remain valid. + +In this noncompliant code example, a variable `j` is declared outside a `parallel` `#pragma` and not listed as a private variable. In OpenMP, variables outside a `parallel #pragma` are shared unless designated as `private`. + +```cpp +#include +#include + +int main(void) { + int j = 0; + #pragma omp parallel + { + int t = omp_get_thread_num(); + printf("Running thread - %d\n", t); + for (int i = 0; i < 5050; i++) { + j++; /* j not private; could be a race condition */ + } + printf("Just ran thread - %d\n", t); + printf("loop count %d\n", j); + } +return 0; +} +``` + +## Compliant Solution (OpenMP, parallel, private) +In this compliant solution, the variable `j` is declared outside of the `parallel` `#pragma` but is explicitly labeled as `private`: + +```cpp +#include +#include + +int main(void) { + int j = 0; + #pragma omp parallel private(j) + { + int t = omp_get_thread_num(); + printf("Running thread - %d\n", t); + for (int i = 0; i < 5050; i++) { + j++; + } + printf("Just ran thread - %d\n", t); + printf("loop count %d\n", j); + } +return 0; +} +``` + +## Risk Assessment +Threads that reference the stack of other threads can potentially overwrite important information on the stack, such as function pointers and return addresses. The compiler may not generate warnings if the programmer allows one thread to access another thread's local variables, so a programmer may not catch a potential error at compile time. The remediation cost for this error is high because analysis tools have difficulty diagnosing problems with concurrency and race conditions. + +
    Recommendation Severity Likelihood Remediation Cost Priority Level
    CON34-C Medium Probable High P4 L3
    + + +## Automated Detection +
    Tool Version Checker Description
    CodeSonar 7.2p0 CONCURRENCY.LOCALARG Local Variable Passed to Thread
    Helix QAC 2022.4 DF4926, DF4927, DF4928
    Parasoft C/C++test 2022.2 CERT_C-CON34-a Declare objects shared between POSIX threads with appropriate storage durations
    Polyspace Bug Finder R2022b CERT C: Rule CON34-C Checks for automatic or thread local variable escaping from a C11 thread (rule fully covered)
    PRQA QA-C 9.7 4926, 4927, 4928 Enforced by QAC
    + + +## Related Vulnerabilities +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+CON34-C). + +## Related Guidelines +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
    Taxonomy Taxonomy item Relationship
    CERT C Secure Coding Standard DCL30-C. Declare objects with appropriate storage durations Prior to 2018-01-12: CERT: Unspecified Relationship
    + + +## Bibliography +
    \[ ISO/IEC 9899:2011 \] 6.2.4, "Storage Durations of Objects"
    \[ OpenMP \] ® The OpenMP API Specification for Parallel Programming
    + diff --git a/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql b/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql index 646d0fb439..38dc16bcd2 100644 --- a/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql +++ b/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql @@ -27,8 +27,6 @@ Stmt getNextStmt(ControlFlowNode node) { ) } -Stmt getPreviousStmt(Stmt s) { s = getNextStmt(result) } - SwitchCase getSwitchCase(Stmt stmt) { exists(int index, SwitchStmt switch | getStmtInSwitch(switch, stmt, index) and getStmtInSwitch(switch, result, index - 1) @@ -52,15 +50,6 @@ int statementDepth(Stmt statement) { statementDepth(statement.getParent()) + 1 = result } -predicate test(GotoStmt goto, Stmt target, int m, int n) { - statementDepth(goto) = m and - target = goto.getTarget() and - statementDepth(target) = n and - isPartOfSwitch(goto) and - getSwitchCase(goto) = getSwitchCase(target) and - m = n -} - from GotoStmt goto, Stmt target, int gotoDepth, int targetDepth where not isExcluded(goto, Statements2Package::gotoLabelBlockConditionQuery()) and diff --git a/c/misra/src/rules/RULE-16-7/SwitchExpressionBoolCondition.ql b/c/misra/src/rules/RULE-16-7/SwitchExpressionBoolCondition.ql index 54b143c464..8366f5f60e 100644 --- a/c/misra/src/rules/RULE-16-7/SwitchExpressionBoolCondition.ql +++ b/c/misra/src/rules/RULE-16-7/SwitchExpressionBoolCondition.ql @@ -1,7 +1,7 @@ /** * @id c/misra/switch-expression-bool-condition * @name RULE-16-7: A switch-expression shall not have essentially Boolean type - * @description + * @description * @kind problem * @precision very-high * @problem.severity error @@ -11,8 +11,8 @@ import cpp import codingstandards.c.misra +import codingstandards.cpp.SwitchStatement -from -where - not isExcluded(x, Statements2Package::switchExpressionBoolConditionQuery()) and -select +from BooleanSwitchStmt switch +where not isExcluded(switch, Statements2Package::switchExpressionBoolConditionQuery()) +select switch, "The condition of this $@ statement has boolean type", switch, "switch" diff --git a/c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.expected b/c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.expected index 9a81d6f434..7ddb3fe509 100644 --- a/c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.expected +++ b/c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.expected @@ -1,3 +1,3 @@ -| test.c:2:3:2:10 | goto ... | The $@ statement and its $@ are not declared or enclosed in the same block. | test.c:2:3:2:10 | goto ... | goto | test.c:4:3:4:5 | label ...: | label | -| test.c:37:3:37:10 | goto ... | The $@ statement and its $@ are not declared or enclosed in the same block. | test.c:37:3:37:10 | goto ... | goto | test.c:41:3:41:5 | label ...: | label | -| test.c:52:5:52:12 | goto ... | The $@ statement and its $@ are not declared or enclosed in the same block. | test.c:52:5:52:12 | goto ... | goto | test.c:55:3:55:5 | label ...: | label | +| test.c:2:3:2:10 | goto ... | The $@ statement and its $@ are not declared or enclosed in the same block. test | test.c:2:3:2:10 | goto ... | goto | test.c:4:3:4:5 | label ...: | label | +| test.c:37:3:37:10 | goto ... | The $@ statement and its $@ are not declared or enclosed in the same block. test | test.c:37:3:37:10 | goto ... | goto | test.c:41:3:41:5 | label ...: | label | +| test.c:52:5:52:12 | goto ... | The $@ statement and its $@ are not declared or enclosed in the same block. test | test.c:52:5:52:12 | goto ... | goto | test.c:55:3:55:5 | label ...: | label | diff --git a/c/misra/test/rules/RULE-16-7/SwitchExpressionBoolCondition.expected b/c/misra/test/rules/RULE-16-7/SwitchExpressionBoolCondition.expected index 2ec1a0ac6c..e69de29bb2 100644 --- a/c/misra/test/rules/RULE-16-7/SwitchExpressionBoolCondition.expected +++ b/c/misra/test/rules/RULE-16-7/SwitchExpressionBoolCondition.expected @@ -1 +0,0 @@ -No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-16-7/test.c b/c/misra/test/rules/RULE-16-7/test.c new file mode 100644 index 0000000000..74b394bc6d --- /dev/null +++ b/c/misra/test/rules/RULE-16-7/test.c @@ -0,0 +1,37 @@ + +void f1(int p1) { + + switch (p1) // COMPLIANT + { + case 1: + break; + case 2: + break; + default: + break; + } +} + +void f2(int p1) { + switch (p1 == 1) // NON_COMPLIANT + { + case 0: + break; + case 1: + break; + default: + break; + } +} + +void f3(char *p1) { + switch (p1 == "CODEQL") // NON_COMPLIANT + { + case 0: + break; + case 1: + break; + default: + break; + } +} \ No newline at end of file diff --git a/cpp/autosar/test/rules/M6-6-2/GotoStatementJumpCondition.expected b/cpp/autosar/test/rules/M6-6-2/GotoStatementJumpCondition.expected deleted file mode 100644 index dba183caaf..0000000000 --- a/cpp/autosar/test/rules/M6-6-2/GotoStatementJumpCondition.expected +++ /dev/null @@ -1,4 +0,0 @@ -| test.cpp:7:3:7:11 | goto ... | The $@ statement jumps to a $@ that is not declared later in the same function. | test.cpp:7:3:7:11 | goto ... | bad | test.cpp:3:1:3:4 | label ...: | label ...: | -| test.cpp:21:3:21:11 | goto ... | The $@ statement jumps to a $@ that is not declared later in the same function. | test.cpp:21:3:21:11 | goto ... | bad | test.cpp:17:1:17:4 | label ...: | label ...: | -| test.cpp:24:3:24:13 | goto ... | The $@ statement jumps to a $@ that is not declared later in the same function. | test.cpp:24:3:24:13 | goto ... | sobad | test.cpp:15:1:15:6 | label ...: | label ...: | -| test.cpp:31:3:31:11 | goto ... | The $@ statement jumps to a $@ that is not declared later in the same function. | test.cpp:31:3:31:11 | goto ... | bad | test.cpp:29:1:29:4 | label ...: | label ...: | diff --git a/cpp/autosar/test/rules/M6-6-2/GotoStatementJumpCondition.qlref b/cpp/autosar/test/rules/M6-6-2/GotoStatementJumpCondition.qlref deleted file mode 100644 index d66c789012..0000000000 --- a/cpp/autosar/test/rules/M6-6-2/GotoStatementJumpCondition.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M6-6-2/GotoStatementJumpCondition.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M6-6-2/test.cpp b/cpp/autosar/test/rules/M6-6-2/test.cpp deleted file mode 100644 index e942077efd..0000000000 --- a/cpp/autosar/test/rules/M6-6-2/test.cpp +++ /dev/null @@ -1,32 +0,0 @@ -void test_goto_jump_forward_back() { - int i = 5; -bad: - if (i < 10) { - goto good; // GOOD - } - goto bad; // BAD - -good: - i++; -} - -void test_goto_mix_validity() { - int i = 5; -sobad: - i = i * i; -bad: - if (i < 10) { - goto good; // GOOD - } - goto bad; // BAD -good: - i++; - goto sobad; // BAD -} - -void test_goto_jumpsameline_invalid() { - int i = 3; -bad: - i = 4; - goto bad; // BAD -} \ No newline at end of file diff --git a/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.expected b/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.expected index 2ec1a0ac6c..c1b2f35eda 100644 --- a/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.expected +++ b/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.expected @@ -1 +1,4 @@ -No expected results have yet been specified \ No newline at end of file +| test.cpp:7:3:7:10 | goto ... | The $@ statement jumps to a $@ that is not declared later in the same function. | test.cpp:7:3:7:10 | goto ... | l1 | test.cpp:3:1:3:3 | label ...: | label ...: | +| test.cpp:19:3:19:10 | goto ... | The $@ statement jumps to a $@ that is not declared later in the same function. | test.cpp:19:3:19:10 | goto ... | l2 | test.cpp:15:1:15:3 | label ...: | label ...: | +| test.cpp:21:3:21:10 | goto ... | The $@ statement jumps to a $@ that is not declared later in the same function. | test.cpp:21:3:21:10 | goto ... | l1 | test.cpp:14:1:14:3 | label ...: | label ...: | +| test.cpp:26:3:26:10 | goto ... | The $@ statement jumps to a $@ that is not declared later in the same function. | test.cpp:26:3:26:10 | goto ... | l1 | test.cpp:25:1:25:3 | label ...: | label ...: | diff --git a/cpp/common/test/rules/gotostatementcondition/test.cpp b/cpp/common/test/rules/gotostatementcondition/test.cpp index e69de29bb2..225c1b32f6 100644 --- a/cpp/common/test/rules/gotostatementcondition/test.cpp +++ b/cpp/common/test/rules/gotostatementcondition/test.cpp @@ -0,0 +1,27 @@ +void f1(int p1) { + +l1: + if (p1) { + goto l2; // COMPLIANT + } + goto l1; // NON_COMPLIANT + +l2:; +} + +void f2(int p1) { + +l1:; +l2: + if (p1) { + goto l3; // COMPLIANT + } + goto l2; // NON_COMPLIANT +l3: + goto l1; // NON_COMPLIANT +} + +void f3() { +l1: + goto l1; // NON_COMPLIANT +} \ No newline at end of file diff --git a/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.expected b/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.expected index 0d14bfa016..bcbc388ca6 100644 --- a/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.expected +++ b/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.expected @@ -1,3 +1,3 @@ -| test.cpp:23:3:27:3 | if (...) ... | The $@ construct does not terminate with else statement. | test.cpp:23:3:27:3 | if (...) ... | `if...else` | -| test.cpp:43:5:47:5 | if (...) ... | The $@ construct does not terminate with else statement. | test.cpp:43:5:47:5 | if (...) ... | `if...else` | -| test.cpp:57:3:67:3 | if (...) ... | The $@ construct does not terminate with else statement. | test.cpp:57:3:67:3 | if (...) ... | `if...else` | +| test.cpp:21:5:25:5 | if (...) ... | The $@ construct does not terminate with else statement. | test.cpp:21:5:25:5 | if (...) ... | `if...else` | +| test.cpp:41:7:45:7 | if (...) ... | The $@ construct does not terminate with else statement. | test.cpp:41:7:45:7 | if (...) ... | `if...else` | +| test.cpp:55:5:65:5 | if (...) ... | The $@ construct does not terminate with else statement. | test.cpp:55:5:65:5 | if (...) ... | `if...else` | diff --git a/cpp/common/test/rules/ifelseterminationconstruct/test.cpp b/cpp/common/test/rules/ifelseterminationconstruct/test.cpp index bf8d1d6da3..ccb59b6ca0 100644 --- a/cpp/common/test/rules/ifelseterminationconstruct/test.cpp +++ b/cpp/common/test/rules/ifelseterminationconstruct/test.cpp @@ -10,59 +10,58 @@ void test_ifelse_valid(int expression) { } else { k = j * j; } -} - -void test_ifelse_mix_validity(int expression) { - int i = 4; - int j = 7; - int k; + void test_ifelse_mix_validity(int expression) { + int i = 4; + int j = 7; + int k; - if (expression > 0) { // GOOD - k = i * i; - } - if (expression > 10) { // BAD - k = i + j; - } else if (expression < 0) { - k = i * 2; + if (expression > 0) { // GOOD + k = i * i; + } + if (expression > 10) { // BAD + k = i + j; + } else if (expression < 0) { + k = i * 2; + } } -} -void test_ifelse_nested_invalid(int expression) { - int i = 5; - int j = 7; - int k; + void test_ifelse_nested_invalid(int expression) { + int i = 5; + int j = 7; + int k; - if (expression > 0) { // GOOD - k = i * i * i; - } else { - k = i * j; - } - if (expression > 10) { // GOOD - k = i; - } else if (expression < 0) { - if (expression < -10) { // BAD - k = 5 + j; - } else if (expression < -20) { - k = i * 3; + if (expression > 0) { // GOOD + k = i * i * i; + } else { + k = i * j; + } + if (expression > 10) { // GOOD + k = i; + } else if (expression < 0) { + if (expression < -10) { // BAD + k = 5 + j; + } else if (expression < -20) { + k = i * 3; + } + } else { + k = 3; } - } else { - k = 3; } -} -void test_ifelse_nested_valid(int expression) { - int i = 3; - int j = 1; - int k; - if (expression > 10) { // BAD - k = i + j; - } else if (expression < 0) { - if (i > 3) { // GOOD - k = j; - } else if (i < 10) { - k = i % 3; - } else { - i = i % 2; + void test_ifelse_nested_valid(int expression) { + int i = 3; + int j = 1; + int k; + if (expression > 10) { // BAD + k = i + j; + } else if (expression < 0) { + if (i > 3) { // GOOD + k = j; + } else if (i < 10) { + k = i % 3; + } else { + i = i % 2; + } } } -} \ No newline at end of file +} From 07b86c7e1807ed59a41168454ec53ec1e0e29a5f Mon Sep 17 00:00:00 2001 From: Shadi Samadi <68650974+s-samadi@users.noreply.github.com> Date: Fri, 10 Mar 2023 11:29:00 +1100 Subject: [PATCH 0686/2573] Delete AppropriateThreadObjectStorageDurations.md.tmp --- ...opriateThreadObjectStorageDurations.md.tmp | 364 ------------------ 1 file changed, 364 deletions(-) delete mode 100644 c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.md.tmp diff --git a/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.md.tmp b/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.md.tmp deleted file mode 100644 index 5ade8c902a..0000000000 --- a/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.md.tmp +++ /dev/null @@ -1,364 +0,0 @@ - -## Description -Accessing the automatic or thread-local variables of one thread from another thread is [implementation-defined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation-definedbehavior) and can cause invalid memory accesses because the execution of threads can be interwoven within the constraints of the synchronization model. As a result, the referenced stack frame or thread-local variable may no longer be valid when another thread tries to access it. Shared static variables can be protected by thread synchronization mechanisms. - -However, automatic (local) variables cannot be shared in the same manner because the referenced stack frame's thread would need to stop executing, or some other mechanism must be employed to ensure that the referenced stack frame is still valid. Do not access automatic or thread-local objects from a thread other than the one with which the object is associated. See [DCL30-C. Declare objects with appropriate storage durations](https://wiki.sei.cmu.edu/confluence/display/c/DCL30-C.+Declare+objects+with+appropriate+storage+durations) for information on how to declare objects with appropriate storage durations when data is not being shared between threads. - -Noncompliant Code Example (Automatic Storage Duration) - -This noncompliant code example passes the address of a variable to a child thread, which prints it out. The variable has automatic storage duration. Depending on the execution order, the child thread might reference the variable after the variable's lifetime in the parent thread. This would cause the child thread to access an invalid memory location. - -```cpp -#include -#include - -int child_thread(void *val) { - int *res = (int *)val; - printf("Result: %d\n", *res); - return 0; -} - -void create_thread(thrd_t *tid) { - int val = 1; - if (thrd_success != thrd_create(tid, child_thread, &val)) { - /* Handle error */ - } -} - -int main(void) { - thrd_t tid; - create_thread(&tid); - - if (thrd_success != thrd_join(tid, NULL)) { - /* Handle error */ - } - return 0; -} - -``` - -## Noncompliant Code Example (Automatic Storage Duration) -One practice is to ensure that all objects with automatic storage duration shared between threads are declared such that their lifetime extends past the lifetime of the threads. This can be accomplished using a thread synchronization mechanism, such as `thrd_join()`. In this code example, `val` is declared in `main()`, where `thrd_join()` is called. Because the parent thread waits until the child thread completes before continuing its execution, the shared objects have a lifetime at least as great as the thread. - -```cpp -#include -#include - -int child_thread(void *val) { - int *result = (int *)val; - printf("Result: %d\n", *result); /* Correctly prints 1 */ - return 0; -} - -void create_thread(thrd_t *tid, int *val) { - if (thrd_success != thrd_create(tid, child_thread, val)) { - /* Handle error */ - } -} - -int main(void) { - int val = 1; - thrd_t tid; - create_thread(&tid, &val); - if (thrd_success != thrd_join(tid, NULL)) { - /* Handle error */ - } - return 0; -} -``` - -## -However, the C Standard, 6.2.4 paragraphs 4 and 5 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography)\], states: - -> The result of attempting to indirectly access an object with thread storage duration from a thread other than the one with which the object is associated is implementation-defined. . . . - - -The result of attempting to indirectly access an object with automatic storage duration from a thread other than the one with which the object is associated is implementation-defined. - -Therefore this example relies on [implementation-defined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation-definedbehavior) and is nonportable. - -## Compliant Solution (Static Storage Duration) -This compliant solution stores the value in an object having static storage duration. The lifetime of this object is the entire execution of the program; consequently, it can be safely accessed by any thread. - -```cpp -#include -#include - -int child_thread(void *v) { - int *result = (int *)v; - printf("Result: %d\n", *result); /* Correctly prints 1 */ - return 0; -} - -void create_thread(thrd_t *tid) { - static int val = 1; - if (thrd_success != thrd_create(tid, child_thread, &val)) { - /* Handle error */ - } -} - -int main(void) { - thrd_t tid; - create_thread(&tid); - if (thrd_success != thrd_join(tid, NULL)) { - /* Handle error */ - } - return 0; -} - -``` - -## Compliant Solution (Allocated Storage Duration) -This compliant solution stores the value passed to the child thread in a dynamically allocated object. Because this object will persist until explicitly freed, the child thread can safely access its value. - -```cpp -#include -#include -#include - -int child_thread(void *val) { - int *result = (int *)val; - printf("Result: %d\n", *result); /* Correctly prints 1 */ - return 0; -} - -void create_thread(thrd_t *tid, int *value) { - *value = 1; - if (thrd_success != thrd_create(tid, child_thread, - value)) { - /* Handle error */ - } -} - -int main(void) { - thrd_t tid; - int *value = (int *)malloc(sizeof(int)); - if (!value) { - /* Handle error */ - } - create_thread(&tid, value); - if (thrd_success != thrd_join(tid, NULL)) { - /* Handle error */ - } - free(value); - return 0; -} - -``` - -## Noncompliant Code Example (Thread-Specific Storage) -In this noncompliant code example, the value is stored in thread-specific storage of the parent thread. However, because thread-specific data is available only to the thread that stores it, the `child_thread()` function will set `result` to a null value. - -```cpp -#include -#include -#include - -static tss_t key; - -int child_thread(void *v) { - void *result = tss_get(*(tss_t *)v); - printf("Result: %d\n", *(int *)result); - return 0; -} - -int create_thread(void *thrd) { - int *val = (int *)malloc(sizeof(int)); - if (val == NULL) { - /* Handle error */ - } - *val = 1; - if (thrd_success != tss_set(key, val)) { - /* Handle error */ - } - if (thrd_success != thrd_create((thrd_t *)thrd, - child_thread, &key)) { - /* Handle error */ - } - return 0; -} - -int main(void) { - thrd_t parent_tid, child_tid; - - if (thrd_success != tss_create(&key, free)) { - /* Handle error */ - } - if (thrd_success != thrd_create(&parent_tid, create_thread, - &child_tid)) { - /* Handle error */ - } - if (thrd_success != thrd_join(parent_tid, NULL)) { - /* Handle error */ - } - if (thrd_success != thrd_join(child_tid, NULL)) { - /* Handle error */ - } - tss_delete(key); - return 0; -} -``` - -## Compliant Solution (Thread-Specific Storage) -This compliant solution illustrates how thread-specific storage can be combined with a call to a thread synchronization mechanism, such as `thrd_join()`. Because the parent thread waits until the child thread completes before continuing its execution, the child thread is guaranteed to access a valid live object. - -```cpp -#include -#include -#include - -static tss_t key; - -int child_thread(void *v) { - int *result = v; - printf("Result: %d\n", *result); /* Correctly prints 1 */ - return 0; -} - -int create_thread(void *thrd) { - int *val = (int *)malloc(sizeof(int)); - if (val == NULL) { - /* Handle error */ - } - *val = 1; - if (thrd_success != tss_set(key, val)) { - /* Handle error */ - } - /* ... */ - void *v = tss_get(key); - if (thrd_success != thrd_create((thrd_t *)thrd, - child_thread, v)) { - /* Handle error */ - } - return 0; -} - -int main(void) { - thrd_t parent_tid, child_tid; - - if (thrd_success != tss_create(&key, free)) { - /* Handle error */ - } - if (thrd_success != thrd_create(&parent_tid, create_thread, - &child_tid)) { - /* Handle error */ - } - if (thrd_success != thrd_join(parent_tid, NULL)) { - /* Handle error */ - } - if (thrd_success != thrd_join(child_tid, NULL)) { - /* Handle error */ - } - tss_delete(key); -return 0; -} -``` -This compliant solution uses pointer-to-integer and integer-to-pointer conversions, which have implementation-defined behavior. (See [INT36-C. Converting a pointer to integer or integer to pointer](https://wiki.sei.cmu.edu/confluence/display/c/INT36-C.+Converting+a+pointer+to+integer+or+integer+to+pointer).) - -## Compliant Solution (Thread-Local Storage, Windows, Visual Studio) -Similar to the preceding compliant solution, this compliant solution uses thread-local storage combined with thread synchronization to ensure the child thread is accessing a valid live object. It uses the Visual Studio–specific [__declspec(thread)](http://msdn.microsoft.com/en-us/library/9w1sdazb.aspx) language extension to provide the thread-local storage and the `[WaitForSingleObject()](http://msdn.microsoft.com/en-us/library/windows/desktop/ms687032(v=vs.85).aspx)` API to provide the synchronization. - -```cpp -#include -#include - -DWORD WINAPI child_thread(LPVOID v) { - int *result = (int *)v; - printf("Result: %d\n", *result); /* Correctly prints 1 */ - return NULL; -} - -int create_thread(HANDLE *tid) { - /* Declare val as a thread-local value */ - __declspec(thread) int val = 1; - *tid = create_thread(NULL, 0, child_thread, &val, 0, NULL); - return *tid == NULL; -} - -int main(void) { - HANDLE tid; - - if (create_thread(&tid)) { - /* Handle error */ - } - - if (WAIT_OBJECT_0 != WaitForSingleObject(tid, INFINITE)) { - /* Handle error */ - } - CloseHandle(tid); - - return 0; -} - -``` - -## Noncompliant Code Example (OpenMP, parallel) -It is important to note that local data can be used securely with threads when using other thread interfaces, so the programmer need not always copy data into nonlocal memory when sharing data with threads. For example, the `shared` keyword in *®The OpenMP API Specification for Parallel Programming* \[[OpenMP](http://openmp.org/wp/)\] can be used in combination with OpenMP's threading interface to share local memory without having to worry about whether local automatic variables remain valid. - -In this noncompliant code example, a variable `j` is declared outside a `parallel` `#pragma` and not listed as a private variable. In OpenMP, variables outside a `parallel #pragma` are shared unless designated as `private`. - -```cpp -#include -#include - -int main(void) { - int j = 0; - #pragma omp parallel - { - int t = omp_get_thread_num(); - printf("Running thread - %d\n", t); - for (int i = 0; i < 5050; i++) { - j++; /* j not private; could be a race condition */ - } - printf("Just ran thread - %d\n", t); - printf("loop count %d\n", j); - } -return 0; -} -``` - -## Compliant Solution (OpenMP, parallel, private) -In this compliant solution, the variable `j` is declared outside of the `parallel` `#pragma` but is explicitly labeled as `private`: - -```cpp -#include -#include - -int main(void) { - int j = 0; - #pragma omp parallel private(j) - { - int t = omp_get_thread_num(); - printf("Running thread - %d\n", t); - for (int i = 0; i < 5050; i++) { - j++; - } - printf("Just ran thread - %d\n", t); - printf("loop count %d\n", j); - } -return 0; -} -``` - -## Risk Assessment -Threads that reference the stack of other threads can potentially overwrite important information on the stack, such as function pointers and return addresses. The compiler may not generate warnings if the programmer allows one thread to access another thread's local variables, so a programmer may not catch a potential error at compile time. The remediation cost for this error is high because analysis tools have difficulty diagnosing problems with concurrency and race conditions. - -
    Recommendation Severity Likelihood Remediation Cost Priority Level
    CON34-C Medium Probable High P4 L3
    - - -## Automated Detection -
    Tool Version Checker Description
    CodeSonar 7.2p0 CONCURRENCY.LOCALARG Local Variable Passed to Thread
    Helix QAC 2022.4 DF4926, DF4927, DF4928
    Parasoft C/C++test 2022.2 CERT_C-CON34-a Declare objects shared between POSIX threads with appropriate storage durations
    Polyspace Bug Finder R2022b CERT C: Rule CON34-C Checks for automatic or thread local variable escaping from a C11 thread (rule fully covered)
    PRQA QA-C 9.7 4926, 4927, 4928 Enforced by QAC
    - - -## Related Vulnerabilities -Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+CON34-C). - -## Related Guidelines -[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) - -
    Taxonomy Taxonomy item Relationship
    CERT C Secure Coding Standard DCL30-C. Declare objects with appropriate storage durations Prior to 2018-01-12: CERT: Unspecified Relationship
    - - -## Bibliography -
    \[ ISO/IEC 9899:2011 \] 6.2.4, "Storage Durations of Objects"
    \[ OpenMP \] ® The OpenMP API Specification for Parallel Programming
    - From 96a2682d81f2173575c0121e09dfb313d36101b2 Mon Sep 17 00:00:00 2001 From: Shadi Samadi Date: Fri, 10 Mar 2023 12:23:17 +1100 Subject: [PATCH 0687/2573] added temporary expected for RULE-15-2 --- c/misra/test/rules/RULE-15-2/GotoLabelLocationCondition.expected | 1 - 1 file changed, 1 deletion(-) diff --git a/c/misra/test/rules/RULE-15-2/GotoLabelLocationCondition.expected b/c/misra/test/rules/RULE-15-2/GotoLabelLocationCondition.expected index 2ec1a0ac6c..e69de29bb2 100644 --- a/c/misra/test/rules/RULE-15-2/GotoLabelLocationCondition.expected +++ b/c/misra/test/rules/RULE-15-2/GotoLabelLocationCondition.expected @@ -1 +0,0 @@ -No expected results have yet been specified \ No newline at end of file From 04c8ba2af1e7c828153dd8db2d6fc95573456963 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 10 Mar 2023 13:06:54 +0000 Subject: [PATCH 0688/2573] Rule 2.4: Fix test case compiler issues This test case had some syntactically invalid C code, and a name clash, which have now been addressed. --- c/misra/test/rules/RULE-2-4/test.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/c/misra/test/rules/RULE-2-4/test.c b/c/misra/test/rules/RULE-2-4/test.c index ae73b17a6e..db2199f302 100644 --- a/c/misra/test/rules/RULE-2-4/test.c +++ b/c/misra/test/rules/RULE-2-4/test.c @@ -29,10 +29,10 @@ void test() { int x = state1; // enum access on E1 enum E2 e2; struct S7 { // NON_COMPLIANT - int x + int x; } s7; struct S8 { // COMPLIANT - int x + int x; } s8; struct S8 s8_2; @@ -55,7 +55,7 @@ struct S10 { // NON_COMPLIANT struct S12 { // COMPLIANT int x; -} foo(struct S12 s); +} foo2(struct S12 s); #define STRUCT_MACRO \ struct S13 { \ From 79569b664ecaa000501e5b38980be4a409d752e6 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 10 Mar 2023 13:43:51 +0000 Subject: [PATCH 0689/2573] Rule 2.4: Exclude template parameters --- c/misra/src/rules/RULE-2-4/UnusedTagDeclaration.ql | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/c/misra/src/rules/RULE-2-4/UnusedTagDeclaration.ql b/c/misra/src/rules/RULE-2-4/UnusedTagDeclaration.ql index e3d0d74c31..565b9fb407 100644 --- a/c/misra/src/rules/RULE-2-4/UnusedTagDeclaration.ql +++ b/c/misra/src/rules/RULE-2-4/UnusedTagDeclaration.ql @@ -29,5 +29,7 @@ where // expansions of the same macro. // Note: due to a bug in the CodeQL CLI version 2.9.4, this will currently have no effect, because // `isInMacroExpansion` is broken for `UserType`s. - not s.isInMacroExpansion() + not s.isInMacroExpansion() and + // Exclude template parameters, in case this is run on C++ code. + not s instanceof TemplateParameter select s, "struct " + s.getName() + " has an unused tag." From 5b7118ea0ab3dc663bb2f3f8ae7a62d091dbd137 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 10 Mar 2023 13:49:45 +0000 Subject: [PATCH 0690/2573] Rule 2.4: Add a missing test case. --- c/misra/test/rules/RULE-2-4/test.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/c/misra/test/rules/RULE-2-4/test.c b/c/misra/test/rules/RULE-2-4/test.c index db2199f302..64d05a1cc2 100644 --- a/c/misra/test/rules/RULE-2-4/test.c +++ b/c/misra/test/rules/RULE-2-4/test.c @@ -77,4 +77,8 @@ void testMacroNameNotUsed() { { int x; } struct s14 PARTIAL; // NON_COMPLIANT - affected by macro, but not fully - // generated, so fair to report as unused \ No newline at end of file + // generated, so fair to report as unused + +typedef struct { + int x; +} S15; // COMPLIANT - not a tag \ No newline at end of file From 16601af5525a37a08c42e802f076c666bcdb3979 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 10 Mar 2023 13:52:51 +0000 Subject: [PATCH 0691/2573] Rule 2.6: Address compiler syntax errors Labels cannot be before declarations, only before expressions or statements. --- c/misra/test/rules/RULE-2-6/test.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/c/misra/test/rules/RULE-2-6/test.c b/c/misra/test/rules/RULE-2-6/test.c index d3a643c1f1..e358cdcb07 100644 --- a/c/misra/test/rules/RULE-2-6/test.c +++ b/c/misra/test/rules/RULE-2-6/test.c @@ -1,12 +1,12 @@ void test1(int p1) { dead_label_1: // NON_COMPLIANT live_label_1: // COMPLIANT - int x = 0; + p1 + 1; live_label_2: // COMPLIANT dead_label_2: // NON_COMPLIANT - int y = 0; + p1 + 2; dead_label_3: // NON_COMPLIANT - int z = 0; + p1 + 3; if (p1 > 1) { goto live_label_1; From ed8ccda82e35c139b87c632be87ecf43e00b1182 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 10 Mar 2023 13:57:22 +0000 Subject: [PATCH 0692/2573] Rule 21.1: Make compiler compatibile Compliers already exclude the #define defined case. --- ...DefineAndUndefUsedOnReservedIdentifierOrMacroName.expected | 1 - c/misra/test/rules/RULE-21-1/test.c | 4 ++-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/c/misra/test/rules/RULE-21-1/DefineAndUndefUsedOnReservedIdentifierOrMacroName.expected b/c/misra/test/rules/RULE-21-1/DefineAndUndefUsedOnReservedIdentifierOrMacroName.expected index 299626d6fc..ef9700d8d3 100644 --- a/c/misra/test/rules/RULE-21-1/DefineAndUndefUsedOnReservedIdentifierOrMacroName.expected +++ b/c/misra/test/rules/RULE-21-1/DefineAndUndefUsedOnReservedIdentifierOrMacroName.expected @@ -1,4 +1,3 @@ | test.c:1:1:1:17 | #define _NOT_OKAY | Reserved identifier '_NOT_OKAY' has been undefined or redefined. | | test.c:2:1:2:16 | #undef _NOT_OKAY | Reserved identifier '_NOT_OKAY' has been undefined or redefined. | -| test.c:4:1:4:15 | #define defined | Reserved identifier 'defined' has been undefined or redefined. | | test.c:5:1:5:13 | #define errno | Reserved identifier 'errno' has been undefined or redefined. | diff --git a/c/misra/test/rules/RULE-21-1/test.c b/c/misra/test/rules/RULE-21-1/test.c index 380679d84a..dc709ca220 100644 --- a/c/misra/test/rules/RULE-21-1/test.c +++ b/c/misra/test/rules/RULE-21-1/test.c @@ -1,7 +1,7 @@ #define _NOT_OKAY // NON_COMPLIANT #undef _NOT_OKAY // NON_COMPLIANT -#define defined // NON_COMPLIANT -#define errno // NON_COMPLIANT +// #define defined // NON_COMPILABLE +#define errno // NON_COMPLIANT #define NDEBUG 1 // COMPLIANT \ No newline at end of file From ff57bb447107bf8f1c05d3d6e290a35a4ffd0255 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 10 Mar 2023 14:09:33 +0000 Subject: [PATCH 0693/2573] DCL41-C: Fix test compiler syntax issue Cases are labels, and cannot be before declarations. --- c/cert/test/rules/DCL41-C/test.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/c/cert/test/rules/DCL41-C/test.c b/c/cert/test/rules/DCL41-C/test.c index 2500c982f3..6b982c6d0b 100644 --- a/c/cert/test/rules/DCL41-C/test.c +++ b/c/cert/test/rules/DCL41-C/test.c @@ -23,6 +23,8 @@ void f1(int expr) { void f2(int expr) { switch (expr) { case 0: + 0; // Note: required because a "case" is a label, and not permitted on a + // declaration, so we need a no-op statement int i = 4; // COMPLIANT case 1: i = 6; // COMPLIANT From c3e650ad3bdaa331dd1110999a512acd5fa551fb Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 10 Mar 2023 14:10:07 +0000 Subject: [PATCH 0694/2573] Rule 8.2: Address clang specific error This rule has a clang specific error, not permitting certain function declarations. Update test case and expected results to reflect this. --- .../FunctionTypesNotInPrototypeForm.expected.clang | 3 +++ c/misra/test/rules/RULE-8-2/test.c.clang | 9 +++++++++ 2 files changed, 12 insertions(+) create mode 100644 c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.expected.clang create mode 100644 c/misra/test/rules/RULE-8-2/test.c.clang diff --git a/c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.expected.clang b/c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.expected.clang new file mode 100644 index 0000000000..8d933c8b4d --- /dev/null +++ b/c/misra/test/rules/RULE-8-2/FunctionTypesNotInPrototypeForm.expected.clang @@ -0,0 +1,3 @@ +| test.c:3:6:3:7 | f1 | Function f1 declares parameter that is unnamed. | +| test.c:4:6:4:7 | f2 | Function f2 does not specifiy void for no parameters present. | +| test.c:7:5:7:6 | f5 | Function f5 declares parameter in unsupported declaration list. | diff --git a/c/misra/test/rules/RULE-8-2/test.c.clang b/c/misra/test/rules/RULE-8-2/test.c.clang new file mode 100644 index 0000000000..f4cfb7da14 --- /dev/null +++ b/c/misra/test/rules/RULE-8-2/test.c.clang @@ -0,0 +1,9 @@ +void f(int x); // COMPLIANT +void f0(void); // COMPLIANT +void f1(int); // NON_COMPLIANT +void f2(); // NON_COMPLIANT +// void f3(x); // NON_COMPILABLE +void f4(const x); // NON_COMPLIANT[FALSE_NEGATIVE] +int f5(x) // NON_COMPLIANT + int x; +{ return 1; } \ No newline at end of file From 71c5ae56f2975887e7a2cc44e55483a71ffbe07f Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 10 Mar 2023 14:17:25 +0000 Subject: [PATCH 0695/2573] STR34-C: Fix compiler compatability issues For this test case our standard library stubs (MUSL) use a different form of macro for these standard library functions that gcc and clang, so update the expected result files. --- ...arBeforeConvertingToLargerSizes.expected.clang | 15 +++++++++++++++ ...CharBeforeConvertingToLargerSizes.expected.gcc | 15 +++++++++++++++ 2 files changed, 30 insertions(+) create mode 100644 c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.expected.clang create mode 100644 c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.expected.gcc diff --git a/c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.expected.clang b/c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.expected.clang new file mode 100644 index 0000000000..1cf143a196 --- /dev/null +++ b/c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.expected.clang @@ -0,0 +1,15 @@ +| test.c:7:7:7:14 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:28:3:28:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:29:3:29:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:31:3:31:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:32:3:32:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:33:3:33:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:34:3:34:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:35:3:35:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:36:3:36:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:37:3:37:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:38:3:38:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:39:3:39:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:40:3:40:14 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:42:11:42:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:43:11:43:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. | diff --git a/c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.expected.gcc b/c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.expected.gcc new file mode 100644 index 0000000000..1cf143a196 --- /dev/null +++ b/c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.expected.gcc @@ -0,0 +1,15 @@ +| test.c:7:7:7:14 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:28:3:28:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:29:3:29:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:31:3:31:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:32:3:32:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:33:3:33:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:34:3:34:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:35:3:35:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:36:3:36:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:37:3:37:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:38:3:38:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:39:3:39:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:40:3:40:14 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:42:11:42:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:43:11:43:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. | From 4b54a05be3dbb0bc9f918ea1cbf70f48b9c50781 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Fri, 10 Mar 2023 11:55:34 -0500 Subject: [PATCH 0696/2573] Fix FP for issue 232 exclude pragmas rule A16-0-1 --- ...essorShallOnlyBeUsedForCertainDirectivesPatterns.ql | 10 +++++----- ...hallOnlyBeUsedForCertainDirectivesPatterns.expected | 1 - cpp/autosar/test/rules/A16-0-1/test.cpp | 2 +- 3 files changed, 6 insertions(+), 7 deletions(-) diff --git a/cpp/autosar/src/rules/A16-0-1/PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.ql b/cpp/autosar/src/rules/A16-0-1/PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.ql index 75c65e6bcd..a8e1e59839 100644 --- a/cpp/autosar/src/rules/A16-0-1/PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.ql +++ b/cpp/autosar/src/rules/A16-0-1/PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.ql @@ -80,11 +80,11 @@ class AcceptableWrapper extends PreprocessorBranch { from PreprocessorDirective directive, string message where - ( - not directive instanceof PermittedDirectiveType and - not directive instanceof AcceptableWrapper and - message = "Preprocessor directive used for conditional compilation." - ) and + //special exception case - pragmas already reported by A16-7-1 + not directive instanceof PreprocessorPragma and + not directive instanceof PermittedDirectiveType and + not directive instanceof AcceptableWrapper and + message = "Preprocessor directive used for conditional compilation." and not isExcluded(directive, MacrosPackage::preProcessorShallOnlyBeUsedForCertainDirectivesPatternsQuery()) select directive, message diff --git a/cpp/autosar/test/rules/A16-0-1/PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.expected b/cpp/autosar/test/rules/A16-0-1/PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.expected index b8a83801b4..5f6114bea8 100644 --- a/cpp/autosar/test/rules/A16-0-1/PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.expected +++ b/cpp/autosar/test/rules/A16-0-1/PreProcessorShallOnlyBeUsedForCertainDirectivesPatterns.expected @@ -1,4 +1,3 @@ -| test.cpp:3:1:3:25 | #pragma gcc testingpragma | Preprocessor directive used for conditional compilation. | | test.cpp:5:1:5:18 | #ifndef TESTHEADER | Preprocessor directive used for conditional compilation. | | test.cpp:9:1:9:26 | #define OBJECTLIKE_MACRO 1 | Preprocessor directive used for conditional compilation. | | test.cpp:10:1:10:35 | #define FUNCTIONLIKE_MACRO(X) X + 1 | Preprocessor directive used for conditional compilation. | diff --git a/cpp/autosar/test/rules/A16-0-1/test.cpp b/cpp/autosar/test/rules/A16-0-1/test.cpp index a855cca169..b1ee540032 100644 --- a/cpp/autosar/test/rules/A16-0-1/test.cpp +++ b/cpp/autosar/test/rules/A16-0-1/test.cpp @@ -1,6 +1,6 @@ #include //COMPLIANT -#pragma gcc testingpragma // NON_COMPLIANT +#pragma gcc testingpragma // COMPLIANT - exception - already reported by A16-7-1 #ifndef TESTHEADER // NON_COMPLIANT int g; From 482deb1e62df68f48d9b565dafd475323f74e53b Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Fri, 10 Mar 2023 15:09:36 -0500 Subject: [PATCH 0697/2573] Fix testcase change for rule DCL51-CPP --- .../rules/DCL51-CPP/EnumeratorReusesReservedName.expected | 2 +- .../rules/DCL51-CPP/FunctionReusesReservedName.expected | 2 +- .../rules/DCL51-CPP/ObjectReusesReservedName.expected | 2 +- .../DCL51-CPP/RedefiningOfStandardLibraryName.expected | 6 +++--- .../rules/DCL51-CPP/ReuseOfReservedIdentifier.expected | 4 ++-- .../UseOfReservedLiteralSuffixIdentifier.expected | 2 +- .../UseOfSingleUnderscoreReservedPrefix.expected | 8 ++++---- 7 files changed, 13 insertions(+), 13 deletions(-) diff --git a/cpp/cert/test/rules/DCL51-CPP/EnumeratorReusesReservedName.expected b/cpp/cert/test/rules/DCL51-CPP/EnumeratorReusesReservedName.expected index 63563899ba..fa45f86fec 100644 --- a/cpp/cert/test/rules/DCL51-CPP/EnumeratorReusesReservedName.expected +++ b/cpp/cert/test/rules/DCL51-CPP/EnumeratorReusesReservedName.expected @@ -1 +1 @@ -| test.cpp:9:3:9:9 | INT_MAX | The enumerator $@ reuses a reserved standard library name. | test.cpp:9:3:9:9 | INT_MAX | INT_MAX | +| test.cpp:10:3:10:9 | INT_MAX | The enumerator $@ reuses a reserved standard library name. | test.cpp:10:3:10:9 | INT_MAX | INT_MAX | diff --git a/cpp/cert/test/rules/DCL51-CPP/FunctionReusesReservedName.expected b/cpp/cert/test/rules/DCL51-CPP/FunctionReusesReservedName.expected index 7f6fbb1bce..e945f93c57 100644 --- a/cpp/cert/test/rules/DCL51-CPP/FunctionReusesReservedName.expected +++ b/cpp/cert/test/rules/DCL51-CPP/FunctionReusesReservedName.expected @@ -1 +1 @@ -| test.cpp:19:6:19:8 | min | The function $@ reuses a reserved standard library name. | test.cpp:19:6:19:8 | min | min | +| test.cpp:20:6:20:8 | min | The function $@ reuses a reserved standard library name. | test.cpp:20:6:20:8 | min | min | diff --git a/cpp/cert/test/rules/DCL51-CPP/ObjectReusesReservedName.expected b/cpp/cert/test/rules/DCL51-CPP/ObjectReusesReservedName.expected index 7fbb18a955..698b0c6067 100644 --- a/cpp/cert/test/rules/DCL51-CPP/ObjectReusesReservedName.expected +++ b/cpp/cert/test/rules/DCL51-CPP/ObjectReusesReservedName.expected @@ -1 +1 @@ -| test.cpp:17:5:17:10 | tzname | The variable $@ reuses a reserved standard library name. | test.cpp:17:5:17:10 | tzname | tzname | +| test.cpp:18:5:18:10 | tzname | The variable $@ reuses a reserved standard library name. | test.cpp:18:5:18:10 | tzname | tzname | diff --git a/cpp/cert/test/rules/DCL51-CPP/RedefiningOfStandardLibraryName.expected b/cpp/cert/test/rules/DCL51-CPP/RedefiningOfStandardLibraryName.expected index 90285a4af7..f5b15966ba 100644 --- a/cpp/cert/test/rules/DCL51-CPP/RedefiningOfStandardLibraryName.expected +++ b/cpp/cert/test/rules/DCL51-CPP/RedefiningOfStandardLibraryName.expected @@ -1,3 +1,3 @@ -| test.cpp:5:1:5:14 | #undef INT_MAX | Redefinition of INT_MAX declared in a standard library header. | -| test.cpp:6:1:6:20 | #define SIZE_MAX 256 | Redefinition of SIZE_MAX declared in a standard library header. | -| test.cpp:36:1:37:9 | #define FD_SET(X) int _ ## X | Redefinition of FD_SET declared in a standard library header. | +| test.cpp:6:1:6:14 | #undef INT_MAX | Redefinition of INT_MAX declared in a standard library header. | +| test.cpp:7:1:7:20 | #define SIZE_MAX 256 | Redefinition of SIZE_MAX declared in a standard library header. | +| test.cpp:37:1:38:9 | #define FD_SET(X) int _ ## X | Redefinition of FD_SET declared in a standard library header. | diff --git a/cpp/cert/test/rules/DCL51-CPP/ReuseOfReservedIdentifier.expected b/cpp/cert/test/rules/DCL51-CPP/ReuseOfReservedIdentifier.expected index 9a119e037d..2d60df03b4 100644 --- a/cpp/cert/test/rules/DCL51-CPP/ReuseOfReservedIdentifier.expected +++ b/cpp/cert/test/rules/DCL51-CPP/ReuseOfReservedIdentifier.expected @@ -1,2 +1,2 @@ -| test.cpp:12:1:12:15 | #undef noreturn | Redefinition of $@ lexically identical to reserved attribute token. | test.cpp:12:1:12:15 | #undef noreturn | noreturn | -| test.cpp:13:1:13:17 | #define private 1 | Redefinition of $@ lexically identical to keyword. | test.cpp:13:1:13:17 | #define private 1 | private | +| test.cpp:13:1:13:15 | #undef noreturn | Redefinition of $@ lexically identical to reserved attribute token. | test.cpp:13:1:13:15 | #undef noreturn | noreturn | +| test.cpp:14:1:14:17 | #define private 1 | Redefinition of $@ lexically identical to keyword. | test.cpp:14:1:14:17 | #define private 1 | private | diff --git a/cpp/cert/test/rules/DCL51-CPP/UseOfReservedLiteralSuffixIdentifier.expected b/cpp/cert/test/rules/DCL51-CPP/UseOfReservedLiteralSuffixIdentifier.expected index 72fc44988d..f8863eab59 100644 --- a/cpp/cert/test/rules/DCL51-CPP/UseOfReservedLiteralSuffixIdentifier.expected +++ b/cpp/cert/test/rules/DCL51-CPP/UseOfReservedLiteralSuffixIdentifier.expected @@ -1 +1 @@ -| test.cpp:21:6:21:17 | operator ""x | Literal suffix identifier $@ does not start with an underscore. | test.cpp:21:6:21:17 | operator ""x | operator ""x | +| test.cpp:22:6:22:17 | operator ""x | Literal suffix identifier $@ does not start with an underscore. | test.cpp:22:6:22:17 | operator ""x | operator ""x | diff --git a/cpp/cert/test/rules/DCL51-CPP/UseOfSingleUnderscoreReservedPrefix.expected b/cpp/cert/test/rules/DCL51-CPP/UseOfSingleUnderscoreReservedPrefix.expected index 8701a91f08..679ad58deb 100644 --- a/cpp/cert/test/rules/DCL51-CPP/UseOfSingleUnderscoreReservedPrefix.expected +++ b/cpp/cert/test/rules/DCL51-CPP/UseOfSingleUnderscoreReservedPrefix.expected @@ -1,5 +1,5 @@ -| test.cpp:25:5:25:6 | _X | Name $@ uses the reserved prefix '_'. | test.cpp:25:5:25:6 | _X | _X | -| test.cpp:26:5:26:6 | _x | Name $@ uses the reserved prefix '_'. | test.cpp:26:5:26:6 | _x | _x | -| test.cpp:30:5:30:6 | _X | Name $@ uses the reserved prefix '_'. | test.cpp:30:5:30:6 | _X | _X | -| test.cpp:34:1:34:3 | _i | Name $@ uses the reserved prefix '_'. | test.cpp:34:1:34:3 | _i | _i | +| test.cpp:26:5:26:6 | _X | Name $@ uses the reserved prefix '_'. | test.cpp:26:5:26:6 | _X | _X | +| test.cpp:27:5:27:6 | _x | Name $@ uses the reserved prefix '_'. | test.cpp:27:5:27:6 | _x | _x | +| test.cpp:31:5:31:6 | _X | Name $@ uses the reserved prefix '_'. | test.cpp:31:5:31:6 | _X | _X | +| test.cpp:35:1:35:3 | _i | Name $@ uses the reserved prefix '_'. | test.cpp:35:1:35:3 | _i | _i | | test.h:2:1:2:15 | #define _TEST_H | Name $@ uses the reserved prefix '_'. | test.h:2:1:2:15 | #define _TEST_H | _TEST_H | From dab222264ce5fc0bee92f965d4cbafdb48cf3242 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 10 Mar 2023 23:59:39 +0000 Subject: [PATCH 0698/2573] STR37-C: Handle macros in The commonly implements its APIs using either macros or functions or some combination of the two. Our query only assumed functions were used, whereas macros are practically used by both gcc and clang, and these can vary depending on compiler flags. The CharFunctions.qll library now provides a unified interface from which to get a unique expression for each use of an API in the library, hopefully regardless of whether it is a macro or a function. To do this we have had to hard code assumptions about the structure of the macros, however our matrix compiler testing should flag if these assumptions are broken with a particular version of a supported compiler. --- ...erHandlingFunctionsRepresentableAsUChar.ql | 17 ++- ...lingFunctionsRepresentableAsUChar.expected | 40 +++--- .../src/codingstandards/cpp/CharFunctions.qll | 118 ++++++++++++++---- 3 files changed, 124 insertions(+), 51 deletions(-) diff --git a/c/cert/src/rules/STR37-C/ToCharacterHandlingFunctionsRepresentableAsUChar.ql b/c/cert/src/rules/STR37-C/ToCharacterHandlingFunctionsRepresentableAsUChar.ql index cb742859cc..8dda9012d2 100644 --- a/c/cert/src/rules/STR37-C/ToCharacterHandlingFunctionsRepresentableAsUChar.ql +++ b/c/cert/src/rules/STR37-C/ToCharacterHandlingFunctionsRepresentableAsUChar.ql @@ -16,14 +16,11 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.CharFunctions -from FunctionCall fc, Expr arg +from UseOfToOrIsChar useOfCharAPI, Expr arg where - not isExcluded(fc, Strings2Package::toCharacterHandlingFunctionsRepresentableAsUCharQuery()) and - // examine all impacted functions - fc.getTarget() instanceof CToOrIsCharFunction and - arg = fc.getArgument(0).getFullyConverted() and - // report on cases where either the explicit or implicit cast - // on the parameter type is not unsigned - not arg.(CStyleCast).getExpr().getType() instanceof UnsignedCharType -select fc, "$@ to character-handling function may not be representable as an unsigned char.", arg, - "Argument" + not isExcluded(useOfCharAPI, + Strings2Package::toCharacterHandlingFunctionsRepresentableAsUCharQuery()) and + arg = useOfCharAPI.getConvertedArgument() and + not arg.getType() instanceof UnsignedCharType +select useOfCharAPI, + "$@ to character-handling function may not be representable as an unsigned char.", arg, "Argument" diff --git a/c/cert/test/rules/STR37-C/ToCharacterHandlingFunctionsRepresentableAsUChar.expected b/c/cert/test/rules/STR37-C/ToCharacterHandlingFunctionsRepresentableAsUChar.expected index b655289f4e..43008e02d0 100644 --- a/c/cert/test/rules/STR37-C/ToCharacterHandlingFunctionsRepresentableAsUChar.expected +++ b/c/cert/test/rules/STR37-C/ToCharacterHandlingFunctionsRepresentableAsUChar.expected @@ -1,28 +1,28 @@ -| test.c:7:3:7:9 | call to isalnum | $@ to character-handling function may not be representable as an unsigned char. | test.c:7:11:7:12 | (int)... | Argument | -| test.c:8:3:8:13 | call to isalpha | $@ to character-handling function may not be representable as an unsigned char. | test.c:8:11:8:12 | (int)... | Argument | -| test.c:10:3:10:9 | call to isblank | $@ to character-handling function may not be representable as an unsigned char. | test.c:10:11:10:12 | (int)... | Argument | -| test.c:11:3:11:9 | call to iscntrl | $@ to character-handling function may not be representable as an unsigned char. | test.c:11:11:11:12 | (int)... | Argument | -| test.c:12:3:12:13 | call to isdigit | $@ to character-handling function may not be representable as an unsigned char. | test.c:12:11:12:12 | (int)... | Argument | -| test.c:13:3:13:13 | call to isgraph | $@ to character-handling function may not be representable as an unsigned char. | test.c:13:11:13:12 | (int)... | Argument | -| test.c:14:3:14:13 | call to islower | $@ to character-handling function may not be representable as an unsigned char. | test.c:14:11:14:12 | (int)... | Argument | -| test.c:15:3:15:13 | call to isprint | $@ to character-handling function may not be representable as an unsigned char. | test.c:15:11:15:12 | (int)... | Argument | -| test.c:16:3:16:9 | call to ispunct | $@ to character-handling function may not be representable as an unsigned char. | test.c:16:11:16:12 | (int)... | Argument | -| test.c:17:3:17:13 | call to __isspace | $@ to character-handling function may not be representable as an unsigned char. | test.c:17:11:17:12 | (int)... | Argument | -| test.c:18:3:18:13 | call to isupper | $@ to character-handling function may not be representable as an unsigned char. | test.c:18:11:18:12 | (int)... | Argument | -| test.c:19:3:19:10 | call to isxdigit | $@ to character-handling function may not be representable as an unsigned char. | test.c:19:12:19:13 | (int)... | Argument | -| test.c:21:3:21:9 | call to toupper | $@ to character-handling function may not be representable as an unsigned char. | test.c:21:11:21:12 | (int)... | Argument | -| test.c:22:3:22:9 | call to tolower | $@ to character-handling function may not be representable as an unsigned char. | test.c:22:11:22:12 | (int)... | Argument | +| test.c:7:3:7:9 | call to isalnum | $@ to character-handling function may not be representable as an unsigned char. | test.c:7:11:7:12 | * ... | Argument | +| test.c:8:3:8:13 | isalpha(a) | $@ to character-handling function may not be representable as an unsigned char. | test.c:8:11:8:12 | * ... | Argument | +| test.c:10:3:10:9 | call to isblank | $@ to character-handling function may not be representable as an unsigned char. | test.c:10:11:10:12 | * ... | Argument | +| test.c:11:3:11:9 | call to iscntrl | $@ to character-handling function may not be representable as an unsigned char. | test.c:11:11:11:12 | * ... | Argument | +| test.c:12:3:12:13 | isdigit(a) | $@ to character-handling function may not be representable as an unsigned char. | test.c:12:3:12:13 | (...) | Argument | +| test.c:13:3:13:13 | isgraph(a) | $@ to character-handling function may not be representable as an unsigned char. | test.c:13:3:13:13 | (...) | Argument | +| test.c:14:3:14:13 | islower(a) | $@ to character-handling function may not be representable as an unsigned char. | test.c:14:3:14:13 | (...) | Argument | +| test.c:15:3:15:13 | isprint(a) | $@ to character-handling function may not be representable as an unsigned char. | test.c:15:3:15:13 | (...) | Argument | +| test.c:16:3:16:9 | call to ispunct | $@ to character-handling function may not be representable as an unsigned char. | test.c:16:11:16:12 | * ... | Argument | +| test.c:17:3:17:13 | call to __isspace | $@ to character-handling function may not be representable as an unsigned char. | test.c:17:11:17:12 | * ... | Argument | +| test.c:18:3:18:13 | isupper(a) | $@ to character-handling function may not be representable as an unsigned char. | test.c:18:3:18:13 | (...) | Argument | +| test.c:19:3:19:10 | call to isxdigit | $@ to character-handling function may not be representable as an unsigned char. | test.c:19:12:19:13 | * ... | Argument | +| test.c:21:3:21:9 | call to toupper | $@ to character-handling function may not be representable as an unsigned char. | test.c:21:11:21:12 | * ... | Argument | +| test.c:22:3:22:9 | call to tolower | $@ to character-handling function may not be representable as an unsigned char. | test.c:22:11:22:12 | * ... | Argument | | test.c:70:3:70:9 | call to isalnum | $@ to character-handling function may not be representable as an unsigned char. | test.c:70:11:70:11 | t | Argument | -| test.c:71:3:71:12 | call to isalpha | $@ to character-handling function may not be representable as an unsigned char. | test.c:71:11:71:11 | t | Argument | +| test.c:71:3:71:12 | isalpha(a) | $@ to character-handling function may not be representable as an unsigned char. | test.c:71:11:71:11 | t | Argument | | test.c:73:3:73:9 | call to isblank | $@ to character-handling function may not be representable as an unsigned char. | test.c:73:11:73:11 | t | Argument | | test.c:74:3:74:9 | call to iscntrl | $@ to character-handling function may not be representable as an unsigned char. | test.c:74:11:74:11 | t | Argument | -| test.c:75:3:75:12 | call to isdigit | $@ to character-handling function may not be representable as an unsigned char. | test.c:75:11:75:11 | t | Argument | -| test.c:76:3:76:12 | call to isgraph | $@ to character-handling function may not be representable as an unsigned char. | test.c:76:11:76:11 | t | Argument | -| test.c:77:3:77:12 | call to islower | $@ to character-handling function may not be representable as an unsigned char. | test.c:77:11:77:11 | t | Argument | -| test.c:78:3:78:12 | call to isprint | $@ to character-handling function may not be representable as an unsigned char. | test.c:78:11:78:11 | t | Argument | +| test.c:75:3:75:12 | isdigit(a) | $@ to character-handling function may not be representable as an unsigned char. | test.c:75:3:75:12 | (...) | Argument | +| test.c:76:3:76:12 | isgraph(a) | $@ to character-handling function may not be representable as an unsigned char. | test.c:76:3:76:12 | (...) | Argument | +| test.c:77:3:77:12 | islower(a) | $@ to character-handling function may not be representable as an unsigned char. | test.c:77:3:77:12 | (...) | Argument | +| test.c:78:3:78:12 | isprint(a) | $@ to character-handling function may not be representable as an unsigned char. | test.c:78:3:78:12 | (...) | Argument | | test.c:79:3:79:9 | call to ispunct | $@ to character-handling function may not be representable as an unsigned char. | test.c:79:11:79:11 | t | Argument | | test.c:80:3:80:12 | call to __isspace | $@ to character-handling function may not be representable as an unsigned char. | test.c:80:11:80:11 | t | Argument | -| test.c:81:3:81:12 | call to isupper | $@ to character-handling function may not be representable as an unsigned char. | test.c:81:11:81:11 | t | Argument | +| test.c:81:3:81:12 | isupper(a) | $@ to character-handling function may not be representable as an unsigned char. | test.c:81:3:81:12 | (...) | Argument | | test.c:82:3:82:10 | call to isxdigit | $@ to character-handling function may not be representable as an unsigned char. | test.c:82:12:82:12 | t | Argument | | test.c:84:3:84:9 | call to toupper | $@ to character-handling function may not be representable as an unsigned char. | test.c:84:11:84:11 | t | Argument | | test.c:85:3:85:9 | call to tolower | $@ to character-handling function may not be representable as an unsigned char. | test.c:85:11:85:11 | t | Argument | diff --git a/cpp/common/src/codingstandards/cpp/CharFunctions.qll b/cpp/common/src/codingstandards/cpp/CharFunctions.qll index 352f61858c..7f69c353e5 100644 --- a/cpp/common/src/codingstandards/cpp/CharFunctions.qll +++ b/cpp/common/src/codingstandards/cpp/CharFunctions.qll @@ -1,31 +1,107 @@ import cpp -/** - * Models a class of functions that are either testers of characters - * or standard library conversion functions. - */ -class CToOrIsCharFunction extends Function { - CToOrIsCharFunction() { - this instanceof CIsCharFunction or - this instanceof CToCharFunction - } +private string getCToOrIsName() { + result = + [ + "isalnum", "isalpha", "isascii", "isblank", "iscntrl", "isdigit", "isgraph", "islower", + "isprint", "ispunct", "isspace", "isupper", "isxdigit", "__isspace", "toascii", "toupper", + "tolower" + ] } /** - * Models a class of functions that test characters. + * A use of one of the APIs in the `` header that test or convert characters. + * + * Note: these operations are commonly implemented as either function or a macro. This class + * abstracts away from those details, providing a `getConvertedArgument` predicate to get the + * argument after any conversions specified by the user, excluding any conversions induced by + * the structure of the macro, or */ -class CIsCharFunction extends Function { - CIsCharFunction() { - getName() in [ - "isalnum", "isalpha", "isascii", "isblank", "iscntrl", "isdigit", "isgraph", "islower", - "isprint", "ispunct", "isspace", "isupper", "isxdigit", "__isspace" - ] +abstract class UseOfToOrIsChar extends Element { + /** */ + abstract Expr getConvertedArgument(); +} + +private class CToOrIsCharFunctionCall extends FunctionCall, UseOfToOrIsChar { + CToOrIsCharFunctionCall() { + getTarget().getName() = getCToOrIsName() and + // Some library implementations, such as musl, include a "dead" call to the same function + // that has also been implemented as a macro, in order to retain the right types. We exclude + // this call because it does not appear in the control flow or data flow graph. However, + // isspace directly calls __isspace, which is allowed + ( + getTarget().getName() = "__isspace" or + not any(CToOrIsCharMacroInvocation mi).getAnExpandedElement() = this + ) } + + override Expr getConvertedArgument() { result = getArgument(0).getExplicitlyConverted() } } -/** - * Models a class of functions convert characters. - */ -class CToCharFunction extends Function { - CToCharFunction() { getName() in ["toascii", "toupper", "tolower"] } +private class CToOrIsCharMacroInvocation extends MacroInvocation, UseOfToOrIsChar { + CToOrIsCharMacroInvocation() { getMacroName() = getCToOrIsName() } + + override Expr getConvertedArgument() { + /* + * There is no common approach to how the macros are defined, so we handle + * each compiler/library case individually. Fortunately, there's no conflict + * between different compilers. + */ + + // For the "is" APIs, if clang and gcc use a macro, then it expands to an + // array access on the left hand side of an & + exists(ArrayExpr ae | ae = getExpr().(BitwiseAndExpr).getLeftOperand() | + // Casted to an explicit (int), so we want unwind only a single conversion + result = ae.getArrayOffset().getFullyConverted().(Conversion).getExpr() + ) + or + // For the tolower/toupper cases, a secondary macro is expanded + exists(MacroInvocation mi | + mi.getParentInvocation() = this and + mi.getMacroName() = "__tobody" + | + /* + * tolower and toupper can be defined by macros which: + * - if the size of the type is greater than 1 + * - then check if it's a compile time constant + * - then use c < -128 || c > 255 ? c : (a)[c] + * - else call the function + * - else (a)[c] + */ + + exists(ArrayExpr ae | + ae = mi.getAnExpandedElement() and + result = ae.getArrayOffset() and + // There are two array access, but only one should be reachable + result.getBasicBlock().isReachable() + ) + or + exists(ConditionalExpr ce | + ce = mi.getAnExpandedElement() and + result = ce.getThen() and + result.getBasicBlock().isReachable() + ) + ) + or + // musl uses a conditional expression as the expansion + exists(ConditionalExpr ce | ce = getExpr() | + // for most macro expansions, the else is a subtraction inside a `<` + exists(SubExpr s | + not getMacroName() = "isalpha" and + s = ce.getElse().(LTExpr).getLeftOperand() and + // Casted to an explicit (int), so we want unwind only a single conversion + result = s.getLeftOperand().getFullyConverted().(Conversion).getExpr() + ) + or + // for isalpha, the else is a bitwise or inside a subtraction inside a `<` + exists(BitwiseOrExpr bo | + // Casted to an explicit (unsigned) + getMacroName() = "isalpha" and + bo = ce.getElse().(LTExpr).getLeftOperand().(SubExpr).getLeftOperand() and + // Casted to an explicit (int), so we want unwind only a single conversion + result = + bo.getLeftOperand().getFullyConverted().(Conversion).getExpr().(ParenthesisExpr).getExpr() + ) + ) + } } From d5b08ca9d8c5656c0596077a1335a5c3a35d06de Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 13 Mar 2023 10:19:50 +0000 Subject: [PATCH 0699/2573] Add change note. --- change_notes/2023-03-13-ctype-improvements.md | 1 + 1 file changed, 1 insertion(+) create mode 100644 change_notes/2023-03-13-ctype-improvements.md diff --git a/change_notes/2023-03-13-ctype-improvements.md b/change_notes/2023-03-13-ctype-improvements.md new file mode 100644 index 0000000000..c6eb55c56d --- /dev/null +++ b/change_notes/2023-03-13-ctype-improvements.md @@ -0,0 +1 @@ + * `STR37-C` - reduce false negatives by improving detection when the `` functions are implemented using macros. \ No newline at end of file From c6c87881abc0f7b4e9db2d8b735e0d033eada417 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 13 Mar 2023 09:13:56 +0000 Subject: [PATCH 0700/2573] FloatingTypes: Commit rule package files Adds the FloatingTypes package, and make a query (A0-4-4) from TypeRanges into a shared query. --- .../cpp/exclusions/c/FloatingTypes.qll | 78 ++++++++++++++++++ .../cpp/exclusions/c/RuleMetadata.qll | 3 + rule_packages/c/FloatingTypes.json | 81 +++++++++++++++++++ rule_packages/cpp/TypeRanges.json | 1 + rules.csv | 8 +- 5 files changed, 167 insertions(+), 4 deletions(-) create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/FloatingTypes.qll create mode 100644 rule_packages/c/FloatingTypes.json diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/FloatingTypes.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/FloatingTypes.qll new file mode 100644 index 0000000000..2f39b98177 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/FloatingTypes.qll @@ -0,0 +1,78 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype FloatingTypesQuery = + TUncheckedRangeDomainPoleErrorsQuery() or + TUncheckedFloatingPointConversionQuery() or + TIntToFloatPreservePrecisionQuery() or + TMemcmpUsedToCompareFloatsQuery() + +predicate isFloatingTypesQueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `uncheckedRangeDomainPoleErrors` query + FloatingTypesPackage::uncheckedRangeDomainPoleErrorsQuery() and + queryId = + // `@id` for the `uncheckedRangeDomainPoleErrors` query + "c/cert/unchecked-range-domain-pole-errors" and + ruleId = "FLP32-C" and + category = "rule" + or + query = + // `Query` instance for the `uncheckedFloatingPointConversion` query + FloatingTypesPackage::uncheckedFloatingPointConversionQuery() and + queryId = + // `@id` for the `uncheckedFloatingPointConversion` query + "c/cert/unchecked-floating-point-conversion" and + ruleId = "FLP34-C" and + category = "rule" + or + query = + // `Query` instance for the `intToFloatPreservePrecision` query + FloatingTypesPackage::intToFloatPreservePrecisionQuery() and + queryId = + // `@id` for the `intToFloatPreservePrecision` query + "c/cert/int-to-float-preserve-precision" and + ruleId = "FLP36-C" and + category = "rule" + or + query = + // `Query` instance for the `memcmpUsedToCompareFloats` query + FloatingTypesPackage::memcmpUsedToCompareFloatsQuery() and + queryId = + // `@id` for the `memcmpUsedToCompareFloats` query + "c/cert/memcmp-used-to-compare-floats" and + ruleId = "FLP37-C" and + category = "rule" +} + +module FloatingTypesPackage { + Query uncheckedRangeDomainPoleErrorsQuery() { + //autogenerate `Query` type + result = + // `Query` type for `uncheckedRangeDomainPoleErrors` query + TQueryC(TFloatingTypesPackageQuery(TUncheckedRangeDomainPoleErrorsQuery())) + } + + Query uncheckedFloatingPointConversionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `uncheckedFloatingPointConversion` query + TQueryC(TFloatingTypesPackageQuery(TUncheckedFloatingPointConversionQuery())) + } + + Query intToFloatPreservePrecisionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `intToFloatPreservePrecision` query + TQueryC(TFloatingTypesPackageQuery(TIntToFloatPreservePrecisionQuery())) + } + + Query memcmpUsedToCompareFloatsQuery() { + //autogenerate `Query` type + result = + // `Query` type for `memcmpUsedToCompareFloats` query + TQueryC(TFloatingTypesPackageQuery(TMemcmpUsedToCompareFloatsQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index 9dfb52fb84..d83a7f6d08 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -26,6 +26,7 @@ import Declarations7 import Declarations8 import EssentialTypes import Expressions +import FloatingTypes import IO1 import IO2 import IO3 @@ -77,6 +78,7 @@ newtype TCQuery = TDeclarations8PackageQuery(Declarations8Query q) or TEssentialTypesPackageQuery(EssentialTypesQuery q) or TExpressionsPackageQuery(ExpressionsQuery q) or + TFloatingTypesPackageQuery(FloatingTypesQuery q) or TIO1PackageQuery(IO1Query q) or TIO2PackageQuery(IO2Query q) or TIO3PackageQuery(IO3Query q) or @@ -128,6 +130,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isDeclarations8QueryMetadata(query, queryId, ruleId, category) or isEssentialTypesQueryMetadata(query, queryId, ruleId, category) or isExpressionsQueryMetadata(query, queryId, ruleId, category) or + isFloatingTypesQueryMetadata(query, queryId, ruleId, category) or isIO1QueryMetadata(query, queryId, ruleId, category) or isIO2QueryMetadata(query, queryId, ruleId, category) or isIO3QueryMetadata(query, queryId, ruleId, category) or diff --git a/rule_packages/c/FloatingTypes.json b/rule_packages/c/FloatingTypes.json new file mode 100644 index 0000000000..77090bbac0 --- /dev/null +++ b/rule_packages/c/FloatingTypes.json @@ -0,0 +1,81 @@ +{ + "CERT-C": { + "FLP32-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Range, domain or pole errors in math functions may return unexpected values, trigger floating-point exceptions or set unexpected error modes.", + "kind": "problem", + "name": "Prevent or detect domain and range errors in math functions", + "precision": "high", + "severity": "error", + "short_name": "UncheckedRangeDomainPoleErrors", + "shared_implementation_short_name": "UncheckedRangeDomainPoleErrors", + "tags": [ + "correctness" + ] + } + ], + "title": "Prevent or detect domain and range errors in math functions" + }, + "FLP34-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "Ensure that floating-point conversions are within range of the new type", + "precision": "very-high", + "severity": "error", + "short_name": "UncheckedFloatingPointConversion", + "tags": [ + "correctness" + ] + } + ], + "title": "Ensure that floating-point conversions are within range of the new type" + }, + "FLP36-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "Preserve precision when converting integral values to floating-point type", + "precision": "very-high", + "severity": "error", + "short_name": "IntToFloatPreservePrecision", + "tags": [ + "correctness" + ] + } + ], + "title": "Preserve precision when converting integral values to floating-point type" + }, + "FLP37-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "Do not use object representations to compare floating-point values", + "precision": "very-high", + "severity": "error", + "short_name": "MemcmpUsedToCompareFloats", + "tags": [ + "correctness" + ] + } + ], + "title": "Do not use object representations to compare floating-point values" + } + } +} \ No newline at end of file diff --git a/rule_packages/cpp/TypeRanges.json b/rule_packages/cpp/TypeRanges.json index e7f7b9425e..1b27e0ed91 100644 --- a/rule_packages/cpp/TypeRanges.json +++ b/rule_packages/cpp/TypeRanges.json @@ -16,6 +16,7 @@ "precision": "high", "severity": "error", "short_name": "UncheckedRangeDomainPoleErrors", + "shared_implementation_short_name": "UncheckedRangeDomainPoleErrors", "tags": [ "correctness" ] diff --git a/rules.csv b/rules.csv index 36eea96801..c6a6dce820 100644 --- a/rules.csv +++ b/rules.csv @@ -544,10 +544,10 @@ c,CERT-C,FIO45-C,Yes,Rule,,,Avoid TOCTOU race conditions while accessing files,, c,CERT-C,FIO46-C,Yes,Rule,,,Do not access a closed file,FIO51-CPP,IO1,Hard, c,CERT-C,FIO47-C,Yes,Rule,,,Use valid format strings,,IO4,Hard, c,CERT-C,FLP30-C,Yes,Rule,,,Do not use floating-point variables as loop counters,,Statements,Easy, -c,CERT-C,FLP32-C,Yes,Rule,,,Prevent or detect domain and range errors in math functions,A0-4-4,Types,Medium, -c,CERT-C,FLP34-C,Yes,Rule,,,Ensure that floating-point conversions are within range of the new type,,Types,Medium, -c,CERT-C,FLP36-C,Yes,Rule,,,Preserve precision when converting integral values to floating-point type,,Types,Medium, -c,CERT-C,FLP37-C,Yes,Rule,,,Do not use object representations to compare floating-point values,,Types,Medium, +c,CERT-C,FLP32-C,Yes,Rule,,,Prevent or detect domain and range errors in math functions,A0-4-4,FloatingTypes,Medium, +c,CERT-C,FLP34-C,Yes,Rule,,,Ensure that floating-point conversions are within range of the new type,,FloatingTypes,Medium, +c,CERT-C,FLP36-C,Yes,Rule,,,Preserve precision when converting integral values to floating-point type,,FloatingTypes,Medium, +c,CERT-C,FLP37-C,Yes,Rule,,,Do not use object representations to compare floating-point values,,FloatingTypes,Medium, c,CERT-C,INT30-C,Yes,Rule,,,Ensure that unsigned integer operations do not wrap,A4-7-1,Types,Hard, c,CERT-C,INT31-C,Yes,Rule,,,Ensure that integer conversions do not result in lost or misinterpreted data,A4-7-1,Types,Hard, c,CERT-C,INT32-C,Yes,Rule,,,Ensure that operations on signed integers do not result in overflow,A4-7-1,Types,Hard, From ec0e4bc6e0424d1c43be98e6139e6e3801722535 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 13 Mar 2023 09:17:33 +0000 Subject: [PATCH 0701/2573] A0-4-4: Convert into shared query Enable sharing with FLP32-C. --- .../A0-4-4/UncheckedRangeDomainPoleErrors.ql | 69 ++-------------- .../UncheckedRangeDomainPoleErrors.qlref | 1 - .../UncheckedRangeDomainPoleErrors.testref | 1 + .../UncheckedRangeDomainPoleErrors.qll | 78 +++++++++++++++++++ .../UncheckedRangeDomainPoleErrors.expected | 0 .../UncheckedRangeDomainPoleErrors.ql | 2 + .../uncheckedrangedomainpoleerrors}/test.cpp | 0 7 files changed, 86 insertions(+), 65 deletions(-) delete mode 100644 cpp/autosar/test/rules/A0-4-4/UncheckedRangeDomainPoleErrors.qlref create mode 100644 cpp/autosar/test/rules/A0-4-4/UncheckedRangeDomainPoleErrors.testref create mode 100644 cpp/common/src/codingstandards/cpp/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.qll rename cpp/{autosar/test/rules/A0-4-4 => common/test/rules/uncheckedrangedomainpoleerrors}/UncheckedRangeDomainPoleErrors.expected (100%) create mode 100644 cpp/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql rename cpp/{autosar/test/rules/A0-4-4 => common/test/rules/uncheckedrangedomainpoleerrors}/test.cpp (100%) diff --git a/cpp/autosar/src/rules/A0-4-4/UncheckedRangeDomainPoleErrors.ql b/cpp/autosar/src/rules/A0-4-4/UncheckedRangeDomainPoleErrors.ql index ed86d17903..76f5406b31 100644 --- a/cpp/autosar/src/rules/A0-4-4/UncheckedRangeDomainPoleErrors.ql +++ b/cpp/autosar/src/rules/A0-4-4/UncheckedRangeDomainPoleErrors.ql @@ -15,69 +15,10 @@ import cpp import codingstandards.cpp.autosar -import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis +import codingstandards.cpp.rules.uncheckedrangedomainpoleerrors.UncheckedRangeDomainPoleErrors -bindingset[name] -Function getMathVariants(string name) { result.hasGlobalOrStdName([name, name + "f", name + "l"]) } - -predicate hasDomainError(FunctionCall fc, string description) { - exists(Function functionWithDomainError | fc.getTarget() = functionWithDomainError | - functionWithDomainError = [getMathVariants(["acos", "asin", "atanh"])] and - not ( - upperBound(fc.getArgument(0)) <= 1.0 and - lowerBound(fc.getArgument(0)) >= -1.0 - ) and - description = - "the argument has a range " + lowerBound(fc.getArgument(0)) + "..." + - upperBound(fc.getArgument(0)) + " which is outside the domain of this function (-1.0...1.0)" - or - functionWithDomainError = getMathVariants(["atan2", "pow"]) and - ( - fc.getArgument(0).getValue().toFloat() = 0 and - fc.getArgument(1).getValue().toFloat() = 0 and - description = "both arguments are equal to zero" - ) - or - functionWithDomainError = getMathVariants("pow") and - ( - upperBound(fc.getArgument(0)) < 0.0 and - upperBound(fc.getArgument(1)) < 0.0 and - description = "both arguments are less than zero" - ) - or - functionWithDomainError = getMathVariants("acosh") and - upperBound(fc.getArgument(0)) < 1.0 and - description = "argument is less than 1" - or - functionWithDomainError = getMathVariants(["ilogb", "logb", "tgamma"]) and - fc.getArgument(0).getValue().toFloat() = 0 and - description = "argument is equal to zero" - or - functionWithDomainError = getMathVariants(["log", "log10", "log2", "sqrt"]) and - upperBound(fc.getArgument(0)) < 0.0 and - description = "argument is negative" - or - functionWithDomainError = getMathVariants("log1p") and - upperBound(fc.getArgument(0)) < -1.0 and - description = "argument is less than 1" - ) +class UncheckedRangeDomainPoleErrorsQuery extends UncheckedRangeDomainPoleErrorsSharedQuery { + UncheckedRangeDomainPoleErrorsQuery() { + this = TypeRangesPackage::uncheckedRangeDomainPoleErrorsQuery() + } } - -/* - * Domain cases not covered by this query: - * - pow - x is finite and negative and y is finite and not an integer value. - * - tgamma - negative integer can't be covered. - * - lrint/llrint/lround/llround - no domain errors checked - * - fmod - no domain errors checked. - * - remainder - no domain errors checked. - * - remquo - no domain errors checked. - * - * Implementations may also define their own domain errors (as per the C99 standard), which are not - * covered by this query. - */ - -from FunctionCall fc, string description -where - not isExcluded(fc, TypeRangesPackage::uncheckedRangeDomainPoleErrorsQuery()) and - hasDomainError(fc, description) -select fc, "Domain error in call to " + fc.getTarget().getName() + ": " + description + "." diff --git a/cpp/autosar/test/rules/A0-4-4/UncheckedRangeDomainPoleErrors.qlref b/cpp/autosar/test/rules/A0-4-4/UncheckedRangeDomainPoleErrors.qlref deleted file mode 100644 index 0c39ff65ab..0000000000 --- a/cpp/autosar/test/rules/A0-4-4/UncheckedRangeDomainPoleErrors.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/A0-4-4/UncheckedRangeDomainPoleErrors.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A0-4-4/UncheckedRangeDomainPoleErrors.testref b/cpp/autosar/test/rules/A0-4-4/UncheckedRangeDomainPoleErrors.testref new file mode 100644 index 0000000000..060c94cfa1 --- /dev/null +++ b/cpp/autosar/test/rules/A0-4-4/UncheckedRangeDomainPoleErrors.testref @@ -0,0 +1 @@ +cpp/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.qll b/cpp/common/src/codingstandards/cpp/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.qll new file mode 100644 index 0000000000..13a937151c --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.qll @@ -0,0 +1,78 @@ +/** + * Provides a library which includes a `problems` predicate for reporting unchecked range, domain and pole errors. + */ + +import cpp +import codingstandards.cpp.CodingStandards +import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis + +abstract class UncheckedRangeDomainPoleErrorsSharedQuery extends Query { } + +Query getQuery() { result instanceof UncheckedRangeDomainPoleErrorsSharedQuery } + +bindingset[name] +Function getMathVariants(string name) { result.hasGlobalOrStdName([name, name + "f", name + "l"]) } + +predicate hasDomainError(FunctionCall fc, string description) { + exists(Function functionWithDomainError | fc.getTarget() = functionWithDomainError | + functionWithDomainError = [getMathVariants(["acos", "asin", "atanh"])] and + not ( + upperBound(fc.getArgument(0)) <= 1.0 and + lowerBound(fc.getArgument(0)) >= -1.0 + ) and + description = + "the argument has a range " + lowerBound(fc.getArgument(0)) + "..." + + upperBound(fc.getArgument(0)) + " which is outside the domain of this function (-1.0...1.0)" + or + functionWithDomainError = getMathVariants(["atan2", "pow"]) and + ( + fc.getArgument(0).getValue().toFloat() = 0 and + fc.getArgument(1).getValue().toFloat() = 0 and + description = "both arguments are equal to zero" + ) + or + functionWithDomainError = getMathVariants("pow") and + ( + upperBound(fc.getArgument(0)) < 0.0 and + upperBound(fc.getArgument(1)) < 0.0 and + description = "both arguments are less than zero" + ) + or + functionWithDomainError = getMathVariants("acosh") and + upperBound(fc.getArgument(0)) < 1.0 and + description = "argument is less than 1" + or + functionWithDomainError = getMathVariants(["ilogb", "logb", "tgamma"]) and + fc.getArgument(0).getValue().toFloat() = 0 and + description = "argument is equal to zero" + or + functionWithDomainError = getMathVariants(["log", "log10", "log2", "sqrt"]) and + upperBound(fc.getArgument(0)) < 0.0 and + description = "argument is negative" + or + functionWithDomainError = getMathVariants("log1p") and + upperBound(fc.getArgument(0)) < -1.0 and + description = "argument is less than 1" + ) +} + +/* + * Domain cases not covered by this query: + * - pow - x is finite and negative and y is finite and not an integer value. + * - tgamma - negative integer can't be covered. + * - lrint/llrint/lround/llround - no domain errors checked + * - fmod - no domain errors checked. + * - remainder - no domain errors checked. + * - remquo - no domain errors checked. + * + * Implementations may also define their own domain errors (as per the C99 standard), which are not + * covered by this query. + */ + +query predicate problems(FunctionCall fc, string message) { + not isExcluded(fc, getQuery()) and + exists(string description | + hasDomainError(fc, description) and + message = "Domain error in call to " + fc.getTarget().getName() + ": " + description + "." + ) +} diff --git a/cpp/autosar/test/rules/A0-4-4/UncheckedRangeDomainPoleErrors.expected b/cpp/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.expected similarity index 100% rename from cpp/autosar/test/rules/A0-4-4/UncheckedRangeDomainPoleErrors.expected rename to cpp/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.expected diff --git a/cpp/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql b/cpp/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql new file mode 100644 index 0000000000..2ceb96c0d7 --- /dev/null +++ b/cpp/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.uncheckedrangedomainpoleerrors.UncheckedRangeDomainPoleErrors diff --git a/cpp/autosar/test/rules/A0-4-4/test.cpp b/cpp/common/test/rules/uncheckedrangedomainpoleerrors/test.cpp similarity index 100% rename from cpp/autosar/test/rules/A0-4-4/test.cpp rename to cpp/common/test/rules/uncheckedrangedomainpoleerrors/test.cpp From 25c6e7728733ef643a13808c517bb20e8ac48e32 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 13 Mar 2023 09:21:03 +0000 Subject: [PATCH 0702/2573] FloatingTypes: Add query for FLP32-C FLP32-C is a straight import of the AUTOSAR rule A0-4-4-. --- .../FLP32-C/UncheckedRangeDomainPoleErrors.md | 352 ++++++++++++++++++ .../FLP32-C/UncheckedRangeDomainPoleErrors.ql | 22 ++ .../UncheckedRangeDomainPoleErrors.testref | 1 + .../UncheckedRangeDomainPoleErrors.expected | 18 + .../UncheckedRangeDomainPoleErrors.ql | 2 + .../uncheckedrangedomainpoleerrors/test.c | 58 +++ 6 files changed, 453 insertions(+) create mode 100644 c/cert/src/rules/FLP32-C/UncheckedRangeDomainPoleErrors.md create mode 100644 c/cert/src/rules/FLP32-C/UncheckedRangeDomainPoleErrors.ql create mode 100644 c/cert/test/rules/FLP32-C/UncheckedRangeDomainPoleErrors.testref create mode 100644 c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.expected create mode 100644 c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql create mode 100644 c/common/test/rules/uncheckedrangedomainpoleerrors/test.c diff --git a/c/cert/src/rules/FLP32-C/UncheckedRangeDomainPoleErrors.md b/c/cert/src/rules/FLP32-C/UncheckedRangeDomainPoleErrors.md new file mode 100644 index 0000000000..d6427b9081 --- /dev/null +++ b/c/cert/src/rules/FLP32-C/UncheckedRangeDomainPoleErrors.md @@ -0,0 +1,352 @@ +# FLP32-C: Prevent or detect domain and range errors in math functions + +This query implements the CERT-C rule FLP32-C: + +> Prevent or detect domain and range errors in math functions + + +## Description + +The C Standard, 7.12.1 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\], defines three types of errors that relate specifically to math functions in ``. Paragraph 2 states + +> *A domain error* occurs if an input argument is outside the domain over which the mathematical function is defined. + + +Paragraph 3 states + +> A *pole error* (also known as a singularity or infinitary) occurs if the mathematical function has an exact infinite result as the finite input argument(s) are approached in the limit. + + +Paragraph 4 states + +> A *range error* occurs if the mathematical result of the function cannot be represented in an object of the specified type, due to extreme magnitude. + + +An example of a domain error is the square root of a negative number, such as `sqrt(-1.0)`, which has no meaning in real arithmetic. Contrastingly, 10 raised to the 1-millionth power, `pow(10., 1e6)`, cannot be represented in many floating-point [implementations](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation) because of the limited range of the type `double` and consequently constitutes a range error. In both cases, the function will return some value, but the value returned is not the correct result of the computation. An example of a pole error is `log(0.0)`, which results in negative infinity. + +Programmers can prevent domain and pole errors by carefully bounds-checking the arguments before calling mathematical functions and taking alternative action if the bounds are violated. + +Range errors usually cannot be prevented because they are dependent on the implementation of floating-point numbers as well as on the function being applied. Instead of preventing range errors, programmers should attempt to detect them and take alternative action if a range error occurs. + +The following table lists the `double` forms of standard mathematical functions, along with checks that should be performed to ensure a proper input domain, and indicates whether they can also result in range or pole errors, as reported by the C Standard. Both `float` and `long double` forms of these functions also exist but are omitted from the table for brevity. If a function has a specific domain over which it is defined, the programmer must check its input values. The programmer must also check for range errors where they might occur. The standard math functions not listed in this table, such as `fabs()`, have no domain restrictions and cannot result in range or pole errors. + +
    Function Domain Range Pole
    acos(x) -1 <= x && x <= 1 No No
    asin(x) -1 <= x && x <= 1 Yes No
    atan(x) None Yes No
    atan2(y, x) None No No
    acosh(x) x >= 1 Yes No
    asinh(x) None Yes No
    atanh(x) -1 < x && x < 1 Yes Yes
    cosh(x) , sinh(x) None Yes No
    exp(x) , exp2(x) , expm1(x) None Yes No
    ldexp(x, exp) None Yes No
    log(x) , log10(x) , log2(x) x >= 0 No Yes
    log1p(x) x >= -1 No Yes
    ilogb(x) x != 0 && !isinf(x) && !isnan(x) Yes No
    logb(x) x != 0 Yes Yes
    scalbn(x, n) , scalbln(x, n) None Yes No
    hypot(x, y) None Yes No
    pow(x,y) x > 0 || (x == 0 && y > 0) || ( x < 0 && y is an integer) Yes Yes
    sqrt(x) x >= 0 No No
    erf(x) None Yes No
    erfc(x) None Yes No
    lgamma(x) , tgamma(x) x != 0 && ! ( x < 0 && x is an integer) Yes Yes
    lrint(x) , lround(x) None Yes No
    fmod(x, y) , remainder(x, y) , remquo(x, y, quo) y != 0 Yes No
    nextafter(x, y) , nexttoward(x, y) None Yes No
    fdim(x,y) None Yes No
    fma(x,y,z) None Yes No
    + + +## Domain and Pole Checking + +The most reliable way to handle domain and pole errors is to prevent them by checking arguments beforehand, as in the following exemplar: + +```cpp +double safe_sqrt(double x) { + if (x < 0) { + fprintf(stderr, "sqrt requires a nonnegative argument"); + /* Handle domain / pole error */ + } + return sqrt (x); +} + +``` + +## Range Checking + +Programmers usually cannot prevent range errors, so the most reliable way to handle them is to detect when they have occurred and act accordingly. + +The exact treatment of error conditions from math functions is tedious. The C Standard, 7.12.1 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\], defines the following behavior for floating-point overflow: + +> A floating result overflows if the magnitude of the mathematical result is finite but so large that the mathematical result cannot be represented without extraordinary roundoff error in an object of the specified type. If a floating result overflows and default rounding is in effect, then the function returns the value of the macro `HUGE_VAL`, `HUGE_VALF`, or `HUGE_VALL` according to the return type, with the same sign as the correct value of the function; if the integer expression `math_errhandling & MATH_ERRNO` is nonzero, the integer expression `errno` acquires the value `ERANGE`; if the integer expression `math_errhandling & MATH_ERREXCEPT` is nonzero, the "overflow" floating-point exception is raised. + + +It is preferable not to check for errors by comparing the returned value against `HUGE_VAL` or `0` for several reasons: + +* These are, in general, valid (albeit unlikely) data values. +* Making such tests requires detailed knowledge of the various error returns for each math function. +* Multiple results aside from `HUGE_VAL` and `0` are possible, and programmers must know which are possible in each case. +* Different versions of the library have varied in their error-return behavior. +It can be unreliable to check for math errors using `errno` because an [implementation](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation) might not set `errno`. For real functions, the programmer determines if the implementation sets `errno` by checking whether `math_errhandling & MATH_ERRNO` is nonzero. For complex functions, the C Standard, 7.3.2, paragraph 1, simply states that "an implementation may set `errno` but is not required to" \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\]. + +The obsolete *System V Interface Definition* (SVID3) \[[UNIX 1992](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-UNIX92)\] provides more control over the treatment of errors in the math library. The programmer can define a function named `matherr()` that is invoked if errors occur in a math function. This function can print diagnostics, terminate the execution, or specify the desired return value. The `matherr()` function has not been adopted by C or POSIX, so it is not generally portable. + +The following error-handing template uses C Standard functions for floating-point errors when the C macro `math_errhandling` is defined and indicates that they should be used; otherwise, it examines `errno`: + +```cpp +#include +#include +#include + +/* ... */ +/* Use to call a math function and check errors */ +{ + #pragma STDC FENV_ACCESS ON + + if (math_errhandling & MATH_ERREXCEPT) { + feclearexcept(FE_ALL_EXCEPT); + } + errno = 0; + + /* Call the math function */ + + if ((math_errhandling & MATH_ERRNO) && errno != 0) { + /* Handle range error */ + } else if ((math_errhandling & MATH_ERREXCEPT) && + fetestexcept(FE_INVALID | FE_DIVBYZERO | + FE_OVERFLOW | FE_UNDERFLOW) != 0) { + /* Handle range error */ + } +} + +``` +See [FLP03-C. Detect and handle floating-point errors](https://wiki.sei.cmu.edu/confluence/display/c/FLP03-C.+Detect+and+handle+floating-point+errors) for more details on how to detect floating-point errors. + +## Subnormal Numbers + +A subnormal number is a nonzero number that does not use all of its precision bits \[[IEEE 754 2006](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-IEEE7542006)\]. These numbers can be used to represent values that are closer to 0 than the smallest normal number (one that uses all of its precision bits). However, the `asin()`, `asinh()`, `atan()`, `atanh()`, and `erf()` functions may produce range errors, specifically when passed a subnormal number. When evaluated with a subnormal number, these functions can produce an inexact, subnormal value, which is an underflow error. The C Standard, 7.12.1, paragraph 6 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\], defines the following behavior for floating-point underflow: + +> The result underflows if the magnitude of the mathematical result is so small that the mathematical result cannot be represented, without extraordinary roundoff error, in an object of the specified type. If the result underflows, the function returns an implementation-defined value whose magnitude is no greater than the smallest normalized positive number in the specified type; if the integer expression `math_errhandling & MATH_ERRNO` is nonzero, whether `errno ` acquires the value `ERANGE ` is implementation-defined; if the integer expression `math_errhandling & MATH_ERREXCEPT` is nonzero, whether the ‘‘underflow’’ floating-point exception is raised is implementation-defined. + + +Implementations that support floating-point arithmetic but do not support subnormal numbers, such as IBM S/360 hex floating-point or nonconforming IEEE-754 implementations that skip subnormals (or support them by flushing them to zero), can return a range error when calling one of the following families of functions with the following arguments: + +* `fmod`((min+subnorm), min)`` +* `remainder`((min+`subnorm`), min)`` +* `remquo`((min+`subnorm`), min, quo)`` +where `min` is the minimum value for the corresponding floating point type and `subnorm` is a subnormal value. + +If Annex F is supported and subnormal results are supported, the returned value is exact and a range error cannot occur. The C Standard, F.10.7.1 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\], specifies the following for the `fmod()`, `remainder()`, and `remquo()` functions: + +> When subnormal results are supported, the returned value is exact and is independent of the current rounding direction mode. + + +Annex F, subclause F.10.7.2, paragraph 2, and subclause F.10.7.3, paragraph 2, of the C Standard identify when subnormal results are supported. + +## Noncompliant Code Example (sqrt()) + +This noncompliant code example determines the square root of `x`: + +```cpp +#include + +void func(double x) { + double result; + result = sqrt(x); +} +``` +However, this code may produce a domain error if `x` is negative. + +## Compliant Solution (sqrt()) + +Because this function has domain errors but no range errors, bounds checking can be used to prevent domain errors: + +```cpp +#include + +void func(double x) { + double result; + + if (isless(x, 0.0)) { + /* Handle domain error */ + } + + result = sqrt(x); +} +``` + +## Noncompliant Code Example (sinh(), Range Errors) + +This noncompliant code example determines the hyperbolic sine of `x`: + +```cpp +#include + +void func(double x) { + double result; + result = sinh(x); +} +``` +This code may produce a range error if `x` has a very large magnitude. + +## Compliant Solution (sinh(), Range Errors) + +Because this function has no domain errors but may have range errors, the programmer must detect a range error and act accordingly: + +```cpp +#include +#include +#include + +void func(double x) { + double result; + { + #pragma STDC FENV_ACCESS ON + if (math_errhandling & MATH_ERREXCEPT) { + feclearexcept(FE_ALL_EXCEPT); + } + errno = 0; + + result = sinh(x); + + if ((math_errhandling & MATH_ERRNO) && errno != 0) { + /* Handle range error */ + } else if ((math_errhandling & MATH_ERREXCEPT) && + fetestexcept(FE_INVALID | FE_DIVBYZERO | + FE_OVERFLOW | FE_UNDERFLOW) != 0) { + /* Handle range error */ + } + } + + /* Use result... */ +} +``` + +## Noncompliant Code Example (pow()) + +This noncompliant code example raises `x` to the power of `y`: + +```cpp +#include + +void func(double x, double y) { + double result; + result = pow(x, y); +} +``` +This code may produce a domain error if `x` is negative and `y` is not an integer value or if `x` is 0 and `y` is 0. A domain error or pole error may occur if `x` is 0 and `y` is negative, and a range error may occur if the result cannot be represented as a `double`. + +## Compliant Solution (pow()) + +Because the `pow()` function can produce domain errors, pole errors, and range errors, the programmer must first check that `x` and `y` lie within the proper domain and do not generate a pole error and then detect whether a range error occurs and act accordingly: + +```cpp +#include +#include +#include + +void func(double x, double y) { + double result; + + if (((x == 0.0f) && islessequal(y, 0.0)) || isless(x, 0.0)) { + /* Handle domain or pole error */ + } + + { + #pragma STDC FENV_ACCESS ON + if (math_errhandling & MATH_ERREXCEPT) { + feclearexcept(FE_ALL_EXCEPT); + } + errno = 0; + + result = pow(x, y); + + if ((math_errhandling & MATH_ERRNO) && errno != 0) { + /* Handle range error */ + } else if ((math_errhandling & MATH_ERREXCEPT) && + fetestexcept(FE_INVALID | FE_DIVBYZERO | + FE_OVERFLOW | FE_UNDERFLOW) != 0) { + /* Handle range error */ + } + } + + /* Use result... */ +} +``` + +## Noncompliant Code Example (asin(), Subnormal Number) + +This noncompliant code example determines the inverse sine of `x`: + +```cpp +#include + +void func(float x) { + float result = asin(x); + /* ... */ +} +``` + +## Compliant Solution (asin(), Subnormal Number) + +Because this function has no domain errors but may have range errors, the programmer must detect a range error and act accordingly: + +```cpp +#include +#include +#include +void func(float x) { + float result; + + { + #pragma STDC FENV_ACCESS ON + if (math_errhandling & MATH_ERREXCEPT) { + feclearexcept(FE_ALL_EXCEPT); + } + errno = 0; + + result = asin(x); + + if ((math_errhandling & MATH_ERRNO) && errno != 0) { + /* Handle range error */ + } else if ((math_errhandling & MATH_ERREXCEPT) && + fetestexcept(FE_INVALID | FE_DIVBYZERO | + FE_OVERFLOW | FE_UNDERFLOW) != 0) { + /* Handle range error */ + } + } + + /* Use result... */ +} +``` + +## Risk Assessment + +Failure to prevent or detect domain and range errors in math functions may cause unexpected results. + +
    Rule Severity Likelihood Remediation Cost Priority Level
    FLP32-C Medium Probable Medium P8 L2
    + + +## Automated Detection + +
    Tool Version Checker Description
    Astrée 22.04 stdlib-limits Partially checked
    Axivion Bauhaus Suite 7.2.0 CertC-FLP32 Partially implemented
    CodeSonar 7.2p0 MATH.DOMAIN.ATANMATH.DOMAIN.TOOHIGHMATH.DOMAIN.TOOLOWMATH.DOMAINMATH.RANGEMATH.RANGE.GAMMAMATH.DOMAIN.LOGMATH.RANGE.LOGMATH.DOMAIN.FE_INVALIDMATH.DOMAIN.POWMATH.RANGE.COSH.TOOHIGHMATH.RANGE.COSH.TOOLOWMATH.DOMAIN.SQRT Arctangent Domain Error Argument Too High Argument Too Low Floating Point Domain Error Floating Point Range Error Gamma on Zero Logarithm on Negative Value Logarithm on Zero Raises FE_INVALID Undefined Power of Zero cosh on High Number cosh on Low Number sqrt on Negative Value
    Helix QAC 2022.4 C5025 C++5033
    Parasoft C/C++test 2022.2 CERT_C-FLP32-a Validate values passed to library functions
    PC-lint Plus 1.4 2423 Partially supported: reports domain errors for functions with the Semantics \*dom_1, \*dom_lt0, or \*dom_lt1, including standard library math functions
    Polyspace Bug Finder R2022b CERT-C: Rule FLP32-C Checks for invalid use of standard library floating point routine (rule fully covered)
    PRQA QA-C 9.7 5025
    PRQA QA-C++ 4.4 5033
    RuleChecker 22.04 stdlib-limits Partially checked
    TrustInSoft Analyzer 1.38 out-of-range argument Partially verified.
    + + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+FLP32-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
    Taxonomy Taxonomy item Relationship
    CERT C Secure Coding Standard FLP03-C. Detect and handle floating-point errors Prior to 2018-01-12: CERT: Unspecified Relationship
    CWE 2.11 CWE-682 , Incorrect Calculation 2017-07-07: CERT: Rule subset of CWE
    + + +## CERT-CWE Mapping Notes + +[Key here](https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=87152408#HowthisCodingStandardisOrganized-CERT-CWEMappingNotes) for mapping notes + +**CWE-391 and FLP32-C** + +Intersection( CWE-391, FLP32-C) = + +* Failure to detect range errors in floating-point calculations +CWE-391 - FLP32-C +* Failure to detect errors in functions besides floating-point calculations +FLP32-C – CWE-391 = +* Failure to detect domain errors in floating-point calculations +**CWE-682 and FLP32-C** + +Independent( INT34-C, FLP32-C, INT33-C) CWE-682 = Union( FLP32-C, list) where list = + +* Incorrect calculations that do not involve floating-point range errors + +## Bibliography + +
    \[ ISO/IEC 9899:2011 \] 7.3.2, "Conventions" 7.12.1, "Treatment of Error Conditions" F.10.7, "Remainder Functions"
    \[ IEEE 754 2006 \]
    \[ Plum 1985 \] Rule 2-2
    \[ Plum 1989 \] Topic 2.10, "conv—Conversions and Overflow"
    \[ UNIX 1992 \] System V Interface Definition (SVID3)
    + + +## Implementation notes + +None + +## References + +* CERT-C: [FLP32-C: Prevent or detect domain and range errors in math functions](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/FLP32-C/UncheckedRangeDomainPoleErrors.ql b/c/cert/src/rules/FLP32-C/UncheckedRangeDomainPoleErrors.ql new file mode 100644 index 0000000000..fc054d7289 --- /dev/null +++ b/c/cert/src/rules/FLP32-C/UncheckedRangeDomainPoleErrors.ql @@ -0,0 +1,22 @@ +/** + * @id c/cert/unchecked-range-domain-pole-errors + * @name FLP32-C: Prevent or detect domain and range errors in math functions + * @description Range, domain or pole errors in math functions may return unexpected values, trigger + * floating-point exceptions or set unexpected error modes. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/cert/id/flp32-c + * correctness + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import codingstandards.cpp.rules.uncheckedrangedomainpoleerrors.UncheckedRangeDomainPoleErrors + +class UncheckedRangeDomainPoleErrorsQuery extends UncheckedRangeDomainPoleErrorsSharedQuery { + UncheckedRangeDomainPoleErrorsQuery() { + this = FloatingTypesPackage::uncheckedRangeDomainPoleErrorsQuery() + } +} diff --git a/c/cert/test/rules/FLP32-C/UncheckedRangeDomainPoleErrors.testref b/c/cert/test/rules/FLP32-C/UncheckedRangeDomainPoleErrors.testref new file mode 100644 index 0000000000..50cf3fcb51 --- /dev/null +++ b/c/cert/test/rules/FLP32-C/UncheckedRangeDomainPoleErrors.testref @@ -0,0 +1 @@ +c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql \ No newline at end of file diff --git a/c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.expected b/c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.expected new file mode 100644 index 0000000000..bf440fe311 --- /dev/null +++ b/c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.expected @@ -0,0 +1,18 @@ +| test.c:4:3:4:6 | call to acos | Domain error in call to acos: the argument has a range -1.1...-1.1 which is outside the domain of this function (-1.0...1.0). | +| test.c:8:3:8:6 | call to acos | Domain error in call to acos: the argument has a range 1.1...1.1 which is outside the domain of this function (-1.0...1.0). | +| test.c:9:3:9:6 | call to asin | Domain error in call to asin: the argument has a range -1.1...-1.1 which is outside the domain of this function (-1.0...1.0). | +| test.c:13:3:13:6 | call to asin | Domain error in call to asin: the argument has a range 1.1...1.1 which is outside the domain of this function (-1.0...1.0). | +| test.c:14:3:14:7 | call to atanh | Domain error in call to atanh: the argument has a range -1.1...-1.1 which is outside the domain of this function (-1.0...1.0). | +| test.c:18:3:18:7 | call to atanh | Domain error in call to atanh: the argument has a range 1.1...1.1 which is outside the domain of this function (-1.0...1.0). | +| test.c:19:3:19:7 | call to atan2 | Domain error in call to atan2: both arguments are equal to zero. | +| test.c:23:3:23:5 | call to pow | Domain error in call to pow: both arguments are equal to zero. | +| test.c:27:3:27:5 | call to pow | Domain error in call to pow: both arguments are less than zero. | +| test.c:33:3:33:7 | call to acosh | Domain error in call to acosh: argument is less than 1. | +| test.c:34:3:34:7 | call to ilogb | Domain error in call to ilogb: argument is equal to zero. | +| test.c:37:3:37:5 | call to log | Domain error in call to log: argument is negative. | +| test.c:40:3:40:7 | call to log10 | Domain error in call to log10: argument is negative. | +| test.c:43:3:43:6 | call to log2 | Domain error in call to log2: argument is negative. | +| test.c:46:3:46:6 | call to sqrt | Domain error in call to sqrt: argument is negative. | +| test.c:49:3:49:7 | call to log1p | Domain error in call to log1p: argument is less than 1. | +| test.c:52:3:52:6 | call to logb | Domain error in call to logb: argument is equal to zero. | +| test.c:55:3:55:8 | call to tgamma | Domain error in call to tgamma: argument is equal to zero. | diff --git a/c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql b/c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql new file mode 100644 index 0000000000..2ceb96c0d7 --- /dev/null +++ b/c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.uncheckedrangedomainpoleerrors.UncheckedRangeDomainPoleErrors diff --git a/c/common/test/rules/uncheckedrangedomainpoleerrors/test.c b/c/common/test/rules/uncheckedrangedomainpoleerrors/test.c new file mode 100644 index 0000000000..47d7b1e683 --- /dev/null +++ b/c/common/test/rules/uncheckedrangedomainpoleerrors/test.c @@ -0,0 +1,58 @@ +#include + +void test() { + acos(-1.1f); // NON_COMPLIANT + acos(-1.0f); // COMPLIANT + acos(0.0f); // COMPLIANT + acos(1.0f); // COMPLIANT + acos(1.1f); // NON_COMPLIANT + asin(-1.1f); // NON_COMPLIANT + asin(-1.0f); // COMPLIANT + asin(0.0f); // COMPLIANT + asin(1.0f); // COMPLIANT + asin(1.1f); // NON_COMPLIANT + atanh(-1.1f); // NON_COMPLIANT + atanh(-1.0f); // COMPLIANT + atanh(0.0f); // COMPLIANT + atanh(1.0f); // COMPLIANT + atanh(1.1f); // NON_COMPLIANT + atan2(0.0f, 0.0f); // NON_COMPLIANT + atan2(1.0f, 0.0f); // COMPLIANT + atan2(0.0f, 1.0f); // COMPLIANT + atan2(1.0f, 1.0f); // COMPLIANT + pow(0.0f, 0.0f); // NON_COMPLIANT + pow(1.0f, 0.0f); // COMPLIANT + pow(0.0f, 1.0f); // COMPLIANT + pow(1.0f, 1.0f); // COMPLIANT + pow(-1.0f, -1.0f); // NON_COMPLIANT + pow(-1.0f, 0.0f); // COMPLIANT + pow(0.0f, -1.0f); // COMPLIANT + pow(1.0f, -1.0f); // COMPLIANT + pow(-1.0f, 1.0f); // COMPLIANT + acosh(1.0f); // COMPLIANT + acosh(0.9f); // NON_COMPLIANT + ilogb(0.0f); // NON_COMPLIANT + ilogb(1.0f); // COMPLIANT + ilogb(-1.0f); // COMPLIANT + log(-1.0f); // NON_COMPLIANT + log(0.0f); // COMPLIANT + log(1.0f); // COMPLIANT + log10(-1.0f); // NON_COMPLIANT + log10(0.0f); // COMPLIANT + log10(1.0f); // COMPLIANT + log2(-1.0f); // NON_COMPLIANT + log2(0.0f); // COMPLIANT + log2(1.0f); // COMPLIANT + sqrt(-1.0f); // NON_COMPLIANT + sqrt(0.0f); // COMPLIANT + sqrt(1.0f); // COMPLIANT + log1p(-2.0f); // NON_COMPLIANT + log1p(-1.0f); // COMPLIANT + log1p(0.0f); // COMPLIANT + logb(0.0f); // NON_COMPLIANT + logb(1.0f); // COMPLIANT + logb(-1.0f); // COMPLIANT + tgamma(0.0f); // NON_COMPLIANT + tgamma(1.0f); // COMPLIANT + tgamma(-1.1f); // COMPLIANT +} From 74ceace10577957447ebb7dc44675c46d72bdc2c Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 13 Mar 2023 09:22:35 +0000 Subject: [PATCH 0703/2573] FloatingTypes: Implement FLP34-C Adds a query for FLP34-C which checks whether a float-to-int conversion is within the bounds of the new type. We check (a) for a bounded range or (b) a suitable guard on the conversion that indicates the float has been considered against the precision of the integer. --- .../UncheckedFloatingPointConversion.md | 181 ++++++++++++++++++ .../UncheckedFloatingPointConversion.ql | 91 +++++++++ .../UncheckedFloatingPointConversion.expected | 1 + .../UncheckedFloatingPointConversion.qlref | 1 + c/cert/test/rules/FLP34-C/test.c | 38 ++++ 5 files changed, 312 insertions(+) create mode 100644 c/cert/src/rules/FLP34-C/UncheckedFloatingPointConversion.md create mode 100644 c/cert/src/rules/FLP34-C/UncheckedFloatingPointConversion.ql create mode 100644 c/cert/test/rules/FLP34-C/UncheckedFloatingPointConversion.expected create mode 100644 c/cert/test/rules/FLP34-C/UncheckedFloatingPointConversion.qlref create mode 100644 c/cert/test/rules/FLP34-C/test.c diff --git a/c/cert/src/rules/FLP34-C/UncheckedFloatingPointConversion.md b/c/cert/src/rules/FLP34-C/UncheckedFloatingPointConversion.md new file mode 100644 index 0000000000..2ff0fcf262 --- /dev/null +++ b/c/cert/src/rules/FLP34-C/UncheckedFloatingPointConversion.md @@ -0,0 +1,181 @@ +# FLP34-C: Ensure that floating-point conversions are within range of the new type + +This query implements the CERT-C rule FLP34-C: + +> Ensure that floating-point conversions are within range of the new type + + +## Description + +If a floating-point value is to be converted to a floating-point value of a smaller range and precision or to an integer type, or if an integer type is to be converted to a floating-point type, the value must be representable in the destination type. + +The C Standard, 6.3.1.4, paragraph 1 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\], says, + +> When a finite value of real floating type is converted to an integer type other than `_Bool`, the fractional part is discarded (i.e., the value is truncated toward zero). If the value of the integral part cannot be represented by the integer type, the behavior is [undefined](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). + + +Paragraph 2 of the same subclause says, + +> When a value of integer type is converted to a real floating type, if the value being converted can be represented exactly in the new type, it is unchanged. If the value being converted is in the range of values that can be represented but cannot be represented exactly, the result is either the nearest higher or nearest lower representable value, chosen in an [implementation-defined](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation-definedbehavior) manner. If the value being converted is outside the range of values that can be represented, the behavior is [undefined](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). + + +And subclause 6.3.1.5, paragraph 1, says, + +> When a value of real floating type is converted to a real floating type, if the value being converted can be represented exactly in the new type, it is unchanged. If the value being converted is in the range of values that can be represented but cannot be represented exactly, the result is either the nearest higher or nearest lower representable value, chosen in an [implementation-defined](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation-definedbehavior) manner. If the value being converted is outside the range of values that can be represented, the behavior is [undefined](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). + + +See [undefined behaviors 17](https://wiki.sei.cmu.edu/confluence/display/c/CC.+Undefined+Behavior#CC.UndefinedBehavior-ub_17) and [18](https://wiki.sei.cmu.edu/confluence/display/c/CC.+Undefined+Behavior#CC.UndefinedBehavior-ub_18). + +This rule does not apply to demotions of floating-point types on [implementations](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation) that support signed infinity, such as IEEE 754, as all values are within range. + +## Noncompliant Code Example (float to int) + +This noncompliant code example leads to undefined behavior if the integral part of `f_a` cannot be represented as an integer: + +```cpp +void func(float f_a) { + int i_a; + + /* Undefined if the integral part of f_a cannot be represented. */ + i_a = f_a; +} +``` + +## Compliant Solution (float to int) + +This compliant solution tests to ensure that the `float` value will fit within the `int` variable before performing the assignment. + +```cpp +#include +#include +#include +#include +#include + +extern size_t popcount(uintmax_t); /* See INT35-C */ +#define PRECISION(umax_value) popcount(umax_value) + +void func(float f_a) { + int i_a; + + if (isnan(f_a) || + PRECISION(INT_MAX) < log2f(fabsf(f_a)) || + (f_a != 0.0F && fabsf(f_a) < FLT_MIN)) { + /* Handle error */ + } else { + i_a = f_a; + } +} + +``` + +## Noncompliant Code Example (Narrowing Conversion) + +This noncompliant code example attempts to perform conversions that may result in truncating values outside the range of the destination types: + +```cpp +void func(double d_a, long double big_d) { + double d_b = (float)big_d; + float f_a = (float)d_a; + float f_b = (float)big_d; +} + +``` +As a result of these conversions, it is possible that `d_a` is outside the range of values that can be represented by a float or that `big_d` is outside the range of values that can be represented as either a `float` or a `double`. If this is the case, the result is undefined on implementations that do not support Annex F, "IEC 60559 Floating-Point Arithmetic." + +## Compliant Solution (Narrowing Conversion) + +This compliant solution checks whether the values to be stored can be represented in the new type: + +```cpp +#include +#include + +void func(double d_a, long double big_d) { + double d_b; + float f_a; + float f_b; + + if (d_a != 0.0 && + (isnan(d_a) || + isgreater(fabs(d_a), FLT_MAX) || + isless(fabs(d_a), FLT_MIN))) { + /* Handle error */ + } else { + f_a = (float)d_a; + } + if (big_d != 0.0 && + (isnan(big_d) || + isgreater(fabs(big_d), FLT_MAX) || + isless(fabs(big_d), FLT_MIN))) { + /* Handle error */ + } else { + f_b = (float)big_d; + } + if (big_d != 0.0 && + (isnan(big_d) || + isgreater(fabs(big_d), DBL_MAX) || + isless(fabs(big_d), DBL_MIN))) { + /* Handle error */ + } else { + d_b = (double)big_d; + } +} + +``` + +## Risk Assessment + +Converting a floating-point value to a floating-point value of a smaller range and precision or to an integer type, or converting an integer type to a floating-point type, can result in a value that is not representable in the destination type and is undefined behavior on implementations that do not support Annex F. + +
    Rule Severity Likelihood Remediation Cost Priority Level
    FLP34-C Low Unlikely Low P3 L3
    + + +## Automated Detection + +
    Tool Version Checker Description
    Astrée 22.04 Supported Astrée reports all potential overflows resulting from floating-point conversions.
    Compass/ROSE Can detect some violations of this rule. However, it does not flag implicit casts, only explicit ones
    CodeSonar 7.2p0 LANG.TYPE.IAT Inappropriate Assignment Type
    Coverity 2017.07 MISRA_CAST (needs verification) Can detect instances where implicit float conversion is involved: implicitly converting a complex expression with integer type to floating type, implicitly converting a double expression to narrower float type (may lose precision), implicitly converting a complex expression from float to double , implicitly converting from float to double in a function argument, and so on
    Helix QAC 2022.4 C4450, C4451, C4452, C4453, C4454, C4462, C4465 C++3011
    Klocwork 2022.4 MISRA.CAST.FLOAT.WIDER MISRA.CAST.FLOAT.INT MISRA.CAST.INT_FLOAT MISRA.CONV.FLOAT
    LDRA tool suite 9.7.1 435 S, 93 S Partially implemented
    Parasoft C/C++test 2022.2 CERT_C-FLP34-aCERT_C-FLP34-b Avoid implicit conversions from wider to narrower floating type Avoid implicit conversions of floating point numbers from wider to narrower floating type
    PC-lint Plus 1.4 735, 736,915, 922,9118, 9227 Partially supported
    Polyspace Bug Finder R2022b CERT C: Rule FLP34-C Checks for float conversion overflow (rule partially covered)
    PRQA QA-C 9.7 4450, 4451, 4452, 4453,4454, 4462, 4465 Partially implemented
    PRQA QA-C++ 4.4 3011
    PVS-Studio 7.23 V615 , V2003 , V2004
    TrustInSoft Analyzer 1.38 float_to_int Exhaustively verified (see one compliant and one non-compliant example ).
    + + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+FLP34-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
    Taxonomy Taxonomy item Relationship
    CERT Oracle Secure Coding Standard for Java NUM12-J. Ensure conversions of numeric types to narrower types do not result in lost or misinterpreted data Prior to 2018-01-12: CERT: Unspecified Relationship
    ISO/IEC TR 24772:2013 Numeric Conversion Errors \[FLC\] Prior to 2018-01-12: CERT: Unspecified Relationship
    CWE 2.11 CWE-681 , Incorrect Conversion between Numeric Types 2017-06-29: CERT: Rule subset of CWE
    CWE 2.11 CWE-197 2017-06-14: CERT: Rule subset of CWE
    + + +## CERT-CWE Mapping Notes + +[Key here](https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=87152408#HowthisCodingStandardisOrganized-CERT-CWEMappingNotes) for mapping notes + +**CWE-197 and FLP34-C** + +Independent( FLP34-C, INT31-C) FIO34-C = Subset( INT31-C) + +CWE-197 = Union( FLP34-C, INT31-C) + +**CWE-195 and FLP34-C** + +Intersection( CWE-195, FLP34-C) = Ø + +Both conditions involve type conversion. However, CWE-195 explicitly focuses on conversions between unsigned vs signed types, whereas FLP34-C focuses on floating-point arithmetic. + +**CWE-681 and FLP34-C** + +CWE-681 = Union( FLP34-C, INT31-C) + +## Bibliography + +
    \[ IEEE 754 2006 \]
    \[ ISO/IEC 9899:2011 \] Subclause 6.3.1.4, "Real Floating and Integer" Subclause 6.3.1.5, "Real Floating Types"
    + + +## Implementation notes + +None + +## References + +* CERT-C: [FLP34-C: Ensure that floating-point conversions are within range of the new type](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/FLP34-C/UncheckedFloatingPointConversion.ql b/c/cert/src/rules/FLP34-C/UncheckedFloatingPointConversion.ql new file mode 100644 index 0000000000..fb93797d3a --- /dev/null +++ b/c/cert/src/rules/FLP34-C/UncheckedFloatingPointConversion.ql @@ -0,0 +1,91 @@ +/** + * @id c/cert/unchecked-floating-point-conversion + * @name FLP34-C: Ensure that floating-point conversions are within range of the new type + * @description + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/cert/id/flp34-c + * correctness + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis +import semmle.code.cpp.controlflow.Guards + +/* + * There are three cases to consider under this rule: + * 1) Float-to-int + * 2) Narrowing float-to-float conversions + * 3) Int-to-float + * + * The first results in undefined behaviour if the float is outside the range of the int, and is + * the topic of this query. + * + * The second two cases only cause undefined behaviour if the floating point format does not + * support -inf/+inf. This information is not definitively present in the CodeQL database. The + * macro INFINITY in principle differs in the two cases, but we are unable to distinguish one case + * from the other. + * + * (2) and (3) do not appear to be problems in practice on the hardware targets and compilers we + * support, because they all provide +inf and -inf unconditionally. + */ + +/** + * A function whose name is suggestive that it counts the number of bits set. + */ +class PopCount extends Function { + PopCount() { this.getName().toLowerCase().matches("%popc%nt%") } +} + +/** + * A macro which is suggestive that it is used to determine the precision of an integer. + */ +class PrecisionMacro extends Macro { + PrecisionMacro() { this.getName().toLowerCase().matches("precision") } +} + +bindingset[value] +predicate withinIntegralRange(IntegralType typ, float value) { + exists(float lb, float ub, float limit | + limit = 2.pow(8 * typ.getSize()) and + ( + if typ.isUnsigned() + then ( + lb = 0 and ub = limit - 1 + ) else ( + lb = -limit / 2 and + ub = (limit / 2) - 1 + ) + ) and + value >= lb and + value <= ub + ) +} + +from FloatingPointToIntegralConversion c, ArithmeticType underlyingTypeAfter +where + not isExcluded(c, FloatingTypesPackage::uncheckedFloatingPointConversionQuery()) and + underlyingTypeAfter = c.getUnderlyingType() and + not ( + // Either the upper or lower bound of the expression is outside the range of the new type + withinIntegralRange(underlyingTypeAfter, [upperBound(c.getExpr()), lowerBound(c.getExpr())]) + or + // Heuristic - is there are guard the abs value of the float can fit in the precision of an int? + exists(GuardCondition gc, FunctionCall log2f, FunctionCall fabsf, Expr precision | + // gc.controls(c, false) and + log2f.getTarget().hasGlobalOrStdName("log2f") and + fabsf.getTarget().hasGlobalOrStdName("fabsf") and + log2f.getArgument(0) = fabsf and + // Precision is either a macro expansion or function call + ( + precision.(FunctionCall).getTarget() instanceof PopCount + or + precision = any(PrecisionMacro pm).getAnInvocation().getExpr() + ) and + gc.ensuresLt(precision, log2f, 0, c.getExpr().getBasicBlock(), false) + ) + ) +select c, "Conversion of float to integer without appropriate guards avoiding undefined behavior." diff --git a/c/cert/test/rules/FLP34-C/UncheckedFloatingPointConversion.expected b/c/cert/test/rules/FLP34-C/UncheckedFloatingPointConversion.expected new file mode 100644 index 0000000000..78ef781335 --- /dev/null +++ b/c/cert/test/rules/FLP34-C/UncheckedFloatingPointConversion.expected @@ -0,0 +1 @@ +| test.c:8:11:8:11 | (int)... | Conversion of float to integer without appropriate guards avoiding undefined behavior. | diff --git a/c/cert/test/rules/FLP34-C/UncheckedFloatingPointConversion.qlref b/c/cert/test/rules/FLP34-C/UncheckedFloatingPointConversion.qlref new file mode 100644 index 0000000000..f539ee6e39 --- /dev/null +++ b/c/cert/test/rules/FLP34-C/UncheckedFloatingPointConversion.qlref @@ -0,0 +1 @@ +rules/FLP34-C/UncheckedFloatingPointConversion.ql \ No newline at end of file diff --git a/c/cert/test/rules/FLP34-C/test.c b/c/cert/test/rules/FLP34-C/test.c new file mode 100644 index 0000000000..daac5997b3 --- /dev/null +++ b/c/cert/test/rules/FLP34-C/test.c @@ -0,0 +1,38 @@ +#include +#include +#include +#include +#include + +void test_no_guard(float f) { + int i = f; // NON_COMPLIANT +} + +void test_fixed_narrow_range(float f) { + if (f > 0.0f && f < 100.0f) { + int i = f; // COMPLIANT + } +} + +/* Returns the number of set bits */ +size_t popcount(uintmax_t num) { + size_t precision = 0; + while (num != 0) { + if (num % 2 == 1) { + precision++; + } + num >>= 1; + } + return precision; +} +#define PRECISION(umax_value) popcount(umax_value) + +void test_precision_check(float f) { + if (isnan(f) || + PRECISION(INT_MAX) < log2f(fabsf(f)) || + (f != 0.0F && fabsf(f) < FLT_MIN)) { + /* Handle error */ + } else { + int i= f; // COMPLIANT + } +} \ No newline at end of file From 53d50aea69051dd16dca29a976f6877c68d1d4b9 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 13 Mar 2023 09:28:28 +0000 Subject: [PATCH 0704/2573] FloatingTypes: Implement FLP36-C Add a query to detect integer to float conversions where precision may be lost because the mantissa of the float is limited in size. The strategy here is to assume IEEE754 and standard mantissa size, then use range analysis to determine an upper bound on the value converted and check if that exceeds the "safe" upper limit where all below can be fully represented. --- .../FLP36-C/IntToFloatPreservePrecision.md | 94 +++++++++++++++++++ .../FLP36-C/IntToFloatPreservePrecision.ql | 68 ++++++++++++++ .../IntToFloatPreservePrecision.expected | 6 ++ .../FLP36-C/IntToFloatPreservePrecision.qlref | 1 + c/cert/test/rules/FLP36-C/test.c | 30 ++++++ 5 files changed, 199 insertions(+) create mode 100644 c/cert/src/rules/FLP36-C/IntToFloatPreservePrecision.md create mode 100644 c/cert/src/rules/FLP36-C/IntToFloatPreservePrecision.ql create mode 100644 c/cert/test/rules/FLP36-C/IntToFloatPreservePrecision.expected create mode 100644 c/cert/test/rules/FLP36-C/IntToFloatPreservePrecision.qlref create mode 100644 c/cert/test/rules/FLP36-C/test.c diff --git a/c/cert/src/rules/FLP36-C/IntToFloatPreservePrecision.md b/c/cert/src/rules/FLP36-C/IntToFloatPreservePrecision.md new file mode 100644 index 0000000000..b5602efa79 --- /dev/null +++ b/c/cert/src/rules/FLP36-C/IntToFloatPreservePrecision.md @@ -0,0 +1,94 @@ +# FLP36-C: Preserve precision when converting integral values to floating-point type + +This query implements the CERT-C rule FLP36-C: + +> Preserve precision when converting integral values to floating-point type + + +## Description + +Narrower arithmetic types can be cast to wider types without any effect on the magnitude of numeric values. However, whereas integer types represent exact values, floating-point types have limited precision. The C Standard, 6.3.1.4 paragraph 2 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\], states + +> When a value of integer type is converted to a real floating type, if the value being converted can be represented exactly in the new type, it is unchanged. If the value being converted is in the range of values that can be represented but cannot be represented exactly, the result is either the nearest higher or nearest lower representable value, chosen in an [implementation-defined](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation-definedbehavior) manner. If the value being converted is outside the range of values that can be represented, the behavior is [undefined](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). Results of some implicit conversions may be represented in greater range and precision than that required by the new type (see 6.3.1.8 and 6.8.6.4). + + +Conversion from integral types to floating-point types without sufficient precision can lead to loss of precision (loss of least significant bits). No runtime exception occurs despite the loss. + +## Noncompliant Code Example + +In this noncompliant example, a large value of type `long int` is converted to a value of type `float` without ensuring it is representable in the type: + +```cpp +#include + +int main(void) { + long int big = 1234567890L; + float approx = big; + printf("%ld\n", (big - (long int)approx)); + return 0; +} + +``` +For most floating-point hardware, the value closest to `1234567890` that is representable in type `float` is `1234567844`; consequently, this program prints the value `-46`. + +## Compliant Solution + +This compliant solution replaces the type `float` with a `double`. Furthermore, it uses an assertion to guarantee that the `double` type can represent any `long int` without loss of precision. (See [INT35-C. Use correct integer precisions](https://wiki.sei.cmu.edu/confluence/display/c/INT35-C.+Use+correct+integer+precisions) and [MSC11-C. Incorporate diagnostic tests using assertions](https://wiki.sei.cmu.edu/confluence/display/c/MSC11-C.+Incorporate+diagnostic+tests+using+assertions).) + +```cpp +#include +#include +#include +#include +#include +#include + +extern size_t popcount(uintmax_t); /* See INT35-C */ +#define PRECISION(umax_value) popcount(umax_value) + +int main(void) { + assert(PRECISION(LONG_MAX) <= DBL_MANT_DIG * log2(FLT_RADIX)); + long int big = 1234567890L; + double approx = big; + printf("%ld\n", (big - (long int)approx)); + return 0; +} + +``` +On the same implementation, this program prints `0`, implying that the integer value `1234567890` is representable in type `double` without change. + +## Risk Assessment + +Conversion from integral types to floating-point types without sufficient precision can lead to loss of precision (loss of least significant bits). + +
    Rule Severity Likelihood Remediation Cost Priority Level
    FLP36-C Low Unlikely Medium P2 L3
    + + +## Automated Detection + +
    Tool Version Checker Description
    Astrée 22.04 Supported: Astrée keeps track of all floating point rounding errors and loss of precision and reports code defects resulting from those.
    CodeSonar 7.2p0 LANG.TYPE.IAT Inappropriate Assignment Type
    Coverity 2017.07 MISRA C 2004 Rule 10.x (needs investigation) Needs investigation
    Helix QAC 2022.4 C1260, C1263, C1298, C1299, C1800, C1802, C1803, C1804, C4117, C4435, C4437, C4445 C++3011
    Klocwork 2022.4 PORTING.CAST.FLTPNT
    LDRA tool suite 9.7.1 435 S Fully implemented
    Parasoft C/C++test 2022.2 CERT_C-FLP36-a CERT_C-FLP36-b Implicit conversions from integral to floating type which may result in a loss of information shall not be used Implicit conversions from integral constant to floating type which may result in a loss of information shall not be used
    PC-lint Plus 1.4 915, 922 Partially supported
    Polyspace Bug Finder R2022b CERT-C: Rule FLP36-C Checks for precision loss in integer to float conversion (rule fully covered)
    PRQA QA-C 9.7 1260, 1263, 1298, 1299, 1800, 1802, 1803, 1804, 4117, 4435, 4437, 4445
    PRQA QA-C++ 4.4 3011
    PVS-Studio 7.23 V674
    + + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+FLP36-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
    Taxonomy Taxonomy item Relationship
    CERT C Secure Coding Standard DCL03-C. Use a static assertion to test the value of a constant expression Prior to 2018-01-12: CERT: Unspecified Relationship
    CERT Oracle Secure Coding Standard for Java NUM13-J. Avoid loss of precision when converting primitive integers to floating-point Prior to 2018-01-12: CERT: Unspecified Relationship
    + + +## Bibliography + +
    \[ ISO/IEC 9899:2011 \] Subclause 6.3.1.4, "Real Floating and Integer"
    + + +## Implementation notes + +None + +## References + +* CERT-C: [FLP36-C: Preserve precision when converting integral values to floating-point type](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/FLP36-C/IntToFloatPreservePrecision.ql b/c/cert/src/rules/FLP36-C/IntToFloatPreservePrecision.ql new file mode 100644 index 0000000000..067c2e67a6 --- /dev/null +++ b/c/cert/src/rules/FLP36-C/IntToFloatPreservePrecision.ql @@ -0,0 +1,68 @@ +/** + * @id c/cert/int-to-float-preserve-precision + * @name FLP36-C: Preserve precision when converting integral values to floating-point type + * @description + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/cert/id/flp36-c + * correctness + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis + +/** + * Gets the maximum precise integral value for a floating point type, i.e. the maximum value that + * can be stored without loss of precision, and for which all smaller values can be stored without + * loss of precision. + * + * We make the assumption of a standard IEEE 754 floating point format and use the number of bits + * in the mantissa to determine the maximum value that can be stored precisely. + */ +float getMaxPreciseValue(FloatingPointType fp) { + // A 4-byte float has a 23-bit mantissa, but there is an implied leading 1, which makes a total + // of 24 bits, which can represent (2^24 -1) = 16,777,215 distinct values. However, 2^24 is also + // fully representable, so the maximum representable value is 2^24. + fp.getSize() = 4 and result = 2.pow(24) + or + // An 8-byte double has a 53-bit mantissa, similar logic to the above. + fp.getSize() = 8 and result = 2.pow(53) +} + +from + IntegralToFloatingPointConversion c, float maxPreciseValue, string message, + FloatingPointType targetType +where + not isExcluded(c, FloatingTypesPackage::intToFloatPreservePrecisionQuery()) and + targetType = c.getType() and + // Get the maximum value for which all smaller values can be stored precisely + maxPreciseValue = getMaxPreciseValue(targetType) and + ( + // Find the upper bound, and determine if it is greater than the maximum value that can be + // stored precisely. + // Note: the range analysis also works on floats (doubles), which means that it also loses + // precision at the end of the 64 bit mantissa range. + exists(float upper | upper = upperBound(c.getExpr()) | + upper > maxPreciseValue and + message = + "The upper bound of this value (" + upper + ") cast from " + c.getExpr().getType() + " to " + + targetType + " is greater than the maximum value (" + maxPreciseValue + + ") that can be stored precisely." + ) + or + // Find the lower bound, and determine if it is less than the negative maximum value that can + // be stored precisely. + // Note: the range analysis also works on floats (doubles), which means that it also loses + // precision at the end of the 64 bit mantissa range. + exists(float lower | lower = lowerBound(c.getExpr()) | + lower < -maxPreciseValue and + message = + "The lower bound of this value (" + lower + ") cast from " + c.getExpr().getType() + " to " + + targetType + " is smaller than the minimum value (" + -maxPreciseValue + + ") that can be stored precisely." + ) + ) +select c, message diff --git a/c/cert/test/rules/FLP36-C/IntToFloatPreservePrecision.expected b/c/cert/test/rules/FLP36-C/IntToFloatPreservePrecision.expected new file mode 100644 index 0000000000..2239a44468 --- /dev/null +++ b/c/cert/test/rules/FLP36-C/IntToFloatPreservePrecision.expected @@ -0,0 +1,6 @@ +| test.c:5:3:5:11 | (float)... | The upper bound of this value (1234567890) cast from uint64_t to float is greater than the maximum value (16777216) that can be stored precisely. | +| test.c:13:3:13:11 | (float)... | The upper bound of this value (16777217) cast from uint64_t to float is greater than the maximum value (16777216) that can be stored precisely. | +| test.c:17:3:17:11 | (float)... | The upper bound of this value (9007199254740992) cast from uint64_t to float is greater than the maximum value (16777216) that can be stored precisely. | +| test.c:21:3:21:11 | (float)... | The upper bound of this value (9007199254740992) cast from uint64_t to float is greater than the maximum value (16777216) that can be stored precisely. | +| test.c:28:3:28:11 | (float)... | The upper bound of this value (9007199254740996) cast from uint64_t to float is greater than the maximum value (16777216) that can be stored precisely. | +| test.c:29:3:29:12 | (double)... | The upper bound of this value (9007199254740996) cast from uint64_t to double is greater than the maximum value (9007199254740992) that can be stored precisely. | diff --git a/c/cert/test/rules/FLP36-C/IntToFloatPreservePrecision.qlref b/c/cert/test/rules/FLP36-C/IntToFloatPreservePrecision.qlref new file mode 100644 index 0000000000..c08b3dfd72 --- /dev/null +++ b/c/cert/test/rules/FLP36-C/IntToFloatPreservePrecision.qlref @@ -0,0 +1 @@ +rules/FLP36-C/IntToFloatPreservePrecision.ql \ No newline at end of file diff --git a/c/cert/test/rules/FLP36-C/test.c b/c/cert/test/rules/FLP36-C/test.c new file mode 100644 index 0000000000..69e3af189a --- /dev/null +++ b/c/cert/test/rules/FLP36-C/test.c @@ -0,0 +1,30 @@ +#include + +void test_conversion_int_to_float() { + uint64_t i1 = 1234567890L; + (float)i1; // NON_COMPLIANT - precision (23 bits) isn't sufficient + (double)i1; // COMPLIANT - precision (52 bits) is sufficient + + uint32_t i2 = 16777216; // 2^24 + (float)i2; // COMPLIANT - precision (23 bits) is sufficient + (double)i2; // COMPLIANT - precision (52 bits) is sufficient + + uint64_t i3 = 16777217; // 2^24 + 1 + (float)i3; // NON_COMPLIANT - precision (23 bits) is not sufficient + (double)i3; // COMPLIANT - precision (52 bits) is sufficient + + uint64_t i4 = 9007199254740992L; // 2^54 + (float)i4; // NON_COMPLIANT - precision (23 bits) is not sufficient + (double)i4; // COMPLIANT - precision (52 bits) is sufficient + + uint64_t i5 = 9007199254740993L; // 2^54 + 1 + (float)i5; // NON_COMPLIANT - precision (23 bits) is not sufficient + (double)i5; // NON_COMPLIANT[FALSE_POSITIVE] - precision (52 bits) is not + // sufficient, but our analysis also works with doubles, so cannot + // precisely represent this value either, and chooses to round + // down, thus making this case impractical to detect. + + uint64_t i6 = 9007199254740995L; // 2^54 + 3 + (float)i6; // NON_COMPLIANT - precision (23 bits) is not sufficient + (double)i6; // NON_COMPLIANT - precision (52 bits) is not sufficient +} \ No newline at end of file From 3d09627c9dbbd68f0d3cddc878b65fa244300a04 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 13 Mar 2023 09:31:44 +0000 Subject: [PATCH 0705/2573] FloatingTypes: Implement FLP37-C Add a query for finding float values compared by memcmp. --- .../FLP37-C/MemcmpUsedToCompareFloats.md | 88 +++++++++++++++++++ .../FLP37-C/MemcmpUsedToCompareFloats.ql | 35 ++++++++ .../MemcmpUsedToCompareFloats.expected | 10 +++ .../FLP37-C/MemcmpUsedToCompareFloats.qlref | 1 + c/cert/test/rules/FLP37-C/test.c | 48 ++++++++++ 5 files changed, 182 insertions(+) create mode 100644 c/cert/src/rules/FLP37-C/MemcmpUsedToCompareFloats.md create mode 100644 c/cert/src/rules/FLP37-C/MemcmpUsedToCompareFloats.ql create mode 100644 c/cert/test/rules/FLP37-C/MemcmpUsedToCompareFloats.expected create mode 100644 c/cert/test/rules/FLP37-C/MemcmpUsedToCompareFloats.qlref create mode 100644 c/cert/test/rules/FLP37-C/test.c diff --git a/c/cert/src/rules/FLP37-C/MemcmpUsedToCompareFloats.md b/c/cert/src/rules/FLP37-C/MemcmpUsedToCompareFloats.md new file mode 100644 index 0000000000..4713696d6f --- /dev/null +++ b/c/cert/src/rules/FLP37-C/MemcmpUsedToCompareFloats.md @@ -0,0 +1,88 @@ +# FLP37-C: Do not use object representations to compare floating-point values + +This query implements the CERT-C rule FLP37-C: + +> Do not use object representations to compare floating-point values + + +## Description + +The object representation for floating-point values is implementation defined. However, an implementation that defines the `__STDC_IEC_559__` macro shall conform to the IEC 60559 floating-point standard and uses what is frequently referred to as IEEE 754 floating-point arithmetic \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO%2FIEC9899-2011)\]. The floating-point object representation used by IEC 60559 is one of the most common floating-point object representations in use today. + +All floating-point object representations use specific bit patterns to encode the value of the floating-point number being represented. However, equivalence of floating-point values is not encoded solely by the bit pattern used to represent the value. For instance, if the floating-point format supports negative zero values (as IEC 60559 does), the values `-0.0` and `0.0` are equivalent and will compare as equal, but the bit patterns used in the object representation are not identical. Similarly, if two floating-point values are both (the same) NaN, they will not compare as equal, despite the bit patterns being identical, because they are not equivalent. + +Do not compare floating-point object representations directly, such as by calling `memcmp()`or its moral equivalents. Instead, the equality operators (`==` and `!=`) should be used to determine if two floating-point values are equivalent. + +## Noncompliant Code Example + +In this noncompliant code example, `memcmp()` is used to compare two structures for equality. However, since the structure contains a floating-point object, this code may not behave as the programmer intended. + +```cpp +#include +#include + +struct S { + int i; + float f; +}; + +bool are_equal(const struct S *s1, const struct S *s2) { + if (!s1 && !s2) + return true; + else if (!s1 || !s2) + return false; + return 0 == memcmp(s1, s2, sizeof(struct S)); +} +``` + +## Compliant Solution + +In this compliant solution, the structure members are compared individually: + +```cpp +#include +#include + +struct S { + int i; + float f; +}; + +bool are_equal(const struct S *s1, const struct S *s2) { + if (!s1 && !s2) + return true; + else if (!s1 || !s2) + return false; + return s1->i == s2->i && + s1->f == s2->f; +} +``` + +## Risk Assessment + +Using the object representation of a floating-point value for comparisons can lead to incorrect equality results, which can lead to unexpected behavior. + +
    Rule Severity Likelihood Remediation Cost Priority Level
    FLP37-C Low Unlikely Medium P2 L3
    + + +## Automated Detection + +
    Tool Version Checker Description
    Astrée 22.04 memcmp-with-float Partially checked
    Axivion Bauhaus Suite 7.2.0 CertC-FLP37 Fully implemented
    Helix QAC 2022.4 C5026 C++3118
    Klocwork 2022.4 MISRA.STDLIB.MEMCMP.PTR_ARG_TYPES CERT.MEMCMP.FLOAT_MEMBER
    LDRA tool suite 9.7.1 618 S Enhanced Enforcement
    Parasoft C/C++test 2022.2 CERT_C-FLP37-c Do not use object representations to compare floating-point values
    PC-lint Plus 1.4 2498, 2499 Fully supported
    Polyspace Bug Finder R2022b CERT C: Rule FLP37-C Checks for memory comparison of floating-point values (rule fully covered)
    PRQA QA-C 9.7 5026
    PVS-Studio 7.23 V1014
    RuleChecker 22.04 memcmp-with-float Partially checked
    TrustInSoft Analyzer 1.38 Exhaustively verified.
    + + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+FLP37-C). + +## Bibliography + +
    \[ ISO/IEC 9899:2011 \] Annex F, " IEC 60559 floating-point arithmetic"
    + + +## Implementation notes + +None + +## References + +* CERT-C: [FLP37-C: Do not use object representations to compare floating-point values](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/FLP37-C/MemcmpUsedToCompareFloats.ql b/c/cert/src/rules/FLP37-C/MemcmpUsedToCompareFloats.ql new file mode 100644 index 0000000000..9d70ac555e --- /dev/null +++ b/c/cert/src/rules/FLP37-C/MemcmpUsedToCompareFloats.ql @@ -0,0 +1,35 @@ +/** + * @id c/cert/memcmp-used-to-compare-floats + * @name FLP37-C: Do not use object representations to compare floating-point values + * @description + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/cert/id/flp37-c + * correctness + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import semmle.code.cpp.security.BufferAccess + +/** + * A type which contains, directly or indirectly, a floating-point type. + */ +class FloatContainingType extends Type { + FloatContainingType() { + this instanceof FloatingPointType + or + this.(Class).getAField().getType().getUnspecifiedType() instanceof FloatContainingType + } +} + +from MemcmpBA cmp, string buffDesc, Expr arg, FloatContainingType type +where + not isExcluded(cmp, FloatingTypesPackage::memcmpUsedToCompareFloatsQuery()) and + arg = cmp.getBuffer(buffDesc, _) and + arg.getUnconverted().getUnspecifiedType().(PointerType).getBaseType() = type +select cmp, + "memcmp is used to compare a floating-point value in the $@ which is of type " + type + ".", arg, + buffDesc diff --git a/c/cert/test/rules/FLP37-C/MemcmpUsedToCompareFloats.expected b/c/cert/test/rules/FLP37-C/MemcmpUsedToCompareFloats.expected new file mode 100644 index 0000000000..a57f64f94b --- /dev/null +++ b/c/cert/test/rules/FLP37-C/MemcmpUsedToCompareFloats.expected @@ -0,0 +1,10 @@ +| test.c:27:3:27:8 | call to memcmp | memcmp is used to compare a floating-point value in the $@ which is of type float. | test.c:27:10:27:12 | & ... | first buffer | +| test.c:27:3:27:8 | call to memcmp | memcmp is used to compare a floating-point value in the $@ which is of type float. | test.c:27:15:27:17 | & ... | second buffer | +| test.c:35:3:35:8 | call to memcmp | memcmp is used to compare a floating-point value in the $@ which is of type S2. | test.c:35:10:35:13 | & ... | first buffer | +| test.c:35:3:35:8 | call to memcmp | memcmp is used to compare a floating-point value in the $@ which is of type S2. | test.c:35:16:35:19 | & ... | second buffer | +| test.c:39:3:39:8 | call to memcmp | memcmp is used to compare a floating-point value in the $@ which is of type S3. | test.c:39:10:39:13 | & ... | first buffer | +| test.c:39:3:39:8 | call to memcmp | memcmp is used to compare a floating-point value in the $@ which is of type S3. | test.c:39:16:39:19 | & ... | second buffer | +| test.c:43:3:43:8 | call to memcmp | memcmp is used to compare a floating-point value in the $@ which is of type S4. | test.c:43:10:43:13 | & ... | first buffer | +| test.c:43:3:43:8 | call to memcmp | memcmp is used to compare a floating-point value in the $@ which is of type S4. | test.c:43:16:43:19 | & ... | second buffer | +| test.c:47:3:47:8 | call to memcmp | memcmp is used to compare a floating-point value in the $@ which is of type S5. | test.c:47:10:47:13 | & ... | first buffer | +| test.c:47:3:47:8 | call to memcmp | memcmp is used to compare a floating-point value in the $@ which is of type S5. | test.c:47:16:47:19 | & ... | second buffer | diff --git a/c/cert/test/rules/FLP37-C/MemcmpUsedToCompareFloats.qlref b/c/cert/test/rules/FLP37-C/MemcmpUsedToCompareFloats.qlref new file mode 100644 index 0000000000..37be07461c --- /dev/null +++ b/c/cert/test/rules/FLP37-C/MemcmpUsedToCompareFloats.qlref @@ -0,0 +1 @@ +rules/FLP37-C/MemcmpUsedToCompareFloats.ql \ No newline at end of file diff --git a/c/cert/test/rules/FLP37-C/test.c b/c/cert/test/rules/FLP37-C/test.c new file mode 100644 index 0000000000..fdb32fe07c --- /dev/null +++ b/c/cert/test/rules/FLP37-C/test.c @@ -0,0 +1,48 @@ +#include + +struct S1 { + int i; +}; + +struct S2 { + float f; +}; + +struct S3 { + struct S2 s2; +}; + +struct S4 { + struct S3 s3; +}; + +struct S5 { + union { + float f1; + int i1; + }; +}; + +void test_float_memcmp(float f1, float f2) { + memcmp(&f1, &f2, sizeof(float)); // NON_COMPLIANT +} + +void test_struct_int_memcmp(struct S1 s1a, struct S1 s1b) { + memcmp(&s1a, &s1b, sizeof(struct S1)); // COMPLIANT +} + +void test_struct_float_memcmp(struct S2 s2a, struct S2 s2b) { + memcmp(&s2a, &s2b, sizeof(struct S2)); // NON_COMPLIANT +} + +void test_struct_nested_float_memcmp(struct S3 s3a, struct S3 s3b) { + memcmp(&s3a, &s3b, sizeof(struct S3)); // NON_COMPLIANT +} + +void test_struct_nested_nested_float_memcmp(struct S4 s4a, struct S4 s4b) { + memcmp(&s4a, &s4b, sizeof(struct S4)); // NON_COMPLIANT +} + +void test_union_nested_float_memcmp(struct S5 s5a, struct S5 s5b) { + memcmp(&s5a, &s5b, sizeof(struct S5)); // NON_COMPLIANT +} \ No newline at end of file From fbc7c8905b39969d746b5d01ade322687180b2c2 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 13 Mar 2023 09:38:31 +0000 Subject: [PATCH 0706/2573] FloatingTypes: Improve descriptions --- .../rules/FLP34-C/UncheckedFloatingPointConversion.ql | 5 +++-- .../src/rules/FLP36-C/IntToFloatPreservePrecision.ql | 5 +++-- c/cert/src/rules/FLP37-C/MemcmpUsedToCompareFloats.ql | 3 ++- rule_packages/c/FloatingTypes.json | 10 +++++----- 4 files changed, 13 insertions(+), 10 deletions(-) diff --git a/c/cert/src/rules/FLP34-C/UncheckedFloatingPointConversion.ql b/c/cert/src/rules/FLP34-C/UncheckedFloatingPointConversion.ql index fb93797d3a..aed376d22e 100644 --- a/c/cert/src/rules/FLP34-C/UncheckedFloatingPointConversion.ql +++ b/c/cert/src/rules/FLP34-C/UncheckedFloatingPointConversion.ql @@ -1,9 +1,10 @@ /** * @id c/cert/unchecked-floating-point-conversion * @name FLP34-C: Ensure that floating-point conversions are within range of the new type - * @description + * @description Conversions of out-of-range floating-point values to integral types can lead to + * undefined behavior. * @kind problem - * @precision very-high + * @precision high * @problem.severity error * @tags external/cert/id/flp34-c * correctness diff --git a/c/cert/src/rules/FLP36-C/IntToFloatPreservePrecision.ql b/c/cert/src/rules/FLP36-C/IntToFloatPreservePrecision.ql index 067c2e67a6..e3b98c61c5 100644 --- a/c/cert/src/rules/FLP36-C/IntToFloatPreservePrecision.ql +++ b/c/cert/src/rules/FLP36-C/IntToFloatPreservePrecision.ql @@ -1,9 +1,10 @@ /** * @id c/cert/int-to-float-preserve-precision * @name FLP36-C: Preserve precision when converting integral values to floating-point type - * @description + * @description Integer to floating-point conversions may lose precision if the floating-point type + * is unable to fully represent the integer value. * @kind problem - * @precision very-high + * @precision high * @problem.severity error * @tags external/cert/id/flp36-c * correctness diff --git a/c/cert/src/rules/FLP37-C/MemcmpUsedToCompareFloats.ql b/c/cert/src/rules/FLP37-C/MemcmpUsedToCompareFloats.ql index 9d70ac555e..0e3031262e 100644 --- a/c/cert/src/rules/FLP37-C/MemcmpUsedToCompareFloats.ql +++ b/c/cert/src/rules/FLP37-C/MemcmpUsedToCompareFloats.ql @@ -1,7 +1,8 @@ /** * @id c/cert/memcmp-used-to-compare-floats * @name FLP37-C: Do not use object representations to compare floating-point values - * @description + * @description Comparing floating point values using the memcmp can lead to unexpected comparison + * failures as equivalent floating-point values may not have the same bit pattern. * @kind problem * @precision very-high * @problem.severity error diff --git a/rule_packages/c/FloatingTypes.json b/rule_packages/c/FloatingTypes.json index 77090bbac0..1dfd663597 100644 --- a/rule_packages/c/FloatingTypes.json +++ b/rule_packages/c/FloatingTypes.json @@ -26,10 +26,10 @@ }, "queries": [ { - "description": "", + "description": "Conversions of out-of-range floating-point values to integral types can lead to undefined behavior.", "kind": "problem", "name": "Ensure that floating-point conversions are within range of the new type", - "precision": "very-high", + "precision": "high", "severity": "error", "short_name": "UncheckedFloatingPointConversion", "tags": [ @@ -45,10 +45,10 @@ }, "queries": [ { - "description": "", + "description": "Integer to floating-point conversions may lose precision if the floating-point type is unable to fully represent the integer value.", "kind": "problem", "name": "Preserve precision when converting integral values to floating-point type", - "precision": "very-high", + "precision": "high", "severity": "error", "short_name": "IntToFloatPreservePrecision", "tags": [ @@ -64,7 +64,7 @@ }, "queries": [ { - "description": "", + "description": "Comparing floating point values using the memcmp can lead to unexpected comparison failures as equivalent floating-point values may not have the same bit pattern.", "kind": "problem", "name": "Do not use object representations to compare floating-point values", "precision": "very-high", From 1abf1bc0a7ef4d0993ec5391a8fdb53a4392ff03 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 13 Mar 2023 10:40:54 +0000 Subject: [PATCH 0707/2573] STR37-C: Update compiler specific expected results --- ...nctionsRepresentableAsUChar.expected.clang | 28 +++++++++++++++++++ ...FunctionsRepresentableAsUChar.expected.gcc | 28 +++++++++++++++++++ 2 files changed, 56 insertions(+) create mode 100644 c/cert/test/rules/STR37-C/ToCharacterHandlingFunctionsRepresentableAsUChar.expected.clang create mode 100644 c/cert/test/rules/STR37-C/ToCharacterHandlingFunctionsRepresentableAsUChar.expected.gcc diff --git a/c/cert/test/rules/STR37-C/ToCharacterHandlingFunctionsRepresentableAsUChar.expected.clang b/c/cert/test/rules/STR37-C/ToCharacterHandlingFunctionsRepresentableAsUChar.expected.clang new file mode 100644 index 0000000000..3ad77b8c58 --- /dev/null +++ b/c/cert/test/rules/STR37-C/ToCharacterHandlingFunctionsRepresentableAsUChar.expected.clang @@ -0,0 +1,28 @@ +| test.c:7:3:7:13 | isalnum(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:7:3:7:13 | (...) | Argument | +| test.c:8:3:8:13 | isalpha(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:8:3:8:13 | (...) | Argument | +| test.c:10:3:10:13 | isblank(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:10:3:10:13 | (...) | Argument | +| test.c:11:3:11:13 | iscntrl(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:11:3:11:13 | (...) | Argument | +| test.c:12:3:12:13 | isdigit(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:12:3:12:13 | (...) | Argument | +| test.c:13:3:13:13 | isgraph(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:13:3:13:13 | (...) | Argument | +| test.c:14:3:14:13 | islower(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:14:3:14:13 | (...) | Argument | +| test.c:15:3:15:13 | isprint(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:15:3:15:13 | (...) | Argument | +| test.c:16:3:16:13 | ispunct(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:16:3:16:13 | (...) | Argument | +| test.c:17:3:17:13 | isspace(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:17:3:17:13 | (...) | Argument | +| test.c:18:3:18:13 | isupper(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:18:3:18:13 | (...) | Argument | +| test.c:19:3:19:14 | isxdigit(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:19:3:19:14 | (...) | Argument | +| test.c:21:3:21:9 | call to toupper | $@ to character-handling function may not be representable as an unsigned char. | test.c:21:11:21:12 | * ... | Argument | +| test.c:22:3:22:9 | call to tolower | $@ to character-handling function may not be representable as an unsigned char. | test.c:22:11:22:12 | * ... | Argument | +| test.c:70:3:70:12 | isalnum(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:70:3:70:12 | (...) | Argument | +| test.c:71:3:71:12 | isalpha(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:71:3:71:12 | (...) | Argument | +| test.c:73:3:73:12 | isblank(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:73:3:73:12 | (...) | Argument | +| test.c:74:3:74:12 | iscntrl(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:74:3:74:12 | (...) | Argument | +| test.c:75:3:75:12 | isdigit(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:75:3:75:12 | (...) | Argument | +| test.c:76:3:76:12 | isgraph(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:76:3:76:12 | (...) | Argument | +| test.c:77:3:77:12 | islower(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:77:3:77:12 | (...) | Argument | +| test.c:78:3:78:12 | isprint(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:78:3:78:12 | (...) | Argument | +| test.c:79:3:79:12 | ispunct(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:79:3:79:12 | (...) | Argument | +| test.c:80:3:80:12 | isspace(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:80:3:80:12 | (...) | Argument | +| test.c:81:3:81:12 | isupper(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:81:3:81:12 | (...) | Argument | +| test.c:82:3:82:13 | isxdigit(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:82:3:82:13 | (...) | Argument | +| test.c:84:3:84:9 | call to toupper | $@ to character-handling function may not be representable as an unsigned char. | test.c:84:11:84:11 | t | Argument | +| test.c:85:3:85:9 | call to tolower | $@ to character-handling function may not be representable as an unsigned char. | test.c:85:11:85:11 | t | Argument | diff --git a/c/cert/test/rules/STR37-C/ToCharacterHandlingFunctionsRepresentableAsUChar.expected.gcc b/c/cert/test/rules/STR37-C/ToCharacterHandlingFunctionsRepresentableAsUChar.expected.gcc new file mode 100644 index 0000000000..3ad77b8c58 --- /dev/null +++ b/c/cert/test/rules/STR37-C/ToCharacterHandlingFunctionsRepresentableAsUChar.expected.gcc @@ -0,0 +1,28 @@ +| test.c:7:3:7:13 | isalnum(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:7:3:7:13 | (...) | Argument | +| test.c:8:3:8:13 | isalpha(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:8:3:8:13 | (...) | Argument | +| test.c:10:3:10:13 | isblank(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:10:3:10:13 | (...) | Argument | +| test.c:11:3:11:13 | iscntrl(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:11:3:11:13 | (...) | Argument | +| test.c:12:3:12:13 | isdigit(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:12:3:12:13 | (...) | Argument | +| test.c:13:3:13:13 | isgraph(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:13:3:13:13 | (...) | Argument | +| test.c:14:3:14:13 | islower(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:14:3:14:13 | (...) | Argument | +| test.c:15:3:15:13 | isprint(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:15:3:15:13 | (...) | Argument | +| test.c:16:3:16:13 | ispunct(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:16:3:16:13 | (...) | Argument | +| test.c:17:3:17:13 | isspace(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:17:3:17:13 | (...) | Argument | +| test.c:18:3:18:13 | isupper(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:18:3:18:13 | (...) | Argument | +| test.c:19:3:19:14 | isxdigit(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:19:3:19:14 | (...) | Argument | +| test.c:21:3:21:9 | call to toupper | $@ to character-handling function may not be representable as an unsigned char. | test.c:21:11:21:12 | * ... | Argument | +| test.c:22:3:22:9 | call to tolower | $@ to character-handling function may not be representable as an unsigned char. | test.c:22:11:22:12 | * ... | Argument | +| test.c:70:3:70:12 | isalnum(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:70:3:70:12 | (...) | Argument | +| test.c:71:3:71:12 | isalpha(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:71:3:71:12 | (...) | Argument | +| test.c:73:3:73:12 | isblank(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:73:3:73:12 | (...) | Argument | +| test.c:74:3:74:12 | iscntrl(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:74:3:74:12 | (...) | Argument | +| test.c:75:3:75:12 | isdigit(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:75:3:75:12 | (...) | Argument | +| test.c:76:3:76:12 | isgraph(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:76:3:76:12 | (...) | Argument | +| test.c:77:3:77:12 | islower(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:77:3:77:12 | (...) | Argument | +| test.c:78:3:78:12 | isprint(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:78:3:78:12 | (...) | Argument | +| test.c:79:3:79:12 | ispunct(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:79:3:79:12 | (...) | Argument | +| test.c:80:3:80:12 | isspace(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:80:3:80:12 | (...) | Argument | +| test.c:81:3:81:12 | isupper(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:81:3:81:12 | (...) | Argument | +| test.c:82:3:82:13 | isxdigit(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:82:3:82:13 | (...) | Argument | +| test.c:84:3:84:9 | call to toupper | $@ to character-handling function may not be representable as an unsigned char. | test.c:84:11:84:11 | t | Argument | +| test.c:85:3:85:9 | call to tolower | $@ to character-handling function may not be representable as an unsigned char. | test.c:85:11:85:11 | t | Argument | From 8072b536298101142a88609dab31517dca237f75 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 13 Mar 2023 10:59:50 +0000 Subject: [PATCH 0708/2573] FLP34-C: Reformat file --- c/cert/test/rules/FLP34-C/test.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/c/cert/test/rules/FLP34-C/test.c b/c/cert/test/rules/FLP34-C/test.c index daac5997b3..9a77618ee4 100644 --- a/c/cert/test/rules/FLP34-C/test.c +++ b/c/cert/test/rules/FLP34-C/test.c @@ -1,8 +1,8 @@ -#include -#include +#include #include #include -#include +#include +#include void test_no_guard(float f) { int i = f; // NON_COMPLIANT @@ -28,11 +28,10 @@ size_t popcount(uintmax_t num) { #define PRECISION(umax_value) popcount(umax_value) void test_precision_check(float f) { - if (isnan(f) || - PRECISION(INT_MAX) < log2f(fabsf(f)) || + if (isnan(f) || PRECISION(INT_MAX) < log2f(fabsf(f)) || (f != 0.0F && fabsf(f) < FLT_MIN)) { /* Handle error */ } else { - int i= f; // COMPLIANT + int i = f; // COMPLIANT } } \ No newline at end of file From d05ebbae8dcfa7e412e0befe97459a6cd53465fe Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 13 Mar 2023 13:58:38 -0400 Subject: [PATCH 0709/2573] integrate qcc --- scripts/matrix_testing/CompileFixTool.ps1 | 2 +- scripts/matrix_testing/Config.ps1 | 4 ++++ scripts/matrix_testing/CreateMatrixTestReport.ps1 | 6 +++--- 3 files changed, 8 insertions(+), 4 deletions(-) diff --git a/scripts/matrix_testing/CompileFixTool.ps1 b/scripts/matrix_testing/CompileFixTool.ps1 index ba4cd2c146..882707255e 100755 --- a/scripts/matrix_testing/CompileFixTool.ps1 +++ b/scripts/matrix_testing/CompileFixTool.ps1 @@ -16,7 +16,7 @@ param( # The compiler to use. Valid values are 'clang' and 'arm-clang'. [Parameter(Mandatory)] - [ValidateSet('clang', 'armclang', 'tiarmclang', 'gcc')] + [ValidateSet('clang', 'armclang', 'tiarmclang', 'gcc', 'qcc')] [string] $Configuration ) diff --git a/scripts/matrix_testing/Config.ps1 b/scripts/matrix_testing/Config.ps1 index 9ae4bb9600..2a92980107 100644 --- a/scripts/matrix_testing/Config.ps1 +++ b/scripts/matrix_testing/Config.ps1 @@ -6,11 +6,13 @@ $COMPILER_MAPPINGS = @{ "gcc" = "g++"; "armclang" = "armclang"; "tiarmclang" = "tiarmclang"; + "qcc" = "qcc"; }; "c" = @{ "clang" = "clang"; "gcc" = "gcc"; + "qcc" = "qcc"; }; } @@ -20,11 +22,13 @@ $COMPILER_ARGS = @{ "gcc" = "-std=c++14 -fsyntax-only"; "armclang" = "-std=c++14 -fsyntax-only --target=arm-arm-none-eabi"; "tiarmclang" = "-std=c++14 -fsyntax-only --target=arm-arm-none-eabi"; + "qcc" = "-lang-c++ -V7.1.0 -Wc,-fsyntax-only -c -nopipe -std=c++14 -D_QNX_SOURCE -Vgcc_ntoaarch64le_cxx"; }; "c" = @{ "gcc" = "-fsyntax-only -std=c11"; "clang" = "-fsyntax-only -std=c11"; + "qcc" = "-V7.1.0 -Wc,-fsyntax-only -c -nopipe -std=c11 -Vgcc_ntoaarch64le"; }; } diff --git a/scripts/matrix_testing/CreateMatrixTestReport.ps1 b/scripts/matrix_testing/CreateMatrixTestReport.ps1 index f60889fa7a..d306a3f0d9 100644 --- a/scripts/matrix_testing/CreateMatrixTestReport.ps1 +++ b/scripts/matrix_testing/CreateMatrixTestReport.ps1 @@ -53,7 +53,7 @@ All Parameters: Accept wildcard characters? false -Configuration - The compiler to use. Valid values are 'clang' and 'arm-clang'. + The compiler to use. Required? true Position? named @@ -140,9 +140,9 @@ param( [string] $NumThreads = 10, - # The compiler to use. Valid values are 'clang' and 'arm-clang'. + # The compiler to use. [Parameter(Mandatory)] - [ValidateSet('clang', 'armclang', 'tiarmclang', 'gcc')] + [ValidateSet('clang', 'armclang', 'tiarmclang', 'gcc', 'qcc')] [string] $Configuration, From a25aa963361c646c57dd9443867642318de8bc47 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 13 Mar 2023 14:54:32 -0400 Subject: [PATCH 0710/2573] tset --- c/cert/test/rules/ARR39-C/test.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/c/cert/test/rules/ARR39-C/test.c b/c/cert/test/rules/ARR39-C/test.c index 937dce9cf5..26425ecb72 100644 --- a/c/cert/test/rules/ARR39-C/test.c +++ b/c/cert/test/rules/ARR39-C/test.c @@ -27,4 +27,7 @@ void f1() { (void)v1[10 / sizeof(v1)]; // NON_COMPLIANT v4 += offset; // COMPLIANT f2(offset, 2); -} \ No newline at end of file +} + + +//// \ No newline at end of file From 544c1ba20dfce6fced36546eae7b4144ccab4e92 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 13 Mar 2023 15:05:27 -0400 Subject: [PATCH 0711/2573] test --- c/cert/test/rules/ARR39-C/test.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/cert/test/rules/ARR39-C/test.c b/c/cert/test/rules/ARR39-C/test.c index 26425ecb72..83ad6c6f5b 100644 --- a/c/cert/test/rules/ARR39-C/test.c +++ b/c/cert/test/rules/ARR39-C/test.c @@ -30,4 +30,4 @@ void f1() { } -//// \ No newline at end of file +/// \ No newline at end of file From 7ecd4e3a1cf2551c473227380c411d922745a126 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 13 Mar 2023 15:12:20 -0400 Subject: [PATCH 0712/2573] fix --- c/cert/test/rules/ARR39-C/test.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/c/cert/test/rules/ARR39-C/test.c b/c/cert/test/rules/ARR39-C/test.c index 83ad6c6f5b..8b2a472a94 100644 --- a/c/cert/test/rules/ARR39-C/test.c +++ b/c/cert/test/rules/ARR39-C/test.c @@ -28,6 +28,3 @@ void f1() { v4 += offset; // COMPLIANT f2(offset, 2); } - - -/// \ No newline at end of file From 9df0465ae06a18f14c74d385f8222ab8347e8f6b Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 13 Mar 2023 15:48:24 -0400 Subject: [PATCH 0713/2573] trigger test and version change --- c/cert/test/rules/ARR39-C/test.c | 2 ++ scripts/matrix_testing/Config.ps1 | 4 ++-- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/c/cert/test/rules/ARR39-C/test.c b/c/cert/test/rules/ARR39-C/test.c index 8b2a472a94..15ae78d33b 100644 --- a/c/cert/test/rules/ARR39-C/test.c +++ b/c/cert/test/rules/ARR39-C/test.c @@ -28,3 +28,5 @@ void f1() { v4 += offset; // COMPLIANT f2(offset, 2); } + +// \ No newline at end of file diff --git a/scripts/matrix_testing/Config.ps1 b/scripts/matrix_testing/Config.ps1 index 2a92980107..c904a06863 100644 --- a/scripts/matrix_testing/Config.ps1 +++ b/scripts/matrix_testing/Config.ps1 @@ -22,13 +22,13 @@ $COMPILER_ARGS = @{ "gcc" = "-std=c++14 -fsyntax-only"; "armclang" = "-std=c++14 -fsyntax-only --target=arm-arm-none-eabi"; "tiarmclang" = "-std=c++14 -fsyntax-only --target=arm-arm-none-eabi"; - "qcc" = "-lang-c++ -V7.1.0 -Wc,-fsyntax-only -c -nopipe -std=c++14 -D_QNX_SOURCE -Vgcc_ntoaarch64le_cxx"; + "qcc" = "-lang-c++ -V8.3.0 -Wc,-fsyntax-only -c -nopipe -std=c++14 -D_QNX_SOURCE -Vgcc_ntoaarch64le_cxx"; }; "c" = @{ "gcc" = "-fsyntax-only -std=c11"; "clang" = "-fsyntax-only -std=c11"; - "qcc" = "-V7.1.0 -Wc,-fsyntax-only -c -nopipe -std=c11 -Vgcc_ntoaarch64le"; + "qcc" = "-V8.3.0 -Wc,-fsyntax-only -c -nopipe -std=c11 -Vgcc_ntoaarch64le"; }; } From 0e554c101b68cc4b32797c7f4bac19b1f248eb85 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 13 Mar 2023 15:53:22 -0400 Subject: [PATCH 0714/2573] undo --- c/cert/test/rules/ARR39-C/test.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/c/cert/test/rules/ARR39-C/test.c b/c/cert/test/rules/ARR39-C/test.c index 15ae78d33b..8b2a472a94 100644 --- a/c/cert/test/rules/ARR39-C/test.c +++ b/c/cert/test/rules/ARR39-C/test.c @@ -28,5 +28,3 @@ void f1() { v4 += offset; // COMPLIANT f2(offset, 2); } - -// \ No newline at end of file From bf387a19726e5c4de161376bfcd044d7df71ee2d Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 13 Mar 2023 16:24:00 -0400 Subject: [PATCH 0715/2573] boop --- c/cert/test/rules/ARR39-C/test.c | 1 + 1 file changed, 1 insertion(+) diff --git a/c/cert/test/rules/ARR39-C/test.c b/c/cert/test/rules/ARR39-C/test.c index 8b2a472a94..db8c54fa14 100644 --- a/c/cert/test/rules/ARR39-C/test.c +++ b/c/cert/test/rules/ARR39-C/test.c @@ -28,3 +28,4 @@ void f1() { v4 += offset; // COMPLIANT f2(offset, 2); } +// \ No newline at end of file From b0014caae1f6445a5dd05feccbe63438335f2543 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 13 Mar 2023 16:59:50 -0700 Subject: [PATCH 0716/2573] Use loop counter definition from CERT --- .../FLP30-C/FloatingPointLoopCounters.ql | 41 ++++++++++++++----- .../FloatingPointLoopCounters.expected | 5 ++- c/cert/test/rules/FLP30-C/test.c | 15 ++++++- 3 files changed, 47 insertions(+), 14 deletions(-) diff --git a/c/cert/src/rules/FLP30-C/FloatingPointLoopCounters.ql b/c/cert/src/rules/FLP30-C/FloatingPointLoopCounters.ql index 1f99006866..a26736707c 100644 --- a/c/cert/src/rules/FLP30-C/FloatingPointLoopCounters.ql +++ b/c/cert/src/rules/FLP30-C/FloatingPointLoopCounters.ql @@ -16,15 +16,36 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.Loops -from Loop loop +/* + * A variable that is increased or decreased by a fixed amount on each iteration. + */ + +class InductionVariable extends Variable { + Loop loop; + Expr update; + + InductionVariable() { + update.getParent+() = loop and + ( + update.(AssignArithmeticOperation).getRValue().isConstant() and + update.(AssignArithmeticOperation).getLValue() = this.getAnAccess() + or + exists(BinaryArithmeticOperation binop | + update.(Assignment).getLValue() = this.getAnAccess() and + update.(Assignment).getRValue() = binop and + binop.getAnOperand() = this.getAnAccess() and + binop.getAnOperand().isConstant() + ) + or + update.(CrementOperation).getOperand() = this.getAnAccess() + ) + } +} + +from Loop loop, InductionVariable loopCounter, ComparisonOperation comparison where not isExcluded(loop, Statements4Package::floatingPointLoopCountersQuery()) and - exists(WhileStmt while | - while.getCondition().getType() instanceof FloatType and - loop = while - ) - or - exists(ForStmt for, Variable counter | - isForLoopWithFloatingPointCounters(for, counter) and for = loop - ) -select loop, "Loop $@ has a floating-point type.", loop.getControllingExpr(), "counter" + loop.getControllingExpr() = comparison and + comparison.getAnOperand() = loopCounter.getAnAccess() and + loopCounter.getType() instanceof FloatingPointType +select loop, "Loop using a $@ of type floating-point.", loopCounter, "loop counter" diff --git a/c/cert/test/rules/FLP30-C/FloatingPointLoopCounters.expected b/c/cert/test/rules/FLP30-C/FloatingPointLoopCounters.expected index 964df7c2b7..43f8a04a66 100644 --- a/c/cert/test/rules/FLP30-C/FloatingPointLoopCounters.expected +++ b/c/cert/test/rules/FLP30-C/FloatingPointLoopCounters.expected @@ -1,2 +1,3 @@ -| test.c:3:3:4:3 | for(...;...;...) ... | Loop $@ has a floating-point type. | test.c:3:18:3:26 | ... < ... | counter | -| test.c:5:3:6:3 | while (...) ... | Loop $@ has a floating-point type. | test.c:5:10:5:17 | ... - ... | counter | +| test.c:3:3:4:3 | for(...;...;...) ... | Loop using a $@ of type floating-point. | test.c:2:9:2:9 | f | loop counter | +| test.c:5:3:7:3 | while (...) ... | Loop using a $@ of type floating-point. | test.c:2:9:2:9 | f | loop counter | +| test.c:9:3:11:22 | do (...) ... | Loop using a $@ of type floating-point. | test.c:2:9:2:9 | f | loop counter | diff --git a/c/cert/test/rules/FLP30-C/test.c b/c/cert/test/rules/FLP30-C/test.c index 9ec460953b..c56519a70e 100644 --- a/c/cert/test/rules/FLP30-C/test.c +++ b/c/cert/test/rules/FLP30-C/test.c @@ -2,14 +2,25 @@ void f1() { float f = 0.0F; for (f = 0.0F; f < 10.0F; f += 0.2F) { // NON_COMPLIANT } - while (f - 0.0F) { // NON_COMPLIANT + while (f < 10.0F) { // NON_COMPLIANT + f = f * 2.0F; } + + do { + f *= 2.0F; + } while (f < 10.0F); // NON_COMPLIANT } void f2() { for (int i = 0; i < 10; i++) { // COMPLIANT } - while (4 - 4) { // COMPLIANT + int j = 0; + while (j < 10) { // COMPLIANT + j = j * 2; } + + do { + j++; + } while (j < 10); // COMPLIANT } From c66a9d65a6df929b1e130d35ea36599ac8074f0b Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Tue, 14 Mar 2023 10:00:19 -0700 Subject: [PATCH 0717/2573] Minor comments && Update outdated .expected --- .../rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql | 1 + .../RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.expected | 4 ++-- c/misra/test/rules/RULE-21-13/test.c | 4 ++-- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql b/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql index a87910063b..e11c882ab1 100644 --- a/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql +++ b/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql @@ -30,6 +30,7 @@ where /* The argument's value should be in the EOF + `unsigned char` range. */ -1 <= lowerBound(ctypeCallArgument) and upperBound(ctypeCallArgument) <= 255 ) and + /* Only report control flow that is feasible (to avoid functions implemented as macro). */ ctypeCall.getBasicBlock().isReachable() select ctypeCall, "The function " + ctypeCall + " accepts an argument " + diff --git a/c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.expected b/c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.expected index 6d3f237ae7..0a8d568dec 100644 --- a/c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.expected +++ b/c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.expected @@ -1,2 +1,2 @@ -| test.c:17:7:17:17 | call to islower | The function call to islower accepts an argument c3 that is not an unsigned char nor an EOF. | -| test.c:23:7:23:17 | call to isdigit | The function call to isdigit accepts an argument c4 that is not an unsigned char nor an EOF. | \ No newline at end of file +| test.c:14:7:14:13 | call to isalnum | The function call to isalnum accepts an argument c3 that is not an unsigned char nor an EOF. | +| test.c:20:7:20:13 | call to isalnum | The function call to isalnum accepts an argument c4 that is not an unsigned char nor an EOF. | \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-13/test.c b/c/misra/test/rules/RULE-21-13/test.c index ab391afc28..727ac8ad65 100644 --- a/c/misra/test/rules/RULE-21-13/test.c +++ b/c/misra/test/rules/RULE-21-13/test.c @@ -20,8 +20,8 @@ void sample() { isalnum(c4); // NON_COMPLIANT: is outside unsigned char range of [0, 255] int c5 = getchar(); - int r5 = isalnum(c5); // COMPLIANT[FALSE_POSITIVE]: library functions like - // getchar needs to be modelled + int r5 = isalnum( + c5); // COMPLIANT: source functions like getchar are modelled unsigned char x7; int c6; From a7c8d74d40e936c72e0ac2e8ec908f1e609d3032 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Tue, 14 Mar 2023 13:12:09 -0400 Subject: [PATCH 0718/2573] fix! --- scripts/matrix_testing/CompileFixTool.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/matrix_testing/CompileFixTool.ps1 b/scripts/matrix_testing/CompileFixTool.ps1 index 882707255e..86a6481b8e 100755 --- a/scripts/matrix_testing/CompileFixTool.ps1 +++ b/scripts/matrix_testing/CompileFixTool.ps1 @@ -14,7 +14,7 @@ param( [string] $Language, - # The compiler to use. Valid values are 'clang' and 'arm-clang'. + # The compiler to use. [Parameter(Mandatory)] [ValidateSet('clang', 'armclang', 'tiarmclang', 'gcc', 'qcc')] [string] From afc2abb2f788130135eb634655e8141f4c9a6ad6 Mon Sep 17 00:00:00 2001 From: jsinglet Date: Tue, 14 Mar 2023 19:14:50 +0000 Subject: [PATCH 0719/2573] Version bump to 2.16.0-dev. --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- docs/user_manual.md | 8 ++++---- 16 files changed, 19 insertions(+), 19 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index f3bb6dfc31..125b9fcc8a 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards -version: 2.15.0-dev +version: 2.16.0-dev description: CERT C 2016 suites: codeql-suites license: MIT diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index be31ed6211..18aa5d4057 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards-tests -version: 2.15.0-dev +version: 2.16.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 02a2a58665..fe06ee5fb6 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards -version: 2.15.0-dev +version: 2.16.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index decc240266..2471c3497e 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards-tests -version: 2.15.0-dev +version: 2.16.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index c3386475fe..0657f90d0c 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards -version: 2.15.0-dev +version: 2.16.0-dev description: MISRA C 2012 suites: codeql-suites license: MIT diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index 6f3712963b..a18d1c40dc 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards-tests -version: 2.15.0-dev +version: 2.16.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index bf80ed2cf2..34f8b7b6a4 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards -version: 2.15.0-dev +version: 2.16.0-dev description: AUTOSAR C++14 Guidelines 20-11 suites: codeql-suites license: MIT diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index 1813af0c7f..118cbff058 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards-tests -version: 2.15.0-dev +version: 2.16.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index 56fd0b103d..a164a0fe6c 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards -version: 2.15.0-dev +version: 2.16.0-dev description: CERT C++ 2016 suites: codeql-suites license: MIT diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index 02b485f84b..97049b683e 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards-tests -version: 2.15.0-dev +version: 2.16.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index 147f1d79e7..1df0d9dec6 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards -version: 2.15.0-dev +version: 2.16.0-dev license: MIT dependencies: codeql/cpp-all: 0.3.5 diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index 7fc52f4b7d..d946cb2892 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards-tests -version: 2.15.0-dev +version: 2.16.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index d634c59bd8..ef6b41096d 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards -version: 2.15.0-dev +version: 2.16.0-dev description: MISRA C++ 2008 suites: codeql-suites license: MIT diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index 97055ea583..204261cd1b 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards-tests -version: 2.15.0-dev +version: 2.16.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index d40ab29324..8566f8b00e 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/report-cpp-coding-standards -version: 2.15.0-dev +version: 2.16.0-dev license: MIT dependencies: codeql/cpp-all: 0.3.5 diff --git a/docs/user_manual.md b/docs/user_manual.md index f738010dc8..972c9e6efe 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -26,10 +26,10 @@ This user manual documents release `2.10.0` of the coding standards located at https://github.com/github/codeql-coding-standards/releases/tag/v2.10.0 . The release page documents the release notes and contains the following artifacts part of the release: -- `code-scanning-cpp-query-pack-anon-2.15.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `supported_rules_list_2.15.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. +- `code-scanning-cpp-query-pack-anon-2.16.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. +- `supported_rules_list_2.16.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. - `upported_rules_list_2.15.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. -- `user_manual_2.15.0-dev.md`: This user manual. +- `user_manual_2.16.0-dev.md`: This user manual. - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards - `checksums.txt`: A text file containing sha256 checksums for the aforementioned artifacts. @@ -457,7 +457,7 @@ This section describes known failure modes for "CodeQL Coding Standards" and des | | Ouf of space | Less output. Some files may be only be partially analyzed, or not analyzed at all. | Error reported on the command line. | Increase space. If it remains an issue report space consumption issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False positives | More output. Results are reported which are not violations of the guidelines. | All reported results must be reviewed. | Report false positive issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False negatives | Less output. Violations of the guidelines are not reported. | Other validation and verification processes during software development should be used to complement the analysis performed by CodeQL Coding Standards. | Report false negative issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | -| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.15.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | +| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.16.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | | | Incorrect deviation record specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation records with a reason. Ensure that all deviation records are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Incorrect deviation permit specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation permits with a reason. Ensure that all deviation permits are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Unapproved use of a deviation record | Less output. Results for guideline violations are not reported. | Validate that the deviation record use is approved by verifying the approved-by attribute of the deviation record specification. | Ensure that each raised deviation record is approved by an independent approver through an auditable process. | From 25e7610a71b73dd36940a9ce6dfa106a6face1d8 Mon Sep 17 00:00:00 2001 From: jsinglet Date: Tue, 14 Mar 2023 19:15:07 +0000 Subject: [PATCH 0720/2573] Version bump to 2.15.0. --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- docs/user_manual.md | 8 ++++---- 16 files changed, 19 insertions(+), 19 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index f3bb6dfc31..f5ab2b9706 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards -version: 2.15.0-dev +version: 2.15.0 description: CERT C 2016 suites: codeql-suites license: MIT diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index be31ed6211..a24192d7e4 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards-tests -version: 2.15.0-dev +version: 2.15.0 extractor: cpp license: MIT dependencies: diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 02a2a58665..ef9ff32df1 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards -version: 2.15.0-dev +version: 2.15.0 license: MIT dependencies: codeql/common-cpp-coding-standards: '*' diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index decc240266..a25a79e940 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards-tests -version: 2.15.0-dev +version: 2.15.0 extractor: cpp license: MIT dependencies: diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index c3386475fe..7599858679 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards -version: 2.15.0-dev +version: 2.15.0 description: MISRA C 2012 suites: codeql-suites license: MIT diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index 6f3712963b..19ce15363f 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards-tests -version: 2.15.0-dev +version: 2.15.0 extractor: cpp license: MIT dependencies: diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index bf80ed2cf2..378d6b4dad 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards -version: 2.15.0-dev +version: 2.15.0 description: AUTOSAR C++14 Guidelines 20-11 suites: codeql-suites license: MIT diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index 1813af0c7f..874b5cb7b2 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards-tests -version: 2.15.0-dev +version: 2.15.0 extractor: cpp license: MIT dependencies: diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index 56fd0b103d..b96cc31cb2 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards -version: 2.15.0-dev +version: 2.15.0 description: CERT C++ 2016 suites: codeql-suites license: MIT diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index 02b485f84b..743ebe3d42 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards-tests -version: 2.15.0-dev +version: 2.15.0 extractor: cpp license: MIT dependencies: diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index 147f1d79e7..d38ba93dc4 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards -version: 2.15.0-dev +version: 2.15.0 license: MIT dependencies: codeql/cpp-all: 0.3.5 diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index 7fc52f4b7d..3b83e9e385 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards-tests -version: 2.15.0-dev +version: 2.15.0 extractor: cpp license: MIT dependencies: diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index d634c59bd8..c3d9730438 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards -version: 2.15.0-dev +version: 2.15.0 description: MISRA C++ 2008 suites: codeql-suites license: MIT diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index 97055ea583..2020e6c4d6 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards-tests -version: 2.15.0-dev +version: 2.15.0 extractor: cpp license: MIT dependencies: diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index d40ab29324..7d46724e46 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/report-cpp-coding-standards -version: 2.15.0-dev +version: 2.15.0 license: MIT dependencies: codeql/cpp-all: 0.3.5 diff --git a/docs/user_manual.md b/docs/user_manual.md index f738010dc8..c8cfc9793e 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -26,10 +26,10 @@ This user manual documents release `2.10.0` of the coding standards located at https://github.com/github/codeql-coding-standards/releases/tag/v2.10.0 . The release page documents the release notes and contains the following artifacts part of the release: -- `code-scanning-cpp-query-pack-anon-2.15.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `supported_rules_list_2.15.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. +- `code-scanning-cpp-query-pack-anon-2.15.0.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. +- `supported_rules_list_2.15.0.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. - `upported_rules_list_2.15.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. -- `user_manual_2.15.0-dev.md`: This user manual. +- `user_manual_2.15.0.md`: This user manual. - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards - `checksums.txt`: A text file containing sha256 checksums for the aforementioned artifacts. @@ -457,7 +457,7 @@ This section describes known failure modes for "CodeQL Coding Standards" and des | | Ouf of space | Less output. Some files may be only be partially analyzed, or not analyzed at all. | Error reported on the command line. | Increase space. If it remains an issue report space consumption issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False positives | More output. Results are reported which are not violations of the guidelines. | All reported results must be reviewed. | Report false positive issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False negatives | Less output. Violations of the guidelines are not reported. | Other validation and verification processes during software development should be used to complement the analysis performed by CodeQL Coding Standards. | Report false negative issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | -| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.15.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | +| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.15.0.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | | | Incorrect deviation record specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation records with a reason. Ensure that all deviation records are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Incorrect deviation permit specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation permits with a reason. Ensure that all deviation permits are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Unapproved use of a deviation record | Less output. Results for guideline violations are not reported. | Validate that the deviation record use is approved by verifying the approved-by attribute of the deviation record specification. | Ensure that each raised deviation record is approved by an independent approver through an auditable process. | From 3d0b937994a6de87020c37512624216354b692e3 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 14 Mar 2023 15:28:01 -0400 Subject: [PATCH 0721/2573] Fix FP for issue 214 exclude variable templates and fix case where same scope identifiers are considered --- change_notes/2023-03-14-fp-a12-10-1.md | 1 + cpp/common/src/codingstandards/cpp/Scope.qll | 40 +++++++++++++++++++ .../identifierhidden/IdentifierHidden.qll | 5 ++- .../test/rules/identifierhidden/test.cpp | 6 +++ .../test/rules/identifierhidden/test1.cpp | 2 + 5 files changed, 53 insertions(+), 1 deletion(-) create mode 100644 change_notes/2023-03-14-fp-a12-10-1.md create mode 100644 cpp/common/test/rules/identifierhidden/test1.cpp diff --git a/change_notes/2023-03-14-fp-a12-10-1.md b/change_notes/2023-03-14-fp-a12-10-1.md new file mode 100644 index 0000000000..d92af0e8df --- /dev/null +++ b/change_notes/2023-03-14-fp-a12-10-1.md @@ -0,0 +1 @@ +* `A12-10-1` and `RULE-5-3` - reduce false positives reported for identifiers in same scope, and (relevant for `A12-10-1` only) omitted false positives for template variables \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/Scope.qll b/cpp/common/src/codingstandards/cpp/Scope.qll index d39478d784..1734a1e9e4 100644 --- a/cpp/common/src/codingstandards/cpp/Scope.qll +++ b/cpp/common/src/codingstandards/cpp/Scope.qll @@ -130,6 +130,18 @@ private UserVariable getPotentialScopeOfVariable_candidate(UserVariable v) { ) } +/** Gets a variable that is in the potential scope of variable `v`. */ +private UserVariable getOuterScopesOfVariable_candidate(UserVariable v) { + exists(Scope s | + result = s.getAVariable() and + ( + // Variable in an ancestor scope, but only if there are less than 100 variables in this scope + v = s.getAnAncestor().getAVariable() and + s.getNumberOfVariables() < 100 + ) + ) +} + /** Holds if there exists a translation unit that includes both `f1` and `f2`. */ pragma[noinline] predicate inSameTranslationUnit(File f1, File f2) { @@ -148,6 +160,15 @@ UserVariable getPotentialScopeOfVariable(UserVariable v) { inSameTranslationUnit(v.getFile(), result.getFile()) } +/** + * Gets a user variable which occurs in the "outer scope" of variable `v`. + */ +cached +UserVariable getPotentialScopeOfVariableStrict(UserVariable v) { + result = getOuterScopesOfVariable_candidate(v) and + inSameTranslationUnit(v.getFile(), result.getFile()) +} + /** A file that is a C/C++ source file */ class SourceFile extends File { SourceFile() { @@ -182,6 +203,15 @@ private predicate hides_candidate(UserVariable v1, UserVariable v2) { not (v1.isMember() or v2.isMember()) } +/** Holds if `v2` may hide `v1`. */ +private predicate hides_candidateStrict(UserVariable v1, UserVariable v2) { + not v1 = v2 and + v2 = getPotentialScopeOfVariableStrict(v1) and + v1.getName() = v2.getName() and + // Member variables cannot hide other variables nor be hidden because the can be referenced through their qualified name. + not (v1.isMember() or v2.isMember()) +} + /** Holds if `v2` hides `v1`. */ predicate hides(UserVariable v1, UserVariable v2) { hides_candidate(v1, v2) and @@ -192,6 +222,16 @@ predicate hides(UserVariable v1, UserVariable v2) { ) } +/** Holds if `v2` strictly (`v2` is in an inner scope compared to `v1`) hides `v1`. */ +predicate hidesStrict(UserVariable v1, UserVariable v2) { + hides_candidateStrict(v1, v2) and + // Confirm that there's no closer candidate variable which `v2` hides + not exists(UserVariable mid | + hides_candidateStrict(v1, mid) and + hides_candidateStrict(mid, v2) + ) +} + /** Holds if `decl` has namespace scope. */ predicate hasNamespaceScope(Declaration decl) { // getNamespace always returns a namespace (e.g. the global namespace). diff --git a/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll b/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll index b3cadd6d2a..fc0a01cbd4 100644 --- a/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll +++ b/cpp/common/src/codingstandards/cpp/rules/identifierhidden/IdentifierHidden.qll @@ -14,7 +14,10 @@ Query getQuery() { result instanceof IdentifierHiddenSharedQuery } query predicate problems(UserVariable v2, string message, UserVariable v1, string varName) { not isExcluded(v1, getQuery()) and not isExcluded(v2, getQuery()) and - hides(v1, v2) and + //ignore template variables for this rule + not v1 instanceof TemplateVariable and + not v2 instanceof TemplateVariable and + hidesStrict(v1, v2) and varName = v1.getName() and message = "Variable is hiding variable $@." } diff --git a/cpp/common/test/rules/identifierhidden/test.cpp b/cpp/common/test/rules/identifierhidden/test.cpp index 233ae4c004..aaf4a23129 100644 --- a/cpp/common/test/rules/identifierhidden/test.cpp +++ b/cpp/common/test/rules/identifierhidden/test.cpp @@ -27,4 +27,10 @@ void f3() { for (int id1; id1 < 1; id1++) { } // NON_COMPLIANT } +} + +template constexpr bool foo = false; // COMPLIANT + +namespace { +template bool foo = true; // COMPLIANT } \ No newline at end of file diff --git a/cpp/common/test/rules/identifierhidden/test1.cpp b/cpp/common/test/rules/identifierhidden/test1.cpp new file mode 100644 index 0000000000..ff4adb5381 --- /dev/null +++ b/cpp/common/test/rules/identifierhidden/test1.cpp @@ -0,0 +1,2 @@ +template constexpr bool foo = false; // COMPLIANT +template constexpr bool foo = true; // COMPLIANT \ No newline at end of file From 730b374696a47ad2271860233926a2b1659670a0 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 14 Mar 2023 15:33:37 -0400 Subject: [PATCH 0722/2573] Add missing change notes from fixes for issues 215 and 232 --- change_notes/2023-03-13-fp-a16-0-1.md | 1 + change_notes/2023-03-14-fp-a12-10-1.md | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) create mode 100644 change_notes/2023-03-13-fp-a16-0-1.md diff --git a/change_notes/2023-03-13-fp-a16-0-1.md b/change_notes/2023-03-13-fp-a16-0-1.md new file mode 100644 index 0000000000..d1cf580ac6 --- /dev/null +++ b/change_notes/2023-03-13-fp-a16-0-1.md @@ -0,0 +1 @@ + * `A16-0-1` - reduce unneeded results related to `#pragma`, as it's already reported by A16-7-1. \ No newline at end of file diff --git a/change_notes/2023-03-14-fp-a12-10-1.md b/change_notes/2023-03-14-fp-a12-10-1.md index d92af0e8df..f1a2ee65f8 100644 --- a/change_notes/2023-03-14-fp-a12-10-1.md +++ b/change_notes/2023-03-14-fp-a12-10-1.md @@ -1 +1 @@ -* `A12-10-1` and `RULE-5-3` - reduce false positives reported for identifiers in same scope, and (relevant for `A12-10-1` only) omitted false positives for template variables \ No newline at end of file + * `DCL51-CPP` - reduce false positives related to use of `__func__` \ No newline at end of file From 3aaf85353a94b3c9c4bab0b06f002b4a53e4f5b2 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 14 Mar 2023 15:40:58 -0400 Subject: [PATCH 0723/2573] Fix change notes --- .../{2023-03-14-fp-a12-10-1.md => 2023-03-13-fp-dcl51-cpp.md} | 0 change_notes/2023-03-14-fp-a2-10-1.md | 2 ++ 2 files changed, 2 insertions(+) rename change_notes/{2023-03-14-fp-a12-10-1.md => 2023-03-13-fp-dcl51-cpp.md} (100%) create mode 100644 change_notes/2023-03-14-fp-a2-10-1.md diff --git a/change_notes/2023-03-14-fp-a12-10-1.md b/change_notes/2023-03-13-fp-dcl51-cpp.md similarity index 100% rename from change_notes/2023-03-14-fp-a12-10-1.md rename to change_notes/2023-03-13-fp-dcl51-cpp.md diff --git a/change_notes/2023-03-14-fp-a2-10-1.md b/change_notes/2023-03-14-fp-a2-10-1.md new file mode 100644 index 0000000000..f6dcd3d865 --- /dev/null +++ b/change_notes/2023-03-14-fp-a2-10-1.md @@ -0,0 +1,2 @@ + * `A2-10-1` - reduce false positives for identifiers in same scope and relating to template variables + * `RULE-5-3`- reduce false positives for identifiers in same scope \ No newline at end of file From 1cc399b6625bbf17765a2d66206e10fd2101e08d Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Tue, 14 Mar 2023 13:52:58 -0700 Subject: [PATCH 0724/2573] Augment test.cpp --- cpp/autosar/test/rules/A5-2-6/test.cpp | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/cpp/autosar/test/rules/A5-2-6/test.cpp b/cpp/autosar/test/rules/A5-2-6/test.cpp index 9b7976ed23..06d08564d5 100644 --- a/cpp/autosar/test/rules/A5-2-6/test.cpp +++ b/cpp/autosar/test/rules/A5-2-6/test.cpp @@ -15,4 +15,20 @@ void f2(int p1, int p2) { if ((p1 > 0) || (p2 > 0)) { // COMPLIANT f1(); } + + struct Sample { + int x; + } sample; + + if ((p1 > 0 || + sample.x)) { // COMPLIANT: struct member accessors (.) are excluded + f1(); + } + + Sample *sample_ptr = &sample; + + if ((p1 > 0 || sample_ptr->x)) { // COMPLIANT: struct member accessors with + // dereference (->) are excluded + f1(); + } } \ No newline at end of file From 338c99c8e22ac7f0660c0997124ddfaf9f418c4b Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Tue, 14 Mar 2023 15:18:49 -0700 Subject: [PATCH 0725/2573] Reinforce A5-2-6 --- .../OperandsOfALogicalAndOrNotParenthesized.ql | 18 ++++++++++++------ cpp/autosar/test/rules/A5-2-6/test.cpp | 14 +++++++++----- 2 files changed, 21 insertions(+), 11 deletions(-) diff --git a/cpp/autosar/src/rules/A5-2-6/OperandsOfALogicalAndOrNotParenthesized.ql b/cpp/autosar/src/rules/A5-2-6/OperandsOfALogicalAndOrNotParenthesized.ql index dd63288587..6816c6ab1e 100644 --- a/cpp/autosar/src/rules/A5-2-6/OperandsOfALogicalAndOrNotParenthesized.ql +++ b/cpp/autosar/src/rules/A5-2-6/OperandsOfALogicalAndOrNotParenthesized.ql @@ -17,11 +17,17 @@ import cpp import codingstandards.cpp.autosar -from BinaryLogicalOperation op, BinaryOperation binop +from BinaryLogicalOperation op, Expr operand where not isExcluded(op, OrderOfEvaluationPackage::operandsOfALogicalAndOrNotParenthesizedQuery()) and - op.getAnOperand() = binop and - not exists(ParenthesisExpr p | p = binop.getFullyConverted()) and - // Exclude binary operations expanded by a macro. - not binop.isInMacroExpansion() -select op, "Binary $@ operand of logical operation is not parenthesized.", binop, "operator" + operand = op.getAnOperand() and + /* The operand is a built-in arithmetic/logic binary operation */ + if operand instanceof BinaryOperation + then + not exists(ParenthesisExpr p | p = operand.getFullyConverted()) and + // Exclude binary operations expanded by a macro. + not operand.isInMacroExpansion() + else + /* The operand should not be a field access operation */ + not operand instanceof FieldAccess +select op, "Binary $@ operand of logical operation is not parenthesized.", operand, "operator" diff --git a/cpp/autosar/test/rules/A5-2-6/test.cpp b/cpp/autosar/test/rules/A5-2-6/test.cpp index 06d08564d5..78359d8cbb 100644 --- a/cpp/autosar/test/rules/A5-2-6/test.cpp +++ b/cpp/autosar/test/rules/A5-2-6/test.cpp @@ -1,4 +1,5 @@ -extern void f1(); +// TODO: remove function body +extern void f1(){}; void f2(int p1, int p2) { if (p1 > 0 && p1 < 10) { // NON_COMPLIANT f1(); @@ -20,15 +21,18 @@ void f2(int p1, int p2) { int x; } sample; - if ((p1 > 0 || - sample.x)) { // COMPLIANT: struct member accessors (.) are excluded + if ((p1 > 0) || + sample.x) { // COMPLIANT: struct member accessors (.) are excluded f1(); } Sample *sample_ptr = &sample; - if ((p1 > 0 || sample_ptr->x)) { // COMPLIANT: struct member accessors with + if ((p1 > 0) || sample_ptr->x) { // COMPLIANT: struct member accessors with // dereference (->) are excluded f1(); } -} \ No newline at end of file +} + +// TODO: remove this +int main() { return 0; } \ No newline at end of file From 5fcb20a6d43bf86c6f7ccc60951d91ec7557a0bf Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Tue, 14 Mar 2023 16:38:50 -0700 Subject: [PATCH 0726/2573] Remove stuffs added temporarily --- cpp/autosar/test/rules/A5-2-6/test.cpp | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/cpp/autosar/test/rules/A5-2-6/test.cpp b/cpp/autosar/test/rules/A5-2-6/test.cpp index 78359d8cbb..0649f7dbc9 100644 --- a/cpp/autosar/test/rules/A5-2-6/test.cpp +++ b/cpp/autosar/test/rules/A5-2-6/test.cpp @@ -1,5 +1,4 @@ -// TODO: remove function body -extern void f1(){}; +extern void f1(); void f2(int p1, int p2) { if (p1 > 0 && p1 < 10) { // NON_COMPLIANT f1(); @@ -32,7 +31,4 @@ void f2(int p1, int p2) { // dereference (->) are excluded f1(); } -} - -// TODO: remove this -int main() { return 0; } \ No newline at end of file +} \ No newline at end of file From 7fe93961123e543b4110b0656b17e2a93f6cb455 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 14 Mar 2023 17:11:15 -0700 Subject: [PATCH 0727/2573] Add `isInvalidLoop` predicate that provides a reason --- cpp/common/src/codingstandards/cpp/Loops.qll | 101 ++++++++++++++----- 1 file changed, 74 insertions(+), 27 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Loops.qll b/cpp/common/src/codingstandards/cpp/Loops.qll index 599b229771..b83a79851e 100644 --- a/cpp/common/src/codingstandards/cpp/Loops.qll +++ b/cpp/common/src/codingstandards/cpp/Loops.qll @@ -37,13 +37,14 @@ predicate isForLoopWithFloatingPointCounters(ForStmt forLoop, Variable v) { * Holds if for loop `forLoop` contains an invalid for loop incrementation. * M6-5-2 */ -predicate isInvalidForLoopIncrementation(ForStmt forLoop, LoopControlVariable v) { - v.getAnAccess() = forLoop.getCondition().getAChild*() and - exists(VariableAccess va | - va = v.getAnAccess() and - va = forLoop.getUpdate().getAChild*() and - not exists(CrementOperation cop | cop.getOperand() = va) and - not exists(Call c | c.getQualifier() = va and c.getTarget() instanceof UserCrementOperator) +predicate isInvalidForLoopIncrementation(ForStmt forLoop, Variable v, VariableAccess modification) { + v = getAnIterationVariable(forLoop) and + modification = v.getAnAccess() and + modification = forLoop.getUpdate().getAChild*() and + modification.isModified() and + not exists(CrementOperation cop | cop.getOperand() = modification) and + not exists(Call c | + c.getQualifier() = modification and c.getTarget() instanceof UserCrementOperator ) and exists(VariableAccess va | va = forLoop.getCondition().getAChild*() and va = v.getAnAccess() | exists(EqualityOperation eop | eop.getAnOperand() = va) @@ -163,26 +164,72 @@ predicate isLoopControlVarModifiedInLoopExpr( predicate isNonBoolLoopControlVar( ForStmt forLoop, LoopControlVariable loopControlVariable, VariableAccess loopControlVariableAccess ) { - // get a loop control variable that is not a loop counter - loopControlVariableAccess = loopControlVariable.getVariableAccessInLoop(forLoop) and - not loopControlVariable = getAnIterationVariable(forLoop) and - loopControlVariableAccess.getEnclosingStmt() = forLoop.getStmt().getAChild*() and - // filter only loop control variables that are modified - ( - loopControlVariableAccess.isModified() or - loopControlVariableAccess.isAddressOfAccess() - ) and - // check if the variable type is anything but bool - not loopControlVariable.getType() instanceof BoolType + exists(Variable loopCounter, ComparisonOperation terminationCheck | + loopCounter = getAnIterationVariable(forLoop) and + forLoop.getCondition() = terminationCheck.getParent*() + | + // get a loop control variable that is not a loop counter + loopControlVariableAccess = loopControlVariable.getVariableAccessInLoop(forLoop) and + not loopControlVariable = getAnIterationVariable(forLoop) and + // filter only loop control variables that are modified + ( + loopControlVariableAccess.isModified() or + loopControlVariableAccess.isAddressOfAccess() + ) and + // check if the variable type is anything but bool + not loopControlVariable.getType() instanceof BoolType and + // check if the control variable is part of the termination check, but is not compared to the loop counter + terminationCheck.getAnOperand() = loopControlVariable.getAnAccess().getParent*() and + not terminationCheck.getAnOperand() = loopCounter.getAnAccess().getParent*() + ) } -predicate isInvalidLoop(ForStmt forLoop) { - isInvalidForLoopIncrementation(forLoop, _) or - isForLoopWithMulipleCounters(forLoop) or - isForLoopWithFloatingPointCounters(forLoop, _) or - isLoopCounterModifiedInCondition(forLoop, _) or - isLoopCounterModifiedInStatement(forLoop, _, _) or - isIrregularLoopCounterModification(forLoop, _, _) or - isLoopControlVarModifiedInLoopExpr(forLoop, _, _) or - isNonBoolLoopControlVar(forLoop, _, _) +predicate isInvalidLoop(ForStmt forLoop) { isInvalidLoop(forLoop, _, _, _) } + +predicate isInvalidLoop(ForStmt forLoop, string reason, Locatable reasonLocation, string reasonLabel) { + exists(Variable loopCounter | + isInvalidForLoopIncrementation(forLoop, loopCounter, reasonLocation) and + reason = + "it $@ its loop counter '" + loopCounter.getName() + + "' with an operation that is not an increment or decrement" and + reasonLabel = "updates" + ) + or + isForLoopWithMulipleCounters(forLoop) and + reason = "it uses multiple loop counters$@" and + reasonLabel = "" and + reasonLocation.getLocation() instanceof UnknownExprLocation + or + isForLoopWithFloatingPointCounters(forLoop, reasonLocation) and + reason = "it uses a loop counter '$@' of type floating-point" and + reasonLabel = reasonLocation.(Variable).getName() + or + isLoopCounterModifiedInCondition(forLoop, reasonLocation) and + reason = + "it $@ the loop counter '" + reasonLocation.(VariableAccess).getTarget().getName() + + "' in the condition" and + reasonLabel = "updates" + or + exists(Variable loopCounter | + isLoopCounterModifiedInStatement(forLoop, loopCounter, reasonLocation) and + reason = "it $@ the loop counter '" + loopCounter.getName() + "' in the body of the loop" and + reasonLabel = "updates" + ) + or + exists(Variable loopCounter | + isIrregularLoopCounterModification(forLoop, loopCounter, reasonLocation) and + reason = "it $@ the loop counter '" + loopCounter.getName() + "' irregularly" and + reasonLabel = "updates" + ) + or + exists(Variable loopControlVariable | + isLoopControlVarModifiedInLoopExpr(forLoop, loopControlVariable, reasonLocation) and + reason = + "it updates $@, a loop control variable other than the loop counter, in the update expression of the loop" and + reasonLabel = loopControlVariable.getName() + ) + or + isNonBoolLoopControlVar(forLoop, reasonLocation, _) and + reason = "its $@ is not a boolean" and + reasonLabel = "loop control variable" } From bac2291aabd3b72b8b6abac659bc7471a430f75b Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Tue, 14 Mar 2023 17:11:50 -0700 Subject: [PATCH 0728/2573] Add reason to alert message --- .../src/rules/RULE-14-2/ForLoopNotWellFormed.ql | 6 +++--- .../rules/RULE-14-2/ForLoopNotWellFormed.expected | 14 +++++++------- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/c/misra/src/rules/RULE-14-2/ForLoopNotWellFormed.ql b/c/misra/src/rules/RULE-14-2/ForLoopNotWellFormed.ql index a454d90505..106bd9b5c6 100644 --- a/c/misra/src/rules/RULE-14-2/ForLoopNotWellFormed.ql +++ b/c/misra/src/rules/RULE-14-2/ForLoopNotWellFormed.ql @@ -15,8 +15,8 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.Loops -from ForStmt for +from ForStmt for, Element reasonLocation, string reason, string reasonLabel where not isExcluded(for, Statements4Package::forLoopNotWellFormedQuery()) and - isInvalidLoop(for) -select for, "For loop is not well formed." + isInvalidLoop(for, reason, reasonLocation, reasonLabel) +select for, "For loop is not well formed, " + reason + ".", reasonLocation, reasonLabel diff --git a/c/misra/test/rules/RULE-14-2/ForLoopNotWellFormed.expected b/c/misra/test/rules/RULE-14-2/ForLoopNotWellFormed.expected index c084d2d0ad..fc7fbc7c5f 100644 --- a/c/misra/test/rules/RULE-14-2/ForLoopNotWellFormed.expected +++ b/c/misra/test/rules/RULE-14-2/ForLoopNotWellFormed.expected @@ -1,7 +1,7 @@ -| test.c:7:3:8:3 | for(...;...;...) ... | For loop is not well formed. | -| test.c:14:3:15:3 | for(...;...;...) ... | For loop is not well formed. | -| test.c:20:3:21:3 | for(...;...;...) ... | For loop is not well formed. | -| test.c:25:3:26:3 | for(...;...;...) ... | For loop is not well formed. | -| test.c:38:3:39:3 | for(...;...;...) ... | For loop is not well formed. | -| test.c:52:3:53:3 | for(...;...;...) ... | For loop is not well formed. | -| test.c:64:3:67:3 | for(...;...;...) ... | For loop is not well formed. | +| test.c:7:3:8:3 | for(...;...;...) ... | For loop is not well formed, it uses a loop counter '$@' of type floating-point. | test.c:7:14:7:14 | f | f | +| test.c:14:3:15:3 | for(...;...;...) ... | For loop is not well formed, it uses multiple loop counters$@. | file://:0:0:0:0 | | | +| test.c:20:3:21:3 | for(...;...;...) ... | For loop is not well formed, it uses multiple loop counters$@. | file://:0:0:0:0 | | | +| test.c:25:3:26:3 | for(...;...;...) ... | For loop is not well formed, it $@ its loop counter 'i' with an operation that is not an increment or decrement. | test.c:25:28:25:28 | i | updates | +| test.c:38:3:39:3 | for(...;...;...) ... | For loop is not well formed, it $@ the loop counter 'x' irregularly. | test.c:38:26:38:26 | x | updates | +| test.c:52:3:53:3 | for(...;...;...) ... | For loop is not well formed, it updates $@, a loop control variable other than the loop counter, in the update expression of the loop. | test.c:52:28:52:29 | p1 | p1 | +| test.c:64:3:67:3 | for(...;...;...) ... | For loop is not well formed, it $@ the loop counter 'x' in the body of the loop. | test.c:65:5:65:5 | x | updates | From dca63fc582d4aa58352613a9a9f4880733d79284 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 15 Mar 2023 01:29:24 +0100 Subject: [PATCH 0729/2573] Contracts7 --- ...oNotPassInvalidDataToTheAsctimeFunction.md | 133 ++++++++++++++++++ ...oNotPassInvalidDataToTheAsctimeFunction.ql | 51 +++++++ ...ArgOnAVaListThatHasAnIndeterminateValue.md | 120 ++++++++++++++++ ...ArgOnAVaListThatHasAnIndeterminateValue.ql | 73 ++++++++++ ...ssInvalidDataToTheAsctimeFunction.expected | 1 + ...tPassInvalidDataToTheAsctimeFunction.qlref | 1 + c/cert/test/rules/MSC33-C/test.c | 37 +++++ ...VaListThatHasAnIndeterminateValue.expected | 1 + ...OnAVaListThatHasAnIndeterminateValue.qlref | 1 + c/cert/test/rules/MSC39-C/test.c | 105 ++++++++++++++ .../cpp/exclusions/c/Contracts7.qll | 78 ++++++++++ .../cpp/exclusions/c/RuleMetadata.qll | 3 + rule_packages/c/Contracts7.json | 77 ++++++++++ rules.csv | 8 +- 14 files changed, 685 insertions(+), 4 deletions(-) create mode 100644 c/cert/src/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.md create mode 100644 c/cert/src/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.ql create mode 100644 c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.md create mode 100644 c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql create mode 100644 c/cert/test/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.expected create mode 100644 c/cert/test/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.qlref create mode 100644 c/cert/test/rules/MSC33-C/test.c create mode 100644 c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.expected create mode 100644 c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.qlref create mode 100644 c/cert/test/rules/MSC39-C/test.c create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/Contracts7.qll create mode 100644 rule_packages/c/Contracts7.json diff --git a/c/cert/src/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.md b/c/cert/src/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.md new file mode 100644 index 0000000000..d22bcd6e52 --- /dev/null +++ b/c/cert/src/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.md @@ -0,0 +1,133 @@ +# MSC33-C: Do not pass invalid data to the asctime() function + +This query implements the CERT-C rule MSC33-C: + +> Do not pass invalid data to the asctime() function + + +## Description + +The C Standard, 7.27.3.1 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\], provides the following sample implementation of the `asctime()` function: + +```cpp +char *asctime(const struct tm *timeptr) { + static const char wday_name[7][3] = { + "Sun", "Mon", "Tue", "Wed", "Thu", "Fri", "Sat" + }; + static const char mon_name[12][3] = { + "Jan", "Feb", "Mar", "Apr", "May", "Jun", + "Jul", "Aug", "Sep", "Oct", "Nov", "Dec" + }; + static char result[26]; + sprintf( + result, + "%.3s %.3s%3d %.2d:%.2d:%.2d %d\n", + wday_name[timeptr->tm_wday], + mon_name[timeptr->tm_mon], + timeptr->tm_mday, timeptr->tm_hour, + timeptr->tm_min, timeptr->tm_sec, + 1900 + timeptr->tm_year + ); + return result; +} + +``` +This function is supposed to output a character string of 26 characters at most, including the terminating null character. If we count the length indicated by the format directives, we arrive at 25. Taking into account the terminating null character, the array size of the string appears sufficient. + +However, this [implementation](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation) assumes that the values of the `struct tm` data are within normal ranges and does nothing to enforce the range limit. If any of the values print more characters than expected, the `sprintf()` function may overflow the `result` array. For example, if `tm_year` has the value `12345,` then 27 characters (including the terminating null character) are printed, resulting in a buffer overflow. + +The* POSIX® Base Specifications* \[[IEEE Std 1003.1:2013](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-IEEEStd1003.1-2013)\] says the following about the `asctime()` and `asctime_r()` functions: + +> These functions are included only for compatibility with older implementations. They have undefined behavior if the resulting string would be too long, so the use of these functions should be discouraged. On implementations that do not detect output string length overflow, it is possible to overflow the output buffers in such a way as to cause applications to fail, or possible system security violations. Also, these functions do not support localized date and time formats. To avoid these problems, applications should use `strftime()` to generate strings from broken-down times. + + +The C Standard, Annex K, also defines `asctime_s()`, which can be used as a secure substitute for `asctime()`. + +The `asctime()` function appears in the list of obsolescent functions in [MSC24-C. Do not use deprecated or obsolescent functions](https://wiki.sei.cmu.edu/confluence/display/c/MSC24-C.+Do+not+use+deprecated+or+obsolescent+functions). + +## Noncompliant Code Example + +This noncompliant code example invokes the `asctime()` function with potentially unsanitized data: + +```cpp +#include + +void func(struct tm *time_tm) { + char *time = asctime(time_tm); + /* ... */ +} +``` + +## Compliant Solution (strftime()) + +The `strftime()` function allows the programmer to specify a more rigorous format and also to specify the maximum size of the resulting time string: + +```cpp +#include + +enum { maxsize = 26 }; + +void func(struct tm *time) { + char s[maxsize]; + /* Current time representation for locale */ + const char *format = "%c"; + + size_t size = strftime(s, maxsize, format, time); +} +``` +This call has the same effects as `asctime()` but also ensures that no more than `maxsize` characters are printed, preventing buffer overflow. + +## Compliant Solution (asctime_s()) + +The C Standard, Annex K, defines the `asctime_s()` function, which serves as a close replacement for the `asctime()` function but requires an additional argument that specifies the maximum size of the resulting time string: + +```cpp +#define __STDC_WANT_LIB_EXT1__ 1 +#include + +enum { maxsize = 26 }; + +void func(struct tm *time_tm) { + char buffer[maxsize]; + + if (asctime_s(buffer, maxsize, &time_tm)) { + /* Handle error */ + } +} +``` + +## Risk Assessment + +On [implementations](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation) that do not detect output-string-length overflow, it is possible to overflow the output buffers. + +
    Rule Severity Likelihood Remediation Cost Priority Level
    MSC33-C High Likely Low P27 L1
    + + +## Automated Detection + +
    Tool Version Checker Description
    Astrée 22.04 Supported, but no explicit checker
    Axivion Bauhaus Suite 7.2.0 CertC-MSC33
    CodeSonar 7.2p0 BADFUNC.TIME_H Use of <time.h> Time/Date Function
    Helix QAC 2022.4 C5032 C++5030
    Klocwork 2022.4 CERT.MSC.ASCTIME
    LDRA tool suite 9.7.1 44 S Enhanced Enforcement
    Parasoft C/C++test 2022.2 CERT_C-MSC33-a The 'asctime()' and 'asctime_r()' functions should not be used
    PC-lint Plus 1.4 586 Fully supported
    Polyspace Bug Finder R2022b CERT C: Rule MSC33-C Checks for use of obsolete standard function (rule fully covered)
    PRQA QA-C 9.7 5032
    PRQA QA-C++ 4.4 5030
    RuleChecker 22.04 Supported, but no explicit checker
    + + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+MSC33-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
    Taxonomy Taxonomy item Relationship
    CERT C Secure Coding Standard MSC24-C. Do not use deprecated or obsolescent functions Prior to 2018-01-12: CERT: Unspecified Relationship
    + + +## Bibliography + +
    \[ IEEE Std 1003.1:2013 \] XSH, System Interfaces, asctime
    \[ ISO/IEC 9899:2011 \] 7.27.3.1, "The asctime Function"
    + + +## Implementation notes + +None + +## References + +* CERT-C: [MSC33-C: Do not pass invalid data to the asctime() function](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.ql b/c/cert/src/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.ql new file mode 100644 index 0000000000..f5d053cdb1 --- /dev/null +++ b/c/cert/src/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.ql @@ -0,0 +1,51 @@ +/** + * @id c/cert/do-not-pass-invalid-data-to-the-asctime-function + * @name MSC33-C: Do not pass invalid data to the asctime() function + * @description The data passed to the asctime() function is invalid. This can lead to buffer + * overflow. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/cert/id/msc33-c + * security + * correctness + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import semmle.code.cpp.dataflow.DataFlow + +/** + * The argument of a call to `asctime` + */ +class AsctimeArg extends Expr { + AsctimeArg() { + this = + any(FunctionCall f | f.getTarget().hasGlobalName(["asctime", "asctime_r"])).getArgument(0) + } +} + +/** + * Dataflow configuration for flow from a library function + * to a call of function `asctime` + */ +class TmStructSafeConfig extends DataFlow::Configuration { + TmStructSafeConfig() { this = "TmStructSafeConfig" } + + override predicate isSource(DataFlow::Node src) { + src.asExpr() + .(FunctionCall) + .getTarget() + .hasGlobalName(["localtime", "localtime_r", "localtime_s", "gmtime", "gmtime_r", "gmtime_s"]) + } + + override predicate isSink(DataFlow::Node sink) { sink.asExpr() instanceof AsctimeArg } +} + +from AsctimeArg fc, TmStructSafeConfig config +where + not isExcluded(fc, Contracts7Package::doNotPassInvalidDataToTheAsctimeFunctionQuery()) and + not config.hasFlowToExpr(fc) +select fc, + "The function `asctime` and `asctime_r` should be discouraged. Unsanitized input can overflow the output buffer." diff --git a/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.md b/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.md new file mode 100644 index 0000000000..4b02f57f0f --- /dev/null +++ b/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.md @@ -0,0 +1,120 @@ +# MSC39-C: Do not call va_arg() on a va_list that has an indeterminate value + +This query implements the CERT-C rule MSC39-C: + +> Do not call va_arg() on a va_list that has an indeterminate value + + +## Description + +Variadic functions access their variable arguments by using `va_start()` to initialize an object of type `va_list`, iteratively invoking the `va_arg()` macro, and finally calling `va_end()`. The `va_list` may be passed as an argument to another function, but calling `va_arg()` within that function causes the `va_list` to have an [indeterminate value](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-indeterminatevalue) in the calling function. As a result, attempting to read variable arguments without reinitializing the `va_list` can have [unexpected behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-unexpectedbehavior). According to the C Standard, 7.16, paragraph 3 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\], + +> If access to the varying arguments is desired, the called function shall declare an object (generally referred to as `ap` in this subclause) having type `va_list`. The object `ap` may be passed as an argument to another function; if that function invokes the `va_arg` macro with parameter `ap`, the value of `ap` in the calling function is indeterminate and shall be passed to the `va_end` macro prior to any further reference to `ap`.253253) It is permitted to create a pointer to a `va_list` and pass that pointer to another function, in which case the original function may take further use of the original list after the other function returns. + + +## Noncompliant Code Example + +This noncompliant code example attempts to check that none of its variable arguments are zero by passing a `va_list` to helper function `contains_zero()`. After the call to `contains_zero()`, the value of `ap` is [indeterminate](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-indeterminatevalue). + +```cpp +#include +#include + +int contains_zero(size_t count, va_list ap) { + for (size_t i = 1; i < count; ++i) { + if (va_arg(ap, double) == 0.0) { + return 1; + } + } + return 0; +} + +int print_reciprocals(size_t count, ...) { + va_list ap; + va_start(ap, count); + + if (contains_zero(count, ap)) { + va_end(ap); + return 1; + } + + for (size_t i = 0; i < count; ++i) { + printf("%f ", 1.0 / va_arg(ap, double)); + } + + va_end(ap); + return 0; +} + +``` + +## Compliant Solution + +The compliant solution modifies `contains_zero()` to take a pointer to a `va_list`. It then uses the `va_copy` macro to make a copy of the list, traverses the copy, and cleans it up. Consequently, the `print_reciprocals()` function is free to traverse the original `va_list`. + +```cpp +#include +#include + +int contains_zero(size_t count, va_list *ap) { + va_list ap1; + va_copy(ap1, *ap); + for (size_t i = 1; i < count; ++i) { + if (va_arg(ap1, double) == 0.0) { + return 1; + } + } + va_end(ap1); + return 0; +} + +int print_reciprocals(size_t count, ...) { + int status; + va_list ap; + va_start(ap, count); + + if (contains_zero(count, &ap)) { + printf("0 in arguments!\n"); + status = 1; + } else { + for (size_t i = 0; i < count; i++) { + printf("%f ", 1.0 / va_arg(ap, double)); + } + printf("\n"); + status = 0; + } + + va_end(ap); + return status; +} + +``` + +## Risk Assessment + +Reading variable arguments using a `va_list` that has an [indeterminate value](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-indeterminatevalue) can have unexpected results. + +
    Rule Severity Likelihood Remediation Cost Priority Level
    MSC39-C Low Unlikely Low P3 L3
    + + +## Automated Detection + +
    Tool Version Checker Description
    CodeSonar 7.2p0 BADMACRO.STDARG_H Use of <stdarg.h> Feature
    Helix QAC 2022.4 C3497 C++3146, C++3147, C++3148, C++3149, C++3167
    Klocwork 2022.4 VA.LIST.INDETERMINATE
    Parasoft C/C++test 2022.2 CERT_C-MSC39-a Use macros for variable arguments correctly
    Polyspace Bug Finder R2022b CERT C: Rule MSC39-C Checks for: Invalid va_list argumentnvalid va_list argument, too many va_arg calls for current argument listoo many va_arg calls for current argument list. Rule partially covered.
    PRQA QA-C 9.7 3497 Enforced by QAC
    TrustInSoft Analyzer 1.38 variadic Exhaustively verified.
    + + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+MSC39-C). + +## Bibliography + +
    \[ ISO/IEC 9899:2011 \] Subclause 7.16, "Variable Arguments <stdarg.h> "
    + + +## Implementation notes + +None + +## References + +* CERT-C: [MSC39-C: Do not call va_arg() on a va_list that has an indeterminate value](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql b/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql new file mode 100644 index 0000000000..8e7f4c5119 --- /dev/null +++ b/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql @@ -0,0 +1,73 @@ +/** + * @id c/cert/do-not-call-va-arg-on-a-va-list-that-has-an-indeterminate-value + * @name MSC39-C: Do not call va_arg() on a va_list that has an indeterminate value + * @description Do not call va_arg() on a va_list that has an indeterminate value. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/cert/id/msc39-c + * correctness + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import codingstandards.cpp.Macro +import semmle.code.cpp.dataflow.DataFlow + +/** + * The argument of a call to `va_arg` + */ +class VaArgArg extends Expr { + VaArgArg() { this = any(MacroInvocation m | m.getMacroName() = ["va_arg"]).getExpr().getChild(0) } +} + +/** + * Dataflow configuration for flow from a library function + * to a call of function `asctime` + */ +class VaArgConfig extends DataFlow::Configuration { + VaArgConfig() { this = "VaArgConfig" } + + override predicate isSource(DataFlow::Node src) { + src.asUninitialized() = + any(VariableDeclarationEntry m | m.getType().hasName("va_list")).getVariable() + } + + override predicate isSink(DataFlow::Node sink) { sink.asExpr() instanceof VaArgArg } +} + +/** + * Controlflow nodes preceeding a call to `va_arg` + */ +ControlFlowNode preceedsFC(VaArgArg va_arg) { + result = va_arg + or + exists(ControlFlowNode mid | + result = mid.getAPredecessor() and + mid = preceedsFC(va_arg) and + // stop recursion on va_end on the same object + not result = + any(MacroInvocation m | + m.getMacroName() = ["va_end"] and + m.getExpr().getChild(0).(VariableAccess).getTarget() = va_arg.(VariableAccess).getTarget() + ).getExpr() + ) +} + +predicate sameSource(VaArgArg va_arg1, VaArgArg va_arg2) { + exists(VaArgConfig config, DataFlow::Node source | + config.hasFlow(source, DataFlow::exprNode(va_arg1)) and + config.hasFlow(source, DataFlow::exprNode(va_arg2)) + ) +} + +from VaArgArg va_arg1, VaArgArg va_arg2, FunctionCall fc +where + not isExcluded(va_arg1, + Contracts7Package::doNotCallVaArgOnAVaListThatHasAnIndeterminateValueQuery()) and + sameSource(va_arg1, va_arg2) and + fc = preceedsFC(va_arg1) and + fc.getTarget().calls*(va_arg2.getEnclosingFunction()) +select va_arg1, "The value of " + va_arg1.toString() + " is indeterminate after the $@.", fc, + fc.toString() diff --git a/c/cert/test/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.expected b/c/cert/test/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/cert/test/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/cert/test/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.qlref b/c/cert/test/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.qlref new file mode 100644 index 0000000000..86b5c9f0c3 --- /dev/null +++ b/c/cert/test/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.qlref @@ -0,0 +1 @@ +rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.ql \ No newline at end of file diff --git a/c/cert/test/rules/MSC33-C/test.c b/c/cert/test/rules/MSC33-C/test.c new file mode 100644 index 0000000000..09324c48f3 --- /dev/null +++ b/c/cert/test/rules/MSC33-C/test.c @@ -0,0 +1,37 @@ +#define __STDC_WANT_LIB_EXT1__ 1 +#include +#include + +void f1a(struct tm *time_tm) { + char *time = asctime(time_tm); // NON_COMPLIANT + /* ... */ +} + +void f1b() { + time_t ltime; + /* Get the time in seconds */ + time(<ime); + /* Convert it to the structure tm */ + struct tm *time_tm = localtime(<ime); + char *time = asctime(time_tm); // COMPLIANT +} + +enum { maxsize = 26 }; + +void f2(struct tm *time) { + char s[maxsize]; + /* Current time representation for locale */ + const char *format = "%c"; + + size_t size = strftime(s, maxsize, format, time); +} + +#ifdef __STDC_LIB_EXT1__ +void f3(struct tm *time_tm) { + char buffer[maxsize]; + + if (asctime_s(buffer, maxsize, &time_tm)) { + /* Handle error */ + } +} +#endif \ No newline at end of file diff --git a/c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.expected b/c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.qlref b/c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.qlref new file mode 100644 index 0000000000..0f33f99195 --- /dev/null +++ b/c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.qlref @@ -0,0 +1 @@ +rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql \ No newline at end of file diff --git a/c/cert/test/rules/MSC39-C/test.c b/c/cert/test/rules/MSC39-C/test.c new file mode 100644 index 0000000000..5e946da70e --- /dev/null +++ b/c/cert/test/rules/MSC39-C/test.c @@ -0,0 +1,105 @@ +#include +#include + +int contains_zero(size_t count, va_list ap) { + for (size_t i = 1; i < count; ++i) { + if (va_arg(ap, double) == 0.0) { // COMPLIANT + return 1; + } + } + return 0; +} + +int f1a(size_t count, ...) { + va_list ap; + va_start(ap, count); + + if (contains_zero(count, ap)) { + va_end(ap); + return 1; + } + + for (size_t i = 0; i < count; ++i) { + printf("%f ", 1.0 / va_arg(ap, double)); // NON_COMPLIANT + } + + va_end(ap); + return 0; +} + +int f1b(size_t count, ...) { + int status; + va_list ap; + va_start(ap, count); + + if (contains_zero(count, ap)) { + printf("0 in arguments!\n"); + status = 1; + } else { + va_end(ap); + va_start(ap, count); + for (size_t i = 0; i < count; i++) { + printf("%f ", 1.0 / va_arg(ap, double)); // COMPLIANT + } + printf("\n"); + status = 0; + } + + va_end(ap); + return status; +} + +int f1c(size_t count, ...) { + int status; + va_list ap; + va_list ap1; + va_start(ap, count); + + if (contains_zero(count, ap)) { + printf("0 in arguments!\n"); + status = 1; + } else { + va_end(ap1); // ending the wrong va_list object + va_start(ap1, count); + for (size_t i = 0; i < count; i++) { + printf("%f ", 1.0 / va_arg(ap, double)); // NON_COMPLIANT + } + printf("\n"); + status = 0; + } + + va_end(ap); + return status; +} + +int contains_zero_ok(size_t count, va_list *ap) { + va_list ap1; + va_copy(ap1, *ap); + for (size_t i = 1; i < count; ++i) { + if (va_arg(ap1, double) == 0.0) { // COMPLIANT + return 1; + } + } + va_end(ap1); + return 0; +} + +int print_reciprocals_ok(size_t count, ...) { + int status; + va_list ap; + va_start(ap, count); + + if (contains_zero_ok(count, &ap)) { + printf("0 in arguments!\n"); + status = 1; + } else { + for (size_t i = 0; i < count; i++) { + printf("%f ", 1.0 / va_arg(ap, double)); // COMPLIANT + } + printf("\n"); + status = 0; + } + + va_end(ap); + return status; +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts7.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts7.qll new file mode 100644 index 0000000000..e17345c861 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts7.qll @@ -0,0 +1,78 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype Contracts7Query = + TDoNotPassInvalidDataToTheAsctimeFunctionQuery() or + TDoNotCallVaArgOnAVaListThatHasAnIndeterminateValueQuery() or + TRightHandOperandOfAShiftRangeQuery() or + TObjectAssignedOrCopiedToAnOverlappingObjectQuery() + +predicate isContracts7QueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `doNotPassInvalidDataToTheAsctimeFunction` query + Contracts7Package::doNotPassInvalidDataToTheAsctimeFunctionQuery() and + queryId = + // `@id` for the `doNotPassInvalidDataToTheAsctimeFunction` query + "c/cert/do-not-pass-invalid-data-to-the-asctime-function" and + ruleId = "MSC33-C" and + category = "rule" + or + query = + // `Query` instance for the `doNotCallVaArgOnAVaListThatHasAnIndeterminateValue` query + Contracts7Package::doNotCallVaArgOnAVaListThatHasAnIndeterminateValueQuery() and + queryId = + // `@id` for the `doNotCallVaArgOnAVaListThatHasAnIndeterminateValue` query + "c/cert/do-not-call-va-arg-on-a-va-list-that-has-an-indeterminate-value" and + ruleId = "MSC39-C" and + category = "rule" + or + query = + // `Query` instance for the `rightHandOperandOfAShiftRange` query + Contracts7Package::rightHandOperandOfAShiftRangeQuery() and + queryId = + // `@id` for the `rightHandOperandOfAShiftRange` query + "c/misra/right-hand-operand-of-a-shift-range" and + ruleId = "RULE-12-2" and + category = "required" + or + query = + // `Query` instance for the `objectAssignedOrCopiedToAnOverlappingObject` query + Contracts7Package::objectAssignedOrCopiedToAnOverlappingObjectQuery() and + queryId = + // `@id` for the `objectAssignedOrCopiedToAnOverlappingObject` query + "c/misra/object-assigned-or-copied-to-an-overlapping-object" and + ruleId = "RULE-19-1" and + category = "mandatory" +} + +module Contracts7Package { + Query doNotPassInvalidDataToTheAsctimeFunctionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `doNotPassInvalidDataToTheAsctimeFunction` query + TQueryC(TContracts7PackageQuery(TDoNotPassInvalidDataToTheAsctimeFunctionQuery())) + } + + Query doNotCallVaArgOnAVaListThatHasAnIndeterminateValueQuery() { + //autogenerate `Query` type + result = + // `Query` type for `doNotCallVaArgOnAVaListThatHasAnIndeterminateValue` query + TQueryC(TContracts7PackageQuery(TDoNotCallVaArgOnAVaListThatHasAnIndeterminateValueQuery())) + } + + Query rightHandOperandOfAShiftRangeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `rightHandOperandOfAShiftRange` query + TQueryC(TContracts7PackageQuery(TRightHandOperandOfAShiftRangeQuery())) + } + + Query objectAssignedOrCopiedToAnOverlappingObjectQuery() { + //autogenerate `Query` type + result = + // `Query` type for `objectAssignedOrCopiedToAnOverlappingObject` query + TQueryC(TContracts7PackageQuery(TObjectAssignedOrCopiedToAnOverlappingObjectQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index 9dfb52fb84..13ab5ed8c6 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -15,6 +15,7 @@ import Contracts3 import Contracts4 import Contracts5 import Contracts6 +import Contracts7 import DeadCode import Declarations1 import Declarations2 @@ -66,6 +67,7 @@ newtype TCQuery = TContracts4PackageQuery(Contracts4Query q) or TContracts5PackageQuery(Contracts5Query q) or TContracts6PackageQuery(Contracts6Query q) or + TContracts7PackageQuery(Contracts7Query q) or TDeadCodePackageQuery(DeadCodeQuery q) or TDeclarations1PackageQuery(Declarations1Query q) or TDeclarations2PackageQuery(Declarations2Query q) or @@ -117,6 +119,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isContracts4QueryMetadata(query, queryId, ruleId, category) or isContracts5QueryMetadata(query, queryId, ruleId, category) or isContracts6QueryMetadata(query, queryId, ruleId, category) or + isContracts7QueryMetadata(query, queryId, ruleId, category) or isDeadCodeQueryMetadata(query, queryId, ruleId, category) or isDeclarations1QueryMetadata(query, queryId, ruleId, category) or isDeclarations2QueryMetadata(query, queryId, ruleId, category) or diff --git a/rule_packages/c/Contracts7.json b/rule_packages/c/Contracts7.json new file mode 100644 index 0000000000..ae8c0a4beb --- /dev/null +++ b/rule_packages/c/Contracts7.json @@ -0,0 +1,77 @@ +{ + "CERT-C": { + "MSC33-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "The data passed to the asctime() function is invalid. This can lead to buffer overflow.", + "kind": "problem", + "name": "Do not pass invalid data to the asctime() function", + "precision": "very-high", + "severity": "error", + "short_name": "DoNotPassInvalidDataToTheAsctimeFunction", + "tags": [ + "security", + "correctness" + ] + } + ], + "title": "Do not pass invalid data to the asctime() function" + }, + "MSC39-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Do not call va_arg() on a va_list that has an indeterminate value.", + "kind": "problem", + "name": "Do not call va_arg() on a va_list that has an indeterminate value", + "precision": "high", + "severity": "error", + "short_name": "DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue", + "tags": ["correctness"] + } + ], + "title": "Do not call va_arg() on a va_list that has an indeterminate value" + } + }, + "MISRA-C-2012": { + "RULE-12-2": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "The right hand operand of a shift operator shall lie in the range zero to one less than the width in bits of the essential type of the left hand operand", + "kind": "problem", + "name": "The right operand of a shift shall be smaller then the width in bits of the left operand", + "precision": "very-high", + "severity": "error", + "short_name": "RightHandOperandOfAShiftRange", + "tags": ["correctness"] + } + ], + "title": "The right hand operand of a shift operator shall lie in the range zero to one less than the width in bits of the essential type of the left hand operand" + }, + "RULE-19-1": { + "properties": { + "obligation": "mandatory" + }, + "queries": [ + { + "description": "An object shall not be assigned or copied to an overlapping object.", + "kind": "problem", + "name": "An object shall not be assigned or copied to an overlapping object", + "precision": "high", + "severity": "error", + "short_name": "ObjectAssignedOrCopiedToAnOverlappingObject", + "tags": ["correctness"] + } + ], + "title": "An object shall not be assigned or copied to an overlapping object" + } + } +} \ No newline at end of file diff --git a/rules.csv b/rules.csv index 36eea96801..d36f7f12c6 100644 --- a/rules.csv +++ b/rules.csv @@ -563,10 +563,10 @@ c,CERT-C,MEM35-C,Yes,Rule,,,Allocate sufficient memory for an object,,Memory2,Ve c,CERT-C,MEM36-C,Yes,Rule,,,Do not modify the alignment of objects by calling realloc(),,Memory2,Medium, c,CERT-C,MSC30-C,Yes,Rule,,,Do not use the rand() function for generating pseudorandom numbers,MSC50-CPP,Misc,Easy, c,CERT-C,MSC32-C,Yes,Rule,,,Properly seed pseudorandom number generators,MSC51-CPP,Misc,Easy, -c,CERT-C,MSC33-C,Yes,Rule,,,Do not pass invalid data to the asctime() function,,Contracts,Easy, +c,CERT-C,MSC33-C,Yes,Rule,,,Do not pass invalid data to the asctime() function,,Contracts7,Easy, c,CERT-C,MSC37-C,Yes,Rule,,,Ensure that control never reaches the end of a non-void function,,Misc,Easy, c,CERT-C,MSC38-C,Yes,Rule,,,Do not treat a predefined identifier as an object if it might only be implemented as a macro,M17-0-2,Preprocessor5,Medium, -c,CERT-C,MSC39-C,Yes,Rule,,,Do not call va_arg() on a va_list that has an indeterminate value,,Contracts,Hard, +c,CERT-C,MSC39-C,Yes,Rule,,,Do not call va_arg() on a va_list that has an indeterminate value,,Contracts7,Hard, c,CERT-C,MSC40-C,Yes,Rule,,,Do not violate constraints,,Contracts,Very Hard, c,CERT-C,MSC41-C,OutOfScope,Rule,,,Never hard code sensitive information,,,, c,CERT-C,POS30-C,OutOfScope,Rule,,,Use the readlink() function properly,,,, @@ -683,7 +683,7 @@ c,MISRA-C-2012,RULE-11-7,Yes,Required,,,A cast shall not be performed between po c,MISRA-C-2012,RULE-11-8,Yes,Required,,,A cast shall not remove any const or volatile qualification from the type pointed to by a pointer,,Pointers1,Easy, c,MISRA-C-2012,RULE-11-9,Yes,Required,,,The macro NULL shall be the only permitted form of integer null pointer constant,,Pointers1,Easy, c,MISRA-C-2012,RULE-12-1,Yes,Advisory,,,The precedence of operators within expressions should be made explicit,,SideEffects1,Medium, -c,MISRA-C-2012,RULE-12-2,Yes,Required,,,The right hand operand of a shift operator shall lie in the range zero to one less than the width in bits of the essential type of the left hand operand,,Contracts,Medium, +c,MISRA-C-2012,RULE-12-2,Yes,Required,,,The right hand operand of a shift operator shall lie in the range zero to one less than the width in bits of the essential type of the left hand operand,,Contracts7,Medium, c,MISRA-C-2012,RULE-12-3,Yes,Advisory,,,The comma operator should not be used,M5-18-1,Banned,Import, c,MISRA-C-2012,RULE-12-4,Yes,Advisory,,,Evaluation of constant expressions should not lead to unsigned integer wrap-around,INT30-C,Types,Easy, c,MISRA-C-2012,RULE-12-5,Yes,Mandatory,,,The sizeof operator shall not have an operand which is a function parameter declared as �array of type�,,Types,Medium, @@ -727,7 +727,7 @@ c,MISRA-C-2012,RULE-18-5,Yes,Advisory,,,Declarations should contain no more than c,MISRA-C-2012,RULE-18-6,Yes,Required,,,The address of an object with automatic storage shall not be copied to another object that persists after the first object has ceased to exist,M7-5-2,Pointers1,Import, c,MISRA-C-2012,RULE-18-7,Yes,Required,,,Flexible array members shall not be declared,,Declarations6,Medium, c,MISRA-C-2012,RULE-18-8,Yes,Required,,,Variable-length array types shall not be used,,Declarations7,Medium, -c,MISRA-C-2012,RULE-19-1,Yes,Mandatory,,,An object shall not be assigned or copied to an overlapping object,M0-2-1,Contracts,Hard, +c,MISRA-C-2012,RULE-19-1,Yes,Mandatory,,,An object shall not be assigned or copied to an overlapping object,M0-2-1,Contracts7,Hard, c,MISRA-C-2012,RULE-19-2,Yes,Advisory,,,The union keyword should not be used,A9-5-1,Banned,Import, c,MISRA-C-2012,RULE-20-1,Yes,Advisory,,,#include directives should only be preceded by preprocessor directives or comments,M16-0-1,Preprocessor1,Import, c,MISRA-C-2012,RULE-20-2,Yes,Required,,,"The ', "" or \ characters and the /* or // character sequences shall not occur in a header file name",A16-2-1,Preprocessor1,Import, From 3f386d445ce34a485cb216bd4dfc0cb4ea34c1a8 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 15 Mar 2023 01:34:02 +0100 Subject: [PATCH 0730/2573] Add expected files for MSC33-C and MSC39-C --- .../MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.expected | 2 +- ...DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.expected | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/c/cert/test/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.expected b/c/cert/test/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.expected index 2ec1a0ac6c..70d60c528a 100644 --- a/c/cert/test/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.expected +++ b/c/cert/test/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.expected @@ -1 +1 @@ -No expected results have yet been specified \ No newline at end of file +| test.c:6:24:6:30 | time_tm | The function `asctime` and `asctime_r` should be discouraged. Unsanitized input can overflow the output buffer. | diff --git a/c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.expected b/c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.expected index 2ec1a0ac6c..945d8579d7 100644 --- a/c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.expected +++ b/c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.expected @@ -1 +1,2 @@ -No expected results have yet been specified \ No newline at end of file +| test.c:23:32:23:33 | ap | The value of ap is indeterminate after the $@. | test.c:17:7:17:19 | call to contains_zero | call to contains_zero | +| test.c:65:34:65:35 | ap | The value of ap is indeterminate after the $@. | test.c:58:7:58:19 | call to contains_zero | call to contains_zero | From b47cfb206bc14c60f6ace3af0fbc51f91d9954bb Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 15 Mar 2023 01:36:19 +0100 Subject: [PATCH 0731/2573] Formatting Contracts7.json --- rule_packages/c/Contracts7.json | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/rule_packages/c/Contracts7.json b/rule_packages/c/Contracts7.json index ae8c0a4beb..da649defbc 100644 --- a/rule_packages/c/Contracts7.json +++ b/rule_packages/c/Contracts7.json @@ -32,7 +32,9 @@ "precision": "high", "severity": "error", "short_name": "DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue", - "tags": ["correctness"] + "tags": [ + "correctness" + ] } ], "title": "Do not call va_arg() on a va_list that has an indeterminate value" @@ -51,7 +53,9 @@ "precision": "very-high", "severity": "error", "short_name": "RightHandOperandOfAShiftRange", - "tags": ["correctness"] + "tags": [ + "correctness" + ] } ], "title": "The right hand operand of a shift operator shall lie in the range zero to one less than the width in bits of the essential type of the left hand operand" @@ -68,7 +72,9 @@ "precision": "high", "severity": "error", "short_name": "ObjectAssignedOrCopiedToAnOverlappingObject", - "tags": ["correctness"] + "tags": [ + "correctness" + ] } ], "title": "An object shall not be assigned or copied to an overlapping object" From 82c30130ba947d5a525bc67f3f5df79576cc14c8 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 15 Mar 2023 01:39:22 +0100 Subject: [PATCH 0732/2573] Formatting Contracts7.json --- rule_packages/c/Contracts7.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rule_packages/c/Contracts7.json b/rule_packages/c/Contracts7.json index da649defbc..f637aeb949 100644 --- a/rule_packages/c/Contracts7.json +++ b/rule_packages/c/Contracts7.json @@ -47,7 +47,7 @@ }, "queries": [ { - "description": "The right hand operand of a shift operator shall lie in the range zero to one less than the width in bits of the essential type of the left hand operand", + "description": "The right hand operand of a shift operator shall lie in the range zero to one less than the width in bits of the essential type of the left hand operand.", "kind": "problem", "name": "The right operand of a shift shall be smaller then the width in bits of the left operand", "precision": "very-high", From cbb54232cb9c8462d80bcc0b7de2e85e8733e226 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 15 Mar 2023 18:35:58 +0100 Subject: [PATCH 0733/2573] Fix compilation issue with qcc --- c/cert/test/rules/FIO38-C/test.c.qcc | 43 ++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) create mode 100644 c/cert/test/rules/FIO38-C/test.c.qcc diff --git a/c/cert/test/rules/FIO38-C/test.c.qcc b/c/cert/test/rules/FIO38-C/test.c.qcc new file mode 100644 index 0000000000..f1b3f616ca --- /dev/null +++ b/c/cert/test/rules/FIO38-C/test.c.qcc @@ -0,0 +1,43 @@ +#include + +int f1(void) { + FILE my_stdout = *stdout; // NON_COMPLIANT + return fputs("Hello, World!\n", &my_stdout); +} + +int f2(void) { + FILE *my_stdout; + my_stdout = stdout; // COMPLIANT + FILE my_stdout2 = *my_stdout; // NON_COMPLIANT + return fputs("Hello, World!\n", my_stdout); +} +int f2b(void) { + FILE *const *my_stdout; + my_stdout = &stdout; // COMPLIANT + FILE my_stdout2 = **my_stdout; // NON_COMPLIANT + return fputs("Hello, World!\n", *my_stdout); +} + +int f3(void) { + FILE my_stdout; + my_stdout = *stdout; // NON_COMPLIANT + return fputs("Hello, World!\n", &my_stdout); +} + +int f4(void) { + FILE *my_stdout; + my_stdout = fopen("file.txt", "w"); // COMPLIANT + return fputs("Hello, World!\n", my_stdout); +} + +int f5helper(FILE my_stdout) { return fputs("Hello, World!\n", &my_stdout); } +int f5(void) { + FILE *my_stdout = fopen("file.txt", "w"); // COMPLIANT + return f5helper(*my_stdout); // NON_COMPLIANT +} + +int f6helper(FILE *my_stdout) { return fputs("Hello, World!\n", my_stdout); } +int f6(void) { + FILE *my_stdout = fopen("file.txt", "w"); // COMPLIANT + return f6helper(my_stdout); // COMPLIANT +} From c1dac085a2f8726a0a21573368ea5ee301263b9c Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Wed, 15 Mar 2023 11:27:28 -0700 Subject: [PATCH 0734/2573] Augment A15-4-4 --- cpp/autosar/src/rules/A15-4-4/MissingNoExcept.ql | 4 +++- cpp/autosar/test/rules/A15-4-4/test.cpp | 8 +++++++- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/src/rules/A15-4-4/MissingNoExcept.ql b/cpp/autosar/src/rules/A15-4-4/MissingNoExcept.ql index 1857003826..1b0aa423af 100644 --- a/cpp/autosar/src/rules/A15-4-4/MissingNoExcept.ql +++ b/cpp/autosar/src/rules/A15-4-4/MissingNoExcept.ql @@ -31,5 +31,7 @@ where // Not compiler generated not f.isCompilerGenerated() and // The function is defined in this database - f.hasDefinition() + f.hasDefinition() and + // This function is not an overriden call operator of lambda expression + not exists(LambdaExpression lambda | lambda.getLambdaFunction() = f) select f, "Function " + f.getName() + " could be declared noexcept(true)." diff --git a/cpp/autosar/test/rules/A15-4-4/test.cpp b/cpp/autosar/test/rules/A15-4-4/test.cpp index 6834c7a8ce..f0b676373e 100644 --- a/cpp/autosar/test/rules/A15-4-4/test.cpp +++ b/cpp/autosar/test/rules/A15-4-4/test.cpp @@ -24,4 +24,10 @@ void test_indirect_throw() { // COMPLIANT - throws an exception indirectly class A { public: A() = delete; // COMPLIANT - deleted functions imply `noexcept(true)`. -}; \ No newline at end of file +}; + +/* Added for testing FP of embedded operator inside lambdas being reported */ +void lambda_example() noexcept { + auto with_capture = [=]() {}; + auto empty_capture = []() {}; +} \ No newline at end of file From a0a2615efce2578057e670694cb166d8ac959baa Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 10 Mar 2023 23:59:39 +0000 Subject: [PATCH 0735/2573] STR37-C: Handle macros in The commonly implements its APIs using either macros or functions or some combination of the two. Our query only assumed functions were used, whereas macros are practically used by both gcc and clang, and these can vary depending on compiler flags. The CharFunctions.qll library now provides a unified interface from which to get a unique expression for each use of an API in the library, hopefully regardless of whether it is a macro or a function. To do this we have had to hard code assumptions about the structure of the macros, however our matrix compiler testing should flag if these assumptions are broken with a particular version of a supported compiler. --- ...erHandlingFunctionsRepresentableAsUChar.ql | 17 ++- ...lingFunctionsRepresentableAsUChar.expected | 40 +++--- .../src/codingstandards/cpp/CharFunctions.qll | 118 ++++++++++++++---- 3 files changed, 124 insertions(+), 51 deletions(-) diff --git a/c/cert/src/rules/STR37-C/ToCharacterHandlingFunctionsRepresentableAsUChar.ql b/c/cert/src/rules/STR37-C/ToCharacterHandlingFunctionsRepresentableAsUChar.ql index cb742859cc..8dda9012d2 100644 --- a/c/cert/src/rules/STR37-C/ToCharacterHandlingFunctionsRepresentableAsUChar.ql +++ b/c/cert/src/rules/STR37-C/ToCharacterHandlingFunctionsRepresentableAsUChar.ql @@ -16,14 +16,11 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.CharFunctions -from FunctionCall fc, Expr arg +from UseOfToOrIsChar useOfCharAPI, Expr arg where - not isExcluded(fc, Strings2Package::toCharacterHandlingFunctionsRepresentableAsUCharQuery()) and - // examine all impacted functions - fc.getTarget() instanceof CToOrIsCharFunction and - arg = fc.getArgument(0).getFullyConverted() and - // report on cases where either the explicit or implicit cast - // on the parameter type is not unsigned - not arg.(CStyleCast).getExpr().getType() instanceof UnsignedCharType -select fc, "$@ to character-handling function may not be representable as an unsigned char.", arg, - "Argument" + not isExcluded(useOfCharAPI, + Strings2Package::toCharacterHandlingFunctionsRepresentableAsUCharQuery()) and + arg = useOfCharAPI.getConvertedArgument() and + not arg.getType() instanceof UnsignedCharType +select useOfCharAPI, + "$@ to character-handling function may not be representable as an unsigned char.", arg, "Argument" diff --git a/c/cert/test/rules/STR37-C/ToCharacterHandlingFunctionsRepresentableAsUChar.expected b/c/cert/test/rules/STR37-C/ToCharacterHandlingFunctionsRepresentableAsUChar.expected index b655289f4e..43008e02d0 100644 --- a/c/cert/test/rules/STR37-C/ToCharacterHandlingFunctionsRepresentableAsUChar.expected +++ b/c/cert/test/rules/STR37-C/ToCharacterHandlingFunctionsRepresentableAsUChar.expected @@ -1,28 +1,28 @@ -| test.c:7:3:7:9 | call to isalnum | $@ to character-handling function may not be representable as an unsigned char. | test.c:7:11:7:12 | (int)... | Argument | -| test.c:8:3:8:13 | call to isalpha | $@ to character-handling function may not be representable as an unsigned char. | test.c:8:11:8:12 | (int)... | Argument | -| test.c:10:3:10:9 | call to isblank | $@ to character-handling function may not be representable as an unsigned char. | test.c:10:11:10:12 | (int)... | Argument | -| test.c:11:3:11:9 | call to iscntrl | $@ to character-handling function may not be representable as an unsigned char. | test.c:11:11:11:12 | (int)... | Argument | -| test.c:12:3:12:13 | call to isdigit | $@ to character-handling function may not be representable as an unsigned char. | test.c:12:11:12:12 | (int)... | Argument | -| test.c:13:3:13:13 | call to isgraph | $@ to character-handling function may not be representable as an unsigned char. | test.c:13:11:13:12 | (int)... | Argument | -| test.c:14:3:14:13 | call to islower | $@ to character-handling function may not be representable as an unsigned char. | test.c:14:11:14:12 | (int)... | Argument | -| test.c:15:3:15:13 | call to isprint | $@ to character-handling function may not be representable as an unsigned char. | test.c:15:11:15:12 | (int)... | Argument | -| test.c:16:3:16:9 | call to ispunct | $@ to character-handling function may not be representable as an unsigned char. | test.c:16:11:16:12 | (int)... | Argument | -| test.c:17:3:17:13 | call to __isspace | $@ to character-handling function may not be representable as an unsigned char. | test.c:17:11:17:12 | (int)... | Argument | -| test.c:18:3:18:13 | call to isupper | $@ to character-handling function may not be representable as an unsigned char. | test.c:18:11:18:12 | (int)... | Argument | -| test.c:19:3:19:10 | call to isxdigit | $@ to character-handling function may not be representable as an unsigned char. | test.c:19:12:19:13 | (int)... | Argument | -| test.c:21:3:21:9 | call to toupper | $@ to character-handling function may not be representable as an unsigned char. | test.c:21:11:21:12 | (int)... | Argument | -| test.c:22:3:22:9 | call to tolower | $@ to character-handling function may not be representable as an unsigned char. | test.c:22:11:22:12 | (int)... | Argument | +| test.c:7:3:7:9 | call to isalnum | $@ to character-handling function may not be representable as an unsigned char. | test.c:7:11:7:12 | * ... | Argument | +| test.c:8:3:8:13 | isalpha(a) | $@ to character-handling function may not be representable as an unsigned char. | test.c:8:11:8:12 | * ... | Argument | +| test.c:10:3:10:9 | call to isblank | $@ to character-handling function may not be representable as an unsigned char. | test.c:10:11:10:12 | * ... | Argument | +| test.c:11:3:11:9 | call to iscntrl | $@ to character-handling function may not be representable as an unsigned char. | test.c:11:11:11:12 | * ... | Argument | +| test.c:12:3:12:13 | isdigit(a) | $@ to character-handling function may not be representable as an unsigned char. | test.c:12:3:12:13 | (...) | Argument | +| test.c:13:3:13:13 | isgraph(a) | $@ to character-handling function may not be representable as an unsigned char. | test.c:13:3:13:13 | (...) | Argument | +| test.c:14:3:14:13 | islower(a) | $@ to character-handling function may not be representable as an unsigned char. | test.c:14:3:14:13 | (...) | Argument | +| test.c:15:3:15:13 | isprint(a) | $@ to character-handling function may not be representable as an unsigned char. | test.c:15:3:15:13 | (...) | Argument | +| test.c:16:3:16:9 | call to ispunct | $@ to character-handling function may not be representable as an unsigned char. | test.c:16:11:16:12 | * ... | Argument | +| test.c:17:3:17:13 | call to __isspace | $@ to character-handling function may not be representable as an unsigned char. | test.c:17:11:17:12 | * ... | Argument | +| test.c:18:3:18:13 | isupper(a) | $@ to character-handling function may not be representable as an unsigned char. | test.c:18:3:18:13 | (...) | Argument | +| test.c:19:3:19:10 | call to isxdigit | $@ to character-handling function may not be representable as an unsigned char. | test.c:19:12:19:13 | * ... | Argument | +| test.c:21:3:21:9 | call to toupper | $@ to character-handling function may not be representable as an unsigned char. | test.c:21:11:21:12 | * ... | Argument | +| test.c:22:3:22:9 | call to tolower | $@ to character-handling function may not be representable as an unsigned char. | test.c:22:11:22:12 | * ... | Argument | | test.c:70:3:70:9 | call to isalnum | $@ to character-handling function may not be representable as an unsigned char. | test.c:70:11:70:11 | t | Argument | -| test.c:71:3:71:12 | call to isalpha | $@ to character-handling function may not be representable as an unsigned char. | test.c:71:11:71:11 | t | Argument | +| test.c:71:3:71:12 | isalpha(a) | $@ to character-handling function may not be representable as an unsigned char. | test.c:71:11:71:11 | t | Argument | | test.c:73:3:73:9 | call to isblank | $@ to character-handling function may not be representable as an unsigned char. | test.c:73:11:73:11 | t | Argument | | test.c:74:3:74:9 | call to iscntrl | $@ to character-handling function may not be representable as an unsigned char. | test.c:74:11:74:11 | t | Argument | -| test.c:75:3:75:12 | call to isdigit | $@ to character-handling function may not be representable as an unsigned char. | test.c:75:11:75:11 | t | Argument | -| test.c:76:3:76:12 | call to isgraph | $@ to character-handling function may not be representable as an unsigned char. | test.c:76:11:76:11 | t | Argument | -| test.c:77:3:77:12 | call to islower | $@ to character-handling function may not be representable as an unsigned char. | test.c:77:11:77:11 | t | Argument | -| test.c:78:3:78:12 | call to isprint | $@ to character-handling function may not be representable as an unsigned char. | test.c:78:11:78:11 | t | Argument | +| test.c:75:3:75:12 | isdigit(a) | $@ to character-handling function may not be representable as an unsigned char. | test.c:75:3:75:12 | (...) | Argument | +| test.c:76:3:76:12 | isgraph(a) | $@ to character-handling function may not be representable as an unsigned char. | test.c:76:3:76:12 | (...) | Argument | +| test.c:77:3:77:12 | islower(a) | $@ to character-handling function may not be representable as an unsigned char. | test.c:77:3:77:12 | (...) | Argument | +| test.c:78:3:78:12 | isprint(a) | $@ to character-handling function may not be representable as an unsigned char. | test.c:78:3:78:12 | (...) | Argument | | test.c:79:3:79:9 | call to ispunct | $@ to character-handling function may not be representable as an unsigned char. | test.c:79:11:79:11 | t | Argument | | test.c:80:3:80:12 | call to __isspace | $@ to character-handling function may not be representable as an unsigned char. | test.c:80:11:80:11 | t | Argument | -| test.c:81:3:81:12 | call to isupper | $@ to character-handling function may not be representable as an unsigned char. | test.c:81:11:81:11 | t | Argument | +| test.c:81:3:81:12 | isupper(a) | $@ to character-handling function may not be representable as an unsigned char. | test.c:81:3:81:12 | (...) | Argument | | test.c:82:3:82:10 | call to isxdigit | $@ to character-handling function may not be representable as an unsigned char. | test.c:82:12:82:12 | t | Argument | | test.c:84:3:84:9 | call to toupper | $@ to character-handling function may not be representable as an unsigned char. | test.c:84:11:84:11 | t | Argument | | test.c:85:3:85:9 | call to tolower | $@ to character-handling function may not be representable as an unsigned char. | test.c:85:11:85:11 | t | Argument | diff --git a/cpp/common/src/codingstandards/cpp/CharFunctions.qll b/cpp/common/src/codingstandards/cpp/CharFunctions.qll index 352f61858c..7f69c353e5 100644 --- a/cpp/common/src/codingstandards/cpp/CharFunctions.qll +++ b/cpp/common/src/codingstandards/cpp/CharFunctions.qll @@ -1,31 +1,107 @@ import cpp -/** - * Models a class of functions that are either testers of characters - * or standard library conversion functions. - */ -class CToOrIsCharFunction extends Function { - CToOrIsCharFunction() { - this instanceof CIsCharFunction or - this instanceof CToCharFunction - } +private string getCToOrIsName() { + result = + [ + "isalnum", "isalpha", "isascii", "isblank", "iscntrl", "isdigit", "isgraph", "islower", + "isprint", "ispunct", "isspace", "isupper", "isxdigit", "__isspace", "toascii", "toupper", + "tolower" + ] } /** - * Models a class of functions that test characters. + * A use of one of the APIs in the `` header that test or convert characters. + * + * Note: these operations are commonly implemented as either function or a macro. This class + * abstracts away from those details, providing a `getConvertedArgument` predicate to get the + * argument after any conversions specified by the user, excluding any conversions induced by + * the structure of the macro, or */ -class CIsCharFunction extends Function { - CIsCharFunction() { - getName() in [ - "isalnum", "isalpha", "isascii", "isblank", "iscntrl", "isdigit", "isgraph", "islower", - "isprint", "ispunct", "isspace", "isupper", "isxdigit", "__isspace" - ] +abstract class UseOfToOrIsChar extends Element { + /** */ + abstract Expr getConvertedArgument(); +} + +private class CToOrIsCharFunctionCall extends FunctionCall, UseOfToOrIsChar { + CToOrIsCharFunctionCall() { + getTarget().getName() = getCToOrIsName() and + // Some library implementations, such as musl, include a "dead" call to the same function + // that has also been implemented as a macro, in order to retain the right types. We exclude + // this call because it does not appear in the control flow or data flow graph. However, + // isspace directly calls __isspace, which is allowed + ( + getTarget().getName() = "__isspace" or + not any(CToOrIsCharMacroInvocation mi).getAnExpandedElement() = this + ) } + + override Expr getConvertedArgument() { result = getArgument(0).getExplicitlyConverted() } } -/** - * Models a class of functions convert characters. - */ -class CToCharFunction extends Function { - CToCharFunction() { getName() in ["toascii", "toupper", "tolower"] } +private class CToOrIsCharMacroInvocation extends MacroInvocation, UseOfToOrIsChar { + CToOrIsCharMacroInvocation() { getMacroName() = getCToOrIsName() } + + override Expr getConvertedArgument() { + /* + * There is no common approach to how the macros are defined, so we handle + * each compiler/library case individually. Fortunately, there's no conflict + * between different compilers. + */ + + // For the "is" APIs, if clang and gcc use a macro, then it expands to an + // array access on the left hand side of an & + exists(ArrayExpr ae | ae = getExpr().(BitwiseAndExpr).getLeftOperand() | + // Casted to an explicit (int), so we want unwind only a single conversion + result = ae.getArrayOffset().getFullyConverted().(Conversion).getExpr() + ) + or + // For the tolower/toupper cases, a secondary macro is expanded + exists(MacroInvocation mi | + mi.getParentInvocation() = this and + mi.getMacroName() = "__tobody" + | + /* + * tolower and toupper can be defined by macros which: + * - if the size of the type is greater than 1 + * - then check if it's a compile time constant + * - then use c < -128 || c > 255 ? c : (a)[c] + * - else call the function + * - else (a)[c] + */ + + exists(ArrayExpr ae | + ae = mi.getAnExpandedElement() and + result = ae.getArrayOffset() and + // There are two array access, but only one should be reachable + result.getBasicBlock().isReachable() + ) + or + exists(ConditionalExpr ce | + ce = mi.getAnExpandedElement() and + result = ce.getThen() and + result.getBasicBlock().isReachable() + ) + ) + or + // musl uses a conditional expression as the expansion + exists(ConditionalExpr ce | ce = getExpr() | + // for most macro expansions, the else is a subtraction inside a `<` + exists(SubExpr s | + not getMacroName() = "isalpha" and + s = ce.getElse().(LTExpr).getLeftOperand() and + // Casted to an explicit (int), so we want unwind only a single conversion + result = s.getLeftOperand().getFullyConverted().(Conversion).getExpr() + ) + or + // for isalpha, the else is a bitwise or inside a subtraction inside a `<` + exists(BitwiseOrExpr bo | + // Casted to an explicit (unsigned) + getMacroName() = "isalpha" and + bo = ce.getElse().(LTExpr).getLeftOperand().(SubExpr).getLeftOperand() and + // Casted to an explicit (int), so we want unwind only a single conversion + result = + bo.getLeftOperand().getFullyConverted().(Conversion).getExpr().(ParenthesisExpr).getExpr() + ) + ) + } } From 6d477c036485cb84fca577be52136e7b4f63a12b Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Wed, 15 Mar 2023 14:03:16 -0700 Subject: [PATCH 0736/2573] remove an empty comment --- cpp/common/src/codingstandards/cpp/CharFunctions.qll | 1 - 1 file changed, 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/CharFunctions.qll b/cpp/common/src/codingstandards/cpp/CharFunctions.qll index 7f69c353e5..bb47f77101 100644 --- a/cpp/common/src/codingstandards/cpp/CharFunctions.qll +++ b/cpp/common/src/codingstandards/cpp/CharFunctions.qll @@ -18,7 +18,6 @@ private string getCToOrIsName() { * the structure of the macro, or */ abstract class UseOfToOrIsChar extends Element { - /** */ abstract Expr getConvertedArgument(); } From 9e60a8ff7d8d3dae8b0c880f535e01e28a333662 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Wed, 15 Mar 2023 14:21:27 -0700 Subject: [PATCH 0737/2573] Use UseOfToOrIsChar from CharFunctions --- .../CtypeFunctionArgNotUnsignedCharOrEof.ql | 19 ++++++------------- 1 file changed, 6 insertions(+), 13 deletions(-) diff --git a/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql b/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql index e11c882ab1..ba8d8ed620 100644 --- a/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql +++ b/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql @@ -12,26 +12,19 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.ReadErrorsAndEOF +import codingstandards.cpp.CharFunctions import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis -class CtypeFunction extends Function { - CtypeFunction() { this.getADeclaration().getAFile().(HeaderFile).getBaseName() = "ctype.h" } -} - -from FunctionCall ctypeCall +from UseOfToOrIsChar ctypeCall where not isExcluded(ctypeCall, StandardLibraryFunctionTypesPackage::ctypeFunctionArgNotUnsignedCharOrEofQuery()) and - not exists(CtypeFunction ctype, Expr ctypeCallArgument | - ctype = ctypeCall.getTarget() and - ctypeCallArgument = ctypeCall.getAnArgument().getExplicitlyConverted() + not exists(Expr ctypeCallArgument | + ctypeCallArgument = ctypeCall.getConvertedArgument().getExplicitlyConverted() | /* The argument's value should be in the EOF + `unsigned char` range. */ -1 <= lowerBound(ctypeCallArgument) and upperBound(ctypeCallArgument) <= 255 - ) and - /* Only report control flow that is feasible (to avoid functions implemented as macro). */ - ctypeCall.getBasicBlock().isReachable() + ) select ctypeCall, "The function " + ctypeCall + " accepts an argument " + - ctypeCall.getAnArgument().toString() + " that is not an unsigned char nor an EOF." + ctypeCall.getConvertedArgument().toString() + " that is not an unsigned char nor an EOF." From 7ee8379b3067147b2328a1ea59f51daab82ae881 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Wed, 15 Mar 2023 14:25:48 -0700 Subject: [PATCH 0738/2573] Remove redundant predicate uses --- .../RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql b/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql index ba8d8ed620..70ec91e3c1 100644 --- a/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql +++ b/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql @@ -19,12 +19,10 @@ from UseOfToOrIsChar ctypeCall where not isExcluded(ctypeCall, StandardLibraryFunctionTypesPackage::ctypeFunctionArgNotUnsignedCharOrEofQuery()) and - not exists(Expr ctypeCallArgument | - ctypeCallArgument = ctypeCall.getConvertedArgument().getExplicitlyConverted() - | + not exists(Expr ctypeCallArgument | ctypeCallArgument = ctypeCall.getConvertedArgument() | /* The argument's value should be in the EOF + `unsigned char` range. */ -1 <= lowerBound(ctypeCallArgument) and upperBound(ctypeCallArgument) <= 255 ) select ctypeCall, - "The function " + ctypeCall + " accepts an argument " + - ctypeCall.getConvertedArgument().toString() + " that is not an unsigned char nor an EOF." + "The function " + ctypeCall + " accepts an argument " + ctypeCall.getConvertedArgument() + + " that is not an unsigned char nor an EOF." From 3df370aebdfb74d234f8e0edb20023c2dde6690c Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 15 Mar 2023 22:48:10 +0100 Subject: [PATCH 0739/2573] Update test.c.qcc --- c/cert/test/rules/FIO38-C/test.c.qcc | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/c/cert/test/rules/FIO38-C/test.c.qcc b/c/cert/test/rules/FIO38-C/test.c.qcc index f1b3f616ca..45b1dcbde4 100644 --- a/c/cert/test/rules/FIO38-C/test.c.qcc +++ b/c/cert/test/rules/FIO38-C/test.c.qcc @@ -1,4 +1,11 @@ #include +// Workaround for the Musl implementing FILE as an incomplete type. +#if !defined(__DEFINED_struct__IO_FILE) +struct _IO_FILE { + char __x; +}; +#define __DEFINED_struct__IO_FILE +#endif int f1(void) { FILE my_stdout = *stdout; // NON_COMPLIANT @@ -13,7 +20,7 @@ int f2(void) { } int f2b(void) { FILE *const *my_stdout; - my_stdout = &stdout; // COMPLIANT + // my_stdout = &stdout; // does not compile in qcc FILE my_stdout2 = **my_stdout; // NON_COMPLIANT return fputs("Hello, World!\n", *my_stdout); } From d4adaa59dd6370475537b603b06be37f015f2e4d Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Wed, 15 Mar 2023 16:16:57 -0700 Subject: [PATCH 0740/2573] Augment A2-7-3 Remove testing of lambdas completely by removing the `and not ...` part. --- cpp/autosar/src/rules/A2-7-3/UndocumentedUserDefinedType.ql | 4 +--- .../test/rules/A2-7-3/UndocumentedUserDefinedType.expected | 1 - cpp/autosar/test/rules/A2-7-3/test.cpp | 4 ++-- 3 files changed, 3 insertions(+), 6 deletions(-) diff --git a/cpp/autosar/src/rules/A2-7-3/UndocumentedUserDefinedType.ql b/cpp/autosar/src/rules/A2-7-3/UndocumentedUserDefinedType.ql index 54925718f2..247f3ef2a1 100644 --- a/cpp/autosar/src/rules/A2-7-3/UndocumentedUserDefinedType.ql +++ b/cpp/autosar/src/rules/A2-7-3/UndocumentedUserDefinedType.ql @@ -36,9 +36,7 @@ class DocumentableDeclaration extends Declaration { // Exclude instantiated template functions, which cannot reasonably be documented. not this.(Function).isFromTemplateInstantiation(_) and // Exclude anonymous lambda functions. - not exists(LambdaExpression lc | - lc.getLambdaFunction() = this and not lc.getEnclosingElement() instanceof Initializer - ) + not exists(LambdaExpression lc | lc.getLambdaFunction() = this) or this instanceof MemberVariable and declarationType = "member variable" and diff --git a/cpp/autosar/test/rules/A2-7-3/UndocumentedUserDefinedType.expected b/cpp/autosar/test/rules/A2-7-3/UndocumentedUserDefinedType.expected index 77ede66305..0ae42152f7 100644 --- a/cpp/autosar/test/rules/A2-7-3/UndocumentedUserDefinedType.expected +++ b/cpp/autosar/test/rules/A2-7-3/UndocumentedUserDefinedType.expected @@ -6,5 +6,4 @@ | test.cpp:78:6:78:6 | declaration of d | Declaration entry for function d is missing documentation. | | test.cpp:81:6:81:6 | definition of e | Declaration entry for function e is missing documentation. | | test.cpp:88:1:88:30 | definition of message_to_string_undocumented | Declaration entry for function message_to_string_undocumented is missing documentation. | -| test.cpp:113:14:113:14 | definition of operator() | Declaration entry for function operator() is missing documentation. | | test.cpp:160:21:160:24 | definition of kBar | Declaration entry for member variable kBar is missing documentation. | diff --git a/cpp/autosar/test/rules/A2-7-3/test.cpp b/cpp/autosar/test/rules/A2-7-3/test.cpp index b467e05c80..bc174d918d 100644 --- a/cpp/autosar/test/rules/A2-7-3/test.cpp +++ b/cpp/autosar/test/rules/A2-7-3/test.cpp @@ -110,7 +110,7 @@ std::string template_function_test() { // COMPLIANT /// @brief function assigned_lambda_test. int assigned_lambda_test() { - auto l = [](int x, int y) { return x + y; }; // NON_COMPLIANT + auto l = [](int x, int y) { return x + y; }; // COMPLIANT: We exclude lambdas. return l(2, 3); } @@ -160,4 +160,4 @@ template class A2_7_3 final { const std::string kBar{"bar"}; // NON_COMPLIANT }; /// @brief This is the instantiateA2_7_3 documentation -void instantiateA2_7_3() { A2_7_3 instance; } +void instantiateA2_7_3() { A2_7_3 instance; } \ No newline at end of file From 58f134f2701c51feb5f470b87acc14adf2e6a421 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Wed, 15 Mar 2023 17:13:27 -0700 Subject: [PATCH 0741/2573] Minor comment --- cpp/autosar/src/rules/A15-4-4/MissingNoExcept.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/src/rules/A15-4-4/MissingNoExcept.ql b/cpp/autosar/src/rules/A15-4-4/MissingNoExcept.ql index 1b0aa423af..0226c20d30 100644 --- a/cpp/autosar/src/rules/A15-4-4/MissingNoExcept.ql +++ b/cpp/autosar/src/rules/A15-4-4/MissingNoExcept.ql @@ -32,6 +32,6 @@ where not f.isCompilerGenerated() and // The function is defined in this database f.hasDefinition() and - // This function is not an overriden call operator of lambda expression + // This function is not an overriden call operator of a lambda expression not exists(LambdaExpression lambda | lambda.getLambdaFunction() = f) select f, "Function " + f.getName() + " could be declared noexcept(true)." From 3fc1125c8d3fa4357fb770464340e3f5ce13ba5b Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 16 Mar 2023 01:39:01 +0100 Subject: [PATCH 0742/2573] RULE-12-2 --- .../RightHandOperandOfAShiftRange.ql | 32 +++++++++++++++++++ .../RightHandOperandOfAShiftRange.expected | 7 ++++ .../RightHandOperandOfAShiftRange.qlref | 1 + c/misra/test/rules/RULE-12-2/test.c | 25 +++++++++++++++ 4 files changed, 65 insertions(+) create mode 100644 c/misra/src/rules/RULE-12-2/RightHandOperandOfAShiftRange.ql create mode 100644 c/misra/test/rules/RULE-12-2/RightHandOperandOfAShiftRange.expected create mode 100644 c/misra/test/rules/RULE-12-2/RightHandOperandOfAShiftRange.qlref create mode 100644 c/misra/test/rules/RULE-12-2/test.c diff --git a/c/misra/src/rules/RULE-12-2/RightHandOperandOfAShiftRange.ql b/c/misra/src/rules/RULE-12-2/RightHandOperandOfAShiftRange.ql new file mode 100644 index 0000000000..7a5ce784ff --- /dev/null +++ b/c/misra/src/rules/RULE-12-2/RightHandOperandOfAShiftRange.ql @@ -0,0 +1,32 @@ +/** + * @id c/misra/right-hand-operand-of-a-shift-range + * @name RULE-12-2: The right operand of a shift shall be smaller then the width in bits of the left operand + * @description The right hand operand of a shift operator shall lie in the range zero to one less + * than the width in bits of the essential type of the left hand operand + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-12-2 + * correctness + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.c.misra.EssentialTypes +import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis + +class ShiftExpr extends BinaryBitwiseOperation { + ShiftExpr() { this instanceof LShiftExpr or this instanceof RShiftExpr } +} + +from ShiftExpr e, Expr right, int max_val +where + not isExcluded(right, Contracts7Package::rightHandOperandOfAShiftRangeQuery()) and + right = e.getRightOperand().getFullyConverted() and + max_val = (8 * getEssentialType(e.getLeftOperand()).getSize()) - 1 and + ( + lowerBound(right) < 0 or + upperBound(right) > max_val + ) +select right, "The shift right hand operand shall lie in the range 0 to " + max_val + "." diff --git a/c/misra/test/rules/RULE-12-2/RightHandOperandOfAShiftRange.expected b/c/misra/test/rules/RULE-12-2/RightHandOperandOfAShiftRange.expected new file mode 100644 index 0000000000..f02d43d761 --- /dev/null +++ b/c/misra/test/rules/RULE-12-2/RightHandOperandOfAShiftRange.expected @@ -0,0 +1,7 @@ +| test.c:8:10:8:10 | 8 | The shift right hand operand shall lie in the range 0 to 7. | +| test.c:10:10:10:14 | ... + ... | The shift right hand operand shall lie in the range 0 to 7. | +| test.c:11:10:11:14 | ... + ... | The shift right hand operand shall lie in the range 0 to 7. | +| test.c:15:9:15:9 | 8 | The shift right hand operand shall lie in the range 0 to 7. | +| test.c:20:9:20:10 | 64 | The shift right hand operand shall lie in the range 0 to 63. | +| test.c:23:10:23:11 | 10 | The shift right hand operand shall lie in the range 0 to 7. | +| test.c:24:10:24:11 | 64 | The shift right hand operand shall lie in the range 0 to 7. | diff --git a/c/misra/test/rules/RULE-12-2/RightHandOperandOfAShiftRange.qlref b/c/misra/test/rules/RULE-12-2/RightHandOperandOfAShiftRange.qlref new file mode 100644 index 0000000000..4012a02734 --- /dev/null +++ b/c/misra/test/rules/RULE-12-2/RightHandOperandOfAShiftRange.qlref @@ -0,0 +1 @@ +rules/RULE-12-2/RightHandOperandOfAShiftRange.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-12-2/test.c b/c/misra/test/rules/RULE-12-2/test.c new file mode 100644 index 0000000000..259081ce88 --- /dev/null +++ b/c/misra/test/rules/RULE-12-2/test.c @@ -0,0 +1,25 @@ +#include + +void f1() { + uint8_t ui8; + int b = 4; + + ui8 << 7; // COMPLIANT + ui8 >> 8; // NON_COMPLIANT + ui8 << 3 + 3; // COMPLIANT + ui8 >> 4 + b; // NON_COMPLIANT + ui8 << b + b; // NON_COMPLIANT + (uint16_t) ui8 << 9; // COMPLIANT + + // 0u essential type is essentially unsigned char + 0u << 8; // NON_COMPLIANT + (uint16_t)0u << 8; // COMPLIANT + + unsigned long ul; + ul << 10; // COMPLIANT + ul << 64; // NON_COMPLIANT + + // 1UL essential type is essentially unsigned long + 1UL << 10; // COMPLIANT(FALSE_POSITIVE) + 1UL << 64; // NON_COMPLIANT +} From b0e4c98f6413e8a04d87894245b8c9c18a6cb947 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 16 Mar 2023 01:46:33 +0100 Subject: [PATCH 0743/2573] Fix typos --- c/cert/test/rules/FIO42-C/test.c | 2 +- c/misra/test/rules/RULE-12-2/test.c | 2 +- cpp/autosar/test/rules/A18-5-3/test.cpp | 2 +- cpp/autosar/test/rules/M0-1-2/test.cpp | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/c/cert/test/rules/FIO42-C/test.c b/c/cert/test/rules/FIO42-C/test.c index 9efafb68a8..a3ba27ce9f 100644 --- a/c/cert/test/rules/FIO42-C/test.c +++ b/c/cert/test/rules/FIO42-C/test.c @@ -82,7 +82,7 @@ int closing_helper(FILE *g) { return 0; } int f2inter(const char *filename) { - FILE *f = fopen(filename, "r"); // COMPLIANT (FALSE_POSITIVE) + FILE *f = fopen(filename, "r"); // COMPLIANT[FALSE_POSITIVE] if (NULL == f) { return -1; } diff --git a/c/misra/test/rules/RULE-12-2/test.c b/c/misra/test/rules/RULE-12-2/test.c index 259081ce88..78de7fe059 100644 --- a/c/misra/test/rules/RULE-12-2/test.c +++ b/c/misra/test/rules/RULE-12-2/test.c @@ -20,6 +20,6 @@ void f1() { ul << 64; // NON_COMPLIANT // 1UL essential type is essentially unsigned long - 1UL << 10; // COMPLIANT(FALSE_POSITIVE) + 1UL << 10; // COMPLIANT[FALSE_POSITIVE] 1UL << 64; // NON_COMPLIANT } diff --git a/cpp/autosar/test/rules/A18-5-3/test.cpp b/cpp/autosar/test/rules/A18-5-3/test.cpp index 85fbbd8db8..9245681435 100644 --- a/cpp/autosar/test/rules/A18-5-3/test.cpp +++ b/cpp/autosar/test/rules/A18-5-3/test.cpp @@ -41,7 +41,7 @@ void test_single_array_item(bool do_array_delete) { c_ptr_array[5] = new char; if (do_array_delete) { - delete[] c_ptr_array[5]; // NON_COMPLIANT [FALSE_NEGATIVE] + delete[] c_ptr_array[5]; // NON_COMPLIANT[FALSE_NEGATIVE] } else { delete c_ptr_array[5]; // COMPLIANT } diff --git a/cpp/autosar/test/rules/M0-1-2/test.cpp b/cpp/autosar/test/rules/M0-1-2/test.cpp index f75c52ea52..2ec7b01188 100644 --- a/cpp/autosar/test/rules/M0-1-2/test.cpp +++ b/cpp/autosar/test/rules/M0-1-2/test.cpp @@ -73,7 +73,7 @@ void test_break(int a) { return; } void test_infeasible_break(unsigned int a) { - while (true) { // NON_COMPLIANT(FALSE_NEGATIVE) + while (true) { // NON_COMPLIANT[FALSE_NEGATIVE] if (a < 0U) // NON_COMPLIANT - the comparison is always false break; From abe99ba767695c96024f6abce2547441ade3b2c6 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 16 Mar 2023 02:03:04 +0100 Subject: [PATCH 0744/2573] Fix typo --- c/misra/src/rules/RULE-12-2/RightHandOperandOfAShiftRange.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/misra/src/rules/RULE-12-2/RightHandOperandOfAShiftRange.ql b/c/misra/src/rules/RULE-12-2/RightHandOperandOfAShiftRange.ql index 7a5ce784ff..a57c7823db 100644 --- a/c/misra/src/rules/RULE-12-2/RightHandOperandOfAShiftRange.ql +++ b/c/misra/src/rules/RULE-12-2/RightHandOperandOfAShiftRange.ql @@ -2,7 +2,7 @@ * @id c/misra/right-hand-operand-of-a-shift-range * @name RULE-12-2: The right operand of a shift shall be smaller then the width in bits of the left operand * @description The right hand operand of a shift operator shall lie in the range zero to one less - * than the width in bits of the essential type of the left hand operand + * than the width in bits of the essential type of the left hand operand. * @kind problem * @precision very-high * @problem.severity error From 9dc1879d958f8daefbcf4db1429333c80cbdcdd7 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Wed, 15 Mar 2023 18:37:31 -0700 Subject: [PATCH 0745/2573] Add change notes for this batch --- change_notes/2023-03-15-fix-reported-fp-for-A0-1-1.md | 2 ++ change_notes/2023-03-15-fix-reported-fp-for-A15-4-4.md | 2 ++ change_notes/2023-03-15-fix-reported-fp-for-A2-7-3.md | 2 ++ change_notes/2023-03-15-fix-reported-fp-for-A5-2-6.md | 2 ++ 4 files changed, 8 insertions(+) create mode 100644 change_notes/2023-03-15-fix-reported-fp-for-A0-1-1.md create mode 100644 change_notes/2023-03-15-fix-reported-fp-for-A15-4-4.md create mode 100644 change_notes/2023-03-15-fix-reported-fp-for-A2-7-3.md create mode 100644 change_notes/2023-03-15-fix-reported-fp-for-A5-2-6.md diff --git a/change_notes/2023-03-15-fix-reported-fp-for-A0-1-1.md b/change_notes/2023-03-15-fix-reported-fp-for-A0-1-1.md new file mode 100644 index 0000000000..0f9960eb5e --- /dev/null +++ b/change_notes/2023-03-15-fix-reported-fp-for-A0-1-1.md @@ -0,0 +1,2 @@ +- `A0-1-1` - `UselessAssignment.ql`: + - Exclude cases where an access to a variable's field or member was not considered as a valid use of the variable. diff --git a/change_notes/2023-03-15-fix-reported-fp-for-A15-4-4.md b/change_notes/2023-03-15-fix-reported-fp-for-A15-4-4.md new file mode 100644 index 0000000000..c7cb61d2c9 --- /dev/null +++ b/change_notes/2023-03-15-fix-reported-fp-for-A15-4-4.md @@ -0,0 +1,2 @@ +- `A15-4-4` - `MissingNoExcept.ql` + - Exclude call operators embedded in a lambda expression from functions to be declared `noexcept` or `noexcept(false)`. diff --git a/change_notes/2023-03-15-fix-reported-fp-for-A2-7-3.md b/change_notes/2023-03-15-fix-reported-fp-for-A2-7-3.md new file mode 100644 index 0000000000..ce98bab27a --- /dev/null +++ b/change_notes/2023-03-15-fix-reported-fp-for-A2-7-3.md @@ -0,0 +1,2 @@ +- `A2-7-3` - `UndocumentedUserDefinedType.ql`: + - Exclude lambda functions from program elements to be documented. diff --git a/change_notes/2023-03-15-fix-reported-fp-for-A5-2-6.md b/change_notes/2023-03-15-fix-reported-fp-for-A5-2-6.md new file mode 100644 index 0000000000..eb54c71131 --- /dev/null +++ b/change_notes/2023-03-15-fix-reported-fp-for-A5-2-6.md @@ -0,0 +1,2 @@ +- `A5-2-6` - `OperandsOfALogicalAndOrNotParenthesized.ql`: + - Exclude deferencing field accessor (`->`) and field accessor (`.`) from binary operators in question. From c2e7fa09fa79cc2b8158ddda3028c11d536c6229 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Thu, 16 Mar 2023 11:39:37 +0100 Subject: [PATCH 0746/2573] Update FIO32-C with the latest version of the query from CodeQL The update is required due to changes in the dataflow library in CodeQL version 2.12.5. --- .../DoNotPerformFileOperationsOnDevices.ql | 63 +++++-------------- ...NotPerformFileOperationsOnDevices.expected | 4 +- 2 files changed, 17 insertions(+), 50 deletions(-) diff --git a/c/cert/src/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.ql b/c/cert/src/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.ql index 88cc11ef80..89e1f9e133 100644 --- a/c/cert/src/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.ql +++ b/c/cert/src/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.ql @@ -14,10 +14,10 @@ import cpp import codingstandards.c.cert import semmle.code.cpp.security.FunctionWithWrappers -import semmle.code.cpp.security.Security +import semmle.code.cpp.security.FlowSources import semmle.code.cpp.ir.IR import semmle.code.cpp.ir.dataflow.TaintTracking -import DataFlow::PathGraph +import TaintedPath::PathGraph // Query TaintedPath.ql from the CodeQL standard library /** @@ -46,22 +46,6 @@ class FileFunction extends FunctionWithWrappers { override predicate interestingArg(int arg) { arg = 0 } } -Expr asSourceExpr(DataFlow::Node node) { - result = node.asConvertedExpr() - or - result = node.asDefiningArgument() -} - -Expr asSinkExpr(DataFlow::Node node) { - result = - node.asOperand() - .(SideEffectOperand) - .getUse() - .(ReadSideEffectInstruction) - .getArgumentDef() - .getUnconvertedResultExpression() -} - /** * Holds for a variable that has any kind of upper-bound check anywhere in the program. * This is biased towards being inclusive and being a coarse overapproximation because @@ -85,20 +69,16 @@ predicate hasUpperBoundsCheck(Variable var) { ) } -class TaintedPathConfiguration extends TaintTracking::Configuration { - TaintedPathConfiguration() { this = "TaintedPathConfiguration" } - - override predicate isSource(DataFlow::Node node) { isUserInput(asSourceExpr(node), _) } +module TaintedPathConfiguration implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node node) { node instanceof FlowSource } - override predicate isSink(DataFlow::Node node) { + predicate isSink(DataFlow::Node node) { exists(FileFunction fileFunction | - fileFunction.outermostWrapperFunctionCall(asSinkExpr(node), _) + fileFunction.outermostWrapperFunctionCall(node.asIndirectArgument(), _) ) } - override predicate isSanitizerIn(DataFlow::Node node) { this.isSource(node) } - - override predicate isSanitizer(DataFlow::Node node) { + predicate isBarrier(DataFlow::Node node) { node.asExpr().(Call).getTarget().getUnspecifiedType() instanceof ArithmeticType or exists(LoadInstruction load, Variable checkedVar | @@ -107,32 +87,19 @@ class TaintedPathConfiguration extends TaintTracking::Configuration { hasUpperBoundsCheck(checkedVar) ) } - - predicate hasFilteredFlowPath(DataFlow::PathNode source, DataFlow::PathNode sink) { - this.hasFlowPath(source, sink) and - // The use of `isUserInput` in `isSink` in combination with `asSourceExpr` causes - // duplicate results. Filter these duplicates. The proper solution is to switch to - // using `LocalFlowSource` and `RemoteFlowSource`, but this currently only supports - // a subset of the cases supported by `isUserInput`. - not exists(DataFlow::PathNode source2 | - this.hasFlowPath(source2, sink) and - asSourceExpr(source.getNode()) = asSourceExpr(source2.getNode()) - | - not exists(source.getNode().asConvertedExpr()) and exists(source2.getNode().asConvertedExpr()) - ) - } } +module TaintedPath = TaintTracking::Make; + from - FileFunction fileFunction, Expr taintedArg, Expr taintSource, TaintedPathConfiguration cfg, - DataFlow::PathNode sourceNode, DataFlow::PathNode sinkNode, string taintCause, string callChain + FileFunction fileFunction, Expr taintedArg, FlowSource taintSource, + TaintedPath::PathNode sourceNode, TaintedPath::PathNode sinkNode, string callChain where not isExcluded(taintedArg, IO3Package::doNotPerformFileOperationsOnDevicesQuery()) and - taintedArg = asSinkExpr(sinkNode.getNode()) and + taintedArg = sinkNode.getNode().asIndirectArgument() and fileFunction.outermostWrapperFunctionCall(taintedArg, callChain) and - cfg.hasFilteredFlowPath(sourceNode, sinkNode) and - taintSource = asSourceExpr(sourceNode.getNode()) and - isUserInput(taintSource, taintCause) + TaintedPath::hasFlowPath(sourceNode, sinkNode) and + taintSource = sourceNode.getNode() select taintedArg, sourceNode, sinkNode, "This argument to a file access function is derived from $@ and then passed to " + callChain + ".", - taintSource, "user input (" + taintCause + ")" + taintSource, "user input (" + taintSource.getSourceType() + ")" diff --git a/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected b/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected index 824149f294..06bf56cf8a 100644 --- a/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected +++ b/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected @@ -8,5 +8,5 @@ nodes | test.c:46:29:46:37 | file_name indirection | semmle.label | file_name indirection | subpaths #select -| test.c:21:8:21:16 | file_name | test.c:20:15:20:23 | scanf output argument | test.c:21:8:21:16 | file_name indirection | This argument to a file access function is derived from $@ and then passed to func(file_name), which calls fopen((unnamed parameter 0)). | test.c:20:15:20:23 | file_name | user input (scanf) | -| test.c:46:29:46:37 | file_name | test.c:45:15:45:23 | scanf output argument | test.c:46:29:46:37 | file_name indirection | This argument to a file access function is derived from $@ and then passed to CreateFile(lpFileName). | test.c:45:15:45:23 | file_name | user input (scanf) | +| test.c:21:8:21:16 | file_name | test.c:20:15:20:23 | scanf output argument | test.c:21:8:21:16 | file_name indirection | This argument to a file access function is derived from $@ and then passed to func(file_name), which calls fopen((unnamed parameter 0)). | test.c:20:15:20:23 | scanf output argument | user input (value read by scanf) | +| test.c:46:29:46:37 | file_name | test.c:45:15:45:23 | scanf output argument | test.c:46:29:46:37 | file_name indirection | This argument to a file access function is derived from $@ and then passed to CreateFile(lpFileName). | test.c:45:15:45:23 | scanf output argument | user input (value read by scanf) | From d1c0a5d55e1399c40c729a91be354e8c74ccad3a Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Thu, 16 Mar 2023 11:47:23 +0100 Subject: [PATCH 0747/2573] Add change note --- change_notes/2022-03-16-update-for-dataflow-changes.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 change_notes/2022-03-16-update-for-dataflow-changes.md diff --git a/change_notes/2022-03-16-update-for-dataflow-changes.md b/change_notes/2022-03-16-update-for-dataflow-changes.md new file mode 100644 index 0000000000..af0aaed7ca --- /dev/null +++ b/change_notes/2022-03-16-update-for-dataflow-changes.md @@ -0,0 +1,2 @@ + - `FIO32-C` - `DoNotPerformFileOperationsOnDevices.ql`: + - The query was updated to work with the latest version of the dataflow library. From 892fab61ed078790e76cd2044f0603109a4c92da Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 16 Mar 2023 12:55:55 +0100 Subject: [PATCH 0748/2573] Improved test cases --- .../RightHandOperandOfAShiftRange.ql | 2 +- .../RightHandOperandOfAShiftRange.expected | 17 ++++++----- c/misra/test/rules/RULE-12-2/test.c | 28 +++++++++++-------- 3 files changed, 28 insertions(+), 19 deletions(-) diff --git a/c/misra/src/rules/RULE-12-2/RightHandOperandOfAShiftRange.ql b/c/misra/src/rules/RULE-12-2/RightHandOperandOfAShiftRange.ql index a57c7823db..03b33f4368 100644 --- a/c/misra/src/rules/RULE-12-2/RightHandOperandOfAShiftRange.ql +++ b/c/misra/src/rules/RULE-12-2/RightHandOperandOfAShiftRange.ql @@ -29,4 +29,4 @@ where lowerBound(right) < 0 or upperBound(right) > max_val ) -select right, "The shift right hand operand shall lie in the range 0 to " + max_val + "." +select right, "The right hand operand of the shift operator shall lie in the range 0 to " + max_val + "." \ No newline at end of file diff --git a/c/misra/test/rules/RULE-12-2/RightHandOperandOfAShiftRange.expected b/c/misra/test/rules/RULE-12-2/RightHandOperandOfAShiftRange.expected index f02d43d761..a4deb83a14 100644 --- a/c/misra/test/rules/RULE-12-2/RightHandOperandOfAShiftRange.expected +++ b/c/misra/test/rules/RULE-12-2/RightHandOperandOfAShiftRange.expected @@ -1,7 +1,10 @@ -| test.c:8:10:8:10 | 8 | The shift right hand operand shall lie in the range 0 to 7. | -| test.c:10:10:10:14 | ... + ... | The shift right hand operand shall lie in the range 0 to 7. | -| test.c:11:10:11:14 | ... + ... | The shift right hand operand shall lie in the range 0 to 7. | -| test.c:15:9:15:9 | 8 | The shift right hand operand shall lie in the range 0 to 7. | -| test.c:20:9:20:10 | 64 | The shift right hand operand shall lie in the range 0 to 63. | -| test.c:23:10:23:11 | 10 | The shift right hand operand shall lie in the range 0 to 7. | -| test.c:24:10:24:11 | 64 | The shift right hand operand shall lie in the range 0 to 7. | +| test.c:8:10:8:10 | 8 | The right hand operand of the shift operator shall lie in the range 0 to 7. | +| test.c:9:10:9:11 | - ... | The right hand operand of the shift operator shall lie in the range 0 to 7. | +| test.c:10:10:10:14 | ... + ... | The right hand operand of the shift operator shall lie in the range 0 to 7. | +| test.c:11:10:11:14 | ... + ... | The right hand operand of the shift operator shall lie in the range 0 to 7. | +| test.c:13:21:13:22 | 16 | The right hand operand of the shift operator shall lie in the range 0 to 15. | +| test.c:16:9:16:9 | 8 | The right hand operand of the shift operator shall lie in the range 0 to 7. | +| test.c:21:9:21:10 | 64 | The right hand operand of the shift operator shall lie in the range 0 to 63. | +| test.c:25:10:25:10 | 8 | The right hand operand of the shift operator shall lie in the range 0 to 7. | +| test.c:26:10:26:11 | 64 | The right hand operand of the shift operator shall lie in the range 0 to 7. | +| test.c:30:16:30:17 | 64 | The right hand operand of the shift operator shall lie in the range 0 to 63. | diff --git a/c/misra/test/rules/RULE-12-2/test.c b/c/misra/test/rules/RULE-12-2/test.c index 78de7fe059..7ac5a5bb71 100644 --- a/c/misra/test/rules/RULE-12-2/test.c +++ b/c/misra/test/rules/RULE-12-2/test.c @@ -1,25 +1,31 @@ +#include #include - void f1() { uint8_t ui8; int b = 4; - ui8 << 7; // COMPLIANT - ui8 >> 8; // NON_COMPLIANT - ui8 << 3 + 3; // COMPLIANT - ui8 >> 4 + b; // NON_COMPLIANT - ui8 << b + b; // NON_COMPLIANT - (uint16_t) ui8 << 9; // COMPLIANT + ui8 << 7; // COMPLIANT + ui8 >> 8; // NON_COMPLIANT + ui8 >> -1; // NON_COMPLIANT + ui8 >> 4 + b; // NON_COMPLIANT + ui8 << b + b; // NON_COMPLIANT + (uint16_t) ui8 << 8; // COMPLIANT + (uint16_t) ui8 << 16; // NON_COMPLIANT // 0u essential type is essentially unsigned char 0u << 8; // NON_COMPLIANT (uint16_t)0u << 8; // COMPLIANT unsigned long ul; - ul << 10; // COMPLIANT + ul << 8; // COMPLIANT ul << 64; // NON_COMPLIANT - // 1UL essential type is essentially unsigned long - 1UL << 10; // COMPLIANT[FALSE_POSITIVE] - 1UL << 64; // NON_COMPLIANT + // 1UL essential type is essentially unsigned char + 1UL << 7; // COMPLIANT + 1UL << 8; // NON_COMPLIANT + 1UL << 64; // NON_COMPLIANT + + // ULONG_MAX essential type is essentially unsigned long + ULONG_MAX << 8; // COMPLIANT + ULONG_MAX << 64; // NON_COMPLIANT } From 5c3ccd1629eab18a1ce7e89e4835c29b29178176 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Thu, 16 Mar 2023 12:09:15 -0700 Subject: [PATCH 0749/2573] Add more cases for FP --- cpp/autosar/test/rules/A0-1-1/test.cpp | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index 98c8058219..c86fd067e0 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -17,6 +17,9 @@ struct C { int m; }; +void sample1(int x){}; +void sample2(int y){}; + int test_useless_assignment(int &x, int p) { x = 0; // COMPLIANT - x is a reference parameter, so is visible by the caller int y = 0; // NON_COMPLIANT - never used @@ -49,7 +52,7 @@ int test_useless_assignment(int &x, int p) { A *a3 = new A; // NON_COMPLIANT - POD class, no constructor/destructor A *a4 = new A(); // NON_COMPLIANT - POD class, no constructor/destructor A *a5 = nullptr; // NON_COMPLIANT - null never read - A a6{}; // COMPLIANT - `m` assigned below + A a6{}; // COMPLIANT - `f` assigned below a6.f = 2; // COMPLIANT - we don't track the fields here, but we do track `a6`, // so we'd consider this used by the assignment below a6.f = 1; // NON_COMPLIANT - assignment into `f`, but `a6` is not used @@ -69,5 +72,14 @@ int test_useless_assignment(int &x, int p) { C *c4 = new C(); // COMPLIANT - this will call a constructor?? C *c5 = nullptr; // NON_COMPLIANT - null never read + A a7{1, 2}; // COMPLIANT - used in the `sample1` call below + sample1(a7.f + a7.f2); // COMPLIANT - object access is a valid use + + A *a8; // COMPLIANT - value not given at declaration + a8 = &a7; + sample2(a8->f); // COMPLIANT - object access is a valid use + return y; } + +int main() { return 0; } \ No newline at end of file From b09235f47fd550b51ee8375f557889d2169b0935 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Thu, 16 Mar 2023 17:42:19 -0400 Subject: [PATCH 0750/2573] Fix FP for issue 216 exclude file stream call args and heuristic wrappers --- change_notes/2023-03-16-fp-a5-1-1.md | 1 + .../A5-1-1/LiteralValueUsedOutsideTypeInit.ql | 24 +++++++++++++++++++ .../LiteralValueUsedOutsideTypeInit.expected | 2 ++ cpp/autosar/test/rules/A5-1-1/test.cpp | 24 ++++++++++++++++++- 4 files changed, 50 insertions(+), 1 deletion(-) create mode 100644 change_notes/2023-03-16-fp-a5-1-1.md diff --git a/change_notes/2023-03-16-fp-a5-1-1.md b/change_notes/2023-03-16-fp-a5-1-1.md new file mode 100644 index 0000000000..61e4fed11c --- /dev/null +++ b/change_notes/2023-03-16-fp-a5-1-1.md @@ -0,0 +1 @@ + * `A5-1-1` - reduce false positives by omitting literals written into file streams and wrappers around log and stream calls \ No newline at end of file diff --git a/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql b/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql index c20d0ded55..6758bae54e 100644 --- a/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql +++ b/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql @@ -18,6 +18,25 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.LoggingOperation import codingstandards.cpp.Literals +import codingstandards.cpp.standardlibrary.FileStreams + +/** + * In a wrapper `Function`, all accesses of all `Parameters` + * are in located in logging or stream calls + */ +class LoggerOrStreamWrapperFunction extends Function { + LoggerOrStreamWrapperFunction() { + forall(Parameter p | p.getFunction() = this | + forall(VariableAccess va | va = p.getAnAccess() | + ( + any(FileStreamFunctionCall fc).getAnArgument().getAChild*() = va + or + any(LoggingOperation logOp).getALoggedExpr().getAChild*() = va + ) + ) + ) + } +} from Literal l where @@ -26,6 +45,11 @@ where not exists(ConstructorCall cc | cc.getAnArgument() = l) and not exists(ConstructorFieldInit cf | cf.getExpr() = l) and not l = any(LoggingOperation logOp).getALoggedExpr().getAChild*() and + not l = any(FileStreamFunctionCall fsc).getAnArgument().getAChild*() and + // Exclude arguments to wrapper functions + not exists(FunctionCall fc, LoggerOrStreamWrapperFunction w | + fc.getAnArgument() = l and w.getACallToThisFunction() = fc + ) and // Exclude literal 0 not l.getValue() = "0" and // Exclude character literals diff --git a/cpp/autosar/test/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.expected b/cpp/autosar/test/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.expected index 9e783c3b14..d19df4e43d 100644 --- a/cpp/autosar/test/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.expected +++ b/cpp/autosar/test/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.expected @@ -1,3 +1,5 @@ | test.cpp:5:9:5:25 | constant string | Literal value "constant string" used outside of type initialization StringLiteral | | test.cpp:14:23:14:25 | 100 | Literal value 100 used outside of type initialization Literal | | test.cpp:54:7:54:7 | 1 | Literal value 1 used outside of type initialization Literal | +| test.cpp:75:23:75:28 | test | Literal value "test" used outside of type initialization StringLiteral | +| test.cpp:75:31:75:40 | not okay | Literal value "not okay" used outside of type initialization StringLiteral | diff --git a/cpp/autosar/test/rules/A5-1-1/test.cpp b/cpp/autosar/test/rules/A5-1-1/test.cpp index 691e94d2fa..42abc42f43 100644 --- a/cpp/autosar/test/rules/A5-1-1/test.cpp +++ b/cpp/autosar/test/rules/A5-1-1/test.cpp @@ -52,4 +52,26 @@ void test_class() { void test_assignment() { int x = 0; // COMPLIANT - used in type initialization x = 1; // NON_COMPLIANT - used in assignment -} \ No newline at end of file +} + +void test_stream(std::ostream &os, const char *str) noexcept { + os << str << "logging string"; // COMPLIANT - literal used in stream write +} + +#define WRAPPER_MACRO(X, Y) test_stream(X, Y) + +void test_wrapper_stream(std::ostream &os, const char *str) noexcept { + test_stream(os, "test"); // COMPLIANT - wrapper for stream write + WRAPPER_MACRO(os, "test"); // COMPLIANT - wrapper for stream write +} + +void test_stream_two(std::ostream &os, const char *str, + const char *alt) noexcept { + os << str << "logging string"; // COMPLIANT - literal used in stream write + throw alt; +} + +void test_not_wrapper_stream(std::ostream &os, const char *str) noexcept { + test_stream_two(os, "test", "not okay"); // NON_COMPLIANT - test_stream_two is + // not actually exclusively a wrapper +} From ab4360237708ec07537316d15e1ad52f5fcec016 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 16 Mar 2023 22:51:49 +0100 Subject: [PATCH 0751/2573] Add Rule-19-1 and converted M0-2-1 to shared query --- .../OverlappingObjectAssignment.expected | 1 + .../OverlappingObjectAssignment.ql | 2 + .../rules/overlappingobjectassignment/test.c | 10 ++ .../ObjectAssignedToAnOverlappingObject.ql | 21 +++++ .../ObjectCopiedToAnOverlappingObject.ql | 93 +++++++++++++++++++ c/misra/test/rules/RULE-12-2/test.c | 6 +- ...bjectAssignedToAnOverlappingObject.testref | 1 + ...ObjectCopiedToAnOverlappingObject.expected | 4 + .../ObjectCopiedToAnOverlappingObject.qlref | 1 + c/misra/test/rules/RULE-19-1/test.c | 22 +++++ .../ObjectAssignedToAnOverlappingObject.ql | 44 +-------- .../ObjectAssignedToAnOverlappingObject.qlref | 1 - ...bjectAssignedToAnOverlappingObject.testref | 1 + .../cpp/exclusions/c/Contracts7.qll | 33 +++++-- .../OverlappingObjectAssignment.qll | 55 +++++++++++ .../OverlappingObjectAssignment.expected} | 0 .../OverlappingObjectAssignment.ql | 2 + .../overlappingobjectassignment}/test.cpp | 2 +- rule_packages/c/Contracts7.json | 18 +++- rule_packages/cpp/Representation.json | 1 + 20 files changed, 263 insertions(+), 55 deletions(-) create mode 100644 c/common/test/rules/overlappingobjectassignment/OverlappingObjectAssignment.expected create mode 100644 c/common/test/rules/overlappingobjectassignment/OverlappingObjectAssignment.ql create mode 100644 c/common/test/rules/overlappingobjectassignment/test.c create mode 100644 c/misra/src/rules/RULE-19-1/ObjectAssignedToAnOverlappingObject.ql create mode 100644 c/misra/src/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.ql create mode 100644 c/misra/test/rules/RULE-19-1/ObjectAssignedToAnOverlappingObject.testref create mode 100644 c/misra/test/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.expected create mode 100644 c/misra/test/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.qlref create mode 100644 c/misra/test/rules/RULE-19-1/test.c delete mode 100644 cpp/autosar/test/rules/M0-2-1/ObjectAssignedToAnOverlappingObject.qlref create mode 100644 cpp/autosar/test/rules/M0-2-1/ObjectAssignedToAnOverlappingObject.testref create mode 100644 cpp/common/src/codingstandards/cpp/rules/overlappingobjectassignment/OverlappingObjectAssignment.qll rename cpp/{autosar/test/rules/M0-2-1/ObjectAssignedToAnOverlappingObject.expected => common/test/rules/overlappingobjectassignment/OverlappingObjectAssignment.expected} (100%) create mode 100644 cpp/common/test/rules/overlappingobjectassignment/OverlappingObjectAssignment.ql rename cpp/{autosar/test/rules/M0-2-1 => common/test/rules/overlappingobjectassignment}/test.cpp (99%) diff --git a/c/common/test/rules/overlappingobjectassignment/OverlappingObjectAssignment.expected b/c/common/test/rules/overlappingobjectassignment/OverlappingObjectAssignment.expected new file mode 100644 index 0000000000..aae52beb58 --- /dev/null +++ b/c/common/test/rules/overlappingobjectassignment/OverlappingObjectAssignment.expected @@ -0,0 +1 @@ +| test.c:9:3:9:11 | ... = ... | An object $@ assigned to overlapping object $@. | test.c:9:5:9:5 | l | l | test.c:9:11:9:11 | i | i | diff --git a/c/common/test/rules/overlappingobjectassignment/OverlappingObjectAssignment.ql b/c/common/test/rules/overlappingobjectassignment/OverlappingObjectAssignment.ql new file mode 100644 index 0000000000..7bac912c6d --- /dev/null +++ b/c/common/test/rules/overlappingobjectassignment/OverlappingObjectAssignment.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.overlappingobjectassignment.OverlappingObjectAssignment diff --git a/c/common/test/rules/overlappingobjectassignment/test.c b/c/common/test/rules/overlappingobjectassignment/test.c new file mode 100644 index 0000000000..dbaa6b947c --- /dev/null +++ b/c/common/test/rules/overlappingobjectassignment/test.c @@ -0,0 +1,10 @@ +#include + +void f(void) { + union { + int i; + long l; + } u = {0}; + + u.l = u.i; // NON_COMPLIANT +} diff --git a/c/misra/src/rules/RULE-19-1/ObjectAssignedToAnOverlappingObject.ql b/c/misra/src/rules/RULE-19-1/ObjectAssignedToAnOverlappingObject.ql new file mode 100644 index 0000000000..860d7aa7d9 --- /dev/null +++ b/c/misra/src/rules/RULE-19-1/ObjectAssignedToAnOverlappingObject.ql @@ -0,0 +1,21 @@ +/** + * @id c/misra/object-assigned-to-an-overlapping-object + * @name RULE-19-1: An object shall not be assigned to an overlapping object + * @description An object shall not be assigned to an overlapping object. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/misra/id/rule-19-1 + * correctness + * external/misra/obligation/mandatory + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.rules.overlappingobjectassignment.OverlappingObjectAssignment + +class ObjectAssignedToAnOverlappingObjectQuery extends OverlappingObjectAssignmentSharedQuery { + ObjectAssignedToAnOverlappingObjectQuery() { + this = Contracts7Package::objectAssignedToAnOverlappingObjectQuery() + } +} diff --git a/c/misra/src/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.ql b/c/misra/src/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.ql new file mode 100644 index 0000000000..58d41fab46 --- /dev/null +++ b/c/misra/src/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.ql @@ -0,0 +1,93 @@ +/** + * @id c/misra/object-copied-to-an-overlapping-object + * @name RULE-19-1: An object shall not be copied to an overlapping object + * @description An object shall not be copied to an overlapping object. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/misra/id/rule-19-1 + * correctness + * external/misra/obligation/mandatory + */ + +import cpp +import codingstandards.c.misra +import semmle.code.cpp.valuenumbering.GlobalValueNumbering +import semmle.code.cpp.dataflow.DataFlow + +/** + * Models calls to memcpy on overlapping objects + */ +class MemcpyCall extends Locatable { + Expr src; + Expr dst; + + MemcpyCall() { + this.(MacroInvocation).getMacroName() = "memcpy" and + src = this.(MacroInvocation).getExpr().getChild(1) and + dst = this.(MacroInvocation).getExpr().getChild(0) + or + this.(FunctionCall).getTarget().hasGlobalName("memcpy") and + src = this.(FunctionCall).getArgument(1) and + dst = this.(FunctionCall).getArgument(0) + } + + Expr getSrc() { result = src } + + Expr getDst() { result = dst } + + Expr getBase(Expr e) { + result = + [ + e.(VariableAccess), e.(PointerAddExpr).getLeftOperand(), + e.(AddressOfExpr).getOperand().(ArrayExpr).getArrayBase() + ] + } + + int getOffset(Expr e) { + result = + [ + e.(PointerAddExpr).getRightOperand().getValue().toInt(), + e.(AddressOfExpr).getOperand().(ArrayExpr).getArrayOffset().getValue().toInt() + ] + or + e instanceof VariableAccess and result = 0 + } + + // maximum amount of element copied + int getCount() { + result = + upperBound([this.(MacroInvocation).getExpr().getChild(2), this.(FunctionCall).getArgument(2)]) + } + + // source and destination overlap + predicate overlap() { + globalValueNumber(this.getBase(src)) = globalValueNumber(this.getBase(dst)) and + exists(int dstStart, int dstEnd, int srcStart, int srcEnd | + dstStart = this.getOffset(dst) and + dstEnd = dstStart + this.getCount() - 1 and + srcStart = this.getOffset(src) and + srcEnd = srcStart + this.getCount() - 1 and + ( + srcStart >= dstStart and srcEnd <= dstEnd + or + srcStart <= dstStart and srcEnd > dstStart + or + srcStart < dstEnd and srcEnd >= dstStart + ) and + // Exception 1: exact overlap and compatible type + not ( + srcStart = dstStart and + srcEnd = dstEnd and + this.getBase(src).getUnspecifiedType() = this.getBase(dst).getUnspecifiedType() + ) + ) + } +} + +from MemcpyCall memcpy +where + not isExcluded(memcpy, Contracts7Package::objectCopiedToAnOverlappingObjectQuery()) and + memcpy.overlap() +select memcpy, "The object to copy $@ overlaps the object to copy $@.", memcpy.getSrc(), "from", + memcpy.getDst(), "to" diff --git a/c/misra/test/rules/RULE-12-2/test.c b/c/misra/test/rules/RULE-12-2/test.c index 7ac5a5bb71..449a47b7ae 100644 --- a/c/misra/test/rules/RULE-12-2/test.c +++ b/c/misra/test/rules/RULE-12-2/test.c @@ -21,9 +21,9 @@ void f1() { ul << 64; // NON_COMPLIANT // 1UL essential type is essentially unsigned char - 1UL << 7; // COMPLIANT - 1UL << 8; // NON_COMPLIANT - 1UL << 64; // NON_COMPLIANT + 1UL << 7; // COMPLIANT + 1UL << 8; // NON_COMPLIANT + 1UL << 64; // NON_COMPLIANT // ULONG_MAX essential type is essentially unsigned long ULONG_MAX << 8; // COMPLIANT diff --git a/c/misra/test/rules/RULE-19-1/ObjectAssignedToAnOverlappingObject.testref b/c/misra/test/rules/RULE-19-1/ObjectAssignedToAnOverlappingObject.testref new file mode 100644 index 0000000000..7d46b86a5e --- /dev/null +++ b/c/misra/test/rules/RULE-19-1/ObjectAssignedToAnOverlappingObject.testref @@ -0,0 +1 @@ +c/common/test/rules/overlappingobjectassignment/OverlappingObjectAssignment.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.expected b/c/misra/test/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.expected new file mode 100644 index 0000000000..54aaa82cdc --- /dev/null +++ b/c/misra/test/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.expected @@ -0,0 +1,4 @@ +| test.c:5:3:5:8 | call to memcpy | The object to copy $@ overlaps the object to copy $@. | test.c:5:17:5:21 | & ... | from | test.c:5:10:5:14 | & ... | to | +| test.c:7:3:7:8 | call to memcpy | The object to copy $@ overlaps the object to copy $@. | test.c:7:17:7:21 | & ... | from | test.c:7:10:7:14 | & ... | to | +| test.c:8:3:8:8 | call to memcpy | The object to copy $@ overlaps the object to copy $@. | test.c:8:17:8:17 | o | from | test.c:8:10:8:14 | ... + ... | to | +| test.c:10:3:10:8 | call to memcpy | The object to copy $@ overlaps the object to copy $@. | test.c:10:17:10:21 | ... + ... | from | test.c:10:10:10:14 | ... + ... | to | diff --git a/c/misra/test/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.qlref b/c/misra/test/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.qlref new file mode 100644 index 0000000000..c371b9bad2 --- /dev/null +++ b/c/misra/test/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.qlref @@ -0,0 +1 @@ +rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-19-1/test.c b/c/misra/test/rules/RULE-19-1/test.c new file mode 100644 index 0000000000..a360e34085 --- /dev/null +++ b/c/misra/test/rules/RULE-19-1/test.c @@ -0,0 +1,22 @@ +#include + +int o[10]; +void g(void) { + memcpy(&o[1], &o[0], 2); // NON_COMPLIANT + memcpy(&o[2], &o[0], 2); // COMPLIANT + memcpy(&o[2], &o[1], 2); // NON_COMPLIANT + memcpy(o + 1, o, 2); // NON_COMPLIANT + memcpy(o + 2, o, 2); // COMPLIANT + memcpy(o + 2, o + 1, 2); // NON_COMPLIANT + + // Exception 1 + int *p = &o[0]; + int *q = &o[0]; + + *p = *q; // COMPLIANT + memcpy(&o[0], &o[0], 2); // COMPLIANT + memcpy(o, o, 2); // COMPLIANT + + // Exception 2 + memmove(&o[1], &o[0], 2u * sizeof(o[0])); // COMPLIANT +} diff --git a/cpp/autosar/src/rules/M0-2-1/ObjectAssignedToAnOverlappingObject.ql b/cpp/autosar/src/rules/M0-2-1/ObjectAssignedToAnOverlappingObject.ql index 17119af07e..4a14901aff 100644 --- a/cpp/autosar/src/rules/M0-2-1/ObjectAssignedToAnOverlappingObject.ql +++ b/cpp/autosar/src/rules/M0-2-1/ObjectAssignedToAnOverlappingObject.ql @@ -12,46 +12,12 @@ * external/autosar/obligation/required */ -//Assignment between different active members of same union instance import cpp import codingstandards.cpp.autosar -import semmle.code.cpp.valuenumbering.GlobalValueNumbering +import codingstandards.cpp.rules.overlappingobjectassignment.OverlappingObjectAssignment -VariableAccess getAQualifier(VariableAccess va) { result = va.getQualifier+() } - -int getAccessByteOffset(FieldAccess fa) { - not fa.getQualifier() instanceof FieldAccess and result = fa.getTarget().getByteOffset() - or - result = fa.getTarget().getByteOffset() + getAccessByteOffset(fa.getQualifier()) -} - -predicate overlaps(FieldAccess fa1, FieldAccess fa2) { - exists(int startfa1, int endfa1, int startfa2, int endfa2 | - startfa1 = getAccessByteOffset(fa1) and - endfa1 = startfa1 + fa1.getTarget().getType().getSize() - 1 and - startfa2 = getAccessByteOffset(fa2) and - endfa2 = startfa2 + fa2.getTarget().getType().getSize() - 1 - | - startfa1 = startfa2 and endfa1 = endfa2 - or - startfa1 > startfa2 and endfa1 < endfa2 - or - startfa1 < startfa2 and endfa1 < endfa2 and endfa1 > startfa2 - or - startfa1 > startfa2 and endfa1 > endfa2 and startfa1 < endfa2 - ) +class ObjectAssignedToAnOverlappingObjectQuery extends OverlappingObjectAssignmentSharedQuery { + ObjectAssignedToAnOverlappingObjectQuery() { + this = RepresentationPackage::objectAssignedToAnOverlappingObjectQuery() + } } - -from AssignExpr assignExpr, Expr lhs, Expr rhs, ValueFieldAccess valuelhs, ValueFieldAccess valuerhs -where - not isExcluded(assignExpr, RepresentationPackage::objectAssignedToAnOverlappingObjectQuery()) and - lhs.getType() instanceof Union and - rhs.getType() instanceof Union and - lhs = getAQualifier(assignExpr.getLValue()) and - rhs = getAQualifier(assignExpr.getRValue()) and - globalValueNumber(lhs) = globalValueNumber(rhs) and - valuerhs = assignExpr.getRValue() and - valuelhs = assignExpr.getLValue() and // a.b.c == ((a.b).c) - overlaps(valuelhs, valuerhs) -select assignExpr, "An object $@ assigned to overlapping object $@.", valuelhs, - valuelhs.getTarget().getName(), valuerhs, valuerhs.getTarget().getName() diff --git a/cpp/autosar/test/rules/M0-2-1/ObjectAssignedToAnOverlappingObject.qlref b/cpp/autosar/test/rules/M0-2-1/ObjectAssignedToAnOverlappingObject.qlref deleted file mode 100644 index 54e12483d0..0000000000 --- a/cpp/autosar/test/rules/M0-2-1/ObjectAssignedToAnOverlappingObject.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M0-2-1/ObjectAssignedToAnOverlappingObject.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M0-2-1/ObjectAssignedToAnOverlappingObject.testref b/cpp/autosar/test/rules/M0-2-1/ObjectAssignedToAnOverlappingObject.testref new file mode 100644 index 0000000000..ec615f82b3 --- /dev/null +++ b/cpp/autosar/test/rules/M0-2-1/ObjectAssignedToAnOverlappingObject.testref @@ -0,0 +1 @@ +cpp/common/test/rules/overlappingobjectassignment/OverlappingObjectAssignment.ql \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts7.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts7.qll index e17345c861..f6838fe797 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts7.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Contracts7.qll @@ -7,7 +7,8 @@ newtype Contracts7Query = TDoNotPassInvalidDataToTheAsctimeFunctionQuery() or TDoNotCallVaArgOnAVaListThatHasAnIndeterminateValueQuery() or TRightHandOperandOfAShiftRangeQuery() or - TObjectAssignedOrCopiedToAnOverlappingObjectQuery() + TObjectAssignedToAnOverlappingObjectQuery() or + TObjectCopiedToAnOverlappingObjectQuery() predicate isContracts7QueryMetadata(Query query, string queryId, string ruleId, string category) { query = @@ -38,11 +39,20 @@ predicate isContracts7QueryMetadata(Query query, string queryId, string ruleId, category = "required" or query = - // `Query` instance for the `objectAssignedOrCopiedToAnOverlappingObject` query - Contracts7Package::objectAssignedOrCopiedToAnOverlappingObjectQuery() and + // `Query` instance for the `objectAssignedToAnOverlappingObject` query + Contracts7Package::objectAssignedToAnOverlappingObjectQuery() and queryId = - // `@id` for the `objectAssignedOrCopiedToAnOverlappingObject` query - "c/misra/object-assigned-or-copied-to-an-overlapping-object" and + // `@id` for the `objectAssignedToAnOverlappingObject` query + "c/misra/object-assigned-to-an-overlapping-object" and + ruleId = "RULE-19-1" and + category = "mandatory" + or + query = + // `Query` instance for the `objectCopiedToAnOverlappingObject` query + Contracts7Package::objectCopiedToAnOverlappingObjectQuery() and + queryId = + // `@id` for the `objectCopiedToAnOverlappingObject` query + "c/misra/object-copied-to-an-overlapping-object" and ruleId = "RULE-19-1" and category = "mandatory" } @@ -69,10 +79,17 @@ module Contracts7Package { TQueryC(TContracts7PackageQuery(TRightHandOperandOfAShiftRangeQuery())) } - Query objectAssignedOrCopiedToAnOverlappingObjectQuery() { + Query objectAssignedToAnOverlappingObjectQuery() { + //autogenerate `Query` type + result = + // `Query` type for `objectAssignedToAnOverlappingObject` query + TQueryC(TContracts7PackageQuery(TObjectAssignedToAnOverlappingObjectQuery())) + } + + Query objectCopiedToAnOverlappingObjectQuery() { //autogenerate `Query` type result = - // `Query` type for `objectAssignedOrCopiedToAnOverlappingObject` query - TQueryC(TContracts7PackageQuery(TObjectAssignedOrCopiedToAnOverlappingObjectQuery())) + // `Query` type for `objectCopiedToAnOverlappingObject` query + TQueryC(TContracts7PackageQuery(TObjectCopiedToAnOverlappingObjectQuery())) } } diff --git a/cpp/common/src/codingstandards/cpp/rules/overlappingobjectassignment/OverlappingObjectAssignment.qll b/cpp/common/src/codingstandards/cpp/rules/overlappingobjectassignment/OverlappingObjectAssignment.qll new file mode 100644 index 0000000000..97062e4520 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/overlappingobjectassignment/OverlappingObjectAssignment.qll @@ -0,0 +1,55 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import semmle.code.cpp.valuenumbering.GlobalValueNumbering + +abstract class OverlappingObjectAssignmentSharedQuery extends Query { } + +Query getQuery() { result instanceof OverlappingObjectAssignmentSharedQuery } + +VariableAccess getAQualifier(VariableAccess va) { result = va.getQualifier+() } + +int getAccessByteOffset(FieldAccess fa) { + not fa.getQualifier() instanceof FieldAccess and result = fa.getTarget().getByteOffset() + or + result = fa.getTarget().getByteOffset() + getAccessByteOffset(fa.getQualifier()) +} + +predicate overlaps(FieldAccess fa1, FieldAccess fa2) { + exists(int startfa1, int endfa1, int startfa2, int endfa2 | + startfa1 = getAccessByteOffset(fa1) and + endfa1 = startfa1 + fa1.getTarget().getType().getSize() - 1 and + startfa2 = getAccessByteOffset(fa2) and + endfa2 = startfa2 + fa2.getTarget().getType().getSize() - 1 + | + startfa2 >= startfa1 and endfa2 <= endfa1 + or + startfa2 <= startfa1 and endfa2 > startfa1 + or + startfa2 < endfa1 and endfa2 >= startfa1 + ) +} + +query predicate problems( + AssignExpr assignExpr, string message, ValueFieldAccess valuelhs, string valuelhsDesc, + ValueFieldAccess valuerhs, string valuerhsDesc +) { + not isExcluded(assignExpr, getQuery()) and + exists(Expr lhs, Expr rhs | + lhs.getType() instanceof Union and + rhs.getType() instanceof Union and + lhs = getAQualifier(assignExpr.getLValue()) and + rhs = getAQualifier(assignExpr.getRValue()) and + globalValueNumber(lhs) = globalValueNumber(rhs) and + valuerhs = assignExpr.getRValue() and + valuelhs = assignExpr.getLValue() and // a.b.c == ((a.b).c) + overlaps(valuelhs, valuerhs) and + message = "An object $@ assigned to overlapping object $@." and + valuelhsDesc = valuelhs.getTarget().getName() and + valuerhsDesc = valuerhs.getTarget().getName() + ) +} diff --git a/cpp/autosar/test/rules/M0-2-1/ObjectAssignedToAnOverlappingObject.expected b/cpp/common/test/rules/overlappingobjectassignment/OverlappingObjectAssignment.expected similarity index 100% rename from cpp/autosar/test/rules/M0-2-1/ObjectAssignedToAnOverlappingObject.expected rename to cpp/common/test/rules/overlappingobjectassignment/OverlappingObjectAssignment.expected diff --git a/cpp/common/test/rules/overlappingobjectassignment/OverlappingObjectAssignment.ql b/cpp/common/test/rules/overlappingobjectassignment/OverlappingObjectAssignment.ql new file mode 100644 index 0000000000..7bac912c6d --- /dev/null +++ b/cpp/common/test/rules/overlappingobjectassignment/OverlappingObjectAssignment.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.overlappingobjectassignment.OverlappingObjectAssignment diff --git a/cpp/autosar/test/rules/M0-2-1/test.cpp b/cpp/common/test/rules/overlappingobjectassignment/test.cpp similarity index 99% rename from cpp/autosar/test/rules/M0-2-1/test.cpp rename to cpp/common/test/rules/overlappingobjectassignment/test.cpp index e5848e2752..3329f12824 100644 --- a/cpp/autosar/test/rules/M0-2-1/test.cpp +++ b/cpp/common/test/rules/overlappingobjectassignment/test.cpp @@ -51,4 +51,4 @@ void internal_shift() { void separate_access() { UnionSecret_t hash1, hash2; hash2.diff.suffix = hash1.fnv.suffix; // COMPLIANT, different union. -} \ No newline at end of file +} diff --git a/rule_packages/c/Contracts7.json b/rule_packages/c/Contracts7.json index f637aeb949..39642bdbfd 100644 --- a/rule_packages/c/Contracts7.json +++ b/rule_packages/c/Contracts7.json @@ -66,12 +66,24 @@ }, "queries": [ { - "description": "An object shall not be assigned or copied to an overlapping object.", + "description": "An object shall not be assigned to an overlapping object.", "kind": "problem", - "name": "An object shall not be assigned or copied to an overlapping object", + "name": "An object shall not be assigned to an overlapping object", "precision": "high", "severity": "error", - "short_name": "ObjectAssignedOrCopiedToAnOverlappingObject", + "short_name": "ObjectAssignedToAnOverlappingObject", + "shared_implementation_short_name": "OverlappingObjectAssignment", + "tags": [ + "correctness" + ] + }, + { + "description": "An object shall not be copied to an overlapping object.", + "kind": "problem", + "name": "An object shall not be copied to an overlapping object", + "precision": "high", + "severity": "error", + "short_name": "ObjectCopiedToAnOverlappingObject", "tags": [ "correctness" ] diff --git a/rule_packages/cpp/Representation.json b/rule_packages/cpp/Representation.json index 4428966e87..c856580bb3 100644 --- a/rule_packages/cpp/Representation.json +++ b/rule_packages/cpp/Representation.json @@ -50,6 +50,7 @@ "precision": "high", "severity": "error", "short_name": "ObjectAssignedToAnOverlappingObject", + "shared_implementation_short_name": "OverlappingObjectAssignment", "tags": [ "correctness" ] From 61c41f3a74422b05e90f9ce1b7f5bace90045027 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 16 Mar 2023 23:14:30 +0100 Subject: [PATCH 0752/2573] Package SignalHandlers --- ...yAsyncSafeFunctionsWithinSignalHandlers.md | 18 +++++ ...yAsyncSafeFunctionsWithinSignalHandlers.ql | 18 +++++ ...oNotAccessSharedObjectsInSignalHandlers.md | 18 +++++ ...oNotAccessSharedObjectsInSignalHandlers.ql | 18 +++++ ...llSignalFromInterruptibleSignalHandlers.md | 18 +++++ ...llSignalFromInterruptibleSignalHandlers.ql | 18 +++++ ...eturnFromAComputationalExceptionHandler.md | 16 ++++ ...eturnFromAComputationalExceptionHandler.ql | 18 +++++ ...SafeFunctionsWithinSignalHandlers.expected | 1 + ...yncSafeFunctionsWithinSignalHandlers.qlref | 1 + ...cessSharedObjectsInSignalHandlers.expected | 1 + ...tAccessSharedObjectsInSignalHandlers.qlref | 1 + ...alFromInterruptibleSignalHandlers.expected | 1 + ...ignalFromInterruptibleSignalHandlers.qlref | 1 + ...romAComputationalExceptionHandler.expected | 1 + ...rnFromAComputationalExceptionHandler.qlref | 1 + .../cpp/exclusions/c/RuleMetadata.qll | 3 + .../cpp/exclusions/c/SignalHandlers.qll | 78 +++++++++++++++++++ rule_packages/c/SignalHandlers.json | 72 +++++++++++++++++ rules.csv | 8 +- 20 files changed, 307 insertions(+), 4 deletions(-) create mode 100644 c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.md create mode 100644 c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql create mode 100644 c/cert/src/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.md create mode 100644 c/cert/src/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.ql create mode 100644 c/cert/src/rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.md create mode 100644 c/cert/src/rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.ql create mode 100644 c/cert/src/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.md create mode 100644 c/cert/src/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.ql create mode 100644 c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected create mode 100644 c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.qlref create mode 100644 c/cert/test/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.expected create mode 100644 c/cert/test/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.qlref create mode 100644 c/cert/test/rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.expected create mode 100644 c/cert/test/rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.qlref create mode 100644 c/cert/test/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.expected create mode 100644 c/cert/test/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.qlref create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/SignalHandlers.qll create mode 100644 rule_packages/c/SignalHandlers.json diff --git a/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.md b/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.md new file mode 100644 index 0000000000..e130262dd9 --- /dev/null +++ b/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.md @@ -0,0 +1,18 @@ +# SIG30-C: Call only asynchronous-safe functions within signal handlers + +This query implements the CERT-C rule SIG30-C: + +> Call only asynchronous-safe functions within signal handlers + + +## CERT + +** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** + +## Implementation notes + +None + +## References + +* CERT-C: [SIG30-C: Call only asynchronous-safe functions within signal handlers](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql b/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql new file mode 100644 index 0000000000..03592474eb --- /dev/null +++ b/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql @@ -0,0 +1,18 @@ +/** + * @id c/cert/call-only-async-safe-functions-within-signal-handlers + * @name SIG30-C: Call only asynchronous-safe functions within signal handlers + * @description Call only asynchronous-safe functions within signal handlers. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/cert/id/sig30-c + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert + +from +where + not isExcluded(x, SignalHandlersPackage::callOnlyAsyncSafeFunctionsWithinSignalHandlersQuery()) and +select diff --git a/c/cert/src/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.md b/c/cert/src/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.md new file mode 100644 index 0000000000..626f5bde09 --- /dev/null +++ b/c/cert/src/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.md @@ -0,0 +1,18 @@ +# SIG31-C: Do not access shared objects in signal handlers + +This query implements the CERT-C rule SIG31-C: + +> Do not access shared objects in signal handlers + + +## CERT + +** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** + +## Implementation notes + +None + +## References + +* CERT-C: [SIG31-C: Do not access shared objects in signal handlers](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.ql b/c/cert/src/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.ql new file mode 100644 index 0000000000..d821529c84 --- /dev/null +++ b/c/cert/src/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.ql @@ -0,0 +1,18 @@ +/** + * @id c/cert/do-not-access-shared-objects-in-signal-handlers + * @name SIG31-C: Do not access shared objects in signal handlers + * @description Do not access shared objects in signal handlers. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/cert/id/sig31-c + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert + +from +where + not isExcluded(x, SignalHandlersPackage::doNotAccessSharedObjectsInSignalHandlersQuery()) and +select diff --git a/c/cert/src/rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.md b/c/cert/src/rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.md new file mode 100644 index 0000000000..f959a2e356 --- /dev/null +++ b/c/cert/src/rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.md @@ -0,0 +1,18 @@ +# SIG34-C: Do not call signal() from within interruptible signal handlers + +This query implements the CERT-C rule SIG34-C: + +> Do not call signal() from within interruptible signal handlers + + +## CERT + +** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** + +## Implementation notes + +None + +## References + +* CERT-C: [SIG34-C: Do not call signal() from within interruptible signal handlers](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.ql b/c/cert/src/rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.ql new file mode 100644 index 0000000000..0866687e29 --- /dev/null +++ b/c/cert/src/rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.ql @@ -0,0 +1,18 @@ +/** + * @id c/cert/do-not-call-signal-from-interruptible-signal-handlers + * @name SIG34-C: Do not call signal() from within interruptible signal handlers + * @description Do not call signal() from within interruptible signal handlers. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/cert/id/sig34-c + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert + +from +where + not isExcluded(x, SignalHandlersPackage::doNotCallSignalFromInterruptibleSignalHandlersQuery()) and +select diff --git a/c/cert/src/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.md b/c/cert/src/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.md new file mode 100644 index 0000000000..ed29aa34cf --- /dev/null +++ b/c/cert/src/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.md @@ -0,0 +1,16 @@ +# SIG35-C: Do not return from a computational exception signal handler + +This query implements the CERT-C rule SIG35-C: + +> Do not return from a computational exception signal handler +## CERT + +** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** + +## Implementation notes + +None + +## References + +* CERT-C: [SIG35-C: Do not return from a computational exception signal handler](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.ql b/c/cert/src/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.ql new file mode 100644 index 0000000000..040082a4de --- /dev/null +++ b/c/cert/src/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.ql @@ -0,0 +1,18 @@ +/** + * @id c/cert/do-not-return-from-a-computational-exception-handler + * @name SIG35-C: Do not return from a computational exception signal handler + * @description Do not return from a computational exception signal handler. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/cert/id/sig35-c + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert + +from +where + not isExcluded(x, SignalHandlersPackage::doNotReturnFromAComputationalExceptionHandlerQuery()) and +select diff --git a/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected b/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.qlref b/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.qlref new file mode 100644 index 0000000000..42cda5f2e7 --- /dev/null +++ b/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.qlref @@ -0,0 +1 @@ +rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql \ No newline at end of file diff --git a/c/cert/test/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.expected b/c/cert/test/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/cert/test/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/cert/test/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.qlref b/c/cert/test/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.qlref new file mode 100644 index 0000000000..d6202bdc6d --- /dev/null +++ b/c/cert/test/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.qlref @@ -0,0 +1 @@ +rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.ql \ No newline at end of file diff --git a/c/cert/test/rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.expected b/c/cert/test/rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/cert/test/rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/cert/test/rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.qlref b/c/cert/test/rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.qlref new file mode 100644 index 0000000000..11d893257f --- /dev/null +++ b/c/cert/test/rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.qlref @@ -0,0 +1 @@ +rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.ql \ No newline at end of file diff --git a/c/cert/test/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.expected b/c/cert/test/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/cert/test/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/cert/test/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.qlref b/c/cert/test/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.qlref new file mode 100644 index 0000000000..0e2aa3f976 --- /dev/null +++ b/c/cert/test/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.qlref @@ -0,0 +1 @@ +rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.ql \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index 9dfb52fb84..c61eb795fa 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -46,6 +46,7 @@ import Preprocessor5 import Preprocessor6 import SideEffects1 import SideEffects2 +import SignalHandlers import Strings1 import Strings2 import Strings3 @@ -97,6 +98,7 @@ newtype TCQuery = TPreprocessor6PackageQuery(Preprocessor6Query q) or TSideEffects1PackageQuery(SideEffects1Query q) or TSideEffects2PackageQuery(SideEffects2Query q) or + TSignalHandlersPackageQuery(SignalHandlersQuery q) or TStrings1PackageQuery(Strings1Query q) or TStrings2PackageQuery(Strings2Query q) or TStrings3PackageQuery(Strings3Query q) or @@ -148,6 +150,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isPreprocessor6QueryMetadata(query, queryId, ruleId, category) or isSideEffects1QueryMetadata(query, queryId, ruleId, category) or isSideEffects2QueryMetadata(query, queryId, ruleId, category) or + isSignalHandlersQueryMetadata(query, queryId, ruleId, category) or isStrings1QueryMetadata(query, queryId, ruleId, category) or isStrings2QueryMetadata(query, queryId, ruleId, category) or isStrings3QueryMetadata(query, queryId, ruleId, category) or diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/SignalHandlers.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/SignalHandlers.qll new file mode 100644 index 0000000000..f35a3f16b2 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/SignalHandlers.qll @@ -0,0 +1,78 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype SignalHandlersQuery = + TCallOnlyAsyncSafeFunctionsWithinSignalHandlersQuery() or + TDoNotAccessSharedObjectsInSignalHandlersQuery() or + TDoNotCallSignalFromInterruptibleSignalHandlersQuery() or + TDoNotReturnFromAComputationalExceptionHandlerQuery() + +predicate isSignalHandlersQueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `callOnlyAsyncSafeFunctionsWithinSignalHandlers` query + SignalHandlersPackage::callOnlyAsyncSafeFunctionsWithinSignalHandlersQuery() and + queryId = + // `@id` for the `callOnlyAsyncSafeFunctionsWithinSignalHandlers` query + "c/cert/call-only-async-safe-functions-within-signal-handlers" and + ruleId = "SIG30-C" and + category = "rule" + or + query = + // `Query` instance for the `doNotAccessSharedObjectsInSignalHandlers` query + SignalHandlersPackage::doNotAccessSharedObjectsInSignalHandlersQuery() and + queryId = + // `@id` for the `doNotAccessSharedObjectsInSignalHandlers` query + "c/cert/do-not-access-shared-objects-in-signal-handlers" and + ruleId = "SIG31-C" and + category = "rule" + or + query = + // `Query` instance for the `doNotCallSignalFromInterruptibleSignalHandlers` query + SignalHandlersPackage::doNotCallSignalFromInterruptibleSignalHandlersQuery() and + queryId = + // `@id` for the `doNotCallSignalFromInterruptibleSignalHandlers` query + "c/cert/do-not-call-signal-from-interruptible-signal-handlers" and + ruleId = "SIG34-C" and + category = "rule" + or + query = + // `Query` instance for the `doNotReturnFromAComputationalExceptionHandler` query + SignalHandlersPackage::doNotReturnFromAComputationalExceptionHandlerQuery() and + queryId = + // `@id` for the `doNotReturnFromAComputationalExceptionHandler` query + "c/cert/do-not-return-from-a-computational-exception-handler" and + ruleId = "SIG35-C" and + category = "rule" +} + +module SignalHandlersPackage { + Query callOnlyAsyncSafeFunctionsWithinSignalHandlersQuery() { + //autogenerate `Query` type + result = + // `Query` type for `callOnlyAsyncSafeFunctionsWithinSignalHandlers` query + TQueryC(TSignalHandlersPackageQuery(TCallOnlyAsyncSafeFunctionsWithinSignalHandlersQuery())) + } + + Query doNotAccessSharedObjectsInSignalHandlersQuery() { + //autogenerate `Query` type + result = + // `Query` type for `doNotAccessSharedObjectsInSignalHandlers` query + TQueryC(TSignalHandlersPackageQuery(TDoNotAccessSharedObjectsInSignalHandlersQuery())) + } + + Query doNotCallSignalFromInterruptibleSignalHandlersQuery() { + //autogenerate `Query` type + result = + // `Query` type for `doNotCallSignalFromInterruptibleSignalHandlers` query + TQueryC(TSignalHandlersPackageQuery(TDoNotCallSignalFromInterruptibleSignalHandlersQuery())) + } + + Query doNotReturnFromAComputationalExceptionHandlerQuery() { + //autogenerate `Query` type + result = + // `Query` type for `doNotReturnFromAComputationalExceptionHandler` query + TQueryC(TSignalHandlersPackageQuery(TDoNotReturnFromAComputationalExceptionHandlerQuery())) + } +} diff --git a/rule_packages/c/SignalHandlers.json b/rule_packages/c/SignalHandlers.json new file mode 100644 index 0000000000..dd1549f725 --- /dev/null +++ b/rule_packages/c/SignalHandlers.json @@ -0,0 +1,72 @@ +{ + "CERT-C": { + "SIG30-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Call only asynchronous-safe functions within signal handlers.", + "kind": "problem", + "name": "Call only asynchronous-safe functions within signal handlers", + "precision": "very-high", + "severity": "error", + "short_name": "CallOnlyAsyncSafeFunctionsWithinSignalHandlers", + "tags": [] + } + ], + "title": "Call only asynchronous-safe functions within signal handlers" + }, + "SIG31-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Do not access shared objects in signal handlers.", + "kind": "problem", + "name": "Do not access shared objects in signal handlers", + "precision": "very-high", + "severity": "error", + "short_name": "DoNotAccessSharedObjectsInSignalHandlers", + "tags": [] + } + ], + "title": "Do not access shared objects in signal handlers" + }, + "SIG34-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Do not call signal() from within interruptible signal handlers.", + "kind": "problem", + "name": "Do not call signal() from within interruptible signal handlers", + "precision": "very-high", + "severity": "error", + "short_name": "DoNotCallSignalFromInterruptibleSignalHandlers", + "tags": [] + } + ], + "title": "Do not call signal() from within interruptible signal handlers" + }, + "SIG35-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Do not return from a computational exception signal handler.", + "kind": "problem", + "name": "Do not return from a computational exception signal handler", + "precision": "very-high", + "severity": "error", + "short_name": "DoNotReturnFromAComputationalExceptionHandler", + "tags": [] + } + ], + "title": "Do not return from a computational exception signal handler" + } + } +} \ No newline at end of file diff --git a/rules.csv b/rules.csv index 36eea96801..29bd7f2038 100644 --- a/rules.csv +++ b/rules.csv @@ -588,10 +588,10 @@ c,CERT-C,POS54-C,OutOfScope,Rule,,,Detect and handle POSIX library errors,,,, c,CERT-C,PRE30-C,No,Rule,,,Do not create a universal character name through concatenation,,,Medium, c,CERT-C,PRE31-C,Yes,Rule,,,Avoid side effects in arguments to unsafe macros,RULE-13-2,SideEffects,Medium, c,CERT-C,PRE32-C,Yes,Rule,,,Do not use preprocessor directives in invocations of function-like macros,,Preprocessor5,Hard, -c,CERT-C,SIG30-C,Yes,Rule,,,Call only asynchronous-safe functions within signal handlers,,Contracts,Medium, -c,CERT-C,SIG31-C,Yes,Rule,,,Do not access shared objects in signal handlers,,Contracts,Medium, -c,CERT-C,SIG34-C,Yes,Rule,,,Do not call signal() from within interruptible signal handlers,,Contracts,Medium, -c,CERT-C,SIG35-C,Yes,Rule,,,Do not return from a computational exception signal handler,,Contracts,Easy, +c,CERT-C,SIG30-C,Yes,Rule,,,Call only asynchronous-safe functions within signal handlers,,SignalHandlers,Medium, +c,CERT-C,SIG31-C,Yes,Rule,,,Do not access shared objects in signal handlers,,SignalHandlers,Medium, +c,CERT-C,SIG34-C,Yes,Rule,,,Do not call signal() from within interruptible signal handlers,,SignalHandlers,Medium, +c,CERT-C,SIG35-C,Yes,Rule,,,Do not return from a computational exception signal handler,,SignalHandlers,Easy, c,CERT-C,STR30-C,Yes,Rule,,,Do not attempt to modify string literals,,Strings1,Medium, c,CERT-C,STR31-C,Yes,Rule,,,Guarantee that storage for strings has sufficient space for character data and the null terminator,STR50-CPP,Strings1,Very Hard, c,CERT-C,STR32-C,Yes,Rule,,,Do not pass a non-null-terminated character sequence to a library function that expects a string,STR51-CPP,Strings1,Very Hard, From 3e5b02a5cde75994ef827afc62168e1f2d98e6ea Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Fri, 17 Mar 2023 09:49:40 +0100 Subject: [PATCH 0753/2573] Fix typo in misra RULE-9-3 test --- c/misra/test/rules/RULE-9-3/test.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/misra/test/rules/RULE-9-3/test.c b/c/misra/test/rules/RULE-9-3/test.c index 21451e6f31..f403bf64c6 100644 --- a/c/misra/test/rules/RULE-9-3/test.c +++ b/c/misra/test/rules/RULE-9-3/test.c @@ -15,7 +15,7 @@ void test() { {0}, [1][0] = 0, 0}; // NON_COMPLIANT - not all elements // initialized with designated initializer - int l15[2] = {[1] = 0}; // COMPILANT - sparse matrix initialized with + int l15[2] = {[1] = 0}; // COMPLIANT - sparse matrix initialized with // designated initializer int l16[2][2] = {[0] = {0, 1}}; // NON_COMPLIANT - sub-elements not // initialized with designated initializer From 3875c27b13fbbdc0a6caa72c4704cc8730e194a5 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 16 Mar 2023 17:59:23 +0000 Subject: [PATCH 0754/2573] EssentialTypes: Address performance issues with stlr/utlr The calculatons for signed and unsigned type of lowest rank were expensive when there were a large number of constant expressions in the program. This commit improves performance by: 1. Creating classes to represent the set of integer constant expressions and integer constants in the program. 2. Creating a candidate table of IntegralTypes for each known constant integer value in the program, to avoid duplicate work. 3. Calculating the stlr and utlr for each constant value, not each constant expression. --- .../c/misra/EssentialTypes.qll | 90 +++++++++++++------ 1 file changed, 64 insertions(+), 26 deletions(-) diff --git a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll index 697a24513f..ceba70fbfb 100644 --- a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll +++ b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll @@ -31,24 +31,61 @@ class EssentialTypeCategory extends TEssentialTypeCategory { } } +/** + * An expression in the program that evaluates to a compile time constant signed or unsigned integer. + */ +private class ConstantIntegerExpr extends Expr { + pragma[noinline] + ConstantIntegerExpr() { + getEssentialTypeCategory(this.getType()) = + [ + EssentiallyUnsignedType().(EssentialTypeCategory), + EssentiallySignedType().(EssentialTypeCategory) + ] and + exists(this.getValue().toFloat()) and + not this instanceof Conversion + } +} + +/** A `float` which represents an integer constant in the program. */ +private class IntegerConstantAsFloat extends float { + IntegerConstantAsFloat() { exists(ConstantIntegerExpr ce | this = ce.getValue().toFloat()) } +} + +/** + * Identifies which integral types from which type categories can represent a given integer constant + * in the program. + */ +pragma[nomagic] +private predicate isCandidateIntegralType( + EssentialTypeCategory cat, IntegralType it, IntegerConstantAsFloat c +) { + getEssentialTypeCategory(it) = cat and + c = any(ConstantIntegerExpr ce).getValue().toFloat() and + // As with range analysis, we assume two's complement representation + typeLowerBound(it) <= c and + typeUpperBound(it) >= c +} + /** * Gets the unsigned type of lowest rank that can represent the value of the given expression, * assuming that the expression is essentially unsigned. */ -private IntegralType utlr(Expr const) { +pragma[nomagic] +private IntegralType utlr(ConstantIntegerExpr const) { getEssentialTypeCategory(const.getType()) = EssentiallyUnsignedType() and - getEssentialTypeCategory(result) = EssentiallyUnsignedType() and - exists(float c | c = const.getValue().toFloat() | - // As with range analysis, we assume two's complement representation - typeLowerBound(result) <= c and - typeUpperBound(result) >= c and - forall(IntegralType it | - getEssentialTypeCategory(it) = EssentiallyUnsignedType() and - typeLowerBound(it) <= c and - typeUpperBound(it) >= c - | - result.getSize() <= it.getSize() - ) + result = utlr_c(const.getValue().toFloat()) +} + +/** + * Given an integer constant that appears in the program, gets the unsigned type of lowest rank + * that can hold it. + */ +pragma[nomagic] +private IntegralType utlr_c(IntegerConstantAsFloat c) { + isCandidateIntegralType(EssentiallyUnsignedType(), result, c) and + forall(IntegralType it | isCandidateIntegralType(EssentiallyUnsignedType(), it, c) | + result.getSize() <= it.getSize() ) } @@ -56,20 +93,21 @@ private IntegralType utlr(Expr const) { * Gets the signed type of lowest rank that can represent the value of the given expression, * assuming that the expression is essentially signed. */ -private IntegralType stlr(Expr const) { +pragma[nomagic] +private IntegralType stlr(ConstantIntegerExpr const) { getEssentialTypeCategory(const.getType()) = EssentiallySignedType() and - getEssentialTypeCategory(result) = EssentiallySignedType() and - exists(float c | c = const.getValue().toFloat() | - // As with range analysis, we assume two's complement representation - typeLowerBound(result) <= c and - typeUpperBound(result) >= c and - forall(IntegralType it | - getEssentialTypeCategory(it) = EssentiallySignedType() and - typeLowerBound(it) <= c and - typeUpperBound(it) >= c - | - result.getSize() <= it.getSize() - ) + result = stlr_c(const.getValue().toFloat()) +} + +/** + * Given an integer constant that appears in the program, gets the signed type of lowest rank + * that can hold it. + */ +pragma[nomagic] +private IntegralType stlr_c(IntegerConstantAsFloat c) { + isCandidateIntegralType(EssentiallySignedType(), result, c) and + forall(IntegralType it | isCandidateIntegralType(EssentiallySignedType(), it, c) | + result.getSize() <= it.getSize() ) } From 982b5b34efbedb03c6b5b7ef3de1754426e1091f Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 16 Mar 2023 18:05:12 +0000 Subject: [PATCH 0755/2573] EssentialTypes: Improve performance of Rule 10.5 This improves the performance of Rule 10.5 by computing all the types of the cast first, before determining whether they were invalid. Previously the join orderer found the essential type category of the "from" type, then joined that will invalid type categories, then joined that with all expressions of that type before filtering down to the cast. --- .../RULE-10-5/InappropriateEssentialTypeCast.ql | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/c/misra/src/rules/RULE-10-5/InappropriateEssentialTypeCast.ql b/c/misra/src/rules/RULE-10-5/InappropriateEssentialTypeCast.ql index 10d54c4fff..1ff8374e97 100644 --- a/c/misra/src/rules/RULE-10-5/InappropriateEssentialTypeCast.ql +++ b/c/misra/src/rules/RULE-10-5/InappropriateEssentialTypeCast.ql @@ -49,16 +49,23 @@ predicate isIncompatibleEssentialTypeCast(EssentialTypeCategory fromCat, Essenti ] } +predicate isCastTypes( + Cast c, Type essentialFromType, Type essentialToType, EssentialTypeCategory fromCategory, + EssentialTypeCategory toCategory +) { + essentialFromType = getEssentialTypeBeforeConversions(c.getExpr()) and + essentialToType = c.getType() and + fromCategory = getEssentialTypeCategory(essentialFromType) and + toCategory = getEssentialTypeCategory(essentialToType) +} + from Cast c, Type essentialFromType, Type essentialToType, EssentialTypeCategory fromCategory, EssentialTypeCategory toCategory, string message where not isExcluded(c, EssentialTypesPackage::inappropriateEssentialTypeCastQuery()) and not c.isImplicit() and - essentialFromType = getEssentialTypeBeforeConversions(c.getExpr()) and - essentialToType = c.getType() and - fromCategory = getEssentialTypeCategory(essentialFromType) and - toCategory = getEssentialTypeCategory(essentialToType) and + isCastTypes(c, essentialFromType, essentialToType, fromCategory, toCategory) and isIncompatibleEssentialTypeCast(fromCategory, toCategory) and ( if fromCategory = EssentiallyEnumType() and toCategory = EssentiallyEnumType() From fdd1d5c6553bf06d1a761197e03ae02276f272fa Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 16 Mar 2023 18:12:49 +0000 Subject: [PATCH 0756/2573] EssentialTypes: Avoid recalculation of essential types --- c/misra/src/codingstandards/c/misra/EssentialTypes.qll | 1 + 1 file changed, 1 insertion(+) diff --git a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll index ceba70fbfb..9bec0e518f 100644 --- a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll +++ b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll @@ -146,6 +146,7 @@ EssentialTypeCategory getEssentialTypeCategory(Type type) { /** * Gets the essential type of the given expression `e`, considering any explicit conversions. */ +pragma[nomagic] Type getEssentialType(Expr e) { if e.hasExplicitConversion() then From bc4db01e757d481856bffd56f8e4ac664462f70b Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 17 Mar 2023 13:12:36 +0000 Subject: [PATCH 0757/2573] Add a change note. --- .../2023-03-16-essential-types-performance.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 change_notes/2023-03-16-essential-types-performance.md diff --git a/change_notes/2023-03-16-essential-types-performance.md b/change_notes/2023-03-16-essential-types-performance.md new file mode 100644 index 0000000000..115c162e89 --- /dev/null +++ b/change_notes/2023-03-16-essential-types-performance.md @@ -0,0 +1,12 @@ + * The performance of the following queries related to essential types have been improved: + * `Rule 10.1` + * `Rule 10.2` + * `Rule 10.3` + * `Rule 10.4` + * `Rule 10.5` + * `Rule 10.6` + * `Rule 10.7` + * `Rule 10.8` + * `Rule 14.1` + * `Rule 21.14` + * `Rule 21.16` \ No newline at end of file From 507d34eb99478736fbef3c1345dcbf5ccd2f82fe Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Fri, 17 Mar 2023 10:35:39 -0400 Subject: [PATCH 0758/2573] Fix testcase identifiershidden rule --- cpp/common/test/rules/identifierhidden/test.cpp | 9 ++++++++- cpp/common/test/rules/identifierhidden/test1.cpp | 2 -- 2 files changed, 8 insertions(+), 3 deletions(-) delete mode 100644 cpp/common/test/rules/identifierhidden/test1.cpp diff --git a/cpp/common/test/rules/identifierhidden/test.cpp b/cpp/common/test/rules/identifierhidden/test.cpp index aaf4a23129..90f56e7ccf 100644 --- a/cpp/common/test/rules/identifierhidden/test.cpp +++ b/cpp/common/test/rules/identifierhidden/test.cpp @@ -32,5 +32,12 @@ void f3() { template constexpr bool foo = false; // COMPLIANT namespace { -template bool foo = true; // COMPLIANT +template bool foo = true; // COMPLIANT - omit variable templates +} + +template constexpr T foo1 = T(1.1L); + +template T f(T r) { + T v = foo1 * r * r; // COMPLIANT + T v1 = foo1 * r * r; // COMPLIANT } \ No newline at end of file diff --git a/cpp/common/test/rules/identifierhidden/test1.cpp b/cpp/common/test/rules/identifierhidden/test1.cpp deleted file mode 100644 index ff4adb5381..0000000000 --- a/cpp/common/test/rules/identifierhidden/test1.cpp +++ /dev/null @@ -1,2 +0,0 @@ -template constexpr bool foo = false; // COMPLIANT -template constexpr bool foo = true; // COMPLIANT \ No newline at end of file From 1ec0766cf7c1c3a8a1aa3c32a5a4e7bec86c3bd6 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 16 Mar 2023 17:59:23 +0000 Subject: [PATCH 0759/2573] EssentialTypes: Address performance issues with stlr/utlr The calculatons for signed and unsigned type of lowest rank were expensive when there were a large number of constant expressions in the program. This commit improves performance by: 1. Creating classes to represent the set of integer constant expressions and integer constants in the program. 2. Creating a candidate table of IntegralTypes for each known constant integer value in the program, to avoid duplicate work. 3. Calculating the stlr and utlr for each constant value, not each constant expression. --- .../c/misra/EssentialTypes.qll | 90 +++++++++++++------ 1 file changed, 64 insertions(+), 26 deletions(-) diff --git a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll index 697a24513f..ceba70fbfb 100644 --- a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll +++ b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll @@ -31,24 +31,61 @@ class EssentialTypeCategory extends TEssentialTypeCategory { } } +/** + * An expression in the program that evaluates to a compile time constant signed or unsigned integer. + */ +private class ConstantIntegerExpr extends Expr { + pragma[noinline] + ConstantIntegerExpr() { + getEssentialTypeCategory(this.getType()) = + [ + EssentiallyUnsignedType().(EssentialTypeCategory), + EssentiallySignedType().(EssentialTypeCategory) + ] and + exists(this.getValue().toFloat()) and + not this instanceof Conversion + } +} + +/** A `float` which represents an integer constant in the program. */ +private class IntegerConstantAsFloat extends float { + IntegerConstantAsFloat() { exists(ConstantIntegerExpr ce | this = ce.getValue().toFloat()) } +} + +/** + * Identifies which integral types from which type categories can represent a given integer constant + * in the program. + */ +pragma[nomagic] +private predicate isCandidateIntegralType( + EssentialTypeCategory cat, IntegralType it, IntegerConstantAsFloat c +) { + getEssentialTypeCategory(it) = cat and + c = any(ConstantIntegerExpr ce).getValue().toFloat() and + // As with range analysis, we assume two's complement representation + typeLowerBound(it) <= c and + typeUpperBound(it) >= c +} + /** * Gets the unsigned type of lowest rank that can represent the value of the given expression, * assuming that the expression is essentially unsigned. */ -private IntegralType utlr(Expr const) { +pragma[nomagic] +private IntegralType utlr(ConstantIntegerExpr const) { getEssentialTypeCategory(const.getType()) = EssentiallyUnsignedType() and - getEssentialTypeCategory(result) = EssentiallyUnsignedType() and - exists(float c | c = const.getValue().toFloat() | - // As with range analysis, we assume two's complement representation - typeLowerBound(result) <= c and - typeUpperBound(result) >= c and - forall(IntegralType it | - getEssentialTypeCategory(it) = EssentiallyUnsignedType() and - typeLowerBound(it) <= c and - typeUpperBound(it) >= c - | - result.getSize() <= it.getSize() - ) + result = utlr_c(const.getValue().toFloat()) +} + +/** + * Given an integer constant that appears in the program, gets the unsigned type of lowest rank + * that can hold it. + */ +pragma[nomagic] +private IntegralType utlr_c(IntegerConstantAsFloat c) { + isCandidateIntegralType(EssentiallyUnsignedType(), result, c) and + forall(IntegralType it | isCandidateIntegralType(EssentiallyUnsignedType(), it, c) | + result.getSize() <= it.getSize() ) } @@ -56,20 +93,21 @@ private IntegralType utlr(Expr const) { * Gets the signed type of lowest rank that can represent the value of the given expression, * assuming that the expression is essentially signed. */ -private IntegralType stlr(Expr const) { +pragma[nomagic] +private IntegralType stlr(ConstantIntegerExpr const) { getEssentialTypeCategory(const.getType()) = EssentiallySignedType() and - getEssentialTypeCategory(result) = EssentiallySignedType() and - exists(float c | c = const.getValue().toFloat() | - // As with range analysis, we assume two's complement representation - typeLowerBound(result) <= c and - typeUpperBound(result) >= c and - forall(IntegralType it | - getEssentialTypeCategory(it) = EssentiallySignedType() and - typeLowerBound(it) <= c and - typeUpperBound(it) >= c - | - result.getSize() <= it.getSize() - ) + result = stlr_c(const.getValue().toFloat()) +} + +/** + * Given an integer constant that appears in the program, gets the signed type of lowest rank + * that can hold it. + */ +pragma[nomagic] +private IntegralType stlr_c(IntegerConstantAsFloat c) { + isCandidateIntegralType(EssentiallySignedType(), result, c) and + forall(IntegralType it | isCandidateIntegralType(EssentiallySignedType(), it, c) | + result.getSize() <= it.getSize() ) } From 506cc0431b652a733c5bcc02cc12f9203638506e Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 16 Mar 2023 18:05:12 +0000 Subject: [PATCH 0760/2573] EssentialTypes: Improve performance of Rule 10.5 This improves the performance of Rule 10.5 by computing all the types of the cast first, before determining whether they were invalid. Previously the join orderer found the essential type category of the "from" type, then joined that will invalid type categories, then joined that with all expressions of that type before filtering down to the cast. --- .../RULE-10-5/InappropriateEssentialTypeCast.ql | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/c/misra/src/rules/RULE-10-5/InappropriateEssentialTypeCast.ql b/c/misra/src/rules/RULE-10-5/InappropriateEssentialTypeCast.ql index 10d54c4fff..1ff8374e97 100644 --- a/c/misra/src/rules/RULE-10-5/InappropriateEssentialTypeCast.ql +++ b/c/misra/src/rules/RULE-10-5/InappropriateEssentialTypeCast.ql @@ -49,16 +49,23 @@ predicate isIncompatibleEssentialTypeCast(EssentialTypeCategory fromCat, Essenti ] } +predicate isCastTypes( + Cast c, Type essentialFromType, Type essentialToType, EssentialTypeCategory fromCategory, + EssentialTypeCategory toCategory +) { + essentialFromType = getEssentialTypeBeforeConversions(c.getExpr()) and + essentialToType = c.getType() and + fromCategory = getEssentialTypeCategory(essentialFromType) and + toCategory = getEssentialTypeCategory(essentialToType) +} + from Cast c, Type essentialFromType, Type essentialToType, EssentialTypeCategory fromCategory, EssentialTypeCategory toCategory, string message where not isExcluded(c, EssentialTypesPackage::inappropriateEssentialTypeCastQuery()) and not c.isImplicit() and - essentialFromType = getEssentialTypeBeforeConversions(c.getExpr()) and - essentialToType = c.getType() and - fromCategory = getEssentialTypeCategory(essentialFromType) and - toCategory = getEssentialTypeCategory(essentialToType) and + isCastTypes(c, essentialFromType, essentialToType, fromCategory, toCategory) and isIncompatibleEssentialTypeCast(fromCategory, toCategory) and ( if fromCategory = EssentiallyEnumType() and toCategory = EssentiallyEnumType() From 7676e7f166bb8414e18818641289f872d92b03d5 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 16 Mar 2023 18:12:49 +0000 Subject: [PATCH 0761/2573] EssentialTypes: Avoid recalculation of essential types --- c/misra/src/codingstandards/c/misra/EssentialTypes.qll | 1 + 1 file changed, 1 insertion(+) diff --git a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll index ceba70fbfb..9bec0e518f 100644 --- a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll +++ b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll @@ -146,6 +146,7 @@ EssentialTypeCategory getEssentialTypeCategory(Type type) { /** * Gets the essential type of the given expression `e`, considering any explicit conversions. */ +pragma[nomagic] Type getEssentialType(Expr e) { if e.hasExplicitConversion() then From d5196c4f475d6609c0711ce363ffe0bc6c93b1c0 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 17 Mar 2023 13:12:36 +0000 Subject: [PATCH 0762/2573] Add a change note. --- .../2023-03-16-essential-types-performance.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 change_notes/2023-03-16-essential-types-performance.md diff --git a/change_notes/2023-03-16-essential-types-performance.md b/change_notes/2023-03-16-essential-types-performance.md new file mode 100644 index 0000000000..115c162e89 --- /dev/null +++ b/change_notes/2023-03-16-essential-types-performance.md @@ -0,0 +1,12 @@ + * The performance of the following queries related to essential types have been improved: + * `Rule 10.1` + * `Rule 10.2` + * `Rule 10.3` + * `Rule 10.4` + * `Rule 10.5` + * `Rule 10.6` + * `Rule 10.7` + * `Rule 10.8` + * `Rule 14.1` + * `Rule 21.14` + * `Rule 21.16` \ No newline at end of file From e2ef4e05dbf7d3143fa284bd784907342720e812 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 17 Mar 2023 11:26:09 -0400 Subject: [PATCH 0763/2573] bump --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- docs/user_manual.md | 8 ++++---- 16 files changed, 19 insertions(+), 19 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index f5ab2b9706..55a6333b43 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards -version: 2.15.0 +version: 2.15.1 description: CERT C 2016 suites: codeql-suites license: MIT diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index a24192d7e4..79a2734e3a 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards-tests -version: 2.15.0 +version: 2.15.1 extractor: cpp license: MIT dependencies: diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index ef9ff32df1..0d885c03b0 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards -version: 2.15.0 +version: 2.15.1 license: MIT dependencies: codeql/common-cpp-coding-standards: '*' diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index a25a79e940..0aa943e037 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards-tests -version: 2.15.0 +version: 2.15.1 extractor: cpp license: MIT dependencies: diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 7599858679..d05a95b63e 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards -version: 2.15.0 +version: 2.15.1 description: MISRA C 2012 suites: codeql-suites license: MIT diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index 19ce15363f..3f7ed31588 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards-tests -version: 2.15.0 +version: 2.15.1 extractor: cpp license: MIT dependencies: diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index 378d6b4dad..5632893bcc 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards -version: 2.15.0 +version: 2.15.1 description: AUTOSAR C++14 Guidelines 20-11 suites: codeql-suites license: MIT diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index 874b5cb7b2..71dde260c1 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards-tests -version: 2.15.0 +version: 2.15.1 extractor: cpp license: MIT dependencies: diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index b96cc31cb2..723b67ca7a 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards -version: 2.15.0 +version: 2.15.1 description: CERT C++ 2016 suites: codeql-suites license: MIT diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index 743ebe3d42..ca0c308a9a 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards-tests -version: 2.15.0 +version: 2.15.1 extractor: cpp license: MIT dependencies: diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index d38ba93dc4..de29fe4115 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards -version: 2.15.0 +version: 2.15.1 license: MIT dependencies: codeql/cpp-all: 0.3.5 diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index 3b83e9e385..57f59f7bc6 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards-tests -version: 2.15.0 +version: 2.15.1 extractor: cpp license: MIT dependencies: diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index c3d9730438..51961339a3 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards -version: 2.15.0 +version: 2.15.1 description: MISRA C++ 2008 suites: codeql-suites license: MIT diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index 2020e6c4d6..9c6b0868e7 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards-tests -version: 2.15.0 +version: 2.15.1 extractor: cpp license: MIT dependencies: diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index 7d46724e46..ac8b7a364f 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/report-cpp-coding-standards -version: 2.15.0 +version: 2.15.1 license: MIT dependencies: codeql/cpp-all: 0.3.5 diff --git a/docs/user_manual.md b/docs/user_manual.md index c8cfc9793e..c8472fca11 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -26,10 +26,10 @@ This user manual documents release `2.10.0` of the coding standards located at https://github.com/github/codeql-coding-standards/releases/tag/v2.10.0 . The release page documents the release notes and contains the following artifacts part of the release: -- `code-scanning-cpp-query-pack-anon-2.15.0.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `supported_rules_list_2.15.0.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. +- `code-scanning-cpp-query-pack-anon-2.15.1.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. +- `supported_rules_list_2.15.1.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. - `upported_rules_list_2.15.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. -- `user_manual_2.15.0.md`: This user manual. +- `user_manual_2.15.1.md`: This user manual. - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards - `checksums.txt`: A text file containing sha256 checksums for the aforementioned artifacts. @@ -457,7 +457,7 @@ This section describes known failure modes for "CodeQL Coding Standards" and des | | Ouf of space | Less output. Some files may be only be partially analyzed, or not analyzed at all. | Error reported on the command line. | Increase space. If it remains an issue report space consumption issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False positives | More output. Results are reported which are not violations of the guidelines. | All reported results must be reviewed. | Report false positive issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False negatives | Less output. Violations of the guidelines are not reported. | Other validation and verification processes during software development should be used to complement the analysis performed by CodeQL Coding Standards. | Report false negative issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | -| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.15.0.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | +| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.15.1.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | | | Incorrect deviation record specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation records with a reason. Ensure that all deviation records are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Incorrect deviation permit specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation permits with a reason. Ensure that all deviation permits are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Unapproved use of a deviation record | Less output. Results for guideline violations are not reported. | Validate that the deviation record use is approved by verifying the approved-by attribute of the deviation record specification. | Ensure that each raised deviation record is approved by an independent approver through an auditable process. | From 423328b6b70f2c235de7116a628b0841496816b5 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Fri, 17 Mar 2023 16:41:26 -0700 Subject: [PATCH 0764/2573] Add supposed FP case --- cpp/autosar/test/rules/A0-1-1/test.cpp | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index c86fd067e0..ebfd74e2ac 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -20,6 +20,15 @@ struct C { void sample1(int x){}; void sample2(int y){}; +static void foo(B &b) noexcept { + b.g(); + B bar{}; + bar.g(); + B b2 = B(); + auto b3 = &b2; + b3->g(); +} + int test_useless_assignment(int &x, int p) { x = 0; // COMPLIANT - x is a reference parameter, so is visible by the caller int y = 0; // NON_COMPLIANT - never used @@ -75,9 +84,9 @@ int test_useless_assignment(int &x, int p) { A a7{1, 2}; // COMPLIANT - used in the `sample1` call below sample1(a7.f + a7.f2); // COMPLIANT - object access is a valid use - A *a8; // COMPLIANT - value not given at declaration - a8 = &a7; - sample2(a8->f); // COMPLIANT - object access is a valid use + // A *a8; // COMPLIANT - value not given at declaration + // a8 = &a7; + // sample2(a8->f); // COMPLIANT - object access is a valid use return y; } From aa3b81f73542cad7b73986376cf39d32f6f83fd3 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Fri, 17 Mar 2023 17:10:20 -0700 Subject: [PATCH 0765/2573] Add .expected for clang and qcc --- .../CtypeFunctionArgNotUnsignedCharOrEof.expected.clang | 2 ++ .../CtypeFunctionArgNotUnsignedCharOrEof.expected.qcc | 2 ++ 2 files changed, 4 insertions(+) create mode 100644 c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.expected.clang create mode 100644 c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.expected.qcc diff --git a/c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.expected.clang b/c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.expected.clang new file mode 100644 index 0000000000..6af28a74db --- /dev/null +++ b/c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.expected.clang @@ -0,0 +1,2 @@ +| test.c:14:7:14:17 | isalnum(c) | The function isalnum(c) accepts an argument (...) that is not an unsigned char nor an EOF. | +| test.c:20:7:20:17 | isalnum(c) | The function isalnum(c) accepts an argument (...) that is not an unsigned char nor an EOF. | \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.expected.qcc b/c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.expected.qcc new file mode 100644 index 0000000000..6af28a74db --- /dev/null +++ b/c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.expected.qcc @@ -0,0 +1,2 @@ +| test.c:14:7:14:17 | isalnum(c) | The function isalnum(c) accepts an argument (...) that is not an unsigned char nor an EOF. | +| test.c:20:7:20:17 | isalnum(c) | The function isalnum(c) accepts an argument (...) that is not an unsigned char nor an EOF. | \ No newline at end of file From 68f0caa11b2188083256a53158229260ff19a972 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 20 Mar 2023 12:30:17 +0100 Subject: [PATCH 0766/2573] Remove test f2b from FIO38-C tests --- .vscode/settings.json | 8 +++++ c/cert/test/rules/FIO38-C/test.c | 6 ---- c/cert/test/rules/FIO38-C/test.c.clang | 6 ---- c/cert/test/rules/FIO38-C/test.c.gcc | 6 ---- c/cert/test/rules/FIO38-C/test.c.qcc | 50 -------------------------- scripts/build_test_database.py | 4 +-- 6 files changed, 10 insertions(+), 70 deletions(-) create mode 100644 .vscode/settings.json delete mode 100644 c/cert/test/rules/FIO38-C/test.c.qcc diff --git a/.vscode/settings.json b/.vscode/settings.json new file mode 100644 index 0000000000..3cab0f0e4c --- /dev/null +++ b/.vscode/settings.json @@ -0,0 +1,8 @@ +{ + "files.associations": { + "*.jq": "json", + "*.py": "python", + "stdio.h": "c" + }, + "sarif-viewer.connectToGithubCodeScanning": "off" +} \ No newline at end of file diff --git a/c/cert/test/rules/FIO38-C/test.c b/c/cert/test/rules/FIO38-C/test.c index 0d77a30dbf..b20f6792d6 100644 --- a/c/cert/test/rules/FIO38-C/test.c +++ b/c/cert/test/rules/FIO38-C/test.c @@ -18,12 +18,6 @@ int f2(void) { FILE my_stdout2 = *my_stdout; // NON_COMPLIANT return fputs("Hello, World!\n", my_stdout); } -int f2b(void) { - FILE *const *my_stdout; - my_stdout = &stdout; // COMPLIANT - FILE my_stdout2 = **my_stdout; // NON_COMPLIANT - return fputs("Hello, World!\n", *my_stdout); -} int f3(void) { FILE my_stdout; diff --git a/c/cert/test/rules/FIO38-C/test.c.clang b/c/cert/test/rules/FIO38-C/test.c.clang index f1b3f616ca..81eb9db7d9 100644 --- a/c/cert/test/rules/FIO38-C/test.c.clang +++ b/c/cert/test/rules/FIO38-C/test.c.clang @@ -11,12 +11,6 @@ int f2(void) { FILE my_stdout2 = *my_stdout; // NON_COMPLIANT return fputs("Hello, World!\n", my_stdout); } -int f2b(void) { - FILE *const *my_stdout; - my_stdout = &stdout; // COMPLIANT - FILE my_stdout2 = **my_stdout; // NON_COMPLIANT - return fputs("Hello, World!\n", *my_stdout); -} int f3(void) { FILE my_stdout; diff --git a/c/cert/test/rules/FIO38-C/test.c.gcc b/c/cert/test/rules/FIO38-C/test.c.gcc index f1b3f616ca..81eb9db7d9 100644 --- a/c/cert/test/rules/FIO38-C/test.c.gcc +++ b/c/cert/test/rules/FIO38-C/test.c.gcc @@ -11,12 +11,6 @@ int f2(void) { FILE my_stdout2 = *my_stdout; // NON_COMPLIANT return fputs("Hello, World!\n", my_stdout); } -int f2b(void) { - FILE *const *my_stdout; - my_stdout = &stdout; // COMPLIANT - FILE my_stdout2 = **my_stdout; // NON_COMPLIANT - return fputs("Hello, World!\n", *my_stdout); -} int f3(void) { FILE my_stdout; diff --git a/c/cert/test/rules/FIO38-C/test.c.qcc b/c/cert/test/rules/FIO38-C/test.c.qcc deleted file mode 100644 index 45b1dcbde4..0000000000 --- a/c/cert/test/rules/FIO38-C/test.c.qcc +++ /dev/null @@ -1,50 +0,0 @@ -#include -// Workaround for the Musl implementing FILE as an incomplete type. -#if !defined(__DEFINED_struct__IO_FILE) -struct _IO_FILE { - char __x; -}; -#define __DEFINED_struct__IO_FILE -#endif - -int f1(void) { - FILE my_stdout = *stdout; // NON_COMPLIANT - return fputs("Hello, World!\n", &my_stdout); -} - -int f2(void) { - FILE *my_stdout; - my_stdout = stdout; // COMPLIANT - FILE my_stdout2 = *my_stdout; // NON_COMPLIANT - return fputs("Hello, World!\n", my_stdout); -} -int f2b(void) { - FILE *const *my_stdout; - // my_stdout = &stdout; // does not compile in qcc - FILE my_stdout2 = **my_stdout; // NON_COMPLIANT - return fputs("Hello, World!\n", *my_stdout); -} - -int f3(void) { - FILE my_stdout; - my_stdout = *stdout; // NON_COMPLIANT - return fputs("Hello, World!\n", &my_stdout); -} - -int f4(void) { - FILE *my_stdout; - my_stdout = fopen("file.txt", "w"); // COMPLIANT - return fputs("Hello, World!\n", my_stdout); -} - -int f5helper(FILE my_stdout) { return fputs("Hello, World!\n", &my_stdout); } -int f5(void) { - FILE *my_stdout = fopen("file.txt", "w"); // COMPLIANT - return f5helper(*my_stdout); // NON_COMPLIANT -} - -int f6helper(FILE *my_stdout) { return fputs("Hello, World!\n", my_stdout); } -int f6(void) { - FILE *my_stdout = fopen("file.txt", "w"); // COMPLIANT - return f6helper(my_stdout); // COMPLIANT -} diff --git a/scripts/build_test_database.py b/scripts/build_test_database.py index 3f8acde999..d8876691a8 100644 --- a/scripts/build_test_database.py +++ b/scripts/build_test_database.py @@ -47,7 +47,7 @@ exit(1) # get the codeql version -res = subprocess.run(['codeql', 'version', '--format', 'json'], stdout=subprocess.PIPE) +res = subprocess.run(['/Users/mauro/GitHub/coding-standards/codeql-bundle-20220908/codeql', 'version', '--format', 'json'], stdout=subprocess.PIPE) res_json = json.loads(res.stdout) CODEQL_VERSION=res_json["version"] @@ -67,4 +67,4 @@ while os.path.exists(f"databases/{RULE}+{ITERATION}@{CODEQL_VERSION}"): ITERATION = ITERATION + 1 -os.system(f"codeql database create -l cpp -s {LANGUAGE}/{STANDARD}/test/rules/{RULE} --command=\"{BUILD_COMMAND}\" databases/{RULE}+{ITERATION}@{CODEQL_VERSION}") +os.system(f"/Users/mauro/GitHub/coding-standards/codeql-bundle-20220908/codeql database create -l cpp -s {LANGUAGE}/{STANDARD}/test/rules/{RULE} --command=\"{BUILD_COMMAND}\" databases/{RULE}+{ITERATION}@{CODEQL_VERSION}") From 4988ffdbc42d2ca6f6ec9d89d8f7b3910ff95030 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 20 Mar 2023 12:50:44 +0100 Subject: [PATCH 0767/2573] Update `.expected` files --- c/cert/test/rules/FIO38-C/DoNotCopyAFileObject.expected | 5 ++--- .../test/rules/FIO38-C/DoNotCopyAFileObject.expected.clang | 5 ++--- c/cert/test/rules/FIO38-C/DoNotCopyAFileObject.expected.gcc | 5 ++--- 3 files changed, 6 insertions(+), 9 deletions(-) diff --git a/c/cert/test/rules/FIO38-C/DoNotCopyAFileObject.expected b/c/cert/test/rules/FIO38-C/DoNotCopyAFileObject.expected index 21bd3a894a..72ee574f06 100644 --- a/c/cert/test/rules/FIO38-C/DoNotCopyAFileObject.expected +++ b/c/cert/test/rules/FIO38-C/DoNotCopyAFileObject.expected @@ -1,5 +1,4 @@ | test.c:11:20:11:26 | * ... | A FILE object is being copied. | | test.c:18:21:18:30 | * ... | A FILE object is being copied. | -| test.c:24:21:24:31 | * ... | A FILE object is being copied. | -| test.c:30:15:30:21 | * ... | A FILE object is being copied. | -| test.c:43:19:43:28 | * ... | A FILE object is being copied. | +| test.c:24:15:24:21 | * ... | A FILE object is being copied. | +| test.c:37:19:37:28 | * ... | A FILE object is being copied. | diff --git a/c/cert/test/rules/FIO38-C/DoNotCopyAFileObject.expected.clang b/c/cert/test/rules/FIO38-C/DoNotCopyAFileObject.expected.clang index 50449f4a2f..4a4bc614b3 100644 --- a/c/cert/test/rules/FIO38-C/DoNotCopyAFileObject.expected.clang +++ b/c/cert/test/rules/FIO38-C/DoNotCopyAFileObject.expected.clang @@ -1,5 +1,4 @@ | test.c:4:20:4:26 | * ... | A FILE object is being copied. | | test.c:11:21:11:30 | * ... | A FILE object is being copied. | -| test.c:17:21:17:31 | * ... | A FILE object is being copied. | -| test.c:23:15:23:21 | * ... | A FILE object is being copied. | -| test.c:36:19:36:28 | * ... | A FILE object is being copied. | +| test.c:17:15:17:21 | * ... | A FILE object is being copied. | +| test.c:30:19:30:28 | * ... | A FILE object is being copied. | diff --git a/c/cert/test/rules/FIO38-C/DoNotCopyAFileObject.expected.gcc b/c/cert/test/rules/FIO38-C/DoNotCopyAFileObject.expected.gcc index 50449f4a2f..4a4bc614b3 100644 --- a/c/cert/test/rules/FIO38-C/DoNotCopyAFileObject.expected.gcc +++ b/c/cert/test/rules/FIO38-C/DoNotCopyAFileObject.expected.gcc @@ -1,5 +1,4 @@ | test.c:4:20:4:26 | * ... | A FILE object is being copied. | | test.c:11:21:11:30 | * ... | A FILE object is being copied. | -| test.c:17:21:17:31 | * ... | A FILE object is being copied. | -| test.c:23:15:23:21 | * ... | A FILE object is being copied. | -| test.c:36:19:36:28 | * ... | A FILE object is being copied. | +| test.c:17:15:17:21 | * ... | A FILE object is being copied. | +| test.c:30:19:30:28 | * ... | A FILE object is being copied. | From cb6c97da4e25b2fa2a1ddc9210cfdc4364985b74 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 20 Mar 2023 17:14:00 +0100 Subject: [PATCH 0768/2573] Update build_test_database.py --- scripts/build_test_database.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/build_test_database.py b/scripts/build_test_database.py index d8876691a8..3f8acde999 100644 --- a/scripts/build_test_database.py +++ b/scripts/build_test_database.py @@ -47,7 +47,7 @@ exit(1) # get the codeql version -res = subprocess.run(['/Users/mauro/GitHub/coding-standards/codeql-bundle-20220908/codeql', 'version', '--format', 'json'], stdout=subprocess.PIPE) +res = subprocess.run(['codeql', 'version', '--format', 'json'], stdout=subprocess.PIPE) res_json = json.loads(res.stdout) CODEQL_VERSION=res_json["version"] @@ -67,4 +67,4 @@ while os.path.exists(f"databases/{RULE}+{ITERATION}@{CODEQL_VERSION}"): ITERATION = ITERATION + 1 -os.system(f"/Users/mauro/GitHub/coding-standards/codeql-bundle-20220908/codeql database create -l cpp -s {LANGUAGE}/{STANDARD}/test/rules/{RULE} --command=\"{BUILD_COMMAND}\" databases/{RULE}+{ITERATION}@{CODEQL_VERSION}") +os.system(f"codeql database create -l cpp -s {LANGUAGE}/{STANDARD}/test/rules/{RULE} --command=\"{BUILD_COMMAND}\" databases/{RULE}+{ITERATION}@{CODEQL_VERSION}") From 0fda6b715db1cea7e681c7906777d6697c964d8d Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 20 Mar 2023 17:15:57 +0100 Subject: [PATCH 0769/2573] Delete settings.json --- .vscode/settings.json | 8 -------- 1 file changed, 8 deletions(-) delete mode 100644 .vscode/settings.json diff --git a/.vscode/settings.json b/.vscode/settings.json deleted file mode 100644 index 3cab0f0e4c..0000000000 --- a/.vscode/settings.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "files.associations": { - "*.jq": "json", - "*.py": "python", - "stdio.h": "c" - }, - "sarif-viewer.connectToGithubCodeScanning": "off" -} \ No newline at end of file From 4c9f1921708aa8da9387f0343fd188b63a3d91cf Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Mon, 20 Mar 2023 09:24:32 -0700 Subject: [PATCH 0770/2573] Add FP suspect case --- cpp/autosar/test/rules/A0-1-1/test.cpp | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index 98c8058219..0871c0bf7c 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -17,6 +17,18 @@ struct C { int m; }; +template void test() { + T t; + t.g(); +} + +template void call_test() { + // call it with type parameter B to trigger indexing + test(); +} + +void call_call_test() { call_test(); } + int test_useless_assignment(int &x, int p) { x = 0; // COMPLIANT - x is a reference parameter, so is visible by the caller int y = 0; // NON_COMPLIANT - never used From f9f8ecb7d794917f0656f27b0cd9fd93652e0a2f Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Mon, 20 Mar 2023 09:28:30 -0700 Subject: [PATCH 0771/2573] Oops, wrong branch --- cpp/autosar/test/rules/A0-1-1/test.cpp | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index 0871c0bf7c..98c8058219 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -17,18 +17,6 @@ struct C { int m; }; -template void test() { - T t; - t.g(); -} - -template void call_test() { - // call it with type parameter B to trigger indexing - test(); -} - -void call_call_test() { call_test(); } - int test_useless_assignment(int &x, int p) { x = 0; // COMPLIANT - x is a reference parameter, so is visible by the caller int y = 0; // NON_COMPLIANT - never used From 55962dc2e0fd0c5d0e867c0892080bb98476478f Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Mon, 20 Mar 2023 09:35:39 -0700 Subject: [PATCH 0772/2573] Add FP suspect case --- cpp/autosar/test/rules/A0-1-1/test.cpp | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index ebfd74e2ac..b02c56f7af 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -29,6 +29,18 @@ static void foo(B &b) noexcept { b3->g(); } +template void test() { + T t; + t.g(); +} + +template void call_test() { + // call it with type parameter B to trigger indexing + test(); +} + +void call_call_test() { call_test(); } + int test_useless_assignment(int &x, int p) { x = 0; // COMPLIANT - x is a reference parameter, so is visible by the caller int y = 0; // NON_COMPLIANT - never used From 845ba29654fa16b42ddcda9ef597446182e64713 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Mon, 20 Mar 2023 10:08:17 -0700 Subject: [PATCH 0773/2573] Another FP suspect case --- cpp/autosar/test/rules/A0-1-1/test.cpp | 2 ++ 1 file changed, 2 insertions(+) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index b02c56f7af..3319064b5b 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -27,6 +27,8 @@ static void foo(B &b) noexcept { B b2 = B(); auto b3 = &b2; b3->g(); + auto b2 = b; + b2.g(); } template void test() { From d10812fd532a14d56804df729998f643bcf3bce3 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 20 Mar 2023 23:11:35 +0100 Subject: [PATCH 0774/2573] Implement SIG30-C Extract library Signal.qll --- .../DoNotRelyOnIndeterminateValuesOfErrno.ql | 28 +--- ...yAsyncSafeFunctionsWithinSignalHandlers.ql | 107 ++++++++++++++- ...SafeFunctionsWithinSignalHandlers.expected | 5 +- c/cert/test/rules/SIG30-C/test.c | 123 ++++++++++++++++++ c/common/src/codingstandards/c/Signal.qll | 29 +++++ 5 files changed, 264 insertions(+), 28 deletions(-) create mode 100644 c/cert/test/rules/SIG30-C/test.c create mode 100644 c/common/src/codingstandards/c/Signal.qll diff --git a/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql b/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql index 1182b30eab..baccfbd348 100644 --- a/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql +++ b/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql @@ -13,21 +13,9 @@ import cpp import codingstandards.c.cert import codingstandards.c.Errno +import codingstandards.c.Signal import semmle.code.cpp.controlflow.Guards -/** - * A call to function `signal` - */ -class SignalCall extends FunctionCall { - SignalCall() { this.getTarget().hasGlobalName("signal") } -} - -/** - * A call to `abort` or `_Exit` - */ -class AbortCall extends FunctionCall { - AbortCall() { this.getTarget().hasGlobalName(["abort", "_Exit"]) } -} /** * A check on `signal` call return value @@ -47,9 +35,7 @@ class SignalCheckOperation extends EqualityOperation, GuardCondition { ) } - BasicBlock getCheckedSuccessor() { - result != errorSuccessor and result = this.getASuccessor() - } + BasicBlock getCheckedSuccessor() { result != errorSuccessor and result = this.getASuccessor() } BasicBlock getErrorSuccessor() { result = errorSuccessor } } @@ -57,12 +43,8 @@ class SignalCheckOperation extends EqualityOperation, GuardCondition { /** * Models signal handlers that call signal() and return */ -class SignalCallingHandler extends Function { - SignalCall registration; - +class SignalCallingHandler extends SignalHandler { SignalCallingHandler() { - // is a signal handler - this = registration.getArgument(1).(FunctionAccess).getTarget() and // calls signal() on the handled signal exists(SignalCall sCall | sCall.getEnclosingFunction() = this and @@ -75,8 +57,6 @@ class SignalCallingHandler extends Function { ) ) } - - SignalCall getCall() { result = registration } } /** @@ -100,7 +80,7 @@ where not isExcluded(errno, Contracts5Package::doNotRelyOnIndeterminateValuesOfErrnoQuery()) and exists(SignalCallingHandler handler | // errno read after the handler returns - handler.getCall() = signal + handler.getRegistration() = signal or // errno read inside the handler signal.getEnclosingFunction() = handler diff --git a/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql b/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql index 03592474eb..5e08e292bf 100644 --- a/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql +++ b/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql @@ -11,8 +11,109 @@ import cpp import codingstandards.c.cert +import codingstandards.c.Signal +import semmle.code.cpp.dataflow.DataFlow -from +/** + * Does not an access an external variable except + * to assign a value to a volatile static variable of sig_atomic_t type + */ +class AsyncSafeVariableAccess extends VariableAccess { + AsyncSafeVariableAccess() { + this.getTarget() instanceof StackVariable + or + this.getTarget().getType().hasName("volatile sig_atomic_t") and // TODO search without "volatile" + this.isModified() and + this.getTarget().isVolatile() + } +} + +abstract class AsyncSafeFunction extends Function { } + +/** + * C standard library ayncronous-safe functions + */ +class CAsyncSafeFunction extends AsyncSafeFunction { + //tion, or the signal function with the first argument equal to the signal number corresponding to the signal that caused the invocation of the handler + CAsyncSafeFunction() { this.hasGlobalName(["abort", "_Exit", "quick_exit", "signal"]) } +} + +/** + * POSIX defined ayncronous-safe functions + */ +class PosixAsyncSafeFunction extends AsyncSafeFunction { + PosixAsyncSafeFunction() { + this.hasGlobalName([ + "_Exit", "_exit", "abort", "accept", "access", "aio_error", "aio_return", "aio_suspend", + "alarm", "bind", "cfgetispeed", "cfgetospeed", "cfsetispeed", "cfsetospeed", "chdir", + "chmod", "chown", "clock_gettime", "close", "connect", "creat", "dup", "dup2", "execl", + "execle", "execv", "execve", "faccessat", "fchdir", "fchmod", "fchmodat", "fchown", + "fchownat", "fcntl", "fdatasync", "fexecve", "fork", "fstat", "fstatat", "fsync", + "ftruncate", "futimens", "getegid", "geteuid", "getgid", "getgroups", "getpeername", + "getpgrp", "getpid", "getppid", "getsockname", "getsockopt", "getuid", "kill", "link", + "linkat", "listen", "lseek", "lstat", "mkdir", "mkdirat", "mkfifo", "mkfifoat", "mknod", + "mknodat", "open", "openat", "pause", "pipe", "poll", "posix_trace_event", "pselect", + "pthread_kill", "pthread_self", "pthread_sigmask", "raise", "read", "readlink", + "readlinkat", "recv", "recvfrom", "recvmsg", "rename", "renameat", "rmdir", "select", + "sem_post", "send", "sendmsg", "sendto", "setgid", "setpgid", "setsid", "setsockopt", + "setuid", "shutdown", "sigaction", "sigaddset", "sigdelset", "sigemptyset", "sigfillset", + "sigismember", "signal", "sigpause", "sigpending", "sigprocmask", "sigqueue", "sigset", + "sigsuspend", "sleep", "sockatmark", "socket", "socketpair", "stat", "symlink", "symlinkat", + "tcdrain", "tcflow", "tcflush", "tcgetattr", "tcgetpgrp", "tcsendbreak", "tcsetattr", + "tcsetpgrp", "time", "timer_getoverrun", "timer_gettime", "timer_settime", "times", "umask", + "uname", "unlink", "unlinkat", "utime", "utimensat", "utimes", "wait", "waitpid", "write" + ]) + } +} + +/** + * Application defined ayncronous-safe functions + */ +class ApplicationAsyncSafeFunction extends AsyncSafeFunction { + pragma[nomagic] + ApplicationAsyncSafeFunction() { + // Application-defined + this.hasDefinition() and + exists(this.getFile().getRelativePath()) and + // Only references async-safe variables + not exists(VariableAccess va | + this = va.getEnclosingFunction() and not va instanceof AsyncSafeVariableAccess + ) and + // Only calls async-safe functions + not exists(Function f | this.calls(f) and not f instanceof AsyncSafeFunction) + } +} + +/** + * Call to function `raise` withing a signal handler with mismatching signals + * ``` + * void int_handler(int signum) { + * raise(SIGTERM); + * } + * int main(void) { + * signal(SIGINT, int_handler); + * } + * ``` + */ +class AsyncUnsafeRaiseCall extends FunctionCall { + AsyncUnsafeRaiseCall() { + this.getTarget().hasGlobalName("raise") and + exists(SignalHandler handler | handler = this.getEnclosingFunction() | + not handler.getRegistration().getArgument(0).getValue() = this.getArgument(0).getValue() and + not DataFlow::localFlow(DataFlow::parameterNode(handler.getParameter(0)), + DataFlow::exprNode(this.getArgument(0))) + ) + } +} + +from FunctionCall fc, SignalHandler handler where - not isExcluded(x, SignalHandlersPackage::callOnlyAsyncSafeFunctionsWithinSignalHandlersQuery()) and -select + not isExcluded(fc, SignalHandlersPackage::callOnlyAsyncSafeFunctionsWithinSignalHandlersQuery()) and + handler = fc.getEnclosingFunction() and + ( + not fc.getTarget() instanceof AsyncSafeFunction + or + fc instanceof AsyncUnsafeRaiseCall + ) +select fc, "Asyncronous-unsafe function calls within a $@ can lead to undefined behavior.", + handler.getRegistration(), "signal handler" diff --git a/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected b/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected index 2ec1a0ac6c..99d7e6040e 100644 --- a/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected +++ b/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected @@ -1 +1,4 @@ -No expected results have yet been specified \ No newline at end of file +| test.c:11:3:11:18 | call to log_local_unsafe | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:17:7:17:12 | call to signal | signal handler | +| test.c:12:3:12:6 | call to free | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:17:7:17:12 | call to signal | signal handler | +| test.c:48:3:48:9 | call to longjmp | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:52:7:52:12 | call to signal | signal handler | +| test.c:78:7:78:11 | call to raise | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:93:7:93:12 | call to signal | signal handler | diff --git a/c/cert/test/rules/SIG30-C/test.c b/c/cert/test/rules/SIG30-C/test.c new file mode 100644 index 0000000000..ebc5fb326d --- /dev/null +++ b/c/cert/test/rules/SIG30-C/test.c @@ -0,0 +1,123 @@ +#include +#include +#include + +enum { MAXLINE = 1024 }; +char *info = NULL; + +void log_local_unsafe(void) { fputs(info, stderr); } + +void handler1(int signum) { + log_local_unsafe(); // NON_COMPLIANT + free(info); // NON_COMPLIANT + info = NULL; +} + +int f1(void) { + if (signal(SIGINT, handler1) == SIG_ERR) // COMPLIANT + { + //... + } + + log_local_unsafe(); // COMPLIANT + + return 0; +} + +volatile sig_atomic_t eflag = 0; + +void handler2(int signum) { eflag = 1; } + +int f2(void) { + if (signal(SIGINT, handler2) == SIG_ERR) { + // ... + } + + while (!eflag) { + log_local_unsafe(); // COMPLIANT + } + + return 0; +} + +#include + +static jmp_buf env; + +void handler3(int signum) { + longjmp(env, 1); // NON_COMPLIANT +} + +int f3(void) { + if (signal(SIGINT, handler3) == SIG_ERR) { + // ... + } + log_local_unsafe(); + + return 0; +} + +int f4(void) { + if (signal(SIGINT, handler2) == SIG_ERR) { + // ... + } + + while (!eflag) { + + log_local_unsafe(); + } + + return 0; +} + +void term_handler(int signum) { // SIGTERM handler +} + +void int_handler(int signum) { + // SIGINT handler + if (raise(SIGTERM) != 0) { // NON_COMPLIANT + // ... + } + if (raise(SIGINT) != 0) { // COMPLIANT + // ... + } + if (raise(signum) != 0) { // COMPLIANT + // ... + } +} + +int f5(void) { + if (signal(SIGTERM, term_handler) == SIG_ERR) { + // ... + } + if (signal(SIGINT, int_handler) == SIG_ERR) { + // ... + } + + if (raise(SIGINT) != 0) { + // ... + } + + return EXIT_SUCCESS; +} + +void int_handler6(int signum) { + + term_handler(SIGTERM); // COMPLIANT +} + +int f6(void) { + if (signal(SIGTERM, term_handler) == SIG_ERR) { + // ... + } + if (signal(SIGINT, int_handler6) == SIG_ERR) { + // ... + } + + if (raise(SIGINT) != 0) // COMPLIANT + { + // ... + } + + return EXIT_SUCCESS; +} diff --git a/c/common/src/codingstandards/c/Signal.qll b/c/common/src/codingstandards/c/Signal.qll new file mode 100644 index 0000000000..9b177ca315 --- /dev/null +++ b/c/common/src/codingstandards/c/Signal.qll @@ -0,0 +1,29 @@ +import cpp + +/** + * A call to function `signal` + */ +class SignalCall extends FunctionCall { + SignalCall() { this.getTarget().hasGlobalName("signal") } +} + +/** + * A signal handler + */ +class SignalHandler extends Function { + SignalCall registration; + + SignalHandler() { + // is a signal handler + this = registration.getArgument(1).(FunctionAccess).getTarget() + } + + SignalCall getRegistration() { result = registration } +} + +/** + * A call to `abort` or `_Exit` or `quick_exit` + */ +class AbortCall extends FunctionCall { + AbortCall() { this.getTarget().hasGlobalName(["abort", "_Exit", "quick_exit"]) } +} From 0be6b45278e55352cab41d63525981d61085fa70 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 20 Mar 2023 23:20:02 +0100 Subject: [PATCH 0775/2573] Fix CI issues --- ...yAsyncSafeFunctionsWithinSignalHandlers.md | 364 +++++++++++++++++- ...oNotAccessSharedObjectsInSignalHandlers.md | 170 +++++++- ...llSignalFromInterruptibleSignalHandlers.md | 130 ++++++- ...eturnFromAComputationalExceptionHandler.md | 107 ++++- c/cert/test/rules/SIG30-C/test.c | 2 +- c/cert/test/rules/SIG31-C/test.c | 0 c/cert/test/rules/SIG34-C/test.c | 0 c/cert/test/rules/SIG35-C/test.c | 0 8 files changed, 764 insertions(+), 9 deletions(-) create mode 100644 c/cert/test/rules/SIG31-C/test.c create mode 100644 c/cert/test/rules/SIG34-C/test.c create mode 100644 c/cert/test/rules/SIG35-C/test.c diff --git a/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.md b/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.md index e130262dd9..c83c7e5e88 100644 --- a/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.md +++ b/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.md @@ -5,9 +5,369 @@ This query implements the CERT-C rule SIG30-C: > Call only asynchronous-safe functions within signal handlers -## CERT -** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** +## Description + +Call only [asynchronous-safe functions](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-asynchronous-safefunction) within signal handlers. For [strictly conforming](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-strictlyconforming) programs, only the C standard library functions `abort()`, `_Exit()`, `quick_exit()`, and `signal()` can be safely called from within a signal handler. + +The C Standard, 7.14.1.1, paragraph 5 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\], states that if the signal occurs other than as the result of calling the `abort()` or `raise()` function, the behavior is [undefined](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior) if + +> ...the signal handler calls any function in the standard library other than the `abort` function, the `_Exit` function, the `quick_exit` function, or the `signal` function with the first argument equal to the signal number corresponding to the signal that caused the invocation of the handler. + + +Implementations may define a list of additional asynchronous-safe functions. These functions can also be called within a signal handler. This restriction applies to library functions as well as application-defined functions. + +According to the C Rationale, 7.14.1.1 \[[C99 Rationale 2003](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-C992003)\], + +> When a signal occurs, the normal flow of control of a program is interrupted. If a signal occurs that is being trapped by a signal handler, that handler is invoked. When it is finished, execution continues at the point at which the signal occurred. This arrangement can cause problems if the signal handler invokes a library function that was being executed at the time of the signal. + + +In general, it is not safe to invoke I/O functions from within signal handlers. Programmers should ensure a function is included in the list of an implementation's asynchronous-safe functions for all implementations the code will run on before using them in signal handlers. + +## Noncompliant Code Example + +In this noncompliant example, the C standard library functions `fputs()` and `free()` are called from the signal handler via the function `log_message()`. Neither function is [asynchronous-safe](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-asynchronous-safefunction). + +```cpp +#include +#include +#include + +enum { MAXLINE = 1024 }; +char *info = NULL; + +void log_message(void) { + fputs(info, stderr); +} + +void handler(int signum) { + log_message(); + free(info); + info = NULL; +} + +int main(void) { + if (signal(SIGINT, handler) == SIG_ERR) { + /* Handle error */ + } + info = (char *)malloc(MAXLINE); + if (info == NULL) { + /* Handle Error */ + } + + while (1) { + /* Main loop program code */ + + log_message(); + + /* More program code */ + } + return 0; +} + +``` + +## Compliant Solution + +Signal handlers should be as concise as possible—ideally by unconditionally setting a flag and returning. This compliant solution sets a flag of type `volatile sig_atomic_t` and returns; the `log_message()` and `free()` functions are called directly from `main()`: + +```cpp +#include +#include +#include + +enum { MAXLINE = 1024 }; +volatile sig_atomic_t eflag = 0; +char *info = NULL; + +void log_message(void) { + fputs(info, stderr); +} + +void handler(int signum) { + eflag = 1; +} + +int main(void) { + if (signal(SIGINT, handler) == SIG_ERR) { + /* Handle error */ + } + info = (char *)malloc(MAXLINE); + if (info == NULL) { + /* Handle error */ + } + + while (!eflag) { + /* Main loop program code */ + + log_message(); + + /* More program code */ + } + + log_message(); + free(info); + info = NULL; + + return 0; +} + +``` + +## Noncompliant Code Example (longjmp()) + +Invoking the `longjmp()` function from within a signal handler can lead to [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior) if it results in the invocation of any non-[asynchronous-safe](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-asynchronous-safe) functions. Consequently, neither `longjmp()` nor the POSIX `siglongjmp()` functions should ever be called from within a signal handler. + +This noncompliant code example is similar to a [vulnerability](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) in an old version of Sendmail \[[VU \#834865](http://www.kb.cert.org/vuls/id/834865)\]. The intent is to execute code in a `main()` loop, which also logs some data. Upon receiving a `SIGINT`, the program transfers out of the loop, logs the error, and terminates. + +However, an attacker can [exploit](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-exploit) this noncompliant code example by generating a `SIGINT` just before the second `if` statement in `log_message()`. The result is that `longjmp()` transfers control back to `main()`, where `log_message()` is called again. However, the first `if` statement would not be executed this time (because `buf` is not set to `NULL` as a result of the interrupt), and the program would write to the invalid memory location referenced by `buf0`. + +```cpp +#include +#include +#include + +enum { MAXLINE = 1024 }; +static jmp_buf env; + +void handler(int signum) { + longjmp(env, 1); +} + +void log_message(char *info1, char *info2) { + static char *buf = NULL; + static size_t bufsize; + char buf0[MAXLINE]; + + if (buf == NULL) { + buf = buf0; + bufsize = sizeof(buf0); + } + + /* + * Try to fit a message into buf, else reallocate + * it on the heap and then log the message. + */ + + /* Program is vulnerable if SIGINT is raised here */ + + if (buf == buf0) { + buf = NULL; + } +} + +int main(void) { + if (signal(SIGINT, handler) == SIG_ERR) { + /* Handle error */ + } + char *info1; + char *info2; + + /* info1 and info2 are set by user input here */ + + if (setjmp(env) == 0) { + while (1) { + /* Main loop program code */ + log_message(info1, info2); + /* More program code */ + } + } else { + log_message(info1, info2); + } + + return 0; +} + +``` + +## Compliant Solution + +In this compliant solution, the call to `longjmp()` is removed; the signal handler sets an error flag instead: + +```cpp +#include +#include + +enum { MAXLINE = 1024 }; +volatile sig_atomic_t eflag = 0; + +void handler(int signum) { + eflag = 1; +} + +void log_message(char *info1, char *info2) { + static char *buf = NULL; + static size_t bufsize; + char buf0[MAXLINE]; + + if (buf == NULL) { + buf = buf0; + bufsize = sizeof(buf0); + } + + /* + * Try to fit a message into buf, else reallocate + * it on the heap and then log the message. + */ + if (buf == buf0) { + buf = NULL; + } +} + +int main(void) { + if (signal(SIGINT, handler) == SIG_ERR) { + /* Handle error */ + } + char *info1; + char *info2; + + /* info1 and info2 are set by user input here */ + + while (!eflag) { + /* Main loop program code */ + log_message(info1, info2); + /* More program code */ + } + + log_message(info1, info2); + + return 0; +} +``` + +## Noncompliant Code Example (raise()) + +In this noncompliant code example, the `int_handler()` function is used to carry out tasks specific to `SIGINT` and then raises `SIGTERM`. However, there is a nested call to the `raise()` function, which is [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). + +```cpp +#include +#include + +void term_handler(int signum) { + /* SIGTERM handler */ +} + +void int_handler(int signum) { + /* SIGINT handler */ + if (raise(SIGTERM) != 0) { + /* Handle error */ + } +} + +int main(void) { + if (signal(SIGTERM, term_handler) == SIG_ERR) { + /* Handle error */ + } + if (signal(SIGINT, int_handler) == SIG_ERR) { + /* Handle error */ + } + + /* Program code */ + if (raise(SIGINT) != 0) { + /* Handle error */ + } + /* More code */ + + return EXIT_SUCCESS; +} + +``` + +## Compliant Solution + +In this compliant solution, `int_handler()` invokes `term_handler()` instead of raising `SIGTERM`: + +```cpp +#include +#include + +void term_handler(int signum) { + /* SIGTERM handler */ +} + +void int_handler(int signum) { + /* SIGINT handler */ + /* Pass control to the SIGTERM handler */ + term_handler(SIGTERM); +} + +int main(void) { + if (signal(SIGTERM, term_handler) == SIG_ERR) { + /* Handle error */ + } + if (signal(SIGINT, int_handler) == SIG_ERR) { + /* Handle error */ + } + + /* Program code */ + if (raise(SIGINT) != 0) { + /* Handle error */ + } + /* More code */ + + return EXIT_SUCCESS; +} + +``` + +## Implementation Details + +**POSIX** + +The following table from the POSIX standard \[[IEEE Std 1003.1:2013](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-IEEEStd1003.1-2013)\] defines a set of functions that are [asynchronous-signal-safe](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-asynchronous-safefunction). Applications may invoke these functions, without restriction, from a signal handler. + +
    _Exit() fexecve() posix_trace_event() sigprocmask()
    _exit() fork() pselect() sigqueue()
    abort() fstat() pthread_kill() sigset()
    accept() fstatat() pthread_self() sigsuspend()
    access() fsync() pthread_sigmask() sleep()
    aio_error() ftruncate() raise() sockatmark()
    aio_return() futimens() read() socket()
    aio_suspend() getegid() readlink() socketpair()
    alarm() geteuid() readlinkat() stat()
    bind() getgid() recv() symlink()
    cfgetispeed() getgroups() recvfrom() symlinkat()
    cfgetospeed() getpeername() recvmsg() tcdrain()
    cfsetispeed() getpgrp() rename() tcflow()
    cfsetospeed() getpid() renameat() tcflush()
    chdir() getppid() rmdir() tcgetattr()
    chmod() getsockname() select() tcgetpgrp()
    chown() getsockopt() sem_post() tcsendbreak()
    clock_gettime() getuid() send() tcsetattr()
    close() kill() sendmsg() tcsetpgrp()
    connect() link() sendto() time()
    creat() linkat() setgid() timer_getoverrun()
    dup() listen() setpgid() timer_gettime()
    dup2() lseek() setsid() timer_settime()
    execl() lstat() setsockopt() times()
    execle() mkdir() setuid() umask()
    execv() mkdirat() shutdown() uname()
    execve() mkfifo() sigaction() unlink()
    faccessat() mkfifoat() sigaddset() unlinkat()
    fchdir() mknod() sigdelset() utime()
    fchmod() mknodat() sigemptyset() utimensat()
    fchmodat() open() sigfillset() utimes()
    fchown() openat() sigismember() wait()
    fchownat() pause() signal() waitpid()
    fcntl() pipe() sigpause() write()
    fdatasync() poll() sigpending()
    +All functions not listed in this table are considered to be unsafe with respect to signals. In the presence of signals, all POSIX functions behave as defined when called from or interrupted by a signal handler, with a single exception: when a signal interrupts an unsafe function and the signal handler calls an unsafe function, the behavior is undefined. + + +The C Standard, 7.14.1.1, paragraph 4 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\], states + +> If the signal occurs as the result of calling the abort or raise function, the signal handler shall not call the raise function. + + +However, in the description of `signal()`, POSIX \[[IEEE Std 1003.1:2013](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-IEEEStd1003.1-2013)\] states + +> This restriction does not apply to POSIX applications, as POSIX.1-2008 requires `raise()` to be async-signal-safe. + + +See also [undefined behavior 131.](https://wiki.sei.cmu.edu/confluence/display/c/CC.+Undefined+Behavior#CC.UndefinedBehavior-ub_131) + +**OpenBSD** + +The OpenBSD [signal()](http://www.openbsd.org/cgi-bin/man.cgi?query=signal) manual page lists a few additional functions that are asynchronous-safe in OpenBSD but "probably not on other systems" \[[OpenBSD](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-OpenBSD)\], including `snprintf()`, `vsnprintf()`, and `syslog_r()` but only when the `syslog_data struct` is initialized as a local variable. + +## Risk Assessment + +Invoking functions that are not [asynchronous-safe](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-asynchronous-safefunction) from within a signal handler is [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). + +
    Rule Severity Likelihood Remediation Cost Priority Level
    SIG30-C High Likely Medium P18 L1
    + + +## Automated Detection + +
    Tool Version Checker Description
    Astrée 22.04 signal-handler-unsafe-call Partially checked
    Axivion Bauhaus Suite 7.2.0 CertC-SIG30
    CodeSonar 7.2p0 BADFUNC.SIGNAL Use of signal
    Compass/ROSE Can detect violations of the rule for single-file programs
    Helix QAC 2022.4 C2028, C2030
    LDRA tool suite 9.7.1 88 D, 89 D Partially implemented
    Parasoft C/C++test 2022.2 CERT_C-SIG30-a Properly define signal handlers
    PC-lint Plus 1.4 2670, 2761 Fully supported
    Polyspace Bug Finder R2022b CERT C: Rule SIG30-C Checks for function called from signal handler not asynchronous-safe (rule fully covered)
    PRQA QA-C 9.7 2028, 2030
    RuleChecker 22.04 signal-handler-unsafe-call Partially checked
    Splint 3.1.1
    + + +## Related Vulnerabilities + +For an overview of software vulnerabilities resulting from improper signal handling, see Michal Zalewski's paper "Delivering Signals for Fun and Profit" \[[Zalewski 2001](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-Zalewski01)\]. + +CERT Vulnerability Note [VU \#834865](http://www.kb.cert.org/vuls/id/834865), "Sendmail signal I/O race condition," describes a vulnerability resulting from a violation of this rule. Another notable case where using the `longjmp()` function in a signal handler caused a serious vulnerability is [wu-ftpd 2.4](http://seclists.org/bugtraq/1997/Jan/0011.html) \[[Greenman 1997](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-Greenman97)\]. The effective user ID is set to 0 in one signal handler. If a second signal interrupts the first, a call is made to `longjmp()`, returning the program to the main thread but without lowering the user's privileges. These escalated privileges can be used for further exploitation. + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+SIG30-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
    Taxonomy Taxonomy item Relationship
    ISO/IEC TS 17961:2013 Calling functions in the C Standard Library other than abort , _Exit , and signal from within a signal handler \[asyncsig\] Prior to 2018-01-12: CERT: Unspecified Relationship
    CWE 2.11 CWE-479 , Signal Handler Use of a Non-reentrant Function 2017-07-10: CERT: Exact
    + + +## Bibliography + +
    \[ C99 Rationale 2003 \] Subclause 5.2.3, "Signals and Interrupts" Subclause 7.14.1.1, "The signal Function"
    \[ Dowd 2006 \] Chapter 13, "Synchronization and State"
    \[ Greenman 1997 \]
    \[ IEEE Std 1003.1:2013 \] XSH, System Interfaces, longjmp XSH, System Interfaces, raise
    \[ ISO/IEC 9899:2011 \] 7.14.1.1, "The signal Function"
    \[ OpenBSD \] signal() Man Page
    \[ VU \#834865 \]
    \[ Zalewski 2001 \] "Delivering Signals for Fun and Profit"
    +adjust column widths + ## Implementation notes diff --git a/c/cert/src/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.md b/c/cert/src/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.md index 626f5bde09..89c5b84ba7 100644 --- a/c/cert/src/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.md +++ b/c/cert/src/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.md @@ -5,9 +5,175 @@ This query implements the CERT-C rule SIG31-C: > Do not access shared objects in signal handlers -## CERT -** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** +## Description + +Accessing or modifying shared objects in signal handlers can result in race conditions that can leave data in an inconsistent state. The two exceptions (C Standard, 5.1.2.3, paragraph 5) to this rule are the ability to read from and write to lock-free atomic objects and variables of type `volatile sig_atomic_t`. Accessing any other type of object from a signal handler is [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). (See [undefined behavior 131](https://wiki.sei.cmu.edu/confluence/display/c/CC.+Undefined+Behavior#CC.UndefinedBehavior-ub_131).) + +The need for the `volatile` keyword is described in [DCL22-C. Use volatile for data that cannot be cached](https://wiki.sei.cmu.edu/confluence/display/c/DCL22-C.+Use+volatile+for+data+that+cannot+be+cached). + +The type `sig_atomic_t` is the integer type of an object that can be accessed as an atomic entity even in the presence of asynchronous interrupts. The type of `sig_atomic_t` is [implementation-defined](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation-definedbehavior), though it provides some guarantees. Integer values ranging from `SIG_ATOMIC_MIN` through `SIG_ATOMIC_MAX`, inclusive, may be safely stored to a variable of the type. In addition, when `sig_atomic_t` is a signed integer type, `SIG_ATOMIC_MIN` must be no greater than `−127` and `SIG_ATOMIC_MAX` no less than `127`. Otherwise, `SIG_ATOMIC_MIN` must be `0` and `SIG_ATOMIC_MAX` must be no less than `255`. The macros `SIG_ATOMIC_MIN` and `SIG_ATOMIC_MAX` are defined in the header ``. + +According to the C99 Rationale \[[C99 Rationale 2003](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-C992003)\], other than calling a limited, prescribed set of library functions, + +> the C89 Committee concluded that about the only thing a [strictly conforming](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-strictlyconforming) program can do in a signal handler is to assign a value to a `volatile static` variable which can be written uninterruptedly and promptly return. + + +However, this issue was discussed at the April 2008 meeting of ISO/IEC WG14, and it was agreed that there are no known [implementations](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation) in which it would be an error to read a value from a `volatile sig_atomic_t` variable, and the original intent of the committee was that both reading and writing variables of `volatile sig_atomic_t` would be strictly conforming. + +The signal handler may also call a handful of functions, including `abort().` (See [SIG30-C. Call only asynchronous-safe functions within signal handlers](https://wiki.sei.cmu.edu/confluence/display/c/SIG30-C.+Call+only+asynchronous-safe+functions+within+signal+handlers) for more information.) + +## Noncompliant Code Example + +In this noncompliant code example, `err_msg` is updated to indicate that the `SIGINT` signal was delivered. The `err_msg` variable is a character pointer and not a variable of type `volatile sig_atomic_t`. + +```cpp +#include +#include +#include + +enum { MAX_MSG_SIZE = 24 }; +char *err_msg; + +void handler(int signum) { + strcpy(err_msg, "SIGINT encountered."); +} + +int main(void) { + signal(SIGINT, handler); + + err_msg = (char *)malloc(MAX_MSG_SIZE); + if (err_msg == NULL) { + /* Handle error */ + } + strcpy(err_msg, "No errors yet."); + /* Main code loop */ + return 0; +} + +``` + +## Compliant Solution (Writing volatile sig_atomic_t) + +For maximum portability, signal handlers should only unconditionally set a variable of type `volatile sig_atomic_t` and return, as in this compliant solution: + +```cpp +#include +#include +#include + +enum { MAX_MSG_SIZE = 24 }; +volatile sig_atomic_t e_flag = 0; + +void handler(int signum) { + e_flag = 1; +} + +int main(void) { + char *err_msg = (char *)malloc(MAX_MSG_SIZE); + if (err_msg == NULL) { + /* Handle error */ + } + + signal(SIGINT, handler); + strcpy(err_msg, "No errors yet."); + /* Main code loop */ + if (e_flag) { + strcpy(err_msg, "SIGINT received."); + } + return 0; +} + +``` + +## Compliant Solution (Lock-Free Atomic Access) + +Signal handlers can refer to objects with static or thread storage durations that are lock-free atomic objects, as in this compliant solution: + +```cpp +#include +#include +#include +#include + +#ifdef __STDC_NO_ATOMICS__ +#error "Atomics are not supported" +#elif ATOMIC_INT_LOCK_FREE == 0 +#error "int is never lock-free" +#endif + +atomic_int e_flag = ATOMIC_VAR_INIT(0); + +void handler(int signum) { + e_flag = 1; +} + +int main(void) { + enum { MAX_MSG_SIZE = 24 }; + char err_msg[MAX_MSG_SIZE]; +#if ATOMIC_INT_LOCK_FREE == 1 + if (!atomic_is_lock_free(&e_flag)) { + return EXIT_FAILURE; + } +#endif + if (signal(SIGINT, handler) == SIG_ERR) { + return EXIT_FAILURE; + } + strcpy(err_msg, "No errors yet."); + /* Main code loop */ + if (e_flag) { + strcpy(err_msg, "SIGINT received."); + } + return EXIT_SUCCESS; +} + +``` + +## Exceptions + +**SIG31-C-EX1:** The C Standard, 7.14.1.1 paragraph 5 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO%2FIEC9899-2011)\], makes a special exception for `errno` when a valid call to the `signal()` function results in a `SIG_ERR` return, allowing `errno` to take an indeterminate value. (See [ERR32-C. Do not rely on indeterminate values of errno](https://wiki.sei.cmu.edu/confluence/display/c/SIG31-C.+Do+not+access+shared+objects+in+signal+handlers#).) + +## Risk Assessment + +Accessing or modifying shared objects in signal handlers can result in accessing data in an inconsistent state. Michal Zalewski's paper "Delivering Signals for Fun and Profit" \[[Zalewski 2001](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-Zalewski01)\] provides some examples of [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) that can result from violating this and other signal-handling rules. + +
    Rule Severity Likelihood Remediation Cost Priority Level
    SIG31-C High Likely High P9 L2
    + + +## Automated Detection + +
    Tool Version Checker Description
    Astrée 22.04 signal-handler-shared-access Partially checked
    Axivion Bauhaus Suite 7.2.0 CertC-SIG31
    CodeSonar 7.2p0 CONCURRENCY.DATARACE Data race
    Compass/ROSE Can detect violations of this rule for single-file programs
    Helix QAC 2022.4 C2029, C2030 C++3854, C++3855
    LDRA tool suite 9.7.1 87 D Fully implemented
    Parasoft C/C++test 2022.2 CERT_C-SIG31-a Properly define signal handlers
    PC-lint Plus 1.4 2765 Fully supported
    Polyspace Bug Finder R2022b CERT C: Rule SIG31-C Checks for shared data access within signal handler (rule partially covered)
    PRQA QA-C 9.7 2029, 2030
    RuleChecker 22.04 signal-handler-shared-access Partially checked
    + + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+SIG31-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
    Taxonomy Taxonomy item Relationship
    ISO/IEC TS 17961:2013 Accessing shared objects in signal handlers \[accsig\] Prior to 2018-01-12: CERT: Unspecified Relationship
    CWE 2.11 CWE-662 , Improper Synchronization 2017-07-10: CERT: Rule subset of CWE
    CWE 2.11 CWE-828 , Signal Handler with Functionality that is not Asynchronous-Safe 2017-10-30:MITRE:Unspecified Relationship 2018-10-19:CERT: Rule subset of CWE
    + + +## CERT-CWE Mapping Notes + +[Key here](https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=87152408#HowthisCodingStandardisOrganized-CERT-CWEMappingNotes) for mapping notes + +**CWE-662 and SIG31-C** + +CWE-662 = Union( SIG31-C, list) where list = + +* Improper synchronization of shared objects between threads +* Improper synchronization of files between programs (enabling TOCTOU race conditions +**CWE-828 and SIG31-C** + +CWE-828 = SIG31-C + non-async-safe things besides shared objects. + +## Bibliography + +
    \[ C99 Rationale 2003 \] 5.2.3, "Signals and Interrupts"
    \[ ISO/IEC 9899:2011 \] Subclause 7.14.1.1, "The signal Function"
    \[ Zalewski 2001 \]
    + ## Implementation notes diff --git a/c/cert/src/rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.md b/c/cert/src/rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.md index f959a2e356..6df55597f8 100644 --- a/c/cert/src/rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.md +++ b/c/cert/src/rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.md @@ -5,9 +5,135 @@ This query implements the CERT-C rule SIG34-C: > Do not call signal() from within interruptible signal handlers -## CERT -** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** +## Description + +A signal handler should not reassert its desire to handle its own signal. This is often done on *nonpersistent* platforms—that is, platforms that, upon receiving a signal, reset the handler for the signal to SIG_DFL before calling the bound signal handler. Calling` signal()` under these conditions presents a race condition. (See [SIG01-C. Understand implementation-specific details regarding signal handler persistence](https://wiki.sei.cmu.edu/confluence/display/c/SIG01-C.+Understand+implementation-specific+details+regarding+signal+handler+persistence).) + +A signal handler may call `signal()` only if it does not need to be [asynchronous-safe](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-asynchronous-safefunction) (that is, if all relevant signals are masked so that the handler cannot be interrupted). + +## Noncompliant Code Example (POSIX) + +On nonpersistent platforms, this noncompliant code example contains a race window, starting when the host environment resets the signal and ending when the handler calls `signal()`. During that time, a second signal sent to the program will trigger the default signal behavior, consequently defeating the persistent behavior implied by the call to `signal()` from within the handler to reassert the binding. + +If the environment is persistent (that is, it does not reset the handler when the signal is received), the `signal()` call from within the `handler()` function is redundant. + +```cpp +#include + +void handler(int signum) { + if (signal(signum, handler) == SIG_ERR) { + /* Handle error */ + } + /* Handle signal */ +} + +void func(void) { + if (signal(SIGUSR1, handler) == SIG_ERR) { + /* Handle error */ + } +} +``` + +## Compliant Solution (POSIX) + +Calling the `signal()` function from within the signal handler to reassert the binding is unnecessary for persistent platforms, as in this compliant solution: + +```cpp +#include + +void handler(int signum) { + /* Handle signal */ +} + +void func(void) { + if (signal(SIGUSR1, handler) == SIG_ERR) { + /* Handle error */ + } +} +``` + +## Compliant Solution (POSIX) + +POSIX defines the `sigaction()` function, which assigns handlers to signals in a similar manner to `signal()` but allows the caller to explicitly set persistence. Consequently, the `sigaction()` function can be used to eliminate the race window on nonpersistent platforms, as in this compliant solution: + +```cpp +#include +#include + +void handler(int signum) { + /* Handle signal */ +} + +void func(void) { + struct sigaction act; + act.sa_handler = handler; + act.sa_flags = 0; + if (sigemptyset(&act.sa_mask) != 0) { + /* Handle error */ + } + if (sigaction(SIGUSR1, &act, NULL) != 0) { + /* Handle error */ + } +} +``` +Although the handler in this example does not call `signal()`, it could do so safely because the signal is masked and the handler cannot be interrupted. If the same handler is installed for more than one signal, the signals must be masked explicitly in `act.sa_mask` to ensure that the handler cannot be interrupted because the system masks only the signal being delivered. + +POSIX recommends that new applications should use `sigaction()` rather than `signal()`. The `sigaction()` function is not defined by the C Standard and is not supported on some platforms, including Windows. + +## Compliant Solution (Windows) + +There is no safe way to implement persistent signal-handler behavior on Windows platforms, and it should not be attempted. If a design depends on this behavior, and the design cannot be altered, it may be necessary to claim a deviation from this rule after completing an appropriate risk analysis. + +The reason for this is that Windows is a nonpersistent platform as discussed above. Just before calling the current handler function, Windows resets the handler for the next occurrence of the same signal to `SIG_DFL`. If the handler calls `signal()` to reinstall itself, there is still a race window. A signal might occur between the start of the handler and the call to `signal()`, which would invoke the default behavior instead of the desired handler. + +## Exceptions + +**SIG34-C-EX1:** For implementations with persistent signal handlers, it is safe for a handler to modify the behavior of its own signal. Behavior modifications include ignoring the signal, resetting to the default behavior, and having the signal handled by a different handler. A handler reasserting its binding is also safe but unnecessary. + +The following code example resets a signal handler to the system's default behavior: + +```cpp +#include + +void handler(int signum) { +#if !defined(_WIN32) + if (signal(signum, SIG_DFL) == SIG_ERR) { + /* Handle error */ + } +#endif + /* Handle signal */ +} + +void func(void) { + if (signal(SIGUSR1, handler) == SIG_ERR) { + /* Handle error */ + } +} +``` + +## Risk Assessment + +Two signals in quick succession can trigger a race condition on nonpersistent platforms, causing the signal's default behavior despite a handler's attempt to override it. + +
    Rule Severity Likelihood Remediation Cost Priority Level
    SIG34-C Low Unlikely Low P3 L3
    + + +## Automated Detection + +
    Tool Version Checker Description
    Astrée 22.04 signal-handler-signal-call Partially checked
    Axivion Bauhaus Suite 7.2.0 CertC-SIG34
    CodeSonar 7.2p0 BADFUNC.SIGNAL Use of signal
    Compass/ROSE Can detect violations of this rule. However, false positives may occur on systems with persistent handlers
    Helix QAC 2022.4 C5021 C++5022
    Klocwork 2022.4 MISRA.STDLIB.SIGNAL
    LDRA tool suite 9.7.1 97 D Fully implemented
    Parasoft C/C++test 2022.2 CERT_C-SIG34-a Properly define signal handlers
    PC-lint Plus 1.4 2762, 2763 Fully supported
    Polyspace Bug Finder R2022b CERT C: Rule SIG34-C Checks for signal call from within signal handler (rule partially covered)
    PRQA QA-C 9.7 5021 Partially implemented
    PRQA QA-C++ 4.4 5022
    RuleChecker 22.04 signal-handler-signal-call Partially checked
    + + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+SIG34-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
    Taxonomy Taxonomy item Relationship
    CERT C Secure Coding Standard SIG01-C. Understand implementation-specific details regarding signal handler persistence Prior to 2018-01-12: CERT: Unspecified Relationship
    ISO/IEC TS 17961:2013 Calling signal from interruptible signal handlers \[sigcall\] Prior to 2018-01-12: CERT: Unspecified Relationship
    + ## Implementation notes diff --git a/c/cert/src/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.md b/c/cert/src/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.md index ed29aa34cf..70a90d5327 100644 --- a/c/cert/src/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.md +++ b/c/cert/src/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.md @@ -3,9 +3,112 @@ This query implements the CERT-C rule SIG35-C: > Do not return from a computational exception signal handler -## CERT -** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** + +## Description + +According to the C Standard, 7.14.1.1 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\], if a signal handler returns when it has been entered as a result of a computational exception (that is, with the value of its argument of `SIGFPE`, `SIGILL`, `SIGSEGV`, or any other implementation-defined value corresponding to such an exception) returns, then the behavior is [undefined](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). (See [undefined behavior 130](https://wiki.sei.cmu.edu/confluence/display/c/CC.+Undefined+Behavior#CC.UndefinedBehavior-130).) + +The Portable Operating System Interface (POSIX®), Base Specifications, Issue 7 \[[IEEE Std 1003.1:2013](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-IEEEStd1003.1-2013)\], adds `SIGBUS` to the list of computational exception signal handlers: + +> The behavior of a process is undefined after it returns normally from a signal-catching function for a `SIGBUS`, `SIGFPE`, `SIGILL`, or `SIGSEGV` signal that was not generated by `kill()`, `sigqueue()`, or `raise()`. + + +Do not return from `SIGFPE`, `SIGILL`, `SIGSEGV`, or any other implementation-defined value corresponding to a computational exception, such as `SIGBUS` on POSIX systems, regardless of how the signal was generated. + +## Noncompliant Code Example + +In this noncompliant code example, the division operation has undefined behavior if `denom` equals `0.` (See [INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors](https://wiki.sei.cmu.edu/confluence/display/c/INT33-C.+Ensure+that+division+and+remainder+operations+do+not+result+in+divide-by-zero+errors)) and may result in a `SIGFPE` signal to the program.) + +```cpp +#include +#include +#include +#include + +volatile sig_atomic_t denom; + +void sighandle(int s) { + /* Fix the offending volatile */ + if (denom == 0) { + denom = 1; + } +} + +int main(int argc, char *argv[]) { + if (argc < 2) { + return 0; + } + + char *end = NULL; + long temp = strtol(argv[1], &end, 10); + + if (end == argv[1] || 0 != *end || + ((LONG_MIN == temp || LONG_MAX == temp) && errno == ERANGE)) { + /* Handle error */ + } + + denom = (sig_atomic_t)temp; + signal(SIGFPE, sighandle); + + long result = 100 / (long)denom; + return 0; +} + +``` +When compiled with some implementations, this noncompliant code example will loop infinitely if given the input `0`. It illustrates that even when a `SIGFPE` handler attempts to fix the error condition while obeying all other rules of signal handling, the program still does not behave as expected. + +## Compliant Solution + +The only portably safe way to leave a `SIGFPE`, `SIGILL`, or `SIGSEGV` handler is to invoke `abort()`, `quick_exit()`, or `_Exit()`. In the case of `SIGFPE`, the default action is [abnormal termination](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-abnormaltermination), so no user-defined handler is required: + +```cpp +#include +#include +#include +#include + +int main(int argc, char *argv[]) { + if (argc < 2) { + return 0; + } + + char *end = NULL; + long denom = strtol(argv[1], &end, 10); + + if (end == argv[1] || 0 != *end || + ((LONG_MIN == denom || LONG_MAX == denom) && errno == ERANGE)) { + /* Handle error */ + } + + long result = 100 / denom; + return 0; +} +``` +**Implementation Details** + +Some implementations define useful behavior for programs that return from one or more of these signal handlers. For example, Solaris provides the `sigfpe()` function specifically to set a `SIGFPE` handler that a program may safely return from. [Oracle](http://docs.oracle.com/) also provides platform-specific computational exceptions for the `SIGTRAP`, `SIGBUS`, and `SIGEMT` signals. Finally, GNU libsigsegv takes advantage of the ability to return from a `SIGSEGV` handler to implement page-level memory management in user mode. + +## Risk Assessment + +Returning from a computational exception signal handler is [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). + +
    Rule Severity Likelihood Remediation Cost Priority Level
    SIG35-C Low Unlikely High P1 L3
    + + +## Automated Detection + +
    Tool Version Checker Description
    Axivion Bauhaus Suite 7.2.0 CertC-SIG35
    CodeSonar 7.2p0 LANG.STRUCT.RFCESH Return from Computational Exception Signal Handler
    Helix QAC 2022.4 DF4846, DF4847, DF4848
    Klocwork 2022.4 CERT.STDLIB.SIGNAL
    LDRA tool suite 9.7.1 44 S Enhanced enforcement
    Parasoft C/C++test 2022.2 CERT_C-SIG35-a Do not return from a computational exception signal handler
    PC-lint Plus 1.4 2671, 2764 Fully supported
    Polyspace Bug Finder R2022b CERT C: Rule SIG35-C Checks for return from computational exception signal handler (rule fully covered)
    + + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+SIG35-C). + +## Bibliography + +
    \[ IEEE Std 1003.1:2013 \] 2.4.1, Signal Generation and Delivery
    \[ ISO/IEC 9899:2011 \] Subclause 7.14.1.1, "The signal Function"
    + ## Implementation notes diff --git a/c/cert/test/rules/SIG30-C/test.c b/c/cert/test/rules/SIG30-C/test.c index ebc5fb326d..b5487bc81e 100644 --- a/c/cert/test/rules/SIG30-C/test.c +++ b/c/cert/test/rules/SIG30-C/test.c @@ -81,7 +81,7 @@ void int_handler(int signum) { if (raise(SIGINT) != 0) { // COMPLIANT // ... } - if (raise(signum) != 0) { // COMPLIANT + if (raise(signum) != 0) { // COMPLIANT // ... } } diff --git a/c/cert/test/rules/SIG31-C/test.c b/c/cert/test/rules/SIG31-C/test.c new file mode 100644 index 0000000000..e69de29bb2 diff --git a/c/cert/test/rules/SIG34-C/test.c b/c/cert/test/rules/SIG34-C/test.c new file mode 100644 index 0000000000..e69de29bb2 diff --git a/c/cert/test/rules/SIG35-C/test.c b/c/cert/test/rules/SIG35-C/test.c new file mode 100644 index 0000000000..e69de29bb2 From 437d78144add22b3186da6b371b753e800de2a44 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 20 Mar 2023 23:26:19 +0100 Subject: [PATCH 0776/2573] Fix CI issues --- .../SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.md | 1 - .../rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.md | 1 - .../SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.md | 1 - 3 files changed, 3 deletions(-) diff --git a/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.md b/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.md index c83c7e5e88..3f0eb24400 100644 --- a/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.md +++ b/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.md @@ -5,7 +5,6 @@ This query implements the CERT-C rule SIG30-C: > Call only asynchronous-safe functions within signal handlers - ## Description Call only [asynchronous-safe functions](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-asynchronous-safefunction) within signal handlers. For [strictly conforming](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-strictlyconforming) programs, only the C standard library functions `abort()`, `_Exit()`, `quick_exit()`, and `signal()` can be safely called from within a signal handler. diff --git a/c/cert/src/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.md b/c/cert/src/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.md index 89c5b84ba7..6792d829d1 100644 --- a/c/cert/src/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.md +++ b/c/cert/src/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.md @@ -5,7 +5,6 @@ This query implements the CERT-C rule SIG31-C: > Do not access shared objects in signal handlers - ## Description Accessing or modifying shared objects in signal handlers can result in race conditions that can leave data in an inconsistent state. The two exceptions (C Standard, 5.1.2.3, paragraph 5) to this rule are the ability to read from and write to lock-free atomic objects and variables of type `volatile sig_atomic_t`. Accessing any other type of object from a signal handler is [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). (See [undefined behavior 131](https://wiki.sei.cmu.edu/confluence/display/c/CC.+Undefined+Behavior#CC.UndefinedBehavior-ub_131).) diff --git a/c/cert/src/rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.md b/c/cert/src/rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.md index 6df55597f8..98683e5d9b 100644 --- a/c/cert/src/rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.md +++ b/c/cert/src/rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.md @@ -5,7 +5,6 @@ This query implements the CERT-C rule SIG34-C: > Do not call signal() from within interruptible signal handlers - ## Description A signal handler should not reassert its desire to handle its own signal. This is often done on *nonpersistent* platforms—that is, platforms that, upon receiving a signal, reset the handler for the signal to SIG_DFL before calling the bound signal handler. Calling` signal()` under these conditions presents a race condition. (See [SIG01-C. Understand implementation-specific details regarding signal handler persistence](https://wiki.sei.cmu.edu/confluence/display/c/SIG01-C.+Understand+implementation-specific+details+regarding+signal+handler+persistence).) From 8b627610c9a8a3cafec6031bb9bc482df0e943e2 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Tue, 21 Mar 2023 02:09:03 +0100 Subject: [PATCH 0777/2573] Rule SIG31-C --- ...yAsyncSafeFunctionsWithinSignalHandlers.ql | 4 +- ...oNotAccessSharedObjectsInSignalHandlers.md | 2 +- ...oNotAccessSharedObjectsInSignalHandlers.ql | 35 ++++++++++++++-- ...FunctionsWithinSignalHandlers.expected.qcc | 4 ++ ...cessSharedObjectsInSignalHandlers.expected | 2 +- c/cert/test/rules/SIG31-C/test.c | 40 +++++++++++++++++++ .../includes/standard-library/stdatomic.h | 6 ++- rule_packages/c/SignalHandlers.json | 13 +++++- 8 files changed, 96 insertions(+), 10 deletions(-) create mode 100644 c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected.qcc diff --git a/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql b/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql index 5e08e292bf..2096a44cea 100644 --- a/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql +++ b/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql @@ -6,6 +6,8 @@ * @precision very-high * @problem.severity error * @tags external/cert/id/sig30-c + * correctness + * security * external/cert/obligation/rule */ @@ -22,7 +24,7 @@ class AsyncSafeVariableAccess extends VariableAccess { AsyncSafeVariableAccess() { this.getTarget() instanceof StackVariable or - this.getTarget().getType().hasName("volatile sig_atomic_t") and // TODO search without "volatile" + this.getType().hasName("volatile sig_atomic_t") and // TODO search without "volatile" this.isModified() and this.getTarget().isVolatile() } diff --git a/c/cert/src/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.md b/c/cert/src/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.md index 6792d829d1..5f1f815d23 100644 --- a/c/cert/src/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.md +++ b/c/cert/src/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.md @@ -176,7 +176,7 @@ CWE-828 = SIG31-C + non-async-safe things besides shared objects. ## Implementation notes -None +The implementation does not verify the correct usage of `atomic_is_lock_free`. ## References diff --git a/c/cert/src/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.ql b/c/cert/src/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.ql index d821529c84..efef0e0630 100644 --- a/c/cert/src/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.ql +++ b/c/cert/src/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.ql @@ -6,13 +6,42 @@ * @precision very-high * @problem.severity error * @tags external/cert/id/sig31-c + * correctness + * security * external/cert/obligation/rule */ import cpp import codingstandards.c.cert +import codingstandards.c.Signal -from +/** + * Does not an access an external variable except + * to assign a value to a volatile static variable of sig_atomic_t type + */ +class UnsafeSharedVariableAccess extends VariableAccess { + UnsafeSharedVariableAccess() { + // static or thread local storage duration + ( + this.getTarget() instanceof StaticStorageDurationVariable or + this.getTarget().isThreadLocal() + ) and + // excluding `volatile sig_atomic_t` type + not ( + this.getType().hasName("volatile sig_atomic_t") and // TODO search without "volatile" + this.getTarget().isVolatile() + ) and //excluding lock-free atomic objects + not exists(MacroInvocation mi, VariableAccess va | + mi.getMacroName() = "atomic_is_lock_free" and + mi.getExpr().getChild(0) = va.getEnclosingElement*() and + va.getTarget() = this.getTarget() + ) + } +} + +from UnsafeSharedVariableAccess va, SignalHandler handler where - not isExcluded(x, SignalHandlersPackage::doNotAccessSharedObjectsInSignalHandlersQuery()) and -select + not isExcluded(va, SignalHandlersPackage::doNotAccessSharedObjectsInSignalHandlersQuery()) and + handler = va.getEnclosingFunction() +select va, "Shared object access within a $@ can lead to undefined behavior.", + handler.getRegistration(), "signal handler" diff --git a/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected.qcc b/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected.qcc new file mode 100644 index 0000000000..c5f7cece02 --- /dev/null +++ b/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected.qcc @@ -0,0 +1,4 @@ +| test.c:11:3:11:18 | call to log_local_unsafe | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:17:7:17:12 | call to signal | signal handler | +| test.c:12:3:12:6 | call to free | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:17:7:17:12 | call to signal | signal handler | +| test.c:48:3:48:17 | call to siglongjmp | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:52:7:52:12 | call to signal | signal handler | +| test.c:78:7:78:11 | call to raise | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:93:7:93:12 | call to signal | signal handler | diff --git a/c/cert/test/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.expected b/c/cert/test/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.expected index 2ec1a0ac6c..2a0f3e6bde 100644 --- a/c/cert/test/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.expected +++ b/c/cert/test/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.expected @@ -1 +1 @@ -No expected results have yet been specified \ No newline at end of file +| test.c:7:10:7:16 | err_msg | Shared object access within a $@ can lead to undefined behavior. | test.c:11:3:11:8 | call to signal | signal handler | diff --git a/c/cert/test/rules/SIG31-C/test.c b/c/cert/test/rules/SIG31-C/test.c index e69de29bb2..1966ee940f 100644 --- a/c/cert/test/rules/SIG31-C/test.c +++ b/c/cert/test/rules/SIG31-C/test.c @@ -0,0 +1,40 @@ +#include +#include +#include + +char *err_msg; +void handler(int signum) { + strcpy(err_msg, "SIGINT encountered."); // NON_COMPLIANT +} + +void f1(void) { + signal(SIGINT, handler); + // ... +} + +volatile sig_atomic_t e_flag1 = 0; +void handler2(int signum) { + e_flag1 = 1; // COMPLIANT +} + +void f2(void) { + signal(SIGINT, handler2); + // ... +} + +#include + +atomic_int e_flag3 = ATOMIC_VAR_INIT(0); +void handler3(int signum) { + e_flag3 = 1; // COMPLIANT +} + +void f3(void) { + if (!atomic_is_lock_free(&e_flag3)) { + // ... + } + + if (signal(SIGINT, handler3) == SIG_ERR) { + // ... + } +} diff --git a/c/common/test/includes/standard-library/stdatomic.h b/c/common/test/includes/standard-library/stdatomic.h index f07aa2697a..66b74ae61a 100644 --- a/c/common/test/includes/standard-library/stdatomic.h +++ b/c/common/test/includes/standard-library/stdatomic.h @@ -3,5 +3,7 @@ #define atomic_load(a) 0 #define atomic_load_explicit(a, b) #define atomic_store(a, b) 0 -#define atomic_store_explicit(a,b,c) 0 -#define ATOMIC_VAR_INIT(value) (value) \ No newline at end of file +#define atomic_store_explicit(a, b, c) 0 +#define ATOMIC_VAR_INIT(value) (value) +#define atomic_is_lock_free(obj) __c11_atomic_is_lock_free(sizeof(*(obj))) +typedef _Atomic(int) atomic_int; \ No newline at end of file diff --git a/rule_packages/c/SignalHandlers.json b/rule_packages/c/SignalHandlers.json index dd1549f725..24de90f28b 100644 --- a/rule_packages/c/SignalHandlers.json +++ b/rule_packages/c/SignalHandlers.json @@ -12,7 +12,10 @@ "precision": "very-high", "severity": "error", "short_name": "CallOnlyAsyncSafeFunctionsWithinSignalHandlers", - "tags": [] + "tags": [ + "correctness", + "security" + ] } ], "title": "Call only asynchronous-safe functions within signal handlers" @@ -29,7 +32,13 @@ "precision": "very-high", "severity": "error", "short_name": "DoNotAccessSharedObjectsInSignalHandlers", - "tags": [] + "tags": [ + "correctness", + "security" + ], + "implementation_scope": { + "description": "The implementation does not verify the correct usage of `atomic_is_lock_free`." + } } ], "title": "Do not access shared objects in signal handlers" From 4b51d84951aecf2c68aff95d413ffaafba7611fd Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Tue, 21 Mar 2023 02:14:37 +0100 Subject: [PATCH 0778/2573] Fix test SIG30-C --- ...allOnlyAsyncSafeFunctionsWithinSignalHandlers.expected | 8 ++++---- ...nlyAsyncSafeFunctionsWithinSignalHandlers.expected.qcc | 8 ++++---- c/cert/test/rules/SIG30-C/test.c | 1 - 3 files changed, 8 insertions(+), 9 deletions(-) diff --git a/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected b/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected index 99d7e6040e..b9bccef26a 100644 --- a/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected +++ b/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected @@ -1,4 +1,4 @@ -| test.c:11:3:11:18 | call to log_local_unsafe | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:17:7:17:12 | call to signal | signal handler | -| test.c:12:3:12:6 | call to free | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:17:7:17:12 | call to signal | signal handler | -| test.c:48:3:48:9 | call to longjmp | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:52:7:52:12 | call to signal | signal handler | -| test.c:78:7:78:11 | call to raise | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:93:7:93:12 | call to signal | signal handler | +| test.c:10:3:10:18 | call to log_local_unsafe | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:16:7:16:12 | call to signal | signal handler | +| test.c:11:3:11:6 | call to free | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:16:7:16:12 | call to signal | signal handler | +| test.c:47:3:47:9 | call to longjmp | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:51:7:51:12 | call to signal | signal handler | +| test.c:77:7:77:11 | call to raise | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:92:7:92:12 | call to signal | signal handler | diff --git a/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected.qcc b/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected.qcc index c5f7cece02..fb6776a679 100644 --- a/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected.qcc +++ b/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected.qcc @@ -1,4 +1,4 @@ -| test.c:11:3:11:18 | call to log_local_unsafe | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:17:7:17:12 | call to signal | signal handler | -| test.c:12:3:12:6 | call to free | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:17:7:17:12 | call to signal | signal handler | -| test.c:48:3:48:17 | call to siglongjmp | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:52:7:52:12 | call to signal | signal handler | -| test.c:78:7:78:11 | call to raise | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:93:7:93:12 | call to signal | signal handler | +| test.c:10:3:10:18 | call to log_local_unsafe | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:16:7:16:12 | call to signal | signal handler | +| test.c:11:3:11:6 | call to free | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:16:7:16:12 | call to signal | signal handler | +| test.c:47:3:47: | call to longjmp | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:51:7:51:12 | call to signal | signal handler | +| test.c:77:7:77:11 | call to raise | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:92:7:92:12 | call to signal | signal handler | diff --git a/c/cert/test/rules/SIG30-C/test.c b/c/cert/test/rules/SIG30-C/test.c index b5487bc81e..629bb26b61 100644 --- a/c/cert/test/rules/SIG30-C/test.c +++ b/c/cert/test/rules/SIG30-C/test.c @@ -2,7 +2,6 @@ #include #include -enum { MAXLINE = 1024 }; char *info = NULL; void log_local_unsafe(void) { fputs(info, stderr); } From 2095248991c3484fb8bead77d8c20fc897c03ad3 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Tue, 21 Mar 2023 02:14:53 +0100 Subject: [PATCH 0779/2573] Fix expected file --- .../CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected.qcc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected.qcc b/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected.qcc index fb6776a679..c8685b7afa 100644 --- a/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected.qcc +++ b/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected.qcc @@ -1,4 +1,4 @@ | test.c:10:3:10:18 | call to log_local_unsafe | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:16:7:16:12 | call to signal | signal handler | | test.c:11:3:11:6 | call to free | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:16:7:16:12 | call to signal | signal handler | -| test.c:47:3:47: | call to longjmp | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:51:7:51:12 | call to signal | signal handler | +| test.c:47:3:47: | call to siglongjmp | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:51:7:51:12 | call to signal | signal handler | | test.c:77:7:77:11 | call to raise | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:92:7:92:12 | call to signal | signal handler | From e7dec512ec9af644e86f78a975bb6846c0d17a6c Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Tue, 21 Mar 2023 12:57:05 +0100 Subject: [PATCH 0780/2573] Implement rule SIG34-C --- ...yAsyncSafeFunctionsWithinSignalHandlers.ql | 3 ++- ...llSignalFromInterruptibleSignalHandlers.ql | 7 +++-- ...alFromInterruptibleSignalHandlers.expected | 3 ++- c/cert/test/rules/SIG34-C/test.c | 27 +++++++++++++++++++ c/common/src/codingstandards/c/Signal.qll | 12 +++++++++ 5 files changed, 48 insertions(+), 4 deletions(-) diff --git a/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql b/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql index 2096a44cea..84a9eba5b1 100644 --- a/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql +++ b/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql @@ -100,7 +100,8 @@ class ApplicationAsyncSafeFunction extends AsyncSafeFunction { class AsyncUnsafeRaiseCall extends FunctionCall { AsyncUnsafeRaiseCall() { this.getTarget().hasGlobalName("raise") and - exists(SignalHandler handler | handler = this.getEnclosingFunction() | + exists(SignalHandler handler | + handler = this.getEnclosingFunction() and not handler.getRegistration().getArgument(0).getValue() = this.getArgument(0).getValue() and not DataFlow::localFlow(DataFlow::parameterNode(handler.getParameter(0)), DataFlow::exprNode(this.getArgument(0))) diff --git a/c/cert/src/rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.ql b/c/cert/src/rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.ql index 0866687e29..4c3ec767eb 100644 --- a/c/cert/src/rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.ql +++ b/c/cert/src/rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.ql @@ -11,8 +11,11 @@ import cpp import codingstandards.c.cert +import codingstandards.c.Signal -from +from FunctionCall x where not isExcluded(x, SignalHandlersPackage::doNotCallSignalFromInterruptibleSignalHandlersQuery()) and -select + x = any(SignalHandler handler).getReassertingCall() +select x, + "Reasserting handler bindings introduces a race condition on nonpersistent platforms and is redundant otherwise." diff --git a/c/cert/test/rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.expected b/c/cert/test/rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.expected index 2ec1a0ac6c..8bb7fc76c9 100644 --- a/c/cert/test/rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.expected +++ b/c/cert/test/rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.expected @@ -1 +1,2 @@ -No expected results have yet been specified \ No newline at end of file +| test.c:4:7:4:12 | call to signal | Reasserting handler bindings introduces a race condition on nonpersistent platforms and is redundant otherwise. | +| test.c:17:7:17:12 | call to signal | Reasserting handler bindings introduces a race condition on nonpersistent platforms and is redundant otherwise. | diff --git a/c/cert/test/rules/SIG34-C/test.c b/c/cert/test/rules/SIG34-C/test.c index e69de29bb2..df9f465409 100644 --- a/c/cert/test/rules/SIG34-C/test.c +++ b/c/cert/test/rules/SIG34-C/test.c @@ -0,0 +1,27 @@ +#include + +void handler1(int signum) { + if (signal(signum, handler1) == SIG_ERR) // NON_COMPLIANT + { + //... + } +} + +void f1(void) { + if (signal(SIGUSR1, handler1) == SIG_ERR) { + // ... + } +} + +void handler2(int signum) { + if (signal(SIGUSR1, handler2) == SIG_ERR) // NON_COMPLIANT + { + //... + } +} + +void f2(void) { + if (signal(SIGUSR1, handler2) == SIG_ERR) { + // ... + } +} diff --git a/c/common/src/codingstandards/c/Signal.qll b/c/common/src/codingstandards/c/Signal.qll index 9b177ca315..04ad061bee 100644 --- a/c/common/src/codingstandards/c/Signal.qll +++ b/c/common/src/codingstandards/c/Signal.qll @@ -1,4 +1,5 @@ import cpp +import semmle.code.cpp.dataflow.DataFlow /** * A call to function `signal` @@ -19,6 +20,17 @@ class SignalHandler extends Function { } SignalCall getRegistration() { result = registration } + + FunctionCall getReassertingCall() { + result.getTarget().hasGlobalName("signal") and + this = result.getEnclosingFunction() and + ( + this.getRegistration().getArgument(0).getValue() = result.getArgument(0).getValue() + or + DataFlow::localFlow(DataFlow::parameterNode(this.getParameter(0)), + DataFlow::exprNode(result.getArgument(0))) + ) + } } /** From a1bc2436f6b9281588f3fc0b28349c05d3c230a7 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Tue, 21 Mar 2023 19:02:02 +0100 Subject: [PATCH 0781/2573] Implement rule SIG35-C --- ...yAsyncSafeFunctionsWithinSignalHandlers.ql | 9 +++--- ...oNotAccessSharedObjectsInSignalHandlers.ql | 6 ++-- ...llSignalFromInterruptibleSignalHandlers.ql | 11 ++++--- ...eturnFromAComputationalExceptionHandler.ql | 31 +++++++++++++++++-- ...romAComputationalExceptionHandler.expected | 2 +- c/cert/test/rules/SIG35-C/test.c | 26 ++++++++++++++++ c/common/src/codingstandards/c/Signal.qll | 20 ++++++++++++ rule_packages/c/SignalHandlers.json | 10 ++++-- 8 files changed, 96 insertions(+), 19 deletions(-) diff --git a/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql b/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql index 84a9eba5b1..a87df99050 100644 --- a/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql +++ b/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql @@ -17,16 +17,15 @@ import codingstandards.c.Signal import semmle.code.cpp.dataflow.DataFlow /** - * Does not an access an external variable except - * to assign a value to a volatile static variable of sig_atomic_t type + * Does not access an external variable except + * to assign a value to a volatile static variable of `sig_atomic_t` type */ class AsyncSafeVariableAccess extends VariableAccess { AsyncSafeVariableAccess() { this.getTarget() instanceof StackVariable or - this.getType().hasName("volatile sig_atomic_t") and // TODO search without "volatile" - this.isModified() and - this.getTarget().isVolatile() + this.getTarget().(StaticStorageDurationVariable).getType().(SigAtomicType).isVolatile() and + this.isModified() } } diff --git a/c/cert/src/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.ql b/c/cert/src/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.ql index efef0e0630..8f9e907019 100644 --- a/c/cert/src/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.ql +++ b/c/cert/src/rules/SIG31-C/DoNotAccessSharedObjectsInSignalHandlers.ql @@ -27,10 +27,8 @@ class UnsafeSharedVariableAccess extends VariableAccess { this.getTarget().isThreadLocal() ) and // excluding `volatile sig_atomic_t` type - not ( - this.getType().hasName("volatile sig_atomic_t") and // TODO search without "volatile" - this.getTarget().isVolatile() - ) and //excluding lock-free atomic objects + not this.getType().(SigAtomicType).isVolatile() and + // excluding lock-free atomic objects not exists(MacroInvocation mi, VariableAccess va | mi.getMacroName() = "atomic_is_lock_free" and mi.getExpr().getChild(0) = va.getEnclosingElement*() and diff --git a/c/cert/src/rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.ql b/c/cert/src/rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.ql index 4c3ec767eb..d1eb773acb 100644 --- a/c/cert/src/rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.ql +++ b/c/cert/src/rules/SIG34-C/DoNotCallSignalFromInterruptibleSignalHandlers.ql @@ -6,6 +6,8 @@ * @precision very-high * @problem.severity error * @tags external/cert/id/sig34-c + * correctness + * security * external/cert/obligation/rule */ @@ -13,9 +15,10 @@ import cpp import codingstandards.c.cert import codingstandards.c.Signal -from FunctionCall x +from FunctionCall signal where - not isExcluded(x, SignalHandlersPackage::doNotCallSignalFromInterruptibleSignalHandlersQuery()) and - x = any(SignalHandler handler).getReassertingCall() -select x, + not isExcluded(signal, + SignalHandlersPackage::doNotCallSignalFromInterruptibleSignalHandlersQuery()) and + signal = any(SignalHandler handler).getReassertingCall() +select signal, "Reasserting handler bindings introduces a race condition on nonpersistent platforms and is redundant otherwise." diff --git a/c/cert/src/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.ql b/c/cert/src/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.ql index 040082a4de..fa3cc3bf14 100644 --- a/c/cert/src/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.ql +++ b/c/cert/src/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.ql @@ -6,13 +6,38 @@ * @precision very-high * @problem.severity error * @tags external/cert/id/sig35-c + * correctness + * security * external/cert/obligation/rule */ import cpp import codingstandards.c.cert +import codingstandards.c.Signal +import semmle.code.cpp.dataflow.DataFlow -from +/** + * CFG nodes preceeding a `ReturnStmt` + */ +ControlFlowNode reachesReturn(ReturnStmt return) { + result = return + or + exists(ControlFlowNode mid | + result = mid.getAPredecessor() and + mid = reachesReturn(return) and + // stop recursion on calls to `abort`, `_Exit` and "quick_exit" + not result instanceof AbortCall + ) +} + +from ReturnStmt return, ComputationalExceptionSignal e where - not isExcluded(x, SignalHandlersPackage::doNotReturnFromAComputationalExceptionHandlerQuery()) and -select + not isExcluded(return, SignalHandlersPackage::doNotReturnFromAComputationalExceptionHandlerQuery()) and + exists(SignalHandler handler | + handler = return.getEnclosingFunction() and + // computational exception handler + DataFlow::localExprFlow(e.getExpr(), handler.getRegistration().getArgument(0)) and + // control flow reaches a return statement + reachesReturn(return) = handler.getBlock() + ) +select return, "Do not return from a $@ signal handler.", e, "computational exception" diff --git a/c/cert/test/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.expected b/c/cert/test/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.expected index 2ec1a0ac6c..31412c466a 100644 --- a/c/cert/test/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.expected +++ b/c/cert/test/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.expected @@ -1 +1 @@ -No expected results have yet been specified \ No newline at end of file +| test.c:10:1:10:1 | return ... | Do not return from a $@ signal handler. | test.c:13:10:13:15 | SIGFPE | computational exception | diff --git a/c/cert/test/rules/SIG35-C/test.c b/c/cert/test/rules/SIG35-C/test.c index e69de29bb2..cc57bd4b8b 100644 --- a/c/cert/test/rules/SIG35-C/test.c +++ b/c/cert/test/rules/SIG35-C/test.c @@ -0,0 +1,26 @@ +#include +#include +#include +#include + +volatile sig_atomic_t eflag; + +void sighandle(int s) { // NON_COMPLIANT + eflag = 1; +} + +int f1(int argc, char *argv[]) { + signal(SIGFPE, sighandle); + + return 0; +} + +void sighandle2(int s) { // COMPLIANT + eflag = 1; + abort(); +} + +int f2(int argc, char *argv[]) { + signal(SIGFPE, sighandle2); + return 0; +} diff --git a/c/common/src/codingstandards/c/Signal.qll b/c/common/src/codingstandards/c/Signal.qll index 04ad061bee..95b27e2898 100644 --- a/c/common/src/codingstandards/c/Signal.qll +++ b/c/common/src/codingstandards/c/Signal.qll @@ -1,6 +1,13 @@ import cpp import semmle.code.cpp.dataflow.DataFlow +/** + * A signal corresponding to a computational exception + */ +class ComputationalExceptionSignal extends MacroInvocation { + ComputationalExceptionSignal() { this.getMacroName() = ["SIGFPE", "SIGILL", "SIGSEGV", "SIGBUS"] } +} + /** * A call to function `signal` */ @@ -39,3 +46,16 @@ class SignalHandler extends Function { class AbortCall extends FunctionCall { AbortCall() { this.getTarget().hasGlobalName(["abort", "_Exit", "quick_exit"]) } } + +/** + * Models the type `sig_atomic_type` + */ +class SigAtomicType extends Type { + SigAtomicType() { + this.getName() = "sig_atomic_t" + or + this.(TypedefType).getBaseType() instanceof SigAtomicType + or + this.(SpecifiedType).getBaseType() instanceof SigAtomicType + } +} diff --git a/rule_packages/c/SignalHandlers.json b/rule_packages/c/SignalHandlers.json index 24de90f28b..0ceaa5914d 100644 --- a/rule_packages/c/SignalHandlers.json +++ b/rule_packages/c/SignalHandlers.json @@ -55,7 +55,10 @@ "precision": "very-high", "severity": "error", "short_name": "DoNotCallSignalFromInterruptibleSignalHandlers", - "tags": [] + "tags": [ + "correctness", + "security" + ] } ], "title": "Do not call signal() from within interruptible signal handlers" @@ -72,7 +75,10 @@ "precision": "very-high", "severity": "error", "short_name": "DoNotReturnFromAComputationalExceptionHandler", - "tags": [] + "tags": [ + "correctness", + "security" + ] } ], "title": "Do not return from a computational exception signal handler" From 03f1d41df89650ffd317b397cb11b7b0bf8d2fc3 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Tue, 21 Mar 2023 19:21:52 +0100 Subject: [PATCH 0782/2573] Update CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected.qcc --- .../CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected.qcc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected.qcc b/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected.qcc index c8685b7afa..36cc55c782 100644 --- a/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected.qcc +++ b/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected.qcc @@ -1,4 +1,4 @@ | test.c:10:3:10:18 | call to log_local_unsafe | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:16:7:16:12 | call to signal | signal handler | | test.c:11:3:11:6 | call to free | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:16:7:16:12 | call to signal | signal handler | -| test.c:47:3:47: | call to siglongjmp | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:51:7:51:12 | call to signal | signal handler | +| test.c:47:3:47:17 | call to siglongjmp | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:51:7:51:12 | call to signal | signal handler | | test.c:77:7:77:11 | call to raise | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:92:7:92:12 | call to signal | signal handler | From 7617acc5f40d830a24e753aef37dc1d7c4b70a5b Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Tue, 21 Mar 2023 14:50:25 -0700 Subject: [PATCH 0783/2573] Reinforce 7-4 to consider wchar_t --- .../StringLiteralAssignedToNonConstChar.ql | 59 ++++++++++++++----- ...ringLiteralAssignedToNonConstChar.expected | 12 ++-- c/misra/test/rules/RULE-7-4/test.c | 44 +++++++++++++- 3 files changed, 95 insertions(+), 20 deletions(-) diff --git a/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql b/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql index bd9a72943f..311177e4b7 100644 --- a/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql +++ b/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql @@ -13,9 +13,32 @@ import cpp import codingstandards.c.misra +/** Pointer to Wide character type, i.e. `wchar_t*`. */ +class WideCharPointerType extends PointerType { + WideCharPointerType() { this.getBaseType() instanceof Wchar_t } + + override string getAPrimaryQlClass() { result = "WideCharPointerType" } +} + +class GenericCharPointerType extends PointerType { + GenericCharPointerType() { + /* This type resolves to wchar_t* (which is in turn a typedef depending on its implementation) */ + this.resolveTypedefs*() instanceof WideCharPointerType + or + /* This type eventually resolves to char* */ + this.resolveTypedefs*() instanceof CharPointerType + } + + predicate isWideCharPointerType() { this.resolveTypedefs*() instanceof WideCharPointerType } + + override string toString() { + if this.isWideCharPointerType() then result = "wchar_t*" else result = "char*" + } +} + class NonConstCharStarType extends Type { NonConstCharStarType() { - this instanceof CharPointerType and + this instanceof GenericCharPointerType and not this.isDeeplyConstBelow() } } @@ -24,40 +47,48 @@ class NonConstCharStarType extends Type { predicate declaringNonConstCharVar(Variable decl, string message) { not decl instanceof Parameter and // exclude parameters /* It should be declaring a char* type variable */ - decl.getUnspecifiedType() instanceof CharPointerType and - not decl.getUnderlyingType().isDeeplyConstBelow() and - /* But it's declared to hold a string literal. */ + decl.getType() instanceof GenericCharPointerType and + not decl.getType().isDeeplyConstBelow() and + /* But it's declared to hold a string literal. */ decl.getInitializer().getExpr() instanceof StringLiteral and - message = "char* variable " + decl + " is declared with a string literal." + message = + decl.getType().(GenericCharPointerType) + " variable " + decl + + " is declared with a string literal." } /* String literal being assigned to a non-const-char* variable */ predicate assignmentToNonConstCharVar(Assignment assign, string message) { /* The variable being assigned is char* */ - assign.getLValue().getUnderlyingType() instanceof NonConstCharStarType and + assign.getLValue().getType() instanceof NonConstCharStarType and /* But the rvalue is a string literal */ - exists(Expr rvalue | rvalue = assign.getRValue() | rvalue instanceof StringLiteral) and - message = "char* variable " + assign.getLValue() + " is assigned a string literal. " + assign.getRValue() instanceof StringLiteral and + message = + assign.getLValue().getType().(GenericCharPointerType) + " variable " + assign.getLValue() + + " is assigned a string literal. " } /* String literal being passed to a non-const-char* parameter */ predicate assignmentToNonConstCharParam(FunctionCall call, string message) { exists(int index | /* Param at index is a char* */ - call.getTarget().getParameter(index).getUnderlyingType() instanceof NonConstCharStarType and + call.getTarget().getParameter(index).getType() instanceof NonConstCharStarType and /* But a string literal is passed */ - call.getArgument(index) instanceof StringLiteral - ) and - message = "char* parameter of " + call.getTarget() + " is passed a string literal." + call.getArgument(index) instanceof StringLiteral and + message = + call.getTarget().getParameter(index).getType().(GenericCharPointerType) + " parameter of " + + call.getTarget() + " is passed a string literal." + ) } /* String literal being returned by a non-const-char* function */ predicate returningNonConstCharVar(ReturnStmt return, string message) { /* The function is declared to return a char* */ - return.getEnclosingFunction().getType().resolveTypedefs() instanceof NonConstCharStarType and + return.getEnclosingFunction().getType() instanceof NonConstCharStarType and /* But in reality it returns a string literal */ return.getExpr() instanceof StringLiteral and - message = "char* function " + return.getEnclosingFunction() + " is returning a string literal." + message = + return.getEnclosingFunction().getType().(GenericCharPointerType) + " function " + + return.getEnclosingFunction() + " is returning a string literal." } from Element elem, string message diff --git a/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.expected b/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.expected index 235697faa6..8c15eaffe0 100644 --- a/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.expected +++ b/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.expected @@ -1,4 +1,8 @@ -| test.c:9:9:9:10 | s3 | char* variable s3 is declared with a string literal. | -| test.c:11:3:12:15 | ... = ... | char* variable s3 is assigned a string literal. | -| test.c:26:5:26:21 | return ... | char* function sample3 is returning a string literal. | -| test.c:38:3:38:9 | call to sample4 | char* parameter of sample4 is passed a string literal. | +| test.c:11:9:11:10 | s3 | char* variable s3 is declared with a string literal. | +| test.c:13:3:14:15 | ... = ... | char* variable s3 is assigned a string literal. | +| test.c:23:12:23:14 | ws3 | char* variable ws3 is declared with a string literal. | +| test.c:25:3:25:23 | ... = ... | char* variable ws3 is assigned a string literal. | +| test.c:50:5:50:21 | return ... | char* function sample3 is returning a string literal. | +| test.c:58:5:58:22 | return ... | char* function w_sample3 is returning a string literal. | +| test.c:69:3:69:9 | call to sample4 | char* parameter of sample4 is passed a string literal. | +| test.c:78:3:78:11 | call to w_sample4 | char* parameter of w_sample4 is passed a string literal. | diff --git a/c/misra/test/rules/RULE-7-4/test.c b/c/misra/test/rules/RULE-7-4/test.c index fe2afb9444..5aed71ffe7 100644 --- a/c/misra/test/rules/RULE-7-4/test.c +++ b/c/misra/test/rules/RULE-7-4/test.c @@ -1,6 +1,8 @@ +#include #include void sample1() { + /* Test for plain char type */ const char *s1 = "string1"; // COMPLIANT: string literal assigned to a const char* variable const register volatile char *s2 = @@ -11,8 +13,21 @@ void sample1() { s3 = "string4"; // NON_COMPLIANT: char* variable assigned a string literal // (not likely to be seen in production, since there is strcpy) + + /* Test for wide char type */ + const wchar_t *ws1 = L"wide string1"; // COMPLIANT: string literal assigned to + // a const char* variable + const register volatile wchar_t *ws2 = + L"wide string2"; // COMPLIANT: string literal assigned to a const char* + // variable, don't care about the qualifiers + wchar_t *ws3 = L"wide string3"; // NON_COMPLIANT: char* variable declared to hold + // a string literal + ws3 = L"wide string4"; // NON_COMPLIANT: char* variable assigned a string + // literal (not likely to be seen in production, since + // there is strcpy) } +/* Testing returning a plain string literal */ const char *sample2(int x) { if (x == 1) return "string5"; // COMPLIANT: can return a string literal with return type @@ -21,6 +36,15 @@ const char *sample2(int x) { return NULL; } +/* Testing returning a wide string literal */ +const wchar_t *w_sample2(int x) { + if (x == 1) + return L"string5"; // COMPLIANT: can return a string literal with return type + // being const char* being const char* + else + return NULL; +} + char *sample3(int x) { if (x == 1) return "string6"; // NON_COMPLIANT: can return a string literal with return @@ -29,14 +53,30 @@ char *sample3(int x) { return NULL; } +wchar_t *w_sample3(int x) { + if (x == 1) + return L"string6"; // NON_COMPLIANT: can return a string literal with return + // type being char* + else + return NULL; +} + void sample4(char *string) {} void sample5(const char *string) {} void call45() { - const char *literal = "string7"; sample4("string8"); // NON_COMPLIANT: can't pass string literal to char* sample5("string9"); // COMPLIANT: passing string literal to const char* } -int main() { return 0; } \ No newline at end of file +void w_sample4(wchar_t *string) {} + +void w_sample5(const wchar_t *string) {} + +void w_call45() { + w_sample4(L"string8"); // NON_COMPLIANT: can't pass string literal to char* + w_sample5(L"string9"); // COMPLIANT: passing string literal to const char* +} + +int main() { return 0; } From 3bec0e6d28af05e4ef987a456f88b58e417df85e Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Tue, 21 Mar 2023 15:10:09 -0700 Subject: [PATCH 0784/2573] update .expected for RULE-7-4 --- .../RULE-7-4/StringLiteralAssignedToNonConstChar.expected | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.expected b/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.expected index 8c15eaffe0..1312594e13 100644 --- a/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.expected +++ b/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.expected @@ -1,8 +1,8 @@ | test.c:11:9:11:10 | s3 | char* variable s3 is declared with a string literal. | | test.c:13:3:14:15 | ... = ... | char* variable s3 is assigned a string literal. | -| test.c:23:12:23:14 | ws3 | char* variable ws3 is declared with a string literal. | -| test.c:25:3:25:23 | ... = ... | char* variable ws3 is assigned a string literal. | +| test.c:23:12:23:14 | ws3 | wchar_t* variable ws3 is declared with a string literal. | +| test.c:25:3:25:23 | ... = ... | wchar_t* variable ws3 is assigned a string literal. | | test.c:50:5:50:21 | return ... | char* function sample3 is returning a string literal. | -| test.c:58:5:58:22 | return ... | char* function w_sample3 is returning a string literal. | +| test.c:58:5:58:22 | return ... | wchar_t* function w_sample3 is returning a string literal. | | test.c:69:3:69:9 | call to sample4 | char* parameter of sample4 is passed a string literal. | -| test.c:78:3:78:11 | call to w_sample4 | char* parameter of w_sample4 is passed a string literal. | +| test.c:78:3:78:11 | call to w_sample4 | wchar_t* parameter of w_sample4 is passed a string literal. | From 23065e499dabf18734b14d59db4b02608bba0ee9 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 19 Mar 2023 22:24:39 +0000 Subject: [PATCH 0785/2573] IntegerOverflow: Create an overflow library Enable re-use of existing query by extracting out "InterestingBinaryOverflowingExpr" to a separate library. --- .../A4-7-1/IntegerExpressionLeadToDataLoss.ql | 61 +---------------- .../src/codingstandards/cpp/Overflow.qll | 68 +++++++++++++++++++ 2 files changed, 69 insertions(+), 60 deletions(-) create mode 100644 cpp/common/src/codingstandards/cpp/Overflow.qll diff --git a/cpp/autosar/src/rules/A4-7-1/IntegerExpressionLeadToDataLoss.ql b/cpp/autosar/src/rules/A4-7-1/IntegerExpressionLeadToDataLoss.ql index 242283d716..36d947e6eb 100644 --- a/cpp/autosar/src/rules/A4-7-1/IntegerExpressionLeadToDataLoss.ql +++ b/cpp/autosar/src/rules/A4-7-1/IntegerExpressionLeadToDataLoss.ql @@ -15,69 +15,10 @@ import cpp import codingstandards.cpp.autosar -import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis +import codingstandards.cpp.Overflow import semmle.code.cpp.controlflow.Guards -import semmle.code.cpp.dataflow.TaintTracking import semmle.code.cpp.valuenumbering.GlobalValueNumbering -/** - * A `BinaryArithmeticOperation` which may overflow and is a potentially interesting case to review - * that is not covered by other queries for this rule. - */ -class InterestingBinaryOverflowingExpr extends BinaryArithmeticOperation { - InterestingBinaryOverflowingExpr() { - // Might overflow or underflow - ( - exprMightOverflowNegatively(this) - or - exprMightOverflowPositively(this) - ) and - not this.isAffectedByMacro() and - // Ignore pointer arithmetic - not this instanceof PointerArithmeticOperation and - // Covered by `IntMultToLong.ql` instead - not this instanceof MulExpr and - // Not covered by this query - overflow/underflow in division is rare - not this instanceof DivExpr - } - - /** - * Get a `GVN` which guards this expression which may overflow. - */ - GVN getAGuardingGVN() { - exists(GuardCondition gc, Expr e | - not gc = getABadOverflowCheck() and - TaintTracking::localTaint(DataFlow::exprNode(e), DataFlow::exprNode(gc.getAChild*())) and - gc.controls(this.getBasicBlock(), _) and - result = globalValueNumber(e) - ) - } - - /** - * Identifies a bad overflow check for this overflow expression. - */ - GuardCondition getABadOverflowCheck() { - exists(AddExpr ae, RelationalOperation relOp | - this = ae and - result = relOp and - // Looking for this pattern: - // if (x + y > x) - // use(x + y) - // - globalValueNumber(relOp.getAnOperand()) = globalValueNumber(ae) and - globalValueNumber(relOp.getAnOperand()) = globalValueNumber(ae.getAnOperand()) - | - // Signed overflow checks are insufficient - ae.getUnspecifiedType().(IntegralType).isSigned() - or - // Unsigned overflow checks can still be bad, if the result is promoted. - forall(Expr op | op = ae.getAnOperand() | op.getType().getSize() < any(IntType i).getSize()) and - // Not explicitly converted to a smaller type before the comparison - not ae.getExplicitlyConverted().getType().getSize() < any(IntType i).getSize() - ) - } -} - from InterestingBinaryOverflowingExpr e where not isExcluded(e, IntegerConversionPackage::integerExpressionLeadToDataLossQuery()) and diff --git a/cpp/common/src/codingstandards/cpp/Overflow.qll b/cpp/common/src/codingstandards/cpp/Overflow.qll new file mode 100644 index 0000000000..42651c8cab --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/Overflow.qll @@ -0,0 +1,68 @@ +/** + * This module provides predicates for checking whether an operation overflows or wraps. + */ + +import cpp +import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis +import SimpleRangeAnalysisCustomizations +import semmle.code.cpp.controlflow.Guards +import semmle.code.cpp.dataflow.TaintTracking +import semmle.code.cpp.valuenumbering.GlobalValueNumbering + +/** + * A `BinaryArithmeticOperation` which may overflow and is a potentially interesting case to review + * that is not covered by other queries for this rule. + */ +class InterestingBinaryOverflowingExpr extends BinaryArithmeticOperation { + InterestingBinaryOverflowingExpr() { + // Might overflow or underflow + ( + exprMightOverflowNegatively(this) + or + exprMightOverflowPositively(this) + ) and + not this.isAffectedByMacro() and + // Ignore pointer arithmetic + not this instanceof PointerArithmeticOperation and + // Covered by `IntMultToLong.ql` instead + not this instanceof MulExpr and + // Not covered by this query - overflow/underflow in division is rare + not this instanceof DivExpr + } + + /** + * Get a `GVN` which guards this expression which may overflow. + */ + GVN getAGuardingGVN() { + exists(GuardCondition gc, Expr e | + not gc = getABadOverflowCheck() and + TaintTracking::localTaint(DataFlow::exprNode(e), DataFlow::exprNode(gc.getAChild*())) and + gc.controls(this.getBasicBlock(), _) and + result = globalValueNumber(e) + ) + } + + /** + * Identifies a bad overflow check for this overflow expression. + */ + GuardCondition getABadOverflowCheck() { + exists(AddExpr ae, RelationalOperation relOp | + this = ae and + result = relOp and + // Looking for this pattern: + // if (x + y > x) + // use(x + y) + // + globalValueNumber(relOp.getAnOperand()) = globalValueNumber(ae) and + globalValueNumber(relOp.getAnOperand()) = globalValueNumber(ae.getAnOperand()) + | + // Signed overflow checks are insufficient + ae.getUnspecifiedType().(IntegralType).isSigned() + or + // Unsigned overflow checks can still be bad, if the result is promoted. + forall(Expr op | op = ae.getAnOperand() | op.getType().getSize() < any(IntType i).getSize()) and + // Not explicitly converted to a smaller type before the comparison + not ae.getExplicitlyConverted().getType().getSize() < any(IntType i).getSize() + ) + } +} From 0ffa4b1f14b4c024d4ca19ef802823d0ab21e7d5 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 20 Mar 2023 08:37:04 +0000 Subject: [PATCH 0786/2573] IntegerOverflow: Add package files. --- .../cpp/exclusions/c/IntegerOverflow.qll | 112 ++++++++++++++++ .../cpp/exclusions/c/RuleMetadata.qll | 3 + rule_packages/c/IntegerOverflow.json | 124 ++++++++++++++++++ rule_packages/cpp/Expressions.json | 1 + rules.csv | 12 +- 5 files changed, 246 insertions(+), 6 deletions(-) create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/IntegerOverflow.qll create mode 100644 rule_packages/c/IntegerOverflow.json diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/IntegerOverflow.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/IntegerOverflow.qll new file mode 100644 index 0000000000..9a74132a55 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/IntegerOverflow.qll @@ -0,0 +1,112 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype IntegerOverflowQuery = + TUnsignedIntegerOperationsWrapAroundQuery() or + TIntegerConversionCausesDataLossQuery() or + TSignedIntegerOverflowQuery() or + TDivOrRemByZeroQuery() or + TUseCorrectIntegerPrecisionsQuery() or + TConstantUnsignedIntegerExpressionsWrapAroundQuery() + +predicate isIntegerOverflowQueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `unsignedIntegerOperationsWrapAround` query + IntegerOverflowPackage::unsignedIntegerOperationsWrapAroundQuery() and + queryId = + // `@id` for the `unsignedIntegerOperationsWrapAround` query + "c/cert/unsigned-integer-operations-wrap-around" and + ruleId = "INT30-C" and + category = "rule" + or + query = + // `Query` instance for the `integerConversionCausesDataLoss` query + IntegerOverflowPackage::integerConversionCausesDataLossQuery() and + queryId = + // `@id` for the `integerConversionCausesDataLoss` query + "c/cert/integer-conversion-causes-data-loss" and + ruleId = "INT31-C" and + category = "rule" + or + query = + // `Query` instance for the `signedIntegerOverflow` query + IntegerOverflowPackage::signedIntegerOverflowQuery() and + queryId = + // `@id` for the `signedIntegerOverflow` query + "c/cert/signed-integer-overflow" and + ruleId = "INT32-C" and + category = "rule" + or + query = + // `Query` instance for the `divOrRemByZero` query + IntegerOverflowPackage::divOrRemByZeroQuery() and + queryId = + // `@id` for the `divOrRemByZero` query + "c/cert/div-or-rem-by-zero" and + ruleId = "INT33-C" and + category = "rule" + or + query = + // `Query` instance for the `useCorrectIntegerPrecisions` query + IntegerOverflowPackage::useCorrectIntegerPrecisionsQuery() and + queryId = + // `@id` for the `useCorrectIntegerPrecisions` query + "c/cert/use-correct-integer-precisions" and + ruleId = "INT35-C" and + category = "rule" + or + query = + // `Query` instance for the `constantUnsignedIntegerExpressionsWrapAround` query + IntegerOverflowPackage::constantUnsignedIntegerExpressionsWrapAroundQuery() and + queryId = + // `@id` for the `constantUnsignedIntegerExpressionsWrapAround` query + "c/misra/constant-unsigned-integer-expressions-wrap-around" and + ruleId = "RULE-12-4" and + category = "advisory" +} + +module IntegerOverflowPackage { + Query unsignedIntegerOperationsWrapAroundQuery() { + //autogenerate `Query` type + result = + // `Query` type for `unsignedIntegerOperationsWrapAround` query + TQueryC(TIntegerOverflowPackageQuery(TUnsignedIntegerOperationsWrapAroundQuery())) + } + + Query integerConversionCausesDataLossQuery() { + //autogenerate `Query` type + result = + // `Query` type for `integerConversionCausesDataLoss` query + TQueryC(TIntegerOverflowPackageQuery(TIntegerConversionCausesDataLossQuery())) + } + + Query signedIntegerOverflowQuery() { + //autogenerate `Query` type + result = + // `Query` type for `signedIntegerOverflow` query + TQueryC(TIntegerOverflowPackageQuery(TSignedIntegerOverflowQuery())) + } + + Query divOrRemByZeroQuery() { + //autogenerate `Query` type + result = + // `Query` type for `divOrRemByZero` query + TQueryC(TIntegerOverflowPackageQuery(TDivOrRemByZeroQuery())) + } + + Query useCorrectIntegerPrecisionsQuery() { + //autogenerate `Query` type + result = + // `Query` type for `useCorrectIntegerPrecisions` query + TQueryC(TIntegerOverflowPackageQuery(TUseCorrectIntegerPrecisionsQuery())) + } + + Query constantUnsignedIntegerExpressionsWrapAroundQuery() { + //autogenerate `Query` type + result = + // `Query` type for `constantUnsignedIntegerExpressionsWrapAround` query + TQueryC(TIntegerOverflowPackageQuery(TConstantUnsignedIntegerExpressionsWrapAroundQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index 9dfb52fb84..6c349279e6 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -30,6 +30,7 @@ import IO1 import IO2 import IO3 import IO4 +import IntegerOverflow import InvalidMemory1 import Language1 import Language2 @@ -81,6 +82,7 @@ newtype TCQuery = TIO2PackageQuery(IO2Query q) or TIO3PackageQuery(IO3Query q) or TIO4PackageQuery(IO4Query q) or + TIntegerOverflowPackageQuery(IntegerOverflowQuery q) or TInvalidMemory1PackageQuery(InvalidMemory1Query q) or TLanguage1PackageQuery(Language1Query q) or TLanguage2PackageQuery(Language2Query q) or @@ -132,6 +134,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isIO2QueryMetadata(query, queryId, ruleId, category) or isIO3QueryMetadata(query, queryId, ruleId, category) or isIO4QueryMetadata(query, queryId, ruleId, category) or + isIntegerOverflowQueryMetadata(query, queryId, ruleId, category) or isInvalidMemory1QueryMetadata(query, queryId, ruleId, category) or isLanguage1QueryMetadata(query, queryId, ruleId, category) or isLanguage2QueryMetadata(query, queryId, ruleId, category) or diff --git a/rule_packages/c/IntegerOverflow.json b/rule_packages/c/IntegerOverflow.json new file mode 100644 index 0000000000..8c9c7b0830 --- /dev/null +++ b/rule_packages/c/IntegerOverflow.json @@ -0,0 +1,124 @@ +{ + "CERT-C": { + "INT30-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Unsigned integer expressions do not strictly overflow, but instead wrap around in a modular way. If the size of the type is not sufficient, this can happen unexpectedly.", + "kind": "problem", + "name": "Ensure that unsigned integer operations do not wrap", + "precision": "high", + "severity": "error", + "short_name": "UnsignedIntegerOperationsWrapAround", + "tags": [ + "correctness", + "security" + ] + } + ], + "title": "Ensure that unsigned integer operations do not wrap" + }, + "INT31-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "Ensure that integer conversions do not result in lost or misinterpreted data", + "precision": "high", + "severity": "error", + "short_name": "IntegerConversionCausesDataLoss", + "tags": [ + "correctness" + ] + } + ], + "title": "Ensure that integer conversions do not result in lost or misinterpreted data" + }, + "INT32-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "Ensure that operations on signed integers do not result in overflow", + "precision": "high", + "severity": "error", + "short_name": "SignedIntegerOverflow", + "tags": [ + "correctness", + "security" + ] + } + ], + "title": "Ensure that operations on signed integers do not result in overflow" + }, + "INT33-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Dividing or taking the remainder by zero is undefined behavior.", + "kind": "problem", + "name": "Ensure that division and remainder operations do not result in divide-by-zero errors", + "precision": "high", + "severity": "error", + "short_name": "DivOrRemByZero", + "tags": [ + "correctness" + ] + } + ], + "title": "Ensure that division and remainder operations do not result in divide-by-zero errors" + }, + "INT35-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "Use correct integer precisions", + "precision": "high", + "severity": "error", + "short_name": "UseCorrectIntegerPrecisions", + "tags": [ + "correctness" + ] + } + ], + "title": "Use correct integer precisions" + } + }, + "MISRA-C-2012": { + "RULE-12-4": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "Unsigned integer expressions do not strictly overflow, but instead wrap around in a modular way. Any constant unsigned integer expressions that in effect \"overflow\" will not be detected by the compiler. Although there may be good reasons at run-time to rely on the modular arithmetic provided by unsigned integer types, the reasons for using it at compile-time to evaluate a constant expression are less obvious. Any instance of an unsigned integer constant expression wrapping around is therefore likely to indicate a programming error.", + "kind": "problem", + "name": "Evaluation of constant expressions should not lead to unsigned integer wrap-around", + "precision": "very-high", + "severity": "error", + "short_name": "ConstantUnsignedIntegerExpressionsWrapAround", + "shared_implementation_short_name": "ConstantUnsignedIntegerExpressionsWrapAround", + "tags": [ + "correctness", + "security" + ] + } + ], + "title": "Evaluation of constant expressions should not lead to unsigned integer wrap-around" + } + } +} \ No newline at end of file diff --git a/rule_packages/cpp/Expressions.json b/rule_packages/cpp/Expressions.json index 8bf26eb14c..c0a7b6bb0b 100644 --- a/rule_packages/cpp/Expressions.json +++ b/rule_packages/cpp/Expressions.json @@ -249,6 +249,7 @@ "precision": "very-high", "severity": "error", "short_name": "ConstantUnsignedIntegerExpressionsWrapAround", + "shared_implementation_short_name": "ConstantUnsignedIntegerExpressionsWrapAround", "tags": [ "correctness", "security" diff --git a/rules.csv b/rules.csv index 36eea96801..41b622ad74 100644 --- a/rules.csv +++ b/rules.csv @@ -548,12 +548,12 @@ c,CERT-C,FLP32-C,Yes,Rule,,,Prevent or detect domain and range errors in math fu c,CERT-C,FLP34-C,Yes,Rule,,,Ensure that floating-point conversions are within range of the new type,,Types,Medium, c,CERT-C,FLP36-C,Yes,Rule,,,Preserve precision when converting integral values to floating-point type,,Types,Medium, c,CERT-C,FLP37-C,Yes,Rule,,,Do not use object representations to compare floating-point values,,Types,Medium, -c,CERT-C,INT30-C,Yes,Rule,,,Ensure that unsigned integer operations do not wrap,A4-7-1,Types,Hard, -c,CERT-C,INT31-C,Yes,Rule,,,Ensure that integer conversions do not result in lost or misinterpreted data,A4-7-1,Types,Hard, -c,CERT-C,INT32-C,Yes,Rule,,,Ensure that operations on signed integers do not result in overflow,A4-7-1,Types,Hard, -c,CERT-C,INT33-C,Yes,Rule,,,Ensure that division and remainder operations do not result in divide-by-zero errors,,Types,Hard, +c,CERT-C,INT30-C,Yes,Rule,,,Ensure that unsigned integer operations do not wrap,A4-7-1,IntegerOverflow,Hard, +c,CERT-C,INT31-C,Yes,Rule,,,Ensure that integer conversions do not result in lost or misinterpreted data,A4-7-1,IntegerOverflow,Hard, +c,CERT-C,INT32-C,Yes,Rule,,,Ensure that operations on signed integers do not result in overflow,A4-7-1,IntegerOverflow,Hard, +c,CERT-C,INT33-C,Yes,Rule,,,Ensure that division and remainder operations do not result in divide-by-zero errors,,IntegerOverflow,Hard, c,CERT-C,INT34-C,Yes,Rule,,,Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand,M5-8-1,Types,Import, -c,CERT-C,INT35-C,Yes,Rule,,,Use correct integer precisions,,Types,Hard, +c,CERT-C,INT35-C,Yes,Rule,,,Use correct integer precisions,,IntegerOverflow,Hard, c,CERT-C,INT36-C,Yes,Rule,,,Converting a pointer to integer or integer to pointer,M5-2-9,Types,Easy, c,CERT-C,MEM30-C,Yes,Rule,,,Do not access freed memory,MEM50-CPP,InvalidMemory1,Import, c,CERT-C,MEM31-C,Yes,Rule,,,Free dynamically allocated memory when no longer needed,,Memory2,Very Hard, @@ -685,7 +685,7 @@ c,MISRA-C-2012,RULE-11-9,Yes,Required,,,The macro NULL shall be the only permitt c,MISRA-C-2012,RULE-12-1,Yes,Advisory,,,The precedence of operators within expressions should be made explicit,,SideEffects1,Medium, c,MISRA-C-2012,RULE-12-2,Yes,Required,,,The right hand operand of a shift operator shall lie in the range zero to one less than the width in bits of the essential type of the left hand operand,,Contracts,Medium, c,MISRA-C-2012,RULE-12-3,Yes,Advisory,,,The comma operator should not be used,M5-18-1,Banned,Import, -c,MISRA-C-2012,RULE-12-4,Yes,Advisory,,,Evaluation of constant expressions should not lead to unsigned integer wrap-around,INT30-C,Types,Easy, +c,MISRA-C-2012,RULE-12-4,Yes,Advisory,,,Evaluation of constant expressions should not lead to unsigned integer wrap-around,INT30-C,IntegerOverflow,Easy, c,MISRA-C-2012,RULE-12-5,Yes,Mandatory,,,The sizeof operator shall not have an operand which is a function parameter declared as �array of type�,,Types,Medium, c,MISRA-C-2012,RULE-13-1,Yes,Required,,,Initializer lists shall not contain persistent side effects,,SideEffects1,Medium, c,MISRA-C-2012,RULE-13-2,Yes,Required,,,The value of an expression and its persistent side effects shall be the same under all permitted evaluation orders,PRE31-C,SideEffects,Medium, From 03cb60142fed691705aa876d121c5b64d86cfb99 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 20 Mar 2023 08:40:00 +0000 Subject: [PATCH 0787/2573] IntegerOverflow: Add query for INT30-C Adds a query for finding unsigned integer wraparound, based on the `InterestingBinaryOverflowingExpr` class. --- .../UnsignedIntegerOperationsWrapAround.md | 16 +++++ .../UnsignedIntegerOperationsWrapAround.ql | 35 ++++++++++ ...signedIntegerOperationsWrapAround.expected | 2 + .../UnsignedIntegerOperationsWrapAround.qlref | 1 + c/cert/test/rules/INT30-C/test.c | 64 +++++++++++++++++++ .../src/codingstandards/cpp/Overflow.qll | 16 +++++ 6 files changed, 134 insertions(+) create mode 100644 c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.md create mode 100644 c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql create mode 100644 c/cert/test/rules/INT30-C/UnsignedIntegerOperationsWrapAround.expected create mode 100644 c/cert/test/rules/INT30-C/UnsignedIntegerOperationsWrapAround.qlref create mode 100644 c/cert/test/rules/INT30-C/test.c diff --git a/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.md b/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.md new file mode 100644 index 0000000000..402fd7f64a --- /dev/null +++ b/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.md @@ -0,0 +1,16 @@ +# INT30-C: Ensure that unsigned integer operations do not wrap + +This query implements the CERT-C rule INT30-C: + +> Ensure that unsigned integer operations do not wrap +## CERT + +** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** + +## Implementation notes + +None + +## References + +* CERT-C: [INT30-C: Ensure that unsigned integer operations do not wrap](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql b/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql new file mode 100644 index 0000000000..9ed7d07336 --- /dev/null +++ b/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql @@ -0,0 +1,35 @@ +/** + * @id c/cert/unsigned-integer-operations-wrap-around + * @name INT30-C: Ensure that unsigned integer operations do not wrap + * @description Unsigned integer expressions do not strictly overflow, but instead wrap around in a + * modular way. If the size of the type is not sufficient, this can happen + * unexpectedly. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/cert/id/int30-c + * correctness + * security + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import codingstandards.cpp.Overflow +import semmle.code.cpp.controlflow.Guards +import semmle.code.cpp.valuenumbering.GlobalValueNumbering + +/* TODO: review the table to restrict to only those operations that actually overflow */ +from InterestingBinaryOverflowingExpr bop +where + not isExcluded(bop, IntegerOverflowPackage::unsignedIntegerOperationsWrapAroundQuery()) and + bop.getType().getUnderlyingType().(IntegralType).isUnsigned() and + // Not within a guard condition + not exists(GuardCondition gc | gc.getAChild*() = bop) and + // Not guarded by a check, where the check is not an invalid overflow check + not bop.getAGuardingGVN() = globalValueNumber(bop.getAChild*()) and + // Is not checked after the operation + not bop.hasPostCheck() +select bop, + "Binary expression ..." + bop.getOperator() + "... of type " + bop.getType().getUnderlyingType() + + " may wrap." diff --git a/c/cert/test/rules/INT30-C/UnsignedIntegerOperationsWrapAround.expected b/c/cert/test/rules/INT30-C/UnsignedIntegerOperationsWrapAround.expected new file mode 100644 index 0000000000..fd12bb76b9 --- /dev/null +++ b/c/cert/test/rules/INT30-C/UnsignedIntegerOperationsWrapAround.expected @@ -0,0 +1,2 @@ +| test.c:4:3:4:9 | ... + ... | Binary expression ...+... of type unsigned int may wrap. | +| test.c:48:3:48:9 | ... - ... | Binary expression ...-... of type unsigned int may wrap. | diff --git a/c/cert/test/rules/INT30-C/UnsignedIntegerOperationsWrapAround.qlref b/c/cert/test/rules/INT30-C/UnsignedIntegerOperationsWrapAround.qlref new file mode 100644 index 0000000000..045890904c --- /dev/null +++ b/c/cert/test/rules/INT30-C/UnsignedIntegerOperationsWrapAround.qlref @@ -0,0 +1 @@ +rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql \ No newline at end of file diff --git a/c/cert/test/rules/INT30-C/test.c b/c/cert/test/rules/INT30-C/test.c new file mode 100644 index 0000000000..c1ea725873 --- /dev/null +++ b/c/cert/test/rules/INT30-C/test.c @@ -0,0 +1,64 @@ +#include + +void test_add_simple(unsigned int i1, unsigned int i2) { + i1 + i2; // NON_COMPLIANT - not bounds checked +} + +void test_add_precheck(unsigned int i1, unsigned int i2) { + if (UINT_MAX - i1 < i2) { + // handle error + } else { + i1 + i2; // COMPLIANT - bounds checked + } +} + +void test_add_precheck_2(unsigned int i1, unsigned int i2) { + if (i1 + i2 < i1) { + // handle error + } else { + i1 + i2; // COMPLIANT - bounds checked + } +} + +void test_add_postcheck(unsigned int i1, unsigned int i2) { + unsigned int i3 = i1 + i2; // COMPLIANT - checked for overflow afterwards + if (i3 < i1) { + // handle error + } +} + +void test_ex2(unsigned int i1, unsigned int i2) { + unsigned int ci1 = 2; + unsigned int ci2 = 3; + ci1 + ci2; // COMPLIANT, compile time constants + i1 + 0; // COMPLIANT + i1 - 0; // COMPLIANT + UINT_MAX - i1; // COMPLIANT - cannot be smaller than 0 + i1 * 1; // COMPLIANT + if (0 <= i1 && i1 < 32) { + UINT_MAX >> i1; // COMPLIANT + } +} + +void test_ex3(unsigned int i1, unsigned int i2) { + i1 << i2; // COMPLIANT - by EX3 +} + +void test_sub_simple(unsigned int i1, unsigned int i2) { + i1 - i2; // NON_COMPLIANT - not bounds checked +} + +void test_sub_precheck(unsigned int i1, unsigned int i2) { + if (i1 < i2) { + // handle error + } else { + i1 - i2; // COMPLIANT - bounds checked + } +} + +void test_sub_postcheck(unsigned int i1, unsigned int i2) { + unsigned int i3 = i1 - i2; // COMPLIANT - checked for wrap afterwards + if (i3 > i1) { + // handle error + } +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/Overflow.qll b/cpp/common/src/codingstandards/cpp/Overflow.qll index 42651c8cab..9847e8f2f3 100644 --- a/cpp/common/src/codingstandards/cpp/Overflow.qll +++ b/cpp/common/src/codingstandards/cpp/Overflow.qll @@ -42,6 +42,22 @@ class InterestingBinaryOverflowingExpr extends BinaryArithmeticOperation { ) } + predicate hasPostCheck() { + exists(RelationalOperation ro | + DataFlow::localExprFlow(this, ro.getLesserOperand()) and + globalValueNumber(ro.getGreaterOperand()) = globalValueNumber(this.getAnOperand()) and + this instanceof AddExpr and + ro instanceof GuardCondition + ) + or + exists(RelationalOperation ro | + DataFlow::localExprFlow(this, ro.getGreaterOperand()) and + globalValueNumber(ro.getLesserOperand()) = globalValueNumber(this.getAnOperand()) and + this instanceof SubExpr and + ro instanceof GuardCondition + ) + } + /** * Identifies a bad overflow check for this overflow expression. */ From c4ff2de8c43aaad2f5eae1ded88137e269f31bee Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 20 Mar 2023 08:56:24 +0000 Subject: [PATCH 0788/2573] IntegerOverflow: Implement INT33-C Adds a query to find div/rem by zero errors. --- c/cert/src/rules/INT33-C/DivOrRemByZero.md | 16 ++++++++ c/cert/src/rules/INT33-C/DivOrRemByZero.ql | 37 +++++++++++++++++++ .../rules/INT33-C/DivOrRemByZero.expected | 4 ++ .../test/rules/INT33-C/DivOrRemByZero.qlref | 1 + c/cert/test/rules/INT33-C/test.c | 33 +++++++++++++++++ 5 files changed, 91 insertions(+) create mode 100644 c/cert/src/rules/INT33-C/DivOrRemByZero.md create mode 100644 c/cert/src/rules/INT33-C/DivOrRemByZero.ql create mode 100644 c/cert/test/rules/INT33-C/DivOrRemByZero.expected create mode 100644 c/cert/test/rules/INT33-C/DivOrRemByZero.qlref create mode 100644 c/cert/test/rules/INT33-C/test.c diff --git a/c/cert/src/rules/INT33-C/DivOrRemByZero.md b/c/cert/src/rules/INT33-C/DivOrRemByZero.md new file mode 100644 index 0000000000..6a86d3e88d --- /dev/null +++ b/c/cert/src/rules/INT33-C/DivOrRemByZero.md @@ -0,0 +1,16 @@ +# INT33-C: Ensure that division and remainder operations do not result in divide-by-zero errors + +This query implements the CERT-C rule INT33-C: + +> Ensure that division and remainder operations do not result in divide-by-zero errors +## CERT + +** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** + +## Implementation notes + +None + +## References + +* CERT-C: [INT33-C: Ensure that division and remainder operations do not result in divide-by-zero errors](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/INT33-C/DivOrRemByZero.ql b/c/cert/src/rules/INT33-C/DivOrRemByZero.ql new file mode 100644 index 0000000000..83cc1a4a60 --- /dev/null +++ b/c/cert/src/rules/INT33-C/DivOrRemByZero.ql @@ -0,0 +1,37 @@ +/** + * @id c/cert/div-or-rem-by-zero + * @name INT33-C: Ensure that division and remainder operations do not result in divide-by-zero errors + * @description Dividing or taking the remainder by zero is undefined behavior. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/cert/id/int33-c + * correctness + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import semmle.code.cpp.controlflow.Guards +import semmle.code.cpp.valuenumbering.GlobalValueNumbering + +from BinaryArithmeticOperation divOrMod, Expr divisor +where + not isExcluded(divOrMod, IntegerOverflowPackage::divOrRemByZeroQuery()) and + divOrMod.getOperator() = ["/", "%"] and + divisor = divOrMod.getRightOperand() and + divisor.getType() instanceof IntegralType and + // Range includes 0 + upperBound(divisor) >= 0 and + lowerBound(divisor) <= 0 and + // And an explicit check for 0 does not exist + not exists(GuardCondition gc, Expr left, Expr right | + gc.ensuresEq(left, right, 0, divOrMod.getBasicBlock(), false) and + globalValueNumber(left) = globalValueNumber(divisor) and + right.getValue().toInt() = 0 + ) and + // Uninstantiated templates may not have an accurate reflection of the range + not divOrMod.getEnclosingFunction().isFromUninstantiatedTemplate(_) +select divOrMod, + "Division or remainder expression with divisor that may be zero (divisor range " + + lowerBound(divisor) + "..." + upperBound(divisor) + ")." diff --git a/c/cert/test/rules/INT33-C/DivOrRemByZero.expected b/c/cert/test/rules/INT33-C/DivOrRemByZero.expected new file mode 100644 index 0000000000..66911a2ad6 --- /dev/null +++ b/c/cert/test/rules/INT33-C/DivOrRemByZero.expected @@ -0,0 +1,4 @@ +| test.c:4:3:4:9 | ... / ... | Division or remainder expression with divisor that may be zero (divisor range -2147483648...2147483647). | +| test.c:5:3:5:9 | ... % ... | Division or remainder expression with divisor that may be zero (divisor range -2147483648...2147483647). | +| test.c:12:5:12:11 | ... / ... | Division or remainder expression with divisor that may be zero (divisor range -2147483648...2147483647). | +| test.c:13:5:13:11 | ... % ... | Division or remainder expression with divisor that may be zero (divisor range -2147483648...2147483647). | diff --git a/c/cert/test/rules/INT33-C/DivOrRemByZero.qlref b/c/cert/test/rules/INT33-C/DivOrRemByZero.qlref new file mode 100644 index 0000000000..c3144339c8 --- /dev/null +++ b/c/cert/test/rules/INT33-C/DivOrRemByZero.qlref @@ -0,0 +1 @@ +rules/INT33-C/DivOrRemByZero.ql \ No newline at end of file diff --git a/c/cert/test/rules/INT33-C/test.c b/c/cert/test/rules/INT33-C/test.c new file mode 100644 index 0000000000..2dd76580f0 --- /dev/null +++ b/c/cert/test/rules/INT33-C/test.c @@ -0,0 +1,33 @@ +#include + +void test_simple(signed int i1, signed int i2) { + i1 / i2; // NON_COMPLIANT + i1 % i2; // NON_COMPLIANT +} + +void test_incomplete_check(signed int i1, signed int i2) { + if (i1 == INT_MIN && i2 == -1) { + // handle error + } else { + i1 / i2; // NON_COMPLIANT + i1 % i2; // NON_COMPLIANT + } +} + +void test_complete_check(signed int i1, signed int i2) { + if (i2 == 0 || (i1 == INT_MIN && i2 == -1)) { + // handle error + } else { + i1 / i2; // COMPLIANT + i1 % i2; // COMPLIANT + } +} + +void test_unsigned(unsigned int i1, unsigned int i2) { + if (i2 == 0) { + // handle error + } else { + i1 / i2; // COMPLIANT + i1 % i2; // COMPLIANT + } +} \ No newline at end of file From 195cc3f913c79bc1154e52493b48809b21d857be Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 20 Mar 2023 13:31:17 +0000 Subject: [PATCH 0789/2573] IntegerOverflow: Implement Rule 12.4. Implement Rule 12.4 by sharing a query with M5-19-1 for finding constant integer expressions that wrap around. --- ...ignedIntegerExpressionsWrapAround.expected | 16 ++++++ ...antUnsignedIntegerExpressionsWrapAround.ql | 2 + .../test.c | 49 +++++++++++++++++++ ...antUnsignedIntegerExpressionsWrapAround.ql | 28 +++++++++++ ...signedIntegerExpressionsWrapAround.testref | 1 + ...antUnsignedIntegerExpressionsWrapAround.ql | 14 +++--- ...UnsignedIntegerExpressionsWrapAround.qlref | 1 - ...signedIntegerExpressionsWrapAround.testref | 1 + ...ntUnsignedIntegerExpressionsWrapAround.qll | 21 ++++++++ ...ignedIntegerExpressionsWrapAround.expected | 0 ...antUnsignedIntegerExpressionsWrapAround.ql | 2 + .../test.cpp | 0 12 files changed, 126 insertions(+), 9 deletions(-) create mode 100644 c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.expected create mode 100644 c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql create mode 100644 c/common/test/rules/constantunsignedintegerexpressionswraparound/test.c create mode 100644 c/misra/src/rules/RULE-12-4/ConstantUnsignedIntegerExpressionsWrapAround.ql create mode 100644 c/misra/test/rules/RULE-12-4/ConstantUnsignedIntegerExpressionsWrapAround.testref delete mode 100644 cpp/autosar/test/rules/M5-19-1/ConstantUnsignedIntegerExpressionsWrapAround.qlref create mode 100644 cpp/autosar/test/rules/M5-19-1/ConstantUnsignedIntegerExpressionsWrapAround.testref create mode 100644 cpp/common/src/codingstandards/cpp/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.qll rename cpp/{autosar/test/rules/M5-19-1 => common/test/rules/constantunsignedintegerexpressionswraparound}/ConstantUnsignedIntegerExpressionsWrapAround.expected (100%) create mode 100644 cpp/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql rename cpp/{autosar/test/rules/M5-19-1 => common/test/rules/constantunsignedintegerexpressionswraparound}/test.cpp (100%) diff --git a/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.expected b/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.expected new file mode 100644 index 0000000000..7b3db09af5 --- /dev/null +++ b/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.expected @@ -0,0 +1,16 @@ +| test.c:11:7:11:18 | ... - ... | Use of a constant, unsigned, integer expression that over- or under-flows. | +| test.c:12:7:12:18 | ... + ... | Use of a constant, unsigned, integer expression that over- or under-flows. | +| test.c:18:7:18:19 | ... - ... | Use of a constant, unsigned, integer expression that over- or under-flows. | +| test.c:19:7:19:19 | ... + ... | Use of a constant, unsigned, integer expression that over- or under-flows. | +| test.c:25:7:25:18 | ... - ... | Use of a constant, unsigned, integer expression that over- or under-flows. | +| test.c:26:7:26:17 | ... + ... | Use of a constant, unsigned, integer expression that over- or under-flows. | +| test.c:33:7:33:20 | ... - ... | Use of a constant, unsigned, integer expression that over- or under-flows. | +| test.c:34:7:34:16 | ... + ... | Use of a constant, unsigned, integer expression that over- or under-flows. | +| test.c:34:7:34:20 | ... + ... | Use of a constant, unsigned, integer expression that over- or under-flows. | +| test.c:37:40:37:49 | ... + ... | Use of a constant, unsigned, integer expression that over- or under-flows. | +| test.c:40:7:40:19 | ... - ... | Use of a constant, unsigned, integer expression that over- or under-flows. | +| test.c:41:7:41:19 | ... + ... | Use of a constant, unsigned, integer expression that over- or under-flows. | +| test.c:46:7:46:17 | ... + ... | Use of a constant, unsigned, integer expression that over- or under-flows. | +| test.c:47:7:47:18 | ... - ... | Use of a constant, unsigned, integer expression that over- or under-flows. | +| test.c:48:7:48:17 | ... + ... | Use of a constant, unsigned, integer expression that over- or under-flows. | +| test.c:48:7:48:17 | ... + ... | Use of a constant, unsigned, integer expression that over- or under-flows. | diff --git a/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql b/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql new file mode 100644 index 0000000000..9fcc41c831 --- /dev/null +++ b/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.constantunsignedintegerexpressionswraparound.ConstantUnsignedIntegerExpressionsWrapAround diff --git a/c/common/test/rules/constantunsignedintegerexpressionswraparound/test.c b/c/common/test/rules/constantunsignedintegerexpressionswraparound/test.c new file mode 100644 index 0000000000..6ab1a43bd5 --- /dev/null +++ b/c/common/test/rules/constantunsignedintegerexpressionswraparound/test.c @@ -0,0 +1,49 @@ +#include + +// UINT_MIN and UULONG_MIN isn't defined, but it's going to be zero +#define UINT_MIN ((unsigned int)0) +#define UULONG_MIN ((unsigned long long)0) + +void test_signed_int() { + unsigned int a; + a = 1 + 1; // COMPLIANT + a = 0 - 1; // COMPLIANT + a = UINT_MIN - 1; // NON_COMPLIANT + a = UINT_MAX + 1; // NON_COMPLIANT + + const unsigned int const_min = UINT_MIN; + const unsigned int const_max = UINT_MAX; + a = const_min + 1; // COMPLIANT + a = const_max - 1; // COMPLIANT + a = const_min - 1; // NON_COMPLIANT + a = const_max + 1; // NON_COMPLIANT + +#define UNDERFLOW(x) (UINT_MIN - (x)) +#define OVERFLOW(x) (UINT_MAX + (x)) + a = UNDERFLOW(0); // COMPLIANT + a = OVERFLOW(0); // COMPLIANT + a = UNDERFLOW(1); // NON_COMPLIANT + a = OVERFLOW(1); // NON_COMPLIANT +} + +void test_long_long() { + unsigned long long a; + a = 1 + 1; // COMPLIANT + a = 0 - 1; // COMPLIANT + a = UULONG_MIN - 1; // NON_COMPLIANT + a = ULLONG_MAX + 1; // NON_COMPLIANT + + const unsigned long long const_min = UULONG_MIN; + const unsigned long long const_max = ULLONG_MAX; + a = const_min + 1; // COMPLIANT + a = const_max - 1; // COMPLIANT + a = const_min - 1; // NON_COMPLIANT + a = const_max + 1; // NON_COMPLIANT + +#define UNDERFLOW(x) (UULONG_MIN - (x)) +#define OVERFLOW(x) (ULLONG_MAX + (x)) + a = UNDERFLOW(0); // COMPLIANT + a = OVERFLOW(0); // COMPLIANT + a = UNDERFLOW(1); // NON_COMPLIANT + a = OVERFLOW(1); // NON_COMPLIANT +} \ No newline at end of file diff --git a/c/misra/src/rules/RULE-12-4/ConstantUnsignedIntegerExpressionsWrapAround.ql b/c/misra/src/rules/RULE-12-4/ConstantUnsignedIntegerExpressionsWrapAround.ql new file mode 100644 index 0000000000..b5d508dfe1 --- /dev/null +++ b/c/misra/src/rules/RULE-12-4/ConstantUnsignedIntegerExpressionsWrapAround.ql @@ -0,0 +1,28 @@ +/** + * @id c/misra/constant-unsigned-integer-expressions-wrap-around + * @name RULE-12-4: Evaluation of constant expressions should not lead to unsigned integer wrap-around + * @description Unsigned integer expressions do not strictly overflow, but instead wrap around in a + * modular way. Any constant unsigned integer expressions that in effect "overflow" + * will not be detected by the compiler. Although there may be good reasons at run-time + * to rely on the modular arithmetic provided by unsigned integer types, the reasons + * for using it at compile-time to evaluate a constant expression are less obvious. Any + * instance of an unsigned integer constant expression wrapping around is therefore + * likely to indicate a programming error. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-12-4 + * correctness + * security + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.rules.constantunsignedintegerexpressionswraparound.ConstantUnsignedIntegerExpressionsWrapAround + +class ConstantUnsignedIntegerExpressionsWrapAroundQuery extends ConstantUnsignedIntegerExpressionsWrapAroundSharedQuery { + ConstantUnsignedIntegerExpressionsWrapAroundQuery() { + this = IntegerOverflowPackage::constantUnsignedIntegerExpressionsWrapAroundQuery() + } +} diff --git a/c/misra/test/rules/RULE-12-4/ConstantUnsignedIntegerExpressionsWrapAround.testref b/c/misra/test/rules/RULE-12-4/ConstantUnsignedIntegerExpressionsWrapAround.testref new file mode 100644 index 0000000000..7e97e39764 --- /dev/null +++ b/c/misra/test/rules/RULE-12-4/ConstantUnsignedIntegerExpressionsWrapAround.testref @@ -0,0 +1 @@ +c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql \ No newline at end of file diff --git a/cpp/autosar/src/rules/M5-19-1/ConstantUnsignedIntegerExpressionsWrapAround.ql b/cpp/autosar/src/rules/M5-19-1/ConstantUnsignedIntegerExpressionsWrapAround.ql index 2ce54f07e1..221651b9b4 100644 --- a/cpp/autosar/src/rules/M5-19-1/ConstantUnsignedIntegerExpressionsWrapAround.ql +++ b/cpp/autosar/src/rules/M5-19-1/ConstantUnsignedIntegerExpressionsWrapAround.ql @@ -21,12 +21,10 @@ import cpp import codingstandards.cpp.autosar -import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis +import codingstandards.cpp.rules.constantunsignedintegerexpressionswraparound.ConstantUnsignedIntegerExpressionsWrapAround -from BinaryArithmeticOperation bao -where - not isExcluded(bao, ExpressionsPackage::constantUnsignedIntegerExpressionsWrapAroundQuery()) and - bao.isConstant() and - bao.getFullyConverted().getUnderlyingType().(IntegralType).isUnsigned() and - convertedExprMightOverflow(bao) -select bao, "Use of a constant, unsigned, integer expression that over- or under-flows." +class ConstantUnsignedIntegerExpressionsWrapAroundQuery extends ConstantUnsignedIntegerExpressionsWrapAroundSharedQuery { + ConstantUnsignedIntegerExpressionsWrapAroundQuery() { + this = ExpressionsPackage::constantUnsignedIntegerExpressionsWrapAroundQuery() + } +} diff --git a/cpp/autosar/test/rules/M5-19-1/ConstantUnsignedIntegerExpressionsWrapAround.qlref b/cpp/autosar/test/rules/M5-19-1/ConstantUnsignedIntegerExpressionsWrapAround.qlref deleted file mode 100644 index 5531830cbc..0000000000 --- a/cpp/autosar/test/rules/M5-19-1/ConstantUnsignedIntegerExpressionsWrapAround.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M5-19-1/ConstantUnsignedIntegerExpressionsWrapAround.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M5-19-1/ConstantUnsignedIntegerExpressionsWrapAround.testref b/cpp/autosar/test/rules/M5-19-1/ConstantUnsignedIntegerExpressionsWrapAround.testref new file mode 100644 index 0000000000..9d56f5d242 --- /dev/null +++ b/cpp/autosar/test/rules/M5-19-1/ConstantUnsignedIntegerExpressionsWrapAround.testref @@ -0,0 +1 @@ +cpp/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.qll b/cpp/common/src/codingstandards/cpp/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.qll new file mode 100644 index 0000000000..a6dd47fb8f --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.qll @@ -0,0 +1,21 @@ +/** + * Provides a library which includes a `problems` predicate for reporting unsigned integer + * wraparound related to constant expressions. + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis + +abstract class ConstantUnsignedIntegerExpressionsWrapAroundSharedQuery extends Query { } + +Query getQuery() { result instanceof ConstantUnsignedIntegerExpressionsWrapAroundSharedQuery } + +query predicate problems(BinaryArithmeticOperation bao, string message) { + not isExcluded(bao, getQuery()) and + bao.isConstant() and + bao.getFullyConverted().getUnderlyingType().(IntegralType).isUnsigned() and + convertedExprMightOverflow(bao) and + message = "Use of a constant, unsigned, integer expression that over- or under-flows." +} diff --git a/cpp/autosar/test/rules/M5-19-1/ConstantUnsignedIntegerExpressionsWrapAround.expected b/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.expected similarity index 100% rename from cpp/autosar/test/rules/M5-19-1/ConstantUnsignedIntegerExpressionsWrapAround.expected rename to cpp/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.expected diff --git a/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql b/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql new file mode 100644 index 0000000000..9fcc41c831 --- /dev/null +++ b/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.constantunsignedintegerexpressionswraparound.ConstantUnsignedIntegerExpressionsWrapAround diff --git a/cpp/autosar/test/rules/M5-19-1/test.cpp b/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/test.cpp similarity index 100% rename from cpp/autosar/test/rules/M5-19-1/test.cpp rename to cpp/common/test/rules/constantunsignedintegerexpressionswraparound/test.cpp From 9580891dc2fde066dd51c27e7595900a0b41c2e0 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 20 Mar 2023 13:33:01 +0000 Subject: [PATCH 0790/2573] Fix typo. --- .../rules/constantunsignedintegerexpressionswraparound/test.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/common/test/rules/constantunsignedintegerexpressionswraparound/test.c b/c/common/test/rules/constantunsignedintegerexpressionswraparound/test.c index 6ab1a43bd5..24a91e9bcc 100644 --- a/c/common/test/rules/constantunsignedintegerexpressionswraparound/test.c +++ b/c/common/test/rules/constantunsignedintegerexpressionswraparound/test.c @@ -4,7 +4,7 @@ #define UINT_MIN ((unsigned int)0) #define UULONG_MIN ((unsigned long long)0) -void test_signed_int() { +void test_unsigned_int() { unsigned int a; a = 1 + 1; // COMPLIANT a = 0 - 1; // COMPLIANT From e9c0c1813bc19151b383838fe8c47f55c9392c6d Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 20 Mar 2023 13:41:45 +0000 Subject: [PATCH 0791/2573] IntegerOverflow: Do not exclude casted expressions Constant binary expressions which are immediately casted to a signed type should not be excluded from this rule, because the "wrap" will still occur. --- ...nstantUnsignedIntegerExpressionsWrapAround.expected | 1 + .../test.c | 10 ++++++++-- ...23-03-20-constant-integer-expression-wrap-casted.md | 2 ++ .../ConstantUnsignedIntegerExpressionsWrapAround.qll | 2 +- ...nstantUnsignedIntegerExpressionsWrapAround.expected | 1 + .../test.cpp | 8 +++++++- 6 files changed, 20 insertions(+), 4 deletions(-) create mode 100644 change_notes/2023-03-20-constant-integer-expression-wrap-casted.md diff --git a/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.expected b/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.expected index 7b3db09af5..bfe36dae54 100644 --- a/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.expected +++ b/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.expected @@ -14,3 +14,4 @@ | test.c:47:7:47:18 | ... - ... | Use of a constant, unsigned, integer expression that over- or under-flows. | | test.c:48:7:48:17 | ... + ... | Use of a constant, unsigned, integer expression that over- or under-flows. | | test.c:48:7:48:17 | ... + ... | Use of a constant, unsigned, integer expression that over- or under-flows. | +| test.c:53:20:53:31 | ... + ... | Use of a constant, unsigned, integer expression that over- or under-flows. | diff --git a/c/common/test/rules/constantunsignedintegerexpressionswraparound/test.c b/c/common/test/rules/constantunsignedintegerexpressionswraparound/test.c index 24a91e9bcc..a779b86b94 100644 --- a/c/common/test/rules/constantunsignedintegerexpressionswraparound/test.c +++ b/c/common/test/rules/constantunsignedintegerexpressionswraparound/test.c @@ -6,8 +6,8 @@ void test_unsigned_int() { unsigned int a; - a = 1 + 1; // COMPLIANT - a = 0 - 1; // COMPLIANT + a = 1 + 1; // COMPLIANT - signed integer + a = 0 - 1; // COMPLIANT - signed integer a = UINT_MIN - 1; // NON_COMPLIANT a = UINT_MAX + 1; // NON_COMPLIANT @@ -46,4 +46,10 @@ void test_long_long() { a = OVERFLOW(0); // COMPLIANT a = UNDERFLOW(1); // NON_COMPLIANT a = OVERFLOW(1); // NON_COMPLIANT +} + +void test_conversion() { + signed int a = + (signed int)(UINT_MAX + 1); // NON_COMPLIANT - still an unsigned integer + // constant expression } \ No newline at end of file diff --git a/change_notes/2023-03-20-constant-integer-expression-wrap-casted.md b/change_notes/2023-03-20-constant-integer-expression-wrap-casted.md new file mode 100644 index 0000000000..321fff714f --- /dev/null +++ b/change_notes/2023-03-20-constant-integer-expression-wrap-casted.md @@ -0,0 +1,2 @@ + * `M5-19-1`: + - Reduce false negatives by fixing a bug where a constant expression was immediately casted to a signed type. \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.qll b/cpp/common/src/codingstandards/cpp/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.qll index a6dd47fb8f..0d9faa5a04 100644 --- a/cpp/common/src/codingstandards/cpp/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.qll +++ b/cpp/common/src/codingstandards/cpp/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.qll @@ -15,7 +15,7 @@ Query getQuery() { result instanceof ConstantUnsignedIntegerExpressionsWrapAroun query predicate problems(BinaryArithmeticOperation bao, string message) { not isExcluded(bao, getQuery()) and bao.isConstant() and - bao.getFullyConverted().getUnderlyingType().(IntegralType).isUnsigned() and + bao.getUnderlyingType().(IntegralType).isUnsigned() and convertedExprMightOverflow(bao) and message = "Use of a constant, unsigned, integer expression that over- or under-flows." } diff --git a/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.expected b/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.expected index 89bf61f701..9b9718a09a 100644 --- a/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.expected +++ b/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.expected @@ -14,3 +14,4 @@ | test.cpp:59:7:59:17 | ... + ... | Use of a constant, unsigned, integer expression that over- or under-flows. | | test.cpp:63:7:63:45 | ... - ... | Use of a constant, unsigned, integer expression that over- or under-flows. | | test.cpp:64:7:64:45 | ... + ... | Use of a constant, unsigned, integer expression that over- or under-flows. | +| test.cpp:69:20:69:31 | ... + ... | Use of a constant, unsigned, integer expression that over- or under-flows. | diff --git a/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/test.cpp b/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/test.cpp index 215c99bb30..52e6e1ffa1 100644 --- a/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/test.cpp +++ b/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/test.cpp @@ -9,7 +9,7 @@ template constexpr T constexpr_max() { return std::numeric_limits::max(); } -void test_signed_int() { +void test_unsigned_int() { unsigned int a; a = 1 + 1; // COMPLIANT a = 0 - 1; // COMPLIANT @@ -62,4 +62,10 @@ void test_long_long() { a = constexpr_max() - 1; // COMPLIANT a = constexpr_min() - 1; // NON_COMPLIANT a = constexpr_max() + 1; // NON_COMPLIANT +} + +void test_conversion() { + signed int a = + (signed int)(UINT_MAX + 1); // NON_COMPLIANT - still an unsigned integer + // constant expression } \ No newline at end of file From d64b125fcffcd9eb9b3173f7e182f0d7e1aef380 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 20 Mar 2023 13:44:20 +0000 Subject: [PATCH 0792/2573] Macro: Add classes for library vs user macro. --- .../src/rules/A5-2-2/TraditionalCStyleCastsUsed.ql | 11 +---------- cpp/common/src/codingstandards/cpp/Macro.qll | 10 ++++++++++ 2 files changed, 11 insertions(+), 10 deletions(-) diff --git a/cpp/autosar/src/rules/A5-2-2/TraditionalCStyleCastsUsed.ql b/cpp/autosar/src/rules/A5-2-2/TraditionalCStyleCastsUsed.ql index c769339d65..66a289dfe0 100644 --- a/cpp/autosar/src/rules/A5-2-2/TraditionalCStyleCastsUsed.ql +++ b/cpp/autosar/src/rules/A5-2-2/TraditionalCStyleCastsUsed.ql @@ -15,6 +15,7 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.Macro /** * Gets the macro (if any) that generated the given `CStyleCast`. @@ -34,16 +35,6 @@ Macro getGeneratedFrom(CStyleCast c) { ) } -/** A macro within the source location of this project. */ -class UserProvidedMacro extends Macro { - UserProvidedMacro() { exists(this.getFile().getRelativePath()) } -} - -/** A macro defined within a library used by this project. */ -class LibraryMacro extends Macro { - LibraryMacro() { not this instanceof UserProvidedMacro } -} - /* * In theory this query should exclude casts using the "functional notation" syntax, e.g. * ``` diff --git a/cpp/common/src/codingstandards/cpp/Macro.qll b/cpp/common/src/codingstandards/cpp/Macro.qll index cb1231e04f..53c72cbcaf 100644 --- a/cpp/common/src/codingstandards/cpp/Macro.qll +++ b/cpp/common/src/codingstandards/cpp/Macro.qll @@ -68,3 +68,13 @@ pragma[noinline] predicate isMacroInvocationLocation(MacroInvocation mi, File f, int startChar, int endChar) { mi.getActualLocation().charLoc(f, startChar, endChar) } + +/** A macro within the source location of this project. */ +class UserProvidedMacro extends Macro { + UserProvidedMacro() { exists(this.getFile().getRelativePath()) } +} + +/** A macro defined within a library used by this project. */ +class LibraryMacro extends Macro { + LibraryMacro() { not this instanceof UserProvidedMacro } +} From a845f3821d1d17e979bbb5316aeda4365c972793 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 20 Mar 2023 15:42:09 +0000 Subject: [PATCH 0793/2573] IntegerOverflow: Exclude macro results For the "constantintegerexpressionswraparound" query, exclude results in macros from third-party libraries which do not have any arguments, as they are (a) not controlled by the user (b) likely intended or false positives (such as UULONG_MAX). --- ...nsignedIntegerExpressionsWrapAround.expected | 4 ---- cpp/common/src/codingstandards/cpp/Macro.qll | 11 ++++++++++- ...tantUnsignedIntegerExpressionsWrapAround.qll | 17 +++++++++++++++++ 3 files changed, 27 insertions(+), 5 deletions(-) diff --git a/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.expected b/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.expected index bfe36dae54..614ad8a9de 100644 --- a/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.expected +++ b/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.expected @@ -5,13 +5,9 @@ | test.c:25:7:25:18 | ... - ... | Use of a constant, unsigned, integer expression that over- or under-flows. | | test.c:26:7:26:17 | ... + ... | Use of a constant, unsigned, integer expression that over- or under-flows. | | test.c:33:7:33:20 | ... - ... | Use of a constant, unsigned, integer expression that over- or under-flows. | -| test.c:34:7:34:16 | ... + ... | Use of a constant, unsigned, integer expression that over- or under-flows. | | test.c:34:7:34:20 | ... + ... | Use of a constant, unsigned, integer expression that over- or under-flows. | -| test.c:37:40:37:49 | ... + ... | Use of a constant, unsigned, integer expression that over- or under-flows. | | test.c:40:7:40:19 | ... - ... | Use of a constant, unsigned, integer expression that over- or under-flows. | | test.c:41:7:41:19 | ... + ... | Use of a constant, unsigned, integer expression that over- or under-flows. | -| test.c:46:7:46:17 | ... + ... | Use of a constant, unsigned, integer expression that over- or under-flows. | | test.c:47:7:47:18 | ... - ... | Use of a constant, unsigned, integer expression that over- or under-flows. | | test.c:48:7:48:17 | ... + ... | Use of a constant, unsigned, integer expression that over- or under-flows. | -| test.c:48:7:48:17 | ... + ... | Use of a constant, unsigned, integer expression that over- or under-flows. | | test.c:53:20:53:31 | ... + ... | Use of a constant, unsigned, integer expression that over- or under-flows. | diff --git a/cpp/common/src/codingstandards/cpp/Macro.qll b/cpp/common/src/codingstandards/cpp/Macro.qll index 53c72cbcaf..65d0321271 100644 --- a/cpp/common/src/codingstandards/cpp/Macro.qll +++ b/cpp/common/src/codingstandards/cpp/Macro.qll @@ -71,7 +71,16 @@ predicate isMacroInvocationLocation(MacroInvocation mi, File f, int startChar, i /** A macro within the source location of this project. */ class UserProvidedMacro extends Macro { - UserProvidedMacro() { exists(this.getFile().getRelativePath()) } + UserProvidedMacro() { + exists(this.getFile().getRelativePath()) and + // Exclude macros in our standard library header stubs for tests, because qltest sets the source + // root to the qlpack root, which means our stubs all look like source files. + // + // This may affect "real" code as well, if it happens to be at this path, but given the name + // I think it's likely that we'd want that to be the case anyway. + not this.getFile().getRelativePath().substring(0, "includes/standard-library".length()) = + "includes/standard-library" + } } /** A macro defined within a library used by this project. */ diff --git a/cpp/common/src/codingstandards/cpp/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.qll b/cpp/common/src/codingstandards/cpp/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.qll index 0d9faa5a04..71b06a4662 100644 --- a/cpp/common/src/codingstandards/cpp/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.qll +++ b/cpp/common/src/codingstandards/cpp/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.qll @@ -5,6 +5,7 @@ import cpp import codingstandards.cpp.Customizations +import codingstandards.cpp.Macro import codingstandards.cpp.Exclusions import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis @@ -17,5 +18,21 @@ query predicate problems(BinaryArithmeticOperation bao, string message) { bao.isConstant() and bao.getUnderlyingType().(IntegralType).isUnsigned() and convertedExprMightOverflow(bao) and + // Exclude expressions generated from macro invocations of argument-less macros in third party + // code. This is because these are not under the control of the developer. Macros with arguments + // are not excluded, so that we can report cases where the argument provided by the developer + // wraps around (this may also report cases where the macro itself contains a wrapping expression, + // but we cannot distinguish these cases because we don't know which generated expressions are + // affected by which arguments). + // + // This addresses a false positive in the test cases on UULONG_MAX, which is reported in MUSL + // because it is defined as (2ULL*LLONG_MAX+1), which is a constant integer expression, and + // although it doesn't wrap in practice, our range analysis loses precision at the top end of the + // unsigned long long range so incorrectly assumes it can wrap. + not exists(LibraryMacro m, MacroInvocation mi | + mi = m.getAnInvocation() and + mi.getAnExpandedElement() = bao and + not exists(mi.getUnexpandedArgument(_)) + ) and message = "Use of a constant, unsigned, integer expression that over- or under-flows." } From 3f2db7abd2d6fd11e37f6dc1e1447c7dd31c754d Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 20 Mar 2023 22:39:00 +0000 Subject: [PATCH 0794/2573] IntegerOverflow: clarify valid post-check Only applicable to unsigned operations --- .../UnsignedIntegerOperationsWrapAround.ql | 2 +- .../src/codingstandards/cpp/Overflow.qll | 34 ++++++++++++------- 2 files changed, 22 insertions(+), 14 deletions(-) diff --git a/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql b/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql index 9ed7d07336..f407cfb2a4 100644 --- a/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql +++ b/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql @@ -29,7 +29,7 @@ where // Not guarded by a check, where the check is not an invalid overflow check not bop.getAGuardingGVN() = globalValueNumber(bop.getAChild*()) and // Is not checked after the operation - not bop.hasPostCheck() + not bop.hasValidPostCheck() select bop, "Binary expression ..." + bop.getOperator() + "... of type " + bop.getType().getUnderlyingType() + " may wrap." diff --git a/cpp/common/src/codingstandards/cpp/Overflow.qll b/cpp/common/src/codingstandards/cpp/Overflow.qll index 9847e8f2f3..9d295f3db4 100644 --- a/cpp/common/src/codingstandards/cpp/Overflow.qll +++ b/cpp/common/src/codingstandards/cpp/Overflow.qll @@ -42,19 +42,27 @@ class InterestingBinaryOverflowingExpr extends BinaryArithmeticOperation { ) } - predicate hasPostCheck() { - exists(RelationalOperation ro | - DataFlow::localExprFlow(this, ro.getLesserOperand()) and - globalValueNumber(ro.getGreaterOperand()) = globalValueNumber(this.getAnOperand()) and - this instanceof AddExpr and - ro instanceof GuardCondition - ) - or - exists(RelationalOperation ro | - DataFlow::localExprFlow(this, ro.getGreaterOperand()) and - globalValueNumber(ro.getLesserOperand()) = globalValueNumber(this.getAnOperand()) and - this instanceof SubExpr and - ro instanceof GuardCondition + /** + * Holds if there is a correct validity check after this expression which may overflow. + * + * Only holds for unsigned expressions, as signed overflow/underflow are undefined behavior. + */ + predicate hasValidPostCheck() { + this.getType().(IntegralType).isUnsigned() and + ( + exists(RelationalOperation ro | + DataFlow::localExprFlow(this, ro.getLesserOperand()) and + globalValueNumber(ro.getGreaterOperand()) = globalValueNumber(this.getAnOperand()) and + this instanceof AddExpr and + ro instanceof GuardCondition + ) + or + exists(RelationalOperation ro | + DataFlow::localExprFlow(this, ro.getGreaterOperand()) and + globalValueNumber(ro.getLesserOperand()) = globalValueNumber(this.getAnOperand()) and + this instanceof SubExpr and + ro instanceof GuardCondition + ) ) } From 37df9a6bf60c77a4a124ee99e6386ca54252dede Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 21 Mar 2023 11:28:53 +0000 Subject: [PATCH 0795/2573] IntegerOverflow: Implement INT32-C Adds a query to detect signed integer operation overflow/underflow. Initially this only supports add and subtract operations, and detects CERT recommended patterns of avoiding overflow/underflow. --- .../rules/INT32-C/SignedIntegerOverflow.md | 18 ++ .../rules/INT32-C/SignedIntegerOverflow.ql | 33 ++++ .../INT32-C/SignedIntegerOverflow.expected | 5 + .../rules/INT32-C/SignedIntegerOverflow.qlref | 1 + c/cert/test/rules/INT32-C/test.c | 160 ++++++++++++++++++ .../src/codingstandards/cpp/Overflow.qll | 103 +++++++++++ 6 files changed, 320 insertions(+) create mode 100644 c/cert/src/rules/INT32-C/SignedIntegerOverflow.md create mode 100644 c/cert/src/rules/INT32-C/SignedIntegerOverflow.ql create mode 100644 c/cert/test/rules/INT32-C/SignedIntegerOverflow.expected create mode 100644 c/cert/test/rules/INT32-C/SignedIntegerOverflow.qlref create mode 100644 c/cert/test/rules/INT32-C/test.c diff --git a/c/cert/src/rules/INT32-C/SignedIntegerOverflow.md b/c/cert/src/rules/INT32-C/SignedIntegerOverflow.md new file mode 100644 index 0000000000..44c23b7b2c --- /dev/null +++ b/c/cert/src/rules/INT32-C/SignedIntegerOverflow.md @@ -0,0 +1,18 @@ +# INT32-C: Ensure that operations on signed integers do not result in overflow + +This query implements the CERT-C rule INT32-C: + +> Ensure that operations on signed integers do not result in overflow + + +## CERT + +** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** + +## Implementation notes + +None + +## References + +* CERT-C: [INT32-C: Ensure that operations on signed integers do not result in overflow](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/INT32-C/SignedIntegerOverflow.ql b/c/cert/src/rules/INT32-C/SignedIntegerOverflow.ql new file mode 100644 index 0000000000..782f8a41ef --- /dev/null +++ b/c/cert/src/rules/INT32-C/SignedIntegerOverflow.ql @@ -0,0 +1,33 @@ +/** + * @id c/cert/signed-integer-overflow + * @name INT32-C: Ensure that operations on signed integers do not result in overflow + * @description + * @kind problem + * @precision high + * @problem.severity error + * @tags external/cert/id/int32-c + * correctness + * security + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import codingstandards.cpp.Overflow +import semmle.code.cpp.controlflow.Guards +import semmle.code.cpp.valuenumbering.GlobalValueNumbering + +/* TODO: review the table to restrict to only those operations that actually overflow */ +from InterestingBinaryOverflowingExpr bop +where + not isExcluded(bop, IntegerOverflowPackage::signedIntegerOverflowQuery()) and + bop.getType().getUnderlyingType().(IntegralType).isSigned() and + // Not within a guard condition + not exists(GuardCondition gc | gc.getAChild*() = bop) and + // Not checked before the operation + not bop.hasValidPreCheck() and + // Not guarded by a check, where the check is not an invalid overflow check + not bop.getAGuardingGVN() = globalValueNumber(bop.getAChild*()) +select bop, + "Binary expression ..." + bop.getOperator() + "... of type " + bop.getType().getUnderlyingType() + + " may overflow or underflow." diff --git a/c/cert/test/rules/INT32-C/SignedIntegerOverflow.expected b/c/cert/test/rules/INT32-C/SignedIntegerOverflow.expected new file mode 100644 index 0000000000..b643b0b94e --- /dev/null +++ b/c/cert/test/rules/INT32-C/SignedIntegerOverflow.expected @@ -0,0 +1,5 @@ +| test.c:6:3:6:9 | ... + ... | Binary expression ...+... of type int may overflow or underflow. | +| test.c:23:5:23:11 | ... + ... | Binary expression ...+... of type int may overflow or underflow. | +| test.c:28:19:28:25 | ... + ... | Binary expression ...+... of type int may overflow or underflow. | +| test.c:36:3:36:9 | ... - ... | Binary expression ...-... of type int may overflow or underflow. | +| test.c:49:19:49:25 | ... - ... | Binary expression ...-... of type int may overflow or underflow. | diff --git a/c/cert/test/rules/INT32-C/SignedIntegerOverflow.qlref b/c/cert/test/rules/INT32-C/SignedIntegerOverflow.qlref new file mode 100644 index 0000000000..dcb26795eb --- /dev/null +++ b/c/cert/test/rules/INT32-C/SignedIntegerOverflow.qlref @@ -0,0 +1 @@ +rules/INT32-C/SignedIntegerOverflow.ql \ No newline at end of file diff --git a/c/cert/test/rules/INT32-C/test.c b/c/cert/test/rules/INT32-C/test.c new file mode 100644 index 0000000000..ad6f1ea2bc --- /dev/null +++ b/c/cert/test/rules/INT32-C/test.c @@ -0,0 +1,160 @@ +#include +#include +#include + +void test_add_simple(signed int i1, signed int i2) { + i1 + i2; // NON_COMPLIANT - not bounds checked +} + +void test_add_precheck(signed int i1, signed int i2) { + // Style recommended by CERT + if (((i2 > 0) && (i1 > (INT_MAX - i2))) || + ((i2 < 0) && (i1 < (INT_MIN - i2)))) { + // handle error + } else { + i1 + i2; // COMPLIANT - bounds appropriately checked + } +} + +void test_add_precheck_2(signed int i1, signed int i2) { + if (i1 + i2 < i1) { // Bad overflow check - undefined behavior + // handle error + } else { + i1 + i2; // NON_COMPLIANT + } +} + +void test_add_postcheck(signed int i1, signed int i2) { + signed int i3 = i1 + i2; // NON_COMPLIANT - signed overflow is undefined + // behavior, so checking afterwards is not sufficient + if (i3 < i1) { + // handle error + } +} + +void test_sub_simple(signed int i1, signed int i2) { + i1 - i2; // NON_COMPLIANT - not bounds checked +} + +void test_sub_precheck(signed int i1, signed int i2) { + // Style recomended by CERT + if ((i2 > 0 && i1 < INT_MIN + i2) || (i2 < 0 && i1 > INT_MAX + i2)) { + // handle error + } else { + i1 - i2; // COMPLIANT - bounds checked + } +} + +void test_sub_postcheck(signed int i1, signed int i2) { + signed int i3 = i1 - i2; // NON_COMPLIANT - underflow is undefined behavior. + if (i3 > i1) { + // handle error + } +} + +void test_mul_simple(signed int i1, signed int i2) { + i1 *i2; // NON_COMPLIANT +} + +void test_mul_precheck(signed int i1, signed int i2) { + signed long long tmp = + (signed long long)i1 * (signed long long)i2; // COMPLIANT + signed int result; + + if (tmp > INT_MAX || tmp < INT_MIN) { + // handle error + } else { + i1 *i2; // COMPLIANT - checked + result = (signed int)tmp; + } +} + +void test_mul_precheck_2(signed int i1, signed int i2) { + if (i1 > 0) { + if (i2 > 0) { + if (i1 > (INT_MAX / i2)) { + return; // handle error + } + } else { + if (i2 < (INT_MIN / i1)) { + // handle error + return; // handle error + } + } + } else { + if (i2 > 0) { + if (i1 < (INT_MIN / i2)) { + // handle error + return; // handle error + } + } else { + if ((i1 != 0) && (i2 < (INT_MAX / i1))) { + // handle error + return; // handle error + } + } + } + i1 *i2; // COMPLIANT +} + +void test_simple_div(signed int i1, signed int i2) { + if (i2 == 0) { + // handle error + } else { + i1 / i2; // NON_COMPLIANT + } +} + +void test_div_precheck(signed int i1, signed int i2) { + if ((i2 == 0) || ((i1 == LONG_MIN) && (i2 == -1))) { + /* Handle error */ + } else { + i1 / i2; // COMPLIANT + } +} + +void test_simple_rem(signed int i1, signed int i2) { + if (i2 == 0) { + // handle error + } else { + i1 % i2; // NON_COMPLIANT + } +} + +void test_rem_precheck(signed int i1, signed int i2) { + if ((i2 == 0) || ((i1 == LONG_MIN) && (i2 == -1))) { + /* Handle error */ + } else { + i1 % i2; // COMPLIANT + } +} + +void test_simple_left_shift(signed int i1, signed int i2) { + i1 << i2; // NON_COMPLIANT +} + +/* Returns the number of set bits */ +size_t popcount(uintmax_t num); + +#define PRECISION(umax_value) popcount(umax_value) + +void test_left_shift_precheck(signed int i1, signed int i2) { + if ((i1 < 0) || (i2 < 0) || (i2 >= PRECISION(UINT_MAX)) || + (i1 > (INT_MAX >> i2))) { + // handle error + } else { + i1 << i2; // COMPLIANT + } +} + +void test_simple_negate(signed int i1) { + -i1; // NON_COMPLIANT +} + +void test_negate_precheck(signed int i1) { + if (i1 == INT_MIN) { + // handle error + } else { + -i1; // COMPLIANT + } +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/Overflow.qll b/cpp/common/src/codingstandards/cpp/Overflow.qll index 9d295f3db4..0ad0753d49 100644 --- a/cpp/common/src/codingstandards/cpp/Overflow.qll +++ b/cpp/common/src/codingstandards/cpp/Overflow.qll @@ -42,6 +42,105 @@ class InterestingBinaryOverflowingExpr extends BinaryArithmeticOperation { ) } + /** + * Holds if there is a correct validity check after this expression which may overflow. + */ + predicate hasValidPreCheck() { + exists(GVN i1, GVN i2 | + i1 = globalValueNumber(this.getLeftOperand()) and + i2 = globalValueNumber(this.getRightOperand()) + or + i2 = globalValueNumber(this.getLeftOperand()) and + i1 = globalValueNumber(this.getRightOperand()) + | + // The CERT rule for signed integer overflow has a very specific pattern it recommends + // for checking for overflow. We try to match the pattern here. + // ((i2 > 0 && i1 > (INT_MAX - i2)) || (i2 < 0 && i1 < (INT_MIN - i2))) + this instanceof AddExpr and + exists(LogicalOrExpr orExpr | + // GuardCondition doesn't work in this case, so just confirm that this check dominates the overflow + bbDominates(orExpr.getBasicBlock(), this.getBasicBlock()) and + exists(LogicalAndExpr andExpr | + andExpr = orExpr.getAnOperand() and + exists(StrictRelationalOperation gt | + gt = andExpr.getAnOperand() and + gt.getLesserOperand().getValue() = "0" and + globalValueNumber(gt.getGreaterOperand()) = i2 + ) and + exists(StrictRelationalOperation gt | + gt = andExpr.getAnOperand() and + gt.getLesserOperand() = + any(SubExpr se | + se.getLeftOperand().getValue().toFloat() = typeUpperBound(getType()) and + globalValueNumber(se.getRightOperand()) = i2 + ) and + globalValueNumber(gt.getGreaterOperand()) = i1 + ) + ) and + exists(LogicalAndExpr andExpr | + andExpr = orExpr.getAnOperand() and + exists(StrictRelationalOperation gt | + gt = andExpr.getAnOperand() and + gt.getGreaterOperand().getValue() = "0" and + globalValueNumber(gt.getLesserOperand()) = i2 + ) and + exists(StrictRelationalOperation gt | + gt = andExpr.getAnOperand() and + gt.getGreaterOperand() = + any(SubExpr se | + se.getLeftOperand().getValue().toFloat() = typeLowerBound(getType()) and + globalValueNumber(se.getRightOperand()) = i2 + ) and + globalValueNumber(gt.getLesserOperand()) = i1 + ) + ) + ) + or + // The CERT rule for signed integer overflow has a very specific pattern it recommends + // for checking for underflow. We try to match the pattern here. + // ((i2 > 0 && i1 > (INT_MIN + i2)) || (i2 < 0 && i1 < (INT_MAX + i2))) + this instanceof SubExpr and + exists(LogicalOrExpr orExpr | + // GuardCondition doesn't work in this case, so just confirm that this check dominates the overflow + bbDominates(orExpr.getBasicBlock(), this.getBasicBlock()) and + exists(LogicalAndExpr andExpr | + andExpr = orExpr.getAnOperand() and + exists(StrictRelationalOperation gt | + gt = andExpr.getAnOperand() and + gt.getLesserOperand().getValue() = "0" and + globalValueNumber(gt.getGreaterOperand()) = i2 + ) and + exists(StrictRelationalOperation gt | + gt = andExpr.getAnOperand() and + gt.getGreaterOperand() = + any(AddExpr se | + se.getLeftOperand().getValue().toFloat() = typeLowerBound(getType()) and + globalValueNumber(se.getRightOperand()) = i2 + ) and + globalValueNumber(gt.getLesserOperand()) = i1 + ) + ) and + exists(LogicalAndExpr andExpr | + andExpr = orExpr.getAnOperand() and + exists(StrictRelationalOperation gt | + gt = andExpr.getAnOperand() and + gt.getGreaterOperand().getValue() = "0" and + globalValueNumber(gt.getLesserOperand()) = i2 + ) and + exists(StrictRelationalOperation gt | + gt = andExpr.getAnOperand() and + gt.getLesserOperand() = + any(AddExpr se | + se.getLeftOperand().getValue().toFloat() = typeUpperBound(getType()) and + globalValueNumber(se.getRightOperand()) = i2 + ) and + globalValueNumber(gt.getGreaterOperand()) = i1 + ) + ) + ) + ) + } + /** * Holds if there is a correct validity check after this expression which may overflow. * @@ -90,3 +189,7 @@ class InterestingBinaryOverflowingExpr extends BinaryArithmeticOperation { ) } } + +private class StrictRelationalOperation extends RelationalOperation { + StrictRelationalOperation() { this.getOperator() = [">", "<"] } +} From 6dd30df225596bc39149f90dd55177a06e4d779d Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 21 Mar 2023 14:30:02 +0000 Subject: [PATCH 0796/2573] IntegerOverflow: Support MulExpr Add support for `MulExpr`s to the overflow library. --- .../INT32-C/SignedIntegerOverflow.expected | 1 + c/cert/test/rules/INT32-C/test.c | 2 +- .../A4-7-1/IntegerExpressionLeadToDataLoss.ql | 4 +- .../src/codingstandards/cpp/Overflow.qll | 113 +++++++++++++++++- 4 files changed, 116 insertions(+), 4 deletions(-) diff --git a/c/cert/test/rules/INT32-C/SignedIntegerOverflow.expected b/c/cert/test/rules/INT32-C/SignedIntegerOverflow.expected index b643b0b94e..7d24144030 100644 --- a/c/cert/test/rules/INT32-C/SignedIntegerOverflow.expected +++ b/c/cert/test/rules/INT32-C/SignedIntegerOverflow.expected @@ -3,3 +3,4 @@ | test.c:28:19:28:25 | ... + ... | Binary expression ...+... of type int may overflow or underflow. | | test.c:36:3:36:9 | ... - ... | Binary expression ...-... of type int may overflow or underflow. | | test.c:49:19:49:25 | ... - ... | Binary expression ...-... of type int may overflow or underflow. | +| test.c:56:3:56:8 | ... * ... | Binary expression ...*... of type int may overflow or underflow. | diff --git a/c/cert/test/rules/INT32-C/test.c b/c/cert/test/rules/INT32-C/test.c index ad6f1ea2bc..89b372bf1d 100644 --- a/c/cert/test/rules/INT32-C/test.c +++ b/c/cert/test/rules/INT32-C/test.c @@ -17,7 +17,7 @@ void test_add_precheck(signed int i1, signed int i2) { } void test_add_precheck_2(signed int i1, signed int i2) { - if (i1 + i2 < i1) { // Bad overflow check - undefined behavior + if (i1 + i2 < i1) { // NON_COMPLIANT - bad overflow check - undefined behavior // handle error } else { i1 + i2; // NON_COMPLIANT diff --git a/cpp/autosar/src/rules/A4-7-1/IntegerExpressionLeadToDataLoss.ql b/cpp/autosar/src/rules/A4-7-1/IntegerExpressionLeadToDataLoss.ql index 36d947e6eb..82c3a92451 100644 --- a/cpp/autosar/src/rules/A4-7-1/IntegerExpressionLeadToDataLoss.ql +++ b/cpp/autosar/src/rules/A4-7-1/IntegerExpressionLeadToDataLoss.ql @@ -25,5 +25,7 @@ where // Not within a guard condition not exists(GuardCondition gc | gc.getAChild*() = e) and // Not guarded by a check, where the check is not an invalid overflow check - not e.getAGuardingGVN() = globalValueNumber(e.getAChild*()) + not e.getAGuardingGVN() = globalValueNumber(e.getAChild*()) and + // Covered by `IntMultToLong.ql` instead + not e instanceof MulExpr select e, "Binary expression ..." + e.getOperator() + "... may overflow." diff --git a/cpp/common/src/codingstandards/cpp/Overflow.qll b/cpp/common/src/codingstandards/cpp/Overflow.qll index 0ad0753d49..62615de3f8 100644 --- a/cpp/common/src/codingstandards/cpp/Overflow.qll +++ b/cpp/common/src/codingstandards/cpp/Overflow.qll @@ -21,11 +21,13 @@ class InterestingBinaryOverflowingExpr extends BinaryArithmeticOperation { or exprMightOverflowPositively(this) ) and + // Multiplication is not covered by the standard range analysis library, so implement our own + // mini analysis. + (this instanceof MulExpr implies MulExprAnalysis::overflows(this)) and + // Not within a macro not this.isAffectedByMacro() and // Ignore pointer arithmetic not this instanceof PointerArithmeticOperation and - // Covered by `IntMultToLong.ql` instead - not this instanceof MulExpr and // Not covered by this query - overflow/underflow in division is rare not this instanceof DivExpr } @@ -138,6 +140,18 @@ class InterestingBinaryOverflowingExpr extends BinaryArithmeticOperation { ) ) ) + or + // The CERT rule for signed integer overflow has a very specific pattern it recommends + // for checking for multiplication underflow/overflow. We just use a heuristic here, + // which determines if at least 4 checks of the sort `a < INT_MAX / b` are present in the code. + this instanceof MulExpr and + count(StrictRelationalOperation rel | + globalValueNumber(rel.getAnOperand()) = i1 and + globalValueNumber(rel.getAnOperand().(DivExpr).getRightOperand()) = i2 + or + globalValueNumber(rel.getAnOperand()) = i2 and + globalValueNumber(rel.getAnOperand().(DivExpr).getRightOperand()) = i1 + ) >= 4 ) } @@ -193,3 +207,98 @@ class InterestingBinaryOverflowingExpr extends BinaryArithmeticOperation { private class StrictRelationalOperation extends RelationalOperation { StrictRelationalOperation() { this.getOperator() = [">", "<"] } } + +/** + * Module inspired by the IntMultToLong.ql query. + */ +private module MulExprAnalysis { + /** + * As SimpleRangeAnalysis does not support reasoning about multiplication + * we create a tiny abstract interpreter for handling multiplication, which + * we invoke only after weeding out of all of trivial cases that we do + * not care about. By default, the maximum and minimum values are computed + * using SimpleRangeAnalysis. + */ + class AnalyzableExpr extends Expr { + AnalyzableExpr() { + // A integer multiplication, or an expression within an integral expression + this.(MulExpr).getType().getUnspecifiedType() instanceof IntegralType or + this.getParent() instanceof AnalyzableExpr or + this.(Conversion).getExpr() instanceof AnalyzableExpr + } + + float maxValue() { result = upperBound(this.getFullyConverted()) } + + float minValue() { result = lowerBound(this.getFullyConverted()) } + } + + class ParenAnalyzableExpr extends AnalyzableExpr, ParenthesisExpr { + override float maxValue() { result = this.getExpr().(AnalyzableExpr).maxValue() } + + override float minValue() { result = this.getExpr().(AnalyzableExpr).minValue() } + } + + class MulAnalyzableExpr extends AnalyzableExpr, MulExpr { + override float maxValue() { + exists(float x1, float y1, float x2, float y2 | + x1 = this.getLeftOperand().getFullyConverted().(AnalyzableExpr).minValue() and + x2 = this.getLeftOperand().getFullyConverted().(AnalyzableExpr).maxValue() and + y1 = this.getRightOperand().getFullyConverted().(AnalyzableExpr).minValue() and + y2 = this.getRightOperand().getFullyConverted().(AnalyzableExpr).maxValue() and + result = (x1 * y1).maximum(x1 * y2).maximum(x2 * y1).maximum(x2 * y2) + ) + } + + override float minValue() { + exists(float x1, float x2, float y1, float y2 | + x1 = this.getLeftOperand().getFullyConverted().(AnalyzableExpr).minValue() and + x2 = this.getLeftOperand().getFullyConverted().(AnalyzableExpr).maxValue() and + y1 = this.getRightOperand().getFullyConverted().(AnalyzableExpr).minValue() and + y2 = this.getRightOperand().getFullyConverted().(AnalyzableExpr).maxValue() and + result = (x1 * y1).minimum(x1 * y2).minimum(x2 * y1).minimum(x2 * y2) + ) + } + } + + /** + * Analyze add expressions directly. This handles the case where an add expression is contributed to + * by a multiplication. + */ + class AddAnalyzableExpr extends AnalyzableExpr, AddExpr { + override float maxValue() { + result = + this.getLeftOperand().getFullyConverted().(AnalyzableExpr).maxValue() + + this.getRightOperand().getFullyConverted().(AnalyzableExpr).maxValue() + } + + override float minValue() { + result = + this.getLeftOperand().getFullyConverted().(AnalyzableExpr).minValue() + + this.getRightOperand().getFullyConverted().(AnalyzableExpr).minValue() + } + } + + /** + * Analyze sub expressions directly. This handles the case where a sub expression is contributed to + * by a multiplication. + */ + class SubAnalyzableExpr extends AnalyzableExpr, SubExpr { + override float maxValue() { + result = + this.getLeftOperand().getFullyConverted().(AnalyzableExpr).maxValue() - + this.getRightOperand().getFullyConverted().(AnalyzableExpr).minValue() + } + + override float minValue() { + result = + this.getLeftOperand().getFullyConverted().(AnalyzableExpr).minValue() - + this.getRightOperand().getFullyConverted().(AnalyzableExpr).maxValue() + } + } + + predicate overflows(MulExpr me) { + me.(MulAnalyzableExpr).maxValue() > exprMaxVal(me) + or + me.(MulAnalyzableExpr).minValue() < exprMinVal(me) + } +} From 5b9e572990022461c74282c1c1b775e02c61b0c0 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 21 Mar 2023 14:31:33 +0000 Subject: [PATCH 0797/2573] INT32-C: Report issues in guards Signed integer overflow and underflow is undefined behavior, and so, unlike unsigned wraparound, it's not valid to do so even in a guard condition. --- c/cert/src/rules/INT32-C/SignedIntegerOverflow.ql | 2 -- c/cert/test/rules/INT32-C/SignedIntegerOverflow.expected | 1 + 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/c/cert/src/rules/INT32-C/SignedIntegerOverflow.ql b/c/cert/src/rules/INT32-C/SignedIntegerOverflow.ql index 782f8a41ef..263da11865 100644 --- a/c/cert/src/rules/INT32-C/SignedIntegerOverflow.ql +++ b/c/cert/src/rules/INT32-C/SignedIntegerOverflow.ql @@ -22,8 +22,6 @@ from InterestingBinaryOverflowingExpr bop where not isExcluded(bop, IntegerOverflowPackage::signedIntegerOverflowQuery()) and bop.getType().getUnderlyingType().(IntegralType).isSigned() and - // Not within a guard condition - not exists(GuardCondition gc | gc.getAChild*() = bop) and // Not checked before the operation not bop.hasValidPreCheck() and // Not guarded by a check, where the check is not an invalid overflow check diff --git a/c/cert/test/rules/INT32-C/SignedIntegerOverflow.expected b/c/cert/test/rules/INT32-C/SignedIntegerOverflow.expected index 7d24144030..28d13a7488 100644 --- a/c/cert/test/rules/INT32-C/SignedIntegerOverflow.expected +++ b/c/cert/test/rules/INT32-C/SignedIntegerOverflow.expected @@ -1,4 +1,5 @@ | test.c:6:3:6:9 | ... + ... | Binary expression ...+... of type int may overflow or underflow. | +| test.c:20:7:20:13 | ... + ... | Binary expression ...+... of type int may overflow or underflow. | | test.c:23:5:23:11 | ... + ... | Binary expression ...+... of type int may overflow or underflow. | | test.c:28:19:28:25 | ... + ... | Binary expression ...+... of type int may overflow or underflow. | | test.c:36:3:36:9 | ... - ... | Binary expression ...-... of type int may overflow or underflow. | From b51dc68eb574b3452922da8831d3ffa4d9c9f333 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 21 Mar 2023 22:12:14 +0000 Subject: [PATCH 0798/2573] IntegerOverflow: Implement INT31-C Adds a query to detect conversions which could potentially lead to data loss. This covers both explicit/implicit casts, and also calls to functions which internal convert values. --- .../IntegerConversionCausesDataLoss.md | 18 +++ .../IntegerConversionCausesDataLoss.ql | 88 ++++++++++++++ .../IntegerConversionCausesDataLoss.expected | 13 +++ .../IntegerConversionCausesDataLoss.qlref | 1 + c/cert/test/rules/INT31-C/test.c | 108 ++++++++++++++++++ 5 files changed, 228 insertions(+) create mode 100644 c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.md create mode 100644 c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.ql create mode 100644 c/cert/test/rules/INT31-C/IntegerConversionCausesDataLoss.expected create mode 100644 c/cert/test/rules/INT31-C/IntegerConversionCausesDataLoss.qlref create mode 100644 c/cert/test/rules/INT31-C/test.c diff --git a/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.md b/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.md new file mode 100644 index 0000000000..859ac3ec06 --- /dev/null +++ b/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.md @@ -0,0 +1,18 @@ +# INT31-C: Ensure that integer conversions do not result in lost or misinterpreted data + +This query implements the CERT-C rule INT31-C: + +> Ensure that integer conversions do not result in lost or misinterpreted data + + +## CERT + +** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** + +## Implementation notes + +None + +## References + +* CERT-C: [INT31-C: Ensure that integer conversions do not result in lost or misinterpreted data](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.ql b/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.ql new file mode 100644 index 0000000000..0df065922c --- /dev/null +++ b/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.ql @@ -0,0 +1,88 @@ +/** + * @id c/cert/integer-conversion-causes-data-loss + * @name INT31-C: Ensure that integer conversions do not result in lost or misinterpreted data + * @description + * @kind problem + * @precision high + * @problem.severity error + * @tags external/cert/id/int31-c + * correctness + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert + +class IntegerConversion extends Expr { + private IntegralType castedToType; + private Expr preConversionExpr; + + IntegerConversion() { + // This is an explicit cast + castedToType = this.(Cast).getActualType() and + preConversionExpr = this.(Cast).getExpr() + or + // Functions that internally cast an argument to unsigned char + castedToType instanceof UnsignedCharType and + this = preConversionExpr and + exists(FunctionCall call, string name | call.getTarget().hasGlobalOrStdName(name) | + name = ["ungetc", "fputc"] and + this = call.getArgument(0) + or + name = ["memset", "memchr"] and + this = call.getArgument(1) + or + name = "memset_s" and + this = call.getArgument(2) + ) + } + + Expr getPreConversionExpr() { result = preConversionExpr } + + Type getCastedToType() { result = castedToType } +} + +bindingset[value] +predicate withinIntegralRange(IntegralType typ, float value) { + exists(float lb, float ub, float limit | + limit = 2.pow(8 * typ.getSize()) and + ( + if typ.isUnsigned() + then ( + lb = 0 and ub = limit - 1 + ) else ( + lb = -limit / 2 and + ub = (limit / 2) - 1 + ) + ) and + value >= lb and + value <= ub + ) +} + +from IntegerConversion c, Expr preConversionExpr +where + not isExcluded(c, IntegerOverflowPackage::integerConversionCausesDataLossQuery()) and + preConversionExpr = c.getPreConversionExpr() and + // Casting from an integral type + preConversionExpr.getType().getUnspecifiedType() instanceof IntegralType and + // Where the result is not within the range of the target type + ( + not withinIntegralRange(c.getCastedToType(), lowerBound(preConversionExpr)) or + not withinIntegralRange(c.getCastedToType(), upperBound(preConversionExpr)) + ) and + // A conversion of `-1` to `time_t` is permitted by the standard + not ( + c.getType().getUnspecifiedType().hasName("time_t") and + preConversionExpr.getValue() = "-1" + ) and + // Conversion to unsigned char is permitted from the range [SCHAR_MIN..UCHAR_MAX], as those can + // legitimately represent characters + not ( + c.getType().getUnspecifiedType() instanceof UnsignedCharType and + lowerBound(preConversionExpr) >= typeLowerBound(any(SignedCharType s)) and + upperBound(preConversionExpr) <= typeUpperBound(any(UnsignedCharType s)) + ) +select c, + "Conversion from " + c.getPreConversionExpr().getType() + " to " + c.getCastedToType() + + " may cause data loss." diff --git a/c/cert/test/rules/INT31-C/IntegerConversionCausesDataLoss.expected b/c/cert/test/rules/INT31-C/IntegerConversionCausesDataLoss.expected new file mode 100644 index 0000000000..f2650c3466 --- /dev/null +++ b/c/cert/test/rules/INT31-C/IntegerConversionCausesDataLoss.expected @@ -0,0 +1,13 @@ +WARNING: Unused predicate test (/home/luke/git/codeql-coding-standards/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.ql:63,11-15) +WARNING: Unused predicate withinIntegralRange (/home/luke/git/codeql-coding-standards/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.ql:65,11-30) +| test.c:7:3:7:15 | (signed int)... | Conversion from unsigned int to signed int may cause data loss. | +| test.c:17:3:17:17 | (unsigned int)... | Conversion from signed int to unsigned int may cause data loss. | +| test.c:34:3:34:17 | (signed short)... | Conversion from signed int to signed short may cause data loss. | +| test.c:51:3:51:19 | (unsigned short)... | Conversion from unsigned int to unsigned short may cause data loss. | +| test.c:89:3:89:19 | (unsigned char)... | Conversion from signed int to unsigned char may cause data loss. | +| test.c:92:3:92:19 | (unsigned char)... | Conversion from signed int to unsigned char may cause data loss. | +| test.c:93:3:93:19 | (unsigned char)... | Conversion from signed int to unsigned char may cause data loss. | +| test.c:97:9:97:12 | 4096 | Conversion from int to unsigned char may cause data loss. | +| test.c:99:10:99:13 | 4096 | Conversion from int to unsigned char may cause data loss. | +| test.c:101:13:101:16 | 4096 | Conversion from int to unsigned char may cause data loss. | +| test.c:103:13:103:16 | 4096 | Conversion from int to unsigned char may cause data loss. | diff --git a/c/cert/test/rules/INT31-C/IntegerConversionCausesDataLoss.qlref b/c/cert/test/rules/INT31-C/IntegerConversionCausesDataLoss.qlref new file mode 100644 index 0000000000..277a450807 --- /dev/null +++ b/c/cert/test/rules/INT31-C/IntegerConversionCausesDataLoss.qlref @@ -0,0 +1 @@ +rules/INT31-C/IntegerConversionCausesDataLoss.ql \ No newline at end of file diff --git a/c/cert/test/rules/INT31-C/test.c b/c/cert/test/rules/INT31-C/test.c new file mode 100644 index 0000000000..2a4417d9c8 --- /dev/null +++ b/c/cert/test/rules/INT31-C/test.c @@ -0,0 +1,108 @@ +#include +#include +#include +#include + +void test_unsigned_to_signed(unsigned int x) { + (signed int)x; // NON_COMPLIANT - not larger enough to represent all +} + +void test_unsigned_to_signed_check(unsigned int x) { + if (x <= INT_MAX) { + (signed int)x; // COMPLIANT + } +} + +void test_signed_to_unsigned(signed int x) { + (unsigned int)x; // NON_COMPLIANT - not large enough to represent all +} + +void test_signed_to_unsigned_check(signed int x) { + if (x >= 0) { + (unsigned int)x; // COMPLIANT + } +} + +void test_signed_to_unsigned_check2(signed int x) { + if (x < 0) { + } else { + (unsigned int)x; // COMPLIANT + } +} + +void test_signed_loss_of_precision(signed int x) { + (signed short)x; // NON_COMPLIANT - not large enough to represent all +} + +void test_signed_loss_of_precision_check(signed int x) { + if (x >= SHRT_MIN && x <= SHRT_MAX) { + (signed short)x; // COMPLIANT + } +} + +void test_signed_loss_of_precision_check2(signed int x) { + if (x < SHRT_MIN || x > SHRT_MAX) { + } else { + (signed short)x; // COMPLIANT + } +} + +void test_unsigned_loss_of_precision(unsigned int x) { + (unsigned short)x; // NON_COMPLIANT - not large enough to represent all +} + +void test_unsigned_loss_of_precision_check(unsigned int x) { + if (x <= USHRT_MAX) { + (unsigned short)x; // COMPLIANT + } +} + +void test_unsigned_loss_of_precision_check2(unsigned int x) { + if (x > USHRT_MAX) { + } else { + (unsigned short)x; // COMPLIANT + } +} + +// We create a fake stub here to test the case +// that time_t is an unsigned type. +typedef unsigned int time_t; +time_t time(time_t *seconds); + +void test_time_t_check_against_zero(time_t x) { + time_t now = time(0); + if (now != -1) { // NON_COMPLIANT[FALSE_NEGATIVE] - there is no conversion + // here in our model + } + if (now != (time_t)-1) { // COMPLIANT + } +} + +void test_chars() { + signed int i1 = 'A'; + signed int i2 = 100000; + signed int i3 = -128; + signed int i4 = 255; + signed int i5 = -129; + signed int i6 = 256; + (unsigned char)i1; // COMPLIANT + (unsigned char)i2; // NON_COMPLIANT + (unsigned char)i3; // COMPLIANT + (unsigned char)i4; // COMPLIANT + (unsigned char)i5; // NON_COMPLIANT + (unsigned char)i6; // NON_COMPLIANT +} + +void test_funcs(int *a, size_t n) { + fputc(4096, stdout); // NON_COMPLIANT + fputc('A', stdout); // COMPLIANT + ungetc(4096, stdin); // NON_COMPLIANT + ungetc('A', stdin); // COMPLIANT + memchr(a, 4096, n); // NON_COMPLIANT + memchr(a, 'A', n); // COMPLIANT + memset(a, 4096, n); // NON_COMPLIANT + memset(a, 0, n); // COMPLIANT + // not supported in our stdlib, or in any of the compilers + // memset_s(a, rn, 4096, n); // NON_COMPLIANT + // memset_s(a, rn, 0, n); // COMPLIANT +} \ No newline at end of file From 9dfc2008c033e05dc579a9fd9b6e2de044d71140 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 21 Mar 2023 22:21:15 +0000 Subject: [PATCH 0799/2573] INT31-C: Exclude stdbool.h Conversions to bool should be permitted because they are not "lossy". --- c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.ql | 3 ++- c/cert/test/rules/INT31-C/test.c | 6 +++++- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.ql b/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.ql index 0df065922c..9b7f5ffe71 100644 --- a/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.ql +++ b/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.ql @@ -82,7 +82,8 @@ where c.getType().getUnspecifiedType() instanceof UnsignedCharType and lowerBound(preConversionExpr) >= typeLowerBound(any(SignedCharType s)) and upperBound(preConversionExpr) <= typeUpperBound(any(UnsignedCharType s)) - ) + ) and + not c.getCastedToType() instanceof BoolType select c, "Conversion from " + c.getPreConversionExpr().getType() + " to " + c.getCastedToType() + " may cause data loss." diff --git a/c/cert/test/rules/INT31-C/test.c b/c/cert/test/rules/INT31-C/test.c index 2a4417d9c8..08b09cf6b8 100644 --- a/c/cert/test/rules/INT31-C/test.c +++ b/c/cert/test/rules/INT31-C/test.c @@ -1,8 +1,8 @@ #include +#include #include #include #include - void test_unsigned_to_signed(unsigned int x) { (signed int)x; // NON_COMPLIANT - not larger enough to represent all } @@ -105,4 +105,8 @@ void test_funcs(int *a, size_t n) { // not supported in our stdlib, or in any of the compilers // memset_s(a, rn, 4096, n); // NON_COMPLIANT // memset_s(a, rn, 0, n); // COMPLIANT +} + +void test_bool(signed int s) { + (bool)s; // COMPLIANT } \ No newline at end of file From 7f672bf0cf03747ff3374a68d53d1d41d8e2a251 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 21 Mar 2023 22:33:31 +0000 Subject: [PATCH 0800/2573] INT31-C: Add better message for typedefs --- .../IntegerConversionCausesDataLoss.ql | 25 ++++++++++++------- .../IntegerConversionCausesDataLoss.expected | 2 -- 2 files changed, 16 insertions(+), 11 deletions(-) diff --git a/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.ql b/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.ql index 9b7f5ffe71..a04ee52735 100644 --- a/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.ql +++ b/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.ql @@ -19,7 +19,7 @@ class IntegerConversion extends Expr { IntegerConversion() { // This is an explicit cast - castedToType = this.(Cast).getActualType() and + castedToType = this.(Cast).getType().getUnspecifiedType() and preConversionExpr = this.(Cast).getExpr() or // Functions that internally cast an argument to unsigned char @@ -60,16 +60,21 @@ predicate withinIntegralRange(IntegralType typ, float value) { ) } -from IntegerConversion c, Expr preConversionExpr +from + IntegerConversion c, Expr preConversionExpr, Type castedToType, Type castedFromType, + IntegralType unspecifiedCastedFromType, string typeFromMessage where not isExcluded(c, IntegerOverflowPackage::integerConversionCausesDataLossQuery()) and preConversionExpr = c.getPreConversionExpr() and + castedFromType = preConversionExpr.getType() and // Casting from an integral type - preConversionExpr.getType().getUnspecifiedType() instanceof IntegralType and + unspecifiedCastedFromType = castedFromType.getUnspecifiedType() and + // Casting to an integral type + castedToType = c.getCastedToType() and // Where the result is not within the range of the target type ( - not withinIntegralRange(c.getCastedToType(), lowerBound(preConversionExpr)) or - not withinIntegralRange(c.getCastedToType(), upperBound(preConversionExpr)) + not withinIntegralRange(castedToType, lowerBound(preConversionExpr)) or + not withinIntegralRange(castedToType, upperBound(preConversionExpr)) ) and // A conversion of `-1` to `time_t` is permitted by the standard not ( @@ -83,7 +88,9 @@ where lowerBound(preConversionExpr) >= typeLowerBound(any(SignedCharType s)) and upperBound(preConversionExpr) <= typeUpperBound(any(UnsignedCharType s)) ) and - not c.getCastedToType() instanceof BoolType -select c, - "Conversion from " + c.getPreConversionExpr().getType() + " to " + c.getCastedToType() + - " may cause data loss." + not castedToType instanceof BoolType and + // Create a helpful message + if castedFromType = unspecifiedCastedFromType + then typeFromMessage = castedFromType.toString() + else typeFromMessage = castedFromType + " (" + unspecifiedCastedFromType + ")" +select c, "Conversion from " + typeFromMessage + " to " + castedToType + " may cause data loss." diff --git a/c/cert/test/rules/INT31-C/IntegerConversionCausesDataLoss.expected b/c/cert/test/rules/INT31-C/IntegerConversionCausesDataLoss.expected index f2650c3466..4418360b5b 100644 --- a/c/cert/test/rules/INT31-C/IntegerConversionCausesDataLoss.expected +++ b/c/cert/test/rules/INT31-C/IntegerConversionCausesDataLoss.expected @@ -1,5 +1,3 @@ -WARNING: Unused predicate test (/home/luke/git/codeql-coding-standards/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.ql:63,11-15) -WARNING: Unused predicate withinIntegralRange (/home/luke/git/codeql-coding-standards/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.ql:65,11-30) | test.c:7:3:7:15 | (signed int)... | Conversion from unsigned int to signed int may cause data loss. | | test.c:17:3:17:17 | (unsigned int)... | Conversion from signed int to unsigned int may cause data loss. | | test.c:34:3:34:17 | (signed short)... | Conversion from signed int to signed short may cause data loss. | From 9afa81e43740157544083b1ab1abbd209c9e43ec Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 21 Mar 2023 22:43:54 +0000 Subject: [PATCH 0801/2573] INT31-C: Improve error message to include range --- .../IntegerConversionCausesDataLoss.ql | 18 +++++++++++---- .../IntegerConversionCausesDataLoss.expected | 22 +++++++++---------- 2 files changed, 25 insertions(+), 15 deletions(-) diff --git a/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.ql b/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.ql index a04ee52735..395114bf02 100644 --- a/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.ql +++ b/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.ql @@ -62,7 +62,8 @@ predicate withinIntegralRange(IntegralType typ, float value) { from IntegerConversion c, Expr preConversionExpr, Type castedToType, Type castedFromType, - IntegralType unspecifiedCastedFromType, string typeFromMessage + IntegralType unspecifiedCastedFromType, string typeFromMessage, float preConversionLowerBound, + float preConversionUpperBound, float typeLowerBound, float typeUpperBound where not isExcluded(c, IntegerOverflowPackage::integerConversionCausesDataLossQuery()) and preConversionExpr = c.getPreConversionExpr() and @@ -71,10 +72,16 @@ where unspecifiedCastedFromType = castedFromType.getUnspecifiedType() and // Casting to an integral type castedToType = c.getCastedToType() and + // Get the upper/lower bound of the pre-conversion expression + preConversionLowerBound = lowerBound(preConversionExpr) and + preConversionUpperBound = upperBound(preConversionExpr) and + // Get the upper/lower bound of the target type + typeLowerBound = typeLowerBound(castedToType) and + typeUpperBound = typeUpperBound(castedToType) and // Where the result is not within the range of the target type ( - not withinIntegralRange(castedToType, lowerBound(preConversionExpr)) or - not withinIntegralRange(castedToType, upperBound(preConversionExpr)) + not withinIntegralRange(castedToType, preConversionLowerBound) or + not withinIntegralRange(castedToType, preConversionUpperBound) ) and // A conversion of `-1` to `time_t` is permitted by the standard not ( @@ -93,4 +100,7 @@ where if castedFromType = unspecifiedCastedFromType then typeFromMessage = castedFromType.toString() else typeFromMessage = castedFromType + " (" + unspecifiedCastedFromType + ")" -select c, "Conversion from " + typeFromMessage + " to " + castedToType + " may cause data loss." +select c, + "Conversion from " + typeFromMessage + " to " + castedToType + + " may cause data loss (casting from range " + preConversionLowerBound + "..." + + preConversionUpperBound + " to range " + typeLowerBound + "..." + typeUpperBound + ")." diff --git a/c/cert/test/rules/INT31-C/IntegerConversionCausesDataLoss.expected b/c/cert/test/rules/INT31-C/IntegerConversionCausesDataLoss.expected index 4418360b5b..ee18410a48 100644 --- a/c/cert/test/rules/INT31-C/IntegerConversionCausesDataLoss.expected +++ b/c/cert/test/rules/INT31-C/IntegerConversionCausesDataLoss.expected @@ -1,11 +1,11 @@ -| test.c:7:3:7:15 | (signed int)... | Conversion from unsigned int to signed int may cause data loss. | -| test.c:17:3:17:17 | (unsigned int)... | Conversion from signed int to unsigned int may cause data loss. | -| test.c:34:3:34:17 | (signed short)... | Conversion from signed int to signed short may cause data loss. | -| test.c:51:3:51:19 | (unsigned short)... | Conversion from unsigned int to unsigned short may cause data loss. | -| test.c:89:3:89:19 | (unsigned char)... | Conversion from signed int to unsigned char may cause data loss. | -| test.c:92:3:92:19 | (unsigned char)... | Conversion from signed int to unsigned char may cause data loss. | -| test.c:93:3:93:19 | (unsigned char)... | Conversion from signed int to unsigned char may cause data loss. | -| test.c:97:9:97:12 | 4096 | Conversion from int to unsigned char may cause data loss. | -| test.c:99:10:99:13 | 4096 | Conversion from int to unsigned char may cause data loss. | -| test.c:101:13:101:16 | 4096 | Conversion from int to unsigned char may cause data loss. | -| test.c:103:13:103:16 | 4096 | Conversion from int to unsigned char may cause data loss. | +| test.c:7:3:7:15 | (signed int)... | Conversion from unsigned int to signed int may cause data loss (casting from range 0...4294967295 to range -2147483648...2147483647). | +| test.c:17:3:17:17 | (unsigned int)... | Conversion from signed int to unsigned int may cause data loss (casting from range -2147483648...2147483647 to range 0...4294967295). | +| test.c:34:3:34:17 | (signed short)... | Conversion from signed int to signed short may cause data loss (casting from range -2147483648...2147483647 to range -32768...32767). | +| test.c:51:3:51:19 | (unsigned short)... | Conversion from unsigned int to unsigned short may cause data loss (casting from range 0...4294967295 to range 0...65535). | +| test.c:89:3:89:19 | (unsigned char)... | Conversion from signed int to unsigned char may cause data loss (casting from range 100000...100000 to range 0...255). | +| test.c:92:3:92:19 | (unsigned char)... | Conversion from signed int to unsigned char may cause data loss (casting from range -129...-129 to range 0...255). | +| test.c:93:3:93:19 | (unsigned char)... | Conversion from signed int to unsigned char may cause data loss (casting from range 256...256 to range 0...255). | +| test.c:97:9:97:12 | 4096 | Conversion from int to unsigned char may cause data loss (casting from range 4096...4096 to range 0...255). | +| test.c:99:10:99:13 | 4096 | Conversion from int to unsigned char may cause data loss (casting from range 4096...4096 to range 0...255). | +| test.c:101:13:101:16 | 4096 | Conversion from int to unsigned char may cause data loss (casting from range 4096...4096 to range 0...255). | +| test.c:103:13:103:16 | 4096 | Conversion from int to unsigned char may cause data loss (casting from range 4096...4096 to range 0...255). | From 417514c7cc633bc3f48b388aeff0fce3b1ccfc68 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 21 Mar 2023 23:17:17 +0000 Subject: [PATCH 0802/2573] IntegerOverflow: Implement INT35-C Add query to find incorrect precision checks. --- .../INT35-C/UseCorrectIntegerPrecisions.md | 18 +++++++++ .../INT35-C/UseCorrectIntegerPrecisions.ql | 34 ++++++++++++++++ .../UseCorrectIntegerPrecisions.expected | 2 + .../INT35-C/UseCorrectIntegerPrecisions.qlref | 1 + c/cert/test/rules/INT35-C/test.c | 40 +++++++++++++++++++ 5 files changed, 95 insertions(+) create mode 100644 c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.md create mode 100644 c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.ql create mode 100644 c/cert/test/rules/INT35-C/UseCorrectIntegerPrecisions.expected create mode 100644 c/cert/test/rules/INT35-C/UseCorrectIntegerPrecisions.qlref create mode 100644 c/cert/test/rules/INT35-C/test.c diff --git a/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.md b/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.md new file mode 100644 index 0000000000..7d6fa5445a --- /dev/null +++ b/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.md @@ -0,0 +1,18 @@ +# INT35-C: Use correct integer precisions + +This query implements the CERT-C rule INT35-C: + +> Use correct integer precisions + + +## CERT + +** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** + +## Implementation notes + +None + +## References + +* CERT-C: [INT35-C: Use correct integer precisions](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.ql b/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.ql new file mode 100644 index 0000000000..56739ac5a5 --- /dev/null +++ b/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.ql @@ -0,0 +1,34 @@ +/** + * @id c/cert/use-correct-integer-precisions + * @name INT35-C: Use correct integer precisions + * @description + * @kind problem + * @precision high + * @problem.severity error + * @tags external/cert/id/int35-c + * correctness + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert + +class CharBitMacroInvocation extends MacroInvocation { + CharBitMacroInvocation() { this.getMacroName() = "CHAR_BIT" } +} + +from SizeofOperator so, RelationalOperation comparison, MulExpr m, Expr charSize +where + not isExcluded(so, IntegerOverflowPackage::useCorrectIntegerPrecisionsQuery()) and + // Multiplication of a sizeof operator and a constant that's probably a char size + m.getAnOperand() = so and + m.getAnOperand() = charSize and + not so = charSize and + ( + charSize.getValue().toInt() = 8 + or + charSize = any(CharBitMacroInvocation c).getExpr() + ) and + // The result is compared against something, which is probably related to the number of bits + comparison.getAnOperand() = m +select so, "sizeof operator used to determine the precision of an integer type." diff --git a/c/cert/test/rules/INT35-C/UseCorrectIntegerPrecisions.expected b/c/cert/test/rules/INT35-C/UseCorrectIntegerPrecisions.expected new file mode 100644 index 0000000000..e43dc19077 --- /dev/null +++ b/c/cert/test/rules/INT35-C/UseCorrectIntegerPrecisions.expected @@ -0,0 +1,2 @@ +| test.c:11:12:11:31 | sizeof(unsigned int) | sizeof operator used to determine the precision of an integer type. | +| test.c:27:25:27:42 | sizeof(signed int) | sizeof operator used to determine the precision of an integer type. | diff --git a/c/cert/test/rules/INT35-C/UseCorrectIntegerPrecisions.qlref b/c/cert/test/rules/INT35-C/UseCorrectIntegerPrecisions.qlref new file mode 100644 index 0000000000..c408baf78d --- /dev/null +++ b/c/cert/test/rules/INT35-C/UseCorrectIntegerPrecisions.qlref @@ -0,0 +1 @@ +rules/INT35-C/UseCorrectIntegerPrecisions.ql \ No newline at end of file diff --git a/c/cert/test/rules/INT35-C/test.c b/c/cert/test/rules/INT35-C/test.c new file mode 100644 index 0000000000..72bca5f8d8 --- /dev/null +++ b/c/cert/test/rules/INT35-C/test.c @@ -0,0 +1,40 @@ +#include +#include +#include +#include + +size_t popcount(uintmax_t num); + +#define PRECISION(umax_value) popcount(umax_value) + +void test_incorrect_precision_check(int e) { + if (e >= sizeof(unsigned int) * CHAR_BIT) { // NON_COMPLIANT + // handle error + } else { + 1 << e; + } +} + +void test_correct_precision_check(int e) { + if (e >= PRECISION(UINT_MAX)) { // COMPLIANT + /* Handle error */ + } else { + 1 << e; + } +} + +void test_incorrect_precision_check_cast(float f) { + if (log2f(fabsf(f)) > sizeof(signed int) * CHAR_BIT) { // NON_COMPLIANT + // handle error + } else { + (signed int)f; + } +} + +void test_correct_precision_check_cast(float f) { + if (log2f(fabsf(f)) > PRECISION(INT_MAX)) { // COMPLIANT + /* Handle error */ + } else { + (signed int)f; + } +} \ No newline at end of file From f7951fb1f509a2f613db494218e29e3130adc133 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 21 Mar 2023 23:23:11 +0000 Subject: [PATCH 0803/2573] IntegerOverflow: Improve descriptions. --- .../INT30-C/UnsignedIntegerOperationsWrapAround.md | 2 ++ .../rules/INT31-C/IntegerConversionCausesDataLoss.ql | 5 +++-- c/cert/src/rules/INT32-C/SignedIntegerOverflow.ql | 5 +++-- c/cert/src/rules/INT33-C/DivOrRemByZero.md | 2 ++ c/cert/src/rules/INT33-C/DivOrRemByZero.ql | 2 +- .../src/rules/INT35-C/UseCorrectIntegerPrecisions.ql | 3 ++- rule_packages/c/IntegerOverflow.json | 12 ++++++------ 7 files changed, 19 insertions(+), 12 deletions(-) diff --git a/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.md b/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.md index 402fd7f64a..2d4ea733b4 100644 --- a/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.md +++ b/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.md @@ -3,6 +3,8 @@ This query implements the CERT-C rule INT30-C: > Ensure that unsigned integer operations do not wrap + + ## CERT ** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** diff --git a/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.ql b/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.ql index 395114bf02..51ae704461 100644 --- a/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.ql +++ b/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.ql @@ -1,9 +1,10 @@ /** * @id c/cert/integer-conversion-causes-data-loss * @name INT31-C: Ensure that integer conversions do not result in lost or misinterpreted data - * @description + * @description Converting an integer value to another integer type with a different sign or size + * can lead to data loss or misinterpretation of the value. * @kind problem - * @precision high + * @precision medium * @problem.severity error * @tags external/cert/id/int31-c * correctness diff --git a/c/cert/src/rules/INT32-C/SignedIntegerOverflow.ql b/c/cert/src/rules/INT32-C/SignedIntegerOverflow.ql index 263da11865..bb7fb2b41b 100644 --- a/c/cert/src/rules/INT32-C/SignedIntegerOverflow.ql +++ b/c/cert/src/rules/INT32-C/SignedIntegerOverflow.ql @@ -1,9 +1,10 @@ /** * @id c/cert/signed-integer-overflow * @name INT32-C: Ensure that operations on signed integers do not result in overflow - * @description + * @description The multiplication of two signed integers can lead to underflow or overflow and + * therefore undefined behavior. * @kind problem - * @precision high + * @precision medium * @problem.severity error * @tags external/cert/id/int32-c * correctness diff --git a/c/cert/src/rules/INT33-C/DivOrRemByZero.md b/c/cert/src/rules/INT33-C/DivOrRemByZero.md index 6a86d3e88d..b42c204e83 100644 --- a/c/cert/src/rules/INT33-C/DivOrRemByZero.md +++ b/c/cert/src/rules/INT33-C/DivOrRemByZero.md @@ -3,6 +3,8 @@ This query implements the CERT-C rule INT33-C: > Ensure that division and remainder operations do not result in divide-by-zero errors + + ## CERT ** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** diff --git a/c/cert/src/rules/INT33-C/DivOrRemByZero.ql b/c/cert/src/rules/INT33-C/DivOrRemByZero.ql index 83cc1a4a60..664e25980b 100644 --- a/c/cert/src/rules/INT33-C/DivOrRemByZero.ql +++ b/c/cert/src/rules/INT33-C/DivOrRemByZero.ql @@ -3,7 +3,7 @@ * @name INT33-C: Ensure that division and remainder operations do not result in divide-by-zero errors * @description Dividing or taking the remainder by zero is undefined behavior. * @kind problem - * @precision high + * @precision medium * @problem.severity error * @tags external/cert/id/int33-c * correctness diff --git a/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.ql b/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.ql index 56739ac5a5..cf510bf999 100644 --- a/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.ql +++ b/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.ql @@ -1,7 +1,8 @@ /** * @id c/cert/use-correct-integer-precisions * @name INT35-C: Use correct integer precisions - * @description + * @description The precision of integer types in C cannot be deduced from the size of the type (due + * to padding and sign bits) otherwise a loss of data may occur. * @kind problem * @precision high * @problem.severity error diff --git a/rule_packages/c/IntegerOverflow.json b/rule_packages/c/IntegerOverflow.json index 8c9c7b0830..7e79cd8b32 100644 --- a/rule_packages/c/IntegerOverflow.json +++ b/rule_packages/c/IntegerOverflow.json @@ -26,10 +26,10 @@ }, "queries": [ { - "description": "", + "description": "Converting an integer value to another integer type with a different sign or size can lead to data loss or misinterpretation of the value.", "kind": "problem", "name": "Ensure that integer conversions do not result in lost or misinterpreted data", - "precision": "high", + "precision": "medium", "severity": "error", "short_name": "IntegerConversionCausesDataLoss", "tags": [ @@ -45,10 +45,10 @@ }, "queries": [ { - "description": "", + "description": "The multiplication of two signed integers can lead to underflow or overflow and therefore undefined behavior.", "kind": "problem", "name": "Ensure that operations on signed integers do not result in overflow", - "precision": "high", + "precision": "medium", "severity": "error", "short_name": "SignedIntegerOverflow", "tags": [ @@ -68,7 +68,7 @@ "description": "Dividing or taking the remainder by zero is undefined behavior.", "kind": "problem", "name": "Ensure that division and remainder operations do not result in divide-by-zero errors", - "precision": "high", + "precision": "medium", "severity": "error", "short_name": "DivOrRemByZero", "tags": [ @@ -84,7 +84,7 @@ }, "queries": [ { - "description": "", + "description": "The precision of integer types in C cannot be deduced from the size of the type (due to padding and sign bits) otherwise a loss of data may occur.", "kind": "problem", "name": "Use correct integer precisions", "precision": "high", From 6d471f22d5ad3fd67651f16bb069c0d271549186 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 21 Mar 2023 23:27:57 +0000 Subject: [PATCH 0804/2573] IntegerOverflow: Update help --- .../UnsignedIntegerOperationsWrapAround.md | 236 ++++++++- .../IntegerConversionCausesDataLoss.md | 348 ++++++++++++- .../rules/INT32-C/SignedIntegerOverflow.md | 468 +++++++++++++++++- c/cert/src/rules/INT33-C/DivOrRemByZero.md | 125 ++++- .../INT35-C/UseCorrectIntegerPrecisions.md | 129 ++++- 5 files changed, 1296 insertions(+), 10 deletions(-) diff --git a/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.md b/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.md index 2d4ea733b4..48ede39b5f 100644 --- a/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.md +++ b/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.md @@ -5,9 +5,241 @@ This query implements the CERT-C rule INT30-C: > Ensure that unsigned integer operations do not wrap -## CERT -** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** +## Description + +The C Standard, 6.2.5, paragraph 9 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\], states + +> A computation involving unsigned operands can never overflow, because a result that cannot be represented by the resulting unsigned integer type is reduced modulo the number that is one greater than the largest value that can be represented by the resulting type. + + +This behavior is more informally called [unsigned integer wrapping](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-unsignedintegerwrapping). Unsigned integer operations can wrap if the resulting value cannot be represented by the underlying representation of the integer. The following table indicates which operators can result in wrapping: + +
    Operator Wrap Operator Wrap Operator Wrap Operator Wrap
    + Yes -= Yes << Yes < No
    - Yes \*= Yes >> No > No
    \* Yes /= No & No >= No
    / No %= No | No <= No
    % No <<= Yes ^ No == No
    ++ Yes >>= No ~ No != No
    -- Yes &= No ! No && No
    = No |= No un + No || No
    += Yes ^= No un - Yes ?: No
    +The following sections examine specific operations that are susceptible to unsigned integer wrap. When operating on integer types with less precision than `int`, integer promotions are applied. The usual arithmetic conversions may also be applied to (implicitly) convert operands to equivalent types before arithmetic operations are performed. Programmers should understand integer conversion rules before trying to implement secure arithmetic operations. (See [INT02-C. Understand integer conversion rules](https://wiki.sei.cmu.edu/confluence/display/c/INT02-C.+Understand+integer+conversion+rules).) + + +Integer values must not be allowed to wrap, especially if they are used in any of the following ways: + +* Integer operands of any pointer arithmetic, including array indexing +* The assignment expression for the declaration of a variable length array +* The postfix expression preceding square brackets `[]` or the expression in square brackets `[]` of a subscripted designation of an element of an array object +* Function arguments of type `size_t` or `rsize_t` (for example, an argument to a memory allocation function) +* In security-critical code +The C Standard defines arithmetic on atomic integer types as read-modify-write operations with the same representation as regular integer types. As a result, wrapping of atomic unsigned integers is identical to regular unsigned integers and should also be prevented or detected. + +## Addition + +Addition is between two operands of arithmetic type or between a pointer to an object type and an integer type. This rule applies only to addition between two operands of arithmetic type. (See [ARR37-C. Do not add or subtract an integer to a pointer to a non-array object](https://wiki.sei.cmu.edu/confluence/display/c/ARR37-C.+Do+not+add+or+subtract+an+integer+to+a+pointer+to+a+non-array+object) and [ARR30-C. Do not form or use out-of-bounds pointers or array subscripts](https://wiki.sei.cmu.edu/confluence/display/c/ARR30-C.+Do+not+form+or+use+out-of-bounds+pointers+or+array+subscripts).) + +Incrementing is equivalent to adding 1. + +**Noncompliant Code Example** + +This noncompliant code example can result in an unsigned integer wrap during the addition of the unsigned operands `ui_a` and `ui_b`. If this behavior is [unexpected](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-unexpectedbehavior), the resulting value may be used to allocate insufficient memory for a subsequent operation or in some other manner that can lead to an exploitable [vulnerability](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability). + +```cpp +void func(unsigned int ui_a, unsigned int ui_b) { + unsigned int usum = ui_a + ui_b; + /* ... */ +} +``` +**Compliant Solution (Precondition Test)** + +This compliant solution performs a precondition test of the operands of the addition to guarantee there is no possibility of unsigned wrap: + +```cpp +#include + +void func(unsigned int ui_a, unsigned int ui_b) { + unsigned int usum; + if (UINT_MAX - ui_a < ui_b) { + /* Handle error */ + } else { + usum = ui_a + ui_b; + } + /* ... */ +} +``` +**Compliant Solution (Postcondition Test)** + +This compliant solution performs a postcondition test to ensure that the result of the unsigned addition operation `usum` is not less than the first operand: + +```cpp +void func(unsigned int ui_a, unsigned int ui_b) { + unsigned int usum = ui_a + ui_b; + if (usum < ui_a) { + /* Handle error */ + } + /* ... */ +} +``` + +## Subtraction + +Subtraction is between two operands of arithmetic type, two pointers to qualified or unqualified versions of compatible object types, or a pointer to an object type and an integer type. This rule applies only to subtraction between two operands of arithmetic type. (See [ARR36-C. Do not subtract or compare two pointers that do not refer to the same array](https://wiki.sei.cmu.edu/confluence/display/c/ARR36-C.+Do+not+subtract+or+compare+two+pointers+that+do+not+refer+to+the+same+array), [ARR37-C. Do not add or subtract an integer to a pointer to a non-array object](https://wiki.sei.cmu.edu/confluence/display/c/ARR37-C.+Do+not+add+or+subtract+an+integer+to+a+pointer+to+a+non-array+object), and [ARR30-C. Do not form or use out-of-bounds pointers or array subscripts](https://wiki.sei.cmu.edu/confluence/display/c/ARR30-C.+Do+not+form+or+use+out-of-bounds+pointers+or+array+subscripts) for information about pointer subtraction.) + +Decrementing is equivalent to subtracting 1. + +**Noncompliant Code Example** + +This noncompliant code example can result in an unsigned integer wrap during the subtraction of the unsigned operands `ui_a` and `ui_b`. If this behavior is unanticipated, it may lead to an exploitable [vulnerability](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability). + +```cpp +void func(unsigned int ui_a, unsigned int ui_b) { + unsigned int udiff = ui_a - ui_b; + /* ... */ +} +``` +**Compliant Solution (Precondition Test)** + +This compliant solution performs a precondition test of the unsigned operands of the subtraction operation to guarantee there is no possibility of unsigned wrap: + +```cpp +void func(unsigned int ui_a, unsigned int ui_b) { + unsigned int udiff; + if (ui_a < ui_b){ + /* Handle error */ + } else { + udiff = ui_a - ui_b; + } + /* ... */ +} +``` +**Compliant Solution (Postcondition Test)** + +This compliant solution performs a postcondition test that the result of the unsigned subtraction operation `udiff` is not greater than the minuend: + +```cpp +void func(unsigned int ui_a, unsigned int ui_b) { + unsigned int udiff = ui_a - ui_b; + if (udiff > ui_a) { + /* Handle error */ + } + /* ... */ +} +``` + +## Multiplication + +Multiplication is between two operands of arithmetic type. + +**Noncompliant Code Example** + +The Mozilla Foundation Security Advisory 2007-01 describes a heap buffer overflow vulnerability in the Mozilla Scalable Vector Graphics (SVG) viewer resulting from an unsigned integer wrap during the multiplication of the `signed int` value `pen->num_vertices` and the `size_t` value `sizeof(cairo_pen_vertex_t)` \[[VU\#551436](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-VU551436)\]. The `signed int` operand is converted to `size_t` prior to the multiplication operation so that the multiplication takes place between two `size_t` integers, which are unsigned. (See [INT02-C. Understand integer conversion rules](https://wiki.sei.cmu.edu/confluence/display/c/INT02-C.+Understand+integer+conversion+rules).) + +```cpp +pen->num_vertices = _cairo_pen_vertices_needed( + gstate->tolerance, radius, &gstate->ctm +); +pen->vertices = malloc( + pen->num_vertices * sizeof(cairo_pen_vertex_t) +); + +``` +The unsigned integer wrap can result in allocating memory of insufficient size. + +**Compliant Solution** + +This compliant solution tests the operands of the multiplication to guarantee that there is no unsigned integer wrap: + +```cpp +pen->num_vertices = _cairo_pen_vertices_needed( + gstate->tolerance, radius, &gstate->ctm +); + +if (pen->num_vertices > SIZE_MAX / sizeof(cairo_pen_vertex_t)) { + /* Handle error */ +} +pen->vertices = malloc( + pen->num_vertices * sizeof(cairo_pen_vertex_t) +); + +``` + +## Exceptions + +**INT30-C-EX1:** Unsigned integers can exhibit modulo behavior (wrapping) when necessary for the proper execution of the program. It is recommended that the variable declaration be clearly commented as supporting modulo behavior and that each operation on that integer also be clearly commented as supporting modulo behavior. + +**INT30-C-EX2:** Checks for wraparound can be omitted when it can be determined at compile time that wraparound will not occur. As such, the following operations on unsigned integers require no validation: + +* Operations on two compile-time constants +* Operations on a variable and 0 (except division or remainder by 0) +* Subtracting any variable from its type's maximum; for example, any `unsigned int` may safely be subtracted from `UINT_MAX` +* Multiplying any variable by 1 +* Division or remainder, as long as the divisor is nonzero +* Right-shifting any type maximum by any number no larger than the type precision; for example, `UINT_MAX >> x` is valid as long as `0 <= x < 32` (assuming that the precision of `unsigned int` is 32 bits) +**INT30-C-EX3.** The left-shift operator takes two operands of integer type. Unsigned left shift `<<` can exhibit modulo behavior (wrapping). This exception is provided because of common usage, because this behavior is usually expected by the programmer, and because the behavior is well defined. For examples of usage of the left-shift operator, see [INT34-C. Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand](https://wiki.sei.cmu.edu/confluence/display/c/INT34-C.+Do+not+shift+an+expression+by+a+negative+number+of+bits+or+by+greater+than+or+equal+to+the+number+of+bits+that+exist+in+the+operand). + +## Risk Assessment + +Integer wrap can lead to buffer overflows and the execution of arbitrary code by an attacker. + +
    Rule Severity Likelihood Remediation Cost Priority Level
    INT30-C High Likely High P9 L2
    + + +## Automated Detection + +
    Tool Version Checker Description
    Astrée 22.04 integer-overflow Fully checked
    Axivion Bauhaus Suite 7.2.0 CertC-INT30 Implemented
    CodeSonar 7.2p0 ALLOC.SIZE.ADDOFLOW ALLOC.SIZE.IOFLOW ALLOC.SIZE.MULOFLOW ALLOC.SIZE.SUBUFLOW MISC.MEM.SIZE.ADDOFLOW MISC.MEM.SIZE.BAD MISC.MEM.SIZE.MULOFLOW MISC.MEM.SIZE.SUBUFLOW Addition overflow of allocation size Integer overflow of allocation size Multiplication overflow of allocation size Subtraction underflow of allocation size Addition overflow of size Unreasonable size argument Multiplication overflow of size Subtraction underflow of size
    Compass/ROSE Can detect violations of this rule by ensuring that operations are checked for overflow before being performed (Be mindful of exception INT30-EX2 because it excuses many operations from requiring validation , including all the operations that would validate a potentially dangerous operation. For instance, adding two unsigned int s together requires validation involving subtracting one of the numbers from UINT_MAX , which itself requires no validation because it cannot wrap.)
    Coverity 2017.07 INTEGER_OVERFLOW Implemented
    Helix QAC 2022.4 C2910, C3383, C3384, C3385, C3386 C++2910 DF2911, DF2912, DF2913,
    Klocwork 2022.4 NUM.OVERFLOW CWARN.NOEFFECT.OUTOFRANGE NUM.OVERFLOW.DF
    LDRA tool suite 9.7.1 493 S, 494 S Partially implemented
    Parasoft C/C++test 2022.2 CERT_C-INT30-a CERT_C-INT30-b CERT_C-INT30-c Avoid integer overflows Integer overflow or underflow in constant expression in '+', '-', '\*' operator Integer overflow or underflow in constant expression in '<<' operator
    Polyspace Bug Finder R2022b CERT C: Rule INT30-C Checks for: Unsigned integer overflownsigned integer overflow, unsigned integer constant overflownsigned integer constant overflow. Rule partially covered.
    PRQA QA-C 9.7 2910 \[C\], 2911 \[D\], 2912 \[A\], 2913 \[S\], 3383, 3384, 3385, 3386 Partially implemented
    PRQA QA-C++ 4.4 2910, 2911, 2912, 2913
    PVS-Studio 7.23 V658, V1012, V1028, V5005, V5011
    TrustInSoft Analyzer 1.38 unsigned overflow Exhaustively verified.
    + + +## Related Vulnerabilities + +[CVE-2009-1385](http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1385) results from a violation of this rule. The value performs an unchecked subtraction on the `length` of a buffer and then adds those many bytes of data to another buffer \[[xorl 2009](http://xorl.wordpress.com/2009/06/10/cve-2009-1385-linux-kernel-e1000-integer-underflow/)\]. This can cause a buffer overflow, which allows an attacker to execute arbitrary code. + +A Linux Kernel vmsplice [exploit](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-exploit), described by Rafal Wojtczuk \[[Wojtczuk 2008](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-Wojtczuk08)\], documents a [vulnerability](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) and exploit arising from a buffer overflow (caused by unsigned integer wrapping). + +Don Bailey \[[Bailey 2014](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-Bailey14)\] describes an unsigned integer wrap [vulnerability](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) in the LZO compression algorithm, which can be exploited in some implementations. + +[CVE-2014-4377](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4377) describes a [vulnerability](http://blog.binamuse.com/2014/09/coregraphics-memory-corruption.html) in iOS 7.1 resulting from a multiplication operation that wraps, producing an insufficiently small value to pass to a memory allocation routine, which is subsequently overflowed. + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+INT30-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
    Taxonomy Taxonomy item Relationship
    CERT C INT02-C. Understand integer conversion rules Prior to 2018-01-12: CERT: Unspecified Relationship
    CERT C ARR30-C. Do not form or use out-of-bounds pointers or array subscripts Prior to 2018-01-12: CERT: Unspecified Relationship
    CERT C ARR36-C. Do not subtract or compare two pointers that do not refer to the same array Prior to 2018-01-12: CERT: Unspecified Relationship
    CERT C ARR37-C. Do not add or subtract an integer to a pointer to a non-array object Prior to 2018-01-12: CERT: Unspecified Relationship
    CERT C CON08-C. Do not assume that a group of calls to independently atomic methods is atomic Prior to 2018-01-12: CERT: Unspecified Relationship
    ISO/IEC TR 24772:2013 Arithmetic Wrap-Around Error \[FIF\] Prior to 2018-01-12: CERT: Unspecified Relationship
    CWE 2.11 CWE-190 , Integer Overflow or Wraparound 2016-12-02: CERT: Rule subset of CWE
    CWE 2.11 CWE-131 2017-05-16: CERT: Partial overlap
    CWE 2.11 CWE-191 2017-05-18: CERT: Partial overlap
    CWE 2.11 CWE-680 2017-05-18: CERT: Partial overlap
    + + +## CERT-CWE Mapping Notes + +[Key here](https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=87152408#HowthisCodingStandardisOrganized-CERT-CWEMappingNotes) for mapping notes + +**CWE-131 and INT30-C** + +* Intersection( INT30-C, MEM35-C) = Ø +* Intersection( CWE-131, INT30-C) = +* Calculating a buffer size such that the calculation wraps. This can happen, for example, when using malloc() or operator new\[\] to allocate an array, multiplying the array item size with the array dimension. An untrusted dimension could cause wrapping, resulting in a too-small buffer being allocated, and subsequently overflowed when the array is initialized. +* CWE-131 – INT30-C = +* Incorrect calculation of a buffer size that does not involve wrapping. This includes off-by-one errors, for example. +INT30-C – CWE-131 = +* Integer wrapping where the result is not used to allocate memory. +**CWE-680 and INT30-C** + +Intersection( CWE-680, INT30-C) = + +* Unsigned integer overflows that lead to buffer overflows +CWE-680 - INT30-C = +* Signed integer overflows that lead to buffer overflows +INT30-C – CWE-680 = +* Unsigned integer overflows that do not lead to buffer overflows +**CWE-191 and INT30-C** + +Union( CWE-190, CWE-191) = Union( INT30-C, INT32-C) Intersection( INT30-C, INT32-C) == Ø + +Intersection(CWE-191, INT30-C) = + +* Underflow of unsigned integer operation +CWE-191 – INT30-C = +* Underflow of signed integer operation +INT30-C – CWE-191 = +* Overflow of unsigned integer operation + +## Bibliography + +
    \[ Bailey 2014 \] Raising Lazarus - The 20 Year Old Bug that Went to Mars
    \[ Dowd 2006 \] Chapter 6, "C Language Issues" ("Arithmetic Boundary Conditions," pp. 211–223)
    \[ ISO/IEC 9899:2011 \] Subclause 6.2.5, "Types"
    \[ Seacord 2013b \] Chapter 5, "Integer Security"
    \[ Viega 2005 \] Section 5.2.7, "Integer Overflow"
    \[ VU\#551436 \]
    \[ Warren 2002 \] Chapter 2, "Basics"
    \[ Wojtczuk 2008 \]
    \[ xorl 2009 \] "CVE-2009-1385: Linux Kernel E1000 Integer Underflow"
    + ## Implementation notes diff --git a/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.md b/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.md index 859ac3ec06..54d5e7d2ae 100644 --- a/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.md +++ b/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.md @@ -5,9 +5,353 @@ This query implements the CERT-C rule INT31-C: > Ensure that integer conversions do not result in lost or misinterpreted data -## CERT -** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** +## Description + +Integer conversions, both implicit and explicit (using a cast), must be guaranteed not to result in lost or misinterpreted data. This rule is particularly true for integer values that originate from untrusted sources and are used in any of the following ways: + +* Integer operands of any pointer arithmetic, including array indexing +* The assignment expression for the declaration of a variable length array +* The postfix expression preceding square brackets `[]` or the expression in square brackets `[]` of a subscripted designation of an element of an array object +* Function arguments of type `size_t` or `rsize_t` (for example, an argument to a memory allocation function) +This rule also applies to arguments passed to the following library functions that are converted to `unsigned char`: +* `memset()` +* `memset_s()` +* `fprintf()` and related functions (For the length modifier `c`, if no `l` length modifier is present, the `int` argument is converted to an `unsigned char`, and the resulting character is written.) +* `fputc()` +* `ungetc()` +* `memchr()` +and to arguments to the following library functions that are converted to `char`: +* `strchr()` +* `strrchr()` +* All of the functions listed in `` +The only integer type conversions that are guaranteed to be safe for all data values and all possible conforming implementations are conversions of an integral value to a wider type of the same signedness. The C Standard, subclause 6.3.1.3 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IECTR24731-2-2010)\], says + +> When a value with integer type is converted to another integer type other than `_Bool`, if the value can be represented by the new type, it is unchanged. + + +Otherwise, if the new type is unsigned, the value is converted by repeatedly adding or subtracting one more than the maximum value that can be represented in the new type until the value is in the range of the new type. + +Otherwise, the new type is signed and the value cannot be represented in it; either the result is [implementation-defined](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation-definedbehavior) or an implementation-defined signal is raised. + +Typically, converting an integer to a smaller type results in truncation of the high-order bits. + +## Noncompliant Code Example (Unsigned to Signed) + +Type range errors, including loss of data (truncation) and loss of sign (sign errors), can occur when converting from a value of an unsigned integer type to a value of a signed integer type. This noncompliant code example results in a truncation error on most [implementations](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation): + +```cpp +#include + +void func(void) { + unsigned long int u_a = ULONG_MAX; + signed char sc; + sc = (signed char)u_a; /* Cast eliminates warning */ + /* ... */ +} +``` + +## Compliant Solution (Unsigned to Signed) + +Validate ranges when converting from an unsigned type to a signed type. This compliant solution can be used to convert a value of `unsigned long int` type to a value of `signed char `type: + +```cpp +#include + +void func(void) { + unsigned long int u_a = ULONG_MAX; + signed char sc; + if (u_a <= SCHAR_MAX) { + sc = (signed char)u_a; /* Cast eliminates warning */ + } else { + /* Handle error */ + } +} +``` + +## Noncompliant Code Example (Signed to Unsigned) + +Type range errors, including loss of data (truncation) and loss of sign (sign errors), can occur when converting from a value of a signed type to a value of an unsigned type. This noncompliant code example results in a negative number being misinterpreted as a large positive number. + +```cpp +#include + +void func(signed int si) { + /* Cast eliminates warning */ + unsigned int ui = (unsigned int)si; + + /* ... */ +} + +/* ... */ + +func(INT_MIN); +``` + +## Compliant Solution (Signed to Unsigned) + +Validate ranges when converting from a signed type to an unsigned type. This compliant solution converts a value of a `signed int` type to a value of an `unsigned int` type: + +```cpp +#include + +void func(signed int si) { + unsigned int ui; + if (si < 0) { + /* Handle error */ + } else { + ui = (unsigned int)si; /* Cast eliminates warning */ + } + /* ... */ +} +/* ... */ + +func(INT_MIN + 1); +``` +Subclause 6.2.5, paragraph 9, of the C Standard \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IECTR24731-2-2010)\] provides the necessary guarantees to ensure this solution works on a [conforming](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-conformingprogram) [implementation](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation): + +> The range of nonnegative values of a signed integer type is a subrange of the corresponding unsigned integer type, and the representation of the same value in each type is the same. + + +## Noncompliant Code Example (Signed, Loss of Precision) + +A loss of data (truncation) can occur when converting from a value of a signed integer type to a value of a signed type with less precision. This noncompliant code example results in a truncation error on most [implementations](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation): + +```cpp +#include + +void func(void) { + signed long int s_a = LONG_MAX; + signed char sc = (signed char)s_a; /* Cast eliminates warning */ + /* ... */ +} +``` + +## Compliant Solution (Signed, Loss of Precision) + +Validate ranges when converting from a signed type to a signed type with less precision. This compliant solution converts a value of a `signed long int` type to a value of a `signed char` type: + +```cpp +#include + +void func(void) { + signed long int s_a = LONG_MAX; + signed char sc; + if ((s_a < SCHAR_MIN) || (s_a > SCHAR_MAX)) { + /* Handle error */ + } else { + sc = (signed char)s_a; /* Use cast to eliminate warning */ + } + /* ... */ +} + +``` +Conversions from a value of a signed integer type to a value of a signed integer type with less precision requires that both the upper and lower bounds are checked. + +## Noncompliant Code Example (Unsigned, Loss of Precision) + +A loss of data (truncation) can occur when converting from a value of an unsigned integer type to a value of an unsigned type with less precision. This noncompliant code example results in a truncation error on most [implementations](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation): + +```cpp +#include + +void func(void) { + unsigned long int u_a = ULONG_MAX; + unsigned char uc = (unsigned char)u_a; /* Cast eliminates warning */ + /* ... */ +} +``` + +## Compliant Solution (Unsigned, Loss of Precision) + +Validate ranges when converting a value of an unsigned integer type to a value of an unsigned integer type with less precision. This compliant solution converts a value of an `unsigned long int` type to a value of an `unsigned char` type: + +```cpp +#include + +void func(void) { + unsigned long int u_a = ULONG_MAX; + unsigned char uc; + if (u_a > UCHAR_MAX) { + /* Handle error */ + } else { + uc = (unsigned char)u_a; /* Cast eliminates warning */ + } + /* ... */ +} + +``` +Conversions from unsigned types with greater precision to unsigned types with less precision require only the upper bounds to be checked. + +## Noncompliant Code Example (time_t Return Value) + +The `time()` function returns the value `(time_t)(-1)` to indicate that the calendar time is not available. The C Standard requires that the `time_t` type is only a *real type* capable of representing time. (The integer and real floating types are collectively called real types.) It is left to the implementor to decide the best real type to use to represent time. If `time_t` is implemented as an unsigned integer type with less precision than a signed `int`, the return value of `time()` will never compare equal to the integer literal `-1`. + +```cpp +#include + +void func(void) { + time_t now = time(NULL); + if (now != -1) { + /* Continue processing */ + } +} +``` + +## Compliant Solution (time_t Return Value) + +To ensure the comparison is properly performed, the return value of `time()` should be compared against `-1` cast to type `time_t`: + +```cpp +#include + +void func(void) { + time_t now = time(NULL); + if (now != (time_t)-1) { + /* Continue processing */ + } +} +``` +This solution is in accordance with [INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size](https://wiki.sei.cmu.edu/confluence/display/c/INT18-C.+Evaluate+integer+expressions+in+a+larger+size+before+comparing+or+assigning+to+that+size). Note that `(time_+t)-1` also complies with **INT31-C-EX3**. + +## Noncompliant Code Example (memset()) + +For historical reasons, certain C Standard functions accept an argument of type `int` and convert it to either `unsigned char` or plain `char`. This conversion can result in unexpected behavior if the value cannot be represented in the smaller type. The second argument to `memset()` is an example; it indicates what byte to store in the range of memory indicated by the first and third arguments. If the second argument is outside the range of a `signed char` or plain `char`, then its higher order bits will typically be truncated. Consequently, this noncompliant solution unexpectedly sets all elements in the array to 0, rather than 4096: + +```cpp +#include +#include + +int *init_memory(int *array, size_t n) { + return memset(array, 4096, n); +} +``` + +## Compliant Solution (memset()) + +In general, the `memset()` function should not be used to initialize an integer array unless it is to set or clear all the bits, as in this compliant solution: + +```cpp +#include +#include + +int *init_memory(int *array, size_t n) { + return memset(array, 0, n); +} +``` + +## Exceptions + +**INT31-C-EX1:** The C Standard defines minimum ranges for standard integer types. For example, the minimum range for an object of type `unsigned short int` is 0 to 65,535, whereas the minimum range for `int` is −32,767 to +32,767. Consequently, it is not always possible to represent all possible values of an `unsigned short int` as an `int`. However, on the IA-32 architecture, for example, the actual integer range is from −2,147,483,648 to +2,147,483,647, meaning that it is quite possible to represent all the values of an `unsigned short int` as an `int` for this architecture. As a result, it is not necessary to provide a test for this conversion on IA-32. It is not possible to make assumptions about conversions without knowing the precision of the underlying types. If these tests are not provided, assumptions concerning precision must be clearly documented, as the resulting code cannot be safely ported to a system where these assumptions are invalid. A good way to document these assumptions is to use static assertions. (See [DCL03-C. Use a static assertion to test the value of a constant expression](https://wiki.sei.cmu.edu/confluence/display/c/DCL03-C.+Use+a+static+assertion+to+test+the+value+of+a+constant+expression).) + +**INT31-C-EX2:** Conversion from any integer type with a value between `SCHAR_MIN` and `UCHAR_MAX` to a character type is permitted provided the value represents a character and not an integer. + +Conversions to unsigned character types are well defined by C to have modular behavior. A character's value is not misinterpreted by the loss of sign or conversion to a negative number. For example, the Euro symbol `€` is sometimes represented by bit pattern `0x80` which can have the numerical value 128 or −127 depending on the signedness of the type. + +Conversions to signed character types are more problematic. The C Standard, subclause 6.3.1.3, paragraph 3 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IECTR24731-2-2010)\], says, regarding conversions + +> Otherwise, the new type is signed and the value cannot be represented in it; either the result is implementation-defined or an implementation-defined signal is raised. + + +Furthermore, subclause 6.2.6.2, paragraph 2, says, regarding integer modifications + +> If the sign bit is one, the value shall be modified in one of the following ways:— the corresponding value with sign bit 0 is negated (sign and magnitude)— the sign bit has the value −(2M ) (two’s complement);— the sign bit has the value −(2M − 1) (ones’ complement).Which of these applies is implementation-defined, as is whether the value with sign bit 1 and all value bits zero (for the first two), or with sign bit and all value bits 1 (for ones’ complement), is a trap representation or a normal value. \[See note.\] + + +NOTE: *Two's complement* is shorthand for "radix complement in radix 2." *Ones' complement* is shorthand for "diminished radix complement in radix 2." + +Consequently, the standard allows for this code to trap: + +```cpp +int i = 128; /* 1000 0000 in binary */ +assert(SCHAR_MAX == 127); +signed char c = i; /* can trap */ + +``` +However, platforms where this code traps or produces an unexpected value are rare. According to *[The New C Standard: An Economic and Cultural Commentary](http://www.knosof.co.uk/cbook/cbook.html)* by Derek Jones \[[Jones 2008](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-Jones08)\], + +> Implementations with such trap representations are thought to have existed in the past. Your author was unable to locate any documents describing such processors. + + +**INT31-C-EX3:** ISO C, section 7.27.2.4, paragraph 3 says: + +> The time function returns the implementation’s best approximation to the current calendar time. + + +The value (time_t) (−1) is returned if the calendar time is not available. + +If `time_t` is an unsigned type, then the expression `((time_t) (-1))` is guaranteed to yield a large positive value. + +Therefore, conversion of a negative compile-time constant to an unsigned value with the same or larger width is permitted by this rule. This exception does not apply to conversion of unsigned to signed values, nor does it apply if the resulting value would undergo truncation. + +## Risk Assessment + +Integer truncation errors can lead to buffer overflows and the execution of arbitrary code by an attacker. + +
    Rule Severity Likelihood Remediation Cost Priority Level
    INT31-C High Probable High P6 L2
    + + +## Automated Detection + +
    Tool Version Checker Description
    Astrée 22.04 Supported via MISRA C:2012 Rules 10.1, 10.3, 10.4, 10.6 and 10.7
    CodeSonar 7.2p0 LANG.CAST.PC.AVLANG.CAST.PC.CONST2PTRLANG.CAST.PC.INT LANG.CAST.COERCELANG.CAST.VALUE ALLOC.SIZE.TRUNCMISC.MEM.SIZE.TRUNC LANG.MEM.TBA Cast: arithmetic type/void pointer Conversion: integer constant to pointer Conversion: pointer/integer Coercion alters value Cast alters value Truncation of allocation size Truncation of size Tainted buffer access
    Compass/ROSE Can detect violations of this rule. However, false warnings may be raised if limits.h is included
    Coverity \* 2017.07 NEGATIVE_RETURNS REVERSE_NEGATIVE MISRA_CAST Can find array accesses, loop bounds, and other expressions that may contain dangerous implied integer conversions that would result in unexpected behavior Can find instances where a negativity check occurs after the negative value has been used for something else Can find instances where an integer expression is implicitly converted to a narrower integer type, where the signedness of an integer value is implicitly converted, or where the type of a complex expression is implicitly converted
    Cppcheck 1.66 memsetValueOutOfRange The second argument to memset() cannot be represented as unsigned char
    Helix QAC 2022.4 C2850, C2855, C2890, C2895, C2900, C2905, C++2850, C++2855, C++2890, C++2895, C++2900, C++2905, C++3000, C++3010 DF2851, DF2852, DF2853, DF2856, DF2857, DF2858, DF2891, DF2892, DF2893, DF2896, DF2897, DF2898, DF2901, DF2902, DF2903, DF2906, DF2907, DF2908
    Klocwork 2022.4 PORTING.CAST.SIZE
    LDRA tool suite 9.7.1 93 S , 433 S , 434 S Partially implemented
    Parasoft C/C++test 2022.2 CERT_C-INT31-a CERT_C-INT31-b CERT_C-INT31-c CERT_C-INT31-d CERT_C-INT31-e CERT_C-INT31-f CERT_C-INT31-g CERT_C-INT31-h CERT_C-INT31-i CERT_C-INT31-j CERT_C-INT31-k CERT_C-INT31-l CERT_C-INT31-m CERT_C-INT31-nCERT_C-INT31-o An expression of essentially Boolean type should always be used where an operand is interpreted as a Boolean value An operand of essentially Boolean type should not be used where an operand is interpreted as a numeric value An operand of essentially character type should not be used where an operand is interpreted as a numeric value An operand of essentially enum type should not be used in an arithmetic operation Shift and bitwise operations should not be performed on operands of essentially signed or enum type An operand of essentially signed or enum type should not be used as the right hand operand to the bitwise shifting operator An operand of essentially unsigned type should not be used as the operand to the unary minus operator The value of an expression shall not be assigned to an object with a narrower essential type The value of an expression shall not be assigned to an object of a different essential type category Both operands of an operator in which the usual arithmetic conversions are performed shall have the same essential type category The second and third operands of the ternary operator shall have the same essential type category The value of a composite expression shall not be assigned to an object with wider essential type If a composite expression is used as one operand of an operator in which the usual arithmetic conversions are performed then the other operand shall not have wider essential type If a composite expression is used as one (second or third) operand of a conditional operator then the other operand shall not have wider essential type Avoid integer overflows
    Polyspace Bug Finder R2022b CERT C: Rule INT31-C Checks for: Integer conversion overflownteger conversion overflow, call to memset with unintended value all to memset with unintended value , sign change integer conversion overflowign change integer conversion overflow, tainted sign change conversionainted sign change conversion, unsigned integer conversion overflownsigned integer conversion overflow. Rule partially covered.
    PRQA QA-C 9.7 2850, 2851, 2852, 2853, 2855, 2856, 2857, 2858, 2890, 2891, 2892, 2893, 2895, 2896, 2897, 2898 2900, 2901, 2902, 2903, 2905, 2906, 2907, 2908 Partially implemented
    PRQA QA-C++ 4.4 2850, 2851, 2852, 2853, 2855, 2856, 2857, 2858, 2890, 2891, 2892, 2893, 2895, 2896, 2897, 2898, 2900, 2901, 2902, 2903, 2905, 2906, 2907, 2908, 3000, 3010
    PVS-Studio 7.23 V562 , V569 , V642 , V676 , V716 , V721 , V724 , V732 , V739 , V784 , V793 , V1019 , V1029 , V1046
    RuleChecker 22.04 Supported via MISRA C:2012 Rules 10.1, 10.3, 10.4, 10.6 and 10.7
    TrustInSoft Analyzer 1.38 signed_downcast Exhaustively verified.
    +\* Coverity Prevent cannot discover all violations of this rule, so further [verification](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-verification) is necessary. + + +## Related Vulnerabilities + +[CVE-2009-1376](http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1376) results from a violation of this rule. In version 2.5.5 of Pidgin, a `size_t` offset is set to the value of a 64-bit unsigned integer, which can lead to truncation \[[xorl 2009](http://xorl.wordpress.com/2009/05/28/cve-2009-1376-pidgin-msn-slp-integer-truncation/)\] on platforms where a `size_t` is implemented as a 32-bit unsigned integer. An attacker can execute arbitrary code by carefully choosing this value and causing a buffer overflow. + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerabi) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+INT31-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
    Taxonomy Taxonomy item Relationship
    CERT C DCL03-C. Use a static assertion to test the value of a constant expression Prior to 2018-01-12: CERT: Unspecified Relationship
    CERT C INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size Prior to 2018-01-12: CERT: Unspecified Relationship
    CERT C FIO34-C. Distinguish between characters read from a file and EOF or WEOF Prior to 2018-01-12: CERT: Unspecified Relationship
    CERT Oracle Secure Coding Standard for Java NUM12-J. Ensure conversions of numeric types to narrower types do not result in lost or misinterpreted data Prior to 2018-01-12: CERT: Unspecified Relationship
    ISO/IEC TR 24772:2013 Numeric Conversion Errors \[FLC\] Prior to 2018-01-12: CERT: Unspecified Relationship
    MISRA C:2012 Rule 10.1 (required) Prior to 2018-01-12: CERT: Unspecified Relationship
    MISRA C:2012 Rule 10.3 (required) Prior to 2018-01-12: CERT: Unspecified Relationship
    MISRA C:2012 Rule 10.4 (required) Prior to 2018-01-12: CERT: Unspecified Relationship
    MISRA C:2012 Rule 10.6 (required) Prior to 2018-01-12: CERT: Unspecified Relationship
    MISRA C:2012 Rule 10.7 (required) Prior to 2018-01-12: CERT: Unspecified Relationship
    CWE 2.11 CWE-192 , Integer Coercion Error 2017-07-17: CERT: Exact
    CWE 2.11 CWE-197 , Numeric Truncation Error 2017-06-14: CERT: Rule subset of CWE
    CWE 2.11 CWE-681 , Incorrect Conversion between Numeric Types 2017-07-17: CERT: Rule subset of CWE
    CWE 2.11 CWE-704 2017-07-17: CERT: Rule subset of CWE
    + + +## CERT-CWE Mapping Notes + +[Key here](https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=87152408#HowthisCodingStandardisOrganized-CERT-CWEMappingNotes) for mapping notes + +**CWE-195 and INT31-C** + +CWE-195 = Subset( CWE-192) + +INT31-C = Union( CWE-195, list) where list = + +* Unsigned-to-signed conversion error +* Truncation that does not change sign +**CWE-197 and INT31-C** + +See CWE-197 and FLP34-C + +**CWE-194 and INT31-C** + +CWE-194 = Subset( CWE-192) + +INT31-C = Union( CWE-194, list) where list = + +* Integer conversion that truncates significant data, but without loss of sign +**CWE-20 and INT31-C** + +See CWE-20 and ERR34-C + +**CWE-704 and INT31-C** + +CWE-704 = Union( INT31-C, list) where list = + +* Improper type casts where either the source or target type is not an integral type +**CWE-681 and INT31-C** + +CWE-681 = Union( INT31-C, FLP34-C) + +Intersection( INT31-C, FLP34-C) = Ø + +## Bibliography + +
    \[ Dowd 2006 \] Chapter 6, "C Language Issues" ("Type Conversions," pp. 223–270)
    \[ ISO/IEC 9899:2011 \] 6.3.1.3, "Signed and Unsigned Integers"
    \[ Jones 2008 \] Section 6.2.6.2, "Integer Types"
    \[ Seacord 2013b \] Chapter 5, "Integer Security"
    \[ Viega 2005 \] Section 5.2.9, "Truncation Error" Section 5.2.10, "Sign Extension Error" Section 5.2.11, "Signed to Unsigned Conversion Error" Section 5.2.12, "Unsigned to Signed Conversion Error"
    \[ Warren 2002 \] Chapter 2, "Basics"
    \[ xorl 2009 \] "CVE-2009-1376: Pidgin MSN SLP Integer Truncation"
    + ## Implementation notes diff --git a/c/cert/src/rules/INT32-C/SignedIntegerOverflow.md b/c/cert/src/rules/INT32-C/SignedIntegerOverflow.md index 44c23b7b2c..0595d28a10 100644 --- a/c/cert/src/rules/INT32-C/SignedIntegerOverflow.md +++ b/c/cert/src/rules/INT32-C/SignedIntegerOverflow.md @@ -5,9 +5,473 @@ This query implements the CERT-C rule INT32-C: > Ensure that operations on signed integers do not result in overflow -## CERT -** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** +## Description + +Signed integer overflow is [undefined behavior 36](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). Consequently, [implementations](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation) have considerable latitude in how they deal with signed integer overflow. (See [MSC15-C. Do not depend on undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/MSC15-C.+Do+not+depend+on+undefined+behavior).) An implementation that defines signed integer types as being modulo, for example, need not detect integer overflow. Implementations may also trap on signed arithmetic overflows, or simply assume that overflows will never happen and generate object code accordingly. It is also possible for the same conforming implementation to emit code that exhibits different behavior in different contexts. For example, an implementation may determine that a signed integer loop control variable declared in a local scope cannot overflow and may emit efficient code on the basis of that determination, while the same implementation may determine that a global variable used in a similar context will wrap. + +For these reasons, it is important to ensure that operations on signed integers do not result in overflow. Of particular importance are operations on signed integer values that originate from a [tainted source](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-taintedsource) and are used as + +* Integer operands of any pointer arithmetic, including array indexing +* The assignment expression for the declaration of a variable length array +* The postfix expression preceding square brackets `[]` or the expression in square brackets `[]` of a subscripted designation of an element of an array object +* Function arguments of type `size_t` or `rsize_t` (for example, an argument to a memory allocation function) +Integer operations will overflow if the resulting value cannot be represented by the underlying representation of the integer. The following table indicates which operations can result in overflow. + +
    Operator Overflow Operator Overflow Operator Overflow Operator Overflow
    + Yes -= Yes << Yes < No
    - Yes \*= Yes >> No > No
    \* Yes /= Yes & No >= No
    / Yes %= Yes | No <= No
    % Yes <<= Yes ^ No == No
    ++ Yes >>= No ~ No != No
    -- Yes &= No ! No && No
    = No |= No unary + No || No
    += Yes ^= No unary - Yes ?: No
    +The following sections examine specific operations that are susceptible to integer overflow. When operating on integer types with less precision than `int`, integer promotions are applied. The usual arithmetic conversions may also be applied to (implicitly) convert operands to equivalent types before arithmetic operations are performed. Programmers should understand integer conversion rules before trying to implement secure arithmetic operations. (See [INT02-C. Understand integer conversion rules](https://wiki.sei.cmu.edu/confluence/display/c/INT02-C.+Understand+integer+conversion+rules).) + + +## Implementation Details + +GNU GCC invoked with the `[-fwrapv](http://gcc.gnu.org/onlinedocs/gcc-4.5.2/gcc/Code-Gen-Options.html#index-fwrapv-2088)` command-line option defines the same modulo arithmetic for both unsigned and signed integers. + +GNU GCC invoked with the `[-ftrapv](http://gcc.gnu.org/onlinedocs/gcc-4.5.2/gcc/Code-Gen-Options.html#index-ftrapv-2088)` command-line option causes a trap to be generated when a signed integer overflows, which will most likely abnormally exit. On a UNIX system, the result of such an event may be a signal sent to the process. + +GNU GCC invoked without either the `-fwrapv` or the `-ftrapv` option may simply assume that signed integers never overflow and may generate object code accordingly. + +## Atomic Integers + +The C Standard defines the behavior of arithmetic on atomic signed integer types to use two's complement representation with silent wraparound on overflow; there are no undefined results. Although defined, these results may be unexpected and therefore carry similar risks to [unsigned integer wrapping](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-unsignedintegerwrapping). (See [INT30-C. Ensure that unsigned integer operations do not wrap](https://wiki.sei.cmu.edu/confluence/display/c/INT30-C.+Ensure+that+unsigned+integer+operations+do+not+wrap).) Consequently, signed integer overflow of atomic integer types should also be prevented or detected. + +## Addition + +Addition is between two operands of arithmetic type or between a pointer to an object type and an integer type. This rule applies only to addition between two operands of arithmetic type. (See [ARR37-C. Do not add or subtract an integer to a pointer to a non-array object](https://wiki.sei.cmu.edu/confluence/display/c/ARR37-C.+Do+not+add+or+subtract+an+integer+to+a+pointer+to+a+non-array+object) and [ARR30-C. Do not form or use out-of-bounds pointers or array subscripts](https://wiki.sei.cmu.edu/confluence/display/c/ARR30-C.+Do+not+form+or+use+out-of-bounds+pointers+or+array+subscripts).) + +Incrementing is equivalent to adding 1. + +**Noncompliant Code Example** + +This noncompliant code example can result in a signed integer overflow during the addition of the signed operands `si_a` and `si_b`: + +```cpp +void func(signed int si_a, signed int si_b) { + signed int sum = si_a + si_b; + /* ... */ +} +``` +**Compliant Solution** + +This compliant solution ensures that the addition operation cannot overflow, regardless of representation: + +```cpp +#include + +void f(signed int si_a, signed int si_b) { + signed int sum; + if (((si_b > 0) && (si_a > (INT_MAX - si_b))) || + ((si_b < 0) && (si_a < (INT_MIN - si_b)))) { + /* Handle error */ + } else { + sum = si_a + si_b; + } + /* ... */ +} +``` +**Compliant Solution (GNU)** + +This compliant solution uses the GNU extension `__builtin_sadd_overflow`, available with GCC, Clang, and ICC: + +```cpp +void f(signed int si_a, signed int si_b) { + signed int sum; + if (__builtin_sadd_overflow(si_a, si_b, &sum)) { + /* Handle error */ + } + /* ... */ +} +``` + +## Subtraction + +Subtraction is between two operands of arithmetic type, two pointers to qualified or unqualified versions of compatible object types, or a pointer to an object type and an integer type. This rule applies only to subtraction between two operands of arithmetic type. (See [ARR36-C. Do not subtract or compare two pointers that do not refer to the same array](https://wiki.sei.cmu.edu/confluence/display/c/ARR36-C.+Do+not+subtract+or+compare+two+pointers+that+do+not+refer+to+the+same+array), [ARR37-C. Do not add or subtract an integer to a pointer to a non-array object](https://wiki.sei.cmu.edu/confluence/display/c/ARR37-C.+Do+not+add+or+subtract+an+integer+to+a+pointer+to+a+non-array+object), and [ARR30-C. Do not form or use out-of-bounds pointers or array subscripts](https://wiki.sei.cmu.edu/confluence/display/c/ARR30-C.+Do+not+form+or+use+out-of-bounds+pointers+or+array+subscripts) for information about pointer subtraction.) + +Decrementing is equivalent to subtracting 1. + +**Noncompliant Code Example** + +This noncompliant code example can result in a signed integer overflow during the subtraction of the signed operands `si_a` and `si_b`: + +```cpp +void func(signed int si_a, signed int si_b) { + signed int diff = si_a - si_b; + /* ... */ +} +``` +**Compliant Solution** + +This compliant solution tests the operands of the subtraction to guarantee there is no possibility of signed overflow, regardless of representation: + +```cpp +#include + +void func(signed int si_a, signed int si_b) { + signed int diff; + if ((si_b > 0 && si_a < INT_MIN + si_b) || + (si_b < 0 && si_a > INT_MAX + si_b)) { + /* Handle error */ + } else { + diff = si_a - si_b; + } + + /* ... */ +} +``` +**Compliant Solution (GNU)** + +This compliant solution uses the GNU extension `__builtin_ssub_overflow`, available with GCC, Clang, and ICC: + +```cpp +void func(signed int si_a, signed int si_b) { + signed int diff; + if (__builtin_ssub_overflow(si_a, si_b, &diff)) { + /* Handle error */ + } + + /* ... */ +} +``` + +## Multiplication + +Multiplication is between two operands of arithmetic type. + +**Noncompliant Code Example** + +This noncompliant code example can result in a signed integer overflow during the multiplication of the signed operands `si_a` and `si_b`: + +```cpp +void func(signed int si_a, signed int si_b) { + signed int result = si_a * si_b; + /* ... */ +} +``` +**Compliant Solution** + +The product of two operands can always be represented using twice the number of bits than exist in the precision of the larger of the two operands. This compliant solution eliminates signed overflow on systems where `long long` is at least twice the precision of `int`: + +```cpp +#include +#include +#include +#include + +extern size_t popcount(uintmax_t); +#define PRECISION(umax_value) popcount(umax_value) + +void func(signed int si_a, signed int si_b) { + signed int result; + signed long long tmp; + assert(PRECISION(ULLONG_MAX) >= 2 * PRECISION(UINT_MAX)); + tmp = (signed long long)si_a * (signed long long)si_b; + + /* + * If the product cannot be represented as a 32-bit integer, + * handle as an error condition. + */ + if ((tmp > INT_MAX) || (tmp < INT_MIN)) { + /* Handle error */ + } else { + result = (int)tmp; + } + /* ... */ +} +``` +The assertion fails if `long long` has less than twice the precision of `int`. The `PRECISION()` macro and `popcount()` function provide the correct precision for any integer type. (See [INT35-C. Use correct integer precisions](https://wiki.sei.cmu.edu/confluence/display/c/INT35-C.+Use+correct+integer+precisions).) + +**Compliant Solution** + +The following portable compliant solution can be used with any conforming implementation, including those that do not have an integer type that is at least twice the precision of `int`: + +```cpp +#include + +void func(signed int si_a, signed int si_b) { + signed int result; + if (si_a > 0) { /* si_a is positive */ + if (si_b > 0) { /* si_a and si_b are positive */ + if (si_a > (INT_MAX / si_b)) { + /* Handle error */ + } + } else { /* si_a positive, si_b nonpositive */ + if (si_b < (INT_MIN / si_a)) { + /* Handle error */ + } + } /* si_a positive, si_b nonpositive */ + } else { /* si_a is nonpositive */ + if (si_b > 0) { /* si_a is nonpositive, si_b is positive */ + if (si_a < (INT_MIN / si_b)) { + /* Handle error */ + } + } else { /* si_a and si_b are nonpositive */ + if ( (si_a != 0) && (si_b < (INT_MAX / si_a))) { + /* Handle error */ + } + } /* End if si_a and si_b are nonpositive */ + } /* End if si_a is nonpositive */ + + result = si_a * si_b; +} +``` +**Compliant Solution (GNU)** + +This compliant solution uses the GNU extension `__builtin_smul_overflow`, available with GCC, Clang, and ICC: + +```cpp +void func(signed int si_a, signed int si_b) { + signed int result; + if (__builtin_smul_overflow(si_a, si_b, &result)) { + /* Handle error */ + } +} +``` + +## Division + +Division is between two operands of arithmetic type. Overflow can occur during two's complement signed integer division when the dividend is equal to the minimum (negative) value for the signed integer type and the divisor is equal to `−1`. Division operations are also susceptible to divide-by-zero errors. (See [INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors](https://wiki.sei.cmu.edu/confluence/display/c/INT33-C.+Ensure+that+division+and+remainder+operations+do+not+result+in+divide-by-zero+errors).) + +**Noncompliant Code Example** + +This noncompliant code example prevents divide-by-zero errors in compliance with [INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors](https://wiki.sei.cmu.edu/confluence/display/c/INT33-C.+Ensure+that+division+and+remainder+operations+do+not+result+in+divide-by-zero+errors) but does not prevent a signed integer overflow error in two's-complement. + +```cpp +void func(signed long s_a, signed long s_b) { + signed long result; + if (s_b == 0) { + /* Handle error */ + } else { + result = s_a / s_b; + } + /* ... */ +} +``` +**Implementation Details** + +On the x86-32 architecture, overflow results in a fault, which can be exploited as a [denial-of-service attack](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-denial-of-service). + +**Compliant Solution** + +This compliant solution eliminates the possibility of divide-by-zero errors or signed overflow: + +```cpp +#include + +void func(signed long s_a, signed long s_b) { + signed long result; + if ((s_b == 0) || ((s_a == LONG_MIN) && (s_b == -1))) { + /* Handle error */ + } else { + result = s_a / s_b; + } + /* ... */ +} +``` + +## Remainder + +The remainder operator provides the remainder when two operands of integer type are divided. Because many platforms implement remainder and division in the same instruction, the remainder operator is also susceptible to arithmetic overflow and division by zero. (See [INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors](https://wiki.sei.cmu.edu/confluence/display/c/INT33-C.+Ensure+that+division+and+remainder+operations+do+not+result+in+divide-by-zero+errors).) + +**Noncompliant Code Example** + +Many hardware architectures implement remainder as part of the division operator, which can overflow. Overflow can occur during a remainder operation when the dividend is equal to the minimum (negative) value for the signed integer type and the divisor is equal to −1. It occurs even though the result of such a remainder operation is mathematically 0. This noncompliant code example prevents divide-by-zero errors in compliance with [INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors](https://wiki.sei.cmu.edu/confluence/display/c/INT33-C.+Ensure+that+division+and+remainder+operations+do+not+result+in+divide-by-zero+errors) but does not prevent integer overflow: + +```cpp +void func(signed long s_a, signed long s_b) { + signed long result; + if (s_b == 0) { + /* Handle error */ + } else { + result = s_a % s_b; + } + /* ... */ +} +``` +**Implementation Details** + +On x86-32 platforms, the remainder operator for signed integers is implemented by the `idiv` instruction code, along with the divide operator. Because `LONG_MIN / −1` overflows, it results in a software exception with `LONG_MIN % −1` as well. + +**Compliant Solution** + +This compliant solution also tests the remainder operands to guarantee there is no possibility of an overflow: + +```cpp +#include + +void func(signed long s_a, signed long s_b) { + signed long result; + if ((s_b == 0 ) || ((s_a == LONG_MIN) && (s_b == -1))) { + /* Handle error */ + } else { + result = s_a % s_b; + } + /* ... */ +} +``` + +## Left-Shift Operator + +The left-shift operator takes two integer operands. The result of `E1 << E2` is `E1` left-shifted `E2` bit positions; vacated bits are filled with zeros. + +The C Standard, 6.5.7, paragraph 4 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\], states + +> If `E1` has a signed type and nonnegative value, and `E1 × 2E2` is representable in the result type, then that is the resulting value; otherwise, the behavior is undefined. + + +In almost every case, an attempt to shift by a negative number of bits or by more bits than exist in the operand indicates a logic error. These issues are covered by [INT34-C. Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand](https://wiki.sei.cmu.edu/confluence/display/c/INT34-C.+Do+not+shift+an+expression+by+a+negative+number+of+bits+or+by+greater+than+or+equal+to+the+number+of+bits+that+exist+in+the+operand). + +**Noncompliant Code Example** + +This noncompliant code example performs a left shift, after verifying that the number being shifted is not negative, and the number of bits to shift is valid. The `PRECISION()` macro and `popcount()` function provide the correct precision for any integer type. (See [INT35-C. Use correct integer precisions](https://wiki.sei.cmu.edu/confluence/display/c/INT35-C.+Use+correct+integer+precisions).) However, because this code does no overflow check, it can result in an unrepresentable value. + +```cpp +#include +#include +#include + +extern size_t popcount(uintmax_t); +#define PRECISION(umax_value) popcount(umax_value) + +void func(signed long si_a, signed long si_b) { + signed long result; + if ((si_a < 0) || (si_b < 0) || + (si_b >= PRECISION(ULONG_MAX)) { + /* Handle error */ + } else { + result = si_a << si_b; + } + /* ... */ +} +``` +**Compliant Solution** + +This compliant solution eliminates the possibility of overflow resulting from a left-shift operation: + +```cpp +#include +#include +#include + +extern size_t popcount(uintmax_t); +#define PRECISION(umax_value) popcount(umax_value) + +void func(signed long si_a, signed long si_b) { + signed long result; + if ((si_a < 0) || (si_b < 0) || + (si_b >= PRECISION(ULONG_MAX)) || + (si_a > (LONG_MAX >> si_b))) { + /* Handle error */ + } else { + result = si_a << si_b; + } + /* ... */ +} +``` + +## Unary Negation + +The unary negation operator takes an operand of arithmetic type. Overflow can occur during two's complement unary negation when the operand is equal to the minimum (negative) value for the signed integer type. + +**Noncompliant Code Example** + +This noncompliant code example can result in a signed integer overflow during the unary negation of the signed operand `s_a`: + +```cpp +void func(signed long s_a) { + signed long result = -s_a; + /* ... */ +} +``` +**Compliant Solution** + +This compliant solution tests the negation operation to guarantee there is no possibility of signed overflow: + +```cpp +#include + +void func(signed long s_a) { + signed long result; + if (s_a == LONG_MIN) { + /* Handle error */ + } else { + result = -s_a; + } + /* ... */ +} + +``` +Risk Assessment + +Integer overflow can lead to buffer overflows and the execution of arbitrary code by an attacker. + +
    Rule Severity Likelihood Remediation Cost Priority Level
    INT32-C High Likely High P9 L2
    + + +## Automated Detection + +
    Tool Version Checker Description
    Astrée 22.04 integer-overflow Fully checked
    CodeSonar 7.2p0 ALLOC.SIZE.ADDOFLOW ALLOC.SIZE.IOFLOW ALLOC.SIZE.MULOFLOW ALLOC.SIZE.SUBUFLOW MISC.MEM.SIZE.ADDOFLOW MISC.MEM.SIZE.BAD MISC.MEM.SIZE.MULOFLOW MISC.MEM.SIZE.SUBUFLOW Addition overflow of allocation size Integer overflow of allocation size Multiplication overflow of allocation size Subtraction underflow of allocation size Addition overflow of size Unreasonable size argument Multiplication overflow of size Subtraction underflow of size
    Coverity 2017.07 TAINTED_SCALAR BAD_SHIFT Implemented
    Helix QAC 2022.4 C2800, C2860 C++2800, C++2860 DF2801, DF2802, DF2803, DF2861, DF2862, DF2863
    Klocwork 2022.4 NUM.OVERFLOW CWARN.NOEFFECT.OUTOFRANGE NUM.OVERFLOW.DF
    LDRA tool suite 9.7.1 493 S, 494 S Partially implemented
    Parasoft C/C++test 2022.2 CERT_C-INT32-a CERT_C-INT32-b CERT_C-INT32-c Avoid integer overflows Integer overflow or underflow in constant expression in '+', '-', '\*' operator Integer overflow or underflow in constant expression in '<<' operator
    Parasoft Insure++ Runtime analysis
    Polyspace Bug Finder R2022b CERT C: Rule INT32-C Checks for: Integer overflownteger overflow, tainted division operandainted division operand, tainted modulo operandainted modulo operand. Rule partially covered.
    PRQA QA-C 9.7 2800, 2801, 2802, 2803, 2860, 2861, 2862, 2863 Fully implemented
    PRQA QA-C++ 4.4 2800, 2801, 2802, 2803, 2860, 2861, 2862, 2863
    PVS-Studio 7.23 V1026, V1070, V1081, V1083, V1085, V5010
    TrustInSoft Analyzer 1.38 signed_overflow Exhaustively verified (see one compliant and one non-compliant example ).
    + + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+INT32-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
    Taxonomy Taxonomy item Relationship
    CERT C INT02-C. Understand integer conversion rules Prior to 2018-01-12: CERT: Unspecified Relationship
    CERT C INT35-C. Use correct integer precisions Prior to 2018-01-12: CERT: Unspecified Relationship
    CERT C INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors Prior to 2018-01-12: CERT: Unspecified Relationship
    CERT C INT34-C. Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand Prior to 2018-01-12: CERT: Unspecified Relationship
    CERT C ARR30-C. Do not form or use out-of-bounds pointers or array subscripts Prior to 2018-01-12: CERT: Unspecified Relationship
    CERT C ARR36-C. Do not subtract or compare two pointers that do not refer to the same array Prior to 2018-01-12: CERT: Unspecified Relationship
    CERT C ARR37-C. Do not add or subtract an integer to a pointer to a non-array object Prior to 2018-01-12: CERT: Unspecified Relationship
    CERT C MSC15-C. Do not depend on undefined behavior Prior to 2018-01-12: CERT: Unspecified Relationship
    CERT C CON08-C. Do not assume that a group of calls to independently atomic methods is atomic Prior to 2018-01-12: CERT: Unspecified Relationship
    CERT Oracle Secure Coding Standard for Java INT00-J. Perform explicit range checking to avoid integer overflow Prior to 2018-01-12: CERT: Unspecified Relationship
    ISO/IEC TR 24772:2013 Arithmetic Wrap-Around Error \[FIF\] Prior to 2018-01-12: CERT: Unspecified Relationship
    ISO/IEC TS 17961 Overflowing signed integers \[intoflow\] Prior to 2018-01-12: CERT: Unspecified Relationship
    CWE 2.11 CWE-190 , Integer Overflow or Wraparound 2017-05-18: CERT: Partial overlap
    CWE 2.11 CWE-191 2017-05-18: CERT: Partial overlap
    CWE 2.11 CWE-680 2017-05-18: CERT: Partial overlap
    + + +## CERT-CWE Mapping Notes + +[Key here](https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=87152408#HowthisCodingStandardisOrganized-CERT-CWEMappingNotes) for mapping notes + +**CWE-20 and INT32-C** + +See CWE-20 and ERR34-C + +**CWE-680 and INT32-C** + +Intersection( INT32-C, MEM35-C) = Ø + +Intersection( CWE-680, INT32-C) = + +* Signed integer overflows that lead to buffer overflows +CWE-680 - INT32-C = +* Unsigned integer overflows that lead to buffer overflows +INT32-C – CWE-680 = +* Signed integer overflows that do not lead to buffer overflows +**CWE-191 and INT32-C** + +Union( CWE-190, CWE-191) = Union( INT30-C, INT32-C) + +Intersection( INT30-C, INT32-C) == Ø + +Intersection(CWE-191, INT32-C) = + +* Underflow of signed integer operation +CWE-191 – INT32-C = +* Underflow of unsigned integer operation +INT32-C – CWE-191 = +* Overflow of signed integer operation +**CWE-190 and INT32-C** + +Union( CWE-190, CWE-191) = Union( INT30-C, INT32-C) + +Intersection( INT30-C, INT32-C) == Ø + +Intersection(CWE-190, INT32-C) = + +* Overflow (wraparound) of signed integer operation +CWE-190 – INT32-C = +* Overflow of unsigned integer operation +INT32-C – CWE-190 = +* Underflow of signed integer operation + +## Bibliography + +
    \[ Dowd 2006 \] Chapter 6, "C Language Issues" ("Arithmetic Boundary Conditions," pp. 211–223)
    \[ ISO/IEC 9899:2011 \] Subclause 6.5.5, "Multiplicative Operators"
    \[ Seacord 2013b \] Chapter 5, "Integer Security"
    \[ Viega 2005 \] Section 5.2.7, "Integer Overflow"
    \[ Warren 2002 \] Chapter 2, "Basics"
    + ## Implementation notes diff --git a/c/cert/src/rules/INT33-C/DivOrRemByZero.md b/c/cert/src/rules/INT33-C/DivOrRemByZero.md index b42c204e83..2a6f184488 100644 --- a/c/cert/src/rules/INT33-C/DivOrRemByZero.md +++ b/c/cert/src/rules/INT33-C/DivOrRemByZero.md @@ -5,9 +5,130 @@ This query implements the CERT-C rule INT33-C: > Ensure that division and remainder operations do not result in divide-by-zero errors -## CERT -** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** +## Description + +The C Standard identifies the following condition under which division and remainder operations result in [undefined behavior (UB)](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior): + +
    UB Description
    45 The value of the second operand of the / or % operator is zero (6.5.5).
    +Ensure that division and remainder operations do not result in divide-by-zero errors. + + +## Division + +The result of the `/` operator is the quotient from the division of the first arithmetic operand by the second arithmetic operand. Division operations are susceptible to divide-by-zero errors. Overflow can also occur during two's complement signed integer division when the dividend is equal to the minimum (most negative) value for the signed integer type and the divisor is equal to `−1.` (See [INT32-C. Ensure that operations on signed integers do not result in overflow](https://wiki.sei.cmu.edu/confluence/display/c/INT32-C.+Ensure+that+operations+on+signed+integers+do+not+result+in+overflow).) + +**Noncompliant Code Example** + +This noncompliant code example prevents signed integer overflow in compliance with [INT32-C. Ensure that operations on signed integers do not result in overflow](https://wiki.sei.cmu.edu/confluence/display/c/INT32-C.+Ensure+that+operations+on+signed+integers+do+not+result+in+overflow) but fails to prevent a divide-by-zero error during the division of the signed operands `s_a` and `s_b`:` ` + +```cpp +#include + +void func(signed long s_a, signed long s_b) { + signed long result; + if ((s_a == LONG_MIN) && (s_b == -1)) { + /* Handle error */ + } else { + result = s_a / s_b; + } + /* ... */ +} +``` +**Compliant Solution** + +This compliant solution tests the division operation to guarantee there is no possibility of divide-by-zero errors or signed overflow: + +```cpp +#include + +void func(signed long s_a, signed long s_b) { + signed long result; + if ((s_b == 0) || ((s_a == LONG_MIN) && (s_b == -1))) { + /* Handle error */ + } else { + result = s_a / s_b; + } + /* ... */ +} +``` + +## Remainder + +The remainder operator provides the remainder when two operands of integer type are divided. + +**Noncompliant Code Example** + +This noncompliant code example prevents signed integer overflow in compliance with [INT32-C. Ensure that operations on signed integers do not result in overflow](https://wiki.sei.cmu.edu/confluence/display/c/INT32-C.+Ensure+that+operations+on+signed+integers+do+not+result+in+overflow) but fails to prevent a divide-by-zero error during the remainder operation on the signed operands `s_a` and `s_b`: + +```cpp +#include + +void func(signed long s_a, signed long s_b) { + signed long result; + if ((s_a == LONG_MIN) && (s_b == -1)) { + /* Handle error */ + } else { + result = s_a % s_b; + } + /* ... */ +} +``` +**Compliant Solution** + +This compliant solution tests the remainder operand to guarantee there is no possibility of a divide-by-zero error or an overflow error: + +```cpp +#include + +void func(signed long s_a, signed long s_b) { + signed long result; + if ((s_b == 0 ) || ((s_a == LONG_MIN) && (s_b == -1))) { + /* Handle error */ + } else { + result = s_a % s_b; + } + /* ... */ +} +``` + +## Risk Assessment + +A divide-by-zero error can result in [abnormal program termination](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-abnormaltermination) and denial of service. + +
    Rule Severity Likelihood Remediation Cost Priority Level
    INT33-C Low Likely Medium P6 L2
    + + +## Automated Detection + +
    Tool Version Checker Description
    Astrée 22.04 int-division-by-zero int-modulo-by-zero Fully checked
    Axivion Bauhaus Suite 7.2.0 CertC-INT33
    CodeSonar 7.2p0 LANG.ARITH.DIVZEROLANG.ARITH.FDIVZERO Division by zero Float Division By Zero
    Compass/ROSE Can detect some violations of this rule (In particular, it ensures that all operations involving division or modulo are preceded by a check ensuring that the second operand is nonzero.)
    Coverity 2017.07 DIVIDE_BY_ZERO Fully implemented
    Cppcheck 1.66 zerodivzerodivcond Context sensitive analysis of division by zero Not detected for division by struct member / array element / pointer data that is 0 Detected when there is unsafe division by variable before/after test if variable is zero
    Helix QAC 2022.4 C2830 C++2830 DF2831, DF2832, DF2833
    Klocwork 2022.4 DBZ.CONST DBZ.CONST.CALL DBZ.GENERAL DBZ.ITERATOR DBZ.ITERATOR.CALL
    LDRA tool suite 9.7.1 43 D, 127 D, 248 S, 629 S, 80 X Partially implemented
    Parasoft C/C++test 2022.2 CERT_C-INT33-a Avoid division by zero
    Parasoft Insure++ Runtime analysis
    Polyspace Bug Finder R2022b CERT C: Rule INT33-C Checks for: Integer division by zeronteger division by zero, tainted division operandainted division operand, tainted modulo operandainted modulo operand. Rule fully covered.
    PRQA QA-C 9.7 2830 \[C\], 2831 \[D\], 2832 \[A\] 2833 \[S\] Fully implemented
    PRQA QA-C++ 4.4 2831, 2832, 2833
    SonarQube C/C++ Plugin 3.11 S3518
    PVS-Studio 7.23 V609
    TrustInSoft Analyzer 1.38 division_by_zero Exhaustively verified (see one compliant and one non-compliant example ).
    + + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+INT33-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
    Taxonomy Taxonomy item Relationship
    CERT C INT32-C. Ensure that operations on signed integers do not result in overflow Prior to 2018-01-12: CERT: Unspecified Relationship
    CERT Oracle Secure Coding Standard for Java NUM02-J. Ensure that division and remainder operations do not result in divide-by-zero errors Prior to 2018-01-12: CERT: Unspecified Relationship
    ISO/IEC TS 17961 Integer division errors \[diverr\] Prior to 2018-01-12: CERT: Unspecified Relationship
    CWE 2.11 CWE-369 , Divide By Zero 2017-07-07: CERT: Exact
    + + +## CERT-CWE Mapping Notes + +[Key here](https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=87152408#HowthisCodingStandardisOrganized-CERT-CWEMappingNotes) for mapping notes + +**CWE-682 and INT33-C** + +CWE-682 = Union( INT33-C, list) where list = + +* Incorrect calculations that do not involve division by zero + +## Bibliography + +
    \[ Seacord 2013b \] Chapter 5, "Integer Security"
    \[ Warren 2002 \] Chapter 2, "Basics"
    + ## Implementation notes diff --git a/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.md b/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.md index 7d6fa5445a..60edb34960 100644 --- a/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.md +++ b/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.md @@ -5,9 +5,134 @@ This query implements the CERT-C rule INT35-C: > Use correct integer precisions -## CERT -** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** +## Description + +Integer types in C have both a *size* and a *precision*. The size indicates the number of bytes used by an object and can be retrieved for any object or type using the `sizeof` operator. The precision of an integer type is the number of bits it uses to represent values, excluding any sign and padding bits. + +Padding bits contribute to the integer's size, but not to its precision. Consequently, inferring the precision of an integer type from its size may result in too large a value, which can then lead to incorrect assumptions about the numeric range of these types. Programmers should use correct integer precisions in their code, and in particular, should not use the `sizeof` operator to compute the precision of an integer type on architectures that use padding bits or in strictly conforming (that is, portable) programs. + +## Noncompliant Code Example + +This noncompliant code example illustrates a function that produces 2 raised to the power of the function argument. To prevent undefined behavior in compliance with [INT34-C. Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand](https://wiki.sei.cmu.edu/confluence/display/c/INT34-C.+Do+not+shift+an+expression+by+a+negative+number+of+bits+or+by+greater+than+or+equal+to+the+number+of+bits+that+exist+in+the+operand), the function ensures that the argument is less than the number of bits used to store a value of type `unsigned int`. + +```cpp +#include + +unsigned int pow2(unsigned int exp) { + if (exp >= sizeof(unsigned int) * CHAR_BIT) { + /* Handle error */ + } + return 1 << exp; +} +``` +However, if this code runs on a platform where `unsigned int` has one or more padding bits, it can still result in values for `exp` that are too large. For example, on a platform that stores `unsigned int` in 64 bits, but uses only 48 bits to represent the value, a left shift of 56 bits would result in undefined behavior. + +## Compliant Solution + +This compliant solution uses a `popcount()` function, which counts the number of bits set on any unsigned integer, allowing this code to determine the precision of any integer type, signed or unsigned. + +```cpp +#include +#include + +/* Returns the number of set bits */ +size_t popcount(uintmax_t num) { + size_t precision = 0; + while (num != 0) { + if (num % 2 == 1) { + precision++; + } + num >>= 1; + } + return precision; +} +#define PRECISION(umax_value) popcount(umax_value) +``` +Implementations can replace the `PRECISION()` macro with a type-generic macro that returns an integer constant expression that is the precision of the specified type for that implementation. This return value can then be used anywhere an integer constant expression can be used, such as in a static assertion. (See [DCL03-C. Use a static assertion to test the value of a constant expression](https://wiki.sei.cmu.edu/confluence/display/c/DCL03-C.+Use+a+static+assertion+to+test+the+value+of+a+constant+expression).) The following type generic macro, for example, might be used for a specific implementation targeting the IA-32 architecture: + +```cpp +#define PRECISION(value) _Generic(value, \ + unsigned char : 8, \ + unsigned short: 16, \ + unsigned int : 32, \ + unsigned long : 32, \ + unsigned long long : 64, \ + signed char : 7, \ + signed short : 15, \ + signed int : 31, \ + signed long : 31, \ + signed long long : 63) +``` +The revised version of the `pow2()` function uses the `PRECISION()` macro to determine the precision of the unsigned type: + +```cpp +#include +#include +#include +extern size_t popcount(uintmax_t); +#define PRECISION(umax_value) popcount(umax_value) +unsigned int pow2(unsigned int exp) { + if (exp >= PRECISION(UINT_MAX)) { + /* Handle error */ + } + return 1 << exp; +} +``` +**Implementation Details** + +Some platforms, such as the Cray Linux Environment (CLE; supported on Cray XT CNL compute nodes), provide `a _popcnt` instruction that can substitute for the `popcount()` function. + +```cpp +#define PRECISION(umax_value) _popcnt(umax_value) + +``` + +## Risk Assessment + +Mistaking an integer's size for its precision can permit invalid precision arguments to operations such as bitwise shifts, resulting in undefined behavior. + +
    Rule Severity Likelihood Remediation Cost Priority Level
    INT35-C Low Unlikely Medium P2 L3
    + + +## Automated Detection + +
    Tool Version Checker Description
    Astrée 22.04 Supported: Astrée reports overflows due to insufficient precision.
    CodeSonar 7.2p0 LANG.ARITH.BIGSHIFT Shift Amount Exceeds Bit Width
    Helix QAC 2022.4 C0582 C++3115
    Parasoft C/C++test 2022.2 CERT_C-INT35-a Use correct integer precisions when checking the right hand operand of the shift operator
    Polyspace Bug Finder R2022b CERT C: Rule INT35-C Checks for situations when integer precisions are exceeded (rule fully covered)
    PRQA QA-C 9.7 0582
    + + +## + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
    Taxonomy Taxonomy item Relationship
    CWE 2.11 CWE-681 , Incorrect Conversion between Numeric Types 2017-10-30:MITRE: Unspecified Relationship 2018-10-18:CERT:Partial Overlap
    + + +## CERT-CWE Mapping Notes + +[Key here](https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=87152408#HowthisCodingStandardisOrganized-CERT-CWEMappingNotes) for mapping notes + +**CWE-190 and INT35-C** + +Intersection( INT35-C, CWE-190) = Ø + +INT35-C used to map to CWE-190 but has been replaced with a new rule that has no overlap with CWE-190. + +**CWE-681 and INT35-C** + +Intersection(INT35-C, CWE-681) = due to incorrect use of integer precision, conversion from one data type to another causing data to be omitted or translated in a way that produces unexpected values + +CWE-681 - INT35-C = list2, where list2 = + +* conversion from one data type to another causing data to be omitted or translated in a way that produces unexpected values, not involving incorrect use of integer precision +INT35-C - CWE-681 = list1, where list1 = +* incorrect use of integer precision not related to conversion from one data type to another + +## Bibliography + +
    \[ Dowd 2006 \] Chapter 6, "C Language Issues"
    \[ C99 Rationale 2003 \] 6.5.7, "Bitwise Shift Operators"
    + ## Implementation notes From 293450ffff25b1326b692b705ab94192826b77e9 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 22 Mar 2023 10:28:44 -0400 Subject: [PATCH 0805/2573] work --- .../LanguageExtensionsShouldNotBeUsed.ql | 7 +- c/misra/test/rules/RULE-1-2/test.c | 163 ++++++++++-------- rule_packages/c/Language2.json | 23 +-- rules.csv | 2 +- 4 files changed, 93 insertions(+), 102 deletions(-) diff --git a/c/misra/src/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql b/c/misra/src/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql index 8da2c09947..662b20d330 100644 --- a/c/misra/src/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql +++ b/c/misra/src/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql @@ -14,8 +14,9 @@ import cpp import codingstandards.c.misra +import codingstandards.c.Extensions -from +from CCompilerExtension e where - not isExcluded(x, Language2Package::languageExtensionsShouldNotBeUsedQuery()) and -select + not isExcluded(e, Language2Package::languageExtensionsShouldNotBeUsedQuery()) +select e, "Is a compiler extension and is not portable to other compilers." diff --git a/c/misra/test/rules/RULE-1-2/test.c b/c/misra/test/rules/RULE-1-2/test.c index f71fb1ac4f..435f366ff8 100644 --- a/c/misra/test/rules/RULE-1-2/test.c +++ b/c/misra/test/rules/RULE-1-2/test.c @@ -9,6 +9,7 @@ // - https://clang.llvm.org/docs/LanguageExtensions.html // - https://gcc.gnu.org/onlinedocs/gcc/C-Extensions.html +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Other-Builtins.html#Other-Builtins #ifdef __has_builtin // NON_COMPLIANT #endif #ifdef __has_constexpr_builtin // NON_COMPLIANT @@ -32,6 +33,7 @@ #ifdef __has_warning // NON_COMPLIANT #endif +// Reference: https://clang.llvm.org/docs/LanguageExtensions.html#builtin-macros #define A __BASE_FILE__ // NON_COMPLIANT #define B __FILE_NAME__ // NON_COMPLIANT #define C __COUNTER__ // NON_COMPLIANT @@ -45,24 +47,22 @@ #define K __clang_literal_encoding__ // NON_COMPLIANT #define L __clang_wide_literal_encoding__ // NON_COMPLIANT -typedef float float4 __attribute__((ext_vector_type(4))); // NON_COMPLIANT -typedef float float2 __attribute__((ext_vector_type(2))); // NON_COMPLIANT - // Requires additional compiler flags to change the architecture // typedef __attribute__((neon_vector_type(8))) int8_t int8x8_t; // typedef __attribute__((neon_polyvector_type(16))) poly8_t poly8x16_t; +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Variable-Attributes.html#Variable-Attributes typedef int int4 __attribute__((vector_size(4 * sizeof(int)))); // NON_COMPLIANT - typedef int v4si __attribute__((__vector_size__(16))); // NON_COMPLIANT typedef float float4 __attribute__((ext_vector_type(4))); // NON_COMPLIANT typedef float float2 __attribute__((ext_vector_type(2))); // NON_COMPLIANT -//// GCC features + +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Statement-Exprs.html#Statement-Exprs void gf1() { - ({ + ({ // NON_COMPLIANT int y = 1; - int z; // NON_COMPLIANT + int z; if (y > 0) z = y; else @@ -71,149 +71,154 @@ void gf1() { }); } +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Local-Labels.html#Local-Labels void gf2() { - // __label__ found; -- local labels not supported by clang + // __label__ found; // NON_COMPLIANT[FALSE_NEGATIVE] -- local labels not supported by clang } +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Labels-as-Values.html#Labels-as-Values void gf3() { void *ptr; - // goto *ptr; -- not supported in clang + // goto *ptr; // NON_COMPLIANT[FALSE_NEGATIVE] -- not supported in clang } +// Referfence: https://gcc.gnu.org/onlinedocs/gcc/Nested-Functions.html#Nested-Functions void gf4() { - // void gf4a(){ -- not supported in clang + // void gf4a(){ // NON_COMPLIANT[FALSE_NEGATIVE] -- not supported in clang // // } } +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Nonlocal-Gotos.html#Nonlocal-Gotos void gf5() { __builtin_setjmp(0); // NON_COMPLIANT __builtin_longjmp(0, 1); // NON_COMPLIANT } +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Constructing-Calls.html#Constructing-Calls void gf6() { // not supported by clang - - //__builtin_apply_args(); - //__builtin_apply(0, 0, 0); - //__builtin_return(0); - //__builtin_va_arg_pack(); - //__builtin_va_arg_pack_len(); + //__builtin_apply_args(); // NON_COMPLIANT[FALSE_NEGATIVE] + //__builtin_apply(0, 0, 0); // NON_COMPLIANT[FALSE_NEGATIVE] + //__builtin_return(0); // NON_COMPLIANT[FALSE_NEGATIVE] + //__builtin_va_arg_pack(); // NON_COMPLIANT[FALSE_NEGATIVE] + //__builtin_va_arg_pack_len(); // NON_COMPLIANT[FALSE_NEGATIVE] } +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Conditionals.html#Conditionals void gf7() { int a = 0 ?: 0; // NON_COMPLIANT } +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Typeof.html#Typeof void gf8() { - typeof(int *); // NON_COMPLIANT + typeof(int *); // NON_COMPLIANT[FALSE_NEGATIVE] } +// Reference: https://gcc.gnu.org/onlinedocs/gcc/_005f_005fint128.html#g_t_005f_005fint128 void gf9() { __int128 a; // NON_COMPLIANT } - +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Long-Long.html#Long-Long void gf10() { long long int a; // NON_COMPLIANT } +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Complex.html#Complex void gf11() { - __real__(0); // NON_COMPLIANT - __imag__(0); // NON_COMPLIANT + __real__(0); // NON_COMPLIANT[FALSE_NEGATIVE] + __imag__(0); // NON_COMPLIANT[FALSE_NEGATIVE] } void gf12() {} +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Floating-Types.html#Floating-Types +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Decimal-Float.html#Decimal-Float void gf13() { // not supported on clang - - //_Decimal32 a; - //_Decimal64 b; - //_Decimal128 c; + //_Decimal32 a; // NON_COMPLIANT[FALSE_NEGATIVE] + //_Decimal64 b; // NON_COMPLIANT[FALSE_NEGATIVE] + //_Decimal128 c; // NON_COMPLIANT[FALSE_NEGATIVE] } +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Complex.html#Complex void gf14() { - // Not sure how to get this to work. - // typedef _Complex float __attribute__((mode(TC))) _Complex128; - // typedef _Complex float __attribute__((mode(XC))) _Complex80; + // Do not work in clang + // typedef _Complex float __attribute__((mode(TC))) _Complex128; // NON_COMPLIANT[FALSE_NEGATIVE] + // typedef _Complex float __attribute__((mode(XC))) _Complex80; // NON_COMPLIANT[FALSE_NEGATIVE] } +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Hex-Floats.html#Hex-Floats void gf15() { - float f = 0x1.fp3; // NON_COMPLIANT + float f = 0x1.fp3; // NON_COMPLIANT[FALSE_NEGATIVE] } +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html#Zero-Length void gf16() { char contents[0]; // NON_COMPLIANT } +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Named-Address-Spaces.html#Named-Address-Spaces void gf17() { - // const __flash char ** p; // not supported in clang + // const __flash char ** p; // NON_COMPLIANT[FALSE_NEGATIVE] -- not supported in clang } void gf18() { // not supported by extractor - checked by looking for flags. - // short _Fract, _Fract; - // long _Fract; + // short _Fract, _Fract; // NON_COMPLIANT[FALSE_NEGATIVE] - + // long _Fract; // NON_COMPLIANT[FALSE_NEGATIVE] } struct gf19 {}; // NON_COMPLIANT +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Variable-Length.html#Variable-Length void gf20(int n) { - // struct S { int x[n]; }; // will never be supported in clang + // struct S { int x[n]; }; // NON_COMPLIANT[FALSE_NEGATIVE] - will never be supported in clang } - +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Variadic-Macros.html#Variadic-Macros #define gf21(format, args...) \ - printf(format, args) // NON_COMPLIANT -- note the issue here is explicitly + printf(format, args) // NON_COMPLIANT // NON_COMPLIANT[FALSE_NEGATIVE] -- note the issue here is explicitly // naming the arguments. #define gf21a(format, ...) printf(format, __VA_ARGS__) // COMPLIANT +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Escaped-Newlines.html#Escaped-Newlines #define gf22 \ "a" \ \ -"b" // NON_COMPLIANT - additional spaces after a backslash +"b" // NON_COMPLIANT[FALSE_NEGATIVE] - additional spaces after a backslash -- stripped by extractor #define gf22a \ "a" \ "b" // COMPLIANT -struct gf23s { - int a[1]; -}; -struct gf23s gf23f(); -void gf23() { - gf23f().a[0]; // NON_COMPLIANT in C90 -} - void gf24(int f, int g) { float beat_freqs[2] = {f - g, f + g}; // NON_COMPLIANT } -void gf25t(int N, int M, double out[M][N], const double in[N][M]); +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Variable-Length.html#Variable-Length +void gf25t(int N, int M, double out[M][N], const double in[N][M]); // NON_COMPLIANT[FALSE_NEGATIVE] void gf25() { double x[3][2]; double y[2][3]; gf25t(3, 2, y, - x); // NON_COMPLIANT - in ISO C the const qualifier is formally attached + x); // in ISO C the const qualifier is formally attached // to the element type of the array and not the array itself } +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Compound-Literals.html#Compound-Literals struct gf26t { int a; char b[2]; } gf26v; void gf26(int x, int y) { - gf26v = ((struct gf26t){x + y, 'z', 0}); // NON_COMPLIANT - compound literal -} - -void gf27() { - int a[6] = {[4] = 29, [2] = 15}; // NON_COMPLIANT in C90. + gf26v = ((struct gf26t){x + y, 'z', 0}); // NON_COMPLIANT[FALSE_NEGATIVE] - compound literal } - +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Case-Ranges.html#Case-Ranges void gf28() { int a; // switch(a){ - // case: 0 ... 5: // Not supported in clang. + // case: 0 ... 5: // NON_COMPLIANT[FALSE_NEGATIVE] - Not supported in clang. // ;; // break; // default: @@ -227,16 +232,19 @@ union gf29u { double j; }; +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Cast-to-Union.html#Cast-to-Union void gf29() { int x; int y; union gf29u z; - z = (union gf29u)x; // NON_COMPLIANT - z = (union gf29u)y; // NON_COMPLIANT + z = (union gf29u)x; // NON_COMPLIANT[FALSE_NEGATIVE] + z = (union gf29u)y; // NON_COMPLIANT[FALSE_NEGATIVE] } -__attribute__((access(read_only, 1))) int -gf30(const char *); // NON_COMPLIANT -- attributes are not portable. +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Variable-Attributes.html#Variable-Attributes +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Function-Attributes.html#Function-Attributes +__attribute__((access(read_only, 1))) +int gf30(const char *); // NON_COMPLIANT -- attributes are not portable. extern int __attribute__((alias("var_target"))) gf31; // NON_COMPLIANT -- attributes are not portable. @@ -258,7 +266,7 @@ enum gf34 { void gf35() { int x; - // __attribute__((assume(x == 42))); - Not supported in clang + // __attribute__((assume(x == 42))); // NON_COMPLIANT[FALSE_NEGATIVE] - Not supported in clang switch (x) { case 1: @@ -269,21 +277,14 @@ void gf35() { } } -// Not supported in clang. -// int gf36 (uid_t); - -// int -// gf36 (int x) -// { -// return x == 0; -// } - +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Dollar-Signs.html#Dollar-Signs void gf37() { - int a$1; // NON_COMPLIANT + int a$1; // NON_COMPLIANT[FALSE_NEGATIVE] } +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Character-Escapes.html#Character-Escapes void gf38() { - const char *c = "test\e"; // NON_COMPLIANT + const char *c = "test\e"; // NON_COMPLIANT[FALSE_NEGATIVE] } struct gf39s { @@ -291,21 +292,26 @@ struct gf39s { char y; } gf39v; +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Alignment.html#Alignment void gf39() { __alignof__(gf39v.x); // NON_COMPLIANT } -// enum gf40 {}; // not supported in clang +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Incomplete-Enums.html#Incomplete-Enums +// enum gf40 {}; // NON_COMPLIANT[FALSE_NEGATIVE] - not supported in clang +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Function-Names.html#Function-Names void gf41() { - printf("__FUNCTION__ = %s\n", __FUNCTION__); // NON_COMPLIANT - printf("__PRETTY_FUNCTION__ = %s\n", __PRETTY_FUNCTION__); // NON_COMPLIANT + printf("__FUNCTION__ = %s\n", __FUNCTION__); // NON_COMPLIANT[FALSE_NEGATIVE] + printf("__PRETTY_FUNCTION__ = %s\n", __PRETTY_FUNCTION__); // NON_COMPLIANT[FALSE_NEGATIVE] } +// Reference: https://clang.llvm.org/docs/LanguageExtensions.html#builtin-macros +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Other-Builtins.html#Other-Builtins void gf42() { - __builtin_extract_return_addr(0); - __builtin_frob_return_addr(0); - __builtin_frame_address(0); + __builtin_extract_return_addr(0); // NON_COMPLIANT + __builtin_frob_return_addr(0); // NON_COMPLIANT + __builtin_frame_address(0); // NON_COMPLIANT } struct gf43s { @@ -322,6 +328,7 @@ struct gf44s { char y; } gf44v; +// Reference: https://gcc.gnu.org/onlinedocs/gcc/_005f_005fsync-Builtins.html#g_t_005f_005fsync-Builtins void gf44() { int i; __sync_fetch_and_add(&i, 0); // NON_COMPLIANT @@ -343,12 +350,15 @@ void gf44() { __sync_lock_release(&i, 0); } +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Binary-constants.html#Binary-constants void gf45() { - int i = 0b101010; // NON_COMPLIANT + int i = 0b101010; // NON_COMPLIANT[FALSE_NEGATIVE] } -__thread int gf46; // NON_COMPLIANT +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Thread-Local.html#Thread-Local +__thread int gf46; // NON_COMPLIANT[FALSE_NEGATIVE] +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Unnamed-Fields.html#Unnamed-Fields void gf47() { // NON_COMPLIANT in versions < C11. struct { int a; @@ -360,6 +370,7 @@ void gf47() { // NON_COMPLIANT in versions < C11. } f; } +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Other-Builtins.html#Other-Builtins void gf48(){ __builtin_alloca(0); // NON_COMPLIANT (all __builtin functions are non-compliant.) } \ No newline at end of file diff --git a/rule_packages/c/Language2.json b/rule_packages/c/Language2.json index 2fc720b57d..9dc4f72866 100644 --- a/rule_packages/c/Language2.json +++ b/rule_packages/c/Language2.json @@ -20,28 +20,7 @@ } ], "title": "All usage of assembly language should be documented" - }, - "RULE-1-2": { - "properties": { - "obligation": "advisory" - }, - "queries": [ - { - "description": "Language extensions can have inconsistent behavior and should not be used.", - "kind": "problem", - "name": "Language extensions should not be used", - "precision": "high", - "severity": "error", - "short_name": "LanguageExtensionsShouldNotBeUsed", - "tags": [ - "maintainability", - "readability", - "correctness" - ] - } - ], - "title": "Language extensions should not be used" - }, + }, "RULE-1-4": { "properties": { "obligation": "required" diff --git a/rules.csv b/rules.csv index 8031503680..429f9ede8f 100644 --- a/rules.csv +++ b/rules.csv @@ -617,7 +617,7 @@ c,MISRA-C-2012,DIR-4-12,Yes,Required,,,Dynamic memory allocation shall not be us c,MISRA-C-2012,DIR-4-13,Yes,Advisory,,,Functions which are designed to provide operations on a resource should be called in an appropriate sequence,,Contracts,Hard, c,MISRA-C-2012,DIR-4-14,Yes,Required,,,The validity of values received from external sources shall be checked,,Contracts,Hard, c,MISRA-C-2012,RULE-1-1,No,Required,,,"The program shall contain no violations of the standard C syntax and constraints, and shall not exceed the implementation's translation limits",,Language,Easy,"This should be checked via the compiler output, rather than CodeQL, which adds unnecessary steps." -c,MISRA-C-2012,RULE-1-2,Yes,Advisory,,,Language extensions should not be used,,Language2,Hard, +c,MISRA-C-2012,RULE-1-2,Yes,Advisory,,,Language extensions should not be used,,Language3,Hard, c,MISRA-C-2012,RULE-1-3,Yes,Required,,,There shall be no occurrence of undefined or critical unspecified behaviour,,Language3,Hard, c,MISRA-C-2012,RULE-1-4,Yes,Required,,,Emergent language features shall not be used,,Language2,Medium, c,MISRA-C-2012,RULE-2-1,Yes,Required,,,A project shall not contain unreachable code,M0-1-1,DeadCode,Import, From 58383ae8c8daa1aa1c77b449824a8a47a093756e Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 22 Mar 2023 10:28:51 -0400 Subject: [PATCH 0806/2573] work --- c/common/src/codingstandards/c/Extensions.qll | 106 ++++++++++++++++++ .../src/codingstandards/cpp/Extensions.qll | 4 + 2 files changed, 110 insertions(+) create mode 100644 c/common/src/codingstandards/c/Extensions.qll create mode 100644 cpp/common/src/codingstandards/cpp/Extensions.qll diff --git a/c/common/src/codingstandards/c/Extensions.qll b/c/common/src/codingstandards/c/Extensions.qll new file mode 100644 index 0000000000..fbadda35a5 --- /dev/null +++ b/c/common/src/codingstandards/c/Extensions.qll @@ -0,0 +1,106 @@ +import cpp +import codingstandards.cpp.Extensions + +/** + * Common base class for modeling compiler extensions. + */ +abstract class CCompilerExtension extends CompilerExtension { } + +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Other-Builtins.html#Other-Builtins +abstract class CConditionalDefineExtension extends CCompilerExtension, PreprocessorIfdef { + CConditionalDefineExtension() { + exists(toString().indexOf("__has_builtin")) or + exists(toString().indexOf("__has_constexpr_builtin")) or + exists(toString().indexOf("__has_feature")) or + exists(toString().indexOf("__has_extension")) or + exists(toString().indexOf("__has_attribute")) or + exists(toString().indexOf("__has_declspec_attribute")) or + exists(toString().indexOf("__is_identifier")) or + exists(toString().indexOf("__has_include")) or + exists(toString().indexOf("__has_include_next")) or + exists(toString().indexOf("__has_warning")) + } +} + +// Reference: https://clang.llvm.org/docs/LanguageExtensions.html#builtin-macros +class CMacroBasedExtension extends CCompilerExtension, Macro { + CMacroBasedExtension() { + getBody() in [ + "__BASE_FILE__", "__FILE_NAME__", "__COUNTER__", "__INCLUDE_LEVEL__", "_TIMESTAMP__", + "__clang__", "__clang_major__", "__clang_minor__", "__clang_patchlevel__", + "__clang_version__", "__clang_literal_encoding__", "__clang_wide_literal_encoding__" + ] + } +} + +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Variable-Attributes.html#Variable-Attributes +class CAttributeExtension extends CCompilerExtension, Attribute { + CAttributeExtension() { + getName() in [ + "ext_vector_type", "vector_size", "access", "aligned", "deprecated", "cold", "unused", + "fallthrough", "read_only", "alias" + ] + } +} + +// Reference: https://gcc.gnu.org/onlinedocs/gcc/_005f_005fsync-Builtins.html#g_t_005f_005fsync-Builtins +class CFunctionExtension extends CCompilerExtension, FunctionCall { + CFunctionExtension() { + // these must be somewhat broad because of how they vary + // in implementation / naming + getTarget().getName().indexOf("__sync_fetch") = 0 or + getTarget().getName().indexOf("__sync_add") = 0 or + getTarget().getName().indexOf("__sync_sub") = 0 or + getTarget().getName().indexOf("__sync_or") = 0 or + getTarget().getName().indexOf("__sync_and") = 0 or + getTarget().getName().indexOf("__sync_xor") = 0 or + getTarget().getName().indexOf("__sync_nand") = 0 or + getTarget().getName().indexOf("__sync_bool") = 0 or + getTarget().getName().indexOf("__sync_val") = 0 or + getTarget().getName().indexOf("__sync_lock") = 0 or + // the built-in extensions + getTarget().getName().indexOf("__builtin_") = 0 + } +} + +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Alignment.html#Alignment +class CFunctionLikeExtension extends CCompilerExtension, AlignofExprOperator { + CFunctionLikeExtension() { exists(getValueText().indexOf("__alignof__")) } +} + +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Statement-Exprs.html#Statement-Exprs +class CStmtExprExtension extends CCompilerExtension, StmtExpr {} + +// Use of ternary like the following: `int a = 0 ?: 0;` where the +// one of the branches is omitted +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Conditionals.html#Conditionals +class CTerseTernaryExtension extends CCompilerExtension, ConditionalExpr { + CTerseTernaryExtension() { getCondition() = getElse() or getCondition() = getThen() } +} + +// Reference: https://gcc.gnu.org/onlinedocs/gcc/_005f_005fint128.html#g_t_005f_005fint128 +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Decimal-Float.html#Decimal-Float +class CRealTypeExtensionExtension extends CCompilerExtension, RealNumberType { + CRealTypeExtensionExtension() { + this instanceof Decimal128Type or + this instanceof Decimal32Type or + this instanceof Decimal64Type or + this instanceof Float128Type + } +} +// Reference: https://gcc.gnu.org/onlinedocs/gcc/_005f_005fint128.html#g_t_005f_005fint128 +class CIntegerTypeExtension extends CCompilerExtension, Int128Type {} + +class CZeroLengthArraysExtension extends CCompilerExtension, DeclarationEntry { + CZeroLengthArraysExtension() { getType().(ArrayType).getArraySize() = 0 } +} + +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Empty-Structures.html#Empty-Structures +class CEmptyStructExtension extends CCompilerExtension, Struct { + CEmptyStructExtension() { not exists(getAMember(_)) } +} + +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Variable-Length.html#Variable-Length +class CVariableLengthArraysExtension extends CCompilerExtension, DeclarationEntry { + CVariableLengthArraysExtension() { not getType().(ArrayType).hasArraySize() } +} diff --git a/cpp/common/src/codingstandards/cpp/Extensions.qll b/cpp/common/src/codingstandards/cpp/Extensions.qll new file mode 100644 index 0000000000..5ab04257bf --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/Extensions.qll @@ -0,0 +1,4 @@ +import cpp + +abstract class CompilerExtension extends Locatable {} +abstract class CPPCompilerExtension extends CompilerExtension {} \ No newline at end of file From 6a1b3460037b07f4782b1d8fa29c3d7fd98f0bc8 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 22 Mar 2023 10:35:58 -0400 Subject: [PATCH 0807/2573] files --- .vscode/tasks.json | 1 + .../LanguageExtensionsShouldNotBeUsed.ql | 15 +++---- .../RULE-1-3/OccurrenceOfUndefinedBehavior.ql | 20 +++++++++ .../OccurrenceOfUndefinedBehavior.expected | 1 + .../OccurrenceOfUndefinedBehavior.qlref | 1 + .../cpp/exclusions/c/Language3.qll | 42 ++++++++++++++++++ .../cpp/exclusions/c/RuleMetadata.qll | 3 ++ rule_packages/c/Language3.json | 44 +++++++++++++++++++ 8 files changed, 119 insertions(+), 8 deletions(-) create mode 100644 c/misra/src/rules/RULE-1-3/OccurrenceOfUndefinedBehavior.ql create mode 100644 c/misra/test/rules/RULE-1-3/OccurrenceOfUndefinedBehavior.expected create mode 100644 c/misra/test/rules/RULE-1-3/OccurrenceOfUndefinedBehavior.qlref create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/Language3.qll create mode 100644 rule_packages/c/Language3.json diff --git a/.vscode/tasks.json b/.vscode/tasks.json index eed07a49b3..7beb906f11 100644 --- a/.vscode/tasks.json +++ b/.vscode/tasks.json @@ -223,6 +223,7 @@ "Lambdas", "Language1", "Language2", + "Language3", "Literals", "Loops", "Macros", diff --git a/c/misra/src/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql b/c/misra/src/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql index 662b20d330..da7b7918aa 100644 --- a/c/misra/src/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql +++ b/c/misra/src/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql @@ -1,22 +1,21 @@ /** * @id c/misra/language-extensions-should-not-be-used * @name RULE-1-2: Language extensions should not be used - * @description Language extensions can have inconsistent behavior and should not be used. + * @description Language extensions are not portable to other compilers and should not be used. * @kind problem * @precision high * @problem.severity error * @tags external/misra/id/rule-1-2 * maintainability * readability - * correctness * external/misra/obligation/advisory */ - -import cpp -import codingstandards.c.misra -import codingstandards.c.Extensions + import cpp + import codingstandards.c.misra + import codingstandards.c.Extensions from CCompilerExtension e where - not isExcluded(e, Language2Package::languageExtensionsShouldNotBeUsedQuery()) -select e, "Is a compiler extension and is not portable to other compilers." + not isExcluded(e, Language3Package::languageExtensionsShouldNotBeUsedQuery()) + select e, "Is a compiler extension and is not portable to other compilers." + diff --git a/c/misra/src/rules/RULE-1-3/OccurrenceOfUndefinedBehavior.ql b/c/misra/src/rules/RULE-1-3/OccurrenceOfUndefinedBehavior.ql new file mode 100644 index 0000000000..a00d207d65 --- /dev/null +++ b/c/misra/src/rules/RULE-1-3/OccurrenceOfUndefinedBehavior.ql @@ -0,0 +1,20 @@ +/** + * @id c/misra/occurrence-of-undefined-behavior + * @name RULE-1-3: There shall be no occurrence of undefined or critical unspecified behavior + * @description Relying on undefined or unspecified behavior can result in unreliable programs. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/misra/id/rule-1-3 + * maintainability + * readability + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra + +from +where + not isExcluded(x, Language3Package::occurrenceOfUndefinedBehaviorQuery()) and +select diff --git a/c/misra/test/rules/RULE-1-3/OccurrenceOfUndefinedBehavior.expected b/c/misra/test/rules/RULE-1-3/OccurrenceOfUndefinedBehavior.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/RULE-1-3/OccurrenceOfUndefinedBehavior.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-1-3/OccurrenceOfUndefinedBehavior.qlref b/c/misra/test/rules/RULE-1-3/OccurrenceOfUndefinedBehavior.qlref new file mode 100644 index 0000000000..b579db05b1 --- /dev/null +++ b/c/misra/test/rules/RULE-1-3/OccurrenceOfUndefinedBehavior.qlref @@ -0,0 +1 @@ +rules/RULE-1-3/OccurrenceOfUndefinedBehavior.ql \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Language3.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Language3.qll new file mode 100644 index 0000000000..fe057f3b00 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Language3.qll @@ -0,0 +1,42 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype Language3Query = + TLanguageExtensionsShouldNotBeUsedQuery() or + TOccurrenceOfUndefinedBehaviorQuery() + +predicate isLanguage3QueryMetadata(Query query, string queryId, string ruleId) { + query = + // `Query` instance for the `languageExtensionsShouldNotBeUsed` query + Language3Package::languageExtensionsShouldNotBeUsedQuery() and + queryId = + // `@id` for the `languageExtensionsShouldNotBeUsed` query + "c/misra/language-extensions-should-not-be-used" and + ruleId = "RULE-1-2" + or + query = + // `Query` instance for the `occurrenceOfUndefinedBehavior` query + Language3Package::occurrenceOfUndefinedBehaviorQuery() and + queryId = + // `@id` for the `occurrenceOfUndefinedBehavior` query + "c/misra/occurrence-of-undefined-behavior" and + ruleId = "RULE-1-3" +} + +module Language3Package { + Query languageExtensionsShouldNotBeUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `languageExtensionsShouldNotBeUsed` query + TQueryC(TLanguage3PackageQuery(TLanguageExtensionsShouldNotBeUsedQuery())) + } + + Query occurrenceOfUndefinedBehaviorQuery() { + //autogenerate `Query` type + result = + // `Query` type for `occurrenceOfUndefinedBehavior` query + TQueryC(TLanguage3PackageQuery(TOccurrenceOfUndefinedBehaviorQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index 69fc7d2d07..25fd3c682a 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -22,6 +22,7 @@ import IO3 import IO4 import Language1 import Language2 +import Language3 import Misc import Pointers1 import Pointers2 @@ -59,6 +60,7 @@ newtype TCQuery = TIO4PackageQuery(IO4Query q) or TLanguage1PackageQuery(Language1Query q) or TLanguage2PackageQuery(Language2Query q) or + TLanguage3PackageQuery(Language3Query q) or TMiscPackageQuery(MiscQuery q) or TPointers1PackageQuery(Pointers1Query q) or TPointers2PackageQuery(Pointers2Query q) or @@ -96,6 +98,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId) { isIO4QueryMetadata(query, queryId, ruleId) or isLanguage1QueryMetadata(query, queryId, ruleId) or isLanguage2QueryMetadata(query, queryId, ruleId) or + isLanguage3QueryMetadata(query, queryId, ruleId) or isMiscQueryMetadata(query, queryId, ruleId) or isPointers1QueryMetadata(query, queryId, ruleId) or isPointers2QueryMetadata(query, queryId, ruleId) or diff --git a/rule_packages/c/Language3.json b/rule_packages/c/Language3.json new file mode 100644 index 0000000000..1c537fa667 --- /dev/null +++ b/rule_packages/c/Language3.json @@ -0,0 +1,44 @@ +{ + "MISRA-C-2012": { + "RULE-1-2": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "Language extensions are not portable to other compilers and should not be used.", + "kind": "problem", + "name": "Language extensions should not be used", + "precision": "high", + "severity": "error", + "short_name": "LanguageExtensionsShouldNotBeUsed", + "tags": [ + "maintainability", + "readability" + ] + } + ], + "title": "Language extensions should not be used" + }, + "RULE-1-3": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Relying on undefined or unspecified behavior can result in unreliable programs.", + "kind": "problem", + "name": "There shall be no occurrence of undefined or critical unspecified behavior", + "precision": "high", + "severity": "error", + "short_name": "OccurrenceOfUndefinedBehavior", + "tags": [ + "maintainability", + "readability" + ] + } + ], + "title": "There shall be no occurrence of undefined or critical unspecified behavior" + } + } +} \ No newline at end of file From def08936de334f90de17397c7fac1c7643eb0ff0 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 22 Mar 2023 10:36:11 -0400 Subject: [PATCH 0808/2573] update --- .../cpp/exclusions/c/Language2.qll | 16 ---------------- 1 file changed, 16 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Language2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Language2.qll index 9d270d34be..0217551e59 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Language2.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Language2.qll @@ -5,7 +5,6 @@ import codingstandards.cpp.exclusions.RuleMetadata newtype Language2Query = TUsageOfAssemblyLanguageShouldBeDocumentedQuery() or - TLanguageExtensionsShouldNotBeUsedQuery() or TEmergentLanguageFeaturesUsedQuery() predicate isLanguage2QueryMetadata(Query query, string queryId, string ruleId) { @@ -17,14 +16,6 @@ predicate isLanguage2QueryMetadata(Query query, string queryId, string ruleId) { "c/misra/usage-of-assembly-language-should-be-documented" and ruleId = "DIR-4-2" or - query = - // `Query` instance for the `languageExtensionsShouldNotBeUsed` query - Language2Package::languageExtensionsShouldNotBeUsedQuery() and - queryId = - // `@id` for the `languageExtensionsShouldNotBeUsed` query - "c/misra/language-extensions-should-not-be-used" and - ruleId = "RULE-1-2" - or query = // `Query` instance for the `emergentLanguageFeaturesUsed` query Language2Package::emergentLanguageFeaturesUsedQuery() and @@ -42,13 +33,6 @@ module Language2Package { TQueryC(TLanguage2PackageQuery(TUsageOfAssemblyLanguageShouldBeDocumentedQuery())) } - Query languageExtensionsShouldNotBeUsedQuery() { - //autogenerate `Query` type - result = - // `Query` type for `languageExtensionsShouldNotBeUsed` query - TQueryC(TLanguage2PackageQuery(TLanguageExtensionsShouldNotBeUsedQuery())) - } - Query emergentLanguageFeaturesUsedQuery() { //autogenerate `Query` type result = From 8aee471a43bd112fa26c45f417f93801c677b21b Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 22 Mar 2023 10:37:14 -0400 Subject: [PATCH 0809/2573] formatting --- c/common/src/codingstandards/c/Extensions.qll | 7 ++++--- .../RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql | 13 ++++++------- cpp/common/src/codingstandards/cpp/Extensions.qll | 13 ++++++++++--- 3 files changed, 20 insertions(+), 13 deletions(-) diff --git a/c/common/src/codingstandards/c/Extensions.qll b/c/common/src/codingstandards/c/Extensions.qll index fbadda35a5..7eb7b33c57 100644 --- a/c/common/src/codingstandards/c/Extensions.qll +++ b/c/common/src/codingstandards/c/Extensions.qll @@ -2,7 +2,7 @@ import cpp import codingstandards.cpp.Extensions /** - * Common base class for modeling compiler extensions. + * Common base class for modeling compiler extensions. */ abstract class CCompilerExtension extends CompilerExtension { } @@ -69,7 +69,7 @@ class CFunctionLikeExtension extends CCompilerExtension, AlignofExprOperator { } // Reference: https://gcc.gnu.org/onlinedocs/gcc/Statement-Exprs.html#Statement-Exprs -class CStmtExprExtension extends CCompilerExtension, StmtExpr {} +class CStmtExprExtension extends CCompilerExtension, StmtExpr { } // Use of ternary like the following: `int a = 0 ?: 0;` where the // one of the branches is omitted @@ -88,8 +88,9 @@ class CRealTypeExtensionExtension extends CCompilerExtension, RealNumberType { this instanceof Float128Type } } + // Reference: https://gcc.gnu.org/onlinedocs/gcc/_005f_005fint128.html#g_t_005f_005fint128 -class CIntegerTypeExtension extends CCompilerExtension, Int128Type {} +class CIntegerTypeExtension extends CCompilerExtension, Int128Type { } class CZeroLengthArraysExtension extends CCompilerExtension, DeclarationEntry { CZeroLengthArraysExtension() { getType().(ArrayType).getArraySize() = 0 } diff --git a/c/misra/src/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql b/c/misra/src/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql index da7b7918aa..f38e41a1b6 100644 --- a/c/misra/src/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql +++ b/c/misra/src/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql @@ -10,12 +10,11 @@ * readability * external/misra/obligation/advisory */ - import cpp - import codingstandards.c.misra - import codingstandards.c.Extensions -from CCompilerExtension e -where - not isExcluded(e, Language3Package::languageExtensionsShouldNotBeUsedQuery()) - select e, "Is a compiler extension and is not portable to other compilers." +import cpp +import codingstandards.c.misra +import codingstandards.c.Extensions +from CCompilerExtension e +where not isExcluded(e, Language3Package::languageExtensionsShouldNotBeUsedQuery()) +select e, "Is a compiler extension and is not portable to other compilers." diff --git a/cpp/common/src/codingstandards/cpp/Extensions.qll b/cpp/common/src/codingstandards/cpp/Extensions.qll index 5ab04257bf..5ca6cea4f6 100644 --- a/cpp/common/src/codingstandards/cpp/Extensions.qll +++ b/cpp/common/src/codingstandards/cpp/Extensions.qll @@ -1,4 +1,11 @@ -import cpp +import cpp -abstract class CompilerExtension extends Locatable {} -abstract class CPPCompilerExtension extends CompilerExtension {} \ No newline at end of file +/** + * Common base class for modeling compiler extensions. + */ +abstract class CompilerExtension extends Locatable { } + +/** + * Common base class for modeling compiler extensions in CPP. + */ +abstract class CPPCompilerExtension extends CompilerExtension { } From fa8c05c484fa38d3a5d2a158184fd1796dc4bb96 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 22 Mar 2023 11:39:33 -0400 Subject: [PATCH 0810/2573] much typing --- c/common/src/codingstandards/c/Extensions.qll | 24 ++- ...LanguageExtensionsShouldNotBeUsed.expected | 52 ++++- c/misra/test/rules/RULE-1-2/options | 1 + c/misra/test/rules/RULE-1-2/test.c | 179 +++++++++++------- rule_packages/c/Language3.json | 5 +- 5 files changed, 179 insertions(+), 82 deletions(-) create mode 100644 c/misra/test/rules/RULE-1-2/options diff --git a/c/common/src/codingstandards/c/Extensions.qll b/c/common/src/codingstandards/c/Extensions.qll index 7eb7b33c57..018359586e 100644 --- a/c/common/src/codingstandards/c/Extensions.qll +++ b/c/common/src/codingstandards/c/Extensions.qll @@ -80,17 +80,24 @@ class CTerseTernaryExtension extends CCompilerExtension, ConditionalExpr { // Reference: https://gcc.gnu.org/onlinedocs/gcc/_005f_005fint128.html#g_t_005f_005fint128 // Reference: https://gcc.gnu.org/onlinedocs/gcc/Decimal-Float.html#Decimal-Float -class CRealTypeExtensionExtension extends CCompilerExtension, RealNumberType { +class CRealTypeExtensionExtension extends CCompilerExtension, DeclarationEntry { CRealTypeExtensionExtension() { - this instanceof Decimal128Type or - this instanceof Decimal32Type or - this instanceof Decimal64Type or - this instanceof Float128Type + getType() instanceof Decimal128Type or + getType() instanceof Decimal32Type or + getType() instanceof Decimal64Type or + getType() instanceof Float128Type } } // Reference: https://gcc.gnu.org/onlinedocs/gcc/_005f_005fint128.html#g_t_005f_005fint128 -class CIntegerTypeExtension extends CCompilerExtension, Int128Type { } +class CIntegerTypeExtension extends CCompilerExtension, DeclarationEntry { + CIntegerTypeExtension() { getType() instanceof Int128Type } +} + +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Long-Long.html#Long-Long +class CLongLongType extends CCompilerExtension, DeclarationEntry { + CLongLongType() { getType() instanceof LongLongType } +} class CZeroLengthArraysExtension extends CCompilerExtension, DeclarationEntry { CZeroLengthArraysExtension() { getType().(ArrayType).getArraySize() = 0 } @@ -103,5 +110,8 @@ class CEmptyStructExtension extends CCompilerExtension, Struct { // Reference: https://gcc.gnu.org/onlinedocs/gcc/Variable-Length.html#Variable-Length class CVariableLengthArraysExtension extends CCompilerExtension, DeclarationEntry { - CVariableLengthArraysExtension() { not getType().(ArrayType).hasArraySize() } + CVariableLengthArraysExtension() { + getType() instanceof ArrayType and + not getType().(ArrayType).hasArraySize() + } } diff --git a/c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.expected b/c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.expected index 2ec1a0ac6c..f9f034c980 100644 --- a/c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.expected +++ b/c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.expected @@ -1 +1,51 @@ -No expected results have yet been specified \ No newline at end of file +| test.c:34:1:34:23 | #define A __BASE_FILE__ | Is a compiler extension and is not portable to other compilers. | +| test.c:35:1:35:23 | #define B __FILE_NAME__ | Is a compiler extension and is not portable to other compilers. | +| test.c:36:1:36:21 | #define C __COUNTER__ | Is a compiler extension and is not portable to other compilers. | +| test.c:37:1:37:27 | #define D __INCLUDE_LEVEL__ | Is a compiler extension and is not portable to other compilers. | +| test.c:39:1:39:19 | #define F __clang__ | Is a compiler extension and is not portable to other compilers. | +| test.c:40:1:40:25 | #define G __clang_major__ | Is a compiler extension and is not portable to other compilers. | +| test.c:41:1:41:25 | #define H __clang_minor__ | Is a compiler extension and is not portable to other compilers. | +| test.c:42:1:42:30 | #define I __clang_patchlevel__ | Is a compiler extension and is not portable to other compilers. | +| test.c:43:1:43:27 | #define J __clang_version__ | Is a compiler extension and is not portable to other compilers. | +| test.c:44:1:44:36 | #define K __clang_literal_encoding__ | Is a compiler extension and is not portable to other compilers. | +| test.c:45:1:45:41 | #define L __clang_wide_literal_encoding__ | Is a compiler extension and is not portable to other compilers. | +| test.c:53:33:53:43 | vector_size | Is a compiler extension and is not portable to other compilers. | +| test.c:54:33:54:47 | vector_size | Is a compiler extension and is not portable to other compilers. | +| test.c:55:37:55:51 | ext_vector_type | Is a compiler extension and is not portable to other compilers. | +| test.c:56:37:56:51 | ext_vector_type | Is a compiler extension and is not portable to other compilers. | +| test.c:61:3:69:4 | (statement expression) | Is a compiler extension and is not portable to other compilers. | +| test.c:96:3:96:18 | call to __builtin_setjmp | Is a compiler extension and is not portable to other compilers. | +| test.c:97:3:97:19 | call to __builtin_longjmp | Is a compiler extension and is not portable to other compilers. | +| test.c:113:11:113:16 | ... ? ... : ... | Is a compiler extension and is not portable to other compilers. | +| test.c:124:12:124:12 | definition of a | Is a compiler extension and is not portable to other compilers. | +| test.c:128:17:128:17 | definition of a | Is a compiler extension and is not portable to other compilers. | +| test.c:165:8:165:15 | definition of contents | Is a compiler extension and is not portable to other compilers. | +| test.c:182:8:182:11 | gf19 | Is a compiler extension and is not portable to other compilers. | +| test.c:214:33:214:35 | declaration of out | Is a compiler extension and is not portable to other compilers. | +| test.c:215:25:215:26 | declaration of in | Is a compiler extension and is not portable to other compilers. | +| test.c:268:16:268:21 | access | Is a compiler extension and is not portable to other compilers. | +| test.c:271:27:271:31 | alias | Is a compiler extension and is not portable to other compilers. | +| test.c:274:23:274:29 | aligned | Is a compiler extension and is not portable to other compilers. | +| test.c:285:25:285:34 | deprecated | Is a compiler extension and is not portable to other compilers. | +| test.c:297:20:297:30 | fallthrough | Is a compiler extension and is not portable to other compilers. | +| test.c:321:3:321:22 | alignof() | Is a compiler extension and is not portable to other compilers. | +| test.c:340:3:340:31 | call to __builtin_extract_return_addr | Is a compiler extension and is not portable to other compilers. | +| test.c:341:3:341:28 | call to __builtin_frob_return_addr | Is a compiler extension and is not portable to other compilers. | +| test.c:342:3:342:25 | call to __builtin_frame_address | Is a compiler extension and is not portable to other compilers. | +| test.c:363:3:363:22 | call to __sync_fetch_and_add_4 | Is a compiler extension and is not portable to other compilers. | +| test.c:364:3:364:22 | call to __sync_fetch_and_sub_4 | Is a compiler extension and is not portable to other compilers. | +| test.c:365:3:365:21 | call to __sync_fetch_and_or_4 | Is a compiler extension and is not portable to other compilers. | +| test.c:366:3:366:22 | call to __sync_fetch_and_and_4 | Is a compiler extension and is not portable to other compilers. | +| test.c:367:3:367:22 | call to __sync_fetch_and_xor_4 | Is a compiler extension and is not portable to other compilers. | +| test.c:368:3:368:23 | call to __sync_fetch_and_nand_4 | Is a compiler extension and is not portable to other compilers. | +| test.c:369:3:369:22 | call to __sync_add_and_fetch_4 | Is a compiler extension and is not portable to other compilers. | +| test.c:370:3:370:22 | call to __sync_sub_and_fetch_4 | Is a compiler extension and is not portable to other compilers. | +| test.c:371:3:371:21 | call to __sync_or_and_fetch_4 | Is a compiler extension and is not portable to other compilers. | +| test.c:372:3:372:22 | call to __sync_and_and_fetch_4 | Is a compiler extension and is not portable to other compilers. | +| test.c:373:3:373:22 | call to __sync_xor_and_fetch_4 | Is a compiler extension and is not portable to other compilers. | +| test.c:374:3:374:23 | call to __sync_nand_and_fetch_4 | Is a compiler extension and is not portable to other compilers. | +| test.c:376:3:376:30 | call to __sync_bool_compare_and_swap_4 | Is a compiler extension and is not portable to other compilers. | +| test.c:377:3:377:29 | call to __sync_val_compare_and_swap_4 | Is a compiler extension and is not portable to other compilers. | +| test.c:378:3:378:26 | call to __sync_lock_test_and_set_4 | Is a compiler extension and is not portable to other compilers. | +| test.c:379:3:379:21 | call to __sync_lock_release_4 | Is a compiler extension and is not portable to other compilers. | +| test.c:407:3:407:18 | call to __builtin_alloca | Is a compiler extension and is not portable to other compilers. | diff --git a/c/misra/test/rules/RULE-1-2/options b/c/misra/test/rules/RULE-1-2/options new file mode 100644 index 0000000000..ea7b68755d --- /dev/null +++ b/c/misra/test/rules/RULE-1-2/options @@ -0,0 +1 @@ +semmle-extractor-options:--clang -fhonor-infinity -std=c11 --edg --diag_error=implicit_func_decl -nostdinc -I../../../../common/test/includes/standard-library diff --git a/c/misra/test/rules/RULE-1-2/test.c b/c/misra/test/rules/RULE-1-2/test.c index 435f366ff8..367570f7e7 100644 --- a/c/misra/test/rules/RULE-1-2/test.c +++ b/c/misra/test/rules/RULE-1-2/test.c @@ -1,7 +1,3 @@ -// semmle-extractor-options:--clang -fhonor-infinity -std=c11 --edg --diag_error=implicit_func_decl -nostdinc -I../../../../common/test/includes/standard-library - -// do it on a translation unit -- flag first line - #include #include // Note: Clang aims to support both clang and gcc extensions. @@ -9,28 +5,29 @@ // - https://clang.llvm.org/docs/LanguageExtensions.html // - https://gcc.gnu.org/onlinedocs/gcc/C-Extensions.html -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Other-Builtins.html#Other-Builtins -#ifdef __has_builtin // NON_COMPLIANT +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Other-Builtins.html#Other-Builtins +#ifdef __has_builtin // NON_COMPLIANT[FALSE_NEGATIVE] #endif -#ifdef __has_constexpr_builtin // NON_COMPLIANT +#ifdef __has_constexpr_builtin // NON_COMPLIANT[FALSE_NEGATIVE] #endif -#ifdef __has_feature // NON_COMPLIANT +#ifdef __has_feature // NON_COMPLIANT[FALSE_NEGATIVE] #endif -#ifdef __has_extension // NON_COMPLIANT +#ifdef __has_extension // NON_COMPLIANT[FALSE_NEGATIVE] #endif -#ifdef __has_c_attribute // NON_COMPLIANT +#ifdef __has_c_attribute // NON_COMPLIANT[FALSE_NEGATIVE] #endif -#ifdef __has_attribute // NON_COMPLIANT +#ifdef __has_attribute // NON_COMPLIANT[FALSE_NEGATIVE] #endif -#ifdef __has_declspec_attribute // NON_COMPLIANT +#ifdef __has_declspec_attribute // NON_COMPLIANT[FALSE_NEGATIVE] #endif -#ifdef __is_identifier // NON_COMPLIANT +#ifdef __is_identifier // NON_COMPLIANT[FALSE_NEGATIVE] #endif -#ifdef __has_include // NON_COMPLIANT +#ifdef __has_include // NON_COMPLIANT[FALSE_NEGATIVE] #endif -#ifdef __has_include_next // NON_COMPLIANT +#ifdef __has_include_next // NON_COMPLIANT[FALSE_NEGATIVE] #endif -#ifdef __has_warning // NON_COMPLIANT +#ifdef __has_warning // NON_COMPLIANT[FALSE_NEGATIVE] #endif // Reference: https://clang.llvm.org/docs/LanguageExtensions.html#builtin-macros @@ -51,18 +48,19 @@ // typedef __attribute__((neon_vector_type(8))) int8_t int8x8_t; // typedef __attribute__((neon_polyvector_type(16))) poly8_t poly8x16_t; -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Variable-Attributes.html#Variable-Attributes +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Variable-Attributes.html#Variable-Attributes typedef int int4 __attribute__((vector_size(4 * sizeof(int)))); // NON_COMPLIANT -typedef int v4si __attribute__((__vector_size__(16))); // NON_COMPLIANT -typedef float float4 __attribute__((ext_vector_type(4))); // NON_COMPLIANT -typedef float float2 __attribute__((ext_vector_type(2))); // NON_COMPLIANT - +typedef int v4si __attribute__((__vector_size__(16))); // NON_COMPLIANT +typedef float float4 __attribute__((ext_vector_type(4))); // NON_COMPLIANT +typedef float float2 __attribute__((ext_vector_type(2))); // NON_COMPLIANT -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Statement-Exprs.html#Statement-Exprs +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Statement-Exprs.html#Statement-Exprs void gf1() { ({ // NON_COMPLIANT int y = 1; - int z; + int z; if (y > 0) z = y; else @@ -73,36 +71,41 @@ void gf1() { // Reference: https://gcc.gnu.org/onlinedocs/gcc/Local-Labels.html#Local-Labels void gf2() { - // __label__ found; // NON_COMPLIANT[FALSE_NEGATIVE] -- local labels not supported by clang + // __label__ found; // NON_COMPLIANT[FALSE_NEGATIVE] -- local labels not + // supported by clang } -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Labels-as-Values.html#Labels-as-Values +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Labels-as-Values.html#Labels-as-Values void gf3() { void *ptr; // goto *ptr; // NON_COMPLIANT[FALSE_NEGATIVE] -- not supported in clang } -// Referfence: https://gcc.gnu.org/onlinedocs/gcc/Nested-Functions.html#Nested-Functions +// Referfence: +// https://gcc.gnu.org/onlinedocs/gcc/Nested-Functions.html#Nested-Functions void gf4() { // void gf4a(){ // NON_COMPLIANT[FALSE_NEGATIVE] -- not supported in clang // // } } -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Nonlocal-Gotos.html#Nonlocal-Gotos +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Nonlocal-Gotos.html#Nonlocal-Gotos void gf5() { __builtin_setjmp(0); // NON_COMPLIANT __builtin_longjmp(0, 1); // NON_COMPLIANT } -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Constructing-Calls.html#Constructing-Calls +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Constructing-Calls.html#Constructing-Calls void gf6() { // not supported by clang - //__builtin_apply_args(); // NON_COMPLIANT[FALSE_NEGATIVE] - //__builtin_apply(0, 0, 0); // NON_COMPLIANT[FALSE_NEGATIVE] - //__builtin_return(0); // NON_COMPLIANT[FALSE_NEGATIVE] - //__builtin_va_arg_pack(); // NON_COMPLIANT[FALSE_NEGATIVE] - //__builtin_va_arg_pack_len(); // NON_COMPLIANT[FALSE_NEGATIVE] + //__builtin_apply_args(); // NON_COMPLIANT[FALSE_NEGATIVE] + //__builtin_apply(0, 0, 0); // NON_COMPLIANT[FALSE_NEGATIVE] + //__builtin_return(0); // NON_COMPLIANT[FALSE_NEGATIVE] + //__builtin_va_arg_pack(); // NON_COMPLIANT[FALSE_NEGATIVE] + //__builtin_va_arg_pack_len(); // NON_COMPLIANT[FALSE_NEGATIVE] } // Reference: https://gcc.gnu.org/onlinedocs/gcc/Conditionals.html#Conditionals @@ -115,7 +118,8 @@ void gf8() { typeof(int *); // NON_COMPLIANT[FALSE_NEGATIVE] } -// Reference: https://gcc.gnu.org/onlinedocs/gcc/_005f_005fint128.html#g_t_005f_005fint128 +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/_005f_005fint128.html#g_t_005f_005fint128 void gf9() { __int128 a; // NON_COMPLIANT } @@ -132,8 +136,10 @@ void gf11() { void gf12() {} -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Floating-Types.html#Floating-Types -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Decimal-Float.html#Decimal-Float +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Floating-Types.html#Floating-Types +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Decimal-Float.html#Decimal-Float void gf13() { // not supported on clang //_Decimal32 a; // NON_COMPLIANT[FALSE_NEGATIVE] @@ -144,8 +150,9 @@ void gf13() { // Reference: https://gcc.gnu.org/onlinedocs/gcc/Complex.html#Complex void gf14() { // Do not work in clang - // typedef _Complex float __attribute__((mode(TC))) _Complex128; // NON_COMPLIANT[FALSE_NEGATIVE] - // typedef _Complex float __attribute__((mode(XC))) _Complex80; // NON_COMPLIANT[FALSE_NEGATIVE] + // typedef _Complex float __attribute__((mode(TC))) _Complex128; // + // NON_COMPLIANT[FALSE_NEGATIVE] typedef _Complex float + // __attribute__((mode(XC))) _Complex80; // NON_COMPLIANT[FALSE_NEGATIVE] } // Reference: https://gcc.gnu.org/onlinedocs/gcc/Hex-Floats.html#Hex-Floats @@ -158,35 +165,42 @@ void gf16() { char contents[0]; // NON_COMPLIANT } -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Named-Address-Spaces.html#Named-Address-Spaces +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Named-Address-Spaces.html#Named-Address-Spaces void gf17() { - // const __flash char ** p; // NON_COMPLIANT[FALSE_NEGATIVE] -- not supported in clang + // const __flash char ** p; // NON_COMPLIANT[FALSE_NEGATIVE] -- not supported + // in clang } void gf18() { // not supported by extractor - checked by looking for flags. // short _Fract, _Fract; // NON_COMPLIANT[FALSE_NEGATIVE] - - // long _Fract; // NON_COMPLIANT[FALSE_NEGATIVE] + // long _Fract; // NON_COMPLIANT[FALSE_NEGATIVE] } struct gf19 {}; // NON_COMPLIANT -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Variable-Length.html#Variable-Length +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Variable-Length.html#Variable-Length void gf20(int n) { - // struct S { int x[n]; }; // NON_COMPLIANT[FALSE_NEGATIVE] - will never be supported in clang + // struct S { int x[n]; }; // NON_COMPLIANT[FALSE_NEGATIVE] - will never be + // supported in clang } -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Variadic-Macros.html#Variadic-Macros +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Variadic-Macros.html#Variadic-Macros #define gf21(format, args...) \ - printf(format, args) // NON_COMPLIANT // NON_COMPLIANT[FALSE_NEGATIVE] -- note the issue here is explicitly - // naming the arguments. + printf(format, args) // NON_COMPLIANT[FALSE_NEGATIVE] -- note + // the issue here is explicitly naming the arguments. #define gf21a(format, ...) printf(format, __VA_ARGS__) // COMPLIANT -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Escaped-Newlines.html#Escaped-Newlines +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Escaped-Newlines.html#Escaped-Newlines #define gf22 \ "a" \ \ -"b" // NON_COMPLIANT[FALSE_NEGATIVE] - additional spaces after a backslash -- stripped by extractor +"b" // NON_COMPLIANT[FALSE_NEGATIVE] - additional spaces after a backslash -- + // stripped by extractor #define gf22a \ "a" \ "b" // COMPLIANT @@ -195,8 +209,10 @@ void gf24(int f, int g) { float beat_freqs[2] = {f - g, f + g}; // NON_COMPLIANT } -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Variable-Length.html#Variable-Length -void gf25t(int N, int M, double out[M][N], const double in[N][M]); // NON_COMPLIANT[FALSE_NEGATIVE] +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Variable-Length.html#Variable-Length +void gf25t(int N, int M, double out[M][N], // NON_COMPLIANT + const double in[N][M]); // NON_COMPLIANT void gf25() { double x[3][2]; double y[2][3]; @@ -205,20 +221,23 @@ void gf25() { // to the element type of the array and not the array itself } -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Compound-Literals.html#Compound-Literals +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Compound-Literals.html#Compound-Literals struct gf26t { int a; char b[2]; } gf26v; void gf26(int x, int y) { - gf26v = ((struct gf26t){x + y, 'z', 0}); // NON_COMPLIANT[FALSE_NEGATIVE] - compound literal + gf26v = ((struct gf26t){ + x + y, 'z', 0}); // NON_COMPLIANT[FALSE_NEGATIVE] - compound literal } // Reference: https://gcc.gnu.org/onlinedocs/gcc/Case-Ranges.html#Case-Ranges void gf28() { int a; // switch(a){ - // case: 0 ... 5: // NON_COMPLIANT[FALSE_NEGATIVE] - Not supported in clang. + // case: 0 ... 5: // NON_COMPLIANT[FALSE_NEGATIVE] - Not supported in + // clang. // ;; // break; // default: @@ -232,7 +251,8 @@ union gf29u { double j; }; -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Cast-to-Union.html#Cast-to-Union +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Cast-to-Union.html#Cast-to-Union void gf29() { int x; int y; @@ -241,10 +261,12 @@ void gf29() { z = (union gf29u)y; // NON_COMPLIANT[FALSE_NEGATIVE] } -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Variable-Attributes.html#Variable-Attributes -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Function-Attributes.html#Function-Attributes -__attribute__((access(read_only, 1))) -int gf30(const char *); // NON_COMPLIANT -- attributes are not portable. +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Variable-Attributes.html#Variable-Attributes +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Function-Attributes.html#Function-Attributes +__attribute__((access(read_only, 1))) int +gf30(const char *); // NON_COMPLIANT -- attributes are not portable. extern int __attribute__((alias("var_target"))) gf31; // NON_COMPLIANT -- attributes are not portable. @@ -266,7 +288,8 @@ enum gf34 { void gf35() { int x; - // __attribute__((assume(x == 42))); // NON_COMPLIANT[FALSE_NEGATIVE] - Not supported in clang + // __attribute__((assume(x == 42))); // NON_COMPLIANT[FALSE_NEGATIVE] - Not + // supported in clang switch (x) { case 1: @@ -282,7 +305,8 @@ void gf37() { int a$1; // NON_COMPLIANT[FALSE_NEGATIVE] } -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Character-Escapes.html#Character-Escapes +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Character-Escapes.html#Character-Escapes void gf38() { const char *c = "test\e"; // NON_COMPLIANT[FALSE_NEGATIVE] } @@ -297,21 +321,25 @@ void gf39() { __alignof__(gf39v.x); // NON_COMPLIANT } -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Incomplete-Enums.html#Incomplete-Enums +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Incomplete-Enums.html#Incomplete-Enums // enum gf40 {}; // NON_COMPLIANT[FALSE_NEGATIVE] - not supported in clang -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Function-Names.html#Function-Names +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Function-Names.html#Function-Names void gf41() { - printf("__FUNCTION__ = %s\n", __FUNCTION__); // NON_COMPLIANT[FALSE_NEGATIVE] - printf("__PRETTY_FUNCTION__ = %s\n", __PRETTY_FUNCTION__); // NON_COMPLIANT[FALSE_NEGATIVE] + printf("__FUNCTION__ = %s\n", __FUNCTION__); // NON_COMPLIANT[FALSE_NEGATIVE] + printf("__PRETTY_FUNCTION__ = %s\n", + __PRETTY_FUNCTION__); // NON_COMPLIANT[FALSE_NEGATIVE] } // Reference: https://clang.llvm.org/docs/LanguageExtensions.html#builtin-macros -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Other-Builtins.html#Other-Builtins +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Other-Builtins.html#Other-Builtins void gf42() { __builtin_extract_return_addr(0); // NON_COMPLIANT - __builtin_frob_return_addr(0); // NON_COMPLIANT - __builtin_frame_address(0); // NON_COMPLIANT + __builtin_frob_return_addr(0); // NON_COMPLIANT + __builtin_frame_address(0); // NON_COMPLIANT } struct gf43s { @@ -328,7 +356,8 @@ struct gf44s { char y; } gf44v; -// Reference: https://gcc.gnu.org/onlinedocs/gcc/_005f_005fsync-Builtins.html#g_t_005f_005fsync-Builtins +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/_005f_005fsync-Builtins.html#g_t_005f_005fsync-Builtins void gf44() { int i; __sync_fetch_and_add(&i, 0); // NON_COMPLIANT @@ -350,7 +379,8 @@ void gf44() { __sync_lock_release(&i, 0); } -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Binary-constants.html#Binary-constants +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Binary-constants.html#Binary-constants void gf45() { int i = 0b101010; // NON_COMPLIANT[FALSE_NEGATIVE] } @@ -358,7 +388,8 @@ void gf45() { // Reference: https://gcc.gnu.org/onlinedocs/gcc/Thread-Local.html#Thread-Local __thread int gf46; // NON_COMPLIANT[FALSE_NEGATIVE] -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Unnamed-Fields.html#Unnamed-Fields +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Unnamed-Fields.html#Unnamed-Fields void gf47() { // NON_COMPLIANT in versions < C11. struct { int a; @@ -370,7 +401,9 @@ void gf47() { // NON_COMPLIANT in versions < C11. } f; } -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Other-Builtins.html#Other-Builtins -void gf48(){ - __builtin_alloca(0); // NON_COMPLIANT (all __builtin functions are non-compliant.) +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Other-Builtins.html#Other-Builtins +void gf48() { + __builtin_alloca( + 0); // NON_COMPLIANT (all __builtin functions are non-compliant.) } \ No newline at end of file diff --git a/rule_packages/c/Language3.json b/rule_packages/c/Language3.json index 1c537fa667..7c26ce920c 100644 --- a/rule_packages/c/Language3.json +++ b/rule_packages/c/Language3.json @@ -15,7 +15,10 @@ "tags": [ "maintainability", "readability" - ] + ], + "implementation_scope": { + "description": "This implementation attempts to cover a broad section of the compiler specific extensions documented in: https://clang.llvm.org/docs/LanguageExtensions.html and https://gcc.gnu.org/onlinedocs/gcc/C-Extensions.html but is not comprehensive. The following topics are addressed in this query: Builtin macros, Variable Attributes, Function Attributes, Statement Expressions, Non-Local Gotos, Conditionals, Extended Integer / Numeric Types, Zero Length Structures, Zero Length Arrays, Variable Length Arrays, Case Attributes, Alignment, __sync and __fetch builtins. Other topics listed in the extension references are not covered by this query." + } } ], "title": "Language extensions should not be used" From 192ff575411019f40a3e8b91ec6df61dba066d0f Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 22 Mar 2023 11:48:35 -0400 Subject: [PATCH 0811/2573] update --- .../RULE-1-2/LanguageExtensionsShouldNotBeUsed.qlref | 1 + .../src/codingstandards/cpp/exclusions/c/Language3.qll | 8 +++++--- .../src/codingstandards/cpp/exclusions/c/RuleMetadata.qll | 3 +++ 3 files changed, 9 insertions(+), 3 deletions(-) create mode 100644 c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.qlref diff --git a/c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.qlref b/c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.qlref new file mode 100644 index 0000000000..965c95be2c --- /dev/null +++ b/c/misra/test/rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.qlref @@ -0,0 +1 @@ +rules/RULE-1-2/LanguageExtensionsShouldNotBeUsed.ql \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Language3.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Language3.qll index fe057f3b00..836f8f7010 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Language3.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Language3.qll @@ -7,14 +7,15 @@ newtype Language3Query = TLanguageExtensionsShouldNotBeUsedQuery() or TOccurrenceOfUndefinedBehaviorQuery() -predicate isLanguage3QueryMetadata(Query query, string queryId, string ruleId) { +predicate isLanguage3QueryMetadata(Query query, string queryId, string ruleId, string category) { query = // `Query` instance for the `languageExtensionsShouldNotBeUsed` query Language3Package::languageExtensionsShouldNotBeUsedQuery() and queryId = // `@id` for the `languageExtensionsShouldNotBeUsed` query "c/misra/language-extensions-should-not-be-used" and - ruleId = "RULE-1-2" + ruleId = "RULE-1-2" and + category = "advisory" or query = // `Query` instance for the `occurrenceOfUndefinedBehavior` query @@ -22,7 +23,8 @@ predicate isLanguage3QueryMetadata(Query query, string queryId, string ruleId) { queryId = // `@id` for the `occurrenceOfUndefinedBehavior` query "c/misra/occurrence-of-undefined-behavior" and - ruleId = "RULE-1-3" + ruleId = "RULE-1-3" and + category = "required" } module Language3Package { diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index 9dfb52fb84..4a25016843 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -33,6 +33,7 @@ import IO4 import InvalidMemory1 import Language1 import Language2 +import Language3 import Memory1 import Misc import Pointers1 @@ -84,6 +85,7 @@ newtype TCQuery = TInvalidMemory1PackageQuery(InvalidMemory1Query q) or TLanguage1PackageQuery(Language1Query q) or TLanguage2PackageQuery(Language2Query q) or + TLanguage3PackageQuery(Language3Query q) or TMemory1PackageQuery(Memory1Query q) or TMiscPackageQuery(MiscQuery q) or TPointers1PackageQuery(Pointers1Query q) or @@ -135,6 +137,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isInvalidMemory1QueryMetadata(query, queryId, ruleId, category) or isLanguage1QueryMetadata(query, queryId, ruleId, category) or isLanguage2QueryMetadata(query, queryId, ruleId, category) or + isLanguage3QueryMetadata(query, queryId, ruleId, category) or isMemory1QueryMetadata(query, queryId, ruleId, category) or isMiscQueryMetadata(query, queryId, ruleId, category) or isPointers1QueryMetadata(query, queryId, ruleId, category) or From 73602b43338403718a1ae963f08866fbe5993e52 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 22 Mar 2023 11:55:40 -0400 Subject: [PATCH 0812/2573] Delete settings.json --- .vscode/settings.json | 5 ----- 1 file changed, 5 deletions(-) delete mode 100644 .vscode/settings.json diff --git a/.vscode/settings.json b/.vscode/settings.json deleted file mode 100644 index c6399d9b5e..0000000000 --- a/.vscode/settings.json +++ /dev/null @@ -1,5 +0,0 @@ -{ - "files.associations": { - "atomic": "c" - } -} \ No newline at end of file From c5821907fe313ac7689072581bcc193f5d1508d5 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 22 Mar 2023 11:56:02 -0400 Subject: [PATCH 0813/2573] Delete MatrixTestReport-gcc-cpp-2023-02-13_18-12-16.csv --- MatrixTestReport-gcc-cpp-2023-02-13_18-12-16.csv | 11 ----------- 1 file changed, 11 deletions(-) delete mode 100644 MatrixTestReport-gcc-cpp-2023-02-13_18-12-16.csv diff --git a/MatrixTestReport-gcc-cpp-2023-02-13_18-12-16.csv b/MatrixTestReport-gcc-cpp-2023-02-13_18-12-16.csv deleted file mode 100644 index 57c94fcdd3..0000000000 --- a/MatrixTestReport-gcc-cpp-2023-02-13_18-12-16.csv +++ /dev/null @@ -1,11 +0,0 @@ -"COMPILE_ERROR_OUTPUT","TEST_PASS","COMPILE_PASS","SUITE","TEST_DIFFERENCE","PACKAGE","RULE","QUERY" -"","True","True","AUTOSAR","","Toolchain","A1-1-2","CompilerWarningLevelNotInCompliance" -"","True","True","AUTOSAR","","Toolchain","A1-1-2","CompilerWarningLevelNotInCompliance" -"","True","True","AUTOSAR","","Toolchain","A1-1-2","CompilerWarningLevelNotInCompliance" -"","False","True","AUTOSAR","--- expected -+++ actual -@@ -1,1 +1,1 @@ --| test.cpp:0:0:0:0 | test.cpp | No warning-level options were used in the compilation of 'test.cpp'. | -+ -[1/1 eval 12.4s] FAILED(RESULT) /mnt/c/Projects/codeql-coding-standards/cpp/autosar/test/rules/A1-1-2.3/CompilerWarningLevelNotInCompliance.qlref -","Toolchain","A1-1-2","CompilerWarningLevelNotInCompliance" From 4148a57dd419347d05dd6b46868b85087811e4e3 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 22 Mar 2023 11:56:12 -0400 Subject: [PATCH 0814/2573] Delete MatrixTestReport-gcc-cpp-2023-02-13_18-18-12.csv --- MatrixTestReport-gcc-cpp-2023-02-13_18-18-12.csv | 11 ----------- 1 file changed, 11 deletions(-) delete mode 100644 MatrixTestReport-gcc-cpp-2023-02-13_18-18-12.csv diff --git a/MatrixTestReport-gcc-cpp-2023-02-13_18-18-12.csv b/MatrixTestReport-gcc-cpp-2023-02-13_18-18-12.csv deleted file mode 100644 index 3c4f1fc8a8..0000000000 --- a/MatrixTestReport-gcc-cpp-2023-02-13_18-18-12.csv +++ /dev/null @@ -1,11 +0,0 @@ -"TEST_DIFFERENCE","TEST_PASS","PACKAGE","SUITE","QUERY","RULE","COMPILE_ERROR_OUTPUT","COMPILE_PASS" -"","True","Toolchain","AUTOSAR","CompilerWarningLevelNotInCompliance","A1-1-2","","True" -"","True","Toolchain","AUTOSAR","CompilerWarningLevelNotInCompliance","A1-1-2","","True" -"","True","Toolchain","AUTOSAR","CompilerWarningLevelNotInCompliance","A1-1-2","","True" -"--- expected -+++ actual -@@ -1,1 +1,1 @@ --| test.cpp:0:0:0:0 | test.cpp | No warning-level options were used in the compilation of 'test.cpp'. | -+ -[1/1 eval 13.1s] FAILED(RESULT) /mnt/c/Projects/codeql-coding-standards/cpp/autosar/test/rules/A1-1-2.3/CompilerWarningLevelNotInCompliance.qlref -","False","Toolchain","AUTOSAR","CompilerWarningLevelNotInCompliance","A1-1-2","","True" From f2aeea5405877e99e7ed766fd166a2c69d5d760f Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 22 Mar 2023 17:06:42 -0400 Subject: [PATCH 0815/2573] 1-3 --- .../codingstandards/c/UndefinedBehavior.qll | 28 +++++++++++++++++++ .../RULE-1-3/OccurrenceOfUndefinedBehavior.ql | 8 +++--- .../OccurrenceOfUndefinedBehavior.expected | 6 +++- c/misra/test/rules/RULE-1-3/test.c | 25 +++++++++++++++++ .../codingstandards/cpp/UndefinedBehavior.qll | 6 ++++ rule_packages/c/Language3.json | 5 +++- 6 files changed, 72 insertions(+), 6 deletions(-) create mode 100644 c/common/src/codingstandards/c/UndefinedBehavior.qll create mode 100644 c/misra/test/rules/RULE-1-3/test.c create mode 100644 cpp/common/src/codingstandards/cpp/UndefinedBehavior.qll diff --git a/c/common/src/codingstandards/c/UndefinedBehavior.qll b/c/common/src/codingstandards/c/UndefinedBehavior.qll new file mode 100644 index 0000000000..49b1ee3e5e --- /dev/null +++ b/c/common/src/codingstandards/c/UndefinedBehavior.qll @@ -0,0 +1,28 @@ +import cpp +import codingstandards.cpp.UndefinedBehavior + +/** + * Library for modeling undefined behavior. + */ +abstract class CUndefinedBehavior extends UndefinedBehavior { } + +class C99MainFunction extends Function { + C99MainFunction() { + this.getNumberOfParameters() = 2 and + this.getType() instanceof IntType and + this.getParameter(0).getType() instanceof IntType and + this.getParameter(1).getType().(PointerType).getBaseType().(PointerType).getBaseType() + instanceof CharType + or + this.getNumberOfParameters() = 0 and + this.getType() instanceof VoidType + } +} + +class CUndefinedMainDefinition extends CUndefinedBehavior, Function { + CUndefinedMainDefinition() { + // for testing purposes, we use the prefix ____codeql_coding_standards` + (this.getName() = "main" or this.getName().indexOf("____codeql_coding_standards") = 0) and + not this instanceof C99MainFunction + } +} diff --git a/c/misra/src/rules/RULE-1-3/OccurrenceOfUndefinedBehavior.ql b/c/misra/src/rules/RULE-1-3/OccurrenceOfUndefinedBehavior.ql index a00d207d65..f6b295bd32 100644 --- a/c/misra/src/rules/RULE-1-3/OccurrenceOfUndefinedBehavior.ql +++ b/c/misra/src/rules/RULE-1-3/OccurrenceOfUndefinedBehavior.ql @@ -13,8 +13,8 @@ import cpp import codingstandards.c.misra +import codingstandards.c.UndefinedBehavior -from -where - not isExcluded(x, Language3Package::occurrenceOfUndefinedBehaviorQuery()) and -select +from CUndefinedBehavior c +where not isExcluded(c, Language3Package::occurrenceOfUndefinedBehaviorQuery()) +select c, "May result in undefined behavior." diff --git a/c/misra/test/rules/RULE-1-3/OccurrenceOfUndefinedBehavior.expected b/c/misra/test/rules/RULE-1-3/OccurrenceOfUndefinedBehavior.expected index 2ec1a0ac6c..68216d500f 100644 --- a/c/misra/test/rules/RULE-1-3/OccurrenceOfUndefinedBehavior.expected +++ b/c/misra/test/rules/RULE-1-3/OccurrenceOfUndefinedBehavior.expected @@ -1 +1,5 @@ -No expected results have yet been specified \ No newline at end of file +| test.c:8:6:8:35 | ____codeql_coding_standards_m2 | May result in undefined behavior. | +| test.c:11:5:11:34 | ____codeql_coding_standards_m3 | May result in undefined behavior. | +| test.c:15:5:15:34 | ____codeql_coding_standards_m4 | May result in undefined behavior. | +| test.c:19:5:19:34 | ____codeql_coding_standards_m5 | May result in undefined behavior. | +| test.c:23:5:23:34 | ____codeql_coding_standards_m6 | May result in undefined behavior. | diff --git a/c/misra/test/rules/RULE-1-3/test.c b/c/misra/test/rules/RULE-1-3/test.c new file mode 100644 index 0000000000..190cff4000 --- /dev/null +++ b/c/misra/test/rules/RULE-1-3/test.c @@ -0,0 +1,25 @@ +void main(void) { // COMPLIANT +} + +int ____codeql_coding_standards_m1(int argc, char **argv) { // NON_COMPLIANT + return 0; +} + +void ____codeql_coding_standards_m2(char *argc, char **argv) { // NON_COMPLIANT +} + +int ____codeql_coding_standards_m3(int argc, char *argv) { // NON_COMPLIANT + return 0; +} + +int ____codeql_coding_standards_m4() { // NON_COMPLIANT + return 0; +} + +int ____codeql_coding_standards_m5(int argc, int *argv) { // NON_COMPLIANT + return 0; +} + +int ____codeql_coding_standards_m6(int argc, int **argv) { // NON_COMPLIANT + return 0; +} diff --git a/cpp/common/src/codingstandards/cpp/UndefinedBehavior.qll b/cpp/common/src/codingstandards/cpp/UndefinedBehavior.qll new file mode 100644 index 0000000000..425ab32aec --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/UndefinedBehavior.qll @@ -0,0 +1,6 @@ +import cpp +/** + * Library for modeling undefined behavior. + */ +abstract class UndefinedBehavior extends Locatable {} +abstract class CPPUndefinedBehavior extends UndefinedBehavior {} diff --git a/rule_packages/c/Language3.json b/rule_packages/c/Language3.json index 7c26ce920c..e659debf1b 100644 --- a/rule_packages/c/Language3.json +++ b/rule_packages/c/Language3.json @@ -38,7 +38,10 @@ "tags": [ "maintainability", "readability" - ] + ], + "implementation_scope": { + "description": "This implementation only considers alternate forms of `main` and the undefined behavior that results. Additional cases from Appendix J of the C99 standard are not currently considered." + } } ], "title": "There shall be no occurrence of undefined or critical unspecified behavior" From 71eb2445d3f6a98f855f71b3fc14add37e260a9e Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 22 Mar 2023 22:30:07 +0000 Subject: [PATCH 0816/2573] Statements: Implement Rule 15.1 Adds a query to find uses of goto in the program. This was originally marked as compiler implemented, but even though it is true that the compiler can check this case we can still provide a query for it. --- .../src/rules/RULE-15-1/GotoStatementUsed.ql | 21 +++++++++++++++ .../RULE-15-1/GotoStatementUsed.expected | 1 + .../rules/RULE-15-1/GotoStatementUsed.qlref | 1 + c/misra/test/rules/RULE-15-1/test.c | 9 +++++++ .../cpp/exclusions/c/RuleMetadata.qll | 3 +++ .../cpp/exclusions/c/Statements6.qll | 26 +++++++++++++++++++ rule_packages/c/Statements6.json | 24 +++++++++++++++++ rules.csv | 2 +- 8 files changed, 86 insertions(+), 1 deletion(-) create mode 100644 c/misra/src/rules/RULE-15-1/GotoStatementUsed.ql create mode 100644 c/misra/test/rules/RULE-15-1/GotoStatementUsed.expected create mode 100644 c/misra/test/rules/RULE-15-1/GotoStatementUsed.qlref create mode 100644 c/misra/test/rules/RULE-15-1/test.c create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/Statements6.qll create mode 100644 rule_packages/c/Statements6.json diff --git a/c/misra/src/rules/RULE-15-1/GotoStatementUsed.ql b/c/misra/src/rules/RULE-15-1/GotoStatementUsed.ql new file mode 100644 index 0000000000..ddc85c305c --- /dev/null +++ b/c/misra/src/rules/RULE-15-1/GotoStatementUsed.ql @@ -0,0 +1,21 @@ +/** + * @id c/misra/goto-statement-used + * @name RULE-15-1: The goto statement should not be used + * @description The goto statement shall not be used. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-15-1 + * correctness + * security + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.c.misra + +from Stmt s +where + not isExcluded(s, Statements6Package::gotoStatementUsedQuery()) and + (s instanceof GotoStmt or s instanceof ComputedGotoStmt) +select s, "Use of goto." diff --git a/c/misra/test/rules/RULE-15-1/GotoStatementUsed.expected b/c/misra/test/rules/RULE-15-1/GotoStatementUsed.expected new file mode 100644 index 0000000000..7e06759159 --- /dev/null +++ b/c/misra/test/rules/RULE-15-1/GotoStatementUsed.expected @@ -0,0 +1 @@ +| test.c:4:3:4:14 | goto ... | Use of goto. | diff --git a/c/misra/test/rules/RULE-15-1/GotoStatementUsed.qlref b/c/misra/test/rules/RULE-15-1/GotoStatementUsed.qlref new file mode 100644 index 0000000000..338455d28f --- /dev/null +++ b/c/misra/test/rules/RULE-15-1/GotoStatementUsed.qlref @@ -0,0 +1 @@ +rules/RULE-15-1/GotoStatementUsed.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-15-1/test.c b/c/misra/test/rules/RULE-15-1/test.c new file mode 100644 index 0000000000..d13f01961c --- /dev/null +++ b/c/misra/test/rules/RULE-15-1/test.c @@ -0,0 +1,9 @@ +void test_goto() { + int x = 1; + + goto label1; // NON_COMPLIANT + +label1: + + x = 2; +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index aef4c1285c..6110876f6e 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -51,6 +51,7 @@ import Statements2 import Statements3 import Statements4 import Statements5 +import Statements6 import Strings1 import Strings2 import Strings3 @@ -107,6 +108,7 @@ newtype TCQuery = TStatements3PackageQuery(Statements3Query q) or TStatements4PackageQuery(Statements4Query q) or TStatements5PackageQuery(Statements5Query q) or + TStatements6PackageQuery(Statements6Query q) or TStrings1PackageQuery(Strings1Query q) or TStrings2PackageQuery(Strings2Query q) or TStrings3PackageQuery(Strings3Query q) or @@ -163,6 +165,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isStatements3QueryMetadata(query, queryId, ruleId, category) or isStatements4QueryMetadata(query, queryId, ruleId, category) or isStatements5QueryMetadata(query, queryId, ruleId, category) or + isStatements6QueryMetadata(query, queryId, ruleId, category) or isStrings1QueryMetadata(query, queryId, ruleId, category) or isStrings2QueryMetadata(query, queryId, ruleId, category) or isStrings3QueryMetadata(query, queryId, ruleId, category) or diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Statements6.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Statements6.qll new file mode 100644 index 0000000000..7261d0980a --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Statements6.qll @@ -0,0 +1,26 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype Statements6Query = TGotoStatementUsedQuery() + +predicate isStatements6QueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `gotoStatementUsed` query + Statements6Package::gotoStatementUsedQuery() and + queryId = + // `@id` for the `gotoStatementUsed` query + "c/misra/goto-statement-used" and + ruleId = "RULE-15-1" and + category = "advisory" +} + +module Statements6Package { + Query gotoStatementUsedQuery() { + //autogenerate `Query` type + result = + // `Query` type for `gotoStatementUsed` query + TQueryC(TStatements6PackageQuery(TGotoStatementUsedQuery())) + } +} diff --git a/rule_packages/c/Statements6.json b/rule_packages/c/Statements6.json new file mode 100644 index 0000000000..101987f9c3 --- /dev/null +++ b/rule_packages/c/Statements6.json @@ -0,0 +1,24 @@ +{ + "MISRA-C-2012": { + "RULE-15-1": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "The goto statement shall not be used.", + "kind": "problem", + "name": "The goto statement should not be used", + "precision": "very-high", + "severity": "error", + "short_name": "GotoStatementUsed", + "tags": [ + "correctness", + "security" + ] + } + ], + "title": "The goto statement should not be used" + } + } +} \ No newline at end of file diff --git a/rules.csv b/rules.csv index e1aa314525..8d6547ec40 100644 --- a/rules.csv +++ b/rules.csv @@ -697,7 +697,7 @@ c,MISRA-C-2012,RULE-14-1,Yes,Required,,,A loop counter shall not have essentiall c,MISRA-C-2012,RULE-14-2,Yes,Required,,,A for loop shall be well-formed,M6-5-1...M6-5-6,Statements4,Medium, c,MISRA-C-2012,RULE-14-3,Yes,Required,,,Controlling expressions shall not be invariant,,Statements5,Medium, c,MISRA-C-2012,RULE-14-4,Yes,Required,,,The controlling expression of an if statement and the controlling expression of an iteration-statement shall have essentially Boolean type,A5-0-2,Statements4,Medium, -c,MISRA-C-2012,RULE-15-1,No,Advisory,,,The goto statement should not be used,A6-6-1,,Import, +c,MISRA-C-2012,RULE-15-1,Yes,Advisory,,,The goto statement should not be used,A6-6-1,Statements6,Import, c,MISRA-C-2012,RULE-15-2,Yes,Required,,,The goto statement shall jump to a label declared later in the same function,M6-6-2,Statements2,Import, c,MISRA-C-2012,RULE-15-3,Yes,Required,,,"Any label referenced by a goto statement shall be declared in the same block, or in any block enclosing the goto statement",M6-6-1,Statements2,Import, c,MISRA-C-2012,RULE-15-4,Yes,Advisory,,,There should be no more than one break or goto statement used to terminate any iteration statement,,Statements2,Medium, From 23b36b4567311fbfb603acd5e5d752a03a427115 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 22 Mar 2023 22:35:20 +0000 Subject: [PATCH 0817/2573] FLP30-C: Fix NON_COMPLIANT tag Loop starts on Line 9. --- c/cert/test/rules/FLP30-C/test.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/c/cert/test/rules/FLP30-C/test.c b/c/cert/test/rules/FLP30-C/test.c index c56519a70e..e63dc5d1ed 100644 --- a/c/cert/test/rules/FLP30-C/test.c +++ b/c/cert/test/rules/FLP30-C/test.c @@ -6,9 +6,9 @@ void f1() { f = f * 2.0F; } - do { + do { // NON_COMPLIANT f *= 2.0F; - } while (f < 10.0F); // NON_COMPLIANT + } while (f < 10.0F); } void f2() { From 99a21b19379494607ce9ec893104f7b65926fc24 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Wed, 22 Mar 2023 15:52:51 -0700 Subject: [PATCH 0818/2573] Checkpoint: INT34-C --- ...ftedbyNegativeOrGreaterPrecisionOperand.ql | 144 +- c/cert/test/rules/INT34-C/test.c | 3641 ++++++++++++++--- 2 files changed, 3226 insertions(+), 559 deletions(-) diff --git a/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql b/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql index 1eb6459628..354e651c2a 100644 --- a/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql +++ b/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql @@ -12,72 +12,134 @@ import cpp import codingstandards.c.cert +import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis +import semmle.code.cpp.controlflow.Guards /* - * Precision predicate based on a sample implementaion from + * Precision predicate based on a sample implementation from * https://wiki.sei.cmu.edu/confluence/display/c/INT35-C.+Use+correct+integer+precisions */ +/** + * A function whose name is suggestive that it counts the number of bits set. + */ +class PopCount extends Function { + PopCount() { this.getName().toLowerCase().matches("%popc%nt%") } +} + +/** + * A macro which is suggestive that it is used to determine the precision of an integer. + */ +class PrecisionMacro extends Macro { + PrecisionMacro() { this.getName().toLowerCase().matches("precision") } +} + int getPrecision(BuiltInType type) { - type.(CharType).isExplicitlyUnsigned() and result = 8 + type.(CharType).isExplicitlyUnsigned() and result = type.(CharType).getSize() * 8 or - type.(ShortType).isExplicitlyUnsigned() and result = 16 + type.(ShortType).isExplicitlyUnsigned() and result = type.(ShortType).getSize() * 8 or - type.(IntType).isExplicitlyUnsigned() and result = 32 + type.(IntType).isExplicitlyUnsigned() and result = type.(IntType).getSize() * 8 or - type.(LongType).isExplicitlyUnsigned() and result = 32 + type.(LongType).isExplicitlyUnsigned() and result = type.(LongType).getSize() * 8 or - type.(LongLongType).isExplicitlyUnsigned() and result = 64 + type.(LongLongType).isExplicitlyUnsigned() and result = type.(LongLongType).getSize() * 8 or - type instanceof CharType and not type.(CharType).isExplicitlyUnsigned() and result = 7 + type instanceof CharType and + not type.(CharType).isExplicitlyUnsigned() and + result = type.(CharType).getSize() * 8 - 1 or - type instanceof ShortType and not type.(ShortType).isExplicitlyUnsigned() and result = 15 + type instanceof ShortType and + not type.(ShortType).isExplicitlyUnsigned() and + result = type.(ShortType).getSize() * 8 - 1 or - type instanceof IntType and not type.(IntType).isExplicitlyUnsigned() and result = 31 + type instanceof IntType and + not type.(IntType).isExplicitlyUnsigned() and + result = type.(IntType).getSize() * 8 - 1 or - type instanceof LongType and not type.(LongType).isExplicitlyUnsigned() and result = 31 + type instanceof LongType and + not type.(LongType).isExplicitlyUnsigned() and + result = type.(LongType).getSize() * 8 - 1 or - type instanceof LongLongType and not type.(LongLongType).isExplicitlyUnsigned() and result = 63 + type instanceof LongLongType and + not type.(LongLongType).isExplicitlyUnsigned() and + result = type.(LongLongType).getSize() * 8 - 1 } -/* The -1 number literal. */ -class MinusNumberLiteral extends UnaryMinusExpr { - MinusNumberLiteral() { this.getOperand() instanceof Literal } +predicate isForbiddenLShiftExpr(LShiftExpr binbitop, string message) { + ( + ( + getPrecision(binbitop.getLeftOperand().getUnderlyingType()) <= + upperBound(binbitop.getRightOperand()) and + message = + "The operand " + binbitop.getLeftOperand() + " is left-shifted by an expression " + + binbitop.getRightOperand() + " which is greater than or equal to in precision." + or + lowerBound(binbitop.getRightOperand()) < 0 and + message = + "The operand " + binbitop.getLeftOperand() + " is left-shifted by a negative expression " + + binbitop.getRightOperand() + "." + ) + or + /* Check a guard condition protecting the shift statement: heuristic (not an iff query) */ + exists(GuardCondition gc, BasicBlock block, Expr precisionCall | + block = binbitop.getBasicBlock() and + ( + precisionCall.(FunctionCall).getTarget() instanceof PopCount + or + precisionCall = any(PrecisionMacro pm).getAnInvocation().getExpr() + ) + | + /* + * Shift statement is at a basic block where + * `shift_rhs < PRECISION(...)` is ensured + */ - override string toString() { result = "-" + this.getOperand().toString() } + not gc.ensuresLt(binbitop.getRightOperand(), precisionCall, 0, block, true) + ) and + message = "TODO" + ) } -class ForbiddenShiftExpr extends BinaryBitwiseOperation { - ForbiddenShiftExpr() { +predicate isForbiddenRShiftExpr(RShiftExpr binbitop, string message) { + ( ( - /* First Case: Precision mismatch between operands */ - getPrecision(this.(LShiftExpr).getLeftOperand().getUnderlyingType()) <= - getPrecision(this.(LShiftExpr).getRightOperand().getUnderlyingType()) or - getPrecision(this.(RShiftExpr).getLeftOperand().getUnderlyingType()) <= - getPrecision(this.(RShiftExpr).getRightOperand().getUnderlyingType()) or - /* Second Case: Shifting by a negative number literal */ - this.(LShiftExpr).getRightOperand() instanceof MinusNumberLiteral or - this.(RShiftExpr).getRightOperand() instanceof MinusNumberLiteral + getPrecision(binbitop.getLeftOperand().getUnderlyingType()) <= + upperBound(binbitop.getRightOperand()) and + message = + "The operand " + binbitop.getLeftOperand() + " is right-shifted by an expression " + + binbitop.getRightOperand() + " which is greater than or equal to in precision." + or + lowerBound(binbitop.getRightOperand()) < 0 and + message = + "The operand " + binbitop.getLeftOperand() + " is right-shifted by a negative expression " + + binbitop.getRightOperand() + "." ) - } + or + /* Check a guard condition protecting the shift statement: heuristic (not an iff query) */ + exists(GuardCondition gc, BasicBlock block, Expr precisionCall | + block = binbitop.getBasicBlock() and + ( + precisionCall.(FunctionCall).getTarget() instanceof PopCount + or + precisionCall = any(PrecisionMacro pm).getAnInvocation().getExpr() + ) + | + /* + * Shift statement is at a basic block where + * `shift_rhs < PRECISION(...)` is ensured + */ - /* Second Case: Shifting by a negative number literal */ - predicate hasNegativeOperand() { - this.(LShiftExpr).getRightOperand() instanceof MinusNumberLiteral or - this.(RShiftExpr).getRightOperand() instanceof MinusNumberLiteral - } + not gc.ensuresLt(binbitop.getRightOperand(), precisionCall, 0, block, true) + ) and + message = "TODO" + ) } -from ForbiddenShiftExpr badShift, string message +from BinaryBitwiseOperation badShift, string message where not isExcluded(badShift, TypesPackage::exprShiftedbyNegativeOrGreaterPrecisionOperandQuery()) and - if badShift.hasNegativeOperand() - then - message = - "The operand " + badShift.getLeftOperand() + " is shifted by a negative expression " + - badShift.getRightOperand() + "." - else - message = - "The operand " + badShift.getLeftOperand() + " is shifted by an expression " + - badShift.getRightOperand() + " which is greater than or equal to in precision." + isForbiddenLShiftExpr(badShift, message) + or + isForbiddenRShiftExpr(badShift, message) select badShift, message diff --git a/c/cert/test/rules/INT34-C/test.c b/c/cert/test/rules/INT34-C/test.c index 982d0c15b5..e72c2b44d2 100644 --- a/c/cert/test/rules/INT34-C/test.c +++ b/c/cert/test/rules/INT34-C/test.c @@ -1,527 +1,3132 @@ +#include +#include +#include + +extern size_t popcount(uintmax_t) {}; +#define PRECISION(x) popcount(x) + int main() { - unsigned char x0; - signed char x1; - char x2; - unsigned short x3; - signed short x4; - short x5; - unsigned int x6; - signed int x7; - int x8; - unsigned long x9; - signed long x10; - long x11; - unsigned long long x12; - signed long long x13; - long long x14; + unsigned char lhs0 = UCHAR_MAX; + signed char lhs1 = CHAR_MAX; + char lhs2 = CHAR_MAX; + unsigned short lhs3 = USHRT_MAX; + signed short lhs4 = SHRT_MAX; + short lhs5 = SHRT_MAX; + unsigned int lhs6 = UINT_MAX; + signed int lhs7 = INT_MAX; + int lhs8 = INT_MAX; + unsigned long lhs9 = ULONG_MAX; + signed long lhs10 = LONG_MAX; + long lhs11 = LONG_MAX; + unsigned long long lhs12 = ULLONG_MAX; + signed long long lhs13 = LLONG_MAX; + long long lhs14 = LLONG_MAX; + + unsigned long long rhs0 = 8; + unsigned long long rhs1 = 7; + unsigned long long rhs2 = 7; + unsigned long long rhs3 = 16; + unsigned long long rhs4 = 15; + unsigned long long rhs5 = 15; + unsigned long long rhs6 = 32; + unsigned long long rhs7 = 31; + unsigned long long rhs8 = 31; + unsigned long long rhs9 = 32; + unsigned long long rhs10 = 31; + unsigned long long rhs11 = 31; + unsigned long long rhs12 = 64; + unsigned long long rhs13 = 63; + unsigned long long rhs14 = 63; + + /* ========== Left shifts ========== */ + + lhs0 << rhs0; // NON_COMPLIANT: lhs0's precision is not strictly greater than + // rhs0's + lhs0 << rhs1; // COMPLIANT: lhs0's precision is strictly greater than rhs1 + lhs0 << rhs2; // COMPLIANT: lhs0's precision is strictly greater than rhs2 + lhs0 << rhs3; // NON_COMPLIANT: lhs0's precision is not strictly greater than + // rhs3's + lhs0 << rhs4; // NON_COMPLIANT: lhs0's precision is not strictly greater than + // rhs4's + lhs0 << rhs5; // NON_COMPLIANT: lhs0's precision is not strictly greater than + // rhs5's + lhs0 << rhs6; // NON_COMPLIANT: lhs0's precision is not strictly greater than + // rhs6's + lhs0 << rhs7; // NON_COMPLIANT: lhs0's precision is not strictly greater than + // rhs7's + lhs0 << rhs8; // NON_COMPLIANT: lhs0's precision is not strictly greater than + // rhs8's + lhs0 << rhs9; // NON_COMPLIANT: lhs0's precision is not strictly greater than + // rhs9's + lhs0 << rhs10; // NON_COMPLIANT: lhs0's precision is not strictly greater than + // rhs10's + lhs0 << rhs11; // NON_COMPLIANT: lhs0's precision is not strictly greater than + // rhs11's + lhs0 << rhs12; // NON_COMPLIANT: lhs0's precision is not strictly greater than + // rhs12's + lhs0 << rhs13; // NON_COMPLIANT: lhs0's precision is not strictly greater than + // rhs13's + lhs0 << rhs14; // NON_COMPLIANT: lhs0's precision is not strictly greater than + // rhs14's + lhs1 << rhs0; // NON_COMPLIANT: lhs1's precision is not strictly greater than + // rhs0's + lhs1 << rhs1; // NON_COMPLIANT: lhs1's precision is not strictly greater than + // rhs1's + lhs1 << rhs2; // NON_COMPLIANT: lhs1's precision is not strictly greater than + // rhs2's + lhs1 << rhs3; // NON_COMPLIANT: lhs1's precision is not strictly greater than + // rhs3's + lhs1 << rhs4; // NON_COMPLIANT: lhs1's precision is not strictly greater than + // rhs4's + lhs1 << rhs5; // NON_COMPLIANT: lhs1's precision is not strictly greater than + // rhs5's + lhs1 << rhs6; // NON_COMPLIANT: lhs1's precision is not strictly greater than + // rhs6's + lhs1 << rhs7; // NON_COMPLIANT: lhs1's precision is not strictly greater than + // rhs7's + lhs1 << rhs8; // NON_COMPLIANT: lhs1's precision is not strictly greater than + // rhs8's + lhs1 << rhs9; // NON_COMPLIANT: lhs1's precision is not strictly greater than + // rhs9's + lhs1 << rhs10; // NON_COMPLIANT: lhs1's precision is not strictly greater than + // rhs10's + lhs1 << rhs11; // NON_COMPLIANT: lhs1's precision is not strictly greater than + // rhs11's + lhs1 << rhs12; // NON_COMPLIANT: lhs1's precision is not strictly greater than + // rhs12's + lhs1 << rhs13; // NON_COMPLIANT: lhs1's precision is not strictly greater than + // rhs13's + lhs1 << rhs14; // NON_COMPLIANT: lhs1's precision is not strictly greater than + // rhs14's + lhs2 << rhs0; // NON_COMPLIANT: lhs2's precision is not strictly greater than + // rhs0's + lhs2 << rhs1; // NON_COMPLIANT: lhs2's precision is not strictly greater than + // rhs1's + lhs2 << rhs2; // NON_COMPLIANT: lhs2's precision is not strictly greater than + // rhs2's + lhs2 << rhs3; // NON_COMPLIANT: lhs2's precision is not strictly greater than + // rhs3's + lhs2 << rhs4; // NON_COMPLIANT: lhs2's precision is not strictly greater than + // rhs4's + lhs2 << rhs5; // NON_COMPLIANT: lhs2's precision is not strictly greater than + // rhs5's + lhs2 << rhs6; // NON_COMPLIANT: lhs2's precision is not strictly greater than + // rhs6's + lhs2 << rhs7; // NON_COMPLIANT: lhs2's precision is not strictly greater than + // rhs7's + lhs2 << rhs8; // NON_COMPLIANT: lhs2's precision is not strictly greater than + // rhs8's + lhs2 << rhs9; // NON_COMPLIANT: lhs2's precision is not strictly greater than + // rhs9's + lhs2 << rhs10; // NON_COMPLIANT: lhs2's precision is not strictly greater than + // rhs10's + lhs2 << rhs11; // NON_COMPLIANT: lhs2's precision is not strictly greater than + // rhs11's + lhs2 << rhs12; // NON_COMPLIANT: lhs2's precision is not strictly greater than + // rhs12's + lhs2 << rhs13; // NON_COMPLIANT: lhs2's precision is not strictly greater than + // rhs13's + lhs2 << rhs14; // NON_COMPLIANT: lhs2's precision is not strictly greater than + // rhs14's + lhs3 << rhs0; // COMPLIANT: lhs3's precision is strictly greater than rhs0 + lhs3 << rhs1; // COMPLIANT: lhs3's precision is strictly greater than rhs1 + lhs3 << rhs2; // COMPLIANT: lhs3's precision is strictly greater than rhs2 + lhs3 << rhs3; // NON_COMPLIANT: lhs3's precision is not strictly greater than + // rhs3's + lhs3 << rhs4; // COMPLIANT: lhs3's precision is strictly greater than rhs4 + lhs3 << rhs5; // COMPLIANT: lhs3's precision is strictly greater than rhs5 + lhs3 << rhs6; // NON_COMPLIANT: lhs3's precision is not strictly greater than + // rhs6's + lhs3 << rhs7; // NON_COMPLIANT: lhs3's precision is not strictly greater than + // rhs7's + lhs3 << rhs8; // NON_COMPLIANT: lhs3's precision is not strictly greater than + // rhs8's + lhs3 << rhs9; // NON_COMPLIANT: lhs3's precision is not strictly greater than + // rhs9's + lhs3 << rhs10; // NON_COMPLIANT: lhs3's precision is not strictly greater than + // rhs10's + lhs3 << rhs11; // NON_COMPLIANT: lhs3's precision is not strictly greater than + // rhs11's + lhs3 << rhs12; // NON_COMPLIANT: lhs3's precision is not strictly greater than + // rhs12's + lhs3 << rhs13; // NON_COMPLIANT: lhs3's precision is not strictly greater than + // rhs13's + lhs3 << rhs14; // NON_COMPLIANT: lhs3's precision is not strictly greater than + // rhs14's + lhs4 << rhs0; // COMPLIANT: lhs4's precision is strictly greater than rhs0 + lhs4 << rhs1; // COMPLIANT: lhs4's precision is strictly greater than rhs1 + lhs4 << rhs2; // COMPLIANT: lhs4's precision is strictly greater than rhs2 + lhs4 << rhs3; // NON_COMPLIANT: lhs4's precision is not strictly greater than + // rhs3's + lhs4 << rhs4; // NON_COMPLIANT: lhs4's precision is not strictly greater than + // rhs4's + lhs4 << rhs5; // NON_COMPLIANT: lhs4's precision is not strictly greater than + // rhs5's + lhs4 << rhs6; // NON_COMPLIANT: lhs4's precision is not strictly greater than + // rhs6's + lhs4 << rhs7; // NON_COMPLIANT: lhs4's precision is not strictly greater than + // rhs7's + lhs4 << rhs8; // NON_COMPLIANT: lhs4's precision is not strictly greater than + // rhs8's + lhs4 << rhs9; // NON_COMPLIANT: lhs4's precision is not strictly greater than + // rhs9's + lhs4 << rhs10; // NON_COMPLIANT: lhs4's precision is not strictly greater than + // rhs10's + lhs4 << rhs11; // NON_COMPLIANT: lhs4's precision is not strictly greater than + // rhs11's + lhs4 << rhs12; // NON_COMPLIANT: lhs4's precision is not strictly greater than + // rhs12's + lhs4 << rhs13; // NON_COMPLIANT: lhs4's precision is not strictly greater than + // rhs13's + lhs4 << rhs14; // NON_COMPLIANT: lhs4's precision is not strictly greater than + // rhs14's + lhs5 << rhs0; // COMPLIANT: lhs5's precision is strictly greater than rhs0 + lhs5 << rhs1; // COMPLIANT: lhs5's precision is strictly greater than rhs1 + lhs5 << rhs2; // COMPLIANT: lhs5's precision is strictly greater than rhs2 + lhs5 << rhs3; // NON_COMPLIANT: lhs5's precision is not strictly greater than + // rhs3's + lhs5 << rhs4; // NON_COMPLIANT: lhs5's precision is not strictly greater than + // rhs4's + lhs5 << rhs5; // NON_COMPLIANT: lhs5's precision is not strictly greater than + // rhs5's + lhs5 << rhs6; // NON_COMPLIANT: lhs5's precision is not strictly greater than + // rhs6's + lhs5 << rhs7; // NON_COMPLIANT: lhs5's precision is not strictly greater than + // rhs7's + lhs5 << rhs8; // NON_COMPLIANT: lhs5's precision is not strictly greater than + // rhs8's + lhs5 << rhs9; // NON_COMPLIANT: lhs5's precision is not strictly greater than + // rhs9's + lhs5 << rhs10; // NON_COMPLIANT: lhs5's precision is not strictly greater than + // rhs10's + lhs5 << rhs11; // NON_COMPLIANT: lhs5's precision is not strictly greater than + // rhs11's + lhs5 << rhs12; // NON_COMPLIANT: lhs5's precision is not strictly greater than + // rhs12's + lhs5 << rhs13; // NON_COMPLIANT: lhs5's precision is not strictly greater than + // rhs13's + lhs5 << rhs14; // NON_COMPLIANT: lhs5's precision is not strictly greater than + // rhs14's + lhs6 << rhs0; // COMPLIANT: lhs6's precision is strictly greater than rhs0 + lhs6 << rhs1; // COMPLIANT: lhs6's precision is strictly greater than rhs1 + lhs6 << rhs2; // COMPLIANT: lhs6's precision is strictly greater than rhs2 + lhs6 << rhs3; // COMPLIANT: lhs6's precision is strictly greater than rhs3 + lhs6 << rhs4; // COMPLIANT: lhs6's precision is strictly greater than rhs4 + lhs6 << rhs5; // COMPLIANT: lhs6's precision is strictly greater than rhs5 + lhs6 << rhs6; // NON_COMPLIANT: lhs6's precision is not strictly greater than + // rhs6's + lhs6 << rhs7; // COMPLIANT: lhs6's precision is strictly greater than rhs7 + lhs6 << rhs8; // COMPLIANT: lhs6's precision is strictly greater than rhs8 + lhs6 << rhs9; // NON_COMPLIANT: lhs6's precision is not strictly greater than + // rhs9's + lhs6 << rhs10; // COMPLIANT: lhs6's precision is strictly greater than rhs10 + lhs6 << rhs11; // COMPLIANT: lhs6's precision is strictly greater than rhs11 + lhs6 << rhs12; // NON_COMPLIANT: lhs6's precision is not strictly greater than + // rhs12's + lhs6 << rhs13; // NON_COMPLIANT: lhs6's precision is not strictly greater than + // rhs13's + lhs6 << rhs14; // NON_COMPLIANT: lhs6's precision is not strictly greater than + // rhs14's + lhs7 << rhs0; // COMPLIANT: lhs7's precision is strictly greater than rhs0 + lhs7 << rhs1; // COMPLIANT: lhs7's precision is strictly greater than rhs1 + lhs7 << rhs2; // COMPLIANT: lhs7's precision is strictly greater than rhs2 + lhs7 << rhs3; // COMPLIANT: lhs7's precision is strictly greater than rhs3 + lhs7 << rhs4; // COMPLIANT: lhs7's precision is strictly greater than rhs4 + lhs7 << rhs5; // COMPLIANT: lhs7's precision is strictly greater than rhs5 + lhs7 << rhs6; // NON_COMPLIANT: lhs7's precision is not strictly greater than + // rhs6's + lhs7 << rhs7; // NON_COMPLIANT: lhs7's precision is not strictly greater than + // rhs7's + lhs7 << rhs8; // NON_COMPLIANT: lhs7's precision is not strictly greater than + // rhs8's + lhs7 << rhs9; // NON_COMPLIANT: lhs7's precision is not strictly greater than + // rhs9's + lhs7 << rhs10; // NON_COMPLIANT: lhs7's precision is not strictly greater than + // rhs10's + lhs7 << rhs11; // NON_COMPLIANT: lhs7's precision is not strictly greater than + // rhs11's + lhs7 << rhs12; // NON_COMPLIANT: lhs7's precision is not strictly greater than + // rhs12's + lhs7 << rhs13; // NON_COMPLIANT: lhs7's precision is not strictly greater than + // rhs13's + lhs7 << rhs14; // NON_COMPLIANT: lhs7's precision is not strictly greater than + // rhs14's + lhs8 << rhs0; // COMPLIANT: lhs8's precision is strictly greater than rhs0 + lhs8 << rhs1; // COMPLIANT: lhs8's precision is strictly greater than rhs1 + lhs8 << rhs2; // COMPLIANT: lhs8's precision is strictly greater than rhs2 + lhs8 << rhs3; // COMPLIANT: lhs8's precision is strictly greater than rhs3 + lhs8 << rhs4; // COMPLIANT: lhs8's precision is strictly greater than rhs4 + lhs8 << rhs5; // COMPLIANT: lhs8's precision is strictly greater than rhs5 + lhs8 << rhs6; // NON_COMPLIANT: lhs8's precision is not strictly greater than + // rhs6's + lhs8 << rhs7; // NON_COMPLIANT: lhs8's precision is not strictly greater than + // rhs7's + lhs8 << rhs8; // NON_COMPLIANT: lhs8's precision is not strictly greater than + // rhs8's + lhs8 << rhs9; // NON_COMPLIANT: lhs8's precision is not strictly greater than + // rhs9's + lhs8 << rhs10; // NON_COMPLIANT: lhs8's precision is not strictly greater than + // rhs10's + lhs8 << rhs11; // NON_COMPLIANT: lhs8's precision is not strictly greater than + // rhs11's + lhs8 << rhs12; // NON_COMPLIANT: lhs8's precision is not strictly greater than + // rhs12's + lhs8 << rhs13; // NON_COMPLIANT: lhs8's precision is not strictly greater than + // rhs13's + lhs8 << rhs14; // NON_COMPLIANT: lhs8's precision is not strictly greater than + // rhs14's + lhs9 << rhs0; // COMPLIANT: lhs9's precision is strictly greater than rhs0 + lhs9 << rhs1; // COMPLIANT: lhs9's precision is strictly greater than rhs1 + lhs9 << rhs2; // COMPLIANT: lhs9's precision is strictly greater than rhs2 + lhs9 << rhs3; // COMPLIANT: lhs9's precision is strictly greater than rhs3 + lhs9 << rhs4; // COMPLIANT: lhs9's precision is strictly greater than rhs4 + lhs9 << rhs5; // COMPLIANT: lhs9's precision is strictly greater than rhs5 + lhs9 << rhs6; // NON_COMPLIANT: lhs9's precision is not strictly greater than + // rhs6's + lhs9 << rhs7; // COMPLIANT: lhs9's precision is strictly greater than rhs7 + lhs9 << rhs8; // COMPLIANT: lhs9's precision is strictly greater than rhs8 + lhs9 << rhs9; // NON_COMPLIANT: lhs9's precision is not strictly greater than + // rhs9's + lhs9 << rhs10; // COMPLIANT: lhs9's precision is strictly greater than rhs10 + lhs9 << rhs11; // COMPLIANT: lhs9's precision is strictly greater than rhs11 + lhs9 << rhs12; // NON_COMPLIANT: lhs9's precision is not strictly greater than + // rhs12's + lhs9 << rhs13; // NON_COMPLIANT: lhs9's precision is not strictly greater than + // rhs13's + lhs9 << rhs14; // NON_COMPLIANT: lhs9's precision is not strictly greater than + // rhs14's + lhs10 << rhs0; // COMPLIANT: lhs10's precision is strictly greater than rhs0 + lhs10 << rhs1; // COMPLIANT: lhs10's precision is strictly greater than rhs1 + lhs10 << rhs2; // COMPLIANT: lhs10's precision is strictly greater than rhs2 + lhs10 << rhs3; // COMPLIANT: lhs10's precision is strictly greater than rhs3 + lhs10 << rhs4; // COMPLIANT: lhs10's precision is strictly greater than rhs4 + lhs10 << rhs5; // COMPLIANT: lhs10's precision is strictly greater than rhs5 + lhs10 << rhs6; // NON_COMPLIANT: lhs10's precision is not strictly greater + // than rhs6's + lhs10 << rhs7; // NON_COMPLIANT: lhs10's precision is not strictly greater + // than rhs7's + lhs10 << rhs8; // NON_COMPLIANT: lhs10's precision is not strictly greater + // than rhs8's + lhs10 << rhs9; // NON_COMPLIANT: lhs10's precision is not strictly greater + // than rhs9's + lhs10 << rhs10; // NON_COMPLIANT: lhs10's precision is not strictly greater + // than rhs10's + lhs10 << rhs11; // NON_COMPLIANT: lhs10's precision is not strictly greater + // than rhs11's + lhs10 << rhs12; // NON_COMPLIANT: lhs10's precision is not strictly greater + // than rhs12's + lhs10 << rhs13; // NON_COMPLIANT: lhs10's precision is not strictly greater + // than rhs13's + lhs10 << rhs14; // NON_COMPLIANT: lhs10's precision is not strictly greater + // than rhs14's + lhs11 << rhs0; // COMPLIANT: lhs11's precision is strictly greater than rhs0 + lhs11 << rhs1; // COMPLIANT: lhs11's precision is strictly greater than rhs1 + lhs11 << rhs2; // COMPLIANT: lhs11's precision is strictly greater than rhs2 + lhs11 << rhs3; // COMPLIANT: lhs11's precision is strictly greater than rhs3 + lhs11 << rhs4; // COMPLIANT: lhs11's precision is strictly greater than rhs4 + lhs11 << rhs5; // COMPLIANT: lhs11's precision is strictly greater than rhs5 + lhs11 << rhs6; // NON_COMPLIANT: lhs11's precision is not strictly greater + // than rhs6's + lhs11 << rhs7; // NON_COMPLIANT: lhs11's precision is not strictly greater + // than rhs7's + lhs11 << rhs8; // NON_COMPLIANT: lhs11's precision is not strictly greater + // than rhs8's + lhs11 << rhs9; // NON_COMPLIANT: lhs11's precision is not strictly greater + // than rhs9's + lhs11 << rhs10; // NON_COMPLIANT: lhs11's precision is not strictly greater + // than rhs10's + lhs11 << rhs11; // NON_COMPLIANT: lhs11's precision is not strictly greater + // than rhs11's + lhs11 << rhs12; // NON_COMPLIANT: lhs11's precision is not strictly greater + // than rhs12's + lhs11 << rhs13; // NON_COMPLIANT: lhs11's precision is not strictly greater + // than rhs13's + lhs11 << rhs14; // NON_COMPLIANT: lhs11's precision is not strictly greater + // than rhs14's + lhs12 << rhs0; // COMPLIANT: lhs12's precision is strictly greater than rhs0 + lhs12 << rhs1; // COMPLIANT: lhs12's precision is strictly greater than rhs1 + lhs12 << rhs2; // COMPLIANT: lhs12's precision is strictly greater than rhs2 + lhs12 << rhs3; // COMPLIANT: lhs12's precision is strictly greater than rhs3 + lhs12 << rhs4; // COMPLIANT: lhs12's precision is strictly greater than rhs4 + lhs12 << rhs5; // COMPLIANT: lhs12's precision is strictly greater than rhs5 + lhs12 << rhs6; // COMPLIANT: lhs12's precision is strictly greater than rhs6 + lhs12 << rhs7; // COMPLIANT: lhs12's precision is strictly greater than rhs7 + lhs12 << rhs8; // COMPLIANT: lhs12's precision is strictly greater than rhs8 + lhs12 << rhs9; // COMPLIANT: lhs12's precision is strictly greater than rhs9 + lhs12 << rhs10; // COMPLIANT: lhs12's precision is strictly greater than rhs10 + lhs12 << rhs11; // COMPLIANT: lhs12's precision is strictly greater than rhs11 + lhs12 << rhs12; // NON_COMPLIANT: lhs12's precision is not strictly greater + // than rhs12's + lhs12 << rhs13; // COMPLIANT: lhs12's precision is strictly greater than rhs13 + lhs12 << rhs14; // COMPLIANT: lhs12's precision is strictly greater than rhs14 + lhs13 << rhs0; // COMPLIANT: lhs13's precision is strictly greater than rhs0 + lhs13 << rhs1; // COMPLIANT: lhs13's precision is strictly greater than rhs1 + lhs13 << rhs2; // COMPLIANT: lhs13's precision is strictly greater than rhs2 + lhs13 << rhs3; // COMPLIANT: lhs13's precision is strictly greater than rhs3 + lhs13 << rhs4; // COMPLIANT: lhs13's precision is strictly greater than rhs4 + lhs13 << rhs5; // COMPLIANT: lhs13's precision is strictly greater than rhs5 + lhs13 << rhs6; // COMPLIANT: lhs13's precision is strictly greater than rhs6 + lhs13 << rhs7; // COMPLIANT: lhs13's precision is strictly greater than rhs7 + lhs13 << rhs8; // COMPLIANT: lhs13's precision is strictly greater than rhs8 + lhs13 << rhs9; // COMPLIANT: lhs13's precision is strictly greater than rhs9 + lhs13 << rhs10; // COMPLIANT: lhs13's precision is strictly greater than rhs10 + lhs13 << rhs11; // COMPLIANT: lhs13's precision is strictly greater than rhs11 + lhs13 << rhs12; // NON_COMPLIANT: lhs13's precision is not strictly greater + // than rhs12's + lhs13 << rhs13; // NON_COMPLIANT: lhs13's precision is not strictly greater + // than rhs13's + lhs13 << rhs14; // NON_COMPLIANT: lhs13's precision is not strictly greater + // than rhs14's + lhs14 << rhs0; // COMPLIANT: lhs14's precision is strictly greater than rhs0 + lhs14 << rhs1; // COMPLIANT: lhs14's precision is strictly greater than rhs1 + lhs14 << rhs2; // COMPLIANT: lhs14's precision is strictly greater than rhs2 + lhs14 << rhs3; // COMPLIANT: lhs14's precision is strictly greater than rhs3 + lhs14 << rhs4; // COMPLIANT: lhs14's precision is strictly greater than rhs4 + lhs14 << rhs5; // COMPLIANT: lhs14's precision is strictly greater than rhs5 + lhs14 << rhs6; // COMPLIANT: lhs14's precision is strictly greater than rhs6 + lhs14 << rhs7; // COMPLIANT: lhs14's precision is strictly greater than rhs7 + lhs14 << rhs8; // COMPLIANT: lhs14's precision is strictly greater than rhs8 + lhs14 << rhs9; // COMPLIANT: lhs14's precision is strictly greater than rhs9 + lhs14 << rhs10; // COMPLIANT: lhs14's precision is strictly greater than rhs10 + lhs14 << rhs11; // COMPLIANT: lhs14's precision is strictly greater than rhs11 + lhs14 << rhs12; // NON_COMPLIANT: lhs14's precision is not strictly greater + // than rhs12's + lhs14 << rhs13; // NON_COMPLIANT: lhs14's precision is not strictly greater + // than rhs13's + lhs14 << rhs14; // NON_COMPLIANT: lhs14's precision is not strictly greater + // than rhs14's + + /* ===== Left shift with guards, the shift expression is at `then` branch + * ===== */ + + if (rhs0 < PRECISION(UCHAR_MAX)) + lhs0 << rhs0; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs0, but it's inside a PRECISION guard + if (rhs3 < PRECISION(UCHAR_MAX)) + lhs0 << rhs3; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs3, but it's inside a PRECISION guard + if (rhs4 < PRECISION(UCHAR_MAX)) + lhs0 << rhs4; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs4, but it's inside a PRECISION guard + if (rhs5 < PRECISION(UCHAR_MAX)) + lhs0 << rhs5; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs5, but it's inside a PRECISION guard + if (rhs6 < PRECISION(UCHAR_MAX)) + lhs0 << rhs6; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + if (rhs7 < PRECISION(UCHAR_MAX)) + lhs0 << rhs7; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs7, but it's inside a PRECISION guard + if (rhs8 < PRECISION(UCHAR_MAX)) + lhs0 << rhs8; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs8, but it's inside a PRECISION guard + if (rhs9 < PRECISION(UCHAR_MAX)) + lhs0 << rhs9; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + if (rhs10 < PRECISION(UCHAR_MAX)) + lhs0 << rhs10; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs10, but it's inside a PRECISION guard + if (rhs11 < PRECISION(UCHAR_MAX)) + lhs0 << rhs11; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs11, but it's inside a PRECISION guard + if (rhs12 < PRECISION(UCHAR_MAX)) + lhs0 << rhs12; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + if (rhs13 < PRECISION(UCHAR_MAX)) + lhs0 << rhs13; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + if (rhs14 < PRECISION(UCHAR_MAX)) + lhs0 << rhs14; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + if (rhs0 < PRECISION(CHAR_MAX)) + lhs1 << rhs0; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs0, but it's inside a PRECISION guard + if (rhs1 < PRECISION(CHAR_MAX)) + lhs1 << rhs1; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs1, but it's inside a PRECISION guard + if (rhs2 < PRECISION(CHAR_MAX)) + lhs1 << rhs2; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs2, but it's inside a PRECISION guard + if (rhs3 < PRECISION(CHAR_MAX)) + lhs1 << rhs3; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs3, but it's inside a PRECISION guard + if (rhs4 < PRECISION(CHAR_MAX)) + lhs1 << rhs4; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs4, but it's inside a PRECISION guard + if (rhs5 < PRECISION(CHAR_MAX)) + lhs1 << rhs5; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs5, but it's inside a PRECISION guard + if (rhs6 < PRECISION(CHAR_MAX)) + lhs1 << rhs6; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + if (rhs7 < PRECISION(CHAR_MAX)) + lhs1 << rhs7; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs7, but it's inside a PRECISION guard + if (rhs8 < PRECISION(CHAR_MAX)) + lhs1 << rhs8; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs8, but it's inside a PRECISION guard + if (rhs9 < PRECISION(CHAR_MAX)) + lhs1 << rhs9; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + if (rhs10 < PRECISION(CHAR_MAX)) + lhs1 << rhs10; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs10, but it's inside a PRECISION guard + if (rhs11 < PRECISION(CHAR_MAX)) + lhs1 << rhs11; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs11, but it's inside a PRECISION guard + if (rhs12 < PRECISION(CHAR_MAX)) + lhs1 << rhs12; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + if (rhs13 < PRECISION(CHAR_MAX)) + lhs1 << rhs13; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + if (rhs14 < PRECISION(CHAR_MAX)) + lhs1 << rhs14; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + if (rhs0 < PRECISION(CHAR_MAX)) + lhs2 << rhs0; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs0, but it's inside a PRECISION guard + if (rhs1 < PRECISION(CHAR_MAX)) + lhs2 << rhs1; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs1, but it's inside a PRECISION guard + if (rhs2 < PRECISION(CHAR_MAX)) + lhs2 << rhs2; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs2, but it's inside a PRECISION guard + if (rhs3 < PRECISION(CHAR_MAX)) + lhs2 << rhs3; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs3, but it's inside a PRECISION guard + if (rhs4 < PRECISION(CHAR_MAX)) + lhs2 << rhs4; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs4, but it's inside a PRECISION guard + if (rhs5 < PRECISION(CHAR_MAX)) + lhs2 << rhs5; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs5, but it's inside a PRECISION guard + if (rhs6 < PRECISION(CHAR_MAX)) + lhs2 << rhs6; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + if (rhs7 < PRECISION(CHAR_MAX)) + lhs2 << rhs7; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs7, but it's inside a PRECISION guard + if (rhs8 < PRECISION(CHAR_MAX)) + lhs2 << rhs8; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs8, but it's inside a PRECISION guard + if (rhs9 < PRECISION(CHAR_MAX)) + lhs2 << rhs9; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + if (rhs10 < PRECISION(CHAR_MAX)) + lhs2 << rhs10; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs10, but it's inside a PRECISION guard + if (rhs11 < PRECISION(CHAR_MAX)) + lhs2 << rhs11; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs11, but it's inside a PRECISION guard + if (rhs12 < PRECISION(CHAR_MAX)) + lhs2 << rhs12; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + if (rhs13 < PRECISION(CHAR_MAX)) + lhs2 << rhs13; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + if (rhs14 < PRECISION(CHAR_MAX)) + lhs2 << rhs14; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + if (rhs3 < PRECISION(USHRT_MAX)) + lhs3 << rhs3; // COMPLIANT: lhs3's precision is not strictly greater than + // rhs3, but it's inside a PRECISION guard + if (rhs6 < PRECISION(USHRT_MAX)) + lhs3 << rhs6; // COMPLIANT: lhs3's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + if (rhs7 < PRECISION(USHRT_MAX)) + lhs3 << rhs7; // COMPLIANT: lhs3's precision is not strictly greater than + // rhs7, but it's inside a PRECISION guard + if (rhs8 < PRECISION(USHRT_MAX)) + lhs3 << rhs8; // COMPLIANT: lhs3's precision is not strictly greater than + // rhs8, but it's inside a PRECISION guard + if (rhs9 < PRECISION(USHRT_MAX)) + lhs3 << rhs9; // COMPLIANT: lhs3's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + if (rhs10 < PRECISION(USHRT_MAX)) + lhs3 << rhs10; // COMPLIANT: lhs3's precision is not strictly greater than + // rhs10, but it's inside a PRECISION guard + if (rhs11 < PRECISION(USHRT_MAX)) + lhs3 << rhs11; // COMPLIANT: lhs3's precision is not strictly greater than + // rhs11, but it's inside a PRECISION guard + if (rhs12 < PRECISION(USHRT_MAX)) + lhs3 << rhs12; // COMPLIANT: lhs3's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + if (rhs13 < PRECISION(USHRT_MAX)) + lhs3 << rhs13; // COMPLIANT: lhs3's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + if (rhs14 < PRECISION(USHRT_MAX)) + lhs3 << rhs14; // COMPLIANT: lhs3's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + if (rhs3 < PRECISION(SHRT_MAX)) + lhs4 << rhs3; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs3, but it's inside a PRECISION guard + if (rhs4 < PRECISION(SHRT_MAX)) + lhs4 << rhs4; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs4, but it's inside a PRECISION guard + if (rhs5 < PRECISION(SHRT_MAX)) + lhs4 << rhs5; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs5, but it's inside a PRECISION guard + if (rhs6 < PRECISION(SHRT_MAX)) + lhs4 << rhs6; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + if (rhs7 < PRECISION(SHRT_MAX)) + lhs4 << rhs7; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs7, but it's inside a PRECISION guard + if (rhs8 < PRECISION(SHRT_MAX)) + lhs4 << rhs8; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs8, but it's inside a PRECISION guard + if (rhs9 < PRECISION(SHRT_MAX)) + lhs4 << rhs9; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + if (rhs10 < PRECISION(SHRT_MAX)) + lhs4 << rhs10; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs10, but it's inside a PRECISION guard + if (rhs11 < PRECISION(SHRT_MAX)) + lhs4 << rhs11; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs11, but it's inside a PRECISION guard + if (rhs12 < PRECISION(SHRT_MAX)) + lhs4 << rhs12; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + if (rhs13 < PRECISION(SHRT_MAX)) + lhs4 << rhs13; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + if (rhs14 < PRECISION(SHRT_MAX)) + lhs4 << rhs14; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + if (rhs3 < PRECISION(SHRT_MAX)) + lhs5 << rhs3; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs3, but it's inside a PRECISION guard + if (rhs4 < PRECISION(SHRT_MAX)) + lhs5 << rhs4; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs4, but it's inside a PRECISION guard + if (rhs5 < PRECISION(SHRT_MAX)) + lhs5 << rhs5; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs5, but it's inside a PRECISION guard + if (rhs6 < PRECISION(SHRT_MAX)) + lhs5 << rhs6; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + if (rhs7 < PRECISION(SHRT_MAX)) + lhs5 << rhs7; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs7, but it's inside a PRECISION guard + if (rhs8 < PRECISION(SHRT_MAX)) + lhs5 << rhs8; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs8, but it's inside a PRECISION guard + if (rhs9 < PRECISION(SHRT_MAX)) + lhs5 << rhs9; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + if (rhs10 < PRECISION(SHRT_MAX)) + lhs5 << rhs10; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs10, but it's inside a PRECISION guard + if (rhs11 < PRECISION(SHRT_MAX)) + lhs5 << rhs11; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs11, but it's inside a PRECISION guard + if (rhs12 < PRECISION(SHRT_MAX)) + lhs5 << rhs12; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + if (rhs13 < PRECISION(SHRT_MAX)) + lhs5 << rhs13; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + if (rhs14 < PRECISION(SHRT_MAX)) + lhs5 << rhs14; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + if (rhs6 < PRECISION(UINT_MAX)) + lhs6 << rhs6; // COMPLIANT: lhs6's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + if (rhs9 < PRECISION(UINT_MAX)) + lhs6 << rhs9; // COMPLIANT: lhs6's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + if (rhs12 < PRECISION(UINT_MAX)) + lhs6 << rhs12; // COMPLIANT: lhs6's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + if (rhs13 < PRECISION(UINT_MAX)) + lhs6 << rhs13; // COMPLIANT: lhs6's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + if (rhs14 < PRECISION(UINT_MAX)) + lhs6 << rhs14; // COMPLIANT: lhs6's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + if (rhs6 < PRECISION(INT_MAX)) + lhs7 << rhs6; // COMPLIANT: lhs7's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + if (rhs7 < PRECISION(INT_MAX)) + lhs7 << rhs7; // COMPLIANT: lhs7's precision is not strictly greater than + // rhs7, but it's inside a PRECISION guard + if (rhs8 < PRECISION(INT_MAX)) + lhs7 << rhs8; // COMPLIANT: lhs7's precision is not strictly greater than + // rhs8, but it's inside a PRECISION guard + if (rhs9 < PRECISION(INT_MAX)) + lhs7 << rhs9; // COMPLIANT: lhs7's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + if (rhs10 < PRECISION(INT_MAX)) + lhs7 << rhs10; // COMPLIANT: lhs7's precision is not strictly greater than + // rhs10, but it's inside a PRECISION guard + if (rhs11 < PRECISION(INT_MAX)) + lhs7 << rhs11; // COMPLIANT: lhs7's precision is not strictly greater than + // rhs11, but it's inside a PRECISION guard + if (rhs12 < PRECISION(INT_MAX)) + lhs7 << rhs12; // COMPLIANT: lhs7's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + if (rhs13 < PRECISION(INT_MAX)) + lhs7 << rhs13; // COMPLIANT: lhs7's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + if (rhs14 < PRECISION(INT_MAX)) + lhs7 << rhs14; // COMPLIANT: lhs7's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + if (rhs6 < PRECISION(INT_MAX)) + lhs8 << rhs6; // COMPLIANT: lhs8's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + if (rhs7 < PRECISION(INT_MAX)) + lhs8 << rhs7; // COMPLIANT: lhs8's precision is not strictly greater than + // rhs7, but it's inside a PRECISION guard + if (rhs8 < PRECISION(INT_MAX)) + lhs8 << rhs8; // COMPLIANT: lhs8's precision is not strictly greater than + // rhs8, but it's inside a PRECISION guard + if (rhs9 < PRECISION(INT_MAX)) + lhs8 << rhs9; // COMPLIANT: lhs8's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + if (rhs10 < PRECISION(INT_MAX)) + lhs8 << rhs10; // COMPLIANT: lhs8's precision is not strictly greater than + // rhs10, but it's inside a PRECISION guard + if (rhs11 < PRECISION(INT_MAX)) + lhs8 << rhs11; // COMPLIANT: lhs8's precision is not strictly greater than + // rhs11, but it's inside a PRECISION guard + if (rhs12 < PRECISION(INT_MAX)) + lhs8 << rhs12; // COMPLIANT: lhs8's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + if (rhs13 < PRECISION(INT_MAX)) + lhs8 << rhs13; // COMPLIANT: lhs8's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + if (rhs14 < PRECISION(INT_MAX)) + lhs8 << rhs14; // COMPLIANT: lhs8's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + if (rhs6 < PRECISION(ULONG_MAX)) + lhs9 << rhs6; // COMPLIANT: lhs9's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + if (rhs9 < PRECISION(ULONG_MAX)) + lhs9 << rhs9; // COMPLIANT: lhs9's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + if (rhs12 < PRECISION(ULONG_MAX)) + lhs9 << rhs12; // COMPLIANT: lhs9's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + if (rhs13 < PRECISION(ULONG_MAX)) + lhs9 << rhs13; // COMPLIANT: lhs9's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + if (rhs14 < PRECISION(ULONG_MAX)) + lhs9 << rhs14; // COMPLIANT: lhs9's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + if (rhs6 < PRECISION(LONG_MAX)) + lhs10 << rhs6; // COMPLIANT: lhs10's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + if (rhs7 < PRECISION(LONG_MAX)) + lhs10 << rhs7; // COMPLIANT: lhs10's precision is not strictly greater than + // rhs7, but it's inside a PRECISION guard + if (rhs8 < PRECISION(LONG_MAX)) + lhs10 << rhs8; // COMPLIANT: lhs10's precision is not strictly greater than + // rhs8, but it's inside a PRECISION guard + if (rhs9 < PRECISION(LONG_MAX)) + lhs10 << rhs9; // COMPLIANT: lhs10's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + if (rhs10 < PRECISION(LONG_MAX)) + lhs10 << rhs10; // COMPLIANT: lhs10's precision is not strictly greater than + // rhs10, but it's inside a PRECISION guard + if (rhs11 < PRECISION(LONG_MAX)) + lhs10 << rhs11; // COMPLIANT: lhs10's precision is not strictly greater than + // rhs11, but it's inside a PRECISION guard + if (rhs12 < PRECISION(LONG_MAX)) + lhs10 << rhs12; // COMPLIANT: lhs10's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + if (rhs13 < PRECISION(LONG_MAX)) + lhs10 << rhs13; // COMPLIANT: lhs10's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + if (rhs14 < PRECISION(LONG_MAX)) + lhs10 << rhs14; // COMPLIANT: lhs10's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + if (rhs6 < PRECISION(LONG_MAX)) + lhs11 << rhs6; // COMPLIANT: lhs11's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + if (rhs7 < PRECISION(LONG_MAX)) + lhs11 << rhs7; // COMPLIANT: lhs11's precision is not strictly greater than + // rhs7, but it's inside a PRECISION guard + if (rhs8 < PRECISION(LONG_MAX)) + lhs11 << rhs8; // COMPLIANT: lhs11's precision is not strictly greater than + // rhs8, but it's inside a PRECISION guard + if (rhs9 < PRECISION(LONG_MAX)) + lhs11 << rhs9; // COMPLIANT: lhs11's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + if (rhs10 < PRECISION(LONG_MAX)) + lhs11 << rhs10; // COMPLIANT: lhs11's precision is not strictly greater than + // rhs10, but it's inside a PRECISION guard + if (rhs11 < PRECISION(LONG_MAX)) + lhs11 << rhs11; // COMPLIANT: lhs11's precision is not strictly greater than + // rhs11, but it's inside a PRECISION guard + if (rhs12 < PRECISION(LONG_MAX)) + lhs11 << rhs12; // COMPLIANT: lhs11's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + if (rhs13 < PRECISION(LONG_MAX)) + lhs11 << rhs13; // COMPLIANT: lhs11's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + if (rhs14 < PRECISION(LONG_MAX)) + lhs11 << rhs14; // COMPLIANT: lhs11's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + if (rhs12 < PRECISION(ULLONG_MAX)) + lhs12 << rhs12; // COMPLIANT: lhs12's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + if (rhs12 < PRECISION(LLONG_MAX)) + lhs13 << rhs12; // COMPLIANT: lhs13's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + if (rhs13 < PRECISION(LLONG_MAX)) + lhs13 << rhs13; // COMPLIANT: lhs13's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + if (rhs14 < PRECISION(LLONG_MAX)) + lhs13 << rhs14; // COMPLIANT: lhs13's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + if (rhs12 < PRECISION(LLONG_MAX)) + lhs14 << rhs12; // COMPLIANT: lhs14's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + if (rhs13 < PRECISION(LLONG_MAX)) + lhs14 << rhs13; // COMPLIANT: lhs14's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + if (rhs14 < PRECISION(LLONG_MAX)) + lhs14 << rhs14; // COMPLIANT: lhs14's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + + /* ===== Left shift with guards, the shift expression is at `else` branch + * ===== */ + + if (rhs0 >= PRECISION(UCHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs0 << rhs0; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs0, but it's inside a PRECISION guard + } + if (rhs3 >= PRECISION(UCHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs0 << rhs3; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs3, but it's inside a PRECISION guard + } + if (rhs4 >= PRECISION(UCHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs0 << rhs4; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs4, but it's inside a PRECISION guard + } + if (rhs5 >= PRECISION(UCHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs0 << rhs5; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs5, but it's inside a PRECISION guard + } + if (rhs6 >= PRECISION(UCHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs0 << rhs6; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + } + if (rhs7 >= PRECISION(UCHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs0 << rhs7; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs7, but it's inside a PRECISION guard + } + if (rhs8 >= PRECISION(UCHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs0 << rhs8; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs8, but it's inside a PRECISION guard + } + if (rhs9 >= PRECISION(UCHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs0 << rhs9; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + } + if (rhs10 >= PRECISION(UCHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs0 << rhs10; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs10, but it's inside a PRECISION guard + } + if (rhs11 >= PRECISION(UCHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs0 << rhs11; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs11, but it's inside a PRECISION guard + } + if (rhs12 >= PRECISION(UCHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs0 << rhs12; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + } + if (rhs13 >= PRECISION(UCHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs0 << rhs13; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + } + if (rhs14 >= PRECISION(UCHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs0 << rhs14; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + } + if (rhs0 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs1 << rhs0; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs0, but it's inside a PRECISION guard + } + if (rhs1 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs1 << rhs1; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs1, but it's inside a PRECISION guard + } + if (rhs2 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs1 << rhs2; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs2, but it's inside a PRECISION guard + } + if (rhs3 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs1 << rhs3; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs3, but it's inside a PRECISION guard + } + if (rhs4 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs1 << rhs4; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs4, but it's inside a PRECISION guard + } + if (rhs5 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs1 << rhs5; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs5, but it's inside a PRECISION guard + } + if (rhs6 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs1 << rhs6; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + } + if (rhs7 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs1 << rhs7; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs7, but it's inside a PRECISION guard + } + if (rhs8 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs1 << rhs8; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs8, but it's inside a PRECISION guard + } + if (rhs9 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs1 << rhs9; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + } + if (rhs10 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs1 << rhs10; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs10, but it's inside a PRECISION guard + } + if (rhs11 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs1 << rhs11; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs11, but it's inside a PRECISION guard + } + if (rhs12 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs1 << rhs12; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + } + if (rhs13 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs1 << rhs13; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + } + if (rhs14 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs1 << rhs14; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + } + if (rhs0 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs2 << rhs0; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs0, but it's inside a PRECISION guard + } + if (rhs1 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs2 << rhs1; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs1, but it's inside a PRECISION guard + } + if (rhs2 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs2 << rhs2; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs2, but it's inside a PRECISION guard + } + if (rhs3 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs2 << rhs3; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs3, but it's inside a PRECISION guard + } + if (rhs4 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs2 << rhs4; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs4, but it's inside a PRECISION guard + } + if (rhs5 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs2 << rhs5; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs5, but it's inside a PRECISION guard + } + if (rhs6 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs2 << rhs6; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + } + if (rhs7 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs2 << rhs7; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs7, but it's inside a PRECISION guard + } + if (rhs8 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs2 << rhs8; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs8, but it's inside a PRECISION guard + } + if (rhs9 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs2 << rhs9; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + } + if (rhs10 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs2 << rhs10; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs10, but it's inside a PRECISION guard + } + if (rhs11 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs2 << rhs11; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs11, but it's inside a PRECISION guard + } + if (rhs12 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs2 << rhs12; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + } + if (rhs13 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs2 << rhs13; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + } + if (rhs14 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs2 << rhs14; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + } + if (rhs3 >= PRECISION(USHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs3 << rhs3; // COMPLIANT: lhs3's precision is not strictly greater than + // rhs3, but it's inside a PRECISION guard + } + if (rhs6 >= PRECISION(USHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs3 << rhs6; // COMPLIANT: lhs3's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + } + if (rhs7 >= PRECISION(USHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs3 << rhs7; // COMPLIANT: lhs3's precision is not strictly greater than + // rhs7, but it's inside a PRECISION guard + } + if (rhs8 >= PRECISION(USHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs3 << rhs8; // COMPLIANT: lhs3's precision is not strictly greater than + // rhs8, but it's inside a PRECISION guard + } + if (rhs9 >= PRECISION(USHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs3 << rhs9; // COMPLIANT: lhs3's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + } + if (rhs10 >= PRECISION(USHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs3 << rhs10; // COMPLIANT: lhs3's precision is not strictly greater than + // rhs10, but it's inside a PRECISION guard + } + if (rhs11 >= PRECISION(USHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs3 << rhs11; // COMPLIANT: lhs3's precision is not strictly greater than + // rhs11, but it's inside a PRECISION guard + } + if (rhs12 >= PRECISION(USHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs3 << rhs12; // COMPLIANT: lhs3's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + } + if (rhs13 >= PRECISION(USHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs3 << rhs13; // COMPLIANT: lhs3's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + } + if (rhs14 >= PRECISION(USHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs3 << rhs14; // COMPLIANT: lhs3's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + } + if (rhs3 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs4 << rhs3; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs3, but it's inside a PRECISION guard + } + if (rhs4 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs4 << rhs4; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs4, but it's inside a PRECISION guard + } + if (rhs5 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs4 << rhs5; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs5, but it's inside a PRECISION guard + } + if (rhs6 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs4 << rhs6; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + } + if (rhs7 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs4 << rhs7; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs7, but it's inside a PRECISION guard + } + if (rhs8 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs4 << rhs8; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs8, but it's inside a PRECISION guard + } + if (rhs9 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs4 << rhs9; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + } + if (rhs10 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs4 << rhs10; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs10, but it's inside a PRECISION guard + } + if (rhs11 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs4 << rhs11; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs11, but it's inside a PRECISION guard + } + if (rhs12 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs4 << rhs12; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + } + if (rhs13 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs4 << rhs13; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + } + if (rhs14 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs4 << rhs14; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + } + if (rhs3 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs5 << rhs3; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs3, but it's inside a PRECISION guard + } + if (rhs4 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs5 << rhs4; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs4, but it's inside a PRECISION guard + } + if (rhs5 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs5 << rhs5; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs5, but it's inside a PRECISION guard + } + if (rhs6 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs5 << rhs6; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + } + if (rhs7 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs5 << rhs7; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs7, but it's inside a PRECISION guard + } + if (rhs8 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs5 << rhs8; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs8, but it's inside a PRECISION guard + } + if (rhs9 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs5 << rhs9; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + } + if (rhs10 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs5 << rhs10; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs10, but it's inside a PRECISION guard + } + if (rhs11 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs5 << rhs11; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs11, but it's inside a PRECISION guard + } + if (rhs12 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs5 << rhs12; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + } + if (rhs13 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs5 << rhs13; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + } + if (rhs14 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs5 << rhs14; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + } + if (rhs6 >= PRECISION(UINT_MAX)) { + ; /* Handle Error */ + } else { + lhs6 << rhs6; // COMPLIANT: lhs6's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + } + if (rhs9 >= PRECISION(UINT_MAX)) { + ; /* Handle Error */ + } else { + lhs6 << rhs9; // COMPLIANT: lhs6's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + } + if (rhs12 >= PRECISION(UINT_MAX)) { + ; /* Handle Error */ + } else { + lhs6 << rhs12; // COMPLIANT: lhs6's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + } + if (rhs13 >= PRECISION(UINT_MAX)) { + ; /* Handle Error */ + } else { + lhs6 << rhs13; // COMPLIANT: lhs6's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + } + if (rhs14 >= PRECISION(UINT_MAX)) { + ; /* Handle Error */ + } else { + lhs6 << rhs14; // COMPLIANT: lhs6's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + } + if (rhs6 >= PRECISION(INT_MAX)) { + ; /* Handle Error */ + } else { + lhs7 << rhs6; // COMPLIANT: lhs7's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + } + if (rhs7 >= PRECISION(INT_MAX)) { + ; /* Handle Error */ + } else { + lhs7 << rhs7; // COMPLIANT: lhs7's precision is not strictly greater than + // rhs7, but it's inside a PRECISION guard + } + if (rhs8 >= PRECISION(INT_MAX)) { + ; /* Handle Error */ + } else { + lhs7 << rhs8; // COMPLIANT: lhs7's precision is not strictly greater than + // rhs8, but it's inside a PRECISION guard + } + if (rhs9 >= PRECISION(INT_MAX)) { + ; /* Handle Error */ + } else { + lhs7 << rhs9; // COMPLIANT: lhs7's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + } + if (rhs10 >= PRECISION(INT_MAX)) { + ; /* Handle Error */ + } else { + lhs7 << rhs10; // COMPLIANT: lhs7's precision is not strictly greater than + // rhs10, but it's inside a PRECISION guard + } + if (rhs11 >= PRECISION(INT_MAX)) { + ; /* Handle Error */ + } else { + lhs7 << rhs11; // COMPLIANT: lhs7's precision is not strictly greater than + // rhs11, but it's inside a PRECISION guard + } + if (rhs12 >= PRECISION(INT_MAX)) { + ; /* Handle Error */ + } else { + lhs7 << rhs12; // COMPLIANT: lhs7's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + } + if (rhs13 >= PRECISION(INT_MAX)) { + ; /* Handle Error */ + } else { + lhs7 << rhs13; // COMPLIANT: lhs7's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + } + if (rhs14 >= PRECISION(INT_MAX)) { + ; /* Handle Error */ + } else { + lhs7 << rhs14; // COMPLIANT: lhs7's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + } + if (rhs6 >= PRECISION(INT_MAX)) { + ; /* Handle Error */ + } else { + lhs8 << rhs6; // COMPLIANT: lhs8's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + } + if (rhs7 >= PRECISION(INT_MAX)) { + ; /* Handle Error */ + } else { + lhs8 << rhs7; // COMPLIANT: lhs8's precision is not strictly greater than + // rhs7, but it's inside a PRECISION guard + } + if (rhs8 >= PRECISION(INT_MAX)) { + ; /* Handle Error */ + } else { + lhs8 << rhs8; // COMPLIANT: lhs8's precision is not strictly greater than + // rhs8, but it's inside a PRECISION guard + } + if (rhs9 >= PRECISION(INT_MAX)) { + ; /* Handle Error */ + } else { + lhs8 << rhs9; // COMPLIANT: lhs8's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + } + if (rhs10 >= PRECISION(INT_MAX)) { + ; /* Handle Error */ + } else { + lhs8 << rhs10; // COMPLIANT: lhs8's precision is not strictly greater than + // rhs10, but it's inside a PRECISION guard + } + if (rhs11 >= PRECISION(INT_MAX)) { + ; /* Handle Error */ + } else { + lhs8 << rhs11; // COMPLIANT: lhs8's precision is not strictly greater than + // rhs11, but it's inside a PRECISION guard + } + if (rhs12 >= PRECISION(INT_MAX)) { + ; /* Handle Error */ + } else { + lhs8 << rhs12; // COMPLIANT: lhs8's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + } + if (rhs13 >= PRECISION(INT_MAX)) { + ; /* Handle Error */ + } else { + lhs8 << rhs13; // COMPLIANT: lhs8's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + } + if (rhs14 >= PRECISION(INT_MAX)) { + ; /* Handle Error */ + } else { + lhs8 << rhs14; // COMPLIANT: lhs8's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + } + if (rhs6 >= PRECISION(ULONG_MAX)) { + ; /* Handle Error */ + } else { + lhs9 << rhs6; // COMPLIANT: lhs9's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + } + if (rhs9 >= PRECISION(ULONG_MAX)) { + ; /* Handle Error */ + } else { + lhs9 << rhs9; // COMPLIANT: lhs9's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + } + if (rhs12 >= PRECISION(ULONG_MAX)) { + ; /* Handle Error */ + } else { + lhs9 << rhs12; // COMPLIANT: lhs9's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + } + if (rhs13 >= PRECISION(ULONG_MAX)) { + ; /* Handle Error */ + } else { + lhs9 << rhs13; // COMPLIANT: lhs9's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + } + if (rhs14 >= PRECISION(ULONG_MAX)) { + ; /* Handle Error */ + } else { + lhs9 << rhs14; // COMPLIANT: lhs9's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + } + if (rhs6 >= PRECISION(LONG_MAX)) { + ; /* Handle Error */ + } else { + lhs10 << rhs6; // COMPLIANT: lhs10's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + } + if (rhs7 >= PRECISION(LONG_MAX)) { + ; /* Handle Error */ + } else { + lhs10 << rhs7; // COMPLIANT: lhs10's precision is not strictly greater than + // rhs7, but it's inside a PRECISION guard + } + if (rhs8 >= PRECISION(LONG_MAX)) { + ; /* Handle Error */ + } else { + lhs10 << rhs8; // COMPLIANT: lhs10's precision is not strictly greater than + // rhs8, but it's inside a PRECISION guard + } + if (rhs9 >= PRECISION(LONG_MAX)) { + ; /* Handle Error */ + } else { + lhs10 << rhs9; // COMPLIANT: lhs10's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + } + if (rhs10 >= PRECISION(LONG_MAX)) { + ; /* Handle Error */ + } else { + lhs10 << rhs10; // COMPLIANT: lhs10's precision is not strictly greater than + // rhs10, but it's inside a PRECISION guard + } + if (rhs11 >= PRECISION(LONG_MAX)) { + ; /* Handle Error */ + } else { + lhs10 << rhs11; // COMPLIANT: lhs10's precision is not strictly greater than + // rhs11, but it's inside a PRECISION guard + } + if (rhs12 >= PRECISION(LONG_MAX)) { + ; /* Handle Error */ + } else { + lhs10 << rhs12; // COMPLIANT: lhs10's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + } + if (rhs13 >= PRECISION(LONG_MAX)) { + ; /* Handle Error */ + } else { + lhs10 << rhs13; // COMPLIANT: lhs10's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + } + if (rhs14 >= PRECISION(LONG_MAX)) { + ; /* Handle Error */ + } else { + lhs10 << rhs14; // COMPLIANT: lhs10's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + } + if (rhs6 >= PRECISION(LONG_MAX)) { + ; /* Handle Error */ + } else { + lhs11 << rhs6; // COMPLIANT: lhs11's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + } + if (rhs7 >= PRECISION(LONG_MAX)) { + ; /* Handle Error */ + } else { + lhs11 << rhs7; // COMPLIANT: lhs11's precision is not strictly greater than + // rhs7, but it's inside a PRECISION guard + } + if (rhs8 >= PRECISION(LONG_MAX)) { + ; /* Handle Error */ + } else { + lhs11 << rhs8; // COMPLIANT: lhs11's precision is not strictly greater than + // rhs8, but it's inside a PRECISION guard + } + if (rhs9 >= PRECISION(LONG_MAX)) { + ; /* Handle Error */ + } else { + lhs11 << rhs9; // COMPLIANT: lhs11's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + } + if (rhs10 >= PRECISION(LONG_MAX)) { + ; /* Handle Error */ + } else { + lhs11 << rhs10; // COMPLIANT: lhs11's precision is not strictly greater than + // rhs10, but it's inside a PRECISION guard + } + if (rhs11 >= PRECISION(LONG_MAX)) { + ; /* Handle Error */ + } else { + lhs11 << rhs11; // COMPLIANT: lhs11's precision is not strictly greater than + // rhs11, but it's inside a PRECISION guard + } + if (rhs12 >= PRECISION(LONG_MAX)) { + ; /* Handle Error */ + } else { + lhs11 << rhs12; // COMPLIANT: lhs11's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + } + if (rhs13 >= PRECISION(LONG_MAX)) { + ; /* Handle Error */ + } else { + lhs11 << rhs13; // COMPLIANT: lhs11's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + } + if (rhs14 >= PRECISION(LONG_MAX)) { + ; /* Handle Error */ + } else { + lhs11 << rhs14; // COMPLIANT: lhs11's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + } + if (rhs12 >= PRECISION(ULLONG_MAX)) { + ; /* Handle Error */ + } else { + lhs12 << rhs12; // COMPLIANT: lhs12's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + } + if (rhs12 >= PRECISION(LLONG_MAX)) { + ; /* Handle Error */ + } else { + lhs13 << rhs12; // COMPLIANT: lhs13's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + } + if (rhs13 >= PRECISION(LLONG_MAX)) { + ; /* Handle Error */ + } else { + lhs13 << rhs13; // COMPLIANT: lhs13's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + } + if (rhs14 >= PRECISION(LLONG_MAX)) { + ; /* Handle Error */ + } else { + lhs13 << rhs14; // COMPLIANT: lhs13's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + } + if (rhs12 >= PRECISION(LLONG_MAX)) { + ; /* Handle Error */ + } else { + lhs14 << rhs12; // COMPLIANT: lhs14's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + } + if (rhs13 >= PRECISION(LLONG_MAX)) { + ; /* Handle Error */ + } else { + lhs14 << rhs13; // COMPLIANT: lhs14's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + } + if (rhs14 >= PRECISION(LLONG_MAX)) { + ; /* Handle Error */ + } else { + lhs14 << rhs14; // COMPLIANT: lhs14's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + } + + /* ========== Right shifts ========== */ + + lhs0 >> + rhs0; // NON_COMPLIANT: lhs0's precision is not strictly greater than rhs0 + lhs0 >> rhs1; // COMPLIANT: lhs0's precision is strictly greater than rhs1 + lhs0 >> rhs2; // COMPLIANT: lhs0's precision is strictly greater than rhs2 + lhs0 >> + rhs3; // NON_COMPLIANT: lhs0's precision is not strictly greater than rhs3 + lhs0 >> + rhs4; // NON_COMPLIANT: lhs0's precision is not strictly greater than rhs4 + lhs0 >> + rhs5; // NON_COMPLIANT: lhs0's precision is not strictly greater than rhs5 + lhs0 >> + rhs6; // NON_COMPLIANT: lhs0's precision is not strictly greater than rhs6 + lhs0 >> + rhs7; // NON_COMPLIANT: lhs0's precision is not strictly greater than rhs7 + lhs0 >> + rhs8; // NON_COMPLIANT: lhs0's precision is not strictly greater than rhs8 + lhs0 >> + rhs9; // NON_COMPLIANT: lhs0's precision is not strictly greater than rhs9 + lhs0 >> rhs10; // NON_COMPLIANT: lhs0's precision is not strictly greater than + // rhs10 + lhs0 >> rhs11; // NON_COMPLIANT: lhs0's precision is not strictly greater than + // rhs11 + lhs0 >> rhs12; // NON_COMPLIANT: lhs0's precision is not strictly greater than + // rhs12 + lhs0 >> rhs13; // NON_COMPLIANT: lhs0's precision is not strictly greater than + // rhs13 + lhs0 >> rhs14; // NON_COMPLIANT: lhs0's precision is not strictly greater than + // rhs14 + lhs1 >> + rhs0; // NON_COMPLIANT: lhs1's precision is not strictly greater than rhs0 + lhs1 >> + rhs1; // NON_COMPLIANT: lhs1's precision is not strictly greater than rhs1 + lhs1 >> + rhs2; // NON_COMPLIANT: lhs1's precision is not strictly greater than rhs2 + lhs1 >> + rhs3; // NON_COMPLIANT: lhs1's precision is not strictly greater than rhs3 + lhs1 >> + rhs4; // NON_COMPLIANT: lhs1's precision is not strictly greater than rhs4 + lhs1 >> + rhs5; // NON_COMPLIANT: lhs1's precision is not strictly greater than rhs5 + lhs1 >> + rhs6; // NON_COMPLIANT: lhs1's precision is not strictly greater than rhs6 + lhs1 >> + rhs7; // NON_COMPLIANT: lhs1's precision is not strictly greater than rhs7 + lhs1 >> + rhs8; // NON_COMPLIANT: lhs1's precision is not strictly greater than rhs8 + lhs1 >> + rhs9; // NON_COMPLIANT: lhs1's precision is not strictly greater than rhs9 + lhs1 >> rhs10; // NON_COMPLIANT: lhs1's precision is not strictly greater than + // rhs10 + lhs1 >> rhs11; // NON_COMPLIANT: lhs1's precision is not strictly greater than + // rhs11 + lhs1 >> rhs12; // NON_COMPLIANT: lhs1's precision is not strictly greater than + // rhs12 + lhs1 >> rhs13; // NON_COMPLIANT: lhs1's precision is not strictly greater than + // rhs13 + lhs1 >> rhs14; // NON_COMPLIANT: lhs1's precision is not strictly greater than + // rhs14 + lhs2 >> + rhs0; // NON_COMPLIANT: lhs2's precision is not strictly greater than rhs0 + lhs2 >> + rhs1; // NON_COMPLIANT: lhs2's precision is not strictly greater than rhs1 + lhs2 >> + rhs2; // NON_COMPLIANT: lhs2's precision is not strictly greater than rhs2 + lhs2 >> + rhs3; // NON_COMPLIANT: lhs2's precision is not strictly greater than rhs3 + lhs2 >> + rhs4; // NON_COMPLIANT: lhs2's precision is not strictly greater than rhs4 + lhs2 >> + rhs5; // NON_COMPLIANT: lhs2's precision is not strictly greater than rhs5 + lhs2 >> + rhs6; // NON_COMPLIANT: lhs2's precision is not strictly greater than rhs6 + lhs2 >> + rhs7; // NON_COMPLIANT: lhs2's precision is not strictly greater than rhs7 + lhs2 >> + rhs8; // NON_COMPLIANT: lhs2's precision is not strictly greater than rhs8 + lhs2 >> + rhs9; // NON_COMPLIANT: lhs2's precision is not strictly greater than rhs9 + lhs2 >> rhs10; // NON_COMPLIANT: lhs2's precision is not strictly greater than + // rhs10 + lhs2 >> rhs11; // NON_COMPLIANT: lhs2's precision is not strictly greater than + // rhs11 + lhs2 >> rhs12; // NON_COMPLIANT: lhs2's precision is not strictly greater than + // rhs12 + lhs2 >> rhs13; // NON_COMPLIANT: lhs2's precision is not strictly greater than + // rhs13 + lhs2 >> rhs14; // NON_COMPLIANT: lhs2's precision is not strictly greater than + // rhs14 + lhs3 >> rhs0; // COMPLIANT: lhs3's precision is strictly greater than rhs0 + lhs3 >> rhs1; // COMPLIANT: lhs3's precision is strictly greater than rhs1 + lhs3 >> rhs2; // COMPLIANT: lhs3's precision is strictly greater than rhs2 + lhs3 >> + rhs3; // NON_COMPLIANT: lhs3's precision is not strictly greater than rhs3 + lhs3 >> rhs4; // COMPLIANT: lhs3's precision is strictly greater than rhs4 + lhs3 >> rhs5; // COMPLIANT: lhs3's precision is strictly greater than rhs5 + lhs3 >> + rhs6; // NON_COMPLIANT: lhs3's precision is not strictly greater than rhs6 + lhs3 >> + rhs7; // NON_COMPLIANT: lhs3's precision is not strictly greater than rhs7 + lhs3 >> + rhs8; // NON_COMPLIANT: lhs3's precision is not strictly greater than rhs8 + lhs3 >> + rhs9; // NON_COMPLIANT: lhs3's precision is not strictly greater than rhs9 + lhs3 >> rhs10; // NON_COMPLIANT: lhs3's precision is not strictly greater than + // rhs10 + lhs3 >> rhs11; // NON_COMPLIANT: lhs3's precision is not strictly greater than + // rhs11 + lhs3 >> rhs12; // NON_COMPLIANT: lhs3's precision is not strictly greater than + // rhs12 + lhs3 >> rhs13; // NON_COMPLIANT: lhs3's precision is not strictly greater than + // rhs13 + lhs3 >> rhs14; // NON_COMPLIANT: lhs3's precision is not strictly greater than + // rhs14 + lhs4 >> rhs0; // COMPLIANT: lhs4's precision is strictly greater than rhs0 + lhs4 >> rhs1; // COMPLIANT: lhs4's precision is strictly greater than rhs1 + lhs4 >> rhs2; // COMPLIANT: lhs4's precision is strictly greater than rhs2 + lhs4 >> + rhs3; // NON_COMPLIANT: lhs4's precision is not strictly greater than rhs3 + lhs4 >> + rhs4; // NON_COMPLIANT: lhs4's precision is not strictly greater than rhs4 + lhs4 >> + rhs5; // NON_COMPLIANT: lhs4's precision is not strictly greater than rhs5 + lhs4 >> + rhs6; // NON_COMPLIANT: lhs4's precision is not strictly greater than rhs6 + lhs4 >> + rhs7; // NON_COMPLIANT: lhs4's precision is not strictly greater than rhs7 + lhs4 >> + rhs8; // NON_COMPLIANT: lhs4's precision is not strictly greater than rhs8 + lhs4 >> + rhs9; // NON_COMPLIANT: lhs4's precision is not strictly greater than rhs9 + lhs4 >> rhs10; // NON_COMPLIANT: lhs4's precision is not strictly greater than + // rhs10 + lhs4 >> rhs11; // NON_COMPLIANT: lhs4's precision is not strictly greater than + // rhs11 + lhs4 >> rhs12; // NON_COMPLIANT: lhs4's precision is not strictly greater than + // rhs12 + lhs4 >> rhs13; // NON_COMPLIANT: lhs4's precision is not strictly greater than + // rhs13 + lhs4 >> rhs14; // NON_COMPLIANT: lhs4's precision is not strictly greater than + // rhs14 + lhs5 >> rhs0; // COMPLIANT: lhs5's precision is strictly greater than rhs0 + lhs5 >> rhs1; // COMPLIANT: lhs5's precision is strictly greater than rhs1 + lhs5 >> rhs2; // COMPLIANT: lhs5's precision is strictly greater than rhs2 + lhs5 >> + rhs3; // NON_COMPLIANT: lhs5's precision is not strictly greater than rhs3 + lhs5 >> + rhs4; // NON_COMPLIANT: lhs5's precision is not strictly greater than rhs4 + lhs5 >> + rhs5; // NON_COMPLIANT: lhs5's precision is not strictly greater than rhs5 + lhs5 >> + rhs6; // NON_COMPLIANT: lhs5's precision is not strictly greater than rhs6 + lhs5 >> + rhs7; // NON_COMPLIANT: lhs5's precision is not strictly greater than rhs7 + lhs5 >> + rhs8; // NON_COMPLIANT: lhs5's precision is not strictly greater than rhs8 + lhs5 >> + rhs9; // NON_COMPLIANT: lhs5's precision is not strictly greater than rhs9 + lhs5 >> rhs10; // NON_COMPLIANT: lhs5's precision is not strictly greater than + // rhs10 + lhs5 >> rhs11; // NON_COMPLIANT: lhs5's precision is not strictly greater than + // rhs11 + lhs5 >> rhs12; // NON_COMPLIANT: lhs5's precision is not strictly greater than + // rhs12 + lhs5 >> rhs13; // NON_COMPLIANT: lhs5's precision is not strictly greater than + // rhs13 + lhs5 >> rhs14; // NON_COMPLIANT: lhs5's precision is not strictly greater than + // rhs14 + lhs6 >> rhs0; // COMPLIANT: lhs6's precision is strictly greater than rhs0 + lhs6 >> rhs1; // COMPLIANT: lhs6's precision is strictly greater than rhs1 + lhs6 >> rhs2; // COMPLIANT: lhs6's precision is strictly greater than rhs2 + lhs6 >> rhs3; // COMPLIANT: lhs6's precision is strictly greater than rhs3 + lhs6 >> rhs4; // COMPLIANT: lhs6's precision is strictly greater than rhs4 + lhs6 >> rhs5; // COMPLIANT: lhs6's precision is strictly greater than rhs5 + lhs6 >> + rhs6; // NON_COMPLIANT: lhs6's precision is not strictly greater than rhs6 + lhs6 >> rhs7; // COMPLIANT: lhs6's precision is strictly greater than rhs7 + lhs6 >> rhs8; // COMPLIANT: lhs6's precision is strictly greater than rhs8 + lhs6 >> + rhs9; // NON_COMPLIANT: lhs6's precision is not strictly greater than rhs9 + lhs6 >> rhs10; // COMPLIANT: lhs6's precision is strictly greater than rhs10 + lhs6 >> rhs11; // COMPLIANT: lhs6's precision is strictly greater than rhs11 + lhs6 >> rhs12; // NON_COMPLIANT: lhs6's precision is not strictly greater than + // rhs12 + lhs6 >> rhs13; // NON_COMPLIANT: lhs6's precision is not strictly greater than + // rhs13 + lhs6 >> rhs14; // NON_COMPLIANT: lhs6's precision is not strictly greater than + // rhs14 + lhs7 >> rhs0; // COMPLIANT: lhs7's precision is strictly greater than rhs0 + lhs7 >> rhs1; // COMPLIANT: lhs7's precision is strictly greater than rhs1 + lhs7 >> rhs2; // COMPLIANT: lhs7's precision is strictly greater than rhs2 + lhs7 >> rhs3; // COMPLIANT: lhs7's precision is strictly greater than rhs3 + lhs7 >> rhs4; // COMPLIANT: lhs7's precision is strictly greater than rhs4 + lhs7 >> rhs5; // COMPLIANT: lhs7's precision is strictly greater than rhs5 + lhs7 >> + rhs6; // NON_COMPLIANT: lhs7's precision is not strictly greater than rhs6 + lhs7 >> + rhs7; // NON_COMPLIANT: lhs7's precision is not strictly greater than rhs7 + lhs7 >> + rhs8; // NON_COMPLIANT: lhs7's precision is not strictly greater than rhs8 + lhs7 >> + rhs9; // NON_COMPLIANT: lhs7's precision is not strictly greater than rhs9 + lhs7 >> rhs10; // NON_COMPLIANT: lhs7's precision is not strictly greater than + // rhs10 + lhs7 >> rhs11; // NON_COMPLIANT: lhs7's precision is not strictly greater than + // rhs11 + lhs7 >> rhs12; // NON_COMPLIANT: lhs7's precision is not strictly greater than + // rhs12 + lhs7 >> rhs13; // NON_COMPLIANT: lhs7's precision is not strictly greater than + // rhs13 + lhs7 >> rhs14; // NON_COMPLIANT: lhs7's precision is not strictly greater than + // rhs14 + lhs8 >> rhs0; // COMPLIANT: lhs8's precision is strictly greater than rhs0 + lhs8 >> rhs1; // COMPLIANT: lhs8's precision is strictly greater than rhs1 + lhs8 >> rhs2; // COMPLIANT: lhs8's precision is strictly greater than rhs2 + lhs8 >> rhs3; // COMPLIANT: lhs8's precision is strictly greater than rhs3 + lhs8 >> rhs4; // COMPLIANT: lhs8's precision is strictly greater than rhs4 + lhs8 >> rhs5; // COMPLIANT: lhs8's precision is strictly greater than rhs5 + lhs8 >> + rhs6; // NON_COMPLIANT: lhs8's precision is not strictly greater than rhs6 + lhs8 >> + rhs7; // NON_COMPLIANT: lhs8's precision is not strictly greater than rhs7 + lhs8 >> + rhs8; // NON_COMPLIANT: lhs8's precision is not strictly greater than rhs8 + lhs8 >> + rhs9; // NON_COMPLIANT: lhs8's precision is not strictly greater than rhs9 + lhs8 >> rhs10; // NON_COMPLIANT: lhs8's precision is not strictly greater than + // rhs10 + lhs8 >> rhs11; // NON_COMPLIANT: lhs8's precision is not strictly greater than + // rhs11 + lhs8 >> rhs12; // NON_COMPLIANT: lhs8's precision is not strictly greater than + // rhs12 + lhs8 >> rhs13; // NON_COMPLIANT: lhs8's precision is not strictly greater than + // rhs13 + lhs8 >> rhs14; // NON_COMPLIANT: lhs8's precision is not strictly greater than + // rhs14 + lhs9 >> rhs0; // COMPLIANT: lhs9's precision is strictly greater than rhs0 + lhs9 >> rhs1; // COMPLIANT: lhs9's precision is strictly greater than rhs1 + lhs9 >> rhs2; // COMPLIANT: lhs9's precision is strictly greater than rhs2 + lhs9 >> rhs3; // COMPLIANT: lhs9's precision is strictly greater than rhs3 + lhs9 >> rhs4; // COMPLIANT: lhs9's precision is strictly greater than rhs4 + lhs9 >> rhs5; // COMPLIANT: lhs9's precision is strictly greater than rhs5 + lhs9 >> + rhs6; // NON_COMPLIANT: lhs9's precision is not strictly greater than rhs6 + lhs9 >> rhs7; // COMPLIANT: lhs9's precision is strictly greater than rhs7 + lhs9 >> rhs8; // COMPLIANT: lhs9's precision is strictly greater than rhs8 + lhs9 >> + rhs9; // NON_COMPLIANT: lhs9's precision is not strictly greater than rhs9 + lhs9 >> rhs10; // COMPLIANT: lhs9's precision is strictly greater than rhs10 + lhs9 >> rhs11; // COMPLIANT: lhs9's precision is strictly greater than rhs11 + lhs9 >> rhs12; // NON_COMPLIANT: lhs9's precision is not strictly greater than + // rhs12 + lhs9 >> rhs13; // NON_COMPLIANT: lhs9's precision is not strictly greater than + // rhs13 + lhs9 >> rhs14; // NON_COMPLIANT: lhs9's precision is not strictly greater than + // rhs14 + lhs10 >> rhs0; // COMPLIANT: lhs10's precision is strictly greater than rhs0 + lhs10 >> rhs1; // COMPLIANT: lhs10's precision is strictly greater than rhs1 + lhs10 >> rhs2; // COMPLIANT: lhs10's precision is strictly greater than rhs2 + lhs10 >> rhs3; // COMPLIANT: lhs10's precision is strictly greater than rhs3 + lhs10 >> rhs4; // COMPLIANT: lhs10's precision is strictly greater than rhs4 + lhs10 >> rhs5; // COMPLIANT: lhs10's precision is strictly greater than rhs5 + lhs10 >> rhs6; // NON_COMPLIANT: lhs10's precision is not strictly greater + // than rhs6 + lhs10 >> rhs7; // NON_COMPLIANT: lhs10's precision is not strictly greater + // than rhs7 + lhs10 >> rhs8; // NON_COMPLIANT: lhs10's precision is not strictly greater + // than rhs8 + lhs10 >> rhs9; // NON_COMPLIANT: lhs10's precision is not strictly greater + // than rhs9 + lhs10 >> rhs10; // NON_COMPLIANT: lhs10's precision is not strictly greater + // than rhs10 + lhs10 >> rhs11; // NON_COMPLIANT: lhs10's precision is not strictly greater + // than rhs11 + lhs10 >> rhs12; // NON_COMPLIANT: lhs10's precision is not strictly greater + // than rhs12 + lhs10 >> rhs13; // NON_COMPLIANT: lhs10's precision is not strictly greater + // than rhs13 + lhs10 >> rhs14; // NON_COMPLIANT: lhs10's precision is not strictly greater + // than rhs14 + lhs11 >> rhs0; // COMPLIANT: lhs11's precision is strictly greater than rhs0 + lhs11 >> rhs1; // COMPLIANT: lhs11's precision is strictly greater than rhs1 + lhs11 >> rhs2; // COMPLIANT: lhs11's precision is strictly greater than rhs2 + lhs11 >> rhs3; // COMPLIANT: lhs11's precision is strictly greater than rhs3 + lhs11 >> rhs4; // COMPLIANT: lhs11's precision is strictly greater than rhs4 + lhs11 >> rhs5; // COMPLIANT: lhs11's precision is strictly greater than rhs5 + lhs11 >> rhs6; // NON_COMPLIANT: lhs11's precision is not strictly greater + // than rhs6 + lhs11 >> rhs7; // NON_COMPLIANT: lhs11's precision is not strictly greater + // than rhs7 + lhs11 >> rhs8; // NON_COMPLIANT: lhs11's precision is not strictly greater + // than rhs8 + lhs11 >> rhs9; // NON_COMPLIANT: lhs11's precision is not strictly greater + // than rhs9 + lhs11 >> rhs10; // NON_COMPLIANT: lhs11's precision is not strictly greater + // than rhs10 + lhs11 >> rhs11; // NON_COMPLIANT: lhs11's precision is not strictly greater + // than rhs11 + lhs11 >> rhs12; // NON_COMPLIANT: lhs11's precision is not strictly greater + // than rhs12 + lhs11 >> rhs13; // NON_COMPLIANT: lhs11's precision is not strictly greater + // than rhs13 + lhs11 >> rhs14; // NON_COMPLIANT: lhs11's precision is not strictly greater + // than rhs14 + lhs12 >> rhs0; // COMPLIANT: lhs12's precision is strictly greater than rhs0 + lhs12 >> rhs1; // COMPLIANT: lhs12's precision is strictly greater than rhs1 + lhs12 >> rhs2; // COMPLIANT: lhs12's precision is strictly greater than rhs2 + lhs12 >> rhs3; // COMPLIANT: lhs12's precision is strictly greater than rhs3 + lhs12 >> rhs4; // COMPLIANT: lhs12's precision is strictly greater than rhs4 + lhs12 >> rhs5; // COMPLIANT: lhs12's precision is strictly greater than rhs5 + lhs12 >> rhs6; // COMPLIANT: lhs12's precision is strictly greater than rhs6 + lhs12 >> rhs7; // COMPLIANT: lhs12's precision is strictly greater than rhs7 + lhs12 >> rhs8; // COMPLIANT: lhs12's precision is strictly greater than rhs8 + lhs12 >> rhs9; // COMPLIANT: lhs12's precision is strictly greater than rhs9 + lhs12 >> rhs10; // COMPLIANT: lhs12's precision is strictly greater than rhs10 + lhs12 >> rhs11; // COMPLIANT: lhs12's precision is strictly greater than rhs11 + lhs12 >> rhs12; // NON_COMPLIANT: lhs12's precision is not strictly greater + // than rhs12 + lhs12 >> rhs13; // COMPLIANT: lhs12's precision is strictly greater than rhs13 + lhs12 >> rhs14; // COMPLIANT: lhs12's precision is strictly greater than rhs14 + lhs13 >> rhs0; // COMPLIANT: lhs13's precision is strictly greater than rhs0 + lhs13 >> rhs1; // COMPLIANT: lhs13's precision is strictly greater than rhs1 + lhs13 >> rhs2; // COMPLIANT: lhs13's precision is strictly greater than rhs2 + lhs13 >> rhs3; // COMPLIANT: lhs13's precision is strictly greater than rhs3 + lhs13 >> rhs4; // COMPLIANT: lhs13's precision is strictly greater than rhs4 + lhs13 >> rhs5; // COMPLIANT: lhs13's precision is strictly greater than rhs5 + lhs13 >> rhs6; // COMPLIANT: lhs13's precision is strictly greater than rhs6 + lhs13 >> rhs7; // COMPLIANT: lhs13's precision is strictly greater than rhs7 + lhs13 >> rhs8; // COMPLIANT: lhs13's precision is strictly greater than rhs8 + lhs13 >> rhs9; // COMPLIANT: lhs13's precision is strictly greater than rhs9 + lhs13 >> rhs10; // COMPLIANT: lhs13's precision is strictly greater than rhs10 + lhs13 >> rhs11; // COMPLIANT: lhs13's precision is strictly greater than rhs11 + lhs13 >> rhs12; // NON_COMPLIANT: lhs13's precision is not strictly greater + // than rhs12 + lhs13 >> rhs13; // NON_COMPLIANT: lhs13's precision is not strictly greater + // than rhs13 + lhs13 >> rhs14; // NON_COMPLIANT: lhs13's precision is not strictly greater + // than rhs14 + lhs14 >> rhs0; // COMPLIANT: lhs14's precision is strictly greater than rhs0 + lhs14 >> rhs1; // COMPLIANT: lhs14's precision is strictly greater than rhs1 + lhs14 >> rhs2; // COMPLIANT: lhs14's precision is strictly greater than rhs2 + lhs14 >> rhs3; // COMPLIANT: lhs14's precision is strictly greater than rhs3 + lhs14 >> rhs4; // COMPLIANT: lhs14's precision is strictly greater than rhs4 + lhs14 >> rhs5; // COMPLIANT: lhs14's precision is strictly greater than rhs5 + lhs14 >> rhs6; // COMPLIANT: lhs14's precision is strictly greater than rhs6 + lhs14 >> rhs7; // COMPLIANT: lhs14's precision is strictly greater than rhs7 + lhs14 >> rhs8; // COMPLIANT: lhs14's precision is strictly greater than rhs8 + lhs14 >> rhs9; // COMPLIANT: lhs14's precision is strictly greater than rhs9 + lhs14 >> rhs10; // COMPLIANT: lhs14's precision is strictly greater than rhs10 + lhs14 >> rhs11; // COMPLIANT: lhs14's precision is strictly greater than rhs11 + lhs14 >> rhs12; // NON_COMPLIANT: lhs14's precision is not strictly greater + // than rhs12 + lhs14 >> rhs13; // NON_COMPLIANT: lhs14's precision is not strictly greater + // than rhs13 + lhs14 >> rhs14; // NON_COMPLIANT: lhs14's precision is not strictly greater + // than rhs14 - /* left shift */ + /* ===== Right shift with guards, the shift expression is at `then` branch + * ===== */ - x0 << x0; // NON_COMPLIANT: x0's precision is not strictly greater than x0's - x0 << x1; // COMPLIANT: x0's precision is strictly greater than x1's - x0 << x2; // COMPLIANT: x0's precision is strictly greater than x2's - x0 << x3; // NON_COMPLIANT: x0's precision is not strictly greater than x3's - x0 << x4; // NON_COMPLIANT: x0's precision is not strictly greater than x4's - x0 << x5; // NON_COMPLIANT: x0's precision is not strictly greater than x5's - x0 << x6; // NON_COMPLIANT: x0's precision is not strictly greater than x6's - x0 << x7; // NON_COMPLIANT: x0's precision is not strictly greater than x7's - x0 << x8; // NON_COMPLIANT: x0's precision is not strictly greater than x8's - x0 << x9; // NON_COMPLIANT: x0's precision is not strictly greater than x9's - x0 << x10; // NON_COMPLIANT: x0's precision is not strictly greater than x10's - x0 << x11; // NON_COMPLIANT: x0's precision is not strictly greater than x11's - x0 << x12; // NON_COMPLIANT: x0's precision is not strictly greater than x12's - x0 << x13; // NON_COMPLIANT: x0's precision is not strictly greater than x13's - x0 << x14; // NON_COMPLIANT: x0's precision is not strictly greater than x14's - x1 << x0; // NON_COMPLIANT: x1's precision is not strictly greater than x0's - x1 << x1; // NON_COMPLIANT: x1's precision is not strictly greater than x1's - x1 << x2; // NON_COMPLIANT: x1's precision is not strictly greater than x2's - x1 << x3; // NON_COMPLIANT: x1's precision is not strictly greater than x3's - x1 << x4; // NON_COMPLIANT: x1's precision is not strictly greater than x4's - x1 << x5; // NON_COMPLIANT: x1's precision is not strictly greater than x5's - x1 << x6; // NON_COMPLIANT: x1's precision is not strictly greater than x6's - x1 << x7; // NON_COMPLIANT: x1's precision is not strictly greater than x7's - x1 << x8; // NON_COMPLIANT: x1's precision is not strictly greater than x8's - x1 << x9; // NON_COMPLIANT: x1's precision is not strictly greater than x9's - x1 << x10; // NON_COMPLIANT: x1's precision is not strictly greater than x10's - x1 << x11; // NON_COMPLIANT: x1's precision is not strictly greater than x11's - x1 << x12; // NON_COMPLIANT: x1's precision is not strictly greater than x12's - x1 << x13; // NON_COMPLIANT: x1's precision is not strictly greater than x13's - x1 << x14; // NON_COMPLIANT: x1's precision is not strictly greater than x14's - x2 << x0; // NON_COMPLIANT: x2's precision is not strictly greater than x0's - x2 << x1; // NON_COMPLIANT: x2's precision is not strictly greater than x1's - x2 << x2; // NON_COMPLIANT: x2's precision is not strictly greater than x2's - x2 << x3; // NON_COMPLIANT: x2's precision is not strictly greater than x3's - x2 << x4; // NON_COMPLIANT: x2's precision is not strictly greater than x4's - x2 << x5; // NON_COMPLIANT: x2's precision is not strictly greater than x5's - x2 << x6; // NON_COMPLIANT: x2's precision is not strictly greater than x6's - x2 << x7; // NON_COMPLIANT: x2's precision is not strictly greater than x7's - x2 << x8; // NON_COMPLIANT: x2's precision is not strictly greater than x8's - x2 << x9; // NON_COMPLIANT: x2's precision is not strictly greater than x9's - x2 << x10; // NON_COMPLIANT: x2's precision is not strictly greater than x10's - x2 << x11; // NON_COMPLIANT: x2's precision is not strictly greater than x11's - x2 << x12; // NON_COMPLIANT: x2's precision is not strictly greater than x12's - x2 << x13; // NON_COMPLIANT: x2's precision is not strictly greater than x13's - x2 << x14; // NON_COMPLIANT: x2's precision is not strictly greater than x14's - x3 << x0; // COMPLIANT: x3's precision is strictly greater than x0's - x3 << x1; // COMPLIANT: x3's precision is strictly greater than x1's - x3 << x2; // COMPLIANT: x3's precision is strictly greater than x2's - x3 << x3; // NON_COMPLIANT: x3's precision is not strictly greater than x3's - x3 << x4; // COMPLIANT: x3's precision is strictly greater than x4's - x3 << x5; // COMPLIANT: x3's precision is strictly greater than x5's - x3 << x6; // NON_COMPLIANT: x3's precision is not strictly greater than x6's - x3 << x7; // NON_COMPLIANT: x3's precision is not strictly greater than x7's - x3 << x8; // NON_COMPLIANT: x3's precision is not strictly greater than x8's - x3 << x9; // NON_COMPLIANT: x3's precision is not strictly greater than x9's - x3 << x10; // NON_COMPLIANT: x3's precision is not strictly greater than x10's - x3 << x11; // NON_COMPLIANT: x3's precision is not strictly greater than x11's - x3 << x12; // NON_COMPLIANT: x3's precision is not strictly greater than x12's - x3 << x13; // NON_COMPLIANT: x3's precision is not strictly greater than x13's - x3 << x14; // NON_COMPLIANT: x3's precision is not strictly greater than x14's - x4 << x0; // COMPLIANT: x4's precision is strictly greater than x0's - x4 << x1; // COMPLIANT: x4's precision is strictly greater than x1's - x4 << x2; // COMPLIANT: x4's precision is strictly greater than x2's - x4 << x3; // NON_COMPLIANT: x4's precision is not strictly greater than x3's - x4 << x4; // NON_COMPLIANT: x4's precision is not strictly greater than x4's - x4 << x5; // NON_COMPLIANT: x4's precision is not strictly greater than x5's - x4 << x6; // NON_COMPLIANT: x4's precision is not strictly greater than x6's - x4 << x7; // NON_COMPLIANT: x4's precision is not strictly greater than x7's - x4 << x8; // NON_COMPLIANT: x4's precision is not strictly greater than x8's - x4 << x9; // NON_COMPLIANT: x4's precision is not strictly greater than x9's - x4 << x10; // NON_COMPLIANT: x4's precision is not strictly greater than x10's - x4 << x11; // NON_COMPLIANT: x4's precision is not strictly greater than x11's - x4 << x12; // NON_COMPLIANT: x4's precision is not strictly greater than x12's - x4 << x13; // NON_COMPLIANT: x4's precision is not strictly greater than x13's - x4 << x14; // NON_COMPLIANT: x4's precision is not strictly greater than x14's - x5 << x0; // COMPLIANT: x5's precision is strictly greater than x0's - x5 << x1; // COMPLIANT: x5's precision is strictly greater than x1's - x5 << x2; // COMPLIANT: x5's precision is strictly greater than x2's - x5 << x3; // NON_COMPLIANT: x5's precision is not strictly greater than x3's - x5 << x4; // NON_COMPLIANT: x5's precision is not strictly greater than x4's - x5 << x5; // NON_COMPLIANT: x5's precision is not strictly greater than x5's - x5 << x6; // NON_COMPLIANT: x5's precision is not strictly greater than x6's - x5 << x7; // NON_COMPLIANT: x5's precision is not strictly greater than x7's - x5 << x8; // NON_COMPLIANT: x5's precision is not strictly greater than x8's - x5 << x9; // NON_COMPLIANT: x5's precision is not strictly greater than x9's - x5 << x10; // NON_COMPLIANT: x5's precision is not strictly greater than x10's - x5 << x11; // NON_COMPLIANT: x5's precision is not strictly greater than x11's - x5 << x12; // NON_COMPLIANT: x5's precision is not strictly greater than x12's - x5 << x13; // NON_COMPLIANT: x5's precision is not strictly greater than x13's - x5 << x14; // NON_COMPLIANT: x5's precision is not strictly greater than x14's - x6 << x0; // COMPLIANT: x6's precision is strictly greater than x0's - x6 << x1; // COMPLIANT: x6's precision is strictly greater than x1's - x6 << x2; // COMPLIANT: x6's precision is strictly greater than x2's - x6 << x3; // COMPLIANT: x6's precision is strictly greater than x3's - x6 << x4; // COMPLIANT: x6's precision is strictly greater than x4's - x6 << x5; // COMPLIANT: x6's precision is strictly greater than x5's - x6 << x6; // NON_COMPLIANT: x6's precision is not strictly greater than x6's - x6 << x7; // COMPLIANT: x6's precision is strictly greater than x7's - x6 << x8; // COMPLIANT: x6's precision is strictly greater than x8's - x6 << x9; // NON_COMPLIANT: x6's precision is not strictly greater than x9's - x6 << x10; // COMPLIANT: x6's precision is strictly greater than x10's - x6 << x11; // COMPLIANT: x6's precision is strictly greater than x11's - x6 << x12; // NON_COMPLIANT: x6's precision is not strictly greater than x12's - x6 << x13; // NON_COMPLIANT: x6's precision is not strictly greater than x13's - x6 << x14; // NON_COMPLIANT: x6's precision is not strictly greater than x14's - x7 << x0; // COMPLIANT: x7's precision is strictly greater than x0's - x7 << x1; // COMPLIANT: x7's precision is strictly greater than x1's - x7 << x2; // COMPLIANT: x7's precision is strictly greater than x2's - x7 << x3; // COMPLIANT: x7's precision is strictly greater than x3's - x7 << x4; // COMPLIANT: x7's precision is strictly greater than x4's - x7 << x5; // COMPLIANT: x7's precision is strictly greater than x5's - x7 << x6; // NON_COMPLIANT: x7's precision is not strictly greater than x6's - x7 << x7; // NON_COMPLIANT: x7's precision is not strictly greater than x7's - x7 << x8; // NON_COMPLIANT: x7's precision is not strictly greater than x8's - x7 << x9; // NON_COMPLIANT: x7's precision is not strictly greater than x9's - x7 << x10; // NON_COMPLIANT: x7's precision is not strictly greater than x10's - x7 << x11; // NON_COMPLIANT: x7's precision is not strictly greater than x11's - x7 << x12; // NON_COMPLIANT: x7's precision is not strictly greater than x12's - x7 << x13; // NON_COMPLIANT: x7's precision is not strictly greater than x13's - x7 << x14; // NON_COMPLIANT: x7's precision is not strictly greater than x14's - x8 << x0; // COMPLIANT: x8's precision is strictly greater than x0's - x8 << x1; // COMPLIANT: x8's precision is strictly greater than x1's - x8 << x2; // COMPLIANT: x8's precision is strictly greater than x2's - x8 << x3; // COMPLIANT: x8's precision is strictly greater than x3's - x8 << x4; // COMPLIANT: x8's precision is strictly greater than x4's - x8 << x5; // COMPLIANT: x8's precision is strictly greater than x5's - x8 << x6; // NON_COMPLIANT: x8's precision is not strictly greater than x6's - x8 << x7; // NON_COMPLIANT: x8's precision is not strictly greater than x7's - x8 << x8; // NON_COMPLIANT: x8's precision is not strictly greater than x8's - x8 << x9; // NON_COMPLIANT: x8's precision is not strictly greater than x9's - x8 << x10; // NON_COMPLIANT: x8's precision is not strictly greater than x10's - x8 << x11; // NON_COMPLIANT: x8's precision is not strictly greater than x11's - x8 << x12; // NON_COMPLIANT: x8's precision is not strictly greater than x12's - x8 << x13; // NON_COMPLIANT: x8's precision is not strictly greater than x13's - x8 << x14; // NON_COMPLIANT: x8's precision is not strictly greater than x14's - x9 << x0; // COMPLIANT: x9's precision is strictly greater than x0's - x9 << x1; // COMPLIANT: x9's precision is strictly greater than x1's - x9 << x2; // COMPLIANT: x9's precision is strictly greater than x2's - x9 << x3; // COMPLIANT: x9's precision is strictly greater than x3's - x9 << x4; // COMPLIANT: x9's precision is strictly greater than x4's - x9 << x5; // COMPLIANT: x9's precision is strictly greater than x5's - x9 << x6; // NON_COMPLIANT: x9's precision is not strictly greater than x6's - x9 << x7; // COMPLIANT: x9's precision is strictly greater than x7's - x9 << x8; // COMPLIANT: x9's precision is strictly greater than x8's - x9 << x9; // NON_COMPLIANT: x9's precision is not strictly greater than x9's - x9 << x10; // COMPLIANT: x9's precision is strictly greater than x10's - x9 << x11; // COMPLIANT: x9's precision is strictly greater than x11's - x9 << x12; // NON_COMPLIANT: x9's precision is not strictly greater than x12's - x9 << x13; // NON_COMPLIANT: x9's precision is not strictly greater than x13's - x9 << x14; // NON_COMPLIANT: x9's precision is not strictly greater than x14's - x10 << x0; // COMPLIANT: x10's precision is strictly greater than x0's - x10 << x1; // COMPLIANT: x10's precision is strictly greater than x1's - x10 << x2; // COMPLIANT: x10's precision is strictly greater than x2's - x10 << x3; // COMPLIANT: x10's precision is strictly greater than x3's - x10 << x4; // COMPLIANT: x10's precision is strictly greater than x4's - x10 << x5; // COMPLIANT: x10's precision is strictly greater than x5's - x10 << x6; // NON_COMPLIANT: x10's precision is not strictly greater than x6's - x10 << x7; // NON_COMPLIANT: x10's precision is not strictly greater than x7's - x10 << x8; // NON_COMPLIANT: x10's precision is not strictly greater than x8's - x10 << x9; // NON_COMPLIANT: x10's precision is not strictly greater than x9's - x10 << x10; // NON_COMPLIANT: x10's precision is not strictly greater than - // x10's - x10 << x11; // NON_COMPLIANT: x10's precision is not strictly greater than - // x11's - x10 << x12; // NON_COMPLIANT: x10's precision is not strictly greater than - // x12's - x10 << x13; // NON_COMPLIANT: x10's precision is not strictly greater than - // x13's - x10 << x14; // NON_COMPLIANT: x10's precision is not strictly greater than - // x14's - x11 << x0; // COMPLIANT: x11's precision is strictly greater than x0's - x11 << x1; // COMPLIANT: x11's precision is strictly greater than x1's - x11 << x2; // COMPLIANT: x11's precision is strictly greater than x2's - x11 << x3; // COMPLIANT: x11's precision is strictly greater than x3's - x11 << x4; // COMPLIANT: x11's precision is strictly greater than x4's - x11 << x5; // COMPLIANT: x11's precision is strictly greater than x5's - x11 << x6; // NON_COMPLIANT: x11's precision is not strictly greater than x6's - x11 << x7; // NON_COMPLIANT: x11's precision is not strictly greater than x7's - x11 << x8; // NON_COMPLIANT: x11's precision is not strictly greater than x8's - x11 << x9; // NON_COMPLIANT: x11's precision is not strictly greater than x9's - x11 << x10; // NON_COMPLIANT: x11's precision is not strictly greater than - // x10's - x11 << x11; // NON_COMPLIANT: x11's precision is not strictly greater than - // x11's - x11 << x12; // NON_COMPLIANT: x11's precision is not strictly greater than - // x12's - x11 << x13; // NON_COMPLIANT: x11's precision is not strictly greater than - // x13's - x11 << x14; // NON_COMPLIANT: x11's precision is not strictly greater than - // x14's - x12 << x0; // COMPLIANT: x12's precision is strictly greater than x0's - x12 << x1; // COMPLIANT: x12's precision is strictly greater than x1's - x12 << x2; // COMPLIANT: x12's precision is strictly greater than x2's - x12 << x3; // COMPLIANT: x12's precision is strictly greater than x3's - x12 << x4; // COMPLIANT: x12's precision is strictly greater than x4's - x12 << x5; // COMPLIANT: x12's precision is strictly greater than x5's - x12 << x6; // COMPLIANT: x12's precision is strictly greater than x6's - x12 << x7; // COMPLIANT: x12's precision is strictly greater than x7's - x12 << x8; // COMPLIANT: x12's precision is strictly greater than x8's - x12 << x9; // COMPLIANT: x12's precision is strictly greater than x9's - x12 << x10; // COMPLIANT: x12's precision is strictly greater than x10's - x12 << x11; // COMPLIANT: x12's precision is strictly greater than x11's - x12 << x12; // NON_COMPLIANT: x12's precision is not strictly greater than - // x12's - x12 << x13; // COMPLIANT: x12's precision is strictly greater than x13's - x12 << x14; // COMPLIANT: x12's precision is strictly greater than x14's - x13 << x0; // COMPLIANT: x13's precision is strictly greater than x0's - x13 << x1; // COMPLIANT: x13's precision is strictly greater than x1's - x13 << x2; // COMPLIANT: x13's precision is strictly greater than x2's - x13 << x3; // COMPLIANT: x13's precision is strictly greater than x3's - x13 << x4; // COMPLIANT: x13's precision is strictly greater than x4's - x13 << x5; // COMPLIANT: x13's precision is strictly greater than x5's - x13 << x6; // COMPLIANT: x13's precision is strictly greater than x6's - x13 << x7; // COMPLIANT: x13's precision is strictly greater than x7's - x13 << x8; // COMPLIANT: x13's precision is strictly greater than x8's - x13 << x9; // COMPLIANT: x13's precision is strictly greater than x9's - x13 << x10; // COMPLIANT: x13's precision is strictly greater than x10's - x13 << x11; // COMPLIANT: x13's precision is strictly greater than x11's - x13 << x12; // NON_COMPLIANT: x13's precision is not strictly greater than - // x12's - x13 << x13; // NON_COMPLIANT: x13's precision is not strictly greater than - // x13's - x13 << x14; // NON_COMPLIANT: x13's precision is not strictly greater than - // x14's - x14 << x0; // COMPLIANT: x14's precision is strictly greater than x0's - x14 << x1; // COMPLIANT: x14's precision is strictly greater than x1's - x14 << x2; // COMPLIANT: x14's precision is strictly greater than x2's - x14 << x3; // COMPLIANT: x14's precision is strictly greater than x3's - x14 << x4; // COMPLIANT: x14's precision is strictly greater than x4's - x14 << x5; // COMPLIANT: x14's precision is strictly greater than x5's - x14 << x6; // COMPLIANT: x14's precision is strictly greater than x6's - x14 << x7; // COMPLIANT: x14's precision is strictly greater than x7's - x14 << x8; // COMPLIANT: x14's precision is strictly greater than x8's - x14 << x9; // COMPLIANT: x14's precision is strictly greater than x9's - x14 << x10; // COMPLIANT: x14's precision is strictly greater than x10's - x14 << x11; // COMPLIANT: x14's precision is strictly greater than x11's - x14 << x12; // NON_COMPLIANT: x14's precision is not strictly greater than - // x12's - x14 << x13; // NON_COMPLIANT: x14's precision is not strictly greater than - // x13's - x14 << x14; // NON_COMPLIANT: x14's precision is not strictly greater than - // x14's + if (rhs0 < PRECISION(UCHAR_MAX)) + lhs0 >> rhs0; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs0, but it's inside a PRECISION guard + if (rhs3 < PRECISION(UCHAR_MAX)) + lhs0 >> rhs3; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs3, but it's inside a PRECISION guard + if (rhs4 < PRECISION(UCHAR_MAX)) + lhs0 >> rhs4; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs4, but it's inside a PRECISION guard + if (rhs5 < PRECISION(UCHAR_MAX)) + lhs0 >> rhs5; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs5, but it's inside a PRECISION guard + if (rhs6 < PRECISION(UCHAR_MAX)) + lhs0 >> rhs6; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + if (rhs7 < PRECISION(UCHAR_MAX)) + lhs0 >> rhs7; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs7, but it's inside a PRECISION guard + if (rhs8 < PRECISION(UCHAR_MAX)) + lhs0 >> rhs8; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs8, but it's inside a PRECISION guard + if (rhs9 < PRECISION(UCHAR_MAX)) + lhs0 >> rhs9; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + if (rhs10 < PRECISION(UCHAR_MAX)) + lhs0 >> rhs10; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs10, but it's inside a PRECISION guard + if (rhs11 < PRECISION(UCHAR_MAX)) + lhs0 >> rhs11; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs11, but it's inside a PRECISION guard + if (rhs12 < PRECISION(UCHAR_MAX)) + lhs0 >> rhs12; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + if (rhs13 < PRECISION(UCHAR_MAX)) + lhs0 >> rhs13; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + if (rhs14 < PRECISION(UCHAR_MAX)) + lhs0 >> rhs14; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + if (rhs0 < PRECISION(CHAR_MAX)) + lhs1 >> rhs0; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs0, but it's inside a PRECISION guard + if (rhs1 < PRECISION(CHAR_MAX)) + lhs1 >> rhs1; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs1, but it's inside a PRECISION guard + if (rhs2 < PRECISION(CHAR_MAX)) + lhs1 >> rhs2; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs2, but it's inside a PRECISION guard + if (rhs3 < PRECISION(CHAR_MAX)) + lhs1 >> rhs3; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs3, but it's inside a PRECISION guard + if (rhs4 < PRECISION(CHAR_MAX)) + lhs1 >> rhs4; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs4, but it's inside a PRECISION guard + if (rhs5 < PRECISION(CHAR_MAX)) + lhs1 >> rhs5; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs5, but it's inside a PRECISION guard + if (rhs6 < PRECISION(CHAR_MAX)) + lhs1 >> rhs6; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + if (rhs7 < PRECISION(CHAR_MAX)) + lhs1 >> rhs7; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs7, but it's inside a PRECISION guard + if (rhs8 < PRECISION(CHAR_MAX)) + lhs1 >> rhs8; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs8, but it's inside a PRECISION guard + if (rhs9 < PRECISION(CHAR_MAX)) + lhs1 >> rhs9; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + if (rhs10 < PRECISION(CHAR_MAX)) + lhs1 >> rhs10; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs10, but it's inside a PRECISION guard + if (rhs11 < PRECISION(CHAR_MAX)) + lhs1 >> rhs11; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs11, but it's inside a PRECISION guard + if (rhs12 < PRECISION(CHAR_MAX)) + lhs1 >> rhs12; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + if (rhs13 < PRECISION(CHAR_MAX)) + lhs1 >> rhs13; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + if (rhs14 < PRECISION(CHAR_MAX)) + lhs1 >> rhs14; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + if (rhs0 < PRECISION(CHAR_MAX)) + lhs2 >> rhs0; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs0, but it's inside a PRECISION guard + if (rhs1 < PRECISION(CHAR_MAX)) + lhs2 >> rhs1; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs1, but it's inside a PRECISION guard + if (rhs2 < PRECISION(CHAR_MAX)) + lhs2 >> rhs2; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs2, but it's inside a PRECISION guard + if (rhs3 < PRECISION(CHAR_MAX)) + lhs2 >> rhs3; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs3, but it's inside a PRECISION guard + if (rhs4 < PRECISION(CHAR_MAX)) + lhs2 >> rhs4; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs4, but it's inside a PRECISION guard + if (rhs5 < PRECISION(CHAR_MAX)) + lhs2 >> rhs5; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs5, but it's inside a PRECISION guard + if (rhs6 < PRECISION(CHAR_MAX)) + lhs2 >> rhs6; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + if (rhs7 < PRECISION(CHAR_MAX)) + lhs2 >> rhs7; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs7, but it's inside a PRECISION guard + if (rhs8 < PRECISION(CHAR_MAX)) + lhs2 >> rhs8; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs8, but it's inside a PRECISION guard + if (rhs9 < PRECISION(CHAR_MAX)) + lhs2 >> rhs9; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + if (rhs10 < PRECISION(CHAR_MAX)) + lhs2 >> rhs10; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs10, but it's inside a PRECISION guard + if (rhs11 < PRECISION(CHAR_MAX)) + lhs2 >> rhs11; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs11, but it's inside a PRECISION guard + if (rhs12 < PRECISION(CHAR_MAX)) + lhs2 >> rhs12; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + if (rhs13 < PRECISION(CHAR_MAX)) + lhs2 >> rhs13; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + if (rhs14 < PRECISION(CHAR_MAX)) + lhs2 >> rhs14; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + if (rhs3 < PRECISION(USHRT_MAX)) + lhs3 >> rhs3; // COMPLIANT: lhs3's precision is not strictly greater than + // rhs3, but it's inside a PRECISION guard + if (rhs6 < PRECISION(USHRT_MAX)) + lhs3 >> rhs6; // COMPLIANT: lhs3's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + if (rhs7 < PRECISION(USHRT_MAX)) + lhs3 >> rhs7; // COMPLIANT: lhs3's precision is not strictly greater than + // rhs7, but it's inside a PRECISION guard + if (rhs8 < PRECISION(USHRT_MAX)) + lhs3 >> rhs8; // COMPLIANT: lhs3's precision is not strictly greater than + // rhs8, but it's inside a PRECISION guard + if (rhs9 < PRECISION(USHRT_MAX)) + lhs3 >> rhs9; // COMPLIANT: lhs3's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + if (rhs10 < PRECISION(USHRT_MAX)) + lhs3 >> rhs10; // COMPLIANT: lhs3's precision is not strictly greater than + // rhs10, but it's inside a PRECISION guard + if (rhs11 < PRECISION(USHRT_MAX)) + lhs3 >> rhs11; // COMPLIANT: lhs3's precision is not strictly greater than + // rhs11, but it's inside a PRECISION guard + if (rhs12 < PRECISION(USHRT_MAX)) + lhs3 >> rhs12; // COMPLIANT: lhs3's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + if (rhs13 < PRECISION(USHRT_MAX)) + lhs3 >> rhs13; // COMPLIANT: lhs3's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + if (rhs14 < PRECISION(USHRT_MAX)) + lhs3 >> rhs14; // COMPLIANT: lhs3's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + if (rhs3 < PRECISION(SHRT_MAX)) + lhs4 >> rhs3; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs3, but it's inside a PRECISION guard + if (rhs4 < PRECISION(SHRT_MAX)) + lhs4 >> rhs4; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs4, but it's inside a PRECISION guard + if (rhs5 < PRECISION(SHRT_MAX)) + lhs4 >> rhs5; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs5, but it's inside a PRECISION guard + if (rhs6 < PRECISION(SHRT_MAX)) + lhs4 >> rhs6; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + if (rhs7 < PRECISION(SHRT_MAX)) + lhs4 >> rhs7; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs7, but it's inside a PRECISION guard + if (rhs8 < PRECISION(SHRT_MAX)) + lhs4 >> rhs8; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs8, but it's inside a PRECISION guard + if (rhs9 < PRECISION(SHRT_MAX)) + lhs4 >> rhs9; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + if (rhs10 < PRECISION(SHRT_MAX)) + lhs4 >> rhs10; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs10, but it's inside a PRECISION guard + if (rhs11 < PRECISION(SHRT_MAX)) + lhs4 >> rhs11; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs11, but it's inside a PRECISION guard + if (rhs12 < PRECISION(SHRT_MAX)) + lhs4 >> rhs12; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + if (rhs13 < PRECISION(SHRT_MAX)) + lhs4 >> rhs13; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + if (rhs14 < PRECISION(SHRT_MAX)) + lhs4 >> rhs14; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + if (rhs3 < PRECISION(SHRT_MAX)) + lhs5 >> rhs3; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs3, but it's inside a PRECISION guard + if (rhs4 < PRECISION(SHRT_MAX)) + lhs5 >> rhs4; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs4, but it's inside a PRECISION guard + if (rhs5 < PRECISION(SHRT_MAX)) + lhs5 >> rhs5; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs5, but it's inside a PRECISION guard + if (rhs6 < PRECISION(SHRT_MAX)) + lhs5 >> rhs6; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + if (rhs7 < PRECISION(SHRT_MAX)) + lhs5 >> rhs7; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs7, but it's inside a PRECISION guard + if (rhs8 < PRECISION(SHRT_MAX)) + lhs5 >> rhs8; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs8, but it's inside a PRECISION guard + if (rhs9 < PRECISION(SHRT_MAX)) + lhs5 >> rhs9; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + if (rhs10 < PRECISION(SHRT_MAX)) + lhs5 >> rhs10; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs10, but it's inside a PRECISION guard + if (rhs11 < PRECISION(SHRT_MAX)) + lhs5 >> rhs11; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs11, but it's inside a PRECISION guard + if (rhs12 < PRECISION(SHRT_MAX)) + lhs5 >> rhs12; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + if (rhs13 < PRECISION(SHRT_MAX)) + lhs5 >> rhs13; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + if (rhs14 < PRECISION(SHRT_MAX)) + lhs5 >> rhs14; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + if (rhs6 < PRECISION(UINT_MAX)) + lhs6 >> rhs6; // COMPLIANT: lhs6's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + if (rhs9 < PRECISION(UINT_MAX)) + lhs6 >> rhs9; // COMPLIANT: lhs6's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + if (rhs12 < PRECISION(UINT_MAX)) + lhs6 >> rhs12; // COMPLIANT: lhs6's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + if (rhs13 < PRECISION(UINT_MAX)) + lhs6 >> rhs13; // COMPLIANT: lhs6's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + if (rhs14 < PRECISION(UINT_MAX)) + lhs6 >> rhs14; // COMPLIANT: lhs6's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + if (rhs6 < PRECISION(INT_MAX)) + lhs7 >> rhs6; // COMPLIANT: lhs7's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + if (rhs7 < PRECISION(INT_MAX)) + lhs7 >> rhs7; // COMPLIANT: lhs7's precision is not strictly greater than + // rhs7, but it's inside a PRECISION guard + if (rhs8 < PRECISION(INT_MAX)) + lhs7 >> rhs8; // COMPLIANT: lhs7's precision is not strictly greater than + // rhs8, but it's inside a PRECISION guard + if (rhs9 < PRECISION(INT_MAX)) + lhs7 >> rhs9; // COMPLIANT: lhs7's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + if (rhs10 < PRECISION(INT_MAX)) + lhs7 >> rhs10; // COMPLIANT: lhs7's precision is not strictly greater than + // rhs10, but it's inside a PRECISION guard + if (rhs11 < PRECISION(INT_MAX)) + lhs7 >> rhs11; // COMPLIANT: lhs7's precision is not strictly greater than + // rhs11, but it's inside a PRECISION guard + if (rhs12 < PRECISION(INT_MAX)) + lhs7 >> rhs12; // COMPLIANT: lhs7's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + if (rhs13 < PRECISION(INT_MAX)) + lhs7 >> rhs13; // COMPLIANT: lhs7's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + if (rhs14 < PRECISION(INT_MAX)) + lhs7 >> rhs14; // COMPLIANT: lhs7's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + if (rhs6 < PRECISION(INT_MAX)) + lhs8 >> rhs6; // COMPLIANT: lhs8's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + if (rhs7 < PRECISION(INT_MAX)) + lhs8 >> rhs7; // COMPLIANT: lhs8's precision is not strictly greater than + // rhs7, but it's inside a PRECISION guard + if (rhs8 < PRECISION(INT_MAX)) + lhs8 >> rhs8; // COMPLIANT: lhs8's precision is not strictly greater than + // rhs8, but it's inside a PRECISION guard + if (rhs9 < PRECISION(INT_MAX)) + lhs8 >> rhs9; // COMPLIANT: lhs8's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + if (rhs10 < PRECISION(INT_MAX)) + lhs8 >> rhs10; // COMPLIANT: lhs8's precision is not strictly greater than + // rhs10, but it's inside a PRECISION guard + if (rhs11 < PRECISION(INT_MAX)) + lhs8 >> rhs11; // COMPLIANT: lhs8's precision is not strictly greater than + // rhs11, but it's inside a PRECISION guard + if (rhs12 < PRECISION(INT_MAX)) + lhs8 >> rhs12; // COMPLIANT: lhs8's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + if (rhs13 < PRECISION(INT_MAX)) + lhs8 >> rhs13; // COMPLIANT: lhs8's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + if (rhs14 < PRECISION(INT_MAX)) + lhs8 >> rhs14; // COMPLIANT: lhs8's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + if (rhs6 < PRECISION(ULONG_MAX)) + lhs9 >> rhs6; // COMPLIANT: lhs9's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + if (rhs9 < PRECISION(ULONG_MAX)) + lhs9 >> rhs9; // COMPLIANT: lhs9's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + if (rhs12 < PRECISION(ULONG_MAX)) + lhs9 >> rhs12; // COMPLIANT: lhs9's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + if (rhs13 < PRECISION(ULONG_MAX)) + lhs9 >> rhs13; // COMPLIANT: lhs9's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + if (rhs14 < PRECISION(ULONG_MAX)) + lhs9 >> rhs14; // COMPLIANT: lhs9's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + if (rhs6 < PRECISION(LONG_MAX)) + lhs10 >> rhs6; // COMPLIANT: lhs10's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + if (rhs7 < PRECISION(LONG_MAX)) + lhs10 >> rhs7; // COMPLIANT: lhs10's precision is not strictly greater than + // rhs7, but it's inside a PRECISION guard + if (rhs8 < PRECISION(LONG_MAX)) + lhs10 >> rhs8; // COMPLIANT: lhs10's precision is not strictly greater than + // rhs8, but it's inside a PRECISION guard + if (rhs9 < PRECISION(LONG_MAX)) + lhs10 >> rhs9; // COMPLIANT: lhs10's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + if (rhs10 < PRECISION(LONG_MAX)) + lhs10 >> rhs10; // COMPLIANT: lhs10's precision is not strictly greater than + // rhs10, but it's inside a PRECISION guard + if (rhs11 < PRECISION(LONG_MAX)) + lhs10 >> rhs11; // COMPLIANT: lhs10's precision is not strictly greater than + // rhs11, but it's inside a PRECISION guard + if (rhs12 < PRECISION(LONG_MAX)) + lhs10 >> rhs12; // COMPLIANT: lhs10's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + if (rhs13 < PRECISION(LONG_MAX)) + lhs10 >> rhs13; // COMPLIANT: lhs10's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + if (rhs14 < PRECISION(LONG_MAX)) + lhs10 >> rhs14; // COMPLIANT: lhs10's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + if (rhs6 < PRECISION(LONG_MAX)) + lhs11 >> rhs6; // COMPLIANT: lhs11's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + if (rhs7 < PRECISION(LONG_MAX)) + lhs11 >> rhs7; // COMPLIANT: lhs11's precision is not strictly greater than + // rhs7, but it's inside a PRECISION guard + if (rhs8 < PRECISION(LONG_MAX)) + lhs11 >> rhs8; // COMPLIANT: lhs11's precision is not strictly greater than + // rhs8, but it's inside a PRECISION guard + if (rhs9 < PRECISION(LONG_MAX)) + lhs11 >> rhs9; // COMPLIANT: lhs11's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + if (rhs10 < PRECISION(LONG_MAX)) + lhs11 >> rhs10; // COMPLIANT: lhs11's precision is not strictly greater than + // rhs10, but it's inside a PRECISION guard + if (rhs11 < PRECISION(LONG_MAX)) + lhs11 >> rhs11; // COMPLIANT: lhs11's precision is not strictly greater than + // rhs11, but it's inside a PRECISION guard + if (rhs12 < PRECISION(LONG_MAX)) + lhs11 >> rhs12; // COMPLIANT: lhs11's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + if (rhs13 < PRECISION(LONG_MAX)) + lhs11 >> rhs13; // COMPLIANT: lhs11's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + if (rhs14 < PRECISION(LONG_MAX)) + lhs11 >> rhs14; // COMPLIANT: lhs11's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + if (rhs12 < PRECISION(ULLONG_MAX)) + lhs12 >> rhs12; // COMPLIANT: lhs12's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + if (rhs12 < PRECISION(LLONG_MAX)) + lhs13 >> rhs12; // COMPLIANT: lhs13's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + if (rhs13 < PRECISION(LLONG_MAX)) + lhs13 >> rhs13; // COMPLIANT: lhs13's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + if (rhs14 < PRECISION(LLONG_MAX)) + lhs13 >> rhs14; // COMPLIANT: lhs13's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + if (rhs12 < PRECISION(LLONG_MAX)) + lhs14 >> rhs12; // COMPLIANT: lhs14's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + if (rhs13 < PRECISION(LLONG_MAX)) + lhs14 >> rhs13; // COMPLIANT: lhs14's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + if (rhs14 < PRECISION(LLONG_MAX)) + lhs14 >> rhs14; // COMPLIANT: lhs14's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard - /* right shift */ + /* ===== Right shift with guards, the shift expression is at `else` branch + * ===== */ - x0 >> x0; // NON_COMPLIANT: x0's precision is not strictly greater than x0's - x0 >> x1; // COMPLIANT: x0's precision is strictly greater than x1's - x0 >> x2; // COMPLIANT: x0's precision is strictly greater than x2's - x0 >> x3; // NON_COMPLIANT: x0's precision is not strictly greater than x3's - x0 >> x4; // NON_COMPLIANT: x0's precision is not strictly greater than x4's - x0 >> x5; // NON_COMPLIANT: x0's precision is not strictly greater than x5's - x0 >> x6; // NON_COMPLIANT: x0's precision is not strictly greater than x6's - x0 >> x7; // NON_COMPLIANT: x0's precision is not strictly greater than x7's - x0 >> x8; // NON_COMPLIANT: x0's precision is not strictly greater than x8's - x0 >> x9; // NON_COMPLIANT: x0's precision is not strictly greater than x9's - x0 >> x10; // NON_COMPLIANT: x0's precision is not strictly greater than x10's - x0 >> x11; // NON_COMPLIANT: x0's precision is not strictly greater than x11's - x0 >> x12; // NON_COMPLIANT: x0's precision is not strictly greater than x12's - x0 >> x13; // NON_COMPLIANT: x0's precision is not strictly greater than x13's - x0 >> x14; // NON_COMPLIANT: x0's precision is not strictly greater than x14's - x1 >> x0; // NON_COMPLIANT: x1's precision is not strictly greater than x0's - x1 >> x1; // NON_COMPLIANT: x1's precision is not strictly greater than x1's - x1 >> x2; // NON_COMPLIANT: x1's precision is not strictly greater than x2's - x1 >> x3; // NON_COMPLIANT: x1's precision is not strictly greater than x3's - x1 >> x4; // NON_COMPLIANT: x1's precision is not strictly greater than x4's - x1 >> x5; // NON_COMPLIANT: x1's precision is not strictly greater than x5's - x1 >> x6; // NON_COMPLIANT: x1's precision is not strictly greater than x6's - x1 >> x7; // NON_COMPLIANT: x1's precision is not strictly greater than x7's - x1 >> x8; // NON_COMPLIANT: x1's precision is not strictly greater than x8's - x1 >> x9; // NON_COMPLIANT: x1's precision is not strictly greater than x9's - x1 >> x10; // NON_COMPLIANT: x1's precision is not strictly greater than x10's - x1 >> x11; // NON_COMPLIANT: x1's precision is not strictly greater than x11's - x1 >> x12; // NON_COMPLIANT: x1's precision is not strictly greater than x12's - x1 >> x13; // NON_COMPLIANT: x1's precision is not strictly greater than x13's - x1 >> x14; // NON_COMPLIANT: x1's precision is not strictly greater than x14's - x2 >> x0; // NON_COMPLIANT: x2's precision is not strictly greater than x0's - x2 >> x1; // NON_COMPLIANT: x2's precision is not strictly greater than x1's - x2 >> x2; // NON_COMPLIANT: x2's precision is not strictly greater than x2's - x2 >> x3; // NON_COMPLIANT: x2's precision is not strictly greater than x3's - x2 >> x4; // NON_COMPLIANT: x2's precision is not strictly greater than x4's - x2 >> x5; // NON_COMPLIANT: x2's precision is not strictly greater than x5's - x2 >> x6; // NON_COMPLIANT: x2's precision is not strictly greater than x6's - x2 >> x7; // NON_COMPLIANT: x2's precision is not strictly greater than x7's - x2 >> x8; // NON_COMPLIANT: x2's precision is not strictly greater than x8's - x2 >> x9; // NON_COMPLIANT: x2's precision is not strictly greater than x9's - x2 >> x10; // NON_COMPLIANT: x2's precision is not strictly greater than x10's - x2 >> x11; // NON_COMPLIANT: x2's precision is not strictly greater than x11's - x2 >> x12; // NON_COMPLIANT: x2's precision is not strictly greater than x12's - x2 >> x13; // NON_COMPLIANT: x2's precision is not strictly greater than x13's - x2 >> x14; // NON_COMPLIANT: x2's precision is not strictly greater than x14's - x3 >> x0; // COMPLIANT: x3's precision is strictly greater than x0's - x3 >> x1; // COMPLIANT: x3's precision is strictly greater than x1's - x3 >> x2; // COMPLIANT: x3's precision is strictly greater than x2's - x3 >> x3; // NON_COMPLIANT: x3's precision is not strictly greater than x3's - x3 >> x4; // COMPLIANT: x3's precision is strictly greater than x4's - x3 >> x5; // COMPLIANT: x3's precision is strictly greater than x5's - x3 >> x6; // NON_COMPLIANT: x3's precision is not strictly greater than x6's - x3 >> x7; // NON_COMPLIANT: x3's precision is not strictly greater than x7's - x3 >> x8; // NON_COMPLIANT: x3's precision is not strictly greater than x8's - x3 >> x9; // NON_COMPLIANT: x3's precision is not strictly greater than x9's - x3 >> x10; // NON_COMPLIANT: x3's precision is not strictly greater than x10's - x3 >> x11; // NON_COMPLIANT: x3's precision is not strictly greater than x11's - x3 >> x12; // NON_COMPLIANT: x3's precision is not strictly greater than x12's - x3 >> x13; // NON_COMPLIANT: x3's precision is not strictly greater than x13's - x3 >> x14; // NON_COMPLIANT: x3's precision is not strictly greater than x14's - x4 >> x0; // COMPLIANT: x4's precision is strictly greater than x0's - x4 >> x1; // COMPLIANT: x4's precision is strictly greater than x1's - x4 >> x2; // COMPLIANT: x4's precision is strictly greater than x2's - x4 >> x3; // NON_COMPLIANT: x4's precision is not strictly greater than x3's - x4 >> x4; // NON_COMPLIANT: x4's precision is not strictly greater than x4's - x4 >> x5; // NON_COMPLIANT: x4's precision is not strictly greater than x5's - x4 >> x6; // NON_COMPLIANT: x4's precision is not strictly greater than x6's - x4 >> x7; // NON_COMPLIANT: x4's precision is not strictly greater than x7's - x4 >> x8; // NON_COMPLIANT: x4's precision is not strictly greater than x8's - x4 >> x9; // NON_COMPLIANT: x4's precision is not strictly greater than x9's - x4 >> x10; // NON_COMPLIANT: x4's precision is not strictly greater than x10's - x4 >> x11; // NON_COMPLIANT: x4's precision is not strictly greater than x11's - x4 >> x12; // NON_COMPLIANT: x4's precision is not strictly greater than x12's - x4 >> x13; // NON_COMPLIANT: x4's precision is not strictly greater than x13's - x4 >> x14; // NON_COMPLIANT: x4's precision is not strictly greater than x14's - x5 >> x0; // COMPLIANT: x5's precision is strictly greater than x0's - x5 >> x1; // COMPLIANT: x5's precision is strictly greater than x1's - x5 >> x2; // COMPLIANT: x5's precision is strictly greater than x2's - x5 >> x3; // NON_COMPLIANT: x5's precision is not strictly greater than x3's - x5 >> x4; // NON_COMPLIANT: x5's precision is not strictly greater than x4's - x5 >> x5; // NON_COMPLIANT: x5's precision is not strictly greater than x5's - x5 >> x6; // NON_COMPLIANT: x5's precision is not strictly greater than x6's - x5 >> x7; // NON_COMPLIANT: x5's precision is not strictly greater than x7's - x5 >> x8; // NON_COMPLIANT: x5's precision is not strictly greater than x8's - x5 >> x9; // NON_COMPLIANT: x5's precision is not strictly greater than x9's - x5 >> x10; // NON_COMPLIANT: x5's precision is not strictly greater than x10's - x5 >> x11; // NON_COMPLIANT: x5's precision is not strictly greater than x11's - x5 >> x12; // NON_COMPLIANT: x5's precision is not strictly greater than x12's - x5 >> x13; // NON_COMPLIANT: x5's precision is not strictly greater than x13's - x5 >> x14; // NON_COMPLIANT: x5's precision is not strictly greater than x14's - x6 >> x0; // COMPLIANT: x6's precision is strictly greater than x0's - x6 >> x1; // COMPLIANT: x6's precision is strictly greater than x1's - x6 >> x2; // COMPLIANT: x6's precision is strictly greater than x2's - x6 >> x3; // COMPLIANT: x6's precision is strictly greater than x3's - x6 >> x4; // COMPLIANT: x6's precision is strictly greater than x4's - x6 >> x5; // COMPLIANT: x6's precision is strictly greater than x5's - x6 >> x6; // NON_COMPLIANT: x6's precision is not strictly greater than x6's - x6 >> x7; // COMPLIANT: x6's precision is strictly greater than x7's - x6 >> x8; // COMPLIANT: x6's precision is strictly greater than x8's - x6 >> x9; // NON_COMPLIANT: x6's precision is not strictly greater than x9's - x6 >> x10; // COMPLIANT: x6's precision is strictly greater than x10's - x6 >> x11; // COMPLIANT: x6's precision is strictly greater than x11's - x6 >> x12; // NON_COMPLIANT: x6's precision is not strictly greater than x12's - x6 >> x13; // NON_COMPLIANT: x6's precision is not strictly greater than x13's - x6 >> x14; // NON_COMPLIANT: x6's precision is not strictly greater than x14's - x7 >> x0; // COMPLIANT: x7's precision is strictly greater than x0's - x7 >> x1; // COMPLIANT: x7's precision is strictly greater than x1's - x7 >> x2; // COMPLIANT: x7's precision is strictly greater than x2's - x7 >> x3; // COMPLIANT: x7's precision is strictly greater than x3's - x7 >> x4; // COMPLIANT: x7's precision is strictly greater than x4's - x7 >> x5; // COMPLIANT: x7's precision is strictly greater than x5's - x7 >> x6; // NON_COMPLIANT: x7's precision is not strictly greater than x6's - x7 >> x7; // NON_COMPLIANT: x7's precision is not strictly greater than x7's - x7 >> x8; // NON_COMPLIANT: x7's precision is not strictly greater than x8's - x7 >> x9; // NON_COMPLIANT: x7's precision is not strictly greater than x9's - x7 >> x10; // NON_COMPLIANT: x7's precision is not strictly greater than x10's - x7 >> x11; // NON_COMPLIANT: x7's precision is not strictly greater than x11's - x7 >> x12; // NON_COMPLIANT: x7's precision is not strictly greater than x12's - x7 >> x13; // NON_COMPLIANT: x7's precision is not strictly greater than x13's - x7 >> x14; // NON_COMPLIANT: x7's precision is not strictly greater than x14's - x8 >> x0; // COMPLIANT: x8's precision is strictly greater than x0's - x8 >> x1; // COMPLIANT: x8's precision is strictly greater than x1's - x8 >> x2; // COMPLIANT: x8's precision is strictly greater than x2's - x8 >> x3; // COMPLIANT: x8's precision is strictly greater than x3's - x8 >> x4; // COMPLIANT: x8's precision is strictly greater than x4's - x8 >> x5; // COMPLIANT: x8's precision is strictly greater than x5's - x8 >> x6; // NON_COMPLIANT: x8's precision is not strictly greater than x6's - x8 >> x7; // NON_COMPLIANT: x8's precision is not strictly greater than x7's - x8 >> x8; // NON_COMPLIANT: x8's precision is not strictly greater than x8's - x8 >> x9; // NON_COMPLIANT: x8's precision is not strictly greater than x9's - x8 >> x10; // NON_COMPLIANT: x8's precision is not strictly greater than x10's - x8 >> x11; // NON_COMPLIANT: x8's precision is not strictly greater than x11's - x8 >> x12; // NON_COMPLIANT: x8's precision is not strictly greater than x12's - x8 >> x13; // NON_COMPLIANT: x8's precision is not strictly greater than x13's - x8 >> x14; // NON_COMPLIANT: x8's precision is not strictly greater than x14's - x9 >> x0; // COMPLIANT: x9's precision is strictly greater than x0's - x9 >> x1; // COMPLIANT: x9's precision is strictly greater than x1's - x9 >> x2; // COMPLIANT: x9's precision is strictly greater than x2's - x9 >> x3; // COMPLIANT: x9's precision is strictly greater than x3's - x9 >> x4; // COMPLIANT: x9's precision is strictly greater than x4's - x9 >> x5; // COMPLIANT: x9's precision is strictly greater than x5's - x9 >> x6; // NON_COMPLIANT: x9's precision is not strictly greater than x6's - x9 >> x7; // COMPLIANT: x9's precision is strictly greater than x7's - x9 >> x8; // COMPLIANT: x9's precision is strictly greater than x8's - x9 >> x9; // NON_COMPLIANT: x9's precision is not strictly greater than x9's - x9 >> x10; // COMPLIANT: x9's precision is strictly greater than x10's - x9 >> x11; // COMPLIANT: x9's precision is strictly greater than x11's - x9 >> x12; // NON_COMPLIANT: x9's precision is not strictly greater than x12's - x9 >> x13; // NON_COMPLIANT: x9's precision is not strictly greater than x13's - x9 >> x14; // NON_COMPLIANT: x9's precision is not strictly greater than x14's - x10 >> x0; // COMPLIANT: x10's precision is strictly greater than x0's - x10 >> x1; // COMPLIANT: x10's precision is strictly greater than x1's - x10 >> x2; // COMPLIANT: x10's precision is strictly greater than x2's - x10 >> x3; // COMPLIANT: x10's precision is strictly greater than x3's - x10 >> x4; // COMPLIANT: x10's precision is strictly greater than x4's - x10 >> x5; // COMPLIANT: x10's precision is strictly greater than x5's - x10 >> x6; // NON_COMPLIANT: x10's precision is not strictly greater than x6's - x10 >> x7; // NON_COMPLIANT: x10's precision is not strictly greater than x7's - x10 >> x8; // NON_COMPLIANT: x10's precision is not strictly greater than x8's - x10 >> x9; // NON_COMPLIANT: x10's precision is not strictly greater than x9's - x10 >> - x10; // NON_COMPLIANT: x10's precision is not strictly greater than x10's - x10 >> - x11; // NON_COMPLIANT: x10's precision is not strictly greater than x11's - x10 >> - x12; // NON_COMPLIANT: x10's precision is not strictly greater than x12's - x10 >> - x13; // NON_COMPLIANT: x10's precision is not strictly greater than x13's - x10 >> - x14; // NON_COMPLIANT: x10's precision is not strictly greater than x14's - x11 >> x0; // COMPLIANT: x11's precision is strictly greater than x0's - x11 >> x1; // COMPLIANT: x11's precision is strictly greater than x1's - x11 >> x2; // COMPLIANT: x11's precision is strictly greater than x2's - x11 >> x3; // COMPLIANT: x11's precision is strictly greater than x3's - x11 >> x4; // COMPLIANT: x11's precision is strictly greater than x4's - x11 >> x5; // COMPLIANT: x11's precision is strictly greater than x5's - x11 >> x6; // NON_COMPLIANT: x11's precision is not strictly greater than x6's - x11 >> x7; // NON_COMPLIANT: x11's precision is not strictly greater than x7's - x11 >> x8; // NON_COMPLIANT: x11's precision is not strictly greater than x8's - x11 >> x9; // NON_COMPLIANT: x11's precision is not strictly greater than x9's - x11 >> - x10; // NON_COMPLIANT: x11's precision is not strictly greater than x10's - x11 >> - x11; // NON_COMPLIANT: x11's precision is not strictly greater than x11's - x11 >> - x12; // NON_COMPLIANT: x11's precision is not strictly greater than x12's - x11 >> - x13; // NON_COMPLIANT: x11's precision is not strictly greater than x13's - x11 >> - x14; // NON_COMPLIANT: x11's precision is not strictly greater than x14's - x12 >> x0; // COMPLIANT: x12's precision is strictly greater than x0's - x12 >> x1; // COMPLIANT: x12's precision is strictly greater than x1's - x12 >> x2; // COMPLIANT: x12's precision is strictly greater than x2's - x12 >> x3; // COMPLIANT: x12's precision is strictly greater than x3's - x12 >> x4; // COMPLIANT: x12's precision is strictly greater than x4's - x12 >> x5; // COMPLIANT: x12's precision is strictly greater than x5's - x12 >> x6; // COMPLIANT: x12's precision is strictly greater than x6's - x12 >> x7; // COMPLIANT: x12's precision is strictly greater than x7's - x12 >> x8; // COMPLIANT: x12's precision is strictly greater than x8's - x12 >> x9; // COMPLIANT: x12's precision is strictly greater than x9's - x12 >> x10; // COMPLIANT: x12's precision is strictly greater than x10's - x12 >> x11; // COMPLIANT: x12's precision is strictly greater than x11's - x12 >> - x12; // NON_COMPLIANT: x12's precision is not strictly greater than x12's - x12 >> x13; // COMPLIANT: x12's precision is strictly greater than x13's - x12 >> x14; // COMPLIANT: x12's precision is strictly greater than x14's - x13 >> x0; // COMPLIANT: x13's precision is strictly greater than x0's - x13 >> x1; // COMPLIANT: x13's precision is strictly greater than x1's - x13 >> x2; // COMPLIANT: x13's precision is strictly greater than x2's - x13 >> x3; // COMPLIANT: x13's precision is strictly greater than x3's - x13 >> x4; // COMPLIANT: x13's precision is strictly greater than x4's - x13 >> x5; // COMPLIANT: x13's precision is strictly greater than x5's - x13 >> x6; // COMPLIANT: x13's precision is strictly greater than x6's - x13 >> x7; // COMPLIANT: x13's precision is strictly greater than x7's - x13 >> x8; // COMPLIANT: x13's precision is strictly greater than x8's - x13 >> x9; // COMPLIANT: x13's precision is strictly greater than x9's - x13 >> x10; // COMPLIANT: x13's precision is strictly greater than x10's - x13 >> x11; // COMPLIANT: x13's precision is strictly greater than x11's - x13 >> - x12; // NON_COMPLIANT: x13's precision is not strictly greater than x12's - x13 >> - x13; // NON_COMPLIANT: x13's precision is not strictly greater than x13's - x13 >> - x14; // NON_COMPLIANT: x13's precision is not strictly greater than x14's - x14 >> x0; // COMPLIANT: x14's precision is strictly greater than x0's - x14 >> x1; // COMPLIANT: x14's precision is strictly greater than x1's - x14 >> x2; // COMPLIANT: x14's precision is strictly greater than x2's - x14 >> x3; // COMPLIANT: x14's precision is strictly greater than x3's - x14 >> x4; // COMPLIANT: x14's precision is strictly greater than x4's - x14 >> x5; // COMPLIANT: x14's precision is strictly greater than x5's - x14 >> x6; // COMPLIANT: x14's precision is strictly greater than x6's - x14 >> x7; // COMPLIANT: x14's precision is strictly greater than x7's - x14 >> x8; // COMPLIANT: x14's precision is strictly greater than x8's - x14 >> x9; // COMPLIANT: x14's precision is strictly greater than x9's - x14 >> x10; // COMPLIANT: x14's precision is strictly greater than x10's - x14 >> x11; // COMPLIANT: x14's precision is strictly greater than x11's - x14 >> - x12; // NON_COMPLIANT: x14's precision is not strictly greater than x12's - x14 >> - x13; // NON_COMPLIANT: x14's precision is not strictly greater than x13's - x14 >> - x14; // NON_COMPLIANT: x14's precision is not strictly greater than x14's + if (rhs0 >= PRECISION(UCHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs0 >> rhs0; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs0, but it's inside a PRECISION guard + } + if (rhs3 >= PRECISION(UCHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs0 >> rhs3; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs3, but it's inside a PRECISION guard + } + if (rhs4 >= PRECISION(UCHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs0 >> rhs4; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs4, but it's inside a PRECISION guard + } + if (rhs5 >= PRECISION(UCHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs0 >> rhs5; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs5, but it's inside a PRECISION guard + } + if (rhs6 >= PRECISION(UCHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs0 >> rhs6; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + } + if (rhs7 >= PRECISION(UCHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs0 >> rhs7; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs7, but it's inside a PRECISION guard + } + if (rhs8 >= PRECISION(UCHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs0 >> rhs8; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs8, but it's inside a PRECISION guard + } + if (rhs9 >= PRECISION(UCHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs0 >> rhs9; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + } + if (rhs10 >= PRECISION(UCHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs0 >> rhs10; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs10, but it's inside a PRECISION guard + } + if (rhs11 >= PRECISION(UCHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs0 >> rhs11; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs11, but it's inside a PRECISION guard + } + if (rhs12 >= PRECISION(UCHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs0 >> rhs12; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + } + if (rhs13 >= PRECISION(UCHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs0 >> rhs13; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + } + if (rhs14 >= PRECISION(UCHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs0 >> rhs14; // COMPLIANT: lhs0's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + } + if (rhs0 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs1 >> rhs0; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs0, but it's inside a PRECISION guard + } + if (rhs1 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs1 >> rhs1; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs1, but it's inside a PRECISION guard + } + if (rhs2 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs1 >> rhs2; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs2, but it's inside a PRECISION guard + } + if (rhs3 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs1 >> rhs3; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs3, but it's inside a PRECISION guard + } + if (rhs4 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs1 >> rhs4; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs4, but it's inside a PRECISION guard + } + if (rhs5 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs1 >> rhs5; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs5, but it's inside a PRECISION guard + } + if (rhs6 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs1 >> rhs6; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + } + if (rhs7 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs1 >> rhs7; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs7, but it's inside a PRECISION guard + } + if (rhs8 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs1 >> rhs8; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs8, but it's inside a PRECISION guard + } + if (rhs9 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs1 >> rhs9; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + } + if (rhs10 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs1 >> rhs10; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs10, but it's inside a PRECISION guard + } + if (rhs11 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs1 >> rhs11; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs11, but it's inside a PRECISION guard + } + if (rhs12 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs1 >> rhs12; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + } + if (rhs13 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs1 >> rhs13; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + } + if (rhs14 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs1 >> rhs14; // COMPLIANT: lhs1's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + } + if (rhs0 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs2 >> rhs0; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs0, but it's inside a PRECISION guard + } + if (rhs1 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs2 >> rhs1; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs1, but it's inside a PRECISION guard + } + if (rhs2 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs2 >> rhs2; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs2, but it's inside a PRECISION guard + } + if (rhs3 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs2 >> rhs3; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs3, but it's inside a PRECISION guard + } + if (rhs4 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs2 >> rhs4; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs4, but it's inside a PRECISION guard + } + if (rhs5 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs2 >> rhs5; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs5, but it's inside a PRECISION guard + } + if (rhs6 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs2 >> rhs6; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + } + if (rhs7 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs2 >> rhs7; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs7, but it's inside a PRECISION guard + } + if (rhs8 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs2 >> rhs8; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs8, but it's inside a PRECISION guard + } + if (rhs9 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs2 >> rhs9; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + } + if (rhs10 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs2 >> rhs10; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs10, but it's inside a PRECISION guard + } + if (rhs11 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs2 >> rhs11; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs11, but it's inside a PRECISION guard + } + if (rhs12 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs2 >> rhs12; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + } + if (rhs13 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs2 >> rhs13; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + } + if (rhs14 >= PRECISION(CHAR_MAX)) { + ; /* Handle Error */ + } else { + lhs2 >> rhs14; // COMPLIANT: lhs2's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + } + if (rhs3 >= PRECISION(USHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs3 >> rhs3; // COMPLIANT: lhs3's precision is not strictly greater than + // rhs3, but it's inside a PRECISION guard + } + if (rhs6 >= PRECISION(USHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs3 >> rhs6; // COMPLIANT: lhs3's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + } + if (rhs7 >= PRECISION(USHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs3 >> rhs7; // COMPLIANT: lhs3's precision is not strictly greater than + // rhs7, but it's inside a PRECISION guard + } + if (rhs8 >= PRECISION(USHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs3 >> rhs8; // COMPLIANT: lhs3's precision is not strictly greater than + // rhs8, but it's inside a PRECISION guard + } + if (rhs9 >= PRECISION(USHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs3 >> rhs9; // COMPLIANT: lhs3's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + } + if (rhs10 >= PRECISION(USHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs3 >> rhs10; // COMPLIANT: lhs3's precision is not strictly greater than + // rhs10, but it's inside a PRECISION guard + } + if (rhs11 >= PRECISION(USHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs3 >> rhs11; // COMPLIANT: lhs3's precision is not strictly greater than + // rhs11, but it's inside a PRECISION guard + } + if (rhs12 >= PRECISION(USHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs3 >> rhs12; // COMPLIANT: lhs3's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + } + if (rhs13 >= PRECISION(USHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs3 >> rhs13; // COMPLIANT: lhs3's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + } + if (rhs14 >= PRECISION(USHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs3 >> rhs14; // COMPLIANT: lhs3's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + } + if (rhs3 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs4 >> rhs3; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs3, but it's inside a PRECISION guard + } + if (rhs4 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs4 >> rhs4; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs4, but it's inside a PRECISION guard + } + if (rhs5 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs4 >> rhs5; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs5, but it's inside a PRECISION guard + } + if (rhs6 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs4 >> rhs6; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + } + if (rhs7 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs4 >> rhs7; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs7, but it's inside a PRECISION guard + } + if (rhs8 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs4 >> rhs8; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs8, but it's inside a PRECISION guard + } + if (rhs9 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs4 >> rhs9; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + } + if (rhs10 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs4 >> rhs10; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs10, but it's inside a PRECISION guard + } + if (rhs11 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs4 >> rhs11; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs11, but it's inside a PRECISION guard + } + if (rhs12 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs4 >> rhs12; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + } + if (rhs13 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs4 >> rhs13; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + } + if (rhs14 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs4 >> rhs14; // COMPLIANT: lhs4's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + } + if (rhs3 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs5 >> rhs3; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs3, but it's inside a PRECISION guard + } + if (rhs4 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs5 >> rhs4; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs4, but it's inside a PRECISION guard + } + if (rhs5 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs5 >> rhs5; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs5, but it's inside a PRECISION guard + } + if (rhs6 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs5 >> rhs6; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + } + if (rhs7 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs5 >> rhs7; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs7, but it's inside a PRECISION guard + } + if (rhs8 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs5 >> rhs8; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs8, but it's inside a PRECISION guard + } + if (rhs9 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs5 >> rhs9; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + } + if (rhs10 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs5 >> rhs10; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs10, but it's inside a PRECISION guard + } + if (rhs11 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs5 >> rhs11; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs11, but it's inside a PRECISION guard + } + if (rhs12 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs5 >> rhs12; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + } + if (rhs13 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs5 >> rhs13; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + } + if (rhs14 >= PRECISION(SHRT_MAX)) { + ; /* Handle Error */ + } else { + lhs5 >> rhs14; // COMPLIANT: lhs5's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + } + if (rhs6 >= PRECISION(UINT_MAX)) { + ; /* Handle Error */ + } else { + lhs6 >> rhs6; // COMPLIANT: lhs6's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + } + if (rhs9 >= PRECISION(UINT_MAX)) { + ; /* Handle Error */ + } else { + lhs6 >> rhs9; // COMPLIANT: lhs6's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + } + if (rhs12 >= PRECISION(UINT_MAX)) { + ; /* Handle Error */ + } else { + lhs6 >> rhs12; // COMPLIANT: lhs6's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + } + if (rhs13 >= PRECISION(UINT_MAX)) { + ; /* Handle Error */ + } else { + lhs6 >> rhs13; // COMPLIANT: lhs6's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + } + if (rhs14 >= PRECISION(UINT_MAX)) { + ; /* Handle Error */ + } else { + lhs6 >> rhs14; // COMPLIANT: lhs6's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + } + if (rhs6 >= PRECISION(INT_MAX)) { + ; /* Handle Error */ + } else { + lhs7 >> rhs6; // COMPLIANT: lhs7's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + } + if (rhs7 >= PRECISION(INT_MAX)) { + ; /* Handle Error */ + } else { + lhs7 >> rhs7; // COMPLIANT: lhs7's precision is not strictly greater than + // rhs7, but it's inside a PRECISION guard + } + if (rhs8 >= PRECISION(INT_MAX)) { + ; /* Handle Error */ + } else { + lhs7 >> rhs8; // COMPLIANT: lhs7's precision is not strictly greater than + // rhs8, but it's inside a PRECISION guard + } + if (rhs9 >= PRECISION(INT_MAX)) { + ; /* Handle Error */ + } else { + lhs7 >> rhs9; // COMPLIANT: lhs7's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + } + if (rhs10 >= PRECISION(INT_MAX)) { + ; /* Handle Error */ + } else { + lhs7 >> rhs10; // COMPLIANT: lhs7's precision is not strictly greater than + // rhs10, but it's inside a PRECISION guard + } + if (rhs11 >= PRECISION(INT_MAX)) { + ; /* Handle Error */ + } else { + lhs7 >> rhs11; // COMPLIANT: lhs7's precision is not strictly greater than + // rhs11, but it's inside a PRECISION guard + } + if (rhs12 >= PRECISION(INT_MAX)) { + ; /* Handle Error */ + } else { + lhs7 >> rhs12; // COMPLIANT: lhs7's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + } + if (rhs13 >= PRECISION(INT_MAX)) { + ; /* Handle Error */ + } else { + lhs7 >> rhs13; // COMPLIANT: lhs7's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + } + if (rhs14 >= PRECISION(INT_MAX)) { + ; /* Handle Error */ + } else { + lhs7 >> rhs14; // COMPLIANT: lhs7's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + } + if (rhs6 >= PRECISION(INT_MAX)) { + ; /* Handle Error */ + } else { + lhs8 >> rhs6; // COMPLIANT: lhs8's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + } + if (rhs7 >= PRECISION(INT_MAX)) { + ; /* Handle Error */ + } else { + lhs8 >> rhs7; // COMPLIANT: lhs8's precision is not strictly greater than + // rhs7, but it's inside a PRECISION guard + } + if (rhs8 >= PRECISION(INT_MAX)) { + ; /* Handle Error */ + } else { + lhs8 >> rhs8; // COMPLIANT: lhs8's precision is not strictly greater than + // rhs8, but it's inside a PRECISION guard + } + if (rhs9 >= PRECISION(INT_MAX)) { + ; /* Handle Error */ + } else { + lhs8 >> rhs9; // COMPLIANT: lhs8's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + } + if (rhs10 >= PRECISION(INT_MAX)) { + ; /* Handle Error */ + } else { + lhs8 >> rhs10; // COMPLIANT: lhs8's precision is not strictly greater than + // rhs10, but it's inside a PRECISION guard + } + if (rhs11 >= PRECISION(INT_MAX)) { + ; /* Handle Error */ + } else { + lhs8 >> rhs11; // COMPLIANT: lhs8's precision is not strictly greater than + // rhs11, but it's inside a PRECISION guard + } + if (rhs12 >= PRECISION(INT_MAX)) { + ; /* Handle Error */ + } else { + lhs8 >> rhs12; // COMPLIANT: lhs8's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + } + if (rhs13 >= PRECISION(INT_MAX)) { + ; /* Handle Error */ + } else { + lhs8 >> rhs13; // COMPLIANT: lhs8's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + } + if (rhs14 >= PRECISION(INT_MAX)) { + ; /* Handle Error */ + } else { + lhs8 >> rhs14; // COMPLIANT: lhs8's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + } + if (rhs6 >= PRECISION(ULONG_MAX)) { + ; /* Handle Error */ + } else { + lhs9 >> rhs6; // COMPLIANT: lhs9's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + } + if (rhs9 >= PRECISION(ULONG_MAX)) { + ; /* Handle Error */ + } else { + lhs9 >> rhs9; // COMPLIANT: lhs9's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + } + if (rhs12 >= PRECISION(ULONG_MAX)) { + ; /* Handle Error */ + } else { + lhs9 >> rhs12; // COMPLIANT: lhs9's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + } + if (rhs13 >= PRECISION(ULONG_MAX)) { + ; /* Handle Error */ + } else { + lhs9 >> rhs13; // COMPLIANT: lhs9's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + } + if (rhs14 >= PRECISION(ULONG_MAX)) { + ; /* Handle Error */ + } else { + lhs9 >> rhs14; // COMPLIANT: lhs9's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + } + if (rhs6 >= PRECISION(LONG_MAX)) { + ; /* Handle Error */ + } else { + lhs10 >> rhs6; // COMPLIANT: lhs10's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + } + if (rhs7 >= PRECISION(LONG_MAX)) { + ; /* Handle Error */ + } else { + lhs10 >> rhs7; // COMPLIANT: lhs10's precision is not strictly greater than + // rhs7, but it's inside a PRECISION guard + } + if (rhs8 >= PRECISION(LONG_MAX)) { + ; /* Handle Error */ + } else { + lhs10 >> rhs8; // COMPLIANT: lhs10's precision is not strictly greater than + // rhs8, but it's inside a PRECISION guard + } + if (rhs9 >= PRECISION(LONG_MAX)) { + ; /* Handle Error */ + } else { + lhs10 >> rhs9; // COMPLIANT: lhs10's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + } + if (rhs10 >= PRECISION(LONG_MAX)) { + ; /* Handle Error */ + } else { + lhs10 >> rhs10; // COMPLIANT: lhs10's precision is not strictly greater than + // rhs10, but it's inside a PRECISION guard + } + if (rhs11 >= PRECISION(LONG_MAX)) { + ; /* Handle Error */ + } else { + lhs10 >> rhs11; // COMPLIANT: lhs10's precision is not strictly greater than + // rhs11, but it's inside a PRECISION guard + } + if (rhs12 >= PRECISION(LONG_MAX)) { + ; /* Handle Error */ + } else { + lhs10 >> rhs12; // COMPLIANT: lhs10's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + } + if (rhs13 >= PRECISION(LONG_MAX)) { + ; /* Handle Error */ + } else { + lhs10 >> rhs13; // COMPLIANT: lhs10's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + } + if (rhs14 >= PRECISION(LONG_MAX)) { + ; /* Handle Error */ + } else { + lhs10 >> rhs14; // COMPLIANT: lhs10's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + } + if (rhs6 >= PRECISION(LONG_MAX)) { + ; /* Handle Error */ + } else { + lhs11 >> rhs6; // COMPLIANT: lhs11's precision is not strictly greater than + // rhs6, but it's inside a PRECISION guard + } + if (rhs7 >= PRECISION(LONG_MAX)) { + ; /* Handle Error */ + } else { + lhs11 >> rhs7; // COMPLIANT: lhs11's precision is not strictly greater than + // rhs7, but it's inside a PRECISION guard + } + if (rhs8 >= PRECISION(LONG_MAX)) { + ; /* Handle Error */ + } else { + lhs11 >> rhs8; // COMPLIANT: lhs11's precision is not strictly greater than + // rhs8, but it's inside a PRECISION guard + } + if (rhs9 >= PRECISION(LONG_MAX)) { + ; /* Handle Error */ + } else { + lhs11 >> rhs9; // COMPLIANT: lhs11's precision is not strictly greater than + // rhs9, but it's inside a PRECISION guard + } + if (rhs10 >= PRECISION(LONG_MAX)) { + ; /* Handle Error */ + } else { + lhs11 >> rhs10; // COMPLIANT: lhs11's precision is not strictly greater than + // rhs10, but it's inside a PRECISION guard + } + if (rhs11 >= PRECISION(LONG_MAX)) { + ; /* Handle Error */ + } else { + lhs11 >> rhs11; // COMPLIANT: lhs11's precision is not strictly greater than + // rhs11, but it's inside a PRECISION guard + } + if (rhs12 >= PRECISION(LONG_MAX)) { + ; /* Handle Error */ + } else { + lhs11 >> rhs12; // COMPLIANT: lhs11's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + } + if (rhs13 >= PRECISION(LONG_MAX)) { + ; /* Handle Error */ + } else { + lhs11 >> rhs13; // COMPLIANT: lhs11's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + } + if (rhs14 >= PRECISION(LONG_MAX)) { + ; /* Handle Error */ + } else { + lhs11 >> rhs14; // COMPLIANT: lhs11's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + } + if (rhs12 >= PRECISION(ULLONG_MAX)) { + ; /* Handle Error */ + } else { + lhs12 >> rhs12; // COMPLIANT: lhs12's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + } + if (rhs12 >= PRECISION(LLONG_MAX)) { + ; /* Handle Error */ + } else { + lhs13 >> rhs12; // COMPLIANT: lhs13's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + } + if (rhs13 >= PRECISION(LLONG_MAX)) { + ; /* Handle Error */ + } else { + lhs13 >> rhs13; // COMPLIANT: lhs13's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + } + if (rhs14 >= PRECISION(LLONG_MAX)) { + ; /* Handle Error */ + } else { + lhs13 >> rhs14; // COMPLIANT: lhs13's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + } + if (rhs12 >= PRECISION(LLONG_MAX)) { + ; /* Handle Error */ + } else { + lhs14 >> rhs12; // COMPLIANT: lhs14's precision is not strictly greater than + // rhs12, but it's inside a PRECISION guard + } + if (rhs13 >= PRECISION(LLONG_MAX)) { + ; /* Handle Error */ + } else { + lhs14 >> rhs13; // COMPLIANT: lhs14's precision is not strictly greater than + // rhs13, but it's inside a PRECISION guard + } + if (rhs14 >= PRECISION(LLONG_MAX)) { + ; /* Handle Error */ + } else { + lhs14 >> rhs14; // COMPLIANT: lhs14's precision is not strictly greater than + // rhs14, but it's inside a PRECISION guard + } - /* negative shift */ + /* Negative shifts */ - x0 << -1; // NON_COMPLIANT: shifting by a negative operand - x1 << -1; // NON_COMPLIANT: shifting by a negative operand - x2 << -1; // NON_COMPLIANT: shifting by a negative operand - x3 << -1; // NON_COMPLIANT: shifting by a negative operand - x4 << -1; // NON_COMPLIANT: shifting by a negative operand - x5 << -1; // NON_COMPLIANT: shifting by a negative operand - x6 << -1; // NON_COMPLIANT: shifting by a negative operand - x7 << -1; // NON_COMPLIANT: shifting by a negative operand - x8 << -1; // NON_COMPLIANT: shifting by a negative operand - x9 << -1; // NON_COMPLIANT: shifting by a negative operand - x10 << -1; // NON_COMPLIANT: shifting by a negative operand - x11 << -1; // NON_COMPLIANT: shifting by a negative operand - x12 << -1; // NON_COMPLIANT: shifting by a negative operand - x13 << -1; // NON_COMPLIANT: shifting by a negative operand - x14 << -1; // NON_COMPLIANT: shifting by a negative operand + lhs0 << -1; // NON_COMPLIANT: shifting by a negative operand + lhs1 << -1; // NON_COMPLIANT: shifting by a negative operand + lhs2 << -1; // NON_COMPLIANT: shifting by a negative operand + lhs3 << -1; // NON_COMPLIANT: shifting by a negative operand + lhs4 << -1; // NON_COMPLIANT: shifting by a negative operand + lhs5 << -1; // NON_COMPLIANT: shifting by a negative operand + lhs6 << -1; // NON_COMPLIANT: shifting by a negative operand + lhs7 << -1; // NON_COMPLIANT: shifting by a negative operand + lhs8 << -1; // NON_COMPLIANT: shifting by a negative operand + lhs9 << -1; // NON_COMPLIANT: shifting by a negative operand + lhs10 << -1; // NON_COMPLIANT: shifting by a negative operand + lhs11 << -1; // NON_COMPLIANT: shifting by a negative operand + lhs12 << -1; // NON_COMPLIANT: shifting by a negative operand + lhs13 << -1; // NON_COMPLIANT: shifting by a negative operand + lhs14 << -1; // NON_COMPLIANT: shifting by a negative operand return 0; -} \ No newline at end of file +} From fb1fd83e393c6f58d107212ddb12558c02dadbbe Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Wed, 22 Mar 2023 16:20:16 -0700 Subject: [PATCH 0819/2573] Fix error in test of INT36-C --- c/cert/test/rules/INT36-C/test.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/cert/test/rules/INT36-C/test.c b/c/cert/test/rules/INT36-C/test.c index c4c7487502..e289f34fd4 100644 --- a/c/cert/test/rules/INT36-C/test.c +++ b/c/cert/test/rules/INT36-C/test.c @@ -20,7 +20,7 @@ int main() { 0x01abcdef; // NON_COMPLIANT: assigning raw hex to pointer variable int *int_pointer4 = integer1; // NON_COMPLIANT: declaring pointer variable with integer value - *int_pointer4 = + int_pointer4 = integer1 + 1; // NON_COMPLIANT: assigning integer rvalue to pointer variable int *integer_address5 = From 584d94c14d22efbc10f7fc4cc4183d29d90b0c12 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 22 Mar 2023 23:37:34 +0000 Subject: [PATCH 0820/2573] Rule 14.2: Recognise loop counters * Identify loop counters that are not initialized in the loop * Identify loop counters that are increment/decremented by += or -= --- c/misra/test/rules/RULE-14-2/test.c | 5 ++ cpp/common/src/codingstandards/cpp/Loops.qll | 85 +++++++++++++++++++- 2 files changed, 89 insertions(+), 1 deletion(-) diff --git a/c/misra/test/rules/RULE-14-2/test.c b/c/misra/test/rules/RULE-14-2/test.c index c1ce23dd11..fbeb4be21f 100644 --- a/c/misra/test/rules/RULE-14-2/test.c +++ b/c/misra/test/rules/RULE-14-2/test.c @@ -66,3 +66,8 @@ void f13() { g1--; } } + +void f14() { + for (int i = 0; i < 10; i += 3) { // COMPLIANT + } +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/Loops.qll b/cpp/common/src/codingstandards/cpp/Loops.qll index b83a79851e..f2b5f1e539 100644 --- a/cpp/common/src/codingstandards/cpp/Loops.qll +++ b/cpp/common/src/codingstandards/cpp/Loops.qll @@ -5,6 +5,88 @@ import cpp import Operator +// ******* COPIED FROM semmle.code.cpp.Iteration ******* // +/** + * Holds if `child` is in the condition `forCondition` of a 'for' + * statement. + * + * For example, if a program includes + * ``` + * for (i = 0; i < 10; i++) { j++; } + * ``` + * then this predicate will hold with `forCondition` as `i < 10`, + * and `child` as any of `i`, `10` and `i < 10`. + */ +pragma[noopt] +private predicate inForCondition(Expr forCondition, Expr child) { + exists(ForStmt for | + forCondition = for.getCondition() and + child = forCondition and + for instanceof ForStmt + ) + or + exists(Expr mid | + inForCondition(forCondition, mid) and + child.getParent() = mid + ) +} + +// ******* COPIED FROM semmle.code.cpp.Iteration ******* // +/** + * Holds if `child` is in the update `forUpdate` of a 'for' statement. + * + * For example, if a program includes + * ``` + * for (i = 0; i < 10; i += 1) { j++; } + * ``` + * then this predicate will hold with `forUpdate` as `i += 1`, + * and `child` as any of `i`, `1` and `i += 1`. + */ +pragma[noopt] +private predicate inForUpdate(Expr forUpdate, Expr child) { + exists(ForStmt for | forUpdate = for.getUpdate() and child = forUpdate) + or + exists(Expr mid | inForUpdate(forUpdate, mid) and child.getParent() = mid) +} + +/** + * Gets a LoopCounter for the given `ForStmt`. + * + * Equivalent to ForStmt.getAnIterationVariable(), but handles += and -= as well. + */ +pragma[noopt] +Variable getALoopCounter(ForStmt fs) { + // check that it is assigned to, incremented or decremented in the update + exists(Expr updateOpRoot, Expr updateOp | + updateOpRoot = fs.getUpdate() and + inForUpdate(updateOpRoot, updateOp) + | + exists(CrementOperation op, VariableAccess va | + op = updateOp and + op instanceof CrementOperation and + op.getOperand() = va and + va = result.getAnAccess() + ) + or + exists(AssignArithmeticOperation op, VariableAccess va | + op = updateOp and + op instanceof AssignArithmeticOperation and + op.getOperator() = ["+=", "-="] and + op.getLValue() = va and + va = result.getAnAccess() + ) + or + updateOp = result.getAnAssignedValue() + ) and + result instanceof Variable and + // checked or used in the condition + exists(Expr e, VariableAccess va | + va = result.getAnAccess() and + inForCondition(e, va) and + e = fs.getCondition() + ) +} + /** * Gets an iteration variable as identified by the initialization statement for the loop. */ @@ -148,7 +230,8 @@ predicate isLoopControlVarModifiedInLoopExpr( ForStmt forLoop, LoopControlVariable loopControlVariable, VariableAccess loopControlVariableAccess ) { loopControlVariableAccess = loopControlVariable.getVariableAccessInLoop(forLoop) and - not loopControlVariable = getAnIterationVariable(forLoop) and + // Not a standard loop counter for this loop + not loopControlVariable = getALoopCounter(forLoop) and loopControlVariableAccess = forLoop.getUpdate().getAChild() and ( loopControlVariableAccess.isModified() or From 7dab9571b830feb02a3199cc830139ec8dc2e82a Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 22 Mar 2023 23:41:49 +0000 Subject: [PATCH 0821/2573] Rule 14.3: Correct bracketing Exclusions would otherwise not be correctly applied. --- .../RULE-14-3/ControllingExprInvariant.ql | 38 +++++++++---------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql b/c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql index d372d587a4..04bc02935c 100644 --- a/c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql +++ b/c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql @@ -33,24 +33,24 @@ where ) ) and message = "Controlling expression in if statement has invariant value." + or + exists(Loop loop | + loop.getControllingExpr() = expr and + ( + conditionAlwaysFalse(expr) + or + conditionAlwaysTrue(expr) + ) + ) and + message = "Controlling expression in loop statement has invariant value." + or + exists(SwitchStmt switch | + switch.getControllingExpr() = expr and + ( + conditionAlwaysFalse(expr) or + conditionAlwaysTrue(expr) + ) + ) and + message = "Controlling expression in switch statement has invariant value." ) - or - exists(Loop loop | - loop.getControllingExpr() = expr and - ( - conditionAlwaysFalse(expr) - or - conditionAlwaysTrue(expr) - ) - ) and - message = "Controlling expression in loop statement has invariant value." - or - exists(SwitchStmt switch | - switch.getControllingExpr() = expr and - ( - conditionAlwaysFalse(expr) or - conditionAlwaysTrue(expr) - ) - ) and - message = "Controlling expression in switch statement has invariant value." select expr, message From 944f7271e1198d68e3d162b0994349016630c826 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 22 Mar 2023 23:42:53 +0000 Subject: [PATCH 0822/2573] Rule 14.3: Exclude results in macro expansions Expansions of macros may have expressions which are seemingly invariant, but are different per invocation. We therefore exclude all such results. --- c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql b/c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql index 04bc02935c..816dfd8037 100644 --- a/c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql +++ b/c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql @@ -52,5 +52,7 @@ where ) ) and message = "Controlling expression in switch statement has invariant value." - ) + ) and + // Exclude macros, which may generate seemingly invariant expressions + not expr.isAffectedByMacro() select expr, message From 654700ff7ebda3385dcf7c5e06f9d52d739e220c Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 22 Mar 2023 23:49:31 +0000 Subject: [PATCH 0823/2573] Rule 14.3: Permit infinite loops using literals --- c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql | 7 +++++-- .../rules/RULE-14-3/ControllingExprInvariant.expected | 9 +++++---- c/misra/test/rules/RULE-14-3/test.c | 9 +++++++++ 3 files changed, 19 insertions(+), 6 deletions(-) diff --git a/c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql b/c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql index 816dfd8037..367bf54905 100644 --- a/c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql +++ b/c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql @@ -39,7 +39,9 @@ where ( conditionAlwaysFalse(expr) or - conditionAlwaysTrue(expr) + conditionAlwaysTrue(expr) and + // Exception allows for infinite loops, but we only permit that for literals like `true` + not expr instanceof Literal ) ) and message = "Controlling expression in loop statement has invariant value." @@ -53,6 +55,7 @@ where ) and message = "Controlling expression in switch statement has invariant value." ) and - // Exclude macros, which may generate seemingly invariant expressions + // Exclude cases where the controlling expressions is affected by a macro, because they can appear + // invariant in a particular invocation, but be variant between invocations. not expr.isAffectedByMacro() select expr, message diff --git a/c/misra/test/rules/RULE-14-3/ControllingExprInvariant.expected b/c/misra/test/rules/RULE-14-3/ControllingExprInvariant.expected index 7543929f91..8cde7027fc 100644 --- a/c/misra/test/rules/RULE-14-3/ControllingExprInvariant.expected +++ b/c/misra/test/rules/RULE-14-3/ControllingExprInvariant.expected @@ -1,4 +1,5 @@ -| test.c:2:7:2:11 | ... > ... | Controlling expression in if statement has invariant value. | -| test.c:13:10:13:16 | ... > ... | Controlling expression in loop statement has invariant value. | -| test.c:14:9:14:13 | ... > ... | Controlling expression in if statement has invariant value. | -| test.c:18:20:18:24 | ... < ... | Controlling expression in loop statement has invariant value. | +| test.c:4:7:4:11 | ... > ... | Controlling expression in if statement has invariant value. | +| test.c:15:10:15:16 | ... > ... | Controlling expression in loop statement has invariant value. | +| test.c:16:9:16:13 | ... > ... | Controlling expression in if statement has invariant value. | +| test.c:20:20:20:24 | ... < ... | Controlling expression in loop statement has invariant value. | +| test.c:27:10:27:14 | ... < ... | Controlling expression in loop statement has invariant value. | diff --git a/c/misra/test/rules/RULE-14-3/test.c b/c/misra/test/rules/RULE-14-3/test.c index 56383beb4e..fa93c1ef4d 100644 --- a/c/misra/test/rules/RULE-14-3/test.c +++ b/c/misra/test/rules/RULE-14-3/test.c @@ -1,3 +1,5 @@ +#include + void f1(int p1) { if (2 > 3) { // NON_COMPLIANT } @@ -18,3 +20,10 @@ void f2() { for (int i = 10; i < 5; i++) { // NON_COMPLIANT } } + +void f3() { + while (true) { // Permitted by exception + } + while (1 < 2) { // NON_COMPLIANT - likely an indication of a bug + } +} \ No newline at end of file From beaf279709ead31563cb3f28b3fbd7be6778aafe Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 22 Mar 2023 23:50:17 +0000 Subject: [PATCH 0824/2573] Rule 14.3: Remove redundant imports --- c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql | 2 -- 1 file changed, 2 deletions(-) diff --git a/c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql b/c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql index 367bf54905..dbea8b1541 100644 --- a/c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql +++ b/c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql @@ -15,8 +15,6 @@ import cpp import codingstandards.c.misra -import cpp -import codingstandards.c.misra from ControlFlowNode expr, string message where From 235eeded8f27940999c0828c7c8958536aa864ab Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 22 Mar 2023 23:55:28 +0000 Subject: [PATCH 0825/2573] Rule 14.3: Handle do..while exception --- c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql | 9 +++++++-- c/misra/test/rules/RULE-14-3/test.c | 7 ++++++- 2 files changed, 13 insertions(+), 3 deletions(-) diff --git a/c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql b/c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql index dbea8b1541..54d7b805e7 100644 --- a/c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql +++ b/c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql @@ -15,8 +15,9 @@ import cpp import codingstandards.c.misra +import codingstandards.c.misra.EssentialTypes -from ControlFlowNode expr, string message +from Expr expr, string message where not isExcluded(expr, Statements5Package::controllingExprInvariantQuery()) and ( @@ -35,7 +36,11 @@ where exists(Loop loop | loop.getControllingExpr() = expr and ( - conditionAlwaysFalse(expr) + conditionAlwaysFalse(expr) and + not ( + getEssentialTypeCategory(getEssentialType(expr)) instanceof EssentiallyBooleanType and + expr.getValue() = "0" + ) or conditionAlwaysTrue(expr) and // Exception allows for infinite loops, but we only permit that for literals like `true` diff --git a/c/misra/test/rules/RULE-14-3/test.c b/c/misra/test/rules/RULE-14-3/test.c index fa93c1ef4d..b9e4ab1303 100644 --- a/c/misra/test/rules/RULE-14-3/test.c +++ b/c/misra/test/rules/RULE-14-3/test.c @@ -22,8 +22,13 @@ void f2() { } void f3() { - while (true) { // Permitted by exception + while (true) { // COMPLIANT - permitted by exception 1 } while (1 < 2) { // NON_COMPLIANT - likely an indication of a bug } +} + +void f4() { + do { + } while (0u == 1u); // COMPLIANT - by exception 2 } \ No newline at end of file From 743b70772c6185747b6290de17b9493f360a88c0 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 23 Mar 2023 00:11:25 +0000 Subject: [PATCH 0826/2573] Rule 14.3: Support conditonal expressions --- .../rules/RULE-14-3/ControllingExprInvariant.ql | 17 ++++++++++++++++- .../RULE-14-3/ControllingExprInvariant.expected | 2 ++ c/misra/test/rules/RULE-14-3/test.c | 6 ++++++ 3 files changed, 24 insertions(+), 1 deletion(-) diff --git a/c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql b/c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql index 54d7b805e7..2c762b09ad 100644 --- a/c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql +++ b/c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql @@ -57,8 +57,23 @@ where ) ) and message = "Controlling expression in switch statement has invariant value." + or + exists(ConditionalExpr conditional | + conditional.getCondition() = expr and + ( + conditionAlwaysFalse(expr) or + conditionAlwaysTrue(expr) + ) + ) and + message = "Controlling expression in conditional statement has invariant value." ) and // Exclude cases where the controlling expressions is affected by a macro, because they can appear // invariant in a particular invocation, but be variant between invocations. - not expr.isAffectedByMacro() + not ( + expr.isAffectedByMacro() and + // Permit boolean literal macros + not expr instanceof BooleanLiteral + ) and + // Exclude template variables, because they can be instantiated with different values. + not expr = any(TemplateVariable tv).getAnInstantiation().getAnAccess() select expr, message diff --git a/c/misra/test/rules/RULE-14-3/ControllingExprInvariant.expected b/c/misra/test/rules/RULE-14-3/ControllingExprInvariant.expected index 8cde7027fc..537fc7d4e5 100644 --- a/c/misra/test/rules/RULE-14-3/ControllingExprInvariant.expected +++ b/c/misra/test/rules/RULE-14-3/ControllingExprInvariant.expected @@ -3,3 +3,5 @@ | test.c:16:9:16:13 | ... > ... | Controlling expression in if statement has invariant value. | | test.c:20:20:20:24 | ... < ... | Controlling expression in loop statement has invariant value. | | test.c:27:10:27:14 | ... < ... | Controlling expression in loop statement has invariant value. | +| test.c:37:3:37:6 | 1 | Controlling expression in conditional statement has invariant value. | +| test.c:38:3:38:3 | 1 | Controlling expression in conditional statement has invariant value. | diff --git a/c/misra/test/rules/RULE-14-3/test.c b/c/misra/test/rules/RULE-14-3/test.c index b9e4ab1303..38db3e1286 100644 --- a/c/misra/test/rules/RULE-14-3/test.c +++ b/c/misra/test/rules/RULE-14-3/test.c @@ -31,4 +31,10 @@ void f3() { void f4() { do { } while (0u == 1u); // COMPLIANT - by exception 2 +} + +void f5(bool b1) { + true ? 1 : 2; // NON_COMPLIANT + 1 ? 1 : 2; // NON_COMPLIANT + b1 ? 1 : 2; // COMPLIANT } \ No newline at end of file From e462d66a6b83a9e39bedd77270c2b756814c8a2e Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 23 Mar 2023 00:27:01 +0000 Subject: [PATCH 0827/2573] Rule 15.3: Fix message, remove dead code --- .../src/rules/RULE-15-3/GotoLabelBlockCondition.ql | 12 ++---------- .../rules/RULE-15-3/GotoLabelBlockCondition.expected | 6 +++--- 2 files changed, 5 insertions(+), 13 deletions(-) diff --git a/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql b/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql index 82de7f9a39..aeb356b501 100644 --- a/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql +++ b/c/misra/src/rules/RULE-15-3/GotoLabelBlockCondition.ql @@ -19,14 +19,6 @@ predicate isPartOfSwitch(Stmt goto) { exists(SwitchStmt switch | switch.getStmt() = goto.getParent()) } -Stmt getNextStmt(ControlFlowNode node) { - node.getASuccessor() = result - or - exists(ControlFlowNode other | - node.getASuccessor() = other and other != result and result = getNextStmt(other) - ) -} - SwitchCase getSwitchCase(Stmt stmt) { exists(int index, SwitchStmt switch | getStmtInSwitch(switch, stmt, index) and getStmtInSwitch(switch, result, index - 1) @@ -66,5 +58,5 @@ where isPartOfSwitch(goto) and not getSwitchCase(goto) = getSwitchCase(target) ) ) -select goto, "The $@ statement and its $@ are not declared or enclosed in the same block. test", - goto, "goto", target, "label" +select goto, "The $@ statement and its $@ are not declared or enclosed in the same block.", goto, + "goto", target, "label" diff --git a/c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.expected b/c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.expected index 7ddb3fe509..9a81d6f434 100644 --- a/c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.expected +++ b/c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.expected @@ -1,3 +1,3 @@ -| test.c:2:3:2:10 | goto ... | The $@ statement and its $@ are not declared or enclosed in the same block. test | test.c:2:3:2:10 | goto ... | goto | test.c:4:3:4:5 | label ...: | label | -| test.c:37:3:37:10 | goto ... | The $@ statement and its $@ are not declared or enclosed in the same block. test | test.c:37:3:37:10 | goto ... | goto | test.c:41:3:41:5 | label ...: | label | -| test.c:52:5:52:12 | goto ... | The $@ statement and its $@ are not declared or enclosed in the same block. test | test.c:52:5:52:12 | goto ... | goto | test.c:55:3:55:5 | label ...: | label | +| test.c:2:3:2:10 | goto ... | The $@ statement and its $@ are not declared or enclosed in the same block. | test.c:2:3:2:10 | goto ... | goto | test.c:4:3:4:5 | label ...: | label | +| test.c:37:3:37:10 | goto ... | The $@ statement and its $@ are not declared or enclosed in the same block. | test.c:37:3:37:10 | goto ... | goto | test.c:41:3:41:5 | label ...: | label | +| test.c:52:5:52:12 | goto ... | The $@ statement and its $@ are not declared or enclosed in the same block. | test.c:52:5:52:12 | goto ... | goto | test.c:55:3:55:5 | label ...: | label | From 102c676f3f7549226ed9bbf82abe4fa5fbaa6614 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Thu, 23 Mar 2023 02:47:07 +0100 Subject: [PATCH 0828/2573] Implement Memory2 queries --- .vscode/tasks.json | 1 + ...atePointersThatDoNotReferToTheSameArray.md | 106 ++++++++ ...atePointersThatDoNotReferToTheSameArray.ql | 22 ++ ...actPointersThatDoNotReferToTheSameArray.md | 106 ++++++++ ...actPointersThatDoNotReferToTheSameArray.ql | 22 ++ .../rules/EXP42-C/DoNotComparePaddingData.md | 135 ++++++++++ .../rules/EXP42-C/DoNotComparePaddingData.ql | 21 ++ .../CloseFilesWhenTheyAreNoLongerNeeded.md | 2 +- .../CloseFilesWhenTheyAreNoLongerNeeded.ql | 159 +---------- .../FreeMemoryWhenNoLongerNeededCert.md | 122 +++++++++ .../FreeMemoryWhenNoLongerNeededCert.ql | 23 ++ ...uctsWithAFlexibleArrayMemberDynamically.md | 249 ++++++++++++++++++ ...uctsWithAFlexibleArrayMemberDynamically.ql | 80 ++++++ ...uctsWithAFlexibleArrayMemberDynamically.md | 249 ++++++++++++++++++ ...uctsWithAFlexibleArrayMemberDynamically.ql | 114 ++++++++ .../OnlyFreeMemoryAllocatedDynamicallyCert.md | 168 ++++++++++++ .../OnlyFreeMemoryAllocatedDynamicallyCert.ql | 23 ++ ...DoNotModifyAlignmentOfMemoryWithRealloc.md | 173 ++++++++++++ ...DoNotModifyAlignmentOfMemoryWithRealloc.ql | 58 ++++ ...intersThatDoNotReferToTheSameArray.testref | 1 + ...intersThatDoNotReferToTheSameArray.testref | 1 + .../EXP42-C/DoNotComparePaddingData.testref | 1 + .../CloseFilesWhenTheyAreNoLongerNeeded.qlref | 1 - ...loseFilesWhenTheyAreNoLongerNeeded.testref | 1 + .../FreeMemoryWhenNoLongerNeededCert.testref | 1 + ...thAFlexibleArrayMemberDynamically.expected | 7 + ...sWithAFlexibleArrayMemberDynamically.qlref | 1 + ...thAFlexibleArrayMemberDynamically.expected | 2 + ...sWithAFlexibleArrayMemberDynamically.qlref | 1 + c/cert/test/rules/MEM33-C/test.c | 54 ++++ ...FreeMemoryAllocatedDynamicallyCert.testref | 1 + ...odifyAlignmentOfMemoryWithRealloc.expected | 18 ++ ...otModifyAlignmentOfMemoryWithRealloc.qlref | 1 + c/cert/test/rules/MEM36-C/test.c | 24 ++ c/common/src/codingstandards/c/Variable.qll | 28 +- ...leHandleWhenNoLongerNeededShared.expected} | 0 ...CloseFileHandleWhenNoLongerNeededShared.ql | 2 + .../test.c | 0 ...reeMemoryWhenNoLongerNeededShared.expected | 4 + .../FreeMemoryWhenNoLongerNeededShared.ql | 2 + .../freememorywhennolongerneededshared/test.c | 82 ++++++ .../MemcmpUsedToComparePaddingData.expected | 1 + .../MemcmpUsedToComparePaddingData.ql | 2 + .../memcmpusedtocomparepaddingdata/test.c | 20 ++ ...eMemoryAllocatedDynamicallyShared.expected | 6 + ...nlyFreeMemoryAllocatedDynamicallyShared.ql | 2 + .../test.c | 47 ++++ .../CloseFileHandleWhenNoLongerNeededMisra.ql | 23 ++ .../FreeMemoryWhenNoLongerNeededMisra.ql | 23 ++ ...OnlyFreeMemoryAllocatedDynamicallyMisra.ql | 23 ++ ...eFileHandleWhenNoLongerNeededMisra.testref | 1 + .../FreeMemoryWhenNoLongerNeededMisra.testref | 1 + ...reeMemoryAllocatedDynamicallyMisra.testref | 1 + .../2023-03-14-fio42-c-fix-logic-error.md | 3 + .../MemcmpUsedToAccessObjectRepresentation.md | 150 +---------- .../MemcmpUsedToAccessObjectRepresentation.ql | 20 +- ...ngDefaultOperatorNewForOverAlignedTypes.ql | 1 + ...pUsedToAccessObjectRepresentation.expected | 1 - ...mcmpUsedToAccessObjectRepresentation.qlref | 1 - ...mpUsedToAccessObjectRepresentation.testref | 1 + ...yUsedToAccessObjectRepresentation.expected | 2 +- ...tUsedToAccessObjectRepresentation.expected | 2 +- cpp/cert/test/rules/EXP62-CPP/test.cpp | 20 -- .../src/codingstandards/cpp/Allocations.qll | 18 ++ .../cpp/exclusions/c/Memory2.qll | 197 ++++++++++++++ .../cpp/exclusions/c/RuleMetadata.qll | 3 + ...loseFileHandleWhenNoLongerNeededShared.qll | 168 ++++++++++++ .../FreeMemoryWhenNoLongerNeededShared.qll | 198 ++++++++++++++ .../MemcmpUsedToComparePaddingData.qll | 27 ++ ...lyFreeMemoryAllocatedDynamicallyShared.qll | 127 +++++++++ .../MemcmpUsedToComparePaddingData.expected | 1 + .../MemcmpUsedToComparePaddingData.ql | 2 + .../memcmpusedtocomparepaddingdata/test.cpp | 30 +++ rule_packages/c/IO1.json | 1 + rule_packages/c/Memory2.json | 214 +++++++++++++++ rule_packages/cpp/Representation.json | 1 + rules.csv | 2 +- 77 files changed, 3055 insertions(+), 351 deletions(-) create mode 100644 c/cert/src/rules/ARR36-C/DoNotRelatePointersThatDoNotReferToTheSameArray.md create mode 100644 c/cert/src/rules/ARR36-C/DoNotRelatePointersThatDoNotReferToTheSameArray.ql create mode 100644 c/cert/src/rules/ARR36-C/DoNotSubtractPointersThatDoNotReferToTheSameArray.md create mode 100644 c/cert/src/rules/ARR36-C/DoNotSubtractPointersThatDoNotReferToTheSameArray.ql create mode 100644 c/cert/src/rules/EXP42-C/DoNotComparePaddingData.md create mode 100644 c/cert/src/rules/EXP42-C/DoNotComparePaddingData.ql create mode 100644 c/cert/src/rules/MEM31-C/FreeMemoryWhenNoLongerNeededCert.md create mode 100644 c/cert/src/rules/MEM31-C/FreeMemoryWhenNoLongerNeededCert.ql create mode 100644 c/cert/src/rules/MEM33-C/AllocStructsWithAFlexibleArrayMemberDynamically.md create mode 100644 c/cert/src/rules/MEM33-C/AllocStructsWithAFlexibleArrayMemberDynamically.ql create mode 100644 c/cert/src/rules/MEM33-C/CopyStructsWithAFlexibleArrayMemberDynamically.md create mode 100644 c/cert/src/rules/MEM33-C/CopyStructsWithAFlexibleArrayMemberDynamically.ql create mode 100644 c/cert/src/rules/MEM34-C/OnlyFreeMemoryAllocatedDynamicallyCert.md create mode 100644 c/cert/src/rules/MEM34-C/OnlyFreeMemoryAllocatedDynamicallyCert.ql create mode 100644 c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.md create mode 100644 c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql create mode 100644 c/cert/test/rules/ARR36-C/DoNotRelatePointersThatDoNotReferToTheSameArray.testref create mode 100644 c/cert/test/rules/ARR36-C/DoNotSubtractPointersThatDoNotReferToTheSameArray.testref create mode 100644 c/cert/test/rules/EXP42-C/DoNotComparePaddingData.testref delete mode 100644 c/cert/test/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.qlref create mode 100644 c/cert/test/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.testref create mode 100644 c/cert/test/rules/MEM31-C/FreeMemoryWhenNoLongerNeededCert.testref create mode 100644 c/cert/test/rules/MEM33-C/AllocStructsWithAFlexibleArrayMemberDynamically.expected create mode 100644 c/cert/test/rules/MEM33-C/AllocStructsWithAFlexibleArrayMemberDynamically.qlref create mode 100644 c/cert/test/rules/MEM33-C/CopyStructsWithAFlexibleArrayMemberDynamically.expected create mode 100644 c/cert/test/rules/MEM33-C/CopyStructsWithAFlexibleArrayMemberDynamically.qlref create mode 100644 c/cert/test/rules/MEM33-C/test.c create mode 100644 c/cert/test/rules/MEM34-C/OnlyFreeMemoryAllocatedDynamicallyCert.testref create mode 100644 c/cert/test/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.expected create mode 100644 c/cert/test/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.qlref create mode 100644 c/cert/test/rules/MEM36-C/test.c rename c/{cert/test/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.expected => common/test/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.expected} (100%) create mode 100644 c/common/test/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.ql rename c/{cert/test/rules/FIO42-C => common/test/rules/closefilehandlewhennolongerneededshared}/test.c (100%) create mode 100644 c/common/test/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.expected create mode 100644 c/common/test/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.ql create mode 100644 c/common/test/rules/freememorywhennolongerneededshared/test.c create mode 100644 c/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.expected create mode 100644 c/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql create mode 100644 c/common/test/rules/memcmpusedtocomparepaddingdata/test.c create mode 100644 c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.expected create mode 100644 c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.ql create mode 100644 c/common/test/rules/onlyfreememoryallocateddynamicallyshared/test.c create mode 100644 c/misra/src/rules/RULE-22-1/CloseFileHandleWhenNoLongerNeededMisra.ql create mode 100644 c/misra/src/rules/RULE-22-1/FreeMemoryWhenNoLongerNeededMisra.ql create mode 100644 c/misra/src/rules/RULE-22-2/OnlyFreeMemoryAllocatedDynamicallyMisra.ql create mode 100644 c/misra/test/rules/RULE-22-1/CloseFileHandleWhenNoLongerNeededMisra.testref create mode 100644 c/misra/test/rules/RULE-22-1/FreeMemoryWhenNoLongerNeededMisra.testref create mode 100644 c/misra/test/rules/RULE-22-2/OnlyFreeMemoryAllocatedDynamicallyMisra.testref create mode 100644 change_notes/2023-03-14-fio42-c-fix-logic-error.md delete mode 100644 cpp/cert/test/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation.expected delete mode 100644 cpp/cert/test/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation.qlref create mode 100644 cpp/cert/test/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation.testref create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/Memory2.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.qll create mode 100644 cpp/common/src/codingstandards/cpp/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.qll create mode 100644 cpp/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.expected create mode 100644 cpp/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql create mode 100644 cpp/common/test/rules/memcmpusedtocomparepaddingdata/test.cpp create mode 100644 rule_packages/c/Memory2.json diff --git a/.vscode/tasks.json b/.vscode/tasks.json index 2730f99e87..e745a350ed 100644 --- a/.vscode/tasks.json +++ b/.vscode/tasks.json @@ -251,6 +251,7 @@ "Pointers1", "Pointers2", "Pointers3", + "Representation", "Scope", "SideEffects1", "SideEffects2", diff --git a/c/cert/src/rules/ARR36-C/DoNotRelatePointersThatDoNotReferToTheSameArray.md b/c/cert/src/rules/ARR36-C/DoNotRelatePointersThatDoNotReferToTheSameArray.md new file mode 100644 index 0000000000..90d073c18f --- /dev/null +++ b/c/cert/src/rules/ARR36-C/DoNotRelatePointersThatDoNotReferToTheSameArray.md @@ -0,0 +1,106 @@ +# ARR36-C: Do not subtract two pointers that do not refer to the same array + +This query implements the CERT-C rule ARR36-C: + +> Do not subtract or compare two pointers that do not refer to the same array + + + +## Description + +When two pointers are subtracted, both must point to elements of the same array object or just one past the last element of the array object (C Standard, 6.5.6 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\]); the result is the difference of the subscripts of the two array elements. Otherwise, the operation is [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). (See [undefined behavior 48](https://wiki.sei.cmu.edu/confluence/display/c/CC.+Undefined+Behavior#CC.UndefinedBehavior-ub_48).) + +Similarly, comparing pointers using the relational operators `<`, `<=`, `>=`, and `>` gives the positions of the pointers relative to each other. Subtracting or comparing pointers that do not refer to the same array is undefined behavior. (See [undefined behavior 48](https://wiki.sei.cmu.edu/confluence/display/c/CC.+Undefined+Behavior#CC.UndefinedBehavior-ub_48) and [undefined behavior 53](https://wiki.sei.cmu.edu/confluence/display/c/CC.+Undefined+Behavior#CC.UndefinedBehavior-ub_53).) + +Comparing pointers using the equality operators `==` and `!=` has well-defined semantics regardless of whether or not either of the pointers is null, points into the same object, or points one past the last element of an array object or function. + +## Noncompliant Code Example + +In this noncompliant code example, pointer subtraction is used to determine how many free elements are left in the `nums` array: + +```cpp +#include + +enum { SIZE = 32 }; + +void func(void) { + int nums[SIZE]; + int end; + int *next_num_ptr = nums; + size_t free_elements; + + /* Increment next_num_ptr as array fills */ + + free_elements = &end - next_num_ptr; +} +``` +This program incorrectly assumes that the `nums` array is adjacent to the `end` variable in memory. A compiler is permitted to insert padding bits between these two variables or even reorder them in memory. + +## Compliant Solution + +In this compliant solution, the number of free elements is computed by subtracting `next_num_ptr` from the address of the pointer past the `nums` array. While this pointer may not be dereferenced, it may be used in pointer arithmetic. + +```cpp +#include +enum { SIZE = 32 }; + +void func(void) { + int nums[SIZE]; + int *next_num_ptr = nums; + size_t free_elements; + + /* Increment next_num_ptr as array fills */ + + free_elements = &(nums[SIZE]) - next_num_ptr; +} +``` + +## Exceptions + +**ARR36-C-EX1:**Comparing two pointers to distinct members of the same `struct` object is allowed. Pointers to structure members declared later in the structure compare greater-than pointers to members declared earlier in the structure. + +## Risk Assessment + +
    Rule Severity Likelihood Remediation Cost Priority Level
    ARR36-C Medium Probable Medium P8 L2
    + + +## Automated Detection + +
    Tool Version Checker Description
    Astrée 22.04 pointer-subtraction Partially checked
    Axivion Bauhaus Suite 7.2.0 CertC-ARR36 Can detect operations on pointers that are unrelated
    CodeSonar 7.2p0 LANG.STRUCT.CUP LANG.STRUCT.SUP Comparison of Unrelated Pointers Subtraction of Unrelated Pointers
    Coverity 2017.07 MISRA C 2004 17.2 MISRA C 2004 17.3 MISRA C 2012 18.2 MISRA C 2012 18.3 Implemented
    Helix QAC 2022.4 C0487, C0513 DF2668, DF2669, DF2761, DF2762, DF2763, DF2766, DF2767, DF2768, DF2771, DF2772, DF2773
    Klocwork 2022.4 MISRA.PTR.ARITH
    LDRA tool suite 9.7.1 437 S, 438 S Fully implemented
    Parasoft C/C++test 2022.2 CERT_C-ARR36-aCERT_C-ARR36-b Do not subtract two pointers that do not address elements of the same array Do not compare two unrelated pointers
    Polyspace Bug Finder R2023a CERT C: Rule ARR36-C Checks for subtraction or comparison between pointers to different arrays (rule partially covered)
    PRQA QA-C 9.7 0487, 0513, 2668, 2669, 2761, 2762, 2763, 2766, 2767, 2768, 2771, 2772, 2773 Fully implemented
    PVS-Studio 7.23 V736 , V782
    RuleChecker 22.04 pointer-subtraction Partially checked
    TrustInSoft Analyzer 1.38 differing_blocks Exhaustively verified (see the compliant and the non-compliant example ).
    + + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+ARR36-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
    Taxonomy Taxonomy item Relationship
    CERT C CTR54-CPP. Do not subtract iterators that do not refer to the same container Prior to 2018-01-12: CERT: Unspecified Relationship
    ISO/IEC TS 17961 Subtracting or comparing two pointers that do not refer to the same array \[ptrobj\] Prior to 2018-01-12: CERT: Unspecified Relationship
    CWE 2.11 CWE-469 , Use of Pointer Subtraction to Determine Size 2017-07-10: CERT: Exact
    CWE 3.11 CWE-469 , Use of Pointer Subtraction to Determine Size 2018-10-18:CERT: CWE subset of rule
    + + +## CERT-CWE Mapping Notes + +[Key here](https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=87152408#HowthisCodingStandardisOrganized-CERT-CWEMappingNotes) for mapping notes + +**CWE-469 and ARR36-C** + +CWE-469 = Subset(ARR36-C) + +ARR36-C = Union(CWE-469, list) where list = + +* Pointer comparisons using the relational operators `<`, `<=`, `>=`, and `>`, where the pointers do not refer to the same array + +## Bibliography + +
    \[ Banahan 2003 \] Section 5.3, "Pointers" Section 5.7, "Expressions Involving Pointers"
    \[ ISO/IEC 9899:2011 \] 6.5.6, "Additive Operators"
    + + +## Implementation notes + +None + +## References + +* CERT-C: [ARR36-C: Do not subtract or compare two pointers that do not refer to the same array](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/ARR36-C/DoNotRelatePointersThatDoNotReferToTheSameArray.ql b/c/cert/src/rules/ARR36-C/DoNotRelatePointersThatDoNotReferToTheSameArray.ql new file mode 100644 index 0000000000..5b346c02dd --- /dev/null +++ b/c/cert/src/rules/ARR36-C/DoNotRelatePointersThatDoNotReferToTheSameArray.ql @@ -0,0 +1,22 @@ +/** + * @id c/cert/do-not-relate-pointers-that-do-not-refer-to-the-same-array + * @name ARR36-C: Do not subtract two pointers that do not refer to the same array + * @description Comparison using the >, >=, <, and <= operators between pointers referring to + * differing arrays results in undefined behavior. + * @kind problem + * @precision high + * @problem.severity warning + * @tags external/cert/id/arr36-c + * correctness + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import codingstandards.cpp.rules.donotuserelationaloperatorswithdifferingarrays.DoNotUseRelationalOperatorsWithDifferingArrays + +class DoNotRelatePointersThatDoNotReferToTheSameArrayQuery extends DoNotUseRelationalOperatorsWithDifferingArraysSharedQuery { + DoNotRelatePointersThatDoNotReferToTheSameArrayQuery() { + this = Memory2Package::doNotRelatePointersThatDoNotReferToTheSameArrayQuery() + } +} diff --git a/c/cert/src/rules/ARR36-C/DoNotSubtractPointersThatDoNotReferToTheSameArray.md b/c/cert/src/rules/ARR36-C/DoNotSubtractPointersThatDoNotReferToTheSameArray.md new file mode 100644 index 0000000000..90d073c18f --- /dev/null +++ b/c/cert/src/rules/ARR36-C/DoNotSubtractPointersThatDoNotReferToTheSameArray.md @@ -0,0 +1,106 @@ +# ARR36-C: Do not subtract two pointers that do not refer to the same array + +This query implements the CERT-C rule ARR36-C: + +> Do not subtract or compare two pointers that do not refer to the same array + + + +## Description + +When two pointers are subtracted, both must point to elements of the same array object or just one past the last element of the array object (C Standard, 6.5.6 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\]); the result is the difference of the subscripts of the two array elements. Otherwise, the operation is [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). (See [undefined behavior 48](https://wiki.sei.cmu.edu/confluence/display/c/CC.+Undefined+Behavior#CC.UndefinedBehavior-ub_48).) + +Similarly, comparing pointers using the relational operators `<`, `<=`, `>=`, and `>` gives the positions of the pointers relative to each other. Subtracting or comparing pointers that do not refer to the same array is undefined behavior. (See [undefined behavior 48](https://wiki.sei.cmu.edu/confluence/display/c/CC.+Undefined+Behavior#CC.UndefinedBehavior-ub_48) and [undefined behavior 53](https://wiki.sei.cmu.edu/confluence/display/c/CC.+Undefined+Behavior#CC.UndefinedBehavior-ub_53).) + +Comparing pointers using the equality operators `==` and `!=` has well-defined semantics regardless of whether or not either of the pointers is null, points into the same object, or points one past the last element of an array object or function. + +## Noncompliant Code Example + +In this noncompliant code example, pointer subtraction is used to determine how many free elements are left in the `nums` array: + +```cpp +#include + +enum { SIZE = 32 }; + +void func(void) { + int nums[SIZE]; + int end; + int *next_num_ptr = nums; + size_t free_elements; + + /* Increment next_num_ptr as array fills */ + + free_elements = &end - next_num_ptr; +} +``` +This program incorrectly assumes that the `nums` array is adjacent to the `end` variable in memory. A compiler is permitted to insert padding bits between these two variables or even reorder them in memory. + +## Compliant Solution + +In this compliant solution, the number of free elements is computed by subtracting `next_num_ptr` from the address of the pointer past the `nums` array. While this pointer may not be dereferenced, it may be used in pointer arithmetic. + +```cpp +#include +enum { SIZE = 32 }; + +void func(void) { + int nums[SIZE]; + int *next_num_ptr = nums; + size_t free_elements; + + /* Increment next_num_ptr as array fills */ + + free_elements = &(nums[SIZE]) - next_num_ptr; +} +``` + +## Exceptions + +**ARR36-C-EX1:**Comparing two pointers to distinct members of the same `struct` object is allowed. Pointers to structure members declared later in the structure compare greater-than pointers to members declared earlier in the structure. + +## Risk Assessment + +
    Rule Severity Likelihood Remediation Cost Priority Level
    ARR36-C Medium Probable Medium P8 L2
    + + +## Automated Detection + +
    Tool Version Checker Description
    Astrée 22.04 pointer-subtraction Partially checked
    Axivion Bauhaus Suite 7.2.0 CertC-ARR36 Can detect operations on pointers that are unrelated
    CodeSonar 7.2p0 LANG.STRUCT.CUP LANG.STRUCT.SUP Comparison of Unrelated Pointers Subtraction of Unrelated Pointers
    Coverity 2017.07 MISRA C 2004 17.2 MISRA C 2004 17.3 MISRA C 2012 18.2 MISRA C 2012 18.3 Implemented
    Helix QAC 2022.4 C0487, C0513 DF2668, DF2669, DF2761, DF2762, DF2763, DF2766, DF2767, DF2768, DF2771, DF2772, DF2773
    Klocwork 2022.4 MISRA.PTR.ARITH
    LDRA tool suite 9.7.1 437 S, 438 S Fully implemented
    Parasoft C/C++test 2022.2 CERT_C-ARR36-aCERT_C-ARR36-b Do not subtract two pointers that do not address elements of the same array Do not compare two unrelated pointers
    Polyspace Bug Finder R2023a CERT C: Rule ARR36-C Checks for subtraction or comparison between pointers to different arrays (rule partially covered)
    PRQA QA-C 9.7 0487, 0513, 2668, 2669, 2761, 2762, 2763, 2766, 2767, 2768, 2771, 2772, 2773 Fully implemented
    PVS-Studio 7.23 V736 , V782
    RuleChecker 22.04 pointer-subtraction Partially checked
    TrustInSoft Analyzer 1.38 differing_blocks Exhaustively verified (see the compliant and the non-compliant example ).
    + + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+ARR36-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
    Taxonomy Taxonomy item Relationship
    CERT C CTR54-CPP. Do not subtract iterators that do not refer to the same container Prior to 2018-01-12: CERT: Unspecified Relationship
    ISO/IEC TS 17961 Subtracting or comparing two pointers that do not refer to the same array \[ptrobj\] Prior to 2018-01-12: CERT: Unspecified Relationship
    CWE 2.11 CWE-469 , Use of Pointer Subtraction to Determine Size 2017-07-10: CERT: Exact
    CWE 3.11 CWE-469 , Use of Pointer Subtraction to Determine Size 2018-10-18:CERT: CWE subset of rule
    + + +## CERT-CWE Mapping Notes + +[Key here](https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=87152408#HowthisCodingStandardisOrganized-CERT-CWEMappingNotes) for mapping notes + +**CWE-469 and ARR36-C** + +CWE-469 = Subset(ARR36-C) + +ARR36-C = Union(CWE-469, list) where list = + +* Pointer comparisons using the relational operators `<`, `<=`, `>=`, and `>`, where the pointers do not refer to the same array + +## Bibliography + +
    \[ Banahan 2003 \] Section 5.3, "Pointers" Section 5.7, "Expressions Involving Pointers"
    \[ ISO/IEC 9899:2011 \] 6.5.6, "Additive Operators"
    + + +## Implementation notes + +None + +## References + +* CERT-C: [ARR36-C: Do not subtract or compare two pointers that do not refer to the same array](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/ARR36-C/DoNotSubtractPointersThatDoNotReferToTheSameArray.ql b/c/cert/src/rules/ARR36-C/DoNotSubtractPointersThatDoNotReferToTheSameArray.ql new file mode 100644 index 0000000000..15e1148b53 --- /dev/null +++ b/c/cert/src/rules/ARR36-C/DoNotSubtractPointersThatDoNotReferToTheSameArray.ql @@ -0,0 +1,22 @@ +/** + * @id c/cert/do-not-subtract-pointers-that-do-not-refer-to-the-same-array + * @name ARR36-C: Do not subtract two pointers that do not refer to the same array + * @description Subtraction between pointers referring to differing arrays results in undefined + * behavior. + * @kind problem + * @precision high + * @problem.severity warning + * @tags external/cert/id/arr36-c + * correctness + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import codingstandards.cpp.rules.donotsubtractpointersaddressingdifferentarrays.DoNotSubtractPointersAddressingDifferentArrays + +class DoNotSubtractPointersThatDoNotReferToTheSameArrayQuery extends DoNotSubtractPointersAddressingDifferentArraysSharedQuery { + DoNotSubtractPointersThatDoNotReferToTheSameArrayQuery() { + this = Memory2Package::doNotSubtractPointersThatDoNotReferToTheSameArrayQuery() + } +} diff --git a/c/cert/src/rules/EXP42-C/DoNotComparePaddingData.md b/c/cert/src/rules/EXP42-C/DoNotComparePaddingData.md new file mode 100644 index 0000000000..0bfa1e25fc --- /dev/null +++ b/c/cert/src/rules/EXP42-C/DoNotComparePaddingData.md @@ -0,0 +1,135 @@ +# EXP42-C: Do not compare padding data + +This query implements the CERT-C rule EXP42-C: + +> Do not compare padding data + + + +## Description + +The C Standard, 6.7.2.1 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\], states + +> There may be unnamed padding within a structure object, but not at its beginning. . . . There may be unnamed padding at the end of a structure or union. + + +Subclause 6.7.9, paragraph 9, states that + +> unnamed members of objects of structure and union type do not participate in initialization. Unnamed members of structure objects have indeterminate value even after initialization. + + +The only exception is that padding bits are set to zero when a static or thread-local object is implicitly initialized (paragraph10): + +> If an object that has automatic storage duration is not initialized explicitly, its value is indeterminate. If an object that has static or thread storage duration is not initialized explicitly, then: + + +— if it is an aggregate, every member is initialized (recursively) according to these rules, and any padding is initialized to zero bits; + +— if it is a union, the first named member is initialized (recursively) according to these rules, and any padding is initialized to zero bits; + +Because these padding values are unspecified, attempting a byte-by-byte comparison between structures can lead to incorrect results \[[Summit 1995](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-Summit95)\]. + +## Noncompliant Code Example + +In this noncompliant code example, `memcmp()` is used to compare the contents of two structures, including any padding bytes: + +```cpp +#include + +struct s { + char c; + int i; + char buffer[13]; +}; + +void compare(const struct s *left, const struct s *right) { + if ((left && right) && + (0 == memcmp(left, right, sizeof(struct s)))) { + /* ... */ + } +} +``` + +## Compliant Solution + +In this compliant solution, all of the fields are compared manually to avoid comparing any padding bytes: + +```cpp +#include + +struct s { + char c; + int i; + char buffer[13]; +}; + +void compare(const struct s *left, const struct s *right) { + if ((left && right) && + (left->c == right->c) && + (left->i == right->i) && + (0 == memcmp(left->buffer, right->buffer, 13))) { + /* ... */ + } +} +``` + +## Exceptions + +**EXP42-C-EX1**: A structure can be defined such that the members are aligned properly or the structure is packed using implementation-specific packing instructions. This is true only when the members' data types have no padding bits of their own and when their object representations are the same as their value representations. This frequently is not true for the `_Bool` type or floating-point types and need not be true for pointers. In such cases, the compiler does not insert padding, and use of functions such as `memcmp()` is acceptable. + +This compliant example uses the [\#pragma pack](http://msdn.microsoft.com/en-us/library/2e70t5y1.aspx) compiler extension from Microsoft Visual Studio to ensure the structure members are packed as tightly as possible: + +```cpp +#include + +#pragma pack(push, 1) +struct s { + char c; + int i; + char buffer[13]; +}; +#pragma pack(pop) + +void compare(const struct s *left, const struct s *right) { + if ((left && right) && + (0 == memcmp(left, right, sizeof(struct s)))) { + /* ... */ + } +} +``` + +## Risk Assessment + +Comparing padding bytes, when present, can lead to [unexpected program behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-unexpectedbehavior). + +
    Rule Severity Likelihood Remediation Cost Priority Level
    EXP42-C Medium Probable Medium P8 L2
    + + +## Automated Detection + +
    Tool Version Checker Description
    Astrée 22.04 memcpy-with-padding Partially checked
    Axivion Bauhaus Suite 7.2.0 CertC-EXP42
    CodeSonar 7.2p0 BADFUNC.MEMCMP Use of memcmp
    Helix QAC 2022.4 DF4726, DF4727, DF4728, DF4729
    Klocwork 2022.4 MISRA.STDLIB.MEMCMP.PTR_ARG_TYPES
    LDRA tool suite 9.7.1 618 S Partially implemented
    Cppcheck 1.66 cert.py Detected by the addon cert.py Does not warn about global/static padding data as this is probably initialized to 0
    Parasoft C/C++test 2022.2 CERT_C-EXP42-a Don't memcpy or memcmp non-PODs
    PC-lint Plus 1.4 958, 959 Assistance provided: reports structures which require padding between members or after the last member
    Polyspace Bug Finder R2023a CERT C: Rule EXP42-C Checks for memory comparison of padding data (rule fully covered)
    PRQA QA-C 9.7 1488
    RuleChecker 22.04 memcpy-with-padding Partially checked
    TrustInSoft Analyzer 1.38 comparable_char_blocks Exhaustively verified (see the compliant and the non-compliant example ).
    + + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+EXP42-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
    Taxonomy Taxonomy item Relationship
    ISO/IEC TS 17961 Comparison of padding data \[padcomp\] Prior to 2018-01-12: CERT: Unspecified Relationship
    CERT C EXP62-CPP. Do not access the bits of an object representation that are not part of the object's value representation Prior to 2018-01-12: CERT: Unspecified Relationship
    + + +## Bibliography + +
    \[ ISO/IEC 9899:2011 \] 6.7.2.1, "Structure and Union Specifiers" 6.7.9, "Initialization"
    \[ Summit 1995 \] Question 2.8 Question 2.12
    + + +## Implementation notes + +None + +## References + +* CERT-C: [EXP42-C: Do not compare padding data](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/EXP42-C/DoNotComparePaddingData.ql b/c/cert/src/rules/EXP42-C/DoNotComparePaddingData.ql new file mode 100644 index 0000000000..d2403553aa --- /dev/null +++ b/c/cert/src/rules/EXP42-C/DoNotComparePaddingData.ql @@ -0,0 +1,21 @@ +/** + * @id c/cert/do-not-compare-padding-data + * @name EXP42-C: Do not compare padding data + * @description Padding data values are unspecified and should not be included in comparisons. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/cert/id/exp42-c + * correctness + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import codingstandards.cpp.rules.memcmpusedtocomparepaddingdata.MemcmpUsedToComparePaddingData + +class DoNotComparePaddingDataQuery extends MemcmpUsedToComparePaddingDataSharedQuery { + DoNotComparePaddingDataQuery() { + this = Memory2Package::doNotComparePaddingDataQuery() + } +} diff --git a/c/cert/src/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.md b/c/cert/src/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.md index 91654e8ee2..f84163ae4a 100644 --- a/c/cert/src/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.md +++ b/c/cert/src/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.md @@ -180,7 +180,7 @@ Failing to properly close files may allow an attacker to exhaust system resource This rule is stricter than rule \[fileclose\] in [ISO/IEC TS 17961:2013](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IECTS17961). Analyzers that conform to the technical standard may not detect all violations of this rule. -
    Tool Version Checker Description
    Astrée 22.04 Supported, but no explicit checker
    CodeSonar 7.0p0 ALLOC.LEAK Leak
    Compass/ROSE
    Coverity 2017.07 RESOURCE_LEAK (partial) Partially implemented
    Helix QAC 2022.2 C2701, C2702, C2703 C++2701, C++2702, C++2703
    Klocwork 2022.2 RH.LEAK
    LDRA tool suite 9.7.1 49 D Partially implemented
    Parasoft C/C++test 2022.1 CERT_C-FIO42-a Ensure resources are freed
    PC-lint Plus 1.4 429 Partially supported
    Polyspace Bug Finder R2022a CERT C: Rule FIO42-C Checks for resource leak (rule partially covered)
    PRQA QA-C 9.7 2701, 2702, 2703
    PRQA QA-C++ 4.4 2701, 2702, 2703
    SonarQube C/C++ Plugin 3.11 S2095
    +
    Tool Version Checker Description
    Astrée 22.04 Supported, but no explicit checker
    CodeSonar 7.2p0 ALLOC.LEAK Leak
    Compass/ROSE
    Coverity 2017.07 RESOURCE_LEAK (partial) Partially implemented
    Helix QAC 2022.4 DF2701, DF2702, DF2703
    Klocwork 2022.4 RH.LEAK
    LDRA tool suite 9.7.1 49 D Partially implemented
    Parasoft C/C++test 2022.2 CERT_C-FIO42-a Ensure resources are freed
    PC-lint Plus 1.4 429 Partially supported
    Polyspace Bug Finder R2023a CERT C: Rule FIO42-C Checks for resource leak (rule partially covered)
    PRQA QA-C 9.7 2701, 2702, 2703
    PRQA QA-C++ 4.4 2701, 2702, 2703
    SonarQube C/C++ Plugin 3.11 S2095
    ## Related Vulnerabilities diff --git a/c/cert/src/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.ql b/c/cert/src/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.ql index 2c7959f38e..b7cfd40da5 100644 --- a/c/cert/src/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.ql +++ b/c/cert/src/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.ql @@ -14,161 +14,10 @@ import cpp import codingstandards.c.cert -import semmle.code.cpp.controlflow.StackVariableReachability -import codingstandards.cpp.standardlibrary.FileAccess +import codingstandards.cpp.rules.closefilehandlewhennolongerneededshared.CloseFileHandleWhenNoLongerNeededShared -/** - * Extend the NullValue class used by Nullness.qll to include simple -1 as a 'null' value - * (for example 'open' returns -1 if there was an error) - */ -class MinusOne extends NullValue { - MinusOne() { this.(UnaryMinusExpr).getOperand().(Literal).getValue() = "1" } -} - -/** - * 'call' is either a direct call to f, or a possible call to f - * via a function pointer. - */ -predicate mayCallFunction(Expr call, Function f) { - call.(FunctionCall).getTarget() = f or - call.(VariableCall).getVariable().getAnAssignedValue().getAChild*().(FunctionAccess).getTarget() = - f -} - -predicate fopenCallOrIndirect(Expr e) { - // direct fopen call - opened(e) and - // We are only interested in fopen calls that are - // actually closed somehow, as FileNeverClosed - // will catch those that aren't. - fopenCallMayBeClosed(e) - or - exists(ReturnStmt rtn | - // indirect fopen call - mayCallFunction(e, rtn.getEnclosingFunction()) and - ( - // return fopen - fopenCallOrIndirect(rtn.getExpr()) - or - // return variable assigned with fopen - exists(Variable v | - v = rtn.getExpr().(VariableAccess).getTarget() and - fopenCallOrIndirect(v.getAnAssignedValue()) and - not assignedToFieldOrGlobal(v, _) - ) - ) - ) -} - -predicate fcloseCallOrIndirect(FunctionCall fc, Variable v) { - // direct fclose call - fcloseCall(fc, v.getAnAccess()) - or - // indirect fclose call - exists(FunctionCall midcall, Function mid, int arg | - fc.getArgument(arg) = v.getAnAccess() and - mayCallFunction(fc, mid) and - midcall.getEnclosingFunction() = mid and - fcloseCallOrIndirect(midcall, mid.getParameter(arg)) - ) -} - -predicate fopenDefinition(StackVariable v, ControlFlowNode def) { - exists(Expr expr | exprDefinition(v, def, expr) and fopenCallOrIndirect(expr)) -} - -class FOpenVariableReachability extends StackVariableReachabilityWithReassignment { - FOpenVariableReachability() { this = "FOpenVariableReachability" } - - override predicate isSourceActual(ControlFlowNode node, StackVariable v) { - fopenDefinition(v, node) - } - - override predicate isSinkActual(ControlFlowNode node, StackVariable v) { - // node may be used in fopenReaches - exists(node.(AnalysedExpr).getNullSuccessor(v)) or - fcloseCallOrIndirect(node, v) or - assignedToFieldOrGlobal(v, node) or - // node may be used directly in query - v.getFunction() = node.(ReturnStmt).getEnclosingFunction() - } - - override predicate isBarrier(ControlFlowNode node, StackVariable v) { definitionBarrier(v, node) } -} - -/** - * The value from fopen at `def` is still held in Variable `v` upon entering `node`. - */ -predicate fopenVariableReaches(StackVariable v, ControlFlowNode def, ControlFlowNode node) { - exists(FOpenVariableReachability r | - // reachability - r.reachesTo(def, _, node, v) - or - // accept def node itself - r.isSource(def, v) and - node = def - ) -} - -class FOpenReachability extends StackVariableReachabilityExt { - FOpenReachability() { this = "FOpenReachability" } - - override predicate isSource(ControlFlowNode node, StackVariable v) { fopenDefinition(v, node) } - - override predicate isSink(ControlFlowNode node, StackVariable v) { - v.getFunction() = node.(ReturnStmt).getEnclosingFunction() - } - - override predicate isBarrier( - ControlFlowNode source, ControlFlowNode node, ControlFlowNode next, StackVariable v - ) { - isSource(source, v) and - next = node.getASuccessor() and - // the file (stored in any variable `v0`) opened at `source` is closed or - // assigned to a global at node, or NULL checked on the edge node -> next. - exists(StackVariable v0 | fopenVariableReaches(v0, source, node) | - node.(AnalysedExpr).getNullSuccessor(v0) = next or - fcloseCallOrIndirect(node, v0) or - assignedToFieldOrGlobal(v0, node) - ) +class CloseFilesWhenTheyAreNoLongerNeededQuery extends CloseFileHandleWhenNoLongerNeededSharedSharedQuery { + CloseFilesWhenTheyAreNoLongerNeededQuery() { + this = IO1Package::closeFilesWhenTheyAreNoLongerNeededQuery() } } - -/** - * The value returned by fopen `def` has not been closed, confirmed to be null, - * or potentially leaked globally upon reaching `node` (regardless of what variable - * it's still held in, if any). - */ -predicate fopenReaches(ControlFlowNode def, ControlFlowNode node) { - exists(FOpenReachability r | r.reaches(def, _, node)) -} - -predicate assignedToFieldOrGlobal(StackVariable v, Expr e) { - // assigned to anything except a StackVariable - // (typically a field or global, but for example also *ptr = v) - e.(Assignment).getRValue() = v.getAnAccess() and - not e.(Assignment).getLValue().(VariableAccess).getTarget() instanceof StackVariable - or - exists(Expr midExpr, Function mid, int arg | - // indirect assignment - e.(FunctionCall).getArgument(arg) = v.getAnAccess() and - mayCallFunction(e, mid) and - midExpr.getEnclosingFunction() = mid and - assignedToFieldOrGlobal(mid.getParameter(arg), midExpr) - ) - or - // assigned to a field via constructor field initializer - e.(ConstructorFieldInit).getExpr() = v.getAnAccess() -} - -from ControlFlowNode def, Stmt ret -where - not isExcluded(def, IO1Package::closeFilesWhenTheyAreNoLongerNeededQuery()) and - fopenReaches(def, ret) and - not exists(StackVariable v | - fopenVariableReaches(v, def, ret) and - ret.getAChild*() = v.getAnAccess() - ) - or - opened(def) and not fopenCallMayBeClosed(def) and ret = def.getControlFlowScope().getEntryPoint() -select def, "The file opened here may not be closed at $@.", ret, "this location" diff --git a/c/cert/src/rules/MEM31-C/FreeMemoryWhenNoLongerNeededCert.md b/c/cert/src/rules/MEM31-C/FreeMemoryWhenNoLongerNeededCert.md new file mode 100644 index 0000000000..09a6ce7219 --- /dev/null +++ b/c/cert/src/rules/MEM31-C/FreeMemoryWhenNoLongerNeededCert.md @@ -0,0 +1,122 @@ +# MEM31-C: Free dynamically allocated memory when no longer needed + +This query implements the CERT-C rule MEM31-C: + +> Free dynamically allocated memory when no longer needed + + + +## Description + +Before the lifetime of the last pointer that stores the return value of a call to a standard memory allocation function has ended, it must be matched by a call to `free()` with that pointer value. + +## Noncompliant Code Example + +In this noncompliant example, the object allocated by the call to `malloc()` is not freed before the end of the lifetime of the last pointer `text_buffer` referring to the object: + +```cpp +#include + +enum { BUFFER_SIZE = 32 }; + +int f(void) { + char *text_buffer = (char *)malloc(BUFFER_SIZE); + if (text_buffer == NULL) { + return -1; + } + return 0; +} +``` + +## Compliant Solution + +In this compliant solution, the pointer is deallocated with a call to `free()`: + +```cpp +#include + +enum { BUFFER_SIZE = 32 }; + +int f(void) { + char *text_buffer = (char *)malloc(BUFFER_SIZE); + if (text_buffer == NULL) { + return -1; + } + + free(text_buffer); + return 0; +} + +``` + +## Exceptions + +**MEM31-C-EX1**: Allocated memory does not need to be freed if it is assigned to a pointer whose lifetime includes program termination. The following code example illustrates a pointer that stores the return value from `malloc()` in a `static` variable: + +```cpp +#include + +enum { BUFFER_SIZE = 32 }; + +int f(void) { + static char *text_buffer = NULL; + if (text_buffer == NULL) { + text_buffer = (char *)malloc(BUFFER_SIZE); + if (text_buffer == NULL) { + return -1; + } + } + return 0; +} + +``` + +## Risk Assessment + +Failing to free memory can result in the exhaustion of system memory resources, which can lead to a [denial-of-service attack](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-denial-of-service). + +
    Rule Severity Likelihood Remediation Cost Priority Level
    MEM31-C Medium Probable Medium P8 L2
    + + +## Automated Detection + +
    Tool Version Checker Description
    Astrée 22.04 Supported, but no explicit checker
    Axivion Bauhaus Suite 7.2.0 CertC-MEM31 Can detect dynamically allocated resources that are not freed
    CodeSonar 7.2p0 ALLOC.LEAK Leak
    Compass/ROSE
    Coverity 2017.07 RESOURCE_LEAK ALLOC_FREE_MISMATCH Finds resource leaks from variables that go out of scope while owning a resource
    Cppcheck 1.66 leakReturnValNotUsed Doesn't use return value of memory allocation function
    Helix QAC 2022.4 DF2706, DF2707, DF2708 C++3337, C++3338
    Klocwork 2022.4 CL.FFM.ASSIGN CL.FFM.COPY CL.SHALLOW.ASSIGN CL.SHALLOW.COPY FMM.MIGHT FMM.MUST
    LDRA tool suite 9.7.1 50 D Partially implemented
    Parasoft C/C++test 2022.2 CERT_C-MEM31-a Ensure resources are freed
    Parasoft Insure++ Runtime analysis
    PC-lint Plus 1.4 429 Fully supported
    Polyspace Bug Finder R2023a CERT C: Rule MEM31-C Checks for memory leak (rule fully covered)
    PRQA QA-C 9.7 2706, 2707, 2708
    PRQA QA-C++ 4.4 2706, 2707, 2708, 3337, 3338
    PVS-Studio 7.23 V773
    SonarQube C/C++ Plugin 3.11 S3584
    Splint 3.1.1
    TrustInSoft Analyzer 1.38 malloc Exhaustively verified.
    + + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+MEM31-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
    Taxonomy Taxonomy item Relationship
    ISO/IEC TR 24772:2013 Memory Leak \[XYL\] Prior to 2018-01-12: CERT: Unspecified Relationship
    ISO/IEC TS 17961 Failing to close files or free dynamic memory when they are no longer needed \[fileclose\] Prior to 2018-01-12: CERT: Unspecified Relationship
    CWE 2.11 CWE-401 , Improper Release of Memory Before Removing Last Reference ("Memory Leak") 2017-07-05: CERT: Exact
    CWE 2.11 CWE-404 2017-07-06: CERT: Rule subset of CWE
    CWE 2.11 CWE-459 2017-07-06: CERT: Rule subset of CWE
    CWE 2.11 CWE-771 2017-07-06: CERT: Rule subset of CWE
    CWE 2.11 CWE-772 2017-07-06: CERT: Rule subset of CWE
    + + +## CERT-CWE Mapping Notes + +[Key here](https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=87152408#HowthisCodingStandardisOrganized-CERT-CWEMappingNotes) for mapping notes + +**CWE-404/CWE-459/CWE-771/CWE-772 and FIO42-C/MEM31-C** + +Intersection( FIO42-C, MEM31-C) = Ø + +CWE-404 = CWE-459 = CWE-771 = CWE-772 + +CWE-404 = Union( FIO42-C, MEM31-C list) where list = + +* Failure to free resources besides files or memory chunks, such as mutexes) + +## Bibliography + +
    \[ ISO/IEC 9899:2011 \] Subclause 7.22.3, "Memory Management Functions"
    + + +## Implementation notes + +The rule is enforced in the context of a single function. + +## References + +* CERT-C: [MEM31-C: Free dynamically allocated memory when no longer needed](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/MEM31-C/FreeMemoryWhenNoLongerNeededCert.ql b/c/cert/src/rules/MEM31-C/FreeMemoryWhenNoLongerNeededCert.ql new file mode 100644 index 0000000000..d4c81748a2 --- /dev/null +++ b/c/cert/src/rules/MEM31-C/FreeMemoryWhenNoLongerNeededCert.ql @@ -0,0 +1,23 @@ +/** + * @id c/cert/free-memory-when-no-longer-needed-cert + * @name MEM31-C: Free dynamically allocated memory when no longer needed + * @description Failing to free memory that is no longer needed can lead to a memory leak and + * resource exhaustion. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/cert/id/mem31-c + * correctness + * security + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import codingstandards.cpp.rules.freememorywhennolongerneededshared.FreeMemoryWhenNoLongerNeededShared + +class FreeMemoryWhenNoLongerNeededCertQuery extends FreeMemoryWhenNoLongerNeededSharedSharedQuery { + FreeMemoryWhenNoLongerNeededCertQuery() { + this = Memory2Package::freeMemoryWhenNoLongerNeededCertQuery() + } +} diff --git a/c/cert/src/rules/MEM33-C/AllocStructsWithAFlexibleArrayMemberDynamically.md b/c/cert/src/rules/MEM33-C/AllocStructsWithAFlexibleArrayMemberDynamically.md new file mode 100644 index 0000000000..6a726c1701 --- /dev/null +++ b/c/cert/src/rules/MEM33-C/AllocStructsWithAFlexibleArrayMemberDynamically.md @@ -0,0 +1,249 @@ +# MEM33-C: Allocate structures containing a flexible array member dynamically + +This query implements the CERT-C rule MEM33-C: + +> Allocate and copy structures containing a flexible array member dynamically + + +## Description + +The C Standard, 6.7.2.1, paragraph 18 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\], says + +> As a special case, the last element of a structure with more than one named member may have an incomplete array type; this is called a *flexible array member*. In most situations, the flexible array member is ignored. In particular, the size of the structure is as if the flexible array member were omitted except that it may have more trailing padding than the omission would imply. + + +The following is an example of a structure that contains a flexible array member: + +```cpp +struct flex_array_struct { + int num; + int data[]; +}; + +``` +This definition means that when computing the size of such a structure, only the first member, `num`, is considered. Unless the appropriate size of the flexible array member has been explicitly added when allocating storage for an object of the `struct`, the result of accessing the member `data` of a variable of nonpointer type `struct flex_array_struct` is [undefined](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). [DCL38-C. Use the correct syntax when declaring a flexible array member](https://wiki.sei.cmu.edu/confluence/display/c/DCL38-C.+Use+the+correct+syntax+when+declaring+a+flexible+array+member) describes the correct way to declare a `struct` with a flexible array member. + +To avoid the potential for undefined behavior, structures that contain a flexible array member should always be allocated dynamically. Flexible array structures must + +* Have dynamic storage duration (be allocated via `malloc()` or another dynamic allocation function) +* Be dynamically copied using `memcpy()` or a similar function and not by assignment +* When used as an argument to a function, be passed by pointer and not copied by value + +## Noncompliant Code Example (Storage Duration) + +This noncompliant code example uses automatic storage for a structure containing a flexible array member: + +```cpp +#include + +struct flex_array_struct { + size_t num; + int data[]; +}; + +void func(void) { + struct flex_array_struct flex_struct; + size_t array_size = 4; + + /* Initialize structure */ + flex_struct.num = array_size; + + for (size_t i = 0; i < array_size; ++i) { + flex_struct.data[i] = 0; + } +} +``` +Because the memory for `flex_struct` is reserved on the stack, no space is reserved for the `data` member. Accessing the `data` member is [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). + +## Compliant Solution (Storage Duration) + +This compliant solution dynamically allocates storage for `flex_array_struct`: + +```cpp +#include + +struct flex_array_struct { + size_t num; + int data[]; +}; + +void func(void) { + struct flex_array_struct *flex_struct; + size_t array_size = 4; + + /* Dynamically allocate memory for the struct */ + flex_struct = (struct flex_array_struct *)malloc( + sizeof(struct flex_array_struct) + + sizeof(int) * array_size); + if (flex_struct == NULL) { + /* Handle error */ + } + + /* Initialize structure */ + flex_struct->num = array_size; + + for (size_t i = 0; i < array_size; ++i) { + flex_struct->data[i] = 0; + } +} +``` + +## Noncompliant Code Example (Copying) + +This noncompliant code example attempts to copy an instance of a structure containing a flexible array member (`struct `flex_array_struct``) by assignment: + +```cpp +#include + +struct flex_array_struct { + size_t num; + int data[]; +}; + +void func(struct flex_array_struct *struct_a, + struct flex_array_struct *struct_b) { + *struct_b = *struct_a; +} +``` +When the structure is copied, the size of the flexible array member is not considered, and only the first member of the structure, `num`, is copied, leaving the array contents untouched. + +## Compliant Solution (Copying) + +This compliant solution uses `memcpy()` to properly copy the content of `struct_a` into `struct_b`: + +```cpp +#include + +struct flex_array_struct { + size_t num; + int data[]; +}; + +void func(struct flex_array_struct *struct_a, + struct flex_array_struct *struct_b) { + if (struct_a->num > struct_b->num) { + /* Insufficient space; handle error */ + return; + } + memcpy(struct_b, struct_a, + sizeof(struct flex_array_struct) + (sizeof(int) + * struct_a->num)); +} +``` + +## Noncompliant Code Example (Function Arguments) + +In this noncompliant code example, the flexible array structure is passed by value to a function that prints the array elements: + +```cpp +#include +#include + +struct flex_array_struct { + size_t num; + int data[]; +}; + +void print_array(struct flex_array_struct struct_p) { + puts("Array is: "); + for (size_t i = 0; i < struct_p.num; ++i) { + printf("%d ", struct_p.data[i]); + } + putchar('\n'); +} + +void func(void) { + struct flex_array_struct *struct_p; + size_t array_size = 4; + + /* Space is allocated for the struct */ + struct_p = (struct flex_array_struct *)malloc( + sizeof(struct flex_array_struct) + + sizeof(int) * array_size); + if (struct_p == NULL) { + /* Handle error */ + } + struct_p->num = array_size; + + for (size_t i = 0; i < array_size; ++i) { + struct_p->data[i] = i; + } + print_array(*struct_p); +} +``` +Because the argument is passed by value, the size of the flexible array member is not considered when the structure is copied, and only the first member of the structure, `num`, is copied. + +## Compliant Solution (Function Arguments) + +In this compliant solution, the structure is passed by reference and not by value: + +```cpp +#include +#include + +struct flex_array_struct { + size_t num; + int data[]; +}; + +void print_array(struct flex_array_struct *struct_p) { + puts("Array is: "); + for (size_t i = 0; i < struct_p->num; ++i) { + printf("%d ", struct_p->data[i]); + } + putchar('\n'); +} + +void func(void) { + struct flex_array_struct *struct_p; + size_t array_size = 4; + + /* Space is allocated for the struct and initialized... */ + + print_array(struct_p); +} +``` + +## Risk Assessment + +Failure to use structures with flexible array members correctly can result in [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). + +
    Rule Severity Likelihood Remediation Cost Priority Level
    MEM33-C Low Unlikely Low P3 L3
    + + +## Automated Detection + +
    Tool Version Checker Description
    Astrée 22.04 flexible-array-member-assignment flexible-array-member-declaration Fully checked
    Axivion Bauhaus Suite 7.2.0 CertC-MEM33 Fully implemented
    CodeSonar 7.2p0 LANG.STRUCT.DECL.FAM Declaration of Flexible Array Member
    Compass/ROSE Can detect all of these
    Helix QAC 2022.4 C1061, C1062, C1063, C1064
    Klocwork 2022.4 MISRA.INCOMPLETE.STRUCT MISRA.MEMB.FLEX_ARRAY.2012
    LDRA tool suite 9.7.1 649 S, 650 S Fully implemented
    Parasoft C/C++test 2022.2 CERT_C-MEM33-a CERT_C-MEM33-b Allocate structures containing a flexible array member dynamically Do not copy instances of structures containing a flexible array member
    Polyspace Bug Finder R2023a CERT C: Rule MEM33-C Checks for misuse of structure with flexible array member (rule fully covered)
    PRQA QA-C 9.7 1061, 1062, 1063, 1064
    RuleChecker 22.04 flexible-array-member-assignment flexible-array-member-declaration Fully checked
    + + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+MEM33-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
    Taxonomy Taxonomy item Relationship
    CERT C Secure Coding Standard DCL38-C. Use the correct syntax when declaring a flexible array member Prior to 2018-01-12: CERT: Unspecified Relationship
    + + +## CERT-CWE Mapping Notes + +[Key here](https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=87152408#HowthisCodingStandardisOrganized-CERT-CWEMappingNotes) for mapping notes + +**CWE-401 and MEM33-CPP** + +There is no longer a C++ rule for MEM33-CPP. (In fact, all C++ rules from 30-50 are gone, because we changed the numbering system to be 50-99 for C++ rules.) + +## Bibliography + +
    \[ ISO/IEC 9899:2011 \] Subclause 6.7.2.1, "Structure and Union Specifiers"
    \[ JTC1/SC22/WG14 N791 \] Solving the Struct Hack Problem
    + + +## Implementation notes + +None + +## References + +* CERT-C: [MEM33-C: Allocate and copy structures containing a flexible array member dynamically](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/MEM33-C/AllocStructsWithAFlexibleArrayMemberDynamically.ql b/c/cert/src/rules/MEM33-C/AllocStructsWithAFlexibleArrayMemberDynamically.ql new file mode 100644 index 0000000000..620c4486a9 --- /dev/null +++ b/c/cert/src/rules/MEM33-C/AllocStructsWithAFlexibleArrayMemberDynamically.ql @@ -0,0 +1,80 @@ +/** + * @id c/cert/alloc-structs-with-a-flexible-array-member-dynamically + * @name MEM33-C: Allocate structures containing a flexible array member dynamically + * @description A structure containing a flexible array member must be allocated dynamically in + * order for subsequent accesses to the flexible array to point to valid memory. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/cert/id/mem33-c + * correctness + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import codingstandards.c.Variable +import semmle.code.cpp.models.interfaces.Allocation +import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis + +abstract class FlexibleArrayAlloc extends Element { + /** + * Returns the `Variable` being allocated. + */ + abstract Variable getVariable(); +} + +/** + * A `FunctionCall` to an `AllocationFunction` that allocates memory + * which is assigned to a `Variable` of type `FlexibleArrayStructType`. + */ +class FlexibleArrayStructDynamicAlloc extends FlexibleArrayAlloc, FunctionCall { + Variable v; + + FlexibleArrayStructDynamicAlloc() { + this.getTarget() instanceof AllocationFunction and + v.getAnAssignedValue() = this and + v.getUnderlyingType().(PointerType).getBaseType().getUnspecifiedType() instanceof + FlexibleArrayStructType + } + + /** + * Holds if the size argument of the allocation function is insufficient to + * allocate at least one byte for the flexible array member. + */ + predicate hasInsufficientAllocationSize() { + upperBound(this.getArgument(this.getTarget().(AllocationFunction).getSizeArg())) <= + max(v.getUnderlyingType() + .(PointerType) + .getBaseType() + .getUnspecifiedType() + .(FlexibleArrayStructType) + .getSize() + ) + } + + override Variable getVariable() { result = v } +} + +/** + * A `Variable` of type `FlexibleArrayStructType` that is not allocated dynamically. + */ +class FlexibleArrayNonDynamicAlloc extends FlexibleArrayAlloc, Variable { + FlexibleArrayNonDynamicAlloc() { + this.getUnspecifiedType().getUnspecifiedType() instanceof FlexibleArrayStructType + } + + override Variable getVariable() { result = this } +} + +from FlexibleArrayAlloc alloc, string message +where + not isExcluded(alloc, Memory2Package::allocStructsWithAFlexibleArrayMemberDynamicallyQuery()) and + ( + alloc.(FlexibleArrayStructDynamicAlloc).hasInsufficientAllocationSize() and + message = "$@ allocated with insufficient memory for its flexible array member." + or + alloc instanceof FlexibleArrayNonDynamicAlloc and + message = "$@ contains a flexible array member but is not dynamically allocated." + ) +select alloc, message, alloc.getVariable(), alloc.getVariable().getName() diff --git a/c/cert/src/rules/MEM33-C/CopyStructsWithAFlexibleArrayMemberDynamically.md b/c/cert/src/rules/MEM33-C/CopyStructsWithAFlexibleArrayMemberDynamically.md new file mode 100644 index 0000000000..34d1aa6287 --- /dev/null +++ b/c/cert/src/rules/MEM33-C/CopyStructsWithAFlexibleArrayMemberDynamically.md @@ -0,0 +1,249 @@ +# MEM33-C: Copy structures containing a flexible array member using memcpy or a similar function. + +This query implements the CERT-C rule MEM33-C: + +> Allocate and copy structures containing a flexible array member dynamically + + +## Description + +The C Standard, 6.7.2.1, paragraph 18 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\], says + +> As a special case, the last element of a structure with more than one named member may have an incomplete array type; this is called a *flexible array member*. In most situations, the flexible array member is ignored. In particular, the size of the structure is as if the flexible array member were omitted except that it may have more trailing padding than the omission would imply. + + +The following is an example of a structure that contains a flexible array member: + +```cpp +struct flex_array_struct { + int num; + int data[]; +}; + +``` +This definition means that when computing the size of such a structure, only the first member, `num`, is considered. Unless the appropriate size of the flexible array member has been explicitly added when allocating storage for an object of the `struct`, the result of accessing the member `data` of a variable of nonpointer type `struct flex_array_struct` is [undefined](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). [DCL38-C. Use the correct syntax when declaring a flexible array member](https://wiki.sei.cmu.edu/confluence/display/c/DCL38-C.+Use+the+correct+syntax+when+declaring+a+flexible+array+member) describes the correct way to declare a `struct` with a flexible array member. + +To avoid the potential for undefined behavior, structures that contain a flexible array member should always be allocated dynamically. Flexible array structures must + +* Have dynamic storage duration (be allocated via `malloc()` or another dynamic allocation function) +* Be dynamically copied using `memcpy()` or a similar function and not by assignment +* When used as an argument to a function, be passed by pointer and not copied by value + +## Noncompliant Code Example (Storage Duration) + +This noncompliant code example uses automatic storage for a structure containing a flexible array member: + +```cpp +#include + +struct flex_array_struct { + size_t num; + int data[]; +}; + +void func(void) { + struct flex_array_struct flex_struct; + size_t array_size = 4; + + /* Initialize structure */ + flex_struct.num = array_size; + + for (size_t i = 0; i < array_size; ++i) { + flex_struct.data[i] = 0; + } +} +``` +Because the memory for `flex_struct` is reserved on the stack, no space is reserved for the `data` member. Accessing the `data` member is [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). + +## Compliant Solution (Storage Duration) + +This compliant solution dynamically allocates storage for `flex_array_struct`: + +```cpp +#include + +struct flex_array_struct { + size_t num; + int data[]; +}; + +void func(void) { + struct flex_array_struct *flex_struct; + size_t array_size = 4; + + /* Dynamically allocate memory for the struct */ + flex_struct = (struct flex_array_struct *)malloc( + sizeof(struct flex_array_struct) + + sizeof(int) * array_size); + if (flex_struct == NULL) { + /* Handle error */ + } + + /* Initialize structure */ + flex_struct->num = array_size; + + for (size_t i = 0; i < array_size; ++i) { + flex_struct->data[i] = 0; + } +} +``` + +## Noncompliant Code Example (Copying) + +This noncompliant code example attempts to copy an instance of a structure containing a flexible array member (`struct `flex_array_struct``) by assignment: + +```cpp +#include + +struct flex_array_struct { + size_t num; + int data[]; +}; + +void func(struct flex_array_struct *struct_a, + struct flex_array_struct *struct_b) { + *struct_b = *struct_a; +} +``` +When the structure is copied, the size of the flexible array member is not considered, and only the first member of the structure, `num`, is copied, leaving the array contents untouched. + +## Compliant Solution (Copying) + +This compliant solution uses `memcpy()` to properly copy the content of `struct_a` into `struct_b`: + +```cpp +#include + +struct flex_array_struct { + size_t num; + int data[]; +}; + +void func(struct flex_array_struct *struct_a, + struct flex_array_struct *struct_b) { + if (struct_a->num > struct_b->num) { + /* Insufficient space; handle error */ + return; + } + memcpy(struct_b, struct_a, + sizeof(struct flex_array_struct) + (sizeof(int) + * struct_a->num)); +} +``` + +## Noncompliant Code Example (Function Arguments) + +In this noncompliant code example, the flexible array structure is passed by value to a function that prints the array elements: + +```cpp +#include +#include + +struct flex_array_struct { + size_t num; + int data[]; +}; + +void print_array(struct flex_array_struct struct_p) { + puts("Array is: "); + for (size_t i = 0; i < struct_p.num; ++i) { + printf("%d ", struct_p.data[i]); + } + putchar('\n'); +} + +void func(void) { + struct flex_array_struct *struct_p; + size_t array_size = 4; + + /* Space is allocated for the struct */ + struct_p = (struct flex_array_struct *)malloc( + sizeof(struct flex_array_struct) + + sizeof(int) * array_size); + if (struct_p == NULL) { + /* Handle error */ + } + struct_p->num = array_size; + + for (size_t i = 0; i < array_size; ++i) { + struct_p->data[i] = i; + } + print_array(*struct_p); +} +``` +Because the argument is passed by value, the size of the flexible array member is not considered when the structure is copied, and only the first member of the structure, `num`, is copied. + +## Compliant Solution (Function Arguments) + +In this compliant solution, the structure is passed by reference and not by value: + +```cpp +#include +#include + +struct flex_array_struct { + size_t num; + int data[]; +}; + +void print_array(struct flex_array_struct *struct_p) { + puts("Array is: "); + for (size_t i = 0; i < struct_p->num; ++i) { + printf("%d ", struct_p->data[i]); + } + putchar('\n'); +} + +void func(void) { + struct flex_array_struct *struct_p; + size_t array_size = 4; + + /* Space is allocated for the struct and initialized... */ + + print_array(struct_p); +} +``` + +## Risk Assessment + +Failure to use structures with flexible array members correctly can result in [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). + +
    Rule Severity Likelihood Remediation Cost Priority Level
    MEM33-C Low Unlikely Low P3 L3
    + + +## Automated Detection + +
    Tool Version Checker Description
    Astrée 22.04 flexible-array-member-assignment flexible-array-member-declaration Fully checked
    Axivion Bauhaus Suite 7.2.0 CertC-MEM33 Fully implemented
    CodeSonar 7.2p0 LANG.STRUCT.DECL.FAM Declaration of Flexible Array Member
    Compass/ROSE Can detect all of these
    Helix QAC 2022.4 C1061, C1062, C1063, C1064
    Klocwork 2022.4 MISRA.INCOMPLETE.STRUCT MISRA.MEMB.FLEX_ARRAY.2012
    LDRA tool suite 9.7.1 649 S, 650 S Fully implemented
    Parasoft C/C++test 2022.2 CERT_C-MEM33-a CERT_C-MEM33-b Allocate structures containing a flexible array member dynamically Do not copy instances of structures containing a flexible array member
    Polyspace Bug Finder R2023a CERT C: Rule MEM33-C Checks for misuse of structure with flexible array member (rule fully covered)
    PRQA QA-C 9.7 1061, 1062, 1063, 1064
    RuleChecker 22.04 flexible-array-member-assignment flexible-array-member-declaration Fully checked
    + + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+MEM33-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
    Taxonomy Taxonomy item Relationship
    CERT C Secure Coding Standard DCL38-C. Use the correct syntax when declaring a flexible array member Prior to 2018-01-12: CERT: Unspecified Relationship
    + + +## CERT-CWE Mapping Notes + +[Key here](https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=87152408#HowthisCodingStandardisOrganized-CERT-CWEMappingNotes) for mapping notes + +**CWE-401 and MEM33-CPP** + +There is no longer a C++ rule for MEM33-CPP. (In fact, all C++ rules from 30-50 are gone, because we changed the numbering system to be 50-99 for C++ rules.) + +## Bibliography + +
    \[ ISO/IEC 9899:2011 \] Subclause 6.7.2.1, "Structure and Union Specifiers"
    \[ JTC1/SC22/WG14 N791 \] Solving the Struct Hack Problem
    + + +## Implementation notes + +None + +## References + +* CERT-C: [MEM33-C: Allocate and copy structures containing a flexible array member dynamically](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/MEM33-C/CopyStructsWithAFlexibleArrayMemberDynamically.ql b/c/cert/src/rules/MEM33-C/CopyStructsWithAFlexibleArrayMemberDynamically.ql new file mode 100644 index 0000000000..69f6f9feb9 --- /dev/null +++ b/c/cert/src/rules/MEM33-C/CopyStructsWithAFlexibleArrayMemberDynamically.ql @@ -0,0 +1,114 @@ +/** + * @id c/cert/copy-structs-with-a-flexible-array-member-dynamically + * @name MEM33-C: Copy structures containing a flexible array member using memcpy or a similar function. + * @description Copying a structure containing a flexbile array member by assignment ignores the + * flexible array member data. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/cert/id/mem33-c + * correctness + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import codingstandards.c.Variable +import semmle.code.cpp.security.BufferAccess + +/** + * An expanded variant of the CodeQL standard library `MemcpyBA` + * class that additionally models the `__builtin___memcpy_chk` function. + */ +class MemcpyBAExpanded extends BufferAccess { + MemcpyBAExpanded() { + this.(FunctionCall).getTarget().getName() = + ["memcmp", "wmemcmp", "_memicmp", "_memicmp_l", "__builtin___memcpy_chk"] + } + + override string getName() { result = this.(FunctionCall).getTarget().getName() } + + override Expr getBuffer(string bufferDesc, int accessType) { + result = this.(FunctionCall).getArgument(0) and + bufferDesc = "destination buffer" and + accessType = 2 + or + result = this.(FunctionCall).getArgument(1) and + bufferDesc = "source buffer" and + accessType = 2 + } + + override int getSize() { + result = + this.(FunctionCall).getArgument(2).getValue().toInt() * + getPointedSize(this.(FunctionCall).getTarget().getParameter(0).getType()) + } +} + +/** + * A class representing an `Expr` that copies a flexible array struct. + */ +abstract class FlexibleArrayCopyExpr extends Expr { } + +/** + * A simple assignment of a flexible array struct to another flexible array struct. + */ +class FlexibleArraySimpleCopyExpr extends FlexibleArrayCopyExpr { + FlexibleArraySimpleCopyExpr() { + exists(Variable v | + this.getUnspecifiedType() instanceof FlexibleArrayStructType and + ( + exists(Initializer init | + init.getDeclaration() = v and + init.getExpr() = this + ) + or + exists(AssignExpr assign | + assign.getLValue().getUnspecifiedType() instanceof FlexibleArrayStructType and + assign.getRValue() = this + ) + ) + ) + } +} + +/** + * A call to a function that copies a flexible array struct. + */ +class FlexibleArrayMemcpyCallExpr extends FlexibleArrayCopyExpr, MemcpyBAExpanded { + FlexibleArrayMemcpyCallExpr() { + not exists(Expr e | + e = this.getBuffer(_, _) and + not e.getType().stripType() instanceof FlexibleArrayStructType + ) + } + + /** + * Holds if the size copied does not account for the flexible array member. + */ + predicate isFlexibleArrayCopiedWithInsufficientSize() { + this.getSize() <= + max(this.getBuffer(_, _) + .getUnderlyingType() + .(DerivedType) + .getBaseType() + .getUnspecifiedType() + .getSize() + ) + } +} + +from FlexibleArrayCopyExpr faCopy, string message +where + not isExcluded(faCopy, Memory2Package::copyStructsWithAFlexibleArrayMemberDynamicallyQuery()) and + ( + // case 1: simple assignment + faCopy instanceof FlexibleArraySimpleCopyExpr and + message = "Struct containing a flexible array member copied by assignment." + or + // case 2: call to memcpy + faCopy.(FlexibleArrayMemcpyCallExpr).isFlexibleArrayCopiedWithInsufficientSize() and + message = + "Struct containing a flexible array member copied by call to memcpy with insufficient size." + ) +select faCopy, message diff --git a/c/cert/src/rules/MEM34-C/OnlyFreeMemoryAllocatedDynamicallyCert.md b/c/cert/src/rules/MEM34-C/OnlyFreeMemoryAllocatedDynamicallyCert.md new file mode 100644 index 0000000000..c5772adb4b --- /dev/null +++ b/c/cert/src/rules/MEM34-C/OnlyFreeMemoryAllocatedDynamicallyCert.md @@ -0,0 +1,168 @@ +# MEM34-C: Only free memory allocated dynamically + +This query implements the CERT-C rule MEM34-C: + +> Only free memory allocated dynamically + + + +## Description + +The C Standard, Annex J \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\], states that the behavior of a program is [undefined ](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior) when + +> The pointer argument to the `free` or `realloc` function does not match a pointer earlier returned by a memory management function, or the space has been deallocated by a call to `free` or `realloc`. + + +See also [undefined behavior 179](https://wiki.sei.cmu.edu/confluence/display/c/CC.+Undefined+Behavior#CC.UndefinedBehavior-ub_179). + +Freeing memory that is not allocated dynamically can result in heap corruption and other serious errors. Do not call `free()` on a pointer other than one returned by a standard memory allocation function, such as `malloc()`, `calloc()`, `realloc()`, or `aligned_alloc()`. + +A similar situation arises when `realloc()` is supplied a pointer to non-dynamically allocated memory. The `realloc()` function is used to resize a block of dynamic memory. If `realloc()` is supplied a pointer to memory not allocated by a standard memory allocation function, the behavior is [undefined](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). One consequence is that the program may [terminate abnormally](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-abnormaltermination). + +This rule does not apply to null pointers. The C Standard guarantees that if `free()` is passed a null pointer, no action occurs. + +## Noncompliant Code Example + +This noncompliant code example sets `c_str` to reference either dynamically allocated memory or a statically allocated string literal depending on the value of `argc`. In either case, `c_str` is passed as an argument to `free()`. If anything other than dynamically allocated memory is referenced by `c_str`, the call to `free(c_str)` is erroneous. + +```cpp +#include +#include +#include + +enum { MAX_ALLOCATION = 1000 }; + +int main(int argc, const char *argv[]) { + char *c_str = NULL; + size_t len; + + if (argc == 2) { + len = strlen(argv[1]) + 1; + if (len > MAX_ALLOCATION) { + /* Handle error */ + } + c_str = (char *)malloc(len); + if (c_str == NULL) { + /* Handle error */ + } + strcpy(c_str, argv[1]); + } else { + c_str = "usage: $>a.exe [string]"; + printf("%s\n", c_str); + } + free(c_str); + return 0; +} + +``` + +## Compliant Solution + +This compliant solution eliminates the possibility of `c_str` referencing memory that is not allocated dynamically when passed to `free()`: + +```cpp +#include +#include +#include + +enum { MAX_ALLOCATION = 1000 }; + +int main(int argc, const char *argv[]) { + char *c_str = NULL; + size_t len; + + if (argc == 2) { + len = strlen(argv[1]) + 1; + if (len > MAX_ALLOCATION) { + /* Handle error */ + } + c_str = (char *)malloc(len); + if (c_str == NULL) { + /* Handle error */ + } + strcpy(c_str, argv[1]); + } else { + printf("%s\n", "usage: $>a.exe [string]"); + return EXIT_FAILURE; + } + free(c_str); + return 0; +} + +``` + +## Noncompliant Code Example (realloc()) + +In this noncompliant example, the pointer parameter to `realloc()`, `buf`, does not refer to dynamically allocated memory: + +```cpp +#include + +enum { BUFSIZE = 256 }; + +void f(void) { + char buf[BUFSIZE]; + char *p = (char *)realloc(buf, 2 * BUFSIZE); + if (p == NULL) { + /* Handle error */ + } +} + +``` + +## Compliant Solution (realloc()) + +In this compliant solution, `buf` refers to dynamically allocated memory: + +```cpp +#include + +enum { BUFSIZE = 256 }; + +void f(void) { + char *buf = (char *)malloc(BUFSIZE * sizeof(char)); + char *p = (char *)realloc(buf, 2 * BUFSIZE); + if (p == NULL) { + /* Handle error */ + } +} +``` +Note that `realloc()` will behave properly even if `malloc()` failed, because when given a null pointer, `realloc()` behaves like a call to `malloc()`. + +## Risk Assessment + +The consequences of this error depend on the [implementation](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation), but they range from nothing to arbitrary code execution if that memory is reused by `malloc()`. + +
    Rule Severity Likelihood Remediation Cost Priority Level
    MEM34-C High Likely Medium P18 L1
    + + +## Automated Detection + +
    Tool Version Checker Description
    Astrée 22.04 invalid-free Fully checked
    Axivion Bauhaus Suite 7.2.0 CertC-MEM34 Can detect memory deallocations for stack objects
    Clang 3.9 clang-analyzer-unix.Malloc Checked by clang-tidy ; can detect some instances of this rule, but does not detect all
    CodeSonar 7.2p0 ALLOC.TM Type Mismatch
    Compass/ROSE Can detect some violations of this rule
    Coverity 2017.07 BAD_FREE Identifies calls to free() where the argument is a pointer to a function or an array. It also detects the cases where free() is used on an address-of expression, which can never be heap allocated. Coverity Prevent cannot discover all violations of this rule, so further verification is necessary
    Helix QAC 2022.4 DF2721, DF2722, DF2723
    Klocwork 2022.4 FNH.MIGHT FNH.MUST
    LDRA tool suite 9.7.1 407 S, 483 S, 644 S, 645 S, 125 D Partially implemented
    Parasoft C/C++test 2022.2 CERT_C-MEM34-a Do not free resources using invalid pointers
    Parasoft Insure++ Runtime analysis
    PC-lint Plus 1.4 424, 673 Fully supported
    Polyspace Bug Finder R2023a CERT C: Rule MEM34-C Checks for: Invalid free of pointernvalid free of pointer, invalid reallocation of pointernvalid reallocation of pointer. Rule fully covered.
    PRQA QA-C 9.7 2721, 2722, 2723
    PRQA QA-C++ 4.4 2721 , 2722, 2723
    PVS-Studio 7.23 V585 , V726
    RuleChecker 22.04 invalid-free Partially checked
    TrustInSoft Analyzer 1.38 unclassified ("free expects a free-able address") Exhaustively verified (see one compliant and one non-compliant example ).
    + + +## Related Vulnerabilities + +[CVE-2015-0240](https://securityblog.redhat.com/2015/02/23/samba-vulnerability-cve-2015-0240/) describes a [vulnerability](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) in which an uninitialized pointer is passed to `TALLOC_FREE()`, which is a Samba-specific memory deallocation macro that wraps the `talloc_free()` function. The implementation of `talloc_free()` would access the uninitialized pointer, resulting in a remote [exploit](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-exploit). + +Search for vulnerabilities resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+MEM34-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
    Taxonomy Taxonomy item Relationship
    CERT C Secure Coding Standard MEM31-C. Free dynamically allocated memory when no longer needed Prior to 2018-01-12: CERT: Unspecified Relationship
    CERT C MEM51-CPP. Properly deallocate dynamically allocated resources Prior to 2018-01-12: CERT: Unspecified Relationship
    ISO/IEC TS 17961 Reallocating or freeing memory that was not dynamically allocated \[xfree\] Prior to 2018-01-12: CERT: Unspecified Relationship
    CWE 2.11 CWE-590 , Free of Memory Not on the Heap 2017-07-10: CERT: Exact
    + + +## Bibliography + +
    \[ ISO/IEC 9899:2011 \] Subclause J.2, "Undefined Behavior"
    \[ Seacord 2013b \] Chapter 4, "Dynamic Memory Management"
    + + +## Implementation notes + +None + +## References + +* CERT-C: [MEM34-C: Only free memory allocated dynamically](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/MEM34-C/OnlyFreeMemoryAllocatedDynamicallyCert.ql b/c/cert/src/rules/MEM34-C/OnlyFreeMemoryAllocatedDynamicallyCert.ql new file mode 100644 index 0000000000..3ff7564fc9 --- /dev/null +++ b/c/cert/src/rules/MEM34-C/OnlyFreeMemoryAllocatedDynamicallyCert.ql @@ -0,0 +1,23 @@ +/** + * @id c/cert/only-free-memory-allocated-dynamically-cert + * @name MEM34-C: Only free memory allocated dynamically + * @description Freeing memory that is not allocated dynamically can lead to heap corruption and + * undefined behavior. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/cert/id/mem34-c + * correctness + * security + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import codingstandards.cpp.rules.onlyfreememoryallocateddynamicallyshared.OnlyFreeMemoryAllocatedDynamicallyShared + +class OnlyFreeMemoryAllocatedDynamicallyCertQuery extends OnlyFreeMemoryAllocatedDynamicallySharedSharedQuery { + OnlyFreeMemoryAllocatedDynamicallyCertQuery() { + this = Memory2Package::onlyFreeMemoryAllocatedDynamicallyCertQuery() + } +} diff --git a/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.md b/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.md new file mode 100644 index 0000000000..aca1b78530 --- /dev/null +++ b/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.md @@ -0,0 +1,173 @@ +# MEM36-C: Do not modify the alignment of objects by calling realloc + +This query implements the CERT-C rule MEM36-C: + +> Do not modify the alignment of objects by calling realloc + + + +## Description + +Do not invoke `realloc()` to modify the size of allocated objects that have stricter alignment requirements than those guaranteed by `malloc()`. Storage allocated by a call to the standard `aligned_alloc()` function, for example, can have stricter than normal alignment requirements. The C standard requires only that a pointer returned by `realloc()` be suitably aligned so that it may be assigned to a pointer to any type of object with a fundamental alignment requirement. + +## Noncompliant Code Example + +This noncompliant code example returns a pointer to allocated memory that has been aligned to a 4096-byte boundary. If the `resize` argument to the `realloc()` function is larger than the object referenced by `ptr`, then `realloc()` will allocate new memory that is suitably aligned so that it may be assigned to a pointer to any type of object with a fundamental alignment requirement but may not preserve the stricter alignment of the original object. + +```cpp +#include + +void func(void) { + size_t resize = 1024; + size_t alignment = 1 << 12; + int *ptr; + int *ptr1; + + if (NULL == (ptr = (int *)aligned_alloc(alignment, sizeof(int)))) { + /* Handle error */ + } + + if (NULL == (ptr1 = (int *)realloc(ptr, resize))) { + /* Handle error */ + } +} +``` +**Implementation Details** + +When compiled with GCC 4.1.2 and run on the x86_64 Red Hat Linux platform, the following code produces the following output: + +**CODE** + +```cpp +#include +#include + +int main(void) { + size_t size = 16; + size_t resize = 1024; + size_t align = 1 << 12; + int *ptr; + int *ptr1; + + if (posix_memalign((void **)&ptr, align , size) != 0) { + exit(EXIT_FAILURE); + } + + printf("memory aligned to %zu bytes\n", align); + printf("ptr = %p\n\n", ptr); + + if ((ptr1 = (int*) realloc((int *)ptr, resize)) == NULL) { + exit(EXIT_FAILURE); + } + + puts("After realloc(): \n"); + printf("ptr1 = %p\n", ptr1); + + free(ptr1); + return 0; +} + + +``` +**OUTPUT** + +```cpp +memory aligned to 4096 bytes +ptr = 0x1621b000 + +After realloc(): +ptr1 = 0x1621a010 + +``` +`ptr1` is no longer aligned to 4096 bytes. + +## Compliant Solution + +This compliant solution allocates `resize` bytes of new memory with the same alignment as the old memory, copies the original memory content, and then frees the old memory. This solution has [implementation-defined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation-definedbehavior) because it depends on whether extended alignments in excess of `_Alignof (max_align_t)` are supported and the contexts in which they are supported. If not supported, the behavior of this compliant solution is undefined. + +```cpp +#include +#include + +void func(void) { + size_t resize = 1024; + size_t alignment = 1 << 12; + int *ptr; + int *ptr1; + + if (NULL == (ptr = (int *)aligned_alloc(alignment, + sizeof(int)))) { + /* Handle error */ + } + + if (NULL == (ptr1 = (int *)aligned_alloc(alignment, + resize))) { + /* Handle error */ + } + + if (NULL == memcpy(ptr1, ptr, sizeof(int))) { + /* Handle error */ + } + + free(ptr); +} +``` + +## Compliant Solution (Windows) + +Windows defines the `_aligned_malloc()` function to allocate memory on a specified alignment boundary. The `_aligned_realloc()` \[[MSDN](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-MSDN)\] can be used to change the size of this memory. This compliant solution demonstrates one such usage: + +```cpp +#include + +void func(void) { + size_t alignment = 1 << 12; + int *ptr; + int *ptr1; + + /* Original allocation */ + if (NULL == (ptr = (int *)_aligned_malloc(sizeof(int), + alignment))) { + /* Handle error */ +} + + /* Reallocation */ + if (NULL == (ptr1 = (int *)_aligned_realloc(ptr, 1024, + alignment))) { + _aligned_free(ptr); + /* Handle error */ + } + + _aligned_free(ptr1); +} +``` +The `size` and `alignment` arguments for `_aligned_malloc()` are provided in reverse order of the C Standard `aligned_alloc()` function. + +## Risk Assessment + +Improper alignment can lead to arbitrary memory locations being accessed and written to. + +
    Recommendation Severity Likelihood Remediation Cost Priority Level
    MEM36-C Low Probable High P2 L3
    + + +## Automated Detection + +
    Tool Version Checker Description
    Astrée 22.04 Supported, but no explicit checker
    Axivion Bauhaus Suite 7.2.0 CertC-MEM36 Fully implemented
    CodeSonar 7.2p0 BADFUNC.REALLOC Use of realloc
    Helix QAC 2022.4 C5027 C++5034
    Klocwork 2022.4 AUTOSAR.STDLIB.MEMORY
    LDRA tool suite 9.7.1 44 S Enhanced enforcement
    Parasoft C/C++test 2022.2 CERT_C-MEM36-a Do not modify the alignment of objects by calling realloc()
    Polyspace Bug Finder R2023a CERT C: Rule MEM36-C Checks for alignment change after memory allocation (rule fully covered)
    PRQA QA-C 9.7 5027
    PRQA QA-C++ 4.4 5034
    + + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+MEM36-C). + +## Bibliography + +
    \[ ISO/IEC 9899:2011 \] 7.22.3.1, "The aligned_alloc Function"
    \[ MSDN \] aligned_malloc()
    + + +## Implementation notes + +None + +## References + +* CERT-C: [MEM36-C: Do not modify the alignment of objects by calling realloc](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql b/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql new file mode 100644 index 0000000000..79a337f036 --- /dev/null +++ b/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql @@ -0,0 +1,58 @@ +/** + * @id c/cert/do-not-modify-alignment-of-memory-with-realloc + * @name MEM36-C: Do not modify the alignment of objects by calling realloc + * @description Realloc does not preserve the alignment of memory allocated with aligned_alloc and + * can result in undefined behavior if reallocating more strictly aligned memory. + * @kind path-problem + * @precision high + * @problem.severity error + * @tags external/cert/id/mem36-c + * correctness + * security + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import codingstandards.cpp.Allocations +import semmle.code.cpp.dataflow.DataFlow +import DataFlow::PathGraph + +int getStatedValue(Expr e) { + // `upperBound(e)` defaults to `exprMaxVal(e)` when `e` isn't analyzable. So to get a meaningful + // result in this case we pick the minimum value obtainable from dataflow and range analysis. + result = + upperBound(e) + .minimum(min(Expr source | DataFlow::localExprFlow(source, e) | source.getValue().toInt())) +} + +class NonDefaultAlignedAllocCall extends FunctionCall { + NonDefaultAlignedAllocCall() { + this.getTarget().hasName("aligned_alloc") and + not getStatedValue(this.getArgument(0)) = getGlobalMaxAlignT() + } +} + +class ReallocCall extends FunctionCall { + ReallocCall() { this.getTarget().hasName("realloc") } +} + +class AlignedAllocToReallocConfig extends DataFlow::Configuration { + AlignedAllocToReallocConfig() { this = "AlignedAllocToReallocConfig" } + + override predicate isSource(DataFlow::Node source) { + source.asExpr() instanceof NonDefaultAlignedAllocCall + } + + override predicate isSink(DataFlow::Node sink) { + exists(ReallocCall realloc | sink.asExpr() = realloc.getArgument(0)) + } +} + +from AlignedAllocToReallocConfig cfg, DataFlow::PathNode source, DataFlow::PathNode sink +where + not isExcluded(sink.getNode().asExpr(), + Memory2Package::doNotModifyAlignmentOfMemoryWithReallocQuery()) and + cfg.hasFlowPath(source, sink) +select sink, source, sink, "Memory allocated with $@ but reallocated with realloc.", + source.getNode().asExpr(), "aligned_alloc" diff --git a/c/cert/test/rules/ARR36-C/DoNotRelatePointersThatDoNotReferToTheSameArray.testref b/c/cert/test/rules/ARR36-C/DoNotRelatePointersThatDoNotReferToTheSameArray.testref new file mode 100644 index 0000000000..067c1c5965 --- /dev/null +++ b/c/cert/test/rules/ARR36-C/DoNotRelatePointersThatDoNotReferToTheSameArray.testref @@ -0,0 +1 @@ +c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql \ No newline at end of file diff --git a/c/cert/test/rules/ARR36-C/DoNotSubtractPointersThatDoNotReferToTheSameArray.testref b/c/cert/test/rules/ARR36-C/DoNotSubtractPointersThatDoNotReferToTheSameArray.testref new file mode 100644 index 0000000000..bbe3b3db8a --- /dev/null +++ b/c/cert/test/rules/ARR36-C/DoNotSubtractPointersThatDoNotReferToTheSameArray.testref @@ -0,0 +1 @@ +c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql \ No newline at end of file diff --git a/c/cert/test/rules/EXP42-C/DoNotComparePaddingData.testref b/c/cert/test/rules/EXP42-C/DoNotComparePaddingData.testref new file mode 100644 index 0000000000..fb0d5d283b --- /dev/null +++ b/c/cert/test/rules/EXP42-C/DoNotComparePaddingData.testref @@ -0,0 +1 @@ +c/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql \ No newline at end of file diff --git a/c/cert/test/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.qlref b/c/cert/test/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.qlref deleted file mode 100644 index 53d28c862c..0000000000 --- a/c/cert/test/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.ql \ No newline at end of file diff --git a/c/cert/test/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.testref b/c/cert/test/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.testref new file mode 100644 index 0000000000..960e2354ae --- /dev/null +++ b/c/cert/test/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.testref @@ -0,0 +1 @@ +c/common/test/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.ql \ No newline at end of file diff --git a/c/cert/test/rules/MEM31-C/FreeMemoryWhenNoLongerNeededCert.testref b/c/cert/test/rules/MEM31-C/FreeMemoryWhenNoLongerNeededCert.testref new file mode 100644 index 0000000000..c3215c5533 --- /dev/null +++ b/c/cert/test/rules/MEM31-C/FreeMemoryWhenNoLongerNeededCert.testref @@ -0,0 +1 @@ +c/common/test/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.ql \ No newline at end of file diff --git a/c/cert/test/rules/MEM33-C/AllocStructsWithAFlexibleArrayMemberDynamically.expected b/c/cert/test/rules/MEM33-C/AllocStructsWithAFlexibleArrayMemberDynamically.expected new file mode 100644 index 0000000000..0df24e1dcc --- /dev/null +++ b/c/cert/test/rules/MEM33-C/AllocStructsWithAFlexibleArrayMemberDynamically.expected @@ -0,0 +1,7 @@ +| test.c:15:13:15:14 | v1 | $@ contains a flexible array member but is not dynamically allocated. | test.c:15:13:15:14 | v1 | v1 | +| test.c:17:8:17:13 | call to malloc | $@ allocated with insufficient memory for its flexible array member. | test.c:16:14:16:15 | v2 | v2 | +| test.c:20:7:20:12 | call to malloc | $@ allocated with insufficient memory for its flexible array member. | test.c:19:14:19:15 | v3 | v3 | +| test.c:22:19:22:24 | call to malloc | $@ allocated with insufficient memory for its flexible array member. | test.c:22:14:22:15 | v4 | v4 | +| test.c:31:30:31:31 | p1 | $@ contains a flexible array member but is not dynamically allocated. | test.c:31:30:31:31 | p1 | p1 | +| test.c:40:13:40:14 | v1 | $@ contains a flexible array member but is not dynamically allocated. | test.c:40:13:40:14 | v1 | v1 | +| test.c:48:13:48:14 | v1 | $@ contains a flexible array member but is not dynamically allocated. | test.c:48:13:48:14 | v1 | v1 | diff --git a/c/cert/test/rules/MEM33-C/AllocStructsWithAFlexibleArrayMemberDynamically.qlref b/c/cert/test/rules/MEM33-C/AllocStructsWithAFlexibleArrayMemberDynamically.qlref new file mode 100644 index 0000000000..963e5e0175 --- /dev/null +++ b/c/cert/test/rules/MEM33-C/AllocStructsWithAFlexibleArrayMemberDynamically.qlref @@ -0,0 +1 @@ +rules/MEM33-C/AllocStructsWithAFlexibleArrayMemberDynamically.ql \ No newline at end of file diff --git a/c/cert/test/rules/MEM33-C/CopyStructsWithAFlexibleArrayMemberDynamically.expected b/c/cert/test/rules/MEM33-C/CopyStructsWithAFlexibleArrayMemberDynamically.expected new file mode 100644 index 0000000000..4b9c0bbd65 --- /dev/null +++ b/c/cert/test/rules/MEM33-C/CopyStructsWithAFlexibleArrayMemberDynamically.expected @@ -0,0 +1,2 @@ +| test.c:48:18:48:20 | * ... | Struct containing a flexible array member copied by assignment. | +| test.c:49:9:49:11 | * ... | Struct containing a flexible array member copied by assignment. | diff --git a/c/cert/test/rules/MEM33-C/CopyStructsWithAFlexibleArrayMemberDynamically.qlref b/c/cert/test/rules/MEM33-C/CopyStructsWithAFlexibleArrayMemberDynamically.qlref new file mode 100644 index 0000000000..37493b023f --- /dev/null +++ b/c/cert/test/rules/MEM33-C/CopyStructsWithAFlexibleArrayMemberDynamically.qlref @@ -0,0 +1 @@ +rules/MEM33-C/CopyStructsWithAFlexibleArrayMemberDynamically.ql \ No newline at end of file diff --git a/c/cert/test/rules/MEM33-C/test.c b/c/cert/test/rules/MEM33-C/test.c new file mode 100644 index 0000000000..364e7b761e --- /dev/null +++ b/c/cert/test/rules/MEM33-C/test.c @@ -0,0 +1,54 @@ +#include +#include + +struct s1 { + int num; + char b[]; +}; + +struct s2 { + int a; + char b[1]; +}; + +void test_alloc(void) { + struct s1 v1; // NON_COMPLIANT + struct s1 *v2; // COMPLIANT + v2 = malloc(sizeof(struct s1)); // NON_COMPLIANT - size does not include space + // for the flexible array + struct s1 *v3 = + malloc(sizeof(struct s1)); // NON_COMPLIANT - size does not include space + // for the flexible array + struct s1 *v4 = malloc( + sizeof(struct s1) - + 1); // NON_COMPLIANT - size does not include space for the flexible array + struct s1 *v5 = malloc(sizeof(struct s1) + 1); // COMPLIANT + struct s2 v6; // COMPLIANT - no flex array + struct s2 *v7 = malloc(sizeof(struct s1)); // COMPLIANT - no flex array +} + +// calls to this function are never compliant +void test_fa_param(struct s1 p1) {} // NON_COMPLIANT + +// calls to this function are always compliant +void test_pfa_param(struct s1 *p1) {} // COMPLIANT + +// calls to this function are always compliant +void test_s_param(struct s2 p1) {} // COMPLIANT + +void test_fa_params_call(void) { + struct s1 v1; // NON_COMPLIANT + struct s1 *v2 = malloc(sizeof(struct s1) + 1); + test_fa_param(v1); // NON_COMPLIANT + test_pfa_param(&v1); // COMPLIANT + test_pfa_param(v2); // COMPLIANT +} + +void test_copy(struct s1 *p1, struct s1 *p2) { + struct s1 v1 = *p2; // NON_COMPLIANT + *p1 = *p2; // NON_COMPLIANT + memcpy(p1, p2, + sizeof(struct s1)); // NON_COMPLIANT - not copying size of array + memcpy(p1, p2, sizeof(struct s1) + 1); // COMPLIANT + memcpy(p1, p2, sizeof(struct s1) + p2->num); // COMPLIANT +} \ No newline at end of file diff --git a/c/cert/test/rules/MEM34-C/OnlyFreeMemoryAllocatedDynamicallyCert.testref b/c/cert/test/rules/MEM34-C/OnlyFreeMemoryAllocatedDynamicallyCert.testref new file mode 100644 index 0000000000..edf7c5cc3b --- /dev/null +++ b/c/cert/test/rules/MEM34-C/OnlyFreeMemoryAllocatedDynamicallyCert.testref @@ -0,0 +1 @@ +c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.ql \ No newline at end of file diff --git a/c/cert/test/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.expected b/c/cert/test/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.expected new file mode 100644 index 0000000000..0592cb038d --- /dev/null +++ b/c/cert/test/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.expected @@ -0,0 +1,18 @@ +edges +| test.c:5:10:5:22 | call to aligned_alloc | test.c:15:8:15:28 | call to aligned_alloc_wrapper | +| test.c:8:29:8:31 | ptr | test.c:8:64:8:66 | ptr | +| test.c:15:8:15:28 | call to aligned_alloc_wrapper | test.c:16:24:16:25 | v1 | +| test.c:16:24:16:25 | v1 | test.c:8:29:8:31 | ptr | +| test.c:22:8:22:20 | call to aligned_alloc | test.c:23:16:23:17 | v3 | +nodes +| test.c:5:10:5:22 | call to aligned_alloc | semmle.label | call to aligned_alloc | +| test.c:8:29:8:31 | ptr | semmle.label | ptr | +| test.c:8:64:8:66 | ptr | semmle.label | ptr | +| test.c:15:8:15:28 | call to aligned_alloc_wrapper | semmle.label | call to aligned_alloc_wrapper | +| test.c:16:24:16:25 | v1 | semmle.label | v1 | +| test.c:22:8:22:20 | call to aligned_alloc | semmle.label | call to aligned_alloc | +| test.c:23:16:23:17 | v3 | semmle.label | v3 | +subpaths +#select +| test.c:8:64:8:66 | ptr | test.c:5:10:5:22 | call to aligned_alloc | test.c:8:64:8:66 | ptr | Memory allocated with $@ but reallocated with realloc. | test.c:5:10:5:22 | call to aligned_alloc | aligned_alloc | +| test.c:23:16:23:17 | v3 | test.c:22:8:22:20 | call to aligned_alloc | test.c:23:16:23:17 | v3 | Memory allocated with $@ but reallocated with realloc. | test.c:22:8:22:20 | call to aligned_alloc | aligned_alloc | diff --git a/c/cert/test/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.qlref b/c/cert/test/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.qlref new file mode 100644 index 0000000000..60d530bf5f --- /dev/null +++ b/c/cert/test/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.qlref @@ -0,0 +1 @@ +rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql \ No newline at end of file diff --git a/c/cert/test/rules/MEM36-C/test.c b/c/cert/test/rules/MEM36-C/test.c new file mode 100644 index 0000000000..1f2d159e09 --- /dev/null +++ b/c/cert/test/rules/MEM36-C/test.c @@ -0,0 +1,24 @@ +#include +#include + +void *aligned_alloc_wrapper(size_t alignment, size_t size) { + return aligned_alloc(alignment, size); +} + +void *realloc_wrapper(void *ptr, size_t size) { return realloc(ptr, size); } + +void test_aligned_alloc_to_realloc(void) { + void *v1; + void *v2; + void *v3; + + v1 = aligned_alloc_wrapper(32, 32); + v1 = realloc_wrapper(v1, 64); // NON_COMPLIANT - result reported in wrapper + v1 = realloc(v1, 64); // COMPLIANT + + v2 = aligned_alloc(16, 16); + v2 = realloc(v2, 32); // COMPLIANT - alignment unchanged + + v3 = aligned_alloc(32, 16); + v3 = realloc(v3, 32); // NON_COMPLIANT +} \ No newline at end of file diff --git a/c/common/src/codingstandards/c/Variable.qll b/c/common/src/codingstandards/c/Variable.qll index 4231243be2..6cb18dfb85 100644 --- a/c/common/src/codingstandards/c/Variable.qll +++ b/c/common/src/codingstandards/c/Variable.qll @@ -26,15 +26,15 @@ class FlexibleArrayMember extends FlexibleArrayMemberCandidate { * includes any sized array (either specified or not) */ class FlexibleArrayMemberCandidate extends MemberVariable { - Struct s; - FlexibleArrayMemberCandidate() { this.getType() instanceof ArrayType and - this.getDeclaringType() = s and - not exists(int i, int j | - s.getAMember(i) = this and - exists(s.getAMember(j)) and - j > i + exists(Struct s | + this.getDeclaringType() = s and + not exists(int i, int j | + s.getAMember(i) = this and + exists(s.getAMember(j)) and + j > i + ) ) } } @@ -52,3 +52,17 @@ Variable getAddressOfExprTargetBase(AddressOfExpr expr) { or result = expr.getOperand().(ArrayExpr).getArrayBase().(VariableAccess).getTarget() } + + +/** + * A struct that contains a flexible array member + */ +class FlexibleArrayStructType extends Struct { + FlexibleArrayMember member; + + FlexibleArrayStructType() { + this = member.getDeclaringType() + } + + FlexibleArrayMember getFlexibleArrayMember() { result = member } +} diff --git a/c/cert/test/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.expected b/c/common/test/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.expected similarity index 100% rename from c/cert/test/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.expected rename to c/common/test/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.expected diff --git a/c/common/test/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.ql b/c/common/test/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.ql new file mode 100644 index 0000000000..1769b6862e --- /dev/null +++ b/c/common/test/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.closefilehandlewhennolongerneededshared.CloseFileHandleWhenNoLongerNeededShared diff --git a/c/cert/test/rules/FIO42-C/test.c b/c/common/test/rules/closefilehandlewhennolongerneededshared/test.c similarity index 100% rename from c/cert/test/rules/FIO42-C/test.c rename to c/common/test/rules/closefilehandlewhennolongerneededshared/test.c diff --git a/c/common/test/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.expected b/c/common/test/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.expected new file mode 100644 index 0000000000..0844b14417 --- /dev/null +++ b/c/common/test/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.expected @@ -0,0 +1,4 @@ +| test.c:5:13:5:18 | call to malloc | The memory allocated here may not be freed at $@. | test.c:4:15:11:1 | { ... } | this location | +| test.c:14:13:14:19 | call to realloc | The memory allocated here may not be freed at $@. | test.c:13:25:20:1 | { ... } | this location | +| test.c:23:13:23:19 | call to realloc | The memory allocated here may not be freed at $@. | test.c:22:26:29:1 | { ... } | this location | +| test.c:42:13:42:18 | call to malloc | The memory allocated here may not be freed at $@. | test.c:51:3:51:11 | return ... | this location | diff --git a/c/common/test/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.ql b/c/common/test/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.ql new file mode 100644 index 0000000000..6656768011 --- /dev/null +++ b/c/common/test/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.freememorywhennolongerneededshared.FreeMemoryWhenNoLongerNeededShared diff --git a/c/common/test/rules/freememorywhennolongerneededshared/test.c b/c/common/test/rules/freememorywhennolongerneededshared/test.c new file mode 100644 index 0000000000..85a86594ba --- /dev/null +++ b/c/common/test/rules/freememorywhennolongerneededshared/test.c @@ -0,0 +1,82 @@ +#include +#include + +int f1a(void) { + void *p = malloc(10); // NON_COMPLIANT + if (NULL == p) { + return -1; + } + /* ... */ + return 0; +} + +int f1b(const void *in) { + void *p = realloc(in, 10); // NON_COMPLIANT + if (NULL == p) { + return -1; + } + /* ... */ + return 0; +} + +void f1c(const void *in) { + void *p = realloc(in, 10); // NON_COMPLIANT + if (NULL == p) { + return; + } + /* ... */ + // pointer out of scope not freed +} + +int f2a(void) { + void *p = malloc(10); // COMPLIANT + if (NULL == p) { + return -1; + } + /* ... */ + free(p); + return 0; +} + +int f2b(int test) { + void *p = malloc(10); // NON_COMPLIANT + if (NULL == p) { + return -1; + } + if (test == 1) { + free(p); + return -1; + } + // memory not freed on this path + return 0; +} + +// scope prolonged +int f2c(void) { + void *q; + { + void *p = malloc(10); // COMPLIANT + if (NULL == p) { + return -1; + } + /* ... */ + q = p; + // p out of scope + } + free(q); + return 0; +} + +// interprocedural +int free_helper(void *g) { + free(g); + return 0; +} + +int f2inter(void) { + void *p = malloc(10); // COMPLIANT + if (NULL == p) { + return -1; + } + return free_helper(p); +} \ No newline at end of file diff --git a/c/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.expected b/c/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.expected new file mode 100644 index 0000000000..01b4649fa8 --- /dev/null +++ b/c/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.expected @@ -0,0 +1 @@ +| test.c:13:8:13:13 | call to memcmp | memcmp accesses bits which are not part of the object's value representation. | diff --git a/c/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql b/c/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql new file mode 100644 index 0000000000..f924c33f1d --- /dev/null +++ b/c/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.memcmpusedtocomparepaddingdata.MemcmpUsedToComparePaddingData diff --git a/c/common/test/rules/memcmpusedtocomparepaddingdata/test.c b/c/common/test/rules/memcmpusedtocomparepaddingdata/test.c new file mode 100644 index 0000000000..00cf4c3230 --- /dev/null +++ b/c/common/test/rules/memcmpusedtocomparepaddingdata/test.c @@ -0,0 +1,20 @@ +#include + +struct S1 { + unsigned char buffType; + int size; +}; + +struct S2 { + unsigned char buff[8]; +}; + +void f1(const struct S1 *s1, const struct S1 *s2) { + if (!memcmp(s1, s2, sizeof(struct S1))) { // NON_COMPLIANT + } +} + +void f2(const struct S2 *s1, const struct S2 *s2) { + if (!memcmp(&s1, &s2, sizeof(struct S2))) { // COMPLIANT + } +} \ No newline at end of file diff --git a/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.expected b/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.expected new file mode 100644 index 0000000000..84b0cb0ba3 --- /dev/null +++ b/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.expected @@ -0,0 +1,6 @@ +| test.c:8:8:8:10 | g_p | Free expression frees non-dynamically allocated memory. | test.c:8:8:8:10 | g_p | | +| test.c:10:8:10:10 | g_p | Free expression frees $@ which was not dynamically allocated. | test.c:9:9:9:12 | & ... | memory | +| test.c:15:33:15:35 | g_p | Free expression frees non-dynamically allocated memory. | test.c:15:33:15:35 | g_p | | +| test.c:17:36:17:38 | ptr | Free expression frees $@ which was not dynamically allocated. | test.c:24:7:24:8 | & ... | memory | +| test.c:23:8:23:8 | p | Free expression frees $@ which was not dynamically allocated. | test.c:22:13:22:14 | & ... | memory | +| test.c:42:10:42:10 | p | Free expression frees non-dynamically allocated memory. | test.c:42:10:42:10 | p | | diff --git a/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.ql b/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.ql new file mode 100644 index 0000000000..a678006d69 --- /dev/null +++ b/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.onlyfreememoryallocateddynamicallyshared.OnlyFreeMemoryAllocatedDynamicallyShared diff --git a/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/test.c b/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/test.c new file mode 100644 index 0000000000..20b39454a1 --- /dev/null +++ b/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/test.c @@ -0,0 +1,47 @@ +#include +#include + +int g_i = 0; +void *g_p = &g_i; + +void test_global(void) { + free(g_p); // NON_COMPLIANT + g_p = &g_i; + free(g_p); // NON_COMPLIANT + g_p = malloc(10); + free(g_p); // COMPLIANT - but could be written to in different scope +} + +void test_global_b(void) { free(g_p); } // NON_COMPLIANT + +void free_nested(void *ptr) { free(ptr); } // NON_COMPLIANT - some paths + +void test_local(void) { + int i; + int j; + void *p = &i; + free(p); // NON_COMPLIANT + p = &j; + free_nested(p); // NON_COMPLIANT + p = malloc(10); + free(p); // COMPLIANT + p = malloc(10); + free_nested(p); // COMPLIANT +} + +struct S { + int i; + void *p; +}; + +void test_local_field_nested(struct S *s) { free(s->p); } // COMPLIANT + +void test_local_field(void) { + struct S s; + s.p = &s.i; + free(s.p); // NON_COMPLIANT + s.p = malloc(10); + free(s.p); // COMPLIANT + s.p = malloc(10); + test_local_field_nested(&s); +} \ No newline at end of file diff --git a/c/misra/src/rules/RULE-22-1/CloseFileHandleWhenNoLongerNeededMisra.ql b/c/misra/src/rules/RULE-22-1/CloseFileHandleWhenNoLongerNeededMisra.ql new file mode 100644 index 0000000000..66f4625584 --- /dev/null +++ b/c/misra/src/rules/RULE-22-1/CloseFileHandleWhenNoLongerNeededMisra.ql @@ -0,0 +1,23 @@ +/** + * @id c/misra/close-file-handle-when-no-longer-needed-misra + * @name RULE-22-1: File handles acquired with Standard Library functions shall be explicitly closed + * @description File handles acquired with standard library functions should be released to avoid + * resource exhaustion. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-22-1 + * correctness + * security + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.rules.closefilehandlewhennolongerneededshared.CloseFileHandleWhenNoLongerNeededShared + +class CloseFileHandleWhenNoLongerNeededMisraQuery extends CloseFileHandleWhenNoLongerNeededSharedSharedQuery { + CloseFileHandleWhenNoLongerNeededMisraQuery() { + this = Memory2Package::closeFileHandleWhenNoLongerNeededMisraQuery() + } +} diff --git a/c/misra/src/rules/RULE-22-1/FreeMemoryWhenNoLongerNeededMisra.ql b/c/misra/src/rules/RULE-22-1/FreeMemoryWhenNoLongerNeededMisra.ql new file mode 100644 index 0000000000..1650590559 --- /dev/null +++ b/c/misra/src/rules/RULE-22-1/FreeMemoryWhenNoLongerNeededMisra.ql @@ -0,0 +1,23 @@ +/** + * @id c/misra/free-memory-when-no-longer-needed-misra + * @name RULE-22-1: Memory allocated dynamically with Standard Library functions shall be explicitly released + * @description Memory allocated dynamically with standard library functions should be freed to + * avoid memory leaks. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-22-1 + * correctness + * security + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.rules.freememorywhennolongerneededshared.FreeMemoryWhenNoLongerNeededShared + +class FreeMemoryWhenNoLongerNeededMisraQuery extends FreeMemoryWhenNoLongerNeededSharedSharedQuery { + FreeMemoryWhenNoLongerNeededMisraQuery() { + this = Memory2Package::freeMemoryWhenNoLongerNeededMisraQuery() + } +} diff --git a/c/misra/src/rules/RULE-22-2/OnlyFreeMemoryAllocatedDynamicallyMisra.ql b/c/misra/src/rules/RULE-22-2/OnlyFreeMemoryAllocatedDynamicallyMisra.ql new file mode 100644 index 0000000000..9293ebe716 --- /dev/null +++ b/c/misra/src/rules/RULE-22-2/OnlyFreeMemoryAllocatedDynamicallyMisra.ql @@ -0,0 +1,23 @@ +/** + * @id c/misra/only-free-memory-allocated-dynamically-misra + * @name RULE-22-2: A block of memory shall only be freed if it was allocated by means of a Standard Library function + * @description Freeing memory that is not allocated dynamically can lead to heap corruption and + * undefined behavior. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/misra/id/rule-22-2 + * correctness + * security + * external/misra/obligation/mandatory + */ + +import cpp +import codingstandards.c.misra +import codingstandards.cpp.rules.onlyfreememoryallocateddynamicallyshared.OnlyFreeMemoryAllocatedDynamicallyShared + +class OnlyFreeMemoryAllocatedDynamicallyMisraQuery extends OnlyFreeMemoryAllocatedDynamicallySharedSharedQuery { + OnlyFreeMemoryAllocatedDynamicallyMisraQuery() { + this = Memory2Package::onlyFreeMemoryAllocatedDynamicallyMisraQuery() + } +} diff --git a/c/misra/test/rules/RULE-22-1/CloseFileHandleWhenNoLongerNeededMisra.testref b/c/misra/test/rules/RULE-22-1/CloseFileHandleWhenNoLongerNeededMisra.testref new file mode 100644 index 0000000000..960e2354ae --- /dev/null +++ b/c/misra/test/rules/RULE-22-1/CloseFileHandleWhenNoLongerNeededMisra.testref @@ -0,0 +1 @@ +c/common/test/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-22-1/FreeMemoryWhenNoLongerNeededMisra.testref b/c/misra/test/rules/RULE-22-1/FreeMemoryWhenNoLongerNeededMisra.testref new file mode 100644 index 0000000000..c3215c5533 --- /dev/null +++ b/c/misra/test/rules/RULE-22-1/FreeMemoryWhenNoLongerNeededMisra.testref @@ -0,0 +1 @@ +c/common/test/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-22-2/OnlyFreeMemoryAllocatedDynamicallyMisra.testref b/c/misra/test/rules/RULE-22-2/OnlyFreeMemoryAllocatedDynamicallyMisra.testref new file mode 100644 index 0000000000..edf7c5cc3b --- /dev/null +++ b/c/misra/test/rules/RULE-22-2/OnlyFreeMemoryAllocatedDynamicallyMisra.testref @@ -0,0 +1 @@ +c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.ql \ No newline at end of file diff --git a/change_notes/2023-03-14-fio42-c-fix-logic-error.md b/change_notes/2023-03-14-fio42-c-fix-logic-error.md new file mode 100644 index 0000000000..c4b8019789 --- /dev/null +++ b/change_notes/2023-03-14-fio42-c-fix-logic-error.md @@ -0,0 +1,3 @@ + - `FIO42-C` - `CloseFilesWhenTheyAreNoLongerNeeded.ql`: + - Parentheses have been added to a resolve previously lacking parentheses in the `where` clause, such that the exclusion mechanism only functioned for a certain subset of results. + - The query implementation has been moved to a shared implementation. \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation.md b/cpp/cert/src/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation.md index c5ecafae1a..44380a3b49 100644 --- a/cpp/cert/src/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation.md +++ b/cpp/cert/src/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation.md @@ -3,155 +3,9 @@ This query implements the CERT-C++ rule EXP62-CPP: > Do not access the bits of an object representation that are not part of the object's value representation +## CERT - -## Description - -The C++ Standard, \[basic.types\], paragraph 9 \[[ISO/IEC 14882-2014](https://wiki.sei.cmu.edu/confluence/display/cplusplus/AA.+Bibliography#AA.Bibliography-ISO%2FIEC14882-2014)\], states the following: - -> The *object representation* of an object of type `T` is the sequence of *N* `unsigned char` objects taken up by the object of type `T`, where *N* equals `sizeof(T)`. The *value representation* of an object is the set of bits that hold the value of type `T`. - - -The narrow character types (`char`, `signed char`, and `unsigned char`)—as well as some other integral types on specific platforms—have an object representation that consists solely of the bits from the object's value representation. For such types, accessing any of the bits of the value representation is well-defined behavior. This form of object representation allows a programmer to access and modify an object solely based on its bit representation, such as by calling `std::memcmp()` on its object representation. - -Other types, such as classes, may not have an object representation composed solely of the bits from the object's value representation. For instance, classes may have bit-field data members, padding inserted between data members, a [vtable](https://wiki.sei.cmu.edu/confluence/display/cplusplus/BB.+Definitions#BB.Definitions-vtable) to support virtual method dispatch, or data members declared with different access privileges. For such types, accessing bits of the object representation that are not part of the object's value representation may result in [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/cplusplus/BB.+Definitions#BB.Definitions-undefinedbehavior) depending on how those bits are accessed. - -Do not access the bits of an object representation that are not part of the object's value representation. Even if the bits are accessed in a well-defined manner, such as through an array of `unsigned char` objects, the values represented by those bits are unspecified or implementation-defined, and reliance on any particular value can lead to abnormal program execution. - -## Noncompliant Code Example - -In this noncompliant code example, the complete object representation is accessed when comparing two objects of type `S`. Per the C++ Standard, \[class\], paragraph 13 \[[ISO/IEC 14882-2014](https://wiki.sei.cmu.edu/confluence/display/cplusplus/AA.+Bibliography#AA.Bibliography-ISO%2FIEC14882-2014)\], classes may be padded with data to ensure that they are properly aligned in memory. The contents of the padding and the amount of padding added is [implementation-defined](https://wiki.sei.cmu.edu/confluence/display/cplusplus/BB.+Definitions#BB.Definitions-implementation-definedbehavior). This can lead to incorrect results when comparing the object representation of classes instead of the value representation, as the padding may assume different [unspecified values](https://wiki.sei.cmu.edu/confluence/display/cplusplus/BB.+Definitions#BB.Definitions-unspecifiedvalue) for each object instance. - -```cpp -#include - -struct S { - unsigned char buffType; - int size; -}; - -void f(const S &s1, const S &s2) { - if (!std::memcmp(&s1, &s2, sizeof(S))) { - // ... - } -} -``` - -## Compliant Solution - -In this compliant solution, `S` overloads `operator==()` to perform a comparison of the value representation of the object. - -```cpp -struct S { - unsigned char buffType; - int size; - - friend bool operator==(const S &lhs, const S &rhs) { - return lhs.buffType == rhs.buffType && - lhs.size == rhs.size; - } -}; - -void f(const S &s1, const S &s2) { - if (s1 == s2) { - // ... - } -} -``` - -## Noncompliant Code Example - -In this noncompliant code example, `std::memset()` is used to clear the internal state of an object. An [implementation](https://wiki.sei.cmu.edu/confluence/display/cplusplus/BB.+Definitions#BB.Definitions-implementation) may store a vtable within the object instance due to the presence of a virtual function, and that vtable is subsequently overwritten by the call to `std::memset()`, leading to [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/cplusplus/BB.+Definitions#BB.Definitions-undefinedbehavior) when virtual method dispatch is required. - -```cpp -#include - -struct S { - int i, j, k; - - // ... - - virtual void f(); -}; - -void f() { - S *s = new S; - // ... - std::memset(s, 0, sizeof(S)); - // ... - s->f(); // undefined behavior -} -``` - -## Compliant Solution - -In this compliant solution, the data members of `S` are cleared explicitly instead of calling `std::memset().` - -```cpp -struct S { - int i, j, k; - - // ... - - virtual void f(); - void clear() { i = j = k = 0; } -}; - -void f() { - S *s = new S; - // ... - s->clear(); - // ... - s->f(); // ok -} -``` - -## Exceptions - -**EXP62-CPP-EX1:** It is permissible to access the bits of an object representation when that access is otherwise unobservable in well-defined code. Specifically, reading bits that are not part of the value representation is permissible when there is no reliance or assumptions placed on their values, and writing bits that are not part of the value representation is only permissible when those bits are padding bits. This exception does not permit writing to bits that are part of the object representation aside from padding bits, such as overwriting a vtable pointer. - -For instance, it is acceptable to call `std::memcpy()` on an object containing a bit-field, as in the following example, because the read and write of the padding bits cannot be observed. - -```cpp -#include - -struct S { - int i : 10; - int j; -}; - -void f(const S &s1) { - S s2; - std::memcpy(&s2, &s1, sizeof(S)); -} -``` -Code that complies with this exception must still comply with [OOP57-CPP. Prefer special member functions and overloaded operators to C Standard Library functions](https://wiki.sei.cmu.edu/confluence/display/cplusplus/OOP57-CPP.+Prefer+special+member+functions+and+overloaded+operators+to+C+Standard+Library+functions). - -## Risk Assessment - -The effects of accessing bits of an object representation that are not part of the object's value representation can range from [implementation-defined behavior](https://wiki.sei.cmu.edu/confluence/display/cplusplus/BB.+Definitions#BB.Definitions-implementation-definedbehavior) (such as assuming the layout of fields with differing access controls) to code execution [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/cplusplus/BB.+Definitions#BB.Definitions-vulnerability) (such as overwriting the vtable pointer). - -
    Rule Severity Likelihood Remediation Cost Priority Level
    EXP62-CPP High Probable High P6 L2
    - - -## Automated Detection - -
    Tool Version Checker Description
    Astrée 20.10 invalid_pointer_dereferenceuninitialized_variable_use
    CodeSonar 7.0p0 BADFUNC.MEMCMP BADFUNC.MEMSET Use of memcmp Use of memset
    Helix QAC 2022.2 C++4726, C++4727, C++4728, C++4729, C++4731, C++4732, C++4733, C++4734
    LDRA tool suite 618 S Partially implemented
    Parasoft C/C++test 2022.1 CERT_CPP-EXP62-a Do not compare objects of a class that may contain padding bits with C standard library functions
    PVS-Studio 7.19 V598 , V780, V1084
    - - -## Related Vulnerabilities - -Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/cplusplus/BB.+Definitions#BB.Definitions-vulnerabil) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+EXP62-CPP). - -## Related Guidelines - -
    SEI CERT C++ Coding Standard OOP57-CPP. Prefer special member functions and overloaded operators to C Standard Library functions
    - - -## Bibliography - -
    \[ ISO/IEC 14882-2014 \] Subclause 3.9, "Types" Subclause 3.10, "Lvalues and Rvalues" Clause 9, "Classes"
    - +** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** ## Implementation notes diff --git a/cpp/cert/src/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation.ql b/cpp/cert/src/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation.ql index c57a5f2f9b..4b8b67368f 100644 --- a/cpp/cert/src/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation.ql +++ b/cpp/cert/src/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation.ql @@ -13,18 +13,10 @@ import cpp import codingstandards.cpp.cert -import semmle.code.cpp.padding.Padding -import semmle.code.cpp.security.BufferAccess -import VirtualTable +import codingstandards.cpp.rules.memcmpusedtocomparepaddingdata.MemcmpUsedToComparePaddingData -from MemcmpBA cmp -where - not isExcluded(cmp, RepresentationPackage::memcmpUsedToAccessObjectRepresentationQuery()) and - cmp.getBuffer(_, _) - .getUnconverted() - .getUnspecifiedType() - .(PointerType) - .getBaseType() - .getUnspecifiedType() instanceof PaddedType -select cmp, - cmp.getName() + " accesses bits which are not part of the object's value representation." +class MemcmpUsedToAccessObjectRepresentationQuery extends MemcmpUsedToComparePaddingDataSharedQuery { + MemcmpUsedToAccessObjectRepresentationQuery() { + this = RepresentationPackage::memcmpUsedToAccessObjectRepresentationQuery() + } +} diff --git a/cpp/cert/src/rules/MEM57-CPP/UsingDefaultOperatorNewForOverAlignedTypes.ql b/cpp/cert/src/rules/MEM57-CPP/UsingDefaultOperatorNewForOverAlignedTypes.ql index 8fc33f8457..f8a5247ff1 100644 --- a/cpp/cert/src/rules/MEM57-CPP/UsingDefaultOperatorNewForOverAlignedTypes.ql +++ b/cpp/cert/src/rules/MEM57-CPP/UsingDefaultOperatorNewForOverAlignedTypes.ql @@ -15,6 +15,7 @@ import cpp import codingstandards.cpp.cert import codingstandards.cpp.Alignment +import codingstandards.cpp.Allocations from NewOrNewArrayExpr newExpr, Type overAlignedType where diff --git a/cpp/cert/test/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation.expected b/cpp/cert/test/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation.expected deleted file mode 100644 index bb0dc52e0c..0000000000 --- a/cpp/cert/test/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation.expected +++ /dev/null @@ -1 +0,0 @@ -| test.cpp:19:8:19:18 | call to memcmp | memcmp accesses bits which are not part of the object's value representation. | diff --git a/cpp/cert/test/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation.qlref b/cpp/cert/test/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation.qlref deleted file mode 100644 index 103173391a..0000000000 --- a/cpp/cert/test/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation.ql \ No newline at end of file diff --git a/cpp/cert/test/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation.testref b/cpp/cert/test/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation.testref new file mode 100644 index 0000000000..aacddd73c6 --- /dev/null +++ b/cpp/cert/test/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation.testref @@ -0,0 +1 @@ +cpp/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql \ No newline at end of file diff --git a/cpp/cert/test/rules/EXP62-CPP/MemcpyUsedToAccessObjectRepresentation.expected b/cpp/cert/test/rules/EXP62-CPP/MemcpyUsedToAccessObjectRepresentation.expected index 23ba8ceb60..b690d25f2b 100644 --- a/cpp/cert/test/rules/EXP62-CPP/MemcpyUsedToAccessObjectRepresentation.expected +++ b/cpp/cert/test/rules/EXP62-CPP/MemcpyUsedToAccessObjectRepresentation.expected @@ -1 +1 @@ -| test.cpp:32:3:32:13 | call to memcpy | call to memcpy accesses bits which are not part of the object's value representation. | +| test.cpp:12:3:12:13 | call to memcpy | call to memcpy accesses bits which are not part of the object's value representation. | diff --git a/cpp/cert/test/rules/EXP62-CPP/MemsetUsedToAccessObjectRepresentation.expected b/cpp/cert/test/rules/EXP62-CPP/MemsetUsedToAccessObjectRepresentation.expected index 56b93ef68b..1ad5885d8d 100644 --- a/cpp/cert/test/rules/EXP62-CPP/MemsetUsedToAccessObjectRepresentation.expected +++ b/cpp/cert/test/rules/EXP62-CPP/MemsetUsedToAccessObjectRepresentation.expected @@ -1 +1 @@ -| test.cpp:59:3:59:13 | call to memset | call to memset accesses bits which are not part of the object's value representation. | +| test.cpp:39:3:39:13 | call to memset | call to memset accesses bits which are not part of the object's value representation. | diff --git a/cpp/cert/test/rules/EXP62-CPP/test.cpp b/cpp/cert/test/rules/EXP62-CPP/test.cpp index 818686e1ff..1f80dc04c2 100644 --- a/cpp/cert/test/rules/EXP62-CPP/test.cpp +++ b/cpp/cert/test/rules/EXP62-CPP/test.cpp @@ -1,25 +1,5 @@ #include -struct S { - unsigned char buffType; - int size; - - friend bool operator==(const S &lhs, const S &rhs) { - return lhs.buffType == rhs.buffType && lhs.size == rhs.size; - } -}; - -void f(const S &s1, const S &s2) { - if (s1 == s2) { - // COMPLIANT S overloads operator==() to perform a comparison of the value - // representation of the object - } -} -void f1(const S &s1, const S &s2) { - if (!std::memcmp(&s1, &s2, sizeof(S))) { // NON_COMPLIANT - } -} - struct S1 { int i, j, k; diff --git a/cpp/common/src/codingstandards/cpp/Allocations.qll b/cpp/common/src/codingstandards/cpp/Allocations.qll index db47b0b028..f0523d2d0b 100644 --- a/cpp/common/src/codingstandards/cpp/Allocations.qll +++ b/cpp/common/src/codingstandards/cpp/Allocations.qll @@ -168,3 +168,21 @@ predicate freeExprOrIndirect(Expr free, Expr freed, string kind) { free.(FunctionCall).getArgument(arg) = freed ) } + +class MaxAlignT extends TypedefType { + MaxAlignT() { getName() = "max_align_t" } +} + +/** + * Gets the alignment for `max_align_t`, assuming there is a single consistent alignment for the + * database. + * + * In theory, each compilation of each file can have a different `max_align_t` value (for example, + * if the same file is compiled under different compilers in the same database). We don't have the + * fine-grained data to determine which compilation each operator new call is from, so only hold in + * cases where there's a single clear alignment for the whole database. + */ +int getGlobalMaxAlignT() { + count(MaxAlignT m | | m.getAlignment()) = 1 and + result = any(MaxAlignT t).getAlignment() +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Memory2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Memory2.qll new file mode 100644 index 0000000000..4f537020fa --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Memory2.qll @@ -0,0 +1,197 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype Memory2Query = + TDoNotSubtractPointersThatDoNotReferToTheSameArrayQuery() or + TDoNotRelatePointersThatDoNotReferToTheSameArrayQuery() or + TDoNotComparePaddingDataQuery() or + TFreeMemoryWhenNoLongerNeededCertQuery() or + TAllocStructsWithAFlexibleArrayMemberDynamicallyQuery() or + TCopyStructsWithAFlexibleArrayMemberDynamicallyQuery() or + TOnlyFreeMemoryAllocatedDynamicallyCertQuery() or + TDoNotModifyAlignmentOfMemoryWithReallocQuery() or + TFreeMemoryWhenNoLongerNeededMisraQuery() or + TCloseFileHandleWhenNoLongerNeededMisraQuery() or + TOnlyFreeMemoryAllocatedDynamicallyMisraQuery() + +predicate isMemory2QueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `doNotSubtractPointersThatDoNotReferToTheSameArray` query + Memory2Package::doNotSubtractPointersThatDoNotReferToTheSameArrayQuery() and + queryId = + // `@id` for the `doNotSubtractPointersThatDoNotReferToTheSameArray` query + "c/cert/do-not-subtract-pointers-that-do-not-refer-to-the-same-array" and + ruleId = "ARR36-C" and + category = "rule" + or + query = + // `Query` instance for the `doNotRelatePointersThatDoNotReferToTheSameArray` query + Memory2Package::doNotRelatePointersThatDoNotReferToTheSameArrayQuery() and + queryId = + // `@id` for the `doNotRelatePointersThatDoNotReferToTheSameArray` query + "c/cert/do-not-relate-pointers-that-do-not-refer-to-the-same-array" and + ruleId = "ARR36-C" and + category = "rule" + or + query = + // `Query` instance for the `doNotComparePaddingData` query + Memory2Package::doNotComparePaddingDataQuery() and + queryId = + // `@id` for the `doNotComparePaddingData` query + "c/cert/do-not-compare-padding-data" and + ruleId = "EXP42-C" and + category = "rule" + or + query = + // `Query` instance for the `freeMemoryWhenNoLongerNeededCert` query + Memory2Package::freeMemoryWhenNoLongerNeededCertQuery() and + queryId = + // `@id` for the `freeMemoryWhenNoLongerNeededCert` query + "c/cert/free-memory-when-no-longer-needed-cert" and + ruleId = "MEM31-C" and + category = "rule" + or + query = + // `Query` instance for the `allocStructsWithAFlexibleArrayMemberDynamically` query + Memory2Package::allocStructsWithAFlexibleArrayMemberDynamicallyQuery() and + queryId = + // `@id` for the `allocStructsWithAFlexibleArrayMemberDynamically` query + "c/cert/alloc-structs-with-a-flexible-array-member-dynamically" and + ruleId = "MEM33-C" and + category = "rule" + or + query = + // `Query` instance for the `copyStructsWithAFlexibleArrayMemberDynamically` query + Memory2Package::copyStructsWithAFlexibleArrayMemberDynamicallyQuery() and + queryId = + // `@id` for the `copyStructsWithAFlexibleArrayMemberDynamically` query + "c/cert/copy-structs-with-a-flexible-array-member-dynamically" and + ruleId = "MEM33-C" and + category = "rule" + or + query = + // `Query` instance for the `onlyFreeMemoryAllocatedDynamicallyCert` query + Memory2Package::onlyFreeMemoryAllocatedDynamicallyCertQuery() and + queryId = + // `@id` for the `onlyFreeMemoryAllocatedDynamicallyCert` query + "c/cert/only-free-memory-allocated-dynamically-cert" and + ruleId = "MEM34-C" and + category = "rule" + or + query = + // `Query` instance for the `doNotModifyAlignmentOfMemoryWithRealloc` query + Memory2Package::doNotModifyAlignmentOfMemoryWithReallocQuery() and + queryId = + // `@id` for the `doNotModifyAlignmentOfMemoryWithRealloc` query + "c/cert/do-not-modify-alignment-of-memory-with-realloc" and + ruleId = "MEM36-C" and + category = "rule" + or + query = + // `Query` instance for the `freeMemoryWhenNoLongerNeededMisra` query + Memory2Package::freeMemoryWhenNoLongerNeededMisraQuery() and + queryId = + // `@id` for the `freeMemoryWhenNoLongerNeededMisra` query + "c/misra/free-memory-when-no-longer-needed-misra" and + ruleId = "RULE-22-1" and + category = "required" + or + query = + // `Query` instance for the `closeFileHandleWhenNoLongerNeededMisra` query + Memory2Package::closeFileHandleWhenNoLongerNeededMisraQuery() and + queryId = + // `@id` for the `closeFileHandleWhenNoLongerNeededMisra` query + "c/misra/close-file-handle-when-no-longer-needed-misra" and + ruleId = "RULE-22-1" and + category = "required" + or + query = + // `Query` instance for the `onlyFreeMemoryAllocatedDynamicallyMisra` query + Memory2Package::onlyFreeMemoryAllocatedDynamicallyMisraQuery() and + queryId = + // `@id` for the `onlyFreeMemoryAllocatedDynamicallyMisra` query + "c/misra/only-free-memory-allocated-dynamically-misra" and + ruleId = "RULE-22-2" and + category = "mandatory" +} + +module Memory2Package { + Query doNotSubtractPointersThatDoNotReferToTheSameArrayQuery() { + //autogenerate `Query` type + result = + // `Query` type for `doNotSubtractPointersThatDoNotReferToTheSameArray` query + TQueryC(TMemory2PackageQuery(TDoNotSubtractPointersThatDoNotReferToTheSameArrayQuery())) + } + + Query doNotRelatePointersThatDoNotReferToTheSameArrayQuery() { + //autogenerate `Query` type + result = + // `Query` type for `doNotRelatePointersThatDoNotReferToTheSameArray` query + TQueryC(TMemory2PackageQuery(TDoNotRelatePointersThatDoNotReferToTheSameArrayQuery())) + } + + Query doNotComparePaddingDataQuery() { + //autogenerate `Query` type + result = + // `Query` type for `doNotComparePaddingData` query + TQueryC(TMemory2PackageQuery(TDoNotComparePaddingDataQuery())) + } + + Query freeMemoryWhenNoLongerNeededCertQuery() { + //autogenerate `Query` type + result = + // `Query` type for `freeMemoryWhenNoLongerNeededCert` query + TQueryC(TMemory2PackageQuery(TFreeMemoryWhenNoLongerNeededCertQuery())) + } + + Query allocStructsWithAFlexibleArrayMemberDynamicallyQuery() { + //autogenerate `Query` type + result = + // `Query` type for `allocStructsWithAFlexibleArrayMemberDynamically` query + TQueryC(TMemory2PackageQuery(TAllocStructsWithAFlexibleArrayMemberDynamicallyQuery())) + } + + Query copyStructsWithAFlexibleArrayMemberDynamicallyQuery() { + //autogenerate `Query` type + result = + // `Query` type for `copyStructsWithAFlexibleArrayMemberDynamically` query + TQueryC(TMemory2PackageQuery(TCopyStructsWithAFlexibleArrayMemberDynamicallyQuery())) + } + + Query onlyFreeMemoryAllocatedDynamicallyCertQuery() { + //autogenerate `Query` type + result = + // `Query` type for `onlyFreeMemoryAllocatedDynamicallyCert` query + TQueryC(TMemory2PackageQuery(TOnlyFreeMemoryAllocatedDynamicallyCertQuery())) + } + + Query doNotModifyAlignmentOfMemoryWithReallocQuery() { + //autogenerate `Query` type + result = + // `Query` type for `doNotModifyAlignmentOfMemoryWithRealloc` query + TQueryC(TMemory2PackageQuery(TDoNotModifyAlignmentOfMemoryWithReallocQuery())) + } + + Query freeMemoryWhenNoLongerNeededMisraQuery() { + //autogenerate `Query` type + result = + // `Query` type for `freeMemoryWhenNoLongerNeededMisra` query + TQueryC(TMemory2PackageQuery(TFreeMemoryWhenNoLongerNeededMisraQuery())) + } + + Query closeFileHandleWhenNoLongerNeededMisraQuery() { + //autogenerate `Query` type + result = + // `Query` type for `closeFileHandleWhenNoLongerNeededMisra` query + TQueryC(TMemory2PackageQuery(TCloseFileHandleWhenNoLongerNeededMisraQuery())) + } + + Query onlyFreeMemoryAllocatedDynamicallyMisraQuery() { + //autogenerate `Query` type + result = + // `Query` type for `onlyFreeMemoryAllocatedDynamicallyMisra` query + TQueryC(TMemory2PackageQuery(TOnlyFreeMemoryAllocatedDynamicallyMisraQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index e427fdef5b..8310ec0164 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -32,6 +32,7 @@ import IO4 import InvalidMemory1 import Language1 import Language2 +import Memory2 import Misc import Pointers1 import Pointers2 @@ -81,6 +82,7 @@ newtype TCQuery = TInvalidMemory1PackageQuery(InvalidMemory1Query q) or TLanguage1PackageQuery(Language1Query q) or TLanguage2PackageQuery(Language2Query q) or + TMemory2PackageQuery(Memory2Query q) or TMiscPackageQuery(MiscQuery q) or TPointers1PackageQuery(Pointers1Query q) or TPointers2PackageQuery(Pointers2Query q) or @@ -130,6 +132,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isInvalidMemory1QueryMetadata(query, queryId, ruleId, category) or isLanguage1QueryMetadata(query, queryId, ruleId, category) or isLanguage2QueryMetadata(query, queryId, ruleId, category) or + isMemory2QueryMetadata(query, queryId, ruleId, category) or isMiscQueryMetadata(query, queryId, ruleId, category) or isPointers1QueryMetadata(query, queryId, ruleId, category) or isPointers2QueryMetadata(query, queryId, ruleId, category) or diff --git a/cpp/common/src/codingstandards/cpp/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.qll b/cpp/common/src/codingstandards/cpp/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.qll new file mode 100644 index 0000000000..a1df75fe11 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.qll @@ -0,0 +1,168 @@ +/** + * Provides a library which includes a `problems` predicate for reporting + * file handles which are open but not closed before they go out of scope. + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import semmle.code.cpp.controlflow.StackVariableReachability +import codingstandards.cpp.standardlibrary.FileAccess +import codingstandards.cpp.Allocations + +/** + * 'call' is either a direct call to f, or a possible call to f + * via a function pointer. + */ +predicate mayCallFunction(Expr call, Function f) { + call.(FunctionCall).getTarget() = f or + call.(VariableCall).getVariable().getAnAssignedValue().getAChild*().(FunctionAccess).getTarget() = + f +} + +predicate fopenCallOrIndirect(Expr e) { + // direct allocation call + allocExpr(e, _) and + // We are only interested in allocation calls that are + // actually freed somehow, as MemoryNeverFreed + // will catch those that aren't. + fopenCallMayBeClosed(e) + or + exists(ReturnStmt rtn | + // indirect fopen call + mayCallFunction(e, rtn.getEnclosingFunction()) and + ( + // return fopen + fopenCallOrIndirect(rtn.getExpr()) + or + // return variable assigned with fopen + exists(Variable v | + v = rtn.getExpr().(VariableAccess).getTarget() and + fopenCallOrIndirect(v.getAnAssignedValue()) and + not assignedToFieldOrGlobal(v, _) + ) + ) + ) +} + +predicate fcloseCallOrIndirect(FunctionCall fc, Variable v) { + // direct fclose call + fcloseCall(fc, v.getAnAccess()) + or + // indirect fclose call + exists(FunctionCall midcall, Function mid, int arg | + fc.getArgument(arg) = v.getAnAccess() and + mayCallFunction(fc, mid) and + midcall.getEnclosingFunction() = mid and + fcloseCallOrIndirect(midcall, mid.getParameter(arg)) + ) +} + +predicate fopenDefinition(StackVariable v, ControlFlowNode def) { + exists(Expr expr | exprDefinition(v, def, expr) and fopenCallOrIndirect(expr)) +} + +class FOpenVariableReachability extends StackVariableReachabilityWithReassignment { + FOpenVariableReachability() { this = "FOpenVariableReachability" } + + override predicate isSourceActual(ControlFlowNode node, StackVariable v) { + fopenDefinition(v, node) + } + + override predicate isSinkActual(ControlFlowNode node, StackVariable v) { + // node may be used in fopenReaches + exists(node.(AnalysedExpr).getNullSuccessor(v)) or + fcloseCallOrIndirect(node, v) or + assignedToFieldOrGlobal(v, node) or + // node may be used directly in query + v.getFunction() = node.(ReturnStmt).getEnclosingFunction() + } + + override predicate isBarrier(ControlFlowNode node, StackVariable v) { definitionBarrier(v, node) } +} + +/** + * The value from fopen at `def` is still held in Variable `v` upon entering `node`. + */ +predicate fopenVariableReaches(StackVariable v, ControlFlowNode def, ControlFlowNode node) { + exists(FOpenVariableReachability r | + // reachability + r.reachesTo(def, _, node, v) + or + // accept def node itself + r.isSource(def, v) and + node = def + ) +} + +class FOpenReachability extends StackVariableReachabilityExt { + FOpenReachability() { this = "FOpenReachability" } + + override predicate isSource(ControlFlowNode node, StackVariable v) { fopenDefinition(v, node) } + + override predicate isSink(ControlFlowNode node, StackVariable v) { + v.getFunction() = node.(ReturnStmt).getEnclosingFunction() + } + + override predicate isBarrier( + ControlFlowNode source, ControlFlowNode node, ControlFlowNode next, StackVariable v + ) { + isSource(source, v) and + next = node.getASuccessor() and + // the file (stored in any variable `v0`) opened at `source` is closed or + // assigned to a global at node, or NULL checked on the edge node -> next. + exists(StackVariable v0 | fopenVariableReaches(v0, source, node) | + node.(AnalysedExpr).getNullSuccessor(v0) = next or + fcloseCallOrIndirect(node, v0) or + assignedToFieldOrGlobal(v0, node) + ) + } +} + +/** + * The value returned by fopen `def` has not been closed, confirmed to be null, + * or potentially leaked globally upon reaching `node` (regardless of what variable + * it's still held in, if any). + */ +predicate fopenReaches(ControlFlowNode def, ControlFlowNode node) { + exists(FOpenReachability r | r.reaches(def, _, node)) +} + +predicate assignedToFieldOrGlobal(StackVariable v, Expr e) { + // assigned to anything except a StackVariable + // (typically a field or global, but for example also *ptr = v) + e.(Assignment).getRValue() = v.getAnAccess() and + not e.(Assignment).getLValue().(VariableAccess).getTarget() instanceof StackVariable + or + exists(Expr midExpr, Function mid, int arg | + // indirect assignment + e.(FunctionCall).getArgument(arg) = v.getAnAccess() and + mayCallFunction(e, mid) and + midExpr.getEnclosingFunction() = mid and + assignedToFieldOrGlobal(mid.getParameter(arg), midExpr) + ) + or + // assigned to a field via constructor field initializer + e.(ConstructorFieldInit).getExpr() = v.getAnAccess() +} + +abstract class CloseFileHandleWhenNoLongerNeededSharedSharedQuery extends Query { } + +Query getQuery() { result instanceof CloseFileHandleWhenNoLongerNeededSharedSharedQuery } + +query predicate problems(ControlFlowNode def, string message, Stmt ret, string retMsg) { + not isExcluded(def, getQuery()) and + message = "The file opened here may not be closed at $@." and + retMsg = "this location" and + ( + fopenReaches(def, ret) and + not exists(StackVariable v | + fopenVariableReaches(v, def, ret) and + ret.getAChild*() = v.getAnAccess() + ) + or + opened(def) and + not fopenCallMayBeClosed(def) and + ret = def.getControlFlowScope().getEntryPoint() + ) +} diff --git a/cpp/common/src/codingstandards/cpp/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.qll b/cpp/common/src/codingstandards/cpp/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.qll new file mode 100644 index 0000000000..de4fb70610 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.qll @@ -0,0 +1,198 @@ +/** + * Provides a library which includes a `problems` predicate for reporting + * memory allocations which are allocated but not freed before they go out of scope. + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import semmle.code.cpp.controlflow.StackVariableReachability +import codingstandards.cpp.Allocations +import semmle.code.cpp.pointsto.PointsTo + +predicate allocated(FunctionCall fc) { allocExpr(fc, _) } + +/** Holds if there exists a call to a function that might free the allocation specified by `e`. */ +predicate freed(Expr e) { + freeExpr(_, e, _) or + exists(ExprCall c | + // cautiously assume that any ExprCall could be a call to free. + c.getAnArgument() = e + ) +} + +/** An expression for which there exists a function call that might free it. */ +class FreedExpr extends PointsToExpr { + FreedExpr() { freed(this) } + + override predicate interesting() { freed(this) } +} + +/** + * Holds if `fc` is a call to a function that allocates memory that might be freed. + */ +predicate mallocCallMayBeFreed(FunctionCall fc) { allocated(fc) and anythingPointsTo(fc) } + +/** + * 'call' is either a direct call to f, or a possible call to f + * via a function pointer. + */ +predicate mayCallFunction(Expr call, Function f) { + call.(FunctionCall).getTarget() = f or + call.(VariableCall).getVariable().getAnAssignedValue().getAChild*().(FunctionAccess).getTarget() = + f +} + +predicate allocCallOrIndirect(Expr e) { + // direct memory allocation call + allocated(e) and + // We are only interested in memory allocation calls that are + // actually freed somehow, as MemoryNeverFreed + // will catch those that aren't. + mallocCallMayBeFreed(e) + or + exists(ReturnStmt rtn | + // indirect memory allocation call + mayCallFunction(e, rtn.getEnclosingFunction()) and + ( + // return memory allocation + allocCallOrIndirect(rtn.getExpr()) + or + // return variable assigned with allocated memory + exists(Variable v | + v = rtn.getExpr().(VariableAccess).getTarget() and + allocCallOrIndirect(v.getAnAssignedValue()) and + not assignedToFieldOrGlobal(v, _) + ) + ) + ) +} + +predicate freeCallOrIndirect(FunctionCall fc, Variable v) { + // direct free call + v.getAnAccess() = fc.(DeallocationExpr).getFreedExpr() + or + // indirect free call + exists(FunctionCall midcall, Function mid, int arg | + fc.getArgument(arg) = v.getAnAccess() and + mayCallFunction(fc, mid) and + midcall.getEnclosingFunction() = mid and + freeCallOrIndirect(midcall, mid.getParameter(arg)) + ) +} + +predicate allocDefinition(StackVariable v, ControlFlowNode def) { + exists(Expr expr | exprDefinition(v, def, expr) and allocCallOrIndirect(expr)) +} + +class MallocVariableReachability extends StackVariableReachabilityWithReassignment { + MallocVariableReachability() { this = "MallocVariableReachability" } + + override predicate isSourceActual(ControlFlowNode node, StackVariable v) { + allocDefinition(v, node) + } + + override predicate isSinkActual(ControlFlowNode node, StackVariable v) { + // node may be used in allocReaches + exists(node.(AnalysedExpr).getNullSuccessor(v)) or + freeCallOrIndirect(node, v) or + assignedToFieldOrGlobal(v, node) or + // node may be used directly in query + v.getFunction() = node.(ReturnStmt).getEnclosingFunction() + } + + override predicate isBarrier(ControlFlowNode node, StackVariable v) { definitionBarrier(v, node) } +} + +/** + * The value from malloc at `def` is still held in Variable `v` upon entering `node`. + */ +predicate mallocVariableReaches(StackVariable v, ControlFlowNode def, ControlFlowNode node) { + exists(MallocVariableReachability r | + // reachability + r.reachesTo(def, _, node, v) + or + // accept def node itself + r.isSource(def, v) and + node = def + ) +} + +class MallocReachability extends StackVariableReachabilityExt { + MallocReachability() { this = "MallocReachability" } + + override predicate isSource(ControlFlowNode node, StackVariable v) { allocDefinition(v, node) } + + override predicate isSink(ControlFlowNode node, StackVariable v) { + v.getFunction() = node.(ReturnStmt).getEnclosingFunction() and + // exclude return statements that call a function and pass the pointer as an argument + not exists(Expr arg | + arg = node.(ReturnStmt).getExpr().(FunctionCall).getAnArgument() and + arg = v.getAnAccess() and + not dereferenced(arg) + ) + } + + override predicate isBarrier( + ControlFlowNode source, ControlFlowNode node, ControlFlowNode next, StackVariable v + ) { + isSource(source, v) and + next = node.getASuccessor() and + // the memory (stored in any variable `v0`) allocated at `source` is freed or + // assigned to a global at node, or NULL checked on the edge node -> next. + exists(StackVariable v0 | mallocVariableReaches(v0, source, node) | + node.(AnalysedExpr).getNullSuccessor(v0) = next or + freeCallOrIndirect(node, v0) or + assignedToFieldOrGlobal(v0, node) + ) + } +} + +/** + * The value returned by alloc `def` has not been freed, confirmed to be null, + * or potentially leaked globally upon reaching `node` (regardless of what variable + * it's still held in, if any). + */ +predicate mallocReaches(ControlFlowNode def, ControlFlowNode node) { + exists(MallocReachability r | r.reaches(def, _, node)) +} + +predicate assignedToFieldOrGlobal(StackVariable v, Expr e) { + // assigned to anything except a StackVariable + // (typically a field or global, but for example also *ptr = v) + e.(Assignment).getRValue() = v.getAnAccess() and + not e.(Assignment).getLValue().(VariableAccess).getTarget() instanceof StackVariable + or + exists(Expr midExpr, Function mid, int arg | + // indirect assignment + e.(FunctionCall).getArgument(arg) = v.getAnAccess() and + mayCallFunction(e, mid) and + midExpr.getEnclosingFunction() = mid and + assignedToFieldOrGlobal(mid.getParameter(arg), midExpr) + ) + or + // assigned to a field via constructor field initializer + e.(ConstructorFieldInit).getExpr() = v.getAnAccess() +} + +abstract class FreeMemoryWhenNoLongerNeededSharedSharedQuery extends Query { } + +Query getQuery() { result instanceof FreeMemoryWhenNoLongerNeededSharedSharedQuery } + +// note: this query is based on CloseFileHandleWhenNoLongerNeededShared.qll +query predicate problems(ControlFlowNode def, string message, Stmt ret, string retMsg) { + not isExcluded(def, getQuery()) and + message = "The memory allocated here may not be freed at $@." and + retMsg = "this location" and + ( + mallocReaches(def, ret) and + not exists(StackVariable v | + mallocVariableReaches(v, def, ret) and + ret.getAChild*() = v.getAnAccess() + ) + or + allocated(def) and + not mallocCallMayBeFreed(def) and + ret = def.getControlFlowScope().getEntryPoint() + ) +} diff --git a/cpp/common/src/codingstandards/cpp/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.qll b/cpp/common/src/codingstandards/cpp/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.qll new file mode 100644 index 0000000000..8017308fda --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.qll @@ -0,0 +1,27 @@ +/** + * Provides a library which includes a `problems` predicate for reporting + * instances of memcmp being used to access bits of an object representation + * that are not part of the object's value representation. + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import semmle.code.cpp.padding.Padding +import semmle.code.cpp.security.BufferAccess + +abstract class MemcmpUsedToComparePaddingDataSharedQuery extends Query { } + +Query getQuery() { result instanceof MemcmpUsedToComparePaddingDataSharedQuery } + +query predicate problems(MemcmpBA cmp, string message) { + not isExcluded(cmp, getQuery()) and + cmp.getBuffer(_, _) + .getUnconverted() + .getUnspecifiedType() + .(PointerType) + .getBaseType() + .getUnspecifiedType() instanceof PaddedType and + message = + cmp.getName() + " accesses bits which are not part of the object's value representation." +} diff --git a/cpp/common/src/codingstandards/cpp/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.qll b/cpp/common/src/codingstandards/cpp/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.qll new file mode 100644 index 0000000000..44c8d8147f --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.qll @@ -0,0 +1,127 @@ +/** + * Provides a library which includes a `problems` predicate for reporting memory + * that is not allocated dynamically being subsequently freed via a call to `free`. + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import codingstandards.cpp.Allocations +import semmle.code.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow2 + +/** + * A pointer to potentially dynamically allocated memory + */ +class AllocExprSource extends DataFlow::Node { + AllocExprSource() { + allocExprOrIndirect(this.asExpr(), _) + or + // additionally include calls to library functions or output parameters + // to heuristically reduce false-positives from library functions that + // might provide pointers to dynamically allocated memory + exists(FunctionCall fc | + not exists(fc.getTarget().getBlock()) and + ( + this.asExpr() = fc or + this.asDefiningArgument() = fc.getAnArgument() + ) + ) + } +} + +/** + * An argument to a call to `free` or `realloc`. + */ +class FreeExprSink extends DataFlow::Node { + FreeExprSink() { freeExpr(_, this.asExpr(), "free") } +} + +/** + * A data-flow configuration that tracks flow from an `AllocExprSource` to + * the value assigned to a variable. + */ +class AllocExprSourceToAssignedValueConfig extends DataFlow2::Configuration { + AllocExprSourceToAssignedValueConfig() { this = "AllocExprSourceToAssignedValueConfig" } + + override predicate isSource(DataFlow::Node source) { source instanceof AllocExprSource } + + override predicate isSink(DataFlow::Node sink) { + sink.asExpr() = any(Variable v).getAnAssignedValue() + } +} + +/** + * An assignment of a value that is not a dynamically allocated pointer to a variable. + */ +class NonDynamicallyAllocatedVariableAssignment extends DataFlow::Node { + NonDynamicallyAllocatedVariableAssignment() { + exists(Variable v | + this.asExpr() = v.getAnAssignedValue() and + not this.asExpr() instanceof NullValue and + not any(AllocExprSourceToAssignedValueConfig cfg).hasFlowTo(this) + ) + } +} + +/** + * A data-flow configuration that tracks flow from an `AllocExprSource` to a `FreeExprSink`. + */ +class DynamicMemoryAllocationToFreeConfig extends DataFlow::Configuration { + DynamicMemoryAllocationToFreeConfig() { this = "DynamicMemoryAllocationToFreeConfig" } + + override predicate isSource(DataFlow::Node source) { source instanceof AllocExprSource } + + override predicate isSink(DataFlow::Node sink) { sink instanceof FreeExprSink } +} + +/** + * A data-flow configuration that tracks flow from a + * `NonDynamicallyAllocatedVariableAssignment` to a `FreeExprSink`. + */ +class NonDynamicPointerToFreeConfig extends DataFlow::Configuration { + NonDynamicPointerToFreeConfig() { this = "NonDynamicPointerToFreeConfig" } + + override predicate isSource(DataFlow::Node source) { + source instanceof NonDynamicallyAllocatedVariableAssignment + } + + override predicate isSink(DataFlow::Node sink) { sink instanceof FreeExprSink } + + override predicate isBarrierOut(DataFlow::Node node) { + // the default interprocedural data-flow model flows through any field or array assignment + // expressionsto the qualifier (array base, pointer dereferenced, or qualifier) instead of the + // individual element or field that the assignment modifies. this default behaviour causes + // false positives for future frees of the object base, so we remove the edges + // between those assignments from the graph with `isBarrierOut`. + exists(AssignExpr a | + node.asExpr() = a.getRValue() and + ( + a.getLValue() instanceof ArrayExpr or + a.getLValue() instanceof PointerDereferenceExpr or + a.getLValue() instanceof FieldAccess + ) + ) + } +} + +abstract class OnlyFreeMemoryAllocatedDynamicallySharedSharedQuery extends Query { } + +Query getQuery() { result instanceof OnlyFreeMemoryAllocatedDynamicallySharedSharedQuery } + +query predicate problems( + FreeExprSink free, string message, DataFlow::Node source, string sourceDescription +) { + not isExcluded(free.asExpr(), getQuery()) and + ( + not any(DynamicMemoryAllocationToFreeConfig cfg).hasFlowTo(free) and + not any(NonDynamicPointerToFreeConfig cfg).hasFlowTo(free) and + message = "Free expression frees non-dynamically allocated memory." and + source = free and + sourceDescription = "" + or + any(NonDynamicPointerToFreeConfig cfg).hasFlow(source, free) and + message = "Free expression frees $@ which was not dynamically allocated." and + sourceDescription = "memory" + ) +} diff --git a/cpp/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.expected b/cpp/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.expected new file mode 100644 index 0000000000..b6f56a20a5 --- /dev/null +++ b/cpp/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.expected @@ -0,0 +1 @@ +| test.cpp:23:8:23:18 | call to memcmp | memcmp accesses bits which are not part of the object's value representation. | diff --git a/cpp/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql b/cpp/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql new file mode 100644 index 0000000000..f924c33f1d --- /dev/null +++ b/cpp/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.memcmpusedtocomparepaddingdata.MemcmpUsedToComparePaddingData diff --git a/cpp/common/test/rules/memcmpusedtocomparepaddingdata/test.cpp b/cpp/common/test/rules/memcmpusedtocomparepaddingdata/test.cpp new file mode 100644 index 0000000000..9f0ba8cab7 --- /dev/null +++ b/cpp/common/test/rules/memcmpusedtocomparepaddingdata/test.cpp @@ -0,0 +1,30 @@ +#include + +struct S1 { + unsigned char buffType; + int size; + + friend bool operator==(const S1 &lhs, const S1 &rhs) { + return lhs.buffType == rhs.buffType && lhs.size == rhs.size; + } +}; + +struct S2 { + unsigned char buff[16]; +}; + +void f(const S1 &s1, const S1 &s2) { + if (s1 == s2) { + // COMPLIANT S overloads operator==() to perform a comparison of the value + // representation of the object + } +} +void f1(const S1 &s1, const S1 &s2) { + if (!std::memcmp(&s1, &s2, sizeof(S1))) { // NON_COMPLIANT + } +} + +void f2(const S2 &s1, const S2 &s2) { + if (!std::memcmp(&s1.buff, &s2.buff, sizeof(S2::buff))) { // COMPLIANT + } +} \ No newline at end of file diff --git a/rule_packages/c/IO1.json b/rule_packages/c/IO1.json index 7d7ae66645..1d90c6f28f 100644 --- a/rule_packages/c/IO1.json +++ b/rule_packages/c/IO1.json @@ -94,6 +94,7 @@ "precision": "very-high", "severity": "error", "short_name": "CloseFilesWhenTheyAreNoLongerNeeded", + "shared_implementation_short_name": "CloseFileHandleWhenNoLongerNeededShared", "tags": [ "correctness", "security" diff --git a/rule_packages/c/Memory2.json b/rule_packages/c/Memory2.json new file mode 100644 index 0000000000..23935197c6 --- /dev/null +++ b/rule_packages/c/Memory2.json @@ -0,0 +1,214 @@ +{ + "CERT-C": { + "ARR36-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Subtraction between pointers referring to differing arrays results in undefined behavior.", + "kind": "problem", + "name": "Do not subtract two pointers that do not refer to the same array", + "precision": "high", + "severity": "warning", + "short_name": "DoNotSubtractPointersThatDoNotReferToTheSameArray", + "shared_implementation_short_name": "DoNotSubtractPointersAddressingDifferentArrays", + "tags": [ + "correctness" + ] + }, + { + "description": "Comparison using the >, >=, <, and <= operators between pointers referring to differing arrays results in undefined behavior.", + "kind": "problem", + "name": "Do not subtract two pointers that do not refer to the same array", + "precision": "high", + "severity": "warning", + "short_name": "DoNotRelatePointersThatDoNotReferToTheSameArray", + "shared_implementation_short_name": "DoNotUseRelationalOperatorsWithDifferingArrays", + "tags": [ + "correctness" + ] + } + ], + "title": "Do not subtract or compare two pointers that do not refer to the same array" + }, + "EXP42-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Padding data values are unspecified and should not be included in comparisons.", + "kind": "problem", + "name": "Do not compare padding data", + "precision": "very-high", + "severity": "error", + "short_name": "DoNotComparePaddingData", + "shared_implementation_short_name": "MemcmpUsedToComparePaddingData", + "tags": [ + "correctness" + ] + } + ], + "title": "Do not compare padding data" + }, + "MEM31-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Failing to free memory that is no longer needed can lead to a memory leak and resource exhaustion.", + "kind": "problem", + "name": "Free dynamically allocated memory when no longer needed", + "precision": "very-high", + "severity": "error", + "short_name": "FreeMemoryWhenNoLongerNeededCert", + "shared_implementation_short_name": "FreeMemoryWhenNoLongerNeededShared", + "tags": [ + "correctness", + "security" + ], + "implementation_scope": { + "description": "The rule is enforced in the context of a single function." + } + } + ], + "title": "Free dynamically allocated memory when no longer needed" + }, + "MEM33-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "A structure containing a flexible array member must be allocated dynamically in order for subsequent accesses to the flexible array to point to valid memory.", + "kind": "problem", + "name": "Allocate structures containing a flexible array member dynamically", + "precision": "very-high", + "severity": "error", + "short_name": "AllocStructsWithAFlexibleArrayMemberDynamically", + "tags": [ + "correctness" + ] + }, + { + "description": "Copying a structure containing a flexbile array member by assignment ignores the flexible array member data.", + "kind": "problem", + "name": "Copy structures containing a flexible array member using memcpy or a similar function.", + "precision": "very-high", + "severity": "error", + "short_name": "CopyStructsWithAFlexibleArrayMemberDynamically", + "tags": [ + "correctness" + ] + } + ], + "title": "Allocate and copy structures containing a flexible array member dynamically" + }, + "MEM34-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Freeing memory that is not allocated dynamically can lead to heap corruption and undefined behavior.", + "kind": "problem", + "name": "Only free memory allocated dynamically", + "precision": "high", + "severity": "error", + "short_name": "OnlyFreeMemoryAllocatedDynamicallyCert", + "shared_implementation_short_name": "OnlyFreeMemoryAllocatedDynamicallyShared", + "tags": [ + "correctness", + "security" + ] + } + ], + "title": "Only free memory allocated dynamically" + }, + "MEM36-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Realloc does not preserve the alignment of memory allocated with aligned_alloc and can result in undefined behavior if reallocating more strictly aligned memory.", + "kind": "path-problem", + "name": "Do not modify the alignment of objects by calling realloc", + "precision": "high", + "severity": "error", + "short_name": "DoNotModifyAlignmentOfMemoryWithRealloc", + "tags": [ + "correctness", + "security" + ] + } + ], + "title": "Do not modify the alignment of objects by calling realloc" + } + }, + "MISRA-C-2012": { + "RULE-22-1": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Memory allocated dynamically with standard library functions should be freed to avoid memory leaks.", + "kind": "problem", + "name": "Memory allocated dynamically with Standard Library functions shall be explicitly released", + "precision": "very-high", + "severity": "error", + "short_name": "FreeMemoryWhenNoLongerNeededMisra", + "shared_implementation_short_name": "FreeMemoryWhenNoLongerNeededShared", + "tags": [ + "correctness", + "security" + ], + "implementation_scope": { + "description": "The rule is enforced in the context of a single function." + } + }, + { + "description": "File handles acquired with standard library functions should be released to avoid resource exhaustion.", + "kind": "problem", + "name": "File handles acquired with Standard Library functions shall be explicitly closed", + "precision": "very-high", + "severity": "error", + "short_name": "CloseFileHandleWhenNoLongerNeededMisra", + "shared_implementation_short_name": "CloseFileHandleWhenNoLongerNeededShared", + "tags": [ + "correctness", + "security" + ], + "implementation_scope": { + "description": "The rule is enforced in the context of a single function." + } + } + ], + "title": "All resources obtained dynamically by means of Standard Library functions shall be explicitly released" + }, + "RULE-22-2": { + "properties": { + "obligation": "mandatory" + }, + "queries": [ + { + "description": "Freeing memory that is not allocated dynamically can lead to heap corruption and undefined behavior.", + "kind": "problem", + "name": "A block of memory shall only be freed if it was allocated by means of a Standard Library function", + "precision": "high", + "severity": "error", + "short_name": "OnlyFreeMemoryAllocatedDynamicallyMisra", + "shared_implementation_short_name": "OnlyFreeMemoryAllocatedDynamicallyShared", + "tags": [ + "correctness", + "security" + ] + } + ], + "title": "A block of memory shall only be freed if it was allocated by means of a Standard Library function" + } + } +} \ No newline at end of file diff --git a/rule_packages/cpp/Representation.json b/rule_packages/cpp/Representation.json index 4428966e87..96674eef0e 100644 --- a/rule_packages/cpp/Representation.json +++ b/rule_packages/cpp/Representation.json @@ -128,6 +128,7 @@ "precision": "very-high", "severity": "error", "short_name": "MemcmpUsedToAccessObjectRepresentation", + "shared_implementation_short_name": "MemcmpUsedToComparePaddingData", "tags": [ "correctness" ] diff --git a/rules.csv b/rules.csv index d9a3863928..c3767997e0 100644 --- a/rules.csv +++ b/rules.csv @@ -559,7 +559,7 @@ c,CERT-C,MEM30-C,Yes,Rule,,,Do not access freed memory,MEM50-CPP,InvalidMemory1, c,CERT-C,MEM31-C,Yes,Rule,,,Free dynamically allocated memory when no longer needed,,Memory2,Very Hard, c,CERT-C,MEM33-C,Yes,Rule,,,Allocate and copy structures containing a flexible array member dynamically,,Memory2,Very Hard, c,CERT-C,MEM34-C,Yes,Rule,,,Only free memory allocated dynamically,,Memory2,Hard, -c,CERT-C,MEM35-C,Yes,Rule,,,Allocate sufficient memory for an object,,Memory2,Very Hard, +c,CERT-C,MEM35-C,Yes,Rule,,,Allocate sufficient memory for an object,,Memory3,Very Hard, c,CERT-C,MEM36-C,Yes,Rule,,,Do not modify the alignment of objects by calling realloc(),,Memory2,Medium, c,CERT-C,MSC30-C,Yes,Rule,,,Do not use the rand() function for generating pseudorandom numbers,MSC50-CPP,Misc,Easy, c,CERT-C,MSC32-C,Yes,Rule,,,Properly seed pseudorandom number generators,MSC51-CPP,Misc,Easy, From fc0f72bf287821ce9a3589c7aec6f861e2fd5082 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Thu, 23 Mar 2023 02:51:19 +0100 Subject: [PATCH 0829/2573] Update RuleMetadata.qll --- .../cpp/exclusions/c/RuleMetadata.qll | 15 +++------------ 1 file changed, 3 insertions(+), 12 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index fc8412b662..f600cd2ead 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -33,11 +33,8 @@ import IO4 import InvalidMemory1 import Language1 import Language2 -<<<<<<< HEAD -import Memory2 -======= import Memory1 ->>>>>>> upstream/main +import Memory2 import Misc import Pointers1 import Pointers2 @@ -88,11 +85,8 @@ newtype TCQuery = TInvalidMemory1PackageQuery(InvalidMemory1Query q) or TLanguage1PackageQuery(Language1Query q) or TLanguage2PackageQuery(Language2Query q) or -<<<<<<< HEAD - TMemory2PackageQuery(Memory2Query q) or -======= TMemory1PackageQuery(Memory1Query q) or ->>>>>>> upstream/main + TMemory2PackageQuery(Memory2Query q) or TMiscPackageQuery(MiscQuery q) or TPointers1PackageQuery(Pointers1Query q) or TPointers2PackageQuery(Pointers2Query q) or @@ -143,11 +137,8 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isInvalidMemory1QueryMetadata(query, queryId, ruleId, category) or isLanguage1QueryMetadata(query, queryId, ruleId, category) or isLanguage2QueryMetadata(query, queryId, ruleId, category) or -<<<<<<< HEAD - isMemory2QueryMetadata(query, queryId, ruleId, category) or -======= isMemory1QueryMetadata(query, queryId, ruleId, category) or ->>>>>>> upstream/main + isMemory2QueryMetadata(query, queryId, ruleId, category) or isMiscQueryMetadata(query, queryId, ruleId, category) or isPointers1QueryMetadata(query, queryId, ruleId, category) or isPointers2QueryMetadata(query, queryId, ruleId, category) or From 91170b4ae95743ec2055a80ca14aa732b1b0efd8 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Thu, 23 Mar 2023 03:02:29 +0100 Subject: [PATCH 0830/2573] MEM33-C: Remove illegal character from name --- .../MEM33-C/CopyStructsWithAFlexibleArrayMemberDynamically.ql | 2 +- rule_packages/c/Memory2.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/c/cert/src/rules/MEM33-C/CopyStructsWithAFlexibleArrayMemberDynamically.ql b/c/cert/src/rules/MEM33-C/CopyStructsWithAFlexibleArrayMemberDynamically.ql index 69f6f9feb9..b4993e2cae 100644 --- a/c/cert/src/rules/MEM33-C/CopyStructsWithAFlexibleArrayMemberDynamically.ql +++ b/c/cert/src/rules/MEM33-C/CopyStructsWithAFlexibleArrayMemberDynamically.ql @@ -1,6 +1,6 @@ /** * @id c/cert/copy-structs-with-a-flexible-array-member-dynamically - * @name MEM33-C: Copy structures containing a flexible array member using memcpy or a similar function. + * @name MEM33-C: Copy structures containing a flexible array member using memcpy or a similar function * @description Copying a structure containing a flexbile array member by assignment ignores the * flexible array member data. * @kind problem diff --git a/rule_packages/c/Memory2.json b/rule_packages/c/Memory2.json index 23935197c6..02d962ac06 100644 --- a/rule_packages/c/Memory2.json +++ b/rule_packages/c/Memory2.json @@ -95,7 +95,7 @@ { "description": "Copying a structure containing a flexbile array member by assignment ignores the flexible array member data.", "kind": "problem", - "name": "Copy structures containing a flexible array member using memcpy or a similar function.", + "name": "Copy structures containing a flexible array member using memcpy or a similar function", "precision": "very-high", "severity": "error", "short_name": "CopyStructsWithAFlexibleArrayMemberDynamically", From d1cb2a1391c3bcaf38efb1686d89b3c8ed37c026 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Thu, 23 Mar 2023 03:04:22 +0100 Subject: [PATCH 0831/2573] Format Variable.qll --- c/common/src/codingstandards/c/Variable.qll | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/c/common/src/codingstandards/c/Variable.qll b/c/common/src/codingstandards/c/Variable.qll index 6cb18dfb85..adf2f08ad9 100644 --- a/c/common/src/codingstandards/c/Variable.qll +++ b/c/common/src/codingstandards/c/Variable.qll @@ -52,17 +52,14 @@ Variable getAddressOfExprTargetBase(AddressOfExpr expr) { or result = expr.getOperand().(ArrayExpr).getArrayBase().(VariableAccess).getTarget() } - - + /** * A struct that contains a flexible array member */ class FlexibleArrayStructType extends Struct { FlexibleArrayMember member; - FlexibleArrayStructType() { - this = member.getDeclaringType() - } + FlexibleArrayStructType() { this = member.getDeclaringType() } FlexibleArrayMember getFlexibleArrayMember() { result = member } } From ae4ed14bbb110aaa93a4b58d679a201dfa548bf9 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Thu, 23 Mar 2023 03:08:05 +0100 Subject: [PATCH 0832/2573] Update rules.csv --- rules.csv | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/rules.csv b/rules.csv index 5d8d816604..68a4ced7d4 100644 --- a/rules.csv +++ b/rules.csv @@ -664,7 +664,7 @@ c,MISRA-C-2012,RULE-9-1,Yes,Mandatory,,,The value of an object with automatic st c,MISRA-C-2012,RULE-9-2,Yes,Required,,,The initializer for an aggregate or union shall be enclosed in braces,,Memory1,Easy, c,MISRA-C-2012,RULE-9-3,Yes,Required,,,Arrays shall not be partially initialized,,Memory1,Medium, c,MISRA-C-2012,RULE-9-4,Yes,Required,,,An element of an object shall not be initialized more than once,,Memory1,Medium, -c,MISRA-C-2012,RULE-9-5,Yes,Required,,,Where designated initializers are used to initialize an array object the size of the array shall be specified explicitly,,Memory2,Medium, +c,MISRA-C-2012,RULE-9-5,No,Required,,,Where designated initializers are used to initialize an array object the size of the array shall be specified explicitly,,Memory2,Medium, c,MISRA-C-2012,RULE-10-1,Yes,Required,,,Operands shall not be of an inappropriate essential type,,EssentialTypes,Hard, c,MISRA-C-2012,RULE-10-2,Yes,Required,,,Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations,,EssentialTypes,Medium, c,MISRA-C-2012,RULE-10-3,Yes,Required,,,The value of an expression shall not be assigned to an object with a narrower essential type or of a different essential type category,,EssentialTypes,Hard, @@ -759,7 +759,7 @@ c,MISRA-C-2012,RULE-21-13,Yes,Mandatory,,,Any value passed to a function in shall not result in accesses beyond the bounds of the objects referenced by their pointer parameters,,Memory2,Hard, +c,MISRA-C-2012,RULE-21-17,Yes,Mandatory,,,Use of the string handling functions from shall not result in accesses beyond the bounds of the objects referenced by their pointer parameters,,OutOfBounds,Hard, c,MISRA-C-2012,RULE-21-18,Yes,Mandatory,,,The size_t argument passed to any function in shall have an appropriate value,,OutOfBounds,Hard, c,MISRA-C-2012,RULE-21-19,Yes,Mandatory,,,"The pointers returned by the Standard Library functions localeconv, getenv, setlocale or, strerror shall only be used as if they have pointer to const-qualified type",ENV30-C,Contracts2,Medium, c,MISRA-C-2012,RULE-21-20,Yes,Mandatory,,,"The pointer returned by the Standard Library functions asctime, ctime, gmtime, localtime, localeconv, getenv, setlocale or strerror shall not be used following a subsequent call to the same function","ENV34-C",Contracts2,Import, From 0c2a7061900df7086bd8b551ad6f1649508f789b Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Thu, 23 Mar 2023 03:08:20 +0100 Subject: [PATCH 0833/2573] EXP62-CPP: Generate help files --- .../MemcmpUsedToAccessObjectRepresentation.md | 150 +++++++++++++++++- .../MemcpyUsedToAccessObjectRepresentation.md | 2 +- .../MemsetUsedToAccessObjectRepresentation.md | 2 +- 3 files changed, 150 insertions(+), 4 deletions(-) diff --git a/cpp/cert/src/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation.md b/cpp/cert/src/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation.md index 44380a3b49..165436a126 100644 --- a/cpp/cert/src/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation.md +++ b/cpp/cert/src/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation.md @@ -3,9 +3,155 @@ This query implements the CERT-C++ rule EXP62-CPP: > Do not access the bits of an object representation that are not part of the object's value representation -## CERT -** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** + +## Description + +The C++ Standard, \[basic.types\], paragraph 9 \[[ISO/IEC 14882-2014](https://wiki.sei.cmu.edu/confluence/display/cplusplus/AA.+Bibliography#AA.Bibliography-ISO%2FIEC14882-2014)\], states the following: + +> The *object representation* of an object of type `T` is the sequence of *N* `unsigned char` objects taken up by the object of type `T`, where *N* equals `sizeof(T)`. The *value representation* of an object is the set of bits that hold the value of type `T`. + + +The narrow character types (`char`, `signed char`, and `unsigned char`)—as well as some other integral types on specific platforms—have an object representation that consists solely of the bits from the object's value representation. For such types, accessing any of the bits of the value representation is well-defined behavior. This form of object representation allows a programmer to access and modify an object solely based on its bit representation, such as by calling `std::memcmp()` on its object representation. + +Other types, such as classes, may not have an object representation composed solely of the bits from the object's value representation. For instance, classes may have bit-field data members, padding inserted between data members, a [vtable](https://wiki.sei.cmu.edu/confluence/display/cplusplus/BB.+Definitions#BB.Definitions-vtable) to support virtual method dispatch, or data members declared with different access privileges. For such types, accessing bits of the object representation that are not part of the object's value representation may result in [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/cplusplus/BB.+Definitions#BB.Definitions-undefinedbehavior) depending on how those bits are accessed. + +Do not access the bits of an object representation that are not part of the object's value representation. Even if the bits are accessed in a well-defined manner, such as through an array of `unsigned char` objects, the values represented by those bits are unspecified or implementation-defined, and reliance on any particular value can lead to abnormal program execution. + +## Noncompliant Code Example + +In this noncompliant code example, the complete object representation is accessed when comparing two objects of type `S`. Per the C++ Standard, \[class\], paragraph 13 \[[ISO/IEC 14882-2014](https://wiki.sei.cmu.edu/confluence/display/cplusplus/AA.+Bibliography#AA.Bibliography-ISO%2FIEC14882-2014)\], classes may be padded with data to ensure that they are properly aligned in memory. The contents of the padding and the amount of padding added is [implementation-defined](https://wiki.sei.cmu.edu/confluence/display/cplusplus/BB.+Definitions#BB.Definitions-implementation-definedbehavior). This can lead to incorrect results when comparing the object representation of classes instead of the value representation, as the padding may assume different [unspecified values](https://wiki.sei.cmu.edu/confluence/display/cplusplus/BB.+Definitions#BB.Definitions-unspecifiedvalue) for each object instance. + +```cpp +#include + +struct S { + unsigned char buffType; + int size; +}; + +void f(const S &s1, const S &s2) { + if (!std::memcmp(&s1, &s2, sizeof(S))) { + // ... + } +} +``` + +## Compliant Solution + +In this compliant solution, `S` overloads `operator==()` to perform a comparison of the value representation of the object. + +```cpp +struct S { + unsigned char buffType; + int size; + + friend bool operator==(const S &lhs, const S &rhs) { + return lhs.buffType == rhs.buffType && + lhs.size == rhs.size; + } +}; + +void f(const S &s1, const S &s2) { + if (s1 == s2) { + // ... + } +} +``` + +## Noncompliant Code Example + +In this noncompliant code example, `std::memset()` is used to clear the internal state of an object. An [implementation](https://wiki.sei.cmu.edu/confluence/display/cplusplus/BB.+Definitions#BB.Definitions-implementation) may store a vtable within the object instance due to the presence of a virtual function, and that vtable is subsequently overwritten by the call to `std::memset()`, leading to [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/cplusplus/BB.+Definitions#BB.Definitions-undefinedbehavior) when virtual method dispatch is required. + +```cpp +#include + +struct S { + int i, j, k; + + // ... + + virtual void f(); +}; + +void f() { + S *s = new S; + // ... + std::memset(s, 0, sizeof(S)); + // ... + s->f(); // undefined behavior +} +``` + +## Compliant Solution + +In this compliant solution, the data members of `S` are cleared explicitly instead of calling `std::memset().` + +```cpp +struct S { + int i, j, k; + + // ... + + virtual void f(); + void clear() { i = j = k = 0; } +}; + +void f() { + S *s = new S; + // ... + s->clear(); + // ... + s->f(); // ok +} +``` + +## Exceptions + +**EXP62-CPP-EX1:** It is permissible to access the bits of an object representation when that access is otherwise unobservable in well-defined code. Specifically, reading bits that are not part of the value representation is permissible when there is no reliance or assumptions placed on their values, and writing bits that are not part of the value representation is only permissible when those bits are padding bits. This exception does not permit writing to bits that are part of the object representation aside from padding bits, such as overwriting a vtable pointer. + +For instance, it is acceptable to call `std::memcpy()` on an object containing a bit-field, as in the following example, because the read and write of the padding bits cannot be observed. + +```cpp +#include + +struct S { + int i : 10; + int j; +}; + +void f(const S &s1) { + S s2; + std::memcpy(&s2, &s1, sizeof(S)); +} +``` +Code that complies with this exception must still comply with [OOP57-CPP. Prefer special member functions and overloaded operators to C Standard Library functions](https://wiki.sei.cmu.edu/confluence/display/cplusplus/OOP57-CPP.+Prefer+special+member+functions+and+overloaded+operators+to+C+Standard+Library+functions). + +## Risk Assessment + +The effects of accessing bits of an object representation that are not part of the object's value representation can range from [implementation-defined behavior](https://wiki.sei.cmu.edu/confluence/display/cplusplus/BB.+Definitions#BB.Definitions-implementation-definedbehavior) (such as assuming the layout of fields with differing access controls) to code execution [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/cplusplus/BB.+Definitions#BB.Definitions-vulnerability) (such as overwriting the vtable pointer). + +
    Rule Severity Likelihood Remediation Cost Priority Level
    EXP62-CPP High Probable High P6 L2
    + + +## Automated Detection + +
    Tool Version Checker Description
    Astrée 22.10 invalid_pointer_dereferenceuninitialized_variable_use
    CodeSonar 7.2p0 BADFUNC.MEMCMP BADFUNC.MEMSET Use of memcmp Use of memset
    Helix QAC 2022.4 DF4726, DF4727, DF4728, DF4729, DF4731, DF4732, DF4733, DF4734
    Klocwork 2022.4 CERT.MEMCMP.PADDED_DATA CWARN.MEM.NONPOD
    LDRA tool suite 618 S Partially implemented
    Parasoft C/C++test 2022.2 CERT_CPP-EXP62-a Do not compare objects of a class that may contain padding bits with C standard library functions
    Polyspace Bug Finder R2023a CERT C++: EXP62-CPP Checks for access attempts on padding and vtable bits (rule fully covered).
    PVS-Studio 7.23 V598 , V780, V1084
    + + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/cplusplus/BB.+Definitions#BB.Definitions-vulnerabil) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+EXP62-CPP). + +## Related Guidelines + +
    SEI CERT C++ Coding Standard OOP57-CPP. Prefer special member functions and overloaded operators to C Standard Library functions
    + + +## Bibliography + +
    \[ ISO/IEC 14882-2014 \] Subclause 3.9, "Types" Subclause 3.10, "Lvalues and Rvalues" Clause 9, "Classes"
    + ## Implementation notes diff --git a/cpp/cert/src/rules/EXP62-CPP/MemcpyUsedToAccessObjectRepresentation.md b/cpp/cert/src/rules/EXP62-CPP/MemcpyUsedToAccessObjectRepresentation.md index 1dd80f651c..3301a7eacb 100644 --- a/cpp/cert/src/rules/EXP62-CPP/MemcpyUsedToAccessObjectRepresentation.md +++ b/cpp/cert/src/rules/EXP62-CPP/MemcpyUsedToAccessObjectRepresentation.md @@ -136,7 +136,7 @@ The effects of accessing bits of an object representation that are not part of t ## Automated Detection -
    Tool Version Checker Description
    Astrée 20.10 invalid_pointer_dereferenceuninitialized_variable_use
    CodeSonar 7.0p0 BADFUNC.MEMCMP BADFUNC.MEMSET Use of memcmp Use of memset
    Helix QAC 2022.2 C++4726, C++4727, C++4728, C++4729, C++4731, C++4732, C++4733, C++4734
    LDRA tool suite 618 S Partially implemented
    Parasoft C/C++test 2022.1 CERT_CPP-EXP62-a Do not compare objects of a class that may contain padding bits with C standard library functions
    PVS-Studio 7.19 V598 , V780, V1084
    +
    Tool Version Checker Description
    Astrée 22.10 invalid_pointer_dereferenceuninitialized_variable_use
    CodeSonar 7.2p0 BADFUNC.MEMCMP BADFUNC.MEMSET Use of memcmp Use of memset
    Helix QAC 2022.4 DF4726, DF4727, DF4728, DF4729, DF4731, DF4732, DF4733, DF4734
    Klocwork 2022.4 CERT.MEMCMP.PADDED_DATA CWARN.MEM.NONPOD
    LDRA tool suite 618 S Partially implemented
    Parasoft C/C++test 2022.2 CERT_CPP-EXP62-a Do not compare objects of a class that may contain padding bits with C standard library functions
    Polyspace Bug Finder R2023a CERT C++: EXP62-CPP Checks for access attempts on padding and vtable bits (rule fully covered).
    PVS-Studio 7.23 V598 , V780, V1084
    ## Related Vulnerabilities diff --git a/cpp/cert/src/rules/EXP62-CPP/MemsetUsedToAccessObjectRepresentation.md b/cpp/cert/src/rules/EXP62-CPP/MemsetUsedToAccessObjectRepresentation.md index 5f37a5f449..77874d3110 100644 --- a/cpp/cert/src/rules/EXP62-CPP/MemsetUsedToAccessObjectRepresentation.md +++ b/cpp/cert/src/rules/EXP62-CPP/MemsetUsedToAccessObjectRepresentation.md @@ -136,7 +136,7 @@ The effects of accessing bits of an object representation that are not part of t ## Automated Detection -
    Tool Version Checker Description
    Astrée 20.10 invalid_pointer_dereferenceuninitialized_variable_use
    CodeSonar 7.0p0 BADFUNC.MEMCMP BADFUNC.MEMSET Use of memcmp Use of memset
    Helix QAC 2022.2 C++4726, C++4727, C++4728, C++4729, C++4731, C++4732, C++4733, C++4734
    LDRA tool suite 618 S Partially implemented
    Parasoft C/C++test 2022.1 CERT_CPP-EXP62-a Do not compare objects of a class that may contain padding bits with C standard library functions
    PVS-Studio 7.19 V598 , V780, V1084
    +
    Tool Version Checker Description
    Astrée 22.10 invalid_pointer_dereferenceuninitialized_variable_use
    CodeSonar 7.2p0 BADFUNC.MEMCMP BADFUNC.MEMSET Use of memcmp Use of memset
    Helix QAC 2022.4 DF4726, DF4727, DF4728, DF4729, DF4731, DF4732, DF4733, DF4734
    Klocwork 2022.4 CERT.MEMCMP.PADDED_DATA CWARN.MEM.NONPOD
    LDRA tool suite 618 S Partially implemented
    Parasoft C/C++test 2022.2 CERT_CPP-EXP62-a Do not compare objects of a class that may contain padding bits with C standard library functions
    Polyspace Bug Finder R2023a CERT C++: EXP62-CPP Checks for access attempts on padding and vtable bits (rule fully covered).
    PVS-Studio 7.23 V598 , V780, V1084
    ## Related Vulnerabilities From bfa08639c05da631d689c331507f63d409a33cde Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Thu, 23 Mar 2023 03:14:39 +0100 Subject: [PATCH 0834/2573] Remove RULE-9-5 from Memory2 package --- rules.csv | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rules.csv b/rules.csv index 68a4ced7d4..7947930f4b 100644 --- a/rules.csv +++ b/rules.csv @@ -664,7 +664,7 @@ c,MISRA-C-2012,RULE-9-1,Yes,Mandatory,,,The value of an object with automatic st c,MISRA-C-2012,RULE-9-2,Yes,Required,,,The initializer for an aggregate or union shall be enclosed in braces,,Memory1,Easy, c,MISRA-C-2012,RULE-9-3,Yes,Required,,,Arrays shall not be partially initialized,,Memory1,Medium, c,MISRA-C-2012,RULE-9-4,Yes,Required,,,An element of an object shall not be initialized more than once,,Memory1,Medium, -c,MISRA-C-2012,RULE-9-5,No,Required,,,Where designated initializers are used to initialize an array object the size of the array shall be specified explicitly,,Memory2,Medium, +c,MISRA-C-2012,RULE-9-5,No,Required,,,Where designated initializers are used to initialize an array object the size of the array shall be specified explicitly,,,Medium, c,MISRA-C-2012,RULE-10-1,Yes,Required,,,Operands shall not be of an inappropriate essential type,,EssentialTypes,Hard, c,MISRA-C-2012,RULE-10-2,Yes,Required,,,Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations,,EssentialTypes,Medium, c,MISRA-C-2012,RULE-10-3,Yes,Required,,,The value of an expression shall not be assigned to an object with a narrower essential type or of a different essential type category,,EssentialTypes,Hard, From 2b1ebfec78521892a1f3137fbdec669f6ef10062 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Thu, 23 Mar 2023 03:14:53 +0100 Subject: [PATCH 0835/2573] Remove duplicate MaxAlignT code --- .../DoNotModifyAlignmentOfMemoryWithRealloc.ql | 2 +- .../src/codingstandards/cpp/Allocations.qll | 18 ------------------ 2 files changed, 1 insertion(+), 19 deletions(-) diff --git a/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql b/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql index 79a337f036..48279993d5 100644 --- a/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql +++ b/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.c.cert -import codingstandards.cpp.Allocations +import codingstandards.cpp.Alignment import semmle.code.cpp.dataflow.DataFlow import DataFlow::PathGraph diff --git a/cpp/common/src/codingstandards/cpp/Allocations.qll b/cpp/common/src/codingstandards/cpp/Allocations.qll index f0523d2d0b..db47b0b028 100644 --- a/cpp/common/src/codingstandards/cpp/Allocations.qll +++ b/cpp/common/src/codingstandards/cpp/Allocations.qll @@ -168,21 +168,3 @@ predicate freeExprOrIndirect(Expr free, Expr freed, string kind) { free.(FunctionCall).getArgument(arg) = freed ) } - -class MaxAlignT extends TypedefType { - MaxAlignT() { getName() = "max_align_t" } -} - -/** - * Gets the alignment for `max_align_t`, assuming there is a single consistent alignment for the - * database. - * - * In theory, each compilation of each file can have a different `max_align_t` value (for example, - * if the same file is compiled under different compilers in the same database). We don't have the - * fine-grained data to determine which compilation each operator new call is from, so only hold in - * cases where there's a single clear alignment for the whole database. - */ -int getGlobalMaxAlignT() { - count(MaxAlignT m | | m.getAlignment()) = 1 and - result = any(MaxAlignT t).getAlignment() -} From 37787242c3ce3c3022c4cb03ab95824019962c25 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Wed, 22 Mar 2023 20:13:00 -0700 Subject: [PATCH 0836/2573] Incorporate changes for INT36-C --- ...tingAPointerToIntegerOrIntegerToPointer.ql | 106 +++++++----------- 1 file changed, 40 insertions(+), 66 deletions(-) diff --git a/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql b/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql index 2971c07770..f85f838c9e 100644 --- a/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql +++ b/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql @@ -17,85 +17,59 @@ class LiteralZero extends Literal { LiteralZero() { this.getValue() = "0" } } -class StdIntIntPtrType extends IntPointerType { +class StdIntIntPtrType extends Type { StdIntIntPtrType() { - this.getFile().(HeaderFile).getBaseName() = "stdint.h" and - this.getName().regexpMatch("u?intptr_t") - } -} + exists(TypeDeclarationEntry entry | + /* + * Just check if there is a header file, + * because we don't know what header file the declaration might live in + */ -/* 1. Declaring an integer variable to hold a pointer value or the opposite, excluding compliant exceptions */ -predicate integerVariableWithPointerValue(Variable var, string message) { - ( - // Declaring an integer variable to hold a pointer value - var.getUnderlyingType() instanceof IntType and - var.getAnAssignedValue().getUnderlyingType() instanceof PointerType and - message = - "Integer variable " + var + " is declared as an expression " + var.getAnAssignedValue() + - ", which is of a pointer type." - or - // Declaring an pointer variable to hold a integer value - var.getUnderlyingType() instanceof PointerType and - var.getAnAssignedValue().getUnderlyingType() instanceof IntType and - message = - "Pointer variable " + var + " is declared as an expression " + var.getAnAssignedValue() + - ", which is of integer type." - ) and - /* Compliant exception 1: literal 0 */ - not var.getAnAssignedValue() instanceof LiteralZero and - /* Compliant exception 2: variable's declared type is (u)intptr_t */ - not var.getUnderlyingType() instanceof StdIntIntPtrType -} + exists(entry.getFile().(HeaderFile)) and + entry.getType() = this and + this.getName().regexpMatch("u?intptr_t") + ) + } -/* 2. Assigning an integer variable a pointer a pointer value, excluding literal 0 */ -predicate assigningPointerValueToInteger(Assignment assign, string message) { - ( - assign.getLValue().getUnderlyingType() instanceof IntType and - assign.getRValue().getUnderlyingType() instanceof PointerType and - message = - "Integer variable " + assign.getLValue() + " is assigned an expression " + assign.getRValue() + - ", which is of a pointer type." - or - assign.getLValue().getUnderlyingType() instanceof PointerType and - assign.getRValue().getUnderlyingType() instanceof IntType and - message = - "Pointer variable " + assign.getLValue() + " is assigned an expression " + assign.getRValue() + - ", which is of integer type." - ) and - /* Compliant exception 1: literal 0 */ - not assign.getRValue() instanceof LiteralZero and - /* Compliant exception 2: variable's declared type is (u)intptr_t */ - not assign.getLValue().getUnderlyingType() instanceof StdIntIntPtrType + override string toString() { + if this.getName() = "uintptr_t" then result = "uintptr_t" else result = "intptr_t" + } } -/* 3. Casting a pointer value to integer, excluding literal 0 */ -predicate castingPointerToInteger(Cast cast, string message) { - not cast.isCompilerGenerated() and - ( - cast.getExpr().getUnderlyingType() instanceof IntType and - cast.getUnderlyingType() instanceof PointerType and - message = "Integer expression " + cast.getExpr() + " is cast to a pointer type." +/** + * Casting a pointer value to integer, excluding literal 0. + * Includes implicit conversions made during declarations or assignments. + */ +predicate conversionBetweenPointerAndInteger(Cast cast, string message) { + /* Ensure that `int` has different size than that of pointers */ + exists(IntType intType, PointerType ptrType | intType.getSize() < ptrType.getSize() | + cast.getExpr().getUnderlyingType() = intType and + cast.getUnderlyingType() = ptrType and + if cast.isCompilerGenerated() + then message = "Integer expression " + cast.getExpr() + " is implicitly cast to a pointer type." + else message = "Integer expression " + cast.getExpr() + " is cast to a pointer type." or - cast.getExpr().getUnderlyingType() instanceof PointerType and - cast.getUnderlyingType() instanceof IntType and - message = "Pointer expression " + cast.getExpr() + " is cast to integer type." + cast.getExpr().getUnderlyingType() = ptrType and + cast.getUnderlyingType() = intType and + if cast.isCompilerGenerated() + then + message = "Pointer expression " + cast.getExpr() + " is implicitly cast to an integer type." + else message = "Pointer expression " + cast.getExpr() + " is cast to an integer type." ) and /* Compliant exception 1: literal 0 */ not cast.getExpr() instanceof LiteralZero and /* Compliant exception 2: variable's declared type is (u)intptr_t */ - not cast.getUnderlyingType() instanceof StdIntIntPtrType + not ( + cast.getType() instanceof StdIntIntPtrType and + cast.getExpr().getType() instanceof VoidPointerType + or + cast.getType() instanceof VoidPointerType and + cast.getExpr().getType() instanceof StdIntIntPtrType + ) } from Element elem, string message where not isExcluded(elem, TypesPackage::convertingAPointerToIntegerOrIntegerToPointerQuery()) and - ( - integerVariableWithPointerValue(elem, message) - or - assigningPointerValueToInteger(elem, message) - or - castingPointerToInteger(elem, message) - ) and - /* Ensure that `int` has different size than that of pointers */ - forall(IntType intType, PointerType ptrType | intType.getSize() != ptrType.getSize()) + conversionBetweenPointerAndInteger(elem, message) select elem, message From b9f0750c2006d618cbc54ab9f2e711bf69e153a2 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Wed, 22 Mar 2023 20:14:23 -0700 Subject: [PATCH 0837/2573] Add more FP suspect case --- cpp/autosar/test/rules/A0-1-1/options.clang | 1 - cpp/autosar/test/rules/A0-1-1/test.cpp | 8 ++++++-- 2 files changed, 6 insertions(+), 3 deletions(-) delete mode 100644 cpp/autosar/test/rules/A0-1-1/options.clang diff --git a/cpp/autosar/test/rules/A0-1-1/options.clang b/cpp/autosar/test/rules/A0-1-1/options.clang deleted file mode 100644 index 751f1364f6..0000000000 --- a/cpp/autosar/test/rules/A0-1-1/options.clang +++ /dev/null @@ -1 +0,0 @@ --Wall \ No newline at end of file diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index 3319064b5b..45cee07d65 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -27,8 +27,12 @@ static void foo(B &b) noexcept { B b2 = B(); auto b3 = &b2; b3->g(); - auto b2 = b; - b2.g(); + B &b4 = b; + b4.g(); + auto &b5 = *new B(); + b5.g(); + auto &b5 = new B(); + b5.g(); } template void test() { From 3928d06b0fc9c4421a03f7d46a68d93e5a50ebba Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Wed, 22 Mar 2023 20:45:30 -0700 Subject: [PATCH 0838/2573] Add test for gcc --- .../CtypeFunctionArgNotUnsignedCharorEof.expected.gcc | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharorEof.expected.gcc diff --git a/c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharorEof.expected.gcc b/c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharorEof.expected.gcc new file mode 100644 index 0000000000..6af28a74db --- /dev/null +++ b/c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharorEof.expected.gcc @@ -0,0 +1,2 @@ +| test.c:14:7:14:17 | isalnum(c) | The function isalnum(c) accepts an argument (...) that is not an unsigned char nor an EOF. | +| test.c:20:7:20:17 | isalnum(c) | The function isalnum(c) accepts an argument (...) that is not an unsigned char nor an EOF. | \ No newline at end of file From 922d0e514bd805717010448e83ad837e587ba63a Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Thu, 23 Mar 2023 11:55:07 +0100 Subject: [PATCH 0839/2573] Revert CloseFileHandleWhenNoLongerNeededShared.qll change --- .../CloseFileHandleWhenNoLongerNeededShared.qll | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.qll b/cpp/common/src/codingstandards/cpp/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.qll index a1df75fe11..3d65ea3662 100644 --- a/cpp/common/src/codingstandards/cpp/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.qll @@ -10,6 +10,14 @@ import semmle.code.cpp.controlflow.StackVariableReachability import codingstandards.cpp.standardlibrary.FileAccess import codingstandards.cpp.Allocations +/** + * Extend the NullValue class used by Nullness.qll to include simple -1 as a 'null' value + * (for example 'open' returns -1 if there was an error) + */ +class MinusOne extends NullValue { + MinusOne() { this.(UnaryMinusExpr).getOperand().(Literal).getValue() = "1" } +} + /** * 'call' is either a direct call to f, or a possible call to f * via a function pointer. @@ -22,7 +30,7 @@ predicate mayCallFunction(Expr call, Function f) { predicate fopenCallOrIndirect(Expr e) { // direct allocation call - allocExpr(e, _) and + opened(e) and // We are only interested in allocation calls that are // actually freed somehow, as MemoryNeverFreed // will catch those that aren't. From db92ee6bf1a9ded74cfe361e45f210c19d419c65 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Thu, 23 Mar 2023 11:59:09 +0100 Subject: [PATCH 0840/2573] Regenerate help files --- .../ARR36-C/DoNotRelatePointersThatDoNotReferToTheSameArray.md | 1 - .../DoNotSubtractPointersThatDoNotReferToTheSameArray.md | 1 - c/cert/src/rules/EXP42-C/DoNotComparePaddingData.md | 1 - c/cert/src/rules/MEM31-C/FreeMemoryWhenNoLongerNeededCert.md | 1 - .../MEM33-C/CopyStructsWithAFlexibleArrayMemberDynamically.md | 2 +- .../src/rules/MEM34-C/OnlyFreeMemoryAllocatedDynamicallyCert.md | 1 - .../rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.md | 1 - 7 files changed, 1 insertion(+), 7 deletions(-) diff --git a/c/cert/src/rules/ARR36-C/DoNotRelatePointersThatDoNotReferToTheSameArray.md b/c/cert/src/rules/ARR36-C/DoNotRelatePointersThatDoNotReferToTheSameArray.md index 90d073c18f..320eaa0c05 100644 --- a/c/cert/src/rules/ARR36-C/DoNotRelatePointersThatDoNotReferToTheSameArray.md +++ b/c/cert/src/rules/ARR36-C/DoNotRelatePointersThatDoNotReferToTheSameArray.md @@ -5,7 +5,6 @@ This query implements the CERT-C rule ARR36-C: > Do not subtract or compare two pointers that do not refer to the same array - ## Description When two pointers are subtracted, both must point to elements of the same array object or just one past the last element of the array object (C Standard, 6.5.6 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\]); the result is the difference of the subscripts of the two array elements. Otherwise, the operation is [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). (See [undefined behavior 48](https://wiki.sei.cmu.edu/confluence/display/c/CC.+Undefined+Behavior#CC.UndefinedBehavior-ub_48).) diff --git a/c/cert/src/rules/ARR36-C/DoNotSubtractPointersThatDoNotReferToTheSameArray.md b/c/cert/src/rules/ARR36-C/DoNotSubtractPointersThatDoNotReferToTheSameArray.md index 90d073c18f..320eaa0c05 100644 --- a/c/cert/src/rules/ARR36-C/DoNotSubtractPointersThatDoNotReferToTheSameArray.md +++ b/c/cert/src/rules/ARR36-C/DoNotSubtractPointersThatDoNotReferToTheSameArray.md @@ -5,7 +5,6 @@ This query implements the CERT-C rule ARR36-C: > Do not subtract or compare two pointers that do not refer to the same array - ## Description When two pointers are subtracted, both must point to elements of the same array object or just one past the last element of the array object (C Standard, 6.5.6 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\]); the result is the difference of the subscripts of the two array elements. Otherwise, the operation is [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). (See [undefined behavior 48](https://wiki.sei.cmu.edu/confluence/display/c/CC.+Undefined+Behavior#CC.UndefinedBehavior-ub_48).) diff --git a/c/cert/src/rules/EXP42-C/DoNotComparePaddingData.md b/c/cert/src/rules/EXP42-C/DoNotComparePaddingData.md index 0bfa1e25fc..297b718852 100644 --- a/c/cert/src/rules/EXP42-C/DoNotComparePaddingData.md +++ b/c/cert/src/rules/EXP42-C/DoNotComparePaddingData.md @@ -5,7 +5,6 @@ This query implements the CERT-C rule EXP42-C: > Do not compare padding data - ## Description The C Standard, 6.7.2.1 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\], states diff --git a/c/cert/src/rules/MEM31-C/FreeMemoryWhenNoLongerNeededCert.md b/c/cert/src/rules/MEM31-C/FreeMemoryWhenNoLongerNeededCert.md index 09a6ce7219..d3c849331a 100644 --- a/c/cert/src/rules/MEM31-C/FreeMemoryWhenNoLongerNeededCert.md +++ b/c/cert/src/rules/MEM31-C/FreeMemoryWhenNoLongerNeededCert.md @@ -5,7 +5,6 @@ This query implements the CERT-C rule MEM31-C: > Free dynamically allocated memory when no longer needed - ## Description Before the lifetime of the last pointer that stores the return value of a call to a standard memory allocation function has ended, it must be matched by a call to `free()` with that pointer value. diff --git a/c/cert/src/rules/MEM33-C/CopyStructsWithAFlexibleArrayMemberDynamically.md b/c/cert/src/rules/MEM33-C/CopyStructsWithAFlexibleArrayMemberDynamically.md index 34d1aa6287..3fe0840a96 100644 --- a/c/cert/src/rules/MEM33-C/CopyStructsWithAFlexibleArrayMemberDynamically.md +++ b/c/cert/src/rules/MEM33-C/CopyStructsWithAFlexibleArrayMemberDynamically.md @@ -1,4 +1,4 @@ -# MEM33-C: Copy structures containing a flexible array member using memcpy or a similar function. +# MEM33-C: Copy structures containing a flexible array member using memcpy or a similar function This query implements the CERT-C rule MEM33-C: diff --git a/c/cert/src/rules/MEM34-C/OnlyFreeMemoryAllocatedDynamicallyCert.md b/c/cert/src/rules/MEM34-C/OnlyFreeMemoryAllocatedDynamicallyCert.md index c5772adb4b..c6fa7eb298 100644 --- a/c/cert/src/rules/MEM34-C/OnlyFreeMemoryAllocatedDynamicallyCert.md +++ b/c/cert/src/rules/MEM34-C/OnlyFreeMemoryAllocatedDynamicallyCert.md @@ -5,7 +5,6 @@ This query implements the CERT-C rule MEM34-C: > Only free memory allocated dynamically - ## Description The C Standard, Annex J \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\], states that the behavior of a program is [undefined ](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior) when diff --git a/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.md b/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.md index aca1b78530..51cf1b2179 100644 --- a/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.md +++ b/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.md @@ -5,7 +5,6 @@ This query implements the CERT-C rule MEM36-C: > Do not modify the alignment of objects by calling realloc - ## Description Do not invoke `realloc()` to modify the size of allocated objects that have stricter alignment requirements than those guaranteed by `malloc()`. Storage allocated by a call to the standard `aligned_alloc()` function, for example, can have stricter than normal alignment requirements. The C standard requires only that a pointer returned by `realloc()` be suitably aligned so that it may be assigned to a pointer to any type of object with a fundamental alignment requirement. From 298db28b7300691bb36e4225e791bf0ae614fbd5 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 23 Mar 2023 15:06:33 +0000 Subject: [PATCH 0841/2573] Rule 17.2: Address performance/corretness issues Simplify the query to only refer to one function call, which improves performance and addresses a correctness issue when a function calls a recursive function. --- .../rules/RULE-17-2/RecursiveFunctionCondition.ql | 12 +++++------- .../RULE-17-2/RecursiveFunctionCondition.expected | 1 - 2 files changed, 5 insertions(+), 8 deletions(-) diff --git a/c/misra/src/rules/RULE-17-2/RecursiveFunctionCondition.ql b/c/misra/src/rules/RULE-17-2/RecursiveFunctionCondition.ql index e1f8180aee..cad5a95236 100644 --- a/c/misra/src/rules/RULE-17-2/RecursiveFunctionCondition.ql +++ b/c/misra/src/rules/RULE-17-2/RecursiveFunctionCondition.ql @@ -14,14 +14,12 @@ import cpp import codingstandards.c.misra -from FunctionCall call, string msg, FunctionCall fc +from FunctionCall fc, Function f, string msg where not isExcluded(fc, Statements3Package::recursiveFunctionConditionQuery()) and - fc.getTarget() = call.getTarget() and - call.getTarget().calls*(call.getEnclosingFunction()) and - if fc.getTarget() = fc.getEnclosingFunction() + fc.getEnclosingFunction() = f and + fc.getTarget().calls*(f) and + if fc.getTarget() = f then msg = "This call directly invokes its containing function $@." - else - msg = - "The function " + fc.getEnclosingFunction() + " is indirectly recursive via this call to $@." + else msg = "The function " + f + " is indirectly recursive via this call to $@." select fc, msg, fc.getTarget(), fc.getTarget().getName() diff --git a/c/misra/test/rules/RULE-17-2/RecursiveFunctionCondition.expected b/c/misra/test/rules/RULE-17-2/RecursiveFunctionCondition.expected index 5c40b93b1c..39f173fa8d 100644 --- a/c/misra/test/rules/RULE-17-2/RecursiveFunctionCondition.expected +++ b/c/misra/test/rules/RULE-17-2/RecursiveFunctionCondition.expected @@ -1,4 +1,3 @@ | test.c:8:3:8:4 | call to f3 | This call directly invokes its containing function $@. | test.c:7:6:7:7 | f3 | f3 | -| test.c:11:3:11:4 | call to f3 | The function f6 is indirectly recursive via this call to $@. | test.c:7:6:7:7 | f3 | f3 | | test.c:15:3:15:4 | call to f2 | The function f5 is indirectly recursive via this call to $@. | test.c:17:6:17:7 | f2 | f2 | | test.c:18:3:18:4 | call to f5 | The function f2 is indirectly recursive via this call to $@. | test.c:14:6:14:7 | f5 | f5 | From 1dffd73af749fcb18dac6e1a62234a0ad032d6c9 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 23 Mar 2023 15:10:01 +0000 Subject: [PATCH 0842/2573] Rule 17.2: Simplify alert message. --- c/misra/src/rules/RULE-17-2/RecursiveFunctionCondition.ql | 4 ++-- .../rules/RULE-17-2/RecursiveFunctionCondition.expected | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/c/misra/src/rules/RULE-17-2/RecursiveFunctionCondition.ql b/c/misra/src/rules/RULE-17-2/RecursiveFunctionCondition.ql index cad5a95236..b6f13c4d1f 100644 --- a/c/misra/src/rules/RULE-17-2/RecursiveFunctionCondition.ql +++ b/c/misra/src/rules/RULE-17-2/RecursiveFunctionCondition.ql @@ -20,6 +20,6 @@ where fc.getEnclosingFunction() = f and fc.getTarget().calls*(f) and if fc.getTarget() = f - then msg = "This call directly invokes its containing function $@." - else msg = "The function " + f + " is indirectly recursive via this call to $@." + then msg = f + " calls itself directly." + else msg = f + " is indirectly recursive via this call to $@." select fc, msg, fc.getTarget(), fc.getTarget().getName() diff --git a/c/misra/test/rules/RULE-17-2/RecursiveFunctionCondition.expected b/c/misra/test/rules/RULE-17-2/RecursiveFunctionCondition.expected index 39f173fa8d..06b8b5b762 100644 --- a/c/misra/test/rules/RULE-17-2/RecursiveFunctionCondition.expected +++ b/c/misra/test/rules/RULE-17-2/RecursiveFunctionCondition.expected @@ -1,3 +1,3 @@ -| test.c:8:3:8:4 | call to f3 | This call directly invokes its containing function $@. | test.c:7:6:7:7 | f3 | f3 | -| test.c:15:3:15:4 | call to f2 | The function f5 is indirectly recursive via this call to $@. | test.c:17:6:17:7 | f2 | f2 | -| test.c:18:3:18:4 | call to f5 | The function f2 is indirectly recursive via this call to $@. | test.c:14:6:14:7 | f5 | f5 | +| test.c:8:3:8:4 | call to f3 | f3 calls itself directly. | test.c:7:6:7:7 | f3 | f3 | +| test.c:15:3:15:4 | call to f2 | f5 is indirectly recursive via this call to $@. | test.c:17:6:17:7 | f2 | f2 | +| test.c:18:3:18:4 | call to f5 | f2 is indirectly recursive via this call to $@. | test.c:14:6:14:7 | f5 | f5 | From 71f6d17da5c03ae257703323aaf268633b02697e Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 23 Mar 2023 17:34:31 +0000 Subject: [PATCH 0843/2573] Rule 15.5: Exclude functions without user bodies * Fix bracketing * Exclude compiler generated functions and functions without bodies. --- .../src/rules/RULE-15-5/FunctionReturnCondition.ql | 14 +++++++++----- c/misra/test/rules/RULE-15-5/test.c | 4 +++- 2 files changed, 12 insertions(+), 6 deletions(-) diff --git a/c/misra/src/rules/RULE-15-5/FunctionReturnCondition.ql b/c/misra/src/rules/RULE-15-5/FunctionReturnCondition.ql index b26de24322..806ab55ebd 100644 --- a/c/misra/src/rules/RULE-15-5/FunctionReturnCondition.ql +++ b/c/misra/src/rules/RULE-15-5/FunctionReturnCondition.ql @@ -18,9 +18,13 @@ import codingstandards.c.misra from Function func, string message where not isExcluded(func, Statements5Package::functionReturnConditionQuery()) and - count(ReturnStmt return | return.getEnclosingFunction() = func) > 1 and - message = "Function has more than on return statement." - or - not func.getBlock().getLastStmt() instanceof ReturnStmt and - message = "The last statement of the function is not a return statement." + func.hasDefinition() and + not func.isCompilerGenerated() and + ( + count(ReturnStmt return | return.getEnclosingFunction() = func) > 1 and + message = "Function has more than on return statement." + or + not func.getBlock().getLastStmt() instanceof ReturnStmt and + message = "The last statement of the function is not a return statement." + ) select func, message diff --git a/c/misra/test/rules/RULE-15-5/test.c b/c/misra/test/rules/RULE-15-5/test.c index 80667338a2..cbe36668f5 100644 --- a/c/misra/test/rules/RULE-15-5/test.c +++ b/c/misra/test/rules/RULE-15-5/test.c @@ -24,4 +24,6 @@ void f4(int p1) { // NON_COMPLIANT } return; p1++; -} \ No newline at end of file +} + +void f5(); // Ignored - no body \ No newline at end of file From 4b6a01d79d98dbde87399d085d4500a112545e52 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 23 Mar 2023 13:42:03 -0400 Subject: [PATCH 0844/2573] format fix --- cpp/common/src/codingstandards/cpp/UndefinedBehavior.qll | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/UndefinedBehavior.qll b/cpp/common/src/codingstandards/cpp/UndefinedBehavior.qll index 425ab32aec..85e2f64612 100644 --- a/cpp/common/src/codingstandards/cpp/UndefinedBehavior.qll +++ b/cpp/common/src/codingstandards/cpp/UndefinedBehavior.qll @@ -1,6 +1,8 @@ -import cpp +import cpp + /** * Library for modeling undefined behavior. */ -abstract class UndefinedBehavior extends Locatable {} -abstract class CPPUndefinedBehavior extends UndefinedBehavior {} +abstract class UndefinedBehavior extends Locatable { } + +abstract class CPPUndefinedBehavior extends UndefinedBehavior { } From fee555cf14fb4286864c52c3d554ddc126471ed9 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 23 Mar 2023 19:00:37 +0100 Subject: [PATCH 0845/2573] RULE-19-1 support and test for memcpy unions --- .../ObjectCopiedToAnOverlappingObject.ql | 15 +++++++-- ...ObjectCopiedToAnOverlappingObject.expected | 1 + c/misra/test/rules/RULE-19-1/test.c | 32 +++++++++++++++++++ 3 files changed, 46 insertions(+), 2 deletions(-) diff --git a/c/misra/src/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.ql b/c/misra/src/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.ql index 58d41fab46..915f7cf1bb 100644 --- a/c/misra/src/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.ql +++ b/c/misra/src/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.ql @@ -15,6 +15,15 @@ import codingstandards.c.misra import semmle.code.cpp.valuenumbering.GlobalValueNumbering import semmle.code.cpp.dataflow.DataFlow +/** + * Offset in bytes of a field access + */ +int getAccessByteOffset(FieldAccess fa) { + not fa.getQualifier() instanceof FieldAccess and result = fa.getTarget().getByteOffset() + or + result = fa.getTarget().getByteOffset() + getAccessByteOffset(fa.getQualifier()) +} + /** * Models calls to memcpy on overlapping objects */ @@ -40,7 +49,8 @@ class MemcpyCall extends Locatable { result = [ e.(VariableAccess), e.(PointerAddExpr).getLeftOperand(), - e.(AddressOfExpr).getOperand().(ArrayExpr).getArrayBase() + e.(AddressOfExpr).getOperand().(ArrayExpr).getArrayBase+(), + e.(AddressOfExpr).getOperand().(ValueFieldAccess).getQualifier+() ] } @@ -48,7 +58,8 @@ class MemcpyCall extends Locatable { result = [ e.(PointerAddExpr).getRightOperand().getValue().toInt(), - e.(AddressOfExpr).getOperand().(ArrayExpr).getArrayOffset().getValue().toInt() + e.(AddressOfExpr).getOperand().(ArrayExpr).getArrayOffset().getValue().toInt(), + getAccessByteOffset(e.(AddressOfExpr).getOperand()), ] or e instanceof VariableAccess and result = 0 diff --git a/c/misra/test/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.expected b/c/misra/test/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.expected index 54aaa82cdc..53fa5d317c 100644 --- a/c/misra/test/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.expected +++ b/c/misra/test/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.expected @@ -2,3 +2,4 @@ | test.c:7:3:7:8 | call to memcpy | The object to copy $@ overlaps the object to copy $@. | test.c:7:17:7:21 | & ... | from | test.c:7:10:7:14 | & ... | to | | test.c:8:3:8:8 | call to memcpy | The object to copy $@ overlaps the object to copy $@. | test.c:8:17:8:17 | o | from | test.c:8:10:8:14 | ... + ... | to | | test.c:10:3:10:8 | call to memcpy | The object to copy $@ overlaps the object to copy $@. | test.c:10:17:10:21 | ... + ... | from | test.c:10:10:10:14 | ... + ... | to | +| test.c:52:3:52:8 | call to memcpy | The object to copy $@ overlaps the object to copy $@. | test.c:52:21:52:26 | & ... | from | test.c:52:10:52:18 | & ... | to | diff --git a/c/misra/test/rules/RULE-19-1/test.c b/c/misra/test/rules/RULE-19-1/test.c index a360e34085..52ec744faf 100644 --- a/c/misra/test/rules/RULE-19-1/test.c +++ b/c/misra/test/rules/RULE-19-1/test.c @@ -20,3 +20,35 @@ void g(void) { // Exception 2 memmove(&o[1], &o[0], 2u * sizeof(o[0])); // COMPLIANT } + +struct s1 { + int m1[10]; +}; +struct s2 { + int m1; + struct s1 m2; +}; +union u { + struct s1 m1; + struct s2 m2; +} u1; + +typedef struct { + char buf[8]; +} Union_t; +union { + unsigned char uc[24]; + struct { + Union_t prefix; + Union_t suffix; + } fnv; + struct { + unsigned char padding[16]; + Union_t suffix; + } diff; +} u2; + +void test_unions() { + memcpy(&u1.m2.m2, &u1.m1, sizeof(u1.m1)); // NON_COMPLIANT + memcpy(&u2.diff.suffix, &u2.fnv.suffix, sizeof(u2.fnv.suffix)); // COMPLIANT +} \ No newline at end of file From aaa1044dc6caf6bb561bc95c0e5127a384ba6c79 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 23 Mar 2023 18:11:36 +0000 Subject: [PATCH 0846/2573] Rule 15.5: Improvements * Exclude compiler generated return statements * Exclude functions with more than one block * Improve alert message * Only report that the last statement is not a return, if there's at least one return statement in the block. --- .../RULE-15-5/FunctionReturnCondition.ql | 25 ++++++++++++++----- .../FunctionReturnCondition.expected | 9 ++++--- 2 files changed, 24 insertions(+), 10 deletions(-) diff --git a/c/misra/src/rules/RULE-15-5/FunctionReturnCondition.ql b/c/misra/src/rules/RULE-15-5/FunctionReturnCondition.ql index 806ab55ebd..2fb5ad9d65 100644 --- a/c/misra/src/rules/RULE-15-5/FunctionReturnCondition.ql +++ b/c/misra/src/rules/RULE-15-5/FunctionReturnCondition.ql @@ -15,16 +15,29 @@ import cpp import codingstandards.c.misra -from Function func, string message +class UserWrittenReturnStmt extends ReturnStmt { + UserWrittenReturnStmt() { not this.isCompilerGenerated() } +} + +from Function func, string message, UserWrittenReturnStmt returnStmt where not isExcluded(func, Statements5Package::functionReturnConditionQuery()) and func.hasDefinition() and + // Ignore functions which have multiple bodies + count(func.getBlock()) = 1 and + // Ignore functions which are compiler generated not func.isCompilerGenerated() and + // Report all the return statements in the function + returnStmt.getEnclosingFunction() = func and ( - count(ReturnStmt return | return.getEnclosingFunction() = func) > 1 and - message = "Function has more than on return statement." + // There is more than one return statement + count(UserWrittenReturnStmt return | return.getEnclosingFunction() = func) > 1 and + message = "Function has more than one $@." or - not func.getBlock().getLastStmt() instanceof ReturnStmt and - message = "The last statement of the function is not a return statement." + // There is exactly one return statement + count(UserWrittenReturnStmt return | return.getEnclosingFunction() = func) = 1 and + // But it is not the last statement in the function + not func.getBlock().getLastStmt() instanceof UserWrittenReturnStmt and + message = "The $@ is not the last statement of the function." ) -select func, message +select func, message, returnStmt, "return statement" diff --git a/c/misra/test/rules/RULE-15-5/FunctionReturnCondition.expected b/c/misra/test/rules/RULE-15-5/FunctionReturnCondition.expected index 48ee45bfdd..dde5d709dd 100644 --- a/c/misra/test/rules/RULE-15-5/FunctionReturnCondition.expected +++ b/c/misra/test/rules/RULE-15-5/FunctionReturnCondition.expected @@ -1,4 +1,5 @@ -| test.c:1:6:1:7 | f1 | Function has more than on return statement. | -| test.c:14:6:14:7 | f3 | The last statement of the function is not a return statement. | -| test.c:21:6:21:7 | f4 | Function has more than on return statement. | -| test.c:21:6:21:7 | f4 | The last statement of the function is not a return statement. | +| test.c:1:6:1:7 | f1 | Function has more than one $@. | test.c:3:5:3:11 | return ... | return statement | +| test.c:1:6:1:7 | f1 | Function has more than one $@. | test.c:5:3:5:9 | return ... | return statement | +| test.c:14:6:14:7 | f3 | The $@ is not the last statement of the function. | test.c:17:3:17:9 | return ... | return statement | +| test.c:21:6:21:7 | f4 | Function has more than one $@. | test.c:23:5:23:11 | return ... | return statement | +| test.c:21:6:21:7 | f4 | Function has more than one $@. | test.c:25:3:25:9 | return ... | return statement | From f6686d1ba67bdfd4a6280fb562f5194a48923c81 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 23 Mar 2023 19:46:24 +0100 Subject: [PATCH 0847/2573] Fix MSC39-C after review --- ...ArgOnAVaListThatHasAnIndeterminateValue.ql | 35 ++++++++++++------- ...VaListThatHasAnIndeterminateValue.expected | 4 +++ c/cert/test/rules/MSC39-C/test.c | 16 ++++----- 3 files changed, 34 insertions(+), 21 deletions(-) diff --git a/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql b/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql index 8e7f4c5119..ed5a6a368a 100644 --- a/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql +++ b/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql @@ -15,13 +15,22 @@ import codingstandards.c.cert import codingstandards.cpp.Macro import semmle.code.cpp.dataflow.DataFlow +abstract class VaAccess extends Expr { } + /** * The argument of a call to `va_arg` */ -class VaArgArg extends Expr { +class VaArgArg extends VaAccess { VaArgArg() { this = any(MacroInvocation m | m.getMacroName() = ["va_arg"]).getExpr().getChild(0) } } +/** + * The argument of a call to `va_end` + */ +class VaEndArg extends VaAccess { + VaEndArg() { this = any(MacroInvocation m | m.getMacroName() = ["va_end"]).getExpr().getChild(0) } +} + /** * Dataflow configuration for flow from a library function * to a call of function `asctime` @@ -34,13 +43,13 @@ class VaArgConfig extends DataFlow::Configuration { any(VariableDeclarationEntry m | m.getType().hasName("va_list")).getVariable() } - override predicate isSink(DataFlow::Node sink) { sink.asExpr() instanceof VaArgArg } + override predicate isSink(DataFlow::Node sink) { sink.asExpr() instanceof VaAccess } } /** * Controlflow nodes preceeding a call to `va_arg` */ -ControlFlowNode preceedsFC(VaArgArg va_arg) { +ControlFlowNode preceedsFC(VaAccess va_arg) { result = va_arg or exists(ControlFlowNode mid | @@ -49,25 +58,25 @@ ControlFlowNode preceedsFC(VaArgArg va_arg) { // stop recursion on va_end on the same object not result = any(MacroInvocation m | - m.getMacroName() = ["va_end"] and + m.getMacroName() = ["va_start"] and m.getExpr().getChild(0).(VariableAccess).getTarget() = va_arg.(VariableAccess).getTarget() ).getExpr() ) } -predicate sameSource(VaArgArg va_arg1, VaArgArg va_arg2) { +predicate sameSource(VaAccess e1, VaAccess e2) { exists(VaArgConfig config, DataFlow::Node source | - config.hasFlow(source, DataFlow::exprNode(va_arg1)) and - config.hasFlow(source, DataFlow::exprNode(va_arg2)) + config.hasFlow(source, DataFlow::exprNode(e1)) and + config.hasFlow(source, DataFlow::exprNode(e2)) ) } -from VaArgArg va_arg1, VaArgArg va_arg2, FunctionCall fc +from VaAccess va_acc, VaArgArg va_arg, FunctionCall fc where - not isExcluded(va_arg1, + not isExcluded(va_acc, Contracts7Package::doNotCallVaArgOnAVaListThatHasAnIndeterminateValueQuery()) and - sameSource(va_arg1, va_arg2) and - fc = preceedsFC(va_arg1) and - fc.getTarget().calls*(va_arg2.getEnclosingFunction()) -select va_arg1, "The value of " + va_arg1.toString() + " is indeterminate after the $@.", fc, + sameSource(va_acc, va_arg) and + fc = preceedsFC(va_acc) and + fc.getTarget().calls*(va_arg.getEnclosingFunction()) +select va_acc, "The value of " + va_acc.toString() + " is indeterminate after the $@.", fc, fc.toString() diff --git a/c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.expected b/c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.expected index 945d8579d7..2b7bb2bdbc 100644 --- a/c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.expected +++ b/c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.expected @@ -1,2 +1,6 @@ | test.c:23:32:23:33 | ap | The value of ap is indeterminate after the $@. | test.c:17:7:17:19 | call to contains_zero | call to contains_zero | +| test.c:26:10:26:11 | ap | The value of ap is indeterminate after the $@. | test.c:17:7:17:19 | call to contains_zero | call to contains_zero | +| test.c:39:12:39:13 | ap | The value of ap is indeterminate after the $@. | test.c:35:7:35:19 | call to contains_zero | call to contains_zero | +| test.c:48:10:48:11 | ap | The value of ap is indeterminate after the $@. | test.c:35:7:35:19 | call to contains_zero | call to contains_zero | | test.c:65:34:65:35 | ap | The value of ap is indeterminate after the $@. | test.c:58:7:58:19 | call to contains_zero | call to contains_zero | +| test.c:71:10:71:11 | ap | The value of ap is indeterminate after the $@. | test.c:58:7:58:19 | call to contains_zero | call to contains_zero | diff --git a/c/cert/test/rules/MSC39-C/test.c b/c/cert/test/rules/MSC39-C/test.c index 5e946da70e..5e88092534 100644 --- a/c/cert/test/rules/MSC39-C/test.c +++ b/c/cert/test/rules/MSC39-C/test.c @@ -15,7 +15,7 @@ int f1a(size_t count, ...) { va_start(ap, count); if (contains_zero(count, ap)) { - va_end(ap); + va_start(ap, count); return 1; } @@ -23,7 +23,7 @@ int f1a(size_t count, ...) { printf("%f ", 1.0 / va_arg(ap, double)); // NON_COMPLIANT } - va_end(ap); + va_end(ap); // NON_COMPLIANT return 0; } @@ -36,7 +36,7 @@ int f1b(size_t count, ...) { printf("0 in arguments!\n"); status = 1; } else { - va_end(ap); + va_end(ap); // NON_COMPLIANT va_start(ap, count); for (size_t i = 0; i < count; i++) { printf("%f ", 1.0 / va_arg(ap, double)); // COMPLIANT @@ -45,7 +45,7 @@ int f1b(size_t count, ...) { status = 0; } - va_end(ap); + va_end(ap); // NON_COMPLIANT return status; } @@ -59,7 +59,7 @@ int f1c(size_t count, ...) { printf("0 in arguments!\n"); status = 1; } else { - va_end(ap1); // ending the wrong va_list object + va_end(ap1); // COMPLIANT va_start(ap1, count); for (size_t i = 0; i < count; i++) { printf("%f ", 1.0 / va_arg(ap, double)); // NON_COMPLIANT @@ -68,7 +68,7 @@ int f1c(size_t count, ...) { status = 0; } - va_end(ap); + va_end(ap); // NON_COMPLIANT return status; } @@ -80,7 +80,7 @@ int contains_zero_ok(size_t count, va_list *ap) { return 1; } } - va_end(ap1); + va_end(ap1); // COMPLIANT return 0; } @@ -100,6 +100,6 @@ int print_reciprocals_ok(size_t count, ...) { status = 0; } - va_end(ap); + va_end(ap); // COMPLIANT return status; } From c0ba6a75ddbc04c28ae90edf72c2e65d78a6752c Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 23 Mar 2023 20:09:01 +0100 Subject: [PATCH 0848/2573] Fix review finds for SIG30-C --- .../CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql | 2 +- c/cert/test/rules/SIG30-C/test.c | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql b/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql index a87df99050..0da48daa70 100644 --- a/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql +++ b/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql @@ -86,7 +86,7 @@ class ApplicationAsyncSafeFunction extends AsyncSafeFunction { } /** - * Call to function `raise` withing a signal handler with mismatching signals + * Call to function `raise` within a signal handler with mismatching signals * ``` * void int_handler(int signum) { * raise(SIGTERM); diff --git a/c/cert/test/rules/SIG30-C/test.c b/c/cert/test/rules/SIG30-C/test.c index 629bb26b61..fa1502b998 100644 --- a/c/cert/test/rules/SIG30-C/test.c +++ b/c/cert/test/rules/SIG30-C/test.c @@ -13,12 +13,12 @@ void handler1(int signum) { } int f1(void) { - if (signal(SIGINT, handler1) == SIG_ERR) // COMPLIANT + if (signal(SIGINT, handler1) == SIG_ERR) { //... } - log_local_unsafe(); // COMPLIANT + log_local_unsafe(); return 0; } @@ -33,7 +33,7 @@ int f2(void) { } while (!eflag) { - log_local_unsafe(); // COMPLIANT + log_local_unsafe(); } return 0; @@ -113,7 +113,7 @@ int f6(void) { // ... } - if (raise(SIGINT) != 0) // COMPLIANT + if (raise(SIGINT) != 0) { // ... } From 6075d74f974094da2f96857568f4d843ede69276 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 23 Mar 2023 20:22:35 +0100 Subject: [PATCH 0849/2573] Fix test format --- c/cert/test/rules/SIG30-C/test.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/c/cert/test/rules/SIG30-C/test.c b/c/cert/test/rules/SIG30-C/test.c index fa1502b998..451c0652ad 100644 --- a/c/cert/test/rules/SIG30-C/test.c +++ b/c/cert/test/rules/SIG30-C/test.c @@ -13,8 +13,7 @@ void handler1(int signum) { } int f1(void) { - if (signal(SIGINT, handler1) == SIG_ERR) - { + if (signal(SIGINT, handler1) == SIG_ERR) { //... } @@ -113,8 +112,7 @@ int f6(void) { // ... } - if (raise(SIGINT) != 0) - { + if (raise(SIGINT) != 0) { // ... } From 7ca66b40b816827d9aea360cdc44510b5ddb8faf Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 23 Mar 2023 20:23:31 +0100 Subject: [PATCH 0850/2573] Fix SIG30-C expect file --- .../CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected b/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected index b9bccef26a..a601fe63f4 100644 --- a/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected +++ b/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected @@ -1,4 +1,4 @@ | test.c:10:3:10:18 | call to log_local_unsafe | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:16:7:16:12 | call to signal | signal handler | | test.c:11:3:11:6 | call to free | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:16:7:16:12 | call to signal | signal handler | -| test.c:47:3:47:9 | call to longjmp | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:51:7:51:12 | call to signal | signal handler | -| test.c:77:7:77:11 | call to raise | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:92:7:92:12 | call to signal | signal handler | +| test.c:46:3:46:9 | call to longjmp | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:50:7:50:12 | call to signal | signal handler | +| test.c:76:7:76:11 | call to raise | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:91:7:91:12 | call to signal | signal handler | From 5d4b6745ab9d119d1d33171b2b9de9d2fc58ed7f Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 23 Mar 2023 20:46:49 +0100 Subject: [PATCH 0851/2573] Adapt expected.qcc --- ...allOnlyAsyncSafeFunctionsWithinSignalHandlers.expected.qcc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected.qcc b/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected.qcc index 36cc55c782..c09204460a 100644 --- a/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected.qcc +++ b/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected.qcc @@ -1,4 +1,4 @@ | test.c:10:3:10:18 | call to log_local_unsafe | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:16:7:16:12 | call to signal | signal handler | | test.c:11:3:11:6 | call to free | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:16:7:16:12 | call to signal | signal handler | -| test.c:47:3:47:17 | call to siglongjmp | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:51:7:51:12 | call to signal | signal handler | -| test.c:77:7:77:11 | call to raise | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:92:7:92:12 | call to signal | signal handler | +| test.c:46:3:46:17 | call to siglongjmp | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:51:7:51:12 | call to signal | signal handler | +| test.c:76:7:76:11 | call to raise | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:92:7:92:12 | call to signal | signal handler | From 3b9a6c515c32f3593768c14fb8a9c5f4475fecb0 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 23 Mar 2023 15:56:50 -0400 Subject: [PATCH 0852/2573] quiet down matrix testing --- .github/workflows/dispatch-matrix-check.yml | 2 +- .../dispatch-matrix-test-on-comment.yml | 47 +++++++++++++++++++ 2 files changed, 48 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/dispatch-matrix-test-on-comment.yml diff --git a/.github/workflows/dispatch-matrix-check.yml b/.github/workflows/dispatch-matrix-check.yml index 09e23b425f..a1cf8606a1 100644 --- a/.github/workflows/dispatch-matrix-check.yml +++ b/.github/workflows/dispatch-matrix-check.yml @@ -4,7 +4,7 @@ on: pull_request_target: types: [synchronize,opened] branches: - - "**" + - "matrix/**" workflow_dispatch: jobs: diff --git a/.github/workflows/dispatch-matrix-test-on-comment.yml b/.github/workflows/dispatch-matrix-test-on-comment.yml new file mode 100644 index 0000000000..654cc6c980 --- /dev/null +++ b/.github/workflows/dispatch-matrix-test-on-comment.yml @@ -0,0 +1,47 @@ +name: 🤖 Run Matrix Check (On Comment) + +on: + issue_comment: + types: [created] + branches: + - main + - "rc/**" + - next + +jobs: + dispatch-matrix-check: + runs-on: ubuntu-latest + steps: + + - name: Test Variables + shell: pwsh + run: | + Write-Host "Running as: ${{github.actor}}" + + $actor = "${{github.actor}}" + + $acl = @("jsinglet","mbaluda", "lcartey", "rvermeulen", "ravikprasad", "jeongsoolee09", "hohn", "knewbury01", "kraiouchkine") + + if(-not ($actor -in $acl)){ + throw "Refusing to run workflow for user not in acl." + } + + + - name: Dispatch Matrix Testing Job + if: ${{ github.event.issue.pull_request && contains(github.event.comment.body, '/test-matrix') }} + uses: peter-evans/repository-dispatch@v2 + with: + token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} + repository: github/codeql-coding-standards-release-engineering + event-type: matrix-test + client-payload: '{"pr": "${{ github.event.number }}"}' + + - uses: actions/github-script@v6 + with: + script: | + github.rest.issues.createComment({ + issue_number: context.issue.number, + owner: context.repo.owner, + repo: context.repo.repo, + body: '🤖 Beep Boop! Matrix Testing for this PR has been initiated. Please check back later for results.

    :bulb: If you do not hear back from me please check my status! **I will report even if this PR does not contain files eligible for matrix testing.**' + }) \ No newline at end of file From c098321d72498e68c36990d331be300af33dd3f5 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 23 Mar 2023 20:58:38 +0100 Subject: [PATCH 0853/2573] qcc expected file --- ...allOnlyAsyncSafeFunctionsWithinSignalHandlers.expected.qcc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected.qcc b/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected.qcc index c09204460a..9bbf6be660 100644 --- a/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected.qcc +++ b/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected.qcc @@ -1,4 +1,4 @@ | test.c:10:3:10:18 | call to log_local_unsafe | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:16:7:16:12 | call to signal | signal handler | | test.c:11:3:11:6 | call to free | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:16:7:16:12 | call to signal | signal handler | -| test.c:46:3:46:17 | call to siglongjmp | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:51:7:51:12 | call to signal | signal handler | -| test.c:76:7:76:11 | call to raise | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:92:7:92:12 | call to signal | signal handler | +| test.c:46:3:46:17 | call to siglongjmp | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:50:7:50:12 | call to signal | signal handler | +| test.c:76:7:76:11 | call to raise | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:91:7:91:12 | call to signal | signal handler | From c5ef34afe9e24a27c5413d1bb2f599dad83e7235 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 23 Mar 2023 16:03:18 -0400 Subject: [PATCH 0854/2573] doesn't need to be on any particular merge branch --- .github/workflows/dispatch-matrix-test-on-comment.yml | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/.github/workflows/dispatch-matrix-test-on-comment.yml b/.github/workflows/dispatch-matrix-test-on-comment.yml index 654cc6c980..9f8e77edaa 100644 --- a/.github/workflows/dispatch-matrix-test-on-comment.yml +++ b/.github/workflows/dispatch-matrix-test-on-comment.yml @@ -3,10 +3,6 @@ name: 🤖 Run Matrix Check (On Comment) on: issue_comment: types: [created] - branches: - - main - - "rc/**" - - next jobs: dispatch-matrix-check: @@ -26,7 +22,7 @@ jobs: throw "Refusing to run workflow for user not in acl." } - + - name: Dispatch Matrix Testing Job if: ${{ github.event.issue.pull_request && contains(github.event.comment.body, '/test-matrix') }} uses: peter-evans/repository-dispatch@v2 From a293557c7c89f000a6ffc26d72a6b5108e559438 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 23 Mar 2023 16:32:34 -0400 Subject: [PATCH 0855/2573] note --- rule_packages/c/Language3.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rule_packages/c/Language3.json b/rule_packages/c/Language3.json index e659debf1b..d48444a4ab 100644 --- a/rule_packages/c/Language3.json +++ b/rule_packages/c/Language3.json @@ -40,7 +40,7 @@ "readability" ], "implementation_scope": { - "description": "This implementation only considers alternate forms of `main` and the undefined behavior that results. Additional cases from Appendix J of the C99 standard are not currently considered." + "description": "This implementation only considers alternate forms of `main` and the undefined behavior that results. Note that the current version of CodeQL is not able to detect this issue if a function is named `main` since it will assume the return type and formal parameters. Additional cases from Appendix J of the C99 standard are not currently considered." } } ], From f5bfa52b2540e42ea6829628124809601776af3f Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Thu, 23 Mar 2023 23:15:53 +0100 Subject: [PATCH 0856/2573] Regenerate help files to resolve format issue --- c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.md | 1 - c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.md | 2 +- c/cert/src/rules/INT32-C/SignedIntegerOverflow.md | 1 - c/cert/src/rules/INT33-C/DivOrRemByZero.md | 1 - c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.md | 1 - 5 files changed, 1 insertion(+), 5 deletions(-) diff --git a/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.md b/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.md index 48ede39b5f..d57756b4b5 100644 --- a/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.md +++ b/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.md @@ -5,7 +5,6 @@ This query implements the CERT-C rule INT30-C: > Ensure that unsigned integer operations do not wrap - ## Description The C Standard, 6.2.5, paragraph 9 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\], states diff --git a/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.md b/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.md index 54d5e7d2ae..4c53db68ad 100644 --- a/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.md +++ b/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.md @@ -5,7 +5,6 @@ This query implements the CERT-C rule INT31-C: > Ensure that integer conversions do not result in lost or misinterpreted data - ## Description Integer conversions, both implicit and explicit (using a cast), must be guaranteed not to result in lost or misinterpreted data. This rule is particularly true for integer values that originate from untrusted sources and are used in any of the following ways: @@ -294,6 +293,7 @@ Integer truncation errors can lead to buffer overflows and the execution of arbi ## Automated Detection
    Tool Version Checker Description
    Astrée 22.04 Supported via MISRA C:2012 Rules 10.1, 10.3, 10.4, 10.6 and 10.7
    CodeSonar 7.2p0 LANG.CAST.PC.AVLANG.CAST.PC.CONST2PTRLANG.CAST.PC.INT LANG.CAST.COERCELANG.CAST.VALUE ALLOC.SIZE.TRUNCMISC.MEM.SIZE.TRUNC LANG.MEM.TBA Cast: arithmetic type/void pointer Conversion: integer constant to pointer Conversion: pointer/integer Coercion alters value Cast alters value Truncation of allocation size Truncation of size Tainted buffer access
    Compass/ROSE Can detect violations of this rule. However, false warnings may be raised if limits.h is included
    Coverity \* 2017.07 NEGATIVE_RETURNS REVERSE_NEGATIVE MISRA_CAST Can find array accesses, loop bounds, and other expressions that may contain dangerous implied integer conversions that would result in unexpected behavior Can find instances where a negativity check occurs after the negative value has been used for something else Can find instances where an integer expression is implicitly converted to a narrower integer type, where the signedness of an integer value is implicitly converted, or where the type of a complex expression is implicitly converted
    Cppcheck 1.66 memsetValueOutOfRange The second argument to memset() cannot be represented as unsigned char
    Helix QAC 2022.4 C2850, C2855, C2890, C2895, C2900, C2905, C++2850, C++2855, C++2890, C++2895, C++2900, C++2905, C++3000, C++3010 DF2851, DF2852, DF2853, DF2856, DF2857, DF2858, DF2891, DF2892, DF2893, DF2896, DF2897, DF2898, DF2901, DF2902, DF2903, DF2906, DF2907, DF2908
    Klocwork 2022.4 PORTING.CAST.SIZE
    LDRA tool suite 9.7.1 93 S , 433 S , 434 S Partially implemented
    Parasoft C/C++test 2022.2 CERT_C-INT31-a CERT_C-INT31-b CERT_C-INT31-c CERT_C-INT31-d CERT_C-INT31-e CERT_C-INT31-f CERT_C-INT31-g CERT_C-INT31-h CERT_C-INT31-i CERT_C-INT31-j CERT_C-INT31-k CERT_C-INT31-l CERT_C-INT31-m CERT_C-INT31-nCERT_C-INT31-o An expression of essentially Boolean type should always be used where an operand is interpreted as a Boolean value An operand of essentially Boolean type should not be used where an operand is interpreted as a numeric value An operand of essentially character type should not be used where an operand is interpreted as a numeric value An operand of essentially enum type should not be used in an arithmetic operation Shift and bitwise operations should not be performed on operands of essentially signed or enum type An operand of essentially signed or enum type should not be used as the right hand operand to the bitwise shifting operator An operand of essentially unsigned type should not be used as the operand to the unary minus operator The value of an expression shall not be assigned to an object with a narrower essential type The value of an expression shall not be assigned to an object of a different essential type category Both operands of an operator in which the usual arithmetic conversions are performed shall have the same essential type category The second and third operands of the ternary operator shall have the same essential type category The value of a composite expression shall not be assigned to an object with wider essential type If a composite expression is used as one operand of an operator in which the usual arithmetic conversions are performed then the other operand shall not have wider essential type If a composite expression is used as one (second or third) operand of a conditional operator then the other operand shall not have wider essential type Avoid integer overflows
    Polyspace Bug Finder R2022b CERT C: Rule INT31-C Checks for: Integer conversion overflownteger conversion overflow, call to memset with unintended value all to memset with unintended value , sign change integer conversion overflowign change integer conversion overflow, tainted sign change conversionainted sign change conversion, unsigned integer conversion overflownsigned integer conversion overflow. Rule partially covered.
    PRQA QA-C 9.7 2850, 2851, 2852, 2853, 2855, 2856, 2857, 2858, 2890, 2891, 2892, 2893, 2895, 2896, 2897, 2898 2900, 2901, 2902, 2903, 2905, 2906, 2907, 2908 Partially implemented
    PRQA QA-C++ 4.4 2850, 2851, 2852, 2853, 2855, 2856, 2857, 2858, 2890, 2891, 2892, 2893, 2895, 2896, 2897, 2898, 2900, 2901, 2902, 2903, 2905, 2906, 2907, 2908, 3000, 3010
    PVS-Studio 7.23 V562 , V569 , V642 , V676 , V716 , V721 , V724 , V732 , V739 , V784 , V793 , V1019 , V1029 , V1046
    RuleChecker 22.04 Supported via MISRA C:2012 Rules 10.1, 10.3, 10.4, 10.6 and 10.7
    TrustInSoft Analyzer 1.38 signed_downcast Exhaustively verified.
    +
    Tool Version Checker Description
    Astrée 22.04 Supported via MISRA C:2012 Rules 10.1, 10.3, 10.4, 10.6 and 10.7
    CodeSonar 7.2p0 LANG.CAST.PC.AVLANG.CAST.PC.CONST2PTRLANG.CAST.PC.INT LANG.CAST.COERCELANG.CAST.VALUE ALLOC.SIZE.TRUNCMISC.MEM.SIZE.TRUNC LANG.MEM.TBA Cast: arithmetic type/void pointer Conversion: integer constant to pointer Conversion: pointer/integer Coercion alters value Cast alters value Truncation of allocation size Truncation of size Tainted buffer access
    Compass/ROSE Can detect violations of this rule. However, false warnings may be raised if limits.h is included
    Coverity \* 2017.07 NEGATIVE_RETURNS REVERSE_NEGATIVE MISRA_CAST Can find array accesses, loop bounds, and other expressions that may contain dangerous implied integer conversions that would result in unexpected behavior Can find instances where a negativity check occurs after the negative value has been used for something else Can find instances where an integer expression is implicitly converted to a narrower integer type, where the signedness of an integer value is implicitly converted, or where the type of a complex expression is implicitly converted
    Cppcheck 1.66 memsetValueOutOfRange The second argument to memset() cannot be represented as unsigned char
    Helix QAC 2022.4 C2850, C2855, C2890, C2895, C2900, C2905, C++2850, C++2855, C++2890, C++2895, C++2900, C++2905, C++3000, C++3010 DF2851, DF2852, DF2853, DF2856, DF2857, DF2858, DF2891, DF2892, DF2893, DF2896, DF2897, DF2898, DF2901, DF2902, DF2903, DF2906, DF2907, DF2908
    Klocwork 2022.4 PORTING.CAST.SIZE
    LDRA tool suite 9.7.1 93 S , 433 S , 434 S Partially implemented
    Parasoft C/C++test 2022.2 CERT_C-INT31-a CERT_C-INT31-b CERT_C-INT31-c CERT_C-INT31-d CERT_C-INT31-e CERT_C-INT31-f CERT_C-INT31-g CERT_C-INT31-h CERT_C-INT31-i CERT_C-INT31-j CERT_C-INT31-k CERT_C-INT31-l CERT_C-INT31-m CERT_C-INT31-nCERT_C-INT31-o An expression of essentially Boolean type should always be used where an operand is interpreted as a Boolean value An operand of essentially Boolean type should not be used where an operand is interpreted as a numeric value An operand of essentially character type should not be used where an operand is interpreted as a numeric value An operand of essentially enum type should not be used in an arithmetic operation Shift and bitwise operations should not be performed on operands of essentially signed or enum type An operand of essentially signed or enum type should not be used as the right hand operand to the bitwise shifting operator An operand of essentially unsigned type should not be used as the operand to the unary minus operator The value of an expression shall not be assigned to an object with a narrower essential type The value of an expression shall not be assigned to an object of a different essential type category Both operands of an operator in which the usual arithmetic conversions are performed shall have the same essential type category The second and third operands of the ternary operator shall have the same essential type category The value of a composite expression shall not be assigned to an object with wider essential type If a composite expression is used as one operand of an operator in which the usual arithmetic conversions are performed then the other operand shall not have wider essential type If a composite expression is used as one (second or third) operand of a conditional operator then the other operand shall not have wider essential type Avoid integer overflows
    Polyspace Bug Finder R2023a CERT C: Rule INT31-C Checks for: Integer conversion overflownteger conversion overflow, call to memset with unintended value all to memset with unintended value , sign change integer conversion overflowign change integer conversion overflow, tainted sign change conversionainted sign change conversion, unsigned integer conversion overflownsigned integer conversion overflow. Rule partially covered.
    PRQA QA-C 9.7 2850, 2851, 2852, 2853, 2855, 2856, 2857, 2858, 2890, 2891, 2892, 2893, 2895, 2896, 2897, 2898 2900, 2901, 2902, 2903, 2905, 2906, 2907, 2908 Partially implemented
    PRQA QA-C++ 4.4 2850, 2851, 2852, 2853, 2855, 2856, 2857, 2858, 2890, 2891, 2892, 2893, 2895, 2896, 2897, 2898, 2900, 2901, 2902, 2903, 2905, 2906, 2907, 2908, 3000, 3010
    PVS-Studio 7.23 V562 , V569 , V642 , V676 , V716 , V721 , V724 , V732 , V739 , V784 , V793 , V1019 , V1029 , V1046
    RuleChecker 22.04 Supported via MISRA C:2012 Rules 10.1, 10.3, 10.4, 10.6 and 10.7
    TrustInSoft Analyzer 1.38 signed_downcast Exhaustively verified.
    \* Coverity Prevent cannot discover all violations of this rule, so further [verification](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-verification) is necessary. diff --git a/c/cert/src/rules/INT32-C/SignedIntegerOverflow.md b/c/cert/src/rules/INT32-C/SignedIntegerOverflow.md index 0595d28a10..dbe36775bf 100644 --- a/c/cert/src/rules/INT32-C/SignedIntegerOverflow.md +++ b/c/cert/src/rules/INT32-C/SignedIntegerOverflow.md @@ -5,7 +5,6 @@ This query implements the CERT-C rule INT32-C: > Ensure that operations on signed integers do not result in overflow - ## Description Signed integer overflow is [undefined behavior 36](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). Consequently, [implementations](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation) have considerable latitude in how they deal with signed integer overflow. (See [MSC15-C. Do not depend on undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/MSC15-C.+Do+not+depend+on+undefined+behavior).) An implementation that defines signed integer types as being modulo, for example, need not detect integer overflow. Implementations may also trap on signed arithmetic overflows, or simply assume that overflows will never happen and generate object code accordingly. It is also possible for the same conforming implementation to emit code that exhibits different behavior in different contexts. For example, an implementation may determine that a signed integer loop control variable declared in a local scope cannot overflow and may emit efficient code on the basis of that determination, while the same implementation may determine that a global variable used in a similar context will wrap. diff --git a/c/cert/src/rules/INT33-C/DivOrRemByZero.md b/c/cert/src/rules/INT33-C/DivOrRemByZero.md index 2a6f184488..0810ee078c 100644 --- a/c/cert/src/rules/INT33-C/DivOrRemByZero.md +++ b/c/cert/src/rules/INT33-C/DivOrRemByZero.md @@ -5,7 +5,6 @@ This query implements the CERT-C rule INT33-C: > Ensure that division and remainder operations do not result in divide-by-zero errors - ## Description The C Standard identifies the following condition under which division and remainder operations result in [undefined behavior (UB)](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior): diff --git a/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.md b/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.md index 60edb34960..7cf3875831 100644 --- a/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.md +++ b/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.md @@ -5,7 +5,6 @@ This query implements the CERT-C rule INT35-C: > Use correct integer precisions - ## Description Integer types in C have both a *size* and a *precision*. The size indicates the number of bytes used by an object and can be retrieved for any object or type using the `sizeof` operator. The precision of an integer type is the number of bits it uses to represent values, excluding any sign and padding bits. From 3cede4529c8112fcc153d5e6610f5ecbf81eaa35 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Thu, 23 Mar 2023 23:17:53 +0100 Subject: [PATCH 0857/2573] Revert "Regenerate help files to resolve format issue" This reverts commit f5bfa52b2540e42ea6829628124809601776af3f. --- c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.md | 1 + c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.md | 2 +- c/cert/src/rules/INT32-C/SignedIntegerOverflow.md | 1 + c/cert/src/rules/INT33-C/DivOrRemByZero.md | 1 + c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.md | 1 + 5 files changed, 5 insertions(+), 1 deletion(-) diff --git a/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.md b/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.md index d57756b4b5..48ede39b5f 100644 --- a/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.md +++ b/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.md @@ -5,6 +5,7 @@ This query implements the CERT-C rule INT30-C: > Ensure that unsigned integer operations do not wrap + ## Description The C Standard, 6.2.5, paragraph 9 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\], states diff --git a/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.md b/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.md index 4c53db68ad..54d5e7d2ae 100644 --- a/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.md +++ b/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.md @@ -5,6 +5,7 @@ This query implements the CERT-C rule INT31-C: > Ensure that integer conversions do not result in lost or misinterpreted data + ## Description Integer conversions, both implicit and explicit (using a cast), must be guaranteed not to result in lost or misinterpreted data. This rule is particularly true for integer values that originate from untrusted sources and are used in any of the following ways: @@ -293,7 +294,6 @@ Integer truncation errors can lead to buffer overflows and the execution of arbi ## Automated Detection
    Tool Version Checker Description
    Astrée 22.04 Supported via MISRA C:2012 Rules 10.1, 10.3, 10.4, 10.6 and 10.7
    CodeSonar 7.2p0 LANG.CAST.PC.AVLANG.CAST.PC.CONST2PTRLANG.CAST.PC.INT LANG.CAST.COERCELANG.CAST.VALUE ALLOC.SIZE.TRUNCMISC.MEM.SIZE.TRUNC LANG.MEM.TBA Cast: arithmetic type/void pointer Conversion: integer constant to pointer Conversion: pointer/integer Coercion alters value Cast alters value Truncation of allocation size Truncation of size Tainted buffer access
    Compass/ROSE Can detect violations of this rule. However, false warnings may be raised if limits.h is included
    Coverity \* 2017.07 NEGATIVE_RETURNS REVERSE_NEGATIVE MISRA_CAST Can find array accesses, loop bounds, and other expressions that may contain dangerous implied integer conversions that would result in unexpected behavior Can find instances where a negativity check occurs after the negative value has been used for something else Can find instances where an integer expression is implicitly converted to a narrower integer type, where the signedness of an integer value is implicitly converted, or where the type of a complex expression is implicitly converted
    Cppcheck 1.66 memsetValueOutOfRange The second argument to memset() cannot be represented as unsigned char
    Helix QAC 2022.4 C2850, C2855, C2890, C2895, C2900, C2905, C++2850, C++2855, C++2890, C++2895, C++2900, C++2905, C++3000, C++3010 DF2851, DF2852, DF2853, DF2856, DF2857, DF2858, DF2891, DF2892, DF2893, DF2896, DF2897, DF2898, DF2901, DF2902, DF2903, DF2906, DF2907, DF2908
    Klocwork 2022.4 PORTING.CAST.SIZE
    LDRA tool suite 9.7.1 93 S , 433 S , 434 S Partially implemented
    Parasoft C/C++test 2022.2 CERT_C-INT31-a CERT_C-INT31-b CERT_C-INT31-c CERT_C-INT31-d CERT_C-INT31-e CERT_C-INT31-f CERT_C-INT31-g CERT_C-INT31-h CERT_C-INT31-i CERT_C-INT31-j CERT_C-INT31-k CERT_C-INT31-l CERT_C-INT31-m CERT_C-INT31-nCERT_C-INT31-o An expression of essentially Boolean type should always be used where an operand is interpreted as a Boolean value An operand of essentially Boolean type should not be used where an operand is interpreted as a numeric value An operand of essentially character type should not be used where an operand is interpreted as a numeric value An operand of essentially enum type should not be used in an arithmetic operation Shift and bitwise operations should not be performed on operands of essentially signed or enum type An operand of essentially signed or enum type should not be used as the right hand operand to the bitwise shifting operator An operand of essentially unsigned type should not be used as the operand to the unary minus operator The value of an expression shall not be assigned to an object with a narrower essential type The value of an expression shall not be assigned to an object of a different essential type category Both operands of an operator in which the usual arithmetic conversions are performed shall have the same essential type category The second and third operands of the ternary operator shall have the same essential type category The value of a composite expression shall not be assigned to an object with wider essential type If a composite expression is used as one operand of an operator in which the usual arithmetic conversions are performed then the other operand shall not have wider essential type If a composite expression is used as one (second or third) operand of a conditional operator then the other operand shall not have wider essential type Avoid integer overflows
    Polyspace Bug Finder R2022b CERT C: Rule INT31-C Checks for: Integer conversion overflownteger conversion overflow, call to memset with unintended value all to memset with unintended value , sign change integer conversion overflowign change integer conversion overflow, tainted sign change conversionainted sign change conversion, unsigned integer conversion overflownsigned integer conversion overflow. Rule partially covered.
    PRQA QA-C 9.7 2850, 2851, 2852, 2853, 2855, 2856, 2857, 2858, 2890, 2891, 2892, 2893, 2895, 2896, 2897, 2898 2900, 2901, 2902, 2903, 2905, 2906, 2907, 2908 Partially implemented
    PRQA QA-C++ 4.4 2850, 2851, 2852, 2853, 2855, 2856, 2857, 2858, 2890, 2891, 2892, 2893, 2895, 2896, 2897, 2898, 2900, 2901, 2902, 2903, 2905, 2906, 2907, 2908, 3000, 3010
    PVS-Studio 7.23 V562 , V569 , V642 , V676 , V716 , V721 , V724 , V732 , V739 , V784 , V793 , V1019 , V1029 , V1046
    RuleChecker 22.04 Supported via MISRA C:2012 Rules 10.1, 10.3, 10.4, 10.6 and 10.7
    TrustInSoft Analyzer 1.38 signed_downcast Exhaustively verified.
    -
    Tool Version Checker Description
    Astrée 22.04 Supported via MISRA C:2012 Rules 10.1, 10.3, 10.4, 10.6 and 10.7
    CodeSonar 7.2p0 LANG.CAST.PC.AVLANG.CAST.PC.CONST2PTRLANG.CAST.PC.INT LANG.CAST.COERCELANG.CAST.VALUE ALLOC.SIZE.TRUNCMISC.MEM.SIZE.TRUNC LANG.MEM.TBA Cast: arithmetic type/void pointer Conversion: integer constant to pointer Conversion: pointer/integer Coercion alters value Cast alters value Truncation of allocation size Truncation of size Tainted buffer access
    Compass/ROSE Can detect violations of this rule. However, false warnings may be raised if limits.h is included
    Coverity \* 2017.07 NEGATIVE_RETURNS REVERSE_NEGATIVE MISRA_CAST Can find array accesses, loop bounds, and other expressions that may contain dangerous implied integer conversions that would result in unexpected behavior Can find instances where a negativity check occurs after the negative value has been used for something else Can find instances where an integer expression is implicitly converted to a narrower integer type, where the signedness of an integer value is implicitly converted, or where the type of a complex expression is implicitly converted
    Cppcheck 1.66 memsetValueOutOfRange The second argument to memset() cannot be represented as unsigned char
    Helix QAC 2022.4 C2850, C2855, C2890, C2895, C2900, C2905, C++2850, C++2855, C++2890, C++2895, C++2900, C++2905, C++3000, C++3010 DF2851, DF2852, DF2853, DF2856, DF2857, DF2858, DF2891, DF2892, DF2893, DF2896, DF2897, DF2898, DF2901, DF2902, DF2903, DF2906, DF2907, DF2908
    Klocwork 2022.4 PORTING.CAST.SIZE
    LDRA tool suite 9.7.1 93 S , 433 S , 434 S Partially implemented
    Parasoft C/C++test 2022.2 CERT_C-INT31-a CERT_C-INT31-b CERT_C-INT31-c CERT_C-INT31-d CERT_C-INT31-e CERT_C-INT31-f CERT_C-INT31-g CERT_C-INT31-h CERT_C-INT31-i CERT_C-INT31-j CERT_C-INT31-k CERT_C-INT31-l CERT_C-INT31-m CERT_C-INT31-nCERT_C-INT31-o An expression of essentially Boolean type should always be used where an operand is interpreted as a Boolean value An operand of essentially Boolean type should not be used where an operand is interpreted as a numeric value An operand of essentially character type should not be used where an operand is interpreted as a numeric value An operand of essentially enum type should not be used in an arithmetic operation Shift and bitwise operations should not be performed on operands of essentially signed or enum type An operand of essentially signed or enum type should not be used as the right hand operand to the bitwise shifting operator An operand of essentially unsigned type should not be used as the operand to the unary minus operator The value of an expression shall not be assigned to an object with a narrower essential type The value of an expression shall not be assigned to an object of a different essential type category Both operands of an operator in which the usual arithmetic conversions are performed shall have the same essential type category The second and third operands of the ternary operator shall have the same essential type category The value of a composite expression shall not be assigned to an object with wider essential type If a composite expression is used as one operand of an operator in which the usual arithmetic conversions are performed then the other operand shall not have wider essential type If a composite expression is used as one (second or third) operand of a conditional operator then the other operand shall not have wider essential type Avoid integer overflows
    Polyspace Bug Finder R2023a CERT C: Rule INT31-C Checks for: Integer conversion overflownteger conversion overflow, call to memset with unintended value all to memset with unintended value , sign change integer conversion overflowign change integer conversion overflow, tainted sign change conversionainted sign change conversion, unsigned integer conversion overflownsigned integer conversion overflow. Rule partially covered.
    PRQA QA-C 9.7 2850, 2851, 2852, 2853, 2855, 2856, 2857, 2858, 2890, 2891, 2892, 2893, 2895, 2896, 2897, 2898 2900, 2901, 2902, 2903, 2905, 2906, 2907, 2908 Partially implemented
    PRQA QA-C++ 4.4 2850, 2851, 2852, 2853, 2855, 2856, 2857, 2858, 2890, 2891, 2892, 2893, 2895, 2896, 2897, 2898, 2900, 2901, 2902, 2903, 2905, 2906, 2907, 2908, 3000, 3010
    PVS-Studio 7.23 V562 , V569 , V642 , V676 , V716 , V721 , V724 , V732 , V739 , V784 , V793 , V1019 , V1029 , V1046
    RuleChecker 22.04 Supported via MISRA C:2012 Rules 10.1, 10.3, 10.4, 10.6 and 10.7
    TrustInSoft Analyzer 1.38 signed_downcast Exhaustively verified.
    \* Coverity Prevent cannot discover all violations of this rule, so further [verification](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-verification) is necessary. diff --git a/c/cert/src/rules/INT32-C/SignedIntegerOverflow.md b/c/cert/src/rules/INT32-C/SignedIntegerOverflow.md index dbe36775bf..0595d28a10 100644 --- a/c/cert/src/rules/INT32-C/SignedIntegerOverflow.md +++ b/c/cert/src/rules/INT32-C/SignedIntegerOverflow.md @@ -5,6 +5,7 @@ This query implements the CERT-C rule INT32-C: > Ensure that operations on signed integers do not result in overflow + ## Description Signed integer overflow is [undefined behavior 36](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). Consequently, [implementations](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation) have considerable latitude in how they deal with signed integer overflow. (See [MSC15-C. Do not depend on undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/MSC15-C.+Do+not+depend+on+undefined+behavior).) An implementation that defines signed integer types as being modulo, for example, need not detect integer overflow. Implementations may also trap on signed arithmetic overflows, or simply assume that overflows will never happen and generate object code accordingly. It is also possible for the same conforming implementation to emit code that exhibits different behavior in different contexts. For example, an implementation may determine that a signed integer loop control variable declared in a local scope cannot overflow and may emit efficient code on the basis of that determination, while the same implementation may determine that a global variable used in a similar context will wrap. diff --git a/c/cert/src/rules/INT33-C/DivOrRemByZero.md b/c/cert/src/rules/INT33-C/DivOrRemByZero.md index 0810ee078c..2a6f184488 100644 --- a/c/cert/src/rules/INT33-C/DivOrRemByZero.md +++ b/c/cert/src/rules/INT33-C/DivOrRemByZero.md @@ -5,6 +5,7 @@ This query implements the CERT-C rule INT33-C: > Ensure that division and remainder operations do not result in divide-by-zero errors + ## Description The C Standard identifies the following condition under which division and remainder operations result in [undefined behavior (UB)](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior): diff --git a/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.md b/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.md index 7cf3875831..60edb34960 100644 --- a/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.md +++ b/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.md @@ -5,6 +5,7 @@ This query implements the CERT-C rule INT35-C: > Use correct integer precisions + ## Description Integer types in C have both a *size* and a *precision*. The size indicates the number of bytes used by an object and can be retrieved for any object or type using the `sizeof` operator. The precision of an integer type is the number of bits it uses to represent values, excluding any sign and padding bits. From 1bdbdcdc2c6bbad9685e29ebc458ebffe1679acc Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Thu, 23 Mar 2023 23:20:47 +0100 Subject: [PATCH 0858/2573] Fix rule help format issue --- c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.md | 1 - c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.md | 1 - c/cert/src/rules/INT32-C/SignedIntegerOverflow.md | 1 - c/cert/src/rules/INT33-C/DivOrRemByZero.md | 1 - c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.md | 1 - 5 files changed, 5 deletions(-) diff --git a/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.md b/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.md index 48ede39b5f..d57756b4b5 100644 --- a/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.md +++ b/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.md @@ -5,7 +5,6 @@ This query implements the CERT-C rule INT30-C: > Ensure that unsigned integer operations do not wrap - ## Description The C Standard, 6.2.5, paragraph 9 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\], states diff --git a/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.md b/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.md index 54d5e7d2ae..50e0bfdbe0 100644 --- a/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.md +++ b/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.md @@ -5,7 +5,6 @@ This query implements the CERT-C rule INT31-C: > Ensure that integer conversions do not result in lost or misinterpreted data - ## Description Integer conversions, both implicit and explicit (using a cast), must be guaranteed not to result in lost or misinterpreted data. This rule is particularly true for integer values that originate from untrusted sources and are used in any of the following ways: diff --git a/c/cert/src/rules/INT32-C/SignedIntegerOverflow.md b/c/cert/src/rules/INT32-C/SignedIntegerOverflow.md index 0595d28a10..dbe36775bf 100644 --- a/c/cert/src/rules/INT32-C/SignedIntegerOverflow.md +++ b/c/cert/src/rules/INT32-C/SignedIntegerOverflow.md @@ -5,7 +5,6 @@ This query implements the CERT-C rule INT32-C: > Ensure that operations on signed integers do not result in overflow - ## Description Signed integer overflow is [undefined behavior 36](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). Consequently, [implementations](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation) have considerable latitude in how they deal with signed integer overflow. (See [MSC15-C. Do not depend on undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/MSC15-C.+Do+not+depend+on+undefined+behavior).) An implementation that defines signed integer types as being modulo, for example, need not detect integer overflow. Implementations may also trap on signed arithmetic overflows, or simply assume that overflows will never happen and generate object code accordingly. It is also possible for the same conforming implementation to emit code that exhibits different behavior in different contexts. For example, an implementation may determine that a signed integer loop control variable declared in a local scope cannot overflow and may emit efficient code on the basis of that determination, while the same implementation may determine that a global variable used in a similar context will wrap. diff --git a/c/cert/src/rules/INT33-C/DivOrRemByZero.md b/c/cert/src/rules/INT33-C/DivOrRemByZero.md index 2a6f184488..0810ee078c 100644 --- a/c/cert/src/rules/INT33-C/DivOrRemByZero.md +++ b/c/cert/src/rules/INT33-C/DivOrRemByZero.md @@ -5,7 +5,6 @@ This query implements the CERT-C rule INT33-C: > Ensure that division and remainder operations do not result in divide-by-zero errors - ## Description The C Standard identifies the following condition under which division and remainder operations result in [undefined behavior (UB)](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior): diff --git a/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.md b/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.md index 60edb34960..7cf3875831 100644 --- a/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.md +++ b/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.md @@ -5,7 +5,6 @@ This query implements the CERT-C rule INT35-C: > Use correct integer precisions - ## Description Integer types in C have both a *size* and a *precision*. The size indicates the number of bytes used by an object and can be retrieved for any object or type using the `sizeof` operator. The precision of an integer type is the number of bits it uses to represent values, excluding any sign and padding bits. From 501e8dae365615636c577a53a285ac99e3dc84b8 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 23 Mar 2023 22:42:08 +0000 Subject: [PATCH 0859/2573] Rule 15.4: Improve query * Accurately determine which loops each `break` and `goto` statement breaks out of. - `break` breaks out of the nearest enclosing breakable, which could be a switch. - `goto` depends on the target, and which breakables are shared between both the goto and target. * Add a placeholder location for the break or goto (so that it can be more easily verified). * Include more tests. --- .../rules/RULE-15-4/LoopIterationCondition.ql | 46 +++++++++++++++---- .../RULE-15-4/LoopIterationCondition.expected | 9 +++- c/misra/test/rules/RULE-15-4/test.c | 45 ++++++++++++++++++ 3 files changed, 88 insertions(+), 12 deletions(-) diff --git a/c/misra/src/rules/RULE-15-4/LoopIterationCondition.ql b/c/misra/src/rules/RULE-15-4/LoopIterationCondition.ql index 9176aea2e1..ed541a68d0 100644 --- a/c/misra/src/rules/RULE-15-4/LoopIterationCondition.ql +++ b/c/misra/src/rules/RULE-15-4/LoopIterationCondition.ql @@ -15,15 +15,41 @@ import cpp import codingstandards.c.misra -from Loop loop +/** + * A breaking statement. + */ +class BreakOrGotoStmt extends JumpStmt { + BreakOrGotoStmt() { + this instanceof BreakStmt or + this instanceof GotoStmt + } + + /** + * Gets a loop this breaks out of, if any. + * + * - This can produce no results if this is a `break` and the enclosing breakable is a switch statement. + * - This can produce no result if this is a `goto`, and the target is within the same nearest enclosing loop. + * - This can produce multiple results if this is a `goto`, and the target is outside multiple enclosing loops. + */ + Loop getABrokenLoop() { + result = this.(BreakStmt).getBreakable() + or + exists(GotoStmt goto | + goto = this and + // Find any loop that encloses this goto + result.getChildStmt*() = goto and + // But does not enclose the target of the goto i.e. the goto breaks out of it + not result.getChildStmt*() = goto.getTarget() + ) + } +} + +from Loop loop, BreakOrGotoStmt breakOrGoto where not isExcluded(loop, Statements2Package::loopIterationConditionQuery()) and - count(Stmt terminationStmt | - loop.getChildStmt*() = terminationStmt and - ( - terminationStmt instanceof BreakStmt - or - terminationStmt instanceof GotoStmt - ) - ) > 1 -select loop, "$@ statement contains more than one break or goto statement", loop, "Iteration" + // More than one break or goto statement in the loop + count(BreakOrGotoStmt terminationStmt | terminationStmt.getABrokenLoop() = loop) > 1 and + // Report a break or goto statement + breakOrGoto.getABrokenLoop() = loop +select loop, "Iteration statement contains more than one $@.", breakOrGoto, + "break or goto statement" diff --git a/c/misra/test/rules/RULE-15-4/LoopIterationCondition.expected b/c/misra/test/rules/RULE-15-4/LoopIterationCondition.expected index 6a8d9bf23a..a8dae0f411 100644 --- a/c/misra/test/rules/RULE-15-4/LoopIterationCondition.expected +++ b/c/misra/test/rules/RULE-15-4/LoopIterationCondition.expected @@ -1,2 +1,7 @@ -| test.c:24:3:32:3 | for(...;...;...) ... | $@ statement contains more than one break or goto statement | test.c:24:3:32:3 | for(...;...;...) ... | Iteration | -| test.c:38:3:45:3 | while (...) ... | $@ statement contains more than one break or goto statement | test.c:38:3:45:3 | while (...) ... | Iteration | +| test.c:24:3:32:3 | for(...;...;...) ... | Iteration statement contains more than one $@. | test.c:26:7:26:12 | break; | break or goto statement | +| test.c:24:3:32:3 | for(...;...;...) ... | Iteration statement contains more than one $@. | test.c:29:7:29:12 | break; | break or goto statement | +| test.c:24:3:32:3 | for(...;...;...) ... | Iteration statement contains more than one $@. | test.c:31:5:31:12 | goto ... | break or goto statement | +| test.c:38:3:45:3 | while (...) ... | Iteration statement contains more than one $@. | test.c:40:7:40:12 | break; | break or goto statement | +| test.c:38:3:45:3 | while (...) ... | Iteration statement contains more than one $@. | test.c:43:7:43:14 | goto ... | break or goto statement | +| test.c:61:3:72:3 | while (...) ... | Iteration statement contains more than one $@. | test.c:64:7:64:12 | break; | break or goto statement | +| test.c:61:3:72:3 | while (...) ... | Iteration statement contains more than one $@. | test.c:68:7:68:14 | goto ... | break or goto statement | diff --git a/c/misra/test/rules/RULE-15-4/test.c b/c/misra/test/rules/RULE-15-4/test.c index 382b040c55..6c0693be01 100644 --- a/c/misra/test/rules/RULE-15-4/test.c +++ b/c/misra/test/rules/RULE-15-4/test.c @@ -43,4 +43,49 @@ L1:; goto L1; } } + + while (k < 10) { // COMPLIANT - the nested goto + // only applies to the nested loop + if (k > 5) { + break; + } + while (k < 3) { // COMPLIANT + break; + } + } +} + +void f3(int k) { +L3: + k++; + while (k < 10) { // NON_COMPLIANT - the nested goto + // only applies to the switch + if (k > 5) { + break; + } + switch (k) { + case 1: + goto L3; + case 2: + break; + } + } +} + +void f4(int k) { + k++; + while (k < 10) { // COMPLIANT + if (k > 5) { + break; + } + switch (k) { + case 1: + goto L4; + case 2: + k += 1; + L4: + k += 2; + break; + } + } } From 745d04cf6a6f230dd34e6d3711b95881608b05da Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 23 Mar 2023 23:16:27 +0000 Subject: [PATCH 0860/2573] Rule 16.7: Use the essential type Relational operations do not have boolean type in C, so we need to use the essential type library to identify them. --- .../rules/RULE-16-7/SwitchExpressionBoolCondition.ql | 11 +++++++---- .../RULE-16-7/SwitchExpressionBoolCondition.expected | 2 ++ 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/c/misra/src/rules/RULE-16-7/SwitchExpressionBoolCondition.ql b/c/misra/src/rules/RULE-16-7/SwitchExpressionBoolCondition.ql index 8e579d5914..9aeb50d26e 100644 --- a/c/misra/src/rules/RULE-16-7/SwitchExpressionBoolCondition.ql +++ b/c/misra/src/rules/RULE-16-7/SwitchExpressionBoolCondition.ql @@ -13,8 +13,11 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.SwitchStatement +import codingstandards.c.misra.EssentialTypes -from BooleanSwitchStmt switch -where not isExcluded(switch, Statements2Package::switchExpressionBoolConditionQuery()) -select switch, "The condition of this $@ statement has boolean type", switch, "switch" +from SwitchStmt switch, Expr controllingExpr +where + not isExcluded(switch, Statements2Package::switchExpressionBoolConditionQuery()) and + controllingExpr = switch.getControllingExpr() and + getEssentialTypeCategory(getEssentialType(controllingExpr)) = EssentiallyBooleanType() +select controllingExpr, "The condition of this $@ statement has boolean type", switch, "switch" diff --git a/c/misra/test/rules/RULE-16-7/SwitchExpressionBoolCondition.expected b/c/misra/test/rules/RULE-16-7/SwitchExpressionBoolCondition.expected index e69de29bb2..ac74217dc3 100644 --- a/c/misra/test/rules/RULE-16-7/SwitchExpressionBoolCondition.expected +++ b/c/misra/test/rules/RULE-16-7/SwitchExpressionBoolCondition.expected @@ -0,0 +1,2 @@ +| test.c:16:11:16:17 | ... == ... | The condition of this $@ statement has boolean type | test.c:16:3:24:3 | switch (...) ... | switch | +| test.c:28:11:28:24 | ... == ... | The condition of this $@ statement has boolean type | test.c:28:3:36:3 | switch (...) ... | switch | From 16c0a8c677dc47124aaba995cc6aeeedd9ccd487 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 23 Mar 2023 23:53:32 +0000 Subject: [PATCH 0861/2573] Rule 14.4: Convert to non-shared queries This rule requires the use of the MISRA only essential types library. This is because in C comparison expressions do not natively have boolean type. --- .../NonBooleanIfStmt.expected | 3 --- .../nonbooleanifstmt/NonBooleanIfStmt.ql | 2 -- .../NonBooleanIterationStmt.expected | 3 --- .../NonBooleanIterationStmt.ql | 2 -- .../rules/RULE-14-4/NonBooleanIfCondition.ql | 17 ++++++++----- .../RULE-14-4/NonBooleanIterationCondition.ql | 24 +++++++++++++++---- .../RULE-14-4/NonBooleanIfCondition.expected | 3 +++ .../RULE-14-4/NonBooleanIfCondition.qlref | 1 + .../RULE-14-4/NonBooleanIfCondition.testref | 1 - .../NonBooleanIterationCondition.expected | 2 ++ .../NonBooleanIterationCondition.qlref | 1 + .../NonBooleanIterationCondition.testref | 1 - .../test/rules/RULE-14-4}/test.c | 8 ++++++- .../test/rules/RULE-14-4/test_iteration.c} | 0 .../nonbooleanifstmt/NonBooleanIfStmt.qll | 2 +- rule_packages/c/Statements4.json | 2 -- 16 files changed, 45 insertions(+), 27 deletions(-) delete mode 100644 c/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.expected delete mode 100644 c/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql delete mode 100644 c/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.expected delete mode 100644 c/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql create mode 100644 c/misra/test/rules/RULE-14-4/NonBooleanIfCondition.expected create mode 100644 c/misra/test/rules/RULE-14-4/NonBooleanIfCondition.qlref delete mode 100644 c/misra/test/rules/RULE-14-4/NonBooleanIfCondition.testref create mode 100644 c/misra/test/rules/RULE-14-4/NonBooleanIterationCondition.expected create mode 100644 c/misra/test/rules/RULE-14-4/NonBooleanIterationCondition.qlref delete mode 100644 c/misra/test/rules/RULE-14-4/NonBooleanIterationCondition.testref rename c/{common/test/rules/nonbooleanifstmt => misra/test/rules/RULE-14-4}/test.c (76%) rename c/{common/test/rules/nonbooleaniterationstmt/test.c => misra/test/rules/RULE-14-4/test_iteration.c} (100%) diff --git a/c/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.expected b/c/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.expected deleted file mode 100644 index 490b14b9bf..0000000000 --- a/c/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.expected +++ /dev/null @@ -1,3 +0,0 @@ -| test.c:7:7:7:8 | l1 | If condition has non boolean type int. | -| test.c:9:7:9:8 | call to f1 | If condition has non boolean type int. | -| test.c:12:7:12:8 | l2 | If condition has non boolean type void *. | diff --git a/c/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql b/c/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql deleted file mode 100644 index da907fcf9e..0000000000 --- a/c/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql +++ /dev/null @@ -1,2 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.nonbooleanifstmt.NonBooleanIfStmt diff --git a/c/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.expected b/c/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.expected deleted file mode 100644 index 3d3aa974dd..0000000000 --- a/c/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.expected +++ /dev/null @@ -1,3 +0,0 @@ -| test.c:5:3:6:3 | for(...;...;...) ... | Iteration condition has non boolean type int. | -| test.c:7:3:8:3 | while (...) ... | Iteration condition has non boolean type int. | -| test.c:13:3:14:3 | for(...;...;...) ... | Iteration condition has non boolean type int. | diff --git a/c/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql b/c/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql deleted file mode 100644 index ffe3f351c6..0000000000 --- a/c/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql +++ /dev/null @@ -1,2 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.nonbooleaniterationstmt.NonBooleanIterationStmt diff --git a/c/misra/src/rules/RULE-14-4/NonBooleanIfCondition.ql b/c/misra/src/rules/RULE-14-4/NonBooleanIfCondition.ql index ab5144fbc2..87d9d31512 100644 --- a/c/misra/src/rules/RULE-14-4/NonBooleanIfCondition.ql +++ b/c/misra/src/rules/RULE-14-4/NonBooleanIfCondition.ql @@ -13,10 +13,15 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.rules.nonbooleanifstmt.NonBooleanIfStmt +import codingstandards.c.misra.EssentialTypes -class NonBooleanIfConditionQuery extends NonBooleanIfStmtSharedQuery { - NonBooleanIfConditionQuery() { - this = Statements4Package::nonBooleanIfConditionQuery() - } -} +from Expr condition, Type essentialType +where + not isExcluded(condition, Statements4Package::nonBooleanIfConditionQuery()) and + exists(IfStmt ifStmt | + not ifStmt.isFromUninstantiatedTemplate(_) and + condition = ifStmt.getCondition() and + essentialType = getEssentialType(ifStmt.getCondition()) and + not getEssentialTypeCategory(essentialType) = EssentiallyBooleanType() + ) +select condition, "If condition has non boolean essential type " + essentialType + "." diff --git a/c/misra/src/rules/RULE-14-4/NonBooleanIterationCondition.ql b/c/misra/src/rules/RULE-14-4/NonBooleanIterationCondition.ql index 01482c5e0e..b2644a7a92 100644 --- a/c/misra/src/rules/RULE-14-4/NonBooleanIterationCondition.ql +++ b/c/misra/src/rules/RULE-14-4/NonBooleanIterationCondition.ql @@ -13,10 +13,24 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.rules.nonbooleaniterationstmt.NonBooleanIterationStmt +import codingstandards.c.misra.EssentialTypes -class NonBooleanIterationConditionQuery extends NonBooleanIterationStmtSharedQuery { - NonBooleanIterationConditionQuery() { - this = Statements4Package::nonBooleanIterationConditionQuery() - } +/** A macro within the source location of this project. */ +class UserProvidedMacro extends Macro { + UserProvidedMacro() { exists(this.getFile().getRelativePath()) } } + +/** A macro defined within a library used by this project. */ +class LibraryMacro extends Macro { + LibraryMacro() { not this instanceof UserProvidedMacro } +} + +from Expr condition, Loop l, Type essentialType +where + not isExcluded(condition, Statements4Package::nonBooleanIterationConditionQuery()) and + // Exclude loops generated from library macros + not l = any(LibraryMacro lm).getAnInvocation().getAGeneratedElement() and + condition = l.getCondition() and + essentialType = getEssentialType(condition) and + not getEssentialTypeCategory(essentialType) = EssentiallyBooleanType() +select condition, "Iteration condition has non boolean type " + essentialType + "." diff --git a/c/misra/test/rules/RULE-14-4/NonBooleanIfCondition.expected b/c/misra/test/rules/RULE-14-4/NonBooleanIfCondition.expected new file mode 100644 index 0000000000..c8a7508f2b --- /dev/null +++ b/c/misra/test/rules/RULE-14-4/NonBooleanIfCondition.expected @@ -0,0 +1,3 @@ +| test.c:7:7:7:8 | l1 | If condition has non boolean essential type int. | +| test.c:9:7:9:8 | call to f1 | If condition has non boolean essential type int. | +| test.c:12:7:12:8 | l2 | If condition has non boolean essential type void *. | diff --git a/c/misra/test/rules/RULE-14-4/NonBooleanIfCondition.qlref b/c/misra/test/rules/RULE-14-4/NonBooleanIfCondition.qlref new file mode 100644 index 0000000000..cdfd3b5ea3 --- /dev/null +++ b/c/misra/test/rules/RULE-14-4/NonBooleanIfCondition.qlref @@ -0,0 +1 @@ +rules/RULE-14-4/NonBooleanIfCondition.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-14-4/NonBooleanIfCondition.testref b/c/misra/test/rules/RULE-14-4/NonBooleanIfCondition.testref deleted file mode 100644 index e586a8d8ec..0000000000 --- a/c/misra/test/rules/RULE-14-4/NonBooleanIfCondition.testref +++ /dev/null @@ -1 +0,0 @@ -c/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-14-4/NonBooleanIterationCondition.expected b/c/misra/test/rules/RULE-14-4/NonBooleanIterationCondition.expected new file mode 100644 index 0000000000..daf7a4be85 --- /dev/null +++ b/c/misra/test/rules/RULE-14-4/NonBooleanIterationCondition.expected @@ -0,0 +1,2 @@ +| test_iteration.c:5:20:5:20 | i | Iteration condition has non boolean type int. | +| test_iteration.c:7:10:7:11 | l1 | Iteration condition has non boolean type int. | diff --git a/c/misra/test/rules/RULE-14-4/NonBooleanIterationCondition.qlref b/c/misra/test/rules/RULE-14-4/NonBooleanIterationCondition.qlref new file mode 100644 index 0000000000..b7483581b4 --- /dev/null +++ b/c/misra/test/rules/RULE-14-4/NonBooleanIterationCondition.qlref @@ -0,0 +1 @@ +rules/RULE-14-4/NonBooleanIterationCondition.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-14-4/NonBooleanIterationCondition.testref b/c/misra/test/rules/RULE-14-4/NonBooleanIterationCondition.testref deleted file mode 100644 index 15f5d0713f..0000000000 --- a/c/misra/test/rules/RULE-14-4/NonBooleanIterationCondition.testref +++ /dev/null @@ -1 +0,0 @@ -c/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql \ No newline at end of file diff --git a/c/common/test/rules/nonbooleanifstmt/test.c b/c/misra/test/rules/RULE-14-4/test.c similarity index 76% rename from c/common/test/rules/nonbooleanifstmt/test.c rename to c/misra/test/rules/RULE-14-4/test.c index ca71348a5b..faf7efd83b 100644 --- a/c/common/test/rules/nonbooleanifstmt/test.c +++ b/c/misra/test/rules/RULE-14-4/test.c @@ -1,4 +1,4 @@ -#include "stdbool.h" +#include int f1(); void *f2(); @@ -21,4 +21,10 @@ void f4() { int l2 = 1; if ((const bool)l2) { // COMPLIANT } + + if (l2 < 3) { // COMPLIANT + } + + if (true) { // COMPLIANT + } } \ No newline at end of file diff --git a/c/common/test/rules/nonbooleaniterationstmt/test.c b/c/misra/test/rules/RULE-14-4/test_iteration.c similarity index 100% rename from c/common/test/rules/nonbooleaniterationstmt/test.c rename to c/misra/test/rules/RULE-14-4/test_iteration.c diff --git a/cpp/common/src/codingstandards/cpp/rules/nonbooleanifstmt/NonBooleanIfStmt.qll b/cpp/common/src/codingstandards/cpp/rules/nonbooleanifstmt/NonBooleanIfStmt.qll index f2933f755a..18346a8159 100644 --- a/cpp/common/src/codingstandards/cpp/rules/nonbooleanifstmt/NonBooleanIfStmt.qll +++ b/cpp/common/src/codingstandards/cpp/rules/nonbooleanifstmt/NonBooleanIfStmt.qll @@ -1,5 +1,5 @@ /** - * Provides a library which includes a `problems` predicate for reporting.... + * Provides a library which includes a `problems` predicate for reporting if statements which have non boolean conditions. */ import cpp diff --git a/rule_packages/c/Statements4.json b/rule_packages/c/Statements4.json index e76c984f76..56e13c9de6 100644 --- a/rule_packages/c/Statements4.json +++ b/rule_packages/c/Statements4.json @@ -55,7 +55,6 @@ "precision": "very-high", "severity": "recommendation", "short_name": "NonBooleanIfCondition", - "shared_implementation_short_name": "NonBooleanIfStmt", "tags": [ "maintainability", "readability" @@ -68,7 +67,6 @@ "precision": "very-high", "severity": "recommendation", "short_name": "NonBooleanIterationCondition", - "shared_implementation_short_name": "NonBooleanIterationStmt", "tags": [ "maintainability", "readability" From 3cd69084193544678f03222c23598646d55f7c59 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 17 Mar 2023 17:43:38 -0700 Subject: [PATCH 0862/2573] Address incorrect call of isInvalidForLoopIncrementation --- cpp/autosar/src/rules/M6-5-2/NotEqualsInLoopCondition.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/src/rules/M6-5-2/NotEqualsInLoopCondition.ql b/cpp/autosar/src/rules/M6-5-2/NotEqualsInLoopCondition.ql index 8729c948dd..8d20712021 100644 --- a/cpp/autosar/src/rules/M6-5-2/NotEqualsInLoopCondition.ql +++ b/cpp/autosar/src/rules/M6-5-2/NotEqualsInLoopCondition.ql @@ -19,7 +19,7 @@ import codingstandards.cpp.Loops from ForStmt fs, LoopControlVariable v where not isExcluded(fs, LoopsPackage::notEqualsInLoopConditionQuery()) and - isInvalidForLoopIncrementation(fs, v) + isInvalidForLoopIncrementation(fs, v, _) select fs, "For-loop counter $@ is updated by an increment larger than 1 and tested in the condition using == or !=.", v, v.getName() From 7221dc4d651d32d8595556acf2a0717b76137873 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 24 Mar 2023 00:13:29 +0000 Subject: [PATCH 0863/2573] Rule 14.3: Improve alert message --- .../rules/RULE-14-3/ControllingExprInvariant.ql | 8 ++++---- .../RULE-14-3/ControllingExprInvariant.expected | 14 +++++++------- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql b/c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql index 2c762b09ad..eb8e9ede82 100644 --- a/c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql +++ b/c/misra/src/rules/RULE-14-3/ControllingExprInvariant.ql @@ -31,7 +31,7 @@ where ) ) ) and - message = "Controlling expression in if statement has invariant value." + message = "Controlling expression in if statement has an invariant value." or exists(Loop loop | loop.getControllingExpr() = expr and @@ -47,7 +47,7 @@ where not expr instanceof Literal ) ) and - message = "Controlling expression in loop statement has invariant value." + message = "Controlling expression in loop statement has an invariant value." or exists(SwitchStmt switch | switch.getControllingExpr() = expr and @@ -56,7 +56,7 @@ where conditionAlwaysTrue(expr) ) ) and - message = "Controlling expression in switch statement has invariant value." + message = "Controlling expression in switch statement has an invariant value." or exists(ConditionalExpr conditional | conditional.getCondition() = expr and @@ -65,7 +65,7 @@ where conditionAlwaysTrue(expr) ) ) and - message = "Controlling expression in conditional statement has invariant value." + message = "Controlling expression in conditional statement has an invariant value." ) and // Exclude cases where the controlling expressions is affected by a macro, because they can appear // invariant in a particular invocation, but be variant between invocations. diff --git a/c/misra/test/rules/RULE-14-3/ControllingExprInvariant.expected b/c/misra/test/rules/RULE-14-3/ControllingExprInvariant.expected index 537fc7d4e5..c03c04d6cc 100644 --- a/c/misra/test/rules/RULE-14-3/ControllingExprInvariant.expected +++ b/c/misra/test/rules/RULE-14-3/ControllingExprInvariant.expected @@ -1,7 +1,7 @@ -| test.c:4:7:4:11 | ... > ... | Controlling expression in if statement has invariant value. | -| test.c:15:10:15:16 | ... > ... | Controlling expression in loop statement has invariant value. | -| test.c:16:9:16:13 | ... > ... | Controlling expression in if statement has invariant value. | -| test.c:20:20:20:24 | ... < ... | Controlling expression in loop statement has invariant value. | -| test.c:27:10:27:14 | ... < ... | Controlling expression in loop statement has invariant value. | -| test.c:37:3:37:6 | 1 | Controlling expression in conditional statement has invariant value. | -| test.c:38:3:38:3 | 1 | Controlling expression in conditional statement has invariant value. | +| test.c:4:7:4:11 | ... > ... | Controlling expression in if statement has an invariant value. | +| test.c:15:10:15:16 | ... > ... | Controlling expression in loop statement has an invariant value. | +| test.c:16:9:16:13 | ... > ... | Controlling expression in if statement has an invariant value. | +| test.c:20:20:20:24 | ... < ... | Controlling expression in loop statement has an invariant value. | +| test.c:27:10:27:14 | ... < ... | Controlling expression in loop statement has an invariant value. | +| test.c:37:3:37:6 | 1 | Controlling expression in conditional statement has an invariant value. | +| test.c:38:3:38:3 | 1 | Controlling expression in conditional statement has an invariant value. | From 907e1588b0603c5048e40ef5e8c1783b1feb6bfc Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Thu, 23 Mar 2023 17:41:59 -0700 Subject: [PATCH 0864/2573] Finalize INT34-C --- ...ftedbyNegativeOrGreaterPrecisionOperand.ql | 101 ++++++++---------- 1 file changed, 45 insertions(+), 56 deletions(-) diff --git a/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql b/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql index 354e651c2a..978dc8ccb2 100644 --- a/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql +++ b/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql @@ -13,6 +13,7 @@ import cpp import codingstandards.c.cert import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis +import semmle.code.cpp.ir.internal.ASTValueNumbering import semmle.code.cpp.controlflow.Guards /* @@ -34,6 +35,21 @@ class PrecisionMacro extends Macro { PrecisionMacro() { this.getName().toLowerCase().matches("precision") } } +class LiteralZero extends Literal { + LiteralZero() { this.getValue() = "0" } +} + +class BitShiftExpr extends BinaryBitwiseOperation { + BitShiftExpr() { + this instanceof LShiftExpr or + this instanceof RShiftExpr + } + + override string toString() { + if this instanceof LShiftExpr then result = "left-shift" else result = "right-shift" + } +} + int getPrecision(BuiltInType type) { type.(CharType).isExplicitlyUnsigned() and result = type.(CharType).getSize() * 8 or @@ -66,80 +82,53 @@ int getPrecision(BuiltInType type) { result = type.(LongLongType).getSize() * 8 - 1 } -predicate isForbiddenLShiftExpr(LShiftExpr binbitop, string message) { +predicate isForbiddenShiftExpr(BitShiftExpr shift, string message) { ( ( - getPrecision(binbitop.getLeftOperand().getUnderlyingType()) <= - upperBound(binbitop.getRightOperand()) and + getPrecision(shift.getLeftOperand().getUnderlyingType()) <= + upperBound(shift.getRightOperand()) and message = - "The operand " + binbitop.getLeftOperand() + " is left-shifted by an expression " + - binbitop.getRightOperand() + " which is greater than or equal to in precision." + "The operand " + shift.getLeftOperand() + " is " + shift + "ed by an expression " + + shift.getRightOperand() + " which is greater than or equal to in precision." or - lowerBound(binbitop.getRightOperand()) < 0 and + lowerBound(shift.getRightOperand()) < 0 and message = - "The operand " + binbitop.getLeftOperand() + " is left-shifted by a negative expression " + - binbitop.getRightOperand() + "." - ) - or - /* Check a guard condition protecting the shift statement: heuristic (not an iff query) */ - exists(GuardCondition gc, BasicBlock block, Expr precisionCall | - block = binbitop.getBasicBlock() and - ( - precisionCall.(FunctionCall).getTarget() instanceof PopCount - or - precisionCall = any(PrecisionMacro pm).getAnInvocation().getExpr() - ) - | - /* - * Shift statement is at a basic block where - * `shift_rhs < PRECISION(...)` is ensured - */ - - not gc.ensuresLt(binbitop.getRightOperand(), precisionCall, 0, block, true) + "The operand " + shift.getLeftOperand() + " is " + shift + "ed by a negative expression " + + shift.getRightOperand() + "." ) and - message = "TODO" - ) -} + /* + * Shift statement is not at a basic block where + * `shift_rhs < PRECISION(...)` is ensured + */ -predicate isForbiddenRShiftExpr(RShiftExpr binbitop, string message) { - ( - ( - getPrecision(binbitop.getLeftOperand().getUnderlyingType()) <= - upperBound(binbitop.getRightOperand()) and - message = - "The operand " + binbitop.getLeftOperand() + " is right-shifted by an expression " + - binbitop.getRightOperand() + " which is greater than or equal to in precision." - or - lowerBound(binbitop.getRightOperand()) < 0 and - message = - "The operand " + binbitop.getLeftOperand() + " is right-shifted by a negative expression " + - binbitop.getRightOperand() + "." - ) - or - /* Check a guard condition protecting the shift statement: heuristic (not an iff query) */ - exists(GuardCondition gc, BasicBlock block, Expr precisionCall | - block = binbitop.getBasicBlock() and + not exists(GuardCondition gc, BasicBlock block, Expr precisionCall, Expr lTLhs | + block = shift.getBasicBlock() and ( precisionCall.(FunctionCall).getTarget() instanceof PopCount or precisionCall = any(PrecisionMacro pm).getAnInvocation().getExpr() ) | - /* - * Shift statement is at a basic block where - * `shift_rhs < PRECISION(...)` is ensured - */ - - not gc.ensuresLt(binbitop.getRightOperand(), precisionCall, 0, block, true) + globalValueNumber(lTLhs) = globalValueNumber(shift.getRightOperand()) and + gc.ensuresLt(lTLhs, precisionCall, 0, block, true) ) and - message = "TODO" + /* + * Shift statement is not at a basic block where + * `shift_rhs < 0` is ensured + */ + + not exists(GuardCondition gc, BasicBlock block, Expr literalZero, Expr lTLhs | + block = shift.getBasicBlock() and + literalZero instanceof LiteralZero + | + globalValueNumber(lTLhs) = globalValueNumber(shift.getRightOperand()) and + gc.ensuresLt(lTLhs, literalZero, 0, block, true) + ) ) } from BinaryBitwiseOperation badShift, string message where not isExcluded(badShift, TypesPackage::exprShiftedbyNegativeOrGreaterPrecisionOperandQuery()) and - isForbiddenLShiftExpr(badShift, message) - or - isForbiddenRShiftExpr(badShift, message) + isForbiddenShiftExpr(badShift, message) select badShift, message From ec36bebe088799f04bff448e0b08d43487eaa5d9 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Thu, 23 Mar 2023 17:51:53 -0700 Subject: [PATCH 0865/2573] Update .expected for INT36-C --- ...gAPointerToIntegerOrIntegerToPointer.expected | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/c/cert/test/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.expected b/c/cert/test/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.expected index fc119af0b2..67a3935c0f 100644 --- a/c/cert/test/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.expected +++ b/c/cert/test/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.expected @@ -1,11 +1,9 @@ -| test.c:17:8:17:19 | int_pointer3 | Pointer variable int_pointer3 is declared as an expression 28036591, which is of integer type. | -| test.c:19:3:20:16 | ... = ... | Pointer variable int_pointer3 is assigned an expression 28036591, which is of integer type. | -| test.c:21:8:21:19 | int_pointer4 | Pointer variable int_pointer4 is declared as an expression integer1, which is of integer type. | -| test.c:26:8:26:23 | integer_address5 | Pointer variable integer_address5 is declared as an expression 28036591, which is of integer type. | +| test.c:17:23:17:32 | (int *)... | Integer expression 28036591 is implicitly cast to a pointer type. | +| test.c:20:7:20:16 | (int *)... | Integer expression 28036591 is implicitly cast to a pointer type. | +| test.c:22:7:22:14 | (int *)... | Integer expression integer1 is implicitly cast to a pointer type. | +| test.c:24:7:25:7 | (int *)... | Integer expression ... + ... is implicitly cast to a pointer type. | | test.c:27:7:27:23 | (int *)... | Integer expression 28036591 is cast to a pointer type. | -| test.c:28:8:28:23 | integer_address6 | Pointer variable integer_address6 is declared as an expression integer1, which is of integer type. | | test.c:29:7:29:21 | (int *)... | Integer expression integer1 is cast to a pointer type. | -| test.c:34:7:34:22 | integer_address8 | Integer variable integer_address8 is declared as an expression & ..., which is of a pointer type. | -| test.c:36:3:36:30 | ... = ... | Integer variable integer_address8 is assigned an expression & ..., which is of a pointer type. | -| test.c:38:7:38:21 | integer_address | Integer variable integer_address is declared as an expression & ..., which is of a pointer type. | -| test.c:39:7:39:20 | (int)... | Pointer expression & ... is cast to integer type. | +| test.c:34:26:34:34 | (int)... | Pointer expression & ... is implicitly cast to an integer type. | +| test.c:36:22:36:30 | (int)... | Pointer expression & ... is implicitly cast to an integer type. | +| test.c:39:7:39:20 | (int)... | Pointer expression & ... is cast to an integer type. | From 7de306dd1854b0fbd453d028e1c3611cbf9344fd Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Thu, 23 Mar 2023 18:04:30 -0700 Subject: [PATCH 0866/2573] Format test suites --- c/cert/test/rules/INT34-C/test.c | 2 +- c/misra/test/rules/RULE-7-4/test.c | 22 +++++++++++----------- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/c/cert/test/rules/INT34-C/test.c b/c/cert/test/rules/INT34-C/test.c index e72c2b44d2..44f2b28e70 100644 --- a/c/cert/test/rules/INT34-C/test.c +++ b/c/cert/test/rules/INT34-C/test.c @@ -2,7 +2,7 @@ #include #include -extern size_t popcount(uintmax_t) {}; +extern size_t popcount(uintmax_t){}; #define PRECISION(x) popcount(x) int main() { diff --git a/c/misra/test/rules/RULE-7-4/test.c b/c/misra/test/rules/RULE-7-4/test.c index 5aed71ffe7..c178915200 100644 --- a/c/misra/test/rules/RULE-7-4/test.c +++ b/c/misra/test/rules/RULE-7-4/test.c @@ -1,5 +1,5 @@ -#include #include +#include void sample1() { /* Test for plain char type */ @@ -16,15 +16,15 @@ void sample1() { /* Test for wide char type */ const wchar_t *ws1 = L"wide string1"; // COMPLIANT: string literal assigned to - // a const char* variable + // a const char* variable const register volatile wchar_t *ws2 = L"wide string2"; // COMPLIANT: string literal assigned to a const char* - // variable, don't care about the qualifiers - wchar_t *ws3 = L"wide string3"; // NON_COMPLIANT: char* variable declared to hold - // a string literal - ws3 = L"wide string4"; // NON_COMPLIANT: char* variable assigned a string - // literal (not likely to be seen in production, since - // there is strcpy) + // variable, don't care about the qualifiers + wchar_t *ws3 = L"wide string3"; // NON_COMPLIANT: char* variable declared to + // hold a string literal + ws3 = L"wide string4"; // NON_COMPLIANT: char* variable assigned a string + // literal (not likely to be seen in production, since + // there is strcpy) } /* Testing returning a plain string literal */ @@ -39,8 +39,8 @@ const char *sample2(int x) { /* Testing returning a wide string literal */ const wchar_t *w_sample2(int x) { if (x == 1) - return L"string5"; // COMPLIANT: can return a string literal with return type - // being const char* being const char* + return L"string5"; // COMPLIANT: can return a string literal with return + // type being const char* being const char* else return NULL; } @@ -56,7 +56,7 @@ char *sample3(int x) { wchar_t *w_sample3(int x) { if (x == 1) return L"string6"; // NON_COMPLIANT: can return a string literal with return - // type being char* + // type being char* else return NULL; } From fbdbff1bf350a6f2f44b51ff1e7540ecbfb50401 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Thu, 23 Mar 2023 19:06:51 -0700 Subject: [PATCH 0867/2573] Rename rule package to Types1 --- ...ftedbyNegativeOrGreaterPrecisionOperand.ql | 2 +- ...tingAPointerToIntegerOrIntegerToPointer.ql | 2 +- ...ainNumericalTypeUsedOverExplicitTypedef.ql | 2 +- .../SizeofOperatorUsedOnArrayTypeParam.ql | 2 +- .../StringLiteralAssignedToNonConstChar.ql | 2 +- .../cpp/exclusions/c/RuleMetadata.qll | 6 +- .../cpp/exclusions/c/Types.qll | 95 ---- rule_packages/c/Types.json | 482 ------------------ rules.csv | 10 +- 9 files changed, 13 insertions(+), 590 deletions(-) delete mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/Types.qll delete mode 100644 rule_packages/c/Types.json diff --git a/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql b/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql index 978dc8ccb2..1f73583cfb 100644 --- a/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql +++ b/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql @@ -129,6 +129,6 @@ predicate isForbiddenShiftExpr(BitShiftExpr shift, string message) { from BinaryBitwiseOperation badShift, string message where - not isExcluded(badShift, TypesPackage::exprShiftedbyNegativeOrGreaterPrecisionOperandQuery()) and + not isExcluded(badShift, Types1Package::exprShiftedbyNegativeOrGreaterPrecisionOperandQuery()) and isForbiddenShiftExpr(badShift, message) select badShift, message diff --git a/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql b/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql index f85f838c9e..5d8d13b0ed 100644 --- a/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql +++ b/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql @@ -70,6 +70,6 @@ predicate conversionBetweenPointerAndInteger(Cast cast, string message) { from Element elem, string message where - not isExcluded(elem, TypesPackage::convertingAPointerToIntegerOrIntegerToPointerQuery()) and + not isExcluded(elem, Types1Package::convertingAPointerToIntegerOrIntegerToPointerQuery()) and conversionBetweenPointerAndInteger(elem, message) select elem, message diff --git a/c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql b/c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql index 29dd1c16d4..16d8af6595 100644 --- a/c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql +++ b/c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql @@ -45,7 +45,7 @@ predicate forbiddenTypedef(TypedefType typedef, string message) { from Element elem, string message where - not isExcluded(elem, TypesPackage::plainNumericalTypeUsedOverExplicitTypedefQuery()) and + not isExcluded(elem, Types1Package::plainNumericalTypeUsedOverExplicitTypedefQuery()) and ( forbiddenBuiltinNumericUsedInDecl(elem, message) or forbiddenTypedef(elem, message) diff --git a/c/misra/src/rules/RULE-12-5/SizeofOperatorUsedOnArrayTypeParam.ql b/c/misra/src/rules/RULE-12-5/SizeofOperatorUsedOnArrayTypeParam.ql index 2215c819fd..3eed267198 100644 --- a/c/misra/src/rules/RULE-12-5/SizeofOperatorUsedOnArrayTypeParam.ql +++ b/c/misra/src/rules/RULE-12-5/SizeofOperatorUsedOnArrayTypeParam.ql @@ -15,7 +15,7 @@ import codingstandards.c.misra from SizeofExprOperator sizeof where - not isExcluded(sizeof, TypesPackage::sizeofOperatorUsedOnArrayTypeParamQuery()) and + not isExcluded(sizeof, Types1Package::sizeofOperatorUsedOnArrayTypeParamQuery()) and exists(Parameter param | sizeof.getExprOperand().(VariableAccess).getTarget() = param and param.getType() instanceof ArrayType diff --git a/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql b/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql index 311177e4b7..a295c91f7b 100644 --- a/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql +++ b/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql @@ -93,7 +93,7 @@ predicate returningNonConstCharVar(ReturnStmt return, string message) { from Element elem, string message where - not isExcluded(elem, TypesPackage::stringLiteralAssignedToNonConstCharQuery()) and + not isExcluded(elem, Types1Package::stringLiteralAssignedToNonConstCharQuery()) and ( declaringNonConstCharVar(elem, message) or diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index a3a2ef1758..6d56ad3073 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -52,7 +52,7 @@ import Strings1 import Strings2 import Strings3 import Syntax -import Types +import Types1 /** The TQuery type representing this language * */ newtype TCQuery = @@ -106,7 +106,7 @@ newtype TCQuery = TStrings2PackageQuery(Strings2Query q) or TStrings3PackageQuery(Strings3Query q) or TSyntaxPackageQuery(SyntaxQuery q) or - TTypesPackageQuery(TypesQuery q) + TTypes1PackageQuery(Types1Query q) /** The metadata predicate * */ predicate isQueryMetadata(Query query, string queryId, string ruleId, string category) { @@ -160,5 +160,5 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isStrings2QueryMetadata(query, queryId, ruleId, category) or isStrings3QueryMetadata(query, queryId, ruleId, category) or isSyntaxQueryMetadata(query, queryId, ruleId, category) or - isTypesQueryMetadata(query, queryId, ruleId, category) + isTypes1QueryMetadata(query, queryId, ruleId, category) } diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Types.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Types.qll deleted file mode 100644 index 970e07f6c9..0000000000 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/Types.qll +++ /dev/null @@ -1,95 +0,0 @@ -//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ -import cpp -import RuleMetadata -import codingstandards.cpp.exclusions.RuleMetadata - -newtype TypesQuery = - TExprShiftedbyNegativeOrGreaterPrecisionOperandQuery() or - TConvertingAPointerToIntegerOrIntegerToPointerQuery() or - TPlainNumericalTypeUsedOverExplicitTypedefQuery() or - TSizeofOperatorUsedOnArrayTypeParamQuery() or - TStringLiteralAssignedToNonConstCharQuery() - -predicate isTypesQueryMetadata(Query query, string queryId, string ruleId, string category) { - query = - // `Query` instance for the `exprShiftedbyNegativeOrGreaterPrecisionOperand` query - TypesPackage::exprShiftedbyNegativeOrGreaterPrecisionOperandQuery() and - queryId = - // `@id` for the `exprShiftedbyNegativeOrGreaterPrecisionOperand` query - "c/cert/expr-shiftedby-negative-or-greater-precision-operand" and - ruleId = "INT34-C" and - category = "rule" - or - query = - // `Query` instance for the `convertingAPointerToIntegerOrIntegerToPointer` query - TypesPackage::convertingAPointerToIntegerOrIntegerToPointerQuery() and - queryId = - // `@id` for the `convertingAPointerToIntegerOrIntegerToPointer` query - "c/cert/converting-a-pointer-to-integer-or-integer-to-pointer" and - ruleId = "INT36-C" and - category = "rule" - or - query = - // `Query` instance for the `plainNumericalTypeUsedOverExplicitTypedef` query - TypesPackage::plainNumericalTypeUsedOverExplicitTypedefQuery() and - queryId = - // `@id` for the `plainNumericalTypeUsedOverExplicitTypedef` query - "c/misra/plain-numerical-type-used-over-explicit-typedef" and - ruleId = "DIR-4-6" and - category = "advisory" - or - query = - // `Query` instance for the `sizeofOperatorUsedOnArrayTypeParam` query - TypesPackage::sizeofOperatorUsedOnArrayTypeParamQuery() and - queryId = - // `@id` for the `sizeofOperatorUsedOnArrayTypeParam` query - "c/misra/sizeof-operator-used-on-array-type-param" and - ruleId = "RULE-12-5" and - category = "mandatory" - or - query = - // `Query` instance for the `stringLiteralAssignedToNonConstChar` query - TypesPackage::stringLiteralAssignedToNonConstCharQuery() and - queryId = - // `@id` for the `stringLiteralAssignedToNonConstChar` query - "c/misra/string-literal-assigned-to-non-const-char" and - ruleId = "RULE-7-4" and - category = "required" -} - -module TypesPackage { - Query exprShiftedbyNegativeOrGreaterPrecisionOperandQuery() { - //autogenerate `Query` type - result = - // `Query` type for `exprShiftedbyNegativeOrGreaterPrecisionOperand` query - TQueryC(TTypesPackageQuery(TExprShiftedbyNegativeOrGreaterPrecisionOperandQuery())) - } - - Query convertingAPointerToIntegerOrIntegerToPointerQuery() { - //autogenerate `Query` type - result = - // `Query` type for `convertingAPointerToIntegerOrIntegerToPointer` query - TQueryC(TTypesPackageQuery(TConvertingAPointerToIntegerOrIntegerToPointerQuery())) - } - - Query plainNumericalTypeUsedOverExplicitTypedefQuery() { - //autogenerate `Query` type - result = - // `Query` type for `plainNumericalTypeUsedOverExplicitTypedef` query - TQueryC(TTypesPackageQuery(TPlainNumericalTypeUsedOverExplicitTypedefQuery())) - } - - Query sizeofOperatorUsedOnArrayTypeParamQuery() { - //autogenerate `Query` type - result = - // `Query` type for `sizeofOperatorUsedOnArrayTypeParam` query - TQueryC(TTypesPackageQuery(TSizeofOperatorUsedOnArrayTypeParamQuery())) - } - - Query stringLiteralAssignedToNonConstCharQuery() { - //autogenerate `Query` type - result = - // `Query` type for `stringLiteralAssignedToNonConstChar` query - TQueryC(TTypesPackageQuery(TStringLiteralAssignedToNonConstCharQuery())) - } -} diff --git a/rule_packages/c/Types.json b/rule_packages/c/Types.json deleted file mode 100644 index aa9e8d3fef..0000000000 --- a/rule_packages/c/Types.json +++ /dev/null @@ -1,482 +0,0 @@ -{ - "CERT-C": { - "FLP32-C": { - "properties": { - "obligation": "rule" - }, - "queries": [ - { - "description": "TODO.", - "kind": "problem", - "name": "Prevent or detect domain and range errors in math functions", - "precision": "very-high", - "severity": "error", - "short_name": "PreventOrDetectDomainAndRangeErrorsInMathFunctions", - "tags": [] - } - ], - "title": "Prevent or detect domain and range errors in math functions" - }, - "FLP34-C": { - "properties": { - "obligation": "rule" - }, - "queries": [ - { - "description": "TODO.", - "kind": "problem", - "name": "Ensure that floating-point conversions are within range of the new type", - "precision": "very-high", - "severity": "error", - "short_name": "EnsureThatFloatingPointConversionsAreWithinRangeOf", - "tags": [] - } - ], - "title": "Ensure that floating-point conversions are within range of the new type" - }, - "FLP36-C": { - "properties": { - "obligation": "rule" - }, - "queries": [ - { - "description": "TODO.", - "kind": "problem", - "name": "Preserve precision when converting integral values to floating-point type", - "precision": "very-high", - "severity": "error", - "short_name": "PreservePrecisionWhenConverting", - "tags": [] - } - ], - "title": "Preserve precision when converting integral values to floating-point type" - }, - "FLP37-C": { - "properties": { - "obligation": "rule" - }, - "queries": [ - { - "description": "TODO.", - "kind": "problem", - "name": "Do not use object representations to compare floating-point values", - "precision": "very-high", - "severity": "error", - "short_name": "DoNotUseObjectRepresentations", - "tags": [] - } - ], - "title": "Do not use object representations to compare floating-point values" - }, - "INT30-C": { - "properties": { - "obligation": "rule" - }, - "queries": [ - { - "description": "TODO.", - "kind": "problem", - "name": "Ensure that unsigned integer operations do not wrap", - "precision": "high", - "severity": "error", - "short_name": "EnsureThatUnsigne", - "tags": [] - } - ], - "title": "Ensure that unsigned integer operations do not wrap" - }, - "INT31-C": { - "properties": { - "obligation": "rule" - }, - "queries": [ - { - "description": "TODO.", - "kind": "problem", - "name": "Ensure that integer conversions do not result in lost or misinterpreted data", - "precision": "high", - "severity": "error", - "short_name": "EnsureThatIntegerConversionsD", - "tags": [] - } - ], - "title": "Ensure that integer conversions do not result in lost or misinterpreted data" - }, - "INT32-C": { - "properties": { - "obligation": "rule" - }, - "queries": [ - { - "description": "TODO.", - "kind": "problem", - "name": "Ensure that operations on signed integers do not result in overflow", - "precision": "high", - "severity": "error", - "short_name": "EnsureThatOperationsOnSignedInt", - "tags": [] - } - ], - "title": "Ensure that operations on signed integers do not result in overflow" - }, - "INT33-C": { - "properties": { - "obligation": "rule" - }, - "queries": [ - { - "description": "TODO.", - "kind": "problem", - "name": "Ensure that division and remainder operations do not result in divide-by-zero errors", - "precision": "high", - "severity": "error", - "short_name": "EnsureThatDivisionAndRemainderO", - "tags": [] - } - ], - "title": "Ensure that division and remainder operations do not result in divide-by-zero errors" - }, - "INT34-C": { - "properties": { - "obligation": "rule" - }, - "queries": [ - { - "description": "Shifting an expression by an operand that is negative or of precision greater or equal to that or the another causes representational error.", - "kind": "problem", - "name": "Bit shift should not be done by a negative operand or an operand of greater-or-equal precision than that of another", - "precision": "very-high", - "severity": "error", - "short_name": "ExprShiftedbyNegativeOrGreaterPrecisionOperand", - "tags": [] - } - ], - "title": "Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand" - }, - "INT35-C": { - "properties": { - "obligation": "rule" - }, - "queries": [ - { - "description": "TODO.", - "kind": "problem", - "name": "Use correct integer precisions", - "precision": "high", - "severity": "error", - "short_name": "UseCorrectIntegerPrecisions", - "tags": [] - } - ], - "title": "Use correct integer precisions" - }, - "INT36-C": { - "properties": { - "obligation": "rule" - }, - "queries": [ - { - "description": "Converting between pointers and integers is not portable and might cause invalid memory access.", - "kind": "problem", - "name": "Do not convert pointers to integers and back", - "precision": "very-high", - "severity": "error", - "short_name": "ConvertingAPointerToIntegerOrIntegerToPointer", - "tags": [] - } - ], - "title": "Converting a pointer to integer or integer to pointer" - } - }, - "MISRA-C-2012": { - "DIR-4-6": { - "properties": { - "obligation": "advisory" - }, - "queries": [ - { - "description": "Using plain numerical types over typedefs with explicit sign and bit counts may lead to confusion on how much bits are allocated for a value.", - "kind": "problem", - "name": "Do not use plain numerical types over typedefs named after their explicit bit layout", - "precision": "high", - "severity": "error", - "short_name": "PlainNumericalTypeUsedOverExplicitTypedef", - "tags": [] - } - ], - "title": "typedefs that indicate size and signedness should be used in place of the basic numerical types" - }, - "RULE-10-1": { - "properties": { - "obligation": "required" - }, - "queries": [ - { - "description": "TODO.", - "kind": "problem", - "name": "Operands shall not be of an inappropriate essential type", - "precision": "high", - "severity": "error", - "short_name": "OperandsOfAnInappropriateEssentialType", - "tags": [] - } - ], - "title": "Operands shall not be of an inappropriate essential type" - }, - "RULE-10-2": { - "properties": { - "obligation": "required" - }, - "queries": [ - { - "description": "Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations.", - "kind": "problem", - "name": "Expressions of essentially character type shall not be used inappropriately in addition and", - "precision": "very-high", - "severity": "error", - "short_name": "ExpressionsOfEssentiallyCharacterTypeUse", - "tags": [] - } - ], - "title": "Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations" - }, - "RULE-10-3": { - "properties": { - "obligation": "required" - }, - "queries": [ - { - "description": "The value of an expression shall not be assigned to an object with a narrower essential type or of a different essential type category.", - "kind": "problem", - "name": "The value of an expression shall not be assigned to an object with a narrower essential type or of a", - "precision": "high", - "severity": "error", - "short_name": "ValueOfAnExpressionAssignedToAnObjectWit", - "tags": [] - } - ], - "title": "The value of an expression shall not be assigned to an object with a narrower essential type or of a different essential type category" - }, - "RULE-10-4": { - "properties": { - "obligation": "required" - }, - "queries": [ - { - "description": "Both operands of an operator in which the usual arithmetic conversions are performed shall have the same essential type category.", - "kind": "problem", - "name": "Both operands of an operator in which the usual arithmetic conversions are performed shall have the", - "precision": "very-high", - "severity": "error", - "short_name": "BothOperandsOfAnOperatorInWhichT", - "tags": [] - } - ], - "title": "Both operands of an operator in which the usual arithmetic conversions are performed shall have the same essential type category" - }, - "RULE-10-5": { - "properties": { - "obligation": "advisory" - }, - "queries": [ - { - "description": "TODO.", - "kind": "problem", - "name": "The value of an expression should not be cast to an inappropriate essential type", - "precision": "very-high", - "severity": "error", - "short_name": "ValueOfAnExpressionShouldNotBe", - "tags": [] - } - ], - "title": "The value of an expression should not be cast to an inappropriate essential type" - }, - "RULE-10-6": { - "properties": { - "obligation": "required" - }, - "queries": [ - { - "description": "TODO.", - "kind": "problem", - "name": "The value of a composite expression shall not be assigned to an object with wider essential type", - "precision": "very-high", - "severity": "error", - "short_name": "ValueOfACompositeExpressionA", - "tags": [] - } - ], - "title": "The value of a composite expression shall not be assigned to an object with wider essential type" - }, - "RULE-10-7": { - "properties": { - "obligation": "required" - }, - "queries": [ - { - "description": "If a composite expression is used as one operand of an operator in which the usual arithmetic conversions are performed then the other operand shall not have wider essential type.", - "kind": "problem", - "name": "If a composite expression is used as one operand of an operator in which the usual arithmetic", - "precision": "very-high", - "severity": "error", - "short_name": "IfACompositeExpressionIsUsedAsOneOperandO", - "tags": [] - } - ], - "title": "If a composite expression is used as one operand of an operator in which the usual arithmetic conversions are performed then the other operand shall not have wider essential type" - }, - "RULE-10-8": { - "properties": { - "obligation": "required" - }, - "queries": [ - { - "description": "The value of a composite expression shall not be cast to a different essential type category or a wider essential type.", - "kind": "problem", - "name": "The value of a composite expression shall not be cast to a different essential type category or a", - "precision": "very-high", - "severity": "error", - "short_name": "ValueOfACompositeExpressionCastTo", - "tags": [] - } - ], - "title": "The value of a composite expression shall not be cast to a different essential type category or a wider essential type" - }, - "RULE-12-4": { - "properties": { - "obligation": "advisory" - }, - "queries": [ - { - "description": "TODO.", - "kind": "problem", - "name": "Evaluation of constant expressions should not lead to unsigned integer wrap-around", - "precision": "very-high", - "severity": "error", - "short_name": "EvaluationOfConstantExpres", - "tags": [] - } - ], - "title": "Evaluation of constant expressions should not lead to unsigned integer wrap-around" - }, - "RULE-12-5": { - "properties": { - "obligation": "mandatory" - }, - "queries": [ - { - "description": "Using sizeof operator on an array type function parameter leads to unintended results.", - "kind": "problem", - "name": "The sizeof operator should not be used on an array type function parameter", - "precision": "very-high", - "severity": "error", - "short_name": "SizeofOperatorUsedOnArrayTypeParam", - "tags": [] - } - ], - "title": "The sizeof operator shall not have an operand which is a function parameter declared as 'array of type'" - }, - "RULE-14-1": { - "properties": { - "obligation": "required" - }, - "queries": [ - { - "description": "TODO.", - "kind": "problem", - "name": "A loop counter shall not have essentially floating type", - "precision": "high", - "severity": "error", - "short_name": "LoopCounterHaveEssentiallyFloatingType", - "tags": [] - } - ], - "title": "A loop counter shall not have essentially floating type" - }, - "RULE-21-13": { - "properties": { - "obligation": "mandatory" - }, - "queries": [ - { - "description": "Any value passed to a function in shall be representable as an unsigned char or be the value EOF.", - "kind": "problem", - "name": "Any value passed to a function in shall be representable as an unsigned char or be the", - "precision": "very-high", - "severity": "error", - "short_name": "ValuePassedToAFunctionInCtypehN", - "tags": [] - } - ], - "title": "Any value passed to a function in shall be representable as an unsigned char or be the value EOF" - }, - "RULE-21-14": { - "properties": { - "obligation": "required" - }, - "queries": [ - { - "description": "TODO.", - "kind": "problem", - "name": "The Standard Library function memcmp shall not be used to compare null terminated strings", - "precision": "high", - "severity": "error", - "short_name": "StandardLibraryFunctionMemcmp", - "tags": [] - } - ], - "title": "The Standard Library function memcmp shall not be used to compare null terminated strings" - }, - "RULE-21-15": { - "properties": { - "obligation": "required" - }, - "queries": [ - { - "description": "The pointer arguments to the Standard Library functions memcpy, memmove and memcmp shall be pointers to qualified or unqualified versions of compatible types.", - "kind": "problem", - "name": "The pointer arguments to the Standard Library functions memcpy, memmove and memcmp shall be pointers", - "precision": "very-high", - "severity": "error", - "short_name": "PointerArgumentsToTheStandardLibraryFunctionsM", - "tags": [] - } - ], - "title": "The pointer arguments to the Standard Library functions memcpy, memmove and memcmp shall be pointers to qualified or unqualified versions of compatible types" - }, - "RULE-21-16": { - "properties": { - "obligation": "required" - }, - "queries": [ - { - "description": "The pointer arguments to the Standard Library function memcmp shall point to either a pointer type, an essentially signed type, an essentially unsigned type, an essentially Boolean type or an essentially enum type.", - "kind": "problem", - "name": "The pointer arguments to the Standard Library function memcmp shall point to either a pointer type,", - "precision": "very-high", - "severity": "error", - "short_name": "PointerArgumentsToTheStandardLibraryFunctionM", - "tags": [] - } - ], - "title": "The pointer arguments to the Standard Library function memcmp shall point to either a pointer type, an essentially signed type, an essentially unsigned type, an essentially Boolean type or an essentially enum type" - }, - "RULE-7-4": { - "properties": { - "obligation": "required" - }, - "queries": [ - { - "description": "Assigning string literal to a variable with type other than a pointer to const char and modifying it causes undefined behavior .", - "kind": "problem", - "name": "A string literal shall only be assigned to a pointer to const char", - "precision": "very-high", - "severity": "error", - "short_name": "StringLiteralAssignedToNonConstChar", - "tags": [] - } - ], - "title": "A string literal shall not be assigned to an object unless the object's type is 'pointer to const-qualified char'" - } - } -} \ No newline at end of file diff --git a/rules.csv b/rules.csv index 29bd7f2038..bd62b08063 100644 --- a/rules.csv +++ b/rules.csv @@ -552,9 +552,9 @@ c,CERT-C,INT30-C,Yes,Rule,,,Ensure that unsigned integer operations do not wrap, c,CERT-C,INT31-C,Yes,Rule,,,Ensure that integer conversions do not result in lost or misinterpreted data,A4-7-1,Types,Hard, c,CERT-C,INT32-C,Yes,Rule,,,Ensure that operations on signed integers do not result in overflow,A4-7-1,Types,Hard, c,CERT-C,INT33-C,Yes,Rule,,,Ensure that division and remainder operations do not result in divide-by-zero errors,,Types,Hard, -c,CERT-C,INT34-C,Yes,Rule,,,Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand,M5-8-1,Types,Import, +c,CERT-C,INT34-C,Yes,Rule,,,Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand,M5-8-1,Types1,Import, c,CERT-C,INT35-C,Yes,Rule,,,Use correct integer precisions,,Types,Hard, -c,CERT-C,INT36-C,Yes,Rule,,,Converting a pointer to integer or integer to pointer,M5-2-9,Types,Easy, +c,CERT-C,INT36-C,Yes,Rule,,,Converting a pointer to integer or integer to pointer,M5-2-9,Types1,Easy, c,CERT-C,MEM30-C,Yes,Rule,,,Do not access freed memory,MEM50-CPP,InvalidMemory1,Import, c,CERT-C,MEM31-C,Yes,Rule,,,Free dynamically allocated memory when no longer needed,,Memory2,Very Hard, c,CERT-C,MEM33-C,Yes,Rule,,,Allocate and copy structures containing a flexible array member dynamically,,Memory2,Very Hard, @@ -607,7 +607,7 @@ c,MISRA-C-2012,DIR-4-2,Yes,Advisory,,,All usage of assembly language should be d c,MISRA-C-2012,DIR-4-3,Yes,Required,,,Assembly language shall be encapsulated and isolated,,Language1,Medium, c,MISRA-C-2012,DIR-4-4,Yes,Advisory,,,Sections of code should not be commented out,A2-7-2,Syntax,Import, c,MISRA-C-2012,DIR-4-5,Yes,Advisory,,,Identifiers in the same name space with overlapping visibility should be typographically unambiguous,M2-10-1,Syntax,Easy, -c,MISRA-C-2012,DIR-4-6,Yes,Advisory,,,typedefs that indicate size and signedness should be used in place of the basic numerical types,,Types,Hard, +c,MISRA-C-2012,DIR-4-6,Yes,Advisory,,,typedefs that indicate size and signedness should be used in place of the basic numerical types,,Types1,Hard, c,MISRA-C-2012,DIR-4-7,Yes,Required,,,"If a function returns error information, then that error information shall be tested",M0-3-2,Contracts,Import, c,MISRA-C-2012,DIR-4-8,Yes,Advisory,,,"If a pointer to a structure or union is never dereferenced within a translation unit, then the implementation of the object should be hidden",,Pointers1,Medium, c,MISRA-C-2012,DIR-4-9,Yes,Advisory,,,A function should be used in preference to a function-like macro where they are interchangeable,,Preprocessor6,Medium,Audit @@ -645,7 +645,7 @@ c,MISRA-C-2012,RULE-6-2,Yes,Required,,,Single-bit named bit fields shall not be c,MISRA-C-2012,RULE-7-1,Yes,Required,,,Octal constants shall not be used,M2-13-2,Banned,Import, c,MISRA-C-2012,RULE-7-2,Yes,Required,,,A �u� or �U� suffix shall be applied to all integer constants that are represented in an unsigned type,M2-13-3,Syntax,Easy, c,MISRA-C-2012,RULE-7-3,Yes,Required,,,The lowercase character �l� shall not be used in a literal suffix,M2-13-4,Syntax,Easy, -c,MISRA-C-2012,RULE-7-4,Yes,Required,,,A string literal shall not be assigned to an object unless the object�s type is �pointer to const-qualified char�,A2-13-4,Types,Easy, +c,MISRA-C-2012,RULE-7-4,Yes,Required,,,A string literal shall not be assigned to an object unless the object�s type is �pointer to const-qualified char�,A2-13-4,Types1,Easy, c,MISRA-C-2012,RULE-8-1,Yes,Required,,,Types shall be explicitly specified,,Declarations3,Medium, c,MISRA-C-2012,RULE-8-2,Yes,Required,,,Function types shall be in prototype form with named parameters,,Declarations4,Medium, c,MISRA-C-2012,RULE-8-3,Yes,Required,,,All declarations of an object or function shall use the same names and type qualifiers,M3-2-1,Declarations4,Medium, @@ -686,7 +686,7 @@ c,MISRA-C-2012,RULE-12-1,Yes,Advisory,,,The precedence of operators within expre c,MISRA-C-2012,RULE-12-2,Yes,Required,,,The right hand operand of a shift operator shall lie in the range zero to one less than the width in bits of the essential type of the left hand operand,,Contracts,Medium, c,MISRA-C-2012,RULE-12-3,Yes,Advisory,,,The comma operator should not be used,M5-18-1,Banned,Import, c,MISRA-C-2012,RULE-12-4,Yes,Advisory,,,Evaluation of constant expressions should not lead to unsigned integer wrap-around,INT30-C,Types,Easy, -c,MISRA-C-2012,RULE-12-5,Yes,Mandatory,,,The sizeof operator shall not have an operand which is a function parameter declared as �array of type�,,Types,Medium, +c,MISRA-C-2012,RULE-12-5,Yes,Mandatory,,,The sizeof operator shall not have an operand which is a function parameter declared as �array of type�,,Types1,Medium, c,MISRA-C-2012,RULE-13-1,Yes,Required,,,Initializer lists shall not contain persistent side effects,,SideEffects1,Medium, c,MISRA-C-2012,RULE-13-2,Yes,Required,,,The value of an expression and its persistent side effects shall be the same under all permitted evaluation orders,PRE31-C,SideEffects,Medium, c,MISRA-C-2012,RULE-13-3,Yes,Advisory,,,A full expression containing an increment (++) or decrement (--) operator should have no other potential side effects other than that caused by the increment or decrement operator,,SideEffects2,Medium, From 7a6fb0b21a68bcd71635be895a846c607ab58799 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Thu, 23 Mar 2023 19:09:31 -0700 Subject: [PATCH 0868/2573] Add missing metadata files --- .../cpp/exclusions/c/Types1.qll | 95 +++++++++++++++++++ rule_packages/c/Types1.json | 91 ++++++++++++++++++ 2 files changed, 186 insertions(+) create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/Types1.qll create mode 100644 rule_packages/c/Types1.json diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Types1.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Types1.qll new file mode 100644 index 0000000000..ab7333b4c0 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Types1.qll @@ -0,0 +1,95 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype Types1Query = + TExprShiftedbyNegativeOrGreaterPrecisionOperandQuery() or + TConvertingAPointerToIntegerOrIntegerToPointerQuery() or + TPlainNumericalTypeUsedOverExplicitTypedefQuery() or + TSizeofOperatorUsedOnArrayTypeParamQuery() or + TStringLiteralAssignedToNonConstCharQuery() + +predicate isTypes1QueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `exprShiftedbyNegativeOrGreaterPrecisionOperand` query + Types1Package::exprShiftedbyNegativeOrGreaterPrecisionOperandQuery() and + queryId = + // `@id` for the `exprShiftedbyNegativeOrGreaterPrecisionOperand` query + "c/cert/expr-shiftedby-negative-or-greater-precision-operand" and + ruleId = "INT34-C" and + category = "rule" + or + query = + // `Query` instance for the `convertingAPointerToIntegerOrIntegerToPointer` query + Types1Package::convertingAPointerToIntegerOrIntegerToPointerQuery() and + queryId = + // `@id` for the `convertingAPointerToIntegerOrIntegerToPointer` query + "c/cert/converting-a-pointer-to-integer-or-integer-to-pointer" and + ruleId = "INT36-C" and + category = "rule" + or + query = + // `Query` instance for the `plainNumericalTypeUsedOverExplicitTypedef` query + Types1Package::plainNumericalTypeUsedOverExplicitTypedefQuery() and + queryId = + // `@id` for the `plainNumericalTypeUsedOverExplicitTypedef` query + "c/misra/plain-numerical-type-used-over-explicit-typedef" and + ruleId = "DIR-4-6" and + category = "advisory" + or + query = + // `Query` instance for the `sizeofOperatorUsedOnArrayTypeParam` query + Types1Package::sizeofOperatorUsedOnArrayTypeParamQuery() and + queryId = + // `@id` for the `sizeofOperatorUsedOnArrayTypeParam` query + "c/misra/sizeof-operator-used-on-array-type-param" and + ruleId = "RULE-12-5" and + category = "mandatory" + or + query = + // `Query` instance for the `stringLiteralAssignedToNonConstChar` query + Types1Package::stringLiteralAssignedToNonConstCharQuery() and + queryId = + // `@id` for the `stringLiteralAssignedToNonConstChar` query + "c/misra/string-literal-assigned-to-non-const-char" and + ruleId = "RULE-7-4" and + category = "required" +} + +module Types1Package { + Query exprShiftedbyNegativeOrGreaterPrecisionOperandQuery() { + //autogenerate `Query` type + result = + // `Query` type for `exprShiftedbyNegativeOrGreaterPrecisionOperand` query + TQueryC(TTypes1PackageQuery(TExprShiftedbyNegativeOrGreaterPrecisionOperandQuery())) + } + + Query convertingAPointerToIntegerOrIntegerToPointerQuery() { + //autogenerate `Query` type + result = + // `Query` type for `convertingAPointerToIntegerOrIntegerToPointer` query + TQueryC(TTypes1PackageQuery(TConvertingAPointerToIntegerOrIntegerToPointerQuery())) + } + + Query plainNumericalTypeUsedOverExplicitTypedefQuery() { + //autogenerate `Query` type + result = + // `Query` type for `plainNumericalTypeUsedOverExplicitTypedef` query + TQueryC(TTypes1PackageQuery(TPlainNumericalTypeUsedOverExplicitTypedefQuery())) + } + + Query sizeofOperatorUsedOnArrayTypeParamQuery() { + //autogenerate `Query` type + result = + // `Query` type for `sizeofOperatorUsedOnArrayTypeParam` query + TQueryC(TTypes1PackageQuery(TSizeofOperatorUsedOnArrayTypeParamQuery())) + } + + Query stringLiteralAssignedToNonConstCharQuery() { + //autogenerate `Query` type + result = + // `Query` type for `stringLiteralAssignedToNonConstChar` query + TQueryC(TTypes1PackageQuery(TStringLiteralAssignedToNonConstCharQuery())) + } +} diff --git a/rule_packages/c/Types1.json b/rule_packages/c/Types1.json new file mode 100644 index 0000000000..fae0339d3c --- /dev/null +++ b/rule_packages/c/Types1.json @@ -0,0 +1,91 @@ +{ + "CERT-C": { + "INT34-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Shifting an expression by an operand that is negative or of precision greater or equal to that or the another causes representational error.", + "kind": "problem", + "name": "Bit shift should not be done by a negative operand or an operand of greater-or-equal precision than that of another", + "precision": "very-high", + "severity": "error", + "short_name": "ExprShiftedbyNegativeOrGreaterPrecisionOperand", + "tags": [] + } + ], + "title": "Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand" + }, + "INT36-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Converting between pointers and integers is not portable and might cause invalid memory access.", + "kind": "problem", + "name": "Do not convert pointers to integers and back", + "precision": "very-high", + "severity": "error", + "short_name": "ConvertingAPointerToIntegerOrIntegerToPointer", + "tags": [] + } + ], + "title": "Converting a pointer to integer or integer to pointer" + } + }, + "MISRA-C-2012": { + "DIR-4-6": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "Using plain numerical types over typedefs with explicit sign and bit counts may lead to confusion on how much bits are allocated for a value.", + "kind": "problem", + "name": "Do not use plain numerical types over typedefs named after their explicit bit layout", + "precision": "high", + "severity": "error", + "short_name": "PlainNumericalTypeUsedOverExplicitTypedef", + "tags": [] + } + ], + "title": "typedefs that indicate size and signedness should be used in place of the basic numerical types" + }, + "RULE-12-5": { + "properties": { + "obligation": "mandatory" + }, + "queries": [ + { + "description": "Using sizeof operator on an array type function parameter leads to unintended results.", + "kind": "problem", + "name": "The sizeof operator should not be used on an array type function parameter", + "precision": "very-high", + "severity": "error", + "short_name": "SizeofOperatorUsedOnArrayTypeParam", + "tags": [] + } + ], + "title": "The sizeof operator shall not have an operand which is a function parameter declared as 'array of type'" + }, + "RULE-7-4": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "Assigning string literal to a variable with type other than a pointer to const char and modifying it causes undefined behavior .", + "kind": "problem", + "name": "A string literal shall only be assigned to a pointer to const char", + "precision": "very-high", + "severity": "error", + "short_name": "StringLiteralAssignedToNonConstChar", + "tags": [] + } + ], + "title": "A string literal shall not be assigned to an object unless the object's type is 'pointer to const-qualified char'" + } + } +} From 08956e147f04309bc429122578e4e6029ee187ba Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Thu, 23 Mar 2023 19:15:37 -0700 Subject: [PATCH 0869/2573] Add parameter name to INT34-C popcount --- c/cert/test/rules/INT34-C/test.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/cert/test/rules/INT34-C/test.c b/c/cert/test/rules/INT34-C/test.c index 44f2b28e70..c47df4b55d 100644 --- a/c/cert/test/rules/INT34-C/test.c +++ b/c/cert/test/rules/INT34-C/test.c @@ -2,7 +2,7 @@ #include #include -extern size_t popcount(uintmax_t){}; +extern size_t popcount(uintmax_t x){}; #define PRECISION(x) popcount(x) int main() { From 7528819156c8156db3146bd9070d7928e81ddc03 Mon Sep 17 00:00:00 2001 From: Anders Schack-Mulligen Date: Fri, 24 Mar 2023 08:43:47 +0100 Subject: [PATCH 0870/2573] Update DoNotPerformFileOperationsOnDevices.ql Rename references to data flow --- .../src/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.ql | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/c/cert/src/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.ql b/c/cert/src/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.ql index 89e1f9e133..5784e820d9 100644 --- a/c/cert/src/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.ql +++ b/c/cert/src/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.ql @@ -89,7 +89,7 @@ module TaintedPathConfiguration implements DataFlow::ConfigSig { } } -module TaintedPath = TaintTracking::Make; +module TaintedPath = TaintTracking::Global; from FileFunction fileFunction, Expr taintedArg, FlowSource taintSource, @@ -98,7 +98,7 @@ where not isExcluded(taintedArg, IO3Package::doNotPerformFileOperationsOnDevicesQuery()) and taintedArg = sinkNode.getNode().asIndirectArgument() and fileFunction.outermostWrapperFunctionCall(taintedArg, callChain) and - TaintedPath::hasFlowPath(sourceNode, sinkNode) and + TaintedPath::flowPath(sourceNode, sinkNode) and taintSource = sourceNode.getNode() select taintedArg, sourceNode, sinkNode, "This argument to a file access function is derived from $@ and then passed to " + callChain + ".", From a44af85395e4f845b3f6ea67a74db253c26b0d6a Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 24 Mar 2023 13:31:25 +0000 Subject: [PATCH 0871/2573] FLP34-C: Support all forms of fabs/log2 --- .../UncheckedFloatingPointConversion.ql | 10 +++++----- c/cert/test/rules/FLP34-C/test.c | 18 ++++++++++++++++++ 2 files changed, 23 insertions(+), 5 deletions(-) diff --git a/c/cert/src/rules/FLP34-C/UncheckedFloatingPointConversion.ql b/c/cert/src/rules/FLP34-C/UncheckedFloatingPointConversion.ql index aed376d22e..4637985076 100644 --- a/c/cert/src/rules/FLP34-C/UncheckedFloatingPointConversion.ql +++ b/c/cert/src/rules/FLP34-C/UncheckedFloatingPointConversion.ql @@ -75,18 +75,18 @@ where withinIntegralRange(underlyingTypeAfter, [upperBound(c.getExpr()), lowerBound(c.getExpr())]) or // Heuristic - is there are guard the abs value of the float can fit in the precision of an int? - exists(GuardCondition gc, FunctionCall log2f, FunctionCall fabsf, Expr precision | + exists(GuardCondition gc, FunctionCall log2, FunctionCall fabs, Expr precision | // gc.controls(c, false) and - log2f.getTarget().hasGlobalOrStdName("log2f") and - fabsf.getTarget().hasGlobalOrStdName("fabsf") and - log2f.getArgument(0) = fabsf and + log2.getTarget().hasGlobalOrStdName("log2" + ["", "l", "f"]) and + fabs.getTarget().hasGlobalOrStdName("fabs" + ["", "l", "f"]) and + log2.getArgument(0) = fabs and // Precision is either a macro expansion or function call ( precision.(FunctionCall).getTarget() instanceof PopCount or precision = any(PrecisionMacro pm).getAnInvocation().getExpr() ) and - gc.ensuresLt(precision, log2f, 0, c.getExpr().getBasicBlock(), false) + gc.ensuresLt(precision, log2, 0, c.getExpr().getBasicBlock(), false) ) ) select c, "Conversion of float to integer without appropriate guards avoiding undefined behavior." diff --git a/c/cert/test/rules/FLP34-C/test.c b/c/cert/test/rules/FLP34-C/test.c index 9a77618ee4..0b60a40029 100644 --- a/c/cert/test/rules/FLP34-C/test.c +++ b/c/cert/test/rules/FLP34-C/test.c @@ -28,10 +28,28 @@ size_t popcount(uintmax_t num) { #define PRECISION(umax_value) popcount(umax_value) void test_precision_check(float f) { + if (isnan(f) || PRECISION(INT_MAX) < log2(fabs(f)) || + (f != 0.0F && fabs(f) < FLT_MIN)) { + /* Handle error */ + } else { + int i = f; // COMPLIANT + } +} + +void test_precision_check_double(double f) { if (isnan(f) || PRECISION(INT_MAX) < log2f(fabsf(f)) || (f != 0.0F && fabsf(f) < FLT_MIN)) { /* Handle error */ } else { int i = f; // COMPLIANT } +} + +void test_precision_check_long_double(long double f) { + if (isnan(f) || PRECISION(INT_MAX) < log2l(fabsl(f)) || + (f != 0.0F && fabsl(f) < FLT_MIN)) { + /* Handle error */ + } else { + int i = f; // COMPLIANT + } } \ No newline at end of file From 97a33e4e6ada2d12185c41203b5decb88f13b5eb Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Fri, 24 Mar 2023 10:06:39 -0700 Subject: [PATCH 0872/2573] Update .expected for INT34-C --- ...NegativeOrGreaterPrecisionOperand.expected | 518 ++++++++---------- 1 file changed, 243 insertions(+), 275 deletions(-) diff --git a/c/cert/test/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.expected b/c/cert/test/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.expected index f7d45166f3..5ac7e8a05a 100644 --- a/c/cert/test/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.expected +++ b/c/cert/test/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.expected @@ -1,275 +1,243 @@ -| test.c:20:3:20:10 | ... << ... | The operand x0 is shifted by an expression x0 which is greater than or equal to in precision. | -| test.c:23:3:23:10 | ... << ... | The operand x0 is shifted by an expression x3 which is greater than or equal to in precision. | -| test.c:24:3:24:10 | ... << ... | The operand x0 is shifted by an expression x4 which is greater than or equal to in precision. | -| test.c:25:3:25:10 | ... << ... | The operand x0 is shifted by an expression x5 which is greater than or equal to in precision. | -| test.c:26:3:26:10 | ... << ... | The operand x0 is shifted by an expression x6 which is greater than or equal to in precision. | -| test.c:27:3:27:10 | ... << ... | The operand x0 is shifted by an expression x7 which is greater than or equal to in precision. | -| test.c:28:3:28:10 | ... << ... | The operand x0 is shifted by an expression x8 which is greater than or equal to in precision. | -| test.c:29:3:29:10 | ... << ... | The operand x0 is shifted by an expression x9 which is greater than or equal to in precision. | -| test.c:30:3:30:11 | ... << ... | The operand x0 is shifted by an expression x10 which is greater than or equal to in precision. | -| test.c:31:3:31:11 | ... << ... | The operand x0 is shifted by an expression x11 which is greater than or equal to in precision. | -| test.c:32:3:32:11 | ... << ... | The operand x0 is shifted by an expression x12 which is greater than or equal to in precision. | -| test.c:33:3:33:11 | ... << ... | The operand x0 is shifted by an expression x13 which is greater than or equal to in precision. | -| test.c:34:3:34:11 | ... << ... | The operand x0 is shifted by an expression x14 which is greater than or equal to in precision. | -| test.c:35:3:35:10 | ... << ... | The operand x1 is shifted by an expression x0 which is greater than or equal to in precision. | -| test.c:36:3:36:10 | ... << ... | The operand x1 is shifted by an expression x1 which is greater than or equal to in precision. | -| test.c:37:3:37:10 | ... << ... | The operand x1 is shifted by an expression x2 which is greater than or equal to in precision. | -| test.c:38:3:38:10 | ... << ... | The operand x1 is shifted by an expression x3 which is greater than or equal to in precision. | -| test.c:39:3:39:10 | ... << ... | The operand x1 is shifted by an expression x4 which is greater than or equal to in precision. | -| test.c:40:3:40:10 | ... << ... | The operand x1 is shifted by an expression x5 which is greater than or equal to in precision. | -| test.c:41:3:41:10 | ... << ... | The operand x1 is shifted by an expression x6 which is greater than or equal to in precision. | -| test.c:42:3:42:10 | ... << ... | The operand x1 is shifted by an expression x7 which is greater than or equal to in precision. | -| test.c:43:3:43:10 | ... << ... | The operand x1 is shifted by an expression x8 which is greater than or equal to in precision. | -| test.c:44:3:44:10 | ... << ... | The operand x1 is shifted by an expression x9 which is greater than or equal to in precision. | -| test.c:45:3:45:11 | ... << ... | The operand x1 is shifted by an expression x10 which is greater than or equal to in precision. | -| test.c:46:3:46:11 | ... << ... | The operand x1 is shifted by an expression x11 which is greater than or equal to in precision. | -| test.c:47:3:47:11 | ... << ... | The operand x1 is shifted by an expression x12 which is greater than or equal to in precision. | -| test.c:48:3:48:11 | ... << ... | The operand x1 is shifted by an expression x13 which is greater than or equal to in precision. | -| test.c:49:3:49:11 | ... << ... | The operand x1 is shifted by an expression x14 which is greater than or equal to in precision. | -| test.c:50:3:50:10 | ... << ... | The operand x2 is shifted by an expression x0 which is greater than or equal to in precision. | -| test.c:51:3:51:10 | ... << ... | The operand x2 is shifted by an expression x1 which is greater than or equal to in precision. | -| test.c:52:3:52:10 | ... << ... | The operand x2 is shifted by an expression x2 which is greater than or equal to in precision. | -| test.c:53:3:53:10 | ... << ... | The operand x2 is shifted by an expression x3 which is greater than or equal to in precision. | -| test.c:54:3:54:10 | ... << ... | The operand x2 is shifted by an expression x4 which is greater than or equal to in precision. | -| test.c:55:3:55:10 | ... << ... | The operand x2 is shifted by an expression x5 which is greater than or equal to in precision. | -| test.c:56:3:56:10 | ... << ... | The operand x2 is shifted by an expression x6 which is greater than or equal to in precision. | -| test.c:57:3:57:10 | ... << ... | The operand x2 is shifted by an expression x7 which is greater than or equal to in precision. | -| test.c:58:3:58:10 | ... << ... | The operand x2 is shifted by an expression x8 which is greater than or equal to in precision. | -| test.c:59:3:59:10 | ... << ... | The operand x2 is shifted by an expression x9 which is greater than or equal to in precision. | -| test.c:60:3:60:11 | ... << ... | The operand x2 is shifted by an expression x10 which is greater than or equal to in precision. | -| test.c:61:3:61:11 | ... << ... | The operand x2 is shifted by an expression x11 which is greater than or equal to in precision. | -| test.c:62:3:62:11 | ... << ... | The operand x2 is shifted by an expression x12 which is greater than or equal to in precision. | -| test.c:63:3:63:11 | ... << ... | The operand x2 is shifted by an expression x13 which is greater than or equal to in precision. | -| test.c:64:3:64:11 | ... << ... | The operand x2 is shifted by an expression x14 which is greater than or equal to in precision. | -| test.c:68:3:68:10 | ... << ... | The operand x3 is shifted by an expression x3 which is greater than or equal to in precision. | -| test.c:71:3:71:10 | ... << ... | The operand x3 is shifted by an expression x6 which is greater than or equal to in precision. | -| test.c:72:3:72:10 | ... << ... | The operand x3 is shifted by an expression x7 which is greater than or equal to in precision. | -| test.c:73:3:73:10 | ... << ... | The operand x3 is shifted by an expression x8 which is greater than or equal to in precision. | -| test.c:74:3:74:10 | ... << ... | The operand x3 is shifted by an expression x9 which is greater than or equal to in precision. | -| test.c:75:3:75:11 | ... << ... | The operand x3 is shifted by an expression x10 which is greater than or equal to in precision. | -| test.c:76:3:76:11 | ... << ... | The operand x3 is shifted by an expression x11 which is greater than or equal to in precision. | -| test.c:77:3:77:11 | ... << ... | The operand x3 is shifted by an expression x12 which is greater than or equal to in precision. | -| test.c:78:3:78:11 | ... << ... | The operand x3 is shifted by an expression x13 which is greater than or equal to in precision. | -| test.c:79:3:79:11 | ... << ... | The operand x3 is shifted by an expression x14 which is greater than or equal to in precision. | -| test.c:83:3:83:10 | ... << ... | The operand x4 is shifted by an expression x3 which is greater than or equal to in precision. | -| test.c:84:3:84:10 | ... << ... | The operand x4 is shifted by an expression x4 which is greater than or equal to in precision. | -| test.c:85:3:85:10 | ... << ... | The operand x4 is shifted by an expression x5 which is greater than or equal to in precision. | -| test.c:86:3:86:10 | ... << ... | The operand x4 is shifted by an expression x6 which is greater than or equal to in precision. | -| test.c:87:3:87:10 | ... << ... | The operand x4 is shifted by an expression x7 which is greater than or equal to in precision. | -| test.c:88:3:88:10 | ... << ... | The operand x4 is shifted by an expression x8 which is greater than or equal to in precision. | -| test.c:89:3:89:10 | ... << ... | The operand x4 is shifted by an expression x9 which is greater than or equal to in precision. | -| test.c:90:3:90:11 | ... << ... | The operand x4 is shifted by an expression x10 which is greater than or equal to in precision. | -| test.c:91:3:91:11 | ... << ... | The operand x4 is shifted by an expression x11 which is greater than or equal to in precision. | -| test.c:92:3:92:11 | ... << ... | The operand x4 is shifted by an expression x12 which is greater than or equal to in precision. | -| test.c:93:3:93:11 | ... << ... | The operand x4 is shifted by an expression x13 which is greater than or equal to in precision. | -| test.c:94:3:94:11 | ... << ... | The operand x4 is shifted by an expression x14 which is greater than or equal to in precision. | -| test.c:98:3:98:10 | ... << ... | The operand x5 is shifted by an expression x3 which is greater than or equal to in precision. | -| test.c:99:3:99:10 | ... << ... | The operand x5 is shifted by an expression x4 which is greater than or equal to in precision. | -| test.c:100:3:100:10 | ... << ... | The operand x5 is shifted by an expression x5 which is greater than or equal to in precision. | -| test.c:101:3:101:10 | ... << ... | The operand x5 is shifted by an expression x6 which is greater than or equal to in precision. | -| test.c:102:3:102:10 | ... << ... | The operand x5 is shifted by an expression x7 which is greater than or equal to in precision. | -| test.c:103:3:103:10 | ... << ... | The operand x5 is shifted by an expression x8 which is greater than or equal to in precision. | -| test.c:104:3:104:10 | ... << ... | The operand x5 is shifted by an expression x9 which is greater than or equal to in precision. | -| test.c:105:3:105:11 | ... << ... | The operand x5 is shifted by an expression x10 which is greater than or equal to in precision. | -| test.c:106:3:106:11 | ... << ... | The operand x5 is shifted by an expression x11 which is greater than or equal to in precision. | -| test.c:107:3:107:11 | ... << ... | The operand x5 is shifted by an expression x12 which is greater than or equal to in precision. | -| test.c:108:3:108:11 | ... << ... | The operand x5 is shifted by an expression x13 which is greater than or equal to in precision. | -| test.c:109:3:109:11 | ... << ... | The operand x5 is shifted by an expression x14 which is greater than or equal to in precision. | -| test.c:116:3:116:10 | ... << ... | The operand x6 is shifted by an expression x6 which is greater than or equal to in precision. | -| test.c:119:3:119:10 | ... << ... | The operand x6 is shifted by an expression x9 which is greater than or equal to in precision. | -| test.c:122:3:122:11 | ... << ... | The operand x6 is shifted by an expression x12 which is greater than or equal to in precision. | -| test.c:123:3:123:11 | ... << ... | The operand x6 is shifted by an expression x13 which is greater than or equal to in precision. | -| test.c:124:3:124:11 | ... << ... | The operand x6 is shifted by an expression x14 which is greater than or equal to in precision. | -| test.c:131:3:131:10 | ... << ... | The operand x7 is shifted by an expression x6 which is greater than or equal to in precision. | -| test.c:132:3:132:10 | ... << ... | The operand x7 is shifted by an expression x7 which is greater than or equal to in precision. | -| test.c:133:3:133:10 | ... << ... | The operand x7 is shifted by an expression x8 which is greater than or equal to in precision. | -| test.c:134:3:134:10 | ... << ... | The operand x7 is shifted by an expression x9 which is greater than or equal to in precision. | -| test.c:135:3:135:11 | ... << ... | The operand x7 is shifted by an expression x10 which is greater than or equal to in precision. | -| test.c:136:3:136:11 | ... << ... | The operand x7 is shifted by an expression x11 which is greater than or equal to in precision. | -| test.c:137:3:137:11 | ... << ... | The operand x7 is shifted by an expression x12 which is greater than or equal to in precision. | -| test.c:138:3:138:11 | ... << ... | The operand x7 is shifted by an expression x13 which is greater than or equal to in precision. | -| test.c:139:3:139:11 | ... << ... | The operand x7 is shifted by an expression x14 which is greater than or equal to in precision. | -| test.c:146:3:146:10 | ... << ... | The operand x8 is shifted by an expression x6 which is greater than or equal to in precision. | -| test.c:147:3:147:10 | ... << ... | The operand x8 is shifted by an expression x7 which is greater than or equal to in precision. | -| test.c:148:3:148:10 | ... << ... | The operand x8 is shifted by an expression x8 which is greater than or equal to in precision. | -| test.c:149:3:149:10 | ... << ... | The operand x8 is shifted by an expression x9 which is greater than or equal to in precision. | -| test.c:150:3:150:11 | ... << ... | The operand x8 is shifted by an expression x10 which is greater than or equal to in precision. | -| test.c:151:3:151:11 | ... << ... | The operand x8 is shifted by an expression x11 which is greater than or equal to in precision. | -| test.c:152:3:152:11 | ... << ... | The operand x8 is shifted by an expression x12 which is greater than or equal to in precision. | -| test.c:153:3:153:11 | ... << ... | The operand x8 is shifted by an expression x13 which is greater than or equal to in precision. | -| test.c:154:3:154:11 | ... << ... | The operand x8 is shifted by an expression x14 which is greater than or equal to in precision. | -| test.c:161:3:161:10 | ... << ... | The operand x9 is shifted by an expression x6 which is greater than or equal to in precision. | -| test.c:164:3:164:10 | ... << ... | The operand x9 is shifted by an expression x9 which is greater than or equal to in precision. | -| test.c:167:3:167:11 | ... << ... | The operand x9 is shifted by an expression x12 which is greater than or equal to in precision. | -| test.c:168:3:168:11 | ... << ... | The operand x9 is shifted by an expression x13 which is greater than or equal to in precision. | -| test.c:169:3:169:11 | ... << ... | The operand x9 is shifted by an expression x14 which is greater than or equal to in precision. | -| test.c:176:3:176:11 | ... << ... | The operand x10 is shifted by an expression x6 which is greater than or equal to in precision. | -| test.c:177:3:177:11 | ... << ... | The operand x10 is shifted by an expression x7 which is greater than or equal to in precision. | -| test.c:178:3:178:11 | ... << ... | The operand x10 is shifted by an expression x8 which is greater than or equal to in precision. | -| test.c:179:3:179:11 | ... << ... | The operand x10 is shifted by an expression x9 which is greater than or equal to in precision. | -| test.c:180:3:180:12 | ... << ... | The operand x10 is shifted by an expression x10 which is greater than or equal to in precision. | -| test.c:182:3:182:12 | ... << ... | The operand x10 is shifted by an expression x11 which is greater than or equal to in precision. | -| test.c:184:3:184:12 | ... << ... | The operand x10 is shifted by an expression x12 which is greater than or equal to in precision. | -| test.c:186:3:186:12 | ... << ... | The operand x10 is shifted by an expression x13 which is greater than or equal to in precision. | -| test.c:188:3:188:12 | ... << ... | The operand x10 is shifted by an expression x14 which is greater than or equal to in precision. | -| test.c:196:3:196:11 | ... << ... | The operand x11 is shifted by an expression x6 which is greater than or equal to in precision. | -| test.c:197:3:197:11 | ... << ... | The operand x11 is shifted by an expression x7 which is greater than or equal to in precision. | -| test.c:198:3:198:11 | ... << ... | The operand x11 is shifted by an expression x8 which is greater than or equal to in precision. | -| test.c:199:3:199:11 | ... << ... | The operand x11 is shifted by an expression x9 which is greater than or equal to in precision. | -| test.c:200:3:200:12 | ... << ... | The operand x11 is shifted by an expression x10 which is greater than or equal to in precision. | -| test.c:202:3:202:12 | ... << ... | The operand x11 is shifted by an expression x11 which is greater than or equal to in precision. | -| test.c:204:3:204:12 | ... << ... | The operand x11 is shifted by an expression x12 which is greater than or equal to in precision. | -| test.c:206:3:206:12 | ... << ... | The operand x11 is shifted by an expression x13 which is greater than or equal to in precision. | -| test.c:208:3:208:12 | ... << ... | The operand x11 is shifted by an expression x14 which is greater than or equal to in precision. | -| test.c:222:3:222:12 | ... << ... | The operand x12 is shifted by an expression x12 which is greater than or equal to in precision. | -| test.c:238:3:238:12 | ... << ... | The operand x13 is shifted by an expression x12 which is greater than or equal to in precision. | -| test.c:240:3:240:12 | ... << ... | The operand x13 is shifted by an expression x13 which is greater than or equal to in precision. | -| test.c:242:3:242:12 | ... << ... | The operand x13 is shifted by an expression x14 which is greater than or equal to in precision. | -| test.c:256:3:256:12 | ... << ... | The operand x14 is shifted by an expression x12 which is greater than or equal to in precision. | -| test.c:258:3:258:12 | ... << ... | The operand x14 is shifted by an expression x13 which is greater than or equal to in precision. | -| test.c:260:3:260:12 | ... << ... | The operand x14 is shifted by an expression x14 which is greater than or equal to in precision. | -| test.c:265:3:265:10 | ... >> ... | The operand x0 is shifted by an expression x0 which is greater than or equal to in precision. | -| test.c:268:3:268:10 | ... >> ... | The operand x0 is shifted by an expression x3 which is greater than or equal to in precision. | -| test.c:269:3:269:10 | ... >> ... | The operand x0 is shifted by an expression x4 which is greater than or equal to in precision. | -| test.c:270:3:270:10 | ... >> ... | The operand x0 is shifted by an expression x5 which is greater than or equal to in precision. | -| test.c:271:3:271:10 | ... >> ... | The operand x0 is shifted by an expression x6 which is greater than or equal to in precision. | -| test.c:272:3:272:10 | ... >> ... | The operand x0 is shifted by an expression x7 which is greater than or equal to in precision. | -| test.c:273:3:273:10 | ... >> ... | The operand x0 is shifted by an expression x8 which is greater than or equal to in precision. | -| test.c:274:3:274:10 | ... >> ... | The operand x0 is shifted by an expression x9 which is greater than or equal to in precision. | -| test.c:275:3:275:11 | ... >> ... | The operand x0 is shifted by an expression x10 which is greater than or equal to in precision. | -| test.c:276:3:276:11 | ... >> ... | The operand x0 is shifted by an expression x11 which is greater than or equal to in precision. | -| test.c:277:3:277:11 | ... >> ... | The operand x0 is shifted by an expression x12 which is greater than or equal to in precision. | -| test.c:278:3:278:11 | ... >> ... | The operand x0 is shifted by an expression x13 which is greater than or equal to in precision. | -| test.c:279:3:279:11 | ... >> ... | The operand x0 is shifted by an expression x14 which is greater than or equal to in precision. | -| test.c:280:3:280:10 | ... >> ... | The operand x1 is shifted by an expression x0 which is greater than or equal to in precision. | -| test.c:281:3:281:10 | ... >> ... | The operand x1 is shifted by an expression x1 which is greater than or equal to in precision. | -| test.c:282:3:282:10 | ... >> ... | The operand x1 is shifted by an expression x2 which is greater than or equal to in precision. | -| test.c:283:3:283:10 | ... >> ... | The operand x1 is shifted by an expression x3 which is greater than or equal to in precision. | -| test.c:284:3:284:10 | ... >> ... | The operand x1 is shifted by an expression x4 which is greater than or equal to in precision. | -| test.c:285:3:285:10 | ... >> ... | The operand x1 is shifted by an expression x5 which is greater than or equal to in precision. | -| test.c:286:3:286:10 | ... >> ... | The operand x1 is shifted by an expression x6 which is greater than or equal to in precision. | -| test.c:287:3:287:10 | ... >> ... | The operand x1 is shifted by an expression x7 which is greater than or equal to in precision. | -| test.c:288:3:288:10 | ... >> ... | The operand x1 is shifted by an expression x8 which is greater than or equal to in precision. | -| test.c:289:3:289:10 | ... >> ... | The operand x1 is shifted by an expression x9 which is greater than or equal to in precision. | -| test.c:290:3:290:11 | ... >> ... | The operand x1 is shifted by an expression x10 which is greater than or equal to in precision. | -| test.c:291:3:291:11 | ... >> ... | The operand x1 is shifted by an expression x11 which is greater than or equal to in precision. | -| test.c:292:3:292:11 | ... >> ... | The operand x1 is shifted by an expression x12 which is greater than or equal to in precision. | -| test.c:293:3:293:11 | ... >> ... | The operand x1 is shifted by an expression x13 which is greater than or equal to in precision. | -| test.c:294:3:294:11 | ... >> ... | The operand x1 is shifted by an expression x14 which is greater than or equal to in precision. | -| test.c:295:3:295:10 | ... >> ... | The operand x2 is shifted by an expression x0 which is greater than or equal to in precision. | -| test.c:296:3:296:10 | ... >> ... | The operand x2 is shifted by an expression x1 which is greater than or equal to in precision. | -| test.c:297:3:297:10 | ... >> ... | The operand x2 is shifted by an expression x2 which is greater than or equal to in precision. | -| test.c:298:3:298:10 | ... >> ... | The operand x2 is shifted by an expression x3 which is greater than or equal to in precision. | -| test.c:299:3:299:10 | ... >> ... | The operand x2 is shifted by an expression x4 which is greater than or equal to in precision. | -| test.c:300:3:300:10 | ... >> ... | The operand x2 is shifted by an expression x5 which is greater than or equal to in precision. | -| test.c:301:3:301:10 | ... >> ... | The operand x2 is shifted by an expression x6 which is greater than or equal to in precision. | -| test.c:302:3:302:10 | ... >> ... | The operand x2 is shifted by an expression x7 which is greater than or equal to in precision. | -| test.c:303:3:303:10 | ... >> ... | The operand x2 is shifted by an expression x8 which is greater than or equal to in precision. | -| test.c:304:3:304:10 | ... >> ... | The operand x2 is shifted by an expression x9 which is greater than or equal to in precision. | -| test.c:305:3:305:11 | ... >> ... | The operand x2 is shifted by an expression x10 which is greater than or equal to in precision. | -| test.c:306:3:306:11 | ... >> ... | The operand x2 is shifted by an expression x11 which is greater than or equal to in precision. | -| test.c:307:3:307:11 | ... >> ... | The operand x2 is shifted by an expression x12 which is greater than or equal to in precision. | -| test.c:308:3:308:11 | ... >> ... | The operand x2 is shifted by an expression x13 which is greater than or equal to in precision. | -| test.c:309:3:309:11 | ... >> ... | The operand x2 is shifted by an expression x14 which is greater than or equal to in precision. | -| test.c:313:3:313:10 | ... >> ... | The operand x3 is shifted by an expression x3 which is greater than or equal to in precision. | -| test.c:316:3:316:10 | ... >> ... | The operand x3 is shifted by an expression x6 which is greater than or equal to in precision. | -| test.c:317:3:317:10 | ... >> ... | The operand x3 is shifted by an expression x7 which is greater than or equal to in precision. | -| test.c:318:3:318:10 | ... >> ... | The operand x3 is shifted by an expression x8 which is greater than or equal to in precision. | -| test.c:319:3:319:10 | ... >> ... | The operand x3 is shifted by an expression x9 which is greater than or equal to in precision. | -| test.c:320:3:320:11 | ... >> ... | The operand x3 is shifted by an expression x10 which is greater than or equal to in precision. | -| test.c:321:3:321:11 | ... >> ... | The operand x3 is shifted by an expression x11 which is greater than or equal to in precision. | -| test.c:322:3:322:11 | ... >> ... | The operand x3 is shifted by an expression x12 which is greater than or equal to in precision. | -| test.c:323:3:323:11 | ... >> ... | The operand x3 is shifted by an expression x13 which is greater than or equal to in precision. | -| test.c:324:3:324:11 | ... >> ... | The operand x3 is shifted by an expression x14 which is greater than or equal to in precision. | -| test.c:328:3:328:10 | ... >> ... | The operand x4 is shifted by an expression x3 which is greater than or equal to in precision. | -| test.c:329:3:329:10 | ... >> ... | The operand x4 is shifted by an expression x4 which is greater than or equal to in precision. | -| test.c:330:3:330:10 | ... >> ... | The operand x4 is shifted by an expression x5 which is greater than or equal to in precision. | -| test.c:331:3:331:10 | ... >> ... | The operand x4 is shifted by an expression x6 which is greater than or equal to in precision. | -| test.c:332:3:332:10 | ... >> ... | The operand x4 is shifted by an expression x7 which is greater than or equal to in precision. | -| test.c:333:3:333:10 | ... >> ... | The operand x4 is shifted by an expression x8 which is greater than or equal to in precision. | -| test.c:334:3:334:10 | ... >> ... | The operand x4 is shifted by an expression x9 which is greater than or equal to in precision. | -| test.c:335:3:335:11 | ... >> ... | The operand x4 is shifted by an expression x10 which is greater than or equal to in precision. | -| test.c:336:3:336:11 | ... >> ... | The operand x4 is shifted by an expression x11 which is greater than or equal to in precision. | -| test.c:337:3:337:11 | ... >> ... | The operand x4 is shifted by an expression x12 which is greater than or equal to in precision. | -| test.c:338:3:338:11 | ... >> ... | The operand x4 is shifted by an expression x13 which is greater than or equal to in precision. | -| test.c:339:3:339:11 | ... >> ... | The operand x4 is shifted by an expression x14 which is greater than or equal to in precision. | -| test.c:343:3:343:10 | ... >> ... | The operand x5 is shifted by an expression x3 which is greater than or equal to in precision. | -| test.c:344:3:344:10 | ... >> ... | The operand x5 is shifted by an expression x4 which is greater than or equal to in precision. | -| test.c:345:3:345:10 | ... >> ... | The operand x5 is shifted by an expression x5 which is greater than or equal to in precision. | -| test.c:346:3:346:10 | ... >> ... | The operand x5 is shifted by an expression x6 which is greater than or equal to in precision. | -| test.c:347:3:347:10 | ... >> ... | The operand x5 is shifted by an expression x7 which is greater than or equal to in precision. | -| test.c:348:3:348:10 | ... >> ... | The operand x5 is shifted by an expression x8 which is greater than or equal to in precision. | -| test.c:349:3:349:10 | ... >> ... | The operand x5 is shifted by an expression x9 which is greater than or equal to in precision. | -| test.c:350:3:350:11 | ... >> ... | The operand x5 is shifted by an expression x10 which is greater than or equal to in precision. | -| test.c:351:3:351:11 | ... >> ... | The operand x5 is shifted by an expression x11 which is greater than or equal to in precision. | -| test.c:352:3:352:11 | ... >> ... | The operand x5 is shifted by an expression x12 which is greater than or equal to in precision. | -| test.c:353:3:353:11 | ... >> ... | The operand x5 is shifted by an expression x13 which is greater than or equal to in precision. | -| test.c:354:3:354:11 | ... >> ... | The operand x5 is shifted by an expression x14 which is greater than or equal to in precision. | -| test.c:361:3:361:10 | ... >> ... | The operand x6 is shifted by an expression x6 which is greater than or equal to in precision. | -| test.c:364:3:364:10 | ... >> ... | The operand x6 is shifted by an expression x9 which is greater than or equal to in precision. | -| test.c:367:3:367:11 | ... >> ... | The operand x6 is shifted by an expression x12 which is greater than or equal to in precision. | -| test.c:368:3:368:11 | ... >> ... | The operand x6 is shifted by an expression x13 which is greater than or equal to in precision. | -| test.c:369:3:369:11 | ... >> ... | The operand x6 is shifted by an expression x14 which is greater than or equal to in precision. | -| test.c:376:3:376:10 | ... >> ... | The operand x7 is shifted by an expression x6 which is greater than or equal to in precision. | -| test.c:377:3:377:10 | ... >> ... | The operand x7 is shifted by an expression x7 which is greater than or equal to in precision. | -| test.c:378:3:378:10 | ... >> ... | The operand x7 is shifted by an expression x8 which is greater than or equal to in precision. | -| test.c:379:3:379:10 | ... >> ... | The operand x7 is shifted by an expression x9 which is greater than or equal to in precision. | -| test.c:380:3:380:11 | ... >> ... | The operand x7 is shifted by an expression x10 which is greater than or equal to in precision. | -| test.c:381:3:381:11 | ... >> ... | The operand x7 is shifted by an expression x11 which is greater than or equal to in precision. | -| test.c:382:3:382:11 | ... >> ... | The operand x7 is shifted by an expression x12 which is greater than or equal to in precision. | -| test.c:383:3:383:11 | ... >> ... | The operand x7 is shifted by an expression x13 which is greater than or equal to in precision. | -| test.c:384:3:384:11 | ... >> ... | The operand x7 is shifted by an expression x14 which is greater than or equal to in precision. | -| test.c:391:3:391:10 | ... >> ... | The operand x8 is shifted by an expression x6 which is greater than or equal to in precision. | -| test.c:392:3:392:10 | ... >> ... | The operand x8 is shifted by an expression x7 which is greater than or equal to in precision. | -| test.c:393:3:393:10 | ... >> ... | The operand x8 is shifted by an expression x8 which is greater than or equal to in precision. | -| test.c:394:3:394:10 | ... >> ... | The operand x8 is shifted by an expression x9 which is greater than or equal to in precision. | -| test.c:395:3:395:11 | ... >> ... | The operand x8 is shifted by an expression x10 which is greater than or equal to in precision. | -| test.c:396:3:396:11 | ... >> ... | The operand x8 is shifted by an expression x11 which is greater than or equal to in precision. | -| test.c:397:3:397:11 | ... >> ... | The operand x8 is shifted by an expression x12 which is greater than or equal to in precision. | -| test.c:398:3:398:11 | ... >> ... | The operand x8 is shifted by an expression x13 which is greater than or equal to in precision. | -| test.c:399:3:399:11 | ... >> ... | The operand x8 is shifted by an expression x14 which is greater than or equal to in precision. | -| test.c:406:3:406:10 | ... >> ... | The operand x9 is shifted by an expression x6 which is greater than or equal to in precision. | -| test.c:409:3:409:10 | ... >> ... | The operand x9 is shifted by an expression x9 which is greater than or equal to in precision. | -| test.c:412:3:412:11 | ... >> ... | The operand x9 is shifted by an expression x12 which is greater than or equal to in precision. | -| test.c:413:3:413:11 | ... >> ... | The operand x9 is shifted by an expression x13 which is greater than or equal to in precision. | -| test.c:414:3:414:11 | ... >> ... | The operand x9 is shifted by an expression x14 which is greater than or equal to in precision. | -| test.c:421:3:421:11 | ... >> ... | The operand x10 is shifted by an expression x6 which is greater than or equal to in precision. | -| test.c:422:3:422:11 | ... >> ... | The operand x10 is shifted by an expression x7 which is greater than or equal to in precision. | -| test.c:423:3:423:11 | ... >> ... | The operand x10 is shifted by an expression x8 which is greater than or equal to in precision. | -| test.c:424:3:424:11 | ... >> ... | The operand x10 is shifted by an expression x9 which is greater than or equal to in precision. | -| test.c:425:3:426:9 | ... >> ... | The operand x10 is shifted by an expression x10 which is greater than or equal to in precision. | -| test.c:427:3:428:9 | ... >> ... | The operand x10 is shifted by an expression x11 which is greater than or equal to in precision. | -| test.c:429:3:430:9 | ... >> ... | The operand x10 is shifted by an expression x12 which is greater than or equal to in precision. | -| test.c:431:3:432:9 | ... >> ... | The operand x10 is shifted by an expression x13 which is greater than or equal to in precision. | -| test.c:433:3:434:9 | ... >> ... | The operand x10 is shifted by an expression x14 which is greater than or equal to in precision. | -| test.c:441:3:441:11 | ... >> ... | The operand x11 is shifted by an expression x6 which is greater than or equal to in precision. | -| test.c:442:3:442:11 | ... >> ... | The operand x11 is shifted by an expression x7 which is greater than or equal to in precision. | -| test.c:443:3:443:11 | ... >> ... | The operand x11 is shifted by an expression x8 which is greater than or equal to in precision. | -| test.c:444:3:444:11 | ... >> ... | The operand x11 is shifted by an expression x9 which is greater than or equal to in precision. | -| test.c:445:3:446:9 | ... >> ... | The operand x11 is shifted by an expression x10 which is greater than or equal to in precision. | -| test.c:447:3:448:9 | ... >> ... | The operand x11 is shifted by an expression x11 which is greater than or equal to in precision. | -| test.c:449:3:450:9 | ... >> ... | The operand x11 is shifted by an expression x12 which is greater than or equal to in precision. | -| test.c:451:3:452:9 | ... >> ... | The operand x11 is shifted by an expression x13 which is greater than or equal to in precision. | -| test.c:453:3:454:9 | ... >> ... | The operand x11 is shifted by an expression x14 which is greater than or equal to in precision. | -| test.c:467:3:468:9 | ... >> ... | The operand x12 is shifted by an expression x12 which is greater than or equal to in precision. | -| test.c:483:3:484:9 | ... >> ... | The operand x13 is shifted by an expression x12 which is greater than or equal to in precision. | -| test.c:485:3:486:9 | ... >> ... | The operand x13 is shifted by an expression x13 which is greater than or equal to in precision. | -| test.c:487:3:488:9 | ... >> ... | The operand x13 is shifted by an expression x14 which is greater than or equal to in precision. | -| test.c:501:3:502:9 | ... >> ... | The operand x14 is shifted by an expression x12 which is greater than or equal to in precision. | -| test.c:503:3:504:9 | ... >> ... | The operand x14 is shifted by an expression x13 which is greater than or equal to in precision. | -| test.c:505:3:506:9 | ... >> ... | The operand x14 is shifted by an expression x14 which is greater than or equal to in precision. | -| test.c:510:3:510:10 | ... << ... | The operand x0 is shifted by a negative expression -1. | -| test.c:511:3:511:10 | ... << ... | The operand x1 is shifted by a negative expression -1. | -| test.c:512:3:512:10 | ... << ... | The operand x2 is shifted by a negative expression -1. | -| test.c:513:3:513:10 | ... << ... | The operand x3 is shifted by a negative expression -1. | -| test.c:514:3:514:10 | ... << ... | The operand x4 is shifted by a negative expression -1. | -| test.c:515:3:515:10 | ... << ... | The operand x5 is shifted by a negative expression -1. | -| test.c:516:3:516:10 | ... << ... | The operand x6 is shifted by a negative expression -1. | -| test.c:517:3:517:10 | ... << ... | The operand x7 is shifted by a negative expression -1. | -| test.c:518:3:518:10 | ... << ... | The operand x8 is shifted by a negative expression -1. | -| test.c:519:3:519:10 | ... << ... | The operand x9 is shifted by a negative expression -1. | -| test.c:520:3:520:11 | ... << ... | The operand x10 is shifted by a negative expression -1. | -| test.c:521:3:521:11 | ... << ... | The operand x11 is shifted by a negative expression -1. | -| test.c:522:3:522:11 | ... << ... | The operand x12 is shifted by a negative expression -1. | -| test.c:523:3:523:11 | ... << ... | The operand x13 is shifted by a negative expression -1. | -| test.c:524:3:524:11 | ... << ... | The operand x14 is shifted by a negative expression -1. | +| test.c:43:3:43:14 | left-shift | The operand lhs0 is left-shifted by an expression rhs0 which is greater than or equal to in precision. | +| test.c:47:3:47:14 | left-shift | The operand lhs0 is left-shifted by an expression rhs3 which is greater than or equal to in precision. | +| test.c:49:3:49:14 | left-shift | The operand lhs0 is left-shifted by an expression rhs4 which is greater than or equal to in precision. | +| test.c:51:3:51:14 | left-shift | The operand lhs0 is left-shifted by an expression rhs5 which is greater than or equal to in precision. | +| test.c:53:3:53:14 | left-shift | The operand lhs0 is left-shifted by an expression rhs6 which is greater than or equal to in precision. | +| test.c:55:3:55:14 | left-shift | The operand lhs0 is left-shifted by an expression rhs7 which is greater than or equal to in precision. | +| test.c:57:3:57:14 | left-shift | The operand lhs0 is left-shifted by an expression rhs8 which is greater than or equal to in precision. | +| test.c:59:3:59:14 | left-shift | The operand lhs0 is left-shifted by an expression rhs9 which is greater than or equal to in precision. | +| test.c:61:3:61:15 | left-shift | The operand lhs0 is left-shifted by an expression rhs10 which is greater than or equal to in precision. | +| test.c:63:3:63:15 | left-shift | The operand lhs0 is left-shifted by an expression rhs11 which is greater than or equal to in precision. | +| test.c:65:3:65:15 | left-shift | The operand lhs0 is left-shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:67:3:67:15 | left-shift | The operand lhs0 is left-shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:69:3:69:15 | left-shift | The operand lhs0 is left-shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:71:3:71:14 | left-shift | The operand lhs1 is left-shifted by an expression rhs0 which is greater than or equal to in precision. | +| test.c:73:3:73:14 | left-shift | The operand lhs1 is left-shifted by an expression rhs1 which is greater than or equal to in precision. | +| test.c:75:3:75:14 | left-shift | The operand lhs1 is left-shifted by an expression rhs2 which is greater than or equal to in precision. | +| test.c:77:3:77:14 | left-shift | The operand lhs1 is left-shifted by an expression rhs3 which is greater than or equal to in precision. | +| test.c:79:3:79:14 | left-shift | The operand lhs1 is left-shifted by an expression rhs4 which is greater than or equal to in precision. | +| test.c:81:3:81:14 | left-shift | The operand lhs1 is left-shifted by an expression rhs5 which is greater than or equal to in precision. | +| test.c:83:3:83:14 | left-shift | The operand lhs1 is left-shifted by an expression rhs6 which is greater than or equal to in precision. | +| test.c:85:3:85:14 | left-shift | The operand lhs1 is left-shifted by an expression rhs7 which is greater than or equal to in precision. | +| test.c:87:3:87:14 | left-shift | The operand lhs1 is left-shifted by an expression rhs8 which is greater than or equal to in precision. | +| test.c:89:3:89:14 | left-shift | The operand lhs1 is left-shifted by an expression rhs9 which is greater than or equal to in precision. | +| test.c:91:3:91:15 | left-shift | The operand lhs1 is left-shifted by an expression rhs10 which is greater than or equal to in precision. | +| test.c:93:3:93:15 | left-shift | The operand lhs1 is left-shifted by an expression rhs11 which is greater than or equal to in precision. | +| test.c:95:3:95:15 | left-shift | The operand lhs1 is left-shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:97:3:97:15 | left-shift | The operand lhs1 is left-shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:99:3:99:15 | left-shift | The operand lhs1 is left-shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:101:3:101:14 | left-shift | The operand lhs2 is left-shifted by an expression rhs0 which is greater than or equal to in precision. | +| test.c:103:3:103:14 | left-shift | The operand lhs2 is left-shifted by an expression rhs1 which is greater than or equal to in precision. | +| test.c:105:3:105:14 | left-shift | The operand lhs2 is left-shifted by an expression rhs2 which is greater than or equal to in precision. | +| test.c:107:3:107:14 | left-shift | The operand lhs2 is left-shifted by an expression rhs3 which is greater than or equal to in precision. | +| test.c:109:3:109:14 | left-shift | The operand lhs2 is left-shifted by an expression rhs4 which is greater than or equal to in precision. | +| test.c:111:3:111:14 | left-shift | The operand lhs2 is left-shifted by an expression rhs5 which is greater than or equal to in precision. | +| test.c:113:3:113:14 | left-shift | The operand lhs2 is left-shifted by an expression rhs6 which is greater than or equal to in precision. | +| test.c:115:3:115:14 | left-shift | The operand lhs2 is left-shifted by an expression rhs7 which is greater than or equal to in precision. | +| test.c:117:3:117:14 | left-shift | The operand lhs2 is left-shifted by an expression rhs8 which is greater than or equal to in precision. | +| test.c:119:3:119:14 | left-shift | The operand lhs2 is left-shifted by an expression rhs9 which is greater than or equal to in precision. | +| test.c:121:3:121:15 | left-shift | The operand lhs2 is left-shifted by an expression rhs10 which is greater than or equal to in precision. | +| test.c:123:3:123:15 | left-shift | The operand lhs2 is left-shifted by an expression rhs11 which is greater than or equal to in precision. | +| test.c:125:3:125:15 | left-shift | The operand lhs2 is left-shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:127:3:127:15 | left-shift | The operand lhs2 is left-shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:129:3:129:15 | left-shift | The operand lhs2 is left-shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:134:3:134:14 | left-shift | The operand lhs3 is left-shifted by an expression rhs3 which is greater than or equal to in precision. | +| test.c:138:3:138:14 | left-shift | The operand lhs3 is left-shifted by an expression rhs6 which is greater than or equal to in precision. | +| test.c:140:3:140:14 | left-shift | The operand lhs3 is left-shifted by an expression rhs7 which is greater than or equal to in precision. | +| test.c:142:3:142:14 | left-shift | The operand lhs3 is left-shifted by an expression rhs8 which is greater than or equal to in precision. | +| test.c:144:3:144:14 | left-shift | The operand lhs3 is left-shifted by an expression rhs9 which is greater than or equal to in precision. | +| test.c:146:3:146:15 | left-shift | The operand lhs3 is left-shifted by an expression rhs10 which is greater than or equal to in precision. | +| test.c:148:3:148:15 | left-shift | The operand lhs3 is left-shifted by an expression rhs11 which is greater than or equal to in precision. | +| test.c:150:3:150:15 | left-shift | The operand lhs3 is left-shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:152:3:152:15 | left-shift | The operand lhs3 is left-shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:154:3:154:15 | left-shift | The operand lhs3 is left-shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:159:3:159:14 | left-shift | The operand lhs4 is left-shifted by an expression rhs3 which is greater than or equal to in precision. | +| test.c:161:3:161:14 | left-shift | The operand lhs4 is left-shifted by an expression rhs4 which is greater than or equal to in precision. | +| test.c:163:3:163:14 | left-shift | The operand lhs4 is left-shifted by an expression rhs5 which is greater than or equal to in precision. | +| test.c:165:3:165:14 | left-shift | The operand lhs4 is left-shifted by an expression rhs6 which is greater than or equal to in precision. | +| test.c:167:3:167:14 | left-shift | The operand lhs4 is left-shifted by an expression rhs7 which is greater than or equal to in precision. | +| test.c:169:3:169:14 | left-shift | The operand lhs4 is left-shifted by an expression rhs8 which is greater than or equal to in precision. | +| test.c:171:3:171:14 | left-shift | The operand lhs4 is left-shifted by an expression rhs9 which is greater than or equal to in precision. | +| test.c:173:3:173:15 | left-shift | The operand lhs4 is left-shifted by an expression rhs10 which is greater than or equal to in precision. | +| test.c:175:3:175:15 | left-shift | The operand lhs4 is left-shifted by an expression rhs11 which is greater than or equal to in precision. | +| test.c:177:3:177:15 | left-shift | The operand lhs4 is left-shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:179:3:179:15 | left-shift | The operand lhs4 is left-shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:181:3:181:15 | left-shift | The operand lhs4 is left-shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:186:3:186:14 | left-shift | The operand lhs5 is left-shifted by an expression rhs3 which is greater than or equal to in precision. | +| test.c:188:3:188:14 | left-shift | The operand lhs5 is left-shifted by an expression rhs4 which is greater than or equal to in precision. | +| test.c:190:3:190:14 | left-shift | The operand lhs5 is left-shifted by an expression rhs5 which is greater than or equal to in precision. | +| test.c:192:3:192:14 | left-shift | The operand lhs5 is left-shifted by an expression rhs6 which is greater than or equal to in precision. | +| test.c:194:3:194:14 | left-shift | The operand lhs5 is left-shifted by an expression rhs7 which is greater than or equal to in precision. | +| test.c:196:3:196:14 | left-shift | The operand lhs5 is left-shifted by an expression rhs8 which is greater than or equal to in precision. | +| test.c:198:3:198:14 | left-shift | The operand lhs5 is left-shifted by an expression rhs9 which is greater than or equal to in precision. | +| test.c:200:3:200:15 | left-shift | The operand lhs5 is left-shifted by an expression rhs10 which is greater than or equal to in precision. | +| test.c:202:3:202:15 | left-shift | The operand lhs5 is left-shifted by an expression rhs11 which is greater than or equal to in precision. | +| test.c:204:3:204:15 | left-shift | The operand lhs5 is left-shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:206:3:206:15 | left-shift | The operand lhs5 is left-shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:208:3:208:15 | left-shift | The operand lhs5 is left-shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:216:3:216:14 | left-shift | The operand lhs6 is left-shifted by an expression rhs6 which is greater than or equal to in precision. | +| test.c:220:3:220:14 | left-shift | The operand lhs6 is left-shifted by an expression rhs9 which is greater than or equal to in precision. | +| test.c:224:3:224:15 | left-shift | The operand lhs6 is left-shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:226:3:226:15 | left-shift | The operand lhs6 is left-shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:228:3:228:15 | left-shift | The operand lhs6 is left-shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:236:3:236:14 | left-shift | The operand lhs7 is left-shifted by an expression rhs6 which is greater than or equal to in precision. | +| test.c:238:3:238:14 | left-shift | The operand lhs7 is left-shifted by an expression rhs7 which is greater than or equal to in precision. | +| test.c:240:3:240:14 | left-shift | The operand lhs7 is left-shifted by an expression rhs8 which is greater than or equal to in precision. | +| test.c:242:3:242:14 | left-shift | The operand lhs7 is left-shifted by an expression rhs9 which is greater than or equal to in precision. | +| test.c:244:3:244:15 | left-shift | The operand lhs7 is left-shifted by an expression rhs10 which is greater than or equal to in precision. | +| test.c:246:3:246:15 | left-shift | The operand lhs7 is left-shifted by an expression rhs11 which is greater than or equal to in precision. | +| test.c:248:3:248:15 | left-shift | The operand lhs7 is left-shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:250:3:250:15 | left-shift | The operand lhs7 is left-shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:252:3:252:15 | left-shift | The operand lhs7 is left-shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:260:3:260:14 | left-shift | The operand lhs8 is left-shifted by an expression rhs6 which is greater than or equal to in precision. | +| test.c:262:3:262:14 | left-shift | The operand lhs8 is left-shifted by an expression rhs7 which is greater than or equal to in precision. | +| test.c:264:3:264:14 | left-shift | The operand lhs8 is left-shifted by an expression rhs8 which is greater than or equal to in precision. | +| test.c:266:3:266:14 | left-shift | The operand lhs8 is left-shifted by an expression rhs9 which is greater than or equal to in precision. | +| test.c:268:3:268:15 | left-shift | The operand lhs8 is left-shifted by an expression rhs10 which is greater than or equal to in precision. | +| test.c:270:3:270:15 | left-shift | The operand lhs8 is left-shifted by an expression rhs11 which is greater than or equal to in precision. | +| test.c:272:3:272:15 | left-shift | The operand lhs8 is left-shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:274:3:274:15 | left-shift | The operand lhs8 is left-shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:276:3:276:15 | left-shift | The operand lhs8 is left-shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:292:3:292:15 | left-shift | The operand lhs9 is left-shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:316:3:316:16 | left-shift | The operand lhs10 is left-shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:318:3:318:16 | left-shift | The operand lhs10 is left-shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:320:3:320:16 | left-shift | The operand lhs10 is left-shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:340:3:340:16 | left-shift | The operand lhs11 is left-shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:342:3:342:16 | left-shift | The operand lhs11 is left-shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:344:3:344:16 | left-shift | The operand lhs11 is left-shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:358:3:358:16 | left-shift | The operand lhs12 is left-shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:374:3:374:16 | left-shift | The operand lhs13 is left-shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:376:3:376:16 | left-shift | The operand lhs13 is left-shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:378:3:378:16 | left-shift | The operand lhs13 is left-shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:392:3:392:16 | left-shift | The operand lhs14 is left-shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:394:3:394:16 | left-shift | The operand lhs14 is left-shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:396:3:396:16 | left-shift | The operand lhs14 is left-shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:1579:3:1580:10 | right-shift | The operand lhs0 is right-shifted by an expression rhs0 which is greater than or equal to in precision. | +| test.c:1583:3:1584:10 | right-shift | The operand lhs0 is right-shifted by an expression rhs3 which is greater than or equal to in precision. | +| test.c:1585:3:1586:10 | right-shift | The operand lhs0 is right-shifted by an expression rhs4 which is greater than or equal to in precision. | +| test.c:1587:3:1588:10 | right-shift | The operand lhs0 is right-shifted by an expression rhs5 which is greater than or equal to in precision. | +| test.c:1589:3:1590:10 | right-shift | The operand lhs0 is right-shifted by an expression rhs6 which is greater than or equal to in precision. | +| test.c:1591:3:1592:10 | right-shift | The operand lhs0 is right-shifted by an expression rhs7 which is greater than or equal to in precision. | +| test.c:1593:3:1594:10 | right-shift | The operand lhs0 is right-shifted by an expression rhs8 which is greater than or equal to in precision. | +| test.c:1595:3:1596:10 | right-shift | The operand lhs0 is right-shifted by an expression rhs9 which is greater than or equal to in precision. | +| test.c:1597:3:1597:15 | right-shift | The operand lhs0 is right-shifted by an expression rhs10 which is greater than or equal to in precision. | +| test.c:1599:3:1599:15 | right-shift | The operand lhs0 is right-shifted by an expression rhs11 which is greater than or equal to in precision. | +| test.c:1601:3:1601:15 | right-shift | The operand lhs0 is right-shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:1603:3:1603:15 | right-shift | The operand lhs0 is right-shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:1605:3:1605:15 | right-shift | The operand lhs0 is right-shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:1607:3:1608:10 | right-shift | The operand lhs1 is right-shifted by an expression rhs0 which is greater than or equal to in precision. | +| test.c:1609:3:1610:10 | right-shift | The operand lhs1 is right-shifted by an expression rhs1 which is greater than or equal to in precision. | +| test.c:1611:3:1612:10 | right-shift | The operand lhs1 is right-shifted by an expression rhs2 which is greater than or equal to in precision. | +| test.c:1613:3:1614:10 | right-shift | The operand lhs1 is right-shifted by an expression rhs3 which is greater than or equal to in precision. | +| test.c:1615:3:1616:10 | right-shift | The operand lhs1 is right-shifted by an expression rhs4 which is greater than or equal to in precision. | +| test.c:1617:3:1618:10 | right-shift | The operand lhs1 is right-shifted by an expression rhs5 which is greater than or equal to in precision. | +| test.c:1619:3:1620:10 | right-shift | The operand lhs1 is right-shifted by an expression rhs6 which is greater than or equal to in precision. | +| test.c:1621:3:1622:10 | right-shift | The operand lhs1 is right-shifted by an expression rhs7 which is greater than or equal to in precision. | +| test.c:1623:3:1624:10 | right-shift | The operand lhs1 is right-shifted by an expression rhs8 which is greater than or equal to in precision. | +| test.c:1625:3:1626:10 | right-shift | The operand lhs1 is right-shifted by an expression rhs9 which is greater than or equal to in precision. | +| test.c:1627:3:1627:15 | right-shift | The operand lhs1 is right-shifted by an expression rhs10 which is greater than or equal to in precision. | +| test.c:1629:3:1629:15 | right-shift | The operand lhs1 is right-shifted by an expression rhs11 which is greater than or equal to in precision. | +| test.c:1631:3:1631:15 | right-shift | The operand lhs1 is right-shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:1633:3:1633:15 | right-shift | The operand lhs1 is right-shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:1635:3:1635:15 | right-shift | The operand lhs1 is right-shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:1637:3:1638:10 | right-shift | The operand lhs2 is right-shifted by an expression rhs0 which is greater than or equal to in precision. | +| test.c:1639:3:1640:10 | right-shift | The operand lhs2 is right-shifted by an expression rhs1 which is greater than or equal to in precision. | +| test.c:1641:3:1642:10 | right-shift | The operand lhs2 is right-shifted by an expression rhs2 which is greater than or equal to in precision. | +| test.c:1643:3:1644:10 | right-shift | The operand lhs2 is right-shifted by an expression rhs3 which is greater than or equal to in precision. | +| test.c:1645:3:1646:10 | right-shift | The operand lhs2 is right-shifted by an expression rhs4 which is greater than or equal to in precision. | +| test.c:1647:3:1648:10 | right-shift | The operand lhs2 is right-shifted by an expression rhs5 which is greater than or equal to in precision. | +| test.c:1649:3:1650:10 | right-shift | The operand lhs2 is right-shifted by an expression rhs6 which is greater than or equal to in precision. | +| test.c:1651:3:1652:10 | right-shift | The operand lhs2 is right-shifted by an expression rhs7 which is greater than or equal to in precision. | +| test.c:1653:3:1654:10 | right-shift | The operand lhs2 is right-shifted by an expression rhs8 which is greater than or equal to in precision. | +| test.c:1655:3:1656:10 | right-shift | The operand lhs2 is right-shifted by an expression rhs9 which is greater than or equal to in precision. | +| test.c:1657:3:1657:15 | right-shift | The operand lhs2 is right-shifted by an expression rhs10 which is greater than or equal to in precision. | +| test.c:1659:3:1659:15 | right-shift | The operand lhs2 is right-shifted by an expression rhs11 which is greater than or equal to in precision. | +| test.c:1661:3:1661:15 | right-shift | The operand lhs2 is right-shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:1663:3:1663:15 | right-shift | The operand lhs2 is right-shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:1665:3:1665:15 | right-shift | The operand lhs2 is right-shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:1670:3:1671:10 | right-shift | The operand lhs3 is right-shifted by an expression rhs3 which is greater than or equal to in precision. | +| test.c:1674:3:1675:10 | right-shift | The operand lhs3 is right-shifted by an expression rhs6 which is greater than or equal to in precision. | +| test.c:1676:3:1677:10 | right-shift | The operand lhs3 is right-shifted by an expression rhs7 which is greater than or equal to in precision. | +| test.c:1678:3:1679:10 | right-shift | The operand lhs3 is right-shifted by an expression rhs8 which is greater than or equal to in precision. | +| test.c:1680:3:1681:10 | right-shift | The operand lhs3 is right-shifted by an expression rhs9 which is greater than or equal to in precision. | +| test.c:1682:3:1682:15 | right-shift | The operand lhs3 is right-shifted by an expression rhs10 which is greater than or equal to in precision. | +| test.c:1684:3:1684:15 | right-shift | The operand lhs3 is right-shifted by an expression rhs11 which is greater than or equal to in precision. | +| test.c:1686:3:1686:15 | right-shift | The operand lhs3 is right-shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:1688:3:1688:15 | right-shift | The operand lhs3 is right-shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:1690:3:1690:15 | right-shift | The operand lhs3 is right-shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:1695:3:1696:10 | right-shift | The operand lhs4 is right-shifted by an expression rhs3 which is greater than or equal to in precision. | +| test.c:1697:3:1698:10 | right-shift | The operand lhs4 is right-shifted by an expression rhs4 which is greater than or equal to in precision. | +| test.c:1699:3:1700:10 | right-shift | The operand lhs4 is right-shifted by an expression rhs5 which is greater than or equal to in precision. | +| test.c:1701:3:1702:10 | right-shift | The operand lhs4 is right-shifted by an expression rhs6 which is greater than or equal to in precision. | +| test.c:1703:3:1704:10 | right-shift | The operand lhs4 is right-shifted by an expression rhs7 which is greater than or equal to in precision. | +| test.c:1705:3:1706:10 | right-shift | The operand lhs4 is right-shifted by an expression rhs8 which is greater than or equal to in precision. | +| test.c:1707:3:1708:10 | right-shift | The operand lhs4 is right-shifted by an expression rhs9 which is greater than or equal to in precision. | +| test.c:1709:3:1709:15 | right-shift | The operand lhs4 is right-shifted by an expression rhs10 which is greater than or equal to in precision. | +| test.c:1711:3:1711:15 | right-shift | The operand lhs4 is right-shifted by an expression rhs11 which is greater than or equal to in precision. | +| test.c:1713:3:1713:15 | right-shift | The operand lhs4 is right-shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:1715:3:1715:15 | right-shift | The operand lhs4 is right-shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:1717:3:1717:15 | right-shift | The operand lhs4 is right-shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:1722:3:1723:10 | right-shift | The operand lhs5 is right-shifted by an expression rhs3 which is greater than or equal to in precision. | +| test.c:1724:3:1725:10 | right-shift | The operand lhs5 is right-shifted by an expression rhs4 which is greater than or equal to in precision. | +| test.c:1726:3:1727:10 | right-shift | The operand lhs5 is right-shifted by an expression rhs5 which is greater than or equal to in precision. | +| test.c:1728:3:1729:10 | right-shift | The operand lhs5 is right-shifted by an expression rhs6 which is greater than or equal to in precision. | +| test.c:1730:3:1731:10 | right-shift | The operand lhs5 is right-shifted by an expression rhs7 which is greater than or equal to in precision. | +| test.c:1732:3:1733:10 | right-shift | The operand lhs5 is right-shifted by an expression rhs8 which is greater than or equal to in precision. | +| test.c:1734:3:1735:10 | right-shift | The operand lhs5 is right-shifted by an expression rhs9 which is greater than or equal to in precision. | +| test.c:1736:3:1736:15 | right-shift | The operand lhs5 is right-shifted by an expression rhs10 which is greater than or equal to in precision. | +| test.c:1738:3:1738:15 | right-shift | The operand lhs5 is right-shifted by an expression rhs11 which is greater than or equal to in precision. | +| test.c:1740:3:1740:15 | right-shift | The operand lhs5 is right-shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:1742:3:1742:15 | right-shift | The operand lhs5 is right-shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:1744:3:1744:15 | right-shift | The operand lhs5 is right-shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:1752:3:1753:10 | right-shift | The operand lhs6 is right-shifted by an expression rhs6 which is greater than or equal to in precision. | +| test.c:1756:3:1757:10 | right-shift | The operand lhs6 is right-shifted by an expression rhs9 which is greater than or equal to in precision. | +| test.c:1760:3:1760:15 | right-shift | The operand lhs6 is right-shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:1762:3:1762:15 | right-shift | The operand lhs6 is right-shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:1764:3:1764:15 | right-shift | The operand lhs6 is right-shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:1772:3:1773:10 | right-shift | The operand lhs7 is right-shifted by an expression rhs6 which is greater than or equal to in precision. | +| test.c:1774:3:1775:10 | right-shift | The operand lhs7 is right-shifted by an expression rhs7 which is greater than or equal to in precision. | +| test.c:1776:3:1777:10 | right-shift | The operand lhs7 is right-shifted by an expression rhs8 which is greater than or equal to in precision. | +| test.c:1778:3:1779:10 | right-shift | The operand lhs7 is right-shifted by an expression rhs9 which is greater than or equal to in precision. | +| test.c:1780:3:1780:15 | right-shift | The operand lhs7 is right-shifted by an expression rhs10 which is greater than or equal to in precision. | +| test.c:1782:3:1782:15 | right-shift | The operand lhs7 is right-shifted by an expression rhs11 which is greater than or equal to in precision. | +| test.c:1784:3:1784:15 | right-shift | The operand lhs7 is right-shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:1786:3:1786:15 | right-shift | The operand lhs7 is right-shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:1788:3:1788:15 | right-shift | The operand lhs7 is right-shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:1796:3:1797:10 | right-shift | The operand lhs8 is right-shifted by an expression rhs6 which is greater than or equal to in precision. | +| test.c:1798:3:1799:10 | right-shift | The operand lhs8 is right-shifted by an expression rhs7 which is greater than or equal to in precision. | +| test.c:1800:3:1801:10 | right-shift | The operand lhs8 is right-shifted by an expression rhs8 which is greater than or equal to in precision. | +| test.c:1802:3:1803:10 | right-shift | The operand lhs8 is right-shifted by an expression rhs9 which is greater than or equal to in precision. | +| test.c:1804:3:1804:15 | right-shift | The operand lhs8 is right-shifted by an expression rhs10 which is greater than or equal to in precision. | +| test.c:1806:3:1806:15 | right-shift | The operand lhs8 is right-shifted by an expression rhs11 which is greater than or equal to in precision. | +| test.c:1808:3:1808:15 | right-shift | The operand lhs8 is right-shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:1810:3:1810:15 | right-shift | The operand lhs8 is right-shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:1812:3:1812:15 | right-shift | The operand lhs8 is right-shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:1828:3:1828:15 | right-shift | The operand lhs9 is right-shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:1852:3:1852:16 | right-shift | The operand lhs10 is right-shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:1854:3:1854:16 | right-shift | The operand lhs10 is right-shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:1856:3:1856:16 | right-shift | The operand lhs10 is right-shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:1876:3:1876:16 | right-shift | The operand lhs11 is right-shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:1878:3:1878:16 | right-shift | The operand lhs11 is right-shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:1880:3:1880:16 | right-shift | The operand lhs11 is right-shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:1894:3:1894:16 | right-shift | The operand lhs12 is right-shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:1910:3:1910:16 | right-shift | The operand lhs13 is right-shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:1912:3:1912:16 | right-shift | The operand lhs13 is right-shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:1914:3:1914:16 | right-shift | The operand lhs13 is right-shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:1928:3:1928:16 | right-shift | The operand lhs14 is right-shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:1930:3:1930:16 | right-shift | The operand lhs14 is right-shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:1932:3:1932:16 | right-shift | The operand lhs14 is right-shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:3115:3:3115:12 | left-shift | The operand lhs0 is left-shifted by a negative expression - .... | +| test.c:3116:3:3116:12 | left-shift | The operand lhs1 is left-shifted by a negative expression - .... | +| test.c:3117:3:3117:12 | left-shift | The operand lhs2 is left-shifted by a negative expression - .... | +| test.c:3118:3:3118:12 | left-shift | The operand lhs3 is left-shifted by a negative expression - .... | +| test.c:3119:3:3119:12 | left-shift | The operand lhs4 is left-shifted by a negative expression - .... | +| test.c:3120:3:3120:12 | left-shift | The operand lhs5 is left-shifted by a negative expression - .... | +| test.c:3121:3:3121:12 | left-shift | The operand lhs6 is left-shifted by a negative expression - .... | +| test.c:3122:3:3122:12 | left-shift | The operand lhs7 is left-shifted by a negative expression - .... | +| test.c:3123:3:3123:12 | left-shift | The operand lhs8 is left-shifted by a negative expression - .... | +| test.c:3124:3:3124:12 | left-shift | The operand lhs9 is left-shifted by a negative expression - .... | +| test.c:3125:3:3125:13 | left-shift | The operand lhs10 is left-shifted by a negative expression - .... | +| test.c:3126:3:3126:13 | left-shift | The operand lhs11 is left-shifted by a negative expression - .... | +| test.c:3127:3:3127:13 | left-shift | The operand lhs12 is left-shifted by a negative expression - .... | +| test.c:3128:3:3128:13 | left-shift | The operand lhs13 is left-shifted by a negative expression - .... | +| test.c:3129:3:3129:13 | left-shift | The operand lhs14 is left-shifted by a negative expression - .... | \ No newline at end of file From e2ef453326dcb6891da836d2567d2fda5bfc17de Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Fri, 24 Mar 2023 10:22:15 -0700 Subject: [PATCH 0873/2573] Put back StandardLibraryFunctionTypes --- .../src/codingstandards/cpp/exclusions/c/RuleMetadata.qll | 3 +++ 1 file changed, 3 insertions(+) diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index dc8bdcbae2..1feb3bfea7 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -48,6 +48,7 @@ import Preprocessor5 import Preprocessor6 import SideEffects1 import SideEffects2 +import StandardLibraryFunctionTypes import SignalHandlers import Strings1 import Strings2 @@ -102,6 +103,7 @@ newtype TCQuery = TPreprocessor6PackageQuery(Preprocessor6Query q) or TSideEffects1PackageQuery(SideEffects1Query q) or TSideEffects2PackageQuery(SideEffects2Query q) or + TStandardLibraryFunctionTypesPackageQuery(StandardLibraryFunctionTypesQuery q) or TSignalHandlersPackageQuery(SignalHandlersQuery q) or TStrings1PackageQuery(Strings1Query q) or TStrings2PackageQuery(Strings2Query q) or @@ -156,6 +158,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isPreprocessor6QueryMetadata(query, queryId, ruleId, category) or isSideEffects1QueryMetadata(query, queryId, ruleId, category) or isSideEffects2QueryMetadata(query, queryId, ruleId, category) or + isStandardLibraryFunctionTypesQueryMetadata(query, queryId, ruleId, category) or isSignalHandlersQueryMetadata(query, queryId, ruleId, category) or isStrings1QueryMetadata(query, queryId, ruleId, category) or isStrings2QueryMetadata(query, queryId, ruleId, category) or From 63b12560d4b71ff5d73ff8ac647caa9a1b4cdab8 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Fri, 24 Mar 2023 10:28:46 -0700 Subject: [PATCH 0874/2573] Modify RuleMetadata --- .../src/codingstandards/cpp/exclusions/c/RuleMetadata.qll | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index 1feb3bfea7..977123ae5d 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -48,8 +48,8 @@ import Preprocessor5 import Preprocessor6 import SideEffects1 import SideEffects2 -import StandardLibraryFunctionTypes import SignalHandlers +import StandardLibraryFunctionTypes import Strings1 import Strings2 import Strings3 @@ -103,8 +103,8 @@ newtype TCQuery = TPreprocessor6PackageQuery(Preprocessor6Query q) or TSideEffects1PackageQuery(SideEffects1Query q) or TSideEffects2PackageQuery(SideEffects2Query q) or - TStandardLibraryFunctionTypesPackageQuery(StandardLibraryFunctionTypesQuery q) or TSignalHandlersPackageQuery(SignalHandlersQuery q) or + TStandardLibraryFunctionTypesPackageQuery(StandardLibraryFunctionTypesQuery q) or TStrings1PackageQuery(Strings1Query q) or TStrings2PackageQuery(Strings2Query q) or TStrings3PackageQuery(Strings3Query q) or @@ -158,8 +158,8 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isPreprocessor6QueryMetadata(query, queryId, ruleId, category) or isSideEffects1QueryMetadata(query, queryId, ruleId, category) or isSideEffects2QueryMetadata(query, queryId, ruleId, category) or - isStandardLibraryFunctionTypesQueryMetadata(query, queryId, ruleId, category) or isSignalHandlersQueryMetadata(query, queryId, ruleId, category) or + isStandardLibraryFunctionTypesQueryMetadata(query, queryId, ruleId, category) or isStrings1QueryMetadata(query, queryId, ruleId, category) or isStrings2QueryMetadata(query, queryId, ruleId, category) or isStrings3QueryMetadata(query, queryId, ruleId, category) or From 556a75797bc6b911ff9b150c0813f11872c85838 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Fri, 24 Mar 2023 10:36:45 -0700 Subject: [PATCH 0875/2573] Make test.cpp compile --- cpp/autosar/test/rules/A0-1-1/test.cpp | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/test/rules/A0-1-1/test.cpp b/cpp/autosar/test/rules/A0-1-1/test.cpp index 45cee07d65..824d649c6a 100644 --- a/cpp/autosar/test/rules/A0-1-1/test.cpp +++ b/cpp/autosar/test/rules/A0-1-1/test.cpp @@ -31,8 +31,11 @@ static void foo(B &b) noexcept { b4.g(); auto &b5 = *new B(); b5.g(); - auto &b5 = new B(); - b5.g(); + /* Below causes a compile error (non-const reference when initialized should + * hold an lvalue) + */ + // auto &b6 = new B(); + // b6.g(); } template void test() { From b5bc63980b29fef41f1231c9eeef6d97fd83d065 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Fri, 24 Mar 2023 19:22:46 +0100 Subject: [PATCH 0876/2573] Remove shared implementation --- .../OverlappingObjectAssignment.expected | 1 - .../OverlappingObjectAssignment.ql | 2 - .../rules/overlappingobjectassignment/test.c | 10 ----- .../ObjectAssignedToAnOverlappingObject.ql | 45 ++++++++++++++++--- .../ObjectCopiedToAnOverlappingObject.ql | 20 ++++----- ...jectAssignedToAnOverlappingObject.expected | 1 + .../ObjectAssignedToAnOverlappingObject.qlref | 1 + ...bjectAssignedToAnOverlappingObject.testref | 1 - ...ObjectCopiedToAnOverlappingObject.expected | 10 ++--- c/misra/test/rules/RULE-19-1/test.c | 5 +++ .../ObjectAssignedToAnOverlappingObject.ql | 44 +++++++++++++++--- ...jectAssignedToAnOverlappingObject.expected | 1 + .../ObjectAssignedToAnOverlappingObject.qlref | 1 + rule_packages/c/Contracts7.json | 3 +- rule_packages/cpp/Representation.json | 1 - 15 files changed, 101 insertions(+), 45 deletions(-) delete mode 100644 c/common/test/rules/overlappingobjectassignment/OverlappingObjectAssignment.expected delete mode 100644 c/common/test/rules/overlappingobjectassignment/OverlappingObjectAssignment.ql delete mode 100644 c/common/test/rules/overlappingobjectassignment/test.c create mode 100644 c/misra/test/rules/RULE-19-1/ObjectAssignedToAnOverlappingObject.expected create mode 100644 c/misra/test/rules/RULE-19-1/ObjectAssignedToAnOverlappingObject.qlref delete mode 100644 c/misra/test/rules/RULE-19-1/ObjectAssignedToAnOverlappingObject.testref create mode 100644 cpp/autosar/test/rules/M0-2-1/ObjectAssignedToAnOverlappingObject.expected create mode 100644 cpp/autosar/test/rules/M0-2-1/ObjectAssignedToAnOverlappingObject.qlref diff --git a/c/common/test/rules/overlappingobjectassignment/OverlappingObjectAssignment.expected b/c/common/test/rules/overlappingobjectassignment/OverlappingObjectAssignment.expected deleted file mode 100644 index aae52beb58..0000000000 --- a/c/common/test/rules/overlappingobjectassignment/OverlappingObjectAssignment.expected +++ /dev/null @@ -1 +0,0 @@ -| test.c:9:3:9:11 | ... = ... | An object $@ assigned to overlapping object $@. | test.c:9:5:9:5 | l | l | test.c:9:11:9:11 | i | i | diff --git a/c/common/test/rules/overlappingobjectassignment/OverlappingObjectAssignment.ql b/c/common/test/rules/overlappingobjectassignment/OverlappingObjectAssignment.ql deleted file mode 100644 index 7bac912c6d..0000000000 --- a/c/common/test/rules/overlappingobjectassignment/OverlappingObjectAssignment.ql +++ /dev/null @@ -1,2 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.overlappingobjectassignment.OverlappingObjectAssignment diff --git a/c/common/test/rules/overlappingobjectassignment/test.c b/c/common/test/rules/overlappingobjectassignment/test.c deleted file mode 100644 index dbaa6b947c..0000000000 --- a/c/common/test/rules/overlappingobjectassignment/test.c +++ /dev/null @@ -1,10 +0,0 @@ -#include - -void f(void) { - union { - int i; - long l; - } u = {0}; - - u.l = u.i; // NON_COMPLIANT -} diff --git a/c/misra/src/rules/RULE-19-1/ObjectAssignedToAnOverlappingObject.ql b/c/misra/src/rules/RULE-19-1/ObjectAssignedToAnOverlappingObject.ql index 860d7aa7d9..b39ce4fba4 100644 --- a/c/misra/src/rules/RULE-19-1/ObjectAssignedToAnOverlappingObject.ql +++ b/c/misra/src/rules/RULE-19-1/ObjectAssignedToAnOverlappingObject.ql @@ -1,7 +1,7 @@ /** * @id c/misra/object-assigned-to-an-overlapping-object * @name RULE-19-1: An object shall not be assigned to an overlapping object - * @description An object shall not be assigned to an overlapping object. + * @description An object shall not be copied or assigned to an overlapping object. * @kind problem * @precision high * @problem.severity error @@ -12,10 +12,43 @@ import cpp import codingstandards.c.misra -import codingstandards.cpp.rules.overlappingobjectassignment.OverlappingObjectAssignment +import semmle.code.cpp.valuenumbering.GlobalValueNumbering -class ObjectAssignedToAnOverlappingObjectQuery extends OverlappingObjectAssignmentSharedQuery { - ObjectAssignedToAnOverlappingObjectQuery() { - this = Contracts7Package::objectAssignedToAnOverlappingObjectQuery() - } +VariableAccess getAQualifier(VariableAccess va) { result = va.getQualifier+() } + +int getAccessByteOffset(FieldAccess fa) { + not fa.getQualifier() instanceof FieldAccess and result = fa.getTarget().getByteOffset() + or + result = fa.getTarget().getByteOffset() + getAccessByteOffset(fa.getQualifier()) +} + +predicate overlaps(FieldAccess fa1, FieldAccess fa2) { + exists(int startfa1, int endfa1, int startfa2, int endfa2 | + startfa1 = getAccessByteOffset(fa1) and + endfa1 = startfa1 + fa1.getTarget().getType().getSize() - 1 and + startfa2 = getAccessByteOffset(fa2) and + endfa2 = startfa2 + fa2.getTarget().getType().getSize() - 1 + | + startfa1 = startfa2 and endfa1 = endfa2 + or + startfa1 > startfa2 and endfa1 < endfa2 + or + startfa1 < startfa2 and endfa1 < endfa2 and endfa1 > startfa2 + or + startfa1 > startfa2 and endfa1 > endfa2 and startfa1 < endfa2 + ) } + +from AssignExpr assignExpr, Expr lhs, Expr rhs, ValueFieldAccess valuelhs, ValueFieldAccess valuerhs +where + not isExcluded(assignExpr, Contracts7Package::objectAssignedToAnOverlappingObjectQuery()) and + lhs.getType() instanceof Union and + rhs.getType() instanceof Union and + lhs = getAQualifier(assignExpr.getLValue()) and + rhs = getAQualifier(assignExpr.getRValue()) and + globalValueNumber(lhs) = globalValueNumber(rhs) and + valuerhs = assignExpr.getRValue() and + valuelhs = assignExpr.getLValue() and // a.b.c == ((a.b).c) + overlaps(valuelhs, valuerhs) +select assignExpr, "An object $@ assigned to overlapping object $@.", valuelhs, + valuelhs.getTarget().getName(), valuerhs, valuerhs.getTarget().getName() diff --git a/c/misra/src/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.ql b/c/misra/src/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.ql index 915f7cf1bb..fe1226dcea 100644 --- a/c/misra/src/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.ql +++ b/c/misra/src/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.ql @@ -24,14 +24,11 @@ int getAccessByteOffset(FieldAccess fa) { result = fa.getTarget().getByteOffset() + getAccessByteOffset(fa.getQualifier()) } -/** - * Models calls to memcpy on overlapping objects - */ -class MemcpyCall extends Locatable { +class OverlappingCopy extends Locatable { Expr src; Expr dst; - MemcpyCall() { + OverlappingCopy() { this.(MacroInvocation).getMacroName() = "memcpy" and src = this.(MacroInvocation).getExpr().getChild(1) and dst = this.(MacroInvocation).getExpr().getChild(0) @@ -65,14 +62,13 @@ class MemcpyCall extends Locatable { e instanceof VariableAccess and result = 0 } - // maximum amount of element copied int getCount() { result = upperBound([this.(MacroInvocation).getExpr().getChild(2), this.(FunctionCall).getArgument(2)]) } // source and destination overlap - predicate overlap() { + predicate overlaps() { globalValueNumber(this.getBase(src)) = globalValueNumber(this.getBase(dst)) and exists(int dstStart, int dstEnd, int srcStart, int srcEnd | dstStart = this.getOffset(dst) and @@ -96,9 +92,9 @@ class MemcpyCall extends Locatable { } } -from MemcpyCall memcpy +from OverlappingCopy copy where - not isExcluded(memcpy, Contracts7Package::objectCopiedToAnOverlappingObjectQuery()) and - memcpy.overlap() -select memcpy, "The object to copy $@ overlaps the object to copy $@.", memcpy.getSrc(), "from", - memcpy.getDst(), "to" + not isExcluded(copy, Contracts7Package::objectCopiedToAnOverlappingObjectQuery()) and + copy.overlaps() +select copy, "The object to copy $@ overlaps the object to copy $@.", copy.getSrc(), "from", + copy.getDst(), "to" diff --git a/c/misra/test/rules/RULE-19-1/ObjectAssignedToAnOverlappingObject.expected b/c/misra/test/rules/RULE-19-1/ObjectAssignedToAnOverlappingObject.expected new file mode 100644 index 0000000000..bc8f4461ec --- /dev/null +++ b/c/misra/test/rules/RULE-19-1/ObjectAssignedToAnOverlappingObject.expected @@ -0,0 +1 @@ +| test.c:55:3:55:18 | ... = ... | An object $@ assigned to overlapping object $@. | test.c:55:9:55:10 | m2 | m2 | test.c:55:17:55:18 | m1 | m1 | diff --git a/c/misra/test/rules/RULE-19-1/ObjectAssignedToAnOverlappingObject.qlref b/c/misra/test/rules/RULE-19-1/ObjectAssignedToAnOverlappingObject.qlref new file mode 100644 index 0000000000..088eafa869 --- /dev/null +++ b/c/misra/test/rules/RULE-19-1/ObjectAssignedToAnOverlappingObject.qlref @@ -0,0 +1 @@ +rules/RULE-19-1/ObjectAssignedToAnOverlappingObject.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-19-1/ObjectAssignedToAnOverlappingObject.testref b/c/misra/test/rules/RULE-19-1/ObjectAssignedToAnOverlappingObject.testref deleted file mode 100644 index 7d46b86a5e..0000000000 --- a/c/misra/test/rules/RULE-19-1/ObjectAssignedToAnOverlappingObject.testref +++ /dev/null @@ -1 +0,0 @@ -c/common/test/rules/overlappingobjectassignment/OverlappingObjectAssignment.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.expected b/c/misra/test/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.expected index 53fa5d317c..fe2db5318c 100644 --- a/c/misra/test/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.expected +++ b/c/misra/test/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.expected @@ -1,5 +1,5 @@ -| test.c:5:3:5:8 | call to memcpy | The object to copy $@ overlaps the object to copy $@. | test.c:5:17:5:21 | & ... | from | test.c:5:10:5:14 | & ... | to | -| test.c:7:3:7:8 | call to memcpy | The object to copy $@ overlaps the object to copy $@. | test.c:7:17:7:21 | & ... | from | test.c:7:10:7:14 | & ... | to | -| test.c:8:3:8:8 | call to memcpy | The object to copy $@ overlaps the object to copy $@. | test.c:8:17:8:17 | o | from | test.c:8:10:8:14 | ... + ... | to | -| test.c:10:3:10:8 | call to memcpy | The object to copy $@ overlaps the object to copy $@. | test.c:10:17:10:21 | ... + ... | from | test.c:10:10:10:14 | ... + ... | to | -| test.c:52:3:52:8 | call to memcpy | The object to copy $@ overlaps the object to copy $@. | test.c:52:21:52:26 | & ... | from | test.c:52:10:52:18 | & ... | to | +| test.c:8:3:8:8 | call to memcpy | The object to copy $@ overlaps the object to copy $@. | test.c:8:17:8:21 | & ... | from | test.c:8:10:8:14 | & ... | to | +| test.c:10:3:10:8 | call to memcpy | The object to copy $@ overlaps the object to copy $@. | test.c:10:17:10:21 | & ... | from | test.c:10:10:10:14 | & ... | to | +| test.c:11:3:11:8 | call to memcpy | The object to copy $@ overlaps the object to copy $@. | test.c:11:17:11:17 | o | from | test.c:11:10:11:14 | ... + ... | to | +| test.c:13:3:13:8 | call to memcpy | The object to copy $@ overlaps the object to copy $@. | test.c:13:17:13:21 | ... + ... | from | test.c:13:10:13:14 | ... + ... | to | +| test.c:57:3:57:8 | call to memcpy | The object to copy $@ overlaps the object to copy $@. | test.c:57:21:57:26 | & ... | from | test.c:57:10:57:18 | & ... | to | diff --git a/c/misra/test/rules/RULE-19-1/test.c b/c/misra/test/rules/RULE-19-1/test.c index 52ec744faf..7f445993cc 100644 --- a/c/misra/test/rules/RULE-19-1/test.c +++ b/c/misra/test/rules/RULE-19-1/test.c @@ -2,6 +2,9 @@ int o[10]; void g(void) { + + o[2] = o[0]; // COMPLIANT + memcpy(&o[1], &o[0], 2); // NON_COMPLIANT memcpy(&o[2], &o[0], 2); // COMPLIANT memcpy(&o[2], &o[1], 2); // NON_COMPLIANT @@ -49,6 +52,8 @@ union { } u2; void test_unions() { + u1.m2.m2 = u1.m1; // NON_COMPLIANT + memcpy(&u1.m2.m2, &u1.m1, sizeof(u1.m1)); // NON_COMPLIANT memcpy(&u2.diff.suffix, &u2.fnv.suffix, sizeof(u2.fnv.suffix)); // COMPLIANT } \ No newline at end of file diff --git a/cpp/autosar/src/rules/M0-2-1/ObjectAssignedToAnOverlappingObject.ql b/cpp/autosar/src/rules/M0-2-1/ObjectAssignedToAnOverlappingObject.ql index 4a14901aff..17119af07e 100644 --- a/cpp/autosar/src/rules/M0-2-1/ObjectAssignedToAnOverlappingObject.ql +++ b/cpp/autosar/src/rules/M0-2-1/ObjectAssignedToAnOverlappingObject.ql @@ -12,12 +12,46 @@ * external/autosar/obligation/required */ +//Assignment between different active members of same union instance import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.overlappingobjectassignment.OverlappingObjectAssignment +import semmle.code.cpp.valuenumbering.GlobalValueNumbering -class ObjectAssignedToAnOverlappingObjectQuery extends OverlappingObjectAssignmentSharedQuery { - ObjectAssignedToAnOverlappingObjectQuery() { - this = RepresentationPackage::objectAssignedToAnOverlappingObjectQuery() - } +VariableAccess getAQualifier(VariableAccess va) { result = va.getQualifier+() } + +int getAccessByteOffset(FieldAccess fa) { + not fa.getQualifier() instanceof FieldAccess and result = fa.getTarget().getByteOffset() + or + result = fa.getTarget().getByteOffset() + getAccessByteOffset(fa.getQualifier()) +} + +predicate overlaps(FieldAccess fa1, FieldAccess fa2) { + exists(int startfa1, int endfa1, int startfa2, int endfa2 | + startfa1 = getAccessByteOffset(fa1) and + endfa1 = startfa1 + fa1.getTarget().getType().getSize() - 1 and + startfa2 = getAccessByteOffset(fa2) and + endfa2 = startfa2 + fa2.getTarget().getType().getSize() - 1 + | + startfa1 = startfa2 and endfa1 = endfa2 + or + startfa1 > startfa2 and endfa1 < endfa2 + or + startfa1 < startfa2 and endfa1 < endfa2 and endfa1 > startfa2 + or + startfa1 > startfa2 and endfa1 > endfa2 and startfa1 < endfa2 + ) } + +from AssignExpr assignExpr, Expr lhs, Expr rhs, ValueFieldAccess valuelhs, ValueFieldAccess valuerhs +where + not isExcluded(assignExpr, RepresentationPackage::objectAssignedToAnOverlappingObjectQuery()) and + lhs.getType() instanceof Union and + rhs.getType() instanceof Union and + lhs = getAQualifier(assignExpr.getLValue()) and + rhs = getAQualifier(assignExpr.getRValue()) and + globalValueNumber(lhs) = globalValueNumber(rhs) and + valuerhs = assignExpr.getRValue() and + valuelhs = assignExpr.getLValue() and // a.b.c == ((a.b).c) + overlaps(valuelhs, valuerhs) +select assignExpr, "An object $@ assigned to overlapping object $@.", valuelhs, + valuelhs.getTarget().getName(), valuerhs, valuerhs.getTarget().getName() diff --git a/cpp/autosar/test/rules/M0-2-1/ObjectAssignedToAnOverlappingObject.expected b/cpp/autosar/test/rules/M0-2-1/ObjectAssignedToAnOverlappingObject.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/cpp/autosar/test/rules/M0-2-1/ObjectAssignedToAnOverlappingObject.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/cpp/autosar/test/rules/M0-2-1/ObjectAssignedToAnOverlappingObject.qlref b/cpp/autosar/test/rules/M0-2-1/ObjectAssignedToAnOverlappingObject.qlref new file mode 100644 index 0000000000..54e12483d0 --- /dev/null +++ b/cpp/autosar/test/rules/M0-2-1/ObjectAssignedToAnOverlappingObject.qlref @@ -0,0 +1 @@ +rules/M0-2-1/ObjectAssignedToAnOverlappingObject.ql \ No newline at end of file diff --git a/rule_packages/c/Contracts7.json b/rule_packages/c/Contracts7.json index 39642bdbfd..38a038621e 100644 --- a/rule_packages/c/Contracts7.json +++ b/rule_packages/c/Contracts7.json @@ -66,13 +66,12 @@ }, "queries": [ { - "description": "An object shall not be assigned to an overlapping object.", + "description": "An object shall not be copied or assigned to an overlapping object.", "kind": "problem", "name": "An object shall not be assigned to an overlapping object", "precision": "high", "severity": "error", "short_name": "ObjectAssignedToAnOverlappingObject", - "shared_implementation_short_name": "OverlappingObjectAssignment", "tags": [ "correctness" ] diff --git a/rule_packages/cpp/Representation.json b/rule_packages/cpp/Representation.json index c856580bb3..4428966e87 100644 --- a/rule_packages/cpp/Representation.json +++ b/rule_packages/cpp/Representation.json @@ -50,7 +50,6 @@ "precision": "high", "severity": "error", "short_name": "ObjectAssignedToAnOverlappingObject", - "shared_implementation_short_name": "OverlappingObjectAssignment", "tags": [ "correctness" ] From d47f5ec24ee175663727917058505a9cae7ac747 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Fri, 24 Mar 2023 21:51:58 +0100 Subject: [PATCH 0877/2573] Remove shared query --- .../OverlappingObjectAssignment.qll | 55 ------------------- .../OverlappingObjectAssignment.expected | 1 - .../OverlappingObjectAssignment.ql | 2 - .../overlappingobjectassignment/test.cpp | 54 ------------------ 4 files changed, 112 deletions(-) delete mode 100644 cpp/common/src/codingstandards/cpp/rules/overlappingobjectassignment/OverlappingObjectAssignment.qll delete mode 100644 cpp/common/test/rules/overlappingobjectassignment/OverlappingObjectAssignment.expected delete mode 100644 cpp/common/test/rules/overlappingobjectassignment/OverlappingObjectAssignment.ql delete mode 100644 cpp/common/test/rules/overlappingobjectassignment/test.cpp diff --git a/cpp/common/src/codingstandards/cpp/rules/overlappingobjectassignment/OverlappingObjectAssignment.qll b/cpp/common/src/codingstandards/cpp/rules/overlappingobjectassignment/OverlappingObjectAssignment.qll deleted file mode 100644 index 97062e4520..0000000000 --- a/cpp/common/src/codingstandards/cpp/rules/overlappingobjectassignment/OverlappingObjectAssignment.qll +++ /dev/null @@ -1,55 +0,0 @@ -/** - * Provides a library which includes a `problems` predicate for reporting.... - */ - -import cpp -import codingstandards.cpp.Customizations -import codingstandards.cpp.Exclusions -import semmle.code.cpp.valuenumbering.GlobalValueNumbering - -abstract class OverlappingObjectAssignmentSharedQuery extends Query { } - -Query getQuery() { result instanceof OverlappingObjectAssignmentSharedQuery } - -VariableAccess getAQualifier(VariableAccess va) { result = va.getQualifier+() } - -int getAccessByteOffset(FieldAccess fa) { - not fa.getQualifier() instanceof FieldAccess and result = fa.getTarget().getByteOffset() - or - result = fa.getTarget().getByteOffset() + getAccessByteOffset(fa.getQualifier()) -} - -predicate overlaps(FieldAccess fa1, FieldAccess fa2) { - exists(int startfa1, int endfa1, int startfa2, int endfa2 | - startfa1 = getAccessByteOffset(fa1) and - endfa1 = startfa1 + fa1.getTarget().getType().getSize() - 1 and - startfa2 = getAccessByteOffset(fa2) and - endfa2 = startfa2 + fa2.getTarget().getType().getSize() - 1 - | - startfa2 >= startfa1 and endfa2 <= endfa1 - or - startfa2 <= startfa1 and endfa2 > startfa1 - or - startfa2 < endfa1 and endfa2 >= startfa1 - ) -} - -query predicate problems( - AssignExpr assignExpr, string message, ValueFieldAccess valuelhs, string valuelhsDesc, - ValueFieldAccess valuerhs, string valuerhsDesc -) { - not isExcluded(assignExpr, getQuery()) and - exists(Expr lhs, Expr rhs | - lhs.getType() instanceof Union and - rhs.getType() instanceof Union and - lhs = getAQualifier(assignExpr.getLValue()) and - rhs = getAQualifier(assignExpr.getRValue()) and - globalValueNumber(lhs) = globalValueNumber(rhs) and - valuerhs = assignExpr.getRValue() and - valuelhs = assignExpr.getLValue() and // a.b.c == ((a.b).c) - overlaps(valuelhs, valuerhs) and - message = "An object $@ assigned to overlapping object $@." and - valuelhsDesc = valuelhs.getTarget().getName() and - valuerhsDesc = valuerhs.getTarget().getName() - ) -} diff --git a/cpp/common/test/rules/overlappingobjectassignment/OverlappingObjectAssignment.expected b/cpp/common/test/rules/overlappingobjectassignment/OverlappingObjectAssignment.expected deleted file mode 100644 index 13b670e4d9..0000000000 --- a/cpp/common/test/rules/overlappingobjectassignment/OverlappingObjectAssignment.expected +++ /dev/null @@ -1 +0,0 @@ -| test.cpp:37:3:37:18 | ... = ... | An object $@ assigned to overlapping object $@. | test.cpp:37:9:37:10 | m2 | m2 | test.cpp:37:17:37:18 | m1 | m1 | diff --git a/cpp/common/test/rules/overlappingobjectassignment/OverlappingObjectAssignment.ql b/cpp/common/test/rules/overlappingobjectassignment/OverlappingObjectAssignment.ql deleted file mode 100644 index 7bac912c6d..0000000000 --- a/cpp/common/test/rules/overlappingobjectassignment/OverlappingObjectAssignment.ql +++ /dev/null @@ -1,2 +0,0 @@ -// GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.overlappingobjectassignment.OverlappingObjectAssignment diff --git a/cpp/common/test/rules/overlappingobjectassignment/test.cpp b/cpp/common/test/rules/overlappingobjectassignment/test.cpp deleted file mode 100644 index 3329f12824..0000000000 --- a/cpp/common/test/rules/overlappingobjectassignment/test.cpp +++ /dev/null @@ -1,54 +0,0 @@ - -struct s1 { - int m1[10]; -}; -struct s2 { - int m1; - struct s1 m2; -}; - -union u { - struct s1 m1; - struct s2 m2; -}; - -typedef struct { - char buf[8]; -} Union_t; - -typedef union { - - unsigned char uc[24]; - - struct { - Union_t prefix; - Union_t suffix; - } fnv; - - struct { - unsigned char padding[16]; - Union_t suffix; - } diff; - -} UnionSecret_t; - -void overlapping_access() { - u u1; - u1.m2.m2 = u1.m1; // NON_COMPLIANT, different struct. u1.m2 and u1.m1 -} - -void cross_copy() { - UnionSecret_t hash1; - hash1.diff.suffix = - hash1.fnv.suffix; // COMPLIANT (copy across structs), but safe. -} - -void internal_shift() { - UnionSecret_t hash1; - hash1.fnv.prefix = hash1.fnv.suffix; // COMPLIANT, same struct. -} - -void separate_access() { - UnionSecret_t hash1, hash2; - hash2.diff.suffix = hash1.fnv.suffix; // COMPLIANT, different union. -} From 697e2e21b054843e5f979430167c8bd2f112a2ff Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 24 Mar 2023 22:13:32 +0000 Subject: [PATCH 0878/2573] IntegerOverflow: Expand supported operations * Support unary operations (unary plus/minus) * Support arithmetic assign operations --- .../UnsignedIntegerOperationsWrapAround.ql | 22 +++++---- .../rules/INT32-C/SignedIntegerOverflow.ql | 15 +++--- ...signedIntegerOperationsWrapAround.expected | 6 ++- c/cert/test/rules/INT30-C/test.c | 26 ++++++++-- .../INT32-C/SignedIntegerOverflow.expected | 23 ++++++--- c/cert/test/rules/INT32-C/test.c | 48 ++++++++++++++----- .../A4-7-1/IntegerExpressionLeadToDataLoss.ql | 6 ++- .../src/codingstandards/cpp/Overflow.qll | 48 +++++++++---------- 8 files changed, 122 insertions(+), 72 deletions(-) diff --git a/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql b/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql index f407cfb2a4..f0a692eca8 100644 --- a/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql +++ b/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql @@ -19,17 +19,19 @@ import codingstandards.cpp.Overflow import semmle.code.cpp.controlflow.Guards import semmle.code.cpp.valuenumbering.GlobalValueNumbering -/* TODO: review the table to restrict to only those operations that actually overflow */ -from InterestingBinaryOverflowingExpr bop +from InterestingOverflowingOperation op where - not isExcluded(bop, IntegerOverflowPackage::unsignedIntegerOperationsWrapAroundQuery()) and - bop.getType().getUnderlyingType().(IntegralType).isUnsigned() and + not isExcluded(op, IntegerOverflowPackage::unsignedIntegerOperationsWrapAroundQuery()) and + op.getType().getUnderlyingType().(IntegralType).isUnsigned() and // Not within a guard condition - not exists(GuardCondition gc | gc.getAChild*() = bop) and + not exists(GuardCondition gc | gc.getAChild*() = op) and // Not guarded by a check, where the check is not an invalid overflow check - not bop.getAGuardingGVN() = globalValueNumber(bop.getAChild*()) and + not op.getAGuardingGVN() = globalValueNumber(op.getAChild*()) and // Is not checked after the operation - not bop.hasValidPostCheck() -select bop, - "Binary expression ..." + bop.getOperator() + "... of type " + bop.getType().getUnderlyingType() + - " may wrap." + not op.hasValidPostCheck() and + // Permitted by exception 3 + not op instanceof LShiftExpr and + // Permitted by exception 2 - zero case is handled in separate query + not op instanceof DivExpr +select op, + "Operation " + op.getOperator() + " of type " + op.getType().getUnderlyingType() + " may wrap." diff --git a/c/cert/src/rules/INT32-C/SignedIntegerOverflow.ql b/c/cert/src/rules/INT32-C/SignedIntegerOverflow.ql index bb7fb2b41b..fc36644f89 100644 --- a/c/cert/src/rules/INT32-C/SignedIntegerOverflow.ql +++ b/c/cert/src/rules/INT32-C/SignedIntegerOverflow.ql @@ -18,15 +18,14 @@ import codingstandards.cpp.Overflow import semmle.code.cpp.controlflow.Guards import semmle.code.cpp.valuenumbering.GlobalValueNumbering -/* TODO: review the table to restrict to only those operations that actually overflow */ -from InterestingBinaryOverflowingExpr bop +from InterestingOverflowingOperation op where - not isExcluded(bop, IntegerOverflowPackage::signedIntegerOverflowQuery()) and - bop.getType().getUnderlyingType().(IntegralType).isSigned() and + not isExcluded(op, IntegerOverflowPackage::signedIntegerOverflowQuery()) and + op.getType().getUnderlyingType().(IntegralType).isSigned() and // Not checked before the operation - not bop.hasValidPreCheck() and + not op.hasValidPreCheck() and // Not guarded by a check, where the check is not an invalid overflow check - not bop.getAGuardingGVN() = globalValueNumber(bop.getAChild*()) -select bop, - "Binary expression ..." + bop.getOperator() + "... of type " + bop.getType().getUnderlyingType() + + not op.getAGuardingGVN() = globalValueNumber(op.getAChild*()) +select op, + "Operation " + op.getOperator() + " of type " + op.getType().getUnderlyingType() + " may overflow or underflow." diff --git a/c/cert/test/rules/INT30-C/UnsignedIntegerOperationsWrapAround.expected b/c/cert/test/rules/INT30-C/UnsignedIntegerOperationsWrapAround.expected index fd12bb76b9..76594d944b 100644 --- a/c/cert/test/rules/INT30-C/UnsignedIntegerOperationsWrapAround.expected +++ b/c/cert/test/rules/INT30-C/UnsignedIntegerOperationsWrapAround.expected @@ -1,2 +1,4 @@ -| test.c:4:3:4:9 | ... + ... | Binary expression ...+... of type unsigned int may wrap. | -| test.c:48:3:48:9 | ... - ... | Binary expression ...-... of type unsigned int may wrap. | +| test.c:4:3:4:9 | ... + ... | Operation + of type unsigned int may wrap. | +| test.c:5:3:5:10 | ... += ... | Operation += of type unsigned int may wrap. | +| test.c:58:3:58:9 | ... - ... | Operation - of type unsigned int may wrap. | +| test.c:59:3:59:10 | ... -= ... | Operation -= of type unsigned int may wrap. | diff --git a/c/cert/test/rules/INT30-C/test.c b/c/cert/test/rules/INT30-C/test.c index c1ea725873..433cf534f4 100644 --- a/c/cert/test/rules/INT30-C/test.c +++ b/c/cert/test/rules/INT30-C/test.c @@ -1,14 +1,16 @@ #include void test_add_simple(unsigned int i1, unsigned int i2) { - i1 + i2; // NON_COMPLIANT - not bounds checked + i1 + i2; // NON_COMPLIANT - not bounds checked + i1 += i2; // NON_COMPLIANT - not bounds checked } void test_add_precheck(unsigned int i1, unsigned int i2) { if (UINT_MAX - i1 < i2) { // handle error } else { - i1 + i2; // COMPLIANT - bounds checked + i1 + i2; // COMPLIANT - bounds checked + i1 += i2; // COMPLIANT - bounds checked } } @@ -16,7 +18,8 @@ void test_add_precheck_2(unsigned int i1, unsigned int i2) { if (i1 + i2 < i1) { // handle error } else { - i1 + i2; // COMPLIANT - bounds checked + i1 + i2; // COMPLIANT - bounds checked + i1 += i2; // COMPLIANT - bounds checked } } @@ -25,6 +28,10 @@ void test_add_postcheck(unsigned int i1, unsigned int i2) { if (i3 < i1) { // handle error } + i1 += i2; // COMPLIANT - checked for overflow afterwards + if (i1 < i2) { + // handle error + } } void test_ex2(unsigned int i1, unsigned int i2) { @@ -32,9 +39,12 @@ void test_ex2(unsigned int i1, unsigned int i2) { unsigned int ci2 = 3; ci1 + ci2; // COMPLIANT, compile time constants i1 + 0; // COMPLIANT + i1 += 0; // COMPLIANT i1 - 0; // COMPLIANT + i1 -= 0; // COMPLIANT UINT_MAX - i1; // COMPLIANT - cannot be smaller than 0 i1 * 1; // COMPLIANT + i1 *= 1; // COMPLIANT if (0 <= i1 && i1 < 32) { UINT_MAX >> i1; // COMPLIANT } @@ -45,14 +55,16 @@ void test_ex3(unsigned int i1, unsigned int i2) { } void test_sub_simple(unsigned int i1, unsigned int i2) { - i1 - i2; // NON_COMPLIANT - not bounds checked + i1 - i2; // NON_COMPLIANT - not bounds checked + i1 -= i2; // NON_COMPLIANT - not bounds checked } void test_sub_precheck(unsigned int i1, unsigned int i2) { if (i1 < i2) { // handle error } else { - i1 - i2; // COMPLIANT - bounds checked + i1 - i2; // COMPLIANT - bounds checked + i1 -= i2; // COMPLIANT - bounds checked } } @@ -61,4 +73,8 @@ void test_sub_postcheck(unsigned int i1, unsigned int i2) { if (i3 > i1) { // handle error } + i1 -= i2; // COMPLIANT - checked for wrap afterwards + if (i1 > i2) { + // handle error + } } \ No newline at end of file diff --git a/c/cert/test/rules/INT32-C/SignedIntegerOverflow.expected b/c/cert/test/rules/INT32-C/SignedIntegerOverflow.expected index 28d13a7488..cf86a60eb1 100644 --- a/c/cert/test/rules/INT32-C/SignedIntegerOverflow.expected +++ b/c/cert/test/rules/INT32-C/SignedIntegerOverflow.expected @@ -1,7 +1,16 @@ -| test.c:6:3:6:9 | ... + ... | Binary expression ...+... of type int may overflow or underflow. | -| test.c:20:7:20:13 | ... + ... | Binary expression ...+... of type int may overflow or underflow. | -| test.c:23:5:23:11 | ... + ... | Binary expression ...+... of type int may overflow or underflow. | -| test.c:28:19:28:25 | ... + ... | Binary expression ...+... of type int may overflow or underflow. | -| test.c:36:3:36:9 | ... - ... | Binary expression ...-... of type int may overflow or underflow. | -| test.c:49:19:49:25 | ... - ... | Binary expression ...-... of type int may overflow or underflow. | -| test.c:56:3:56:8 | ... * ... | Binary expression ...*... of type int may overflow or underflow. | +| test.c:6:3:6:9 | ... + ... | Operation + of type int may overflow or underflow. | +| test.c:7:3:7:10 | ... += ... | Operation += of type signed int may overflow or underflow. | +| test.c:22:7:22:13 | ... + ... | Operation + of type int may overflow or underflow. | +| test.c:25:5:25:11 | ... + ... | Operation + of type int may overflow or underflow. | +| test.c:26:5:26:12 | ... += ... | Operation += of type signed int may overflow or underflow. | +| test.c:31:19:31:25 | ... + ... | Operation + of type int may overflow or underflow. | +| test.c:36:3:36:10 | ... += ... | Operation += of type signed int may overflow or underflow. | +| test.c:43:3:43:9 | ... - ... | Operation - of type int may overflow or underflow. | +| test.c:44:3:44:10 | ... -= ... | Operation -= of type signed int may overflow or underflow. | +| test.c:58:19:58:25 | ... - ... | Operation - of type int may overflow or underflow. | +| test.c:62:3:62:10 | ... -= ... | Operation -= of type signed int may overflow or underflow. | +| test.c:69:3:69:8 | ... * ... | Operation * of type int may overflow or underflow. | +| test.c:70:3:70:10 | ... *= ... | Operation *= of type signed int may overflow or underflow. | +| test.c:153:3:153:10 | ... << ... | Operation << of type signed int may overflow or underflow. | +| test.c:154:3:154:11 | ... <<= ... | Operation <<= of type signed int may overflow or underflow. | +| test.c:173:3:173:5 | - ... | Operation - of type signed int may overflow or underflow. | diff --git a/c/cert/test/rules/INT32-C/test.c b/c/cert/test/rules/INT32-C/test.c index 89b372bf1d..8441971c51 100644 --- a/c/cert/test/rules/INT32-C/test.c +++ b/c/cert/test/rules/INT32-C/test.c @@ -3,7 +3,8 @@ #include void test_add_simple(signed int i1, signed int i2) { - i1 + i2; // NON_COMPLIANT - not bounds checked + i1 + i2; // NON_COMPLIANT - not bounds checked + i1 += i2; // NON_COMPLIANT - not bounds checked } void test_add_precheck(signed int i1, signed int i2) { @@ -12,7 +13,8 @@ void test_add_precheck(signed int i1, signed int i2) { ((i2 < 0) && (i1 < (INT_MIN - i2)))) { // handle error } else { - i1 + i2; // COMPLIANT - bounds appropriately checked + i1 + i2; // COMPLIANT - bounds appropriately checked + i1 += i2; // COMPLIANT - bounds appropriately checked } } @@ -20,7 +22,8 @@ void test_add_precheck_2(signed int i1, signed int i2) { if (i1 + i2 < i1) { // NON_COMPLIANT - bad overflow check - undefined behavior // handle error } else { - i1 + i2; // NON_COMPLIANT + i1 + i2; // NON_COMPLIANT + i1 += i2; // NON_COMPLIANT } } @@ -30,10 +33,15 @@ void test_add_postcheck(signed int i1, signed int i2) { if (i3 < i1) { // handle error } + i1 += i2; // NON_COMPLIANT + if (i1 < i2) { + // handle error + } } void test_sub_simple(signed int i1, signed int i2) { - i1 - i2; // NON_COMPLIANT - not bounds checked + i1 - i2; // NON_COMPLIANT - not bounds checked + i1 -= i2; // NON_COMPLIANT - not bounds checked } void test_sub_precheck(signed int i1, signed int i2) { @@ -41,7 +49,8 @@ void test_sub_precheck(signed int i1, signed int i2) { if ((i2 > 0 && i1 < INT_MIN + i2) || (i2 < 0 && i1 > INT_MAX + i2)) { // handle error } else { - i1 - i2; // COMPLIANT - bounds checked + i1 - i2; // COMPLIANT - bounds checked + i1 -= i2; // COMPLIANT - bounds checked } } @@ -50,10 +59,15 @@ void test_sub_postcheck(signed int i1, signed int i2) { if (i3 > i1) { // handle error } + i1 -= i2; // NON_COMPLIANT - underflow is undefined behavior. + if (i1 > i2) { + // handle error + } } void test_mul_simple(signed int i1, signed int i2) { - i1 *i2; // NON_COMPLIANT + i1 *i2; // NON_COMPLIANT + i1 *= i2; // NON_COMPLIANT } void test_mul_precheck(signed int i1, signed int i2) { @@ -66,6 +80,7 @@ void test_mul_precheck(signed int i1, signed int i2) { } else { i1 *i2; // COMPLIANT - checked result = (signed int)tmp; + i1 *= i2; // COMPLIANT - checked } } @@ -94,14 +109,16 @@ void test_mul_precheck_2(signed int i1, signed int i2) { } } } - i1 *i2; // COMPLIANT + i1 *i2; // COMPLIANT + i1 *= i2; // COMPLIANT } void test_simple_div(signed int i1, signed int i2) { if (i2 == 0) { // handle error } else { - i1 / i2; // NON_COMPLIANT + i1 / i2; // NON_COMPLIANT + i1 /= i2; // NON_COMPLIANT } } @@ -109,7 +126,8 @@ void test_div_precheck(signed int i1, signed int i2) { if ((i2 == 0) || ((i1 == LONG_MIN) && (i2 == -1))) { /* Handle error */ } else { - i1 / i2; // COMPLIANT + i1 / i2; // COMPLIANT + i1 /= i2; // COMPLIANT } } @@ -117,7 +135,8 @@ void test_simple_rem(signed int i1, signed int i2) { if (i2 == 0) { // handle error } else { - i1 % i2; // NON_COMPLIANT + i1 % i2; // NON_COMPLIANT + i1 %= i2; // NON_COMPLIANT } } @@ -125,12 +144,14 @@ void test_rem_precheck(signed int i1, signed int i2) { if ((i2 == 0) || ((i1 == LONG_MIN) && (i2 == -1))) { /* Handle error */ } else { - i1 % i2; // COMPLIANT + i1 % i2; // COMPLIANT + i1 %= i2; // COMPLIANT } } void test_simple_left_shift(signed int i1, signed int i2) { - i1 << i2; // NON_COMPLIANT + i1 << i2; // NON_COMPLIANT + i1 <<= i2; // NON_COMPLIANT } /* Returns the number of set bits */ @@ -143,7 +164,8 @@ void test_left_shift_precheck(signed int i1, signed int i2) { (i1 > (INT_MAX >> i2))) { // handle error } else { - i1 << i2; // COMPLIANT + i1 << i2; // COMPLIANT + i1 <<= i2; // COMPLIANT } } diff --git a/cpp/autosar/src/rules/A4-7-1/IntegerExpressionLeadToDataLoss.ql b/cpp/autosar/src/rules/A4-7-1/IntegerExpressionLeadToDataLoss.ql index 82c3a92451..736c7dbcfe 100644 --- a/cpp/autosar/src/rules/A4-7-1/IntegerExpressionLeadToDataLoss.ql +++ b/cpp/autosar/src/rules/A4-7-1/IntegerExpressionLeadToDataLoss.ql @@ -19,7 +19,7 @@ import codingstandards.cpp.Overflow import semmle.code.cpp.controlflow.Guards import semmle.code.cpp.valuenumbering.GlobalValueNumbering -from InterestingBinaryOverflowingExpr e +from InterestingOverflowingOperation e where not isExcluded(e, IntegerConversionPackage::integerExpressionLeadToDataLossQuery()) and // Not within a guard condition @@ -27,5 +27,7 @@ where // Not guarded by a check, where the check is not an invalid overflow check not e.getAGuardingGVN() = globalValueNumber(e.getAChild*()) and // Covered by `IntMultToLong.ql` instead - not e instanceof MulExpr + not e instanceof MulExpr and + // Not covered by this query - overflow/underflow in division is rare + not e instanceof DivExpr select e, "Binary expression ..." + e.getOperator() + "... may overflow." diff --git a/cpp/common/src/codingstandards/cpp/Overflow.qll b/cpp/common/src/codingstandards/cpp/Overflow.qll index 62615de3f8..b90878c618 100644 --- a/cpp/common/src/codingstandards/cpp/Overflow.qll +++ b/cpp/common/src/codingstandards/cpp/Overflow.qll @@ -10,11 +10,10 @@ import semmle.code.cpp.dataflow.TaintTracking import semmle.code.cpp.valuenumbering.GlobalValueNumbering /** - * A `BinaryArithmeticOperation` which may overflow and is a potentially interesting case to review - * that is not covered by other queries for this rule. + * An operation that may overflow or underflow. */ -class InterestingBinaryOverflowingExpr extends BinaryArithmeticOperation { - InterestingBinaryOverflowingExpr() { +class InterestingOverflowingOperation extends Operation { + InterestingOverflowingOperation() { // Might overflow or underflow ( exprMightOverflowNegatively(this) @@ -27,9 +26,7 @@ class InterestingBinaryOverflowingExpr extends BinaryArithmeticOperation { // Not within a macro not this.isAffectedByMacro() and // Ignore pointer arithmetic - not this instanceof PointerArithmeticOperation and - // Not covered by this query - overflow/underflow in division is rare - not this instanceof DivExpr + not this instanceof PointerArithmeticOperation } /** @@ -48,17 +45,18 @@ class InterestingBinaryOverflowingExpr extends BinaryArithmeticOperation { * Holds if there is a correct validity check after this expression which may overflow. */ predicate hasValidPreCheck() { - exists(GVN i1, GVN i2 | - i1 = globalValueNumber(this.getLeftOperand()) and - i2 = globalValueNumber(this.getRightOperand()) - or - i2 = globalValueNumber(this.getLeftOperand()) and - i1 = globalValueNumber(this.getRightOperand()) + // For binary operations (both arithmetic operations and arithmetic assignment operations) + exists(GVN i1, GVN i2, Expr op1, Expr op2 | + op1 = getAnOperand() and + op2 = getAnOperand() and + not op1 = op2 and + i1 = globalValueNumber(op1) and + i2 = globalValueNumber(op2) | // The CERT rule for signed integer overflow has a very specific pattern it recommends // for checking for overflow. We try to match the pattern here. // ((i2 > 0 && i1 > (INT_MAX - i2)) || (i2 < 0 && i1 < (INT_MIN - i2))) - this instanceof AddExpr and + (this instanceof AddExpr or this instanceof AssignAddExpr) and exists(LogicalOrExpr orExpr | // GuardCondition doesn't work in this case, so just confirm that this check dominates the overflow bbDominates(orExpr.getBasicBlock(), this.getBasicBlock()) and @@ -101,7 +99,7 @@ class InterestingBinaryOverflowingExpr extends BinaryArithmeticOperation { // The CERT rule for signed integer overflow has a very specific pattern it recommends // for checking for underflow. We try to match the pattern here. // ((i2 > 0 && i1 > (INT_MIN + i2)) || (i2 < 0 && i1 < (INT_MAX + i2))) - this instanceof SubExpr and + (this instanceof SubExpr or this instanceof AssignSubExpr) and exists(LogicalOrExpr orExpr | // GuardCondition doesn't work in this case, so just confirm that this check dominates the overflow bbDominates(orExpr.getBasicBlock(), this.getBasicBlock()) and @@ -144,7 +142,7 @@ class InterestingBinaryOverflowingExpr extends BinaryArithmeticOperation { // The CERT rule for signed integer overflow has a very specific pattern it recommends // for checking for multiplication underflow/overflow. We just use a heuristic here, // which determines if at least 4 checks of the sort `a < INT_MAX / b` are present in the code. - this instanceof MulExpr and + (this instanceof MulExpr or this instanceof AssignMulExpr) and count(StrictRelationalOperation rel | globalValueNumber(rel.getAnOperand()) = i1 and globalValueNumber(rel.getAnOperand().(DivExpr).getRightOperand()) = i2 @@ -166,14 +164,14 @@ class InterestingBinaryOverflowingExpr extends BinaryArithmeticOperation { exists(RelationalOperation ro | DataFlow::localExprFlow(this, ro.getLesserOperand()) and globalValueNumber(ro.getGreaterOperand()) = globalValueNumber(this.getAnOperand()) and - this instanceof AddExpr and + (this instanceof AddExpr or this instanceof AssignAddExpr) and ro instanceof GuardCondition ) or exists(RelationalOperation ro | DataFlow::localExprFlow(this, ro.getGreaterOperand()) and globalValueNumber(ro.getLesserOperand()) = globalValueNumber(this.getAnOperand()) and - this instanceof SubExpr and + (this instanceof SubExpr or this instanceof AssignSubExpr) and ro instanceof GuardCondition ) ) @@ -183,23 +181,23 @@ class InterestingBinaryOverflowingExpr extends BinaryArithmeticOperation { * Identifies a bad overflow check for this overflow expression. */ GuardCondition getABadOverflowCheck() { - exists(AddExpr ae, RelationalOperation relOp | - this = ae and + exists(RelationalOperation relOp | + (this instanceof AddExpr or this instanceof AssignAddExpr) and result = relOp and // Looking for this pattern: // if (x + y > x) // use(x + y) // - globalValueNumber(relOp.getAnOperand()) = globalValueNumber(ae) and - globalValueNumber(relOp.getAnOperand()) = globalValueNumber(ae.getAnOperand()) + globalValueNumber(relOp.getAnOperand()) = globalValueNumber(this) and + globalValueNumber(relOp.getAnOperand()) = globalValueNumber(this.getAnOperand()) | // Signed overflow checks are insufficient - ae.getUnspecifiedType().(IntegralType).isSigned() + this.getUnspecifiedType().(IntegralType).isSigned() or // Unsigned overflow checks can still be bad, if the result is promoted. - forall(Expr op | op = ae.getAnOperand() | op.getType().getSize() < any(IntType i).getSize()) and + forall(Expr op | op = this.getAnOperand() | op.getType().getSize() < any(IntType i).getSize()) and // Not explicitly converted to a smaller type before the comparison - not ae.getExplicitlyConverted().getType().getSize() < any(IntType i).getSize() + not this.getExplicitlyConverted().getType().getSize() < any(IntType i).getSize() ) } } From 541515dd910838c504a501cf8f3966348a0ab7cc Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Fri, 24 Mar 2023 23:17:13 +0100 Subject: [PATCH 0879/2573] M0-2-1 restore test --- ...jectAssignedToAnOverlappingObject.expected | 2 +- ...bjectAssignedToAnOverlappingObject.testref | 1 - cpp/autosar/test/rules/M0-2-1/test.cpp | 54 +++++++++++++++++++ 3 files changed, 55 insertions(+), 2 deletions(-) delete mode 100644 cpp/autosar/test/rules/M0-2-1/ObjectAssignedToAnOverlappingObject.testref create mode 100644 cpp/autosar/test/rules/M0-2-1/test.cpp diff --git a/cpp/autosar/test/rules/M0-2-1/ObjectAssignedToAnOverlappingObject.expected b/cpp/autosar/test/rules/M0-2-1/ObjectAssignedToAnOverlappingObject.expected index 2ec1a0ac6c..13b670e4d9 100644 --- a/cpp/autosar/test/rules/M0-2-1/ObjectAssignedToAnOverlappingObject.expected +++ b/cpp/autosar/test/rules/M0-2-1/ObjectAssignedToAnOverlappingObject.expected @@ -1 +1 @@ -No expected results have yet been specified \ No newline at end of file +| test.cpp:37:3:37:18 | ... = ... | An object $@ assigned to overlapping object $@. | test.cpp:37:9:37:10 | m2 | m2 | test.cpp:37:17:37:18 | m1 | m1 | diff --git a/cpp/autosar/test/rules/M0-2-1/ObjectAssignedToAnOverlappingObject.testref b/cpp/autosar/test/rules/M0-2-1/ObjectAssignedToAnOverlappingObject.testref deleted file mode 100644 index ec615f82b3..0000000000 --- a/cpp/autosar/test/rules/M0-2-1/ObjectAssignedToAnOverlappingObject.testref +++ /dev/null @@ -1 +0,0 @@ -cpp/common/test/rules/overlappingobjectassignment/OverlappingObjectAssignment.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M0-2-1/test.cpp b/cpp/autosar/test/rules/M0-2-1/test.cpp new file mode 100644 index 0000000000..e5848e2752 --- /dev/null +++ b/cpp/autosar/test/rules/M0-2-1/test.cpp @@ -0,0 +1,54 @@ + +struct s1 { + int m1[10]; +}; +struct s2 { + int m1; + struct s1 m2; +}; + +union u { + struct s1 m1; + struct s2 m2; +}; + +typedef struct { + char buf[8]; +} Union_t; + +typedef union { + + unsigned char uc[24]; + + struct { + Union_t prefix; + Union_t suffix; + } fnv; + + struct { + unsigned char padding[16]; + Union_t suffix; + } diff; + +} UnionSecret_t; + +void overlapping_access() { + u u1; + u1.m2.m2 = u1.m1; // NON_COMPLIANT, different struct. u1.m2 and u1.m1 +} + +void cross_copy() { + UnionSecret_t hash1; + hash1.diff.suffix = + hash1.fnv.suffix; // COMPLIANT (copy across structs), but safe. +} + +void internal_shift() { + UnionSecret_t hash1; + hash1.fnv.prefix = hash1.fnv.suffix; // COMPLIANT, same struct. +} + +void separate_access() { + UnionSecret_t hash1, hash2; + hash2.diff.suffix = hash1.fnv.suffix; // COMPLIANT, different union. +} \ No newline at end of file From bf3710534317948e1db209c1abbe6e24dfe6cab8 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 24 Mar 2023 22:45:18 +0000 Subject: [PATCH 0880/2573] IntegerOverflow: Support divide and remainder --- .../src/rules/INT32-C/SignedIntegerOverflow.ql | 18 +++++++++++++++++- .../INT32-C/SignedIntegerOverflow.expected | 10 +++++++--- c/cert/test/rules/INT32-C/test.c | 10 ++++++++++ .../src/codingstandards/cpp/Overflow.qll | 17 +++++++++++++++++ 4 files changed, 51 insertions(+), 4 deletions(-) diff --git a/c/cert/src/rules/INT32-C/SignedIntegerOverflow.ql b/c/cert/src/rules/INT32-C/SignedIntegerOverflow.ql index fc36644f89..cfef7175f0 100644 --- a/c/cert/src/rules/INT32-C/SignedIntegerOverflow.ql +++ b/c/cert/src/rules/INT32-C/SignedIntegerOverflow.ql @@ -21,7 +21,23 @@ import semmle.code.cpp.valuenumbering.GlobalValueNumbering from InterestingOverflowingOperation op where not isExcluded(op, IntegerOverflowPackage::signedIntegerOverflowQuery()) and - op.getType().getUnderlyingType().(IntegralType).isSigned() and + ( + // An operation that returns a signed integer type + op.getType().getUnderlyingType().(IntegralType).isSigned() + or + // The divide or rem expression on a signed integer + (op instanceof DivExpr or op instanceof RemExpr) and + op.(BinaryOperation).getLeftOperand().getType().getUnderlyingType().(IntegralType).isSigned() + or + // The assign divide or rem expression on a signed integer + (op instanceof AssignDivExpr or op instanceof AssignRemExpr) and + op.(AssignArithmeticOperation) + .getLValue() + .getType() + .getUnderlyingType() + .(IntegralType) + .isSigned() + ) and // Not checked before the operation not op.hasValidPreCheck() and // Not guarded by a check, where the check is not an invalid overflow check diff --git a/c/cert/test/rules/INT32-C/SignedIntegerOverflow.expected b/c/cert/test/rules/INT32-C/SignedIntegerOverflow.expected index cf86a60eb1..c50817da84 100644 --- a/c/cert/test/rules/INT32-C/SignedIntegerOverflow.expected +++ b/c/cert/test/rules/INT32-C/SignedIntegerOverflow.expected @@ -11,6 +11,10 @@ | test.c:62:3:62:10 | ... -= ... | Operation -= of type signed int may overflow or underflow. | | test.c:69:3:69:8 | ... * ... | Operation * of type int may overflow or underflow. | | test.c:70:3:70:10 | ... *= ... | Operation *= of type signed int may overflow or underflow. | -| test.c:153:3:153:10 | ... << ... | Operation << of type signed int may overflow or underflow. | -| test.c:154:3:154:11 | ... <<= ... | Operation <<= of type signed int may overflow or underflow. | -| test.c:173:3:173:5 | - ... | Operation - of type signed int may overflow or underflow. | +| test.c:117:3:117:9 | ... / ... | Operation / of type int may overflow or underflow. | +| test.c:118:3:118:10 | ... /= ... | Operation /= of type signed int may overflow or underflow. | +| test.c:140:3:140:9 | ... % ... | Operation % of type int may overflow or underflow. | +| test.c:141:3:141:10 | ... %= ... | Operation %= of type signed int may overflow or underflow. | +| test.c:163:3:163:10 | ... << ... | Operation << of type signed int may overflow or underflow. | +| test.c:164:3:164:11 | ... <<= ... | Operation <<= of type signed int may overflow or underflow. | +| test.c:183:3:183:5 | - ... | Operation - of type signed int may overflow or underflow. | diff --git a/c/cert/test/rules/INT32-C/test.c b/c/cert/test/rules/INT32-C/test.c index 8441971c51..d3dfcadf1d 100644 --- a/c/cert/test/rules/INT32-C/test.c +++ b/c/cert/test/rules/INT32-C/test.c @@ -114,6 +114,11 @@ void test_mul_precheck_2(signed int i1, signed int i2) { } void test_simple_div(signed int i1, signed int i2) { + i1 / i2; // NON_COMPLIANT + i1 /= i2; // NON_COMPLIANT +} + +void test_simple_div_no_zero(signed int i1, signed int i2) { if (i2 == 0) { // handle error } else { @@ -132,6 +137,11 @@ void test_div_precheck(signed int i1, signed int i2) { } void test_simple_rem(signed int i1, signed int i2) { + i1 % i2; // NON_COMPLIANT + i1 %= i2; // NON_COMPLIANT +} + +void test_simple_rem_no_zero(signed int i1, signed int i2) { if (i2 == 0) { // handle error } else { diff --git a/cpp/common/src/codingstandards/cpp/Overflow.qll b/cpp/common/src/codingstandards/cpp/Overflow.qll index b90878c618..68cc2c0b64 100644 --- a/cpp/common/src/codingstandards/cpp/Overflow.qll +++ b/cpp/common/src/codingstandards/cpp/Overflow.qll @@ -19,6 +19,23 @@ class InterestingOverflowingOperation extends Operation { exprMightOverflowNegatively(this) or exprMightOverflowPositively(this) + or + // Division and remainder are not handled by the library + exists(Expr leftOperand, Expr rightOperand | + (this instanceof DivExpr or this instanceof RemExpr) and + leftOperand = this.(BinaryOperation).getLeftOperand() and + rightOperand = this.(BinaryOperation).getRightOperand() + or + (this instanceof AssignDivExpr or this instanceof AssignRemExpr) and + leftOperand = this.(AssignArithmeticOperation).getLValue() and + rightOperand = this.(AssignArithmeticOperation).getRValue() + | + // The right hand side could be -1 + upperBound(rightOperand) >= -1.0 and + lowerBound(rightOperand) <= -1.0 and + // The left hand side could be the smallest possible integer value + lowerBound(leftOperand) <= typeLowerBound(leftOperand.getType().getUnderlyingType()) + ) ) and // Multiplication is not covered by the standard range analysis library, so implement our own // mini analysis. From d3dc33047c0f3a3f90fa23b1555ae5b80b07f085 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 24 Mar 2023 23:21:50 +0000 Subject: [PATCH 0881/2573] IntegerOverflow: Further restrictions * Simplify the handling of div/rem exprs * Exclude rem from unsigned integer * Exclude left shift from signed integer overflow * Remove silly mulexpr "compliant" cases. * Fix div/rem checks to use the right max type * Remove getAGuardingGVN and unify under the hasValidPreCheck() case, but only for unsigned addition. * Add guards check for div and rem --- .../UnsignedIntegerOperationsWrapAround.ql | 5 +- .../rules/INT32-C/SignedIntegerOverflow.ql | 16 +-- .../INT32-C/SignedIntegerOverflow.expected | 16 +-- c/cert/test/rules/INT32-C/test.c | 26 +---- .../A4-7-1/IntegerExpressionLeadToDataLoss.ql | 5 +- .../src/codingstandards/cpp/Overflow.qll | 107 ++++++++++-------- 6 files changed, 79 insertions(+), 96 deletions(-) diff --git a/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql b/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql index f0a692eca8..318b166950 100644 --- a/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql +++ b/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql @@ -26,12 +26,13 @@ where // Not within a guard condition not exists(GuardCondition gc | gc.getAChild*() = op) and // Not guarded by a check, where the check is not an invalid overflow check - not op.getAGuardingGVN() = globalValueNumber(op.getAChild*()) and + not op.hasValidPreCheck() and // Is not checked after the operation not op.hasValidPostCheck() and // Permitted by exception 3 not op instanceof LShiftExpr and // Permitted by exception 2 - zero case is handled in separate query - not op instanceof DivExpr + not op instanceof DivExpr and + not op instanceof RemExpr select op, "Operation " + op.getOperator() + " of type " + op.getType().getUnderlyingType() + " may wrap." diff --git a/c/cert/src/rules/INT32-C/SignedIntegerOverflow.ql b/c/cert/src/rules/INT32-C/SignedIntegerOverflow.ql index cfef7175f0..4c781c4e50 100644 --- a/c/cert/src/rules/INT32-C/SignedIntegerOverflow.ql +++ b/c/cert/src/rules/INT32-C/SignedIntegerOverflow.ql @@ -26,22 +26,12 @@ where op.getType().getUnderlyingType().(IntegralType).isSigned() or // The divide or rem expression on a signed integer - (op instanceof DivExpr or op instanceof RemExpr) and - op.(BinaryOperation).getLeftOperand().getType().getUnderlyingType().(IntegralType).isSigned() - or - // The assign divide or rem expression on a signed integer - (op instanceof AssignDivExpr or op instanceof AssignRemExpr) and - op.(AssignArithmeticOperation) - .getLValue() - .getType() - .getUnderlyingType() - .(IntegralType) - .isSigned() + op.(DivOrRemOperation).getDividend().getType().getUnderlyingType().(IntegralType).isSigned() ) and // Not checked before the operation not op.hasValidPreCheck() and - // Not guarded by a check, where the check is not an invalid overflow check - not op.getAGuardingGVN() = globalValueNumber(op.getAChild*()) + // Covered by INT34-C + not op instanceof LShiftExpr select op, "Operation " + op.getOperator() + " of type " + op.getType().getUnderlyingType() + " may overflow or underflow." diff --git a/c/cert/test/rules/INT32-C/SignedIntegerOverflow.expected b/c/cert/test/rules/INT32-C/SignedIntegerOverflow.expected index c50817da84..a0a5e7354c 100644 --- a/c/cert/test/rules/INT32-C/SignedIntegerOverflow.expected +++ b/c/cert/test/rules/INT32-C/SignedIntegerOverflow.expected @@ -11,10 +11,12 @@ | test.c:62:3:62:10 | ... -= ... | Operation -= of type signed int may overflow or underflow. | | test.c:69:3:69:8 | ... * ... | Operation * of type int may overflow or underflow. | | test.c:70:3:70:10 | ... *= ... | Operation *= of type signed int may overflow or underflow. | -| test.c:117:3:117:9 | ... / ... | Operation / of type int may overflow or underflow. | -| test.c:118:3:118:10 | ... /= ... | Operation /= of type signed int may overflow or underflow. | -| test.c:140:3:140:9 | ... % ... | Operation % of type int may overflow or underflow. | -| test.c:141:3:141:10 | ... %= ... | Operation %= of type signed int may overflow or underflow. | -| test.c:163:3:163:10 | ... << ... | Operation << of type signed int may overflow or underflow. | -| test.c:164:3:164:11 | ... <<= ... | Operation <<= of type signed int may overflow or underflow. | -| test.c:183:3:183:5 | - ... | Operation - of type signed int may overflow or underflow. | +| test.c:115:3:115:9 | ... / ... | Operation / of type int may overflow or underflow. | +| test.c:116:3:116:10 | ... /= ... | Operation /= of type signed int may overflow or underflow. | +| test.c:123:5:123:11 | ... / ... | Operation / of type int may overflow or underflow. | +| test.c:124:5:124:12 | ... /= ... | Operation /= of type signed int may overflow or underflow. | +| test.c:138:3:138:9 | ... % ... | Operation % of type int may overflow or underflow. | +| test.c:139:3:139:10 | ... %= ... | Operation %= of type signed int may overflow or underflow. | +| test.c:146:5:146:11 | ... % ... | Operation % of type int may overflow or underflow. | +| test.c:147:5:147:12 | ... %= ... | Operation %= of type signed int may overflow or underflow. | +| test.c:161:3:161:5 | - ... | Operation - of type signed int may overflow or underflow. | diff --git a/c/cert/test/rules/INT32-C/test.c b/c/cert/test/rules/INT32-C/test.c index d3dfcadf1d..ed007fdd8d 100644 --- a/c/cert/test/rules/INT32-C/test.c +++ b/c/cert/test/rules/INT32-C/test.c @@ -78,9 +78,7 @@ void test_mul_precheck(signed int i1, signed int i2) { if (tmp > INT_MAX || tmp < INT_MIN) { // handle error } else { - i1 *i2; // COMPLIANT - checked result = (signed int)tmp; - i1 *= i2; // COMPLIANT - checked } } @@ -128,7 +126,7 @@ void test_simple_div_no_zero(signed int i1, signed int i2) { } void test_div_precheck(signed int i1, signed int i2) { - if ((i2 == 0) || ((i1 == LONG_MIN) && (i2 == -1))) { + if ((i2 == 0) || ((i1 == INT_MIN) && (i2 == -1))) { /* Handle error */ } else { i1 / i2; // COMPLIANT @@ -151,7 +149,7 @@ void test_simple_rem_no_zero(signed int i1, signed int i2) { } void test_rem_precheck(signed int i1, signed int i2) { - if ((i2 == 0) || ((i1 == LONG_MIN) && (i2 == -1))) { + if ((i2 == 0) || ((i1 == INT_MIN) && (i2 == -1))) { /* Handle error */ } else { i1 % i2; // COMPLIANT @@ -159,26 +157,6 @@ void test_rem_precheck(signed int i1, signed int i2) { } } -void test_simple_left_shift(signed int i1, signed int i2) { - i1 << i2; // NON_COMPLIANT - i1 <<= i2; // NON_COMPLIANT -} - -/* Returns the number of set bits */ -size_t popcount(uintmax_t num); - -#define PRECISION(umax_value) popcount(umax_value) - -void test_left_shift_precheck(signed int i1, signed int i2) { - if ((i1 < 0) || (i2 < 0) || (i2 >= PRECISION(UINT_MAX)) || - (i1 > (INT_MAX >> i2))) { - // handle error - } else { - i1 << i2; // COMPLIANT - i1 <<= i2; // COMPLIANT - } -} - void test_simple_negate(signed int i1) { -i1; // NON_COMPLIANT } diff --git a/cpp/autosar/src/rules/A4-7-1/IntegerExpressionLeadToDataLoss.ql b/cpp/autosar/src/rules/A4-7-1/IntegerExpressionLeadToDataLoss.ql index 736c7dbcfe..aae951351a 100644 --- a/cpp/autosar/src/rules/A4-7-1/IntegerExpressionLeadToDataLoss.ql +++ b/cpp/autosar/src/rules/A4-7-1/IntegerExpressionLeadToDataLoss.ql @@ -25,9 +25,10 @@ where // Not within a guard condition not exists(GuardCondition gc | gc.getAChild*() = e) and // Not guarded by a check, where the check is not an invalid overflow check - not e.getAGuardingGVN() = globalValueNumber(e.getAChild*()) and + not e.hasValidPreCheck() and // Covered by `IntMultToLong.ql` instead not e instanceof MulExpr and // Not covered by this query - overflow/underflow in division is rare - not e instanceof DivExpr + not e instanceof DivExpr and + not e instanceof RemExpr select e, "Binary expression ..." + e.getOperator() + "... may overflow." diff --git a/cpp/common/src/codingstandards/cpp/Overflow.qll b/cpp/common/src/codingstandards/cpp/Overflow.qll index 68cc2c0b64..fb5473b42b 100644 --- a/cpp/common/src/codingstandards/cpp/Overflow.qll +++ b/cpp/common/src/codingstandards/cpp/Overflow.qll @@ -21,20 +21,13 @@ class InterestingOverflowingOperation extends Operation { exprMightOverflowPositively(this) or // Division and remainder are not handled by the library - exists(Expr leftOperand, Expr rightOperand | - (this instanceof DivExpr or this instanceof RemExpr) and - leftOperand = this.(BinaryOperation).getLeftOperand() and - rightOperand = this.(BinaryOperation).getRightOperand() - or - (this instanceof AssignDivExpr or this instanceof AssignRemExpr) and - leftOperand = this.(AssignArithmeticOperation).getLValue() and - rightOperand = this.(AssignArithmeticOperation).getRValue() - | + exists(DivOrRemOperation divOrRem | divOrRem = this | // The right hand side could be -1 - upperBound(rightOperand) >= -1.0 and - lowerBound(rightOperand) <= -1.0 and + upperBound(divOrRem.getDivisor()) >= -1.0 and + lowerBound(divOrRem.getDivisor()) <= -1.0 and // The left hand side could be the smallest possible integer value - lowerBound(leftOperand) <= typeLowerBound(leftOperand.getType().getUnderlyingType()) + lowerBound(divOrRem.getDividend()) <= + typeLowerBound(divOrRem.getDividend().getType().getUnderlyingType()) ) ) and // Multiplication is not covered by the standard range analysis library, so implement our own @@ -46,18 +39,6 @@ class InterestingOverflowingOperation extends Operation { not this instanceof PointerArithmeticOperation } - /** - * Get a `GVN` which guards this expression which may overflow. - */ - GVN getAGuardingGVN() { - exists(GuardCondition gc, Expr e | - not gc = getABadOverflowCheck() and - TaintTracking::localTaint(DataFlow::exprNode(e), DataFlow::exprNode(gc.getAChild*())) and - gc.controls(this.getBasicBlock(), _) and - result = globalValueNumber(e) - ) - } - /** * Holds if there is a correct validity check after this expression which may overflow. */ @@ -70,6 +51,27 @@ class InterestingOverflowingOperation extends Operation { i1 = globalValueNumber(op1) and i2 = globalValueNumber(op2) | + // For unsigned integer addition, look for this pattern: + // if (x + y > x) + // use(x + y) + // Ensuring it is not a bad overflow check + (this instanceof AddExpr or this instanceof AssignAddExpr) and + this.getType().getUnspecifiedType().(IntegralType).isUnsigned() and + exists(AddExpr ae, RelationalOperation relOp | + globalValueNumber(relOp.getAnOperand()) = i1 and + relOp.getAnOperand() = ae and + globalValueNumber(ae.getAnOperand()) = i1 and + globalValueNumber(ae.getAnOperand()) = i2 + | + // At least one operand is not smaller than int + exists(Expr op | op = ae.getAnOperand() | + op.getType().getSize() >= any(IntType i).getSize() + ) + or + // The result of the addition is explicitly converted to a smaller type before the comparison + ae.getExplicitlyConverted().getType().getSize() < any(IntType i).getSize() + ) + or // The CERT rule for signed integer overflow has a very specific pattern it recommends // for checking for overflow. We try to match the pattern here. // ((i2 > 0 && i1 > (INT_MAX - i2)) || (i2 < 0 && i1 < (INT_MIN - i2))) @@ -156,6 +158,20 @@ class InterestingOverflowingOperation extends Operation { ) ) or + // CERT recommends checking for divisor != -1 and dividor != INT_MIN + this instanceof DivOrRemOperation and + exists(EqualityOperation eop | + // GuardCondition doesn't work in this case, so just confirm that this check dominates the overflow + globalValueNumber(eop.getAnOperand()) = i1 and + eop.getAnOperand().getValue().toFloat() = + typeLowerBound(this.(DivOrRemOperation).getDividend().getType().getUnderlyingType()) + ) and + exists(EqualityOperation eop | + // GuardCondition doesn't work in this case, so just confirm that this check dominates the overflow + globalValueNumber(eop.getAnOperand()) = i2 and + eop.getAnOperand().getValue().toInt() = -1 + ) + or // The CERT rule for signed integer overflow has a very specific pattern it recommends // for checking for multiplication underflow/overflow. We just use a heuristic here, // which determines if at least 4 checks of the sort `a < INT_MAX / b` are present in the code. @@ -193,36 +209,31 @@ class InterestingOverflowingOperation extends Operation { ) ) } - - /** - * Identifies a bad overflow check for this overflow expression. - */ - GuardCondition getABadOverflowCheck() { - exists(RelationalOperation relOp | - (this instanceof AddExpr or this instanceof AssignAddExpr) and - result = relOp and - // Looking for this pattern: - // if (x + y > x) - // use(x + y) - // - globalValueNumber(relOp.getAnOperand()) = globalValueNumber(this) and - globalValueNumber(relOp.getAnOperand()) = globalValueNumber(this.getAnOperand()) - | - // Signed overflow checks are insufficient - this.getUnspecifiedType().(IntegralType).isSigned() - or - // Unsigned overflow checks can still be bad, if the result is promoted. - forall(Expr op | op = this.getAnOperand() | op.getType().getSize() < any(IntType i).getSize()) and - // Not explicitly converted to a smaller type before the comparison - not this.getExplicitlyConverted().getType().getSize() < any(IntType i).getSize() - ) - } } private class StrictRelationalOperation extends RelationalOperation { StrictRelationalOperation() { this.getOperator() = [">", "<"] } } +class DivOrRemOperation extends Operation { + DivOrRemOperation() { + this instanceof DivExpr or + this instanceof RemExpr or + this instanceof AssignDivExpr or + this instanceof AssignRemExpr + } + + Expr getDividend() { + result = this.(BinaryOperation).getLeftOperand() or + result = this.(AssignArithmeticOperation).getLValue() + } + + Expr getDivisor() { + result = this.(BinaryOperation).getRightOperand() or + result = this.(AssignArithmeticOperation).getRValue() + } +} + /** * Module inspired by the IntMultToLong.ql query. */ From 64907058f1f274afbc7238e075fa39894fb6e375 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 24 Mar 2023 23:30:01 +0000 Subject: [PATCH 0882/2573] INT32-C: Add tests for ++,-- --- .../INT32-C/SignedIntegerOverflow.expected | 2 ++ c/cert/test/rules/INT32-C/test.c | 32 +++++++++++++++++++ 2 files changed, 34 insertions(+) diff --git a/c/cert/test/rules/INT32-C/SignedIntegerOverflow.expected b/c/cert/test/rules/INT32-C/SignedIntegerOverflow.expected index a0a5e7354c..0e107bcafa 100644 --- a/c/cert/test/rules/INT32-C/SignedIntegerOverflow.expected +++ b/c/cert/test/rules/INT32-C/SignedIntegerOverflow.expected @@ -20,3 +20,5 @@ | test.c:146:5:146:11 | ... % ... | Operation % of type int may overflow or underflow. | | test.c:147:5:147:12 | ... %= ... | Operation %= of type signed int may overflow or underflow. | | test.c:161:3:161:5 | - ... | Operation - of type signed int may overflow or underflow. | +| test.c:173:3:173:6 | ... ++ | Operation ++ of type signed int may overflow or underflow. | +| test.c:189:3:189:6 | ... -- | Operation -- of type signed int may overflow or underflow. | diff --git a/c/cert/test/rules/INT32-C/test.c b/c/cert/test/rules/INT32-C/test.c index ed007fdd8d..cde579123b 100644 --- a/c/cert/test/rules/INT32-C/test.c +++ b/c/cert/test/rules/INT32-C/test.c @@ -167,4 +167,36 @@ void test_negate_precheck(signed int i1) { } else { -i1; // COMPLIANT } +} + +void test_inc(signed int i1) { + i1++; // NON_COMPLIANT +} + +void test_inc_guard(signed int i1) { + if (i1 < INT_MAX) { + i1++; // COMPLIANT + } +} + +void test_inc_loop_guard() { + for (signed int i1 = 0; i1 < 10; i1++) { // COMPLIANT + // ... + } +} + +void test_dec(signed int i1) { + i1--; // NON_COMPLIANT +} + +void test_dec_guard(signed int i1) { + if (i1 > INT_MIN) { + i1--; // COMPLIANT + } +} + +void test_dec_loop_guard() { + for (signed int i1 = 10; i1 > 0; i1--) { // COMPLIANT + // ... + } } \ No newline at end of file From 8a67704ae63b9b5e549efd71360cb3fbd7b2c8ab Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 24 Mar 2023 23:31:28 +0000 Subject: [PATCH 0883/2573] IntegerOverflow: INT30-C to medium --- c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql | 2 +- rule_packages/c/IntegerOverflow.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql b/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql index 318b166950..707d978bd4 100644 --- a/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql +++ b/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql @@ -5,7 +5,7 @@ * modular way. If the size of the type is not sufficient, this can happen * unexpectedly. * @kind problem - * @precision high + * @precision mdeium * @problem.severity error * @tags external/cert/id/int30-c * correctness diff --git a/rule_packages/c/IntegerOverflow.json b/rule_packages/c/IntegerOverflow.json index 7e79cd8b32..d3a643f597 100644 --- a/rule_packages/c/IntegerOverflow.json +++ b/rule_packages/c/IntegerOverflow.json @@ -9,7 +9,7 @@ "description": "Unsigned integer expressions do not strictly overflow, but instead wrap around in a modular way. If the size of the type is not sufficient, this can happen unexpectedly.", "kind": "problem", "name": "Ensure that unsigned integer operations do not wrap", - "precision": "high", + "precision": "mdeium", "severity": "error", "short_name": "UnsignedIntegerOperationsWrapAround", "tags": [ From e4b6417581e0557d4d8a617ba7a7a5218d4dba82 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 24 Mar 2023 23:34:47 +0000 Subject: [PATCH 0884/2573] INT33-C: Include assign div/mod --- c/cert/src/rules/INT33-C/DivOrRemByZero.ql | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/c/cert/src/rules/INT33-C/DivOrRemByZero.ql b/c/cert/src/rules/INT33-C/DivOrRemByZero.ql index 664e25980b..a5e34f13c4 100644 --- a/c/cert/src/rules/INT33-C/DivOrRemByZero.ql +++ b/c/cert/src/rules/INT33-C/DivOrRemByZero.ql @@ -12,14 +12,14 @@ import cpp import codingstandards.c.cert +import codingstandards.cpp.Overflow import semmle.code.cpp.controlflow.Guards import semmle.code.cpp.valuenumbering.GlobalValueNumbering -from BinaryArithmeticOperation divOrMod, Expr divisor +from DivOrRemOperation divOrMod, Expr divisor where not isExcluded(divOrMod, IntegerOverflowPackage::divOrRemByZeroQuery()) and - divOrMod.getOperator() = ["/", "%"] and - divisor = divOrMod.getRightOperand() and + divisor = divOrMod.getDivisor() and divisor.getType() instanceof IntegralType and // Range includes 0 upperBound(divisor) >= 0 and From d5b7fe5800fcdb29a9676f7a9d2536207239ce3e Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 24 Mar 2023 23:35:43 +0000 Subject: [PATCH 0885/2573] Fix typo. --- c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql | 2 +- rule_packages/c/IntegerOverflow.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql b/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql index 707d978bd4..3d25313915 100644 --- a/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql +++ b/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.ql @@ -5,7 +5,7 @@ * modular way. If the size of the type is not sufficient, this can happen * unexpectedly. * @kind problem - * @precision mdeium + * @precision medium * @problem.severity error * @tags external/cert/id/int30-c * correctness diff --git a/rule_packages/c/IntegerOverflow.json b/rule_packages/c/IntegerOverflow.json index d3a643f597..5edc90eb21 100644 --- a/rule_packages/c/IntegerOverflow.json +++ b/rule_packages/c/IntegerOverflow.json @@ -9,7 +9,7 @@ "description": "Unsigned integer expressions do not strictly overflow, but instead wrap around in a modular way. If the size of the type is not sufficient, this can happen unexpectedly.", "kind": "problem", "name": "Ensure that unsigned integer operations do not wrap", - "precision": "mdeium", + "precision": "medium", "severity": "error", "short_name": "UnsignedIntegerOperationsWrapAround", "tags": [ From 7dba0821b23cee2e2f57c641fa1385afcd2926eb Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Fri, 24 Mar 2023 16:47:44 -0700 Subject: [PATCH 0886/2573] Rename .expected.gcc file --- ...cted.gcc => CtypeFunctionArgNotUnsignedCharOrEof.expected.gcc} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename c/misra/test/rules/RULE-21-13/{CtypeFunctionArgNotUnsignedCharorEof.expected.gcc => CtypeFunctionArgNotUnsignedCharOrEof.expected.gcc} (100%) diff --git a/c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharorEof.expected.gcc b/c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.expected.gcc similarity index 100% rename from c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharorEof.expected.gcc rename to c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.expected.gcc From 3b548fe54e36fd8469093b3b766bd2a0d8daba88 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 26 Mar 2023 22:08:48 +0100 Subject: [PATCH 0887/2573] M6-5-2: Expand definition of modification Identify calls to non-const functions as "modifying" the local variable. --- cpp/common/src/codingstandards/cpp/Loops.qll | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/Loops.qll b/cpp/common/src/codingstandards/cpp/Loops.qll index f2b5f1e539..bc156584da 100644 --- a/cpp/common/src/codingstandards/cpp/Loops.qll +++ b/cpp/common/src/codingstandards/cpp/Loops.qll @@ -123,7 +123,19 @@ predicate isInvalidForLoopIncrementation(ForStmt forLoop, Variable v, VariableAc v = getAnIterationVariable(forLoop) and modification = v.getAnAccess() and modification = forLoop.getUpdate().getAChild*() and - modification.isModified() and + // Is modified + ( + // Variable directly modified + modification.isModified() + or + // Has a call to a member function on the variable, where the target is non-const, + // i.e. can modify the state of the object + exists(Call c | + c.getQualifier() = modification and + not c.getTarget() instanceof ConstMemberFunction + ) + ) and + // And not by a call to a crement operator not exists(CrementOperation cop | cop.getOperand() = modification) and not exists(Call c | c.getQualifier() = modification and c.getTarget() instanceof UserCrementOperator From 585ebbb9934e06be3cdb72cdac7b6d0e20d48e5a Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 26 Mar 2023 22:20:48 +0100 Subject: [PATCH 0888/2573] Rule 15.4: Update test comment --- c/misra/test/rules/RULE-15-4/test.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/misra/test/rules/RULE-15-4/test.c b/c/misra/test/rules/RULE-15-4/test.c index 6c0693be01..2d4a0677a7 100644 --- a/c/misra/test/rules/RULE-15-4/test.c +++ b/c/misra/test/rules/RULE-15-4/test.c @@ -59,7 +59,7 @@ void f3(int k) { L3: k++; while (k < 10) { // NON_COMPLIANT - the nested goto - // only applies to the switch + // is an additional exit point for the while loop if (k > 5) { break; } From 74a5d7a3d11f55d786364fcec1189dfb29c423c9 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 26 Mar 2023 22:48:42 +0100 Subject: [PATCH 0889/2573] Loops: Handle user crement/assignment --- cpp/common/src/codingstandards/cpp/Loops.qll | 29 ++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/cpp/common/src/codingstandards/cpp/Loops.qll b/cpp/common/src/codingstandards/cpp/Loops.qll index bc156584da..82746b036c 100644 --- a/cpp/common/src/codingstandards/cpp/Loops.qll +++ b/cpp/common/src/codingstandards/cpp/Loops.qll @@ -49,6 +49,20 @@ private predicate inForUpdate(Expr forUpdate, Expr child) { exists(Expr mid | inForUpdate(forUpdate, mid) and child.getParent() = mid) } +class MemberCrementOperation extends FunctionCall { + MemberCrementOperation() { this.getTarget() instanceof UserCrementOperator } + + Expr getOperand() { result = this.getQualifier() } +} + +class MemberAssignmentOperation extends FunctionCall { + MemberAssignmentOperation() { this.getTarget() instanceof AssignmentOperator } + + Expr getLValue() { result = this.getQualifier() } + + string getOperator() { result = this.getTarget().getName().regexpCapture("operator(.+)", 1) } +} + /** * Gets a LoopCounter for the given `ForStmt`. * @@ -68,6 +82,21 @@ Variable getALoopCounter(ForStmt fs) { va = result.getAnAccess() ) or + exists(MemberCrementOperation op, VariableAccess va | + op = updateOp and + op instanceof MemberCrementOperation and + op.getOperand() = va and + va = result.getAnAccess() + ) + or + exists(MemberAssignmentOperation op, VariableAccess va | + op = updateOp and + op instanceof MemberAssignmentOperation and + op.getOperator() = ["+=", "-="] and + op.getLValue() = va and + va = result.getAnAccess() + ) + or exists(AssignArithmeticOperation op, VariableAccess va | op = updateOp and op instanceof AssignArithmeticOperation and From 5edcade137fd44627c63f0155592713f1d14dc46 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 26 Mar 2023 22:51:43 +0100 Subject: [PATCH 0890/2573] SwitchNotWellFormed: Address compiler compat Declarations cannot appear just after case labels. --- .../rules/switchnotwellformed/SwitchNotWellFormed.expected | 6 +++--- c/common/test/rules/switchnotwellformed/test.c | 1 + 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.expected b/c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.expected index a9062b5fd4..6843b78cd9 100644 --- a/c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.expected +++ b/c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.expected @@ -1,3 +1,3 @@ -| test.c:4:3:10:3 | switch (...) ... | $@ statement not well formed because this $@ block uses a statement that is not allowed. | test.c:4:3:10:3 | switch (...) ... | Switch | test.c:5:3:5:9 | case ...: | case | -| test.c:13:3:20:3 | switch (...) ... | $@ statement not well formed because this $@ block uses a statement that is not allowed. | test.c:13:3:20:3 | switch (...) ... | Switch | test.c:14:3:14:10 | case ...: | case | -| test.c:25:3:30:3 | switch (...) ... | $@ statement not well formed because this $@ block uses a statement that is not allowed. | test.c:25:3:30:3 | switch (...) ... | Switch | test.c:26:3:26:9 | case ...: | case | +| test.c:4:3:11:3 | switch (...) ... | $@ statement not well formed because this $@ block uses a statement that is not allowed. | test.c:4:3:11:3 | switch (...) ... | Switch | test.c:5:3:5:9 | case ...: | case | +| test.c:14:3:21:3 | switch (...) ... | $@ statement not well formed because this $@ block uses a statement that is not allowed. | test.c:14:3:21:3 | switch (...) ... | Switch | test.c:15:3:15:10 | case ...: | case | +| test.c:26:3:31:3 | switch (...) ... | $@ statement not well formed because this $@ block uses a statement that is not allowed. | test.c:26:3:31:3 | switch (...) ... | Switch | test.c:27:3:27:9 | case ...: | case | diff --git a/c/common/test/rules/switchnotwellformed/test.c b/c/common/test/rules/switchnotwellformed/test.c index d1fe00d5af..1082ee405c 100644 --- a/c/common/test/rules/switchnotwellformed/test.c +++ b/c/common/test/rules/switchnotwellformed/test.c @@ -3,6 +3,7 @@ void f1(); void f2(int p1) { switch (p1) { case 1: + f1(); int y = p1; // NON_COMPLIANT - `DeclStmt` whose parent // statement is the switch body f1(); From d6ac6dfdd32ad114d0f3b1a337f6718963033439 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 26 Mar 2023 22:54:53 +0100 Subject: [PATCH 0891/2573] Rule 15.3: Address compiler compatibility issues Labels must be before a statement. --- c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.expected | 4 ++-- c/misra/test/rules/RULE-15-3/test.c | 3 +++ 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.expected b/c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.expected index 9a81d6f434..730403cbd7 100644 --- a/c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.expected +++ b/c/misra/test/rules/RULE-15-3/GotoLabelBlockCondition.expected @@ -1,3 +1,3 @@ | test.c:2:3:2:10 | goto ... | The $@ statement and its $@ are not declared or enclosed in the same block. | test.c:2:3:2:10 | goto ... | goto | test.c:4:3:4:5 | label ...: | label | -| test.c:37:3:37:10 | goto ... | The $@ statement and its $@ are not declared or enclosed in the same block. | test.c:37:3:37:10 | goto ... | goto | test.c:41:3:41:5 | label ...: | label | -| test.c:52:5:52:12 | goto ... | The $@ statement and its $@ are not declared or enclosed in the same block. | test.c:52:5:52:12 | goto ... | goto | test.c:55:3:55:5 | label ...: | label | +| test.c:40:3:40:10 | goto ... | The $@ statement and its $@ are not declared or enclosed in the same block. | test.c:40:3:40:10 | goto ... | goto | test.c:44:3:44:5 | label ...: | label | +| test.c:55:5:55:12 | goto ... | The $@ statement and its $@ are not declared or enclosed in the same block. | test.c:55:5:55:12 | goto ... | goto | test.c:58:3:58:5 | label ...: | label | diff --git a/c/misra/test/rules/RULE-15-3/test.c b/c/misra/test/rules/RULE-15-3/test.c index 82b149b326..739affcfc1 100644 --- a/c/misra/test/rules/RULE-15-3/test.c +++ b/c/misra/test/rules/RULE-15-3/test.c @@ -2,6 +2,7 @@ void f1() { goto L1; for (int i = 0; i < 100; i++) { L1: // NON_COMPLIANT + break; } } @@ -13,6 +14,7 @@ void f2() { } } L2: // COMPLIANT + return; } void f3() { @@ -21,6 +23,7 @@ void f3() { for (int j = 0; j < 10; j++) { goto L3; L3: // COMPLIANT + break; } } } From dec57edc6c6a02cc09b80f11fb0e5e13f898c6bb Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 26 Mar 2023 23:00:37 +0100 Subject: [PATCH 0892/2573] Statements: Improve var naming and alert message. --- change_notes/2023-03-26-nested-switch-case.md | 1 + .../nestedlabelinswitch/NestedLabelInSwitch.qll | 14 +++++++------- 2 files changed, 8 insertions(+), 7 deletions(-) create mode 100644 change_notes/2023-03-26-nested-switch-case.md diff --git a/change_notes/2023-03-26-nested-switch-case.md b/change_notes/2023-03-26-nested-switch-case.md new file mode 100644 index 0000000000..0265f46954 --- /dev/null +++ b/change_notes/2023-03-26-nested-switch-case.md @@ -0,0 +1 @@ + * `M6-4-4` - alert message updated for clarity. \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/rules/nestedlabelinswitch/NestedLabelInSwitch.qll b/cpp/common/src/codingstandards/cpp/rules/nestedlabelinswitch/NestedLabelInSwitch.qll index a1f06734d0..d6e75d6faf 100644 --- a/cpp/common/src/codingstandards/cpp/rules/nestedlabelinswitch/NestedLabelInSwitch.qll +++ b/cpp/common/src/codingstandards/cpp/rules/nestedlabelinswitch/NestedLabelInSwitch.qll @@ -11,15 +11,15 @@ abstract class NestedLabelInSwitchSharedQuery extends Query { } Query getQuery() { result instanceof NestedLabelInSwitchSharedQuery } query predicate problems( - SwitchCase nestedCase, string message, SwitchCase case, string caseLabel, SwitchStmt switch, + SwitchCase case, string message, SwitchCase caseLocation, string caseLabel, SwitchStmt switch, string switchLabel ) { - not isExcluded(nestedCase, getQuery()) and - switch.getASwitchCase() = case and - not nestedCase.getParentStmt() = switch.getChildStmt() and - nestedCase = case and + not isExcluded(case, getQuery()) and + switch.getASwitchCase() = caseLocation and + not case.getParentStmt() = switch.getChildStmt() and + case = caseLocation and message = - "The switch $@ does not appear at the outermost level of the compound statement forming the body of the $@ statement." and - caseLabel = nestedCase.toString() and + "The case $@ does not appear at the outermost level of the compound statement forming the body of the $@ statement." and + caseLabel = case.toString() and switchLabel = switch.toString() } From 575f42e8bda27b72527c303c70c507971469a753 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 26 Mar 2023 23:05:44 +0100 Subject: [PATCH 0893/2573] Rule 16.4: Simplify query --- .../src/rules/RULE-16-4/EverySwitchShallHaveDefaultLabel.ql | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/c/misra/src/rules/RULE-16-4/EverySwitchShallHaveDefaultLabel.ql b/c/misra/src/rules/RULE-16-4/EverySwitchShallHaveDefaultLabel.ql index c857690e84..a90bcc52dc 100644 --- a/c/misra/src/rules/RULE-16-4/EverySwitchShallHaveDefaultLabel.ql +++ b/c/misra/src/rules/RULE-16-4/EverySwitchShallHaveDefaultLabel.ql @@ -23,9 +23,7 @@ where exists(SwitchCase case, BreakStmt break | switch.getDefaultCase() = case and case.getFollowingStmt() = break and - not exists(Comment comment | - break.getLocation().getEndLine() - 1 = comment.getLocation().getEndLine() - ) and + not exists(Comment comment | comment.getCommentedElement() = break) and message = "has default label that does not terminate in a statement or comment before break statement" ) From 250e06fc834f577e84a31072e99ee8305c9122ee Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 26 Mar 2023 23:20:39 +0100 Subject: [PATCH 0894/2573] Rule 16.4: Consider nested blocks. --- .../EverySwitchShallHaveDefaultLabel.ql | 16 +++++++++++++++- .../EverySwitchShallHaveDefaultLabel.expected | 1 + c/misra/test/rules/RULE-16-4/test.c | 9 +++++++++ 3 files changed, 25 insertions(+), 1 deletion(-) diff --git a/c/misra/src/rules/RULE-16-4/EverySwitchShallHaveDefaultLabel.ql b/c/misra/src/rules/RULE-16-4/EverySwitchShallHaveDefaultLabel.ql index a90bcc52dc..bf199a84e1 100644 --- a/c/misra/src/rules/RULE-16-4/EverySwitchShallHaveDefaultLabel.ql +++ b/c/misra/src/rules/RULE-16-4/EverySwitchShallHaveDefaultLabel.ql @@ -14,6 +14,20 @@ import cpp import codingstandards.c.misra +Stmt getFirstNonBlockStatement(BlockStmt bs) { + exists(Stmt nextStmt | nextStmt = bs.getStmt(0) | + if nextStmt instanceof BlockStmt + then result = getFirstNonBlockStatement(nextStmt) + else result = nextStmt + ) +} + +Stmt getFirstStatement(DefaultCase case) { + exists(Stmt next | next = case.getFollowingStmt() | + if next instanceof BlockStmt then result = getFirstNonBlockStatement(next) else result = next + ) +} + from SwitchStmt switch, string message where not isExcluded(switch, Statements1Package::everySwitchShallHaveDefaultLabelQuery()) and @@ -22,7 +36,7 @@ where or exists(SwitchCase case, BreakStmt break | switch.getDefaultCase() = case and - case.getFollowingStmt() = break and + getFirstStatement(case) = break and not exists(Comment comment | comment.getCommentedElement() = break) and message = "has default label that does not terminate in a statement or comment before break statement" diff --git a/c/misra/test/rules/RULE-16-4/EverySwitchShallHaveDefaultLabel.expected b/c/misra/test/rules/RULE-16-4/EverySwitchShallHaveDefaultLabel.expected index 008b1513e8..6ecfe62c3e 100644 --- a/c/misra/test/rules/RULE-16-4/EverySwitchShallHaveDefaultLabel.expected +++ b/c/misra/test/rules/RULE-16-4/EverySwitchShallHaveDefaultLabel.expected @@ -1,2 +1,3 @@ | test.c:4:3:12:3 | switch (...) ... | $@ statement has missing default clause. | test.c:4:3:12:3 | switch (...) ... | Switch | | test.c:13:3:22:3 | switch (...) ... | $@ statement has default label that does not terminate in a statement or comment before break statement | test.c:13:3:22:3 | switch (...) ... | Switch | +| test.c:53:3:60:3 | switch (...) ... | $@ statement has default label that does not terminate in a statement or comment before break statement | test.c:53:3:60:3 | switch (...) ... | Switch | diff --git a/c/misra/test/rules/RULE-16-4/test.c b/c/misra/test/rules/RULE-16-4/test.c index 7c2f2b210d..45fa298fc6 100644 --- a/c/misra/test/rules/RULE-16-4/test.c +++ b/c/misra/test/rules/RULE-16-4/test.c @@ -49,4 +49,13 @@ void f1(int p1) { i++; break; } + + switch (p1) { // NON_COMPLIANT + case 1: + i++; + break; + default: { + break; + } + } } From d8b3facece1f51f5e3bb89783010ea489cf426c3 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 26 Mar 2023 23:22:49 +0100 Subject: [PATCH 0895/2573] Statements: Improve metadata. --- .../rules/RULE-16-4/EverySwitchShallHaveDefaultLabel.ql | 6 ++++-- .../src/rules/RULE-16-5/DefaultNotFirstOrLastOfSwitch.ql | 2 +- rule_packages/c/Statements1.json | 8 ++++---- 3 files changed, 9 insertions(+), 7 deletions(-) diff --git a/c/misra/src/rules/RULE-16-4/EverySwitchShallHaveDefaultLabel.ql b/c/misra/src/rules/RULE-16-4/EverySwitchShallHaveDefaultLabel.ql index bf199a84e1..a5d7c3cf2c 100644 --- a/c/misra/src/rules/RULE-16-4/EverySwitchShallHaveDefaultLabel.ql +++ b/c/misra/src/rules/RULE-16-4/EverySwitchShallHaveDefaultLabel.ql @@ -1,10 +1,12 @@ /** * @id c/misra/every-switch-shall-have-default-label * @name RULE-16-4: Every switch statement shall have a default label - * @description The requirement for a default label is defensive programming. + * @description A default label that has no statements or a comment explaining why this is correct + * indicates a missing implementation that may result in unexpected behavior when the + * default case is executed. * @kind problem * @precision very-high - * @problem.severity error + * @problem.severity warning * @tags external/misra/id/rule-16-4 * maintainability * readability diff --git a/c/misra/src/rules/RULE-16-5/DefaultNotFirstOrLastOfSwitch.ql b/c/misra/src/rules/RULE-16-5/DefaultNotFirstOrLastOfSwitch.ql index 22565b708e..f86e242ee3 100644 --- a/c/misra/src/rules/RULE-16-5/DefaultNotFirstOrLastOfSwitch.ql +++ b/c/misra/src/rules/RULE-16-5/DefaultNotFirstOrLastOfSwitch.ql @@ -1,7 +1,7 @@ /** * @id c/misra/default-not-first-or-last-of-switch * @name RULE-16-5: A default label shall appear as either the first or the last switch label or a switch statement - * @description Locating the default label is easy when it the first of last label. + * @description Locating the default label is easier when it is the first or last label. * @kind problem * @precision very-high * @problem.severity recommendation diff --git a/rule_packages/c/Statements1.json b/rule_packages/c/Statements1.json index 903172ae51..a8dc1b55ea 100644 --- a/rule_packages/c/Statements1.json +++ b/rule_packages/c/Statements1.json @@ -47,11 +47,11 @@ }, "queries": [ { - "description": "The requirement for a default label is defensive programming.", + "description": "A default label that has no statements or a comment explaining why this is correct indicates a missing implementation that may result in unexpected behavior when the default case is executed.", "kind": "problem", "name": "Every switch statement shall have a default label", "precision": "very-high", - "severity": "error", + "severity": "warning", "short_name": "EverySwitchShallHaveDefaultLabel", "tags": [ "maintainability", @@ -67,7 +67,7 @@ }, "queries": [ { - "description": "Locating the default label is easy when it the first of last label.", + "description": "Locating the default label is easier when it is the first or last label.", "kind": "problem", "name": "A default label shall appear as either the first or the last switch label or a switch statement", "precision": "very-high", @@ -79,4 +79,4 @@ "title": "A default label shall appear as either the first or the last switch label of a switch statement" } } -} +} \ No newline at end of file From d5750b094eb59686171ff81d8557626b3feef246 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 27 Mar 2023 00:50:14 +0100 Subject: [PATCH 0896/2573] NestedLabelInSwitch: Update expected after alert msg change --- .../rules/nestedlabelinswitch/NestedLabelInSwitch.expected | 6 +++--- .../rules/nestedlabelinswitch/NestedLabelInSwitch.expected | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.expected b/c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.expected index dfc375e567..3adeecc903 100644 --- a/c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.expected +++ b/c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.expected @@ -1,3 +1,3 @@ -| test.c:9:5:9:11 | case ...: | The switch $@ does not appear at the outermost level of the compound statement forming the body of the $@ statement. | test.c:9:5:9:11 | case ...: | case ...: | test.c:6:3:17:3 | switch (...) ... | switch (...) ... | -| test.c:36:5:36:11 | case ...: | The switch $@ does not appear at the outermost level of the compound statement forming the body of the $@ statement. | test.c:36:5:36:11 | case ...: | case ...: | test.c:23:3:43:3 | switch (...) ... | switch (...) ... | -| test.c:76:5:76:11 | case ...: | The switch $@ does not appear at the outermost level of the compound statement forming the body of the $@ statement. | test.c:76:5:76:11 | case ...: | case ...: | test.c:73:3:79:3 | switch (...) ... | switch (...) ... | +| test.c:9:5:9:11 | case ...: | The case $@ does not appear at the outermost level of the compound statement forming the body of the $@ statement. | test.c:9:5:9:11 | case ...: | case ...: | test.c:6:3:17:3 | switch (...) ... | switch (...) ... | +| test.c:36:5:36:11 | case ...: | The case $@ does not appear at the outermost level of the compound statement forming the body of the $@ statement. | test.c:36:5:36:11 | case ...: | case ...: | test.c:23:3:43:3 | switch (...) ... | switch (...) ... | +| test.c:76:5:76:11 | case ...: | The case $@ does not appear at the outermost level of the compound statement forming the body of the $@ statement. | test.c:76:5:76:11 | case ...: | case ...: | test.c:73:3:79:3 | switch (...) ... | switch (...) ... | diff --git a/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.expected b/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.expected index 79c75b75e3..58a238dbc4 100644 --- a/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.expected +++ b/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.expected @@ -1,3 +1,3 @@ -| test.cpp:9:5:9:11 | case ...: | The switch $@ does not appear at the outermost level of the compound statement forming the body of the $@ statement. | test.cpp:9:5:9:11 | case ...: | case ...: | test.cpp:6:3:17:3 | switch (...) ... | switch (...) ... | -| test.cpp:36:5:36:11 | case ...: | The switch $@ does not appear at the outermost level of the compound statement forming the body of the $@ statement. | test.cpp:36:5:36:11 | case ...: | case ...: | test.cpp:23:3:43:3 | switch (...) ... | switch (...) ... | -| test.cpp:76:5:76:11 | case ...: | The switch $@ does not appear at the outermost level of the compound statement forming the body of the $@ statement. | test.cpp:76:5:76:11 | case ...: | case ...: | test.cpp:73:3:79:3 | switch (...) ... | switch (...) ... | +| test.cpp:9:5:9:11 | case ...: | The case $@ does not appear at the outermost level of the compound statement forming the body of the $@ statement. | test.cpp:9:5:9:11 | case ...: | case ...: | test.cpp:6:3:17:3 | switch (...) ... | switch (...) ... | +| test.cpp:36:5:36:11 | case ...: | The case $@ does not appear at the outermost level of the compound statement forming the body of the $@ statement. | test.cpp:36:5:36:11 | case ...: | case ...: | test.cpp:23:3:43:3 | switch (...) ... | switch (...) ... | +| test.cpp:76:5:76:11 | case ...: | The case $@ does not appear at the outermost level of the compound statement forming the body of the $@ statement. | test.cpp:76:5:76:11 | case ...: | case ...: | test.cpp:73:3:79:3 | switch (...) ... | switch (...) ... | From 3a33a221aba678d6e1c0e1344e49cb74f5136fd0 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 27 Mar 2023 12:12:39 +0100 Subject: [PATCH 0897/2573] IntegerOverflow: recognise safe crements Due to widening in loops, SimpleRangeAnalysis is overly cautious about crement operations in loop updates. This commit makes some small adjustments to identify "safe" crement operations that cannot overflow due to the bounding by the loop counters. --- .../IntegerExpressionLeadToDataLoss.expected | 3 +- cpp/autosar/test/rules/A4-7-1/test.cpp | 30 ++++++--- .../src/codingstandards/cpp/Overflow.qll | 67 +++++++++++++++++++ 3 files changed, 89 insertions(+), 11 deletions(-) diff --git a/cpp/autosar/test/rules/A4-7-1/IntegerExpressionLeadToDataLoss.expected b/cpp/autosar/test/rules/A4-7-1/IntegerExpressionLeadToDataLoss.expected index d9c69bad90..17153b5a5b 100644 --- a/cpp/autosar/test/rules/A4-7-1/IntegerExpressionLeadToDataLoss.expected +++ b/cpp/autosar/test/rules/A4-7-1/IntegerExpressionLeadToDataLoss.expected @@ -8,4 +8,5 @@ | IntMultToLongc.cpp:109:13:109:28 | ... + ... | Binary expression ...+... may overflow. | | test.cpp:2:10:2:14 | ... + ... | Binary expression ...+... may overflow. | | test.cpp:22:12:22:16 | ... + ... | Binary expression ...+... may overflow. | -| test.cpp:52:7:52:14 | ... + ... | Binary expression ...+... may overflow. | +| test.cpp:50:7:50:14 | ... + ... | Binary expression ...+... may overflow. | +| test.cpp:62:8:62:10 | ... ++ | Binary expression ...++... may overflow. | diff --git a/cpp/autosar/test/rules/A4-7-1/test.cpp b/cpp/autosar/test/rules/A4-7-1/test.cpp index 9527155618..7f6cbb7abe 100644 --- a/cpp/autosar/test/rules/A4-7-1/test.cpp +++ b/cpp/autosar/test/rules/A4-7-1/test.cpp @@ -35,21 +35,31 @@ short test_addition_invalid_overflow_check(short x, short y) { return 0; } -void test_addition_loop_bound(unsigned int base, unsigned int size) { - if (size > 0) { - int n = size - 1; - for (int i = 0; i < n; i++) { - base + i; // COMPLIANT - `i` is bounded +void test_addition_loop_bound(unsigned short base, unsigned int n) { + if (n < 1000) { + for (unsigned int i = 0; i < n; i++) { // COMPLIANT + base + i; // COMPLIANT - `i` is bounded } } } -void test_addition_invalid_loop_bound(unsigned int base, unsigned int j, - unsigned int size) { - if (size > 0) { - int n = size - 1; - for (int i = 0; i < n; i++) { +void test_addition_invalid_loop_bound(unsigned short base, unsigned int j, + unsigned int n) { + if (n < 1000) { + for (unsigned int i = 0; i < n; i++) { // COMPLIANT base + j; // NON_COMPLIANT - guards are not related } } +} + +void test_loop_bound(unsigned int n) { + for (unsigned int i = 0; i < n; i++) { // COMPLIANT + } +} + +void test_loop_bound_bad(unsigned int n) { + for (unsigned short i = 0; i < n; + i++) { // NON_COMPLIANT - crement will overflow before loop bound is + // reached + } } \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/Overflow.qll b/cpp/common/src/codingstandards/cpp/Overflow.qll index fb5473b42b..d081a22bc1 100644 --- a/cpp/common/src/codingstandards/cpp/Overflow.qll +++ b/cpp/common/src/codingstandards/cpp/Overflow.qll @@ -33,6 +33,8 @@ class InterestingOverflowingOperation extends Operation { // Multiplication is not covered by the standard range analysis library, so implement our own // mini analysis. (this instanceof MulExpr implies MulExprAnalysis::overflows(this)) and + // This shouldn't be a "safe" crement operation + not LoopCounterAnalysis::isCrementSafeFromOverflow(this) and // Not within a macro not this.isAffectedByMacro() and // Ignore pointer arithmetic @@ -328,3 +330,68 @@ private module MulExprAnalysis { me.(MulAnalyzableExpr).minValue() < exprMinVal(me) } } + +/** + * An analysis on safe loop counters. + */ +module LoopCounterAnalysis { + newtype LoopBound = + LoopUpperBound() or + LoopLowerBound() + + predicate isLoopBounded( + CrementOperation cop, ForStmt fs, Variable loopCounter, Expr initializer, Expr counterBound, + LoopBound boundKind, boolean equals + ) { + // Initialization sets the loop counter + ( + loopCounter = fs.getInitialization().(DeclStmt).getADeclaration() and + initializer = loopCounter.getInitializer().getExpr() + or + loopCounter.getAnAssignment() = initializer and + initializer = fs.getInitialization().(ExprStmt).getExpr() + ) and + // Condition is a relation operation on the loop counter + exists(RelationalOperation relOp | + fs.getCondition() = relOp and + (if relOp.getOperator().charAt(1) = "=" then equals = true else equals = false) + | + relOp.getGreaterOperand() = loopCounter.getAnAccess() and + relOp.getLesserOperand() = counterBound and + cop instanceof DecrementOperation and + boundKind = LoopLowerBound() + or + relOp.getLesserOperand() = loopCounter.getAnAccess() and + relOp.getGreaterOperand() = counterBound and + cop instanceof IncrementOperation and + boundKind = LoopUpperBound() + ) and + // Update is a crement operation with the loop counter + fs.getUpdate() = cop and + cop.getOperand() = loopCounter.getAnAccess() + } + + /** + * Holds if the crement operation is safe from under/overflow. + */ + predicate isCrementSafeFromOverflow(CrementOperation op) { + exists( + Expr initializer, Expr counterBound, LoopBound boundKind, boolean equals, int equalsOffset + | + isLoopBounded(op, _, _, initializer, counterBound, boundKind, equals) and + ( + equals = true and equalsOffset = 1 + or + equals = false and equalsOffset = 0 + ) + | + boundKind = LoopUpperBound() and + // upper bound of the inccrement is smaller than the maximum value representable in the type + upperBound(counterBound) + equalsOffset <= typeUpperBound(op.getType().getUnspecifiedType()) + or + // the lower bound of the decrement is larger than the smal + boundKind = LoopLowerBound() and + lowerBound(counterBound) - equalsOffset >= typeLowerBound(op.getType().getUnspecifiedType()) + ) + } +} From ba3bf2bb15b3e152c703ffcdbdc1799e328ad6a8 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 27 Mar 2023 12:15:46 +0100 Subject: [PATCH 0898/2573] IntgerOverflow: Expose getting a valid post check. --- cpp/common/src/codingstandards/cpp/Overflow.qll | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Overflow.qll b/cpp/common/src/codingstandards/cpp/Overflow.qll index d081a22bc1..7f7f64b3ec 100644 --- a/cpp/common/src/codingstandards/cpp/Overflow.qll +++ b/cpp/common/src/codingstandards/cpp/Overflow.qll @@ -193,21 +193,26 @@ class InterestingOverflowingOperation extends Operation { * * Only holds for unsigned expressions, as signed overflow/underflow are undefined behavior. */ - predicate hasValidPostCheck() { + predicate hasValidPostCheck() { exists(getAValidPostCheck()) } + + /** + * Gets a correct validity check, `gc`, after this expression which may overflow. + */ + GuardCondition getAValidPostCheck() { this.getType().(IntegralType).isUnsigned() and ( exists(RelationalOperation ro | DataFlow::localExprFlow(this, ro.getLesserOperand()) and globalValueNumber(ro.getGreaterOperand()) = globalValueNumber(this.getAnOperand()) and (this instanceof AddExpr or this instanceof AssignAddExpr) and - ro instanceof GuardCondition + result = ro ) or exists(RelationalOperation ro | DataFlow::localExprFlow(this, ro.getGreaterOperand()) and globalValueNumber(ro.getLesserOperand()) = globalValueNumber(this.getAnOperand()) and (this instanceof SubExpr or this instanceof AssignSubExpr) and - ro instanceof GuardCondition + result = ro ) ) } From 68117b72f8cd62ff81b175c50b0fd7f14dbbd133 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 27 Mar 2023 12:37:49 +0100 Subject: [PATCH 0899/2573] IntegerOverflow: Support for more guards Add support for + and - guards related to checking operands relative to each other. --- .../src/codingstandards/cpp/Overflow.qll | 20 +++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/cpp/common/src/codingstandards/cpp/Overflow.qll b/cpp/common/src/codingstandards/cpp/Overflow.qll index 7f7f64b3ec..c5461eb8ab 100644 --- a/cpp/common/src/codingstandards/cpp/Overflow.qll +++ b/cpp/common/src/codingstandards/cpp/Overflow.qll @@ -74,6 +74,26 @@ class InterestingOverflowingOperation extends Operation { ae.getExplicitlyConverted().getType().getSize() < any(IntType i).getSize() ) or + // Match this pattern for checking for unsigned integer overflow on add + // if (UINT_MAX - i1 < i2) + (this instanceof AddExpr or this instanceof AssignAddExpr) and + this.getType().getUnspecifiedType().(IntegralType).isUnsigned() and + exists(SubExpr se, RelationalOperation relOp | + globalValueNumber(relOp.getGreaterOperand()) = i2 and + relOp.getAnOperand() = se and + globalValueNumber(se.getRightOperand()) = i1 and + se.getLeftOperand().getValue().toFloat() = typeUpperBound(getType()) + ) + or + // Match this pattern for checking for unsigned integer underflow on subtract + // if (i1 < i2) + (this instanceof SubExpr or this instanceof AssignSubExpr) and + this.getType().getUnspecifiedType().(IntegralType).isUnsigned() and + exists(RelationalOperation relOp | + globalValueNumber(relOp.getGreaterOperand()) = i2 and + globalValueNumber(relOp.getLesserOperand()) = i1 + ) + or // The CERT rule for signed integer overflow has a very specific pattern it recommends // for checking for overflow. We try to match the pattern here. // ((i2 > 0 && i1 > (INT_MAX - i2)) || (i2 < 0 && i1 < (INT_MIN - i2))) From a2c8fe36f0e04ab8575c308aaccc982946332ac5 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Mon, 27 Mar 2023 12:45:06 +0100 Subject: [PATCH 0900/2573] Add change note --- change_notes/2023-03-27-integer-overflow.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 change_notes/2023-03-27-integer-overflow.md diff --git a/change_notes/2023-03-27-integer-overflow.md b/change_notes/2023-03-27-integer-overflow.md new file mode 100644 index 0000000000..8c86bae307 --- /dev/null +++ b/change_notes/2023-03-27-integer-overflow.md @@ -0,0 +1,4 @@ + * `A4-7-1` - `IntegerExpressionLeadToDataLoss.ql` - reduce false positives and false negatives by: + - Identifying additional categories of valid guard. + - Excluding guards which were not proven to prevent overflow or underflow. + - Expand coverage to include unary operations and arithmetic assignment operations. \ No newline at end of file From 37d59bb3eeb0930e0b259fb55b7c296bccc22087 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Mon, 27 Mar 2023 14:10:44 -0700 Subject: [PATCH 0901/2573] Update DIR-4-6 to include size check for typedef --- ...ainNumericalTypeUsedOverExplicitTypedef.ql | 21 +++++-- ...ericalTypeUsedOverExplicitTypedef.expected | 2 + c/misra/test/rules/DIR-4-6/test.c | 62 +++++++++---------- 3 files changed, 50 insertions(+), 35 deletions(-) diff --git a/c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql b/c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql index 16d8af6595..6c8d283786 100644 --- a/c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql +++ b/c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql @@ -37,10 +37,23 @@ predicate forbiddenBuiltinNumericUsedInDecl(Variable var, string message) { message = "The type " + var.getType() + " is not a fixed-width numeric type." } -predicate forbiddenTypedef(TypedefType typedef, string message) { - typedef.getBaseType() instanceof BuiltInNumericType and - not typedef.getName().regexpMatch("u?(int|float)(4|8|16|32|64|128)_t") and - message = "The type " + typedef.getName() + " is not an alias to a fixed-width numeric type." +// TODO: add some inline comments +predicate forbiddenTypedef(CTypedefType typedef, string message) { + /* If the typedef's name contains an explicit size */ + ( + if typedef.getName().regexpMatch("u?(int|float)(4|8|16|32|64|128)_t") + then ( + /* Then the actual type size should match. */ + not typedef.getSize() * 8 = + // times 8 because getSize() gets the size in bytes + typedef.getName().regexpCapture("u?(int|float)(4|8|16|32|64|128)_t", 2).toInt() and + message = "The typedef type " + typedef.getName() + " does not have its indicated size." + ) else ( + /* Otherwise, the aliased type itself should have an explicit size in its name. */ + not typedef.getBaseType().getName().regexpMatch("u?(int|float)(4|8|16|32|64|128)_t") and + message = "The type " + typedef.getName() + " is not an alias to a fixed-width numeric type." + ) + ) } from Element elem, string message diff --git a/c/misra/test/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.expected b/c/misra/test/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.expected index 49865c8824..c7f1cba77a 100644 --- a/c/misra/test/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.expected +++ b/c/misra/test/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.expected @@ -1,3 +1,5 @@ +| test.c:14:5:14:10 | int4_t | The typedef type int4_t does not have its indicated size. | +| test.c:16:5:16:11 | uint4_t | The typedef type uint4_t does not have its indicated size. | | test.c:27:5:27:26 | _astronomical_number_t | The type _astronomical_number_t is not an alias to a fixed-width numeric type. | | test.c:34:15:34:16 | c2 | The type signed char is not a fixed-width numeric type. | | test.c:35:17:35:18 | c3 | The type unsigned char is not a fixed-width numeric type. | diff --git a/c/misra/test/rules/DIR-4-6/test.c b/c/misra/test/rules/DIR-4-6/test.c index b806b91c08..07b3c48901 100644 --- a/c/misra/test/rules/DIR-4-6/test.c +++ b/c/misra/test/rules/DIR-4-6/test.c @@ -1,19 +1,19 @@ -typedef signed char int8_t; // COMPLIANT: exception, typedefs are permitted -typedef unsigned char uint8_t; // COMPLIANT: exception, typedefs are permitted +typedef signed char int8_t; // COMPLIANT: exception, typedefs are permitted +typedef unsigned char uint8_t; // COMPLIANT: exception, typedefs are permitted typedef signed short int16_t; // COMPLIANT: exception, typedefs are permitted typedef unsigned short uint16_t; // COMPLIANT: exception, typedefs are permitted -typedef signed int int32_t; // COMPLIANT: exception, typedefs are permitted -typedef unsigned int uint32_t; // COMPLIANT: exception, typedefs are permitted +typedef signed int int32_t; // COMPLIANT: exception, typedefs are permitted +typedef unsigned int uint32_t; // COMPLIANT: exception, typedefs are permitted -typedef signed long int64_t; // COMPLIANT: exception, typedefs are permitted -typedef unsigned long uint64_t; // COMPLIANT: exception, typedefs are permitted +typedef signed long int64_t; // COMPLIANT: exception, typedefs are permitted +typedef unsigned long uint64_t; // COMPLIANT: exception, typedefs are permitted typedef signed long long - int128_t; // COMPLIANT: exception, typedefs are permitted + int4_t; // NON_COMPLIANT: typedef does not have its indicated size typedef unsigned long long - uint128_t; // COMPLIANT: exception, typedefs are permitted + uint4_t; // NON_COMPLIANT: typedef does not have its indicated size typedef float float32_t; // COMPLIANT: exception, typedefs are permitted typedef double float64_t; // COMPLIANT: exception, typedefs are permitted @@ -28,38 +28,38 @@ typedef int int // COMPLIANT: exception, main's return type can be plain int main(int argc, // COMPLIANT: exception, argc's type can be plain int - char *argv[]) { // COMPLIANT: char is not a basic numeric type + char *argv[]) { // COMPLIANT: char is not a basic numeric type - char c1 = 1; // COMPLIANT: char is not a basic numeric type - signed char c2 = 1; // NON_COMPLIANT: use typedef int8_t - unsigned char c3 = 1; // NON_COMPLIANT: use typedef uint8_t - int8_t c4 = 1; // COMPLIANT: typedef used instead + char c1 = 1; // COMPLIANT: char is not a basic numeric type + signed char c2 = 1; // NON_COMPLIANT: use typedef int8_t + unsigned char c3 = 1; // NON_COMPLIANT: use typedef uint8_t + int8_t c4 = 1; // COMPLIANT: typedef used instead - short s1 = 1; // NON_COMPLIANT: short is a basic numeric type - signed short s2 = 1; // NON_COMPLIANT: use typedef int16_t - unsigned short s3 = 1; // NON_COMPLIANT: use typedef uint16_t - int16_t s4 = 1; // COMPLIANT: typedef used instead + short s1 = 1; // NON_COMPLIANT: short is a basic numeric type + signed short s2 = 1; // NON_COMPLIANT: use typedef int16_t + unsigned short s3 = 1; // NON_COMPLIANT: use typedef uint16_t + int16_t s4 = 1; // COMPLIANT: typedef used instead - int i1 = 1; // NON_COMPLIANT: int is a basic numeric type - signed int i2 = 1; // NON_COMPLIANT: use typedef int32_t - unsigned int i3 = 1; // NON_COMPLIANT: use typedef uint32_t - int32_t i4 = 1; // COMPLIANT: typedef used instead + int i1 = 1; // NON_COMPLIANT: int is a basic numeric type + signed int i2 = 1; // NON_COMPLIANT: use typedef int32_t + unsigned int i3 = 1; // NON_COMPLIANT: use typedef uint32_t + int32_t i4 = 1; // COMPLIANT: typedef used instead - long l1 = 1; // NON_COMPLIANT: int is a basic numeric type - signed long l2 = 1; // NON_COMPLIANT: use typedef int64_t - unsigned long l3 = 1; // NON_COMPLIANT: use typedef uint64_t - int64_t l4 = 1; // COMPLIANT: typedef used instead + long l1 = 1; // NON_COMPLIANT: int is a basic numeric type + signed long l2 = 1; // NON_COMPLIANT: use typedef int64_t + unsigned long l3 = 1; // NON_COMPLIANT: use typedef uint64_t + int64_t l4 = 1; // COMPLIANT: typedef used instead long long ll1 = 1; // NON_COMPLIANT: int is a basic numeric type - signed long long ll2 = 1; // NON_COMPLIANT: use typedef int128_t - unsigned long long ll3 = 1; // NON_COMPLIANT: use typedef uint128_t - int128_t ll4 = 1; // COMPLIANT: typedef used instead + signed long long ll2 = 1; // NON_COMPLIANT: use typedef int64_t + unsigned long long ll3 = 1; // NON_COMPLIANT: use typedef uint64_t + int64_t ll4 = 1; // COMPLIANT: typedef used instead float f1 = 1; // NON_COMPLIANT: float is a basic numeric type, use a typedef - float32_t f2 = 1; // COMPLIANT: typedef used instead + float32_t f2 = 1; // COMPLIANT: typedef used instead - double d1 = 1; // NON_COMPLIANT: int is a basic numeric type - float64_t d2 = 1; // COMPLIANT: typedef used instead + double d1 = 1; // NON_COMPLIANT: int is a basic numeric type + float64_t d2 = 1; // COMPLIANT: typedef used instead long double ld1 = 1; // NON_COMPLIANT: int is a basic numeric type float128_t ld2 = 1; // COMPLIANT: typedef used instead From 2889a5d92a993bf93f1380c242e2f2827c1b9996 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Mon, 27 Mar 2023 14:19:51 -0700 Subject: [PATCH 0902/2573] Address inconsistency in rules.csv --- rules.csv | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/rules.csv b/rules.csv index cb91734842..14dae79c26 100644 --- a/rules.csv +++ b/rules.csv @@ -552,9 +552,9 @@ c,CERT-C,INT30-C,Yes,Rule,,,Ensure that unsigned integer operations do not wrap, c,CERT-C,INT31-C,Yes,Rule,,,Ensure that integer conversions do not result in lost or misinterpreted data,A4-7-1,IntegerOverflow,Hard, c,CERT-C,INT32-C,Yes,Rule,,,Ensure that operations on signed integers do not result in overflow,A4-7-1,IntegerOverflow,Hard, c,CERT-C,INT33-C,Yes,Rule,,,Ensure that division and remainder operations do not result in divide-by-zero errors,,IntegerOverflow,Hard, -c,CERT-C,INT34-C,Yes,Rule,,,Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand,M5-8-1,Types,Import, +c,CERT-C,INT34-C,Yes,Rule,,,Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand,M5-8-1,Types1,Import, c,CERT-C,INT35-C,Yes,Rule,,,Use correct integer precisions,,IntegerOverflow,Hard, -c,CERT-C,INT36-C,Yes,Rule,,,Converting a pointer to integer or integer to pointer,M5-2-9,Types,Easy, +c,CERT-C,INT36-C,Yes,Rule,,,Converting a pointer to integer or integer to pointer,M5-2-9,Types1,Easy, c,CERT-C,MEM30-C,Yes,Rule,,,Do not access freed memory,MEM50-CPP,InvalidMemory1,Import, c,CERT-C,MEM31-C,Yes,Rule,,,Free dynamically allocated memory when no longer needed,,Memory2,Very Hard, c,CERT-C,MEM33-C,Yes,Rule,,,Allocate and copy structures containing a flexible array member dynamically,,Memory2,Very Hard, @@ -686,7 +686,7 @@ c,MISRA-C-2012,RULE-12-1,Yes,Advisory,,,The precedence of operators within expre c,MISRA-C-2012,RULE-12-2,Yes,Required,,,The right hand operand of a shift operator shall lie in the range zero to one less than the width in bits of the essential type of the left hand operand,,Contracts7,Medium, c,MISRA-C-2012,RULE-12-3,Yes,Advisory,,,The comma operator should not be used,M5-18-1,Banned,Import, c,MISRA-C-2012,RULE-12-4,Yes,Advisory,,,Evaluation of constant expressions should not lead to unsigned integer wrap-around,INT30-C,IntegerOverflow,Easy, -c,MISRA-C-2012,RULE-12-5,Yes,Mandatory,,,The sizeof operator shall not have an operand which is a function parameter declared as �array of type�,,Types,Medium, +c,MISRA-C-2012,RULE-12-5,Yes,Mandatory,,,The sizeof operator shall not have an operand which is a function parameter declared as �array of type�,,Types1,Medium, c,MISRA-C-2012,RULE-13-1,Yes,Required,,,Initializer lists shall not contain persistent side effects,,SideEffects1,Medium, c,MISRA-C-2012,RULE-13-2,Yes,Required,,,The value of an expression and its persistent side effects shall be the same under all permitted evaluation orders,PRE31-C,SideEffects,Medium, c,MISRA-C-2012,RULE-13-3,Yes,Advisory,,,A full expression containing an increment (++) or decrement (--) operator should have no other potential side effects other than that caused by the increment or decrement operator,,SideEffects2,Medium, From ea313085f45742f11bca5b8f9d0408e4e606d515 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Mon, 27 Mar 2023 14:57:29 -0700 Subject: [PATCH 0903/2573] Format test.c for DIR-4-6 --- c/misra/test/rules/DIR-4-6/test.c | 54 +++++++++++++++---------------- 1 file changed, 27 insertions(+), 27 deletions(-) diff --git a/c/misra/test/rules/DIR-4-6/test.c b/c/misra/test/rules/DIR-4-6/test.c index 07b3c48901..db0842c4f6 100644 --- a/c/misra/test/rules/DIR-4-6/test.c +++ b/c/misra/test/rules/DIR-4-6/test.c @@ -1,17 +1,17 @@ -typedef signed char int8_t; // COMPLIANT: exception, typedefs are permitted -typedef unsigned char uint8_t; // COMPLIANT: exception, typedefs are permitted +typedef signed char int8_t; // COMPLIANT: exception, typedefs are permitted +typedef unsigned char uint8_t; // COMPLIANT: exception, typedefs are permitted typedef signed short int16_t; // COMPLIANT: exception, typedefs are permitted typedef unsigned short uint16_t; // COMPLIANT: exception, typedefs are permitted -typedef signed int int32_t; // COMPLIANT: exception, typedefs are permitted -typedef unsigned int uint32_t; // COMPLIANT: exception, typedefs are permitted +typedef signed int int32_t; // COMPLIANT: exception, typedefs are permitted +typedef unsigned int uint32_t; // COMPLIANT: exception, typedefs are permitted -typedef signed long int64_t; // COMPLIANT: exception, typedefs are permitted -typedef unsigned long uint64_t; // COMPLIANT: exception, typedefs are permitted +typedef signed long int64_t; // COMPLIANT: exception, typedefs are permitted +typedef unsigned long uint64_t; // COMPLIANT: exception, typedefs are permitted typedef signed long long - int4_t; // NON_COMPLIANT: typedef does not have its indicated size + int4_t; // NON_COMPLIANT: typedef does not have its indicated size typedef unsigned long long uint4_t; // NON_COMPLIANT: typedef does not have its indicated size @@ -28,27 +28,27 @@ typedef int int // COMPLIANT: exception, main's return type can be plain int main(int argc, // COMPLIANT: exception, argc's type can be plain int - char *argv[]) { // COMPLIANT: char is not a basic numeric type + char *argv[]) { // COMPLIANT: char is not a basic numeric type - char c1 = 1; // COMPLIANT: char is not a basic numeric type - signed char c2 = 1; // NON_COMPLIANT: use typedef int8_t - unsigned char c3 = 1; // NON_COMPLIANT: use typedef uint8_t - int8_t c4 = 1; // COMPLIANT: typedef used instead + char c1 = 1; // COMPLIANT: char is not a basic numeric type + signed char c2 = 1; // NON_COMPLIANT: use typedef int8_t + unsigned char c3 = 1; // NON_COMPLIANT: use typedef uint8_t + int8_t c4 = 1; // COMPLIANT: typedef used instead - short s1 = 1; // NON_COMPLIANT: short is a basic numeric type - signed short s2 = 1; // NON_COMPLIANT: use typedef int16_t - unsigned short s3 = 1; // NON_COMPLIANT: use typedef uint16_t - int16_t s4 = 1; // COMPLIANT: typedef used instead + short s1 = 1; // NON_COMPLIANT: short is a basic numeric type + signed short s2 = 1; // NON_COMPLIANT: use typedef int16_t + unsigned short s3 = 1; // NON_COMPLIANT: use typedef uint16_t + int16_t s4 = 1; // COMPLIANT: typedef used instead - int i1 = 1; // NON_COMPLIANT: int is a basic numeric type - signed int i2 = 1; // NON_COMPLIANT: use typedef int32_t - unsigned int i3 = 1; // NON_COMPLIANT: use typedef uint32_t - int32_t i4 = 1; // COMPLIANT: typedef used instead + int i1 = 1; // NON_COMPLIANT: int is a basic numeric type + signed int i2 = 1; // NON_COMPLIANT: use typedef int32_t + unsigned int i3 = 1; // NON_COMPLIANT: use typedef uint32_t + int32_t i4 = 1; // COMPLIANT: typedef used instead - long l1 = 1; // NON_COMPLIANT: int is a basic numeric type - signed long l2 = 1; // NON_COMPLIANT: use typedef int64_t - unsigned long l3 = 1; // NON_COMPLIANT: use typedef uint64_t - int64_t l4 = 1; // COMPLIANT: typedef used instead + long l1 = 1; // NON_COMPLIANT: int is a basic numeric type + signed long l2 = 1; // NON_COMPLIANT: use typedef int64_t + unsigned long l3 = 1; // NON_COMPLIANT: use typedef uint64_t + int64_t l4 = 1; // COMPLIANT: typedef used instead long long ll1 = 1; // NON_COMPLIANT: int is a basic numeric type signed long long ll2 = 1; // NON_COMPLIANT: use typedef int64_t @@ -56,10 +56,10 @@ main(int argc, // COMPLIANT: exception, argc's type can be plain int int64_t ll4 = 1; // COMPLIANT: typedef used instead float f1 = 1; // NON_COMPLIANT: float is a basic numeric type, use a typedef - float32_t f2 = 1; // COMPLIANT: typedef used instead + float32_t f2 = 1; // COMPLIANT: typedef used instead - double d1 = 1; // NON_COMPLIANT: int is a basic numeric type - float64_t d2 = 1; // COMPLIANT: typedef used instead + double d1 = 1; // NON_COMPLIANT: int is a basic numeric type + float64_t d2 = 1; // COMPLIANT: typedef used instead long double ld1 = 1; // NON_COMPLIANT: int is a basic numeric type float128_t ld2 = 1; // COMPLIANT: typedef used instead From 5928bcc961b24b87cca275a6a2a9440ae5c94d42 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Tue, 28 Mar 2023 01:23:19 +0200 Subject: [PATCH 0904/2573] Define InvalidMemory2 and Memory3 packages --- .vscode/tasks.json | 1 + rule_packages/c/InvalidMemory2.json | 65 +++++++++++++++++++++++++++++ rule_packages/c/Memory3.json | 24 +++++++++++ rules.csv | 8 ++-- 4 files changed, 94 insertions(+), 4 deletions(-) create mode 100644 rule_packages/c/InvalidMemory2.json create mode 100644 rule_packages/c/Memory3.json diff --git a/.vscode/tasks.json b/.vscode/tasks.json index 8cebadd0c3..cf0c5a5af0 100644 --- a/.vscode/tasks.json +++ b/.vscode/tasks.json @@ -242,6 +242,7 @@ "Macros", "Memory1", "Memory2", + "Memory3", "Misc", "MoveForward", "Naming", diff --git a/rule_packages/c/InvalidMemory2.json b/rule_packages/c/InvalidMemory2.json new file mode 100644 index 0000000000..cb7d380159 --- /dev/null +++ b/rule_packages/c/InvalidMemory2.json @@ -0,0 +1,65 @@ +{ + "CERT-C": { + "ARR32-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "A variable-length array size that is zero, negative, overflowed, wrapped around, or excessively large may lead to undefined behaviour.", + "kind": "problem", + "name": "Ensure size arguments for variable length arrays are in a valid range", + "precision": "high", + "severity": "error", + "short_name": "VariableLengthArraySizeNotInValidRange", + "tags": [ + "correctness", + "security" + ] + } + ], + "title": "Ensure size arguments for variable length arrays are in a valid range" + }, + "ARR37-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "A pair of elements that are not elements in the same array are not guaranteed to be contiguous in memory and therefore should not be addressed using pointer arithmetic.", + "kind": "path-problem", + "name": "Do not add or subtract an integer to a pointer to a non-array object", + "precision": "high", + "severity": "error", + "short_name": "DoNotUsePointerArithmeticOnNonArrayObjectPointers", + "tags": [ + "correctness" + ] + } + ], + "title": "Do not add or subtract an integer to a pointer to a non-array object" + }, + "EXP35-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Attempting to modify an object with temporary lifetime results in undefined behavior.", + "kind": "problem", + "name": "Do not modify objects with temporary lifetime", + "precision": "high", + "severity": "error", + "short_name": "DoNotModifyObjectsWithTemporaryLifetime", + "tags": [ + "correctness" + ], + "implementation_scope": { + "description": "This implementation also always reports non-modifying accesses of objects with temporary lifetime, which are only compliant in C11." + } + } + ], + "title": "Do not modify objects with temporary lifetime" + } + } +} \ No newline at end of file diff --git a/rule_packages/c/Memory3.json b/rule_packages/c/Memory3.json new file mode 100644 index 0000000000..6eafcc6509 --- /dev/null +++ b/rule_packages/c/Memory3.json @@ -0,0 +1,24 @@ +{ + "CERT-C": { + "MEM35-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "The size of memory allocated dynamically must be adequate to represent the type of object referenced by the allocated memory.", + "kind": "problem", + "name": "Allocate sufficient memory for an object", + "precision": "medium", + "severity": "error", + "short_name": "InsufficientMemoryAllocatedForObject", + "tags": [ + "correctness", + "security" + ] + } + ], + "title": "Allocate sufficient memory for an object" + } + } +} \ No newline at end of file diff --git a/rules.csv b/rules.csv index 35b1c7f44c..285960ed03 100644 --- a/rules.csv +++ b/rules.csv @@ -479,7 +479,7 @@ cpp,CERT-C++,STR50-CPP,Yes,Rule,,,Guarantee that storage for strings has suffici cpp,CERT-C++,STR51-CPP,Yes,Rule,,,Do not attempt to create a std::string from a null pointer,,Null,Hard, cpp,CERT-C++,STR52-CPP,Yes,Rule,,,"Use valid references, pointers, and iterators to reference elements of a basic_string",,Iterators,Hard, cpp,CERT-C++,STR53-CPP,Yes,Rule,,,Range check element access,,OutOfBounds,Hard, -c,CERT-C,ARR30-C,Yes,Rule,,,Do not form or use out-of-bounds pointers or array subscripts,,InvalidMemory2,Medium, +c,CERT-C,ARR30-C,Yes,Rule,,,Do not form or use out-of-bounds pointers or array subscripts,,OutOfBounds,Hard, c,CERT-C,ARR32-C,Yes,Rule,,,Ensure size arguments for variable length arrays are in a valid range,,InvalidMemory2,Medium, c,CERT-C,ARR36-C,Yes,Rule,,,Do not subtract or compare two pointers that do not refer to the same array,,Memory2,Medium, c,CERT-C,ARR37-C,Yes,Rule,,,Do not add or subtract an integer to a pointer to a non-array object,,InvalidMemory2,Medium, @@ -559,7 +559,7 @@ c,CERT-C,MEM30-C,Yes,Rule,,,Do not access freed memory,MEM50-CPP,InvalidMemory1, c,CERT-C,MEM31-C,Yes,Rule,,,Free dynamically allocated memory when no longer needed,,Memory2,Very Hard, c,CERT-C,MEM33-C,Yes,Rule,,,Allocate and copy structures containing a flexible array member dynamically,,Memory2,Very Hard, c,CERT-C,MEM34-C,Yes,Rule,,,Only free memory allocated dynamically,,Memory2,Hard, -c,CERT-C,MEM35-C,Yes,Rule,,,Allocate sufficient memory for an object,,Memory2,Very Hard, +c,CERT-C,MEM35-C,Yes,Rule,,,Allocate sufficient memory for an object,,Memory3,Very Hard, c,CERT-C,MEM36-C,Yes,Rule,,,Do not modify the alignment of objects by calling realloc(),,Memory2,Medium, c,CERT-C,MSC30-C,Yes,Rule,,,Do not use the rand() function for generating pseudorandom numbers,MSC50-CPP,Misc,Easy, c,CERT-C,MSC32-C,Yes,Rule,,,Properly seed pseudorandom number generators,MSC51-CPP,Misc,Easy, @@ -664,7 +664,7 @@ c,MISRA-C-2012,RULE-9-1,Yes,Mandatory,,,The value of an object with automatic st c,MISRA-C-2012,RULE-9-2,Yes,Required,,,The initializer for an aggregate or union shall be enclosed in braces,,Memory1,Easy, c,MISRA-C-2012,RULE-9-3,Yes,Required,,,Arrays shall not be partially initialized,,Memory1,Medium, c,MISRA-C-2012,RULE-9-4,Yes,Required,,,An element of an object shall not be initialized more than once,,Memory1,Medium, -c,MISRA-C-2012,RULE-9-5,Yes,Required,,,Where designated initializers are used to initialize an array object the size of the array shall be specified explicitly,,Memory2,Medium, +c,MISRA-C-2012,RULE-9-5,No,Required,,,Where designated initializers are used to initialize an array object the size of the array shall be specified explicitly,,,Medium, c,MISRA-C-2012,RULE-10-1,Yes,Required,,,Operands shall not be of an inappropriate essential type,,EssentialTypes,Hard, c,MISRA-C-2012,RULE-10-2,Yes,Required,,,Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations,,EssentialTypes,Medium, c,MISRA-C-2012,RULE-10-3,Yes,Required,,,The value of an expression shall not be assigned to an object with a narrower essential type or of a different essential type category,,EssentialTypes,Hard, @@ -759,7 +759,7 @@ c,MISRA-C-2012,RULE-21-13,Yes,Mandatory,,,Any value passed to a function in shall not result in accesses beyond the bounds of the objects referenced by their pointer parameters,,Memory2,Hard, +c,MISRA-C-2012,RULE-21-17,Yes,Mandatory,,,Use of the string handling functions from shall not result in accesses beyond the bounds of the objects referenced by their pointer parameters,,OutOfBounds,Hard, c,MISRA-C-2012,RULE-21-18,Yes,Mandatory,,,The size_t argument passed to any function in shall have an appropriate value,,OutOfBounds,Hard, c,MISRA-C-2012,RULE-21-19,Yes,Mandatory,,,"The pointers returned by the Standard Library functions localeconv, getenv, setlocale or, strerror shall only be used as if they have pointer to const-qualified type",ENV30-C,Contracts2,Medium, c,MISRA-C-2012,RULE-21-20,Yes,Mandatory,,,"The pointer returned by the Standard Library functions asctime, ctime, gmtime, localtime, localeconv, getenv, setlocale or strerror shall not be used following a subsequent call to the same function",ENV34-C,Contracts2,Import, From 1939ec229ce84ae8f83a243f5a1debc2a5cdf474 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Tue, 28 Mar 2023 01:25:46 +0200 Subject: [PATCH 0905/2573] InvalidMemory2: Implement ARR32-C query --- .../VariableLengthArraySizeNotInValidRange.md | 194 ++++++++++++++++++ .../VariableLengthArraySizeNotInValidRange.ql | 171 +++++++++++++++ ...bleLengthArraySizeNotInValidRange.expected | 41 ++++ ...riableLengthArraySizeNotInValidRange.qlref | 1 + c/cert/test/rules/ARR32-C/test.c | 143 +++++++++++++ .../cpp/exclusions/c/InvalidMemory2.qll | 61 ++++++ .../cpp/exclusions/c/Memory3.qll | 26 +++ .../cpp/exclusions/c/RuleMetadata.qll | 6 + 8 files changed, 643 insertions(+) create mode 100644 c/cert/src/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.md create mode 100644 c/cert/src/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.ql create mode 100644 c/cert/test/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.expected create mode 100644 c/cert/test/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.qlref create mode 100644 c/cert/test/rules/ARR32-C/test.c create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/InvalidMemory2.qll create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/Memory3.qll diff --git a/c/cert/src/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.md b/c/cert/src/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.md new file mode 100644 index 0000000000..d8554e2ef6 --- /dev/null +++ b/c/cert/src/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.md @@ -0,0 +1,194 @@ +# ARR32-C: Ensure size arguments for variable length arrays are in a valid range + +This query implements the CERT-C rule ARR32-C: + +> Ensure size arguments for variable length arrays are in a valid range + + +## Description + +Variable length arrays (VLAs), a conditionally supported language feature, are essentially the same as traditional C arrays except that they are declared with a size that is not a constant integer expression and can be declared only at block scope or function prototype scope and no linkage. When supported, a variable length array can be declared + +```cpp +{ /* Block scope */ + char vla[size]; +} + +``` +where the integer expression `size` and the declaration of `vla` are both evaluated at runtime. If the size argument supplied to a variable length array is not a positive integer value, the behavior is undefined. (See [undefined behavior 75](https://wiki.sei.cmu.edu/confluence/display/c/CC.+Undefined+Behavior#CC.UndefinedBehavior-ub_75).) Additionally, if the magnitude of the argument is excessive, the program may behave in an unexpected way. An attacker may be able to leverage this behavior to overwrite critical program data \[[Griffiths 2006](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-Griffiths06)\]. The programmer must ensure that size arguments to variable length arrays, especially those derived from untrusted data, are in a valid range. + +Because variable length arrays are a conditionally supported feature of C11, their use in portable code should be guarded by testing the value of the macro `__STDC_NO_VLA__`. Implementations that do not support variable length arrays indicate it by setting `__STDC_NO_VLA__` to the integer constant 1. + +## Noncompliant Code Example + +In this noncompliant code example, a variable length array of size `size` is declared. The `size` is declared as `size_t` in compliance with [INT01-C. Use rsize_t or size_t for all integer values representing the size of an object](https://wiki.sei.cmu.edu/confluence/display/c/INT01-C.+Use+rsize_t+or+size_t+for+all+integer+values+representing+the+size+of+an+object). + +```cpp +#include + +extern void do_work(int *array, size_t size); + +void func(size_t size) { + int vla[size]; + do_work(vla, size); +} + +``` +However, the value of `size` may be zero or excessive, potentially giving rise to a security [vulnerability](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability). + +## Compliant Solution + +This compliant solution ensures the `size` argument used to allocate `vla` is in a valid range (between 1 and a programmer-defined maximum); otherwise, it uses an algorithm that relies on dynamic memory allocation. The solution also avoids unsigned integer wrapping that, given a sufficiently large value of `size`, would cause `malloc` to allocate insufficient storage for the array. + +```cpp +#include +#include + +enum { MAX_ARRAY = 1024 }; +extern void do_work(int *array, size_t size); + +void func(size_t size) { + if (0 == size || SIZE_MAX / sizeof(int) < size) { + /* Handle error */ + return; + } + if (size < MAX_ARRAY) { + int vla[size]; + do_work(vla, size); + } else { + int *array = (int *)malloc(size * sizeof(int)); + if (array == NULL) { + /* Handle error */ + } + do_work(array, size); + free(array); + } +} + +``` + +## Noncompliant Code Example (sizeof) + +The following noncompliant code example defines `A` to be a variable length array and then uses the `sizeof` operator to compute its size at runtime. When the function is called with an argument greater than `SIZE_MAX / (N1 * sizeof (int))`, the runtime `sizeof` expression may wrap around, yielding a result that is smaller than the mathematical product `N1 * n2 * sizeof (int)`. The call to `malloc()`, when successful, will then allocate storage for fewer than `n2` elements of the array, causing one or more of the final `memset()` calls in the `for` loop to write past the end of that storage. + +```cpp +#include +#include + +enum { N1 = 4096 }; + +void *func(size_t n2) { + typedef int A[n2][N1]; + + A *array = malloc(sizeof(A)); + if (!array) { + /* Handle error */ + return NULL; + } + + for (size_t i = 0; i != n2; ++i) { + memset(array[i], 0, N1 * sizeof(int)); + } + + return array; +} + +``` +Furthermore, this code also violates [ARR39-C. Do not add or subtract a scaled integer to a pointer](https://wiki.sei.cmu.edu/confluence/display/c/ARR39-C.+Do+not+add+or+subtract+a+scaled+integer+to+a+pointer), where `array` is a pointer to the two-dimensional array, where it should really be a pointer to the latter dimension instead. This means that the `memset() `call does out-of-bounds writes on all of its invocations except the first. + +## Compliant Solution (sizeof) + +This compliant solution prevents `sizeof` wrapping by detecting the condition before it occurs and avoiding the subsequent computation when the condition is detected. The code also uses an additional typedef to fix the type of `array` so that `memset()` never writes past the two-dimensional array. + +```cpp +#include +#include +#include + +enum { N1 = 4096 }; + +void *func(size_t n2) { + if (n2 > SIZE_MAX / (N1 * sizeof(int))) { + /* Prevent sizeof wrapping */ + return NULL; + } + + typedef int A1[N1]; + typedef A1 A[n2]; + + A1 *array = (A1*) malloc(sizeof(A)); + + if (!array) { + /* Handle error */ + return NULL; + } + + for (size_t i = 0; i != n2; ++i) { + memset(array[i], 0, N1 * sizeof(int)); + } + return array; +} + +``` +**Implementation Details** + +**Microsoft** + +Variable length arrays are not supported by Microsoft compilers. + +## Risk Assessment + +Failure to properly specify the size of a variable length array may allow arbitrary code execution or result in stack exhaustion. + +
    Rule Severity Likelihood Remediation Cost Priority Level
    ARR32-C High Probable High P6 L2
    + + +## Automated Detection + +
    Tool Version Checker Description
    CodeSonar 7.2p0 ALLOC.SIZE.IOFLOWALLOC.SIZE.MULOFLOWMISC.MEM.SIZE.BAD Integer Overflow of Allocation Size Multiplication Overflow of Allocation Size Unreasonable Size Argument
    Coverity 2017.07 REVERSE_NEGATIVE Fully implemented
    Helix QAC 2022.4 C1051
    Klocwork 2022.4 MISRA.ARRAY.VAR_LENGTH.2012
    LDRA tool suite 9.7.1 621 S Enhanced enforcement
    Parasoft C/C++test 2022.2 CERT_C-ARR32-a Ensure the size of the variable length array is in valid range
    PC-lint Plus 1.4 9035 Assistance provided
    Polyspace Bug Finder R2023a CERT C: Rule ARR32-C Checks for: Memory allocation with tainted sizeemory allocation with tainted size, tainted size of variable length arrayainted size of variable length array. Rule fully covered.
    PRQA QA-C 9.7 1051 Partially implemented
    Cppcheck 1.66 negativeArraySize Context sensitive analysis Will warn only if given size is negative
    TrustInSoft Analyzer 1.38 alloca_bounds Exhaustively verified.
    + + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+ARR32-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
    Taxonomy Taxonomy item Relationship
    CERT C Secure Coding Standard INT01-C. Use rsize_t or size_t for all integer values representing the size of an object Prior to 2018-01-12: CERT: Unspecified Relationship
    ISO/IEC TR 24772:2013 Unchecked Array Indexing \[XYZ\] Prior to 2018-01-12: CERT: Unspecified Relationship
    ISO/IEC TS 17961:2013 Tainted, potentially mutilated, or out-of-domain integer values are used in a restricted sink \[taintsink\] Prior to 2018-01-12: CERT: Unspecified Relationship
    CWE 2.11 CWE-758 2017-06-29: CERT: Rule subset of CWE
    + + +## CERT-CWE Mapping Notes + +[Key here](https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=87152408#HowthisCodingStandardisOrganized-CERT-CWEMappingNotes) for mapping notes + +**CWE-129 and ARR32-C** + +Intersection( CWE-188, EXP39-C) = Ø + +ARR32-C addresses specifying the size of a variable-length array (VLA). CWE-129 addresses invalid array indices, not array sizes. + +**CWE-758 and ARR32-C** + +Independent( INT34-C, INT36-C, MSC37-C, FLP32-C, EXP33-C, EXP30-C, ERR34-C, ARR32-C) + +CWE-758 = Union( ARR32-C, list) where list = + +* Undefined behavior that results from anything other than too large a VLA dimension. +**CWE-119 and ARR32-C** +* Intersection( CWE-119, ARR32-C) = Ø +* ARR32-C is not about providing a valid buffer but reading/writing outside it. It is about providing an invalid buffer, or one that exhausts the stack. + +## Bibliography + +
    \[ Griffiths 2006 \]
    + + +## Implementation notes + +None + +## References + +* CERT-C: [ARR32-C: Ensure size arguments for variable length arrays are in a valid range](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.ql b/c/cert/src/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.ql new file mode 100644 index 0000000000..40a800aa69 --- /dev/null +++ b/c/cert/src/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.ql @@ -0,0 +1,171 @@ +/** + * @id c/cert/variable-length-array-size-not-in-valid-range + * @name ARR32-C: Ensure size arguments for variable length arrays are in a valid range + * @description A variable-length array size that is zero, negative, overflowed, wrapped around, or + * excessively large may lead to undefined behaviour. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/cert/id/arr32-c + * correctness + * security + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import codingstandards.cpp.Overflow + +/** + * Gets the maximum size (in bytes) a variable-length array + * should be to not be deemed excessively large persuant to this rule. + * This value has been arbitrarily chosen to be 2^16 - 1 bytes. + */ +private int maximumTotalVlaSize() { result = 65535 } + +/** + * Gets the base type of a pointer or array type. In the case of an array of + * arrays, the inner base type is returned. + * + * Copied from IncorrectPointerScalingCommon.qll. + */ +private Type baseType(Type t) { + ( + exists(PointerType dt | + dt = t.getUnspecifiedType() and + result = dt.getBaseType().getUnspecifiedType() + ) + or + exists(ArrayType at | + at = t.getUnspecifiedType() and + not at.getBaseType().getUnspecifiedType() instanceof ArrayType and + result = at.getBaseType().getUnspecifiedType() + ) + or + exists(ArrayType at, ArrayType at2 | + at = t.getUnspecifiedType() and + at2 = at.getBaseType().getUnspecifiedType() and + result = baseType(at2) + ) + ) and + // Make sure that the type has a size and that it isn't ambiguous. + strictcount(result.getSize()) = 1 +} + +/** + * The `SimpleRangeAnalysis` analysis over-zealously expands upper bounds of + * `SubExpr`s to account for potential wrapping even when no wrapping can occur. + * + * This class represents a `SubExpr` that is safe from wrapping. + */ +class SafeSubExprWithErroneouslyWrappedUpperBound extends SubExpr { + SafeSubExprWithErroneouslyWrappedUpperBound() { + lowerBound(this.getLeftOperand().getFullyConverted()) - + upperBound(this.getRightOperand().getFullyConverted()) >= 0 and + upperBound(this.getFullyConverted()) = exprMaxVal(this.getFullyConverted()) + } + + /** + * Gets the lower bound of the difference. + */ + float getlowerBoundOfDifference() { + result = + lowerBound(this.getLeftOperand().getFullyConverted()) - + upperBound(this.getRightOperand().getFullyConverted()) + } +} + +/** + * Holds if `e` is an expression that is not in a valid range due to it + * being partially or fully derived from an overflowing arithmetic operation. + */ +predicate isExprTaintedByOverflowingExpr(Expr e) { + exists(InterestingOverflowingOperation bop | + // `bop` is not pre-checked to prevent overflow/wrapping + not bop.hasValidPreCheck() and + // and the destination is tainted by `bop` + TaintTracking::localExprTaint(bop, e.getAChild*()) and + // and there does not exist a post-wrapping-check before `e` + not exists(GuardCondition gc | + gc = bop.getAValidPostCheck() and + gc.controls(e.getBasicBlock(), _) + ) + ) +} + +predicate getVlaSizeExprBounds(Expr e, float lower, float upper) { + lower = lowerBound(e) and + upper = + // upper is the smallest of either a `SubExpr` which flows to `e` and does + // not wrap, or the upper bound of `e` derived from the range-analysis library + min(float f | + f = + any(SafeSubExprWithErroneouslyWrappedUpperBound sub | + DataFlow::localExprFlow(sub, e) + | + sub.getlowerBoundOfDifference() + ) or + f = upperBound(e) + ) +} + +/** + * Holds if `e` is not bounded to a valid range, (0 .. maximumTotalVlaSize()], for + * a element count of an individual variable-length array dimension. + */ +predicate isVlaSizeExprOutOfRange(VlaDeclStmt vla, Expr e) { + vla.getVlaDimensionStmt(_).getDimensionExpr() = e and + exists(float lower, float upper | + getVlaSizeExprBounds(e.getFullyConverted(), lower, upper) and + ( + lower <= 0 + or + upper > maximumTotalVlaSize() / baseType(vla.getVariable().getType()).getSize() + ) + ) +} + +/** + * Returns the upper bound of `e.getFullyConverted()`. + */ +float getVlaSizeExprUpperBound(Expr e) { getVlaSizeExprBounds(e.getFullyConverted(), _, result) } + +/** + * Returns the upper bound of `vla`'s dimension expression at `index`. + * + * If `index` does not exist, then the result is `1`. + */ +bindingset[index] +private float getVlaSizeExprUpperBoundAtIndexOrOne(VlaDeclStmt vla, float index) { + if vla.getNumberOfVlaDimensionStmts() > index + then result = getVlaSizeExprUpperBound(vla.getVlaDimensionStmt(index).getDimensionExpr()) + else result = 1 +} + +predicate vlaupper = getVlaSizeExprUpperBoundAtIndexOrOne/2; + +/** + * Gets the upper bound of the total size of `vla`. + */ +float getTotalVlaSizeUpperBound(VlaDeclStmt vla) { + result = + vlaupper(vla, 0) * vlaupper(vla, 1) * vlaupper(vla, 2) * vlaupper(vla, 3) * vlaupper(vla, 4) * + vlaupper(vla, 5) * vlaupper(vla, 6) * vlaupper(vla, 7) * vlaupper(vla, 8) * vlaupper(vla, 9) +} + +from VlaDeclStmt vla, string message +where + not isExcluded(vla, InvalidMemory2Package::variableLengthArraySizeNotInValidRangeQuery()) and + ( + if isExprTaintedByOverflowingExpr(vla.getVlaDimensionStmt(_).getDimensionExpr()) + then message = "Variable-length array size derives from an overflowing or wrapping expression." + else ( + if isVlaSizeExprOutOfRange(vla, vla.getVlaDimensionStmt(_).getDimensionExpr()) + then message = "Variable-length array dimension size may be in an invalid range." + else ( + getTotalVlaSizeUpperBound(vla) > maximumTotalVlaSize() and + message = "Variable-length array total size may be excessively large." + ) + ) + ) +select vla, message diff --git a/c/cert/test/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.expected b/c/cert/test/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.expected new file mode 100644 index 0000000000..25153f195b --- /dev/null +++ b/c/cert/test/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.expected @@ -0,0 +1,41 @@ +| test.c:14:8:14:8 | VLA declaration | Variable-length array dimension size may be in an invalid range. | +| test.c:15:8:15:8 | VLA declaration | Variable-length array dimension size may be in an invalid range. | +| test.c:16:8:16:8 | VLA declaration | Variable-length array dimension size may be in an invalid range. | +| test.c:18:8:18:8 | VLA declaration | Variable-length array size derives from an overflowing or wrapping expression. | +| test.c:20:8:20:8 | VLA declaration | Variable-length array dimension size may be in an invalid range. | +| test.c:25:8:25:8 | VLA declaration | Variable-length array dimension size may be in an invalid range. | +| test.c:27:8:27:8 | VLA declaration | Variable-length array dimension size may be in an invalid range. | +| test.c:28:8:28:8 | VLA declaration | Variable-length array dimension size may be in an invalid range. | +| test.c:29:8:29:8 | VLA declaration | Variable-length array dimension size may be in an invalid range. | +| test.c:30:8:30:8 | VLA declaration | Variable-length array dimension size may be in an invalid range. | +| test.c:33:10:33:10 | VLA declaration | Variable-length array dimension size may be in an invalid range. | +| test.c:35:10:35:10 | VLA declaration | Variable-length array dimension size may be in an invalid range. | +| test.c:41:10:41:10 | VLA declaration | Variable-length array dimension size may be in an invalid range. | +| test.c:50:10:50:10 | VLA declaration | Variable-length array dimension size may be in an invalid range. | +| test.c:51:10:51:10 | VLA declaration | Variable-length array size derives from an overflowing or wrapping expression. | +| test.c:56:7:56:7 | VLA declaration | Variable-length array dimension size may be in an invalid range. | +| test.c:57:7:57:7 | VLA declaration | Variable-length array size derives from an overflowing or wrapping expression. | +| test.c:58:7:58:7 | VLA declaration | Variable-length array size derives from an overflowing or wrapping expression. | +| test.c:61:9:61:9 | VLA declaration | Variable-length array dimension size may be in an invalid range. | +| test.c:63:9:63:9 | VLA declaration | Variable-length array size derives from an overflowing or wrapping expression. | +| test.c:67:9:67:9 | VLA declaration | Variable-length array dimension size may be in an invalid range. | +| test.c:68:9:68:9 | VLA declaration | Variable-length array size derives from an overflowing or wrapping expression. | +| test.c:69:9:69:9 | VLA declaration | Variable-length array dimension size may be in an invalid range. | +| test.c:73:9:73:9 | VLA declaration | Variable-length array dimension size may be in an invalid range. | +| test.c:74:9:74:9 | VLA declaration | Variable-length array dimension size may be in an invalid range. | +| test.c:75:9:75:9 | VLA declaration | Variable-length array size derives from an overflowing or wrapping expression. | +| test.c:79:11:79:11 | VLA declaration | Variable-length array dimension size may be in an invalid range. | +| test.c:86:9:86:9 | VLA declaration | Variable-length array size derives from an overflowing or wrapping expression. | +| test.c:93:9:93:9 | VLA declaration | Variable-length array size derives from an overflowing or wrapping expression. | +| test.c:100:7:100:7 | VLA declaration | Variable-length array dimension size may be in an invalid range. | +| test.c:104:15:104:15 | VLA declaration | Variable-length array dimension size may be in an invalid range. | +| test.c:112:9:112:9 | VLA declaration | Variable-length array dimension size may be in an invalid range. | +| test.c:117:9:117:9 | VLA declaration | Variable-length array total size may be excessively large. | +| test.c:118:9:118:9 | VLA declaration | Variable-length array dimension size may be in an invalid range. | +| test.c:119:9:119:9 | VLA declaration | Variable-length array total size may be excessively large. | +| test.c:120:9:120:9 | VLA declaration | Variable-length array total size may be excessively large. | +| test.c:123:11:123:11 | VLA declaration | Variable-length array total size may be excessively large. | +| test.c:124:11:124:11 | VLA declaration | Variable-length array total size may be excessively large. | +| test.c:125:11:125:11 | VLA declaration | Variable-length array dimension size may be in an invalid range. | +| test.c:131:11:131:11 | VLA declaration | Variable-length array size derives from an overflowing or wrapping expression. | +| test.c:135:11:135:11 | VLA declaration | Variable-length array total size may be excessively large. | diff --git a/c/cert/test/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.qlref b/c/cert/test/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.qlref new file mode 100644 index 0000000000..0c6a4bd08d --- /dev/null +++ b/c/cert/test/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.qlref @@ -0,0 +1 @@ +rules/ARR32-C/VariableLengthArraySizeNotInValidRange.ql \ No newline at end of file diff --git a/c/cert/test/rules/ARR32-C/test.c b/c/cert/test/rules/ARR32-C/test.c new file mode 100644 index 0000000000..80a43cdfac --- /dev/null +++ b/c/cert/test/rules/ARR32-C/test.c @@ -0,0 +1,143 @@ +#include +#include +#include + +// arbitrary excessive stack alloc size: USHRT_MAX bytes +#define VLA_MAX_SIZE USHRT_MAX + +void test_vla_constants(void) { + size_t uninitialized; + size_t zero = 0; + size_t two = 2; + size_t max_num = VLA_MAX_SIZE / sizeof(char); + + char vla0[uninitialized]; // NON_COMPLIANT - uninitialized + char vla1[zero]; // NON_COMPLIANT - zero-sized array + char vla2[zero * two]; // NON_COMPLIANT - zero-sized array + char vla3[zero + two]; // COMPLIANT + char vla4[zero - two]; // NON_COMPLIANT - wrap-around + char vla5[max_num]; // COMPLIANT + char vla6[max_num + two]; // NON_COMPLIANT - too large + char vla7[max_num + 1 - two]; // COMPLIANT; +} + +void test_vla_bounds8(uint8_t num8, int8_t snum8) { + char vla0[num8]; // NON_COMPLIANT - size could be `0` + char vla1[num8 + 1]; // COMPLIANT + char vla2[num8 - 1]; // NON_COMPLIANT - wrap-around + char vla3[snum8]; // NON_COMPLIANT - unbounded + char vla4[snum8 + 1]; // NON_COMPLIANT - unbounded + char vla5[snum8 - 1]; // NON_COMPLIANT - unbounded + + if (num8 == 0) { + char vla6[num8]; // NON_COMPLIANT - size is 0 + char vla7[num8 + 1]; // COMPLIANT - size is 1 + char vla8[num8 - 1]; // NON_COMPLIANT - wrap-around + } + + if (num8 > 0) { + char vla6[num8]; // COMPLIANT + char vla7[num8 + 1]; // COMPLIANT + char vla8[num8 - 1]; // NON_COMPLIANT - unbounded + } +} + +void test_overflowed_size(int8_t ssize) { + if (ssize > 1) { + int8_t tmp = ssize * 2; + char vla0[ssize]; // COMPLIANT + char vla1[ssize * 2]; // COMPLIANT - type promotion + char vla2[tmp]; // NON_COMPLIANT - potential overflow + char vla3[++ssize]; // NON_COMPLIANT - potential overflow + } +} + +void test_vla_bounds(size_t num) { + int vla0[num]; // NON_COMPLIANT - size could be greater than max + int vla1[num + 1]; // NON_COMPLIANT - unbounded + int vla2[num - 1]; // NON_COMPLIANT - unbounded + + if (num == 0) { + int vla6[num]; // NON_COMPLIANT - size is 0 + int vla7[num + 1]; // COMPLIANT - size is 1 + int vla8[num - 1]; // NON_COMPLIANT - unbounded + } + + if (num > 0) { + int vla6[num]; // NON_COMPLIANT - size could be greater than max + int vla7[num + 1]; // NON_COMPLIANT - unbounded + int vla8[num - 1]; // NON_COMPLIANT - unbounded + } + + if (VLA_MAX_SIZE / sizeof(int) >= num) { + int vla6[num]; // NON_COMPLIANT - size could be 0 + int vla7[num + 1]; // NON_COMPLIANT - size greater than max + int vla8[num - 1]; // NON_COMPLIANT - unbounded + + if (num >= 100) { + int vla9[num]; // COMPLIANT + int vla10[num + 1]; // NON_COMPLIANT - unbounded + int vla11[num - 1]; // COMPLIANT + } + } + + size_t num2 = num + num; + if (num2 > 0 && num2 < 100) { + int vla12[num2]; // NON_COMPLIANT - bad post-check + } + + signed int num3 = INT_MAX; + num3++; + num3 += INT_MAX; + if (num3 > 0 && num3 < 100) { + int vla13[num3]; // NON_COMPLIANT - overflowed + } + + int num4; + if (num > 2) { + num4 = num - 2; // potentially changed value + } + int vla14[num4]; // NON_COMPLIANT - unbounded +} + +void test_vla_typedef(size_t x, size_t y) { + typedef int VLA[x][y]; // NON_COMPLIANT + // ... + // (void)sizeof(VLA); +} + +void test_multidimensional_vla(size_t n, size_t m) { + + if (VLA_MAX_SIZE / sizeof(int) >= (n * m)) { // wrapping check + int vla0[n][m]; // NON_COMPLIANT - size too large + } + + if (m > 0 && n > 0 && VLA_MAX_SIZE / sizeof(int) >= n && + VLA_MAX_SIZE / sizeof(int) >= m && VLA_MAX_SIZE / sizeof(int) >= n * m) { + int vla1[n][m]; // COMPLIANT[FALSE_POSITIVE] + int vla2[n - 1][m - 1]; // NON_COMPLIANT - unbounded + int vla3[n][n]; // NON_COMPLIANT - n*n not checked + int vla4[n][n][n]; // NON_COMPLIANT - unbounded + + if (VLA_MAX_SIZE / (sizeof(int) * n) >= n * n) { + int vla5[n][n][n]; // COMPLIANT[FALSE_POSITIVE] + int vla6[m][m][m]; // NON_COMPLIANT - size too large + int vla7[n][n][n + 1]; // NON_COMPLIANT - size too large + } + + if (m > 0 && m <= 100 && n > 0 && n <= 100) { + int vla08[n][m]; // COMPLIANT + int vla09[n][n]; // COMPLIANT + int vla10[n][n - 98][n]; // NON_COMPLIANT - unbounded + if (n == 100) { + int vla11[n][n - 98][n]; // COMPLIANT + } + int vla12[n][m][n]; // NON_COMPLIANT + } + } +} + +void test_fvla(int size, + int data[size][size]) { // COMPLIANT - not an actual VLA + return; +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/InvalidMemory2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/InvalidMemory2.qll new file mode 100644 index 0000000000..f1a37e4bcc --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/InvalidMemory2.qll @@ -0,0 +1,61 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype InvalidMemory2Query = + TVariableLengthArraySizeNotInValidRangeQuery() or + TDoNotUsePointerArithmeticOnNonArrayObjectPointersQuery() or + TDoNotModifyObjectsWithTemporaryLifetimeQuery() + +predicate isInvalidMemory2QueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `variableLengthArraySizeNotInValidRange` query + InvalidMemory2Package::variableLengthArraySizeNotInValidRangeQuery() and + queryId = + // `@id` for the `variableLengthArraySizeNotInValidRange` query + "c/cert/variable-length-array-size-not-in-valid-range" and + ruleId = "ARR32-C" and + category = "rule" + or + query = + // `Query` instance for the `doNotUsePointerArithmeticOnNonArrayObjectPointers` query + InvalidMemory2Package::doNotUsePointerArithmeticOnNonArrayObjectPointersQuery() and + queryId = + // `@id` for the `doNotUsePointerArithmeticOnNonArrayObjectPointers` query + "c/cert/do-not-use-pointer-arithmetic-on-non-array-object-pointers" and + ruleId = "ARR37-C" and + category = "rule" + or + query = + // `Query` instance for the `doNotModifyObjectsWithTemporaryLifetime` query + InvalidMemory2Package::doNotModifyObjectsWithTemporaryLifetimeQuery() and + queryId = + // `@id` for the `doNotModifyObjectsWithTemporaryLifetime` query + "c/cert/do-not-modify-objects-with-temporary-lifetime" and + ruleId = "EXP35-C" and + category = "rule" +} + +module InvalidMemory2Package { + Query variableLengthArraySizeNotInValidRangeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `variableLengthArraySizeNotInValidRange` query + TQueryC(TInvalidMemory2PackageQuery(TVariableLengthArraySizeNotInValidRangeQuery())) + } + + Query doNotUsePointerArithmeticOnNonArrayObjectPointersQuery() { + //autogenerate `Query` type + result = + // `Query` type for `doNotUsePointerArithmeticOnNonArrayObjectPointers` query + TQueryC(TInvalidMemory2PackageQuery(TDoNotUsePointerArithmeticOnNonArrayObjectPointersQuery())) + } + + Query doNotModifyObjectsWithTemporaryLifetimeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `doNotModifyObjectsWithTemporaryLifetime` query + TQueryC(TInvalidMemory2PackageQuery(TDoNotModifyObjectsWithTemporaryLifetimeQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Memory3.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Memory3.qll new file mode 100644 index 0000000000..c59ff5eda8 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Memory3.qll @@ -0,0 +1,26 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype Memory3Query = TInsufficientMemoryAllocatedForObjectQuery() + +predicate isMemory3QueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `insufficientMemoryAllocatedForObject` query + Memory3Package::insufficientMemoryAllocatedForObjectQuery() and + queryId = + // `@id` for the `insufficientMemoryAllocatedForObject` query + "c/cert/insufficient-memory-allocated-for-object" and + ruleId = "MEM35-C" and + category = "rule" +} + +module Memory3Package { + Query insufficientMemoryAllocatedForObjectQuery() { + //autogenerate `Query` type + result = + // `Query` type for `insufficientMemoryAllocatedForObject` query + TQueryC(TMemory3PackageQuery(TInsufficientMemoryAllocatedForObjectQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index f4aed38bab..22fac2299e 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -34,10 +34,12 @@ import IO3 import IO4 import IntegerOverflow import InvalidMemory1 +import InvalidMemory2 import Language1 import Language2 import Language3 import Memory1 +import Memory3 import Misc import Pointers1 import Pointers2 @@ -97,10 +99,12 @@ newtype TCQuery = TIO4PackageQuery(IO4Query q) or TIntegerOverflowPackageQuery(IntegerOverflowQuery q) or TInvalidMemory1PackageQuery(InvalidMemory1Query q) or + TInvalidMemory2PackageQuery(InvalidMemory2Query q) or TLanguage1PackageQuery(Language1Query q) or TLanguage2PackageQuery(Language2Query q) or TLanguage3PackageQuery(Language3Query q) or TMemory1PackageQuery(Memory1Query q) or + TMemory3PackageQuery(Memory3Query q) or TMiscPackageQuery(MiscQuery q) or TPointers1PackageQuery(Pointers1Query q) or TPointers2PackageQuery(Pointers2Query q) or @@ -160,10 +164,12 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isIO4QueryMetadata(query, queryId, ruleId, category) or isIntegerOverflowQueryMetadata(query, queryId, ruleId, category) or isInvalidMemory1QueryMetadata(query, queryId, ruleId, category) or + isInvalidMemory2QueryMetadata(query, queryId, ruleId, category) or isLanguage1QueryMetadata(query, queryId, ruleId, category) or isLanguage2QueryMetadata(query, queryId, ruleId, category) or isLanguage3QueryMetadata(query, queryId, ruleId, category) or isMemory1QueryMetadata(query, queryId, ruleId, category) or + isMemory3QueryMetadata(query, queryId, ruleId, category) or isMiscQueryMetadata(query, queryId, ruleId, category) or isPointers1QueryMetadata(query, queryId, ruleId, category) or isPointers2QueryMetadata(query, queryId, ruleId, category) or From 11a6941656ec66abf2428b28f86c87aa40fec51c Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Tue, 28 Mar 2023 01:26:11 +0200 Subject: [PATCH 0906/2573] Memory3: Implement MEM35-C query --- .../InsufficientMemoryAllocatedForObject.md | 199 ++++++++++++++++++ .../InsufficientMemoryAllocatedForObject.ql | 162 ++++++++++++++ ...ufficientMemoryAllocatedForObject.expected | 9 + ...InsufficientMemoryAllocatedForObject.qlref | 1 + c/cert/test/rules/MEM35-C/test.c | 41 ++++ 5 files changed, 412 insertions(+) create mode 100644 c/cert/src/rules/MEM35-C/InsufficientMemoryAllocatedForObject.md create mode 100644 c/cert/src/rules/MEM35-C/InsufficientMemoryAllocatedForObject.ql create mode 100644 c/cert/test/rules/MEM35-C/InsufficientMemoryAllocatedForObject.expected create mode 100644 c/cert/test/rules/MEM35-C/InsufficientMemoryAllocatedForObject.qlref create mode 100644 c/cert/test/rules/MEM35-C/test.c diff --git a/c/cert/src/rules/MEM35-C/InsufficientMemoryAllocatedForObject.md b/c/cert/src/rules/MEM35-C/InsufficientMemoryAllocatedForObject.md new file mode 100644 index 0000000000..7f3c70efbb --- /dev/null +++ b/c/cert/src/rules/MEM35-C/InsufficientMemoryAllocatedForObject.md @@ -0,0 +1,199 @@ +# MEM35-C: Allocate sufficient memory for an object + +This query implements the CERT-C rule MEM35-C: + +> Allocate sufficient memory for an object + + +## Description + +The types of integer expressions used as size arguments to `malloc()`, `calloc()`, `realloc()`, or `aligned_alloc()` must have sufficient range to represent the size of the objects to be stored. If size arguments are incorrect or can be manipulated by an attacker, then a buffer overflow may occur. Incorrect size arguments, inadequate range checking, integer overflow, or truncation can result in the allocation of an inadequately sized buffer. + +Typically, the amount of memory to allocate will be the size of the type of object to allocate. When allocating space for an array, the size of the object will be multiplied by the bounds of the array. When allocating space for a structure containing a flexible array member, the size of the array member must be added to the size of the structure. (See [MEM33-C. Allocate and copy structures containing a flexible array member dynamically](https://wiki.sei.cmu.edu/confluence/display/c/MEM33-C.++Allocate+and+copy+structures+containing+a+flexible+array+member+dynamically).) Use the correct type of the object when computing the size of memory to allocate. + +[STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator](https://wiki.sei.cmu.edu/confluence/display/c/STR31-C.+Guarantee+that+storage+for+strings+has+sufficient+space+for+character+data+and+the+null+terminator) is a specific instance of this rule. + +## Noncompliant Code Example (Pointer) + +In this noncompliant code example, inadequate space is allocated for a `struct tm` object because the size of the pointer is being used to determine the size of the pointed-to object: + +```cpp +#include +#include + +struct tm *make_tm(int year, int mon, int day, int hour, + int min, int sec) { + struct tm *tmb; + tmb = (struct tm *)malloc(sizeof(tmb)); + if (tmb == NULL) { + return NULL; + } + *tmb = (struct tm) { + .tm_sec = sec, .tm_min = min, .tm_hour = hour, + .tm_mday = day, .tm_mon = mon, .tm_year = year + }; + return tmb; +} +``` + +## Compliant Solution (Pointer) + +In this compliant solution, the correct amount of memory is allocated for the `struct tm` object. When allocating space for a single object, passing the (dereferenced) pointer type to the `sizeof` operator is a simple way to allocate sufficient memory. Because the `sizeof` operator does not evaluate its operand, dereferencing an uninitialized or null pointer in this context is well-defined behavior. + +```cpp +#include +#include + +struct tm *make_tm(int year, int mon, int day, int hour, + int min, int sec) { + struct tm *tmb; + tmb = (struct tm *)malloc(sizeof(*tmb)); + if (tmb == NULL) { + return NULL; + } + *tmb = (struct tm) { + .tm_sec = sec, .tm_min = min, .tm_hour = hour, + .tm_mday = day, .tm_mon = mon, .tm_year = year + }; + return tmb; +} +``` + +## Noncompliant Code Example (Integer) + +In this noncompliant code example, an array of `long` is allocated and assigned to `p`. The code attempts to check for unsigned integer overflow in compliance with [INT30-C. Ensure that unsigned integer operations do not wrap](https://wiki.sei.cmu.edu/confluence/display/c/INT30-C.+Ensure+that+unsigned+integer+operations+do+not+wrap) and also ensures that `len` is not equal to zero. (See [MEM04-C. Beware of zero-length allocations](https://wiki.sei.cmu.edu/confluence/display/c/MEM04-C.+Beware+of+zero-length+allocations).) However, because `sizeof(int)` is used to compute the size, and not `sizeof(long)`, an insufficient amount of memory can be allocated on implementations where `sizeof(long)` is larger than `sizeof(int)`, and filling the array can cause a heap buffer overflow. + +```cpp +#include +#include + +void function(size_t len) { + long *p; + if (len == 0 || len > SIZE_MAX / sizeof(long)) { + /* Handle overflow */ + } + p = (long *)malloc(len * sizeof(int)); + if (p == NULL) { + /* Handle error */ + } + free(p); +} + +``` + +## Compliant Solution (Integer) + +This compliant solution uses `sizeof(long)` to correctly size the memory allocation: + +```cpp +#include +#include + +void function(size_t len) { + long *p; + if (len == 0 || len > SIZE_MAX / sizeof(long)) { + /* Handle overflow */ + } + p = (long *)malloc(len * sizeof(long)); + if (p == NULL) { + /* Handle error */ + } + free(p); +} + +``` + +## Compliant Solution (Integer) + +Alternatively, `sizeof(*p)` can be used to properly size the allocation: + +```cpp +#include +#include + +void function(size_t len) { + long *p; + if (len == 0 || len > SIZE_MAX / sizeof(*p)) { + /* Handle overflow */ + } + p = (long *)malloc(len * sizeof(*p)); + if (p == NULL) { + /* Handle error */ + } + free(p); +} +``` + +## Risk Assessment + +Providing invalid size arguments to memory allocation functions can lead to buffer overflows and the execution of arbitrary code with the permissions of the vulnerable process. + +
    Rule Severity Likelihood Remediation Cost Priority Level
    MEM35-C High Probable High P6 L2
    + + +## Automated Detection + +
    Tool Version Checker Description
    Astrée 22.04 malloc-size-insufficient Partially checked Besides direct rule violations, all undefined behaviour resulting from invalid memory accesses is reported by Astrée.
    Axivion Bauhaus Suite 7.2.0 CertC-MEM35
    CodeSonar 7.2p0 ALLOC.SIZE.ADDOFLOW ALLOC.SIZE.IOFLOW ALLOC.SIZE.MULOFLOW ALLOC.SIZE.SUBUFLOW ALLOC.SIZE.TRUNC IO.TAINT.SIZE MISC.MEM.SIZE.BADLANG.MEM.BOLANG.MEM.BULANG.STRUCT.PARITHLANG.STRUCT.PBBLANG.STRUCT.PPELANG.MEM.TBALANG.MEM.TOLANG.MEM.TU Addition overflow of allocation size Addition overflow of allocation size Multiplication overflow of allocation size Subtraction underflow of allocation size Truncation of allocation size Tainted allocation size Unreasonable size argument Buffer Overrun Buffer Underrun Pointer Arithmetic Pointer Before Beginning of Object Pointer Past End of Object Tainted Buffer Access Type Overrun Type Underrun
    Compass/ROSE Could check violations of this rule by examining the size expression to malloc() or memcpy() functions. Specifically, the size argument should be bounded by 0, SIZE_MAX , and, unless it is a variable of type size_t or rsize_t , it should be bounds-checked before the malloc() call. If the argument is of the expression a\*b , then an appropriate check is if (a < SIZE_MAX / b && a > 0) ...
    Coverity 2017.07 BAD_ALLOC_STRLEN SIZECHECK (deprecated) Partially implemented Can find instances where string length is miscalculated (length calculated may be one less than intended) for memory allocation purposes. Coverity Prevent cannot discover all violations of this rule, so further verification is necessary Finds memory allocations that are assigned to a pointer that reference objects larger than the allocated block
    Helix QAC 2022.4 C0696, C0701, C1069, C1071, C1073, C2840 DF2840, DF2841, DF2842, DF2843, DF2935, DF2936, DF2937, DF2938
    Klocwork 2022.4 INCORRECT.ALLOC_SIZE SV.TAINTED.ALLOC_SIZE
    LDRA tool suite 9.7.1 400 S, 487 S, 115 D Enhanced enforcement
    Splint 3.1.1
    Parasoft C/C++test 2022.2 CERT_C-MEM35-a Do not use sizeof operator on pointer type to specify the size of the memory to be allocated via 'malloc', 'calloc' or 'realloc' function
    PC-lint Plus 1.4 433, 826 Partially supported
    Polyspace Bug Finder R2023a CERT C: Rule MEM35-C Checks for: Pointer access out of boundsointer access out of bounds, memory allocation with tainted sizeemory allocation with tainted size. Rule partially covered.
    PRQA QA-C 9.7 0696, 0701, 1069, 1071, 1073, 2840, 2841, 2842, 2843, 2935, 2936, 2937, 2938
    PRQA QA-C++ 4.4 2840, 2841, 2842, 2843, 2935, 2936, 2937, 2938
    PVS-Studio 7.23 V531 , V635 , V781
    RuleChecker 22.04 malloc-size-insufficient Partially checked
    TrustInSoft Analyzer 1.38 mem_access Exhaustively detects undefined behavior (see one compliant and one non-compliant example ).
    + + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+MEM35-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
    Taxonomy Taxonomy item Relationship
    CERT C Secure Coding Standard ARR01-C. Do not apply the sizeof operator to a pointer when taking the size of an array INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data Prior to 2018-01-12: CERT: Unspecified Relationship
    CERT C Secure Coding Standard INT32-C. Ensure that operations on signed integers do not result in overflow Prior to 2018-01-12: CERT: Unspecified Relationship
    CERT C Secure Coding Standard INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size Prior to 2018-01-12: CERT: Unspecified Relationship
    CERT C Secure Coding Standard MEM04-C. Beware of zero-length allocations Prior to 2018-01-12: CERT: Unspecified Relationship
    ISO/IEC TR 24772:2013 Buffer Boundary Violation (Buffer Overflow) \[HCB\] Prior to 2018-01-12: CERT: Unspecified Relationship
    ISO/IEC TS 17961:2013 Taking the size of a pointer to determine the size of the pointed-to type \[sizeofptr\] Prior to 2018-01-12: CERT: Unspecified Relationship
    CWE 2.11 CWE-131 , Incorrect Calculation of Buffer Size 2017-05-16: CERT: Rule subset of CWE
    CWE 2.11 CWE-680 2017-05-18: CERT: Rule subset of CWE
    CWE 2.11 CWE-789 2017-06-12: CERT: Partial overlap
    + + +## CERT-CWE Mapping Notes + +[Key here](https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=87152408#HowthisCodingStandardisOrganized-CERT-CWEMappingNotes) for mapping notes + +**CWE-680 and MEM35-C** + +Intersection( INT32-C, MEM35-C) = Ø + +CWE-680 = Union( MEM35-C, list) where list = + +* Overflowed buffers with inadequate sizes not produced by integer overflow +**CWE-467 and MEM35-C** + +CWE-467 = Subset( MEM35-C) + +**CWE-789 and MEM35-C** + +Intersection( MEM35-C, CWE-789) = + +* Insufficient memory allocation on the heap +MEM35-C – CWE-789 = +* Insufficient memory allocation with trusted value but incorrect calculation +CWE-789 - MEM35-C = +* Sufficient memory allocation (possibly over-allocation) with untrusted value +**CWE-120 and MEM35-C** + +Intersection( MEM35-C, CWE-120) = Ø + +CWE-120 specifically addresses buffer overflow operations, which occur in the context of string-copying. MEM35-C specifically addresses allocation of memory ranges (some of which may be for subsequent string copy operations). + +Consequently, they address different sections of code, although one (or both) may be responsible for a single buffer overflow vulnerability. + +**CWE-131 and MEM35-C** + +* Intersection( INT30-C, MEM35-C) = Ø +* CWE-131 = Union( MEM35-C, list) where list = +* Miscalculating a buffer for a non-heap region (such as a variable-length array) + +## Bibliography + +
    \[ Coverity 2007 \]
    \[ Drepper 2006 \] Section 2.1.1, "Respecting Memory Bounds"
    \[ Seacord 2013 \] Chapter 4, "Dynamic Memory Management" Chapter 5, "Integer Security"
    \[ Viega 2005 \] Section 5.6.8, "Use of sizeof() on a Pointer Type"
    \[ xorl 2009 \] CVE-2009-0587: Evolution Data Server Base64 Integer Overflows
    + + +## Implementation notes + +None + +## References + +* CERT-C: [MEM35-C: Allocate sufficient memory for an object](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/MEM35-C/InsufficientMemoryAllocatedForObject.ql b/c/cert/src/rules/MEM35-C/InsufficientMemoryAllocatedForObject.ql new file mode 100644 index 0000000000..5ff1725269 --- /dev/null +++ b/c/cert/src/rules/MEM35-C/InsufficientMemoryAllocatedForObject.ql @@ -0,0 +1,162 @@ +/** + * @id c/cert/insufficient-memory-allocated-for-object + * @name MEM35-C: Allocate sufficient memory for an object + * @description The size of memory allocated dynamically must be adequate to represent the type of + * object referenced by the allocated memory. + * @kind problem + * @precision medium + * @problem.severity error + * @tags external/cert/id/mem35-c + * correctness + * security + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import codingstandards.cpp.Overflow +import semmle.code.cpp.controlflow.Guards +import semmle.code.cpp.dataflow.TaintTracking +import semmle.code.cpp.models.Models + +/** + * Gets the type of the operand of `op`. + */ +Type getSizeofOperatorType(SizeofOperator op) { + result = op.(SizeofExprOperator).getExprOperand().getType() + or + result = op.(SizeofTypeOperator).getTypeOperand() +} + +/** + * A function call which allocates memory, such as `malloc`. + */ +class AllocationFunctionCall extends AllocationExpr, FunctionCall { + AllocationFunctionCall() { this.getTarget() instanceof AllocationFunction } + + /** + * Gets the size argument `Expr` of this allocation function call. + */ + Expr getSizeArg() { + result = this.getArgument(this.getTarget().(AllocationFunction).getSizeArg()) + } + + /** + * Gets the computed value of the size argument of this allocation function call. + */ + int getSizeExprValue() { result = upperBound(this.getSizeArg()) } + + /** + * Gets the type of the object the allocation function result is assigned to. + * + * If the allocation is not assigned to a variable, this predicate does not hold. + */ + Type getBaseType() { + exists(PointerType pointer | + pointer.getBaseType() = result and + ( + exists(AssignExpr assign | + assign.getRValue() = this and assign.getLValue().getType() = pointer + ) + or + exists(Variable v | v.getInitializer().getExpr() = this and v.getType() = pointer) + ) + ) + } + + /** + * Gets a message describing the problem with this allocation function call. + * The `e` and `description` respectively provide an expression that influences + * the size of the allocation and a string describing that expression. + */ + string getMessageAndSourceInfo(Expr e, string description) { none() } +} + +/** + * An `AllocationFunctionCall` where the size argument is tainted by a `SizeofOperator` + * that has an operand of a different type than the base type of the variable assigned + * the result of the allocation call. + */ +class WrongSizeofOperatorAllocationFunctionCall extends AllocationFunctionCall { + SizeofOperator source; + + WrongSizeofOperatorAllocationFunctionCall() { + this.getBaseType() != getSizeofOperatorType(source) and + TaintTracking::localExprTaint(source, this.getSizeArg().getAChild*()) + } + + override string getMessageAndSourceInfo(Expr e, string description) { + result = "Allocation size calculated from the size of a different type ($@)." and + e = source and + description = "sizeof(" + getSizeofOperatorType(source).getName() + ")" + } +} + +/** + * An `AllocationFunctionCall` that allocates a size that is not a multiple + * of the size of the base type of the variable assigned the allocation. + * + * For example, an allocation of 14 bytes for `float` (`sizeof(float) == 4`) + * indicates an erroroneous allocation size, as 14 is not a multiple of 4 and + * thus cannot be the exact size of an array of floats. + * + * This class cannot also be a `WrongSizeofOperatorAllocationFunctionCall` instance, + * as an identified `SizeofOperator` operand type mismatch is more likely to indicate + * the root cause of an allocation size that is not a multiple of the base type size. + */ +class WrongSizeMultipleAllocationFunctionCall extends AllocationFunctionCall { + WrongSizeMultipleAllocationFunctionCall() { + // de-duplicate results if there is more precise info from a sizeof operator + not this instanceof WrongSizeofOperatorAllocationFunctionCall and + // the allocation size is not a multiple of the base type size + exists(int basesize, int allocated | + basesize = min(this.getBaseType().getSize()) and + allocated = this.getSizeExprValue() and + not exists(int size | this.getBaseType().getSize() = size | + size = 0 or + (allocated / size) * size = allocated + ) + ) + } + + override string getMessageAndSourceInfo(Expr e, string description) { + result = + "Allocation size (" + this.getSizeExprValue().toString() + + " bytes) is not a multiple of the size of '" + this.getBaseType().getName() + "' (" + + min(this.getBaseType().getSize()).toString() + " bytes)." and + e = this.getSizeArg() and + description = "" + } +} + +/** + * An `AllocationFunctionCall` where the size argument might be tainted by an overflowing + * or wrapping integer expression that is not checked for validity before the allocation. + */ +class OverflowingSizeAllocationFunctionCall extends AllocationFunctionCall { + InterestingOverflowingOperation bop; + + OverflowingSizeAllocationFunctionCall() { + // `bop` is not pre-checked to prevent overflow/wrapping + not bop.hasValidPreCheck() and + // and the size argument is tainted by `bop` + TaintTracking::localExprTaint(bop, this.getSizeArg().getAChild*()) and + // and there does not exist a post-wrapping-check before the allocation call + not exists(GuardCondition gc | + gc = bop.getAValidPostCheck() and + gc.controls(this.getBasicBlock(), _) + ) + } + + override string getMessageAndSourceInfo(Expr e, string description) { + result = "Allocation size derived from potentially overflowing or wrapping $@." and + e = bop and + description = "integer operation" + } +} + +from AllocationFunctionCall alloc, string message, Expr source, string sourceMessage +where + not isExcluded(alloc, Memory3Package::insufficientMemoryAllocatedForObjectQuery()) and + message = alloc.getMessageAndSourceInfo(source, sourceMessage) +select alloc, message, source, sourceMessage diff --git a/c/cert/test/rules/MEM35-C/InsufficientMemoryAllocatedForObject.expected b/c/cert/test/rules/MEM35-C/InsufficientMemoryAllocatedForObject.expected new file mode 100644 index 0000000000..30dece9299 --- /dev/null +++ b/c/cert/test/rules/MEM35-C/InsufficientMemoryAllocatedForObject.expected @@ -0,0 +1,9 @@ +| test.c:12:19:12:24 | call to malloc | Allocation size (32 bytes) is not a multiple of the size of 'S1' (36 bytes). | test.c:12:26:12:32 | 32 | | +| test.c:15:19:15:24 | call to malloc | Allocation size calculated from the size of a different type ($@). | test.c:15:26:15:35 | sizeof() | sizeof(S1 *) | +| test.c:20:19:20:24 | call to malloc | Allocation size (128 bytes) is not a multiple of the size of 'S1' (36 bytes). | test.c:20:26:20:36 | ... * ... | | +| test.c:21:19:21:24 | call to malloc | Allocation size (128 bytes) is not a multiple of the size of 'S1' (36 bytes). | test.c:21:26:21:36 | ... * ... | | +| test.c:25:14:25:19 | call to malloc | Allocation size calculated from the size of a different type ($@). | test.c:25:27:25:37 | sizeof(int) | sizeof(int) | +| test.c:25:14:25:19 | call to malloc | Allocation size derived from potentially overflowing or wrapping $@. | test.c:25:21:25:37 | ... * ... | integer operation | +| test.c:31:14:31:19 | call to malloc | Allocation size derived from potentially overflowing or wrapping $@. | test.c:31:21:31:38 | ... * ... | integer operation | +| test.c:32:14:32:19 | call to malloc | Allocation size derived from potentially overflowing or wrapping $@. | test.c:29:17:29:34 | ... * ... | integer operation | +| test.c:40:14:40:19 | call to malloc | Allocation size derived from potentially overflowing or wrapping $@. | test.c:29:17:29:34 | ... * ... | integer operation | diff --git a/c/cert/test/rules/MEM35-C/InsufficientMemoryAllocatedForObject.qlref b/c/cert/test/rules/MEM35-C/InsufficientMemoryAllocatedForObject.qlref new file mode 100644 index 0000000000..7da5a9c268 --- /dev/null +++ b/c/cert/test/rules/MEM35-C/InsufficientMemoryAllocatedForObject.qlref @@ -0,0 +1 @@ +rules/MEM35-C/InsufficientMemoryAllocatedForObject.ql \ No newline at end of file diff --git a/c/cert/test/rules/MEM35-C/test.c b/c/cert/test/rules/MEM35-C/test.c new file mode 100644 index 0000000000..938d3f1076 --- /dev/null +++ b/c/cert/test/rules/MEM35-C/test.c @@ -0,0 +1,41 @@ +#include +#include + +#define S1_SIZE 32 // incorrect size for struct S1 + +struct S1 { + char f1[S1_SIZE]; + int f2; +}; + +void sizecheck_test(void) { + struct S1 *v1 = malloc(S1_SIZE); // NON_COMPLIANT + struct S1 *v2 = malloc(sizeof(struct S1)); // COMPLIANT + struct S1 *v3 = malloc(sizeof(*v2)); // COMPLIANT + struct S1 *v4 = malloc(sizeof(v4)); // NON_COMPLIANT + char *v5 = malloc(10); // COMPLIANT +} + +void sizecheck2_test(size_t len) { + struct S1 *v1 = malloc(S1_SIZE * 4); // NON_COMPLIANT + struct S1 *v2 = malloc(S1_SIZE * 4); // NON_COMPLIANT + struct S1 *v3 = malloc( + S1_SIZE * 9); // COMPLIANT - erroneous logic, but the size product is an + // LCM of S1_SIZE and sizeof(S1) and thus a valid multiple + long *v4 = malloc(len * sizeof(int)); // NON_COMPLIANT - wrong sizeof type +} + +void unsafe_int_test(size_t len) { + size_t size = len * sizeof(long); + long *v1 = malloc(len); // COMPLIANT - even could indicate a logic error + long *v2 = malloc(len * sizeof(long)); // NON_COMPLIANT - unbounded int + long *v3 = malloc(size); // NON_COMPLIANT - unbounded int + + if (len > SIZE_MAX / sizeof(*v3)) { + // overflow/wrapping check + return; + } + + long *v4 = malloc(len * sizeof(long)); // COMPLIANT - overflow checked + long *v5 = malloc(size); // NON_COMPLIANT - `size` not checked +} From 371c7783c396c59b4eeba70b58895abe55cd342a Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Tue, 28 Mar 2023 01:26:31 +0200 Subject: [PATCH 0907/2573] InvalidMemory2: Implement ARR37-C query --- ...interArithmeticOnNonArrayObjectPointers.md | 148 ++++++++++++++++++ ...interArithmeticOnNonArrayObjectPointers.ql | 109 +++++++++++++ ...rithmeticOnNonArrayObjectPointers.expected | 43 +++++ ...erArithmeticOnNonArrayObjectPointers.qlref | 1 + c/cert/test/rules/ARR37-C/test.c | 52 ++++++ 5 files changed, 353 insertions(+) create mode 100644 c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.md create mode 100644 c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql create mode 100644 c/cert/test/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.expected create mode 100644 c/cert/test/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.qlref create mode 100644 c/cert/test/rules/ARR37-C/test.c diff --git a/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.md b/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.md new file mode 100644 index 0000000000..7772bf4d3d --- /dev/null +++ b/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.md @@ -0,0 +1,148 @@ +# ARR37-C: Do not add or subtract an integer to a pointer to a non-array object + +This query implements the CERT-C rule ARR37-C: + +> Do not add or subtract an integer to a pointer to a non-array object + + +## Description + +Pointer arithmetic must be performed only on pointers that reference elements of array objects. + +The C Standard, 6.5.6 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\], states the following about pointer arithmetic: + +> When an expression that has integer type is added to or subtracted from a pointer, the result has the type of the pointer operand. If the pointer operand points to an element of an array object, and the array is large enough, the result points to an element offset from the original element such that the difference of the subscripts of the resulting and original array elements equals the integer expression. + + +## Noncompliant Code Example + +This noncompliant code example attempts to access structure members using pointer arithmetic. This practice is dangerous because structure members are not guaranteed to be contiguous. + +```cpp +struct numbers { + short num_a, num_b, num_c; +}; + +int sum_numbers(const struct numbers *numb){ + int total = 0; + const short *numb_ptr; + + for (numb_ptr = &numb->num_a; + numb_ptr <= &numb->num_c; + numb_ptr++) { + total += *(numb_ptr); + } + + return total; +} + +int main(void) { + struct numbers my_numbers = { 1, 2, 3 }; + sum_numbers(&my_numbers); + return 0; +} + +``` + +## Compliant Solution + +It is possible to use the `->` operator to dereference each structure member: + +```cpp +total = numb->num_a + numb->num_b + numb->num_c; + +``` +However, this solution results in code that is hard to write and hard to maintain (especially if there are many more structure members), which is exactly what the author of the noncompliant code example was likely trying to avoid. + +## Compliant Solution + +A better solution is to define the structure to contain an array member to store the numbers in an array rather than a structure, as in this compliant solution: + +```cpp +#include + +struct numbers { + short a[3]; +}; + +int sum_numbers(const short *numb, size_t dim) { + int total = 0; + for (size_t i = 0; i < dim; ++i) { + total += numb[i]; + } + + return total; +} + +int main(void) { + struct numbers my_numbers = { .a[0]= 1, .a[1]= 2, .a[2]= 3}; + sum_numbers( + my_numbers.a, + sizeof(my_numbers.a)/sizeof(my_numbers.a[0]) + ); + return 0; +} + +``` +Array elements are guaranteed to be contiguous in memory, so this solution is completely portable. + +## Exceptions + +** ARR37-C-EX1:** Any non-array object in memory can be considered an array consisting of one element. Adding one to a pointer for such an object yields a pointer one element past the array, and subtracting one from that pointer yields the original pointer. This allows for code such as the following: + +```cpp +#include +#include + +struct s { + char *c_str; + /* Other members */ +}; + +struct s *create_s(const char *c_str) { + struct s *ret; + size_t len = strlen(c_str) + 1; + + ret = (struct s *)malloc(sizeof(struct s) + len); + if (ret != NULL) { + ret->c_str = (char *)(ret + 1); + memcpy(ret + 1, c_str, len); + } + return ret; +} +``` +A more general and safer solution to this problem is to use a flexible array member that guarantees the array that follows the structure is properly aligned by inserting padding, if necessary, between it and the member that immediately precedes it. + +## Risk Assessment + +
    Rule Severity Likelihood Remediation Cost Priority Level
    ARR37-C Medium Probable Medium P8 L2
    + + +## Automated Detection + +
    Tool Version Checker Description
    Astrée 22.04 Supported indirectly via MISRA C:2004 Rule 17.4.
    Axivion Bauhaus Suite 7.2.0 CertC-ARR37 Fully implemented
    CodeSonar 7.2p0 LANG.MEM.BO LANG.MEM.BU LANG.STRUCT.PARITH LANG.STRUCT.PBB LANG.STRUCT.PPE LANG.MEM.TBA LANG.MEM.TO LANG.MEM.TU Buffer Overrun Buffer Underrun Pointer Arithmetic Pointer Before Beginning of Object Pointer Past End of Object Tainted Buffer Access Type Overrun Type Underrun
    Compass/ROSE
    Coverity 2017.07 ARRAY_VS_SINGLETON Implemented
    Helix QAC 2022.4 DF2930, DF2931, DF2932, DF2933 C++3705, C++3706, C++3707
    Klocwork 2022.4 MISRA.PTR.ARITH.2012
    LDRA tool suite 9.7.1 567 S Partially implemented
    Parasoft C/C++test 2022.2 CERT_C-ARR37-a Pointer arithmetic shall not be applied to pointers that address variables of non-array type
    PC-lint Plus 1.4 2662 Partially supported
    Polyspace Bug Finder R2023a CERT C: Rule ARR37-C Checks for invalid assumptions about memory organization (rule partially covered)
    PRQA QA-C 9.7 2930, 2931, 2932, 2933
    PRQA QA-C++ 4.4 2930, 2931, 2932, 2933, 3705, 3706, 3707
    RuleChecker 22.04 Supported indirectly via MISRA C:2004 Rule 17.4.
    + + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+ARR37-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
    Taxonomy Taxonomy item Relationship
    + + +## Bibliography + +
    \[ Banahan 2003 \] Section 5.3, "Pointers" Section 5.7, "Expressions Involving Pointers"
    \[ ISO/IEC 9899:2011 \] 6.5.6, "Additive Operators"
    \[ VU\#162289 \]
    + + +## Implementation notes + +None + +## References + +* CERT-C: [ARR37-C: Do not add or subtract an integer to a pointer to a non-array object](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql b/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql new file mode 100644 index 0000000000..8dbd00584c --- /dev/null +++ b/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql @@ -0,0 +1,109 @@ +/** + * @id c/cert/do-not-use-pointer-arithmetic-on-non-array-object-pointers + * @name ARR37-C: Do not add or subtract an integer to a pointer to a non-array object + * @description A pair of elements that are not elements in the same array are not guaranteed to be + * contiguous in memory and therefore should not be addressed using pointer arithmetic. + * @kind path-problem + * @precision high + * @problem.severity error + * @tags external/cert/id/arr37-c + * correctness + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import semmle.code.cpp.dataflow.DataFlow +import DataFlow::PathGraph + +/** + * A data-flow configuration that tracks flow from an `AddressOfExpr` of a variable + * of `PointerType` that is not also an `ArrayType` to a `PointerArithmeticOrArrayExpr` + */ +class NonArrayPointerToArrayIndexingExprConfig extends DataFlow::Configuration { + NonArrayPointerToArrayIndexingExprConfig() { this = "ArrayToArrayIndexConfig" } + + override predicate isSource(DataFlow::Node source) { + exists(AddressOfExpr ao, Type t | + source.asExpr() = ao and + not ao.getOperand() instanceof ArrayExpr and + not ao.getOperand() instanceof PointerDereferenceExpr and + t = ao.getOperand().getType() and + not t instanceof PointerType and + not t instanceof ArrayType and + not t.(PointerType).getBaseType() instanceof ArrayType + ) + } + + override predicate isSink(DataFlow::Node sink) { + exists(PointerArithmeticOrArrayExpr ae | + sink.asExpr() = ae.getPointerOperand() and + not sink.asExpr() instanceof Literal and + not ae.isNonPointerOperandZero() + ) + } + + override predicate isBarrierOut(DataFlow::Node node) { + // the default interprocedural data-flow model flows through any field or array assignment + // expressions to the qualifier (array base, pointer dereferenced, or qualifier) instead of the + // individual element or field that the assignment modifies. this default behaviour causes + // false positives for future accesses of any element of that object, so we remove the edges + // between those assignments from the graph with `isBarrierOut`. + exists(AssignExpr a | + node.asExpr() = a.getRValue() and + ( + a.getLValue() instanceof ArrayExpr or + a.getLValue() instanceof PointerDereferenceExpr or + a.getLValue() instanceof FieldAccess + ) + ) + or + // ignore AddressOfExpr output e.g. call(&s1) + node.asDefiningArgument() instanceof AddressOfExpr + } +} + +class PointerArithmeticOrArrayExpr extends Expr { + Expr operand; + + PointerArithmeticOrArrayExpr() { + operand = this.(ArrayExpr).getArrayBase() + or + operand = this.(ArrayExpr).getArrayOffset() + or + operand = this.(PointerAddExpr).getAnOperand() + or + operand = this.(PointerSubExpr).getAnOperand() + or + operand = this.(Operation).getAnOperand() and + operand.getUnderlyingType() instanceof PointerType and + ( + this instanceof PostfixCrementOperation + or + this instanceof PrefixIncrExpr + or + this instanceof PrefixDecrExpr + ) + } + + /** + * Gets the operands of this expression. If the expression is an + * `ArrayExpr`, the results are the array base and offset `Expr`s. + */ + Expr getPointerOperand() { + result = operand or + result = this.(PointerArithmeticOrArrayExpr).getPointerOperand() + } + + /** + * Holds if there exists an operand that is a `Literal` with a value of `0`. + */ + predicate isNonPointerOperandZero() { operand.(Literal).getValue().toInt() = 0 } +} + +from DataFlow::PathNode source, DataFlow::PathNode sink +where + not isExcluded(sink.getNode().asExpr(), + InvalidMemory2Package::doNotUsePointerArithmeticOnNonArrayObjectPointersQuery()) and + any(NonArrayPointerToArrayIndexingExprConfig cfg).hasFlowPath(source, sink) +select sink, source, sink, "Pointer arithmetic on non-array object pointer." diff --git a/c/cert/test/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.expected b/c/cert/test/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.expected new file mode 100644 index 0000000000..8a7bfe553b --- /dev/null +++ b/c/cert/test/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.expected @@ -0,0 +1,43 @@ +edges +| test.c:14:38:14:39 | p1 | test.c:18:10:18:11 | v1 | +| test.c:14:38:14:39 | p1 | test.c:19:10:19:11 | v2 | +| test.c:14:38:14:39 | p1 | test.c:20:10:20:11 | p1 | +| test.c:14:38:14:39 | p1 | test.c:21:10:21:11 | p1 | +| test.c:14:38:14:39 | p1 | test.c:22:9:22:10 | p1 | +| test.c:14:38:14:39 | p1 | test.c:23:13:23:14 | p1 | +| test.c:14:38:14:39 | p1 | test.c:24:9:24:10 | p1 | +| test.c:14:38:14:39 | p1 | test.c:25:9:25:10 | p1 | +| test.c:51:30:51:38 | & ... | test.c:14:38:14:39 | p1 | +nodes +| test.c:14:38:14:39 | p1 | semmle.label | p1 | +| test.c:18:10:18:11 | v1 | semmle.label | v1 | +| test.c:19:10:19:11 | v2 | semmle.label | v2 | +| test.c:20:10:20:11 | p1 | semmle.label | p1 | +| test.c:21:10:21:11 | p1 | semmle.label | p1 | +| test.c:22:9:22:10 | p1 | semmle.label | p1 | +| test.c:23:13:23:14 | p1 | semmle.label | p1 | +| test.c:24:9:24:10 | p1 | semmle.label | p1 | +| test.c:25:9:25:10 | p1 | semmle.label | p1 | +| test.c:39:11:39:19 | & ... | semmle.label | & ... | +| test.c:40:10:40:18 | & ... | semmle.label | & ... | +| test.c:42:10:42:15 | & ... | semmle.label | & ... | +| test.c:43:10:43:15 | & ... | semmle.label | & ... | +| test.c:44:10:44:15 | & ... | semmle.label | & ... | +| test.c:46:10:46:15 | & ... | semmle.label | & ... | +| test.c:51:30:51:38 | & ... | semmle.label | & ... | +subpaths +#select +| test.c:18:10:18:11 | v1 | test.c:51:30:51:38 | & ... | test.c:18:10:18:11 | v1 | Pointer arithmetic on non-array object pointer. | +| test.c:19:10:19:11 | v2 | test.c:51:30:51:38 | & ... | test.c:19:10:19:11 | v2 | Pointer arithmetic on non-array object pointer. | +| test.c:20:10:20:11 | p1 | test.c:51:30:51:38 | & ... | test.c:20:10:20:11 | p1 | Pointer arithmetic on non-array object pointer. | +| test.c:21:10:21:11 | p1 | test.c:51:30:51:38 | & ... | test.c:21:10:21:11 | p1 | Pointer arithmetic on non-array object pointer. | +| test.c:22:9:22:10 | p1 | test.c:51:30:51:38 | & ... | test.c:22:9:22:10 | p1 | Pointer arithmetic on non-array object pointer. | +| test.c:23:13:23:14 | p1 | test.c:51:30:51:38 | & ... | test.c:23:13:23:14 | p1 | Pointer arithmetic on non-array object pointer. | +| test.c:24:9:24:10 | p1 | test.c:51:30:51:38 | & ... | test.c:24:9:24:10 | p1 | Pointer arithmetic on non-array object pointer. | +| test.c:25:9:25:10 | p1 | test.c:51:30:51:38 | & ... | test.c:25:9:25:10 | p1 | Pointer arithmetic on non-array object pointer. | +| test.c:39:11:39:19 | & ... | test.c:39:11:39:19 | & ... | test.c:39:11:39:19 | & ... | Pointer arithmetic on non-array object pointer. | +| test.c:40:10:40:18 | & ... | test.c:40:10:40:18 | & ... | test.c:40:10:40:18 | & ... | Pointer arithmetic on non-array object pointer. | +| test.c:42:10:42:15 | & ... | test.c:42:10:42:15 | & ... | test.c:42:10:42:15 | & ... | Pointer arithmetic on non-array object pointer. | +| test.c:43:10:43:15 | & ... | test.c:43:10:43:15 | & ... | test.c:43:10:43:15 | & ... | Pointer arithmetic on non-array object pointer. | +| test.c:44:10:44:15 | & ... | test.c:44:10:44:15 | & ... | test.c:44:10:44:15 | & ... | Pointer arithmetic on non-array object pointer. | +| test.c:46:10:46:15 | & ... | test.c:46:10:46:15 | & ... | test.c:46:10:46:15 | & ... | Pointer arithmetic on non-array object pointer. | diff --git a/c/cert/test/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.qlref b/c/cert/test/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.qlref new file mode 100644 index 0000000000..badf328837 --- /dev/null +++ b/c/cert/test/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.qlref @@ -0,0 +1 @@ +rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql \ No newline at end of file diff --git a/c/cert/test/rules/ARR37-C/test.c b/c/cert/test/rules/ARR37-C/test.c new file mode 100644 index 0000000000..28ccd243a3 --- /dev/null +++ b/c/cert/test/rules/ARR37-C/test.c @@ -0,0 +1,52 @@ +struct s1 { + int f1; + int f2; + int f3; + int f4[2]; +}; + +struct s2 { + int f1; + int f2; + int data[]; +}; + +void test_ptr_arithmetic_nested(int *p1) { + // path-dependent + int *v1 = p1; + int *v2 = p1; + (void)(v1++); + (void)(v2--); + (void)(p1 + 1); + (void)(p1 - 1); + (void)p1[1]; + (void)(1 [p1]); + (void)p1[*p1 + 0]; + (void)p1[0 + 1]; + (void)p1[0]; // COMPLIANT +} + +void test(struct s1 p1, struct s1 *p2, struct s2 *p3) { + struct s1 v1[3]; + struct s2 v2[3]; + + (void)*(v1 + 2); // COMPLIANT + (void)*(v1 + 2); // COMPLIANT + + (void)v1[2]; // COMPLIANT + (void)v2[2]; // COMPLIANT + + (void)((&v1[0].f1)[1]); // NON_COMPLIANT + (void)(&v1[0].f1 + v1[1].f1); // NON_COMPLIANT + + (void)(&p1.f1)[1]; // NON_COMPLIANT + (void)(&p1.f1 + 1); // NON_COMPLIANT + (void)(&p1.f2 - 1); // NON_COMPLIANT + + (void)(&p1.f1 + p1.f1); // NON_COMPLIANT + (void)(p1.f4 + 1); // COMPLIANT + (void)(&p1.f4 + 1); // COMPLIANT + + test_ptr_arithmetic_nested((int *)&v1[0].f4); // COMPLIANT + test_ptr_arithmetic_nested(&v1[0].f1); // NON_COMPLIANT +} \ No newline at end of file From 888b054c261a8d00b61b4be087ecd7a98489cbe4 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Tue, 28 Mar 2023 01:26:41 +0200 Subject: [PATCH 0908/2573] InvalidMemory2: Implement EXP35-C query --- ...DoNotModifyObjectsWithTemporaryLifetime.md | 225 ++++++++++++++++++ ...DoNotModifyObjectsWithTemporaryLifetime.ql | 38 +++ ...odifyObjectsWithTemporaryLifetime.expected | 4 + ...otModifyObjectsWithTemporaryLifetime.qlref | 1 + c/cert/test/rules/EXP35-C/test.c | 71 ++++++ 5 files changed, 339 insertions(+) create mode 100644 c/cert/src/rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.md create mode 100644 c/cert/src/rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.ql create mode 100644 c/cert/test/rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.expected create mode 100644 c/cert/test/rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.qlref create mode 100644 c/cert/test/rules/EXP35-C/test.c diff --git a/c/cert/src/rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.md b/c/cert/src/rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.md new file mode 100644 index 0000000000..e4ee7355a4 --- /dev/null +++ b/c/cert/src/rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.md @@ -0,0 +1,225 @@ +# EXP35-C: Do not modify objects with temporary lifetime + +This query implements the CERT-C rule EXP35-C: + +> Do not modify objects with temporary lifetime + + +## Description + +The C11 Standard \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011)\] introduced a new term: *temporary lifetime*. Modifying an object with temporary lifetime is [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). According to subclause 6.2.4, paragraph 8 + +> A non-lvalue expression with structure or union type, where the structure or union contains a member with array type (including, recursively, members of all contained structures and unions) refers to an object with automatic storage duration and *temporary*lifetime. Its lifetime begins when the expression is evaluated and its initial value is the value of the expression. Its lifetime ends when the evaluation of the containing full expression or full declarator ends. Any attempt to modify an object with temporary lifetime results in undefined behavior. + + +This definition differs from the C99 Standard (which defines modifying the result of a function call or accessing it after the next sequence point as undefined behavior) because a temporary object's lifetime ends when the evaluation containing the full expression or full declarator ends, so the result of a function call can be accessed. This extension to the lifetime of a temporary also removes a quiet change to C90 and improves compatibility with C++. + +C functions may not return arrays; however, functions can return a pointer to an array or a `struct` or `union` that contains arrays. Consequently, in any version of C, if a function call returns by value a `struct` or `union` containing an array, do not modify those arrays within the expression containing the function call. In C99 and older, do not access an array returned by a function after the next sequence point or after the evaluation of the containing full expression or full declarator ends. + +## Noncompliant Code Example + +This noncompliant code example [conforms](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-conformingprogram) to the C11 Standard; however, it fails to conform to C99. If compiled with a C99-conforming implementation, this code has [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior) because the sequence point preceding the call to `printf()` comes between the call and the access by `printf()` of the string in the returned object. + +```cpp +#include + +struct X { char a[8]; }; + +struct X salutation(void) { + struct X result = { "Hello" }; + return result; +} + +struct X addressee(void) { + struct X result = { "world" }; + return result; +} + +int main(void) { + printf("%s, %s!\n", salutation().a, addressee().a); + return 0; +} + +``` + +## Compliant Solution (C11 and newer) + +This compliant solution checks `__STDC_VERSION__` to ensure that a pre-C11 compiler will fail to compile the code, rather than invoking undefined behavior. + +```cpp +#include + +#if __STDC_VERSION__ < 201112L +#error This code requires a compiler supporting the C11 standard or newer +#endif + +struct X { char a[8]; }; + +struct X salutation(void) { + struct X result = { "Hello" }; + return result; +} + +struct X addressee(void) { + struct X result = { "world" }; + return result; +} + +int main(void) { + printf("%s, %s!\n", salutation().a, addressee().a); + return 0; +} +``` + +## Compliant Solution + +This compliant solution stores the structures returned by the call to `addressee()` before calling the `printf()` function. Consequently, this program conforms to both C99 and C11. + +```cpp +#include + +struct X { char a[8]; }; + +struct X salutation(void) { + struct X result = { "Hello" }; + return result; +} + +struct X addressee(void) { + struct X result = { "world" }; + return result; +} + +int main(void) { + struct X my_salutation = salutation(); + struct X my_addressee = addressee(); + + printf("%s, %s!\n", my_salutation.a, my_addressee.a); + return 0; +} + +``` + +## Noncompliant Code Example + +This noncompliant code example attempts to retrieve an array and increment the array's first value. The array is part of a `struct` that is returned by a function call. Consequently, the array has temporary lifetime, and modifying the array is [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior) in both C99 and C11. + +```cpp +#include + +struct X { int a[6]; }; + +struct X addressee(void) { + struct X result = { { 1, 2, 3, 4, 5, 6 } }; + return result; +} + +int main(void) { + printf("%x", ++(addressee().a[0])); + return 0; +} + +``` + +## Compliant Solution + +This compliant solution stores the structure returned by the call to `addressee()` as `my_x` before calling the `printf()` function. When the array is modified, its lifetime is no longer temporary but matches the lifetime of the block in `main()`. + +```cpp +#include + +struct X { int a[6]; }; + +struct X addressee(void) { + struct X result = { { 1, 2, 3, 4, 5, 6 } }; + return result; +} + +int main(void) { + struct X my_x = addressee(); + printf("%x", ++(my_x.a[0])); + return 0; +} + +``` + +## Noncompliant Code Example + +This noncompliant code example attempts to save a pointer to an array that is part of a `struct` that is returned by a function call. Consequently, the array has temporary lifetime, and using the pointer to it outside of the full expression is [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior) in both C99 and C11. + +```cpp +#include + +struct X { int a[6]; }; + +struct X addressee(void) { + struct X result = { { 1, 2, 3, 4, 5, 6 } }; + return result; +} + +int main(void) { + int *my_a = addressee().a; + printf("%x", my_a[0]); + return 0; +} + +``` + +## Compliant Solution + +This compliant solution stores the structure returned by the call to `addressee()` as `my_x` before saving a pointer to its array member. When the pointer is used, its lifetime is no longer temporary but matches the lifetime of the block in `main()`. + +```cpp +#include + +struct X { int a[6]; }; + +struct X addressee(void) { + struct X result = { { 1, 2, 3, 4, 5, 6 } }; + return result; +} + +int main(void) { + struct X my_x = addressee(); + int *my_a = my_x.a; + printf("%x", my_a[0]); + return 0; +} + +``` + +## Risk Assessment + +Attempting to modify an array or access it after its lifetime expires may result in erroneous program behavior. + +
    Rule Severity Likelihood Remediation Cost Priority Level
    EXP35-C Low Probable Medium P4 L3
    + + +## Automated Detection + +
    Tool Version Checker Description
    Astrée 22.04 temporary-object-modification Partially checked
    Axivion Bauhaus Suite 7.2.0 CertC-EXP35
    Helix QAC 2022.4 C0450, C0455, C0459, C0464, C0465 C++3807, C++3808
    LDRA tool suite 9.7.1 642 S, 42 D, 77 D Enhanced Enforcement
    Parasoft C/C++test 2022.2 CERT_C-EXP35-a Do not modify objects with temporary lifetime
    Polyspace Bug Finder R2023a CERT-C: Rule EXP35-C Checks for accesses on objects with temporary lifetime (rule fully covered)
    PRQA QA-C 9.7 0450 \[U\], 0455 \[U\], 0459 \[U\], 0464 \[U\], 0465 \[U\]
    Splint 3.1.1
    RuleChecker 22.04 temporary-object-modification Partially checked
    + + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+EXP35-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
    Taxonomy Taxonomy item Relationship
    ISO/IEC TR 24772:2013 Dangling References to Stack Frames \[DCM\] Prior to 2018-01-12: CERT: Unspecified Relationship
    ISO/IEC TR 24772:2013 Side-effects and Order of Evaluation \[SAM\] Prior to 2018-01-12: CERT: Unspecified Relationship
    + + +## Bibliography + +
    \[ ISO/IEC 9899:2011 \] 6.2.4, "Storage Durations of Objects"
    + + +## Implementation notes + +This implementation does not cover modification or access of the result of a function call after the next sequence point, which is undefined behavior only pre-C11. + +## References + +* CERT-C: [EXP35-C: Do not modify objects with temporary lifetime](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.ql b/c/cert/src/rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.ql new file mode 100644 index 0000000000..2d66b8643c --- /dev/null +++ b/c/cert/src/rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.ql @@ -0,0 +1,38 @@ +/** + * @id c/cert/do-not-modify-objects-with-temporary-lifetime + * @name EXP35-C: Do not modify objects with temporary lifetime + * @description Attempting to modify an object with temporary lifetime results in undefined + * behavior. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/cert/id/exp35-c + * correctness + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert + +/** + * A struct or union type that contains an array type + */ +class StructOrUnionTypeWithArrayField extends Struct { + StructOrUnionTypeWithArrayField() { + this.getAField().getUnspecifiedType() instanceof ArrayType + or + // nested struct or union containing an array type + this.getAField().getUnspecifiedType().(Struct) instanceof StructOrUnionTypeWithArrayField + } +} + +// Note: Undefined behavior is possible regardless of whether the accessed field from the returned +// struct is an array or a scalar (i.e. arithmetic and pointer types) member, according to the standard. +from FieldAccess fa, FunctionCall fc +where + not isExcluded(fa, InvalidMemory2Package::doNotModifyObjectsWithTemporaryLifetimeQuery()) and + not fa.getQualifier().isLValue() and + fa.getQualifier().getUnconverted() = fc and + fa.getQualifier().getUnconverted().getUnspecifiedType() instanceof StructOrUnionTypeWithArrayField +select fa, "Field access on $@ qualifier occurs after its temporary object lifetime.", fc, + "function call" diff --git a/c/cert/test/rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.expected b/c/cert/test/rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.expected new file mode 100644 index 0000000000..f14ab4de4a --- /dev/null +++ b/c/cert/test/rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.expected @@ -0,0 +1,4 @@ +| test.c:65:18:65:18 | a | Field access on $@ qualifier occurs after its temporary object lifetime. | test.c:65:9:65:14 | call to get_s1 | function call | +| test.c:67:18:67:19 | s1 | Field access on $@ qualifier occurs after its temporary object lifetime. | test.c:67:9:67:14 | call to get_s3 | function call | +| test.c:68:18:68:19 | i1 | Field access on $@ qualifier occurs after its temporary object lifetime. | test.c:68:9:68:14 | call to get_s3 | function call | +| test.c:69:18:69:21 | af12 | Field access on $@ qualifier occurs after its temporary object lifetime. | test.c:69:9:69:14 | call to get_s4 | function call | diff --git a/c/cert/test/rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.qlref b/c/cert/test/rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.qlref new file mode 100644 index 0000000000..a142303a4e --- /dev/null +++ b/c/cert/test/rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.qlref @@ -0,0 +1 @@ +rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.ql \ No newline at end of file diff --git a/c/cert/test/rules/EXP35-C/test.c b/c/cert/test/rules/EXP35-C/test.c new file mode 100644 index 0000000000..09e91089ab --- /dev/null +++ b/c/cert/test/rules/EXP35-C/test.c @@ -0,0 +1,71 @@ +#include + +typedef float AF12[12]; + +struct S1 { + char a[8]; +}; +struct S2 { + struct S1 *s1; +}; +struct S3 { + struct S1 s1; + int i1; +}; +struct S4 { + AF12 af12; +}; + +struct S5 { + int i1; + struct S1 *s1; +}; + +struct S1 get_s1(void) { + struct S1 s1; + return s1; +} + +struct S1 *get_s1_ptr(void) { + struct S1 *s1 = malloc(sizeof(struct S1)); + return s1; +} + +struct S2 get_s2(void) { + struct S2 s2; + return s2; +} + +struct S3 get_s3(void) { + struct S3 s3; + return s3; +} + +struct S4 get_s4(void) { + struct S4 s4; + return s4; +} + +struct S5 get_s5(void) { + struct S5 s5; + return s5; +} + +void test_field_access(void) { + struct S1 s1 = get_s1(); + struct S2 s2 = get_s2(); + struct S3 s3 = get_s3(); + struct S4 s4 = get_s4(); + + s1.a[0] = 'a'; // COMPLIANT + s2.s1->a[0] = 'a'; // COMPLIANT + s3.s1.a[0] = 'a'; // COMPLIANT + s4.af12[0] = 0.0f; // COMPLIANT + + (void)get_s1().a; // NON_COMPLIANT + (void)get_s2().s1->a; // COMPLIANT + (void)get_s3().s1.a; // NON_COMPLIANT + (void)get_s3().i1; // NON_COMPLIANT - even if scalar type accessed + (void)get_s4().af12; // NON_COMPLIANT + (void)get_s5().s1->a; // COMPLIANT +} \ No newline at end of file From 163e23fe3c425f88c50f59848680714d303a4c02 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Tue, 28 Mar 2023 01:35:40 +0200 Subject: [PATCH 0909/2573] Update DoNotModifyObjectsWithTemporaryLifetime.md --- .../rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/cert/src/rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.md b/c/cert/src/rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.md index e4ee7355a4..58ff1b03cf 100644 --- a/c/cert/src/rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.md +++ b/c/cert/src/rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.md @@ -218,7 +218,7 @@ Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+D ## Implementation notes -This implementation does not cover modification or access of the result of a function call after the next sequence point, which is undefined behavior only pre-C11. +This implementation also always reports non-modifying accesses of objects with temporary lifetime, which are only compliant in C11. ## References From 49cded32ab4d92c8504e71fa122f485401d6cc9b Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 28 Mar 2023 00:54:55 +0100 Subject: [PATCH 0910/2573] PRE31-C: Implement query Implements a heuristic query to find cases where arguments are provided to unsafe macros which have side-effects. --- .../SideEffectsInArgumentsToUnsafeMacros.md | 16 ++++ .../SideEffectsInArgumentsToUnsafeMacros.ql | 74 +++++++++++++++++++ ...eEffectsInArgumentsToUnsafeMacros.expected | 10 +++ ...SideEffectsInArgumentsToUnsafeMacros.qlref | 1 + c/cert/test/rules/PRE31-C/test.c | 29 ++++++++ cpp/common/src/codingstandards/cpp/Macro.qll | 3 +- .../cpp/exclusions/c/RuleMetadata.qll | 3 + .../cpp/exclusions/c/SideEffects4.qll | 26 +++++++ rule_packages/c/SideEffects4.json | 23 ++++++ rules.csv | 2 +- 10 files changed, 185 insertions(+), 2 deletions(-) create mode 100644 c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.md create mode 100644 c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.ql create mode 100644 c/cert/test/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.expected create mode 100644 c/cert/test/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.qlref create mode 100644 c/cert/test/rules/PRE31-C/test.c create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects4.qll create mode 100644 rule_packages/c/SideEffects4.json diff --git a/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.md b/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.md new file mode 100644 index 0000000000..e302785482 --- /dev/null +++ b/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.md @@ -0,0 +1,16 @@ +# PRE31-C: Avoid side effects in arguments to unsafe macros + +This query implements the CERT-C rule PRE31-C: + +> Avoid side effects in arguments to unsafe macros +## CERT + +** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** + +## Implementation notes + +None + +## References + +* CERT-C: [PRE31-C: Avoid side effects in arguments to unsafe macros](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.ql b/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.ql new file mode 100644 index 0000000000..ffd7334cb5 --- /dev/null +++ b/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.ql @@ -0,0 +1,74 @@ +/** + * @id c/cert/side-effects-in-arguments-to-unsafe-macros + * @name PRE31-C: Avoid side effects in arguments to unsafe macros + * @description Macro arguments can be expanded multiple times which can cause side-effects to be + * evaluated multiple times. + * @kind problem + * @precision low + * @problem.severity error + * @tags external/cert/id/pre31-c + * correctness + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import codingstandards.cpp.Macro +import codingstandards.cpp.SideEffect +import codingstandards.cpp.StructuralEquivalence +import codingstandards.cpp.sideeffect.DefaultEffects +import codingstandards.cpp.sideeffect.Customizations + +class FunctionCallEffect extends GlobalSideEffect::Range { + FunctionCallEffect() { + exists(Function f | + f = this.(FunctionCall).getTarget() and + // Not a side-effecting function + not f.(BuiltInFunction).getName() = "__builtin_expect" and + // Not side-effecting functions + not exists(string name | + name = + [ + "acos", "asin", "atan", "atan2", "ceil", "cos", "cosh", "exp", "fabs", "floor", "fmod", + "frexp", "ldexp", "log", "log10", "modf", "pow", "sin", "sinh", "sqrt", "tan", "tanh", + "cbrt", "erf", "erfc", "exp2", "expm1", "fdim", "fma", "fmax", "fmin", "hypot", "ilogb", + "lgamma", "llrint", "llround", "log1p", "log2", "logb", "lrint", "lround", "nan", + "nearbyint", "nextafter", "nexttoward", "remainder", "remquo", "rint", "round", + "scalbln", "scalbn", "tgamma", "trunc" + ] and + f.hasGlobalOrStdName([name, name + "f", name + "l"]) + ) + ) + } +} + +class CrementEffect extends LocalSideEffect::Range { + CrementEffect() { this instanceof CrementOperation } +} + +from + FunctionLikeMacro flm, MacroInvocation mi, Expr e, SideEffect sideEffect, int i, string arg, + string sideEffectDesc +where + not isExcluded(e, SideEffects4Package::sideEffectsInArgumentsToUnsafeMacrosQuery()) and + sideEffect = getASideEffect(e) and + flm.getAnInvocation() = mi and + not exists(mi.getParentInvocation()) and + mi.getAnExpandedElement() = e and + // Only consider arguments that are expanded multiple times, and do not consider "stringified" arguments + count(int index | index = flm.getAParameterUse(i) and not flm.getBody().charAt(index) = "#") > 1 and + arg = mi.getExpandedArgument(i) and + ( + sideEffect instanceof CrementEffect and + exists(arg.indexOf(sideEffect.(CrementOperation).getOperator())) and + sideEffectDesc = "the use of the " + sideEffect.(CrementOperation).getOperator() + " operator" + or + sideEffect instanceof FunctionCallEffect and + exists(arg.indexOf(sideEffect.(FunctionCall).getTarget().getName() + "(")) and + sideEffectDesc = + "a call to the function '" + sideEffect.(FunctionCall).getTarget().getName() + "'" + ) +select sideEffect, + "Argument " + mi.getUnexpandedArgument(i) + " to unsafe macro '" + flm.getName() + + "' is expanded to '" + arg + "' multiple times and includes " + sideEffectDesc + + " as a side-effect." diff --git a/c/cert/test/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.expected b/c/cert/test/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.expected new file mode 100644 index 0000000000..769d0c81c9 --- /dev/null +++ b/c/cert/test/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.expected @@ -0,0 +1,10 @@ +| test.c:9:10:9:12 | ... ++ | Argument i++ to unsafe macro 'unsafe' is expanded to 'i++' multiple times and includes the use of the ++ operator as a side-effect. | +| test.c:9:10:9:12 | ... ++ | Argument i++ to unsafe macro 'unsafe' is expanded to 'i++' multiple times and includes the use of the ++ operator as a side-effect. | +| test.c:11:10:11:12 | ... -- | Argument i-- to unsafe macro 'unsafe' is expanded to 'i--' multiple times and includes the use of the -- operator as a side-effect. | +| test.c:11:10:11:12 | ... -- | Argument i-- to unsafe macro 'unsafe' is expanded to 'i--' multiple times and includes the use of the -- operator as a side-effect. | +| test.c:26:10:26:15 | call to addOne | Argument addOne(10) to unsafe macro 'unsafe' is expanded to 'addOne(10)' multiple times and includes a call to the function 'addOne' as a side-effect. | +| test.c:26:10:26:15 | call to addOne | Argument addOne(10) to unsafe macro 'unsafe' is expanded to 'addOne(10)' multiple times and includes a call to the function 'addOne' as a side-effect. | +| test.c:27:10:27:17 | call to external | Argument external() to unsafe macro 'unsafe' is expanded to 'external()' multiple times and includes a call to the function 'external' as a side-effect. | +| test.c:27:10:27:17 | call to external | Argument external() to unsafe macro 'unsafe' is expanded to 'external()' multiple times and includes a call to the function 'external' as a side-effect. | +| test.c:28:10:28:15 | call to writeX | Argument writeX(10) to unsafe macro 'unsafe' is expanded to 'writeX(10)' multiple times and includes a call to the function 'writeX' as a side-effect. | +| test.c:28:10:28:15 | call to writeX | Argument writeX(10) to unsafe macro 'unsafe' is expanded to 'writeX(10)' multiple times and includes a call to the function 'writeX' as a side-effect. | diff --git a/c/cert/test/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.qlref b/c/cert/test/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.qlref new file mode 100644 index 0000000000..25a8d53fae --- /dev/null +++ b/c/cert/test/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.qlref @@ -0,0 +1 @@ +rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.ql \ No newline at end of file diff --git a/c/cert/test/rules/PRE31-C/test.c b/c/cert/test/rules/PRE31-C/test.c new file mode 100644 index 0000000000..87ca535f2b --- /dev/null +++ b/c/cert/test/rules/PRE31-C/test.c @@ -0,0 +1,29 @@ +#include + +#define safe(x) ((x) + 1) +#define unsafe(x) (x) * (x) + +void test_crement() { + int i = 0; + safe(i++); // COMPLIANT + unsafe(i++); // NON_COMPLIANT + safe(i--); // COMPLIANT + unsafe(i--); // NON_COMPLIANT +} + +int addOne(int x) { return x + 1; } +int writeX(int x) { + printf("%d", x); + return x; +} + +int external(); + +void test_call() { + safe(addOne(10)); // COMPLIANT + safe(external()); // COMPLIANT + safe(writeX(10)); // COMPLIANT + unsafe(addOne(10)); // COMPLIANT + unsafe(external()); // NON_COMPLIANT + unsafe(writeX(10)); // NON_COMPLIANT +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/Macro.qll b/cpp/common/src/codingstandards/cpp/Macro.qll index 65d0321271..5760d65bd3 100644 --- a/cpp/common/src/codingstandards/cpp/Macro.qll +++ b/cpp/common/src/codingstandards/cpp/Macro.qll @@ -15,7 +15,8 @@ class FunctionLikeMacro extends Macro { int getAParameterUse(int index) { exists(string parameter | parameter = getParameter(index) | - result = this.getBody().indexOf(parameter) + // Find identifier tokens in the program that match the parameter name + exists(this.getBody().regexpFind("\\#?\\b" + parameter + "\\b", _, result)) ) } } diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index f4aed38bab..a89f30f01e 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -50,6 +50,7 @@ import Preprocessor5 import Preprocessor6 import SideEffects1 import SideEffects2 +import SideEffects4 import SignalHandlers import StandardLibraryFunctionTypes import Statements1 @@ -113,6 +114,7 @@ newtype TCQuery = TPreprocessor6PackageQuery(Preprocessor6Query q) or TSideEffects1PackageQuery(SideEffects1Query q) or TSideEffects2PackageQuery(SideEffects2Query q) or + TSideEffects4PackageQuery(SideEffects4Query q) or TSignalHandlersPackageQuery(SignalHandlersQuery q) or TStandardLibraryFunctionTypesPackageQuery(StandardLibraryFunctionTypesQuery q) or TStatements1PackageQuery(Statements1Query q) or @@ -176,6 +178,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isPreprocessor6QueryMetadata(query, queryId, ruleId, category) or isSideEffects1QueryMetadata(query, queryId, ruleId, category) or isSideEffects2QueryMetadata(query, queryId, ruleId, category) or + isSideEffects4QueryMetadata(query, queryId, ruleId, category) or isSignalHandlersQueryMetadata(query, queryId, ruleId, category) or isStandardLibraryFunctionTypesQueryMetadata(query, queryId, ruleId, category) or isStatements1QueryMetadata(query, queryId, ruleId, category) or diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects4.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects4.qll new file mode 100644 index 0000000000..d48b4a562d --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects4.qll @@ -0,0 +1,26 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype SideEffects4Query = TSideEffectsInArgumentsToUnsafeMacrosQuery() + +predicate isSideEffects4QueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `sideEffectsInArgumentsToUnsafeMacros` query + SideEffects4Package::sideEffectsInArgumentsToUnsafeMacrosQuery() and + queryId = + // `@id` for the `sideEffectsInArgumentsToUnsafeMacros` query + "c/cert/side-effects-in-arguments-to-unsafe-macros" and + ruleId = "PRE31-C" and + category = "rule" +} + +module SideEffects4Package { + Query sideEffectsInArgumentsToUnsafeMacrosQuery() { + //autogenerate `Query` type + result = + // `Query` type for `sideEffectsInArgumentsToUnsafeMacros` query + TQueryC(TSideEffects4PackageQuery(TSideEffectsInArgumentsToUnsafeMacrosQuery())) + } +} diff --git a/rule_packages/c/SideEffects4.json b/rule_packages/c/SideEffects4.json new file mode 100644 index 0000000000..1e1fa2f9a8 --- /dev/null +++ b/rule_packages/c/SideEffects4.json @@ -0,0 +1,23 @@ +{ + "CERT-C": { + "PRE31-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Macro arguments can be expanded multiple times which can cause side-effects to be evaluated multiple times.", + "kind": "problem", + "name": "Avoid side effects in arguments to unsafe macros", + "precision": "low", + "severity": "error", + "short_name": "SideEffectsInArgumentsToUnsafeMacros", + "tags": [ + "correctness" + ] + } + ], + "title": "Avoid side effects in arguments to unsafe macros" + } + } +} \ No newline at end of file diff --git a/rules.csv b/rules.csv index 35b1c7f44c..86809d0a61 100644 --- a/rules.csv +++ b/rules.csv @@ -586,7 +586,7 @@ c,CERT-C,POS52-C,OutOfScope,Rule,,,Do not perform operations that can block whil c,CERT-C,POS53-C,OutOfScope,Rule,,,Do not use more than one mutex for concurrent waiting operations on a condition variable,,,, c,CERT-C,POS54-C,OutOfScope,Rule,,,Detect and handle POSIX library errors,,,, c,CERT-C,PRE30-C,No,Rule,,,Do not create a universal character name through concatenation,,,Medium, -c,CERT-C,PRE31-C,Yes,Rule,,,Avoid side effects in arguments to unsafe macros,RULE-13-2,SideEffects,Medium, +c,CERT-C,PRE31-C,Yes,Rule,,,Avoid side effects in arguments to unsafe macros,RULE-13-2,SideEffects4,Medium, c,CERT-C,PRE32-C,Yes,Rule,,,Do not use preprocessor directives in invocations of function-like macros,,Preprocessor5,Hard, c,CERT-C,SIG30-C,Yes,Rule,,,Call only asynchronous-safe functions within signal handlers,,SignalHandlers,Medium, c,CERT-C,SIG31-C,Yes,Rule,,,Do not access shared objects in signal handlers,,SignalHandlers,Medium, From f2ce33142a126cade932989e480b0474cf934519 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 27 Mar 2023 21:57:38 -0700 Subject: [PATCH 0911/2573] Add SidePackage3 rule description and metadata --- .vscode/tasks.json | 5 +- .../cpp/exclusions/c/RuleMetadata.qll | 3 + .../cpp/exclusions/c/SideEffects3.qll | 61 +++++++++++++++++++ rule_packages/c/SideEffects3.json | 55 +++++++++++++++++ rules.csv | 4 +- 5 files changed, 124 insertions(+), 4 deletions(-) create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects3.qll create mode 100644 rule_packages/c/SideEffects3.json diff --git a/.vscode/tasks.json b/.vscode/tasks.json index 8cebadd0c3..57922779e3 100644 --- a/.vscode/tasks.json +++ b/.vscode/tasks.json @@ -203,8 +203,8 @@ "Concurrency1", "Concurrency2", "Concurrency3", - "Concurrency4", - "Concurrency5", + "Concurrency4", + "Concurrency5", "Conditionals", "Const", "DeadCode", @@ -255,6 +255,7 @@ "Scope", "SideEffects1", "SideEffects2", + "SideEffects3", "SmartPointers1", "SmartPointers2", "Strings", diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index f4aed38bab..4e3a26b98e 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -50,6 +50,7 @@ import Preprocessor5 import Preprocessor6 import SideEffects1 import SideEffects2 +import SideEffects3 import SignalHandlers import StandardLibraryFunctionTypes import Statements1 @@ -113,6 +114,7 @@ newtype TCQuery = TPreprocessor6PackageQuery(Preprocessor6Query q) or TSideEffects1PackageQuery(SideEffects1Query q) or TSideEffects2PackageQuery(SideEffects2Query q) or + TSideEffects3PackageQuery(SideEffects3Query q) or TSignalHandlersPackageQuery(SignalHandlersQuery q) or TStandardLibraryFunctionTypesPackageQuery(StandardLibraryFunctionTypesQuery q) or TStatements1PackageQuery(Statements1Query q) or @@ -176,6 +178,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isPreprocessor6QueryMetadata(query, queryId, ruleId, category) or isSideEffects1QueryMetadata(query, queryId, ruleId, category) or isSideEffects2QueryMetadata(query, queryId, ruleId, category) or + isSideEffects3QueryMetadata(query, queryId, ruleId, category) or isSignalHandlersQueryMetadata(query, queryId, ruleId, category) or isStandardLibraryFunctionTypesQueryMetadata(query, queryId, ruleId, category) or isStatements1QueryMetadata(query, queryId, ruleId, category) or diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects3.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects3.qll new file mode 100644 index 0000000000..7c1bedf6f7 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects3.qll @@ -0,0 +1,61 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype SideEffects3Query = + TSideEffectsInArgumentsToUnsafeMacrosQuery() or + TUnsequencedSideEffectsQuery() or + TMultipleObjectModificationsQuery() + +predicate isSideEffects3QueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `sideEffectsInArgumentsToUnsafeMacros` query + SideEffects3Package::sideEffectsInArgumentsToUnsafeMacrosQuery() and + queryId = + // `@id` for the `sideEffectsInArgumentsToUnsafeMacros` query + "c/cert/side-effects-in-arguments-to-unsafe-macros" and + ruleId = "PRE31-C" and + category = "rule" + or + query = + // `Query` instance for the `unsequencedSideEffects` query + SideEffects3Package::unsequencedSideEffectsQuery() and + queryId = + // `@id` for the `unsequencedSideEffects` query + "c/misra/unsequenced-side-effects" and + ruleId = "RULE-13-2" and + category = "required" + or + query = + // `Query` instance for the `multipleObjectModifications` query + SideEffects3Package::multipleObjectModificationsQuery() and + queryId = + // `@id` for the `multipleObjectModifications` query + "c/misra/multiple-object-modifications" and + ruleId = "RULE-13-2" and + category = "required" +} + +module SideEffects3Package { + Query sideEffectsInArgumentsToUnsafeMacrosQuery() { + //autogenerate `Query` type + result = + // `Query` type for `sideEffectsInArgumentsToUnsafeMacros` query + TQueryC(TSideEffects3PackageQuery(TSideEffectsInArgumentsToUnsafeMacrosQuery())) + } + + Query unsequencedSideEffectsQuery() { + //autogenerate `Query` type + result = + // `Query` type for `unsequencedSideEffects` query + TQueryC(TSideEffects3PackageQuery(TUnsequencedSideEffectsQuery())) + } + + Query multipleObjectModificationsQuery() { + //autogenerate `Query` type + result = + // `Query` type for `multipleObjectModifications` query + TQueryC(TSideEffects3PackageQuery(TMultipleObjectModificationsQuery())) + } +} diff --git a/rule_packages/c/SideEffects3.json b/rule_packages/c/SideEffects3.json new file mode 100644 index 0000000000..6b9159ca24 --- /dev/null +++ b/rule_packages/c/SideEffects3.json @@ -0,0 +1,55 @@ +{ + "CERT-C": { + "PRE31-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "Avoid side effects in arguments to unsafe macros", + "precision": "very-high", + "severity": "error", + "short_name": "SideEffectsInArgumentsToUnsafeMacros", + "tags": [ + "correctness" + ] + } + ], + "title": "Avoid side effects in arguments to unsafe macros" + } + }, + "MISRA-C-2012": { + "RULE-13-2": { + "properties": { + "obligation": "required" + }, + "queries": [ + { + "description": "The value of an expression and its persistent side effects are depending on the evaluation order resulting in unpredictable behavior.", + "kind": "problem", + "name": "The value of an expression and its persistent side effects depend on its evaluation order", + "precision": "very-high", + "severity": "error", + "short_name": "UnsequencedSideEffects", + "tags": [ + "correctness" + ] + }, + { + "description": "An object shall not be modified more than once between two adjacent sequence points or within any full expression.", + "kind": "problem", + "name": "No object shall be modified more than once", + "precision": "very-high", + "severity": "warning", + "short_name": "MultipleObjectModifications", + "tags": [ + "correctness" + ] + } + ], + "title": "The value of an expression and its persistent side effects shall be the same under all permitted evaluation orders" + } + } +} \ No newline at end of file diff --git a/rules.csv b/rules.csv index 35b1c7f44c..5c021ae1ed 100644 --- a/rules.csv +++ b/rules.csv @@ -586,7 +586,7 @@ c,CERT-C,POS52-C,OutOfScope,Rule,,,Do not perform operations that can block whil c,CERT-C,POS53-C,OutOfScope,Rule,,,Do not use more than one mutex for concurrent waiting operations on a condition variable,,,, c,CERT-C,POS54-C,OutOfScope,Rule,,,Detect and handle POSIX library errors,,,, c,CERT-C,PRE30-C,No,Rule,,,Do not create a universal character name through concatenation,,,Medium, -c,CERT-C,PRE31-C,Yes,Rule,,,Avoid side effects in arguments to unsafe macros,RULE-13-2,SideEffects,Medium, +c,CERT-C,PRE31-C,Yes,Rule,,,Avoid side effects in arguments to unsafe macros,RULE-13-2,SideEffects3,Medium, c,CERT-C,PRE32-C,Yes,Rule,,,Do not use preprocessor directives in invocations of function-like macros,,Preprocessor5,Hard, c,CERT-C,SIG30-C,Yes,Rule,,,Call only asynchronous-safe functions within signal handlers,,SignalHandlers,Medium, c,CERT-C,SIG31-C,Yes,Rule,,,Do not access shared objects in signal handlers,,SignalHandlers,Medium, @@ -688,7 +688,7 @@ c,MISRA-C-2012,RULE-12-3,Yes,Advisory,,,The comma operator should not be used,M5 c,MISRA-C-2012,RULE-12-4,Yes,Advisory,,,Evaluation of constant expressions should not lead to unsigned integer wrap-around,INT30-C,IntegerOverflow,Easy, c,MISRA-C-2012,RULE-12-5,Yes,Mandatory,,,The sizeof operator shall not have an operand which is a function parameter declared as �array of type�,,Types,Medium, c,MISRA-C-2012,RULE-13-1,Yes,Required,,,Initializer lists shall not contain persistent side effects,,SideEffects1,Medium, -c,MISRA-C-2012,RULE-13-2,Yes,Required,,,The value of an expression and its persistent side effects shall be the same under all permitted evaluation orders,PRE31-C,SideEffects,Medium, +c,MISRA-C-2012,RULE-13-2,Yes,Required,,,The value of an expression and its persistent side effects shall be the same under all permitted evaluation orders,PRE31-C,SideEffects3,Medium, c,MISRA-C-2012,RULE-13-3,Yes,Advisory,,,A full expression containing an increment (++) or decrement (--) operator should have no other potential side effects other than that caused by the increment or decrement operator,,SideEffects2,Medium, c,MISRA-C-2012,RULE-13-4,Yes,Advisory,,,The result of an assignment operator should not be used,M6-2-1,SideEffects1,Easy, c,MISRA-C-2012,RULE-13-5,Yes,Required,,,The right hand operand of a logical && or || operator shall not contain persistent side effects,M5-14-1,SideEffects1,Import, From ee8db1d633a04f07b732b83c7581796297e8303b Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 24 Mar 2023 16:44:48 -0700 Subject: [PATCH 0912/2573] Change the definition of a full expr to match the standard --- c/common/src/codingstandards/c/Expr.qll | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/c/common/src/codingstandards/c/Expr.qll b/c/common/src/codingstandards/c/Expr.qll index eadc870486..52a9f0719f 100644 --- a/c/common/src/codingstandards/c/Expr.qll +++ b/c/common/src/codingstandards/c/Expr.qll @@ -3,8 +3,19 @@ import cpp /* A full expression as defined in ISO/IEC 9899:2011 6.8 point 4 and Annex C point 1 item 5. */ class FullExpr extends Expr { FullExpr() { - not this.getParent() instanceof Expr and - not exists(Variable v | v.getInitializer().getExpr() = this) + exists(ExprStmt s | this = s.getExpr()) + or + exists(Loop l | this = l.getControllingExpr()) + or + exists(ConditionalStmt s | this = s.getControllingExpr()) + or + exists(ForStmt s | this = s.getUpdate()) + or + exists(ReturnStmt s | this = s.getExpr()) + or + this instanceof AggregateLiteral + or + this = any(Variable v).getInitializer().getExpr() } } From 25cee4fb23fe3c34dab5abae1167bb8c3b694bc5 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 24 Mar 2023 16:46:09 -0700 Subject: [PATCH 0913/2573] Add full declarators case to ordering module --- c/common/src/codingstandards/c/Ordering.qll | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/c/common/src/codingstandards/c/Ordering.qll b/c/common/src/codingstandards/c/Ordering.qll index 955cba5e50..fd71c8c347 100644 --- a/c/common/src/codingstandards/c/Ordering.qll +++ b/c/common/src/codingstandards/c/Ordering.qll @@ -13,7 +13,6 @@ module Ordering { /** * Holds if `e1` is sequenced before `e2` as defined by Annex C in ISO/IEC 9899:2011 * This limits to expression and we do not consider the sequence points that are not amenable to modelling: - * - after a full declarator as described in 6.7.6 point 3. * - before a library function returns (see 7.1.4 point 3). * - after the actions associated with each formatted I/O function conversion specifier (see 7.21.6 point 1 & 7.29.2 point 1). * - between the expr before and after a call to a comparison function, @@ -68,6 +67,24 @@ module Ordering { // The side effect of updating the stored value of the left operand is sequenced after the value computations of the left and right operands. // See 6.5.16 e2.(Assignment).getAnOperand().getAChild*() = e1 + or + // There is a sequence point after a full declarator as described in 6.7.6 point 3. + exists(DeclStmt declStmt, int i, int j | i < j | + declStmt + .getDeclarationEntry(i) + .(VariableDeclarationEntry) + .getVariable() + .getInitializer() + .getExpr() + .getAChild*() = e1 and + declStmt + .getDeclarationEntry(j) + .(VariableDeclarationEntry) + .getVariable() + .getInitializer() + .getExpr() + .getAChild*() = e2 + ) ) } From 3e888082a6509069ccebb51471685cdd160f21d1 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 24 Mar 2023 16:47:08 -0700 Subject: [PATCH 0914/2573] Consider children expression when determining ordering --- c/common/src/codingstandards/c/Ordering.qll | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/c/common/src/codingstandards/c/Ordering.qll b/c/common/src/codingstandards/c/Ordering.qll index fd71c8c347..ea7fa60115 100644 --- a/c/common/src/codingstandards/c/Ordering.qll +++ b/c/common/src/codingstandards/c/Ordering.qll @@ -27,12 +27,12 @@ module Ordering { // before the actual call. exists(Call call | ( - call.getAnArgument() = e1 + call.getAnArgument().getAChild*() = e1 or // Postfix expression designating the called function // We current only handle call through function pointers because the postfix expression // of regular function calls is not available. That is, identifying `f` in `f(...)` - call.(ExprCall).getExpr() = e1 + call.(ExprCall).getExpr().getAChild*() = e1 ) and call.getTarget() = e2.getEnclosingFunction() ) @@ -42,7 +42,7 @@ module Ordering { exists(BinaryLogicalOperation blop | blop instanceof LogicalAndExpr or blop instanceof LogicalOrExpr | - blop.getLeftOperand() = e1 and blop.getRightOperand() = e2 + blop.getLeftOperand().getAChild*() = e1 and blop.getRightOperand().getAChild*() = e2 ) or // 6.5.17 point 2 - There is a sequence pointt between the left operand and the right operand. @@ -50,13 +50,13 @@ module Ordering { lhs = ce.getLeftOperand() and rhs = ce.getRightOperand() | - lhs = e1.getParent*() and rhs = e2.getParent*() + lhs.getAChild*() = e1 and rhs.getAChild*() = e2 ) or // 6.5.15 point 4 - There is a sequence point between the first operand and the evaluation of the second or third. exists(ConditionalExpr cond | - cond.getCondition() = e1 and - (cond.getThen() = e2 or cond.getElse() = e2) + cond.getCondition().getAChild*() = e1 and + (cond.getThen().getAChild*() = e2 or cond.getElse().getAChild*() = e2) ) or // Between the evaluation of a full expression and the next to be evaluated full expression. From 19bebdd3d0198c0842635a981bb96184db72b07d Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 24 Mar 2023 16:47:38 -0700 Subject: [PATCH 0915/2573] Address typos --- c/common/src/codingstandards/c/Ordering.qll | 4 ++-- c/common/src/codingstandards/c/SideEffects.qll | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/c/common/src/codingstandards/c/Ordering.qll b/c/common/src/codingstandards/c/Ordering.qll index ea7fa60115..575dc6f3fd 100644 --- a/c/common/src/codingstandards/c/Ordering.qll +++ b/c/common/src/codingstandards/c/Ordering.qll @@ -37,7 +37,7 @@ module Ordering { call.getTarget() = e2.getEnclosingFunction() ) or - // 6.5.13 point 4 & 6.5.14 point 4 - The operators guarantee left-to-righ evaluation and there is + // 6.5.13 point 4 & 6.5.14 point 4 - The operators guarantee left-to-right evaluation and there is // a sequence point between the first and second operand if the latter is evaluated. exists(BinaryLogicalOperation blop | blop instanceof LogicalAndExpr or blop instanceof LogicalOrExpr @@ -45,7 +45,7 @@ module Ordering { blop.getLeftOperand().getAChild*() = e1 and blop.getRightOperand().getAChild*() = e2 ) or - // 6.5.17 point 2 - There is a sequence pointt between the left operand and the right operand. + // 6.5.17 point 2 - There is a sequence point between the left operand and the right operand. exists(CommaExpr ce, Expr lhs, Expr rhs | lhs = ce.getLeftOperand() and rhs = ce.getRightOperand() diff --git a/c/common/src/codingstandards/c/SideEffects.qll b/c/common/src/codingstandards/c/SideEffects.qll index 3cea568e3e..09bf672a30 100644 --- a/c/common/src/codingstandards/c/SideEffects.qll +++ b/c/common/src/codingstandards/c/SideEffects.qll @@ -26,7 +26,7 @@ private class VolatileAccess extends GlobalSideEffect::Range, VariableAccess { this.getTarget().isVolatile() and // Exclude value computation of an lvalue expression soley used to determine the identity // of the object. As noted in the footnote of 6.5.16 point 3 it is implementation dependend - // whether the value of the assignment expression deterived from the left operand after the assignment + // whether the value of the assignment expression derived from the left operand after the assignment // is determined by reading the object. We assume it is not for assignments that are a child of an // expression statement because the value is not used and is required for the compliant MISRA-C:2012 case: // `extern volatile int v; v = v & 0x80;` From 86540f589078a848d8cedd48b7fa6767d68b9bcb Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 24 Mar 2023 16:48:10 -0700 Subject: [PATCH 0916/2573] Remove unimplemented queries for RULE-13-2 from package. --- rule_packages/c/SideEffects3.json | 25 +------------------------ 1 file changed, 1 insertion(+), 24 deletions(-) diff --git a/rule_packages/c/SideEffects3.json b/rule_packages/c/SideEffects3.json index 6b9159ca24..1924ebf988 100644 --- a/rule_packages/c/SideEffects3.json +++ b/rule_packages/c/SideEffects3.json @@ -4,19 +4,7 @@ "properties": { "obligation": "rule" }, - "queries": [ - { - "description": "", - "kind": "problem", - "name": "Avoid side effects in arguments to unsafe macros", - "precision": "very-high", - "severity": "error", - "short_name": "SideEffectsInArgumentsToUnsafeMacros", - "tags": [ - "correctness" - ] - } - ], + "queries": [], "title": "Avoid side effects in arguments to unsafe macros" } }, @@ -36,17 +24,6 @@ "tags": [ "correctness" ] - }, - { - "description": "An object shall not be modified more than once between two adjacent sequence points or within any full expression.", - "kind": "problem", - "name": "No object shall be modified more than once", - "precision": "very-high", - "severity": "warning", - "short_name": "MultipleObjectModifications", - "tags": [ - "correctness" - ] } ], "title": "The value of an expression and its persistent side effects shall be the same under all permitted evaluation orders" From 96317b69bcc70cef5f827293e5b3a56bf992cbf5 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 24 Mar 2023 16:51:28 -0700 Subject: [PATCH 0917/2573] Add query for RULE 13-2 --- .../rules/RULE-13-2/UnsequencedSideEffects.ql | 59 +++++++++++++++++++ .../RULE-13-2/UnsequencedSideEffects.expected | 5 ++ .../RULE-13-2/UnsequencedSideEffects.qlref | 1 + c/misra/test/rules/RULE-13-2/test.c | 28 +++++++++ 4 files changed, 93 insertions(+) create mode 100644 c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql create mode 100644 c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.expected create mode 100644 c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.qlref create mode 100644 c/misra/test/rules/RULE-13-2/test.c diff --git a/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql b/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql new file mode 100644 index 0000000000..c019b2c37f --- /dev/null +++ b/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql @@ -0,0 +1,59 @@ +/** + * @id c/misra/unsequenced-side-effects + * @name RULE-13-2: The value of an expression and its persistent side effects depend on its evaluation order + * @description The value of an expression and its persistent side effects are depending on the + * evaluation order resulting in unpredictable behavior. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-13-2 + * correctness + * external/misra/obligation/required + */ + +import cpp +import codingstandards.c.misra +import codingstandards.c.Expr +import codingstandards.c.SideEffects +import codingstandards.c.Ordering + +predicate isCandidatePair(Expr parentExpr, Expr e1, Expr e2) { + parentExpr.getAChild+() = e1 and + parentExpr.getAChild+() = e2 +} + +class ConstituentExprOrdering extends Ordering::Configuration { + ConstituentExprOrdering() { this = "ConstituentExprOrdering" } + + override predicate isCandidate(Expr e1, Expr e2) { + // Two different expressions part of the same full expression. + // Compute differerence using successor relation to break the symmetry of the candidate relation. + isCandidatePair(_, e1, e2) + } +} + +from + ConstituentExprOrdering orderingConfig, FullExpr fullExpr, VariableEffect variableEffect1, + VariableEffect variableEffect2 +where + not isExcluded(fullExpr, SideEffects3Package::unsequencedSideEffectsQuery()) and + // If the effect is local we can directly check if it is unsequenced. + // If the effect is not local (happens in a different function) we use the access as a proxy. + orderingConfig.isUnsequenced(variableEffect1, variableEffect2) and + fullExpr.getAChild+() = variableEffect1 and + fullExpr.getAChild+() = variableEffect2 and + // Both are evaluated + not exists(ConditionalExpr ce | + ce.getThen().getAChild*() = variableEffect1 and ce.getElse().getAChild*() = variableEffect2 + ) and + // Break the symmetry of the ordering relation by requiring that the first expression is located before the second. + // This builds upon the assumption that the expressions are part of the same full expression as specified in the ordering configuration. + exists(int offset1, int offset2 | + variableEffect1.getLocation().charLoc(_, offset1, _) and + variableEffect2.getLocation().charLoc(_, offset2, _) and + offset1 < offset2 + ) +select fullExpr, "The expression contains unsequenced $@ to $@ and $@ to $@.", variableEffect1, + "side effect", variableEffect1.getAnAccess(), variableEffect1.getTarget().getName(), + variableEffect2, "side effect", variableEffect2.getAnAccess(), + variableEffect2.getTarget().getName() diff --git a/c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.expected b/c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.expected new file mode 100644 index 0000000000..12ea5b578c --- /dev/null +++ b/c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.expected @@ -0,0 +1,5 @@ +| test.c:6:12:6:18 | ... + ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:6:12:6:13 | l1 | side effect | test.c:6:12:6:13 | l1 | l1 | test.c:6:17:6:18 | l1 | side effect | test.c:6:17:6:18 | l1 | l1 | +| test.c:7:12:7:18 | ... + ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:7:12:7:13 | l1 | side effect | test.c:7:12:7:13 | l1 | l1 | test.c:7:17:7:18 | l2 | side effect | test.c:7:17:7:18 | l2 | l2 | +| test.c:17:3:17:21 | ... = ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:17:8:17:9 | l1 | side effect | test.c:17:8:17:9 | l1 | l1 | test.c:17:13:17:14 | l1 | side effect | test.c:17:13:17:14 | l1 | l1 | +| test.c:19:3:19:5 | call to foo | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:19:7:19:8 | l1 | side effect | test.c:19:7:19:8 | l1 | l1 | test.c:19:11:19:12 | l2 | side effect | test.c:19:11:19:12 | l2 | l2 | +| test.c:25:3:25:5 | call to foo | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:25:7:25:10 | ... ++ | side effect | test.c:25:7:25:8 | l8 | l8 | test.c:25:13:25:16 | ... ++ | side effect | test.c:25:13:25:14 | l9 | l9 | diff --git a/c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.qlref b/c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.qlref new file mode 100644 index 0000000000..0cb8d40dbb --- /dev/null +++ b/c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.qlref @@ -0,0 +1 @@ +rules/RULE-13-2/UnsequencedSideEffects.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-13-2/test.c b/c/misra/test/rules/RULE-13-2/test.c new file mode 100644 index 0000000000..d81559efe6 --- /dev/null +++ b/c/misra/test/rules/RULE-13-2/test.c @@ -0,0 +1,28 @@ +void foo(int, int); + +void unsequenced_sideeffects() { + volatile int l1, l2; + + int l3 = l1 + l1; // NON_COMPLIANT + int l4 = l1 + l2; // NON_COMPLIANT + + // Store value of volatile object in temporary non-volatile object. + int l5 = l1; + // Store value of volatile object in temporary non-volatile object. + int l6 = l2; + int l7 = l5 + l6; // COMPLIANT + + int l8, l9; + l1 = l1 & 0x80; // COMPLIANT + l8 = l1 = l1 & 0x80; // NON_COMPLIANT + + foo(l1, l2); // NON_COMPLIANT + // Store value of volatile object in temporary non-volatile object. + l8 = l1; + // Store value of volatile object in temporary non-volatile object. + l9 = l2; + foo(l8, l9); // COMPLIANT + foo(l8++, l9++); // NON_COMPLIANT + + int l10 = l8++, l11 = l8++; // COMPLIANT +} \ No newline at end of file From 3e94fd741f23f05f746f86a0f7d36f7d3dd27156 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Fri, 24 Mar 2023 16:57:10 -0700 Subject: [PATCH 0918/2573] Correct comments --- c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql | 1 - 1 file changed, 1 deletion(-) diff --git a/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql b/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql index c019b2c37f..b6b4cff2e8 100644 --- a/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql +++ b/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql @@ -27,7 +27,6 @@ class ConstituentExprOrdering extends Ordering::Configuration { override predicate isCandidate(Expr e1, Expr e2) { // Two different expressions part of the same full expression. - // Compute differerence using successor relation to break the symmetry of the candidate relation. isCandidatePair(_, e1, e2) } } From f0ee5b14746a812231c125ddf004c07165a0365b Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Sat, 25 Mar 2023 13:02:20 -0700 Subject: [PATCH 0919/2573] Attemp to optimize query --- .../rules/RULE-13-2/UnsequencedSideEffects.ql | 73 +++++++++++++++---- 1 file changed, 58 insertions(+), 15 deletions(-) diff --git a/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql b/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql index b6b4cff2e8..f6286ef9ba 100644 --- a/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql +++ b/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql @@ -17,42 +17,85 @@ import codingstandards.c.Expr import codingstandards.c.SideEffects import codingstandards.c.Ordering -predicate isCandidatePair(Expr parentExpr, Expr e1, Expr e2) { - parentExpr.getAChild+() = e1 and - parentExpr.getAChild+() = e2 +predicate isOrHasSideEffect(Expr e) { + e instanceof VariableEffect or + any(VariableEffect ve).getAnAccess() = e +} + +predicate originatingInStatement(Expr e, FullExpr fe) { + isOrHasSideEffect(e) and + ( + e.(VariableEffect).getAnAccess() = fe.getAChild+() + or + e.(VariableAccess) = fe.getAChild+() + ) } class ConstituentExprOrdering extends Ordering::Configuration { ConstituentExprOrdering() { this = "ConstituentExprOrdering" } override predicate isCandidate(Expr e1, Expr e2) { - // Two different expressions part of the same full expression. - isCandidatePair(_, e1, e2) + exists(FullExpr fe | + originatingInStatement(e1, fe) and + originatingInStatement(e2, fe) + ) } } +pragma[noinline] +predicate sameFullExpr(FullExpr fe, Expr e1, Expr e2) { + originatingInStatement(e1, fe) and + originatingInStatement(e2, fe) +} + +predicate effect(VariableEffect ve, VariableAccess va, Variable v) { + ve.getAnAccess() = va and + va.getTarget() = v and + ve.getTarget() = v +} + from ConstituentExprOrdering orderingConfig, FullExpr fullExpr, VariableEffect variableEffect1, - VariableEffect variableEffect2 + VariableEffect variableEffect2, VariableAccess va1, VariableAccess va2, Variable v1, Variable v2 where not isExcluded(fullExpr, SideEffects3Package::unsequencedSideEffectsQuery()) and + sameFullExpr(fullExpr, va1, va2) and + effect(variableEffect1, va1, v1) and + effect(variableEffect2, va2, v2) and + variableEffect1 != variableEffect2 and // If the effect is local we can directly check if it is unsequenced. // If the effect is not local (happens in a different function) we use the access as a proxy. - orderingConfig.isUnsequenced(variableEffect1, variableEffect2) and - fullExpr.getAChild+() = variableEffect1 and - fullExpr.getAChild+() = variableEffect2 and + ( + va1.getEnclosingStmt() = variableEffect1.getEnclosingStmt() and + va2.getEnclosingStmt() = variableEffect2.getEnclosingStmt() and + orderingConfig.isUnsequenced(variableEffect1, variableEffect2) + or + va1.getEnclosingStmt() = variableEffect1.getEnclosingStmt() and + not va2.getEnclosingStmt() = variableEffect2.getEnclosingStmt() and + exists(Call call | + call.getAnArgument() = va2 and call.getEnclosingStmt() = va1.getEnclosingStmt() + | + orderingConfig.isUnsequenced(variableEffect1, call) + ) + or + not va1.getEnclosingStmt() = variableEffect1.getEnclosingStmt() and + va2.getEnclosingStmt() = variableEffect2.getEnclosingStmt() and + exists(Call call | + call.getAnArgument() = va1 and call.getEnclosingStmt() = va2.getEnclosingStmt() + | + orderingConfig.isUnsequenced(call, variableEffect2) + ) + ) and // Both are evaluated not exists(ConditionalExpr ce | - ce.getThen().getAChild*() = variableEffect1 and ce.getElse().getAChild*() = variableEffect2 + ce.getThen().getAChild*() = va1 and ce.getElse().getAChild*() = va2 ) and // Break the symmetry of the ordering relation by requiring that the first expression is located before the second. // This builds upon the assumption that the expressions are part of the same full expression as specified in the ordering configuration. exists(int offset1, int offset2 | - variableEffect1.getLocation().charLoc(_, offset1, _) and - variableEffect2.getLocation().charLoc(_, offset2, _) and + va1.getLocation().charLoc(_, offset1, _) and + va2.getLocation().charLoc(_, offset2, _) and offset1 < offset2 ) select fullExpr, "The expression contains unsequenced $@ to $@ and $@ to $@.", variableEffect1, - "side effect", variableEffect1.getAnAccess(), variableEffect1.getTarget().getName(), - variableEffect2, "side effect", variableEffect2.getAnAccess(), - variableEffect2.getTarget().getName() + "side effect", va1, v1.getName(), variableEffect2, "side effect", va2, v2.getName() From 84b1ad8ae026976007e4bb8c58e3e064175e7ad9 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Sat, 25 Mar 2023 13:39:32 -0700 Subject: [PATCH 0920/2573] Add comments to explain steps --- c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql b/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql index f6286ef9ba..8edf4e2262 100644 --- a/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql +++ b/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql @@ -62,9 +62,11 @@ where sameFullExpr(fullExpr, va1, va2) and effect(variableEffect1, va1, v1) and effect(variableEffect2, va2, v2) and + // Exclude the same effect applying to different objects. + // This occurs when on is a subject of the other. + // For example, foo.bar = 1; where both foo and bar are objects modified by the assignment. variableEffect1 != variableEffect2 and - // If the effect is local we can directly check if it is unsequenced. - // If the effect is not local (happens in a different function) we use the access as a proxy. + // If the effect is not local (happens in a different function) we use the call with the access as a proxy. ( va1.getEnclosingStmt() = variableEffect1.getEnclosingStmt() and va2.getEnclosingStmt() = variableEffect2.getEnclosingStmt() and From 962a64055834a622762d1cd4a910194d107312a9 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 27 Mar 2023 14:29:20 -0700 Subject: [PATCH 0921/2573] Provide more useful predicate names --- .../rules/RULE-13-2/UnsequencedSideEffects.ql | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql b/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql index 8edf4e2262..102cac18df 100644 --- a/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql +++ b/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql @@ -22,7 +22,7 @@ predicate isOrHasSideEffect(Expr e) { any(VariableEffect ve).getAnAccess() = e } -predicate originatingInStatement(Expr e, FullExpr fe) { +predicate partOfFullExpr(Expr e, FullExpr fe) { isOrHasSideEffect(e) and ( e.(VariableEffect).getAnAccess() = fe.getAChild+() @@ -36,19 +36,19 @@ class ConstituentExprOrdering extends Ordering::Configuration { override predicate isCandidate(Expr e1, Expr e2) { exists(FullExpr fe | - originatingInStatement(e1, fe) and - originatingInStatement(e2, fe) + partOfFullExpr(e1, fe) and + partOfFullExpr(e2, fe) ) } } pragma[noinline] predicate sameFullExpr(FullExpr fe, Expr e1, Expr e2) { - originatingInStatement(e1, fe) and - originatingInStatement(e2, fe) + partOfFullExpr(e1, fe) and + partOfFullExpr(e2, fe) } -predicate effect(VariableEffect ve, VariableAccess va, Variable v) { +predicate destructureEffect(VariableEffect ve, VariableAccess va, Variable v) { ve.getAnAccess() = va and va.getTarget() = v and ve.getTarget() = v @@ -60,8 +60,8 @@ from where not isExcluded(fullExpr, SideEffects3Package::unsequencedSideEffectsQuery()) and sameFullExpr(fullExpr, va1, va2) and - effect(variableEffect1, va1, v1) and - effect(variableEffect2, va2, v2) and + destructureEffect(variableEffect1, va1, v1) and + destructureEffect(variableEffect2, va2, v2) and // Exclude the same effect applying to different objects. // This occurs when on is a subject of the other. // For example, foo.bar = 1; where both foo and bar are objects modified by the assignment. From 9deadab551a1800e32f357f354e7aa62d778b5da Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 27 Mar 2023 21:41:05 -0700 Subject: [PATCH 0922/2573] Change scope of RULE 13-2 - Only consider unsequenced side effects to the same objects, unless - the two unsequenced side effects target two different volatile objects. - Don't allow unsequenced modification and reading of the same object, unless the reading is part of establishing the value of the modification. --- .../rules/RULE-13-2/UnsequencedSideEffects.ql | 128 +++++++++++------- .../RULE-13-2/UnsequencedSideEffects.expected | 10 +- c/misra/test/rules/RULE-13-2/test.c | 4 +- 3 files changed, 87 insertions(+), 55 deletions(-) diff --git a/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql b/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql index 102cac18df..4a2859c7cf 100644 --- a/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql +++ b/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql @@ -17,13 +17,15 @@ import codingstandards.c.Expr import codingstandards.c.SideEffects import codingstandards.c.Ordering -predicate isOrHasSideEffect(Expr e) { - e instanceof VariableEffect or - any(VariableEffect ve).getAnAccess() = e +class VariableEffectOrAccess extends Expr { + VariableEffectOrAccess() { + this instanceof VariableEffect or + this instanceof VariableAccess + } } -predicate partOfFullExpr(Expr e, FullExpr fe) { - isOrHasSideEffect(e) and +pragma[noinline] +predicate partOfFullExpr(VariableEffectOrAccess e, FullExpr fe) { ( e.(VariableEffect).getAnAccess() = fe.getAChild+() or @@ -42,62 +44,92 @@ class ConstituentExprOrdering extends Ordering::Configuration { } } -pragma[noinline] -predicate sameFullExpr(FullExpr fe, Expr e1, Expr e2) { - partOfFullExpr(e1, fe) and - partOfFullExpr(e2, fe) -} - -predicate destructureEffect(VariableEffect ve, VariableAccess va, Variable v) { - ve.getAnAccess() = va and - va.getTarget() = v and - ve.getTarget() = v +predicate sameFullExpr(FullExpr fe, VariableAccess va1, VariableAccess va2) { + partOfFullExpr(va1, fe) and + partOfFullExpr(va2, fe) and + va1 != va2 and + exists(Variable v1, Variable v2 | + // Use `pragma[only_bind_into]` to prevent CP between variable accesses. + va1.getTarget() = pragma[only_bind_into](v1) and va2.getTarget() = pragma[only_bind_into](v2) + | + v1.isVolatile() and v2.isVolatile() + or + not (v1.isVolatile() and v2.isVolatile()) and + v1 = v2 + ) } from ConstituentExprOrdering orderingConfig, FullExpr fullExpr, VariableEffect variableEffect1, - VariableEffect variableEffect2, VariableAccess va1, VariableAccess va2, Variable v1, Variable v2 + VariableAccess va1, VariableAccess va2, Locatable placeHolder, string label where not isExcluded(fullExpr, SideEffects3Package::unsequencedSideEffectsQuery()) and + // The two access are scoped to the same full expression. sameFullExpr(fullExpr, va1, va2) and - destructureEffect(variableEffect1, va1, v1) and - destructureEffect(variableEffect2, va2, v2) and - // Exclude the same effect applying to different objects. - // This occurs when on is a subject of the other. - // For example, foo.bar = 1; where both foo and bar are objects modified by the assignment. - variableEffect1 != variableEffect2 and - // If the effect is not local (happens in a different function) we use the call with the access as a proxy. + // We are only interested in effects that change an object, + // i.e., exclude patterns suchs as `b->data[b->cursor++]` where `b` is considered modified and read or `foo.bar = 1` where `=` modifies to both `foo` and `bar`. + not variableEffect1.isPartial() and + variableEffect1.getAnAccess() = va1 and ( - va1.getEnclosingStmt() = variableEffect1.getEnclosingStmt() and - va2.getEnclosingStmt() = variableEffect2.getEnclosingStmt() and - orderingConfig.isUnsequenced(variableEffect1, variableEffect2) - or - va1.getEnclosingStmt() = variableEffect1.getEnclosingStmt() and - not va2.getEnclosingStmt() = variableEffect2.getEnclosingStmt() and - exists(Call call | - call.getAnArgument() = va2 and call.getEnclosingStmt() = va1.getEnclosingStmt() - | - orderingConfig.isUnsequenced(variableEffect1, call) + exists(VariableEffect variableEffect2 | + not variableEffect2.isPartial() and + variableEffect2.getAnAccess() = va2 and + // If the effect is not local (happens in a different function) we use the call with the access as a proxy. + ( + va1.getEnclosingStmt() = variableEffect1.getEnclosingStmt() and + va2.getEnclosingStmt() = variableEffect2.getEnclosingStmt() and + orderingConfig.isUnsequenced(variableEffect1, variableEffect2) + or + va1.getEnclosingStmt() = variableEffect1.getEnclosingStmt() and + not va2.getEnclosingStmt() = variableEffect2.getEnclosingStmt() and + exists(Call call | + call.getAnArgument() = va2 and call.getEnclosingStmt() = va1.getEnclosingStmt() + | + orderingConfig.isUnsequenced(variableEffect1, call) + ) + or + not va1.getEnclosingStmt() = variableEffect1.getEnclosingStmt() and + va2.getEnclosingStmt() = variableEffect2.getEnclosingStmt() and + exists(Call call | + call.getAnArgument() = va1 and call.getEnclosingStmt() = va2.getEnclosingStmt() + | + orderingConfig.isUnsequenced(call, variableEffect2) + ) + ) and + // Break the symmetry of the ordering relation by requiring that the first expression is located before the second. + // This builds upon the assumption that the expressions are part of the same full expression as specified in the ordering configuration. + exists(int offset1, int offset2 | + va1.getLocation().charLoc(_, offset1, _) and + va2.getLocation().charLoc(_, offset2, _) and + offset1 < offset2 + ) and + placeHolder = variableEffect2 and + label = "side effect" ) or - not va1.getEnclosingStmt() = variableEffect1.getEnclosingStmt() and - va2.getEnclosingStmt() = variableEffect2.getEnclosingStmt() and - exists(Call call | - call.getAnArgument() = va1 and call.getEnclosingStmt() = va2.getEnclosingStmt() - | - orderingConfig.isUnsequenced(call, variableEffect2) - ) + placeHolder = va2 and + label = "read" and + not exists(VariableEffect variableEffect2 | variableEffect1 != variableEffect2 | + variableEffect2.getAnAccess() = va2 + ) and + ( + va1.getEnclosingStmt() = variableEffect1.getEnclosingStmt() and + orderingConfig.isUnsequenced(variableEffect1, va2) + or + not va1.getEnclosingStmt() = variableEffect1.getEnclosingStmt() and + exists(Call call | + call.getAnArgument() = va1 and call.getEnclosingStmt() = va2.getEnclosingStmt() + | + orderingConfig.isUnsequenced(call, va2) + ) + ) and + // The read is not used to compute the effect on the variable. + // E.g., exclude x = x + 1 + not variableEffect1.getAChild+() = va2 ) and // Both are evaluated not exists(ConditionalExpr ce | ce.getThen().getAChild*() = va1 and ce.getElse().getAChild*() = va2 - ) and - // Break the symmetry of the ordering relation by requiring that the first expression is located before the second. - // This builds upon the assumption that the expressions are part of the same full expression as specified in the ordering configuration. - exists(int offset1, int offset2 | - va1.getLocation().charLoc(_, offset1, _) and - va2.getLocation().charLoc(_, offset2, _) and - offset1 < offset2 ) select fullExpr, "The expression contains unsequenced $@ to $@ and $@ to $@.", variableEffect1, - "side effect", va1, v1.getName(), variableEffect2, "side effect", va2, v2.getName() + "side effect", va1, va1.getTarget(), placeHolder, label, va2, va2.getTarget() diff --git a/c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.expected b/c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.expected index 12ea5b578c..de0c33907e 100644 --- a/c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.expected +++ b/c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.expected @@ -1,5 +1,5 @@ -| test.c:6:12:6:18 | ... + ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:6:12:6:13 | l1 | side effect | test.c:6:12:6:13 | l1 | l1 | test.c:6:17:6:18 | l1 | side effect | test.c:6:17:6:18 | l1 | l1 | -| test.c:7:12:7:18 | ... + ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:7:12:7:13 | l1 | side effect | test.c:7:12:7:13 | l1 | l1 | test.c:7:17:7:18 | l2 | side effect | test.c:7:17:7:18 | l2 | l2 | -| test.c:17:3:17:21 | ... = ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:17:8:17:9 | l1 | side effect | test.c:17:8:17:9 | l1 | l1 | test.c:17:13:17:14 | l1 | side effect | test.c:17:13:17:14 | l1 | l1 | -| test.c:19:3:19:5 | call to foo | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:19:7:19:8 | l1 | side effect | test.c:19:7:19:8 | l1 | l1 | test.c:19:11:19:12 | l2 | side effect | test.c:19:11:19:12 | l2 | l2 | -| test.c:25:3:25:5 | call to foo | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:25:7:25:10 | ... ++ | side effect | test.c:25:7:25:8 | l8 | l8 | test.c:25:13:25:16 | ... ++ | side effect | test.c:25:13:25:14 | l9 | l9 | +| test.c:6:12:6:18 | ... + ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:6:12:6:13 | l1 | side effect | test.c:6:12:6:13 | l1 | test.c:4:16:4:17 | l1 | test.c:6:17:6:18 | l1 | side effect | test.c:6:17:6:18 | l1 | test.c:4:16:4:17 | l1 | +| test.c:7:12:7:18 | ... + ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:7:12:7:13 | l1 | side effect | test.c:7:12:7:13 | l1 | test.c:4:16:4:17 | l1 | test.c:7:17:7:18 | l2 | side effect | test.c:7:17:7:18 | l2 | test.c:4:20:4:21 | l2 | +| test.c:17:3:17:21 | ... = ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:17:8:17:9 | l1 | side effect | test.c:17:8:17:9 | l1 | test.c:4:16:4:17 | l1 | test.c:17:13:17:14 | l1 | side effect | test.c:17:13:17:14 | l1 | test.c:4:16:4:17 | l1 | +| test.c:19:3:19:5 | call to foo | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:19:7:19:8 | l1 | side effect | test.c:19:7:19:8 | l1 | test.c:4:16:4:17 | l1 | test.c:19:11:19:12 | l2 | side effect | test.c:19:11:19:12 | l2 | test.c:4:20:4:21 | l2 | +| test.c:25:3:25:5 | call to foo | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:25:7:25:10 | ... ++ | side effect | test.c:25:7:25:8 | l8 | test.c:15:7:15:8 | l8 | test.c:25:13:25:14 | l8 | read | test.c:25:13:25:14 | l8 | test.c:15:7:15:8 | l8 | diff --git a/c/misra/test/rules/RULE-13-2/test.c b/c/misra/test/rules/RULE-13-2/test.c index d81559efe6..6fbc827c4f 100644 --- a/c/misra/test/rules/RULE-13-2/test.c +++ b/c/misra/test/rules/RULE-13-2/test.c @@ -21,8 +21,8 @@ void unsequenced_sideeffects() { l8 = l1; // Store value of volatile object in temporary non-volatile object. l9 = l2; - foo(l8, l9); // COMPLIANT - foo(l8++, l9++); // NON_COMPLIANT + foo(l8, l9); // COMPLIANT + foo(l8++, l8); // NON_COMPLIANT int l10 = l8++, l11 = l8++; // COMPLIANT } \ No newline at end of file From a3d046febd84cef0f90d094581466c32ae8f6886 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Mon, 27 Mar 2023 21:59:20 -0700 Subject: [PATCH 0923/2573] Remove PRE31-C from side effects 3 --- rule_packages/c/SideEffects3.json | 9 --------- 1 file changed, 9 deletions(-) diff --git a/rule_packages/c/SideEffects3.json b/rule_packages/c/SideEffects3.json index 1924ebf988..2d67df6e2e 100644 --- a/rule_packages/c/SideEffects3.json +++ b/rule_packages/c/SideEffects3.json @@ -1,13 +1,4 @@ { - "CERT-C": { - "PRE31-C": { - "properties": { - "obligation": "rule" - }, - "queries": [], - "title": "Avoid side effects in arguments to unsafe macros" - } - }, "MISRA-C-2012": { "RULE-13-2": { "properties": { From 47eaf7cf816ae9ad7cb85e29fc1e4804b43ecb60 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Tue, 28 Mar 2023 19:52:29 +0200 Subject: [PATCH 0924/2573] ARR36-C: Change kind to path-problem --- .../DoNotRelatePointersThatDoNotReferToTheSameArray.ql | 2 +- .../DoNotSubtractPointersThatDoNotReferToTheSameArray.ql | 2 +- rule_packages/c/Memory2.json | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/c/cert/src/rules/ARR36-C/DoNotRelatePointersThatDoNotReferToTheSameArray.ql b/c/cert/src/rules/ARR36-C/DoNotRelatePointersThatDoNotReferToTheSameArray.ql index 5b346c02dd..b0cd3200f1 100644 --- a/c/cert/src/rules/ARR36-C/DoNotRelatePointersThatDoNotReferToTheSameArray.ql +++ b/c/cert/src/rules/ARR36-C/DoNotRelatePointersThatDoNotReferToTheSameArray.ql @@ -3,7 +3,7 @@ * @name ARR36-C: Do not subtract two pointers that do not refer to the same array * @description Comparison using the >, >=, <, and <= operators between pointers referring to * differing arrays results in undefined behavior. - * @kind problem + * @kind path-problem * @precision high * @problem.severity warning * @tags external/cert/id/arr36-c diff --git a/c/cert/src/rules/ARR36-C/DoNotSubtractPointersThatDoNotReferToTheSameArray.ql b/c/cert/src/rules/ARR36-C/DoNotSubtractPointersThatDoNotReferToTheSameArray.ql index 15e1148b53..d62c3eda5a 100644 --- a/c/cert/src/rules/ARR36-C/DoNotSubtractPointersThatDoNotReferToTheSameArray.ql +++ b/c/cert/src/rules/ARR36-C/DoNotSubtractPointersThatDoNotReferToTheSameArray.ql @@ -3,7 +3,7 @@ * @name ARR36-C: Do not subtract two pointers that do not refer to the same array * @description Subtraction between pointers referring to differing arrays results in undefined * behavior. - * @kind problem + * @kind path-problem * @precision high * @problem.severity warning * @tags external/cert/id/arr36-c diff --git a/rule_packages/c/Memory2.json b/rule_packages/c/Memory2.json index 02d962ac06..ac77720028 100644 --- a/rule_packages/c/Memory2.json +++ b/rule_packages/c/Memory2.json @@ -7,7 +7,7 @@ "queries": [ { "description": "Subtraction between pointers referring to differing arrays results in undefined behavior.", - "kind": "problem", + "kind": "path-problem", "name": "Do not subtract two pointers that do not refer to the same array", "precision": "high", "severity": "warning", @@ -19,7 +19,7 @@ }, { "description": "Comparison using the >, >=, <, and <= operators between pointers referring to differing arrays results in undefined behavior.", - "kind": "problem", + "kind": "path-problem", "name": "Do not subtract two pointers that do not refer to the same array", "precision": "high", "severity": "warning", From e073f4ab4b527158bd9ea81c750eab3ac4781b03 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Tue, 28 Mar 2023 19:54:23 +0200 Subject: [PATCH 0925/2573] MEM34-C and RULE-22-2: Reduce FPs The query implementation is now a path-problem and only outputs results for flow from address-of expressions and global variable accesses that do not have allocation expressions assigned to them. --- .../OnlyFreeMemoryAllocatedDynamicallyCert.ql | 2 +- ...eMemoryAllocatedDynamicallyShared.expected | 30 ++++-- .../test.c | 11 ++- ...OnlyFreeMemoryAllocatedDynamicallyMisra.ql | 2 +- .../FreeMemoryWhenNoLongerNeededShared.qll | 13 +-- ...lyFreeMemoryAllocatedDynamicallyShared.qll | 91 +++++++++++-------- rule_packages/c/Memory2.json | 4 +- 7 files changed, 89 insertions(+), 64 deletions(-) diff --git a/c/cert/src/rules/MEM34-C/OnlyFreeMemoryAllocatedDynamicallyCert.ql b/c/cert/src/rules/MEM34-C/OnlyFreeMemoryAllocatedDynamicallyCert.ql index 3ff7564fc9..a51effec5a 100644 --- a/c/cert/src/rules/MEM34-C/OnlyFreeMemoryAllocatedDynamicallyCert.ql +++ b/c/cert/src/rules/MEM34-C/OnlyFreeMemoryAllocatedDynamicallyCert.ql @@ -3,7 +3,7 @@ * @name MEM34-C: Only free memory allocated dynamically * @description Freeing memory that is not allocated dynamically can lead to heap corruption and * undefined behavior. - * @kind problem + * @kind path-problem * @precision high * @problem.severity error * @tags external/cert/id/mem34-c diff --git a/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.expected b/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.expected index 84b0cb0ba3..5881d5e78f 100644 --- a/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.expected +++ b/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.expected @@ -1,6 +1,24 @@ -| test.c:8:8:8:10 | g_p | Free expression frees non-dynamically allocated memory. | test.c:8:8:8:10 | g_p | | -| test.c:10:8:10:10 | g_p | Free expression frees $@ which was not dynamically allocated. | test.c:9:9:9:12 | & ... | memory | -| test.c:15:33:15:35 | g_p | Free expression frees non-dynamically allocated memory. | test.c:15:33:15:35 | g_p | | -| test.c:17:36:17:38 | ptr | Free expression frees $@ which was not dynamically allocated. | test.c:24:7:24:8 | & ... | memory | -| test.c:23:8:23:8 | p | Free expression frees $@ which was not dynamically allocated. | test.c:22:13:22:14 | & ... | memory | -| test.c:42:10:42:10 | p | Free expression frees non-dynamically allocated memory. | test.c:42:10:42:10 | p | | +problems +| test.c:8:8:8:10 | g_p | test.c:8:8:8:10 | g_p | test.c:8:8:8:10 | g_p | Free expression frees memory which was not dynamically allocated. | +| test.c:10:8:10:10 | g_p | test.c:10:8:10:10 | g_p | test.c:10:8:10:10 | g_p | Free expression frees memory which was not dynamically allocated. | +| test.c:12:8:12:10 | g_p | test.c:12:8:12:10 | g_p | test.c:12:8:12:10 | g_p | Free expression frees memory which was not dynamically allocated. | +| test.c:16:33:16:35 | g_p | test.c:16:33:16:35 | g_p | test.c:16:33:16:35 | g_p | Free expression frees memory which was not dynamically allocated. | +| test.c:18:36:18:38 | ptr | test.c:27:7:27:8 | & ... | test.c:18:36:18:38 | ptr | Free expression frees memory which was not dynamically allocated. | +| test.c:26:8:26:8 | p | test.c:25:13:25:14 | & ... | test.c:26:8:26:8 | p | Free expression frees memory which was not dynamically allocated. | +edges +| test.c:18:24:18:26 | ptr | test.c:18:36:18:38 | ptr | +| test.c:25:13:25:14 | & ... | test.c:26:8:26:8 | p | +| test.c:27:7:27:8 | & ... | test.c:28:15:28:15 | p | +| test.c:28:15:28:15 | p | test.c:18:24:18:26 | ptr | +nodes +| test.c:8:8:8:10 | g_p | semmle.label | g_p | +| test.c:10:8:10:10 | g_p | semmle.label | g_p | +| test.c:12:8:12:10 | g_p | semmle.label | g_p | +| test.c:16:33:16:35 | g_p | semmle.label | g_p | +| test.c:18:24:18:26 | ptr | semmle.label | ptr | +| test.c:18:36:18:38 | ptr | semmle.label | ptr | +| test.c:25:13:25:14 | & ... | semmle.label | & ... | +| test.c:26:8:26:8 | p | semmle.label | p | +| test.c:27:7:27:8 | & ... | semmle.label | & ... | +| test.c:28:15:28:15 | p | semmle.label | p | +subpaths diff --git a/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/test.c b/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/test.c index 20b39454a1..bfb8899f71 100644 --- a/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/test.c +++ b/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/test.c @@ -9,24 +9,29 @@ void test_global(void) { g_p = &g_i; free(g_p); // NON_COMPLIANT g_p = malloc(10); - free(g_p); // COMPLIANT - but could be written to in different scope + free(g_p); // COMPLIANT[FALSE_POSITIVE] - but could be written to in different + // scope } void test_global_b(void) { free(g_p); } // NON_COMPLIANT void free_nested(void *ptr) { free(ptr); } // NON_COMPLIANT - some paths +void get_allocated_memory(void **p) { *p = malloc(10); } + void test_local(void) { int i; int j; void *p = &i; free(p); // NON_COMPLIANT p = &j; - free_nested(p); // NON_COMPLIANT + free_nested(p); // NON_COMPLIANT - reported on line 18 p = malloc(10); free(p); // COMPLIANT p = malloc(10); free_nested(p); // COMPLIANT + get_allocated_memory(&p); + free(p); // COMPLIANT } struct S { @@ -39,7 +44,7 @@ void test_local_field_nested(struct S *s) { free(s->p); } // COMPLIANT void test_local_field(void) { struct S s; s.p = &s.i; - free(s.p); // NON_COMPLIANT + free(s.p); // NON_COMPLIANT[FALSE_NEGATIVE] s.p = malloc(10); free(s.p); // COMPLIANT s.p = malloc(10); diff --git a/c/misra/src/rules/RULE-22-2/OnlyFreeMemoryAllocatedDynamicallyMisra.ql b/c/misra/src/rules/RULE-22-2/OnlyFreeMemoryAllocatedDynamicallyMisra.ql index 9293ebe716..ee14d443d2 100644 --- a/c/misra/src/rules/RULE-22-2/OnlyFreeMemoryAllocatedDynamicallyMisra.ql +++ b/c/misra/src/rules/RULE-22-2/OnlyFreeMemoryAllocatedDynamicallyMisra.ql @@ -3,7 +3,7 @@ * @name RULE-22-2: A block of memory shall only be freed if it was allocated by means of a Standard Library function * @description Freeing memory that is not allocated dynamically can lead to heap corruption and * undefined behavior. - * @kind problem + * @kind path-problem * @precision high * @problem.severity error * @tags external/misra/id/rule-22-2 diff --git a/cpp/common/src/codingstandards/cpp/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.qll b/cpp/common/src/codingstandards/cpp/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.qll index de4fb70610..78ef0e228a 100644 --- a/cpp/common/src/codingstandards/cpp/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.qll @@ -12,20 +12,11 @@ import semmle.code.cpp.pointsto.PointsTo predicate allocated(FunctionCall fc) { allocExpr(fc, _) } -/** Holds if there exists a call to a function that might free the allocation specified by `e`. */ -predicate freed(Expr e) { - freeExpr(_, e, _) or - exists(ExprCall c | - // cautiously assume that any ExprCall could be a call to free. - c.getAnArgument() = e - ) -} - /** An expression for which there exists a function call that might free it. */ class FreedExpr extends PointsToExpr { - FreedExpr() { freed(this) } + FreedExpr() { freeExprOrIndirect(this, _, _) } - override predicate interesting() { freed(this) } + override predicate interesting() { freeExprOrIndirect(this, _, _) } } /** diff --git a/cpp/common/src/codingstandards/cpp/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.qll b/cpp/common/src/codingstandards/cpp/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.qll index 44c8d8147f..9cd3810827 100644 --- a/cpp/common/src/codingstandards/cpp/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.qll @@ -9,6 +9,7 @@ import codingstandards.cpp.Exclusions import codingstandards.cpp.Allocations import semmle.code.cpp.dataflow.DataFlow import semmle.code.cpp.dataflow.DataFlow2 +import DataFlow::PathGraph /** * A pointer to potentially dynamically allocated memory @@ -38,41 +39,54 @@ class FreeExprSink extends DataFlow::Node { } /** - * A data-flow configuration that tracks flow from an `AllocExprSource` to - * the value assigned to a variable. + * An `Expr` that is an `AddressOfExpr` of a `Variable`. + * + * `Field`s of `PointerType` are not included in order to reduce false-positives, + * as the data-flow library sometimes equates pointers to their underlying data. */ -class AllocExprSourceToAssignedValueConfig extends DataFlow2::Configuration { - AllocExprSourceToAssignedValueConfig() { this = "AllocExprSourceToAssignedValueConfig" } - - override predicate isSource(DataFlow::Node source) { source instanceof AllocExprSource } - - override predicate isSink(DataFlow::Node sink) { - sink.asExpr() = any(Variable v).getAnAssignedValue() - } -} - -/** - * An assignment of a value that is not a dynamically allocated pointer to a variable. - */ -class NonDynamicallyAllocatedVariableAssignment extends DataFlow::Node { - NonDynamicallyAllocatedVariableAssignment() { - exists(Variable v | - this.asExpr() = v.getAnAssignedValue() and - not this.asExpr() instanceof NullValue and - not any(AllocExprSourceToAssignedValueConfig cfg).hasFlowTo(this) - ) +class AddressOfExprSourceNode extends Expr { + AddressOfExprSourceNode() { + exists(VariableAccess va | + this.(AddressOfExpr).getOperand() = va and + ( + va.getTarget() instanceof StackVariable or + va.getTarget() instanceof GlobalVariable or + // allow address-of field, but only if that field is not a pointer type, + // as there may be nested allocations assigned to fields of pointer types. + va.(FieldAccess).getTarget().getUnderlyingType() instanceof ArithmeticType + ) + or + this = va and + exists(GlobalVariable gv | + gv = va.getTarget() and + ( + gv.getUnderlyingType() instanceof ArithmeticType or + not exists(gv.getAnAssignedValue()) or + exists(AddressOfExprSourceNode other | + DataFlow::localExprFlow(other, gv.getAnAssignedValue()) + ) + ) + ) + ) and + // exclude alloc(&allocated_ptr) cases + not any(DynamicMemoryAllocationToAddressOfDefiningArgConfig cfg) + .hasFlowTo(DataFlow::definitionByReferenceNodeFromArgument(this)) } } /** * A data-flow configuration that tracks flow from an `AllocExprSource` to a `FreeExprSink`. */ -class DynamicMemoryAllocationToFreeConfig extends DataFlow::Configuration { - DynamicMemoryAllocationToFreeConfig() { this = "DynamicMemoryAllocationToFreeConfig" } +class DynamicMemoryAllocationToAddressOfDefiningArgConfig extends DataFlow2::Configuration { + DynamicMemoryAllocationToAddressOfDefiningArgConfig() { + this = "DynamicMemoryAllocationToAddressOfDefiningArgConfig" + } override predicate isSource(DataFlow::Node source) { source instanceof AllocExprSource } - override predicate isSink(DataFlow::Node sink) { sink instanceof FreeExprSink } + override predicate isSink(DataFlow::Node sink) { + sink.asDefiningArgument() instanceof AddressOfExpr + } } /** @@ -83,14 +97,14 @@ class NonDynamicPointerToFreeConfig extends DataFlow::Configuration { NonDynamicPointerToFreeConfig() { this = "NonDynamicPointerToFreeConfig" } override predicate isSource(DataFlow::Node source) { - source instanceof NonDynamicallyAllocatedVariableAssignment + source.asExpr() instanceof AddressOfExprSourceNode } override predicate isSink(DataFlow::Node sink) { sink instanceof FreeExprSink } override predicate isBarrierOut(DataFlow::Node node) { // the default interprocedural data-flow model flows through any field or array assignment - // expressionsto the qualifier (array base, pointer dereferenced, or qualifier) instead of the + // expressions to the qualifier (array base, pointer dereferenced, or qualifier) instead of the // individual element or field that the assignment modifies. this default behaviour causes // false positives for future frees of the object base, so we remove the edges // between those assignments from the graph with `isBarrierOut`. @@ -103,6 +117,11 @@ class NonDynamicPointerToFreeConfig extends DataFlow::Configuration { ) ) } + + override predicate isBarrierIn(DataFlow::Node node) { + // only the last source expression is relevant + isSource(node) + } } abstract class OnlyFreeMemoryAllocatedDynamicallySharedSharedQuery extends Query { } @@ -110,18 +129,10 @@ abstract class OnlyFreeMemoryAllocatedDynamicallySharedSharedQuery extends Query Query getQuery() { result instanceof OnlyFreeMemoryAllocatedDynamicallySharedSharedQuery } query predicate problems( - FreeExprSink free, string message, DataFlow::Node source, string sourceDescription + DataFlow::PathNode element, DataFlow::PathNode source, DataFlow::PathNode sink, string message ) { - not isExcluded(free.asExpr(), getQuery()) and - ( - not any(DynamicMemoryAllocationToFreeConfig cfg).hasFlowTo(free) and - not any(NonDynamicPointerToFreeConfig cfg).hasFlowTo(free) and - message = "Free expression frees non-dynamically allocated memory." and - source = free and - sourceDescription = "" - or - any(NonDynamicPointerToFreeConfig cfg).hasFlow(source, free) and - message = "Free expression frees $@ which was not dynamically allocated." and - sourceDescription = "memory" - ) + not isExcluded(element.getNode().asExpr(), getQuery()) and + element = sink and + any(NonDynamicPointerToFreeConfig cfg).hasFlowPath(source, sink) and + message = "Free expression frees memory which was not dynamically allocated." } diff --git a/rule_packages/c/Memory2.json b/rule_packages/c/Memory2.json index ac77720028..677711938a 100644 --- a/rule_packages/c/Memory2.json +++ b/rule_packages/c/Memory2.json @@ -113,7 +113,7 @@ "queries": [ { "description": "Freeing memory that is not allocated dynamically can lead to heap corruption and undefined behavior.", - "kind": "problem", + "kind": "path-problem", "name": "Only free memory allocated dynamically", "precision": "high", "severity": "error", @@ -196,7 +196,7 @@ "queries": [ { "description": "Freeing memory that is not allocated dynamically can lead to heap corruption and undefined behavior.", - "kind": "problem", + "kind": "path-problem", "name": "A block of memory shall only be freed if it was allocated by means of a Standard Library function", "precision": "high", "severity": "error", From dc22813d2738fb3b2201b95bfd073f7e942d2d86 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Tue, 28 Mar 2023 20:18:08 +0200 Subject: [PATCH 0926/2573] Update FreeMemoryWhenNoLongerNeededShared.qll --- .../FreeMemoryWhenNoLongerNeededShared.qll | 21 ++++--------------- 1 file changed, 4 insertions(+), 17 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.qll b/cpp/common/src/codingstandards/cpp/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.qll index 78ef0e228a..035c0a1f4a 100644 --- a/cpp/common/src/codingstandards/cpp/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.qll @@ -14,9 +14,9 @@ predicate allocated(FunctionCall fc) { allocExpr(fc, _) } /** An expression for which there exists a function call that might free it. */ class FreedExpr extends PointsToExpr { - FreedExpr() { freeExprOrIndirect(this, _, _) } + FreedExpr() { freeExprOrIndirect(_, this, _) } - override predicate interesting() { freeExprOrIndirect(this, _, _) } + override predicate interesting() { freeExprOrIndirect(_, this, _) } } /** @@ -59,19 +59,6 @@ predicate allocCallOrIndirect(Expr e) { ) } -predicate freeCallOrIndirect(FunctionCall fc, Variable v) { - // direct free call - v.getAnAccess() = fc.(DeallocationExpr).getFreedExpr() - or - // indirect free call - exists(FunctionCall midcall, Function mid, int arg | - fc.getArgument(arg) = v.getAnAccess() and - mayCallFunction(fc, mid) and - midcall.getEnclosingFunction() = mid and - freeCallOrIndirect(midcall, mid.getParameter(arg)) - ) -} - predicate allocDefinition(StackVariable v, ControlFlowNode def) { exists(Expr expr | exprDefinition(v, def, expr) and allocCallOrIndirect(expr)) } @@ -86,7 +73,7 @@ class MallocVariableReachability extends StackVariableReachabilityWithReassignme override predicate isSinkActual(ControlFlowNode node, StackVariable v) { // node may be used in allocReaches exists(node.(AnalysedExpr).getNullSuccessor(v)) or - freeCallOrIndirect(node, v) or + freeExprOrIndirect(node, v.getAnAccess(), _) or assignedToFieldOrGlobal(v, node) or // node may be used directly in query v.getFunction() = node.(ReturnStmt).getEnclosingFunction() @@ -133,7 +120,7 @@ class MallocReachability extends StackVariableReachabilityExt { // assigned to a global at node, or NULL checked on the edge node -> next. exists(StackVariable v0 | mallocVariableReaches(v0, source, node) | node.(AnalysedExpr).getNullSuccessor(v0) = next or - freeCallOrIndirect(node, v0) or + freeExprOrIndirect(node, v0.getAnAccess(), _) or assignedToFieldOrGlobal(v0, node) ) } From 207d908a852d17c60f1de9ebc55c092f269b4e44 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Tue, 28 Mar 2023 11:40:10 -0700 Subject: [PATCH 0927/2573] Tidy up overall --- ...ftedbyNegativeOrGreaterPrecisionOperand.ql | 40 +- ...tingAPointerToIntegerOrIntegerToPointer.ql | 4 - ...NegativeOrGreaterPrecisionOperand.expected | 402 +++++++----------- .../StringLiteralAssignedToNonConstChar.ql | 9 +- ...ringLiteralAssignedToNonConstChar.expected | 16 +- 5 files changed, 173 insertions(+), 298 deletions(-) diff --git a/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql b/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql index 1f73583cfb..c53e480aac 100644 --- a/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql +++ b/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql @@ -44,42 +44,12 @@ class BitShiftExpr extends BinaryBitwiseOperation { this instanceof LShiftExpr or this instanceof RShiftExpr } - - override string toString() { - if this instanceof LShiftExpr then result = "left-shift" else result = "right-shift" - } } -int getPrecision(BuiltInType type) { - type.(CharType).isExplicitlyUnsigned() and result = type.(CharType).getSize() * 8 - or - type.(ShortType).isExplicitlyUnsigned() and result = type.(ShortType).getSize() * 8 - or - type.(IntType).isExplicitlyUnsigned() and result = type.(IntType).getSize() * 8 - or - type.(LongType).isExplicitlyUnsigned() and result = type.(LongType).getSize() * 8 - or - type.(LongLongType).isExplicitlyUnsigned() and result = type.(LongLongType).getSize() * 8 - or - type instanceof CharType and - not type.(CharType).isExplicitlyUnsigned() and - result = type.(CharType).getSize() * 8 - 1 - or - type instanceof ShortType and - not type.(ShortType).isExplicitlyUnsigned() and - result = type.(ShortType).getSize() * 8 - 1 - or - type instanceof IntType and - not type.(IntType).isExplicitlyUnsigned() and - result = type.(IntType).getSize() * 8 - 1 - or - type instanceof LongType and - not type.(LongType).isExplicitlyUnsigned() and - result = type.(LongType).getSize() * 8 - 1 +int getPrecision(IntegralType type) { + type.isExplicitlyUnsigned() and result = type.getSize() * 8 or - type instanceof LongLongType and - not type.(LongLongType).isExplicitlyUnsigned() and - result = type.(LongLongType).getSize() * 8 - 1 + type.isExplicitlySigned() and result = type.getSize() * 8 - 1 } predicate isForbiddenShiftExpr(BitShiftExpr shift, string message) { @@ -88,12 +58,12 @@ predicate isForbiddenShiftExpr(BitShiftExpr shift, string message) { getPrecision(shift.getLeftOperand().getUnderlyingType()) <= upperBound(shift.getRightOperand()) and message = - "The operand " + shift.getLeftOperand() + " is " + shift + "ed by an expression " + + "The operand " + shift.getLeftOperand() + " is shifted by an expression " + shift.getRightOperand() + " which is greater than or equal to in precision." or lowerBound(shift.getRightOperand()) < 0 and message = - "The operand " + shift.getLeftOperand() + " is " + shift + "ed by a negative expression " + + "The operand " + shift.getLeftOperand() + " is shifted by a negative expression " + shift.getRightOperand() + "." ) and /* diff --git a/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql b/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql index 5d8d13b0ed..3052f0aadd 100644 --- a/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql +++ b/c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql @@ -30,10 +30,6 @@ class StdIntIntPtrType extends Type { this.getName().regexpMatch("u?intptr_t") ) } - - override string toString() { - if this.getName() = "uintptr_t" then result = "uintptr_t" else result = "intptr_t" - } } /** diff --git a/c/cert/test/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.expected b/c/cert/test/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.expected index 5ac7e8a05a..4d82ab7839 100644 --- a/c/cert/test/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.expected +++ b/c/cert/test/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.expected @@ -1,243 +1,159 @@ -| test.c:43:3:43:14 | left-shift | The operand lhs0 is left-shifted by an expression rhs0 which is greater than or equal to in precision. | -| test.c:47:3:47:14 | left-shift | The operand lhs0 is left-shifted by an expression rhs3 which is greater than or equal to in precision. | -| test.c:49:3:49:14 | left-shift | The operand lhs0 is left-shifted by an expression rhs4 which is greater than or equal to in precision. | -| test.c:51:3:51:14 | left-shift | The operand lhs0 is left-shifted by an expression rhs5 which is greater than or equal to in precision. | -| test.c:53:3:53:14 | left-shift | The operand lhs0 is left-shifted by an expression rhs6 which is greater than or equal to in precision. | -| test.c:55:3:55:14 | left-shift | The operand lhs0 is left-shifted by an expression rhs7 which is greater than or equal to in precision. | -| test.c:57:3:57:14 | left-shift | The operand lhs0 is left-shifted by an expression rhs8 which is greater than or equal to in precision. | -| test.c:59:3:59:14 | left-shift | The operand lhs0 is left-shifted by an expression rhs9 which is greater than or equal to in precision. | -| test.c:61:3:61:15 | left-shift | The operand lhs0 is left-shifted by an expression rhs10 which is greater than or equal to in precision. | -| test.c:63:3:63:15 | left-shift | The operand lhs0 is left-shifted by an expression rhs11 which is greater than or equal to in precision. | -| test.c:65:3:65:15 | left-shift | The operand lhs0 is left-shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:67:3:67:15 | left-shift | The operand lhs0 is left-shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:69:3:69:15 | left-shift | The operand lhs0 is left-shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:71:3:71:14 | left-shift | The operand lhs1 is left-shifted by an expression rhs0 which is greater than or equal to in precision. | -| test.c:73:3:73:14 | left-shift | The operand lhs1 is left-shifted by an expression rhs1 which is greater than or equal to in precision. | -| test.c:75:3:75:14 | left-shift | The operand lhs1 is left-shifted by an expression rhs2 which is greater than or equal to in precision. | -| test.c:77:3:77:14 | left-shift | The operand lhs1 is left-shifted by an expression rhs3 which is greater than or equal to in precision. | -| test.c:79:3:79:14 | left-shift | The operand lhs1 is left-shifted by an expression rhs4 which is greater than or equal to in precision. | -| test.c:81:3:81:14 | left-shift | The operand lhs1 is left-shifted by an expression rhs5 which is greater than or equal to in precision. | -| test.c:83:3:83:14 | left-shift | The operand lhs1 is left-shifted by an expression rhs6 which is greater than or equal to in precision. | -| test.c:85:3:85:14 | left-shift | The operand lhs1 is left-shifted by an expression rhs7 which is greater than or equal to in precision. | -| test.c:87:3:87:14 | left-shift | The operand lhs1 is left-shifted by an expression rhs8 which is greater than or equal to in precision. | -| test.c:89:3:89:14 | left-shift | The operand lhs1 is left-shifted by an expression rhs9 which is greater than or equal to in precision. | -| test.c:91:3:91:15 | left-shift | The operand lhs1 is left-shifted by an expression rhs10 which is greater than or equal to in precision. | -| test.c:93:3:93:15 | left-shift | The operand lhs1 is left-shifted by an expression rhs11 which is greater than or equal to in precision. | -| test.c:95:3:95:15 | left-shift | The operand lhs1 is left-shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:97:3:97:15 | left-shift | The operand lhs1 is left-shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:99:3:99:15 | left-shift | The operand lhs1 is left-shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:101:3:101:14 | left-shift | The operand lhs2 is left-shifted by an expression rhs0 which is greater than or equal to in precision. | -| test.c:103:3:103:14 | left-shift | The operand lhs2 is left-shifted by an expression rhs1 which is greater than or equal to in precision. | -| test.c:105:3:105:14 | left-shift | The operand lhs2 is left-shifted by an expression rhs2 which is greater than or equal to in precision. | -| test.c:107:3:107:14 | left-shift | The operand lhs2 is left-shifted by an expression rhs3 which is greater than or equal to in precision. | -| test.c:109:3:109:14 | left-shift | The operand lhs2 is left-shifted by an expression rhs4 which is greater than or equal to in precision. | -| test.c:111:3:111:14 | left-shift | The operand lhs2 is left-shifted by an expression rhs5 which is greater than or equal to in precision. | -| test.c:113:3:113:14 | left-shift | The operand lhs2 is left-shifted by an expression rhs6 which is greater than or equal to in precision. | -| test.c:115:3:115:14 | left-shift | The operand lhs2 is left-shifted by an expression rhs7 which is greater than or equal to in precision. | -| test.c:117:3:117:14 | left-shift | The operand lhs2 is left-shifted by an expression rhs8 which is greater than or equal to in precision. | -| test.c:119:3:119:14 | left-shift | The operand lhs2 is left-shifted by an expression rhs9 which is greater than or equal to in precision. | -| test.c:121:3:121:15 | left-shift | The operand lhs2 is left-shifted by an expression rhs10 which is greater than or equal to in precision. | -| test.c:123:3:123:15 | left-shift | The operand lhs2 is left-shifted by an expression rhs11 which is greater than or equal to in precision. | -| test.c:125:3:125:15 | left-shift | The operand lhs2 is left-shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:127:3:127:15 | left-shift | The operand lhs2 is left-shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:129:3:129:15 | left-shift | The operand lhs2 is left-shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:134:3:134:14 | left-shift | The operand lhs3 is left-shifted by an expression rhs3 which is greater than or equal to in precision. | -| test.c:138:3:138:14 | left-shift | The operand lhs3 is left-shifted by an expression rhs6 which is greater than or equal to in precision. | -| test.c:140:3:140:14 | left-shift | The operand lhs3 is left-shifted by an expression rhs7 which is greater than or equal to in precision. | -| test.c:142:3:142:14 | left-shift | The operand lhs3 is left-shifted by an expression rhs8 which is greater than or equal to in precision. | -| test.c:144:3:144:14 | left-shift | The operand lhs3 is left-shifted by an expression rhs9 which is greater than or equal to in precision. | -| test.c:146:3:146:15 | left-shift | The operand lhs3 is left-shifted by an expression rhs10 which is greater than or equal to in precision. | -| test.c:148:3:148:15 | left-shift | The operand lhs3 is left-shifted by an expression rhs11 which is greater than or equal to in precision. | -| test.c:150:3:150:15 | left-shift | The operand lhs3 is left-shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:152:3:152:15 | left-shift | The operand lhs3 is left-shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:154:3:154:15 | left-shift | The operand lhs3 is left-shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:159:3:159:14 | left-shift | The operand lhs4 is left-shifted by an expression rhs3 which is greater than or equal to in precision. | -| test.c:161:3:161:14 | left-shift | The operand lhs4 is left-shifted by an expression rhs4 which is greater than or equal to in precision. | -| test.c:163:3:163:14 | left-shift | The operand lhs4 is left-shifted by an expression rhs5 which is greater than or equal to in precision. | -| test.c:165:3:165:14 | left-shift | The operand lhs4 is left-shifted by an expression rhs6 which is greater than or equal to in precision. | -| test.c:167:3:167:14 | left-shift | The operand lhs4 is left-shifted by an expression rhs7 which is greater than or equal to in precision. | -| test.c:169:3:169:14 | left-shift | The operand lhs4 is left-shifted by an expression rhs8 which is greater than or equal to in precision. | -| test.c:171:3:171:14 | left-shift | The operand lhs4 is left-shifted by an expression rhs9 which is greater than or equal to in precision. | -| test.c:173:3:173:15 | left-shift | The operand lhs4 is left-shifted by an expression rhs10 which is greater than or equal to in precision. | -| test.c:175:3:175:15 | left-shift | The operand lhs4 is left-shifted by an expression rhs11 which is greater than or equal to in precision. | -| test.c:177:3:177:15 | left-shift | The operand lhs4 is left-shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:179:3:179:15 | left-shift | The operand lhs4 is left-shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:181:3:181:15 | left-shift | The operand lhs4 is left-shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:186:3:186:14 | left-shift | The operand lhs5 is left-shifted by an expression rhs3 which is greater than or equal to in precision. | -| test.c:188:3:188:14 | left-shift | The operand lhs5 is left-shifted by an expression rhs4 which is greater than or equal to in precision. | -| test.c:190:3:190:14 | left-shift | The operand lhs5 is left-shifted by an expression rhs5 which is greater than or equal to in precision. | -| test.c:192:3:192:14 | left-shift | The operand lhs5 is left-shifted by an expression rhs6 which is greater than or equal to in precision. | -| test.c:194:3:194:14 | left-shift | The operand lhs5 is left-shifted by an expression rhs7 which is greater than or equal to in precision. | -| test.c:196:3:196:14 | left-shift | The operand lhs5 is left-shifted by an expression rhs8 which is greater than or equal to in precision. | -| test.c:198:3:198:14 | left-shift | The operand lhs5 is left-shifted by an expression rhs9 which is greater than or equal to in precision. | -| test.c:200:3:200:15 | left-shift | The operand lhs5 is left-shifted by an expression rhs10 which is greater than or equal to in precision. | -| test.c:202:3:202:15 | left-shift | The operand lhs5 is left-shifted by an expression rhs11 which is greater than or equal to in precision. | -| test.c:204:3:204:15 | left-shift | The operand lhs5 is left-shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:206:3:206:15 | left-shift | The operand lhs5 is left-shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:208:3:208:15 | left-shift | The operand lhs5 is left-shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:216:3:216:14 | left-shift | The operand lhs6 is left-shifted by an expression rhs6 which is greater than or equal to in precision. | -| test.c:220:3:220:14 | left-shift | The operand lhs6 is left-shifted by an expression rhs9 which is greater than or equal to in precision. | -| test.c:224:3:224:15 | left-shift | The operand lhs6 is left-shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:226:3:226:15 | left-shift | The operand lhs6 is left-shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:228:3:228:15 | left-shift | The operand lhs6 is left-shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:236:3:236:14 | left-shift | The operand lhs7 is left-shifted by an expression rhs6 which is greater than or equal to in precision. | -| test.c:238:3:238:14 | left-shift | The operand lhs7 is left-shifted by an expression rhs7 which is greater than or equal to in precision. | -| test.c:240:3:240:14 | left-shift | The operand lhs7 is left-shifted by an expression rhs8 which is greater than or equal to in precision. | -| test.c:242:3:242:14 | left-shift | The operand lhs7 is left-shifted by an expression rhs9 which is greater than or equal to in precision. | -| test.c:244:3:244:15 | left-shift | The operand lhs7 is left-shifted by an expression rhs10 which is greater than or equal to in precision. | -| test.c:246:3:246:15 | left-shift | The operand lhs7 is left-shifted by an expression rhs11 which is greater than or equal to in precision. | -| test.c:248:3:248:15 | left-shift | The operand lhs7 is left-shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:250:3:250:15 | left-shift | The operand lhs7 is left-shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:252:3:252:15 | left-shift | The operand lhs7 is left-shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:260:3:260:14 | left-shift | The operand lhs8 is left-shifted by an expression rhs6 which is greater than or equal to in precision. | -| test.c:262:3:262:14 | left-shift | The operand lhs8 is left-shifted by an expression rhs7 which is greater than or equal to in precision. | -| test.c:264:3:264:14 | left-shift | The operand lhs8 is left-shifted by an expression rhs8 which is greater than or equal to in precision. | -| test.c:266:3:266:14 | left-shift | The operand lhs8 is left-shifted by an expression rhs9 which is greater than or equal to in precision. | -| test.c:268:3:268:15 | left-shift | The operand lhs8 is left-shifted by an expression rhs10 which is greater than or equal to in precision. | -| test.c:270:3:270:15 | left-shift | The operand lhs8 is left-shifted by an expression rhs11 which is greater than or equal to in precision. | -| test.c:272:3:272:15 | left-shift | The operand lhs8 is left-shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:274:3:274:15 | left-shift | The operand lhs8 is left-shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:276:3:276:15 | left-shift | The operand lhs8 is left-shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:292:3:292:15 | left-shift | The operand lhs9 is left-shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:316:3:316:16 | left-shift | The operand lhs10 is left-shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:318:3:318:16 | left-shift | The operand lhs10 is left-shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:320:3:320:16 | left-shift | The operand lhs10 is left-shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:340:3:340:16 | left-shift | The operand lhs11 is left-shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:342:3:342:16 | left-shift | The operand lhs11 is left-shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:344:3:344:16 | left-shift | The operand lhs11 is left-shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:358:3:358:16 | left-shift | The operand lhs12 is left-shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:374:3:374:16 | left-shift | The operand lhs13 is left-shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:376:3:376:16 | left-shift | The operand lhs13 is left-shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:378:3:378:16 | left-shift | The operand lhs13 is left-shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:392:3:392:16 | left-shift | The operand lhs14 is left-shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:394:3:394:16 | left-shift | The operand lhs14 is left-shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:396:3:396:16 | left-shift | The operand lhs14 is left-shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:1579:3:1580:10 | right-shift | The operand lhs0 is right-shifted by an expression rhs0 which is greater than or equal to in precision. | -| test.c:1583:3:1584:10 | right-shift | The operand lhs0 is right-shifted by an expression rhs3 which is greater than or equal to in precision. | -| test.c:1585:3:1586:10 | right-shift | The operand lhs0 is right-shifted by an expression rhs4 which is greater than or equal to in precision. | -| test.c:1587:3:1588:10 | right-shift | The operand lhs0 is right-shifted by an expression rhs5 which is greater than or equal to in precision. | -| test.c:1589:3:1590:10 | right-shift | The operand lhs0 is right-shifted by an expression rhs6 which is greater than or equal to in precision. | -| test.c:1591:3:1592:10 | right-shift | The operand lhs0 is right-shifted by an expression rhs7 which is greater than or equal to in precision. | -| test.c:1593:3:1594:10 | right-shift | The operand lhs0 is right-shifted by an expression rhs8 which is greater than or equal to in precision. | -| test.c:1595:3:1596:10 | right-shift | The operand lhs0 is right-shifted by an expression rhs9 which is greater than or equal to in precision. | -| test.c:1597:3:1597:15 | right-shift | The operand lhs0 is right-shifted by an expression rhs10 which is greater than or equal to in precision. | -| test.c:1599:3:1599:15 | right-shift | The operand lhs0 is right-shifted by an expression rhs11 which is greater than or equal to in precision. | -| test.c:1601:3:1601:15 | right-shift | The operand lhs0 is right-shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:1603:3:1603:15 | right-shift | The operand lhs0 is right-shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:1605:3:1605:15 | right-shift | The operand lhs0 is right-shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:1607:3:1608:10 | right-shift | The operand lhs1 is right-shifted by an expression rhs0 which is greater than or equal to in precision. | -| test.c:1609:3:1610:10 | right-shift | The operand lhs1 is right-shifted by an expression rhs1 which is greater than or equal to in precision. | -| test.c:1611:3:1612:10 | right-shift | The operand lhs1 is right-shifted by an expression rhs2 which is greater than or equal to in precision. | -| test.c:1613:3:1614:10 | right-shift | The operand lhs1 is right-shifted by an expression rhs3 which is greater than or equal to in precision. | -| test.c:1615:3:1616:10 | right-shift | The operand lhs1 is right-shifted by an expression rhs4 which is greater than or equal to in precision. | -| test.c:1617:3:1618:10 | right-shift | The operand lhs1 is right-shifted by an expression rhs5 which is greater than or equal to in precision. | -| test.c:1619:3:1620:10 | right-shift | The operand lhs1 is right-shifted by an expression rhs6 which is greater than or equal to in precision. | -| test.c:1621:3:1622:10 | right-shift | The operand lhs1 is right-shifted by an expression rhs7 which is greater than or equal to in precision. | -| test.c:1623:3:1624:10 | right-shift | The operand lhs1 is right-shifted by an expression rhs8 which is greater than or equal to in precision. | -| test.c:1625:3:1626:10 | right-shift | The operand lhs1 is right-shifted by an expression rhs9 which is greater than or equal to in precision. | -| test.c:1627:3:1627:15 | right-shift | The operand lhs1 is right-shifted by an expression rhs10 which is greater than or equal to in precision. | -| test.c:1629:3:1629:15 | right-shift | The operand lhs1 is right-shifted by an expression rhs11 which is greater than or equal to in precision. | -| test.c:1631:3:1631:15 | right-shift | The operand lhs1 is right-shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:1633:3:1633:15 | right-shift | The operand lhs1 is right-shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:1635:3:1635:15 | right-shift | The operand lhs1 is right-shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:1637:3:1638:10 | right-shift | The operand lhs2 is right-shifted by an expression rhs0 which is greater than or equal to in precision. | -| test.c:1639:3:1640:10 | right-shift | The operand lhs2 is right-shifted by an expression rhs1 which is greater than or equal to in precision. | -| test.c:1641:3:1642:10 | right-shift | The operand lhs2 is right-shifted by an expression rhs2 which is greater than or equal to in precision. | -| test.c:1643:3:1644:10 | right-shift | The operand lhs2 is right-shifted by an expression rhs3 which is greater than or equal to in precision. | -| test.c:1645:3:1646:10 | right-shift | The operand lhs2 is right-shifted by an expression rhs4 which is greater than or equal to in precision. | -| test.c:1647:3:1648:10 | right-shift | The operand lhs2 is right-shifted by an expression rhs5 which is greater than or equal to in precision. | -| test.c:1649:3:1650:10 | right-shift | The operand lhs2 is right-shifted by an expression rhs6 which is greater than or equal to in precision. | -| test.c:1651:3:1652:10 | right-shift | The operand lhs2 is right-shifted by an expression rhs7 which is greater than or equal to in precision. | -| test.c:1653:3:1654:10 | right-shift | The operand lhs2 is right-shifted by an expression rhs8 which is greater than or equal to in precision. | -| test.c:1655:3:1656:10 | right-shift | The operand lhs2 is right-shifted by an expression rhs9 which is greater than or equal to in precision. | -| test.c:1657:3:1657:15 | right-shift | The operand lhs2 is right-shifted by an expression rhs10 which is greater than or equal to in precision. | -| test.c:1659:3:1659:15 | right-shift | The operand lhs2 is right-shifted by an expression rhs11 which is greater than or equal to in precision. | -| test.c:1661:3:1661:15 | right-shift | The operand lhs2 is right-shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:1663:3:1663:15 | right-shift | The operand lhs2 is right-shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:1665:3:1665:15 | right-shift | The operand lhs2 is right-shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:1670:3:1671:10 | right-shift | The operand lhs3 is right-shifted by an expression rhs3 which is greater than or equal to in precision. | -| test.c:1674:3:1675:10 | right-shift | The operand lhs3 is right-shifted by an expression rhs6 which is greater than or equal to in precision. | -| test.c:1676:3:1677:10 | right-shift | The operand lhs3 is right-shifted by an expression rhs7 which is greater than or equal to in precision. | -| test.c:1678:3:1679:10 | right-shift | The operand lhs3 is right-shifted by an expression rhs8 which is greater than or equal to in precision. | -| test.c:1680:3:1681:10 | right-shift | The operand lhs3 is right-shifted by an expression rhs9 which is greater than or equal to in precision. | -| test.c:1682:3:1682:15 | right-shift | The operand lhs3 is right-shifted by an expression rhs10 which is greater than or equal to in precision. | -| test.c:1684:3:1684:15 | right-shift | The operand lhs3 is right-shifted by an expression rhs11 which is greater than or equal to in precision. | -| test.c:1686:3:1686:15 | right-shift | The operand lhs3 is right-shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:1688:3:1688:15 | right-shift | The operand lhs3 is right-shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:1690:3:1690:15 | right-shift | The operand lhs3 is right-shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:1695:3:1696:10 | right-shift | The operand lhs4 is right-shifted by an expression rhs3 which is greater than or equal to in precision. | -| test.c:1697:3:1698:10 | right-shift | The operand lhs4 is right-shifted by an expression rhs4 which is greater than or equal to in precision. | -| test.c:1699:3:1700:10 | right-shift | The operand lhs4 is right-shifted by an expression rhs5 which is greater than or equal to in precision. | -| test.c:1701:3:1702:10 | right-shift | The operand lhs4 is right-shifted by an expression rhs6 which is greater than or equal to in precision. | -| test.c:1703:3:1704:10 | right-shift | The operand lhs4 is right-shifted by an expression rhs7 which is greater than or equal to in precision. | -| test.c:1705:3:1706:10 | right-shift | The operand lhs4 is right-shifted by an expression rhs8 which is greater than or equal to in precision. | -| test.c:1707:3:1708:10 | right-shift | The operand lhs4 is right-shifted by an expression rhs9 which is greater than or equal to in precision. | -| test.c:1709:3:1709:15 | right-shift | The operand lhs4 is right-shifted by an expression rhs10 which is greater than or equal to in precision. | -| test.c:1711:3:1711:15 | right-shift | The operand lhs4 is right-shifted by an expression rhs11 which is greater than or equal to in precision. | -| test.c:1713:3:1713:15 | right-shift | The operand lhs4 is right-shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:1715:3:1715:15 | right-shift | The operand lhs4 is right-shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:1717:3:1717:15 | right-shift | The operand lhs4 is right-shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:1722:3:1723:10 | right-shift | The operand lhs5 is right-shifted by an expression rhs3 which is greater than or equal to in precision. | -| test.c:1724:3:1725:10 | right-shift | The operand lhs5 is right-shifted by an expression rhs4 which is greater than or equal to in precision. | -| test.c:1726:3:1727:10 | right-shift | The operand lhs5 is right-shifted by an expression rhs5 which is greater than or equal to in precision. | -| test.c:1728:3:1729:10 | right-shift | The operand lhs5 is right-shifted by an expression rhs6 which is greater than or equal to in precision. | -| test.c:1730:3:1731:10 | right-shift | The operand lhs5 is right-shifted by an expression rhs7 which is greater than or equal to in precision. | -| test.c:1732:3:1733:10 | right-shift | The operand lhs5 is right-shifted by an expression rhs8 which is greater than or equal to in precision. | -| test.c:1734:3:1735:10 | right-shift | The operand lhs5 is right-shifted by an expression rhs9 which is greater than or equal to in precision. | -| test.c:1736:3:1736:15 | right-shift | The operand lhs5 is right-shifted by an expression rhs10 which is greater than or equal to in precision. | -| test.c:1738:3:1738:15 | right-shift | The operand lhs5 is right-shifted by an expression rhs11 which is greater than or equal to in precision. | -| test.c:1740:3:1740:15 | right-shift | The operand lhs5 is right-shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:1742:3:1742:15 | right-shift | The operand lhs5 is right-shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:1744:3:1744:15 | right-shift | The operand lhs5 is right-shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:1752:3:1753:10 | right-shift | The operand lhs6 is right-shifted by an expression rhs6 which is greater than or equal to in precision. | -| test.c:1756:3:1757:10 | right-shift | The operand lhs6 is right-shifted by an expression rhs9 which is greater than or equal to in precision. | -| test.c:1760:3:1760:15 | right-shift | The operand lhs6 is right-shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:1762:3:1762:15 | right-shift | The operand lhs6 is right-shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:1764:3:1764:15 | right-shift | The operand lhs6 is right-shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:1772:3:1773:10 | right-shift | The operand lhs7 is right-shifted by an expression rhs6 which is greater than or equal to in precision. | -| test.c:1774:3:1775:10 | right-shift | The operand lhs7 is right-shifted by an expression rhs7 which is greater than or equal to in precision. | -| test.c:1776:3:1777:10 | right-shift | The operand lhs7 is right-shifted by an expression rhs8 which is greater than or equal to in precision. | -| test.c:1778:3:1779:10 | right-shift | The operand lhs7 is right-shifted by an expression rhs9 which is greater than or equal to in precision. | -| test.c:1780:3:1780:15 | right-shift | The operand lhs7 is right-shifted by an expression rhs10 which is greater than or equal to in precision. | -| test.c:1782:3:1782:15 | right-shift | The operand lhs7 is right-shifted by an expression rhs11 which is greater than or equal to in precision. | -| test.c:1784:3:1784:15 | right-shift | The operand lhs7 is right-shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:1786:3:1786:15 | right-shift | The operand lhs7 is right-shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:1788:3:1788:15 | right-shift | The operand lhs7 is right-shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:1796:3:1797:10 | right-shift | The operand lhs8 is right-shifted by an expression rhs6 which is greater than or equal to in precision. | -| test.c:1798:3:1799:10 | right-shift | The operand lhs8 is right-shifted by an expression rhs7 which is greater than or equal to in precision. | -| test.c:1800:3:1801:10 | right-shift | The operand lhs8 is right-shifted by an expression rhs8 which is greater than or equal to in precision. | -| test.c:1802:3:1803:10 | right-shift | The operand lhs8 is right-shifted by an expression rhs9 which is greater than or equal to in precision. | -| test.c:1804:3:1804:15 | right-shift | The operand lhs8 is right-shifted by an expression rhs10 which is greater than or equal to in precision. | -| test.c:1806:3:1806:15 | right-shift | The operand lhs8 is right-shifted by an expression rhs11 which is greater than or equal to in precision. | -| test.c:1808:3:1808:15 | right-shift | The operand lhs8 is right-shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:1810:3:1810:15 | right-shift | The operand lhs8 is right-shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:1812:3:1812:15 | right-shift | The operand lhs8 is right-shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:1828:3:1828:15 | right-shift | The operand lhs9 is right-shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:1852:3:1852:16 | right-shift | The operand lhs10 is right-shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:1854:3:1854:16 | right-shift | The operand lhs10 is right-shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:1856:3:1856:16 | right-shift | The operand lhs10 is right-shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:1876:3:1876:16 | right-shift | The operand lhs11 is right-shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:1878:3:1878:16 | right-shift | The operand lhs11 is right-shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:1880:3:1880:16 | right-shift | The operand lhs11 is right-shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:1894:3:1894:16 | right-shift | The operand lhs12 is right-shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:1910:3:1910:16 | right-shift | The operand lhs13 is right-shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:1912:3:1912:16 | right-shift | The operand lhs13 is right-shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:1914:3:1914:16 | right-shift | The operand lhs13 is right-shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:1928:3:1928:16 | right-shift | The operand lhs14 is right-shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:1930:3:1930:16 | right-shift | The operand lhs14 is right-shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:1932:3:1932:16 | right-shift | The operand lhs14 is right-shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:3115:3:3115:12 | left-shift | The operand lhs0 is left-shifted by a negative expression - .... | -| test.c:3116:3:3116:12 | left-shift | The operand lhs1 is left-shifted by a negative expression - .... | -| test.c:3117:3:3117:12 | left-shift | The operand lhs2 is left-shifted by a negative expression - .... | -| test.c:3118:3:3118:12 | left-shift | The operand lhs3 is left-shifted by a negative expression - .... | -| test.c:3119:3:3119:12 | left-shift | The operand lhs4 is left-shifted by a negative expression - .... | -| test.c:3120:3:3120:12 | left-shift | The operand lhs5 is left-shifted by a negative expression - .... | -| test.c:3121:3:3121:12 | left-shift | The operand lhs6 is left-shifted by a negative expression - .... | -| test.c:3122:3:3122:12 | left-shift | The operand lhs7 is left-shifted by a negative expression - .... | -| test.c:3123:3:3123:12 | left-shift | The operand lhs8 is left-shifted by a negative expression - .... | -| test.c:3124:3:3124:12 | left-shift | The operand lhs9 is left-shifted by a negative expression - .... | -| test.c:3125:3:3125:13 | left-shift | The operand lhs10 is left-shifted by a negative expression - .... | -| test.c:3126:3:3126:13 | left-shift | The operand lhs11 is left-shifted by a negative expression - .... | -| test.c:3127:3:3127:13 | left-shift | The operand lhs12 is left-shifted by a negative expression - .... | -| test.c:3128:3:3128:13 | left-shift | The operand lhs13 is left-shifted by a negative expression - .... | -| test.c:3129:3:3129:13 | left-shift | The operand lhs14 is left-shifted by a negative expression - .... | \ No newline at end of file +| test.c:43:3:43:14 | ... << ... | The operand lhs0 is shifted by an expression rhs0 which is greater than or equal to in precision. | +| test.c:47:3:47:14 | ... << ... | The operand lhs0 is shifted by an expression rhs3 which is greater than or equal to in precision. | +| test.c:49:3:49:14 | ... << ... | The operand lhs0 is shifted by an expression rhs4 which is greater than or equal to in precision. | +| test.c:51:3:51:14 | ... << ... | The operand lhs0 is shifted by an expression rhs5 which is greater than or equal to in precision. | +| test.c:53:3:53:14 | ... << ... | The operand lhs0 is shifted by an expression rhs6 which is greater than or equal to in precision. | +| test.c:55:3:55:14 | ... << ... | The operand lhs0 is shifted by an expression rhs7 which is greater than or equal to in precision. | +| test.c:57:3:57:14 | ... << ... | The operand lhs0 is shifted by an expression rhs8 which is greater than or equal to in precision. | +| test.c:59:3:59:14 | ... << ... | The operand lhs0 is shifted by an expression rhs9 which is greater than or equal to in precision. | +| test.c:61:3:61:15 | ... << ... | The operand lhs0 is shifted by an expression rhs10 which is greater than or equal to in precision. | +| test.c:63:3:63:15 | ... << ... | The operand lhs0 is shifted by an expression rhs11 which is greater than or equal to in precision. | +| test.c:65:3:65:15 | ... << ... | The operand lhs0 is shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:67:3:67:15 | ... << ... | The operand lhs0 is shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:69:3:69:15 | ... << ... | The operand lhs0 is shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:71:3:71:14 | ... << ... | The operand lhs1 is shifted by an expression rhs0 which is greater than or equal to in precision. | +| test.c:73:3:73:14 | ... << ... | The operand lhs1 is shifted by an expression rhs1 which is greater than or equal to in precision. | +| test.c:75:3:75:14 | ... << ... | The operand lhs1 is shifted by an expression rhs2 which is greater than or equal to in precision. | +| test.c:77:3:77:14 | ... << ... | The operand lhs1 is shifted by an expression rhs3 which is greater than or equal to in precision. | +| test.c:79:3:79:14 | ... << ... | The operand lhs1 is shifted by an expression rhs4 which is greater than or equal to in precision. | +| test.c:81:3:81:14 | ... << ... | The operand lhs1 is shifted by an expression rhs5 which is greater than or equal to in precision. | +| test.c:83:3:83:14 | ... << ... | The operand lhs1 is shifted by an expression rhs6 which is greater than or equal to in precision. | +| test.c:85:3:85:14 | ... << ... | The operand lhs1 is shifted by an expression rhs7 which is greater than or equal to in precision. | +| test.c:87:3:87:14 | ... << ... | The operand lhs1 is shifted by an expression rhs8 which is greater than or equal to in precision. | +| test.c:89:3:89:14 | ... << ... | The operand lhs1 is shifted by an expression rhs9 which is greater than or equal to in precision. | +| test.c:91:3:91:15 | ... << ... | The operand lhs1 is shifted by an expression rhs10 which is greater than or equal to in precision. | +| test.c:93:3:93:15 | ... << ... | The operand lhs1 is shifted by an expression rhs11 which is greater than or equal to in precision. | +| test.c:95:3:95:15 | ... << ... | The operand lhs1 is shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:97:3:97:15 | ... << ... | The operand lhs1 is shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:99:3:99:15 | ... << ... | The operand lhs1 is shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:134:3:134:14 | ... << ... | The operand lhs3 is shifted by an expression rhs3 which is greater than or equal to in precision. | +| test.c:138:3:138:14 | ... << ... | The operand lhs3 is shifted by an expression rhs6 which is greater than or equal to in precision. | +| test.c:140:3:140:14 | ... << ... | The operand lhs3 is shifted by an expression rhs7 which is greater than or equal to in precision. | +| test.c:142:3:142:14 | ... << ... | The operand lhs3 is shifted by an expression rhs8 which is greater than or equal to in precision. | +| test.c:144:3:144:14 | ... << ... | The operand lhs3 is shifted by an expression rhs9 which is greater than or equal to in precision. | +| test.c:146:3:146:15 | ... << ... | The operand lhs3 is shifted by an expression rhs10 which is greater than or equal to in precision. | +| test.c:148:3:148:15 | ... << ... | The operand lhs3 is shifted by an expression rhs11 which is greater than or equal to in precision. | +| test.c:150:3:150:15 | ... << ... | The operand lhs3 is shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:152:3:152:15 | ... << ... | The operand lhs3 is shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:154:3:154:15 | ... << ... | The operand lhs3 is shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:159:3:159:14 | ... << ... | The operand lhs4 is shifted by an expression rhs3 which is greater than or equal to in precision. | +| test.c:161:3:161:14 | ... << ... | The operand lhs4 is shifted by an expression rhs4 which is greater than or equal to in precision. | +| test.c:163:3:163:14 | ... << ... | The operand lhs4 is shifted by an expression rhs5 which is greater than or equal to in precision. | +| test.c:165:3:165:14 | ... << ... | The operand lhs4 is shifted by an expression rhs6 which is greater than or equal to in precision. | +| test.c:167:3:167:14 | ... << ... | The operand lhs4 is shifted by an expression rhs7 which is greater than or equal to in precision. | +| test.c:169:3:169:14 | ... << ... | The operand lhs4 is shifted by an expression rhs8 which is greater than or equal to in precision. | +| test.c:171:3:171:14 | ... << ... | The operand lhs4 is shifted by an expression rhs9 which is greater than or equal to in precision. | +| test.c:173:3:173:15 | ... << ... | The operand lhs4 is shifted by an expression rhs10 which is greater than or equal to in precision. | +| test.c:175:3:175:15 | ... << ... | The operand lhs4 is shifted by an expression rhs11 which is greater than or equal to in precision. | +| test.c:177:3:177:15 | ... << ... | The operand lhs4 is shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:179:3:179:15 | ... << ... | The operand lhs4 is shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:181:3:181:15 | ... << ... | The operand lhs4 is shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:216:3:216:14 | ... << ... | The operand lhs6 is shifted by an expression rhs6 which is greater than or equal to in precision. | +| test.c:220:3:220:14 | ... << ... | The operand lhs6 is shifted by an expression rhs9 which is greater than or equal to in precision. | +| test.c:224:3:224:15 | ... << ... | The operand lhs6 is shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:226:3:226:15 | ... << ... | The operand lhs6 is shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:228:3:228:15 | ... << ... | The operand lhs6 is shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:236:3:236:14 | ... << ... | The operand lhs7 is shifted by an expression rhs6 which is greater than or equal to in precision. | +| test.c:238:3:238:14 | ... << ... | The operand lhs7 is shifted by an expression rhs7 which is greater than or equal to in precision. | +| test.c:240:3:240:14 | ... << ... | The operand lhs7 is shifted by an expression rhs8 which is greater than or equal to in precision. | +| test.c:242:3:242:14 | ... << ... | The operand lhs7 is shifted by an expression rhs9 which is greater than or equal to in precision. | +| test.c:244:3:244:15 | ... << ... | The operand lhs7 is shifted by an expression rhs10 which is greater than or equal to in precision. | +| test.c:246:3:246:15 | ... << ... | The operand lhs7 is shifted by an expression rhs11 which is greater than or equal to in precision. | +| test.c:248:3:248:15 | ... << ... | The operand lhs7 is shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:250:3:250:15 | ... << ... | The operand lhs7 is shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:252:3:252:15 | ... << ... | The operand lhs7 is shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:292:3:292:15 | ... << ... | The operand lhs9 is shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:316:3:316:16 | ... << ... | The operand lhs10 is shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:318:3:318:16 | ... << ... | The operand lhs10 is shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:320:3:320:16 | ... << ... | The operand lhs10 is shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:358:3:358:16 | ... << ... | The operand lhs12 is shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:374:3:374:16 | ... << ... | The operand lhs13 is shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:376:3:376:16 | ... << ... | The operand lhs13 is shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:378:3:378:16 | ... << ... | The operand lhs13 is shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:1579:3:1580:10 | ... >> ... | The operand lhs0 is shifted by an expression rhs0 which is greater than or equal to in precision. | +| test.c:1583:3:1584:10 | ... >> ... | The operand lhs0 is shifted by an expression rhs3 which is greater than or equal to in precision. | +| test.c:1585:3:1586:10 | ... >> ... | The operand lhs0 is shifted by an expression rhs4 which is greater than or equal to in precision. | +| test.c:1587:3:1588:10 | ... >> ... | The operand lhs0 is shifted by an expression rhs5 which is greater than or equal to in precision. | +| test.c:1589:3:1590:10 | ... >> ... | The operand lhs0 is shifted by an expression rhs6 which is greater than or equal to in precision. | +| test.c:1591:3:1592:10 | ... >> ... | The operand lhs0 is shifted by an expression rhs7 which is greater than or equal to in precision. | +| test.c:1593:3:1594:10 | ... >> ... | The operand lhs0 is shifted by an expression rhs8 which is greater than or equal to in precision. | +| test.c:1595:3:1596:10 | ... >> ... | The operand lhs0 is shifted by an expression rhs9 which is greater than or equal to in precision. | +| test.c:1597:3:1597:15 | ... >> ... | The operand lhs0 is shifted by an expression rhs10 which is greater than or equal to in precision. | +| test.c:1599:3:1599:15 | ... >> ... | The operand lhs0 is shifted by an expression rhs11 which is greater than or equal to in precision. | +| test.c:1601:3:1601:15 | ... >> ... | The operand lhs0 is shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:1603:3:1603:15 | ... >> ... | The operand lhs0 is shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:1605:3:1605:15 | ... >> ... | The operand lhs0 is shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:1607:3:1608:10 | ... >> ... | The operand lhs1 is shifted by an expression rhs0 which is greater than or equal to in precision. | +| test.c:1609:3:1610:10 | ... >> ... | The operand lhs1 is shifted by an expression rhs1 which is greater than or equal to in precision. | +| test.c:1611:3:1612:10 | ... >> ... | The operand lhs1 is shifted by an expression rhs2 which is greater than or equal to in precision. | +| test.c:1613:3:1614:10 | ... >> ... | The operand lhs1 is shifted by an expression rhs3 which is greater than or equal to in precision. | +| test.c:1615:3:1616:10 | ... >> ... | The operand lhs1 is shifted by an expression rhs4 which is greater than or equal to in precision. | +| test.c:1617:3:1618:10 | ... >> ... | The operand lhs1 is shifted by an expression rhs5 which is greater than or equal to in precision. | +| test.c:1619:3:1620:10 | ... >> ... | The operand lhs1 is shifted by an expression rhs6 which is greater than or equal to in precision. | +| test.c:1621:3:1622:10 | ... >> ... | The operand lhs1 is shifted by an expression rhs7 which is greater than or equal to in precision. | +| test.c:1623:3:1624:10 | ... >> ... | The operand lhs1 is shifted by an expression rhs8 which is greater than or equal to in precision. | +| test.c:1625:3:1626:10 | ... >> ... | The operand lhs1 is shifted by an expression rhs9 which is greater than or equal to in precision. | +| test.c:1627:3:1627:15 | ... >> ... | The operand lhs1 is shifted by an expression rhs10 which is greater than or equal to in precision. | +| test.c:1629:3:1629:15 | ... >> ... | The operand lhs1 is shifted by an expression rhs11 which is greater than or equal to in precision. | +| test.c:1631:3:1631:15 | ... >> ... | The operand lhs1 is shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:1633:3:1633:15 | ... >> ... | The operand lhs1 is shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:1635:3:1635:15 | ... >> ... | The operand lhs1 is shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:1670:3:1671:10 | ... >> ... | The operand lhs3 is shifted by an expression rhs3 which is greater than or equal to in precision. | +| test.c:1674:3:1675:10 | ... >> ... | The operand lhs3 is shifted by an expression rhs6 which is greater than or equal to in precision. | +| test.c:1676:3:1677:10 | ... >> ... | The operand lhs3 is shifted by an expression rhs7 which is greater than or equal to in precision. | +| test.c:1678:3:1679:10 | ... >> ... | The operand lhs3 is shifted by an expression rhs8 which is greater than or equal to in precision. | +| test.c:1680:3:1681:10 | ... >> ... | The operand lhs3 is shifted by an expression rhs9 which is greater than or equal to in precision. | +| test.c:1682:3:1682:15 | ... >> ... | The operand lhs3 is shifted by an expression rhs10 which is greater than or equal to in precision. | +| test.c:1684:3:1684:15 | ... >> ... | The operand lhs3 is shifted by an expression rhs11 which is greater than or equal to in precision. | +| test.c:1686:3:1686:15 | ... >> ... | The operand lhs3 is shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:1688:3:1688:15 | ... >> ... | The operand lhs3 is shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:1690:3:1690:15 | ... >> ... | The operand lhs3 is shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:1695:3:1696:10 | ... >> ... | The operand lhs4 is shifted by an expression rhs3 which is greater than or equal to in precision. | +| test.c:1697:3:1698:10 | ... >> ... | The operand lhs4 is shifted by an expression rhs4 which is greater than or equal to in precision. | +| test.c:1699:3:1700:10 | ... >> ... | The operand lhs4 is shifted by an expression rhs5 which is greater than or equal to in precision. | +| test.c:1701:3:1702:10 | ... >> ... | The operand lhs4 is shifted by an expression rhs6 which is greater than or equal to in precision. | +| test.c:1703:3:1704:10 | ... >> ... | The operand lhs4 is shifted by an expression rhs7 which is greater than or equal to in precision. | +| test.c:1705:3:1706:10 | ... >> ... | The operand lhs4 is shifted by an expression rhs8 which is greater than or equal to in precision. | +| test.c:1707:3:1708:10 | ... >> ... | The operand lhs4 is shifted by an expression rhs9 which is greater than or equal to in precision. | +| test.c:1709:3:1709:15 | ... >> ... | The operand lhs4 is shifted by an expression rhs10 which is greater than or equal to in precision. | +| test.c:1711:3:1711:15 | ... >> ... | The operand lhs4 is shifted by an expression rhs11 which is greater than or equal to in precision. | +| test.c:1713:3:1713:15 | ... >> ... | The operand lhs4 is shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:1715:3:1715:15 | ... >> ... | The operand lhs4 is shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:1717:3:1717:15 | ... >> ... | The operand lhs4 is shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:1752:3:1753:10 | ... >> ... | The operand lhs6 is shifted by an expression rhs6 which is greater than or equal to in precision. | +| test.c:1756:3:1757:10 | ... >> ... | The operand lhs6 is shifted by an expression rhs9 which is greater than or equal to in precision. | +| test.c:1760:3:1760:15 | ... >> ... | The operand lhs6 is shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:1762:3:1762:15 | ... >> ... | The operand lhs6 is shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:1764:3:1764:15 | ... >> ... | The operand lhs6 is shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:1772:3:1773:10 | ... >> ... | The operand lhs7 is shifted by an expression rhs6 which is greater than or equal to in precision. | +| test.c:1774:3:1775:10 | ... >> ... | The operand lhs7 is shifted by an expression rhs7 which is greater than or equal to in precision. | +| test.c:1776:3:1777:10 | ... >> ... | The operand lhs7 is shifted by an expression rhs8 which is greater than or equal to in precision. | +| test.c:1778:3:1779:10 | ... >> ... | The operand lhs7 is shifted by an expression rhs9 which is greater than or equal to in precision. | +| test.c:1780:3:1780:15 | ... >> ... | The operand lhs7 is shifted by an expression rhs10 which is greater than or equal to in precision. | +| test.c:1782:3:1782:15 | ... >> ... | The operand lhs7 is shifted by an expression rhs11 which is greater than or equal to in precision. | +| test.c:1784:3:1784:15 | ... >> ... | The operand lhs7 is shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:1786:3:1786:15 | ... >> ... | The operand lhs7 is shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:1788:3:1788:15 | ... >> ... | The operand lhs7 is shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:1828:3:1828:15 | ... >> ... | The operand lhs9 is shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:1852:3:1852:16 | ... >> ... | The operand lhs10 is shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:1854:3:1854:16 | ... >> ... | The operand lhs10 is shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:1856:3:1856:16 | ... >> ... | The operand lhs10 is shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:1894:3:1894:16 | ... >> ... | The operand lhs12 is shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:1910:3:1910:16 | ... >> ... | The operand lhs13 is shifted by an expression rhs12 which is greater than or equal to in precision. | +| test.c:1912:3:1912:16 | ... >> ... | The operand lhs13 is shifted by an expression rhs13 which is greater than or equal to in precision. | +| test.c:1914:3:1914:16 | ... >> ... | The operand lhs13 is shifted by an expression rhs14 which is greater than or equal to in precision. | +| test.c:3115:3:3115:12 | ... << ... | The operand lhs0 is shifted by a negative expression - .... | +| test.c:3116:3:3116:12 | ... << ... | The operand lhs1 is shifted by a negative expression - .... | +| test.c:3117:3:3117:12 | ... << ... | The operand lhs2 is shifted by a negative expression - .... | +| test.c:3118:3:3118:12 | ... << ... | The operand lhs3 is shifted by a negative expression - .... | +| test.c:3119:3:3119:12 | ... << ... | The operand lhs4 is shifted by a negative expression - .... | +| test.c:3120:3:3120:12 | ... << ... | The operand lhs5 is shifted by a negative expression - .... | +| test.c:3121:3:3121:12 | ... << ... | The operand lhs6 is shifted by a negative expression - .... | +| test.c:3122:3:3122:12 | ... << ... | The operand lhs7 is shifted by a negative expression - .... | +| test.c:3123:3:3123:12 | ... << ... | The operand lhs8 is shifted by a negative expression - .... | +| test.c:3124:3:3124:12 | ... << ... | The operand lhs9 is shifted by a negative expression - .... | +| test.c:3125:3:3125:13 | ... << ... | The operand lhs10 is shifted by a negative expression - .... | +| test.c:3126:3:3126:13 | ... << ... | The operand lhs11 is shifted by a negative expression - .... | +| test.c:3127:3:3127:13 | ... << ... | The operand lhs12 is shifted by a negative expression - .... | +| test.c:3128:3:3128:13 | ... << ... | The operand lhs13 is shifted by a negative expression - .... | +| test.c:3129:3:3129:13 | ... << ... | The operand lhs14 is shifted by a negative expression - .... | diff --git a/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql b/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql index a295c91f7b..35b43f8323 100644 --- a/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql +++ b/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql @@ -28,12 +28,6 @@ class GenericCharPointerType extends PointerType { /* This type eventually resolves to char* */ this.resolveTypedefs*() instanceof CharPointerType } - - predicate isWideCharPointerType() { this.resolveTypedefs*() instanceof WideCharPointerType } - - override string toString() { - if this.isWideCharPointerType() then result = "wchar_t*" else result = "char*" - } } class NonConstCharStarType extends Type { @@ -47,8 +41,7 @@ class NonConstCharStarType extends Type { predicate declaringNonConstCharVar(Variable decl, string message) { not decl instanceof Parameter and // exclude parameters /* It should be declaring a char* type variable */ - decl.getType() instanceof GenericCharPointerType and - not decl.getType().isDeeplyConstBelow() and + decl.getType() instanceof NonConstCharStarType and /* But it's declared to hold a string literal. */ decl.getInitializer().getExpr() instanceof StringLiteral and message = diff --git a/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.expected b/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.expected index 1312594e13..46b8e5a47b 100644 --- a/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.expected +++ b/c/misra/test/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.expected @@ -1,8 +1,8 @@ -| test.c:11:9:11:10 | s3 | char* variable s3 is declared with a string literal. | -| test.c:13:3:14:15 | ... = ... | char* variable s3 is assigned a string literal. | -| test.c:23:12:23:14 | ws3 | wchar_t* variable ws3 is declared with a string literal. | -| test.c:25:3:25:23 | ... = ... | wchar_t* variable ws3 is assigned a string literal. | -| test.c:50:5:50:21 | return ... | char* function sample3 is returning a string literal. | -| test.c:58:5:58:22 | return ... | wchar_t* function w_sample3 is returning a string literal. | -| test.c:69:3:69:9 | call to sample4 | char* parameter of sample4 is passed a string literal. | -| test.c:78:3:78:11 | call to w_sample4 | wchar_t* parameter of w_sample4 is passed a string literal. | +| test.c:11:9:11:10 | s3 | char * variable s3 is declared with a string literal. | +| test.c:13:3:14:15 | ... = ... | char * variable s3 is assigned a string literal. | +| test.c:23:12:23:14 | ws3 | wchar_t * variable ws3 is declared with a string literal. | +| test.c:25:3:25:23 | ... = ... | wchar_t * variable ws3 is assigned a string literal. | +| test.c:50:5:50:21 | return ... | char * function sample3 is returning a string literal. | +| test.c:58:5:58:22 | return ... | wchar_t * function w_sample3 is returning a string literal. | +| test.c:69:3:69:9 | call to sample4 | char * parameter of sample4 is passed a string literal. | +| test.c:78:3:78:11 | call to w_sample4 | wchar_t * parameter of w_sample4 is passed a string literal. | From b79e1e84b6f0611c774088e49fb5b0b4a025b9ba Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 29 Mar 2023 10:34:35 +0100 Subject: [PATCH 0928/2573] INT34-C: Use fully converted type for precision If the expression is explicitly converted to a larger type, the shift happens on the larger type. --- .../INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql b/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql index c53e480aac..ef5f2a4c5a 100644 --- a/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql +++ b/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql @@ -55,7 +55,7 @@ int getPrecision(IntegralType type) { predicate isForbiddenShiftExpr(BitShiftExpr shift, string message) { ( ( - getPrecision(shift.getLeftOperand().getUnderlyingType()) <= + getPrecision(shift.getLeftOperand().getFullyConverted().getUnderlyingType()) <= upperBound(shift.getRightOperand()) and message = "The operand " + shift.getLeftOperand() + " is shifted by an expression " + From 4e5e05a8caeffb7ef0244696796191fdaa5c35c1 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 29 Mar 2023 10:45:56 +0100 Subject: [PATCH 0929/2573] INT34-C: Improve alert message. * Include uncertainty in the alert message (e.g. "may") * Report upper bound if relevant. --- ...ftedbyNegativeOrGreaterPrecisionOperand.ql | 9 +- ...NegativeOrGreaterPrecisionOperand.expected | 318 +++++++++--------- 2 files changed, 164 insertions(+), 163 deletions(-) diff --git a/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql b/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql index ef5f2a4c5a..2086d2da2b 100644 --- a/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql +++ b/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql @@ -55,16 +55,17 @@ int getPrecision(IntegralType type) { predicate isForbiddenShiftExpr(BitShiftExpr shift, string message) { ( ( - getPrecision(shift.getLeftOperand().getFullyConverted().getUnderlyingType()) <= + getPrecision(shift.getLeftOperand().getExplicitlyConverted().getUnderlyingType()) <= upperBound(shift.getRightOperand()) and message = "The operand " + shift.getLeftOperand() + " is shifted by an expression " + - shift.getRightOperand() + " which is greater than or equal to in precision." + shift.getRightOperand() + " whose upper bound (" + upperBound(shift.getRightOperand()) + + ") is greater than or equal to the precision." or lowerBound(shift.getRightOperand()) < 0 and message = - "The operand " + shift.getLeftOperand() + " is shifted by a negative expression " + - shift.getRightOperand() + "." + "The operand " + shift.getLeftOperand() + " is shifted by an expression " + + shift.getRightOperand() + " which may be negative." ) and /* * Shift statement is not at a basic block where diff --git a/c/cert/test/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.expected b/c/cert/test/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.expected index 4d82ab7839..0cd42bb3e0 100644 --- a/c/cert/test/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.expected +++ b/c/cert/test/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.expected @@ -1,159 +1,159 @@ -| test.c:43:3:43:14 | ... << ... | The operand lhs0 is shifted by an expression rhs0 which is greater than or equal to in precision. | -| test.c:47:3:47:14 | ... << ... | The operand lhs0 is shifted by an expression rhs3 which is greater than or equal to in precision. | -| test.c:49:3:49:14 | ... << ... | The operand lhs0 is shifted by an expression rhs4 which is greater than or equal to in precision. | -| test.c:51:3:51:14 | ... << ... | The operand lhs0 is shifted by an expression rhs5 which is greater than or equal to in precision. | -| test.c:53:3:53:14 | ... << ... | The operand lhs0 is shifted by an expression rhs6 which is greater than or equal to in precision. | -| test.c:55:3:55:14 | ... << ... | The operand lhs0 is shifted by an expression rhs7 which is greater than or equal to in precision. | -| test.c:57:3:57:14 | ... << ... | The operand lhs0 is shifted by an expression rhs8 which is greater than or equal to in precision. | -| test.c:59:3:59:14 | ... << ... | The operand lhs0 is shifted by an expression rhs9 which is greater than or equal to in precision. | -| test.c:61:3:61:15 | ... << ... | The operand lhs0 is shifted by an expression rhs10 which is greater than or equal to in precision. | -| test.c:63:3:63:15 | ... << ... | The operand lhs0 is shifted by an expression rhs11 which is greater than or equal to in precision. | -| test.c:65:3:65:15 | ... << ... | The operand lhs0 is shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:67:3:67:15 | ... << ... | The operand lhs0 is shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:69:3:69:15 | ... << ... | The operand lhs0 is shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:71:3:71:14 | ... << ... | The operand lhs1 is shifted by an expression rhs0 which is greater than or equal to in precision. | -| test.c:73:3:73:14 | ... << ... | The operand lhs1 is shifted by an expression rhs1 which is greater than or equal to in precision. | -| test.c:75:3:75:14 | ... << ... | The operand lhs1 is shifted by an expression rhs2 which is greater than or equal to in precision. | -| test.c:77:3:77:14 | ... << ... | The operand lhs1 is shifted by an expression rhs3 which is greater than or equal to in precision. | -| test.c:79:3:79:14 | ... << ... | The operand lhs1 is shifted by an expression rhs4 which is greater than or equal to in precision. | -| test.c:81:3:81:14 | ... << ... | The operand lhs1 is shifted by an expression rhs5 which is greater than or equal to in precision. | -| test.c:83:3:83:14 | ... << ... | The operand lhs1 is shifted by an expression rhs6 which is greater than or equal to in precision. | -| test.c:85:3:85:14 | ... << ... | The operand lhs1 is shifted by an expression rhs7 which is greater than or equal to in precision. | -| test.c:87:3:87:14 | ... << ... | The operand lhs1 is shifted by an expression rhs8 which is greater than or equal to in precision. | -| test.c:89:3:89:14 | ... << ... | The operand lhs1 is shifted by an expression rhs9 which is greater than or equal to in precision. | -| test.c:91:3:91:15 | ... << ... | The operand lhs1 is shifted by an expression rhs10 which is greater than or equal to in precision. | -| test.c:93:3:93:15 | ... << ... | The operand lhs1 is shifted by an expression rhs11 which is greater than or equal to in precision. | -| test.c:95:3:95:15 | ... << ... | The operand lhs1 is shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:97:3:97:15 | ... << ... | The operand lhs1 is shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:99:3:99:15 | ... << ... | The operand lhs1 is shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:134:3:134:14 | ... << ... | The operand lhs3 is shifted by an expression rhs3 which is greater than or equal to in precision. | -| test.c:138:3:138:14 | ... << ... | The operand lhs3 is shifted by an expression rhs6 which is greater than or equal to in precision. | -| test.c:140:3:140:14 | ... << ... | The operand lhs3 is shifted by an expression rhs7 which is greater than or equal to in precision. | -| test.c:142:3:142:14 | ... << ... | The operand lhs3 is shifted by an expression rhs8 which is greater than or equal to in precision. | -| test.c:144:3:144:14 | ... << ... | The operand lhs3 is shifted by an expression rhs9 which is greater than or equal to in precision. | -| test.c:146:3:146:15 | ... << ... | The operand lhs3 is shifted by an expression rhs10 which is greater than or equal to in precision. | -| test.c:148:3:148:15 | ... << ... | The operand lhs3 is shifted by an expression rhs11 which is greater than or equal to in precision. | -| test.c:150:3:150:15 | ... << ... | The operand lhs3 is shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:152:3:152:15 | ... << ... | The operand lhs3 is shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:154:3:154:15 | ... << ... | The operand lhs3 is shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:159:3:159:14 | ... << ... | The operand lhs4 is shifted by an expression rhs3 which is greater than or equal to in precision. | -| test.c:161:3:161:14 | ... << ... | The operand lhs4 is shifted by an expression rhs4 which is greater than or equal to in precision. | -| test.c:163:3:163:14 | ... << ... | The operand lhs4 is shifted by an expression rhs5 which is greater than or equal to in precision. | -| test.c:165:3:165:14 | ... << ... | The operand lhs4 is shifted by an expression rhs6 which is greater than or equal to in precision. | -| test.c:167:3:167:14 | ... << ... | The operand lhs4 is shifted by an expression rhs7 which is greater than or equal to in precision. | -| test.c:169:3:169:14 | ... << ... | The operand lhs4 is shifted by an expression rhs8 which is greater than or equal to in precision. | -| test.c:171:3:171:14 | ... << ... | The operand lhs4 is shifted by an expression rhs9 which is greater than or equal to in precision. | -| test.c:173:3:173:15 | ... << ... | The operand lhs4 is shifted by an expression rhs10 which is greater than or equal to in precision. | -| test.c:175:3:175:15 | ... << ... | The operand lhs4 is shifted by an expression rhs11 which is greater than or equal to in precision. | -| test.c:177:3:177:15 | ... << ... | The operand lhs4 is shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:179:3:179:15 | ... << ... | The operand lhs4 is shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:181:3:181:15 | ... << ... | The operand lhs4 is shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:216:3:216:14 | ... << ... | The operand lhs6 is shifted by an expression rhs6 which is greater than or equal to in precision. | -| test.c:220:3:220:14 | ... << ... | The operand lhs6 is shifted by an expression rhs9 which is greater than or equal to in precision. | -| test.c:224:3:224:15 | ... << ... | The operand lhs6 is shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:226:3:226:15 | ... << ... | The operand lhs6 is shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:228:3:228:15 | ... << ... | The operand lhs6 is shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:236:3:236:14 | ... << ... | The operand lhs7 is shifted by an expression rhs6 which is greater than or equal to in precision. | -| test.c:238:3:238:14 | ... << ... | The operand lhs7 is shifted by an expression rhs7 which is greater than or equal to in precision. | -| test.c:240:3:240:14 | ... << ... | The operand lhs7 is shifted by an expression rhs8 which is greater than or equal to in precision. | -| test.c:242:3:242:14 | ... << ... | The operand lhs7 is shifted by an expression rhs9 which is greater than or equal to in precision. | -| test.c:244:3:244:15 | ... << ... | The operand lhs7 is shifted by an expression rhs10 which is greater than or equal to in precision. | -| test.c:246:3:246:15 | ... << ... | The operand lhs7 is shifted by an expression rhs11 which is greater than or equal to in precision. | -| test.c:248:3:248:15 | ... << ... | The operand lhs7 is shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:250:3:250:15 | ... << ... | The operand lhs7 is shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:252:3:252:15 | ... << ... | The operand lhs7 is shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:292:3:292:15 | ... << ... | The operand lhs9 is shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:316:3:316:16 | ... << ... | The operand lhs10 is shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:318:3:318:16 | ... << ... | The operand lhs10 is shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:320:3:320:16 | ... << ... | The operand lhs10 is shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:358:3:358:16 | ... << ... | The operand lhs12 is shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:374:3:374:16 | ... << ... | The operand lhs13 is shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:376:3:376:16 | ... << ... | The operand lhs13 is shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:378:3:378:16 | ... << ... | The operand lhs13 is shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:1579:3:1580:10 | ... >> ... | The operand lhs0 is shifted by an expression rhs0 which is greater than or equal to in precision. | -| test.c:1583:3:1584:10 | ... >> ... | The operand lhs0 is shifted by an expression rhs3 which is greater than or equal to in precision. | -| test.c:1585:3:1586:10 | ... >> ... | The operand lhs0 is shifted by an expression rhs4 which is greater than or equal to in precision. | -| test.c:1587:3:1588:10 | ... >> ... | The operand lhs0 is shifted by an expression rhs5 which is greater than or equal to in precision. | -| test.c:1589:3:1590:10 | ... >> ... | The operand lhs0 is shifted by an expression rhs6 which is greater than or equal to in precision. | -| test.c:1591:3:1592:10 | ... >> ... | The operand lhs0 is shifted by an expression rhs7 which is greater than or equal to in precision. | -| test.c:1593:3:1594:10 | ... >> ... | The operand lhs0 is shifted by an expression rhs8 which is greater than or equal to in precision. | -| test.c:1595:3:1596:10 | ... >> ... | The operand lhs0 is shifted by an expression rhs9 which is greater than or equal to in precision. | -| test.c:1597:3:1597:15 | ... >> ... | The operand lhs0 is shifted by an expression rhs10 which is greater than or equal to in precision. | -| test.c:1599:3:1599:15 | ... >> ... | The operand lhs0 is shifted by an expression rhs11 which is greater than or equal to in precision. | -| test.c:1601:3:1601:15 | ... >> ... | The operand lhs0 is shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:1603:3:1603:15 | ... >> ... | The operand lhs0 is shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:1605:3:1605:15 | ... >> ... | The operand lhs0 is shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:1607:3:1608:10 | ... >> ... | The operand lhs1 is shifted by an expression rhs0 which is greater than or equal to in precision. | -| test.c:1609:3:1610:10 | ... >> ... | The operand lhs1 is shifted by an expression rhs1 which is greater than or equal to in precision. | -| test.c:1611:3:1612:10 | ... >> ... | The operand lhs1 is shifted by an expression rhs2 which is greater than or equal to in precision. | -| test.c:1613:3:1614:10 | ... >> ... | The operand lhs1 is shifted by an expression rhs3 which is greater than or equal to in precision. | -| test.c:1615:3:1616:10 | ... >> ... | The operand lhs1 is shifted by an expression rhs4 which is greater than or equal to in precision. | -| test.c:1617:3:1618:10 | ... >> ... | The operand lhs1 is shifted by an expression rhs5 which is greater than or equal to in precision. | -| test.c:1619:3:1620:10 | ... >> ... | The operand lhs1 is shifted by an expression rhs6 which is greater than or equal to in precision. | -| test.c:1621:3:1622:10 | ... >> ... | The operand lhs1 is shifted by an expression rhs7 which is greater than or equal to in precision. | -| test.c:1623:3:1624:10 | ... >> ... | The operand lhs1 is shifted by an expression rhs8 which is greater than or equal to in precision. | -| test.c:1625:3:1626:10 | ... >> ... | The operand lhs1 is shifted by an expression rhs9 which is greater than or equal to in precision. | -| test.c:1627:3:1627:15 | ... >> ... | The operand lhs1 is shifted by an expression rhs10 which is greater than or equal to in precision. | -| test.c:1629:3:1629:15 | ... >> ... | The operand lhs1 is shifted by an expression rhs11 which is greater than or equal to in precision. | -| test.c:1631:3:1631:15 | ... >> ... | The operand lhs1 is shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:1633:3:1633:15 | ... >> ... | The operand lhs1 is shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:1635:3:1635:15 | ... >> ... | The operand lhs1 is shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:1670:3:1671:10 | ... >> ... | The operand lhs3 is shifted by an expression rhs3 which is greater than or equal to in precision. | -| test.c:1674:3:1675:10 | ... >> ... | The operand lhs3 is shifted by an expression rhs6 which is greater than or equal to in precision. | -| test.c:1676:3:1677:10 | ... >> ... | The operand lhs3 is shifted by an expression rhs7 which is greater than or equal to in precision. | -| test.c:1678:3:1679:10 | ... >> ... | The operand lhs3 is shifted by an expression rhs8 which is greater than or equal to in precision. | -| test.c:1680:3:1681:10 | ... >> ... | The operand lhs3 is shifted by an expression rhs9 which is greater than or equal to in precision. | -| test.c:1682:3:1682:15 | ... >> ... | The operand lhs3 is shifted by an expression rhs10 which is greater than or equal to in precision. | -| test.c:1684:3:1684:15 | ... >> ... | The operand lhs3 is shifted by an expression rhs11 which is greater than or equal to in precision. | -| test.c:1686:3:1686:15 | ... >> ... | The operand lhs3 is shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:1688:3:1688:15 | ... >> ... | The operand lhs3 is shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:1690:3:1690:15 | ... >> ... | The operand lhs3 is shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:1695:3:1696:10 | ... >> ... | The operand lhs4 is shifted by an expression rhs3 which is greater than or equal to in precision. | -| test.c:1697:3:1698:10 | ... >> ... | The operand lhs4 is shifted by an expression rhs4 which is greater than or equal to in precision. | -| test.c:1699:3:1700:10 | ... >> ... | The operand lhs4 is shifted by an expression rhs5 which is greater than or equal to in precision. | -| test.c:1701:3:1702:10 | ... >> ... | The operand lhs4 is shifted by an expression rhs6 which is greater than or equal to in precision. | -| test.c:1703:3:1704:10 | ... >> ... | The operand lhs4 is shifted by an expression rhs7 which is greater than or equal to in precision. | -| test.c:1705:3:1706:10 | ... >> ... | The operand lhs4 is shifted by an expression rhs8 which is greater than or equal to in precision. | -| test.c:1707:3:1708:10 | ... >> ... | The operand lhs4 is shifted by an expression rhs9 which is greater than or equal to in precision. | -| test.c:1709:3:1709:15 | ... >> ... | The operand lhs4 is shifted by an expression rhs10 which is greater than or equal to in precision. | -| test.c:1711:3:1711:15 | ... >> ... | The operand lhs4 is shifted by an expression rhs11 which is greater than or equal to in precision. | -| test.c:1713:3:1713:15 | ... >> ... | The operand lhs4 is shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:1715:3:1715:15 | ... >> ... | The operand lhs4 is shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:1717:3:1717:15 | ... >> ... | The operand lhs4 is shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:1752:3:1753:10 | ... >> ... | The operand lhs6 is shifted by an expression rhs6 which is greater than or equal to in precision. | -| test.c:1756:3:1757:10 | ... >> ... | The operand lhs6 is shifted by an expression rhs9 which is greater than or equal to in precision. | -| test.c:1760:3:1760:15 | ... >> ... | The operand lhs6 is shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:1762:3:1762:15 | ... >> ... | The operand lhs6 is shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:1764:3:1764:15 | ... >> ... | The operand lhs6 is shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:1772:3:1773:10 | ... >> ... | The operand lhs7 is shifted by an expression rhs6 which is greater than or equal to in precision. | -| test.c:1774:3:1775:10 | ... >> ... | The operand lhs7 is shifted by an expression rhs7 which is greater than or equal to in precision. | -| test.c:1776:3:1777:10 | ... >> ... | The operand lhs7 is shifted by an expression rhs8 which is greater than or equal to in precision. | -| test.c:1778:3:1779:10 | ... >> ... | The operand lhs7 is shifted by an expression rhs9 which is greater than or equal to in precision. | -| test.c:1780:3:1780:15 | ... >> ... | The operand lhs7 is shifted by an expression rhs10 which is greater than or equal to in precision. | -| test.c:1782:3:1782:15 | ... >> ... | The operand lhs7 is shifted by an expression rhs11 which is greater than or equal to in precision. | -| test.c:1784:3:1784:15 | ... >> ... | The operand lhs7 is shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:1786:3:1786:15 | ... >> ... | The operand lhs7 is shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:1788:3:1788:15 | ... >> ... | The operand lhs7 is shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:1828:3:1828:15 | ... >> ... | The operand lhs9 is shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:1852:3:1852:16 | ... >> ... | The operand lhs10 is shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:1854:3:1854:16 | ... >> ... | The operand lhs10 is shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:1856:3:1856:16 | ... >> ... | The operand lhs10 is shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:1894:3:1894:16 | ... >> ... | The operand lhs12 is shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:1910:3:1910:16 | ... >> ... | The operand lhs13 is shifted by an expression rhs12 which is greater than or equal to in precision. | -| test.c:1912:3:1912:16 | ... >> ... | The operand lhs13 is shifted by an expression rhs13 which is greater than or equal to in precision. | -| test.c:1914:3:1914:16 | ... >> ... | The operand lhs13 is shifted by an expression rhs14 which is greater than or equal to in precision. | -| test.c:3115:3:3115:12 | ... << ... | The operand lhs0 is shifted by a negative expression - .... | -| test.c:3116:3:3116:12 | ... << ... | The operand lhs1 is shifted by a negative expression - .... | -| test.c:3117:3:3117:12 | ... << ... | The operand lhs2 is shifted by a negative expression - .... | -| test.c:3118:3:3118:12 | ... << ... | The operand lhs3 is shifted by a negative expression - .... | -| test.c:3119:3:3119:12 | ... << ... | The operand lhs4 is shifted by a negative expression - .... | -| test.c:3120:3:3120:12 | ... << ... | The operand lhs5 is shifted by a negative expression - .... | -| test.c:3121:3:3121:12 | ... << ... | The operand lhs6 is shifted by a negative expression - .... | -| test.c:3122:3:3122:12 | ... << ... | The operand lhs7 is shifted by a negative expression - .... | -| test.c:3123:3:3123:12 | ... << ... | The operand lhs8 is shifted by a negative expression - .... | -| test.c:3124:3:3124:12 | ... << ... | The operand lhs9 is shifted by a negative expression - .... | -| test.c:3125:3:3125:13 | ... << ... | The operand lhs10 is shifted by a negative expression - .... | -| test.c:3126:3:3126:13 | ... << ... | The operand lhs11 is shifted by a negative expression - .... | -| test.c:3127:3:3127:13 | ... << ... | The operand lhs12 is shifted by a negative expression - .... | -| test.c:3128:3:3128:13 | ... << ... | The operand lhs13 is shifted by a negative expression - .... | -| test.c:3129:3:3129:13 | ... << ... | The operand lhs14 is shifted by a negative expression - .... | +| test.c:43:3:43:14 | ... << ... | The operand lhs0 is shifted by an expression rhs0 whose upper bound (8) is greater than or equal to the precision. | +| test.c:47:3:47:14 | ... << ... | The operand lhs0 is shifted by an expression rhs3 whose upper bound (16) is greater than or equal to the precision. | +| test.c:49:3:49:14 | ... << ... | The operand lhs0 is shifted by an expression rhs4 whose upper bound (15) is greater than or equal to the precision. | +| test.c:51:3:51:14 | ... << ... | The operand lhs0 is shifted by an expression rhs5 whose upper bound (15) is greater than or equal to the precision. | +| test.c:53:3:53:14 | ... << ... | The operand lhs0 is shifted by an expression rhs6 whose upper bound (32) is greater than or equal to the precision. | +| test.c:55:3:55:14 | ... << ... | The operand lhs0 is shifted by an expression rhs7 whose upper bound (31) is greater than or equal to the precision. | +| test.c:57:3:57:14 | ... << ... | The operand lhs0 is shifted by an expression rhs8 whose upper bound (31) is greater than or equal to the precision. | +| test.c:59:3:59:14 | ... << ... | The operand lhs0 is shifted by an expression rhs9 whose upper bound (32) is greater than or equal to the precision. | +| test.c:61:3:61:15 | ... << ... | The operand lhs0 is shifted by an expression rhs10 whose upper bound (31) is greater than or equal to the precision. | +| test.c:63:3:63:15 | ... << ... | The operand lhs0 is shifted by an expression rhs11 whose upper bound (31) is greater than or equal to the precision. | +| test.c:65:3:65:15 | ... << ... | The operand lhs0 is shifted by an expression rhs12 whose upper bound (64) is greater than or equal to the precision. | +| test.c:67:3:67:15 | ... << ... | The operand lhs0 is shifted by an expression rhs13 whose upper bound (63) is greater than or equal to the precision. | +| test.c:69:3:69:15 | ... << ... | The operand lhs0 is shifted by an expression rhs14 whose upper bound (63) is greater than or equal to the precision. | +| test.c:71:3:71:14 | ... << ... | The operand lhs1 is shifted by an expression rhs0 whose upper bound (8) is greater than or equal to the precision. | +| test.c:73:3:73:14 | ... << ... | The operand lhs1 is shifted by an expression rhs1 whose upper bound (7) is greater than or equal to the precision. | +| test.c:75:3:75:14 | ... << ... | The operand lhs1 is shifted by an expression rhs2 whose upper bound (7) is greater than or equal to the precision. | +| test.c:77:3:77:14 | ... << ... | The operand lhs1 is shifted by an expression rhs3 whose upper bound (16) is greater than or equal to the precision. | +| test.c:79:3:79:14 | ... << ... | The operand lhs1 is shifted by an expression rhs4 whose upper bound (15) is greater than or equal to the precision. | +| test.c:81:3:81:14 | ... << ... | The operand lhs1 is shifted by an expression rhs5 whose upper bound (15) is greater than or equal to the precision. | +| test.c:83:3:83:14 | ... << ... | The operand lhs1 is shifted by an expression rhs6 whose upper bound (32) is greater than or equal to the precision. | +| test.c:85:3:85:14 | ... << ... | The operand lhs1 is shifted by an expression rhs7 whose upper bound (31) is greater than or equal to the precision. | +| test.c:87:3:87:14 | ... << ... | The operand lhs1 is shifted by an expression rhs8 whose upper bound (31) is greater than or equal to the precision. | +| test.c:89:3:89:14 | ... << ... | The operand lhs1 is shifted by an expression rhs9 whose upper bound (32) is greater than or equal to the precision. | +| test.c:91:3:91:15 | ... << ... | The operand lhs1 is shifted by an expression rhs10 whose upper bound (31) is greater than or equal to the precision. | +| test.c:93:3:93:15 | ... << ... | The operand lhs1 is shifted by an expression rhs11 whose upper bound (31) is greater than or equal to the precision. | +| test.c:95:3:95:15 | ... << ... | The operand lhs1 is shifted by an expression rhs12 whose upper bound (64) is greater than or equal to the precision. | +| test.c:97:3:97:15 | ... << ... | The operand lhs1 is shifted by an expression rhs13 whose upper bound (63) is greater than or equal to the precision. | +| test.c:99:3:99:15 | ... << ... | The operand lhs1 is shifted by an expression rhs14 whose upper bound (63) is greater than or equal to the precision. | +| test.c:134:3:134:14 | ... << ... | The operand lhs3 is shifted by an expression rhs3 whose upper bound (16) is greater than or equal to the precision. | +| test.c:138:3:138:14 | ... << ... | The operand lhs3 is shifted by an expression rhs6 whose upper bound (32) is greater than or equal to the precision. | +| test.c:140:3:140:14 | ... << ... | The operand lhs3 is shifted by an expression rhs7 whose upper bound (31) is greater than or equal to the precision. | +| test.c:142:3:142:14 | ... << ... | The operand lhs3 is shifted by an expression rhs8 whose upper bound (31) is greater than or equal to the precision. | +| test.c:144:3:144:14 | ... << ... | The operand lhs3 is shifted by an expression rhs9 whose upper bound (32) is greater than or equal to the precision. | +| test.c:146:3:146:15 | ... << ... | The operand lhs3 is shifted by an expression rhs10 whose upper bound (31) is greater than or equal to the precision. | +| test.c:148:3:148:15 | ... << ... | The operand lhs3 is shifted by an expression rhs11 whose upper bound (31) is greater than or equal to the precision. | +| test.c:150:3:150:15 | ... << ... | The operand lhs3 is shifted by an expression rhs12 whose upper bound (64) is greater than or equal to the precision. | +| test.c:152:3:152:15 | ... << ... | The operand lhs3 is shifted by an expression rhs13 whose upper bound (63) is greater than or equal to the precision. | +| test.c:154:3:154:15 | ... << ... | The operand lhs3 is shifted by an expression rhs14 whose upper bound (63) is greater than or equal to the precision. | +| test.c:159:3:159:14 | ... << ... | The operand lhs4 is shifted by an expression rhs3 whose upper bound (16) is greater than or equal to the precision. | +| test.c:161:3:161:14 | ... << ... | The operand lhs4 is shifted by an expression rhs4 whose upper bound (15) is greater than or equal to the precision. | +| test.c:163:3:163:14 | ... << ... | The operand lhs4 is shifted by an expression rhs5 whose upper bound (15) is greater than or equal to the precision. | +| test.c:165:3:165:14 | ... << ... | The operand lhs4 is shifted by an expression rhs6 whose upper bound (32) is greater than or equal to the precision. | +| test.c:167:3:167:14 | ... << ... | The operand lhs4 is shifted by an expression rhs7 whose upper bound (31) is greater than or equal to the precision. | +| test.c:169:3:169:14 | ... << ... | The operand lhs4 is shifted by an expression rhs8 whose upper bound (31) is greater than or equal to the precision. | +| test.c:171:3:171:14 | ... << ... | The operand lhs4 is shifted by an expression rhs9 whose upper bound (32) is greater than or equal to the precision. | +| test.c:173:3:173:15 | ... << ... | The operand lhs4 is shifted by an expression rhs10 whose upper bound (31) is greater than or equal to the precision. | +| test.c:175:3:175:15 | ... << ... | The operand lhs4 is shifted by an expression rhs11 whose upper bound (31) is greater than or equal to the precision. | +| test.c:177:3:177:15 | ... << ... | The operand lhs4 is shifted by an expression rhs12 whose upper bound (64) is greater than or equal to the precision. | +| test.c:179:3:179:15 | ... << ... | The operand lhs4 is shifted by an expression rhs13 whose upper bound (63) is greater than or equal to the precision. | +| test.c:181:3:181:15 | ... << ... | The operand lhs4 is shifted by an expression rhs14 whose upper bound (63) is greater than or equal to the precision. | +| test.c:216:3:216:14 | ... << ... | The operand lhs6 is shifted by an expression rhs6 whose upper bound (32) is greater than or equal to the precision. | +| test.c:220:3:220:14 | ... << ... | The operand lhs6 is shifted by an expression rhs9 whose upper bound (32) is greater than or equal to the precision. | +| test.c:224:3:224:15 | ... << ... | The operand lhs6 is shifted by an expression rhs12 whose upper bound (64) is greater than or equal to the precision. | +| test.c:226:3:226:15 | ... << ... | The operand lhs6 is shifted by an expression rhs13 whose upper bound (63) is greater than or equal to the precision. | +| test.c:228:3:228:15 | ... << ... | The operand lhs6 is shifted by an expression rhs14 whose upper bound (63) is greater than or equal to the precision. | +| test.c:236:3:236:14 | ... << ... | The operand lhs7 is shifted by an expression rhs6 whose upper bound (32) is greater than or equal to the precision. | +| test.c:238:3:238:14 | ... << ... | The operand lhs7 is shifted by an expression rhs7 whose upper bound (31) is greater than or equal to the precision. | +| test.c:240:3:240:14 | ... << ... | The operand lhs7 is shifted by an expression rhs8 whose upper bound (31) is greater than or equal to the precision. | +| test.c:242:3:242:14 | ... << ... | The operand lhs7 is shifted by an expression rhs9 whose upper bound (32) is greater than or equal to the precision. | +| test.c:244:3:244:15 | ... << ... | The operand lhs7 is shifted by an expression rhs10 whose upper bound (31) is greater than or equal to the precision. | +| test.c:246:3:246:15 | ... << ... | The operand lhs7 is shifted by an expression rhs11 whose upper bound (31) is greater than or equal to the precision. | +| test.c:248:3:248:15 | ... << ... | The operand lhs7 is shifted by an expression rhs12 whose upper bound (64) is greater than or equal to the precision. | +| test.c:250:3:250:15 | ... << ... | The operand lhs7 is shifted by an expression rhs13 whose upper bound (63) is greater than or equal to the precision. | +| test.c:252:3:252:15 | ... << ... | The operand lhs7 is shifted by an expression rhs14 whose upper bound (63) is greater than or equal to the precision. | +| test.c:292:3:292:15 | ... << ... | The operand lhs9 is shifted by an expression rhs12 whose upper bound (64) is greater than or equal to the precision. | +| test.c:316:3:316:16 | ... << ... | The operand lhs10 is shifted by an expression rhs12 whose upper bound (64) is greater than or equal to the precision. | +| test.c:318:3:318:16 | ... << ... | The operand lhs10 is shifted by an expression rhs13 whose upper bound (63) is greater than or equal to the precision. | +| test.c:320:3:320:16 | ... << ... | The operand lhs10 is shifted by an expression rhs14 whose upper bound (63) is greater than or equal to the precision. | +| test.c:358:3:358:16 | ... << ... | The operand lhs12 is shifted by an expression rhs12 whose upper bound (64) is greater than or equal to the precision. | +| test.c:374:3:374:16 | ... << ... | The operand lhs13 is shifted by an expression rhs12 whose upper bound (64) is greater than or equal to the precision. | +| test.c:376:3:376:16 | ... << ... | The operand lhs13 is shifted by an expression rhs13 whose upper bound (63) is greater than or equal to the precision. | +| test.c:378:3:378:16 | ... << ... | The operand lhs13 is shifted by an expression rhs14 whose upper bound (63) is greater than or equal to the precision. | +| test.c:1579:3:1580:10 | ... >> ... | The operand lhs0 is shifted by an expression rhs0 whose upper bound (8) is greater than or equal to the precision. | +| test.c:1583:3:1584:10 | ... >> ... | The operand lhs0 is shifted by an expression rhs3 whose upper bound (16) is greater than or equal to the precision. | +| test.c:1585:3:1586:10 | ... >> ... | The operand lhs0 is shifted by an expression rhs4 whose upper bound (15) is greater than or equal to the precision. | +| test.c:1587:3:1588:10 | ... >> ... | The operand lhs0 is shifted by an expression rhs5 whose upper bound (15) is greater than or equal to the precision. | +| test.c:1589:3:1590:10 | ... >> ... | The operand lhs0 is shifted by an expression rhs6 whose upper bound (32) is greater than or equal to the precision. | +| test.c:1591:3:1592:10 | ... >> ... | The operand lhs0 is shifted by an expression rhs7 whose upper bound (31) is greater than or equal to the precision. | +| test.c:1593:3:1594:10 | ... >> ... | The operand lhs0 is shifted by an expression rhs8 whose upper bound (31) is greater than or equal to the precision. | +| test.c:1595:3:1596:10 | ... >> ... | The operand lhs0 is shifted by an expression rhs9 whose upper bound (32) is greater than or equal to the precision. | +| test.c:1597:3:1597:15 | ... >> ... | The operand lhs0 is shifted by an expression rhs10 whose upper bound (31) is greater than or equal to the precision. | +| test.c:1599:3:1599:15 | ... >> ... | The operand lhs0 is shifted by an expression rhs11 whose upper bound (31) is greater than or equal to the precision. | +| test.c:1601:3:1601:15 | ... >> ... | The operand lhs0 is shifted by an expression rhs12 whose upper bound (64) is greater than or equal to the precision. | +| test.c:1603:3:1603:15 | ... >> ... | The operand lhs0 is shifted by an expression rhs13 whose upper bound (63) is greater than or equal to the precision. | +| test.c:1605:3:1605:15 | ... >> ... | The operand lhs0 is shifted by an expression rhs14 whose upper bound (63) is greater than or equal to the precision. | +| test.c:1607:3:1608:10 | ... >> ... | The operand lhs1 is shifted by an expression rhs0 whose upper bound (8) is greater than or equal to the precision. | +| test.c:1609:3:1610:10 | ... >> ... | The operand lhs1 is shifted by an expression rhs1 whose upper bound (7) is greater than or equal to the precision. | +| test.c:1611:3:1612:10 | ... >> ... | The operand lhs1 is shifted by an expression rhs2 whose upper bound (7) is greater than or equal to the precision. | +| test.c:1613:3:1614:10 | ... >> ... | The operand lhs1 is shifted by an expression rhs3 whose upper bound (16) is greater than or equal to the precision. | +| test.c:1615:3:1616:10 | ... >> ... | The operand lhs1 is shifted by an expression rhs4 whose upper bound (15) is greater than or equal to the precision. | +| test.c:1617:3:1618:10 | ... >> ... | The operand lhs1 is shifted by an expression rhs5 whose upper bound (15) is greater than or equal to the precision. | +| test.c:1619:3:1620:10 | ... >> ... | The operand lhs1 is shifted by an expression rhs6 whose upper bound (32) is greater than or equal to the precision. | +| test.c:1621:3:1622:10 | ... >> ... | The operand lhs1 is shifted by an expression rhs7 whose upper bound (31) is greater than or equal to the precision. | +| test.c:1623:3:1624:10 | ... >> ... | The operand lhs1 is shifted by an expression rhs8 whose upper bound (31) is greater than or equal to the precision. | +| test.c:1625:3:1626:10 | ... >> ... | The operand lhs1 is shifted by an expression rhs9 whose upper bound (32) is greater than or equal to the precision. | +| test.c:1627:3:1627:15 | ... >> ... | The operand lhs1 is shifted by an expression rhs10 whose upper bound (31) is greater than or equal to the precision. | +| test.c:1629:3:1629:15 | ... >> ... | The operand lhs1 is shifted by an expression rhs11 whose upper bound (31) is greater than or equal to the precision. | +| test.c:1631:3:1631:15 | ... >> ... | The operand lhs1 is shifted by an expression rhs12 whose upper bound (64) is greater than or equal to the precision. | +| test.c:1633:3:1633:15 | ... >> ... | The operand lhs1 is shifted by an expression rhs13 whose upper bound (63) is greater than or equal to the precision. | +| test.c:1635:3:1635:15 | ... >> ... | The operand lhs1 is shifted by an expression rhs14 whose upper bound (63) is greater than or equal to the precision. | +| test.c:1670:3:1671:10 | ... >> ... | The operand lhs3 is shifted by an expression rhs3 whose upper bound (16) is greater than or equal to the precision. | +| test.c:1674:3:1675:10 | ... >> ... | The operand lhs3 is shifted by an expression rhs6 whose upper bound (32) is greater than or equal to the precision. | +| test.c:1676:3:1677:10 | ... >> ... | The operand lhs3 is shifted by an expression rhs7 whose upper bound (31) is greater than or equal to the precision. | +| test.c:1678:3:1679:10 | ... >> ... | The operand lhs3 is shifted by an expression rhs8 whose upper bound (31) is greater than or equal to the precision. | +| test.c:1680:3:1681:10 | ... >> ... | The operand lhs3 is shifted by an expression rhs9 whose upper bound (32) is greater than or equal to the precision. | +| test.c:1682:3:1682:15 | ... >> ... | The operand lhs3 is shifted by an expression rhs10 whose upper bound (31) is greater than or equal to the precision. | +| test.c:1684:3:1684:15 | ... >> ... | The operand lhs3 is shifted by an expression rhs11 whose upper bound (31) is greater than or equal to the precision. | +| test.c:1686:3:1686:15 | ... >> ... | The operand lhs3 is shifted by an expression rhs12 whose upper bound (64) is greater than or equal to the precision. | +| test.c:1688:3:1688:15 | ... >> ... | The operand lhs3 is shifted by an expression rhs13 whose upper bound (63) is greater than or equal to the precision. | +| test.c:1690:3:1690:15 | ... >> ... | The operand lhs3 is shifted by an expression rhs14 whose upper bound (63) is greater than or equal to the precision. | +| test.c:1695:3:1696:10 | ... >> ... | The operand lhs4 is shifted by an expression rhs3 whose upper bound (16) is greater than or equal to the precision. | +| test.c:1697:3:1698:10 | ... >> ... | The operand lhs4 is shifted by an expression rhs4 whose upper bound (15) is greater than or equal to the precision. | +| test.c:1699:3:1700:10 | ... >> ... | The operand lhs4 is shifted by an expression rhs5 whose upper bound (15) is greater than or equal to the precision. | +| test.c:1701:3:1702:10 | ... >> ... | The operand lhs4 is shifted by an expression rhs6 whose upper bound (32) is greater than or equal to the precision. | +| test.c:1703:3:1704:10 | ... >> ... | The operand lhs4 is shifted by an expression rhs7 whose upper bound (31) is greater than or equal to the precision. | +| test.c:1705:3:1706:10 | ... >> ... | The operand lhs4 is shifted by an expression rhs8 whose upper bound (31) is greater than or equal to the precision. | +| test.c:1707:3:1708:10 | ... >> ... | The operand lhs4 is shifted by an expression rhs9 whose upper bound (32) is greater than or equal to the precision. | +| test.c:1709:3:1709:15 | ... >> ... | The operand lhs4 is shifted by an expression rhs10 whose upper bound (31) is greater than or equal to the precision. | +| test.c:1711:3:1711:15 | ... >> ... | The operand lhs4 is shifted by an expression rhs11 whose upper bound (31) is greater than or equal to the precision. | +| test.c:1713:3:1713:15 | ... >> ... | The operand lhs4 is shifted by an expression rhs12 whose upper bound (64) is greater than or equal to the precision. | +| test.c:1715:3:1715:15 | ... >> ... | The operand lhs4 is shifted by an expression rhs13 whose upper bound (63) is greater than or equal to the precision. | +| test.c:1717:3:1717:15 | ... >> ... | The operand lhs4 is shifted by an expression rhs14 whose upper bound (63) is greater than or equal to the precision. | +| test.c:1752:3:1753:10 | ... >> ... | The operand lhs6 is shifted by an expression rhs6 whose upper bound (32) is greater than or equal to the precision. | +| test.c:1756:3:1757:10 | ... >> ... | The operand lhs6 is shifted by an expression rhs9 whose upper bound (32) is greater than or equal to the precision. | +| test.c:1760:3:1760:15 | ... >> ... | The operand lhs6 is shifted by an expression rhs12 whose upper bound (64) is greater than or equal to the precision. | +| test.c:1762:3:1762:15 | ... >> ... | The operand lhs6 is shifted by an expression rhs13 whose upper bound (63) is greater than or equal to the precision. | +| test.c:1764:3:1764:15 | ... >> ... | The operand lhs6 is shifted by an expression rhs14 whose upper bound (63) is greater than or equal to the precision. | +| test.c:1772:3:1773:10 | ... >> ... | The operand lhs7 is shifted by an expression rhs6 whose upper bound (32) is greater than or equal to the precision. | +| test.c:1774:3:1775:10 | ... >> ... | The operand lhs7 is shifted by an expression rhs7 whose upper bound (31) is greater than or equal to the precision. | +| test.c:1776:3:1777:10 | ... >> ... | The operand lhs7 is shifted by an expression rhs8 whose upper bound (31) is greater than or equal to the precision. | +| test.c:1778:3:1779:10 | ... >> ... | The operand lhs7 is shifted by an expression rhs9 whose upper bound (32) is greater than or equal to the precision. | +| test.c:1780:3:1780:15 | ... >> ... | The operand lhs7 is shifted by an expression rhs10 whose upper bound (31) is greater than or equal to the precision. | +| test.c:1782:3:1782:15 | ... >> ... | The operand lhs7 is shifted by an expression rhs11 whose upper bound (31) is greater than or equal to the precision. | +| test.c:1784:3:1784:15 | ... >> ... | The operand lhs7 is shifted by an expression rhs12 whose upper bound (64) is greater than or equal to the precision. | +| test.c:1786:3:1786:15 | ... >> ... | The operand lhs7 is shifted by an expression rhs13 whose upper bound (63) is greater than or equal to the precision. | +| test.c:1788:3:1788:15 | ... >> ... | The operand lhs7 is shifted by an expression rhs14 whose upper bound (63) is greater than or equal to the precision. | +| test.c:1828:3:1828:15 | ... >> ... | The operand lhs9 is shifted by an expression rhs12 whose upper bound (64) is greater than or equal to the precision. | +| test.c:1852:3:1852:16 | ... >> ... | The operand lhs10 is shifted by an expression rhs12 whose upper bound (64) is greater than or equal to the precision. | +| test.c:1854:3:1854:16 | ... >> ... | The operand lhs10 is shifted by an expression rhs13 whose upper bound (63) is greater than or equal to the precision. | +| test.c:1856:3:1856:16 | ... >> ... | The operand lhs10 is shifted by an expression rhs14 whose upper bound (63) is greater than or equal to the precision. | +| test.c:1894:3:1894:16 | ... >> ... | The operand lhs12 is shifted by an expression rhs12 whose upper bound (64) is greater than or equal to the precision. | +| test.c:1910:3:1910:16 | ... >> ... | The operand lhs13 is shifted by an expression rhs12 whose upper bound (64) is greater than or equal to the precision. | +| test.c:1912:3:1912:16 | ... >> ... | The operand lhs13 is shifted by an expression rhs13 whose upper bound (63) is greater than or equal to the precision. | +| test.c:1914:3:1914:16 | ... >> ... | The operand lhs13 is shifted by an expression rhs14 whose upper bound (63) is greater than or equal to the precision. | +| test.c:3115:3:3115:12 | ... << ... | The operand lhs0 is shifted by an expression - ... which may be negative. | +| test.c:3116:3:3116:12 | ... << ... | The operand lhs1 is shifted by an expression - ... which may be negative. | +| test.c:3117:3:3117:12 | ... << ... | The operand lhs2 is shifted by an expression - ... which may be negative. | +| test.c:3118:3:3118:12 | ... << ... | The operand lhs3 is shifted by an expression - ... which may be negative. | +| test.c:3119:3:3119:12 | ... << ... | The operand lhs4 is shifted by an expression - ... which may be negative. | +| test.c:3120:3:3120:12 | ... << ... | The operand lhs5 is shifted by an expression - ... which may be negative. | +| test.c:3121:3:3121:12 | ... << ... | The operand lhs6 is shifted by an expression - ... which may be negative. | +| test.c:3122:3:3122:12 | ... << ... | The operand lhs7 is shifted by an expression - ... which may be negative. | +| test.c:3123:3:3123:12 | ... << ... | The operand lhs8 is shifted by an expression - ... which may be negative. | +| test.c:3124:3:3124:12 | ... << ... | The operand lhs9 is shifted by an expression - ... which may be negative. | +| test.c:3125:3:3125:13 | ... << ... | The operand lhs10 is shifted by an expression - ... which may be negative. | +| test.c:3126:3:3126:13 | ... << ... | The operand lhs11 is shifted by an expression - ... which may be negative. | +| test.c:3127:3:3127:13 | ... << ... | The operand lhs12 is shifted by an expression - ... which may be negative. | +| test.c:3128:3:3128:13 | ... << ... | The operand lhs13 is shifted by an expression - ... which may be negative. | +| test.c:3129:3:3129:13 | ... << ... | The operand lhs14 is shifted by an expression - ... which may be negative. | From 9fc57bd2a1e4693c146a83882e313572cfd20bc7 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 29 Mar 2023 10:59:26 +0100 Subject: [PATCH 0930/2573] DIR-4-6: Only flag aliases of built-in numeric types. --- .../DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql b/c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql index 6c8d283786..c22e369d77 100644 --- a/c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql +++ b/c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql @@ -49,8 +49,9 @@ predicate forbiddenTypedef(CTypedefType typedef, string message) { typedef.getName().regexpCapture("u?(int|float)(4|8|16|32|64|128)_t", 2).toInt() and message = "The typedef type " + typedef.getName() + " does not have its indicated size." ) else ( - /* Otherwise, the aliased type itself should have an explicit size in its name. */ - not typedef.getBaseType().getName().regexpMatch("u?(int|float)(4|8|16|32|64|128)_t") and + /* Otherwise, if the type is an alias of a built in numeric type it should have an explicit size in its name. */ + typedef.getUnspecifiedType() instanceof BuiltInNumericType and + not typedef.getBaseType+().getName().regexpMatch("u?(int|float)(4|8|16|32|64|128)_t") and message = "The type " + typedef.getName() + " is not an alias to a fixed-width numeric type." ) ) From 93b939129b81608fab22a1f2cec67feb694677cf Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 29 Mar 2023 11:28:16 +0100 Subject: [PATCH 0931/2573] DIR-4-6: typedefs should be to numeric types Recursively identify typedefs that are to the built in numeric types, but do not use the size alias. --- .../PlainNumericalTypeUsedOverExplicitTypedef.ql | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql b/c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql index c22e369d77..c3ea6dfdbd 100644 --- a/c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql +++ b/c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql @@ -37,7 +37,6 @@ predicate forbiddenBuiltinNumericUsedInDecl(Variable var, string message) { message = "The type " + var.getType() + " is not a fixed-width numeric type." } -// TODO: add some inline comments predicate forbiddenTypedef(CTypedefType typedef, string message) { /* If the typedef's name contains an explicit size */ ( @@ -49,9 +48,15 @@ predicate forbiddenTypedef(CTypedefType typedef, string message) { typedef.getName().regexpCapture("u?(int|float)(4|8|16|32|64|128)_t", 2).toInt() and message = "The typedef type " + typedef.getName() + " does not have its indicated size." ) else ( - /* Otherwise, if the type is an alias of a built in numeric type it should have an explicit size in its name. */ - typedef.getUnspecifiedType() instanceof BuiltInNumericType and - not typedef.getBaseType+().getName().regexpMatch("u?(int|float)(4|8|16|32|64|128)_t") and + ( + // type def is to a built in numeric type + typedef.getBaseType() instanceof BuiltInNumericType and + // but does not include the size in the name + not typedef.getName().regexpMatch("u?(int|float)(4|8|16|32|64|128)_t") + or + // this is a typedef to a forbidden type def + forbiddenTypedef(typedef.getBaseType(), _) + ) and message = "The type " + typedef.getName() + " is not an alias to a fixed-width numeric type." ) ) From d6a4c4e2b515f2c4a5fed721d1aa1f5702a64555 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 29 Mar 2023 11:40:32 +0100 Subject: [PATCH 0932/2573] PRE31-C: Create UnsafeMacro class. --- .../SideEffectsInArgumentsToUnsafeMacros.ql | 24 ++++++++++++++++--- 1 file changed, 21 insertions(+), 3 deletions(-) diff --git a/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.ql b/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.ql index ffd7334cb5..555bf74a61 100644 --- a/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.ql +++ b/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.ql @@ -46,8 +46,27 @@ class CrementEffect extends LocalSideEffect::Range { CrementEffect() { this instanceof CrementOperation } } +/** + * A macro that is considered potentially "unsafe" because one or more arguments are expanded + * multiple times. + */ +class UnsafeMacro extends FunctionLikeMacro { + int unsafeArgumentIndex; + + UnsafeMacro() { + exists(this.getAParameterUse(unsafeArgumentIndex)) and + // Only consider arguments that are expanded multiple times, and do not consider "stringified" arguments + count(int indexInBody | + indexInBody = this.getAParameterUse(unsafeArgumentIndex) and + not this.getBody().charAt(indexInBody) = "#" + ) > 1 + } + + int getAnUnsafeArgumentIndex() { result = unsafeArgumentIndex } +} + from - FunctionLikeMacro flm, MacroInvocation mi, Expr e, SideEffect sideEffect, int i, string arg, + UnsafeMacro flm, MacroInvocation mi, Expr e, SideEffect sideEffect, int i, string arg, string sideEffectDesc where not isExcluded(e, SideEffects4Package::sideEffectsInArgumentsToUnsafeMacrosQuery()) and @@ -55,8 +74,7 @@ where flm.getAnInvocation() = mi and not exists(mi.getParentInvocation()) and mi.getAnExpandedElement() = e and - // Only consider arguments that are expanded multiple times, and do not consider "stringified" arguments - count(int index | index = flm.getAParameterUse(i) and not flm.getBody().charAt(index) = "#") > 1 and + i = flm.getAnUnsafeArgumentIndex() and arg = mi.getExpandedArgument(i) and ( sideEffect instanceof CrementEffect and From bef5a3621c7f3d4ddb1dbc56cc7a4e9045520412 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 29 Mar 2023 11:53:29 +0100 Subject: [PATCH 0933/2573] PRE31-C: Refactor to create UnsafeMacroInvocation Refactor the query to create a separate class for representing unsafe macro invocations. This will enable the query to be improved by determining whether we actually observe multiple side-effects in practice (to handle cases like `type(e) = e;`. --- .../SideEffectsInArgumentsToUnsafeMacros.ql | 49 +++++++++++++------ 1 file changed, 35 insertions(+), 14 deletions(-) diff --git a/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.ql b/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.ql index 555bf74a61..a4aaa8783f 100644 --- a/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.ql +++ b/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.ql @@ -65,28 +65,49 @@ class UnsafeMacro extends FunctionLikeMacro { int getAnUnsafeArgumentIndex() { result = unsafeArgumentIndex } } +/** + * An invocation of a potentially unsafe macro. + */ +class UnsafeMacroInvocation extends MacroInvocation { + UnsafeMacroInvocation() { + this.getMacro() instanceof UnsafeMacro and not exists(this.getParentInvocation()) + } + + /** + * Gets a side-effect for a potentially unsafe argument to the macro. + */ + SideEffect getSideEffectForUnsafeArg(int index) { + index = this.getMacro().(UnsafeMacro).getAnUnsafeArgumentIndex() and + exists(Expr e, string arg | + arg = this.getExpandedArgument(index) and + e = this.getAnExpandedElement() and + result = getASideEffect(e) and + ( + result instanceof CrementEffect and + exists(arg.indexOf(result.(CrementOperation).getOperator())) + or + result instanceof FunctionCallEffect and + exists(arg.indexOf(result.(FunctionCall).getTarget().getName() + "(")) + ) + ) + } +} + from - UnsafeMacro flm, MacroInvocation mi, Expr e, SideEffect sideEffect, int i, string arg, - string sideEffectDesc + UnsafeMacroInvocation unsafeMacroInvocation, SideEffect sideEffect, int i, string sideEffectDesc where - not isExcluded(e, SideEffects4Package::sideEffectsInArgumentsToUnsafeMacrosQuery()) and - sideEffect = getASideEffect(e) and - flm.getAnInvocation() = mi and - not exists(mi.getParentInvocation()) and - mi.getAnExpandedElement() = e and - i = flm.getAnUnsafeArgumentIndex() and - arg = mi.getExpandedArgument(i) and + not isExcluded(sideEffect, SideEffects4Package::sideEffectsInArgumentsToUnsafeMacrosQuery()) and + sideEffect = unsafeMacroInvocation.getSideEffectForUnsafeArg(i) and ( sideEffect instanceof CrementEffect and - exists(arg.indexOf(sideEffect.(CrementOperation).getOperator())) and sideEffectDesc = "the use of the " + sideEffect.(CrementOperation).getOperator() + " operator" or sideEffect instanceof FunctionCallEffect and - exists(arg.indexOf(sideEffect.(FunctionCall).getTarget().getName() + "(")) and sideEffectDesc = "a call to the function '" + sideEffect.(FunctionCall).getTarget().getName() + "'" ) select sideEffect, - "Argument " + mi.getUnexpandedArgument(i) + " to unsafe macro '" + flm.getName() + - "' is expanded to '" + arg + "' multiple times and includes " + sideEffectDesc + - " as a side-effect." + "Argument " + unsafeMacroInvocation.getUnexpandedArgument(i) + " to unsafe macro '" + + unsafeMacroInvocation.getMacroName() + "' is expanded to '" + + unsafeMacroInvocation.getExpandedArgument(i) + "' multiple times and includes " + sideEffectDesc + + " as a side-effect." From 272df6c05f66b4f0873a88c008dfa95ac68b5712 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 29 Mar 2023 12:03:17 +0100 Subject: [PATCH 0934/2573] PRE31-C: Ensure we see multiple side-effects A macro argument can be referred to multiple times in the body of a macro without it necessarily being evaluated multiple times - for example using an expression with sizeof, type etc. To handle these cases we ensure that we see multiple equivalent side-effects. --- .../PRE31-C/SideEffectsInArgumentsToUnsafeMacros.ql | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.ql b/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.ql index a4aaa8783f..9b0d3155ff 100644 --- a/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.ql +++ b/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.ql @@ -18,6 +18,7 @@ import codingstandards.cpp.SideEffect import codingstandards.cpp.StructuralEquivalence import codingstandards.cpp.sideeffect.DefaultEffects import codingstandards.cpp.sideeffect.Customizations +import semmle.code.cpp.valuenumbering.HashCons class FunctionCallEffect extends GlobalSideEffect::Range { FunctionCallEffect() { @@ -100,9 +101,20 @@ where sideEffect = unsafeMacroInvocation.getSideEffectForUnsafeArg(i) and ( sideEffect instanceof CrementEffect and + // Do we observe the same side-effect multiple times? + count(SideEffect equivalentSideEffect | + equivalentSideEffect = unsafeMacroInvocation.getSideEffectForUnsafeArg(i) and + hashCons(equivalentSideEffect.(CrementOperation).getOperand()) = + hashCons(sideEffect.(CrementOperation).getOperand()) + ) > 1 and sideEffectDesc = "the use of the " + sideEffect.(CrementOperation).getOperator() + " operator" or sideEffect instanceof FunctionCallEffect and + // Do we observe the same side-effect multiple times? + count(SideEffect equivalentSideEffect | + equivalentSideEffect = unsafeMacroInvocation.getSideEffectForUnsafeArg(i) and + equivalentSideEffect.(FunctionCall).getTarget() = sideEffect.(FunctionCall).getTarget() + ) > 1 and sideEffectDesc = "a call to the function '" + sideEffect.(FunctionCall).getTarget().getName() + "'" ) From fc519484e305cb7ba20b7f13a274b093a5f3cb15 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 29 Mar 2023 12:05:04 +0100 Subject: [PATCH 0935/2573] PRE31-C: Improve docs --- .../SideEffectsInArgumentsToUnsafeMacros.ql | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.ql b/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.ql index 9b0d3155ff..ae2376f4e0 100644 --- a/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.ql +++ b/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.ql @@ -23,10 +23,11 @@ import semmle.code.cpp.valuenumbering.HashCons class FunctionCallEffect extends GlobalSideEffect::Range { FunctionCallEffect() { exists(Function f | + // Capture function calls as side-effects f = this.(FunctionCall).getTarget() and - // Not a side-effecting function + // Excluding __builtin_expect, which is not a side-effecting function not f.(BuiltInFunction).getName() = "__builtin_expect" and - // Not side-effecting functions + // Excluding common math functions not exists(string name | name = [ @@ -80,13 +81,20 @@ class UnsafeMacroInvocation extends MacroInvocation { SideEffect getSideEffectForUnsafeArg(int index) { index = this.getMacro().(UnsafeMacro).getAnUnsafeArgumentIndex() and exists(Expr e, string arg | - arg = this.getExpandedArgument(index) and e = this.getAnExpandedElement() and result = getASideEffect(e) and + // Unfortunately, there's no semantic way to check whether a particular expression or + // side-effect generated by a macro came from a particular macro argument. The only + // information we get is the string of the expanded argument. We therefore do some basic + // string matching to check whether it looks like this side-effect comes from the given + // argument + arg = this.getExpandedArgument(index) and ( + // If this is a crement effect, then check that the text of the macro argument includes -- or ++ result instanceof CrementEffect and exists(arg.indexOf(result.(CrementOperation).getOperator())) or + // If this is a functional call effect, then check that the text of the macro argument includes a call to that function result instanceof FunctionCallEffect and exists(arg.indexOf(result.(FunctionCall).getTarget().getName() + "(")) ) From 264f3cd405fa8962e3c6270a333cdbfe33534d79 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 29 Mar 2023 12:06:08 +0100 Subject: [PATCH 0936/2573] PRE31-C: CERT help text --- .../SideEffectsInArgumentsToUnsafeMacros.md | 197 +++++++++++++++++- 1 file changed, 195 insertions(+), 2 deletions(-) diff --git a/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.md b/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.md index e302785482..55bb78c0ae 100644 --- a/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.md +++ b/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.md @@ -3,9 +3,202 @@ This query implements the CERT-C rule PRE31-C: > Avoid side effects in arguments to unsafe macros -## CERT -** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** + +## Description + +An [unsafe function-like macro](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-unsafefunction-likemacro) is one whose expansion results in evaluating one of its parameters more than once or not at all. Never invoke an unsafe macro with arguments containing an assignment, increment, decrement, volatile access, input/output, or other expressions with side effects (including function calls, which may cause side effects). + +The documentation for unsafe macros should warn against invoking them with arguments with side effects, but the responsibility is on the programmer using the macro. Because of the risks associated with their use, it is recommended that the creation of unsafe function-like macros be avoided. (See [PRE00-C. Prefer inline or static functions to function-like macros](https://wiki.sei.cmu.edu/confluence/display/c/PRE00-C.+Prefer+inline+or+static+functions+to+function-like+macros).) + +This rule is similar to [EXP44-C. Do not rely on side effects in operands to sizeof, _Alignof, or _Generic](https://wiki.sei.cmu.edu/confluence/display/c/EXP44-C.+Do+not+rely+on+side+effects+in+operands+to+sizeof%2C+_Alignof%2C+or+_Generic). + +## Noncompliant Code Example + +One problem with unsafe macros is [side effects](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-sideeffect) on macro arguments, as shown by this noncompliant code example: + +```cpp +#define ABS(x) (((x) < 0) ? -(x) : (x)) + +void func(int n) { + /* Validate that n is within the desired range */ + int m = ABS(++n); + + /* ... */ +} +``` +The invocation of the `ABS()` macro in this example expands to + +```cpp +m = (((++n) < 0) ? -(++n) : (++n)); + +``` +The resulting code is well defined but causes `n` to be incremented twice rather than once. + +## Compliant Solution + +In this compliant solution, the increment operation `++n` is performed before the call to the unsafe macro. + +```cpp +#define ABS(x) (((x) < 0) ? -(x) : (x)) /* UNSAFE */ + +void func(int n) { + /* Validate that n is within the desired range */ + ++n; + int m = ABS(n); + + /* ... */ +} +``` +Note the comment warning programmers that the macro is unsafe. The macro can also be renamed `ABS_UNSAFE()` to make it clear that the macro is unsafe. This compliant solution, like all the compliant solutions for this rule, has undefined behavior if the argument to `ABS()` is equal to the minimum (most negative) value for the signed integer type. (See [INT32-C. Ensure that operations on signed integers do not result in overflow](https://wiki.sei.cmu.edu/confluence/display/c/INT32-C.+Ensure+that+operations+on+signed+integers+do+not+result+in+overflow) for more information.) + +## Compliant Solution + +This compliant solution follows the guidance of [PRE00-C. Prefer inline or static functions to function-like macros](https://wiki.sei.cmu.edu/confluence/display/c/PRE00-C.+Prefer+inline+or+static+functions+to+function-like+macros) by defining an inline function `iabs()` to replace the `ABS()` macro. Unlike the `ABS()` macro, which operates on operands of any type, the `iabs()` function will truncate arguments of types wider than `int` whose value is not in range of the latter type. + +```cpp +#include +#include + +static inline int iabs(int x) { + return (((x) < 0) ? -(x) : (x)); +} + +void func(int n) { + /* Validate that n is within the desired range */ + +int m = iabs(++n); + + /* ... */ +} +``` + +## Compliant Solution + +A more flexible compliant solution is to declare the `ABS()` macro using a `_Generic` selection. To support all arithmetic data types, this solution also makes use of inline functions to compute integer absolute values. (See [PRE00-C. Prefer inline or static functions to function-like macros](https://wiki.sei.cmu.edu/confluence/display/c/PRE00-C.+Prefer+inline+or+static+functions+to+function-like+macros) and [PRE12-C. Do not define unsafe macros](https://wiki.sei.cmu.edu/confluence/display/c/PRE12-C.+Do+not+define+unsafe+macros).) + +According to the C Standard, 6.5.1.1, paragraph 3 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO%2FIEC9899-2011)\]: + +> The controlling expression of a generic selection is not evaluated. If a generic selection has a generic association with a type name that is compatible with the type of the controlling expression, then the result expression of the generic selection is the expression in that generic association. Otherwise, the result expression of the generic selection is the expression in the `default` generic association. None of the expressions from any other generic association of the generic selection is evaluated. + + +Because the expression is not evaluated as part of the generic selection, the use of a macro in this solution is guaranteed to evaluate the macro parameter `v` only once. + +```cpp +#include +#include + +static inline long long llabs(long long v) { + return v < 0 ? -v : v; +} +static inline long labs(long v) { + return v < 0 ? -v : v; +} +static inline int iabs(int v) { + return v < 0 ? -v : v; +} +static inline int sabs(short v) { + return v < 0 ? -v : v; +} +static inline int scabs(signed char v) { + return v < 0 ? -v : v; +} + +#define ABS(v) _Generic(v, signed char : scabs, \ + short : sabs, \ + int : iabs, \ + long : labs, \ + long long : llabs, \ + float : fabsf, \ + double : fabs, \ + long double : fabsl, \ + double complex : cabs, \ + float complex : cabsf, \ + long double complex : cabsl)(v) + +void func(int n) { + /* Validate that n is within the desired range */ + int m = ABS(++n); + /* ... */ +} +``` +Generic selections were introduced in C11 and are not available in C99 and earlier editions of the C Standard. + +## Compliant Solution (GCC) + +GCC's [__typeof](http://gcc.gnu.org/onlinedocs/gcc/Typeof.html) extension makes it possible to declare and assign the value of the macro operand to a temporary of the same type and perform the computation on the temporary, consequently guaranteeing that the operand will be evaluated exactly once. Another GCC extension, known as *statement expression[](http://gcc.gnu.org/onlinedocs/gcc/Statement-Exprs.html)*, makes it possible for the block statement to appear where an expression is expected: + +```cpp +#define ABS(x) __extension__ ({ __typeof (x) tmp = x; \ + tmp < 0 ? -tmp : tmp; }) +``` +Note that relying on such extensions makes code nonportable and violates [MSC14-C. Do not introduce unnecessary platform dependencies](https://wiki.sei.cmu.edu/confluence/display/c/MSC14-C.+Do+not+introduce+unnecessary+platform+dependencies). + +## Noncompliant Code Example (assert()) + +The `assert()` macro is a convenient mechanism for incorporating diagnostic tests in code. (See [MSC11-C. Incorporate diagnostic tests using assertions](https://wiki.sei.cmu.edu/confluence/display/c/MSC11-C.+Incorporate+diagnostic+tests+using+assertions).) Expressions used as arguments to the standard `assert()` macro should not have side effects. The behavior of the `assert()` macro depends on the definition of the object-like macro `NDEBUG`. If the macro `NDEBUG` is undefined, the `assert()` macro is defined to evaluate its expression argument and, if the result of the expression compares equal to 0, call the `abort()` function. If `NDEBUG` is defined, `assert` is defined to expand to `((void)0)`. Consequently, the expression in the assertion is not evaluated, and no side effects it may have had otherwise take place in non-debugging executions of the code. + +This noncompliant code example includes an `assert()` macro containing an expression (`index++`) that has a side effect: + +```cpp +#include +#include + +void process(size_t index) { + assert(index++ > 0); /* Side effect */ + /* ... */ +} + +``` + +## Compliant Solution (assert()) + +This compliant solution avoids the possibility of side effects in assertions by moving the expression containing the side effect outside of the `assert()` macro. + +```cpp +#include +#include + +void process(size_t index) { + assert(index > 0); /* No side effect */ + ++index; + /* ... */ +} +``` + +## Exceptions + +**PRE31-C-EX1:** An exception can be made for invoking an [unsafe macro](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-unsafefunction-likemacro) with a function call argument provided that the function has no [side effects](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-sideeffect). However, it is easy to forget about obscure side effects that a function might have, especially library functions for which source code is not available; even changing `errno` is a side effect. Unless the function is user-written and does nothing but perform a computation and return its result without calling any other functions, it is likely that many developers will forget about some side effect. Consequently, this exception must be used with great care. + +## Risk Assessment + +Invoking an unsafe macro with an argument that has side effects may cause those side effects to occur more than once. This practice can lead to [unexpected program behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-unexpectedbehavior). + +
    Rule Severity Likelihood Remediation Cost Priority Level
    PRE31-C Low Unlikely Low P3 L3
    + + +## Automated Detection + +
    Tool Version Checker Description
    Astrée 22.04 expanded-side-effect-multiplied expanded-side-effect-not-evaluated side-effect-not-expanded Partially checked
    Axivion Bauhaus Suite 7.2.0 CertC-PRE31 Fully implemented
    CodeSonar 7.2p0 LANG.PREPROC.FUNCMACRO LANG.STRUCT.SE.DEC LANG.STRUCT.SE.INC Function-Like Macro Side Effects in Expression with Decrement Side Effects in Expression with Increment
    Coverity 2017.07 ASSERT_SIDE_EFFECTS Partially implemented Can detect the specific instance where assertion contains an operation/function call that may have a side effect
    ECLAIR 1.2 CC2.EXP31CC2.PRE31 Fully implemented
    Helix QAC 2022.4 C3462, C3463, C3464, C3465, C3466, C3467 C++3225, C++3226, C++3227, C++3228, C++3229
    Klocwork 2022.4 PORTING.VAR.EFFECTS
    LDRA tool suite 9.7.1 9 S, 562 S, 572 S, 35 D, 1 Q Fully implemented
    Parasoft C/C++test 2022.2 CERT_C-PRE31-b CERT_C-PRE31-c CERT_C-PRE31-d Assertions should not contain assignments, increment, or decrement operators Assertions should not contain function calls nor function-like macro calls Avoid side effects in arguments to unsafe macros
    PC-lint Plus 1.4 666, 2666 Fully supported
    Polyspace Bug Finder R2023a CERT C: Rule PRE31-C Checks for side effect in arguments to unsafe macro (rule partially covered)
    PRQA QA-C 9.7 3462, 3463, 3464, 3465, 3466, 3467 Fully implemented
    PRQA QA-C++ 4.4 3225, 3226, 3227, 3228, 3229
    RuleChecker 22.04 expanded-side-effect-multiplied expanded-side-effect-not-evaluated side-effect-not-expanded Partially checked
    + + +## Related Vulnerabilities + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+PRE31-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
    Taxonomy Taxonomy item Relationship
    + + +## Bibliography + +
    \[ Dewhurst 2002 \] Gotcha \#28, "Side Effects in Assertions"
    \[ ISO/IEC 9899:2011 \] Subclause 6.5.1.1, "Generic Selection"
    \[ Plum 1985 \] Rule 1-11
    + ## Implementation notes From ea8b4d5d451c59004efcc892fa213620bbe06262 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Wed, 29 Mar 2023 10:15:34 -0400 Subject: [PATCH 0937/2573] Update dispatch-matrix-test-on-comment.yml --- .github/workflows/dispatch-matrix-test-on-comment.yml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/.github/workflows/dispatch-matrix-test-on-comment.yml b/.github/workflows/dispatch-matrix-test-on-comment.yml index 9f8e77edaa..33f80e4b40 100644 --- a/.github/workflows/dispatch-matrix-test-on-comment.yml +++ b/.github/workflows/dispatch-matrix-test-on-comment.yml @@ -3,6 +3,11 @@ name: 🤖 Run Matrix Check (On Comment) on: issue_comment: types: [created] + branches: + - main + - "rc/**" + - next + jobs: dispatch-matrix-check: @@ -40,4 +45,4 @@ jobs: owner: context.repo.owner, repo: context.repo.repo, body: '🤖 Beep Boop! Matrix Testing for this PR has been initiated. Please check back later for results.

    :bulb: If you do not hear back from me please check my status! **I will report even if this PR does not contain files eligible for matrix testing.**' - }) \ No newline at end of file + }) From edca7d12bc92d264a7af4ab17d904d8a9a035793 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 29 Mar 2023 22:45:06 +0100 Subject: [PATCH 0938/2573] PRE31-C: Update metadata and docs * Add an implementation scope * Add qldocs * Update description. --- .../rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.md | 2 +- .../rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.ql | 8 +++++++- rule_packages/c/SideEffects4.json | 7 +++++-- 3 files changed, 13 insertions(+), 4 deletions(-) diff --git a/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.md b/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.md index 55bb78c0ae..9a83bee144 100644 --- a/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.md +++ b/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.md @@ -202,7 +202,7 @@ Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+D ## Implementation notes -None +This implementation only considers ++ and function call side effects. Due to the textual nature of macro expansion it is not always possible to determine accurately whether a side-effect was produced by a particular argument, and this may cause both false positives and false negatives. The query does not consider the case where a macro argument including a side-effect is never evaluated. ## References diff --git a/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.ql b/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.ql index ae2376f4e0..4ae6619227 100644 --- a/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.ql +++ b/c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.ql @@ -2,7 +2,7 @@ * @id c/cert/side-effects-in-arguments-to-unsafe-macros * @name PRE31-C: Avoid side effects in arguments to unsafe macros * @description Macro arguments can be expanded multiple times which can cause side-effects to be - * evaluated multiple times. + * evaluated multiple times leading to unexpected program behavior. * @kind problem * @precision low * @problem.severity error @@ -20,6 +20,9 @@ import codingstandards.cpp.sideeffect.DefaultEffects import codingstandards.cpp.sideeffect.Customizations import semmle.code.cpp.valuenumbering.HashCons +/** + * Add side-effecting functions to the default set of side-effects. + */ class FunctionCallEffect extends GlobalSideEffect::Range { FunctionCallEffect() { exists(Function f | @@ -44,6 +47,9 @@ class FunctionCallEffect extends GlobalSideEffect::Range { } } +/** + * Add crement operations to the default set of side-effects. + */ class CrementEffect extends LocalSideEffect::Range { CrementEffect() { this instanceof CrementOperation } } diff --git a/rule_packages/c/SideEffects4.json b/rule_packages/c/SideEffects4.json index 1e1fa2f9a8..77121019de 100644 --- a/rule_packages/c/SideEffects4.json +++ b/rule_packages/c/SideEffects4.json @@ -6,7 +6,7 @@ }, "queries": [ { - "description": "Macro arguments can be expanded multiple times which can cause side-effects to be evaluated multiple times.", + "description": "Macro arguments can be expanded multiple times which can cause side-effects to be evaluated multiple times leading to unexpected program behavior.", "kind": "problem", "name": "Avoid side effects in arguments to unsafe macros", "precision": "low", @@ -14,7 +14,10 @@ "short_name": "SideEffectsInArgumentsToUnsafeMacros", "tags": [ "correctness" - ] + ], + "implementation_scope": { + "description": "This implementation only considers ++ and function call side effects. Due to the textual nature of macro expansion it is not always possible to determine accurately whether a side-effect was produced by a particular argument, and this may cause both false positives and false negatives. The query does not consider the case where a macro argument including a side-effect is never evaluated." + } } ], "title": "Avoid side effects in arguments to unsafe macros" From bef7b9e675400a23fe4c0898d72269c57c7f3fa3 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 29 Mar 2023 15:50:30 -0700 Subject: [PATCH 0939/2573] Address incorrect alert specification --- c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql b/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql index 4a2859c7cf..53eb49c05d 100644 --- a/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql +++ b/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql @@ -132,4 +132,4 @@ where ce.getThen().getAChild*() = va1 and ce.getElse().getAChild*() = va2 ) select fullExpr, "The expression contains unsequenced $@ to $@ and $@ to $@.", variableEffect1, - "side effect", va1, va1.getTarget(), placeHolder, label, va2, va2.getTarget() + "side effect", va1, va1.getTarget().getName(), placeHolder, label, va2, va2.getTarget().getName() From dc026577e34054094232e88e1c621c621e3aba7a Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 29 Mar 2023 15:51:16 -0700 Subject: [PATCH 0940/2573] Add support for MISRA example case --- .../rules/RULE-13-2/UnsequencedSideEffects.ql | 101 +++++++++++++++++- .../RULE-13-2/UnsequencedSideEffects.expected | 11 +- c/misra/test/rules/RULE-13-2/test.c | 11 +- 3 files changed, 112 insertions(+), 11 deletions(-) diff --git a/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql b/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql index 53eb49c05d..59b4bc660c 100644 --- a/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql +++ b/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql @@ -59,6 +59,101 @@ predicate sameFullExpr(FullExpr fe, VariableAccess va1, VariableAccess va2) { ) } +int getLeafCount(LeftRightOperation bop) { + if + not bop.getLeftOperand() instanceof BinaryOperation and + not bop.getRightOperand() instanceof BinaryOperation + then result = 2 + else + if + bop.getLeftOperand() instanceof BinaryOperation and + not bop.getRightOperand() instanceof BinaryOperation + then result = 1 + getLeafCount(bop.getLeftOperand()) + else + if + not bop.getLeftOperand() instanceof BinaryOperation and + bop.getRightOperand() instanceof BinaryOperation + then result = 1 + getLeafCount(bop.getRightOperand()) + else result = getLeafCount(bop.getLeftOperand()) + getLeafCount(bop.getRightOperand()) +} + +class LeftRightOperation extends Expr { + LeftRightOperation() { + this instanceof BinaryOperation or + this instanceof AssignOperation or + this instanceof AssignExpr + } + + Expr getLeftOperand() { + result = this.(BinaryOperation).getLeftOperand() + or + result = this.(AssignOperation).getLValue() + or + result = this.(AssignExpr).getLValue() + } + + Expr getRightOperand() { + result = this.(BinaryOperation).getRightOperand() + or + result = this.(AssignOperation).getRValue() + or + result = this.(AssignExpr).getRValue() + } + + Expr getAnOperand() { + result = getLeftOperand() or + result = getRightOperand() + } +} + +int getOperandIndexIn(FullExpr fullExpr, Expr operand) { + result = getOperandIndex(fullExpr, operand) + or + fullExpr.(Call).getArgument(result).getAChild*() = operand +} + +int getOperandIndex(LeftRightOperation binop, Expr operand) { + if operand = binop.getAnOperand() + then + operand = binop.getLeftOperand() and + result = 0 + or + operand = binop.getRightOperand() and + result = getLeafCount(binop.getLeftOperand()) + 1 + or + operand = binop.getRightOperand() and + not binop.getLeftOperand() instanceof LeftRightOperation and + result = 1 + else ( + // Child of left operand that is a binary operation. + result = getOperandIndex(binop.getLeftOperand(), operand) + or + // Child of left operand that is not a binary operation. + result = 0 and + not binop.getLeftOperand() instanceof LeftRightOperation and + binop.getLeftOperand().getAChild+() = operand + or + // Child of right operand and both left and right operands are binary operations. + result = + getLeafCount(binop.getLeftOperand()) + getOperandIndex(binop.getRightOperand(), operand) + or + // Child of right operand and left operand is not a binary operation. + result = 1 + getOperandIndex(binop.getRightOperand(), operand) and + not binop.getLeftOperand() instanceof LeftRightOperation + or + // Child of right operand that is not a binary operation and the left operand is a binary operation. + result = getLeafCount(binop.getLeftOperand()) + 1 and + binop.getRightOperand().getAChild+() = operand and + not binop.getRightOperand() instanceof LeftRightOperation + or + // Child of right operand that is not a binary operation and the left operand is not a binary operation. + result = 1 and + not binop.getLeftOperand() instanceof LeftRightOperation and + not binop.getRightOperand() instanceof LeftRightOperation and + binop.getRightOperand().getAChild+() = operand + ) +} + from ConstituentExprOrdering orderingConfig, FullExpr fullExpr, VariableEffect variableEffect1, VariableAccess va1, VariableAccess va2, Locatable placeHolder, string label @@ -98,11 +193,7 @@ where ) and // Break the symmetry of the ordering relation by requiring that the first expression is located before the second. // This builds upon the assumption that the expressions are part of the same full expression as specified in the ordering configuration. - exists(int offset1, int offset2 | - va1.getLocation().charLoc(_, offset1, _) and - va2.getLocation().charLoc(_, offset2, _) and - offset1 < offset2 - ) and + getOperandIndexIn(fullExpr, va1) < getOperandIndexIn(fullExpr, va2) and placeHolder = variableEffect2 and label = "side effect" ) diff --git a/c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.expected b/c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.expected index de0c33907e..17b89c2f01 100644 --- a/c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.expected +++ b/c/misra/test/rules/RULE-13-2/UnsequencedSideEffects.expected @@ -1,5 +1,6 @@ -| test.c:6:12:6:18 | ... + ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:6:12:6:13 | l1 | side effect | test.c:6:12:6:13 | l1 | test.c:4:16:4:17 | l1 | test.c:6:17:6:18 | l1 | side effect | test.c:6:17:6:18 | l1 | test.c:4:16:4:17 | l1 | -| test.c:7:12:7:18 | ... + ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:7:12:7:13 | l1 | side effect | test.c:7:12:7:13 | l1 | test.c:4:16:4:17 | l1 | test.c:7:17:7:18 | l2 | side effect | test.c:7:17:7:18 | l2 | test.c:4:20:4:21 | l2 | -| test.c:17:3:17:21 | ... = ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:17:8:17:9 | l1 | side effect | test.c:17:8:17:9 | l1 | test.c:4:16:4:17 | l1 | test.c:17:13:17:14 | l1 | side effect | test.c:17:13:17:14 | l1 | test.c:4:16:4:17 | l1 | -| test.c:19:3:19:5 | call to foo | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:19:7:19:8 | l1 | side effect | test.c:19:7:19:8 | l1 | test.c:4:16:4:17 | l1 | test.c:19:11:19:12 | l2 | side effect | test.c:19:11:19:12 | l2 | test.c:4:20:4:21 | l2 | -| test.c:25:3:25:5 | call to foo | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:25:7:25:10 | ... ++ | side effect | test.c:25:7:25:8 | l8 | test.c:15:7:15:8 | l8 | test.c:25:13:25:14 | l8 | read | test.c:25:13:25:14 | l8 | test.c:15:7:15:8 | l8 | +| test.c:6:12:6:18 | ... + ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:6:12:6:13 | l1 | side effect | test.c:6:12:6:13 | l1 | l1 | test.c:6:17:6:18 | l1 | side effect | test.c:6:17:6:18 | l1 | l1 | +| test.c:7:12:7:18 | ... + ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:7:12:7:13 | l1 | side effect | test.c:7:12:7:13 | l1 | l1 | test.c:7:17:7:18 | l2 | side effect | test.c:7:17:7:18 | l2 | l2 | +| test.c:17:3:17:21 | ... = ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:17:8:17:9 | l1 | side effect | test.c:17:8:17:9 | l1 | l1 | test.c:17:13:17:14 | l1 | side effect | test.c:17:13:17:14 | l1 | l1 | +| test.c:19:3:19:5 | call to foo | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:19:7:19:8 | l1 | side effect | test.c:19:7:19:8 | l1 | l1 | test.c:19:11:19:12 | l2 | side effect | test.c:19:11:19:12 | l2 | l2 | +| test.c:25:3:25:5 | call to foo | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:25:7:25:10 | ... ++ | side effect | test.c:25:7:25:8 | l8 | l8 | test.c:25:13:25:14 | l8 | read | test.c:25:13:25:14 | l8 | l8 | +| test.c:35:5:35:13 | ... = ... | The expression contains unsequenced $@ to $@ and $@ to $@. | test.c:35:10:35:12 | ... ++ | side effect | test.c:35:10:35:10 | i | i | test.c:35:10:35:12 | ... ++ | side effect | test.c:35:10:35:10 | i | i | diff --git a/c/misra/test/rules/RULE-13-2/test.c b/c/misra/test/rules/RULE-13-2/test.c index 6fbc827c4f..1bebec3775 100644 --- a/c/misra/test/rules/RULE-13-2/test.c +++ b/c/misra/test/rules/RULE-13-2/test.c @@ -1,6 +1,6 @@ void foo(int, int); -void unsequenced_sideeffects() { +void unsequenced_sideeffects1() { volatile int l1, l2; int l3 = l1 + l1; // NON_COMPLIANT @@ -25,4 +25,13 @@ void unsequenced_sideeffects() { foo(l8++, l8); // NON_COMPLIANT int l10 = l8++, l11 = l8++; // COMPLIANT +} + +int g1[], g2[]; +#define test(i) (g1[i] = g2[i]) +void unsequenced_sideeffects2() { + int i; + for (i = 0; i < 10; i++) { + test(i++); // NON_COMPLIANT + } } \ No newline at end of file From 11bc7ce50bf6a93c8d5928d4c299f56293969f2e Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 29 Mar 2023 23:47:17 +0100 Subject: [PATCH 0941/2573] Implement Rule 17.6 Adds a query to identify parameter array types which use the static keyword. Note: there is a CodeQL bug which means the static keyword is associated with the array size, not the specific parameter. --- .../src/rules/RULE-17-6/UseOfArrayStatic.ql | 21 +++++++++++++++ .../rules/RULE-17-6/UseOfArrayStatic.expected | 3 +++ .../rules/RULE-17-6/UseOfArrayStatic.qlref | 1 + c/misra/test/rules/RULE-17-6/test.c | 8 ++++++ .../cpp/exclusions/c/RuleMetadata.qll | 3 +++ .../cpp/exclusions/c/Static.qll | 26 +++++++++++++++++++ rule_packages/c/Static.json | 23 ++++++++++++++++ rules.csv | 2 +- 8 files changed, 86 insertions(+), 1 deletion(-) create mode 100644 c/misra/src/rules/RULE-17-6/UseOfArrayStatic.ql create mode 100644 c/misra/test/rules/RULE-17-6/UseOfArrayStatic.expected create mode 100644 c/misra/test/rules/RULE-17-6/UseOfArrayStatic.qlref create mode 100644 c/misra/test/rules/RULE-17-6/test.c create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/Static.qll create mode 100644 rule_packages/c/Static.json diff --git a/c/misra/src/rules/RULE-17-6/UseOfArrayStatic.ql b/c/misra/src/rules/RULE-17-6/UseOfArrayStatic.ql new file mode 100644 index 0000000000..876321c455 --- /dev/null +++ b/c/misra/src/rules/RULE-17-6/UseOfArrayStatic.ql @@ -0,0 +1,21 @@ +/** + * @id c/misra/use-of-array-static + * @name RULE-17-6: The declaration of an array parameter shall not contain the static keyword between the [ ] + * @description Using the static keyword in an array type is error prone, and relies on the + * programmer to adhere to the guarantees to avoid undefined behavior. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/misra/id/rule-17-6 + * correctness + * external/misra/obligation/mandatory + */ + +import cpp +import codingstandards.c.misra + +from Parameter p +where + not isExcluded(p, StaticPackage::useOfArrayStaticQuery()) and + p.getType().(ArrayType).hasSpecifier("static") +select p, "Parameter " + p + " is declared as an array type using the static keyword." diff --git a/c/misra/test/rules/RULE-17-6/UseOfArrayStatic.expected b/c/misra/test/rules/RULE-17-6/UseOfArrayStatic.expected new file mode 100644 index 0000000000..ddf892a15c --- /dev/null +++ b/c/misra/test/rules/RULE-17-6/UseOfArrayStatic.expected @@ -0,0 +1,3 @@ +| test.c:2:33:2:36 | arr2 | Parameter arr2 is declared as an array type using the static keyword. | +| test.c:3:39:3:42 | arr3 | Parameter arr3 is declared as an array type using the static keyword. | +| test.c:5:9:5:12 | arr4 | Parameter arr4 is declared as an array type using the static keyword. | diff --git a/c/misra/test/rules/RULE-17-6/UseOfArrayStatic.qlref b/c/misra/test/rules/RULE-17-6/UseOfArrayStatic.qlref new file mode 100644 index 0000000000..ecb67b2dfb --- /dev/null +++ b/c/misra/test/rules/RULE-17-6/UseOfArrayStatic.qlref @@ -0,0 +1 @@ +rules/RULE-17-6/UseOfArrayStatic.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-17-6/test.c b/c/misra/test/rules/RULE-17-6/test.c new file mode 100644 index 0000000000..14f04b5a9f --- /dev/null +++ b/c/misra/test/rules/RULE-17-6/test.c @@ -0,0 +1,8 @@ +void test_array(int arr1[10]) {} // COMPLIANT +void test_array_uses_static(int arr2[static 11]) {} // NON_COMPLIANT +void test_array_uses_static_multi(int arr3[static 12][5]) {} // NON_COMPLIANT +void test_array_uses_static_again( + int arr4[11]) { // COMPLIANT[FALSE_POSITIVE] - apparently a CodeQL + // bug where the static is associated with the fixed + // size +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index 58fd7b84cf..21cf4fcc9d 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -61,6 +61,7 @@ import Statements3 import Statements4 import Statements5 import Statements6 +import Static import Strings1 import Strings2 import Strings3 @@ -128,6 +129,7 @@ newtype TCQuery = TStatements4PackageQuery(Statements4Query q) or TStatements5PackageQuery(Statements5Query q) or TStatements6PackageQuery(Statements6Query q) or + TStaticPackageQuery(StaticQuery q) or TStrings1PackageQuery(Strings1Query q) or TStrings2PackageQuery(Strings2Query q) or TStrings3PackageQuery(Strings3Query q) or @@ -195,6 +197,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isStatements4QueryMetadata(query, queryId, ruleId, category) or isStatements5QueryMetadata(query, queryId, ruleId, category) or isStatements6QueryMetadata(query, queryId, ruleId, category) or + isStaticQueryMetadata(query, queryId, ruleId, category) or isStrings1QueryMetadata(query, queryId, ruleId, category) or isStrings2QueryMetadata(query, queryId, ruleId, category) or isStrings3QueryMetadata(query, queryId, ruleId, category) or diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Static.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Static.qll new file mode 100644 index 0000000000..92b07dd448 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Static.qll @@ -0,0 +1,26 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype StaticQuery = TUseOfArrayStaticQuery() + +predicate isStaticQueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `useOfArrayStatic` query + StaticPackage::useOfArrayStaticQuery() and + queryId = + // `@id` for the `useOfArrayStatic` query + "c/misra/use-of-array-static" and + ruleId = "RULE-17-6" and + category = "mandatory" +} + +module StaticPackage { + Query useOfArrayStaticQuery() { + //autogenerate `Query` type + result = + // `Query` type for `useOfArrayStatic` query + TQueryC(TStaticPackageQuery(TUseOfArrayStaticQuery())) + } +} diff --git a/rule_packages/c/Static.json b/rule_packages/c/Static.json new file mode 100644 index 0000000000..07f9240fa8 --- /dev/null +++ b/rule_packages/c/Static.json @@ -0,0 +1,23 @@ +{ + "MISRA-C-2012": { + "RULE-17-6": { + "properties": { + "obligation": "mandatory" + }, + "queries": [ + { + "description": "Using the static keyword in an array type is error prone, and relies on the programmer to adhere to the guarantees to avoid undefined behavior.", + "kind": "problem", + "name": "The declaration of an array parameter shall not contain the static keyword between the [ ]", + "precision": "very-high", + "severity": "error", + "short_name": "UseOfArrayStatic", + "tags": [ + "correctness" + ] + } + ], + "title": "The declaration of an array parameter shall not contain the static keyword between the [ ]" + } + } +} \ No newline at end of file diff --git a/rules.csv b/rules.csv index 7032f05284..e1ce57d6d5 100644 --- a/rules.csv +++ b/rules.csv @@ -716,7 +716,7 @@ c,MISRA-C-2012,RULE-17-2,Yes,Required,,,"Functions shall not call themselves, ei c,MISRA-C-2012,RULE-17-3,Yes,Mandatory,,,A function shall not be declared implicitly,,Declarations6,Medium, c,MISRA-C-2012,RULE-17-4,Yes,Mandatory,,,All exit paths from a function with non-void return type shall have an explicit return statement with an expression,MSC52-CPP,Statements5,Medium, c,MISRA-C-2012,RULE-17-5,Yes,Advisory,,,The function argument corresponding to a parameter declared to have an array type shall have an appropriate number of elements,,Contracts6,Hard, -c,MISRA-C-2012,RULE-17-6,No,Mandatory,,,The declaration of an array parameter shall not contain the static keyword between the [ ],,,, +c,MISRA-C-2012,RULE-17-6,Yes,Mandatory,,,The declaration of an array parameter shall not contain the static keyword between the [ ],,Static,Easy, c,MISRA-C-2012,RULE-17-7,Yes,Required,,,The value returned by a function having non-void return type shall be used,A0-1-2,Contracts6,Easy, c,MISRA-C-2012,RULE-17-8,Yes,Advisory,,,A function parameter should not be modified,,SideEffects2,Medium, c,MISRA-C-2012,RULE-18-1,Yes,Required,,,A pointer resulting from arithmetic on a pointer operand shall address an element of the same array as that pointer operand,M5-0-16,Pointers1,Import, From bd58c293352b553ce576accbd46714eeccb4cb1f Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 30 Mar 2023 00:04:37 +0100 Subject: [PATCH 0942/2573] Add implementation scope. --- rule_packages/c/Static.json | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/rule_packages/c/Static.json b/rule_packages/c/Static.json index 07f9240fa8..7edf903703 100644 --- a/rule_packages/c/Static.json +++ b/rule_packages/c/Static.json @@ -14,7 +14,10 @@ "short_name": "UseOfArrayStatic", "tags": [ "correctness" - ] + ], + "implementation_scope": { + "description": "The static keyword is associated with particular array types in our model. This means we can get false positives when two parameter use the same array type and size, but only one of which uses the `static` keyword." + } } ], "title": "The declaration of an array parameter shall not contain the static keyword between the [ ]" From ca80465fb6edf80dc782319fed38385ce00951f3 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 29 Mar 2023 16:57:00 -0700 Subject: [PATCH 0943/2573] Remove PRE31-C from side effects 3 --- rules.csv | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rules.csv b/rules.csv index 5c021ae1ed..a5fa7ceea0 100644 --- a/rules.csv +++ b/rules.csv @@ -586,7 +586,7 @@ c,CERT-C,POS52-C,OutOfScope,Rule,,,Do not perform operations that can block whil c,CERT-C,POS53-C,OutOfScope,Rule,,,Do not use more than one mutex for concurrent waiting operations on a condition variable,,,, c,CERT-C,POS54-C,OutOfScope,Rule,,,Detect and handle POSIX library errors,,,, c,CERT-C,PRE30-C,No,Rule,,,Do not create a universal character name through concatenation,,,Medium, -c,CERT-C,PRE31-C,Yes,Rule,,,Avoid side effects in arguments to unsafe macros,RULE-13-2,SideEffects3,Medium, +c,CERT-C,PRE31-C,Yes,Rule,,,Avoid side effects in arguments to unsafe macros,RULE-13-2,SideEffects,Medium, c,CERT-C,PRE32-C,Yes,Rule,,,Do not use preprocessor directives in invocations of function-like macros,,Preprocessor5,Hard, c,CERT-C,SIG30-C,Yes,Rule,,,Call only asynchronous-safe functions within signal handlers,,SignalHandlers,Medium, c,CERT-C,SIG31-C,Yes,Rule,,,Do not access shared objects in signal handlers,,SignalHandlers,Medium, From f0d8026b4d3959341fa9ff7f9bdd6eb85e802e77 Mon Sep 17 00:00:00 2001 From: Remco Vermeulen Date: Wed, 29 Mar 2023 17:00:39 -0700 Subject: [PATCH 0944/2573] Update FullExpr.expected --- c/common/test/library/expr/FullExpr.expected | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/common/test/library/expr/FullExpr.expected b/c/common/test/library/expr/FullExpr.expected index 4785b90024..c712793f8b 100644 --- a/c/common/test/library/expr/FullExpr.expected +++ b/c/common/test/library/expr/FullExpr.expected @@ -1,4 +1,4 @@ -| fullexpr.c:8:18:11:37 | temporary object | +| fullexpr.c:8:18:11:37 | {...} | | fullexpr.c:13:3:13:5 | ... ++ | | fullexpr.c:15:7:15:7 | i | | fullexpr.c:17:10:17:10 | i | From 8539f46d778bd3c2ce0cd57be632bd32d7a51d82 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Thu, 30 Mar 2023 06:11:01 +0200 Subject: [PATCH 0945/2573] OutOfBounds: WIP libraries --- .vscode/tasks.json | 1 + ...ibraryFunctionArgumentOutOfBounds.expected | 1 + .../LibraryFunctionArgumentOutOfBounds.qlref | 1 + c/cert/test/rules/ARR38-C/test.c | 456 +++++++++++ .../src/codingstandards/c/OutOfBounds.qll | 705 ++++++++++++++++++ c/common/src/codingstandards/c/Pointers.qll | 29 + .../cpp/exclusions/c/OutOfBounds.qll | 78 ++ .../cpp/exclusions/c/RuleMetadata.qll | 3 + rule_packages/c/OutOfBounds.json | 86 +++ rules.csv | 4 +- 10 files changed, 1362 insertions(+), 2 deletions(-) create mode 100644 c/cert/test/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.expected create mode 100644 c/cert/test/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.qlref create mode 100644 c/cert/test/rules/ARR38-C/test.c create mode 100644 c/common/src/codingstandards/c/OutOfBounds.qll create mode 100644 cpp/common/src/codingstandards/cpp/exclusions/c/OutOfBounds.qll create mode 100644 rule_packages/c/OutOfBounds.json diff --git a/.vscode/tasks.json b/.vscode/tasks.json index 8cebadd0c3..d84a94baee 100644 --- a/.vscode/tasks.json +++ b/.vscode/tasks.json @@ -248,6 +248,7 @@ "Null", "OperatorInvariants", "Operators", + "OutOfBounds", "Pointers", "Pointers1", "Pointers2", diff --git a/c/cert/test/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.expected b/c/cert/test/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/cert/test/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/cert/test/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.qlref b/c/cert/test/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.qlref new file mode 100644 index 0000000000..ac4dcf9bf7 --- /dev/null +++ b/c/cert/test/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.qlref @@ -0,0 +1 @@ +rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.ql \ No newline at end of file diff --git a/c/cert/test/rules/ARR38-C/test.c b/c/cert/test/rules/ARR38-C/test.c new file mode 100644 index 0000000000..f58b64bcd7 --- /dev/null +++ b/c/cert/test/rules/ARR38-C/test.c @@ -0,0 +1,456 @@ +#include +#include +#include +#include + +char *get_ca_5(void) { return malloc(5 * sizeof(char)); } + +char *get_ca_5_zeroed(void) { + char *p = malloc(5 * sizeof(char)); + memset(p, 0, 5 * sizeof(char)); +} + +int compare(void *, void *) {} + +void test_strings(int flow, int unk_size) { + char ca5_good[5] = "test"; // ok + char ca5_bad[5] = "test1"; // no null terminator + char ca6_good[6] = "test1"; // ok + char ca6_bad[6] = "test12"; // no null terminator + + wchar_t wa5_good[5] = L"test"; // ok + wchar_t wa5_bad[5] = L"test1"; // no null terminator + wchar_t wa6_good[6] = L"test"; // ok + wchar_t wa6_bad[6] = L"test12"; // no null terminator + + // strchr + strchr(ca5_good, 't'); // COMPLIANT + strchr(ca5_bad, 't'); // NON_COMPLIANT + strchr(ca5_good + 4, 't'); // COMPLIANT + strchr(ca5_good + 5, 't'); // NON_COMPLIANT + + if (flow) { + // strcpy from literal + strcpy(ca5_good, "test1"); // NON_COMPLIANT + strcpy(ca5_bad, "test"); // COMPLIANT + } + + if (flow) { + // strcpy to char buffer indirect + strcpy(get_ca_5(), ca5_good); // COMPLIANT + strcpy(get_ca_5(), ca5_bad); // NON_COMPLIANT + strcpy(get_ca_5(), ca6_good); // NON_COMPLIANT + } + + // strcpy between string buffers (must be null-terminated) + if (flow) { + strcpy(ca5_good, ca6_good); + } // NON_COMPLIANT + if (flow) { + strcpy(ca5_good, ca6_bad); + } // NON_COMPLIANT + if (flow) { + strcpy(ca5_bad, ca6_good); + } // NON_COMPLIANT + if (flow) { + strcpy(ca6_bad, ca5_good); + } // COMPLIANT + if (flow) { + strcpy(ca6_bad, ca5_bad); + } // NON_COMPLIANT + if (flow) { + strcpy(get_ca_5(), ca5_good); + } // COMPLIANT + if (flow) { + strcpy(get_ca_5(), ca5_bad); + } // NON_COMPLIANT + if (flow) { + strcpy(get_ca_5(), ca6_good); + } // NON_COMPLIANT + if (flow) { + strcpy(ca5_good, get_ca_5()); + } // NON_COMPLIANT[FALSE_NEGATIVE] + + // strncpy between char buffers (does not have to be null-terminated) + if (flow) { + strncpy(ca5_good, ca6_good, 4); + } // COMPLIANT + if (flow) { + strncpy(ca5_good, ca6_good, 5); + } // COMPLIANT + if (flow) { + strncpy(ca5_good, ca6_bad, 4); + } // COMPLIANT + if (flow) { + strncpy(ca5_good, ca5_good, 5); + } // COMPLIANT + if (flow) { + strncpy(ca5_bad, ca5_bad, 5); + } // COMPLIANT + if (flow) { + strncpy(ca5_bad, ca5_good, 6); + } // NON_COMPLIANT + if (flow) { + strncpy(ca6_bad, ca5_good, 5); + } // COMPLIANT + if (flow) { + strncpy(ca6_bad, ca5_good, 6); + } // NON_COMPLIANT[FALSE_POSITIVE] + if (flow) { + strncpy(ca5_good + 1, ca5_good + 2, 3); + } // COMPLIANT + if (flow) { + strncpy(ca5_good + 1, ca5_good + 2, 2); + } // COMPLIANT + + // wrong allocation size + char *p1 = malloc(strlen(ca5_good) + 1); + char *p2 = malloc(strlen(ca5_good)); + + // memcpy with strings and strlen + if (flow) { + memcpy(p1, ca5_good, strlen(ca5_good) + 1); + } // COMPLIANT + if (flow) { + memcpy(p2, ca5_good, strlen(ca5_good) + 1); + } // NON_COMPLIANT + if (flow) { + memcpy(p2 + 1, ca5_good, strlen(ca5_good) - 1); + } // COMPLIANT + if (flow) { + memcpy(p1, ca5_good, strlen(ca5_good)); + } // COMPLIANT - but not terminated + if (flow) { + memcpy(p2, ca5_good, strlen(ca5_good)); + } // COMPLIANT - but not terminated + + // strcat + if (flow) { + char buf0[10]; // memset after first use + char buf1[10]; // no memset + char buf2[10]; // memset before first use + char buf3[10] = {'\0'}; + char buf4[10] = "12345"; + + strcat(buf0, " "); // COMPLIANT[FALSE_NEGATIVE] - not null terminated at + // initialization + + memset(buf0, 0, sizeof(buf0)); // COMPLIANT + memset(buf2, 0, sizeof(buf2)); // COMPLIANT + + strcat(buf1, " "); // NON_COMPLIANT - not null terminated + strcat(buf2, " "); // COMPLIANT + strcat(buf3, " "); // COMPLIANT + strcat(buf4, "12345"); // NON_COMPLIANT + + strcat(get_ca_5(), "12345"); // NON_COMPLIANT + strcat(get_ca_5(), "1234"); // COMPLIANT + strcat(get_ca_5() + 1, "1234"); // NON_COMPLIANT + } + + // wcsncat + if (flow) { + wchar_t buf0[10]; // memset after first use + wchar_t buf1[10]; // no memset + wchar_t buf2[10]; // memset before first use + wchar_t buf3[10] = {L'\0'}; + wchar_t buf4[10] = L"12345"; + + wcsncat( + buf0, L" ", + 1); // COMPLIANT[FALSE_NEGATIVE] - not null terminated at initialization + + memset(buf0, 0, sizeof(buf0)); // COMPLIANT + memset(buf2, 0, sizeof(buf2)); // COMPLIANT + + wcsncat(buf1, L" ", 1); // NON_COMPLIANT - not null terminated + wcsncat(buf2, L" ", 1); // COMPLIANT + wcsncat(buf3, L" ", 1); // COMPLIANT + wcsncat(buf4, L"12345", 5); // NON_COMPLIANT + + wcsncat(get_ca_5_zeroed(), L"12345", 5); // NON_COMPLIANT + wcsncat(get_ca_5_zeroed(), L"1234", 4); // NON_COMPLIANT + wcsncat(get_ca_5_zeroed() + 1, L"1234", 4); // NON_COMPLIANT + wcsncat(get_ca_5_zeroed(), L"12", + 2); // NON_COMPLIANT - 4 (bytes) + 2 (null term) copied + wcsncat(get_ca_5_zeroed() + 1, L"1", + 1); // COMPLIANT - 2 (bytes) + 2 (null term) copied + } + + // strcmp + if (flow) { + strcmp(ca5_good, ca5_bad); // NON_COMPLIANT + strcmp(ca5_good, ca5_good); // COMPLIANT + strcmp(ca5_bad, ca5_good); // NON_COMPLIANT + strcmp(ca5_good, ca6_good); // COMPLIANT + strcmp(ca6_good, ca5_good); // COMPLIANT + } + + // strncmp + if (flow) { + strncmp(ca5_good, ca5_bad, 4); // COMPLIANT + strncmp(ca5_good, ca5_bad, 5); // NON_COMPLIANT + } +} + +void test_wrong_buf_size(void) { + + // fgets + { + char buf[128]; + fgets(buf, sizeof(buf), stdin); // COMPLIANT + fgets(buf, sizeof(buf) - 1, stdin); // COMPLIANT + fgets(buf, sizeof(buf) + 1, stdin); // NON_COMPLIANT + fgets(buf, 0, stdin); // NON_COMPLIANT + fgets(buf + 1, sizeof(buf) - 1, stdin); // COMPLIANT + fgets(buf + 1, sizeof(buf), stdin); // NON_COMPLIANT + } + + // fgetws + { + wchar_t wbuf[128]; + fgetws(wbuf, sizeof(wbuf), stdin); // NON_COMPLIANT + fgetws(wbuf, sizeof(wbuf) / sizeof(*wbuf), stdin); // COMPLIANT + fgetws(wbuf, sizeof(wbuf) / sizeof(*wbuf) - 1, stdin); // COMPLIANT + fgetws(wbuf, sizeof(wbuf) / sizeof(*wbuf) + 1, stdin); // NON_COMPLIANT + fgetws(wbuf, 0, stdin); // NON_COMPLIANT + fgetws(wbuf + 1, sizeof(wbuf) / sizeof(*wbuf) - 1, stdin); // NON_COMPLIANT + fgetws(wbuf + 1, sizeof(wbuf) / sizeof(*wbuf) - 2, stdin); // COMPLIANT + fgetws(wbuf + 1, sizeof(wbuf) / sizeof(*wbuf), stdin); // NON_COMPLIANT + } + + // mbstowcs + { + char buf1[128] = {0}; + char buf2[128]; + wchar_t wbuf[128]; + + mbstowcs(wbuf, buf1, sizeof(wbuf)); // NON_COMPLIANT - count too large + mbstowcs(wbuf, buf1, sizeof(buf1)); // COMPLIANT - but wrong arithmetic + mbstowcs(wbuf, buf2, + sizeof(wbuf) / + sizeof(wchar_t)); // NON_COMPLIANT - not null-terminated + mbstowcs(wbuf, buf1, sizeof(wbuf) / sizeof(wchar_t)); // COMPLIANT + } + + // wcstombs + { + char buf[128]; + wchar_t wbuf[128] = {0}; + wcstombs(buf, wbuf, sizeof(wbuf)); // NON_COMPLIANT - count too large + wcstombs(buf, wbuf, sizeof(buf)); // COMPLIANT + wcstombs(buf + 1, wbuf + 1, sizeof(buf) - 1); // COMPLIANT + wcstombs(buf + 1, wbuf + 1, sizeof(buf)); // NON_COMPLIANT + } + + // mbtowc + { + wchar_t c; + char buf[2]; + mbtowc(&c, buf, sizeof(buf)); // COMPLIANT + mbtowc(&c, buf, sizeof(buf) - 1); // COMPLIANT + mbtowc(&c, buf, sizeof(buf) + 1); // NON_COMPLIANT + mbtowc(NULL, NULL, 0); // COMPLIANT - exception + } + + // mblen + { + char buf[3]; + mblen(buf, sizeof(buf)); // COMPLIANT + mblen(buf, sizeof(buf) + 1); // NON_COMPLIANT + mblen((char *)malloc(5), sizeof(buf) * 2); // NON_COMPLIANT + mblen(NULL, 0); // COMPLIANT - exception + } + + // memchr, memset + { + char buf[128]; + memchr(buf, 0, sizeof(buf)); // COMPLIANT + memchr(buf, 0, sizeof(buf) + 1); // NON_COMPLIANT + memset(buf, 0, sizeof(buf) + 1); // NON_COMPLIANT + memchr(buf, 0, sizeof(buf) - 1); // COMPLIANT + memchr(NULL, 0, sizeof(buf)); // NON_COMPLIANT + } + + // strftime + { + char buf[128]; + strftime(buf, sizeof(buf), "%Y-%m-%d", NULL); // COMPLIANT + strftime(buf, sizeof(buf) + 1, "%Y-%m-%d", NULL); // NON_COMPLIANT + strftime(buf, sizeof(buf) - 1, "%Y-%m-%d", NULL); // COMPLIANT + strftime(buf + 1, sizeof(buf), "%Y-%m-%d", NULL); // NON_COMPLIANT + } + + // wcsftime + { + wchar_t wbuf[128] = {0}; + wchar_t format_bad[8] = L"%Y-%m-%d"; + wcsftime(wbuf, sizeof(wbuf) / sizeof(wchar_t), L"%Y-%m-%d", + NULL); // COMPLIANT + wcsftime(wbuf, sizeof(wbuf) / sizeof(wchar_t) + 2, L"%Y-%m-%d", + NULL); // NON_COMPLIANT + wcsftime(wbuf, sizeof(wbuf) / sizeof(wchar_t) - 2, L"%Y-%m-%d", + NULL); // COMPLIANT + wcsftime(wbuf, sizeof(wbuf) / sizeof(wchar_t), format_bad, + NULL); // NON_COMPLIANT + wcsftime(wbuf + 1, sizeof(wbuf) / sizeof(wchar_t), L"%Y-%m-%d", + NULL); // NON_COMPLIANT + wcsftime(wbuf, sizeof(wbuf), L"%Y-%m-%d", NULL); // NON_COMPLIANT + } + + // strxfrm + { + char buf[64]; + char buf2[128]; + strxfrm(buf, "abc", sizeof(buf)); // COMPLIANT + strxfrm(buf, "abc", sizeof(buf) + 1); // NON_COMPLIANT + strxfrm(buf, "abc", sizeof(buf) - 1); // COMPLIANT + strxfrm(buf + 1, buf2, sizeof(buf) - 1); // COMPLIANT + } + + // wcsxfrm + { + wchar_t wbuf[64]; + wchar_t wbuf2[128]; + wcsxfrm(wbuf, L"abc", sizeof(wbuf) / sizeof(wchar_t)); // COMPLIANT + wcsxfrm(wbuf, L"abc", sizeof(wbuf) / sizeof(wchar_t) + 1); // NON_COMPLIANT + wcsxfrm(wbuf, L"abc", sizeof(wbuf) / sizeof(wchar_t) - 1); // COMPLIANT + wcsxfrm(wbuf + 1, wbuf2, sizeof(wbuf) / sizeof(wchar_t) - 1); // COMPLIANT + } + + // snprintf (and vsnprintf, swprintf, vswprintf) + { + char str_bad[2] = "12"; + char buf[64]; + snprintf(buf, sizeof(buf), "%s", ""); // COMPLIANT + snprintf(buf, sizeof(buf), "%s", + str_bad); // NON_COMPLIANT[FALSE_NEGATIVE] - not checked + snprintf(buf, sizeof(buf) + 1, "test"); // NON_COMPLIANT + } + + // setvbuf + { + FILE *f; + char buf[64]; + setvbuf(f, buf, _IOFBF, sizeof(buf)); // COMPLIANT + setvbuf(f, buf, _IOFBF, sizeof(buf) + 1); // NON_COMPLIANT + setvbuf(f, buf, _IOFBF, sizeof(buf) - 1); // COMPLIANT + setvbuf(f, buf + 1, _IOFBF, sizeof(buf)); // NON_COMPLIANT + setvbuf(f, NULL, _IOFBF, 0); // COMPLIANT - exception + } + + // "memcpy", "wmemcpy", "memmove", "wmemmove", "memcmp", "wmemcmp" + + // memcpy + { + char buf[64]; + char buf2[64]; + wchar_t wbuf[64]; + wchar_t wbuf2[64]; + + memcpy(buf, buf2, sizeof(buf)); // COMPLIANT + memcpy(buf, buf2, sizeof(buf) + 1); // NON_COMPLIANT + memcpy(buf, buf2, sizeof(buf) - 1); // COMPLIANT + memcpy(buf + 1, buf2, sizeof(buf)); // NON_COMPLIANT + memcpy(buf, buf2 + 1, sizeof(buf) * 2); // NON_COMPLIANT + } + + // wmemcpy + { + wchar_t wbuf128[128]; + wchar_t wbuf64[64]; + + wmemcpy(wbuf128, wbuf64, sizeof(wbuf64) / sizeof(wchar_t)); // COMPLIANT + wmemcpy(wbuf128, wbuf64, + sizeof(wbuf128) / sizeof(wchar_t)); // NON_COMPLIANT + wmemcpy(wbuf128, wbuf64, sizeof(wbuf64) / sizeof(wchar_t) - 1); // COMPLIANT + wmemcpy(wbuf64 + 1, wbuf64, + sizeof(wbuf64) / sizeof(wchar_t)); // NON_COMPLIANT + wmemcpy(wbuf64 + 1, wbuf64 + 1, + sizeof(wbuf64) / sizeof(wchar_t)); // NON_COMPLIANT + wmemcpy(wbuf64 + 1, wbuf64 + 1, + sizeof(wbuf64) / sizeof(wchar_t) - 1); // NON_COMPLIANT + wmemcpy(wbuf64 + 1, wbuf64 + 1, + sizeof(wbuf64) / sizeof(wchar_t) - 2); // COMPLIANT + } + + // bsearch + { + int arr[10]; + int key = 0; + bsearch(&key, arr, sizeof(arr) / sizeof(int), sizeof(int), + compare); // COMPLIANT + bsearch(&key, arr, sizeof(arr) / sizeof(int) + 1, sizeof(int), + compare); // NON_COMPLIANT + bsearch(&key, arr, sizeof(arr) / sizeof(int) - 1, sizeof(int), + compare); // COMPLIANT + bsearch(&key, arr + 1, sizeof(arr) / sizeof(int) - 1, sizeof(int), + compare); // NON_COMPLIANT + bsearch(NULL, arr, sizeof(arr) / sizeof(int), sizeof(int), + compare); // NON_COMPLIANT + bsearch(&key, NULL, sizeof(arr) / sizeof(int), sizeof(int), + compare); // NON_COMPLIANT + bsearch(&key, arr, sizeof(arr) / sizeof(int), sizeof(int), + NULL); // NON_COMPLIANT + } + + // qsort + { + int arr[10]; + qsort(arr, sizeof(arr) / sizeof(int), sizeof(int), compare); // COMPLIANT + qsort(arr, sizeof(arr) / sizeof(int) + 1, sizeof(int), + compare); // NON_COMPLIANT + qsort(arr, sizeof(arr) / sizeof(int) - 1, sizeof(int), + compare); // COMPLIANT + qsort(arr + 1, sizeof(arr) / sizeof(int) - 1, sizeof(int), + compare); // NON_COMPLIANT + qsort(arr, sizeof(arr) / sizeof(int), sizeof(int), NULL); // NON_COMPLIANT + } +} + +void test_fread_fwrite_static(char *file_name) { + FILE *f = fopen(file_name, "r"); + char buf[64]; + fread(buf, sizeof(buf), 1, f); // COMPLIANT + fread(buf, sizeof(buf) + 1, 1, f); // NON_COMPLIANT + fread(buf, sizeof(buf) - 1, 1, f); // COMPLIANT + fread(buf + 1, sizeof(buf), 1, f); // NON_COMPLIANT + fread(buf, sizeof(buf) * 2, 1, f); // NON_COMPLIANT + fwrite(buf, sizeof(buf), 1, f); // COMPLIANT + fwrite(buf, sizeof(buf) + 1, 1, f); // NON_COMPLIANT + fwrite(buf, sizeof(buf) - 1, 1, f); // COMPLIANT + fwrite(buf + 1, sizeof(buf), 1, f); // NON_COMPLIANT + fwrite(buf, sizeof(buf) * 2, 1, f); // NON_COMPLIANT + fclose(f); +} + +void test_read_file(const char *file_name) { + FILE *f = fopen(file_name, "rb"); + + fseek(f, 0, SEEK_END); + long len = ftell(f); + rewind(f); + + char *buf = malloc(len + 1); + + // not correct behaviour below but suffices to test overflow + rewind(f); + fread(buf + 1, len - 1, 1, f); // COMPLIANT + rewind(f); + fread(buf + 1, len, 1, f); // COMPLIANT + rewind(f); + fread(buf + 1, len + 1, 1, f); // COMPLIANT + rewind(f); + fread(buf + 1, len + 2, 1, f); // COMPLIANT + rewind(f); + fread(buf + 1, len + 3, 1, f); // NON_COMPLIANT + + fclose(f); +} + +void test_equivalent_expressions(void *in, int x, int y) { + short *p = malloc(x * y * sizeof(short)); + memcpy(p, in, x * y * sizeof(short)); // COMPLIANT + memcpy(p, in, x * y * sizeof(short) + 1); // NON_COMPLIANT + memcpy(p, in, x * y * sizeof(short) - 1); // COMPLIANT +} \ No newline at end of file diff --git a/c/common/src/codingstandards/c/OutOfBounds.qll b/c/common/src/codingstandards/c/OutOfBounds.qll new file mode 100644 index 0000000000..a16384bf98 --- /dev/null +++ b/c/common/src/codingstandards/c/OutOfBounds.qll @@ -0,0 +1,705 @@ +/** + * This module provides classes and predicates for analyzing the size of buffers + * or objects from their base or a byte-offset, and identifying the potential for + * expressions accessing those buffers to overflow. + */ + +import cpp +import codingstandards.c.Pointers +import codingstandards.c.Variable +import codingstandards.cpp.Allocations +import codingstandards.cpp.Overflow +import codingstandards.cpp.PossiblyUnsafeStringOperation +import codingstandards.cpp.SimpleRangeAnalysisCustomizations +import semmle.code.cpp.dataflow.DataFlow +import semmle.code.cpp.valuenumbering.GlobalValueNumbering +import semmle.code.cpp.security.BufferAccess + +module OutOfBounds { + bindingset[name, result] + private string getNameOrInternalName(string name) { + name.regexpMatch("__.*_+(?:" + result + ")") + } + + /** + * MISRA-C Rule 21.17 function table of names and parameter indices + * which covers functions from that rely on null-terminated strings. + * + * This table is a subset of `libraryFunctionNameParamTable`. + * + * Note: These functions do not share a common semantic pattern of source and destination + * parameters with the other functions explicitly defined in `libraryFunctionNameParamTable`, + * although they do share a common issue of parsing non-null-terminated strings. + * The `NullTerminatedStringBufferAccessLibraryFunction` base class provides an appropriate + * interface for analyzing the functions in the below table. + */ + private Function libraryFunctionNameParamTableSimpleString(string name, + int dst, int src, int src_sz, int dst_sz) + { + result.hasGlobalOrStdName(name) and + src_sz = -1 and + dst_sz = -1 and + ( + name = "strcat" and + dst = 0 and + src = 1 + or + name = "strchr" and + dst = -1 and + src = 0 + or + name = ["strcmp", "strcoll"] and + dst = -1 and + src = [0, 1] + or + name = "strcpy" and + dst = 0 and + src = 1 + or + name = "strcspn" and + dst = -1 and + src = [0, 1] + or + name = "strlen" and + dst = -1 and + src = 0 + or + name = "strpbrk" and + dst = -1 and + src = [0, 1] + or + name = "strrchr" and + dst = -1 and + src = 0 + or + name = "strspn" and + dst = -1 and + src = [0, 1] + or + name = "strstr" and + dst = -1 and + src = [0, 1] + or + name = "strtok" and + dst = 0 and + src = 1 + ) + } + + /** + * An expansion of `libraryFunctionNameParamTableSimpleString` to include internal functions with + * prefixes/suffixes such as "__builtin_%"" or "%_chk" (e.g. `__builtin___strcpy_chk`) + */ + bindingset[name] + Function libraryFunctionNameParamTableSimpleStringRegex(string name, int dst, int src, int src_sz, int dst_sz) { + exists(string stdName | + result = libraryFunctionNameParamTableSimpleString(stdName, dst, src, src_sz, dst_sz) and + ( + name = stdName + or + getNameOrInternalName(name) = stdName + ) + ) + } + + /** + * A relation of the indices of buffer and size parameters of standard library functions + * which are defined in rules CERT ARR38-C and MISRA-C rules 21.17 and 21.18. + */ + private Function libraryFunctionNameParamTable( + string name, int dst, int src, int src_sz, int dst_sz + ) { + result = libraryFunctionNameParamTableSimpleString(name, dst, src, src_sz, dst_sz) + or + result.hasGlobalOrStdName(name) and + ( + name = ["fgets", "fgetws"] and + dst = 0 and + src = -1 and + src_sz = -1 and + dst_sz = 1 + or + name = ["mbstowcs", "wcstombs"] and + dst = 0 and + src = 1 and + src_sz = -1 and + dst_sz = 2 + or + name = ["mbrtoc16", "mbrtoc32"] and + dst = 0 and + src = 1 and + src_sz = 2 and + dst_sz = -1 + or + name = ["mbsrtowcs", "wcsrtombs"] and + dst = 0 and + src = 1 and + src_sz = -1 and + dst_sz = 2 + or + name = ["mbtowc", "mbrtowc"] and + dst = 0 and + src = 1 and + src_sz = 2 and + dst_sz = -1 + or + name = ["mblen", "mbrlen"] and + dst = -1 and + src = 0 and + src_sz = 1 and + dst_sz = -1 + or + name = ["memchr", "wmemchr"] and + dst = -1 and + src = 0 and + src_sz = 2 and + dst_sz = -1 + or + name = ["memset", "wmemset"] and + dst = 0 and + src = -1 and + src_sz = -1 and + dst_sz = 2 + or + name = ["strftime", "wcsftime"] and + dst = 0 and + src = -1 and + src_sz = -1 and + dst_sz = 1 + or + name = ["strxfrm", "wcsxfrm"] and + dst = 0 and + src = 1 and + src_sz = -1 and + dst_sz = 2 + or + name = ["strncat", "wcsncat"] and + dst = 0 and + src = 1 and + src_sz = 2 and + dst_sz = -1 + or + name = "wcsncat" and + dst = 0 and + src = 1 and + src_sz = 2 and + dst_sz = -1 + or + name = ["snprintf", "vsnprintf", "swprintf", "vswprintf"] and + dst = 0 and + src = -1 and + src_sz = -1 and + dst_sz = 1 + or + name = "setvbuf" and + dst = -1 and + src = 1 and + src_sz = 3 and + dst_sz = -1 + or + name = + [ + "memcpy", "wmemcpy", "memmove", "wmemmove", "strncpy", "wcsncpy", "memcmp", "wmemcmp", + "strncmp", "wcsncmp" + ] and + dst = 0 and + src = 1 and + src_sz = 2 and + dst_sz = 2 + or + name = ["bsearch", "qsort"] and + dst = 1 and + src = -1 and + src_sz = -1 and + dst_sz = -1 + or + name = ["fread", "fwrite"] and + dst = 0 and + src = -1 and + src_sz = -1 and + dst_sz = -1 + ) + } + + /** + * An expansion of `libraryFunctionNameParamTable` to include internal functions with + * prefixes/suffixes such as "__builtin_%"" or "%_chk" (e.g. `__builtin___strncpy_chk`) + */ + bindingset[name] + Function libraryFunctionNameParamTableRegex(string name, int dst, int src, int src_sz, int dst_sz) { + exists(string stdName | + result = libraryFunctionNameParamTable(stdName, dst, src, src_sz, dst_sz) and + ( + name = stdName + or + getNameOrInternalName + (name) = stdName + ) + ) + } + + /** + * A library function that accesses one or more buffers supplied via arguments. + */ + class BufferAccessLibraryFunction extends Function { + BufferAccessLibraryFunction() { + this = libraryFunctionNameParamTableRegex(this.getName(), _, _, _, _) + } + + int getWriteParamIndex() { + this = libraryFunctionNameParamTableRegex(this.getName(), result, _, _, _) + } + + int getReadParamIndex() { + this = libraryFunctionNameParamTableRegex(this.getName(), _, result, _, _) + } + + int getReadSizeParamIndex() { + this = libraryFunctionNameParamTableRegex(this.getName(), _, _, result, _) + } + + int getWriteCountParamIndex() { + this = libraryFunctionNameParamTableRegex(this.getName(), _, _, _, result) + } + + Parameter getReadParam() { result = this.getParameter(this.getReadParamIndex()) } + + Parameter getWriteParam() { result = this.getParameter(this.getWriteParamIndex()) } + + Parameter getReadSizeParam() { result = this.getParameter(this.getReadSizeParamIndex()) } + + Parameter getWriteSizeParam() { result = this.getParameter(this.getWriteCountParamIndex()) } + + int getDestinationParameterElementSize() { + this.getWriteParam().getType().(PointerType).getBaseType().getSize() = result + } + + int getSourceParameterElementSize() { + this.getReadParam().getType().(PointerType).getBaseType().getSize() = result + } + + predicate getANullTerminatedParameterIndex(int i) { + // by default, require null-terminated parameters for src but not dst + this.getReadParam().getIndex() = i + } + + predicate sizeArgExclusiveOfNullTerminator(int i) { + // by default, require size parameters to be exclusive of null terminator + i >= 0 and + i <= this.getNumberOfParameters() and + ( + this = libraryFunctionNameParamTableRegex(this.getName(), _, _, i, _) + ) + } + } + + /** + * A library function that accesses one or more string buffers and has no + * additional parameters for specifying the size of the buffers. + */ + class SimpleStringLibraryFunction extends BufferAccessLibraryFunction { + SimpleStringLibraryFunction() { + this = libraryFunctionNameParamTableSimpleStringRegex(this.getName(), _, _, _, _) + } + } + + /** + * A `BufferAccessLibraryFunction` that performs string concatenation. + */ + abstract class StringConcatenationFunctionLibraryFunction extends BufferAccessLibraryFunction { } + + /** + * A `BufferAccessLibraryFunction` modelling `strcat` + */ + class StrcatLibraryFunction extends + StringConcatenationFunctionLibraryFunction, SimpleStringLibraryFunction { + StrcatLibraryFunction() { this.getName() = getNameOrInternalName("strcat") } + + override predicate nullTerminatedParameter(int i) { + // `strcat` requires null-terminated parameters for both src and dst + i = [0, 1] + } + } + + /** + * A `BufferAccessLibraryFunction` modelling `strncat` or `wcsncat` + */ + class StrncatLibraryFunction extends StringConcatenationFunctionLibraryFunction { + StrncatLibraryFunction() { this.getName() = getNameOrInternalName(["strncat", "wcsncat"]) } + + override predicate nullTerminatedParameter(int i) { + // `strncat` requires null-terminated parameters for both src and dst + i = [0, 1] + } + } + + /** + * A `FunctionCall` to a `BufferAccessLibraryFunction` that provides predicates for + * reasoning about buffer overflow and other buffer access violations. + */ + abstract class BufferAccessLibraryFunctionCall extends FunctionCall { + BufferAccessLibraryFunctionCall() { this.getTarget() instanceof BufferAccessLibraryFunction } + + Expr getReadArg() { + result = this.getArgument(this.getTarget().(BufferAccessLibraryFunction).getReadParamIndex()) + } + + Expr getWriteArg() { + result = this.getArgument(this.getTarget().(BufferAccessLibraryFunction).getWriteParamIndex()) + } + + Expr getReadSizeArg() { + result = + this.getArgument(this.getTarget().(BufferAccessLibraryFunction).getReadSizeParamIndex()) + } + + Expr getWriteSizeArg() { + result = + this.getArgument(this.getTarget().(BufferAccessLibraryFunction).getWriteCountParamIndex()) + } + } + + /** + * A `FunctionCall` to a `BufferAccessLibraryFunction` that contains only one or two string buffers + * as its arguments but no specific size arguments, as size is deduced via null-termination. + */ + class SimpleStringBufferAccessLibraryFunctionCall extends BufferAccessLibraryFunction { + SimpleStringBufferAccessLibraryFunction + } + + int getStatedAllocValue(Expr e) { + // `upperBound(e)` defaults to `exprMaxVal(e)` when `e` isn't analyzable. So to get a meaningful + // result in this case we pick the minimum value obtainable from dataflow and range analysis. + if upperBound(e) = exprMaxVal(e) + then + result = max(Expr source | DataFlow::localExprFlow(source, e) | source.getValue().toInt()) + else + result = + upperBound(e) + .minimum(min(Expr source | DataFlow::localExprFlow(source, e) | source.getValue().toInt())) + + + } + + int getStatedValue(Expr e) { + result = + upperBound(e) + .minimum(min(Expr source | DataFlow::localExprFlow(source, e) | source.getValue().toInt())) + } + + /** + * A class for reasoning about the offset of a variable from the original value flowing to it + * as a result of arithmetic or pointer arithmetic expressions. + */ + int getArithmeticOperandStatedValue(Expr expr) { + result = getStatedValue(expr.(PointerArithmeticExpr).getOperand()) + or + // &(array[index]) expressions + result = getStatedValue(expr.(AddressOfExpr).getOperand().(PointerArithmeticExpr).getOperand()) + or + result = getStatedValue(expr.(BinaryArithmeticOperation).getRightOperand()) + or + expr instanceof IncrementOperation and result = 1 + or + expr instanceof DecrementOperation and result = -1 + or + // fall-back if `expr` is not an arithmetic or pointer arithmetic expression + not expr instanceof PointerArithmeticExpr and + not expr.(AddressOfExpr).getOperand() instanceof PointerArithmeticExpr and + not expr instanceof BinaryArithmeticOperation and + not expr instanceof IncrementOperation and + not expr instanceof DecrementOperation and + result = 0 + } + + int constOrZero(Expr e) { + result = e.getValue().toInt() + or + not exists(e.getValue().toInt()) and result = 0 + } + + abstract class PointerToObjectSource extends Expr { + abstract Expr getPointer(); + + abstract Expr getSizeExpr(); + + abstract int getFixedSize(); + } + + class DynamicAllocationSource extends PointerToObjectSource + instanceof AllocationExpr, FunctionCall { + DynamicAllocationSource() { + // exclude OperatorNewAllocationFunction to only deal with raw malloc-style calls, + // which do not apply a multiple to the size of the allocation passed to them. + not this.(FunctionCall).getTarget() instanceof OperatorNewAllocationFunction + } + + override Expr getPointer() { result = this } + + override Expr getSizeExpr() { + // AllocationExpr may sometimes return a subexpression of the size expression + // in order to separate the size from a sizeof expression in a MulExpr. + exists(AllocationFunction f | + f = this.(FunctionCall).getTarget() and + result = this.(FunctionCall).getArgument(f.getSizeArg()) + ) + } + + /** + * Returns either `getSizeExpr()`, or, if a value assigned to a variable flows + * to `getSizeExpr()` or an `AddExpr` within it, the value assigned to that variable. + * + * If an `AddExpr` exists in the value assignment or `getSizeExpr()`, and that `AddExpr` + * has a constant right operand, then value of that operand is `offset`. Otherwise, `offset` is 0. + * + * If no `AddExpr` exists, `base = result`. Otherwise, `base` is the left operand of the `AddExpr`. + * If the left operand of the `AddExpr` comes from a variable assignment, `base` is assigned value. + * + * This predicate serves as a rough heuristic for cases such as the following: + * 1. `size_t sz = strlen(src) + 1; malloc(sz);` + * 2. `size_t sz = strlen(src); malloc(sz + 1);` + */ + Expr getSizeExprSource(Expr base, int offset) { + if + exists(Variable v, AddExpr ae | + // case 1: variable_access + const in the size expression + this.getSizeExpr() = ae and + result = v.getAnAssignedValue() and + base = ae.getLeftOperand() and + offset = constOrZero(ae.getRightOperand()) and + DataFlow::localExprFlow(result, base) + or + // case 2: expr + const in the variable assignment + v.getAnAssignedValue() = ae and + result = ae and + base = ae.getLeftOperand() and + offset = constOrZero(ae.getRightOperand()) and + DataFlow::localExprFlow(result, this.getSizeExpr()) + ) + then any() // all logic handled in the `if` clause + else ( + offset = 0 and + // case 3: a variable is read in the size expression + // if the VariableAccess does not have a computable constant value, + // the source node could still be useful for data-flow and GVN comparisons + if this.getSizeExpr() instanceof VariableAccess + then + exists(Variable v | + v = this.getSizeExpr().(VariableAccess).getTarget() and + not v instanceof Field and + DataFlow::localExprFlow(v.getAnAssignedValue(), base) and + result = base + ) + else ( + // Case 4: no variable access in the size expression + // This case is equivalent to getSizeExpr. + base = this.getSizeExpr() and + result = base + ) + ) + } + + override int getFixedSize() { result = getStatedAllocValue(getSizeExpr()) } + } + + class AddressOfExprSource extends PointerToObjectSource, AddressOfExpr { + AddressOfExprSource() { + exists(Variable v | + v = this.getOperand().(VariableAccess).getTarget() and + not v.getUnderlyingType() instanceof PointerType and + not v instanceof Field + ) + } + + override Expr getPointer() { result = this } + + override Expr getSizeExpr() { none() } + + override int getFixedSize() { result = min(this.getOperand().getType().getSize()) } + } + + class StaticBufferAccessSource extends PointerToObjectSource instanceof VariableAccess { + StaticBufferAccessSource() { + not this.getTarget() instanceof Field and + this.getTarget().getUnderlyingType().(ArrayType).getSize() > 0 + } + + override Expr getPointer() { result = this } + + override Expr getSizeExpr() { none() } + + override int getFixedSize() { + result = this.(VariableAccess).getTarget().getUnderlyingType().(ArrayType).getSize() + } + } + + class PointerToObjectSourceOrSizeToBufferAccessFunctionConfig extends DataFlow::Configuration { + PointerToObjectSourceOrSizeToBufferAccessFunctionConfig() { + this = "PointerToObjectSourceOrSizeToBufferAccessFunctionConfig" + } + + override predicate isSource(DataFlow::Node source) { + source.asExpr() instanceof PointerToObjectSource + or + exists(PointerToObjectSource ptr | + source.asExpr() = ptr.getSizeExpr() or + source.asExpr() = ptr.(DynamicAllocationSource).getSizeExprSource(_, _) + ) + } + + override predicate isSink(DataFlow::Node sink) { + exists(BufferAccessLibraryFunctionCall call, Expr arg | + arg = call.getAnArgument() + and + ( + sink.asExpr() = arg + or + getArithmeticOffsetValue(arg) > 0 and + sink.asExpr() = arg.getAChild*() + ) + ) + } + } + + predicate hasFlowFromBufferOrSizeExprToUse(Expr source, Expr use) { + exists(PointerToObjectSourceOrSizeToBufferAccessFunctionConfig config, Expr useOrChild | + ( + useOrChild = use + or + getArithmeticOffsetValue(use) > 0 and + useOrChild = use.getAChild*() + ) + and + config.hasFlow(DataFlow::exprNode(source), DataFlow::exprNode(useOrChild)) + ) + } + + predicate bufferUseComputableBufferSize(Expr bufferUse, Expr source, int size) { + bufferUse = any(BufferAccessLibraryFunctionCall call).getAnArgument() and + // flow from a PointerToObjectSource for which we can compute the exact size + size = source.(PointerToObjectSource).getFixedSize() and + hasFlowFromBufferOrSizeExprToUse(source, bufferUse) + } + + predicate bufferUseNonComputableSize(Expr bufferUse, Expr source) { + bufferUse = any(BufferAccessLibraryFunctionCall call).getAnArgument() and + not bufferUseComputableBufferSize(bufferUse, source, _) and + hasFlowFromBufferOrSizeExprToUse(source.(DynamicAllocationSource), bufferUse) + } + + predicate sizeExprComputableSize(Expr sizeExpr, Expr source, int size) { + sizeExpr = any(BufferAccessLibraryFunctionCall call).getAnArgument() and + ( + // computable direct value + size = getStatedValue(sizeExpr) and + source = sizeExpr + or + // computable source value that flows to the size expression + size = source.(DynamicAllocationSource).getFixedSize() and + hasFlowFromBufferOrSizeExprToUse(source.(DynamicAllocationSource).getSizeExprSource(_, _), sizeExpr) + ) + } + + /** + * If the size is not computable locally, then it is either: + * + * 1. A dynamic allocation, from which we can get `getSizeExprSource()', from which + * we can either check specific logic (e.g. string length with offset) or compare GVNs. + * 2. An unrelateable size expression, which we might, however, be able to compute the bounds + * of and check against the buffer size, if that is known. + * + * In case 2, this predicate does not hold. + * + * NOTE: This predicate does not actually perform the above mentioned heuristics. + */ + predicate sizeExprNonComputableSize( + Expr bufferSizeArg, Expr alloc, Expr allocSize, Expr allocSizeBase, int offset + ) { + bufferSizeArg = any(BufferAccessLibraryFunctionCall call).getAnArgument() and + not sizeExprComputableSize(bufferSizeArg, alloc, _) and + allocSize = alloc.(DynamicAllocationSource).getSizeExprSource(allocSizeBase, offset) and + hasFlowFromBufferOrSizeExprToUse(allocSize, bufferSizeArg) + } + + predicate isBufferSizeExprSameAsSourceSizeExpr( + Expr bufferUse, Expr bufferSize, Expr sizeSource, PointerToObjectSource sourceBufferAllocation, + int s1, int s2, BufferAccessLibraryFunctionCall fc + ) { + //bufferUse.getUnderlyingType() instanceof PointerOrArrayType and + //not bufferSize.getUnderlyingType() instanceof PointerOrArrayType and + fc.getAnArgument() = bufferUse and + fc.getAnArgument() = bufferSize and + not bufferUse = bufferSize and + ( + bufferUseComputableBufferSize(bufferUse, sourceBufferAllocation, s1) and + sizeExprComputableSize(bufferSize, sizeSource, s2) and + s1 = s2 + or + s1 = -1 and + s2 = -1 and + sizeSource = sourceBufferAllocation and + bufferUseNonComputableSize(bufferUse, sizeSource) and + sizeExprNonComputableSize(bufferSize, sourceBufferAllocation, _, _, _) + or + s1 = -2 and + s2 = -2 and + sizeSource = sourceBufferAllocation.(DynamicAllocationSource).getSizeExprSource(_, _) and + bufferUseNonComputableSize(bufferUse, sourceBufferAllocation) and + globalValueNumber(sizeSource) = globalValueNumber(bufferSize) + ) + } + + int getArithmeticOffsetValue(Expr expr) { + result = getStatedValue(expr.(PointerArithmeticExpr).getOperand()) + or + // edge-case: &(array[index]) expressions + result = getStatedValue(expr.(AddressOfExpr).getOperand().(PointerArithmeticExpr).getOperand()) + or + // AddExpr + result = getStatedValue(expr.(AddExpr).getAnOperand()) + or + // SubExpr + result = -getStatedValue(expr.(SubExpr).getAnOperand()) + or + // fall-back + not expr instanceof PointerArithmeticExpr and + not expr.(AddressOfExpr).getOperand() instanceof PointerArithmeticExpr and + result = 0 + } + + predicate isBufferSizeExprGreaterThanSourceSizeExpr ( + Expr bufferUse, Expr bufferSize, Expr sizeSource, PointerToObjectSource sourceBufferAllocation, + int s1, int s2, BufferAccessLibraryFunctionCall fc + ) { + //bufferUse.getUnderlyingType() instanceof PointerOrArrayType and + //not bufferSize.getUnderlyingType() instanceof PointerOrArrayType and + fc.getAnArgument() = bufferUse and + fc.getAnArgument() = bufferSize and + not bufferUse = bufferSize and + ( + bufferUseComputableBufferSize(bufferUse, sourceBufferAllocation, s1) and + sizeExprComputableSize(bufferSize, sizeSource, s2) and + ( + s1 - getArithmeticOffsetValue(bufferUse) < s2 + getArithmeticOffsetValue(bufferSize) + or + s2 = 0 + ) + or + s1 = -1 and + s2 = -1 and + sizeSource = sourceBufferAllocation and + bufferUseNonComputableSize(bufferUse, sizeSource) and + sizeExprNonComputableSize(bufferSize, sourceBufferAllocation, _, _, _) + or + exists(int offset, Expr base | + sizeSource = sourceBufferAllocation.(DynamicAllocationSource).getSizeExprSource(base, offset) and + bufferUseNonComputableSize(bufferUse, sourceBufferAllocation) and + not globalValueNumber(sizeSource) = globalValueNumber(bufferSize) and + globalValueNumber(base) = globalValueNumber(bufferSize.getAChild*()) and + s1 = getArithmeticOffsetValue(bufferUse) and + s2 = getArithmeticOffsetValue(bufferSize) and + s1 >= s2 - offset + ) + ) + } +} diff --git a/c/common/src/codingstandards/c/Pointers.qll b/c/common/src/codingstandards/c/Pointers.qll index 6658ec9e81..86e2c02d30 100644 --- a/c/common/src/codingstandards/c/Pointers.qll +++ b/c/common/src/codingstandards/c/Pointers.qll @@ -87,3 +87,32 @@ class PointerToObjectType extends PointerType { ) } } + +/** + * Gets the base type of a pointer or array type. In the case of an array of + * arrays, the inner base type is returned. + * + * Copied from IncorrectPointerScalingCommon.qll. + */ +Type baseType(Type t) { + ( + exists(PointerType dt | + dt = t.getUnspecifiedType() and + result = dt.getBaseType().getUnspecifiedType() + ) + or + exists(ArrayType at | + at = t.getUnspecifiedType() and + not at.getBaseType().getUnspecifiedType() instanceof ArrayType and + result = at.getBaseType().getUnspecifiedType() + ) + or + exists(ArrayType at, ArrayType at2 | + at = t.getUnspecifiedType() and + at2 = at.getBaseType().getUnspecifiedType() and + result = baseType(at2) + ) + ) and + // Make sure that the type has a size and that it isn't ambiguous. + strictcount(result.getSize()) = 1 +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/OutOfBounds.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/OutOfBounds.qll new file mode 100644 index 0000000000..1f606288fb --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/OutOfBounds.qll @@ -0,0 +1,78 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype OutOfBoundsQuery = + TDoNotFormOutOfBoundsPointersOrArraySubscriptsQuery() or + TLibraryFunctionArgumentOutOfBoundsQuery() or + TStringFunctionPointerArgumentOutOfBoundsQuery() or + TStringLibrarySizeArgumentOutOfBoundsQuery() + +predicate isOutOfBoundsQueryMetadata(Query query, string queryId, string ruleId, string category) { + query = + // `Query` instance for the `doNotFormOutOfBoundsPointersOrArraySubscripts` query + OutOfBoundsPackage::doNotFormOutOfBoundsPointersOrArraySubscriptsQuery() and + queryId = + // `@id` for the `doNotFormOutOfBoundsPointersOrArraySubscripts` query + "c/cert/do-not-form-out-of-bounds-pointers-or-array-subscripts" and + ruleId = "ARR30-C" and + category = "rule" + or + query = + // `Query` instance for the `libraryFunctionArgumentOutOfBounds` query + OutOfBoundsPackage::libraryFunctionArgumentOutOfBoundsQuery() and + queryId = + // `@id` for the `libraryFunctionArgumentOutOfBounds` query + "c/cert/library-function-argument-out-of-bounds" and + ruleId = "ARR38-C" and + category = "rule" + or + query = + // `Query` instance for the `stringFunctionPointerArgumentOutOfBounds` query + OutOfBoundsPackage::stringFunctionPointerArgumentOutOfBoundsQuery() and + queryId = + // `@id` for the `stringFunctionPointerArgumentOutOfBounds` query + "c/misra/string-function-pointer-argument-out-of-bounds" and + ruleId = "RULE-21-17" and + category = "mandatory" + or + query = + // `Query` instance for the `stringLibrarySizeArgumentOutOfBounds` query + OutOfBoundsPackage::stringLibrarySizeArgumentOutOfBoundsQuery() and + queryId = + // `@id` for the `stringLibrarySizeArgumentOutOfBounds` query + "c/misra/string-library-size-argument-out-of-bounds" and + ruleId = "RULE-21-18" and + category = "mandatory" +} + +module OutOfBoundsPackage { + Query doNotFormOutOfBoundsPointersOrArraySubscriptsQuery() { + //autogenerate `Query` type + result = + // `Query` type for `doNotFormOutOfBoundsPointersOrArraySubscripts` query + TQueryC(TOutOfBoundsPackageQuery(TDoNotFormOutOfBoundsPointersOrArraySubscriptsQuery())) + } + + Query libraryFunctionArgumentOutOfBoundsQuery() { + //autogenerate `Query` type + result = + // `Query` type for `libraryFunctionArgumentOutOfBounds` query + TQueryC(TOutOfBoundsPackageQuery(TLibraryFunctionArgumentOutOfBoundsQuery())) + } + + Query stringFunctionPointerArgumentOutOfBoundsQuery() { + //autogenerate `Query` type + result = + // `Query` type for `stringFunctionPointerArgumentOutOfBounds` query + TQueryC(TOutOfBoundsPackageQuery(TStringFunctionPointerArgumentOutOfBoundsQuery())) + } + + Query stringLibrarySizeArgumentOutOfBoundsQuery() { + //autogenerate `Query` type + result = + // `Query` type for `stringLibrarySizeArgumentOutOfBounds` query + TQueryC(TOutOfBoundsPackageQuery(TStringLibrarySizeArgumentOutOfBoundsQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index f4aed38bab..75d3fa02e5 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -39,6 +39,7 @@ import Language2 import Language3 import Memory1 import Misc +import OutOfBounds import Pointers1 import Pointers2 import Pointers3 @@ -102,6 +103,7 @@ newtype TCQuery = TLanguage3PackageQuery(Language3Query q) or TMemory1PackageQuery(Memory1Query q) or TMiscPackageQuery(MiscQuery q) or + TOutOfBoundsPackageQuery(OutOfBoundsQuery q) or TPointers1PackageQuery(Pointers1Query q) or TPointers2PackageQuery(Pointers2Query q) or TPointers3PackageQuery(Pointers3Query q) or @@ -165,6 +167,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat isLanguage3QueryMetadata(query, queryId, ruleId, category) or isMemory1QueryMetadata(query, queryId, ruleId, category) or isMiscQueryMetadata(query, queryId, ruleId, category) or + isOutOfBoundsQueryMetadata(query, queryId, ruleId, category) or isPointers1QueryMetadata(query, queryId, ruleId, category) or isPointers2QueryMetadata(query, queryId, ruleId, category) or isPointers3QueryMetadata(query, queryId, ruleId, category) or diff --git a/rule_packages/c/OutOfBounds.json b/rule_packages/c/OutOfBounds.json new file mode 100644 index 0000000000..16472af64c --- /dev/null +++ b/rule_packages/c/OutOfBounds.json @@ -0,0 +1,86 @@ +{ + "CERT-C": { + "ARR30-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Forming or using an out-of-bounds pointer is undefined behavior and can result in invalid memory accesses.", + "kind": "problem", + "name": "Do not form or use out-of-bounds pointers or array subscripts", + "precision": "high", + "severity": "error", + "short_name": "DoNotFormOutOfBoundsPointersOrArraySubscripts", + "tags": [ + "correctness", + "security" + ] + } + ], + "title": "Do not form or use out-of-bounds pointers or array subscripts" + }, + "ARR38-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "", + "kind": "problem", + "name": "Guarantee that library functions do not form invalid pointers", + "precision": "high", + "severity": "error", + "short_name": "LibraryFunctionArgumentOutOfBounds", + "tags": [ + "correctness", + "security" + ] + } + ], + "title": "Guarantee that library functions do not form invalid pointers" + } + }, + "MISRA-C-2012": { + "RULE-21-17": { + "properties": { + "obligation": "mandatory" + }, + "queries": [ + { + "description": "Use of string manipulation functions from with improper buffer sizes can result in out-of-bounds buffer accesses.", + "kind": "problem", + "name": "Use of the string handling functions from shall not result in accesses beyond the bounds", + "precision": "high", + "severity": "error", + "short_name": "StringFunctionPointerArgumentOutOfBounds", + "tags": [ + "correctness", + "security" + ] + } + ], + "title": "Use of the string handling functions from shall not result in accesses beyond the bounds of the objects referenced by their pointer parameters" + }, + "RULE-21-18": { + "properties": { + "obligation": "mandatory" + }, + "queries": [ + { + "description": "Passing a size_t argument that is non-positive or greater than the size of the smallest buffer argument to any function in may result in out-of-bounds buffer accesses.", + "kind": "problem", + "name": "The size_t argument passed to any function in shall have an appropriate value", + "precision": "high", + "severity": "error", + "short_name": "StringLibrarySizeArgumentOutOfBounds", + "tags": [ + "correctness", + "security" + ] + } + ], + "title": "The size_t argument passed to any function in shall have an appropriate value" + } + } +} \ No newline at end of file diff --git a/rules.csv b/rules.csv index 35b1c7f44c..d460540e4b 100644 --- a/rules.csv +++ b/rules.csv @@ -479,7 +479,7 @@ cpp,CERT-C++,STR50-CPP,Yes,Rule,,,Guarantee that storage for strings has suffici cpp,CERT-C++,STR51-CPP,Yes,Rule,,,Do not attempt to create a std::string from a null pointer,,Null,Hard, cpp,CERT-C++,STR52-CPP,Yes,Rule,,,"Use valid references, pointers, and iterators to reference elements of a basic_string",,Iterators,Hard, cpp,CERT-C++,STR53-CPP,Yes,Rule,,,Range check element access,,OutOfBounds,Hard, -c,CERT-C,ARR30-C,Yes,Rule,,,Do not form or use out-of-bounds pointers or array subscripts,,InvalidMemory2,Medium, +c,CERT-C,ARR30-C,Yes,Rule,,,Do not form or use out-of-bounds pointers or array subscripts,,OutOfBounds,Medium, c,CERT-C,ARR32-C,Yes,Rule,,,Ensure size arguments for variable length arrays are in a valid range,,InvalidMemory2,Medium, c,CERT-C,ARR36-C,Yes,Rule,,,Do not subtract or compare two pointers that do not refer to the same array,,Memory2,Medium, c,CERT-C,ARR37-C,Yes,Rule,,,Do not add or subtract an integer to a pointer to a non-array object,,InvalidMemory2,Medium, @@ -759,7 +759,7 @@ c,MISRA-C-2012,RULE-21-13,Yes,Mandatory,,,Any value passed to a function in shall not result in accesses beyond the bounds of the objects referenced by their pointer parameters,,Memory2,Hard, +c,MISRA-C-2012,RULE-21-17,Yes,Mandatory,,,Use of the string handling functions from shall not result in accesses beyond the bounds of the objects referenced by their pointer parameters,,OutOfBounds,Hard, c,MISRA-C-2012,RULE-21-18,Yes,Mandatory,,,The size_t argument passed to any function in shall have an appropriate value,,OutOfBounds,Hard, c,MISRA-C-2012,RULE-21-19,Yes,Mandatory,,,"The pointers returned by the Standard Library functions localeconv, getenv, setlocale or, strerror shall only be used as if they have pointer to const-qualified type",ENV30-C,Contracts2,Medium, c,MISRA-C-2012,RULE-21-20,Yes,Mandatory,,,"The pointer returned by the Standard Library functions asctime, ctime, gmtime, localtime, localeconv, getenv, setlocale or strerror shall not be used following a subsequent call to the same function",ENV34-C,Contracts2,Import, From 8c30b0fc1549cbdb8ca976cf2e07831fc8a1eff7 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Thu, 30 Mar 2023 09:40:31 +0200 Subject: [PATCH 0946/2573] Update OutOfBounds.qll --- .../src/codingstandards/c/OutOfBounds.qll | 288 ++++++++++-------- 1 file changed, 159 insertions(+), 129 deletions(-) diff --git a/c/common/src/codingstandards/c/OutOfBounds.qll b/c/common/src/codingstandards/c/OutOfBounds.qll index a16384bf98..6c4654e219 100644 --- a/c/common/src/codingstandards/c/OutOfBounds.qll +++ b/c/common/src/codingstandards/c/OutOfBounds.qll @@ -13,11 +13,11 @@ import codingstandards.cpp.PossiblyUnsafeStringOperation import codingstandards.cpp.SimpleRangeAnalysisCustomizations import semmle.code.cpp.dataflow.DataFlow import semmle.code.cpp.valuenumbering.GlobalValueNumbering -import semmle.code.cpp.security.BufferAccess module OutOfBounds { bindingset[name, result] private string getNameOrInternalName(string name) { + result = name or name.regexpMatch("__.*_+(?:" + result + ")") } @@ -30,7 +30,7 @@ module OutOfBounds { * Note: These functions do not share a common semantic pattern of source and destination * parameters with the other functions explicitly defined in `libraryFunctionNameParamTable`, * although they do share a common issue of parsing non-null-terminated strings. - * The `NullTerminatedStringBufferAccessLibraryFunction` base class provides an appropriate + * The `SimpleStringLibraryFunction` base class provides an appropriate * interface for analyzing the functions in the below table. */ private Function libraryFunctionNameParamTableSimpleString(string name, @@ -94,11 +94,7 @@ module OutOfBounds { Function libraryFunctionNameParamTableSimpleStringRegex(string name, int dst, int src, int src_sz, int dst_sz) { exists(string stdName | result = libraryFunctionNameParamTableSimpleString(stdName, dst, src, src_sz, dst_sz) and - ( - name = stdName - or - getNameOrInternalName(name) = stdName - ) + getNameOrInternalName(name) = stdName ) } @@ -229,15 +225,10 @@ module OutOfBounds { Function libraryFunctionNameParamTableRegex(string name, int dst, int src, int src_sz, int dst_sz) { exists(string stdName | result = libraryFunctionNameParamTable(stdName, dst, src, src_sz, dst_sz) and - ( - name = stdName - or - getNameOrInternalName - (name) = stdName - ) + getNameOrInternalName(name) = stdName ) } - + /** * A library function that accesses one or more buffers supplied via arguments. */ @@ -246,50 +237,98 @@ module OutOfBounds { this = libraryFunctionNameParamTableRegex(this.getName(), _, _, _, _) } + /** + * Returns the indices of parameters that are a destination buffer. + */ int getWriteParamIndex() { - this = libraryFunctionNameParamTableRegex(this.getName(), result, _, _, _) + this = libraryFunctionNameParamTableRegex(this.getName(), result, _, _, _) and + result >= 0 } + /** + * Returns the indices of parameters that are a source buffer. + */ int getReadParamIndex() { - this = libraryFunctionNameParamTableRegex(this.getName(), _, result, _, _) + this = libraryFunctionNameParamTableRegex(this.getName(), _, result, _, _) and + result >= 0 } + /** + * Returns the index of the parameter that is the source buffer size. + */ int getReadSizeParamIndex() { - this = libraryFunctionNameParamTableRegex(this.getName(), _, _, result, _) + this = libraryFunctionNameParamTableRegex(this.getName(), _, _, result, _) and + result >= 0 } + /** + * Returns the index of the parameter that is the destination buffer size. + */ int getWriteCountParamIndex() { - this = libraryFunctionNameParamTableRegex(this.getName(), _, _, _, result) + this = libraryFunctionNameParamTableRegex(this.getName(), _, _, _, result) and + result >= 0 } + /** + * Gets a parameter than is a source (read) buffer. + */ Parameter getReadParam() { result = this.getParameter(this.getReadParamIndex()) } + /** + * Gets a parameter than is a destination (write) buffer. + */ Parameter getWriteParam() { result = this.getParameter(this.getWriteParamIndex()) } + /** + * Gets a parameter than is a source (read) buffer size. + */ Parameter getReadSizeParam() { result = this.getParameter(this.getReadSizeParamIndex()) } + /** + * Gets a parameter than is a destination (write) buffer size. + */ Parameter getWriteSizeParam() { result = this.getParameter(this.getWriteCountParamIndex()) } - int getDestinationParameterElementSize() { - this.getWriteParam().getType().(PointerType).getBaseType().getSize() = result + /** + * Gets the size of an element in the destination buffer class + */ + int getWriteParamElementSize(Parameter p) { + p = this.getWriteParam() and + p.getType().stripType().getSize().maximum(1) = result } - int getSourceParameterElementSize() { - this.getReadParam().getType().(PointerType).getBaseType().getSize() = result + /** + * Gets the size of an element in the source buffer class + */ + int getReadParamElementSize(Parameter p) { + p = this.getReadParam() and + p.getType().stripType().getSize().maximum(1) = result } predicate getANullTerminatedParameterIndex(int i) { - // by default, require null-terminated parameters for src but not dst - this.getReadParam().getIndex() = i + // by default, require null-terminated parameters for src but + // only if the type of src is a plain char pointer or wchar_t + this.getReadParamIndex() = i and + exists(Type baseType | + baseType = this.getReadParam().getType().(DerivedType).getBaseType*() and + ( + baseType instanceof CharType or + baseType instanceof Wchar_t + ) + ) } - predicate sizeArgExclusiveOfNullTerminator(int i) { - // by default, require size parameters to be exclusive of null terminator - i >= 0 and - i <= this.getNumberOfParameters() and - ( - this = libraryFunctionNameParamTableRegex(this.getName(), _, _, i, _) - ) + predicate getALengthParameterIndex(int i) { + // by default, size parameters do not exclude the size of a null terminator + none() + } + + /** + * Holds if the read or write parameter at index `i` is allowed to be null. + */ + predicate getAPermissiblyNullParameterIndex(int i) { + // by default, pointer parameters are not allowed to be null + none() } } @@ -301,6 +340,14 @@ module OutOfBounds { SimpleStringLibraryFunction() { this = libraryFunctionNameParamTableSimpleStringRegex(this.getName(), _, _, _, _) } + + override predicate getANullTerminatedParameterIndex(int i) { + // by default, require null-terminated parameters for src but + // only if the type of src is a plain char pointer. + this.getReadParamIndex() = i and + this.getReadParam().getType().getUnspecifiedType(). + (PointerType).getBaseType().getUnspecifiedType() instanceof PlainCharType + } } /** @@ -311,11 +358,11 @@ module OutOfBounds { /** * A `BufferAccessLibraryFunction` modelling `strcat` */ - class StrcatLibraryFunction extends - StringConcatenationFunctionLibraryFunction, SimpleStringLibraryFunction { + class StrcatLibraryFunction extends StringConcatenationFunctionLibraryFunction, SimpleStringLibraryFunction + { StrcatLibraryFunction() { this.getName() = getNameOrInternalName("strcat") } - override predicate nullTerminatedParameter(int i) { + override predicate getANullTerminatedParameterIndex(int i) { // `strcat` requires null-terminated parameters for both src and dst i = [0, 1] } @@ -327,7 +374,7 @@ module OutOfBounds { class StrncatLibraryFunction extends StringConcatenationFunctionLibraryFunction { StrncatLibraryFunction() { this.getName() = getNameOrInternalName(["strncat", "wcsncat"]) } - override predicate nullTerminatedParameter(int i) { + override predicate getANullTerminatedParameterIndex(int i) { // `strncat` requires null-terminated parameters for both src and dst i = [0, 1] } @@ -337,7 +384,7 @@ module OutOfBounds { * A `FunctionCall` to a `BufferAccessLibraryFunction` that provides predicates for * reasoning about buffer overflow and other buffer access violations. */ - abstract class BufferAccessLibraryFunctionCall extends FunctionCall { + class BufferAccessLibraryFunctionCall extends FunctionCall { BufferAccessLibraryFunctionCall() { this.getTarget() instanceof BufferAccessLibraryFunction } Expr getReadArg() { @@ -357,14 +404,14 @@ module OutOfBounds { result = this.getArgument(this.getTarget().(BufferAccessLibraryFunction).getWriteCountParamIndex()) } - } - /** - * A `FunctionCall` to a `BufferAccessLibraryFunction` that contains only one or two string buffers - * as its arguments but no specific size arguments, as size is deduced via null-termination. - */ - class SimpleStringBufferAccessLibraryFunctionCall extends BufferAccessLibraryFunction { - SimpleStringBufferAccessLibraryFunction + int getReadSizeArgMult() { + result = this.getTarget().(BufferAccessLibraryFunction).getReadParamElementSize(_) + } + + int getWriteSizeArgMult() { + result = this.getTarget().(BufferAccessLibraryFunction).getWriteParamElementSize(_) + } } int getStatedAllocValue(Expr e) { @@ -424,6 +471,8 @@ module OutOfBounds { abstract Expr getSizeExpr(); abstract int getFixedSize(); + + abstract predicate isNotNullTerminated(); } class DynamicAllocationSource extends PointerToObjectSource @@ -500,6 +549,8 @@ module OutOfBounds { } override int getFixedSize() { result = getStatedAllocValue(getSizeExpr()) } + + override predicate isNotNullTerminated() { none() } } class AddressOfExprSource extends PointerToObjectSource, AddressOfExpr { @@ -516,6 +567,8 @@ module OutOfBounds { override Expr getSizeExpr() { none() } override int getFixedSize() { result = min(this.getOperand().getType().getSize()) } + + override predicate isNotNullTerminated() { none() } } class StaticBufferAccessSource extends PointerToObjectSource instanceof VariableAccess { @@ -531,6 +584,13 @@ module OutOfBounds { override int getFixedSize() { result = this.(VariableAccess).getTarget().getUnderlyingType().(ArrayType).getSize() } + + override predicate isNotNullTerminated() { + exists(CharArrayInitializedWithStringLiteral cl | + cl = this.(VariableAccess).getTarget().getInitializer().getExpr() and + cl.getContainerLength() <= cl.getStringLiteralLength() + ) + } } class PointerToObjectSourceOrSizeToBufferAccessFunctionConfig extends DataFlow::Configuration { @@ -575,29 +635,42 @@ module OutOfBounds { } predicate bufferUseComputableBufferSize(Expr bufferUse, Expr source, int size) { - bufferUse = any(BufferAccessLibraryFunctionCall call).getAnArgument() and // flow from a PointerToObjectSource for which we can compute the exact size size = source.(PointerToObjectSource).getFixedSize() and hasFlowFromBufferOrSizeExprToUse(source, bufferUse) } predicate bufferUseNonComputableSize(Expr bufferUse, Expr source) { - bufferUse = any(BufferAccessLibraryFunctionCall call).getAnArgument() and not bufferUseComputableBufferSize(bufferUse, source, _) and hasFlowFromBufferOrSizeExprToUse(source.(DynamicAllocationSource), bufferUse) } predicate sizeExprComputableSize(Expr sizeExpr, Expr source, int size) { - sizeExpr = any(BufferAccessLibraryFunctionCall call).getAnArgument() and - ( - // computable direct value - size = getStatedValue(sizeExpr) and - source = sizeExpr - or - // computable source value that flows to the size expression - size = source.(DynamicAllocationSource).getFixedSize() and - hasFlowFromBufferOrSizeExprToUse(source.(DynamicAllocationSource).getSizeExprSource(_, _), sizeExpr) - ) + // computable direct value + size = getStatedValue(sizeExpr) and + source = sizeExpr + or + // computable source value that flows to the size expression + size = source.(DynamicAllocationSource).getFixedSize() and + hasFlowFromBufferOrSizeExprToUse(source.(DynamicAllocationSource).getSizeExprSource(_, _), sizeExpr) + } + + int getArithmeticOffsetValue(Expr expr) { + result = getStatedValue(expr.(PointerArithmeticExpr).getOperand()) + or + // edge-case: &(array[index]) expressions + result = getStatedValue(expr.(AddressOfExpr).getOperand().(PointerArithmeticExpr).getOperand()) + or + // AddExpr + result = getStatedValue(expr.(AddExpr).getAnOperand()) + or + // SubExpr + result = -getStatedValue(expr.(SubExpr).getAnOperand()) + or + // fall-back + not expr instanceof PointerArithmeticExpr and + not expr.(AddressOfExpr).getOperand() instanceof PointerArithmeticExpr and + result = 0 } /** @@ -621,85 +694,42 @@ module OutOfBounds { hasFlowFromBufferOrSizeExprToUse(allocSize, bufferSizeArg) } - predicate isBufferSizeExprSameAsSourceSizeExpr( - Expr bufferUse, Expr bufferSize, Expr sizeSource, PointerToObjectSource sourceBufferAllocation, - int s1, int s2, BufferAccessLibraryFunctionCall fc - ) { - //bufferUse.getUnderlyingType() instanceof PointerOrArrayType and - //not bufferSize.getUnderlyingType() instanceof PointerOrArrayType and - fc.getAnArgument() = bufferUse and - fc.getAnArgument() = bufferSize and - not bufferUse = bufferSize and - ( - bufferUseComputableBufferSize(bufferUse, sourceBufferAllocation, s1) and - sizeExprComputableSize(bufferSize, sizeSource, s2) and - s1 = s2 - or - s1 = -1 and - s2 = -1 and - sizeSource = sourceBufferAllocation and - bufferUseNonComputableSize(bufferUse, sizeSource) and - sizeExprNonComputableSize(bufferSize, sourceBufferAllocation, _, _, _) - or - s1 = -2 and - s2 = -2 and - sizeSource = sourceBufferAllocation.(DynamicAllocationSource).getSizeExprSource(_, _) and - bufferUseNonComputableSize(bufferUse, sourceBufferAllocation) and - globalValueNumber(sizeSource) = globalValueNumber(bufferSize) - ) - } - - int getArithmeticOffsetValue(Expr expr) { - result = getStatedValue(expr.(PointerArithmeticExpr).getOperand()) - or - // edge-case: &(array[index]) expressions - result = getStatedValue(expr.(AddressOfExpr).getOperand().(PointerArithmeticExpr).getOperand()) - or - // AddExpr - result = getStatedValue(expr.(AddExpr).getAnOperand()) - or - // SubExpr - result = -getStatedValue(expr.(SubExpr).getAnOperand()) - or - // fall-back - not expr instanceof PointerArithmeticExpr and - not expr.(AddressOfExpr).getOperand() instanceof PointerArithmeticExpr and - result = 0 - } - predicate isBufferSizeExprGreaterThanSourceSizeExpr ( Expr bufferUse, Expr bufferSize, Expr sizeSource, PointerToObjectSource sourceBufferAllocation, - int s1, int s2, BufferAccessLibraryFunctionCall fc + int bufSize, int size, BufferAccessLibraryFunctionCall fc ) { - //bufferUse.getUnderlyingType() instanceof PointerOrArrayType and - //not bufferSize.getUnderlyingType() instanceof PointerOrArrayType and - fc.getAnArgument() = bufferUse and - fc.getAnArgument() = bufferSize and - not bufferUse = bufferSize and - ( - bufferUseComputableBufferSize(bufferUse, sourceBufferAllocation, s1) and - sizeExprComputableSize(bufferSize, sizeSource, s2) and - ( - s1 - getArithmeticOffsetValue(bufferUse) < s2 + getArithmeticOffsetValue(bufferSize) - or - s2 = 0 + exists(float sizeMult | + ( + bufferUse = fc.getWriteArg() and bufferSize = fc.getWriteSizeArg() and sizeMult = fc.getWriteSizeArgMult() or + bufferUse = fc.getReadArg() and bufferSize = fc.getReadSizeArg() and sizeMult = fc.getReadSizeArgMult() ) - or - s1 = -1 and - s2 = -1 and - sizeSource = sourceBufferAllocation and - bufferUseNonComputableSize(bufferUse, sizeSource) and - sizeExprNonComputableSize(bufferSize, sourceBufferAllocation, _, _, _) - or - exists(int offset, Expr base | - sizeSource = sourceBufferAllocation.(DynamicAllocationSource).getSizeExprSource(base, offset) and - bufferUseNonComputableSize(bufferUse, sourceBufferAllocation) and - not globalValueNumber(sizeSource) = globalValueNumber(bufferSize) and - globalValueNumber(base) = globalValueNumber(bufferSize.getAChild*()) and - s1 = getArithmeticOffsetValue(bufferUse) and - s2 = getArithmeticOffsetValue(bufferSize) and - s1 >= s2 - offset + and + ( + bufferUseComputableBufferSize(bufferUse, sourceBufferAllocation, bufSize) and + sizeExprComputableSize(bufferSize, sizeSource, size) and + ( + bufSize - getArithmeticOffsetValue(bufferUse) < (sizeMult * (float)(size + getArithmeticOffsetValue(bufferSize))) + or + size = 0 ) + or + exists(int offset, Expr base | + sizeSource = sourceBufferAllocation.(DynamicAllocationSource).getSizeExprSource(base, offset) and + bufferUseNonComputableSize(bufferUse, sourceBufferAllocation) and + not globalValueNumber(sizeSource) = globalValueNumber(bufferSize) and + globalValueNumber(base) = globalValueNumber(bufferSize.getAChild*()) and + bufSize = getArithmeticOffsetValue(bufferUse) and + size = getArithmeticOffsetValue(bufferSize) and + bufSize >= size - offset + ) + ) + ) + } + + predicate problems(BufferAccessLibraryFunctionCall fc, string msg) { + exists(Expr bufferUse, Expr bufferSize, Expr sizeSource, PointerToObjectSource sourceBufferAllocation, int s1, int s2 | + isBufferSizeExprGreaterThanSourceSizeExpr(bufferUse, bufferSize, sizeSource, sourceBufferAllocation, s1, s2, fc) and + msg = "test" ) } } From 11406b18281b3b3a06a14a0fa0c36a94bcdbccc8 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Thu, 30 Mar 2023 10:04:19 +0200 Subject: [PATCH 0947/2573] Update OutOfBounds.qll --- c/common/src/codingstandards/c/OutOfBounds.qll | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/c/common/src/codingstandards/c/OutOfBounds.qll b/c/common/src/codingstandards/c/OutOfBounds.qll index 6c4654e219..6b973ed168 100644 --- a/c/common/src/codingstandards/c/OutOfBounds.qll +++ b/c/common/src/codingstandards/c/OutOfBounds.qll @@ -727,9 +727,19 @@ module OutOfBounds { } predicate problems(BufferAccessLibraryFunctionCall fc, string msg) { - exists(Expr bufferUse, Expr bufferSize, Expr sizeSource, PointerToObjectSource sourceBufferAllocation, int s1, int s2 | - isBufferSizeExprGreaterThanSourceSizeExpr(bufferUse, bufferSize, sizeSource, sourceBufferAllocation, s1, s2, fc) and - msg = "test" + exists(Expr bufferUse, PointerToObjectSource source | + exists(int bufSize, int size, Expr bufferSize, Expr sizeSource | + isBufferSizeExprGreaterThanSourceSizeExpr(bufferUse, bufferSize, sizeSource, source, bufSize, size, fc) and + msg = "Buffer size is smaller than size arg." + ) + or + exists(int i | + fc.getTarget().(BufferAccessLibraryFunction).getANullTerminatedParameterIndex(i) and + fc.getArgument(i) = bufferUse and + source.isNotNullTerminated() and + hasFlowFromBufferOrSizeExprToUse(source, bufferUse.getAChild*()) and + msg = "Buffer " + bufferUse.toString() + " is not null-terminated." + ) ) } -} +} \ No newline at end of file From 3de4838ac448b27c376711e491ab17fa83aa719f Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 30 Mar 2023 10:52:32 +0100 Subject: [PATCH 0948/2573] Rule 13.2: Improve performance Avoid expensive cross-products on the ConditionalExpr case, and filter by partial expressions earlier in the predicate set. --- .../rules/RULE-13-2/UnsequencedSideEffects.ql | 24 +++++++++++++++---- 1 file changed, 20 insertions(+), 4 deletions(-) diff --git a/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql b/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql index 59b4bc660c..1e1d7c568b 100644 --- a/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql +++ b/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql @@ -27,7 +27,7 @@ class VariableEffectOrAccess extends Expr { pragma[noinline] predicate partOfFullExpr(VariableEffectOrAccess e, FullExpr fe) { ( - e.(VariableEffect).getAnAccess() = fe.getAChild+() + exists(VariableEffect ve | e = ve and ve.getAnAccess() = fe.getAChild+() and not ve.isPartial()) or e.(VariableAccess) = fe.getAChild+() ) @@ -154,6 +154,24 @@ int getOperandIndex(LeftRightOperation binop, Expr operand) { ) } +predicate inConditionalThen(ConditionalExpr ce, Expr e) { + e = ce.getThen() + or + exists(Expr parent | + inConditionalThen(ce, parent) and + parent.getAChild() = e + ) +} + +predicate inConditionalElse(ConditionalExpr ce, Expr e) { + e = ce.getElse() + or + exists(Expr parent | + inConditionalElse(ce, parent) and + parent.getAChild() = e + ) +} + from ConstituentExprOrdering orderingConfig, FullExpr fullExpr, VariableEffect variableEffect1, VariableAccess va1, VariableAccess va2, Locatable placeHolder, string label @@ -219,8 +237,6 @@ where not variableEffect1.getAChild+() = va2 ) and // Both are evaluated - not exists(ConditionalExpr ce | - ce.getThen().getAChild*() = va1 and ce.getElse().getAChild*() = va2 - ) + not exists(ConditionalExpr ce | inConditionalThen(ce, va1) and inConditionalElse(ce, va2)) select fullExpr, "The expression contains unsequenced $@ to $@ and $@ to $@.", variableEffect1, "side effect", va1, va1.getTarget().getName(), placeHolder, label, va2, va2.getTarget().getName() From f9a808a80d154d0a31fa1ba63b007fb3c39e447f Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 30 Mar 2023 11:01:35 +0100 Subject: [PATCH 0949/2573] Rule 13.2: Further perf improvements Extract out the main computation from the exclusion mechanism, otherwise the exclusion mechanism runs on a potentially very large intermediate step (sameFullExpr). --- .../src/rules/RULE-13-2/UnsequencedSideEffects.ql | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql b/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql index 1e1d7c568b..c1ac4d4b40 100644 --- a/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql +++ b/c/misra/src/rules/RULE-13-2/UnsequencedSideEffects.ql @@ -172,11 +172,10 @@ predicate inConditionalElse(ConditionalExpr ce, Expr e) { ) } -from +predicate isUnsequencedEffect( ConstituentExprOrdering orderingConfig, FullExpr fullExpr, VariableEffect variableEffect1, VariableAccess va1, VariableAccess va2, Locatable placeHolder, string label -where - not isExcluded(fullExpr, SideEffects3Package::unsequencedSideEffectsQuery()) and +) { // The two access are scoped to the same full expression. sameFullExpr(fullExpr, va1, va2) and // We are only interested in effects that change an object, @@ -238,5 +237,13 @@ where ) and // Both are evaluated not exists(ConditionalExpr ce | inConditionalThen(ce, va1) and inConditionalElse(ce, va2)) +} + +from + ConstituentExprOrdering orderingConfig, FullExpr fullExpr, VariableEffect variableEffect1, + VariableAccess va1, VariableAccess va2, Locatable placeHolder, string label +where + not isExcluded(fullExpr, SideEffects3Package::unsequencedSideEffectsQuery()) and + isUnsequencedEffect(orderingConfig, fullExpr, variableEffect1, va1, va2, placeHolder, label) select fullExpr, "The expression contains unsequenced $@ to $@ and $@ to $@.", variableEffect1, "side effect", va1, va1.getTarget().getName(), placeHolder, label, va2, va2.getTarget().getName() From 9eada214d668e66fb27fe501fb16816dc75b7702 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 30 Mar 2023 11:12:53 +0100 Subject: [PATCH 0950/2573] SideEffects3: Update metadata. --- .../cpp/exclusions/c/SideEffects3.qll | 37 +------------------ 1 file changed, 1 insertion(+), 36 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects3.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects3.qll index 7c1bedf6f7..eff4f2caf9 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects3.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects3.qll @@ -3,21 +3,9 @@ import cpp import RuleMetadata import codingstandards.cpp.exclusions.RuleMetadata -newtype SideEffects3Query = - TSideEffectsInArgumentsToUnsafeMacrosQuery() or - TUnsequencedSideEffectsQuery() or - TMultipleObjectModificationsQuery() +newtype SideEffects3Query = TUnsequencedSideEffectsQuery() predicate isSideEffects3QueryMetadata(Query query, string queryId, string ruleId, string category) { - query = - // `Query` instance for the `sideEffectsInArgumentsToUnsafeMacros` query - SideEffects3Package::sideEffectsInArgumentsToUnsafeMacrosQuery() and - queryId = - // `@id` for the `sideEffectsInArgumentsToUnsafeMacros` query - "c/cert/side-effects-in-arguments-to-unsafe-macros" and - ruleId = "PRE31-C" and - category = "rule" - or query = // `Query` instance for the `unsequencedSideEffects` query SideEffects3Package::unsequencedSideEffectsQuery() and @@ -26,36 +14,13 @@ predicate isSideEffects3QueryMetadata(Query query, string queryId, string ruleId "c/misra/unsequenced-side-effects" and ruleId = "RULE-13-2" and category = "required" - or - query = - // `Query` instance for the `multipleObjectModifications` query - SideEffects3Package::multipleObjectModificationsQuery() and - queryId = - // `@id` for the `multipleObjectModifications` query - "c/misra/multiple-object-modifications" and - ruleId = "RULE-13-2" and - category = "required" } module SideEffects3Package { - Query sideEffectsInArgumentsToUnsafeMacrosQuery() { - //autogenerate `Query` type - result = - // `Query` type for `sideEffectsInArgumentsToUnsafeMacros` query - TQueryC(TSideEffects3PackageQuery(TSideEffectsInArgumentsToUnsafeMacrosQuery())) - } - Query unsequencedSideEffectsQuery() { //autogenerate `Query` type result = // `Query` type for `unsequencedSideEffects` query TQueryC(TSideEffects3PackageQuery(TUnsequencedSideEffectsQuery())) } - - Query multipleObjectModificationsQuery() { - //autogenerate `Query` type - result = - // `Query` type for `multipleObjectModifications` query - TQueryC(TSideEffects3PackageQuery(TMultipleObjectModificationsQuery())) - } } From 667fc33262ef62684a196fe4d721b42d7ac73940 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Thu, 30 Mar 2023 12:37:39 +0200 Subject: [PATCH 0951/2573] Update OutOfBounds.qll --- .../src/codingstandards/c/OutOfBounds.qll | 219 ++++++++++-------- 1 file changed, 123 insertions(+), 96 deletions(-) diff --git a/c/common/src/codingstandards/c/OutOfBounds.qll b/c/common/src/codingstandards/c/OutOfBounds.qll index 6b973ed168..bbd40bacec 100644 --- a/c/common/src/codingstandards/c/OutOfBounds.qll +++ b/c/common/src/codingstandards/c/OutOfBounds.qll @@ -18,13 +18,13 @@ module OutOfBounds { bindingset[name, result] private string getNameOrInternalName(string name) { result = name or - name.regexpMatch("__.*_+(?:" + result + ")") + result.regexpMatch("__.*_+" + name + "_.*") } /** * MISRA-C Rule 21.17 function table of names and parameter indices * which covers functions from that rely on null-terminated strings. - * + * * This table is a subset of `libraryFunctionNameParamTable`. * * Note: These functions do not share a common semantic pattern of source and destination @@ -33,11 +33,11 @@ module OutOfBounds { * The `SimpleStringLibraryFunction` base class provides an appropriate * interface for analyzing the functions in the below table. */ - private Function libraryFunctionNameParamTableSimpleString(string name, - int dst, int src, int src_sz, int dst_sz) - { - result.hasGlobalOrStdName(name) and - src_sz = -1 and + private Function libraryFunctionNameParamTableSimpleString( + string name, int dst, int src, int src_sz, int dst_sz + ) { + result.getName() = getNameOrInternalName(name) and + src_sz = -1 and dst_sz = -1 and ( name = "strcat" and @@ -48,7 +48,7 @@ module OutOfBounds { dst = -1 and src = 0 or - name = ["strcmp", "strcoll"] and + name = ["strcmp", "strcoll"] and dst = -1 and src = [0, 1] or @@ -86,18 +86,6 @@ module OutOfBounds { ) } - /** - * An expansion of `libraryFunctionNameParamTableSimpleString` to include internal functions with - * prefixes/suffixes such as "__builtin_%"" or "%_chk" (e.g. `__builtin___strcpy_chk`) - */ - bindingset[name] - Function libraryFunctionNameParamTableSimpleStringRegex(string name, int dst, int src, int src_sz, int dst_sz) { - exists(string stdName | - result = libraryFunctionNameParamTableSimpleString(stdName, dst, src, src_sz, dst_sz) and - getNameOrInternalName(name) = stdName - ) - } - /** * A relation of the indices of buffer and size parameters of standard library functions * which are defined in rules CERT ARR38-C and MISRA-C rules 21.17 and 21.18. @@ -107,7 +95,7 @@ module OutOfBounds { ) { result = libraryFunctionNameParamTableSimpleString(name, dst, src, src_sz, dst_sz) or - result.hasGlobalOrStdName(name) and + result.getName() = getNameOrInternalName(name) and ( name = ["fgets", "fgetws"] and dst = 0 and @@ -217,31 +205,17 @@ module OutOfBounds { ) } - /** - * An expansion of `libraryFunctionNameParamTable` to include internal functions with - * prefixes/suffixes such as "__builtin_%"" or "%_chk" (e.g. `__builtin___strncpy_chk`) - */ - bindingset[name] - Function libraryFunctionNameParamTableRegex(string name, int dst, int src, int src_sz, int dst_sz) { - exists(string stdName | - result = libraryFunctionNameParamTable(stdName, dst, src, src_sz, dst_sz) and - getNameOrInternalName(name) = stdName - ) - } - /** * A library function that accesses one or more buffers supplied via arguments. */ class BufferAccessLibraryFunction extends Function { - BufferAccessLibraryFunction() { - this = libraryFunctionNameParamTableRegex(this.getName(), _, _, _, _) - } + BufferAccessLibraryFunction() { this = libraryFunctionNameParamTable(_, _, _, _, _) } /** * Returns the indices of parameters that are a destination buffer. */ int getWriteParamIndex() { - this = libraryFunctionNameParamTableRegex(this.getName(), result, _, _, _) and + this = libraryFunctionNameParamTable(_, result, _, _, _) and result >= 0 } @@ -249,7 +223,7 @@ module OutOfBounds { * Returns the indices of parameters that are a source buffer. */ int getReadParamIndex() { - this = libraryFunctionNameParamTableRegex(this.getName(), _, result, _, _) and + this = libraryFunctionNameParamTable(_, _, result, _, _) and result >= 0 } @@ -257,7 +231,7 @@ module OutOfBounds { * Returns the index of the parameter that is the source buffer size. */ int getReadSizeParamIndex() { - this = libraryFunctionNameParamTableRegex(this.getName(), _, _, result, _) and + this = libraryFunctionNameParamTable(_, _, _, result, _) and result >= 0 } @@ -265,7 +239,7 @@ module OutOfBounds { * Returns the index of the parameter that is the destination buffer size. */ int getWriteCountParamIndex() { - this = libraryFunctionNameParamTableRegex(this.getName(), _, _, _, result) and + this = libraryFunctionNameParamTable(_, _, _, _, result) and result >= 0 } @@ -338,15 +312,19 @@ module OutOfBounds { */ class SimpleStringLibraryFunction extends BufferAccessLibraryFunction { SimpleStringLibraryFunction() { - this = libraryFunctionNameParamTableSimpleStringRegex(this.getName(), _, _, _, _) + this = libraryFunctionNameParamTable(this.getName(), _, _, _, _) } override predicate getANullTerminatedParameterIndex(int i) { // by default, require null-terminated parameters for src but // only if the type of src is a plain char pointer. this.getReadParamIndex() = i and - this.getReadParam().getType().getUnspecifiedType(). - (PointerType).getBaseType().getUnspecifiedType() instanceof PlainCharType + this.getReadParam() + .getType() + .getUnspecifiedType() + .(PointerType) + .getBaseType() + .getUnspecifiedType() instanceof PlainCharType } } @@ -358,7 +336,8 @@ module OutOfBounds { /** * A `BufferAccessLibraryFunction` modelling `strcat` */ - class StrcatLibraryFunction extends StringConcatenationFunctionLibraryFunction, SimpleStringLibraryFunction + class StrcatLibraryFunction extends StringConcatenationFunctionLibraryFunction, + SimpleStringLibraryFunction { StrcatLibraryFunction() { this.getName() = getNameOrInternalName("strcat") } @@ -380,6 +359,18 @@ module OutOfBounds { } } + /** + * A `BufferAccessLibraryFunction` modelling `strncpy` + */ + class StrncpyLibraryFunction extends BufferAccessLibraryFunction { + StrncpyLibraryFunction() { this.getName() = getNameOrInternalName("strncpy") } + + override predicate getANullTerminatedParameterIndex(int i) { + // `strncpy` does not require null-terminated parameters + none() + } + } + /** * A `FunctionCall` to a `BufferAccessLibraryFunction` that provides predicates for * reasoning about buffer overflow and other buffer access violations. @@ -417,15 +408,16 @@ module OutOfBounds { int getStatedAllocValue(Expr e) { // `upperBound(e)` defaults to `exprMaxVal(e)` when `e` isn't analyzable. So to get a meaningful // result in this case we pick the minimum value obtainable from dataflow and range analysis. - if upperBound(e) = exprMaxVal(e) - then - result = max(Expr source | DataFlow::localExprFlow(source, e) | source.getValue().toInt()) + if upperBound(e) = exprMaxVal(e) + then result = max(Expr source | DataFlow::localExprFlow(source, e) | source.getValue().toInt()) else - result = - upperBound(e) - .minimum(min(Expr source | DataFlow::localExprFlow(source, e) | source.getValue().toInt())) - - + result = + upperBound(e) + .minimum(min(Expr source | + DataFlow::localExprFlow(source, e) + | + source.getValue().toInt() + )) } int getStatedValue(Expr e) { @@ -475,8 +467,9 @@ module OutOfBounds { abstract predicate isNotNullTerminated(); } - class DynamicAllocationSource extends PointerToObjectSource - instanceof AllocationExpr, FunctionCall { + class DynamicAllocationSource extends PointerToObjectSource instanceof AllocationExpr, + FunctionCall + { DynamicAllocationSource() { // exclude OperatorNewAllocationFunction to only deal with raw malloc-style calls, // which do not apply a multiple to the size of the allocation passed to them. @@ -509,23 +502,32 @@ module OutOfBounds { * 2. `size_t sz = strlen(src); malloc(sz + 1);` */ Expr getSizeExprSource(Expr base, int offset) { - if - exists(Variable v, AddExpr ae | - // case 1: variable_access + const in the size expression - this.getSizeExpr() = ae and - result = v.getAnAssignedValue() and - base = ae.getLeftOperand() and - offset = constOrZero(ae.getRightOperand()) and - DataFlow::localExprFlow(result, base) + if this.getSizeExpr() instanceof AddExpr + then + exists(AddExpr ae | + exists(Variable v | + // case 1: variable access + const in the size expression + this.getSizeExpr() = ae and + result = v.getAnAssignedValue() and + base = ae.getLeftOperand() and + offset = constOrZero(ae.getRightOperand()) and + DataFlow::localExprFlow(result, base) + or + // case 2: expr + const in the variable assignment + v.getAnAssignedValue() = ae and + result = ae and + base = ae.getLeftOperand() and + offset = constOrZero(ae.getRightOperand()) and + DataFlow::localExprFlow(result, this.getSizeExpr()) + ) or - // case 2: expr + const in the variable assignment - v.getAnAssignedValue() = ae and + // case 3: function call + const result = ae and - base = ae.getLeftOperand() and - offset = constOrZero(ae.getRightOperand()) and - DataFlow::localExprFlow(result, this.getSizeExpr()) + this.getSizeExpr() = ae and + ae.getLeftOperand() = base and + ae.getLeftOperand() instanceof FunctionCall and + offset = constOrZero(ae.getRightOperand()) ) - then any() // all logic handled in the `if` clause else ( offset = 0 and // case 3: a variable is read in the size expression @@ -608,9 +610,8 @@ module OutOfBounds { } override predicate isSink(DataFlow::Node sink) { - exists(BufferAccessLibraryFunctionCall call, Expr arg | - arg = call.getAnArgument() - and + exists(BufferAccessLibraryFunctionCall call, Expr arg | + arg = call.getAnArgument() and ( sink.asExpr() = arg or @@ -627,9 +628,8 @@ module OutOfBounds { useOrChild = use or getArithmeticOffsetValue(use) > 0 and - useOrChild = use.getAChild*() - ) - and + useOrChild = use.getAChild*() + ) and config.hasFlow(DataFlow::exprNode(source), DataFlow::exprNode(useOrChild)) ) } @@ -652,7 +652,8 @@ module OutOfBounds { or // computable source value that flows to the size expression size = source.(DynamicAllocationSource).getFixedSize() and - hasFlowFromBufferOrSizeExprToUse(source.(DynamicAllocationSource).getSizeExprSource(_, _), sizeExpr) + hasFlowFromBufferOrSizeExprToUse(source.(DynamicAllocationSource).getSizeExprSource(_, _), + sizeExpr) } int getArithmeticOffsetValue(Expr expr) { @@ -694,42 +695,65 @@ module OutOfBounds { hasFlowFromBufferOrSizeExprToUse(allocSize, bufferSizeArg) } - predicate isBufferSizeExprGreaterThanSourceSizeExpr ( + predicate isBufferSizeExprGreaterThanSourceSizeExpr( Expr bufferUse, Expr bufferSize, Expr sizeSource, PointerToObjectSource sourceBufferAllocation, - int bufSize, int size, BufferAccessLibraryFunctionCall fc + int bufSize, int size, BufferAccessLibraryFunctionCall fc, int offset, Expr base ) { exists(float sizeMult | ( - bufferUse = fc.getWriteArg() and bufferSize = fc.getWriteSizeArg() and sizeMult = fc.getWriteSizeArgMult() or - bufferUse = fc.getReadArg() and bufferSize = fc.getReadSizeArg() and sizeMult = fc.getReadSizeArgMult() - ) - and + bufferUse = fc.getWriteArg() and + bufferSize = fc.getWriteSizeArg() and + sizeMult = fc.getWriteSizeArgMult() + or + bufferUse = fc.getReadArg() and + bufferSize = fc.getReadSizeArg() and + sizeMult = fc.getReadSizeArgMult() + ) and ( + offset = 0 and + base = bufferSize and bufferUseComputableBufferSize(bufferUse, sourceBufferAllocation, bufSize) and sizeExprComputableSize(bufferSize, sizeSource, size) and - ( - bufSize - getArithmeticOffsetValue(bufferUse) < (sizeMult * (float)(size + getArithmeticOffsetValue(bufferSize))) - or + ( + bufSize - getArithmeticOffsetValue(bufferUse) < + (sizeMult * (size + getArithmeticOffsetValue(bufferSize)).(float)) + or size = 0 ) - or - exists(int offset, Expr base | - sizeSource = sourceBufferAllocation.(DynamicAllocationSource).getSizeExprSource(base, offset) and - bufferUseNonComputableSize(bufferUse, sourceBufferAllocation) and - not globalValueNumber(sizeSource) = globalValueNumber(bufferSize) and - globalValueNumber(base) = globalValueNumber(bufferSize.getAChild*()) and - bufSize = getArithmeticOffsetValue(bufferUse) and - size = getArithmeticOffsetValue(bufferSize) and - bufSize >= size - offset - ) ) ) } + predicate isBufferSizeOffsetOfGVN( + BufferAccessLibraryFunctionCall fc, Expr bufferSize, Expr bufferUse, + DynamicAllocationSource source, Expr sourceSizeExpr, Expr sourceSizeExprBase, + int sourceSizeExprOffset, int sizeMult, int sizeArgOffset, int bufferArgOffset + ) { + ( + bufferUse = fc.getWriteArg() and + bufferSize = fc.getWriteSizeArg() and + sizeMult = fc.getWriteSizeArgMult() + or + bufferUse = fc.getReadArg() and + bufferSize = fc.getReadSizeArg() and + sizeMult = fc.getReadSizeArgMult() + ) and + sourceSizeExpr = source.getSizeExprSource(sourceSizeExprBase, sourceSizeExprOffset) and + bufferUseNonComputableSize(bufferUse, source) and + not globalValueNumber(sourceSizeExpr) = globalValueNumber(bufferSize) and + exists(Expr offsetExpr | + offsetExpr = bufferSize.getAChild*() and + sizeArgOffset = getArithmeticOffsetValue(offsetExpr) + ) and + bufferArgOffset = getArithmeticOffsetValue(bufferUse) and + sourceSizeExprOffset + bufferArgOffset < sizeArgOffset + } + predicate problems(BufferAccessLibraryFunctionCall fc, string msg) { exists(Expr bufferUse, PointerToObjectSource source | exists(int bufSize, int size, Expr bufferSize, Expr sizeSource | - isBufferSizeExprGreaterThanSourceSizeExpr(bufferUse, bufferSize, sizeSource, source, bufSize, size, fc) and + isBufferSizeExprGreaterThanSourceSizeExpr(bufferUse, bufferSize, sizeSource, source, + bufSize, size, fc, _, _) and msg = "Buffer size is smaller than size arg." ) or @@ -740,6 +764,9 @@ module OutOfBounds { hasFlowFromBufferOrSizeExprToUse(source, bufferUse.getAChild*()) and msg = "Buffer " + bufferUse.toString() + " is not null-terminated." ) + or + isBufferSizeOffsetOfGVN(fc, _, bufferUse, source, _, _, _, _, _, _) and + msg = "Buffer size is offset of GVN." ) } -} \ No newline at end of file +} From ef51b9224f9c18bf8c1f1546e9cea563a3381350 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 30 Mar 2023 09:25:37 -0400 Subject: [PATCH 0952/2573] Update dispatch-matrix-test-on-comment.yml Fixed --- .github/workflows/dispatch-matrix-test-on-comment.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/dispatch-matrix-test-on-comment.yml b/.github/workflows/dispatch-matrix-test-on-comment.yml index 33f80e4b40..5d391539e0 100644 --- a/.github/workflows/dispatch-matrix-test-on-comment.yml +++ b/.github/workflows/dispatch-matrix-test-on-comment.yml @@ -38,6 +38,7 @@ jobs: client-payload: '{"pr": "${{ github.event.number }}"}' - uses: actions/github-script@v6 + if: ${{ github.event.issue.pull_request && contains(github.event.comment.body, '/test-matrix') }} with: script: | github.rest.issues.createComment({ From 837b90dce07637db552a0424af0c9ce24740cc3f Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Thu, 30 Mar 2023 16:40:04 +0200 Subject: [PATCH 0953/2573] Update OutOfBounds.qll --- .../src/codingstandards/c/OutOfBounds.qll | 116 +++++++++++------- 1 file changed, 73 insertions(+), 43 deletions(-) diff --git a/c/common/src/codingstandards/c/OutOfBounds.qll b/c/common/src/codingstandards/c/OutOfBounds.qll index bbd40bacec..693f39969e 100644 --- a/c/common/src/codingstandards/c/OutOfBounds.qll +++ b/c/common/src/codingstandards/c/OutOfBounds.qll @@ -13,8 +13,9 @@ import codingstandards.cpp.PossiblyUnsafeStringOperation import codingstandards.cpp.SimpleRangeAnalysisCustomizations import semmle.code.cpp.dataflow.DataFlow import semmle.code.cpp.valuenumbering.GlobalValueNumbering +import semmle.code.cpp.security.BufferWrite -module OutOfBounds { +module OOB { bindingset[name, result] private string getNameOrInternalName(string name) { result = name or @@ -312,7 +313,7 @@ module OutOfBounds { */ class SimpleStringLibraryFunction extends BufferAccessLibraryFunction { SimpleStringLibraryFunction() { - this = libraryFunctionNameParamTable(this.getName(), _, _, _, _) + this = libraryFunctionNameParamTableSimpleString(this.getName(), _, _, -1, -1) } override predicate getANullTerminatedParameterIndex(int i) { @@ -405,9 +406,11 @@ module OutOfBounds { } } + class SimpleStringLibraryFunctionCall extends BufferAccessLibraryFunctionCall { + SimpleStringLibraryFunctionCall() { this.getTarget() instanceof SimpleStringLibraryFunction } + } + int getStatedAllocValue(Expr e) { - // `upperBound(e)` defaults to `exprMaxVal(e)` when `e` isn't analyzable. So to get a meaningful - // result in this case we pick the minimum value obtainable from dataflow and range analysis. if upperBound(e) = exprMaxVal(e) then result = max(Expr source | DataFlow::localExprFlow(source, e) | source.getValue().toInt()) else @@ -620,6 +623,26 @@ module OutOfBounds { ) ) } + + override predicate isBarrierOut(DataFlow::Node node) { + // the default interprocedural data-flow model flows through any array assignment expressions + // to the qualifier (array base or pointer dereferenced) instead of the individual element + // that the assignment modifies. this default behaviour causes false positives for any future + // access of the array base, so remove the assignment edge at the expense of false-negatives. + exists(AssignExpr a | + node.asExpr() = a.getRValue().getAChild*() and + ( + a.getLValue() instanceof ArrayExpr or + a.getLValue() instanceof PointerDereferenceExpr + ) + ) + or + // remove flow from `src` to `dst` in memcpy + exists(FunctionCall fc | + fc.getTarget().getName() = getNameOrInternalName("memcpy") and + node.asExpr() = fc.getArgument(1).getAChild*() + ) + } } predicate hasFlowFromBufferOrSizeExprToUse(Expr source, Expr use) { @@ -695,31 +718,25 @@ module OutOfBounds { hasFlowFromBufferOrSizeExprToUse(allocSize, bufferSizeArg) } - predicate isBufferSizeExprGreaterThanSourceSizeExpr( - Expr bufferUse, Expr bufferSize, Expr sizeSource, PointerToObjectSource sourceBufferAllocation, - int bufSize, int size, BufferAccessLibraryFunctionCall fc, int offset, Expr base + predicate isSizeArgGreaterThanBufferSize( + Expr bufferArg, Expr sizeArg, PointerToObjectSource bufferSource, int bufferArgSize, + int sizeArgValue, BufferAccessLibraryFunctionCall fc ) { exists(float sizeMult | ( - bufferUse = fc.getWriteArg() and - bufferSize = fc.getWriteSizeArg() and + bufferArg = fc.getWriteArg() and + sizeArg = fc.getWriteSizeArg() and sizeMult = fc.getWriteSizeArgMult() or - bufferUse = fc.getReadArg() and - bufferSize = fc.getReadSizeArg() and + bufferArg = fc.getReadArg() and + sizeArg = fc.getReadSizeArg() and sizeMult = fc.getReadSizeArgMult() ) and ( - offset = 0 and - base = bufferSize and - bufferUseComputableBufferSize(bufferUse, sourceBufferAllocation, bufSize) and - sizeExprComputableSize(bufferSize, sizeSource, size) and - ( - bufSize - getArithmeticOffsetValue(bufferUse) < - (sizeMult * (size + getArithmeticOffsetValue(bufferSize)).(float)) - or - size = 0 - ) + bufferUseComputableBufferSize(bufferArg, bufferSource, bufferArgSize) and + sizeExprComputableSize(sizeArg, _, sizeArgValue) and + bufferArgSize - getArithmeticOffsetValue(bufferArg) < + sizeMult.(float) * (sizeArgValue + getArithmeticOffsetValue(sizeArg)).(float) ) ) } @@ -741,32 +758,45 @@ module OutOfBounds { sourceSizeExpr = source.getSizeExprSource(sourceSizeExprBase, sourceSizeExprOffset) and bufferUseNonComputableSize(bufferUse, source) and not globalValueNumber(sourceSizeExpr) = globalValueNumber(bufferSize) and - exists(Expr offsetExpr | - offsetExpr = bufferSize.getAChild*() and - sizeArgOffset = getArithmeticOffsetValue(offsetExpr) - ) and + sizeArgOffset = getArithmeticOffsetValue(bufferSize.getAChild*()) and bufferArgOffset = getArithmeticOffsetValue(bufferUse) and sourceSizeExprOffset + bufferArgOffset < sizeArgOffset } - predicate problems(BufferAccessLibraryFunctionCall fc, string msg) { - exists(Expr bufferUse, PointerToObjectSource source | - exists(int bufSize, int size, Expr bufferSize, Expr sizeSource | - isBufferSizeExprGreaterThanSourceSizeExpr(bufferUse, bufferSize, sizeSource, source, - bufSize, size, fc, _, _) and - msg = "Buffer size is smaller than size arg." - ) - or - exists(int i | - fc.getTarget().(BufferAccessLibraryFunction).getANullTerminatedParameterIndex(i) and - fc.getArgument(i) = bufferUse and - source.isNotNullTerminated() and - hasFlowFromBufferOrSizeExprToUse(source, bufferUse.getAChild*()) and - msg = "Buffer " + bufferUse.toString() + " is not null-terminated." - ) - or - isBufferSizeOffsetOfGVN(fc, _, bufferUse, source, _, _, _, _, _, _) and - msg = "Buffer size is offset of GVN." + predicate isMandatoryBufferArgNull(Expr bufferArg, BufferAccessLibraryFunctionCall fc) { + exists(int i | + i = + [ + fc.getTarget().(BufferAccessLibraryFunction).getReadParamIndex(), + fc.getTarget().(BufferAccessLibraryFunction).getWriteParamIndex() + ] and + not fc.getTarget().(BufferAccessLibraryFunction).getAPermissiblyNullParameterIndex(i) and + bufferArg = fc.getArgument(i) and + getStatedValue(bufferArg) = 0 + ) + } + + predicate isNullTerminatorMissingFromBufferArg( + Expr bufferArg, PointerToObjectSource source, BufferAccessLibraryFunctionCall fc + ) { + exists(int i | + fc.getTarget().(BufferAccessLibraryFunction).getANullTerminatedParameterIndex(i) and + fc.getArgument(i) = bufferArg and + source.isNotNullTerminated() and + hasFlowFromBufferOrSizeExprToUse(source, bufferArg.getAChild*()) + ) + } + + predicate isReadBufferSizeSmallerThanWriteBufferSize( + Expr readBuffer, Expr writeBuffer, SimpleStringLibraryFunctionCall fc + ) { + readBuffer = fc.getReadArg() and + writeBuffer = fc.getWriteArg() and + exists(int readBufferSize, int writeBufferSize | + bufferUseComputableBufferSize(readBuffer, _, readBufferSize) and + bufferUseComputableBufferSize(writeBuffer, _, writeBufferSize) and + readBufferSize - getArithmeticOffsetValue(readBuffer) < + writeBufferSize - getArithmeticOffsetValue(writeBuffer) ) } } From c6bcdf96cf6551bcb42aba554c8751daf15e83ae Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Thu, 30 Mar 2023 11:49:17 -0400 Subject: [PATCH 0954/2573] Improve fix for FP for issue 216 --- .../A5-1-1/LiteralValueUsedOutsideTypeInit.ql | 26 ++--------------- .../LiteralValueUsedOutsideTypeInit.expected | 2 -- cpp/autosar/test/rules/A5-1-1/test.cpp | 19 +++++++++++-- .../codingstandards/cpp/LoggingOperation.qll | 28 +++++++++++++++++++ 4 files changed, 47 insertions(+), 28 deletions(-) diff --git a/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql b/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql index 6758bae54e..69649f72b1 100644 --- a/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql +++ b/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql @@ -18,25 +18,6 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.LoggingOperation import codingstandards.cpp.Literals -import codingstandards.cpp.standardlibrary.FileStreams - -/** - * In a wrapper `Function`, all accesses of all `Parameters` - * are in located in logging or stream calls - */ -class LoggerOrStreamWrapperFunction extends Function { - LoggerOrStreamWrapperFunction() { - forall(Parameter p | p.getFunction() = this | - forall(VariableAccess va | va = p.getAnAccess() | - ( - any(FileStreamFunctionCall fc).getAnArgument().getAChild*() = va - or - any(LoggingOperation logOp).getALoggedExpr().getAChild*() = va - ) - ) - ) - } -} from Literal l where @@ -45,11 +26,8 @@ where not exists(ConstructorCall cc | cc.getAnArgument() = l) and not exists(ConstructorFieldInit cf | cf.getExpr() = l) and not l = any(LoggingOperation logOp).getALoggedExpr().getAChild*() and - not l = any(FileStreamFunctionCall fsc).getAnArgument().getAChild*() and - // Exclude arguments to wrapper functions - not exists(FunctionCall fc, LoggerOrStreamWrapperFunction w | - fc.getAnArgument() = l and w.getACallToThisFunction() = fc - ) and + // Exclude Macros with names like *LOG + not exists(MacroInvocation m | m.getMacroName().matches("%LOG") and m.getAnAffectedElement() = l) and // Exclude literal 0 not l.getValue() = "0" and // Exclude character literals diff --git a/cpp/autosar/test/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.expected b/cpp/autosar/test/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.expected index d19df4e43d..9e783c3b14 100644 --- a/cpp/autosar/test/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.expected +++ b/cpp/autosar/test/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.expected @@ -1,5 +1,3 @@ | test.cpp:5:9:5:25 | constant string | Literal value "constant string" used outside of type initialization StringLiteral | | test.cpp:14:23:14:25 | 100 | Literal value 100 used outside of type initialization Literal | | test.cpp:54:7:54:7 | 1 | Literal value 1 used outside of type initialization Literal | -| test.cpp:75:23:75:28 | test | Literal value "test" used outside of type initialization StringLiteral | -| test.cpp:75:31:75:40 | not okay | Literal value "not okay" used outside of type initialization StringLiteral | diff --git a/cpp/autosar/test/rules/A5-1-1/test.cpp b/cpp/autosar/test/rules/A5-1-1/test.cpp index 42abc42f43..afb4b789bc 100644 --- a/cpp/autosar/test/rules/A5-1-1/test.cpp +++ b/cpp/autosar/test/rules/A5-1-1/test.cpp @@ -72,6 +72,21 @@ void test_stream_two(std::ostream &os, const char *str, } void test_not_wrapper_stream(std::ostream &os, const char *str) noexcept { - test_stream_two(os, "test", "not okay"); // NON_COMPLIANT - test_stream_two is - // not actually exclusively a wrapper + test_stream_two( + os, "test", + "not okay"); // NON_COMPLIANT[FALSE_NEGATIVE] - test_stream_two is + // not actually exclusively a wrapper } + +#define MACRO_LOG(test_str) do \ +{\ +struct test_struct {\ + static const char* get_str(){\ + return static_cast(test_str);\ + }\ +};\ +} while (false) + +void f(){ + MACRO_LOG("test"); //COMPLIANT - exclusion +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/LoggingOperation.qll b/cpp/common/src/codingstandards/cpp/LoggingOperation.qll index c77f2c450a..4cfcafeaae 100644 --- a/cpp/common/src/codingstandards/cpp/LoggingOperation.qll +++ b/cpp/common/src/codingstandards/cpp/LoggingOperation.qll @@ -1,5 +1,6 @@ import cpp import semmle.code.cpp.security.OutputWrite +import codingstandards.cpp.standardlibrary.FileStreams /** * A operation which may perform logging. @@ -16,9 +17,36 @@ class OutputWriteLogging extends LoggingOperation, OutputWrite { override Expr getALoggedExpr() { result = getASource() } } +/** + * A `FileStreamFunctionCall` operation is considered a log operation for Coding Standards purposes. + */ +class FileStreamLogging extends LoggingOperation, FileStreamFunctionCall { + override Expr getALoggedExpr() { result = getAnArgument() } + + override Expr getFStream() { result = this.getQualifier() } +} + /** A call which looks like `printf`. */ class PrintfLikeCall extends LoggingOperation, Call { PrintfLikeCall() { getTarget().getName().toLowerCase().matches("%printf%") } override Expr getALoggedExpr() { result = getAnArgument() } } + +/** + * In a wrapper `Function`, all accesses of all `Parameters` + * are in located in logging or stream calls + */ +class LoggerOrStreamWrapperFunction extends Function { + LoggerOrStreamWrapperFunction() { + forall(Parameter p | p.getFunction() = this | + forall(VariableAccess va | va = p.getAnAccess() | + ( + any(FileStreamFunctionCall fc).getAnArgument().getAChild*() = va + or + any(LoggingOperation logOp).getALoggedExpr().getAChild*() = va + ) + ) + ) + } +} From 062e0e208dd0fd56efb733db68894fa2e25d387c Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Thu, 30 Mar 2023 11:56:20 -0400 Subject: [PATCH 0955/2573] Format test A5-1-1 --- cpp/autosar/test/rules/A5-1-1/test.cpp | 20 +++++++++----------- 1 file changed, 9 insertions(+), 11 deletions(-) diff --git a/cpp/autosar/test/rules/A5-1-1/test.cpp b/cpp/autosar/test/rules/A5-1-1/test.cpp index afb4b789bc..faaf188f32 100644 --- a/cpp/autosar/test/rules/A5-1-1/test.cpp +++ b/cpp/autosar/test/rules/A5-1-1/test.cpp @@ -78,15 +78,13 @@ void test_not_wrapper_stream(std::ostream &os, const char *str) noexcept { // not actually exclusively a wrapper } -#define MACRO_LOG(test_str) do \ -{\ -struct test_struct {\ - static const char* get_str(){\ - return static_cast(test_str);\ - }\ -};\ -} while (false) - -void f(){ - MACRO_LOG("test"); //COMPLIANT - exclusion +#define MACRO_LOG(test_str) \ + do { \ + struct test_struct { \ + static const char *get_str() { return static_cast(test_str); } \ + }; \ + } while (false) + +void f() { + MACRO_LOG("test"); // COMPLIANT - exclusion } \ No newline at end of file From 4427b40c3e1db8e3b8787e7e90b2aa32fec9e949 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Thu, 30 Mar 2023 20:32:34 +0200 Subject: [PATCH 0956/2573] Add ARR38-C --- .../LibraryFunctionArgumentOutOfBounds.md | 486 ++++++++++++++++++ .../LibraryFunctionArgumentOutOfBounds.ql | 23 + .../src/codingstandards/c/OutOfBounds.qll | 276 +++++++--- 3 files changed, 721 insertions(+), 64 deletions(-) create mode 100644 c/cert/src/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.md create mode 100644 c/cert/src/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.ql diff --git a/c/cert/src/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.md b/c/cert/src/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.md new file mode 100644 index 0000000000..c3306036d2 --- /dev/null +++ b/c/cert/src/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.md @@ -0,0 +1,486 @@ +# ARR38-C: Guarantee that library functions do not form invalid pointers + +This query implements the CERT-C rule ARR38-C: + +> Guarantee that library functions do not form invalid pointers + + +## Description + +C library functions that make changes to arrays or objects take at least two arguments: a pointer to the array or object and an integer indicating the number of elements or bytes to be manipulated. For the purposes of this rule, the element count of a pointer is the size of the object to which it points, expressed by the number of elements that are valid to access. Supplying arguments to such a function might cause the function to form a pointer that does not point into or just past the end of the object, resulting in [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). + +Annex J of the C Standard \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO%2FIEC9899-2011)\] states that it is undefined behavior if the "pointer passed to a library function array parameter does not have a value such that all address computations and object accesses are valid." (See [undefined behavior 109](https://wiki.sei.cmu.edu/confluence/display/c/CC.+Undefined+Behavior#CC.UndefinedBehavior-ub_109).) + +In the following code, + +```cpp +int arr[5]; +int *p = arr; + +unsigned char *p2 = (unsigned char *)arr; +unsigned char *p3 = arr + 2; +void *p4 = arr; +``` +the element count of the pointer `p` is `sizeof(arr) / sizeof(arr[0])`, that is, `5`. The element count of the pointer `p2` is `sizeof(arr)`, that is, `20`, on implementations where `sizeof(int) == 4`. The element count of the pointer `p3` is `12` on implementations where `sizeof(int) == 4`, because `p3` points two elements past the start of the array `arr`. The element count of `p4` is treated as though it were `unsigned char *` instead of `void *`, so it is the same as `p2`. + +## Pointer + Integer + +The following standard library functions take a pointer argument and a size argument, with the constraint that the pointer must point to a valid memory object of at least the number of elements indicated by the size argument. + +
    fgets() fgetws() mbstowcs() 1 wcstombs() 1
    mbrtoc16() 2 mbrtoc32() 2 mbsrtowcs() 1 wcsrtombs() 1
    mbtowc() 2 mbrtowc() 2 mblen() mbrlen()
    memchr() wmemchr() memset() wmemset()
    strftime() wcsftime() strxfrm()1 wcsxfrm()1
    strncat()2 wcsncat()2 snprintf() vsnprintf()
    swprintf() vswprintf() setvbuf() tmpnam_s()
    snprintf_s() sprintf_s() vsnprintf_s() vsprintf_s()
    gets_s() getenv_s() wctomb_s() mbstowcs_s()3
    wcstombs_s()3 memcpy_s()3 memmove_s()3 strncpy_s()3
    strncat_s()3 strtok_s()2 strerror_s() strnlen_s()
    asctime_s() ctime_s() snwprintf_s() swprintf_s()
    vsnwprintf_s() vswprintf_s() wcsncpy_s()3 wmemcpy_s()3
    wmemmove_s()3 wcsncat_s()3 wcstok_s()2 wcsnlen_s()
    wcrtomb_s() mbsrtowcs_s()3 wcsrtombs_s()3 memset_s()4
    +1 Takes two pointers and an integer, but the integer specifies the element count only of the output buffer, not of the input buffer.2 Takes two pointers and an integer, but the integer specifies the element count only of the input buffer, not of the output buffer.3 Takes two pointers and two integers; each integer corresponds to the element count of one of the pointers.4 Takes a pointer and two size-related integers; the first size-related integer parameter specifies the number of bytes available in the buffer; the second size-related integer parameter specifies the number of bytes to write within the buffer. + + +For calls that take a pointer and an integer size, the given size should not be greater than the element count of the pointer. + +** Noncompliant Code Example (Element Count)** + +In this noncompliant code example, the incorrect element count is used in a call to `wmemcpy()`. The `sizeof` operator returns the size expressed in bytes, but `wmemcpy()` uses an element count based on `wchar_t *`. + +```cpp +#include +#include + +static const char str[] = "Hello world"; +static const wchar_t w_str[] = L"Hello world"; +void func(void) { + char buffer[32]; + wchar_t w_buffer[32]; + memcpy(buffer, str, sizeof(str)); /* Compliant */ + wmemcpy(w_buffer, w_str, sizeof(w_str)); /* Noncompliant */ +} +``` +**Compliant Solution (Element Count)** + +When using functions that operate on pointed-to regions, programmers must always express the integer size in terms of the element count expected by the function. For example, `memcpy()` expects the element count expressed in terms of `void *`, but `wmemcpy()` expects the element count expressed in terms of `wchar_t *`. Instead of the `sizeof` operator, functions that return the number of elements in the string are called, which matches the expected element count for the copy functions. In the case of this compliant solution, where the argument is an array `A` of type `T`, the expression `sizeof(A) / sizeof(T)`, or equivalently `sizeof(A) / sizeof(*A)`, can be used to compute the number of elements in the array. + +```cpp +#include +#include + +static const char str[] = "Hello world"; +static const wchar_t w_str[] = L"Hello world"; +void func(void) { + char buffer[32]; + wchar_t w_buffer[32]; + memcpy(buffer, str, strlen(str) + 1); + wmemcpy(w_buffer, w_str, wcslen(w_str) + 1); +} +``` +**Noncompliant Code Example (Pointer + Integer)** + +This noncompliant code example assigns a value greater than the number of bytes of available memory to `n`, which is then passed to `memset()`: + +```cpp +#include +#include + +void f1(size_t nchars) { + char *p = (char *)malloc(nchars); + /* ... */ + const size_t n = nchars + 1; + /* ... */ + memset(p, 0, n); +} + +``` +**Compliant Solution (Pointer + Integer)** + +This compliant solution ensures that the value of `n` is not greater than the number of bytes of the dynamic memory pointed to by the pointer `p`: + +```cpp +#include +#include + +void f1(size_t nchars) { + char *p = (char *)malloc(nchars); + /* ... */ + const size_t n = nchars; + /* ... */ + memset(p, 0, n); +} + +``` +**Noncompliant Code Example (Pointer + Integer)** + +In this noncompliant code example, the element count of the array `a` is `ARR_SIZE` elements. Because `memset()` expects a byte count, the size of the array is scaled incorrectly by `sizeof(int)` instead of `sizeof(long)`, which can form an invalid pointer on architectures where `sizeof(int) != sizeof(long)`. + +```cpp +#include + +void f2(void) { + const size_t ARR_SIZE = 4; + long a[ARR_SIZE]; + const size_t n = sizeof(int) * ARR_SIZE; + void *p = a; + + memset(p, 0, n); +} + +``` +**Compliant Solution (Pointer + Integer)** + +In this compliant solution, the element count required by `memset()` is properly calculated without resorting to scaling: + +```cpp +#include + +void f2(void) { + const size_t ARR_SIZE = 4; + long a[ARR_SIZE]; + const size_t n = sizeof(a); + void *p = a; + + memset(p, 0, n); +} + +``` + +## Two Pointers + One Integer + +The following standard library functions take two pointer arguments and a size argument, with the constraint that both pointers must point to valid memory objects of at least the number of elements indicated by the size argument. + +
    memcpy() wmemcpy() memmove() wmemmove()
    strncpy() wcsncpy() memcmp() wmemcmp()
    strncmp() wcsncmp() strcpy_s() wcscpy_s()
    strcat_s() wcscat_s()
    +For calls that take two pointers and an integer size, the given size should not be greater than the element count of either pointer. + + +**Noncompliant Code Example (Two Pointers + One Integer)** + +In this noncompliant code example, the value of `n` is incorrectly computed, allowing a read past the end of the object referenced by `q`: + +```cpp +#include + +void f4() { + char p[40]; + const char *q = "Too short"; + size_t n = sizeof(p); + memcpy(p, q, n); +} +``` +**Compliant Solution (Two Pointers + One Integer)** + +This compliant solution ensures that `n` is equal to the size of the character array: + +```cpp +#include + +void f4() { + char p[40]; + const char *q = "Too short"; + size_t n = sizeof(p) < strlen(q) + 1 ? sizeof(p) : strlen(q) + 1; + memcpy(p, q, n); +} +``` + +## One Pointer + Two Integers + +The following standard library functions take a pointer argument and two size arguments, with the constraint that the pointer must point to a valid memory object containing at least as many bytes as the product of the two size arguments. + +
    bsearch() bsearch_s() qsort() qsort_s()
    fread() fwrite()
    +For calls that take a pointer and two integers, one integer represents the number of bytes required for an individual object, and a second integer represents the number of elements in the array. The resulting product of the two integers should not be greater than the element count of the pointer were it expressed as an `unsigned char *`. + + +**Noncompliant Code Example (One Pointer + Two Integers)** + +This noncompliant code example allocates a variable number of objects of type `struct obj`. The function checks that `num_objs` is small enough to prevent wrapping, in compliance with [INT30-C. Ensure that unsigned integer operations do not wrap](https://wiki.sei.cmu.edu/confluence/display/c/INT30-C.+Ensure+that+unsigned+integer+operations+do+not+wrap). The size of `struct obj` is assumed to be 16 bytes to account for padding to achieve the assumed alignment of `long long`. However, the padding typically depends on the target architecture, so this object size may be incorrect, resulting in an incorrect element count. + +```cpp +#include +#include + +struct obj { + char c; + long long i; +}; + +void func(FILE *f, struct obj *objs, size_t num_objs) { + const size_t obj_size = 16; + if (num_objs > (SIZE_MAX / obj_size) || + num_objs != fwrite(objs, obj_size, num_objs, f)) { + /* Handle error */ + } +} +``` +**Compliant Solution (One Pointer + Two Integers)** + +This compliant solution uses the `sizeof` operator to correctly provide the object size and `num_objs` to provide the element count: + +```cpp +#include +#include + +struct obj { + char c; + long long i; +}; + +void func(FILE *f, struct obj *objs, size_t num_objs) { + const size_t obj_size = sizeof *objs; + if (num_objs > (SIZE_MAX / obj_size) || + num_objs != fwrite(objs, obj_size, num_objs, f)) { + /* Handle error */ + } +} +``` +**Noncompliant Code Example (One Pointer + Two Integers)** + +In this noncompliant code example, the function `f()` calls `fread()` to read `nitems` of type `wchar_t`, each `size` bytes in size, into an array of `BUFFER_SIZE` elements, `wbuf`. However, the expression used to compute the value of `nitems` fails to account for the fact that, unlike the size of `char`, the size of `wchar_t` may be greater than 1. Consequently, `fread()` could attempt to form pointers past the end of `wbuf` and use them to assign values to nonexistent elements of the array. Such an attempt is [undefined behavior](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-undefinedbehavior). (See [undefined behavior 109](https://wiki.sei.cmu.edu/confluence/display/c/CC.+Undefined+Behavior#CC.UndefinedBehavior-ub_109).) A likely consequence of this undefined behavior is a buffer overflow. For a discussion of this programming error in the Common Weakness Enumeration database, see [CWE-121](http://cwe.mitre.org/data/definitions/121.html), "Stack-based Buffer Overflow," and [CWE-805](http://cwe.mitre.org/data/definitions/805.html), "Buffer Access with Incorrect Length Value." + +```cpp +#include +#include + +void f(FILE *file) { + enum { BUFFER_SIZE = 1024 }; + wchar_t wbuf[BUFFER_SIZE]; + + const size_t size = sizeof(*wbuf); + const size_t nitems = sizeof(wbuf); + + size_t nread = fread(wbuf, size, nitems, file); + /* ... */ +} + +``` +**Compliant Solution (One Pointer + Two Integers)** + +This compliant solution correctly computes the maximum number of items for `fread()` to read from the file: + +```cpp +#include +#include + +void f(FILE *file) { + enum { BUFFER_SIZE = 1024 }; + wchar_t wbuf[BUFFER_SIZE]; + + const size_t size = sizeof(*wbuf); + const size_t nitems = sizeof(wbuf) / size; + + size_t nread = fread(wbuf, size, nitems, file); + /* ... */ +} +``` +**Noncompliant Code Example (Heartbleed)** + +CERT vulnerability [720951](http://www.kb.cert.org/vuls/id/720951) describes a vulnerability in OpenSSL versions 1.0.1 through 1.0.1f, popularly known as "Heartbleed." This vulnerability allows an attacker to steal information that under normal conditions would be protected by Secure Socket Layer/Transport Layer Security (SSL/TLS) encryption. + +Despite the seriousness of the vulnerability, Heartbleed is the result of a common programming error and an apparent lack of awareness of secure coding principles. Following is the vulnerable code: + +```cpp +int dtls1_process_heartbeat(SSL *s) { + unsigned char *p = &s->s3->rrec.data[0], *pl; + unsigned short hbtype; + unsigned int payload; + unsigned int padding = 16; /* Use minimum padding */ + + /* Read type and payload length first */ + hbtype = *p++; + n2s(p, payload); + pl = p; + + /* ... More code ... */ + + if (hbtype == TLS1_HB_REQUEST) { + unsigned char *buffer, *bp; + int r; + + /* + * Allocate memory for the response; size is 1 byte + * message type, plus 2 bytes payload length, plus + * payload, plus padding. + */ + buffer = OPENSSL_malloc(1 + 2 + payload + padding); + bp = buffer; + + /* Enter response type, length, and copy payload */ + *bp++ = TLS1_HB_RESPONSE; + s2n(payload, bp); + memcpy(bp, pl, payload); + + /* ... More code ... */ + } + /* ... More code ... */ +} +``` +This code processes a "heartbeat" packet from a client. As specified in [RFC 6520](https://tools.ietf.org/html/rfc6520), when the program receives a heartbeat packet, it must echo the packet's data back to the client. In addition to the data, the packet contains a length field that conventionally indicates the number of bytes in the packet data, but there is nothing to prevent a malicious packet from lying about its data length. + +The `p` pointer, along with `payload` and `p1`, contains data from a packet. The code allocates a `buffer` sufficient to contain `payload` bytes, with some overhead, then copies `payload` bytes starting at `p1` into this buffer and sends it to the client. Notably absent from this code are any checks that the payload integer variable extracted from the heartbeat packet corresponds to the size of the packet data. Because the client can specify an arbitrary value of `payload`, an attacker can cause the server to read and return the contents of memory beyond the end of the packet data, which violates [INT04-C. Enforce limits on integer values originating from tainted sources](https://wiki.sei.cmu.edu/confluence/display/c/INT04-C.+Enforce+limits+on+integer+values+originating+from+tainted+sources). The resulting call to `memcpy()` can then copy the contents of memory past the end of the packet data and the packet itself, potentially exposing sensitive data to the attacker. This call to `memcpy()` violates [ARR38-C. Guarantee that library functions do not form invalid pointers](https://wiki.sei.cmu.edu/confluence/display/c/ARR38-C.+Guarantee+that+library+functions+do+not+form+invalid+pointers). A version of ARR38-C also appears in [ISO/IEC TS 17961:2013](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO-IECTS17961), "Forming invalid pointers by library functions \[libptr\]." This rule would require a conforming analyzer to diagnose the Heartbleed vulnerability. + +**Compliant Solution (Heartbleed)** + +OpenSSL version 1.0.1g contains the following patch, which guarantees that `payload` is within a valid range. The range is limited by the size of the input record. + +```cpp +int dtls1_process_heartbeat(SSL *s) { + unsigned char *p = &s->s3->rrec.data[0], *pl; + unsigned short hbtype; + unsigned int payload; + unsigned int padding = 16; /* Use minimum padding */ + + /* ... More code ... */ + + /* Read type and payload length first */ + if (1 + 2 + 16 > s->s3->rrec.length) + return 0; /* Silently discard */ + hbtype = *p++; + n2s(p, payload); + if (1 + 2 + payload + 16 > s->s3->rrec.length) + return 0; /* Silently discard per RFC 6520 */ + pl = p; + + /* ... More code ... */ + + if (hbtype == TLS1_HB_REQUEST) { + unsigned char *buffer, *bp; + int r; + + /* + * Allocate memory for the response; size is 1 byte + * message type, plus 2 bytes payload length, plus + * payload, plus padding. + */ + buffer = OPENSSL_malloc(1 + 2 + payload + padding); + bp = buffer; + /* Enter response type, length, and copy payload */ + *bp++ = TLS1_HB_RESPONSE; + s2n(payload, bp); + memcpy(bp, pl, payload); + /* ... More code ... */ + } + /* ... More code ... */ +} +``` + +## Risk Assessment + +Depending on the library function called, an attacker may be able to use a heap or stack overflow [vulnerability](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) to run arbitrary code. + +
    Rule Severity Likelihood Remediation Cost Priority Level
    ARR38-C High Likely Medium P18 L1
    + + +## Automated Detection + +
    Tool Version Checker Description
    Astrée 22.04 array_out_of_bounds Supported Astrée reports all out-of-bound accesses within library analysis stubs. The user may provide additional stubs for arbitrary (library) functions.
    CodeSonar 7.2p0 LANG.MEM.BO LANG.MEM.BU BADFUNC.BO.\* Buffer overrun Buffer underrun A collection of warning classes that report uses of library functions prone to internal buffer overflows
    Compass/ROSE
    Coverity 2017.07 BUFFER_SIZE BAD_SIZEOF BAD_ALLOC_STRLEN BAD_ALLOC_ARITHMETIC Implemented
    Fortify SCA 5.0 Can detect violations of this rule with CERT C Rule Pack
    Helix QAC 2022.4 C2840 DF2840, DF2841, DF2842, DF2843, DF2845, DF2846, DF2847, DF2848, DF2935, DF2936, DF2937, DF2938, DF4880, DF4881, DF4882, DF4883
    Klocwork 2022.4 ABV.GENERALABV.GENERAL.MULTIDIMENSION
    LDRA tool suite 9.7.1 64 X, 66 X, 68 X, 69 X, 70 X, 71 X, 79 X Partially Implmented
    Parasoft C/C++test 2022.2 CERT_C-ARR38-a CERT_C-ARR38-b CERT_C-ARR38-c CERT_C-ARR38-d Avoid overflow when reading from a buffer Avoid overflow when writing to a buffer Avoid buffer overflow due to defining incorrect format limits Avoid overflow due to reading a not zero terminated string
    Parasoft Insure++ Runtime analysis
    PC-lint Plus 1.4 419, 420 Partially supported
    Polyspace Bug Finder R2023a CERT C: Rule ARR38-C Checks for: Mismatch between data length and sizeismatch between data length and size, invalid use of standard library memory routinenvalid use of standard library memory routine, possible misuse of sizeofossible misuse of sizeof, buffer overflow from incorrect string format specifieruffer overflow from incorrect string format specifier, invalid use of standard library string routinenvalid use of standard library string routine, destination buffer overflow in string manipulationestination buffer overflow in string manipulation, destination buffer underflow in string manipulationestination buffer underflow in string manipulation. Rule partially covered.
    PRQA QA-C 9.7 2840, 2841, 2842, 2843, 2845, 2846, 2847, 2848, 2935, 2936, 2937, 2938 Fully implemented
    PRQA QA-C++ 4.4 2840, 2841, 2842, 2843, 2845, 2846, 2847, 2848, 2935, 2936, 2937, 2938 Fully implemented
    Splint 3.1.1
    TrustInSoft Analyzer 1.38 out of bounds read Partially verified.
    + + +## Related Vulnerabilities + +[CVE-2016-2208](https://bugs.chromium.org/p/project-zero/issues/detail?id=820) results from a violation of this rule. The attacker can supply a value used to determine how much data is copied into a buffer via `memcpy()`, resulting in a buffer overlow of attacker-controlled data. + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+ARR38-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
    Taxonomy Taxonomy item Relationship
    C Secure Coding Standard API00-C. Functions should validate their parameters Prior to 2018-01-12: CERT: Unspecified Relationship
    C Secure Coding Standard ARR01-C. Do not apply the sizeof operator to a pointer when taking the size of an array Prior to 2018-01-12: CERT: Unspecified Relationship
    C Secure Coding Standard INT30-C. Ensure that unsigned integer operations do not wrap Prior to 2018-01-12: CERT: Unspecified Relationship
    ISO/IEC TS 17961:2013 Forming invalid pointers by library functions \[libptr\] Prior to 2018-01-12: CERT: Unspecified Relationship
    ISO/IEC TR 24772:2013 Buffer Boundary Violation (Buffer Overflow) \[HCB\] Prior to 2018-01-12: CERT: Unspecified Relationship
    ISO/IEC TR 24772:2013 Unchecked Array Copying \[XYW\] Prior to 2018-01-12: CERT: Unspecified Relationship
    CWE 2.11 CWE-119 , Improper Restriction of Operations within the Bounds of a Memory Buffer 2017-05-18: CERT: Rule subset of CWE
    CWE 2.11 CWE-121 , Stack-based Buffer Overflow 2017-05-18: CERT: Partial overlap
    CWE 2.11 CWE-123 , Write-what-where Condition 2017-05-18: CERT: Partial overlap
    CWE 2.11 CWE-125 , Out-of-bounds Read 2017-05-18: CERT: Partial overlap
    CWE 2.11 CWE-805 , Buffer Access with Incorrect Length Value 2017-05-18: CERT: Partial overlap
    CWE 3.1 CWE-129 , Improper Validation of Array Index 2017-10-30:MITRE:Unspecified Relationship 2018-10-18:CERT: Partial Overlap
    + + +## CERT-CWE Mapping Notes + +[Key here](https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=87152408#HowthisCodingStandardisOrganized-CERT-CWEMappingNotes) for mapping notes + +**CWE-121 and ARR38-C** + +Intersection( CWE-121, ARR38-C) = + +* Stack buffer overflow from passing invalid arguments to library function +CWE-121 – ARR38-C = +* Stack buffer overflows from direct out-of-bounds write +ARR38-C – CWE-121 = +* Out-of-bounds read from passing invalid arguments to library function +* Buffer overflow on heap or data segment from passing invalid arguments to library function +**CWE-119 and ARR38-C** + +See CWE-119 and ARR30-C + +**CWE-125 and ARR38-C** + +Independent( ARR30-C, ARR38-C, EXP39-C, INT30-C) + +STR31-C = Subset( Union( ARR30-C, ARR38-C)) + +STR32-C = Subset( ARR38-C) + +Intersection( ARR38-C, CWE-125) = + +* Reading from an out-of-bounds array index or off the end of an array via standard library function +ARR38-C – CWE-125 = +* Writing to an out-of-bounds array index or off the end of an array via standard library function +CWE-125 – ARR38-C = +* Reading beyond a non-array buffer +* Reading beyond an array directly (using pointer arithmetic, or \[\] notation) +**CWE-805 and ARR38-C** + +Intersection( CWE-805, ARR38-C) = + +* Buffer access with incorrect length via passing invalid arguments to library function +CWE-805 – ARR38-C = +* Buffer access with incorrect length directly (such as a loop construct) +ARR38-C – CWE-805 = +* Out-of-bounds read or write that does not involve incorrect length (could use incorrect offset instead), that uses library function +**CWE-123 and ARR38-C** + +Independent(ARR30-C, ARR38-C) + +STR31-C = Subset( Union( ARR30-C, ARR38-C)) + +STR32-C = Subset( ARR38-C) + +CWE-123 includes any operation that allows an attacker to write an arbitrary value to an arbitrary memory location. This could be accomplished via overwriting a pointer with data that refers to the address to write, then when the program writes to a pointed-to value, supplying a malicious value. Vulnerable pointer values can be corrupted by: + +* Stack return address +* Buffer overflow on the heap (which typically overwrites back/next pointer values) +* Write to untrusted array index (if it is also invalid) +* Format string exploit +* Overwriting a C++ object with virtual functions (because it has a virtual pointer) +* Others? +Intersection( CWE-123, ARR38-C) = +* Buffer overflow via passing invalid arguments to library function +ARR38-C – CWE-123 = +* Buffer overflow to “harmless” memory from passing invalid arguments to library function +* Out-of-bounds read from passing invalid arguments to library function +CWE-123 – ARR38-C = +* Arbitrary writes that do not involve standard C library functions +**CWE-129 and ARR38-C** + +ARR38-C - CWE-129 = making library functions create invalid pointers without using untrusted data. + +E.g. : `char[3] array;` + +`strcpy(array, "123456");` + +CWE-129 - ARR38-C = not validating an integer used as an array index or in pointer arithmetic + +E.g.: `void foo(int i) {` + +` char array[3];` + +` array[i];` + +`}` + +Intersection(ARR38-C, CWE-129) = making library functions create invalid pointers using untrusted data. + +`eg: void foo(int i) {` + +` char src[3], dest[3];` + +` memcpy(dest, src, i);` + +`}` + +## Bibliography + +
    \[ Cassidy 2014 \] Existential Type Crisis : Diagnosis of the OpenSSL Heartbleed Bug
    \[ IETF: RFC 6520 \]
    \[ ISO/IEC TS 17961:2013 \]
    \[ VU\#720951 \]
    + + +## Implementation notes + +None + +## References + +* CERT-C: [ARR38-C: Guarantee that library functions do not form invalid pointers](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.ql b/c/cert/src/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.ql new file mode 100644 index 0000000000..15923839f9 --- /dev/null +++ b/c/cert/src/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.ql @@ -0,0 +1,23 @@ +/** + * @id c/cert/library-function-argument-out-of-bounds + * @name ARR38-C: Guarantee that library functions do not form invalid pointers + * @description + * @kind problem + * @precision high + * @problem.severity error + * @tags external/cert/id/arr38-c + * correctness + * security + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import codingstandards.c.OutOfBounds + +from OOB::BufferAccessLibraryFunctionCall fc, + string message, Expr bufferArg, string bufferArgStr, Expr sizeOrOtherBufferArg, string otherStr +where + not isExcluded(fc, OutOfBoundsPackage::libraryFunctionArgumentOutOfBoundsQuery()) and + OOB::problems(fc, message, bufferArg, bufferArgStr, sizeOrOtherBufferArg, otherStr) +select fc, message, bufferArg, bufferArgStr, sizeOrOtherBufferArg, otherStr diff --git a/c/common/src/codingstandards/c/OutOfBounds.qll b/c/common/src/codingstandards/c/OutOfBounds.qll index 693f39969e..188efa6602 100644 --- a/c/common/src/codingstandards/c/OutOfBounds.qll +++ b/c/common/src/codingstandards/c/OutOfBounds.qll @@ -164,12 +164,6 @@ module OOB { src_sz = 2 and dst_sz = -1 or - name = "wcsncat" and - dst = 0 and - src = 1 and - src_sz = 2 and - dst_sz = -1 - or name = ["snprintf", "vsnprintf", "swprintf", "vswprintf"] and dst = 0 and src = -1 and @@ -239,7 +233,7 @@ module OOB { /** * Returns the index of the parameter that is the destination buffer size. */ - int getWriteCountParamIndex() { + int getWriteSizeParamIndex() { this = libraryFunctionNameParamTable(_, _, _, _, result) and result >= 0 } @@ -262,14 +256,14 @@ module OOB { /** * Gets a parameter than is a destination (write) buffer size. */ - Parameter getWriteSizeParam() { result = this.getParameter(this.getWriteCountParamIndex()) } + Parameter getWriteSizeParam() { result = this.getParameter(this.getWriteSizeParamIndex()) } /** * Gets the size of an element in the destination buffer class */ int getWriteParamElementSize(Parameter p) { p = this.getWriteParam() and - p.getType().stripType().getSize().maximum(1) = result + p.getType().getUnspecifiedType().(DerivedType).getBaseType().getSize().maximum(1) = result } /** @@ -277,7 +271,7 @@ module OOB { */ int getReadParamElementSize(Parameter p) { p = this.getReadParam() and - p.getType().stripType().getSize().maximum(1) = result + p.getType().getUnspecifiedType().(DerivedType).getBaseType().getSize().maximum(1) = result } predicate getANullTerminatedParameterIndex(int i) { @@ -313,7 +307,7 @@ module OOB { */ class SimpleStringLibraryFunction extends BufferAccessLibraryFunction { SimpleStringLibraryFunction() { - this = libraryFunctionNameParamTableSimpleString(this.getName(), _, _, -1, -1) + this = libraryFunctionNameParamTableSimpleString(_, _, _, -1, -1) } override predicate getANullTerminatedParameterIndex(int i) { @@ -332,20 +326,18 @@ module OOB { /** * A `BufferAccessLibraryFunction` that performs string concatenation. */ - abstract class StringConcatenationFunctionLibraryFunction extends BufferAccessLibraryFunction { } + abstract class StringConcatenationFunctionLibraryFunction extends BufferAccessLibraryFunction { + override predicate getANullTerminatedParameterIndex(int i) { + // `strcat` and variants require null-terminated params for both src and dst + i = [0, 1] + } + } /** * A `BufferAccessLibraryFunction` modelling `strcat` */ - class StrcatLibraryFunction extends StringConcatenationFunctionLibraryFunction, - SimpleStringLibraryFunction - { + class StrcatLibraryFunction extends BufferAccessLibraryFunction { StrcatLibraryFunction() { this.getName() = getNameOrInternalName("strcat") } - - override predicate getANullTerminatedParameterIndex(int i) { - // `strcat` requires null-terminated parameters for both src and dst - i = [0, 1] - } } /** @@ -353,11 +345,6 @@ module OOB { */ class StrncatLibraryFunction extends StringConcatenationFunctionLibraryFunction { StrncatLibraryFunction() { this.getName() = getNameOrInternalName(["strncat", "wcsncat"]) } - - override predicate getANullTerminatedParameterIndex(int i) { - // `strncat` requires null-terminated parameters for both src and dst - i = [0, 1] - } } /** @@ -372,6 +359,48 @@ module OOB { } } + /** + * A `BufferAccessLibraryFunction` modelling `strncmp` + */ + class StrncmpLibraryFunction extends BufferAccessLibraryFunction { + StrncmpLibraryFunction() { this.getName() = getNameOrInternalName("strncmp") } + + override predicate getANullTerminatedParameterIndex(int i) { + // `strncmp` does not require null-terminated parameters + none() + } + } + + /** + * A `BufferAccessLibraryFunction` modelling ["mbtowc", "mbrtowc"] + */ + class MbtowcLibraryFunction extends BufferAccessLibraryFunction { + MbtowcLibraryFunction() { this.getName() = getNameOrInternalName(["mbtowc", "mbrtowc"]) } + + override predicate getAPermissiblyNullParameterIndex(int i) { + // `mbtowc` requires null-terminated parameters for both src and dst + i = [0, 1] + } + } + + /** + * A `BufferAccessLibraryFunction` modelling `mblen` and `mbrlen` + */ + class MblenLibraryFunction extends BufferAccessLibraryFunction { + MblenLibraryFunction() { this.getName() = getNameOrInternalName(["mblen", "mbrlen"]) } + + override predicate getAPermissiblyNullParameterIndex(int i) { i = 0 } + } + + /** + * A `BufferAccessLibraryFunction` modelling `setvbuf` + */ + class SetvbufLibraryFunction extends BufferAccessLibraryFunction { + SetvbufLibraryFunction() { this.getName() = getNameOrInternalName("setvbuf") } + + override predicate getAPermissiblyNullParameterIndex(int i) { i = 1 } + } + /** * A `FunctionCall` to a `BufferAccessLibraryFunction` that provides predicates for * reasoning about buffer overflow and other buffer access violations. @@ -387,14 +416,16 @@ module OOB { result = this.getArgument(this.getTarget().(BufferAccessLibraryFunction).getWriteParamIndex()) } - Expr getReadSizeArg() { + Expr getReadSizeArg(int mult) { result = - this.getArgument(this.getTarget().(BufferAccessLibraryFunction).getReadSizeParamIndex()) + this.getArgument(this.getTarget().(BufferAccessLibraryFunction).getReadSizeParamIndex()) and + getReadSizeArgMult() = mult } - Expr getWriteSizeArg() { + Expr getWriteSizeArg(int mult) { result = - this.getArgument(this.getTarget().(BufferAccessLibraryFunction).getWriteCountParamIndex()) + this.getArgument(this.getTarget().(BufferAccessLibraryFunction).getWriteSizeParamIndex()) and + getWriteSizeArgMult() = mult } int getReadSizeArgMult() { @@ -406,6 +437,9 @@ module OOB { } } + /** + * A `FunctionCall` to a `SimpleStringLibraryFunction` + */ class SimpleStringLibraryFunctionCall extends BufferAccessLibraryFunctionCall { SimpleStringLibraryFunctionCall() { this.getTarget() instanceof SimpleStringLibraryFunction } } @@ -454,19 +488,31 @@ module OOB { result = 0 } - int constOrZero(Expr e) { + private int constOrZero(Expr e) { result = e.getValue().toInt() or not exists(e.getValue().toInt()) and result = 0 } abstract class PointerToObjectSource extends Expr { + /** + * Gets the expression that points to the object. + */ abstract Expr getPointer(); + /** + * Gets the expression, if any, that defines the size of the object. + */ abstract Expr getSizeExpr(); + /** + * Gets the size of the object, if it is statically known. + */ abstract int getFixedSize(); + /** + * Holds if the object is not null-terminated. + */ abstract predicate isNotNullTerminated(); } @@ -558,6 +604,10 @@ module OOB { override predicate isNotNullTerminated() { none() } } + /** + * A `PointerToObjectSource` which is an `AddressOfExpr` to a variable + * that is not a field or pointer type. + */ class AddressOfExprSource extends PointerToObjectSource, AddressOfExpr { AddressOfExprSource() { exists(Variable v | @@ -576,6 +626,9 @@ module OOB { override predicate isNotNullTerminated() { none() } } + /** + * A `PointerToObjectSource` which is a `VariableAccess` to a static buffer + */ class StaticBufferAccessSource extends PointerToObjectSource instanceof VariableAccess { StaticBufferAccessSource() { not this.getTarget() instanceof Field and @@ -598,6 +651,25 @@ module OOB { } } + /** + * A `PointerToObjectSource` which is a string literal that is not + * part of an variable initializer (to deduplicate `StaticBufferAccessSource`) + */ + class StringLiteralSource extends PointerToObjectSource instanceof StringLiteral { + StringLiteralSource() { not this instanceof CharArrayInitializedWithStringLiteral } + + override Expr getPointer() { result = this } + + override Expr getSizeExpr() { none() } + + override int getFixedSize() { + result = this.(StringLiteral).getOriginalLength() + } + + override predicate isNotNullTerminated() { none() } + } + + class PointerToObjectSourceOrSizeToBufferAccessFunctionConfig extends DataFlow::Configuration { PointerToObjectSourceOrSizeToBufferAccessFunctionConfig() { this = "PointerToObjectSourceOrSizeToBufferAccessFunctionConfig" @@ -674,7 +746,7 @@ module OOB { source = sizeExpr or // computable source value that flows to the size expression - size = source.(DynamicAllocationSource).getFixedSize() and + size = source.(DynamicAllocationSource).getFixedSize() + getArithmeticOffsetValue(sizeExpr) and hasFlowFromBufferOrSizeExprToUse(source.(DynamicAllocationSource).getSizeExprSource(_, _), sizeExpr) } @@ -718,51 +790,78 @@ module OOB { hasFlowFromBufferOrSizeExprToUse(allocSize, bufferSizeArg) } + /** + * Holds if `arg` refers to the number of characters excluding a null terminator + */ + private predicate isArgNumCharacters(BufferAccessLibraryFunctionCall fc, Expr arg) { + exists(int i | + arg = fc.getArgument(i) and + fc.getTarget().(BufferAccessLibraryFunction).getALengthParameterIndex(i) + ) + } + + /** + * Returns '1' if `arg` refers to the number of characters excluding a null terminator, + * otherwise '0' if `arg` refers to the number of characters including a null terminator. + */ + private int argNumCharactersOffset(BufferAccessLibraryFunctionCall fc, Expr arg) { + if isArgNumCharacters(fc, arg) then result = 1 else result = 0 + } + + /** + * Holds if the call `fc` results in a buffer overflow due to a size argument + * being greater in size than the buffer size being read from or written to. + */ predicate isSizeArgGreaterThanBufferSize( - Expr bufferArg, Expr sizeArg, PointerToObjectSource bufferSource, int bufferArgSize, - int sizeArgValue, BufferAccessLibraryFunctionCall fc + Expr bufferArg, Expr sizeArg, int computedBufferSize, int computedSizeAccessed, + BufferAccessLibraryFunctionCall fc ) { - exists(float sizeMult | + exists(float sizeMult, int bufferArgSize, int sizeArgValue, PointerToObjectSource bufferSource | ( bufferArg = fc.getWriteArg() and - sizeArg = fc.getWriteSizeArg() and - sizeMult = fc.getWriteSizeArgMult() + sizeArg = fc.getWriteSizeArg(sizeMult) or bufferArg = fc.getReadArg() and - sizeArg = fc.getReadSizeArg() and - sizeMult = fc.getReadSizeArgMult() + sizeArg = fc.getReadSizeArg(sizeMult) ) and - ( - bufferUseComputableBufferSize(bufferArg, bufferSource, bufferArgSize) and - sizeExprComputableSize(sizeArg, _, sizeArgValue) and - bufferArgSize - getArithmeticOffsetValue(bufferArg) < - sizeMult.(float) * (sizeArgValue + getArithmeticOffsetValue(sizeArg)).(float) - ) + bufferUseComputableBufferSize(bufferArg, bufferSource, bufferArgSize) and + sizeExprComputableSize(sizeArg, _, sizeArgValue) and + computedBufferSize = sizeMult.(float) * (bufferArgSize - getArithmeticOffsetValue(bufferArg)) and + computedSizeAccessed = + sizeMult.(float) * (sizeArgValue + argNumCharactersOffset(fc, sizeArg)).(float) and + computedBufferSize < computedSizeAccessed ) } + /** + * Holds if the call `fc` may result in a buffer overflow due to a positive offset + * from a pattern used for calculating the size of the buffer being accessed. + */ predicate isBufferSizeOffsetOfGVN( - BufferAccessLibraryFunctionCall fc, Expr bufferSize, Expr bufferUse, - DynamicAllocationSource source, Expr sourceSizeExpr, Expr sourceSizeExprBase, - int sourceSizeExprOffset, int sizeMult, int sizeArgOffset, int bufferArgOffset - ) { + Expr bufferArg, Expr bufferSizeArg, + int sourceSizeExprOffset, int sizeMult, int sizeArgOffset, int bufferArgOffset, + BufferAccessLibraryFunctionCall fc) { + exists(DynamicAllocationSource source, Expr sourceSizeExpr, Expr sourceSizeExprBase | ( - bufferUse = fc.getWriteArg() and - bufferSize = fc.getWriteSizeArg() and - sizeMult = fc.getWriteSizeArgMult() - or - bufferUse = fc.getReadArg() and - bufferSize = fc.getReadSizeArg() and - sizeMult = fc.getReadSizeArgMult() - ) and - sourceSizeExpr = source.getSizeExprSource(sourceSizeExprBase, sourceSizeExprOffset) and - bufferUseNonComputableSize(bufferUse, source) and - not globalValueNumber(sourceSizeExpr) = globalValueNumber(bufferSize) and - sizeArgOffset = getArithmeticOffsetValue(bufferSize.getAChild*()) and - bufferArgOffset = getArithmeticOffsetValue(bufferUse) and - sourceSizeExprOffset + bufferArgOffset < sizeArgOffset + bufferArg = fc.getWriteArg() and + bufferSizeArg = fc.getWriteSizeArg(sizeMult) + or + bufferArg = fc.getReadArg() and + bufferSizeArg = fc.getReadSizeArg(sizeMult) + ) and + sourceSizeExpr = source.getSizeExprSource(sourceSizeExprBase, sourceSizeExprOffset) and + bufferUseNonComputableSize(bufferArg, source) and + not globalValueNumber(sourceSizeExpr) = globalValueNumber(bufferSizeArg) and + sizeArgOffset = getArithmeticOffsetValue(bufferSizeArg.getAChild*()) and + bufferArgOffset = getArithmeticOffsetValue(bufferArg) and + sourceSizeExprOffset + bufferArgOffset < sizeArgOffset + ) } + /** + * Holds if the call `fc` may result in an invalid buffer access due to a standard library + * function being called with a null pointer as a buffer argument while expecting only non-null input. + */ predicate isMandatoryBufferArgNull(Expr bufferArg, BufferAccessLibraryFunctionCall fc) { exists(int i | i = @@ -776,6 +875,10 @@ module OOB { ) } + /** + * Holds if the call `fc` may result in an invalid buffer access due to a standard library function + * receiving a non-null terminated buffer as a buffer argument and reading past the end of the buffer. + */ predicate isNullTerminatorMissingFromBufferArg( Expr bufferArg, PointerToObjectSource source, BufferAccessLibraryFunctionCall fc ) { @@ -787,7 +890,11 @@ module OOB { ) } - predicate isReadBufferSizeSmallerThanWriteBufferSize( + /** + * Holds if the call `fc` may result in an invalid buffer access due a read buffer being bigger + * than the write buffer. This heuristic is useful for cases such as strcpy(dst, src). + */ + predicate isReadBufferSizeGreaterThanWriteBufferSize( Expr readBuffer, Expr writeBuffer, SimpleStringLibraryFunctionCall fc ) { readBuffer = fc.getReadArg() and @@ -795,8 +902,49 @@ module OOB { exists(int readBufferSize, int writeBufferSize | bufferUseComputableBufferSize(readBuffer, _, readBufferSize) and bufferUseComputableBufferSize(writeBuffer, _, writeBufferSize) and - readBufferSize - getArithmeticOffsetValue(readBuffer) < + readBufferSize + getArithmeticOffsetValue(readBuffer) > writeBufferSize - getArithmeticOffsetValue(writeBuffer) ) } + + private string bufferArgType(BufferAccessLibraryFunctionCall fc, Expr bufferArg) { + fc.getReadArg() = bufferArg and result = "read buffer" + or + fc.getWriteArg() = bufferArg and result = "write buffer" + } + + predicate problems( + BufferAccessLibraryFunctionCall fc, string message, Expr bufferArg, string bufferArgStr, + Expr sizeOrOtherBufferArg, string otherStr + ) { + exists(int bufferArgSize, int sizeArgValue | + isSizeArgGreaterThanBufferSize(bufferArg, sizeOrOtherBufferArg, bufferArgSize, sizeArgValue, + fc) and + bufferArgStr = bufferArgType(fc, bufferArg) and + message = + "The size of the $@ passed to " + fc.getTarget().getName() + " is " + bufferArgSize + + " bytes, but the " + "$@ is " + sizeArgValue + " bytes." and + otherStr = "size argument" + ) + or + isMandatoryBufferArgNull(bufferArg, fc) and + message = "The $@ passed to " + fc.getTarget().getName() + " is null." and + bufferArgStr = bufferArgType(fc, bufferArg) and + otherStr = "" and + sizeOrOtherBufferArg = bufferArg + or + isNullTerminatorMissingFromBufferArg(bufferArg, _, fc) and + message = "The $@ passed to " + fc.getTarget().getName() + " is not null terminated." and + bufferArgStr = bufferArgType(fc, bufferArg) and + otherStr = "" and + sizeOrOtherBufferArg = bufferArg + or + isReadBufferSizeGreaterThanWriteBufferSize(bufferArg, sizeOrOtherBufferArg, fc) and + message = + "The size of the $@ passed to " + fc.getTarget().getName() + " is greater than the " + + "size of the $@." and + bufferArgStr = "read buffer" and + otherStr = "write buffer" + // ADD IN GVN + } } From dfda651ace2e41121f64d3718acf9248bb5ee136 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Thu, 30 Mar 2023 21:28:09 +0200 Subject: [PATCH 0957/2573] ARR38-C: Update query --- .../LibraryFunctionArgumentOutOfBounds.ql | 7 +- .../src/codingstandards/c/OutOfBounds.qll | 83 +++++++++---------- 2 files changed, 45 insertions(+), 45 deletions(-) diff --git a/c/cert/src/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.ql b/c/cert/src/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.ql index 15923839f9..1444967303 100644 --- a/c/cert/src/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.ql +++ b/c/cert/src/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.ql @@ -1,7 +1,7 @@ /** * @id c/cert/library-function-argument-out-of-bounds * @name ARR38-C: Guarantee that library functions do not form invalid pointers - * @description + * @description * @kind problem * @precision high * @problem.severity error @@ -15,8 +15,9 @@ import cpp import codingstandards.c.cert import codingstandards.c.OutOfBounds -from OOB::BufferAccessLibraryFunctionCall fc, - string message, Expr bufferArg, string bufferArgStr, Expr sizeOrOtherBufferArg, string otherStr +from + OOB::BufferAccessLibraryFunctionCall fc, string message, Expr bufferArg, string bufferArgStr, + Expr sizeOrOtherBufferArg, string otherStr where not isExcluded(fc, OutOfBoundsPackage::libraryFunctionArgumentOutOfBoundsQuery()) and OOB::problems(fc, message, bufferArg, bufferArgStr, sizeOrOtherBufferArg, otherStr) diff --git a/c/common/src/codingstandards/c/OutOfBounds.qll b/c/common/src/codingstandards/c/OutOfBounds.qll index 188efa6602..e30e622141 100644 --- a/c/common/src/codingstandards/c/OutOfBounds.qll +++ b/c/common/src/codingstandards/c/OutOfBounds.qll @@ -176,16 +176,18 @@ module OOB { src_sz = 3 and dst_sz = -1 or - name = - [ - "memcpy", "wmemcpy", "memmove", "wmemmove", "strncpy", "wcsncpy", "memcmp", "wmemcmp", - "strncmp", "wcsncmp" - ] and + name = ["memcpy", "wmemcpy", "memmove", "wmemmove", "memcmp", "wmemcmp", "strncmp", "wcsncmp"] and dst = 0 and src = 1 and src_sz = 2 and dst_sz = 2 or + name = ["strncpy", "wcsncpy"] and + dst = 0 and + src = 1 and + src_sz = -1 and + dst_sz = 2 + or name = ["bsearch", "qsort"] and dst = 1 and src = -1 and @@ -359,7 +361,7 @@ module OOB { } } - /** + /** * A `BufferAccessLibraryFunction` modelling `strncmp` */ class StrncmpLibraryFunction extends BufferAccessLibraryFunction { @@ -662,14 +664,11 @@ module OOB { override Expr getSizeExpr() { none() } - override int getFixedSize() { - result = this.(StringLiteral).getOriginalLength() - } + override int getFixedSize() { result = this.(StringLiteral).getOriginalLength() } override predicate isNotNullTerminated() { none() } } - class PointerToObjectSourceOrSizeToBufferAccessFunctionConfig extends DataFlow::Configuration { PointerToObjectSourceOrSizeToBufferAccessFunctionConfig() { this = "PointerToObjectSourceOrSizeToBufferAccessFunctionConfig" @@ -838,11 +837,11 @@ module OOB { * from a pattern used for calculating the size of the buffer being accessed. */ predicate isBufferSizeOffsetOfGVN( - Expr bufferArg, Expr bufferSizeArg, - int sourceSizeExprOffset, int sizeMult, int sizeArgOffset, int bufferArgOffset, - BufferAccessLibraryFunctionCall fc) { + Expr bufferArg, Expr bufferSizeArg, int sourceSizeExprOffset, int sizeMult, int sizeArgOffset, + int bufferArgOffset, BufferAccessLibraryFunctionCall fc + ) { exists(DynamicAllocationSource source, Expr sourceSizeExpr, Expr sourceSizeExprBase | - ( + ( bufferArg = fc.getWriteArg() and bufferSizeArg = fc.getWriteSizeArg(sizeMult) or @@ -917,34 +916,34 @@ module OOB { BufferAccessLibraryFunctionCall fc, string message, Expr bufferArg, string bufferArgStr, Expr sizeOrOtherBufferArg, string otherStr ) { - exists(int bufferArgSize, int sizeArgValue | - isSizeArgGreaterThanBufferSize(bufferArg, sizeOrOtherBufferArg, bufferArgSize, sizeArgValue, - fc) and - bufferArgStr = bufferArgType(fc, bufferArg) and - message = - "The size of the $@ passed to " + fc.getTarget().getName() + " is " + bufferArgSize + - " bytes, but the " + "$@ is " + sizeArgValue + " bytes." and - otherStr = "size argument" - ) - or - isMandatoryBufferArgNull(bufferArg, fc) and - message = "The $@ passed to " + fc.getTarget().getName() + " is null." and + exists(int bufferArgSize, int sizeArgValue | + isSizeArgGreaterThanBufferSize(bufferArg, sizeOrOtherBufferArg, bufferArgSize, sizeArgValue, + fc) and bufferArgStr = bufferArgType(fc, bufferArg) and - otherStr = "" and - sizeOrOtherBufferArg = bufferArg - or - isNullTerminatorMissingFromBufferArg(bufferArg, _, fc) and - message = "The $@ passed to " + fc.getTarget().getName() + " is not null terminated." and - bufferArgStr = bufferArgType(fc, bufferArg) and - otherStr = "" and - sizeOrOtherBufferArg = bufferArg - or - isReadBufferSizeGreaterThanWriteBufferSize(bufferArg, sizeOrOtherBufferArg, fc) and message = - "The size of the $@ passed to " + fc.getTarget().getName() + " is greater than the " + - "size of the $@." and - bufferArgStr = "read buffer" and - otherStr = "write buffer" - // ADD IN GVN - } + "The size of the $@ passed to " + fc.getTarget().getName() + " is " + bufferArgSize + + " bytes, but the " + "$@ is " + sizeArgValue + " bytes." and + otherStr = "size argument" + ) + or + isMandatoryBufferArgNull(bufferArg, fc) and + message = "The $@ passed to " + fc.getTarget().getName() + " is null." and + bufferArgStr = bufferArgType(fc, bufferArg) and + otherStr = "" and + sizeOrOtherBufferArg = bufferArg + or + isNullTerminatorMissingFromBufferArg(bufferArg, _, fc) and + message = "The $@ passed to " + fc.getTarget().getName() + " is not null terminated." and + bufferArgStr = bufferArgType(fc, bufferArg) and + otherStr = "" and + sizeOrOtherBufferArg = bufferArg + or + isReadBufferSizeGreaterThanWriteBufferSize(bufferArg, sizeOrOtherBufferArg, fc) and + message = + "The size of the $@ passed to " + fc.getTarget().getName() + " is greater than the " + + "size of the $@." and + bufferArgStr = "read buffer" and + otherStr = "write buffer" + // ADD IN GVN + } } From 39857d6c544cc415c28e763c84449507e3b822ac Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 30 Mar 2023 18:12:14 -0400 Subject: [PATCH 0958/2573] bump --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- docs/user_manual.md | 8 ++++---- 16 files changed, 19 insertions(+), 19 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index 55a6333b43..9bf5fdf9d6 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards -version: 2.15.1 +version: 2.17.0-dev description: CERT C 2016 suites: codeql-suites license: MIT diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index 79a2734e3a..af44af0f5e 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards-tests -version: 2.15.1 +version: 2.17.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 0d885c03b0..9bee128d03 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards -version: 2.15.1 +version: 2.17.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index 0aa943e037..be0f9b8081 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards-tests -version: 2.15.1 +version: 2.17.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index d05a95b63e..e060adfbaf 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards -version: 2.15.1 +version: 2.17.0-dev description: MISRA C 2012 suites: codeql-suites license: MIT diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index 3f7ed31588..ab78b3ee98 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards-tests -version: 2.15.1 +version: 2.17.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index 5632893bcc..ba5de86942 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards -version: 2.15.1 +version: 2.17.0-dev description: AUTOSAR C++14 Guidelines 20-11 suites: codeql-suites license: MIT diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index 71dde260c1..534b5e5db0 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards-tests -version: 2.15.1 +version: 2.17.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index 723b67ca7a..8ef6f4f13a 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards -version: 2.15.1 +version: 2.17.0-dev description: CERT C++ 2016 suites: codeql-suites license: MIT diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index ca0c308a9a..c567a2df29 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards-tests -version: 2.15.1 +version: 2.17.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index de29fe4115..04e11aa72f 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards -version: 2.15.1 +version: 2.17.0-dev license: MIT dependencies: codeql/cpp-all: 0.3.5 diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index 57f59f7bc6..352c808436 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards-tests -version: 2.15.1 +version: 2.17.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index 51961339a3..b6d346be4e 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards -version: 2.15.1 +version: 2.17.0-dev description: MISRA C++ 2008 suites: codeql-suites license: MIT diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index 9c6b0868e7..ff97ebaa8f 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards-tests -version: 2.15.1 +version: 2.17.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index ac8b7a364f..af5066a5b9 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/report-cpp-coding-standards -version: 2.15.1 +version: 2.17.0-dev license: MIT dependencies: codeql/cpp-all: 0.3.5 diff --git a/docs/user_manual.md b/docs/user_manual.md index c8472fca11..5786a93820 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -26,10 +26,10 @@ This user manual documents release `2.10.0` of the coding standards located at https://github.com/github/codeql-coding-standards/releases/tag/v2.10.0 . The release page documents the release notes and contains the following artifacts part of the release: -- `code-scanning-cpp-query-pack-anon-2.15.1.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `supported_rules_list_2.15.1.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. +- `code-scanning-cpp-query-pack-anon-2.17.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. +- `supported_rules_list_2.17.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. - `upported_rules_list_2.15.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. -- `user_manual_2.15.1.md`: This user manual. +- `user_manual_2.17.0-dev.md`: This user manual. - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards - `checksums.txt`: A text file containing sha256 checksums for the aforementioned artifacts. @@ -457,7 +457,7 @@ This section describes known failure modes for "CodeQL Coding Standards" and des | | Ouf of space | Less output. Some files may be only be partially analyzed, or not analyzed at all. | Error reported on the command line. | Increase space. If it remains an issue report space consumption issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False positives | More output. Results are reported which are not violations of the guidelines. | All reported results must be reviewed. | Report false positive issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False negatives | Less output. Violations of the guidelines are not reported. | Other validation and verification processes during software development should be used to complement the analysis performed by CodeQL Coding Standards. | Report false negative issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | -| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.15.1.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | +| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.17.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | | | Incorrect deviation record specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation records with a reason. Ensure that all deviation records are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Incorrect deviation permit specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation permits with a reason. Ensure that all deviation permits are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Unapproved use of a deviation record | Less output. Results for guideline violations are not reported. | Validate that the deviation record use is approved by verifying the approved-by attribute of the deviation record specification. | Ensure that each raised deviation record is approved by an independent approver through an auditable process. | From 18fd211593ddb8616f6d121f187d45f4ffe84bac Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 30 Mar 2023 18:26:15 -0400 Subject: [PATCH 0959/2573] docs --- docs/user_manual.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/user_manual.md b/docs/user_manual.md index 4043efa939..ef1f44eded 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -23,7 +23,7 @@ ## Release information -This user manual documents release `2.10.0` of the coding standards located at https://github.com/github/codeql-coding-standards/releases/tag/v2.10.0 . +This user manual documents release `2.17.0-dev` of the coding standards located at https://github.com/github/codeql-coding-standards. The release page documents the release notes and contains the following artifacts part of the release: - `code-scanning-cpp-query-pack-anon-2.17.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. From 2d2dd84c6bda2f3398235e294c89d59ba7317064 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 30 Mar 2023 18:29:29 -0400 Subject: [PATCH 0960/2573] correct version --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- docs/user_manual.md | 12 ++++++------ 16 files changed, 21 insertions(+), 21 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index 9bf5fdf9d6..125b9fcc8a 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards -version: 2.17.0-dev +version: 2.16.0-dev description: CERT C 2016 suites: codeql-suites license: MIT diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index af44af0f5e..18aa5d4057 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards-tests -version: 2.17.0-dev +version: 2.16.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 9bee128d03..fe06ee5fb6 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards -version: 2.17.0-dev +version: 2.16.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index be0f9b8081..2471c3497e 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards-tests -version: 2.17.0-dev +version: 2.16.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index e060adfbaf..0657f90d0c 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards -version: 2.17.0-dev +version: 2.16.0-dev description: MISRA C 2012 suites: codeql-suites license: MIT diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index ab78b3ee98..a18d1c40dc 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards-tests -version: 2.17.0-dev +version: 2.16.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index ba5de86942..34f8b7b6a4 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards -version: 2.17.0-dev +version: 2.16.0-dev description: AUTOSAR C++14 Guidelines 20-11 suites: codeql-suites license: MIT diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index 534b5e5db0..118cbff058 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards-tests -version: 2.17.0-dev +version: 2.16.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index 8ef6f4f13a..a164a0fe6c 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards -version: 2.17.0-dev +version: 2.16.0-dev description: CERT C++ 2016 suites: codeql-suites license: MIT diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index c567a2df29..97049b683e 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards-tests -version: 2.17.0-dev +version: 2.16.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index 04e11aa72f..1df0d9dec6 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards -version: 2.17.0-dev +version: 2.16.0-dev license: MIT dependencies: codeql/cpp-all: 0.3.5 diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index 352c808436..d946cb2892 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards-tests -version: 2.17.0-dev +version: 2.16.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index b6d346be4e..ef6b41096d 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards -version: 2.17.0-dev +version: 2.16.0-dev description: MISRA C++ 2008 suites: codeql-suites license: MIT diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index ff97ebaa8f..204261cd1b 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards-tests -version: 2.17.0-dev +version: 2.16.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index af5066a5b9..8566f8b00e 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/report-cpp-coding-standards -version: 2.17.0-dev +version: 2.16.0-dev license: MIT dependencies: codeql/cpp-all: 0.3.5 diff --git a/docs/user_manual.md b/docs/user_manual.md index ef1f44eded..4aebd40e52 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -23,13 +23,13 @@ ## Release information -This user manual documents release `2.17.0-dev` of the coding standards located at https://github.com/github/codeql-coding-standards. +This user manual documents release `2.16.0-dev` of the coding standards located at https://github.com/github/codeql-coding-standards. The release page documents the release notes and contains the following artifacts part of the release: -- `code-scanning-cpp-query-pack-anon-2.17.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `supported_rules_list_2.17.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. -- `supported_rules_list_2.17.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. -- `user_manual_2.17.0-dev.md`: This user manual. +- `code-scanning-cpp-query-pack-anon-2.16.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. +- `supported_rules_list_2.16.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. +- `supported_rules_list_2.16.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. +- `user_manual_2.16.0-dev.md`: This user manual. - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards - `checksums.txt`: A text file containing sha256 checksums for the aforementioned artifacts. @@ -457,7 +457,7 @@ This section describes known failure modes for "CodeQL Coding Standards" and des | | Ouf of space | Less output. Some files may be only be partially analyzed, or not analyzed at all. | Error reported on the command line. | Increase space. If it remains an issue report space consumption issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False positives | More output. Results are reported which are not violations of the guidelines. | All reported results must be reviewed. | Report false positive issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False negatives | Less output. Violations of the guidelines are not reported. | Other validation and verification processes during software development should be used to complement the analysis performed by CodeQL Coding Standards. | Report false negative issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | -| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.17.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | +| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.16.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | | | Incorrect deviation record specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation records with a reason. Ensure that all deviation records are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Incorrect deviation permit specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation permits with a reason. Ensure that all deviation permits are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Unapproved use of a deviation record | Less output. Results for guideline violations are not reported. | Validate that the deviation record use is approved by verifying the approved-by attribute of the deviation record specification. | Ensure that each raised deviation record is approved by an independent approver through an auditable process. | From a7f2c69d666de921e2d71b3c3e4b7edf51e73fd1 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 30 Mar 2023 18:33:38 -0400 Subject: [PATCH 0961/2573] bump version --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- docs/user_manual.md | 12 ++++++------ 16 files changed, 21 insertions(+), 21 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index 125b9fcc8a..69300e3d7c 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards -version: 2.16.0-dev +version: 2.16.0 description: CERT C 2016 suites: codeql-suites license: MIT diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index 18aa5d4057..295bd12600 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards-tests -version: 2.16.0-dev +version: 2.16.0 extractor: cpp license: MIT dependencies: diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index fe06ee5fb6..de9ee42436 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards -version: 2.16.0-dev +version: 2.16.0 license: MIT dependencies: codeql/common-cpp-coding-standards: '*' diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index 2471c3497e..166608a9df 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards-tests -version: 2.16.0-dev +version: 2.16.0 extractor: cpp license: MIT dependencies: diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 0657f90d0c..5ca46826db 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards -version: 2.16.0-dev +version: 2.16.0 description: MISRA C 2012 suites: codeql-suites license: MIT diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index a18d1c40dc..76ac00df3d 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards-tests -version: 2.16.0-dev +version: 2.16.0 extractor: cpp license: MIT dependencies: diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index 34f8b7b6a4..a38ca7122f 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards -version: 2.16.0-dev +version: 2.16.0 description: AUTOSAR C++14 Guidelines 20-11 suites: codeql-suites license: MIT diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index 118cbff058..463b9f1f1b 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards-tests -version: 2.16.0-dev +version: 2.16.0 extractor: cpp license: MIT dependencies: diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index a164a0fe6c..0d5eb6f845 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards -version: 2.16.0-dev +version: 2.16.0 description: CERT C++ 2016 suites: codeql-suites license: MIT diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index 97049b683e..a59d90c818 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards-tests -version: 2.16.0-dev +version: 2.16.0 extractor: cpp license: MIT dependencies: diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index 1df0d9dec6..750f9c748d 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards -version: 2.16.0-dev +version: 2.16.0 license: MIT dependencies: codeql/cpp-all: 0.3.5 diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index d946cb2892..55a4b0c000 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards-tests -version: 2.16.0-dev +version: 2.16.0 extractor: cpp license: MIT dependencies: diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index ef6b41096d..1beefd6040 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards -version: 2.16.0-dev +version: 2.16.0 description: MISRA C++ 2008 suites: codeql-suites license: MIT diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index 204261cd1b..8ea88dd74d 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards-tests -version: 2.16.0-dev +version: 2.16.0 extractor: cpp license: MIT dependencies: diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index 8566f8b00e..111aadf23f 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/report-cpp-coding-standards -version: 2.16.0-dev +version: 2.16.0 license: MIT dependencies: codeql/cpp-all: 0.3.5 diff --git a/docs/user_manual.md b/docs/user_manual.md index 972c9e6efe..0439cccade 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -23,13 +23,13 @@ ## Release information -This user manual documents release `2.10.0` of the coding standards located at https://github.com/github/codeql-coding-standards/releases/tag/v2.10.0 . +This user manual documents release `2.16.0` of the coding standards located at https://github.com/github/codeql-coding-standards/releases/tag/v2.16.0 . The release page documents the release notes and contains the following artifacts part of the release: -- `code-scanning-cpp-query-pack-anon-2.16.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `supported_rules_list_2.16.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. -- `upported_rules_list_2.15.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. -- `user_manual_2.16.0-dev.md`: This user manual. +- `code-scanning-cpp-query-pack-anon-2.16.0.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. +- `supported_rules_list_2.16.0.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. +- `supported_rules_list_2.16.0.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. +- `user_manual_2.16.0.md`: This user manual. - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards - `checksums.txt`: A text file containing sha256 checksums for the aforementioned artifacts. @@ -457,7 +457,7 @@ This section describes known failure modes for "CodeQL Coding Standards" and des | | Ouf of space | Less output. Some files may be only be partially analyzed, or not analyzed at all. | Error reported on the command line. | Increase space. If it remains an issue report space consumption issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False positives | More output. Results are reported which are not violations of the guidelines. | All reported results must be reviewed. | Report false positive issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False negatives | Less output. Violations of the guidelines are not reported. | Other validation and verification processes during software development should be used to complement the analysis performed by CodeQL Coding Standards. | Report false negative issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | -| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.16.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | +| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.16.0.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | | | Incorrect deviation record specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation records with a reason. Ensure that all deviation records are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Incorrect deviation permit specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation permits with a reason. Ensure that all deviation permits are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Unapproved use of a deviation record | Less output. Results for guideline violations are not reported. | Validate that the deviation record use is approved by verifying the approved-by attribute of the deviation record specification. | Ensure that each raised deviation record is approved by an independent approver through an auditable process. | From 1e50d36dfcabd1e6e536463b355c6b87d10f2597 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 30 Mar 2023 18:35:23 -0400 Subject: [PATCH 0962/2573] fix manual --- docs/user_manual.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/user_manual.md b/docs/user_manual.md index 0439cccade..bc4a068ae3 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -23,7 +23,7 @@ ## Release information -This user manual documents release `2.16.0` of the coding standards located at https://github.com/github/codeql-coding-standards/releases/tag/v2.16.0 . +This user manual documents release `2.16.0` of the coding standards located at [https://github.com/github/codeql-coding-standards/releases/tag/v2.16.0](https://github.com/github/codeql-coding-standards/releases/tag/v2.16.0). The release page documents the release notes and contains the following artifacts part of the release: - `code-scanning-cpp-query-pack-anon-2.16.0.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. From 59d1f9a9f153b53252b08f8faf1651b7a888ce2f Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 30 Mar 2023 18:35:57 -0400 Subject: [PATCH 0963/2573] fix --- docs/user_manual.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/user_manual.md b/docs/user_manual.md index 4aebd40e52..cc73988f20 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -23,7 +23,7 @@ ## Release information -This user manual documents release `2.16.0-dev` of the coding standards located at https://github.com/github/codeql-coding-standards. +This user manual documents release `2.16.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). The release page documents the release notes and contains the following artifacts part of the release: - `code-scanning-cpp-query-pack-anon-2.16.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. From 7dfca8f93b5318b4c5cad175d7596090f6d3ceed Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 31 Mar 2023 09:04:48 +0100 Subject: [PATCH 0964/2573] Rule 7.4: Improve performance resolveTypeDefs*() was causing poor performance on OpenPilot due to the number of TypeDefs. The definition of GenericCharPointerType has been switched to use recursion instead for better performance. --- .../StringLiteralAssignedToNonConstChar.ql | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql b/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql index 35b43f8323..c93740139b 100644 --- a/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql +++ b/c/misra/src/rules/RULE-7-4/StringLiteralAssignedToNonConstChar.ql @@ -20,13 +20,17 @@ class WideCharPointerType extends PointerType { override string getAPrimaryQlClass() { result = "WideCharPointerType" } } -class GenericCharPointerType extends PointerType { +class GenericCharPointerType extends Type { GenericCharPointerType() { - /* This type resolves to wchar_t* (which is in turn a typedef depending on its implementation) */ - this.resolveTypedefs*() instanceof WideCharPointerType + // A wide char pointer type + this instanceof WideCharPointerType or - /* This type eventually resolves to char* */ - this.resolveTypedefs*() instanceof CharPointerType + // A char pointer type + this.getUnspecifiedType() instanceof CharPointerType + or + // A typedef to any such type. + // Note: wchar_t is usually a typedef, so we cannot just use getUnspecifiedType() here. + this.(TypedefType).getBaseType() instanceof GenericCharPointerType } } From 848dfce9e8d390e83e726d9aff5b1a5d40b0282f Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 3 Apr 2023 12:56:14 +0200 Subject: [PATCH 0965/2573] Expected files for qcc --- ...tractAScaledIntegerToAPointer.expected.qcc | 23 +++++++++++ ...omicVariableTwiceInExpression.expected.qcc | 6 +++ ...nsThatCanFailSpuriouslyInLoop.expected.qcc | 4 ++ .../ErrnoReadBeforeReturn.expected.qcc | 3 ++ ...erformFileOperationsOnDevices.expected.qcc | 40 +++++++++++++++++++ 5 files changed, 76 insertions(+) create mode 100644 c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected.qcc create mode 100644 c/cert/test/rules/CON40-C/AtomicVariableTwiceInExpression.expected.qcc create mode 100644 c/cert/test/rules/CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.expected.qcc create mode 100644 c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.expected.qcc create mode 100644 c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected.qcc diff --git a/c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected.qcc b/c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected.qcc new file mode 100644 index 0000000000..17f9312a38 --- /dev/null +++ b/c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected.qcc @@ -0,0 +1,23 @@ +edges +| test.c:7:13:7:14 | p1 | test.c:9:9:9:10 | p1 | +| test.c:16:19:16:41 | __builtin_offsetof | test.c:18:26:18:31 | offset | +| test.c:16:19:16:41 | __builtin_offsetof | test.c:29:6:29:11 | offset | +| test.c:17:17:17:26 | sizeof() | test.c:23:9:23:12 | size | +| test.c:29:6:29:11 | offset | test.c:7:13:7:14 | p1 | +nodes +| test.c:7:13:7:14 | p1 | semmle.label | p1 | +| test.c:9:9:9:10 | p1 | semmle.label | p1 | +| test.c:16:19:16:41 | __builtin_offsetof | semmle.label | __builtin_offsetof | +| test.c:17:17:17:26 | sizeof() | semmle.label | sizeof() | +| test.c:18:26:18:31 | offset | semmle.label | offset | +| test.c:23:9:23:12 | size | semmle.label | size | +| test.c:25:9:25:18 | sizeof() | semmle.label | sizeof() | +| test.c:27:17:27:26 | sizeof() | semmle.label | sizeof() | +| test.c:29:6:29:11 | offset | semmle.label | offset | +subpaths +#select +| test.c:9:9:9:10 | p1 | test.c:16:19:16:41 | __builtin_offsetof | test.c:9:9:9:10 | p1 | Scaled integer used in pointer arithmetic. | +| test.c:18:26:18:31 | offset | test.c:16:19:16:41 | __builtin_offsetof | test.c:18:26:18:31 | offset | Scaled integer used in pointer arithmetic. | +| test.c:23:9:23:12 | size | test.c:17:17:17:26 | sizeof() | test.c:23:9:23:12 | size | Scaled integer used in pointer arithmetic. | +| test.c:25:9:25:18 | sizeof() | test.c:25:9:25:18 | sizeof() | test.c:25:9:25:18 | sizeof() | Scaled integer used in pointer arithmetic. | +| test.c:27:17:27:26 | sizeof() | test.c:27:17:27:26 | sizeof() | test.c:27:17:27:26 | sizeof() | Scaled integer used in pointer arithmetic. | diff --git a/c/cert/test/rules/CON40-C/AtomicVariableTwiceInExpression.expected.qcc b/c/cert/test/rules/CON40-C/AtomicVariableTwiceInExpression.expected.qcc new file mode 100644 index 0000000000..7a37b9424d --- /dev/null +++ b/c/cert/test/rules/CON40-C/AtomicVariableTwiceInExpression.expected.qcc @@ -0,0 +1,6 @@ +| test.c:7:18:7:39 | ATOMIC_VAR_INIT(VALUE) | Atomic variable possibly referred to twice in an $@. | test.c:33:3:33:10 | ... += ... | expression | +| test.c:7:18:7:39 | ATOMIC_VAR_INIT(VALUE) | Atomic variable possibly referred to twice in an $@. | test.c:34:3:34:13 | ... = ... | expression | +| test.c:11:3:11:23 | atomic_store(PTR,VAL) | Atomic variable possibly referred to twice in an $@. | test.c:11:3:11:23 | atomic_store(PTR,VAL) | expression | +| test.c:12:3:12:35 | atomic_store_explicit(PTR,VAL,MO) | Atomic variable possibly referred to twice in an $@. | test.c:12:3:12:35 | atomic_store_explicit(PTR,VAL,MO) | expression | +| test.c:25:3:25:49 | atomic_compare_exchange_weak(PTR,VAL,DES) | Atomic variable possibly referred to twice in an $@. | test.c:25:3:25:49 | atomic_compare_exchange_weak(PTR,VAL,DES) | expression | +| test.c:26:3:27:42 | atomic_compare_exchange_weak_explicit(PTR,VAL,DES,SUC,FAIL) | Atomic variable possibly referred to twice in an $@. | test.c:26:3:27:42 | atomic_compare_exchange_weak_explicit(PTR,VAL,DES,SUC,FAIL) | expression | diff --git a/c/cert/test/rules/CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.expected.qcc b/c/cert/test/rules/CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.expected.qcc new file mode 100644 index 0000000000..56c78a0189 --- /dev/null +++ b/c/cert/test/rules/CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.expected.qcc @@ -0,0 +1,4 @@ +| test.c:6:8:6:46 | atomic_compare_exchange_weak(PTR,VAL,DES) | Function that can spuriously fail not wrapped in a loop. | +| test.c:10:3:10:41 | atomic_compare_exchange_weak(PTR,VAL,DES) | Function that can spuriously fail not wrapped in a loop. | +| test.c:12:8:13:47 | atomic_compare_exchange_weak_explicit(PTR,VAL,DES,SUC,FAIL) | Function that can spuriously fail not wrapped in a loop. | +| test.c:17:3:17:56 | atomic_compare_exchange_weak_explicit(PTR,VAL,DES,SUC,FAIL) | Function that can spuriously fail not wrapped in a loop. | diff --git a/c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.expected.qcc b/c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.expected.qcc new file mode 100644 index 0000000000..55ce78368f --- /dev/null +++ b/c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.expected.qcc @@ -0,0 +1,3 @@ +| test.c:69:7:69:11 | * ... | Do not read `errno` before checking the return value of function $@. | test.c:68:3:68:7 | call to ftell | call to ftell | +| test.c:69:7:69:11 | call to __get_errno_ptr | Do not read `errno` before checking the return value of function $@. | test.c:68:3:68:7 | call to ftell | call to ftell | +| test.c:70:5:70:10 | call to perror | Do not read `errno` before checking the return value of function $@. | test.c:68:3:68:7 | call to ftell | call to ftell | diff --git a/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected.qcc b/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected.qcc new file mode 100644 index 0000000000..d885a5b207 --- /dev/null +++ b/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected.qcc @@ -0,0 +1,40 @@ +edges +| test.c:20:15:20:23 | array to pointer conversion | test.c:21:8:21:16 | (const char *)... | +| test.c:20:15:20:23 | array to pointer conversion | test.c:21:8:21:16 | file_name | +| test.c:20:15:20:23 | array to pointer conversion | test.c:21:8:21:16 | file_name indirection | +| test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | (const char *)... | +| test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | file_name | +| test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | file_name indirection | +| test.c:20:15:20:23 | scanf output argument | test.c:21:8:21:16 | (const char *)... | +| test.c:20:15:20:23 | scanf output argument | test.c:21:8:21:16 | file_name | +| test.c:20:15:20:23 | scanf output argument | test.c:21:8:21:16 | file_name indirection | +| test.c:45:15:45:23 | array to pointer conversion | test.c:46:29:46:37 | (LPCTSTR)... | +| test.c:45:15:45:23 | array to pointer conversion | test.c:46:29:46:37 | file_name | +| test.c:45:15:45:23 | array to pointer conversion | test.c:46:29:46:37 | file_name indirection | +| test.c:45:15:45:23 | file_name | test.c:46:29:46:37 | (LPCTSTR)... | +| test.c:45:15:45:23 | file_name | test.c:46:29:46:37 | file_name | +| test.c:45:15:45:23 | file_name | test.c:46:29:46:37 | file_name indirection | +| test.c:45:15:45:23 | scanf output argument | test.c:46:29:46:37 | (LPCTSTR)... | +| test.c:45:15:45:23 | scanf output argument | test.c:46:29:46:37 | file_name | +| test.c:45:15:45:23 | scanf output argument | test.c:46:29:46:37 | file_name indirection | +subpaths +nodes +| test.c:20:15:20:23 | array to pointer conversion | semmle.label | array to pointer conversion | +| test.c:20:15:20:23 | file_name | semmle.label | file_name | +| test.c:20:15:20:23 | scanf output argument | semmle.label | scanf output argument | +| test.c:21:8:21:16 | (const char *)... | semmle.label | (const char *)... | +| test.c:21:8:21:16 | (const char *)... | semmle.label | (const char *)... | +| test.c:21:8:21:16 | file_name | semmle.label | file_name | +| test.c:21:8:21:16 | file_name indirection | semmle.label | file_name indirection | +| test.c:21:8:21:16 | file_name indirection | semmle.label | file_name indirection | +| test.c:45:15:45:23 | array to pointer conversion | semmle.label | array to pointer conversion | +| test.c:45:15:45:23 | file_name | semmle.label | file_name | +| test.c:45:15:45:23 | scanf output argument | semmle.label | scanf output argument | +| test.c:46:29:46:37 | (LPCTSTR)... | semmle.label | (LPCTSTR)... | +| test.c:46:29:46:37 | (LPCTSTR)... | semmle.label | (LPCTSTR)... | +| test.c:46:29:46:37 | file_name | semmle.label | file_name | +| test.c:46:29:46:37 | file_name indirection | semmle.label | file_name indirection | +| test.c:46:29:46:37 | file_name indirection | semmle.label | file_name indirection | +#select +| test.c:21:8:21:16 | file_name | test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | file_name | This argument to a file access function is derived from $@ and then passed to func(file_name), which calls fopen(__filename) | test.c:20:15:20:23 | file_name | user input (scanf) | +| test.c:46:29:46:37 | file_name | test.c:45:15:45:23 | file_name | test.c:46:29:46:37 | file_name | This argument to a file access function is derived from $@ and then passed to CreateFile(lpFileName) | test.c:45:15:45:23 | file_name | user input (scanf) | From e4f899d925bb0f2266a6d17ab2c2a7d65b6590d7 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Tue, 4 Apr 2023 16:32:00 +0200 Subject: [PATCH 0966/2573] Compilation issue with RULE-1-2 --- c/misra/test/rules/RULE-1-2/test.c.gcc | 409 +++++++++++++++++++++++++ c/misra/test/rules/RULE-1-2/test.c.qcc | 409 +++++++++++++++++++++++++ 2 files changed, 818 insertions(+) create mode 100644 c/misra/test/rules/RULE-1-2/test.c.gcc create mode 100644 c/misra/test/rules/RULE-1-2/test.c.qcc diff --git a/c/misra/test/rules/RULE-1-2/test.c.gcc b/c/misra/test/rules/RULE-1-2/test.c.gcc new file mode 100644 index 0000000000..624d1d67d8 --- /dev/null +++ b/c/misra/test/rules/RULE-1-2/test.c.gcc @@ -0,0 +1,409 @@ +#include +#include +// Note: Clang aims to support both clang and gcc extensions. +// This test case has been designed using lists compiled from: +// - https://clang.llvm.org/docs/LanguageExtensions.html +// - https://gcc.gnu.org/onlinedocs/gcc/C-Extensions.html + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Other-Builtins.html#Other-Builtins +#ifdef __has_builtin // NON_COMPLIANT[FALSE_NEGATIVE] +#endif +#ifdef __has_constexpr_builtin // NON_COMPLIANT[FALSE_NEGATIVE] +#endif +#ifdef __has_feature // NON_COMPLIANT[FALSE_NEGATIVE] +#endif +#ifdef __has_extension // NON_COMPLIANT[FALSE_NEGATIVE] +#endif +#ifdef __has_c_attribute // NON_COMPLIANT[FALSE_NEGATIVE] +#endif +#ifdef __has_attribute // NON_COMPLIANT[FALSE_NEGATIVE] +#endif +#ifdef __has_declspec_attribute // NON_COMPLIANT[FALSE_NEGATIVE] +#endif +#ifdef __is_identifier // NON_COMPLIANT[FALSE_NEGATIVE] +#endif +#ifdef __has_include // NON_COMPLIANT[FALSE_NEGATIVE] +#endif +#ifdef __has_include_next // NON_COMPLIANT[FALSE_NEGATIVE] +#endif +#ifdef __has_warning // NON_COMPLIANT[FALSE_NEGATIVE] +#endif + +// Reference: https://clang.llvm.org/docs/LanguageExtensions.html#builtin-macros +#define A __BASE_FILE__ // NON_COMPLIANT +#define B __FILE_NAME__ // NON_COMPLIANT +#define C __COUNTER__ // NON_COMPLIANT +#define D __INCLUDE_LEVEL__ // NON_COMPLIANT +#define E__TIMESTAMP__ // NON_COMPLIANT +#define F __clang__ // NON_COMPLIANT +#define G __clang_major__ // NON_COMPLIANT +#define H __clang_minor__ // NON_COMPLIANT +#define I __clang_patchlevel__ // NON_COMPLIANT +#define J __clang_version__ // NON_COMPLIANT +#define K __clang_literal_encoding__ // NON_COMPLIANT +#define L __clang_wide_literal_encoding__ // NON_COMPLIANT + +// Requires additional compiler flags to change the architecture +// typedef __attribute__((neon_vector_type(8))) int8_t int8x8_t; +// typedef __attribute__((neon_polyvector_type(16))) poly8_t poly8x16_t; + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Variable-Attributes.html#Variable-Attributes +typedef int int4 __attribute__((vector_size(4 * sizeof(int)))); // NON_COMPLIANT +typedef int v4si __attribute__((__vector_size__(16))); // NON_COMPLIANT +typedef float float4 __attribute__((ext_vector_type(4))); // NON_COMPLIANT +typedef float float2 __attribute__((ext_vector_type(2))); // NON_COMPLIANT + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Statement-Exprs.html#Statement-Exprs +void gf1() { + ({ // NON_COMPLIANT + int y = 1; + int z; + if (y > 0) + z = y; + else + z = -y; + z; + }); +} + +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Local-Labels.html#Local-Labels +void gf2() { + // __label__ found; // NON_COMPLIANT[FALSE_NEGATIVE] -- local labels not + // supported by clang +} + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Labels-as-Values.html#Labels-as-Values +void gf3() { + void *ptr; + // goto *ptr; // NON_COMPLIANT[FALSE_NEGATIVE] -- not supported in clang +} + +// Referfence: +// https://gcc.gnu.org/onlinedocs/gcc/Nested-Functions.html#Nested-Functions +void gf4() { + // void gf4a(){ // NON_COMPLIANT[FALSE_NEGATIVE] -- not supported in clang + // + // } +} + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Nonlocal-Gotos.html#Nonlocal-Gotos +void gf5() { + __builtin_setjmp(0); // NON_COMPLIANT + __builtin_longjmp(0, 1); // NON_COMPLIANT +} + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Constructing-Calls.html#Constructing-Calls +void gf6() { + // not supported by clang + //__builtin_apply_args(); // NON_COMPLIANT[FALSE_NEGATIVE] + //__builtin_apply(0, 0, 0); // NON_COMPLIANT[FALSE_NEGATIVE] + //__builtin_return(0); // NON_COMPLIANT[FALSE_NEGATIVE] + //__builtin_va_arg_pack(); // NON_COMPLIANT[FALSE_NEGATIVE] + //__builtin_va_arg_pack_len(); // NON_COMPLIANT[FALSE_NEGATIVE] +} + +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Conditionals.html#Conditionals +void gf7() { + int a = 0 ?: 0; // NON_COMPLIANT +} + +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Typeof.html#Typeof +void gf8() { // not supported by qcc + // typeof(int *); // NON_COMPLIANT[FALSE_NEGATIVE] +} + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/_005f_005fint128.html#g_t_005f_005fint128 +void gf9() { + __int128 a; // NON_COMPLIANT +} +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Long-Long.html#Long-Long +void gf10() { + long long int a; // NON_COMPLIANT +} + +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Complex.html#Complex +void gf11() { + __real__(0); // NON_COMPLIANT[FALSE_NEGATIVE] + __imag__(0); // NON_COMPLIANT[FALSE_NEGATIVE] +} + +void gf12() {} + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Floating-Types.html#Floating-Types +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Decimal-Float.html#Decimal-Float +void gf13() { + // not supported on clang + //_Decimal32 a; // NON_COMPLIANT[FALSE_NEGATIVE] + //_Decimal64 b; // NON_COMPLIANT[FALSE_NEGATIVE] + //_Decimal128 c; // NON_COMPLIANT[FALSE_NEGATIVE] +} + +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Complex.html#Complex +void gf14() { + // Do not work in clang + // typedef _Complex float __attribute__((mode(TC))) _Complex128; // + // NON_COMPLIANT[FALSE_NEGATIVE] typedef _Complex float + // __attribute__((mode(XC))) _Complex80; // NON_COMPLIANT[FALSE_NEGATIVE] +} + +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Hex-Floats.html#Hex-Floats +void gf15() { + float f = 0x1.fp3; // NON_COMPLIANT[FALSE_NEGATIVE] +} + +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html#Zero-Length +void gf16() { + char contents[0]; // NON_COMPLIANT +} + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Named-Address-Spaces.html#Named-Address-Spaces +void gf17() { + // const __flash char ** p; // NON_COMPLIANT[FALSE_NEGATIVE] -- not supported + // in clang +} + +void gf18() { + // not supported by extractor - checked by looking for flags. + + // short _Fract, _Fract; // NON_COMPLIANT[FALSE_NEGATIVE] - + // long _Fract; // NON_COMPLIANT[FALSE_NEGATIVE] +} + +struct gf19 {}; // NON_COMPLIANT + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Variable-Length.html#Variable-Length +void gf20(int n) { + // struct S { int x[n]; }; // NON_COMPLIANT[FALSE_NEGATIVE] - will never be + // supported in clang +} +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Variadic-Macros.html#Variadic-Macros +#define gf21(format, args...) \ + printf(format, args) // NON_COMPLIANT[FALSE_NEGATIVE] -- note + // the issue here is explicitly naming the arguments. +#define gf21a(format, ...) printf(format, __VA_ARGS__) // COMPLIANT + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Escaped-Newlines.html#Escaped-Newlines +#define gf22 \ + "a" \ + \ +"b" // NON_COMPLIANT[FALSE_NEGATIVE] - additional spaces after a backslash -- + // stripped by extractor +#define gf22a \ + "a" \ + "b" // COMPLIANT + +void gf24(int f, int g) { + float beat_freqs[2] = {f - g, f + g}; // NON_COMPLIANT +} + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Variable-Length.html#Variable-Length +void gf25t(int N, int M, double out[M][N], // NON_COMPLIANT + const double in[N][M]); // NON_COMPLIANT +void gf25() { + double x[3][2]; + double y[2][3]; + gf25t(3, 2, y, + x); // in ISO C the const qualifier is formally attached + // to the element type of the array and not the array itself +} + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Compound-Literals.html#Compound-Literals +struct gf26t { + int a; + char b[2]; +} gf26v; +void gf26(int x, int y) { + gf26v = ((struct gf26t){ + x + y, 'z', 0}); // NON_COMPLIANT[FALSE_NEGATIVE] - compound literal +} +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Case-Ranges.html#Case-Ranges +void gf28() { + int a; + + // switch(a){ + // case: 0 ... 5: // NON_COMPLIANT[FALSE_NEGATIVE] - Not supported in + // clang. + // ;; + // break; + // default: + // ;; + // break; + // } +} + +union gf29u { + int i; + double j; +}; + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Cast-to-Union.html#Cast-to-Union +void gf29() { + int x; + int y; + union gf29u z; + z = (union gf29u)x; // NON_COMPLIANT[FALSE_NEGATIVE] + z = (union gf29u)y; // NON_COMPLIANT[FALSE_NEGATIVE] +} + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Variable-Attributes.html#Variable-Attributes +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Function-Attributes.html#Function-Attributes +__attribute__((access(read_only, 1))) int +gf30(const char *); // NON_COMPLIANT -- attributes are not portable. + +extern int __attribute__((alias("var_target"))) +gf31; // NON_COMPLIANT -- attributes are not portable. + +struct __attribute__((aligned(8))) gf32 { + short f[3]; +}; // NON_COMPLIANT -- attributes are not portable. + +void gf33() { +gf33l: + __attribute__((cold, unused)); // NON_COMPLIANT + return; +} + +enum gf34 { + oldval __attribute__((deprecated)), // NON_COMPLIANT + newval +}; + +void gf35() { + int x; + // __attribute__((assume(x == 42))); // NON_COMPLIANT[FALSE_NEGATIVE] - Not + // supported in clang + + switch (x) { + case 1: + printf(""); + __attribute__((fallthrough)); // NON_COMPLIANT + case 2: + break; + } +} + +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Dollar-Signs.html#Dollar-Signs +void gf37() { + int a$1; // NON_COMPLIANT[FALSE_NEGATIVE] +} + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Character-Escapes.html#Character-Escapes +void gf38() { + const char *c = "test\e"; // NON_COMPLIANT[FALSE_NEGATIVE] +} + +struct gf39s { + int x; + char y; +} gf39v; + +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Alignment.html#Alignment +void gf39() { + __alignof__(gf39v.x); // NON_COMPLIANT +} + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Incomplete-Enums.html#Incomplete-Enums +// enum gf40 {}; // NON_COMPLIANT[FALSE_NEGATIVE] - not supported in clang + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Function-Names.html#Function-Names +void gf41() { + printf("__FUNCTION__ = %s\n", __FUNCTION__); // NON_COMPLIANT[FALSE_NEGATIVE] + printf("__PRETTY_FUNCTION__ = %s\n", + __PRETTY_FUNCTION__); // NON_COMPLIANT[FALSE_NEGATIVE] +} + +// Reference: https://clang.llvm.org/docs/LanguageExtensions.html#builtin-macros +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Other-Builtins.html#Other-Builtins +void gf42() { + __builtin_extract_return_addr(0); // NON_COMPLIANT + __builtin_frob_return_addr(0); // NON_COMPLIANT + __builtin_frame_address(0); // NON_COMPLIANT +} + +struct gf43s { + int x; + char y; +} gf43v; + +void gf43() { + __builtin_offsetof(struct gf43s, x); // NON_COMPLIANT +} + +struct gf44s { + int x; + char y; +} gf44v; + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/_005f_005fsync-Builtins.html#g_t_005f_005fsync-Builtins +void gf44() { + int i; + __sync_fetch_and_add(&i, 0); // NON_COMPLIANT + __sync_fetch_and_sub(&i, 0); // NON_COMPLIANT + __sync_fetch_and_or(&i, 0); // NON_COMPLIANT + __sync_fetch_and_and(&i, 0); // NON_COMPLIANT + __sync_fetch_and_xor(&i, 0); // NON_COMPLIANT + __sync_fetch_and_nand(&i, 0); // NON_COMPLIANT + __sync_add_and_fetch(&i, 0); // NON_COMPLIANT + __sync_sub_and_fetch(&i, 0); // NON_COMPLIANT + __sync_or_and_fetch(&i, 0); // NON_COMPLIANT + __sync_and_and_fetch(&i, 0); // NON_COMPLIANT + __sync_xor_and_fetch(&i, 0); // NON_COMPLIANT + __sync_nand_and_fetch(&i, 0); // NON_COMPLIANT + + __sync_bool_compare_and_swap(&i, 0, 0); + __sync_val_compare_and_swap(&i, 0, 0); + __sync_lock_test_and_set(&i, 0, 0); + __sync_lock_release(&i, 0); +} + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Binary-constants.html#Binary-constants +void gf45() { + int i = 0b101010; // NON_COMPLIANT[FALSE_NEGATIVE] +} + +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Thread-Local.html#Thread-Local +__thread int gf46; // NON_COMPLIANT[FALSE_NEGATIVE] + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Unnamed-Fields.html#Unnamed-Fields +void gf47() { // NON_COMPLIANT in versions < C11. + struct { + int a; + union { + int b; + float c; + }; + int d; + } f; +} + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Other-Builtins.html#Other-Builtins +void gf48() { + __builtin_alloca( + 0); // NON_COMPLIANT (all __builtin functions are non-compliant.) +} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-1-2/test.c.qcc b/c/misra/test/rules/RULE-1-2/test.c.qcc new file mode 100644 index 0000000000..624d1d67d8 --- /dev/null +++ b/c/misra/test/rules/RULE-1-2/test.c.qcc @@ -0,0 +1,409 @@ +#include +#include +// Note: Clang aims to support both clang and gcc extensions. +// This test case has been designed using lists compiled from: +// - https://clang.llvm.org/docs/LanguageExtensions.html +// - https://gcc.gnu.org/onlinedocs/gcc/C-Extensions.html + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Other-Builtins.html#Other-Builtins +#ifdef __has_builtin // NON_COMPLIANT[FALSE_NEGATIVE] +#endif +#ifdef __has_constexpr_builtin // NON_COMPLIANT[FALSE_NEGATIVE] +#endif +#ifdef __has_feature // NON_COMPLIANT[FALSE_NEGATIVE] +#endif +#ifdef __has_extension // NON_COMPLIANT[FALSE_NEGATIVE] +#endif +#ifdef __has_c_attribute // NON_COMPLIANT[FALSE_NEGATIVE] +#endif +#ifdef __has_attribute // NON_COMPLIANT[FALSE_NEGATIVE] +#endif +#ifdef __has_declspec_attribute // NON_COMPLIANT[FALSE_NEGATIVE] +#endif +#ifdef __is_identifier // NON_COMPLIANT[FALSE_NEGATIVE] +#endif +#ifdef __has_include // NON_COMPLIANT[FALSE_NEGATIVE] +#endif +#ifdef __has_include_next // NON_COMPLIANT[FALSE_NEGATIVE] +#endif +#ifdef __has_warning // NON_COMPLIANT[FALSE_NEGATIVE] +#endif + +// Reference: https://clang.llvm.org/docs/LanguageExtensions.html#builtin-macros +#define A __BASE_FILE__ // NON_COMPLIANT +#define B __FILE_NAME__ // NON_COMPLIANT +#define C __COUNTER__ // NON_COMPLIANT +#define D __INCLUDE_LEVEL__ // NON_COMPLIANT +#define E__TIMESTAMP__ // NON_COMPLIANT +#define F __clang__ // NON_COMPLIANT +#define G __clang_major__ // NON_COMPLIANT +#define H __clang_minor__ // NON_COMPLIANT +#define I __clang_patchlevel__ // NON_COMPLIANT +#define J __clang_version__ // NON_COMPLIANT +#define K __clang_literal_encoding__ // NON_COMPLIANT +#define L __clang_wide_literal_encoding__ // NON_COMPLIANT + +// Requires additional compiler flags to change the architecture +// typedef __attribute__((neon_vector_type(8))) int8_t int8x8_t; +// typedef __attribute__((neon_polyvector_type(16))) poly8_t poly8x16_t; + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Variable-Attributes.html#Variable-Attributes +typedef int int4 __attribute__((vector_size(4 * sizeof(int)))); // NON_COMPLIANT +typedef int v4si __attribute__((__vector_size__(16))); // NON_COMPLIANT +typedef float float4 __attribute__((ext_vector_type(4))); // NON_COMPLIANT +typedef float float2 __attribute__((ext_vector_type(2))); // NON_COMPLIANT + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Statement-Exprs.html#Statement-Exprs +void gf1() { + ({ // NON_COMPLIANT + int y = 1; + int z; + if (y > 0) + z = y; + else + z = -y; + z; + }); +} + +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Local-Labels.html#Local-Labels +void gf2() { + // __label__ found; // NON_COMPLIANT[FALSE_NEGATIVE] -- local labels not + // supported by clang +} + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Labels-as-Values.html#Labels-as-Values +void gf3() { + void *ptr; + // goto *ptr; // NON_COMPLIANT[FALSE_NEGATIVE] -- not supported in clang +} + +// Referfence: +// https://gcc.gnu.org/onlinedocs/gcc/Nested-Functions.html#Nested-Functions +void gf4() { + // void gf4a(){ // NON_COMPLIANT[FALSE_NEGATIVE] -- not supported in clang + // + // } +} + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Nonlocal-Gotos.html#Nonlocal-Gotos +void gf5() { + __builtin_setjmp(0); // NON_COMPLIANT + __builtin_longjmp(0, 1); // NON_COMPLIANT +} + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Constructing-Calls.html#Constructing-Calls +void gf6() { + // not supported by clang + //__builtin_apply_args(); // NON_COMPLIANT[FALSE_NEGATIVE] + //__builtin_apply(0, 0, 0); // NON_COMPLIANT[FALSE_NEGATIVE] + //__builtin_return(0); // NON_COMPLIANT[FALSE_NEGATIVE] + //__builtin_va_arg_pack(); // NON_COMPLIANT[FALSE_NEGATIVE] + //__builtin_va_arg_pack_len(); // NON_COMPLIANT[FALSE_NEGATIVE] +} + +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Conditionals.html#Conditionals +void gf7() { + int a = 0 ?: 0; // NON_COMPLIANT +} + +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Typeof.html#Typeof +void gf8() { // not supported by qcc + // typeof(int *); // NON_COMPLIANT[FALSE_NEGATIVE] +} + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/_005f_005fint128.html#g_t_005f_005fint128 +void gf9() { + __int128 a; // NON_COMPLIANT +} +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Long-Long.html#Long-Long +void gf10() { + long long int a; // NON_COMPLIANT +} + +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Complex.html#Complex +void gf11() { + __real__(0); // NON_COMPLIANT[FALSE_NEGATIVE] + __imag__(0); // NON_COMPLIANT[FALSE_NEGATIVE] +} + +void gf12() {} + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Floating-Types.html#Floating-Types +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Decimal-Float.html#Decimal-Float +void gf13() { + // not supported on clang + //_Decimal32 a; // NON_COMPLIANT[FALSE_NEGATIVE] + //_Decimal64 b; // NON_COMPLIANT[FALSE_NEGATIVE] + //_Decimal128 c; // NON_COMPLIANT[FALSE_NEGATIVE] +} + +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Complex.html#Complex +void gf14() { + // Do not work in clang + // typedef _Complex float __attribute__((mode(TC))) _Complex128; // + // NON_COMPLIANT[FALSE_NEGATIVE] typedef _Complex float + // __attribute__((mode(XC))) _Complex80; // NON_COMPLIANT[FALSE_NEGATIVE] +} + +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Hex-Floats.html#Hex-Floats +void gf15() { + float f = 0x1.fp3; // NON_COMPLIANT[FALSE_NEGATIVE] +} + +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html#Zero-Length +void gf16() { + char contents[0]; // NON_COMPLIANT +} + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Named-Address-Spaces.html#Named-Address-Spaces +void gf17() { + // const __flash char ** p; // NON_COMPLIANT[FALSE_NEGATIVE] -- not supported + // in clang +} + +void gf18() { + // not supported by extractor - checked by looking for flags. + + // short _Fract, _Fract; // NON_COMPLIANT[FALSE_NEGATIVE] - + // long _Fract; // NON_COMPLIANT[FALSE_NEGATIVE] +} + +struct gf19 {}; // NON_COMPLIANT + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Variable-Length.html#Variable-Length +void gf20(int n) { + // struct S { int x[n]; }; // NON_COMPLIANT[FALSE_NEGATIVE] - will never be + // supported in clang +} +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Variadic-Macros.html#Variadic-Macros +#define gf21(format, args...) \ + printf(format, args) // NON_COMPLIANT[FALSE_NEGATIVE] -- note + // the issue here is explicitly naming the arguments. +#define gf21a(format, ...) printf(format, __VA_ARGS__) // COMPLIANT + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Escaped-Newlines.html#Escaped-Newlines +#define gf22 \ + "a" \ + \ +"b" // NON_COMPLIANT[FALSE_NEGATIVE] - additional spaces after a backslash -- + // stripped by extractor +#define gf22a \ + "a" \ + "b" // COMPLIANT + +void gf24(int f, int g) { + float beat_freqs[2] = {f - g, f + g}; // NON_COMPLIANT +} + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Variable-Length.html#Variable-Length +void gf25t(int N, int M, double out[M][N], // NON_COMPLIANT + const double in[N][M]); // NON_COMPLIANT +void gf25() { + double x[3][2]; + double y[2][3]; + gf25t(3, 2, y, + x); // in ISO C the const qualifier is formally attached + // to the element type of the array and not the array itself +} + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Compound-Literals.html#Compound-Literals +struct gf26t { + int a; + char b[2]; +} gf26v; +void gf26(int x, int y) { + gf26v = ((struct gf26t){ + x + y, 'z', 0}); // NON_COMPLIANT[FALSE_NEGATIVE] - compound literal +} +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Case-Ranges.html#Case-Ranges +void gf28() { + int a; + + // switch(a){ + // case: 0 ... 5: // NON_COMPLIANT[FALSE_NEGATIVE] - Not supported in + // clang. + // ;; + // break; + // default: + // ;; + // break; + // } +} + +union gf29u { + int i; + double j; +}; + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Cast-to-Union.html#Cast-to-Union +void gf29() { + int x; + int y; + union gf29u z; + z = (union gf29u)x; // NON_COMPLIANT[FALSE_NEGATIVE] + z = (union gf29u)y; // NON_COMPLIANT[FALSE_NEGATIVE] +} + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Variable-Attributes.html#Variable-Attributes +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Function-Attributes.html#Function-Attributes +__attribute__((access(read_only, 1))) int +gf30(const char *); // NON_COMPLIANT -- attributes are not portable. + +extern int __attribute__((alias("var_target"))) +gf31; // NON_COMPLIANT -- attributes are not portable. + +struct __attribute__((aligned(8))) gf32 { + short f[3]; +}; // NON_COMPLIANT -- attributes are not portable. + +void gf33() { +gf33l: + __attribute__((cold, unused)); // NON_COMPLIANT + return; +} + +enum gf34 { + oldval __attribute__((deprecated)), // NON_COMPLIANT + newval +}; + +void gf35() { + int x; + // __attribute__((assume(x == 42))); // NON_COMPLIANT[FALSE_NEGATIVE] - Not + // supported in clang + + switch (x) { + case 1: + printf(""); + __attribute__((fallthrough)); // NON_COMPLIANT + case 2: + break; + } +} + +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Dollar-Signs.html#Dollar-Signs +void gf37() { + int a$1; // NON_COMPLIANT[FALSE_NEGATIVE] +} + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Character-Escapes.html#Character-Escapes +void gf38() { + const char *c = "test\e"; // NON_COMPLIANT[FALSE_NEGATIVE] +} + +struct gf39s { + int x; + char y; +} gf39v; + +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Alignment.html#Alignment +void gf39() { + __alignof__(gf39v.x); // NON_COMPLIANT +} + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Incomplete-Enums.html#Incomplete-Enums +// enum gf40 {}; // NON_COMPLIANT[FALSE_NEGATIVE] - not supported in clang + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Function-Names.html#Function-Names +void gf41() { + printf("__FUNCTION__ = %s\n", __FUNCTION__); // NON_COMPLIANT[FALSE_NEGATIVE] + printf("__PRETTY_FUNCTION__ = %s\n", + __PRETTY_FUNCTION__); // NON_COMPLIANT[FALSE_NEGATIVE] +} + +// Reference: https://clang.llvm.org/docs/LanguageExtensions.html#builtin-macros +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Other-Builtins.html#Other-Builtins +void gf42() { + __builtin_extract_return_addr(0); // NON_COMPLIANT + __builtin_frob_return_addr(0); // NON_COMPLIANT + __builtin_frame_address(0); // NON_COMPLIANT +} + +struct gf43s { + int x; + char y; +} gf43v; + +void gf43() { + __builtin_offsetof(struct gf43s, x); // NON_COMPLIANT +} + +struct gf44s { + int x; + char y; +} gf44v; + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/_005f_005fsync-Builtins.html#g_t_005f_005fsync-Builtins +void gf44() { + int i; + __sync_fetch_and_add(&i, 0); // NON_COMPLIANT + __sync_fetch_and_sub(&i, 0); // NON_COMPLIANT + __sync_fetch_and_or(&i, 0); // NON_COMPLIANT + __sync_fetch_and_and(&i, 0); // NON_COMPLIANT + __sync_fetch_and_xor(&i, 0); // NON_COMPLIANT + __sync_fetch_and_nand(&i, 0); // NON_COMPLIANT + __sync_add_and_fetch(&i, 0); // NON_COMPLIANT + __sync_sub_and_fetch(&i, 0); // NON_COMPLIANT + __sync_or_and_fetch(&i, 0); // NON_COMPLIANT + __sync_and_and_fetch(&i, 0); // NON_COMPLIANT + __sync_xor_and_fetch(&i, 0); // NON_COMPLIANT + __sync_nand_and_fetch(&i, 0); // NON_COMPLIANT + + __sync_bool_compare_and_swap(&i, 0, 0); + __sync_val_compare_and_swap(&i, 0, 0); + __sync_lock_test_and_set(&i, 0, 0); + __sync_lock_release(&i, 0); +} + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Binary-constants.html#Binary-constants +void gf45() { + int i = 0b101010; // NON_COMPLIANT[FALSE_NEGATIVE] +} + +// Reference: https://gcc.gnu.org/onlinedocs/gcc/Thread-Local.html#Thread-Local +__thread int gf46; // NON_COMPLIANT[FALSE_NEGATIVE] + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Unnamed-Fields.html#Unnamed-Fields +void gf47() { // NON_COMPLIANT in versions < C11. + struct { + int a; + union { + int b; + float c; + }; + int d; + } f; +} + +// Reference: +// https://gcc.gnu.org/onlinedocs/gcc/Other-Builtins.html#Other-Builtins +void gf48() { + __builtin_alloca( + 0); // NON_COMPLIANT (all __builtin functions are non-compliant.) +} \ No newline at end of file From 4020ec0e1a1e2e1896b286b24f315a399e25d5d9 Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Tue, 4 Apr 2023 17:51:57 +0100 Subject: [PATCH 0967/2573] C++: Use 'getAnElementExpr' instead of 'getElementExpr', and 'getAFieldExpr' instead of 'getFieldExpr'. --- .../InitializerListsContainPersistentSideEffects.ql | 4 ++-- .../ArrayFunctionArgumentNumberOfElements.ql | 2 +- .../MemcmpUsedToCompareNullTerminatedStrings.ql | 2 +- ...RepeatedInitializationOfAggregateObjectElement.ql | 12 ++++++------ .../rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql | 2 +- .../A8-4-9/InOutParametersDeclaredAsTNotModified.ql | 2 +- 6 files changed, 12 insertions(+), 12 deletions(-) diff --git a/c/misra/src/rules/RULE-13-1/InitializerListsContainPersistentSideEffects.ql b/c/misra/src/rules/RULE-13-1/InitializerListsContainPersistentSideEffects.ql index 3c97fc06ca..3cce2bb825 100644 --- a/c/misra/src/rules/RULE-13-1/InitializerListsContainPersistentSideEffects.ql +++ b/c/misra/src/rules/RULE-13-1/InitializerListsContainPersistentSideEffects.ql @@ -25,8 +25,8 @@ from AggregateLiteral initList, SideEffect effect where not isExcluded(initList, SideEffects1Package::initializerListsContainPersistentSideEffectsQuery()) and ( - initList.(ArrayOrVectorAggregateLiteral).getElementExpr(_) = effect + initList.(ArrayOrVectorAggregateLiteral).getAnElementExpr(_) = effect or - initList.(ClassAggregateLiteral).getFieldExpr(_) = effect + initList.(ClassAggregateLiteral).getAFieldExpr(_) = effect ) select initList, "Initializer list constains persistent $@", effect, "side effect" diff --git a/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql b/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql index 0b5b95016c..215f9811c2 100644 --- a/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql +++ b/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql @@ -42,7 +42,7 @@ class ArrayParameter extends Parameter { * int arr2[2] = {1, 2, 3}; * ``` */ -int countElements(ArrayAggregateLiteral l) { result = count(l.getElementExpr(_)) } +int countElements(ArrayAggregateLiteral l) { result = count(l.getAnElementExpr(_)) } class SmallArrayConfig extends DataFlow::Configuration { SmallArrayConfig() { this = "SmallArrayConfig" } diff --git a/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql b/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql index 9bbec5c398..5c06b92501 100644 --- a/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql +++ b/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql @@ -30,7 +30,7 @@ class NullTerminatedStringToMemcmpConfiguration extends TaintTracking::Configura // The array element type is an essentially character type getEssentialTypeCategory(aal.getElementType()) = EssentiallyCharacterType() and // Includes a null terminator somewhere in the array initializer - aal.getElementExpr(_).getValue().toInt() = 0 + aal.getAnElementExpr(_).getValue().toInt() = 0 | // For local variables, use the array aggregate literal as the source aal = source.asExpr() diff --git a/c/misra/src/rules/RULE-9-4/RepeatedInitializationOfAggregateObjectElement.ql b/c/misra/src/rules/RULE-9-4/RepeatedInitializationOfAggregateObjectElement.ql index de0890777f..3566835ae3 100644 --- a/c/misra/src/rules/RULE-9-4/RepeatedInitializationOfAggregateObjectElement.ql +++ b/c/misra/src/rules/RULE-9-4/RepeatedInitializationOfAggregateObjectElement.ql @@ -38,7 +38,7 @@ string getNestedArrayIndexString(Expr e) { any(int elementIndex | exists(ArrayAggregateLiteral parent | parent = getNthParent(e, pragma[only_bind_into](depth + 1)) and - parent.getElementExpr(elementIndex) = getNthParent(e, pragma[only_bind_into](depth)) + parent.getAnElementExpr(elementIndex) = getNthParent(e, pragma[only_bind_into](depth)) ) | elementIndex @@ -54,9 +54,9 @@ string getNestedArrayIndexString(Expr e) { */ language[monotonicAggregates] int getMaxDepth(ArrayAggregateLiteral al) { - if not exists(al.getElementExpr(_).(ArrayAggregateLiteral)) + if not exists(al.getAnElementExpr(_).(ArrayAggregateLiteral)) then result = 0 - else result = 1 + max(Expr child | child = al.getElementExpr(_) | getMaxDepth(child)) + else result = 1 + max(Expr child | child = al.getAnElementExpr(_) | getMaxDepth(child)) } // internal recursive predicate for `hasMultipleInitializerExprsForSameIndex` @@ -66,8 +66,8 @@ predicate hasMultipleInitializerExprsForSameIndexInternal( exists(int shared_index, Expr al1_expr, Expr al2_expr | // an `Expr` initializing an element of the same index in both `al1` and `al2` shared_index = [0 .. al1.getArraySize() - 1] and - al1_expr = al1.getElementExpr(shared_index) and - al2_expr = al2.getElementExpr(shared_index) and + al1_expr = al1.getAnElementExpr(shared_index) and + al2_expr = al2.getAnElementExpr(shared_index) and // but not the same `Expr` not al1_expr = al2_expr and ( @@ -98,7 +98,7 @@ predicate hasMultipleInitializerExprsForSameIndex(ArrayAggregateLiteral root, Ex * This predicate is therefore unable to distinguish the individual duplicate expressions. */ predicate hasMultipleInitializerExprsForSameField(ClassAggregateLiteral root, Field f) { - count(root.getFieldExpr(f)) > 1 + count(root.getAFieldExpr(f)) > 1 } from diff --git a/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql b/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql index c20d0ded55..19519a92a8 100644 --- a/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql +++ b/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql @@ -43,7 +43,7 @@ where // Macro expansions are morally excluded not l = any(MacroInvocation mi).getAnExpandedElement() and // Aggregate literal - not l = any(ArrayOrVectorAggregateLiteral aal).getElementExpr(_).getAChild*() and + not l = any(ArrayOrVectorAggregateLiteral aal).getAnElementExpr(_).getAChild*() and // Ignore x - 1 expressions not exists(SubExpr se | se.getRightOperand() = l and l.getValue() = "1") select l, diff --git a/cpp/autosar/src/rules/A8-4-9/InOutParametersDeclaredAsTNotModified.ql b/cpp/autosar/src/rules/A8-4-9/InOutParametersDeclaredAsTNotModified.ql index 0b5c8d70be..1509ee968a 100644 --- a/cpp/autosar/src/rules/A8-4-9/InOutParametersDeclaredAsTNotModified.ql +++ b/cpp/autosar/src/rules/A8-4-9/InOutParametersDeclaredAsTNotModified.ql @@ -60,7 +60,7 @@ where //also not having a nonconst member accessed through the param notUsedAsQualifierForNonConst(p) and not exists(ClassAggregateLiteral l, Field f | - DataFlow::localExprFlow(p.getAnAccess(), l.getFieldExpr(f)) and + DataFlow::localExprFlow(p.getAnAccess(), l.getAFieldExpr(f)) and not f.isConst() ) and // Exclude parameters that are used to initialize member fields. From d5ca95b704a351c71ebc54026685d1ce42a5fb97 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Tue, 4 Apr 2023 20:32:54 +0200 Subject: [PATCH 0968/2573] Use 'getAnElementExpr' instead of 'getElementExpr', and 'getAFieldExpr' instead of 'getFieldExpr'. --- c/misra/src/codingstandards/c/misra/EssentialTypes.qll | 4 ++-- cpp/autosar/src/rules/A12-1-5/InitializerHashCons.qll | 6 +++--- cpp/autosar/src/rules/A5-1-9/LambdaEquivalence.qll | 6 +++--- .../src/codingstandards/cpp/StructuralEquivalence.qll | 6 +++--- .../cpp/enhancements/AggregateLiteralEnhancements.qll | 6 +++--- .../UseInitializerBracesToMatchAggregateTypeStructure.qll | 8 ++++---- 6 files changed, 18 insertions(+), 18 deletions(-) diff --git a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll index 697a24513f..930e7300b7 100644 --- a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll +++ b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll @@ -365,12 +365,12 @@ predicate isAssignmentToEssentialType(Type lValueEssentialType, Expr rValue) { // Initializing an array exists(ArrayAggregateLiteral aal | lValueEssentialType = aal.getElementType() and - rValue = aal.getElementExpr(_) + rValue = aal.getAnElementExpr(_) ) or // Initializing a struct or union exists(ClassAggregateLiteral cal, Field field | lValueEssentialType = field.getType() and - rValue = cal.getFieldExpr(field) + rValue = cal.getAFieldExpr(field) ) } diff --git a/cpp/autosar/src/rules/A12-1-5/InitializerHashCons.qll b/cpp/autosar/src/rules/A12-1-5/InitializerHashCons.qll index b1e1bc03f4..bc63c253fa 100644 --- a/cpp/autosar/src/rules/A12-1-5/InitializerHashCons.qll +++ b/cpp/autosar/src/rules/A12-1-5/InitializerHashCons.qll @@ -891,7 +891,7 @@ private predicate mk_FieldCons( analyzableClassAggregateLiteral(cal) and cal.getUnspecifiedType() = c and exists(Expr e | - e = cal.getFieldExpr(f).getFullyConverted() and + e = cal.getAFieldExpr(f).getFullyConverted() and f.getInitializationOrder() = i and ( hc = hashCons(e) and @@ -907,9 +907,9 @@ private predicate mk_FieldCons( private predicate analyzableClassAggregateLiteral(ClassAggregateLiteral cal) { forall(int i | exists(cal.getChild(i)) | strictcount(cal.getChild(i).getFullyConverted()) = 1 and - strictcount(Field f | cal.getChild(i) = cal.getFieldExpr(f)) = 1 and + strictcount(Field f | cal.getChild(i) = cal.getAFieldExpr(f)) = 1 and strictcount(Field f, int j | - cal.getFieldExpr(f) = cal.getChild(i) and j = f.getInitializationOrder() + cal.getAFieldExpr(f) = cal.getChild(i) and j = f.getInitializationOrder() ) = 1 ) } diff --git a/cpp/autosar/src/rules/A5-1-9/LambdaEquivalence.qll b/cpp/autosar/src/rules/A5-1-9/LambdaEquivalence.qll index 110c7c734d..040777e321 100644 --- a/cpp/autosar/src/rules/A5-1-9/LambdaEquivalence.qll +++ b/cpp/autosar/src/rules/A5-1-9/LambdaEquivalence.qll @@ -989,7 +989,7 @@ private module HashCons { analyzableClassAggregateLiteral(cal) and cal.getUnspecifiedType() = c and exists(Expr e | - e = cal.getFieldExpr(f).getFullyConverted() and + e = cal.getAFieldExpr(f).getFullyConverted() and f.getInitializationOrder() = i and ( hc = hashConsExpr(e) and @@ -1005,9 +1005,9 @@ private module HashCons { private predicate analyzableClassAggregateLiteral(ClassAggregateLiteral cal) { forall(int i | exists(cal.getChild(i)) | strictcount(cal.getChild(i).getFullyConverted()) = 1 and - strictcount(Field f | cal.getChild(i) = cal.getFieldExpr(f)) = 1 and + strictcount(Field f | cal.getChild(i) = cal.getAFieldExpr(f)) = 1 and strictcount(Field f, int j | - cal.getFieldExpr(f) = cal.getChild(i) and j = f.getInitializationOrder() + cal.getAFieldExpr(f) = cal.getChild(i) and j = f.getInitializationOrder() ) = 1 ) } diff --git a/cpp/common/src/codingstandards/cpp/StructuralEquivalence.qll b/cpp/common/src/codingstandards/cpp/StructuralEquivalence.qll index 3423134ca1..0fbc5ce8e7 100644 --- a/cpp/common/src/codingstandards/cpp/StructuralEquivalence.qll +++ b/cpp/common/src/codingstandards/cpp/StructuralEquivalence.qll @@ -989,7 +989,7 @@ private module HashCons { analyzableClassAggregateLiteral(cal) and cal.getUnspecifiedType() = c and exists(Expr e | - e = cal.getFieldExpr(f).getFullyConverted() and + e = cal.getAFieldExpr(f).getFullyConverted() and f.getInitializationOrder() = i and ( hc = hashConsExpr(e) and @@ -1005,9 +1005,9 @@ private module HashCons { private predicate analyzableClassAggregateLiteral(ClassAggregateLiteral cal) { forall(int i | exists(cal.getChild(i)) | strictcount(cal.getChild(i).getFullyConverted()) = 1 and - strictcount(Field f | cal.getChild(i) = cal.getFieldExpr(f)) = 1 and + strictcount(Field f | cal.getChild(i) = cal.getAFieldExpr(f)) = 1 and strictcount(Field f, int j | - cal.getFieldExpr(f) = cal.getChild(i) and j = f.getInitializationOrder() + cal.getAFieldExpr(f) = cal.getChild(i) and j = f.getInitializationOrder() ) = 1 ) } diff --git a/cpp/common/src/codingstandards/cpp/enhancements/AggregateLiteralEnhancements.qll b/cpp/common/src/codingstandards/cpp/enhancements/AggregateLiteralEnhancements.qll index 4d80fc16a2..0c34f661e2 100644 --- a/cpp/common/src/codingstandards/cpp/enhancements/AggregateLiteralEnhancements.qll +++ b/cpp/common/src/codingstandards/cpp/enhancements/AggregateLiteralEnhancements.qll @@ -114,7 +114,7 @@ module ClassAggregateLiterals { exists(Expr compilerGeneratedVal, int index, Expr previousExpr | // Identify the candidate expression which may be compiler generated compilerGeneratedVal = cal.getChild(index) and - compilerGeneratedVal = cal.getFieldExpr(f) and + compilerGeneratedVal = cal.getAFieldExpr(f) and // Find the previous expression for this aggregate literal previousExpr = getPreviousExpr(cal, index) | @@ -201,7 +201,7 @@ class InferredAggregateLiteral extends AggregateLiteral { predicate isExprValueInitialized(AggregateLiteral al, Expr e) { // This expression is a value initialized field exists(Field f | - e = al.(ClassAggregateLiteral).getFieldExpr(f) and + e = al.(ClassAggregateLiteral).getAFieldExpr(f) and ClassAggregateLiterals::isValueInitialized(al, f) ) or @@ -236,7 +236,7 @@ predicate isLeadingZeroInitialized(AggregateLiteral a) { // Or because it's a class aggregate, and all other fields are value initialized forall(Field f | f = a.getType().(Class).getAField() and - not a.(ClassAggregateLiteral).getFieldExpr(f) = a.getChild(0) + not a.(ClassAggregateLiteral).getAFieldExpr(f) = a.getChild(0) | ClassAggregateLiterals::isValueInitialized(a, f) ) diff --git a/cpp/common/src/codingstandards/cpp/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.qll b/cpp/common/src/codingstandards/cpp/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.qll index 8aab8849fd..d81670b558 100644 --- a/cpp/common/src/codingstandards/cpp/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.qll +++ b/cpp/common/src/codingstandards/cpp/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.qll @@ -28,7 +28,7 @@ query predicate problems( exists(string parentDescription | // For class aggergate literal parents, report which field is being assigned to exists(ClassAggregateLiteral cal, Field field | - cal.getFieldExpr(field) = inferredAggregateLiteral and + cal.getAFieldExpr(field) = inferredAggregateLiteral and parentDescription = "to field $@" and explanationElement = field | @@ -37,15 +37,15 @@ query predicate problems( or // For array aggregate literal parents, report which index is being assigned to exists(ArrayAggregateLiteral aal, int elementIndex | - aal.getElementExpr(elementIndex) = inferredAggregateLiteral and + aal.getAnElementExpr(elementIndex) = inferredAggregateLiteral and parentDescription = "to index " + elementIndex + " in $@" and explanationElement = aal and explanationDescription = "array of type " + aal.getType().getName() ) or // In some cases, we seem to have missing link, so provide a basic message - not any(ArrayAggregateLiteral aal).getElementExpr(_) = inferredAggregateLiteral and - not any(ClassAggregateLiteral aal).getFieldExpr(_) = inferredAggregateLiteral and + not any(ArrayAggregateLiteral aal).getAnElementExpr(_) = inferredAggregateLiteral and + not any(ClassAggregateLiteral aal).getAFieldExpr(_) = inferredAggregateLiteral and parentDescription = "to an unnamed field of $@" and explanationElement = inferredAggregateLiteral.getParent() and explanationDescription = " " + explanationElement.(Expr).getType().getName() From 5f8a6f74b8362380e6f7ec744ba617963563dafa Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Wed, 5 Apr 2023 21:31:01 +0200 Subject: [PATCH 0969/2573] Implement OutOfBounds.qll, ARR38-C, and ARR30-C --- ...ormOutOfBoundsPointersOrArraySubscripts.md | 16 + ...ormOutOfBoundsPointersOrArraySubscripts.ql | 43 ++ .../LibraryFunctionArgumentOutOfBounds.ql | 4 +- ...OfBoundsPointersOrArraySubscripts.expected | 3 + ...OutOfBoundsPointersOrArraySubscripts.qlref | 1 + c/cert/test/rules/ARR30-C/test.c | 35 ++ ...ibraryFunctionArgumentOutOfBounds.expected | 80 ++- c/cert/test/rules/ARR38-C/test.c | 70 +-- .../src/codingstandards/c/OutOfBounds.qll | 464 ++++++++++++++---- 9 files changed, 593 insertions(+), 123 deletions(-) create mode 100644 c/cert/src/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.md create mode 100644 c/cert/src/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.ql create mode 100644 c/cert/test/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.expected create mode 100644 c/cert/test/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.qlref create mode 100644 c/cert/test/rules/ARR30-C/test.c diff --git a/c/cert/src/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.md b/c/cert/src/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.md new file mode 100644 index 0000000000..70ecd9180e --- /dev/null +++ b/c/cert/src/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.md @@ -0,0 +1,16 @@ +# ARR30-C: Do not form or use out-of-bounds pointers or array subscripts + +This query implements the CERT-C rule ARR30-C: + +> Do not form or use out-of-bounds pointers or array subscripts +## CERT + +** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** + +## Implementation notes + +None + +## References + +* CERT-C: [ARR30-C: Do not form or use out-of-bounds pointers or array subscripts](https://wiki.sei.cmu.edu/confluence/display/c) diff --git a/c/cert/src/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.ql b/c/cert/src/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.ql new file mode 100644 index 0000000000..63a422bca2 --- /dev/null +++ b/c/cert/src/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.ql @@ -0,0 +1,43 @@ +/** + * @id c/cert/do-not-form-out-of-bounds-pointers-or-array-subscripts + * @name ARR30-C: Do not form or use out-of-bounds pointers or array subscripts + * @description Forming or using an out-of-bounds pointer is undefined behavior and can result in + * invalid memory accesses. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/cert/id/arr30-c + * correctness + * security + * external/cert/obligation/rule + */ + + import cpp + import codingstandards.c.cert + import codingstandards.c.OutOfBounds + + from + OOB::BufferAccess ba, Expr bufferArg, Expr sizeArg, OOB::PointerToObjectSource bufferSource, + string message + where + not isExcluded(ba, OutOfBoundsPackage::doNotFormOutOfBoundsPointersOrArraySubscriptsQuery()) and + ( + exists(int sizeArgValue, int bufferArgSize | + OOB::isSizeArgGreaterThanBufferSize(bufferArg, sizeArg, bufferSource, bufferArgSize, sizeArgValue, ba) and + message = + "Buffer accesses offset " + sizeArgValue + + " which is greater than the fixed size " + bufferArgSize + " of the $@." + ) + or + exists(int sizeArgUpperBound, int sizeMult, int bufferArgSize | + OOB::isSizeArgNotCheckedLessThanFixedBufferSize(bufferArg, sizeArg, bufferSource, + bufferArgSize, ba, sizeArgUpperBound, sizeMult) and + message = + "Buffer accesses may access up to offset " + sizeArgUpperBound + "*" + sizeMult + + " which is greater than the fixed size " + bufferArgSize + " of the $@." + ) + or + OOB::isSizeArgNotCheckedGreaterThanZero(bufferArg, sizeArg, bufferSource, ba) and + message = "Buffer access may be to a negative index in the buffer." + ) + select ba, message, bufferSource, "buffer" \ No newline at end of file diff --git a/c/cert/src/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.ql b/c/cert/src/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.ql index 1444967303..9d6e16e16b 100644 --- a/c/cert/src/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.ql +++ b/c/cert/src/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.ql @@ -1,7 +1,7 @@ /** * @id c/cert/library-function-argument-out-of-bounds * @name ARR38-C: Guarantee that library functions do not form invalid pointers - * @description + * @description * @kind problem * @precision high * @problem.severity error @@ -21,4 +21,4 @@ from where not isExcluded(fc, OutOfBoundsPackage::libraryFunctionArgumentOutOfBoundsQuery()) and OOB::problems(fc, message, bufferArg, bufferArgStr, sizeOrOtherBufferArg, otherStr) -select fc, message, bufferArg, bufferArgStr, sizeOrOtherBufferArg, otherStr +select fc, message, bufferArg, bufferArgStr, sizeOrOtherBufferArg, otherStr \ No newline at end of file diff --git a/c/cert/test/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.expected b/c/cert/test/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.expected new file mode 100644 index 0000000000..1f4abf8f7b --- /dev/null +++ b/c/cert/test/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.expected @@ -0,0 +1,3 @@ +| test.c:8:3:8:11 | ... + ... | Buffer accesses offset 404 which is greater than the fixed size 400 of the $@. | test.c:8:3:8:5 | arr | buffer | +| test.c:16:3:16:13 | ... + ... | Buffer access may be to a negative index in the buffer. | test.c:16:3:16:5 | arr | buffer | +| test.c:21:5:21:15 | ... + ... | Buffer access may be to a negative index in the buffer. | test.c:21:5:21:7 | arr | buffer | diff --git a/c/cert/test/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.qlref b/c/cert/test/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.qlref new file mode 100644 index 0000000000..a6e032ec87 --- /dev/null +++ b/c/cert/test/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.qlref @@ -0,0 +1 @@ +rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.ql \ No newline at end of file diff --git a/c/cert/test/rules/ARR30-C/test.c b/c/cert/test/rules/ARR30-C/test.c new file mode 100644 index 0000000000..d033516d0e --- /dev/null +++ b/c/cert/test/rules/ARR30-C/test.c @@ -0,0 +1,35 @@ + + +enum { ARRAY_SIZE = 100 }; + +static int arr[ARRAY_SIZE]; + +void test_fixed_wrong() { + arr + 101; // NON_COMPLIANT +} + +void test_fixed_right() { + arr + 2; // COMPLIANT +} + +void test_no_check(int index) { + arr + index; // NON_COMPLIANT +} + +void test_invalid_check(int index) { + if (index < ARRAY_SIZE) { + arr + index; // NON_COMPLIANT - `index` could be negative + } +} + +void test_valid_check(int index) { + if (index > 0 && index < ARRAY_SIZE) { + arr + index; // COMPLIANT - `index` cannot be negative + } +} + +void test_valid_check_by_type(unsigned int index) { + if (index < ARRAY_SIZE) { + arr + index; // COMPLIANT - `index` cannot be be negative + } +} \ No newline at end of file diff --git a/c/cert/test/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.expected b/c/cert/test/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.expected index 2ec1a0ac6c..d039a5dcf8 100644 --- a/c/cert/test/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.expected +++ b/c/cert/test/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.expected @@ -1 +1,79 @@ -No expected results have yet been specified \ No newline at end of file +| test.c:40:3:40:8 | call to strchr | The $@ passed to strchr might not be null-terminated. | test.c:40:10:40:16 | ca5_bad | argument | test.c:40:10:40:16 | ca5_bad | | +| test.c:42:3:42:8 | call to strchr | The $@ passed to strchr is 5 bytes, but an offset of 5 bytes is used to access it. | test.c:42:10:42:21 | ... + ... | read buffer | test.c:42:10:42:21 | ... + ... | | +| test.c:46:5:46:10 | call to strcpy | The size of the $@ passed to strcpy is 6 bytes, but the size of the $@ is only 5 bytes. | test.c:46:22:46:28 | test1 | read buffer | test.c:46:12:46:19 | ca5_good | write buffer | +| test.c:53:5:53:10 | call to strcpy | The $@ passed to strcpy might not be null-terminated. | test.c:53:24:53:30 | ca5_bad | argument | test.c:53:24:53:30 | ca5_bad | | +| test.c:54:5:54:10 | call to strcpy | The size of the $@ passed to strcpy is 6 bytes, but the size of the $@ is only 5 bytes. | test.c:54:24:54:31 | ca6_good | read buffer | test.c:54:12:54:19 | call to get_ca_5 | write buffer | +| test.c:59:5:59:10 | call to strcpy | The size of the $@ passed to strcpy is 6 bytes, but the size of the $@ is only 5 bytes. | test.c:59:22:59:29 | ca6_good | read buffer | test.c:59:12:59:19 | ca5_good | write buffer | +| test.c:62:5:62:10 | call to strcpy | The $@ passed to strcpy might not be null-terminated. | test.c:62:22:62:28 | ca6_bad | argument | test.c:62:22:62:28 | ca6_bad | | +| test.c:62:5:62:10 | call to strcpy | The size of the $@ passed to strcpy is 6 bytes, but the size of the $@ is only 5 bytes. | test.c:62:22:62:28 | ca6_bad | read buffer | test.c:62:12:62:19 | ca5_good | write buffer | +| test.c:65:5:65:10 | call to strcpy | The size of the $@ passed to strcpy is 6 bytes, but the size of the $@ is only 5 bytes. | test.c:65:21:65:28 | ca6_good | read buffer | test.c:65:12:65:18 | ca5_bad | write buffer | +| test.c:71:5:71:10 | call to strcpy | The $@ passed to strcpy might not be null-terminated. | test.c:71:21:71:27 | ca5_bad | argument | test.c:71:21:71:27 | ca5_bad | | +| test.c:77:5:77:10 | call to strcpy | The $@ passed to strcpy might not be null-terminated. | test.c:77:24:77:30 | ca5_bad | argument | test.c:77:24:77:30 | ca5_bad | | +| test.c:80:5:80:10 | call to strcpy | The size of the $@ passed to strcpy is 6 bytes, but the size of the $@ is only 5 bytes. | test.c:80:24:80:31 | ca6_good | read buffer | test.c:80:12:80:19 | call to get_ca_5 | write buffer | +| test.c:103:5:103:11 | call to strncpy | The size of the $@ passed to strncpy is 5 bytes, but the $@ is 6 bytes. | test.c:103:13:103:19 | ca5_bad | write buffer | test.c:103:32:103:32 | 6 | size argument | +| test.c:127:5:127:10 | call to memcpy | The $@ passed to memcpy is accessed at an excessive offset of 1 element(s) from the $@. | test.c:127:12:127:13 | p2 | write buffer | test.c:120:21:120:26 | call to strlen | allocation size base | +| test.c:153:5:153:10 | call to strcat | The $@ passed to strcat might not be null-terminated. | test.c:153:12:153:15 | buf1 | argument | test.c:153:12:153:15 | buf1 | | +| test.c:158:5:158:10 | call to strcat | The size of the $@ passed to strcat is 6 bytes, but the size of the $@ is only 5 bytes. | test.c:158:24:158:30 | 12345 | read buffer | test.c:158:12:158:19 | call to get_ca_5 | write buffer | +| test.c:160:5:160:10 | call to strcat | The size of the $@ passed to strcat is 5 bytes, but the size of the $@ is only 4 bytes. | test.c:160:28:160:33 | 1234 | read buffer | test.c:160:12:160:25 | ... + ... | write buffer | +| test.c:183:5:183:11 | call to wcsncat | The size of the $@ passed to wcsncat is 5 bytes, but the $@ is 20 bytes. | test.c:183:13:183:20 | call to get_ca_5 | write buffer | test.c:183:35:183:35 | 5 | size argument | +| test.c:183:5:183:11 | call to wcsncat | The size of the $@ passed to wcsncat is 24 bytes, but the size of the $@ is only 5 bytes. | test.c:183:25:183:32 | 12345 | read buffer | test.c:183:13:183:20 | call to get_ca_5 | write buffer | +| test.c:184:5:184:11 | call to wcsncat | The size of the $@ passed to wcsncat is 5 bytes, but the $@ is 16 bytes. | test.c:184:13:184:20 | call to get_ca_5 | write buffer | test.c:184:34:184:34 | 4 | size argument | +| test.c:184:5:184:11 | call to wcsncat | The size of the $@ passed to wcsncat is 20 bytes, but the size of the $@ is only 5 bytes. | test.c:184:25:184:31 | 1234 | read buffer | test.c:184:13:184:20 | call to get_ca_5 | write buffer | +| test.c:185:5:185:11 | call to wcsncat | The size of the $@ passed to wcsncat is 1 bytes, but the $@ is 16 bytes. | test.c:185:13:185:26 | ... + ... | write buffer | test.c:185:38:185:38 | 4 | size argument | +| test.c:185:5:185:11 | call to wcsncat | The size of the $@ passed to wcsncat is 20 bytes, but the size of the $@ is only 1 bytes. | test.c:185:29:185:35 | 1234 | read buffer | test.c:185:13:185:26 | ... + ... | write buffer | +| test.c:186:5:186:11 | call to wcsncat | The size of the $@ passed to wcsncat is 5 bytes, but the $@ is 8 bytes. | test.c:186:13:186:20 | call to get_ca_5 | write buffer | test.c:186:32:186:32 | 2 | size argument | +| test.c:186:5:186:11 | call to wcsncat | The size of the $@ passed to wcsncat is 12 bytes, but the size of the $@ is only 5 bytes. | test.c:186:25:186:29 | 12 | read buffer | test.c:186:13:186:20 | call to get_ca_5 | write buffer | +| test.c:191:5:191:10 | call to strcmp | The $@ passed to strcmp might not be null-terminated. | test.c:191:22:191:28 | ca5_bad | argument | test.c:191:22:191:28 | ca5_bad | | +| test.c:193:5:193:10 | call to strcmp | The $@ passed to strcmp might not be null-terminated. | test.c:193:12:193:18 | ca5_bad | argument | test.c:193:12:193:18 | ca5_bad | | +| test.c:202:5:202:11 | call to strncmp | The size of the $@ passed to strncmp is 5 bytes, but the $@ is 6 bytes. | test.c:202:13:202:20 | ca5_good | write buffer | test.c:202:32:202:32 | 6 | size argument | +| test.c:202:5:202:11 | call to strncmp | The size of the $@ passed to strncmp is 5 bytes, but the $@ is 6 bytes. | test.c:202:23:202:29 | ca5_bad | read buffer | test.c:202:32:202:32 | 6 | size argument | +| test.c:213:5:213:9 | call to fgets | The size of the $@ passed to fgets is 128 bytes, but the $@ is 129 bytes. | test.c:213:11:213:13 | buf | write buffer | test.c:213:16:213:30 | ... + ... | size argument | +| test.c:216:5:216:9 | call to fgets | The size of the $@ passed to fgets is 127 bytes, but the $@ is 128 bytes. | test.c:216:11:216:17 | ... + ... | write buffer | test.c:216:20:216:30 | sizeof() | size argument | +| test.c:222:5:222:10 | call to fgetws | The size of the $@ passed to fgetws is 512 bytes, but the $@ is 2048 bytes. | test.c:222:12:222:15 | wbuf | write buffer | test.c:222:18:222:29 | sizeof() | size argument | +| test.c:225:5:225:10 | call to fgetws | The size of the $@ passed to fgetws is 512 bytes, but the $@ is 516 bytes. | test.c:225:12:225:15 | wbuf | write buffer | test.c:225:18:225:49 | ... + ... | size argument | +| test.c:228:5:228:10 | call to fgetws | The size of the $@ passed to fgetws is 508 bytes, but the $@ is 512 bytes. | test.c:228:12:228:19 | ... + ... | write buffer | test.c:228:22:228:49 | ... / ... | size argument | +| test.c:237:5:237:12 | call to mbstowcs | The size of the $@ passed to mbstowcs is 512 bytes, but the $@ is 2048 bytes. | test.c:237:14:237:17 | wbuf | write buffer | test.c:237:26:237:37 | sizeof() | size argument | +| test.c:239:5:239:12 | call to mbstowcs | The $@ passed to mbstowcs might not be null-terminated. | test.c:239:20:239:23 | buf2 | argument | test.c:239:20:239:23 | buf2 | | +| test.c:249:5:249:12 | call to wcstombs | The size of the $@ passed to wcstombs is 128 bytes, but the $@ is 512 bytes. | test.c:249:14:249:16 | buf | write buffer | test.c:249:25:249:36 | sizeof() | size argument | +| test.c:249:5:249:12 | call to wcstombs | The size of the $@ passed to wcstombs is 512 bytes, but the size of the $@ is only 128 bytes. | test.c:249:19:249:22 | wbuf | read buffer | test.c:249:14:249:16 | buf | write buffer | +| test.c:252:5:252:12 | call to wcstombs | The size of the $@ passed to wcstombs is 127 bytes, but the $@ is 128 bytes. | test.c:252:14:252:20 | ... + ... | write buffer | test.c:252:33:252:43 | sizeof() | size argument | +| test.c:252:5:252:12 | call to wcstombs | The size of the $@ passed to wcstombs is 508 bytes, but the size of the $@ is only 127 bytes. | test.c:252:23:252:30 | ... + ... | read buffer | test.c:252:14:252:20 | ... + ... | write buffer | +| test.c:261:5:261:10 | call to mbtowc | The size of the $@ passed to mbtowc is 2 bytes, but the $@ is 3 bytes. | test.c:261:16:261:18 | buf | read buffer | test.c:261:21:261:35 | ... + ... | size argument | +| test.c:269:5:269:9 | call to mblen | The size of the $@ passed to mblen is 3 bytes, but the $@ is 4 bytes. | test.c:269:11:269:13 | buf | read buffer | test.c:269:16:269:30 | ... + ... | size argument | +| test.c:270:5:270:9 | call to mblen | The size of the $@ passed to mblen is 5 bytes, but the $@ is 6 bytes. | test.c:270:19:270:24 | call to malloc | read buffer | test.c:270:30:270:44 | ... * ... | size argument | +| test.c:278:5:278:10 | call to memchr | The size of the $@ passed to memchr is 128 bytes, but the $@ is 129 bytes. | test.c:278:12:278:14 | buf | read buffer | test.c:278:20:278:34 | ... + ... | size argument | +| test.c:279:5:279:10 | call to memset | The size of the $@ passed to memset is 128 bytes, but the $@ is 129 bytes. | test.c:279:12:279:14 | buf | write buffer | test.c:279:20:279:34 | ... + ... | size argument | +| test.c:281:5:281:10 | call to memchr | The $@ passed to memchr is null. | test.c:281:12:281:15 | 0 | argument | test.c:281:12:281:15 | 0 | | +| test.c:288:5:288:12 | call to strftime | The size of the $@ passed to strftime is 128 bytes, but the $@ is 129 bytes. | test.c:288:14:288:16 | buf | write buffer | test.c:288:19:288:33 | ... + ... | size argument | +| test.c:290:5:290:12 | call to strftime | The size of the $@ passed to strftime is 127 bytes, but the $@ is 128 bytes. | test.c:290:14:290:20 | ... + ... | write buffer | test.c:290:23:290:33 | sizeof() | size argument | +| test.c:299:5:299:12 | call to wcsftime | The size of the $@ passed to wcsftime is 512 bytes, but the $@ is 520 bytes. | test.c:299:14:299:17 | wbuf | write buffer | test.c:299:20:299:53 | ... + ... | size argument | +| test.c:305:5:305:12 | call to wcsftime | The size of the $@ passed to wcsftime is 508 bytes, but the $@ is 512 bytes. | test.c:305:14:305:21 | ... + ... | write buffer | test.c:305:24:305:53 | ... / ... | size argument | +| test.c:307:5:307:12 | call to wcsftime | The size of the $@ passed to wcsftime is 512 bytes, but the $@ is 2048 bytes. | test.c:307:14:307:17 | wbuf | write buffer | test.c:307:20:307:31 | sizeof() | size argument | +| test.c:315:5:315:11 | call to strxfrm | The size of the $@ passed to strxfrm is 64 bytes, but the $@ is 65 bytes. | test.c:315:13:315:15 | buf | write buffer | test.c:315:25:315:39 | ... + ... | size argument | +| test.c:317:5:317:11 | call to strxfrm | The $@ passed to strxfrm might not be null-terminated. | test.c:317:22:317:25 | buf2 | argument | test.c:317:22:317:25 | buf2 | | +| test.c:326:5:326:11 | call to wcsxfrm | The size of the $@ passed to wcsxfrm is 256 bytes, but the $@ is 260 bytes. | test.c:326:13:326:16 | wbuf | write buffer | test.c:326:27:326:60 | ... + ... | size argument | +| test.c:338:5:338:12 | call to snprintf | The size of the $@ passed to snprintf is 64 bytes, but the $@ is 65 bytes. | test.c:338:14:338:16 | buf | write buffer | test.c:338:19:338:33 | ... + ... | size argument | +| test.c:346:5:346:11 | call to setvbuf | The size of the $@ passed to setvbuf is 64 bytes, but the $@ is 65 bytes. | test.c:346:16:346:18 | buf | read buffer | test.c:346:29:346:43 | ... + ... | size argument | +| test.c:348:5:348:11 | call to setvbuf | The size of the $@ passed to setvbuf is 63 bytes, but the $@ is 64 bytes. | test.c:348:16:348:22 | ... + ... | read buffer | test.c:348:33:348:43 | sizeof() | size argument | +| test.c:362:5:362:10 | call to memcpy | The size of the $@ passed to memcpy is 64 bytes, but the $@ is 65 bytes. | test.c:362:12:362:14 | buf | write buffer | test.c:362:23:362:37 | ... + ... | size argument | +| test.c:362:5:362:10 | call to memcpy | The size of the $@ passed to memcpy is 64 bytes, but the $@ is 65 bytes. | test.c:362:17:362:20 | buf2 | read buffer | test.c:362:23:362:37 | ... + ... | size argument | +| test.c:364:5:364:10 | call to memcpy | The size of the $@ passed to memcpy is 63 bytes, but the $@ is 64 bytes. | test.c:364:12:364:18 | ... + ... | write buffer | test.c:364:27:364:37 | sizeof() | size argument | +| test.c:364:5:364:10 | call to memcpy | The size of the $@ passed to memcpy is 64 bytes, but the size of the $@ is only 63 bytes. | test.c:364:21:364:24 | buf2 | read buffer | test.c:364:12:364:18 | ... + ... | write buffer | +| test.c:365:5:365:10 | call to memcpy | The size of the $@ passed to memcpy is 63 bytes, but the $@ is 128 bytes. | test.c:365:17:365:24 | ... + ... | read buffer | test.c:365:27:365:41 | ... * ... | size argument | +| test.c:365:5:365:10 | call to memcpy | The size of the $@ passed to memcpy is 64 bytes, but the $@ is 128 bytes. | test.c:365:12:365:14 | buf | write buffer | test.c:365:27:365:41 | ... * ... | size argument | +| test.c:374:5:374:11 | call to wmemcpy | The size of the $@ passed to wmemcpy is 256 bytes, but the $@ is 512 bytes. | test.c:374:22:374:27 | wbuf64 | read buffer | test.c:375:13:375:45 | ... / ... | size argument | +| test.c:377:5:377:11 | call to wmemcpy | The size of the $@ passed to wmemcpy is 252 bytes, but the $@ is 256 bytes. | test.c:377:13:377:22 | ... + ... | write buffer | test.c:378:13:378:44 | ... / ... | size argument | +| test.c:377:5:377:11 | call to wmemcpy | The size of the $@ passed to wmemcpy is 256 bytes, but the size of the $@ is only 252 bytes. | test.c:377:25:377:30 | wbuf64 | read buffer | test.c:377:13:377:22 | ... + ... | write buffer | +| test.c:379:5:379:11 | call to wmemcpy | The size of the $@ passed to wmemcpy is 252 bytes, but the $@ is 256 bytes. | test.c:379:13:379:22 | ... + ... | write buffer | test.c:380:13:380:44 | ... / ... | size argument | +| test.c:379:5:379:11 | call to wmemcpy | The size of the $@ passed to wmemcpy is 252 bytes, but the $@ is 256 bytes. | test.c:379:25:379:34 | ... + ... | read buffer | test.c:380:13:380:44 | ... / ... | size argument | +| test.c:401:5:401:11 | call to bsearch | The $@ passed to bsearch is null. | test.c:401:19:401:22 | 0 | argument | test.c:401:19:401:22 | 0 | | +| test.c:411:5:411:9 | call to qsort | The size of the $@ passed to qsort is 40 bytes, but the $@ is 44 bytes. | test.c:411:11:411:13 | arr | write buffer | test.c:411:16:411:44 | ... + ... | size argument | +| test.c:425:3:425:7 | call to fread | The size of the $@ passed to fread is 64 bytes, but the $@ is 65 bytes. | test.c:425:9:425:11 | buf | write buffer | test.c:425:31:425:31 | 1 | size argument | +| test.c:427:3:427:7 | call to fread | The $@ passed to fread is 64 bytes, but an offset of 64 bytes is used to access it. | test.c:427:9:427:15 | ... + ... | write buffer | test.c:427:9:427:15 | ... + ... | | +| test.c:427:3:427:7 | call to fread | The size of the $@ passed to fread is 0 bytes, but the $@ is 64 bytes. | test.c:427:9:427:15 | ... + ... | write buffer | test.c:427:31:427:31 | 1 | size argument | +| test.c:428:3:428:7 | call to fread | The size of the $@ passed to fread is 64 bytes, but the $@ is 128 bytes. | test.c:428:9:428:11 | buf | write buffer | test.c:428:31:428:31 | 1 | size argument | +| test.c:430:3:430:8 | call to fwrite | The size of the $@ passed to fwrite is 64 bytes, but the $@ is 65 bytes. | test.c:430:10:430:12 | buf | read buffer | test.c:430:32:430:32 | 1 | size argument | +| test.c:432:3:432:8 | call to fwrite | The $@ passed to fwrite is 64 bytes, but an offset of 64 bytes is used to access it. | test.c:432:10:432:16 | ... + ... | read buffer | test.c:432:10:432:16 | ... + ... | | +| test.c:432:3:432:8 | call to fwrite | The size of the $@ passed to fwrite is 0 bytes, but the $@ is 64 bytes. | test.c:432:10:432:16 | ... + ... | read buffer | test.c:432:32:432:32 | 1 | size argument | +| test.c:433:3:433:8 | call to fwrite | The size of the $@ passed to fwrite is 64 bytes, but the $@ is 128 bytes. | test.c:433:10:433:12 | buf | read buffer | test.c:433:32:433:32 | 1 | size argument | +| test.c:464:3:464:8 | call to memcpy | The $@ passed to memcpy is accessed at an excessive offset of 1 element(s) from the $@. | test.c:464:10:464:10 | p | write buffer | test.c:462:21:462:41 | ... * ... | allocation size base | diff --git a/c/cert/test/rules/ARR38-C/test.c b/c/cert/test/rules/ARR38-C/test.c index f58b64bcd7..2656129282 100644 --- a/c/cert/test/rules/ARR38-C/test.c +++ b/c/cert/test/rules/ARR38-C/test.c @@ -1,16 +1,28 @@ #include #include #include +#include #include -char *get_ca_5(void) { return malloc(5 * sizeof(char)); } - -char *get_ca_5_zeroed(void) { - char *p = malloc(5 * sizeof(char)); - memset(p, 0, 5 * sizeof(char)); +char *get_ca_5(void) { + void *ptr = malloc(5 * sizeof(char)); + memset(ptr, 0, 5 * sizeof(char)); + return (char *)ptr; } -int compare(void *, void *) {} +int compare(void *a, void *b) {} + +void test_strings_loop(void) { + char ca5[5] = "test"; // ok + char buf5[5] = {0}; + + for (int i = 0; i < 5; i++) { + strcpy(buf5, ca5); // COMPLIANT + strcpy(buf5 + i, ca5); // NON_COMPLIANT[FALSE_NEGATIVE] + strncpy(buf5, ca5, i); // COMPLIANT + strncpy(buf5, ca5, i + 1); // NON_COMPLIANT[FALSE_NEGATIVE] + } +} void test_strings(int flow, int unk_size) { char ca5_good[5] = "test"; // ok @@ -95,7 +107,7 @@ void test_strings(int flow, int unk_size) { } // COMPLIANT if (flow) { strncpy(ca6_bad, ca5_good, 6); - } // NON_COMPLIANT[FALSE_POSITIVE] + } // COMPLIANT if (flow) { strncpy(ca5_good + 1, ca5_good + 2, 3); } // COMPLIANT @@ -132,7 +144,7 @@ void test_strings(int flow, int unk_size) { char buf3[10] = {'\0'}; char buf4[10] = "12345"; - strcat(buf0, " "); // COMPLIANT[FALSE_NEGATIVE] - not null terminated at + strcat(buf0, " "); // NON_COMPLIANT[FALSE_NEGATIVE] - not null terminated at // initialization memset(buf0, 0, sizeof(buf0)); // COMPLIANT @@ -156,9 +168,9 @@ void test_strings(int flow, int unk_size) { wchar_t buf3[10] = {L'\0'}; wchar_t buf4[10] = L"12345"; - wcsncat( - buf0, L" ", - 1); // COMPLIANT[FALSE_NEGATIVE] - not null terminated at initialization + wcsncat(buf0, L" ", + 1); // NON_COMPLIANT[FALSE_NEGATIVE] - not null terminated at + // initialization memset(buf0, 0, sizeof(buf0)); // COMPLIANT memset(buf2, 0, sizeof(buf2)); // COMPLIANT @@ -166,15 +178,12 @@ void test_strings(int flow, int unk_size) { wcsncat(buf1, L" ", 1); // NON_COMPLIANT - not null terminated wcsncat(buf2, L" ", 1); // COMPLIANT wcsncat(buf3, L" ", 1); // COMPLIANT - wcsncat(buf4, L"12345", 5); // NON_COMPLIANT - - wcsncat(get_ca_5_zeroed(), L"12345", 5); // NON_COMPLIANT - wcsncat(get_ca_5_zeroed(), L"1234", 4); // NON_COMPLIANT - wcsncat(get_ca_5_zeroed() + 1, L"1234", 4); // NON_COMPLIANT - wcsncat(get_ca_5_zeroed(), L"12", - 2); // NON_COMPLIANT - 4 (bytes) + 2 (null term) copied - wcsncat(get_ca_5_zeroed() + 1, L"1", - 1); // COMPLIANT - 2 (bytes) + 2 (null term) copied + wcsncat(buf4, L"12345", 5); // NON_COMPLIANT[FALSE_NEGATIVE] + + wcsncat(get_ca_5(), L"12345", 5); // NON_COMPLIANT + wcsncat(get_ca_5(), L"1234", 4); // NON_COMPLIANT + wcsncat(get_ca_5() + 1, L"1234", 4); // NON_COMPLIANT + wcsncat(get_ca_5(), L"12", 2); // NON_COMPLIANT } // strcmp @@ -189,7 +198,8 @@ void test_strings(int flow, int unk_size) { // strncmp if (flow) { strncmp(ca5_good, ca5_bad, 4); // COMPLIANT - strncmp(ca5_good, ca5_bad, 5); // NON_COMPLIANT + strncmp(ca5_good, ca5_bad, 5); // COMPLIANT + strncmp(ca5_good, ca5_bad, 6); // NON_COMPLIANT } } @@ -201,7 +211,7 @@ void test_wrong_buf_size(void) { fgets(buf, sizeof(buf), stdin); // COMPLIANT fgets(buf, sizeof(buf) - 1, stdin); // COMPLIANT fgets(buf, sizeof(buf) + 1, stdin); // NON_COMPLIANT - fgets(buf, 0, stdin); // NON_COMPLIANT + fgets(buf, 0, stdin); // COMPLIANT fgets(buf + 1, sizeof(buf) - 1, stdin); // COMPLIANT fgets(buf + 1, sizeof(buf), stdin); // NON_COMPLIANT } @@ -213,8 +223,7 @@ void test_wrong_buf_size(void) { fgetws(wbuf, sizeof(wbuf) / sizeof(*wbuf), stdin); // COMPLIANT fgetws(wbuf, sizeof(wbuf) / sizeof(*wbuf) - 1, stdin); // COMPLIANT fgetws(wbuf, sizeof(wbuf) / sizeof(*wbuf) + 1, stdin); // NON_COMPLIANT - fgetws(wbuf, 0, stdin); // NON_COMPLIANT - fgetws(wbuf + 1, sizeof(wbuf) / sizeof(*wbuf) - 1, stdin); // NON_COMPLIANT + fgetws(wbuf, 0, stdin); // COMPLIANT fgetws(wbuf + 1, sizeof(wbuf) / sizeof(*wbuf) - 2, stdin); // COMPLIANT fgetws(wbuf + 1, sizeof(wbuf) / sizeof(*wbuf), stdin); // NON_COMPLIANT } @@ -246,7 +255,7 @@ void test_wrong_buf_size(void) { // mbtowc { wchar_t c; - char buf[2]; + char buf[2] = {0}; mbtowc(&c, buf, sizeof(buf)); // COMPLIANT mbtowc(&c, buf, sizeof(buf) - 1); // COMPLIANT mbtowc(&c, buf, sizeof(buf) + 1); // NON_COMPLIANT @@ -255,7 +264,7 @@ void test_wrong_buf_size(void) { // mblen { - char buf[3]; + char buf[3] = {0}; mblen(buf, sizeof(buf)); // COMPLIANT mblen(buf, sizeof(buf) + 1); // NON_COMPLIANT mblen((char *)malloc(5), sizeof(buf) * 2); // NON_COMPLIANT @@ -302,10 +311,11 @@ void test_wrong_buf_size(void) { { char buf[64]; char buf2[128]; - strxfrm(buf, "abc", sizeof(buf)); // COMPLIANT - strxfrm(buf, "abc", sizeof(buf) + 1); // NON_COMPLIANT - strxfrm(buf, "abc", sizeof(buf) - 1); // COMPLIANT - strxfrm(buf + 1, buf2, sizeof(buf) - 1); // COMPLIANT + strxfrm(buf, "abc", sizeof(buf)); // COMPLIANT + strxfrm(buf, "abc", sizeof(buf) + 1); // NON_COMPLIANT + strxfrm(buf, "abc", sizeof(buf) - 1); // COMPLIANT + strxfrm(buf + 1, buf2, + sizeof(buf) - 1); // NON_COMPLIANT - not null terminated } // wcsxfrm diff --git a/c/common/src/codingstandards/c/OutOfBounds.qll b/c/common/src/codingstandards/c/OutOfBounds.qll index e30e622141..44a0608b15 100644 --- a/c/common/src/codingstandards/c/OutOfBounds.qll +++ b/c/common/src/codingstandards/c/OutOfBounds.qll @@ -13,6 +13,7 @@ import codingstandards.cpp.PossiblyUnsafeStringOperation import codingstandards.cpp.SimpleRangeAnalysisCustomizations import semmle.code.cpp.dataflow.DataFlow import semmle.code.cpp.valuenumbering.GlobalValueNumbering +import semmle.code.cpp.security.BufferAccess import semmle.code.cpp.security.BufferWrite module OOB { @@ -161,8 +162,8 @@ module OOB { name = ["strncat", "wcsncat"] and dst = 0 and src = 1 and - src_sz = 2 and - dst_sz = -1 + src_sz = -1 and + dst_sz = 2 or name = ["snprintf", "vsnprintf", "swprintf", "vswprintf"] and dst = 0 and @@ -188,16 +189,28 @@ module OOB { src_sz = -1 and dst_sz = 2 or - name = ["bsearch", "qsort"] and - dst = 1 and + name = "qsort" and + dst = 0 and src = -1 and src_sz = -1 and - dst_sz = -1 + dst_sz = 1 or - name = ["fread", "fwrite"] and + name = "bsearch" and + dst = -1 and + src = 1 and + src_sz = -1 and + dst_sz = 2 + or + name = "fread" and dst = 0 and src = -1 and src_sz = -1 and + dst_sz = 2 + or + name = "fwrite" and + dst = -1 and + src = 0 and + src_sz = 2 and dst_sz = -1 ) } @@ -278,17 +291,23 @@ module OOB { predicate getANullTerminatedParameterIndex(int i) { // by default, require null-terminated parameters for src but - // only if the type of src is a plain char pointer or wchar_t + // only if the type of src is a plain char pointer or wchar_t. this.getReadParamIndex() = i and exists(Type baseType | - baseType = this.getReadParam().getType().(DerivedType).getBaseType*() and + baseType = this.getReadParam().getUnspecifiedType().(PointerType).getBaseType() and ( - baseType instanceof CharType or - baseType instanceof Wchar_t + baseType.getUnspecifiedType() instanceof PlainCharType or + baseType.getUnspecifiedType() instanceof Wchar_t ) ) } + predicate getASizeMultParameterIndex(int i) { + // by default, there is no size multiplier parameter + // exceptions: fread, fwrite, bsearch, qsort + none() + } + predicate getALengthParameterIndex(int i) { // by default, size parameters do not exclude the size of a null terminator none() @@ -316,12 +335,8 @@ module OOB { // by default, require null-terminated parameters for src but // only if the type of src is a plain char pointer. this.getReadParamIndex() = i and - this.getReadParam() - .getType() - .getUnspecifiedType() - .(PointerType) - .getBaseType() - .getUnspecifiedType() instanceof PlainCharType + this.getReadParam().getUnspecifiedType().(PointerType).getBaseType().getUnspecifiedType() + instanceof PlainCharType } } @@ -338,7 +353,7 @@ module OOB { /** * A `BufferAccessLibraryFunction` modelling `strcat` */ - class StrcatLibraryFunction extends BufferAccessLibraryFunction { + class StrcatLibraryFunction extends StringConcatenationFunctionLibraryFunction { StrcatLibraryFunction() { this.getName() = getNameOrInternalName("strcat") } } @@ -352,7 +367,7 @@ module OOB { /** * A `BufferAccessLibraryFunction` modelling `strncpy` */ - class StrncpyLibraryFunction extends BufferAccessLibraryFunction { + class StrncpyLibraryFunction extends StringConcatenationFunctionLibraryFunction { StrncpyLibraryFunction() { this.getName() = getNameOrInternalName("strncpy") } override predicate getANullTerminatedParameterIndex(int i) { @@ -374,7 +389,7 @@ module OOB { } /** - * A `BufferAccessLibraryFunction` modelling ["mbtowc", "mbrtowc"] + * A `BufferAccessLibraryFunction` modelling `mbtowc` and `mbrtowc` */ class MbtowcLibraryFunction extends BufferAccessLibraryFunction { MbtowcLibraryFunction() { this.getName() = getNameOrInternalName(["mbtowc", "mbrtowc"]) } @@ -401,15 +416,110 @@ module OOB { SetvbufLibraryFunction() { this.getName() = getNameOrInternalName("setvbuf") } override predicate getAPermissiblyNullParameterIndex(int i) { i = 1 } + + override predicate getANullTerminatedParameterIndex(int i) { + // `setvbuf` does not require a null-terminated buffer + none() + } + } + + /** + * A `BufferAccessLibraryFunction` modelling `snprintf`, `vsnprintf`, `swprintf`, and `vswprintf`. + * This class overrides the `getANullTerminatedParameterIndex` predicate to include the `format` parameter. + */ + class PrintfLibraryFunction extends BufferAccessLibraryFunction { + PrintfLibraryFunction() { + this.getName() = getNameOrInternalName(["snprintf", "vsnprintf", "swprintf", "vswprintf"]) + } + + override predicate getANullTerminatedParameterIndex(int i) { + // `snprintf` and variants require a null-terminated format string + i = 2 + } + } + + /** + * A `BufferAccessLibraryFunction` modelling `fread` and `fwrite`. + */ + class FreadFwriteLibraryFunction extends BufferAccessLibraryFunction { + FreadFwriteLibraryFunction() { this.getName() = getNameOrInternalName(["fread", "fwrite"]) } + + override predicate getASizeMultParameterIndex(int i) { + // `fread` and `fwrite` have a size multiplier parameter + i = 1 + } + } + + /** + * A `BufferAccessLibraryFunction` modelling `bsearch` + */ + class BsearchLibraryFunction extends BufferAccessLibraryFunction { + BsearchLibraryFunction() { this.getName() = getNameOrInternalName("bsearch") } + + override predicate getASizeMultParameterIndex(int i) { + // `bsearch` has a size multiplier parameter + i = 3 + } + } + + /** + * A `BufferAccessLibraryFunction` modelling `qsort` + */ + class QsortLibraryFunction extends BufferAccessLibraryFunction { + QsortLibraryFunction() { this.getName() = getNameOrInternalName("qsort") } + + override predicate getASizeMultParameterIndex(int i) { + // `qsort` has a size multiplier parameter + i = 2 + } + } + + /** + * An construction of a pointer to a buffer. + */ + abstract class BufferAccess extends Expr { + abstract predicate hasABuffer(Expr buffer, Expr size, int sizeMult); + + Expr getARelevantExpr() { + hasABuffer(result, _, _) + or + hasABuffer(_, result, _) + } + } + + class PointerArithmeticBufferAccess extends BufferAccess instanceof PointerArithmeticExpr { + override predicate hasABuffer(Expr buffer, Expr size, int sizeMult) { + buffer = this.(PointerArithmeticExpr).getPointer() and + size = this.(PointerArithmeticExpr).getOperand() and + sizeMult = + buffer.getType().getUnspecifiedType().(DerivedType).getBaseType().getSize().maximum(1) + } + } + + class ArrayBufferAccess extends BufferAccess, ArrayExpr { + override predicate hasABuffer(Expr buffer, Expr size, int sizeMult) { + buffer = this.getArrayBase() and + size = this.getArrayOffset() and + sizeMult = + buffer.getType().getUnspecifiedType().(DerivedType).getBaseType().getSize().maximum(1) + } } /** * A `FunctionCall` to a `BufferAccessLibraryFunction` that provides predicates for * reasoning about buffer overflow and other buffer access violations. */ - class BufferAccessLibraryFunctionCall extends FunctionCall { + class BufferAccessLibraryFunctionCall extends FunctionCall, BufferAccess { BufferAccessLibraryFunctionCall() { this.getTarget() instanceof BufferAccessLibraryFunction } + override predicate hasABuffer(Expr buffer, Expr size, int sizeMult) { + buffer = this.getWriteArg() and + size = this.getWriteSizeArg(sizeMult) + or + buffer = this.getReadArg() and + size = this.getReadSizeArg(sizeMult) + } + Expr getReadArg() { result = this.getArgument(this.getTarget().(BufferAccessLibraryFunction).getReadParamIndex()) } @@ -431,11 +541,25 @@ module OOB { } int getReadSizeArgMult() { - result = this.getTarget().(BufferAccessLibraryFunction).getReadParamElementSize(_) + result = + this.getTarget().(BufferAccessLibraryFunction).getReadParamElementSize(_) * + getSizeMultArgValue() } int getWriteSizeArgMult() { - result = this.getTarget().(BufferAccessLibraryFunction).getWriteParamElementSize(_) + result = + this.getTarget().(BufferAccessLibraryFunction).getWriteParamElementSize(_) * + getSizeMultArgValue() + } + + int getSizeMultArgValue() { + exists(int i | + this.getTarget().(BufferAccessLibraryFunction).getASizeMultParameterIndex(i) and + result = this.getArgument(i).getValue().toInt() + ) + or + not this.getTarget().(BufferAccessLibraryFunction).getASizeMultParameterIndex(_) and + result = 1 } } @@ -610,7 +734,7 @@ module OOB { * A `PointerToObjectSource` which is an `AddressOfExpr` to a variable * that is not a field or pointer type. */ - class AddressOfExprSource extends PointerToObjectSource, AddressOfExpr { + class AddressOfExprSource extends PointerToObjectSource instanceof AddressOfExpr { AddressOfExprSource() { exists(Variable v | v = this.getOperand().(VariableAccess).getTarget() and @@ -623,7 +747,9 @@ module OOB { override Expr getSizeExpr() { none() } - override int getFixedSize() { result = min(this.getOperand().getType().getSize()) } + override int getFixedSize() { + result = min(this.(AddressOfExpr).getOperand().getType().getSize()) + } override predicate isNotNullTerminated() { none() } } @@ -634,6 +760,7 @@ module OOB { class StaticBufferAccessSource extends PointerToObjectSource instanceof VariableAccess { StaticBufferAccessSource() { not this.getTarget() instanceof Field and + not this.getTarget().getUnspecifiedType() instanceof PointerType and this.getTarget().getUnderlyingType().(ArrayType).getSize() > 0 } @@ -646,10 +773,54 @@ module OOB { } override predicate isNotNullTerminated() { - exists(CharArrayInitializedWithStringLiteral cl | - cl = this.(VariableAccess).getTarget().getInitializer().getExpr() and - cl.getContainerLength() <= cl.getStringLiteralLength() + // StringLiteral::getOriginalLength uses Expr::getValue, which implicitly truncates string literal + // values to the length fitting the buffer they are assigned to, thus breaking the 'obvious' check. + exists(CharArrayInitializedWithStringLiteral init | + init = this.(VariableAccess).getTarget().getInitializer().getExpr() and + init.getStringLiteralLength() + 1 > init.getContainerLength() + ) + or + // if the buffer is not initialized and does not have any memset call zeroing it, it is not null-terminated. + // note that this heuristic does not evaluate the order of the memset calls made and whether they dominate + // any use of the buffer by functions requiring it to be null-terminated. + ( + this.(VariableAccess).getTarget().getUnspecifiedType().(ArrayType).getBaseType() instanceof + PlainCharType + or + this.(VariableAccess).getTarget().getUnspecifiedType().(ArrayType).getBaseType() instanceof + Wchar_t + ) and + not this.(VariableAccess).getTarget() instanceof GlobalVariable and + not exists(this.(VariableAccess).getTarget().getInitializer()) and + not exists(FunctionCall memset, Expr destBuffer | + ( + destBuffer = memset.(MemsetBA).getBuffer(_, _) + or + memset.getTarget().getName() = getNameOrInternalName("memset") and + destBuffer = memset.getArgument(0) + ) and + memset.getArgument(1).getValue().toInt() = 0 and + this.(VariableAccess).getTarget().getAnAccess() = destBuffer + ) and + // exclude any BufferAccessLibraryFunction that writes to the buffer and does not require + // a null-terminated buffer argument for its write argument + not exists( + BufferAccessLibraryFunctionCall fc, BufferAccessLibraryFunction f, int writeParamIndex + | + f = fc.getTarget() and + writeParamIndex = f.getWriteParamIndex() and + not f.getANullTerminatedParameterIndex(writeParamIndex) and + fc.getArgument(writeParamIndex) = this.(VariableAccess).getTarget().getAnAccess() + ) and + // exclude any buffers that have an assignment, deref, or array expr with a zero constant + // note: heuristically implemented using getAChild*() + not exists(AssignExpr assign | + assign.getRValue().getValue().toInt() = 0 and + assign.getLValue().getAChild*() = this.(VariableAccess).getTarget().getAnAccess() ) + // note: the case of initializers that are not string literals and non-zero constants is not handled here. + // e.g. char buf[10] = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10}; (not null-terminated) + // char buf[10] = { 1 }; (not null-terminated) } } @@ -664,7 +835,12 @@ module OOB { override Expr getSizeExpr() { none() } - override int getFixedSize() { result = this.(StringLiteral).getOriginalLength() } + override int getFixedSize() { + // (length of the string literal + null terminator) * (size of the base type) + result = + this.(StringLiteral).getOriginalLength() * + this.(StringLiteral).getUnderlyingType().(DerivedType).getBaseType().getSize() + } override predicate isNotNullTerminated() { none() } } @@ -684,8 +860,11 @@ module OOB { } override predicate isSink(DataFlow::Node sink) { - exists(BufferAccessLibraryFunctionCall call, Expr arg | - arg = call.getAnArgument() and + exists(BufferAccess ba, Expr arg | + ( + arg = ba.(BufferAccessLibraryFunctionCall).getAnArgument() or + arg = ba.getARelevantExpr() + ) and ( sink.asExpr() = arg or @@ -708,11 +887,9 @@ module OOB { ) ) or - // remove flow from `src` to `dst` in memcpy - exists(FunctionCall fc | - fc.getTarget().getName() = getNameOrInternalName("memcpy") and - node.asExpr() = fc.getArgument(1).getAChild*() - ) + // remove flow from `src` to `dst` in a buffer access function call + // the standard library models such flow through functions such as memcpy, strcpy, etc. + exists(BufferAccessLibraryFunctionCall fc | node.asExpr() = fc.getReadArg().getAChild*()) } } @@ -783,7 +960,7 @@ module OOB { predicate sizeExprNonComputableSize( Expr bufferSizeArg, Expr alloc, Expr allocSize, Expr allocSizeBase, int offset ) { - bufferSizeArg = any(BufferAccessLibraryFunctionCall call).getAnArgument() and + bufferSizeArg = any(BufferAccess access).getARelevantExpr() and not sizeExprComputableSize(bufferSizeArg, alloc, _) and allocSize = alloc.(DynamicAllocationSource).getSizeExprSource(allocSizeBase, offset) and hasFlowFromBufferOrSizeExprToUse(allocSize, bufferSizeArg) @@ -803,44 +980,99 @@ module OOB { * Returns '1' if `arg` refers to the number of characters excluding a null terminator, * otherwise '0' if `arg` refers to the number of characters including a null terminator. */ - private int argNumCharactersOffset(BufferAccessLibraryFunctionCall fc, Expr arg) { + private int argNumCharactersOffset(BufferAccess fc, Expr arg) { if isArgNumCharacters(fc, arg) then result = 1 else result = 0 } /** - * Holds if the call `fc` results in a buffer overflow due to a size argument - * being greater in size than the buffer size being read from or written to. + * Holds if the call `fc` may result in an invalid buffer access due a read buffer being bigger + * than the write buffer. This heuristic is useful for cases such as strcpy(dst, src). */ - predicate isSizeArgGreaterThanBufferSize( - Expr bufferArg, Expr sizeArg, int computedBufferSize, int computedSizeAccessed, + predicate isReadBufferSizeGreaterThanWriteBufferSize( + Expr readBuffer, Expr writeBuffer, int readBufferSize, int writeBufferSize, BufferAccessLibraryFunctionCall fc ) { - exists(float sizeMult, int bufferArgSize, int sizeArgValue, PointerToObjectSource bufferSource | + readBuffer = fc.getReadArg() and + writeBuffer = fc.getWriteArg() and + exists(int readSizeMult, int writeSizeMult, int readBufferSizeBase, int writeBufferSizeBase | + bufferUseComputableBufferSize(readBuffer, _, readBufferSizeBase) and + bufferUseComputableBufferSize(writeBuffer, _, writeBufferSizeBase) and + readSizeMult = fc.getReadSizeArgMult() and + writeSizeMult = fc.getWriteSizeArgMult() and + readBufferSize = readBufferSizeBase - readSizeMult * getArithmeticOffsetValue(readBuffer) and + writeBufferSize = writeBufferSizeBase - writeSizeMult * getArithmeticOffsetValue(writeBuffer) and + readBufferSize > writeBufferSize and ( - bufferArg = fc.getWriteArg() and - sizeArg = fc.getWriteSizeArg(sizeMult) - or - bufferArg = fc.getReadArg() and - sizeArg = fc.getReadSizeArg(sizeMult) - ) and + // if a size arg exists and it is computable, then it must be <= to the write buffer size + exists(fc.getWriteSizeArg(writeSizeMult)) + implies + ( + sizeExprComputableSize(fc.getWriteSizeArg(writeSizeMult), _, _) and + not exists(Expr writeSizeArg, int writeSizeArgValue | + writeSizeArg = fc.getWriteSizeArg(writeSizeMult) and + sizeExprComputableSize(writeSizeArg, _, writeSizeArgValue) and + writeSizeMult.(float) * + (writeSizeArgValue + argNumCharactersOffset(fc, writeSizeArg)).(float) <= + writeBufferSize + ) + ) + ) + ) + } + + /** + * Holds if the BufferAccess `bufferAccess` results in a buffer overflow due to a size argument + * or buffer access offset being greater in size than the buffer size being accessed or written to. + */ + predicate isSizeArgGreaterThanBufferSize( + Expr bufferArg, Expr sizeArg, PointerToObjectSource bufferSource, int computedBufferSize, + int computedSizeAccessed, BufferAccess bufferAccess + ) { + exists(float sizeMult, int bufferArgSize, int sizeArgValue | + bufferAccess.hasABuffer(bufferArg, sizeArg, sizeMult) and bufferUseComputableBufferSize(bufferArg, bufferSource, bufferArgSize) and + // If the bufferArg is an access of a static buffer, do not look for "long distance" sources + (bufferArg instanceof StaticBufferAccessSource implies bufferSource = bufferArg) and sizeExprComputableSize(sizeArg, _, sizeArgValue) and - computedBufferSize = sizeMult.(float) * (bufferArgSize - getArithmeticOffsetValue(bufferArg)) and + computedBufferSize = bufferArgSize - sizeMult.(float) * getArithmeticOffsetValue(bufferArg) and computedSizeAccessed = - sizeMult.(float) * (sizeArgValue + argNumCharactersOffset(fc, sizeArg)).(float) and + sizeMult.(float) * (sizeArgValue + argNumCharactersOffset(bufferAccess, sizeArg)).(float) and computedBufferSize < computedSizeAccessed ) } /** - * Holds if the call `fc` may result in a buffer overflow due to a positive offset - * from a pattern used for calculating the size of the buffer being accessed. + * Holds if the call `fc` may result in an invalid buffer access due to a buffer argument + * being accessed at an offset that is greater than the size of the buffer. */ - predicate isBufferSizeOffsetOfGVN( - Expr bufferArg, Expr bufferSizeArg, int sourceSizeExprOffset, int sizeMult, int sizeArgOffset, - int bufferArgOffset, BufferAccessLibraryFunctionCall fc + predicate isBufferOffsetGreaterThanBufferSize( + Expr bufferArg, int bufferArgOffset, int bufferSize, BufferAccessLibraryFunctionCall fc ) { - exists(DynamicAllocationSource source, Expr sourceSizeExpr, Expr sourceSizeExprBase | + exists(int bufferElementSize | + ( + bufferArg = fc.getReadArg() and + bufferElementSize = fc.getReadSizeArgMult() + or + bufferArg = fc.getWriteArg() and + bufferElementSize = fc.getWriteSizeArgMult() + ) and + bufferUseComputableBufferSize(bufferArg, _, bufferSize) and + bufferArgOffset = getArithmeticOffsetValue(bufferArg) * bufferElementSize and + bufferArgOffset >= bufferSize + ) + } + + /** + * Holds if the BufferAccess is accessed with a `base + accessOffset` on a buffer that was + * allocated a size of the form `base + allocationOffset`. + */ + predicate isGVNOffsetGreaterThanBufferSize( + Expr bufferArg, Expr bufferSizeArg, Expr sourceSizeExpr, int sourceSizeExprOffset, + int sizeArgOffset, BufferAccessLibraryFunctionCall fc + ) { + exists( + DynamicAllocationSource source, Expr sourceSizeExprBase, int bufferArgOffset, int sizeMult + | ( bufferArg = fc.getWriteArg() and bufferSizeArg = fc.getWriteSizeArg(sizeMult) @@ -876,40 +1108,72 @@ module OOB { /** * Holds if the call `fc` may result in an invalid buffer access due to a standard library function - * receiving a non-null terminated buffer as a buffer argument and reading past the end of the buffer. + * receiving a non-null terminated buffer as a buffer argument and accessing it. */ - predicate isNullTerminatorMissingFromBufferArg( - Expr bufferArg, PointerToObjectSource source, BufferAccessLibraryFunctionCall fc + predicate isNullTerminatorMissingFromArg( + Expr arg, PointerToObjectSource source, BufferAccessLibraryFunctionCall fc ) { - exists(int i | + exists(int i, Expr argChild | fc.getTarget().(BufferAccessLibraryFunction).getANullTerminatedParameterIndex(i) and - fc.getArgument(i) = bufferArg and + fc.getArgument(i) = arg and source.isNotNullTerminated() and - hasFlowFromBufferOrSizeExprToUse(source, bufferArg.getAChild*()) + argChild = arg.getAChild*() and + // ignore cases like strcpy(irrelevant_func(non_null_terminated_str, ...), src) + not exists(FunctionCall other | + not other = fc and + other.getAnArgument().getAChild*() = argChild + ) and + hasFlowFromBufferOrSizeExprToUse(source, argChild) ) } - /** - * Holds if the call `fc` may result in an invalid buffer access due a read buffer being bigger - * than the write buffer. This heuristic is useful for cases such as strcpy(dst, src). - */ - predicate isReadBufferSizeGreaterThanWriteBufferSize( - Expr readBuffer, Expr writeBuffer, SimpleStringLibraryFunctionCall fc + predicate isSizeArgNotCheckedLessThanFixedBufferSize( + Expr bufferArg, Expr sizeArg, PointerToObjectSource bufferSource, int bufferArgSize, + BufferAccess bufferAccess, int sizeArgUpperBound, int sizeMult ) { - readBuffer = fc.getReadArg() and - writeBuffer = fc.getWriteArg() and - exists(int readBufferSize, int writeBufferSize | - bufferUseComputableBufferSize(readBuffer, _, readBufferSize) and - bufferUseComputableBufferSize(writeBuffer, _, writeBufferSize) and - readBufferSize + getArithmeticOffsetValue(readBuffer) > - writeBufferSize - getArithmeticOffsetValue(writeBuffer) + bufferAccess.hasABuffer(bufferArg, sizeArg, sizeMult) and + bufferUseComputableBufferSize(bufferArg, bufferSource, bufferArgSize) and + // If the bufferArg is an access of a static buffer, do not look for "long distant" sources + (bufferArg instanceof StaticBufferAccessSource implies bufferSource = bufferArg) and + // Not a size expression for which we can compute a specific size + not sizeExprComputableSize(sizeArg, _, _) and + // Range analysis considers the upper bound to be larger than the buffer size + sizeArgUpperBound = upperBound(sizeArg) and + // Ignore bitwise & operations + not sizeArg instanceof BitwiseAndExpr and + sizeArgUpperBound * sizeMult > bufferArgSize and + // There isn't a relational operation guarding this access that seems to check the + // upper bound against a plausible terminal value + not exists(RelationalOperation relOp, Expr checkedUpperBound | + globalValueNumber(relOp.getLesserOperand()) = globalValueNumber(sizeArg) and + checkedUpperBound = relOp.getGreaterOperand() and + // There's no closer inferred bounds - otherwise we let range analysis check it + upperBound(checkedUpperBound) = exprMaxVal(checkedUpperBound) + ) + } + + predicate isSizeArgNotCheckedGreaterThanZero( + Expr bufferArg, Expr sizeArg, PointerToObjectSource bufferSource, BufferAccess bufferAccess + ) { + exists(float sizeMult | + bufferAccess.hasABuffer(bufferArg, sizeArg, sizeMult) and + ( + bufferUseComputableBufferSize(bufferArg, bufferSource, _) or + bufferUseNonComputableSize(bufferArg, bufferSource) + ) and + // Not a size expression for which we can compute a specific size + not sizeExprComputableSize(sizeArg, _, _) and + // If the lower bound is less than zero, taking into account any offsets + lowerBound(sizeArg) + getArithmeticOffsetValue(bufferArg) < 0 ) } private string bufferArgType(BufferAccessLibraryFunctionCall fc, Expr bufferArg) { - fc.getReadArg() = bufferArg and result = "read buffer" + fc.getReadArg() = bufferArg and + result = "read buffer" or - fc.getWriteArg() = bufferArg and result = "write buffer" + fc.getWriteArg() = bufferArg and + result = "write buffer" } predicate problems( @@ -917,33 +1181,53 @@ module OOB { Expr sizeOrOtherBufferArg, string otherStr ) { exists(int bufferArgSize, int sizeArgValue | - isSizeArgGreaterThanBufferSize(bufferArg, sizeOrOtherBufferArg, bufferArgSize, sizeArgValue, - fc) and + isSizeArgGreaterThanBufferSize(bufferArg, sizeOrOtherBufferArg, _, bufferArgSize, + sizeArgValue, fc) and bufferArgStr = bufferArgType(fc, bufferArg) and message = "The size of the $@ passed to " + fc.getTarget().getName() + " is " + bufferArgSize + " bytes, but the " + "$@ is " + sizeArgValue + " bytes." and otherStr = "size argument" + or + isBufferOffsetGreaterThanBufferSize(bufferArg, sizeArgValue, bufferArgSize, fc) and + bufferArgStr = bufferArgType(fc, bufferArg) and + message = + "The $@ passed to " + fc.getTarget().getName() + " is " + bufferArgSize + + " bytes, but an offset of " + sizeArgValue + " bytes is used to access it." and + otherStr = "" and + sizeOrOtherBufferArg = bufferArg ) or isMandatoryBufferArgNull(bufferArg, fc) and message = "The $@ passed to " + fc.getTarget().getName() + " is null." and - bufferArgStr = bufferArgType(fc, bufferArg) and + bufferArgStr = "argument" and otherStr = "" and sizeOrOtherBufferArg = bufferArg or - isNullTerminatorMissingFromBufferArg(bufferArg, _, fc) and - message = "The $@ passed to " + fc.getTarget().getName() + " is not null terminated." and - bufferArgStr = bufferArgType(fc, bufferArg) and + isNullTerminatorMissingFromArg(bufferArg, _, fc) and + message = "The $@ passed to " + fc.getTarget().getName() + " might not be null-terminated." and + bufferArgStr = "argument" and otherStr = "" and sizeOrOtherBufferArg = bufferArg or - isReadBufferSizeGreaterThanWriteBufferSize(bufferArg, sizeOrOtherBufferArg, fc) and - message = - "The size of the $@ passed to " + fc.getTarget().getName() + " is greater than the " + - "size of the $@." and - bufferArgStr = "read buffer" and - otherStr = "write buffer" - // ADD IN GVN + exists(int readBufferSize, int writeBufferSize | + isReadBufferSizeGreaterThanWriteBufferSize(bufferArg, sizeOrOtherBufferArg, readBufferSize, + writeBufferSize, fc) and + message = + "The size of the $@ passed to " + fc.getTarget().getName() + " is " + readBufferSize + + " bytes, but the size of the $@ is only " + writeBufferSize + " bytes." and + bufferArgStr = "read buffer" and + otherStr = "write buffer" + ) + or + exists(int accessOffset, Expr source | + isGVNOffsetGreaterThanBufferSize(bufferArg, _, source, _, accessOffset, fc) and + message = + "The $@ passed to " + fc.getTarget().getName() + " is accessed at an excessive offset of " + + accessOffset + " element(s) from the $@." and + bufferArgStr = bufferArgType(fc, bufferArg) and + sizeOrOtherBufferArg = source and + otherStr = "allocation size base" + ) } } From 4766e4d116996b32e0fa4ed4f7c8cda889437ff2 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Wed, 5 Apr 2023 21:41:04 +0200 Subject: [PATCH 0970/2573] Correct OutOfBounds.qll format --- c/common/src/codingstandards/c/OutOfBounds.qll | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/c/common/src/codingstandards/c/OutOfBounds.qll b/c/common/src/codingstandards/c/OutOfBounds.qll index 44a0608b15..c72333165f 100644 --- a/c/common/src/codingstandards/c/OutOfBounds.qll +++ b/c/common/src/codingstandards/c/OutOfBounds.qll @@ -643,8 +643,7 @@ module OOB { } class DynamicAllocationSource extends PointerToObjectSource instanceof AllocationExpr, - FunctionCall - { + FunctionCall { DynamicAllocationSource() { // exclude OperatorNewAllocationFunction to only deal with raw malloc-style calls, // which do not apply a multiple to the size of the allocation passed to them. From 2696ef952a95c77af468a9324711d185007aa09d Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Wed, 5 Apr 2023 21:42:19 +0200 Subject: [PATCH 0971/2573] Update DoNotFormOutOfBoundsPointersOrArraySubscripts.md --- ...ormOutOfBoundsPointersOrArraySubscripts.md | 473 +++++++++++++++++- 1 file changed, 471 insertions(+), 2 deletions(-) diff --git a/c/cert/src/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.md b/c/cert/src/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.md index 70ecd9180e..221b008786 100644 --- a/c/cert/src/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.md +++ b/c/cert/src/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.md @@ -3,9 +3,478 @@ This query implements the CERT-C rule ARR30-C: > Do not form or use out-of-bounds pointers or array subscripts -## CERT -** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` ** + +## Description + +The C Standard identifies the following distinct situations in which undefined behavior (UB) can arise as a result of invalid pointer operations: + +
    UB Description Example Code
    46 Addition or subtraction of a pointer into, or just beyond, an array object and an integer type produces a result that does not point into, or just beyond, the same array object. Forming Out-of-Bounds Pointer , Null Pointer Arithmetic
    47 Addition or subtraction of a pointer into, or just beyond, an array object and an integer type produces a result that points just beyond the array object and is used as the operand of a unary \* operator that is evaluated. Dereferencing Past the End Pointer , Using Past the End Index
    49 An array subscript is out of range, even if an object is apparently accessible with the given subscript, for example, in the lvalue expression a\[1\]\[7\] given the declaration int a\[4\]\[5\] ). Apparently Accessible Out-of-Range Index
    62 An attempt is made to access, or generate a pointer to just past, a flexible array member of a structure when the referenced object provides no elements for that array. Pointer Past Flexible Array Member
    + + +## Noncompliant Code Example (Forming Out-of-Bounds Pointer) + +In this noncompliant code example, the function `f()` attempts to validate the `index` before using it as an offset to the statically allocated `table` of integers. However, the function fails to reject negative `index` values. When `index` is less than zero, the behavior of the addition expression in the return statement of the function is [undefined behavior 46](https://wiki.sei.cmu.edu/confluence/display/c/CC.+Undefined+Behavior#CC.UndefinedBehavior-ub_46). On some implementations, the addition alone can trigger a hardware trap. On other implementations, the addition may produce a result that when dereferenced triggers a hardware trap. Other implementations still may produce a dereferenceable pointer that points to an object distinct from `table`. Using such a pointer to access the object may lead to information exposure or cause the wrong object to be modified. + +```cpp +enum { TABLESIZE = 100 }; + +static int table[TABLESIZE]; + +int *f(int index) { + if (index < TABLESIZE) { + return table + index; + } + return NULL; +} + +``` + +## Compliant Solution + +One compliant solution is to detect and reject invalid values of `index` if using them in pointer arithmetic would result in an invalid pointer: + +```cpp +enum { TABLESIZE = 100 }; + +static int table[TABLESIZE]; + +int *f(int index) { + if (index >= 0 && index < TABLESIZE) { + return table + index; + } + return NULL; +} + +``` + +## Compliant Solution + +Another slightly simpler and potentially more efficient compliant solution is to use an unsigned type to avoid having to check for negative values while still rejecting out-of-bounds positive values of `index`: + +```cpp +#include + +enum { TABLESIZE = 100 }; + +static int table[TABLESIZE]; + +int *f(size_t index) { + if (index < TABLESIZE) { + return table + index; + } + return NULL; +} + +``` + +## Noncompliant Code Example (Dereferencing Past-the-End Pointer) + +This noncompliant code example shows the flawed logic in the Windows Distributed Component Object Model (DCOM) Remote Procedure Call (RPC) interface that was exploited by the W32.Blaster.Worm. The error is that the `while` loop in the `GetMachineName()` function (used to extract the host name from a longer string) is not sufficiently bounded. When the character array pointed to by `pwszTemp` does not contain the backslash character among the first `MAX_COMPUTERNAME_LENGTH_FQDN + 1` elements, the final valid iteration of the loop will dereference past the end pointer, resulting in exploitable [undefined behavior 47](https://wiki.sei.cmu.edu/confluence/display/c/CC.+Undefined+Behavior#CC.UndefinedBehavior-ub_47). In this case, the actual exploit allowed the attacker to inject executable code into a running program. Economic damage from the Blaster worm has been estimated to be at least $525 million \[[Pethia 2003](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-Pethia03)\]. + +For a discussion of this programming error in the Common Weakness Enumeration database, see [CWE-119](http://cwe.mitre.org/data/definitions/119.html), "Improper Restriction of Operations within the Bounds of a Memory Buffer," and [CWE-121](http://cwe.mitre.org/data/definitions/121.html), "Stack-based Buffer Overflow" \[[MITRE 2013](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-MITRE)\]. + +```cpp +error_status_t _RemoteActivation( + /* ... */, WCHAR *pwszObjectName, ... ) { + *phr = GetServerPath( + pwszObjectName, &pwszObjectName); + /* ... */ +} + +HRESULT GetServerPath( + WCHAR *pwszPath, WCHAR **pwszServerPath ){ + WCHAR *pwszFinalPath = pwszPath; + WCHAR wszMachineName[MAX_COMPUTERNAME_LENGTH_FQDN+1]; + hr = GetMachineName(pwszPath, wszMachineName); + *pwszServerPath = pwszFinalPath; +} + +HRESULT GetMachineName( + WCHAR *pwszPath, + WCHAR wszMachineName[MAX_COMPUTERNAME_LENGTH_FQDN+1]) +{ + pwszServerName = wszMachineName; + LPWSTR pwszTemp = pwszPath + 2; + while (*pwszTemp != L'\\') + *pwszServerName++ = *pwszTemp++; + /* ... */ +} + +``` + +## Compliant Solution + +In this compliant solution, the `while` loop in the `GetMachineName()` function is bounded so that the loop terminates when a backslash character is found, the null-termination character (`L'\0'`) is discovered, or the end of the buffer is reached. Or, as coded, the while loop continues as long as each character is neither a backslash nor a null character and is not at the end of the buffer. This code does not result in a buffer overflow even if no backslash character is found in `wszMachineName`. + +```cpp +HRESULT GetMachineName( + wchar_t *pwszPath, + wchar_t wszMachineName[MAX_COMPUTERNAME_LENGTH_FQDN+1]) +{ + wchar_t *pwszServerName = wszMachineName; + wchar_t *pwszTemp = pwszPath + 2; + wchar_t *end_addr + = pwszServerName + MAX_COMPUTERNAME_LENGTH_FQDN; + while ((*pwszTemp != L'\\') && + (*pwszTemp != L'\0') && + (pwszServerName < end_addr)) + { + *pwszServerName++ = *pwszTemp++; + } + + /* ... */ +} + +``` +This compliant solution is for illustrative purposes and is not necessarily the solution implemented by Microsoft. This particular solution may not be correct because there is no guarantee that a backslash is found. + +## Noncompliant Code Example (Using Past-the-End Index) + +Similar to the [dereferencing-past-the-end-pointer](https://wiki.sei.cmu.edu/confluence/display/c/ARR30-C.+Do+not+form+or+use+out-of-bounds+pointers+or+array+subscripts#ARR30C.Donotformoruseoutofboundspointersorarraysubscripts-DereferencingPasttheEndPointer) error, the function `insert_in_table()` in this noncompliant code example uses an otherwise valid index to attempt to store a value in an element just past the end of an array. + +First, the function incorrectly validates the index `pos` against the size of the buffer. When `pos` is initially equal to `size`, the function attempts to store `value` in a memory location just past the end of the buffer. + +Second, when the index is greater than `size`, the function modifies `size` before growing the size of the buffer. If the call to `realloc()` fails to increase the size of the buffer, the next call to the function with a value of `pos` equal to or greater than the original value of `size` will again attempt to store `value` in a memory location just past the end of the buffer or beyond. + +Third, the function violates [INT30-C. Ensure that unsigned integer operations do not wrap](https://wiki.sei.cmu.edu/confluence/display/c/INT30-C.+Ensure+that+unsigned+integer+operations+do+not+wrap), which could lead to wrapping when 1 is added to `pos` or when `size` is multiplied by the size of `int`. + +For a discussion of this programming error in the Common Weakness Enumeration database, see [CWE-122](http://cwe.mitre.org/data/definitions/122.html), "Heap-based Buffer Overflow," and [CWE-129](http://cwe.mitre.org/data/definitions/129.html), "Improper Validation of Array Index" \[[MITRE 2013](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-MITRE)\]. + +```cpp +#include + +static int *table = NULL; +static size_t size = 0; + +int insert_in_table(size_t pos, int value) { + if (size < pos) { + int *tmp; + size = pos + 1; + tmp = (int *)realloc(table, sizeof(*table) * size); + if (tmp == NULL) { + return -1; /* Failure */ + } + table = tmp; + } + + table[pos] = value; + return 0; +} + +``` + +## Compliant Solution + +This compliant solution correctly validates the index `pos` by using the `<=` relational operator, ensures the multiplication will not overflow, and avoids modifying `size` until it has verified that the call to `realloc()` was successful: + +```cpp +#include +#include + +static int *table = NULL; +static size_t size = 0; + +int insert_in_table(size_t pos, int value) { + if (size <= pos) { + if ((SIZE_MAX - 1 < pos) || + ((pos + 1) > SIZE_MAX / sizeof(*table))) { + return -1; + } + + int *tmp = (int *)realloc(table, sizeof(*table) * (pos + 1)); + if (tmp == NULL) { + return -1; + } + /* Modify size only after realloc() succeeds */ + size = pos + 1; + table = tmp; + } + + table[pos] = value; + return 0; +} + +``` + +## Noncompliant Code Example (Apparently Accessible Out-of-Range Index) + +This noncompliant code example declares `matrix` to consist of 7 rows and 5 columns in row-major order. The function `init_matrix` iterates over all 35 elements in an attempt to initialize each to the value given by the function argument `x`. However, because multidimensional arrays are declared in C in row-major order, the function iterates over the elements in column-major order, and when the value of `j` reaches the value `COLS` during the first iteration of the outer loop, the function attempts to access element `matrix[0][5]`. Because the type of `matrix` is `int[7][5]`, the `j` subscript is out of range, and the access has [undefined behavior 49](https://wiki.sei.cmu.edu/confluence/display/c/CC.+Undefined+Behavior#CC.UndefinedBehavior-ub_49). + +```cpp +#include +#define COLS 5 +#define ROWS 7 +static int matrix[ROWS][COLS]; + +void init_matrix(int x) { + for (size_t i = 0; i < COLS; i++) { + for (size_t j = 0; j < ROWS; j++) { + matrix[i][j] = x; + } + } +} + +``` + +## Compliant Solution + +This compliant solution avoids using out-of-range indices by initializing `matrix` elements in the same row-major order as multidimensional objects are declared in C: + +```cpp +#include +#define COLS 5 +#define ROWS 7 +static int matrix[ROWS][COLS]; + +void init_matrix(int x) { + for (size_t i = 0; i < ROWS; i++) { + for (size_t j = 0; j < COLS; j++) { + matrix[i][j] = x; + } + } +} + +``` + +## Noncompliant Code Example (Pointer Past Flexible Array Member) + +In this noncompliant code example, the function `find()` attempts to iterate over the elements of the flexible array member `buf`, starting with the second element. However, because function `g()` does not allocate any storage for the member, the expression `first++` in `find()` attempts to form a pointer just past the end of `buf` when there are no elements. This attempt is [undefined behavior 62](https://wiki.sei.cmu.edu/confluence/display/c/CC.+Undefined+Behavior#CC.UndefinedBehavior-ub_62). (See [MSC21-C. Use robust loop termination conditions](https://wiki.sei.cmu.edu/confluence/display/c/MSC21-C.+Use+robust+loop+termination+conditions) for more information.) + +```cpp +#include + +struct S { + size_t len; + char buf[]; /* Flexible array member */ +}; + +const char *find(const struct S *s, int c) { + const char *first = s->buf; + const char *last = s->buf + s->len; + + while (first++ != last) { /* Undefined behavior */ + if (*first == (unsigned char)c) { + return first; + } + } + return NULL; +} + +void g(void) { + struct S *s = (struct S *)malloc(sizeof(struct S)); + if (s == NULL) { + /* Handle error */ + } + s->len = 0; + find(s, 'a'); +} +``` + +## Compliant Solution + +This compliant solution avoids incrementing the pointer unless a value past the pointer's current value is known to exist: + +```cpp +#include + +struct S { + size_t len; + char buf[]; /* Flexible array member */ +}; + +const char *find(const struct S *s, int c) { + const char *first = s->buf; + const char *last = s->buf + s->len; + + while (first != last) { /* Avoid incrementing here */ + if (*++first == (unsigned char)c) { + return first; + } + } + return NULL; +} + +void g(void) { + struct S *s = (struct S *)malloc(sizeof(struct S)); + if (s == NULL) { + /* Handle error */ + } + s->len = 0; + find(s, 'a'); +} +``` + +## Noncompliant Code Example (Null Pointer Arithmetic) + +This noncompliant code example is similar to an [Adobe Flash Player vulnerability](http://www.iss.net/threats/289.html) that was first exploited in 2008. This code allocates a block of memory and initializes it with some data. The data does not belong at the beginning of the block, which is left uninitialized. Instead, it is placed `offset` bytes within the block. The function ensures that the data fits within the allocated block. + +```cpp +#include +#include + +char *init_block(size_t block_size, size_t offset, + char *data, size_t data_size) { + char *buffer = malloc(block_size); + if (data_size > block_size || block_size - data_size < offset) { + /* Data won't fit in buffer, handle error */ + } + memcpy(buffer + offset, data, data_size); + return buffer; +} +``` +This function fails to check if the allocation succeeds, which is a violation of [ERR33-C. Detect and handle standard library errors](https://wiki.sei.cmu.edu/confluence/display/c/ERR33-C.+Detect+and+handle+standard+library+errors). If the allocation fails, then `malloc()` returns a null pointer. The null pointer is added to `offset` and passed as the destination argument to `memcpy()`. Because a null pointer does not point to a valid object, the result of the pointer arithmetic is [undefined behavior 46](https://wiki.sei.cmu.edu/confluence/display/c/CC.+Undefined+Behavior#CC.UndefinedBehavior-ub_46). + +An attacker who can supply the arguments to this function can exploit it to execute arbitrary code. This can be accomplished by providing an overly large value for `block_size`, which causes `malloc()` to fail and return a null pointer. The `offset` argument will then serve as the destination address to the call to `memcpy()`. The attacker can specify the `data` and `data_size` arguments to provide the address and length of the address, respectively, that the attacker wishes to write into the memory referenced by `offset`. The overall result is that the call to `memcpy()` can be exploited by an attacker to overwrite an arbitrary memory location with an attacker-supplied address, typically resulting in arbitrary code execution. + +## Compliant Solution (Null Pointer Arithmetic) + +This compliant solution ensures that the call to `malloc()` succeeds: + +```cpp +#include +#include + +char *init_block(size_t block_size, size_t offset, + char *data, size_t data_size) { + char *buffer = malloc(block_size); + if (NULL == buffer) { + /* Handle error */ + } + if (data_size > block_size || block_size - data_size < offset) { + /* Data won't fit in buffer, handle error */ + } + memcpy(buffer + offset, data, data_size); + return buffer; +} + +``` + +## Risk Assessment + +Writing to out-of-range pointers or array subscripts can result in a buffer overflow and the execution of arbitrary code with the permissions of the vulnerable process. Reading from out-of-range pointers or array subscripts can result in unintended information disclosure. + +
    Rule Severity Likelihood Remediation Cost Priority Level
    ARR30-C High Likely High P9 L2
    + + +## Automated Detection + +
    Tool Version Checker Description
    Astrée 22.04 array-index-rangearray-index-range-constantnull-dereferencingpointered-deallocation return-reference-local Partially checked Can detect all accesses to invalid pointers as well as array index out-of-bounds accesses and prove their absence. This rule is only partially checked as invalid but unused pointers may not be reported.
    Axivion Bauhaus Suite 7.2.0 CertC-ARR30 Can detect out-of-bound access to array / buffer
    CodeSonar 7.3p0 LANG.MEM.BO LANG.MEM.BU LANG.MEM.TBA LANG.MEM.TO LANG.MEM.TULANG.STRUCT.PARITH LANG.STRUCT.PBB LANG.STRUCT.PPE BADFUNC.BO.\* Buffer overrun Buffer underrun Tainted buffer access Type overrun Type underrun Pointer Arithmetic Pointer before beginning of object Pointer past end of object A collection of warning classes that report uses of library functions prone to internal buffer overflows.
    Compass/ROSE Could be configured to catch violations of this rule. The way to catch the noncompliant code example is to first hunt for example code that follows this pattern: for (LPWSTR pwszTemp = pwszPath + 2; \*pwszTemp != L'\\\\'; \*pwszTemp++;) In particular, the iteration variable is a pointer, it gets incremented, and the loop condition does not set an upper bound on the pointer. Once this case is handled, ROSE can handle cases like the real noncompliant code example, which is effectively the same semantics, just different syntax
    Coverity 2017.07 OVERRUN NEGATIVE_RETURNS ARRAY_VS_SINGLETON BUFFER_SIZE Can detect the access of memory past the end of a memory buffer/array Can detect when the loop bound may become negative Can detect the out-of-bound read/write to array allocated statically or dynamically Can detect buffer overflows
    Cppcheck 1.66 arrayIndexOutOfBounds, outOfBounds, negativeIndex, arrayIndexThenCheck, arrayIndexOutOfBoundsCond, possibleBufferAccessOutOfBounds Context sensitive analysis of array index, pointers, etc. Array index out of bounds Buffer overflow when calling various functions memset,strcpy,.. Warns about condition (a\[i\] == 0 && i < unknown_value) and recommends that (i < unknown_value && a\[i\] == 0) is used instead Detects unsafe code when array is accessed before/after it is tested if the array index is out of bounds
    Helix QAC 2023.1 C2840 DF2820, DF2821, DF2822, DF2823, DF2840, DF2841, DF2842, DF2843, DF2930, DF2931, DF2932, DF2933, DF2935, DF2936, DF2937, DF2938, DF2950, DF2951, DF2952, DF2953
    Klocwork 2023.1 ABV.GENERAL ABV.GENERAL.MULTIDIMENSION NPD.FUNC.CALL.MIGHT ABV.ANY_SIZE_ARRAY ABV.STACK ABV.TAINTED ABV.UNICODE.BOUND_MAP ABV.UNICODE.FAILED_MAP ABV.UNICODE.NNTS_MAP ABV.UNICODE.SELF_MAP ABV.UNKNOWN_SIZE NNTS.MIGHT NNTS.MUST NNTS.TAINTED SV.TAINTED.INDEX_ACCESS SV.TAINTED.LOOP_BOUND
    LDRA tool suite 9.7.1 45 D, 47 S, 476 S, 489 S, 64 X, 66 X, 68 X, 69 X, 70 X, 71 X , 79 X Partially implemented
    Parasoft C/C++test 2022.2 CERT_C-ARR30-a Avoid accessing arrays out of bounds
    Parasoft Insure++ Runtime analysis
    PC-lint Plus 1.4 413, 415, 416, 613, 661, 662, 676 Fully supported
    Polyspace Bug Finder R2023a CERT C: Rule ARR30-C Checks for: Array access out of boundsrray access out of bounds, pointer access out of boundsointer access out of bounds, array access with tainted indexrray access with tainted index, use of tainted pointerse of tainted pointer, pointer dereference with tainted offsetointer dereference with tainted offset. Rule partially covered.
    PRQA QA-C 9.7 2820, 2821, 2822, 2823, 2840, 2841, 2842, 2843, 2930, 2931, 2932, 2933, 2935, 2936, 2937, 2938, 2950, 2951, 2952, 2953 Partially implemented
    PRQA QA-C++ 4.4 2820, 2821, 2822, 2823, 2840, 2841, 2842, 2843, 2930, 2931, 2932, 2933, 2935, 2936, 2937, 2938, 2950, 2951, 2952, 2953 Partially implemented
    PVS-Studio 7.24 V512 , V557 , V582 , V594 , V643 , V645 , V694, V1086
    RuleChecker 22.04 array-index-range-constantreturn-reference-local Partially checked
    TrustInSoft Analyzer 1.38 index_in_address Exhaustively verified (see one compliant and one non-compliant example ).
    + + +## Related Vulnerabilities + +[CVE-2008-1517](http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-1517) results from a violation of this rule. Before Mac OSX version 10.5.7, the XNU kernel accessed an array at an unverified user-input index, allowing an attacker to execute arbitrary code by passing an index greater than the length of the array and therefore accessing outside memory \[[xorl 2009](http://xorl.wordpress.com/2009/06/09/cve-2008-1517-apple-mac-os-x-xnu-missing-array-index-validation/)\]. + +Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+ARR30-C). + +## Related Guidelines + +[Key here](https://wiki.sei.cmu.edu/confluence/display/c/How+this+Coding+Standard+is+Organized#HowthisCodingStandardisOrganized-RelatedGuidelines) (explains table format and definitions) + +
    Taxonomy Taxonomy item Relationship
    ISO/IEC TR 24772:2013 Arithmetic Wrap-Around Error \[FIF\] Prior to 2018-01-12: CERT: Unspecified Relationship
    ISO/IEC TR 24772:2013 Unchecked Array Indexing \[XYZ\] Prior to 2018-01-12: CERT: Unspecified Relationship
    ISO/IEC TS 17961 Forming or using out-of-bounds pointers or array subscripts \[invptr\] Prior to 2018-01-12: CERT: Unspecified Relationship
    CWE 2.11 CWE-119 , Improper Restriction of Operations within the Bounds of a Memory Buffer 2017-05-18: CERT: Rule subset of CWE
    CWE 2.11 CWE-123 , Write-what-where Condition 2017-05-18: CERT: Partial overlap
    CWE 2.11 CWE-125 , Out-of-bounds Read 2017-05-18: CERT: Partial overlap
    MISRA C:2012 Rule 18.1 (required) Prior to 2018-01-12: CERT: Unspecified Relationship
    + + +## CERT-CWE Mapping Notes + +[Key here](https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=87152408#HowthisCodingStandardisOrganized-CERT-CWEMappingNotes) for mapping notes + +**CWE-119 and ARR30-C** + +Independent( ARR30-C, ARR38-C, ARR32-C, INT30-C, INT31-C, EXP39-C, EXP33-C, FIO37-C) + +STR31-C = Subset( Union( ARR30-C, ARR38-C)) + +STR32-C = Subset( ARR38-C) + +CWE-119 = Union( ARR30-C, ARR38-C) + +Intersection( ARR30-C, ARR38-C) = Ø + +**CWE-394 and ARR30-C** + +Intersection( ARR30-C, CWE-394) = Ø + +CWE-394 deals with potentially-invalid function return values. Which may be used as an (invalid) array index, but validating the return value is a separate operation. + +**CWE-125 and ARR30-C** + +Independent( ARR30-C, ARR38-C, EXP39-C, INT30-C) + +STR31-C = Subset( Union( ARR30-C, ARR38-C)) + +STR32-C = Subset( ARR38-C) + +CWE-125 = Subset( CWE-119) = Union( ARR30-C, ARR38-C) + +Intersection( ARR30-C, CWE-125) = + +* Reading from an out-of-bounds array index, or off the end of an array +ARR30-C – CWE-125 = +* Writing to an out-of-bounds array index, or off the end of an array +CWE-125 – ARR30-C = +* Reading beyond a non-array buffer +* Using a library function to achieve an out-of-bounds read. +**CWE-123 and ARR30-C** + +Independent(ARR30-C, ARR38-C) + +STR31-C = Subset( Union( ARR30-C, ARR38-C)) + +STR32-C = Subset( ARR38-C) + +Intersection( CWE-123, ARR30-C) = + +* Write of arbitrary value to arbitrary (probably invalid) array index +ARR30-C – CWE-123 = +* Read of value from arbitrary (probably invalid) array index +* Construction of invalid index (pointer arithmetic) +CWE-123 – ARR30-C = +* Arbitrary writes that do not involve directly constructing an invalid array index +**CWE-129 and ARR30-C** + +Independent( ARR30-C, ARR32-C, INT31-C, INT32-C) + +ARR30-C = Union( CWE-129, list), where list = + +* Dereferencing an out-of-bounds array index, where index is a trusted value +* Forming an out-of-bounds array index, without dereferencing it, whether or not index is a trusted value. (This excludes the array’s TOOFAR index, which is one past the final element; this behavior is well-defined in C11.) +**CWE-120 and ARR30-C** + +See CWE-120 and MEM35-C + +**CWE-122 and ARR30-C** + +Intersection( ARR30-C, CWE-122) = Ø + +CWE-122 specifically addresses buffer overflows on the heap operations, which occur in the context of string-copying. ARR30 specifically addresses improper creation or references of array indices. Which might happen as part of a heap buffer overflow, but is on a lower programming level. + +**CWE-20 and ARR30-C** + +See CWE-20 and ERR34-C + +**CWE-687 and ARR30-C** + +Intersection( CWE-687, ARR30-C) = Ø + +ARR30-C is about invalid array indices which are created through pointer arithmetic, and dereferenced through an operator (\* or \[\]). Neither involve function calls, thus CWE-687 does not apply. + +**CWE-786 and ARR30-C** + +ARR30-C = Union( CWE-786, list) where list = + +* Access of memory location after end of buffer +* Construction of invalid arry reference (pointer). This does not include an out-of-bounds array index (an integer). +**CWE-789 and ARR30-C** + +Intersection( CWE-789, ARR30-C) = Ø + +CWE-789 is about allocating memory, not array subscripting + +## Bibliography + +
    \[ Finlay 2003 \]
    \[ Microsoft 2003 \]
    \[ Pethia 2003 \]
    \[ Seacord 2013b \] Chapter 1, "Running with Scissors"
    \[ Viega 2005 \] Section 5.2.13, "Unchecked Array Indexing"
    \[ xorl 2009 \] "CVE-2008-1517: Apple Mac OS X (XNU) Missing Array Index Validation"
    + ## Implementation notes From 7f766cb8ca0a90700af5cd2826ee2d7d3d7fb4a2 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Wed, 5 Apr 2023 22:33:32 +0200 Subject: [PATCH 0972/2573] Fix strncat/wcscat param definition and add rules --- .../LibraryFunctionArgumentOutOfBounds.ql | 3 +- ...ibraryFunctionArgumentOutOfBounds.expected | 4 --- .../src/codingstandards/c/OutOfBounds.qll | 11 ++++-- ...tringFunctionPointerArgumentOutOfBounds.ql | 27 ++++++++++++++ .../StringLibrarySizeArgumentOutOfBounds.ql | 35 +++++++++++++++++++ ...unctionPointerArgumentOutOfBounds.expected | 1 + ...ngFunctionPointerArgumentOutOfBounds.qlref | 1 + ...ingLibrarySizeArgumentOutOfBounds.expected | 1 + ...StringLibrarySizeArgumentOutOfBounds.qlref | 1 + rule_packages/c/OutOfBounds.json | 2 +- 10 files changed, 77 insertions(+), 9 deletions(-) create mode 100644 c/misra/src/rules/RULE-21-17/StringFunctionPointerArgumentOutOfBounds.ql create mode 100644 c/misra/src/rules/RULE-21-18/StringLibrarySizeArgumentOutOfBounds.ql create mode 100644 c/misra/test/rules/RULE-21-17/StringFunctionPointerArgumentOutOfBounds.expected create mode 100644 c/misra/test/rules/RULE-21-17/StringFunctionPointerArgumentOutOfBounds.qlref create mode 100644 c/misra/test/rules/RULE-21-18/StringLibrarySizeArgumentOutOfBounds.expected create mode 100644 c/misra/test/rules/RULE-21-18/StringLibrarySizeArgumentOutOfBounds.qlref diff --git a/c/cert/src/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.ql b/c/cert/src/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.ql index 9d6e16e16b..6b499d0282 100644 --- a/c/cert/src/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.ql +++ b/c/cert/src/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.ql @@ -1,7 +1,8 @@ /** * @id c/cert/library-function-argument-out-of-bounds * @name ARR38-C: Guarantee that library functions do not form invalid pointers - * @description + * @description Passing out-of-bounds pointers or erroneous size arguments to standard library + * functions can result in out-of-bounds accesses and other undefined behavior. * @kind problem * @precision high * @problem.severity error diff --git a/c/cert/test/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.expected b/c/cert/test/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.expected index d039a5dcf8..8cb1ff79d0 100644 --- a/c/cert/test/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.expected +++ b/c/cert/test/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.expected @@ -15,13 +15,9 @@ | test.c:153:5:153:10 | call to strcat | The $@ passed to strcat might not be null-terminated. | test.c:153:12:153:15 | buf1 | argument | test.c:153:12:153:15 | buf1 | | | test.c:158:5:158:10 | call to strcat | The size of the $@ passed to strcat is 6 bytes, but the size of the $@ is only 5 bytes. | test.c:158:24:158:30 | 12345 | read buffer | test.c:158:12:158:19 | call to get_ca_5 | write buffer | | test.c:160:5:160:10 | call to strcat | The size of the $@ passed to strcat is 5 bytes, but the size of the $@ is only 4 bytes. | test.c:160:28:160:33 | 1234 | read buffer | test.c:160:12:160:25 | ... + ... | write buffer | -| test.c:183:5:183:11 | call to wcsncat | The size of the $@ passed to wcsncat is 5 bytes, but the $@ is 20 bytes. | test.c:183:13:183:20 | call to get_ca_5 | write buffer | test.c:183:35:183:35 | 5 | size argument | | test.c:183:5:183:11 | call to wcsncat | The size of the $@ passed to wcsncat is 24 bytes, but the size of the $@ is only 5 bytes. | test.c:183:25:183:32 | 12345 | read buffer | test.c:183:13:183:20 | call to get_ca_5 | write buffer | -| test.c:184:5:184:11 | call to wcsncat | The size of the $@ passed to wcsncat is 5 bytes, but the $@ is 16 bytes. | test.c:184:13:184:20 | call to get_ca_5 | write buffer | test.c:184:34:184:34 | 4 | size argument | | test.c:184:5:184:11 | call to wcsncat | The size of the $@ passed to wcsncat is 20 bytes, but the size of the $@ is only 5 bytes. | test.c:184:25:184:31 | 1234 | read buffer | test.c:184:13:184:20 | call to get_ca_5 | write buffer | -| test.c:185:5:185:11 | call to wcsncat | The size of the $@ passed to wcsncat is 1 bytes, but the $@ is 16 bytes. | test.c:185:13:185:26 | ... + ... | write buffer | test.c:185:38:185:38 | 4 | size argument | | test.c:185:5:185:11 | call to wcsncat | The size of the $@ passed to wcsncat is 20 bytes, but the size of the $@ is only 1 bytes. | test.c:185:29:185:35 | 1234 | read buffer | test.c:185:13:185:26 | ... + ... | write buffer | -| test.c:186:5:186:11 | call to wcsncat | The size of the $@ passed to wcsncat is 5 bytes, but the $@ is 8 bytes. | test.c:186:13:186:20 | call to get_ca_5 | write buffer | test.c:186:32:186:32 | 2 | size argument | | test.c:186:5:186:11 | call to wcsncat | The size of the $@ passed to wcsncat is 12 bytes, but the size of the $@ is only 5 bytes. | test.c:186:25:186:29 | 12 | read buffer | test.c:186:13:186:20 | call to get_ca_5 | write buffer | | test.c:191:5:191:10 | call to strcmp | The $@ passed to strcmp might not be null-terminated. | test.c:191:22:191:28 | ca5_bad | argument | test.c:191:22:191:28 | ca5_bad | | | test.c:193:5:193:10 | call to strcmp | The $@ passed to strcmp might not be null-terminated. | test.c:193:12:193:18 | ca5_bad | argument | test.c:193:12:193:18 | ca5_bad | | diff --git a/c/common/src/codingstandards/c/OutOfBounds.qll b/c/common/src/codingstandards/c/OutOfBounds.qll index c72333165f..7045aaf0f1 100644 --- a/c/common/src/codingstandards/c/OutOfBounds.qll +++ b/c/common/src/codingstandards/c/OutOfBounds.qll @@ -18,7 +18,7 @@ import semmle.code.cpp.security.BufferWrite module OOB { bindingset[name, result] - private string getNameOrInternalName(string name) { + string getNameOrInternalName(string name) { result = name or result.regexpMatch("__.*_+" + name + "_.*") } @@ -162,8 +162,8 @@ module OOB { name = ["strncat", "wcsncat"] and dst = 0 and src = 1 and - src_sz = -1 and - dst_sz = 2 + src_sz = 2 and + dst_sz = -1 or name = ["snprintf", "vsnprintf", "swprintf", "vswprintf"] and dst = 0 and @@ -362,6 +362,11 @@ module OOB { */ class StrncatLibraryFunction extends StringConcatenationFunctionLibraryFunction { StrncatLibraryFunction() { this.getName() = getNameOrInternalName(["strncat", "wcsncat"]) } + + override predicate getALengthParameterIndex(int i) { + // `strncat` and `wcsncat` exclude the size of a null terminator + i = 2 + } } /** diff --git a/c/misra/src/rules/RULE-21-17/StringFunctionPointerArgumentOutOfBounds.ql b/c/misra/src/rules/RULE-21-17/StringFunctionPointerArgumentOutOfBounds.ql new file mode 100644 index 0000000000..cf1e8cda1b --- /dev/null +++ b/c/misra/src/rules/RULE-21-17/StringFunctionPointerArgumentOutOfBounds.ql @@ -0,0 +1,27 @@ +/** + * @id c/misra/string-function-pointer-argument-out-of-bounds + * @name RULE-21-17: Use of the string handling functions from shall not result in accesses beyond the bounds + * @description Use of string manipulation functions from with improper buffer sizes can + * result in out-of-bounds buffer accesses. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/misra/id/rule-21-17 + * correctness + * security + * external/misra/obligation/mandatory + */ + +import cpp +import codingstandards.c.misra +import codingstandards.c.OutOfBounds + +class RULE_21_17_Subset_FC = OOB::SimpleStringLibraryFunctionCall; + +from + RULE_21_17_Subset_FC fc, string message, Expr bufferArg, string bufferArgStr, + Expr sizeOrOtherBufferArg, string otherStr +where + not isExcluded(fc, OutOfBoundsPackage::stringFunctionPointerArgumentOutOfBoundsQuery()) and + OOB::problems(fc, message, bufferArg, bufferArgStr, sizeOrOtherBufferArg, otherStr) +select fc, message, bufferArg, bufferArgStr, sizeOrOtherBufferArg, otherStr \ No newline at end of file diff --git a/c/misra/src/rules/RULE-21-18/StringLibrarySizeArgumentOutOfBounds.ql b/c/misra/src/rules/RULE-21-18/StringLibrarySizeArgumentOutOfBounds.ql new file mode 100644 index 0000000000..3554b2791e --- /dev/null +++ b/c/misra/src/rules/RULE-21-18/StringLibrarySizeArgumentOutOfBounds.ql @@ -0,0 +1,35 @@ +/** + * @id c/misra/string-library-size-argument-out-of-bounds + * @name RULE-21-18: The size_t argument passed to any function in shall have an appropriate value + * @description Passing a size_t argument that is non-positive or greater than the size of the + * smallest buffer argument to any function in may result in out-of-bounds + * buffer accesses. + * @kind problem + * @precision high + * @problem.severity error + * @tags external/misra/id/rule-21-18 + * correctness + * security + * external/misra/obligation/mandatory + */ + +import cpp +import codingstandards.c.misra +import codingstandards.c.OutOfBounds + +class RULE_21_18_Subset_FC extends OOB::BufferAccessLibraryFunctionCall { + RULE_21_18_Subset_FC() { + this.getTarget().getName() = + OOB::getNameOrInternalName([ + "mem" + ["chr", "cmp", "cpy", "move", "set"], "str" + ["ncat", "ncmp", "ncpy", "xfrm"] + ]) + } +} + +from + RULE_21_18_Subset_FC fc, string message, Expr bufferArg, string bufferArgStr, + Expr sizeOrOtherBufferArg, string otherStr +where + not isExcluded(fc, OutOfBoundsPackage::stringLibrarySizeArgumentOutOfBoundsQuery()) and + OOB::problems(fc, message, bufferArg, bufferArgStr, sizeOrOtherBufferArg, otherStr) +select fc, message, bufferArg, bufferArgStr, sizeOrOtherBufferArg, otherStr diff --git a/c/misra/test/rules/RULE-21-17/StringFunctionPointerArgumentOutOfBounds.expected b/c/misra/test/rules/RULE-21-17/StringFunctionPointerArgumentOutOfBounds.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/RULE-21-17/StringFunctionPointerArgumentOutOfBounds.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-17/StringFunctionPointerArgumentOutOfBounds.qlref b/c/misra/test/rules/RULE-21-17/StringFunctionPointerArgumentOutOfBounds.qlref new file mode 100644 index 0000000000..001582cdd8 --- /dev/null +++ b/c/misra/test/rules/RULE-21-17/StringFunctionPointerArgumentOutOfBounds.qlref @@ -0,0 +1 @@ +rules/RULE-21-17/StringFunctionPointerArgumentOutOfBounds.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-18/StringLibrarySizeArgumentOutOfBounds.expected b/c/misra/test/rules/RULE-21-18/StringLibrarySizeArgumentOutOfBounds.expected new file mode 100644 index 0000000000..2ec1a0ac6c --- /dev/null +++ b/c/misra/test/rules/RULE-21-18/StringLibrarySizeArgumentOutOfBounds.expected @@ -0,0 +1 @@ +No expected results have yet been specified \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-18/StringLibrarySizeArgumentOutOfBounds.qlref b/c/misra/test/rules/RULE-21-18/StringLibrarySizeArgumentOutOfBounds.qlref new file mode 100644 index 0000000000..9d3cdd6f64 --- /dev/null +++ b/c/misra/test/rules/RULE-21-18/StringLibrarySizeArgumentOutOfBounds.qlref @@ -0,0 +1 @@ +rules/RULE-21-18/StringLibrarySizeArgumentOutOfBounds.ql \ No newline at end of file diff --git a/rule_packages/c/OutOfBounds.json b/rule_packages/c/OutOfBounds.json index 16472af64c..35f14d2ad8 100644 --- a/rule_packages/c/OutOfBounds.json +++ b/rule_packages/c/OutOfBounds.json @@ -26,7 +26,7 @@ }, "queries": [ { - "description": "", + "description": "Passing out-of-bounds pointers or erroneous size arguments to standard library functions can result in out-of-bounds accesses and other undefined behavior.", "kind": "problem", "name": "Guarantee that library functions do not form invalid pointers", "precision": "high", From 406dab5d916bd9954d62c681b8cb7dcac825130e Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Wed, 5 Apr 2023 22:54:11 +0200 Subject: [PATCH 0973/2573] Add RULE-21-18 test-case --- ...ingLibrarySizeArgumentOutOfBounds.expected | 36 +++++- c/misra/test/rules/RULE-21-18/test.c | 107 ++++++++++++++++++ 2 files changed, 142 insertions(+), 1 deletion(-) create mode 100644 c/misra/test/rules/RULE-21-18/test.c diff --git a/c/misra/test/rules/RULE-21-18/StringLibrarySizeArgumentOutOfBounds.expected b/c/misra/test/rules/RULE-21-18/StringLibrarySizeArgumentOutOfBounds.expected index 2ec1a0ac6c..cd7e20a7e4 100644 --- a/c/misra/test/rules/RULE-21-18/StringLibrarySizeArgumentOutOfBounds.expected +++ b/c/misra/test/rules/RULE-21-18/StringLibrarySizeArgumentOutOfBounds.expected @@ -1 +1,35 @@ -No expected results have yet been specified \ No newline at end of file +| test.c:16:5:16:10 | call to memcpy | The size of the $@ passed to memcpy is 64 bytes, but the $@ is 65 bytes. | test.c:16:12:16:15 | buf1 | write buffer | test.c:16:24:16:39 | ... + ... | size argument | +| test.c:16:5:16:10 | call to memcpy | The size of the $@ passed to memcpy is 64 bytes, but the $@ is 65 bytes. | test.c:16:18:16:21 | buf2 | read buffer | test.c:16:24:16:39 | ... + ... | size argument | +| test.c:18:5:18:10 | call to memcpy | The size of the $@ passed to memcpy is 63 bytes, but the $@ is 64 bytes. | test.c:18:12:18:19 | ... + ... | write buffer | test.c:18:28:18:39 | sizeof() | size argument | +| test.c:18:5:18:10 | call to memcpy | The size of the $@ passed to memcpy is 64 bytes, but the size of the $@ is only 63 bytes. | test.c:18:22:18:25 | buf2 | read buffer | test.c:18:12:18:19 | ... + ... | write buffer | +| test.c:19:5:19:10 | call to memcpy | The size of the $@ passed to memcpy is 63 bytes, but the $@ is 128 bytes. | test.c:19:18:19:25 | ... + ... | read buffer | test.c:19:28:19:43 | ... * ... | size argument | +| test.c:19:5:19:10 | call to memcpy | The size of the $@ passed to memcpy is 64 bytes, but the $@ is 128 bytes. | test.c:19:12:19:15 | buf1 | write buffer | test.c:19:28:19:43 | ... * ... | size argument | +| test.c:25:5:25:10 | call to memcmp | The size of the $@ passed to memcmp is 64 bytes, but the $@ is 65 bytes. | test.c:25:12:25:15 | buf1 | write buffer | test.c:25:24:25:39 | ... + ... | size argument | +| test.c:25:5:25:10 | call to memcmp | The size of the $@ passed to memcmp is 64 bytes, but the $@ is 65 bytes. | test.c:25:18:25:21 | buf2 | read buffer | test.c:25:24:25:39 | ... + ... | size argument | +| test.c:27:5:27:10 | call to memcmp | The size of the $@ passed to memcmp is 63 bytes, but the $@ is 64 bytes. | test.c:27:12:27:19 | ... + ... | write buffer | test.c:27:28:27:39 | sizeof() | size argument | +| test.c:27:5:27:10 | call to memcmp | The size of the $@ passed to memcmp is 64 bytes, but the size of the $@ is only 63 bytes. | test.c:27:22:27:25 | buf2 | read buffer | test.c:27:12:27:19 | ... + ... | write buffer | +| test.c:28:5:28:10 | call to memcmp | The size of the $@ passed to memcmp is 63 bytes, but the $@ is 128 bytes. | test.c:28:18:28:25 | ... + ... | read buffer | test.c:28:28:28:43 | ... * ... | size argument | +| test.c:28:5:28:10 | call to memcmp | The size of the $@ passed to memcmp is 64 bytes, but the $@ is 128 bytes. | test.c:28:12:28:15 | buf1 | write buffer | test.c:28:28:28:43 | ... * ... | size argument | +| test.c:33:5:33:10 | call to memchr | The size of the $@ passed to memchr is 128 bytes, but the $@ is 129 bytes. | test.c:33:12:33:14 | buf | read buffer | test.c:33:20:33:34 | ... + ... | size argument | +| test.c:34:5:34:10 | call to memchr | The size of the $@ passed to memchr is 128 bytes, but the $@ is 129 bytes. | test.c:34:12:34:14 | buf | read buffer | test.c:34:20:34:34 | ... + ... | size argument | +| test.c:36:5:36:10 | call to memchr | The $@ passed to memchr is null. | test.c:36:12:36:15 | 0 | argument | test.c:36:12:36:15 | 0 | | +| test.c:41:5:41:10 | call to memset | The size of the $@ passed to memset is 128 bytes, but the $@ is 129 bytes. | test.c:41:12:41:14 | buf | write buffer | test.c:41:20:41:34 | ... + ... | size argument | +| test.c:42:5:42:10 | call to memset | The size of the $@ passed to memset is 128 bytes, but the $@ is 129 bytes. | test.c:42:12:42:14 | buf | write buffer | test.c:42:20:42:34 | ... + ... | size argument | +| test.c:44:5:44:10 | call to memset | The $@ passed to memset is null. | test.c:44:12:44:15 | 0 | argument | test.c:44:12:44:15 | 0 | | +| test.c:50:5:50:11 | call to memmove | The size of the $@ passed to memmove is 128 bytes, but the $@ is 129 bytes. | test.c:50:13:50:16 | buf1 | write buffer | test.c:50:25:50:40 | ... + ... | size argument | +| test.c:50:5:50:11 | call to memmove | The size of the $@ passed to memmove is 256 bytes, but the size of the $@ is only 128 bytes. | test.c:50:19:50:22 | buf2 | read buffer | test.c:50:13:50:16 | buf1 | write buffer | +| test.c:52:5:52:11 | call to memmove | The size of the $@ passed to memmove is 127 bytes, but the $@ is 128 bytes. | test.c:52:13:52:20 | ... + ... | write buffer | test.c:52:29:52:40 | sizeof() | size argument | +| test.c:52:5:52:11 | call to memmove | The size of the $@ passed to memmove is 256 bytes, but the size of the $@ is only 127 bytes. | test.c:52:23:52:26 | buf2 | read buffer | test.c:52:13:52:20 | ... + ... | write buffer | +| test.c:54:5:54:11 | call to memmove | The size of the $@ passed to memmove is 128 bytes, but the $@ is 256 bytes. | test.c:54:19:54:22 | buf1 | read buffer | test.c:54:25:54:36 | sizeof() | size argument | +| test.c:62:5:62:11 | call to strncpy | The size of the $@ passed to strncpy is 128 bytes, but the $@ is 129 bytes. | test.c:62:13:62:16 | buf1 | write buffer | test.c:62:25:62:40 | ... + ... | size argument | +| test.c:62:5:62:11 | call to strncpy | The size of the $@ passed to strncpy is 256 bytes, but the size of the $@ is only 128 bytes. | test.c:62:19:62:22 | buf2 | read buffer | test.c:62:13:62:16 | buf1 | write buffer | +| test.c:64:5:64:11 | call to strncpy | The size of the $@ passed to strncpy is 127 bytes, but the $@ is 128 bytes. | test.c:64:13:64:20 | ... + ... | write buffer | test.c:64:29:64:40 | sizeof() | size argument | +| test.c:64:5:64:11 | call to strncpy | The size of the $@ passed to strncpy is 256 bytes, but the size of the $@ is only 127 bytes. | test.c:64:23:64:26 | buf2 | read buffer | test.c:64:13:64:20 | ... + ... | write buffer | +| test.c:77:5:77:11 | call to strncat | The $@ passed to strncat might not be null-terminated. | test.c:77:13:77:16 | buf1 | argument | test.c:77:13:77:16 | buf1 | | +| test.c:81:5:81:11 | call to strncat | The size of the $@ passed to strncat is 6 bytes, but the size of the $@ is only 5 bytes. | test.c:81:25:81:31 | 12345 | read buffer | test.c:81:13:81:20 | call to get_ca_5 | write buffer | +| test.c:83:5:83:11 | call to strncat | The size of the $@ passed to strncat is 5 bytes, but the size of the $@ is only 4 bytes. | test.c:83:29:83:34 | 1234 | read buffer | test.c:83:13:83:26 | ... + ... | write buffer | +| test.c:94:5:94:11 | call to strncmp | The size of the $@ passed to strncmp is 5 bytes, but the $@ is 6 bytes. | test.c:94:23:94:30 | ca5_good | read buffer | test.c:94:33:94:33 | 6 | size argument | +| test.c:95:5:95:11 | call to strncmp | The size of the $@ passed to strncmp is 5 bytes, but the $@ is 6 bytes. | test.c:95:13:95:20 | ca5_good | write buffer | test.c:95:32:95:32 | 6 | size argument | +| test.c:95:5:95:11 | call to strncmp | The size of the $@ passed to strncmp is 5 bytes, but the $@ is 6 bytes. | test.c:95:23:95:29 | ca5_bad | read buffer | test.c:95:32:95:32 | 6 | size argument | +| test.c:102:5:102:11 | call to strxfrm | The size of the $@ passed to strxfrm is 64 bytes, but the $@ is 65 bytes. | test.c:102:13:102:15 | buf | write buffer | test.c:102:25:102:39 | ... + ... | size argument | +| test.c:104:5:104:11 | call to strxfrm | The $@ passed to strxfrm might not be null-terminated. | test.c:104:22:104:25 | buf2 | argument | test.c:104:22:104:25 | buf2 | | diff --git a/c/misra/test/rules/RULE-21-18/test.c b/c/misra/test/rules/RULE-21-18/test.c new file mode 100644 index 0000000000..29ea494ccc --- /dev/null +++ b/c/misra/test/rules/RULE-21-18/test.c @@ -0,0 +1,107 @@ +// test partially copied from CERT-C ARR38-C test +#include +#include + +char *get_ca_5(void) { + void *ptr = malloc(5 * sizeof(char)); + memset(ptr, 0, 5 * sizeof(char)); + return (char *)ptr; +} + +void test(void) { + { + char buf1[64]; + char buf2[64]; + memcpy(buf1, buf2, sizeof(buf1)); // COMPLIANT + memcpy(buf1, buf2, sizeof(buf1) + 1); // NON_COMPLIANT + memcpy(buf1, buf2, sizeof(buf1) - 1); // COMPLIANT + memcpy(buf1 + 1, buf2, sizeof(buf1)); // NON_COMPLIANT + memcpy(buf1, buf2 + 1, sizeof(buf1) * 2); // NON_COMPLIANT + } + { + char buf1[64]; + char buf2[64]; + memcmp(buf1, buf2, sizeof(buf1)); // COMPLIANT + memcmp(buf1, buf2, sizeof(buf1) + 1); // NON_COMPLIANT + memcmp(buf1, buf2, sizeof(buf1) - 1); // COMPLIANT + memcmp(buf1 + 1, buf2, sizeof(buf1)); // NON_COMPLIANT + memcmp(buf1, buf2 + 1, sizeof(buf1) * 2); // NON_COMPLIANT + } + { + char buf[128]; + memchr(buf, 0, sizeof(buf)); // COMPLIANT + memchr(buf, 0, sizeof(buf) + 1); // NON_COMPLIANT + memchr(buf, 0, sizeof(buf) + 1); // NON_COMPLIANT + memchr(buf, 0, sizeof(buf) - 1); // COMPLIANT + memchr(NULL, 0, sizeof(buf)); // NON_COMPLIANT + } + { + char buf[128]; + memset(buf, 0, sizeof(buf)); // COMPLIANT + memset(buf, 0, sizeof(buf) + 1); // NON_COMPLIANT + memset(buf, 0, sizeof(buf) + 1); // NON_COMPLIANT + memset(buf, 0, sizeof(buf) - 1); // COMPLIANT + memset(NULL, 0, sizeof(buf)); // NON_COMPLIANT + } + { + char buf1[128]; + char buf2[256]; + memmove(buf1, buf2, sizeof(buf1)); // COMPLIANT + memmove(buf1, buf2, sizeof(buf1) + 1); // NON_COMPLIANT + memmove(buf1, buf2, sizeof(buf1) - 1); // COMPLIANT + memmove(buf1 + 1, buf2, sizeof(buf1)); // NON_COMPLIANT + memmove(buf1, buf2 + 1, sizeof(buf1)); // COMPLIANT + memmove(buf2, buf1, sizeof(buf2)); // NON_COMPLIANT + memmove(buf2, buf1, sizeof(buf1)); // COMPLIANT + } + { + char buf1[128]; + char buf2[256] = {0}; + strncpy(buf2, buf1, sizeof(buf1)); // COMPLIANT + strncpy(buf1, buf2, sizeof(buf1)); // COMPLIANT + strncpy(buf1, buf2, sizeof(buf1) + 1); // NON_COMPLIANT + strncpy(buf1, buf2, sizeof(buf1) - 1); // COMPLIANT + strncpy(buf1 + 1, buf2, sizeof(buf1)); // NON_COMPLIANT + } + { + char buf0[10]; // memset after first use + char buf1[10]; // no memset + char buf2[10]; // memset before first use + char buf3[10] = {'\0'}; + char buf4[10] = "12345"; + + strncat(buf0, " ", + 1); // NON_COMPLIANT[FALSE_NEGATIVE] - buf0 not null-terminated + memset(buf0, 0, sizeof(buf0)); // COMPLIANT + memset(buf2, 0, sizeof(buf2)); // COMPLIANT + strncat(buf1, " ", 1); // NON_COMPLIANT - not null-terminated + strncat(buf2, " ", 1); // COMPLIANT + strncat(buf3, " ", 1); // COMPLIANT + strncat(buf4, "12345", 5); // NON_COMPLIANT[FALSE_NEGATIVE] + strncat(get_ca_5(), "12345", 5); // NON_COMPLIANT - null-terminator past end + strncat(get_ca_5(), "1234", 4); // COMPLIANT + strncat(get_ca_5() + 1, "1234", 4); // NON_COMPLIANT + strncat(get_ca_5(), "12", 2); // COMPLIANT + } + { + char ca5_good[5] = "test"; // ok + char ca5_bad[5] = "test1"; // no null terminator + char ca6_good[6] = "test1"; // ok + char ca6_bad[6] = "test12"; // no null terminator + strncmp(ca5_good, ca5_bad, 4); // COMPLIANT + strncmp(ca5_good, ca5_bad, 5); // COMPLIANT + strncmp(ca6_good, ca5_bad, 5); // COMPLIANT + strncmp(ca6_good, ca5_good, 6); // COMPLIANT[FALSE_POSITIVE] + strncmp(ca5_good, ca5_bad, 6); // NON_COMPLIANT + } + // strxfrm + { + char buf[64]; + char buf2[128]; + strxfrm(buf, "abc", sizeof(buf)); // COMPLIANT + strxfrm(buf, "abc", sizeof(buf) + 1); // NON_COMPLIANT + strxfrm(buf, "abc", sizeof(buf) - 1); // COMPLIANT + strxfrm(buf + 1, buf2, + sizeof(buf) - 1); // NON_COMPLIANT - not null-terminated + } +} \ No newline at end of file From 883eccac0a805c5ddf49e34e7f5fd2a9eb52c5d9 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Thu, 6 Apr 2023 00:32:58 +0200 Subject: [PATCH 0974/2573] Update RULE-21-17 and RULE-21-18 tests --- ...unctionPointerArgumentOutOfBounds.expected | 27 +++- c/misra/test/rules/RULE-21-17/test.c | 119 ++++++++++++++++++ ...ingLibrarySizeArgumentOutOfBounds.expected | 10 +- c/misra/test/rules/RULE-21-18/test.c | 1 - 4 files changed, 150 insertions(+), 7 deletions(-) create mode 100644 c/misra/test/rules/RULE-21-17/test.c diff --git a/c/misra/test/rules/RULE-21-17/StringFunctionPointerArgumentOutOfBounds.expected b/c/misra/test/rules/RULE-21-17/StringFunctionPointerArgumentOutOfBounds.expected index 2ec1a0ac6c..a7e269e292 100644 --- a/c/misra/test/rules/RULE-21-17/StringFunctionPointerArgumentOutOfBounds.expected +++ b/c/misra/test/rules/RULE-21-17/StringFunctionPointerArgumentOutOfBounds.expected @@ -1 +1,26 @@ -No expected results have yet been specified \ No newline at end of file +| test.c:31:5:31:10 | call to strcat | The $@ passed to strcat might not be null-terminated. | test.c:31:12:31:15 | buf1 | argument | test.c:31:12:31:15 | buf1 | | +| test.c:36:5:36:10 | call to strcat | The size of the $@ passed to strcat is 6 bytes, but the size of the $@ is only 5 bytes. | test.c:36:24:36:30 | 12345 | read buffer | test.c:36:12:36:19 | call to get_ca_5 | write buffer | +| test.c:38:5:38:10 | call to strcat | The size of the $@ passed to strcat is 5 bytes, but the size of the $@ is only 4 bytes. | test.c:38:28:38:33 | 1234 | read buffer | test.c:38:12:38:25 | ... + ... | write buffer | +| test.c:43:5:43:10 | call to strchr | The $@ passed to strchr might not be null-terminated. | test.c:43:12:43:18 | ca5_bad | argument | test.c:43:12:43:18 | ca5_bad | | +| test.c:45:5:45:10 | call to strchr | The $@ passed to strchr is 5 bytes, but an offset of 5 bytes is used to access it. | test.c:45:12:45:23 | ... + ... | read buffer | test.c:45:12:45:23 | ... + ... | | +| test.c:47:5:47:11 | call to strrchr | The $@ passed to strrchr might not be null-terminated. | test.c:47:13:47:19 | ca5_bad | argument | test.c:47:13:47:19 | ca5_bad | | +| test.c:49:5:49:11 | call to strrchr | The $@ passed to strrchr is 5 bytes, but an offset of 5 bytes is used to access it. | test.c:49:13:49:24 | ... + ... | read buffer | test.c:49:13:49:24 | ... + ... | | +| test.c:53:5:53:10 | call to strcmp | The $@ passed to strcmp might not be null-terminated. | test.c:53:22:53:28 | ca5_bad | argument | test.c:53:22:53:28 | ca5_bad | | +| test.c:55:5:55:10 | call to strcmp | The $@ passed to strcmp might not be null-terminated. | test.c:55:12:55:18 | ca5_bad | argument | test.c:55:12:55:18 | ca5_bad | | +| test.c:58:5:58:11 | call to strcoll | The $@ passed to strcoll might not be null-terminated. | test.c:58:23:58:29 | ca5_bad | argument | test.c:58:23:58:29 | ca5_bad | | +| test.c:60:5:60:11 | call to strcoll | The $@ passed to strcoll might not be null-terminated. | test.c:60:13:60:19 | ca5_bad | argument | test.c:60:13:60:19 | ca5_bad | | +| test.c:66:5:66:10 | call to strcpy | The size of the $@ passed to strcpy is 6 bytes, but the size of the $@ is only 5 bytes. | test.c:66:22:66:28 | test1 | read buffer | test.c:66:12:66:19 | ca5_good | write buffer | +| test.c:70:5:70:10 | call to strcpy | The $@ passed to strcpy might not be null-terminated. | test.c:70:24:70:30 | ca5_bad | argument | test.c:70:24:70:30 | ca5_bad | | +| test.c:71:5:71:10 | call to strcpy | The size of the $@ passed to strcpy is 6 bytes, but the size of the $@ is only 5 bytes. | test.c:71:24:71:31 | ca6_good | read buffer | test.c:71:12:71:19 | call to get_ca_5 | write buffer | +| test.c:76:5:76:11 | call to strcspn | The $@ passed to strcspn might not be null-terminated. | test.c:76:13:76:19 | ca5_bad | argument | test.c:76:13:76:19 | ca5_bad | | +| test.c:78:5:78:11 | call to strcspn | The $@ passed to strcspn is null. | test.c:78:13:78:16 | 0 | argument | test.c:78:13:78:16 | 0 | | +| test.c:80:5:80:10 | call to strspn | The $@ passed to strspn might not be null-terminated. | test.c:80:12:80:18 | ca5_bad | argument | test.c:80:12:80:18 | ca5_bad | | +| test.c:82:5:82:10 | call to strspn | The $@ passed to strspn is null. | test.c:82:12:82:15 | 0 | argument | test.c:82:12:82:15 | 0 | | +| test.c:86:5:86:10 | call to strlen | The $@ passed to strlen might not be null-terminated. | test.c:86:12:86:18 | ca5_bad | argument | test.c:86:12:86:18 | ca5_bad | | +| test.c:88:5:88:10 | call to strlen | The $@ passed to strlen is 5 bytes, but an offset of 5 bytes is used to access it. | test.c:88:12:88:23 | ... + ... | read buffer | test.c:88:12:88:23 | ... + ... | | +| test.c:93:5:93:11 | call to strpbrk | The $@ passed to strpbrk might not be null-terminated. | test.c:93:13:93:19 | ca5_bad | argument | test.c:93:13:93:19 | ca5_bad | | +| test.c:95:5:95:11 | call to strpbrk | The $@ passed to strpbrk is null. | test.c:95:13:95:16 | 0 | argument | test.c:95:13:95:16 | 0 | | +| test.c:102:5:102:10 | call to strstr | The $@ passed to strstr might not be null-terminated. | test.c:102:12:102:18 | ca5_bad | argument | test.c:102:12:102:18 | ca5_bad | | +| test.c:111:5:111:10 | call to strtok | The $@ passed to strtok is null. | test.c:111:18:111:21 | 0 | argument | test.c:111:18:111:21 | 0 | | +| test.c:113:5:113:10 | call to strtok | The $@ passed to strtok might not be null-terminated. | test.c:113:12:113:18 | ca5_bad | argument | test.c:113:12:113:18 | ca5_bad | | +| test.c:117:5:117:10 | call to strtok | The $@ passed to strtok might not be null-terminated. | test.c:117:22:117:28 | ca6_bad | argument | test.c:117:22:117:28 | ca6_bad | | diff --git a/c/misra/test/rules/RULE-21-17/test.c b/c/misra/test/rules/RULE-21-17/test.c new file mode 100644 index 0000000000..900cb05eda --- /dev/null +++ b/c/misra/test/rules/RULE-21-17/test.c @@ -0,0 +1,119 @@ +// test partially copied from CERT-C ARR38-C test +#include +#include + +char *get_ca_5(void) { + void *ptr = malloc(5 * sizeof(char)); + memset(ptr, 0, 5 * sizeof(char)); + return (char *)ptr; +} + +void test(void) { + char ca5_good[5] = "test"; // ok + char ca5_bad[5] = "test1"; // no null terminator + char ca6_good[6] = "test1"; // ok + char ca6_bad[6] = "test12"; // no null terminator + + // strcat + { + char buf0[10]; // memset after first use + char buf1[10]; // no memset + char buf2[10]; // memset before first use + char buf3[10] = {'\0'}; + char buf4[10] = "12345"; + + strcat(buf0, " "); // NON_COMPLIANT[FALSE_NEGATIVE] - not null terminated at + // initialization + + memset(buf0, 0, sizeof(buf0)); // COMPLIANT + memset(buf2, 0, sizeof(buf2)); // COMPLIANT + + strcat(buf1, " "); // NON_COMPLIANT - not null terminated + strcat(buf2, " "); // COMPLIANT + strcat(buf3, " "); // COMPLIANT + strcat(buf4, "12345"); // NON_COMPLIANT[FALSE_NEGATIVE] + + strcat(get_ca_5(), "12345"); // NON_COMPLIANT + strcat(get_ca_5(), "1234"); // COMPLIANT + strcat(get_ca_5() + 1, "1234"); // NON_COMPLIANT + } + // strchr and strrchr + { + strchr(ca5_good, 't'); // COMPLIANT + strchr(ca5_bad, 't'); // NON_COMPLIANT + strchr(ca5_good + 4, 't'); // COMPLIANT + strchr(ca5_good + 5, 't'); // NON_COMPLIANT + strrchr(ca5_good, 1); // COMPLIANT + strrchr(ca5_bad, 1); // NON_COMPLIANT + strrchr(ca5_good + 4, 1); // COMPLIANT + strrchr(ca5_good + 5, 1); // NON_COMPLIANT + } + // strcmp and strcoll + { + strcmp(ca5_good, ca5_bad); // NON_COMPLIANT + strcmp(ca5_good, ca5_good); // COMPLIANT + strcmp(ca5_bad, ca5_good); // NON_COMPLIANT + strcmp(ca5_good, ca6_good); // COMPLIANT + strcmp(ca6_good, ca5_good); // COMPLIANT + strcoll(ca5_good, ca5_bad); // NON_COMPLIANT + strcoll(ca5_good, ca5_good); // COMPLIANT + strcoll(ca5_bad, ca5_good); // NON_COMPLIANT + strcoll(ca5_good, ca6_good); // COMPLIANT + strcoll(ca6_good, ca5_good); // COMPLIANT + } + // strcpy + { + strcpy(ca5_good, "test1"); // NON_COMPLIANT + strcpy(ca5_bad, "test"); // COMPLIANT + // strcpy to char buffer indirect + strcpy(get_ca_5(), ca5_good); // COMPLIANT + strcpy(get_ca_5(), ca5_bad); // NON_COMPLIANT + strcpy(get_ca_5(), ca6_good); // NON_COMPLIANT + } + // strcspn and strspn + { + strcspn(ca5_good, "test"); // COMPLIANT + strcspn(ca5_bad, "test"); // NON_COMPLIANT - not null-terminated + strcspn(ca5_good, "1234567890"); // COMPLIANT + strcspn(NULL, "12345"); // NON_COMPLIANT + strspn(ca5_good, "test"); // COMPLIANT + strspn(ca5_bad, "test"); // NON_COMPLIANT - not null-terminated + strspn(ca5_good, "1234567890"); // COMPLIANT + strspn(NULL, "12345"); // NON_COMPLIANT + } + // strlen + { + strlen(ca5_bad); // NON_COMPLIANT + strlen(ca5_good + 4); // COMPLIANT + strlen(ca5_good + 5); // NON_COMPLIANT + } + // strpbrk + { + strpbrk(ca5_good, "test"); // COMPLIANT + strpbrk(ca5_bad, "test"); // NON_COMPLIANT - not null-terminated + strpbrk(ca5_good, "1234567890"); // COMPLIANT + strpbrk(NULL, "12345"); // NON_COMPLIANT + } + // strstr + { + strstr("12345", "123"); // COMPLIANT + strstr("123", "12345"); // COMPLIANT + strstr(ca5_good, "test"); // COMPLIANT + strstr(ca5_bad, "test"); // NON_COMPLIANT - not null-terminated + strstr(ca5_good, "1234567890"); // COMPLIANT + } + // strtok + { + char ca5_good[5] = "test"; // ok + char ca5_bad[5] = "test1"; // no null terminator + char ca6_good[6] = "test1"; // ok + char ca6_bad[6] = "test12"; // no null terminator + strtok(NULL, NULL); // NON_COMPLIANT - 2nd arg null + strtok(NULL, ""); // COMPLIANT + strtok(ca5_bad, ""); // NON_COMPLIANT - 1st arg not null-terminated + strtok(ca5_good, ""); // COMPLIANT + strtok(ca6_good, ca5_good); // COMPLIANT + strtok(ca6_good + 4, ca6_good); // COMPLIANT + strtok(ca6_good, ca6_bad); // NON_COMPLIANT - 2nd arg not null-terminated + } +} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-18/StringLibrarySizeArgumentOutOfBounds.expected b/c/misra/test/rules/RULE-21-18/StringLibrarySizeArgumentOutOfBounds.expected index cd7e20a7e4..fe3cbba947 100644 --- a/c/misra/test/rules/RULE-21-18/StringLibrarySizeArgumentOutOfBounds.expected +++ b/c/misra/test/rules/RULE-21-18/StringLibrarySizeArgumentOutOfBounds.expected @@ -28,8 +28,8 @@ | test.c:77:5:77:11 | call to strncat | The $@ passed to strncat might not be null-terminated. | test.c:77:13:77:16 | buf1 | argument | test.c:77:13:77:16 | buf1 | | | test.c:81:5:81:11 | call to strncat | The size of the $@ passed to strncat is 6 bytes, but the size of the $@ is only 5 bytes. | test.c:81:25:81:31 | 12345 | read buffer | test.c:81:13:81:20 | call to get_ca_5 | write buffer | | test.c:83:5:83:11 | call to strncat | The size of the $@ passed to strncat is 5 bytes, but the size of the $@ is only 4 bytes. | test.c:83:29:83:34 | 1234 | read buffer | test.c:83:13:83:26 | ... + ... | write buffer | -| test.c:94:5:94:11 | call to strncmp | The size of the $@ passed to strncmp is 5 bytes, but the $@ is 6 bytes. | test.c:94:23:94:30 | ca5_good | read buffer | test.c:94:33:94:33 | 6 | size argument | -| test.c:95:5:95:11 | call to strncmp | The size of the $@ passed to strncmp is 5 bytes, but the $@ is 6 bytes. | test.c:95:13:95:20 | ca5_good | write buffer | test.c:95:32:95:32 | 6 | size argument | -| test.c:95:5:95:11 | call to strncmp | The size of the $@ passed to strncmp is 5 bytes, but the $@ is 6 bytes. | test.c:95:23:95:29 | ca5_bad | read buffer | test.c:95:32:95:32 | 6 | size argument | -| test.c:102:5:102:11 | call to strxfrm | The size of the $@ passed to strxfrm is 64 bytes, but the $@ is 65 bytes. | test.c:102:13:102:15 | buf | write buffer | test.c:102:25:102:39 | ... + ... | size argument | -| test.c:104:5:104:11 | call to strxfrm | The $@ passed to strxfrm might not be null-terminated. | test.c:104:22:104:25 | buf2 | argument | test.c:104:22:104:25 | buf2 | | +| test.c:93:5:93:11 | call to strncmp | The size of the $@ passed to strncmp is 5 bytes, but the $@ is 6 bytes. | test.c:93:23:93:30 | ca5_good | read buffer | test.c:93:33:93:33 | 6 | size argument | +| test.c:94:5:94:11 | call to strncmp | The size of the $@ passed to strncmp is 5 bytes, but the $@ is 6 bytes. | test.c:94:13:94:20 | ca5_good | write buffer | test.c:94:32:94:32 | 6 | size argument | +| test.c:94:5:94:11 | call to strncmp | The size of the $@ passed to strncmp is 5 bytes, but the $@ is 6 bytes. | test.c:94:23:94:29 | ca5_bad | read buffer | test.c:94:32:94:32 | 6 | size argument | +| test.c:101:5:101:11 | call to strxfrm | The size of the $@ passed to strxfrm is 64 bytes, but the $@ is 65 bytes. | test.c:101:13:101:15 | buf | write buffer | test.c:101:25:101:39 | ... + ... | size argument | +| test.c:103:5:103:11 | call to strxfrm | The $@ passed to strxfrm might not be null-terminated. | test.c:103:22:103:25 | buf2 | argument | test.c:103:22:103:25 | buf2 | | diff --git a/c/misra/test/rules/RULE-21-18/test.c b/c/misra/test/rules/RULE-21-18/test.c index 29ea494ccc..d1668a774b 100644 --- a/c/misra/test/rules/RULE-21-18/test.c +++ b/c/misra/test/rules/RULE-21-18/test.c @@ -87,7 +87,6 @@ void test(void) { char ca5_good[5] = "test"; // ok char ca5_bad[5] = "test1"; // no null terminator char ca6_good[6] = "test1"; // ok - char ca6_bad[6] = "test12"; // no null terminator strncmp(ca5_good, ca5_bad, 4); // COMPLIANT strncmp(ca5_good, ca5_bad, 5); // COMPLIANT strncmp(ca6_good, ca5_bad, 5); // COMPLIANT From e9dd4a8dbc26713fd03d7a57f4ffa5a1809fb17c Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Thu, 6 Apr 2023 00:33:29 +0200 Subject: [PATCH 0975/2573] Update strtok param indices in OutOfBounds library --- .../src/codingstandards/c/OutOfBounds.qll | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/c/common/src/codingstandards/c/OutOfBounds.qll b/c/common/src/codingstandards/c/OutOfBounds.qll index 7045aaf0f1..8a1d9850ff 100644 --- a/c/common/src/codingstandards/c/OutOfBounds.qll +++ b/c/common/src/codingstandards/c/OutOfBounds.qll @@ -82,9 +82,10 @@ module OOB { dst = -1 and src = [0, 1] or - name = "strtok" and - dst = 0 and - src = 1 + // do not specify a src and dst to avoid buffer size assumptions + name = ["strtok", "strtok_r"] and + dst = -1 and + src = [0, 1] ) } @@ -479,6 +480,18 @@ module OOB { } } + /** + * A `BufferAccessLibraryFunction` modelling `strtok` + */ + class StrtokLibraryFunction extends BufferAccessLibraryFunction { + StrtokLibraryFunction() { this.getName() = getNameOrInternalName(["strtok", "strtok_r"]) } + + override predicate getAPermissiblyNullParameterIndex(int i) { + // `strtok` does not require a non-null `str` parameter + i = 0 + } + } + /** * An construction of a pointer to a buffer. */ From 76146e4e30b3b195e29685027f334154e6c6bb4f Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Thu, 6 Apr 2023 16:45:00 +0200 Subject: [PATCH 0976/2573] Refactor OutOfBounds.qll and arg/offset model --- .../src/codingstandards/c/OutOfBounds.qll | 153 ++++++++---------- 1 file changed, 70 insertions(+), 83 deletions(-) diff --git a/c/common/src/codingstandards/c/OutOfBounds.qll b/c/common/src/codingstandards/c/OutOfBounds.qll index 8a1d9850ff..ff29c31a77 100644 --- a/c/common/src/codingstandards/c/OutOfBounds.qll +++ b/c/common/src/codingstandards/c/OutOfBounds.qll @@ -13,8 +13,6 @@ import codingstandards.cpp.PossiblyUnsafeStringOperation import codingstandards.cpp.SimpleRangeAnalysisCustomizations import semmle.code.cpp.dataflow.DataFlow import semmle.code.cpp.valuenumbering.GlobalValueNumbering -import semmle.code.cpp.security.BufferAccess -import semmle.code.cpp.security.BufferWrite module OOB { bindingset[name, result] @@ -588,47 +586,66 @@ module OOB { SimpleStringLibraryFunctionCall() { this.getTarget() instanceof SimpleStringLibraryFunction } } - int getStatedAllocValue(Expr e) { - if upperBound(e) = exprMaxVal(e) - then result = max(Expr source | DataFlow::localExprFlow(source, e) | source.getValue().toInt()) - else - result = - upperBound(e) - .minimum(min(Expr source | - DataFlow::localExprFlow(source, e) - | - source.getValue().toInt() - )) + private Expr getSourceConstantExpr(Expr dest) { + exists(result.getValue().toInt()) and + DataFlow::localExprFlow(result, dest) } - int getStatedValue(Expr e) { - result = - upperBound(e) - .minimum(min(Expr source | DataFlow::localExprFlow(source, e) | source.getValue().toInt())) + /** + * Gets the smallest of the upper bound of `e` or the largest source value (i.e. "stated value") that flows to `e`. + * Because range-analysis can over-widen bounds, take the minimum of range analysis and data-flow sources. + * + * If there is no source value that flows to `e`, this predicate does not hold. + */ + private int getMaxStatedValue(Expr e) { + result = upperBound(e).minimum(max(getSourceConstantExpr(e).getValue().toInt())) + } + + /** + * Gets the smallest of the upper bound of `e` or the smallest source value (i.e. "stated value") that flows to `e`. + * Because range-analysis can over-widen bounds, take the minimum of range analysis and data-flow sources. + * + * If there is no source value that flows to `e`, this predicate does not hold. + */ + private int getMinStatedValue(Expr e) { + result = upperBound(e).minimum(min(getSourceConstantExpr(e).getValue().toInt())) } /** * A class for reasoning about the offset of a variable from the original value flowing to it * as a result of arithmetic or pointer arithmetic expressions. */ - int getArithmeticOperandStatedValue(Expr expr) { - result = getStatedValue(expr.(PointerArithmeticExpr).getOperand()) + private int getArithmeticOffsetValue(Expr expr, Expr base) { + result = getMinStatedValue(expr.(PointerArithmeticExpr).getOperand()) and + base = expr.(PointerArithmeticExpr).getPointer() or // &(array[index]) expressions - result = getStatedValue(expr.(AddressOfExpr).getOperand().(PointerArithmeticExpr).getOperand()) + result = + getMinStatedValue(expr.(AddressOfExpr).getOperand().(PointerArithmeticExpr).getOperand()) and + base = expr.(AddressOfExpr).getOperand().(PointerArithmeticExpr).getPointer() + or + result = getMinStatedValue(expr.(AddExpr).getRightOperand()) and + base = expr.(AddExpr).getLeftOperand() or - result = getStatedValue(expr.(BinaryArithmeticOperation).getRightOperand()) + result = -getMinStatedValue(expr.(SubExpr).getRightOperand()) and + base = expr.(SubExpr).getLeftOperand() or - expr instanceof IncrementOperation and result = 1 + expr instanceof IncrementOperation and + result = 1 and + base = expr.(IncrementOperation).getOperand() or - expr instanceof DecrementOperation and result = -1 + expr instanceof DecrementOperation and + result = -1 and + base = expr.(DecrementOperation).getOperand() or // fall-back if `expr` is not an arithmetic or pointer arithmetic expression not expr instanceof PointerArithmeticExpr and not expr.(AddressOfExpr).getOperand() instanceof PointerArithmeticExpr and - not expr instanceof BinaryArithmeticOperation and + not expr instanceof AddExpr and + not expr instanceof SubExpr and not expr instanceof IncrementOperation and not expr instanceof DecrementOperation and + base = expr and result = 0 } @@ -660,8 +677,9 @@ module OOB { abstract predicate isNotNullTerminated(); } - class DynamicAllocationSource extends PointerToObjectSource instanceof AllocationExpr, - FunctionCall { + private class DynamicAllocationSource extends PointerToObjectSource instanceof AllocationExpr, + FunctionCall + { DynamicAllocationSource() { // exclude OperatorNewAllocationFunction to only deal with raw malloc-style calls, // which do not apply a multiple to the size of the allocation passed to them. @@ -742,7 +760,7 @@ module OOB { ) } - override int getFixedSize() { result = getStatedAllocValue(getSizeExpr()) } + override int getFixedSize() { result = getMaxStatedValue(getSizeExpr()) } override predicate isNotNullTerminated() { none() } } @@ -751,7 +769,7 @@ module OOB { * A `PointerToObjectSource` which is an `AddressOfExpr` to a variable * that is not a field or pointer type. */ - class AddressOfExprSource extends PointerToObjectSource instanceof AddressOfExpr { + private class AddressOfExprSource extends PointerToObjectSource instanceof AddressOfExpr { AddressOfExprSource() { exists(Variable v | v = this.getOperand().(VariableAccess).getTarget() and @@ -774,7 +792,7 @@ module OOB { /** * A `PointerToObjectSource` which is a `VariableAccess` to a static buffer */ - class StaticBufferAccessSource extends PointerToObjectSource instanceof VariableAccess { + private class StaticBufferAccessSource extends PointerToObjectSource instanceof VariableAccess { StaticBufferAccessSource() { not this.getTarget() instanceof Field and not this.getTarget().getUnspecifiedType() instanceof PointerType and @@ -809,16 +827,6 @@ module OOB { ) and not this.(VariableAccess).getTarget() instanceof GlobalVariable and not exists(this.(VariableAccess).getTarget().getInitializer()) and - not exists(FunctionCall memset, Expr destBuffer | - ( - destBuffer = memset.(MemsetBA).getBuffer(_, _) - or - memset.getTarget().getName() = getNameOrInternalName("memset") and - destBuffer = memset.getArgument(0) - ) and - memset.getArgument(1).getValue().toInt() = 0 and - this.(VariableAccess).getTarget().getAnAccess() = destBuffer - ) and // exclude any BufferAccessLibraryFunction that writes to the buffer and does not require // a null-terminated buffer argument for its write argument not exists( @@ -845,7 +853,7 @@ module OOB { * A `PointerToObjectSource` which is a string literal that is not * part of an variable initializer (to deduplicate `StaticBufferAccessSource`) */ - class StringLiteralSource extends PointerToObjectSource instanceof StringLiteral { + private class StringLiteralSource extends PointerToObjectSource instanceof StringLiteral { StringLiteralSource() { not this instanceof CharArrayInitializedWithStringLiteral } override Expr getPointer() { result = this } @@ -862,7 +870,7 @@ module OOB { override predicate isNotNullTerminated() { none() } } - class PointerToObjectSourceOrSizeToBufferAccessFunctionConfig extends DataFlow::Configuration { + private class PointerToObjectSourceOrSizeToBufferAccessFunctionConfig extends DataFlow::Configuration { PointerToObjectSourceOrSizeToBufferAccessFunctionConfig() { this = "PointerToObjectSourceOrSizeToBufferAccessFunctionConfig" } @@ -883,10 +891,8 @@ module OOB { arg = ba.getARelevantExpr() ) and ( - sink.asExpr() = arg - or - getArithmeticOffsetValue(arg) > 0 and - sink.asExpr() = arg.getAChild*() + sink.asExpr() = arg or + exists(getArithmeticOffsetValue(arg, sink.asExpr())) ) ) } @@ -910,58 +916,35 @@ module OOB { } } - predicate hasFlowFromBufferOrSizeExprToUse(Expr source, Expr use) { + private predicate hasFlowFromBufferOrSizeExprToUse(Expr source, Expr use) { exists(PointerToObjectSourceOrSizeToBufferAccessFunctionConfig config, Expr useOrChild | - ( - useOrChild = use - or - getArithmeticOffsetValue(use) > 0 and - useOrChild = use.getAChild*() - ) and + exists(getArithmeticOffsetValue(use, useOrChild)) and config.hasFlow(DataFlow::exprNode(source), DataFlow::exprNode(useOrChild)) ) } - predicate bufferUseComputableBufferSize(Expr bufferUse, Expr source, int size) { + private predicate bufferUseComputableBufferSize(Expr bufferUse, Expr source, int size) { // flow from a PointerToObjectSource for which we can compute the exact size size = source.(PointerToObjectSource).getFixedSize() and hasFlowFromBufferOrSizeExprToUse(source, bufferUse) } - predicate bufferUseNonComputableSize(Expr bufferUse, Expr source) { + private predicate bufferUseNonComputableSize(Expr bufferUse, Expr source) { not bufferUseComputableBufferSize(bufferUse, source, _) and hasFlowFromBufferOrSizeExprToUse(source.(DynamicAllocationSource), bufferUse) } - predicate sizeExprComputableSize(Expr sizeExpr, Expr source, int size) { + private predicate sizeExprComputableSize(Expr sizeExpr, Expr source, int size) { // computable direct value - size = getStatedValue(sizeExpr) and + size = getMinStatedValue(sizeExpr) and source = sizeExpr or // computable source value that flows to the size expression - size = source.(DynamicAllocationSource).getFixedSize() + getArithmeticOffsetValue(sizeExpr) and + size = source.(DynamicAllocationSource).getFixedSize() + getArithmeticOffsetValue(sizeExpr, _) and hasFlowFromBufferOrSizeExprToUse(source.(DynamicAllocationSource).getSizeExprSource(_, _), sizeExpr) } - int getArithmeticOffsetValue(Expr expr) { - result = getStatedValue(expr.(PointerArithmeticExpr).getOperand()) - or - // edge-case: &(array[index]) expressions - result = getStatedValue(expr.(AddressOfExpr).getOperand().(PointerArithmeticExpr).getOperand()) - or - // AddExpr - result = getStatedValue(expr.(AddExpr).getAnOperand()) - or - // SubExpr - result = -getStatedValue(expr.(SubExpr).getAnOperand()) - or - // fall-back - not expr instanceof PointerArithmeticExpr and - not expr.(AddressOfExpr).getOperand() instanceof PointerArithmeticExpr and - result = 0 - } - /** * If the size is not computable locally, then it is either: * @@ -1012,12 +995,16 @@ module OOB { readBuffer = fc.getReadArg() and writeBuffer = fc.getWriteArg() and exists(int readSizeMult, int writeSizeMult, int readBufferSizeBase, int writeBufferSizeBase | + // the read and write buffer sizes must be derived from computable constants bufferUseComputableBufferSize(readBuffer, _, readBufferSizeBase) and bufferUseComputableBufferSize(writeBuffer, _, writeBufferSizeBase) and + // calculate the buffer byte sizes (size base is the number of elements) readSizeMult = fc.getReadSizeArgMult() and writeSizeMult = fc.getWriteSizeArgMult() and - readBufferSize = readBufferSizeBase - readSizeMult * getArithmeticOffsetValue(readBuffer) and - writeBufferSize = writeBufferSizeBase - writeSizeMult * getArithmeticOffsetValue(writeBuffer) and + readBufferSize = readBufferSizeBase - readSizeMult * getArithmeticOffsetValue(readBuffer, _) and + writeBufferSize = + writeBufferSizeBase - writeSizeMult * getArithmeticOffsetValue(writeBuffer, _) and + // the read buffer size is larger than the write buffer size readBufferSize > writeBufferSize and ( // if a size arg exists and it is computable, then it must be <= to the write buffer size @@ -1051,7 +1038,7 @@ module OOB { // If the bufferArg is an access of a static buffer, do not look for "long distance" sources (bufferArg instanceof StaticBufferAccessSource implies bufferSource = bufferArg) and sizeExprComputableSize(sizeArg, _, sizeArgValue) and - computedBufferSize = bufferArgSize - sizeMult.(float) * getArithmeticOffsetValue(bufferArg) and + computedBufferSize = bufferArgSize - sizeMult.(float) * getArithmeticOffsetValue(bufferArg, _) and computedSizeAccessed = sizeMult.(float) * (sizeArgValue + argNumCharactersOffset(bufferAccess, sizeArg)).(float) and computedBufferSize < computedSizeAccessed @@ -1074,7 +1061,7 @@ module OOB { bufferElementSize = fc.getWriteSizeArgMult() ) and bufferUseComputableBufferSize(bufferArg, _, bufferSize) and - bufferArgOffset = getArithmeticOffsetValue(bufferArg) * bufferElementSize and + bufferArgOffset = getArithmeticOffsetValue(bufferArg, _) * bufferElementSize and bufferArgOffset >= bufferSize ) } @@ -1100,8 +1087,8 @@ module OOB { sourceSizeExpr = source.getSizeExprSource(sourceSizeExprBase, sourceSizeExprOffset) and bufferUseNonComputableSize(bufferArg, source) and not globalValueNumber(sourceSizeExpr) = globalValueNumber(bufferSizeArg) and - sizeArgOffset = getArithmeticOffsetValue(bufferSizeArg.getAChild*()) and - bufferArgOffset = getArithmeticOffsetValue(bufferArg) and + sizeArgOffset = getArithmeticOffsetValue(bufferSizeArg.getAChild*(), _) and + bufferArgOffset = getArithmeticOffsetValue(bufferArg, _) and sourceSizeExprOffset + bufferArgOffset < sizeArgOffset ) } @@ -1119,7 +1106,7 @@ module OOB { ] and not fc.getTarget().(BufferAccessLibraryFunction).getAPermissiblyNullParameterIndex(i) and bufferArg = fc.getArgument(i) and - getStatedValue(bufferArg) = 0 + getMinStatedValue(bufferArg) = 0 ) } @@ -1181,7 +1168,7 @@ module OOB { // Not a size expression for which we can compute a specific size not sizeExprComputableSize(sizeArg, _, _) and // If the lower bound is less than zero, taking into account any offsets - lowerBound(sizeArg) + getArithmeticOffsetValue(bufferArg) < 0 + lowerBound(sizeArg) + getArithmeticOffsetValue(bufferArg, _) < 0 ) } From 1aa17665cec6c1207a0f93b78992ad46a950d328 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Thu, 6 Apr 2023 16:45:08 +0200 Subject: [PATCH 0977/2573] Add test case to ARR30-C --- ...OutOfBoundsPointersOrArraySubscripts.expected | 2 ++ c/cert/test/rules/ARR30-C/test.c | 16 ++++++++++++++++ 2 files changed, 18 insertions(+) diff --git a/c/cert/test/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.expected b/c/cert/test/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.expected index 1f4abf8f7b..2445a08e18 100644 --- a/c/cert/test/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.expected +++ b/c/cert/test/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.expected @@ -1,3 +1,5 @@ | test.c:8:3:8:11 | ... + ... | Buffer accesses offset 404 which is greater than the fixed size 400 of the $@. | test.c:8:3:8:5 | arr | buffer | | test.c:16:3:16:13 | ... + ... | Buffer access may be to a negative index in the buffer. | test.c:16:3:16:5 | arr | buffer | | test.c:21:5:21:15 | ... + ... | Buffer access may be to a negative index in the buffer. | test.c:21:5:21:7 | arr | buffer | +| test.c:41:17:41:30 | ... + ... | Buffer access may be to a negative index in the buffer. | test.c:41:17:41:22 | buffer | buffer | +| test.c:45:17:45:30 | ... + ... | Buffer accesses may access up to offset 101*1 which is greater than the fixed size 100 of the $@. | test.c:45:17:45:22 | buffer | buffer | diff --git a/c/cert/test/rules/ARR30-C/test.c b/c/cert/test/rules/ARR30-C/test.c index d033516d0e..ca58d58691 100644 --- a/c/cert/test/rules/ARR30-C/test.c +++ b/c/cert/test/rules/ARR30-C/test.c @@ -32,4 +32,20 @@ void test_valid_check_by_type(unsigned int index) { if (index < ARRAY_SIZE) { arr + index; // COMPLIANT - `index` cannot be be negative } +} + +void test_local_buffer_invalid_check(int index) { + char buffer[ARRAY_SIZE]; + + if (index < ARRAY_SIZE) { + char *ptr = buffer + index; // NON_COMPLIANT - `index` could be negative + } + + if (index >= 0 && index < ARRAY_SIZE + 2) { + char *ptr = buffer + index; // NON_COMPLIANT - `index` could be too large + } + + if (index >= 0 && index < ARRAY_SIZE) { + char *ptr = buffer + index; // COMPLIANT + } } \ No newline at end of file From 94a05c4c4ed74c5acc46bcc83a96fb2fb1433ecf Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Thu, 6 Apr 2023 16:48:26 +0200 Subject: [PATCH 0978/2573] Correct OutOfBounds.qll formatting --- c/common/src/codingstandards/c/OutOfBounds.qll | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/c/common/src/codingstandards/c/OutOfBounds.qll b/c/common/src/codingstandards/c/OutOfBounds.qll index ff29c31a77..010c01df5b 100644 --- a/c/common/src/codingstandards/c/OutOfBounds.qll +++ b/c/common/src/codingstandards/c/OutOfBounds.qll @@ -678,8 +678,7 @@ module OOB { } private class DynamicAllocationSource extends PointerToObjectSource instanceof AllocationExpr, - FunctionCall - { + FunctionCall { DynamicAllocationSource() { // exclude OperatorNewAllocationFunction to only deal with raw malloc-style calls, // which do not apply a multiple to the size of the allocation passed to them. From 0f6e74709562492f10f608af2f5fce461975750f Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Thu, 6 Apr 2023 17:35:05 +0200 Subject: [PATCH 0979/2573] Resolve performance issue in OutOfBounds.qll --- c/common/src/codingstandards/c/OutOfBounds.qll | 2 ++ 1 file changed, 2 insertions(+) diff --git a/c/common/src/codingstandards/c/OutOfBounds.qll b/c/common/src/codingstandards/c/OutOfBounds.qll index 010c01df5b..0f65b42c7a 100644 --- a/c/common/src/codingstandards/c/OutOfBounds.qll +++ b/c/common/src/codingstandards/c/OutOfBounds.qll @@ -968,6 +968,7 @@ module OOB { /** * Holds if `arg` refers to the number of characters excluding a null terminator */ + bindingset[fc, arg] private predicate isArgNumCharacters(BufferAccessLibraryFunctionCall fc, Expr arg) { exists(int i | arg = fc.getArgument(i) and @@ -979,6 +980,7 @@ module OOB { * Returns '1' if `arg` refers to the number of characters excluding a null terminator, * otherwise '0' if `arg` refers to the number of characters including a null terminator. */ + bindingset[fc, arg] private int argNumCharactersOffset(BufferAccess fc, Expr arg) { if isArgNumCharacters(fc, arg) then result = 1 else result = 0 } From 76ede05c49483d6b2e9b2c79e440c9f47f6516c9 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 6 Apr 2023 15:22:01 -0400 Subject: [PATCH 0980/2573] import performance suite --- scripts/performance_testing/Config.ps1 | 4 + .../Convert-DurationStringToMs.ps1 | 77 +++++++ .../Get-DurationString.ps1 | 12 + .../performance_testing/Get-QueryString.ps1 | 12 + .../Get-TestTmpDirectory.ps1 | 5 + scripts/performance_testing/README.md | 211 +++++++++++++++++ .../Test-ReleasePerformance.ps1 | 213 ++++++++++++++++++ .../performance_testing/profile_predicates.py | 203 +++++++++++++++++ 8 files changed, 737 insertions(+) create mode 100644 scripts/performance_testing/Config.ps1 create mode 100644 scripts/performance_testing/Convert-DurationStringToMs.ps1 create mode 100644 scripts/performance_testing/Get-DurationString.ps1 create mode 100644 scripts/performance_testing/Get-QueryString.ps1 create mode 100644 scripts/performance_testing/Get-TestTmpDirectory.ps1 create mode 100644 scripts/performance_testing/README.md create mode 100644 scripts/performance_testing/Test-ReleasePerformance.ps1 create mode 100644 scripts/performance_testing/profile_predicates.py diff --git a/scripts/performance_testing/Config.ps1 b/scripts/performance_testing/Config.ps1 new file mode 100644 index 0000000000..4ba1db78fd --- /dev/null +++ b/scripts/performance_testing/Config.ps1 @@ -0,0 +1,4 @@ +Import-Module -Name "$PSScriptRoot/../PSCodingStandards/CodingStandards" + +$REQUIRED_CODEQL_VERSION = (Get-Content (Join-Path (Get-RepositoryRoot) "supported_codeql_configs.json") | ConvertFrom-Json).supported_environment.codeql_cli + diff --git a/scripts/performance_testing/Convert-DurationStringToMs.ps1 b/scripts/performance_testing/Convert-DurationStringToMs.ps1 new file mode 100644 index 0000000000..043290deab --- /dev/null +++ b/scripts/performance_testing/Convert-DurationStringToMs.ps1 @@ -0,0 +1,77 @@ +function Convert-DurationStringToMs { + param( + [Parameter(Mandatory)] + [string] + $DurationString + ) + + $durationStack = @() + $unitStack = @() + + + $durationBuff = $false + $unitBuff = $false + + for($i=0; $i -le $DurationString.Length; $i++){ + $s = $DurationString[$i] + #Write-Host $s + if($s -match "\d|\."){ # consume if it is a number or a decimal + + # init buffer + if($durationBuff -eq $false){ + $durationBuff = "" + } + + # accept last unit + if(-Not $unitBuff -eq $false){ + $unitStack += $unitBuff + $unitBuff = $false + } + + $durationBuff += $s + }else{ # otherwise it is a unit -- multiply by it to get the ms. + + # init buffer + if($unitBuff -eq $false){ + $unitBuff = "" + } + + # accept last digit buffer + if(-Not $durationBuff -eq $false){ + $durationStack += $durationBuff + $durationBuff = $false + } + + $unitBuff += $s + } + } + + # should always end with accepting the last one (because it will be a + # unit) + $unitStack += $unitBuff + + $totalMs = 0 + + for($i=0; $i -le $unitStack.Length; $i++){ + + $time = [System.Convert]::ToDecimal($durationStack[$i]) + $unit = $unitStack[$i] + + if($unit -eq 'h'){ + $time = $time * (60*60*1000) + } + if($unit -eq 'm'){ + $time = $time * (60*1000) + } + if($unit -eq 's'){ + $time = $time * (1000) + } + if($unit -eq 'ms'){ + $time = $time + } + + $totalMs += $time + } + + return $totalMs +} \ No newline at end of file diff --git a/scripts/performance_testing/Get-DurationString.ps1 b/scripts/performance_testing/Get-DurationString.ps1 new file mode 100644 index 0000000000..cb38133427 --- /dev/null +++ b/scripts/performance_testing/Get-DurationString.ps1 @@ -0,0 +1,12 @@ +function Get-DurationString { + param( + [Parameter(Mandatory)] + [string] + $LogLine + ) + $In = $LogLine.IndexOf('eval')+5 + $Out = $LogLine.indexof(']') + + return $LogLine.substring($In, $Out - $In) +} + diff --git a/scripts/performance_testing/Get-QueryString.ps1 b/scripts/performance_testing/Get-QueryString.ps1 new file mode 100644 index 0000000000..d39ee863c1 --- /dev/null +++ b/scripts/performance_testing/Get-QueryString.ps1 @@ -0,0 +1,12 @@ +function Get-QueryString { + param( + [Parameter(Mandatory)] + [string] + $LogLine + ) + $In = $LogLine.IndexOf('Evaluation done; writing results to ')+36 + $Out = $LogLine.IndexOf('.bqrs') + + return $LogLine.SubString($In, $Out - $In) +} + diff --git a/scripts/performance_testing/Get-TestTmpDirectory.ps1 b/scripts/performance_testing/Get-TestTmpDirectory.ps1 new file mode 100644 index 0000000000..d2e0fb3f8d --- /dev/null +++ b/scripts/performance_testing/Get-TestTmpDirectory.ps1 @@ -0,0 +1,5 @@ +function Get-TestTmpDirectory { + $Dir = [System.IO.Path]::GetTempPath() + return Join-Path $Dir "$([System.Guid]::NewGuid())" +} + diff --git a/scripts/performance_testing/README.md b/scripts/performance_testing/README.md new file mode 100644 index 0000000000..cc2414b0ad --- /dev/null +++ b/scripts/performance_testing/README.md @@ -0,0 +1,211 @@ +# Performance Testing + +Performance testing may be accomplished by using the performance testing tool found in this directory, `Test-ReleasePerformance.ps1`. Note that this script depends on other files from this repository. It may be run on external builds of Coding Standards through the `-CodingStandardsPath` flag, but it should be run from a fresh checkout of this repository. + +This script requires `pwsh` to be installed. Note that the Windows native Powershell is not sufficient and you should download PowerShell Core. + +- Installing on Windows: https://learn.microsoft.com/en-us/powershell/scripting/install/installing-powershell-on-windows?view=powershell-7.3 +- Installing on Linux: https://learn.microsoft.com/en-us/powershell/scripting/install/installing-powershell-on-linux?view=powershell-7.3 +- Installing on MacOS: https://learn.microsoft.com/en-us/powershell/scripting/install/installing-powershell-on-macos?view=powershell-7.3 + +Before invoking this script you should start a powershell session by typing `pwsh` at a command prompt. + +## Usage + +``` +NAME + .\scripts\performance_testing\Test-ReleasePerformance.ps1 + +SYNOPSIS + Test release performance. Generates outputs 2 csv files containing the slowest predicates as well as the queries + causing work. Note that the method of computing query execution time is inaccurate due to the shared nature of + predicates. + + +SYNTAX + C:\Projects\codeql-coding-standards\scripts\performance_testing\Test-ReleasePerformance.ps1 -RunTests [-Threads ] -DatabaseArchive + [-TestTimestamp ] [-CodingStandardsPath ] [-ResultsDirectory ] [-ReleaseTag ] -Suite [-Platform ] -Language + [] + + C:\Projects\codeql-coding-standards\scripts\performance_testing\Test-ReleasePerformance.ps1 -ProcessResults -ResultsFile [-ResultsDirectory ] + [-ReleaseTag ] -Suite [-Platform ] -Language [] + + +DESCRIPTION + Test release performance. Generates outputs 2 csv files containing the slowest predicates as well as the queries + causing work. Note that the method of computing query execution time is inaccurate due to the shared nature of + predicates. + + +PARAMETERS + -RunTests [] + Configures tool to run tests. + + Required? true + Position? named + Default value False + Accept pipeline input? false + Accept wildcard characters? false + + -Threads + Specifies the number of threads to use. + + Required? false + Position? named + Default value 5 + Accept pipeline input? false + Accept wildcard characters? false + + -DatabaseArchive + Specifies the database to use for testing. Should be a zipped database + directory. + + Required? true + Position? named + Default value + Accept pipeline input? false + Accept wildcard characters? false + + -TestTimestamp + The timestamp to use for the test. + + Required? false + Position? named + Default value (Get-Date -Format "yyyy-MM-dd_HH-mm-ss") + Accept pipeline input? false + Accept wildcard characters? false + + -CodingStandardsPath + The path to the coding standards root directory. This can be either the + root of the repository or the root of the coding standards directory. + + Required? false + Position? named + Default value "$PSScriptRoot../../" + Accept pipeline input? false + Accept wildcard characters? false + + -ProcessResults [] + + Required? true + Position? named + Default value False + Accept pipeline input? false + Accept wildcard characters? false + + -ResultsFile + Configures tool to process results. + + Required? true + Position? named + Default value + Accept pipeline input? false + Accept wildcard characters? false + + -ResultsDirectory + Where results should be written to. + + Required? false + Position? named + Default value (Get-Location) + Accept pipeline input? false + Accept wildcard characters? false + + -ReleaseTag + The release tag to use for the test. + + Required? false + Position? named + Default value current + Accept pipeline input? false + Accept wildcard characters? false + + -Suite + Which suite to run. + + Required? true + Position? named + Default value + Accept pipeline input? false + Accept wildcard characters? false + + -Platform + The platform to run on. This is just a descriptive string. + + Required? false + Position? named + Default value $PSVersionTable.Platform + Accept pipeline input? false + Accept wildcard characters? false + + -Language + The language to run on. + + Required? true + Position? named + Default value + Accept pipeline input? false + Accept wildcard characters? false + + + This cmdlet supports the common parameters: Verbose, Debug, + ErrorAction, ErrorVariable, WarningAction, WarningVariable, + OutBuffer, PipelineVariable, and OutVariable. For more information, see + about_CommonParameters (https://go.microsoft.com/fwlink/?LinkID=113216). + +INPUTS + +OUTPUTS + + +RELATED LINKS + +``` +## Example Usage + +Run the `cert` suite for `c` from within the Coding Standards repository. + +``` +.\scripts\performance_testing\Test-ReleasePerformance.ps1 -RunTests -DatabaseArchive ..\codeql-coding-standards-release-engineering\data\commaai-openpilot-72d1744d830bc249d8761a1d843a98fb0ced49fe-cpp.zip -Suite cert -Language c +``` + +Run the `cert` suite for `c` on an external release, specifying a `-ReleaseTag` as well. The `-ReleaseTag` parameter does not have to match the code you are testing, it is for organization purposes only. + +``` +.\scripts\performance_testing\Test-ReleasePerformance.ps1 -RunTests -DatabaseArchive ..\codeql-coding-standards-release-engineering\data\commaai-openpilot-72d1744d830bc249d8761a1d843a98fb0ced49fe-cpp.zip -Suite cert -Language c -ReleaseTag "2.16.0" -CodingStandardsPath "Downloads\code-scanning-cpp-query-pack-2.16.0\codeql-coding-standards\" +``` + + + +## Outputs + +The `Test-ReleasePerformance.ps1` produces three files in the `ResultsDirectory` location, which defaults `performance_tests` within the current working directory. + +- `suite=$Suite,datum=queries.csv` - Which contains the run time for each query. +- `suite=$Suite,datum=evaluator-log.json` - Which contains the evaluator log. +- `suite=$Suite,datum=sarif.sarif` - The sarif log file for the run. + +## Profiling Predicates + +If you wish to extract predicate-level profiling information, you may use the script `profile_predicates.py` located in this directory. It requires Python3 with `pandas` and `numpy` to work. If you wish to use a virtual environment you may create one as follows on a Unix-based platform: + +``` +python -mvenv venv +source venv/bin/activate +pip install pandas numpy +``` + +The script works by summarizing ALL of the csv and json files within a given directory. Thus, if you want to profile multiple suites or multiple releases you may place the files within that directory by repeatedly invoking `Test-ReleasePerformance.ps1.` Make sure to supply the same output directory each time so that the results accumulate in the correct location. + +To invoke the script run: + +``` +python scripts/performance_testing/profile_predicates.py +``` + +For example: +``` +python .\scripts\performance_testing\profile_predicates.py .\performance_tests\ +``` + +This will produce an additional CSV file per release, platform, and language within that directory called: `slow-log,datum=predicates,release={release},platform={platform},language={language}.csv` which will contain the execution times of all of the predicates used during execution. diff --git a/scripts/performance_testing/Test-ReleasePerformance.ps1 b/scripts/performance_testing/Test-ReleasePerformance.ps1 new file mode 100644 index 0000000000..c82c3f3e5c --- /dev/null +++ b/scripts/performance_testing/Test-ReleasePerformance.ps1 @@ -0,0 +1,213 @@ +<# +.SYNOPSIS + Test release performance. Generates outputs 2 csv files containing the slowest predicates as well as the queries + causing work. Note that the method of computing query execution time is inaccurate due to the shared nature of + predicates. + +.DESCRIPTION + Test release performance. Generates outputs 2 csv files containing the slowest predicates as well as the queries + causing work. Note that the method of computing query execution time is inaccurate due to the shared nature of + predicates. +#> +param( + # Configures tool to run tests. + [Parameter(Mandatory, ParameterSetName = 'RunTests')] + [switch] + $RunTests, + + # Specifies the number of threads to use. + [Parameter(Mandatory=$false, ParameterSetName = 'RunTests')] + [string] + $Threads=5, + + # Specifies the database to use for testing. Should be a zipped database + # directory. + [Parameter(Mandatory, ParameterSetName = 'RunTests')] + [string] + $DatabaseArchive, + + # The timestamp to use for the test. + [Parameter(Mandatory = $false, ParameterSetName = 'RunTests')] + [string] + $TestTimestamp=(Get-Date -Format "yyyy-MM-dd_HH-mm-ss"), + + # The path to the coding standards root directory. This can be either the + # root of the repository or the root of the coding standards directory. + [Parameter(Mandatory=$false, ParameterSetName = 'RunTests')] + [string] + $CodingStandardsPath="$PSScriptRoot/../../", + + [Parameter(Mandatory, ParameterSetName = 'ProcessResults')] + [switch] + $ProcessResults, + + # Configures tool to process results. + [Parameter(Mandatory, ParameterSetName = 'ProcessResults')] + [string] + $ResultsFile, + # Where results should be written to. + [Parameter(Mandatory=$false)] + [string] + $ResultsDirectory = (Join-Path (Get-Location) "performance_tests"), + + # The release tag to use for the test. + [Parameter(Mandatory=$false)] + [string] + $ReleaseTag = "current", + # Which suite to run. + [Parameter(Mandatory)] + [ValidateSet('cert', 'misra', 'autosar')] + [string] + $Suite, + # The platform to run on. This is just a descriptive string. + [Parameter(Mandatory=$false)] + [string] + $Platform=$PSVersionTable.Platform, + # The language to run on. + [Parameter(Mandatory)] + [ValidateSet('c', 'cpp')] + [string] + $Language +) + +Import-Module -Name "$PSScriptRoot/../PSCodingStandards/CodingStandards" + +. "$PSScriptRoot/Config.ps1" +. "$PSScriptRoot/Get-TestTmpDirectory.ps1" +. "$PSScriptRoot/Convert-DurationStringToMs.ps1" +. "$PSScriptRoot/Get-DurationString.ps1" +. "$PSScriptRoot/Get-QueryString.ps1" + +# Test Programs +Write-Host "Checking 'codeql' program...." -NoNewline +Test-ProgramInstalled -Program "codeql" +Write-Host -ForegroundColor ([ConsoleColor]2) "OK" + +$CODEQL_VERSION = (codeql version --format json | ConvertFrom-Json).version + +Write-Host "Checking 'codeql' version = $REQUIRED_CODEQL_VERSION...." -NoNewline +if (-Not ($CODEQL_VERSION -eq $REQUIRED_CODEQL_VERSION)) { + throw "Invalid CodeQL version $CODEQL_VERSION. Please install $REQUIRED_CODEQL_VERSION." +} +Write-Host -ForegroundColor ([ConsoleColor]2) "OK" + + + +# Create the results/work directory +$RESULTS_DIRECTORY = Get-TestTmpDirectory +New-Item -Path $RESULTS_DIRECTORY -ItemType Directory | Out-Null + +Write-Host "Writing Results to $RESULTS_DIRECTORY" + +if (-Not $ProcessResults){ + + $DB_UNPACKED_TMP = Join-Path $RESULTS_DIRECTORY db-unpacked + $DB_UNPACKED = Join-Path $RESULTS_DIRECTORY db + $DB_FILENAME = (Get-Item $DatabaseArchive).Name + Write-Host "Copying database to $RESULTS_DIRECTORY..." + # Copy and unpack the dataset + Copy-Item -Path $DatabaseArchive -Destination $RESULTS_DIRECTORY + + Expand-Archive -LiteralPath $RESULTS_DIRECTORY\$DB_FILENAME -DestinationPath $DB_UNPACKED_TMP + + foreach($f in Get-ChildItem $DB_UNPACKED_TMP){ + Move-Item -Path $f -Destination $DB_UNPACKED + } + + + $SARIF_OUT = Join-Path $RESULTS_DIRECTORY "suite=$Suite,datum=sarif.sarif" + $EvaluatorLog = Join-Path $RESULTS_DIRECTORY "evaluator-log.json" + $EvaluatorResults = Join-Path $RESULTS_DIRECTORY "evaluator-results.json" + + + $stdOut = Join-Path ([System.IO.Path]::GetTempPath()) ([System.Guid]::NewGuid()) + $stdErr = Join-Path ([System.IO.Path]::GetTempPath()) ([System.Guid]::NewGuid()) + + Write-Host "Standard Out Buffered to: $stdOut" + Write-Host "Standard Error Buffered to: $stdErr" + + $SuiteRoot = Join-Path $Language $Suite "src" "codeql-suites" + # For some reason nothing is written to stdout so we use stderr + $SuitePath = Join-Path $CodingStandardsPath $SuiteRoot ($Suite + "-default.qls") + $procDetails = Start-Process -FilePath "codeql" -PassThru -NoNewWindow -Wait -ArgumentList "database analyze --rerun --threads $Threads --debug --tuple-counting --evaluator-log=$EvaluatorLog --format sarif-latest --search-path $(Resolve-Path $CodingStandardsPath) --output $SARIF_OUT $DB_UNPACKED $SuitePath" -RedirectStandardOutput $stdOut -RedirectStandardError $stdErr + + if (-Not $procDetails.ExitCode -eq 0) { + Get-Content $stdErr | Out-String | Write-Host + Write-Host -ForegroundColor ([ConsoleColor]4) "FAILED" + throw "Performance suite failed to run. Will not report data." + } + else { + Write-Host -ForegroundColor ([ConsoleColor]2) "OK" + $runData = $stdErr + } + +}else{ + $runData = $ResultsFile +} +# Step 1: Compile data from queries +# +$PERFORMANCE_DATA = @() + +foreach($l in Get-Content $runData){ + + # skip lines that aren't ones we can process + if(-Not $l.Contains("Evaluation done;")){ + continue + } + + $durationString = Get-DurationString -LogLine $l + $queryString = Get-QueryString -LogLine $l + $timeInMs = Convert-DurationStringToMs -DurationString $durationString + + $row = @{ + "Query" = $queryString; + "TimeInMs" = $timeInMs; + } + + Write-Host "LOG: Duration=$durationString; TimeInMs=$timeInMs; Query=$queryString" + + $PERFORMANCE_DATA += $row +} +# Step 2: Compile predicate data +# +# + +# the data must first be transformed +$procDetails = Start-Process -FilePath "codeql" -PassThru -NoNewWindow -Wait -ArgumentList "generate log-summary $EvaluatorLog $EvaluatorResults" + +if (-Not $procDetails.ExitCode -eq 0) { + Write-Host -ForegroundColor ([ConsoleColor]4) "FAILED" + throw "Did not find performance results summary." +} +else { + Write-Host -ForegroundColor ([ConsoleColor]2) "OK" +} + + +# Step 3: Write out granular performance data +# +# We root this in $ResultsDirectory/release-$Release-/platform-/$Suite.csv + +# Create the Directory (and it's parents) +$outputDirectory = (Join-Path $ResultsDirectory "release=$ReleaseTag,testedOn=$TestTimestamp" "platform=$Platform" "language=$Language") +$outputDirectorySARIF = $outputDirectory + +$queryOutputFile = Join-Path $outputDirectory "suite=$Suite,datum=queries.csv" +$evaluatorResultsFile = Join-Path $outputDirectory "suite=$Suite,datum=evaluator-log.json" + +# Create the output directory. +# note there is no need to create the sarif out directory -- it will be created +# by the copy command, below. + +New-Item -Type Directory -Path $outputDirectory -ErrorAction Ignore | Out-Null + + +# Copy processed results out +Copy-Item -Path $EvaluatorResults -Destination $evaluatorResultsFile +Copy-Item -Path $SARIF_OUT -Destination $outputDirectorySARIF + +# Write out the report +Write-Host "Writing report to $queryOutputFile" +foreach ($r in $PERFORMANCE_DATA) { + [PSCustomObject]$r | Export-CSV -Path $queryOutputFile -Append -NoTypeInformation +} \ No newline at end of file diff --git a/scripts/performance_testing/profile_predicates.py b/scripts/performance_testing/profile_predicates.py new file mode 100644 index 0000000000..f584503bb5 --- /dev/null +++ b/scripts/performance_testing/profile_predicates.py @@ -0,0 +1,203 @@ +# %% +import numpy as np +import pandas as pd +import subprocess +import glob +from pathlib import Path +import json +import math +import sys +# %% + +if len(sys.argv) < 2: + print("Usage: python profile_predicates.py ") + sys.exit(0) + +root_path = Path(sys.argv[1]) +#%% +# root_path = Path("../../performance_tests/") + + +# We only process the LATEST run for a given release x suite x platform. To support this function +# we loop over all of the possible CSV files and add a file to the "load" list +# only if it has a newer `testedOn` value. +datafiles = {} + + +def path_to_tuple(path): + parts = path.parts + + part_suite = parts[-1] + part_language = parts[-2] + part_platform = parts[-3] + part_release = parts[-4] + + release = part_release.split(",")[0].split("=")[1] + testedOn = part_release.split(",")[1].split("=")[1] + platform = part_platform.split("=")[1] + language = part_language.split("=")[1] + suite = part_suite.split(".")[0].split("=")[1].split(",")[0] + + return release, testedOn, platform, language, suite +#%% + +for f in root_path.glob(f"release*/**/*datum=evaluator-log.json"): + release, testedOn, platform, language, suite = path_to_tuple(f) + + hashEntry = { + "release": release, + "testedOn": testedOn, + "platform": platform, + "language": language, + "suite": suite, + "dataFile": f + } + + if not release in datafiles.keys(): + datafiles[(release, platform, suite, language)] = hashEntry + else: + existing = datafiles[(release, platform, suite, language)] + + if existing["testedOn"] > testedOn: + datafiles[(release, platform, suite, language)] = hashEntry +# %% +summary_df = pd.DataFrame(columns=[ + 'Release', + 'Run', + 'Platform', + 'Language', + 'Suite', + 'Predicate', + 'Execution_Time_Ms' +]) + + +new_rows = { + 'Release': [], + 'Run': [], + 'Platform': [], + 'Language': [], + 'Suite': [], + 'Predicate': [], + 'Execution_Time_Ms': [] +} + +for K, V in datafiles.items(): + print(f"Loading {str(V['dataFile'])}...", end=None) + + # we need to load the data file and then parse each JSON row + with open(V['dataFile'], 'r') as f: + json_line_data = f.read() + #json_line_objects = re.split(r"(?m)^\n", json_line_data) + json_line_objects = json_line_data.split('\n\n') + + + print(f"Done.") + + for json_line_object in json_line_objects: + + #print(".", end="None") + + # quickly do this before bothering to parse the JSON + if not ("predicateName" in json_line_object and "COMPUTE_SIMPLE" in json_line_object): + continue + + json_object = json.loads(json_line_object) + + if not "predicateName" in json_object: + continue + + if json_object["predicateName"] == "output": + continue + + + if not json_object["evaluationStrategy"] == "COMPUTE_SIMPLE": + continue + + new_rows['Release'].append(V["release"]) + new_rows['Run'].append(V["testedOn"]) + new_rows['Platform'].append(V["platform"]) + new_rows['Language'].append(V["language"]) + new_rows['Suite'].append(V["suite"]) + new_rows['Predicate'].append(json_object["predicateName"]) + new_rows['Execution_Time_Ms'].append(json_object["millis"]) + +new_df = pd.DataFrame(new_rows) +summary_df = pd.concat([summary_df, new_df]) + +# %% +# %% +performance_df = pd.DataFrame( + columns=[ + 'Release', + 'Platform', + 'Language', + 'Total_Serialized_Execution_Time_Ms', + 'Mean_Predicate_Execution_Time_Ms', + 'Median_Predicate_Execution_Time_Ms', + 'Standard_Deviation_Ms', + 'Total_Serialized_Execution_Time_s', + 'Mean_Query_Execution_Time_s', + 'Median_Predicate_Execution_Time_s', + 'Percentile95_Ms', + 'Number_of_Predicates' + ] +) + +summary_df_grouped = summary_df.groupby(['Release', 'Platform', 'Language']) + +for _, df_group in summary_df_grouped: + + release = df_group["Release"].iloc[0] + platform = df_group["Platform"].iloc[0] + language = df_group["Language"].iloc[0] + + print(f"Processing Platform={platform}, Language={language}, Release={release}") + + + execution_time = df_group["Execution_Time_Ms"].sum() + execution_time_mean = df_group["Execution_Time_Ms"].mean() + execution_time_median = df_group["Execution_Time_Ms"].median() + execution_time_std = df_group["Execution_Time_Ms"].std() + percentile_95 = df_group["Execution_Time_Ms"].quantile(.95) + num_queries = len(df_group) + + row_df = pd.DataFrame({ + 'Release' : [release], + 'Platform' : [platform], + 'Language' : [language], + 'Total_Serialized_Execution_Time_Ms' : [execution_time], + 'Mean_Predicate_Execution_Time_Ms' : [execution_time_mean], + 'Median_Predicate_Execution_Time_Ms' : [execution_time_median], + 'Standard_Deviation_Ms' : [execution_time_std], + 'Total_Serialized_Execution_Time_s' : [execution_time/1000], + 'Mean_Query_Execution_Time_s' : [execution_time_mean/1000], + 'Median_Predicate_Execution_Time_s' : [execution_time_median/1000], + 'Percentile95_Ms' : [percentile_95], + 'Number_of_Predicates' : [num_queries] + }) + + performance_df = pd.concat([performance_df, row_df]) + +#%% +# write out the high level performance summary +performance_df.to_csv(root_path.joinpath('performance-history,datum=predicate.csv'), index=False) +#%% +# write out all queries for every suite that are greater than the 95th +# percentile +for _, row in performance_df.iterrows(): + + + release = row["Release"] + platform = row["Platform"] + language = row["Language"] + percentile_95 = row["Percentile95_Ms"] + + rpl_df = summary_df[(summary_df["Release"] == release) & (summary_df["Platform"] == platform) & (summary_df["Language"] == language)] + g95 = rpl_df[(rpl_df["Execution_Time_Ms"] >= percentile_95)] + + g95 = g95.sort_values(by='Execution_Time_Ms', ascending=False) + + g95.to_csv(root_path.joinpath(f"slow-log,datum=predicates,release={release},platform={platform},language={language}.csv"), index=False) + + From 68937dec0ac220518a1c181333a34defc682bd24 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 6 Apr 2023 16:03:14 -0400 Subject: [PATCH 0981/2573] english --- scripts/performance_testing/README.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/scripts/performance_testing/README.md b/scripts/performance_testing/README.md index cc2414b0ad..90b997b6fc 100644 --- a/scripts/performance_testing/README.md +++ b/scripts/performance_testing/README.md @@ -1,6 +1,8 @@ # Performance Testing -Performance testing may be accomplished by using the performance testing tool found in this directory, `Test-ReleasePerformance.ps1`. Note that this script depends on other files from this repository. It may be run on external builds of Coding Standards through the `-CodingStandardsPath` flag, but it should be run from a fresh checkout of this repository. +Performance testing may be accomplished by using the performance testing tool found in this directory, `Test-ReleasePerformance.ps1`. These results may be further processed to provide predicate level performance details by using the script `profile_predicates.py`, which is documented in the [Profiling Predicates section.](#profiling-predicates), below. + +Note that this script depends on other files from this repository. It may be run on external builds of Coding Standards through the `-CodingStandardsPath` flag, but it should be run from a fresh checkout of this repository. This script requires `pwsh` to be installed. Note that the Windows native Powershell is not sufficient and you should download PowerShell Core. @@ -169,7 +171,7 @@ Run the `cert` suite for `c` from within the Coding Standards repository. .\scripts\performance_testing\Test-ReleasePerformance.ps1 -RunTests -DatabaseArchive ..\codeql-coding-standards-release-engineering\data\commaai-openpilot-72d1744d830bc249d8761a1d843a98fb0ced49fe-cpp.zip -Suite cert -Language c ``` -Run the `cert` suite for `c` on an external release, specifying a `-ReleaseTag` as well. The `-ReleaseTag` parameter does not have to match the code you are testing, it is for organization purposes only. +Run the `cert` suite for `c` on an external release, specifying a `-ReleaseTag` as well. The `-ReleaseTag` parameter is used for configuring performance tool to generate files within subdirectories with the `-ReleaseTag` as a prefix. For example, specifying `-ReleaseTag "2.16.0"` will cause files to be generated in the `release=2.16.0` directory. ``` .\scripts\performance_testing\Test-ReleasePerformance.ps1 -RunTests -DatabaseArchive ..\codeql-coding-standards-release-engineering\data\commaai-openpilot-72d1744d830bc249d8761a1d843a98fb0ced49fe-cpp.zip -Suite cert -Language c -ReleaseTag "2.16.0" -CodingStandardsPath "Downloads\code-scanning-cpp-query-pack-2.16.0\codeql-coding-standards\" From 3b8361ae0e195bce58782cc23977eafa4fa93ac0 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Fri, 7 Apr 2023 01:02:28 +0200 Subject: [PATCH 0982/2573] Expand ARR30-C coverage and test + add comments --- ...OfBoundsPointersOrArraySubscripts.expected | 6 ++ c/cert/test/rules/ARR30-C/test.c | 20 +++- .../src/codingstandards/c/OutOfBounds.qll | 95 ++++++++++++++++--- 3 files changed, 108 insertions(+), 13 deletions(-) diff --git a/c/cert/test/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.expected b/c/cert/test/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.expected index 2445a08e18..41dac9dc60 100644 --- a/c/cert/test/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.expected +++ b/c/cert/test/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.expected @@ -3,3 +3,9 @@ | test.c:21:5:21:15 | ... + ... | Buffer access may be to a negative index in the buffer. | test.c:21:5:21:7 | arr | buffer | | test.c:41:17:41:30 | ... + ... | Buffer access may be to a negative index in the buffer. | test.c:41:17:41:22 | buffer | buffer | | test.c:45:17:45:30 | ... + ... | Buffer accesses may access up to offset 101*1 which is greater than the fixed size 100 of the $@. | test.c:45:17:45:22 | buffer | buffer | +| test.c:55:5:55:13 | ... - ... | Buffer access may be to a negative index in the buffer. | test.c:55:5:55:9 | ptr16 | buffer | +| test.c:57:5:57:14 | ... + ... | Buffer accesses offset 22 which is greater than the fixed size 20 of the $@. | test.c:57:5:57:9 | ptr16 | buffer | +| test.c:58:5:58:14 | ... - ... | Buffer access may be to a negative index in the buffer. | test.c:58:5:58:9 | ptr16 | buffer | +| test.c:63:3:63:9 | access to array | Buffer access may be to a negative index in the buffer. | test.c:63:3:63:5 | arr | buffer | +| test.c:65:3:65:9 | access to array | Buffer accesses offset 44 which is greater than the fixed size 40 of the $@. | test.c:65:3:65:5 | arr | buffer | +| test.c:66:3:66:10 | access to array | Buffer access may be to a negative index in the buffer. | test.c:66:3:66:5 | arr | buffer | diff --git a/c/cert/test/rules/ARR30-C/test.c b/c/cert/test/rules/ARR30-C/test.c index ca58d58691..4d3f077c33 100644 --- a/c/cert/test/rules/ARR30-C/test.c +++ b/c/cert/test/rules/ARR30-C/test.c @@ -4,11 +4,11 @@ enum { ARRAY_SIZE = 100 }; static int arr[ARRAY_SIZE]; -void test_fixed_wrong() { +void test_fixed_wrong(void) { arr + 101; // NON_COMPLIANT } -void test_fixed_right() { +void test_fixed_right(void) { arr + 2; // COMPLIANT } @@ -48,4 +48,20 @@ void test_local_buffer_invalid_check(int index) { if (index >= 0 && index < ARRAY_SIZE) { char *ptr = buffer + index; // COMPLIANT } +} + +void test_dereference_pointer_arithmetic_const(void) { + short ptr16[10]; + *(ptr16 - 1); // NON_COMPLIANT - offset is negative + *(ptr16 + 5); // COMPLIANT + *(ptr16 + 11); // NON_COMPLIANT - offset is too large + *(ptr16 - 11); // NON_COMPLIANT - offset is negative +} + +void test_array_expr_const(void) { + int arr[10]; + arr[-1]; // NON_COMPLIANT - offset is negative + arr[5]; // COMPLIANT + arr[11]; // NON_COMPLIANT - offset is too large + arr[-11]; // NON_COMPLIANT - offset is negative } \ No newline at end of file diff --git a/c/common/src/codingstandards/c/OutOfBounds.qll b/c/common/src/codingstandards/c/OutOfBounds.qll index 0f65b42c7a..ad23e7a53e 100644 --- a/c/common/src/codingstandards/c/OutOfBounds.qll +++ b/c/common/src/codingstandards/c/OutOfBounds.qll @@ -15,6 +15,11 @@ import semmle.code.cpp.dataflow.DataFlow import semmle.code.cpp.valuenumbering.GlobalValueNumbering module OOB { + /** + * Holds if `result` is either `name` or a string matching a pattern such as + * `__builtin_*name*_chk` or similar. This predicate exists to model internal functions + * such as `__builtin___memcpy_chk` under a common `memcpy` name in the table. + */ bindingset[name, result] string getNameOrInternalName(string name) { result = name or @@ -288,6 +293,10 @@ module OOB { p.getType().getUnspecifiedType().(DerivedType).getBaseType().getSize().maximum(1) = result } + /** + * Holds if `i` is the index of a parameter of this function that requires arguments to be null-terminated. + * This predicate should be overriden by extending classes to specify null-terminated parameters, if necessary. + */ predicate getANullTerminatedParameterIndex(int i) { // by default, require null-terminated parameters for src but // only if the type of src is a plain char pointer or wchar_t. @@ -301,12 +310,20 @@ module OOB { ) } + /** + * Holds if `i` is the index of a parameter of this function that is a size multiplier. + * This predicate should be overriden by extending classes to specify size multiplier parameters, if necessary. + */ predicate getASizeMultParameterIndex(int i) { // by default, there is no size multiplier parameter // exceptions: fread, fwrite, bsearch, qsort none() } + /** + * Holds if `i` is the index of a parameter of this function that expects an element count rather than buffer size argument. + * This predicate should be overriden by extending classes to specify length parameters, if necessary. + */ predicate getALengthParameterIndex(int i) { // by default, size parameters do not exclude the size of a null terminator none() @@ -314,6 +331,7 @@ module OOB { /** * Holds if the read or write parameter at index `i` is allowed to be null. + * This predicate should be overriden by extending classes to specify permissibly null parameters, if necessary. */ predicate getAPermissiblyNullParameterIndex(int i) { // by default, pointer parameters are not allowed to be null @@ -569,6 +587,8 @@ module OOB { } int getSizeMultArgValue() { + // Note: This predicate currently expects the size multiplier argument to be a constant. + // This implementation could be improved with range-analysis or data-flow to determine the argument value. exists(int i | this.getTarget().(BufferAccessLibraryFunction).getASizeMultParameterIndex(i) and result = this.getArgument(i).getValue().toInt() @@ -596,6 +616,12 @@ module OOB { * Because range-analysis can over-widen bounds, take the minimum of range analysis and data-flow sources. * * If there is no source value that flows to `e`, this predicate does not hold. + * + * This predicate, if `e` is the size argument to malloc, would return `20` for the following example: + * ``` + * size_t sz = condition ? 10 : 20; + * malloc(sz); + * ``` */ private int getMaxStatedValue(Expr e) { result = upperBound(e).minimum(max(getSourceConstantExpr(e).getValue().toInt())) @@ -606,6 +632,12 @@ module OOB { * Because range-analysis can over-widen bounds, take the minimum of range analysis and data-flow sources. * * If there is no source value that flows to `e`, this predicate does not hold. + * + * This predicate, if `e` is the size argument to malloc, would return `10` for the following example: + * ``` + * size_t sz = condition ? 10 : 20; + * malloc(sz); + * ``` */ private int getMinStatedValue(Expr e) { result = upperBound(e).minimum(min(getSourceConstantExpr(e).getValue().toInt())) @@ -809,6 +841,8 @@ module OOB { override predicate isNotNullTerminated() { // StringLiteral::getOriginalLength uses Expr::getValue, which implicitly truncates string literal // values to the length fitting the buffer they are assigned to, thus breaking the 'obvious' check. + // Note: `CharArrayInitializedWithStringLiteral` falsely reports the string literal length in certain cases + // (e.g. when the string literal contains escape characters or on certain compilers), resulting in false-negatives exists(CharArrayInitializedWithStringLiteral init | init = this.(VariableAccess).getTarget().getInitializer().getExpr() and init.getStringLiteralLength() + 1 > init.getContainerLength() @@ -869,7 +903,8 @@ module OOB { override predicate isNotNullTerminated() { none() } } - private class PointerToObjectSourceOrSizeToBufferAccessFunctionConfig extends DataFlow::Configuration { + private class PointerToObjectSourceOrSizeToBufferAccessFunctionConfig extends DataFlow::Configuration + { PointerToObjectSourceOrSizeToBufferAccessFunctionConfig() { this = "PointerToObjectSourceOrSizeToBufferAccessFunctionConfig" } @@ -922,9 +957,11 @@ module OOB { ) } - private predicate bufferUseComputableBufferSize(Expr bufferUse, Expr source, int size) { + private predicate bufferUseComputableBufferSize( + Expr bufferUse, PointerToObjectSource source, int size + ) { // flow from a PointerToObjectSource for which we can compute the exact size - size = source.(PointerToObjectSource).getFixedSize() and + size = source.getFixedSize() and hasFlowFromBufferOrSizeExprToUse(source, bufferUse) } @@ -933,12 +970,21 @@ module OOB { hasFlowFromBufferOrSizeExprToUse(source.(DynamicAllocationSource), bufferUse) } + /** + * Relates `sizeExpr`, a buffer access size expresion, to `source`, which is either `sizeExpr` + * if `sizeExpr` has a stated value, or a `DynamicAllocationSource::getSizeExprSource` for which + * we can compute the exact size and that has flow to `sizeExpr`. + */ private predicate sizeExprComputableSize(Expr sizeExpr, Expr source, int size) { - // computable direct value + // computable direct value, e.g. array_base[10], where "10" is sizeExpr and source. size = getMinStatedValue(sizeExpr) and source = sizeExpr or - // computable source value that flows to the size expression + // computable source value that flows to the size expression, e.g. in cases such as the following: + // size_t sz = 10; + // malloc(sz); + // ... sz passed interprocedurally to another function ... + // use(p, sz + 1); size = source.(DynamicAllocationSource).getFixedSize() + getArithmeticOffsetValue(sizeExpr, _) and hasFlowFromBufferOrSizeExprToUse(source.(DynamicAllocationSource).getSizeExprSource(_, _), sizeExpr) @@ -1025,6 +1071,13 @@ module OOB { ) } + /** + * Holds if `sizeArg` is the right operand of a `PointerSubExpr` + */ + predicate isSizeArgPointerSubExprRightOperand(Expr sizeArg) { + exists(PointerSubExpr subExpr | sizeArg = subExpr.getRightOperand()) + } + /** * Holds if the BufferAccess `bufferAccess` results in a buffer overflow due to a size argument * or buffer access offset being greater in size than the buffer size being accessed or written to. @@ -1040,8 +1093,18 @@ module OOB { (bufferArg instanceof StaticBufferAccessSource implies bufferSource = bufferArg) and sizeExprComputableSize(sizeArg, _, sizeArgValue) and computedBufferSize = bufferArgSize - sizeMult.(float) * getArithmeticOffsetValue(bufferArg, _) and - computedSizeAccessed = - sizeMult.(float) * (sizeArgValue + argNumCharactersOffset(bufferAccess, sizeArg)).(float) and + // Handle cases such as *(ptr - 1) + ( + if isSizeArgPointerSubExprRightOperand(sizeArg) + then + computedSizeAccessed = + sizeMult.(float) * + (-sizeArgValue + argNumCharactersOffset(bufferAccess, sizeArg)).(float) + else + computedSizeAccessed = + sizeMult.(float) * + (sizeArgValue + argNumCharactersOffset(bufferAccess, sizeArg)).(float) + ) and computedBufferSize < computedSizeAccessed ) } @@ -1166,10 +1229,20 @@ module OOB { bufferUseComputableBufferSize(bufferArg, bufferSource, _) or bufferUseNonComputableSize(bufferArg, bufferSource) ) and - // Not a size expression for which we can compute a specific size - not sizeExprComputableSize(sizeArg, _, _) and - // If the lower bound is less than zero, taking into account any offsets - lowerBound(sizeArg) + getArithmeticOffsetValue(bufferArg, _) < 0 + ( + // Not a size expression for which we can compute a specific size + // and with a lower bound that is less than zero, taking into account offsets + not sizeExprComputableSize(sizeArg, _, _) and + lowerBound(sizeArg) + getArithmeticOffsetValue(bufferArg, _) < 0 + or + // A size expression for which we can compute a specific size and that size is less than zero + sizeExprComputableSize(sizeArg, _, _) and + ( + if isSizeArgPointerSubExprRightOperand(sizeArg) + then -getMinStatedValue(sizeArg) + getArithmeticOffsetValue(bufferArg, _) < 0 + else getMinStatedValue(sizeArg) + getArithmeticOffsetValue(bufferArg, _) < 0 + ) + ) ) } From 8ef1af91572c6d3d5bbc98f64c24d96a858daa7d Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Fri, 7 Apr 2023 01:04:13 +0200 Subject: [PATCH 0983/2573] Fix OutOfBounds.qll format --- c/common/src/codingstandards/c/OutOfBounds.qll | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/c/common/src/codingstandards/c/OutOfBounds.qll b/c/common/src/codingstandards/c/OutOfBounds.qll index ad23e7a53e..8b83579173 100644 --- a/c/common/src/codingstandards/c/OutOfBounds.qll +++ b/c/common/src/codingstandards/c/OutOfBounds.qll @@ -903,8 +903,7 @@ module OOB { override predicate isNotNullTerminated() { none() } } - private class PointerToObjectSourceOrSizeToBufferAccessFunctionConfig extends DataFlow::Configuration - { + private class PointerToObjectSourceOrSizeToBufferAccessFunctionConfig extends DataFlow::Configuration { PointerToObjectSourceOrSizeToBufferAccessFunctionConfig() { this = "PointerToObjectSourceOrSizeToBufferAccessFunctionConfig" } From b3523bed6f263686088c47b20122009f88ebc207 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Fri, 7 Apr 2023 01:57:21 +0200 Subject: [PATCH 0984/2573] ARR38-C: Add missing GVN logic --- c/cert/test/rules/ARR38-C/test.c | 3 +- .../src/codingstandards/c/OutOfBounds.qll | 40 +++++++++++++++++-- 2 files changed, 39 insertions(+), 4 deletions(-) diff --git a/c/cert/test/rules/ARR38-C/test.c b/c/cert/test/rules/ARR38-C/test.c index 2656129282..872b3455e9 100644 --- a/c/cert/test/rules/ARR38-C/test.c +++ b/c/cert/test/rules/ARR38-C/test.c @@ -458,9 +458,10 @@ void test_read_file(const char *file_name) { fclose(f); } -void test_equivalent_expressions(void *in, int x, int y) { +void test_equivalent_expressions(void *in, int x, int y, int a, int b) { short *p = malloc(x * y * sizeof(short)); memcpy(p, in, x * y * sizeof(short)); // COMPLIANT memcpy(p, in, x * y * sizeof(short) + 1); // NON_COMPLIANT memcpy(p, in, x * y * sizeof(short) - 1); // COMPLIANT + memcpy(p, in, a * b * sizeof(short) + 1); // COMPLIANT - unknown } \ No newline at end of file diff --git a/c/common/src/codingstandards/c/OutOfBounds.qll b/c/common/src/codingstandards/c/OutOfBounds.qll index 8b83579173..26ca8f8598 100644 --- a/c/common/src/codingstandards/c/OutOfBounds.qll +++ b/c/common/src/codingstandards/c/OutOfBounds.qll @@ -1129,6 +1129,37 @@ module OOB { ) } + /** + * Holds if `a` and `b` are function calls to the same target function and + * have identical arguments (determined by their global value number or `VariableAccess` targets). + */ + bindingset[a, b] + private predicate areFunctionCallsSyntacticallySame(FunctionCall a, FunctionCall b) { + a.getTarget() = b.getTarget() and + ( + exists(a.getAnArgument()) + implies + not exists(int i, Expr argA, Expr argB | + i = [0 .. a.getTarget().getNumberOfParameters() - 1] + | + argA = a.getArgument(i) and + argB = b.getArgument(i) and + not globalValueNumber(argA) = globalValueNumber(argB) and + not argA.(VariableAccess).getTarget() = argB.(VariableAccess).getTarget() + ) + ) + } + + /** + * Holds if `a` and `b` have the same global value number or are syntactically identical function calls + */ + bindingset[a, b] + private predicate isGVNOrFunctionCallSame(Expr a, Expr b) { + globalValueNumber(a) = globalValueNumber(b) + or + areFunctionCallsSyntacticallySame(a, b) + } + /** * Holds if the BufferAccess is accessed with a `base + accessOffset` on a buffer that was * allocated a size of the form `base + allocationOffset`. @@ -1150,9 +1181,12 @@ module OOB { sourceSizeExpr = source.getSizeExprSource(sourceSizeExprBase, sourceSizeExprOffset) and bufferUseNonComputableSize(bufferArg, source) and not globalValueNumber(sourceSizeExpr) = globalValueNumber(bufferSizeArg) and - sizeArgOffset = getArithmeticOffsetValue(bufferSizeArg.getAChild*(), _) and - bufferArgOffset = getArithmeticOffsetValue(bufferArg, _) and - sourceSizeExprOffset + bufferArgOffset < sizeArgOffset + exists(Expr sizeArgBase | + sizeArgOffset = getArithmeticOffsetValue(bufferSizeArg.getAChild*(), sizeArgBase) and + isGVNOrFunctionCallSame(sizeArgBase, sourceSizeExprBase) and + bufferArgOffset = getArithmeticOffsetValue(bufferArg, _) and + sourceSizeExprOffset + bufferArgOffset < sizeArgOffset + ) ) } From a8c7dc36e0ec787762f241a2fa76ed6d7b7d3191 Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Fri, 7 Apr 2023 03:51:26 +0200 Subject: [PATCH 0985/2573] Restrict ARR30-C to reduce FPs and fix performance --- .../DoNotFormOutOfBoundsPointersOrArraySubscripts.ql | 11 ++++++++++- ...tFormOutOfBoundsPointersOrArraySubscripts.expected | 2 +- c/common/src/codingstandards/c/OutOfBounds.qll | 9 ++++++--- rule_packages/c/OutOfBounds.json | 2 +- 4 files changed, 18 insertions(+), 6 deletions(-) diff --git a/c/cert/src/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.ql b/c/cert/src/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.ql index 63a422bca2..3f9dde5e87 100644 --- a/c/cert/src/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.ql +++ b/c/cert/src/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.ql @@ -21,6 +21,15 @@ string message where not isExcluded(ba, OutOfBoundsPackage::doNotFormOutOfBoundsPointersOrArraySubscriptsQuery()) and + // exclude loops + not exists(Loop loop | loop.getStmt().getChildStmt*() = ba.getEnclosingStmt()) and + // exclude size arguments that are of type ssize_t + not sizeArg.getAChild*().(VariableAccess).getTarget().getType() instanceof Ssize_t and + // exclude size arguments that are assigned the result of a function call e.g. ftell + not sizeArg.getAChild*().(VariableAccess).getTarget().getAnAssignedValue() instanceof FunctionCall and + // exclude field or array accesses for the size arguments + not sizeArg.getAChild*() instanceof FieldAccess and + not sizeArg.getAChild*() instanceof ArrayExpr and ( exists(int sizeArgValue, int bufferArgSize | OOB::isSizeArgGreaterThanBufferSize(bufferArg, sizeArg, bufferSource, bufferArgSize, sizeArgValue, ba) and @@ -33,7 +42,7 @@ OOB::isSizeArgNotCheckedLessThanFixedBufferSize(bufferArg, sizeArg, bufferSource, bufferArgSize, ba, sizeArgUpperBound, sizeMult) and message = - "Buffer accesses may access up to offset " + sizeArgUpperBound + "*" + sizeMult + + "Buffer may access up to offset " + sizeArgUpperBound + "*" + sizeMult + " which is greater than the fixed size " + bufferArgSize + " of the $@." ) or diff --git a/c/cert/test/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.expected b/c/cert/test/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.expected index 41dac9dc60..fe7ac757a6 100644 --- a/c/cert/test/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.expected +++ b/c/cert/test/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.expected @@ -2,7 +2,7 @@ | test.c:16:3:16:13 | ... + ... | Buffer access may be to a negative index in the buffer. | test.c:16:3:16:5 | arr | buffer | | test.c:21:5:21:15 | ... + ... | Buffer access may be to a negative index in the buffer. | test.c:21:5:21:7 | arr | buffer | | test.c:41:17:41:30 | ... + ... | Buffer access may be to a negative index in the buffer. | test.c:41:17:41:22 | buffer | buffer | -| test.c:45:17:45:30 | ... + ... | Buffer accesses may access up to offset 101*1 which is greater than the fixed size 100 of the $@. | test.c:45:17:45:22 | buffer | buffer | +| test.c:45:17:45:30 | ... + ... | Buffer may access up to offset 101*1 which is greater than the fixed size 100 of the $@. | test.c:45:17:45:22 | buffer | buffer | | test.c:55:5:55:13 | ... - ... | Buffer access may be to a negative index in the buffer. | test.c:55:5:55:9 | ptr16 | buffer | | test.c:57:5:57:14 | ... + ... | Buffer accesses offset 22 which is greater than the fixed size 20 of the $@. | test.c:57:5:57:9 | ptr16 | buffer | | test.c:58:5:58:14 | ... - ... | Buffer access may be to a negative index in the buffer. | test.c:58:5:58:9 | ptr16 | buffer | diff --git a/c/common/src/codingstandards/c/OutOfBounds.qll b/c/common/src/codingstandards/c/OutOfBounds.qll index 26ca8f8598..e6228e4eb0 100644 --- a/c/common/src/codingstandards/c/OutOfBounds.qll +++ b/c/common/src/codingstandards/c/OutOfBounds.qll @@ -606,6 +606,7 @@ module OOB { SimpleStringLibraryFunctionCall() { this.getTarget() instanceof SimpleStringLibraryFunction } } + bindingset[dest] private Expr getSourceConstantExpr(Expr dest) { exists(result.getValue().toInt()) and DataFlow::localExprFlow(result, dest) @@ -639,6 +640,7 @@ module OOB { * malloc(sz); * ``` */ + bindingset[e] private int getMinStatedValue(Expr e) { result = upperBound(e).minimum(min(getSourceConstantExpr(e).getValue().toInt())) } @@ -647,6 +649,7 @@ module OOB { * A class for reasoning about the offset of a variable from the original value flowing to it * as a result of arithmetic or pointer arithmetic expressions. */ + bindingset[expr] private int getArithmeticOffsetValue(Expr expr, Expr base) { result = getMinStatedValue(expr.(PointerArithmeticExpr).getOperand()) and base = expr.(PointerArithmeticExpr).getPointer() @@ -1264,16 +1267,16 @@ module OOB { ) and ( // Not a size expression for which we can compute a specific size - // and with a lower bound that is less than zero, taking into account offsets not sizeExprComputableSize(sizeArg, _, _) and + // and with a lower bound that is less than zero, taking into account offsets lowerBound(sizeArg) + getArithmeticOffsetValue(bufferArg, _) < 0 or // A size expression for which we can compute a specific size and that size is less than zero sizeExprComputableSize(sizeArg, _, _) and ( if isSizeArgPointerSubExprRightOperand(sizeArg) - then -getMinStatedValue(sizeArg) + getArithmeticOffsetValue(bufferArg, _) < 0 - else getMinStatedValue(sizeArg) + getArithmeticOffsetValue(bufferArg, _) < 0 + then -sizeArg.getValue().toInt() + getArithmeticOffsetValue(bufferArg, _) < 0 + else sizeArg.getValue().toInt() + getArithmeticOffsetValue(bufferArg, _) < 0 ) ) ) diff --git a/rule_packages/c/OutOfBounds.json b/rule_packages/c/OutOfBounds.json index 35f14d2ad8..31d0349a63 100644 --- a/rule_packages/c/OutOfBounds.json +++ b/rule_packages/c/OutOfBounds.json @@ -9,7 +9,7 @@ "description": "Forming or using an out-of-bounds pointer is undefined behavior and can result in invalid memory accesses.", "kind": "problem", "name": "Do not form or use out-of-bounds pointers or array subscripts", - "precision": "high", + "precision": "medium", "severity": "error", "short_name": "DoNotFormOutOfBoundsPointersOrArraySubscripts", "tags": [ From 9dd30f0fe2b0122c3e96a7545772455cd52e1b6e Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Fri, 7 Apr 2023 03:51:48 +0200 Subject: [PATCH 0986/2573] Remove defining argument nodes from data-flow graph --- c/common/src/codingstandards/c/OutOfBounds.qll | 2 ++ 1 file changed, 2 insertions(+) diff --git a/c/common/src/codingstandards/c/OutOfBounds.qll b/c/common/src/codingstandards/c/OutOfBounds.qll index e6228e4eb0..f6d1b8952a 100644 --- a/c/common/src/codingstandards/c/OutOfBounds.qll +++ b/c/common/src/codingstandards/c/OutOfBounds.qll @@ -949,6 +949,8 @@ module OOB { // remove flow from `src` to `dst` in a buffer access function call // the standard library models such flow through functions such as memcpy, strcpy, etc. exists(BufferAccessLibraryFunctionCall fc | node.asExpr() = fc.getReadArg().getAChild*()) + or + node.asDefiningArgument() instanceof AddressOfExpr } } From 2f31431635fbc441b002112897a971b714818f2f Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Fri, 7 Apr 2023 03:52:52 +0200 Subject: [PATCH 0987/2573] Correct ARR30-C metadata --- .../ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/cert/src/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.ql b/c/cert/src/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.ql index 3f9dde5e87..332928c240 100644 --- a/c/cert/src/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.ql +++ b/c/cert/src/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.ql @@ -4,7 +4,7 @@ * @description Forming or using an out-of-bounds pointer is undefined behavior and can result in * invalid memory accesses. * @kind problem - * @precision high + * @precision medium * @problem.severity error * @tags external/cert/id/arr30-c * correctness From 03c17aeea860d167777b5190bd664941fb4f3e0a Mon Sep 17 00:00:00 2001 From: Nikita Kraiouchkine Date: Sat, 8 Apr 2023 00:03:17 +0200 Subject: [PATCH 0988/2573] Update getNameOrInternalName regex --- c/common/src/codingstandards/c/OutOfBounds.qll | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/c/common/src/codingstandards/c/OutOfBounds.qll b/c/common/src/codingstandards/c/OutOfBounds.qll index f6d1b8952a..33f1e9cd39 100644 --- a/c/common/src/codingstandards/c/OutOfBounds.qll +++ b/c/common/src/codingstandards/c/OutOfBounds.qll @@ -22,8 +22,7 @@ module OOB { */ bindingset[name, result] string getNameOrInternalName(string name) { - result = name or - result.regexpMatch("__.*_+" + name + "_.*") + result.regexpMatch("^(?:__.*_+)?" + name + "(?:_[^s].*)?$") } /** From 15513a5b53f7070cd880e6f420880bbc55f74421 Mon Sep 17 00:00:00 2001 From: jsinglet Date: Mon, 10 Apr 2023 13:38:46 +0000 Subject: [PATCH 0989/2573] Version bump to 2.18.0-dev. --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- docs/user_manual.md | 10 +++++----- 16 files changed, 20 insertions(+), 20 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index 125b9fcc8a..a79da7c873 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards -version: 2.16.0-dev +version: 2.18.0-dev description: CERT C 2016 suites: codeql-suites license: MIT diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index 18aa5d4057..79040a010d 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards-tests -version: 2.16.0-dev +version: 2.18.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index fe06ee5fb6..561e793c22 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards -version: 2.16.0-dev +version: 2.18.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index 2471c3497e..ac738de9c6 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards-tests -version: 2.16.0-dev +version: 2.18.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 0657f90d0c..71d6a79269 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards -version: 2.16.0-dev +version: 2.18.0-dev description: MISRA C 2012 suites: codeql-suites license: MIT diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index a18d1c40dc..892598dde1 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards-tests -version: 2.16.0-dev +version: 2.18.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index 34f8b7b6a4..1bbc00cb88 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards -version: 2.16.0-dev +version: 2.18.0-dev description: AUTOSAR C++14 Guidelines 20-11 suites: codeql-suites license: MIT diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index 118cbff058..943bade6ad 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards-tests -version: 2.16.0-dev +version: 2.18.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index a164a0fe6c..71d90b25a0 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards -version: 2.16.0-dev +version: 2.18.0-dev description: CERT C++ 2016 suites: codeql-suites license: MIT diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index 97049b683e..8c5e4dd228 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards-tests -version: 2.16.0-dev +version: 2.18.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index 1df0d9dec6..f654c13e1f 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards -version: 2.16.0-dev +version: 2.18.0-dev license: MIT dependencies: codeql/cpp-all: 0.3.5 diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index d946cb2892..894e19399e 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards-tests -version: 2.16.0-dev +version: 2.18.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index ef6b41096d..628755b383 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards -version: 2.16.0-dev +version: 2.18.0-dev description: MISRA C++ 2008 suites: codeql-suites license: MIT diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index 204261cd1b..803c3fb838 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards-tests -version: 2.16.0-dev +version: 2.18.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index 8566f8b00e..eabfbaa5cc 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/report-cpp-coding-standards -version: 2.16.0-dev +version: 2.18.0-dev license: MIT dependencies: codeql/cpp-all: 0.3.5 diff --git a/docs/user_manual.md b/docs/user_manual.md index cc73988f20..b70740b438 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -26,10 +26,10 @@ This user manual documents release `2.16.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). The release page documents the release notes and contains the following artifacts part of the release: -- `code-scanning-cpp-query-pack-anon-2.16.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `supported_rules_list_2.16.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. -- `supported_rules_list_2.16.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. -- `user_manual_2.16.0-dev.md`: This user manual. +- `code-scanning-cpp-query-pack-anon-2.18.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. +- `supported_rules_list_2.18.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. +- `upported_rules_list_2.18.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. +- `user_manual_2.18.0-dev.md`: This user manual. - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards - `checksums.txt`: A text file containing sha256 checksums for the aforementioned artifacts. @@ -457,7 +457,7 @@ This section describes known failure modes for "CodeQL Coding Standards" and des | | Ouf of space | Less output. Some files may be only be partially analyzed, or not analyzed at all. | Error reported on the command line. | Increase space. If it remains an issue report space consumption issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False positives | More output. Results are reported which are not violations of the guidelines. | All reported results must be reviewed. | Report false positive issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False negatives | Less output. Violations of the guidelines are not reported. | Other validation and verification processes during software development should be used to complement the analysis performed by CodeQL Coding Standards. | Report false negative issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | -| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.16.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | +| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.18.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | | | Incorrect deviation record specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation records with a reason. Ensure that all deviation records are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Incorrect deviation permit specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation permits with a reason. Ensure that all deviation permits are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Unapproved use of a deviation record | Less output. Results for guideline violations are not reported. | Validate that the deviation record use is approved by verifying the approved-by attribute of the deviation record specification. | Ensure that each raised deviation record is approved by an independent approver through an auditable process. | From e959769e0b92bfb0e31f097199bdb003d70325d3 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 10 Apr 2023 09:49:19 -0400 Subject: [PATCH 0990/2573] Update user_manual.md --- docs/user_manual.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/user_manual.md b/docs/user_manual.md index b70740b438..fec4b6f00a 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -23,7 +23,7 @@ ## Release information -This user manual documents release `2.16.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). +This user manual documents release `2.18.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). The release page documents the release notes and contains the following artifacts part of the release: - `code-scanning-cpp-query-pack-anon-2.18.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. From c6bdf6dd1afb7b6ba935dd8a16b474fa7779af46 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Mon, 10 Apr 2023 09:56:16 -0400 Subject: [PATCH 0991/2573] fix straggler --- scripts/bump_version.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/bump_version.sh b/scripts/bump_version.sh index bea53f8ef4..5c4209ac99 100644 --- a/scripts/bump_version.sh +++ b/scripts/bump_version.sh @@ -18,5 +18,6 @@ find docs -name 'user_manual.md' | xargs sed -i "s/code-scanning-cpp-query-pack- find docs -name 'user_manual.md' | xargs sed -i "s/supported_rules_list_.*\.csv\`/supported_rules_list_${1}.csv\`/" find docs -name 'user_manual.md' | xargs sed -i "s/supported_rules_list_.*\.md\`/upported_rules_list_${1}.md\`/" find docs -name 'user_manual.md' | xargs sed -i "s/user_manual_.*\.md\`/user_manual_${1}.md\`/" +find docs -name 'user_manual.md' | xargs sed -i "s/This user manual documents release \`.*\` of/This user manual documents release \`${1}\` of/" echo "Done." \ No newline at end of file From 40f0b39f0ef549d858680f62345a2a7e02f83088 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Tue, 11 Apr 2023 20:47:31 +0200 Subject: [PATCH 0992/2573] EXP39-C add `.expected.qcc` file RULE-21-4 `setjmp` and `longjmp` can be macros or functions --- ...eViaPointerOfIncompatibleType.expected.qcc | 62 +++++++++++++++++++ .../StandardHeaderFileUsedSetjmph.ql | 61 +++++++++--------- ...StandardHeaderFileUsedSetjmph.expected.qcc | 2 + 3 files changed, 93 insertions(+), 32 deletions(-) create mode 100644 c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected.qcc create mode 100644 c/misra/test/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.expected.qcc diff --git a/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected.qcc b/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected.qcc new file mode 100644 index 0000000000..b327629aae --- /dev/null +++ b/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected.qcc @@ -0,0 +1,62 @@ +edges +| test.c:49:8:49:9 | s3 | test.c:50:8:50:9 | s1 | +| test.c:60:16:60:18 | E1A | test.c:61:16:61:17 | e1 | +| test.c:60:16:60:18 | E1A | test.c:65:10:65:12 | & ... | +| test.c:68:22:68:22 | v | test.c:68:41:68:41 | v | +| test.c:72:13:72:15 | & ... | test.c:68:22:68:22 | v | +| test.c:74:13:74:15 | & ... | test.c:68:22:68:22 | v | +| test.c:97:32:97:37 | call to malloc | test.c:98:40:98:41 | s2 | +| test.c:97:32:97:37 | call to malloc | test.c:98:40:98:41 | s2 | +| test.c:98:32:98:38 | call to realloc | test.c:99:3:99:4 | s3 | +| test.c:98:32:98:38 | call to realloc | test.c:100:10:100:11 | s3 | +| test.c:98:40:98:41 | s2 | test.c:98:32:98:38 | call to realloc | +nodes +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/stdlib.h:98:42:98:47 | __func | semmle.label | __func | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/stdlib.h:98:50:98:53 | 0 | semmle.label | 0 | +| test.c:6:19:6:20 | & ... | semmle.label | & ... | +| test.c:11:10:11:11 | & ... | semmle.label | & ... | +| test.c:13:17:13:19 | & ... | semmle.label | & ... | +| test.c:15:17:15:19 | & ... | semmle.label | & ... | +| test.c:19:18:19:20 | & ... | semmle.label | & ... | +| test.c:20:20:20:22 | & ... | semmle.label | & ... | +| test.c:22:11:22:13 | & ... | semmle.label | & ... | +| test.c:27:17:27:19 | & ... | semmle.label | & ... | +| test.c:28:10:28:12 | & ... | semmle.label | & ... | +| test.c:29:13:29:15 | & ... | semmle.label | & ... | +| test.c:30:19:30:21 | & ... | semmle.label | & ... | +| test.c:31:16:31:18 | & ... | semmle.label | & ... | +| test.c:47:8:47:9 | s2 | semmle.label | s2 | +| test.c:49:8:49:9 | s3 | semmle.label | s3 | +| test.c:49:8:49:9 | s3 | semmle.label | s3 | +| test.c:50:8:50:9 | s1 | semmle.label | s1 | +| test.c:60:16:60:18 | E1A | semmle.label | E1A | +| test.c:60:16:60:18 | E1A | semmle.label | E1A | +| test.c:61:16:61:17 | e1 | semmle.label | e1 | +| test.c:65:10:65:12 | & ... | semmle.label | & ... | +| test.c:68:22:68:22 | v | semmle.label | v | +| test.c:68:41:68:41 | v | semmle.label | v | +| test.c:72:13:72:15 | & ... | semmle.label | & ... | +| test.c:72:13:72:15 | & ... | semmle.label | & ... | +| test.c:74:13:74:15 | & ... | semmle.label | & ... | +| test.c:74:13:74:15 | & ... | semmle.label | & ... | +| test.c:97:32:97:37 | call to malloc | semmle.label | call to malloc | +| test.c:97:32:97:37 | call to malloc | semmle.label | call to malloc | +| test.c:98:32:98:38 | call to realloc | semmle.label | call to realloc | +| test.c:98:32:98:38 | call to realloc | semmle.label | call to realloc | +| test.c:98:32:98:38 | call to realloc | semmle.label | call to realloc | +| test.c:98:40:98:41 | s2 | semmle.label | s2 | +| test.c:98:40:98:41 | s2 | semmle.label | s2 | +| test.c:99:3:99:4 | s3 | semmle.label | s3 | +| test.c:100:10:100:11 | s3 | semmle.label | s3 | +subpaths +#select +| test.c:6:19:6:20 | & ... | test.c:6:19:6:20 | & ... | test.c:6:19:6:20 | & ... | Cast from float to int results in an incompatible pointer base type. | +| test.c:11:10:11:11 | & ... | test.c:11:10:11:11 | & ... | test.c:11:10:11:11 | & ... | Cast from short[2] to int results in an incompatible pointer base type. | +| test.c:13:17:13:19 | & ... | test.c:13:17:13:19 | & ... | test.c:13:17:13:19 | & ... | Cast from short[2] to short[4] results in an incompatible pointer base type. | +| test.c:19:18:19:20 | & ... | test.c:19:18:19:20 | & ... | test.c:19:18:19:20 | & ... | Cast from char to signed char results in an incompatible pointer base type. | +| test.c:30:19:30:21 | & ... | test.c:30:19:30:21 | & ... | test.c:30:19:30:21 | & ... | Cast from int to unsigned int results in an incompatible pointer base type. | +| test.c:47:8:47:9 | s2 | test.c:47:8:47:9 | s2 | test.c:47:8:47:9 | s2 | Cast from struct to struct results in an incompatible pointer base type. | +| test.c:49:8:49:9 | s3 | test.c:49:8:49:9 | s3 | test.c:49:8:49:9 | s3 | Cast from S1 to struct results in an incompatible pointer base type. | +| test.c:50:8:50:9 | s1 | test.c:50:8:50:9 | s1 | test.c:50:8:50:9 | s1 | Cast from struct to S1 results in an incompatible pointer base type. | +| test.c:68:41:68:41 | v | test.c:72:13:72:15 | & ... | test.c:68:41:68:41 | v | Cast from float to int results in an incompatible pointer base type. | +| test.c:99:3:99:4 | s3 | test.c:98:40:98:41 | s2 | test.c:99:3:99:4 | s3 | Cast from S2 to S3 results in an incompatible pointer base type. | diff --git a/c/misra/src/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.ql b/c/misra/src/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.ql index 01b0ed44b1..a48c8ad9fe 100644 --- a/c/misra/src/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.ql +++ b/c/misra/src/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.ql @@ -10,35 +10,32 @@ * external/misra/obligation/required */ -import cpp -import codingstandards.c.misra - -class SetJmp extends Macro { - SetJmp() { - this.hasName("setjmp") and - this.getFile().getAbsolutePath().matches("%setjmp.h") - } -} - -class LongJmp extends Function { - LongJmp() { - this.hasName("longjmp") and - this.getFile().getAbsolutePath().matches("%setjmp.h") - } -} - -from Locatable use, string name -where - not isExcluded(use, BannedPackage::standardHeaderFileUsedSetjmphQuery()) and - ( - exists(SetJmp setjmp | - use = setjmp.getAnInvocation() and - name = "setjmp" - ) - or - exists(LongJmp longjmp | - use = longjmp.getACallToThisFunction() and - name = "longjmp" - ) - ) -select use, "Use of " + name + "." + import cpp + import codingstandards.c.misra + + class SetJmp extends Locatable { + string name; + + SetJmp() { + this.getFile().getAbsolutePath().matches("%setjmp.h") and + name = [this.(Macro).getName(), this.(Function).getName()] and + name = ["setjmp", "longjmp"] + } + + Locatable getAnInvocation() { + result = this.(Macro).getAnInvocation() or + result = this.(Function).getACallToThisFunction() + } + + string getName() { result = name } + } + + from Locatable use, string name + where + not isExcluded(use, BannedPackage::standardHeaderFileUsedSetjmphQuery()) and + exists(SetJmp jmp | + use = jmp.getAnInvocation() and + name = jmp.getName() + ) + select use, "Use of " + name + "." + \ No newline at end of file diff --git a/c/misra/test/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.expected.qcc b/c/misra/test/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.expected.qcc new file mode 100644 index 0000000000..8e01c974ee --- /dev/null +++ b/c/misra/test/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.expected.qcc @@ -0,0 +1,2 @@ +| test.c:7:7:7:17 | setjmp(__env) | Use of setjmp. | +| test.c:8:3:8:9 | call to longjmp | Use of longjmp. | From d78c6fbb1711cadc80b72cb16a66c7dbd427c5e0 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 12 Apr 2023 00:50:41 +0200 Subject: [PATCH 0993/2573] RULE-21-4: `longjmp` can be a macro or a function --- .../StandardHeaderFileUsedSetjmph.ql | 70 +++++++++++-------- 1 file changed, 41 insertions(+), 29 deletions(-) diff --git a/c/misra/src/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.ql b/c/misra/src/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.ql index a48c8ad9fe..6de73499c0 100644 --- a/c/misra/src/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.ql +++ b/c/misra/src/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.ql @@ -10,32 +10,44 @@ * external/misra/obligation/required */ - import cpp - import codingstandards.c.misra - - class SetJmp extends Locatable { - string name; - - SetJmp() { - this.getFile().getAbsolutePath().matches("%setjmp.h") and - name = [this.(Macro).getName(), this.(Function).getName()] and - name = ["setjmp", "longjmp"] - } - - Locatable getAnInvocation() { - result = this.(Macro).getAnInvocation() or - result = this.(Function).getACallToThisFunction() - } - - string getName() { result = name } - } - - from Locatable use, string name - where - not isExcluded(use, BannedPackage::standardHeaderFileUsedSetjmphQuery()) and - exists(SetJmp jmp | - use = jmp.getAnInvocation() and - name = jmp.getName() - ) - select use, "Use of " + name + "." - \ No newline at end of file +import cpp +import codingstandards.c.misra + +abstract class Jmp extends Locatable { + string name; + + Jmp() { + this.getFile().getAbsolutePath().matches("%setjmp.h") and + name = [this.(Macro).getName(), this.(Function).getName()] + } + + Locatable getAnInvocation() { + result = this.(Macro).getAnInvocation() or + result = this.(Function).getACallToThisFunction() + } + + string getName() { result = name } +} + +class SetJmp extends Jmp { + SetJmp() { + name = "setjmp" and + this.(Macro).getName() = name + } +} + +class LongJmp extends Jmp { + LongJmp() { + name = "longjmp" and + [this.(Macro).getName(), this.(Function).getName()] = name + } +} + +from Locatable use, string name +where + not isExcluded(use, BannedPackage::standardHeaderFileUsedSetjmphQuery()) and + exists(Jmp jmp | + use = jmp.getAnInvocation() and + name = jmp.getName() + ) +select use, "Use of " + name + "." From b461260b808fe67b7efdeb6f057ac642d955e749 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 12 Apr 2023 01:56:50 +0200 Subject: [PATCH 0994/2573] RULE-21-4: fix `qcc` expected file --- .../rules/RULE-21-4/StandardHeaderFileUsedSetjmph.expected.qcc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/misra/test/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.expected.qcc b/c/misra/test/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.expected.qcc index 8e01c974ee..c72d7d4e20 100644 --- a/c/misra/test/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.expected.qcc +++ b/c/misra/test/rules/RULE-21-4/StandardHeaderFileUsedSetjmph.expected.qcc @@ -1,2 +1,2 @@ | test.c:7:7:7:17 | setjmp(__env) | Use of setjmp. | -| test.c:8:3:8:9 | call to longjmp | Use of longjmp. | +| test.c:8:3:8:17 | longjmp(__env,__val) | Use of longjmp. | From 46c3332dd68d19ed9efb1b225ebd80d4a5ebd687 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 12 Apr 2023 15:47:18 +0200 Subject: [PATCH 0995/2573] ENV32-C: exit functions can be macros --- .../ENV32-C/ExitHandlersMustReturnNormally.ql | 42 ++++++++++++------- 1 file changed, 27 insertions(+), 15 deletions(-) diff --git a/c/cert/src/rules/ENV32-C/ExitHandlersMustReturnNormally.ql b/c/cert/src/rules/ENV32-C/ExitHandlersMustReturnNormally.ql index 27b6ca2b8e..1b360ca0d8 100644 --- a/c/cert/src/rules/ENV32-C/ExitHandlersMustReturnNormally.ql +++ b/c/cert/src/rules/ENV32-C/ExitHandlersMustReturnNormally.ql @@ -14,14 +14,26 @@ import cpp import codingstandards.c.cert -class ExitFunction extends Function { - ExitFunction() { this.hasGlobalName(["_Exit", "exit", "quick_exit", "longjmp"]) } +/** + * Exit function or macro. + */ +class Exit extends Locatable { + Exit() { + ["_Exit", "exit", "quick_exit", "longjmp"] = [this.(Function).getName(), this.(Macro).getName()] + } } -class ExitFunctionCall extends FunctionCall { - ExitFunctionCall() { this.getTarget() instanceof ExitFunction } +class ExitExpr extends Expr { + ExitExpr() { + this.(FunctionCall).getTarget() instanceof Exit + or + any(MacroInvocation m | this = m.getExpr()).getMacro() instanceof Exit + } } +/** + * Functions that are registered as exit handlers. + */ class RegisteredAtexit extends FunctionAccess { RegisteredAtexit() { exists(FunctionCall ae | @@ -32,8 +44,8 @@ class RegisteredAtexit extends FunctionAccess { } /** - * Nodes of type Function, FunctionCall or FunctionAccess that \ - * are reachable from a redistered atexit handler and + * Nodes of type Function, FunctionCall, FunctionAccess or ExitExpr + * that are reachable from a registered atexit handler and * can reach an exit function. */ class InterestingNode extends ControlFlowNode { @@ -41,15 +53,17 @@ class InterestingNode extends ControlFlowNode { exists(Function f | ( this = f and - // exit functions are not part of edges - not this = any(ExitFunction ec) + // exit is not part of edges + not this instanceof Exit or this.(FunctionCall).getTarget() = f or this.(FunctionAccess).getTarget() = f + or + this.(ExitExpr).getEnclosingFunction() = f ) and - // reaches an exit function - f.calls*(any(ExitFunction e)) and + // reaches an `ExitExpr` + f.calls*(any(ExitExpr ee).getEnclosingFunction()) and // is reachable from a registered atexit function exists(RegisteredAtexit re | re.getTarget().calls*(f)) ) @@ -62,14 +76,12 @@ class InterestingNode extends ControlFlowNode { * `Function` and `FunctionCall` in their body. */ query predicate edges(InterestingNode a, InterestingNode b) { - a.(FunctionAccess).getTarget() = b - or - a.(FunctionCall).getTarget() = b - or + a.(FunctionAccess).getTarget() = b or + a.(FunctionCall).getTarget() = b or a.(Function).calls(_, b) } -from RegisteredAtexit hr, Function f, ExitFunctionCall e +from RegisteredAtexit hr, Function f, ExitExpr e where edges(hr, f) and edges+(f, e) select f, hr, e, "The function is $@ and $@. It must instead terminate by returning.", hr, "registered as `exit handler`", e, "calls an `exit function`" From c5e6c0044a5a598e08913d67e0151badbf4a7825 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 12 Apr 2023 17:01:35 +0200 Subject: [PATCH 0996/2573] ENV32-C: expectd.qcc file --- .../ExitHandlersMustReturnNormally.expected.qcc | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100644 c/cert/test/rules/ENV32-C/ExitHandlersMustReturnNormally.expected.qcc diff --git a/c/cert/test/rules/ENV32-C/ExitHandlersMustReturnNormally.expected.qcc b/c/cert/test/rules/ENV32-C/ExitHandlersMustReturnNormally.expected.qcc new file mode 100644 index 0000000000..227c023432 --- /dev/null +++ b/c/cert/test/rules/ENV32-C/ExitHandlersMustReturnNormally.expected.qcc @@ -0,0 +1,13 @@ +edges +| test.c:8:6:8:13 | exit1bad | test.c:11:5:11:8 | call to exit | +| test.c:20:14:20:21 | exit1bad | test.c:8:6:8:13 | exit1bad | +| test.c:41:6:41:10 | exit2 | test.c:42:3:42:17 | call to siglongjmp | +| test.c:46:21:46:25 | exit2 | test.c:41:6:41:10 | exit2 | +| test.c:62:6:62:17 | exit3_helper | test.c:62:27:62:41 | call to siglongjmp | +| test.c:64:6:64:10 | exit3 | test.c:65:3:65:14 | call to exit3_helper | +| test.c:65:3:65:14 | call to exit3_helper | test.c:62:6:62:17 | exit3_helper | +| test.c:69:14:69:18 | exit3 | test.c:64:6:64:10 | exit3 | +#select +| test.c:8:6:8:13 | exit1bad | test.c:20:14:20:21 | exit1bad | test.c:11:5:11:8 | call to exit | The function is $@ and $@. It must instead terminate by returning. | test.c:20:14:20:21 | exit1bad | registered as `exit handler` | test.c:11:5:11:8 | call to exit | calls an `exit function` | +| test.c:41:6:41:10 | exit2 | test.c:46:21:46:25 | exit2 | test.c:42:3:42:17 | call to siglongjmp | The function is $@ and $@. It must instead terminate by returning. | test.c:46:21:46:25 | exit2 | registered as `exit handler` | test.c:42:3:42:17 | call to siglongjmp | calls an `exit function` | +| test.c:64:6:64:10 | exit3 | test.c:69:14:69:18 | exit3 | test.c:62:27:62:41 | call to siglongjmp | The function is $@ and $@. It must instead terminate by returning. | test.c:69:14:69:18 | exit3 | registered as `exit handler` | test.c:62:27:62:41 | call to siglongjmp | calls an `exit function` | From 01661b93ab6b7e48b5d66cc92d5a0cff37e6759f Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 12 Apr 2023 19:42:31 +0200 Subject: [PATCH 0997/2573] FIO34-C: `qcc` support library can access `stdin` or `_Stdin` by reference --- .../codingstandards/cpp/ReadErrorsAndEOF.qll | 17 +++++----- .../cpp/standardlibrary/FileAccess.qll | 32 +++++++++++-------- 2 files changed, 27 insertions(+), 22 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/ReadErrorsAndEOF.qll b/cpp/common/src/codingstandards/cpp/ReadErrorsAndEOF.qll index 2cf701c7f6..c3c433d20d 100644 --- a/cpp/common/src/codingstandards/cpp/ReadErrorsAndEOF.qll +++ b/cpp/common/src/codingstandards/cpp/ReadErrorsAndEOF.qll @@ -5,7 +5,11 @@ import codingstandards.cpp.standardlibrary.FileAccess /** * any call to function `feof()` or `ferror()` */ -abstract class FeofFerrorCall extends FunctionCall { } +abstract class FeofFerrorCall extends FileAccess { + override VariableAccess getFileExpr() { + result = [this.getArgument(0), this.getArgument(0).(AddressOfExpr).getAnOperand()] + } +} class FeofCall extends FeofFerrorCall { FeofCall() { this.getTarget().hasGlobalName("feof") } @@ -15,11 +19,6 @@ class FerrorCall extends FeofFerrorCall { FerrorCall() { this.getTarget().hasGlobalName("ferror") } } -pragma[inline] -predicate accessSameTarget(VariableAccess va1, VariableAccess va2) { - va1.getTarget() = va2.getTarget() -} - predicate isShortCircuitedEdge(ControlFlowNode fst, ControlFlowNode snd) { fst = any(LogicalAndExpr andOp).getLeftOperand() and snd = fst.getAFalseSuccessor() or @@ -36,7 +35,7 @@ ControlFlowNode feofUnchecked(InBandErrorReadFunctionCall read) { not isShortCircuitedEdge(mid, result) and result = mid.getASuccessor() and //Stop recursion on call to feof/ferror on the correct file - not accessSameTarget(result.(FeofCall).getArgument(0), read.getFileExpr()) + not sameFileSource(result.(FeofCall), read) ) } @@ -50,7 +49,7 @@ ControlFlowNode ferrorUnchecked(InBandErrorReadFunctionCall read) { not isShortCircuitedEdge(mid, result) and result = mid.getASuccessor() and //Stop recursion on call to ferror on the correct file - not accessSameTarget(result.(FerrorCall).getArgument(0), read.getFileExpr()) + not sameFileSource(result.(FerrorCall), read) ) } @@ -112,6 +111,6 @@ predicate missingEOFWEOFChecks(InBandErrorReadFunctionCall read) { // another char is read before the comparison to EOF exists(FileReadFunctionCall fc | macroUnchecked(read) = fc and - accessSameTarget(read.getFileExpr(), fc.getFileExpr()) + sameFileSource(read, fc) ) } diff --git a/cpp/common/src/codingstandards/cpp/standardlibrary/FileAccess.qll b/cpp/common/src/codingstandards/cpp/standardlibrary/FileAccess.qll index bd5522e3eb..0ffd7f3ec9 100644 --- a/cpp/common/src/codingstandards/cpp/standardlibrary/FileAccess.qll +++ b/cpp/common/src/codingstandards/cpp/standardlibrary/FileAccess.qll @@ -98,7 +98,7 @@ class FOpenCall extends FunctionCall { } abstract class FileAccess extends FunctionCall { - abstract Expr getFileExpr(); + abstract VariableAccess getFileExpr(); } pragma[inline] @@ -114,17 +114,17 @@ class ImplicitFileAccess extends FileAccess { string fileName; ImplicitFileAccess() { - fileName = "stdin" and + fileName = ["stdin", "_Stdin"] and this.getTarget().hasGlobalName(["getchar", "getwchar", "scanf", "scanf_s"]) or - fileName = "stdout" and + fileName = ["stdout", "_Stdout"] and this.getTarget().hasGlobalName(["printf", "printf_s", "puts", "putchar", "putwchar"]) or - fileName = "stderr" and this.getTarget().hasGlobalName("perror") + fileName = ["stderr", "_Stderr"] and this.getTarget().hasGlobalName("perror") } /** The expression corresponding to the accessed file */ - override Expr getFileExpr() { + override VariableAccess getFileExpr() { fileName = result.(VariableAccess).getTarget().(GlobalVariable).toString() or fileName = result.findRootCause().(Macro).getName() } @@ -141,10 +141,10 @@ class InBandErrorReadFunctionCall extends FileAccess { } /** The expression corresponding to the accessed file */ - override Expr getFileExpr() { + override VariableAccess getFileExpr() { if this instanceof ImplicitFileAccess then result = this.(ImplicitFileAccess).getFileExpr() - else result = this.getArgument(0) + else result = [this.getArgument(0), this.getArgument(0).(AddressOfExpr).getAnOperand()] } } @@ -167,10 +167,11 @@ class FileReadFunctionCall extends FileAccess { } /** The expression corresponding to the accessed file */ - override Expr getFileExpr() { + override VariableAccess getFileExpr() { if this instanceof ImplicitFileAccess then result = this.(ImplicitFileAccess).getFileExpr() - else result = this.getArgument(filePos) + else + result = [this.getArgument(filePos), this.getArgument(filePos).(AddressOfExpr).getAnOperand()] } } @@ -195,10 +196,11 @@ class FileWriteFunctionCall extends FileAccess { } /** The expression corresponding to the accessed file */ - override Expr getFileExpr() { + override VariableAccess getFileExpr() { if this instanceof ImplicitFileAccess then result = this.(ImplicitFileAccess).getFileExpr() - else result = this.getArgument(filePos) + else + result = [this.getArgument(filePos), this.getArgument(filePos).(AddressOfExpr).getAnOperand()] } } @@ -209,7 +211,9 @@ class FileCloseFunctionCall extends FileAccess { FileCloseFunctionCall() { this.getTarget().hasGlobalName("fclose") } /** The expression corresponding to the accessed file */ - override Expr getFileExpr() { result = this.getArgument(0) } + override VariableAccess getFileExpr() { + result = [this.getArgument(0), this.getArgument(0).(AddressOfExpr).getAnOperand()] + } } /** @@ -221,5 +225,7 @@ class FilePositioningFunctionCall extends FileAccess { } /** The expression corresponding to the accessed file */ - override Expr getFileExpr() { result = this.getArgument(0) } + override VariableAccess getFileExpr() { + result = [this.getArgument(0), this.getArgument(0).(AddressOfExpr).getAnOperand()] + } } From 13a5c61c1dcfd184923bac7e2afefe53870d0527 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 12 Apr 2023 19:55:48 +0200 Subject: [PATCH 0998/2573] ERR33-C: library can access stdin by reference --- .../src/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/cert/src/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.ql b/c/cert/src/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.ql index d7ca143519..6641fe8a52 100644 --- a/c/cert/src/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.ql +++ b/c/cert/src/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.ql @@ -441,7 +441,7 @@ ControlFlowNode ferrorNotchecked(FileWriteFunctionCall write) { not isShortCircuitedEdge(mid, result) and result = mid.getASuccessor() and //Stop recursion on call to ferror on the correct file - not accessSameTarget(result.(FerrorCall).getArgument(0), write.getFileExpr()) + not sameFileSource(result.(FerrorCall), write) ) } From 39982762a0e0dce1a3d51b524557c296b751280c Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 12 Apr 2023 20:09:50 +0200 Subject: [PATCH 0999/2573] FIO47-C: Add `.expected.qcc` file --- .../WrongTypeFormatArguments.expected.qcc | 90 +++++++++++++++++++ 1 file changed, 90 insertions(+) create mode 100644 c/cert/test/rules/FIO47-C/WrongTypeFormatArguments.expected.qcc diff --git a/c/cert/test/rules/FIO47-C/WrongTypeFormatArguments.expected.qcc b/c/cert/test/rules/FIO47-C/WrongTypeFormatArguments.expected.qcc new file mode 100644 index 0000000000..f6a8f57da8 --- /dev/null +++ b/c/cert/test/rules/FIO47-C/WrongTypeFormatArguments.expected.qcc @@ -0,0 +1,90 @@ +| test.c:376:17:376:30 | v_intmax_t_ptr | This argument should be of type 'int *' but is of type 'long *' | +| test.c:378:17:378:28 | v_size_t_ptr | This argument should be of type 'int *' but is of type 'unsigned long *' | +| test.c:380:17:380:31 | v_ptrdiff_t_ptr | This argument should be of type 'int *' but is of type 'long *' | +| test.c:417:17:417:26 | v_char_ptr | This argument should be of type 'int' but is of type 'char *' | +| test.c:421:18:421:27 | v_char_ptr | This argument should be of type 'int' but is of type 'char *' | +| test.c:425:16:425:25 | v_char_ptr | This argument should be of type 'int' but is of type 'char *' | +| test.c:426:17:426:26 | v_char_ptr | This argument should be of type 'int' but is of type 'char *' | +| test.c:427:18:427:27 | v_char_ptr | This argument should be of type 'int' but is of type 'char *' | +| test.c:428:17:428:26 | v_char_ptr | This argument should be of type 'long' but is of type 'char *' | +| test.c:429:18:429:27 | v_char_ptr | This argument should be of type 'long long' but is of type 'char *' | +| test.c:430:17:430:26 | v_char_ptr | This argument should be of type 'intmax_t' but is of type 'char *' | +| test.c:432:17:432:26 | v_char_ptr | This argument should be of type 'ptrdiff_t' but is of type 'char *' | +| test.c:434:16:434:25 | v_char_ptr | This argument should be of type 'int' but is of type 'char *' | +| test.c:435:17:435:26 | v_char_ptr | This argument should be of type 'int' but is of type 'char *' | +| test.c:436:18:436:27 | v_char_ptr | This argument should be of type 'int' but is of type 'char *' | +| test.c:437:17:437:26 | v_char_ptr | This argument should be of type 'long' but is of type 'char *' | +| test.c:438:18:438:27 | v_char_ptr | This argument should be of type 'long long' but is of type 'char *' | +| test.c:439:17:439:26 | v_char_ptr | This argument should be of type 'intmax_t' but is of type 'char *' | +| test.c:441:17:441:26 | v_char_ptr | This argument should be of type 'ptrdiff_t' but is of type 'char *' | +| test.c:443:16:443:25 | v_char_ptr | This argument should be of type 'unsigned int' but is of type 'char *' | +| test.c:444:17:444:26 | v_char_ptr | This argument should be of type 'unsigned int' but is of type 'char *' | +| test.c:445:18:445:27 | v_char_ptr | This argument should be of type 'unsigned int' but is of type 'char *' | +| test.c:446:17:446:26 | v_char_ptr | This argument should be of type 'unsigned long' but is of type 'char *' | +| test.c:447:18:447:27 | v_char_ptr | This argument should be of type 'unsigned long long' but is of type 'char *' | +| test.c:450:17:450:26 | v_char_ptr | This argument should be of type 'size_t' but is of type 'char *' | +| test.c:454:16:454:25 | v_char_ptr | This argument should be of type 'unsigned int' but is of type 'char *' | +| test.c:455:17:455:26 | v_char_ptr | This argument should be of type 'unsigned int' but is of type 'char *' | +| test.c:456:18:456:27 | v_char_ptr | This argument should be of type 'unsigned int' but is of type 'char *' | +| test.c:457:17:457:26 | v_char_ptr | This argument should be of type 'unsigned long' but is of type 'char *' | +| test.c:458:18:458:27 | v_char_ptr | This argument should be of type 'unsigned long long' but is of type 'char *' | +| test.c:461:17:461:26 | v_char_ptr | This argument should be of type 'size_t' but is of type 'char *' | +| test.c:465:16:465:25 | v_char_ptr | This argument should be of type 'unsigned int' but is of type 'char *' | +| test.c:466:17:466:26 | v_char_ptr | This argument should be of type 'unsigned int' but is of type 'char *' | +| test.c:467:18:467:27 | v_char_ptr | This argument should be of type 'unsigned int' but is of type 'char *' | +| test.c:468:17:468:26 | v_char_ptr | This argument should be of type 'unsigned long' but is of type 'char *' | +| test.c:469:18:469:27 | v_char_ptr | This argument should be of type 'unsigned long long' but is of type 'char *' | +| test.c:472:17:472:26 | v_char_ptr | This argument should be of type 'size_t' but is of type 'char *' | +| test.c:476:16:476:25 | v_char_ptr | This argument should be of type 'unsigned int' but is of type 'char *' | +| test.c:477:17:477:26 | v_char_ptr | This argument should be of type 'unsigned int' but is of type 'char *' | +| test.c:478:18:478:27 | v_char_ptr | This argument should be of type 'unsigned int' but is of type 'char *' | +| test.c:479:17:479:26 | v_char_ptr | This argument should be of type 'unsigned long' but is of type 'char *' | +| test.c:480:18:480:27 | v_char_ptr | This argument should be of type 'unsigned long long' but is of type 'char *' | +| test.c:483:17:483:26 | v_char_ptr | This argument should be of type 'size_t' but is of type 'char *' | +| test.c:487:16:487:25 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:488:17:488:26 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:489:18:489:27 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:490:17:490:26 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:492:16:492:25 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:493:17:493:26 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:494:18:494:27 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:495:17:495:26 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:497:16:497:25 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:498:17:498:26 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:499:18:499:27 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:500:17:500:26 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:502:16:502:25 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:503:17:503:26 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:504:18:504:27 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:505:17:505:26 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:507:16:507:25 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:508:17:508:26 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:509:18:509:27 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:510:17:510:26 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:512:16:512:25 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:513:17:513:26 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:514:18:514:27 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:515:17:515:26 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:517:16:517:25 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:518:17:518:26 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:519:18:519:27 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:520:17:520:26 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:522:16:522:25 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:523:17:523:26 | v_char_ptr | This argument should be of type 'double' but is of type 'char *' | +| test.c:524:18:524:27 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:525:17:525:26 | v_char_ptr | This argument should be of type 'long double' but is of type 'char *' | +| test.c:527:16:527:25 | v_char_ptr | This argument should be of type 'char' but is of type 'char *' | +| test.c:528:17:528:26 | v_char_ptr | This argument should be of type 'wchar_t' but is of type 'char *' | +| test.c:530:16:530:20 | v_int | This argument should be of type 'char *' but is of type 'int' | +| test.c:531:17:531:21 | v_int | This argument should be of type 'wchar_t *' but is of type 'int' | +| test.c:533:16:533:20 | v_int | This argument should be of type 'void *' but is of type 'int' | +| test.c:535:16:535:20 | v_int | This argument should be of type 'int *' but is of type 'int' | +| test.c:536:17:536:21 | v_int | This argument should be of type 'short *' but is of type 'int' | +| test.c:537:18:537:22 | v_int | This argument should be of type 'char *' but is of type 'int' | +| test.c:538:17:538:21 | v_int | This argument should be of type 'long *' but is of type 'int' | +| test.c:539:18:539:22 | v_int | This argument should be of type 'long long *' but is of type 'int' | +| test.c:540:17:540:21 | v_int | This argument should be of type 'int *' but is of type 'int' | +| test.c:541:17:541:21 | v_int | This argument should be of type 'int *' but is of type 'int' | +| test.c:542:17:542:21 | v_int | This argument should be of type 'int *' but is of type 'int' | +| test.c:544:16:544:25 | v_char_ptr | This argument should be of type 'wchar_t' but is of type 'char *' | +| test.c:546:16:546:20 | v_int | This argument should be of type 'wchar_t *' but is of type 'int' | From 63c9c7cee8db7da34d3ebd1177b7940af71b1e2b Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 12 Apr 2023 21:28:13 +0200 Subject: [PATCH 1000/2573] Undo changes to FileAccess.qll --- .../cpp/standardlibrary/FileAccess.qll | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/standardlibrary/FileAccess.qll b/cpp/common/src/codingstandards/cpp/standardlibrary/FileAccess.qll index 0ffd7f3ec9..194c4ade81 100644 --- a/cpp/common/src/codingstandards/cpp/standardlibrary/FileAccess.qll +++ b/cpp/common/src/codingstandards/cpp/standardlibrary/FileAccess.qll @@ -98,7 +98,7 @@ class FOpenCall extends FunctionCall { } abstract class FileAccess extends FunctionCall { - abstract VariableAccess getFileExpr(); + abstract Expr getFileExpr(); } pragma[inline] @@ -124,7 +124,7 @@ class ImplicitFileAccess extends FileAccess { } /** The expression corresponding to the accessed file */ - override VariableAccess getFileExpr() { + override Expr getFileExpr() { fileName = result.(VariableAccess).getTarget().(GlobalVariable).toString() or fileName = result.findRootCause().(Macro).getName() } @@ -141,7 +141,7 @@ class InBandErrorReadFunctionCall extends FileAccess { } /** The expression corresponding to the accessed file */ - override VariableAccess getFileExpr() { + override Expr getFileExpr() { if this instanceof ImplicitFileAccess then result = this.(ImplicitFileAccess).getFileExpr() else result = [this.getArgument(0), this.getArgument(0).(AddressOfExpr).getAnOperand()] @@ -167,7 +167,7 @@ class FileReadFunctionCall extends FileAccess { } /** The expression corresponding to the accessed file */ - override VariableAccess getFileExpr() { + override Expr getFileExpr() { if this instanceof ImplicitFileAccess then result = this.(ImplicitFileAccess).getFileExpr() else @@ -196,7 +196,7 @@ class FileWriteFunctionCall extends FileAccess { } /** The expression corresponding to the accessed file */ - override VariableAccess getFileExpr() { + override Expr getFileExpr() { if this instanceof ImplicitFileAccess then result = this.(ImplicitFileAccess).getFileExpr() else @@ -225,7 +225,7 @@ class FilePositioningFunctionCall extends FileAccess { } /** The expression corresponding to the accessed file */ - override VariableAccess getFileExpr() { + override Expr getFileExpr() { result = [this.getArgument(0), this.getArgument(0).(AddressOfExpr).getAnOperand()] } } From 3b70892e409a946b2f08cef2f0a0987f4e1506a2 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 13 Apr 2023 00:24:55 +0200 Subject: [PATCH 1001/2573] FIO-46: file as expression --- .../donotaccessaclosedfile/DoNotAccessAClosedFile.qll | 2 +- .../codingstandards/cpp/standardlibrary/FileAccess.qll | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.qll b/cpp/common/src/codingstandards/cpp/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.qll index bea25d6ffa..83266ed524 100644 --- a/cpp/common/src/codingstandards/cpp/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.qll +++ b/cpp/common/src/codingstandards/cpp/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.qll @@ -27,7 +27,7 @@ predicate accessSameVariable(VariableAccess va1, VariableAccess va2) { va1.getTarget() = va2.getTarget() } -SubBasicBlock followsFileClose(SubBasicBlock source, VariableAccess closedFile) { +SubBasicBlock followsFileClose(SubBasicBlock source, Expr closedFile) { result = source or exists(SubBasicBlock mid | diff --git a/cpp/common/src/codingstandards/cpp/standardlibrary/FileAccess.qll b/cpp/common/src/codingstandards/cpp/standardlibrary/FileAccess.qll index 194c4ade81..58d93de1a9 100644 --- a/cpp/common/src/codingstandards/cpp/standardlibrary/FileAccess.qll +++ b/cpp/common/src/codingstandards/cpp/standardlibrary/FileAccess.qll @@ -114,18 +114,18 @@ class ImplicitFileAccess extends FileAccess { string fileName; ImplicitFileAccess() { - fileName = ["stdin", "_Stdin"] and + fileName = "stdin" and this.getTarget().hasGlobalName(["getchar", "getwchar", "scanf", "scanf_s"]) or - fileName = ["stdout", "_Stdout"] and + fileName = "stdout" and this.getTarget().hasGlobalName(["printf", "printf_s", "puts", "putchar", "putwchar"]) or - fileName = ["stderr", "_Stderr"] and this.getTarget().hasGlobalName("perror") + fileName = "stderr" and this.getTarget().hasGlobalName("perror") } /** The expression corresponding to the accessed file */ override Expr getFileExpr() { - fileName = result.(VariableAccess).getTarget().(GlobalVariable).toString() or + result = any(MacroInvocation mi | mi.getMacroName() = fileName).getExpr() or fileName = result.findRootCause().(Macro).getName() } } From 3cef6ca0c78f8ac0961509610f5deabaa6438486 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 13 Apr 2023 01:14:34 +0200 Subject: [PATCH 1002/2573] STR34-C: Add `.expected.qcc` file based on the `gcc` one --- ...CharBeforeConvertingToLargerSizes.expected.qcc | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.expected.qcc diff --git a/c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.expected.qcc b/c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.expected.qcc new file mode 100644 index 0000000000..1cf143a196 --- /dev/null +++ b/c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.expected.qcc @@ -0,0 +1,15 @@ +| test.c:7:7:7:14 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:28:3:28:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:29:3:29:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:31:3:31:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:32:3:32:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:33:3:33:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:34:3:34:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:35:3:35:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:36:3:36:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:37:3:37:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:38:3:38:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:39:3:39:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:40:3:40:14 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:42:11:42:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:43:11:43:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. | From ced2ee97ad0f80dfeb5c03ae0a44c69a22dec628 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 13 Apr 2023 01:21:48 +0200 Subject: [PATCH 1003/2573] STR34-C: fix `.expected.qcc` file --- .../CastCharBeforeConvertingToLargerSizes.expected.qcc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.expected.qcc b/c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.expected.qcc index 1cf143a196..fec6522014 100644 --- a/c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.expected.qcc +++ b/c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.expected.qcc @@ -11,5 +11,5 @@ | test.c:38:3:38:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | | test.c:39:3:39:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | | test.c:40:3:40:14 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | -| test.c:42:11:42:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. | -| test.c:43:11:43:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:42:3:42:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | +| test.c:43:3:43:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. | From c9a42838515dcab36d743877d4466d920effd67c Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 13 Apr 2023 21:42:59 +0200 Subject: [PATCH 1004/2573] Add tempfiles for matrix testing --- c/cert/test/rules/FIO34-C/tempfile | 0 c/cert/test/rules/FIO46-C/tempfile | 0 c/common/test/rules/donotaccessaclosedfile/tempfile | 0 c/misra/test/rules/RULE-22-6/tempfile | 0 4 files changed, 0 insertions(+), 0 deletions(-) create mode 100644 c/cert/test/rules/FIO34-C/tempfile create mode 100644 c/cert/test/rules/FIO46-C/tempfile create mode 100644 c/common/test/rules/donotaccessaclosedfile/tempfile create mode 100644 c/misra/test/rules/RULE-22-6/tempfile diff --git a/c/cert/test/rules/FIO34-C/tempfile b/c/cert/test/rules/FIO34-C/tempfile new file mode 100644 index 0000000000..e69de29bb2 diff --git a/c/cert/test/rules/FIO46-C/tempfile b/c/cert/test/rules/FIO46-C/tempfile new file mode 100644 index 0000000000..e69de29bb2 diff --git a/c/common/test/rules/donotaccessaclosedfile/tempfile b/c/common/test/rules/donotaccessaclosedfile/tempfile new file mode 100644 index 0000000000..e69de29bb2 diff --git a/c/misra/test/rules/RULE-22-6/tempfile b/c/misra/test/rules/RULE-22-6/tempfile new file mode 100644 index 0000000000..e69de29bb2 From ef7d9497c7317962ccc9de9232c0b8131d6a07c6 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 13 Apr 2023 22:00:01 +0200 Subject: [PATCH 1005/2573] Add `.expected.qcc` for `donotaccessaclosedfile` --- .../DoNotAccessAClosedFile.expected.qcc | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 c/common/test/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.expected.qcc diff --git a/c/common/test/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.expected.qcc b/c/common/test/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.expected.qcc new file mode 100644 index 0000000000..24d904e104 --- /dev/null +++ b/c/common/test/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.expected.qcc @@ -0,0 +1,11 @@ +| test.c:6:3:6:8 | call to printf | Access of closed file& ... which was closed at $@ | test.c:4:3:4:8 | call to fclose | this location. | +| test.c:7:3:7:6 | call to puts | Access of closed file& ... which was closed at $@ | test.c:4:3:4:8 | call to fclose | this location. | +| test.c:16:13:16:18 | _Stderr | Access of closed file& ... which was closed at $@ | test.c:13:3:13:8 | call to fclose | this location. | +| test.c:17:3:17:8 | call to perror | Access of closed file& ... which was closed at $@ | test.c:13:3:13:8 | call to fclose | this location. | +| test.c:24:8:24:12 | _Stdin | Access of closed file& ... which was closed at $@ | test.c:22:3:22:8 | call to fclose | this location. | +| test.c:25:3:25:9 | call to getchar | Access of closed file& ... which was closed at $@ | test.c:22:3:22:8 | call to fclose | this location. | +| test.c:34:18:34:18 | f | Access of closed filef which was closed at $@ | test.c:31:3:31:8 | call to fclose | this location. | +| test.c:35:15:35:15 | f | Access of closed filef which was closed at $@ | test.c:31:3:31:8 | call to fclose | this location. | +| test.c:70:11:70:12 | fp | Access of closed filefp which was closed at $@ | test.c:69:3:69:8 | call to fclose | this location. | +| test.c:71:7:71:8 | fp | Access of closed filefp which was closed at $@ | test.c:69:3:69:8 | call to fclose | this location. | +| test.c:81:17:81:17 | f | Access of closed filef which was closed at $@ | test.c:80:3:80:8 | call to fclose | this location. | From c01c254733cfe9eb5a41fe9d43f0082138128c37 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 14 Apr 2023 11:08:33 -0400 Subject: [PATCH 1006/2573] fixed for shared queries. --- scripts/matrix_testing/Get-CompilerSpecificFiles.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/matrix_testing/Get-CompilerSpecificFiles.ps1 b/scripts/matrix_testing/Get-CompilerSpecificFiles.ps1 index 6197a05650..0d867cf095 100644 --- a/scripts/matrix_testing/Get-CompilerSpecificFiles.ps1 +++ b/scripts/matrix_testing/Get-CompilerSpecificFiles.ps1 @@ -31,7 +31,7 @@ function Get-CompilerSpecificFiles { $f } - foreach($f in (Get-ChildItem -Filter "$Query.expected.$Configuration" $TestDirectory)){ + foreach($f in (Get-ChildItem -Filter "*.expected.$Configuration" $TestDirectory)){ Write-Host "Found file $f..." $f } From 333ae99e9a83962c58c5e839f7596843469da7bb Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 14 Apr 2023 13:15:21 -0400 Subject: [PATCH 1007/2573] more fixes --- scripts/matrix_testing/CreateMatrixTestReport.ps1 | 8 +++++++- scripts/matrix_testing/Get-CompilerSpecificFiles.ps1 | 2 +- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/scripts/matrix_testing/CreateMatrixTestReport.ps1 b/scripts/matrix_testing/CreateMatrixTestReport.ps1 index d306a3f0d9..d80e87e426 100644 --- a/scripts/matrix_testing/CreateMatrixTestReport.ps1 +++ b/scripts/matrix_testing/CreateMatrixTestReport.ps1 @@ -321,7 +321,13 @@ $jobRows = $queriesToCheck | ForEach-Object -ThrottleLimit $NumThreads -Parallel ########################################################### # Push context ########################################################### - $fileSet = (Get-CompilerSpecificFiles -Configuration $using:Configuration -Language $using:Language -TestDirectory $testDirectory -Query $CurrentQueryName) + + if ($q.shared_implementation_short_name) { + $fileSet = (Get-CompilerSpecificFiles -Configuration $using:Configuration -Language $using:Language -TestDirectory $testDirectory -Query $q.shared_implementation_short_name) + } + else { + $fileSet = (Get-CompilerSpecificFiles -Configuration $using:Configuration -Language $using:Language -TestDirectory $testDirectory -Query $CurrentQueryName) + } if($fileSet){ $context = Push-CompilerSpecificFiles -Configuration $using:Configuration -Language $using:Language -FileSet $fileSet diff --git a/scripts/matrix_testing/Get-CompilerSpecificFiles.ps1 b/scripts/matrix_testing/Get-CompilerSpecificFiles.ps1 index 0d867cf095..6197a05650 100644 --- a/scripts/matrix_testing/Get-CompilerSpecificFiles.ps1 +++ b/scripts/matrix_testing/Get-CompilerSpecificFiles.ps1 @@ -31,7 +31,7 @@ function Get-CompilerSpecificFiles { $f } - foreach($f in (Get-ChildItem -Filter "*.expected.$Configuration" $TestDirectory)){ + foreach($f in (Get-ChildItem -Filter "$Query.expected.$Configuration" $TestDirectory)){ Write-Host "Found file $f..." $f } From 6d7ce9ed3d5903a51eebdcd68b692fbbe369549d Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 14 Apr 2023 13:21:33 -0400 Subject: [PATCH 1008/2573] issue issue --- .github/workflows/dispatch-matrix-test-on-comment.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dispatch-matrix-test-on-comment.yml b/.github/workflows/dispatch-matrix-test-on-comment.yml index 5d391539e0..bb307864c6 100644 --- a/.github/workflows/dispatch-matrix-test-on-comment.yml +++ b/.github/workflows/dispatch-matrix-test-on-comment.yml @@ -35,7 +35,7 @@ jobs: token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} repository: github/codeql-coding-standards-release-engineering event-type: matrix-test - client-payload: '{"pr": "${{ github.event.number }}"}' + client-payload: '{"pr": "${{ github.event.issue.number }}"}' - uses: actions/github-script@v6 if: ${{ github.event.issue.pull_request && contains(github.event.comment.body, '/test-matrix') }} From d9bdde839539616b8d01e029090d96ed2628dfe8 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Tue, 18 Apr 2023 15:26:36 +0200 Subject: [PATCH 1009/2573] RULE-10-6: Fix output string format --- c/cert/test/rules/FIO46-C/tempfile | 0 c/common/test/rules/donotaccessaclosedfile/tempfile | 0 .../src/rules/RULE-10-6/AssignmentToWiderEssentialType.ql | 2 +- .../rules/RULE-10-6/AssignmentToWiderEssentialType.expected | 6 +++--- c/misra/test/rules/RULE-22-6/tempfile | 0 5 files changed, 4 insertions(+), 4 deletions(-) delete mode 100644 c/cert/test/rules/FIO46-C/tempfile delete mode 100644 c/common/test/rules/donotaccessaclosedfile/tempfile delete mode 100644 c/misra/test/rules/RULE-22-6/tempfile diff --git a/c/cert/test/rules/FIO46-C/tempfile b/c/cert/test/rules/FIO46-C/tempfile deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/c/common/test/rules/donotaccessaclosedfile/tempfile b/c/common/test/rules/donotaccessaclosedfile/tempfile deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/c/misra/src/rules/RULE-10-6/AssignmentToWiderEssentialType.ql b/c/misra/src/rules/RULE-10-6/AssignmentToWiderEssentialType.ql index bc1133c784..09e731ba71 100644 --- a/c/misra/src/rules/RULE-10-6/AssignmentToWiderEssentialType.ql +++ b/c/misra/src/rules/RULE-10-6/AssignmentToWiderEssentialType.ql @@ -26,4 +26,4 @@ where // Assignment to a different type category is prohibited by Rule 10.3, so we only report cases // where the assignment is to the same type category. getEssentialTypeCategory(lValueType) = getEssentialTypeCategory(compositeEssentialType) -select ce, "Assignment to wider essential type: $@." +select ce, "Assignment to wider essential type `" + lValueType.getName() + "`." diff --git a/c/misra/test/rules/RULE-10-6/AssignmentToWiderEssentialType.expected b/c/misra/test/rules/RULE-10-6/AssignmentToWiderEssentialType.expected index 0813de0e7c..6bae1a0a39 100644 --- a/c/misra/test/rules/RULE-10-6/AssignmentToWiderEssentialType.expected +++ b/c/misra/test/rules/RULE-10-6/AssignmentToWiderEssentialType.expected @@ -1,3 +1,3 @@ -| test.c:5:9:5:17 | ... + ... | Assignment to wider essential type: $@. | -| test.c:7:24:7:32 | ... + ... | Assignment to wider essential type: $@. | -| test.c:8:27:8:35 | ... + ... | Assignment to wider essential type: $@. | +| test.c:5:9:5:17 | ... + ... | Assignment to wider essential type `unsigned int`. | +| test.c:7:24:7:32 | ... + ... | Assignment to wider essential type `unsigned int`. | +| test.c:8:27:8:35 | ... + ... | Assignment to wider essential type `unsigned int`. | diff --git a/c/misra/test/rules/RULE-22-6/tempfile b/c/misra/test/rules/RULE-22-6/tempfile deleted file mode 100644 index e69de29bb2..0000000000 From 1f6b8f905f68d44394e5e181e1985b815df91e45 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Wed, 19 Apr 2023 12:40:21 +0200 Subject: [PATCH 1010/2573] Fix queries and tests that reference anonymous structs and unions --- .../DoNotAccessVariableViaPointerOfIncompatibleType.ql | 4 ++-- ...DoNotAccessVariableViaPointerOfIncompatibleType.expected | 6 +++--- .../InformationLeakageAcrossBoundaries.expected | 2 +- .../unusedtypedeclarations/UnusedTypeDeclarations.expected | 2 +- ...eInitializerBracesToMatchAggregateTypeStructure.expected | 4 ++-- c/misra/src/rules/RULE-2-4/UnusedTagDeclaration.ql | 2 +- c/misra/src/rules/RULE-5-7/TagNameNotUnique.ql | 3 +-- .../rules/RULE-19-2/UnionKeywordShouldNotBeUsed.expected | 2 +- .../src/rules/M8-0-1/MultipleGlobalOrMemberDeclarators.ql | 2 +- .../unusedtypedeclarations/UnusedTypeDeclarations.expected | 2 +- ...eInitializerBracesToMatchAggregateTypeStructure.expected | 2 +- 11 files changed, 15 insertions(+), 16 deletions(-) diff --git a/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql b/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql index 88b464f769..50d8514f52 100644 --- a/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql +++ b/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql @@ -163,8 +163,8 @@ Type compatibleTypes(Type type) { ( type.stripType() instanceof Struct and type.getUnspecifiedType() = result.getUnspecifiedType() and - not type.getName() = "struct " and - not result.getName() = "struct " + not type.(Struct).isAnonymous() and + not result.(Struct).isAnonymous() or not type.stripType() instanceof Struct and ( diff --git a/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected b/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected index 4ca3d89b25..e42f003f0f 100644 --- a/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected +++ b/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected @@ -53,8 +53,8 @@ subpaths | test.c:13:17:13:19 | & ... | test.c:13:17:13:19 | & ... | test.c:13:17:13:19 | & ... | Cast from short[2] to short[4] results in an incompatible pointer base type. | | test.c:19:18:19:20 | & ... | test.c:19:18:19:20 | & ... | test.c:19:18:19:20 | & ... | Cast from char to signed char results in an incompatible pointer base type. | | test.c:30:19:30:21 | & ... | test.c:30:19:30:21 | & ... | test.c:30:19:30:21 | & ... | Cast from int to unsigned int results in an incompatible pointer base type. | -| test.c:47:8:47:9 | s2 | test.c:47:8:47:9 | s2 | test.c:47:8:47:9 | s2 | Cast from struct to struct results in an incompatible pointer base type. | -| test.c:49:8:49:9 | s3 | test.c:49:8:49:9 | s3 | test.c:49:8:49:9 | s3 | Cast from S1 to struct results in an incompatible pointer base type. | -| test.c:50:8:50:9 | s1 | test.c:50:8:50:9 | s1 | test.c:50:8:50:9 | s1 | Cast from struct to S1 results in an incompatible pointer base type. | +| test.c:47:8:47:9 | s2 | test.c:47:8:47:9 | s2 | test.c:47:8:47:9 | s2 | Cast from (unnamed class/struct/union) to (unnamed class/struct/union) results in an incompatible pointer base type. | +| test.c:49:8:49:9 | s3 | test.c:49:8:49:9 | s3 | test.c:49:8:49:9 | s3 | Cast from S1 to (unnamed class/struct/union) results in an incompatible pointer base type. | +| test.c:50:8:50:9 | s1 | test.c:50:8:50:9 | s1 | test.c:50:8:50:9 | s1 | Cast from (unnamed class/struct/union) to S1 results in an incompatible pointer base type. | | test.c:68:41:68:41 | v | test.c:72:13:72:15 | & ... | test.c:68:41:68:41 | v | Cast from float to int results in an incompatible pointer base type. | | test.c:99:3:99:4 | s3 | test.c:98:40:98:41 | s2 | test.c:99:3:99:4 | s3 | Cast from S2 to S3 results in an incompatible pointer base type. | diff --git a/c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.expected b/c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.expected index e4a9a1cee3..e8cda5becb 100644 --- a/c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.expected +++ b/c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.expected @@ -5,7 +5,7 @@ | interprocedural.c:104:9:104:9 | p | 'p' may leak information from {x (interprocedural.c:7), y (interprocedural.c:8)}. Path: p (interprocedural.c:104) --> overwrite_after_leak(...) (interprocedural.c:96) --> p (interprocedural.c:97) | | multilayer.c:16:10:16:10 | s | 's' may leak information from {b (multilayer.c:12)}. Path: s (multilayer.c:16) --> & ... (multilayer.c:18) | | multilayer.c:29:10:29:10 | s | 's' may leak information from {b (multilayer.c:12), x (multilayer.c:7)}. Path: s (multilayer.c:29) --> & ... (multilayer.c:30) | -| multilayer.c:34:8:34:8 | s | 's' may leak information from {struct (multilayer.c:6)}. Path: s (multilayer.c:34) --> & ... (multilayer.c:35) | +| multilayer.c:34:8:34:8 | s | 's' may leak information from {(unnamed class/struct/union) (multilayer.c:6)}. Path: s (multilayer.c:34) --> & ... (multilayer.c:35) | | test.c:12:12:12:12 | s | 's' may leak information from {y (test.c:8)}. Path: s (test.c:12) --> & ... (test.c:14) | | test.c:18:12:18:12 | s | 's' may leak information from {x (test.c:7)}. Path: s (test.c:18) --> & ... (test.c:20) | | test.c:24:12:24:12 | s | 's' may leak information from {x (test.c:7), y (test.c:8)}. Path: s (test.c:24) --> & ... (test.c:25) | diff --git a/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.expected b/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.expected index b0f416cbe9..af3f227ced 100644 --- a/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.expected +++ b/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.expected @@ -2,4 +2,4 @@ | test.c:4:8:4:8 | A | Type declaration A is not used. | | test.c:7:18:7:18 | D | Type declaration D is not used. | | test.c:28:11:28:11 | R | Type declaration R is not used. | -| test.c:41:12:41:12 | struct | Type declaration struct is not used. | +| test.c:41:12:41:12 | (unnamed class/struct/union) | Type declaration (unnamed class/struct/union) is not used. | diff --git a/c/common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.expected b/c/common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.expected index c95e3cc881..450491ffe7 100644 --- a/c/common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.expected +++ b/c/common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.expected @@ -3,5 +3,5 @@ | test.c:35:32:35:35 | {...} | Missing braces on aggregate literal of type int[2]$@ which is assigned to index 2 in $@. | file://:0:0:0:0 | int[2] | int[2] | test.c:35:18:35:42 | {...} | array of type int[4][2] | | test.c:35:38:35:41 | {...} | Missing braces on aggregate literal of type int[2]$@ which is assigned to index 3 in $@. | file://:0:0:0:0 | int[2] | int[2] | test.c:35:18:35:42 | {...} | array of type int[4][2] | | test.c:41:34:41:34 | {...} | Missing braces on aggregate literal of type int[2]$@ which is assigned to index 1 in $@. | file://:0:0:0:0 | int[2] | int[2] | test.c:41:18:41:35 | {...} | array of type int[2][2] | -| test.c:47:26:47:29 | {...} | Missing braces on aggregate literal of type $@ which is assigned to field $@. | test.c:4:10:4:10 | struct | struct | test.c:7:5:7:8 | m_s1 | m_s1 | -| test.c:47:26:47:29 | {...} | Missing braces on aggregate literal of type $@ which is assigned to field $@. | test.c:11:10:11:10 | struct | struct | test.c:7:5:7:8 | m_s1 | m_s1 | +| test.c:47:26:47:29 | {...} | Missing braces on aggregate literal of type $@ which is assigned to field $@. | test.c:4:10:4:10 | (unnamed class/struct/union) | (unnamed class/struct/union) | test.c:7:5:7:8 | m_s1 | m_s1 | +| test.c:47:26:47:29 | {...} | Missing braces on aggregate literal of type $@ which is assigned to field $@. | test.c:11:10:11:10 | (unnamed class/struct/union) | (unnamed class/struct/union) | test.c:7:5:7:8 | m_s1 | m_s1 | diff --git a/c/misra/src/rules/RULE-2-4/UnusedTagDeclaration.ql b/c/misra/src/rules/RULE-2-4/UnusedTagDeclaration.ql index 565b9fb407..c10985f28c 100644 --- a/c/misra/src/rules/RULE-2-4/UnusedTagDeclaration.ql +++ b/c/misra/src/rules/RULE-2-4/UnusedTagDeclaration.ql @@ -20,7 +20,7 @@ from UserType s where not isExcluded(s, DeadCodePackage::unusedTagDeclarationQuery()) and // ignore structs without a tag name - not s.getName() = "struct " and + not s.isAnonymous() and // typedefs do not have a "tag" name, so this rule does not apply to them not s instanceof TypedefType and // Not mentioned anywhere diff --git a/c/misra/src/rules/RULE-5-7/TagNameNotUnique.ql b/c/misra/src/rules/RULE-5-7/TagNameNotUnique.ql index 672e302c92..1c8a7a6b34 100644 --- a/c/misra/src/rules/RULE-5-7/TagNameNotUnique.ql +++ b/c/misra/src/rules/RULE-5-7/TagNameNotUnique.ql @@ -22,7 +22,6 @@ where not isExcluded(s2, Declarations3Package::tagNameNotUniqueQuery()) and not s = s2 and s.getName() = s2.getName() and - not s.getName() = "struct " and - not s.getName() = "union " and + not s.isAnonymous() and not s.getName() = s2.(TypedefType).getBaseType().toString() select s, "Tag name is nonunique compared to $@.", s2, s2.getName() diff --git a/c/misra/test/rules/RULE-19-2/UnionKeywordShouldNotBeUsed.expected b/c/misra/test/rules/RULE-19-2/UnionKeywordShouldNotBeUsed.expected index f7dbb31393..4070091ca2 100644 --- a/c/misra/test/rules/RULE-19-2/UnionKeywordShouldNotBeUsed.expected +++ b/c/misra/test/rules/RULE-19-2/UnionKeywordShouldNotBeUsed.expected @@ -1 +1 @@ -| test.c:2:9:2:9 | union | Use of banned 'union' keyword. | +| test.c:2:9:2:9 | (unnamed class/struct/union) | Use of banned 'union' keyword. | diff --git a/cpp/autosar/src/rules/M8-0-1/MultipleGlobalOrMemberDeclarators.ql b/cpp/autosar/src/rules/M8-0-1/MultipleGlobalOrMemberDeclarators.ql index 10e365c905..8d16fccd94 100644 --- a/cpp/autosar/src/rules/M8-0-1/MultipleGlobalOrMemberDeclarators.ql +++ b/cpp/autosar/src/rules/M8-0-1/MultipleGlobalOrMemberDeclarators.ql @@ -46,7 +46,7 @@ class NonLocalUserDeclaration extends Declaration { not this.(Parameter).getFunction().isCompilerGenerated() and not this.isInMacroExpansion() and not exists(Struct s, TypedefType t | - s.getName() = "struct " and + s.isAnonymous() and t.getBaseType() = s and this = s.getAMemberVariable() ) diff --git a/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.expected b/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.expected index 77f9c0fda9..1b55361995 100644 --- a/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.expected +++ b/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.expected @@ -3,5 +3,5 @@ | test.cpp:6:7:6:7 | B | Type declaration B is not used. | | test.cpp:13:11:13:11 | D | Type declaration D is not used. | | test.cpp:77:11:77:11 | R | Type declaration R is not used. | -| test.cpp:90:12:90:12 | struct | Type declaration struct is not used. | +| test.cpp:90:12:90:12 | (unnamed class/struct/union) | Type declaration (unnamed class/struct/union) is not used. | | test.cpp:111:29:111:30 | AA | Type declaration AA is not used. | diff --git a/cpp/common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.expected b/cpp/common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.expected index 6e72470cf2..b4394172d4 100644 --- a/cpp/common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.expected +++ b/cpp/common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.expected @@ -2,4 +2,4 @@ | test.cpp:41:22:41:25 | {...} | Missing braces on aggregate literal of type int[2]$@ which is assigned to index 1 in $@. | file://:0:0:0:0 | int[2] | int[2] | test.cpp:41:16:41:38 | {...} | array of type int[4][2] | | test.cpp:41:28:41:31 | {...} | Missing braces on aggregate literal of type int[2]$@ which is assigned to index 2 in $@. | file://:0:0:0:0 | int[2] | int[2] | test.cpp:41:16:41:38 | {...} | array of type int[4][2] | | test.cpp:41:34:41:37 | {...} | Missing braces on aggregate literal of type int[2]$@ which is assigned to index 3 in $@. | file://:0:0:0:0 | int[2] | int[2] | test.cpp:41:16:41:38 | {...} | array of type int[4][2] | -| test.cpp:48:15:48:18 | {...} | Missing braces on aggregate literal of type $@ which is assigned to field $@. | test.cpp:6:10:6:10 | struct | struct | test.cpp:9:5:9:8 | m_s1 | m_s1 | +| test.cpp:48:15:48:18 | {...} | Missing braces on aggregate literal of type $@ which is assigned to field $@. | test.cpp:6:10:6:10 | (unnamed class/struct/union) | (unnamed class/struct/union) | test.cpp:9:5:9:8 | m_s1 | m_s1 | From 4cd4896903bad49994290affff8b283fc4cb267d Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Fri, 21 Apr 2023 21:57:26 +0200 Subject: [PATCH 1011/2573] STR37-C: toupper/tolower add support for macro implementation using array expression --- cpp/common/src/codingstandards/cpp/CharFunctions.qll | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/cpp/common/src/codingstandards/cpp/CharFunctions.qll b/cpp/common/src/codingstandards/cpp/CharFunctions.qll index bb47f77101..0782dbbcaa 100644 --- a/cpp/common/src/codingstandards/cpp/CharFunctions.qll +++ b/cpp/common/src/codingstandards/cpp/CharFunctions.qll @@ -54,6 +54,12 @@ private class CToOrIsCharMacroInvocation extends MacroInvocation, UseOfToOrIsCha result = ae.getArrayOffset().getFullyConverted().(Conversion).getExpr() ) or + // For the "toupper/tolower" APIs, QNX expands to an array access + exists(ArrayExpr ae | + ae = getExpr() and + result = ae.getArrayOffset().getFullyConverted().(Conversion).getExpr() + ) + or // For the tolower/toupper cases, a secondary macro is expanded exists(MacroInvocation mi | mi.getParentInvocation() = this and From f21c5cfdf9a4da4f6172908707ca9471841b1f40 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Fri, 21 Apr 2023 23:35:49 +0200 Subject: [PATCH 1012/2573] EXP43-C: Add explicitly mentioned functions --- ...sAliasedPointerToRestrictQualifiedParam.ql | 21 +++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql b/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql index 32e50b2112..ee73a07fd8 100644 --- a/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql +++ b/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql @@ -25,9 +25,26 @@ class FunctionWithRestrictParameters extends Function { Parameter restrictPtrParam; FunctionWithRestrictParameters() { - restrictPtrParam = this.getAParameter() and restrictPtrParam.getUnspecifiedType() instanceof PointerOrArrayType and - restrictPtrParam.getType().hasSpecifier("restrict") + ( + restrictPtrParam.getType().hasSpecifier(["restrict"]) and + restrictPtrParam = this.getAParameter() + or + this.hasGlobalName(["strcpy", "strncpy", "strcat", "strncat", "memcpy"]) and + restrictPtrParam = this.getParameter([0, 1]) + or + this.hasGlobalName(["strcpy_s", "strncpy_s", "strcat_s", "strncat_s", "memcpy_s"]) and + restrictPtrParam = this.getParameter([0, 2]) + or + this.hasGlobalName(["strtok_s"]) and + restrictPtrParam = this.getAParameter() + or + this.hasGlobalName(["printf", "printf_s", "scanf", "scanf_s"]) and + restrictPtrParam = this.getParameter(0) + or + this.hasGlobalName(["sprintf", "sprintf_s", "snprintf", "snprintf_s"]) and + restrictPtrParam = this.getParameter(3) + ) } Parameter getARestrictPtrParam() { result = restrictPtrParam } From 723c25e32e5c3f30249bd284c53b73075c2217cf Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Fri, 21 Apr 2023 23:59:16 +0200 Subject: [PATCH 1013/2573] Create tempfile --- c/cert/test/rules/EXP43-C/tempfile | 1 + 1 file changed, 1 insertion(+) create mode 100644 c/cert/test/rules/EXP43-C/tempfile diff --git a/c/cert/test/rules/EXP43-C/tempfile b/c/cert/test/rules/EXP43-C/tempfile new file mode 100644 index 0000000000..8b13789179 --- /dev/null +++ b/c/cert/test/rules/EXP43-C/tempfile @@ -0,0 +1 @@ + From 1ad13b0417d66af7ca58eef24bc7bba77f9cd222 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Fri, 21 Apr 2023 23:59:27 +0200 Subject: [PATCH 1014/2573] Create tempfile --- c/cert/test/rules/STR37-C/tempfile | 1 + 1 file changed, 1 insertion(+) create mode 100644 c/cert/test/rules/STR37-C/tempfile diff --git a/c/cert/test/rules/STR37-C/tempfile b/c/cert/test/rules/STR37-C/tempfile new file mode 100644 index 0000000000..8b13789179 --- /dev/null +++ b/c/cert/test/rules/STR37-C/tempfile @@ -0,0 +1 @@ + From 6f659753ac91cd93409fb0ff9c5308d709faed75 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Sat, 22 Apr 2023 00:34:11 +0200 Subject: [PATCH 1015/2573] gix expect file --- ...FunctionsRepresentableAsUChar.expected.qcc | 28 ++ c/misra/test/rules/RULE-1-2/test.c | 4 +- c/misra/test/rules/RULE-1-2/test.c.gcc | 409 ------------------ c/misra/test/rules/RULE-1-2/test.c.qcc | 409 ------------------ 4 files changed, 30 insertions(+), 820 deletions(-) create mode 100644 c/cert/test/rules/STR37-C/ToCharacterHandlingFunctionsRepresentableAsUChar.expected.qcc delete mode 100644 c/misra/test/rules/RULE-1-2/test.c.gcc delete mode 100644 c/misra/test/rules/RULE-1-2/test.c.qcc diff --git a/c/cert/test/rules/STR37-C/ToCharacterHandlingFunctionsRepresentableAsUChar.expected.qcc b/c/cert/test/rules/STR37-C/ToCharacterHandlingFunctionsRepresentableAsUChar.expected.qcc new file mode 100644 index 0000000000..7cbab798dc --- /dev/null +++ b/c/cert/test/rules/STR37-C/ToCharacterHandlingFunctionsRepresentableAsUChar.expected.qcc @@ -0,0 +1,28 @@ +| test.c:7:3:7:13 | isalnum(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:7:3:7:13 | (...) | Argument | +| test.c:8:3:8:13 | isalpha(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:8:3:8:13 | (...) | Argument | +| test.c:10:3:10:13 | isblank(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:10:3:10:13 | (...) | Argument | +| test.c:11:3:11:13 | iscntrl(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:11:3:11:13 | (...) | Argument | +| test.c:12:3:12:13 | isdigit(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:12:3:12:13 | (...) | Argument | +| test.c:13:3:13:13 | isgraph(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:13:3:13:13 | (...) | Argument | +| test.c:14:3:14:13 | islower(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:14:3:14:13 | (...) | Argument | +| test.c:15:3:15:13 | isprint(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:15:3:15:13 | (...) | Argument | +| test.c:16:3:16:13 | ispunct(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:16:3:16:13 | (...) | Argument | +| test.c:17:3:17:13 | isspace(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:17:3:17:13 | (...) | Argument | +| test.c:18:3:18:13 | isupper(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:18:3:18:13 | (...) | Argument | +| test.c:19:3:19:14 | isxdigit(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:19:3:19:14 | (...) | Argument | +| test.c:21:3:21:13 | toupper(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:21:3:21:13 | (...) | Argument | +| test.c:22:3:22:13 | tolower(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:22:3:22:13 | (...) | Argument | +| test.c:70:3:70:12 | isalnum(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:70:3:70:12 | (...) | Argument | +| test.c:71:3:71:12 | isalpha(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:71:3:71:12 | (...) | Argument | +| test.c:73:3:73:12 | isblank(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:73:3:73:12 | (...) | Argument | +| test.c:74:3:74:12 | iscntrl(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:74:3:74:12 | (...) | Argument | +| test.c:75:3:75:12 | isdigit(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:75:3:75:12 | (...) | Argument | +| test.c:76:3:76:12 | isgraph(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:76:3:76:12 | (...) | Argument | +| test.c:77:3:77:12 | islower(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:77:3:77:12 | (...) | Argument | +| test.c:78:3:78:12 | isprint(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:78:3:78:12 | (...) | Argument | +| test.c:79:3:79:12 | ispunct(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:79:3:79:12 | (...) | Argument | +| test.c:80:3:80:12 | isspace(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:80:3:80:12 | (...) | Argument | +| test.c:81:3:81:12 | isupper(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:81:3:81:12 | (...) | Argument | +| test.c:82:3:82:13 | isxdigit(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:82:3:82:13 | (...) | Argument | +| test.c:84:3:84:12 | toupper(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:84:3:84:12 | (...) | Argument | +| test.c:85:3:85:12 | tolower(c) | $@ to character-handling function may not be representable as an unsigned char. | test.c:85:3:85:12 | (...) | Argument | diff --git a/c/misra/test/rules/RULE-1-2/test.c b/c/misra/test/rules/RULE-1-2/test.c index 367570f7e7..86a3ae2f20 100644 --- a/c/misra/test/rules/RULE-1-2/test.c +++ b/c/misra/test/rules/RULE-1-2/test.c @@ -114,8 +114,8 @@ void gf7() { } // Reference: https://gcc.gnu.org/onlinedocs/gcc/Typeof.html#Typeof -void gf8() { - typeof(int *); // NON_COMPLIANT[FALSE_NEGATIVE] +void gf8() { // not supported by qcc gcc and clang + // typeof(int *); // NON_COMPLIANT[FALSE_NEGATIVE] } // Reference: diff --git a/c/misra/test/rules/RULE-1-2/test.c.gcc b/c/misra/test/rules/RULE-1-2/test.c.gcc deleted file mode 100644 index 624d1d67d8..0000000000 --- a/c/misra/test/rules/RULE-1-2/test.c.gcc +++ /dev/null @@ -1,409 +0,0 @@ -#include -#include -// Note: Clang aims to support both clang and gcc extensions. -// This test case has been designed using lists compiled from: -// - https://clang.llvm.org/docs/LanguageExtensions.html -// - https://gcc.gnu.org/onlinedocs/gcc/C-Extensions.html - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Other-Builtins.html#Other-Builtins -#ifdef __has_builtin // NON_COMPLIANT[FALSE_NEGATIVE] -#endif -#ifdef __has_constexpr_builtin // NON_COMPLIANT[FALSE_NEGATIVE] -#endif -#ifdef __has_feature // NON_COMPLIANT[FALSE_NEGATIVE] -#endif -#ifdef __has_extension // NON_COMPLIANT[FALSE_NEGATIVE] -#endif -#ifdef __has_c_attribute // NON_COMPLIANT[FALSE_NEGATIVE] -#endif -#ifdef __has_attribute // NON_COMPLIANT[FALSE_NEGATIVE] -#endif -#ifdef __has_declspec_attribute // NON_COMPLIANT[FALSE_NEGATIVE] -#endif -#ifdef __is_identifier // NON_COMPLIANT[FALSE_NEGATIVE] -#endif -#ifdef __has_include // NON_COMPLIANT[FALSE_NEGATIVE] -#endif -#ifdef __has_include_next // NON_COMPLIANT[FALSE_NEGATIVE] -#endif -#ifdef __has_warning // NON_COMPLIANT[FALSE_NEGATIVE] -#endif - -// Reference: https://clang.llvm.org/docs/LanguageExtensions.html#builtin-macros -#define A __BASE_FILE__ // NON_COMPLIANT -#define B __FILE_NAME__ // NON_COMPLIANT -#define C __COUNTER__ // NON_COMPLIANT -#define D __INCLUDE_LEVEL__ // NON_COMPLIANT -#define E__TIMESTAMP__ // NON_COMPLIANT -#define F __clang__ // NON_COMPLIANT -#define G __clang_major__ // NON_COMPLIANT -#define H __clang_minor__ // NON_COMPLIANT -#define I __clang_patchlevel__ // NON_COMPLIANT -#define J __clang_version__ // NON_COMPLIANT -#define K __clang_literal_encoding__ // NON_COMPLIANT -#define L __clang_wide_literal_encoding__ // NON_COMPLIANT - -// Requires additional compiler flags to change the architecture -// typedef __attribute__((neon_vector_type(8))) int8_t int8x8_t; -// typedef __attribute__((neon_polyvector_type(16))) poly8_t poly8x16_t; - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Variable-Attributes.html#Variable-Attributes -typedef int int4 __attribute__((vector_size(4 * sizeof(int)))); // NON_COMPLIANT -typedef int v4si __attribute__((__vector_size__(16))); // NON_COMPLIANT -typedef float float4 __attribute__((ext_vector_type(4))); // NON_COMPLIANT -typedef float float2 __attribute__((ext_vector_type(2))); // NON_COMPLIANT - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Statement-Exprs.html#Statement-Exprs -void gf1() { - ({ // NON_COMPLIANT - int y = 1; - int z; - if (y > 0) - z = y; - else - z = -y; - z; - }); -} - -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Local-Labels.html#Local-Labels -void gf2() { - // __label__ found; // NON_COMPLIANT[FALSE_NEGATIVE] -- local labels not - // supported by clang -} - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Labels-as-Values.html#Labels-as-Values -void gf3() { - void *ptr; - // goto *ptr; // NON_COMPLIANT[FALSE_NEGATIVE] -- not supported in clang -} - -// Referfence: -// https://gcc.gnu.org/onlinedocs/gcc/Nested-Functions.html#Nested-Functions -void gf4() { - // void gf4a(){ // NON_COMPLIANT[FALSE_NEGATIVE] -- not supported in clang - // - // } -} - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Nonlocal-Gotos.html#Nonlocal-Gotos -void gf5() { - __builtin_setjmp(0); // NON_COMPLIANT - __builtin_longjmp(0, 1); // NON_COMPLIANT -} - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Constructing-Calls.html#Constructing-Calls -void gf6() { - // not supported by clang - //__builtin_apply_args(); // NON_COMPLIANT[FALSE_NEGATIVE] - //__builtin_apply(0, 0, 0); // NON_COMPLIANT[FALSE_NEGATIVE] - //__builtin_return(0); // NON_COMPLIANT[FALSE_NEGATIVE] - //__builtin_va_arg_pack(); // NON_COMPLIANT[FALSE_NEGATIVE] - //__builtin_va_arg_pack_len(); // NON_COMPLIANT[FALSE_NEGATIVE] -} - -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Conditionals.html#Conditionals -void gf7() { - int a = 0 ?: 0; // NON_COMPLIANT -} - -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Typeof.html#Typeof -void gf8() { // not supported by qcc - // typeof(int *); // NON_COMPLIANT[FALSE_NEGATIVE] -} - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/_005f_005fint128.html#g_t_005f_005fint128 -void gf9() { - __int128 a; // NON_COMPLIANT -} -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Long-Long.html#Long-Long -void gf10() { - long long int a; // NON_COMPLIANT -} - -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Complex.html#Complex -void gf11() { - __real__(0); // NON_COMPLIANT[FALSE_NEGATIVE] - __imag__(0); // NON_COMPLIANT[FALSE_NEGATIVE] -} - -void gf12() {} - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Floating-Types.html#Floating-Types -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Decimal-Float.html#Decimal-Float -void gf13() { - // not supported on clang - //_Decimal32 a; // NON_COMPLIANT[FALSE_NEGATIVE] - //_Decimal64 b; // NON_COMPLIANT[FALSE_NEGATIVE] - //_Decimal128 c; // NON_COMPLIANT[FALSE_NEGATIVE] -} - -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Complex.html#Complex -void gf14() { - // Do not work in clang - // typedef _Complex float __attribute__((mode(TC))) _Complex128; // - // NON_COMPLIANT[FALSE_NEGATIVE] typedef _Complex float - // __attribute__((mode(XC))) _Complex80; // NON_COMPLIANT[FALSE_NEGATIVE] -} - -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Hex-Floats.html#Hex-Floats -void gf15() { - float f = 0x1.fp3; // NON_COMPLIANT[FALSE_NEGATIVE] -} - -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html#Zero-Length -void gf16() { - char contents[0]; // NON_COMPLIANT -} - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Named-Address-Spaces.html#Named-Address-Spaces -void gf17() { - // const __flash char ** p; // NON_COMPLIANT[FALSE_NEGATIVE] -- not supported - // in clang -} - -void gf18() { - // not supported by extractor - checked by looking for flags. - - // short _Fract, _Fract; // NON_COMPLIANT[FALSE_NEGATIVE] - - // long _Fract; // NON_COMPLIANT[FALSE_NEGATIVE] -} - -struct gf19 {}; // NON_COMPLIANT - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Variable-Length.html#Variable-Length -void gf20(int n) { - // struct S { int x[n]; }; // NON_COMPLIANT[FALSE_NEGATIVE] - will never be - // supported in clang -} -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Variadic-Macros.html#Variadic-Macros -#define gf21(format, args...) \ - printf(format, args) // NON_COMPLIANT[FALSE_NEGATIVE] -- note - // the issue here is explicitly naming the arguments. -#define gf21a(format, ...) printf(format, __VA_ARGS__) // COMPLIANT - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Escaped-Newlines.html#Escaped-Newlines -#define gf22 \ - "a" \ - \ -"b" // NON_COMPLIANT[FALSE_NEGATIVE] - additional spaces after a backslash -- - // stripped by extractor -#define gf22a \ - "a" \ - "b" // COMPLIANT - -void gf24(int f, int g) { - float beat_freqs[2] = {f - g, f + g}; // NON_COMPLIANT -} - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Variable-Length.html#Variable-Length -void gf25t(int N, int M, double out[M][N], // NON_COMPLIANT - const double in[N][M]); // NON_COMPLIANT -void gf25() { - double x[3][2]; - double y[2][3]; - gf25t(3, 2, y, - x); // in ISO C the const qualifier is formally attached - // to the element type of the array and not the array itself -} - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Compound-Literals.html#Compound-Literals -struct gf26t { - int a; - char b[2]; -} gf26v; -void gf26(int x, int y) { - gf26v = ((struct gf26t){ - x + y, 'z', 0}); // NON_COMPLIANT[FALSE_NEGATIVE] - compound literal -} -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Case-Ranges.html#Case-Ranges -void gf28() { - int a; - - // switch(a){ - // case: 0 ... 5: // NON_COMPLIANT[FALSE_NEGATIVE] - Not supported in - // clang. - // ;; - // break; - // default: - // ;; - // break; - // } -} - -union gf29u { - int i; - double j; -}; - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Cast-to-Union.html#Cast-to-Union -void gf29() { - int x; - int y; - union gf29u z; - z = (union gf29u)x; // NON_COMPLIANT[FALSE_NEGATIVE] - z = (union gf29u)y; // NON_COMPLIANT[FALSE_NEGATIVE] -} - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Variable-Attributes.html#Variable-Attributes -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Function-Attributes.html#Function-Attributes -__attribute__((access(read_only, 1))) int -gf30(const char *); // NON_COMPLIANT -- attributes are not portable. - -extern int __attribute__((alias("var_target"))) -gf31; // NON_COMPLIANT -- attributes are not portable. - -struct __attribute__((aligned(8))) gf32 { - short f[3]; -}; // NON_COMPLIANT -- attributes are not portable. - -void gf33() { -gf33l: - __attribute__((cold, unused)); // NON_COMPLIANT - return; -} - -enum gf34 { - oldval __attribute__((deprecated)), // NON_COMPLIANT - newval -}; - -void gf35() { - int x; - // __attribute__((assume(x == 42))); // NON_COMPLIANT[FALSE_NEGATIVE] - Not - // supported in clang - - switch (x) { - case 1: - printf(""); - __attribute__((fallthrough)); // NON_COMPLIANT - case 2: - break; - } -} - -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Dollar-Signs.html#Dollar-Signs -void gf37() { - int a$1; // NON_COMPLIANT[FALSE_NEGATIVE] -} - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Character-Escapes.html#Character-Escapes -void gf38() { - const char *c = "test\e"; // NON_COMPLIANT[FALSE_NEGATIVE] -} - -struct gf39s { - int x; - char y; -} gf39v; - -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Alignment.html#Alignment -void gf39() { - __alignof__(gf39v.x); // NON_COMPLIANT -} - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Incomplete-Enums.html#Incomplete-Enums -// enum gf40 {}; // NON_COMPLIANT[FALSE_NEGATIVE] - not supported in clang - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Function-Names.html#Function-Names -void gf41() { - printf("__FUNCTION__ = %s\n", __FUNCTION__); // NON_COMPLIANT[FALSE_NEGATIVE] - printf("__PRETTY_FUNCTION__ = %s\n", - __PRETTY_FUNCTION__); // NON_COMPLIANT[FALSE_NEGATIVE] -} - -// Reference: https://clang.llvm.org/docs/LanguageExtensions.html#builtin-macros -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Other-Builtins.html#Other-Builtins -void gf42() { - __builtin_extract_return_addr(0); // NON_COMPLIANT - __builtin_frob_return_addr(0); // NON_COMPLIANT - __builtin_frame_address(0); // NON_COMPLIANT -} - -struct gf43s { - int x; - char y; -} gf43v; - -void gf43() { - __builtin_offsetof(struct gf43s, x); // NON_COMPLIANT -} - -struct gf44s { - int x; - char y; -} gf44v; - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/_005f_005fsync-Builtins.html#g_t_005f_005fsync-Builtins -void gf44() { - int i; - __sync_fetch_and_add(&i, 0); // NON_COMPLIANT - __sync_fetch_and_sub(&i, 0); // NON_COMPLIANT - __sync_fetch_and_or(&i, 0); // NON_COMPLIANT - __sync_fetch_and_and(&i, 0); // NON_COMPLIANT - __sync_fetch_and_xor(&i, 0); // NON_COMPLIANT - __sync_fetch_and_nand(&i, 0); // NON_COMPLIANT - __sync_add_and_fetch(&i, 0); // NON_COMPLIANT - __sync_sub_and_fetch(&i, 0); // NON_COMPLIANT - __sync_or_and_fetch(&i, 0); // NON_COMPLIANT - __sync_and_and_fetch(&i, 0); // NON_COMPLIANT - __sync_xor_and_fetch(&i, 0); // NON_COMPLIANT - __sync_nand_and_fetch(&i, 0); // NON_COMPLIANT - - __sync_bool_compare_and_swap(&i, 0, 0); - __sync_val_compare_and_swap(&i, 0, 0); - __sync_lock_test_and_set(&i, 0, 0); - __sync_lock_release(&i, 0); -} - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Binary-constants.html#Binary-constants -void gf45() { - int i = 0b101010; // NON_COMPLIANT[FALSE_NEGATIVE] -} - -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Thread-Local.html#Thread-Local -__thread int gf46; // NON_COMPLIANT[FALSE_NEGATIVE] - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Unnamed-Fields.html#Unnamed-Fields -void gf47() { // NON_COMPLIANT in versions < C11. - struct { - int a; - union { - int b; - float c; - }; - int d; - } f; -} - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Other-Builtins.html#Other-Builtins -void gf48() { - __builtin_alloca( - 0); // NON_COMPLIANT (all __builtin functions are non-compliant.) -} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-1-2/test.c.qcc b/c/misra/test/rules/RULE-1-2/test.c.qcc deleted file mode 100644 index 624d1d67d8..0000000000 --- a/c/misra/test/rules/RULE-1-2/test.c.qcc +++ /dev/null @@ -1,409 +0,0 @@ -#include -#include -// Note: Clang aims to support both clang and gcc extensions. -// This test case has been designed using lists compiled from: -// - https://clang.llvm.org/docs/LanguageExtensions.html -// - https://gcc.gnu.org/onlinedocs/gcc/C-Extensions.html - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Other-Builtins.html#Other-Builtins -#ifdef __has_builtin // NON_COMPLIANT[FALSE_NEGATIVE] -#endif -#ifdef __has_constexpr_builtin // NON_COMPLIANT[FALSE_NEGATIVE] -#endif -#ifdef __has_feature // NON_COMPLIANT[FALSE_NEGATIVE] -#endif -#ifdef __has_extension // NON_COMPLIANT[FALSE_NEGATIVE] -#endif -#ifdef __has_c_attribute // NON_COMPLIANT[FALSE_NEGATIVE] -#endif -#ifdef __has_attribute // NON_COMPLIANT[FALSE_NEGATIVE] -#endif -#ifdef __has_declspec_attribute // NON_COMPLIANT[FALSE_NEGATIVE] -#endif -#ifdef __is_identifier // NON_COMPLIANT[FALSE_NEGATIVE] -#endif -#ifdef __has_include // NON_COMPLIANT[FALSE_NEGATIVE] -#endif -#ifdef __has_include_next // NON_COMPLIANT[FALSE_NEGATIVE] -#endif -#ifdef __has_warning // NON_COMPLIANT[FALSE_NEGATIVE] -#endif - -// Reference: https://clang.llvm.org/docs/LanguageExtensions.html#builtin-macros -#define A __BASE_FILE__ // NON_COMPLIANT -#define B __FILE_NAME__ // NON_COMPLIANT -#define C __COUNTER__ // NON_COMPLIANT -#define D __INCLUDE_LEVEL__ // NON_COMPLIANT -#define E__TIMESTAMP__ // NON_COMPLIANT -#define F __clang__ // NON_COMPLIANT -#define G __clang_major__ // NON_COMPLIANT -#define H __clang_minor__ // NON_COMPLIANT -#define I __clang_patchlevel__ // NON_COMPLIANT -#define J __clang_version__ // NON_COMPLIANT -#define K __clang_literal_encoding__ // NON_COMPLIANT -#define L __clang_wide_literal_encoding__ // NON_COMPLIANT - -// Requires additional compiler flags to change the architecture -// typedef __attribute__((neon_vector_type(8))) int8_t int8x8_t; -// typedef __attribute__((neon_polyvector_type(16))) poly8_t poly8x16_t; - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Variable-Attributes.html#Variable-Attributes -typedef int int4 __attribute__((vector_size(4 * sizeof(int)))); // NON_COMPLIANT -typedef int v4si __attribute__((__vector_size__(16))); // NON_COMPLIANT -typedef float float4 __attribute__((ext_vector_type(4))); // NON_COMPLIANT -typedef float float2 __attribute__((ext_vector_type(2))); // NON_COMPLIANT - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Statement-Exprs.html#Statement-Exprs -void gf1() { - ({ // NON_COMPLIANT - int y = 1; - int z; - if (y > 0) - z = y; - else - z = -y; - z; - }); -} - -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Local-Labels.html#Local-Labels -void gf2() { - // __label__ found; // NON_COMPLIANT[FALSE_NEGATIVE] -- local labels not - // supported by clang -} - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Labels-as-Values.html#Labels-as-Values -void gf3() { - void *ptr; - // goto *ptr; // NON_COMPLIANT[FALSE_NEGATIVE] -- not supported in clang -} - -// Referfence: -// https://gcc.gnu.org/onlinedocs/gcc/Nested-Functions.html#Nested-Functions -void gf4() { - // void gf4a(){ // NON_COMPLIANT[FALSE_NEGATIVE] -- not supported in clang - // - // } -} - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Nonlocal-Gotos.html#Nonlocal-Gotos -void gf5() { - __builtin_setjmp(0); // NON_COMPLIANT - __builtin_longjmp(0, 1); // NON_COMPLIANT -} - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Constructing-Calls.html#Constructing-Calls -void gf6() { - // not supported by clang - //__builtin_apply_args(); // NON_COMPLIANT[FALSE_NEGATIVE] - //__builtin_apply(0, 0, 0); // NON_COMPLIANT[FALSE_NEGATIVE] - //__builtin_return(0); // NON_COMPLIANT[FALSE_NEGATIVE] - //__builtin_va_arg_pack(); // NON_COMPLIANT[FALSE_NEGATIVE] - //__builtin_va_arg_pack_len(); // NON_COMPLIANT[FALSE_NEGATIVE] -} - -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Conditionals.html#Conditionals -void gf7() { - int a = 0 ?: 0; // NON_COMPLIANT -} - -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Typeof.html#Typeof -void gf8() { // not supported by qcc - // typeof(int *); // NON_COMPLIANT[FALSE_NEGATIVE] -} - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/_005f_005fint128.html#g_t_005f_005fint128 -void gf9() { - __int128 a; // NON_COMPLIANT -} -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Long-Long.html#Long-Long -void gf10() { - long long int a; // NON_COMPLIANT -} - -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Complex.html#Complex -void gf11() { - __real__(0); // NON_COMPLIANT[FALSE_NEGATIVE] - __imag__(0); // NON_COMPLIANT[FALSE_NEGATIVE] -} - -void gf12() {} - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Floating-Types.html#Floating-Types -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Decimal-Float.html#Decimal-Float -void gf13() { - // not supported on clang - //_Decimal32 a; // NON_COMPLIANT[FALSE_NEGATIVE] - //_Decimal64 b; // NON_COMPLIANT[FALSE_NEGATIVE] - //_Decimal128 c; // NON_COMPLIANT[FALSE_NEGATIVE] -} - -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Complex.html#Complex -void gf14() { - // Do not work in clang - // typedef _Complex float __attribute__((mode(TC))) _Complex128; // - // NON_COMPLIANT[FALSE_NEGATIVE] typedef _Complex float - // __attribute__((mode(XC))) _Complex80; // NON_COMPLIANT[FALSE_NEGATIVE] -} - -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Hex-Floats.html#Hex-Floats -void gf15() { - float f = 0x1.fp3; // NON_COMPLIANT[FALSE_NEGATIVE] -} - -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html#Zero-Length -void gf16() { - char contents[0]; // NON_COMPLIANT -} - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Named-Address-Spaces.html#Named-Address-Spaces -void gf17() { - // const __flash char ** p; // NON_COMPLIANT[FALSE_NEGATIVE] -- not supported - // in clang -} - -void gf18() { - // not supported by extractor - checked by looking for flags. - - // short _Fract, _Fract; // NON_COMPLIANT[FALSE_NEGATIVE] - - // long _Fract; // NON_COMPLIANT[FALSE_NEGATIVE] -} - -struct gf19 {}; // NON_COMPLIANT - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Variable-Length.html#Variable-Length -void gf20(int n) { - // struct S { int x[n]; }; // NON_COMPLIANT[FALSE_NEGATIVE] - will never be - // supported in clang -} -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Variadic-Macros.html#Variadic-Macros -#define gf21(format, args...) \ - printf(format, args) // NON_COMPLIANT[FALSE_NEGATIVE] -- note - // the issue here is explicitly naming the arguments. -#define gf21a(format, ...) printf(format, __VA_ARGS__) // COMPLIANT - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Escaped-Newlines.html#Escaped-Newlines -#define gf22 \ - "a" \ - \ -"b" // NON_COMPLIANT[FALSE_NEGATIVE] - additional spaces after a backslash -- - // stripped by extractor -#define gf22a \ - "a" \ - "b" // COMPLIANT - -void gf24(int f, int g) { - float beat_freqs[2] = {f - g, f + g}; // NON_COMPLIANT -} - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Variable-Length.html#Variable-Length -void gf25t(int N, int M, double out[M][N], // NON_COMPLIANT - const double in[N][M]); // NON_COMPLIANT -void gf25() { - double x[3][2]; - double y[2][3]; - gf25t(3, 2, y, - x); // in ISO C the const qualifier is formally attached - // to the element type of the array and not the array itself -} - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Compound-Literals.html#Compound-Literals -struct gf26t { - int a; - char b[2]; -} gf26v; -void gf26(int x, int y) { - gf26v = ((struct gf26t){ - x + y, 'z', 0}); // NON_COMPLIANT[FALSE_NEGATIVE] - compound literal -} -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Case-Ranges.html#Case-Ranges -void gf28() { - int a; - - // switch(a){ - // case: 0 ... 5: // NON_COMPLIANT[FALSE_NEGATIVE] - Not supported in - // clang. - // ;; - // break; - // default: - // ;; - // break; - // } -} - -union gf29u { - int i; - double j; -}; - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Cast-to-Union.html#Cast-to-Union -void gf29() { - int x; - int y; - union gf29u z; - z = (union gf29u)x; // NON_COMPLIANT[FALSE_NEGATIVE] - z = (union gf29u)y; // NON_COMPLIANT[FALSE_NEGATIVE] -} - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Variable-Attributes.html#Variable-Attributes -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Function-Attributes.html#Function-Attributes -__attribute__((access(read_only, 1))) int -gf30(const char *); // NON_COMPLIANT -- attributes are not portable. - -extern int __attribute__((alias("var_target"))) -gf31; // NON_COMPLIANT -- attributes are not portable. - -struct __attribute__((aligned(8))) gf32 { - short f[3]; -}; // NON_COMPLIANT -- attributes are not portable. - -void gf33() { -gf33l: - __attribute__((cold, unused)); // NON_COMPLIANT - return; -} - -enum gf34 { - oldval __attribute__((deprecated)), // NON_COMPLIANT - newval -}; - -void gf35() { - int x; - // __attribute__((assume(x == 42))); // NON_COMPLIANT[FALSE_NEGATIVE] - Not - // supported in clang - - switch (x) { - case 1: - printf(""); - __attribute__((fallthrough)); // NON_COMPLIANT - case 2: - break; - } -} - -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Dollar-Signs.html#Dollar-Signs -void gf37() { - int a$1; // NON_COMPLIANT[FALSE_NEGATIVE] -} - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Character-Escapes.html#Character-Escapes -void gf38() { - const char *c = "test\e"; // NON_COMPLIANT[FALSE_NEGATIVE] -} - -struct gf39s { - int x; - char y; -} gf39v; - -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Alignment.html#Alignment -void gf39() { - __alignof__(gf39v.x); // NON_COMPLIANT -} - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Incomplete-Enums.html#Incomplete-Enums -// enum gf40 {}; // NON_COMPLIANT[FALSE_NEGATIVE] - not supported in clang - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Function-Names.html#Function-Names -void gf41() { - printf("__FUNCTION__ = %s\n", __FUNCTION__); // NON_COMPLIANT[FALSE_NEGATIVE] - printf("__PRETTY_FUNCTION__ = %s\n", - __PRETTY_FUNCTION__); // NON_COMPLIANT[FALSE_NEGATIVE] -} - -// Reference: https://clang.llvm.org/docs/LanguageExtensions.html#builtin-macros -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Other-Builtins.html#Other-Builtins -void gf42() { - __builtin_extract_return_addr(0); // NON_COMPLIANT - __builtin_frob_return_addr(0); // NON_COMPLIANT - __builtin_frame_address(0); // NON_COMPLIANT -} - -struct gf43s { - int x; - char y; -} gf43v; - -void gf43() { - __builtin_offsetof(struct gf43s, x); // NON_COMPLIANT -} - -struct gf44s { - int x; - char y; -} gf44v; - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/_005f_005fsync-Builtins.html#g_t_005f_005fsync-Builtins -void gf44() { - int i; - __sync_fetch_and_add(&i, 0); // NON_COMPLIANT - __sync_fetch_and_sub(&i, 0); // NON_COMPLIANT - __sync_fetch_and_or(&i, 0); // NON_COMPLIANT - __sync_fetch_and_and(&i, 0); // NON_COMPLIANT - __sync_fetch_and_xor(&i, 0); // NON_COMPLIANT - __sync_fetch_and_nand(&i, 0); // NON_COMPLIANT - __sync_add_and_fetch(&i, 0); // NON_COMPLIANT - __sync_sub_and_fetch(&i, 0); // NON_COMPLIANT - __sync_or_and_fetch(&i, 0); // NON_COMPLIANT - __sync_and_and_fetch(&i, 0); // NON_COMPLIANT - __sync_xor_and_fetch(&i, 0); // NON_COMPLIANT - __sync_nand_and_fetch(&i, 0); // NON_COMPLIANT - - __sync_bool_compare_and_swap(&i, 0, 0); - __sync_val_compare_and_swap(&i, 0, 0); - __sync_lock_test_and_set(&i, 0, 0); - __sync_lock_release(&i, 0); -} - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Binary-constants.html#Binary-constants -void gf45() { - int i = 0b101010; // NON_COMPLIANT[FALSE_NEGATIVE] -} - -// Reference: https://gcc.gnu.org/onlinedocs/gcc/Thread-Local.html#Thread-Local -__thread int gf46; // NON_COMPLIANT[FALSE_NEGATIVE] - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Unnamed-Fields.html#Unnamed-Fields -void gf47() { // NON_COMPLIANT in versions < C11. - struct { - int a; - union { - int b; - float c; - }; - int d; - } f; -} - -// Reference: -// https://gcc.gnu.org/onlinedocs/gcc/Other-Builtins.html#Other-Builtins -void gf48() { - __builtin_alloca( - 0); // NON_COMPLIANT (all __builtin functions are non-compliant.) -} \ No newline at end of file From 8f35e453ade51ebf94b153fa79b5c0dd25d5b941 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 24 Apr 2023 16:13:47 +0200 Subject: [PATCH 1016/2573] RULE-11-1 RULE-11-2 RULE-11-5: Add support for alternative NULL pointer definition --- c/common/src/codingstandards/c/Pointers.qll | 2 ++ c/misra/src/rules/RULE-11-1/tempfile | 0 c/misra/src/rules/RULE-11-2/tempfile | 0 c/misra/src/rules/RULE-11-5/tempfile | 0 4 files changed, 2 insertions(+) create mode 100644 c/misra/src/rules/RULE-11-1/tempfile create mode 100644 c/misra/src/rules/RULE-11-2/tempfile create mode 100644 c/misra/src/rules/RULE-11-5/tempfile diff --git a/c/common/src/codingstandards/c/Pointers.qll b/c/common/src/codingstandards/c/Pointers.qll index 86e2c02d30..458c2271eb 100644 --- a/c/common/src/codingstandards/c/Pointers.qll +++ b/c/common/src/codingstandards/c/Pointers.qll @@ -68,6 +68,8 @@ predicate isNullPointerConstant(Expr e) { e instanceof Zero and c.getType() instanceof VoidPointerType ) + or + isNullPointerConstant(e.(Conversion).getExpr()) } predicate isCastNullPointerConstant(Cast c) { diff --git a/c/misra/src/rules/RULE-11-1/tempfile b/c/misra/src/rules/RULE-11-1/tempfile new file mode 100644 index 0000000000..e69de29bb2 diff --git a/c/misra/src/rules/RULE-11-2/tempfile b/c/misra/src/rules/RULE-11-2/tempfile new file mode 100644 index 0000000000..e69de29bb2 diff --git a/c/misra/src/rules/RULE-11-5/tempfile b/c/misra/src/rules/RULE-11-5/tempfile new file mode 100644 index 0000000000..e69de29bb2 From ca07311db9cdcb08ebb3409c4bb23ae188b4d89b Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 24 Apr 2023 16:48:59 +0200 Subject: [PATCH 1017/2573] STR32-C STR38-C: - removed links to library internals - documented false positives due to extractor errors --- .../DoNotConfuseNarrowAndWideFunctions.ql | 5 +- ...dToFunctionThatExpectsAString.expected.qcc | 15 ++++ c/cert/test/rules/STR32-C/test.c.qcc | 87 +++++++++++++++++++ ...oNotConfuseNarrowAndWideFunctions.expected | 24 ++--- ...ConfuseNarrowAndWideFunctions.expected.qcc | 9 ++ c/cert/test/rules/STR38-C/copy.c.qcc | 35 ++++++++ c/cert/test/rules/STR38-C/test.c | 8 +- rule_packages/c/Strings1.json | 5 +- rule_packages/c/Strings3.json | 5 +- 9 files changed, 170 insertions(+), 23 deletions(-) create mode 100644 c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected.qcc create mode 100644 c/cert/test/rules/STR32-C/test.c.qcc create mode 100644 c/cert/test/rules/STR38-C/DoNotConfuseNarrowAndWideFunctions.expected.qcc create mode 100644 c/cert/test/rules/STR38-C/copy.c.qcc diff --git a/c/cert/src/rules/STR38-C/DoNotConfuseNarrowAndWideFunctions.ql b/c/cert/src/rules/STR38-C/DoNotConfuseNarrowAndWideFunctions.ql index efc8889e16..a45f7ec7e1 100644 --- a/c/cert/src/rules/STR38-C/DoNotConfuseNarrowAndWideFunctions.ql +++ b/c/cert/src/rules/STR38-C/DoNotConfuseNarrowAndWideFunctions.ql @@ -63,6 +63,5 @@ where c instanceof WideToNarrowCast and actual = "wide" and expected = "narrow" ) select call, - "Call to function $@ with a " + actual + " character string $@ where a " + expected + - " character string $@ is expected.", call.getTarget(), call.getTarget().getName(), arg, - "argument", p, "parameter" + "Call to function `" + call.getTarget().getName() + "` with a " + actual + + " character string $@ where a " + expected + " character string is expected.", arg, "argument" diff --git a/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected.qcc b/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected.qcc new file mode 100644 index 0000000000..fe51f625a8 --- /dev/null +++ b/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected.qcc @@ -0,0 +1,15 @@ +| test.c:19:3:19:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:7:20:7:24 | Co | this expression | +| test.c:20:3:20:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:7:20:7:24 | Co | this expression | +| test.c:22:3:22:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:13:3:13:9 | call to strncpy | this expression | +| test.c:23:3:23:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:13:3:13:9 | call to strncpy | this expression | +| test.c:24:3:24:8 | call to strlen | String modified by $@ is passed to function expecting a null-terminated string. | test.c:13:3:13:9 | call to strncpy | this expression | +| test.c:46:3:46:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:41:3:41:10 | call to snprintf | this expression | +| test.c:47:3:47:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:41:3:41:10 | call to snprintf | this expression | +| test.c:55:3:55:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:53:3:53:9 | call to strncat | this expression | +| test.c:56:3:56:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:53:3:53:9 | call to strncat | this expression | +| test.c:62:3:62:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:60:20:60:24 | Co | this expression | +| test.c:63:3:63:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:60:20:60:24 | Co | this expression | +| test.c:75:3:75:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:72:20:72:24 | Co | this expression | +| test.c:76:3:76:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:72:20:72:24 | Co | this expression | +| test.c:85:3:85:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:83:3:83:9 | call to strncpy | this expression | +| test.c:86:3:86:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:83:3:83:9 | call to strncpy | this expression | diff --git a/c/cert/test/rules/STR32-C/test.c.qcc b/c/cert/test/rules/STR32-C/test.c.qcc new file mode 100644 index 0000000000..1c6761a701 --- /dev/null +++ b/c/cert/test/rules/STR32-C/test.c.qcc @@ -0,0 +1,87 @@ +#include +#include +#include + +void f1() { + char a1_nt[7] = "CodeQL"; // is null terminated + char a1_nnt[3] = "Cod"; // is NOT null termianted + + char a1[9]; + char a2[10]; + char a9[10]; + + strncpy(a2, a1, 5); // not null terminated because n < length(src) + strncpy(a9, a1, 10); // is null terminated; n > length(src) + + printf("%s", a1_nt); // COMPLIANT + printf(a1_nt); // COMPLIANT + + printf("%s", a1_nnt); // NON_COMPLIANT + printf(a1_nnt); // NON_COMPLIANT + + printf("%s", a2); // NON_COMPLIANT + printf(a2); // NON_COMPLIANT + strlen(a2); // NON_COMPLIANT + + printf(a9); // COMPLIANT + printf(a9); // COMPLIANT + + wchar_t wa1_nt[7] = L"CodeQL"; // is null terminated + wchar_t wa1_nnt[3] = L"Cod"; // is NOT null termianted + wprintf(wa1_nt); // COMPLIANT + // FALSE_NEGATIVES due to https://github.com/github/codeql/issues/12914 + wprintf(wa1_nnt); // NON_COMPLIANT[FALSE_NEGATIVE] +} + +void f2() { + char a1[10]; + char a2[10]; + + snprintf(a1, 10, "CodeQL %d", 3); // will be null terminated + snprintf(a2, 11, "CodeQL %d", 3); // will not be null terminated + + printf("%s", a1); // COMPLIANT + printf(a1); // COMPLIANT + + printf("%s", a2); // NON_COMPLIANT + printf(a2); // NON_COMPLIANT +} + +void f3() { + char a1[2]; + + strncat(a1, "CodeQL", 5); // will not be null terminated + + printf(a1); // NON_COMPLIANT + printf("%s", a1); // NON_COMPLIANT +} + +void f4() { + char a1_nnt[3] = "Cod"; // is NOT null termianted + + printf("%s", a1_nnt); // NON_COMPLIANT + printf(a1_nnt); // NON_COMPLIANT + + a1_nnt[2] = '\0'; + + printf("%s", a1_nnt); // COMPLIANT + printf(a1_nnt); // COMPLIANT +} + +f5() { + char a1_nnt[3] = "Cod"; // is NOT null termianted + char a2[10] = "CodeQL"; + + printf("%s", a1_nnt); // NON_COMPLIANT + printf(a1_nnt); // NON_COMPLIANT + + a1_nnt[2] = '\0'; + + printf("%s", a1_nnt); // COMPLIANT + printf(a1_nnt); // COMPLIANT + + strncpy(a1_nnt, a2, 1); // not null terminated because n < length(src) + + printf("%s", a1_nnt); // NON_COMPLIANT + printf(a1_nnt); // NON_COMPLIANT +} \ No newline at end of file diff --git a/c/cert/test/rules/STR38-C/DoNotConfuseNarrowAndWideFunctions.expected b/c/cert/test/rules/STR38-C/DoNotConfuseNarrowAndWideFunctions.expected index f9499d3be5..4c60f39f02 100644 --- a/c/cert/test/rules/STR38-C/DoNotConfuseNarrowAndWideFunctions.expected +++ b/c/cert/test/rules/STR38-C/DoNotConfuseNarrowAndWideFunctions.expected @@ -1,12 +1,12 @@ -| test.c:15:3:15:9 | call to strncpy | Call to function $@ with a wide character string $@ where a narrow character string $@ is expected. | test.c:6:7:6:13 | strncpy | strncpy | test.c:15:11:15:12 | w2 | argument | test.c:6:15:6:18 | (unnamed parameter 0) | parameter | -| test.c:15:3:15:9 | call to strncpy | Call to function $@ with a wide character string $@ where a narrow character string $@ is expected. | test.c:6:7:6:13 | strncpy | strncpy | test.c:15:15:15:16 | w1 | argument | test.c:6:33:6:42 | (unnamed parameter 1) | parameter | -| test.c:16:3:16:9 | call to strncpy | Call to function $@ with a wide character string $@ where a narrow character string $@ is expected. | test.c:6:7:6:13 | strncpy | strncpy | test.c:16:11:16:12 | w2 | argument | test.c:6:15:6:18 | (unnamed parameter 0) | parameter | -| test.c:26:3:26:9 | call to wcsncpy | Call to function $@ with a narrow character string $@ where a wide character string $@ is expected. | test.c:7:10:7:16 | wcsncpy | wcsncpy | test.c:26:11:26:12 | n2 | argument | test.c:7:18:7:24 | (unnamed parameter 0) | parameter | -| test.c:26:3:26:9 | call to wcsncpy | Call to function $@ with a narrow character string $@ where a wide character string $@ is expected. | test.c:7:10:7:16 | wcsncpy | wcsncpy | test.c:26:15:26:16 | n1 | argument | test.c:7:45:7:51 | (unnamed parameter 1) | parameter | -| test.c:27:3:27:9 | call to wcsncpy | Call to function $@ with a narrow character string $@ where a wide character string $@ is expected. | test.c:7:10:7:16 | wcsncpy | wcsncpy | test.c:27:15:27:16 | n1 | argument | test.c:7:45:7:51 | (unnamed parameter 1) | parameter | -| test.c:32:3:32:9 | call to strncpy | Call to function $@ with a wide character string $@ where a narrow character string $@ is expected. | test.c:6:7:6:13 | strncpy | strncpy | test.c:32:11:32:12 | w2 | argument | test.c:6:15:6:18 | (unnamed parameter 0) | parameter | -| test.c:32:3:32:9 | call to strncpy | Call to function $@ with a wide character string $@ where a narrow character string $@ is expected. | test.c:6:7:6:13 | strncpy | strncpy | test.c:32:15:32:16 | w1 | argument | test.c:6:33:6:42 | (unnamed parameter 1) | parameter | -| test.c:33:3:33:9 | call to strncpy | Call to function $@ with a wide character string $@ where a narrow character string $@ is expected. | test.c:6:7:6:13 | strncpy | strncpy | test.c:33:11:33:12 | w2 | argument | test.c:6:15:6:18 | (unnamed parameter 0) | parameter | -| test.c:36:3:36:9 | call to wcsncpy | Call to function $@ with a narrow character string $@ where a wide character string $@ is expected. | test.c:7:10:7:16 | wcsncpy | wcsncpy | test.c:36:11:36:12 | n2 | argument | test.c:7:18:7:24 | (unnamed parameter 0) | parameter | -| test.c:36:3:36:9 | call to wcsncpy | Call to function $@ with a narrow character string $@ where a wide character string $@ is expected. | test.c:7:10:7:16 | wcsncpy | wcsncpy | test.c:36:15:36:16 | n1 | argument | test.c:7:45:7:51 | (unnamed parameter 1) | parameter | -| test.c:37:3:37:9 | call to wcsncpy | Call to function $@ with a narrow character string $@ where a wide character string $@ is expected. | test.c:7:10:7:16 | wcsncpy | wcsncpy | test.c:37:15:37:16 | n1 | argument | test.c:7:45:7:51 | (unnamed parameter 1) | parameter | +| test.c:11:3:11:9 | call to strncpy | Call to function $@ with a wide character string $@ where a narrow character string parameter is expected. | test.c:11:3:11:9 | call to strncpy | strncpy | test.c:11:11:11:12 | w2 | argument | +| test.c:11:3:11:9 | call to strncpy | Call to function $@ with a wide character string $@ where a narrow character string parameter is expected. | test.c:11:3:11:9 | call to strncpy | strncpy | test.c:11:15:11:16 | w1 | argument | +| test.c:12:3:12:9 | call to strncpy | Call to function $@ with a wide character string $@ where a narrow character string parameter is expected. | test.c:12:3:12:9 | call to strncpy | strncpy | test.c:12:11:12:12 | w2 | argument | +| test.c:22:3:22:9 | call to wcsncpy | Call to function $@ with a narrow character string $@ where a wide character string parameter is expected. | test.c:22:3:22:9 | call to wcsncpy | wcsncpy | test.c:22:11:22:12 | n2 | argument | +| test.c:22:3:22:9 | call to wcsncpy | Call to function $@ with a narrow character string $@ where a wide character string parameter is expected. | test.c:22:3:22:9 | call to wcsncpy | wcsncpy | test.c:22:15:22:16 | n1 | argument | +| test.c:23:3:23:9 | call to wcsncpy | Call to function $@ with a narrow character string $@ where a wide character string parameter is expected. | test.c:23:3:23:9 | call to wcsncpy | wcsncpy | test.c:23:15:23:16 | n1 | argument | +| test.c:28:3:28:9 | call to strncpy | Call to function $@ with a wide character string $@ where a narrow character string parameter is expected. | test.c:28:3:28:9 | call to strncpy | strncpy | test.c:28:11:28:12 | w2 | argument | +| test.c:28:3:28:9 | call to strncpy | Call to function $@ with a wide character string $@ where a narrow character string parameter is expected. | test.c:28:3:28:9 | call to strncpy | strncpy | test.c:28:15:28:16 | w1 | argument | +| test.c:29:3:29:9 | call to strncpy | Call to function $@ with a wide character string $@ where a narrow character string parameter is expected. | test.c:29:3:29:9 | call to strncpy | strncpy | test.c:29:11:29:12 | w2 | argument | +| test.c:32:3:32:9 | call to wcsncpy | Call to function $@ with a narrow character string $@ where a wide character string parameter is expected. | test.c:32:3:32:9 | call to wcsncpy | wcsncpy | test.c:32:11:32:12 | n2 | argument | +| test.c:32:3:32:9 | call to wcsncpy | Call to function $@ with a narrow character string $@ where a wide character string parameter is expected. | test.c:32:3:32:9 | call to wcsncpy | wcsncpy | test.c:32:15:32:16 | n1 | argument | +| test.c:33:3:33:9 | call to wcsncpy | Call to function $@ with a narrow character string $@ where a wide character string parameter is expected. | test.c:33:3:33:9 | call to wcsncpy | wcsncpy | test.c:33:15:33:16 | n1 | argument | diff --git a/c/cert/test/rules/STR38-C/DoNotConfuseNarrowAndWideFunctions.expected.qcc b/c/cert/test/rules/STR38-C/DoNotConfuseNarrowAndWideFunctions.expected.qcc new file mode 100644 index 0000000000..2a4d8fe027 --- /dev/null +++ b/c/cert/test/rules/STR38-C/DoNotConfuseNarrowAndWideFunctions.expected.qcc @@ -0,0 +1,9 @@ +| test.c:22:3:22:9 | call to wcsncpy | Call to function $@ with a narrow character string $@ where a wide character string parameter is expected. | test.c:22:3:22:9 | call to wcsncpy | wcsncpy | test.c:22:11:22:12 | n2 | argument | +| test.c:22:3:22:9 | call to wcsncpy | Call to function $@ with a narrow character string $@ where a wide character string parameter is expected. | test.c:22:3:22:9 | call to wcsncpy | wcsncpy | test.c:22:15:22:16 | n1 | argument | +| test.c:23:3:23:9 | call to wcsncpy | Call to function $@ with a narrow character string $@ where a wide character string parameter is expected. | test.c:23:3:23:9 | call to wcsncpy | wcsncpy | test.c:23:15:23:16 | n1 | argument | +| test.c:28:3:28:9 | call to strncpy | Call to function $@ with a wide character string $@ where a narrow character string parameter is expected. | test.c:28:3:28:9 | call to strncpy | strncpy | test.c:28:11:28:12 | w2 | argument | +| test.c:28:3:28:9 | call to strncpy | Call to function $@ with a wide character string $@ where a narrow character string parameter is expected. | test.c:28:3:28:9 | call to strncpy | strncpy | test.c:28:15:28:16 | w1 | argument | +| test.c:29:3:29:9 | call to strncpy | Call to function $@ with a wide character string $@ where a narrow character string parameter is expected. | test.c:29:3:29:9 | call to strncpy | strncpy | test.c:29:11:29:12 | w2 | argument | +| test.c:32:3:32:9 | call to wcsncpy | Call to function $@ with a narrow character string $@ where a wide character string parameter is expected. | test.c:32:3:32:9 | call to wcsncpy | wcsncpy | test.c:32:11:32:12 | n2 | argument | +| test.c:32:3:32:9 | call to wcsncpy | Call to function $@ with a narrow character string $@ where a wide character string parameter is expected. | test.c:32:3:32:9 | call to wcsncpy | wcsncpy | test.c:32:15:32:16 | n1 | argument | +| test.c:33:3:33:9 | call to wcsncpy | Call to function $@ with a narrow character string $@ where a wide character string parameter is expected. | test.c:33:3:33:9 | call to wcsncpy | wcsncpy | test.c:33:15:33:16 | n1 | argument | diff --git a/c/cert/test/rules/STR38-C/copy.c.qcc b/c/cert/test/rules/STR38-C/copy.c.qcc new file mode 100644 index 0000000000..59f8891e0a --- /dev/null +++ b/c/cert/test/rules/STR38-C/copy.c.qcc @@ -0,0 +1,35 @@ +#include +#include +#include + +void f1() { + wchar_t w1[] = L"codeql"; + wchar_t w2[] = L"codeql"; + char n1[] = "codeql"; + char n2[] = "codeql"; + // FALSE_NEGATIVES due to https://github.com/github/codeql/issues/12914 + strncpy(w2, w1, 1); // NON_COMPLIANT[FALSE_NEGATIVE] (2x) + strncpy(w2, n1, 1); // NON_COMPLIANT[FALSE_NEGATIVE] (1x) + strncpy(n2, n1, 1); // COMPLIANT +} + +void f2() { + wchar_t w1[] = L"codeql"; + wchar_t w2[] = L"codeql"; + char n1[] = "codeql"; + char n2[] = "codeql"; + + wcsncpy(n2, n1, 1); // NON_COMPLIANT (2x) + wcsncpy(w2, n1, 1); // NON_COMPLIANT (1x) + wcsncpy(w2, w1, 1); // COMPLIANT +} + +void f3(wchar_t *w1, wchar_t *w2, char *n1, char *n2) { + strncpy(w2, w1, 1); // NON_COMPLIANT (2x) + strncpy(w2, n1, 1); // NON_COMPLIANT (1x) + strncpy(n2, n1, 1); // COMPLIANT + + wcsncpy(n2, n1, 1); // NON_COMPLIANT (2x) + wcsncpy(w2, n1, 1); // NON_COMPLIANT (1x) + wcsncpy(w2, w1, 1); // COMPLIANT +} \ No newline at end of file diff --git a/c/cert/test/rules/STR38-C/test.c b/c/cert/test/rules/STR38-C/test.c index e4464a6d71..99bfc22b1b 100644 --- a/c/cert/test/rules/STR38-C/test.c +++ b/c/cert/test/rules/STR38-C/test.c @@ -1,10 +1,6 @@ #include - -// defined in and but we get absolute -// paths using the current alert so they are defined here. -// to prevent absolute paths from being generated. -char *strncpy(char *__restrict, const char *__restrict, size_t); -wchar_t *wcsncpy(wchar_t *__restrict, const wchar_t *__restrict, size_t); +#include +#include void f1() { wchar_t w1[] = L"codeql"; diff --git a/rule_packages/c/Strings1.json b/rule_packages/c/Strings1.json index a0347aefc2..39529df3cc 100644 --- a/rule_packages/c/Strings1.json +++ b/rule_packages/c/Strings1.json @@ -58,7 +58,10 @@ "tags": [ "correctness", "security" - ] + ], + "implementation_scope": { + "description": "Wide character types are not handled correctly on the `aarch64le` architecture. This can lead to false negative alerts." + } } ], "title": "Do not pass a non-null-terminated character sequence to a library function that expects a string" diff --git a/rule_packages/c/Strings3.json b/rule_packages/c/Strings3.json index dff9744cdd..9456f4b422 100644 --- a/rule_packages/c/Strings3.json +++ b/rule_packages/c/Strings3.json @@ -35,7 +35,10 @@ "tags": [ "correctness", "security" - ] + ], + "implementation_scope": { + "description": "Wide character types are not handled correctly on the `aarch64le` architecture. This can lead to false negative alerts." + } } ], "title": "Do not confuse narrow and wide character strings and functions" From f8a3ce9737c57322cf94d9a5563ee1ec5963ee7b Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 24 Apr 2023 17:19:18 +0200 Subject: [PATCH 1018/2573] Add `change_notes` file --- .../NonNullTerminatedToFunctionThatExpectsAString.md | 2 +- .../rules/STR38-C/DoNotConfuseNarrowAndWideFunctions.md | 2 +- .../2023-04-24-fix-compatibility-issues-with-qnx.md | 9 +++++++++ 3 files changed, 11 insertions(+), 2 deletions(-) create mode 100644 change_notes/2023-04-24-fix-compatibility-issues-with-qnx.md diff --git a/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.md b/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.md index 62ebcc2db9..cfe024adc7 100644 --- a/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.md +++ b/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.md @@ -271,7 +271,7 @@ CWE-123 – STR31-C = ## Implementation notes -None +Wide character types are not handled correctly on the `aarch64le` architecture. This can lead to false negative alerts. ## References diff --git a/c/cert/src/rules/STR38-C/DoNotConfuseNarrowAndWideFunctions.md b/c/cert/src/rules/STR38-C/DoNotConfuseNarrowAndWideFunctions.md index 3c08369681..504bd764ac 100644 --- a/c/cert/src/rules/STR38-C/DoNotConfuseNarrowAndWideFunctions.md +++ b/c/cert/src/rules/STR38-C/DoNotConfuseNarrowAndWideFunctions.md @@ -131,7 +131,7 @@ Search for vulnerabilities resulting from the violation of this rule on the [CER ## Implementation notes -None +Wide character types are not handled correctly on the `aarch64le` architecture. This can lead to false negative alerts. ## References diff --git a/change_notes/2023-04-24-fix-compatibility-issues-with-qnx.md b/change_notes/2023-04-24-fix-compatibility-issues-with-qnx.md new file mode 100644 index 0000000000..1eb65975f8 --- /dev/null +++ b/change_notes/2023-04-24-fix-compatibility-issues-with-qnx.md @@ -0,0 +1,9 @@ +* Fix compatibility issues with the `qcc` compiler and standard headers: + * `RULE-21-4`: `longjmp` can be implmented as macro + * `ENV32-C`: exit functions can be implmented as macro + * `ERR33-C` `FIO34-C` `FIO46-C` `RULE-22-6`: the library files `ReadErrorsAndEOF.qll` `DoNotAccessAClosedFile.qll` `FileAccess.qll` have been updated to support different definitions of IO related functions and macros + * `RULE-10-6`: Fix output string format + * `STR37-C`: add support for a different `tolower/toupper` macro implementation + * `EXP43-C`: add explicit support for library functions that are mentioned in the rule description + * `RULE-11-1` `RULE-11-2` `RULE-11-5`: support for a different NULL pointer definition + * `STR38-C`: removed links to library internals in the output message \ No newline at end of file From 8c0b1bf495a8c306e72e90d72fb976ba727657ce Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 24 Apr 2023 17:54:22 +0200 Subject: [PATCH 1019/2573] STR38-C: fix expected file --- ...tConfuseNarrowAndWideFunctions.expected.qcc | 18 +++++++++--------- .../rules/STR38-C/{copy.c.qcc => test.c.qcc} | 0 2 files changed, 9 insertions(+), 9 deletions(-) rename c/cert/test/rules/STR38-C/{copy.c.qcc => test.c.qcc} (100%) diff --git a/c/cert/test/rules/STR38-C/DoNotConfuseNarrowAndWideFunctions.expected.qcc b/c/cert/test/rules/STR38-C/DoNotConfuseNarrowAndWideFunctions.expected.qcc index 2a4d8fe027..6652d20c4e 100644 --- a/c/cert/test/rules/STR38-C/DoNotConfuseNarrowAndWideFunctions.expected.qcc +++ b/c/cert/test/rules/STR38-C/DoNotConfuseNarrowAndWideFunctions.expected.qcc @@ -1,9 +1,9 @@ -| test.c:22:3:22:9 | call to wcsncpy | Call to function $@ with a narrow character string $@ where a wide character string parameter is expected. | test.c:22:3:22:9 | call to wcsncpy | wcsncpy | test.c:22:11:22:12 | n2 | argument | -| test.c:22:3:22:9 | call to wcsncpy | Call to function $@ with a narrow character string $@ where a wide character string parameter is expected. | test.c:22:3:22:9 | call to wcsncpy | wcsncpy | test.c:22:15:22:16 | n1 | argument | -| test.c:23:3:23:9 | call to wcsncpy | Call to function $@ with a narrow character string $@ where a wide character string parameter is expected. | test.c:23:3:23:9 | call to wcsncpy | wcsncpy | test.c:23:15:23:16 | n1 | argument | -| test.c:28:3:28:9 | call to strncpy | Call to function $@ with a wide character string $@ where a narrow character string parameter is expected. | test.c:28:3:28:9 | call to strncpy | strncpy | test.c:28:11:28:12 | w2 | argument | -| test.c:28:3:28:9 | call to strncpy | Call to function $@ with a wide character string $@ where a narrow character string parameter is expected. | test.c:28:3:28:9 | call to strncpy | strncpy | test.c:28:15:28:16 | w1 | argument | -| test.c:29:3:29:9 | call to strncpy | Call to function $@ with a wide character string $@ where a narrow character string parameter is expected. | test.c:29:3:29:9 | call to strncpy | strncpy | test.c:29:11:29:12 | w2 | argument | -| test.c:32:3:32:9 | call to wcsncpy | Call to function $@ with a narrow character string $@ where a wide character string parameter is expected. | test.c:32:3:32:9 | call to wcsncpy | wcsncpy | test.c:32:11:32:12 | n2 | argument | -| test.c:32:3:32:9 | call to wcsncpy | Call to function $@ with a narrow character string $@ where a wide character string parameter is expected. | test.c:32:3:32:9 | call to wcsncpy | wcsncpy | test.c:32:15:32:16 | n1 | argument | -| test.c:33:3:33:9 | call to wcsncpy | Call to function $@ with a narrow character string $@ where a wide character string parameter is expected. | test.c:33:3:33:9 | call to wcsncpy | wcsncpy | test.c:33:15:33:16 | n1 | argument | +| copy.c:22:3:22:9 | call to wcsncpy | Call to function `wcsncpy` with a narrow character string $@ where a wide character string is expected. | copy.c:22:11:22:12 | n2 | argument | +| copy.c:22:3:22:9 | call to wcsncpy | Call to function `wcsncpy` with a narrow character string $@ where a wide character string is expected. | copy.c:22:15:22:16 | n1 | argument | +| copy.c:23:3:23:9 | call to wcsncpy | Call to function `wcsncpy` with a narrow character string $@ where a wide character string is expected. | copy.c:23:15:23:16 | n1 | argument | +| copy.c:28:3:28:9 | call to strncpy | Call to function `strncpy` with a wide character string $@ where a narrow character string is expected. | copy.c:28:11:28:12 | w2 | argument | +| copy.c:28:3:28:9 | call to strncpy | Call to function `strncpy` with a wide character string $@ where a narrow character string is expected. | copy.c:28:15:28:16 | w1 | argument | +| copy.c:29:3:29:9 | call to strncpy | Call to function `strncpy` with a wide character string $@ where a narrow character string is expected. | copy.c:29:11:29:12 | w2 | argument | +| copy.c:32:3:32:9 | call to wcsncpy | Call to function `wcsncpy` with a narrow character string $@ where a wide character string is expected. | copy.c:32:11:32:12 | n2 | argument | +| copy.c:32:3:32:9 | call to wcsncpy | Call to function `wcsncpy` with a narrow character string $@ where a wide character string is expected. | copy.c:32:15:32:16 | n1 | argument | +| copy.c:33:3:33:9 | call to wcsncpy | Call to function `wcsncpy` with a narrow character string $@ where a wide character string is expected. | copy.c:33:15:33:16 | n1 | argument | diff --git a/c/cert/test/rules/STR38-C/copy.c.qcc b/c/cert/test/rules/STR38-C/test.c.qcc similarity index 100% rename from c/cert/test/rules/STR38-C/copy.c.qcc rename to c/cert/test/rules/STR38-C/test.c.qcc From 868114743fad1252a621eb42b0bb57c9d500e55c Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 24 Apr 2023 18:10:12 +0200 Subject: [PATCH 1020/2573] Fix expected file --- ...tConfuseNarrowAndWideFunctions.expected.qcc | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/c/cert/test/rules/STR38-C/DoNotConfuseNarrowAndWideFunctions.expected.qcc b/c/cert/test/rules/STR38-C/DoNotConfuseNarrowAndWideFunctions.expected.qcc index 6652d20c4e..704cff7a94 100644 --- a/c/cert/test/rules/STR38-C/DoNotConfuseNarrowAndWideFunctions.expected.qcc +++ b/c/cert/test/rules/STR38-C/DoNotConfuseNarrowAndWideFunctions.expected.qcc @@ -1,9 +1,9 @@ -| copy.c:22:3:22:9 | call to wcsncpy | Call to function `wcsncpy` with a narrow character string $@ where a wide character string is expected. | copy.c:22:11:22:12 | n2 | argument | -| copy.c:22:3:22:9 | call to wcsncpy | Call to function `wcsncpy` with a narrow character string $@ where a wide character string is expected. | copy.c:22:15:22:16 | n1 | argument | -| copy.c:23:3:23:9 | call to wcsncpy | Call to function `wcsncpy` with a narrow character string $@ where a wide character string is expected. | copy.c:23:15:23:16 | n1 | argument | -| copy.c:28:3:28:9 | call to strncpy | Call to function `strncpy` with a wide character string $@ where a narrow character string is expected. | copy.c:28:11:28:12 | w2 | argument | -| copy.c:28:3:28:9 | call to strncpy | Call to function `strncpy` with a wide character string $@ where a narrow character string is expected. | copy.c:28:15:28:16 | w1 | argument | -| copy.c:29:3:29:9 | call to strncpy | Call to function `strncpy` with a wide character string $@ where a narrow character string is expected. | copy.c:29:11:29:12 | w2 | argument | -| copy.c:32:3:32:9 | call to wcsncpy | Call to function `wcsncpy` with a narrow character string $@ where a wide character string is expected. | copy.c:32:11:32:12 | n2 | argument | -| copy.c:32:3:32:9 | call to wcsncpy | Call to function `wcsncpy` with a narrow character string $@ where a wide character string is expected. | copy.c:32:15:32:16 | n1 | argument | -| copy.c:33:3:33:9 | call to wcsncpy | Call to function `wcsncpy` with a narrow character string $@ where a wide character string is expected. | copy.c:33:15:33:16 | n1 | argument | +| test.c:22:3:22:9 | call to wcsncpy | Call to function `wcsncpy` with a narrow character string $@ where a wide character string is expected. | test.c:22:11:22:12 | n2 | argument | +| test.c:22:3:22:9 | call to wcsncpy | Call to function `wcsncpy` with a narrow character string $@ where a wide character string is expected. | test.c:22:15:22:16 | n1 | argument | +| test.c:23:3:23:9 | call to wcsncpy | Call to function `wcsncpy` with a narrow character string $@ where a wide character string is expected. | test.c:23:15:23:16 | n1 | argument | +| test.c:28:3:28:9 | call to strncpy | Call to function `strncpy` with a wide character string $@ where a narrow character string is expected. | test.c:28:11:28:12 | w2 | argument | +| test.c:28:3:28:9 | call to strncpy | Call to function `strncpy` with a wide character string $@ where a narrow character string is expected. | test.c:28:15:28:16 | w1 | argument | +| test.c:29:3:29:9 | call to strncpy | Call to function `strncpy` with a wide character string $@ where a narrow character string is expected. | test.c:29:11:29:12 | w2 | argument | +| test.c:32:3:32:9 | call to wcsncpy | Call to function `wcsncpy` with a narrow character string $@ where a wide character string is expected. | test.c:32:11:32:12 | n2 | argument | +| test.c:32:3:32:9 | call to wcsncpy | Call to function `wcsncpy` with a narrow character string $@ where a wide character string is expected. | test.c:32:15:32:16 | n1 | argument | +| test.c:33:3:33:9 | call to wcsncpy | Call to function `wcsncpy` with a narrow character string $@ where a wide character string is expected. | test.c:33:15:33:16 | n1 | argument | From b3b003025f810e86f9dccedf63f4fbd0d7c42eae Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 24 Apr 2023 18:51:52 +0200 Subject: [PATCH 1021/2573] Removing temp files --- c/cert/test/rules/EXP43-C/tempfile | 1 - c/cert/test/rules/FIO34-C/tempfile | 0 c/cert/test/rules/STR37-C/tempfile | 1 - c/misra/src/rules/RULE-11-1/tempfile | 0 c/misra/src/rules/RULE-11-2/tempfile | 0 c/misra/src/rules/RULE-11-5/tempfile | 0 6 files changed, 2 deletions(-) delete mode 100644 c/cert/test/rules/EXP43-C/tempfile delete mode 100644 c/cert/test/rules/FIO34-C/tempfile delete mode 100644 c/cert/test/rules/STR37-C/tempfile delete mode 100644 c/misra/src/rules/RULE-11-1/tempfile delete mode 100644 c/misra/src/rules/RULE-11-2/tempfile delete mode 100644 c/misra/src/rules/RULE-11-5/tempfile diff --git a/c/cert/test/rules/EXP43-C/tempfile b/c/cert/test/rules/EXP43-C/tempfile deleted file mode 100644 index 8b13789179..0000000000 --- a/c/cert/test/rules/EXP43-C/tempfile +++ /dev/null @@ -1 +0,0 @@ - diff --git a/c/cert/test/rules/FIO34-C/tempfile b/c/cert/test/rules/FIO34-C/tempfile deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/c/cert/test/rules/STR37-C/tempfile b/c/cert/test/rules/STR37-C/tempfile deleted file mode 100644 index 8b13789179..0000000000 --- a/c/cert/test/rules/STR37-C/tempfile +++ /dev/null @@ -1 +0,0 @@ - diff --git a/c/misra/src/rules/RULE-11-1/tempfile b/c/misra/src/rules/RULE-11-1/tempfile deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/c/misra/src/rules/RULE-11-2/tempfile b/c/misra/src/rules/RULE-11-2/tempfile deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/c/misra/src/rules/RULE-11-5/tempfile b/c/misra/src/rules/RULE-11-5/tempfile deleted file mode 100644 index e69de29bb2..0000000000 From ba2b58a9f335e9462aa19b1a19861352a6e68e36 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 24 Apr 2023 21:21:36 +0200 Subject: [PATCH 1022/2573] STR38-C: fix expected file --- ...oNotConfuseNarrowAndWideFunctions.expected | 24 +++++++++---------- 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/c/cert/test/rules/STR38-C/DoNotConfuseNarrowAndWideFunctions.expected b/c/cert/test/rules/STR38-C/DoNotConfuseNarrowAndWideFunctions.expected index 4c60f39f02..e575109ede 100644 --- a/c/cert/test/rules/STR38-C/DoNotConfuseNarrowAndWideFunctions.expected +++ b/c/cert/test/rules/STR38-C/DoNotConfuseNarrowAndWideFunctions.expected @@ -1,12 +1,12 @@ -| test.c:11:3:11:9 | call to strncpy | Call to function $@ with a wide character string $@ where a narrow character string parameter is expected. | test.c:11:3:11:9 | call to strncpy | strncpy | test.c:11:11:11:12 | w2 | argument | -| test.c:11:3:11:9 | call to strncpy | Call to function $@ with a wide character string $@ where a narrow character string parameter is expected. | test.c:11:3:11:9 | call to strncpy | strncpy | test.c:11:15:11:16 | w1 | argument | -| test.c:12:3:12:9 | call to strncpy | Call to function $@ with a wide character string $@ where a narrow character string parameter is expected. | test.c:12:3:12:9 | call to strncpy | strncpy | test.c:12:11:12:12 | w2 | argument | -| test.c:22:3:22:9 | call to wcsncpy | Call to function $@ with a narrow character string $@ where a wide character string parameter is expected. | test.c:22:3:22:9 | call to wcsncpy | wcsncpy | test.c:22:11:22:12 | n2 | argument | -| test.c:22:3:22:9 | call to wcsncpy | Call to function $@ with a narrow character string $@ where a wide character string parameter is expected. | test.c:22:3:22:9 | call to wcsncpy | wcsncpy | test.c:22:15:22:16 | n1 | argument | -| test.c:23:3:23:9 | call to wcsncpy | Call to function $@ with a narrow character string $@ where a wide character string parameter is expected. | test.c:23:3:23:9 | call to wcsncpy | wcsncpy | test.c:23:15:23:16 | n1 | argument | -| test.c:28:3:28:9 | call to strncpy | Call to function $@ with a wide character string $@ where a narrow character string parameter is expected. | test.c:28:3:28:9 | call to strncpy | strncpy | test.c:28:11:28:12 | w2 | argument | -| test.c:28:3:28:9 | call to strncpy | Call to function $@ with a wide character string $@ where a narrow character string parameter is expected. | test.c:28:3:28:9 | call to strncpy | strncpy | test.c:28:15:28:16 | w1 | argument | -| test.c:29:3:29:9 | call to strncpy | Call to function $@ with a wide character string $@ where a narrow character string parameter is expected. | test.c:29:3:29:9 | call to strncpy | strncpy | test.c:29:11:29:12 | w2 | argument | -| test.c:32:3:32:9 | call to wcsncpy | Call to function $@ with a narrow character string $@ where a wide character string parameter is expected. | test.c:32:3:32:9 | call to wcsncpy | wcsncpy | test.c:32:11:32:12 | n2 | argument | -| test.c:32:3:32:9 | call to wcsncpy | Call to function $@ with a narrow character string $@ where a wide character string parameter is expected. | test.c:32:3:32:9 | call to wcsncpy | wcsncpy | test.c:32:15:32:16 | n1 | argument | -| test.c:33:3:33:9 | call to wcsncpy | Call to function $@ with a narrow character string $@ where a wide character string parameter is expected. | test.c:33:3:33:9 | call to wcsncpy | wcsncpy | test.c:33:15:33:16 | n1 | argument | +| test.c:11:3:11:9 | call to strncpy | Call to function `strncpy` with a wide character string $@ where a narrow character string is expected. | test.c:11:11:11:12 | w2 | argument | +| test.c:11:3:11:9 | call to strncpy | Call to function `strncpy` with a wide character string $@ where a narrow character string is expected. | test.c:11:15:11:16 | w1 | argument | +| test.c:12:3:12:9 | call to strncpy | Call to function `strncpy` with a wide character string $@ where a narrow character string is expected. | test.c:12:11:12:12 | w2 | argument | +| test.c:22:3:22:9 | call to wcsncpy | Call to function `wcsncpy` with a narrow character string $@ where a wide character string is expected. | test.c:22:11:22:12 | n2 | argument | +| test.c:22:3:22:9 | call to wcsncpy | Call to function `wcsncpy` with a narrow character string $@ where a wide character string is expected. | test.c:22:15:22:16 | n1 | argument | +| test.c:23:3:23:9 | call to wcsncpy | Call to function `wcsncpy` with a narrow character string $@ where a wide character string is expected. | test.c:23:15:23:16 | n1 | argument | +| test.c:28:3:28:9 | call to strncpy | Call to function `strncpy` with a wide character string $@ where a narrow character string is expected. | test.c:28:11:28:12 | w2 | argument | +| test.c:28:3:28:9 | call to strncpy | Call to function `strncpy` with a wide character string $@ where a narrow character string is expected. | test.c:28:15:28:16 | w1 | argument | +| test.c:29:3:29:9 | call to strncpy | Call to function `strncpy` with a wide character string $@ where a narrow character string is expected. | test.c:29:11:29:12 | w2 | argument | +| test.c:32:3:32:9 | call to wcsncpy | Call to function `wcsncpy` with a narrow character string $@ where a wide character string is expected. | test.c:32:11:32:12 | n2 | argument | +| test.c:32:3:32:9 | call to wcsncpy | Call to function `wcsncpy` with a narrow character string $@ where a wide character string is expected. | test.c:32:15:32:16 | n1 | argument | +| test.c:33:3:33:9 | call to wcsncpy | Call to function `wcsncpy` with a narrow character string $@ where a wide character string is expected. | test.c:33:15:33:16 | n1 | argument | From 0cbf676eadce8e1429d3b080207035c6af13b92a Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Tue, 25 Apr 2023 11:38:38 -0400 Subject: [PATCH 1023/2573] Update README.md --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 057877578c..b5a13c696f 100644 --- a/README.md +++ b/README.md @@ -50,3 +50,5 @@ All header files in [c/common/test/includes/standard-library](./c/common/test/in --- 1This repository incorporates portions of the SEI CERT® Coding Standards available at https://wiki.sei.cmu.edu/confluence/display/seccode/SEI+CERT+Coding+Standards; however, such use does not necessarily constitute or imply an endorsement, recommendation, or favoring by Carnegie Mellon University or its Software Engineering Institute. + + From 2c51ca11a32f090102aafeaee03de542321f3ae7 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Tue, 25 Apr 2023 11:22:56 -0700 Subject: [PATCH 1024/2573] Revert A5-2-6 --- .../OperandsOfALogicalAndOrNotParenthesized.ql | 18 ++++++------------ 1 file changed, 6 insertions(+), 12 deletions(-) diff --git a/cpp/autosar/src/rules/A5-2-6/OperandsOfALogicalAndOrNotParenthesized.ql b/cpp/autosar/src/rules/A5-2-6/OperandsOfALogicalAndOrNotParenthesized.ql index 6816c6ab1e..dd63288587 100644 --- a/cpp/autosar/src/rules/A5-2-6/OperandsOfALogicalAndOrNotParenthesized.ql +++ b/cpp/autosar/src/rules/A5-2-6/OperandsOfALogicalAndOrNotParenthesized.ql @@ -17,17 +17,11 @@ import cpp import codingstandards.cpp.autosar -from BinaryLogicalOperation op, Expr operand +from BinaryLogicalOperation op, BinaryOperation binop where not isExcluded(op, OrderOfEvaluationPackage::operandsOfALogicalAndOrNotParenthesizedQuery()) and - operand = op.getAnOperand() and - /* The operand is a built-in arithmetic/logic binary operation */ - if operand instanceof BinaryOperation - then - not exists(ParenthesisExpr p | p = operand.getFullyConverted()) and - // Exclude binary operations expanded by a macro. - not operand.isInMacroExpansion() - else - /* The operand should not be a field access operation */ - not operand instanceof FieldAccess -select op, "Binary $@ operand of logical operation is not parenthesized.", operand, "operator" + op.getAnOperand() = binop and + not exists(ParenthesisExpr p | p = binop.getFullyConverted()) and + // Exclude binary operations expanded by a macro. + not binop.isInMacroExpansion() +select op, "Binary $@ operand of logical operation is not parenthesized.", binop, "operator" From ec602e3b87c564db018cdeecf02f6016727948cb Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Tue, 25 Apr 2023 11:57:42 -0700 Subject: [PATCH 1025/2573] Update .expected for A0-1-1 --- .../rules/A0-1-1/UselessAssignment.expected | 28 +++++++++---------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/cpp/autosar/test/rules/A0-1-1/UselessAssignment.expected b/cpp/autosar/test/rules/A0-1-1/UselessAssignment.expected index b91ac0e0ce..bdd73be2eb 100644 --- a/cpp/autosar/test/rules/A0-1-1/UselessAssignment.expected +++ b/cpp/autosar/test/rules/A0-1-1/UselessAssignment.expected @@ -1,14 +1,14 @@ -| test.cpp:22:10:22:11 | 0 | Definition of $@ is unused. | test.cpp:22:7:22:7 | y | y | -| test.cpp:25:3:25:5 | ... ++ | Definition of $@ is unused. | test.cpp:24:7:24:7 | z | z | -| test.cpp:42:3:42:7 | ... = ... | Definition of $@ is unused. | test.cpp:20:41:20:41 | p | p | -| test.cpp:44:10:44:11 | 0 | Definition of $@ is unused. | test.cpp:44:7:44:8 | l3 | l3 | -| test.cpp:45:13:45:22 | new | Definition of $@ is unused. | test.cpp:45:8:45:9 | l4 | l4 | -| test.cpp:48:8:48:8 | {...} | Definition of $@ is unused. | test.cpp:48:5:48:6 | a2 | a2 | -| test.cpp:49:11:49:15 | new | Definition of $@ is unused. | test.cpp:49:6:49:7 | a3 | a3 | -| test.cpp:50:11:50:17 | new | Definition of $@ is unused. | test.cpp:50:6:50:7 | a4 | a4 | -| test.cpp:51:11:51:17 | 0 | Definition of $@ is unused. | test.cpp:51:6:51:7 | a5 | a5 | -| test.cpp:55:3:55:10 | ... = ... | Definition of $@ is unused. | test.cpp:52:5:52:6 | a6 | a6 | -| test.cpp:60:11:60:15 | new | Definition of $@ is unused. | test.cpp:60:6:60:7 | b3 | b3 | -| test.cpp:61:11:61:17 | new | Definition of $@ is unused. | test.cpp:61:6:61:7 | b4 | b4 | -| test.cpp:62:11:62:17 | 0 | Definition of $@ is unused. | test.cpp:62:6:62:7 | b5 | b5 | -| test.cpp:70:11:70:17 | 0 | Definition of $@ is unused. | test.cpp:70:6:70:7 | c5 | c5 | +| test.cpp:55:10:55:11 | 0 | Definition of $@ is unused. | test.cpp:55:7:55:7 | y | y | +| test.cpp:58:3:58:5 | ... ++ | Definition of $@ is unused. | test.cpp:57:7:57:7 | z | z | +| test.cpp:75:3:75:7 | ... = ... | Definition of $@ is unused. | test.cpp:53:41:53:41 | p | p | +| test.cpp:77:10:77:11 | 0 | Definition of $@ is unused. | test.cpp:77:7:77:8 | l3 | l3 | +| test.cpp:78:13:78:22 | new | Definition of $@ is unused. | test.cpp:78:8:78:9 | l4 | l4 | +| test.cpp:81:8:81:8 | {...} | Definition of $@ is unused. | test.cpp:81:5:81:6 | a2 | a2 | +| test.cpp:82:11:82:15 | new | Definition of $@ is unused. | test.cpp:82:6:82:7 | a3 | a3 | +| test.cpp:83:11:83:17 | new | Definition of $@ is unused. | test.cpp:83:6:83:7 | a4 | a4 | +| test.cpp:84:11:84:17 | 0 | Definition of $@ is unused. | test.cpp:84:6:84:7 | a5 | a5 | +| test.cpp:88:3:88:10 | ... = ... | Definition of $@ is unused. | test.cpp:85:5:85:6 | a6 | a6 | +| test.cpp:93:11:93:15 | new | Definition of $@ is unused. | test.cpp:93:6:93:7 | b3 | b3 | +| test.cpp:94:11:94:17 | new | Definition of $@ is unused. | test.cpp:94:6:94:7 | b4 | b4 | +| test.cpp:95:11:95:17 | 0 | Definition of $@ is unused. | test.cpp:95:6:95:7 | b5 | b5 | +| test.cpp:103:11:103:17 | 0 | Definition of $@ is unused. | test.cpp:103:6:103:7 | c5 | c5 | From 248683a2be15893c10953d027fe004be4e8c44bc Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 26 Apr 2023 10:58:20 +0200 Subject: [PATCH 1026/2573] Fix clang compilation issues: Fix test files for RULE-1-3 and CON38-C --- .../test.c | 2 -- c/misra/test/rules/RULE-1-3/test.c.clang | 25 +++++++++++++++++++ 2 files changed, 25 insertions(+), 2 deletions(-) create mode 100644 c/misra/test/rules/RULE-1-3/test.c.clang diff --git a/c/common/test/rules/preservesafetywhenusingconditionvariables/test.c b/c/common/test/rules/preservesafetywhenusingconditionvariables/test.c index 0134a1fd6d..2c6028f0ae 100644 --- a/c/common/test/rules/preservesafetywhenusingconditionvariables/test.c +++ b/c/common/test/rules/preservesafetywhenusingconditionvariables/test.c @@ -29,7 +29,6 @@ void f1() { } mtx_destroy(&mxl); - return 0; } void f2() { @@ -48,5 +47,4 @@ void f2() { } mtx_destroy(&mxl); - return 0; } diff --git a/c/misra/test/rules/RULE-1-3/test.c.clang b/c/misra/test/rules/RULE-1-3/test.c.clang new file mode 100644 index 0000000000..380a0cb512 --- /dev/null +++ b/c/misra/test/rules/RULE-1-3/test.c.clang @@ -0,0 +1,25 @@ +// void main(void) { // COMPLIANT does not compile in clang +// } + +int ____codeql_coding_standards_m1(int argc, char **argv) { // NON_COMPLIANT + return 0; +} + +void ____codeql_coding_standards_m2(char *argc, char **argv) { // NON_COMPLIANT +} + +int ____codeql_coding_standards_m3(int argc, char *argv) { // NON_COMPLIANT + return 0; +} + +int ____codeql_coding_standards_m4() { // NON_COMPLIANT + return 0; +} + +int ____codeql_coding_standards_m5(int argc, int *argv) { // NON_COMPLIANT + return 0; +} + +int ____codeql_coding_standards_m6(int argc, int **argv) { // NON_COMPLIANT + return 0; +} From abb1a1421d0891da7913e26acb0567ea963dc0c4 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 26 Apr 2023 20:06:00 +0200 Subject: [PATCH 1027/2573] Update AUTOSAR reference - Fix PDF link - Drop version distinctions (no changes since 19-03 ) --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index b5a13c696f..062a128231 100644 --- a/README.md +++ b/README.md @@ -9,7 +9,7 @@ _Carnegie Mellon and CERT are registered trademarks of Carnegie Mellon Universit This repository contains CodeQL queries and libraries which support various Coding Standards for the [C++14](https://www.iso.org/standard/64029.html) programming language. The following coding standards are supported: -- [AUTOSAR - Guidelines for the use of C++14 language in critical and safety-related systems Release 20-11](https://www.autosar.org/fileadmin/standards/adaptive/20-11/AUTOSAR_RS_CPP14Guidelines.pdf) +- [AUTOSAR - Guidelines for the use of C++14 language in critical and safety-related systems](https://www.autosar.org/fileadmin/standards/R22-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf) - [MISRA C++:2008](https://www.misra.org.uk) (support limited to the rules specified in AUTOSAR 20-11). - [SEI CERT C++ Coding Standard: Rules for Developing Safe, Reliable, and Secure Systems (2016 Edition)](https://resources.sei.cmu.edu/library/asset-view.cfm?assetID=494932) From 4731bf02d46d1024bc3503bdc19c90de5f6f888e Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 26 Apr 2023 20:09:41 +0200 Subject: [PATCH 1028/2573] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 062a128231..e327bb11ea 100644 --- a/README.md +++ b/README.md @@ -9,7 +9,7 @@ _Carnegie Mellon and CERT are registered trademarks of Carnegie Mellon Universit This repository contains CodeQL queries and libraries which support various Coding Standards for the [C++14](https://www.iso.org/standard/64029.html) programming language. The following coding standards are supported: -- [AUTOSAR - Guidelines for the use of C++14 language in critical and safety-related systems](https://www.autosar.org/fileadmin/standards/R22-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf) +- [AUTOSAR - Guidelines for the use of C++14 language in critical and safety-related systems](https://www.autosar.org/fileadmin/standards/R20-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf) - [MISRA C++:2008](https://www.misra.org.uk) (support limited to the rules specified in AUTOSAR 20-11). - [SEI CERT C++ Coding Standard: Rules for Developing Safe, Reliable, and Secure Systems (2016 Edition)](https://resources.sei.cmu.edu/library/asset-view.cfm?assetID=494932) From 50100ec3c29ff86e7e1384200ce777e28146d919 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 26 Apr 2023 20:12:06 +0200 Subject: [PATCH 1029/2573] Update development_handbook.md --- docs/development_handbook.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/development_handbook.md b/docs/development_handbook.md index 1d1a9a0584..f7f1cdf5d4 100644 --- a/docs/development_handbook.md +++ b/docs/development_handbook.md @@ -41,7 +41,7 @@ A _coding standard_ is a set of rules or guidelines which restrict or prohibit t | Standard | Version | Total rules | Total supportable rules | Status | Notes | | -------------------------------------------------------------------------------------------------------------------- | ------- | ----------- | ----------------------- | -------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | -| [AUTOSAR C++](https://www.autosar.org/fileadmin/standards/adaptive/20-11/AUTOSAR_RS_CPP14Guidelines.pdf) | 20-11 | 397 | 375 | Implemented | +| [AUTOSAR C++](https://www.autosar.org/fileadmin/standards/R20-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf) | 20-11 | 397 | 375 | Implemented | | [CERT-C++](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-cpp-coding-standard-2016-v01.pdf) | 2016 | 83 | 83 | Implemented | AUTOSAR includes a sub-set of rules take from MISRA C++ 2008, which can be purchased for a small fee from [the MISRA website](https://misra.org.uk/shop). | | [CERT-C](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-c-coding-standard-2016-v01.pdf) | 2016 | 120 | 99 | In development | The implementation excludes rules not part of 2016, but that are added to the [CERT-C wiki](https://wiki.sei.cmu.edu/confluence/display/c/) | | [MISRA C](https://www.misra.org.uk/product/misra-c2012-third-edition-first-revision/ ) | 2012 | 172 | 172 | In development | This includes the [MISRA C:2012 Amendment 2](https://www.misra.org.uk/app/uploads/2021/06/MISRA-C-2012-AMD2.pdf) | From d66f2c93677938678caaa709d5ee6e0f012dd2ed Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 26 Apr 2023 20:12:50 +0200 Subject: [PATCH 1030/2573] Update generate_package_files.py --- scripts/generate_rules/generate_package_files.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/generate_rules/generate_package_files.py b/scripts/generate_rules/generate_package_files.py index daca3cebd1..eb5e90349c 100644 --- a/scripts/generate_rules/generate_package_files.py +++ b/scripts/generate_rules/generate_package_files.py @@ -49,7 +49,7 @@ }, "AUTOSAR" : { "standard_title" : "AUTOSAR: Guidelines for the use of the C++14 language in critical and safety-related systems", - "standard_url" : "https://www.autosar.org/fileadmin/standards/adaptive/20-11/AUTOSAR_RS_CPP14Guidelines.pdf" + "standard_url" : "https://www.autosar.org/fileadmin/standards/R20-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf" }, "CERT-C" : { "standard_title" : "CERT-C", From b763d6e34653173085a6d45ce736eecc933749eb Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 26 Apr 2023 20:16:25 +0200 Subject: [PATCH 1031/2573] Update user_manual.md --- docs/user_manual.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/user_manual.md b/docs/user_manual.md index fec4b6f00a..b634b0a185 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -47,7 +47,7 @@ The _CodeQL Coding Standards_ product is a set of CodeQL queries for identifying | Standard | Version | Total rules | Total supportable rules | Status | | -------------------------------------------------------------------------------------------------------------------- | ------- | ----------- | ----------------------- | ----------------- | -| [AUTOSAR C++](https://www.autosar.org/fileadmin/standards/adaptive/20-11/AUTOSAR_RS_CPP14Guidelines.pdf) | 20-11 | 397 | 375 | Implemented | +| [AUTOSAR C++](https://www.autosar.org/fileadmin/standards/R20-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf) | 20-11 | 397 | 375 | Implemented | | [CERT-C++](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-cpp-coding-standard-2016-v01.pdf) | 2016 | 83 | 83 | Implemented | | [CERT C](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-c-coding-standard-2016-v01.pdf) | 2016 | 99 | 99 | Under development | | [MISRA C](https://www.misra.org.uk/product/misra-c2012-third-edition-first-revision/) | 2012 | 172 | 169 | Under development | From ec79c886b80740e383fe0aa56a689311e4985199 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Wed, 26 Apr 2023 12:12:59 -0700 Subject: [PATCH 1032/2573] Remove change notes for A0-1-1 and A5-2-6 - A0-1-1: Couldn't repro, query file not touched at all - A5-2-6: Couldn't repro, file reverted to original --- change_notes/2023-03-15-fix-reported-fp-for-A0-1-1.md | 2 -- change_notes/2023-03-15-fix-reported-fp-for-A5-2-6.md | 2 -- 2 files changed, 4 deletions(-) delete mode 100644 change_notes/2023-03-15-fix-reported-fp-for-A0-1-1.md delete mode 100644 change_notes/2023-03-15-fix-reported-fp-for-A5-2-6.md diff --git a/change_notes/2023-03-15-fix-reported-fp-for-A0-1-1.md b/change_notes/2023-03-15-fix-reported-fp-for-A0-1-1.md deleted file mode 100644 index 0f9960eb5e..0000000000 --- a/change_notes/2023-03-15-fix-reported-fp-for-A0-1-1.md +++ /dev/null @@ -1,2 +0,0 @@ -- `A0-1-1` - `UselessAssignment.ql`: - - Exclude cases where an access to a variable's field or member was not considered as a valid use of the variable. diff --git a/change_notes/2023-03-15-fix-reported-fp-for-A5-2-6.md b/change_notes/2023-03-15-fix-reported-fp-for-A5-2-6.md deleted file mode 100644 index eb54c71131..0000000000 --- a/change_notes/2023-03-15-fix-reported-fp-for-A5-2-6.md +++ /dev/null @@ -1,2 +0,0 @@ -- `A5-2-6` - `OperandsOfALogicalAndOrNotParenthesized.ql`: - - Exclude deferencing field accessor (`->`) and field accessor (`.`) from binary operators in question. From 2a134948064472b4191fa8c5d69bb5cb97ffea95 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 26 Apr 2023 21:43:07 +0200 Subject: [PATCH 1033/2573] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index e327bb11ea..8467295a23 100644 --- a/README.md +++ b/README.md @@ -9,7 +9,7 @@ _Carnegie Mellon and CERT are registered trademarks of Carnegie Mellon Universit This repository contains CodeQL queries and libraries which support various Coding Standards for the [C++14](https://www.iso.org/standard/64029.html) programming language. The following coding standards are supported: -- [AUTOSAR - Guidelines for the use of C++14 language in critical and safety-related systems](https://www.autosar.org/fileadmin/standards/R20-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf) +- [AUTOSAR - Guidelines for the use of C++14 language in critical and safety-related systems Release 19-11, 20-11 and 21-11](https://www.autosar.org/fileadmin/standards/R20-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf) - [MISRA C++:2008](https://www.misra.org.uk) (support limited to the rules specified in AUTOSAR 20-11). - [SEI CERT C++ Coding Standard: Rules for Developing Safe, Reliable, and Secure Systems (2016 Edition)](https://resources.sei.cmu.edu/library/asset-view.cfm?assetID=494932) From c5e9e0c3dc91aae70a84636db378de822bbc5fff Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 26 Apr 2023 21:51:53 +0200 Subject: [PATCH 1034/2573] Add AUTOSAR release numbers --- README.md | 4 ++-- cpp/autosar/src/codeql-suites/autosar-advisory.qls | 2 +- cpp/autosar/src/codeql-suites/autosar-audit.qls | 2 +- cpp/autosar/src/codeql-suites/autosar-default.qls | 2 +- cpp/autosar/src/codeql-suites/autosar-required.qls | 2 +- .../src/codeql-suites/autosar-single-translation-unit.qls | 2 +- cpp/autosar/src/qlpack.yml | 2 +- docs/development_handbook.md | 2 +- docs/user_manual.md | 2 +- scripts/generate_rules/generate_package_files.py | 4 ++-- scripts/reports/utils.py | 2 +- 11 files changed, 13 insertions(+), 13 deletions(-) diff --git a/README.md b/README.md index 8467295a23..82196e835b 100644 --- a/README.md +++ b/README.md @@ -9,8 +9,8 @@ _Carnegie Mellon and CERT are registered trademarks of Carnegie Mellon Universit This repository contains CodeQL queries and libraries which support various Coding Standards for the [C++14](https://www.iso.org/standard/64029.html) programming language. The following coding standards are supported: -- [AUTOSAR - Guidelines for the use of C++14 language in critical and safety-related systems Release 19-11, 20-11 and 21-11](https://www.autosar.org/fileadmin/standards/R20-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf) -- [MISRA C++:2008](https://www.misra.org.uk) (support limited to the rules specified in AUTOSAR 20-11). +- [AUTOSAR - Guidelines for the use of C++14 language in critical and safety-related systems Release 19-11, 20-11 and 21-11](https://www.autosar.org/fileadmin/standards/R21-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf) +- [MISRA C++:2008](https://www.misra.org.uk) (support limited to the rules specified in AUTOSAR). - [SEI CERT C++ Coding Standard: Rules for Developing Safe, Reliable, and Secure Systems (2016 Edition)](https://resources.sei.cmu.edu/library/asset-view.cfm?assetID=494932) In addition, the following Coding Standards for the C programming language are under development: diff --git a/cpp/autosar/src/codeql-suites/autosar-advisory.qls b/cpp/autosar/src/codeql-suites/autosar-advisory.qls index 6460375091..9098a4d26d 100644 --- a/cpp/autosar/src/codeql-suites/autosar-advisory.qls +++ b/cpp/autosar/src/codeql-suites/autosar-advisory.qls @@ -1,4 +1,4 @@ -- description: AUTOSAR C++14 Guidelines 20-11 (Advisory) +- description: AUTOSAR C++14 Guidelines R19-11, R20-11 and R21-11 (Advisory) - qlpack: codeql/autosar-cpp-coding-standards - include: kind: diff --git a/cpp/autosar/src/codeql-suites/autosar-audit.qls b/cpp/autosar/src/codeql-suites/autosar-audit.qls index 25f4f1c41c..847fb4448f 100644 --- a/cpp/autosar/src/codeql-suites/autosar-audit.qls +++ b/cpp/autosar/src/codeql-suites/autosar-audit.qls @@ -1,4 +1,4 @@ -- description: AUTOSAR C++14 Guidelines 20-11 (Audit) +- description: AUTOSAR C++14 Guidelines R19-11, R20-11 and R21-11 (Audit) - qlpack: codeql/autosar-cpp-coding-standards - include: kind: diff --git a/cpp/autosar/src/codeql-suites/autosar-default.qls b/cpp/autosar/src/codeql-suites/autosar-default.qls index e57d0739d6..53c94ecfb6 100644 --- a/cpp/autosar/src/codeql-suites/autosar-default.qls +++ b/cpp/autosar/src/codeql-suites/autosar-default.qls @@ -1,4 +1,4 @@ -- description: AUTOSAR C++14 Guidelines 20-11 (Default) +- description: AUTOSAR C++14 Guidelines R19-11, R20-11 and R21-11 (Default) - qlpack: codeql/autosar-cpp-coding-standards - include: kind: diff --git a/cpp/autosar/src/codeql-suites/autosar-required.qls b/cpp/autosar/src/codeql-suites/autosar-required.qls index aa4173462c..00f788f83e 100644 --- a/cpp/autosar/src/codeql-suites/autosar-required.qls +++ b/cpp/autosar/src/codeql-suites/autosar-required.qls @@ -1,4 +1,4 @@ -- description: AUTOSAR C++14 Guidelines 20-11 (Required) +- description: AUTOSAR C++14 Guidelines R19-11, R20-11 and R21-11 (Required) - qlpack: codeql/autosar-cpp-coding-standards - include: kind: diff --git a/cpp/autosar/src/codeql-suites/autosar-single-translation-unit.qls b/cpp/autosar/src/codeql-suites/autosar-single-translation-unit.qls index d56a7e306a..7951257abf 100644 --- a/cpp/autosar/src/codeql-suites/autosar-single-translation-unit.qls +++ b/cpp/autosar/src/codeql-suites/autosar-single-translation-unit.qls @@ -1,4 +1,4 @@ -- description: AUTOSAR C++14 Guidelines 20-11 (Single Translation Unit) +- description: AUTOSAR C++14 Guidelines R19-11, R20-11 and R21-11 (Single Translation Unit) - qlpack: codeql/autosar-cpp-coding-standards - include: kind: diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index 1bbc00cb88..8178f69600 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,6 +1,6 @@ name: codeql/autosar-cpp-coding-standards version: 2.18.0-dev -description: AUTOSAR C++14 Guidelines 20-11 +description: AUTOSAR C++14 Guidelines R19-11, R20-11 and R21-11 suites: codeql-suites license: MIT dependencies: diff --git a/docs/development_handbook.md b/docs/development_handbook.md index f7f1cdf5d4..981356433e 100644 --- a/docs/development_handbook.md +++ b/docs/development_handbook.md @@ -41,7 +41,7 @@ A _coding standard_ is a set of rules or guidelines which restrict or prohibit t | Standard | Version | Total rules | Total supportable rules | Status | Notes | | -------------------------------------------------------------------------------------------------------------------- | ------- | ----------- | ----------------------- | -------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | -| [AUTOSAR C++](https://www.autosar.org/fileadmin/standards/R20-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf) | 20-11 | 397 | 375 | Implemented | +| [AUTOSAR C++](https://www.autosar.org/fileadmin/standards/R21-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf) | R19-11 R20-11 R21-11 | 397 | 375 | Implemented | | [CERT-C++](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-cpp-coding-standard-2016-v01.pdf) | 2016 | 83 | 83 | Implemented | AUTOSAR includes a sub-set of rules take from MISRA C++ 2008, which can be purchased for a small fee from [the MISRA website](https://misra.org.uk/shop). | | [CERT-C](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-c-coding-standard-2016-v01.pdf) | 2016 | 120 | 99 | In development | The implementation excludes rules not part of 2016, but that are added to the [CERT-C wiki](https://wiki.sei.cmu.edu/confluence/display/c/) | | [MISRA C](https://www.misra.org.uk/product/misra-c2012-third-edition-first-revision/ ) | 2012 | 172 | 172 | In development | This includes the [MISRA C:2012 Amendment 2](https://www.misra.org.uk/app/uploads/2021/06/MISRA-C-2012-AMD2.pdf) | diff --git a/docs/user_manual.md b/docs/user_manual.md index b634b0a185..3c704be7ec 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -47,7 +47,7 @@ The _CodeQL Coding Standards_ product is a set of CodeQL queries for identifying | Standard | Version | Total rules | Total supportable rules | Status | | -------------------------------------------------------------------------------------------------------------------- | ------- | ----------- | ----------------------- | ----------------- | -| [AUTOSAR C++](https://www.autosar.org/fileadmin/standards/R20-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf) | 20-11 | 397 | 375 | Implemented | +| [AUTOSAR C++](https://www.autosar.org/fileadmin/standards/R21-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf) | R19-11 R20-11 R21-11 | 397 | 375 | Implemented | | [CERT-C++](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-cpp-coding-standard-2016-v01.pdf) | 2016 | 83 | 83 | Implemented | | [CERT C](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-c-coding-standard-2016-v01.pdf) | 2016 | 99 | 99 | Under development | | [MISRA C](https://www.misra.org.uk/product/misra-c2012-third-edition-first-revision/) | 2012 | 172 | 169 | Under development | diff --git a/scripts/generate_rules/generate_package_files.py b/scripts/generate_rules/generate_package_files.py index eb5e90349c..dca1654d18 100644 --- a/scripts/generate_rules/generate_package_files.py +++ b/scripts/generate_rules/generate_package_files.py @@ -49,7 +49,7 @@ }, "AUTOSAR" : { "standard_title" : "AUTOSAR: Guidelines for the use of the C++14 language in critical and safety-related systems", - "standard_url" : "https://www.autosar.org/fileadmin/standards/R20-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf" + "standard_url" : "https://www.autosar.org/fileadmin/standards/R21-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf" }, "CERT-C" : { "standard_title" : "CERT-C", @@ -368,7 +368,7 @@ def generate_package_files(package_name: str) -> None: query["standard_title"] = "AUTOSAR: Guidelines for the use of the C++14 language in critical and safety-related systems" query[ "standard_url" - ] = "https://www.autosar.org/fileadmin/standards/adaptive/20-11/AUTOSAR_RS_CPP14Guidelines.pdf" + ] = "https://www.autosar.org/fileadmin/standards/R22-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf" help_dir = None if standard_name in external_help_file_standards: diff --git a/scripts/reports/utils.py b/scripts/reports/utils.py index 4fae73d564..6f1576b715 100644 --- a/scripts/reports/utils.py +++ b/scripts/reports/utils.py @@ -183,7 +183,7 @@ def generate_guideline_compliance_summary(output_directory, results_summary): print( "**Result**: " + ("Not compliant" if total_guidelines_violated > 0 else "Compliant")) standard_pretty_name = { - "cert": "CERT C++ 2016", "autosar": "AUTOSAR C++ 20-11"} + "cert": "CERT C++ 2016", "autosar": "AUTOSAR C++ R19-11, R20-11 and R21-11"} print("**Coding Standards applied**: " + ", ".join([standard_pretty_name[standard_short_name] for standard_short_name in results_summary.guideline_violation_count.keys()])) From b45c769d0d6fb4a3a8dc2288c831fa3939aed9e6 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 26 Apr 2023 21:54:40 +0200 Subject: [PATCH 1035/2573] update autosar link --- scripts/generate_rules/generate_package_files.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/generate_rules/generate_package_files.py b/scripts/generate_rules/generate_package_files.py index dca1654d18..c7ad3b51d4 100644 --- a/scripts/generate_rules/generate_package_files.py +++ b/scripts/generate_rules/generate_package_files.py @@ -368,7 +368,7 @@ def generate_package_files(package_name: str) -> None: query["standard_title"] = "AUTOSAR: Guidelines for the use of the C++14 language in critical and safety-related systems" query[ "standard_url" - ] = "https://www.autosar.org/fileadmin/standards/R22-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf" + ] = "https://www.autosar.org/fileadmin/standards/R21-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf" help_dir = None if standard_name in external_help_file_standards: From 08a261e497412d744706ef0948bfb32dcc9a0242 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 25 Apr 2023 21:41:24 +0100 Subject: [PATCH 1036/2573] A26-5-1: Address compiler compatibility Move "rand" definition to the global namespace and import into std with "using", to better reflect "real" compilers. --- cpp/common/test/includes/standard-library/cstdlib.h | 2 +- cpp/common/test/includes/standard-library/stdlib.h | 2 ++ .../DoNotUseRandForGeneratingPseudorandomNumbers.expected | 2 +- 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/cpp/common/test/includes/standard-library/cstdlib.h b/cpp/common/test/includes/standard-library/cstdlib.h index b2c87ada66..4a2d0cd9ee 100644 --- a/cpp/common/test/includes/standard-library/cstdlib.h +++ b/cpp/common/test/includes/standard-library/cstdlib.h @@ -7,10 +7,10 @@ namespace std { [[noreturn]] void quick_exit(int status) noexcept; extern "C++" int atexit(void (*f)(void)) noexcept; extern "C++" int at_quick_exit(void (*f)(void)) noexcept; -extern "C++" long rand() noexcept; using ::atof; using ::atoi; using ::atol; using ::atoll; +using ::rand; } // namespace std #endif // _GHLIBCPP_CSTDLIB \ No newline at end of file diff --git a/cpp/common/test/includes/standard-library/stdlib.h b/cpp/common/test/includes/standard-library/stdlib.h index 37902b52bb..c8ff7a7592 100644 --- a/cpp/common/test/includes/standard-library/stdlib.h +++ b/cpp/common/test/includes/standard-library/stdlib.h @@ -20,4 +20,6 @@ long int atol(const char *str); long long int atoll(const char *str); double atof(const char *str); +int rand(void); + #endif // _GHLIBCPP_STDLIB \ No newline at end of file diff --git a/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.expected b/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.expected index 2b4bcde88a..eaefe65ca3 100644 --- a/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.expected +++ b/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.expected @@ -1 +1 @@ -| test.cpp:5:47:5:55 | call to rand | Use of banned function std::rand. | +| test.cpp:5:47:5:55 | call to rand | Use of banned function rand. | From b9f8bdecd12473f0c6130345e1d96af03e96defe Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 25 Apr 2023 21:45:03 +0100 Subject: [PATCH 1037/2573] A15-1-5: Expect no results for real compilers Our compiler testing only uses a single compiler and cannot replicate execution boundaries, so we simply ignore this test by expecting no results. --- .../ExceptionsThrownAcrossExecutionBoundaries.clang.expected | 0 .../ExceptionsThrownAcrossExecutionBoundaries.gcc.expected | 0 .../ExceptionsThrownAcrossExecutionBoundaries.qcc.expected | 0 3 files changed, 0 insertions(+), 0 deletions(-) create mode 100644 cpp/autosar/test/rules/A15-1-5/ExceptionsThrownAcrossExecutionBoundaries.clang.expected create mode 100644 cpp/autosar/test/rules/A15-1-5/ExceptionsThrownAcrossExecutionBoundaries.gcc.expected create mode 100644 cpp/autosar/test/rules/A15-1-5/ExceptionsThrownAcrossExecutionBoundaries.qcc.expected diff --git a/cpp/autosar/test/rules/A15-1-5/ExceptionsThrownAcrossExecutionBoundaries.clang.expected b/cpp/autosar/test/rules/A15-1-5/ExceptionsThrownAcrossExecutionBoundaries.clang.expected new file mode 100644 index 0000000000..e69de29bb2 diff --git a/cpp/autosar/test/rules/A15-1-5/ExceptionsThrownAcrossExecutionBoundaries.gcc.expected b/cpp/autosar/test/rules/A15-1-5/ExceptionsThrownAcrossExecutionBoundaries.gcc.expected new file mode 100644 index 0000000000..e69de29bb2 diff --git a/cpp/autosar/test/rules/A15-1-5/ExceptionsThrownAcrossExecutionBoundaries.qcc.expected b/cpp/autosar/test/rules/A15-1-5/ExceptionsThrownAcrossExecutionBoundaries.qcc.expected new file mode 100644 index 0000000000..e69de29bb2 From 96b85e01074b2edf6c37ff821d9a11a0564312ff Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 25 Apr 2023 22:00:26 +0100 Subject: [PATCH 1038/2573] A18-0-3: Address compiler compatibility Move global locale definitions to locale.h, and import them into std with "using" to better reflect real compilers. --- .../rules/A18-0-3/LocaleFunctionsUsed.expected | 14 +++++++------- .../rules/A18-0-3/LocaleTypeLConvUsed.expected | 2 +- cpp/common/test/includes/standard-library/clocale | 13 +++++-------- cpp/common/test/includes/standard-library/locale.h | 8 ++++++++ 4 files changed, 21 insertions(+), 16 deletions(-) diff --git a/cpp/autosar/test/rules/A18-0-3/LocaleFunctionsUsed.expected b/cpp/autosar/test/rules/A18-0-3/LocaleFunctionsUsed.expected index f6bfa5f4d9..1521b1a9f4 100644 --- a/cpp/autosar/test/rules/A18-0-3/LocaleFunctionsUsed.expected +++ b/cpp/autosar/test/rules/A18-0-3/LocaleFunctionsUsed.expected @@ -1,10 +1,10 @@ -| test.cpp:4:3:4:16 | call to setlocale | Use of function 'std::setlocale'. | -| test.cpp:5:3:5:16 | call to setlocale | Use of function 'std::setlocale'. | -| test.cpp:6:3:6:16 | call to setlocale | Use of function 'std::setlocale'. | -| test.cpp:7:3:7:16 | call to setlocale | Use of function 'std::setlocale'. | -| test.cpp:8:3:8:16 | call to setlocale | Use of function 'std::setlocale'. | -| test.cpp:9:3:9:16 | call to setlocale | Use of function 'std::setlocale'. | -| test.cpp:10:20:10:34 | call to localeconv | Use of function 'std::localeconv'. | +| test.cpp:4:3:4:16 | call to setlocale | Use of function 'setlocale'. | +| test.cpp:5:3:5:16 | call to setlocale | Use of function 'setlocale'. | +| test.cpp:6:3:6:16 | call to setlocale | Use of function 'setlocale'. | +| test.cpp:7:3:7:16 | call to setlocale | Use of function 'setlocale'. | +| test.cpp:8:3:8:16 | call to setlocale | Use of function 'setlocale'. | +| test.cpp:9:3:9:16 | call to setlocale | Use of function 'setlocale'. | +| test.cpp:10:20:10:34 | call to localeconv | Use of function 'localeconv'. | | test.cpp:12:3:12:11 | call to setlocale | Use of function 'setlocale'. | | test.cpp:13:3:13:11 | call to setlocale | Use of function 'setlocale'. | | test.cpp:14:3:14:11 | call to setlocale | Use of function 'setlocale'. | diff --git a/cpp/autosar/test/rules/A18-0-3/LocaleTypeLConvUsed.expected b/cpp/autosar/test/rules/A18-0-3/LocaleTypeLConvUsed.expected index 4e93c94f9b..c83be2cb1c 100644 --- a/cpp/autosar/test/rules/A18-0-3/LocaleTypeLConvUsed.expected +++ b/cpp/autosar/test/rules/A18-0-3/LocaleTypeLConvUsed.expected @@ -1,2 +1,2 @@ -| test.cpp:10:8:10:12 | type mention | Use of type 'std::lconv'. | +| test.cpp:10:8:10:12 | type mention | Use of type 'lconv'. | | test.cpp:18:3:18:7 | type mention | Use of type 'lconv'. | diff --git a/cpp/common/test/includes/standard-library/clocale b/cpp/common/test/includes/standard-library/clocale index da05144f67..430c36daa0 100644 --- a/cpp/common/test/includes/standard-library/clocale +++ b/cpp/common/test/includes/standard-library/clocale @@ -8,13 +8,10 @@ #define LC_NUMERIC 0 #define LC_TIME 0 +#include + namespace std { -struct lconv; -char *setlocale(int, const char *); -lconv *localeconv(); +using ::lconv; +using ::localeconv; +using ::setlocale; } // namespace std - -// global namespace -struct lconv; -char *setlocale(int, const char *); -lconv *localeconv(); \ No newline at end of file diff --git a/cpp/common/test/includes/standard-library/locale.h b/cpp/common/test/includes/standard-library/locale.h index e69de29bb2..346c4eeef5 100644 --- a/cpp/common/test/includes/standard-library/locale.h +++ b/cpp/common/test/includes/standard-library/locale.h @@ -0,0 +1,8 @@ +#ifndef _GHLIBCPP_LOCALE +#define _GHLIBCPP_LOCALE + +struct lconv; +char *setlocale(int, const char *); +lconv *localeconv(); + +#endif // _GHLIBCPP_LOCALE \ No newline at end of file From 7cb92193a7c6f54f0a8766ed266e5de04296717b Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 27 Apr 2023 19:30:45 +0100 Subject: [PATCH 1039/2573] ERR59-CPP: Expect no results for real compilers Our compiler testing only uses a single compiler and cannot replicate execution boundaries, so we simply ignore this test by expecting no results. --- .../DoNotThrowAnExceptionAcrossExecutionBoundaries.clang.expected | 0 .../DoNotThrowAnExceptionAcrossExecutionBoundaries.gcc.expected | 0 .../DoNotThrowAnExceptionAcrossExecutionBoundaries.qcc.expected | 0 3 files changed, 0 insertions(+), 0 deletions(-) create mode 100644 cpp/cert/test/rules/ERR59-CPP/DoNotThrowAnExceptionAcrossExecutionBoundaries.clang.expected create mode 100644 cpp/cert/test/rules/ERR59-CPP/DoNotThrowAnExceptionAcrossExecutionBoundaries.gcc.expected create mode 100644 cpp/cert/test/rules/ERR59-CPP/DoNotThrowAnExceptionAcrossExecutionBoundaries.qcc.expected diff --git a/cpp/cert/test/rules/ERR59-CPP/DoNotThrowAnExceptionAcrossExecutionBoundaries.clang.expected b/cpp/cert/test/rules/ERR59-CPP/DoNotThrowAnExceptionAcrossExecutionBoundaries.clang.expected new file mode 100644 index 0000000000..e69de29bb2 diff --git a/cpp/cert/test/rules/ERR59-CPP/DoNotThrowAnExceptionAcrossExecutionBoundaries.gcc.expected b/cpp/cert/test/rules/ERR59-CPP/DoNotThrowAnExceptionAcrossExecutionBoundaries.gcc.expected new file mode 100644 index 0000000000..e69de29bb2 diff --git a/cpp/cert/test/rules/ERR59-CPP/DoNotThrowAnExceptionAcrossExecutionBoundaries.qcc.expected b/cpp/cert/test/rules/ERR59-CPP/DoNotThrowAnExceptionAcrossExecutionBoundaries.qcc.expected new file mode 100644 index 0000000000..e69de29bb2 From 353de74cac6c362a0aac4061a9448f4d13f6873c Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 27 Apr 2023 22:27:14 +0100 Subject: [PATCH 1040/2573] M18-2-1: Update compiler expected results Macro parameter names vary by compiler. --- cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.gcc.expected | 1 + cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.qcc.expected | 1 + 2 files changed, 2 insertions(+) create mode 100644 cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.gcc.expected create mode 100644 cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.qcc.expected diff --git a/cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.gcc.expected b/cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.gcc.expected new file mode 100644 index 0000000000..f09fafd410 --- /dev/null +++ b/cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.gcc.expected @@ -0,0 +1 @@ +| test.cpp:9:32:9:51 | offsetof(__typ,__id) | Use of banned macro offsetof. | diff --git a/cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.qcc.expected b/cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.qcc.expected new file mode 100644 index 0000000000..88647b9f36 --- /dev/null +++ b/cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.qcc.expected @@ -0,0 +1 @@ +| test.cpp:9:32:9:51 | offsetof(t,d) | Use of banned macro offsetof. | From 070579a0c467216db2368756dec892213a4b4903 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 27 Apr 2023 22:49:09 +0100 Subject: [PATCH 1041/2573] M18-7-1: Address signal.h compiler compat Better reflect how real compilers implement csignal. --- .../rules/M18-7-1/CsignalFunctionsUsed.expected | 4 ++-- .../test/rules/M18-7-1/CsignalTypesUsed.expected | 2 +- cpp/common/test/includes/standard-library/csignal | 15 ++++++--------- .../test/includes/standard-library/signal.h | 8 ++++++++ 4 files changed, 17 insertions(+), 12 deletions(-) diff --git a/cpp/autosar/test/rules/M18-7-1/CsignalFunctionsUsed.expected b/cpp/autosar/test/rules/M18-7-1/CsignalFunctionsUsed.expected index 8806bacfe7..2cc8431463 100644 --- a/cpp/autosar/test/rules/M18-7-1/CsignalFunctionsUsed.expected +++ b/cpp/autosar/test/rules/M18-7-1/CsignalFunctionsUsed.expected @@ -1,4 +1,4 @@ -| test.cpp:7:3:7:13 | call to signal | Use of function 'std::signal'. | -| test.cpp:8:3:8:12 | call to raise | Use of function 'std::raise'. | +| test.cpp:7:3:7:13 | call to signal | Use of function 'signal'. | +| test.cpp:8:3:8:12 | call to raise | Use of function 'raise'. | | test.cpp:11:3:11:8 | call to signal | Use of function 'signal'. | | test.cpp:12:3:12:7 | call to raise | Use of function 'raise'. | diff --git a/cpp/autosar/test/rules/M18-7-1/CsignalTypesUsed.expected b/cpp/autosar/test/rules/M18-7-1/CsignalTypesUsed.expected index fda560380f..0ec502c3ac 100644 --- a/cpp/autosar/test/rules/M18-7-1/CsignalTypesUsed.expected +++ b/cpp/autosar/test/rules/M18-7-1/CsignalTypesUsed.expected @@ -1,2 +1,2 @@ -| test.cpp:6:8:6:19 | type mention | Use of type 'std::sig_atomic_t'. | +| test.cpp:6:8:6:19 | type mention | Use of type 'sig_atomic_t'. | | test.cpp:10:3:10:14 | type mention | Use of type 'sig_atomic_t'. | diff --git a/cpp/common/test/includes/standard-library/csignal b/cpp/common/test/includes/standard-library/csignal index 0cded25e15..4c3b565256 100644 --- a/cpp/common/test/includes/standard-library/csignal +++ b/cpp/common/test/includes/standard-library/csignal @@ -10,13 +10,10 @@ #define SIG_IGN 7 #define SIG_ERR 8 -namespace std { -typedef int sig_atomic_t; -void (*signal(int, void (*func)(int)))(int); -int raise(int sig); -} // namespace std +#include -// global namespace -typedef int sig_atomic_t; -void (*signal(int, void (*func)(int)))(int); -int raise(int); \ No newline at end of file +namespace std { +using ::raise; +using ::sig_atomic_t; +using ::signal; +} // namespace std \ No newline at end of file diff --git a/cpp/common/test/includes/standard-library/signal.h b/cpp/common/test/includes/standard-library/signal.h index e69de29bb2..b9ac81919a 100644 --- a/cpp/common/test/includes/standard-library/signal.h +++ b/cpp/common/test/includes/standard-library/signal.h @@ -0,0 +1,8 @@ +#ifndef _GHLIBCPP_SIGNAL +#define _GHLIBCPP_SIGNAL + +typedef int sig_atomic_t; +void (*signal(int, void (*func)(int)))(int); +int raise(int); + +#endif // _GHLIBCPP_SIGNAL \ No newline at end of file From ae7461affb5a7c4f81990290900cb0b31d5fd7b9 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 27 Apr 2023 23:06:17 +0100 Subject: [PATCH 1042/2573] M27-0-1: Address compiler compatibility Modify cstdio to more closely match real compilers. --- .../M27-0-1/CstdioFunctionsUsed.expected | 34 ++-- .../rules/M27-0-1/CstdioTypesUsed.expected | 4 +- .../test/includes/standard-library/cstdio | 182 +++++------------- .../test/includes/standard-library/stdio.h | 85 +++++++- 4 files changed, 152 insertions(+), 153 deletions(-) diff --git a/cpp/autosar/test/rules/M27-0-1/CstdioFunctionsUsed.expected b/cpp/autosar/test/rules/M27-0-1/CstdioFunctionsUsed.expected index 241d2281ef..54f341887a 100644 --- a/cpp/autosar/test/rules/M27-0-1/CstdioFunctionsUsed.expected +++ b/cpp/autosar/test/rules/M27-0-1/CstdioFunctionsUsed.expected @@ -1,20 +1,20 @@ -| test.cpp:4:18:4:27 | call to fopen | Use of function 'std::fopen'. | -| test.cpp:7:3:7:14 | call to fgetpos | Use of function 'std::fgetpos'. | -| test.cpp:9:11:9:19 | call to feof | Use of function 'std::feof'. | -| test.cpp:10:14:10:23 | call to fgetc | Use of function 'std::fgetc'. | -| test.cpp:12:7:12:17 | call to rewind | Use of function 'std::rewind'. | -| test.cpp:14:7:14:17 | call to ferror | Use of function 'std::ferror'. | -| test.cpp:15:5:15:17 | call to clearerr | Use of function 'std::clearerr'. | -| test.cpp:16:5:16:15 | call to fclose | Use of function 'std::fclose'. | -| test.cpp:17:5:17:15 | call to perror | Use of function 'std::perror'. | -| test.cpp:20:3:20:12 | call to fseek | Use of function 'std::fseek'. | -| test.cpp:21:3:21:12 | call to fseek | Use of function 'std::fseek'. | -| test.cpp:23:3:23:12 | call to fread | Use of function 'std::fread'. | -| test.cpp:25:3:25:14 | call to fsetpos | Use of function 'std::fsetpos'. | -| test.cpp:26:3:26:13 | call to fflush | Use of function 'std::fflush'. | -| test.cpp:27:3:27:13 | call to fclose | Use of function 'std::fclose'. | -| test.cpp:29:3:29:13 | call to printf | Use of function 'std::printf'. | -| test.cpp:31:3:31:11 | call to puts | Use of function 'std::puts'. | +| test.cpp:4:18:4:27 | call to fopen | Use of function 'fopen'. | +| test.cpp:7:3:7:14 | call to fgetpos | Use of function 'fgetpos'. | +| test.cpp:9:11:9:19 | call to feof | Use of function 'feof'. | +| test.cpp:10:14:10:23 | call to fgetc | Use of function 'fgetc'. | +| test.cpp:12:7:12:17 | call to rewind | Use of function 'rewind'. | +| test.cpp:14:7:14:17 | call to ferror | Use of function 'ferror'. | +| test.cpp:15:5:15:17 | call to clearerr | Use of function 'clearerr'. | +| test.cpp:16:5:16:15 | call to fclose | Use of function 'fclose'. | +| test.cpp:17:5:17:15 | call to perror | Use of function 'perror'. | +| test.cpp:20:3:20:12 | call to fseek | Use of function 'fseek'. | +| test.cpp:21:3:21:12 | call to fseek | Use of function 'fseek'. | +| test.cpp:23:3:23:12 | call to fread | Use of function 'fread'. | +| test.cpp:25:3:25:14 | call to fsetpos | Use of function 'fsetpos'. | +| test.cpp:26:3:26:13 | call to fflush | Use of function 'fflush'. | +| test.cpp:27:3:27:13 | call to fclose | Use of function 'fclose'. | +| test.cpp:29:3:29:13 | call to printf | Use of function 'printf'. | +| test.cpp:31:3:31:11 | call to puts | Use of function 'puts'. | | test.cpp:34:14:34:18 | call to fopen | Use of function 'fopen'. | | test.cpp:37:3:37:9 | call to fgetpos | Use of function 'fgetpos'. | | test.cpp:39:11:39:14 | call to feof | Use of function 'feof'. | diff --git a/cpp/autosar/test/rules/M27-0-1/CstdioTypesUsed.expected b/cpp/autosar/test/rules/M27-0-1/CstdioTypesUsed.expected index 037f54c05e..ed5a448ace 100644 --- a/cpp/autosar/test/rules/M27-0-1/CstdioTypesUsed.expected +++ b/cpp/autosar/test/rules/M27-0-1/CstdioTypesUsed.expected @@ -1,4 +1,4 @@ -| test.cpp:4:8:4:11 | type mention | Use of type 'std::FILE'. | -| test.cpp:6:8:6:13 | type mention | Use of type 'std::fpos_t'. | +| test.cpp:4:8:4:11 | type mention | Use of type 'FILE'. | +| test.cpp:6:8:6:13 | type mention | Use of type 'fpos_t'. | | test.cpp:34:3:34:6 | type mention | Use of type 'FILE'. | | test.cpp:36:3:36:8 | type mention | Use of type 'fpos_t'. | diff --git a/cpp/common/test/includes/standard-library/cstdio b/cpp/common/test/includes/standard-library/cstdio index 65dde7279d..e40fc5458c 100644 --- a/cpp/common/test/includes/standard-library/cstdio +++ b/cpp/common/test/includes/standard-library/cstdio @@ -16,135 +16,55 @@ #define SEEK_END -1 #define stderr 0 -namespace std { -struct FILE; -typedef int fpos_t; - -// Operations on files -int remove(const char *filename); -int rename(const char *oldname, const char *newname); -FILE *tmpfile(void); -char *tmpnam(char *str); - -// File access -int fclose(FILE *stream); -int fflush(FILE *stream); -FILE *fopen(const char *filename, const char *mode); -FILE *freopen(const char *filename, const char *mode, FILE *stream); -void setbuf(FILE *stream, char *buffer); -int setvbuf(FILE *stream, char *buffer, int mode, size_t size); - -// Formatted input/output -int fprintf(FILE *stream, const char *format, ...); -int fscanf(FILE *stream, const char *format, ...); -int printf(const char *format, ...); -int scanf(const char *format, ...); -int snprintf(char *s, size_t n, const char *format, ...); -int sprintf(char *str, const char *format, ...); -int sscanf(const char *s, const char *format, ...); -/* -int vfprintf ( FILE * stream, const char * format, va_list arg ); -int vfscanf ( FILE * stream, const char * format, va_list arg ); -int vprintf ( const char * format, va_list arg ); -int vscanf ( const char * format, va_list arg ); -int vsnprintf (char * s, size_t n, const char * format, va_list arg ); -int vsprintf (char * s, const char * format, va_list arg ); -int vsscanf ( const char * s, const char * format, va_list arg ); -*/ - -// Character input/output -int fgetc(FILE *stream); -char *fgets(char *str, int num, FILE *stream); -int fputc(int character, FILE *stream); -int fputs(const char *str, FILE *stream); -int getc(FILE *stream); -int getchar(void); -char *gets(char *str); -int putc(int character, FILE *stream); -int putchar(int character); -int puts(const char *str); -int ungetc(int character, FILE *stream); - -// Direct input/output -size_t fread(void *ptr, size_t size, size_t count, FILE *stream); -size_t fwrite(const void *ptr, size_t size, size_t count, FILE *stream); - -// File positioning -int fgetpos(FILE *stream, fpos_t *pos); -int fseek(FILE *stream, long int offset, int origin); -int fsetpos(FILE *stream, const fpos_t *pos); -long int ftell(FILE *stream); -void rewind(FILE *stream); - -// Error-handling -void clearerr(FILE *stream); -int feof(FILE *stream); -int ferror(FILE *stream); -void perror(const char *str); -} // namespace std +#include -// global namespace -struct FILE; -typedef int fpos_t; - -// Operations on files -int remove(const char *filename); -int rename(const char *oldname, const char *newname); -FILE *tmpfile(void); -char *tmpnam(char *str); - -// File access -int fclose(FILE *stream); -int fflush(FILE *stream); -FILE *fopen(const char *filename, const char *mode); -FILE *freopen(const char *filename, const char *mode, FILE *stream); -void setbuf(FILE *stream, char *buffer); -int setvbuf(FILE *stream, char *buffer, int mode, size_t size); - -// Formatted input/output -int fprintf(FILE *stream, const char *format, ...); -int fscanf(FILE *stream, const char *format, ...); -int printf(const char *format, ...); -int scanf(const char *format, ...); -int snprintf(char *s, size_t n, const char *format, ...); -int sprintf(char *str, const char *format, ...); -int sscanf(const char *s, const char *format, ...); -/* -int vfprintf ( FILE * stream, const char * format, va_list arg ); -int vfscanf ( FILE * stream, const char * format, va_list arg ); -int vprintf ( const char * format, va_list arg ); -int vscanf ( const char * format, va_list arg ); -int vsnprintf (char * s, size_t n, const char * format, va_list arg ); -int vsprintf (char * s, const char * format, va_list arg ); -int vsscanf ( const char * s, const char * format, va_list arg ); -*/ - -// Character input/output -int fgetc(FILE *stream); -char *fgets(char *str, int num, FILE *stream); -int fputc(int character, FILE *stream); -int fputs(const char *str, FILE *stream); -int getc(FILE *stream); -int getchar(void); -char *gets(char *str); -int putc(int character, FILE *stream); -int putchar(int character); -int puts(const char *str); -int ungetc(int character, FILE *stream); - -// Direct input/output -size_t fread(void *ptr, size_t size, size_t count, FILE *stream); -size_t fwrite(const void *ptr, size_t size, size_t count, FILE *stream); - -// File positioning -int fgetpos(FILE *stream, fpos_t *pos); -int fseek(FILE *stream, long int offset, int origin); -int fsetpos(FILE *stream, const fpos_t *pos); -long int ftell(FILE *stream); -void rewind(FILE *stream); - -// Error-handling -void clearerr(FILE *stream); -int feof(FILE *stream); -int ferror(FILE *stream); -void perror(const char *str); \ No newline at end of file +namespace std { +using ::FILE; +using ::fpos_t; + +using ::remove; +using ::rename; +using ::tmpfile; +using ::tmpnam; + +using ::fclose; +using ::fflush; +using ::fopen; +using ::freopen; +using ::setbuf; +using ::setvbuf; + +using ::fprintf; +using ::fscanf; +using ::printf; +using ::scanf; +using ::snprintf; +using ::sprintf; +using ::sscanf; + +using ::fgetc; +using ::fgets; +using ::fputc; +using ::fputs; +using ::getc; +using ::getchar; +using ::gets; +using ::putc; +using ::putchar; +using ::puts; +using ::ungetc; + +using ::fread; +using ::fwrite; + +using ::fgetpos; +using ::fseek; +using ::fsetpos; +using ::ftell; +using ::rewind; + +using ::clearerr; +using ::feof; +using ::ferror; +using ::perror; +} // namespace std \ No newline at end of file diff --git a/cpp/common/test/includes/standard-library/stdio.h b/cpp/common/test/includes/standard-library/stdio.h index b1a36a4af0..30ca17bcaf 100644 --- a/cpp/common/test/includes/standard-library/stdio.h +++ b/cpp/common/test/includes/standard-library/stdio.h @@ -1,5 +1,84 @@ +#ifndef _GHLIBCPP_STDIO +#define _GHLIBCPP_STDIO + +#include + typedef void FILE; +typedef int fpos_t; + +// Operations on files +int remove(const char *filename); +int rename(const char *oldname, const char *newname); +FILE *tmpfile(void); +char *tmpnam(char *str); + +// File access +int fclose(FILE *stream); +int fflush(FILE *stream); +FILE *fopen(const char *filename, const char *mode); +FILE *freopen(const char *filename, const char *mode, FILE *stream); +void setbuf(FILE *stream, char *buffer); +int setvbuf(FILE *stream, char *buffer, int mode, size_t size); + +// Formatted input/output +int fprintf(FILE *stream, const char *format, ...); +int fscanf(FILE *stream, const char *format, ...); +int printf(const char *format, ...); +int scanf(const char *format, ...); +int snprintf(char *s, size_t n, const char *format, ...); +int sprintf(char *str, const char *format, ...); +int sscanf(const char *s, const char *format, ...); +/* +int vfprintf ( FILE * stream, const char * format, va_list arg ); +int vfscanf ( FILE * stream, const char * format, va_list arg ); +int vprintf ( const char * format, va_list arg ); +int vscanf ( const char * format, va_list arg ); +int vsnprintf (char * s, size_t n, const char * format, va_list arg ); +int vsprintf (char * s, const char * format, va_list arg ); +int vsscanf ( const char * s, const char * format, va_list arg ); +*/ + +// Character input/output +int fgetc(FILE *stream); +char *fgets(char *str, int num, FILE *stream); +int fputc(int character, FILE *stream); +int fputs(const char *str, FILE *stream); +int getc(FILE *stream); +int getchar(void); +char *gets(char *str); +int putc(int character, FILE *stream); +int putchar(int character); +int puts(const char *str); +int ungetc(int character, FILE *stream); + +// Character input/output +int fgetc(FILE *stream); +char *fgets(char *str, int num, FILE *stream); +int fputc(int character, FILE *stream); +int fputs(const char *str, FILE *stream); +int getc(FILE *stream); +int getchar(void); +char *gets(char *str); +int putc(int character, FILE *stream); +int putchar(int character); +int puts(const char *str); +int ungetc(int character, FILE *stream); + +// Direct input/output +size_t fread(void *ptr, size_t size, size_t count, FILE *stream); +size_t fwrite(const void *ptr, size_t size, size_t count, FILE *stream); + +// File positioning +int fgetpos(FILE *stream, fpos_t *pos); +int fseek(FILE *stream, long int offset, int origin); +int fsetpos(FILE *stream, const fpos_t *pos); +long int ftell(FILE *stream); +void rewind(FILE *stream); + +// Error-handling +void clearerr(FILE *stream); +int feof(FILE *stream); +int ferror(FILE *stream); +void perror(const char *str); -FILE *fopen(const char *, const char *); -int fclose(FILE *); -int remove(const char *); \ No newline at end of file +#endif // _GHLIBCPP_STDIO \ No newline at end of file From 521c9972df822741011e519ec4ff0db7ba333436 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 27 Apr 2023 23:13:49 +0100 Subject: [PATCH 1043/2573] A14-7-2: Just report base name The source location is different between compiler testing and qltest, leading to spurious differences. This simplifies the query, reporting only the base name of the file but still reporting the link. --- .../TemplateSpecializationNotDeclaredInTheSameFile.ql | 2 +- .../TemplateSpecializationNotDeclaredInTheSameFile.expected | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/cpp/autosar/src/rules/A14-7-2/TemplateSpecializationNotDeclaredInTheSameFile.ql b/cpp/autosar/src/rules/A14-7-2/TemplateSpecializationNotDeclaredInTheSameFile.ql index b583c9cc14..94214e8992 100644 --- a/cpp/autosar/src/rules/A14-7-2/TemplateSpecializationNotDeclaredInTheSameFile.ql +++ b/cpp/autosar/src/rules/A14-7-2/TemplateSpecializationNotDeclaredInTheSameFile.ql @@ -58,4 +58,4 @@ where not spec.getFile() = spec.getPrimary().getFile() and not extraExclude(spec) select spec, "Specialization found in file $@ where primary template is outside that file.", - spec.getFile(), spec.getFile().getRelativePath() + spec.getFile(), spec.getFile().getBaseName() diff --git a/cpp/autosar/test/rules/A14-7-2/TemplateSpecializationNotDeclaredInTheSameFile.expected b/cpp/autosar/test/rules/A14-7-2/TemplateSpecializationNotDeclaredInTheSameFile.expected index 1ec607ca49..e697056580 100644 --- a/cpp/autosar/test/rules/A14-7-2/TemplateSpecializationNotDeclaredInTheSameFile.expected +++ b/cpp/autosar/test/rules/A14-7-2/TemplateSpecializationNotDeclaredInTheSameFile.expected @@ -1,3 +1,3 @@ -| test.cpp:5:20:5:25 | s | Specialization found in file $@ where primary template is outside that file. | test.cpp:0:0:0:0 | test.cpp | rules/A14-7-2/test.cpp | -| test.cpp:7:18:7:24 | f | Specialization found in file $@ where primary template is outside that file. | test.cpp:0:0:0:0 | test.cpp | rules/A14-7-2/test.cpp | -| test.cpp:13:19:13:28 | vector> | Specialization found in file $@ where primary template is outside that file. | test.cpp:0:0:0:0 | test.cpp | rules/A14-7-2/test.cpp | +| test.cpp:5:20:5:25 | s | Specialization found in file $@ where primary template is outside that file. | test.cpp:0:0:0:0 | test.cpp | test.cpp | +| test.cpp:7:18:7:24 | f | Specialization found in file $@ where primary template is outside that file. | test.cpp:0:0:0:0 | test.cpp | test.cpp | +| test.cpp:13:19:13:28 | vector> | Specialization found in file $@ where primary template is outside that file. | test.cpp:0:0:0:0 | test.cpp | test.cpp | From e2d4bac51e15407ecd2572e493a4106c451fa10b Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 28 Apr 2023 11:48:53 +0100 Subject: [PATCH 1044/2573] DCL56-CPP: Improve performance Frequent use of getAChild*() was causing slow performance, as it attempted to specialize it for different contexts. We instead replace getAChild*() with a getAnInitializerExpr predicate, which uses explicit recursion which experimentally gave better performance. --- .../cpp/StaticInitialization.qll | 23 ++++++++++++------- 1 file changed, 15 insertions(+), 8 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/StaticInitialization.qll b/cpp/common/src/codingstandards/cpp/StaticInitialization.qll index 0a8f5811e0..34c353726d 100644 --- a/cpp/common/src/codingstandards/cpp/StaticInitialization.qll +++ b/cpp/common/src/codingstandards/cpp/StaticInitialization.qll @@ -27,6 +27,15 @@ module StaticInitializationGraph { * - Create a `Node` instance for each injector type. */ + /** + * Gets an Expr directly or indirectly included in an initializer. + */ + private Expr getAnInitializerExpr(Initializer i) { + result = i.getExpr() + or + result = getAnInitializerExpr(i).getAChild() + } + newtype TNode = TInitializerNode(Initializer i) { // This is the initializer of a static storage duration variable @@ -48,7 +57,7 @@ module StaticInitializationGraph { } or TFunctionCallNode(FunctionCall fc) { // This is a function call that occurs in an initializer called during static initialization - exists(TInitializerNode(any(Initializer i | i.getExpr().getAChild*() = fc))) + exists(TInitializerNode(any(Initializer i | getAnInitializerExpr(i) = fc))) or // This is a function call that occurs in a function called during static initialization exists( @@ -56,13 +65,13 @@ module StaticInitializationGraph { f = fc.getEnclosingFunction() and // Not in an initializer of a local variable, where the desired flow is instead: // function -> initializer -> fc - not exists(Initializer i | i.getExpr().getAChild*() = fc) + not exists(Initializer i | getAnInitializerExpr(i) = fc) )) ) } or TVariableAccessNode(VariableAccess va) { // This is a variable that is accessed in an initializer called during static initialization - exists(TInitializerNode(any(Initializer i | i.getExpr().getAChild*() = va))) + exists(TInitializerNode(any(Initializer i | getAnInitializerExpr(i) = va))) or // This is a variable that is accessed in a function called during static initialization exists( @@ -70,7 +79,7 @@ module StaticInitializationGraph { f = va.getEnclosingFunction() and // Not in an initializer of a local variable, where the desired flow is instead: // function -> initializer -> va - not exists(Initializer i | i.getExpr().getAChild*() = va) + not exists(Initializer i | getAnInitializerExpr(i) = va) )) ) } @@ -149,9 +158,7 @@ module StaticInitializationGraph { or // Initializer steps exists(Initializer i | i = n1.(InitializerNode).getInitializer() | - i.getExpr().getAChild*() = n2.(FunctionCallNode).getFunctionCall() - or - i.getExpr().getAChild*() = n2.(VariableAccessNode).getVariableAccess() + getAnInitializerExpr(i) = n2.getExpr() ) or // FunctionCall steps @@ -169,7 +176,7 @@ module StaticInitializationGraph { f = n2.getExpr().getEnclosingFunction() and // But not in an initializer of a local variable, where the desired flow is instead: // function -> initializer -> expression - not exists(Initializer i | i.getExpr().getAChild*() = n2.getExpr()) + not exists(Initializer i | getAnInitializerExpr(i) = n2.getExpr()) or // `n2` is an initializer of a local scope variable within function `f` n2.(InitializerNode).getInitializer().getDeclaration().(LocalScopeVariable).getFunction() = f From 73cc3a4aad6c8d5cf6d7f67671a5bf27a2711240 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 28 Apr 2023 12:01:25 +0100 Subject: [PATCH 1045/2573] Add change note --- change_notes/2023-04-28-dcl56-cpp-perf.md | 1 + 1 file changed, 1 insertion(+) create mode 100644 change_notes/2023-04-28-dcl56-cpp-perf.md diff --git a/change_notes/2023-04-28-dcl56-cpp-perf.md b/change_notes/2023-04-28-dcl56-cpp-perf.md new file mode 100644 index 0000000000..61ce45b133 --- /dev/null +++ b/change_notes/2023-04-28-dcl56-cpp-perf.md @@ -0,0 +1 @@ + * `DCL56-CPP` - performance has been improved for databases with complex initializers. \ No newline at end of file From 32c8c4d5a7b3c98078fe27e1ce6ff024962f5878 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Fri, 28 Apr 2023 15:45:29 +0200 Subject: [PATCH 1046/2573] Accept the review suggestions and updates links --- README.md | 2 +- cpp/autosar/src/codeql-suites/autosar-advisory.qls | 2 +- cpp/autosar/src/codeql-suites/autosar-audit.qls | 2 +- cpp/autosar/src/codeql-suites/autosar-default.qls | 2 +- cpp/autosar/src/codeql-suites/autosar-required.qls | 2 +- .../src/codeql-suites/autosar-single-translation-unit.qls | 2 +- cpp/autosar/src/qlpack.yml | 2 +- docs/development_handbook.md | 2 +- docs/user_manual.md | 2 +- scripts/generate_rules/generate_package_files.py | 2 +- scripts/reports/utils.py | 2 +- 11 files changed, 11 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index 82196e835b..375b7668b3 100644 --- a/README.md +++ b/README.md @@ -9,7 +9,7 @@ _Carnegie Mellon and CERT are registered trademarks of Carnegie Mellon Universit This repository contains CodeQL queries and libraries which support various Coding Standards for the [C++14](https://www.iso.org/standard/64029.html) programming language. The following coding standards are supported: -- [AUTOSAR - Guidelines for the use of C++14 language in critical and safety-related systems Release 19-11, 20-11 and 21-11](https://www.autosar.org/fileadmin/standards/R21-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf) +- [AUTOSAR - Guidelines for the use of C++14 language in critical and safety-related systems (Releases R22-11, R20-11, R19-11 and R19-03)](https://www.autosar.org/fileadmin/standards/R22-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf). - [MISRA C++:2008](https://www.misra.org.uk) (support limited to the rules specified in AUTOSAR). - [SEI CERT C++ Coding Standard: Rules for Developing Safe, Reliable, and Secure Systems (2016 Edition)](https://resources.sei.cmu.edu/library/asset-view.cfm?assetID=494932) diff --git a/cpp/autosar/src/codeql-suites/autosar-advisory.qls b/cpp/autosar/src/codeql-suites/autosar-advisory.qls index 9098a4d26d..ff5a0e3358 100644 --- a/cpp/autosar/src/codeql-suites/autosar-advisory.qls +++ b/cpp/autosar/src/codeql-suites/autosar-advisory.qls @@ -1,4 +1,4 @@ -- description: AUTOSAR C++14 Guidelines R19-11, R20-11 and R21-11 (Advisory) +- description: AUTOSAR C++14 Guidelines R22-11, R21-11, R20-11, R19-11 and R19-03 (Advisory) - qlpack: codeql/autosar-cpp-coding-standards - include: kind: diff --git a/cpp/autosar/src/codeql-suites/autosar-audit.qls b/cpp/autosar/src/codeql-suites/autosar-audit.qls index 847fb4448f..dec5f4f160 100644 --- a/cpp/autosar/src/codeql-suites/autosar-audit.qls +++ b/cpp/autosar/src/codeql-suites/autosar-audit.qls @@ -1,4 +1,4 @@ -- description: AUTOSAR C++14 Guidelines R19-11, R20-11 and R21-11 (Audit) +- description: AUTOSAR C++14 Guidelines R22-11, R21-11, R20-11, R19-11 and R19-03 (Audit) - qlpack: codeql/autosar-cpp-coding-standards - include: kind: diff --git a/cpp/autosar/src/codeql-suites/autosar-default.qls b/cpp/autosar/src/codeql-suites/autosar-default.qls index 53c94ecfb6..5d45fa2774 100644 --- a/cpp/autosar/src/codeql-suites/autosar-default.qls +++ b/cpp/autosar/src/codeql-suites/autosar-default.qls @@ -1,4 +1,4 @@ -- description: AUTOSAR C++14 Guidelines R19-11, R20-11 and R21-11 (Default) +- description: AUTOSAR C++14 Guidelines R22-11, R21-11, R20-11, R19-11 and R19-03 (Default) - qlpack: codeql/autosar-cpp-coding-standards - include: kind: diff --git a/cpp/autosar/src/codeql-suites/autosar-required.qls b/cpp/autosar/src/codeql-suites/autosar-required.qls index 00f788f83e..7c92e36dee 100644 --- a/cpp/autosar/src/codeql-suites/autosar-required.qls +++ b/cpp/autosar/src/codeql-suites/autosar-required.qls @@ -1,4 +1,4 @@ -- description: AUTOSAR C++14 Guidelines R19-11, R20-11 and R21-11 (Required) +- description: AUTOSAR C++14 Guidelines R22-11, R21-11, R20-11, R19-11 and R19-03 (Required) - qlpack: codeql/autosar-cpp-coding-standards - include: kind: diff --git a/cpp/autosar/src/codeql-suites/autosar-single-translation-unit.qls b/cpp/autosar/src/codeql-suites/autosar-single-translation-unit.qls index 7951257abf..cf5434c2d8 100644 --- a/cpp/autosar/src/codeql-suites/autosar-single-translation-unit.qls +++ b/cpp/autosar/src/codeql-suites/autosar-single-translation-unit.qls @@ -1,4 +1,4 @@ -- description: AUTOSAR C++14 Guidelines R19-11, R20-11 and R21-11 (Single Translation Unit) +- description: AUTOSAR C++14 Guidelines R22-11, R21-11, R20-11, R19-11 and R19-03 (Single Translation Unit) - qlpack: codeql/autosar-cpp-coding-standards - include: kind: diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index 8178f69600..1b1e2b316d 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,6 +1,6 @@ name: codeql/autosar-cpp-coding-standards version: 2.18.0-dev -description: AUTOSAR C++14 Guidelines R19-11, R20-11 and R21-11 +description: AUTOSAR C++14 Guidelines R22-11, R21-11, R20-11, R19-11 and R19-03 suites: codeql-suites license: MIT dependencies: diff --git a/docs/development_handbook.md b/docs/development_handbook.md index 981356433e..b53719c493 100644 --- a/docs/development_handbook.md +++ b/docs/development_handbook.md @@ -41,7 +41,7 @@ A _coding standard_ is a set of rules or guidelines which restrict or prohibit t | Standard | Version | Total rules | Total supportable rules | Status | Notes | | -------------------------------------------------------------------------------------------------------------------- | ------- | ----------- | ----------------------- | -------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | -| [AUTOSAR C++](https://www.autosar.org/fileadmin/standards/R21-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf) | R19-11 R20-11 R21-11 | 397 | 375 | Implemented | +| [AUTOSAR C++](https://www.autosar.org/fileadmin/standards/R22-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf) | R22-11, R21-11, R20-11, R19-11, R19-03 | 397 | 375 | Implemented | | [CERT-C++](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-cpp-coding-standard-2016-v01.pdf) | 2016 | 83 | 83 | Implemented | AUTOSAR includes a sub-set of rules take from MISRA C++ 2008, which can be purchased for a small fee from [the MISRA website](https://misra.org.uk/shop). | | [CERT-C](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-c-coding-standard-2016-v01.pdf) | 2016 | 120 | 99 | In development | The implementation excludes rules not part of 2016, but that are added to the [CERT-C wiki](https://wiki.sei.cmu.edu/confluence/display/c/) | | [MISRA C](https://www.misra.org.uk/product/misra-c2012-third-edition-first-revision/ ) | 2012 | 172 | 172 | In development | This includes the [MISRA C:2012 Amendment 2](https://www.misra.org.uk/app/uploads/2021/06/MISRA-C-2012-AMD2.pdf) | diff --git a/docs/user_manual.md b/docs/user_manual.md index 3c704be7ec..f1bbfad49a 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -47,7 +47,7 @@ The _CodeQL Coding Standards_ product is a set of CodeQL queries for identifying | Standard | Version | Total rules | Total supportable rules | Status | | -------------------------------------------------------------------------------------------------------------------- | ------- | ----------- | ----------------------- | ----------------- | -| [AUTOSAR C++](https://www.autosar.org/fileadmin/standards/R21-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf) | R19-11 R20-11 R21-11 | 397 | 375 | Implemented | +| [AUTOSAR C++](https://www.autosar.org/fileadmin/standards/R22-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf) | R22-11, R21-11, R20-11, R19-11, R19-03 | 397 | 375 | Implemented | | [CERT-C++](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-cpp-coding-standard-2016-v01.pdf) | 2016 | 83 | 83 | Implemented | | [CERT C](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-c-coding-standard-2016-v01.pdf) | 2016 | 99 | 99 | Under development | | [MISRA C](https://www.misra.org.uk/product/misra-c2012-third-edition-first-revision/) | 2012 | 172 | 169 | Under development | diff --git a/scripts/generate_rules/generate_package_files.py b/scripts/generate_rules/generate_package_files.py index c7ad3b51d4..a3462515d6 100644 --- a/scripts/generate_rules/generate_package_files.py +++ b/scripts/generate_rules/generate_package_files.py @@ -49,7 +49,7 @@ }, "AUTOSAR" : { "standard_title" : "AUTOSAR: Guidelines for the use of the C++14 language in critical and safety-related systems", - "standard_url" : "https://www.autosar.org/fileadmin/standards/R21-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf" + "standard_url" : "https://www.autosar.org/fileadmin/standards/R22-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf" }, "CERT-C" : { "standard_title" : "CERT-C", diff --git a/scripts/reports/utils.py b/scripts/reports/utils.py index 6f1576b715..977826891c 100644 --- a/scripts/reports/utils.py +++ b/scripts/reports/utils.py @@ -183,7 +183,7 @@ def generate_guideline_compliance_summary(output_directory, results_summary): print( "**Result**: " + ("Not compliant" if total_guidelines_violated > 0 else "Compliant")) standard_pretty_name = { - "cert": "CERT C++ 2016", "autosar": "AUTOSAR C++ R19-11, R20-11 and R21-11"} + "cert": "CERT C++ 2016", "autosar": "AUTOSAR C++ R22-11, R21-11, R20-11, R19-11 and R19-03"} print("**Coding Standards applied**: " + ", ".join([standard_pretty_name[standard_short_name] for standard_short_name in results_summary.guideline_violation_count.keys()])) From aaf57886d489192647a7a19a98923ac2b08235ef Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 28 Apr 2023 14:59:58 +0100 Subject: [PATCH 1047/2573] Add change note. --- change_notes/2023-04-28-a14-7-2.md | 1 + 1 file changed, 1 insertion(+) create mode 100644 change_notes/2023-04-28-a14-7-2.md diff --git a/change_notes/2023-04-28-a14-7-2.md b/change_notes/2023-04-28-a14-7-2.md new file mode 100644 index 0000000000..b74b95449f --- /dev/null +++ b/change_notes/2023-04-28-a14-7-2.md @@ -0,0 +1 @@ + * `A14-7-2` - alert messages have been slightly adjusted to refer only to the base name of a file, not the full relative path. \ No newline at end of file From 8ff407d0d280f719c886586f1c92c8de12a25e14 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 2 May 2023 11:41:23 +0100 Subject: [PATCH 1048/2573] DCL51-CPP: Ignore compiler generated Ignore uses of the reserved prefix generated by the compiler. --- .../2023-05-02-single-reserved-prefix-generated.md | 1 + .../DCL51-CPP/UseOfSingleUnderscoreReservedPrefix.ql | 5 ++++- cpp/cert/test/rules/DCL51-CPP/test.cpp | 12 ++++++++++-- 3 files changed, 15 insertions(+), 3 deletions(-) create mode 100644 change_notes/2023-05-02-single-reserved-prefix-generated.md diff --git a/change_notes/2023-05-02-single-reserved-prefix-generated.md b/change_notes/2023-05-02-single-reserved-prefix-generated.md new file mode 100644 index 0000000000..59bde6cca0 --- /dev/null +++ b/change_notes/2023-05-02-single-reserved-prefix-generated.md @@ -0,0 +1 @@ + * `DCL51-CPP` - `cpp/cert/use-of-single-underscore-reserved-prefix` - remove false positives which were compiler generated, such as the function `_FUN` generated by the compiler for lambdas converted to function pointers. \ No newline at end of file diff --git a/cpp/cert/src/rules/DCL51-CPP/UseOfSingleUnderscoreReservedPrefix.ql b/cpp/cert/src/rules/DCL51-CPP/UseOfSingleUnderscoreReservedPrefix.ql index cf47ad444d..e2f7270f9c 100644 --- a/cpp/cert/src/rules/DCL51-CPP/UseOfSingleUnderscoreReservedPrefix.ql +++ b/cpp/cert/src/rules/DCL51-CPP/UseOfSingleUnderscoreReservedPrefix.ql @@ -53,5 +53,8 @@ where isGeneratedByUserMacro(d) ) ) - ) + ) and + // Ignore compiler generated functions and variables + not l.(Function).isCompilerGenerated() and + not l.(Variable).isCompilerGenerated() select l, "Name $@ uses the reserved prefix '_'.", l, s diff --git a/cpp/cert/test/rules/DCL51-CPP/test.cpp b/cpp/cert/test/rules/DCL51-CPP/test.cpp index 028867b88f..5e27dd2390 100644 --- a/cpp/cert/test/rules/DCL51-CPP/test.cpp +++ b/cpp/cert/test/rules/DCL51-CPP/test.cpp @@ -1,8 +1,8 @@ +#include "test.h" #include +#include #include -#include "test.h" - #undef INT_MAX // NON_COMPLIANT #define SIZE_MAX 256 // NON_COMPLIANT @@ -40,4 +40,12 @@ FD_SET(j); // COMPLIANT - standard library macro void f() { std::string x = __func__; // COMPLIANT +} + +void g(int (*l)(int)) {} + +void test_lambda(const int y) { + // Lambda generates a static function called `_FUN` when the lambda is + // converted to a function pointer + g([](int x) { return x; }); // COMPLIANT - compiler generated } \ No newline at end of file From 8f61a6bc9859f5a3b528a8e0797532fc0bbb9d6e Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 2 May 2023 12:01:51 +0100 Subject: [PATCH 1049/2573] __func__ excluded from C-style queries Exclude `__func__` from queries that prohibit c-style strings and arrays, as it is the proscribed way to return the function name. --- change_notes/2023-05-02-func-c-style.md | 3 +++ cpp/autosar/src/rules/A18-1-1/CStyleArraysUsed.ql | 4 +++- cpp/autosar/src/rules/A27-0-4/CStyleStringsUsed.ql | 3 ++- cpp/autosar/test/rules/A18-1-1/test.cpp | 2 ++ cpp/autosar/test/rules/A27-0-4/test.cpp | 1 + 5 files changed, 11 insertions(+), 2 deletions(-) create mode 100644 change_notes/2023-05-02-func-c-style.md diff --git a/change_notes/2023-05-02-func-c-style.md b/change_notes/2023-05-02-func-c-style.md new file mode 100644 index 0000000000..46e1710010 --- /dev/null +++ b/change_notes/2023-05-02-func-c-style.md @@ -0,0 +1,3 @@ + * Exclude the use of `__func__` from certain queries, as it is the proscribed way to return the name of the current function: + * `A27-0-4` - Use of the value returned by `__func__` is no longer flagged as a use of C-style strings. + * `A18-1-1` - `__func__` is no longer flagged as a declaration of a variable using C-style arrays. \ No newline at end of file diff --git a/cpp/autosar/src/rules/A18-1-1/CStyleArraysUsed.ql b/cpp/autosar/src/rules/A18-1-1/CStyleArraysUsed.ql index 83d0220c5a..0494e86607 100644 --- a/cpp/autosar/src/rules/A18-1-1/CStyleArraysUsed.ql +++ b/cpp/autosar/src/rules/A18-1-1/CStyleArraysUsed.ql @@ -30,5 +30,7 @@ class StaticConstExprArrayDataMember extends MemberVariable { from Variable v where not isExcluded(v, BannedSyntaxPackage::cStyleArraysUsedQuery()) and - exists(ArrayType a | v.getType() = a | not v instanceof StaticConstExprArrayDataMember) + exists(ArrayType a | v.getType() = a | not v instanceof StaticConstExprArrayDataMember) and + // Exclude the compiler generated __func__ as it is the only way to access the function name information + not v.getName() = "__func__" select v, "Variable " + v.getName() + " declares a c-style array." diff --git a/cpp/autosar/src/rules/A27-0-4/CStyleStringsUsed.ql b/cpp/autosar/src/rules/A27-0-4/CStyleStringsUsed.ql index be8bda1f0b..b24a4a96cf 100644 --- a/cpp/autosar/src/rules/A27-0-4/CStyleStringsUsed.ql +++ b/cpp/autosar/src/rules/A27-0-4/CStyleStringsUsed.ql @@ -36,5 +36,6 @@ where e = any(FunctionCall fc).getArgument(_) and e.getUnspecifiedType().(PointerType).getBaseType*() instanceof CharType ) and - DataFlow::localFlow(DataFlow::exprNode(cs), DataFlow::exprNode(e)) + DataFlow::localFlow(DataFlow::exprNode(cs), DataFlow::exprNode(e)) and + not cs = any(LocalVariable lv | lv.getName() = "__func__").getInitializer().getExpr() select cs, "Usage of C-style string in $@.", e, "expression" diff --git a/cpp/autosar/test/rules/A18-1-1/test.cpp b/cpp/autosar/test/rules/A18-1-1/test.cpp index 21eb783717..90596780d9 100644 --- a/cpp/autosar/test/rules/A18-1-1/test.cpp +++ b/cpp/autosar/test/rules/A18-1-1/test.cpp @@ -10,5 +10,7 @@ int test_c_arrays() { int x[100]; // NON_COMPLIANT constexpr int a[]{0, 1, 2}; // NON_COMPLIANT + + __func__; // COMPLAINT return 0; } \ No newline at end of file diff --git a/cpp/autosar/test/rules/A27-0-4/test.cpp b/cpp/autosar/test/rules/A27-0-4/test.cpp index 10ee885979..e73c37ea64 100644 --- a/cpp/autosar/test/rules/A27-0-4/test.cpp +++ b/cpp/autosar/test/rules/A27-0-4/test.cpp @@ -26,4 +26,5 @@ void f2() { f1(a1); f1(a2); f1(s.c_str()); // NON_COMPLIANT + __func__; } \ No newline at end of file From d183a9d15dbd48c4a9830d973c59c4c3da908bca Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 3 May 2023 14:20:16 +0200 Subject: [PATCH 1050/2573] Fix `qcc` test compilation issues --- .../CStandardLibraryHeadersAreDeprecated.cpp | 2 +- cpp/autosar/test/rules/A1-1-1/test.cpp | 0 cpp/autosar/test/rules/A18-0-1/test.cpp.qcc | 41 ++++++++ ...ynamicMemoryManagementFailureMode.expected | 1 - cpp/autosar/test/rules/A18-5-6/test_msvc.cpp | 5 - ...aracterSetUsedInTheSourceCode.expected.gcc | 1 + ...aracterSetUsedInTheSourceCode.expected.qcc | 1 + cpp/autosar/test/rules/A2-3-1/test.cpp.gcc | 12 +++ cpp/autosar/test/rules/A2-3-1/test.cpp.qcc | 12 +++ ...NullPointerConstantNotNullptr.expected.gcc | 3 + ...NullPointerConstantNotNullptr.expected.qcc | 3 + cpp/autosar/test/rules/A4-10-1/test.cpp.gcc | 20 ++++ cpp/autosar/test/rules/A4-10-1/test.cpp.qcc | 20 ++++ .../EnumUsedInArithmeticContexts.expected.gcc | 93 +++++++++++++++++++ .../EnumUsedInArithmeticContexts.expected.qcc | 93 +++++++++++++++++++ cpp/autosar/test/rules/A4-5-1/enum.cpp.gcc | 79 ++++++++++++++++ cpp/autosar/test/rules/A4-5-1/enum.cpp.qcc | 79 ++++++++++++++++ cpp/autosar/test/rules/A4-5-1/test.cpp | 0 cpp/autosar/test/rules/A5-2-2/options.qcc | 1 + cpp/autosar/test/rules/A7-1-1/test.cpp | 4 +- 20 files changed, 461 insertions(+), 9 deletions(-) delete mode 100644 cpp/autosar/test/rules/A1-1-1/test.cpp create mode 100644 cpp/autosar/test/rules/A18-0-1/test.cpp.qcc delete mode 100644 cpp/autosar/test/rules/A18-5-6/test_msvc.cpp create mode 100644 cpp/autosar/test/rules/A2-3-1/CharacterOutsideTheLanguageStandardBasicSourceCharacterSetUsedInTheSourceCode.expected.gcc create mode 100644 cpp/autosar/test/rules/A2-3-1/CharacterOutsideTheLanguageStandardBasicSourceCharacterSetUsedInTheSourceCode.expected.qcc create mode 100644 cpp/autosar/test/rules/A2-3-1/test.cpp.gcc create mode 100644 cpp/autosar/test/rules/A2-3-1/test.cpp.qcc create mode 100644 cpp/autosar/test/rules/A4-10-1/NullPointerConstantNotNullptr.expected.gcc create mode 100644 cpp/autosar/test/rules/A4-10-1/NullPointerConstantNotNullptr.expected.qcc create mode 100644 cpp/autosar/test/rules/A4-10-1/test.cpp.gcc create mode 100644 cpp/autosar/test/rules/A4-10-1/test.cpp.qcc create mode 100644 cpp/autosar/test/rules/A4-5-1/EnumUsedInArithmeticContexts.expected.gcc create mode 100644 cpp/autosar/test/rules/A4-5-1/EnumUsedInArithmeticContexts.expected.qcc create mode 100644 cpp/autosar/test/rules/A4-5-1/enum.cpp.gcc create mode 100644 cpp/autosar/test/rules/A4-5-1/enum.cpp.qcc delete mode 100644 cpp/autosar/test/rules/A4-5-1/test.cpp create mode 100644 cpp/autosar/test/rules/A5-2-2/options.qcc diff --git a/cpp/autosar/test/rules/A1-1-1/CStandardLibraryHeadersAreDeprecated.cpp b/cpp/autosar/test/rules/A1-1-1/CStandardLibraryHeadersAreDeprecated.cpp index a5149ac02a..c3d2664972 100644 --- a/cpp/autosar/test/rules/A1-1-1/CStandardLibraryHeadersAreDeprecated.cpp +++ b/cpp/autosar/test/rules/A1-1-1/CStandardLibraryHeadersAreDeprecated.cpp @@ -24,5 +24,5 @@ #include // NON_COMPLIANT #include // NON_COMPLIANT -#include // COMPLIANT +#include // COMPLIANT #include // COMPLIANT \ No newline at end of file diff --git a/cpp/autosar/test/rules/A1-1-1/test.cpp b/cpp/autosar/test/rules/A1-1-1/test.cpp deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/cpp/autosar/test/rules/A18-0-1/test.cpp.qcc b/cpp/autosar/test/rules/A18-0-1/test.cpp.qcc new file mode 100644 index 0000000000..ef665a3df5 --- /dev/null +++ b/cpp/autosar/test/rules/A18-0-1/test.cpp.qcc @@ -0,0 +1,41 @@ +#include // NON_COMPLIANT +#include // NON_COMPLIANT +#include // NON_COMPLIANT +#include // NON_COMPLIANT +#include // NON_COMPLIANT +#include // NON_COMPLIANT +#include // NON_COMPLIANT +#include // NON_COMPLIANT +#include // NON_COMPLIANT +#include // NON_COMPLIANT +#include // NON_COMPLIANT +#include // NON_COMPLIANT +#include // NON_COMPLIANT +#include // NON_COMPLIANT +#include // NON_COMPLIANT +#include // NON_COMPLIANT +#include // NON_COMPLIANT +#include // NON_COMPLIANT +#include // NON_COMPLIANT +#include // NON_COMPLIANT +#include // NON_COMPLIANT + +#include // COMPLIANT +#include // COMPLIANT +#include // COMPLIANT +#include // COMPLIANT +#include // COMPLIANT +#include // COMPLIANT +#include // COMPLIANT +#include // COMPLIANT +#include // COMPLIANT +#include // COMPLIANT +#include // COMPLIANT +#include // COMPLIANT +#include // COMPLIANT +#include // COMPLIANT +#include // COMPLIANT +#include // COMPLIANT +#include // COMPLIANT +#include // COMPLIANT +#include // COMPLIANT \ No newline at end of file diff --git a/cpp/autosar/test/rules/A18-5-6/DynamicMemoryManagementFailureMode.expected b/cpp/autosar/test/rules/A18-5-6/DynamicMemoryManagementFailureMode.expected index 1a651c3632..3e2ddd3b39 100644 --- a/cpp/autosar/test/rules/A18-5-6/DynamicMemoryManagementFailureMode.expected +++ b/cpp/autosar/test/rules/A18-5-6/DynamicMemoryManagementFailureMode.expected @@ -1,4 +1,3 @@ | test.cpp:5:7:5:13 | malloc1 | (Audit) Function may be a memory allocation function and an analysis should be performed to analyze the failure modes of dynamic memory management. | | test.cpp:8:7:8:13 | malloc3 | (Audit) Function may be a memory allocation function and an analysis should be performed to analyze the failure modes of dynamic memory management. | | test.cpp:10:6:10:7 | h1 | (Audit) Function may be a memory allocation function and an analysis should be performed to analyze the failure modes of dynamic memory management. | -| test_msvc.cpp:3:29:3:35 | malloc5 | (Audit) Function may be a memory allocation function and an analysis should be performed to analyze the failure modes of dynamic memory management. | diff --git a/cpp/autosar/test/rules/A18-5-6/test_msvc.cpp b/cpp/autosar/test/rules/A18-5-6/test_msvc.cpp deleted file mode 100644 index ff8314a955..0000000000 --- a/cpp/autosar/test/rules/A18-5-6/test_msvc.cpp +++ /dev/null @@ -1,5 +0,0 @@ -// semmle-extractor-options: --microsoft - -__declspec(allocator) void *malloc5(int b) { // NON_COMPLIANT - return nullptr; -} \ No newline at end of file diff --git a/cpp/autosar/test/rules/A2-3-1/CharacterOutsideTheLanguageStandardBasicSourceCharacterSetUsedInTheSourceCode.expected.gcc b/cpp/autosar/test/rules/A2-3-1/CharacterOutsideTheLanguageStandardBasicSourceCharacterSetUsedInTheSourceCode.expected.gcc new file mode 100644 index 0000000000..fd5bf9d0e2 --- /dev/null +++ b/cpp/autosar/test/rules/A2-3-1/CharacterOutsideTheLanguageStandardBasicSourceCharacterSetUsedInTheSourceCode.expected.gcc @@ -0,0 +1 @@ +| test.cpp:6:5:6:13 | l1_\\u00a8 | Declaration uses the character '\\u00a8' that is outside the language basic character set. | diff --git a/cpp/autosar/test/rules/A2-3-1/CharacterOutsideTheLanguageStandardBasicSourceCharacterSetUsedInTheSourceCode.expected.qcc b/cpp/autosar/test/rules/A2-3-1/CharacterOutsideTheLanguageStandardBasicSourceCharacterSetUsedInTheSourceCode.expected.qcc new file mode 100644 index 0000000000..fd5bf9d0e2 --- /dev/null +++ b/cpp/autosar/test/rules/A2-3-1/CharacterOutsideTheLanguageStandardBasicSourceCharacterSetUsedInTheSourceCode.expected.qcc @@ -0,0 +1 @@ +| test.cpp:6:5:6:13 | l1_\\u00a8 | Declaration uses the character '\\u00a8' that is outside the language basic character set. | diff --git a/cpp/autosar/test/rules/A2-3-1/test.cpp.gcc b/cpp/autosar/test/rules/A2-3-1/test.cpp.gcc new file mode 100644 index 0000000000..84c12523d9 --- /dev/null +++ b/cpp/autosar/test/rules/A2-3-1/test.cpp.gcc @@ -0,0 +1,12 @@ +// It is valid to use @ in comments COMPLIANT + +// Invalid character α NON_COMPLIANT +// double α = 2.; // NON_COMPLIANT; U+03b1 - this is compiler checked +// void *to_𐆅_and_beyond = nullptr; // NON_COMPLIANT; U+10185 - this is compiler checked +int l1_\u00A8; // COMPLIANT[FALSE_POSITIVE] +const char *euro = "α"; // NON_COMPLIANT + +int valid; +/* +Invalid character ↦ NON_COMPLIANT +*/ \ No newline at end of file diff --git a/cpp/autosar/test/rules/A2-3-1/test.cpp.qcc b/cpp/autosar/test/rules/A2-3-1/test.cpp.qcc new file mode 100644 index 0000000000..84c12523d9 --- /dev/null +++ b/cpp/autosar/test/rules/A2-3-1/test.cpp.qcc @@ -0,0 +1,12 @@ +// It is valid to use @ in comments COMPLIANT + +// Invalid character α NON_COMPLIANT +// double α = 2.; // NON_COMPLIANT; U+03b1 - this is compiler checked +// void *to_𐆅_and_beyond = nullptr; // NON_COMPLIANT; U+10185 - this is compiler checked +int l1_\u00A8; // COMPLIANT[FALSE_POSITIVE] +const char *euro = "α"; // NON_COMPLIANT + +int valid; +/* +Invalid character ↦ NON_COMPLIANT +*/ \ No newline at end of file diff --git a/cpp/autosar/test/rules/A4-10-1/NullPointerConstantNotNullptr.expected.gcc b/cpp/autosar/test/rules/A4-10-1/NullPointerConstantNotNullptr.expected.gcc new file mode 100644 index 0000000000..1d7a675b05 --- /dev/null +++ b/cpp/autosar/test/rules/A4-10-1/NullPointerConstantNotNullptr.expected.gcc @@ -0,0 +1,3 @@ +| test.cpp:10:13:10:13 | 0 | 0 is used as the null-pointer-constant but is not nullptr. | +| test.cpp:11:6:11:6 | 0 | 0 is used as the null-pointer-constant but is not nullptr. | +| test.cpp:17:6:17:9 | 0 | NULL is used as the null-pointer-constant but is not nullptr. | diff --git a/cpp/autosar/test/rules/A4-10-1/NullPointerConstantNotNullptr.expected.qcc b/cpp/autosar/test/rules/A4-10-1/NullPointerConstantNotNullptr.expected.qcc new file mode 100644 index 0000000000..1d7a675b05 --- /dev/null +++ b/cpp/autosar/test/rules/A4-10-1/NullPointerConstantNotNullptr.expected.qcc @@ -0,0 +1,3 @@ +| test.cpp:10:13:10:13 | 0 | 0 is used as the null-pointer-constant but is not nullptr. | +| test.cpp:11:6:11:6 | 0 | 0 is used as the null-pointer-constant but is not nullptr. | +| test.cpp:17:6:17:9 | 0 | NULL is used as the null-pointer-constant but is not nullptr. | diff --git a/cpp/autosar/test/rules/A4-10-1/test.cpp.gcc b/cpp/autosar/test/rules/A4-10-1/test.cpp.gcc new file mode 100644 index 0000000000..ca398adfc8 --- /dev/null +++ b/cpp/autosar/test/rules/A4-10-1/test.cpp.gcc @@ -0,0 +1,20 @@ +void f1(int *x); +void f2(int x); +void f3(char *x); +// Template function which forwards to a pointer function +template void f3(F f, X x) { f1(x); } + +#define NULL 0 + +void test_nullptr() { + int *l1 = 0; // NON_COMPLIANT - 0 converted to a pointer type + f1(0); // NON_COMPLIANT - 0 converted to a pointer type + int *l2 = nullptr; // COMPLIANT - use of nullptr + f1(nullptr); // COMPLIANT - use of nullptr + f2(0); // COMPLIANT - use of 0 literal with no conversion to pointer + int l3 = 0; // COMPLIANT - use of 0 literal with no conversion to pointer + f3(f1, nullptr); // COMPLIANT - use of nullptr + f1(NULL); // NON_COMPLIANT - use of NULL macro + // f1('\0'); // NON_COMPLIANT - use of octal escape 0 - this is compiler checked + f3("0"); // COMPLIANT - "0" is not a literal zero +} \ No newline at end of file diff --git a/cpp/autosar/test/rules/A4-10-1/test.cpp.qcc b/cpp/autosar/test/rules/A4-10-1/test.cpp.qcc new file mode 100644 index 0000000000..ca398adfc8 --- /dev/null +++ b/cpp/autosar/test/rules/A4-10-1/test.cpp.qcc @@ -0,0 +1,20 @@ +void f1(int *x); +void f2(int x); +void f3(char *x); +// Template function which forwards to a pointer function +template void f3(F f, X x) { f1(x); } + +#define NULL 0 + +void test_nullptr() { + int *l1 = 0; // NON_COMPLIANT - 0 converted to a pointer type + f1(0); // NON_COMPLIANT - 0 converted to a pointer type + int *l2 = nullptr; // COMPLIANT - use of nullptr + f1(nullptr); // COMPLIANT - use of nullptr + f2(0); // COMPLIANT - use of 0 literal with no conversion to pointer + int l3 = 0; // COMPLIANT - use of 0 literal with no conversion to pointer + f3(f1, nullptr); // COMPLIANT - use of nullptr + f1(NULL); // NON_COMPLIANT - use of NULL macro + // f1('\0'); // NON_COMPLIANT - use of octal escape 0 - this is compiler checked + f3("0"); // COMPLIANT - "0" is not a literal zero +} \ No newline at end of file diff --git a/cpp/autosar/test/rules/A4-5-1/EnumUsedInArithmeticContexts.expected.gcc b/cpp/autosar/test/rules/A4-5-1/EnumUsedInArithmeticContexts.expected.gcc new file mode 100644 index 0000000000..a264afb5f3 --- /dev/null +++ b/cpp/autosar/test/rules/A4-5-1/EnumUsedInArithmeticContexts.expected.gcc @@ -0,0 +1,93 @@ +| enum.cpp:21:3:21:16 | ... + ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:21:3:21:8 | Avenue | expression | +| enum.cpp:21:3:21:16 | ... + ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:21:12:21:16 | Place | expression | +| enum.cpp:22:3:22:15 | ... - ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:22:3:22:7 | Place | expression | +| enum.cpp:22:3:22:15 | ... - ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:22:11:22:15 | Place | expression | +| enum.cpp:23:3:23:9 | - ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:23:4:23:9 | Avenue | expression | +| enum.cpp:24:3:24:10 | ... % ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:24:3:24:6 | Road | expression | +| enum.cpp:25:3:25:12 | ... / ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:25:3:25:8 | Avenue | expression | +| enum.cpp:26:3:26:15 | ... * ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:26:3:26:11 | Boulevard | expression | +| enum.cpp:29:3:29:13 | ... && ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:29:3:29:6 | Lane | expression | +| enum.cpp:29:3:29:13 | ... && ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:29:10:29:13 | Road | expression | +| enum.cpp:30:3:30:15 | ... \|\| ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:30:3:30:7 | Place | expression | +| enum.cpp:30:3:30:15 | ... \|\| ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:30:12:30:15 | Lane | expression | +| enum.cpp:31:3:31:7 | ! ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:31:4:31:7 | Road | expression | +| enum.cpp:34:3:34:23 | ... \| ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:34:3:34:11 | Boulevard | expression | +| enum.cpp:34:3:34:23 | ... \| ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:34:15:34:23 | Boulevard | expression | +| enum.cpp:35:3:35:7 | ~ ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:35:4:35:7 | Lane | expression | +| enum.cpp:36:3:36:14 | ... ^ ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:36:3:36:7 | Place | expression | +| enum.cpp:36:3:36:14 | ... ^ ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:36:11:36:14 | Road | expression | +| enum.cpp:37:3:37:11 | ... >> ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:37:3:37:6 | Road | expression | +| enum.cpp:38:3:38:11 | ... << ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:38:3:38:6 | Road | expression | +| enum.cpp:39:10:39:10 | call to operator&= | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:39:3:39:8 | Avenue | expression | +| enum.cpp:39:10:39:10 | call to operator&= | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:39:13:39:17 | Place | expression | +| enum.cpp:40:8:40:8 | call to operator^= | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:40:3:40:6 | Road | expression | +| enum.cpp:40:8:40:8 | call to operator^= | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:40:11:40:14 | Road | expression | +| enum.cpp:41:8:41:8 | call to operator>>= | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:41:3:41:6 | Road | expression | +| enum.cpp:41:8:41:8 | call to operator>>= | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:41:12:41:15 | Road | expression | +| enum.cpp:42:8:42:8 | call to operator<<= | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:42:3:42:6 | Road | expression | +| enum.cpp:42:8:42:8 | call to operator<<= | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:42:12:42:15 | Road | expression | +| enum.cpp:57:3:57:7 | ... + ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:57:3:57:3 | a | expression | +| enum.cpp:57:3:57:7 | ... + ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:57:7:57:7 | a | expression | +| enum.cpp:58:3:58:7 | ... - ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:58:3:58:3 | a | expression | +| enum.cpp:58:3:58:7 | ... - ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:58:7:58:7 | a | expression | +| enum.cpp:59:3:59:4 | - ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:59:4:59:4 | a | expression | +| enum.cpp:60:3:60:7 | ... % ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:60:3:60:3 | a | expression | +| enum.cpp:61:3:61:7 | ... / ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:61:3:61:3 | a | expression | +| enum.cpp:62:3:62:7 | ... * ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:62:3:62:3 | a | expression | +| enum.cpp:65:3:65:7 | ... && ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:65:3:65:3 | a | expression | +| enum.cpp:65:3:65:7 | ... && ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:65:7:65:7 | b | expression | +| enum.cpp:66:3:66:8 | ... \|\| ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:66:3:66:3 | a | expression | +| enum.cpp:66:3:66:8 | ... \|\| ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:66:8:66:8 | b | expression | +| enum.cpp:67:3:67:4 | ! ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:67:4:67:4 | b | expression | +| enum.cpp:70:3:70:7 | ... \| ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:70:3:70:3 | a | expression | +| enum.cpp:70:3:70:7 | ... \| ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:70:7:70:7 | b | expression | +| enum.cpp:71:3:71:4 | ~ ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:71:4:71:4 | a | expression | +| enum.cpp:72:3:72:7 | ... ^ ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:72:3:72:3 | a | expression | +| enum.cpp:72:3:72:7 | ... ^ ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:72:7:72:7 | b | expression | +| enum.cpp:73:3:73:8 | ... >> ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:73:3:73:3 | a | expression | +| enum.cpp:74:3:74:8 | ... << ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:74:3:74:3 | a | expression | +| enum.cpp:75:5:75:5 | call to operator&= | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:75:3:75:3 | a | expression | +| enum.cpp:75:5:75:5 | call to operator&= | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:75:8:75:8 | b | expression | +| enum_class.cpp:49:22:49:22 | call to operator+ | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:49:3:49:20 | ML | expression | +| enum_class.cpp:50:23:50:23 | call to operator- | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:50:3:50:21 | SML | expression | +| enum_class.cpp:50:23:50:23 | call to operator- | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:50:25:50:42 | ML | expression | +| enum_class.cpp:51:3:51:3 | call to operator- | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:51:4:51:26 | Haskell | expression | +| enum_class.cpp:52:26:52:26 | call to operator% | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:52:3:52:24 | Racket | expression | +| enum_class.cpp:53:23:53:23 | call to operator/ | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:53:3:53:21 | Elm | expression | +| enum_class.cpp:54:26:54:26 | call to operator* | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:54:3:54:24 | Scheme | expression | +| enum_class.cpp:57:27:57:27 | call to operator&& | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:57:3:57:25 | Haskell | expression | +| enum_class.cpp:57:27:57:27 | call to operator&& | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:57:29:57:47 | Elm | expression | +| enum_class.cpp:58:24:58:24 | call to operator\|\| | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:58:3:58:22 | Lisp | expression | +| enum_class.cpp:58:24:58:24 | call to operator\|\| | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:58:27:58:48 | Racket | expression | +| enum_class.cpp:59:3:59:3 | call to operator! | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:59:4:59:25 | Scheme | expression | +| enum_class.cpp:62:23:62:23 | call to operator\| | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:62:3:62:21 | Elm | expression | +| enum_class.cpp:62:23:62:23 | call to operator\| | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:62:25:62:46 | Racket | expression | +| enum_class.cpp:63:3:63:3 | call to operator~ | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:63:4:63:24 | Idris | expression | +| enum_class.cpp:64:22:64:22 | call to operator^ | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:64:3:64:20 | ML | expression | +| enum_class.cpp:64:22:64:22 | call to operator^ | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:64:24:64:44 | OCaml | expression | +| enum_class.cpp:65:25:65:25 | call to operator>> | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:65:3:65:23 | OCaml | expression | +| enum_class.cpp:66:24:66:24 | call to operator<< | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:66:3:66:22 | Lisp | expression | +| enum_class.cpp:67:5:67:5 | call to operator&= | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:67:3:67:3 | l | expression | +| enum_class.cpp:67:5:67:5 | call to operator&= | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:67:8:67:28 | OCaml | expression | +| enum_class.cpp:68:5:68:5 | call to operator^= | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:68:3:68:3 | l | expression | +| enum_class.cpp:69:5:69:5 | call to operator>>= | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:69:3:69:3 | l | expression | +| enum_class.cpp:70:5:70:5 | call to operator<<= | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:70:3:70:3 | l | expression | +| enum_class.cpp:85:5:85:5 | call to operator+ | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:85:3:85:3 | a | expression | +| enum_class.cpp:86:5:86:5 | call to operator- | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:86:3:86:3 | a | expression | +| enum_class.cpp:86:5:86:5 | call to operator- | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:86:7:86:7 | b | expression | +| enum_class.cpp:87:3:87:3 | call to operator- | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:87:4:87:4 | a | expression | +| enum_class.cpp:88:5:88:5 | call to operator% | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:88:3:88:3 | a | expression | +| enum_class.cpp:89:5:89:5 | call to operator/ | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:89:3:89:3 | a | expression | +| enum_class.cpp:90:5:90:5 | call to operator* | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:90:3:90:3 | b | expression | +| enum_class.cpp:93:5:93:5 | call to operator&& | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:93:3:93:3 | a | expression | +| enum_class.cpp:93:5:93:5 | call to operator&& | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:93:7:93:7 | b | expression | +| enum_class.cpp:94:5:94:5 | call to operator\|\| | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:94:3:94:3 | a | expression | +| enum_class.cpp:94:5:94:5 | call to operator\|\| | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:94:8:94:8 | b | expression | +| enum_class.cpp:95:3:95:3 | call to operator! | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:95:4:95:4 | a | expression | +| enum_class.cpp:98:5:98:5 | call to operator\| | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:98:3:98:3 | a | expression | +| enum_class.cpp:98:5:98:5 | call to operator\| | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:98:7:98:7 | b | expression | +| enum_class.cpp:99:3:99:3 | call to operator~ | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:99:4:99:4 | a | expression | +| enum_class.cpp:100:5:100:5 | call to operator^ | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:100:3:100:3 | a | expression | +| enum_class.cpp:100:5:100:5 | call to operator^ | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:100:7:100:7 | b | expression | +| enum_class.cpp:101:5:101:5 | call to operator>> | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:101:3:101:3 | a | expression | +| enum_class.cpp:102:5:102:5 | call to operator<< | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:102:3:102:3 | a | expression | diff --git a/cpp/autosar/test/rules/A4-5-1/EnumUsedInArithmeticContexts.expected.qcc b/cpp/autosar/test/rules/A4-5-1/EnumUsedInArithmeticContexts.expected.qcc new file mode 100644 index 0000000000..a264afb5f3 --- /dev/null +++ b/cpp/autosar/test/rules/A4-5-1/EnumUsedInArithmeticContexts.expected.qcc @@ -0,0 +1,93 @@ +| enum.cpp:21:3:21:16 | ... + ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:21:3:21:8 | Avenue | expression | +| enum.cpp:21:3:21:16 | ... + ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:21:12:21:16 | Place | expression | +| enum.cpp:22:3:22:15 | ... - ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:22:3:22:7 | Place | expression | +| enum.cpp:22:3:22:15 | ... - ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:22:11:22:15 | Place | expression | +| enum.cpp:23:3:23:9 | - ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:23:4:23:9 | Avenue | expression | +| enum.cpp:24:3:24:10 | ... % ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:24:3:24:6 | Road | expression | +| enum.cpp:25:3:25:12 | ... / ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:25:3:25:8 | Avenue | expression | +| enum.cpp:26:3:26:15 | ... * ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:26:3:26:11 | Boulevard | expression | +| enum.cpp:29:3:29:13 | ... && ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:29:3:29:6 | Lane | expression | +| enum.cpp:29:3:29:13 | ... && ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:29:10:29:13 | Road | expression | +| enum.cpp:30:3:30:15 | ... \|\| ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:30:3:30:7 | Place | expression | +| enum.cpp:30:3:30:15 | ... \|\| ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:30:12:30:15 | Lane | expression | +| enum.cpp:31:3:31:7 | ! ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:31:4:31:7 | Road | expression | +| enum.cpp:34:3:34:23 | ... \| ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:34:3:34:11 | Boulevard | expression | +| enum.cpp:34:3:34:23 | ... \| ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:34:15:34:23 | Boulevard | expression | +| enum.cpp:35:3:35:7 | ~ ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:35:4:35:7 | Lane | expression | +| enum.cpp:36:3:36:14 | ... ^ ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:36:3:36:7 | Place | expression | +| enum.cpp:36:3:36:14 | ... ^ ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:36:11:36:14 | Road | expression | +| enum.cpp:37:3:37:11 | ... >> ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:37:3:37:6 | Road | expression | +| enum.cpp:38:3:38:11 | ... << ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:38:3:38:6 | Road | expression | +| enum.cpp:39:10:39:10 | call to operator&= | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:39:3:39:8 | Avenue | expression | +| enum.cpp:39:10:39:10 | call to operator&= | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:39:13:39:17 | Place | expression | +| enum.cpp:40:8:40:8 | call to operator^= | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:40:3:40:6 | Road | expression | +| enum.cpp:40:8:40:8 | call to operator^= | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:40:11:40:14 | Road | expression | +| enum.cpp:41:8:41:8 | call to operator>>= | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:41:3:41:6 | Road | expression | +| enum.cpp:41:8:41:8 | call to operator>>= | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:41:12:41:15 | Road | expression | +| enum.cpp:42:8:42:8 | call to operator<<= | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:42:3:42:6 | Road | expression | +| enum.cpp:42:8:42:8 | call to operator<<= | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:42:12:42:15 | Road | expression | +| enum.cpp:57:3:57:7 | ... + ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:57:3:57:3 | a | expression | +| enum.cpp:57:3:57:7 | ... + ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:57:7:57:7 | a | expression | +| enum.cpp:58:3:58:7 | ... - ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:58:3:58:3 | a | expression | +| enum.cpp:58:3:58:7 | ... - ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:58:7:58:7 | a | expression | +| enum.cpp:59:3:59:4 | - ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:59:4:59:4 | a | expression | +| enum.cpp:60:3:60:7 | ... % ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:60:3:60:3 | a | expression | +| enum.cpp:61:3:61:7 | ... / ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:61:3:61:3 | a | expression | +| enum.cpp:62:3:62:7 | ... * ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:62:3:62:3 | a | expression | +| enum.cpp:65:3:65:7 | ... && ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:65:3:65:3 | a | expression | +| enum.cpp:65:3:65:7 | ... && ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:65:7:65:7 | b | expression | +| enum.cpp:66:3:66:8 | ... \|\| ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:66:3:66:3 | a | expression | +| enum.cpp:66:3:66:8 | ... \|\| ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:66:8:66:8 | b | expression | +| enum.cpp:67:3:67:4 | ! ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:67:4:67:4 | b | expression | +| enum.cpp:70:3:70:7 | ... \| ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:70:3:70:3 | a | expression | +| enum.cpp:70:3:70:7 | ... \| ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:70:7:70:7 | b | expression | +| enum.cpp:71:3:71:4 | ~ ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:71:4:71:4 | a | expression | +| enum.cpp:72:3:72:7 | ... ^ ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:72:3:72:3 | a | expression | +| enum.cpp:72:3:72:7 | ... ^ ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:72:7:72:7 | b | expression | +| enum.cpp:73:3:73:8 | ... >> ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:73:3:73:3 | a | expression | +| enum.cpp:74:3:74:8 | ... << ... | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:74:3:74:3 | a | expression | +| enum.cpp:75:5:75:5 | call to operator&= | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:75:3:75:3 | a | expression | +| enum.cpp:75:5:75:5 | call to operator&= | Enum $@ is used as an operand of arithmetic operation. | enum.cpp:75:8:75:8 | b | expression | +| enum_class.cpp:49:22:49:22 | call to operator+ | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:49:3:49:20 | ML | expression | +| enum_class.cpp:50:23:50:23 | call to operator- | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:50:3:50:21 | SML | expression | +| enum_class.cpp:50:23:50:23 | call to operator- | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:50:25:50:42 | ML | expression | +| enum_class.cpp:51:3:51:3 | call to operator- | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:51:4:51:26 | Haskell | expression | +| enum_class.cpp:52:26:52:26 | call to operator% | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:52:3:52:24 | Racket | expression | +| enum_class.cpp:53:23:53:23 | call to operator/ | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:53:3:53:21 | Elm | expression | +| enum_class.cpp:54:26:54:26 | call to operator* | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:54:3:54:24 | Scheme | expression | +| enum_class.cpp:57:27:57:27 | call to operator&& | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:57:3:57:25 | Haskell | expression | +| enum_class.cpp:57:27:57:27 | call to operator&& | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:57:29:57:47 | Elm | expression | +| enum_class.cpp:58:24:58:24 | call to operator\|\| | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:58:3:58:22 | Lisp | expression | +| enum_class.cpp:58:24:58:24 | call to operator\|\| | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:58:27:58:48 | Racket | expression | +| enum_class.cpp:59:3:59:3 | call to operator! | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:59:4:59:25 | Scheme | expression | +| enum_class.cpp:62:23:62:23 | call to operator\| | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:62:3:62:21 | Elm | expression | +| enum_class.cpp:62:23:62:23 | call to operator\| | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:62:25:62:46 | Racket | expression | +| enum_class.cpp:63:3:63:3 | call to operator~ | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:63:4:63:24 | Idris | expression | +| enum_class.cpp:64:22:64:22 | call to operator^ | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:64:3:64:20 | ML | expression | +| enum_class.cpp:64:22:64:22 | call to operator^ | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:64:24:64:44 | OCaml | expression | +| enum_class.cpp:65:25:65:25 | call to operator>> | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:65:3:65:23 | OCaml | expression | +| enum_class.cpp:66:24:66:24 | call to operator<< | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:66:3:66:22 | Lisp | expression | +| enum_class.cpp:67:5:67:5 | call to operator&= | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:67:3:67:3 | l | expression | +| enum_class.cpp:67:5:67:5 | call to operator&= | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:67:8:67:28 | OCaml | expression | +| enum_class.cpp:68:5:68:5 | call to operator^= | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:68:3:68:3 | l | expression | +| enum_class.cpp:69:5:69:5 | call to operator>>= | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:69:3:69:3 | l | expression | +| enum_class.cpp:70:5:70:5 | call to operator<<= | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:70:3:70:3 | l | expression | +| enum_class.cpp:85:5:85:5 | call to operator+ | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:85:3:85:3 | a | expression | +| enum_class.cpp:86:5:86:5 | call to operator- | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:86:3:86:3 | a | expression | +| enum_class.cpp:86:5:86:5 | call to operator- | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:86:7:86:7 | b | expression | +| enum_class.cpp:87:3:87:3 | call to operator- | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:87:4:87:4 | a | expression | +| enum_class.cpp:88:5:88:5 | call to operator% | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:88:3:88:3 | a | expression | +| enum_class.cpp:89:5:89:5 | call to operator/ | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:89:3:89:3 | a | expression | +| enum_class.cpp:90:5:90:5 | call to operator* | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:90:3:90:3 | b | expression | +| enum_class.cpp:93:5:93:5 | call to operator&& | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:93:3:93:3 | a | expression | +| enum_class.cpp:93:5:93:5 | call to operator&& | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:93:7:93:7 | b | expression | +| enum_class.cpp:94:5:94:5 | call to operator\|\| | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:94:3:94:3 | a | expression | +| enum_class.cpp:94:5:94:5 | call to operator\|\| | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:94:8:94:8 | b | expression | +| enum_class.cpp:95:3:95:3 | call to operator! | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:95:4:95:4 | a | expression | +| enum_class.cpp:98:5:98:5 | call to operator\| | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:98:3:98:3 | a | expression | +| enum_class.cpp:98:5:98:5 | call to operator\| | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:98:7:98:7 | b | expression | +| enum_class.cpp:99:3:99:3 | call to operator~ | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:99:4:99:4 | a | expression | +| enum_class.cpp:100:5:100:5 | call to operator^ | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:100:3:100:3 | a | expression | +| enum_class.cpp:100:5:100:5 | call to operator^ | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:100:7:100:7 | b | expression | +| enum_class.cpp:101:5:101:5 | call to operator>> | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:101:3:101:3 | a | expression | +| enum_class.cpp:102:5:102:5 | call to operator<< | Enum $@ is used as an operand of arithmetic operation. | enum_class.cpp:102:3:102:3 | a | expression | diff --git a/cpp/autosar/test/rules/A4-5-1/enum.cpp.gcc b/cpp/autosar/test/rules/A4-5-1/enum.cpp.gcc new file mode 100644 index 0000000000..074aa4404f --- /dev/null +++ b/cpp/autosar/test/rules/A4-5-1/enum.cpp.gcc @@ -0,0 +1,79 @@ +enum Street { Road, Lane, Avenue, Boulevard, Place }; + +Street operator&=(Street left, Street right) { return left; } +Street operator^=(Street left, int) { return left; } +Street operator>>=(Street left, int) { return left; } +Street operator<<=(Street left, int) { return left; } + +void test_enum() { + int arr[Street::Place] = {}; + Street e = Lane; // COMPLIANT + Lane == Lane; // COMPLIANT + Place != Place; // COMPLIANT + Road < Lane; // COMPLIANT + Avenue <= Avenue; // COMPLIANT + Place > Road; // COMPLIANT + Boulevard >= Avenue; // COMPLIANT + Place &Avenue; // COMPLIANT + arr[Road] = 1; // COMPLIANT + + // arithmetic + Avenue + Place; // NON_COMPLIANT + Place - Place; // NON_COMPLIANT + -Avenue; // NON_COMPLIANT + Road % 0; // NON_COMPLIANT + Avenue / 1; // NON_COMPLIANT + Boulevard * 2; // NON_COMPLIANT + + // logical + Lane &&Road; // NON_COMPLIANT + Place || Lane; // NON_COMPLIANT + !Road; // NON_COMPLIANT + + // bitwise + Boulevard | Boulevard; // NON_COMPLIANT + ~Lane; // NON_COMPLIANT + Place ^ Road; // NON_COMPLIANT + Road >> 1; // NON_COMPLIANT + Road << 1; // NON_COMPLIANT + Avenue &= Place; // NON_COMPLIANT + Road ^= Road; // NON_COMPLIANT + Road >>= Road; // NON_COMPLIANT + Road <<= Road; // NON_COMPLIANT +} + +void test_enum_var() { + Street a = Lane; // COMPLIANT + Street b = Road; // COMPLIANT + a == b; // COMPLIANT + a != b; // COMPLIANT + a < b; // COMPLIANT + a <= b; // COMPLIANT + a > b; // COMPLIANT + a >= b; // COMPLIANT + a &b; // COMPLIANT + + // arithmetic + a + a; // NON_COMPLIANT + a - a; // NON_COMPLIANT + -a; // NON_COMPLIANT + a % 0; // NON_COMPLIANT + a / 1; // NON_COMPLIANT + a * 2; // NON_COMPLIANT + + // logical + a &&b; // NON_COMPLIANT + a || b; // NON_COMPLIANT + !b; // NON_COMPLIANT + + // bitwise + a | b; // NON_COMPLIANT + ~a; // NON_COMPLIANT + a ^ b; // NON_COMPLIANT + a >> 1; // NON_COMPLIANT + a << 1; // NON_COMPLIANT + a &= b; // NON_COMPLIANT + // a ^= 1; // NON_COMPLIANT - this is compiler checked + // a >>= 1; // NON_COMPLIANT - this is compiler checked + // a <<= 1; // NON_COMPLIANT - this is compiler checked +} \ No newline at end of file diff --git a/cpp/autosar/test/rules/A4-5-1/enum.cpp.qcc b/cpp/autosar/test/rules/A4-5-1/enum.cpp.qcc new file mode 100644 index 0000000000..074aa4404f --- /dev/null +++ b/cpp/autosar/test/rules/A4-5-1/enum.cpp.qcc @@ -0,0 +1,79 @@ +enum Street { Road, Lane, Avenue, Boulevard, Place }; + +Street operator&=(Street left, Street right) { return left; } +Street operator^=(Street left, int) { return left; } +Street operator>>=(Street left, int) { return left; } +Street operator<<=(Street left, int) { return left; } + +void test_enum() { + int arr[Street::Place] = {}; + Street e = Lane; // COMPLIANT + Lane == Lane; // COMPLIANT + Place != Place; // COMPLIANT + Road < Lane; // COMPLIANT + Avenue <= Avenue; // COMPLIANT + Place > Road; // COMPLIANT + Boulevard >= Avenue; // COMPLIANT + Place &Avenue; // COMPLIANT + arr[Road] = 1; // COMPLIANT + + // arithmetic + Avenue + Place; // NON_COMPLIANT + Place - Place; // NON_COMPLIANT + -Avenue; // NON_COMPLIANT + Road % 0; // NON_COMPLIANT + Avenue / 1; // NON_COMPLIANT + Boulevard * 2; // NON_COMPLIANT + + // logical + Lane &&Road; // NON_COMPLIANT + Place || Lane; // NON_COMPLIANT + !Road; // NON_COMPLIANT + + // bitwise + Boulevard | Boulevard; // NON_COMPLIANT + ~Lane; // NON_COMPLIANT + Place ^ Road; // NON_COMPLIANT + Road >> 1; // NON_COMPLIANT + Road << 1; // NON_COMPLIANT + Avenue &= Place; // NON_COMPLIANT + Road ^= Road; // NON_COMPLIANT + Road >>= Road; // NON_COMPLIANT + Road <<= Road; // NON_COMPLIANT +} + +void test_enum_var() { + Street a = Lane; // COMPLIANT + Street b = Road; // COMPLIANT + a == b; // COMPLIANT + a != b; // COMPLIANT + a < b; // COMPLIANT + a <= b; // COMPLIANT + a > b; // COMPLIANT + a >= b; // COMPLIANT + a &b; // COMPLIANT + + // arithmetic + a + a; // NON_COMPLIANT + a - a; // NON_COMPLIANT + -a; // NON_COMPLIANT + a % 0; // NON_COMPLIANT + a / 1; // NON_COMPLIANT + a * 2; // NON_COMPLIANT + + // logical + a &&b; // NON_COMPLIANT + a || b; // NON_COMPLIANT + !b; // NON_COMPLIANT + + // bitwise + a | b; // NON_COMPLIANT + ~a; // NON_COMPLIANT + a ^ b; // NON_COMPLIANT + a >> 1; // NON_COMPLIANT + a << 1; // NON_COMPLIANT + a &= b; // NON_COMPLIANT + // a ^= 1; // NON_COMPLIANT - this is compiler checked + // a >>= 1; // NON_COMPLIANT - this is compiler checked + // a <<= 1; // NON_COMPLIANT - this is compiler checked +} \ No newline at end of file diff --git a/cpp/autosar/test/rules/A4-5-1/test.cpp b/cpp/autosar/test/rules/A4-5-1/test.cpp deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/cpp/autosar/test/rules/A5-2-2/options.qcc b/cpp/autosar/test/rules/A5-2-2/options.qcc new file mode 100644 index 0000000000..a275a21895 --- /dev/null +++ b/cpp/autosar/test/rules/A5-2-2/options.qcc @@ -0,0 +1 @@ +-I../../../../common/test/includes/custom-library \ No newline at end of file diff --git a/cpp/autosar/test/rules/A7-1-1/test.cpp b/cpp/autosar/test/rules/A7-1-1/test.cpp index 4ee62ed013..81c9beb804 100644 --- a/cpp/autosar/test/rules/A7-1-1/test.cpp +++ b/cpp/autosar/test/rules/A7-1-1/test.cpp @@ -66,8 +66,8 @@ class Issue18 { public: template void F(const T &s) { // ignore uninstantiated templates - std::ostream ostr; // COMPLIANT - ostr << s; // <= Modified here + std::ostream ostr(0); // COMPLIANT + ostr << s; // <= Modified here return; } }; From db071d3c37bc48288785a654db76868b7ae7ca0a Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 3 May 2023 14:27:46 +0200 Subject: [PATCH 1051/2573] Fix formatting --- .../test/rules/A1-1-1/CStandardLibraryHeadersAreDeprecated.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/A1-1-1/CStandardLibraryHeadersAreDeprecated.cpp b/cpp/autosar/test/rules/A1-1-1/CStandardLibraryHeadersAreDeprecated.cpp index c3d2664972..ce23be05f3 100644 --- a/cpp/autosar/test/rules/A1-1-1/CStandardLibraryHeadersAreDeprecated.cpp +++ b/cpp/autosar/test/rules/A1-1-1/CStandardLibraryHeadersAreDeprecated.cpp @@ -24,5 +24,5 @@ #include // NON_COMPLIANT #include // NON_COMPLIANT -#include // COMPLIANT +#include // COMPLIANT #include // COMPLIANT \ No newline at end of file From 0e882eda756e5407d401fb347439b24c619475ea Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 3 May 2023 17:30:31 +0200 Subject: [PATCH 1052/2573] Fix A7-1-1 test --- cpp/autosar/test/rules/A7-1-1/test.cpp | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/cpp/autosar/test/rules/A7-1-1/test.cpp b/cpp/autosar/test/rules/A7-1-1/test.cpp index 81c9beb804..2c32dc5aab 100644 --- a/cpp/autosar/test/rules/A7-1-1/test.cpp +++ b/cpp/autosar/test/rules/A7-1-1/test.cpp @@ -66,8 +66,7 @@ class Issue18 { public: template void F(const T &s) { // ignore uninstantiated templates - std::ostream ostr(0); // COMPLIANT - ostr << s; // <= Modified here + std::cout << s << '\n'; // COMPLIANT return; } }; From e1190d89b30c8379f1909056ede25c2bc65fc86f Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 3 May 2023 13:27:47 -0400 Subject: [PATCH 1053/2573] Improve fix for FP for issue 216 reintroduce omission wrappers --- .../A5-1-1/LiteralValueUsedOutsideTypeInit.ql | 4 ++++ .../LiteralValueUsedOutsideTypeInit.expected | 2 ++ cpp/autosar/test/rules/A5-1-1/test.cpp | 7 +++---- .../codingstandards/cpp/LoggingOperation.qll | 20 +++++++++---------- 4 files changed, 18 insertions(+), 15 deletions(-) diff --git a/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql b/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql index 69649f72b1..6d551474f3 100644 --- a/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql +++ b/cpp/autosar/src/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.ql @@ -26,6 +26,10 @@ where not exists(ConstructorCall cc | cc.getAnArgument() = l) and not exists(ConstructorFieldInit cf | cf.getExpr() = l) and not l = any(LoggingOperation logOp).getALoggedExpr().getAChild*() and + // Exclude arguments to wrapper functions (depth 1) + not exists(FunctionCall fc, LoggerOrStreamWrapperFunction w | + fc.getAnArgument() = l and w.getACallToThisFunction() = fc + ) and // Exclude Macros with names like *LOG not exists(MacroInvocation m | m.getMacroName().matches("%LOG") and m.getAnAffectedElement() = l) and // Exclude literal 0 diff --git a/cpp/autosar/test/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.expected b/cpp/autosar/test/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.expected index 9e783c3b14..3212f14efb 100644 --- a/cpp/autosar/test/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.expected +++ b/cpp/autosar/test/rules/A5-1-1/LiteralValueUsedOutsideTypeInit.expected @@ -1,3 +1,5 @@ | test.cpp:5:9:5:25 | constant string | Literal value "constant string" used outside of type initialization StringLiteral | | test.cpp:14:23:14:25 | 100 | Literal value 100 used outside of type initialization Literal | | test.cpp:54:7:54:7 | 1 | Literal value 1 used outside of type initialization Literal | +| test.cpp:75:23:75:28 | test | Literal value "test" used outside of type initialization StringLiteral | +| test.cpp:76:19:76:28 | not okay | Literal value "not okay" used outside of type initialization StringLiteral | diff --git a/cpp/autosar/test/rules/A5-1-1/test.cpp b/cpp/autosar/test/rules/A5-1-1/test.cpp index faaf188f32..4c4ad4fb30 100644 --- a/cpp/autosar/test/rules/A5-1-1/test.cpp +++ b/cpp/autosar/test/rules/A5-1-1/test.cpp @@ -72,10 +72,9 @@ void test_stream_two(std::ostream &os, const char *str, } void test_not_wrapper_stream(std::ostream &os, const char *str) noexcept { - test_stream_two( - os, "test", - "not okay"); // NON_COMPLIANT[FALSE_NEGATIVE] - test_stream_two is - // not actually exclusively a wrapper + test_stream_two(os, "test", + "not okay"); // NON_COMPLIANT - test_stream_two is + // not actually exclusively a wrapper } #define MACRO_LOG(test_str) \ diff --git a/cpp/common/src/codingstandards/cpp/LoggingOperation.qll b/cpp/common/src/codingstandards/cpp/LoggingOperation.qll index 4cfcafeaae..de2201a5cd 100644 --- a/cpp/common/src/codingstandards/cpp/LoggingOperation.qll +++ b/cpp/common/src/codingstandards/cpp/LoggingOperation.qll @@ -20,10 +20,12 @@ class OutputWriteLogging extends LoggingOperation, OutputWrite { /** * A `FileStreamFunctionCall` operation is considered a log operation for Coding Standards purposes. */ -class FileStreamLogging extends LoggingOperation, FileStreamFunctionCall { - override Expr getALoggedExpr() { result = getAnArgument() } +class FileStreamLogging extends LoggingOperation { + FileStreamLogging() { this instanceof FileStreamFunctionCall } + + override Expr getALoggedExpr() { result = this.(FileStreamFunctionCall).getAnArgument() } - override Expr getFStream() { result = this.getQualifier() } + Expr getFStream() { result = this.(FileStreamFunctionCall).getQualifier() } } /** A call which looks like `printf`. */ @@ -39,14 +41,10 @@ class PrintfLikeCall extends LoggingOperation, Call { */ class LoggerOrStreamWrapperFunction extends Function { LoggerOrStreamWrapperFunction() { - forall(Parameter p | p.getFunction() = this | - forall(VariableAccess va | va = p.getAnAccess() | - ( - any(FileStreamFunctionCall fc).getAnArgument().getAChild*() = va - or - any(LoggingOperation logOp).getALoggedExpr().getAChild*() = va - ) - ) + forall(VariableAccess va | + exists(Parameter p | p.getFunction() = this and va = p.getAnAccess()) + | + any(LoggingOperation logOp).getALoggedExpr().getAChild*() = va ) } } From 7e4d625c8c2119810ea21701928586d617be14ae Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 4 May 2023 17:06:07 +0200 Subject: [PATCH 1054/2573] A18-1-2: inline namespace `std::__1::vector` --- .../src/rules/A18-1-2/VectorboolSpecializationUsed.ql | 7 ++++++- .../A18-1-2/VectorboolSpecializationUsed.expected.clang | 7 +++++++ .../A18-1-2/VectorboolSpecializationUsed.expected.gcc | 7 +++++++ .../A18-1-2/VectorboolSpecializationUsed.expected.qcc | 7 +++++++ 4 files changed, 27 insertions(+), 1 deletion(-) create mode 100644 cpp/autosar/test/rules/A18-1-2/VectorboolSpecializationUsed.expected.clang create mode 100644 cpp/autosar/test/rules/A18-1-2/VectorboolSpecializationUsed.expected.gcc create mode 100644 cpp/autosar/test/rules/A18-1-2/VectorboolSpecializationUsed.expected.qcc diff --git a/cpp/autosar/src/rules/A18-1-2/VectorboolSpecializationUsed.ql b/cpp/autosar/src/rules/A18-1-2/VectorboolSpecializationUsed.ql index 9d3e315f08..28bfbdd5d9 100644 --- a/cpp/autosar/src/rules/A18-1-2/VectorboolSpecializationUsed.ql +++ b/cpp/autosar/src/rules/A18-1-2/VectorboolSpecializationUsed.ql @@ -19,7 +19,12 @@ import cpp import codingstandards.cpp.autosar predicate isVectorBool(ClassTemplateInstantiation c) { - c.getNamespace() instanceof StdNamespace and + ( + c.getNamespace() instanceof StdNamespace + or + c.getNamespace().isInline() and + c.getNamespace().getParentNamespace() instanceof StdNamespace + ) and c.getTemplateArgument(0) instanceof BoolType and c.getSimpleName() = "vector" } diff --git a/cpp/autosar/test/rules/A18-1-2/VectorboolSpecializationUsed.expected.clang b/cpp/autosar/test/rules/A18-1-2/VectorboolSpecializationUsed.expected.clang new file mode 100644 index 0000000000..570c7c18ea --- /dev/null +++ b/cpp/autosar/test/rules/A18-1-2/VectorboolSpecializationUsed.expected.clang @@ -0,0 +1,7 @@ +| test.cpp:3:19:3:19 | g | Use of std::vector specialization. | +| test.cpp:18:21:18:21 | l | Use of std::vector specialization. | +| test.cpp:20:8:20:9 | l3 | Use of std::vector specialization. | +| test.cpp:23:34:23:35 | l6 | Use of std::vector specialization. | +| test.cpp:24:47:24:48 | l7 | Use of std::vector specialization. | +| test.cpp:27:36:27:37 | it | Use of std::vector specialization. | +| test.cpp:34:40:34:41 | d3 | Use of std::vector specialization. | diff --git a/cpp/autosar/test/rules/A18-1-2/VectorboolSpecializationUsed.expected.gcc b/cpp/autosar/test/rules/A18-1-2/VectorboolSpecializationUsed.expected.gcc new file mode 100644 index 0000000000..570c7c18ea --- /dev/null +++ b/cpp/autosar/test/rules/A18-1-2/VectorboolSpecializationUsed.expected.gcc @@ -0,0 +1,7 @@ +| test.cpp:3:19:3:19 | g | Use of std::vector specialization. | +| test.cpp:18:21:18:21 | l | Use of std::vector specialization. | +| test.cpp:20:8:20:9 | l3 | Use of std::vector specialization. | +| test.cpp:23:34:23:35 | l6 | Use of std::vector specialization. | +| test.cpp:24:47:24:48 | l7 | Use of std::vector specialization. | +| test.cpp:27:36:27:37 | it | Use of std::vector specialization. | +| test.cpp:34:40:34:41 | d3 | Use of std::vector specialization. | diff --git a/cpp/autosar/test/rules/A18-1-2/VectorboolSpecializationUsed.expected.qcc b/cpp/autosar/test/rules/A18-1-2/VectorboolSpecializationUsed.expected.qcc new file mode 100644 index 0000000000..570c7c18ea --- /dev/null +++ b/cpp/autosar/test/rules/A18-1-2/VectorboolSpecializationUsed.expected.qcc @@ -0,0 +1,7 @@ +| test.cpp:3:19:3:19 | g | Use of std::vector specialization. | +| test.cpp:18:21:18:21 | l | Use of std::vector specialization. | +| test.cpp:20:8:20:9 | l3 | Use of std::vector specialization. | +| test.cpp:23:34:23:35 | l6 | Use of std::vector specialization. | +| test.cpp:24:47:24:48 | l7 | Use of std::vector specialization. | +| test.cpp:27:36:27:37 | it | Use of std::vector specialization. | +| test.cpp:34:40:34:41 | d3 | Use of std::vector specialization. | From d5073a8c2a4ca587989d63bceac7097d06caefbf Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 4 May 2023 17:10:05 +0200 Subject: [PATCH 1055/2573] A18-1-3: inline namespace std::__1:auto_ptr --- cpp/autosar/src/rules/A18-1-3/AutoPtrTypeUsed.ql | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/cpp/autosar/src/rules/A18-1-3/AutoPtrTypeUsed.ql b/cpp/autosar/src/rules/A18-1-3/AutoPtrTypeUsed.ql index beb93c739a..a109700b1d 100644 --- a/cpp/autosar/src/rules/A18-1-3/AutoPtrTypeUsed.ql +++ b/cpp/autosar/src/rules/A18-1-3/AutoPtrTypeUsed.ql @@ -17,7 +17,12 @@ import cpp import codingstandards.cpp.autosar predicate isAutoPtr(ClassTemplateInstantiation c) { - c.getNamespace() instanceof StdNamespace and + ( + c.getNamespace() instanceof StdNamespace + or + c.getNamespace().isInline() and + c.getNamespace().getParentNamespace() instanceof StdNamespace + ) and c.getSimpleName() = "auto_ptr" } From 10641274700942cb15afcec2102b297e52b5f54b Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 4 May 2023 11:20:50 -0400 Subject: [PATCH 1056/2573] Mutex --- scripts/matrix_testing/CreateMatrixTestReport.ps1 | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/scripts/matrix_testing/CreateMatrixTestReport.ps1 b/scripts/matrix_testing/CreateMatrixTestReport.ps1 index d80e87e426..0a1b9e6063 100644 --- a/scripts/matrix_testing/CreateMatrixTestReport.ps1 +++ b/scripts/matrix_testing/CreateMatrixTestReport.ps1 @@ -299,6 +299,11 @@ $jobRows = $queriesToCheck | ForEach-Object -ThrottleLimit $NumThreads -Parallel foreach($testDirectory in $testDirs){ + Write-Host "Aquiring lock for $testDirectory" + $Mutex = New-Object -TypeName System.Threading.Mutex -ArgumentList $false, ("__Matrix_" + $testDirectory.Replace("\","_")); + $Mutex.WaitOne() | Out-Null; + Write-Host "Locked $testDirectory" + # for the report $row = @{ "SUITE" = $CurrentSuiteName; @@ -412,6 +417,8 @@ $jobRows = $queriesToCheck | ForEach-Object -ThrottleLimit $NumThreads -Parallel # output current row state $row + # release any held mutexes + $Mutex.ReleaseMutex(); ########################################################### ########################################################### @@ -423,6 +430,8 @@ $jobRows = $queriesToCheck | ForEach-Object -ThrottleLimit $NumThreads -Parallel } } # go to next row + + } # combine the outputs From 823df9e6309b8004da05a3288119bd3b43d5f4cf Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 4 May 2023 17:21:40 +0200 Subject: [PATCH 1057/2573] A18-9-1: add `std::__1` namespace --- cpp/autosar/src/rules/A18-9-1/BindUsed.ql | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cpp/autosar/src/rules/A18-9-1/BindUsed.ql b/cpp/autosar/src/rules/A18-9-1/BindUsed.ql index d53d6ecf76..1c2f9b0351 100644 --- a/cpp/autosar/src/rules/A18-9-1/BindUsed.ql +++ b/cpp/autosar/src/rules/A18-9-1/BindUsed.ql @@ -17,7 +17,10 @@ import cpp import codingstandards.cpp.autosar predicate isBind(FunctionCall fc) { - fc.getTarget().getQualifiedName() in ["std::bind", "std::bind1st", "std::bind2nd"] + fc.getTarget().getQualifiedName() in [ + ["std::bind", "std::bind1st", "std::bind2nd",], + ["std::__1::bind", "std::__1::bind1st", "std::__1::bind2nd"] + ] } from FunctionCall fc From 0c9d7c5b27e539dae9f45f7ec9675e96a6234139 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 4 May 2023 11:22:32 -0400 Subject: [PATCH 1058/2573] spelling --- scripts/matrix_testing/CreateMatrixTestReport.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/matrix_testing/CreateMatrixTestReport.ps1 b/scripts/matrix_testing/CreateMatrixTestReport.ps1 index 0a1b9e6063..76701b09e6 100644 --- a/scripts/matrix_testing/CreateMatrixTestReport.ps1 +++ b/scripts/matrix_testing/CreateMatrixTestReport.ps1 @@ -299,7 +299,7 @@ $jobRows = $queriesToCheck | ForEach-Object -ThrottleLimit $NumThreads -Parallel foreach($testDirectory in $testDirs){ - Write-Host "Aquiring lock for $testDirectory" + Write-Host "Acquiring lock for $testDirectory" $Mutex = New-Object -TypeName System.Threading.Mutex -ArgumentList $false, ("__Matrix_" + $testDirectory.Replace("\","_")); $Mutex.WaitOne() | Out-Null; Write-Host "Locked $testDirectory" From 01ae8db56d0ac4093c65ab5ae7be38faf810a44b Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Thu, 4 May 2023 11:34:48 -0400 Subject: [PATCH 1059/2573] replace things --- scripts/matrix_testing/CreateMatrixTestReport.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/matrix_testing/CreateMatrixTestReport.ps1 b/scripts/matrix_testing/CreateMatrixTestReport.ps1 index 76701b09e6..1029ae5b10 100644 --- a/scripts/matrix_testing/CreateMatrixTestReport.ps1 +++ b/scripts/matrix_testing/CreateMatrixTestReport.ps1 @@ -300,7 +300,7 @@ $jobRows = $queriesToCheck | ForEach-Object -ThrottleLimit $NumThreads -Parallel foreach($testDirectory in $testDirs){ Write-Host "Acquiring lock for $testDirectory" - $Mutex = New-Object -TypeName System.Threading.Mutex -ArgumentList $false, ("__Matrix_" + $testDirectory.Replace("\","_")); + $Mutex = New-Object -TypeName System.Threading.Mutex -ArgumentList $false, ("__Matrix_" + $testDirectory.Replace([IO.Path]::DirectorySeparatorChar,"_")); $Mutex.WaitOne() | Out-Null; Write-Host "Locked $testDirectory" From 19b39bb0fccca4b75e374a424aa86fafa6aa924c Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 4 May 2023 18:13:58 +0200 Subject: [PATCH 1060/2573] Fix tests --- cpp/autosar/test/rules/A2-3-1/test.cpp.gcc | 4 ++-- cpp/autosar/test/rules/A2-3-1/test.cpp.qcc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/cpp/autosar/test/rules/A2-3-1/test.cpp.gcc b/cpp/autosar/test/rules/A2-3-1/test.cpp.gcc index 84c12523d9..6a174f48cb 100644 --- a/cpp/autosar/test/rules/A2-3-1/test.cpp.gcc +++ b/cpp/autosar/test/rules/A2-3-1/test.cpp.gcc @@ -1,8 +1,8 @@ // It is valid to use @ in comments COMPLIANT // Invalid character α NON_COMPLIANT -// double α = 2.; // NON_COMPLIANT; U+03b1 - this is compiler checked -// void *to_𐆅_and_beyond = nullptr; // NON_COMPLIANT; U+10185 - this is compiler checked + + int l1_\u00A8; // COMPLIANT[FALSE_POSITIVE] const char *euro = "α"; // NON_COMPLIANT diff --git a/cpp/autosar/test/rules/A2-3-1/test.cpp.qcc b/cpp/autosar/test/rules/A2-3-1/test.cpp.qcc index 84c12523d9..6a174f48cb 100644 --- a/cpp/autosar/test/rules/A2-3-1/test.cpp.qcc +++ b/cpp/autosar/test/rules/A2-3-1/test.cpp.qcc @@ -1,8 +1,8 @@ // It is valid to use @ in comments COMPLIANT // Invalid character α NON_COMPLIANT -// double α = 2.; // NON_COMPLIANT; U+03b1 - this is compiler checked -// void *to_𐆅_and_beyond = nullptr; // NON_COMPLIANT; U+10185 - this is compiler checked + + int l1_\u00A8; // COMPLIANT[FALSE_POSITIVE] const char *euro = "α"; // NON_COMPLIANT From 1dbba6708d339ed74c9407b0e1d36d30f329b631 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 4 May 2023 18:20:34 +0200 Subject: [PATCH 1061/2573] Fix tests --- cpp/autosar/test/rules/A2-3-1/test.cpp.gcc | 4 ++-- cpp/autosar/test/rules/A2-3-1/test.cpp.qcc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/cpp/autosar/test/rules/A2-3-1/test.cpp.gcc b/cpp/autosar/test/rules/A2-3-1/test.cpp.gcc index 6a174f48cb..82dd6f7bcc 100644 --- a/cpp/autosar/test/rules/A2-3-1/test.cpp.gcc +++ b/cpp/autosar/test/rules/A2-3-1/test.cpp.gcc @@ -1,8 +1,8 @@ // It is valid to use @ in comments COMPLIANT // Invalid character α NON_COMPLIANT - - +// double # = 2.; // NON_COMPLIANT; U+03b1 - this is compiler checked +// void *to_#_and_beyond = nullptr; // NON_COMPLIANT; U+10185 - this is compiler checked int l1_\u00A8; // COMPLIANT[FALSE_POSITIVE] const char *euro = "α"; // NON_COMPLIANT diff --git a/cpp/autosar/test/rules/A2-3-1/test.cpp.qcc b/cpp/autosar/test/rules/A2-3-1/test.cpp.qcc index 6a174f48cb..82dd6f7bcc 100644 --- a/cpp/autosar/test/rules/A2-3-1/test.cpp.qcc +++ b/cpp/autosar/test/rules/A2-3-1/test.cpp.qcc @@ -1,8 +1,8 @@ // It is valid to use @ in comments COMPLIANT // Invalid character α NON_COMPLIANT - - +// double # = 2.; // NON_COMPLIANT; U+03b1 - this is compiler checked +// void *to_#_and_beyond = nullptr; // NON_COMPLIANT; U+10185 - this is compiler checked int l1_\u00A8; // COMPLIANT[FALSE_POSITIVE] const char *euro = "α"; // NON_COMPLIANT From 2036ff28b205df95e54277956d5cef7d93f09318 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Fri, 5 May 2023 01:20:49 +0200 Subject: [PATCH 1062/2573] M6-5-2 M17-0-5 --- .../rules/M17-0-5/SetjmpMacroAndTheLongjmpFunctionUsed.ql | 5 ++++- cpp/autosar/src/rules/M6-5-2/tempfile | 0 .../SetjmpMacroAndTheLongjmpFunctionUsed.expected.qcc | 4 ++++ cpp/common/src/codingstandards/cpp/Loops.qll | 3 ++- 4 files changed, 10 insertions(+), 2 deletions(-) create mode 100644 cpp/autosar/src/rules/M6-5-2/tempfile create mode 100644 cpp/autosar/test/rules/M17-0-5/SetjmpMacroAndTheLongjmpFunctionUsed.expected.qcc diff --git a/cpp/autosar/src/rules/M17-0-5/SetjmpMacroAndTheLongjmpFunctionUsed.ql b/cpp/autosar/src/rules/M17-0-5/SetjmpMacroAndTheLongjmpFunctionUsed.ql index 6a6f55e0f4..7f193b1c4c 100644 --- a/cpp/autosar/src/rules/M17-0-5/SetjmpMacroAndTheLongjmpFunctionUsed.ql +++ b/cpp/autosar/src/rules/M17-0-5/SetjmpMacroAndTheLongjmpFunctionUsed.ql @@ -16,7 +16,10 @@ import cpp import codingstandards.cpp.autosar -predicate isLongJumpCall(FunctionCall fc) { fc.getTarget().hasGlobalOrStdName("longjmp") } +predicate isLongJumpCall(Locatable fc) { + fc.(FunctionCall).getTarget().hasGlobalOrStdName("longjmp") or + fc.(MacroInvocation).getMacroName() = "longjmp" +} predicate isSetJumpCall(MacroInvocation mi) { mi.getMacroName() = "setjmp" } diff --git a/cpp/autosar/src/rules/M6-5-2/tempfile b/cpp/autosar/src/rules/M6-5-2/tempfile new file mode 100644 index 0000000000..e69de29bb2 diff --git a/cpp/autosar/test/rules/M17-0-5/SetjmpMacroAndTheLongjmpFunctionUsed.expected.qcc b/cpp/autosar/test/rules/M17-0-5/SetjmpMacroAndTheLongjmpFunctionUsed.expected.qcc new file mode 100644 index 0000000000..462248cca3 --- /dev/null +++ b/cpp/autosar/test/rules/M17-0-5/SetjmpMacroAndTheLongjmpFunctionUsed.expected.qcc @@ -0,0 +1,4 @@ +| test.cpp:7:9:7:19 | setjmp(__env) | Use of banned setjmp macro. | +| test.cpp:12:3:12:9 | longjmp(__env,__val) | Use of banned longjmp function. | +| test.cpp:14:3:14:9 | longjmp(__env,__val) | Use of banned longjmp function. | +| test.cpp:16:9:16:19 | setjmp(__env) | Use of banned setjmp macro. | diff --git a/cpp/common/src/codingstandards/cpp/Loops.qll b/cpp/common/src/codingstandards/cpp/Loops.qll index 82746b036c..c7a338a8dd 100644 --- a/cpp/common/src/codingstandards/cpp/Loops.qll +++ b/cpp/common/src/codingstandards/cpp/Loops.qll @@ -173,7 +173,8 @@ predicate isInvalidForLoopIncrementation(ForStmt forLoop, Variable v, VariableAc exists(EqualityOperation eop | eop.getAnOperand() = va) or exists(Call call | - call.getTarget() instanceof UserEqualityOperator and call.getQualifier() = va + call.getTarget() instanceof UserEqualityOperator and + [call.getQualifier(), call.getArgument(0)] = va ) ) } From ac739c8301ac881871a74f4b85b7a82b3c1371a9 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Fri, 5 May 2023 15:04:49 +0200 Subject: [PATCH 1063/2573] Fix Autosar tests when compiled with `qcc` --- .../A18-1-2/VectorboolSpecializationUsed.ql | 16 ++++--- .../M6-5-2 => test/rules/A23-0-1}/tempfile | 0 .../test/rules/A23-0-2/tempfile} | 0 .../SingleUseMemberPODVariable.expected | 1 - cpp/autosar/test/rules/M0-1-4/test.cpp | 3 +- .../test/rules/M6-5-2/tempfile} | 0 .../src/codingstandards/cpp/Iterators.qll | 42 +++++++++---------- .../ExitHandlerThrowsException.qll | 2 +- .../cpp/standardlibrary/CStdLib.qll | 6 +-- 9 files changed, 36 insertions(+), 34 deletions(-) rename cpp/autosar/{src/rules/M6-5-2 => test/rules/A23-0-1}/tempfile (100%) rename cpp/{common/test/rules/exithandlerthrowsexception/test.cpp => autosar/test/rules/A23-0-2/tempfile} (100%) rename cpp/{common/test/rules/explicitabrupttermination/test.cpp => autosar/test/rules/M6-5-2/tempfile} (100%) diff --git a/cpp/autosar/src/rules/A18-1-2/VectorboolSpecializationUsed.ql b/cpp/autosar/src/rules/A18-1-2/VectorboolSpecializationUsed.ql index 28bfbdd5d9..5dcd2b4f8b 100644 --- a/cpp/autosar/src/rules/A18-1-2/VectorboolSpecializationUsed.ql +++ b/cpp/autosar/src/rules/A18-1-2/VectorboolSpecializationUsed.ql @@ -18,13 +18,17 @@ import cpp import codingstandards.cpp.autosar -predicate isVectorBool(ClassTemplateInstantiation c) { - ( - c.getNamespace() instanceof StdNamespace +class StdNS extends Namespace { + StdNS() { + this instanceof StdNamespace or - c.getNamespace().isInline() and - c.getNamespace().getParentNamespace() instanceof StdNamespace - ) and + this.isInline() and + this.getParentNamespace() instanceof StdNS + } +} + +predicate isVectorBool(ClassTemplateInstantiation c) { + c.getNamespace() instanceof StdNS and c.getTemplateArgument(0) instanceof BoolType and c.getSimpleName() = "vector" } diff --git a/cpp/autosar/src/rules/M6-5-2/tempfile b/cpp/autosar/test/rules/A23-0-1/tempfile similarity index 100% rename from cpp/autosar/src/rules/M6-5-2/tempfile rename to cpp/autosar/test/rules/A23-0-1/tempfile diff --git a/cpp/common/test/rules/exithandlerthrowsexception/test.cpp b/cpp/autosar/test/rules/A23-0-2/tempfile similarity index 100% rename from cpp/common/test/rules/exithandlerthrowsexception/test.cpp rename to cpp/autosar/test/rules/A23-0-2/tempfile diff --git a/cpp/autosar/test/rules/M0-1-4/SingleUseMemberPODVariable.expected b/cpp/autosar/test/rules/M0-1-4/SingleUseMemberPODVariable.expected index 89d048d67a..f4309e7a4d 100644 --- a/cpp/autosar/test/rules/M0-1-4/SingleUseMemberPODVariable.expected +++ b/cpp/autosar/test/rules/M0-1-4/SingleUseMemberPODVariable.expected @@ -1,4 +1,3 @@ -| test.cpp:36:24:36:29 | unused | Member POD variable unused in C1 is only $@. | test.cpp:36:31:36:31 | initializer for unused | used once | | test_global_or_namespace.cpp:16:7:16:7 | x | Member POD variable x in GA is only $@. | test_global_or_namespace.cpp:38:6:38:6 | x | used once | | test_global_or_namespace.cpp:54:7:54:7 | x | Member POD variable x in N1A is only $@. | test_global_or_namespace.cpp:76:6:76:6 | x | used once | | test_member.cpp:5:7:5:8 | m2 | Member POD variable m2 in A is only $@. | test_member.cpp:9:21:9:25 | constructor init of field m2 | used once | diff --git a/cpp/autosar/test/rules/M0-1-4/test.cpp b/cpp/autosar/test/rules/M0-1-4/test.cpp index e6ab55c24a..74771c9ea2 100644 --- a/cpp/autosar/test/rules/M0-1-4/test.cpp +++ b/cpp/autosar/test/rules/M0-1-4/test.cpp @@ -33,8 +33,7 @@ void test_templates() { } class C1 { - static constexpr int unused{1}; // NON_COMPLIANT - static constexpr int used{2}; // COMPLIANT + static constexpr int used{2}; // COMPLIANT int test_use() { return used; } static constexpr int size{3}; // COMPLIANT std::array array{false, false}; // size is used here diff --git a/cpp/common/test/rules/explicitabrupttermination/test.cpp b/cpp/autosar/test/rules/M6-5-2/tempfile similarity index 100% rename from cpp/common/test/rules/explicitabrupttermination/test.cpp rename to cpp/autosar/test/rules/M6-5-2/tempfile diff --git a/cpp/common/src/codingstandards/cpp/Iterators.qll b/cpp/common/src/codingstandards/cpp/Iterators.qll index a9d45d5e36..8974af2ba1 100644 --- a/cpp/common/src/codingstandards/cpp/Iterators.qll +++ b/cpp/common/src/codingstandards/cpp/Iterators.qll @@ -6,6 +6,15 @@ import cpp import semmle.code.cpp.dataflow.DataFlow import semmle.code.cpp.dataflow.TaintTracking +class StdNS extends Namespace { + StdNS() { + this instanceof StdNamespace + or + this.isInline() and + this.getParentNamespace() instanceof StdNS + } +} + abstract class ContainerAccess extends VariableAccess { abstract Variable getOwningContainer(); } @@ -168,11 +177,7 @@ class ContainerInvalidationOperation extends FunctionCall { ] ) or - exists(FunctionCall fc | - fc.getTarget().getNamespace().getName() = "std" and - fc.getTarget().getName() in ["swap", "operator>>", "getline"] and - this = fc - ) + this.getTarget().hasGlobalOrStdName(["swap", "operator>>", "getline"]) ) ) } @@ -195,7 +200,7 @@ class ContainerInvalidationOperation extends FunctionCall { /** An iterator type in the `std` namespace. */ class StdIteratorType extends UserType { StdIteratorType() { - getNamespace().getName() = "std" and + this.getNamespace() instanceof StdNS and getSimpleName().matches("%_iterator") and not getSimpleName().matches("const_%") } @@ -247,16 +252,11 @@ class AdditiveOperatorFunctionCall extends FunctionCall { */ class STLContainer extends Class { STLContainer() { - getNamespace().getName() = "std" and - getSimpleName() in [ + this.hasGlobalOrStdName([ "vector", "list", "deque", "set", "multiset", "map", "multimap", "stack", "queue", "priority_queue", "string", "forward_list", "unordered_set", "unordered_multiset", "unordered_map", "unordered_multimap", "valarray", "string", "basic_string" - ] - or - getSimpleName() = "string" - or - getSimpleName() = "basic_string" + ]) } /** @@ -291,7 +291,7 @@ class STLContainer extends Class { IteratorSource getAConstIteratorEndFunctionCall() { result = getACallTo("cend") } IteratorSource getANonConstIteratorFunctionCall() { - result = getACallToAFunction() and + //result = this.getACallToAFunction() and result.getTarget().getType() instanceof NonConstIteratorType } @@ -343,24 +343,24 @@ class STLContainerVariable extends Variable { * to create this functionality. */ class IteratorRangeModel extends Function { - IteratorRangeModel() { hasQualifiedName("std", "lexicographical_compare") } + IteratorRangeModel() { this.hasGlobalOrStdName("lexicographical_compare") } int getAnIndexOfAStartRange() { - (hasQualifiedName("std", "lexicographical_compare") and result = [0, 1]) + (this.hasGlobalOrStdName("lexicographical_compare") and result = [0, 1]) } int getAnIndexOfAEndRange() { - (hasQualifiedName("std", "lexicographical_compare") and result = [2, 3]) + (this.hasGlobalOrStdName("lexicographical_compare") and result = [2, 3]) } int getAnIteratorArgumentIndex() { - (hasQualifiedName("std", "lexicographical_compare") and result = [0, 1, 2, 3]) + (this.hasGlobalOrStdName("lexicographical_compare") and result = [0, 1, 2, 3]) } predicate getAPairOfStartEndIndexes(int start, int end) { - hasQualifiedName("std", "lexicographical_compare") and start = 0 and end = 1 + this.hasGlobalOrStdName("lexicographical_compare") and start = 0 and end = 1 or - hasQualifiedName("std", "lexicographical_compare") and start = 2 and end = 3 + this.hasGlobalOrStdName("lexicographical_compare") and start = 2 and end = 3 } } @@ -378,7 +378,7 @@ class IteratorRangeFunctionCall extends FunctionCall { count(Expr e | e = getAnArgument() and e.getType() instanceof IteratorType and - getTarget().getNamespace().getName() = "std" and + getTarget().getNamespace() instanceof StdNS and not getTarget().getName() in ["operator==", "operator!="] ) > 1 } diff --git a/cpp/common/src/codingstandards/cpp/rules/exithandlerthrowsexception/ExitHandlerThrowsException.qll b/cpp/common/src/codingstandards/cpp/rules/exithandlerthrowsexception/ExitHandlerThrowsException.qll index 6d145bbf0a..3f1efdc18e 100644 --- a/cpp/common/src/codingstandards/cpp/rules/exithandlerthrowsexception/ExitHandlerThrowsException.qll +++ b/cpp/common/src/codingstandards/cpp/rules/exithandlerthrowsexception/ExitHandlerThrowsException.qll @@ -17,7 +17,7 @@ class ExitHandler extends ExceptionThrowingFunction { Call c; ExitHandler() { - c.getTarget().hasQualifiedName("std", ["atexit", "at_quick_exit"]) and + c.getTarget().hasGlobalOrStdName(["atexit", "at_quick_exit"]) and c.getArgument(0) = this.getAnAccess() } diff --git a/cpp/common/src/codingstandards/cpp/standardlibrary/CStdLib.qll b/cpp/common/src/codingstandards/cpp/standardlibrary/CStdLib.qll index c91cc4a6c4..5a9a1f5324 100644 --- a/cpp/common/src/codingstandards/cpp/standardlibrary/CStdLib.qll +++ b/cpp/common/src/codingstandards/cpp/standardlibrary/CStdLib.qll @@ -4,15 +4,15 @@ import cpp /** The function `std::quick_exit`. */ class StdQuickExit extends Function { - StdQuickExit() { hasQualifiedName("std", "quick_exit") } + StdQuickExit() { this.hasGlobalOrStdName("quick_exit") } } /** The function `std::abort`. */ class StdAbort extends Function { - StdAbort() { hasQualifiedName("std", "abort") } + StdAbort() { this.hasGlobalOrStdName("abort") } } /** The function `std::_Exit`. */ class Std_Exit extends Function { - Std_Exit() { hasQualifiedName("std", "_Exit") } + Std_Exit() { this.hasGlobalOrStdName("_Exit") } } From 0c55ce728826ff25aee167db9c4c361426f126df Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Fri, 5 May 2023 17:07:23 +0200 Subject: [PATCH 1064/2573] The file `test.cpp` is required by the CI for shared queries --- cpp/common/test/rules/explicitabrupttermination/test.cpp | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 cpp/common/test/rules/explicitabrupttermination/test.cpp diff --git a/cpp/common/test/rules/explicitabrupttermination/test.cpp b/cpp/common/test/rules/explicitabrupttermination/test.cpp new file mode 100644 index 0000000000..e69de29bb2 From b128546062ec2e849a128c91f6903e58d6cfabd3 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Fri, 5 May 2023 17:10:29 +0200 Subject: [PATCH 1065/2573] Needed for CI --- cpp/common/test/rules/exithandlerthrowsexception/test.cpp | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 cpp/common/test/rules/exithandlerthrowsexception/test.cpp diff --git a/cpp/common/test/rules/exithandlerthrowsexception/test.cpp b/cpp/common/test/rules/exithandlerthrowsexception/test.cpp new file mode 100644 index 0000000000..e69de29bb2 From a9f4dd450b2ccf775d79b3ab51394eec0d236fca Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Fri, 5 May 2023 18:35:36 +0200 Subject: [PATCH 1066/2573] A1-1-1: restrict to type mentions --- .vscode/settings.json | 20 +++++++++++++++ .../A1-1-1/StrstreamTypesAreDeprecated.ql | 7 +++--- .../StrstreamTypesAreDeprecated.expected | 25 ++++++++----------- .../test/rules/A18-9-1/BindUsed.expected.qcc | 3 +++ ...citlyConvertedToConstIterator.expected.qcc | 10 ++++++++ ...acroAndTheLongjmpFunctionUsed.expected.qcc | 4 +-- 6 files changed, 49 insertions(+), 20 deletions(-) create mode 100644 .vscode/settings.json create mode 100644 cpp/autosar/test/rules/A18-9-1/BindUsed.expected.qcc create mode 100644 cpp/autosar/test/rules/A23-0-1/IteratorImplicitlyConvertedToConstIterator.expected.qcc diff --git a/.vscode/settings.json b/.vscode/settings.json new file mode 100644 index 0000000000..4db7b27c49 --- /dev/null +++ b/.vscode/settings.json @@ -0,0 +1,20 @@ +{ + "sarif-viewer.connectToGithubCodeScanning": "off", + "codeQL.cli.executablePath": "/Users/mauro/GitHub/coding-standards/codeql-bundle-20220908/codeql", + "codeQL.runningQueries.numberOfThreads": 0, + "codeQL.runningTests.numberOfThreads": 0, + "codeQL.runningQueries.autoSave": true, + "codeQL.runningQueries.debug": true, + "files.associations": { + "*.jq": "json", + "*.py": "python", + "*.expected": "csv (pipe)", + "*.actual": "csv (pipe)", + "*.qls": "yaml", + "*.qcc": "cpp", + "*.gcc": "cpp", + "iosfwd": "cpp", + "fstream": "cpp", + "iostream": "cpp" + } +} \ No newline at end of file diff --git a/cpp/autosar/src/rules/A1-1-1/StrstreamTypesAreDeprecated.ql b/cpp/autosar/src/rules/A1-1-1/StrstreamTypesAreDeprecated.ql index ee55364f67..081083c576 100644 --- a/cpp/autosar/src/rules/A1-1-1/StrstreamTypesAreDeprecated.ql +++ b/cpp/autosar/src/rules/A1-1-1/StrstreamTypesAreDeprecated.ql @@ -14,11 +14,10 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.TypeUses -from Class c, Locatable l +from TypeMention l, Class c where not isExcluded(l, ToolchainPackage::strstreamTypesAreDeprecatedQuery()) and c.hasQualifiedName("std", ["strstreambuf", "ostrstream", "istrstream"]) and - exists(Type t | t = c | l = getATypeUse(t)) -select l, "Use of class '" + c.getQualifiedName() + "' is deprecated." + l.getMentionedType() = c +select l, "Use of class '" + c.getName() + "' is deprecated." diff --git a/cpp/autosar/test/rules/A1-1-1/StrstreamTypesAreDeprecated.expected b/cpp/autosar/test/rules/A1-1-1/StrstreamTypesAreDeprecated.expected index d78de102ed..a8faadd3e8 100644 --- a/cpp/autosar/test/rules/A1-1-1/StrstreamTypesAreDeprecated.expected +++ b/cpp/autosar/test/rules/A1-1-1/StrstreamTypesAreDeprecated.expected @@ -1,14 +1,11 @@ -| StrstreamTypesAreDeprecated.cpp:4:21:4:21 | x | Use of class 'std::strstreambuf' is deprecated. | -| StrstreamTypesAreDeprecated.cpp:7:20:7:21 | f1 | Use of class 'std::strstreambuf' is deprecated. | -| StrstreamTypesAreDeprecated.cpp:12:19:12:20 | i1 | Use of class 'std::istrstream' is deprecated. | -| StrstreamTypesAreDeprecated.cpp:12:22:12:27 | call to istrstream | Use of class 'std::istrstream' is deprecated. | -| StrstreamTypesAreDeprecated.cpp:14:19:14:20 | i2 | Use of class 'std::istrstream' is deprecated. | -| StrstreamTypesAreDeprecated.cpp:14:22:14:23 | call to istrstream | Use of class 'std::istrstream' is deprecated. | -| StrstreamTypesAreDeprecated.cpp:16:19:16:20 | i3 | Use of class 'std::istrstream' is deprecated. | -| StrstreamTypesAreDeprecated.cpp:16:22:16:37 | call to istrstream | Use of class 'std::istrstream' is deprecated. | -| StrstreamTypesAreDeprecated.cpp:19:18:19:19 | f2 | Use of class 'std::istrstream' is deprecated. | -| StrstreamTypesAreDeprecated.cpp:20:10:20:31 | call to istrstream | Use of class 'std::istrstream' is deprecated. | -| StrstreamTypesAreDeprecated.cpp:24:19:24:19 | call to ostrstream | Use of class 'std::ostrstream' is deprecated. | -| StrstreamTypesAreDeprecated.cpp:24:19:24:19 | o | Use of class 'std::ostrstream' is deprecated. | -| StrstreamTypesAreDeprecated.cpp:27:18:27:19 | f3 | Use of class 'std::ostrstream' is deprecated. | -| StrstreamTypesAreDeprecated.cpp:28:10:28:30 | call to ostrstream | Use of class 'std::ostrstream' is deprecated. | +| StrstreamTypesAreDeprecated.cpp:4:8:4:19 | type mention | Use of class 'strstreambuf' is deprecated. | +| StrstreamTypesAreDeprecated.cpp:7:6:7:17 | type mention | Use of class 'strstreambuf' is deprecated. | +| StrstreamTypesAreDeprecated.cpp:8:19:8:30 | type mention | Use of class 'strstreambuf' is deprecated. | +| StrstreamTypesAreDeprecated.cpp:12:8:12:17 | type mention | Use of class 'istrstream' is deprecated. | +| StrstreamTypesAreDeprecated.cpp:14:8:14:17 | type mention | Use of class 'istrstream' is deprecated. | +| StrstreamTypesAreDeprecated.cpp:16:8:16:17 | type mention | Use of class 'istrstream' is deprecated. | +| StrstreamTypesAreDeprecated.cpp:19:6:19:15 | type mention | Use of class 'istrstream' is deprecated. | +| StrstreamTypesAreDeprecated.cpp:20:19:20:28 | type mention | Use of class 'istrstream' is deprecated. | +| StrstreamTypesAreDeprecated.cpp:24:8:24:17 | type mention | Use of class 'ostrstream' is deprecated. | +| StrstreamTypesAreDeprecated.cpp:27:6:27:15 | type mention | Use of class 'ostrstream' is deprecated. | +| StrstreamTypesAreDeprecated.cpp:28:19:28:28 | type mention | Use of class 'ostrstream' is deprecated. | diff --git a/cpp/autosar/test/rules/A18-9-1/BindUsed.expected.qcc b/cpp/autosar/test/rules/A18-9-1/BindUsed.expected.qcc new file mode 100644 index 0000000000..b4b9913aa7 --- /dev/null +++ b/cpp/autosar/test/rules/A18-9-1/BindUsed.expected.qcc @@ -0,0 +1,3 @@ +| test.cpp:9:13:9:21 | call to bind | Prefer lambdas to using std::__1::bind. | +| test.cpp:10:13:10:24 | call to bind1st | Prefer lambdas to using std::__1::bind1st. | +| test.cpp:11:13:11:24 | call to bind2nd | Prefer lambdas to using std::__1::bind2nd. | \ No newline at end of file diff --git a/cpp/autosar/test/rules/A23-0-1/IteratorImplicitlyConvertedToConstIterator.expected.qcc b/cpp/autosar/test/rules/A23-0-1/IteratorImplicitlyConvertedToConstIterator.expected.qcc new file mode 100644 index 0000000000..39dd8073e7 --- /dev/null +++ b/cpp/autosar/test/rules/A23-0-1/IteratorImplicitlyConvertedToConstIterator.expected.qcc @@ -0,0 +1,10 @@ +| test.cpp:10:39:10:48 | call to __wrap_iter | Non-const version of container call immediately converted to a `const_iterator`. | +| test.cpp:13:38:13:42 | call to begin | Non-const version of container call immediately converted to a `const_iterator`. | +| test.cpp:16:44:16:48 | call to begin | Non-const version of container call immediately converted to a `const_iterator`. | +| test.cpp:19:41:19:50 | call to __map_const_iterator | Non-const version of container call immediately converted to a `const_iterator`. | +| test.cpp:22:47:22:57 | call to __map_const_iterator | Non-const version of container call immediately converted to a `const_iterator`. | +| test.cpp:25:8:25:16 | call to __wrap_iter | Non-const version of container call immediately converted to a `const_iterator`. | +| test.cpp:27:10:27:14 | call to begin | Non-const version of container call immediately converted to a `const_iterator`. | +| test.cpp:29:11:29:15 | call to begin | Non-const version of container call immediately converted to a `const_iterator`. | +| test.cpp:31:8:31:16 | call to __map_const_iterator | Non-const version of container call immediately converted to a `const_iterator`. | +| test.cpp:33:9:33:18 | call to __map_const_iterator | Non-const version of container call immediately converted to a `const_iterator`. | diff --git a/cpp/autosar/test/rules/M17-0-5/SetjmpMacroAndTheLongjmpFunctionUsed.expected.qcc b/cpp/autosar/test/rules/M17-0-5/SetjmpMacroAndTheLongjmpFunctionUsed.expected.qcc index 462248cca3..02c560dd39 100644 --- a/cpp/autosar/test/rules/M17-0-5/SetjmpMacroAndTheLongjmpFunctionUsed.expected.qcc +++ b/cpp/autosar/test/rules/M17-0-5/SetjmpMacroAndTheLongjmpFunctionUsed.expected.qcc @@ -1,4 +1,4 @@ | test.cpp:7:9:7:19 | setjmp(__env) | Use of banned setjmp macro. | -| test.cpp:12:3:12:9 | longjmp(__env,__val) | Use of banned longjmp function. | -| test.cpp:14:3:14:9 | longjmp(__env,__val) | Use of banned longjmp function. | +| test.cpp:12:3:12:19 | longjmp(__env,__val) | Use of banned longjmp function. | +| test.cpp:14:3:14:19 | longjmp(__env,__val) | Use of banned longjmp function. | | test.cpp:16:9:16:19 | setjmp(__env) | Use of banned setjmp macro. | From 3ab1585d401d00337a562ed31777574eccef1212 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Sat, 6 May 2023 02:12:52 +0200 Subject: [PATCH 1067/2573] MSC51-CPP: time can be global --- .../src/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.ql | 2 +- cpp/cert/test/rules/CTR51-CPP/tempfile | 0 cpp/cert/test/rules/CTR53-CPP/tempfile | 0 cpp/cert/test/rules/ERR50-CPP/tempfile | 0 cpp/cert/test/rules/ERR52-CPP/tempfile | 0 cpp/cert/test/rules/STR52-CPP/tempfile | 0 6 files changed, 1 insertion(+), 1 deletion(-) create mode 100644 cpp/cert/test/rules/CTR51-CPP/tempfile create mode 100644 cpp/cert/test/rules/CTR53-CPP/tempfile create mode 100644 cpp/cert/test/rules/ERR50-CPP/tempfile create mode 100644 cpp/cert/test/rules/ERR52-CPP/tempfile create mode 100644 cpp/cert/test/rules/STR52-CPP/tempfile diff --git a/cpp/cert/src/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.ql b/cpp/cert/src/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.ql index 743ca43ea4..76f8500362 100644 --- a/cpp/cert/src/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.ql +++ b/cpp/cert/src/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.ql @@ -33,7 +33,7 @@ where or // Initialized from a poor source of randomness exists(Call c | - c.getTarget().hasQualifiedName("std", "time") and + c.getTarget().hasGlobalOrStdName("time") and TaintTracking::localExprTaint(c, createRandomNumberEngine.getSeedArgument()) and seedSource = "initialized from std::time" ) diff --git a/cpp/cert/test/rules/CTR51-CPP/tempfile b/cpp/cert/test/rules/CTR51-CPP/tempfile new file mode 100644 index 0000000000..e69de29bb2 diff --git a/cpp/cert/test/rules/CTR53-CPP/tempfile b/cpp/cert/test/rules/CTR53-CPP/tempfile new file mode 100644 index 0000000000..e69de29bb2 diff --git a/cpp/cert/test/rules/ERR50-CPP/tempfile b/cpp/cert/test/rules/ERR50-CPP/tempfile new file mode 100644 index 0000000000..e69de29bb2 diff --git a/cpp/cert/test/rules/ERR52-CPP/tempfile b/cpp/cert/test/rules/ERR52-CPP/tempfile new file mode 100644 index 0000000000..e69de29bb2 diff --git a/cpp/cert/test/rules/STR52-CPP/tempfile b/cpp/cert/test/rules/STR52-CPP/tempfile new file mode 100644 index 0000000000..e69de29bb2 From 423fb5901f05ac8142a6029d55f7fd17f2b7a439 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 8 May 2023 02:41:39 +0200 Subject: [PATCH 1068/2573] EXP60-CPP STR51-CPP --- ...ndardObjectAcrossBoundaries.expected.clang | 0 ...tandardObjectAcrossBoundaries.expected.gcc | 0 ...tandardObjectAcrossBoundaries.expected.qcc | 0 .../src/codingstandards/cpp/Dereferenced.qll | 34 +++++++++++-------- 4 files changed, 19 insertions(+), 15 deletions(-) create mode 100644 cpp/cert/test/rules/EXP60-CPP/DoNotPassANonstandardObjectAcrossBoundaries.expected.clang create mode 100644 cpp/cert/test/rules/EXP60-CPP/DoNotPassANonstandardObjectAcrossBoundaries.expected.gcc create mode 100644 cpp/cert/test/rules/EXP60-CPP/DoNotPassANonstandardObjectAcrossBoundaries.expected.qcc diff --git a/cpp/cert/test/rules/EXP60-CPP/DoNotPassANonstandardObjectAcrossBoundaries.expected.clang b/cpp/cert/test/rules/EXP60-CPP/DoNotPassANonstandardObjectAcrossBoundaries.expected.clang new file mode 100644 index 0000000000..e69de29bb2 diff --git a/cpp/cert/test/rules/EXP60-CPP/DoNotPassANonstandardObjectAcrossBoundaries.expected.gcc b/cpp/cert/test/rules/EXP60-CPP/DoNotPassANonstandardObjectAcrossBoundaries.expected.gcc new file mode 100644 index 0000000000..e69de29bb2 diff --git a/cpp/cert/test/rules/EXP60-CPP/DoNotPassANonstandardObjectAcrossBoundaries.expected.qcc b/cpp/cert/test/rules/EXP60-CPP/DoNotPassANonstandardObjectAcrossBoundaries.expected.qcc new file mode 100644 index 0000000000..e69de29bb2 diff --git a/cpp/common/src/codingstandards/cpp/Dereferenced.qll b/cpp/common/src/codingstandards/cpp/Dereferenced.qll index ffcd74728b..0714cc17b0 100644 --- a/cpp/common/src/codingstandards/cpp/Dereferenced.qll +++ b/cpp/common/src/codingstandards/cpp/Dereferenced.qll @@ -45,32 +45,36 @@ class BasicStringMemberFunctionDereferencedExpr extends BasicStringDereferencedE | // basic_string::basic_string(const charT *, const Allocator &) f instanceof Constructor and - f.getNumberOfParameters() = 2 and + f.getNumberOfParameters() <= 2 and f.getParameter(0).getType() = stringType.getConstCharTPointer() and - f.getParameter(1).getType() = stringType.getConstAllocatorReferenceType() and + ( + f.getNumberOfParameters() = 2 + implies + f.getParameter(1).getType() = stringType.getConstAllocatorReferenceType() + ) and this = fc.getArgument(0) or // basic_string &basic_string::append(const charT *) // basic_string &basic_string::assign(const charT *) f.hasName(["append", "assign"]) and f.getNumberOfParameters() = 1 and - f.getParameter(0).getType() = stringType.getConstCharTPointer() and + fc.getArgument(0).getType() = stringType.getConstCharTPointer() and this = fc.getArgument(0) or // basic_string &basic_string::insert(size_type, const charT *) f.hasName("insert") and f.getNumberOfParameters() = 2 and - f.getParameter(0).getType() = stringType.getSizeType() and - f.getParameter(1).getType() = stringType.getConstCharTPointer() and + fc.getArgument(0).getType() = stringType.getSizeType() and + fc.getArgument(1).getType() = stringType.getConstCharTPointer() and this = fc.getArgument(1) or // basic_string &basic_string::replace(size_type, size_type, const charT *) // basic_string &basic_string::replace(const_iterator, const_iterator, const charT *) f.hasName("replace") and f.getNumberOfParameters() = 3 and - f.getParameter(0).getType() = [stringType.getSizeType(), stringType.getConstIteratorType()] and - f.getParameter(1).getType() = [stringType.getSizeType(), stringType.getConstIteratorType()] and - f.getParameter(2).getType() = stringType.getConstCharTPointer() and + fc.getArgument(0).getType() = [stringType.getSizeType(), stringType.getConstIteratorType()] and + fc.getArgument(1).getType() = [stringType.getSizeType(), stringType.getConstIteratorType()] and + fc.getArgument(2).getType() = stringType.getConstCharTPointer() and this = fc.getArgument(2) or // size_type basic_string::find(const charT *, size_type) @@ -83,8 +87,8 @@ class BasicStringMemberFunctionDereferencedExpr extends BasicStringDereferencedE "find", "rfind", "find_first_of", "find_last_of", "find_first_not_of", "find_last_not_of" ]) and f.getNumberOfParameters() = 2 and - f.getParameter(0).getType() = stringType.getConstCharTPointer() and - f.getParameter(1).getType() = stringType.getSizeType() and + fc.getArgument(0).getType() = stringType.getConstCharTPointer() and + fc.getArgument(1).getType() = stringType.getSizeType() and this = fc.getArgument(0) or // int basic_string::compare(const charT *) @@ -92,15 +96,15 @@ class BasicStringMemberFunctionDereferencedExpr extends BasicStringDereferencedE // basic_string &basic_string::operator+=(const charT *) f.hasName(["compare", "operator=", "operator+="]) and f.getNumberOfParameters() = 1 and - f.getParameter(0).getType() = stringType.getConstCharTPointer() and + fc.getArgument(0).getType() = stringType.getConstCharTPointer() and this = fc.getArgument(0) or // int basic_string::compare(size_type, size_type, const charT *) f.hasName("compare") and f.getNumberOfParameters() = 3 and - f.getParameter(0).getType() = stringType.getSizeType() and - f.getParameter(1).getType() = stringType.getSizeType() and - f.getParameter(2).getType() = stringType.getConstCharTPointer() and + fc.getArgument(0).getType() = stringType.getSizeType() and + fc.getArgument(1).getType() = stringType.getSizeType() and + fc.getArgument(2).getType() = stringType.getConstCharTPointer() and this = fc.getArgument(2) ) } @@ -132,7 +136,7 @@ class BasicStringNonMemberFunctionDereferencedExpr extends BasicStringDereferenc ]) and f.getAParameter().getType().(ReferenceType).getBaseType().getUnspecifiedType() = stringType and exists(int param | - f.getParameter(param).getType() = stringType.getConstCharTPointer() and + fc.getArgument(param).getType() = stringType.getConstCharTPointer() and this = fc.getArgument(param) ) ) From 7379cac18d7b9e54b221bc74fa78adaba6ea5c3a Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 8 May 2023 04:07:20 +0200 Subject: [PATCH 1069/2573] STR51-CPP: value_type --- cpp/cert/test/rules/STR51-CPP/tempfile | 0 .../src/codingstandards/cpp/Dereferenced.qll | 28 +++++++++---------- .../cpp/standardlibrary/String.qll | 6 ++-- 3 files changed, 17 insertions(+), 17 deletions(-) create mode 100644 cpp/cert/test/rules/STR51-CPP/tempfile diff --git a/cpp/cert/test/rules/STR51-CPP/tempfile b/cpp/cert/test/rules/STR51-CPP/tempfile new file mode 100644 index 0000000000..e69de29bb2 diff --git a/cpp/common/src/codingstandards/cpp/Dereferenced.qll b/cpp/common/src/codingstandards/cpp/Dereferenced.qll index 0714cc17b0..e47cb2b1cb 100644 --- a/cpp/common/src/codingstandards/cpp/Dereferenced.qll +++ b/cpp/common/src/codingstandards/cpp/Dereferenced.qll @@ -46,7 +46,7 @@ class BasicStringMemberFunctionDereferencedExpr extends BasicStringDereferencedE // basic_string::basic_string(const charT *, const Allocator &) f instanceof Constructor and f.getNumberOfParameters() <= 2 and - f.getParameter(0).getType() = stringType.getConstCharTPointer() and + f.getParameter(0).getType() = stringType.getValueType() and ( f.getNumberOfParameters() = 2 implies @@ -58,23 +58,23 @@ class BasicStringMemberFunctionDereferencedExpr extends BasicStringDereferencedE // basic_string &basic_string::assign(const charT *) f.hasName(["append", "assign"]) and f.getNumberOfParameters() = 1 and - fc.getArgument(0).getType() = stringType.getConstCharTPointer() and + f.getParameter(0).getType() = stringType.getValueType() and this = fc.getArgument(0) or // basic_string &basic_string::insert(size_type, const charT *) f.hasName("insert") and f.getNumberOfParameters() = 2 and - fc.getArgument(0).getType() = stringType.getSizeType() and - fc.getArgument(1).getType() = stringType.getConstCharTPointer() and + f.getParameter(0).getType() = stringType.getSizeType() and + f.getParameter(1).getType() = stringType.getValueType() and this = fc.getArgument(1) or // basic_string &basic_string::replace(size_type, size_type, const charT *) // basic_string &basic_string::replace(const_iterator, const_iterator, const charT *) f.hasName("replace") and f.getNumberOfParameters() = 3 and - fc.getArgument(0).getType() = [stringType.getSizeType(), stringType.getConstIteratorType()] and - fc.getArgument(1).getType() = [stringType.getSizeType(), stringType.getConstIteratorType()] and - fc.getArgument(2).getType() = stringType.getConstCharTPointer() and + f.getParameter(0).getType() = [stringType.getSizeType(), stringType.getConstIteratorType()] and + f.getParameter(1).getType() = [stringType.getSizeType(), stringType.getConstIteratorType()] and + f.getParameter(2).getType() = stringType.getValueType() and this = fc.getArgument(2) or // size_type basic_string::find(const charT *, size_type) @@ -87,8 +87,8 @@ class BasicStringMemberFunctionDereferencedExpr extends BasicStringDereferencedE "find", "rfind", "find_first_of", "find_last_of", "find_first_not_of", "find_last_not_of" ]) and f.getNumberOfParameters() = 2 and - fc.getArgument(0).getType() = stringType.getConstCharTPointer() and - fc.getArgument(1).getType() = stringType.getSizeType() and + f.getParameter(0).getType() = stringType.getValueType() and + f.getParameter(1).getType() = stringType.getSizeType() and this = fc.getArgument(0) or // int basic_string::compare(const charT *) @@ -96,15 +96,15 @@ class BasicStringMemberFunctionDereferencedExpr extends BasicStringDereferencedE // basic_string &basic_string::operator+=(const charT *) f.hasName(["compare", "operator=", "operator+="]) and f.getNumberOfParameters() = 1 and - fc.getArgument(0).getType() = stringType.getConstCharTPointer() and + f.getParameter(0).getType() = stringType.getValueType() and this = fc.getArgument(0) or // int basic_string::compare(size_type, size_type, const charT *) f.hasName("compare") and f.getNumberOfParameters() = 3 and - fc.getArgument(0).getType() = stringType.getSizeType() and - fc.getArgument(1).getType() = stringType.getSizeType() and - fc.getArgument(2).getType() = stringType.getConstCharTPointer() and + f.getParameter(0).getType() = stringType.getSizeType() and + f.getParameter(1).getType() = stringType.getSizeType() and + f.getParameter(2).getType() = stringType.getValueType() and this = fc.getArgument(2) ) } @@ -136,7 +136,7 @@ class BasicStringNonMemberFunctionDereferencedExpr extends BasicStringDereferenc ]) and f.getAParameter().getType().(ReferenceType).getBaseType().getUnspecifiedType() = stringType and exists(int param | - fc.getArgument(param).getType() = stringType.getConstCharTPointer() and + f.getParameter(param).getType() = stringType.getValueType() and this = fc.getArgument(param) ) ) diff --git a/cpp/common/src/codingstandards/cpp/standardlibrary/String.qll b/cpp/common/src/codingstandards/cpp/standardlibrary/String.qll index eb75dcfc96..a7de240f6c 100644 --- a/cpp/common/src/codingstandards/cpp/standardlibrary/String.qll +++ b/cpp/common/src/codingstandards/cpp/standardlibrary/String.qll @@ -13,12 +13,12 @@ class StdBasicString extends ClassTemplateInstantiation { Type getAllocator() { result = getTemplateArgument(2) } /** Gets the `const charT*` type for this `basic_string` instantiation. */ - PointerType getConstCharTPointer() { + PointerType getValueType() { exists(SpecifiedType specType | specType = result.getBaseType() and - specType.getBaseType() = getCharT() and specType.isConst() and - count(specType.getASpecifier()) = 1 + count(specType.getASpecifier()) = 1 and + (specType.getBaseType() = getCharT() or specType.getBaseType().getName() = "value_type") ) } From ec7ed15721ce63f2cc25dc86788054bb09913e12 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 8 May 2023 04:23:30 +0200 Subject: [PATCH 1070/2573] Replace calls to `getConstCharTPointer` with `getValueType` --- .../ContainerAccessWithoutRangeCheck.qll | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.qll b/cpp/common/src/codingstandards/cpp/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.qll index 657a000caf..28dd479087 100644 --- a/cpp/common/src/codingstandards/cpp/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.qll +++ b/cpp/common/src/codingstandards/cpp/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.qll @@ -159,7 +159,7 @@ class StringContainerConstructorCall extends ContainerConstructorCall { override Expr getInitialContainerSizeExpr() { // from buffer c.getNumberOfParameters() = 3 and - c.getParameter(0).getType() = stringInstantiation.getConstCharTPointer() and + c.getParameter(0).getType() = stringInstantiation.getValueType() and c.getParameter(1).getType() = stringInstantiation.getSizeType() and c.getParameter(2).getType() = stringInstantiation.getConstAllocatorReferenceType() and // copies `n` items from the buffer @@ -181,7 +181,7 @@ class StringContainerConstructorCall extends ContainerConstructorCall { or // from c-string constructor c.getNumberOfParameters() = 2 and - c.getParameter(0).getType() = stringInstantiation.getConstCharTPointer() and + c.getParameter(0).getType() = stringInstantiation.getValueType() and c.getParameter(1).getType() = stringInstantiation.getConstAllocatorReferenceType() and result = getArgument(0).getValue().length() or From c92a7e2d3d274646faffc942da71fa6eaf345e1a Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 8 May 2023 15:50:39 +0200 Subject: [PATCH 1071/2573] Minimize change to Iterators.qll --- .../src/codingstandards/cpp/Iterators.qll | 28 ++++++++++++------- 1 file changed, 18 insertions(+), 10 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Iterators.qll b/cpp/common/src/codingstandards/cpp/Iterators.qll index 8974af2ba1..b0e55db33d 100644 --- a/cpp/common/src/codingstandards/cpp/Iterators.qll +++ b/cpp/common/src/codingstandards/cpp/Iterators.qll @@ -177,7 +177,10 @@ class ContainerInvalidationOperation extends FunctionCall { ] ) or - this.getTarget().hasGlobalOrStdName(["swap", "operator>>", "getline"]) + exists(FunctionCall fc | + fc.getTarget().getNamespace() instanceof StdNS and + this.getTarget().getName() in ["swap", "operator>>", "getline"] + ) ) ) } @@ -252,11 +255,16 @@ class AdditiveOperatorFunctionCall extends FunctionCall { */ class STLContainer extends Class { STLContainer() { - this.hasGlobalOrStdName([ + getNamespace() instanceof StdNS and + getSimpleName() in [ "vector", "list", "deque", "set", "multiset", "map", "multimap", "stack", "queue", "priority_queue", "string", "forward_list", "unordered_set", "unordered_multiset", "unordered_map", "unordered_multimap", "valarray", "string", "basic_string" - ]) + ] + or + getSimpleName() = "string" + or + getSimpleName() = "basic_string" } /** @@ -291,7 +299,7 @@ class STLContainer extends Class { IteratorSource getAConstIteratorEndFunctionCall() { result = getACallTo("cend") } IteratorSource getANonConstIteratorFunctionCall() { - //result = this.getACallToAFunction() and + result = getACallToAFunction() and result.getTarget().getType() instanceof NonConstIteratorType } @@ -343,24 +351,24 @@ class STLContainerVariable extends Variable { * to create this functionality. */ class IteratorRangeModel extends Function { - IteratorRangeModel() { this.hasGlobalOrStdName("lexicographical_compare") } + IteratorRangeModel() { hasQualifiedName("std", "lexicographical_compare") } int getAnIndexOfAStartRange() { - (this.hasGlobalOrStdName("lexicographical_compare") and result = [0, 1]) + (hasQualifiedName("std", "lexicographical_compare") and result = [0, 1]) } int getAnIndexOfAEndRange() { - (this.hasGlobalOrStdName("lexicographical_compare") and result = [2, 3]) + (hasQualifiedName("std", "lexicographical_compare") and result = [2, 3]) } int getAnIteratorArgumentIndex() { - (this.hasGlobalOrStdName("lexicographical_compare") and result = [0, 1, 2, 3]) + (hasQualifiedName("std", "lexicographical_compare") and result = [0, 1, 2, 3]) } predicate getAPairOfStartEndIndexes(int start, int end) { - this.hasGlobalOrStdName("lexicographical_compare") and start = 0 and end = 1 + hasQualifiedName("std", "lexicographical_compare") and start = 0 and end = 1 or - this.hasGlobalOrStdName("lexicographical_compare") and start = 2 and end = 3 + hasQualifiedName("std", "lexicographical_compare") and start = 2 and end = 3 } } From 08c7e253017e72b604bb24a74e41681f2a708935 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 8 May 2023 15:52:17 +0200 Subject: [PATCH 1072/2573] restore settings.json --- .vscode/settings.json | 20 -------------------- 1 file changed, 20 deletions(-) delete mode 100644 .vscode/settings.json diff --git a/.vscode/settings.json b/.vscode/settings.json deleted file mode 100644 index 4db7b27c49..0000000000 --- a/.vscode/settings.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "sarif-viewer.connectToGithubCodeScanning": "off", - "codeQL.cli.executablePath": "/Users/mauro/GitHub/coding-standards/codeql-bundle-20220908/codeql", - "codeQL.runningQueries.numberOfThreads": 0, - "codeQL.runningTests.numberOfThreads": 0, - "codeQL.runningQueries.autoSave": true, - "codeQL.runningQueries.debug": true, - "files.associations": { - "*.jq": "json", - "*.py": "python", - "*.expected": "csv (pipe)", - "*.actual": "csv (pipe)", - "*.qls": "yaml", - "*.qcc": "cpp", - "*.gcc": "cpp", - "iosfwd": "cpp", - "fstream": "cpp", - "iostream": "cpp" - } -} \ No newline at end of file From 31e6106f9ce415876351e7d6353363c318127027 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 8 May 2023 17:30:32 +0200 Subject: [PATCH 1073/2573] STR53-C: Result deduced from copy contructor in `getInitialContainerSize` --- .vscode/settings.json | 20 +++++++++++++++++++ .../ContainerAccessWithoutRangeCheck.qll | 5 +++++ scripts/build_test_database.py | 6 +++--- 3 files changed, 28 insertions(+), 3 deletions(-) create mode 100644 .vscode/settings.json diff --git a/.vscode/settings.json b/.vscode/settings.json new file mode 100644 index 0000000000..4db7b27c49 --- /dev/null +++ b/.vscode/settings.json @@ -0,0 +1,20 @@ +{ + "sarif-viewer.connectToGithubCodeScanning": "off", + "codeQL.cli.executablePath": "/Users/mauro/GitHub/coding-standards/codeql-bundle-20220908/codeql", + "codeQL.runningQueries.numberOfThreads": 0, + "codeQL.runningTests.numberOfThreads": 0, + "codeQL.runningQueries.autoSave": true, + "codeQL.runningQueries.debug": true, + "files.associations": { + "*.jq": "json", + "*.py": "python", + "*.expected": "csv (pipe)", + "*.actual": "csv (pipe)", + "*.qls": "yaml", + "*.qcc": "cpp", + "*.gcc": "cpp", + "iosfwd": "cpp", + "fstream": "cpp", + "iostream": "cpp" + } +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.qll b/cpp/common/src/codingstandards/cpp/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.qll index 28dd479087..2c8dda2cbf 100644 --- a/cpp/common/src/codingstandards/cpp/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.qll +++ b/cpp/common/src/codingstandards/cpp/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.qll @@ -185,6 +185,11 @@ class StringContainerConstructorCall extends ContainerConstructorCall { c.getParameter(1).getType() = stringInstantiation.getConstAllocatorReferenceType() and result = getArgument(0).getValue().length() or + // from c-string copy constructor + c.getNumberOfParameters() = 1 and + c.getParameter(0).getType() = stringInstantiation.getValueType() and + result = getArgument(0).getValue().length() + or // Lower bound of an explicit size argument result = lowerBound(getInitialContainerSizeExpr().getFullyConverted()) } diff --git a/scripts/build_test_database.py b/scripts/build_test_database.py index 3f8acde999..88d4040f27 100644 --- a/scripts/build_test_database.py +++ b/scripts/build_test_database.py @@ -47,7 +47,7 @@ exit(1) # get the codeql version -res = subprocess.run(['codeql', 'version', '--format', 'json'], stdout=subprocess.PIPE) +res = subprocess.run(['/Users/mauro/GitHub/coding-standards/codeql-bundle-20220908/codeql', 'version', '--format', 'json'], stdout=subprocess.PIPE) res_json = json.loads(res.stdout) CODEQL_VERSION=res_json["version"] @@ -61,10 +61,10 @@ elif LANGUAGE == "c": FILES = ' '.join([f for f in all_files if f.endswith('.c')]) - BUILD_COMMAND=f"clang -fsyntax-only {FILES}" + BUILD_COMMAND=f"clang -fsyntax-only -I../../../../common/test/includes/custom-library {FILES}" ITERATION=0 while os.path.exists(f"databases/{RULE}+{ITERATION}@{CODEQL_VERSION}"): ITERATION = ITERATION + 1 -os.system(f"codeql database create -l cpp -s {LANGUAGE}/{STANDARD}/test/rules/{RULE} --command=\"{BUILD_COMMAND}\" databases/{RULE}+{ITERATION}@{CODEQL_VERSION}") +os.system(f"/Users/mauro/GitHub/coding-standards/codeql-bundle-20220908/codeql database create -l cpp -s {LANGUAGE}/{STANDARD}/test/rules/{RULE} --command=\"{BUILD_COMMAND}\" databases/{RULE}+{ITERATION}@{CODEQL_VERSION}") From b76309ca99630a561f4d4c30dbac9bcb577986ce Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 8 May 2023 17:39:54 +0200 Subject: [PATCH 1074/2573] Remove local changes --- .vscode/settings.json | 20 ------------------- cpp/autosar/test/rules/A23-0-1/tempfile | 0 cpp/autosar/test/rules/A23-0-2/tempfile | 0 cpp/autosar/test/rules/M6-5-2/tempfile | 0 cpp/cert/test/rules/CTR51-CPP/tempfile | 0 cpp/cert/test/rules/CTR53-CPP/tempfile | 0 cpp/cert/test/rules/ERR50-CPP/tempfile | 0 cpp/cert/test/rules/ERR52-CPP/tempfile | 0 cpp/cert/test/rules/STR51-CPP/tempfile | 0 cpp/cert/test/rules/STR52-CPP/tempfile | 0 scripts/build_test_database.py | 6 +++--- .../matrix_testing/CreateMatrixTestReport.ps1 | 9 --------- 12 files changed, 3 insertions(+), 32 deletions(-) delete mode 100644 .vscode/settings.json delete mode 100644 cpp/autosar/test/rules/A23-0-1/tempfile delete mode 100644 cpp/autosar/test/rules/A23-0-2/tempfile delete mode 100644 cpp/autosar/test/rules/M6-5-2/tempfile delete mode 100644 cpp/cert/test/rules/CTR51-CPP/tempfile delete mode 100644 cpp/cert/test/rules/CTR53-CPP/tempfile delete mode 100644 cpp/cert/test/rules/ERR50-CPP/tempfile delete mode 100644 cpp/cert/test/rules/ERR52-CPP/tempfile delete mode 100644 cpp/cert/test/rules/STR51-CPP/tempfile delete mode 100644 cpp/cert/test/rules/STR52-CPP/tempfile diff --git a/.vscode/settings.json b/.vscode/settings.json deleted file mode 100644 index 4db7b27c49..0000000000 --- a/.vscode/settings.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "sarif-viewer.connectToGithubCodeScanning": "off", - "codeQL.cli.executablePath": "/Users/mauro/GitHub/coding-standards/codeql-bundle-20220908/codeql", - "codeQL.runningQueries.numberOfThreads": 0, - "codeQL.runningTests.numberOfThreads": 0, - "codeQL.runningQueries.autoSave": true, - "codeQL.runningQueries.debug": true, - "files.associations": { - "*.jq": "json", - "*.py": "python", - "*.expected": "csv (pipe)", - "*.actual": "csv (pipe)", - "*.qls": "yaml", - "*.qcc": "cpp", - "*.gcc": "cpp", - "iosfwd": "cpp", - "fstream": "cpp", - "iostream": "cpp" - } -} \ No newline at end of file diff --git a/cpp/autosar/test/rules/A23-0-1/tempfile b/cpp/autosar/test/rules/A23-0-1/tempfile deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/cpp/autosar/test/rules/A23-0-2/tempfile b/cpp/autosar/test/rules/A23-0-2/tempfile deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/cpp/autosar/test/rules/M6-5-2/tempfile b/cpp/autosar/test/rules/M6-5-2/tempfile deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/cpp/cert/test/rules/CTR51-CPP/tempfile b/cpp/cert/test/rules/CTR51-CPP/tempfile deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/cpp/cert/test/rules/CTR53-CPP/tempfile b/cpp/cert/test/rules/CTR53-CPP/tempfile deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/cpp/cert/test/rules/ERR50-CPP/tempfile b/cpp/cert/test/rules/ERR50-CPP/tempfile deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/cpp/cert/test/rules/ERR52-CPP/tempfile b/cpp/cert/test/rules/ERR52-CPP/tempfile deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/cpp/cert/test/rules/STR51-CPP/tempfile b/cpp/cert/test/rules/STR51-CPP/tempfile deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/cpp/cert/test/rules/STR52-CPP/tempfile b/cpp/cert/test/rules/STR52-CPP/tempfile deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/scripts/build_test_database.py b/scripts/build_test_database.py index 88d4040f27..3f8acde999 100644 --- a/scripts/build_test_database.py +++ b/scripts/build_test_database.py @@ -47,7 +47,7 @@ exit(1) # get the codeql version -res = subprocess.run(['/Users/mauro/GitHub/coding-standards/codeql-bundle-20220908/codeql', 'version', '--format', 'json'], stdout=subprocess.PIPE) +res = subprocess.run(['codeql', 'version', '--format', 'json'], stdout=subprocess.PIPE) res_json = json.loads(res.stdout) CODEQL_VERSION=res_json["version"] @@ -61,10 +61,10 @@ elif LANGUAGE == "c": FILES = ' '.join([f for f in all_files if f.endswith('.c')]) - BUILD_COMMAND=f"clang -fsyntax-only -I../../../../common/test/includes/custom-library {FILES}" + BUILD_COMMAND=f"clang -fsyntax-only {FILES}" ITERATION=0 while os.path.exists(f"databases/{RULE}+{ITERATION}@{CODEQL_VERSION}"): ITERATION = ITERATION + 1 -os.system(f"/Users/mauro/GitHub/coding-standards/codeql-bundle-20220908/codeql database create -l cpp -s {LANGUAGE}/{STANDARD}/test/rules/{RULE} --command=\"{BUILD_COMMAND}\" databases/{RULE}+{ITERATION}@{CODEQL_VERSION}") +os.system(f"codeql database create -l cpp -s {LANGUAGE}/{STANDARD}/test/rules/{RULE} --command=\"{BUILD_COMMAND}\" databases/{RULE}+{ITERATION}@{CODEQL_VERSION}") diff --git a/scripts/matrix_testing/CreateMatrixTestReport.ps1 b/scripts/matrix_testing/CreateMatrixTestReport.ps1 index 1029ae5b10..d80e87e426 100644 --- a/scripts/matrix_testing/CreateMatrixTestReport.ps1 +++ b/scripts/matrix_testing/CreateMatrixTestReport.ps1 @@ -299,11 +299,6 @@ $jobRows = $queriesToCheck | ForEach-Object -ThrottleLimit $NumThreads -Parallel foreach($testDirectory in $testDirs){ - Write-Host "Acquiring lock for $testDirectory" - $Mutex = New-Object -TypeName System.Threading.Mutex -ArgumentList $false, ("__Matrix_" + $testDirectory.Replace([IO.Path]::DirectorySeparatorChar,"_")); - $Mutex.WaitOne() | Out-Null; - Write-Host "Locked $testDirectory" - # for the report $row = @{ "SUITE" = $CurrentSuiteName; @@ -417,8 +412,6 @@ $jobRows = $queriesToCheck | ForEach-Object -ThrottleLimit $NumThreads -Parallel # output current row state $row - # release any held mutexes - $Mutex.ReleaseMutex(); ########################################################### ########################################################### @@ -430,8 +423,6 @@ $jobRows = $queriesToCheck | ForEach-Object -ThrottleLimit $NumThreads -Parallel } } # go to next row - - } # combine the outputs From 0dd661bb513d0d8349ea87776dde1bf951281003 Mon Sep 17 00:00:00 2001 From: jsinglet Date: Mon, 8 May 2023 16:27:05 +0000 Subject: [PATCH 1075/2573] Version bump to 2.19.0-dev. --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- docs/user_manual.md | 10 +++++----- 16 files changed, 20 insertions(+), 20 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index a79da7c873..c4ac43a686 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards -version: 2.18.0-dev +version: 2.19.0-dev description: CERT C 2016 suites: codeql-suites license: MIT diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index 79040a010d..f9048ac6de 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards-tests -version: 2.18.0-dev +version: 2.19.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 561e793c22..51d3b1d4d0 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards -version: 2.18.0-dev +version: 2.19.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index ac738de9c6..66f9df1ed0 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards-tests -version: 2.18.0-dev +version: 2.19.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 71d6a79269..e1f72b6927 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards -version: 2.18.0-dev +version: 2.19.0-dev description: MISRA C 2012 suites: codeql-suites license: MIT diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index 892598dde1..9638aa4e0a 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards-tests -version: 2.18.0-dev +version: 2.19.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index 1bbc00cb88..9f3eec406e 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards -version: 2.18.0-dev +version: 2.19.0-dev description: AUTOSAR C++14 Guidelines 20-11 suites: codeql-suites license: MIT diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index 943bade6ad..d7c592d43e 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards-tests -version: 2.18.0-dev +version: 2.19.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index 71d90b25a0..da27e1a2c3 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards -version: 2.18.0-dev +version: 2.19.0-dev description: CERT C++ 2016 suites: codeql-suites license: MIT diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index 8c5e4dd228..48ec67a682 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards-tests -version: 2.18.0-dev +version: 2.19.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index f654c13e1f..05d80dbaf6 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards -version: 2.18.0-dev +version: 2.19.0-dev license: MIT dependencies: codeql/cpp-all: 0.3.5 diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index 894e19399e..3785c2a8d3 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards-tests -version: 2.18.0-dev +version: 2.19.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index 628755b383..e2e75ed72c 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards -version: 2.18.0-dev +version: 2.19.0-dev description: MISRA C++ 2008 suites: codeql-suites license: MIT diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index 803c3fb838..6e76c0703c 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards-tests -version: 2.18.0-dev +version: 2.19.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index eabfbaa5cc..de00a4778a 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/report-cpp-coding-standards -version: 2.18.0-dev +version: 2.19.0-dev license: MIT dependencies: codeql/cpp-all: 0.3.5 diff --git a/docs/user_manual.md b/docs/user_manual.md index fec4b6f00a..763680804c 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -23,13 +23,13 @@ ## Release information -This user manual documents release `2.18.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). +This user manual documents release `2.19.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). The release page documents the release notes and contains the following artifacts part of the release: -- `code-scanning-cpp-query-pack-anon-2.18.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `supported_rules_list_2.18.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. +- `code-scanning-cpp-query-pack-anon-2.19.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. +- `supported_rules_list_2.19.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. - `upported_rules_list_2.18.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. -- `user_manual_2.18.0-dev.md`: This user manual. +- `user_manual_2.19.0-dev.md`: This user manual. - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards - `checksums.txt`: A text file containing sha256 checksums for the aforementioned artifacts. @@ -457,7 +457,7 @@ This section describes known failure modes for "CodeQL Coding Standards" and des | | Ouf of space | Less output. Some files may be only be partially analyzed, or not analyzed at all. | Error reported on the command line. | Increase space. If it remains an issue report space consumption issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False positives | More output. Results are reported which are not violations of the guidelines. | All reported results must be reviewed. | Report false positive issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False negatives | Less output. Violations of the guidelines are not reported. | Other validation and verification processes during software development should be used to complement the analysis performed by CodeQL Coding Standards. | Report false negative issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | -| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.18.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | +| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.19.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | | | Incorrect deviation record specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation records with a reason. Ensure that all deviation records are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Incorrect deviation permit specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation permits with a reason. Ensure that all deviation permits are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Unapproved use of a deviation record | Less output. Results for guideline violations are not reported. | Validate that the deviation record use is approved by verifying the approved-by attribute of the deviation record specification. | Ensure that each raised deviation record is approved by an independent approver through an auditable process. | From f43cf3e919568ad457ae7b4a62b330eff4b9527e Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 8 May 2023 18:47:10 +0200 Subject: [PATCH 1076/2573] Merge M17-0-5 and ERR52-CPP --- .../SetjmpMacroAndTheLongjmpFunctionUsed.ql | 20 ++++--------- ...SetjmpMacroAndTheLongjmpFunctionUsed.qlref | 1 - ...tjmpMacroAndTheLongjmpFunctionUsed.testref | 1 + .../ERR52-CPP/DoNotUseSetjmpOrLongjmp.ql | 19 ++++-------- .../DoNotUseSetjmpOrLongjmp.expected | 2 -- .../ERR52-CPP/DoNotUseSetjmpOrLongjmp.qlref | 1 - .../ERR52-CPP/DoNotUseSetjmpOrLongjmp.testref | 1 + cpp/cert/test/rules/ERR52-CPP/test.cpp | 15 ---------- .../DoNotUseSetjmpOrLongjmpShared.qll | 30 +++++++++++++++++++ .../DoNotUseSetjmpOrLongjmpShared.expected} | 0 ...oNotUseSetjmpOrLongjmpShared.expected.qcc} | 0 .../DoNotUseSetjmpOrLongjmpShared.ql | 2 ++ .../donotusesetjmporlongjmpshared}/test.cpp | 2 +- rule_packages/cpp/BannedFunctions.json | 2 ++ .../matrix_testing/CreateMatrixTestReport.ps1 | 7 +++++ 15 files changed, 55 insertions(+), 48 deletions(-) delete mode 100644 cpp/autosar/test/rules/M17-0-5/SetjmpMacroAndTheLongjmpFunctionUsed.qlref create mode 100644 cpp/autosar/test/rules/M17-0-5/SetjmpMacroAndTheLongjmpFunctionUsed.testref delete mode 100644 cpp/cert/test/rules/ERR52-CPP/DoNotUseSetjmpOrLongjmp.expected delete mode 100644 cpp/cert/test/rules/ERR52-CPP/DoNotUseSetjmpOrLongjmp.qlref create mode 100644 cpp/cert/test/rules/ERR52-CPP/DoNotUseSetjmpOrLongjmp.testref delete mode 100644 cpp/cert/test/rules/ERR52-CPP/test.cpp create mode 100644 cpp/common/src/codingstandards/cpp/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.qll rename cpp/{autosar/test/rules/M17-0-5/SetjmpMacroAndTheLongjmpFunctionUsed.expected => common/test/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.expected} (100%) rename cpp/{autosar/test/rules/M17-0-5/SetjmpMacroAndTheLongjmpFunctionUsed.expected.qcc => common/test/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.expected.qcc} (100%) create mode 100644 cpp/common/test/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.ql rename cpp/{autosar/test/rules/M17-0-5 => common/test/rules/donotusesetjmporlongjmpshared}/test.cpp (99%) diff --git a/cpp/autosar/src/rules/M17-0-5/SetjmpMacroAndTheLongjmpFunctionUsed.ql b/cpp/autosar/src/rules/M17-0-5/SetjmpMacroAndTheLongjmpFunctionUsed.ql index 7f193b1c4c..5e821fc5ff 100644 --- a/cpp/autosar/src/rules/M17-0-5/SetjmpMacroAndTheLongjmpFunctionUsed.ql +++ b/cpp/autosar/src/rules/M17-0-5/SetjmpMacroAndTheLongjmpFunctionUsed.ql @@ -15,20 +15,10 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.rules.donotusesetjmporlongjmpshared.DoNotUseSetjmpOrLongjmpShared -predicate isLongJumpCall(Locatable fc) { - fc.(FunctionCall).getTarget().hasGlobalOrStdName("longjmp") or - fc.(MacroInvocation).getMacroName() = "longjmp" +class SetjmpMacroAndTheLongjmpFunctionUsedQuery extends DoNotUseSetjmpOrLongjmpSharedSharedQuery { + SetjmpMacroAndTheLongjmpFunctionUsedQuery() { + this = BannedFunctionsPackage::setjmpMacroAndTheLongjmpFunctionUsedQuery() + } } - -predicate isSetJumpCall(MacroInvocation mi) { mi.getMacroName() = "setjmp" } - -from Element jmp, string callType -where - not isExcluded(jmp, BannedFunctionsPackage::setjmpMacroAndTheLongjmpFunctionUsedQuery()) and - ( - isLongJumpCall(jmp) and callType = "longjmp function" - or - isSetJumpCall(jmp) and callType = "setjmp macro" - ) -select jmp, "Use of banned " + callType + "." diff --git a/cpp/autosar/test/rules/M17-0-5/SetjmpMacroAndTheLongjmpFunctionUsed.qlref b/cpp/autosar/test/rules/M17-0-5/SetjmpMacroAndTheLongjmpFunctionUsed.qlref deleted file mode 100644 index c2a9f2c7c3..0000000000 --- a/cpp/autosar/test/rules/M17-0-5/SetjmpMacroAndTheLongjmpFunctionUsed.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/M17-0-5/SetjmpMacroAndTheLongjmpFunctionUsed.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M17-0-5/SetjmpMacroAndTheLongjmpFunctionUsed.testref b/cpp/autosar/test/rules/M17-0-5/SetjmpMacroAndTheLongjmpFunctionUsed.testref new file mode 100644 index 0000000000..87f68653c8 --- /dev/null +++ b/cpp/autosar/test/rules/M17-0-5/SetjmpMacroAndTheLongjmpFunctionUsed.testref @@ -0,0 +1 @@ +cpp/common/test/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.ql \ No newline at end of file diff --git a/cpp/cert/src/rules/ERR52-CPP/DoNotUseSetjmpOrLongjmp.ql b/cpp/cert/src/rules/ERR52-CPP/DoNotUseSetjmpOrLongjmp.ql index ff7fc47dd6..d00355e942 100644 --- a/cpp/cert/src/rules/ERR52-CPP/DoNotUseSetjmpOrLongjmp.ql +++ b/cpp/cert/src/rules/ERR52-CPP/DoNotUseSetjmpOrLongjmp.ql @@ -13,17 +13,10 @@ import cpp import codingstandards.cpp.cert +import codingstandards.cpp.rules.donotusesetjmporlongjmpshared.DoNotUseSetjmpOrLongjmpShared -predicate isLongJumpCall(FunctionCall fc) { fc.getTarget().hasGlobalOrStdName("longjmp") } - -predicate isSetJumpCall(MacroInvocation mi) { mi.getMacroName() = "setjmp" } - -from Element jmp, string callType -where - not isExcluded(jmp, BannedFunctionsPackage::doNotUseSetjmpOrLongjmpQuery()) and - ( - isLongJumpCall(jmp) and callType = "longjmp function" - or - isSetJumpCall(jmp) and callType = "setjmp macro" - ) -select jmp, "Use of banned " + callType + "." +class DoNotUseSetjmpOrLongjmpQuery extends DoNotUseSetjmpOrLongjmpSharedSharedQuery { + DoNotUseSetjmpOrLongjmpQuery() { + this = BannedFunctionsPackage::doNotUseSetjmpOrLongjmpQuery() + } +} diff --git a/cpp/cert/test/rules/ERR52-CPP/DoNotUseSetjmpOrLongjmp.expected b/cpp/cert/test/rules/ERR52-CPP/DoNotUseSetjmpOrLongjmp.expected deleted file mode 100644 index 220e1717b6..0000000000 --- a/cpp/cert/test/rules/ERR52-CPP/DoNotUseSetjmpOrLongjmp.expected +++ /dev/null @@ -1,2 +0,0 @@ -| test.cpp:7:9:7:19 | setjmp(env) | Use of banned setjmp macro. | -| test.cpp:12:3:12:9 | call to longjmp | Use of banned longjmp function. | diff --git a/cpp/cert/test/rules/ERR52-CPP/DoNotUseSetjmpOrLongjmp.qlref b/cpp/cert/test/rules/ERR52-CPP/DoNotUseSetjmpOrLongjmp.qlref deleted file mode 100644 index 230a25b8c1..0000000000 --- a/cpp/cert/test/rules/ERR52-CPP/DoNotUseSetjmpOrLongjmp.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/ERR52-CPP/DoNotUseSetjmpOrLongjmp.ql \ No newline at end of file diff --git a/cpp/cert/test/rules/ERR52-CPP/DoNotUseSetjmpOrLongjmp.testref b/cpp/cert/test/rules/ERR52-CPP/DoNotUseSetjmpOrLongjmp.testref new file mode 100644 index 0000000000..87f68653c8 --- /dev/null +++ b/cpp/cert/test/rules/ERR52-CPP/DoNotUseSetjmpOrLongjmp.testref @@ -0,0 +1 @@ +cpp/common/test/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.ql \ No newline at end of file diff --git a/cpp/cert/test/rules/ERR52-CPP/test.cpp b/cpp/cert/test/rules/ERR52-CPP/test.cpp deleted file mode 100644 index 20a1ed8d9c..0000000000 --- a/cpp/cert/test/rules/ERR52-CPP/test.cpp +++ /dev/null @@ -1,15 +0,0 @@ -#include - -int test_jmps() { - jmp_buf env; - int val; - - val = setjmp(env); - if (val) { - return (val); - } - - longjmp(env, 101); - - return 0; -} diff --git a/cpp/common/src/codingstandards/cpp/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.qll b/cpp/common/src/codingstandards/cpp/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.qll new file mode 100644 index 0000000000..6c39b62fec --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.qll @@ -0,0 +1,30 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class DoNotUseSetjmpOrLongjmpSharedSharedQuery extends Query { } + +Query getQuery() { result instanceof DoNotUseSetjmpOrLongjmpSharedSharedQuery } + +predicate isLongJumpCall(Locatable fc) { + fc.(FunctionCall).getTarget().hasGlobalOrStdName("longjmp") or + fc.(MacroInvocation).getMacroName() = "longjmp" +} + +predicate isSetJumpCall(MacroInvocation mi) { mi.getMacroName() = "setjmp" } + +query predicate problems(Element jmp, string message) { + exists(string callType | + not isExcluded(jmp, getQuery()) and + message = "Use of banned " + callType + "." and + ( + isLongJumpCall(jmp) and callType = "longjmp function" + or + isSetJumpCall(jmp) and callType = "setjmp macro" + ) + ) +} diff --git a/cpp/autosar/test/rules/M17-0-5/SetjmpMacroAndTheLongjmpFunctionUsed.expected b/cpp/common/test/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.expected similarity index 100% rename from cpp/autosar/test/rules/M17-0-5/SetjmpMacroAndTheLongjmpFunctionUsed.expected rename to cpp/common/test/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.expected diff --git a/cpp/autosar/test/rules/M17-0-5/SetjmpMacroAndTheLongjmpFunctionUsed.expected.qcc b/cpp/common/test/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.expected.qcc similarity index 100% rename from cpp/autosar/test/rules/M17-0-5/SetjmpMacroAndTheLongjmpFunctionUsed.expected.qcc rename to cpp/common/test/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.expected.qcc diff --git a/cpp/common/test/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.ql b/cpp/common/test/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.ql new file mode 100644 index 0000000000..45c240676f --- /dev/null +++ b/cpp/common/test/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.donotusesetjmporlongjmpshared.DoNotUseSetjmpOrLongjmpShared diff --git a/cpp/autosar/test/rules/M17-0-5/test.cpp b/cpp/common/test/rules/donotusesetjmporlongjmpshared/test.cpp similarity index 99% rename from cpp/autosar/test/rules/M17-0-5/test.cpp rename to cpp/common/test/rules/donotusesetjmporlongjmpshared/test.cpp index 1b40f79640..cb810aa3a5 100644 --- a/cpp/autosar/test/rules/M17-0-5/test.cpp +++ b/cpp/common/test/rules/donotusesetjmporlongjmpshared/test.cpp @@ -16,4 +16,4 @@ int test_jmps() { val = setjmp(env); return 0; -} +} \ No newline at end of file diff --git a/rule_packages/cpp/BannedFunctions.json b/rule_packages/cpp/BannedFunctions.json index 1ee1dc31e2..bb89ab2320 100644 --- a/rule_packages/cpp/BannedFunctions.json +++ b/rule_packages/cpp/BannedFunctions.json @@ -89,6 +89,7 @@ "precision": "very-high", "severity": "error", "short_name": "SetjmpMacroAndTheLongjmpFunctionUsed", + "shared_implementation_short_name": "DoNotUseSetjmpOrLongjmpShared", "tags": [ "correctness", "scope/single-translation-unit" @@ -210,6 +211,7 @@ "precision": "very-high", "severity": "error", "short_name": "DoNotUseSetjmpOrLongjmp", + "shared_implementation_short_name": "DoNotUseSetjmpOrLongjmpShared", "tags": [ "correctness", "scope/single-translation-unit" diff --git a/scripts/matrix_testing/CreateMatrixTestReport.ps1 b/scripts/matrix_testing/CreateMatrixTestReport.ps1 index d80e87e426..60a666aa48 100644 --- a/scripts/matrix_testing/CreateMatrixTestReport.ps1 +++ b/scripts/matrix_testing/CreateMatrixTestReport.ps1 @@ -299,6 +299,11 @@ $jobRows = $queriesToCheck | ForEach-Object -ThrottleLimit $NumThreads -Parallel foreach($testDirectory in $testDirs){ + Write-Host "Acquiring lock for $testDirectory" + $Mutex = New-Object -TypeName System.Threading.Mutex -ArgumentList $false, ("__Matrix_" + $testDirectory.Replace([IO.Path]::DirectorySeparatorChar,"_")); + $Mutex.WaitOne() | Out-Null; + Write-Host "Locked $testDirectory" + # for the report $row = @{ "SUITE" = $CurrentSuiteName; @@ -412,6 +417,8 @@ $jobRows = $queriesToCheck | ForEach-Object -ThrottleLimit $NumThreads -Parallel # output current row state $row + # release any held mutexes + $Mutex.ReleaseMutex(); ########################################################### ########################################################### From f253bad6bd0dfbf59b0174c88ebabc1ca4df46c8 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 8 May 2023 23:53:06 +0200 Subject: [PATCH 1077/2573] A0-4-3 qcc expected file A4-10-1 clang test/expected file A18-1-2 clang expected file --- ...nShallComplyWithCPP14Standard.expected.qcc | 1 + ...ectorboolSpecializationUsed.expected.clang | 7 ------- ...llPointerConstantNotNullptr.expected.clang | 3 +++ cpp/autosar/test/rules/A4-10-1/test.cpp.clang | 20 +++++++++++++++++++ 4 files changed, 24 insertions(+), 7 deletions(-) create mode 100644 cpp/autosar/test/rules/A0-4-3/CompilerImplementationShallComplyWithCPP14Standard.expected.qcc delete mode 100644 cpp/autosar/test/rules/A18-1-2/VectorboolSpecializationUsed.expected.clang create mode 100644 cpp/autosar/test/rules/A4-10-1/NullPointerConstantNotNullptr.expected.clang create mode 100644 cpp/autosar/test/rules/A4-10-1/test.cpp.clang diff --git a/cpp/autosar/test/rules/A0-4-3/CompilerImplementationShallComplyWithCPP14Standard.expected.qcc b/cpp/autosar/test/rules/A0-4-3/CompilerImplementationShallComplyWithCPP14Standard.expected.qcc new file mode 100644 index 0000000000..44131d5ea4 --- /dev/null +++ b/cpp/autosar/test/rules/A0-4-3/CompilerImplementationShallComplyWithCPP14Standard.expected.qcc @@ -0,0 +1 @@ +| test.cpp:0:0:0:0 | test.cpp | File 'test.cpp' compiled with flag '-std=gnu++11' which does not strictly comply with ISO C++14. | diff --git a/cpp/autosar/test/rules/A18-1-2/VectorboolSpecializationUsed.expected.clang b/cpp/autosar/test/rules/A18-1-2/VectorboolSpecializationUsed.expected.clang deleted file mode 100644 index 570c7c18ea..0000000000 --- a/cpp/autosar/test/rules/A18-1-2/VectorboolSpecializationUsed.expected.clang +++ /dev/null @@ -1,7 +0,0 @@ -| test.cpp:3:19:3:19 | g | Use of std::vector specialization. | -| test.cpp:18:21:18:21 | l | Use of std::vector specialization. | -| test.cpp:20:8:20:9 | l3 | Use of std::vector specialization. | -| test.cpp:23:34:23:35 | l6 | Use of std::vector specialization. | -| test.cpp:24:47:24:48 | l7 | Use of std::vector specialization. | -| test.cpp:27:36:27:37 | it | Use of std::vector specialization. | -| test.cpp:34:40:34:41 | d3 | Use of std::vector specialization. | diff --git a/cpp/autosar/test/rules/A4-10-1/NullPointerConstantNotNullptr.expected.clang b/cpp/autosar/test/rules/A4-10-1/NullPointerConstantNotNullptr.expected.clang new file mode 100644 index 0000000000..1d7a675b05 --- /dev/null +++ b/cpp/autosar/test/rules/A4-10-1/NullPointerConstantNotNullptr.expected.clang @@ -0,0 +1,3 @@ +| test.cpp:10:13:10:13 | 0 | 0 is used as the null-pointer-constant but is not nullptr. | +| test.cpp:11:6:11:6 | 0 | 0 is used as the null-pointer-constant but is not nullptr. | +| test.cpp:17:6:17:9 | 0 | NULL is used as the null-pointer-constant but is not nullptr. | diff --git a/cpp/autosar/test/rules/A4-10-1/test.cpp.clang b/cpp/autosar/test/rules/A4-10-1/test.cpp.clang new file mode 100644 index 0000000000..ca398adfc8 --- /dev/null +++ b/cpp/autosar/test/rules/A4-10-1/test.cpp.clang @@ -0,0 +1,20 @@ +void f1(int *x); +void f2(int x); +void f3(char *x); +// Template function which forwards to a pointer function +template void f3(F f, X x) { f1(x); } + +#define NULL 0 + +void test_nullptr() { + int *l1 = 0; // NON_COMPLIANT - 0 converted to a pointer type + f1(0); // NON_COMPLIANT - 0 converted to a pointer type + int *l2 = nullptr; // COMPLIANT - use of nullptr + f1(nullptr); // COMPLIANT - use of nullptr + f2(0); // COMPLIANT - use of 0 literal with no conversion to pointer + int l3 = 0; // COMPLIANT - use of 0 literal with no conversion to pointer + f3(f1, nullptr); // COMPLIANT - use of nullptr + f1(NULL); // NON_COMPLIANT - use of NULL macro + // f1('\0'); // NON_COMPLIANT - use of octal escape 0 - this is compiler checked + f3("0"); // COMPLIANT - "0" is not a literal zero +} \ No newline at end of file From 41e9bb0954d2343f8b767bb591c835530cc37e7e Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Tue, 9 May 2023 01:09:08 +0200 Subject: [PATCH 1078/2573] M4-10-2 fix compilation --- .../IfElseTerminationConstruct.expected | 6 +- .../rules/ifelseterminationconstruct/test.cpp | 91 +++++++++---------- 2 files changed, 48 insertions(+), 49 deletions(-) diff --git a/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.expected b/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.expected index bcbc388ca6..ffe7e08489 100644 --- a/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.expected +++ b/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.expected @@ -1,3 +1,3 @@ -| test.cpp:21:5:25:5 | if (...) ... | The $@ construct does not terminate with else statement. | test.cpp:21:5:25:5 | if (...) ... | `if...else` | -| test.cpp:41:7:45:7 | if (...) ... | The $@ construct does not terminate with else statement. | test.cpp:41:7:45:7 | if (...) ... | `if...else` | -| test.cpp:55:5:65:5 | if (...) ... | The $@ construct does not terminate with else statement. | test.cpp:55:5:65:5 | if (...) ... | `if...else` | +| test.cpp:21:3:25:3 | if (...) ... | The $@ construct does not terminate with else statement. | test.cpp:21:3:25:3 | if (...) ... | `if...else` | +| test.cpp:41:5:45:5 | if (...) ... | The $@ construct does not terminate with else statement. | test.cpp:41:5:45:5 | if (...) ... | `if...else` | +| test.cpp:55:3:65:3 | if (...) ... | The $@ construct does not terminate with else statement. | test.cpp:55:3:65:3 | if (...) ... | `if...else` | diff --git a/cpp/common/test/rules/ifelseterminationconstruct/test.cpp b/cpp/common/test/rules/ifelseterminationconstruct/test.cpp index ccb59b6ca0..c3433bee1a 100644 --- a/cpp/common/test/rules/ifelseterminationconstruct/test.cpp +++ b/cpp/common/test/rules/ifelseterminationconstruct/test.cpp @@ -10,58 +10,57 @@ void test_ifelse_valid(int expression) { } else { k = j * j; } - void test_ifelse_mix_validity(int expression) { - int i = 4; - int j = 7; - int k; - - if (expression > 0) { // GOOD - k = i * i; - } - if (expression > 10) { // BAD - k = i + j; - } else if (expression < 0) { - k = i * 2; - } +} +void test_ifelse_mix_validity(int expression) { + int i = 4; + int j = 7; + int k; + if (expression > 0) { // GOOD + k = i * i; } + if (expression > 10) { // BAD + k = i + j; + } else if (expression < 0) { + k = i * 2; + } +} - void test_ifelse_nested_invalid(int expression) { - int i = 5; - int j = 7; - int k; +void test_ifelse_nested_invalid(int expression) { + int i = 5; + int j = 7; + int k; - if (expression > 0) { // GOOD - k = i * i * i; - } else { - k = i * j; - } - if (expression > 10) { // GOOD - k = i; - } else if (expression < 0) { - if (expression < -10) { // BAD - k = 5 + j; - } else if (expression < -20) { - k = i * 3; - } - } else { - k = 3; + if (expression > 0) { // GOOD + k = i * i * i; + } else { + k = i * j; + } + if (expression > 10) { // GOOD + k = i; + } else if (expression < 0) { + if (expression < -10) { // BAD + k = 5 + j; + } else if (expression < -20) { + k = i * 3; } + } else { + k = 3; } +} - void test_ifelse_nested_valid(int expression) { - int i = 3; - int j = 1; - int k; - if (expression > 10) { // BAD - k = i + j; - } else if (expression < 0) { - if (i > 3) { // GOOD - k = j; - } else if (i < 10) { - k = i % 3; - } else { - i = i % 2; - } +void test_ifelse_nested_valid(int expression) { + int i = 3; + int j = 1; + int k; + if (expression > 10) { // BAD + k = i + j; + } else if (expression < 0) { + if (i > 3) { // GOOD + k = j; + } else if (i < 10) { + k = i % 3; + } else { + i = i % 2; } } } From c486f4820a9739b885f235f1c7e7e47579777c92 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Tue, 9 May 2023 01:11:35 +0200 Subject: [PATCH 1079/2573] M6-4-2: Fix compilation --- cpp/autosar/test/rules/M4-10-2/test.cpp | 1 - 1 file changed, 1 deletion(-) diff --git a/cpp/autosar/test/rules/M4-10-2/test.cpp b/cpp/autosar/test/rules/M4-10-2/test.cpp index fa91f238bb..39fa2df7ff 100644 --- a/cpp/autosar/test/rules/M4-10-2/test.cpp +++ b/cpp/autosar/test/rules/M4-10-2/test.cpp @@ -23,6 +23,5 @@ void test_nullptr() { f3(f1, nullptr); // COMPLIANT - use of nullptr f1(NULL); // COMPLIANT - use of NULL macro is compliant according to this rule // only - f1('\0'); // COMPLIANT - use of octal escape 0 is not covered by this rule ClassA a = CLASSA_INIT; // COMPLIANT } \ No newline at end of file From 1eb4677dcf9b86f85148d5e71ae5c6ac291dddd9 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Tue, 9 May 2023 02:46:47 +0200 Subject: [PATCH 1080/2573] A0-4-1: __libcpp_numeric_limits --- ...atingPointImplementationShallComplyWithIeeeStandard.ql | 2 +- ...plementationShallComplyWithIeeeStandard.expected.clang | 0 ...ImplementationShallComplyWithIeeeStandard.expected.gcc | 0 ...ImplementationShallComplyWithIeeeStandard.expected.qcc | 0 cpp/autosar/test/rules/A0-4-1/test.cpp.clang | 8 ++++++++ cpp/autosar/test/rules/A0-4-1/test.cpp.gcc | 8 ++++++++ cpp/autosar/test/rules/A0-4-1/test.cpp.qcc | 8 ++++++++ 7 files changed, 25 insertions(+), 1 deletion(-) create mode 100644 cpp/autosar/test/rules/A0-4-1/FloatingPointImplementationShallComplyWithIeeeStandard.expected.clang create mode 100644 cpp/autosar/test/rules/A0-4-1/FloatingPointImplementationShallComplyWithIeeeStandard.expected.gcc create mode 100644 cpp/autosar/test/rules/A0-4-1/FloatingPointImplementationShallComplyWithIeeeStandard.expected.qcc create mode 100644 cpp/autosar/test/rules/A0-4-1/test.cpp.clang create mode 100644 cpp/autosar/test/rules/A0-4-1/test.cpp.gcc create mode 100644 cpp/autosar/test/rules/A0-4-1/test.cpp.qcc diff --git a/cpp/autosar/src/rules/A0-4-1/FloatingPointImplementationShallComplyWithIeeeStandard.ql b/cpp/autosar/src/rules/A0-4-1/FloatingPointImplementationShallComplyWithIeeeStandard.ql index 3e869efb96..9123e7de2f 100644 --- a/cpp/autosar/src/rules/A0-4-1/FloatingPointImplementationShallComplyWithIeeeStandard.ql +++ b/cpp/autosar/src/rules/A0-4-1/FloatingPointImplementationShallComplyWithIeeeStandard.ql @@ -21,7 +21,7 @@ import codingstandards.cpp.autosar import codingstandards.cpp.TypeUses class NumericLimits extends Class { - NumericLimits() { this.hasQualifiedName("std", "numeric_limits") } + NumericLimits() { this.hasQualifiedName("std", ["numeric_limits", "__libcpp_numeric_limits"]) } /** * Gets the template argument specified for this type. diff --git a/cpp/autosar/test/rules/A0-4-1/FloatingPointImplementationShallComplyWithIeeeStandard.expected.clang b/cpp/autosar/test/rules/A0-4-1/FloatingPointImplementationShallComplyWithIeeeStandard.expected.clang new file mode 100644 index 0000000000..e69de29bb2 diff --git a/cpp/autosar/test/rules/A0-4-1/FloatingPointImplementationShallComplyWithIeeeStandard.expected.gcc b/cpp/autosar/test/rules/A0-4-1/FloatingPointImplementationShallComplyWithIeeeStandard.expected.gcc new file mode 100644 index 0000000000..e69de29bb2 diff --git a/cpp/autosar/test/rules/A0-4-1/FloatingPointImplementationShallComplyWithIeeeStandard.expected.qcc b/cpp/autosar/test/rules/A0-4-1/FloatingPointImplementationShallComplyWithIeeeStandard.expected.qcc new file mode 100644 index 0000000000..e69de29bb2 diff --git a/cpp/autosar/test/rules/A0-4-1/test.cpp.clang b/cpp/autosar/test/rules/A0-4-1/test.cpp.clang new file mode 100644 index 0000000000..9dea3a0743 --- /dev/null +++ b/cpp/autosar/test/rules/A0-4-1/test.cpp.clang @@ -0,0 +1,8 @@ +#include + +void test() { + float f; // COMPLIANT + + double d; // COMPLIANT + long double ld; // COMPLIANT +} \ No newline at end of file diff --git a/cpp/autosar/test/rules/A0-4-1/test.cpp.gcc b/cpp/autosar/test/rules/A0-4-1/test.cpp.gcc new file mode 100644 index 0000000000..9dea3a0743 --- /dev/null +++ b/cpp/autosar/test/rules/A0-4-1/test.cpp.gcc @@ -0,0 +1,8 @@ +#include + +void test() { + float f; // COMPLIANT + + double d; // COMPLIANT + long double ld; // COMPLIANT +} \ No newline at end of file diff --git a/cpp/autosar/test/rules/A0-4-1/test.cpp.qcc b/cpp/autosar/test/rules/A0-4-1/test.cpp.qcc new file mode 100644 index 0000000000..9dea3a0743 --- /dev/null +++ b/cpp/autosar/test/rules/A0-4-1/test.cpp.qcc @@ -0,0 +1,8 @@ +#include + +void test() { + float f; // COMPLIANT + + double d; // COMPLIANT + long double ld; // COMPLIANT +} \ No newline at end of file From 557b6f83191b92451f5cb76f0b6d2dd267a37c2b Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Tue, 9 May 2023 02:59:02 +0200 Subject: [PATCH 1081/2573] A2-3-1: adapt tests to qcc/gcc compiler checks --- cpp/autosar/test/rules/A2-3-1/test.cpp.gcc | 4 ++-- cpp/autosar/test/rules/A2-3-1/test.cpp.qcc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/cpp/autosar/test/rules/A2-3-1/test.cpp.gcc b/cpp/autosar/test/rules/A2-3-1/test.cpp.gcc index 82dd6f7bcc..b6e8d365ff 100644 --- a/cpp/autosar/test/rules/A2-3-1/test.cpp.gcc +++ b/cpp/autosar/test/rules/A2-3-1/test.cpp.gcc @@ -1,8 +1,8 @@ // It is valid to use @ in comments COMPLIANT // Invalid character α NON_COMPLIANT -// double # = 2.; // NON_COMPLIANT; U+03b1 - this is compiler checked -// void *to_#_and_beyond = nullptr; // NON_COMPLIANT; U+10185 - this is compiler checked +// double a = 2.; // NON_COMPLIANT; U+03b1 - this is compiler checked +// void *to_8_and_beyond = nullptr; // NON_COMPLIANT; U+10185 - this is compiler checked int l1_\u00A8; // COMPLIANT[FALSE_POSITIVE] const char *euro = "α"; // NON_COMPLIANT diff --git a/cpp/autosar/test/rules/A2-3-1/test.cpp.qcc b/cpp/autosar/test/rules/A2-3-1/test.cpp.qcc index 82dd6f7bcc..b6e8d365ff 100644 --- a/cpp/autosar/test/rules/A2-3-1/test.cpp.qcc +++ b/cpp/autosar/test/rules/A2-3-1/test.cpp.qcc @@ -1,8 +1,8 @@ // It is valid to use @ in comments COMPLIANT // Invalid character α NON_COMPLIANT -// double # = 2.; // NON_COMPLIANT; U+03b1 - this is compiler checked -// void *to_#_and_beyond = nullptr; // NON_COMPLIANT; U+10185 - this is compiler checked +// double a = 2.; // NON_COMPLIANT; U+03b1 - this is compiler checked +// void *to_8_and_beyond = nullptr; // NON_COMPLIANT; U+10185 - this is compiler checked int l1_\u00A8; // COMPLIANT[FALSE_POSITIVE] const char *euro = "α"; // NON_COMPLIANT From 40cc7c3f8b1d6fd79a94df942f406b3e1e6c6d14 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Tue, 9 May 2023 03:09:17 +0200 Subject: [PATCH 1082/2573] A1-1-2 A1-1-3: Add `options.qcc` file --- cpp/autosar/test/rules/A1-1-2.1/options.qcc | 1 + cpp/autosar/test/rules/A1-1-2.2/options.qcc | 1 + cpp/autosar/test/rules/A1-1-2.3/options.qcc | 1 + cpp/autosar/test/rules/A1-1-2/options.qcc | 1 + cpp/autosar/test/rules/A1-1-3/options.qcc | 1 + 5 files changed, 5 insertions(+) create mode 100644 cpp/autosar/test/rules/A1-1-2.1/options.qcc create mode 100644 cpp/autosar/test/rules/A1-1-2.2/options.qcc create mode 100644 cpp/autosar/test/rules/A1-1-2.3/options.qcc create mode 100644 cpp/autosar/test/rules/A1-1-2/options.qcc create mode 100644 cpp/autosar/test/rules/A1-1-3/options.qcc diff --git a/cpp/autosar/test/rules/A1-1-2.1/options.qcc b/cpp/autosar/test/rules/A1-1-2.1/options.qcc new file mode 100644 index 0000000000..d88b8ee03d --- /dev/null +++ b/cpp/autosar/test/rules/A1-1-2.1/options.qcc @@ -0,0 +1 @@ +@foo \ No newline at end of file diff --git a/cpp/autosar/test/rules/A1-1-2.2/options.qcc b/cpp/autosar/test/rules/A1-1-2.2/options.qcc new file mode 100644 index 0000000000..7c5542f288 --- /dev/null +++ b/cpp/autosar/test/rules/A1-1-2.2/options.qcc @@ -0,0 +1 @@ +-Wcast-function-type \ No newline at end of file diff --git a/cpp/autosar/test/rules/A1-1-2.3/options.qcc b/cpp/autosar/test/rules/A1-1-2.3/options.qcc new file mode 100644 index 0000000000..b45da65784 --- /dev/null +++ b/cpp/autosar/test/rules/A1-1-2.3/options.qcc @@ -0,0 +1 @@ +-w \ No newline at end of file diff --git a/cpp/autosar/test/rules/A1-1-2/options.qcc b/cpp/autosar/test/rules/A1-1-2/options.qcc new file mode 100644 index 0000000000..16bcca5afe --- /dev/null +++ b/cpp/autosar/test/rules/A1-1-2/options.qcc @@ -0,0 +1 @@ +-Wall \ No newline at end of file diff --git a/cpp/autosar/test/rules/A1-1-3/options.qcc b/cpp/autosar/test/rules/A1-1-3/options.qcc new file mode 100644 index 0000000000..6ca75105ce --- /dev/null +++ b/cpp/autosar/test/rules/A1-1-3/options.qcc @@ -0,0 +1 @@ +-Ofast -ffast-math -fgnu-keywords -fno-signed-zeros -ffinite-math-only -ffloat-store \ No newline at end of file From 712681910b488f9b493a2eb23f1839906ecbc0f1 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Tue, 9 May 2023 03:16:35 +0200 Subject: [PATCH 1083/2573] A16-2-2: modified test and expected file --- .../rules/A16-2-2/UnusedIncludeDirectives.expected.clang | 1 + .../test/rules/A16-2-2/UnusedIncludeDirectives.expected.gcc | 1 + .../test/rules/A16-2-2/UnusedIncludeDirectives.expected.qcc | 1 + cpp/autosar/test/rules/A16-2-2/test.cpp.clang | 6 ++++++ cpp/autosar/test/rules/A16-2-2/test.cpp.gcc | 6 ++++++ cpp/autosar/test/rules/A16-2-2/test.cpp.qcc | 6 ++++++ 6 files changed, 21 insertions(+) create mode 100644 cpp/autosar/test/rules/A16-2-2/UnusedIncludeDirectives.expected.clang create mode 100644 cpp/autosar/test/rules/A16-2-2/UnusedIncludeDirectives.expected.gcc create mode 100644 cpp/autosar/test/rules/A16-2-2/UnusedIncludeDirectives.expected.qcc create mode 100644 cpp/autosar/test/rules/A16-2-2/test.cpp.clang create mode 100644 cpp/autosar/test/rules/A16-2-2/test.cpp.gcc create mode 100644 cpp/autosar/test/rules/A16-2-2/test.cpp.qcc diff --git a/cpp/autosar/test/rules/A16-2-2/UnusedIncludeDirectives.expected.clang b/cpp/autosar/test/rules/A16-2-2/UnusedIncludeDirectives.expected.clang new file mode 100644 index 0000000000..153bf8fa0f --- /dev/null +++ b/cpp/autosar/test/rules/A16-2-2/UnusedIncludeDirectives.expected.clang @@ -0,0 +1 @@ +| test.cpp:1:1:1:19 | #include "test.hpp" | Nothing in this file uses anything from "test.hpp" | diff --git a/cpp/autosar/test/rules/A16-2-2/UnusedIncludeDirectives.expected.gcc b/cpp/autosar/test/rules/A16-2-2/UnusedIncludeDirectives.expected.gcc new file mode 100644 index 0000000000..153bf8fa0f --- /dev/null +++ b/cpp/autosar/test/rules/A16-2-2/UnusedIncludeDirectives.expected.gcc @@ -0,0 +1 @@ +| test.cpp:1:1:1:19 | #include "test.hpp" | Nothing in this file uses anything from "test.hpp" | diff --git a/cpp/autosar/test/rules/A16-2-2/UnusedIncludeDirectives.expected.qcc b/cpp/autosar/test/rules/A16-2-2/UnusedIncludeDirectives.expected.qcc new file mode 100644 index 0000000000..153bf8fa0f --- /dev/null +++ b/cpp/autosar/test/rules/A16-2-2/UnusedIncludeDirectives.expected.qcc @@ -0,0 +1 @@ +| test.cpp:1:1:1:19 | #include "test.hpp" | Nothing in this file uses anything from "test.hpp" | diff --git a/cpp/autosar/test/rules/A16-2-2/test.cpp.clang b/cpp/autosar/test/rules/A16-2-2/test.cpp.clang new file mode 100644 index 0000000000..d34c29c7dc --- /dev/null +++ b/cpp/autosar/test/rules/A16-2-2/test.cpp.clang @@ -0,0 +1,6 @@ +#include "test.hpp" //NON_COMPLIANT +#include //COMPLIANT +#include //COMPLIANT +#include //COMPLIANT + +std::string s = "A string"; \ No newline at end of file diff --git a/cpp/autosar/test/rules/A16-2-2/test.cpp.gcc b/cpp/autosar/test/rules/A16-2-2/test.cpp.gcc new file mode 100644 index 0000000000..d34c29c7dc --- /dev/null +++ b/cpp/autosar/test/rules/A16-2-2/test.cpp.gcc @@ -0,0 +1,6 @@ +#include "test.hpp" //NON_COMPLIANT +#include //COMPLIANT +#include //COMPLIANT +#include //COMPLIANT + +std::string s = "A string"; \ No newline at end of file diff --git a/cpp/autosar/test/rules/A16-2-2/test.cpp.qcc b/cpp/autosar/test/rules/A16-2-2/test.cpp.qcc new file mode 100644 index 0000000000..d34c29c7dc --- /dev/null +++ b/cpp/autosar/test/rules/A16-2-2/test.cpp.qcc @@ -0,0 +1,6 @@ +#include "test.hpp" //NON_COMPLIANT +#include //COMPLIANT +#include //COMPLIANT +#include //COMPLIANT + +std::string s = "A string"; \ No newline at end of file From 069f1f88334e5488a7a381be425fcdd4c0239ff4 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Tue, 9 May 2023 13:50:14 +0200 Subject: [PATCH 1084/2573] Extract StdNS to a library A23-0-1 MSC51-CPP: update expected files --- .../rules/A18-1-2/VectorboolSpecializationUsed.ql | 10 +--------- cpp/autosar/src/rules/A18-1-3/AutoPtrTypeUsed.ql | 8 ++------ ...licitlyConvertedToConstIterator.expected.clang | 14 ++++++++++++++ ...mplicitlyConvertedToConstIterator.expected.gcc | 14 ++++++++++++++ .../BadlySeededRandomNumberGenerator.expected.gcc | 15 +++++++++++++++ cpp/common/src/codingstandards/cpp/Iterators.qll | 10 +--------- .../src/codingstandards/cpp/StdNamespace.qll | 14 ++++++++++++++ 7 files changed, 61 insertions(+), 24 deletions(-) create mode 100644 cpp/autosar/test/rules/A23-0-1/IteratorImplicitlyConvertedToConstIterator.expected.clang create mode 100644 cpp/autosar/test/rules/A23-0-1/IteratorImplicitlyConvertedToConstIterator.expected.gcc create mode 100644 cpp/cert/test/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.expected.gcc create mode 100644 cpp/common/src/codingstandards/cpp/StdNamespace.qll diff --git a/cpp/autosar/src/rules/A18-1-2/VectorboolSpecializationUsed.ql b/cpp/autosar/src/rules/A18-1-2/VectorboolSpecializationUsed.ql index 5dcd2b4f8b..2d94fde98c 100644 --- a/cpp/autosar/src/rules/A18-1-2/VectorboolSpecializationUsed.ql +++ b/cpp/autosar/src/rules/A18-1-2/VectorboolSpecializationUsed.ql @@ -17,15 +17,7 @@ import cpp import codingstandards.cpp.autosar - -class StdNS extends Namespace { - StdNS() { - this instanceof StdNamespace - or - this.isInline() and - this.getParentNamespace() instanceof StdNS - } -} +import codingstandards.cpp.StdNamespace predicate isVectorBool(ClassTemplateInstantiation c) { c.getNamespace() instanceof StdNS and diff --git a/cpp/autosar/src/rules/A18-1-3/AutoPtrTypeUsed.ql b/cpp/autosar/src/rules/A18-1-3/AutoPtrTypeUsed.ql index a109700b1d..4b9d187dc1 100644 --- a/cpp/autosar/src/rules/A18-1-3/AutoPtrTypeUsed.ql +++ b/cpp/autosar/src/rules/A18-1-3/AutoPtrTypeUsed.ql @@ -15,14 +15,10 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.StdNamespace predicate isAutoPtr(ClassTemplateInstantiation c) { - ( - c.getNamespace() instanceof StdNamespace - or - c.getNamespace().isInline() and - c.getNamespace().getParentNamespace() instanceof StdNamespace - ) and + c.getNamespace() instanceof StdNS and c.getSimpleName() = "auto_ptr" } diff --git a/cpp/autosar/test/rules/A23-0-1/IteratorImplicitlyConvertedToConstIterator.expected.clang b/cpp/autosar/test/rules/A23-0-1/IteratorImplicitlyConvertedToConstIterator.expected.clang new file mode 100644 index 0000000000..3d9afbbdae --- /dev/null +++ b/cpp/autosar/test/rules/A23-0-1/IteratorImplicitlyConvertedToConstIterator.expected.clang @@ -0,0 +1,14 @@ +| test.cpp:10:39:10:48 | call to __normal_iterator | Non-const version of container call immediately converted to a `const_iterator`. | +| test.cpp:12:38:12:43 | call to cbegin | Non-const version of container call immediately converted to a `const_iterator`. | +| test.cpp:13:38:13:42 | call to begin | Non-const version of container call immediately converted to a `const_iterator`. | +| test.cpp:15:44:15:49 | call to cbegin | Non-const version of container call immediately converted to a `const_iterator`. | +| test.cpp:16:44:16:48 | call to begin | Non-const version of container call immediately converted to a `const_iterator`. | +| test.cpp:19:41:19:50 | call to _Rb_tree_const_iterator | Non-const version of container call immediately converted to a `const_iterator`. | +| test.cpp:22:47:22:57 | call to _Rb_tree_const_iterator | Non-const version of container call immediately converted to a `const_iterator`. | +| test.cpp:25:8:25:16 | call to __normal_iterator | Non-const version of container call immediately converted to a `const_iterator`. | +| test.cpp:26:10:26:15 | call to cbegin | Non-const version of container call immediately converted to a `const_iterator`. | +| test.cpp:27:10:27:14 | call to begin | Non-const version of container call immediately converted to a `const_iterator`. | +| test.cpp:28:11:28:16 | call to cbegin | Non-const version of container call immediately converted to a `const_iterator`. | +| test.cpp:29:11:29:15 | call to begin | Non-const version of container call immediately converted to a `const_iterator`. | +| test.cpp:31:8:31:16 | call to _Rb_tree_const_iterator | Non-const version of container call immediately converted to a `const_iterator`. | +| test.cpp:33:9:33:18 | call to _Rb_tree_const_iterator | Non-const version of container call immediately converted to a `const_iterator`. | diff --git a/cpp/autosar/test/rules/A23-0-1/IteratorImplicitlyConvertedToConstIterator.expected.gcc b/cpp/autosar/test/rules/A23-0-1/IteratorImplicitlyConvertedToConstIterator.expected.gcc new file mode 100644 index 0000000000..3d9afbbdae --- /dev/null +++ b/cpp/autosar/test/rules/A23-0-1/IteratorImplicitlyConvertedToConstIterator.expected.gcc @@ -0,0 +1,14 @@ +| test.cpp:10:39:10:48 | call to __normal_iterator | Non-const version of container call immediately converted to a `const_iterator`. | +| test.cpp:12:38:12:43 | call to cbegin | Non-const version of container call immediately converted to a `const_iterator`. | +| test.cpp:13:38:13:42 | call to begin | Non-const version of container call immediately converted to a `const_iterator`. | +| test.cpp:15:44:15:49 | call to cbegin | Non-const version of container call immediately converted to a `const_iterator`. | +| test.cpp:16:44:16:48 | call to begin | Non-const version of container call immediately converted to a `const_iterator`. | +| test.cpp:19:41:19:50 | call to _Rb_tree_const_iterator | Non-const version of container call immediately converted to a `const_iterator`. | +| test.cpp:22:47:22:57 | call to _Rb_tree_const_iterator | Non-const version of container call immediately converted to a `const_iterator`. | +| test.cpp:25:8:25:16 | call to __normal_iterator | Non-const version of container call immediately converted to a `const_iterator`. | +| test.cpp:26:10:26:15 | call to cbegin | Non-const version of container call immediately converted to a `const_iterator`. | +| test.cpp:27:10:27:14 | call to begin | Non-const version of container call immediately converted to a `const_iterator`. | +| test.cpp:28:11:28:16 | call to cbegin | Non-const version of container call immediately converted to a `const_iterator`. | +| test.cpp:29:11:29:15 | call to begin | Non-const version of container call immediately converted to a `const_iterator`. | +| test.cpp:31:8:31:16 | call to _Rb_tree_const_iterator | Non-const version of container call immediately converted to a `const_iterator`. | +| test.cpp:33:9:33:18 | call to _Rb_tree_const_iterator | Non-const version of container call immediately converted to a `const_iterator`. | diff --git a/cpp/cert/test/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.expected.gcc b/cpp/cert/test/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.expected.gcc new file mode 100644 index 0000000000..c257c0e6b4 --- /dev/null +++ b/cpp/cert/test/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.expected.gcc @@ -0,0 +1,15 @@ +| test.cpp:9:33:9:33 | call to linear_congruential_engine | Random number generator linear_congruential_engine is default-initialized and is therefore not properly seeded. | +| test.cpp:10:30:10:31 | call to linear_congruential_engine | Random number generator linear_congruential_engine is default-initialized and is therefore not properly seeded. | +| test.cpp:11:21:11:22 | call to linear_congruential_engine | Random number generator linear_congruential_engine is default-initialized and is therefore not properly seeded. | +| test.cpp:12:20:12:21 | call to linear_congruential_engine | Random number generator linear_congruential_engine is default-initialized and is therefore not properly seeded. | +| test.cpp:13:16:13:17 | call to mersenne_twister_engine | Random number generator mersenne_twister_engine is default-initialized and is therefore not properly seeded. | +| test.cpp:14:19:14:20 | call to mersenne_twister_engine | Random number generator mersenne_twister_engine is default-initialized and is therefore not properly seeded. | +| test.cpp:15:22:15:23 | call to subtract_with_carry_engine | Random number generator subtract_with_carry_engine is default-initialized and is therefore not properly seeded. | +| test.cpp:16:22:16:23 | call to subtract_with_carry_engine | Random number generator subtract_with_carry_engine is default-initialized and is therefore not properly seeded. | +| test.cpp:17:17:17:19 | call to discard_block_engine | Random number generator discard_block_engine is default-initialized and is therefore not properly seeded. | +| test.cpp:18:17:18:19 | call to discard_block_engine | Random number generator discard_block_engine is default-initialized and is therefore not properly seeded. | +| test.cpp:19:16:19:18 | call to shuffle_order_engine | Random number generator shuffle_order_engine is default-initialized and is therefore not properly seeded. | +| test.cpp:21:34:22:47 | call to linear_congruential_engine | Random number generator linear_congruential_engine is initialized from std::time and is therefore not properly seeded. | +| test.cpp:23:34:23:36 | call to linear_congruential_engine | Random number generator linear_congruential_engine is is initialized to the constant value 2 and is therefore not properly seeded. | +| test.cpp:29:30:29:35 | default initialization engine of type default_random_engine | Random number generator linear_congruential_engine is default-initialized and is therefore not properly seeded. | +| test.cpp:36:23:36:23 | call to linear_congruential_engine | Random number generator linear_congruential_engine is default-initialized and is therefore not properly seeded. | diff --git a/cpp/common/src/codingstandards/cpp/Iterators.qll b/cpp/common/src/codingstandards/cpp/Iterators.qll index b0e55db33d..72a9909c20 100644 --- a/cpp/common/src/codingstandards/cpp/Iterators.qll +++ b/cpp/common/src/codingstandards/cpp/Iterators.qll @@ -5,15 +5,7 @@ import cpp import semmle.code.cpp.dataflow.DataFlow import semmle.code.cpp.dataflow.TaintTracking - -class StdNS extends Namespace { - StdNS() { - this instanceof StdNamespace - or - this.isInline() and - this.getParentNamespace() instanceof StdNS - } -} +import codingstandards.cpp.StdNamespace abstract class ContainerAccess extends VariableAccess { abstract Variable getOwningContainer(); diff --git a/cpp/common/src/codingstandards/cpp/StdNamespace.qll b/cpp/common/src/codingstandards/cpp/StdNamespace.qll new file mode 100644 index 0000000000..6a6574f262 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/StdNamespace.qll @@ -0,0 +1,14 @@ +import cpp + +/** + * A class that models the `std` namespace and its inline children + * (e.g. `std::_V2` `std::__cxx11` and `std::__1`) + */ +class StdNS extends Namespace { + StdNS() { + this instanceof StdNamespace + or + this.isInline() and + this.getParentNamespace() instanceof StdNS + } +} From 0a7abd6bc0b297d09ae31578595f9a420dfd922a Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Tue, 9 May 2023 13:51:36 +0200 Subject: [PATCH 1085/2573] Use StdNS from library --- cpp/autosar/src/rules/A17-1-1/CStandardLibraryFunctionCalls.ql | 3 ++- .../NonStandardEntitiesInStandardNamespaces.qll | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/src/rules/A17-1-1/CStandardLibraryFunctionCalls.ql b/cpp/autosar/src/rules/A17-1-1/CStandardLibraryFunctionCalls.ql index 77d065f4e5..ce374fa8b1 100644 --- a/cpp/autosar/src/rules/A17-1-1/CStandardLibraryFunctionCalls.ql +++ b/cpp/autosar/src/rules/A17-1-1/CStandardLibraryFunctionCalls.ql @@ -17,6 +17,7 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.Naming +import codingstandards.cpp.StdNamespace FunctionCall nonCompliantCStdlibCalls(File f) { result = @@ -55,7 +56,7 @@ FunctionCall nonCompliantCStdlibCalls(File f) { nq = fc.getNameQualifier() and ( nq.getQualifyingElement() instanceof GlobalNamespace or - nq.getQualifyingElement() instanceof StdNamespace + nq.getQualifyingElement() instanceof StdNS ) ) ) diff --git a/cpp/common/src/codingstandards/cpp/rules/nonstandardentitiesinstandardnamespaces/NonStandardEntitiesInStandardNamespaces.qll b/cpp/common/src/codingstandards/cpp/rules/nonstandardentitiesinstandardnamespaces/NonStandardEntitiesInStandardNamespaces.qll index e411b3afe6..e6b78f98f7 100644 --- a/cpp/common/src/codingstandards/cpp/rules/nonstandardentitiesinstandardnamespaces/NonStandardEntitiesInStandardNamespaces.qll +++ b/cpp/common/src/codingstandards/cpp/rules/nonstandardentitiesinstandardnamespaces/NonStandardEntitiesInStandardNamespaces.qll @@ -5,6 +5,7 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions +import codingstandards.cpp.StdNamespace abstract class NonStandardEntitiesInStandardNamespacesSharedQuery extends Query { } @@ -19,7 +20,7 @@ private class PosixNamespace extends Namespace { private Namespace getStandardNamespace(DeclarationEntry de) { result = de.getDeclaration().getNamespace().getParentNamespace*() and ( - result instanceof StdNamespace + result instanceof StdNS or result instanceof PosixNamespace ) From b86bd5ff252079a696517bb75cd2fb9f1b92760d Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Tue, 9 May 2023 20:15:00 +0200 Subject: [PATCH 1086/2573] STR53-CPP: add string constructor --- .../ContainerAccessWithoutRangeCheck.qll | 20 ++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.qll b/cpp/common/src/codingstandards/cpp/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.qll index 2c8dda2cbf..fa21877b88 100644 --- a/cpp/common/src/codingstandards/cpp/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.qll +++ b/cpp/common/src/codingstandards/cpp/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.qll @@ -179,17 +179,27 @@ class StringContainerConstructorCall extends ContainerConstructorCall { c.getNumberOfParameters() = 0 and result = 0 or - // from c-string constructor - c.getNumberOfParameters() = 2 and + // from c-string constructors + c.getNumberOfParameters() = 1 and c.getParameter(0).getType() = stringInstantiation.getValueType() and - c.getParameter(1).getType() = stringInstantiation.getConstAllocatorReferenceType() and result = getArgument(0).getValue().length() or - // from c-string copy constructor - c.getNumberOfParameters() = 1 and + c.getNumberOfParameters() = 2 and c.getParameter(0).getType() = stringInstantiation.getValueType() and + c.getParameter(1).getType() = stringInstantiation.getSizeType() and + result = getArgument(1).getValue().toFloat() + or + c.getNumberOfParameters() = 2 and + c.getParameter(0).getType() = stringInstantiation.getSizeType() and + c.getParameter(1).getType() = stringInstantiation.getCharT() and + result = getArgument(0).getValue().toFloat() + or + c.getNumberOfParameters() = 2 and + c.getParameter(0).getType() = stringInstantiation.getValueType() and + c.getParameter(1).getType() = stringInstantiation.getConstAllocatorReferenceType() and result = getArgument(0).getValue().length() or + // Lower bound of an explicit size argument result = lowerBound(getInitialContainerSizeExpr().getFullyConverted()) } From 707f1680b81e9765c4128891d53d6e9a650e3c8f Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Tue, 9 May 2023 20:19:23 +0200 Subject: [PATCH 1087/2573] Fix formatting --- .../ContainerAccessWithoutRangeCheck.qll | 1 - 1 file changed, 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.qll b/cpp/common/src/codingstandards/cpp/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.qll index fa21877b88..8c5dbe05ea 100644 --- a/cpp/common/src/codingstandards/cpp/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.qll +++ b/cpp/common/src/codingstandards/cpp/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.qll @@ -199,7 +199,6 @@ class StringContainerConstructorCall extends ContainerConstructorCall { c.getParameter(1).getType() = stringInstantiation.getConstAllocatorReferenceType() and result = getArgument(0).getValue().length() or - // Lower bound of an explicit size argument result = lowerBound(getInitialContainerSizeExpr().getFullyConverted()) } From 14f0f354e4a536002db18656438deb3c5a2550d1 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Tue, 9 May 2023 23:53:43 +0200 Subject: [PATCH 1088/2573] Update M18-2-1 .expected file --- cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.qcc.expected | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.qcc.expected b/cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.qcc.expected index 88647b9f36..f09fafd410 100644 --- a/cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.qcc.expected +++ b/cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.qcc.expected @@ -1 +1 @@ -| test.cpp:9:32:9:51 | offsetof(t,d) | Use of banned macro offsetof. | +| test.cpp:9:32:9:51 | offsetof(__typ,__id) | Use of banned macro offsetof. | From e34f38227abcfd6f14def5eb3fa05f0578973951 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 10 May 2023 00:06:56 +0200 Subject: [PATCH 1089/2573] matrix testing mutex --- scripts/matrix_testing/CreateMatrixTestReport.ps1 | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/scripts/matrix_testing/CreateMatrixTestReport.ps1 b/scripts/matrix_testing/CreateMatrixTestReport.ps1 index d80e87e426..0cf48ac36c 100644 --- a/scripts/matrix_testing/CreateMatrixTestReport.ps1 +++ b/scripts/matrix_testing/CreateMatrixTestReport.ps1 @@ -299,6 +299,11 @@ $jobRows = $queriesToCheck | ForEach-Object -ThrottleLimit $NumThreads -Parallel foreach($testDirectory in $testDirs){ + Write-Host "Acquiring lock for $testDirectory" + $Mutex = New-Object -TypeName System.Threading.Mutex -ArgumentList $false, ("__Matrix_" + $testDirectory.Replace([IO.Path]::DirectorySeparatorChar,"_")); + $Mutex.WaitOne() | Out-Null; + Write-Host "Locked $testDirectory" + # for the report $row = @{ "SUITE" = $CurrentSuiteName; @@ -412,6 +417,8 @@ $jobRows = $queriesToCheck | ForEach-Object -ThrottleLimit $NumThreads -Parallel # output current row state $row + # release any held mutexes + $Mutex.ReleaseMutex(); ########################################################### ########################################################### @@ -449,4 +456,4 @@ if (-not $SkipSummaryReport){ # write out a summary Write-Host "Writing summary report to $summaryReportOutputFile" Create-Summary-Report -DataFile $reportOutputFile -OutputFile $summaryReportOutputFile -} \ No newline at end of file +} From 2847322bfe78ef3c66ed73c8d4757b093c4dcaba Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 10 May 2023 17:00:46 +0200 Subject: [PATCH 1090/2573] Fix expected files names --- ...d => ExceptionsThrownAcrossExecutionBoundaries.expected.clang} | 0 ...ted => ExceptionsThrownAcrossExecutionBoundaries.expected.gcc} | 0 ...ted => ExceptionsThrownAcrossExecutionBoundaries.expected.qcc} | 0 ...roOffsetofUsed.gcc.expected => MacroOffsetofUsed.expected.gcc} | 0 ...roOffsetofUsed.qcc.expected => MacroOffsetofUsed.expected.qcc} | 0 ...DoNotThrowAnExceptionAcrossExecutionBoundaries.expected.clang} | 0 ...> DoNotThrowAnExceptionAcrossExecutionBoundaries.expected.gcc} | 0 ...> DoNotThrowAnExceptionAcrossExecutionBoundaries.expected.qcc} | 0 8 files changed, 0 insertions(+), 0 deletions(-) rename cpp/autosar/test/rules/A15-1-5/{ExceptionsThrownAcrossExecutionBoundaries.clang.expected => ExceptionsThrownAcrossExecutionBoundaries.expected.clang} (100%) rename cpp/autosar/test/rules/A15-1-5/{ExceptionsThrownAcrossExecutionBoundaries.gcc.expected => ExceptionsThrownAcrossExecutionBoundaries.expected.gcc} (100%) rename cpp/autosar/test/rules/A15-1-5/{ExceptionsThrownAcrossExecutionBoundaries.qcc.expected => ExceptionsThrownAcrossExecutionBoundaries.expected.qcc} (100%) rename cpp/autosar/test/rules/M18-2-1/{MacroOffsetofUsed.gcc.expected => MacroOffsetofUsed.expected.gcc} (100%) rename cpp/autosar/test/rules/M18-2-1/{MacroOffsetofUsed.qcc.expected => MacroOffsetofUsed.expected.qcc} (100%) rename cpp/cert/test/rules/ERR59-CPP/{DoNotThrowAnExceptionAcrossExecutionBoundaries.clang.expected => DoNotThrowAnExceptionAcrossExecutionBoundaries.expected.clang} (100%) rename cpp/cert/test/rules/ERR59-CPP/{DoNotThrowAnExceptionAcrossExecutionBoundaries.gcc.expected => DoNotThrowAnExceptionAcrossExecutionBoundaries.expected.gcc} (100%) rename cpp/cert/test/rules/ERR59-CPP/{DoNotThrowAnExceptionAcrossExecutionBoundaries.qcc.expected => DoNotThrowAnExceptionAcrossExecutionBoundaries.expected.qcc} (100%) diff --git a/cpp/autosar/test/rules/A15-1-5/ExceptionsThrownAcrossExecutionBoundaries.clang.expected b/cpp/autosar/test/rules/A15-1-5/ExceptionsThrownAcrossExecutionBoundaries.expected.clang similarity index 100% rename from cpp/autosar/test/rules/A15-1-5/ExceptionsThrownAcrossExecutionBoundaries.clang.expected rename to cpp/autosar/test/rules/A15-1-5/ExceptionsThrownAcrossExecutionBoundaries.expected.clang diff --git a/cpp/autosar/test/rules/A15-1-5/ExceptionsThrownAcrossExecutionBoundaries.gcc.expected b/cpp/autosar/test/rules/A15-1-5/ExceptionsThrownAcrossExecutionBoundaries.expected.gcc similarity index 100% rename from cpp/autosar/test/rules/A15-1-5/ExceptionsThrownAcrossExecutionBoundaries.gcc.expected rename to cpp/autosar/test/rules/A15-1-5/ExceptionsThrownAcrossExecutionBoundaries.expected.gcc diff --git a/cpp/autosar/test/rules/A15-1-5/ExceptionsThrownAcrossExecutionBoundaries.qcc.expected b/cpp/autosar/test/rules/A15-1-5/ExceptionsThrownAcrossExecutionBoundaries.expected.qcc similarity index 100% rename from cpp/autosar/test/rules/A15-1-5/ExceptionsThrownAcrossExecutionBoundaries.qcc.expected rename to cpp/autosar/test/rules/A15-1-5/ExceptionsThrownAcrossExecutionBoundaries.expected.qcc diff --git a/cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.gcc.expected b/cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.expected.gcc similarity index 100% rename from cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.gcc.expected rename to cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.expected.gcc diff --git a/cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.qcc.expected b/cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.expected.qcc similarity index 100% rename from cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.qcc.expected rename to cpp/autosar/test/rules/M18-2-1/MacroOffsetofUsed.expected.qcc diff --git a/cpp/cert/test/rules/ERR59-CPP/DoNotThrowAnExceptionAcrossExecutionBoundaries.clang.expected b/cpp/cert/test/rules/ERR59-CPP/DoNotThrowAnExceptionAcrossExecutionBoundaries.expected.clang similarity index 100% rename from cpp/cert/test/rules/ERR59-CPP/DoNotThrowAnExceptionAcrossExecutionBoundaries.clang.expected rename to cpp/cert/test/rules/ERR59-CPP/DoNotThrowAnExceptionAcrossExecutionBoundaries.expected.clang diff --git a/cpp/cert/test/rules/ERR59-CPP/DoNotThrowAnExceptionAcrossExecutionBoundaries.gcc.expected b/cpp/cert/test/rules/ERR59-CPP/DoNotThrowAnExceptionAcrossExecutionBoundaries.expected.gcc similarity index 100% rename from cpp/cert/test/rules/ERR59-CPP/DoNotThrowAnExceptionAcrossExecutionBoundaries.gcc.expected rename to cpp/cert/test/rules/ERR59-CPP/DoNotThrowAnExceptionAcrossExecutionBoundaries.expected.gcc diff --git a/cpp/cert/test/rules/ERR59-CPP/DoNotThrowAnExceptionAcrossExecutionBoundaries.qcc.expected b/cpp/cert/test/rules/ERR59-CPP/DoNotThrowAnExceptionAcrossExecutionBoundaries.expected.qcc similarity index 100% rename from cpp/cert/test/rules/ERR59-CPP/DoNotThrowAnExceptionAcrossExecutionBoundaries.qcc.expected rename to cpp/cert/test/rules/ERR59-CPP/DoNotThrowAnExceptionAcrossExecutionBoundaries.expected.qcc From 628c21595a2fc9c4d9274b385ddb43f956ac4522 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 10 May 2023 18:08:37 +0200 Subject: [PATCH 1091/2573] A18-9-1: Use shared library `StdNamespace` --- cpp/autosar/src/rules/A18-9-1/BindUsed.ql | 9 ++++----- cpp/autosar/test/rules/A18-9-1/BindUsed.expected | 6 +++--- cpp/autosar/test/rules/A18-9-1/BindUsed.expected.qcc | 3 --- 3 files changed, 7 insertions(+), 11 deletions(-) delete mode 100644 cpp/autosar/test/rules/A18-9-1/BindUsed.expected.qcc diff --git a/cpp/autosar/src/rules/A18-9-1/BindUsed.ql b/cpp/autosar/src/rules/A18-9-1/BindUsed.ql index 1c2f9b0351..9f594f1ed3 100644 --- a/cpp/autosar/src/rules/A18-9-1/BindUsed.ql +++ b/cpp/autosar/src/rules/A18-9-1/BindUsed.ql @@ -15,16 +15,15 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.StdNamespace predicate isBind(FunctionCall fc) { - fc.getTarget().getQualifiedName() in [ - ["std::bind", "std::bind1st", "std::bind2nd",], - ["std::__1::bind", "std::__1::bind1st", "std::__1::bind2nd"] - ] + fc.getTarget().getNamespace() instanceof StdNS and + fc.getTarget().getName() in ["bind", "bind1st", "bind2nd"] } from FunctionCall fc where isBind(fc) and not isExcluded(fc, BannedFunctionsPackage::bindUsedQuery()) -select fc, "Prefer lambdas to using " + fc.getTarget().getQualifiedName() + "." +select fc, "Prefer lambdas to using `" + fc.getTarget().getName() + "`." diff --git a/cpp/autosar/test/rules/A18-9-1/BindUsed.expected b/cpp/autosar/test/rules/A18-9-1/BindUsed.expected index 7f936853ae..2db33a6fed 100644 --- a/cpp/autosar/test/rules/A18-9-1/BindUsed.expected +++ b/cpp/autosar/test/rules/A18-9-1/BindUsed.expected @@ -1,3 +1,3 @@ -| test.cpp:9:13:9:21 | call to bind | Prefer lambdas to using std::bind. | -| test.cpp:10:13:10:24 | call to bind1st | Prefer lambdas to using std::bind1st. | -| test.cpp:11:13:11:24 | call to bind2nd | Prefer lambdas to using std::bind2nd. | +| test.cpp:9:13:9:21 | call to bind | Prefer lambdas to using `bind`. | +| test.cpp:10:13:10:24 | call to bind1st | Prefer lambdas to using `bind1st`. | +| test.cpp:11:13:11:24 | call to bind2nd | Prefer lambdas to using `bind2nd`. | diff --git a/cpp/autosar/test/rules/A18-9-1/BindUsed.expected.qcc b/cpp/autosar/test/rules/A18-9-1/BindUsed.expected.qcc deleted file mode 100644 index b4b9913aa7..0000000000 --- a/cpp/autosar/test/rules/A18-9-1/BindUsed.expected.qcc +++ /dev/null @@ -1,3 +0,0 @@ -| test.cpp:9:13:9:21 | call to bind | Prefer lambdas to using std::__1::bind. | -| test.cpp:10:13:10:24 | call to bind1st | Prefer lambdas to using std::__1::bind1st. | -| test.cpp:11:13:11:24 | call to bind2nd | Prefer lambdas to using std::__1::bind2nd. | \ No newline at end of file From a5111bb1feaf2362db1b673a6145c1ced2f25b88 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 11 May 2023 01:22:46 +0200 Subject: [PATCH 1092/2573] A1-1-3: typo in flag name --- .vscode/settings.json | 19 +++++++++++++++++++ ...ionMustBeDisabledInCompiler.expected.clang | 1 + ...ptionMustBeDisabledInCompiler.expected.gcc | 1 + ...ptionMustBeDisabledInCompiler.expected.qcc | 6 ++++++ cpp/autosar/test/rules/A1-1-3/options.clang | 2 +- cpp/autosar/test/rules/A1-1-3/options.gcc | 2 +- cpp/autosar/test/rules/A1-1-3/options.qcc | 2 +- scripts/build_test_database.py | 4 ++-- 8 files changed, 32 insertions(+), 5 deletions(-) create mode 100644 .vscode/settings.json create mode 100644 cpp/autosar/test/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.expected.qcc diff --git a/.vscode/settings.json b/.vscode/settings.json new file mode 100644 index 0000000000..e2ff6f4800 --- /dev/null +++ b/.vscode/settings.json @@ -0,0 +1,19 @@ +{ + "sarif-viewer.connectToGithubCodeScanning": "off", + "codeQL.cli.executablePath": "/Users/mauro/GitHub/coding-standards/codeql-bundle-20220908/codeql", + "codeQL.runningQueries.numberOfThreads": 0, + "codeQL.runningTests.numberOfThreads": 0, + "codeQL.runningQueries.debug": true, + "files.associations": { + "*.jq": "json", + "*.py": "python", + "*.expected": "csv (pipe)", + "*.actual": "csv (pipe)", + "*.qls": "yaml", + "*.qcc": "cpp", + "*.gcc": "cpp", + "iosfwd": "cpp", + "fstream": "cpp", + "iostream": "cpp" + } +} \ No newline at end of file diff --git a/cpp/autosar/test/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.expected.clang b/cpp/autosar/test/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.expected.clang index 93e1ea2c82..e754817600 100644 --- a/cpp/autosar/test/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.expected.clang +++ b/cpp/autosar/test/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.expected.clang @@ -3,3 +3,4 @@ | test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-ffinite-math-only'. | | test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-ffloat-store'. | | test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-fgnu-keywords'. | +| test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-fno-signed-zeroes'. | diff --git a/cpp/autosar/test/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.expected.gcc b/cpp/autosar/test/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.expected.gcc index 93e1ea2c82..e754817600 100644 --- a/cpp/autosar/test/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.expected.gcc +++ b/cpp/autosar/test/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.expected.gcc @@ -3,3 +3,4 @@ | test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-ffinite-math-only'. | | test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-ffloat-store'. | | test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-fgnu-keywords'. | +| test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-fno-signed-zeroes'. | diff --git a/cpp/autosar/test/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.expected.qcc b/cpp/autosar/test/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.expected.qcc new file mode 100644 index 0000000000..e754817600 --- /dev/null +++ b/cpp/autosar/test/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.expected.qcc @@ -0,0 +1,6 @@ +| test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-Ofast'. | +| test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-ffast-math'. | +| test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-ffinite-math-only'. | +| test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-ffloat-store'. | +| test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-fgnu-keywords'. | +| test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-fno-signed-zeroes'. | diff --git a/cpp/autosar/test/rules/A1-1-3/options.clang b/cpp/autosar/test/rules/A1-1-3/options.clang index 6ca75105ce..3be490e70d 100644 --- a/cpp/autosar/test/rules/A1-1-3/options.clang +++ b/cpp/autosar/test/rules/A1-1-3/options.clang @@ -1 +1 @@ --Ofast -ffast-math -fgnu-keywords -fno-signed-zeros -ffinite-math-only -ffloat-store \ No newline at end of file +-Ofast -ffast-math -fgnu-keywords -fno-signed-zeroes -ffinite-math-only -ffloat-store \ No newline at end of file diff --git a/cpp/autosar/test/rules/A1-1-3/options.gcc b/cpp/autosar/test/rules/A1-1-3/options.gcc index 6ca75105ce..3be490e70d 100644 --- a/cpp/autosar/test/rules/A1-1-3/options.gcc +++ b/cpp/autosar/test/rules/A1-1-3/options.gcc @@ -1 +1 @@ --Ofast -ffast-math -fgnu-keywords -fno-signed-zeros -ffinite-math-only -ffloat-store \ No newline at end of file +-Ofast -ffast-math -fgnu-keywords -fno-signed-zeroes -ffinite-math-only -ffloat-store \ No newline at end of file diff --git a/cpp/autosar/test/rules/A1-1-3/options.qcc b/cpp/autosar/test/rules/A1-1-3/options.qcc index 6ca75105ce..3be490e70d 100644 --- a/cpp/autosar/test/rules/A1-1-3/options.qcc +++ b/cpp/autosar/test/rules/A1-1-3/options.qcc @@ -1 +1 @@ --Ofast -ffast-math -fgnu-keywords -fno-signed-zeros -ffinite-math-only -ffloat-store \ No newline at end of file +-Ofast -ffast-math -fgnu-keywords -fno-signed-zeroes -ffinite-math-only -ffloat-store \ No newline at end of file diff --git a/scripts/build_test_database.py b/scripts/build_test_database.py index 3f8acde999..d8876691a8 100644 --- a/scripts/build_test_database.py +++ b/scripts/build_test_database.py @@ -47,7 +47,7 @@ exit(1) # get the codeql version -res = subprocess.run(['codeql', 'version', '--format', 'json'], stdout=subprocess.PIPE) +res = subprocess.run(['/Users/mauro/GitHub/coding-standards/codeql-bundle-20220908/codeql', 'version', '--format', 'json'], stdout=subprocess.PIPE) res_json = json.loads(res.stdout) CODEQL_VERSION=res_json["version"] @@ -67,4 +67,4 @@ while os.path.exists(f"databases/{RULE}+{ITERATION}@{CODEQL_VERSION}"): ITERATION = ITERATION + 1 -os.system(f"codeql database create -l cpp -s {LANGUAGE}/{STANDARD}/test/rules/{RULE} --command=\"{BUILD_COMMAND}\" databases/{RULE}+{ITERATION}@{CODEQL_VERSION}") +os.system(f"/Users/mauro/GitHub/coding-standards/codeql-bundle-20220908/codeql database create -l cpp -s {LANGUAGE}/{STANDARD}/test/rules/{RULE} --command=\"{BUILD_COMMAND}\" databases/{RULE}+{ITERATION}@{CODEQL_VERSION}") From f33150fbf602029276b0322198410e862191ab1c Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 11 May 2023 01:51:51 +0200 Subject: [PATCH 1093/2573] A0-4-3: add `options` file --- ...ilerImplementationShallComplyWithCPP14Standard.expected.clang | 1 + ...mpilerImplementationShallComplyWithCPP14Standard.expected.gcc | 1 + cpp/autosar/test/rules/A0-4-3/options.clang | 1 + cpp/autosar/test/rules/A0-4-3/options.gcc | 1 + 4 files changed, 4 insertions(+) create mode 100644 cpp/autosar/test/rules/A0-4-3/CompilerImplementationShallComplyWithCPP14Standard.expected.clang create mode 100644 cpp/autosar/test/rules/A0-4-3/CompilerImplementationShallComplyWithCPP14Standard.expected.gcc create mode 100644 cpp/autosar/test/rules/A0-4-3/options.clang create mode 100644 cpp/autosar/test/rules/A0-4-3/options.gcc diff --git a/cpp/autosar/test/rules/A0-4-3/CompilerImplementationShallComplyWithCPP14Standard.expected.clang b/cpp/autosar/test/rules/A0-4-3/CompilerImplementationShallComplyWithCPP14Standard.expected.clang new file mode 100644 index 0000000000..894b160979 --- /dev/null +++ b/cpp/autosar/test/rules/A0-4-3/CompilerImplementationShallComplyWithCPP14Standard.expected.clang @@ -0,0 +1 @@ +| test.cpp:0:0:0:0 | test.cpp | File 'test.cpp' compiled with flag '-std=gnu++14' which does not strictly comply with ISO C++14. | diff --git a/cpp/autosar/test/rules/A0-4-3/CompilerImplementationShallComplyWithCPP14Standard.expected.gcc b/cpp/autosar/test/rules/A0-4-3/CompilerImplementationShallComplyWithCPP14Standard.expected.gcc new file mode 100644 index 0000000000..894b160979 --- /dev/null +++ b/cpp/autosar/test/rules/A0-4-3/CompilerImplementationShallComplyWithCPP14Standard.expected.gcc @@ -0,0 +1 @@ +| test.cpp:0:0:0:0 | test.cpp | File 'test.cpp' compiled with flag '-std=gnu++14' which does not strictly comply with ISO C++14. | diff --git a/cpp/autosar/test/rules/A0-4-3/options.clang b/cpp/autosar/test/rules/A0-4-3/options.clang new file mode 100644 index 0000000000..0fd3902c30 --- /dev/null +++ b/cpp/autosar/test/rules/A0-4-3/options.clang @@ -0,0 +1 @@ +-std=gnu++14 \ No newline at end of file diff --git a/cpp/autosar/test/rules/A0-4-3/options.gcc b/cpp/autosar/test/rules/A0-4-3/options.gcc new file mode 100644 index 0000000000..0fd3902c30 --- /dev/null +++ b/cpp/autosar/test/rules/A0-4-3/options.gcc @@ -0,0 +1 @@ +-std=gnu++14 \ No newline at end of file From f4b9f29b5552b82d30dfd3530e6ac3648c3c4d11 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 11 May 2023 02:23:16 +0200 Subject: [PATCH 1094/2573] Fix options files --- ...pilerImplementationShallComplyWithCPP14Standard.expected.qcc | 2 +- cpp/autosar/test/rules/A0-4-3/options.qcc | 1 + ...compliantOptimizationOptionMustBeDisabledInCompiler.expected | 2 +- ...antOptimizationOptionMustBeDisabledInCompiler.expected.clang | 2 +- ...liantOptimizationOptionMustBeDisabledInCompiler.expected.gcc | 2 +- ...liantOptimizationOptionMustBeDisabledInCompiler.expected.qcc | 2 +- cpp/autosar/test/rules/A1-1-3/options.clang | 2 +- cpp/autosar/test/rules/A1-1-3/options.gcc | 2 +- cpp/autosar/test/rules/A1-1-3/options.qcc | 2 +- cpp/autosar/test/rules/A1-1-3/test.cpp | 2 +- 10 files changed, 10 insertions(+), 9 deletions(-) create mode 100644 cpp/autosar/test/rules/A0-4-3/options.qcc diff --git a/cpp/autosar/test/rules/A0-4-3/CompilerImplementationShallComplyWithCPP14Standard.expected.qcc b/cpp/autosar/test/rules/A0-4-3/CompilerImplementationShallComplyWithCPP14Standard.expected.qcc index 44131d5ea4..894b160979 100644 --- a/cpp/autosar/test/rules/A0-4-3/CompilerImplementationShallComplyWithCPP14Standard.expected.qcc +++ b/cpp/autosar/test/rules/A0-4-3/CompilerImplementationShallComplyWithCPP14Standard.expected.qcc @@ -1 +1 @@ -| test.cpp:0:0:0:0 | test.cpp | File 'test.cpp' compiled with flag '-std=gnu++11' which does not strictly comply with ISO C++14. | +| test.cpp:0:0:0:0 | test.cpp | File 'test.cpp' compiled with flag '-std=gnu++14' which does not strictly comply with ISO C++14. | diff --git a/cpp/autosar/test/rules/A0-4-3/options.qcc b/cpp/autosar/test/rules/A0-4-3/options.qcc new file mode 100644 index 0000000000..0fd3902c30 --- /dev/null +++ b/cpp/autosar/test/rules/A0-4-3/options.qcc @@ -0,0 +1 @@ +-std=gnu++14 \ No newline at end of file diff --git a/cpp/autosar/test/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.expected b/cpp/autosar/test/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.expected index f07f2d298c..0105f717e6 100644 --- a/cpp/autosar/test/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.expected +++ b/cpp/autosar/test/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.expected @@ -3,7 +3,7 @@ | test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-ffinite-math-only'. | | test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-ffloat-store'. | | test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-fgnu-keywords'. | -| test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-fno-signed-zeroes'. | +| test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-fno-signed-zeros'. | | test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-menable-no-infs'. | | test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-menable-no-nans'. | | test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-menable-unsafe-fp-math'. | diff --git a/cpp/autosar/test/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.expected.clang b/cpp/autosar/test/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.expected.clang index e754817600..c3fea7cbba 100644 --- a/cpp/autosar/test/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.expected.clang +++ b/cpp/autosar/test/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.expected.clang @@ -3,4 +3,4 @@ | test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-ffinite-math-only'. | | test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-ffloat-store'. | | test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-fgnu-keywords'. | -| test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-fno-signed-zeroes'. | +| test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-fno-signed-zeros'. | diff --git a/cpp/autosar/test/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.expected.gcc b/cpp/autosar/test/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.expected.gcc index e754817600..c3fea7cbba 100644 --- a/cpp/autosar/test/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.expected.gcc +++ b/cpp/autosar/test/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.expected.gcc @@ -3,4 +3,4 @@ | test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-ffinite-math-only'. | | test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-ffloat-store'. | | test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-fgnu-keywords'. | -| test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-fno-signed-zeroes'. | +| test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-fno-signed-zeros'. | diff --git a/cpp/autosar/test/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.expected.qcc b/cpp/autosar/test/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.expected.qcc index e754817600..c3fea7cbba 100644 --- a/cpp/autosar/test/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.expected.qcc +++ b/cpp/autosar/test/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.expected.qcc @@ -3,4 +3,4 @@ | test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-ffinite-math-only'. | | test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-ffloat-store'. | | test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-fgnu-keywords'. | -| test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-fno-signed-zeroes'. | +| test.cpp:0:0:0:0 | test.cpp | File compiled with uncompliant optimization flag '-fno-signed-zeros'. | diff --git a/cpp/autosar/test/rules/A1-1-3/options.clang b/cpp/autosar/test/rules/A1-1-3/options.clang index 3be490e70d..6ca75105ce 100644 --- a/cpp/autosar/test/rules/A1-1-3/options.clang +++ b/cpp/autosar/test/rules/A1-1-3/options.clang @@ -1 +1 @@ --Ofast -ffast-math -fgnu-keywords -fno-signed-zeroes -ffinite-math-only -ffloat-store \ No newline at end of file +-Ofast -ffast-math -fgnu-keywords -fno-signed-zeros -ffinite-math-only -ffloat-store \ No newline at end of file diff --git a/cpp/autosar/test/rules/A1-1-3/options.gcc b/cpp/autosar/test/rules/A1-1-3/options.gcc index 3be490e70d..6ca75105ce 100644 --- a/cpp/autosar/test/rules/A1-1-3/options.gcc +++ b/cpp/autosar/test/rules/A1-1-3/options.gcc @@ -1 +1 @@ --Ofast -ffast-math -fgnu-keywords -fno-signed-zeroes -ffinite-math-only -ffloat-store \ No newline at end of file +-Ofast -ffast-math -fgnu-keywords -fno-signed-zeros -ffinite-math-only -ffloat-store \ No newline at end of file diff --git a/cpp/autosar/test/rules/A1-1-3/options.qcc b/cpp/autosar/test/rules/A1-1-3/options.qcc index 3be490e70d..6ca75105ce 100644 --- a/cpp/autosar/test/rules/A1-1-3/options.qcc +++ b/cpp/autosar/test/rules/A1-1-3/options.qcc @@ -1 +1 @@ --Ofast -ffast-math -fgnu-keywords -fno-signed-zeroes -ffinite-math-only -ffloat-store \ No newline at end of file +-Ofast -ffast-math -fgnu-keywords -fno-signed-zeros -ffinite-math-only -ffloat-store \ No newline at end of file diff --git a/cpp/autosar/test/rules/A1-1-3/test.cpp b/cpp/autosar/test/rules/A1-1-3/test.cpp index 1b30f476e9..eff0b1272f 100644 --- a/cpp/autosar/test/rules/A1-1-3/test.cpp +++ b/cpp/autosar/test/rules/A1-1-3/test.cpp @@ -1,3 +1,3 @@ // clang-format off -// semmle-extractor-options:-Ofast -ffast-math -fgnu-keywords -fno-signed-zeroes -menable-unsafe-fp-math -menable-no-nans -menable-no-infs -menable-unsafe-fp-math -ffinite-math-only -ffloat-store +// semmle-extractor-options:-Ofast -ffast-math -fgnu-keywords -fno-signed-zeros -menable-unsafe-fp-math -menable-no-nans -menable-no-infs -menable-unsafe-fp-math -ffinite-math-only -ffloat-store // NON_COMPLIANT \ No newline at end of file From b15e5718d166e9c53d21419378837ed11adb8fe1 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 11 May 2023 02:24:56 +0200 Subject: [PATCH 1095/2573] Fix options files --- .../UncompliantOptimizationOptionMustBeDisabledInCompiler.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/autosar/src/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.ql b/cpp/autosar/src/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.ql index 3d8fda8926..37807e0f4c 100644 --- a/cpp/autosar/src/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.ql +++ b/cpp/autosar/src/rules/A1-1-3/UncompliantOptimizationOptionMustBeDisabledInCompiler.ql @@ -26,7 +26,7 @@ where c.getAnArgument() = flag and flag = [ - "-Ofast", "-ffast-math", "-fgnu-keywords", "-fno-signed-zeroes", "-fno-signed-zeros", "-menable-unsafe-fp-math", + "-Ofast", "-ffast-math", "-fgnu-keywords", "-fno-signed-zeros", "-menable-unsafe-fp-math", "-menable-no-nans", "-menable-no-infs", "-menable-unsafe-fp-math", "-ffinite-math-only", "-ffloat-store" ] From d099122265c7b62e59d55d43ec43ef790ca0055b Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 11 May 2023 22:30:29 +0200 Subject: [PATCH 1096/2573] A0-4-3 expected file --- ...lerImplementationShallComplyWithCPP14Standard.expected.clang | 1 - ...pilerImplementationShallComplyWithCPP14Standard.expected.gcc | 1 - ...pilerImplementationShallComplyWithCPP14Standard.expected.qcc | 2 +- cpp/autosar/test/rules/A0-4-3/options.clang | 1 - cpp/autosar/test/rules/A0-4-3/options.gcc | 1 - 5 files changed, 1 insertion(+), 5 deletions(-) delete mode 100644 cpp/autosar/test/rules/A0-4-3/CompilerImplementationShallComplyWithCPP14Standard.expected.clang delete mode 100644 cpp/autosar/test/rules/A0-4-3/CompilerImplementationShallComplyWithCPP14Standard.expected.gcc delete mode 100644 cpp/autosar/test/rules/A0-4-3/options.clang delete mode 100644 cpp/autosar/test/rules/A0-4-3/options.gcc diff --git a/cpp/autosar/test/rules/A0-4-3/CompilerImplementationShallComplyWithCPP14Standard.expected.clang b/cpp/autosar/test/rules/A0-4-3/CompilerImplementationShallComplyWithCPP14Standard.expected.clang deleted file mode 100644 index 894b160979..0000000000 --- a/cpp/autosar/test/rules/A0-4-3/CompilerImplementationShallComplyWithCPP14Standard.expected.clang +++ /dev/null @@ -1 +0,0 @@ -| test.cpp:0:0:0:0 | test.cpp | File 'test.cpp' compiled with flag '-std=gnu++14' which does not strictly comply with ISO C++14. | diff --git a/cpp/autosar/test/rules/A0-4-3/CompilerImplementationShallComplyWithCPP14Standard.expected.gcc b/cpp/autosar/test/rules/A0-4-3/CompilerImplementationShallComplyWithCPP14Standard.expected.gcc deleted file mode 100644 index 894b160979..0000000000 --- a/cpp/autosar/test/rules/A0-4-3/CompilerImplementationShallComplyWithCPP14Standard.expected.gcc +++ /dev/null @@ -1 +0,0 @@ -| test.cpp:0:0:0:0 | test.cpp | File 'test.cpp' compiled with flag '-std=gnu++14' which does not strictly comply with ISO C++14. | diff --git a/cpp/autosar/test/rules/A0-4-3/CompilerImplementationShallComplyWithCPP14Standard.expected.qcc b/cpp/autosar/test/rules/A0-4-3/CompilerImplementationShallComplyWithCPP14Standard.expected.qcc index 894b160979..44131d5ea4 100644 --- a/cpp/autosar/test/rules/A0-4-3/CompilerImplementationShallComplyWithCPP14Standard.expected.qcc +++ b/cpp/autosar/test/rules/A0-4-3/CompilerImplementationShallComplyWithCPP14Standard.expected.qcc @@ -1 +1 @@ -| test.cpp:0:0:0:0 | test.cpp | File 'test.cpp' compiled with flag '-std=gnu++14' which does not strictly comply with ISO C++14. | +| test.cpp:0:0:0:0 | test.cpp | File 'test.cpp' compiled with flag '-std=gnu++11' which does not strictly comply with ISO C++14. | diff --git a/cpp/autosar/test/rules/A0-4-3/options.clang b/cpp/autosar/test/rules/A0-4-3/options.clang deleted file mode 100644 index 0fd3902c30..0000000000 --- a/cpp/autosar/test/rules/A0-4-3/options.clang +++ /dev/null @@ -1 +0,0 @@ --std=gnu++14 \ No newline at end of file diff --git a/cpp/autosar/test/rules/A0-4-3/options.gcc b/cpp/autosar/test/rules/A0-4-3/options.gcc deleted file mode 100644 index 0fd3902c30..0000000000 --- a/cpp/autosar/test/rules/A0-4-3/options.gcc +++ /dev/null @@ -1 +0,0 @@ --std=gnu++14 \ No newline at end of file From fd9df2be00c3b1c105e0bc48893a5abdefbdda41 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 11 May 2023 22:54:26 +0200 Subject: [PATCH 1097/2573] CTR57-CPP: simplify alert message A2-3-1: remove compiler checked NON_COMPLIANT tests --- .../OrderingPredicateMustBeStrictlyWeak.qll | 12 ++--- ...deringPredicateMustBeStrictlyWeak.expected | 54 +++++++++---------- 2 files changed, 30 insertions(+), 36 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.qll b/cpp/common/src/codingstandards/cpp/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.qll index f7fb74bb80..aa4b646ec6 100644 --- a/cpp/common/src/codingstandards/cpp/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.qll +++ b/cpp/common/src/codingstandards/cpp/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.qll @@ -173,13 +173,7 @@ class ContainerComparatorUsage extends ComparatorUsage { query predicate problems(ComparatorUsage cu, string message) { not cu.isStrictlyWeakOrdering() and not isExcluded(cu, getQuery()) and - exists(string s | - if exists(cu.getComparator().getQualifiedName()) - then s = cu.getComparator().getQualifiedName() - else s = cu.getComparator().getName() - | - message = - "Comparator '" + s + - "' used on container or sorting algorithm that is not strictly weakly ordered" - ) + message = + "Comparator '" + cu.getComparator().getName() + + "' used on container or sorting algorithm that is not strictly weakly ordered" } diff --git a/cpp/common/test/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.expected b/cpp/common/test/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.expected index 5ff6f9eee3..11f98068fa 100644 --- a/cpp/common/test/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.expected +++ b/cpp/common/test/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.expected @@ -1,30 +1,30 @@ -| test.cpp:27:39:27:41 | definition of s1a | Comparator 'std::less_equal' used on container or sorting algorithm that is not strictly weakly ordered | -| test.cpp:28:42:28:44 | definition of s1b | Comparator 'std::greater_equal' used on container or sorting algorithm that is not strictly weakly ordered | -| test.cpp:36:39:36:41 | definition of s1a | Comparator 'std::less_equal' used on container or sorting algorithm that is not strictly weakly ordered | -| test.cpp:37:42:37:44 | definition of s1b | Comparator 'std::greater_equal' used on container or sorting algorithm that is not strictly weakly ordered | -| test.cpp:41:44:41:46 | definition of s2a | Comparator 'std::less_equal' used on container or sorting algorithm that is not strictly weakly ordered | -| test.cpp:42:47:42:49 | definition of s2b | Comparator 'std::greater_equal' used on container or sorting algorithm that is not strictly weakly ordered | -| test.cpp:46:44:46:46 | definition of m1a | Comparator 'std::less_equal' used on container or sorting algorithm that is not strictly weakly ordered | -| test.cpp:47:47:47:49 | definition of m1b | Comparator 'std::greater_equal' used on container or sorting algorithm that is not strictly weakly ordered | -| test.cpp:51:49:51:51 | definition of m2a | Comparator 'std::less_equal' used on container or sorting algorithm that is not strictly weakly ordered | -| test.cpp:52:52:52:54 | definition of m2b | Comparator 'std::greater_equal' used on container or sorting algorithm that is not strictly weakly ordered | -| test.cpp:58:15:58:16 | definition of s1 | Comparator 'std::less' used on container or sorting algorithm that is not strictly weakly ordered | -| test.cpp:60:7:60:8 | definition of s2 | Comparator 'std::less_equal' used on container or sorting algorithm that is not strictly weakly ordered | -| test.cpp:62:7:62:8 | definition of s3 | Comparator 'std::greater_equal' used on container or sorting algorithm that is not strictly weakly ordered | -| test.cpp:64:7:64:8 | definition of s4 | Comparator 'std::greater' used on container or sorting algorithm that is not strictly weakly ordered | -| test.cpp:66:7:66:8 | definition of s5 | Comparator 'std::less' used on container or sorting algorithm that is not strictly weakly ordered | -| test.cpp:81:3:81:11 | call to sort | Comparator 'std::less_equal' used on container or sorting algorithm that is not strictly weakly ordered | -| test.cpp:84:3:84:11 | call to sort | Comparator 'std::greater_equal' used on container or sorting algorithm that is not strictly weakly ordered | -| test.cpp:105:3:105:11 | call to sort | Comparator 'std::less_equal' used on container or sorting algorithm that is not strictly weakly ordered | -| test.cpp:108:3:108:11 | call to sort | Comparator 'std::greater_equal' used on container or sorting algorithm that is not strictly weakly ordered | -| test.cpp:120:3:120:18 | call to stable_sort | Comparator 'std::less_equal' used on container or sorting algorithm that is not strictly weakly ordered | -| test.cpp:123:3:123:18 | call to stable_sort | Comparator 'std::greater_equal' used on container or sorting algorithm that is not strictly weakly ordered | -| test.cpp:135:3:135:18 | call to stable_sort | Comparator 'std::less_equal' used on container or sorting algorithm that is not strictly weakly ordered | -| test.cpp:138:3:138:18 | call to stable_sort | Comparator 'std::greater_equal' used on container or sorting algorithm that is not strictly weakly ordered | -| test.cpp:153:3:153:19 | call to partial_sort | Comparator 'std::less_equal' used on container or sorting algorithm that is not strictly weakly ordered | -| test.cpp:156:3:156:19 | call to partial_sort | Comparator 'std::greater_equal' used on container or sorting algorithm that is not strictly weakly ordered | -| test.cpp:168:3:168:19 | call to partial_sort | Comparator 'std::less_equal' used on container or sorting algorithm that is not strictly weakly ordered | -| test.cpp:171:3:171:19 | call to partial_sort | Comparator 'std::greater_equal' used on container or sorting algorithm that is not strictly weakly ordered | +| test.cpp:27:39:27:41 | definition of s1a | Comparator 'less_equal' used on container or sorting algorithm that is not strictly weakly ordered | +| test.cpp:28:42:28:44 | definition of s1b | Comparator 'greater_equal' used on container or sorting algorithm that is not strictly weakly ordered | +| test.cpp:36:39:36:41 | definition of s1a | Comparator 'less_equal' used on container or sorting algorithm that is not strictly weakly ordered | +| test.cpp:37:42:37:44 | definition of s1b | Comparator 'greater_equal' used on container or sorting algorithm that is not strictly weakly ordered | +| test.cpp:41:44:41:46 | definition of s2a | Comparator 'less_equal' used on container or sorting algorithm that is not strictly weakly ordered | +| test.cpp:42:47:42:49 | definition of s2b | Comparator 'greater_equal' used on container or sorting algorithm that is not strictly weakly ordered | +| test.cpp:46:44:46:46 | definition of m1a | Comparator 'less_equal' used on container or sorting algorithm that is not strictly weakly ordered | +| test.cpp:47:47:47:49 | definition of m1b | Comparator 'greater_equal' used on container or sorting algorithm that is not strictly weakly ordered | +| test.cpp:51:49:51:51 | definition of m2a | Comparator 'less_equal' used on container or sorting algorithm that is not strictly weakly ordered | +| test.cpp:52:52:52:54 | definition of m2b | Comparator 'greater_equal' used on container or sorting algorithm that is not strictly weakly ordered | +| test.cpp:58:15:58:16 | definition of s1 | Comparator 'less' used on container or sorting algorithm that is not strictly weakly ordered | +| test.cpp:60:7:60:8 | definition of s2 | Comparator 'less_equal' used on container or sorting algorithm that is not strictly weakly ordered | +| test.cpp:62:7:62:8 | definition of s3 | Comparator 'greater_equal' used on container or sorting algorithm that is not strictly weakly ordered | +| test.cpp:64:7:64:8 | definition of s4 | Comparator 'greater' used on container or sorting algorithm that is not strictly weakly ordered | +| test.cpp:66:7:66:8 | definition of s5 | Comparator 'less' used on container or sorting algorithm that is not strictly weakly ordered | +| test.cpp:81:3:81:11 | call to sort | Comparator 'less_equal' used on container or sorting algorithm that is not strictly weakly ordered | +| test.cpp:84:3:84:11 | call to sort | Comparator 'greater_equal' used on container or sorting algorithm that is not strictly weakly ordered | +| test.cpp:105:3:105:11 | call to sort | Comparator 'less_equal' used on container or sorting algorithm that is not strictly weakly ordered | +| test.cpp:108:3:108:11 | call to sort | Comparator 'greater_equal' used on container or sorting algorithm that is not strictly weakly ordered | +| test.cpp:120:3:120:18 | call to stable_sort | Comparator 'less_equal' used on container or sorting algorithm that is not strictly weakly ordered | +| test.cpp:123:3:123:18 | call to stable_sort | Comparator 'greater_equal' used on container or sorting algorithm that is not strictly weakly ordered | +| test.cpp:135:3:135:18 | call to stable_sort | Comparator 'less_equal' used on container or sorting algorithm that is not strictly weakly ordered | +| test.cpp:138:3:138:18 | call to stable_sort | Comparator 'greater_equal' used on container or sorting algorithm that is not strictly weakly ordered | +| test.cpp:153:3:153:19 | call to partial_sort | Comparator 'less_equal' used on container or sorting algorithm that is not strictly weakly ordered | +| test.cpp:156:3:156:19 | call to partial_sort | Comparator 'greater_equal' used on container or sorting algorithm that is not strictly weakly ordered | +| test.cpp:168:3:168:19 | call to partial_sort | Comparator 'less_equal' used on container or sorting algorithm that is not strictly weakly ordered | +| test.cpp:171:3:171:19 | call to partial_sort | Comparator 'greater_equal' used on container or sorting algorithm that is not strictly weakly ordered | | test.cpp:194:7:194:8 | definition of s1 | Comparator 'UnknownUserDefinedComparator' used on container or sorting algorithm that is not strictly weakly ordered | | test.cpp:196:7:196:8 | definition of s2 | Comparator 'UnknownUserDefinedComparator' used on container or sorting algorithm that is not strictly weakly ordered | | test.cpp:197:3:197:11 | call to sort | Comparator 'UnknownUserDefinedComparator' used on container or sorting algorithm that is not strictly weakly ordered | From c88b1c231f2e0a276717c942de914c41ef6df6e2 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 11 May 2023 22:56:34 +0200 Subject: [PATCH 1098/2573] Remove local files --- .vscode/settings.json | 19 ------------------- cpp/autosar/test/rules/A2-3-1/test.cpp.gcc | 4 ++-- cpp/autosar/test/rules/A2-3-1/test.cpp.qcc | 4 ++-- scripts/build_test_database.py | 4 ++-- 4 files changed, 6 insertions(+), 25 deletions(-) delete mode 100644 .vscode/settings.json diff --git a/.vscode/settings.json b/.vscode/settings.json deleted file mode 100644 index e2ff6f4800..0000000000 --- a/.vscode/settings.json +++ /dev/null @@ -1,19 +0,0 @@ -{ - "sarif-viewer.connectToGithubCodeScanning": "off", - "codeQL.cli.executablePath": "/Users/mauro/GitHub/coding-standards/codeql-bundle-20220908/codeql", - "codeQL.runningQueries.numberOfThreads": 0, - "codeQL.runningTests.numberOfThreads": 0, - "codeQL.runningQueries.debug": true, - "files.associations": { - "*.jq": "json", - "*.py": "python", - "*.expected": "csv (pipe)", - "*.actual": "csv (pipe)", - "*.qls": "yaml", - "*.qcc": "cpp", - "*.gcc": "cpp", - "iosfwd": "cpp", - "fstream": "cpp", - "iostream": "cpp" - } -} \ No newline at end of file diff --git a/cpp/autosar/test/rules/A2-3-1/test.cpp.gcc b/cpp/autosar/test/rules/A2-3-1/test.cpp.gcc index b6e8d365ff..5cc8740b6f 100644 --- a/cpp/autosar/test/rules/A2-3-1/test.cpp.gcc +++ b/cpp/autosar/test/rules/A2-3-1/test.cpp.gcc @@ -1,8 +1,8 @@ // It is valid to use @ in comments COMPLIANT // Invalid character α NON_COMPLIANT -// double a = 2.; // NON_COMPLIANT; U+03b1 - this is compiler checked -// void *to_8_and_beyond = nullptr; // NON_COMPLIANT; U+10185 - this is compiler checked +// U+03b1 - this is compiler checked +// U+10185 - this is compiler checked int l1_\u00A8; // COMPLIANT[FALSE_POSITIVE] const char *euro = "α"; // NON_COMPLIANT diff --git a/cpp/autosar/test/rules/A2-3-1/test.cpp.qcc b/cpp/autosar/test/rules/A2-3-1/test.cpp.qcc index b6e8d365ff..5cc8740b6f 100644 --- a/cpp/autosar/test/rules/A2-3-1/test.cpp.qcc +++ b/cpp/autosar/test/rules/A2-3-1/test.cpp.qcc @@ -1,8 +1,8 @@ // It is valid to use @ in comments COMPLIANT // Invalid character α NON_COMPLIANT -// double a = 2.; // NON_COMPLIANT; U+03b1 - this is compiler checked -// void *to_8_and_beyond = nullptr; // NON_COMPLIANT; U+10185 - this is compiler checked +// U+03b1 - this is compiler checked +// U+10185 - this is compiler checked int l1_\u00A8; // COMPLIANT[FALSE_POSITIVE] const char *euro = "α"; // NON_COMPLIANT diff --git a/scripts/build_test_database.py b/scripts/build_test_database.py index d8876691a8..b67ff4aac2 100644 --- a/scripts/build_test_database.py +++ b/scripts/build_test_database.py @@ -47,7 +47,7 @@ exit(1) # get the codeql version -res = subprocess.run(['/Users/mauro/GitHub/coding-standards/codeql-bundle-20220908/codeql', 'version', '--format', 'json'], stdout=subprocess.PIPE) +res = subprocess.run(['codeql', 'version', '--format', 'json'], stdout=subprocess.PIPE) res_json = json.loads(res.stdout) CODEQL_VERSION=res_json["version"] @@ -67,4 +67,4 @@ while os.path.exists(f"databases/{RULE}+{ITERATION}@{CODEQL_VERSION}"): ITERATION = ITERATION + 1 -os.system(f"/Users/mauro/GitHub/coding-standards/codeql-bundle-20220908/codeql database create -l cpp -s {LANGUAGE}/{STANDARD}/test/rules/{RULE} --command=\"{BUILD_COMMAND}\" databases/{RULE}+{ITERATION}@{CODEQL_VERSION}") +os.system(f"codeql database create -l cpp -s {LANGUAGE}/{STANDARD}/test/rules/{RULE} --command=\"{BUILD_COMMAND}\" databases/{RULE}+{ITERATION}@{CODEQL_VERSION}") \ No newline at end of file From 751ef04f3bd634fb0adb3ed6c10a8df64d0d788b Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Fri, 12 May 2023 13:24:43 +0200 Subject: [PATCH 1099/2573] A0-4-3: alert only when the last `-std` compilation flag is not `c++14` --- ...mpilerImplementationShallComplyWithCPP14Standard.expected.qcc | 1 - cpp/autosar/test/rules/A0-4-3/options.clang | 1 + cpp/autosar/test/rules/A0-4-3/options.gcc | 1 + 3 files changed, 2 insertions(+), 1 deletion(-) delete mode 100644 cpp/autosar/test/rules/A0-4-3/CompilerImplementationShallComplyWithCPP14Standard.expected.qcc create mode 100644 cpp/autosar/test/rules/A0-4-3/options.clang create mode 100644 cpp/autosar/test/rules/A0-4-3/options.gcc diff --git a/cpp/autosar/test/rules/A0-4-3/CompilerImplementationShallComplyWithCPP14Standard.expected.qcc b/cpp/autosar/test/rules/A0-4-3/CompilerImplementationShallComplyWithCPP14Standard.expected.qcc deleted file mode 100644 index 44131d5ea4..0000000000 --- a/cpp/autosar/test/rules/A0-4-3/CompilerImplementationShallComplyWithCPP14Standard.expected.qcc +++ /dev/null @@ -1 +0,0 @@ -| test.cpp:0:0:0:0 | test.cpp | File 'test.cpp' compiled with flag '-std=gnu++11' which does not strictly comply with ISO C++14. | diff --git a/cpp/autosar/test/rules/A0-4-3/options.clang b/cpp/autosar/test/rules/A0-4-3/options.clang new file mode 100644 index 0000000000..0fd3902c30 --- /dev/null +++ b/cpp/autosar/test/rules/A0-4-3/options.clang @@ -0,0 +1 @@ +-std=gnu++14 \ No newline at end of file diff --git a/cpp/autosar/test/rules/A0-4-3/options.gcc b/cpp/autosar/test/rules/A0-4-3/options.gcc new file mode 100644 index 0000000000..0fd3902c30 --- /dev/null +++ b/cpp/autosar/test/rules/A0-4-3/options.gcc @@ -0,0 +1 @@ +-std=gnu++14 \ No newline at end of file From 9789cf43517baedf9bcf8b3e601589da94d6ff2a Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Fri, 12 May 2023 13:28:49 +0200 Subject: [PATCH 1100/2573] A0-4-3: alert only when the last `-std` compilation flag is not `c++14` --- ...mpilerImplementationShallComplyWithCPP14Standard.ql | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/cpp/autosar/src/rules/A0-4-3/CompilerImplementationShallComplyWithCPP14Standard.ql b/cpp/autosar/src/rules/A0-4-3/CompilerImplementationShallComplyWithCPP14Standard.ql index da4b6314e2..98e95ed96f 100644 --- a/cpp/autosar/src/rules/A0-4-3/CompilerImplementationShallComplyWithCPP14Standard.ql +++ b/cpp/autosar/src/rules/A0-4-3/CompilerImplementationShallComplyWithCPP14Standard.ql @@ -20,8 +20,14 @@ from File f, string flag where not isExcluded(f, ToolchainPackage::compilerImplementationShallComplyWithCPP14StandardQuery()) and exists(Compilation c | f = c.getAFileCompiled() | - c.getAnArgument() = flag and flag.regexpMatch("-std=(?!c\\+\\+14)[\\w+]+") - ) + flag = + max(string std, int index | + c.getArgument(index) = std and std.matches("-std=%") + | + std order by index + ) + ) and + flag != "-std=c++14" select f, "File '" + f.getBaseName() + "' compiled with flag '" + flag + "' which does not strictly comply with ISO C++14." From 2de099795631c8f80ad0f90409b00e020beb2cad Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 17 May 2023 11:57:14 +0200 Subject: [PATCH 1101/2573] A2-13-3, A8-4-4: fix isExcluded A5-0-4: accept library location in expected file --- .../src/rules/A2-13-3/TypeWcharTUsed.ql | 18 +-- .../FunctionReturnMultipleValueCondition.ql | 1 + ...WithPointersToNonFinalClasses.expected.qcc | 115 ++++++++++++++++++ 3 files changed, 126 insertions(+), 8 deletions(-) create mode 100644 cpp/autosar/test/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.expected.qcc diff --git a/cpp/autosar/src/rules/A2-13-3/TypeWcharTUsed.ql b/cpp/autosar/src/rules/A2-13-3/TypeWcharTUsed.ql index af077da0eb..b4f4ec4f02 100644 --- a/cpp/autosar/src/rules/A2-13-3/TypeWcharTUsed.ql +++ b/cpp/autosar/src/rules/A2-13-3/TypeWcharTUsed.ql @@ -26,12 +26,14 @@ predicate isUsingWideCharType(ClassTemplateInstantiation c) { from Variable v where - v.getUnderlyingType() instanceof WideCharType and - not v.isFromTemplateInstantiation(_) - or - exists(ClassTemplateInstantiation c | - c = v.getType() and - isUsingWideCharType(c) - ) and - not isExcluded(v, BannedTypesPackage::typeWcharTUsedQuery()) + not isExcluded(v, BannedTypesPackage::typeWcharTUsedQuery()) and + ( + v.getUnderlyingType() instanceof WideCharType and + not v.isFromTemplateInstantiation(_) + or + exists(ClassTemplateInstantiation c | + c = v.getType() and + isUsingWideCharType(c) + ) + ) select v, "Use of wchar_t type." diff --git a/cpp/autosar/src/rules/A8-4-4/FunctionReturnMultipleValueCondition.ql b/cpp/autosar/src/rules/A8-4-4/FunctionReturnMultipleValueCondition.ql index cba4d49e69..ff0040f26f 100644 --- a/cpp/autosar/src/rules/A8-4-4/FunctionReturnMultipleValueCondition.ql +++ b/cpp/autosar/src/rules/A8-4-4/FunctionReturnMultipleValueCondition.ql @@ -50,6 +50,7 @@ OutputValue getAnOutputValue(Function f) { from Function f, int outputValues where + not isExcluded(f, FunctionsPackage::functionReturnMultipleValueConditionQuery()) and not f.isCompilerGenerated() and not f.isAffectedByMacro() and not f.isFromUninstantiatedTemplate(_) and diff --git a/cpp/autosar/test/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.expected.qcc b/cpp/autosar/test/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.expected.qcc new file mode 100644 index 0000000000..8b989f61b4 --- /dev/null +++ b/cpp/autosar/test/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.expected.qcc @@ -0,0 +1,115 @@ +edges +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1068:47:1068:49 | __s | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1073:43:1073:45 | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1068:47:1068:49 | __s | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1078:49:1078:51 | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1068:47:1068:49 | __s | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1082:33:1082:35 | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1068:47:1068:49 | __s | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1083:33:1083:35 | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1068:47:1068:49 | __s | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1084:33:1084:35 | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1093:48:1093:50 | __s | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1097:41:1097:43 | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1093:48:1093:50 | __s | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1098:41:1098:43 | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1093:48:1093:50 | __s | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1099:41:1099:43 | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1121:19:1121:21 | __s | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1125:60:1125:62 | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1121:19:1121:21 | __s | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1126:60:1126:62 | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1121:19:1121:21 | __s | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1127:60:1127:62 | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1133:48:1133:50 | __s | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1136:35:1136:37 | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1133:48:1133:50 | __s | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1138:44:1138:46 | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1133:48:1133:50 | __s | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1141:30:1141:32 | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1133:48:1133:50 | __s | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1143:30:1143:32 | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1133:48:1133:50 | __s | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1146:29:1146:31 | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1133:48:1133:50 | __s | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1146:59:1146:61 | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1133:48:1133:50 | __s | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1147:30:1147:32 | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1133:48:1133:50 | __s | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1150:30:1150:32 | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1133:48:1133:50 | __s | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1152:30:1152:32 | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1163:58:1163:62 | __key | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1168:33:1168:35 | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1163:58:1163:62 | __key | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1170:34:1170:36 | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1163:58:1163:62 | __key | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1173:32:1173:34 | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1163:58:1163:62 | __key | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1178:33:1178:35 | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1163:58:1163:62 | __key | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1179:33:1179:35 | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1163:58:1163:62 | __key | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1180:33:1180:35 | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1163:58:1163:62 | __key | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1181:47:1181:49 | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1163:58:1163:62 | __key | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1182:45:1182:47 | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1163:58:1163:62 | __key | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1183:58:1183:60 | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1163:58:1163:62 | __key | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1184:58:1184:60 | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1163:58:1163:62 | __key | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1190:62:1190:64 | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1163:58:1163:62 | __key | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1191:57:1191:59 | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1163:58:1163:62 | __key | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1193:42:1193:44 | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1163:58:1163:62 | __key | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1195:41:1195:43 | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1163:58:1163:62 | __key | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1196:41:1196:43 | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1163:58:1163:62 | __key | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1197:65:1197:67 | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1168:33:1168:35 | __s | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1068:47:1068:49 | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1170:34:1170:36 | __s | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1093:48:1093:50 | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1173:32:1173:34 | __s | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1133:48:1133:50 | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1195:41:1195:43 | __s | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1121:19:1121:21 | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1262:48:1262:51 | & ... | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1163:58:1163:62 | __key | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1262:48:1262:51 | & ... | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1163:58:1163:62 | __key | +| test.cpp:10:18:10:20 | foo | test.cpp:11:23:11:25 | foo | +| test.cpp:10:18:10:20 | foo | test.cpp:11:50:11:52 | foo | +| test.cpp:22:18:22:20 | foo | test.cpp:24:18:24:20 | foo | +| test.cpp:35:11:35:17 | new | test.cpp:38:6:38:7 | l1 | +| test.cpp:35:11:35:17 | new | test.cpp:39:6:39:7 | l1 | +| test.cpp:37:11:37:13 | & ... | test.cpp:40:6:40:7 | l3 | +| test.cpp:37:11:37:13 | & ... | test.cpp:41:6:41:7 | l3 | +| test.cpp:38:6:38:7 | l1 | test.cpp:10:18:10:20 | foo | +| test.cpp:39:6:39:7 | l1 | test.cpp:22:18:22:20 | foo | +| test.cpp:40:6:40:7 | l3 | test.cpp:10:18:10:20 | foo | +| test.cpp:41:6:41:7 | l3 | test.cpp:22:18:22:20 | foo | +nodes +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1068:47:1068:49 | __s | semmle.label | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1073:43:1073:45 | __s | semmle.label | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1078:49:1078:51 | __s | semmle.label | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1082:33:1082:35 | __s | semmle.label | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1083:33:1083:35 | __s | semmle.label | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1084:33:1084:35 | __s | semmle.label | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1093:48:1093:50 | __s | semmle.label | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1097:41:1097:43 | __s | semmle.label | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1098:41:1098:43 | __s | semmle.label | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1099:41:1099:43 | __s | semmle.label | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1121:19:1121:21 | __s | semmle.label | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1125:60:1125:62 | __s | semmle.label | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1126:60:1126:62 | __s | semmle.label | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1127:60:1127:62 | __s | semmle.label | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1133:48:1133:50 | __s | semmle.label | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1136:35:1136:37 | __s | semmle.label | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1138:44:1138:46 | __s | semmle.label | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1141:30:1141:32 | __s | semmle.label | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1143:30:1143:32 | __s | semmle.label | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1146:29:1146:31 | __s | semmle.label | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1146:59:1146:61 | __s | semmle.label | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1147:30:1147:32 | __s | semmle.label | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1150:30:1150:32 | __s | semmle.label | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1152:30:1152:32 | __s | semmle.label | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1163:58:1163:62 | __key | semmle.label | __key | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1168:33:1168:35 | __s | semmle.label | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1170:34:1170:36 | __s | semmle.label | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1173:32:1173:34 | __s | semmle.label | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1178:33:1178:35 | __s | semmle.label | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1179:33:1179:35 | __s | semmle.label | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1180:33:1180:35 | __s | semmle.label | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1181:47:1181:49 | __s | semmle.label | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1182:45:1182:47 | __s | semmle.label | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1183:58:1183:60 | __s | semmle.label | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1184:58:1184:60 | __s | semmle.label | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1190:62:1190:64 | __s | semmle.label | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1191:57:1191:59 | __s | semmle.label | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1193:42:1193:44 | __s | semmle.label | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1195:41:1195:43 | __s | semmle.label | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1196:41:1196:43 | __s | semmle.label | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1197:65:1197:67 | __s | semmle.label | __s | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1262:48:1262:51 | & ... | semmle.label | & ... | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/utility:1262:48:1262:51 | & ... | semmle.label | & ... | +| test.cpp:10:18:10:20 | foo | semmle.label | foo | +| test.cpp:11:23:11:25 | foo | semmle.label | foo | +| test.cpp:11:50:11:52 | foo | semmle.label | foo | +| test.cpp:22:18:22:20 | foo | semmle.label | foo | +| test.cpp:24:18:24:20 | foo | semmle.label | foo | +| test.cpp:35:11:35:17 | new | semmle.label | new | +| test.cpp:37:11:37:13 | & ... | semmle.label | & ... | +| test.cpp:38:6:38:7 | l1 | semmle.label | l1 | +| test.cpp:39:6:39:7 | l1 | semmle.label | l1 | +| test.cpp:40:6:40:7 | l3 | semmle.label | l3 | +| test.cpp:41:6:41:7 | l3 | semmle.label | l3 | +subpaths +#select +| test.cpp:11:23:11:33 | ... + ... | test.cpp:35:11:35:17 | new | test.cpp:11:23:11:25 | foo | Pointer arithmetic with pointer to non-final class $@. | test.cpp:4:8:4:8 | S | S | +| test.cpp:11:23:11:33 | ... + ... | test.cpp:37:11:37:13 | & ... | test.cpp:11:23:11:25 | foo | Pointer arithmetic with pointer to non-final class $@. | test.cpp:4:8:4:8 | S | S | +| test.cpp:24:18:24:23 | access to array | test.cpp:35:11:35:17 | new | test.cpp:24:18:24:20 | foo | Pointer arithmetic with pointer to non-final class $@. | test.cpp:4:8:4:8 | S | S | +| test.cpp:24:18:24:23 | access to array | test.cpp:37:11:37:13 | & ... | test.cpp:24:18:24:20 | foo | Pointer arithmetic with pointer to non-final class $@. | test.cpp:4:8:4:8 | S | S | From cf2be9bcc084191ef6f5c1bf494f003eac373733 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 17 May 2023 12:44:37 +0200 Subject: [PATCH 1102/2573] A1-1-1: fix test --- .gitignore | 2 ++ .../rules/A1-1-1/CStandardLibraryHeadersAreDeprecated.cpp | 4 ++-- scripts/build_test_database.py | 4 ++-- 3 files changed, 6 insertions(+), 4 deletions(-) diff --git a/.gitignore b/.gitignore index 360134b51c..ec9f823c65 100644 --- a/.gitignore +++ b/.gitignore @@ -23,3 +23,5 @@ # CodeQL build artifacts **/.codeql/** +cpp/autosar/test/rules/A2-3-1/test.cpp.gcc +cpp/autosar/test/rules/A2-3-1/test.cpp.qcc diff --git a/cpp/autosar/test/rules/A1-1-1/CStandardLibraryHeadersAreDeprecated.cpp b/cpp/autosar/test/rules/A1-1-1/CStandardLibraryHeadersAreDeprecated.cpp index ce23be05f3..752508e334 100644 --- a/cpp/autosar/test/rules/A1-1-1/CStandardLibraryHeadersAreDeprecated.cpp +++ b/cpp/autosar/test/rules/A1-1-1/CStandardLibraryHeadersAreDeprecated.cpp @@ -24,5 +24,5 @@ #include // NON_COMPLIANT #include // NON_COMPLIANT -#include // COMPLIANT -#include // COMPLIANT \ No newline at end of file +#include // COMPLIANT +#include // COMPLIANT \ No newline at end of file diff --git a/scripts/build_test_database.py b/scripts/build_test_database.py index b67ff4aac2..d8876691a8 100644 --- a/scripts/build_test_database.py +++ b/scripts/build_test_database.py @@ -47,7 +47,7 @@ exit(1) # get the codeql version -res = subprocess.run(['codeql', 'version', '--format', 'json'], stdout=subprocess.PIPE) +res = subprocess.run(['/Users/mauro/GitHub/coding-standards/codeql-bundle-20220908/codeql', 'version', '--format', 'json'], stdout=subprocess.PIPE) res_json = json.loads(res.stdout) CODEQL_VERSION=res_json["version"] @@ -67,4 +67,4 @@ while os.path.exists(f"databases/{RULE}+{ITERATION}@{CODEQL_VERSION}"): ITERATION = ITERATION + 1 -os.system(f"codeql database create -l cpp -s {LANGUAGE}/{STANDARD}/test/rules/{RULE} --command=\"{BUILD_COMMAND}\" databases/{RULE}+{ITERATION}@{CODEQL_VERSION}") \ No newline at end of file +os.system(f"/Users/mauro/GitHub/coding-standards/codeql-bundle-20220908/codeql database create -l cpp -s {LANGUAGE}/{STANDARD}/test/rules/{RULE} --command=\"{BUILD_COMMAND}\" databases/{RULE}+{ITERATION}@{CODEQL_VERSION}") From c4832999815c0e5b059ba2f72faf592082687172 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 17 May 2023 12:59:43 +0200 Subject: [PATCH 1103/2573] Undo renaming of `getConstCharTPointer` --- .../src/codingstandards/cpp/Dereferenced.qll | 16 ++++++++-------- .../ContainerAccessWithoutRangeCheck.qll | 8 ++++---- .../cpp/standardlibrary/String.qll | 2 +- 3 files changed, 13 insertions(+), 13 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Dereferenced.qll b/cpp/common/src/codingstandards/cpp/Dereferenced.qll index e47cb2b1cb..ba79ec3f1e 100644 --- a/cpp/common/src/codingstandards/cpp/Dereferenced.qll +++ b/cpp/common/src/codingstandards/cpp/Dereferenced.qll @@ -46,7 +46,7 @@ class BasicStringMemberFunctionDereferencedExpr extends BasicStringDereferencedE // basic_string::basic_string(const charT *, const Allocator &) f instanceof Constructor and f.getNumberOfParameters() <= 2 and - f.getParameter(0).getType() = stringType.getValueType() and + f.getParameter(0).getType() = stringType.getConstCharTPointer() and ( f.getNumberOfParameters() = 2 implies @@ -58,14 +58,14 @@ class BasicStringMemberFunctionDereferencedExpr extends BasicStringDereferencedE // basic_string &basic_string::assign(const charT *) f.hasName(["append", "assign"]) and f.getNumberOfParameters() = 1 and - f.getParameter(0).getType() = stringType.getValueType() and + f.getParameter(0).getType() = stringType.getConstCharTPointer() and this = fc.getArgument(0) or // basic_string &basic_string::insert(size_type, const charT *) f.hasName("insert") and f.getNumberOfParameters() = 2 and f.getParameter(0).getType() = stringType.getSizeType() and - f.getParameter(1).getType() = stringType.getValueType() and + f.getParameter(1).getType() = stringType.getConstCharTPointer() and this = fc.getArgument(1) or // basic_string &basic_string::replace(size_type, size_type, const charT *) @@ -74,7 +74,7 @@ class BasicStringMemberFunctionDereferencedExpr extends BasicStringDereferencedE f.getNumberOfParameters() = 3 and f.getParameter(0).getType() = [stringType.getSizeType(), stringType.getConstIteratorType()] and f.getParameter(1).getType() = [stringType.getSizeType(), stringType.getConstIteratorType()] and - f.getParameter(2).getType() = stringType.getValueType() and + f.getParameter(2).getType() = stringType.getConstCharTPointer() and this = fc.getArgument(2) or // size_type basic_string::find(const charT *, size_type) @@ -87,7 +87,7 @@ class BasicStringMemberFunctionDereferencedExpr extends BasicStringDereferencedE "find", "rfind", "find_first_of", "find_last_of", "find_first_not_of", "find_last_not_of" ]) and f.getNumberOfParameters() = 2 and - f.getParameter(0).getType() = stringType.getValueType() and + f.getParameter(0).getType() = stringType.getConstCharTPointer() and f.getParameter(1).getType() = stringType.getSizeType() and this = fc.getArgument(0) or @@ -96,7 +96,7 @@ class BasicStringMemberFunctionDereferencedExpr extends BasicStringDereferencedE // basic_string &basic_string::operator+=(const charT *) f.hasName(["compare", "operator=", "operator+="]) and f.getNumberOfParameters() = 1 and - f.getParameter(0).getType() = stringType.getValueType() and + f.getParameter(0).getType() = stringType.getConstCharTPointer() and this = fc.getArgument(0) or // int basic_string::compare(size_type, size_type, const charT *) @@ -104,7 +104,7 @@ class BasicStringMemberFunctionDereferencedExpr extends BasicStringDereferencedE f.getNumberOfParameters() = 3 and f.getParameter(0).getType() = stringType.getSizeType() and f.getParameter(1).getType() = stringType.getSizeType() and - f.getParameter(2).getType() = stringType.getValueType() and + f.getParameter(2).getType() = stringType.getConstCharTPointer() and this = fc.getArgument(2) ) } @@ -136,7 +136,7 @@ class BasicStringNonMemberFunctionDereferencedExpr extends BasicStringDereferenc ]) and f.getAParameter().getType().(ReferenceType).getBaseType().getUnspecifiedType() = stringType and exists(int param | - f.getParameter(param).getType() = stringType.getValueType() and + f.getParameter(param).getType() = stringType.getConstCharTPointer() and this = fc.getArgument(param) ) ) diff --git a/cpp/common/src/codingstandards/cpp/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.qll b/cpp/common/src/codingstandards/cpp/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.qll index 8c5dbe05ea..840cd5330a 100644 --- a/cpp/common/src/codingstandards/cpp/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.qll +++ b/cpp/common/src/codingstandards/cpp/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.qll @@ -159,7 +159,7 @@ class StringContainerConstructorCall extends ContainerConstructorCall { override Expr getInitialContainerSizeExpr() { // from buffer c.getNumberOfParameters() = 3 and - c.getParameter(0).getType() = stringInstantiation.getValueType() and + c.getParameter(0).getType() = stringInstantiation.getConstCharTPointer() and c.getParameter(1).getType() = stringInstantiation.getSizeType() and c.getParameter(2).getType() = stringInstantiation.getConstAllocatorReferenceType() and // copies `n` items from the buffer @@ -181,11 +181,11 @@ class StringContainerConstructorCall extends ContainerConstructorCall { or // from c-string constructors c.getNumberOfParameters() = 1 and - c.getParameter(0).getType() = stringInstantiation.getValueType() and + c.getParameter(0).getType() = stringInstantiation.getConstCharTPointer() and result = getArgument(0).getValue().length() or c.getNumberOfParameters() = 2 and - c.getParameter(0).getType() = stringInstantiation.getValueType() and + c.getParameter(0).getType() = stringInstantiation.getConstCharTPointer() and c.getParameter(1).getType() = stringInstantiation.getSizeType() and result = getArgument(1).getValue().toFloat() or @@ -195,7 +195,7 @@ class StringContainerConstructorCall extends ContainerConstructorCall { result = getArgument(0).getValue().toFloat() or c.getNumberOfParameters() = 2 and - c.getParameter(0).getType() = stringInstantiation.getValueType() and + c.getParameter(0).getType() = stringInstantiation.getConstCharTPointer() and c.getParameter(1).getType() = stringInstantiation.getConstAllocatorReferenceType() and result = getArgument(0).getValue().length() or diff --git a/cpp/common/src/codingstandards/cpp/standardlibrary/String.qll b/cpp/common/src/codingstandards/cpp/standardlibrary/String.qll index a7de240f6c..ed6a4fc8b2 100644 --- a/cpp/common/src/codingstandards/cpp/standardlibrary/String.qll +++ b/cpp/common/src/codingstandards/cpp/standardlibrary/String.qll @@ -13,7 +13,7 @@ class StdBasicString extends ClassTemplateInstantiation { Type getAllocator() { result = getTemplateArgument(2) } /** Gets the `const charT*` type for this `basic_string` instantiation. */ - PointerType getValueType() { + PointerType getConstCharTPointer() { exists(SpecifiedType specType | specType = result.getBaseType() and specType.isConst() and From ee3f8cfba3365b39ed93c4822823fc124ba1b67f Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 17 May 2023 13:52:04 +0200 Subject: [PATCH 1104/2573] A16-2-2: Modified test file --- .../test/rules/A16-2-2/UnusedIncludeDirectives.expected | 2 +- .../rules/A16-2-2/UnusedIncludeDirectives.expected.clang | 1 - .../rules/A16-2-2/UnusedIncludeDirectives.expected.gcc | 1 - .../rules/A16-2-2/UnusedIncludeDirectives.expected.qcc | 1 - cpp/autosar/test/rules/A16-2-2/test.cpp | 8 ++++---- cpp/autosar/test/rules/A16-2-2/test.cpp.clang | 6 ------ cpp/autosar/test/rules/A16-2-2/test.cpp.gcc | 6 ------ cpp/autosar/test/rules/A16-2-2/test.cpp.qcc | 6 ------ 8 files changed, 5 insertions(+), 26 deletions(-) delete mode 100644 cpp/autosar/test/rules/A16-2-2/UnusedIncludeDirectives.expected.clang delete mode 100644 cpp/autosar/test/rules/A16-2-2/UnusedIncludeDirectives.expected.gcc delete mode 100644 cpp/autosar/test/rules/A16-2-2/UnusedIncludeDirectives.expected.qcc delete mode 100644 cpp/autosar/test/rules/A16-2-2/test.cpp.clang delete mode 100644 cpp/autosar/test/rules/A16-2-2/test.cpp.gcc delete mode 100644 cpp/autosar/test/rules/A16-2-2/test.cpp.qcc diff --git a/cpp/autosar/test/rules/A16-2-2/UnusedIncludeDirectives.expected b/cpp/autosar/test/rules/A16-2-2/UnusedIncludeDirectives.expected index 6e141d4fbe..631736202f 100644 --- a/cpp/autosar/test/rules/A16-2-2/UnusedIncludeDirectives.expected +++ b/cpp/autosar/test/rules/A16-2-2/UnusedIncludeDirectives.expected @@ -1,2 +1,2 @@ | test.cpp:1:1:1:19 | #include "test.hpp" | Nothing in this file uses anything from "test.hpp" | -| test.cpp:3:1:3:17 | #include | Nothing in this file uses anything from | +| test.cpp:2:1:2:20 | #include | Nothing in this file uses anything from | diff --git a/cpp/autosar/test/rules/A16-2-2/UnusedIncludeDirectives.expected.clang b/cpp/autosar/test/rules/A16-2-2/UnusedIncludeDirectives.expected.clang deleted file mode 100644 index 153bf8fa0f..0000000000 --- a/cpp/autosar/test/rules/A16-2-2/UnusedIncludeDirectives.expected.clang +++ /dev/null @@ -1 +0,0 @@ -| test.cpp:1:1:1:19 | #include "test.hpp" | Nothing in this file uses anything from "test.hpp" | diff --git a/cpp/autosar/test/rules/A16-2-2/UnusedIncludeDirectives.expected.gcc b/cpp/autosar/test/rules/A16-2-2/UnusedIncludeDirectives.expected.gcc deleted file mode 100644 index 153bf8fa0f..0000000000 --- a/cpp/autosar/test/rules/A16-2-2/UnusedIncludeDirectives.expected.gcc +++ /dev/null @@ -1 +0,0 @@ -| test.cpp:1:1:1:19 | #include "test.hpp" | Nothing in this file uses anything from "test.hpp" | diff --git a/cpp/autosar/test/rules/A16-2-2/UnusedIncludeDirectives.expected.qcc b/cpp/autosar/test/rules/A16-2-2/UnusedIncludeDirectives.expected.qcc deleted file mode 100644 index 153bf8fa0f..0000000000 --- a/cpp/autosar/test/rules/A16-2-2/UnusedIncludeDirectives.expected.qcc +++ /dev/null @@ -1 +0,0 @@ -| test.cpp:1:1:1:19 | #include "test.hpp" | Nothing in this file uses anything from "test.hpp" | diff --git a/cpp/autosar/test/rules/A16-2-2/test.cpp b/cpp/autosar/test/rules/A16-2-2/test.cpp index 1e3c536057..50c66461b4 100644 --- a/cpp/autosar/test/rules/A16-2-2/test.cpp +++ b/cpp/autosar/test/rules/A16-2-2/test.cpp @@ -1,5 +1,5 @@ -#include "test.hpp" //NON_COMPLIANT -#include //COMPLIANT -#include //NON_COMPLIANT +#include "test.hpp" //NON_COMPLIANT +#include //NON_COMPLIANT +#include //COMPLIANT -std::string s = "A string"; \ No newline at end of file +std::vector v; \ No newline at end of file diff --git a/cpp/autosar/test/rules/A16-2-2/test.cpp.clang b/cpp/autosar/test/rules/A16-2-2/test.cpp.clang deleted file mode 100644 index d34c29c7dc..0000000000 --- a/cpp/autosar/test/rules/A16-2-2/test.cpp.clang +++ /dev/null @@ -1,6 +0,0 @@ -#include "test.hpp" //NON_COMPLIANT -#include //COMPLIANT -#include //COMPLIANT -#include //COMPLIANT - -std::string s = "A string"; \ No newline at end of file diff --git a/cpp/autosar/test/rules/A16-2-2/test.cpp.gcc b/cpp/autosar/test/rules/A16-2-2/test.cpp.gcc deleted file mode 100644 index d34c29c7dc..0000000000 --- a/cpp/autosar/test/rules/A16-2-2/test.cpp.gcc +++ /dev/null @@ -1,6 +0,0 @@ -#include "test.hpp" //NON_COMPLIANT -#include //COMPLIANT -#include //COMPLIANT -#include //COMPLIANT - -std::string s = "A string"; \ No newline at end of file diff --git a/cpp/autosar/test/rules/A16-2-2/test.cpp.qcc b/cpp/autosar/test/rules/A16-2-2/test.cpp.qcc deleted file mode 100644 index d34c29c7dc..0000000000 --- a/cpp/autosar/test/rules/A16-2-2/test.cpp.qcc +++ /dev/null @@ -1,6 +0,0 @@ -#include "test.hpp" //NON_COMPLIANT -#include //COMPLIANT -#include //COMPLIANT -#include //COMPLIANT - -std::string s = "A string"; \ No newline at end of file From 814b6302cce3f6b2aa3e6f85a811dca4862a54e4 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 17 May 2023 15:03:02 +0200 Subject: [PATCH 1105/2573] A18-1-2: remove specific expected file for `gcc` --- .../A18-1-2/VectorboolSpecializationUsed.expected.gcc | 7 ------- 1 file changed, 7 deletions(-) delete mode 100644 cpp/autosar/test/rules/A18-1-2/VectorboolSpecializationUsed.expected.gcc diff --git a/cpp/autosar/test/rules/A18-1-2/VectorboolSpecializationUsed.expected.gcc b/cpp/autosar/test/rules/A18-1-2/VectorboolSpecializationUsed.expected.gcc deleted file mode 100644 index 570c7c18ea..0000000000 --- a/cpp/autosar/test/rules/A18-1-2/VectorboolSpecializationUsed.expected.gcc +++ /dev/null @@ -1,7 +0,0 @@ -| test.cpp:3:19:3:19 | g | Use of std::vector specialization. | -| test.cpp:18:21:18:21 | l | Use of std::vector specialization. | -| test.cpp:20:8:20:9 | l3 | Use of std::vector specialization. | -| test.cpp:23:34:23:35 | l6 | Use of std::vector specialization. | -| test.cpp:24:47:24:48 | l7 | Use of std::vector specialization. | -| test.cpp:27:36:27:37 | it | Use of std::vector specialization. | -| test.cpp:34:40:34:41 | d3 | Use of std::vector specialization. | From bcc0340ed97c8ca2de072a3ed1c7d3196f87115c Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 18 May 2023 15:46:05 +0100 Subject: [PATCH 1106/2573] Generate dummy `Query` for shared query test files Shared query test files were not excluding elements outside the source archive because they did not implement the `..SharedQuery` mechanism. This commit adjusts the `Query` class to provide a dummy query for this purpose, and updates the generator to create an instance of that abstract class for each shared query. --- .../cpp/exclusions/RuleMetadata.qll | 24 +++++++++++++++---- .../generate_rules/generate_package_files.py | 2 ++ 2 files changed, 22 insertions(+), 4 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/exclusions/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/RuleMetadata.qll index 189da2a2e0..c001b6073a 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/RuleMetadata.qll @@ -5,7 +5,9 @@ private import codingstandards.cpp.guideline_recategorizations.GuidelineRecatego newtype TQuery = TQueryCPP(CPPRuleMetadata::TCPPQuery t) or - TQueryC(CRuleMetadata::TCQuery t) + TQueryC(CRuleMetadata::TCQuery t) or + /* A dummy query for testing purposes */ + TQueryTestDummy() private predicate isMisraRuleCategory(string category) { category = ["disapplied", "advisory", "required", "mandatory"] @@ -47,18 +49,27 @@ class EffectiveCategory extends TEffectiveCategory { class Query extends TQuery { string getQueryId() { - CPPRuleMetadata::isQueryMetadata(this, result, _, _) or + CPPRuleMetadata::isQueryMetadata(this, result, _, _) + or CRuleMetadata::isQueryMetadata(this, result, _, _) + or + this = TQueryTestDummy() and result = "cpp/test/dummy" } string getRuleId() { - CPPRuleMetadata::isQueryMetadata(this, _, result, _) or + CPPRuleMetadata::isQueryMetadata(this, _, result, _) + or CRuleMetadata::isQueryMetadata(this, _, result, _) + or + this = TQueryTestDummy() and result = "cpp-test-dummy" } string getCategory() { - CPPRuleMetadata::isQueryMetadata(this, _, _, result) or + CPPRuleMetadata::isQueryMetadata(this, _, _, result) + or CRuleMetadata::isQueryMetadata(this, _, _, result) + or + this = TQueryTestDummy() and result = "required" } EffectiveCategory getEffectiveCategory() { @@ -72,3 +83,8 @@ class Query extends TQuery { string toString() { result = getQueryId() } } + +/** A `Query` used for shared query test cases. */ +class TestQuery extends Query { + TestQuery() { this = TQueryTestDummy() } +} diff --git a/scripts/generate_rules/generate_package_files.py b/scripts/generate_rules/generate_package_files.py index daca3cebd1..92cc97f645 100644 --- a/scripts/generate_rules/generate_package_files.py +++ b/scripts/generate_rules/generate_package_files.py @@ -181,6 +181,8 @@ def write_shared_implementation(package_name, rule_id, query, language_name, ql_ .replace("/", ".") + "\n" ) + f.write("\n"); + f.write("class TestFileQuery extends " + str(query["shared_implementation_short_name"]) + "SharedQuery, TestQuery { }\n") # Create an empty test file, if one doesn't already exist shared_impl_test_dir.joinpath( From e8fe572473d03d5b87846f74b114f2fbdce04cb6 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Thu, 18 May 2023 15:50:26 +0100 Subject: [PATCH 1107/2573] Update shared query test files to add SharedQuerys Run the updated generator to add ..SharedQuery implementations for each shared test file. --- .../CloseFileHandleWhenNoLongerNeededShared.ql | 2 ++ c/common/test/rules/commaoperatorused/CommaOperatorUsed.ql | 2 ++ .../ConstantUnsignedIntegerExpressionsWrapAround.ql | 2 ++ .../test/rules/constlikereturnvalue/ConstLikeReturnValue.ql | 2 ++ c/common/test/rules/deadcode/DeadCode.ql | 2 ++ .../declaredareservedidentifier/DeclaredAReservedIdentifier.ql | 2 ++ .../rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql | 2 ++ .../DifferentIdentifiersNotTypographicallyUnambiguous.ql | 2 ++ .../test/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.ql | 2 ++ .../DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql | 2 ++ .../DoNotCopyAddressOfAutoStorageObjectToOtherObject.ql | 2 ++ .../DoNotDestroyAMutexWhileItIsLocked.ql | 2 ++ .../DoNotSubtractPointersAddressingDifferentArrays.ql | 2 ++ .../DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql | 2 ++ .../DoNotUsePointerArithmeticToAddressDifferentArrays.ql | 2 ++ .../DoNotUseRandForGeneratingPseudorandomNumbers.ql | 2 ++ .../DoNotUseRelationalOperatorsWithDifferingArrays.ql | 2 ++ .../FreeMemoryWhenNoLongerNeededShared.ql | 2 ++ .../test/rules/gotostatementcondition/GotoStatementCondition.ql | 2 ++ .../test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql | 2 ++ c/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql | 2 ++ c/common/test/rules/identifierhidden/IdentifierHidden.ql | 2 ++ .../IdentifierWithExternalLinkageOneDefinitionShared.ql | 2 ++ .../ifelseterminationconstruct/IfElseTerminationConstruct.ql | 2 ++ .../test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql | 2 ++ .../InformationLeakageAcrossBoundaries.ql | 2 ++ .../InvalidatedEnvStringPointers.ql | 2 ++ .../InvalidatedEnvStringPointersWarn.ql | 2 ++ .../iofstreammissingpositioning/IOFstreamMissingPositioning.ql | 2 ++ .../MacroParameterNotEnclosedInParentheses.ql | 2 ++ .../MemcmpUsedToComparePaddingData.ql | 2 ++ .../MissingStaticSpecifierFunctionRedeclarationShared.ql | 2 ++ c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql | 2 ++ c/common/test/rules/nonconstantformat/NonConstantFormat.ql | 2 ++ .../NonVoidFunctionDoesNotReturn.ql | 2 ++ .../test/rules/notdistinctidentifier/NotDistinctIdentifier.ql | 2 ++ .../OnlyFreeMemoryAllocatedDynamicallyShared.ql | 2 ++ .../PreprocessingDirectiveWithinMacroArgument.ql | 2 ++ .../PreprocessorIncludesForbiddenHeaderNames.ql | 2 ++ .../PreprocessorIncludesPreceded.ql | 2 ++ .../PreserveSafetyWhenUsingConditionVariables.ql | 2 ++ .../PreventDeadlockByLockingInPredefinedOrder.ql | 2 ++ .../readofuninitializedmemory/ReadOfUninitializedMemory.ql | 2 ++ .../SectionsOfCodeShallNotBeCommentedOut.ql | 2 ++ .../switchcasepositioncondition/SwitchCasePositionCondition.ql | 2 ++ c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql | 2 ++ c/common/test/rules/typeomitted/TypeOmitted.ql | 2 ++ .../UncheckedRangeDomainPoleErrors.ql | 2 ++ .../undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql | 2 ++ .../UnnecessaryExposedIdentifierDeclarationShared.ql | 2 ++ c/common/test/rules/unreachablecode/UnreachableCode.ql | 2 ++ c/common/test/rules/unusedparameter/UnusedParameter.ql | 2 ++ .../test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql | 2 ++ .../UsageOfAssemblerNotDocumented.ql | 2 ++ .../UseInitializerBracesToMatchAggregateTypeStructure.ql | 2 ++ .../UseOnlyArrayIndexingForPointerArithmetic.ql | 2 ++ .../wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql | 2 ++ .../AccessOfNonExistingMemberThroughPointerToMember.ql | 2 ++ .../AccessOfUndefinedMemberThroughNullPointer.ql | 2 ++ .../AccessOfUndefinedMemberThroughUninitializedStaticPointer.ql | 2 ++ .../BasicStringMayNotBeNullTerminated.ql | 2 ++ .../test/rules/catchblockshadowing/CatchBlockShadowing.ql | 2 ++ .../CatchExceptionsByLvalueReference.ql | 2 ++ cpp/common/test/rules/commaoperatorused/CommaOperatorUsed.ql | 2 ++ .../ConditionVariablePostConditionFailed.ql | 2 ++ .../ConstantUnsignedIntegerExpressionsWrapAround.ql | 2 ++ .../ContainerAccessWithoutRangeCheck.ql | 2 ++ .../DanglingCaptureWhenMovingLambdaObject.ql | 2 ++ .../DanglingCaptureWhenReturningLambdaObject.ql | 2 ++ cpp/common/test/rules/deadcode/DeadCode.ql | 2 ++ .../DeleteOfPointerToIncompleteClass.ql | 2 ++ .../rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql | 2 ++ .../DestroyedValueReferencedInDestructorCatchBlock.ql | 2 ++ .../DifferentIdentifiersNotTypographicallyUnambiguous.ql | 2 ++ .../DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql | 2 ++ .../DoNotCopyAddressOfAutoStorageObjectToOtherObject.ql | 2 ++ .../DoNotDestroyAMutexWhileItIsLocked.ql | 2 ++ .../DoNotSubtractPointersAddressingDifferentArrays.ql | 2 ++ .../DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql | 2 ++ .../DoNotUsePointerArithmeticToAddressDifferentArrays.ql | 2 ++ .../DoNotUseRandForGeneratingPseudorandomNumbers.ql | 2 ++ .../DoNotUseRelationalOperatorsWithDifferingArrays.ql | 2 ++ .../exceptionsafetyguarantees/ExceptionSafetyGuarantees.ql | 2 ++ .../exceptionsafetyvalidstate/ExceptionSafetyValidState.ql | 2 ++ .../exithandlerthrowsexception/ExitHandlerThrowsException.ql | 2 ++ .../explicitabrupttermination/ExplicitAbruptTermination.ql | 2 ++ .../FunctionNoReturnAttributeCondition.ql | 2 ++ .../test/rules/gotostatementcondition/GotoStatementCondition.ql | 2 ++ .../test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql | 2 ++ .../HandleAllExceptionsDuringStartup.ql | 2 ++ cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql | 2 ++ cpp/common/test/rules/identifierhidden/IdentifierHidden.ql | 2 ++ .../IdentifierWithExternalLinkageOneDefinitionShared.ql | 2 ++ .../ifelseterminationconstruct/IfElseTerminationConstruct.ql | 2 ++ .../test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql | 2 ++ .../InformationLeakageAcrossBoundaries.ql | 2 ++ .../iofstreammissingpositioning/IOFstreamMissingPositioning.ql | 2 ++ .../JoinableThreadCopiedOrDestroyed.ql | 2 ++ .../MacroParameterNotEnclosedInParentheses.ql | 2 ++ .../MemcmpUsedToComparePaddingData.ql | 2 ++ .../MissingStaticSpecifierFunctionRedeclarationShared.ql | 2 ++ .../MovedFromObjectsUnspecifiedState.ql | 2 ++ .../test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql | 2 ++ cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql | 2 ++ .../rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql | 2 ++ cpp/common/test/rules/nonconstantformat/NonConstantFormat.ql | 2 ++ .../NonStandardEntitiesInStandardNamespaces.ql | 2 ++ .../NonVoidFunctionDoesNotReturn.ql | 2 ++ .../objectaccessedafterlifetime/ObjectAccessedAfterLifetime.ql | 2 ++ .../ObjectAccessedBeforeLifetime.ql | 2 ++ .../onedefinitionruleviolation/OneDefinitionRuleViolation.ql | 2 ++ .../OperationMayNotNullTerminateCStyleString.ql | 2 ++ .../OperatorDeleteMissingPartner.ql | 2 ++ .../OrderingPredicateMustBeStrictlyWeak.ql | 2 ++ .../OwnedPointerValueStoredInUnrelatedSmartPointer.ql | 2 ++ .../PlacementNewInsufficientStorage.ql | 2 ++ .../PlacementNewNotProperlyAligned.ql | 2 ++ .../PredicateFunctionObjectsShouldNotBeMutable.ql | 2 ++ .../PreprocessingDirectiveWithinMacroArgument.ql | 2 ++ .../PreprocessorIncludesForbiddenHeaderNames.ql | 2 ++ .../PreprocessorIncludesPreceded.ql | 2 ++ .../PreserveSafetyWhenUsingConditionVariables.ql | 2 ++ .../PreventDeadlockByLockingInPredefinedOrder.ql | 2 ++ .../readofuninitializedmemory/ReadOfUninitializedMemory.ql | 2 ++ .../RemoveConstOrVolatileQualification.ql | 2 ++ .../rethrownestedwithoutcapture/RethrowNestedWithoutCapture.ql | 2 ++ .../SectionsOfCodeShallNotBeCommentedOut.ql | 2 ++ .../StringNumberConversionMissingErrorCheck.ql | 2 ++ .../switchcasepositioncondition/SwitchCasePositionCondition.ql | 2 ++ .../test/rules/switchnotwellformed/SwitchNotWellFormed.ql | 2 ++ .../ThrowingNoThrowOperatorNewDelete.ql | 2 ++ .../ThrowingOperatorNewReturnsNull.ql | 2 ++ .../ThrowingOperatorNewThrowsInvalidException.ql | 2 ++ .../UncheckedRangeDomainPoleErrors.ql | 2 ++ .../undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql | 2 ++ .../UnnecessaryExposedIdentifierDeclarationShared.ql | 2 ++ cpp/common/test/rules/unreachablecode/UnreachableCode.ql | 2 ++ cpp/common/test/rules/unusedparameter/UnusedParameter.ql | 2 ++ .../test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql | 2 ++ .../UsageOfAssemblerNotDocumented.ql | 2 ++ .../UseCanonicalOrderForMemberInit.ql | 2 ++ .../UseInitializerBracesToMatchAggregateTypeStructure.ql | 2 ++ .../UseOnlyArrayIndexingForPointerArithmetic.ql | 2 ++ .../validcontainerelementaccess/ValidContainerElementAccess.ql | 2 ++ .../wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql | 2 ++ 145 files changed, 290 insertions(+) diff --git a/c/common/test/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.ql b/c/common/test/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.ql index 1769b6862e..9e657b351a 100644 --- a/c/common/test/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.ql +++ b/c/common/test/rules/closefilehandlewhennolongerneededshared/CloseFileHandleWhenNoLongerNeededShared.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.closefilehandlewhennolongerneededshared.CloseFileHandleWhenNoLongerNeededShared + +class TestFileQuery extends CloseFileHandleWhenNoLongerNeededSharedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/commaoperatorused/CommaOperatorUsed.ql b/c/common/test/rules/commaoperatorused/CommaOperatorUsed.ql index 53d559ae8b..2fe294762e 100644 --- a/c/common/test/rules/commaoperatorused/CommaOperatorUsed.ql +++ b/c/common/test/rules/commaoperatorused/CommaOperatorUsed.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.commaoperatorused.CommaOperatorUsed + +class TestFileQuery extends CommaOperatorUsedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql b/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql index 9fcc41c831..c77ee1c66a 100644 --- a/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql +++ b/c/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.constantunsignedintegerexpressionswraparound.ConstantUnsignedIntegerExpressionsWrapAround + +class TestFileQuery extends ConstantUnsignedIntegerExpressionsWrapAroundSharedQuery, TestQuery { } diff --git a/c/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.ql b/c/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.ql index 29386391e5..53c27eb3ce 100644 --- a/c/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.ql +++ b/c/common/test/rules/constlikereturnvalue/ConstLikeReturnValue.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.constlikereturnvalue.ConstLikeReturnValue + +class TestFileQuery extends ConstLikeReturnValueSharedQuery, TestQuery { } diff --git a/c/common/test/rules/deadcode/DeadCode.ql b/c/common/test/rules/deadcode/DeadCode.ql index 62f5a924f1..dcd7fce840 100644 --- a/c/common/test/rules/deadcode/DeadCode.ql +++ b/c/common/test/rules/deadcode/DeadCode.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.deadcode.DeadCode + +class TestFileQuery extends DeadCodeSharedQuery, TestQuery { } diff --git a/c/common/test/rules/declaredareservedidentifier/DeclaredAReservedIdentifier.ql b/c/common/test/rules/declaredareservedidentifier/DeclaredAReservedIdentifier.ql index c53a7c44b2..f091b0aaaa 100644 --- a/c/common/test/rules/declaredareservedidentifier/DeclaredAReservedIdentifier.ql +++ b/c/common/test/rules/declaredareservedidentifier/DeclaredAReservedIdentifier.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.declaredareservedidentifier.DeclaredAReservedIdentifier + +class TestFileQuery extends DeclaredAReservedIdentifierSharedQuery, TestQuery { } diff --git a/c/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql b/c/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql index 94b64d3146..c8dc62e67c 100644 --- a/c/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql +++ b/c/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.dereferenceofnullpointer.DereferenceOfNullPointer + +class TestFileQuery extends DereferenceOfNullPointerSharedQuery, TestQuery { } diff --git a/c/common/test/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.ql b/c/common/test/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.ql index 17134b9eba..16a160b121 100644 --- a/c/common/test/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.ql +++ b/c/common/test/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.differentidentifiersnottypographicallyunambiguous.DifferentIdentifiersNotTypographicallyUnambiguous + +class TestFileQuery extends DifferentIdentifiersNotTypographicallyUnambiguousSharedQuery, TestQuery { } diff --git a/c/common/test/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.ql b/c/common/test/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.ql index 430e258ae0..d3b8b9ea3a 100644 --- a/c/common/test/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.ql +++ b/c/common/test/rules/donotaccessaclosedfile/DoNotAccessAClosedFile.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotaccessaclosedfile.DoNotAccessAClosedFile + +class TestFileQuery extends DoNotAccessAClosedFileSharedQuery, TestQuery { } diff --git a/c/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql b/c/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql index 43bc4286e6..ceae7e6a9e 100644 --- a/c/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql +++ b/c/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotallowamutextogooutofscopewhilelocked.DoNotAllowAMutexToGoOutOfScopeWhileLocked + +class TestFileQuery extends DoNotAllowAMutexToGoOutOfScopeWhileLockedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/donotcopyaddressofautostorageobjecttootherobject/DoNotCopyAddressOfAutoStorageObjectToOtherObject.ql b/c/common/test/rules/donotcopyaddressofautostorageobjecttootherobject/DoNotCopyAddressOfAutoStorageObjectToOtherObject.ql index 9f0c40ef4c..782afa4cee 100644 --- a/c/common/test/rules/donotcopyaddressofautostorageobjecttootherobject/DoNotCopyAddressOfAutoStorageObjectToOtherObject.ql +++ b/c/common/test/rules/donotcopyaddressofautostorageobjecttootherobject/DoNotCopyAddressOfAutoStorageObjectToOtherObject.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotcopyaddressofautostorageobjecttootherobject.DoNotCopyAddressOfAutoStorageObjectToOtherObject + +class TestFileQuery extends DoNotCopyAddressOfAutoStorageObjectToOtherObjectSharedQuery, TestQuery { } diff --git a/c/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql b/c/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql index f3ba1667a8..96ea58009e 100644 --- a/c/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql +++ b/c/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotdestroyamutexwhileitislocked.DoNotDestroyAMutexWhileItIsLocked + +class TestFileQuery extends DoNotDestroyAMutexWhileItIsLockedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql b/c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql index bf47bf28f1..374a6fc52b 100644 --- a/c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql +++ b/c/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotsubtractpointersaddressingdifferentarrays.DoNotSubtractPointersAddressingDifferentArrays + +class TestFileQuery extends DoNotSubtractPointersAddressingDifferentArraysSharedQuery, TestQuery { } diff --git a/c/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql b/c/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql index 6fdfb9c928..edef2c1127 100644 --- a/c/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql +++ b/c/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotusemorethantwolevelsofpointerindirection.DoNotUseMoreThanTwoLevelsOfPointerIndirection + +class TestFileQuery extends DoNotUseMoreThanTwoLevelsOfPointerIndirectionSharedQuery, TestQuery { } diff --git a/c/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.ql b/c/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.ql index b06daa52b7..79e322e22c 100644 --- a/c/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.ql +++ b/c/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotusepointerarithmetictoaddressdifferentarrays.DoNotUsePointerArithmeticToAddressDifferentArrays + +class TestFileQuery extends DoNotUsePointerArithmeticToAddressDifferentArraysSharedQuery, TestQuery { } diff --git a/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql b/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql index 05388363d1..3ad5626256 100644 --- a/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql +++ b/c/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotuserandforgeneratingpseudorandomnumbers.DoNotUseRandForGeneratingPseudorandomNumbers + +class TestFileQuery extends DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery, TestQuery { } diff --git a/c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql b/c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql index c6cca37aa2..bceb46bf63 100644 --- a/c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql +++ b/c/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotuserelationaloperatorswithdifferingarrays.DoNotUseRelationalOperatorsWithDifferingArrays + +class TestFileQuery extends DoNotUseRelationalOperatorsWithDifferingArraysSharedQuery, TestQuery { } diff --git a/c/common/test/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.ql b/c/common/test/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.ql index 6656768011..27683eddfb 100644 --- a/c/common/test/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.ql +++ b/c/common/test/rules/freememorywhennolongerneededshared/FreeMemoryWhenNoLongerNeededShared.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.freememorywhennolongerneededshared.FreeMemoryWhenNoLongerNeededShared + +class TestFileQuery extends FreeMemoryWhenNoLongerNeededSharedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/gotostatementcondition/GotoStatementCondition.ql b/c/common/test/rules/gotostatementcondition/GotoStatementCondition.ql index 826a161cc6..89768a3022 100644 --- a/c/common/test/rules/gotostatementcondition/GotoStatementCondition.ql +++ b/c/common/test/rules/gotostatementcondition/GotoStatementCondition.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.gotostatementcondition.GotoStatementCondition + +class TestFileQuery extends GotoStatementConditionSharedQuery, TestQuery { } diff --git a/c/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql b/c/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql index 693dae8f57..a0d83a59a6 100644 --- a/c/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql +++ b/c/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.guardaccesstobitfields.GuardAccessToBitFields + +class TestFileQuery extends GuardAccessToBitFieldsSharedQuery, TestQuery { } diff --git a/c/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql b/c/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql index d0ead0b289..a61dc7860a 100644 --- a/c/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql +++ b/c/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.hashoperatorsused.HashOperatorsUsed + +class TestFileQuery extends HashOperatorsUsedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/identifierhidden/IdentifierHidden.ql b/c/common/test/rules/identifierhidden/IdentifierHidden.ql index 62abdd2163..ba13b28bd4 100644 --- a/c/common/test/rules/identifierhidden/IdentifierHidden.ql +++ b/c/common/test/rules/identifierhidden/IdentifierHidden.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.identifierhidden.IdentifierHidden + +class TestFileQuery extends IdentifierHiddenSharedQuery, TestQuery { } diff --git a/c/common/test/rules/identifierwithexternallinkageonedefinitionshared/IdentifierWithExternalLinkageOneDefinitionShared.ql b/c/common/test/rules/identifierwithexternallinkageonedefinitionshared/IdentifierWithExternalLinkageOneDefinitionShared.ql index 0d540a0fb1..ebe9a75d1e 100644 --- a/c/common/test/rules/identifierwithexternallinkageonedefinitionshared/IdentifierWithExternalLinkageOneDefinitionShared.ql +++ b/c/common/test/rules/identifierwithexternallinkageonedefinitionshared/IdentifierWithExternalLinkageOneDefinitionShared.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.identifierwithexternallinkageonedefinitionshared.IdentifierWithExternalLinkageOneDefinitionShared + +class TestFileQuery extends IdentifierWithExternalLinkageOneDefinitionSharedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql b/c/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql index d96cb456ce..acdd497be7 100644 --- a/c/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql +++ b/c/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.ifelseterminationconstruct.IfElseTerminationConstruct + +class TestFileQuery extends IfElseTerminationConstructSharedQuery, TestQuery { } diff --git a/c/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql b/c/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql index 2fcfddeca9..13b07b4e90 100644 --- a/c/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql +++ b/c/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.includeguardsnotused.IncludeGuardsNotUsed + +class TestFileQuery extends IncludeGuardsNotUsedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql b/c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql index 4e603a2e36..3393d015c3 100644 --- a/c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql +++ b/c/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.informationleakageacrossboundaries.InformationLeakageAcrossBoundaries + +class TestFileQuery extends InformationLeakageAcrossBoundariesSharedQuery, TestQuery { } diff --git a/c/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.ql b/c/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.ql index a623ce5d7f..b82c43333a 100644 --- a/c/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.ql +++ b/c/common/test/rules/invalidatedenvstringpointers/InvalidatedEnvStringPointers.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.invalidatedenvstringpointers.InvalidatedEnvStringPointers + +class TestFileQuery extends InvalidatedEnvStringPointersSharedQuery, TestQuery { } diff --git a/c/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.ql b/c/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.ql index e7cb5c5445..7a56af210d 100644 --- a/c/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.ql +++ b/c/common/test/rules/invalidatedenvstringpointerswarn/InvalidatedEnvStringPointersWarn.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.invalidatedenvstringpointerswarn.InvalidatedEnvStringPointersWarn + +class TestFileQuery extends InvalidatedEnvStringPointersWarnSharedQuery, TestQuery { } diff --git a/c/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql b/c/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql index 164aa6ed96..c1f22c408a 100644 --- a/c/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql +++ b/c/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.iofstreammissingpositioning.IOFstreamMissingPositioning + +class TestFileQuery extends IOFstreamMissingPositioningSharedQuery, TestQuery { } diff --git a/c/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql b/c/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql index 0ce5ceef5c..2ff9477919 100644 --- a/c/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql +++ b/c/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.macroparameternotenclosedinparentheses.MacroParameterNotEnclosedInParentheses + +class TestFileQuery extends MacroParameterNotEnclosedInParenthesesSharedQuery, TestQuery { } diff --git a/c/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql b/c/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql index f924c33f1d..55290047a1 100644 --- a/c/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql +++ b/c/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.memcmpusedtocomparepaddingdata.MemcmpUsedToComparePaddingData + +class TestFileQuery extends MemcmpUsedToComparePaddingDataSharedQuery, TestQuery { } diff --git a/c/common/test/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.ql b/c/common/test/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.ql index 50954b88bf..5113873b8b 100644 --- a/c/common/test/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.ql +++ b/c/common/test/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.missingstaticspecifierfunctionredeclarationshared.MissingStaticSpecifierFunctionRedeclarationShared + +class TestFileQuery extends MissingStaticSpecifierFunctionRedeclarationSharedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql b/c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql index a23fe0b2f9..3e0b1f7e8b 100644 --- a/c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql +++ b/c/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nestedlabelinswitch.NestedLabelInSwitch + +class TestFileQuery extends NestedLabelInSwitchSharedQuery, TestQuery { } diff --git a/c/common/test/rules/nonconstantformat/NonConstantFormat.ql b/c/common/test/rules/nonconstantformat/NonConstantFormat.ql index 7a92b544e2..25750ae9e5 100644 --- a/c/common/test/rules/nonconstantformat/NonConstantFormat.ql +++ b/c/common/test/rules/nonconstantformat/NonConstantFormat.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonconstantformat.NonConstantFormat + +class TestFileQuery extends NonConstantFormatSharedQuery, TestQuery { } diff --git a/c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql b/c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql index 9b7236a26f..bcf99b44e7 100644 --- a/c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql +++ b/c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonvoidfunctiondoesnotreturn.NonVoidFunctionDoesNotReturn + +class TestFileQuery extends NonVoidFunctionDoesNotReturnSharedQuery, TestQuery { } diff --git a/c/common/test/rules/notdistinctidentifier/NotDistinctIdentifier.ql b/c/common/test/rules/notdistinctidentifier/NotDistinctIdentifier.ql index 82ea80b775..3b7a8a5f9a 100644 --- a/c/common/test/rules/notdistinctidentifier/NotDistinctIdentifier.ql +++ b/c/common/test/rules/notdistinctidentifier/NotDistinctIdentifier.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.notdistinctidentifier.NotDistinctIdentifier + +class TestFileQuery extends NotDistinctIdentifierSharedQuery, TestQuery { } diff --git a/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.ql b/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.ql index a678006d69..f7d315554e 100644 --- a/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.ql +++ b/c/common/test/rules/onlyfreememoryallocateddynamicallyshared/OnlyFreeMemoryAllocatedDynamicallyShared.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.onlyfreememoryallocateddynamicallyshared.OnlyFreeMemoryAllocatedDynamicallyShared + +class TestFileQuery extends OnlyFreeMemoryAllocatedDynamicallySharedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql b/c/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql index 37ff4945f4..d66babdb6d 100644 --- a/c/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql +++ b/c/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessingdirectivewithinmacroargument.PreprocessingDirectiveWithinMacroArgument + +class TestFileQuery extends PreprocessingDirectiveWithinMacroArgumentSharedQuery, TestQuery { } diff --git a/c/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql b/c/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql index 1b27d1e0ee..c7652ab4ae 100644 --- a/c/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql +++ b/c/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessorincludesforbiddenheadernames.PreprocessorIncludesForbiddenHeaderNames + +class TestFileQuery extends PreprocessorIncludesForbiddenHeaderNamesSharedQuery, TestQuery { } diff --git a/c/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql b/c/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql index 343b168637..43701dbbf9 100644 --- a/c/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql +++ b/c/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessorincludespreceded.PreprocessorIncludesPreceded + +class TestFileQuery extends PreprocessorIncludesPrecededSharedQuery, TestQuery { } diff --git a/c/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql b/c/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql index cef4c700ab..009c7f9e26 100644 --- a/c/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql +++ b/c/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preservesafetywhenusingconditionvariables.PreserveSafetyWhenUsingConditionVariables + +class TestFileQuery extends PreserveSafetyWhenUsingConditionVariablesSharedQuery, TestQuery { } diff --git a/c/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql b/c/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql index 6412db389a..4ca46f15ea 100644 --- a/c/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql +++ b/c/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preventdeadlockbylockinginpredefinedorder.PreventDeadlockByLockingInPredefinedOrder + +class TestFileQuery extends PreventDeadlockByLockingInPredefinedOrderSharedQuery, TestQuery { } diff --git a/c/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql b/c/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql index 71c2a6cecd..9150d4459d 100644 --- a/c/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql +++ b/c/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.readofuninitializedmemory.ReadOfUninitializedMemory + +class TestFileQuery extends ReadOfUninitializedMemorySharedQuery, TestQuery { } diff --git a/c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql b/c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql index c60068c7cc..aacadf0253 100644 --- a/c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql +++ b/c/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.sectionsofcodeshallnotbecommentedout.SectionsOfCodeShallNotBeCommentedOut + +class TestFileQuery extends SectionsOfCodeShallNotBeCommentedOutSharedQuery, TestQuery { } diff --git a/c/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql b/c/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql index 65188d04f7..1b323a652d 100644 --- a/c/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql +++ b/c/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.switchcasepositioncondition.SwitchCasePositionCondition + +class TestFileQuery extends SwitchCasePositionConditionSharedQuery, TestQuery { } diff --git a/c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql b/c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql index 0a398a99a9..75ce3cb1ec 100644 --- a/c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql +++ b/c/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.switchnotwellformed.SwitchNotWellFormed + +class TestFileQuery extends SwitchNotWellFormedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/typeomitted/TypeOmitted.ql b/c/common/test/rules/typeomitted/TypeOmitted.ql index d0853e90a4..a9cd81118c 100644 --- a/c/common/test/rules/typeomitted/TypeOmitted.ql +++ b/c/common/test/rules/typeomitted/TypeOmitted.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.typeomitted.TypeOmitted + +class TestFileQuery extends TypeOmittedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql b/c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql index 2ceb96c0d7..11720fb8da 100644 --- a/c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql +++ b/c/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.uncheckedrangedomainpoleerrors.UncheckedRangeDomainPoleErrors + +class TestFileQuery extends UncheckedRangeDomainPoleErrorsSharedQuery, TestQuery { } diff --git a/c/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql b/c/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql index afede1b8ef..316565cab7 100644 --- a/c/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql +++ b/c/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.undefinedmacroidentifiers.UndefinedMacroIdentifiers + +class TestFileQuery extends UndefinedMacroIdentifiersSharedQuery, TestQuery { } diff --git a/c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql b/c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql index 9914ad0b1e..3baad901da 100644 --- a/c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql +++ b/c/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unnecessaryexposedidentifierdeclarationshared.UnnecessaryExposedIdentifierDeclarationShared + +class TestFileQuery extends UnnecessaryExposedIdentifierDeclarationSharedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/unreachablecode/UnreachableCode.ql b/c/common/test/rules/unreachablecode/UnreachableCode.ql index 7a105eafa8..c394bfba3e 100644 --- a/c/common/test/rules/unreachablecode/UnreachableCode.ql +++ b/c/common/test/rules/unreachablecode/UnreachableCode.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unreachablecode.UnreachableCode + +class TestFileQuery extends UnreachableCodeSharedQuery, TestQuery { } diff --git a/c/common/test/rules/unusedparameter/UnusedParameter.ql b/c/common/test/rules/unusedparameter/UnusedParameter.ql index 0c6d01d515..e990a7dcf3 100644 --- a/c/common/test/rules/unusedparameter/UnusedParameter.ql +++ b/c/common/test/rules/unusedparameter/UnusedParameter.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unusedparameter.UnusedParameter + +class TestFileQuery extends UnusedParameterSharedQuery, TestQuery { } diff --git a/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql b/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql index 83b19da601..f1c09524d5 100644 --- a/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql +++ b/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unusedtypedeclarations.UnusedTypeDeclarations + +class TestFileQuery extends UnusedTypeDeclarationsSharedQuery, TestQuery { } diff --git a/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql b/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql index 7f9e1041a2..f9997627b4 100644 --- a/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql +++ b/c/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.usageofassemblernotdocumented.UsageOfAssemblerNotDocumented + +class TestFileQuery extends UsageOfAssemblerNotDocumentedSharedQuery, TestQuery { } diff --git a/c/common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.ql b/c/common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.ql index b24a879bab..8ddcc5bc7e 100644 --- a/c/common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.ql +++ b/c/common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.useinitializerbracestomatchaggregatetypestructure.UseInitializerBracesToMatchAggregateTypeStructure + +class TestFileQuery extends UseInitializerBracesToMatchAggregateTypeStructureSharedQuery, TestQuery { } diff --git a/c/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql b/c/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql index 819d12c4e8..55554bee07 100644 --- a/c/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql +++ b/c/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.useonlyarrayindexingforpointerarithmetic.UseOnlyArrayIndexingForPointerArithmetic + +class TestFileQuery extends UseOnlyArrayIndexingForPointerArithmeticSharedQuery, TestQuery { } diff --git a/c/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql b/c/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql index 6f4ad4c40e..44947bf85a 100644 --- a/c/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql +++ b/c/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.wrapspuriousfunctioninloop.WrapSpuriousFunctionInLoop + +class TestFileQuery extends WrapSpuriousFunctionInLoopSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/accessofnonexistingmemberthroughpointertomember/AccessOfNonExistingMemberThroughPointerToMember.ql b/cpp/common/test/rules/accessofnonexistingmemberthroughpointertomember/AccessOfNonExistingMemberThroughPointerToMember.ql index 06b77e4aae..6e49f3b033 100644 --- a/cpp/common/test/rules/accessofnonexistingmemberthroughpointertomember/AccessOfNonExistingMemberThroughPointerToMember.ql +++ b/cpp/common/test/rules/accessofnonexistingmemberthroughpointertomember/AccessOfNonExistingMemberThroughPointerToMember.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.accessofnonexistingmemberthroughpointertomember.AccessOfNonExistingMemberThroughPointerToMember + +class TestFileQuery extends AccessOfNonExistingMemberThroughPointerToMemberSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.ql b/cpp/common/test/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.ql index 47e6b02835..a94e11dbf6 100644 --- a/cpp/common/test/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.ql +++ b/cpp/common/test/rules/accessofundefinedmemberthroughnullpointer/AccessOfUndefinedMemberThroughNullPointer.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.accessofundefinedmemberthroughnullpointer.AccessOfUndefinedMemberThroughNullPointer + +class TestFileQuery extends AccessOfUndefinedMemberThroughNullPointerSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.ql b/cpp/common/test/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.ql index bb0594e7ac..e39fe834cb 100644 --- a/cpp/common/test/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.ql +++ b/cpp/common/test/rules/accessofundefinedmemberthroughuninitializedstaticpointer/AccessOfUndefinedMemberThroughUninitializedStaticPointer.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.accessofundefinedmemberthroughuninitializedstaticpointer.AccessOfUndefinedMemberThroughUninitializedStaticPointer + +class TestFileQuery extends AccessOfUndefinedMemberThroughUninitializedStaticPointerSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/basicstringmaynotbenullterminated/BasicStringMayNotBeNullTerminated.ql b/cpp/common/test/rules/basicstringmaynotbenullterminated/BasicStringMayNotBeNullTerminated.ql index e1ba81c1f7..c2c4fe7906 100644 --- a/cpp/common/test/rules/basicstringmaynotbenullterminated/BasicStringMayNotBeNullTerminated.ql +++ b/cpp/common/test/rules/basicstringmaynotbenullterminated/BasicStringMayNotBeNullTerminated.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.basicstringmaynotbenullterminated.BasicStringMayNotBeNullTerminated + +class TestFileQuery extends BasicStringMayNotBeNullTerminatedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/catchblockshadowing/CatchBlockShadowing.ql b/cpp/common/test/rules/catchblockshadowing/CatchBlockShadowing.ql index 197c55cbff..76b7123d99 100644 --- a/cpp/common/test/rules/catchblockshadowing/CatchBlockShadowing.ql +++ b/cpp/common/test/rules/catchblockshadowing/CatchBlockShadowing.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.catchblockshadowing.CatchBlockShadowing + +class TestFileQuery extends CatchBlockShadowingSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/catchexceptionsbylvaluereference/CatchExceptionsByLvalueReference.ql b/cpp/common/test/rules/catchexceptionsbylvaluereference/CatchExceptionsByLvalueReference.ql index c6d1b86d3b..30d6d30c47 100644 --- a/cpp/common/test/rules/catchexceptionsbylvaluereference/CatchExceptionsByLvalueReference.ql +++ b/cpp/common/test/rules/catchexceptionsbylvaluereference/CatchExceptionsByLvalueReference.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.catchexceptionsbylvaluereference.CatchExceptionsByLvalueReference + +class TestFileQuery extends CatchExceptionsByLvalueReferenceSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/commaoperatorused/CommaOperatorUsed.ql b/cpp/common/test/rules/commaoperatorused/CommaOperatorUsed.ql index 53d559ae8b..2fe294762e 100644 --- a/cpp/common/test/rules/commaoperatorused/CommaOperatorUsed.ql +++ b/cpp/common/test/rules/commaoperatorused/CommaOperatorUsed.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.commaoperatorused.CommaOperatorUsed + +class TestFileQuery extends CommaOperatorUsedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/conditionvariablepostconditionfailed/ConditionVariablePostConditionFailed.ql b/cpp/common/test/rules/conditionvariablepostconditionfailed/ConditionVariablePostConditionFailed.ql index ab0dc41229..e990e23e2e 100644 --- a/cpp/common/test/rules/conditionvariablepostconditionfailed/ConditionVariablePostConditionFailed.ql +++ b/cpp/common/test/rules/conditionvariablepostconditionfailed/ConditionVariablePostConditionFailed.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.conditionvariablepostconditionfailed.ConditionVariablePostConditionFailed + +class TestFileQuery extends ConditionVariablePostConditionFailedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql b/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql index 9fcc41c831..c77ee1c66a 100644 --- a/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql +++ b/cpp/common/test/rules/constantunsignedintegerexpressionswraparound/ConstantUnsignedIntegerExpressionsWrapAround.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.constantunsignedintegerexpressionswraparound.ConstantUnsignedIntegerExpressionsWrapAround + +class TestFileQuery extends ConstantUnsignedIntegerExpressionsWrapAroundSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.ql b/cpp/common/test/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.ql index cf073f961c..be54f5a31c 100644 --- a/cpp/common/test/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.ql +++ b/cpp/common/test/rules/containeraccesswithoutrangecheck/ContainerAccessWithoutRangeCheck.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.containeraccesswithoutrangecheck.ContainerAccessWithoutRangeCheck + +class TestFileQuery extends ContainerAccessWithoutRangeCheckSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/danglingcapturewhenmovinglambdaobject/DanglingCaptureWhenMovingLambdaObject.ql b/cpp/common/test/rules/danglingcapturewhenmovinglambdaobject/DanglingCaptureWhenMovingLambdaObject.ql index 734de290a5..ba1f1efc2f 100644 --- a/cpp/common/test/rules/danglingcapturewhenmovinglambdaobject/DanglingCaptureWhenMovingLambdaObject.ql +++ b/cpp/common/test/rules/danglingcapturewhenmovinglambdaobject/DanglingCaptureWhenMovingLambdaObject.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.danglingcapturewhenmovinglambdaobject.DanglingCaptureWhenMovingLambdaObject + +class TestFileQuery extends DanglingCaptureWhenMovingLambdaObjectSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/danglingcapturewhenreturninglambdaobject/DanglingCaptureWhenReturningLambdaObject.ql b/cpp/common/test/rules/danglingcapturewhenreturninglambdaobject/DanglingCaptureWhenReturningLambdaObject.ql index 870784d97d..d95ba912fd 100644 --- a/cpp/common/test/rules/danglingcapturewhenreturninglambdaobject/DanglingCaptureWhenReturningLambdaObject.ql +++ b/cpp/common/test/rules/danglingcapturewhenreturninglambdaobject/DanglingCaptureWhenReturningLambdaObject.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.danglingcapturewhenreturninglambdaobject.DanglingCaptureWhenReturningLambdaObject + +class TestFileQuery extends DanglingCaptureWhenReturningLambdaObjectSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/deadcode/DeadCode.ql b/cpp/common/test/rules/deadcode/DeadCode.ql index 62f5a924f1..dcd7fce840 100644 --- a/cpp/common/test/rules/deadcode/DeadCode.ql +++ b/cpp/common/test/rules/deadcode/DeadCode.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.deadcode.DeadCode + +class TestFileQuery extends DeadCodeSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/deleteofpointertoincompleteclass/DeleteOfPointerToIncompleteClass.ql b/cpp/common/test/rules/deleteofpointertoincompleteclass/DeleteOfPointerToIncompleteClass.ql index b6a13aa7cc..a589ae988e 100644 --- a/cpp/common/test/rules/deleteofpointertoincompleteclass/DeleteOfPointerToIncompleteClass.ql +++ b/cpp/common/test/rules/deleteofpointertoincompleteclass/DeleteOfPointerToIncompleteClass.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.deleteofpointertoincompleteclass.DeleteOfPointerToIncompleteClass + +class TestFileQuery extends DeleteOfPointerToIncompleteClassSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql b/cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql index 94b64d3146..c8dc62e67c 100644 --- a/cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql +++ b/cpp/common/test/rules/dereferenceofnullpointer/DereferenceOfNullPointer.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.dereferenceofnullpointer.DereferenceOfNullPointer + +class TestFileQuery extends DereferenceOfNullPointerSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/destroyedvaluereferencedindestructorcatchblock/DestroyedValueReferencedInDestructorCatchBlock.ql b/cpp/common/test/rules/destroyedvaluereferencedindestructorcatchblock/DestroyedValueReferencedInDestructorCatchBlock.ql index 4f02daf0c5..90c4ed602a 100644 --- a/cpp/common/test/rules/destroyedvaluereferencedindestructorcatchblock/DestroyedValueReferencedInDestructorCatchBlock.ql +++ b/cpp/common/test/rules/destroyedvaluereferencedindestructorcatchblock/DestroyedValueReferencedInDestructorCatchBlock.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.destroyedvaluereferencedindestructorcatchblock.DestroyedValueReferencedInDestructorCatchBlock + +class TestFileQuery extends DestroyedValueReferencedInDestructorCatchBlockSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.ql b/cpp/common/test/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.ql index 17134b9eba..16a160b121 100644 --- a/cpp/common/test/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.ql +++ b/cpp/common/test/rules/differentidentifiersnottypographicallyunambiguous/DifferentIdentifiersNotTypographicallyUnambiguous.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.differentidentifiersnottypographicallyunambiguous.DifferentIdentifiersNotTypographicallyUnambiguous + +class TestFileQuery extends DifferentIdentifiersNotTypographicallyUnambiguousSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql b/cpp/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql index 43bc4286e6..ceae7e6a9e 100644 --- a/cpp/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql +++ b/cpp/common/test/rules/donotallowamutextogooutofscopewhilelocked/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotallowamutextogooutofscopewhilelocked.DoNotAllowAMutexToGoOutOfScopeWhileLocked + +class TestFileQuery extends DoNotAllowAMutexToGoOutOfScopeWhileLockedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/donotcopyaddressofautostorageobjecttootherobject/DoNotCopyAddressOfAutoStorageObjectToOtherObject.ql b/cpp/common/test/rules/donotcopyaddressofautostorageobjecttootherobject/DoNotCopyAddressOfAutoStorageObjectToOtherObject.ql index 9f0c40ef4c..782afa4cee 100644 --- a/cpp/common/test/rules/donotcopyaddressofautostorageobjecttootherobject/DoNotCopyAddressOfAutoStorageObjectToOtherObject.ql +++ b/cpp/common/test/rules/donotcopyaddressofautostorageobjecttootherobject/DoNotCopyAddressOfAutoStorageObjectToOtherObject.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotcopyaddressofautostorageobjecttootherobject.DoNotCopyAddressOfAutoStorageObjectToOtherObject + +class TestFileQuery extends DoNotCopyAddressOfAutoStorageObjectToOtherObjectSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql b/cpp/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql index f3ba1667a8..96ea58009e 100644 --- a/cpp/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql +++ b/cpp/common/test/rules/donotdestroyamutexwhileitislocked/DoNotDestroyAMutexWhileItIsLocked.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotdestroyamutexwhileitislocked.DoNotDestroyAMutexWhileItIsLocked + +class TestFileQuery extends DoNotDestroyAMutexWhileItIsLockedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql b/cpp/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql index bf47bf28f1..374a6fc52b 100644 --- a/cpp/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql +++ b/cpp/common/test/rules/donotsubtractpointersaddressingdifferentarrays/DoNotSubtractPointersAddressingDifferentArrays.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotsubtractpointersaddressingdifferentarrays.DoNotSubtractPointersAddressingDifferentArrays + +class TestFileQuery extends DoNotSubtractPointersAddressingDifferentArraysSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql b/cpp/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql index 6fdfb9c928..edef2c1127 100644 --- a/cpp/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql +++ b/cpp/common/test/rules/donotusemorethantwolevelsofpointerindirection/DoNotUseMoreThanTwoLevelsOfPointerIndirection.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotusemorethantwolevelsofpointerindirection.DoNotUseMoreThanTwoLevelsOfPointerIndirection + +class TestFileQuery extends DoNotUseMoreThanTwoLevelsOfPointerIndirectionSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.ql b/cpp/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.ql index b06daa52b7..79e322e22c 100644 --- a/cpp/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.ql +++ b/cpp/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotusepointerarithmetictoaddressdifferentarrays.DoNotUsePointerArithmeticToAddressDifferentArrays + +class TestFileQuery extends DoNotUsePointerArithmeticToAddressDifferentArraysSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql b/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql index 05388363d1..3ad5626256 100644 --- a/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql +++ b/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotuserandforgeneratingpseudorandomnumbers.DoNotUseRandForGeneratingPseudorandomNumbers + +class TestFileQuery extends DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql b/cpp/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql index c6cca37aa2..bceb46bf63 100644 --- a/cpp/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql +++ b/cpp/common/test/rules/donotuserelationaloperatorswithdifferingarrays/DoNotUseRelationalOperatorsWithDifferingArrays.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotuserelationaloperatorswithdifferingarrays.DoNotUseRelationalOperatorsWithDifferingArrays + +class TestFileQuery extends DoNotUseRelationalOperatorsWithDifferingArraysSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/exceptionsafetyguarantees/ExceptionSafetyGuarantees.ql b/cpp/common/test/rules/exceptionsafetyguarantees/ExceptionSafetyGuarantees.ql index 8b623baeb5..bfa4a88318 100644 --- a/cpp/common/test/rules/exceptionsafetyguarantees/ExceptionSafetyGuarantees.ql +++ b/cpp/common/test/rules/exceptionsafetyguarantees/ExceptionSafetyGuarantees.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.exceptionsafetyguarantees.ExceptionSafetyGuarantees + +class TestFileQuery extends ExceptionSafetyGuaranteesSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/exceptionsafetyvalidstate/ExceptionSafetyValidState.ql b/cpp/common/test/rules/exceptionsafetyvalidstate/ExceptionSafetyValidState.ql index d70d72a24c..aa18543c36 100644 --- a/cpp/common/test/rules/exceptionsafetyvalidstate/ExceptionSafetyValidState.ql +++ b/cpp/common/test/rules/exceptionsafetyvalidstate/ExceptionSafetyValidState.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.exceptionsafetyvalidstate.ExceptionSafetyValidState + +class TestFileQuery extends ExceptionSafetyValidStateSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/exithandlerthrowsexception/ExitHandlerThrowsException.ql b/cpp/common/test/rules/exithandlerthrowsexception/ExitHandlerThrowsException.ql index 29e308f137..c61992b8b0 100644 --- a/cpp/common/test/rules/exithandlerthrowsexception/ExitHandlerThrowsException.ql +++ b/cpp/common/test/rules/exithandlerthrowsexception/ExitHandlerThrowsException.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.exithandlerthrowsexception.ExitHandlerThrowsException + +class TestFileQuery extends ExitHandlerThrowsExceptionSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/explicitabrupttermination/ExplicitAbruptTermination.ql b/cpp/common/test/rules/explicitabrupttermination/ExplicitAbruptTermination.ql index d71219a14c..d7df643551 100644 --- a/cpp/common/test/rules/explicitabrupttermination/ExplicitAbruptTermination.ql +++ b/cpp/common/test/rules/explicitabrupttermination/ExplicitAbruptTermination.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.explicitabrupttermination.ExplicitAbruptTermination + +class TestFileQuery extends ExplicitAbruptTerminationSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.ql b/cpp/common/test/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.ql index d8dcf68384..4af4aeceaf 100644 --- a/cpp/common/test/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.ql +++ b/cpp/common/test/rules/functionnoreturnattributecondition/FunctionNoReturnAttributeCondition.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.functionnoreturnattributecondition.FunctionNoReturnAttributeCondition + +class TestFileQuery extends FunctionNoReturnAttributeConditionSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.ql b/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.ql index 826a161cc6..89768a3022 100644 --- a/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.ql +++ b/cpp/common/test/rules/gotostatementcondition/GotoStatementCondition.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.gotostatementcondition.GotoStatementCondition + +class TestFileQuery extends GotoStatementConditionSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql b/cpp/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql index 693dae8f57..a0d83a59a6 100644 --- a/cpp/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql +++ b/cpp/common/test/rules/guardaccesstobitfields/GuardAccessToBitFields.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.guardaccesstobitfields.GuardAccessToBitFields + +class TestFileQuery extends GuardAccessToBitFieldsSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/handleallexceptionsduringstartup/HandleAllExceptionsDuringStartup.ql b/cpp/common/test/rules/handleallexceptionsduringstartup/HandleAllExceptionsDuringStartup.ql index 067c567389..d366b0eb79 100644 --- a/cpp/common/test/rules/handleallexceptionsduringstartup/HandleAllExceptionsDuringStartup.ql +++ b/cpp/common/test/rules/handleallexceptionsduringstartup/HandleAllExceptionsDuringStartup.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.handleallexceptionsduringstartup.HandleAllExceptionsDuringStartup + +class TestFileQuery extends HandleAllExceptionsDuringStartupSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql b/cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql index d0ead0b289..a61dc7860a 100644 --- a/cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql +++ b/cpp/common/test/rules/hashoperatorsused/HashOperatorsUsed.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.hashoperatorsused.HashOperatorsUsed + +class TestFileQuery extends HashOperatorsUsedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/identifierhidden/IdentifierHidden.ql b/cpp/common/test/rules/identifierhidden/IdentifierHidden.ql index 62abdd2163..ba13b28bd4 100644 --- a/cpp/common/test/rules/identifierhidden/IdentifierHidden.ql +++ b/cpp/common/test/rules/identifierhidden/IdentifierHidden.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.identifierhidden.IdentifierHidden + +class TestFileQuery extends IdentifierHiddenSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/identifierwithexternallinkageonedefinitionshared/IdentifierWithExternalLinkageOneDefinitionShared.ql b/cpp/common/test/rules/identifierwithexternallinkageonedefinitionshared/IdentifierWithExternalLinkageOneDefinitionShared.ql index 0d540a0fb1..ebe9a75d1e 100644 --- a/cpp/common/test/rules/identifierwithexternallinkageonedefinitionshared/IdentifierWithExternalLinkageOneDefinitionShared.ql +++ b/cpp/common/test/rules/identifierwithexternallinkageonedefinitionshared/IdentifierWithExternalLinkageOneDefinitionShared.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.identifierwithexternallinkageonedefinitionshared.IdentifierWithExternalLinkageOneDefinitionShared + +class TestFileQuery extends IdentifierWithExternalLinkageOneDefinitionSharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql b/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql index d96cb456ce..acdd497be7 100644 --- a/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql +++ b/cpp/common/test/rules/ifelseterminationconstruct/IfElseTerminationConstruct.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.ifelseterminationconstruct.IfElseTerminationConstruct + +class TestFileQuery extends IfElseTerminationConstructSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql b/cpp/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql index 2fcfddeca9..13b07b4e90 100644 --- a/cpp/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql +++ b/cpp/common/test/rules/includeguardsnotused/IncludeGuardsNotUsed.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.includeguardsnotused.IncludeGuardsNotUsed + +class TestFileQuery extends IncludeGuardsNotUsedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql b/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql index 4e603a2e36..3393d015c3 100644 --- a/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql +++ b/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.informationleakageacrossboundaries.InformationLeakageAcrossBoundaries + +class TestFileQuery extends InformationLeakageAcrossBoundariesSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql b/cpp/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql index 164aa6ed96..c1f22c408a 100644 --- a/cpp/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql +++ b/cpp/common/test/rules/iofstreammissingpositioning/IOFstreamMissingPositioning.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.iofstreammissingpositioning.IOFstreamMissingPositioning + +class TestFileQuery extends IOFstreamMissingPositioningSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/joinablethreadcopiedordestroyed/JoinableThreadCopiedOrDestroyed.ql b/cpp/common/test/rules/joinablethreadcopiedordestroyed/JoinableThreadCopiedOrDestroyed.ql index 0125aa7405..affaeef13d 100644 --- a/cpp/common/test/rules/joinablethreadcopiedordestroyed/JoinableThreadCopiedOrDestroyed.ql +++ b/cpp/common/test/rules/joinablethreadcopiedordestroyed/JoinableThreadCopiedOrDestroyed.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.joinablethreadcopiedordestroyed.JoinableThreadCopiedOrDestroyed + +class TestFileQuery extends JoinableThreadCopiedOrDestroyedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql b/cpp/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql index 0ce5ceef5c..2ff9477919 100644 --- a/cpp/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql +++ b/cpp/common/test/rules/macroparameternotenclosedinparentheses/MacroParameterNotEnclosedInParentheses.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.macroparameternotenclosedinparentheses.MacroParameterNotEnclosedInParentheses + +class TestFileQuery extends MacroParameterNotEnclosedInParenthesesSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql b/cpp/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql index f924c33f1d..55290047a1 100644 --- a/cpp/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql +++ b/cpp/common/test/rules/memcmpusedtocomparepaddingdata/MemcmpUsedToComparePaddingData.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.memcmpusedtocomparepaddingdata.MemcmpUsedToComparePaddingData + +class TestFileQuery extends MemcmpUsedToComparePaddingDataSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.ql b/cpp/common/test/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.ql index 50954b88bf..5113873b8b 100644 --- a/cpp/common/test/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.ql +++ b/cpp/common/test/rules/missingstaticspecifierfunctionredeclarationshared/MissingStaticSpecifierFunctionRedeclarationShared.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.missingstaticspecifierfunctionredeclarationshared.MissingStaticSpecifierFunctionRedeclarationShared + +class TestFileQuery extends MissingStaticSpecifierFunctionRedeclarationSharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/movedfromobjectsunspecifiedstate/MovedFromObjectsUnspecifiedState.ql b/cpp/common/test/rules/movedfromobjectsunspecifiedstate/MovedFromObjectsUnspecifiedState.ql index 47cfe4e798..3f818cc3e2 100644 --- a/cpp/common/test/rules/movedfromobjectsunspecifiedstate/MovedFromObjectsUnspecifiedState.ql +++ b/cpp/common/test/rules/movedfromobjectsunspecifiedstate/MovedFromObjectsUnspecifiedState.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.movedfromobjectsunspecifiedstate.MovedFromObjectsUnspecifiedState + +class TestFileQuery extends MovedFromObjectsUnspecifiedStateSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql b/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql index a23fe0b2f9..3e0b1f7e8b 100644 --- a/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql +++ b/cpp/common/test/rules/nestedlabelinswitch/NestedLabelInSwitch.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nestedlabelinswitch.NestedLabelInSwitch + +class TestFileQuery extends NestedLabelInSwitchSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql b/cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql index da907fcf9e..2e27365953 100644 --- a/cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql +++ b/cpp/common/test/rules/nonbooleanifstmt/NonBooleanIfStmt.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonbooleanifstmt.NonBooleanIfStmt + +class TestFileQuery extends NonBooleanIfStmtSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql b/cpp/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql index ffe3f351c6..46c2d4c3bb 100644 --- a/cpp/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql +++ b/cpp/common/test/rules/nonbooleaniterationstmt/NonBooleanIterationStmt.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonbooleaniterationstmt.NonBooleanIterationStmt + +class TestFileQuery extends NonBooleanIterationStmtSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/nonconstantformat/NonConstantFormat.ql b/cpp/common/test/rules/nonconstantformat/NonConstantFormat.ql index 7a92b544e2..25750ae9e5 100644 --- a/cpp/common/test/rules/nonconstantformat/NonConstantFormat.ql +++ b/cpp/common/test/rules/nonconstantformat/NonConstantFormat.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonconstantformat.NonConstantFormat + +class TestFileQuery extends NonConstantFormatSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/nonstandardentitiesinstandardnamespaces/NonStandardEntitiesInStandardNamespaces.ql b/cpp/common/test/rules/nonstandardentitiesinstandardnamespaces/NonStandardEntitiesInStandardNamespaces.ql index 847a6c26f0..3b10c31026 100644 --- a/cpp/common/test/rules/nonstandardentitiesinstandardnamespaces/NonStandardEntitiesInStandardNamespaces.ql +++ b/cpp/common/test/rules/nonstandardentitiesinstandardnamespaces/NonStandardEntitiesInStandardNamespaces.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonstandardentitiesinstandardnamespaces.NonStandardEntitiesInStandardNamespaces + +class TestFileQuery extends NonStandardEntitiesInStandardNamespacesSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql b/cpp/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql index 9b7236a26f..bcf99b44e7 100644 --- a/cpp/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql +++ b/cpp/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.nonvoidfunctiondoesnotreturn.NonVoidFunctionDoesNotReturn + +class TestFileQuery extends NonVoidFunctionDoesNotReturnSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/objectaccessedafterlifetime/ObjectAccessedAfterLifetime.ql b/cpp/common/test/rules/objectaccessedafterlifetime/ObjectAccessedAfterLifetime.ql index 07ad7ea1f2..fbf2270fb9 100644 --- a/cpp/common/test/rules/objectaccessedafterlifetime/ObjectAccessedAfterLifetime.ql +++ b/cpp/common/test/rules/objectaccessedafterlifetime/ObjectAccessedAfterLifetime.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.objectaccessedafterlifetime.ObjectAccessedAfterLifetime + +class TestFileQuery extends ObjectAccessedAfterLifetimeSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/objectaccessedbeforelifetime/ObjectAccessedBeforeLifetime.ql b/cpp/common/test/rules/objectaccessedbeforelifetime/ObjectAccessedBeforeLifetime.ql index 4eeb0ac98b..aa88f954dc 100644 --- a/cpp/common/test/rules/objectaccessedbeforelifetime/ObjectAccessedBeforeLifetime.ql +++ b/cpp/common/test/rules/objectaccessedbeforelifetime/ObjectAccessedBeforeLifetime.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.objectaccessedbeforelifetime.ObjectAccessedBeforeLifetime + +class TestFileQuery extends ObjectAccessedBeforeLifetimeSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/onedefinitionruleviolation/OneDefinitionRuleViolation.ql b/cpp/common/test/rules/onedefinitionruleviolation/OneDefinitionRuleViolation.ql index ff17ce344e..0f01e0b871 100644 --- a/cpp/common/test/rules/onedefinitionruleviolation/OneDefinitionRuleViolation.ql +++ b/cpp/common/test/rules/onedefinitionruleviolation/OneDefinitionRuleViolation.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.onedefinitionruleviolation.OneDefinitionRuleViolation + +class TestFileQuery extends OneDefinitionRuleViolationSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/operationmaynotnullterminatecstylestring/OperationMayNotNullTerminateCStyleString.ql b/cpp/common/test/rules/operationmaynotnullterminatecstylestring/OperationMayNotNullTerminateCStyleString.ql index dc30d3e41b..88637e5fb8 100644 --- a/cpp/common/test/rules/operationmaynotnullterminatecstylestring/OperationMayNotNullTerminateCStyleString.ql +++ b/cpp/common/test/rules/operationmaynotnullterminatecstylestring/OperationMayNotNullTerminateCStyleString.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.operationmaynotnullterminatecstylestring.OperationMayNotNullTerminateCStyleString + +class TestFileQuery extends OperationMayNotNullTerminateCStyleStringSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/operatordeletemissingpartner/OperatorDeleteMissingPartner.ql b/cpp/common/test/rules/operatordeletemissingpartner/OperatorDeleteMissingPartner.ql index 37f920e11d..df5ed195c3 100644 --- a/cpp/common/test/rules/operatordeletemissingpartner/OperatorDeleteMissingPartner.ql +++ b/cpp/common/test/rules/operatordeletemissingpartner/OperatorDeleteMissingPartner.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.operatordeletemissingpartner.OperatorDeleteMissingPartner + +class TestFileQuery extends OperatorDeleteMissingPartnerSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.ql b/cpp/common/test/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.ql index 0020ba4207..765e11c79e 100644 --- a/cpp/common/test/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.ql +++ b/cpp/common/test/rules/orderingpredicatemustbestrictlyweak/OrderingPredicateMustBeStrictlyWeak.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.orderingpredicatemustbestrictlyweak.OrderingPredicateMustBeStrictlyWeak + +class TestFileQuery extends OrderingPredicateMustBeStrictlyWeakSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.ql b/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.ql index c6a85d318e..efdcb47a16 100644 --- a/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.ql +++ b/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.ownedpointervaluestoredinunrelatedsmartpointer.OwnedPointerValueStoredInUnrelatedSmartPointer + +class TestFileQuery extends OwnedPointerValueStoredInUnrelatedSmartPointerSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.ql b/cpp/common/test/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.ql index 4f07c3df65..d63da2dc8d 100644 --- a/cpp/common/test/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.ql +++ b/cpp/common/test/rules/placementnewinsufficientstorage/PlacementNewInsufficientStorage.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.placementnewinsufficientstorage.PlacementNewInsufficientStorage + +class TestFileQuery extends PlacementNewInsufficientStorageSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/placementnewnotproperlyaligned/PlacementNewNotProperlyAligned.ql b/cpp/common/test/rules/placementnewnotproperlyaligned/PlacementNewNotProperlyAligned.ql index 3214b16c59..913b1c9c66 100644 --- a/cpp/common/test/rules/placementnewnotproperlyaligned/PlacementNewNotProperlyAligned.ql +++ b/cpp/common/test/rules/placementnewnotproperlyaligned/PlacementNewNotProperlyAligned.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.placementnewnotproperlyaligned.PlacementNewNotProperlyAligned + +class TestFileQuery extends PlacementNewNotProperlyAlignedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/predicatefunctionobjectsshouldnotbemutable/PredicateFunctionObjectsShouldNotBeMutable.ql b/cpp/common/test/rules/predicatefunctionobjectsshouldnotbemutable/PredicateFunctionObjectsShouldNotBeMutable.ql index 24aa754e0a..1c9c73fb3d 100644 --- a/cpp/common/test/rules/predicatefunctionobjectsshouldnotbemutable/PredicateFunctionObjectsShouldNotBeMutable.ql +++ b/cpp/common/test/rules/predicatefunctionobjectsshouldnotbemutable/PredicateFunctionObjectsShouldNotBeMutable.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.predicatefunctionobjectsshouldnotbemutable.PredicateFunctionObjectsShouldNotBeMutable + +class TestFileQuery extends PredicateFunctionObjectsShouldNotBeMutableSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql b/cpp/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql index 37ff4945f4..d66babdb6d 100644 --- a/cpp/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql +++ b/cpp/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessingdirectivewithinmacroargument.PreprocessingDirectiveWithinMacroArgument + +class TestFileQuery extends PreprocessingDirectiveWithinMacroArgumentSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql b/cpp/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql index 1b27d1e0ee..c7652ab4ae 100644 --- a/cpp/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql +++ b/cpp/common/test/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessorincludesforbiddenheadernames.PreprocessorIncludesForbiddenHeaderNames + +class TestFileQuery extends PreprocessorIncludesForbiddenHeaderNamesSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql b/cpp/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql index 343b168637..43701dbbf9 100644 --- a/cpp/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql +++ b/cpp/common/test/rules/preprocessorincludespreceded/PreprocessorIncludesPreceded.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preprocessorincludespreceded.PreprocessorIncludesPreceded + +class TestFileQuery extends PreprocessorIncludesPrecededSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql b/cpp/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql index cef4c700ab..009c7f9e26 100644 --- a/cpp/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql +++ b/cpp/common/test/rules/preservesafetywhenusingconditionvariables/PreserveSafetyWhenUsingConditionVariables.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preservesafetywhenusingconditionvariables.PreserveSafetyWhenUsingConditionVariables + +class TestFileQuery extends PreserveSafetyWhenUsingConditionVariablesSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql b/cpp/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql index 6412db389a..4ca46f15ea 100644 --- a/cpp/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql +++ b/cpp/common/test/rules/preventdeadlockbylockinginpredefinedorder/PreventDeadlockByLockingInPredefinedOrder.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.preventdeadlockbylockinginpredefinedorder.PreventDeadlockByLockingInPredefinedOrder + +class TestFileQuery extends PreventDeadlockByLockingInPredefinedOrderSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql b/cpp/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql index 71c2a6cecd..9150d4459d 100644 --- a/cpp/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql +++ b/cpp/common/test/rules/readofuninitializedmemory/ReadOfUninitializedMemory.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.readofuninitializedmemory.ReadOfUninitializedMemory + +class TestFileQuery extends ReadOfUninitializedMemorySharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/removeconstorvolatilequalification/RemoveConstOrVolatileQualification.ql b/cpp/common/test/rules/removeconstorvolatilequalification/RemoveConstOrVolatileQualification.ql index 0534eba191..61865cccab 100644 --- a/cpp/common/test/rules/removeconstorvolatilequalification/RemoveConstOrVolatileQualification.ql +++ b/cpp/common/test/rules/removeconstorvolatilequalification/RemoveConstOrVolatileQualification.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.removeconstorvolatilequalification.RemoveConstOrVolatileQualification + +class TestFileQuery extends RemoveConstOrVolatileQualificationSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/rethrownestedwithoutcapture/RethrowNestedWithoutCapture.ql b/cpp/common/test/rules/rethrownestedwithoutcapture/RethrowNestedWithoutCapture.ql index da62185e5d..ab45ada710 100644 --- a/cpp/common/test/rules/rethrownestedwithoutcapture/RethrowNestedWithoutCapture.ql +++ b/cpp/common/test/rules/rethrownestedwithoutcapture/RethrowNestedWithoutCapture.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.rethrownestedwithoutcapture.RethrowNestedWithoutCapture + +class TestFileQuery extends RethrowNestedWithoutCaptureSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql b/cpp/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql index c60068c7cc..aacadf0253 100644 --- a/cpp/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql +++ b/cpp/common/test/rules/sectionsofcodeshallnotbecommentedout/SectionsOfCodeShallNotBeCommentedOut.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.sectionsofcodeshallnotbecommentedout.SectionsOfCodeShallNotBeCommentedOut + +class TestFileQuery extends SectionsOfCodeShallNotBeCommentedOutSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/stringnumberconversionmissingerrorcheck/StringNumberConversionMissingErrorCheck.ql b/cpp/common/test/rules/stringnumberconversionmissingerrorcheck/StringNumberConversionMissingErrorCheck.ql index 7bb5f78c86..7fae4b8b9a 100644 --- a/cpp/common/test/rules/stringnumberconversionmissingerrorcheck/StringNumberConversionMissingErrorCheck.ql +++ b/cpp/common/test/rules/stringnumberconversionmissingerrorcheck/StringNumberConversionMissingErrorCheck.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.stringnumberconversionmissingerrorcheck.StringNumberConversionMissingErrorCheck + +class TestFileQuery extends StringNumberConversionMissingErrorCheckSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql b/cpp/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql index 65188d04f7..1b323a652d 100644 --- a/cpp/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql +++ b/cpp/common/test/rules/switchcasepositioncondition/SwitchCasePositionCondition.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.switchcasepositioncondition.SwitchCasePositionCondition + +class TestFileQuery extends SwitchCasePositionConditionSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql b/cpp/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql index 0a398a99a9..75ce3cb1ec 100644 --- a/cpp/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql +++ b/cpp/common/test/rules/switchnotwellformed/SwitchNotWellFormed.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.switchnotwellformed.SwitchNotWellFormed + +class TestFileQuery extends SwitchNotWellFormedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/throwingnothrowoperatornewdelete/ThrowingNoThrowOperatorNewDelete.ql b/cpp/common/test/rules/throwingnothrowoperatornewdelete/ThrowingNoThrowOperatorNewDelete.ql index 509ebce02c..0135c410f4 100644 --- a/cpp/common/test/rules/throwingnothrowoperatornewdelete/ThrowingNoThrowOperatorNewDelete.ql +++ b/cpp/common/test/rules/throwingnothrowoperatornewdelete/ThrowingNoThrowOperatorNewDelete.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.throwingnothrowoperatornewdelete.ThrowingNoThrowOperatorNewDelete + +class TestFileQuery extends ThrowingNoThrowOperatorNewDeleteSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.ql b/cpp/common/test/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.ql index a0d67c17c9..c0fc6c8619 100644 --- a/cpp/common/test/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.ql +++ b/cpp/common/test/rules/throwingoperatornewreturnsnull/ThrowingOperatorNewReturnsNull.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.throwingoperatornewreturnsnull.ThrowingOperatorNewReturnsNull + +class TestFileQuery extends ThrowingOperatorNewReturnsNullSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/throwingoperatornewthrowsinvalidexception/ThrowingOperatorNewThrowsInvalidException.ql b/cpp/common/test/rules/throwingoperatornewthrowsinvalidexception/ThrowingOperatorNewThrowsInvalidException.ql index 4e2cc46a8b..072a5c7027 100644 --- a/cpp/common/test/rules/throwingoperatornewthrowsinvalidexception/ThrowingOperatorNewThrowsInvalidException.ql +++ b/cpp/common/test/rules/throwingoperatornewthrowsinvalidexception/ThrowingOperatorNewThrowsInvalidException.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.throwingoperatornewthrowsinvalidexception.ThrowingOperatorNewThrowsInvalidException + +class TestFileQuery extends ThrowingOperatorNewThrowsInvalidExceptionSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql b/cpp/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql index 2ceb96c0d7..11720fb8da 100644 --- a/cpp/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql +++ b/cpp/common/test/rules/uncheckedrangedomainpoleerrors/UncheckedRangeDomainPoleErrors.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.uncheckedrangedomainpoleerrors.UncheckedRangeDomainPoleErrors + +class TestFileQuery extends UncheckedRangeDomainPoleErrorsSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql b/cpp/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql index afede1b8ef..316565cab7 100644 --- a/cpp/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql +++ b/cpp/common/test/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.undefinedmacroidentifiers.UndefinedMacroIdentifiers + +class TestFileQuery extends UndefinedMacroIdentifiersSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql b/cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql index 9914ad0b1e..3baad901da 100644 --- a/cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql +++ b/cpp/common/test/rules/unnecessaryexposedidentifierdeclarationshared/UnnecessaryExposedIdentifierDeclarationShared.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unnecessaryexposedidentifierdeclarationshared.UnnecessaryExposedIdentifierDeclarationShared + +class TestFileQuery extends UnnecessaryExposedIdentifierDeclarationSharedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/unreachablecode/UnreachableCode.ql b/cpp/common/test/rules/unreachablecode/UnreachableCode.ql index 7a105eafa8..c394bfba3e 100644 --- a/cpp/common/test/rules/unreachablecode/UnreachableCode.ql +++ b/cpp/common/test/rules/unreachablecode/UnreachableCode.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unreachablecode.UnreachableCode + +class TestFileQuery extends UnreachableCodeSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/unusedparameter/UnusedParameter.ql b/cpp/common/test/rules/unusedparameter/UnusedParameter.ql index 0c6d01d515..e990a7dcf3 100644 --- a/cpp/common/test/rules/unusedparameter/UnusedParameter.ql +++ b/cpp/common/test/rules/unusedparameter/UnusedParameter.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unusedparameter.UnusedParameter + +class TestFileQuery extends UnusedParameterSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql b/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql index 83b19da601..f1c09524d5 100644 --- a/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql +++ b/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.unusedtypedeclarations.UnusedTypeDeclarations + +class TestFileQuery extends UnusedTypeDeclarationsSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql b/cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql index 7f9e1041a2..f9997627b4 100644 --- a/cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql +++ b/cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.usageofassemblernotdocumented.UsageOfAssemblerNotDocumented + +class TestFileQuery extends UsageOfAssemblerNotDocumentedSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/usecanonicalorderformemberinit/UseCanonicalOrderForMemberInit.ql b/cpp/common/test/rules/usecanonicalorderformemberinit/UseCanonicalOrderForMemberInit.ql index 17b299aadb..c703151f75 100644 --- a/cpp/common/test/rules/usecanonicalorderformemberinit/UseCanonicalOrderForMemberInit.ql +++ b/cpp/common/test/rules/usecanonicalorderformemberinit/UseCanonicalOrderForMemberInit.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.usecanonicalorderformemberinit.UseCanonicalOrderForMemberInit + +class TestFileQuery extends UseCanonicalOrderForMemberInitSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.ql b/cpp/common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.ql index b24a879bab..8ddcc5bc7e 100644 --- a/cpp/common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.ql +++ b/cpp/common/test/rules/useinitializerbracestomatchaggregatetypestructure/UseInitializerBracesToMatchAggregateTypeStructure.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.useinitializerbracestomatchaggregatetypestructure.UseInitializerBracesToMatchAggregateTypeStructure + +class TestFileQuery extends UseInitializerBracesToMatchAggregateTypeStructureSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql b/cpp/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql index 819d12c4e8..55554bee07 100644 --- a/cpp/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql +++ b/cpp/common/test/rules/useonlyarrayindexingforpointerarithmetic/UseOnlyArrayIndexingForPointerArithmetic.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.useonlyarrayindexingforpointerarithmetic.UseOnlyArrayIndexingForPointerArithmetic + +class TestFileQuery extends UseOnlyArrayIndexingForPointerArithmeticSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/validcontainerelementaccess/ValidContainerElementAccess.ql b/cpp/common/test/rules/validcontainerelementaccess/ValidContainerElementAccess.ql index 43e757d5be..5f61b8a2a9 100644 --- a/cpp/common/test/rules/validcontainerelementaccess/ValidContainerElementAccess.ql +++ b/cpp/common/test/rules/validcontainerelementaccess/ValidContainerElementAccess.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.validcontainerelementaccess.ValidContainerElementAccess + +class TestFileQuery extends ValidContainerElementAccessSharedQuery, TestQuery { } diff --git a/cpp/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql b/cpp/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql index 6f4ad4c40e..44947bf85a 100644 --- a/cpp/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql +++ b/cpp/common/test/rules/wrapspuriousfunctioninloop/WrapSpuriousFunctionInLoop.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.wrapspuriousfunctioninloop.WrapSpuriousFunctionInLoop + +class TestFileQuery extends WrapSpuriousFunctionInLoopSharedQuery, TestQuery { } From ba8bfe147058e390ae481b2160f2a117a9a5e80e Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 18 May 2023 20:29:31 +0200 Subject: [PATCH 1108/2573] Fix non-standard shared query names --- .../RULE-20-10/PreprocessorHashOperatorsShouldNotBeUsed.ql | 2 +- .../rules/RULE-20-2/ForbiddenCharactersInHeaderFileName.ql | 2 +- .../RULE-20-9/IdentifiersUsedInPreprocessorExpression.ql | 2 +- .../rules/A15-3-5/ClassTypeExceptionNotCaughtByReference.ql | 2 +- .../CharactersOccurInHeaderFileNameOrInIncludeDirective.ql | 2 +- .../src/rules/M16-0-7/UndefinedMacroIdentifiersUsedIn.ql | 2 +- cpp/autosar/src/rules/M16-3-2/HashOperatorsShouldNotBeUsed.ql | 2 +- .../src/rules/ERR61-CPP/CatchExceptionsByLvalueReference.ql | 2 +- .../CatchExceptionsByLvalueReference.qll | 4 ++-- .../cpp/rules/hashoperatorsused/HashOperatorsUsed.qll | 4 ++-- .../PreprocessorIncludesForbiddenHeaderNames.qll | 4 ++-- .../undefinedmacroidentifiers/UndefinedMacroIdentifiers.qll | 4 ++-- 12 files changed, 16 insertions(+), 16 deletions(-) diff --git a/c/misra/src/rules/RULE-20-10/PreprocessorHashOperatorsShouldNotBeUsed.ql b/c/misra/src/rules/RULE-20-10/PreprocessorHashOperatorsShouldNotBeUsed.ql index 3d6b30f875..f0d82928fb 100644 --- a/c/misra/src/rules/RULE-20-10/PreprocessorHashOperatorsShouldNotBeUsed.ql +++ b/c/misra/src/rules/RULE-20-10/PreprocessorHashOperatorsShouldNotBeUsed.ql @@ -15,7 +15,7 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.hashoperatorsused.HashOperatorsUsed -class HashOperatorsUsedInQuery extends HashOperatorsUsedQuery { +class HashOperatorsUsedInQuery extends HashOperatorsUsedSharedQuery { HashOperatorsUsedInQuery() { this = Preprocessor1Package::preprocessorHashOperatorsShouldNotBeUsedQuery() } diff --git a/c/misra/src/rules/RULE-20-2/ForbiddenCharactersInHeaderFileName.ql b/c/misra/src/rules/RULE-20-2/ForbiddenCharactersInHeaderFileName.ql index 9ef3c76c49..37d735fb92 100644 --- a/c/misra/src/rules/RULE-20-2/ForbiddenCharactersInHeaderFileName.ql +++ b/c/misra/src/rules/RULE-20-2/ForbiddenCharactersInHeaderFileName.ql @@ -15,7 +15,7 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.preprocessorincludesforbiddenheadernames.PreprocessorIncludesForbiddenHeaderNames -class PreprocessorIncludesForbiddenHeaderNames extends PreprocessorIncludesForbiddenHeaderNamesQuery { +class PreprocessorIncludesForbiddenHeaderNames extends PreprocessorIncludesForbiddenHeaderNamesSharedQuery { PreprocessorIncludesForbiddenHeaderNames() { this = Preprocessor1Package::forbiddenCharactersInHeaderFileNameQuery() } diff --git a/c/misra/src/rules/RULE-20-9/IdentifiersUsedInPreprocessorExpression.ql b/c/misra/src/rules/RULE-20-9/IdentifiersUsedInPreprocessorExpression.ql index df01ec00e4..15ca323038 100644 --- a/c/misra/src/rules/RULE-20-9/IdentifiersUsedInPreprocessorExpression.ql +++ b/c/misra/src/rules/RULE-20-9/IdentifiersUsedInPreprocessorExpression.ql @@ -17,7 +17,7 @@ import cpp import codingstandards.c.misra import codingstandards.cpp.rules.undefinedmacroidentifiers.UndefinedMacroIdentifiers -class UndefinedMacroIdentifiersUsedInQuery extends UndefinedMacroIdentifiersQuery { +class UndefinedMacroIdentifiersUsedInQuery extends UndefinedMacroIdentifiersSharedQuery { UndefinedMacroIdentifiersUsedInQuery() { this = Preprocessor1Package::identifiersUsedInPreprocessorExpressionQuery() } diff --git a/cpp/autosar/src/rules/A15-3-5/ClassTypeExceptionNotCaughtByReference.ql b/cpp/autosar/src/rules/A15-3-5/ClassTypeExceptionNotCaughtByReference.ql index 4bb8aba62b..c0f4dbb2fe 100644 --- a/cpp/autosar/src/rules/A15-3-5/ClassTypeExceptionNotCaughtByReference.ql +++ b/cpp/autosar/src/rules/A15-3-5/ClassTypeExceptionNotCaughtByReference.ql @@ -17,7 +17,7 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.catchexceptionsbylvaluereference.CatchExceptionsByLvalueReference -class ClassTypeExceptionNotCaughtByReference extends CatchExceptionsByLValueReferenceSharedQuery { +class ClassTypeExceptionNotCaughtByReference extends CatchExceptionsByLvalueReferenceSharedQuery { ClassTypeExceptionNotCaughtByReference() { this = Exceptions2Package::classTypeExceptionNotCaughtByReferenceQuery() } diff --git a/cpp/autosar/src/rules/A16-2-1/CharactersOccurInHeaderFileNameOrInIncludeDirective.ql b/cpp/autosar/src/rules/A16-2-1/CharactersOccurInHeaderFileNameOrInIncludeDirective.ql index 9892f49b00..112e5c6f88 100644 --- a/cpp/autosar/src/rules/A16-2-1/CharactersOccurInHeaderFileNameOrInIncludeDirective.ql +++ b/cpp/autosar/src/rules/A16-2-1/CharactersOccurInHeaderFileNameOrInIncludeDirective.ql @@ -17,7 +17,7 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.preprocessorincludesforbiddenheadernames.PreprocessorIncludesForbiddenHeaderNames -class CharactersOccurInHeaderFileNameOrInIncludeDirectiveQuery extends PreprocessorIncludesForbiddenHeaderNamesQuery { +class CharactersOccurInHeaderFileNameOrInIncludeDirectiveQuery extends PreprocessorIncludesForbiddenHeaderNamesSharedQuery { CharactersOccurInHeaderFileNameOrInIncludeDirectiveQuery() { this = MacrosPackage::charactersOccurInHeaderFileNameOrInIncludeDirectiveQuery() } diff --git a/cpp/autosar/src/rules/M16-0-7/UndefinedMacroIdentifiersUsedIn.ql b/cpp/autosar/src/rules/M16-0-7/UndefinedMacroIdentifiersUsedIn.ql index 9e0ceb1051..bd3293ab1b 100644 --- a/cpp/autosar/src/rules/M16-0-7/UndefinedMacroIdentifiersUsedIn.ql +++ b/cpp/autosar/src/rules/M16-0-7/UndefinedMacroIdentifiersUsedIn.ql @@ -19,7 +19,7 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.undefinedmacroidentifiers.UndefinedMacroIdentifiers -class UndefinedMacroIdentifiersUsedInQuery extends UndefinedMacroIdentifiersQuery { +class UndefinedMacroIdentifiersUsedInQuery extends UndefinedMacroIdentifiersSharedQuery { UndefinedMacroIdentifiersUsedInQuery() { this = MacrosPackage::charactersOccurInHeaderFileNameOrInIncludeDirectiveQuery() } diff --git a/cpp/autosar/src/rules/M16-3-2/HashOperatorsShouldNotBeUsed.ql b/cpp/autosar/src/rules/M16-3-2/HashOperatorsShouldNotBeUsed.ql index e0b40b6ba8..887b67471f 100644 --- a/cpp/autosar/src/rules/M16-3-2/HashOperatorsShouldNotBeUsed.ql +++ b/cpp/autosar/src/rules/M16-3-2/HashOperatorsShouldNotBeUsed.ql @@ -17,6 +17,6 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.hashoperatorsused.HashOperatorsUsed -class HashOperatorsShallNotBeUsedInQuery extends HashOperatorsUsedQuery { +class HashOperatorsShallNotBeUsedInQuery extends HashOperatorsUsedSharedQuery { HashOperatorsShallNotBeUsedInQuery() { this = MacrosPackage::hashOperatorsShouldNotBeUsedQuery() } } diff --git a/cpp/cert/src/rules/ERR61-CPP/CatchExceptionsByLvalueReference.ql b/cpp/cert/src/rules/ERR61-CPP/CatchExceptionsByLvalueReference.ql index aa721f2eb2..29b879b5ea 100644 --- a/cpp/cert/src/rules/ERR61-CPP/CatchExceptionsByLvalueReference.ql +++ b/cpp/cert/src/rules/ERR61-CPP/CatchExceptionsByLvalueReference.ql @@ -15,7 +15,7 @@ import cpp import codingstandards.cpp.cert import codingstandards.cpp.rules.catchexceptionsbylvaluereference.CatchExceptionsByLvalueReference -class CatchExceptionsByLvalueReferenceQuery extends CatchExceptionsByLValueReferenceSharedQuery { +class CatchExceptionsByLvalueReferenceQuery extends CatchExceptionsByLvalueReferenceSharedQuery { CatchExceptionsByLvalueReferenceQuery() { this = Exceptions1Package::catchExceptionsByLvalueReferenceQuery() } diff --git a/cpp/common/src/codingstandards/cpp/rules/catchexceptionsbylvaluereference/CatchExceptionsByLvalueReference.qll b/cpp/common/src/codingstandards/cpp/rules/catchexceptionsbylvaluereference/CatchExceptionsByLvalueReference.qll index 5309f59a34..75c86e50dc 100644 --- a/cpp/common/src/codingstandards/cpp/rules/catchexceptionsbylvaluereference/CatchExceptionsByLvalueReference.qll +++ b/cpp/common/src/codingstandards/cpp/rules/catchexceptionsbylvaluereference/CatchExceptionsByLvalueReference.qll @@ -9,9 +9,9 @@ import codingstandards.cpp.Exclusions import codingstandards.cpp.TrivialType import codingstandards.cpp.exceptions.ExceptionFlow -abstract class CatchExceptionsByLValueReferenceSharedQuery extends Query { } +abstract class CatchExceptionsByLvalueReferenceSharedQuery extends Query { } -Query getQuery() { result instanceof CatchExceptionsByLValueReferenceSharedQuery } +Query getQuery() { result instanceof CatchExceptionsByLvalueReferenceSharedQuery } query predicate problems(Parameter catchParameter, string message) { exists(CatchBlock cb, HandlerType catchType | diff --git a/cpp/common/src/codingstandards/cpp/rules/hashoperatorsused/HashOperatorsUsed.qll b/cpp/common/src/codingstandards/cpp/rules/hashoperatorsused/HashOperatorsUsed.qll index ae825e926f..d9f63887a6 100644 --- a/cpp/common/src/codingstandards/cpp/rules/hashoperatorsused/HashOperatorsUsed.qll +++ b/cpp/common/src/codingstandards/cpp/rules/hashoperatorsused/HashOperatorsUsed.qll @@ -2,9 +2,9 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -abstract class HashOperatorsUsedQuery extends Query { } +abstract class HashOperatorsUsedSharedQuery extends Query { } -Query getQuery() { result instanceof HashOperatorsUsedQuery } +Query getQuery() { result instanceof HashOperatorsUsedSharedQuery } query predicate problems(Macro m, string message) { exists(string body | diff --git a/cpp/common/src/codingstandards/cpp/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.qll b/cpp/common/src/codingstandards/cpp/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.qll index deed463b7a..5175a6edab 100644 --- a/cpp/common/src/codingstandards/cpp/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.qll +++ b/cpp/common/src/codingstandards/cpp/rules/preprocessorincludesforbiddenheadernames/PreprocessorIncludesForbiddenHeaderNames.qll @@ -2,9 +2,9 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions -abstract class PreprocessorIncludesForbiddenHeaderNamesQuery extends Query { } +abstract class PreprocessorIncludesForbiddenHeaderNamesSharedQuery extends Query { } -Query getQuery() { result instanceof PreprocessorIncludesForbiddenHeaderNamesQuery } +Query getQuery() { result instanceof PreprocessorIncludesForbiddenHeaderNamesSharedQuery } class InvalidInclude extends Include { InvalidInclude() { this.getIncludeText().regexpMatch("[\"<].*(['\"\\\\]|\\/\\*|\\/\\/).*[\">]") } diff --git a/cpp/common/src/codingstandards/cpp/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.qll b/cpp/common/src/codingstandards/cpp/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.qll index 00f2a66394..a7e52406a8 100644 --- a/cpp/common/src/codingstandards/cpp/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.qll +++ b/cpp/common/src/codingstandards/cpp/rules/undefinedmacroidentifiers/UndefinedMacroIdentifiers.qll @@ -1,9 +1,9 @@ import cpp import codingstandards.cpp.Exclusions -abstract class UndefinedMacroIdentifiersQuery extends Query { } +abstract class UndefinedMacroIdentifiersSharedQuery extends Query { } -Query getQuery() { result instanceof UndefinedMacroIdentifiersQuery } +Query getQuery() { result instanceof UndefinedMacroIdentifiersSharedQuery } pragma[noinline] predicate isMacroAccessFileAndLine(MacroAccess ma, string filepath, int startLine) { From a399dafa8a8ead43c5a9f42ebc2429e89589f19b Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 18 May 2023 21:48:58 +0200 Subject: [PATCH 1109/2573] Update expected files --- .../DeclaredAReservedIdentifier.expected | 1 - .../rules/unusedtypedeclarations/UnusedTypeDeclarations.expected | 1 - .../rules/unusedtypedeclarations/UnusedTypeDeclarations.expected | 1 - 3 files changed, 3 deletions(-) diff --git a/c/common/test/rules/declaredareservedidentifier/DeclaredAReservedIdentifier.expected b/c/common/test/rules/declaredareservedidentifier/DeclaredAReservedIdentifier.expected index 08e1688eb1..585c6d4c94 100644 --- a/c/common/test/rules/declaredareservedidentifier/DeclaredAReservedIdentifier.expected +++ b/c/common/test/rules/declaredareservedidentifier/DeclaredAReservedIdentifier.expected @@ -1,4 +1,3 @@ -| file://:0:0:0:0 | __va_list_tag | Reserved identifier '__va_list_tag' is declared. | | test.c:2:1:2:23 | #define _RESERVED_MACRO | Reserved identifier '_RESERVED_MACRO' is declared. | | test.c:11:8:11:9 | _s | Reserved identifier '_s' is declared. | | test.c:15:6:15:7 | _f | Reserved identifier '_f' is declared. | diff --git a/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.expected b/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.expected index b0f416cbe9..c1e6e1fddf 100644 --- a/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.expected +++ b/c/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.expected @@ -1,4 +1,3 @@ -| file://:0:0:0:0 | __va_list_tag | Type declaration __va_list_tag is not used. | | test.c:4:8:4:8 | A | Type declaration A is not used. | | test.c:7:18:7:18 | D | Type declaration D is not used. | | test.c:28:11:28:11 | R | Type declaration R is not used. | diff --git a/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.expected b/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.expected index 77f9c0fda9..c30cadc393 100644 --- a/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.expected +++ b/cpp/common/test/rules/unusedtypedeclarations/UnusedTypeDeclarations.expected @@ -1,4 +1,3 @@ -| file://:0:0:0:0 | __va_list_tag | Type declaration __va_list_tag is not used. | | test.cpp:4:7:4:7 | A | Type declaration A is not used. | | test.cpp:6:7:6:7 | B | Type declaration B is not used. | | test.cpp:13:11:13:11 | D | Type declaration D is not used. | From 7f48f47ed180cce746cd94ffcfab7b55f678955f Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 18 May 2023 21:50:43 +0200 Subject: [PATCH 1110/2573] Update expected file --- cpp/common/test/Linkage/ExternalLinkage.expected | 1 - 1 file changed, 1 deletion(-) diff --git a/cpp/common/test/Linkage/ExternalLinkage.expected b/cpp/common/test/Linkage/ExternalLinkage.expected index ab8247369d..db7fd48bf1 100644 --- a/cpp/common/test/Linkage/ExternalLinkage.expected +++ b/cpp/common/test/Linkage/ExternalLinkage.expected @@ -1,4 +1,3 @@ -| file://:0:0:0:0 | (global namespace) | Element has external linkage | | test.cpp:1:5:1:6 | g1 | Element has external linkage | | test.cpp:2:12:2:13 | g2 | Element has external linkage | | test.cpp:7:11:7:13 | ns1 | Element has external linkage | From f496081cdf7c47805d4736cd8ed71d52cceceb7e Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Thu, 18 May 2023 22:27:47 +0200 Subject: [PATCH 1111/2573] Fix expected file --- cpp/common/test/Linkage/ExternalLinkage.expected | 1 + 1 file changed, 1 insertion(+) diff --git a/cpp/common/test/Linkage/ExternalLinkage.expected b/cpp/common/test/Linkage/ExternalLinkage.expected index db7fd48bf1..ab8247369d 100644 --- a/cpp/common/test/Linkage/ExternalLinkage.expected +++ b/cpp/common/test/Linkage/ExternalLinkage.expected @@ -1,3 +1,4 @@ +| file://:0:0:0:0 | (global namespace) | Element has external linkage | | test.cpp:1:5:1:6 | g1 | Element has external linkage | | test.cpp:2:12:2:13 | g2 | Element has external linkage | | test.cpp:7:11:7:13 | ns1 | Element has external linkage | From d24bef5f83996d6e75eb10cd9d88160ba5613aeb Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Fri, 19 May 2023 11:51:53 +0200 Subject: [PATCH 1112/2573] Generated DoNotUseSetjmpOrLongjmpShared test --- .../DoNotUseSetjmpOrLongjmpShared.ql | 2 ++ 1 file changed, 2 insertions(+) diff --git a/cpp/common/test/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.ql b/cpp/common/test/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.ql index 45c240676f..e0026467ff 100644 --- a/cpp/common/test/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.ql +++ b/cpp/common/test/rules/donotusesetjmporlongjmpshared/DoNotUseSetjmpOrLongjmpShared.ql @@ -1,2 +1,4 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotusesetjmporlongjmpshared.DoNotUseSetjmpOrLongjmpShared + +class TestFileQuery extends DoNotUseSetjmpOrLongjmpSharedSharedQuery, TestQuery { } From 5c4e72d9baa6211f628db3b8edf4235d93ef4fd7 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 19 May 2023 11:36:50 +0100 Subject: [PATCH 1113/2573] M8-0-1: Exclude compiler generated DeclStmts These can occur, for example, in range-based for loops. --- cpp/autosar/src/rules/M8-0-1/MultipleLocalDeclarators.ql | 4 +++- cpp/autosar/test/rules/M8-0-1/test.cpp | 7 +++++++ 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/cpp/autosar/src/rules/M8-0-1/MultipleLocalDeclarators.ql b/cpp/autosar/src/rules/M8-0-1/MultipleLocalDeclarators.ql index 3b2051c1b5..7545315b7e 100644 --- a/cpp/autosar/src/rules/M8-0-1/MultipleLocalDeclarators.ql +++ b/cpp/autosar/src/rules/M8-0-1/MultipleLocalDeclarators.ql @@ -20,5 +20,7 @@ import codingstandards.cpp.autosar from DeclStmt ds where not isExcluded(ds, InitializationPackage::multipleLocalDeclaratorsQuery()) and - count(ds.getADeclaration()) > 1 + count(Declaration d | d = ds.getADeclaration()) > 1 and + // Not a compiler generated `DeclStmt`, such as in the range-based for loop + not ds.isCompilerGenerated() select ds, "Declaration list contains more than one declaration." diff --git a/cpp/autosar/test/rules/M8-0-1/test.cpp b/cpp/autosar/test/rules/M8-0-1/test.cpp index 12db420603..cf664e4b34 100644 --- a/cpp/autosar/test/rules/M8-0-1/test.cpp +++ b/cpp/autosar/test/rules/M8-0-1/test.cpp @@ -15,3 +15,10 @@ class ClassA { int m1, m2; // NON_COMPLIANT int m3; // COMPLIANT }; + +#include +void test_loop(std::vector v) { + for (const auto b : v) { // COMPLIANT - DeclStmt is compiler generated + b; + } +} \ No newline at end of file From 7fe36e01decb3eaf84f77517e4c28e83b46fa5a6 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 22 May 2023 13:05:11 +0200 Subject: [PATCH 1114/2573] MEM56-CPP A20-8-1: update .expected file --- ...StoredInUnrelatedSmartPointer.expected.qcc | 102 ++++++++++++++++++ 1 file changed, 102 insertions(+) create mode 100644 cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.expected.qcc diff --git a/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.expected.qcc b/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.expected.qcc new file mode 100644 index 0000000000..1155f0a056 --- /dev/null +++ b/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.expected.qcc @@ -0,0 +1,102 @@ +problems +| test.cpp:5:27:5:28 | v1 | test.cpp:16:13:16:22 | new | test.cpp:5:27:5:28 | v1 | Raw pointer flows to initialize multiple unrelated smart pointers. | +| test.cpp:6:31:6:33 | call to get | test.cpp:16:13:16:22 | new | test.cpp:6:31:6:33 | call to get | Raw pointer flows to initialize multiple unrelated smart pointers. | +| test.cpp:7:28:7:29 | v2 | test.cpp:16:13:16:22 | new | test.cpp:7:28:7:29 | v2 | Raw pointer flows to initialize multiple unrelated smart pointers. | +| test.cpp:11:28:11:29 | v2 | test.cpp:10:8:10:17 | new | test.cpp:11:28:11:29 | v2 | Raw pointer flows to initialize multiple unrelated smart pointers. | +| test.cpp:12:28:12:29 | v2 | test.cpp:10:8:10:17 | new | test.cpp:12:28:12:29 | v2 | Raw pointer flows to initialize multiple unrelated smart pointers. | +| test.cpp:17:27:17:28 | v1 | test.cpp:16:13:16:22 | new | test.cpp:17:27:17:28 | v1 | Raw pointer flows to initialize multiple unrelated smart pointers. | +edges +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:2469:31:2469:33 | __p | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:2469:31:2469:33 | __p | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3611:30:3611:32 | __p | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3611:30:3611:32 | __p | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3757:34:3757:36 | __p | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3757:34:3757:36 | __p | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3757:34:3757:36 | __p | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:4063:14:4063:16 | __p | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3757:34:3757:36 | __p | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:4065:28:4065:30 | __p | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3757:34:3757:36 | __p | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:4068:30:4068:32 | __p | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3927:19:3927:19 | this [__ptr_] | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3927:49:3927:54 | this [__ptr_] | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3927:49:3927:54 | this [__ptr_] | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3927:49:3927:54 | __ptr_ | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:4063:7:4063:17 | constructor init of field __ptr_ [post-this] [__ptr_] | test.cpp:5:27:5:29 | call to shared_ptr [__ptr_] | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:4063:14:4063:16 | __p | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:4063:7:4063:17 | constructor init of field __ptr_ [post-this] [__ptr_] | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:4063:14:4063:16 | __p | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:4063:7:4063:17 | constructor init of field __ptr_ [post-this] [__ptr_] | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:4065:28:4065:30 | __p | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:2469:31:2469:33 | __p | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:4065:28:4065:30 | __p | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:4065:28:4065:30 | ref arg __p | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:4065:28:4065:30 | ref arg __p | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3757:34:3757:36 | __p | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:4065:28:4065:30 | ref arg __p | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:4068:30:4068:32 | __p | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:4068:30:4068:32 | __p | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3611:30:3611:32 | __p | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:4068:30:4068:32 | __p | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:4068:30:4068:32 | ref arg __p | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:4068:30:4068:32 | ref arg __p | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3757:34:3757:36 | __p | +| test.cpp:3:14:3:15 | v1 | test.cpp:5:27:5:28 | v1 | +| test.cpp:3:14:3:15 | v1 | test.cpp:5:27:5:28 | v1 | +| test.cpp:3:14:3:15 | v1 | test.cpp:7:28:7:29 | v2 | +| test.cpp:4:13:4:14 | v1 | test.cpp:7:28:7:29 | v2 | +| test.cpp:5:27:5:28 | v1 | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3757:34:3757:36 | __p | +| test.cpp:5:27:5:28 | v1 | test.cpp:5:27:5:29 | call to shared_ptr [__ptr_] | +| test.cpp:5:27:5:29 | call to shared_ptr | test.cpp:6:31:6:33 | call to get | +| test.cpp:5:27:5:29 | call to shared_ptr [__ptr_] | test.cpp:6:28:6:29 | p1 [__ptr_] | +| test.cpp:5:27:5:29 | call to shared_ptr [__ptr_] | test.cpp:6:28:6:29 | p1 [__ptr_] | +| test.cpp:6:28:6:29 | p1 [__ptr_] | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3927:19:3927:19 | this [__ptr_] | +| test.cpp:6:28:6:29 | p1 [__ptr_] | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3927:19:3927:19 | this [__ptr_] | +| test.cpp:6:28:6:29 | p1 [__ptr_] | test.cpp:6:31:6:33 | call to get | +| test.cpp:6:28:6:29 | p1 [__ptr_] | test.cpp:6:31:6:33 | call to get | +| test.cpp:8:8:8:14 | 0 | test.cpp:9:28:9:29 | v2 | +| test.cpp:10:8:10:17 | new | test.cpp:11:28:11:29 | v2 | +| test.cpp:10:8:10:17 | new | test.cpp:11:28:11:29 | v2 | +| test.cpp:10:8:10:17 | new | test.cpp:12:28:12:29 | v2 | +| test.cpp:11:28:11:29 | ref arg v2 | test.cpp:12:28:12:29 | v2 | +| test.cpp:11:28:11:29 | v2 | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3757:34:3757:36 | __p | +| test.cpp:11:28:11:29 | v2 | test.cpp:11:28:11:29 | ref arg v2 | +| test.cpp:16:13:16:22 | new | test.cpp:17:27:17:28 | v1 | +| test.cpp:16:13:16:22 | new | test.cpp:17:27:17:28 | v1 | +| test.cpp:16:13:16:22 | new | test.cpp:19:6:19:7 | v1 | +| test.cpp:17:27:17:28 | ref arg v1 | test.cpp:19:6:19:7 | v1 | +| test.cpp:17:27:17:28 | v1 | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3757:34:3757:36 | __p | +| test.cpp:17:27:17:28 | v1 | test.cpp:17:27:17:28 | ref arg v1 | +| test.cpp:19:6:19:7 | v1 | test.cpp:3:14:3:15 | v1 | + nodes +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:2469:31:2469:33 | __p | semmle.label | __p | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:2469:31:2469:33 | __p | semmle.label | __p | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3611:30:3611:32 | __p | semmle.label | __p | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3611:30:3611:32 | __p | semmle.label | __p | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3757:34:3757:36 | __p | semmle.label | __p | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3757:34:3757:36 | __p | semmle.label | __p | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3927:19:3927:19 | this [__ptr_] | semmle.label | this [__ptr_] | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3927:49:3927:54 | __ptr_ | semmle.label | __ptr_ | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3927:49:3927:54 | this [__ptr_] | semmle.label | this [__ptr_] | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:4063:7:4063:17 | constructor init of field __ptr_ [post-this] [__ptr_] | semmle.label | constructor init of field __ptr_ [post-this] [__ptr_] | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:4063:7:4063:17 | constructor init of field __ptr_ [post-this] [__ptr_] | semmle.label | constructor init of field __ptr_ [post-this] [__ptr_] | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:4063:14:4063:16 | __p | semmle.label | __p | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:4063:14:4063:16 | __p | semmle.label | __p | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:4065:28:4065:30 | __p | semmle.label | __p | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:4065:28:4065:30 | ref arg __p | semmle.label | ref arg __p | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:4068:30:4068:32 | __p | semmle.label | __p | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:4068:30:4068:32 | ref arg __p | semmle.label | ref arg __p | +| test.cpp:3:14:3:15 | v1 | semmle.label | v1 | +| test.cpp:4:13:4:14 | v1 | semmle.label | v1 | +| test.cpp:5:27:5:28 | v1 | semmle.label | v1 | +| test.cpp:5:27:5:28 | v1 | semmle.label | v1 | +| test.cpp:5:27:5:29 | call to shared_ptr | semmle.label | call to shared_ptr | +| test.cpp:5:27:5:29 | call to shared_ptr [__ptr_] | semmle.label | call to shared_ptr [__ptr_] | +| test.cpp:5:27:5:29 | call to shared_ptr [__ptr_] | semmle.label | call to shared_ptr [__ptr_] | +| test.cpp:6:28:6:29 | p1 [__ptr_] | semmle.label | p1 [__ptr_] | +| test.cpp:6:28:6:29 | p1 [__ptr_] | semmle.label | p1 [__ptr_] | +| test.cpp:6:31:6:33 | call to get | semmle.label | call to get | +| test.cpp:7:28:7:29 | v2 | semmle.label | v2 | +| test.cpp:8:8:8:14 | 0 | semmle.label | 0 | +| test.cpp:9:28:9:29 | v2 | semmle.label | v2 | +| test.cpp:10:8:10:17 | new | semmle.label | new | +| test.cpp:11:28:11:29 | ref arg v2 | semmle.label | ref arg v2 | +| test.cpp:11:28:11:29 | v2 | semmle.label | v2 | +| test.cpp:11:28:11:29 | v2 | semmle.label | v2 | +| test.cpp:12:28:12:29 | v2 | semmle.label | v2 | +| test.cpp:16:13:16:22 | new | semmle.label | new | +| test.cpp:17:27:17:28 | ref arg v1 | semmle.label | ref arg v1 | +| test.cpp:17:27:17:28 | v1 | semmle.label | v1 | +| test.cpp:17:27:17:28 | v1 | semmle.label | v1 | +| test.cpp:19:6:19:7 | v1 | semmle.label | v1 | + subpaths +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:4065:28:4065:30 | __p | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:2469:31:2469:33 | __p | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:2469:31:2469:33 | __p | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:4065:28:4065:30 | ref arg __p | +| file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:4068:30:4068:32 | __p | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3611:30:3611:32 | __p | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3611:30:3611:32 | __p | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:4068:30:4068:32 | ref arg __p | +| test.cpp:5:27:5:28 | v1 | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3757:34:3757:36 | __p | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:4063:7:4063:17 | constructor init of field __ptr_ [post-this] [__ptr_] | test.cpp:5:27:5:29 | call to shared_ptr [__ptr_] | +| test.cpp:6:28:6:29 | p1 [__ptr_] | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3927:19:3927:19 | this [__ptr_] | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3927:49:3927:54 | __ptr_ | test.cpp:6:31:6:33 | call to get | +| test.cpp:6:28:6:29 | p1 [__ptr_] | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3927:19:3927:19 | this [__ptr_] | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3927:49:3927:54 | __ptr_ | test.cpp:6:31:6:33 | call to get | +| test.cpp:11:28:11:29 | v2 | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3757:34:3757:36 | __p | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3757:34:3757:36 | __p | test.cpp:11:28:11:29 | ref arg v2 | +| test.cpp:17:27:17:28 | v1 | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3757:34:3757:36 | __p | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3757:34:3757:36 | __p | test.cpp:17:27:17:28 | ref arg v1 | From d0e8d2d0bb42893578751f654d0e2dea72013479 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 22 May 2023 13:18:47 +0200 Subject: [PATCH 1115/2573] Add change note --- .../2023-05-22-pass-compiler-tests-qcc.md | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 change_notes/2023-05-22-pass-compiler-tests-qcc.md diff --git a/change_notes/2023-05-22-pass-compiler-tests-qcc.md b/change_notes/2023-05-22-pass-compiler-tests-qcc.md new file mode 100644 index 0000000000..f6222fa30b --- /dev/null +++ b/change_notes/2023-05-22-pass-compiler-tests-qcc.md @@ -0,0 +1,18 @@ +Fix issues emerged running the test suite when compiled with `qcc`: +- Fix False Negatives issues + - `A1-1-1`: restrict alerts to mentioned types + - `A5-2-5`: get type for `value_type` + - `A18-1-2` `A18-1-3` `A18-9-1`: support std inline namespaces (`std::__1`) + - `A23-0-1` `A23-0-2`: functions in `std` might be defined in inline namespaces + - `M0-1-4`: removed test case + - `M6-5-2`: equality operator alternative implementations + - `M17-0-5`: `longjmp` might be a macro + - `CTR51-CPP` `CTR53-CPP` `ERR50-CPP` `ERR52-CPP` `STR52-CPP`: fixed by library changes + - `MSC51-CPP`: `time` can be in the global scope + - `STR51-CPP`: String constructor might have 1 parameter. +- Fix False Positives issues + - `STR53-CPP`: compute initial container size for copy constructor + - `A0-4-1`: numeric limits might be defined in `__libcpp_numeric_limits` + - `A0-4-3`: the rule now only checks the last `-std` compilation flag +- Fix exclusion criteria using the `isExcluded()` predicate + - `A2-13-3` `A8-4-4` From 33c3ed4e2132d15d78ab131da6d46066cf93fea0 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 22 May 2023 14:37:26 +0200 Subject: [PATCH 1116/2573] Remove local changes pushed by mistake --- .gitignore | 4 +--- scripts/build_test_database.py | 4 ++-- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/.gitignore b/.gitignore index ec9f823c65..5ce6ad7e3b 100644 --- a/.gitignore +++ b/.gitignore @@ -22,6 +22,4 @@ /databases/ # CodeQL build artifacts -**/.codeql/** -cpp/autosar/test/rules/A2-3-1/test.cpp.gcc -cpp/autosar/test/rules/A2-3-1/test.cpp.qcc +**/.codeql/** \ No newline at end of file diff --git a/scripts/build_test_database.py b/scripts/build_test_database.py index d8876691a8..b67ff4aac2 100644 --- a/scripts/build_test_database.py +++ b/scripts/build_test_database.py @@ -47,7 +47,7 @@ exit(1) # get the codeql version -res = subprocess.run(['/Users/mauro/GitHub/coding-standards/codeql-bundle-20220908/codeql', 'version', '--format', 'json'], stdout=subprocess.PIPE) +res = subprocess.run(['codeql', 'version', '--format', 'json'], stdout=subprocess.PIPE) res_json = json.loads(res.stdout) CODEQL_VERSION=res_json["version"] @@ -67,4 +67,4 @@ while os.path.exists(f"databases/{RULE}+{ITERATION}@{CODEQL_VERSION}"): ITERATION = ITERATION + 1 -os.system(f"/Users/mauro/GitHub/coding-standards/codeql-bundle-20220908/codeql database create -l cpp -s {LANGUAGE}/{STANDARD}/test/rules/{RULE} --command=\"{BUILD_COMMAND}\" databases/{RULE}+{ITERATION}@{CODEQL_VERSION}") +os.system(f"codeql database create -l cpp -s {LANGUAGE}/{STANDARD}/test/rules/{RULE} --command=\"{BUILD_COMMAND}\" databases/{RULE}+{ITERATION}@{CODEQL_VERSION}") \ No newline at end of file From f31de9116c61226fa608789ad9835a302e23b2f9 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 22 May 2023 14:39:39 +0200 Subject: [PATCH 1117/2573] Remove local changes pushed by mistake --- .gitignore | 2 +- scripts/build_test_database.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitignore b/.gitignore index 5ce6ad7e3b..360134b51c 100644 --- a/.gitignore +++ b/.gitignore @@ -22,4 +22,4 @@ /databases/ # CodeQL build artifacts -**/.codeql/** \ No newline at end of file +**/.codeql/** diff --git a/scripts/build_test_database.py b/scripts/build_test_database.py index b67ff4aac2..3f8acde999 100644 --- a/scripts/build_test_database.py +++ b/scripts/build_test_database.py @@ -67,4 +67,4 @@ while os.path.exists(f"databases/{RULE}+{ITERATION}@{CODEQL_VERSION}"): ITERATION = ITERATION + 1 -os.system(f"codeql database create -l cpp -s {LANGUAGE}/{STANDARD}/test/rules/{RULE} --command=\"{BUILD_COMMAND}\" databases/{RULE}+{ITERATION}@{CODEQL_VERSION}") \ No newline at end of file +os.system(f"codeql database create -l cpp -s {LANGUAGE}/{STANDARD}/test/rules/{RULE} --command=\"{BUILD_COMMAND}\" databases/{RULE}+{ITERATION}@{CODEQL_VERSION}") From 925f1881cd9a6a1272a76b89bb4ff077d42688c2 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 24 May 2023 13:04:27 +0200 Subject: [PATCH 1118/2573] Update scripts/generate_rules/generate_package_files.py Co-authored-by: Luke Cartey <5377966+lcartey@users.noreply.github.com> --- scripts/generate_rules/generate_package_files.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/generate_rules/generate_package_files.py b/scripts/generate_rules/generate_package_files.py index a3462515d6..6c46d8b67e 100644 --- a/scripts/generate_rules/generate_package_files.py +++ b/scripts/generate_rules/generate_package_files.py @@ -368,7 +368,7 @@ def generate_package_files(package_name: str) -> None: query["standard_title"] = "AUTOSAR: Guidelines for the use of the C++14 language in critical and safety-related systems" query[ "standard_url" - ] = "https://www.autosar.org/fileadmin/standards/R21-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf" + ] = "https://www.autosar.org/fileadmin/standards/R22-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf" help_dir = None if standard_name in external_help_file_standards: From 6eb8c3f7d402794e20ee3b4655dcdb2d715858df Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 24 May 2023 13:21:09 +0200 Subject: [PATCH 1119/2573] Update user_manual.md --- docs/user_manual.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/docs/user_manual.md b/docs/user_manual.md index f1bbfad49a..3fa513f879 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -20,6 +20,7 @@ | 0.12.0 | 2022-10-21 | Luke Cartey | Updated version to 2.10.0 | | 0.13.0 | 2022-11-03 | Remco Vermeulen | Add missing deviation analysis report tables to section 'Producing an analysis report'. | | 0.14.0 | 2022-11-03 | Remco Vermeulen | Add guideline recategorization plan. | +| 0.15.0 | 2023-05-24 | Mauro Baluda | Clarify AUTOSAR C++ supported versions. | ## Release information @@ -47,7 +48,7 @@ The _CodeQL Coding Standards_ product is a set of CodeQL queries for identifying | Standard | Version | Total rules | Total supportable rules | Status | | -------------------------------------------------------------------------------------------------------------------- | ------- | ----------- | ----------------------- | ----------------- | -| [AUTOSAR C++](https://www.autosar.org/fileadmin/standards/R22-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf) | R22-11, R21-11, R20-11, R19-11, R19-03 | 397 | 375 | Implemented | +| [AUTOSAR C++](https://www.autosar.org/fileadmin/standards/R22-11/AP/AUTOSAR_RS_CPP14Guidelines.pdf) | [^1] R22-11, R21-11, R20-11, R19-11, R19-03 | 397 | 375 | Implemented | | [CERT-C++](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-cpp-coding-standard-2016-v01.pdf) | 2016 | 83 | 83 | Implemented | | [CERT C](https://resources.sei.cmu.edu/downloads/secure-coding/assets/sei-cert-c-coding-standard-2016-v01.pdf) | 2016 | 99 | 99 | Under development | | [MISRA C](https://www.misra.org.uk/product/misra-c2012-third-edition-first-revision/) | 2012 | 172 | 169 | Under development | @@ -62,6 +63,8 @@ Each supported rule is implemented as one or more CodeQL queries, with each quer The datasheet _"CodeQL Coding Standards: supported rules"_, provided with each release, lists which rules are supported for that particular release, and the _scope of analysis_ for that rule. +[^1]: AUTOSAR C++ versions R22-11, R21-11, R20-11, R19-11 and R19-03 are all identical as indicated in the document change history. + ## Supported environment This section describes the supported environment for the product. From 213d6e84ccb5b52c5cbb44f72881aff35965445b Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 26 May 2023 17:04:20 -0400 Subject: [PATCH 1120/2573] testing qcc --- .../CON56-CPP/DoNotSpeculativelyLockALockedNonRecursiveMutex.ql | 2 ++ .../src/rules/CON56-CPP/LockedALockedNonRecursiveMutexAudit.ql | 2 ++ 2 files changed, 4 insertions(+) diff --git a/cpp/cert/src/rules/CON56-CPP/DoNotSpeculativelyLockALockedNonRecursiveMutex.ql b/cpp/cert/src/rules/CON56-CPP/DoNotSpeculativelyLockALockedNonRecursiveMutex.ql index 6259ff67d3..fa8a24da1f 100644 --- a/cpp/cert/src/rules/CON56-CPP/DoNotSpeculativelyLockALockedNonRecursiveMutex.ql +++ b/cpp/cert/src/rules/CON56-CPP/DoNotSpeculativelyLockALockedNonRecursiveMutex.ql @@ -21,6 +21,8 @@ where not isExcluded(n, ConcurrencyPackage::doNotSpeculativelyLockALockedNonRecursiveMutexQuery()) and // problematic nodes are ones where a lock is active and there is an attempt to // call a speculative locking function + + n.(MutexFunctionCall).isSpeculativeLock() and not n.(MutexFunctionCall).isRecursive() and n.getAProtectingLock() = n.(MutexFunctionCall).getLock() diff --git a/cpp/cert/src/rules/CON56-CPP/LockedALockedNonRecursiveMutexAudit.ql b/cpp/cert/src/rules/CON56-CPP/LockedALockedNonRecursiveMutexAudit.ql index 87000ecfb3..f98843aeb0 100644 --- a/cpp/cert/src/rules/CON56-CPP/LockedALockedNonRecursiveMutexAudit.ql +++ b/cpp/cert/src/rules/CON56-CPP/LockedALockedNonRecursiveMutexAudit.ql @@ -21,6 +21,8 @@ where not isExcluded(n, ConcurrencyPackage::lockedALockedNonRecursiveMutexAuditQuery()) and // problematic nodes are ones where a lock is active and there is an attempt to // call a speculative locking function + + n.(MutexFunctionCall).isSpeculativeLock() and not n.(MutexFunctionCall).isRecursive() select n, "(Audit) Attempt to speculatively lock a non-recursive mutex while it is $@.", From 67ae121568f119e01abed3e90cb88c21db486d64 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 26 May 2023 18:58:34 -0400 Subject: [PATCH 1121/2573] logic fix --- cpp/common/src/codingstandards/cpp/Concurrency.qll | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/Concurrency.qll b/cpp/common/src/codingstandards/cpp/Concurrency.qll index 66af30dbb9..93bc72feda 100644 --- a/cpp/common/src/codingstandards/cpp/Concurrency.qll +++ b/cpp/common/src/codingstandards/cpp/Concurrency.qll @@ -231,7 +231,7 @@ pragma[inline] ControlFlowNode getAThreadContextAwarePredecessor(ControlFlowNode start, ControlFlowNode end) { result = getAThreadContextAwareSuccessor(start) and not result = getAThreadContextAwareSuccessor(end) and - not result = end + not result = end } /** @@ -402,6 +402,13 @@ class LockProtectedControlFlowNode extends ThreadedCFN { unlock.(MutexFunctionCall).isUnlock() // note that we don't check that it's the same lock -- this is left // to the caller to enforce this condition. + + // Because of the way that `getAThreadContextAwarePredecessor` works, it is possible + // for operations PAST it to be technically part of the predecessors. + // Thus, we need to make sure that this lock (to be actually) + // an unlock along the same path it must be the case that when we + // supply it as the starting point of the search it hits the try lock + and getAThreadContextAwareSuccessor(unlock) = this ) and (lock instanceof MutexFunctionCall implies not this.(MutexFunctionCall).isUnlock()) ) From e58596a1f95a58596bed3eb97d302c41d0f91dee Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 26 May 2023 19:07:38 -0400 Subject: [PATCH 1122/2573] format --- .../src/codingstandards/cpp/Concurrency.qll | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Concurrency.qll b/cpp/common/src/codingstandards/cpp/Concurrency.qll index 93bc72feda..f202e7adb7 100644 --- a/cpp/common/src/codingstandards/cpp/Concurrency.qll +++ b/cpp/common/src/codingstandards/cpp/Concurrency.qll @@ -231,7 +231,7 @@ pragma[inline] ControlFlowNode getAThreadContextAwarePredecessor(ControlFlowNode start, ControlFlowNode end) { result = getAThreadContextAwareSuccessor(start) and not result = getAThreadContextAwareSuccessor(end) and - not result = end + not result = end } /** @@ -399,16 +399,15 @@ class LockProtectedControlFlowNode extends ThreadedCFN { not exists(ControlFlowNode unlock | // it's an unlock unlock = getAThreadContextAwarePredecessor(lock, this) and - unlock.(MutexFunctionCall).isUnlock() + unlock.(MutexFunctionCall).isUnlock() and // note that we don't check that it's the same lock -- this is left // to the caller to enforce this condition. - // Because of the way that `getAThreadContextAwarePredecessor` works, it is possible - // for operations PAST it to be technically part of the predecessors. - // Thus, we need to make sure that this lock (to be actually) - // an unlock along the same path it must be the case that when we - // supply it as the starting point of the search it hits the try lock - and getAThreadContextAwareSuccessor(unlock) = this + // for operations PAST it to be technically part of the predecessors. + // Thus, we need to make sure that this lock (to be actually) + // an unlock along the same path it must be the case that when we + // supply it as the starting point of the search it hits the try lock + getAThreadContextAwareSuccessor(unlock) = this ) and (lock instanceof MutexFunctionCall implies not this.(MutexFunctionCall).isUnlock()) ) From cf2f486e3fd9f1e7da177c9994d502c6e6b33900 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Fri, 26 May 2023 19:31:16 -0400 Subject: [PATCH 1123/2573] work --- .../DoNotSpeculativelyLockALockedNonRecursiveMutex.ql | 6 ++---- .../rules/CON56-CPP/LockedALockedNonRecursiveMutexAudit.ql | 6 ++---- 2 files changed, 4 insertions(+), 8 deletions(-) diff --git a/cpp/cert/src/rules/CON56-CPP/DoNotSpeculativelyLockALockedNonRecursiveMutex.ql b/cpp/cert/src/rules/CON56-CPP/DoNotSpeculativelyLockALockedNonRecursiveMutex.ql index fa8a24da1f..94d23c8664 100644 --- a/cpp/cert/src/rules/CON56-CPP/DoNotSpeculativelyLockALockedNonRecursiveMutex.ql +++ b/cpp/cert/src/rules/CON56-CPP/DoNotSpeculativelyLockALockedNonRecursiveMutex.ql @@ -19,10 +19,8 @@ import codingstandards.cpp.Concurrency from LockProtectedControlFlowNode n where not isExcluded(n, ConcurrencyPackage::doNotSpeculativelyLockALockedNonRecursiveMutexQuery()) and - // problematic nodes are ones where a lock is active and there is an attempt to - // call a speculative locking function - - + // problematic nodes are ones where a lock is active and there is an attempt + // to call a speculative locking function n.(MutexFunctionCall).isSpeculativeLock() and not n.(MutexFunctionCall).isRecursive() and n.getAProtectingLock() = n.(MutexFunctionCall).getLock() diff --git a/cpp/cert/src/rules/CON56-CPP/LockedALockedNonRecursiveMutexAudit.ql b/cpp/cert/src/rules/CON56-CPP/LockedALockedNonRecursiveMutexAudit.ql index f98843aeb0..d3a5778f2c 100644 --- a/cpp/cert/src/rules/CON56-CPP/LockedALockedNonRecursiveMutexAudit.ql +++ b/cpp/cert/src/rules/CON56-CPP/LockedALockedNonRecursiveMutexAudit.ql @@ -19,10 +19,8 @@ import codingstandards.cpp.Concurrency from LockProtectedControlFlowNode n where not isExcluded(n, ConcurrencyPackage::lockedALockedNonRecursiveMutexAuditQuery()) and - // problematic nodes are ones where a lock is active and there is an attempt to - // call a speculative locking function - - + // problematic nodes are ones where a lock is active and there is an attempt + // to call a speculative locking function n.(MutexFunctionCall).isSpeculativeLock() and not n.(MutexFunctionCall).isRecursive() select n, "(Audit) Attempt to speculatively lock a non-recursive mutex while it is $@.", From 4c7c348cb966028f02370ce45411ec54e2976469 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Mon, 29 May 2023 11:58:42 +0200 Subject: [PATCH 1124/2573] Fix OwnedPointerValueStoredInUnrelatedSmartPointer.expected.qcc removed extra spaces --- ...wnedPointerValueStoredInUnrelatedSmartPointer.expected.qcc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.expected.qcc b/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.expected.qcc index 1155f0a056..a579781f95 100644 --- a/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.expected.qcc +++ b/cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.expected.qcc @@ -51,7 +51,7 @@ edges | test.cpp:17:27:17:28 | v1 | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3757:34:3757:36 | __p | | test.cpp:17:27:17:28 | v1 | test.cpp:17:27:17:28 | ref arg v1 | | test.cpp:19:6:19:7 | v1 | test.cpp:3:14:3:15 | v1 | - nodes +nodes | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:2469:31:2469:33 | __p | semmle.label | __p | | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:2469:31:2469:33 | __p | semmle.label | __p | | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3611:30:3611:32 | __p | semmle.label | __p | @@ -92,7 +92,7 @@ edges | test.cpp:17:27:17:28 | v1 | semmle.label | v1 | | test.cpp:17:27:17:28 | v1 | semmle.label | v1 | | test.cpp:19:6:19:7 | v1 | semmle.label | v1 | - subpaths +subpaths | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:4065:28:4065:30 | __p | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:2469:31:2469:33 | __p | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:2469:31:2469:33 | __p | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:4065:28:4065:30 | ref arg __p | | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:4068:30:4068:32 | __p | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3611:30:3611:32 | __p | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3611:30:3611:32 | __p | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:4068:30:4068:32 | ref arg __p | | test.cpp:5:27:5:28 | v1 | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:3757:34:3757:36 | __p | file:///opt/qcc/qnx-sdp/target/qnx7/usr/include/c++/v1/memory:4063:7:4063:17 | constructor init of field __ptr_ [post-this] [__ptr_] | test.cpp:5:27:5:29 | call to shared_ptr [__ptr_] | From 390f67003792c20242d6224b021ed0d00dd96044 Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Tue, 30 May 2023 09:19:33 -0400 Subject: [PATCH 1125/2573] Update cpp/common/src/codingstandards/cpp/Concurrency.qll Co-authored-by: Mauro Baluda --- cpp/common/src/codingstandards/cpp/Concurrency.qll | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/Concurrency.qll b/cpp/common/src/codingstandards/cpp/Concurrency.qll index f202e7adb7..fa8ae5a615 100644 --- a/cpp/common/src/codingstandards/cpp/Concurrency.qll +++ b/cpp/common/src/codingstandards/cpp/Concurrency.qll @@ -404,9 +404,8 @@ class LockProtectedControlFlowNode extends ThreadedCFN { // to the caller to enforce this condition. // Because of the way that `getAThreadContextAwarePredecessor` works, it is possible // for operations PAST it to be technically part of the predecessors. - // Thus, we need to make sure that this lock (to be actually) - // an unlock along the same path it must be the case that when we - // supply it as the starting point of the search it hits the try lock + // Thus, we need to make sure that this node is a + // successor of the unlock in the CFG getAThreadContextAwareSuccessor(unlock) = this ) and (lock instanceof MutexFunctionCall implies not this.(MutexFunctionCall).isUnlock()) From 6e8ef103a7da254157f2509d458210c98175ba5e Mon Sep 17 00:00:00 2001 From: "John L. Singleton" Date: Tue, 30 May 2023 10:59:20 -0400 Subject: [PATCH 1126/2573] format fix --- cpp/common/src/codingstandards/cpp/Concurrency.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/Concurrency.qll b/cpp/common/src/codingstandards/cpp/Concurrency.qll index fa8ae5a615..5162255de9 100644 --- a/cpp/common/src/codingstandards/cpp/Concurrency.qll +++ b/cpp/common/src/codingstandards/cpp/Concurrency.qll @@ -404,7 +404,7 @@ class LockProtectedControlFlowNode extends ThreadedCFN { // to the caller to enforce this condition. // Because of the way that `getAThreadContextAwarePredecessor` works, it is possible // for operations PAST it to be technically part of the predecessors. - // Thus, we need to make sure that this node is a + // Thus, we need to make sure that this node is a // successor of the unlock in the CFG getAThreadContextAwareSuccessor(unlock) = this ) and From c27d9a682710fa6a3ebcc1de9eaaddf4b2f2527b Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Tue, 27 Jun 2023 10:52:47 +0200 Subject: [PATCH 1127/2573] Remove unused classes from queries --- .../rules/A15-3-3/MissingCatchHandlerInMain.ql | 18 ------------------ ...NotUsedAppropriatelyInVariableDefinition.ql | 5 ----- 2 files changed, 23 deletions(-) diff --git a/cpp/autosar/src/rules/A15-3-3/MissingCatchHandlerInMain.ql b/cpp/autosar/src/rules/A15-3-3/MissingCatchHandlerInMain.ql index e6bf2b99e2..ce3a10f31d 100644 --- a/cpp/autosar/src/rules/A15-3-3/MissingCatchHandlerInMain.ql +++ b/cpp/autosar/src/rules/A15-3-3/MissingCatchHandlerInMain.ql @@ -22,24 +22,6 @@ import codingstandards.cpp.exceptions.ThirdPartyExceptions import codingstandards.cpp.standardlibrary.Exceptions import codingstandards.cpp.EncapsulatingFunctions -/** A `TryStmt` which covers the full body of a function. */ -class FullFunctionBodyTryStmt extends TryStmt { - FullFunctionBodyTryStmt() { - this instanceof FunctionTryStmt - or - exists(Function f, BlockStmt functionBlock | - functionBlock = f.getBlock() and - this = functionBlock.getStmt(0) and - ( - functionBlock.getNumStmt() = 1 - or - functionBlock.getNumStmt() = 2 and - functionBlock.getStmt(1) instanceof ReturnStmt - ) - ) - } -} - /* * The strategy for this query is to find a Stmt in the root BlockStmt which can throw one of the * ExceptionTypes that should be handled. diff --git a/cpp/autosar/src/rules/A7-1-5/AutoSpecifierNotUsedAppropriatelyInVariableDefinition.ql b/cpp/autosar/src/rules/A7-1-5/AutoSpecifierNotUsedAppropriatelyInVariableDefinition.ql index b3da12685c..9c9f8efb81 100644 --- a/cpp/autosar/src/rules/A7-1-5/AutoSpecifierNotUsedAppropriatelyInVariableDefinition.ql +++ b/cpp/autosar/src/rules/A7-1-5/AutoSpecifierNotUsedAppropriatelyInVariableDefinition.ql @@ -19,11 +19,6 @@ import cpp import codingstandards.cpp.autosar -// for readability we define a "fundamental" type -class FundamentalType extends Type { - FundamentalType() { this instanceof BuiltInType } -} - from Variable v where not isExcluded(v, From dbbd007f46745a24262490432fca9d0d0bc619dd Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Mon, 3 Jul 2023 10:53:48 +0200 Subject: [PATCH 1128/2573] Remove unused `internal` imports or use proper non-internal import --- .../INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql | 2 +- .../STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql | 1 - .../STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql | 1 - cpp/common/src/codingstandards/cpp/Expr.qll | 2 +- .../cpp/lifetimes/lifetimeprofile/LifetimeProfile.qll | 1 - .../BasicStringMayNotBeNullTerminated.qll | 1 - 6 files changed, 2 insertions(+), 6 deletions(-) diff --git a/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql b/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql index 2086d2da2b..80bd212aa2 100644 --- a/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql +++ b/c/cert/src/rules/INT34-C/ExprShiftedbyNegativeOrGreaterPrecisionOperand.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.cert import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis -import semmle.code.cpp.ir.internal.ASTValueNumbering +import semmle.code.cpp.valuenumbering.GlobalValueNumbering import semmle.code.cpp.controlflow.Guards /* diff --git a/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql b/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql index 24e55f80d3..3742207720 100644 --- a/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql +++ b/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql @@ -16,7 +16,6 @@ import cpp import codingstandards.c.cert import semmle.code.cpp.dataflow.TaintTracking -import semmle.code.cpp.dataflow.internal.TaintTrackingUtil import codingstandards.cpp.PossiblyUnsafeStringOperation /** diff --git a/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql b/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql index a65e7958be..365136f99d 100644 --- a/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql +++ b/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql @@ -16,7 +16,6 @@ import cpp import codingstandards.c.cert import codingstandards.cpp.Naming import semmle.code.cpp.dataflow.TaintTracking -import semmle.code.cpp.dataflow.internal.TaintTrackingUtil import codingstandards.cpp.PossiblyUnsafeStringOperation /** diff --git a/cpp/common/src/codingstandards/cpp/Expr.qll b/cpp/common/src/codingstandards/cpp/Expr.qll index f5ece8b76a..4ed50b4986 100644 --- a/cpp/common/src/codingstandards/cpp/Expr.qll +++ b/cpp/common/src/codingstandards/cpp/Expr.qll @@ -1,5 +1,5 @@ import cpp -private import semmle.code.cpp.ir.internal.ASTValueNumbering +private import semmle.code.cpp.valuenumbering.GlobalValueNumbering import codingstandards.cpp.AccessPath /** A full expression as defined in [intro.execution] of N3797. */ diff --git a/cpp/common/src/codingstandards/cpp/lifetimes/lifetimeprofile/LifetimeProfile.qll b/cpp/common/src/codingstandards/cpp/lifetimes/lifetimeprofile/LifetimeProfile.qll index bc7338fc97..32d0026241 100644 --- a/cpp/common/src/codingstandards/cpp/lifetimes/lifetimeprofile/LifetimeProfile.qll +++ b/cpp/common/src/codingstandards/cpp/lifetimes/lifetimeprofile/LifetimeProfile.qll @@ -1,6 +1,5 @@ import cpp private import semmle.code.cpp.dataflow.DataFlow -private import semmle.code.cpp.dataflow.internal.FlowVar private import semmle.code.cpp.controlflow.Nullness private import codingstandards.cpp.Dereferenced private import codingstandards.cpp.Expr diff --git a/cpp/common/src/codingstandards/cpp/rules/basicstringmaynotbenullterminated/BasicStringMayNotBeNullTerminated.qll b/cpp/common/src/codingstandards/cpp/rules/basicstringmaynotbenullterminated/BasicStringMayNotBeNullTerminated.qll index 3282c75e1e..e27f09fd98 100644 --- a/cpp/common/src/codingstandards/cpp/rules/basicstringmaynotbenullterminated/BasicStringMayNotBeNullTerminated.qll +++ b/cpp/common/src/codingstandards/cpp/rules/basicstringmaynotbenullterminated/BasicStringMayNotBeNullTerminated.qll @@ -10,7 +10,6 @@ import semmle.code.cpp.security.BufferWrite import semmle.code.cpp.commons.Buffer import semmle.code.cpp.dataflow.DataFlow import semmle.code.cpp.dataflow.TaintTracking -import semmle.code.cpp.dataflow.internal.TaintTrackingUtil import codingstandards.cpp.PossiblyUnsafeStringOperation abstract class BasicStringMayNotBeNullTerminatedSharedQuery extends Query { } From 9b69e12ddc125371f59230ac6056ec79d4f35f52 Mon Sep 17 00:00:00 2001 From: Luke Cartey <5377966+lcartey@users.noreply.github.com> Date: Mon, 3 Jul 2023 12:12:55 +0100 Subject: [PATCH 1129/2573] Remove LGTM references and update query pack name Remove the LGTM reference from the manual, and correct the query pack name and supported versions list name. --- docs/user_manual.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/user_manual.md b/docs/user_manual.md index f59ecc6287..5bb615abfb 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -20,16 +20,17 @@ | 0.12.0 | 2022-10-21 | Luke Cartey | Updated version to 2.10.0 | | 0.13.0 | 2022-11-03 | Remco Vermeulen | Add missing deviation analysis report tables to section 'Producing an analysis report'. | | 0.14.0 | 2022-11-03 | Remco Vermeulen | Add guideline recategorization plan. | -| 0.15.0 | 2023-05-24 | Mauro Baluda | Clarify AUTOSAR C++ supported versions. | +| 0.15.0 | 2023-05-24 | Mauro Baluda | Clarify AUTOSAR C++ supported versions. | +| 0.16.0 | 2023-07-03 | Luke Cartey | Remove reference to LGTM, update the name of the query pack | ## Release information This user manual documents release `2.19.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). The release page documents the release notes and contains the following artifacts part of the release: -- `code-scanning-cpp-query-pack-anon-2.19.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. +- `code-scanning-cpp-query-pack-2.19.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. - `supported_rules_list_2.19.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. -- `upported_rules_list_2.18.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. +- `supported_rules_list_2.19.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. - `user_manual_2.19.0-dev.md`: This user manual. - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards @@ -426,13 +427,12 @@ and the schema files: The schema files **must** be available in the same directory as the `recategorize.py` file or in any ancestor directory. -### GitHub Advanced Security and LGTM +### GitHub Advanced Security The only use cases that will be certified under ISO 26262 are those listed above. CodeQL Coding Standards is also compatible with, but not certified for, the following use cases: - Creating databases and running the CodeQL Coding Standards queries with the [CodeQL Action](https://github.com/github/codeql-action) (for GitHub Actions CI/CD system). - Uploading the SARIF results files for a CodeQL Coding Standards analysis to the GitHub [Code Scanning](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning) feature. - - Deployment of the default CodeQL Coding Standards queries as a custom query pack for [LGTM](https://semmle.com/lgtm). ### Hazard and risk analysis From 6c0d54c85bb8a7821464eaa34624713e70b3b674 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 4 Jul 2023 17:57:29 +0100 Subject: [PATCH 1130/2573] A7-1-5: Exclude compiler generated variables A7-1-5 should only apply to non-compiler generated variables. This commit adds a new test case which shows an example which, on some platforms, will cause the compiler to generate a __range variable that is flagged by the query before this change. Note: I have been unable to replicate the problem in a unit test. --- ...AutoSpecifierNotUsedAppropriatelyInVariableDefinition.ql | 4 +++- ...ecifierNotUsedAppropriatelyInVariableDefinition.expected | 1 + cpp/autosar/test/rules/A7-1-5/test.cpp | 6 ++++++ 3 files changed, 10 insertions(+), 1 deletion(-) diff --git a/cpp/autosar/src/rules/A7-1-5/AutoSpecifierNotUsedAppropriatelyInVariableDefinition.ql b/cpp/autosar/src/rules/A7-1-5/AutoSpecifierNotUsedAppropriatelyInVariableDefinition.ql index b3da12685c..a233693d21 100644 --- a/cpp/autosar/src/rules/A7-1-5/AutoSpecifierNotUsedAppropriatelyInVariableDefinition.ql +++ b/cpp/autosar/src/rules/A7-1-5/AutoSpecifierNotUsedAppropriatelyInVariableDefinition.ql @@ -39,6 +39,8 @@ where v.getInitializer().getExpr() instanceof LambdaExpression or v.getInitializer().getExpr() instanceof ClassAggregateLiteral - ) + ) and + // Exclude compiler generated variables + not v.isCompilerGenerated() select v, "Use of auto in variable definition is not the result of a function call, lambda expression, or non-fundamental type initializer." diff --git a/cpp/autosar/test/rules/A7-1-5/AutoSpecifierNotUsedAppropriatelyInVariableDefinition.expected b/cpp/autosar/test/rules/A7-1-5/AutoSpecifierNotUsedAppropriatelyInVariableDefinition.expected index df7b4aafcd..03e53068f4 100644 --- a/cpp/autosar/test/rules/A7-1-5/AutoSpecifierNotUsedAppropriatelyInVariableDefinition.expected +++ b/cpp/autosar/test/rules/A7-1-5/AutoSpecifierNotUsedAppropriatelyInVariableDefinition.expected @@ -4,3 +4,4 @@ | test.cpp:27:8:27:8 | a | Use of auto in variable definition is not the result of a function call, lambda expression, or non-fundamental type initializer. | | test.cpp:28:8:28:8 | b | Use of auto in variable definition is not the result of a function call, lambda expression, or non-fundamental type initializer. | | test.cpp:81:10:81:10 | a | Use of auto in variable definition is not the result of a function call, lambda expression, or non-fundamental type initializer. | +| test.cpp:111:19:111:19 | a | Use of auto in variable definition is not the result of a function call, lambda expression, or non-fundamental type initializer. | diff --git a/cpp/autosar/test/rules/A7-1-5/test.cpp b/cpp/autosar/test/rules/A7-1-5/test.cpp index 4f85b3eb4a..34be754905 100644 --- a/cpp/autosar/test/rules/A7-1-5/test.cpp +++ b/cpp/autosar/test/rules/A7-1-5/test.cpp @@ -105,4 +105,10 @@ void instantiate() { Test_381 t381; t381.test_381_1(); t381.test_381_2(); +} + +void test_loop() { + for (const auto a : {8, 9, 10}) { + a; + } } \ No newline at end of file From 38a5ea6ef8e1f22abe830ef4ead18643770df3b3 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 4 Jul 2023 18:01:47 +0100 Subject: [PATCH 1131/2573] Add change note --- change_notes/2023-07-04-remove-compiler-generated-vars.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 change_notes/2023-07-04-remove-compiler-generated-vars.md diff --git a/change_notes/2023-07-04-remove-compiler-generated-vars.md b/change_notes/2023-07-04-remove-compiler-generated-vars.md new file mode 100644 index 0000000000..b81909405b --- /dev/null +++ b/change_notes/2023-07-04-remove-compiler-generated-vars.md @@ -0,0 +1,2 @@ + * `A7-1-5` - exclude compiler generated variables, such as those generated by for loops. + * `M8-0-1` - exclude compiler generated variables, such as those generated by for loops. \ No newline at end of file From dc64dc8ef249c8b1e624c5d7c17f0918566808d8 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 5 Jul 2023 11:59:51 +0100 Subject: [PATCH 1132/2573] Fix exclusion ids. These ids had been copy-pasted incorrectly. --- .../src/rules/DIR-4-12/StdLibDynamicMemoryAllocationUsed.ql | 2 +- .../ConversionBetweenPointerToObjectAndIntegerType.ql | 5 ++--- .../RULE-21-6/StandardLibraryInputoutputFunctionsUsed.ql | 2 +- c/misra/src/rules/RULE-21-9/BsearchAndQsortOfStdlibhUsed.ql | 2 +- change_notes/2023-07-5-fix-suppression-ids.md | 6 ++++++ .../ProperlyDeallocateDynamicallyAllocatedResources.ql | 2 +- 6 files changed, 12 insertions(+), 7 deletions(-) create mode 100644 change_notes/2023-07-5-fix-suppression-ids.md diff --git a/c/misra/src/rules/DIR-4-12/StdLibDynamicMemoryAllocationUsed.ql b/c/misra/src/rules/DIR-4-12/StdLibDynamicMemoryAllocationUsed.ql index a759a631b7..dc1e21c97a 100644 --- a/c/misra/src/rules/DIR-4-12/StdLibDynamicMemoryAllocationUsed.ql +++ b/c/misra/src/rules/DIR-4-12/StdLibDynamicMemoryAllocationUsed.ql @@ -23,7 +23,7 @@ import semmle.code.cpp.models.interfaces.Deallocation from Expr e, string type where - not isExcluded(e, BannedPackage::memoryAllocDeallocFunctionsOfStdlibhUsedQuery()) and + not isExcluded(e, BannedPackage::stdLibDynamicMemoryAllocationUsedQuery()) and ( e.(FunctionCall).getTarget().(AllocationFunction).requiresDealloc() and type = "allocation" diff --git a/c/misra/src/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.ql b/c/misra/src/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.ql index 4071cf63b5..263545dc1f 100644 --- a/c/misra/src/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.ql +++ b/c/misra/src/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.ql @@ -17,11 +17,10 @@ import codingstandards.c.Pointers from CStyleCast cast, Type typeFrom, Type typeTo where - not isExcluded(cast, Pointers1Package::castBetweenObjectPointerAndDifferentObjectTypeQuery()) and + not isExcluded(cast, Pointers1Package::conversionBetweenPointerToObjectAndIntegerTypeQuery()) and typeFrom = cast.getExpr().getUnderlyingType() and typeTo = cast.getUnderlyingType() and [typeFrom, typeTo] instanceof IntegralType and [typeFrom, typeTo] instanceof PointerToObjectType and not isNullPointerConstant(cast.getExpr()) -select cast, - "Cast performed between a pointer to object type and a pointer to an integer type." +select cast, "Cast performed between a pointer to object type and a pointer to an integer type." diff --git a/c/misra/src/rules/RULE-21-6/StandardLibraryInputoutputFunctionsUsed.ql b/c/misra/src/rules/RULE-21-6/StandardLibraryInputoutputFunctionsUsed.ql index 8976e87c2f..6ef8c84cfe 100644 --- a/c/misra/src/rules/RULE-21-6/StandardLibraryInputoutputFunctionsUsed.ql +++ b/c/misra/src/rules/RULE-21-6/StandardLibraryInputoutputFunctionsUsed.ql @@ -40,7 +40,7 @@ private string wcharInputOutput() { from FunctionCall fc, Function f where - not isExcluded(fc, BannedPackage::standardHeaderFileUsedSignalhQuery()) and + not isExcluded(fc, BannedPackage::standardLibraryInputoutputFunctionsUsedQuery()) and fc.getTarget() = f and ( f.getName() = stdInputOutput() and diff --git a/c/misra/src/rules/RULE-21-9/BsearchAndQsortOfStdlibhUsed.ql b/c/misra/src/rules/RULE-21-9/BsearchAndQsortOfStdlibhUsed.ql index e442120ffc..b446b7f3f6 100644 --- a/c/misra/src/rules/RULE-21-9/BsearchAndQsortOfStdlibhUsed.ql +++ b/c/misra/src/rules/RULE-21-9/BsearchAndQsortOfStdlibhUsed.ql @@ -17,7 +17,7 @@ import codingstandards.c.misra from FunctionCall fc, Function f where - not isExcluded(fc, BannedPackage::terminationFunctionsOfStdlibhUsedQuery()) and + not isExcluded(fc, BannedPackage::bsearchAndQsortOfStdlibhUsedQuery()) and f = fc.getTarget() and f.getName() = ["qsort", "bsearch"] and f.getFile().getBaseName() = "stdlib.h" diff --git a/change_notes/2023-07-5-fix-suppression-ids.md b/change_notes/2023-07-5-fix-suppression-ids.md new file mode 100644 index 0000000000..44de5dd607 --- /dev/null +++ b/change_notes/2023-07-5-fix-suppression-ids.md @@ -0,0 +1,6 @@ + * A number of rules had the wrong query ids attached for deviation purposes. This means they could not be deviated against using the correct ID, but could be incidentally suppressed when deviating a different rule. We have fixed this behavior for the following rules: + - `RULE-11-4` + - `DIR-4-12` + - `RULE-21-6` + - `RULE-21-9` + - `MEM51-CPP` \ No newline at end of file diff --git a/cpp/cert/src/rules/MEM51-CPP/ProperlyDeallocateDynamicallyAllocatedResources.ql b/cpp/cert/src/rules/MEM51-CPP/ProperlyDeallocateDynamicallyAllocatedResources.ql index 0cc7779a46..5854b169f2 100644 --- a/cpp/cert/src/rules/MEM51-CPP/ProperlyDeallocateDynamicallyAllocatedResources.ql +++ b/cpp/cert/src/rules/MEM51-CPP/ProperlyDeallocateDynamicallyAllocatedResources.ql @@ -26,7 +26,7 @@ predicate matching(string allocKind, string deleteKind) { from Expr alloc, Expr free, Expr freed, string allocKind, string deleteKind where - not isExcluded(freed, FreedPackage::newDeleteArrayMismatchQuery()) and + not isExcluded(freed, AllocationsPackage::properlyDeallocateDynamicallyAllocatedResourcesQuery()) and allocReaches(freed, alloc, allocKind) and freeExprOrIndirect(free, freed, deleteKind) and not matching(allocKind, deleteKind) From c736ac3ad41b646de70abfd2ad78c4d1d11d0d00 Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Mon, 17 Jul 2023 14:16:04 +0100 Subject: [PATCH 1133/2573] C++: Accept test changes. --- ...bleLengthArraySizeNotInValidRange.expected | 2 ++ ...rithmeticOnNonArrayObjectPointers.expected | 7 ++++++ ...rSubtractAScaledIntegerToAPointer.expected | 6 +++++ .../CleanUpThreadSpecificStorage.expected | 5 ++++ ...riateThreadObjectStorageDurations.expected | 8 +++++++ ...ectStorageDurationsNotInitialized.expected | 5 ++++ ...ateStorageDurationsFunctionReturn.expected | 5 ++++ .../ERR30-C/ErrnoReadBeforeReturn.expected | 1 + .../ERR30-C/SetlocaleMightSetErrno.expected | 1 + ...tRelyOnIndeterminateValuesOfErrno.expected | 4 ++++ ...ectAndHandleStandardLibraryErrors.expected | 1 + ...OfFunctionArgumentsForSideEffects.expected | 24 +++++++++++++++++++ ...rToMoreStrictlyAlignedPointerType.expected | 11 +++++++++ ...nctionPointerWithIncompatibleType.expected | 6 +++++ ...iableViaPointerOfIncompatibleType.expected | 16 +++++++++++++ .../DoNotModifyConstantObjects.expected | 6 +++++ ...edPointerToRestrictQualifiedParam.expected | 11 +++++++++ ...ointerReferencesOverlappingObject.expected | 6 +++++ ...esetStringsOnFgetsOrFgetwsFailure.expected | 3 +++ ...FsetposThatAreReturnedFromFgetpos.expected | 4 ++++ ...RaceConditionsWhileAccessingFiles.expected | 1 + ...ufficientMemoryAllocatedForObject.expected | 2 ++ ...odifyAlignmentOfMemoryWithRealloc.expected | 7 ++++++ ...ssInvalidDataToTheAsctimeFunction.expected | 3 +++ ...VaListThatHasAnIndeterminateValue.expected | 6 +++++ ...SafeFunctionsWithinSignalHandlers.expected | 3 +++ ...romAComputationalExceptionHandler.expected | 1 + ...oNotAttemptToModifyStringLiterals.expected | 14 +++++++++++ ...fficientSpaceForTheNullTerminator.expected | 6 +++++ ...natedToFunctionThatExpectsAString.expected | 9 +++++++ ...yFunctionArgumentNumberOfElements.expected | 5 ++++ ...sedToCompareNullTerminatedStrings.expected | 10 ++++++++ ...ForReadAndWriteOnDifferentStreams.expected | 1 + .../AttemptToWriteToAReadOnlyStream.expected | 5 ++++ ...omparedWithUnmodifiedReturnValues.expected | 7 ++++++ ...rformConversionOfPassedParameters.expected | 3 +++ .../AssignmentOperatorReturnThis.expected | 1 + .../ThrownExceptionsShouldBeUnique.expected | 1 + ...orErrorLeavesObjectInInvalidState.expected | 9 +++++++ ...entOfAnArrayPassedToASmartPointer.expected | 6 +++++ .../UnnecessaryUseOfDynamicStorage.expected | 4 ++++ ...ArgumentToForwardSubsequentlyUsed.expected | 3 +++ ...PointerUsedWithNoOwnershipSharing.expected | 1 + .../rules/A27-0-4/CStyleStringsUsed.expected | 3 +++ ...UsedWithPointersToNonFinalClasses.expected | 6 +++++ .../A5-1-7/LambdaPassedToDecltype.expected | 5 ++++ .../A5-1-7/LambdaPassedToTypeid.expected | 6 +++++ .../A7-5-1/InvalidFunctionReturnType.expected | 3 +++ ...ParameterWithoutLifetimeSemantics.expected | 2 ++ ...edToFunctionWithImproperSemantics.expected | 2 ++ ...tParametersDeclaredAsTNotModified.expected | 2 ++ ...eferencesToPrivateOrProtectedData.expected | 3 +++ ...tionErroneousReturnValueNotTested.expected | 3 +++ ...ntationsOfFloatingPointValuesUsed.expected | 3 +++ ...berFunctionReturnsNonConstPointer.expected | 2 ++ ...cCppLibraryFunctionsDoNotOverflow.expected | 9 +++++++ .../CTR53-CPP/UseValidIteratorRanges.expected | 6 +++++ ...terArithmeticOnPolymorphicObjects.expected | 6 +++++ ...nFunctionCallsAsFunctionArguments.expected | 24 +++++++++++++++++++ ...ThroughAPointerOfTheIncorrectType.expected | 6 +++++ ...ctAndHandleMemoryAllocationErrors.expected | 6 +++++ ...uctorCallForManuallyManagedObject.expected | 3 +++ ...uctorCallForManuallyManagedObject.expected | 3 +++ 63 files changed, 343 insertions(+) diff --git a/c/cert/test/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.expected b/c/cert/test/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.expected index 25153f195b..c2dd4dc338 100644 --- a/c/cert/test/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.expected +++ b/c/cert/test/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.expected @@ -1,3 +1,5 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.ql:104,11-19) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.ql:87,5-18) | test.c:14:8:14:8 | VLA declaration | Variable-length array dimension size may be in an invalid range. | | test.c:15:8:15:8 | VLA declaration | Variable-length array dimension size may be in an invalid range. | | test.c:16:8:16:8 | VLA declaration | Variable-length array dimension size may be in an invalid range. | diff --git a/c/cert/test/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.expected b/c/cert/test/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.expected index 8a7bfe553b..eeaa8a17f1 100644 --- a/c/cert/test/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.expected +++ b/c/cert/test/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.expected @@ -1,3 +1,10 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:17,8-16) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:23,56-64) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:26,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:38,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:46,35-43) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:104,6-14) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:104,33-41) edges | test.c:14:38:14:39 | p1 | test.c:18:10:18:11 | v1 | | test.c:14:38:14:39 | p1 | test.c:19:10:19:11 | v2 | diff --git a/c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected b/c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected index 1d3f5dcf13..e59e1b3337 100644 --- a/c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected +++ b/c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected @@ -1,3 +1,9 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql:18,8-16) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql:72,52-60) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql:75,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql:77,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql:86,51-59) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql:86,75-83) edges | test.c:7:13:7:14 | p1 | test.c:9:9:9:10 | p1 | | test.c:16:19:16:41 | ... - ... | test.c:18:26:18:31 | offset | diff --git a/c/cert/test/rules/CON30-C/CleanUpThreadSpecificStorage.expected b/c/cert/test/rules/CON30-C/CleanUpThreadSpecificStorage.expected index e03b665a1c..b121b2a31c 100644 --- a/c/cert/test/rules/CON30-C/CleanUpThreadSpecificStorage.expected +++ b/c/cert/test/rules/CON30-C/CleanUpThreadSpecificStorage.expected @@ -1,3 +1,8 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql:21,57-65) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql:24,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql:33,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql:49,20-28) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql:51,20-28) | test.c:27:3:27:12 | call to tss_create | Resources used by thread specific storage may not be cleaned up. | | test.c:49:3:49:12 | call to tss_create | Resources used by thread specific storage may not be cleaned up. | | test.c:71:3:71:12 | call to tss_create | Resources used by thread specific storage may not be cleaned up. | diff --git a/c/cert/test/rules/CON34-C/AppropriateThreadObjectStorageDurations.expected b/c/cert/test/rules/CON34-C/AppropriateThreadObjectStorageDurations.expected index c3cdc8bd7b..a95d0d30a3 100644 --- a/c/cert/test/rules/CON34-C/AppropriateThreadObjectStorageDurations.expected +++ b/c/cert/test/rules/CON34-C/AppropriateThreadObjectStorageDurations.expected @@ -1,3 +1,11 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql:28,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql:28,54-62) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql:35,62-70) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql:40,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql:40,30-38) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql:41,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql:41,30-38) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql:28,3-16) | test.c:23:3:23:13 | call to thrd_create | $@ not declared with appropriate storage duration | test.c:23:24:23:29 | & ... | Shared object | | test.c:74:3:74:13 | call to thrd_create | $@ not declared with appropriate storage duration | test.c:74:24:74:24 | p | Shared object | | test.c:85:3:85:13 | call to thrd_create | $@ not declared with appropriate storage duration | test.c:85:24:85:24 | p | Shared object | diff --git a/c/cert/test/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.expected b/c/cert/test/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.expected index 95d0a20041..43251e5bd9 100644 --- a/c/cert/test/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.expected +++ b/c/cert/test/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.expected @@ -1 +1,6 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql:28,38-46) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql:31,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql:31,30-38) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql:32,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql:32,30-38) | test.c:14:7:14:13 | call to tss_get | Call to a thread specific storage function from within a threaded context on an object that may not be owned by this thread. | diff --git a/c/cert/test/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.expected b/c/cert/test/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.expected index ff842ddcad..92aed32824 100644 --- a/c/cert/test/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.expected +++ b/c/cert/test/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.expected @@ -1,2 +1,7 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql:22,20-28) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql:26,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql:39,6-14) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql:39,26-34) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql:45,3-11) | test.c:3:10:3:10 | a | $@ with automatic storage may be accessible outside of its lifetime. | test.c:3:10:3:10 | a | a | | test.c:15:4:15:8 | param [inner post update] | $@ with automatic storage may be accessible outside of its lifetime. | test.c:15:12:15:13 | a2 | a2 | diff --git a/c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.expected b/c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.expected index b6d7caa513..b6f855c2a8 100644 --- a/c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.expected +++ b/c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.expected @@ -1,3 +1,4 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ERR30-C/ErrnoReadBeforeReturn.ql:40,7-15) | test.c:69:7:69:11 | * ... | Do not read `errno` before checking the return value of function $@. | test.c:68:3:68:7 | call to ftell | call to ftell | | test.c:69:7:69:11 | call to __errno_location | Do not read `errno` before checking the return value of function $@. | test.c:68:3:68:7 | call to ftell | call to ftell | | test.c:70:5:70:10 | call to perror | Do not read `errno` before checking the return value of function $@. | test.c:68:3:68:7 | call to ftell | call to ftell | diff --git a/c/cert/test/rules/ERR30-C/SetlocaleMightSetErrno.expected b/c/cert/test/rules/ERR30-C/SetlocaleMightSetErrno.expected index 9ab88a3395..6aaabec818 100644 --- a/c/cert/test/rules/ERR30-C/SetlocaleMightSetErrno.expected +++ b/c/cert/test/rules/ERR30-C/SetlocaleMightSetErrno.expected @@ -1,2 +1,3 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ERR30-C/SetlocaleMightSetErrno.ql:64,7-15) | test.c:98:3:98:11 | call to setlocale | Do not read `errno` before checking the return value of a call to `setlocale`. | | test.c:104:7:104:15 | call to setlocale | The value of `errno` may be different than `0` when `setlocale` is called. The following `errno` check might be invalid. | diff --git a/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected b/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected index da9122cfd4..f55303ca30 100644 --- a/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected +++ b/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected @@ -1,3 +1,7 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql:51,7-15) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql:51,27-35) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql:52,9-17) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql:55,9-17) | test.c:12:5:12:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:10:21:10:26 | call to signal | call to signal | | test.c:30:5:30:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:26:21:26:26 | call to signal | call to signal | | test.c:49:5:49:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:45:21:45:26 | call to signal | call to signal | diff --git a/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected b/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected index fbcc44b856..ff6aa7e55a 100644 --- a/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected +++ b/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected @@ -1,3 +1,4 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.ql:453,5-13) | test.c:18:3:18:11 | call to setlocale | Missing error detection for the call to function `setlocale`. | | test.c:24:23:24:31 | call to setlocale | Missing error detection for the call to function `setlocale`. | | test.c:29:22:29:27 | call to calloc | Missing error detection for the call to function `calloc`. | diff --git a/c/cert/test/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.expected b/c/cert/test/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.expected index 3ea1a05fd7..6a8a6cec4a 100644 --- a/c/cert/test/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.expected +++ b/c/cert/test/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.expected @@ -1 +1,25 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:24,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:24,59-67) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:27,33-41) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:27,57-65) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:31,33-41) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:31,59-67) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:40,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:40,25-33) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:40,53-61) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:43,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:43,57-65) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:52,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:52,55-63) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:59,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:59,57-65) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:71,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:71,55-63) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:24,5-18) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:27,7-20) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:31,7-20) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:43,5-18) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:52,5-18) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:59,5-18) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:71,5-18) | test.c:20:3:20:4 | call to f1 | Depending on the order of evaluation for the arguments $@ and $@ for side effects on shared state is unspecified and can result in unexpected behavior. | test.c:20:6:20:7 | call to f2 | call to f2 | test.c:20:12:20:13 | call to f3 | call to f3 | diff --git a/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected b/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected index a1c9a14fa2..bb65dea352 100644 --- a/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected +++ b/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected @@ -1,3 +1,14 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:20,8-16) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:100,20-28) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:126,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:131,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:140,58-66) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:145,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:149,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:156,35-43) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:172,3-11) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:172,30-38) +WARNING: Module DataFlow2 has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:121,86-95) edges | test.c:75:14:75:16 | & ... | test.c:76:11:76:12 | v1 | | test.c:75:14:75:16 | & ... | test.c:77:12:77:13 | v1 | diff --git a/c/cert/test/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.expected b/c/cert/test/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.expected index 4c18bb2672..ae3c74e7b7 100644 --- a/c/cert/test/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.expected +++ b/c/cert/test/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.expected @@ -1,3 +1,9 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql:17,8-16) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql:40,50-58) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql:43,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql:47,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql:53,46-54) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql:53,70-78) edges | test.c:48:68:48:70 | fns [f1] | test.c:49:3:49:5 | fns [f1] | | test.c:49:3:49:5 | fns [f1] | test.c:49:8:49:9 | f1 | diff --git a/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected b/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected index e42f003f0f..9c3e266aa3 100644 --- a/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected +++ b/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected @@ -1,3 +1,19 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:18,8-16) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:48,44-52) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:56,48-56) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:65,41-49) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:68,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:68,54-62) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:73,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:73,50-58) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:106,32-40) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:106,53-61) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:115,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:115,27-35) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:115,55-63) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:116,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:193,6-14) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:193,33-41) edges | test.c:49:8:49:9 | s3 | test.c:50:8:50:9 | s1 | | test.c:60:16:60:18 | E1A | test.c:61:16:61:17 | e1 | diff --git a/c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.expected b/c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.expected index 3211c4fab1..cedba37c98 100644 --- a/c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.expected +++ b/c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.expected @@ -1,3 +1,9 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql:16,8-16) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql:35,34-42) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql:38,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql:44,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql:49,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql:49,55-63) edges | test.c:5:8:5:9 | & ... | test.c:6:4:6:5 | aa | | test.c:26:15:26:15 | a | test.c:27:4:27:4 | a | diff --git a/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.expected b/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.expected index 4d4c20a39c..92bfafb726 100644 --- a/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.expected +++ b/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.expected @@ -1,3 +1,14 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:103,36-44) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:118,47-55) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:121,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:123,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:129,34-42) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:147,20-28) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:147,49-57) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:150,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:150,51-59) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:157,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:157,51-59) | test.c:59:3:59:6 | call to copy | Call to 'copy' passes an $@ to a $@ (pointer value derived from a pair of address-of expressions ($@, $@). | test.c:59:13:59:15 | & ... | aliased pointer | test.c:59:8:59:10 | & ... | restrict-qualified parameter | test.c:59:8:59:10 | & ... | addressof1 | test.c:59:13:59:15 | & ... | addressof2 | | test.c:65:3:65:6 | call to copy | Call to 'copy' passes an $@ to a $@ (pointer value derived from a pair of address-of expressions ($@, $@). | test.c:65:15:65:19 | & ... | aliased pointer | test.c:65:8:65:12 | & ... | restrict-qualified parameter | test.c:65:8:65:12 | & ... | addressof1 | test.c:65:15:65:19 | & ... | addressof2 | | test.c:67:3:67:6 | call to copy | Call to 'copy' passes an $@ to a $@ (pointer value derived from a pair of address-of expressions ($@, $@). | test.c:67:15:67:16 | px | aliased pointer | test.c:67:8:67:12 | & ... | restrict-qualified parameter | test.c:67:8:67:12 | & ... | addressof1 | test.c:63:13:63:17 | & ... | addressof2 | diff --git a/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected b/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected index 3746991c09..2e03842ee5 100644 --- a/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected +++ b/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected @@ -1,3 +1,9 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql:42,60-68) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql:47,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql:51,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql:58,58-66) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql:74,37-45) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql:75,37-45) | test.c:18:22:18:23 | i2 | Assignment to restrict-qualified pointer $@ results in pointers aliasing $@. | test.c:18:17:18:18 | i3 | i3 | test.c:18:22:18:23 | i2 | the object pointed to by i2 | | test.c:19:8:19:9 | g2 | Assignment to restrict-qualified pointer $@ results in pointers aliasing $@. | test.c:5:15:5:16 | g1 | g1 | test.c:19:8:19:9 | g2 | the object pointed to by g2 | | test.c:20:8:20:9 | i2 | Assignment to restrict-qualified pointer $@ results in pointers aliasing $@. | test.c:16:17:16:18 | i1 | i1 | test.c:20:8:20:9 | i2 | the object pointed to by i2 | diff --git a/c/cert/test/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.expected b/c/cert/test/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.expected index 20c108cfa0..675e73b9fe 100644 --- a/c/cert/test/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.expected +++ b/c/cert/test/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.expected @@ -1,3 +1,6 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.ql:42,11-19) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.ql:42,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.ql:43,13-21) | test.c:20:10:20:12 | buf | The buffer is not reset before being referenced following a failed $@. | test.c:15:7:15:11 | call to fgets | call to fgets | | test.c:57:10:57:12 | buf | The buffer is not reset before being referenced following a failed $@. | test.c:52:7:52:11 | call to fgets | call to fgets | | test.c:66:18:66:20 | buf | The buffer is not reset before being referenced following a failed $@. | test.c:61:7:61:11 | call to fgets | call to fgets | diff --git a/c/cert/test/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.expected b/c/cert/test/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.expected index 8074710738..60505c54aa 100644 --- a/c/cert/test/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.expected +++ b/c/cert/test/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.expected @@ -1,2 +1,6 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:25,26-34) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:28,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:30,14-22) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:33,29-37) | test.c:7:24:7:30 | & ... | The position argument of a call to `fsetpos()` should be obtained from a call to `fgetpos()`. | | test.c:33:24:33:30 | & ... | The position argument of a call to `fsetpos()` should be obtained from a call to `fgetpos()`. | diff --git a/c/cert/test/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.expected b/c/cert/test/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.expected index 1b2923b780..d0d39851c4 100644 --- a/c/cert/test/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.expected +++ b/c/cert/test/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.expected @@ -1,2 +1,3 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.ql:27,35-43) | test.c:4:13:4:17 | call to fopen | This call is trying to prevent an existing file from being overwritten by $@. An attacker might be able to exploit the race window between the two calls. | test.c:11:9:11:13 | call to fopen | another call | | test.c:88:13:88:17 | call to fopen | This call is trying to prevent an existing file from being overwritten by $@. An attacker might be able to exploit the race window between the two calls. | test.c:95:9:95:13 | call to fopen | another call | diff --git a/c/cert/test/rules/MEM35-C/InsufficientMemoryAllocatedForObject.expected b/c/cert/test/rules/MEM35-C/InsufficientMemoryAllocatedForObject.expected index 30dece9299..4cfe8b137a 100644 --- a/c/cert/test/rules/MEM35-C/InsufficientMemoryAllocatedForObject.expected +++ b/c/cert/test/rules/MEM35-C/InsufficientMemoryAllocatedForObject.expected @@ -1,3 +1,5 @@ +WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/MEM35-C/InsufficientMemoryAllocatedForObject.ql:85,5-18) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/MEM35-C/InsufficientMemoryAllocatedForObject.ql:143,5-18) | test.c:12:19:12:24 | call to malloc | Allocation size (32 bytes) is not a multiple of the size of 'S1' (36 bytes). | test.c:12:26:12:32 | 32 | | | test.c:15:19:15:24 | call to malloc | Allocation size calculated from the size of a different type ($@). | test.c:15:26:15:35 | sizeof() | sizeof(S1 *) | | test.c:20:19:20:24 | call to malloc | Allocation size (128 bytes) is not a multiple of the size of 'S1' (36 bytes). | test.c:20:26:20:36 | ... * ... | | diff --git a/c/cert/test/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.expected b/c/cert/test/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.expected index 0592cb038d..dd8ff90c27 100644 --- a/c/cert/test/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.expected +++ b/c/cert/test/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.expected @@ -1,3 +1,10 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql:19,8-16) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql:26,36-44) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql:40,43-51) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql:43,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql:47,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql:52,39-47) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql:52,66-74) edges | test.c:5:10:5:22 | call to aligned_alloc | test.c:15:8:15:28 | call to aligned_alloc_wrapper | | test.c:8:29:8:31 | ptr | test.c:8:64:8:66 | ptr | diff --git a/c/cert/test/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.expected b/c/cert/test/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.expected index 70d60c528a..0d76d0fe6c 100644 --- a/c/cert/test/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.expected +++ b/c/cert/test/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.expected @@ -1 +1,4 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.ql:33,34-42) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.ql:36,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.ql:43,29-37) | test.c:6:24:6:30 | time_tm | The function `asctime` and `asctime_r` should be discouraged. Unsanitized input can overflow the output buffer. | diff --git a/c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.expected b/c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.expected index 2b7bb2bdbc..3f8d8d6655 100644 --- a/c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.expected +++ b/c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.expected @@ -1,3 +1,9 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:38,27-35) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:41,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:46,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:68,30-38) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:69,28-36) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:70,28-36) | test.c:23:32:23:33 | ap | The value of ap is indeterminate after the $@. | test.c:17:7:17:19 | call to contains_zero | call to contains_zero | | test.c:26:10:26:11 | ap | The value of ap is indeterminate after the $@. | test.c:17:7:17:19 | call to contains_zero | call to contains_zero | | test.c:39:12:39:13 | ap | The value of ap is indeterminate after the $@. | test.c:35:7:35:19 | call to contains_zero | call to contains_zero | diff --git a/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected b/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected index a601fe63f4..f7b0b158f0 100644 --- a/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected +++ b/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected @@ -1,3 +1,6 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql:105,11-19) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql:105,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql:106,9-17) | test.c:10:3:10:18 | call to log_local_unsafe | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:16:7:16:12 | call to signal | signal handler | | test.c:11:3:11:6 | call to free | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:16:7:16:12 | call to signal | signal handler | | test.c:46:3:46:9 | call to longjmp | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:50:7:50:12 | call to signal | signal handler | diff --git a/c/cert/test/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.expected b/c/cert/test/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.expected index 31412c466a..ce057400f9 100644 --- a/c/cert/test/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.expected +++ b/c/cert/test/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.expected @@ -1 +1,2 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.ql:39,5-13) | test.c:10:1:10:1 | return ... | Do not return from a $@ signal handler. | test.c:13:10:13:15 | SIGFPE | computational exception | diff --git a/c/cert/test/rules/STR30-C/DoNotAttemptToModifyStringLiterals.expected b/c/cert/test/rules/STR30-C/DoNotAttemptToModifyStringLiterals.expected index 27ef66bc7a..6e909000a2 100644 --- a/c/cert/test/rules/STR30-C/DoNotAttemptToModifyStringLiterals.expected +++ b/c/cert/test/rules/STR30-C/DoNotAttemptToModifyStringLiterals.expected @@ -1,3 +1,17 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:42,68-76) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:47,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:68,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:102,11-19) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:102,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:102,55-63) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:107,11-19) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:107,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:107,57-65) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:140,11-19) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:140,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:140,55-63) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:151,18-26) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:151,47-55) | test.c:7:3:7:3 | a | This operation may write to a string that may be a string literal that was $@. | test.c:6:13:6:20 | codeql | created here | | test.c:30:3:30:3 | a | This operation may write to a string that may be a string literal that was $@. | test.c:29:13:29:18 | call to strchr | created here | | test.c:36:3:36:3 | b | This operation may write to a string that may be a string literal that was $@. | test.c:35:13:35:18 | call to strchr | created here | diff --git a/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.expected b/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.expected index d5529dd26d..bd0f90e48e 100644 --- a/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.expected +++ b/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.expected @@ -1,3 +1,9 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql:57,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql:57,55-63) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql:63,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql:63,54-62) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql:57,5-18) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql:63,5-18) | test.c:10:20:10:24 | Co | Expression produces or consumes a string that may not have sufficient space for a null-terminator. | | test.c:16:3:16:9 | call to strncpy | Expression produces or consumes a string that may not have sufficient space for a null-terminator. | | test.c:26:3:26:10 | call to snprintf | Expression produces or consumes a string that may not have sufficient space for a null-terminator. | diff --git a/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected b/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected index bddddc6cb6..cb31863eb2 100644 --- a/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected +++ b/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected @@ -1,3 +1,12 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql:55,33-41) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql:55,73-81) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql:61,33-41) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql:61,57-65) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql:69,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql:69,69-77) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql:55,7-20) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql:61,7-20) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql:69,5-18) | test.c:19:3:19:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:7:20:7:24 | Co | this expression | | test.c:20:3:20:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:7:20:7:24 | Co | this expression | | test.c:22:3:22:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:13:3:13:9 | call to strncpy | this expression | diff --git a/c/misra/test/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.expected b/c/misra/test/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.expected index 913f6f1c34..11d6bb8212 100644 --- a/c/misra/test/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.expected +++ b/c/misra/test/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.expected @@ -1,3 +1,8 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql:47,32-40) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql:50,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql:52,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql:70,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql:70,45-53) | test.c:18:6:18:6 | 0 | The function argument does not have a sufficient number or elements declared in the $@. | test.c:1:13:1:14 | ar | parameter | | test.c:19:6:19:7 | ar | The function argument does not have a sufficient number or elements declared in the $@. | test.c:1:13:1:14 | ar | parameter | | test.c:21:6:21:9 | ar2p | The function argument does not have a sufficient number or elements declared in the $@. | test.c:1:13:1:14 | ar | parameter | diff --git a/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected b/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected index bdfec99b4a..53a711a48e 100644 --- a/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected +++ b/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected @@ -1,3 +1,13 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql:19,8-16) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql:25,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql:51,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql:60,24-32) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql:60,51-59) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql:61,3-11) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql:61,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql:61,56-64) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql:62,3-11) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql:22,57-70) edges | test.c:12:13:12:15 | a | test.c:14:10:14:10 | a | | test.c:12:13:12:15 | a | test.c:23:13:23:13 | a | diff --git a/c/misra/test/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.expected b/c/misra/test/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.expected index 6111072ba8..e194ed9817 100644 --- a/c/misra/test/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.expected +++ b/c/misra/test/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.expected @@ -1,3 +1,4 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.ql:38,9-17) | test.c:6:14:6:18 | call to fopen | The same file was already opened $@. Files should not be read and written at the same time using different streams. | test.c:5:14:5:18 | call to fopen | here | | test.c:17:14:17:18 | call to fopen | The same file was already opened $@. Files should not be read and written at the same time using different streams. | test.c:16:14:16:18 | call to fopen | here | | test.c:33:14:33:18 | call to fopen | The same file was already opened $@. Files should not be read and written at the same time using different streams. | test.c:32:14:32:18 | call to fopen | here | diff --git a/c/misra/test/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.expected b/c/misra/test/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.expected index 0bfce133c5..f3d13ae012 100644 --- a/c/misra/test/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.expected +++ b/c/misra/test/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.expected @@ -1,2 +1,7 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.ql:18,26-34) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.ql:21,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.ql:26,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.ql:32,25-33) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.ql:35,26-34) | test.c:10:3:10:9 | call to fprintf | Attempt to write to a $@ opened as read-only. | test.c:9:14:9:18 | call to fopen | stream | | test.c:15:3:15:9 | call to fprintf | Attempt to write to a $@ opened as read-only. | test.c:18:14:18:18 | call to fopen | stream | diff --git a/c/misra/test/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.expected b/c/misra/test/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.expected index 709d8b002c..fca3471ed7 100644 --- a/c/misra/test/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.expected +++ b/c/misra/test/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.expected @@ -1,2 +1,9 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql:22,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql:25,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql:29,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql:38,32-40) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql:50,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql:58,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql:58,48-56) | test.c:6:7:6:20 | ... != ... | The check is not reliable as the type of the return value of $@ is converted. | test.c:5:14:5:20 | call to getchar | call to getchar | | test.c:13:7:13:15 | ... != ... | The check is not reliable as the type of the return value of $@ is converted. | test.c:12:14:12:20 | call to getchar | call to getchar | diff --git a/cpp/autosar/test/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.expected b/cpp/autosar/test/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.expected index 53dc884023..5b1aba4b39 100644 --- a/cpp/autosar/test/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.expected +++ b/cpp/autosar/test/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.expected @@ -1 +1,4 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.ql:27,33-41) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.ql:28,5-13) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.ql:27,7-20) | test.cpp:47:8:47:23 | operator ""_uds5 | User defined literal operator returns $@, which is not converted from a passed parameter | test.cpp:48:10:48:12 | 0.0 | expression | diff --git a/cpp/autosar/test/rules/A13-2-1/AssignmentOperatorReturnThis.expected b/cpp/autosar/test/rules/A13-2-1/AssignmentOperatorReturnThis.expected index e9929173b0..5328673322 100644 --- a/cpp/autosar/test/rules/A13-2-1/AssignmentOperatorReturnThis.expected +++ b/cpp/autosar/test/rules/A13-2-1/AssignmentOperatorReturnThis.expected @@ -1,3 +1,4 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A13-2-1/AssignmentOperatorReturnThis.ql:25,5-13) | test.cpp:10:12:10:20 | operator= | User-defined assignment operator $@ does not return *this | test.cpp:10:12:10:20 | operator= | user defined assignment operator | | test.cpp:17:11:17:19 | operator= | User-defined assignment operator $@ does not return *this | test.cpp:17:11:17:19 | operator= | user defined assignment operator | | test.cpp:24:12:24:20 | operator= | User-defined assignment operator $@ does not return *this | test.cpp:24:12:24:20 | operator= | user defined assignment operator | diff --git a/cpp/autosar/test/rules/A15-1-3/ThrownExceptionsShouldBeUnique.expected b/cpp/autosar/test/rules/A15-1-3/ThrownExceptionsShouldBeUnique.expected index b085736659..175680121b 100644 --- a/cpp/autosar/test/rules/A15-1-3/ThrownExceptionsShouldBeUnique.expected +++ b/cpp/autosar/test/rules/A15-1-3/ThrownExceptionsShouldBeUnique.expected @@ -1,3 +1,4 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A15-1-3/ThrownExceptionsShouldBeUnique.ql:24,3-11) | test.cpp:6:5:6:26 | throw ... | The $@ thrown here is a possible duplicate of the $@ thrown $@. | test.cpp:6:5:6:26 | call to exception | std::exception exception | test.cpp:14:5:14:26 | call to exception | exception | test.cpp:14:5:14:26 | throw ... | here | | test.cpp:8:5:8:53 | throw ... | The $@ thrown here is a possible duplicate of the $@ thrown $@. | test.cpp:8:5:8:53 | call to runtime_error | std::runtime_error exception | test.cpp:16:5:16:53 | call to runtime_error | exception | test.cpp:16:5:16:53 | throw ... | here | | test.cpp:14:5:14:26 | throw ... | The $@ thrown here is a possible duplicate of the $@ thrown $@. | test.cpp:14:5:14:26 | call to exception | std::exception exception | test.cpp:6:5:6:26 | call to exception | exception | test.cpp:6:5:6:26 | throw ... | here | diff --git a/cpp/autosar/test/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.expected b/cpp/autosar/test/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.expected index b077cc93bb..443fb8cfc6 100644 --- a/cpp/autosar/test/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.expected +++ b/cpp/autosar/test/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.expected @@ -1,3 +1,12 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql:47,12-20) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql:48,30-38) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql:48,57-65) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql:71,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql:71,25-33) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql:72,7-15) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql:116,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql:116,25-33) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql:116,54-62) edges | test.cpp:12:16:12:27 | new [bad_alloc] | test.cpp:14:33:16:5 | { ... } [bad_alloc] | | test.cpp:13:7:13:28 | throw ... [exception] | test.cpp:14:33:16:5 | { ... } [exception] | diff --git a/cpp/autosar/test/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.expected b/cpp/autosar/test/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.expected index a96c3fb64f..d683ddb151 100644 --- a/cpp/autosar/test/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.expected +++ b/cpp/autosar/test/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.expected @@ -1,3 +1,9 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql:20,8-16) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql:31,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql:43,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql:63,59-67) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql:64,3-11) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql:26,63-76) edges | test.cpp:3:36:3:45 | new[] | test.cpp:19:27:19:44 | call to allocate_int_array | | test.cpp:3:36:3:45 | new[] | test.cpp:23:12:23:29 | call to allocate_int_array | diff --git a/cpp/autosar/test/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.expected b/cpp/autosar/test/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.expected index d9dd02c054..dff504c2a5 100644 --- a/cpp/autosar/test/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.expected +++ b/cpp/autosar/test/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.expected @@ -1,3 +1,7 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.ql:55,34-42) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.ql:57,26-34) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.ql:70,5-18) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.ql:75,41-54) | test.cpp:17:17:17:29 | new | StructA object of size 8 bytes does not appear to outlive the function, but is created on the heap instead of the stack. | | test.cpp:21:17:21:32 | new[] | StructA[] object of size 800 bytes does not appear to outlive the function, but is created on the heap instead of the stack. | | test.cpp:35:20:35:44 | call to make_shared | StructA object of size 8 bytes does not appear to outlive the function, but is created on the heap instead of the stack. | diff --git a/cpp/autosar/test/rules/A18-9-4/ArgumentToForwardSubsequentlyUsed.expected b/cpp/autosar/test/rules/A18-9-4/ArgumentToForwardSubsequentlyUsed.expected index 1c72dd7bf3..48ce58e6cd 100644 --- a/cpp/autosar/test/rules/A18-9-4/ArgumentToForwardSubsequentlyUsed.expected +++ b/cpp/autosar/test/rules/A18-9-4/ArgumentToForwardSubsequentlyUsed.expected @@ -1 +1,4 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A18-9-4/ArgumentToForwardSubsequentlyUsed.ql:22,10-18) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A18-9-4/ArgumentToForwardSubsequentlyUsed.ql:24,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A18-9-4/ArgumentToForwardSubsequentlyUsed.ql:24,30-38) | test.cpp:8:5:8:6 | t2 | The argument $@ of `std::forward` may be indeterminate when accessed at this location. | test.cpp:7:45:7:46 | t2 | t2 | diff --git a/cpp/autosar/test/rules/A20-8-4/SharedPointerUsedWithNoOwnershipSharing.expected b/cpp/autosar/test/rules/A20-8-4/SharedPointerUsedWithNoOwnershipSharing.expected index f15f142b3b..6d9dddd574 100644 --- a/cpp/autosar/test/rules/A20-8-4/SharedPointerUsedWithNoOwnershipSharing.expected +++ b/cpp/autosar/test/rules/A20-8-4/SharedPointerUsedWithNoOwnershipSharing.expected @@ -1,3 +1,4 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A20-8-4/SharedPointerUsedWithNoOwnershipSharing.ql:47,7-15) | test.cpp:14:24:14:26 | sp3 | The ownership of shared_ptr $@ is not shared within or passed out of the local scope of function $@. | test.cpp:14:24:14:26 | sp3 | sp3 | test.cpp:11:22:11:23 | f1 | f1 | | test.cpp:16:24:16:26 | sp5 | The ownership of shared_ptr $@ is not shared within or passed out of the local scope of function $@. | test.cpp:16:24:16:26 | sp5 | sp5 | test.cpp:11:22:11:23 | f1 | f1 | | test.cpp:17:24:17:26 | sp6 | The ownership of shared_ptr $@ is not shared within or passed out of the local scope of function $@. | test.cpp:17:24:17:26 | sp6 | sp6 | test.cpp:11:22:11:23 | f1 | f1 | diff --git a/cpp/autosar/test/rules/A27-0-4/CStyleStringsUsed.expected b/cpp/autosar/test/rules/A27-0-4/CStyleStringsUsed.expected index 6184aad74e..ec330112c1 100644 --- a/cpp/autosar/test/rules/A27-0-4/CStyleStringsUsed.expected +++ b/cpp/autosar/test/rules/A27-0-4/CStyleStringsUsed.expected @@ -1,3 +1,6 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A27-0-4/CStyleStringsUsed.ql:39,3-11) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A27-0-4/CStyleStringsUsed.ql:39,23-31) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A27-0-4/CStyleStringsUsed.ql:39,47-55) | test.cpp:7:20:7:27 | CodeQL | Usage of C-style string in $@. | test.cpp:7:20:7:27 | CodeQL | expression | | test.cpp:7:20:7:27 | CodeQL | Usage of C-style string in $@. | test.cpp:16:16:16:17 | a1 | expression | | test.cpp:8:22:8:26 | call to c_str | Usage of C-style string in $@. | test.cpp:8:22:8:26 | call to c_str | expression | diff --git a/cpp/autosar/test/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.expected b/cpp/autosar/test/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.expected index 4234d93b32..9a2f863ec8 100644 --- a/cpp/autosar/test/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.expected +++ b/cpp/autosar/test/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.expected @@ -1,3 +1,9 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.ql:21,8-16) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.ql:45,58-66) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.ql:50,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.ql:59,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.ql:65,55-63) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.ql:66,3-11) edges | test.cpp:10:18:10:20 | foo | test.cpp:11:23:11:25 | foo | | test.cpp:10:18:10:20 | foo | test.cpp:11:50:11:52 | foo | diff --git a/cpp/autosar/test/rules/A5-1-7/LambdaPassedToDecltype.expected b/cpp/autosar/test/rules/A5-1-7/LambdaPassedToDecltype.expected index 8f6447a96b..e190580aba 100644 --- a/cpp/autosar/test/rules/A5-1-7/LambdaPassedToDecltype.expected +++ b/cpp/autosar/test/rules/A5-1-7/LambdaPassedToDecltype.expected @@ -1 +1,6 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToDecltype.ql:20,45-53) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToDecltype.ql:23,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToDecltype.ql:25,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToDecltype.ql:39,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToDecltype.ql:39,50-58) | test.cpp:14:23:14:24 | decltype(...) | Lambda $@ passed as operand to decltype. | test.cpp:5:13:5:30 | [...](...){...} | expression | diff --git a/cpp/autosar/test/rules/A5-1-7/LambdaPassedToTypeid.expected b/cpp/autosar/test/rules/A5-1-7/LambdaPassedToTypeid.expected index 4b19073ded..09f34049a8 100644 --- a/cpp/autosar/test/rules/A5-1-7/LambdaPassedToTypeid.expected +++ b/cpp/autosar/test/rules/A5-1-7/LambdaPassedToTypeid.expected @@ -1,3 +1,9 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToTypeid.ql:19,8-16) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToTypeid.ql:21,40-48) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToTypeid.ql:24,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToTypeid.ql:26,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToTypeid.ql:31,6-14) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToTypeid.ql:31,33-41) edges | test.cpp:5:13:5:30 | [...](...){...} | test.cpp:8:38:8:39 | l1 | | test.cpp:6:13:6:30 | [...](...){...} | test.cpp:9:38:9:39 | l2 | diff --git a/cpp/autosar/test/rules/A7-5-1/InvalidFunctionReturnType.expected b/cpp/autosar/test/rules/A7-5-1/InvalidFunctionReturnType.expected index b6d9490803..3e4fde12ec 100644 --- a/cpp/autosar/test/rules/A7-5-1/InvalidFunctionReturnType.expected +++ b/cpp/autosar/test/rules/A7-5-1/InvalidFunctionReturnType.expected @@ -1,2 +1,5 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A7-5-1/InvalidFunctionReturnType.ql:27,3-11) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A7-5-1/InvalidFunctionReturnType.ql:27,23-31) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A7-5-1/InvalidFunctionReturnType.ql:27,51-59) | test.cpp:5:3:5:11 | return ... | Function test_refconst_return returns a reference or a pointer to $@ that is passed by reference to const. | test.cpp:4:44:4:44 | x | parameter | | test.cpp:8:3:8:14 | return ... | Function test_ptrconst_return returns a reference or a pointer to $@ that is passed by reference to const. | test.cpp:7:44:7:44 | x | parameter | diff --git a/cpp/autosar/test/rules/A8-4-11/SmartPointerAsParameterWithoutLifetimeSemantics.expected b/cpp/autosar/test/rules/A8-4-11/SmartPointerAsParameterWithoutLifetimeSemantics.expected index b751d81835..4621eed8a2 100644 --- a/cpp/autosar/test/rules/A8-4-11/SmartPointerAsParameterWithoutLifetimeSemantics.expected +++ b/cpp/autosar/test/rules/A8-4-11/SmartPointerAsParameterWithoutLifetimeSemantics.expected @@ -1,3 +1,5 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A8-4-11/SmartPointerAsParameterWithoutLifetimeSemantics.ql:47,3-11) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A8-4-11/SmartPointerAsParameterWithoutLifetimeSemantics.ql:56,5-13) | test.cpp:7:41:7:43 | up1 | Function $@ takes smart pointer parameter 'up1' but does not implement any lifetime-affecting operations. | test.cpp:7:6:7:18 | smart_ptr_get | smart_ptr_get | | test.cpp:16:53:16:55 | sp1 | Function $@ takes smart pointer parameter 'sp1' but does not implement any lifetime-affecting operations. | test.cpp:16:6:16:29 | smart_ptr_ref_assign_ref | smart_ptr_ref_assign_ref | | test.cpp:28:55:28:57 | sp1 | Function $@ takes smart pointer parameter 'sp1' but does not implement any lifetime-affecting operations. | test.cpp:28:6:28:31 | smart_ptr_ref_noncompliant | smart_ptr_ref_noncompliant | diff --git a/cpp/autosar/test/rules/A8-4-12/UniquePtrPassedToFunctionWithImproperSemantics.expected b/cpp/autosar/test/rules/A8-4-12/UniquePtrPassedToFunctionWithImproperSemantics.expected index a01b93335d..928d6e7d3b 100644 --- a/cpp/autosar/test/rules/A8-4-12/UniquePtrPassedToFunctionWithImproperSemantics.expected +++ b/cpp/autosar/test/rules/A8-4-12/UniquePtrPassedToFunctionWithImproperSemantics.expected @@ -1,3 +1,5 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A8-4-12/UniquePtrPassedToFunctionWithImproperSemantics.ql:41,3-11) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A8-4-12/UniquePtrPassedToFunctionWithImproperSemantics.ql:51,5-13) | test.cpp:13:55:13:56 | v1 | Parameter of type std::unique_ptr passed as lvalue reference but not used to modify underlying object. | | test.cpp:17:47:17:48 | v1 | Parameter of type std::unique_ptr passed as lvalue reference but not used to modify underlying object. | | test.cpp:22:27:22:28 | v1 | Parameter of type std::unique_ptr passed as lvalue reference but not used to modify underlying object. | diff --git a/cpp/autosar/test/rules/A8-4-9/InOutParametersDeclaredAsTNotModified.expected b/cpp/autosar/test/rules/A8-4-9/InOutParametersDeclaredAsTNotModified.expected index e3cfa71bb7..0da8f4c1be 100644 --- a/cpp/autosar/test/rules/A8-4-9/InOutParametersDeclaredAsTNotModified.expected +++ b/cpp/autosar/test/rules/A8-4-9/InOutParametersDeclaredAsTNotModified.expected @@ -1,3 +1,5 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A8-4-9/InOutParametersDeclaredAsTNotModified.ql:49,7-15) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A8-4-9/InOutParametersDeclaredAsTNotModified.ql:63,7-15) | test.cpp:4:13:4:13 | i | In-out parameter i that is not written to. | | test.cpp:7:22:7:24 | str | In-out parameter str that is not read from. | | test.cpp:18:14:18:14 | i | In-out parameter i that is not read from. | diff --git a/cpp/autosar/test/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.expected b/cpp/autosar/test/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.expected index 04c1f35a45..e98002c3af 100644 --- a/cpp/autosar/test/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.expected +++ b/cpp/autosar/test/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.expected @@ -1,3 +1,6 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.ql:72,3-11) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.ql:72,23-31) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.ql:72,46-54) | test.cpp:20:8:20:12 | getB2 | Member function A::getB2 $@ a non-const raw pointer or reference to a private or protected $@. | test.cpp:20:25:20:25 | b | returns | test.cpp:54:7:54:7 | b | field | | test.cpp:22:8:22:12 | getB3 | Member function A::getB3 $@ a non-const raw pointer or reference to a private or protected $@. | test.cpp:22:25:22:26 | & ... | returns | test.cpp:54:7:54:7 | b | field | | test.cpp:24:8:24:13 | getB33 | Member function A::getB33 $@ a non-const raw pointer or reference to a private or protected $@. | test.cpp:26:12:26:13 | bb | returns | test.cpp:54:7:54:7 | b | field | diff --git a/cpp/autosar/test/rules/M0-3-2/FunctionErroneousReturnValueNotTested.expected b/cpp/autosar/test/rules/M0-3-2/FunctionErroneousReturnValueNotTested.expected index 76cbcebed0..f972749bd7 100644 --- a/cpp/autosar/test/rules/M0-3-2/FunctionErroneousReturnValueNotTested.expected +++ b/cpp/autosar/test/rules/M0-3-2/FunctionErroneousReturnValueNotTested.expected @@ -1 +1,4 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/M0-3-2/FunctionErroneousReturnValueNotTested.ql:70,9-17) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/M0-3-2/FunctionErroneousReturnValueNotTested.ql:70,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/M0-3-2/FunctionErroneousReturnValueNotTested.ql:70,53-61) | test.cpp:16:3:16:8 | call to remove | Return value is not tested for errors. | diff --git a/cpp/autosar/test/rules/M3-9-3/UnderlyingBitRepresentationsOfFloatingPointValuesUsed.expected b/cpp/autosar/test/rules/M3-9-3/UnderlyingBitRepresentationsOfFloatingPointValuesUsed.expected index 9aec2314da..7dbc937202 100644 --- a/cpp/autosar/test/rules/M3-9-3/UnderlyingBitRepresentationsOfFloatingPointValuesUsed.expected +++ b/cpp/autosar/test/rules/M3-9-3/UnderlyingBitRepresentationsOfFloatingPointValuesUsed.expected @@ -1,2 +1,5 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/M3-9-3/UnderlyingBitRepresentationsOfFloatingPointValuesUsed.ql:27,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/M3-9-3/UnderlyingBitRepresentationsOfFloatingPointValuesUsed.ql:36,10-18) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/M3-9-3/UnderlyingBitRepresentationsOfFloatingPointValuesUsed.ql:37,5-13) | test.cpp:5:3:5:20 | ... &= ... | Modification of bit-representation of float originated at $@ | test.cpp:4:24:4:60 | reinterpret_cast... | cast | | test.cpp:12:3:12:14 | ... &= ... | Modification of bit-representation of float originated at $@ | test.cpp:11:18:11:30 | (uint8_t *)... | cast | diff --git a/cpp/autosar/test/rules/M9-3-1/ConstMemberFunctionReturnsNonConstPointer.expected b/cpp/autosar/test/rules/M9-3-1/ConstMemberFunctionReturnsNonConstPointer.expected index ee9652f505..c85bfc587c 100644 --- a/cpp/autosar/test/rules/M9-3-1/ConstMemberFunctionReturnsNonConstPointer.expected +++ b/cpp/autosar/test/rules/M9-3-1/ConstMemberFunctionReturnsNonConstPointer.expected @@ -1,3 +1,5 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/M9-3-1/ConstMemberFunctionReturnsNonConstPointer.ql:53,7-15) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/M9-3-1/ConstMemberFunctionReturnsNonConstPointer.ql:55,7-15) | test.cpp:8:8:8:11 | getA | Const member function returns a pointer to class data $@. | test.cpp:3:8:3:8 | a | a | | test.cpp:9:8:9:11 | getB | Const member function returns a pointer to class data $@. | test.cpp:4:8:4:8 | b | b | | test.cpp:11:6:11:12 | getThis | Const member function returns a pointer to class data $@. | test.cpp:11:36:11:39 | this | this | diff --git a/cpp/cert/test/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.expected b/cpp/cert/test/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.expected index 4e87d1436c..ddd5bfce3a 100644 --- a/cpp/cert/test/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.expected +++ b/cpp/cert/test/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.expected @@ -1,3 +1,12 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:97,7-15) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:97,27-35) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:98,9-17) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:102,9-17) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:102,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:103,11-19) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:113,35-43) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:114,11-19) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:113,9-22) | test.cpp:8:42:8:46 | call to begin | Output iterator for $@ is not guaranteed to be large enough for the input iterator. | test.cpp:8:3:8:11 | call to copy | call to copy | | test.cpp:17:42:17:46 | call to begin | Output iterator for $@ is not guaranteed to be large enough for the input iterator. | test.cpp:17:3:17:11 | call to copy | call to copy | | test.cpp:55:42:55:46 | call to begin | Output iterator for $@ is not guaranteed to be large enough for the input iterator. | test.cpp:55:3:55:11 | call to copy | call to copy | diff --git a/cpp/cert/test/rules/CTR53-CPP/UseValidIteratorRanges.expected b/cpp/cert/test/rules/CTR53-CPP/UseValidIteratorRanges.expected index 61260a0579..e4468b65a4 100644 --- a/cpp/cert/test/rules/CTR53-CPP/UseValidIteratorRanges.expected +++ b/cpp/cert/test/rules/CTR53-CPP/UseValidIteratorRanges.expected @@ -1,3 +1,9 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.ql:23,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.ql:23,25-33) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.ql:24,7-15) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.ql:30,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.ql:30,25-33) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.ql:31,7-15) | test.cpp:7:3:7:15 | call to for_each | The $@ of iterator range function does not point to the end of an iterator. | test.cpp:7:28:7:32 | call to begin | argument | | test.cpp:7:3:7:15 | call to for_each | The $@ of iterator range function does not point to the start of an iterator. | test.cpp:7:19:7:21 | call to end | argument | | test.cpp:8:3:8:15 | call to for_each | The $@ of iterator range function does not point to the end of an iterator. | test.cpp:8:30:8:34 | call to begin | argument | diff --git a/cpp/cert/test/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.expected b/cpp/cert/test/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.expected index 0ee15c65b5..d08d579e97 100644 --- a/cpp/cert/test/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.expected +++ b/cpp/cert/test/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.expected @@ -1,3 +1,9 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.ql:17,8-16) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.ql:41,58-66) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.ql:46,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.ql:55,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.ql:61,55-63) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.ql:62,3-11) edges | test.cpp:15:19:15:21 | foo | test.cpp:16:24:16:26 | foo | | test.cpp:15:19:15:21 | foo | test.cpp:16:51:16:53 | foo | diff --git a/cpp/cert/test/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.expected b/cpp/cert/test/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.expected index b432856e8b..637881f49b 100644 --- a/cpp/cert/test/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.expected +++ b/cpp/cert/test/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.expected @@ -1,3 +1,27 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:24,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:24,59-67) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:27,33-41) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:27,57-65) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:31,33-41) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:31,59-67) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:40,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:40,25-33) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:40,53-61) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:43,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:43,57-65) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:52,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:52,55-63) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:59,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:59,57-65) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:71,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:71,55-63) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:24,5-18) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:27,7-20) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:31,7-20) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:43,5-18) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:52,5-18) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:59,5-18) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:71,5-18) | test.cpp:82:3:82:4 | call to f2 | Depending on the order of evaluation for the arguments $@ and $@ for side effects on shared state is unspecified and can result in unexpected behavior. | test.cpp:82:6:82:7 | call to f5 | call to f5 | test.cpp:82:12:82:13 | call to f6 | call to f6 | | test.cpp:84:3:84:4 | call to f2 | Depending on the order of evaluation for the arguments $@ and $@ for side effects on shared state is unspecified and can result in unexpected behavior. | test.cpp:84:6:84:7 | call to f5 | call to f5 | test.cpp:84:12:84:13 | call to f7 | call to f7 | | test.cpp:87:3:87:4 | call to f2 | Depending on the order of evaluation for the arguments $@ and $@ for side effects on shared state is unspecified and can result in unexpected behavior. | test.cpp:87:9:87:10 | call to m1 | call to m1 | test.cpp:87:18:87:19 | call to m1 | call to m1 | diff --git a/cpp/cert/test/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.expected b/cpp/cert/test/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.expected index a50daa096e..9feeb8d84b 100644 --- a/cpp/cert/test/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.expected +++ b/cpp/cert/test/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.expected @@ -1,3 +1,9 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:17,8-16) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:19,40-48) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:22,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:24,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:30,36-44) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:30,63-71) edges | test.cpp:6:19:6:37 | new[] | test.cpp:9:12:9:13 | l1 | | test.cpp:7:22:7:40 | new[] | test.cpp:10:12:10:13 | l2 | diff --git a/cpp/cert/test/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.expected b/cpp/cert/test/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.expected index b7452ec199..4bc20ca88c 100644 --- a/cpp/cert/test/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.expected +++ b/cpp/cert/test/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.expected @@ -1,2 +1,8 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql:59,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql:61,36-44) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql:77,42-50) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql:80,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql:84,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql:92,50-58) | test.cpp:24:7:24:34 | new | nothrow new allocation of $@ returns here without a subsequent check to see whether the pointer is valid. | test.cpp:24:7:24:34 | new | StructA * | | test.cpp:40:17:40:38 | call to allocate_without_check | nothrow new allocation of $@ returns here without a subsequent check to see whether the pointer is valid. | test.cpp:35:17:35:44 | new | StructA * | diff --git a/cpp/cert/test/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.expected b/cpp/cert/test/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.expected index 12dcb2d8ff..1b814495a6 100644 --- a/cpp/cert/test/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.expected +++ b/cpp/cert/test/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.expected @@ -1,3 +1,6 @@ +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.ql:18,8-16) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.ql:25,38-46) +WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.ql:25,65-73) edges nodes | test.cpp:16:26:16:31 | call to malloc | semmle.label | call to malloc | diff --git a/cpp/cert/test/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.expected b/cpp/cert/test/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.expected index 00ed15c370..dd7655e7e6 100644 --- a/cpp/cert/test/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.expected +++ b/cpp/cert/test/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.expected @@ -1,3 +1,6 @@ +WARNING: Module DataFlow2 has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.ql:17,8-17) +WARNING: Module DataFlow2 has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.ql:19,38-47) +WARNING: Module DataFlow2 has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.ql:19,66-75) edges | test.cpp:16:26:16:31 | call to malloc | test.cpp:22:8:22:9 | a1 | | test.cpp:17:38:17:43 | call to malloc | test.cpp:23:8:23:9 | a2 | From 6cae07d00b5376639285b5115ebd26055530edf5 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Tue, 18 Jul 2023 16:46:42 +0200 Subject: [PATCH 1134/2573] Fix hard-coded paths in test expectations --- ...bleLengthArraySizeNotInValidRange.expected | 4 +- ...rithmeticOnNonArrayObjectPointers.expected | 14 +++--- ...rSubtractAScaledIntegerToAPointer.expected | 12 ++--- .../CleanUpThreadSpecificStorage.expected | 10 ++-- ...riateThreadObjectStorageDurations.expected | 16 +++---- ...ectStorageDurationsNotInitialized.expected | 10 ++-- ...ateStorageDurationsFunctionReturn.expected | 10 ++-- .../ERR30-C/ErrnoReadBeforeReturn.expected | 2 +- .../ERR30-C/SetlocaleMightSetErrno.expected | 2 +- ...tRelyOnIndeterminateValuesOfErrno.expected | 8 ++-- ...ectAndHandleStandardLibraryErrors.expected | 2 +- ...OfFunctionArgumentsForSideEffects.expected | 48 +++++++++---------- ...rToMoreStrictlyAlignedPointerType.expected | 22 ++++----- ...nctionPointerWithIncompatibleType.expected | 12 ++--- ...iableViaPointerOfIncompatibleType.expected | 32 ++++++------- .../DoNotModifyConstantObjects.expected | 12 ++--- ...edPointerToRestrictQualifiedParam.expected | 22 ++++----- ...ointerReferencesOverlappingObject.expected | 12 ++--- ...esetStringsOnFgetsOrFgetwsFailure.expected | 6 +-- ...FsetposThatAreReturnedFromFgetpos.expected | 8 ++-- ...RaceConditionsWhileAccessingFiles.expected | 2 +- ...ufficientMemoryAllocatedForObject.expected | 4 +- ...odifyAlignmentOfMemoryWithRealloc.expected | 14 +++--- ...ssInvalidDataToTheAsctimeFunction.expected | 6 +-- ...VaListThatHasAnIndeterminateValue.expected | 12 ++--- ...SafeFunctionsWithinSignalHandlers.expected | 6 +-- ...romAComputationalExceptionHandler.expected | 2 +- ...oNotAttemptToModifyStringLiterals.expected | 28 +++++------ ...fficientSpaceForTheNullTerminator.expected | 12 ++--- ...natedToFunctionThatExpectsAString.expected | 18 +++---- ...yFunctionArgumentNumberOfElements.expected | 10 ++-- ...sedToCompareNullTerminatedStrings.expected | 20 ++++---- ...ForReadAndWriteOnDifferentStreams.expected | 2 +- .../AttemptToWriteToAReadOnlyStream.expected | 10 ++-- ...omparedWithUnmodifiedReturnValues.expected | 14 +++--- ...rformConversionOfPassedParameters.expected | 6 +-- .../AssignmentOperatorReturnThis.expected | 2 +- .../ThrownExceptionsShouldBeUnique.expected | 2 +- ...orErrorLeavesObjectInInvalidState.expected | 18 +++---- ...entOfAnArrayPassedToASmartPointer.expected | 12 ++--- .../UnnecessaryUseOfDynamicStorage.expected | 8 ++-- ...ArgumentToForwardSubsequentlyUsed.expected | 6 +-- ...PointerUsedWithNoOwnershipSharing.expected | 2 +- .../rules/A27-0-4/CStyleStringsUsed.expected | 6 +-- ...UsedWithPointersToNonFinalClasses.expected | 12 ++--- .../A5-1-7/LambdaPassedToDecltype.expected | 10 ++-- .../A5-1-7/LambdaPassedToTypeid.expected | 12 ++--- .../A7-5-1/InvalidFunctionReturnType.expected | 6 +-- ...ParameterWithoutLifetimeSemantics.expected | 4 +- ...edToFunctionWithImproperSemantics.expected | 4 +- ...tParametersDeclaredAsTNotModified.expected | 4 +- ...eferencesToPrivateOrProtectedData.expected | 6 +-- ...tionErroneousReturnValueNotTested.expected | 6 +-- ...ntationsOfFloatingPointValuesUsed.expected | 6 +-- ...berFunctionReturnsNonConstPointer.expected | 4 +- ...cCppLibraryFunctionsDoNotOverflow.expected | 18 +++---- .../CTR53-CPP/UseValidIteratorRanges.expected | 12 ++--- ...terArithmeticOnPolymorphicObjects.expected | 12 ++--- ...nFunctionCallsAsFunctionArguments.expected | 48 +++++++++---------- ...ThroughAPointerOfTheIncorrectType.expected | 12 ++--- ...ctAndHandleMemoryAllocationErrors.expected | 12 ++--- ...uctorCallForManuallyManagedObject.expected | 6 +-- ...uctorCallForManuallyManagedObject.expected | 6 +-- 63 files changed, 343 insertions(+), 343 deletions(-) diff --git a/c/cert/test/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.expected b/c/cert/test/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.expected index c2dd4dc338..852f776d55 100644 --- a/c/cert/test/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.expected +++ b/c/cert/test/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.expected @@ -1,5 +1,5 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.ql:104,11-19) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.ql:87,5-18) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.ql:104,11-19) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.ql:87,5-18) | test.c:14:8:14:8 | VLA declaration | Variable-length array dimension size may be in an invalid range. | | test.c:15:8:15:8 | VLA declaration | Variable-length array dimension size may be in an invalid range. | | test.c:16:8:16:8 | VLA declaration | Variable-length array dimension size may be in an invalid range. | diff --git a/c/cert/test/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.expected b/c/cert/test/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.expected index eeaa8a17f1..6d679648a9 100644 --- a/c/cert/test/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.expected +++ b/c/cert/test/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.expected @@ -1,10 +1,10 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:17,8-16) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:23,56-64) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:26,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:38,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:46,35-43) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:104,6-14) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:104,33-41) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:17,8-16) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:23,56-64) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:26,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:38,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:46,35-43) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:104,6-14) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:104,33-41) edges | test.c:14:38:14:39 | p1 | test.c:18:10:18:11 | v1 | | test.c:14:38:14:39 | p1 | test.c:19:10:19:11 | v2 | diff --git a/c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected b/c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected index e59e1b3337..abebd685c1 100644 --- a/c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected +++ b/c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected @@ -1,9 +1,9 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql:18,8-16) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql:72,52-60) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql:75,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql:77,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql:86,51-59) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql:86,75-83) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql:18,8-16) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql:72,52-60) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql:75,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql:77,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql:86,51-59) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql:86,75-83) edges | test.c:7:13:7:14 | p1 | test.c:9:9:9:10 | p1 | | test.c:16:19:16:41 | ... - ... | test.c:18:26:18:31 | offset | diff --git a/c/cert/test/rules/CON30-C/CleanUpThreadSpecificStorage.expected b/c/cert/test/rules/CON30-C/CleanUpThreadSpecificStorage.expected index b121b2a31c..4b3fb1d4bb 100644 --- a/c/cert/test/rules/CON30-C/CleanUpThreadSpecificStorage.expected +++ b/c/cert/test/rules/CON30-C/CleanUpThreadSpecificStorage.expected @@ -1,8 +1,8 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql:21,57-65) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql:24,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql:33,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql:49,20-28) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql:51,20-28) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql:21,57-65) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql:24,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql:33,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql:49,20-28) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql:51,20-28) | test.c:27:3:27:12 | call to tss_create | Resources used by thread specific storage may not be cleaned up. | | test.c:49:3:49:12 | call to tss_create | Resources used by thread specific storage may not be cleaned up. | | test.c:71:3:71:12 | call to tss_create | Resources used by thread specific storage may not be cleaned up. | diff --git a/c/cert/test/rules/CON34-C/AppropriateThreadObjectStorageDurations.expected b/c/cert/test/rules/CON34-C/AppropriateThreadObjectStorageDurations.expected index a95d0d30a3..7d13d2643e 100644 --- a/c/cert/test/rules/CON34-C/AppropriateThreadObjectStorageDurations.expected +++ b/c/cert/test/rules/CON34-C/AppropriateThreadObjectStorageDurations.expected @@ -1,11 +1,11 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql:28,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql:28,54-62) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql:35,62-70) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql:40,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql:40,30-38) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql:41,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql:41,30-38) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql:28,3-16) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql:28,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql:28,54-62) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql:35,62-70) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql:40,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql:40,30-38) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql:41,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql:41,30-38) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql:28,3-16) | test.c:23:3:23:13 | call to thrd_create | $@ not declared with appropriate storage duration | test.c:23:24:23:29 | & ... | Shared object | | test.c:74:3:74:13 | call to thrd_create | $@ not declared with appropriate storage duration | test.c:74:24:74:24 | p | Shared object | | test.c:85:3:85:13 | call to thrd_create | $@ not declared with appropriate storage duration | test.c:85:24:85:24 | p | Shared object | diff --git a/c/cert/test/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.expected b/c/cert/test/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.expected index 43251e5bd9..c73ee85633 100644 --- a/c/cert/test/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.expected +++ b/c/cert/test/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.expected @@ -1,6 +1,6 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql:28,38-46) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql:31,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql:31,30-38) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql:32,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql:32,30-38) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql:28,38-46) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql:31,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql:31,30-38) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql:32,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql:32,30-38) | test.c:14:7:14:13 | call to tss_get | Call to a thread specific storage function from within a threaded context on an object that may not be owned by this thread. | diff --git a/c/cert/test/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.expected b/c/cert/test/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.expected index 92aed32824..ce245c0a6b 100644 --- a/c/cert/test/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.expected +++ b/c/cert/test/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.expected @@ -1,7 +1,7 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql:22,20-28) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql:26,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql:39,6-14) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql:39,26-34) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql:45,3-11) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql:22,20-28) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql:26,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql:39,6-14) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql:39,26-34) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql:45,3-11) | test.c:3:10:3:10 | a | $@ with automatic storage may be accessible outside of its lifetime. | test.c:3:10:3:10 | a | a | | test.c:15:4:15:8 | param [inner post update] | $@ with automatic storage may be accessible outside of its lifetime. | test.c:15:12:15:13 | a2 | a2 | diff --git a/c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.expected b/c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.expected index b6f855c2a8..049b398043 100644 --- a/c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.expected +++ b/c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.expected @@ -1,4 +1,4 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ERR30-C/ErrnoReadBeforeReturn.ql:40,7-15) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ERR30-C/ErrnoReadBeforeReturn.ql:40,7-15) | test.c:69:7:69:11 | * ... | Do not read `errno` before checking the return value of function $@. | test.c:68:3:68:7 | call to ftell | call to ftell | | test.c:69:7:69:11 | call to __errno_location | Do not read `errno` before checking the return value of function $@. | test.c:68:3:68:7 | call to ftell | call to ftell | | test.c:70:5:70:10 | call to perror | Do not read `errno` before checking the return value of function $@. | test.c:68:3:68:7 | call to ftell | call to ftell | diff --git a/c/cert/test/rules/ERR30-C/SetlocaleMightSetErrno.expected b/c/cert/test/rules/ERR30-C/SetlocaleMightSetErrno.expected index 6aaabec818..48d4af3c86 100644 --- a/c/cert/test/rules/ERR30-C/SetlocaleMightSetErrno.expected +++ b/c/cert/test/rules/ERR30-C/SetlocaleMightSetErrno.expected @@ -1,3 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ERR30-C/SetlocaleMightSetErrno.ql:64,7-15) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ERR30-C/SetlocaleMightSetErrno.ql:64,7-15) | test.c:98:3:98:11 | call to setlocale | Do not read `errno` before checking the return value of a call to `setlocale`. | | test.c:104:7:104:15 | call to setlocale | The value of `errno` may be different than `0` when `setlocale` is called. The following `errno` check might be invalid. | diff --git a/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected b/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected index f55303ca30..e2b3ce8e0c 100644 --- a/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected +++ b/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected @@ -1,7 +1,7 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql:51,7-15) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql:51,27-35) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql:52,9-17) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql:55,9-17) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql:51,7-15) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql:51,27-35) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql:52,9-17) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql:55,9-17) | test.c:12:5:12:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:10:21:10:26 | call to signal | call to signal | | test.c:30:5:30:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:26:21:26:26 | call to signal | call to signal | | test.c:49:5:49:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:45:21:45:26 | call to signal | call to signal | diff --git a/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected b/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected index ff6aa7e55a..d67751d7f0 100644 --- a/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected +++ b/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected @@ -1,4 +1,4 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.ql:453,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.ql:453,5-13) | test.c:18:3:18:11 | call to setlocale | Missing error detection for the call to function `setlocale`. | | test.c:24:23:24:31 | call to setlocale | Missing error detection for the call to function `setlocale`. | | test.c:29:22:29:27 | call to calloc | Missing error detection for the call to function `calloc`. | diff --git a/c/cert/test/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.expected b/c/cert/test/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.expected index 6a8a6cec4a..cf68fc16c5 100644 --- a/c/cert/test/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.expected +++ b/c/cert/test/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.expected @@ -1,25 +1,25 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:24,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:24,59-67) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:27,33-41) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:27,57-65) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:31,33-41) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:31,59-67) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:40,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:40,25-33) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:40,53-61) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:43,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:43,57-65) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:52,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:52,55-63) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:59,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:59,57-65) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:71,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:71,55-63) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:24,5-18) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:27,7-20) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:31,7-20) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:43,5-18) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:52,5-18) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:59,5-18) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:71,5-18) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:24,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:24,59-67) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:27,33-41) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:27,57-65) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:31,33-41) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:31,59-67) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:40,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:40,25-33) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:40,53-61) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:43,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:43,57-65) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:52,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:52,55-63) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:59,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:59,57-65) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:71,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:71,55-63) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:24,5-18) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:27,7-20) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:31,7-20) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:43,5-18) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:52,5-18) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:59,5-18) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:71,5-18) | test.c:20:3:20:4 | call to f1 | Depending on the order of evaluation for the arguments $@ and $@ for side effects on shared state is unspecified and can result in unexpected behavior. | test.c:20:6:20:7 | call to f2 | call to f2 | test.c:20:12:20:13 | call to f3 | call to f3 | diff --git a/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected b/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected index bb65dea352..b374e24470 100644 --- a/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected +++ b/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected @@ -1,14 +1,14 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:20,8-16) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:100,20-28) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:126,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:131,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:140,58-66) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:145,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:149,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:156,35-43) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:172,3-11) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:172,30-38) -WARNING: Module DataFlow2 has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:121,86-95) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:20,8-16) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:100,20-28) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:126,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:131,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:140,58-66) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:145,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:149,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:156,35-43) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:172,3-11) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:172,30-38) +WARNING: Module DataFlow2 has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:121,86-95) edges | test.c:75:14:75:16 | & ... | test.c:76:11:76:12 | v1 | | test.c:75:14:75:16 | & ... | test.c:77:12:77:13 | v1 | diff --git a/c/cert/test/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.expected b/c/cert/test/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.expected index ae3c74e7b7..c85199bf3c 100644 --- a/c/cert/test/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.expected +++ b/c/cert/test/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.expected @@ -1,9 +1,9 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql:17,8-16) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql:40,50-58) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql:43,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql:47,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql:53,46-54) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql:53,70-78) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql:17,8-16) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql:40,50-58) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql:43,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql:47,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql:53,46-54) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql:53,70-78) edges | test.c:48:68:48:70 | fns [f1] | test.c:49:3:49:5 | fns [f1] | | test.c:49:3:49:5 | fns [f1] | test.c:49:8:49:9 | f1 | diff --git a/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected b/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected index 9c3e266aa3..c39dc32d4b 100644 --- a/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected +++ b/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected @@ -1,19 +1,19 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:18,8-16) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:48,44-52) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:56,48-56) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:65,41-49) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:68,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:68,54-62) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:73,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:73,50-58) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:106,32-40) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:106,53-61) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:115,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:115,27-35) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:115,55-63) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:116,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:193,6-14) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:193,33-41) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:18,8-16) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:48,44-52) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:56,48-56) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:65,41-49) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:68,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:68,54-62) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:73,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:73,50-58) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:106,32-40) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:106,53-61) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:115,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:115,27-35) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:115,55-63) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:116,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:193,6-14) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql:193,33-41) edges | test.c:49:8:49:9 | s3 | test.c:50:8:50:9 | s1 | | test.c:60:16:60:18 | E1A | test.c:61:16:61:17 | e1 | diff --git a/c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.expected b/c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.expected index cedba37c98..16266ae7a4 100644 --- a/c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.expected +++ b/c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.expected @@ -1,9 +1,9 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql:16,8-16) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql:35,34-42) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql:38,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql:44,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql:49,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql:49,55-63) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql:16,8-16) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql:35,34-42) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql:38,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql:44,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql:49,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql:49,55-63) edges | test.c:5:8:5:9 | & ... | test.c:6:4:6:5 | aa | | test.c:26:15:26:15 | a | test.c:27:4:27:4 | a | diff --git a/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.expected b/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.expected index 92bfafb726..f1126488fc 100644 --- a/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.expected +++ b/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.expected @@ -1,14 +1,14 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:103,36-44) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:118,47-55) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:121,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:123,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:129,34-42) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:147,20-28) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:147,49-57) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:150,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:150,51-59) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:157,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:157,51-59) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:103,36-44) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:118,47-55) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:121,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:123,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:129,34-42) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:147,20-28) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:147,49-57) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:150,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:150,51-59) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:157,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql:157,51-59) | test.c:59:3:59:6 | call to copy | Call to 'copy' passes an $@ to a $@ (pointer value derived from a pair of address-of expressions ($@, $@). | test.c:59:13:59:15 | & ... | aliased pointer | test.c:59:8:59:10 | & ... | restrict-qualified parameter | test.c:59:8:59:10 | & ... | addressof1 | test.c:59:13:59:15 | & ... | addressof2 | | test.c:65:3:65:6 | call to copy | Call to 'copy' passes an $@ to a $@ (pointer value derived from a pair of address-of expressions ($@, $@). | test.c:65:15:65:19 | & ... | aliased pointer | test.c:65:8:65:12 | & ... | restrict-qualified parameter | test.c:65:8:65:12 | & ... | addressof1 | test.c:65:15:65:19 | & ... | addressof2 | | test.c:67:3:67:6 | call to copy | Call to 'copy' passes an $@ to a $@ (pointer value derived from a pair of address-of expressions ($@, $@). | test.c:67:15:67:16 | px | aliased pointer | test.c:67:8:67:12 | & ... | restrict-qualified parameter | test.c:67:8:67:12 | & ... | addressof1 | test.c:63:13:63:17 | & ... | addressof2 | diff --git a/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected b/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected index 2e03842ee5..20f835b2e8 100644 --- a/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected +++ b/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected @@ -1,9 +1,9 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql:42,60-68) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql:47,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql:51,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql:58,58-66) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql:74,37-45) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql:75,37-45) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql:42,60-68) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql:47,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql:51,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql:58,58-66) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql:74,37-45) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql:75,37-45) | test.c:18:22:18:23 | i2 | Assignment to restrict-qualified pointer $@ results in pointers aliasing $@. | test.c:18:17:18:18 | i3 | i3 | test.c:18:22:18:23 | i2 | the object pointed to by i2 | | test.c:19:8:19:9 | g2 | Assignment to restrict-qualified pointer $@ results in pointers aliasing $@. | test.c:5:15:5:16 | g1 | g1 | test.c:19:8:19:9 | g2 | the object pointed to by g2 | | test.c:20:8:20:9 | i2 | Assignment to restrict-qualified pointer $@ results in pointers aliasing $@. | test.c:16:17:16:18 | i1 | i1 | test.c:20:8:20:9 | i2 | the object pointed to by i2 | diff --git a/c/cert/test/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.expected b/c/cert/test/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.expected index 675e73b9fe..aa1cc50077 100644 --- a/c/cert/test/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.expected +++ b/c/cert/test/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.expected @@ -1,6 +1,6 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.ql:42,11-19) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.ql:42,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.ql:43,13-21) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.ql:42,11-19) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.ql:42,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.ql:43,13-21) | test.c:20:10:20:12 | buf | The buffer is not reset before being referenced following a failed $@. | test.c:15:7:15:11 | call to fgets | call to fgets | | test.c:57:10:57:12 | buf | The buffer is not reset before being referenced following a failed $@. | test.c:52:7:52:11 | call to fgets | call to fgets | | test.c:66:18:66:20 | buf | The buffer is not reset before being referenced following a failed $@. | test.c:61:7:61:11 | call to fgets | call to fgets | diff --git a/c/cert/test/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.expected b/c/cert/test/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.expected index 60505c54aa..a9d4fbe69f 100644 --- a/c/cert/test/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.expected +++ b/c/cert/test/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.expected @@ -1,6 +1,6 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:25,26-34) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:28,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:30,14-22) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:33,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:25,26-34) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:28,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:30,14-22) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:33,29-37) | test.c:7:24:7:30 | & ... | The position argument of a call to `fsetpos()` should be obtained from a call to `fgetpos()`. | | test.c:33:24:33:30 | & ... | The position argument of a call to `fsetpos()` should be obtained from a call to `fgetpos()`. | diff --git a/c/cert/test/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.expected b/c/cert/test/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.expected index d0d39851c4..7b41b51c19 100644 --- a/c/cert/test/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.expected +++ b/c/cert/test/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.expected @@ -1,3 +1,3 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.ql:27,35-43) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.ql:27,35-43) | test.c:4:13:4:17 | call to fopen | This call is trying to prevent an existing file from being overwritten by $@. An attacker might be able to exploit the race window between the two calls. | test.c:11:9:11:13 | call to fopen | another call | | test.c:88:13:88:17 | call to fopen | This call is trying to prevent an existing file from being overwritten by $@. An attacker might be able to exploit the race window between the two calls. | test.c:95:9:95:13 | call to fopen | another call | diff --git a/c/cert/test/rules/MEM35-C/InsufficientMemoryAllocatedForObject.expected b/c/cert/test/rules/MEM35-C/InsufficientMemoryAllocatedForObject.expected index 4cfe8b137a..cc2b957849 100644 --- a/c/cert/test/rules/MEM35-C/InsufficientMemoryAllocatedForObject.expected +++ b/c/cert/test/rules/MEM35-C/InsufficientMemoryAllocatedForObject.expected @@ -1,5 +1,5 @@ -WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/MEM35-C/InsufficientMemoryAllocatedForObject.ql:85,5-18) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/MEM35-C/InsufficientMemoryAllocatedForObject.ql:143,5-18) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/MEM35-C/InsufficientMemoryAllocatedForObject.ql:85,5-18) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/MEM35-C/InsufficientMemoryAllocatedForObject.ql:143,5-18) | test.c:12:19:12:24 | call to malloc | Allocation size (32 bytes) is not a multiple of the size of 'S1' (36 bytes). | test.c:12:26:12:32 | 32 | | | test.c:15:19:15:24 | call to malloc | Allocation size calculated from the size of a different type ($@). | test.c:15:26:15:35 | sizeof() | sizeof(S1 *) | | test.c:20:19:20:24 | call to malloc | Allocation size (128 bytes) is not a multiple of the size of 'S1' (36 bytes). | test.c:20:26:20:36 | ... * ... | | diff --git a/c/cert/test/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.expected b/c/cert/test/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.expected index dd8ff90c27..a65140a683 100644 --- a/c/cert/test/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.expected +++ b/c/cert/test/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.expected @@ -1,10 +1,10 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql:19,8-16) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql:26,36-44) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql:40,43-51) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql:43,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql:47,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql:52,39-47) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql:52,66-74) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql:19,8-16) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql:26,36-44) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql:40,43-51) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql:43,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql:47,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql:52,39-47) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql:52,66-74) edges | test.c:5:10:5:22 | call to aligned_alloc | test.c:15:8:15:28 | call to aligned_alloc_wrapper | | test.c:8:29:8:31 | ptr | test.c:8:64:8:66 | ptr | diff --git a/c/cert/test/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.expected b/c/cert/test/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.expected index 0d76d0fe6c..f4e17367f2 100644 --- a/c/cert/test/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.expected +++ b/c/cert/test/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.expected @@ -1,4 +1,4 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.ql:33,34-42) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.ql:36,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.ql:43,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.ql:33,34-42) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.ql:36,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.ql:43,29-37) | test.c:6:24:6:30 | time_tm | The function `asctime` and `asctime_r` should be discouraged. Unsanitized input can overflow the output buffer. | diff --git a/c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.expected b/c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.expected index 3f8d8d6655..1f594d145f 100644 --- a/c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.expected +++ b/c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.expected @@ -1,9 +1,9 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:38,27-35) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:41,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:46,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:68,30-38) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:69,28-36) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:70,28-36) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:38,27-35) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:41,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:46,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:68,30-38) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:69,28-36) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:70,28-36) | test.c:23:32:23:33 | ap | The value of ap is indeterminate after the $@. | test.c:17:7:17:19 | call to contains_zero | call to contains_zero | | test.c:26:10:26:11 | ap | The value of ap is indeterminate after the $@. | test.c:17:7:17:19 | call to contains_zero | call to contains_zero | | test.c:39:12:39:13 | ap | The value of ap is indeterminate after the $@. | test.c:35:7:35:19 | call to contains_zero | call to contains_zero | diff --git a/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected b/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected index f7b0b158f0..c6e9c8739d 100644 --- a/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected +++ b/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected @@ -1,6 +1,6 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql:105,11-19) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql:105,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql:106,9-17) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql:105,11-19) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql:105,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql:106,9-17) | test.c:10:3:10:18 | call to log_local_unsafe | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:16:7:16:12 | call to signal | signal handler | | test.c:11:3:11:6 | call to free | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:16:7:16:12 | call to signal | signal handler | | test.c:46:3:46:9 | call to longjmp | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:50:7:50:12 | call to signal | signal handler | diff --git a/c/cert/test/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.expected b/c/cert/test/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.expected index ce057400f9..7969d5ac3b 100644 --- a/c/cert/test/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.expected +++ b/c/cert/test/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.expected @@ -1,2 +1,2 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.ql:39,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.ql:39,5-13) | test.c:10:1:10:1 | return ... | Do not return from a $@ signal handler. | test.c:13:10:13:15 | SIGFPE | computational exception | diff --git a/c/cert/test/rules/STR30-C/DoNotAttemptToModifyStringLiterals.expected b/c/cert/test/rules/STR30-C/DoNotAttemptToModifyStringLiterals.expected index 6e909000a2..d6b1195940 100644 --- a/c/cert/test/rules/STR30-C/DoNotAttemptToModifyStringLiterals.expected +++ b/c/cert/test/rules/STR30-C/DoNotAttemptToModifyStringLiterals.expected @@ -1,17 +1,17 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:42,68-76) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:47,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:68,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:102,11-19) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:102,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:102,55-63) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:107,11-19) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:107,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:107,57-65) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:140,11-19) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:140,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:140,55-63) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:151,18-26) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:151,47-55) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:42,68-76) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:47,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:68,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:102,11-19) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:102,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:102,55-63) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:107,11-19) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:107,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:107,57-65) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:140,11-19) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:140,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:140,55-63) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:151,18-26) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql:151,47-55) | test.c:7:3:7:3 | a | This operation may write to a string that may be a string literal that was $@. | test.c:6:13:6:20 | codeql | created here | | test.c:30:3:30:3 | a | This operation may write to a string that may be a string literal that was $@. | test.c:29:13:29:18 | call to strchr | created here | | test.c:36:3:36:3 | b | This operation may write to a string that may be a string literal that was $@. | test.c:35:13:35:18 | call to strchr | created here | diff --git a/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.expected b/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.expected index bd0f90e48e..b32aa0314a 100644 --- a/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.expected +++ b/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.expected @@ -1,9 +1,9 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql:57,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql:57,55-63) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql:63,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql:63,54-62) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql:57,5-18) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql:63,5-18) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql:57,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql:57,55-63) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql:63,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql:63,54-62) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql:57,5-18) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql:63,5-18) | test.c:10:20:10:24 | Co | Expression produces or consumes a string that may not have sufficient space for a null-terminator. | | test.c:16:3:16:9 | call to strncpy | Expression produces or consumes a string that may not have sufficient space for a null-terminator. | | test.c:26:3:26:10 | call to snprintf | Expression produces or consumes a string that may not have sufficient space for a null-terminator. | diff --git a/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected b/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected index cb31863eb2..55ac2ecc66 100644 --- a/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected +++ b/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected @@ -1,12 +1,12 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql:55,33-41) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql:55,73-81) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql:61,33-41) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql:61,57-65) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql:69,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql:69,69-77) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql:55,7-20) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql:61,7-20) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql:69,5-18) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql:55,33-41) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql:55,73-81) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql:61,33-41) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql:61,57-65) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql:69,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql:69,69-77) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql:55,7-20) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql:61,7-20) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql:69,5-18) | test.c:19:3:19:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:7:20:7:24 | Co | this expression | | test.c:20:3:20:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:7:20:7:24 | Co | this expression | | test.c:22:3:22:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:13:3:13:9 | call to strncpy | this expression | diff --git a/c/misra/test/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.expected b/c/misra/test/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.expected index 11d6bb8212..8e3c49aa2e 100644 --- a/c/misra/test/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.expected +++ b/c/misra/test/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.expected @@ -1,8 +1,8 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql:47,32-40) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql:50,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql:52,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql:70,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql:70,45-53) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql:47,32-40) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql:50,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql:52,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql:70,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-17-5/ArrayFunctionArgumentNumberOfElements.ql:70,45-53) | test.c:18:6:18:6 | 0 | The function argument does not have a sufficient number or elements declared in the $@. | test.c:1:13:1:14 | ar | parameter | | test.c:19:6:19:7 | ar | The function argument does not have a sufficient number or elements declared in the $@. | test.c:1:13:1:14 | ar | parameter | | test.c:21:6:21:9 | ar2p | The function argument does not have a sufficient number or elements declared in the $@. | test.c:1:13:1:14 | ar | parameter | diff --git a/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected b/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected index 53a711a48e..775368689c 100644 --- a/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected +++ b/c/misra/test/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.expected @@ -1,13 +1,13 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql:19,8-16) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql:25,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql:51,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql:60,24-32) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql:60,51-59) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql:61,3-11) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql:61,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql:61,56-64) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql:62,3-11) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql:22,57-70) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql:19,8-16) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql:25,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql:51,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql:60,24-32) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql:60,51-59) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql:61,3-11) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql:61,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql:61,56-64) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql:62,3-11) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-21-14/MemcmpUsedToCompareNullTerminatedStrings.ql:22,57-70) edges | test.c:12:13:12:15 | a | test.c:14:10:14:10 | a | | test.c:12:13:12:15 | a | test.c:23:13:23:13 | a | diff --git a/c/misra/test/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.expected b/c/misra/test/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.expected index e194ed9817..782b890699 100644 --- a/c/misra/test/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.expected +++ b/c/misra/test/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.expected @@ -1,4 +1,4 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.ql:38,9-17) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-22-3/FileOpenForReadAndWriteOnDifferentStreams.ql:38,9-17) | test.c:6:14:6:18 | call to fopen | The same file was already opened $@. Files should not be read and written at the same time using different streams. | test.c:5:14:5:18 | call to fopen | here | | test.c:17:14:17:18 | call to fopen | The same file was already opened $@. Files should not be read and written at the same time using different streams. | test.c:16:14:16:18 | call to fopen | here | | test.c:33:14:33:18 | call to fopen | The same file was already opened $@. Files should not be read and written at the same time using different streams. | test.c:32:14:32:18 | call to fopen | here | diff --git a/c/misra/test/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.expected b/c/misra/test/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.expected index f3d13ae012..74eb07ffe0 100644 --- a/c/misra/test/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.expected +++ b/c/misra/test/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.expected @@ -1,7 +1,7 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.ql:18,26-34) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.ql:21,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.ql:26,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.ql:32,25-33) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.ql:35,26-34) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.ql:18,26-34) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.ql:21,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.ql:26,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.ql:32,25-33) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-22-4/AttemptToWriteToAReadOnlyStream.ql:35,26-34) | test.c:10:3:10:9 | call to fprintf | Attempt to write to a $@ opened as read-only. | test.c:9:14:9:18 | call to fopen | stream | | test.c:15:3:15:9 | call to fprintf | Attempt to write to a $@ opened as read-only. | test.c:18:14:18:18 | call to fopen | stream | diff --git a/c/misra/test/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.expected b/c/misra/test/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.expected index fca3471ed7..8c7c643e40 100644 --- a/c/misra/test/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.expected +++ b/c/misra/test/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.expected @@ -1,9 +1,9 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql:22,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql:25,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql:29,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql:38,32-40) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql:50,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql:58,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql:58,48-56) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql:22,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql:25,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql:29,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql:38,32-40) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql:50,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql:58,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql:58,48-56) | test.c:6:7:6:20 | ... != ... | The check is not reliable as the type of the return value of $@ is converted. | test.c:5:14:5:20 | call to getchar | call to getchar | | test.c:13:7:13:15 | ... != ... | The check is not reliable as the type of the return value of $@ is converted. | test.c:12:14:12:20 | call to getchar | call to getchar | diff --git a/cpp/autosar/test/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.expected b/cpp/autosar/test/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.expected index 5b1aba4b39..b54f940413 100644 --- a/cpp/autosar/test/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.expected +++ b/cpp/autosar/test/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.expected @@ -1,4 +1,4 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.ql:27,33-41) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.ql:28,5-13) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.ql:27,7-20) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.ql:27,33-41) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.ql:28,5-13) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A13-1-3/UserDefinedLiteralsOperatorsShallOnlyPerformConversionOfPassedParameters.ql:27,7-20) | test.cpp:47:8:47:23 | operator ""_uds5 | User defined literal operator returns $@, which is not converted from a passed parameter | test.cpp:48:10:48:12 | 0.0 | expression | diff --git a/cpp/autosar/test/rules/A13-2-1/AssignmentOperatorReturnThis.expected b/cpp/autosar/test/rules/A13-2-1/AssignmentOperatorReturnThis.expected index 5328673322..c8accfa682 100644 --- a/cpp/autosar/test/rules/A13-2-1/AssignmentOperatorReturnThis.expected +++ b/cpp/autosar/test/rules/A13-2-1/AssignmentOperatorReturnThis.expected @@ -1,4 +1,4 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A13-2-1/AssignmentOperatorReturnThis.ql:25,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A13-2-1/AssignmentOperatorReturnThis.ql:25,5-13) | test.cpp:10:12:10:20 | operator= | User-defined assignment operator $@ does not return *this | test.cpp:10:12:10:20 | operator= | user defined assignment operator | | test.cpp:17:11:17:19 | operator= | User-defined assignment operator $@ does not return *this | test.cpp:17:11:17:19 | operator= | user defined assignment operator | | test.cpp:24:12:24:20 | operator= | User-defined assignment operator $@ does not return *this | test.cpp:24:12:24:20 | operator= | user defined assignment operator | diff --git a/cpp/autosar/test/rules/A15-1-3/ThrownExceptionsShouldBeUnique.expected b/cpp/autosar/test/rules/A15-1-3/ThrownExceptionsShouldBeUnique.expected index 175680121b..0680304b74 100644 --- a/cpp/autosar/test/rules/A15-1-3/ThrownExceptionsShouldBeUnique.expected +++ b/cpp/autosar/test/rules/A15-1-3/ThrownExceptionsShouldBeUnique.expected @@ -1,4 +1,4 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A15-1-3/ThrownExceptionsShouldBeUnique.ql:24,3-11) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A15-1-3/ThrownExceptionsShouldBeUnique.ql:24,3-11) | test.cpp:6:5:6:26 | throw ... | The $@ thrown here is a possible duplicate of the $@ thrown $@. | test.cpp:6:5:6:26 | call to exception | std::exception exception | test.cpp:14:5:14:26 | call to exception | exception | test.cpp:14:5:14:26 | throw ... | here | | test.cpp:8:5:8:53 | throw ... | The $@ thrown here is a possible duplicate of the $@ thrown $@. | test.cpp:8:5:8:53 | call to runtime_error | std::runtime_error exception | test.cpp:16:5:16:53 | call to runtime_error | exception | test.cpp:16:5:16:53 | throw ... | here | | test.cpp:14:5:14:26 | throw ... | The $@ thrown here is a possible duplicate of the $@ thrown $@. | test.cpp:14:5:14:26 | call to exception | std::exception exception | test.cpp:6:5:6:26 | call to exception | exception | test.cpp:6:5:6:26 | throw ... | here | diff --git a/cpp/autosar/test/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.expected b/cpp/autosar/test/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.expected index 443fb8cfc6..73661dbe5e 100644 --- a/cpp/autosar/test/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.expected +++ b/cpp/autosar/test/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.expected @@ -1,12 +1,12 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql:47,12-20) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql:48,30-38) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql:48,57-65) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql:71,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql:71,25-33) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql:72,7-15) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql:116,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql:116,25-33) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql:116,54-62) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql:47,12-20) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql:48,30-38) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql:48,57-65) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql:71,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql:71,25-33) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql:72,7-15) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql:116,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql:116,25-33) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A15-2-2/ConstructorErrorLeavesObjectInInvalidState.ql:116,54-62) edges | test.cpp:12:16:12:27 | new [bad_alloc] | test.cpp:14:33:16:5 | { ... } [bad_alloc] | | test.cpp:13:7:13:28 | throw ... [exception] | test.cpp:14:33:16:5 | { ... } [exception] | diff --git a/cpp/autosar/test/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.expected b/cpp/autosar/test/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.expected index d683ddb151..ed4ee043fb 100644 --- a/cpp/autosar/test/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.expected +++ b/cpp/autosar/test/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.expected @@ -1,9 +1,9 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql:20,8-16) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql:31,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql:43,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql:63,59-67) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql:64,3-11) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql:26,63-76) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql:20,8-16) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql:31,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql:43,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql:63,59-67) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql:64,3-11) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A18-1-4/PointerToAnElementOfAnArrayPassedToASmartPointer.ql:26,63-76) edges | test.cpp:3:36:3:45 | new[] | test.cpp:19:27:19:44 | call to allocate_int_array | | test.cpp:3:36:3:45 | new[] | test.cpp:23:12:23:29 | call to allocate_int_array | diff --git a/cpp/autosar/test/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.expected b/cpp/autosar/test/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.expected index dff504c2a5..97d0f9d1e5 100644 --- a/cpp/autosar/test/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.expected +++ b/cpp/autosar/test/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.expected @@ -1,7 +1,7 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.ql:55,34-42) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.ql:57,26-34) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.ql:70,5-18) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.ql:75,41-54) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.ql:55,34-42) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.ql:57,26-34) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.ql:70,5-18) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.ql:75,41-54) | test.cpp:17:17:17:29 | new | StructA object of size 8 bytes does not appear to outlive the function, but is created on the heap instead of the stack. | | test.cpp:21:17:21:32 | new[] | StructA[] object of size 800 bytes does not appear to outlive the function, but is created on the heap instead of the stack. | | test.cpp:35:20:35:44 | call to make_shared | StructA object of size 8 bytes does not appear to outlive the function, but is created on the heap instead of the stack. | diff --git a/cpp/autosar/test/rules/A18-9-4/ArgumentToForwardSubsequentlyUsed.expected b/cpp/autosar/test/rules/A18-9-4/ArgumentToForwardSubsequentlyUsed.expected index 48ce58e6cd..401e3dc0ee 100644 --- a/cpp/autosar/test/rules/A18-9-4/ArgumentToForwardSubsequentlyUsed.expected +++ b/cpp/autosar/test/rules/A18-9-4/ArgumentToForwardSubsequentlyUsed.expected @@ -1,4 +1,4 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A18-9-4/ArgumentToForwardSubsequentlyUsed.ql:22,10-18) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A18-9-4/ArgumentToForwardSubsequentlyUsed.ql:24,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A18-9-4/ArgumentToForwardSubsequentlyUsed.ql:24,30-38) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A18-9-4/ArgumentToForwardSubsequentlyUsed.ql:22,10-18) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A18-9-4/ArgumentToForwardSubsequentlyUsed.ql:24,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A18-9-4/ArgumentToForwardSubsequentlyUsed.ql:24,30-38) | test.cpp:8:5:8:6 | t2 | The argument $@ of `std::forward` may be indeterminate when accessed at this location. | test.cpp:7:45:7:46 | t2 | t2 | diff --git a/cpp/autosar/test/rules/A20-8-4/SharedPointerUsedWithNoOwnershipSharing.expected b/cpp/autosar/test/rules/A20-8-4/SharedPointerUsedWithNoOwnershipSharing.expected index 6d9dddd574..2344d46d59 100644 --- a/cpp/autosar/test/rules/A20-8-4/SharedPointerUsedWithNoOwnershipSharing.expected +++ b/cpp/autosar/test/rules/A20-8-4/SharedPointerUsedWithNoOwnershipSharing.expected @@ -1,4 +1,4 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A20-8-4/SharedPointerUsedWithNoOwnershipSharing.ql:47,7-15) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A20-8-4/SharedPointerUsedWithNoOwnershipSharing.ql:47,7-15) | test.cpp:14:24:14:26 | sp3 | The ownership of shared_ptr $@ is not shared within or passed out of the local scope of function $@. | test.cpp:14:24:14:26 | sp3 | sp3 | test.cpp:11:22:11:23 | f1 | f1 | | test.cpp:16:24:16:26 | sp5 | The ownership of shared_ptr $@ is not shared within or passed out of the local scope of function $@. | test.cpp:16:24:16:26 | sp5 | sp5 | test.cpp:11:22:11:23 | f1 | f1 | | test.cpp:17:24:17:26 | sp6 | The ownership of shared_ptr $@ is not shared within or passed out of the local scope of function $@. | test.cpp:17:24:17:26 | sp6 | sp6 | test.cpp:11:22:11:23 | f1 | f1 | diff --git a/cpp/autosar/test/rules/A27-0-4/CStyleStringsUsed.expected b/cpp/autosar/test/rules/A27-0-4/CStyleStringsUsed.expected index ec330112c1..0094ed8531 100644 --- a/cpp/autosar/test/rules/A27-0-4/CStyleStringsUsed.expected +++ b/cpp/autosar/test/rules/A27-0-4/CStyleStringsUsed.expected @@ -1,6 +1,6 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A27-0-4/CStyleStringsUsed.ql:39,3-11) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A27-0-4/CStyleStringsUsed.ql:39,23-31) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A27-0-4/CStyleStringsUsed.ql:39,47-55) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A27-0-4/CStyleStringsUsed.ql:39,3-11) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A27-0-4/CStyleStringsUsed.ql:39,23-31) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A27-0-4/CStyleStringsUsed.ql:39,47-55) | test.cpp:7:20:7:27 | CodeQL | Usage of C-style string in $@. | test.cpp:7:20:7:27 | CodeQL | expression | | test.cpp:7:20:7:27 | CodeQL | Usage of C-style string in $@. | test.cpp:16:16:16:17 | a1 | expression | | test.cpp:8:22:8:26 | call to c_str | Usage of C-style string in $@. | test.cpp:8:22:8:26 | call to c_str | expression | diff --git a/cpp/autosar/test/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.expected b/cpp/autosar/test/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.expected index 9a2f863ec8..53da5e375c 100644 --- a/cpp/autosar/test/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.expected +++ b/cpp/autosar/test/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.expected @@ -1,9 +1,9 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.ql:21,8-16) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.ql:45,58-66) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.ql:50,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.ql:59,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.ql:65,55-63) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.ql:66,3-11) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.ql:21,8-16) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.ql:45,58-66) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.ql:50,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.ql:59,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.ql:65,55-63) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A5-0-4/PointerArithmeticUsedWithPointersToNonFinalClasses.ql:66,3-11) edges | test.cpp:10:18:10:20 | foo | test.cpp:11:23:11:25 | foo | | test.cpp:10:18:10:20 | foo | test.cpp:11:50:11:52 | foo | diff --git a/cpp/autosar/test/rules/A5-1-7/LambdaPassedToDecltype.expected b/cpp/autosar/test/rules/A5-1-7/LambdaPassedToDecltype.expected index e190580aba..0c247cf3bb 100644 --- a/cpp/autosar/test/rules/A5-1-7/LambdaPassedToDecltype.expected +++ b/cpp/autosar/test/rules/A5-1-7/LambdaPassedToDecltype.expected @@ -1,6 +1,6 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToDecltype.ql:20,45-53) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToDecltype.ql:23,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToDecltype.ql:25,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToDecltype.ql:39,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToDecltype.ql:39,50-58) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToDecltype.ql:20,45-53) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToDecltype.ql:23,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToDecltype.ql:25,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToDecltype.ql:39,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToDecltype.ql:39,50-58) | test.cpp:14:23:14:24 | decltype(...) | Lambda $@ passed as operand to decltype. | test.cpp:5:13:5:30 | [...](...){...} | expression | diff --git a/cpp/autosar/test/rules/A5-1-7/LambdaPassedToTypeid.expected b/cpp/autosar/test/rules/A5-1-7/LambdaPassedToTypeid.expected index 09f34049a8..307ac17d11 100644 --- a/cpp/autosar/test/rules/A5-1-7/LambdaPassedToTypeid.expected +++ b/cpp/autosar/test/rules/A5-1-7/LambdaPassedToTypeid.expected @@ -1,9 +1,9 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToTypeid.ql:19,8-16) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToTypeid.ql:21,40-48) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToTypeid.ql:24,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToTypeid.ql:26,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToTypeid.ql:31,6-14) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToTypeid.ql:31,33-41) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToTypeid.ql:19,8-16) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToTypeid.ql:21,40-48) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToTypeid.ql:24,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToTypeid.ql:26,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToTypeid.ql:31,6-14) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A5-1-7/LambdaPassedToTypeid.ql:31,33-41) edges | test.cpp:5:13:5:30 | [...](...){...} | test.cpp:8:38:8:39 | l1 | | test.cpp:6:13:6:30 | [...](...){...} | test.cpp:9:38:9:39 | l2 | diff --git a/cpp/autosar/test/rules/A7-5-1/InvalidFunctionReturnType.expected b/cpp/autosar/test/rules/A7-5-1/InvalidFunctionReturnType.expected index 3e4fde12ec..862c45bdc1 100644 --- a/cpp/autosar/test/rules/A7-5-1/InvalidFunctionReturnType.expected +++ b/cpp/autosar/test/rules/A7-5-1/InvalidFunctionReturnType.expected @@ -1,5 +1,5 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A7-5-1/InvalidFunctionReturnType.ql:27,3-11) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A7-5-1/InvalidFunctionReturnType.ql:27,23-31) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A7-5-1/InvalidFunctionReturnType.ql:27,51-59) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A7-5-1/InvalidFunctionReturnType.ql:27,3-11) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A7-5-1/InvalidFunctionReturnType.ql:27,23-31) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A7-5-1/InvalidFunctionReturnType.ql:27,51-59) | test.cpp:5:3:5:11 | return ... | Function test_refconst_return returns a reference or a pointer to $@ that is passed by reference to const. | test.cpp:4:44:4:44 | x | parameter | | test.cpp:8:3:8:14 | return ... | Function test_ptrconst_return returns a reference or a pointer to $@ that is passed by reference to const. | test.cpp:7:44:7:44 | x | parameter | diff --git a/cpp/autosar/test/rules/A8-4-11/SmartPointerAsParameterWithoutLifetimeSemantics.expected b/cpp/autosar/test/rules/A8-4-11/SmartPointerAsParameterWithoutLifetimeSemantics.expected index 4621eed8a2..5407225de9 100644 --- a/cpp/autosar/test/rules/A8-4-11/SmartPointerAsParameterWithoutLifetimeSemantics.expected +++ b/cpp/autosar/test/rules/A8-4-11/SmartPointerAsParameterWithoutLifetimeSemantics.expected @@ -1,5 +1,5 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A8-4-11/SmartPointerAsParameterWithoutLifetimeSemantics.ql:47,3-11) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A8-4-11/SmartPointerAsParameterWithoutLifetimeSemantics.ql:56,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A8-4-11/SmartPointerAsParameterWithoutLifetimeSemantics.ql:47,3-11) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A8-4-11/SmartPointerAsParameterWithoutLifetimeSemantics.ql:56,5-13) | test.cpp:7:41:7:43 | up1 | Function $@ takes smart pointer parameter 'up1' but does not implement any lifetime-affecting operations. | test.cpp:7:6:7:18 | smart_ptr_get | smart_ptr_get | | test.cpp:16:53:16:55 | sp1 | Function $@ takes smart pointer parameter 'sp1' but does not implement any lifetime-affecting operations. | test.cpp:16:6:16:29 | smart_ptr_ref_assign_ref | smart_ptr_ref_assign_ref | | test.cpp:28:55:28:57 | sp1 | Function $@ takes smart pointer parameter 'sp1' but does not implement any lifetime-affecting operations. | test.cpp:28:6:28:31 | smart_ptr_ref_noncompliant | smart_ptr_ref_noncompliant | diff --git a/cpp/autosar/test/rules/A8-4-12/UniquePtrPassedToFunctionWithImproperSemantics.expected b/cpp/autosar/test/rules/A8-4-12/UniquePtrPassedToFunctionWithImproperSemantics.expected index 928d6e7d3b..4b3c93e932 100644 --- a/cpp/autosar/test/rules/A8-4-12/UniquePtrPassedToFunctionWithImproperSemantics.expected +++ b/cpp/autosar/test/rules/A8-4-12/UniquePtrPassedToFunctionWithImproperSemantics.expected @@ -1,5 +1,5 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A8-4-12/UniquePtrPassedToFunctionWithImproperSemantics.ql:41,3-11) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A8-4-12/UniquePtrPassedToFunctionWithImproperSemantics.ql:51,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A8-4-12/UniquePtrPassedToFunctionWithImproperSemantics.ql:41,3-11) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A8-4-12/UniquePtrPassedToFunctionWithImproperSemantics.ql:51,5-13) | test.cpp:13:55:13:56 | v1 | Parameter of type std::unique_ptr passed as lvalue reference but not used to modify underlying object. | | test.cpp:17:47:17:48 | v1 | Parameter of type std::unique_ptr passed as lvalue reference but not used to modify underlying object. | | test.cpp:22:27:22:28 | v1 | Parameter of type std::unique_ptr passed as lvalue reference but not used to modify underlying object. | diff --git a/cpp/autosar/test/rules/A8-4-9/InOutParametersDeclaredAsTNotModified.expected b/cpp/autosar/test/rules/A8-4-9/InOutParametersDeclaredAsTNotModified.expected index 0da8f4c1be..7025275fa2 100644 --- a/cpp/autosar/test/rules/A8-4-9/InOutParametersDeclaredAsTNotModified.expected +++ b/cpp/autosar/test/rules/A8-4-9/InOutParametersDeclaredAsTNotModified.expected @@ -1,5 +1,5 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A8-4-9/InOutParametersDeclaredAsTNotModified.ql:49,7-15) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A8-4-9/InOutParametersDeclaredAsTNotModified.ql:63,7-15) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A8-4-9/InOutParametersDeclaredAsTNotModified.ql:49,7-15) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A8-4-9/InOutParametersDeclaredAsTNotModified.ql:63,7-15) | test.cpp:4:13:4:13 | i | In-out parameter i that is not written to. | | test.cpp:7:22:7:24 | str | In-out parameter str that is not read from. | | test.cpp:18:14:18:14 | i | In-out parameter i that is not read from. | diff --git a/cpp/autosar/test/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.expected b/cpp/autosar/test/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.expected index e98002c3af..6f8545a4f2 100644 --- a/cpp/autosar/test/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.expected +++ b/cpp/autosar/test/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.expected @@ -1,6 +1,6 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.ql:72,3-11) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.ql:72,23-31) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.ql:72,46-54) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.ql:72,3-11) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.ql:72,23-31) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/A9-3-1/ReturnsNonConstRawPointersOrReferencesToPrivateOrProtectedData.ql:72,46-54) | test.cpp:20:8:20:12 | getB2 | Member function A::getB2 $@ a non-const raw pointer or reference to a private or protected $@. | test.cpp:20:25:20:25 | b | returns | test.cpp:54:7:54:7 | b | field | | test.cpp:22:8:22:12 | getB3 | Member function A::getB3 $@ a non-const raw pointer or reference to a private or protected $@. | test.cpp:22:25:22:26 | & ... | returns | test.cpp:54:7:54:7 | b | field | | test.cpp:24:8:24:13 | getB33 | Member function A::getB33 $@ a non-const raw pointer or reference to a private or protected $@. | test.cpp:26:12:26:13 | bb | returns | test.cpp:54:7:54:7 | b | field | diff --git a/cpp/autosar/test/rules/M0-3-2/FunctionErroneousReturnValueNotTested.expected b/cpp/autosar/test/rules/M0-3-2/FunctionErroneousReturnValueNotTested.expected index f972749bd7..b0ccfabffb 100644 --- a/cpp/autosar/test/rules/M0-3-2/FunctionErroneousReturnValueNotTested.expected +++ b/cpp/autosar/test/rules/M0-3-2/FunctionErroneousReturnValueNotTested.expected @@ -1,4 +1,4 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/M0-3-2/FunctionErroneousReturnValueNotTested.ql:70,9-17) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/M0-3-2/FunctionErroneousReturnValueNotTested.ql:70,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/M0-3-2/FunctionErroneousReturnValueNotTested.ql:70,53-61) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/M0-3-2/FunctionErroneousReturnValueNotTested.ql:70,9-17) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/M0-3-2/FunctionErroneousReturnValueNotTested.ql:70,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/M0-3-2/FunctionErroneousReturnValueNotTested.ql:70,53-61) | test.cpp:16:3:16:8 | call to remove | Return value is not tested for errors. | diff --git a/cpp/autosar/test/rules/M3-9-3/UnderlyingBitRepresentationsOfFloatingPointValuesUsed.expected b/cpp/autosar/test/rules/M3-9-3/UnderlyingBitRepresentationsOfFloatingPointValuesUsed.expected index 7dbc937202..bd0f8680ee 100644 --- a/cpp/autosar/test/rules/M3-9-3/UnderlyingBitRepresentationsOfFloatingPointValuesUsed.expected +++ b/cpp/autosar/test/rules/M3-9-3/UnderlyingBitRepresentationsOfFloatingPointValuesUsed.expected @@ -1,5 +1,5 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/M3-9-3/UnderlyingBitRepresentationsOfFloatingPointValuesUsed.ql:27,22-30) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/M3-9-3/UnderlyingBitRepresentationsOfFloatingPointValuesUsed.ql:36,10-18) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/M3-9-3/UnderlyingBitRepresentationsOfFloatingPointValuesUsed.ql:37,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/M3-9-3/UnderlyingBitRepresentationsOfFloatingPointValuesUsed.ql:27,22-30) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/M3-9-3/UnderlyingBitRepresentationsOfFloatingPointValuesUsed.ql:36,10-18) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/M3-9-3/UnderlyingBitRepresentationsOfFloatingPointValuesUsed.ql:37,5-13) | test.cpp:5:3:5:20 | ... &= ... | Modification of bit-representation of float originated at $@ | test.cpp:4:24:4:60 | reinterpret_cast... | cast | | test.cpp:12:3:12:14 | ... &= ... | Modification of bit-representation of float originated at $@ | test.cpp:11:18:11:30 | (uint8_t *)... | cast | diff --git a/cpp/autosar/test/rules/M9-3-1/ConstMemberFunctionReturnsNonConstPointer.expected b/cpp/autosar/test/rules/M9-3-1/ConstMemberFunctionReturnsNonConstPointer.expected index c85bfc587c..9c77779fff 100644 --- a/cpp/autosar/test/rules/M9-3-1/ConstMemberFunctionReturnsNonConstPointer.expected +++ b/cpp/autosar/test/rules/M9-3-1/ConstMemberFunctionReturnsNonConstPointer.expected @@ -1,5 +1,5 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/M9-3-1/ConstMemberFunctionReturnsNonConstPointer.ql:53,7-15) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/autosar/src/rules/M9-3-1/ConstMemberFunctionReturnsNonConstPointer.ql:55,7-15) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/M9-3-1/ConstMemberFunctionReturnsNonConstPointer.ql:53,7-15) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/autosar/src/rules/M9-3-1/ConstMemberFunctionReturnsNonConstPointer.ql:55,7-15) | test.cpp:8:8:8:11 | getA | Const member function returns a pointer to class data $@. | test.cpp:3:8:3:8 | a | a | | test.cpp:9:8:9:11 | getB | Const member function returns a pointer to class data $@. | test.cpp:4:8:4:8 | b | b | | test.cpp:11:6:11:12 | getThis | Const member function returns a pointer to class data $@. | test.cpp:11:36:11:39 | this | this | diff --git a/cpp/cert/test/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.expected b/cpp/cert/test/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.expected index ddd5bfce3a..43a2ccd342 100644 --- a/cpp/cert/test/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.expected +++ b/cpp/cert/test/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.expected @@ -1,12 +1,12 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:97,7-15) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:97,27-35) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:98,9-17) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:102,9-17) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:102,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:103,11-19) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:113,35-43) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:114,11-19) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:113,9-22) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:97,7-15) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:97,27-35) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:98,9-17) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:102,9-17) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:102,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:103,11-19) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:113,35-43) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:114,11-19) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.ql:113,9-22) | test.cpp:8:42:8:46 | call to begin | Output iterator for $@ is not guaranteed to be large enough for the input iterator. | test.cpp:8:3:8:11 | call to copy | call to copy | | test.cpp:17:42:17:46 | call to begin | Output iterator for $@ is not guaranteed to be large enough for the input iterator. | test.cpp:17:3:17:11 | call to copy | call to copy | | test.cpp:55:42:55:46 | call to begin | Output iterator for $@ is not guaranteed to be large enough for the input iterator. | test.cpp:55:3:55:11 | call to copy | call to copy | diff --git a/cpp/cert/test/rules/CTR53-CPP/UseValidIteratorRanges.expected b/cpp/cert/test/rules/CTR53-CPP/UseValidIteratorRanges.expected index e4468b65a4..ff23523aee 100644 --- a/cpp/cert/test/rules/CTR53-CPP/UseValidIteratorRanges.expected +++ b/cpp/cert/test/rules/CTR53-CPP/UseValidIteratorRanges.expected @@ -1,9 +1,9 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.ql:23,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.ql:23,25-33) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.ql:24,7-15) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.ql:30,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.ql:30,25-33) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.ql:31,7-15) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.ql:23,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.ql:23,25-33) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.ql:24,7-15) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.ql:30,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.ql:30,25-33) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.ql:31,7-15) | test.cpp:7:3:7:15 | call to for_each | The $@ of iterator range function does not point to the end of an iterator. | test.cpp:7:28:7:32 | call to begin | argument | | test.cpp:7:3:7:15 | call to for_each | The $@ of iterator range function does not point to the start of an iterator. | test.cpp:7:19:7:21 | call to end | argument | | test.cpp:8:3:8:15 | call to for_each | The $@ of iterator range function does not point to the end of an iterator. | test.cpp:8:30:8:34 | call to begin | argument | diff --git a/cpp/cert/test/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.expected b/cpp/cert/test/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.expected index d08d579e97..86c028e2fa 100644 --- a/cpp/cert/test/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.expected +++ b/cpp/cert/test/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.expected @@ -1,9 +1,9 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.ql:17,8-16) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.ql:41,58-66) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.ql:46,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.ql:55,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.ql:61,55-63) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.ql:62,3-11) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.ql:17,8-16) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.ql:41,58-66) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.ql:46,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.ql:55,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.ql:61,55-63) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.ql:62,3-11) edges | test.cpp:15:19:15:21 | foo | test.cpp:16:24:16:26 | foo | | test.cpp:15:19:15:21 | foo | test.cpp:16:51:16:53 | foo | diff --git a/cpp/cert/test/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.expected b/cpp/cert/test/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.expected index 637881f49b..23ff8bf735 100644 --- a/cpp/cert/test/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.expected +++ b/cpp/cert/test/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.expected @@ -1,27 +1,27 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:24,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:24,59-67) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:27,33-41) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:27,57-65) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:31,33-41) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:31,59-67) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:40,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:40,25-33) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:40,53-61) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:43,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:43,57-65) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:52,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:52,55-63) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:59,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:59,57-65) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:71,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:71,55-63) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:24,5-18) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:27,7-20) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:31,7-20) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:43,5-18) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:52,5-18) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:59,5-18) -WARNING: Module TaintTracking has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:71,5-18) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:24,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:24,59-67) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:27,33-41) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:27,57-65) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:31,33-41) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:31,59-67) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:40,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:40,25-33) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:40,53-61) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:43,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:43,57-65) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:52,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:52,55-63) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:59,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:59,57-65) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:71,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:71,55-63) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:24,5-18) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:27,7-20) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:31,7-20) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:43,5-18) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:52,5-18) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:59,5-18) +WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql:71,5-18) | test.cpp:82:3:82:4 | call to f2 | Depending on the order of evaluation for the arguments $@ and $@ for side effects on shared state is unspecified and can result in unexpected behavior. | test.cpp:82:6:82:7 | call to f5 | call to f5 | test.cpp:82:12:82:13 | call to f6 | call to f6 | | test.cpp:84:3:84:4 | call to f2 | Depending on the order of evaluation for the arguments $@ and $@ for side effects on shared state is unspecified and can result in unexpected behavior. | test.cpp:84:6:84:7 | call to f5 | call to f5 | test.cpp:84:12:84:13 | call to f7 | call to f7 | | test.cpp:87:3:87:4 | call to f2 | Depending on the order of evaluation for the arguments $@ and $@ for side effects on shared state is unspecified and can result in unexpected behavior. | test.cpp:87:9:87:10 | call to m1 | call to m1 | test.cpp:87:18:87:19 | call to m1 | call to m1 | diff --git a/cpp/cert/test/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.expected b/cpp/cert/test/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.expected index 9feeb8d84b..7074fa6ee5 100644 --- a/cpp/cert/test/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.expected +++ b/cpp/cert/test/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.expected @@ -1,9 +1,9 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:17,8-16) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:19,40-48) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:22,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:24,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:30,36-44) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:30,63-71) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:17,8-16) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:19,40-48) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:22,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:24,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:30,36-44) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:30,63-71) edges | test.cpp:6:19:6:37 | new[] | test.cpp:9:12:9:13 | l1 | | test.cpp:7:22:7:40 | new[] | test.cpp:10:12:10:13 | l2 | diff --git a/cpp/cert/test/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.expected b/cpp/cert/test/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.expected index 4bc20ca88c..c9144fd9a4 100644 --- a/cpp/cert/test/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.expected +++ b/cpp/cert/test/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.expected @@ -1,8 +1,8 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql:59,5-13) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql:61,36-44) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql:77,42-50) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql:80,31-39) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql:84,29-37) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql:92,50-58) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql:59,5-13) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql:61,36-44) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql:77,42-50) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql:80,31-39) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql:84,29-37) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.ql:92,50-58) | test.cpp:24:7:24:34 | new | nothrow new allocation of $@ returns here without a subsequent check to see whether the pointer is valid. | test.cpp:24:7:24:34 | new | StructA * | | test.cpp:40:17:40:38 | call to allocate_without_check | nothrow new allocation of $@ returns here without a subsequent check to see whether the pointer is valid. | test.cpp:35:17:35:44 | new | StructA * | diff --git a/cpp/cert/test/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.expected b/cpp/cert/test/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.expected index 1b814495a6..7225190e38 100644 --- a/cpp/cert/test/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.expected +++ b/cpp/cert/test/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.expected @@ -1,6 +1,6 @@ -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.ql:18,8-16) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.ql:25,38-46) -WARNING: Module DataFlow has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.ql:25,65-73) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.ql:18,8-16) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.ql:25,38-46) +WARNING: Module DataFlow has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.ql:25,65-73) edges nodes | test.cpp:16:26:16:31 | call to malloc | semmle.label | call to malloc | diff --git a/cpp/cert/test/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.expected b/cpp/cert/test/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.expected index dd7655e7e6..e9ffa91297 100644 --- a/cpp/cert/test/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.expected +++ b/cpp/cert/test/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.expected @@ -1,6 +1,6 @@ -WARNING: Module DataFlow2 has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.ql:17,8-17) -WARNING: Module DataFlow2 has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.ql:19,38-47) -WARNING: Module DataFlow2 has been deprecated and may be removed in future (/Users/mathias/codeql-coding-standards/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.ql:19,66-75) +WARNING: Module DataFlow2 has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.ql:17,8-17) +WARNING: Module DataFlow2 has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.ql:19,38-47) +WARNING: Module DataFlow2 has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.ql:19,66-75) edges | test.cpp:16:26:16:31 | call to malloc | test.cpp:22:8:22:9 | a1 | | test.cpp:17:38:17:43 | call to malloc | test.cpp:23:8:23:9 | a2 | From 958802ae4608c3c7303f4e6698a4361a8ead3840 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Tue, 18 Jul 2023 17:46:00 +0200 Subject: [PATCH 1135/2573] Fix more deprecation warnings --- .../rules/MSC51-CPP/BadlySeededRandomNumberGenerator.expected | 1 + 1 file changed, 1 insertion(+) diff --git a/cpp/cert/test/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.expected b/cpp/cert/test/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.expected index 0128221ffc..cf4878d949 100644 --- a/cpp/cert/test/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.expected +++ b/cpp/cert/test/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.expected @@ -1,3 +1,4 @@ +WARNING: Module TaintTracking has been deprecated and may be removed in future (/home/runner/work/semmle-code/semmle-code/codeql-coding-standards/cpp/cert/src/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.ql:37,7-20) | test.cpp:9:33:9:33 | call to linear_congruential_engine | Random number generator linear_congruential_engine is default-initialized and is therefore not properly seeded. | | test.cpp:10:30:10:31 | call to linear_congruential_engine | Random number generator linear_congruential_engine is default-initialized and is therefore not properly seeded. | | test.cpp:11:21:11:22 | call to linear_congruential_engine | Random number generator linear_congruential_engine is default-initialized and is therefore not properly seeded. | From 5c0680facbfab645357fee9c07376ec406349646 Mon Sep 17 00:00:00 2001 From: jsinglet Date: Thu, 20 Jul 2023 13:49:07 +0000 Subject: [PATCH 1136/2573] Version bump to 2.21.0-dev. --- c/cert/src/qlpack.yml | 2 +- c/cert/test/qlpack.yml | 2 +- c/common/src/qlpack.yml | 2 +- c/common/test/qlpack.yml | 2 +- c/misra/src/qlpack.yml | 2 +- c/misra/test/qlpack.yml | 2 +- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/qlpack.yml | 2 +- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/qlpack.yml | 2 +- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/qlpack.yml | 2 +- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/qlpack.yml | 2 +- cpp/report/src/qlpack.yml | 2 +- docs/user_manual.md | 10 +++++----- 16 files changed, 20 insertions(+), 20 deletions(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index c4ac43a686..e914a04ff8 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards -version: 2.19.0-dev +version: 2.21.0-dev description: CERT C 2016 suites: codeql-suites license: MIT diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index f9048ac6de..4851e3f1cd 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-c-coding-standards-tests -version: 2.19.0-dev +version: 2.21.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 51d3b1d4d0..95700bc433 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards -version: 2.19.0-dev +version: 2.21.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index 66f9df1ed0..cfb440c039 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-c-coding-standards-tests -version: 2.19.0-dev +version: 2.21.0-dev extractor: cpp license: MIT dependencies: diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index e1f72b6927..b4d9a9a970 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards -version: 2.19.0-dev +version: 2.21.0-dev description: MISRA C 2012 suites: codeql-suites license: MIT diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index 9638aa4e0a..3cb8496e8f 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-c-coding-standards-tests -version: 2.19.0-dev +version: 2.21.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index f26045503a..57f3585de7 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards -version: 2.19.0-dev +version: 2.21.0-dev description: AUTOSAR C++14 Guidelines R22-11, R21-11, R20-11, R19-11 and R19-03 suites: codeql-suites license: MIT diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index d7c592d43e..39894c7646 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/autosar-cpp-coding-standards-tests -version: 2.19.0-dev +version: 2.21.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index da27e1a2c3..ac8c26d143 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards -version: 2.19.0-dev +version: 2.21.0-dev description: CERT C++ 2016 suites: codeql-suites license: MIT diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index 48ec67a682..e1824cc8fd 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cert-cpp-coding-standards-tests -version: 2.19.0-dev +version: 2.21.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index 05d80dbaf6..a31c9ac6ea 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards -version: 2.19.0-dev +version: 2.21.0-dev license: MIT dependencies: codeql/cpp-all: 0.3.5 diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index 3785c2a8d3..36f215a51b 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/common-cpp-coding-standards-tests -version: 2.19.0-dev +version: 2.21.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index e2e75ed72c..b0bee57cdf 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards -version: 2.19.0-dev +version: 2.21.0-dev description: MISRA C++ 2008 suites: codeql-suites license: MIT diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index 6e76c0703c..641f118252 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/misra-cpp-coding-standards-tests -version: 2.19.0-dev +version: 2.21.0-dev extractor: cpp license: MIT dependencies: diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index de00a4778a..ce8c9e3baa 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/report-cpp-coding-standards -version: 2.19.0-dev +version: 2.21.0-dev license: MIT dependencies: codeql/cpp-all: 0.3.5 diff --git a/docs/user_manual.md b/docs/user_manual.md index f59ecc6287..29e5e737c9 100644 --- a/docs/user_manual.md +++ b/docs/user_manual.md @@ -24,13 +24,13 @@ ## Release information -This user manual documents release `2.19.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). +This user manual documents release `2.21.0-dev` of the coding standards located at [https://github.com/github/codeql-coding-standards](https://github.com/github/codeql-coding-standards). The release page documents the release notes and contains the following artifacts part of the release: -- `code-scanning-cpp-query-pack-anon-2.19.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. -- `supported_rules_list_2.19.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. +- `code-scanning-cpp-query-pack-anon-2.21.0-dev.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_. +- `supported_rules_list_2.21.0-dev.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule. - `upported_rules_list_2.18.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule. -- `user_manual_2.19.0-dev.md`: This user manual. +- `user_manual_2.21.0-dev.md`: This user manual. - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards - `checksums.txt`: A text file containing sha256 checksums for the aforementioned artifacts. @@ -460,7 +460,7 @@ This section describes known failure modes for "CodeQL Coding Standards" and des | | Ouf of space | Less output. Some files may be only be partially analyzed, or not analyzed at all. | Error reported on the command line. | Increase space. If it remains an issue report space consumption issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False positives | More output. Results are reported which are not violations of the guidelines. | All reported results must be reviewed. | Report false positive issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | | | False negatives | Less output. Violations of the guidelines are not reported. | Other validation and verification processes during software development should be used to complement the analysis performed by CodeQL Coding Standards. | Report false negative issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues). | -| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.19.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | +| | Modifying coding standard suite | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported. | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.21.0-dev.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications. | | | Incorrect deviation record specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation records with a reason. Ensure that all deviation records are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Incorrect deviation permit specification | More output. Results are reported for guidelines for which a deviation is assigned. | Analysis integrity report lists all deviations and incorrectly specified deviation permits with a reason. Ensure that all deviation permits are correctly specified. | Ensure that the deviation record is specified according to the specification in the user manual. | | | Unapproved use of a deviation record | Less output. Results for guideline violations are not reported. | Validate that the deviation record use is approved by verifying the approved-by attribute of the deviation record specification. | Ensure that each raised deviation record is approved by an independent approver through an auditable process. | From aab3a88bf9e9f9be34f811d71262dec635236dfb Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 23 Jul 2023 15:08:58 +0100 Subject: [PATCH 1137/2573] Pointers: 0 is a null pointer constant According to MISRA C 2012 8.11 zero is a null pointer constant, and so should not be flagged as non_compliant. --- c/common/src/codingstandards/c/Pointers.qll | 7 +------ ...ConversionBetweenPointerToObjectAndIntegerType.expected | 3 --- c/misra/test/rules/RULE-11-4/test.c | 4 ++-- 3 files changed, 3 insertions(+), 11 deletions(-) diff --git a/c/common/src/codingstandards/c/Pointers.qll b/c/common/src/codingstandards/c/Pointers.qll index 458c2271eb..6410b81322 100644 --- a/c/common/src/codingstandards/c/Pointers.qll +++ b/c/common/src/codingstandards/c/Pointers.qll @@ -62,12 +62,7 @@ class ArrayPointerArithmeticExpr extends PointerArithmeticExpr, ArrayExpr { predicate isNullPointerConstant(Expr e) { e.findRootCause() instanceof NULLMacro or - exists(CStyleCast c | - not c.isImplicit() and - c.getExpr() = e and - e instanceof Zero and - c.getType() instanceof VoidPointerType - ) + e instanceof Zero or isNullPointerConstant(e.(Conversion).getExpr()) } diff --git a/c/misra/test/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.expected b/c/misra/test/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.expected index 5fedfdcce4..060de9944f 100644 --- a/c/misra/test/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.expected +++ b/c/misra/test/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.expected @@ -1,6 +1,3 @@ -| test.c:5:21:5:42 | (unsigned int)... | Cast performed between a pointer to object type and a pointer to an integer type. | -| test.c:5:35:5:42 | (int *)... | Cast performed between a pointer to object type and a pointer to an integer type. | | test.c:6:21:6:37 | (unsigned int)... | Cast performed between a pointer to object type and a pointer to an integer type. | | test.c:8:8:8:24 | (unsigned int)... | Cast performed between a pointer to object type and a pointer to an integer type. | -| test.c:10:22:10:22 | (unsigned int *)... | Cast performed between a pointer to object type and a pointer to an integer type. | | test.c:12:22:12:39 | (unsigned int *)... | Cast performed between a pointer to object type and a pointer to an integer type. | diff --git a/c/misra/test/rules/RULE-11-4/test.c b/c/misra/test/rules/RULE-11-4/test.c index 25e3f3c4b2..1e3a798b86 100644 --- a/c/misra/test/rules/RULE-11-4/test.c +++ b/c/misra/test/rules/RULE-11-4/test.c @@ -2,12 +2,12 @@ void f1(void) { unsigned int v1 = (unsigned int)(void *)0; // COMPLIANT - unsigned int v2 = (unsigned int)(int *)0; // NON_COMPLIANT + unsigned int v2 = (unsigned int)(int *)0; // COMPLIANT unsigned int v3 = (unsigned int)&v2; // NON_COMPLIANT v3 = v2; // COMPLIANT v3 = (unsigned int)&v2; // NON_COMPLIANT v3 = NULL; // COMPLIANT - unsigned int *v4 = 0; // NON_COMPLIANT + unsigned int *v4 = 0; // COMPLIANT unsigned int *v5 = NULL; // COMPLIANT unsigned int *v6 = (unsigned int *)v2; // NON_COMPLIANT } \ No newline at end of file From 5ad86efd7427cf1f14833a6b28959788cf8c9346 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 23 Jul 2023 21:05:13 +0100 Subject: [PATCH 1138/2573] RULE-11-4: Compress macro results Where results arise from macro expansions, where there's no possibility that the cast was passed in through a macro argument, we compress the results by reporting the macro location once instead of each use. --- ...ionBetweenPointerToObjectAndIntegerType.ql | 25 ++++++++++++++++--- 1 file changed, 22 insertions(+), 3 deletions(-) diff --git a/c/misra/src/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.ql b/c/misra/src/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.ql index 4071cf63b5..72e713c7f1 100644 --- a/c/misra/src/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.ql +++ b/c/misra/src/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.ql @@ -13,15 +13,34 @@ import cpp import codingstandards.c.misra +import codingstandards.cpp.Macro import codingstandards.c.Pointers -from CStyleCast cast, Type typeFrom, Type typeTo +MacroInvocation getAMacroInvocation(CStyleCast cast) { result.getAnExpandedElement() = cast } + +Macro getPrimaryMacro(CStyleCast cast) { + exists(MacroInvocation mi | + mi = getAMacroInvocation(cast) and + not exists(MacroInvocation otherMi | + otherMi = getAMacroInvocation(cast) and otherMi.getParentInvocation() = mi + ) and + result = mi.getMacro() and + not result instanceof FunctionLikeMacro + ) +} + +from Locatable primaryLocation, CStyleCast cast, Type typeFrom, Type typeTo where not isExcluded(cast, Pointers1Package::castBetweenObjectPointerAndDifferentObjectTypeQuery()) and typeFrom = cast.getExpr().getUnderlyingType() and typeTo = cast.getUnderlyingType() and [typeFrom, typeTo] instanceof IntegralType and [typeFrom, typeTo] instanceof PointerToObjectType and - not isNullPointerConstant(cast.getExpr()) -select cast, + not isNullPointerConstant(cast.getExpr()) and + // If this alert is arising through a macro expansion, flag the macro instead, to + // help make the alerts more manageable + if exists(getPrimaryMacro(cast)) + then primaryLocation = getPrimaryMacro(cast) + else primaryLocation = cast +select primaryLocation, "Cast performed between a pointer to object type and a pointer to an integer type." From 916df884a479765497265267a0fc36f40ae564fa Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 23 Jul 2023 21:28:35 +0100 Subject: [PATCH 1139/2573] RULE 11.4: Improve reporting Improve the message by (a) reporting which order the cast is (b) what the actual types are (c) by providing a link to the macro invocation if the cast is created by a function like macro --- ...ionBetweenPointerToObjectAndIntegerType.ql | 63 +++++++++++++++---- ...weenPointerToObjectAndIntegerType.expected | 9 ++- c/misra/test/rules/RULE-11-4/test.c | 12 ++++ 3 files changed, 69 insertions(+), 15 deletions(-) diff --git a/c/misra/src/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.ql b/c/misra/src/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.ql index 72e713c7f1..625aec2220 100644 --- a/c/misra/src/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.ql +++ b/c/misra/src/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.ql @@ -24,23 +24,62 @@ Macro getPrimaryMacro(CStyleCast cast) { not exists(MacroInvocation otherMi | otherMi = getAMacroInvocation(cast) and otherMi.getParentInvocation() = mi ) and - result = mi.getMacro() and - not result instanceof FunctionLikeMacro + result = mi.getMacro() ) } -from Locatable primaryLocation, CStyleCast cast, Type typeFrom, Type typeTo +Macro getNonFunctionPrimaryMacro(CStyleCast cast) { + result = getPrimaryMacro(cast) and + not result instanceof FunctionLikeMacro +} + +from + Locatable primaryLocation, CStyleCast cast, Type typeFrom, Type typeTo, string message, + string extraMessage, Locatable optionalPlaceholderLocation, string optionalPlaceholderMessage where not isExcluded(cast, Pointers1Package::castBetweenObjectPointerAndDifferentObjectTypeQuery()) and typeFrom = cast.getExpr().getUnderlyingType() and typeTo = cast.getUnderlyingType() and - [typeFrom, typeTo] instanceof IntegralType and - [typeFrom, typeTo] instanceof PointerToObjectType and + ( + typeFrom instanceof PointerToObjectType and + typeTo instanceof IntegralType and + message = + "Cast from pointer to object type '" + typeFrom + "' to integer type '" + typeTo + "'" + + extraMessage + "." + or + typeFrom instanceof IntegralType and + typeTo instanceof PointerToObjectType and + message = + "Cast from integer type '" + typeFrom + "' to pointer to object type '" + typeTo + "'" + + extraMessage + "." + ) and not isNullPointerConstant(cast.getExpr()) and - // If this alert is arising through a macro expansion, flag the macro instead, to - // help make the alerts more manageable - if exists(getPrimaryMacro(cast)) - then primaryLocation = getPrimaryMacro(cast) - else primaryLocation = cast -select primaryLocation, - "Cast performed between a pointer to object type and a pointer to an integer type." + // If this alert is arising through a non-function-like macro expansion, flag the macro instead, to + // help make the alerts more manageable. We only do this for non-function-like macros because they + // cannot be context specific. + if exists(getNonFunctionPrimaryMacro(cast)) + then + primaryLocation = getNonFunctionPrimaryMacro(cast) and + extraMessage = "" and + optionalPlaceholderLocation = primaryLocation and + optionalPlaceholderMessage = "" + else ( + primaryLocation = cast and + // If the cast is in a macro expansion which is context specific, we still report the original + // location, but also add a link to the most specific macro that contains the cast, to aid + // validation. + if exists(getPrimaryMacro(cast)) + then + extraMessage = " from expansion of macro $@" and + exists(Macro m | + m = getPrimaryMacro(cast) and + optionalPlaceholderLocation = m and + optionalPlaceholderMessage = m.getName() + ) + else ( + extraMessage = "" and + optionalPlaceholderLocation = cast and + optionalPlaceholderMessage = "" + ) + ) +select primaryLocation, message, optionalPlaceholderLocation, optionalPlaceholderMessage diff --git a/c/misra/test/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.expected b/c/misra/test/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.expected index 060de9944f..44d5ca5943 100644 --- a/c/misra/test/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.expected +++ b/c/misra/test/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.expected @@ -1,3 +1,6 @@ -| test.c:6:21:6:37 | (unsigned int)... | Cast performed between a pointer to object type and a pointer to an integer type. | -| test.c:8:8:8:24 | (unsigned int)... | Cast performed between a pointer to object type and a pointer to an integer type. | -| test.c:12:22:12:39 | (unsigned int *)... | Cast performed between a pointer to object type and a pointer to an integer type. | +| test.c:6:21:6:37 | (unsigned int)... | Cast from pointer to object type 'unsigned int *' to integer type 'unsigned int'. | test.c:6:21:6:37 | (unsigned int)... | | +| test.c:8:8:8:24 | (unsigned int)... | Cast from pointer to object type 'unsigned int *' to integer type 'unsigned int'. | test.c:8:8:8:24 | (unsigned int)... | | +| test.c:12:22:12:39 | (unsigned int *)... | Cast from integer type 'unsigned int' to pointer to object type 'unsigned int *'. | test.c:12:22:12:39 | (unsigned int *)... | | +| test.c:15:1:15:24 | #define FOO (int *)0x200 | Cast from integer type 'int' to pointer to object type 'int *'. | test.c:15:1:15:24 | #define FOO (int *)0x200 | | +| test.c:23:3:23:22 | (int *)... | Cast from integer type 'int' to pointer to object type 'int *' from expansion of macro $@. | test.c:17:1:17:34 | #define FOO_FUNCTIONAL(x) (int *)x | FOO_FUNCTIONAL | +| test.c:24:14:24:25 | (int *)... | Cast from integer type 'int' to pointer to object type 'int *' from expansion of macro $@. | test.c:18:1:18:23 | #define FOO_INSERT(x) x | FOO_INSERT | diff --git a/c/misra/test/rules/RULE-11-4/test.c b/c/misra/test/rules/RULE-11-4/test.c index 1e3a798b86..5a78387247 100644 --- a/c/misra/test/rules/RULE-11-4/test.c +++ b/c/misra/test/rules/RULE-11-4/test.c @@ -10,4 +10,16 @@ void f1(void) { unsigned int *v4 = 0; // COMPLIANT unsigned int *v5 = NULL; // COMPLIANT unsigned int *v6 = (unsigned int *)v2; // NON_COMPLIANT +} + +#define FOO (int *)0x200 // NON_COMPLIANT +#define FOO_WRAPPER FOO; +#define FOO_FUNCTIONAL(x) (int *)x +#define FOO_INSERT(x) x + +void test_macros() { + FOO; // Issue is reported at the macro + FOO_WRAPPER; // Issue is reported at the macro + FOO_FUNCTIONAL(0x200); // NON_COMPLIANT + FOO_INSERT((int *)0x200); // NON_COMPLIANT } \ No newline at end of file From 7aaad937d8e66a640f2dc05827d06339b24a97ee Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Fri, 28 Jul 2023 09:54:14 +0200 Subject: [PATCH 1140/2573] Fix typo in the lifetime profile --- .../cpp/lifetimes/lifetimeprofile/LifetimeProfile.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/lifetimes/lifetimeprofile/LifetimeProfile.qll b/cpp/common/src/codingstandards/cpp/lifetimes/lifetimeprofile/LifetimeProfile.qll index 32d0026241..354dccdc56 100644 --- a/cpp/common/src/codingstandards/cpp/lifetimes/lifetimeprofile/LifetimeProfile.qll +++ b/cpp/common/src/codingstandards/cpp/lifetimes/lifetimeprofile/LifetimeProfile.qll @@ -198,7 +198,7 @@ newtype TPSetEntry = PSetNull(NullReason nr) or /** An invalid pointer, for the given reason. */ PSetInvalid(InvalidReason ir) or - /** An unkown pointer. */ + /** An unknown pointer. */ PSetUnknown() /** From 49d0aef4a6997c7b8d49f787b9903f3517b665c5 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 28 Jul 2023 17:09:43 -0700 Subject: [PATCH 1141/2573] Add change note. --- change_notes/2023-07-28-rule-11-4-improvements.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 change_notes/2023-07-28-rule-11-4-improvements.md diff --git a/change_notes/2023-07-28-rule-11-4-improvements.md b/change_notes/2023-07-28-rule-11-4-improvements.md new file mode 100644 index 0000000000..d97e554a26 --- /dev/null +++ b/change_notes/2023-07-28-rule-11-4-improvements.md @@ -0,0 +1,4 @@ + - `RULE-11-4` + - Reduce false positives by considering `0` a null pointer constant. + - Improve reporting of the order of the cast and the actual types involved. + - Improve reporting where the result is expanded from a macro by either reporting the macro itself (if it is not dependent on the context) or by including a link to the macro in the alert message. \ No newline at end of file From d1f7ebc325296218f51957c76798d02a078eda20 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 28 Jul 2023 17:21:41 -0700 Subject: [PATCH 1142/2573] Update to CodeQL CLI 2.11.6. --- supported_codeql_configs.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/supported_codeql_configs.json b/supported_codeql_configs.json index f5a3e9b573..ff7551a34f 100644 --- a/supported_codeql_configs.json +++ b/supported_codeql_configs.json @@ -1,9 +1,9 @@ { "supported_environment": [ { - "codeql_cli": "2.11.0", - "codeql_standard_library": "codeql-cli/v2.11.0", - "codeql_cli_bundle": "codeql-bundle-20220923" + "codeql_cli": "2.11.6", + "codeql_standard_library": "codeql-cli/v2.11.6", + "codeql_cli_bundle": "codeql-bundle-20221211" } ], "supported_language": [ From a9b155751f40c214c82fba0d26373e5e473cfa17 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 30 Jul 2023 17:50:45 +0100 Subject: [PATCH 1143/2573] Fix CERT C pack name. --- c/cert/src/qlpack.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index 6a4d2c4a0f..6f2707660e 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,4 +1,4 @@ -name: codeql/codeql/cert-c-coding-standards +name: codeql/cert-c-coding-standards version: 2.19.0-dev description: CERT C 2016 suites: codeql-suites From 77d571a7357dd2e4264e947ee7703900ee11d6a2 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 30 Jul 2023 18:39:40 +0100 Subject: [PATCH 1144/2573] Update all codeql/cpp-all dependencies to 0.4.6 This matches the v2.11.6 CodeQL CLI bundle. --- c/cert/src/codeql-pack.lock.yml | 6 +++--- c/cert/src/qlpack.yml | 2 +- c/cert/test/codeql-pack.lock.yml | 6 +++--- c/common/src/codeql-pack.lock.yml | 6 +++--- c/common/src/qlpack.yml | 2 +- c/common/test/codeql-pack.lock.yml | 6 +++--- c/misra/src/codeql-pack.lock.yml | 6 +++--- c/misra/src/qlpack.yml | 2 +- c/misra/test/codeql-pack.lock.yml | 6 +++--- cpp/autosar/src/codeql-pack.lock.yml | 6 +++--- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/codeql-pack.lock.yml | 6 +++--- cpp/cert/src/codeql-pack.lock.yml | 6 +++--- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/codeql-pack.lock.yml | 6 +++--- cpp/common/src/codeql-pack.lock.yml | 6 +++--- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/codeql-pack.lock.yml | 6 +++--- cpp/misra/src/codeql-pack.lock.yml | 6 +++--- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/codeql-pack.lock.yml | 6 +++--- cpp/report/src/codeql-pack.lock.yml | 6 +++--- cpp/report/src/qlpack.yml | 2 +- scripts/generate_modules/queries/codeql-pack.lock.yml | 6 ++++-- scripts/generate_modules/queries/qlpack.yml | 2 +- 25 files changed, 58 insertions(+), 56 deletions(-) diff --git a/c/cert/src/codeql-pack.lock.yml b/c/cert/src/codeql-pack.lock.yml index 95e394b2f4..a7035a9f24 100644 --- a/c/cert/src/codeql-pack.lock.yml +++ b/c/cert/src/codeql-pack.lock.yml @@ -1,8 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.0 + version: 0.4.6 codeql/ssa: - version: 0.0.1 + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index 6f2707660e..3428462642 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -5,4 +5,4 @@ suites: codeql-suites license: MIT dependencies: codeql/common-c-coding-standards: '*' - codeql/cpp-all: 0.4.0 + codeql/cpp-all: 0.4.6 diff --git a/c/cert/test/codeql-pack.lock.yml b/c/cert/test/codeql-pack.lock.yml index 95e394b2f4..a7035a9f24 100644 --- a/c/cert/test/codeql-pack.lock.yml +++ b/c/cert/test/codeql-pack.lock.yml @@ -1,8 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.0 + version: 0.4.6 codeql/ssa: - version: 0.0.1 + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/c/common/src/codeql-pack.lock.yml b/c/common/src/codeql-pack.lock.yml index 95e394b2f4..a7035a9f24 100644 --- a/c/common/src/codeql-pack.lock.yml +++ b/c/common/src/codeql-pack.lock.yml @@ -1,8 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.0 + version: 0.4.6 codeql/ssa: - version: 0.0.1 + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 62d72d88d1..b423bfa795 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -3,4 +3,4 @@ version: 2.19.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.4.0 + codeql/cpp-all: 0.4.6 diff --git a/c/common/test/codeql-pack.lock.yml b/c/common/test/codeql-pack.lock.yml index 95e394b2f4..a7035a9f24 100644 --- a/c/common/test/codeql-pack.lock.yml +++ b/c/common/test/codeql-pack.lock.yml @@ -1,8 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.0 + version: 0.4.6 codeql/ssa: - version: 0.0.1 + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/c/misra/src/codeql-pack.lock.yml b/c/misra/src/codeql-pack.lock.yml index 95e394b2f4..a7035a9f24 100644 --- a/c/misra/src/codeql-pack.lock.yml +++ b/c/misra/src/codeql-pack.lock.yml @@ -1,8 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.0 + version: 0.4.6 codeql/ssa: - version: 0.0.1 + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index a4e7e50d02..78913f0b57 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -5,4 +5,4 @@ suites: codeql-suites license: MIT dependencies: codeql/common-c-coding-standards: '*' - codeql/cpp-all: 0.4.0 + codeql/cpp-all: 0.4.6 diff --git a/c/misra/test/codeql-pack.lock.yml b/c/misra/test/codeql-pack.lock.yml index 95e394b2f4..a7035a9f24 100644 --- a/c/misra/test/codeql-pack.lock.yml +++ b/c/misra/test/codeql-pack.lock.yml @@ -1,8 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.0 + version: 0.4.6 codeql/ssa: - version: 0.0.1 + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/cpp/autosar/src/codeql-pack.lock.yml b/cpp/autosar/src/codeql-pack.lock.yml index 95e394b2f4..a7035a9f24 100644 --- a/cpp/autosar/src/codeql-pack.lock.yml +++ b/cpp/autosar/src/codeql-pack.lock.yml @@ -1,8 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.0 + version: 0.4.6 codeql/ssa: - version: 0.0.1 + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index ee2303ae2f..23cec947cc 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -5,4 +5,4 @@ suites: codeql-suites license: MIT dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.4.0 + codeql/cpp-all: 0.4.6 diff --git a/cpp/autosar/test/codeql-pack.lock.yml b/cpp/autosar/test/codeql-pack.lock.yml index 95e394b2f4..a7035a9f24 100644 --- a/cpp/autosar/test/codeql-pack.lock.yml +++ b/cpp/autosar/test/codeql-pack.lock.yml @@ -1,8 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.0 + version: 0.4.6 codeql/ssa: - version: 0.0.1 + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/cpp/cert/src/codeql-pack.lock.yml b/cpp/cert/src/codeql-pack.lock.yml index 95e394b2f4..a7035a9f24 100644 --- a/cpp/cert/src/codeql-pack.lock.yml +++ b/cpp/cert/src/codeql-pack.lock.yml @@ -1,8 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.0 + version: 0.4.6 codeql/ssa: - version: 0.0.1 + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index a873f7204a..8d92d36591 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -4,5 +4,5 @@ description: CERT C++ 2016 suites: codeql-suites license: MIT dependencies: - codeql/cpp-all: 0.4.0 + codeql/cpp-all: 0.4.6 codeql/common-cpp-coding-standards: '*' diff --git a/cpp/cert/test/codeql-pack.lock.yml b/cpp/cert/test/codeql-pack.lock.yml index 95e394b2f4..a7035a9f24 100644 --- a/cpp/cert/test/codeql-pack.lock.yml +++ b/cpp/cert/test/codeql-pack.lock.yml @@ -1,8 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.0 + version: 0.4.6 codeql/ssa: - version: 0.0.1 + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/cpp/common/src/codeql-pack.lock.yml b/cpp/common/src/codeql-pack.lock.yml index 95e394b2f4..a7035a9f24 100644 --- a/cpp/common/src/codeql-pack.lock.yml +++ b/cpp/common/src/codeql-pack.lock.yml @@ -1,8 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.0 + version: 0.4.6 codeql/ssa: - version: 0.0.1 + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index 39e1cfcea4..07fe320f1b 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/common-cpp-coding-standards version: 2.19.0-dev license: MIT dependencies: - codeql/cpp-all: 0.4.50 \ No newline at end of file + codeql/cpp-all: 0.4.6 \ No newline at end of file diff --git a/cpp/common/test/codeql-pack.lock.yml b/cpp/common/test/codeql-pack.lock.yml index 95e394b2f4..a7035a9f24 100644 --- a/cpp/common/test/codeql-pack.lock.yml +++ b/cpp/common/test/codeql-pack.lock.yml @@ -1,8 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.0 + version: 0.4.6 codeql/ssa: - version: 0.0.1 + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/cpp/misra/src/codeql-pack.lock.yml b/cpp/misra/src/codeql-pack.lock.yml index 95e394b2f4..a7035a9f24 100644 --- a/cpp/misra/src/codeql-pack.lock.yml +++ b/cpp/misra/src/codeql-pack.lock.yml @@ -1,8 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.0 + version: 0.4.6 codeql/ssa: - version: 0.0.1 + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index a1b0015fb7..8b8a78edb5 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -5,4 +5,4 @@ suites: codeql-suites license: MIT dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.4.0 + codeql/cpp-all: 0.4.6 diff --git a/cpp/misra/test/codeql-pack.lock.yml b/cpp/misra/test/codeql-pack.lock.yml index 95e394b2f4..a7035a9f24 100644 --- a/cpp/misra/test/codeql-pack.lock.yml +++ b/cpp/misra/test/codeql-pack.lock.yml @@ -1,8 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.0 + version: 0.4.6 codeql/ssa: - version: 0.0.1 + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/cpp/report/src/codeql-pack.lock.yml b/cpp/report/src/codeql-pack.lock.yml index 95e394b2f4..a7035a9f24 100644 --- a/cpp/report/src/codeql-pack.lock.yml +++ b/cpp/report/src/codeql-pack.lock.yml @@ -1,8 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.0 + version: 0.4.6 codeql/ssa: - version: 0.0.1 + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index ae3f87c1cf..878d34f50c 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/report-cpp-coding-standards version: 2.19.0-dev license: MIT dependencies: - codeql/cpp-all: 0.4.0 + codeql/cpp-all: 0.4.6 diff --git a/scripts/generate_modules/queries/codeql-pack.lock.yml b/scripts/generate_modules/queries/codeql-pack.lock.yml index 1da7b6075b..a7035a9f24 100644 --- a/scripts/generate_modules/queries/codeql-pack.lock.yml +++ b/scripts/generate_modules/queries/codeql-pack.lock.yml @@ -1,6 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.3.5 + version: 0.4.6 + codeql/ssa: + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/scripts/generate_modules/queries/qlpack.yml b/scripts/generate_modules/queries/qlpack.yml index 76ee66f817..e3e1783997 100644 --- a/scripts/generate_modules/queries/qlpack.yml +++ b/scripts/generate_modules/queries/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/standard-library-extraction-cpp-coding-standards version: 0.0.0 license: MIT dependencies: - codeql/cpp-all: 0.3.5 + codeql/cpp-all: 0.4.6 From 0c52590a5f346f5383576bc842bc664e7a90eefe Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 30 Jul 2023 17:43:19 +0000 Subject: [PATCH 1145/2573] Bump requests from 2.25.0 to 2.31.0 in /scripts Bumps [requests](https://github.com/psf/requests) from 2.25.0 to 2.31.0. - [Release notes](https://github.com/psf/requests/releases) - [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md) - [Commits](https://github.com/psf/requests/compare/v2.25.0...v2.31.0) --- updated-dependencies: - dependency-name: requests dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- scripts/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/requirements.txt b/scripts/requirements.txt index 9cacd91c3a..846d18122a 100644 --- a/scripts/requirements.txt +++ b/scripts/requirements.txt @@ -6,7 +6,7 @@ GitPython==3.1.30 idna==2.10 Jinja2==2.11.3 MarkupSafe==1.1.1 -requests==2.25.0 +requests==2.31.0 smmap==3.0.5 soupsieve==2.0.1 urllib3==1.26.5 From 5aabc75ba441f41a5938e0d95f4f57b44773876f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 30 Jul 2023 17:43:33 +0000 Subject: [PATCH 1146/2573] Bump certifi from 2022.12.7 to 2023.7.22 in /scripts Bumps [certifi](https://github.com/certifi/python-certifi) from 2022.12.7 to 2023.7.22. - [Commits](https://github.com/certifi/python-certifi/compare/2022.12.07...2023.07.22) --- updated-dependencies: - dependency-name: certifi dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- scripts/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/requirements.txt b/scripts/requirements.txt index 9cacd91c3a..d51fe7f5c9 100644 --- a/scripts/requirements.txt +++ b/scripts/requirements.txt @@ -1,5 +1,5 @@ beautifulsoup4==4.9.3 -certifi==2022.12.7 +certifi==2023.7.22 chardet==3.0.4 gitdb==4.0.5 GitPython==3.1.30 From c0f13fd3337b85a7c88491c54352870cf768e6f1 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 30 Jul 2023 18:58:14 +0100 Subject: [PATCH 1147/2573] Enable installation of pre-release packs Since 2.11.3 pre-release packs have been ignored CodeQL when installing packs. We re-enable this since we use pre-release packs internally (e.g. in the common packs). --- scripts/install-packs.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/install-packs.py b/scripts/install-packs.py index a0286e2228..5990905a40 100644 --- a/scripts/install-packs.py +++ b/scripts/install-packs.py @@ -18,6 +18,6 @@ for pack in packs: pack_path = os.path.join(root, pack) # Run `codeql pack install` to install dependencies. - command = [args.codeql, 'pack', 'install', '--mode', args.mode, pack_path] + command = [args.codeql, 'pack', 'install', '--alow-prerelease', '--mode', args.mode, pack_path] print(f'Running `{" ".join(command)}`') subprocess.check_call(command) From caa312519048fdd3e2b07e1d65d0866b7c3521ad Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 30 Jul 2023 19:01:32 +0100 Subject: [PATCH 1148/2573] Fix name of allow-prerelease flag. --- scripts/install-packs.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/install-packs.py b/scripts/install-packs.py index 5990905a40..ab45c32818 100644 --- a/scripts/install-packs.py +++ b/scripts/install-packs.py @@ -18,6 +18,6 @@ for pack in packs: pack_path = os.path.join(root, pack) # Run `codeql pack install` to install dependencies. - command = [args.codeql, 'pack', 'install', '--alow-prerelease', '--mode', args.mode, pack_path] + command = [args.codeql, 'pack', 'install', '--allow-prerelease', '--mode', args.mode, pack_path] print(f'Running `{" ".join(command)}`') subprocess.check_call(command) From cd4bbc0ea5a5006fdf599163e85c4dabd9e71063 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 30 Jul 2023 23:05:30 +0100 Subject: [PATCH 1149/2573] Revert "C++: Accept test changes after CodeQL `scanf` work" This reverts commit 760ccdebfeb28e8eaaa9381f913fd77fef46c1a2. This was prematurely included, but was only shipped in 2.12.*. --- .../FIO32-C/DoNotPerformFileOperationsOnDevices.expected | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected b/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected index 824149f294..b4f07d6ca8 100644 --- a/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected +++ b/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected @@ -1,12 +1,16 @@ edges +| test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | file_name indirection | | test.c:20:15:20:23 | scanf output argument | test.c:21:8:21:16 | file_name indirection | +| test.c:45:15:45:23 | file_name | test.c:46:29:46:37 | file_name indirection | | test.c:45:15:45:23 | scanf output argument | test.c:46:29:46:37 | file_name indirection | nodes +| test.c:20:15:20:23 | file_name | semmle.label | file_name | | test.c:20:15:20:23 | scanf output argument | semmle.label | scanf output argument | | test.c:21:8:21:16 | file_name indirection | semmle.label | file_name indirection | +| test.c:45:15:45:23 | file_name | semmle.label | file_name | | test.c:45:15:45:23 | scanf output argument | semmle.label | scanf output argument | | test.c:46:29:46:37 | file_name indirection | semmle.label | file_name indirection | subpaths #select -| test.c:21:8:21:16 | file_name | test.c:20:15:20:23 | scanf output argument | test.c:21:8:21:16 | file_name indirection | This argument to a file access function is derived from $@ and then passed to func(file_name), which calls fopen((unnamed parameter 0)). | test.c:20:15:20:23 | file_name | user input (scanf) | -| test.c:46:29:46:37 | file_name | test.c:45:15:45:23 | scanf output argument | test.c:46:29:46:37 | file_name indirection | This argument to a file access function is derived from $@ and then passed to CreateFile(lpFileName). | test.c:45:15:45:23 | file_name | user input (scanf) | +| test.c:21:8:21:16 | file_name | test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | file_name indirection | This argument to a file access function is derived from $@ and then passed to func(file_name), which calls fopen((unnamed parameter 0)). | test.c:20:15:20:23 | file_name | user input (scanf) | +| test.c:46:29:46:37 | file_name | test.c:45:15:45:23 | file_name | test.c:46:29:46:37 | file_name indirection | This argument to a file access function is derived from $@ and then passed to CreateFile(lpFileName). | test.c:45:15:45:23 | file_name | user input (scanf) | From 68dc174aa914165810062d443f809212f08a0787 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 30 Jul 2023 23:08:09 +0100 Subject: [PATCH 1150/2573] Remove redundant change notes. These were already released with a previous version. --- change_notes/2022-05-04-compiler-generated-fp-M0-1-4.md | 3 --- .../2022-06-01-fix-A8-5-3-braced-initialization-detection.md | 3 --- change_notes/2022-07-15-fix-A7-3-1-location-reporting.md | 2 -- 3 files changed, 8 deletions(-) delete mode 100644 change_notes/2022-05-04-compiler-generated-fp-M0-1-4.md delete mode 100644 change_notes/2022-06-01-fix-A8-5-3-braced-initialization-detection.md delete mode 100644 change_notes/2022-07-15-fix-A7-3-1-location-reporting.md diff --git a/change_notes/2022-05-04-compiler-generated-fp-M0-1-4.md b/change_notes/2022-05-04-compiler-generated-fp-M0-1-4.md deleted file mode 100644 index 8d3a2045f2..0000000000 --- a/change_notes/2022-05-04-compiler-generated-fp-M0-1-4.md +++ /dev/null @@ -1,3 +0,0 @@ - - `M0-1-4` - `SingleUsePODVariable.ql` - - This rule no longer considers compiler-generated access to a variable when determining if the - variable has a single use. diff --git a/change_notes/2022-06-01-fix-A8-5-3-braced-initialization-detection.md b/change_notes/2022-06-01-fix-A8-5-3-braced-initialization-detection.md deleted file mode 100644 index ec48fda73a..0000000000 --- a/change_notes/2022-06-01-fix-A8-5-3-braced-initialization-detection.md +++ /dev/null @@ -1,3 +0,0 @@ -- `A8-5-3` - `AvoidAutoWithBracedInitialization.ql`: - - Fix regression where `auto x{0}` was no longer detected as a braced initialization with type `auto` with the latest CodeQL versions. - - No longer falsely detect cases where braced initialization was not used, but where the inferred type would be `std::initializer_list`. diff --git a/change_notes/2022-07-15-fix-A7-3-1-location-reporting.md b/change_notes/2022-07-15-fix-A7-3-1-location-reporting.md deleted file mode 100644 index b310d1c010..0000000000 --- a/change_notes/2022-07-15-fix-A7-3-1-location-reporting.md +++ /dev/null @@ -1,2 +0,0 @@ -- `A7-3-1` - `DefinitionNotConsideredForUnqualifiedLookup.ql` - - The locations reported for names occurring in using-declarations has improved in the latest CodeQL versions. From 125bfde53a73ef355cc72251a1b1b387131868ed Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Wed, 1 Mar 2023 11:50:03 +0100 Subject: [PATCH 1151/2573] Fix `NULLMacro` deprecation warning --- cpp/common/src/codingstandards/cpp/Concurrency.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/Concurrency.qll b/cpp/common/src/codingstandards/cpp/Concurrency.qll index 5162255de9..7c92d93752 100644 --- a/cpp/common/src/codingstandards/cpp/Concurrency.qll +++ b/cpp/common/src/codingstandards/cpp/Concurrency.qll @@ -857,7 +857,7 @@ class TSSCreateFunctionCall extends ThreadSpecificStorageFunctionCall { TSSCreateFunctionCall() { getTarget().getName() = "tss_create" } predicate hasDeallocator() { - not exists(MacroInvocation mi, NULLMacro nm | + not exists(MacroInvocation mi, NullMacro nm | getArgument(1) = mi.getExpr() and mi = nm.getAnInvocation() ) From 8287ff20a8828d03c5f43124610aaf4d72f3b544 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 30 Jul 2023 23:24:34 +0100 Subject: [PATCH 1152/2573] Add change note. --- change_notes/2023-07-30-update-to-2.11.6.md | 1 + 1 file changed, 1 insertion(+) create mode 100644 change_notes/2023-07-30-update-to-2.11.6.md diff --git a/change_notes/2023-07-30-update-to-2.11.6.md b/change_notes/2023-07-30-update-to-2.11.6.md new file mode 100644 index 0000000000..57664a7ac0 --- /dev/null +++ b/change_notes/2023-07-30-update-to-2.11.6.md @@ -0,0 +1 @@ + - Updated the supported CodeQL version to `2.11.6`. \ No newline at end of file From 84f908656c52f1ec3413d850a9ffb73536c164ef Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 1 Aug 2023 21:21:12 +0100 Subject: [PATCH 1153/2573] Correct errno headers. This should have no impact on tests, but addresses an incompatibility with the standard library structure. --- cpp/common/test/includes/standard-library/cerrno | 3 +-- cpp/common/test/includes/standard-library/errno.h | 8 +++++--- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/cpp/common/test/includes/standard-library/cerrno b/cpp/common/test/includes/standard-library/cerrno index f1957abe6a..679ce128ea 100644 --- a/cpp/common/test/includes/standard-library/cerrno +++ b/cpp/common/test/includes/standard-library/cerrno @@ -1,2 +1 @@ -int __errno; -#define errno __errno \ No newline at end of file +#include \ No newline at end of file diff --git a/cpp/common/test/includes/standard-library/errno.h b/cpp/common/test/includes/standard-library/errno.h index 96195e6e19..be17eeb0b5 100644 --- a/cpp/common/test/includes/standard-library/errno.h +++ b/cpp/common/test/includes/standard-library/errno.h @@ -1,3 +1,5 @@ -namespace std { -typedef int errno_t; -} // namespace std \ No newline at end of file +#ifndef _GHLIBCPP_ERRNO +#define _GHLIBCPP_ERRNO +int __errno; +#define errno __errno +#endif // _GHLIBCPP_ERRNO \ No newline at end of file From 3e2f72b55d514170f620fa8f75a717ed59abb160 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 1 Aug 2023 22:05:53 +0100 Subject: [PATCH 1154/2573] Address string related compiler compatibility issues. This commit restructures the string, string.h and cstring headers to match the expected headers and namespaces of C++ standard declarations. This addresses compatibility issues with real compilers because our test cases expected to access C string functionality through the "#include " header include, which is not the case in practice. This commit addresses compiler compatibility issues in the following rules: * A12-0-2 * A27-0-2 * M16-0-5 * M18-0-5 * DCL55-CPP * EXP62-CPP * OOP57-CPP * STR50-CPP --- cpp/autosar/test/rules/A12-0-2/test.cpp | 2 +- cpp/autosar/test/rules/M18-0-5/test.cpp | 2 +- cpp/cert/test/rules/EXP62-CPP/test.cpp | 2 +- cpp/cert/test/rules/OOP57-CPP/test.cpp | 2 +- .../test/includes/standard-library/cstring.h | 27 +- .../test/includes/standard-library/istream.h | 4 +- .../test/includes/standard-library/string | 251 ++++++++++++++++- .../test/includes/standard-library/string.h | 258 +----------------- .../test.cpp | 2 +- ...nformationLeakageAcrossBoundaries.expected | 6 +- .../interprocedural.cpp | 2 +- .../multilayer.cpp | 2 +- .../test.cpp | 4 +- .../memcmpusedtocomparepaddingdata/test.cpp | 2 +- .../test.cpp | 2 +- .../test.cpp | 2 +- 16 files changed, 295 insertions(+), 275 deletions(-) diff --git a/cpp/autosar/test/rules/A12-0-2/test.cpp b/cpp/autosar/test/rules/A12-0-2/test.cpp index 50dfe4a101..6e640e62d4 100644 --- a/cpp/autosar/test/rules/A12-0-2/test.cpp +++ b/cpp/autosar/test/rules/A12-0-2/test.cpp @@ -1,5 +1,5 @@ #include -#include +#include class A { public: diff --git a/cpp/autosar/test/rules/M18-0-5/test.cpp b/cpp/autosar/test/rules/M18-0-5/test.cpp index 521326bef7..37ea1f6415 100644 --- a/cpp/autosar/test/rules/M18-0-5/test.cpp +++ b/cpp/autosar/test/rules/M18-0-5/test.cpp @@ -1,4 +1,4 @@ -#include +#include void test_unbounded_str_funs() { char str1[] = "Sample string"; diff --git a/cpp/cert/test/rules/EXP62-CPP/test.cpp b/cpp/cert/test/rules/EXP62-CPP/test.cpp index 1f80dc04c2..ebda14e624 100644 --- a/cpp/cert/test/rules/EXP62-CPP/test.cpp +++ b/cpp/cert/test/rules/EXP62-CPP/test.cpp @@ -1,4 +1,4 @@ -#include +#include struct S1 { int i, j, k; diff --git a/cpp/cert/test/rules/OOP57-CPP/test.cpp b/cpp/cert/test/rules/OOP57-CPP/test.cpp index 02059f98cc..430c910985 100644 --- a/cpp/cert/test/rules/OOP57-CPP/test.cpp +++ b/cpp/cert/test/rules/OOP57-CPP/test.cpp @@ -1,4 +1,4 @@ -#include +#include class trivial {}; diff --git a/cpp/common/test/includes/standard-library/cstring.h b/cpp/common/test/includes/standard-library/cstring.h index 8c34428fa8..2f3ffd393e 100644 --- a/cpp/common/test/includes/standard-library/cstring.h +++ b/cpp/common/test/includes/standard-library/cstring.h @@ -1,8 +1,29 @@ #ifndef _GHLIBCPP_CSTRING #define _GHLIBCPP_CSTRING -typedef unsigned long size_t; + +#include + namespace std { -void *memcpy(void *, const void *, size_t); -size_t strlen(const char *); +using ::memcmp; +using ::memcpy; +using ::memmove; +using ::memset; +using ::size_t; +using ::strcat; +using ::strchr; +using ::strcmp; +using ::strcoll; +using ::strcpy; +using ::strcspn; +using ::strlen; +using ::strncat; +using ::strncmp; +using ::strncpy; +using ::strpbrk; +using ::strrchr; +using ::strspn; +using ::strstr; +using ::strtok; +using ::strxfrm; } // namespace std #endif // _GHLIBCPP_CSTRING diff --git a/cpp/common/test/includes/standard-library/istream.h b/cpp/common/test/includes/standard-library/istream.h index f1758e6930..f56e67b8c5 100644 --- a/cpp/common/test/includes/standard-library/istream.h +++ b/cpp/common/test/includes/standard-library/istream.h @@ -1,8 +1,8 @@ #ifndef _GHLIBCPP_ISTREAM #define _GHLIBCPP_ISTREAM -#include "ios.h" -#include "string.h" +#include +#include namespace std { template diff --git a/cpp/common/test/includes/standard-library/string b/cpp/common/test/includes/standard-library/string index de6c8e145a..8759804234 100644 --- a/cpp/common/test/includes/standard-library/string +++ b/cpp/common/test/includes/standard-library/string @@ -1 +1,250 @@ -#include \ No newline at end of file +#ifndef _GHLIBCPP_STRING +#define _GHLIBCPP_STRING +#include "initializer_list" +#include "iosfwd.h" +#include "iterator.h" +#include "stddef.h" + +namespace std { +template struct char_traits; + +template class allocator { +public: + allocator() throw(); + typedef size_t size_type; +}; + +template , + class Allocator = allocator> +class basic_string { +public: + using value_type = charT; + using reference = value_type &; + using const_reference = const value_type &; + typedef typename Allocator::size_type size_type; + static const size_type npos = -1; + + basic_string() : basic_string(Allocator()) {} + explicit basic_string(const Allocator &a); + basic_string(const basic_string &str); + basic_string(basic_string &&str) noexcept; + basic_string(const charT *s, size_type n, const Allocator &a = Allocator()); + basic_string(const charT *s, const Allocator &a = Allocator()); + basic_string(size_type n, charT c, const Allocator &a = Allocator()); + template + basic_string(InputIterator begin, InputIterator end, + const Allocator &a = Allocator()); + + ~basic_string(); + basic_string &operator=(const basic_string &str); + basic_string &operator=(basic_string &&str) noexcept; + basic_string &operator=(const charT *s); + basic_string &operator=(charT c); + basic_string &operator=(initializer_list); + + const charT *c_str() const; + charT *data() noexcept; + size_type size() const noexcept; + size_type length() const noexcept; + + typedef __iterator iterator; + typedef __iterator const_iterator; + + iterator begin(); + iterator end(); + const_iterator begin() const; + const_iterator end() const; + const_iterator cbegin() const; + const_iterator cend() const; + + const charT &front() const; + charT &front(); + const charT &back() const; + charT &back(); + + const_reference operator[](size_type pos) const; + reference operator[](size_type pos); + const_reference at(size_type n) const; + reference at(size_type n); + basic_string &operator+=(const basic_string &str); + basic_string &operator+=(const charT *s); + basic_string &operator+=(charT c); + basic_string &operator+=(initializer_list); + basic_string &append(const basic_string &str); + basic_string &append(const basic_string &str, size_type pos, + size_type n = npos); + basic_string &append(const charT *s, size_type n); + basic_string &append(const charT *s); + basic_string &append(size_type n, charT c); + template + basic_string &append(InputIterator first, InputIterator last); + basic_string &append(initializer_list); + void push_back(charT c); + basic_string &assign(const basic_string &str); + basic_string &assign(basic_string &&str) noexcept; + basic_string &assign(const basic_string &str, size_type pos, + size_type n = npos); + basic_string &assign(const charT *s, size_type n); + basic_string &assign(const charT *s); + basic_string &assign(size_type n, charT c); + template + basic_string &assign(InputIterator first, InputIterator last); + basic_string &assign(initializer_list); + basic_string &insert(size_type pos1, const basic_string &str); + basic_string &insert(size_type pos1, const basic_string &str, size_type pos2, + size_type n = npos); + basic_string &insert(size_type pos, const charT *s, size_type n); + basic_string &insert(size_type pos, const charT *s); + basic_string &insert(size_type pos, size_type n, charT c); + iterator insert(const_iterator p, charT c); + iterator insert(const_iterator p, size_type n, charT c); + template + iterator insert(const_iterator p, InputIterator first, InputIterator last); + iterator insert(const_iterator p, initializer_list); + basic_string &erase(size_type pos = 0, size_type n = npos); + iterator erase(const_iterator p); + iterator erase(const_iterator first, const_iterator last); + basic_string &replace(size_type pos1, size_type n1, const basic_string &str); + basic_string &replace(size_type pos1, size_type n1, const basic_string &str, + size_type pos2, size_type n2 = npos); + basic_string &replace(size_type pos, size_type n1, const charT *s, + size_type n2); + basic_string &replace(size_type pos, size_type n1, const charT *s); + basic_string &replace(size_type pos, size_type n1, size_type n2, charT c); + basic_string &replace(const_iterator i1, const_iterator i2, + const basic_string &str); + basic_string &replace(const_iterator i1, const_iterator i2, const charT *s, + size_type n); + basic_string &replace(const_iterator i1, const_iterator i2, const charT *s); + basic_string &replace(const_iterator i1, const_iterator i2, size_type n, + charT c); + template + basic_string &replace(const_iterator i1, const_iterator i2, InputIterator j1, + InputIterator j2); + basic_string &replace(const_iterator, const_iterator, + initializer_list); + + size_type copy(charT *s, size_type n, size_type pos = 0) const; + void clear() noexcept; + void swap(basic_string &s) noexcept; + + size_type find(const basic_string &str, size_type pos = 0) const noexcept; + size_type find(const charT *s, size_type pos, size_type n) const; + size_type find(const charT *s, size_type pos = 0) const; + size_type find(charT c, size_type pos = 0) const; + size_type rfind(const basic_string &str, size_type pos = npos) const noexcept; + size_type rfind(const charT *s, size_type pos, size_type n) const; + size_type rfind(const charT *s, size_type pos = npos) const; + size_type rfind(charT c, size_type pos = npos) const; + size_type find_first_of(const basic_string &str, + size_type pos = 0) const noexcept; + size_type find_first_of(const charT *s, size_type pos, size_type n) const; + size_type find_first_of(const charT *s, size_type pos = 0) const; + size_type find_first_of(charT c, size_type pos = 0) const; + size_type find_last_of(const basic_string &str, + size_type pos = npos) const noexcept; + size_type find_last_of(const charT *s, size_type pos, size_type n) const; + size_type find_last_of(const charT *s, size_type pos = npos) const; + size_type find_last_of(charT c, size_type pos = npos) const; + size_type find_first_not_of(const basic_string &str, + size_type pos = 0) const noexcept; + size_type find_first_not_of(const charT *s, size_type pos, size_type n) const; + size_type find_first_not_of(const charT *s, size_type pos = 0) const; + size_type find_first_not_of(charT c, size_type pos = 0) const; + size_type find_last_not_of(const basic_string &str, + + size_type pos = npos) const noexcept; + size_type find_last_not_of(const charT *s, size_type pos, size_type n) const; + size_type find_last_not_of(const charT *s, size_type pos = npos) const; + size_type find_last_not_of(charT c, size_type pos = npos) const; + basic_string substr(size_type pos = 0, size_type n = npos) const; + int compare(const basic_string &str) const noexcept; + int compare(size_type pos1, size_type n1, const basic_string &str) const; + int compare(size_type pos1, size_type n1, const basic_string &str, + size_type pos2, size_type n2 = npos) const; + int compare(const charT *s) const; + int compare(size_type pos1, size_type n1, const charT *s) const; + int compare(size_type pos1, size_type n1, const charT *s, size_type n2) const; +}; + +template +basic_string +operator+(const basic_string &lhs, + const basic_string &rhs); +template +basic_string +operator+(const basic_string &lhs, const charT *rhs); +template +basic_string +operator+(const charT *lhs, const basic_string &rhs); + +template +bool operator==(const basic_string &lhs, + const basic_string &rhs) noexcept; +template +bool operator==(const charT *lhs, + const basic_string &rhs); +template +bool operator==(const basic_string &lhs, + const charT *rhs); +template +bool operator!=(const basic_string &lhs, + const basic_string &rhs) noexcept; +template +bool operator!=(const charT *lhs, + const basic_string &rhs); +template +bool operator!=(const basic_string &lhs, + const charT *rhs); +template +bool operator<(const basic_string &lhs, + const basic_string &rhs) noexcept; +template +bool operator<(const basic_string &lhs, + const charT *rhs); +template +bool operator<(const charT *lhs, + const basic_string &rhs); +template +bool operator>(const basic_string &lhs, + const basic_string &rhs) noexcept; +template +bool operator>(const basic_string &lhs, + const charT *rhs); +template +bool operator>(const charT *lhs, + const basic_string &rhs); +template +bool operator<=(const basic_string &lhs, + const basic_string &rhs) noexcept; +template +bool operator<=(const basic_string &lhs, + const charT *rhs); +template +bool operator<=(const charT *lhs, + const basic_string &rhs); +template +bool operator>=(const basic_string &lhs, + const basic_string &rhs) noexcept; +template +bool operator>=(const basic_string &lhs, + const charT *rhs); +template +bool operator>=(const charT *lhs, + const basic_string &rhs); + +typedef basic_string string; + +int stoi(const string &str, size_t *idx = 0, int base = 10); +long stol(const string &str, size_t *idx = 0, int base = 10); +unsigned long stoul(const string &str, size_t *idx = 0, int base = 10); +long long stoll(const string &str, size_t *idx = 0, int base = 10); +unsigned long long stoull(const string &str, size_t *idx = 0, int base = 10); +float stof(const string &str, size_t *idx = 0); +double stod(const string &str, size_t *idx = 0); +long double stold(const string &str, size_t *idx = 0); + +std::string to_string(int value); +} // namespace std + +#endif // _GHLIBCPP_STRING \ No newline at end of file diff --git a/cpp/common/test/includes/standard-library/string.h b/cpp/common/test/includes/standard-library/string.h index f514394688..c4d06b6e7b 100644 --- a/cpp/common/test/includes/standard-library/string.h +++ b/cpp/common/test/includes/standard-library/string.h @@ -1,242 +1,10 @@ -#ifndef _GHLIBCPP_STRING -#define _GHLIBCPP_STRING -#include "errno.h" -#include "initializer_list" -#include "iosfwd.h" -#include "iterator.h" -#include "stddef.h" - -namespace std { -template struct char_traits; - -template class allocator { -public: - allocator() throw(); - typedef size_t size_type; -}; - -template , - class Allocator = allocator> -class basic_string { -public: - using value_type = charT; - using reference = value_type &; - using const_reference = const value_type &; - typedef typename Allocator::size_type size_type; - static const size_type npos = -1; - - basic_string() : basic_string(Allocator()) {} - explicit basic_string(const Allocator &a); - basic_string(const basic_string &str); - basic_string(basic_string &&str) noexcept; - basic_string(const charT *s, size_type n, const Allocator &a = Allocator()); - basic_string(const charT *s, const Allocator &a = Allocator()); - basic_string(size_type n, charT c, const Allocator &a = Allocator()); - template - basic_string(InputIterator begin, InputIterator end, - const Allocator &a = Allocator()); - - ~basic_string(); - basic_string &operator=(const basic_string &str); - basic_string &operator=(basic_string &&str) noexcept; - basic_string &operator=(const charT *s); - basic_string &operator=(charT c); - basic_string &operator=(initializer_list); - - const charT *c_str() const; - charT *data() noexcept; - size_type size() const noexcept; - size_type length() const noexcept; - - typedef __iterator iterator; - typedef __iterator const_iterator; - - iterator begin(); - iterator end(); - const_iterator begin() const; - const_iterator end() const; - const_iterator cbegin() const; - const_iterator cend() const; - - const charT &front() const; - charT &front(); - const charT &back() const; - charT &back(); - - const_reference operator[](size_type pos) const; - reference operator[](size_type pos); - const_reference at(size_type n) const; - reference at(size_type n); - basic_string &operator+=(const basic_string &str); - basic_string &operator+=(const charT *s); - basic_string &operator+=(charT c); - basic_string &operator+=(initializer_list); - basic_string &append(const basic_string &str); - basic_string &append(const basic_string &str, size_type pos, - size_type n = npos); - basic_string &append(const charT *s, size_type n); - basic_string &append(const charT *s); - basic_string &append(size_type n, charT c); - template - basic_string &append(InputIterator first, InputIterator last); - basic_string &append(initializer_list); - void push_back(charT c); - basic_string &assign(const basic_string &str); - basic_string &assign(basic_string &&str) noexcept; - basic_string &assign(const basic_string &str, size_type pos, - size_type n = npos); - basic_string &assign(const charT *s, size_type n); - basic_string &assign(const charT *s); - basic_string &assign(size_type n, charT c); - template - basic_string &assign(InputIterator first, InputIterator last); - basic_string &assign(initializer_list); - basic_string &insert(size_type pos1, const basic_string &str); - basic_string &insert(size_type pos1, const basic_string &str, size_type pos2, - size_type n = npos); - basic_string &insert(size_type pos, const charT *s, size_type n); - basic_string &insert(size_type pos, const charT *s); - basic_string &insert(size_type pos, size_type n, charT c); - iterator insert(const_iterator p, charT c); - iterator insert(const_iterator p, size_type n, charT c); - template - iterator insert(const_iterator p, InputIterator first, InputIterator last); - iterator insert(const_iterator p, initializer_list); - basic_string &erase(size_type pos = 0, size_type n = npos); - iterator erase(const_iterator p); - iterator erase(const_iterator first, const_iterator last); - basic_string &replace(size_type pos1, size_type n1, const basic_string &str); - basic_string &replace(size_type pos1, size_type n1, const basic_string &str, - size_type pos2, size_type n2 = npos); - basic_string &replace(size_type pos, size_type n1, const charT *s, - size_type n2); - basic_string &replace(size_type pos, size_type n1, const charT *s); - basic_string &replace(size_type pos, size_type n1, size_type n2, charT c); - basic_string &replace(const_iterator i1, const_iterator i2, - const basic_string &str); - basic_string &replace(const_iterator i1, const_iterator i2, const charT *s, - size_type n); - basic_string &replace(const_iterator i1, const_iterator i2, const charT *s); - basic_string &replace(const_iterator i1, const_iterator i2, size_type n, - charT c); - template - basic_string &replace(const_iterator i1, const_iterator i2, InputIterator j1, - InputIterator j2); - basic_string &replace(const_iterator, const_iterator, - initializer_list); +#ifndef _GHLIBCPP_STRINGH +#define _GHLIBCPP_STRINGH - size_type copy(charT *s, size_type n, size_type pos = 0) const; - void clear() noexcept; - void swap(basic_string &s) noexcept; - - size_type find(const basic_string &str, size_type pos = 0) const noexcept; - size_type find(const charT *s, size_type pos, size_type n) const; - size_type find(const charT *s, size_type pos = 0) const; - size_type find(charT c, size_type pos = 0) const; - size_type rfind(const basic_string &str, size_type pos = npos) const noexcept; - size_type rfind(const charT *s, size_type pos, size_type n) const; - size_type rfind(const charT *s, size_type pos = npos) const; - size_type rfind(charT c, size_type pos = npos) const; - size_type find_first_of(const basic_string &str, - size_type pos = 0) const noexcept; - size_type find_first_of(const charT *s, size_type pos, size_type n) const; - size_type find_first_of(const charT *s, size_type pos = 0) const; - size_type find_first_of(charT c, size_type pos = 0) const; - size_type find_last_of(const basic_string &str, - size_type pos = npos) const noexcept; - size_type find_last_of(const charT *s, size_type pos, size_type n) const; - size_type find_last_of(const charT *s, size_type pos = npos) const; - size_type find_last_of(charT c, size_type pos = npos) const; - size_type find_first_not_of(const basic_string &str, - size_type pos = 0) const noexcept; - size_type find_first_not_of(const charT *s, size_type pos, size_type n) const; - size_type find_first_not_of(const charT *s, size_type pos = 0) const; - size_type find_first_not_of(charT c, size_type pos = 0) const; - size_type find_last_not_of(const basic_string &str, - - size_type pos = npos) const noexcept; - size_type find_last_not_of(const charT *s, size_type pos, size_type n) const; - size_type find_last_not_of(const charT *s, size_type pos = npos) const; - size_type find_last_not_of(charT c, size_type pos = npos) const; - basic_string substr(size_type pos = 0, size_type n = npos) const; - int compare(const basic_string &str) const noexcept; - int compare(size_type pos1, size_type n1, const basic_string &str) const; - int compare(size_type pos1, size_type n1, const basic_string &str, - size_type pos2, size_type n2 = npos) const; - int compare(const charT *s) const; - int compare(size_type pos1, size_type n1, const charT *s) const; - int compare(size_type pos1, size_type n1, const charT *s, size_type n2) const; -}; - -template -basic_string -operator+(const basic_string &lhs, - const basic_string &rhs); -template -basic_string -operator+(const basic_string &lhs, const charT *rhs); -template -basic_string -operator+(const charT *lhs, const basic_string &rhs); - -template -bool operator==(const basic_string &lhs, - const basic_string &rhs) noexcept; -template -bool operator==(const charT *lhs, - const basic_string &rhs); -template -bool operator==(const basic_string &lhs, - const charT *rhs); -template -bool operator!=(const basic_string &lhs, - const basic_string &rhs) noexcept; -template -bool operator!=(const charT *lhs, - const basic_string &rhs); -template -bool operator!=(const basic_string &lhs, - const charT *rhs); -template -bool operator<(const basic_string &lhs, - const basic_string &rhs) noexcept; -template -bool operator<(const basic_string &lhs, - const charT *rhs); -template -bool operator<(const charT *lhs, - const basic_string &rhs); -template -bool operator>(const basic_string &lhs, - const basic_string &rhs) noexcept; -template -bool operator>(const basic_string &lhs, - const charT *rhs); -template -bool operator>(const charT *lhs, - const basic_string &rhs); -template -bool operator<=(const basic_string &lhs, - const basic_string &rhs) noexcept; -template -bool operator<=(const basic_string &lhs, - const charT *rhs); -template -bool operator<=(const charT *lhs, - const basic_string &rhs); -template -bool operator>=(const basic_string &lhs, - const basic_string &rhs) noexcept; -template -bool operator>=(const basic_string &lhs, - const charT *rhs); -template -bool operator>=(const charT *lhs, - const basic_string &rhs); - -typedef basic_string string; +#include "errno.h" typedef unsigned long size_t; + size_t strlen(const char *str); char *strcpy(char *destination, const char *source); char *strncpy(char *destination, const char *source, size_t num); @@ -273,22 +41,6 @@ void *memset(void *dest, int ch, size_t count); void *memmove(void *dest, const void *src, size_t count); int memcmp(const void *lhs, const void *rhs, size_t count); -errno_t memcpy_s(void *dest, rsize_t destsz, const void *src, rsize_t count); -errno_t memmove_s(void *dest, rsize_t destsz, const void *src, rsize_t count); - -int stoi(const string &str, size_t *idx = 0, int base = 10); -long stol(const string &str, size_t *idx = 0, int base = 10); -unsigned long stoul(const string &str, size_t *idx = 0, int base = 10); -long long stoll(const string &str, size_t *idx = 0, int base = 10); -unsigned long long stoull(const string &str, size_t *idx = 0, int base = 10); -float stof(const string &str, size_t *idx = 0); -double stod(const string &str, size_t *idx = 0); -long double stold(const string &str, size_t *idx = 0); - -std::string to_string(int value); -} // namespace std - -std::errno_t memset_s(void *dest, rsize_t destsz, int ch, rsize_t count); size_t strlen(const char *str); -#endif // _GHLIBCPP_STRING \ No newline at end of file +#endif // _GHLIBCPP_STRINGH \ No newline at end of file diff --git a/cpp/common/test/rules/basicstringmaynotbenullterminated/test.cpp b/cpp/common/test/rules/basicstringmaynotbenullterminated/test.cpp index e903a933af..973a7a4ad1 100644 --- a/cpp/common/test/rules/basicstringmaynotbenullterminated/test.cpp +++ b/cpp/common/test/rules/basicstringmaynotbenullterminated/test.cpp @@ -1,6 +1,6 @@ #include +#include #include -#include void f1() { char a1[7] = "CodeQL"; diff --git a/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.expected b/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.expected index 38fcaf61be..d7a7659f07 100644 --- a/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.expected +++ b/cpp/common/test/rules/informationleakageacrossboundaries/InformationLeakageAcrossBoundaries.expected @@ -15,6 +15,6 @@ | test.cpp:43:12:43:12 | s | 's' may leak information from {x (test.cpp:7)}. Path: s (test.cpp:43) --> & ... (test.cpp:47) | | test.cpp:58:12:58:12 | s | 's' may leak information from {x (test.cpp:7), y (test.cpp:8)}. Path: s (test.cpp:58) --> & ... (test.cpp:59) | | test.cpp:64:12:64:12 | s | 's' may leak information from {y (test.cpp:8)}. Path: s (test.cpp:64) --> & ... (test.cpp:66) | -| test.cpp:112:16:112:16 | s | 's' may leak information from {buf (test.cpp:92)}. Path: s (test.cpp:112) --> & ... (test.cpp:115) | -| test.cpp:128:12:128:12 | s | 's' may leak information from {x (test.cpp:7), y (test.cpp:8)}. Path: s (test.cpp:128) --> & ... (test.cpp:132) | -| test.cpp:157:22:157:22 | s | 's' may leak information from {2 to 2 bytes of padding in has_padding (test.cpp:151)}. Path: s (test.cpp:157) --> & ... (test.cpp:160) | +| test.cpp:110:16:110:16 | s | 's' may leak information from {buf (test.cpp:92)}. Path: s (test.cpp:110) --> & ... (test.cpp:113) | +| test.cpp:126:12:126:12 | s | 's' may leak information from {x (test.cpp:7), y (test.cpp:8)}. Path: s (test.cpp:126) --> & ... (test.cpp:130) | +| test.cpp:155:22:155:22 | s | 's' may leak information from {2 to 2 bytes of padding in has_padding (test.cpp:149)}. Path: s (test.cpp:155) --> & ... (test.cpp:158) | diff --git a/cpp/common/test/rules/informationleakageacrossboundaries/interprocedural.cpp b/cpp/common/test/rules/informationleakageacrossboundaries/interprocedural.cpp index 15e8b81682..016d40baeb 100644 --- a/cpp/common/test/rules/informationleakageacrossboundaries/interprocedural.cpp +++ b/cpp/common/test/rules/informationleakageacrossboundaries/interprocedural.cpp @@ -1,5 +1,5 @@ +#include #include -#include unsigned long copy_to_user(void *to, const void *from, unsigned long n); diff --git a/cpp/common/test/rules/informationleakageacrossboundaries/multilayer.cpp b/cpp/common/test/rules/informationleakageacrossboundaries/multilayer.cpp index 2298895de1..c5a9d29e0f 100644 --- a/cpp/common/test/rules/informationleakageacrossboundaries/multilayer.cpp +++ b/cpp/common/test/rules/informationleakageacrossboundaries/multilayer.cpp @@ -1,5 +1,5 @@ +#include #include -#include unsigned long copy_to_user(void *to, const void *from, unsigned long n); diff --git a/cpp/common/test/rules/informationleakageacrossboundaries/test.cpp b/cpp/common/test/rules/informationleakageacrossboundaries/test.cpp index 3b68ffbd86..9a5fe40ef8 100644 --- a/cpp/common/test/rules/informationleakageacrossboundaries/test.cpp +++ b/cpp/common/test/rules/informationleakageacrossboundaries/test.cpp @@ -1,5 +1,5 @@ +#include #include -#include unsigned long copy_to_user(void *to, const void *from, unsigned long n); @@ -106,8 +106,6 @@ void zero_array_by_ref() { copy_to_user(0, &s, sizeof s); // COMPLIANT } -char *strcpy(char *dst, const char *src); - void use_strcpy() { PascalString s; strcpy(s.buf, "Hello, World"); // does not zero rest of s.buf diff --git a/cpp/common/test/rules/memcmpusedtocomparepaddingdata/test.cpp b/cpp/common/test/rules/memcmpusedtocomparepaddingdata/test.cpp index 9f0ba8cab7..7d004a2a39 100644 --- a/cpp/common/test/rules/memcmpusedtocomparepaddingdata/test.cpp +++ b/cpp/common/test/rules/memcmpusedtocomparepaddingdata/test.cpp @@ -1,4 +1,4 @@ -#include +#include struct S1 { unsigned char buffType; diff --git a/cpp/common/test/rules/operationmaynotnullterminatecstylestring/test.cpp b/cpp/common/test/rules/operationmaynotnullterminatecstylestring/test.cpp index 1b35da9174..7e93427905 100644 --- a/cpp/common/test/rules/operationmaynotnullterminatecstylestring/test.cpp +++ b/cpp/common/test/rules/operationmaynotnullterminatecstylestring/test.cpp @@ -1,7 +1,7 @@ #pragma clang diagnostic ignored "-Wfortify-source" #include +#include #include -#include void f1() { char a1[7] = "CodeQL"; diff --git a/cpp/common/test/rules/preprocessingdirectivewithinmacroargument/test.cpp b/cpp/common/test/rules/preprocessingdirectivewithinmacroargument/test.cpp index a70d631041..f58cb4a442 100644 --- a/cpp/common/test/rules/preprocessingdirectivewithinmacroargument/test.cpp +++ b/cpp/common/test/rules/preprocessingdirectivewithinmacroargument/test.cpp @@ -1,4 +1,4 @@ -#include +#include #define MACROFUNCTION(X) std::strlen(X) void f() { From 769ece525fca9dc9f71d01353b46cc3ce090bd53 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Tue, 1 Aug 2023 22:25:43 +0100 Subject: [PATCH 1155/2573] A1-1-2: Add an options flag for clang clang also supports -w for disabling all options. clang/A1-1-2 was not on the list of open issues, but gcc/A1-1-2 was - I think this is an error in the matrix testing. --- cpp/autosar/test/rules/A1-1-2.3/options.clang | 1 + 1 file changed, 1 insertion(+) diff --git a/cpp/autosar/test/rules/A1-1-2.3/options.clang b/cpp/autosar/test/rules/A1-1-2.3/options.clang index e69de29bb2..b45da65784 100644 --- a/cpp/autosar/test/rules/A1-1-2.3/options.clang +++ b/cpp/autosar/test/rules/A1-1-2.3/options.clang @@ -0,0 +1 @@ +-w \ No newline at end of file From 446ebfe3f5aece744d3910c03ee0c96e5617bf75 Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Wed, 2 Aug 2023 01:04:49 +0100 Subject: [PATCH 1156/2573] A8-4-13: Fix compiler compatibility FPs Fix false positives identified by compiler compatibility testing on gcc/clang, which identified that shared_ptr used a hidden base class in real compilers causing our detection of modifying function calls to fail. This has been addressed, with a bonus modification to more accurately represent which pointer/reference types are captured. --- .../2023-08-02-a8-4-13-false-positives.md | 1 + ...trPassedToFunctionWithImproperSemantics.ql | 16 +++++++--- .../test/includes/standard-library/memory.h | 31 +++++++++++-------- 3 files changed, 30 insertions(+), 18 deletions(-) create mode 100644 change_notes/2023-08-02-a8-4-13-false-positives.md diff --git a/change_notes/2023-08-02-a8-4-13-false-positives.md b/change_notes/2023-08-02-a8-4-13-false-positives.md new file mode 100644 index 0000000000..669a10c9a0 --- /dev/null +++ b/change_notes/2023-08-02-a8-4-13-false-positives.md @@ -0,0 +1 @@ + - `A8-4-13` - reduce false positives when using gcc/clang where a modifying operation was used on a shared_ptr. \ No newline at end of file diff --git a/cpp/autosar/src/rules/A8-4-13/SharedPtrPassedToFunctionWithImproperSemantics.ql b/cpp/autosar/src/rules/A8-4-13/SharedPtrPassedToFunctionWithImproperSemantics.ql index df757685fb..5a8d06a6da 100644 --- a/cpp/autosar/src/rules/A8-4-13/SharedPtrPassedToFunctionWithImproperSemantics.ql +++ b/cpp/autosar/src/rules/A8-4-13/SharedPtrPassedToFunctionWithImproperSemantics.ql @@ -19,13 +19,19 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.SmartPointers +class AutosarSharedPointerOrDerived extends Type { + AutosarSharedPointerOrDerived() { + this.getUnspecifiedType() instanceof AutosarSharedPointer or + this.getUnspecifiedType().(DerivedType).getBaseType() instanceof AutosarSharedPointer + } +} + Expr underlyingObjectAffectingSharedPointerExpr(Function f) { result = any(VariableAccess va, FunctionCall fc | va.getEnclosingFunction() = f and - // strip the type so as to include reference parameter types - va.getType().stripType() instanceof AutosarSharedPointer and - fc.getTarget().getDeclaringType().stripType() instanceof AutosarSharedPointer and + // The type of the variable is either a shared_ptr, or a reference or pointer to a shared_ptr + va.getType() instanceof AutosarSharedPointerOrDerived and fc.getQualifier() = va and // include only calls to methods which modify the underlying object fc.getTarget().hasName(["operator=", "reset", "swap"]) @@ -36,7 +42,7 @@ Expr underlyingObjectAffectingSharedPointerExpr(Function f) { predicate flowsToUnderlyingObjectAffectingExpr(Parameter p) { // check if a parameter flows locally to an expression which affects smart pointer lifetime - p.getType().stripType() instanceof AutosarSharedPointer and + p.getType() instanceof AutosarSharedPointerOrDerived and localExprFlow(p.getAnAccess(), underlyingObjectAffectingSharedPointerExpr(p.getFunction())) or // else handle nested cases, such as passing smart pointers as reference arguments @@ -54,7 +60,7 @@ predicate flowsToUnderlyingObjectAffectingExpr(Parameter p) { from DefinedSmartPointerParameter p, string problem where not isExcluded(p, SmartPointers1Package::smartPointerAsParameterWithoutLifetimeSemanticsQuery()) and - p.getType().stripType() instanceof AutosarSharedPointer and + p.getType() instanceof AutosarSharedPointerOrDerived and ( // handle the parameter depending on its derived type p.getType() instanceof RValueReferenceType and diff --git a/cpp/common/test/includes/standard-library/memory.h b/cpp/common/test/includes/standard-library/memory.h index cf8be3fade..e88c40b965 100644 --- a/cpp/common/test/includes/standard-library/memory.h +++ b/cpp/common/test/includes/standard-library/memory.h @@ -1,7 +1,7 @@ #ifndef _GHLIBCPP_MEMORY #define _GHLIBCPP_MEMORY -#include "stddef.h" #include "exception.h" +#include "stddef.h" namespace std { @@ -18,6 +18,7 @@ template struct default_delete { template > class unique_ptr { public: + typedef T *pointer; unique_ptr() {} unique_ptr(T *ptr) {} unique_ptr(const unique_ptr &t) = delete; @@ -27,9 +28,7 @@ class unique_ptr { T *operator->() const noexcept { return ptr; } T *get() const noexcept { return ptr; } T *release() { return ptr; } - void reset() {} - void reset(T *ptr) {} - void reset(T ptr) {} + void reset(pointer __p = pointer()) {} T *get() { return ptr; } unique_ptr &operator=(const unique_ptr &) = delete; unique_ptr &operator=(unique_ptr &&) { return *this; } @@ -70,23 +69,29 @@ template class unique_ptr { template unique_ptr make_unique(Args &&...args); template unique_ptr make_unique(size_t n); -template class shared_ptr { +template class __shared_ptr { +public: + void reset() noexcept; + template void reset(Y *p); + template void reset(Y *p, D d); + template void reset(Y *p, D d, A a); +}; + +template class shared_ptr : public __shared_ptr { public: - shared_ptr() {} - shared_ptr(T *ptr) {} + shared_ptr(); + shared_ptr(T *ptr); shared_ptr(const shared_ptr &r) noexcept; template shared_ptr(const shared_ptr &r) noexcept; shared_ptr(shared_ptr &&r) noexcept; template shared_ptr(shared_ptr &&r) noexcept; shared_ptr(unique_ptr &&t) {} ~shared_ptr() {} - T &operator*() const { return *ptr; } - T *operator->() const noexcept { return ptr; } - void reset() {} - void reset(T *pt) {} - void reset(T pt) {} + T &operator*() const noexcept; + T *operator->() const noexcept; + long use_count() const noexcept { return 0; } - T *get() { return ptr; } + T *get() const noexcept { return ptr; } shared_ptr &operator=(const shared_ptr &) {} shared_ptr &operator=(shared_ptr &&) { return *this; } template shared_ptr &operator=(shared_ptr &&) { From 02c54d1beb1512fdf594799864655d021acd44bd Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Fri, 28 Jul 2023 17:21:41 -0700 Subject: [PATCH 1157/2573] Update to CodeQL CLI 2.11.6. --- supported_codeql_configs.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/supported_codeql_configs.json b/supported_codeql_configs.json index 0d03d67b22..9da6bbfda3 100644 --- a/supported_codeql_configs.json +++ b/supported_codeql_configs.json @@ -1,9 +1,9 @@ { "supported_environment": [ { - "codeql_cli": "2.11.0", - "codeql_standard_library": "codeql-cli/v2.11.0", - "codeql_cli_bundle": "codeql-bundle-20220923" + "codeql_cli": "2.11.6", + "codeql_standard_library": "codeql-cli/v2.11.6", + "codeql_cli_bundle": "codeql-bundle-20221211" } ], "supported_language" : [ From 40ab6979adcab5e5de3c59dd02c37324238a56df Mon Sep 17 00:00:00 2001 From: Luke Cartey Date: Sun, 30 Jul 2023 18:39:40 +0100 Subject: [PATCH 1158/2573] Update all codeql/cpp-all dependencies to 0.4.6 This matches the v2.11.6 CodeQL CLI bundle. --- c/cert/src/codeql-pack.lock.yml | 6 +++--- c/cert/src/qlpack.yml | 2 +- c/cert/test/codeql-pack.lock.yml | 6 +++--- c/common/src/codeql-pack.lock.yml | 6 +++--- c/common/src/qlpack.yml | 2 +- c/common/test/codeql-pack.lock.yml | 6 +++--- c/misra/src/codeql-pack.lock.yml | 6 +++--- c/misra/src/qlpack.yml | 2 +- c/misra/test/codeql-pack.lock.yml | 6 +++--- cpp/autosar/src/codeql-pack.lock.yml | 6 +++--- cpp/autosar/src/qlpack.yml | 2 +- cpp/autosar/test/codeql-pack.lock.yml | 6 +++--- cpp/cert/src/codeql-pack.lock.yml | 6 +++--- cpp/cert/src/qlpack.yml | 2 +- cpp/cert/test/codeql-pack.lock.yml | 6 +++--- cpp/common/src/codeql-pack.lock.yml | 6 +++--- cpp/common/src/qlpack.yml | 2 +- cpp/common/test/codeql-pack.lock.yml | 6 +++--- cpp/misra/src/codeql-pack.lock.yml | 6 +++--- cpp/misra/src/qlpack.yml | 2 +- cpp/misra/test/codeql-pack.lock.yml | 6 +++--- cpp/report/src/codeql-pack.lock.yml | 6 +++--- cpp/report/src/qlpack.yml | 2 +- scripts/generate_modules/queries/codeql-pack.lock.yml | 6 +++--- scripts/generate_modules/queries/qlpack.yml | 2 +- 25 files changed, 57 insertions(+), 57 deletions(-) diff --git a/c/cert/src/codeql-pack.lock.yml b/c/cert/src/codeql-pack.lock.yml index 95e394b2f4..a7035a9f24 100644 --- a/c/cert/src/codeql-pack.lock.yml +++ b/c/cert/src/codeql-pack.lock.yml @@ -1,8 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.0 + version: 0.4.6 codeql/ssa: - version: 0.0.1 + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index 6f2707660e..3428462642 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -5,4 +5,4 @@ suites: codeql-suites license: MIT dependencies: codeql/common-c-coding-standards: '*' - codeql/cpp-all: 0.4.0 + codeql/cpp-all: 0.4.6 diff --git a/c/cert/test/codeql-pack.lock.yml b/c/cert/test/codeql-pack.lock.yml index 95e394b2f4..a7035a9f24 100644 --- a/c/cert/test/codeql-pack.lock.yml +++ b/c/cert/test/codeql-pack.lock.yml @@ -1,8 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.0 + version: 0.4.6 codeql/ssa: - version: 0.0.1 + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/c/common/src/codeql-pack.lock.yml b/c/common/src/codeql-pack.lock.yml index 95e394b2f4..a7035a9f24 100644 --- a/c/common/src/codeql-pack.lock.yml +++ b/c/common/src/codeql-pack.lock.yml @@ -1,8 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.0 + version: 0.4.6 codeql/ssa: - version: 0.0.1 + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 62d72d88d1..b423bfa795 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -3,4 +3,4 @@ version: 2.19.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.4.0 + codeql/cpp-all: 0.4.6 diff --git a/c/common/test/codeql-pack.lock.yml b/c/common/test/codeql-pack.lock.yml index 95e394b2f4..a7035a9f24 100644 --- a/c/common/test/codeql-pack.lock.yml +++ b/c/common/test/codeql-pack.lock.yml @@ -1,8 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.0 + version: 0.4.6 codeql/ssa: - version: 0.0.1 + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/c/misra/src/codeql-pack.lock.yml b/c/misra/src/codeql-pack.lock.yml index 95e394b2f4..a7035a9f24 100644 --- a/c/misra/src/codeql-pack.lock.yml +++ b/c/misra/src/codeql-pack.lock.yml @@ -1,8 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.0 + version: 0.4.6 codeql/ssa: - version: 0.0.1 + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index a4e7e50d02..78913f0b57 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -5,4 +5,4 @@ suites: codeql-suites license: MIT dependencies: codeql/common-c-coding-standards: '*' - codeql/cpp-all: 0.4.0 + codeql/cpp-all: 0.4.6 diff --git a/c/misra/test/codeql-pack.lock.yml b/c/misra/test/codeql-pack.lock.yml index 95e394b2f4..a7035a9f24 100644 --- a/c/misra/test/codeql-pack.lock.yml +++ b/c/misra/test/codeql-pack.lock.yml @@ -1,8 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.0 + version: 0.4.6 codeql/ssa: - version: 0.0.1 + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/cpp/autosar/src/codeql-pack.lock.yml b/cpp/autosar/src/codeql-pack.lock.yml index 95e394b2f4..a7035a9f24 100644 --- a/cpp/autosar/src/codeql-pack.lock.yml +++ b/cpp/autosar/src/codeql-pack.lock.yml @@ -1,8 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.0 + version: 0.4.6 codeql/ssa: - version: 0.0.1 + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index ee2303ae2f..23cec947cc 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -5,4 +5,4 @@ suites: codeql-suites license: MIT dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.4.0 + codeql/cpp-all: 0.4.6 diff --git a/cpp/autosar/test/codeql-pack.lock.yml b/cpp/autosar/test/codeql-pack.lock.yml index 95e394b2f4..a7035a9f24 100644 --- a/cpp/autosar/test/codeql-pack.lock.yml +++ b/cpp/autosar/test/codeql-pack.lock.yml @@ -1,8 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.0 + version: 0.4.6 codeql/ssa: - version: 0.0.1 + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/cpp/cert/src/codeql-pack.lock.yml b/cpp/cert/src/codeql-pack.lock.yml index 95e394b2f4..a7035a9f24 100644 --- a/cpp/cert/src/codeql-pack.lock.yml +++ b/cpp/cert/src/codeql-pack.lock.yml @@ -1,8 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.0 + version: 0.4.6 codeql/ssa: - version: 0.0.1 + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index a873f7204a..8d92d36591 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -4,5 +4,5 @@ description: CERT C++ 2016 suites: codeql-suites license: MIT dependencies: - codeql/cpp-all: 0.4.0 + codeql/cpp-all: 0.4.6 codeql/common-cpp-coding-standards: '*' diff --git a/cpp/cert/test/codeql-pack.lock.yml b/cpp/cert/test/codeql-pack.lock.yml index 95e394b2f4..a7035a9f24 100644 --- a/cpp/cert/test/codeql-pack.lock.yml +++ b/cpp/cert/test/codeql-pack.lock.yml @@ -1,8 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.0 + version: 0.4.6 codeql/ssa: - version: 0.0.1 + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/cpp/common/src/codeql-pack.lock.yml b/cpp/common/src/codeql-pack.lock.yml index 95e394b2f4..a7035a9f24 100644 --- a/cpp/common/src/codeql-pack.lock.yml +++ b/cpp/common/src/codeql-pack.lock.yml @@ -1,8 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.0 + version: 0.4.6 codeql/ssa: - version: 0.0.1 + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index 8f77937554..1b0e4a1963 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/common-cpp-coding-standards version: 2.19.0-dev license: MIT dependencies: - codeql/cpp-all: 0.4.0 + codeql/cpp-all: 0.4.6 diff --git a/cpp/common/test/codeql-pack.lock.yml b/cpp/common/test/codeql-pack.lock.yml index 95e394b2f4..a7035a9f24 100644 --- a/cpp/common/test/codeql-pack.lock.yml +++ b/cpp/common/test/codeql-pack.lock.yml @@ -1,8 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.0 + version: 0.4.6 codeql/ssa: - version: 0.0.1 + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/cpp/misra/src/codeql-pack.lock.yml b/cpp/misra/src/codeql-pack.lock.yml index 95e394b2f4..a7035a9f24 100644 --- a/cpp/misra/src/codeql-pack.lock.yml +++ b/cpp/misra/src/codeql-pack.lock.yml @@ -1,8 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.0 + version: 0.4.6 codeql/ssa: - version: 0.0.1 + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index a1b0015fb7..8b8a78edb5 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -5,4 +5,4 @@ suites: codeql-suites license: MIT dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.4.0 + codeql/cpp-all: 0.4.6 diff --git a/cpp/misra/test/codeql-pack.lock.yml b/cpp/misra/test/codeql-pack.lock.yml index 95e394b2f4..a7035a9f24 100644 --- a/cpp/misra/test/codeql-pack.lock.yml +++ b/cpp/misra/test/codeql-pack.lock.yml @@ -1,8 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.0 + version: 0.4.6 codeql/ssa: - version: 0.0.1 + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/cpp/report/src/codeql-pack.lock.yml b/cpp/report/src/codeql-pack.lock.yml index 95e394b2f4..a7035a9f24 100644 --- a/cpp/report/src/codeql-pack.lock.yml +++ b/cpp/report/src/codeql-pack.lock.yml @@ -1,8 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.0 + version: 0.4.6 codeql/ssa: - version: 0.0.1 + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index ae3f87c1cf..878d34f50c 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/report-cpp-coding-standards version: 2.19.0-dev license: MIT dependencies: - codeql/cpp-all: 0.4.0 + codeql/cpp-all: 0.4.6 diff --git a/scripts/generate_modules/queries/codeql-pack.lock.yml b/scripts/generate_modules/queries/codeql-pack.lock.yml index 95e394b2f4..a7035a9f24 100644 --- a/scripts/generate_modules/queries/codeql-pack.lock.yml +++ b/scripts/generate_modules/queries/codeql-pack.lock.yml @@ -1,8 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.4.0 + version: 0.4.6 codeql/ssa: - version: 0.0.1 + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/scripts/generate_modules/queries/qlpack.yml b/scripts/generate_modules/queries/qlpack.yml index 8b43ca8bca..e3e1783997 100644 --- a/scripts/generate_modules/queries/qlpack.yml +++ b/scripts/generate_modules/queries/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/standard-library-extraction-cpp-coding-standards version: 0.0.0 license: MIT dependencies: - codeql/cpp-all: 0.4.0 + codeql/cpp-all: 0.4.6 From 10c0c3e83c74183da99a8992c05bef9e8579cc5f Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Wed, 2 Aug 2023 12:03:36 +0200 Subject: [PATCH 1159/2573] Sync places where `next` had unnecessarily diverged from `main` --- .codeqlmanifest.json | 2 +- c/cert/src/codeql-suites/cert-default.qls | 2 +- c/misra/src/codeql-suites/misra-default.qls | 2 +- .../src/codeql-suites/autosar-advisory.qls | 2 +- .../src/codeql-suites/autosar-audit.qls | 2 +- .../src/codeql-suites/autosar-default.qls | 2 +- .../src/codeql-suites/autosar-required.qls | 2 +- .../autosar-single-translation-unit.qls | 2 +- cpp/cert/src/codeql-suites/cert-default.qls | 2 +- .../cert-single-translation-unit.qls | 2 +- docs/development_handbook.md | 60 +++++++++---------- 11 files changed, 40 insertions(+), 40 deletions(-) diff --git a/.codeqlmanifest.json b/.codeqlmanifest.json index f7281c3152..b7d2d5604c 100644 --- a/.codeqlmanifest.json +++ b/.codeqlmanifest.json @@ -6,4 +6,4 @@ "c/*/test/qlpack.yml", "scripts/generate_modules/queries/qlpack.yml" ] -} +} \ No newline at end of file diff --git a/c/cert/src/codeql-suites/cert-default.qls b/c/cert/src/codeql-suites/cert-default.qls index 7ad2fc1a99..1e11a0afca 100644 --- a/c/cert/src/codeql-suites/cert-default.qls +++ b/c/cert/src/codeql-suites/cert-default.qls @@ -6,4 +6,4 @@ - path-problem - exclude: tags contain: - - external/cert/default-disabled \ No newline at end of file + - external/cert/default-disabled diff --git a/c/misra/src/codeql-suites/misra-default.qls b/c/misra/src/codeql-suites/misra-default.qls index 473232e741..343379a2b3 100644 --- a/c/misra/src/codeql-suites/misra-default.qls +++ b/c/misra/src/codeql-suites/misra-default.qls @@ -7,4 +7,4 @@ - exclude: tags contain: - external/misra/audit - - external/misra/default-disabled \ No newline at end of file + - external/misra/default-disabled diff --git a/cpp/autosar/src/codeql-suites/autosar-advisory.qls b/cpp/autosar/src/codeql-suites/autosar-advisory.qls index ff5a0e3358..0de273308e 100644 --- a/cpp/autosar/src/codeql-suites/autosar-advisory.qls +++ b/cpp/autosar/src/codeql-suites/autosar-advisory.qls @@ -8,4 +8,4 @@ - external/autosar/obligation/advisory - exclude: tags contain: - - external/autosar/audit \ No newline at end of file + - external/autosar/audit diff --git a/cpp/autosar/src/codeql-suites/autosar-audit.qls b/cpp/autosar/src/codeql-suites/autosar-audit.qls index dec5f4f160..7ee6d12207 100644 --- a/cpp/autosar/src/codeql-suites/autosar-audit.qls +++ b/cpp/autosar/src/codeql-suites/autosar-audit.qls @@ -5,4 +5,4 @@ - problem - path-problem tags contain: - - external/autosar/audit \ No newline at end of file + - external/autosar/audit diff --git a/cpp/autosar/src/codeql-suites/autosar-default.qls b/cpp/autosar/src/codeql-suites/autosar-default.qls index 5d45fa2774..7cd2054bbf 100644 --- a/cpp/autosar/src/codeql-suites/autosar-default.qls +++ b/cpp/autosar/src/codeql-suites/autosar-default.qls @@ -7,4 +7,4 @@ - exclude: tags contain: - external/autosar/audit - - external/autosar/default-disabled \ No newline at end of file + - external/autosar/default-disabled diff --git a/cpp/autosar/src/codeql-suites/autosar-required.qls b/cpp/autosar/src/codeql-suites/autosar-required.qls index 7c92e36dee..b7a6a8b872 100644 --- a/cpp/autosar/src/codeql-suites/autosar-required.qls +++ b/cpp/autosar/src/codeql-suites/autosar-required.qls @@ -8,4 +8,4 @@ - external/autosar/obligation/required - exclude: tags contain: - - external/autosar/audit \ No newline at end of file + - external/autosar/audit diff --git a/cpp/autosar/src/codeql-suites/autosar-single-translation-unit.qls b/cpp/autosar/src/codeql-suites/autosar-single-translation-unit.qls index cf5434c2d8..2ba8424b27 100644 --- a/cpp/autosar/src/codeql-suites/autosar-single-translation-unit.qls +++ b/cpp/autosar/src/codeql-suites/autosar-single-translation-unit.qls @@ -9,4 +9,4 @@ - exclude: tags contain: - external/autosar/audit - - external/autosar/default-disabled \ No newline at end of file + - external/autosar/default-disabled diff --git a/cpp/cert/src/codeql-suites/cert-default.qls b/cpp/cert/src/codeql-suites/cert-default.qls index a003e05ed2..e9211246b1 100644 --- a/cpp/cert/src/codeql-suites/cert-default.qls +++ b/cpp/cert/src/codeql-suites/cert-default.qls @@ -6,4 +6,4 @@ - path-problem - exclude: tags contain: - - external/cert/default-disabled \ No newline at end of file + - external/cert/default-disabled diff --git a/cpp/cert/src/codeql-suites/cert-single-translation-unit.qls b/cpp/cert/src/codeql-suites/cert-single-translation-unit.qls index 0d3f99cbf0..2f09815e0d 100644 --- a/cpp/cert/src/codeql-suites/cert-single-translation-unit.qls +++ b/cpp/cert/src/codeql-suites/cert-single-translation-unit.qls @@ -8,4 +8,4 @@ - scope/single-translation-unit - exclude: tags contain: - - external/cert/default-disabled \ No newline at end of file + - external/cert/default-disabled diff --git a/docs/development_handbook.md b/docs/development_handbook.md index b53719c493..897ab59d3b 100644 --- a/docs/development_handbook.md +++ b/docs/development_handbook.md @@ -4,36 +4,36 @@ **Document ID:** codeql-coding-standards/developer-handbook -| Version | Date | Author | Changes | -| ------- | ---------- | --------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| 0.1.0 | 2021-02-02 | Luke Cartey | Initial version. | -| 0.2.0 | 2021-02-19 | Luke Cartey | Add section on Python environment preparation. | -| 0.3.0 | 2021-04-13 | Michael Hohn | Add cookbook section documenting common procedures. | -| 0.4.0 | 2021-04-13 | Mario Campos | Add submodule out of date tip to the cookbook section. | -| 0.5.0 | 2021-04-30 | Luke Cartey | Add query style guide. | -| 0.6.0 | 2021-05-05 | John Singleton | Add task automation files. | -| 0.7.0 | 2021-05-10 | Luke Cartey | Explain non-constant alert messages. | -| 0.8.0 | 2021-05-27 | Luke Cartey | Clarify the `short_name` property. | -| 0.9.0 | 2021-09-06 | Luke Cartey |